From ea3a39819d827ce0f10d3e24e2ba92523420f250 Mon Sep 17 00:00:00 2001
From: Saurabh Ahuja <s101saurabh@gmail.com>
Date: Fri, 10 Oct 2025 13:26:46 +0530
Subject: [PATCH 1/2] GitHub main operator2.0 (#1)

Oracle Database Operator Release 2.0
---
 .gitignore                                    |     3 +-
 .gitlab-ci.yml                                |    38 +
 Dockerfile                                    |    37 +-
 Makefile                                      |    33 +-
 PROJECT                                       |    28 +-
 README.md                                     |   197 +-
 THIRD_PARTY_LICENSES.txt                      |    40 +-
 .../v1alpha1/adbfamily_common_spec.go         |     6 +-
 .../autonomouscontainerdatabase_webhook.go    |    34 +-
 .../v1alpha1/autonomousdatabase_conversion.go |     8 +-
 .../v1alpha1/autonomousdatabase_types.go      |     4 +-
 .../v1alpha1/autonomousdatabase_webhook.go    |    73 +-
 .../autonomousdatabasebackup_webhook.go       |    71 +-
 .../autonomousdatabasebackup_webhook_test.go  |    19 +-
 .../autonomousdatabaserestore_types.go        |     2 +-
 .../autonomousdatabaserestore_webhook.go      |    56 +-
 .../autonomousdatabaserestore_webhook_test.go |    10 +-
 apis/database/v1alpha1/cdb_types.go           |   190 -
 apis/database/v1alpha1/cdb_webhook.go         |   224 -
 .../v1alpha1/dataguardbroker_webhook.go       |    86 +-
 apis/database/v1alpha1/dbcssystem_webhook.go  |    17 +-
 .../v1alpha1/oraclerestdataservice_webhook.go |    87 +-
 apis/database/v1alpha1/pdb_types.go           |   236 -
 apis/database/v1alpha1/pdb_webhook.go         |   369 -
 .../v1alpha1/shardingdatabase_webhook.go      |   260 -
 .../singleinstancedatabase_webhook.go         |   346 +-
 .../v1alpha1/zz_generated.deepcopy.go         |   606 +-
 apis/database/v4/adbfamily_common_spec.go     |     6 +-
 .../v4/autonomouscontainerdatabase_webhook.go |    34 +-
 apis/database/v4/autonomousdatabase_types.go  |     4 +-
 .../database/v4/autonomousdatabase_webhook.go |    74 +-
 .../v4/autonomousdatabasebackup_types.go      |     6 +-
 .../v4/autonomousdatabasebackup_webhook.go    |    70 +-
 .../v4/autonomousdatabaserestore_types.go     |     4 +-
 .../v4/autonomousdatabaserestore_webhook.go   |    57 +-
 apis/database/v4/cdb_types.go                 |   191 -
 apis/database/v4/cdb_webhook.go               |   224 -
 apis/database/v4/dataguardbroker_types.go     |     1 +
 apis/database/v4/dbcssystem_types.go          |   162 +-
 apis/database/v4/dbcssystem_webhook.go        |   138 +-
 apis/database/v4/lrest_types.go               |    37 +-
 apis/database/v4/lrest_webhook.go             |    52 +-
 apis/database/v4/lrpdb_types.go               |    79 +-
 apis/database/v4/lrpdb_webhook.go             |   144 +-
 apis/database/v4/oraclerestart_types.go       |   381 +
 apis/database/v4/oraclerestart_webhook.go     |  1194 ++
 .../v4/oraclerestdataservice_types.go         |     1 +
 apis/database/v4/ordssrvs_types.go            |    66 +-
 apis/database/v4/pdb_types.go                 |   237 -
 apis/database/v4/pdb_webhook.go               |   369 -
 apis/database/v4/shardingdatabase_types.go    |    70 +-
 apis/database/v4/shardingdatabase_webhook.go  |   198 +-
 .../v4/singleinstancedatabase_types.go        |     5 +-
 apis/database/v4/zz_generated.deepcopy.go     |  1599 +-
 .../v1/databaseobserver_types.go              |   178 +-
 .../v1/databaseobserver_webhook.go            |   112 +-
 .../observability/v1/zz_generated.deepcopy.go |   422 +-
 .../v1alpha1/databaseobserver_types.go        |   178 +-
 .../v1alpha1/databaseobserver_webhook.go      |   111 +-
 .../v1alpha1/zz_generated.deepcopy.go         |   422 +-
 .../v4/databaseobserver_types.go              |   178 +-
 .../v4/databaseobserver_webhook.go            |   112 +-
 .../observability/v4/zz_generated.deepcopy.go |   422 +-
 bundle.Dockerfile                             |    14 +-
 ...acle.com_autonomouscontainerdatabases.yaml |   111 +-
 ....oracle.com_autonomousdatabasebackups.yaml |   132 +-
 ...oracle.com_autonomousdatabaserestores.yaml |   132 +-
 ...tabase.oracle.com_autonomousdatabases.yaml |   704 +
 .../manifests}/database.oracle.com_cdbs.yaml  |     9 +-
 .../database.oracle.com_dataguardbrokers.yaml |   217 +
 .../database.oracle.com_dbcssystems.yaml      |   418 +-
 .../manifests/database.oracle.com_lrests.yaml |   127 +-
 .../manifests/database.oracle.com_lrpdbs.yaml |   223 +-
 ...ase.oracle.com_oraclerestdataservices.yaml |   213 +-
 .../database.oracle.com_ordssrvs.yaml         |   495 +
 .../manifests}/database.oracle.com_pdbs.yaml  |     9 +-
 ...database.oracle.com_shardingdatabases.yaml |  1115 ++
 ...se.oracle.com_singleinstancedatabases.yaml |   717 +
 ...vability.oracle.com_databaseobservers.yaml |  6995 +++++++
 ...er-manager-metrics-service_v1_service.yaml |    16 +
 ...c.authorization.k8s.io_v1_clusterrole.yaml |    10 +
 ...e-operator-webhook-service_v1_service.yaml |    14 +
 ...tabase-operator.clusterserviceversion.yaml |  1442 ++
 bundle/metadata/annotations.yaml              |    10 +
 commons/adb_family/utils.go                   |     2 +-
 commons/dbcssystem/dbcs_reconciler.go         |  1222 +-
 commons/dbcssystem/dcommon.go                 |    34 +-
 commons/k8s/create.go                         |     3 +
 commons/k8s/utils.go                          |     8 +
 commons/multitenant/lrest/common.go           |   176 +-
 commons/observability/constants.go            |    90 +-
 commons/observability/utils.go                |   540 +-
 commons/oci/containerdatabase.go              |     2 +-
 commons/oci/database.go                       |    24 +
 commons/oci/wallet.go                         |     6 +-
 commons/oraclerestart/exec.go                 |   112 +
 commons/oraclerestart/oraclerestartcommon.go  |  1397 ++
 .../oraclerestart/oraclerestartconstants.go   |   159 +
 commons/oraclerestart/oraclerestartprov.go    |  1154 ++
 commons/oraclerestart/oraclerestartstatus.go  |   340 +
 commons/oraclerestart/utils/utils.go          |   189 +
 commons/sharding/catalog.go                   |    38 +
 commons/sharding/gsm.go                       |    23 +
 commons/sharding/scommon.go                   |    54 +-
 commons/sharding/shard.go                     |    44 +
 config/certmanager/certificate-metrics.yaml   |    20 +
 config/certmanager/certificate-webhook.yaml   |    20 +
 config/certmanager/certificate.yaml           |     6 +-
 config/certmanager/issuer.yaml                |    13 +
 ...acle.com_autonomouscontainerdatabases.yaml |     2 +-
 ....oracle.com_autonomousdatabasebackups.yaml |    14 +-
 ...oracle.com_autonomousdatabaserestores.yaml |    18 +-
 ...tabase.oracle.com_autonomousdatabases.yaml |    18 +-
 .../database.oracle.com_dataguardbrokers.yaml |     5 +-
 .../database.oracle.com_dbcssystems.yaml      |   167 +-
 .../crd/bases/database.oracle.com_lrests.yaml |    33 +-
 .../crd/bases/database.oracle.com_lrpdbs.yaml |    66 +-
 ...database.oracle.com_oraclerestartnews.yaml |  1468 ++
 .../database.oracle.com_oraclerestarts.yaml   |  1431 ++
 ...base.oracle.com_oraclerestartservices.yaml |  1468 ++
 ...ase.oracle.com_oraclerestdataservices.yaml |     4 +-
 .../bases/database.oracle.com_ordssrvs.yaml   |    77 +-
 ...database.oracle.com_shardingdatabases.yaml |    74 +-
 ...se.oracle.com_singleinstancedatabases.yaml |     5 +-
 ...vability.oracle.com_databaseobservers.yaml | 11030 +++++-----
 config/crd/kustomization.yaml                 |    51 +-
 ...ction_in_autonomouscontainerdatabases.yaml |     2 +-
 ...njection_in_autonomousdatabasebackups.yaml |     2 +-
 ...jection_in_autonomousdatabaserestores.yaml |     2 +-
 .../cainjection_in_autonomousdatabases.yaml   |     2 +-
 config/crd/patches/cainjection_in_cdbs.yaml   |     2 +-
 .../patches/cainjection_in_dbcssystems.yaml   |     2 +-
 config/crd/patches/cainjection_in_pdbs.yaml   |     2 +-
 .../cainjection_in_shardingdatabases.yaml     |     2 +-
 ...ainjection_in_singleinstancedatabases.yaml |     2 +-
 ...tabase.oracle.com_autonomousdatabases.yaml |   324 -
 .../database.oracle.com_dataguardbrokers.yaml |   134 -
 ...database.oracle.com_shardingdatabases.yaml |   688 -
 ...se.oracle.com_singleinstancedatabases.yaml |   421 -
 config/default/kustomization.yaml             |   138 +-
 config/default/webhookcainjection_patch.yaml  |     6 +-
 config/manager/kustomization.yaml             |     4 +-
 ...tabase-operator.clusterserviceversion.yaml |   147 +-
 .../network-policy/allow-webhook-traffic.yaml |    27 +
 config/rbac/cdb_editor_role.yaml              |    24 -
 config/rbac/cdb_viewer_role.yaml              |    20 -
 .../database_oraclerestart_admin_role.yaml    |    27 +
 .../database_oraclerestart_editor_role.yaml   |    33 +
 .../database_oraclerestart_viewer_role.yaml   |    29 +
 config/rbac/kustomization.yaml                |     6 +
 config/rbac/pdb_editor_role.yaml              |    24 -
 config/rbac/pdb_viewer_role.yaml              |    20 -
 config/rbac/role.yaml                         |    22 +-
 .../acd/autonomouscontainerdatabase_bind.yaml |     2 +-
 ...scontainerdatabase_change_displayname.yaml |     2 +-
 .../autonomouscontainerdatabase_create.yaml   |     2 +-
 ...mouscontainerdatabase_delete_resource.yaml |     2 +-
 ...uscontainerdatabase_restart_terminate.yaml |     2 +-
 .../adb/autonomousdatabase_backup.yaml        |     8 +-
 .../samples/adb/autonomousdatabase_bind.yaml  |     2 +-
 .../samples/adb/autonomousdatabase_clone.yaml |     5 +-
 .../adb/autonomousdatabase_create.yaml        |    58 +-
 .../autonomousdatabase_delete_resource.yaml   |     2 +-
 ...> autonomousdatabase_download_wallet.yaml} |     2 +-
 .../autonomousdatabase_manual_failover.yaml   |    17 +
 .../adb/autonomousdatabase_rename.yaml        |     2 +-
 .../adb/autonomousdatabase_restore.yaml       |    10 +-
 .../samples/adb/autonomousdatabase_scale.yaml |     6 +-
 ...tonomousdatabase_stop_start_terminate.yaml |     4 +-
 .../adb/autonomousdatabase_switchover.yaml    |    17 +
 ...onomousdatabase_update_admin_password.yaml |     2 +-
 .../adb/autonomousdatabase_update_mtls.yaml   |     4 +-
 ...onomousdatabase_update_network_access.yaml |    22 +-
 config/samples/database_v4_oraclerestart.yaml |     9 +
 config/samples/kustomization.yaml             |    56 +-
 config/samples/multitenant/cdb.yaml           |    43 -
 config/samples/multitenant/cdb_secret.yaml    |    17 -
 config/samples/multitenant/pdb_clone.yaml     |    27 -
 config/samples/multitenant/pdb_create.yaml    |    27 -
 config/samples/multitenant/pdb_delete.yaml    |    16 -
 config/samples/multitenant/pdb_modify.yaml    |    22 -
 config/samples/multitenant/pdb_plug.yaml      |    19 -
 config/samples/multitenant/pdb_secret.yaml    |    13 -
 config/samples/multitenant/pdb_unplug.yaml    |    27 -
 .../observability/databaseobserver.yaml       |    31 +-
 .../databaseobserver_custom_config.yaml       |    28 -
 .../databaseobserver_minimal.yaml             |    22 -
 .../observability/databaseobserver_vault.yaml |    25 -
 .../observability/v1/databaseobserver.yaml    |    75 +-
 ...databaseobserver_customization_fields.yaml |    58 +-
 .../v1/databaseobserver_logs_promtail.yaml    |    68 +-
 .../v1alpha1/databaseobserver.yaml            |    71 +-
 .../databaseobserver_custom_config.yaml       |    35 +-
 .../databaseobserver_logs_promtail.yaml       |    79 +-
 .../v1alpha1/databaseobserver_minimal.yaml    |    15 +-
 .../v1alpha1/databaseobserver_vault.yaml      |    30 -
 .../v1alpha1/databaseobserver_vault_oci.yaml  |    29 +
 .../observability/v4/databaseobserver.yaml    |    69 +-
 .../v4/databaseobserver_custom_config.yaml    |    30 +-
 ...databaseobserver_exporter_config_file.yaml |    42 +
 .../v4/databaseobserver_logs_promtail.yaml    |    70 +-
 .../v4/databaseobserver_minimal.yaml          |    15 +-
 .../v4/databaseobserver_vault.yaml            |    39 -
 .../v4/databaseobserver_vault_azure.yaml      |    24 +
 .../v4/databaseobserver_vault_oci.yaml        |    29 +
 .../samples/sidb/singleinstancedatabase.yaml  |     3 +
 config/scorecard/kustomization.yaml           |     9 +-
 config/webhook/manifests.yaml                 |   229 +-
 .../database/autonomousdatabase_controller.go |    38 +-
 .../autonomousdatabasebackup_controller.go    |     4 +-
 .../autonomousdatabaserestore_controller.go   |     4 +-
 controllers/database/cdb_controller.go        |  1093 -
 controllers/database/dbcssystem_controller.go |  1251 +-
 controllers/database/lrest_controller.go      |  1020 +-
 controllers/database/lrpdb_controller.go      |  3843 ++--
 .../database/oraclerestart_controller.go      |  3529 ++++
 controllers/database/ordssrvs_controller.go   |   458 +-
 controllers/database/ordssrvs_ordsconfig.go   |    30 +-
 controllers/database/pdb_controller.go        |  1631 --
 .../database/shardingdatabase_controller.go   |   224 +-
 .../singleinstancedatabase_controller.go      |    18 +-
 controllers/dataguard/dataguard_utils.go      |     2 +
 .../dataguard/dataguardbroker_controller.go   |     2 +-
 .../databaseobserver_controller.go            |    79 +-
 .../databaseobserver_resource.go              |     8 +-
 docs/adb/ACD.md                               |     6 +-
 docs/adb/ADB_LONG_TERM_BACKUP.md              |    10 +-
 docs/adb/ADB_RESTORE.md                       |    16 +-
 docs/adb/NETWORK_ACCESS_OPTIONS.md            |    19 +-
 docs/adb/README.md                            |   126 +-
 .../orestart/custom-kubeletconfig.yaml        |    13 +
 docs/config/samples/orestart/custom-scc.yaml  |    50 +
 docs/dbcs/README.md                           |    31 +-
 .../backup_database_sample_output.log         |   100 +
 docs/dbcs/provisioning/backup_of_database.md  |    35 +
 .../dbcs/provisioning/backup_of_database.yaml |    11 +
 .../bind_to_existing_dbcs_system.md           |    12 +-
 .../bind_to_existing_dbcs_system.yaml         |    19 +-
 ..._dbcs_system_from_backup_sample_output.log |    66 +-
 ...bcs_system_from_database_sample_output.log |    66 +-
 .../clone_dbcs_system_sample_output.log       |    63 +
 .../provisioning/clone_from_backup_dbcs.md    |    12 +-
 docs/dbcs/provisioning/clone_from_database.md |    12 +-
 .../provisioning/clone_from_existing_dbcs.md  |    16 +-
 .../dbcs/provisioning/create_dbcs_with_kms.md |    25 +-
 .../provisioning/dataguard_in_database.yaml   |    20 +
 .../dataguard_in_database_sample_output.log   |   226 +
 .../provisioning/dataguard_to_database.md     |    33 +
 docs/dbcs/provisioning/delete_pdb.md          |    20 +-
 .../disable_dataguard_in_database.yaml        |    12 +
 ...le_dataguard_in_database_sample_output.log |   141 +
 .../disable_dataguard_to_database.md          |    40 +
 .../disabled_dataguard_to_database.md         |     0
 docs/dbcs/provisioning/patch_dbcs_system.yaml |    29 +
 .../patch_dbcs_system_sample_output.log       |     0
 docs/dbcs/provisioning/patching_database.md   |    45 +
 .../restore_database_sample_output.log        |    22 +
 docs/dbcs/provisioning/restore_of_database.md |    34 +
 .../provisioning/restore_of_database.yaml     |    11 +
 .../scale_down_dbcs_system_shape.md           |    14 +-
 .../scale_up_dbcs_system_shape.md             |    14 +-
 .../scale_up_dbcs_system_shape.yaml           |    12 +-
 docs/dbcs/provisioning/scale_up_storage.md    |    14 +-
 .../provisioning/terminate_dbcs_system.md     |    20 +-
 docs/dbcs/provisioning/update_license.md      |    18 +-
 .../provisioning/upgrade_dbcs_system.yaml     |    32 +
 .../upgrade_dbcs_system_sample_output.log     |     2 +
 docs/dbcs/provisioning/upgrading_database.md  |    45 +
 docs/multitenant/NamespaceSeg.md              |    14 -
 docs/multitenant/README.md                    |   803 +-
 .../images/Generalschema2.jpg                 |   Bin
 docs/multitenant/images/KubectlGetSchema.jpg  |   Bin 0 -> 206768 bytes
 docs/multitenant/images/KubectlGetSchema2.jpg |   Bin 0 -> 187365 bytes
 .../old_testcase_wf.jpg}                      |   Bin
 docs/multitenant/images/plsqlmap.jpg          |   Bin 0 -> 94000 bytes
 docs/multitenant/images/usecaseschema.jpg     |   Bin 0 -> 124714 bytes
 docs/multitenant/lrest-based/README.md        |   501 -
 .../multitenant/lrest-based/usecase/README.md |   139 -
 .../lrest-based/usecase/config-map-pdb.yaml   |    11 -
 docs/multitenant/lrest-based/usecase/makefile |   911 -
 docs/multitenant/ords-based/NamespaceSeg.md   |    14 -
 docs/multitenant/ords-based/README.md         |   411 -
 .../ords-based/images/K8S_NAMESPACE_SEG.png   |   Bin 269014 -> 0 bytes
 .../ords-based/images/K8S_SECURE1.png         |   Bin 129940 -> 0 bytes
 .../ords-based/images/K8S_SECURE2.png         |   Bin 130742 -> 0 bytes
 .../ords-based/images/K8S_SECURE3.png         |   Bin 130498 -> 0 bytes
 .../ords-based/images/K8S_SECURE4.png         |   Bin 132342 -> 0 bytes
 .../ords-based/images/makerunall.png          |   Bin 211874 -> 0 bytes
 .../ords-based/images/makesecrets_1_1.png     |   Bin 117953 -> 0 bytes
 .../multitenant/ords-based/openssl_schema.jpg |   Bin 54221 -> 0 bytes
 .../example_setup_using_oci_oke_cluster.md    |    38 -
 .../multinamespace/cdb_create.yaml            |    48 -
 .../multinamespace/pdb_clone.yaml             |    54 -
 .../multinamespace/pdb_close.yaml             |    48 -
 .../multinamespace/pdb_create.yaml            |    50 -
 .../multinamespace/pdb_delete.yaml            |    39 -
 .../provisioning/multinamespace/pdb_open.yaml |    47 -
 .../provisioning/multinamespace/pdb_plug.yaml |    51 -
 .../multinamespace/pdb_unplug.yaml            |    43 -
 .../ords-based/provisioning/ords_image.md     |    81 -
 .../provisioning/quickOKEcreation.md          |   136 -
 .../singlenamespace/cdb_create.yaml           |    49 -
 .../singlenamespace/cdb_secret.yaml           |    17 -
 .../singlenamespace/pdb_clone.yaml            |    60 -
 .../singlenamespace/pdb_close.yaml            |    48 -
 .../singlenamespace/pdb_create.yaml           |    51 -
 .../singlenamespace/pdb_delete.yaml           |    39 -
 .../singlenamespace/pdb_open.yaml             |    47 -
 .../singlenamespace/pdb_plug.yaml             |    55 -
 .../singlenamespace/pdb_secret.yaml           |    16 -
 .../singlenamespace/pdb_unplug.yaml           |    49 -
 docs/multitenant/ords-based/usecase/README.md |   112 -
 .../usecase/cdbnamespace_binding.yaml         |    13 -
 .../usecase/clone_pdb1_resource.yaml          |    50 -
 .../usecase/clone_pdb2_resource.yaml          |    50 -
 .../usecase/close_pdb1_resource.yaml          |    47 -
 .../usecase/close_pdb2_resource.yaml          |    47 -
 .../usecase/close_pdb3_resource.yaml          |    47 -
 .../ords-based/usecase/create_ords_pod.yaml   |    48 -
 .../usecase/create_pdb1_resource.yaml         |    51 -
 .../usecase/create_pdb2_resource.yaml         |    51 -
 .../usecase/delete_pdb1_resource.yaml         |    45 -
 .../usecase/delete_pdb2_resource.yaml         |    45 -
 docs/multitenant/ords-based/usecase/makefile  |   915 -
 .../ords-based/usecase/map_pdb1_resource.yaml |    49 -
 .../ords-based/usecase/map_pdb2_resource.yaml |    49 -
 .../ords-based/usecase/map_pdb3_resource.yaml |    49 -
 .../usecase/open_pdb1_resource.yaml           |    47 -
 .../usecase/open_pdb2_resource.yaml           |    47 -
 .../usecase/open_pdb3_resource.yaml           |    47 -
 .../ords-based/usecase/parameters.txt         |    61 -
 .../usecase/pdbnamespace_binding.yaml         |    13 -
 .../usecase/plug_pdb1_resource.yaml           |    53 -
 .../usecase/unplug_pdb1_resource.yaml         |    46 -
 .../ords-based/usecase01/README.md            |   516 -
 docs/multitenant/ords-based/usecase01/ca.crt  |    25 -
 docs/multitenant/ords-based/usecase01/ca.key  |    27 -
 docs/multitenant/ords-based/usecase01/ca.srl  |     1 -
 .../ords-based/usecase01/cdb_create.yaml      |    44 -
 .../ords-based/usecase01/cdb_secret.yaml      |    17 -
 .../usecase01/clone_pdb1_resource.yaml        |    50 -
 .../usecase01/clone_pdb2_resource.yaml        |    50 -
 .../usecase01/close_pdb1_resource.yaml        |    47 -
 .../usecase01/close_pdb2_resource.yaml        |    47 -
 .../usecase01/close_pdb3_resource.yaml        |    47 -
 .../ords-based/usecase01/create_ords_pod.yaml |    48 -
 .../usecase01/create_pdb1_resource.yaml       |    51 -
 .../usecase01/create_pdb2_resource.yaml       |    51 -
 .../usecase01/delete_pdb1_resource.yaml       |    45 -
 .../usecase01/delete_pdb2_resource.yaml       |    45 -
 .../ords-based/usecase01/extfile.txt          |     1 -
 .../usecase01/logfiles/BuildImage.log         |   896 -
 .../usecase01/logfiles/ImagePush.log          |    11 -
 .../ords-based/usecase01/logfiles/cdb.log     |   372 -
 .../usecase01/logfiles/cdb_creation.log       |   357 -
 .../usecase01/logfiles/openssl_execution.log  |    19 -
 .../usecase01/logfiles/ordsconfig.log         |    39 -
 .../usecase01/logfiles/tagandpush.log         |    14 -
 .../ords-based/usecase01/logfiles/testapi.log |    62 -
 .../multitenant/ords-based/usecase01/makefile |   906 -
 .../usecase01/map_pdb1_resource.yaml          |    49 -
 .../usecase01/map_pdb2_resource.yaml          |    49 -
 .../usecase01/map_pdb3_resource.yaml          |    49 -
 .../usecase01/open_pdb1_resource.yaml         |    47 -
 .../usecase01/open_pdb2_resource.yaml         |    47 -
 .../usecase01/open_pdb3_resource.yaml         |    47 -
 ...acle-database-operator-system_binding.yaml |    13 -
 .../usecase01/oracle-database-operator.yaml   |     1 -
 .../ords-based/usecase01/parameters.txt       |    61 -
 .../ords-based/usecase01/pdb_close.yaml       |    44 -
 .../ords-based/usecase01/pdb_create.yaml      |    47 -
 .../ords-based/usecase01/pdb_delete.yaml      |    34 -
 .../ords-based/usecase01/pdb_map.yaml         |    45 -
 .../ords-based/usecase01/pdb_open.yaml        |    43 -
 .../ords-based/usecase01/pdb_secret.yaml      |    16 -
 .../usecase01/plug_pdb1_resource.yaml         |    53 -
 .../ords-based/usecase01/server.csr           |    18 -
 .../ords-based/usecase01/tde_secret.yaml      |    17 -
 docs/multitenant/ords-based/usecase01/tls.crt |    24 -
 docs/multitenant/ords-based/usecase01/tls.key |    28 -
 .../usecase01/unplug_pdb1_resource.yaml       |    46 -
 .../ords-based/usecase02/README.md            |   523 -
 .../ords-based/usecase02/pdb_clone.yaml       |    50 -
 .../ords-based/usecase02/pdb_plug.yaml        |    53 -
 .../ords-based/usecase02/pdb_plugtde.yaml     |    56 -
 .../ords-based/usecase02/pdb_unplug.yaml      |    46 -
 .../ords-based/usecase02/pdb_unplugtde.yaml   |    54 -
 docs/multitenant/provisioning/ords_image.md   |    81 -
 docs/multitenant/usecase/README.md            |   248 +
 .../usecase/altersystem_pdb1_resource.yaml    |     3 -
 .../usecase/cdbnamespace_binding.yaml         |     0
 .../usecase/clone_pdb1_resource.yaml          |     3 +-
 .../usecase/clone_pdb2_resource.yaml          |     3 +-
 .../usecase/close_pdb1_resource.yaml          |     1 -
 .../usecase/close_pdb2_resource.yaml          |     1 -
 .../usecase/close_pdb3_resource.yaml          |     3 +-
 .../usecase/config_map_pdb.yaml               |     0
 .../multitenant/usecase/config_map_plsql.yaml |    29 +
 .../usecase/create_lrest_pod.yaml             |     9 +
 .../usecase/create_pdb1_resource.yaml         |     3 +-
 .../usecase/create_pdb2_resource.yaml         |     3 +-
 .../usecase/delete_pdb1_resource.yaml         |     3 +-
 .../usecase/delete_pdb2_resource.yaml         |     3 +-
 .../usecase/delete_pdb3_resource.yaml         |    46 +
 docs/multitenant/usecase/makefile             |  1545 ++
 .../usecase/map_pdb1_resource.yaml            |     3 +-
 .../usecase/map_pdb2_resource.yaml            |     3 +-
 .../usecase/map_pdb3_resource.yaml            |     3 +-
 docs/multitenant/usecase/node_rbac.yaml       |    27 +
 .../usecase/open_pdb1_resource.yaml           |     1 -
 .../usecase/open_pdb2_resource.yaml           |     1 -
 .../usecase/open_pdb3_resource.yaml           |     1 -
 .../{lrest-based => }/usecase/parameters.txt  |    57 +-
 .../usecase/pdbnamespace_binding.yaml         |     0
 .../usecase/plug_pdb1_resource.yaml           |     7 +-
 .../multitenant/usecase/security_context.yaml |    93 +
 .../usecase/unplug_pdb1_resource.yaml         |     4 +-
 .../usecase01/logfiles/BuildImage.log         |   896 -
 .../usecase01/logfiles/openssl_execution.log  |    19 -
 .../usecase01/logfiles/ordsconfig.log         |    39 -
 docs/multitenant/usecase01/makefile           |   284 -
 docs/multitenant/usecase03/Dockerfile         |    80 -
 .../usecase03/NamespaceSegregation.png        |   Bin 270813 -> 0 bytes
 docs/multitenant/usecase03/README.md          |   268 -
 docs/multitenant/usecase03/cdb_create.yaml    |    44 -
 .../usecase03/cdb_creation_log.txt            |   336 -
 docs/multitenant/usecase03/cdb_secret.yaml    |    17 -
 docs/multitenant/usecase03/gentlscert.sh      |    23 -
 docs/multitenant/usecase03/makefile           |   285 -
 .../usecase03/ns_namespace_cdb.yaml           |     7 -
 .../usecase03/ns_namespace_pdb.yaml           |     7 -
 .../usecase03/operator_creation_log.txt       |    27 -
 docs/multitenant/usecase03/pdb_create.yaml    |    46 -
 .../usecase03/pdb_creation_log.txt            |     6 -
 docs/multitenant/usecase03/pdb_secret.yaml    |    16 -
 docs/multitenant/usecase03/runOrdsSSL.sh      |   190 -
 docs/observability/README.md                  |  1054 +-
 docs/oraclerestart/README.md                  |    75 +
 ...sm_disk_to_an_existing_restart_database.md |    64 +
 .../asm_addition_autoupdate_false.txt         |   424 +
 .../asm_addition_autoupdate_true.txt          |   423 +
 .../provisioning/asm_disk_deletion.txt        |   453 +
 .../provisioning/asm_disk_deletion1.txt       |   619 +
 ...change_memory_cpu_for_oracle_restart_db.md |    55 +
 ...e_sw_storage_size_for_oracle_restart_db.md |    59 +
 docs/oraclerestart/provisioning/cleanup.md    |    20 +
 .../create_kubernetes_secret_for_db_user.md   |    27 +
 .../create_kubernetes_secret_for_ssh_setup.md |    19 +
 .../provisioning/database_connection.md       |   100 +
 docs/oraclerestart/provisioning/debugging.md  |    41 +
 ...disks_from_an_existing_restart_database.md |    47 +
 .../provisioning/known_issues.md              |     5 +
 .../provisioning/nfs_pv_stage_vol.yaml        |    39 +
 .../provisioning/oraclerestart_prov.yaml      |   100 +
 .../oraclerestart_prov_loadbalancer.yaml      |   114 +
 ...oraclerestart_prov_multiple_diskgroups.txt |   315 +
 ...raclerestart_prov_multiple_diskgroups.yaml |   131 +
 ...ov_multiple_diskgroups_with_redundancy.txt |   335 +
 ...v_multiple_diskgroups_with_redundancy.yaml |   143 +
 ..._redundancy_with_separate_storage_class.md |    53 +
 ...redundancy_with_separate_storage_class.txt |   344 +
 ...edundancy_with_separate_storage_class.yaml |   154 +
 .../oraclerestart_prov_nodeports.yaml         |   117 +
 ...aclerestart_prov_nodeports_mcpu_change.txt |   389 +
 ...clerestart_prov_nodeports_mcpu_change.yaml |   117 +
 .../oraclerestart_prov_rupatch.yaml           |   120 +
 ...tart_prov_rupatch_oneoff_storageclass.yaml |   134 +
 .../oraclerestart_prov_rupatch_pvc.yaml       |   131 +
 .../oraclerestart_prov_storage_class.yaml     |   124 +
 ...ov_storage_class_after_sw_home_resize.yaml |   125 +
 ...v_storage_class_before_sw_home_resize.yaml |   125 +
 .../orestart_db_rupatch_oneoffs_object.txt    |   197 +
 .../orestart_loadbalancer_object.txt          |   169 +
 .../provisioning/orestart_nodeport_object.txt |   153 +
 .../provisioning/orestart_object.txt          |   147 +
 .../orestart_prov_asm_disk_addition.yaml      |   120 +
 ...ov_asm_disk_addition_autoupdate_false.yaml |   120 +
 .../orestart_prov_asm_disk_deletion.yaml      |   116 +
 .../provisioning/orestart_rupatch_object.txt  |   176 +
 .../orestart_rupatch_pvc_object.txt           |   209 +
 .../orestart_storage_class_object.txt         |   180 +
 ...rage_class_object_after_sw_home_resize.txt |   197 +
 ...age_class_object_before_sw_home_resize.txt |   196 +
 .../prerequisites_oracle_restart_db.md        |   323 +
 .../provisioning_oracle_restart_db.md         |    41 +
 ...isioning_oracle_restart_db_loadbalancer.md |    44 +
 ...provisioning_oracle_restart_db_nodeport.md |    43 +
 .../provisioning_oracle_restart_db_rupatch.md |    45 +
 ...oning_oracle_restart_db_rupatch_oneoffs.md |    47 +
 ...ning_oracle_restart_multiple_diskgroups.md |    42 +
 ...art_multiple_diskgroups_with_redundancy.md |    48 +
 ...provisioning_oracle_restart_rupatch_pvc.md |    47 +
 ...ovisioning_oracle_restart_storage_class.md |    42 +
 docs/ordsservices/README.md                   |   124 +-
 docs/ordsservices/api.md                      |    22 +-
 docs/ordsservices/autoupgrade.md              |   129 +-
 docs/ordsservices/examples/adb.md             |    14 +-
 docs/ordsservices/examples/adb_oraoper.md     |    12 +-
 docs/ordsservices/examples/existing_db.md     |    13 +-
 docs/ordsservices/examples/mongo_api.md       |    13 +-
 docs/ordsservices/examples/multi_pool.md      |    15 +-
 .../examples/ordssrvs-sa-scc.yaml             |    50 +
 docs/ordsservices/examples/ordssrvs-sa.yaml   |     5 +
 docs/ordsservices/examples/ordssrvs.yaml      |    32 +
 docs/ordsservices/examples/sidb_container.md  |    18 +-
 docs/ordsservices/usecase01/makefile          |    19 +-
 docs/sharding/README.md                       |    14 +-
 .../sharding_provisioning_with_db_events.yaml |    82 +-
 ...harding_provisioning_with_free_images.yaml |    72 +-
 docs/sharding/provisioning/oraclesi.yaml      |    26 +-
 .../provisioning/oraclesi_pvc_commented.yaml  |    28 +-
 ...y_cloning_db_from_gold_image_across_ads.md |    58 -
 ...ing_by_cloning_db_gold_image_in_same_ad.md |    54 -
 ...ding_provisioning_with_chunks_specified.md |    44 -
 ...rding_scale_in_delete_an_existing_shard.md |    51 -
 .../snr_ssharding_scale_out_add_shards.md     |    38 -
 .../snr_ssharding_shard_prov.yaml             |    74 +-
 .../snr_ssharding_shard_prov_chunks.yaml      |    61 -
 .../snr_ssharding_shard_prov_clone.yaml       |    83 -
 ...ssharding_shard_prov_clone_across_ads.yaml |    91 -
 .../snr_ssharding_shard_prov_delshard.yaml    |    69 -
 .../snr_ssharding_shard_prov_extshard.yaml    |    68 -
 .../snr_ssharding_shard_prov_memory_cpu.yaml  |    88 +-
 ...sharding_shard_prov_send_notification.yaml |    98 +-
 ...ding_provisioning_with_chunks_specified.md |     2 +-
 ..._provisioning_with_control_on_resources.md |     2 +-
 ...ith_notification_using_oci_notification.md |    24 +-
 ...ding_provisioning_without_db_gold_image.md |    10 +-
 ...rding_scale_in_delete_an_existing_shard.md |     2 +-
 .../ssharding_scale_out_add_shards.md         |     2 +-
 .../system_sharding/ssharding_shard_prov.yaml |    72 +-
 .../ssharding_shard_prov_chunks.yaml          |    78 +-
 .../ssharding_shard_prov_clone.yaml           |    90 +-
 ...ssharding_shard_prov_clone_across_ads.yaml |    98 +-
 .../ssharding_shard_prov_delshard.yaml        |    76 +-
 .../ssharding_shard_prov_extshard.yaml        |    78 +-
 .../ssharding_shard_prov_memory_cpu.yaml      |    88 +-
 ...sharding_shard_prov_send_notification.yaml |    97 +-
 ..._provisioning_with_control_on_resources.md |    12 +-
 ...ith_notification_using_oci_notification.md |    20 +-
 ...ding_provisioning_without_db_gold_image.md |    16 +-
 ...rding_scale_in_delete_an_existing_shard.md |    30 +-
 .../udsharding_scale_out_add_shards.md        |    18 +-
 .../udsharding_shard_prov.yaml                |    76 +-
 .../udsharding_shard_prov_clone.yaml          |    90 +-
 ...dsharding_shard_prov_clone_across_ads.yaml |    96 +-
 .../udsharding_shard_prov_delshard.yaml       |    78 +-
 .../udsharding_shard_prov_extshard.yaml       |    81 +-
 .../udsharding_shard_prov_memory_cpu.yaml     |    87 +-
 ...sharding_shard_prov_send_notification.yaml |   104 +-
 docs/sidb/README.md                           |     8 +-
 go.mod                                        |   154 +-
 go.sum                                        |   439 +-
 main.go                                       |    91 +-
 oracle-database-operator.yaml                 | 16722 ++++++++--------
 ords/Dockerfile                               |    86 -
 ords/ords_init.sh                             |   524 +-
 ords/ords_start.sh                            |    26 +
 ords/runOrdsSSL.sh                            |   197 -
 ...tonomousdatabase_controller_create_test.go |     2 +-
 test/e2e/util/oci_acd_request.go              |     5 +-
 test/e2e/util/util.go                         |     4 +-
 562 files changed, 67698 insertions(+), 42601 deletions(-)
 create mode 100644 .gitlab-ci.yml
 delete mode 100644 apis/database/v1alpha1/cdb_types.go
 delete mode 100644 apis/database/v1alpha1/cdb_webhook.go
 delete mode 100644 apis/database/v1alpha1/pdb_types.go
 delete mode 100644 apis/database/v1alpha1/pdb_webhook.go
 delete mode 100644 apis/database/v4/cdb_types.go
 delete mode 100644 apis/database/v4/cdb_webhook.go
 create mode 100644 apis/database/v4/oraclerestart_types.go
 create mode 100644 apis/database/v4/oraclerestart_webhook.go
 delete mode 100644 apis/database/v4/pdb_types.go
 delete mode 100644 apis/database/v4/pdb_webhook.go
 rename {config => bundle/manifests}/database.oracle.com_autonomouscontainerdatabases.yaml (50%)
 rename {config => bundle/manifests}/database.oracle.com_autonomousdatabasebackups.yaml (50%)
 rename {config => bundle/manifests}/database.oracle.com_autonomousdatabaserestores.yaml (50%)
 create mode 100644 bundle/manifests/database.oracle.com_autonomousdatabases.yaml
 rename {config/crd/bases => bundle/manifests}/database.oracle.com_cdbs.yaml (98%)
 create mode 100644 bundle/manifests/database.oracle.com_dataguardbrokers.yaml
 rename config/database.oracle.com_DbcsSystem.yaml => bundle/manifests/database.oracle.com_dbcssystems.yaml (50%)
 rename config/database.oracle.com_cdbs.yaml => bundle/manifests/database.oracle.com_lrests.yaml (63%)
 rename config/database.oracle.com_pdbs.yaml => bundle/manifests/database.oracle.com_lrpdbs.yaml (55%)
 rename {config => bundle/manifests}/database.oracle.com_oraclerestdataservices.yaml (50%)
 create mode 100644 bundle/manifests/database.oracle.com_ordssrvs.yaml
 rename {config/crd/bases => bundle/manifests}/database.oracle.com_pdbs.yaml (98%)
 create mode 100644 bundle/manifests/database.oracle.com_shardingdatabases.yaml
 create mode 100644 bundle/manifests/database.oracle.com_singleinstancedatabases.yaml
 create mode 100644 bundle/manifests/observability.oracle.com_databaseobservers.yaml
 create mode 100644 bundle/manifests/oracle-database-operator-controller-manager-metrics-service_v1_service.yaml
 create mode 100644 bundle/manifests/oracle-database-operator-metrics-reader_rbac.authorization.k8s.io_v1_clusterrole.yaml
 create mode 100644 bundle/manifests/oracle-database-operator-webhook-service_v1_service.yaml
 create mode 100644 bundle/manifests/oracle-database-operator.clusterserviceversion.yaml
 create mode 100644 bundle/metadata/annotations.yaml
 create mode 100644 commons/oraclerestart/exec.go
 create mode 100644 commons/oraclerestart/oraclerestartcommon.go
 create mode 100644 commons/oraclerestart/oraclerestartconstants.go
 create mode 100644 commons/oraclerestart/oraclerestartprov.go
 create mode 100644 commons/oraclerestart/oraclerestartstatus.go
 create mode 100644 commons/oraclerestart/utils/utils.go
 create mode 100644 config/certmanager/certificate-metrics.yaml
 create mode 100644 config/certmanager/certificate-webhook.yaml
 create mode 100644 config/certmanager/issuer.yaml
 create mode 100644 config/crd/bases/database.oracle.com_oraclerestartnews.yaml
 create mode 100644 config/crd/bases/database.oracle.com_oraclerestarts.yaml
 create mode 100644 config/crd/bases/database.oracle.com_oraclerestartservices.yaml
 delete mode 100644 config/database.oracle.com_autonomousdatabases.yaml
 delete mode 100644 config/database.oracle.com_dataguardbrokers.yaml
 delete mode 100644 config/database.oracle.com_shardingdatabases.yaml
 delete mode 100644 config/database.oracle.com_singleinstancedatabases.yaml
 create mode 100644 config/network-policy/allow-webhook-traffic.yaml
 delete mode 100644 config/rbac/cdb_editor_role.yaml
 delete mode 100644 config/rbac/cdb_viewer_role.yaml
 create mode 100644 config/rbac/database_oraclerestart_admin_role.yaml
 create mode 100644 config/rbac/database_oraclerestart_editor_role.yaml
 create mode 100644 config/rbac/database_oraclerestart_viewer_role.yaml
 delete mode 100644 config/rbac/pdb_editor_role.yaml
 delete mode 100644 config/rbac/pdb_viewer_role.yaml
 rename config/samples/adb/{autonomousdatabase_wallet.yaml => autonomousdatabase_download_wallet.yaml} (96%)
 create mode 100644 config/samples/adb/autonomousdatabase_manual_failover.yaml
 create mode 100644 config/samples/adb/autonomousdatabase_switchover.yaml
 create mode 100644 config/samples/database_v4_oraclerestart.yaml
 delete mode 100644 config/samples/multitenant/cdb.yaml
 delete mode 100644 config/samples/multitenant/cdb_secret.yaml
 delete mode 100644 config/samples/multitenant/pdb_clone.yaml
 delete mode 100644 config/samples/multitenant/pdb_create.yaml
 delete mode 100644 config/samples/multitenant/pdb_delete.yaml
 delete mode 100644 config/samples/multitenant/pdb_modify.yaml
 delete mode 100644 config/samples/multitenant/pdb_plug.yaml
 delete mode 100644 config/samples/multitenant/pdb_secret.yaml
 delete mode 100644 config/samples/multitenant/pdb_unplug.yaml
 delete mode 100644 config/samples/observability/databaseobserver_custom_config.yaml
 delete mode 100644 config/samples/observability/databaseobserver_minimal.yaml
 delete mode 100644 config/samples/observability/databaseobserver_vault.yaml
 delete mode 100644 config/samples/observability/v1alpha1/databaseobserver_vault.yaml
 create mode 100644 config/samples/observability/v1alpha1/databaseobserver_vault_oci.yaml
 create mode 100644 config/samples/observability/v4/databaseobserver_exporter_config_file.yaml
 delete mode 100644 config/samples/observability/v4/databaseobserver_vault.yaml
 create mode 100644 config/samples/observability/v4/databaseobserver_vault_azure.yaml
 create mode 100644 config/samples/observability/v4/databaseobserver_vault_oci.yaml
 delete mode 100644 controllers/database/cdb_controller.go
 create mode 100644 controllers/database/oraclerestart_controller.go
 delete mode 100644 controllers/database/pdb_controller.go
 create mode 100644 docs/config/samples/orestart/custom-kubeletconfig.yaml
 create mode 100644 docs/config/samples/orestart/custom-scc.yaml
 create mode 100644 docs/dbcs/provisioning/backup_database_sample_output.log
 create mode 100644 docs/dbcs/provisioning/backup_of_database.md
 create mode 100644 docs/dbcs/provisioning/backup_of_database.yaml
 create mode 100644 docs/dbcs/provisioning/dataguard_in_database.yaml
 create mode 100644 docs/dbcs/provisioning/dataguard_in_database_sample_output.log
 create mode 100644 docs/dbcs/provisioning/dataguard_to_database.md
 create mode 100644 docs/dbcs/provisioning/disable_dataguard_in_database.yaml
 create mode 100644 docs/dbcs/provisioning/disable_dataguard_in_database_sample_output.log
 create mode 100644 docs/dbcs/provisioning/disable_dataguard_to_database.md
 create mode 100644 docs/dbcs/provisioning/disabled_dataguard_to_database.md
 create mode 100644 docs/dbcs/provisioning/patch_dbcs_system.yaml
 create mode 100644 docs/dbcs/provisioning/patch_dbcs_system_sample_output.log
 create mode 100644 docs/dbcs/provisioning/patching_database.md
 create mode 100644 docs/dbcs/provisioning/restore_database_sample_output.log
 create mode 100644 docs/dbcs/provisioning/restore_of_database.md
 create mode 100644 docs/dbcs/provisioning/restore_of_database.yaml
 create mode 100644 docs/dbcs/provisioning/upgrade_dbcs_system.yaml
 create mode 100644 docs/dbcs/provisioning/upgrade_dbcs_system_sample_output.log
 create mode 100644 docs/dbcs/provisioning/upgrading_database.md
 delete mode 100644 docs/multitenant/NamespaceSeg.md
 rename docs/multitenant/{lrest-based => }/images/Generalschema2.jpg (100%)
 create mode 100644 docs/multitenant/images/KubectlGetSchema.jpg
 create mode 100644 docs/multitenant/images/KubectlGetSchema2.jpg
 rename docs/multitenant/{lrest-based/images/UsecaseSchema.jpg => images/old_testcase_wf.jpg} (100%)
 create mode 100644 docs/multitenant/images/plsqlmap.jpg
 create mode 100644 docs/multitenant/images/usecaseschema.jpg
 delete mode 100644 docs/multitenant/lrest-based/README.md
 delete mode 100644 docs/multitenant/lrest-based/usecase/README.md
 delete mode 100644 docs/multitenant/lrest-based/usecase/config-map-pdb.yaml
 delete mode 100644 docs/multitenant/lrest-based/usecase/makefile
 delete mode 100644 docs/multitenant/ords-based/NamespaceSeg.md
 delete mode 100644 docs/multitenant/ords-based/README.md
 delete mode 100644 docs/multitenant/ords-based/images/K8S_NAMESPACE_SEG.png
 delete mode 100644 docs/multitenant/ords-based/images/K8S_SECURE1.png
 delete mode 100644 docs/multitenant/ords-based/images/K8S_SECURE2.png
 delete mode 100644 docs/multitenant/ords-based/images/K8S_SECURE3.png
 delete mode 100644 docs/multitenant/ords-based/images/K8S_SECURE4.png
 delete mode 100644 docs/multitenant/ords-based/images/makerunall.png
 delete mode 100644 docs/multitenant/ords-based/images/makesecrets_1_1.png
 delete mode 100644 docs/multitenant/ords-based/openssl_schema.jpg
 delete mode 100644 docs/multitenant/ords-based/provisioning/example_setup_using_oci_oke_cluster.md
 delete mode 100644 docs/multitenant/ords-based/provisioning/multinamespace/cdb_create.yaml
 delete mode 100644 docs/multitenant/ords-based/provisioning/multinamespace/pdb_clone.yaml
 delete mode 100644 docs/multitenant/ords-based/provisioning/multinamespace/pdb_close.yaml
 delete mode 100644 docs/multitenant/ords-based/provisioning/multinamespace/pdb_create.yaml
 delete mode 100644 docs/multitenant/ords-based/provisioning/multinamespace/pdb_delete.yaml
 delete mode 100644 docs/multitenant/ords-based/provisioning/multinamespace/pdb_open.yaml
 delete mode 100644 docs/multitenant/ords-based/provisioning/multinamespace/pdb_plug.yaml
 delete mode 100644 docs/multitenant/ords-based/provisioning/multinamespace/pdb_unplug.yaml
 delete mode 100644 docs/multitenant/ords-based/provisioning/ords_image.md
 delete mode 100644 docs/multitenant/ords-based/provisioning/quickOKEcreation.md
 delete mode 100644 docs/multitenant/ords-based/provisioning/singlenamespace/cdb_create.yaml
 delete mode 100644 docs/multitenant/ords-based/provisioning/singlenamespace/cdb_secret.yaml
 delete mode 100644 docs/multitenant/ords-based/provisioning/singlenamespace/pdb_clone.yaml
 delete mode 100644 docs/multitenant/ords-based/provisioning/singlenamespace/pdb_close.yaml
 delete mode 100644 docs/multitenant/ords-based/provisioning/singlenamespace/pdb_create.yaml
 delete mode 100644 docs/multitenant/ords-based/provisioning/singlenamespace/pdb_delete.yaml
 delete mode 100644 docs/multitenant/ords-based/provisioning/singlenamespace/pdb_open.yaml
 delete mode 100644 docs/multitenant/ords-based/provisioning/singlenamespace/pdb_plug.yaml
 delete mode 100644 docs/multitenant/ords-based/provisioning/singlenamespace/pdb_secret.yaml
 delete mode 100644 docs/multitenant/ords-based/provisioning/singlenamespace/pdb_unplug.yaml
 delete mode 100644 docs/multitenant/ords-based/usecase/README.md
 delete mode 100644 docs/multitenant/ords-based/usecase/cdbnamespace_binding.yaml
 delete mode 100644 docs/multitenant/ords-based/usecase/clone_pdb1_resource.yaml
 delete mode 100644 docs/multitenant/ords-based/usecase/clone_pdb2_resource.yaml
 delete mode 100644 docs/multitenant/ords-based/usecase/close_pdb1_resource.yaml
 delete mode 100644 docs/multitenant/ords-based/usecase/close_pdb2_resource.yaml
 delete mode 100644 docs/multitenant/ords-based/usecase/close_pdb3_resource.yaml
 delete mode 100644 docs/multitenant/ords-based/usecase/create_ords_pod.yaml
 delete mode 100644 docs/multitenant/ords-based/usecase/create_pdb1_resource.yaml
 delete mode 100644 docs/multitenant/ords-based/usecase/create_pdb2_resource.yaml
 delete mode 100644 docs/multitenant/ords-based/usecase/delete_pdb1_resource.yaml
 delete mode 100644 docs/multitenant/ords-based/usecase/delete_pdb2_resource.yaml
 delete mode 100644 docs/multitenant/ords-based/usecase/makefile
 delete mode 100644 docs/multitenant/ords-based/usecase/map_pdb1_resource.yaml
 delete mode 100644 docs/multitenant/ords-based/usecase/map_pdb2_resource.yaml
 delete mode 100644 docs/multitenant/ords-based/usecase/map_pdb3_resource.yaml
 delete mode 100644 docs/multitenant/ords-based/usecase/open_pdb1_resource.yaml
 delete mode 100644 docs/multitenant/ords-based/usecase/open_pdb2_resource.yaml
 delete mode 100644 docs/multitenant/ords-based/usecase/open_pdb3_resource.yaml
 delete mode 100644 docs/multitenant/ords-based/usecase/parameters.txt
 delete mode 100644 docs/multitenant/ords-based/usecase/pdbnamespace_binding.yaml
 delete mode 100644 docs/multitenant/ords-based/usecase/plug_pdb1_resource.yaml
 delete mode 100644 docs/multitenant/ords-based/usecase/unplug_pdb1_resource.yaml
 delete mode 100644 docs/multitenant/ords-based/usecase01/README.md
 delete mode 100644 docs/multitenant/ords-based/usecase01/ca.crt
 delete mode 100644 docs/multitenant/ords-based/usecase01/ca.key
 delete mode 100644 docs/multitenant/ords-based/usecase01/ca.srl
 delete mode 100644 docs/multitenant/ords-based/usecase01/cdb_create.yaml
 delete mode 100644 docs/multitenant/ords-based/usecase01/cdb_secret.yaml
 delete mode 100644 docs/multitenant/ords-based/usecase01/clone_pdb1_resource.yaml
 delete mode 100644 docs/multitenant/ords-based/usecase01/clone_pdb2_resource.yaml
 delete mode 100644 docs/multitenant/ords-based/usecase01/close_pdb1_resource.yaml
 delete mode 100644 docs/multitenant/ords-based/usecase01/close_pdb2_resource.yaml
 delete mode 100644 docs/multitenant/ords-based/usecase01/close_pdb3_resource.yaml
 delete mode 100644 docs/multitenant/ords-based/usecase01/create_ords_pod.yaml
 delete mode 100644 docs/multitenant/ords-based/usecase01/create_pdb1_resource.yaml
 delete mode 100644 docs/multitenant/ords-based/usecase01/create_pdb2_resource.yaml
 delete mode 100644 docs/multitenant/ords-based/usecase01/delete_pdb1_resource.yaml
 delete mode 100644 docs/multitenant/ords-based/usecase01/delete_pdb2_resource.yaml
 delete mode 100644 docs/multitenant/ords-based/usecase01/extfile.txt
 delete mode 100644 docs/multitenant/ords-based/usecase01/logfiles/BuildImage.log
 delete mode 100644 docs/multitenant/ords-based/usecase01/logfiles/ImagePush.log
 delete mode 100644 docs/multitenant/ords-based/usecase01/logfiles/cdb.log
 delete mode 100644 docs/multitenant/ords-based/usecase01/logfiles/cdb_creation.log
 delete mode 100644 docs/multitenant/ords-based/usecase01/logfiles/openssl_execution.log
 delete mode 100644 docs/multitenant/ords-based/usecase01/logfiles/ordsconfig.log
 delete mode 100644 docs/multitenant/ords-based/usecase01/logfiles/tagandpush.log
 delete mode 100644 docs/multitenant/ords-based/usecase01/logfiles/testapi.log
 delete mode 100644 docs/multitenant/ords-based/usecase01/makefile
 delete mode 100644 docs/multitenant/ords-based/usecase01/map_pdb1_resource.yaml
 delete mode 100644 docs/multitenant/ords-based/usecase01/map_pdb2_resource.yaml
 delete mode 100644 docs/multitenant/ords-based/usecase01/map_pdb3_resource.yaml
 delete mode 100644 docs/multitenant/ords-based/usecase01/open_pdb1_resource.yaml
 delete mode 100644 docs/multitenant/ords-based/usecase01/open_pdb2_resource.yaml
 delete mode 100644 docs/multitenant/ords-based/usecase01/open_pdb3_resource.yaml
 delete mode 100644 docs/multitenant/ords-based/usecase01/oracle-database-operator-system_binding.yaml
 delete mode 120000 docs/multitenant/ords-based/usecase01/oracle-database-operator.yaml
 delete mode 100644 docs/multitenant/ords-based/usecase01/parameters.txt
 delete mode 100644 docs/multitenant/ords-based/usecase01/pdb_close.yaml
 delete mode 100644 docs/multitenant/ords-based/usecase01/pdb_create.yaml
 delete mode 100644 docs/multitenant/ords-based/usecase01/pdb_delete.yaml
 delete mode 100644 docs/multitenant/ords-based/usecase01/pdb_map.yaml
 delete mode 100644 docs/multitenant/ords-based/usecase01/pdb_open.yaml
 delete mode 100644 docs/multitenant/ords-based/usecase01/pdb_secret.yaml
 delete mode 100644 docs/multitenant/ords-based/usecase01/plug_pdb1_resource.yaml
 delete mode 100644 docs/multitenant/ords-based/usecase01/server.csr
 delete mode 100644 docs/multitenant/ords-based/usecase01/tde_secret.yaml
 delete mode 100644 docs/multitenant/ords-based/usecase01/tls.crt
 delete mode 100644 docs/multitenant/ords-based/usecase01/tls.key
 delete mode 100644 docs/multitenant/ords-based/usecase01/unplug_pdb1_resource.yaml
 delete mode 100644 docs/multitenant/ords-based/usecase02/README.md
 delete mode 100644 docs/multitenant/ords-based/usecase02/pdb_clone.yaml
 delete mode 100644 docs/multitenant/ords-based/usecase02/pdb_plug.yaml
 delete mode 100644 docs/multitenant/ords-based/usecase02/pdb_plugtde.yaml
 delete mode 100644 docs/multitenant/ords-based/usecase02/pdb_unplug.yaml
 delete mode 100644 docs/multitenant/ords-based/usecase02/pdb_unplugtde.yaml
 delete mode 100644 docs/multitenant/provisioning/ords_image.md
 create mode 100644 docs/multitenant/usecase/README.md
 rename docs/multitenant/{lrest-based => }/usecase/altersystem_pdb1_resource.yaml (97%)
 rename docs/multitenant/{lrest-based => }/usecase/cdbnamespace_binding.yaml (100%)
 rename docs/multitenant/{lrest-based => }/usecase/clone_pdb1_resource.yaml (95%)
 rename docs/multitenant/{lrest-based => }/usecase/clone_pdb2_resource.yaml (95%)
 rename docs/multitenant/{lrest-based => }/usecase/close_pdb1_resource.yaml (97%)
 rename docs/multitenant/{lrest-based => }/usecase/close_pdb2_resource.yaml (97%)
 rename docs/multitenant/{lrest-based => }/usecase/close_pdb3_resource.yaml (95%)
 rename docs/multitenant/{lrest-based => }/usecase/config_map_pdb.yaml (100%)
 create mode 100644 docs/multitenant/usecase/config_map_plsql.yaml
 rename docs/multitenant/{lrest-based => }/usecase/create_lrest_pod.yaml (86%)
 rename docs/multitenant/{lrest-based => }/usecase/create_pdb1_resource.yaml (95%)
 rename docs/multitenant/{lrest-based => }/usecase/create_pdb2_resource.yaml (95%)
 rename docs/multitenant/{lrest-based => }/usecase/delete_pdb1_resource.yaml (94%)
 rename docs/multitenant/{lrest-based => }/usecase/delete_pdb2_resource.yaml (94%)
 create mode 100644 docs/multitenant/usecase/delete_pdb3_resource.yaml
 create mode 100644 docs/multitenant/usecase/makefile
 rename docs/multitenant/{lrest-based => }/usecase/map_pdb1_resource.yaml (95%)
 rename docs/multitenant/{lrest-based => }/usecase/map_pdb2_resource.yaml (95%)
 rename docs/multitenant/{lrest-based => }/usecase/map_pdb3_resource.yaml (95%)
 create mode 100644 docs/multitenant/usecase/node_rbac.yaml
 rename docs/multitenant/{lrest-based => }/usecase/open_pdb1_resource.yaml (97%)
 rename docs/multitenant/{lrest-based => }/usecase/open_pdb2_resource.yaml (97%)
 rename docs/multitenant/{lrest-based => }/usecase/open_pdb3_resource.yaml (97%)
 rename docs/multitenant/{lrest-based => }/usecase/parameters.txt (52%)
 rename docs/multitenant/{lrest-based => }/usecase/pdbnamespace_binding.yaml (100%)
 rename docs/multitenant/{lrest-based => }/usecase/plug_pdb1_resource.yaml (91%)
 create mode 100644 docs/multitenant/usecase/security_context.yaml
 rename docs/multitenant/{lrest-based => }/usecase/unplug_pdb1_resource.yaml (93%)
 delete mode 100644 docs/multitenant/usecase01/logfiles/BuildImage.log
 delete mode 100644 docs/multitenant/usecase01/logfiles/openssl_execution.log
 delete mode 100644 docs/multitenant/usecase01/logfiles/ordsconfig.log
 delete mode 100644 docs/multitenant/usecase01/makefile
 delete mode 100644 docs/multitenant/usecase03/Dockerfile
 delete mode 100644 docs/multitenant/usecase03/NamespaceSegregation.png
 delete mode 100644 docs/multitenant/usecase03/README.md
 delete mode 100644 docs/multitenant/usecase03/cdb_create.yaml
 delete mode 100644 docs/multitenant/usecase03/cdb_creation_log.txt
 delete mode 100644 docs/multitenant/usecase03/cdb_secret.yaml
 delete mode 100644 docs/multitenant/usecase03/gentlscert.sh
 delete mode 100644 docs/multitenant/usecase03/makefile
 delete mode 100644 docs/multitenant/usecase03/ns_namespace_cdb.yaml
 delete mode 100644 docs/multitenant/usecase03/ns_namespace_pdb.yaml
 delete mode 100644 docs/multitenant/usecase03/operator_creation_log.txt
 delete mode 100644 docs/multitenant/usecase03/pdb_create.yaml
 delete mode 100644 docs/multitenant/usecase03/pdb_creation_log.txt
 delete mode 100644 docs/multitenant/usecase03/pdb_secret.yaml
 delete mode 100644 docs/multitenant/usecase03/runOrdsSSL.sh
 create mode 100644 docs/oraclerestart/README.md
 create mode 100644 docs/oraclerestart/provisioning/add_asm_disk_to_an_existing_restart_database.md
 create mode 100644 docs/oraclerestart/provisioning/asm_addition_autoupdate_false.txt
 create mode 100644 docs/oraclerestart/provisioning/asm_addition_autoupdate_true.txt
 create mode 100644 docs/oraclerestart/provisioning/asm_disk_deletion.txt
 create mode 100644 docs/oraclerestart/provisioning/asm_disk_deletion1.txt
 create mode 100644 docs/oraclerestart/provisioning/change_memory_cpu_for_oracle_restart_db.md
 create mode 100644 docs/oraclerestart/provisioning/change_sw_storage_size_for_oracle_restart_db.md
 create mode 100644 docs/oraclerestart/provisioning/cleanup.md
 create mode 100644 docs/oraclerestart/provisioning/create_kubernetes_secret_for_db_user.md
 create mode 100644 docs/oraclerestart/provisioning/create_kubernetes_secret_for_ssh_setup.md
 create mode 100644 docs/oraclerestart/provisioning/database_connection.md
 create mode 100644 docs/oraclerestart/provisioning/debugging.md
 create mode 100644 docs/oraclerestart/provisioning/delete_asm_disks_from_an_existing_restart_database.md
 create mode 100644 docs/oraclerestart/provisioning/known_issues.md
 create mode 100644 docs/oraclerestart/provisioning/nfs_pv_stage_vol.yaml
 create mode 100644 docs/oraclerestart/provisioning/oraclerestart_prov.yaml
 create mode 100644 docs/oraclerestart/provisioning/oraclerestart_prov_loadbalancer.yaml
 create mode 100644 docs/oraclerestart/provisioning/oraclerestart_prov_multiple_diskgroups.txt
 create mode 100644 docs/oraclerestart/provisioning/oraclerestart_prov_multiple_diskgroups.yaml
 create mode 100644 docs/oraclerestart/provisioning/oraclerestart_prov_multiple_diskgroups_with_redundancy.txt
 create mode 100644 docs/oraclerestart/provisioning/oraclerestart_prov_multiple_diskgroups_with_redundancy.yaml
 create mode 100644 docs/oraclerestart/provisioning/oraclerestart_prov_multiple_diskgroups_with_redundancy_with_separate_storage_class.md
 create mode 100644 docs/oraclerestart/provisioning/oraclerestart_prov_multiple_diskgroups_with_redundancy_with_separate_storage_class.txt
 create mode 100644 docs/oraclerestart/provisioning/oraclerestart_prov_multiple_diskgroups_with_redundancy_with_separate_storage_class.yaml
 create mode 100644 docs/oraclerestart/provisioning/oraclerestart_prov_nodeports.yaml
 create mode 100644 docs/oraclerestart/provisioning/oraclerestart_prov_nodeports_mcpu_change.txt
 create mode 100644 docs/oraclerestart/provisioning/oraclerestart_prov_nodeports_mcpu_change.yaml
 create mode 100644 docs/oraclerestart/provisioning/oraclerestart_prov_rupatch.yaml
 create mode 100644 docs/oraclerestart/provisioning/oraclerestart_prov_rupatch_oneoff_storageclass.yaml
 create mode 100644 docs/oraclerestart/provisioning/oraclerestart_prov_rupatch_pvc.yaml
 create mode 100644 docs/oraclerestart/provisioning/oraclerestart_prov_storage_class.yaml
 create mode 100644 docs/oraclerestart/provisioning/oraclerestart_prov_storage_class_after_sw_home_resize.yaml
 create mode 100644 docs/oraclerestart/provisioning/oraclerestart_prov_storage_class_before_sw_home_resize.yaml
 create mode 100644 docs/oraclerestart/provisioning/orestart_db_rupatch_oneoffs_object.txt
 create mode 100644 docs/oraclerestart/provisioning/orestart_loadbalancer_object.txt
 create mode 100644 docs/oraclerestart/provisioning/orestart_nodeport_object.txt
 create mode 100644 docs/oraclerestart/provisioning/orestart_object.txt
 create mode 100644 docs/oraclerestart/provisioning/orestart_prov_asm_disk_addition.yaml
 create mode 100644 docs/oraclerestart/provisioning/orestart_prov_asm_disk_addition_autoupdate_false.yaml
 create mode 100644 docs/oraclerestart/provisioning/orestart_prov_asm_disk_deletion.yaml
 create mode 100644 docs/oraclerestart/provisioning/orestart_rupatch_object.txt
 create mode 100644 docs/oraclerestart/provisioning/orestart_rupatch_pvc_object.txt
 create mode 100644 docs/oraclerestart/provisioning/orestart_storage_class_object.txt
 create mode 100644 docs/oraclerestart/provisioning/orestart_storage_class_object_after_sw_home_resize.txt
 create mode 100644 docs/oraclerestart/provisioning/orestart_storage_class_object_before_sw_home_resize.txt
 create mode 100644 docs/oraclerestart/provisioning/prerequisites_oracle_restart_db.md
 create mode 100644 docs/oraclerestart/provisioning/provisioning_oracle_restart_db.md
 create mode 100644 docs/oraclerestart/provisioning/provisioning_oracle_restart_db_loadbalancer.md
 create mode 100644 docs/oraclerestart/provisioning/provisioning_oracle_restart_db_nodeport.md
 create mode 100644 docs/oraclerestart/provisioning/provisioning_oracle_restart_db_rupatch.md
 create mode 100644 docs/oraclerestart/provisioning/provisioning_oracle_restart_db_rupatch_oneoffs.md
 create mode 100644 docs/oraclerestart/provisioning/provisioning_oracle_restart_multiple_diskgroups.md
 create mode 100644 docs/oraclerestart/provisioning/provisioning_oracle_restart_multiple_diskgroups_with_redundancy.md
 create mode 100644 docs/oraclerestart/provisioning/provisioning_oracle_restart_rupatch_pvc.md
 create mode 100644 docs/oraclerestart/provisioning/provisioning_oracle_restart_storage_class.md
 create mode 100644 docs/ordsservices/examples/ordssrvs-sa-scc.yaml
 create mode 100644 docs/ordsservices/examples/ordssrvs-sa.yaml
 create mode 100644 docs/ordsservices/examples/ordssrvs.yaml
 delete mode 100644 docs/sharding/provisioning/snr_system_sharding/snr_ssharding_provisioning_by_cloning_db_from_gold_image_across_ads.md
 delete mode 100644 docs/sharding/provisioning/snr_system_sharding/snr_ssharding_provisioning_by_cloning_db_gold_image_in_same_ad.md
 delete mode 100644 docs/sharding/provisioning/snr_system_sharding/snr_ssharding_provisioning_with_chunks_specified.md
 delete mode 100644 docs/sharding/provisioning/snr_system_sharding/snr_ssharding_scale_in_delete_an_existing_shard.md
 delete mode 100644 docs/sharding/provisioning/snr_system_sharding/snr_ssharding_scale_out_add_shards.md
 delete mode 100644 docs/sharding/provisioning/snr_system_sharding/snr_ssharding_shard_prov_chunks.yaml
 delete mode 100644 docs/sharding/provisioning/snr_system_sharding/snr_ssharding_shard_prov_clone.yaml
 delete mode 100644 docs/sharding/provisioning/snr_system_sharding/snr_ssharding_shard_prov_clone_across_ads.yaml
 delete mode 100644 docs/sharding/provisioning/snr_system_sharding/snr_ssharding_shard_prov_delshard.yaml
 delete mode 100644 docs/sharding/provisioning/snr_system_sharding/snr_ssharding_shard_prov_extshard.yaml
 delete mode 100644 ords/Dockerfile
 create mode 100644 ords/ords_start.sh
 delete mode 100644 ords/runOrdsSSL.sh

diff --git a/.gitignore b/.gitignore
index 51923538..a830fdda 100644
--- a/.gitignore
+++ b/.gitignore
@@ -1,6 +1,7 @@
 operator.tgz
 cover.out
 bin
+bin/*
 testbin/*
 onpremtest/*
 ords/*zip
@@ -10,4 +11,4 @@ ords/*zip
 .DS_Store
 # development
 .idea
-.local
+.local
\ No newline at end of file
diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml
new file mode 100644
index 00000000..15a73ac1
--- /dev/null
+++ b/.gitlab-ci.yml
@@ -0,0 +1,38 @@
+build-operator: 
+  stage: build
+  variables:
+    IMAGE: "$DOCKER_REPO:$CI_COMMIT_SHORT_SHA"
+    OP_YAML: oracle-database-operator.yaml
+    BUILD_INTERNAL: "true"
+  script:
+    - export GOLANG_VERSION=1.25.1
+    - export GOROOT=$(go${GOLANG_VERSION} env GOROOT)
+    - export PATH="${GOROOT}/bin:${PATH}"
+    - make operator-yaml IMG=$IMAGE GOLANG_VERSION=$GOLANG_VERSION
+    - if [ "$CI_COMMIT_BRANCH" = "master" ]; then
+        podman run --rm --privileged multiarch/qemu-user-static --reset -p yes;
+        make image-build image-push IMG="$IMAGE" BUILD_MANIFEST=true GOLANG_VERSION=$GOLANG_VERSION;
+        podman manifest rm "$IMAGE";
+      else
+        make image-build image-push IMG="$IMAGE" GOLANG_VERSION=$GOLANG_VERSION;
+        podman rmi "$IMAGE";
+        sed -i "s/\(replicas.\) 3/\1 1/g" ./$OP_YAML;
+      fi
+    - buildah containers -q | xargs -n1 buildah rm || true
+    - podman system prune -f
+    - curl -s --netrc-file $HOME/.netrc_gitlab $ARTIFACTORY_REPO/$CI_COMMIT_BRANCH/$OP_YAML -T ./$OP_YAML
+  only:
+    variables:
+      - $CI_COMMIT_MESSAGE =~ /\#run-pipeline/
+      - $CI_COMMIT_BRANCH =~ /master/
+      - $CI_MERGE_REQUEST_ID != ""
+  except:
+    variables:
+      - $CI_COMMIT_MESSAGE =~ /\#skip-pipeline/
+      - $CI_COMMIT_TAG != null
+
+cleanup:
+  stage: .post
+  script:
+    - echo "Clean up downloaded binaries"
+    - rm -rf bin/
\ No newline at end of file
diff --git a/Dockerfile b/Dockerfile
index f444d508..299e0e6f 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -3,8 +3,9 @@
 #
 
 # Build the manager binary
-ARG BUILDER_IMG
-FROM ${BUILDER_IMG} as builder
+ARG BUILDER_IMG="oraclelinux:9"
+ARG RUNNER_IMG="oraclelinux:9-slim"
+FROM ${BUILDER_IMG} AS builder
 
 ARG TARGETARCH
 # Download golang if INSTALL_GO is set to true
@@ -18,28 +19,38 @@ RUN if [ "$INSTALL_GO" = "true" ]; then \
         echo "Go Arch: $(/usr/local/go/bin/go env GOARCH)"; \
     fi
 ENV PATH=${GOLANG_VERSION:+"${PATH}:/usr/local/go/bin"}
+ENV GOCACHE=/go-cache
+ENV GOMODCACHE=/gomod-cache
 
 WORKDIR /workspace
 # Copy the Go Modules manifests
 COPY go.mod go.mod
 COPY go.sum go.sum
-# cache deps before building and copying source so that we don't need to re-download as much
-# and so that source changes don't invalidate our downloaded layer
-RUN go mod download
 
 # Copy the go source
+COPY LICENSE.txt LICENSE.txt
+COPY THIRD_PARTY_LICENSES_DOCKER.txt THIRD_PARTY_LICENSES_DOCKER.txt
 COPY main.go main.go
 COPY apis/ apis/
-COPY controllers/ controllers/
 COPY commons/ commons/
-COPY LICENSE.txt LICENSE.txt
-COPY THIRD_PARTY_LICENSES_DOCKER.txt THIRD_PARTY_LICENSES_DOCKER.txt
+COPY controllers/ controllers/
 
 # Build
-RUN CGO_ENABLED=0 GOOS=linux GOARCH=${TARGETARCH} GO111MODULE=on go build -a -o manager main.go
+RUN --mount=type=cache,target=/go-cache --mount=type=cache,target=/gomod-cache CGO_ENABLED=0 GOOS=linux GOARCH=${TARGETARCH} GO111MODULE=on go build -o manager main.go
 
-# Use oraclelinux:9 as base image to package the manager binary
-FROM oraclelinux:9
+# Use oraclelinux:9-slim as default base image to package the manager binary
+FROM ${RUNNER_IMG}
+# Labels
+# ------
+LABEL "provider"="Oracle"                                                                                                        \
+      "issues"="https://github.com/oracle/oracle-database-operator/issues"                                                       \
+      "maintainer"="paramdeep.saini@oracle.com, sanjay.singh@oracle.com, kuassi.mensah@oracle.com"                               \
+      "version"="2.0"                                                                                                            \
+      "description"="DB Operator Image V2.0"                                                                                     \
+      "vendor"="Oracle Coporation"                                                                                               \
+      "release"="2.0"                                                                                                            \
+      "summary"="Oracle Database Operator 2.0"                                                                                  \
+      "name"="oracle-database-operator.v2.0"
 ARG CI_COMMIT_SHA 
 ARG CI_COMMIT_BRANCH
 ENV COMMIT_SHA=${CI_COMMIT_SHA} \
@@ -47,6 +58,10 @@ ENV COMMIT_SHA=${CI_COMMIT_SHA} \
 WORKDIR /
 COPY --from=builder /workspace/manager .
 COPY ords/ords_init.sh .
+COPY ords/ords_start.sh .
+COPY LICENSE.txt /licenses/
+COPY THIRD_PARTY_LICENSES_DOCKER.txt /licenses/
+COPY THIRD_PARTY_LICENSES.txt /licenses/
 RUN useradd -u 1002 nonroot
 USER nonroot
 
diff --git a/Makefile b/Makefile
index b9755e6f..d27bb5f2 100644
--- a/Makefile
+++ b/Makefile
@@ -4,7 +4,7 @@
 #
 
 # Current Operator version
-VERSION ?= 0.0.1
+VERSION ?= 2.0
 # Default bundle image tag
 BUNDLE_IMG ?= controller-bundle:$(VERSION)
 # Options for 'bundle-build'
@@ -23,7 +23,7 @@ IMG ?= controller:latest
 # https://github.com/kubernetes-sigs/kubebuilder/issues/1140 
 CRD_OPTIONS ?= "crd:maxDescLen=0,allowDangerousTypes=true"
 # ENVTEST_K8S_VERSION refers to the version of kubebuilder assets to be downloaded by envtest binary.
-ENVTEST_K8S_VERSION = 1.29.0
+ENVTEST_K8S_VERSION = 1.31.0
 # Operator YAML file
 OPERATOR_YAML=$$(basename $$(pwd)).yaml
 # Get the currently used golang install path (in GOPATH/bin, unless GOBIN is set)
@@ -70,12 +70,14 @@ build: generate fmt vet ## Build manager binary.
 run: manifests generate fmt vet ## Run a controller from your host.
 	go run ./main.go
  
-GOLANG_VERSION ?= 1.23.3
+GOLANG_VERSION ?= 1.25.1
+DOCKER ?= podman
 ## Download golang in the Dockerfile if BUILD_INTERNAL is set to true.
 ## Otherwise, use golang image from docker hub as the builder.
 ifeq ($(BUILD_INTERNAL), true)
 BUILDER_IMG = oraclelinux:9
 BUILD_ARGS = --build-arg BUILDER_IMG=$(BUILDER_IMG) --build-arg GOLANG_VERSION=$(GOLANG_VERSION) --build-arg INSTALL_GO=true
+DOCKER = podman
 else
 BUILDER_IMG = golang:$(GOLANG_VERSION)
 BUILD_ARGS = --build-arg BUILDER_IMG=$(BUILDER_IMG) --build-arg INSTALL_GO="false" --build-arg GOLANG_VERSION=$(GOLANG_VERSION)
@@ -86,18 +88,18 @@ PUSH_ARGS := manifest
 else
 BUILD_ARGS := $(BUILD_ARGS) --platform=linux/amd64 --tag
 endif
-docker-build: #manifests generate fmt vet #test ## Build docker image with the manager. Disable the test but keep the validations to fail fast
-	docker build --no-cache=true --build-arg http_proxy=$(HTTP_PROXY) --build-arg https_proxy=$(HTTPS_PROXY) \
+image-build: #manifests generate fmt vet #test ## Build docker image with the manager. Disable the test but keep the validations to fail fast
+	$(DOCKER) build --build-arg http_proxy=$(HTTP_PROXY) --build-arg https_proxy=$(HTTPS_PROXY) \
                      --build-arg CI_COMMIT_SHA=$(CI_COMMIT_SHA) --build-arg CI_COMMIT_BRANCH=$(CI_COMMIT_BRANCH) \
                      $(BUILD_ARGS) $(IMG) .
- 
-docker-push: ## Push docker image with the manager.
-	docker $(PUSH_ARGS) push $(IMG)
+
+image-push: ## Push docker image with the manager.
+	$(DOCKER) $(PUSH_ARGS) push $(IMG)
 
 # Push to minikube's local registry enabled by registry add-on
 minikube-push:
-	docker tag $(IMG) $$(minikube ip):5000/$(IMG)
-	docker push --tls-verify=false $$(minikube ip):5000/$(IMG)
+	$(DOCKER) tag $(IMG) $$(minikube ip):5000/$(IMG)
+	$(DOCKER) push --tls-verify=false $$(minikube ip):5000/$(IMG)
 
 ##@ Deployment
  
@@ -123,7 +125,6 @@ operator-yaml: manifests kustomize
 	(echo --- && sed '/^apiVersion: apps\/v1/,/---/!d' "$(OPERATOR_YAML).bak")  >>  "$(OPERATOR_YAML)"
 	rm "$(OPERATOR_YAML).bak"
 
-minikube-operator-yaml: IMG:=localhost:5000/$(IMG)
 minikube-operator-yaml: operator-yaml
 	sed -i.bak 's/\(replicas.\) 3/\1 1/g' "$(OPERATOR_YAML)"
 	rm "$(OPERATOR_YAML).bak"
@@ -144,8 +145,8 @@ CONTROLLER_GEN ?= $(LOCALBIN)/controller-gen
 ENVTEST ?= $(LOCALBIN)/setup-envtest
  
 ## Tool Versions
-KUSTOMIZE_VERSION ?= v5.3.0
-CONTROLLER_TOOLS_VERSION ?= v0.16.5
+KUSTOMIZE_VERSION ?= v5.7.1
+CONTROLLER_TOOLS_VERSION ?= v0.17
  
 KUSTOMIZE_INSTALL_SCRIPT ?= "https://raw.githubusercontent.com/kubernetes-sigs/kustomize/master/hack/install_kustomize.sh"
 .PHONY: kustomize
@@ -173,11 +174,11 @@ bundle: manifests kustomize ## Generate bundle manifests and metadata, then vali
  
 .PHONY: bundle-build
 bundle-build: ## Build the bundle image.
-	docker build -f bundle.Dockerfile -t $(BUNDLE_IMG) .
+	$(DOCKER) build -f bundle.Dockerfile -t $(BUNDLE_IMG) .
  
 .PHONY: bundle-push
 bundle-push: ## Push the bundle image.
-	$(MAKE) docker-push IMG=$(BUNDLE_IMG)
+	$(MAKE) image-push IMG=$(BUNDLE_IMG)
  
 .PHONY: opm
 OPM = ./bin/opm
@@ -218,4 +219,4 @@ catalog-build: opm ## Build a catalog image.
 # Push the catalog image.
 .PHONY: catalog-push
 catalog-push: ## Push a catalog image.
-	$(MAKE) docker-push IMG=$(CATALOG_IMG)
+	$(MAKE) image-push IMG=$(CATALOG_IMG)
diff --git a/PROJECT b/PROJECT
index 97e9409c..6d4826f8 100644
--- a/PROJECT
+++ b/PROJECT
@@ -4,7 +4,7 @@
 # More info: https://book.kubebuilder.io/reference/project-config.html
 domain: oracle.com
 layout:
-- go.kubebuilder.io/v2
+- go.kubebuilder.io/v4
 multigroup: true
 plugins:
   manifests.sdk.operatorframework.io/v2: {}
@@ -259,4 +259,30 @@ resources:
   webhooks:
     conversion: true
     webhookVersion: v1beta1
+- api:
+    crdVersion: v1
+    namespaced: true
+  controller: true
+  domain: oracle.com
+  group: omlai
+  kind: PrivateAi
+  path: github.com/oracle/oracle-database-operator/api/omlai/v4
+  version: v4
+  webhooks:
+    defaulting: true
+    validation: true
+    webhookVersion: v1
+- api:
+    crdVersion: v1
+    namespaced: true
+  controller: true
+  domain: oracle.com
+  group: database
+  kind: OracleRestart
+  path: github.com/oracle/oracle-database-operator/api/database/v4
+  version: v4
+  webhooks:
+    defaulting: true
+    validation: true
+    webhookVersion: v1
 version: "3"
diff --git a/README.md b/README.md
index 936ae23a..da6a179e 100644
--- a/README.md
+++ b/README.md
@@ -4,79 +4,117 @@
 
 As part of Oracle's resolution to make Oracle Database Kubernetes native (that is, observable and operable by Kubernetes), Oracle released the  _Oracle Database Operator for Kubernetes_ (`OraOperator` or the operator). OraOperator extends the Kubernetes API with custom resources and controllers for automating the management of the Oracle Database lifecycle.
 
-##  Supported Database Configurations in V1.2.0
-In this v1.2.0 production release, `OraOperator` supports the following database configurations, and controllers:
-
-* Oracle Autonomous Database:
+## What's New in v2.0.0
+
+* **RedHat OpenShift Certification**
+  * Validation of OraOperator and Controllers
+  * Inclusion in RedHat Operators Catalog
+* **Restart Controller**
+  * Provision, add & delete asm disks, and more
+* **ORDS Service**
+  * ServiceAccount and OpenShift support
+  * Auto download of APEX installation files and APEX image on a Persistent Volume
+* **Integrations**
+  * Private Cloud Appliance (PCA)
+  * Compute Cloud@Customer (C3)
+* **Bug fixes**
+  * Bugs filed through Oracle Support
+  * GitHub issues
+ 
+
+## Supported Database Configurations v2.0.0
+In this v2.0 production release, `OraOperator` supports the following database configurations and controllers:
+
+* **Oracle Autonomous Database:**
   * Oracle Autonomous Database shared Oracle Cloud Infrastructure (OCI) (ADB-S)
   * Oracle Autonomous Database on dedicated Cloud infrastructure (ADB-D)
-  * Oracle Autonomous Container Database (ACD), the infrastructure for provisioning Autonomous Databases.
-* Containerized Single Instance databases (SIDB) deployed in the Oracle Kubernetes Engine (OKE) and any k8s where OraOperator is deployed
-* Containerized Oracle Globally Distributed Databases(GDD) deployed in OKE and any k8s where OraOperator is deployed
-* Oracle Multitenant Databases (CDB/PDBs)
-* Oracle Base Database Service (OBDS) on Oracle Cloud Infrastructure (OCI)
-* Oracle Data Guard
-* Oracle Database Observability
-* Oracle Database Rest Service (ORDS) instances
-
-## New Lifecycle Features in V1.2.0 Release (Controllers Enhancements)
-* ORDSSERVICES
+  * Oracle Autonomous Container Database (ACD), the infrastructure for provisioning Autonomous Databases
+* **Containerized Single Instance databases (SIDB)** deployed in the Oracle Kubernetes Engine (OKE) and any Kubernetes where OraOperator is deployed
+* **Containerized Oracle Globally Distributed Databases (GDD)** deployed in OKE and any Kubernetes where OraOperator is deployed
+* **Oracle Multitenant Databases (CDB/PDBs)**
+* **Oracle Base Database Service (OBDS)** on Oracle Cloud Infrastructure (OCI)
+* **Oracle Data Guard**
+* **Oracle Database Observability**
+* **Oracle Database Rest Service (ORDS) instances**
+* **Oracle Restart**
+* **Oracle Globally Distributed Database**
+
+---
+
+## Lifecycle Features (Controllers Enhancements)
+* **ORDS Services**
   - Install on SIDB and ADB
-  - Provision and Delete ORDS instances
-* SIDB
+  - Provision and delete ORDS instances
+* **SIDB**
   - Oracle Database 23ai Free support
   - Oracle Database 23ai Free-lite support
   - SIDB resource management
   - True Cache support for Free SIDB databases (Preview)
   - Observer for FastStartFailover with Data Guard
   - Snapshot Standby support in Data Guard setup
-* Globally Distributed Database : Support for Oracle Database 23ai Raft replication
-* Autonomous Database: support for Database cloning
-* Multitenant DB:
-  - ORDS-based Controller:  assertive deletion policy.
-  - New LRES based Controller  (ARM & AM)
+* **Globally Distributed Database**
+  - Support for Oracle Database 23ai Raft replication
+  - Oracle Database 23ai Free support
+* **Autonomous Database**
+  - Support for Database manual failover and switchover
+* **Multitenant DB**
+  - ORDS-based Controller: Assertive deletion policy
+  - New LRES-based Controller (ARM & AM)
     - PDBs settings with init parameters config map
-    - Assertive deletion policy.
-* Database Observability (preview)
-  - Support for Database Logs (in addition to Metrics)
+    - Assertive deletion policy
+* **Database Observability **
+  - Support for Database Logs and Metrics
   - Support for the latest Exporter container images
-  - Bug Fix: Prometheus label config
-* Oracle Base Database Service: support for Oracle Database 23ai Cloning, using KMS Vaults, PDB creation.
-
-## New Product Features
-*The Operator itself, as a product, brings the following new features:
-* Published on `operatorhub.io`
+ 
+* **Oracle Base Database Service**
+  - Support for Oracle Database 23ai Cloning, using KMS Vaults
+  - PDB creation
+  - Clone, Backup, Restore
+  - Data Guard Setup
+  - Patching and Upgrade
+* **Oracle Restart**
+  - Support for Oracle Database 19c
+
+---
+
+## Product Features
+* Upgraded Kubernetes API version to v4
+* Published on `operatorhub.io`
 * Operator Lifecycle Manager (OLM) support (install from `operatorhub.io`)
-* Validated on Google Kubernetes Engine
+* OpenShift certified
 
-## Overall Features Summary
+---
 
-This release of Oracle Database Operator for Kubernetes (the operator) supports the following lifecycle operations:
+## Overall Features Summary
+As of v2.0.0, the Oracle Database Operator for Kubernetes (`OraOperator`) supports the following lifecycle operations:
 
-* ADB-S/ADB-D: Provision, bind, start, stop, terminate (soft/hard), scale (up/down), long-term backup, manual restore, cloning.
-* ACD: Provision, bind, restart, terminate (soft/hard)
-* SIDB: Provision, clone, patch (in-place/out-of-place), update database initialization parameters, update database configuration (Flashback, archiving), Oracle Enterprise Manager (EM) Express (basic console), Oracle REST Data Service (ORDS) to support REST based SQL, PDB management, SQL Developer Web, Application Express (Apex), Resource management, True Cache, Observer for FastStartFailover (Data Guard), and Snapshot Standby (Data Guard)
-* ORDS Services: Provision and delete ORDS instances
-* Globally Distrib. (Sharded): Provision/deploy sharded databases and the shard topology, Add a new shard, Delete an existing shard, Raft replication.
-* Oracle Multitenant Database (choice of controller): Bind to a CDB, Create a  PDB, Plug a  PDB, Unplug a PDB, Delete a PDB, Clone a PDB, Open/Close a PDB, Assertive deletion policy
-* Oracle Base Database Service (OBDS): Provision, bind, scale shape Up/Down, Scale Storage Up, Terminate and Update License, Cloning, PDB creation, using KMS Vaults on Oracle Cloud Infrastructure (OCI)
-* Oracle Data Guard: Provision a Standby for the SIDB resource, Create a Data Guard Configuration, Perform a Switchover, Patch Primary and Standby databases in Data Guard Configuration
-* Oracle Database Observability: create, patch, delete `databaseObserver` resources (Logs and Metrics)
-* Watch over a set of namespaces or all the namespaces in the cluster using the `WATCH_NAMESPACE` environment variable of the operator deployment
+* **ADB-S/ADB-D**: Provision, bind, start, stop, terminate (soft/hard), scale (up/down), long-term backup, manual restore, cloning, manual failover, switchover
+* **ACD**: Provision, bind, restart, terminate (soft/hard)
+* **SIDB**: Provision, clone, patch (in-place/out-of-place), update database initialization parameters, update database configuration (Flashback, archiving), Oracle Enterprise Manager (EM) Express (basic console), Oracle REST Data Service (ORDS), PDB management, SQL Developer Web, Application Express (Apex), Resource management, True Cache, Observer for FastStartFailover (Data Guard), Snapshot Standby (Data Guard)
+* **ORDS Services**: Provision and delete ORDS instances
+* **Globally Distributed (Sharded)**: Provision/deploy sharded databases and topology, add/delete shards, Raft replication
+* **Oracle Multitenant Database**: Bind to a CDB, create/plug/unplug/delete/clone/open/close PDBs, assertive deletion policy
+* **Oracle Base Database Service (OBDS)**: Provision, scale shape/storage, terminate/update license, cloning, PDB creation, using KMS Vaults, backup/restore, Data Guard setup, patching/upgrade
+* **Oracle Data Guard**: Provision standby for SIDB, create Data Guard configuration, perform switchover, patch primary/standby
+* **Oracle Database Observability**: Create, patch, delete `databaseObserver` (logs and metrics)
+* **Oracle Restart**: Provision, add & delete asm disks, enable ons ports, custom storage class support, existing pvc support, load balancer  support
+* Watch namespaces using the `WATCH_NAMESPACE` environment variable
 
 
 ## Release Status
 
-This production release has been installed and tested on the following Kubernetes platforms:
-
-* [Oracle Container Engine for Kubernetes (OKE)](https://www.oracle.com/cloud-native/container-engine-kubernetes/) with Kubernetes 1.24
-* [Oracle Linux Cloud Native Environment(OLCNE)](https://docs.oracle.com/en/operating-systems/olcne/) 1.6
+This production release has been installed and tested on:
+* [Oracle Container Engine for Kubernetes (OKE)](https://www.oracle.com/cloud-native/container-engine-kubernetes/) with Kubernetes 1.30 or later
+* [Redhat Openshift](https://www.redhat.com/en/technologies/cloud-computing/openshift) with version v4.16 or later
+* [Oracle Linux Cloud Native Environment(OLCNE)](https://docs.oracle.com/en/operating-systems/olcne/) 1.9 or later
+* [Google Kubernetes Engine](https://cloud.google.com/kubernetes-engine/docs)
 * [Azure Kubernetes Service](https://azure.microsoft.com/en-us/services/kubernetes-service/)
 * [Amazon Elastic Kubernetes Service](https://aws.amazon.com/eks/)
 * [Google Kubernetes Engine](https://cloud.google.com/kubernetes-engine/docs)
 * [Red Hat OKD](https://www.okd.io/)
 * [Minikube](https://minikube.sigs.k8s.io/docs/) with version v1.29.0
 
+
 ## Prerequisites
 
 Oracle strongly recommends that you ensure your system meets the following [Prerequisites](./PREREQUISITES.md).
@@ -140,26 +178,20 @@ Oracle strongly recommends that you ensure your system meets the following [Prer
   ```sh
     kubectl apply -f rbac/node-rbac.yaml
   ```
-## Installation
-### Install Oracle DB Operator
-
-   After you have completed the preceding prerequisite changes, you can install the operator. To install the operator in the cluster quickly, you can apply the modified `oracle-database-operator.yaml` file from the preceding step.
 
-   Run the following command
+## Install Oracle DB Operator
 
-   ```sh
-   kubectl apply -f oracle-database-operator.yaml
-   ```
+  After you have completed the preceding prerequisite changes, you can install the operator using one of the following methods:
 
-## Install Oracle DB Operator
+### Option 1: Install Using `oracle-database-operator.yaml`
 
-   After you have completed the preceding prerequisite changes, you can install the operator. To install the operator in the cluster quickly, you can apply the modified `oracle-database-operator.yaml` file from the preceding step.
+  To install the operator in the cluster quickly, you can apply the modified `oracle-database-operator.yaml` file from the preceding step.
 
-   Run the following command
+  Run the following command
 
-   ```sh
-   kubectl apply -f oracle-database-operator.yaml
-   ```
+  ```sh
+  kubectl apply -f oracle-database-operator.yaml
+  ```
 
   Ensure that the operator pods are up and running. For high availability, operator pod replicas are set to a default of 3. You can scale this setting up or down.
 
@@ -173,12 +205,20 @@ Oracle strongly recommends that you ensure your system meets the following [Prer
 
   ```
 
-* Check the resources
+### Option 2: Install via OperatorHub.io
+
+  You can also install the Oracle DB Operator from [OperatorHub.io](https://operatorhub.io/operator/oracle-database-operator).
+
+  1. Visit the [Oracle Database Operator](https://operatorhub.io/operator/oracle-database-operator) page on OperatorHub.io.
+
+  2. Click the **Install** button to view and follow the step-by-step installation instructions for your Kubernetes environment.
+
+### Check the resources
 
 You should see that the operator is up and running, along with the shipped controllers.
 
 For more details, see [Oracle Database Operator Installation Instructions](./docs/installation/OPERATOR_INSTALLATION_README.md).
-## Documentation
+
 ## Getting Started with the Operator (Quickstart)
 
 The following quickstarts are designed for specific database configurations:
@@ -190,6 +230,7 @@ The following quickstarts are designed for specific database configurations:
 * [Oracle Multitenant Database](./docs/multitenant/README.md)
 * [Oracle Base Database Service (OBDS)](./docs/dbcs/README.md)
 * [ORDS Services (ORDSSRVS)](./docs/ordsservices/README.md)
+* [Oracle Restart](./docs/oraclerestart/README.md)
 
 
 The following quickstart is designed for non-database configurations:
@@ -229,6 +270,10 @@ YAML file templates are available under [`/config/samples`](./config/samples/).
 
 * ### Delete the Deployment
 
+  #### Option1: Delete `oracle-database-operator.yaml`
+
+  Use this option if you install the operator using `oracle-database-operator.yaml`
+
   After all CRD instances are deleted, it is safe to remove the CRDs, APIServices and operator deployment. To remove these files, use the following command:
 
   ```sh
@@ -237,6 +282,25 @@ YAML file templates are available under [`/config/samples`](./config/samples/).
 
   Note: If the CRD instances are not deleted, and the operator is deleted by using the preceding command, then operator deployment and instance objects (pods, services, PVCs, and so on) are deleted. However, if that happens, then the CRD deletion stops responding. This is because the CRD instances have properties that prevent their deletion, and that can only be removed by the operator pod, which is deleted when the APIServices are deleted.
 
+  #### Option2: Delete the Operator’s ClusterServiceVersion (CSV)
+
+  Use this option if you install the operation from OperatorHub.io.
+
+  First, identify the name of the installed operator’s ClusterServiceVersion (CSV) using the following command:
+
+  ```sh
+  kubectl clusterserviceversion -n operators
+  ```
+
+  Look for a CSV name similar to oracle-database-operator.vx.x.x.
+
+  Once identified, delete the ClusterServiceVersion with the following command (replace the placeholder with the actual CSV name):
+
+  ```sh
+  kubectl delete clusterserviceversion oracle-database-operator.vx.x.x -n operators
+  ```
+
+
 ## Documentation for the supported Oracle Database configurations
 
 * [Oracle Autonomous Database](https://docs.oracle.com/en-us/iaas/Content/Database/Concepts/adboverview.htm)
@@ -245,6 +309,7 @@ YAML file templates are available under [`/config/samples`](./config/samples/).
 * [Oracle Globally Distributed Database](https://docs.oracle.com/en/database/oracle/oracle-database/21/shard/index.html)
 * [Oracle Database Cloud Service](https://docs.oracle.com/en/database/database-cloud-services.html)
 
+
 ## Contributing
 
 This project welcomes contributions from the community. Before submitting a pull request, please [review our contribution guide](./CONTRIBUTING.md)
@@ -270,6 +335,10 @@ The following is an example of a YAML file fragment for specifying Oracle Cloud
 
 Examples in this repository where passwords are entered on the command line are for demonstration purposes only.
 
+### Reporting a Security Issue
+
+See [Reporting security vulnerabilities](./SECURITY.md)
+
 ## License
 
 Copyright (c) 2022, 2025 Oracle and/or its affiliates.
diff --git a/THIRD_PARTY_LICENSES.txt b/THIRD_PARTY_LICENSES.txt
index 14e4308f..d03e4432 100644
--- a/THIRD_PARTY_LICENSES.txt
+++ b/THIRD_PARTY_LICENSES.txt
@@ -1,5 +1,5 @@
 -------------------------------------
-Operator SDK 1.37.0
+Operator SDK 1.40.0
 https://github.com/operator-framework/operator-sdk
 Apache 2.0
 
@@ -208,7 +208,7 @@ Apache License:
    limitations under the License.
 
    ------------------------------
-   GO lang 1.23.3
+   GO lang 1.25.1
    https://github.com/golang
 
 
@@ -241,18 +241,18 @@ THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
 OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 
 -------------------------
-apimachinery 0.31.3
+apimachinery 0.32.2
 https://github.com/kubernetes/apimachinery/tr
 Apache 2.0
 
 -------------------------
-controller-runtime 0.19.3
+controller-runtime 0.21.0
 https://github.com/kubernetes-sigs/controller-runtime/releases/tag/v0.16.3
 Apache 2.0
 
 -------------------------
-golang 1.23.3
-https://github.com/golang/go/releases/tag/go1.21.4
+golang 1.25.1
+https://github.com/golang/go/releases/tag/go1.25.1
 
 BSD 2-clause or 3-clause License:
 
@@ -1006,13 +1006,13 @@ OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
    limitations under the License.
 
 --------------------------
-Logr 1.4.2
+Logr 1.4.3
 https://pkg.go.dev/github.com/go-logr/logr
-https://github.com/go-logr/logr/tree/v1.3.0
+https://github.com/go-logr/logr/tree/v1.4.3
 Apache 2.0 License
 
 -------------------------
-OCI Go SDK 65.77.1
+OCI Go SDK 65.95.0
 https://github.com/oracle/oci-go-sdk/releases/tag/v65.53.0
 
 Dual-License: UPL + Apache 2.0
@@ -1063,7 +1063,7 @@ The Universal Permissive License (UPL), Version 1.0
 
 
 -------------------------
-ginkgo 2.202.
+ginkgo 2.23.4
 https://github.com/onsi/ginkgo/releases/tag/v2.13.1
 MIT
 ------------------------------------
@@ -1073,48 +1073,48 @@ MIT License
 Copyright (c) 2013-2014 Onsi Fakhouri
 
 ----------------------------
-gomega 1.34.2
+gomega 1.37.0
 http://onsi.github.io/gomega/
 MIT
 
 -------------------------
-Kubernetes api 0.31.3
+Kubernetes api 0.33.2
 https://pkg.go.dev/k8s.io/api
 Apache 2.0
 
 ----------------------------------
-Kubernetes apimachinery 0.31.3
+Kubernetes apimachinery 0.32.2
 https://pkg.go.dev/k8s.io/apimachinery
 Apache 2.0
 
 -----------------------------------
-Kubernetes client-go 0.31.3
+Kubernetes client-go 0.33.2
 https://pkg.go.dev/k8s.io/client-go
 Apache 2.0
 
 -------------------------------------
-Kubernetes controller-runtime project 0.19.3
+Kubernetes controller-runtime project 0.21.0
 https://pkg.go.dev/sigs.k8s.io/controller-runtime
 Apache 2.0
 
 ------------------------------------
-kubernetes-sigs/yaml 1.4.0
-https://github.com/kubernetes-sigs/yaml/tree/v1.3.0
+kubernetes-sigs/yaml 1.5.0
+https://github.com/kubernetes-sigs/yaml/tree/v1.5.0
 MIT
 
 -------------------------
-OCI SDK for Go 65.77.1
+OCI SDK for Go 65.95.0
 https://github.com/oracle/oci-go-sdk
 Multiple Licenses: Apache 2.0, UPL
 
 ------------------------------
-Operator Lifecycle Manager (OLM) 0.30.0
+Operator Lifecycle Manager (OLM) 0.32.0
 github.com/operator-framework/operator-lifecycle-manager
 Apache 2.0
 
 
 ------------------------------------
-Prometheus Operator 0.78.2
+Prometheus Operator 0.83.0
 https://github.com/prometheus-operator/prometheus-operator
 Apache 2.0
 
diff --git a/apis/database/v1alpha1/adbfamily_common_spec.go b/apis/database/v1alpha1/adbfamily_common_spec.go
index 74eb9f94..e7a9b8c4 100644
--- a/apis/database/v1alpha1/adbfamily_common_spec.go
+++ b/apis/database/v1alpha1/adbfamily_common_spec.go
@@ -57,11 +57,11 @@ type K8sAdbSpec struct {
 }
 
 type OciAdbSpec struct {
-	Ocid *string `json:"ocid,omitempty"`
+	Id *string `json:"id,omitempty"`
 }
 
 // TargetSpec defines the spec of the target for backup/restore runs.
 type TargetSpec struct {
-	K8sAdb K8sAdbSpec `json:"k8sADB,omitempty"`
-	OciAdb OciAdbSpec `json:"ociADB,omitempty"`
+	K8sAdb K8sAdbSpec `json:"k8sAdb,omitempty"`
+	OciAdb OciAdbSpec `json:"ociAdb,omitempty"`
 }
diff --git a/apis/database/v1alpha1/autonomouscontainerdatabase_webhook.go b/apis/database/v1alpha1/autonomouscontainerdatabase_webhook.go
index 10a16cd1..fc46cfb3 100644
--- a/apis/database/v1alpha1/autonomouscontainerdatabase_webhook.go
+++ b/apis/database/v1alpha1/autonomouscontainerdatabase_webhook.go
@@ -39,6 +39,8 @@
 package v1alpha1
 
 import (
+	"context"
+
 	dbv4 "github.com/oracle/oracle-database-operator/apis/database/v4"
 	apierrors "k8s.io/apimachinery/pkg/api/errors"
 	"k8s.io/apimachinery/pkg/runtime"
@@ -56,39 +58,42 @@ var autonomouscontainerdatabaselog = logf.Log.WithName("autonomouscontainerdatab
 func (r *AutonomousContainerDatabase) SetupWebhookWithManager(mgr ctrl.Manager) error {
 	return ctrl.NewWebhookManagedBy(mgr).
 		For(r).
+		WithValidator(r).
 		Complete()
 }
 
 //+kubebuilder:webhook:verbs=create;update,path=/validate-database-oracle-com-v1alpha1-autonomouscontainerdatabase,mutating=false,failurePolicy=fail,sideEffects=None,groups=database.oracle.com,resources=autonomouscontainerdatabases,versions=v1alpha1,name=vautonomouscontainerdatabasev1alpha1.kb.io,admissionReviewVersions=v1
 
-var _ webhook.Validator = &AutonomousContainerDatabase{}
+var _ webhook.CustomValidator = &AutonomousContainerDatabase{}
 
 // ValidateCreate implements webhook.Validator so a webhook will be registered for the type
-func (r *AutonomousContainerDatabase) ValidateCreate() (admission.Warnings, error) {
-	autonomouscontainerdatabaselog.Info("validate create", "name", r.Name)
+func (r *AutonomousContainerDatabase) ValidateCreate(ctx context.Context, obj runtime.Object) (admission.Warnings, error) {
 	return nil, nil
 }
 
 // ValidateUpdate implements webhook.Validator so a webhook will be registered for the type
-func (r *AutonomousContainerDatabase) ValidateUpdate(old runtime.Object) (admission.Warnings, error) {
-	var allErrs field.ErrorList
-	var oldACD *AutonomousContainerDatabase = old.(*AutonomousContainerDatabase)
+func (r *AutonomousContainerDatabase) ValidateUpdate(ctx context.Context, oldObj, newObj runtime.Object) (admission.Warnings, error) {
+	var (
+		allErrs field.ErrorList
+		oldAcd  *AutonomousContainerDatabase = oldObj.(*AutonomousContainerDatabase)
+		newAcd  *AutonomousContainerDatabase = newObj.(*AutonomousContainerDatabase)
+	)
 
-	autonomouscontainerdatabaselog.Info("validate update", "name", r.Name)
+	autonomouscontainerdatabaselog.Info("validate update", "name", newAcd.Name)
 
 	// skip the update of adding ADB OCID or binding
-	if oldACD.Status.LifecycleState == "" {
+	if oldAcd.Status.LifecycleState == "" {
 		return nil, nil
 	}
 
 	// cannot update when the old state is in intermediate state, except for the terminate operatrion
-	var copiedSpec *AutonomousContainerDatabaseSpec = r.Spec.DeepCopy()
-	changed, err := dbv4.RemoveUnchangedFields(oldACD.Spec, copiedSpec)
+	var copiedSpec *AutonomousContainerDatabaseSpec = newAcd.Spec.DeepCopy()
+	changed, err := dbv4.RemoveUnchangedFields(oldAcd.Spec, copiedSpec)
 	if err != nil {
 		allErrs = append(allErrs,
 			field.Forbidden(field.NewPath("spec"), err.Error()))
 	}
-	if dbv4.IsACDIntermediateState(oldACD.Status.LifecycleState) && changed {
+	if dbv4.IsACDIntermediateState(oldAcd.Status.LifecycleState) && changed {
 		allErrs = append(allErrs,
 			field.Forbidden(field.NewPath("spec"),
 				"cannot change the spec when the lifecycleState is in an intermdeiate state"))
@@ -99,13 +104,10 @@ func (r *AutonomousContainerDatabase) ValidateUpdate(old runtime.Object) (admiss
 	}
 	return nil, apierrors.NewInvalid(
 		schema.GroupKind{Group: "database.oracle.com", Kind: "AutonomousContainerDatabase"},
-		r.Name, allErrs)
+		newAcd.Name, allErrs)
 }
 
 // ValidateDelete implements webhook.Validator so a webhook will be registered for the type
-func (r *AutonomousContainerDatabase) ValidateDelete() (admission.Warnings, error) {
-	autonomouscontainerdatabaselog.Info("validate delete", "name", r.Name)
-
-	// TODO(user): fill in your validation logic upon object deletion.
+func (r *AutonomousContainerDatabase) ValidateDelete(context.Context, runtime.Object) (admission.Warnings, error) {
 	return nil, nil
 }
diff --git a/apis/database/v1alpha1/autonomousdatabase_conversion.go b/apis/database/v1alpha1/autonomousdatabase_conversion.go
index ffccc181..fe3cbc7f 100644
--- a/apis/database/v1alpha1/autonomousdatabase_conversion.go
+++ b/apis/database/v1alpha1/autonomousdatabase_conversion.go
@@ -224,7 +224,7 @@ func (src *AutonomousDatabaseBackup) ConvertTo(dstRaw conversion.Hub) error {
 	dst := dstRaw.(*v4.AutonomousDatabaseBackup)
 
 	dst.Spec.Target.K8sAdb.Name = src.Spec.Target.K8sAdb.Name
-	dst.Spec.Target.OciAdb.OCID = src.Spec.Target.OciAdb.Ocid
+	dst.Spec.Target.OciAdb.Id = src.Spec.Target.OciAdb.Id
 	dst.Spec.DisplayName = src.Spec.DisplayName
 	dst.Spec.AutonomousDatabaseBackupOCID = src.Spec.AutonomousDatabaseBackupOCID
 	dst.Spec.IsLongTermBackup = src.Spec.IsLongTermBackup
@@ -250,7 +250,7 @@ func (dst *AutonomousDatabaseBackup) ConvertFrom(srcRaw conversion.Hub) error {
 	src := srcRaw.(*v4.AutonomousDatabaseBackup)
 
 	dst.Spec.Target.K8sAdb.Name = src.Spec.Target.K8sAdb.Name
-	dst.Spec.Target.OciAdb.Ocid = src.Spec.Target.OciAdb.OCID
+	dst.Spec.Target.OciAdb.Id = src.Spec.Target.OciAdb.Id
 	dst.Spec.DisplayName = src.Spec.DisplayName
 	dst.Spec.AutonomousDatabaseBackupOCID = src.Spec.AutonomousDatabaseBackupOCID
 	dst.Spec.IsLongTermBackup = src.Spec.IsLongTermBackup
@@ -276,7 +276,7 @@ func (src *AutonomousDatabaseRestore) ConvertTo(dstRaw conversion.Hub) error {
 	dst := dstRaw.(*v4.AutonomousDatabaseRestore)
 
 	dst.Spec.Target.K8sAdb.Name = src.Spec.Target.K8sAdb.Name
-	dst.Spec.Target.OciAdb.OCID = src.Spec.Target.OciAdb.Ocid
+	dst.Spec.Target.OciAdb.Id = src.Spec.Target.OciAdb.Id
 	dst.Spec.Source.K8sAdbBackup.Name = src.Spec.Source.K8sAdbBackup.Name
 	dst.Spec.Source.PointInTime.Timestamp = src.Spec.Source.PointInTime.Timestamp
 	dst.Spec.OCIConfig.ConfigMapName = src.Spec.OCIConfig.ConfigMapName
@@ -298,7 +298,7 @@ func (dst *AutonomousDatabaseRestore) ConvertFrom(srcRaw conversion.Hub) error {
 	src := srcRaw.(*v4.AutonomousDatabaseRestore)
 
 	dst.Spec.Target.K8sAdb.Name = src.Spec.Target.K8sAdb.Name
-	dst.Spec.Target.OciAdb.Ocid = src.Spec.Target.OciAdb.OCID
+	dst.Spec.Target.OciAdb.Id = src.Spec.Target.OciAdb.Id
 	dst.Spec.Source.K8sAdbBackup.Name = src.Spec.Source.K8sAdbBackup.Name
 	dst.Spec.Source.PointInTime.Timestamp = src.Spec.Source.PointInTime.Timestamp
 	dst.Spec.OCIConfig.ConfigMapName = src.Spec.OCIConfig.ConfigMapName
diff --git a/apis/database/v1alpha1/autonomousdatabase_types.go b/apis/database/v1alpha1/autonomousdatabase_types.go
index 099703c2..5cb1aa80 100644
--- a/apis/database/v1alpha1/autonomousdatabase_types.go
+++ b/apis/database/v1alpha1/autonomousdatabase_types.go
@@ -49,7 +49,7 @@ import (
 // AutonomousDatabaseSpec defines the desired state of AutonomousDatabase
 // Important: Run "make" to regenerate code after modifying this file
 type AutonomousDatabaseSpec struct {
-	// +kubebuilder:validation:Enum:="";Create;Sync;Update;Stop;Start;Terminate;Clone
+	// +kubebuilder:validation:Enum:="";Create;Sync;Update;Stop;Start;Terminate;Clone;Switchover;Failover
 	Action    string                    `json:"action"`
 	Details   AutonomousDatabaseDetails `json:"details,omitempty"`
 	Clone     AutonomousDatabaseClone   `json:"clone,omitempty"`
@@ -194,7 +194,7 @@ type ConnectionStringSpec struct {
 // +kubebuilder:printcolumn:JSONPath=".spec.details.dbName",name="Db Name",type=string
 // +kubebuilder:printcolumn:JSONPath=".status.lifecycleState",name="State",type=string
 // +kubebuilder:printcolumn:JSONPath=".spec.details.isDedicated",name="Dedicated",type=string
-// +kubebuilder:printcolumn:JSONPath=".spec.details.cpuCoreCount",name="OCPUs",type=integer
+// +kubebuilder:printcolumn:JSONPath=".spec.details.computeCount",name="Compute Count",type=number
 // +kubebuilder:printcolumn:JSONPath=".spec.details.dataStorageSizeInTBs",name="Storage (TB)",type=integer
 // +kubebuilder:printcolumn:JSONPath=".spec.details.dbWorkload",name="Workload Type",type=string
 // +kubebuilder:printcolumn:JSONPath=".status.timeCreated",name="Created",type=string
diff --git a/apis/database/v1alpha1/autonomousdatabase_webhook.go b/apis/database/v1alpha1/autonomousdatabase_webhook.go
index e209ae7a..8ab9b5e8 100644
--- a/apis/database/v1alpha1/autonomousdatabase_webhook.go
+++ b/apis/database/v1alpha1/autonomousdatabase_webhook.go
@@ -39,6 +39,8 @@
 package v1alpha1
 
 import (
+	"context"
+
 	dbcommons "github.com/oracle/oracle-database-operator/commons/database"
 	apierrors "k8s.io/apimachinery/pkg/api/errors"
 	"k8s.io/apimachinery/pkg/runtime"
@@ -56,29 +58,32 @@ var autonomousdatabaselog = logf.Log.WithName("autonomousdatabase-resource")
 func (r *AutonomousDatabase) SetupWebhookWithManager(mgr ctrl.Manager) error {
 	return ctrl.NewWebhookManagedBy(mgr).
 		For(r).
+		WithValidator(&AutonomousDatabase{}).
 		Complete()
 }
 
 //+kubebuilder:webhook:verbs=create;update,path=/validate-database-oracle-com-v1alpha1-autonomousdatabase,mutating=false,failurePolicy=fail,sideEffects=None,groups=database.oracle.com,resources=autonomousdatabases,versions=v1alpha1,name=vautonomousdatabasev1alpha1.kb.io,admissionReviewVersions=v1
 
-var _ webhook.Validator = &AutonomousDatabase{}
+var _ webhook.CustomValidator = &AutonomousDatabase{}
 
 // ValidateCreate implements webhook.Validator so a webhook will be registered for the type
 // ValidateCreate checks if the spec is valid for a provisioning or a binding operation
-func (r *AutonomousDatabase) ValidateCreate() (admission.Warnings, error) {
+func (r *AutonomousDatabase) ValidateCreate(ctx context.Context, obj runtime.Object) (admission.Warnings, error) {
 	var allErrs field.ErrorList
 
-	autonomousdatabaselog.Info("validate create", "name", r.Name)
+	adb := obj.(*AutonomousDatabase)
+
+	autonomousdatabaselog.Info("validate create", "name", adb.Name)
 
 	namespaces := dbcommons.GetWatchNamespaces()
 	_, hasEmptyString := namespaces[""]
 	isClusterScoped := len(namespaces) == 1 && hasEmptyString
 	if !isClusterScoped {
-		_, containsNamespace := namespaces[r.Namespace]
+		_, containsNamespace := namespaces[adb.Namespace]
 		// Check if the allowed namespaces maps contains the required namespace
 		if len(namespaces) != 0 && !containsNamespace {
 			allErrs = append(allErrs,
-				field.Invalid(field.NewPath("metadata").Child("namespace"), r.Namespace,
+				field.Invalid(field.NewPath("metadata").Child("namespace"), adb.Namespace,
 					"Oracle database operator doesn't watch over this namespace"))
 		}
 	}
@@ -88,47 +93,17 @@ func (r *AutonomousDatabase) ValidateCreate() (admission.Warnings, error) {
 	}
 	return nil, apierrors.NewInvalid(
 		schema.GroupKind{Group: "database.oracle.com", Kind: "AutonomousDatabase"},
-		r.Name, allErrs)
+		adb.Name, allErrs)
 }
 
 // ValidateUpdate implements webhook.Validator so a webhook will be registered for the type
-func (r *AutonomousDatabase) ValidateUpdate(old runtime.Object) (admission.Warnings, error) {
-	var allErrs field.ErrorList
-	var oldAdb *AutonomousDatabase = old.(*AutonomousDatabase)
-
-	autonomousdatabaselog.Info("validate update", "name", r.Name)
-
-	// skip the update of adding ADB OCID or binding
-	// if oldAdb.Status.LifecycleState == "" {
-	// 	return nil, nil
-	// }
-
-	// cannot update when the old state is in intermediate, except for the change to the hardLink or the terminate operatrion during valid lifecycleState
-	// var copySpec *AutonomousDatabaseSpec = r.Spec.DeepCopy()
-	// specChanged, err := dbv4.RemoveUnchangedFields(oldAdb.Spec, copySpec)
-	// if err != nil {
-	// 	allErrs = append(allErrs,
-	// 		field.Forbidden(field.NewPath("spec"), err.Error()))
-	// }
-
-	// hardLinkChanged := copySpec.HardLink != nil
+func (r *AutonomousDatabase) ValidateUpdate(ctx context.Context, oldObj, newObj runtime.Object) (admission.Warnings, error) {
+	var (
+		allErrs field.ErrorList
+		newAdb  = newObj.(*AutonomousDatabase)
+	)
 
-	// isTerminateOp := dbv4.CanBeTerminated(oldAdb.Status.LifecycleState) && copySpec.Action == "Terminate"
-
-	// if specChanged && dbv4.IsAdbIntermediateState(oldAdb.Status.LifecycleState) && !isTerminateOp && !hardLinkChanged {
-	// 	allErrs = append(allErrs,
-	// 		field.Forbidden(field.NewPath("spec"),
-	// 			"cannot change the spec when the lifecycleState is in an intermdeiate state"))
-	// }
-
-	// cannot modify autonomousDatabaseOCID
-	if r.Spec.Details.Id != nil &&
-		oldAdb.Spec.Details.Id != nil &&
-		*r.Spec.Details.Id != *oldAdb.Spec.Details.Id {
-		allErrs = append(allErrs,
-			field.Forbidden(field.NewPath("spec").Child("details").Child("autonomousDatabaseOCID"),
-				"autonomousDatabaseOCID cannot be modified"))
-	}
+	autonomousdatabaselog.Info("validate update", "name", newAdb.Name)
 
 	allErrs = validateCommon(r, allErrs)
 
@@ -137,7 +112,7 @@ func (r *AutonomousDatabase) ValidateUpdate(old runtime.Object) (admission.Warni
 	}
 	return nil, apierrors.NewInvalid(
 		schema.GroupKind{Group: "database.oracle.com", Kind: "AutonomousDatabase"},
-		r.Name, allErrs)
+		newAdb.Name, allErrs)
 }
 
 func validateCommon(adb *AutonomousDatabase, allErrs field.ErrorList) field.ErrorList {
@@ -150,7 +125,7 @@ func validateCommon(adb *AutonomousDatabase, allErrs field.ErrorList) field.Erro
 
 	if adb.Spec.Wallet.Password.K8sSecret.Name != nil && adb.Spec.Wallet.Password.OciSecret.Id != nil {
 		allErrs = append(allErrs,
-			field.Forbidden(field.NewPath("spec").Child("details").Child("wallet").Child("password"),
+			field.Forbidden(field.NewPath("spec").Child("wallet").Child("password"),
 				"cannot apply k8sSecret.name and ociSecret.ocid at the same time"))
 	}
 
@@ -158,14 +133,6 @@ func validateCommon(adb *AutonomousDatabase, allErrs field.ErrorList) field.Erro
 }
 
 // ValidateDelete implements webhook.Validator so a webhook will be registered for the type
-func (r *AutonomousDatabase) ValidateDelete() (admission.Warnings, error) {
-	autonomousdatabaselog.Info("validate delete", "name", r.Name)
+func (r *AutonomousDatabase) ValidateDelete(ctx context.Context, obj runtime.Object) (admission.Warnings, error) {
 	return nil, nil
 }
-
-// Returns true if AutonomousContainerDatabaseOCID has value.
-// We don't use Details.IsDedicated because the parameter might be null when it's a provision operation.
-func isDedicated(adb *AutonomousDatabase) bool {
-	return adb.Spec.Details.AutonomousContainerDatabase.K8sAcd.Name != nil ||
-		adb.Spec.Details.AutonomousContainerDatabase.OciAcd.Id != nil
-}
diff --git a/apis/database/v1alpha1/autonomousdatabasebackup_webhook.go b/apis/database/v1alpha1/autonomousdatabasebackup_webhook.go
index ffa9b888..d4291135 100644
--- a/apis/database/v1alpha1/autonomousdatabasebackup_webhook.go
+++ b/apis/database/v1alpha1/autonomousdatabasebackup_webhook.go
@@ -39,6 +39,8 @@
 package v1alpha1
 
 import (
+	"context"
+
 	dbcommons "github.com/oracle/oracle-database-operator/commons/database"
 	apierrors "k8s.io/apimachinery/pkg/api/errors"
 	"k8s.io/apimachinery/pkg/runtime"
@@ -56,25 +58,19 @@ var autonomousdatabasebackuplog = logf.Log.WithName("autonomousdatabasebackup-re
 func (r *AutonomousDatabaseBackup) SetupWebhookWithManager(mgr ctrl.Manager) error {
 	return ctrl.NewWebhookManagedBy(mgr).
 		For(r).
+		WithValidator(r).
 		Complete()
 }
 
-//+kubebuilder:webhook:path=/mutate-database-oracle-com-v1alpha1-autonomousdatabasebackup,mutating=true,failurePolicy=fail,sideEffects=None,groups=database.oracle.com,resources=autonomousdatabasebackups,verbs=create;update,versions=v1alpha1,name=mautonomousdatabasebackupv1alpha1.kb.io,admissionReviewVersions=v1
-
-var _ webhook.Defaulter = &AutonomousDatabaseBackup{}
-
-// Default implements webhook.Defaulter so a webhook will be registered for the type
-func (r *AutonomousDatabaseBackup) Default() {
-	autonomousdatabasebackuplog.Info("default", "name", r.Name)
-}
-
 //+kubebuilder:webhook:verbs=create;update,path=/validate-database-oracle-com-v1alpha1-autonomousdatabasebackup,mutating=false,failurePolicy=fail,sideEffects=None,groups=database.oracle.com,resources=autonomousdatabasebackups,versions=v1alpha1,name=vautonomousdatabasebackupv1alpha1.kb.io,admissionReviewVersions=v1
 
-var _ webhook.Validator = &AutonomousDatabaseBackup{}
+var _ webhook.CustomValidator = &AutonomousDatabaseBackup{}
 
 // ValidateCreate implements webhook.Validator so a webhook will be registered for the type
-func (r *AutonomousDatabaseBackup) ValidateCreate() (admission.Warnings, error) {
-	autonomousdatabasebackuplog.Info("validate create", "name", r.Name)
+func (r *AutonomousDatabaseBackup) ValidateCreate(ctx context.Context, obj runtime.Object) (admission.Warnings, error) {
+	backup := obj.(*AutonomousDatabaseBackup)
+
+	autonomousdatabasebackuplog.Info("validate create", "name", backup.Name)
 
 	var allErrs field.ErrorList
 
@@ -82,61 +78,59 @@ func (r *AutonomousDatabaseBackup) ValidateCreate() (admission.Warnings, error)
 	_, hasEmptyString := namespaces[""]
 	isClusterScoped := len(namespaces) == 1 && hasEmptyString
 	if !isClusterScoped {
-		_, containsNamespace := namespaces[r.Namespace]
+		_, containsNamespace := namespaces[backup.Namespace]
 		// Check if the allowed namespaces maps contains the required namespace
 		if len(namespaces) != 0 && !containsNamespace {
 			allErrs = append(allErrs,
-				field.Invalid(field.NewPath("metadata").Child("namespace"), r.Namespace,
+				field.Invalid(field.NewPath("metadata").Child("namespace"), backup.Namespace,
 					"Oracle database operator doesn't watch over this namespace"))
 		}
 	}
 
-	if r.Spec.Target.K8sAdb.Name == nil && r.Spec.Target.OciAdb.Ocid == nil {
+	if backup.Spec.Target.K8sAdb.Name == nil && backup.Spec.Target.OciAdb.Id == nil {
 		allErrs = append(allErrs,
 			field.Forbidden(field.NewPath("spec").Child("target"), "target ADB is empty"))
 	}
 
-	if r.Spec.Target.K8sAdb.Name != nil && r.Spec.Target.OciAdb.Ocid != nil {
-		allErrs = append(allErrs,
-			field.Forbidden(field.NewPath("spec").Child("target"), "specify either k8sADB or ociADB, but not both"))
-	}
-
 	if len(allErrs) == 0 {
 		return nil, nil
 	}
 	return nil, apierrors.NewInvalid(
 		schema.GroupKind{Group: "database.oracle.com", Kind: "AutonomousDatabaseBackup"},
-		r.Name, allErrs)
+		backup.Name, allErrs)
 }
 
 // ValidateUpdate implements webhook.Validator so a webhook will be registered for the type
-func (r *AutonomousDatabaseBackup) ValidateUpdate(old runtime.Object) (admission.Warnings, error) {
-	autonomousdatabasebackuplog.Info("validate update", "name", r.Name)
+func (r *AutonomousDatabaseBackup) ValidateUpdate(ctx context.Context, oldObj, newObj runtime.Object) (admission.Warnings, error) {
+	var (
+		allErrs   field.ErrorList
+		oldBackup = oldObj.(*AutonomousDatabaseBackup)
+		newBackup = oldObj.(*AutonomousDatabaseBackup)
+	)
 
-	var allErrs field.ErrorList
-	oldBackup := old.(*AutonomousDatabaseBackup)
+	autonomousdatabasebackuplog.Info("validate update", "name", newBackup.Name)
 
-	if oldBackup.Spec.AutonomousDatabaseBackupOCID != nil && r.Spec.AutonomousDatabaseBackupOCID != nil &&
-		*oldBackup.Spec.AutonomousDatabaseBackupOCID != *r.Spec.AutonomousDatabaseBackupOCID {
+	if oldBackup.Spec.AutonomousDatabaseBackupOCID != nil && newBackup.Spec.AutonomousDatabaseBackupOCID != nil &&
+		*oldBackup.Spec.AutonomousDatabaseBackupOCID != *newBackup.Spec.AutonomousDatabaseBackupOCID {
 		allErrs = append(allErrs,
 			field.Forbidden(field.NewPath("spec").Child("autonomousDatabaseBackupOCID"),
 				"cannot assign a new autonomousDatabaseBackupOCID to this backup"))
 	}
 
-	if oldBackup.Spec.Target.K8sAdb.Name != nil && r.Spec.Target.K8sAdb.Name != nil &&
-		*oldBackup.Spec.Target.K8sAdb.Name != *r.Spec.Target.K8sAdb.Name {
+	if oldBackup.Spec.Target.K8sAdb.Name != nil && newBackup.Spec.Target.K8sAdb.Name != nil &&
+		*oldBackup.Spec.Target.K8sAdb.Name != *newBackup.Spec.Target.K8sAdb.Name {
 		allErrs = append(allErrs,
-			field.Forbidden(field.NewPath("spec").Child("target").Child("k8sADB").Child("name"), "cannot assign a new name to the target"))
+			field.Forbidden(field.NewPath("spec").Child("target").Child("k8sAdb").Child("name"), "cannot assign a new name to the target"))
 	}
 
-	if oldBackup.Spec.Target.OciAdb.Ocid != nil && r.Spec.Target.OciAdb.Ocid != nil &&
-		*oldBackup.Spec.Target.OciAdb.Ocid != *r.Spec.Target.OciAdb.Ocid {
+	if oldBackup.Spec.Target.OciAdb.Id != nil && newBackup.Spec.Target.OciAdb.Id != nil &&
+		*oldBackup.Spec.Target.OciAdb.Id != *newBackup.Spec.Target.OciAdb.Id {
 		allErrs = append(allErrs,
-			field.Forbidden(field.NewPath("spec").Child("target").Child("ociADB").Child("ocid"), "cannot assign a new ocid to the target"))
+			field.Forbidden(field.NewPath("spec").Child("target").Child("ociAdb").Child("id"), "cannot assign a new ocid to the target"))
 	}
 
-	if oldBackup.Spec.DisplayName != nil && r.Spec.DisplayName != nil &&
-		*oldBackup.Spec.DisplayName != *r.Spec.DisplayName {
+	if oldBackup.Spec.DisplayName != nil && newBackup.Spec.DisplayName != nil &&
+		*oldBackup.Spec.DisplayName != *newBackup.Spec.DisplayName {
 		allErrs = append(allErrs,
 			field.Forbidden(field.NewPath("spec").Child("displayName"), "cannot assign a new displayName to this backup"))
 	}
@@ -146,13 +140,10 @@ func (r *AutonomousDatabaseBackup) ValidateUpdate(old runtime.Object) (admission
 	}
 	return nil, apierrors.NewInvalid(
 		schema.GroupKind{Group: "database.oracle.com", Kind: "AutonomousDatabaseBackup"},
-		r.Name, allErrs)
+		newBackup.Name, allErrs)
 }
 
 // ValidateDelete implements webhook.Validator so a webhook will be registered for the type
-func (r *AutonomousDatabaseBackup) ValidateDelete() (admission.Warnings, error) {
-	autonomousdatabasebackuplog.Info("validate delete", "name", r.Name)
-
-	// TODO(user): fill in your validation logic upon object deletion.
+func (r *AutonomousDatabaseBackup) ValidateDelete(context.Context, runtime.Object) (admission.Warnings, error) {
 	return nil, nil
 }
diff --git a/apis/database/v1alpha1/autonomousdatabasebackup_webhook_test.go b/apis/database/v1alpha1/autonomousdatabasebackup_webhook_test.go
index 87eb1618..f36b1fff 100644
--- a/apis/database/v1alpha1/autonomousdatabasebackup_webhook_test.go
+++ b/apis/database/v1alpha1/autonomousdatabasebackup_webhook_test.go
@@ -72,20 +72,11 @@ var _ = Describe("test AutonomousDatabaseBackup webhook", func() {
 			}
 		})
 
-		It("Should specify at least one of the k8sADB and ociADB", func() {
+		It("Should specify at least one of the k8sAdb and ociAdb", func() {
 			var errMsg string = "target ADB is empty"
 
 			backup.Spec.Target.K8sAdb.Name = nil
-			backup.Spec.Target.OciAdb.Ocid = nil
-
-			validateInvalidTest(backup, false, errMsg)
-		})
-
-		It("Should specify either k8sADB or ociADB, but not both", func() {
-			var errMsg string = "specify either k8sADB or ociADB, but not both"
-
-			backup.Spec.Target.K8sAdb.Name = common.String("fake-target-adb")
-			backup.Spec.Target.OciAdb.Ocid = common.String("fake.ocid1.autonomousdatabase.oc1...")
+			backup.Spec.Target.OciAdb.Id = nil
 
 			validateInvalidTest(backup, false, errMsg)
 		})
@@ -155,15 +146,15 @@ var _ = Describe("test AutonomousDatabaseBackup webhook", func() {
 			})
 		})
 
-		Context("The bakcup is using target.ociADB.ocid", func() {
+		Context("The bakcup is using target.ociAdb.id", func() {
 			BeforeEach(func() {
-				backup.Spec.Target.OciAdb.Ocid = common.String("fake.ocid1.autonomousdatabase.oc1...")
+				backup.Spec.Target.OciAdb.Id = common.String("fake.ocid1.autonomousdatabase.oc1...")
 			})
 
 			It("Cannot assign a new ocid to the target", func() {
 				var errMsg string = "cannot assign a new ocid to the target"
 
-				backup.Spec.Target.OciAdb.Ocid = common.String("modified.ocid1.autonomousdatabase.oc1...")
+				backup.Spec.Target.OciAdb.Id = common.String("modified.ocid1.autonomousdatabase.oc1...")
 
 				validateInvalidTest(backup, true, errMsg)
 			})
diff --git a/apis/database/v1alpha1/autonomousdatabaserestore_types.go b/apis/database/v1alpha1/autonomousdatabaserestore_types.go
index ef8698b2..74eb2eda 100644
--- a/apis/database/v1alpha1/autonomousdatabaserestore_types.go
+++ b/apis/database/v1alpha1/autonomousdatabaserestore_types.go
@@ -61,7 +61,7 @@ type PitSpec struct {
 }
 
 type SourceSpec struct {
-	K8sAdbBackup K8sAdbBackupSpec `json:"k8sADBBackup,omitempty"`
+	K8sAdbBackup K8sAdbBackupSpec `json:"k8sAdbBackup,omitempty"`
 	PointInTime  PitSpec          `json:"pointInTime,omitempty"`
 }
 
diff --git a/apis/database/v1alpha1/autonomousdatabaserestore_webhook.go b/apis/database/v1alpha1/autonomousdatabaserestore_webhook.go
index dcd57137..e8696045 100644
--- a/apis/database/v1alpha1/autonomousdatabaserestore_webhook.go
+++ b/apis/database/v1alpha1/autonomousdatabaserestore_webhook.go
@@ -39,6 +39,8 @@
 package v1alpha1
 
 import (
+	"context"
+
 	dbv4 "github.com/oracle/oracle-database-operator/apis/database/v4"
 	dbcommons "github.com/oracle/oracle-database-operator/commons/database"
 	apierrors "k8s.io/apimachinery/pkg/api/errors"
@@ -57,59 +59,63 @@ var autonomousdatabaserestorelog = logf.Log.WithName("autonomousdatabaserestore-
 func (r *AutonomousDatabaseRestore) SetupWebhookWithManager(mgr ctrl.Manager) error {
 	return ctrl.NewWebhookManagedBy(mgr).
 		For(r).
+		WithValidator(r).
 		Complete()
 }
 
 //+kubebuilder:webhook:verbs=create;update,path=/validate-database-oracle-com-v1alpha1-autonomousdatabaserestore,mutating=false,failurePolicy=fail,sideEffects=None,groups=database.oracle.com,resources=autonomousdatabaserestores,versions=v1alpha1,name=vautonomousdatabaserestorev1alpha1.kb.io,admissionReviewVersions=v1
 
-var _ webhook.Validator = &AutonomousDatabaseRestore{}
+var _ webhook.CustomValidator = &AutonomousDatabaseRestore{}
 
 // ValidateCreate implements webhook.Validator so a webhook will be registered for the type
-func (r *AutonomousDatabaseRestore) ValidateCreate() (admission.Warnings, error) {
-	autonomousdatabaserestorelog.Info("validate create", "name", r.Name)
+func (r *AutonomousDatabaseRestore) ValidateCreate(ctx context.Context, obj runtime.Object) (admission.Warnings, error) {
+	var (
+		allErrs field.ErrorList
+		restore = obj.(*AutonomousDatabaseRestore)
+	)
 
-	var allErrs field.ErrorList
+	autonomousdatabaserestorelog.Info("validate create", "name", restore.Name)
 
 	namespaces := dbcommons.GetWatchNamespaces()
 	_, hasEmptyString := namespaces[""]
 	isClusterScoped := len(namespaces) == 1 && hasEmptyString
 	if !isClusterScoped {
-		_, containsNamespace := namespaces[r.Namespace]
+		_, containsNamespace := namespaces[restore.Namespace]
 		// Check if the allowed namespaces maps contains the required namespace
 		if len(namespaces) != 0 && !containsNamespace {
 			allErrs = append(allErrs,
-				field.Invalid(field.NewPath("metadata").Child("namespace"), r.Namespace,
+				field.Invalid(field.NewPath("metadata").Child("namespace"), restore.Namespace,
 					"Oracle database operator doesn't watch over this namespace"))
 		}
 	}
 
 	// Validate the target ADB
-	if r.Spec.Target.K8sAdb.Name == nil && r.Spec.Target.OciAdb.Ocid == nil {
+	if restore.Spec.Target.K8sAdb.Name == nil && restore.Spec.Target.OciAdb.Id == nil {
 		allErrs = append(allErrs,
 			field.Forbidden(field.NewPath("spec").Child("target"), "target ADB is empty"))
 	}
 
-	if r.Spec.Target.K8sAdb.Name != nil && r.Spec.Target.OciAdb.Ocid != nil {
+	if restore.Spec.Target.K8sAdb.Name != nil && restore.Spec.Target.OciAdb.Id != nil {
 		allErrs = append(allErrs,
-			field.Forbidden(field.NewPath("spec").Child("target"), "specify either k8sADB.name or ociADB.ocid, but not both"))
+			field.Forbidden(field.NewPath("spec").Child("target"), "specify either k8sAdb.name or ociAdb.id, but not both"))
 	}
 
 	// Validate the restore source
-	if r.Spec.Source.K8sAdbBackup.Name == nil &&
-		r.Spec.Source.PointInTime.Timestamp == nil {
+	if restore.Spec.Source.K8sAdbBackup.Name == nil &&
+		restore.Spec.Source.PointInTime.Timestamp == nil {
 		allErrs = append(allErrs,
 			field.Forbidden(field.NewPath("spec").Child("source"), "retore source is empty"))
 	}
 
-	if r.Spec.Source.K8sAdbBackup.Name != nil &&
-		r.Spec.Source.PointInTime.Timestamp != nil {
+	if restore.Spec.Source.K8sAdbBackup.Name != nil &&
+		restore.Spec.Source.PointInTime.Timestamp != nil {
 		allErrs = append(allErrs,
 			field.Forbidden(field.NewPath("spec").Child("source"), "cannot apply backupName and the PITR parameters at the same time"))
 	}
 
 	// Verify the timestamp format if it's PITR
-	if r.Spec.Source.PointInTime.Timestamp != nil {
-		_, err := dbv4.ParseDisplayTime(*r.Spec.Source.PointInTime.Timestamp)
+	if restore.Spec.Source.PointInTime.Timestamp != nil {
+		_, err := dbv4.ParseDisplayTime(*restore.Spec.Source.PointInTime.Timestamp)
 		if err != nil {
 			allErrs = append(allErrs,
 				field.Forbidden(field.NewPath("spec").Child("source").Child("pointInTime").Child("timestamp"), "invalid timestamp format"))
@@ -121,27 +127,15 @@ func (r *AutonomousDatabaseRestore) ValidateCreate() (admission.Warnings, error)
 	}
 	return nil, apierrors.NewInvalid(
 		schema.GroupKind{Group: "database.oracle.com", Kind: "AutonomousDatabaseRestore"},
-		r.Name, allErrs)
+		restore.Name, allErrs)
 }
 
 // ValidateUpdate implements webhook.Validator so a webhook will be registered for the type
-func (r *AutonomousDatabaseRestore) ValidateUpdate(old runtime.Object) (admission.Warnings, error) {
-	autonomousdatabaserestorelog.Info("validate update", "name", r.Name)
-
-	var allErrs field.ErrorList
-
-	if len(allErrs) == 0 {
-		return nil, nil
-	}
-	return nil, apierrors.NewInvalid(
-		schema.GroupKind{Group: "database.oracle.com", Kind: "AutonomousDatabaseRestore"},
-		r.Name, allErrs)
+func (r *AutonomousDatabaseRestore) ValidateUpdate(ctx context.Context, oldObj, newObj runtime.Object) (admission.Warnings, error) {
+	return nil, nil
 }
 
 // ValidateDelete implements webhook.Validator so a webhook will be registered for the type
-func (r *AutonomousDatabaseRestore) ValidateDelete() (admission.Warnings, error) {
-	autonomousdatabaserestorelog.Info("validate delete", "name", r.Name)
-
-	// TODO(user): fill in your validation logic upon object deletion.
+func (r *AutonomousDatabaseRestore) ValidateDelete(context.Context, runtime.Object) (admission.Warnings, error) {
 	return nil, nil
 }
diff --git a/apis/database/v1alpha1/autonomousdatabaserestore_webhook_test.go b/apis/database/v1alpha1/autonomousdatabaserestore_webhook_test.go
index 0cc9b692..ae10816f 100644
--- a/apis/database/v1alpha1/autonomousdatabaserestore_webhook_test.go
+++ b/apis/database/v1alpha1/autonomousdatabaserestore_webhook_test.go
@@ -68,20 +68,20 @@ var _ = Describe("test AutonomousDatabaseRestore webhook", func() {
 			}
 		})
 
-		It("Should specify at least one of the k8sADB and ociADB", func() {
+		It("Should specify at least one of the k8sAdb and ociAdb", func() {
 			var errMsg string = "target ADB is empty"
 
 			restore.Spec.Target.K8sAdb.Name = nil
-			restore.Spec.Target.OciAdb.Ocid = nil
+			restore.Spec.Target.OciAdb.Id = nil
 
 			validateInvalidTest(restore, false, errMsg)
 		})
 
-		It("Should specify either k8sADB.name or ociADB.ocid, but not both", func() {
-			var errMsg string = "specify either k8sADB.name or ociADB.ocid, but not both"
+		It("Should specify either k8sAdb.name or ociAdb.id, but not both", func() {
+			var errMsg string = "specify either k8sAdb.name or ociAdb.id, but not both"
 
 			restore.Spec.Target.K8sAdb.Name = common.String("fake-target-adb")
-			restore.Spec.Target.OciAdb.Ocid = common.String("fake.ocid1.autonomousdatabase.oc1...")
+			restore.Spec.Target.OciAdb.Id = common.String("fake.ocid1.autonomousdatabase.oc1...")
 
 			validateInvalidTest(restore, false, errMsg)
 		})
diff --git a/apis/database/v1alpha1/cdb_types.go b/apis/database/v1alpha1/cdb_types.go
deleted file mode 100644
index f97df391..00000000
--- a/apis/database/v1alpha1/cdb_types.go
+++ /dev/null
@@ -1,190 +0,0 @@
-/*
-** Copyright (c) 2022 Oracle and/or its affiliates.
-**
-** The Universal Permissive License (UPL), Version 1.0
-**
-** Subject to the condition set forth below, permission is hereby granted to any
-** person obtaining a copy of this software, associated documentation and/or data
-** (collectively the "Software"), free of charge and under any and all copyright
-** rights in the Software, and any and all patent rights owned or freely
-** licensable by each licensor hereunder covering either (i) the unmodified
-** Software as contributed to or provided by such licensor, or (ii) the Larger
-** Works (as defined below), to deal in both
-**
-** (a) the Software, and
-** (b) any piece of software and/or hardware listed in the lrgrwrks.txt file if
-** one is included with the Software (each a "Larger Work" to which the Software
-** is contributed by such licensors),
-**
-** without restriction, including without limitation the rights to copy, create
-** derivative works of, display, perform, and distribute the Software and make,
-** use, sell, offer for sale, import, export, have made, and have sold the
-** Software and the Larger Work(s), and to sublicense the foregoing rights on
-** either these or other terms.
-**
-** This license is subject to the following condition:
-** The above copyright notice and either this complete permission notice or at
-** a minimum a reference to the UPL must be included in all copies or
-** substantial portions of the Software.
-**
-** THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-** IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-** FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-** AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-** LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-** OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
-** SOFTWARE.
- */
-
-package v1alpha1
-
-import (
-	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
-)
-
-// CDBSpec defines the desired state of CDB
-type CDBSpec struct {
-	// INSERT ADDITIONAL SPEC FIELDS - desired state of cluster
-	// Important: Run "make" to regenerate code after modifying this file
-
-	// Name of the CDB
-	CDBName string `json:"cdbName,omitempty"`
-	// Name of the CDB Service
-	ServiceName string `json:"serviceName,omitempty"`
-
-	// Password for the CDB System Administrator
-	SysAdminPwd CDBSysAdminPassword `json:"sysAdminPwd,omitempty"`
-	// User in the root container with sysdba priviledges to manage PDB lifecycle
-	CDBAdminUser CDBAdminUser `json:"cdbAdminUser,omitempty"`
-	// Password for the CDB Administrator to manage PDB lifecycle
-	CDBAdminPwd CDBAdminPassword `json:"cdbAdminPwd,omitempty"`
-
-	CDBTlsKey CDBTLSKEY `json:"cdbTlsKey,omitempty"`
-	CDBTlsCrt CDBTLSCRT `json:"cdbTlsCrt,omitempty"`
-
-	// Password for user ORDS_PUBLIC_USER
-	ORDSPwd ORDSPassword `json:"ordsPwd,omitempty"`
-	// ORDS server port. For now, keep it as 8888. TO BE USED IN FUTURE RELEASE.
-	ORDSPort int `json:"ordsPort,omitempty"`
-	// ORDS Image Name
-	ORDSImage string `json:"ordsImage,omitempty"`
-	// The name of the image pull secret in case of a private docker repository.
-	ORDSImagePullSecret string `json:"ordsImagePullSecret,omitempty"`
-	// ORDS Image Pull Policy
-	// +kubebuilder:validation:Enum=Always;Never
-	ORDSImagePullPolicy string `json:"ordsImagePullPolicy,omitempty"`
-	// Number of ORDS Containers to create
-	Replicas int `json:"replicas,omitempty"`
-	// Web Server User with SQL Administrator role to allow us to authenticate to the PDB Lifecycle Management REST endpoints
-	WebServerUser WebServerUser `json:"webServerUser,omitempty"`
-	// Password for the Web Server User
-	WebServerPwd WebServerPassword `json:"webServerPwd,omitempty"`
-	// Name of the DB server
-	DBServer string `json:"dbServer,omitempty"`
-	// DB server port
-	DBPort int `json:"dbPort,omitempty"`
-	// Node Selector for running the Pod
-	NodeSelector     map[string]string `json:"nodeSelector,omitempty"`
-	DeletePDBCascade bool              `json:"deletePdbCascade,omitempty"`
-	DBTnsurl         string            `json:"dbTnsurl,omitempty"`
-	CDBPubKey        CDBPUBKEY         `json:"cdbOrdsPubKey,omitempty"`
-	CDBPriKey        CDBPRIVKEY        `json:"cdbOrdsPrvKey,omitempty"`
-}
-
-// CDBSecret defines the secretName
-type CDBSecret struct {
-	SecretName string `json:"secretName"`
-	Key        string `json:"key"`
-}
-
-// CDBSysAdminPassword defines the secret containing SysAdmin Password mapped to key 'sysAdminPwd' for CDB
-type CDBSysAdminPassword struct {
-	Secret CDBSecret `json:"secret"`
-}
-
-// CDBAdminUser defines the secret containing CDB Administrator User mapped to key 'cdbAdminUser' to manage PDB lifecycle
-type CDBAdminUser struct {
-	Secret CDBSecret `json:"secret"`
-}
-
-// CDBAdminPassword defines the secret containing CDB Administrator Password mapped to key 'cdbAdminPwd' to manage PDB lifecycle
-type CDBAdminPassword struct {
-	Secret CDBSecret `json:"secret"`
-}
-
-// ORDSPassword defines the secret containing ORDS_PUBLIC_USER Password mapped to key 'ordsPwd'
-type ORDSPassword struct {
-	Secret CDBSecret `json:"secret"`
-}
-
-// WebServerUser defines the secret containing Web Server User mapped to key 'webServerUser' to manage PDB lifecycle
-type WebServerUser struct {
-	Secret CDBSecret `json:"secret"`
-}
-
-// WebServerPassword defines the secret containing password for Web Server User mapped to key 'webServerPwd' to manage PDB lifecycle
-type WebServerPassword struct {
-	Secret CDBSecret `json:"secret"`
-}
-
-type CDBTLSKEY struct {
-	Secret CDBSecret `json:"secret"`
-}
-
-type CDBTLSCRT struct {
-	Secret CDBSecret `json:"secret"`
-}
-
-type CDBPUBKEY struct {
-	Secret CDBSecret `json:"secret"`
-}
-
-type CDBPRIVKEY struct {
-	Secret CDBSecret `json:"secret"`
-}
-
-// CDBStatus defines the observed state of CDB
-type CDBStatus struct {
-	// INSERT ADDITIONAL STATUS FIELD - define observed state of cluster
-	// Important: Run "make" to regenerate code after modifying this file
-
-	// Phase of the CDB Resource
-	Phase string `json:"phase"`
-	// CDB Resource Status
-	Status bool `json:"status"`
-	// Message
-	Msg string `json:"msg,omitempty"`
-}
-
-// +kubebuilder:object:root=true
-// +kubebuilder:subresource:status
-// +kubebuilder:printcolumn:JSONPath=".spec.cdbName",name="CDB Name",type="string",description="Name of the CDB"
-// +kubebuilder:printcolumn:JSONPath=".spec.dbServer",name="DB Server",type="string",description=" Name of the DB Server"
-// +kubebuilder:printcolumn:JSONPath=".spec.dbPort",name="DB Port",type="integer",description="DB server port"
-// +kubebuilder:printcolumn:JSONPath=".spec.replicas",name="Replicas",type="integer",description="Replicas"
-// +kubebuilder:printcolumn:JSONPath=".status.phase",name="Status",type="string",description="Status of the CDB Resource"
-// +kubebuilder:printcolumn:JSONPath=".status.msg",name="Message",type="string",description="Error message, if any"
-// +kubebuilder:printcolumn:JSONPath=".spec.dbTnsurl",name="TNS STRING",type="string",description=" string of the tnsalias"
-// +kubebuilder:resource:path=cdbs,scope=Namespaced
-
-// CDB is the Schema for the cdbs API
-type CDB struct {
-	metav1.TypeMeta   `json:",inline"`
-	metav1.ObjectMeta `json:"metadata,omitempty"`
-
-	Spec   CDBSpec   `json:"spec,omitempty"`
-	Status CDBStatus `json:"status,omitempty"`
-}
-
-//+kubebuilder:object:root=true
-
-// CDBList contains a list of CDB
-type CDBList struct {
-	metav1.TypeMeta `json:",inline"`
-	metav1.ListMeta `json:"metadata,omitempty"`
-	Items           []CDB `json:"items"`
-}
-
-func init() {
-	SchemeBuilder.Register(&CDB{}, &CDBList{})
-}
diff --git a/apis/database/v1alpha1/cdb_webhook.go b/apis/database/v1alpha1/cdb_webhook.go
deleted file mode 100644
index e93e216e..00000000
--- a/apis/database/v1alpha1/cdb_webhook.go
+++ /dev/null
@@ -1,224 +0,0 @@
-/*
-** Copyright (c) 2022 Oracle and/or its affiliates.
-**
-** The Universal Permissive License (UPL), Version 1.0
-**
-** Subject to the condition set forth below, permission is hereby granted to any
-** person obtaining a copy of this software, associated documentation and/or data
-** (collectively the "Software"), free of charge and under any and all copyright
-** rights in the Software, and any and all patent rights owned or freely
-** licensable by each licensor hereunder covering either (i) the unmodified
-** Software as contributed to or provided by such licensor, or (ii) the Larger
-** Works (as defined below), to deal in both
-**
-** (a) the Software, and
-** (b) any piece of software and/or hardware listed in the lrgrwrks.txt file if
-** one is included with the Software (each a "Larger Work" to which the Software
-** is contributed by such licensors),
-**
-** without restriction, including without limitation the rights to copy, create
-** derivative works of, display, perform, and distribute the Software and make,
-** use, sell, offer for sale, import, export, have made, and have sold the
-** Software and the Larger Work(s), and to sublicense the foregoing rights on
-** either these or other terms.
-**
-** This license is subject to the following condition:
-** The above copyright notice and either this complete permission notice or at
-** a minimum a reference to the UPL must be included in all copies or
-** substantial portions of the Software.
-**
-** THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-** IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-** FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-** AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-** LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-** OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
-** SOFTWARE.
- */
-
-package v1alpha1
-
-import (
-	"reflect"
-	"strings"
-
-	apierrors "k8s.io/apimachinery/pkg/api/errors"
-	"k8s.io/apimachinery/pkg/runtime"
-	"k8s.io/apimachinery/pkg/runtime/schema"
-	"k8s.io/apimachinery/pkg/util/validation/field"
-	ctrl "sigs.k8s.io/controller-runtime"
-	logf "sigs.k8s.io/controller-runtime/pkg/log"
-	"sigs.k8s.io/controller-runtime/pkg/webhook"
-	"sigs.k8s.io/controller-runtime/pkg/webhook/admission"
-)
-
-// log is for logging in this package.
-var cdblog = logf.Log.WithName("cdb-webhook")
-
-func (r *CDB) SetupWebhookWithManager(mgr ctrl.Manager) error {
-	return ctrl.NewWebhookManagedBy(mgr).
-		For(r).
-		Complete()
-}
-
-//+kubebuilder:webhook:path=/mutate-database-oracle-com-v4-cdb,mutating=true,failurePolicy=fail,sideEffects=None,groups=database.oracle.com,resources=cdbs,verbs=create;update,versions=v4,name=mcdb.kb.io,admissionReviewVersions={v1,v1beta1}
-
-var _ webhook.Defaulter = &CDB{}
-
-// Default implements webhook.Defaulter so a webhook will be registered for the type
-func (r *CDB) Default() {
-	cdblog.Info("Setting default values in CDB spec for : " + r.Name)
-
-	if r.Spec.ORDSPort == 0 {
-		r.Spec.ORDSPort = 8888
-	}
-
-	if r.Spec.Replicas == 0 {
-		r.Spec.Replicas = 1
-	}
-}
-
-// TODO(user): change verbs to "verbs=create;update;delete" if you want to enable deletion validation.
-//+kubebuilder:webhook:path=/validate-database-oracle-com-v4-cdb,mutating=false,failurePolicy=fail,sideEffects=None,groups=database.oracle.com,resources=cdbs,verbs=create;update,versions=v4,name=vcdb.kb.io,admissionReviewVersions={v1,v1beta1}
-
-var _ webhook.Validator = &CDB{}
-
-// ValidateCreate implements webhook.Validator so a webhook will be registered for the type
-func (r *CDB) ValidateCreate() (admission.Warnings, error) {
-	cdblog.Info("ValidateCreate", "name", r.Name)
-
-	var allErrs field.ErrorList
-
-	if r.Spec.ServiceName == "" && r.Spec.DBServer != "" {
-		allErrs = append(allErrs,
-			field.Required(field.NewPath("spec").Child("serviceName"), "Please specify CDB Service name"))
-	}
-
-	if reflect.ValueOf(r.Spec.CDBTlsKey).IsZero() {
-		allErrs = append(allErrs,
-			field.Required(field.NewPath("spec").Child("cdbTlsKey"), "Please specify CDB Tls key(secret)"))
-	}
-
-	if reflect.ValueOf(r.Spec.CDBTlsCrt).IsZero() {
-		allErrs = append(allErrs,
-			field.Required(field.NewPath("spec").Child("cdbTlsCrt"), "Please specify CDB Tls Certificate(secret)"))
-	}
-
-	if reflect.ValueOf(r.Spec.CDBPriKey).IsZero() {
-		allErrs = append(allErrs,
-			field.Required(field.NewPath("spec").Child("CDBPriKey"), "Please specify CDB CDBPriKey(secret)"))
-	}
-
-	/*if r.Spec.SCANName == "" {
-		allErrs = append(allErrs,
-			field.Required(field.NewPath("spec").Child("scanName"), "Please specify SCAN Name for CDB"))
-	}*/
-
-	if (r.Spec.DBServer == "" && r.Spec.DBTnsurl == "") || (r.Spec.DBServer != "" && r.Spec.DBTnsurl != "") {
-		allErrs = append(allErrs,
-			field.Required(field.NewPath("spec").Child("dbServer"), "Please specify Database Server Name/IP Address or tnsalias string"))
-	}
-
-	if r.Spec.DBTnsurl != "" && (r.Spec.DBServer != "" || r.Spec.DBPort != 0 || r.Spec.ServiceName != "") {
-		allErrs = append(allErrs,
-			field.Required(field.NewPath("spec").Child("dbServer"), "DBtnsurl is orthogonal to (DBServer,DBport,Services)"))
-	}
-
-	if r.Spec.DBPort == 0 && r.Spec.DBServer != "" {
-		allErrs = append(allErrs,
-			field.Required(field.NewPath("spec").Child("dbPort"), "Please specify DB Server Port"))
-	}
-	if r.Spec.DBPort < 0 && r.Spec.DBServer != "" {
-		allErrs = append(allErrs,
-			field.Required(field.NewPath("spec").Child("dbPort"), "Please specify a valid DB Server Port"))
-	}
-	if r.Spec.ORDSPort < 0 {
-		allErrs = append(allErrs,
-			field.Required(field.NewPath("spec").Child("ordsPort"), "Please specify a valid ORDS Port"))
-	}
-	if r.Spec.Replicas < 0 {
-		allErrs = append(allErrs,
-			field.Required(field.NewPath("spec").Child("replicas"), "Please specify a valid value for Replicas"))
-	}
-	if r.Spec.ORDSImage == "" {
-		allErrs = append(allErrs,
-			field.Required(field.NewPath("spec").Child("ordsImage"), "Please specify name of ORDS Image to be used"))
-	}
-	if reflect.ValueOf(r.Spec.CDBAdminUser).IsZero() {
-		allErrs = append(allErrs,
-			field.Required(field.NewPath("spec").Child("cdbAdminUser"), "Please specify user in the root container with sysdba priviledges to manage PDB lifecycle"))
-	}
-	if reflect.ValueOf(r.Spec.CDBAdminPwd).IsZero() {
-		allErrs = append(allErrs,
-			field.Required(field.NewPath("spec").Child("cdbAdminPwd"), "Please specify password for the CDB Administrator to manage PDB lifecycle"))
-	}
-	if reflect.ValueOf(r.Spec.ORDSPwd).IsZero() {
-		allErrs = append(allErrs,
-			field.Required(field.NewPath("spec").Child("ordsPwd"), "Please specify password for user ORDS_PUBLIC_USER"))
-	}
-	if reflect.ValueOf(r.Spec.WebServerUser).IsZero() {
-		allErrs = append(allErrs,
-			field.Required(field.NewPath("spec").Child("webServerUser"), "Please specify the Web Server User having SQL Administrator role"))
-	}
-	if reflect.ValueOf(r.Spec.WebServerPwd).IsZero() {
-		allErrs = append(allErrs,
-			field.Required(field.NewPath("spec").Child("webServerPwd"), "Please specify password for the Web Server User having SQL Administrator role"))
-	}
-	if len(allErrs) == 0 {
-		return nil, nil
-	}
-	return nil, apierrors.NewInvalid(
-		schema.GroupKind{Group: "database.oracle.com", Kind: "CDB"},
-		r.Name, allErrs)
-}
-
-// ValidateUpdate implements webhook.Validator so a webhook will be registered for the type
-func (r *CDB) ValidateUpdate(old runtime.Object) (admission.Warnings, error) {
-	cdblog.Info("validate update", "name", r.Name)
-
-	isCDBMarkedToBeDeleted := r.GetDeletionTimestamp() != nil
-	if isCDBMarkedToBeDeleted {
-		return nil, nil
-	}
-
-	var allErrs field.ErrorList
-
-	// Check for updation errors
-	oldCDB, ok := old.(*CDB)
-	if !ok {
-		return nil, nil
-	}
-
-	if r.Spec.DBPort < 0 {
-		allErrs = append(allErrs,
-			field.Required(field.NewPath("spec").Child("dbPort"), "Please specify a valid DB Server Port"))
-	}
-	if r.Spec.ORDSPort < 0 {
-		allErrs = append(allErrs,
-			field.Required(field.NewPath("spec").Child("ordsPort"), "Please specify a valid ORDS Port"))
-	}
-	if r.Spec.Replicas < 0 {
-		allErrs = append(allErrs,
-			field.Required(field.NewPath("spec").Child("replicas"), "Please specify a valid value for Replicas"))
-	}
-	if !strings.EqualFold(oldCDB.Spec.ServiceName, r.Spec.ServiceName) {
-		allErrs = append(allErrs,
-			field.Forbidden(field.NewPath("spec").Child("replicas"), "cannot be changed"))
-	}
-
-	if len(allErrs) == 0 {
-		return nil, nil
-	}
-
-	return nil, apierrors.NewInvalid(
-		schema.GroupKind{Group: "database.oracle.com", Kind: "CDB"},
-		r.Name, allErrs)
-}
-
-// ValidateDelete implements webhook.Validator so a webhook will be registered for the type
-func (r *CDB) ValidateDelete() (admission.Warnings, error) {
-	cdblog.Info("validate delete", "name", r.Name)
-
-	// TODO(user): fill in your validation logic upon object deletion.
-	return nil, nil
-}
diff --git a/apis/database/v1alpha1/dataguardbroker_webhook.go b/apis/database/v1alpha1/dataguardbroker_webhook.go
index 89a9d3fd..c9cc7bc7 100644
--- a/apis/database/v1alpha1/dataguardbroker_webhook.go
+++ b/apis/database/v1alpha1/dataguardbroker_webhook.go
@@ -39,8 +39,10 @@
 package v1alpha1
 
 import (
+	"context"
 	"strconv"
 	"strings"
+	"fmt"
 
 	dbcommons "github.com/oracle/oracle-database-operator/commons/database"
 	apierrors "k8s.io/apimachinery/pkg/api/errors"
@@ -59,6 +61,8 @@ var dataguardbrokerlog = logf.Log.WithName("dataguardbroker-resource")
 func (r *DataguardBroker) SetupWebhookWithManager(mgr ctrl.Manager) error {
 	return ctrl.NewWebhookManagedBy(mgr).
 		For(r).
+		WithDefaulter(r).
+		WithValidator(r).
 		Complete()
 }
 
@@ -66,52 +70,61 @@ func (r *DataguardBroker) SetupWebhookWithManager(mgr ctrl.Manager) error {
 
 //+kubebuilder:webhook:path=/mutate-database-oracle-com-v1alpha1-dataguardbroker,mutating=true,failurePolicy=fail,sideEffects=None,groups=database.oracle.com,resources=dataguardbrokers,verbs=create;update,versions=v1alpha1,name=mdataguardbroker.kb.io,admissionReviewVersions={v1,v1beta1}
 
-var _ webhook.Defaulter = &DataguardBroker{}
+var _ webhook.CustomDefaulter = &DataguardBroker{}
 
 // Default implements webhook.Defaulter so a webhook will be registered for the type
-func (r *DataguardBroker) Default() {
-	dataguardbrokerlog.Info("default", "name", r.Name)
+func (r *DataguardBroker) Default(ctx context.Context, obj runtime.Object) error {
+	dg, ok := obj.(*DataguardBroker)
+	if !ok {
+		return apierrors.NewInternalError(fmt.Errorf("failed to cast obj object to DataguardBroker"))
+	}
+	dataguardbrokerlog.Info("default", "name", dg.Name)
 
-	if r.Spec.LoadBalancer {
-		if r.Spec.ServiceAnnotations == nil {
-			r.Spec.ServiceAnnotations = make(map[string]string)
+	if dg.Spec.LoadBalancer {
+		if dg.Spec.ServiceAnnotations == nil {
+			dg.Spec.ServiceAnnotations = make(map[string]string)
 		}
 		// Annotations required for a flexible load balancer on oci
-		_, ok := r.Spec.ServiceAnnotations["service.beta.kubernetes.io/oci-load-balancer-shape"]
+		_, ok := dg.Spec.ServiceAnnotations["service.beta.kubernetes.io/oci-load-balancer-shape"]
 		if !ok {
-			r.Spec.ServiceAnnotations["service.beta.kubernetes.io/oci-load-balancer-shape"] = "flexible"
+			dg.Spec.ServiceAnnotations["service.beta.kubernetes.io/oci-load-balancer-shape"] = "flexible"
 		}
-		_, ok = r.Spec.ServiceAnnotations["service.beta.kubernetes.io/oci-load-balancer-shape-flex-min"]
+		_, ok = dg.Spec.ServiceAnnotations["service.beta.kubernetes.io/oci-load-balancer-shape-flex-min"]
 		if !ok {
-			r.Spec.ServiceAnnotations["service.beta.kubernetes.io/oci-load-balancer-shape-flex-min"] = "10"
+			dg.Spec.ServiceAnnotations["service.beta.kubernetes.io/oci-load-balancer-shape-flex-min"] = "10"
 		}
-		_, ok = r.Spec.ServiceAnnotations["service.beta.kubernetes.io/oci-load-balancer-shape-flex-max"]
+		_, ok = dg.Spec.ServiceAnnotations["service.beta.kubernetes.io/oci-load-balancer-shape-flex-max"]
 		if !ok {
-			r.Spec.ServiceAnnotations["service.beta.kubernetes.io/oci-load-balancer-shape-flex-max"] = "100"
+			dg.Spec.ServiceAnnotations["service.beta.kubernetes.io/oci-load-balancer-shape-flex-max"] = "100"
 		}
 	}
 
-	if r.Spec.SetAsPrimaryDatabase != "" {
-		r.Spec.SetAsPrimaryDatabase = strings.ToUpper(r.Spec.SetAsPrimaryDatabase)
+	if dg.Spec.SetAsPrimaryDatabase != "" {
+		dg.Spec.SetAsPrimaryDatabase = strings.ToUpper(dg.Spec.SetAsPrimaryDatabase)
 	}
+
+	return nil
 }
 
 // TODO(user): change verbs to "verbs=create;update;delete" if you want to enable deletion validation.
 //+kubebuilder:webhook:verbs=create;update,path=/validate-database-oracle-com-v1alpha1-dataguardbroker,mutating=false,failurePolicy=fail,sideEffects=None,groups=database.oracle.com,resources=dataguardbrokers,versions=v1alpha1,name=vdataguardbroker.kb.io,admissionReviewVersions={v1,v1beta1}
 
-var _ webhook.Validator = &DataguardBroker{}
+var _ webhook.CustomValidator = &DataguardBroker{}
 
 // ValidateCreate implements webhook.Validator so a webhook will be registered for the type
-func (r *DataguardBroker) ValidateCreate() (admission.Warnings, error) {
-
-	dataguardbrokerlog.Info("validate create", "name", r.Name)
+func (r *DataguardBroker) ValidateCreate(ctx context.Context, obj runtime.Object) (admission.Warnings, error) {
+    dg, ok := obj.(*DataguardBroker)
+	if !ok {
+		return nil, apierrors.NewInternalError(fmt.Errorf("failed to cast obj object to DataguardBroker"))
+	}
+	dataguardbrokerlog.Info("validate create", "name", dg.Name)
 	var allErrs field.ErrorList
 	namespaces := dbcommons.GetWatchNamespaces()
-	_, containsNamespace := namespaces[r.Namespace]
+	_, containsNamespace := namespaces[dg.Namespace]
 	// Check if the allowed namespaces maps contains the required namespace
 	if len(namespaces) != 0 && !containsNamespace {
 		allErrs = append(allErrs,
-			field.Invalid(field.NewPath("metadata").Child("namespace"), r.Namespace,
+			field.Invalid(field.NewPath("metadata").Child("namespace"), dg.Namespace,
 				"Oracle database operator doesn't watch over this namespace"))
 	}
 
@@ -121,46 +134,49 @@ func (r *DataguardBroker) ValidateCreate() (admission.Warnings, error) {
 
 	return nil, apierrors.NewInvalid(
 		schema.GroupKind{Group: "database.oracle.com", Kind: "Dataguard"},
-		r.Name, allErrs)
+		dg.Name, allErrs)
 }
 
 // ValidateUpdate implements webhook.Validator so a webhook will be registered for the type
-func (r *DataguardBroker) ValidateUpdate(old runtime.Object) (admission.Warnings, error) {
-	dataguardbrokerlog.Info("validate update", "name", r.Name)
+func (r *DataguardBroker) ValidateUpdate(ctx context.Context, old, newObj runtime.Object) (admission.Warnings, error) {
+	new, ok := newObj.(*DataguardBroker)
+	if !ok {
+		return nil, apierrors.NewInternalError(fmt.Errorf("failed to cast newObj object to DataguardBroker"))
+	}
 
-	dataguardbrokerlog.Info("validate update", "name", r.Name)
+	dataguardbrokerlog.Info("validate update", "name", new.Name)
 	var allErrs field.ErrorList
 
 	// check creation validations first
-	_, err := r.ValidateCreate()
+	_, err := new.ValidateCreate(ctx, newObj)
 	if err != nil {
 		return nil, err
 	}
 
 	// Validate Deletion
-	if r.GetDeletionTimestamp() != nil {
-		warnings, err := r.ValidateDelete()
+	if new.GetDeletionTimestamp() != nil {
+		warnings, err := new.ValidateDelete(ctx, newObj)
 		if err != nil {
 			return warnings, err
 		}
 	}
 
 	// Now check for updation errors
-	oldObj, ok := old.(*DataguardBroker)
-	if !ok {
-		return nil, nil
+	oldObj, okay := old.(*DataguardBroker)
+	if !okay {
+		return nil, apierrors.NewInternalError(fmt.Errorf("failed to cast old object to DataguardBroker"))
 	}
 
-	if oldObj.Status.ProtectionMode != "" && !strings.EqualFold(r.Spec.ProtectionMode, oldObj.Status.ProtectionMode) {
+	if oldObj.Status.ProtectionMode != "" && !strings.EqualFold(new.Spec.ProtectionMode, oldObj.Status.ProtectionMode) {
 		allErrs = append(allErrs,
 			field.Forbidden(field.NewPath("spec").Child("protectionMode"), "cannot be changed"))
 	}
-	if oldObj.Status.PrimaryDatabaseRef != "" && !strings.EqualFold(oldObj.Status.PrimaryDatabaseRef, r.Spec.PrimaryDatabaseRef) {
+	if oldObj.Status.PrimaryDatabaseRef != "" && !strings.EqualFold(oldObj.Status.PrimaryDatabaseRef, new.Spec.PrimaryDatabaseRef) {
 		allErrs = append(allErrs,
 			field.Forbidden(field.NewPath("spec").Child("primaryDatabaseRef"), "cannot be changed"))
 	}
 	fastStartFailoverStatus, _ := strconv.ParseBool(oldObj.Status.FastStartFailover)
-	if (fastStartFailoverStatus || r.Spec.FastStartFailover) && r.Spec.SetAsPrimaryDatabase != "" {
+	if (fastStartFailoverStatus || new.Spec.FastStartFailover) && new.Spec.SetAsPrimaryDatabase != "" {
 		allErrs = append(allErrs,
 			field.Forbidden(field.NewPath("spec").Child("setAsPrimaryDatabase"), "switchover not supported when fastStartFailover is true"))
 	}
@@ -170,12 +186,12 @@ func (r *DataguardBroker) ValidateUpdate(old runtime.Object) (admission.Warnings
 	}
 	return nil, apierrors.NewInvalid(
 		schema.GroupKind{Group: "database.oracle.com", Kind: "DataguardBroker"},
-		r.Name, allErrs)
+		new.Name, allErrs)
 
 }
 
 // ValidateDelete implements webhook.Validator so a webhook will be registered for the type
-func (r *DataguardBroker) ValidateDelete() (admission.Warnings, error) {
+func (r *DataguardBroker) ValidateDelete(ctx context.Context, obj runtime.Object) (admission.Warnings, error) {
 	dataguardbrokerlog.Info("validate delete", "name", r.Name)
 
 	// TODO(user): fill in your validation logic upon object deletion.
diff --git a/apis/database/v1alpha1/dbcssystem_webhook.go b/apis/database/v1alpha1/dbcssystem_webhook.go
index dc9f8934..0f9fe27c 100644
--- a/apis/database/v1alpha1/dbcssystem_webhook.go
+++ b/apis/database/v1alpha1/dbcssystem_webhook.go
@@ -39,6 +39,8 @@
 package v1alpha1
 
 import (
+	"context"
+
 	"k8s.io/apimachinery/pkg/runtime"
 	ctrl "sigs.k8s.io/controller-runtime"
 	logf "sigs.k8s.io/controller-runtime/pkg/log"
@@ -52,6 +54,8 @@ var dbcssystemlog = logf.Log.WithName("dbcssystem-resource")
 func (r *DbcsSystem) SetupWebhookWithManager(mgr ctrl.Manager) error {
 	return ctrl.NewWebhookManagedBy(mgr).
 		For(r).
+		WithDefaulter(r).
+		WithValidator(r).
 		Complete()
 }
 
@@ -59,22 +63,23 @@ func (r *DbcsSystem) SetupWebhookWithManager(mgr ctrl.Manager) error {
 
 //+kubebuilder:webhook:path=/mutate-database-oracle-com-v4-dbcssystem,mutating=true,failurePolicy=fail,sideEffects=none,groups=database.oracle.com,resources=dbcssystems,verbs=create;update,versions=v4,name=mdbcssystemv1alpha1.kb.io,admissionReviewVersions=v1
 
-var _ webhook.Defaulter = &DbcsSystem{}
+var _ webhook.CustomDefaulter = &DbcsSystem{}
 
 // Default implements webhook.Defaulter so a webhook will be registered for the type
-func (r *DbcsSystem) Default() {
+func (r *DbcsSystem) Default(ctx context.Context, obj runtime.Object) error {
 	dbcssystemlog.Info("default", "name", r.Name)
 
 	// TODO(user): fill in your defaulting logic.
+	return nil
 }
 
 // TODO(user): change verbs to "verbs=create;update;delete" if you want to enable deletion validation.
 
 // +kubebuilder:webhook:verbs=create;update;delete,path=/validate-database-oracle-com-v4-dbcssystem,mutating=false,failurePolicy=fail,sideEffects=None,groups=database.oracle.com,resources=dbcssystems,versions=v4,name=vdbcssystemv1alpha1.kb.io,admissionReviewVersions=v1
-var _ webhook.Validator = &DbcsSystem{}
+var _ webhook.CustomValidator = &DbcsSystem{}
 
 // ValidateCreate implements webhook.Validator so a webhook will be registered for the type
-func (r *DbcsSystem) ValidateCreate() (admission.Warnings, error) {
+func (r *DbcsSystem) ValidateCreate(ctx context.Context, obj runtime.Object) (admission.Warnings, error) {
 	dbcssystemlog.Info("validate create", "name", r.Name)
 
 	// 	// TODO(user): fill in your validation logic upon object creation.
@@ -82,7 +87,7 @@ func (r *DbcsSystem) ValidateCreate() (admission.Warnings, error) {
 }
 
 // // ValidateUpdate implements webhook.Validator so a webhook will be registered for the type
-func (r *DbcsSystem) ValidateUpdate(old runtime.Object) (admission.Warnings, error) {
+func (r *DbcsSystem) ValidateUpdate(ctx context.Context, old, newObj runtime.Object) (admission.Warnings, error) {
 	dbcssystemlog.Info("validate update", "name", r.Name)
 
 	// 	// TODO(user): fill in your validation logic upon object update.
@@ -90,7 +95,7 @@ func (r *DbcsSystem) ValidateUpdate(old runtime.Object) (admission.Warnings, err
 }
 
 // ValidateDelete implements webhook.Validator so a webhook will be registered for the type
-func (r *DbcsSystem) ValidateDelete() (admission.Warnings, error) {
+func (r *DbcsSystem) ValidateDelete(ctx context.Context, obj runtime.Object) (admission.Warnings, error) {
 	dbcssystemlog.Info("validate delete", "name", r.Name)
 
 	// TODO(user): fill in your validation logic upon object deletion.
diff --git a/apis/database/v1alpha1/oraclerestdataservice_webhook.go b/apis/database/v1alpha1/oraclerestdataservice_webhook.go
index c5ecde1c..72dcedea 100644
--- a/apis/database/v1alpha1/oraclerestdataservice_webhook.go
+++ b/apis/database/v1alpha1/oraclerestdataservice_webhook.go
@@ -39,6 +39,9 @@
 package v1alpha1
 
 import (
+	"context"
+	"fmt"
+
 	dbcommons "github.com/oracle/oracle-database-operator/commons/database"
 	apierrors "k8s.io/apimachinery/pkg/api/errors"
 	"k8s.io/apimachinery/pkg/runtime"
@@ -56,6 +59,8 @@ var oraclerestdataservicelog = logf.Log.WithName("oraclerestdataservice-resource
 func (r *OracleRestDataService) SetupWebhookWithManager(mgr ctrl.Manager) error {
 	return ctrl.NewWebhookManagedBy(mgr).
 		For(r).
+		WithDefaulter(r).
+		WithValidator(r).
 		Complete()
 }
 
@@ -63,68 +68,78 @@ func (r *OracleRestDataService) SetupWebhookWithManager(mgr ctrl.Manager) error
 
 //+kubebuilder:webhook:path=/mutate-database-oracle-com-v1alpha1-oraclerestdataservice,mutating=true,failurePolicy=fail,sideEffects=None,groups=database.oracle.com,resources=oraclerestdataservices,verbs=create;update,versions=v1alpha1,name=moraclerestdataservice.kb.io,admissionReviewVersions={v1,v1beta1}
 
-var _ webhook.Defaulter = &OracleRestDataService{}
+var _ webhook.CustomDefaulter = &OracleRestDataService{}
 
 // Default implements webhook.Defaulter so a webhook will be registered for the type
-func (r *OracleRestDataService) Default() {
-	oraclerestdataservicelog.Info("default", "name", r.Name)
+func (r *OracleRestDataService) Default(ctx context.Context, obj runtime.Object) error {
+	ords, ok := obj.(*OracleRestDataService)
+	if !ok {
+		return apierrors.NewInternalError(fmt.Errorf("failed to cast obj object to OracleRestDataService"))
+	}
+	oraclerestdataservicelog.Info("default", "name", ords.Name)
 	// OracleRestDataService Currently supports single replica
-	r.Spec.Replicas = 1
+	ords.Spec.Replicas = 1
 	keepSecret := true
-	if r.Spec.OrdsPassword.KeepSecret == nil {
-		r.Spec.OrdsPassword.KeepSecret = &keepSecret
+	if ords.Spec.OrdsPassword.KeepSecret == nil {
+		ords.Spec.OrdsPassword.KeepSecret = &keepSecret
 	}
-	if r.Spec.AdminPassword.KeepSecret == nil {
-		r.Spec.AdminPassword.KeepSecret = &keepSecret
+	if ords.Spec.AdminPassword.KeepSecret == nil {
+		ords.Spec.AdminPassword.KeepSecret = &keepSecret
 	}
+
+	return nil
 }
 
 // TODO(user): change verbs to "verbs=create;update;delete" if you want to enable deletion validation.
 //+kubebuilder:webhook:verbs=create;update,path=/validate-database-oracle-com-v1alpha1-oraclerestdataservice,mutating=false,failurePolicy=fail,sideEffects=None,groups=database.oracle.com,resources=oraclerestdataservices,versions=v1alpha1,name=voraclerestdataservice.kb.io,admissionReviewVersions={v1,v1beta1}
 
-var _ webhook.Validator = &OracleRestDataService{}
+var _ webhook.CustomValidator = &OracleRestDataService{}
 
 // ValidateCreate implements webhook.Validator so a webhook will be registered for the type
-func (r *OracleRestDataService) ValidateCreate() (admission.Warnings, error) {
-	oraclerestdataservicelog.Info("validate create", "name", r.Name)
+func (r *OracleRestDataService) ValidateCreate(ctx context.Context, obj runtime.Object) (admission.Warnings, error) {
+	ords, ok := obj.(*OracleRestDataService)
+	if !ok {
+		return nil, apierrors.NewInternalError(fmt.Errorf("failed to cast obj object to OracleRestDataService"))
+	}
+	oraclerestdataservicelog.Info("validate create", "name", ords.Name)
 
 	var allErrs field.ErrorList
 
 	namespaces := dbcommons.GetWatchNamespaces()
-	_, containsNamespace := namespaces[r.Namespace]
+	_, containsNamespace := namespaces[ords.Namespace]
 	// Check if the allowed namespaces maps contains the required namespace
 	if len(namespaces) != 0 && !containsNamespace {
 		allErrs = append(allErrs,
-			field.Invalid(field.NewPath("metadata").Child("namespace"), r.Namespace,
+			field.Invalid(field.NewPath("metadata").Child("namespace"), ords.Namespace,
 				"Oracle database operator doesn't watch over this namespace"))
 	}
 
 	// Persistence spec validation
-	if r.Spec.Persistence.Size == "" && (r.Spec.Persistence.AccessMode != "" ||
-		r.Spec.Persistence.StorageClass != "" || r.Spec.Persistence.VolumeName != "") {
+	if ords.Spec.Persistence.Size == "" && (ords.Spec.Persistence.AccessMode != "" ||
+		ords.Spec.Persistence.StorageClass != "" || ords.Spec.Persistence.VolumeName != "") {
 		allErrs = append(allErrs,
-			field.Invalid(field.NewPath("spec").Child("persistence").Child("size"), r.Spec.Persistence,
+			field.Invalid(field.NewPath("spec").Child("persistence").Child("size"), ords.Spec.Persistence,
 				"invalid persistence specification, specify required size"))
 	}
 
-	if r.Spec.Persistence.Size != "" {
-		if r.Spec.Persistence.AccessMode == "" {
+	if ords.Spec.Persistence.Size != "" {
+		if ords.Spec.Persistence.AccessMode == "" {
 			allErrs = append(allErrs,
-				field.Invalid(field.NewPath("spec").Child("persistence").Child("size"), r.Spec.Persistence,
+				field.Invalid(field.NewPath("spec").Child("persistence").Child("size"), ords.Spec.Persistence,
 					"invalid persistence specification, specify accessMode"))
 		}
-		if r.Spec.Persistence.AccessMode != "ReadWriteMany" && r.Spec.Persistence.AccessMode != "ReadWriteOnce" {
+		if ords.Spec.Persistence.AccessMode != "ReadWriteMany" && ords.Spec.Persistence.AccessMode != "ReadWriteOnce" {
 			allErrs = append(allErrs,
 				field.Invalid(field.NewPath("spec").Child("persistence").Child("accessMode"),
-					r.Spec.Persistence.AccessMode, "should be either \"ReadWriteOnce\" or \"ReadWriteMany\""))
+					ords.Spec.Persistence.AccessMode, "should be either \"ReadWriteOnce\" or \"ReadWriteMany\""))
 		}
 	}
 
 	// Validating databaseRef and ORDS kind name not to be same
-	if r.Spec.DatabaseRef == r.Name {
+	if ords.Spec.DatabaseRef == ords.Name {
 		allErrs = append(allErrs,
 			field.Forbidden(field.NewPath("Name"),
-				"cannot be same as DatabaseRef: "+r.Spec.DatabaseRef))
+				"cannot be same as DatabaseRef: "+ords.Spec.DatabaseRef))
 
 	}
 
@@ -133,32 +148,36 @@ func (r *OracleRestDataService) ValidateCreate() (admission.Warnings, error) {
 	}
 	return nil, apierrors.NewInvalid(
 		schema.GroupKind{Group: "database.oracle.com", Kind: "OracleRestDataService"},
-		r.Name, allErrs)
+		ords.Name, allErrs)
 }
 
 // ValidateUpdate implements webhook.Validator so a webhook will be registered for the type
-func (r *OracleRestDataService) ValidateUpdate(oldRuntimeObject runtime.Object) (admission.Warnings, error) {
-	oraclerestdataservicelog.Info("validate update", "name", r.Name)
+func (r *OracleRestDataService) ValidateUpdate(ctx context.Context, oldRuntimeObject, newRuntimeObject runtime.Object) (admission.Warnings, error) {
+	new, ok := newRuntimeObject.(*OracleRestDataService)
+	if !ok {
+		return nil, apierrors.NewInternalError(fmt.Errorf("failed to cast newRuntimeObject object to OracleRestDataService"))
+	}
+	oraclerestdataservicelog.Info("validate update", "name", new.Name)
 
 	var allErrs field.ErrorList
 
 	// check creation validations first
-	warnings, err := r.ValidateCreate()
+	warnings, err := new.ValidateCreate(ctx, newRuntimeObject)
 	if err != nil {
 		return warnings, err
 	}
 
 	// Now check for updation errors
-	old, ok := oldRuntimeObject.(*OracleRestDataService)
-	if !ok {
-		return nil, nil
+	old, okay := oldRuntimeObject.(*OracleRestDataService)
+	if !okay {
+		return nil, apierrors.NewInternalError(fmt.Errorf("failed to cast oldRuntimeObject object to OracleRestDataService"))
 	}
 
-	if old.Status.DatabaseRef != "" && old.Status.DatabaseRef != r.Spec.DatabaseRef {
+	if old.Status.DatabaseRef != "" && old.Status.DatabaseRef != new.Spec.DatabaseRef {
 		allErrs = append(allErrs,
 			field.Forbidden(field.NewPath("spec").Child("databaseRef"), "cannot be changed"))
 	}
-	if old.Status.Image.PullFrom != "" && old.Status.Image != r.Spec.Image {
+	if old.Status.Image.PullFrom != "" && old.Status.Image != new.Spec.Image {
 		allErrs = append(allErrs,
 			field.Forbidden(field.NewPath("spec").Child("image"), "cannot be changed"))
 	}
@@ -168,12 +187,12 @@ func (r *OracleRestDataService) ValidateUpdate(oldRuntimeObject runtime.Object)
 	}
 	return nil, apierrors.NewInvalid(
 		schema.GroupKind{Group: "database.oracle.com", Kind: "OracleRestDataService"},
-		r.Name, allErrs)
+		new.Name, allErrs)
 
 }
 
 // ValidateDelete implements webhook.Validator so a webhook will be registered for the type
-func (r *OracleRestDataService) ValidateDelete() (admission.Warnings, error) {
+func (r *OracleRestDataService) ValidateDelete(ctx context.Context, obj runtime.Object) (admission.Warnings, error) {
 	oraclerestdataservicelog.Info("validate delete", "name", r.Name)
 
 	// TODO(user): fill in your validation logic upon object deletion.
diff --git a/apis/database/v1alpha1/pdb_types.go b/apis/database/v1alpha1/pdb_types.go
deleted file mode 100644
index 8b966c38..00000000
--- a/apis/database/v1alpha1/pdb_types.go
+++ /dev/null
@@ -1,236 +0,0 @@
-/*
-** Copyright (c) 2022 Oracle and/or its affiliates.
-**
-** The Universal Permissive License (UPL), Version 1.0
-**
-** Subject to the condition set forth below, permission is hereby granted to any
-** person obtaining a copy of this software, associated documentation and/or data
-** (collectively the "Software"), free of charge and under any and all copyright
-** rights in the Software, and any and all patent rights owned or freely
-** licensable by each licensor hereunder covering either (i) the unmodified
-** Software as contributed to or provided by such licensor, or (ii) the Larger
-** Works (as defined below), to deal in both
-**
-** (a) the Software, and
-** (b) any piece of software and/or hardware listed in the lrgrwrks.txt file if
-** one is included with the Software (each a "Larger Work" to which the Software
-** is contributed by such licensors),
-**
-** without restriction, including without limitation the rights to copy, create
-** derivative works of, display, perform, and distribute the Software and make,
-** use, sell, offer for sale, import, export, have made, and have sold the
-** Software and the Larger Work(s), and to sublicense the foregoing rights on
-** either these or other terms.
-**
-** This license is subject to the following condition:
-** The above copyright notice and either this complete permission notice or at
-** a minimum a reference to the UPL must be included in all copies or
-** substantial portions of the Software.
-**
-** THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-** IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-** FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-** AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-** LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-** OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
-** SOFTWARE.
- */
-
-package v1alpha1
-
-import (
-	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
-)
-
-// PDBSpec defines the desired state of PDB
-type PDBSpec struct {
-	// INSERT ADDITIONAL SPEC FIELDS - desired state of cluster
-	// Important: Run "make" to regenerate code after modifying this file
-
-	PDBTlsKey PDBTLSKEY `json:"pdbTlsKey,omitempty"`
-	PDBTlsCrt PDBTLSCRT `json:"pdbTlsCrt,omitempty"`
-	PDBTlsCat PDBTLSCAT `json:"pdbTlsCat,omitempty"`
-
-	// CDB Namespace
-	CDBNamespace string `json:"cdbNamespace,omitempty"`
-	// Name of the CDB Custom Resource that runs the ORDS container
-	CDBResName string `json:"cdbResName,omitempty"`
-	// Name of the CDB
-	CDBName string `json:"cdbName,omitempty"`
-	// The name of the new PDB. Relevant for both Create and Plug Actions.
-	PDBName string `json:"pdbName,omitempty"`
-	// Name of the Source PDB from which to clone
-	SrcPDBName string `json:"srcPdbName,omitempty"`
-	// The administrator username for the new PDB. This property is required when the Action property is Create.
-	AdminName PDBAdminName `json:"adminName,omitempty"`
-	// The administrator password for the new PDB. This property is required when the Action property is Create.
-	AdminPwd PDBAdminPassword `json:"adminPwd,omitempty"`
-	// Web Server User with SQL Administrator role to allow us to authenticate to the PDB Lifecycle Management REST endpoints
-	WebServerUsr WebServerUserPDB `json:"webServerUser,omitempty"`
-	// Password for the Web ServerPDB User
-	WebServerPwd WebServerPasswordPDB `json:"webServerPwd,omitempty"`
-	// Relevant for Create and Plug operations. As defined in the  Oracle Multitenant Database documentation. Values can be a filename convert pattern or NONE.
-	FileNameConversions string `json:"fileNameConversions,omitempty"`
-	// This property is required when the Action property is Plug. As defined in the Oracle Multitenant Database documentation. Values can be a source filename convert pattern or NONE.
-	SourceFileNameConversions string `json:"sourceFileNameConversions,omitempty"`
-	// XML metadata filename to be used for Plug or Unplug operations
-	XMLFileName string `json:"xmlFileName,omitempty"`
-	// To copy files or not while cloning a PDB
-	// +kubebuilder:validation:Enum=COPY;NOCOPY;MOVE
-	CopyAction string `json:"copyAction,omitempty"`
-	// Specify if datafiles should be removed or not. The value can be INCLUDING or KEEP (default).
-	// +kubebuilder:validation:Enum=INCLUDING;KEEP
-	DropAction string `json:"dropAction,omitempty"`
-	// A Path specified for sparse clone snapshot copy. (Optional)
-	SparseClonePath string `json:"sparseClonePath,omitempty"`
-	// Whether to reuse temp file
-	ReuseTempFile *bool `json:"reuseTempFile,omitempty"`
-	// Relevant for Create and Plug operations. True for unlimited storage. Even when set to true, totalSize and tempSize MUST be specified in the request if Action is Create.
-	UnlimitedStorage *bool `json:"unlimitedStorage,omitempty"`
-	// Indicate if 'AS CLONE' option should be used in the command to plug in a PDB. This property is applicable when the Action property is PLUG but not required.
-	AsClone *bool `json:"asClone,omitempty"`
-	// Relevant for create and plug operations. Total size as defined in the Oracle Multitenant Database documentation. See size_clause description in Database SQL Language Reference documentation.
-	TotalSize string `json:"totalSize,omitempty"`
-	// Relevant for Create and Clone operations. Total size for temporary tablespace as defined in the Oracle Multitenant Database documentation. See size_clause description in Database SQL Language Reference documentation.
-	TempSize string `json:"tempSize,omitempty"`
-	// TDE import for plug operations
-	TDEImport *bool `json:"tdeImport,omitempty"`
-	// TDE export for unplug operations
-	TDEExport *bool `json:"tdeExport,omitempty"`
-	// TDE password if the tdeImport or tdeExport flag is set to true. Can be used in create, plug or unplug operations
-	TDEPassword TDEPwd `json:"tdePassword,omitempty"`
-	// TDE keystore path is required if the tdeImport or tdeExport flag is set to true. Can be used in plug or unplug operations.
-	TDEKeystorePath string `json:"tdeKeystorePath,omitempty"`
-	// TDE secret is required if the tdeImport or tdeExport flag is set to true. Can be used in plug or unplug operations.
-	TDESecret TDESecret `json:"tdeSecret,omitempty"`
-	// Whether you need the script only or execute the script
-	GetScript *bool `json:"getScript,omitempty"`
-	// Action to be taken: Create/Clone/Plug/Unplug/Delete/Modify/Status/Map. Map is used to map a Databse PDB to a Kubernetes PDB CR.
-	// +kubebuilder:validation:Enum=Create;Clone;Plug;Unplug;Delete;Modify;Status;Map
-	Action string `json:"action"`
-	// Extra options for opening and closing a PDB
-	// +kubebuilder:validation:Enum=IMMEDIATE;NORMAL;READ ONLY;READ WRITE;RESTRICTED
-	ModifyOption string `json:"modifyOption,omitempty"`
-	// The target state of the PDB
-	// +kubebuilder:validation:Enum=OPEN;CLOSE
-	PDBState string `json:"pdbState,omitempty"`
-	// turn on the assertive approach to delete pdb resource
-	// kubectl delete pdb ..... automatically triggers the pluggable database
-	// deletion
-	AssertivePdbDeletion bool       `json:"assertivePdbDeletion,omitempty"`
-	PDBPubKey            PDBPUBKEY  `json:"pdbOrdsPubKey,omitempty"`
-	PDBPriKey            PDBPRIVKEY `json:"pdbOrdsPrvKey,omitempty"`
-}
-
-// PDBAdminName defines the secret containing Sys Admin User mapped to key 'adminName' for PDB
-type PDBAdminName struct {
-	Secret PDBSecret `json:"secret"`
-}
-
-// PDBAdminPassword defines the secret containing Sys Admin Password mapped to key 'adminPwd' for PDB
-type PDBAdminPassword struct {
-	Secret PDBSecret `json:"secret"`
-}
-
-// TDEPwd defines the secret containing TDE Wallet Password mapped to key 'tdePassword' for PDB
-type TDEPwd struct {
-	Secret PDBSecret `json:"secret"`
-}
-
-// TDESecret defines the secret containing TDE Secret to key 'tdeSecret' for PDB
-type TDESecret struct {
-	Secret PDBSecret `json:"secret"`
-}
-
-// WebServerUser defines the secret containing Web Server User mapped to key 'webServerUser' to manage PDB lifecycle
-
-type WebServerUserPDB struct {
-	Secret PDBSecret `json:"secret"`
-}
-
-// WebServerPassword defines the secret containing password for Web Server User mapped to key 'webServerPwd' to manage PDB lifecycle
-type WebServerPasswordPDB struct {
-	Secret PDBSecret `json:"secret"`
-}
-
-// PDBSecret defines the secretName
-type PDBSecret struct {
-	SecretName string `json:"secretName"`
-	Key        string `json:"key"`
-}
-
-type PDBTLSKEY struct {
-	Secret PDBSecret `json:"secret"`
-}
-
-type PDBTLSCRT struct {
-	Secret PDBSecret `json:"secret"`
-}
-
-type PDBTLSCAT struct {
-	Secret PDBSecret `json:"secret"`
-}
-
-// PDBStatus defines the observed state of PDB
-type PDBStatus struct {
-	// INSERT ADDITIONAL STATUS FIELD - define observed state of cluster
-	// Important: Run "make" to regenerate code after modifying this file
-
-	// PDB Connect String
-	ConnString string `json:"connString,omitempty"`
-	// Phase of the PDB Resource
-	Phase string `json:"phase"`
-	// PDB Resource Status
-	Status bool `json:"status"`
-	// Total size of the PDB
-	TotalSize string `json:"totalSize,omitempty"`
-	// Open mode of the PDB
-	OpenMode string `json:"openMode,omitempty"`
-	// Modify Option of the PDB
-	ModifyOption string `json:"modifyOption,omitempty"`
-	// Message
-	Msg string `json:"msg,omitempty"`
-	// Last Completed Action
-	Action string `json:"action,omitempty"`
-}
-
-// +kubebuilder:object:root=true
-// +kubebuilder:subresource:status
-// +kubebuilder:printcolumn:JSONPath=".spec.cdbName",name="CDB Name",type="string",description="Name of the CDB"
-// +kubebuilder:printcolumn:JSONPath=".spec.pdbName",name="PDB Name",type="string",description="Name of the PDB"
-// +kubebuilder:printcolumn:JSONPath=".status.openMode",name="PDB State",type="string",description="PDB Open Mode"
-// +kubebuilder:printcolumn:JSONPath=".status.totalSize",name="PDB Size",type="string",description="Total Size of the PDB"
-// +kubebuilder:printcolumn:JSONPath=".status.phase",name="Status",type="string",description="Status of the PDB Resource"
-// +kubebuilder:printcolumn:JSONPath=".status.msg",name="Message",type="string",description="Error message, if any"
-// +kubebuilder:printcolumn:JSONPath=".status.connString",name="Connect_String",type="string",description="The connect string to be used"
-// +kubebuilder:resource:path=pdbs,scope=Namespaced
-
-// PDB is the Schema for the pdbs API
-type PDB struct {
-	metav1.TypeMeta   `json:",inline"`
-	metav1.ObjectMeta `json:"metadata,omitempty"`
-
-	Spec   PDBSpec   `json:"spec,omitempty"`
-	Status PDBStatus `json:"status,omitempty"`
-}
-
-//+kubebuilder:object:root=true
-
-// PDBList contains a list of PDB
-type PDBList struct {
-	metav1.TypeMeta `json:",inline"`
-	metav1.ListMeta `json:"metadata,omitempty"`
-	Items           []PDB `json:"items"`
-}
-
-type PDBPUBKEY struct {
-	Secret PDBSecret `json:"secret"`
-}
-
-type PDBPRIVKEY struct {
-	Secret PDBSecret `json:"secret"`
-}
-
-func init() {
-	SchemeBuilder.Register(&PDB{}, &PDBList{})
-}
diff --git a/apis/database/v1alpha1/pdb_webhook.go b/apis/database/v1alpha1/pdb_webhook.go
deleted file mode 100644
index 1f115c9b..00000000
--- a/apis/database/v1alpha1/pdb_webhook.go
+++ /dev/null
@@ -1,369 +0,0 @@
-/*
-** Copyright (c) 2022 Oracle and/or its affiliates.
-**
-** The Universal Permissive License (UPL), Version 1.0
-**
-** Subject to the condition set forth below, permission is hereby granted to any
-** person obtaining a copy of this software, associated documentation and/or data
-** (collectively the "Software"), free of charge and under any and all copyright
-** rights in the Software, and any and all patent rights owned or freely
-** licensable by each licensor hereunder covering either (i) the unmodified
-** Software as contributed to or provided by such licensor, or (ii) the Larger
-** Works (as defined below), to deal in both
-**
-** (a) the Software, and
-** (b) any piece of software and/or hardware listed in the lrgrwrks.txt file if
-** one is included with the Software (each a "Larger Work" to which the Software
-** is contributed by such licensors),
-**
-** without restriction, including without limitation the rights to copy, create
-** derivative works of, display, perform, and distribute the Software and make,
-** use, sell, offer for sale, import, export, have made, and have sold the
-** Software and the Larger Work(s), and to sublicense the foregoing rights on
-** either these or other terms.
-**
-** This license is subject to the following condition:
-** The above copyright notice and either this complete permission notice or at
-** a minimum a reference to the UPL must be included in all copies or
-** substantial portions of the Software.
-**
-** THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-** IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-** FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-** AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-** LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-** OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
-** SOFTWARE.
- */
-
-/*    MODIFIED   (MM/DD/YY)
-**    rcitton     07/14/22 - 33822886
- */
-
-package v1alpha1
-
-import (
-	"reflect"
-	"strconv"
-	"strings"
-
-	apierrors "k8s.io/apimachinery/pkg/api/errors"
-	"k8s.io/apimachinery/pkg/runtime"
-	"k8s.io/apimachinery/pkg/runtime/schema"
-	"k8s.io/apimachinery/pkg/util/validation/field"
-	ctrl "sigs.k8s.io/controller-runtime"
-	logf "sigs.k8s.io/controller-runtime/pkg/log"
-	"sigs.k8s.io/controller-runtime/pkg/webhook"
-	"sigs.k8s.io/controller-runtime/pkg/webhook/admission"
-)
-
-// log is for logging in this package.
-var pdblog = logf.Log.WithName("pdb-webhook")
-
-func (r *PDB) SetupWebhookWithManager(mgr ctrl.Manager) error {
-	return ctrl.NewWebhookManagedBy(mgr).
-		For(r).
-		Complete()
-}
-
-//+kubebuilder:webhook:path=/mutate-database-oracle-com-v4-pdb,mutating=true,failurePolicy=fail,sideEffects=None,groups=database.oracle.com,resources=pdbs,verbs=create;update,versions=v4,name=mpdb.kb.io,admissionReviewVersions={v1,v1beta1}
-
-var _ webhook.Defaulter = &PDB{}
-
-// Default implements webhook.Defaulter so a webhook will be registered for the type
-func (r *PDB) Default() {
-	pdblog.Info("Setting default values in PDB spec for : " + r.Name)
-
-	action := strings.ToUpper(r.Spec.Action)
-
-	if action == "DELETE" {
-		if r.Spec.DropAction == "" {
-			r.Spec.DropAction = "INCLUDING"
-			pdblog.Info(" - dropAction : INCLUDING")
-		}
-	} else if action != "MODIFY" && action != "STATUS" {
-		if r.Spec.ReuseTempFile == nil {
-			r.Spec.ReuseTempFile = new(bool)
-			*r.Spec.ReuseTempFile = true
-			pdblog.Info(" - reuseTempFile : " + strconv.FormatBool(*(r.Spec.ReuseTempFile)))
-		}
-		if r.Spec.UnlimitedStorage == nil {
-			r.Spec.UnlimitedStorage = new(bool)
-			*r.Spec.UnlimitedStorage = true
-			pdblog.Info(" - unlimitedStorage : " + strconv.FormatBool(*(r.Spec.UnlimitedStorage)))
-		}
-		if r.Spec.TDEImport == nil {
-			r.Spec.TDEImport = new(bool)
-			*r.Spec.TDEImport = false
-			pdblog.Info(" - tdeImport : " + strconv.FormatBool(*(r.Spec.TDEImport)))
-		}
-		if r.Spec.TDEExport == nil {
-			r.Spec.TDEExport = new(bool)
-			*r.Spec.TDEExport = false
-			pdblog.Info(" - tdeExport : " + strconv.FormatBool(*(r.Spec.TDEExport)))
-		}
-		if r.Spec.AsClone == nil {
-			r.Spec.AsClone = new(bool)
-			*r.Spec.AsClone = false
-			pdblog.Info(" - asClone : " + strconv.FormatBool(*(r.Spec.AsClone)))
-		}
-
-	}
-
-	if r.Spec.GetScript == nil {
-		r.Spec.GetScript = new(bool)
-		*r.Spec.GetScript = false
-		pdblog.Info(" - getScript : " + strconv.FormatBool(*(r.Spec.GetScript)))
-	}
-}
-
-// TODO(user): change verbs to "verbs=create;update;delete" if you want to enable deletion validation.
-//+kubebuilder:webhook:path=/validate-database-oracle-com-v4-pdb,mutating=false,failurePolicy=fail,sideEffects=None,groups=database.oracle.com,resources=pdbs,verbs=create;update,versions=v4,name=vpdb.kb.io,admissionReviewVersions={v1,v1beta1}
-
-var _ webhook.Validator = &PDB{}
-
-// ValidateCreate implements webhook.Validator so a webhook will be registered for the type
-func (r *PDB) ValidateCreate() (admission.Warnings, error) {
-	pdblog.Info("ValidateCreate-Validating PDB spec for : " + r.Name)
-
-	var allErrs field.ErrorList
-
-	r.validateCommon(&allErrs)
-
-	r.validateAction(&allErrs)
-
-	action := strings.ToUpper(r.Spec.Action)
-
-	if len(allErrs) == 0 {
-		pdblog.Info("PDB Resource : " + r.Name + " successfully validated for Action : " + action)
-		return nil, nil
-	}
-	return nil, apierrors.NewInvalid(
-		schema.GroupKind{Group: "database.oracle.com", Kind: "PDB"},
-		r.Name, allErrs)
-}
-
-// Validate Action for required parameters
-func (r *PDB) validateAction(allErrs *field.ErrorList) {
-	action := strings.ToUpper(r.Spec.Action)
-
-	pdblog.Info("Valdiating PDB Resource Action : " + action)
-
-	if reflect.ValueOf(r.Spec.PDBTlsKey).IsZero() {
-		*allErrs = append(*allErrs,
-			field.Required(field.NewPath("spec").Child("pdbTlsKey"), "Please specify PDB Tls Key(secret)"))
-	}
-
-	if reflect.ValueOf(r.Spec.PDBTlsCrt).IsZero() {
-		*allErrs = append(*allErrs,
-			field.Required(field.NewPath("spec").Child("pdbTlsCrt"), "Please specify PDB Tls Certificate(secret)"))
-	}
-
-	if reflect.ValueOf(r.Spec.PDBTlsCat).IsZero() {
-		*allErrs = append(*allErrs,
-			field.Required(field.NewPath("spec").Child("pdbTlsCat"), "Please specify PDB Tls Certificate Authority(secret)"))
-	}
-	if reflect.ValueOf(r.Spec.PDBPriKey).IsZero() {
-		*allErrs = append(*allErrs,
-			field.Required(field.NewPath("spec").Child("pdbOrdsPrvKey"), "Please specify PDB Tls Certificate Authority(secret)"))
-	}
-
-	switch action {
-	case "DELETE":
-		/* BUG 36752336 - LREST OPERATOR - DELETE NON-EXISTENT PDB SHOWS LRPDB CREATED MESSAGE */
-		if r.Status.OpenMode == "READ WRITE" {
-			pdblog.Info("Cannot delete: pdb is open ")
-			*allErrs = append(*allErrs, field.Invalid(field.NewPath("status").Child("OpenMode"), "READ WRITE", "pdb "+r.Spec.PDBName+" "+r.Status.OpenMode))
-		}
-		r.CheckObjExistence("DELETE", allErrs, r)
-	case "CREATE":
-		if reflect.ValueOf(r.Spec.AdminName).IsZero() {
-			*allErrs = append(*allErrs,
-				field.Required(field.NewPath("spec").Child("adminName"), "Please specify PDB System Administrator user"))
-		}
-		if reflect.ValueOf(r.Spec.AdminPwd).IsZero() {
-			*allErrs = append(*allErrs,
-				field.Required(field.NewPath("spec").Child("adminPwd"), "Please specify PDB System Administrator Password"))
-		}
-		if reflect.ValueOf(r.Spec.WebServerUsr).IsZero() {
-			*allErrs = append(*allErrs,
-				field.Required(field.NewPath("spec").Child("WebServerUser"), "Please specify the http webServerUser"))
-		}
-		if reflect.ValueOf(r.Spec.WebServerPwd).IsZero() {
-			*allErrs = append(*allErrs,
-				field.Required(field.NewPath("spec").Child("webServerPwd"), "Please specify the http webserverPassword"))
-		}
-
-		if r.Spec.FileNameConversions == "" {
-			*allErrs = append(*allErrs,
-				field.Required(field.NewPath("spec").Child("fileNameConversions"), "Please specify a value for fileNameConversions. Values can be a filename convert pattern or NONE"))
-		}
-		if r.Spec.TotalSize == "" {
-			*allErrs = append(*allErrs,
-				field.Required(field.NewPath("spec").Child("totalSize"), "When the storage is not UNLIMITED the Total Size must be specified"))
-		}
-		if r.Spec.TempSize == "" {
-			*allErrs = append(*allErrs,
-				field.Required(field.NewPath("spec").Child("tempSize"), "When the storage is not UNLIMITED the Temp Size must be specified"))
-		}
-		if *(r.Spec.TDEImport) {
-			r.validateTDEInfo(allErrs)
-		}
-	case "CLONE":
-		// Sample Err: The PDB "pdb1-clone" is invalid: spec.srcPdbName: Required value: Please specify source PDB for Cloning
-		if r.Spec.SrcPDBName == "" {
-			*allErrs = append(*allErrs,
-				field.Required(field.NewPath("spec").Child("srcPdbName"), "Please specify source PDB name for Cloning"))
-		}
-		if r.Spec.TotalSize == "" {
-			*allErrs = append(*allErrs,
-				field.Required(field.NewPath("spec").Child("totalSize"), "When the storage is not UNLIMITED the Total Size must be specified"))
-		}
-		if r.Spec.TempSize == "" {
-			*allErrs = append(*allErrs,
-				field.Required(field.NewPath("spec").Child("tempSize"), "When the storage is not UNLIMITED the Temp Size must be specified"))
-		}
-		/* We don't need this check as ords open the pdb before cloninig */
-		/*
-			if r.Status.OpenMode == "MOUNTED" {
-				pdblog.Info("Cannot clone: pdb is mount ")
-				*allErrs = append(*allErrs, field.Invalid(field.NewPath("status").Child("OpenMode"), "READ WRITE", "pdb "+r.Spec.PDBName+" "+r.Status.OpenMode))
-			}
-		*/
-	case "PLUG":
-		if r.Spec.XMLFileName == "" {
-			*allErrs = append(*allErrs,
-				field.Required(field.NewPath("spec").Child("xmlFileName"), "Please specify XML metadata filename"))
-		}
-		if r.Spec.FileNameConversions == "" {
-			*allErrs = append(*allErrs,
-				field.Required(field.NewPath("spec").Child("fileNameConversions"), "Please specify a value for fileNameConversions. Values can be a filename convert pattern or NONE"))
-		}
-		if r.Spec.SourceFileNameConversions == "" {
-			*allErrs = append(*allErrs,
-				field.Required(field.NewPath("spec").Child("sourceFileNameConversions"), "Please specify a value for sourceFileNameConversions. Values can be a filename convert pattern or NONE"))
-		}
-		if r.Spec.CopyAction == "" {
-			*allErrs = append(*allErrs,
-				field.Required(field.NewPath("spec").Child("copyAction"), "Please specify a value for copyAction. Values can be COPY, NOCOPY or MOVE"))
-		}
-		if *(r.Spec.TDEImport) {
-			r.validateTDEInfo(allErrs)
-		}
-	case "UNPLUG":
-		if r.Spec.XMLFileName == "" {
-			*allErrs = append(*allErrs,
-				field.Required(field.NewPath("spec").Child("xmlFileName"), "Please specify XML metadata filename"))
-		}
-		if *(r.Spec.TDEExport) {
-			r.validateTDEInfo(allErrs)
-		}
-		if r.Status.OpenMode == "READ WRITE" {
-			pdblog.Info("Cannot unplug: pdb is open ")
-			*allErrs = append(*allErrs, field.Invalid(field.NewPath("status").Child("OpenMode"), "READ WRITE", "pdb "+r.Spec.PDBName+" "+r.Status.OpenMode))
-		}
-		r.CheckObjExistence("UNPLUG", allErrs, r)
-	case "MODIFY":
-		if r.Spec.PDBState == "" {
-			*allErrs = append(*allErrs,
-				field.Required(field.NewPath("spec").Child("pdbState"), "Please specify target state of PDB"))
-		}
-		if r.Spec.ModifyOption == "" {
-			*allErrs = append(*allErrs,
-				field.Required(field.NewPath("spec").Child("modifyOption"), "Please specify an option for opening/closing a PDB"))
-		}
-		r.CheckObjExistence("MODIY", allErrs, r)
-	}
-}
-
-// ValidateUpdate implements webhook.Validator so a webhook will be registered for the type
-func (r *PDB) ValidateUpdate(old runtime.Object) (admission.Warnings, error) {
-	pdblog.Info("ValidateUpdate-Validating PDB spec for : " + r.Name)
-
-	isPDBMarkedToBeDeleted := r.GetDeletionTimestamp() != nil
-	if isPDBMarkedToBeDeleted {
-		return nil, nil
-	}
-
-	var allErrs field.ErrorList
-	action := strings.ToUpper(r.Spec.Action)
-
-	// If PDB CR has been created and in Ready state, only allow updates if the "action" value has changed as well
-	if (r.Status.Phase == "Ready") && (r.Status.Action != "MODIFY") && (r.Status.Action != "STATUS") && (r.Status.Action == action) {
-		allErrs = append(allErrs,
-			field.Required(field.NewPath("spec").Child("action"), "New action also needs to be specified after PDB is in Ready state"))
-	} else {
-
-		// Check Common Validations
-		r.validateCommon(&allErrs)
-
-		// Validate required parameters for Action specified
-		r.validateAction(&allErrs)
-
-		// Check TDE requirements
-		if (action != "DELETE") && (action != "MODIFY") && (action != "STATUS") && (*(r.Spec.TDEImport) || *(r.Spec.TDEExport)) {
-			r.validateTDEInfo(&allErrs)
-		}
-	}
-
-	if len(allErrs) == 0 {
-		return nil, nil
-	}
-	return nil, apierrors.NewInvalid(
-		schema.GroupKind{Group: "database.oracle.com", Kind: "PDB"},
-		r.Name, allErrs)
-}
-
-// ValidateDelete implements webhook.Validator so a webhook will be registered for the type
-func (r *PDB) ValidateDelete() (admission.Warnings, error) {
-	pdblog.Info("ValidateDelete-Validating PDB spec for : " + r.Name)
-
-	// TODO(user): fill in your validation logic upon object deletion.
-	return nil, nil
-}
-
-// Validate common specs needed for all PDB Actions
-func (r *PDB) validateCommon(allErrs *field.ErrorList) {
-	pdblog.Info("validateCommon", "name", r.Name)
-
-	if r.Spec.Action == "" {
-		*allErrs = append(*allErrs,
-			field.Required(field.NewPath("spec").Child("action"), "Please specify PDB operation to be performed"))
-	}
-	if r.Spec.CDBResName == "" {
-		*allErrs = append(*allErrs,
-			field.Required(field.NewPath("spec").Child("cdbResName"), "Please specify the name of the CDB Kubernetes resource to use for PDB operations"))
-	}
-	if r.Spec.PDBName == "" {
-		*allErrs = append(*allErrs,
-			field.Required(field.NewPath("spec").Child("pdbName"), "Please specify name of the PDB to be created"))
-	}
-}
-
-// Validate TDE information for Create, Plug and Unplug Actions
-func (r *PDB) validateTDEInfo(allErrs *field.ErrorList) {
-	pdblog.Info("validateTDEInfo", "name", r.Name)
-
-	if reflect.ValueOf(r.Spec.TDEPassword).IsZero() {
-		*allErrs = append(*allErrs,
-			field.Required(field.NewPath("spec").Child("tdePassword"), "Please specify a value for tdePassword."))
-	}
-	if r.Spec.TDEKeystorePath == "" {
-		*allErrs = append(*allErrs,
-			field.Required(field.NewPath("spec").Child("tdeKeystorePath"), "Please specify a value for tdeKeystorePath."))
-	}
-	if reflect.ValueOf(r.Spec.TDESecret).IsZero() {
-		*allErrs = append(*allErrs,
-			field.Required(field.NewPath("spec").Child("tdeSecret"), "Please specify a value for tdeSecret."))
-	}
-
-}
-
-func (r *PDB) CheckObjExistence(action string, allErrs *field.ErrorList, pdb *PDB) {
-	/* BUG 36752465 - lrest operator - open non-existent pdb creates a lrpdb with status failed */
-	pdblog.Info("Action [" + action + "] checkin " + pdb.Spec.PDBName + " existence")
-	if pdb.Status.OpenMode == "" {
-		*allErrs = append(*allErrs, field.NotFound(field.NewPath("Spec").Child("PDBName"), " "+pdb.Spec.PDBName+" does not exist : action "+action+" failure"))
-
-	}
-}
diff --git a/apis/database/v1alpha1/shardingdatabase_webhook.go b/apis/database/v1alpha1/shardingdatabase_webhook.go
index 4e7ea2e7..f5f25ecc 100644
--- a/apis/database/v1alpha1/shardingdatabase_webhook.go
+++ b/apis/database/v1alpha1/shardingdatabase_webhook.go
@@ -39,16 +39,9 @@
 package v1alpha1
 
 import (
-	"strings"
 
-	apierrors "k8s.io/apimachinery/pkg/api/errors"
-	"k8s.io/apimachinery/pkg/runtime"
-	"k8s.io/apimachinery/pkg/runtime/schema"
-	"k8s.io/apimachinery/pkg/util/validation/field"
 	ctrl "sigs.k8s.io/controller-runtime"
 	logf "sigs.k8s.io/controller-runtime/pkg/log"
-	"sigs.k8s.io/controller-runtime/pkg/webhook"
-	"sigs.k8s.io/controller-runtime/pkg/webhook/admission"
 )
 
 // log is for logging in this package.
@@ -59,256 +52,3 @@ func (r *ShardingDatabase) SetupWebhookWithManager(mgr ctrl.Manager) error {
 		For(r).
 		Complete()
 }
-
-// EDIT THIS FILE!  THIS IS SCAFFOLDING FOR YOU TO OWN!
-
-//+kubebuilder:webhook:path=/mutate-database-oracle-com-v1alpha1-shardingdatabase,mutating=true,failurePolicy=fail,sideEffects=none,groups=database.oracle.com,resources=shardingdatabases,verbs=create;update,versions=v1alpha1,name=mshardingdatabasev1alpha1.kb.io,admissionReviewVersions=v1
-
-var _ webhook.Defaulter = &ShardingDatabase{}
-
-// Default implements webhook.Defaulter so a webhook will be registered for the type
-func (r *ShardingDatabase) Default() {
-	shardingdatabaselog.Info("default", "name", r.Name)
-
-	// TODO(user): fill in your defaulting logic.
-	if r.Spec.GsmDevMode != "" {
-		r.Spec.GsmDevMode = "dev"
-	}
-
-	if r.Spec.IsTdeWallet == "" {
-		r.Spec.IsTdeWallet = "disable"
-	}
-	for pindex := range r.Spec.Shard {
-		if strings.ToLower(r.Spec.Shard[pindex].IsDelete) == "" {
-			r.Spec.Shard[pindex].IsDelete = "disable"
-		}
-	}
-
-}
-
-// TODO(user): change verbs to "verbs=create;update;delete" if you want to enable deletion validation.
-//+kubebuilder:webhook:verbs=create;update;delete,path=/validate-database-oracle-com-v1alpha1-shardingdatabase,mutating=false,failurePolicy=fail,sideEffects=None,groups=database.oracle.com,resources=shardingdatabases,versions=v1alpha1,name=vshardingdatabasev1alpha1.kb.io,admissionReviewVersions=v1
-
-var _ webhook.Validator = &ShardingDatabase{}
-
-// ValidateCreate implements webhook.Validator so a webhook will be registered for the type
-func (r *ShardingDatabase) ValidateCreate() (admission.Warnings, error) {
-	shardingdatabaselog.Info("validate create", "name", r.Name)
-
-	// TODO(user): fill in your validation logic upon object creation.
-	// Check Secret configuration
-	var validationErr field.ErrorList
-	var validationErrs1 field.ErrorList
-
-	//namespaces := db.GetWatchNamespaces()
-	//_, containsNamespace := namespaces[r.Namespace]
-	// Check if the allowed namespaces maps contains the required namespace
-	//	if len(namespaces) != 0 && !containsNamespace {
-	//	validationErr = append(validationErr,
-	//		field.Invalid(field.NewPath("metadata").Child("namespace"), r.Namespace,
-	//			"Oracle database operator doesn't watch over this namespace"))
-	//}
-
-	if r.Spec.DbSecret == nil {
-		validationErr = append(validationErr,
-			field.Invalid(field.NewPath("spec").Child("DbSecret"), r.Spec.DbSecret,
-				"DbSecret cannot be set to nil"))
-	} else {
-		if len(r.Spec.DbSecret.Name) == 0 {
-			validationErr = append(validationErr,
-				field.Invalid(field.NewPath("spec").Child("DbSecret").Child("Name"), r.Spec.DbSecret.Name,
-					"Secret name cannot be set empty"))
-		}
-		if len(r.Spec.DbSecret.PwdFileName) == 0 {
-			validationErr = append(validationErr,
-				field.Invalid(field.NewPath("spec").Child("DbSecret").Child("PwdFileName"), r.Spec.DbSecret.PwdFileName,
-					"Password file name cannot be set empty"))
-		}
-		if strings.ToLower(r.Spec.DbSecret.EncryptionType) != "base64" {
-			if strings.ToLower(r.Spec.DbSecret.KeyFileName) == "" {
-				validationErr = append(validationErr,
-					field.Invalid(field.NewPath("spec").Child("DbSecret").Child("KeyFileName"), r.Spec.DbSecret.KeyFileName,
-						"Key file name cannot be empty"))
-			}
-		}
-
-		/**
-		if len(r.Spec.DbSecret.PwdFileMountLocation) == 0 {
-			validationErr = append(validationErr,
-				field.Invalid(field.NewPath("spec").Child("DbSecret").Child("PwdFileMountLocation"), r.Spec.DbSecret.PwdFileMountLocation,
-					"Password file mount location cannot be empty"))
-		}
-
-		if len(r.Spec.DbSecret.KeyFileMountLocation) == 0 {
-			validationErr = append(validationErr,
-				field.Invalid(field.NewPath("spec").Child("DbSecret").Child("KeyFileMountLocation"), r.Spec.DbSecret.KeyFileMountLocation,
-					"KeyFileMountLocation file mount location cannot be empty"))
-		}
-		**/
-	}
-
-	if r.Spec.IsTdeWallet == "enable" {
-		if (len(r.Spec.FssStorageClass) == 0) && (len(r.Spec.TdeWalletPvc) == 0) {
-			validationErr = append(validationErr,
-				field.Invalid(field.NewPath("spec").Child("FssStorageClass"), r.Spec.FssStorageClass,
-					"FssStorageClass or TdeWalletPvc cannot be set empty if isTdeWallet set to true"))
-
-			validationErr = append(validationErr,
-				field.Invalid(field.NewPath("spec").Child("TdeWalletPvc"), r.Spec.TdeWalletPvc,
-					"FssStorageClass or TdeWalletPvc cannot be set empty if isTdeWallet set to true"))
-		}
-	}
-
-	if r.Spec.IsTdeWallet != "" {
-		if (strings.ToLower(strings.TrimSpace(r.Spec.IsTdeWallet)) != "enable") && (strings.ToLower(strings.TrimSpace(r.Spec.IsTdeWallet)) != "disable") {
-			validationErr = append(validationErr,
-				field.Invalid(field.NewPath("spec").Child("isTdeWallet"), r.Spec.IsTdeWallet,
-					"isTdeWallet can be set to only \"enable\" or \"disable\""))
-		}
-	}
-
-	validationErrs1 = r.validateShardIsDelete()
-	if validationErrs1 != nil {
-		validationErr = append(validationErr, validationErrs1...)
-	}
-
-	validationErrs1 = r.validateFreeEdition()
-	if validationErrs1 != nil {
-		validationErr = append(validationErr, validationErrs1...)
-	}
-
-	validationErrs1 = r.validateCatalogName()
-	if validationErrs1 != nil {
-		validationErr = append(validationErr, validationErrs1...)
-	}
-
-	validationErrs1 = r.validateShardName()
-	if validationErrs1 != nil {
-		validationErr = append(validationErr, validationErrs1...)
-	}
-
-	// TODO(user): fill in your validation logic upon object creation.
-	if len(validationErr) == 0 {
-		return nil, nil
-	}
-
-	return nil, apierrors.NewInvalid(
-		schema.GroupKind{Group: "database.oracle.com", Kind: "ShardingDatabase"},
-		r.Name, validationErr)
-}
-
-// ValidateUpdate implements webhook.Validator so a webhook will be registered for the type
-func (r *ShardingDatabase) ValidateUpdate(old runtime.Object) (admission.Warnings, error) {
-	shardingdatabaselog.Info("validate update", "name", r.Name)
-
-	// TODO(user): fill in your validation logic upon object update.
-	return nil, nil
-}
-
-// ValidateDelete implements webhook.Validator so a webhook will be registered for the type
-func (r *ShardingDatabase) ValidateDelete() (admission.Warnings, error) {
-	shardingdatabaselog.Info("validate delete", "name", r.Name)
-
-	// TODO(user): fill in your validation logic upon object deletion.
-	return nil, nil
-}
-
-// ###### Vlaidation Block #################
-
-func (r *ShardingDatabase) validateShardIsDelete() field.ErrorList {
-
-	var validationErrs field.ErrorList
-
-	for pindex := range r.Spec.Shard {
-		if (strings.ToLower(strings.TrimSpace(r.Spec.Shard[pindex].IsDelete)) != "enable") && (strings.ToLower(strings.TrimSpace(r.Spec.Shard[pindex].IsDelete)) != "disable") && (strings.ToLower(strings.TrimSpace(r.Spec.Shard[pindex].IsDelete)) != "failed") {
-			validationErrs = append(validationErrs,
-				field.Invalid(field.NewPath("spec").Child("shard").Child("isDelete"), r.Spec.Shard[pindex].IsDelete,
-					"r.Spec.Shard[pindex].IsDelete can be set to only enable|disable|failed"))
-		}
-	}
-
-	if len(validationErrs) > 0 {
-		return validationErrs
-	}
-	return nil
-}
-
-func (r *ShardingDatabase) validateFreeEdition() field.ErrorList {
-
-	var validationErrs field.ErrorList
-	if strings.ToLower(r.Spec.DbEdition) == "free" {
-		// Shard Spec Checks
-		for i := 0; i < len(r.Spec.Shard); i++ {
-			for index, variable := range r.Spec.Shard[i].EnvVars {
-				if variable.Name == "ORACLE_SID" {
-					if strings.ToLower(variable.Value) != "free" {
-						validationErrs = append(validationErrs, field.Invalid(field.NewPath("spec").Child("shard").Child("EnvVars"), r.Spec.Shard[i].EnvVars[index].Name,
-							"r.Spec.Shard[i].EnvVars[index].Name ORACLE_SID value can only be set to free"))
-					}
-				}
-				if variable.Name == "ORACLE_PDB" {
-					if strings.ToLower(variable.Value) != "freepdb" {
-						validationErrs = append(validationErrs, field.Invalid(field.NewPath("spec").Child("shard").Child("EnvVars"), r.Spec.Shard[i].EnvVars[index].Name,
-							"r.Spec.Shard[i].EnvVars[index].Name ORACLE_PDB value can only be set to freepdb"))
-					}
-				}
-			}
-		}
-		// Catalog Spec Checks
-		for i := 0; i < len(r.Spec.Catalog); i++ {
-			for index, variable := range r.Spec.Catalog[i].EnvVars {
-				if variable.Name == "ORACLE_SID" {
-					if strings.ToLower(variable.Value) != "free" {
-						validationErrs = append(validationErrs, field.Invalid(field.NewPath("spec").Child("catalog").Child("EnvVars"), r.Spec.Catalog[i].EnvVars[index].Name,
-							"r.Spec.Catalog[i].EnvVars[index].Name ORACLE_SID value can only be set to free"))
-					}
-				}
-				if variable.Name == "ORACLE_PDB" {
-					if strings.ToLower(variable.Value) != "freepdb" {
-						validationErrs = append(validationErrs, field.Invalid(field.NewPath("spec").Child("catalog").Child("EnvVars"), r.Spec.Catalog[i].EnvVars[index].Name,
-							"r.Spec.Catalog[i].EnvVars[index].Name ORACLE_PDB value can only be set to freepdb"))
-					}
-				}
-			}
-		}
-	}
-
-	if len(validationErrs) > 0 {
-		return validationErrs
-	}
-	return nil
-}
-
-func (r *ShardingDatabase) validateShardName() field.ErrorList {
-	var validationErrs field.ErrorList
-
-	for pindex := range r.Spec.Shard {
-		if len(r.Spec.Shard[pindex].Name) > 9 {
-			validationErrs = append(validationErrs,
-				field.Invalid(field.NewPath("spec").Child("shard").Child("Name"), r.Spec.Shard[pindex].Name,
-					"Shard Name cannot be greater than 9 characters."))
-		}
-	}
-
-	if len(validationErrs) > 0 {
-		return validationErrs
-	}
-	return nil
-}
-
-func (r *ShardingDatabase) validateCatalogName() field.ErrorList {
-	var validationErrs field.ErrorList
-
-	for pindex := range r.Spec.Catalog {
-		if len(r.Spec.Catalog[pindex].Name) > 9 {
-			validationErrs = append(validationErrs,
-				field.Invalid(field.NewPath("spec").Child("catalog").Child("Name"), r.Spec.Catalog[pindex].Name,
-					"Catalog Name cannot be greater than 9 characters."))
-		}
-	}
-
-	if len(validationErrs) > 0 {
-		return validationErrs
-	}
-	return nil
-}
diff --git a/apis/database/v1alpha1/singleinstancedatabase_webhook.go b/apis/database/v1alpha1/singleinstancedatabase_webhook.go
index bc095f7c..d0cd88aa 100644
--- a/apis/database/v1alpha1/singleinstancedatabase_webhook.go
+++ b/apis/database/v1alpha1/singleinstancedatabase_webhook.go
@@ -39,9 +39,11 @@
 package v1alpha1
 
 import (
+	"context"
 	"strconv"
 	"strings"
 	"time"
+	"fmt"
 
 	dbcommons "github.com/oracle/oracle-database-operator/commons/database"
 
@@ -61,6 +63,8 @@ var singleinstancedatabaselog = logf.Log.WithName("singleinstancedatabase-resour
 func (r *SingleInstanceDatabase) SetupWebhookWithManager(mgr ctrl.Manager) error {
 	return ctrl.NewWebhookManagedBy(mgr).
 		For(r).
+		WithDefaulter(r).
+		WithValidator(r).
 		Complete()
 }
 
@@ -68,330 +72,341 @@ func (r *SingleInstanceDatabase) SetupWebhookWithManager(mgr ctrl.Manager) error
 
 //+kubebuilder:webhook:path=/mutate-database-oracle-com-v1alpha1-singleinstancedatabase,mutating=true,failurePolicy=fail,sideEffects=None,groups=database.oracle.com,resources=singleinstancedatabases,verbs=create;update,versions=v1alpha1,name=msingleinstancedatabase.kb.io,admissionReviewVersions={v1,v1beta1}
 
-var _ webhook.Defaulter = &SingleInstanceDatabase{}
+var _ webhook.CustomDefaulter = &SingleInstanceDatabase{}
 
 // Default implements webhook.Defaulter so a webhook will be registered for the type
-func (r *SingleInstanceDatabase) Default() {
-	singleinstancedatabaselog.Info("default", "name", r.Name)
+func (r *SingleInstanceDatabase) Default(ctx context.Context, obj runtime.Object) error {
+	sidb, ok := obj.(*SingleInstanceDatabase)
+	if !ok {
+		return apierrors.NewInternalError(fmt.Errorf("failed to cast obj object to SingleInstanceDatabase"))
+	}
+
+	singleinstancedatabaselog.Info("default", "name", sidb.Name)
 
-	if r.Spec.LoadBalancer {
+	if sidb.Spec.LoadBalancer {
 		// Annotations required for a flexible load balancer on oci
-		if r.Spec.ServiceAnnotations == nil {
-			r.Spec.ServiceAnnotations = make(map[string]string)
+		if sidb.Spec.ServiceAnnotations == nil {
+			sidb.Spec.ServiceAnnotations = make(map[string]string)
 		}
-		_, ok := r.Spec.ServiceAnnotations["service.beta.kubernetes.io/oci-load-balancer-shape"]
+		_, ok := sidb.Spec.ServiceAnnotations["service.beta.kubernetes.io/oci-load-balancer-shape"]
 		if !ok {
-			r.Spec.ServiceAnnotations["service.beta.kubernetes.io/oci-load-balancer-shape"] = "flexible"
+			sidb.Spec.ServiceAnnotations["service.beta.kubernetes.io/oci-load-balancer-shape"] = "flexible"
 		}
-		_, ok = r.Spec.ServiceAnnotations["service.beta.kubernetes.io/oci-load-balancer-shape-flex-min"]
+		_, ok = sidb.Spec.ServiceAnnotations["service.beta.kubernetes.io/oci-load-balancer-shape-flex-min"]
 		if !ok {
-			r.Spec.ServiceAnnotations["service.beta.kubernetes.io/oci-load-balancer-shape-flex-min"] = "10"
+			sidb.Spec.ServiceAnnotations["service.beta.kubernetes.io/oci-load-balancer-shape-flex-min"] = "10"
 		}
-		_, ok = r.Spec.ServiceAnnotations["service.beta.kubernetes.io/oci-load-balancer-shape-flex-max"]
+		_, ok = sidb.Spec.ServiceAnnotations["service.beta.kubernetes.io/oci-load-balancer-shape-flex-max"]
 		if !ok {
-			r.Spec.ServiceAnnotations["service.beta.kubernetes.io/oci-load-balancer-shape-flex-max"] = "100"
+			sidb.Spec.ServiceAnnotations["service.beta.kubernetes.io/oci-load-balancer-shape-flex-max"] = "100"
 		}
 	}
 
-	if r.Spec.AdminPassword.KeepSecret == nil {
+	if sidb.Spec.AdminPassword.KeepSecret == nil {
 		keepSecret := true
-		r.Spec.AdminPassword.KeepSecret = &keepSecret
+		sidb.Spec.AdminPassword.KeepSecret = &keepSecret
 	}
 
-	if r.Spec.Edition == "" {
-		if r.Spec.CreateAs == "clone" && !r.Spec.Image.PrebuiltDB {
-			r.Spec.Edition = "enterprise"
+	if sidb.Spec.Edition == "" {
+		if sidb.Spec.CreateAs == "clone" && !sidb.Spec.Image.PrebuiltDB {
+			sidb.Spec.Edition = "enterprise"
 		}
 	}
 
-	if r.Spec.CreateAs == "" {
-		r.Spec.CreateAs = "primary"
+	if sidb.Spec.CreateAs == "" {
+		sidb.Spec.CreateAs = "primary"
 	}
 
-	if r.Spec.Sid == "" {
-		if r.Spec.Edition == "express" {
-			r.Spec.Sid = "XE"
-		} else if r.Spec.Edition == "free" {
-			r.Spec.Sid = "FREE"
+	if sidb.Spec.Sid == "" {
+		if sidb.Spec.Edition == "express" {
+			sidb.Spec.Sid = "XE"
+		} else if sidb.Spec.Edition == "free" {
+			sidb.Spec.Sid = "FREE"
 		} else {
-			r.Spec.Sid = "ORCLCDB"
+			sidb.Spec.Sid = "ORCLCDB"
 		}
 	}
 
-	if r.Spec.Pdbname == "" {
-		if r.Spec.Edition == "express" {
-			r.Spec.Pdbname = "XEPDB1"
-		} else if r.Spec.Edition == "free" {
-			r.Spec.Pdbname = "FREEPDB1"
+	if sidb.Spec.Pdbname == "" {
+		if sidb.Spec.Edition == "express" {
+			sidb.Spec.Pdbname = "XEPDB1"
+		} else if sidb.Spec.Edition == "free" {
+			sidb.Spec.Pdbname = "FREEPDB1"
 		} else {
-			r.Spec.Pdbname = "ORCLPDB1"
+			sidb.Spec.Pdbname = "ORCLPDB1"
 		}
 	}
 
-	if r.Spec.Edition == "express" || r.Spec.Edition == "free" {
+	if sidb.Spec.Edition == "express" || sidb.Spec.Edition == "free" {
 		// Allow zero replicas as a means to bounce the DB
-		if r.Status.Replicas == 1 && r.Spec.Replicas > 1 {
+		if sidb.Status.Replicas == 1 && sidb.Spec.Replicas > 1 {
 			// If not zero, default the replicas to 1
-			r.Spec.Replicas = 1
+			sidb.Spec.Replicas = 1
 		}
 	}
 
-	if r.Spec.TrueCacheServices == nil {
-		r.Spec.TrueCacheServices = make([]string, 0)
+	if sidb.Spec.TrueCacheServices == nil {
+		sidb.Spec.TrueCacheServices = make([]string, 0)
 	}
+
+	return nil
 }
 
 // TODO(user): change verbs to "verbs=create;update;delete" if you want to enable deletion validation.
 //+kubebuilder:webhook:verbs=create;update;delete,path=/validate-database-oracle-com-v1alpha1-singleinstancedatabase,mutating=false,failurePolicy=fail,sideEffects=None,groups=database.oracle.com,resources=singleinstancedatabases,versions=v1alpha1,name=vsingleinstancedatabase.kb.io,admissionReviewVersions={v1,v1beta1}
 
-var _ webhook.Validator = &SingleInstanceDatabase{}
+var _ webhook.CustomValidator = &SingleInstanceDatabase{}
 
 // ValidateCreate implements webhook.Validator so a webhook will be registered for the type
-func (r *SingleInstanceDatabase) ValidateCreate() (admission.Warnings, error) {
-	singleinstancedatabaselog.Info("validate create", "name", r.Name)
+func (r *SingleInstanceDatabase) ValidateCreate(ctx context.Context, obj runtime.Object) (admission.Warnings, error) {
+	sidb, ok := obj.(*SingleInstanceDatabase)
+	if !ok {
+		return nil, apierrors.NewInternalError(fmt.Errorf("failed to cast obj object to SingleInstanceDatabase"))
+	}
+	singleinstancedatabaselog.Info("validate create", "name", sidb.Name)
 	var allErrs field.ErrorList
 
 	namespaces := dbcommons.GetWatchNamespaces()
-	_, containsNamespace := namespaces[r.Namespace]
+	_, containsNamespace := namespaces[sidb.Namespace]
 	// Check if the allowed namespaces maps contains the required namespace
 	if len(namespaces) != 0 && !containsNamespace {
 		allErrs = append(allErrs,
-			field.Invalid(field.NewPath("metadata").Child("namespace"), r.Namespace,
+			field.Invalid(field.NewPath("metadata").Child("namespace"), sidb.Namespace,
 				"Oracle database operator doesn't watch over this namespace"))
 	}
 
 	// Persistence spec validation
-	if r.Spec.Persistence.Size == "" && (r.Spec.Persistence.AccessMode != "" ||
-		r.Spec.Persistence.StorageClass != "" || r.Spec.Persistence.DatafilesVolumeName != "") {
+	if sidb.Spec.Persistence.Size == "" && (sidb.Spec.Persistence.AccessMode != "" ||
+		sidb.Spec.Persistence.StorageClass != "" || sidb.Spec.Persistence.DatafilesVolumeName != "") {
 		allErrs = append(allErrs,
-			field.Invalid(field.NewPath("spec").Child("persistence").Child("size"), r.Spec.Persistence,
+			field.Invalid(field.NewPath("spec").Child("persistence").Child("size"), sidb.Spec.Persistence,
 				"invalid persistence specification, specify required size"))
 	}
 
-	if r.Spec.Persistence.Size != "" {
-		if r.Spec.Persistence.AccessMode == "" {
+	if sidb.Spec.Persistence.Size != "" {
+		if sidb.Spec.Persistence.AccessMode == "" {
 			allErrs = append(allErrs,
-				field.Invalid(field.NewPath("spec").Child("persistence").Child("size"), r.Spec.Persistence,
+				field.Invalid(field.NewPath("spec").Child("persistence").Child("size"), sidb.Spec.Persistence,
 					"invalid persistence specification, specify accessMode"))
 		}
-		if r.Spec.Persistence.AccessMode != "ReadWriteMany" && r.Spec.Persistence.AccessMode != "ReadWriteOnce" {
+		if sidb.Spec.Persistence.AccessMode != "ReadWriteMany" && sidb.Spec.Persistence.AccessMode != "ReadWriteOnce" {
 			allErrs = append(allErrs,
 				field.Invalid(field.NewPath("spec").Child("persistence").Child("accessMode"),
-					r.Spec.Persistence.AccessMode, "should be either \"ReadWriteOnce\" or \"ReadWriteMany\""))
+					sidb.Spec.Persistence.AccessMode, "should be either \"ReadWriteOnce\" or \"ReadWriteMany\""))
 		}
 	}
 
-	if r.Spec.CreateAs == "standby" {
-		if r.Spec.ArchiveLog != nil {
+	if sidb.Spec.CreateAs == "standby" {
+		if sidb.Spec.ArchiveLog != nil {
 			allErrs = append(allErrs,
 				field.Invalid(field.NewPath("spec").Child("archiveLog"),
-					r.Spec.ArchiveLog, "archiveLog cannot be specified for standby databases"))
+					sidb.Spec.ArchiveLog, "archiveLog cannot be specified for standby databases"))
 		}
-		if r.Spec.FlashBack != nil {
+		if sidb.Spec.FlashBack != nil {
 			allErrs = append(allErrs,
 				field.Invalid(field.NewPath("spec").Child("flashBack"),
-					r.Spec.FlashBack, "flashBack cannot be specified for standby databases"))
+					sidb.Spec.FlashBack, "flashBack cannot be specified for standby databases"))
 		}
-		if r.Spec.ForceLogging != nil {
+		if sidb.Spec.ForceLogging != nil {
 			allErrs = append(allErrs,
 				field.Invalid(field.NewPath("spec").Child("forceLog"),
-					r.Spec.ForceLogging, "forceLog cannot be specified for standby databases"))
+					sidb.Spec.ForceLogging, "forceLog cannot be specified for standby databases"))
 		}
-		if r.Spec.InitParams != nil {
+		if sidb.Spec.InitParams != nil {
 			allErrs = append(allErrs,
 				field.Invalid(field.NewPath("spec").Child("initParams"),
-					r.Spec.InitParams, "initParams cannot be specified for standby databases"))
+					sidb.Spec.InitParams, "initParams cannot be specified for standby databases"))
 		}
-		if r.Spec.Persistence.ScriptsVolumeName != "" {
+		if sidb.Spec.Persistence.ScriptsVolumeName != "" {
 			allErrs = append(allErrs,
 				field.Invalid(field.NewPath("spec").Child("persistence").Child("scriptsVolumeName"),
-					r.Spec.Persistence.ScriptsVolumeName, "scriptsVolumeName cannot be specified for standby databases"))
+					sidb.Spec.Persistence.ScriptsVolumeName, "scriptsVolumeName cannot be specified for standby databases"))
 		}
-		if r.Spec.EnableTCPS {
+		if sidb.Spec.EnableTCPS {
 			allErrs = append(allErrs,
 				field.Invalid(field.NewPath("spec").Child("enableTCPS"),
-					r.Spec.EnableTCPS, "enableTCPS cannot be specified for standby databases"))
+					sidb.Spec.EnableTCPS, "enableTCPS cannot be specified for standby databases"))
 		}
 
 	}
 
 	// Replica validation
-	if r.Spec.Replicas > 1 {
+	if sidb.Spec.Replicas > 1 {
 		valMsg := ""
-		if r.Spec.Edition == "express" || r.Spec.Edition == "free" {
-			valMsg = "should be 1 for " + r.Spec.Edition + " edition"
+		if sidb.Spec.Edition == "express" || sidb.Spec.Edition == "free" {
+			valMsg = "should be 1 for " + sidb.Spec.Edition + " edition"
 		}
-		if r.Spec.Persistence.Size == "" {
+		if sidb.Spec.Persistence.Size == "" {
 			valMsg = "should be 1 if no persistence is specified"
 		}
 		if valMsg != "" {
 			allErrs = append(allErrs,
-				field.Invalid(field.NewPath("spec").Child("replicas"), r.Spec.Replicas, valMsg))
+				field.Invalid(field.NewPath("spec").Child("replicas"), sidb.Spec.Replicas, valMsg))
 		}
 	}
 
-	if (r.Spec.CreateAs == "clone" || r.Spec.CreateAs == "standby") && r.Spec.PrimaryDatabaseRef == "" {
+	if (sidb.Spec.CreateAs == "clone" || sidb.Spec.CreateAs == "standby") && sidb.Spec.PrimaryDatabaseRef == "" {
 		allErrs = append(allErrs,
-			field.Invalid(field.NewPath("spec").Child("primaryDatabaseRef"), r.Spec.PrimaryDatabaseRef, "Primary Database reference cannot be null for a secondary database"))
+			field.Invalid(field.NewPath("spec").Child("primaryDatabaseRef"), sidb.Spec.PrimaryDatabaseRef, "Primary Database reference cannot be null for a secondary database"))
 	}
 
-	if r.Spec.Edition == "express" || r.Spec.Edition == "free" {
-		if r.Spec.CreateAs == "clone" {
+	if sidb.Spec.Edition == "express" || sidb.Spec.Edition == "free" {
+		if sidb.Spec.CreateAs == "clone" {
 			allErrs = append(allErrs,
-				field.Invalid(field.NewPath("spec").Child("createAs"), r.Spec.CreateAs,
-					"Cloning not supported for "+r.Spec.Edition+" edition"))
+				field.Invalid(field.NewPath("spec").Child("createAs"), sidb.Spec.CreateAs,
+					"Cloning not supported for "+sidb.Spec.Edition+" edition"))
 		}
-		if r.Spec.CreateAs == "standby" {
+		if sidb.Spec.CreateAs == "standby" {
 			allErrs = append(allErrs,
-				field.Invalid(field.NewPath("spec").Child("createAs"), r.Spec.CreateAs,
-					"Physical Standby Database creation is not supported for "+r.Spec.Edition+" edition"))
+				field.Invalid(field.NewPath("spec").Child("createAs"), sidb.Spec.CreateAs,
+					"Physical Standby Database creation is not supported for "+sidb.Spec.Edition+" edition"))
 		}
-		if r.Spec.Edition == "express" && strings.ToUpper(r.Spec.Sid) != "XE" {
+		if sidb.Spec.Edition == "express" && strings.ToUpper(sidb.Spec.Sid) != "XE" {
 			allErrs = append(allErrs,
-				field.Invalid(field.NewPath("spec").Child("sid"), r.Spec.Sid,
+				field.Invalid(field.NewPath("spec").Child("sid"), sidb.Spec.Sid,
 					"Express edition SID must only be XE"))
 		}
-		if r.Spec.Edition == "free" && strings.ToUpper(r.Spec.Sid) != "FREE" {
+		if sidb.Spec.Edition == "free" && strings.ToUpper(sidb.Spec.Sid) != "FREE" {
 			allErrs = append(allErrs,
-				field.Invalid(field.NewPath("spec").Child("sid"), r.Spec.Sid,
+				field.Invalid(field.NewPath("spec").Child("sid"), sidb.Spec.Sid,
 					"Free edition SID must only be FREE"))
 		}
-		if r.Spec.Edition == "express" && strings.ToUpper(r.Spec.Pdbname) != "XEPDB1" {
+		if sidb.Spec.Edition == "express" && strings.ToUpper(sidb.Spec.Pdbname) != "XEPDB1" {
 			allErrs = append(allErrs,
-				field.Invalid(field.NewPath("spec").Child("pdbName"), r.Spec.Pdbname,
+				field.Invalid(field.NewPath("spec").Child("pdbName"), sidb.Spec.Pdbname,
 					"Express edition PDB must be XEPDB1"))
 		}
-		if r.Spec.Edition == "free" && strings.ToUpper(r.Spec.Pdbname) != "FREEPDB1" {
+		if sidb.Spec.Edition == "free" && strings.ToUpper(sidb.Spec.Pdbname) != "FREEPDB1" {
 			allErrs = append(allErrs,
-				field.Invalid(field.NewPath("spec").Child("pdbName"), r.Spec.Pdbname,
+				field.Invalid(field.NewPath("spec").Child("pdbName"), sidb.Spec.Pdbname,
 					"Free edition PDB must be FREEPDB1"))
 		}
-		if r.Spec.InitParams != nil {
+		if sidb.Spec.InitParams != nil {
 			allErrs = append(allErrs,
-				field.Invalid(field.NewPath("spec").Child("initParams"), *r.Spec.InitParams,
-					r.Spec.Edition+" edition does not support changing init parameters"))
+				field.Invalid(field.NewPath("spec").Child("initParams"), *sidb.Spec.InitParams,
+					sidb.Spec.Edition+" edition does not support changing init parameters"))
 		}
 	} else {
-		if r.Spec.Sid == "XE" {
+		if sidb.Spec.Sid == "XE" {
 			allErrs = append(allErrs,
-				field.Invalid(field.NewPath("spec").Child("sid"), r.Spec.Sid,
+				field.Invalid(field.NewPath("spec").Child("sid"), sidb.Spec.Sid,
 					"XE is reserved as the SID for Express edition of the database"))
 		}
-		if r.Spec.Sid == "FREE" {
+		if sidb.Spec.Sid == "FREE" {
 			allErrs = append(allErrs,
-				field.Invalid(field.NewPath("spec").Child("sid"), r.Spec.Sid,
+				field.Invalid(field.NewPath("spec").Child("sid"), sidb.Spec.Sid,
 					"FREE is reserved as the SID for FREE edition of the database"))
 		}
 	}
 
-	if r.Spec.CreateAs == "clone" {
-		if r.Spec.Image.PrebuiltDB {
+	if sidb.Spec.CreateAs == "clone" {
+		if sidb.Spec.Image.PrebuiltDB {
 			allErrs = append(allErrs,
-				field.Invalid(field.NewPath("spec").Child("createAs"), r.Spec.CreateAs,
+				field.Invalid(field.NewPath("spec").Child("createAs"), sidb.Spec.CreateAs,
 					"cannot clone to create a prebuilt db"))
-		} else if strings.Contains(r.Spec.PrimaryDatabaseRef, ":") && strings.Contains(r.Spec.PrimaryDatabaseRef, "/") && r.Spec.Edition == "" {
+		} else if strings.Contains(sidb.Spec.PrimaryDatabaseRef, ":") && strings.Contains(sidb.Spec.PrimaryDatabaseRef, "/") && sidb.Spec.Edition == "" {
 			//Edition must be passed when cloning from a source database other than same k8s cluster
 			allErrs = append(allErrs,
-				field.Invalid(field.NewPath("spec").Child("edition"), r.Spec.CreateAs,
+				field.Invalid(field.NewPath("spec").Child("edition"), sidb.Spec.CreateAs,
 					"Edition must be passed when cloning from a source database other than same k8s cluster"))
 		}
 	}
 
-	if r.Spec.CreateAs != "truecache" {
-		if len(r.Spec.TrueCacheServices) > 0 {
+	if sidb.Spec.CreateAs != "truecache" {
+		if len(sidb.Spec.TrueCacheServices) > 0 {
 			allErrs = append(allErrs,
-				field.Invalid(field.NewPath("spec").Child("trueCacheServices"), r.Spec.TrueCacheServices,
+				field.Invalid(field.NewPath("spec").Child("trueCacheServices"), sidb.Spec.TrueCacheServices,
 					"Creation of trueCacheServices only supported with True Cache instances"))
 		}
 	}
 
-	if r.Status.FlashBack == "true" && r.Spec.FlashBack != nil && *r.Spec.FlashBack {
-		if r.Spec.ArchiveLog != nil && !*r.Spec.ArchiveLog {
+	if sidb.Status.FlashBack == "true" && sidb.Spec.FlashBack != nil && *sidb.Spec.FlashBack {
+		if sidb.Spec.ArchiveLog != nil && !*sidb.Spec.ArchiveLog {
 			allErrs = append(allErrs,
-				field.Invalid(field.NewPath("spec").Child("archiveLog"), r.Spec.ArchiveLog,
+				field.Invalid(field.NewPath("spec").Child("archiveLog"), sidb.Spec.ArchiveLog,
 					"Cannot disable Archivelog. Please disable Flashback first."))
 		}
 	}
 
-	if r.Status.ArchiveLog == "false" && r.Spec.ArchiveLog != nil && !*r.Spec.ArchiveLog {
-		if *r.Spec.FlashBack {
+	if sidb.Status.ArchiveLog == "false" && sidb.Spec.ArchiveLog != nil && !*sidb.Spec.ArchiveLog {
+		if sidb.Spec.FlashBack != nil && *sidb.Spec.FlashBack {
 			allErrs = append(allErrs,
-				field.Invalid(field.NewPath("spec").Child("flashBack"), r.Spec.FlashBack,
+				field.Invalid(field.NewPath("spec").Child("flashBack"), sidb.Spec.FlashBack,
 					"Cannot enable Flashback. Please enable Archivelog first."))
 		}
 	}
 
-	if r.Spec.Persistence.VolumeClaimAnnotation != "" {
-		strParts := strings.Split(r.Spec.Persistence.VolumeClaimAnnotation, ":")
+	if sidb.Spec.Persistence.VolumeClaimAnnotation != "" {
+		strParts := strings.Split(sidb.Spec.Persistence.VolumeClaimAnnotation, ":")
 		if len(strParts) != 2 {
 			allErrs = append(allErrs,
-				field.Invalid(field.NewPath("spec").Child("persistence").Child("volumeClaimAnnotation"), r.Spec.Persistence.VolumeClaimAnnotation,
+				field.Invalid(field.NewPath("spec").Child("persistence").Child("volumeClaimAnnotation"), sidb.Spec.Persistence.VolumeClaimAnnotation,
 					"volumeClaimAnnotation should be in <key>:<value> format."))
 		}
 	}
 
 	// servicePort and tcpServicePort validation
-	if !r.Spec.LoadBalancer {
+	if !sidb.Spec.LoadBalancer {
 		// NodePort service is expected. In this case servicePort should be in range 30000-32767
-		if r.Spec.ListenerPort != 0 && (r.Spec.ListenerPort < 30000 || r.Spec.ListenerPort > 32767) {
+		if sidb.Spec.ListenerPort != 0 && (sidb.Spec.ListenerPort < 30000 || sidb.Spec.ListenerPort > 32767) {
 			allErrs = append(allErrs,
-				field.Invalid(field.NewPath("spec").Child("listenerPort"), r.Spec.ListenerPort,
+				field.Invalid(field.NewPath("spec").Child("listenerPort"), sidb.Spec.ListenerPort,
 					"listenerPort should be in 30000-32767 range."))
 		}
-		if r.Spec.EnableTCPS && r.Spec.TcpsListenerPort != 0 && (r.Spec.TcpsListenerPort < 30000 || r.Spec.TcpsListenerPort > 32767) {
+		if sidb.Spec.EnableTCPS && sidb.Spec.TcpsListenerPort != 0 && (sidb.Spec.TcpsListenerPort < 30000 || sidb.Spec.TcpsListenerPort > 32767) {
 			allErrs = append(allErrs,
-				field.Invalid(field.NewPath("spec").Child("tcpsListenerPort"), r.Spec.TcpsListenerPort,
+				field.Invalid(field.NewPath("spec").Child("tcpsListenerPort"), sidb.Spec.TcpsListenerPort,
 					"tcpsListenerPort should be in 30000-32767 range."))
 		}
 	} else {
 		// LoadBalancer Service is expected.
-		if r.Spec.EnableTCPS && r.Spec.TcpsListenerPort == 0 && r.Spec.ListenerPort == int(dbcommons.CONTAINER_TCPS_PORT) {
+		if sidb.Spec.EnableTCPS && sidb.Spec.TcpsListenerPort == 0 && sidb.Spec.ListenerPort == int(dbcommons.CONTAINER_TCPS_PORT) {
 			allErrs = append(allErrs,
-				field.Invalid(field.NewPath("spec").Child("listenerPort"), r.Spec.ListenerPort,
+				field.Invalid(field.NewPath("spec").Child("listenerPort"), sidb.Spec.ListenerPort,
 					"listenerPort can not be 2484 as the default port for tcpsListenerPort is 2484."))
 		}
 	}
 
-	if r.Spec.EnableTCPS && r.Spec.ListenerPort != 0 && r.Spec.TcpsListenerPort != 0 && r.Spec.ListenerPort == r.Spec.TcpsListenerPort {
+	if sidb.Spec.EnableTCPS && sidb.Spec.ListenerPort != 0 && sidb.Spec.TcpsListenerPort != 0 && sidb.Spec.ListenerPort == sidb.Spec.TcpsListenerPort {
 		allErrs = append(allErrs,
-			field.Invalid(field.NewPath("spec").Child("tcpsListenerPort"), r.Spec.TcpsListenerPort,
+			field.Invalid(field.NewPath("spec").Child("tcpsListenerPort"), sidb.Spec.TcpsListenerPort,
 				"listenerPort and tcpsListenerPort can not be equal."))
 	}
 
 	// Certificate Renew Duration Validation
-	if r.Spec.EnableTCPS && r.Spec.TcpsCertRenewInterval != "" {
-		duration, err := time.ParseDuration(r.Spec.TcpsCertRenewInterval)
+	if sidb.Spec.EnableTCPS && sidb.Spec.TcpsCertRenewInterval != "" {
+		duration, err := time.ParseDuration(sidb.Spec.TcpsCertRenewInterval)
 		if err != nil {
 			allErrs = append(allErrs,
-				field.Invalid(field.NewPath("spec").Child("tcpsCertRenewInterval"), r.Spec.TcpsCertRenewInterval,
+				field.Invalid(field.NewPath("spec").Child("tcpsCertRenewInterval"), sidb.Spec.TcpsCertRenewInterval,
 					"Please provide valid string to parse the tcpsCertRenewInterval."))
 		}
 		maxLimit, _ := time.ParseDuration("8760h")
 		minLimit, _ := time.ParseDuration("24h")
 		if duration > maxLimit || duration < minLimit {
 			allErrs = append(allErrs,
-				field.Invalid(field.NewPath("spec").Child("tcpsCertRenewInterval"), r.Spec.TcpsCertRenewInterval,
+				field.Invalid(field.NewPath("spec").Child("tcpsCertRenewInterval"), sidb.Spec.TcpsCertRenewInterval,
 					"Please specify tcpsCertRenewInterval in the range: 24h to 8760h"))
 		}
 	}
 
 	// tcpsTlsSecret validations
-	if !r.Spec.EnableTCPS && r.Spec.TcpsTlsSecret != "" {
+	if !sidb.Spec.EnableTCPS && sidb.Spec.TcpsTlsSecret != "" {
 		allErrs = append(allErrs,
 			field.Forbidden(field.NewPath("spec").Child("tcpsTlsSecret"),
 				" is allowed only if enableTCPS is true"))
 	}
-	if r.Spec.TcpsTlsSecret != "" && r.Spec.TcpsCertRenewInterval != "" {
+	if sidb.Spec.TcpsTlsSecret != "" && sidb.Spec.TcpsCertRenewInterval != "" {
 		allErrs = append(allErrs,
 			field.Forbidden(field.NewPath("spec").Child("tcpsCertRenewInterval"),
 				" is applicable only for self signed certs"))
 	}
 
-	if r.Spec.InitParams != nil {
-		if (r.Spec.InitParams.PgaAggregateTarget != 0 && r.Spec.InitParams.SgaTarget == 0) || (r.Spec.InitParams.PgaAggregateTarget == 0 && r.Spec.InitParams.SgaTarget != 0) {
+	if sidb.Spec.InitParams != nil {
+		if (sidb.Spec.InitParams.PgaAggregateTarget != 0 && sidb.Spec.InitParams.SgaTarget == 0) || (sidb.Spec.InitParams.PgaAggregateTarget == 0 && sidb.Spec.InitParams.SgaTarget != 0) {
 			allErrs = append(allErrs,
 				field.Invalid(field.NewPath("spec").Child("initParams"),
-					r.Spec.InitParams, "initParams value invalid : Provide values for both pgaAggregateTarget and SgaTarget"))
+					sidb.Spec.InitParams, "initParams value invalid : Provide values for both pgaAggregateTarget and SgaTarget"))
 		}
 	}
 
@@ -401,41 +416,45 @@ func (r *SingleInstanceDatabase) ValidateCreate() (admission.Warnings, error) {
 
 	return nil, apierrors.NewInvalid(
 		schema.GroupKind{Group: "database.oracle.com", Kind: "SingleInstanceDatabase"},
-		r.Name, allErrs)
+		sidb.Name, allErrs)
 }
 
 // ValidateUpdate implements webhook.Validator so a webhook will be registered for the type
-func (r *SingleInstanceDatabase) ValidateUpdate(oldRuntimeObject runtime.Object) (admission.Warnings, error) {
-	singleinstancedatabaselog.Info("validate update", "name", r.Name)
+func (r *SingleInstanceDatabase) ValidateUpdate(ctx context.Context, oldRuntimeObject, newRuntimeObj runtime.Object) (admission.Warnings, error) {
+	new, ok := newRuntimeObj.(*SingleInstanceDatabase)
+	if !ok {
+		return nil, apierrors.NewInternalError(fmt.Errorf("failed to cast newRuntimeObj object to SingleInstanceDatabase"))
+	}
+	singleinstancedatabaselog.Info("validate update", "name", new.Name)
 	var allErrs field.ErrorList
 
 	// check creation validations first
-	warnings, err := r.ValidateCreate()
+	warnings, err := new.ValidateCreate(ctx, newRuntimeObj)
 	if err != nil {
 		return warnings, err
 	}
 
 	// Validate Deletion
-	if r.GetDeletionTimestamp() != nil {
-		warnings, err := r.ValidateDelete()
+	if new.GetDeletionTimestamp() != nil {
+		warnings, err := new.ValidateDelete(ctx, newRuntimeObj)
 		if err != nil {
 			return warnings, err
 		}
 	}
 
 	// Now check for updation errors
-	old, ok := oldRuntimeObject.(*SingleInstanceDatabase)
-	if !ok {
-		return nil, nil
+	old, okay := oldRuntimeObject.(*SingleInstanceDatabase)
+	if !okay {
+		return nil, apierrors.NewInternalError(fmt.Errorf("failed to cast oldRuntimeObject object to SingleInstanceDatabase"))
 	}
 
 	if old.Status.CreatedAs == "clone" {
-		if r.Spec.Edition != "" && old.Status.Edition != "" && !strings.EqualFold(old.Status.Edition, r.Spec.Edition) {
+		if new.Spec.Edition != "" && old.Status.Edition != "" && !strings.EqualFold(old.Status.Edition, new.Spec.Edition) {
 			allErrs = append(allErrs,
 				field.Forbidden(field.NewPath("spec").Child("edition"), "Edition of a cloned singleinstancedatabase cannot be changed post creation"))
 		}
 
-		if !strings.EqualFold(old.Status.PrimaryDatabase, r.Spec.PrimaryDatabaseRef) {
+		if !strings.EqualFold(old.Status.PrimaryDatabase, new.Spec.PrimaryDatabaseRef) {
 			allErrs = append(allErrs,
 				field.Forbidden(field.NewPath("spec").Child("primaryDatabaseRef"), "Primary database of a cloned singleinstancedatabase cannot be changed post creation"))
 		}
@@ -444,36 +463,36 @@ func (r *SingleInstanceDatabase) ValidateUpdate(oldRuntimeObject runtime.Object)
 	if old.Status.Role != dbcommons.ValueUnavailable && old.Status.Role != "PRIMARY" {
 		// Restriciting Patching of secondary databases archiveLog, forceLog, flashBack
 		statusArchiveLog, _ := strconv.ParseBool(old.Status.ArchiveLog)
-		if r.Spec.ArchiveLog != nil && (statusArchiveLog != *r.Spec.ArchiveLog) {
+		if new.Spec.ArchiveLog != nil && (statusArchiveLog != *new.Spec.ArchiveLog) {
 			allErrs = append(allErrs,
 				field.Forbidden(field.NewPath("spec").Child("archiveLog"), "cannot be changed"))
 		}
 		statusFlashBack, _ := strconv.ParseBool(old.Status.FlashBack)
-		if r.Spec.FlashBack != nil && (statusFlashBack != *r.Spec.FlashBack) {
+		if new.Spec.FlashBack != nil && (statusFlashBack != *new.Spec.FlashBack) {
 			allErrs = append(allErrs,
 				field.Forbidden(field.NewPath("spec").Child("flashBack"), "cannot be changed"))
 		}
 		statusForceLogging, _ := strconv.ParseBool(old.Status.ForceLogging)
-		if r.Spec.ForceLogging != nil && (statusForceLogging != *r.Spec.ForceLogging) {
+		if new.Spec.ForceLogging != nil && (statusForceLogging != *new.Spec.ForceLogging) {
 			allErrs = append(allErrs,
 				field.Forbidden(field.NewPath("spec").Child("forceLog"), "cannot be changed"))
 		}
 
 		// Restriciting Patching of secondary databases InitParams
-		if r.Spec.InitParams != nil {
-			if old.Status.InitParams.SgaTarget != r.Spec.InitParams.SgaTarget {
+		if new.Spec.InitParams != nil {
+			if old.Status.InitParams.SgaTarget != new.Spec.InitParams.SgaTarget {
 				allErrs = append(allErrs,
 					field.Forbidden(field.NewPath("spec").Child("initParams").Child("sgaTarget"), "cannot be changed"))
 			}
-			if old.Status.InitParams.PgaAggregateTarget != r.Spec.InitParams.PgaAggregateTarget {
+			if old.Status.InitParams.PgaAggregateTarget != new.Spec.InitParams.PgaAggregateTarget {
 				allErrs = append(allErrs,
 					field.Forbidden(field.NewPath("spec").Child("initParams").Child("pgaAggregateTarget"), "cannot be changed"))
 			}
-			if old.Status.InitParams.CpuCount != r.Spec.InitParams.CpuCount {
+			if old.Status.InitParams.CpuCount != new.Spec.InitParams.CpuCount {
 				allErrs = append(allErrs,
 					field.Forbidden(field.NewPath("spec").Child("initParams").Child("cpuCount"), "cannot be changed"))
 			}
-			if old.Status.InitParams.Processes != r.Spec.InitParams.Processes {
+			if old.Status.InitParams.Processes != new.Spec.InitParams.Processes {
 				allErrs = append(allErrs,
 					field.Forbidden(field.NewPath("spec").Child("initParams").Child("processes"), "cannot be changed"))
 			}
@@ -481,7 +500,7 @@ func (r *SingleInstanceDatabase) ValidateUpdate(oldRuntimeObject runtime.Object)
 	}
 
 	// if Db is in a dataguard configuration or referred by Standby databases then Restrict enabling Tcps on the Primary DB
-	if r.Spec.EnableTCPS {
+	if new.Spec.EnableTCPS {
 		if old.Status.DgBroker != nil {
 			allErrs = append(allErrs,
 				field.Forbidden(field.NewPath("spec").Child("enableTCPS"), "cannot enable tcps as database is in a dataguard configuration"))
@@ -491,38 +510,38 @@ func (r *SingleInstanceDatabase) ValidateUpdate(oldRuntimeObject runtime.Object)
 		}
 	}
 
-	if old.Status.DatafilesCreated == "true" && (old.Status.PrebuiltDB != r.Spec.Image.PrebuiltDB) {
+	if old.Status.DatafilesCreated == "true" && (old.Status.PrebuiltDB != new.Spec.Image.PrebuiltDB) {
 		allErrs = append(allErrs,
 			field.Forbidden(field.NewPath("spec").Child("image").Child("prebuiltDB"), "cannot be changed"))
 	}
-	if r.Spec.Edition != "" && old.Status.Edition != "" && !strings.EqualFold(old.Status.Edition, r.Spec.Edition) {
+	if new.Spec.Edition != "" && old.Status.Edition != "" && !strings.EqualFold(old.Status.Edition, new.Spec.Edition) {
 		allErrs = append(allErrs,
 			field.Forbidden(field.NewPath("spec").Child("edition"), "cannot be changed"))
 	}
-	if old.Status.Charset != "" && !strings.EqualFold(old.Status.Charset, r.Spec.Charset) {
+	if old.Status.Charset != "" && !strings.EqualFold(old.Status.Charset, new.Spec.Charset) {
 		allErrs = append(allErrs,
 			field.Forbidden(field.NewPath("spec").Child("charset"), "cannot be changed"))
 	}
-	if old.Status.Sid != "" && !strings.EqualFold(r.Spec.Sid, old.Status.Sid) {
+	if old.Status.Sid != "" && !strings.EqualFold(new.Spec.Sid, old.Status.Sid) {
 		allErrs = append(allErrs,
 			field.Forbidden(field.NewPath("spec").Child("sid"), "cannot be changed"))
 	}
-	if old.Status.Pdbname != "" && !strings.EqualFold(old.Status.Pdbname, r.Spec.Pdbname) {
+	if old.Status.Pdbname != "" && !strings.EqualFold(old.Status.Pdbname, new.Spec.Pdbname) {
 		allErrs = append(allErrs,
 			field.Forbidden(field.NewPath("spec").Child("pdbname"), "cannot be changed"))
 	}
 	if old.Status.CreatedAs == "clone" &&
-		(old.Status.PrimaryDatabase == dbcommons.ValueUnavailable && r.Spec.PrimaryDatabaseRef != "" ||
-			old.Status.PrimaryDatabase != dbcommons.ValueUnavailable && old.Status.PrimaryDatabase != r.Spec.PrimaryDatabaseRef) {
+		(old.Status.PrimaryDatabase == dbcommons.ValueUnavailable && new.Spec.PrimaryDatabaseRef != "" ||
+			old.Status.PrimaryDatabase != dbcommons.ValueUnavailable && old.Status.PrimaryDatabase != new.Spec.PrimaryDatabaseRef) {
 		allErrs = append(allErrs,
 			field.Forbidden(field.NewPath("spec").Child("primaryDatabaseRef"), "cannot be changed"))
 	}
-	if old.Status.OrdsReference != "" && r.Status.Persistence != r.Spec.Persistence {
+	if old.Status.OrdsReference != "" && new.Status.Persistence != new.Spec.Persistence {
 		allErrs = append(allErrs,
 			field.Forbidden(field.NewPath("spec").Child("persistence"), "uninstall ORDS to change Persistence"))
 	}
 
-	if old.Status.Replicas != r.Spec.Replicas && old.Status.DgBroker != nil {
+	if old.Status.Replicas != new.Spec.Replicas && old.Status.DgBroker != nil {
 		allErrs = append(allErrs,
 			field.Forbidden(field.NewPath("spec").Child("replicas"), "cannot be updated for a database in a Data Guard configuration"))
 	}
@@ -532,22 +551,27 @@ func (r *SingleInstanceDatabase) ValidateUpdate(oldRuntimeObject runtime.Object)
 	}
 	return nil, apierrors.NewInvalid(
 		schema.GroupKind{Group: "database.oracle.com", Kind: "SingleInstanceDatabase"},
-		r.Name, allErrs)
+		new.Name, allErrs)
 
 }
 
 // ValidateDelete implements webhook.Validator so a webhook will be registered for the type
-func (r *SingleInstanceDatabase) ValidateDelete() (admission.Warnings, error) {
-	singleinstancedatabaselog.Info("validate delete", "name", r.Name)
+func (r *SingleInstanceDatabase) ValidateDelete(ctx context.Context, obj runtime.Object) (admission.Warnings, error) {
+	sidb, ok := obj.(*SingleInstanceDatabase)
+	if !ok {
+		return nil, apierrors.NewInternalError(fmt.Errorf("failed to cast obj object to SingleInstanceDatabase"))
+	}
+	
+	singleinstancedatabaselog.Info("validate delete", "name", sidb.Name)
 	var allErrs field.ErrorList
-	if r.Status.OrdsReference != "" {
+	if sidb.Status.OrdsReference != "" {
 		allErrs = append(allErrs,
-			field.Forbidden(field.NewPath("status").Child("ordsReference"), "delete "+r.Status.OrdsReference+" to cleanup this SIDB"))
+			field.Forbidden(field.NewPath("status").Child("ordsReference"), "delete "+sidb.Status.OrdsReference+" to cleanup this SIDB"))
 	}
 	if len(allErrs) == 0 {
 		return nil, nil
 	}
 	return nil, apierrors.NewInvalid(
 		schema.GroupKind{Group: "database.oracle.com", Kind: "SingleInstanceDatabase"},
-		r.Name, allErrs)
+		sidb.Name, allErrs)
 }
diff --git a/apis/database/v1alpha1/zz_generated.deepcopy.go b/apis/database/v1alpha1/zz_generated.deepcopy.go
index b20cf834..511a2912 100644
--- a/apis/database/v1alpha1/zz_generated.deepcopy.go
+++ b/apis/database/v1alpha1/zz_generated.deepcopy.go
@@ -683,239 +683,6 @@ func (in *Backupconfig) DeepCopy() *Backupconfig {
 	return out
 }
 
-// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
-func (in *CDB) DeepCopyInto(out *CDB) {
-	*out = *in
-	out.TypeMeta = in.TypeMeta
-	in.ObjectMeta.DeepCopyInto(&out.ObjectMeta)
-	in.Spec.DeepCopyInto(&out.Spec)
-	out.Status = in.Status
-}
-
-// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CDB.
-func (in *CDB) DeepCopy() *CDB {
-	if in == nil {
-		return nil
-	}
-	out := new(CDB)
-	in.DeepCopyInto(out)
-	return out
-}
-
-// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.
-func (in *CDB) DeepCopyObject() runtime.Object {
-	if c := in.DeepCopy(); c != nil {
-		return c
-	}
-	return nil
-}
-
-// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
-func (in *CDBAdminPassword) DeepCopyInto(out *CDBAdminPassword) {
-	*out = *in
-	out.Secret = in.Secret
-}
-
-// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CDBAdminPassword.
-func (in *CDBAdminPassword) DeepCopy() *CDBAdminPassword {
-	if in == nil {
-		return nil
-	}
-	out := new(CDBAdminPassword)
-	in.DeepCopyInto(out)
-	return out
-}
-
-// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
-func (in *CDBAdminUser) DeepCopyInto(out *CDBAdminUser) {
-	*out = *in
-	out.Secret = in.Secret
-}
-
-// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CDBAdminUser.
-func (in *CDBAdminUser) DeepCopy() *CDBAdminUser {
-	if in == nil {
-		return nil
-	}
-	out := new(CDBAdminUser)
-	in.DeepCopyInto(out)
-	return out
-}
-
-// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
-func (in *CDBList) DeepCopyInto(out *CDBList) {
-	*out = *in
-	out.TypeMeta = in.TypeMeta
-	in.ListMeta.DeepCopyInto(&out.ListMeta)
-	if in.Items != nil {
-		in, out := &in.Items, &out.Items
-		*out = make([]CDB, len(*in))
-		for i := range *in {
-			(*in)[i].DeepCopyInto(&(*out)[i])
-		}
-	}
-}
-
-// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CDBList.
-func (in *CDBList) DeepCopy() *CDBList {
-	if in == nil {
-		return nil
-	}
-	out := new(CDBList)
-	in.DeepCopyInto(out)
-	return out
-}
-
-// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.
-func (in *CDBList) DeepCopyObject() runtime.Object {
-	if c := in.DeepCopy(); c != nil {
-		return c
-	}
-	return nil
-}
-
-// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
-func (in *CDBPRIVKEY) DeepCopyInto(out *CDBPRIVKEY) {
-	*out = *in
-	out.Secret = in.Secret
-}
-
-// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CDBPRIVKEY.
-func (in *CDBPRIVKEY) DeepCopy() *CDBPRIVKEY {
-	if in == nil {
-		return nil
-	}
-	out := new(CDBPRIVKEY)
-	in.DeepCopyInto(out)
-	return out
-}
-
-// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
-func (in *CDBPUBKEY) DeepCopyInto(out *CDBPUBKEY) {
-	*out = *in
-	out.Secret = in.Secret
-}
-
-// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CDBPUBKEY.
-func (in *CDBPUBKEY) DeepCopy() *CDBPUBKEY {
-	if in == nil {
-		return nil
-	}
-	out := new(CDBPUBKEY)
-	in.DeepCopyInto(out)
-	return out
-}
-
-// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
-func (in *CDBSecret) DeepCopyInto(out *CDBSecret) {
-	*out = *in
-}
-
-// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CDBSecret.
-func (in *CDBSecret) DeepCopy() *CDBSecret {
-	if in == nil {
-		return nil
-	}
-	out := new(CDBSecret)
-	in.DeepCopyInto(out)
-	return out
-}
-
-// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
-func (in *CDBSpec) DeepCopyInto(out *CDBSpec) {
-	*out = *in
-	out.SysAdminPwd = in.SysAdminPwd
-	out.CDBAdminUser = in.CDBAdminUser
-	out.CDBAdminPwd = in.CDBAdminPwd
-	out.CDBTlsKey = in.CDBTlsKey
-	out.CDBTlsCrt = in.CDBTlsCrt
-	out.ORDSPwd = in.ORDSPwd
-	out.WebServerUser = in.WebServerUser
-	out.WebServerPwd = in.WebServerPwd
-	if in.NodeSelector != nil {
-		in, out := &in.NodeSelector, &out.NodeSelector
-		*out = make(map[string]string, len(*in))
-		for key, val := range *in {
-			(*out)[key] = val
-		}
-	}
-	out.CDBPubKey = in.CDBPubKey
-	out.CDBPriKey = in.CDBPriKey
-}
-
-// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CDBSpec.
-func (in *CDBSpec) DeepCopy() *CDBSpec {
-	if in == nil {
-		return nil
-	}
-	out := new(CDBSpec)
-	in.DeepCopyInto(out)
-	return out
-}
-
-// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
-func (in *CDBStatus) DeepCopyInto(out *CDBStatus) {
-	*out = *in
-}
-
-// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CDBStatus.
-func (in *CDBStatus) DeepCopy() *CDBStatus {
-	if in == nil {
-		return nil
-	}
-	out := new(CDBStatus)
-	in.DeepCopyInto(out)
-	return out
-}
-
-// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
-func (in *CDBSysAdminPassword) DeepCopyInto(out *CDBSysAdminPassword) {
-	*out = *in
-	out.Secret = in.Secret
-}
-
-// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CDBSysAdminPassword.
-func (in *CDBSysAdminPassword) DeepCopy() *CDBSysAdminPassword {
-	if in == nil {
-		return nil
-	}
-	out := new(CDBSysAdminPassword)
-	in.DeepCopyInto(out)
-	return out
-}
-
-// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
-func (in *CDBTLSCRT) DeepCopyInto(out *CDBTLSCRT) {
-	*out = *in
-	out.Secret = in.Secret
-}
-
-// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CDBTLSCRT.
-func (in *CDBTLSCRT) DeepCopy() *CDBTLSCRT {
-	if in == nil {
-		return nil
-	}
-	out := new(CDBTLSCRT)
-	in.DeepCopyInto(out)
-	return out
-}
-
-// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
-func (in *CDBTLSKEY) DeepCopyInto(out *CDBTLSKEY) {
-	*out = *in
-	out.Secret = in.Secret
-}
-
-// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CDBTLSKEY.
-func (in *CDBTLSKEY) DeepCopy() *CDBTLSKEY {
-	if in == nil {
-		return nil
-	}
-	out := new(CDBTLSKEY)
-	in.DeepCopyInto(out)
-	return out
-}
-
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
 func (in *CatalogSpec) DeepCopyInto(out *CatalogSpec) {
 	*out = *in
@@ -1703,22 +1470,6 @@ func (in *KMSDetailsStatus) DeepCopy() *KMSDetailsStatus {
 	return out
 }
 
-// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
-func (in *ORDSPassword) DeepCopyInto(out *ORDSPassword) {
-	*out = *in
-	out.Secret = in.Secret
-}
-
-// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ORDSPassword.
-func (in *ORDSPassword) DeepCopy() *ORDSPassword {
-	if in == nil {
-		return nil
-	}
-	out := new(ORDSPassword)
-	in.DeepCopyInto(out)
-	return out
-}
-
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
 func (in *OciAcdSpec) DeepCopyInto(out *OciAcdSpec) {
 	*out = *in
@@ -1742,8 +1493,8 @@ func (in *OciAcdSpec) DeepCopy() *OciAcdSpec {
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
 func (in *OciAdbSpec) DeepCopyInto(out *OciAdbSpec) {
 	*out = *in
-	if in.Ocid != nil {
-		in, out := &in.Ocid, &out.Ocid
+	if in.Id != nil {
+		in, out := &in.Id, &out.Id
 		*out = new(string)
 		**out = **in
 	}
@@ -1987,65 +1738,6 @@ func (in *OracleRestDataServiceStatus) DeepCopy() *OracleRestDataServiceStatus {
 	return out
 }
 
-// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
-func (in *PDB) DeepCopyInto(out *PDB) {
-	*out = *in
-	out.TypeMeta = in.TypeMeta
-	in.ObjectMeta.DeepCopyInto(&out.ObjectMeta)
-	in.Spec.DeepCopyInto(&out.Spec)
-	out.Status = in.Status
-}
-
-// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PDB.
-func (in *PDB) DeepCopy() *PDB {
-	if in == nil {
-		return nil
-	}
-	out := new(PDB)
-	in.DeepCopyInto(out)
-	return out
-}
-
-// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.
-func (in *PDB) DeepCopyObject() runtime.Object {
-	if c := in.DeepCopy(); c != nil {
-		return c
-	}
-	return nil
-}
-
-// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
-func (in *PDBAdminName) DeepCopyInto(out *PDBAdminName) {
-	*out = *in
-	out.Secret = in.Secret
-}
-
-// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PDBAdminName.
-func (in *PDBAdminName) DeepCopy() *PDBAdminName {
-	if in == nil {
-		return nil
-	}
-	out := new(PDBAdminName)
-	in.DeepCopyInto(out)
-	return out
-}
-
-// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
-func (in *PDBAdminPassword) DeepCopyInto(out *PDBAdminPassword) {
-	*out = *in
-	out.Secret = in.Secret
-}
-
-// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PDBAdminPassword.
-func (in *PDBAdminPassword) DeepCopy() *PDBAdminPassword {
-	if in == nil {
-		return nil
-	}
-	out := new(PDBAdminPassword)
-	in.DeepCopyInto(out)
-	return out
-}
-
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
 func (in *PDBConfig) DeepCopyInto(out *PDBConfig) {
 	*out = *in
@@ -2157,204 +1849,6 @@ func (in *PDBDetailsStatus) DeepCopy() *PDBDetailsStatus {
 	return out
 }
 
-// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
-func (in *PDBList) DeepCopyInto(out *PDBList) {
-	*out = *in
-	out.TypeMeta = in.TypeMeta
-	in.ListMeta.DeepCopyInto(&out.ListMeta)
-	if in.Items != nil {
-		in, out := &in.Items, &out.Items
-		*out = make([]PDB, len(*in))
-		for i := range *in {
-			(*in)[i].DeepCopyInto(&(*out)[i])
-		}
-	}
-}
-
-// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PDBList.
-func (in *PDBList) DeepCopy() *PDBList {
-	if in == nil {
-		return nil
-	}
-	out := new(PDBList)
-	in.DeepCopyInto(out)
-	return out
-}
-
-// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.
-func (in *PDBList) DeepCopyObject() runtime.Object {
-	if c := in.DeepCopy(); c != nil {
-		return c
-	}
-	return nil
-}
-
-// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
-func (in *PDBPRIVKEY) DeepCopyInto(out *PDBPRIVKEY) {
-	*out = *in
-	out.Secret = in.Secret
-}
-
-// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PDBPRIVKEY.
-func (in *PDBPRIVKEY) DeepCopy() *PDBPRIVKEY {
-	if in == nil {
-		return nil
-	}
-	out := new(PDBPRIVKEY)
-	in.DeepCopyInto(out)
-	return out
-}
-
-// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
-func (in *PDBPUBKEY) DeepCopyInto(out *PDBPUBKEY) {
-	*out = *in
-	out.Secret = in.Secret
-}
-
-// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PDBPUBKEY.
-func (in *PDBPUBKEY) DeepCopy() *PDBPUBKEY {
-	if in == nil {
-		return nil
-	}
-	out := new(PDBPUBKEY)
-	in.DeepCopyInto(out)
-	return out
-}
-
-// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
-func (in *PDBSecret) DeepCopyInto(out *PDBSecret) {
-	*out = *in
-}
-
-// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PDBSecret.
-func (in *PDBSecret) DeepCopy() *PDBSecret {
-	if in == nil {
-		return nil
-	}
-	out := new(PDBSecret)
-	in.DeepCopyInto(out)
-	return out
-}
-
-// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
-func (in *PDBSpec) DeepCopyInto(out *PDBSpec) {
-	*out = *in
-	out.PDBTlsKey = in.PDBTlsKey
-	out.PDBTlsCrt = in.PDBTlsCrt
-	out.PDBTlsCat = in.PDBTlsCat
-	out.AdminName = in.AdminName
-	out.AdminPwd = in.AdminPwd
-	out.WebServerUsr = in.WebServerUsr
-	out.WebServerPwd = in.WebServerPwd
-	if in.ReuseTempFile != nil {
-		in, out := &in.ReuseTempFile, &out.ReuseTempFile
-		*out = new(bool)
-		**out = **in
-	}
-	if in.UnlimitedStorage != nil {
-		in, out := &in.UnlimitedStorage, &out.UnlimitedStorage
-		*out = new(bool)
-		**out = **in
-	}
-	if in.AsClone != nil {
-		in, out := &in.AsClone, &out.AsClone
-		*out = new(bool)
-		**out = **in
-	}
-	if in.TDEImport != nil {
-		in, out := &in.TDEImport, &out.TDEImport
-		*out = new(bool)
-		**out = **in
-	}
-	if in.TDEExport != nil {
-		in, out := &in.TDEExport, &out.TDEExport
-		*out = new(bool)
-		**out = **in
-	}
-	out.TDEPassword = in.TDEPassword
-	out.TDESecret = in.TDESecret
-	if in.GetScript != nil {
-		in, out := &in.GetScript, &out.GetScript
-		*out = new(bool)
-		**out = **in
-	}
-	out.PDBPubKey = in.PDBPubKey
-	out.PDBPriKey = in.PDBPriKey
-}
-
-// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PDBSpec.
-func (in *PDBSpec) DeepCopy() *PDBSpec {
-	if in == nil {
-		return nil
-	}
-	out := new(PDBSpec)
-	in.DeepCopyInto(out)
-	return out
-}
-
-// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
-func (in *PDBStatus) DeepCopyInto(out *PDBStatus) {
-	*out = *in
-}
-
-// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PDBStatus.
-func (in *PDBStatus) DeepCopy() *PDBStatus {
-	if in == nil {
-		return nil
-	}
-	out := new(PDBStatus)
-	in.DeepCopyInto(out)
-	return out
-}
-
-// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
-func (in *PDBTLSCAT) DeepCopyInto(out *PDBTLSCAT) {
-	*out = *in
-	out.Secret = in.Secret
-}
-
-// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PDBTLSCAT.
-func (in *PDBTLSCAT) DeepCopy() *PDBTLSCAT {
-	if in == nil {
-		return nil
-	}
-	out := new(PDBTLSCAT)
-	in.DeepCopyInto(out)
-	return out
-}
-
-// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
-func (in *PDBTLSCRT) DeepCopyInto(out *PDBTLSCRT) {
-	*out = *in
-	out.Secret = in.Secret
-}
-
-// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PDBTLSCRT.
-func (in *PDBTLSCRT) DeepCopy() *PDBTLSCRT {
-	if in == nil {
-		return nil
-	}
-	out := new(PDBTLSCRT)
-	in.DeepCopyInto(out)
-	return out
-}
-
-// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
-func (in *PDBTLSKEY) DeepCopyInto(out *PDBTLSKEY) {
-	*out = *in
-	out.Secret = in.Secret
-}
-
-// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PDBTLSKEY.
-func (in *PDBTLSKEY) DeepCopy() *PDBTLSKEY {
-	if in == nil {
-		return nil
-	}
-	out := new(PDBTLSKEY)
-	in.DeepCopyInto(out)
-	return out
-}
-
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
 func (in *PasswordSpec) DeepCopyInto(out *PasswordSpec) {
 	*out = *in
@@ -2920,38 +2414,6 @@ func (in *SourceSpec) DeepCopy() *SourceSpec {
 	return out
 }
 
-// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
-func (in *TDEPwd) DeepCopyInto(out *TDEPwd) {
-	*out = *in
-	out.Secret = in.Secret
-}
-
-// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new TDEPwd.
-func (in *TDEPwd) DeepCopy() *TDEPwd {
-	if in == nil {
-		return nil
-	}
-	out := new(TDEPwd)
-	in.DeepCopyInto(out)
-	return out
-}
-
-// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
-func (in *TDESecret) DeepCopyInto(out *TDESecret) {
-	*out = *in
-	out.Secret = in.Secret
-}
-
-// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new TDESecret.
-func (in *TDESecret) DeepCopy() *TDESecret {
-	if in == nil {
-		return nil
-	}
-	out := new(TDESecret)
-	in.DeepCopyInto(out)
-	return out
-}
-
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
 func (in *TargetSpec) DeepCopyInto(out *TargetSpec) {
 	*out = *in
@@ -3024,67 +2486,3 @@ func (in *WalletSpec) DeepCopy() *WalletSpec {
 	in.DeepCopyInto(out)
 	return out
 }
-
-// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
-func (in *WebServerPassword) DeepCopyInto(out *WebServerPassword) {
-	*out = *in
-	out.Secret = in.Secret
-}
-
-// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new WebServerPassword.
-func (in *WebServerPassword) DeepCopy() *WebServerPassword {
-	if in == nil {
-		return nil
-	}
-	out := new(WebServerPassword)
-	in.DeepCopyInto(out)
-	return out
-}
-
-// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
-func (in *WebServerPasswordPDB) DeepCopyInto(out *WebServerPasswordPDB) {
-	*out = *in
-	out.Secret = in.Secret
-}
-
-// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new WebServerPasswordPDB.
-func (in *WebServerPasswordPDB) DeepCopy() *WebServerPasswordPDB {
-	if in == nil {
-		return nil
-	}
-	out := new(WebServerPasswordPDB)
-	in.DeepCopyInto(out)
-	return out
-}
-
-// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
-func (in *WebServerUser) DeepCopyInto(out *WebServerUser) {
-	*out = *in
-	out.Secret = in.Secret
-}
-
-// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new WebServerUser.
-func (in *WebServerUser) DeepCopy() *WebServerUser {
-	if in == nil {
-		return nil
-	}
-	out := new(WebServerUser)
-	in.DeepCopyInto(out)
-	return out
-}
-
-// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
-func (in *WebServerUserPDB) DeepCopyInto(out *WebServerUserPDB) {
-	*out = *in
-	out.Secret = in.Secret
-}
-
-// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new WebServerUserPDB.
-func (in *WebServerUserPDB) DeepCopy() *WebServerUserPDB {
-	if in == nil {
-		return nil
-	}
-	out := new(WebServerUserPDB)
-	in.DeepCopyInto(out)
-	return out
-}
diff --git a/apis/database/v4/adbfamily_common_spec.go b/apis/database/v4/adbfamily_common_spec.go
index 87434852..57b80352 100644
--- a/apis/database/v4/adbfamily_common_spec.go
+++ b/apis/database/v4/adbfamily_common_spec.go
@@ -57,11 +57,11 @@ type K8sAdbSpec struct {
 }
 
 type OciAdbSpec struct {
-	OCID *string `json:"ocid,omitempty"`
+	Id *string `json:"id,omitempty"`
 }
 
 // TargetSpec defines the spec of the target for backup/restore runs.
 type TargetSpec struct {
-	K8sAdb K8sAdbSpec `json:"k8sADB,omitempty"`
-	OciAdb OciAdbSpec `json:"ociADB,omitempty"`
+	K8sAdb K8sAdbSpec `json:"k8sAdb,omitempty"`
+	OciAdb OciAdbSpec `json:"ociAdb,omitempty"`
 }
diff --git a/apis/database/v4/autonomouscontainerdatabase_webhook.go b/apis/database/v4/autonomouscontainerdatabase_webhook.go
index 9fcb9d8b..1cd8b2b4 100644
--- a/apis/database/v4/autonomouscontainerdatabase_webhook.go
+++ b/apis/database/v4/autonomouscontainerdatabase_webhook.go
@@ -39,6 +39,8 @@
 package v4
 
 import (
+	"context"
+
 	apierrors "k8s.io/apimachinery/pkg/api/errors"
 	"k8s.io/apimachinery/pkg/runtime"
 	"k8s.io/apimachinery/pkg/runtime/schema"
@@ -55,39 +57,42 @@ var autonomouscontainerdatabaselog = logf.Log.WithName("autonomouscontainerdatab
 func (r *AutonomousContainerDatabase) SetupWebhookWithManager(mgr ctrl.Manager) error {
 	return ctrl.NewWebhookManagedBy(mgr).
 		For(r).
+		WithValidator(r).
 		Complete()
 }
 
 //+kubebuilder:webhook:verbs=create;update,path=/validate-database-oracle-com-v4-autonomouscontainerdatabase,mutating=false,failurePolicy=fail,sideEffects=None,groups=database.oracle.com,resources=autonomouscontainerdatabases,versions=v4,name=vautonomouscontainerdatabasev4.kb.io,admissionReviewVersions=v1
 
-var _ webhook.Validator = &AutonomousContainerDatabase{}
+var _ webhook.CustomValidator = &AutonomousContainerDatabase{}
 
 // ValidateCreate implements webhook.Validator so a webhook will be registered for the type
-func (r *AutonomousContainerDatabase) ValidateCreate() (admission.Warnings, error) {
-	autonomouscontainerdatabaselog.Info("validate create", "name", r.Name)
+func (r *AutonomousContainerDatabase) ValidateCreate(ctx context.Context, obj runtime.Object) (admission.Warnings, error) {
 	return nil, nil
 }
 
 // ValidateUpdate implements webhook.Validator so a webhook will be registered for the type
-func (r *AutonomousContainerDatabase) ValidateUpdate(old runtime.Object) (admission.Warnings, error) {
-	var allErrs field.ErrorList
-	var oldACD *AutonomousContainerDatabase = old.(*AutonomousContainerDatabase)
+func (r *AutonomousContainerDatabase) ValidateUpdate(ctx context.Context, oldObj, newObj runtime.Object) (admission.Warnings, error) {
+	var (
+		allErrs field.ErrorList
+		oldAcd  *AutonomousContainerDatabase = oldObj.(*AutonomousContainerDatabase)
+		newAcd  *AutonomousContainerDatabase = newObj.(*AutonomousContainerDatabase)
+	)
 
-	autonomouscontainerdatabaselog.Info("validate update", "name", r.Name)
+	autonomouscontainerdatabaselog.Info("validate update", "name", newAcd.Name)
 
 	// skip the update of adding ADB OCID or binding
-	if oldACD.Status.LifecycleState == "" {
+	if oldAcd.Status.LifecycleState == "" {
 		return nil, nil
 	}
 
 	// cannot update when the old state is in intermediate state, except for the terminate operatrion
-	var copiedSpec *AutonomousContainerDatabaseSpec = r.Spec.DeepCopy()
-	changed, err := RemoveUnchangedFields(oldACD.Spec, copiedSpec)
+	var copiedSpec *AutonomousContainerDatabaseSpec = newAcd.Spec.DeepCopy()
+	changed, err := RemoveUnchangedFields(oldAcd.Spec, copiedSpec)
 	if err != nil {
 		allErrs = append(allErrs,
 			field.Forbidden(field.NewPath("spec"), err.Error()))
 	}
-	if IsACDIntermediateState(oldACD.Status.LifecycleState) && changed {
+	if IsACDIntermediateState(oldAcd.Status.LifecycleState) && changed {
 		allErrs = append(allErrs,
 			field.Forbidden(field.NewPath("spec"),
 				"cannot change the spec when the lifecycleState is in an intermdeiate state"))
@@ -98,13 +103,10 @@ func (r *AutonomousContainerDatabase) ValidateUpdate(old runtime.Object) (admiss
 	}
 	return nil, apierrors.NewInvalid(
 		schema.GroupKind{Group: "database.oracle.com", Kind: "AutonomousContainerDatabase"},
-		r.Name, allErrs)
+		newAcd.Name, allErrs)
 }
 
 // ValidateDelete implements webhook.Validator so a webhook will be registered for the type
-func (r *AutonomousContainerDatabase) ValidateDelete() (admission.Warnings, error) {
-	autonomouscontainerdatabaselog.Info("validate delete", "name", r.Name)
-
-	// TODO(user): fill in your validation logic upon object deletion.
+func (r *AutonomousContainerDatabase) ValidateDelete(context.Context, runtime.Object) (admission.Warnings, error) {
 	return nil, nil
 }
diff --git a/apis/database/v4/autonomousdatabase_types.go b/apis/database/v4/autonomousdatabase_types.go
index 628dd882..6643e55c 100644
--- a/apis/database/v4/autonomousdatabase_types.go
+++ b/apis/database/v4/autonomousdatabase_types.go
@@ -52,7 +52,7 @@ import (
 // AutonomousDatabaseSpec defines the desired state of AutonomousDatabase
 // Important: Run "make" to regenerate code after modifying this file
 type AutonomousDatabaseSpec struct {
-	// +kubebuilder:validation:Enum:="";Create;Sync;Update;Stop;Start;Terminate;Clone
+	// +kubebuilder:validation:Enum:="";Create;Sync;Update;Stop;Start;Terminate;Clone;Switchover;Failover
 	Action    string                    `json:"action"`
 	Details   AutonomousDatabaseDetails `json:"details,omitempty"`
 	Clone     AutonomousDatabaseClone   `json:"clone,omitempty"`
@@ -197,7 +197,7 @@ type ConnectionStringSpec struct {
 // +kubebuilder:printcolumn:JSONPath=".spec.details.dbName",name="Db Name",type=string
 // +kubebuilder:printcolumn:JSONPath=".status.lifecycleState",name="State",type=string
 // +kubebuilder:printcolumn:JSONPath=".spec.details.isDedicated",name="Dedicated",type=string
-// +kubebuilder:printcolumn:JSONPath=".spec.details.cpuCoreCount",name="OCPUs",type=integer
+// +kubebuilder:printcolumn:JSONPath=".spec.details.computeCount",name="Compute Count",type=number
 // +kubebuilder:printcolumn:JSONPath=".spec.details.dataStorageSizeInTBs",name="Storage (TB)",type=integer
 // +kubebuilder:printcolumn:JSONPath=".spec.details.dbWorkload",name="Workload Type",type=string
 // +kubebuilder:printcolumn:JSONPath=".status.timeCreated",name="Created",type=string
diff --git a/apis/database/v4/autonomousdatabase_webhook.go b/apis/database/v4/autonomousdatabase_webhook.go
index f7eb60aa..d925fd12 100644
--- a/apis/database/v4/autonomousdatabase_webhook.go
+++ b/apis/database/v4/autonomousdatabase_webhook.go
@@ -39,6 +39,8 @@
 package v4
 
 import (
+	"context"
+
 	dbcommons "github.com/oracle/oracle-database-operator/commons/database"
 	apierrors "k8s.io/apimachinery/pkg/api/errors"
 	"k8s.io/apimachinery/pkg/runtime"
@@ -56,28 +58,32 @@ var autonomousdatabaselog = logf.Log.WithName("autonomousdatabase-resource")
 func (r *AutonomousDatabase) SetupWebhookWithManager(mgr ctrl.Manager) error {
 	return ctrl.NewWebhookManagedBy(mgr).
 		For(r).
+		WithValidator(r).
 		Complete()
 }
 
 // +kubebuilder:webhook:verbs=create;update,path=/validate-database-oracle-com-v4-autonomousdatabase,mutating=false,failurePolicy=fail,sideEffects=None,groups=database.oracle.com,resources=autonomousdatabases,versions=v4,name=vautonomousdatabasev4.kb.io,admissionReviewVersions=v1
-var _ webhook.Validator = &AutonomousDatabase{}
+
+var _ webhook.CustomValidator = &AutonomousDatabase{}
 
 // ValidateCreate implements webhook.Validator so a webhook will be registered for the type
 // ValidateCreate checks if the spec is valid for a provisioning or a binding operation
-func (r *AutonomousDatabase) ValidateCreate() (admission.Warnings, error) {
+func (r *AutonomousDatabase) ValidateCreate(ctx context.Context, obj runtime.Object) (admission.Warnings, error) {
 	var allErrs field.ErrorList
 
-	autonomousdatabaselog.Info("validate create", "name", r.Name)
+	adb := obj.(*AutonomousDatabase)
+
+	autonomousdatabaselog.Info("validate create", "name", adb.Name)
 
 	namespaces := dbcommons.GetWatchNamespaces()
 	_, hasEmptyString := namespaces[""]
 	isClusterScoped := len(namespaces) == 1 && hasEmptyString
 	if !isClusterScoped {
-		_, containsNamespace := namespaces[r.Namespace]
+		_, containsNamespace := namespaces[adb.Namespace]
 		// Check if the allowed namespaces maps contains the required namespace
 		if len(namespaces) != 0 && !containsNamespace {
 			allErrs = append(allErrs,
-				field.Invalid(field.NewPath("metadata").Child("namespace"), r.Namespace,
+				field.Invalid(field.NewPath("metadata").Child("namespace"), adb.Namespace,
 					"Oracle database operator doesn't watch over this namespace"))
 		}
 	}
@@ -87,47 +93,17 @@ func (r *AutonomousDatabase) ValidateCreate() (admission.Warnings, error) {
 	}
 	return nil, apierrors.NewInvalid(
 		schema.GroupKind{Group: "database.oracle.com", Kind: "AutonomousDatabase"},
-		r.Name, allErrs)
+		adb.Name, allErrs)
 }
 
 // ValidateUpdate implements webhook.Validator so a webhook will be registered for the type
-func (r *AutonomousDatabase) ValidateUpdate(old runtime.Object) (admission.Warnings, error) {
-	var allErrs field.ErrorList
-	var oldADB *AutonomousDatabase = old.(*AutonomousDatabase)
-
-	autonomousdatabaselog.Info("validate update", "name", r.Name)
-
-	// skip the verification of adding ADB OCID or binding
-	// if oldADB.Status.LifecycleState == "" {
-	// 	return nil, nil
-	// }
-
-	// cannot update when the old state is in intermediate, except for the change to the hardLink or the terminate operatrion during valid lifecycleState
-	// var copySpec *AutonomousDatabaseSpec = r.Spec.DeepCopy()
-	// specChanged, err := RemoveUnchangedFields(oldADB.Spec, copySpec)
-	// if err != nil {
-	// 	allErrs = append(allErrs,
-	// 		field.Forbidden(field.NewPath("spec"), err.Error()))
-	// }
+func (r *AutonomousDatabase) ValidateUpdate(ctx context.Context, oldObj, newObj runtime.Object) (admission.Warnings, error) {
+	var (
+		allErrs field.ErrorList
+		newAdb  = newObj.(*AutonomousDatabase)
+	)
 
-	// hardLinkChanged := copySpec.HardLink != nil
-
-	// isTerminateOp := CanBeTerminated(oldADB.Status.LifecycleState) && copySpec.Action == "Terminate"
-
-	// if specChanged && IsAdbIntermediateState(oldADB.Status.LifecycleState) && !isTerminateOp && !hardLinkChanged {
-	// 	allErrs = append(allErrs,
-	// 		field.Forbidden(field.NewPath("spec"),
-	// 			"cannot change the spec when the lifecycleState is in an intermdeiate state"))
-	// }
-
-	// cannot modify autonomousDatabaseOCID
-	if r.Spec.Details.Id != nil &&
-		oldADB.Spec.Details.Id != nil &&
-		*r.Spec.Details.Id != *oldADB.Spec.Details.Id {
-		allErrs = append(allErrs,
-			field.Forbidden(field.NewPath("spec").Child("details").Child("autonomousDatabaseOCID"),
-				"autonomousDatabaseOCID cannot be modified"))
-	}
+	autonomousdatabaselog.Info("validate update", "name", newAdb.Name)
 
 	allErrs = validateCommon(r, allErrs)
 
@@ -136,7 +112,7 @@ func (r *AutonomousDatabase) ValidateUpdate(old runtime.Object) (admission.Warni
 	}
 	return nil, apierrors.NewInvalid(
 		schema.GroupKind{Group: "database.oracle.com", Kind: "AutonomousDatabase"},
-		r.Name, allErrs)
+		newAdb.Name, allErrs)
 }
 
 func validateCommon(adb *AutonomousDatabase, allErrs field.ErrorList) field.ErrorList {
@@ -149,7 +125,7 @@ func validateCommon(adb *AutonomousDatabase, allErrs field.ErrorList) field.Erro
 
 	if adb.Spec.Wallet.Password.K8sSecret.Name != nil && adb.Spec.Wallet.Password.OciSecret.Id != nil {
 		allErrs = append(allErrs,
-			field.Forbidden(field.NewPath("spec").Child("details").Child("wallet").Child("password"),
+			field.Forbidden(field.NewPath("spec").Child("wallet").Child("password"),
 				"cannot apply k8sSecret.name and ociSecret.ocid at the same time"))
 	}
 
@@ -157,14 +133,6 @@ func validateCommon(adb *AutonomousDatabase, allErrs field.ErrorList) field.Erro
 }
 
 // ValidateDelete implements webhook.Validator so a webhook will be registered for the type
-func (r *AutonomousDatabase) ValidateDelete() (admission.Warnings, error) {
-	autonomousdatabaselog.Info("validate delete", "name", r.Name)
+func (r *AutonomousDatabase) ValidateDelete(ctx context.Context, obj runtime.Object) (admission.Warnings, error) {
 	return nil, nil
 }
-
-// Returns true if AutonomousContainerDatabaseOCID has value.
-// We don't use Details.IsDedicated because the parameter might be null when it's a provision operation.
-func isDedicated(adb *AutonomousDatabase) bool {
-	return adb.Spec.Details.AutonomousContainerDatabase.K8sAcd.Name != nil ||
-		adb.Spec.Details.AutonomousContainerDatabase.OciAcd.Id != nil
-}
diff --git a/apis/database/v4/autonomousdatabasebackup_types.go b/apis/database/v4/autonomousdatabasebackup_types.go
index 925256c0..c38c079b 100644
--- a/apis/database/v4/autonomousdatabasebackup_types.go
+++ b/apis/database/v4/autonomousdatabasebackup_types.go
@@ -108,7 +108,7 @@ func init() {
 // Implement conversion.Hub interface, which means any resource version can convert into v4
 func (*AutonomousDatabaseBackup) Hub() {}
 
-func (b *AutonomousDatabaseBackup) UpdateStatusFromOCIBackup(ociBackup database.AutonomousDatabaseBackup, ociADB database.AutonomousDatabase) {
+func (b *AutonomousDatabaseBackup) UpdateStatusFromOCIBackup(ociBackup database.AutonomousDatabaseBackup, ociAdb database.AutonomousDatabase) {
 	b.Status.AutonomousDatabaseOCID = *ociBackup.AutonomousDatabaseId
 	b.Status.CompartmentOCID = *ociBackup.CompartmentId
 	b.Status.Type = ociBackup.Type
@@ -119,8 +119,8 @@ func (b *AutonomousDatabaseBackup) UpdateStatusFromOCIBackup(ociBackup database.
 	b.Status.TimeStarted = FormatSDKTime(ociBackup.TimeStarted)
 	b.Status.TimeEnded = FormatSDKTime(ociBackup.TimeEnded)
 
-	b.Status.DBDisplayName = *ociADB.DisplayName
-	b.Status.DBName = *ociADB.DbName
+	b.Status.DBDisplayName = *ociAdb.DisplayName
+	b.Status.DBName = *ociAdb.DbName
 }
 
 // GetTimeEnded returns the status.timeEnded in SDKTime format
diff --git a/apis/database/v4/autonomousdatabasebackup_webhook.go b/apis/database/v4/autonomousdatabasebackup_webhook.go
index 7858adce..345d186a 100644
--- a/apis/database/v4/autonomousdatabasebackup_webhook.go
+++ b/apis/database/v4/autonomousdatabasebackup_webhook.go
@@ -39,6 +39,8 @@
 package v4
 
 import (
+	"context"
+
 	dbcommons "github.com/oracle/oracle-database-operator/commons/database"
 	apierrors "k8s.io/apimachinery/pkg/api/errors"
 	"k8s.io/apimachinery/pkg/runtime"
@@ -56,25 +58,20 @@ var autonomousdatabasebackuplog = logf.Log.WithName("autonomousdatabasebackup-re
 func (r *AutonomousDatabaseBackup) SetupWebhookWithManager(mgr ctrl.Manager) error {
 	return ctrl.NewWebhookManagedBy(mgr).
 		For(r).
+		WithValidator(r).
+		WithValidator(r).
 		Complete()
 }
 
-//+kubebuilder:webhook:path=/mutate-database-oracle-com-v4-autonomousdatabasebackup,mutating=true,failurePolicy=fail,sideEffects=None,groups=database.oracle.com,resources=autonomousdatabasebackups,verbs=create;update,versions=v4,name=mautonomousdatabasebackupv4.kb.io,admissionReviewVersions=v1
-
-var _ webhook.Defaulter = &AutonomousDatabaseBackup{}
-
-// Default implements webhook.Defaulter so a webhook will be registered for the type
-func (r *AutonomousDatabaseBackup) Default() {
-	autonomousdatabasebackuplog.Info("default", "name", r.Name)
-}
-
 //+kubebuilder:webhook:verbs=create;update,path=/validate-database-oracle-com-v4-autonomousdatabasebackup,mutating=false,failurePolicy=fail,sideEffects=None,groups=database.oracle.com,resources=autonomousdatabasebackups,versions=v4,name=vautonomousdatabasebackupv4.kb.io,admissionReviewVersions=v1
 
-var _ webhook.Validator = &AutonomousDatabaseBackup{}
+var _ webhook.CustomValidator = &AutonomousDatabaseBackup{}
 
 // ValidateCreate implements webhook.Validator so a webhook will be registered for the type
-func (r *AutonomousDatabaseBackup) ValidateCreate() (admission.Warnings, error) {
-	autonomousdatabasebackuplog.Info("validate create", "name", r.Name)
+func (r *AutonomousDatabaseBackup) ValidateCreate(ctx context.Context, obj runtime.Object) (admission.Warnings, error) {
+	backup := obj.(*AutonomousDatabaseBackup)
+
+	autonomousdatabasebackuplog.Info("validate create", "name", backup.Name)
 
 	var allErrs field.ErrorList
 
@@ -82,61 +79,59 @@ func (r *AutonomousDatabaseBackup) ValidateCreate() (admission.Warnings, error)
 	_, hasEmptyString := namespaces[""]
 	isClusterScoped := len(namespaces) == 1 && hasEmptyString
 	if !isClusterScoped {
-		_, containsNamespace := namespaces[r.Namespace]
+		_, containsNamespace := namespaces[backup.Namespace]
 		// Check if the allowed namespaces maps contains the required namespace
 		if len(namespaces) != 0 && !containsNamespace {
 			allErrs = append(allErrs,
-				field.Invalid(field.NewPath("metadata").Child("namespace"), r.Namespace,
+				field.Invalid(field.NewPath("metadata").Child("namespace"), backup.Namespace,
 					"Oracle database operator doesn't watch over this namespace"))
 		}
 	}
 
-	if r.Spec.Target.K8sAdb.Name == nil && r.Spec.Target.OciAdb.OCID == nil {
+	if backup.Spec.Target.K8sAdb.Name == nil && backup.Spec.Target.OciAdb.Id == nil {
 		allErrs = append(allErrs,
 			field.Forbidden(field.NewPath("spec").Child("target"), "target ADB is empty"))
 	}
 
-	if r.Spec.Target.K8sAdb.Name != nil && r.Spec.Target.OciAdb.OCID != nil {
-		allErrs = append(allErrs,
-			field.Forbidden(field.NewPath("spec").Child("target"), "specify either k8sADB or ociADB, but not both"))
-	}
-
 	if len(allErrs) == 0 {
 		return nil, nil
 	}
 	return nil, apierrors.NewInvalid(
 		schema.GroupKind{Group: "database.oracle.com", Kind: "AutonomousDatabaseBackup"},
-		r.Name, allErrs)
+		backup.Name, allErrs)
 }
 
 // ValidateUpdate implements webhook.Validator so a webhook will be registered for the type
-func (r *AutonomousDatabaseBackup) ValidateUpdate(old runtime.Object) (admission.Warnings, error) {
-	autonomousdatabasebackuplog.Info("validate update", "name", r.Name)
+func (r *AutonomousDatabaseBackup) ValidateUpdate(ctx context.Context, oldObj, newObj runtime.Object) (admission.Warnings, error) {
+	var (
+		allErrs   field.ErrorList
+		oldBackup = oldObj.(*AutonomousDatabaseBackup)
+		newBackup = oldObj.(*AutonomousDatabaseBackup)
+	)
 
-	var allErrs field.ErrorList
-	oldBackup := old.(*AutonomousDatabaseBackup)
+	autonomousdatabasebackuplog.Info("validate update", "name", newBackup.Name)
 
-	if oldBackup.Spec.AutonomousDatabaseBackupOCID != nil && r.Spec.AutonomousDatabaseBackupOCID != nil &&
-		*oldBackup.Spec.AutonomousDatabaseBackupOCID != *r.Spec.AutonomousDatabaseBackupOCID {
+	if oldBackup.Spec.AutonomousDatabaseBackupOCID != nil && newBackup.Spec.AutonomousDatabaseBackupOCID != nil &&
+		*oldBackup.Spec.AutonomousDatabaseBackupOCID != *newBackup.Spec.AutonomousDatabaseBackupOCID {
 		allErrs = append(allErrs,
 			field.Forbidden(field.NewPath("spec").Child("autonomousDatabaseBackupOCID"),
 				"cannot assign a new autonomousDatabaseBackupOCID to this backup"))
 	}
 
-	if oldBackup.Spec.Target.K8sAdb.Name != nil && r.Spec.Target.K8sAdb.Name != nil &&
-		*oldBackup.Spec.Target.K8sAdb.Name != *r.Spec.Target.K8sAdb.Name {
+	if oldBackup.Spec.Target.K8sAdb.Name != nil && newBackup.Spec.Target.K8sAdb.Name != nil &&
+		*oldBackup.Spec.Target.K8sAdb.Name != *newBackup.Spec.Target.K8sAdb.Name {
 		allErrs = append(allErrs,
-			field.Forbidden(field.NewPath("spec").Child("target").Child("k8sADB").Child("name"), "cannot assign a new name to the target"))
+			field.Forbidden(field.NewPath("spec").Child("target").Child("k8sAdb").Child("name"), "cannot assign a new name to the target"))
 	}
 
-	if oldBackup.Spec.Target.OciAdb.OCID != nil && r.Spec.Target.OciAdb.OCID != nil &&
-		*oldBackup.Spec.Target.OciAdb.OCID != *r.Spec.Target.OciAdb.OCID {
+	if oldBackup.Spec.Target.OciAdb.Id != nil && newBackup.Spec.Target.OciAdb.Id != nil &&
+		*oldBackup.Spec.Target.OciAdb.Id != *newBackup.Spec.Target.OciAdb.Id {
 		allErrs = append(allErrs,
 			field.Forbidden(field.NewPath("spec").Child("target").Child("ociADB").Child("ocid"), "cannot assign a new ocid to the target"))
 	}
 
-	if oldBackup.Spec.DisplayName != nil && r.Spec.DisplayName != nil &&
-		*oldBackup.Spec.DisplayName != *r.Spec.DisplayName {
+	if oldBackup.Spec.DisplayName != nil && newBackup.Spec.DisplayName != nil &&
+		*oldBackup.Spec.DisplayName != *newBackup.Spec.DisplayName {
 		allErrs = append(allErrs,
 			field.Forbidden(field.NewPath("spec").Child("displayName"), "cannot assign a new displayName to this backup"))
 	}
@@ -146,13 +141,10 @@ func (r *AutonomousDatabaseBackup) ValidateUpdate(old runtime.Object) (admission
 	}
 	return nil, apierrors.NewInvalid(
 		schema.GroupKind{Group: "database.oracle.com", Kind: "AutonomousDatabaseBackup"},
-		r.Name, allErrs)
+		newBackup.Name, allErrs)
 }
 
 // ValidateDelete implements webhook.Validator so a webhook will be registered for the type
-func (r *AutonomousDatabaseBackup) ValidateDelete() (admission.Warnings, error) {
-	autonomousdatabasebackuplog.Info("validate delete", "name", r.Name)
-
-	// TODO(user): fill in your validation logic upon object deletion.
+func (r *AutonomousDatabaseBackup) ValidateDelete(context.Context, runtime.Object) (admission.Warnings, error) {
 	return nil, nil
 }
diff --git a/apis/database/v4/autonomousdatabaserestore_types.go b/apis/database/v4/autonomousdatabaserestore_types.go
index 3337c983..f88b7f79 100644
--- a/apis/database/v4/autonomousdatabaserestore_types.go
+++ b/apis/database/v4/autonomousdatabaserestore_types.go
@@ -50,7 +50,7 @@ import (
 
 // EDIT THIS FILE!  THIS IS SCAFFOLDING FOR YOU TO OWN!
 // NOTE: json tags are required.  Any new fields you add must have json tags for the fields to be serialized.
-type K8sADBBackupSpec struct {
+type K8sAdbBackupSpec struct {
 	Name *string `json:"name,omitempty"`
 }
 
@@ -60,7 +60,7 @@ type PITSpec struct {
 }
 
 type SourceSpec struct {
-	K8sAdbBackup K8sADBBackupSpec `json:"k8sADBBackup,omitempty"`
+	K8sAdbBackup K8sAdbBackupSpec `json:"k8sAdbBackup,omitempty"`
 	PointInTime  PITSpec          `json:"pointInTime,omitempty"`
 }
 
diff --git a/apis/database/v4/autonomousdatabaserestore_webhook.go b/apis/database/v4/autonomousdatabaserestore_webhook.go
index 6e3b4656..0df1288d 100644
--- a/apis/database/v4/autonomousdatabaserestore_webhook.go
+++ b/apis/database/v4/autonomousdatabaserestore_webhook.go
@@ -39,6 +39,8 @@
 package v4
 
 import (
+	"context"
+
 	dbcommons "github.com/oracle/oracle-database-operator/commons/database"
 	apierrors "k8s.io/apimachinery/pkg/api/errors"
 	"k8s.io/apimachinery/pkg/runtime"
@@ -56,59 +58,64 @@ var autonomousdatabaserestorelog = logf.Log.WithName("autonomousdatabaserestore-
 func (r *AutonomousDatabaseRestore) SetupWebhookWithManager(mgr ctrl.Manager) error {
 	return ctrl.NewWebhookManagedBy(mgr).
 		For(r).
+		WithValidator(r).
+		WithValidator(r).
 		Complete()
 }
 
 //+kubebuilder:webhook:verbs=create;update,path=/validate-database-oracle-com-v4-autonomousdatabaserestore,mutating=false,failurePolicy=fail,sideEffects=None,groups=database.oracle.com,resources=autonomousdatabaserestores,versions=v4,name=vautonomousdatabaserestorev4.kb.io,admissionReviewVersions=v1
 
-var _ webhook.Validator = &AutonomousDatabaseRestore{}
+var _ webhook.CustomValidator = &AutonomousDatabaseRestore{}
 
 // ValidateCreate implements webhook.Validator so a webhook will be registered for the type
-func (r *AutonomousDatabaseRestore) ValidateCreate() (admission.Warnings, error) {
-	autonomousdatabaserestorelog.Info("validate create", "name", r.Name)
+func (r *AutonomousDatabaseRestore) ValidateCreate(ctx context.Context, obj runtime.Object) (admission.Warnings, error) {
+	var (
+		allErrs field.ErrorList
+		restore = obj.(*AutonomousDatabaseRestore)
+	)
 
-	var allErrs field.ErrorList
+	autonomousdatabaserestorelog.Info("validate create", "name", restore.Name)
 
 	namespaces := dbcommons.GetWatchNamespaces()
 	_, hasEmptyString := namespaces[""]
 	isClusterScoped := len(namespaces) == 1 && hasEmptyString
 	if !isClusterScoped {
-		_, containsNamespace := namespaces[r.Namespace]
+		_, containsNamespace := namespaces[restore.Namespace]
 		// Check if the allowed namespaces maps contains the required namespace
 		if len(namespaces) != 0 && !containsNamespace {
 			allErrs = append(allErrs,
-				field.Invalid(field.NewPath("metadata").Child("namespace"), r.Namespace,
+				field.Invalid(field.NewPath("metadata").Child("namespace"), restore.Namespace,
 					"Oracle database operator doesn't watch over this namespace"))
 		}
 	}
 
 	// Validate the target ADB
-	if r.Spec.Target.K8sAdb.Name == nil && r.Spec.Target.OciAdb.OCID == nil {
+	if restore.Spec.Target.K8sAdb.Name == nil && restore.Spec.Target.OciAdb.Id == nil {
 		allErrs = append(allErrs,
 			field.Forbidden(field.NewPath("spec").Child("target"), "target ADB is empty"))
 	}
 
-	if r.Spec.Target.K8sAdb.Name != nil && r.Spec.Target.OciAdb.OCID != nil {
+	if restore.Spec.Target.K8sAdb.Name != nil && restore.Spec.Target.OciAdb.Id != nil {
 		allErrs = append(allErrs,
-			field.Forbidden(field.NewPath("spec").Child("target"), "specify either k8sADB.name or ociADB.ocid, but not both"))
+			field.Forbidden(field.NewPath("spec").Child("target"), "specify either k8sAdb.name or ociAdb.id, but not both"))
 	}
 
 	// Validate the restore source
-	if r.Spec.Source.K8sAdbBackup.Name == nil &&
-		r.Spec.Source.PointInTime.Timestamp == nil {
+	if restore.Spec.Source.K8sAdbBackup.Name == nil &&
+		restore.Spec.Source.PointInTime.Timestamp == nil {
 		allErrs = append(allErrs,
 			field.Forbidden(field.NewPath("spec").Child("source"), "retore source is empty"))
 	}
 
-	if r.Spec.Source.K8sAdbBackup.Name != nil &&
-		r.Spec.Source.PointInTime.Timestamp != nil {
+	if restore.Spec.Source.K8sAdbBackup.Name != nil &&
+		restore.Spec.Source.PointInTime.Timestamp != nil {
 		allErrs = append(allErrs,
 			field.Forbidden(field.NewPath("spec").Child("source"), "cannot apply backupName and the PITR parameters at the same time"))
 	}
 
 	// Verify the timestamp format if it's PITR
-	if r.Spec.Source.PointInTime.Timestamp != nil {
-		_, err := ParseDisplayTime(*r.Spec.Source.PointInTime.Timestamp)
+	if restore.Spec.Source.PointInTime.Timestamp != nil {
+		_, err := ParseDisplayTime(*restore.Spec.Source.PointInTime.Timestamp)
 		if err != nil {
 			allErrs = append(allErrs,
 				field.Forbidden(field.NewPath("spec").Child("source").Child("pointInTime").Child("timestamp"), "invalid timestamp format"))
@@ -120,27 +127,15 @@ func (r *AutonomousDatabaseRestore) ValidateCreate() (admission.Warnings, error)
 	}
 	return nil, apierrors.NewInvalid(
 		schema.GroupKind{Group: "database.oracle.com", Kind: "AutonomousDatabaseRestore"},
-		r.Name, allErrs)
+		restore.Name, allErrs)
 }
 
 // ValidateUpdate implements webhook.Validator so a webhook will be registered for the type
-func (r *AutonomousDatabaseRestore) ValidateUpdate(old runtime.Object) (admission.Warnings, error) {
-	autonomousdatabaserestorelog.Info("validate update", "name", r.Name)
-
-	var allErrs field.ErrorList
-
-	if len(allErrs) == 0 {
-		return nil, nil
-	}
-	return nil, apierrors.NewInvalid(
-		schema.GroupKind{Group: "database.oracle.com", Kind: "AutonomousDatabaseRestore"},
-		r.Name, allErrs)
+func (r *AutonomousDatabaseRestore) ValidateUpdate(ctx context.Context, oldObj, newObj runtime.Object) (admission.Warnings, error) {
+	return nil, nil
 }
 
 // ValidateDelete implements webhook.Validator so a webhook will be registered for the type
-func (r *AutonomousDatabaseRestore) ValidateDelete() (admission.Warnings, error) {
-	autonomousdatabaserestorelog.Info("validate delete", "name", r.Name)
-
-	// TODO(user): fill in your validation logic upon object deletion.
+func (r *AutonomousDatabaseRestore) ValidateDelete(context.Context, runtime.Object) (admission.Warnings, error) {
 	return nil, nil
 }
diff --git a/apis/database/v4/cdb_types.go b/apis/database/v4/cdb_types.go
deleted file mode 100644
index ce3f6f28..00000000
--- a/apis/database/v4/cdb_types.go
+++ /dev/null
@@ -1,191 +0,0 @@
-/*
-** Copyright (c) 2022 Oracle and/or its affiliates.
-**
-** The Universal Permissive License (UPL), Version 1.0
-**
-** Subject to the condition set forth below, permission is hereby granted to any
-** person obtaining a copy of this software, associated documentation and/or data
-** (collectively the "Software"), free of charge and under any and all copyright
-** rights in the Software, and any and all patent rights owned or freely
-** licensable by each licensor hereunder covering either (i) the unmodified
-** Software as contributed to or provided by such licensor, or (ii) the Larger
-** Works (as defined below), to deal in both
-**
-** (a) the Software, and
-** (b) any piece of software and/or hardware listed in the lrgrwrks.txt file if
-** one is included with the Software (each a "Larger Work" to which the Software
-** is contributed by such licensors),
-**
-** without restriction, including without limitation the rights to copy, create
-** derivative works of, display, perform, and distribute the Software and make,
-** use, sell, offer for sale, import, export, have made, and have sold the
-** Software and the Larger Work(s), and to sublicense the foregoing rights on
-** either these or other terms.
-**
-** This license is subject to the following condition:
-** The above copyright notice and either this complete permission notice or at
-** a minimum a reference to the UPL must be included in all copies or
-** substantial portions of the Software.
-**
-** THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-** IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-** FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-** AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-** LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-** OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
-** SOFTWARE.
- */
-
-package v4
-
-import (
-	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
-)
-
-// CDBSpec defines the desired state of CDB
-type CDBSpec struct {
-	// INSERT ADDITIONAL SPEC FIELDS - desired state of cluster
-	// Important: Run "make" to regenerate code after modifying this file
-
-	// Name of the CDB
-	CDBName string `json:"cdbName,omitempty"`
-	// Name of the CDB Service
-	ServiceName string `json:"serviceName,omitempty"`
-
-	// Password for the CDB System Administrator
-	SysAdminPwd CDBSysAdminPassword `json:"sysAdminPwd,omitempty"`
-	// User in the root container with sysdba priviledges to manage PDB lifecycle
-	CDBAdminUser CDBAdminUser `json:"cdbAdminUser,omitempty"`
-	// Password for the CDB Administrator to manage PDB lifecycle
-	CDBAdminPwd CDBAdminPassword `json:"cdbAdminPwd,omitempty"`
-
-	CDBTlsKey CDBTLSKEY `json:"cdbTlsKey,omitempty"`
-	CDBTlsCrt CDBTLSCRT `json:"cdbTlsCrt,omitempty"`
-
-	// Password for user ORDS_PUBLIC_USER
-	ORDSPwd ORDSPassword `json:"ordsPwd,omitempty"`
-	// ORDS server port. For now, keep it as 8888. TO BE USED IN FUTURE RELEASE.
-	ORDSPort int `json:"ordsPort,omitempty"`
-	// ORDS Image Name
-	ORDSImage string `json:"ordsImage,omitempty"`
-	// The name of the image pull secret in case of a private docker repository.
-	ORDSImagePullSecret string `json:"ordsImagePullSecret,omitempty"`
-	// ORDS Image Pull Policy
-	// +kubebuilder:validation:Enum=Always;Never
-	ORDSImagePullPolicy string `json:"ordsImagePullPolicy,omitempty"`
-	// Number of ORDS Containers to create
-	Replicas int `json:"replicas,omitempty"`
-	// Web Server User with SQL Administrator role to allow us to authenticate to the PDB Lifecycle Management REST endpoints
-	WebServerUser WebServerUser `json:"webServerUser,omitempty"`
-	// Password for the Web Server User
-	WebServerPwd WebServerPassword `json:"webServerPwd,omitempty"`
-	// Name of the DB server
-	DBServer string `json:"dbServer,omitempty"`
-	// DB server port
-	DBPort int `json:"dbPort,omitempty"`
-	// Node Selector for running the Pod
-	NodeSelector     map[string]string `json:"nodeSelector,omitempty"`
-	DeletePDBCascade bool              `json:"deletePdbCascade,omitempty"`
-	DBTnsurl         string            `json:"dbTnsurl,omitempty"`
-	CDBPubKey        CDBPUBKEY         `json:"cdbOrdsPubKey,omitempty"`
-	CDBPriKey        CDBPRIVKEY        `json:"cdbOrdsPrvKey,omitempty"`
-}
-
-// CDBSecret defines the secretName
-type CDBSecret struct {
-	SecretName string `json:"secretName"`
-	Key        string `json:"key"`
-}
-
-// CDBSysAdminPassword defines the secret containing SysAdmin Password mapped to key 'sysAdminPwd' for CDB
-type CDBSysAdminPassword struct {
-	Secret CDBSecret `json:"secret"`
-}
-
-// CDBAdminUser defines the secret containing CDB Administrator User mapped to key 'cdbAdminUser' to manage PDB lifecycle
-type CDBAdminUser struct {
-	Secret CDBSecret `json:"secret"`
-}
-
-// CDBAdminPassword defines the secret containing CDB Administrator Password mapped to key 'cdbAdminPwd' to manage PDB lifecycle
-type CDBAdminPassword struct {
-	Secret CDBSecret `json:"secret"`
-}
-
-// ORDSPassword defines the secret containing ORDS_PUBLIC_USER Password mapped to key 'ordsPwd'
-type ORDSPassword struct {
-	Secret CDBSecret `json:"secret"`
-}
-
-// WebServerUser defines the secret containing Web Server User mapped to key 'webServerUser' to manage PDB lifecycle
-type WebServerUser struct {
-	Secret CDBSecret `json:"secret"`
-}
-
-// WebServerPassword defines the secret containing password for Web Server User mapped to key 'webServerPwd' to manage PDB lifecycle
-type WebServerPassword struct {
-	Secret CDBSecret `json:"secret"`
-}
-
-type CDBTLSKEY struct {
-	Secret CDBSecret `json:"secret"`
-}
-
-type CDBTLSCRT struct {
-	Secret CDBSecret `json:"secret"`
-}
-
-type CDBPUBKEY struct {
-	Secret CDBSecret `json:"secret"`
-}
-
-type CDBPRIVKEY struct {
-	Secret CDBSecret `json:"secret"`
-}
-
-// CDBStatus defines the observed state of CDB
-type CDBStatus struct {
-	// INSERT ADDITIONAL STATUS FIELD - define observed state of cluster
-	// Important: Run "make" to regenerate code after modifying this file
-
-	// Phase of the CDB Resource
-	Phase string `json:"phase"`
-	// CDB Resource Status
-	Status bool `json:"status"`
-	// Message
-	Msg string `json:"msg,omitempty"`
-}
-
-// +kubebuilder:object:root=true
-// +kubebuilder:subresource:status
-// +kubebuilder:printcolumn:JSONPath=".spec.cdbName",name="CDB Name",type="string",description="Name of the CDB"
-// +kubebuilder:printcolumn:JSONPath=".spec.dbServer",name="DB Server",type="string",description=" Name of the DB Server"
-// +kubebuilder:printcolumn:JSONPath=".spec.dbPort",name="DB Port",type="integer",description="DB server port"
-// +kubebuilder:printcolumn:JSONPath=".spec.replicas",name="Replicas",type="integer",description="Replicas"
-// +kubebuilder:printcolumn:JSONPath=".status.phase",name="Status",type="string",description="Status of the CDB Resource"
-// +kubebuilder:printcolumn:JSONPath=".status.msg",name="Message",type="string",description="Error message, if any"
-// +kubebuilder:printcolumn:JSONPath=".spec.dbTnsurl",name="TNS STRING",type="string",description=" string of the tnsalias"
-// +kubebuilder:resource:path=cdbs,scope=Namespaced
-// +kubebuilder:storageversion
-
-// CDB is the Schema for the cdbs API
-type CDB struct {
-	metav1.TypeMeta   `json:",inline"`
-	metav1.ObjectMeta `json:"metadata,omitempty"`
-
-	Spec   CDBSpec   `json:"spec,omitempty"`
-	Status CDBStatus `json:"status,omitempty"`
-}
-
-//+kubebuilder:object:root=true
-
-// CDBList contains a list of CDB
-type CDBList struct {
-	metav1.TypeMeta `json:",inline"`
-	metav1.ListMeta `json:"metadata,omitempty"`
-	Items           []CDB `json:"items"`
-}
-
-func init() {
-	SchemeBuilder.Register(&CDB{}, &CDBList{})
-}
diff --git a/apis/database/v4/cdb_webhook.go b/apis/database/v4/cdb_webhook.go
deleted file mode 100644
index 235b2627..00000000
--- a/apis/database/v4/cdb_webhook.go
+++ /dev/null
@@ -1,224 +0,0 @@
-/*
-** Copyright (c) 2022 Oracle and/or its affiliates.
-**
-** The Universal Permissive License (UPL), Version 1.0
-**
-** Subject to the condition set forth below, permission is hereby granted to any
-** person obtaining a copy of this software, associated documentation and/or data
-** (collectively the "Software"), free of charge and under any and all copyright
-** rights in the Software, and any and all patent rights owned or freely
-** licensable by each licensor hereunder covering either (i) the unmodified
-** Software as contributed to or provided by such licensor, or (ii) the Larger
-** Works (as defined below), to deal in both
-**
-** (a) the Software, and
-** (b) any piece of software and/or hardware listed in the lrgrwrks.txt file if
-** one is included with the Software (each a "Larger Work" to which the Software
-** is contributed by such licensors),
-**
-** without restriction, including without limitation the rights to copy, create
-** derivative works of, display, perform, and distribute the Software and make,
-** use, sell, offer for sale, import, export, have made, and have sold the
-** Software and the Larger Work(s), and to sublicense the foregoing rights on
-** either these or other terms.
-**
-** This license is subject to the following condition:
-** The above copyright notice and either this complete permission notice or at
-** a minimum a reference to the UPL must be included in all copies or
-** substantial portions of the Software.
-**
-** THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-** IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-** FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-** AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-** LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-** OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
-** SOFTWARE.
- */
-
-package v4
-
-import (
-	"reflect"
-	"strings"
-
-	apierrors "k8s.io/apimachinery/pkg/api/errors"
-	"k8s.io/apimachinery/pkg/runtime"
-	"k8s.io/apimachinery/pkg/runtime/schema"
-	"k8s.io/apimachinery/pkg/util/validation/field"
-	ctrl "sigs.k8s.io/controller-runtime"
-	logf "sigs.k8s.io/controller-runtime/pkg/log"
-	"sigs.k8s.io/controller-runtime/pkg/webhook"
-	"sigs.k8s.io/controller-runtime/pkg/webhook/admission"
-)
-
-// log is for logging in this package.
-var cdblog = logf.Log.WithName("cdb-webhook")
-
-func (r *CDB) SetupWebhookWithManager(mgr ctrl.Manager) error {
-	return ctrl.NewWebhookManagedBy(mgr).
-		For(r).
-		Complete()
-}
-
-//+kubebuilder:webhook:path=/mutate-database-oracle-com-v4-cdb,mutating=true,failurePolicy=fail,sideEffects=None,groups=database.oracle.com,resources=cdbs,verbs=create;update,versions=v4,name=mcdb.kb.io,admissionReviewVersions={v1,v1beta1}
-
-var _ webhook.Defaulter = &CDB{}
-
-// Default implements webhook.Defaulter so a webhook will be registered for the type
-func (r *CDB) Default() {
-	cdblog.Info("Setting default values in CDB spec for : " + r.Name)
-
-	if r.Spec.ORDSPort == 0 {
-		r.Spec.ORDSPort = 8888
-	}
-
-	if r.Spec.Replicas == 0 {
-		r.Spec.Replicas = 1
-	}
-}
-
-// TODO(user): change verbs to "verbs=create;update;delete" if you want to enable deletion validation.
-//+kubebuilder:webhook:path=/validate-database-oracle-com-v4-cdb,mutating=false,failurePolicy=fail,sideEffects=None,groups=database.oracle.com,resources=cdbs,verbs=create;update,versions=v4,name=vcdb.kb.io,admissionReviewVersions={v1,v1beta1}
-
-var _ webhook.Validator = &CDB{}
-
-// ValidateCreate implements webhook.Validator so a webhook will be registered for the type
-func (r *CDB) ValidateCreate() (admission.Warnings, error) {
-	cdblog.Info("ValidateCreate", "name", r.Name)
-
-	var allErrs field.ErrorList
-
-	if r.Spec.ServiceName == "" && r.Spec.DBServer != "" {
-		allErrs = append(allErrs,
-			field.Required(field.NewPath("spec").Child("serviceName"), "Please specify CDB Service name"))
-	}
-
-	if reflect.ValueOf(r.Spec.CDBTlsKey).IsZero() {
-		allErrs = append(allErrs,
-			field.Required(field.NewPath("spec").Child("cdbTlsKey"), "Please specify CDB Tls key(secret)"))
-	}
-
-	if reflect.ValueOf(r.Spec.CDBTlsCrt).IsZero() {
-		allErrs = append(allErrs,
-			field.Required(field.NewPath("spec").Child("cdbTlsCrt"), "Please specify CDB Tls Certificate(secret)"))
-	}
-
-	if reflect.ValueOf(r.Spec.CDBPriKey).IsZero() {
-		allErrs = append(allErrs,
-			field.Required(field.NewPath("spec").Child("CDBPriKey"), "Please specify CDB CDBPriKey(secret)"))
-	}
-
-	/*if r.Spec.SCANName == "" {
-		allErrs = append(allErrs,
-			field.Required(field.NewPath("spec").Child("scanName"), "Please specify SCAN Name for CDB"))
-	}*/
-
-	if (r.Spec.DBServer == "" && r.Spec.DBTnsurl == "") || (r.Spec.DBServer != "" && r.Spec.DBTnsurl != "") {
-		allErrs = append(allErrs,
-			field.Required(field.NewPath("spec").Child("dbServer"), "Please specify Database Server Name/IP Address or tnsalias string"))
-	}
-
-	if r.Spec.DBTnsurl != "" && (r.Spec.DBServer != "" || r.Spec.DBPort != 0 || r.Spec.ServiceName != "") {
-		allErrs = append(allErrs,
-			field.Required(field.NewPath("spec").Child("dbServer"), "DBtnsurl is orthogonal to (DBServer,DBport,Services)"))
-	}
-
-	if r.Spec.DBPort == 0 && r.Spec.DBServer != "" {
-		allErrs = append(allErrs,
-			field.Required(field.NewPath("spec").Child("dbPort"), "Please specify DB Server Port"))
-	}
-	if r.Spec.DBPort < 0 && r.Spec.DBServer != "" {
-		allErrs = append(allErrs,
-			field.Required(field.NewPath("spec").Child("dbPort"), "Please specify a valid DB Server Port"))
-	}
-	if r.Spec.ORDSPort < 0 {
-		allErrs = append(allErrs,
-			field.Required(field.NewPath("spec").Child("ordsPort"), "Please specify a valid ORDS Port"))
-	}
-	if r.Spec.Replicas < 0 {
-		allErrs = append(allErrs,
-			field.Required(field.NewPath("spec").Child("replicas"), "Please specify a valid value for Replicas"))
-	}
-	if r.Spec.ORDSImage == "" {
-		allErrs = append(allErrs,
-			field.Required(field.NewPath("spec").Child("ordsImage"), "Please specify name of ORDS Image to be used"))
-	}
-	if reflect.ValueOf(r.Spec.CDBAdminUser).IsZero() {
-		allErrs = append(allErrs,
-			field.Required(field.NewPath("spec").Child("cdbAdminUser"), "Please specify user in the root container with sysdba priviledges to manage PDB lifecycle"))
-	}
-	if reflect.ValueOf(r.Spec.CDBAdminPwd).IsZero() {
-		allErrs = append(allErrs,
-			field.Required(field.NewPath("spec").Child("cdbAdminPwd"), "Please specify password for the CDB Administrator to manage PDB lifecycle"))
-	}
-	if reflect.ValueOf(r.Spec.ORDSPwd).IsZero() {
-		allErrs = append(allErrs,
-			field.Required(field.NewPath("spec").Child("ordsPwd"), "Please specify password for user ORDS_PUBLIC_USER"))
-	}
-	if reflect.ValueOf(r.Spec.WebServerUser).IsZero() {
-		allErrs = append(allErrs,
-			field.Required(field.NewPath("spec").Child("webServerUser"), "Please specify the Web Server User having SQL Administrator role"))
-	}
-	if reflect.ValueOf(r.Spec.WebServerPwd).IsZero() {
-		allErrs = append(allErrs,
-			field.Required(field.NewPath("spec").Child("webServerPwd"), "Please specify password for the Web Server User having SQL Administrator role"))
-	}
-	if len(allErrs) == 0 {
-		return nil, nil
-	}
-	return nil, apierrors.NewInvalid(
-		schema.GroupKind{Group: "database.oracle.com", Kind: "CDB"},
-		r.Name, allErrs)
-}
-
-// ValidateUpdate implements webhook.Validator so a webhook will be registered for the type
-func (r *CDB) ValidateUpdate(old runtime.Object) (admission.Warnings, error) {
-	cdblog.Info("validate update", "name", r.Name)
-
-	isCDBMarkedToBeDeleted := r.GetDeletionTimestamp() != nil
-	if isCDBMarkedToBeDeleted {
-		return nil, nil
-	}
-
-	var allErrs field.ErrorList
-
-	// Check for updation errors
-	oldCDB, ok := old.(*CDB)
-	if !ok {
-		return nil, nil
-	}
-
-	if r.Spec.DBPort < 0 {
-		allErrs = append(allErrs,
-			field.Required(field.NewPath("spec").Child("dbPort"), "Please specify a valid DB Server Port"))
-	}
-	if r.Spec.ORDSPort < 0 {
-		allErrs = append(allErrs,
-			field.Required(field.NewPath("spec").Child("ordsPort"), "Please specify a valid ORDS Port"))
-	}
-	if r.Spec.Replicas < 0 {
-		allErrs = append(allErrs,
-			field.Required(field.NewPath("spec").Child("replicas"), "Please specify a valid value for Replicas"))
-	}
-	if !strings.EqualFold(oldCDB.Spec.ServiceName, r.Spec.ServiceName) {
-		allErrs = append(allErrs,
-			field.Forbidden(field.NewPath("spec").Child("replicas"), "cannot be changed"))
-	}
-
-	if len(allErrs) == 0 {
-		return nil, nil
-	}
-
-	return nil, apierrors.NewInvalid(
-		schema.GroupKind{Group: "database.oracle.com", Kind: "CDB"},
-		r.Name, allErrs)
-}
-
-// ValidateDelete implements webhook.Validator so a webhook will be registered for the type
-func (r *CDB) ValidateDelete() (admission.Warnings, error) {
-	cdblog.Info("validate delete", "name", r.Name)
-
-	// TODO(user): fill in your validation logic upon object deletion.
-	return nil, nil
-}
diff --git a/apis/database/v4/dataguardbroker_types.go b/apis/database/v4/dataguardbroker_types.go
index cec11ca4..80c2afe6 100644
--- a/apis/database/v4/dataguardbroker_types.go
+++ b/apis/database/v4/dataguardbroker_types.go
@@ -80,6 +80,7 @@ type DataguardBrokerStatus struct {
 }
 
 // +kubebuilder:object:root=true
+// +kubebuilder:resource:shortName=dgbroker;dgbrokers
 // +kubebuilder:subresource:status
 // +kubebuilder:printcolumn:JSONPath=".status.primaryDatabase",name="Primary",type="string"
 // +kubebuilder:printcolumn:JSONPath=".status.standbyDatabases",name="Standbys",type="string"
diff --git a/apis/database/v4/dbcssystem_types.go b/apis/database/v4/dbcssystem_types.go
index 9810a3b7..7f163c81 100644
--- a/apis/database/v4/dbcssystem_types.go
+++ b/apis/database/v4/dbcssystem_types.go
@@ -53,31 +53,36 @@ import (
 
 // DbcsSystemSpec defines the desired state of DbcsSystem
 type DbcsSystemSpec struct {
-	DbSystem       DbSystemDetails `json:"dbSystem,omitempty"`
-	Id             *string         `json:"id,omitempty"`
-	OCIConfigMap   *string         `json:"ociConfigMap"`
-	OCISecret      *string         `json:"ociSecret,omitempty"`
-	DbClone        *DbCloneConfig  `json:"dbClone,omitempty"`
-	HardLink       bool            `json:"hardLink,omitempty"`
-	PdbConfigs     []PDBConfig     `json:"pdbConfigs,omitempty"`
-	SetupDBCloning bool            `json:"setupDBCloning,omitempty"`
-	DbBackupId     *string         `json:"dbBackupId,omitempty"`
-	DatabaseId     *string         `json:"databaseId,omitempty"`
-	KMSConfig      KMSConfig       `json:"kmsConfig,omitempty"`
+	DbSystem       *DbSystemDetails `json:"dbSystem,omitempty"`
+	Id             *string          `json:"id,omitempty"`
+	OCIConfigMap   *string          `json:"ociConfigMap"`
+	OCISecret      *string          `json:"ociSecret,omitempty"`
+	DbClone        *DbCloneConfig   `json:"dbClone,omitempty"`
+	HardLink       bool             `json:"hardLink,omitempty"`
+	PdbConfigs     []PDBConfig      `json:"pdbConfigs,omitempty"`
+	SetupDBCloning bool             `json:"setupDBCloning,omitempty"`
+	DbBackupId     *string          `json:"dbBackupId,omitempty"`
+	DatabaseId     *string          `json:"databaseId,omitempty"`
+	KMSConfig      *KMSConfig       `json:"kmsConfig,omitempty"`
+	EnableBackup   bool             `json:"enableBackup,omitempty"`
+	IsPatch        bool             `json:"isPatch,omitempty"`
+	IsUpgrade      bool             `json:"isUpgrade,omitempty"`
+	DataGuard      DataGuardConfig  `json:"dataGuard,omitempty"`
 }
 
 // DbSystemDetails Spec
 
 type DbSystemDetails struct {
-	CompartmentId              string            `json:"compartmentId"`
-	AvailabilityDomain         string            `json:"availabilityDomain"`
-	SubnetId                   string            `json:"subnetId"`
-	Shape                      string            `json:"shape"`
+	CompartmentId              string            `json:"compartmentId,omitempty"`
+	AvailabilityDomain         string            `json:"availabilityDomain,omitempty"`
+	SubnetId                   string            `json:"subnetId,omitempty"`
+	Shape                      string            `json:"shape,omitempty"`
 	SshPublicKeys              []string          `json:"sshPublicKeys,omitempty"`
-	HostName                   string            `json:"hostName"`
+	HostName                   string            `json:"hostName,omitempty"`
 	CpuCoreCount               int               `json:"cpuCoreCount,omitempty"`
 	FaultDomains               []string          `json:"faultDomains,omitempty"`
 	DisplayName                string            `json:"displayName,omitempty"`
+	BackupDisplayName          string            `json:"backupDisplayName,omitempty"`
 	BackupSubnetId             string            `json:"backupSubnetId,omitempty"`
 	TimeZone                   string            `json:"timeZone,omitempty"`
 	NodeCount                  *int              `json:"nodeCount,omitempty"`
@@ -85,8 +90,9 @@ type DbSystemDetails struct {
 	Domain                     string            `json:"domain,omitempty"`
 	InitialDataStorageSizeInGB int               `json:"initialDataStorageSizeInGB,omitempty"`
 	ClusterName                string            `json:"clusterName,omitempty"`
-	DbAdminPasswordSecret      string            `json:"dbAdminPasswordSecret"`
+	DbAdminPasswordSecret      string            `json:"dbAdminPasswordSecret,omitempty"`
 	DbName                     string            `json:"dbName,omitempty"`
+	DbHomeId                   string            `json:"dbHomeId,omitempty"`
 	PdbName                    string            `json:"pdbName,omitempty"`
 	DbDomain                   string            `json:"dbDomain,omitempty"`
 	DbUniqueName               string            `json:"dbUniqueName,omitempty"`
@@ -98,8 +104,31 @@ type DbSystemDetails struct {
 	LicenseModel               string            `json:"licenseModel,omitempty"`
 	TdeWalletPasswordSecret    string            `json:"tdeWalletPasswordSecret,omitempty"`
 	Tags                       map[string]string `json:"tags,omitempty"`
-	DbBackupConfig             Backupconfig      `json:"dbBackupConfig,omitempty"`
-	KMSConfig                  KMSConfig         `json:"kmsConfig,omitempty"`
+	DbBackupConfig             *Backupconfig     `json:"dbBackupConfig,omitempty"`
+	KMSConfig                  *KMSConfig        `json:"kmsConfig,omitempty"`
+	RestoreConfig              *RestoreConfig    `json:"restoreConfig,omitempty"`
+	PatchOCID                  string            `json:"dbPatchOcid,omitempty"`
+	UpgradeVersion             string            `json:"dbUpgradeVersion,omitempty"`
+}
+
+type DataGuardConfig struct {
+	Enabled               bool              `json:"enabled,omitempty"`
+	ProtectionMode        *string           `json:"protectionMode,omitempty"` // Options: "MAXIMUM_PROTECTION", "MAXIMUM_AVAILABILITY", "MAXIMUM_PERFORMANCE"
+	TransportType         *string           `json:"transportType,omitempty"`  // Options: "ASYNC", "SYNC"
+	PeerRole              *string           `json:"peerRole,omitempty"`       // Options: "STANDBY", "PRIMARY"
+	DbAdminPasswordSecret *string           `json:"dbAdminPasswordSecret,omitempty"`
+	DbName                *string           `json:"dbName,omitempty"`
+	HostName              *string           `json:"hostName,omitempty"`
+	DisplayName           *string           `json:"displayName,omitempty"`
+	PeerSidPrefix         *string           `json:"sidPrefix,omitempty"`
+	PeerDbSystemId        *string           `json:"peerDbSystemId,omitempty"`
+	PeerDbHomeId          *string           `json:"peerDbHomeId,omitempty"`
+	PrimaryDatabaseId     *string           `json:"primaryDatabaseId,omitempty"`
+	AvailabilityDomain    *string           `json:"availabilityDomain,omitempty"` // Availability domain for the new DB system
+	SubnetId              *string           `json:"subnetId,omitempty"`           // Subnet ID for the new DB system
+	Shape                 *string           `json:"shape,omitempty"`              // Shape of the new DB system
+	DbSystemFreeformTags  map[string]string `json:"dbSystemFreeformTags,omitempty"`
+	IsDelete              bool              `json:"isDelete,omitempty"`
 }
 
 // DB Backup Config Network Struct
@@ -110,6 +139,19 @@ type Backupconfig struct {
 	BackupDestinationDetails *string `json:"backupDestinationDetails,omitempty"`
 }
 
+// Manual backup information
+type BackupInfo struct {
+	Name      string `json:"name"`
+	BackupID  string `json:"backupId"`
+	Timestamp string `json:"timestamp"` // Optional: for sorting, audit, GC
+}
+
+type RestoreConfig struct {
+	Timestamp *metav1.Time `json:"timestamp,omitempty"` // Restore to specific point in time
+	SCN       *string      `json:"scn,omitempty"`       // Restore to specific SCN (as string)
+	Latest    bool         `json:"latest,omitempty"`    // Restore to latest state
+}
+
 // DbcsSystemStatus defines the observed state of DbcsSystem
 type DbcsSystemStatus struct {
 	Id                 *string `json:"id,omitempty"`
@@ -119,6 +161,7 @@ type DbcsSystemStatus struct {
 	StorageManagement  string  `json:"storageManagement,omitempty"`
 	NodeCount          int     `json:"nodeCount,omitempty"`
 	CpuCoreCount       int     `json:"cpuCoreCount,omitempty"`
+	DbVersion          string  `json:"dbVersion,omitempty"`
 
 	DbEdition             string `json:"dbEdition,omitempty"`
 	TimeZone              string `json:"timeZone,omitempty"`
@@ -135,20 +178,25 @@ type DbcsSystemStatus struct {
 	KMSDetailsStatus KMSDetailsStatus   `json:"kmsDetailsStatus,omitempty"`
 	DbCloneStatus    DbCloneStatus      `json:"dbCloneStatus,omitempty"`
 	PdbDetailsStatus []PDBDetailsStatus `json:"pdbDetailsStatus,omitempty"`
+	DataGuardStatus  *DataGuardStatus   `json:"dataGuardStatus,omitempty"`
+	Backups          []BackupInfo       `json:"backups,omitempty"`
+	Message          string             `json:"message,omitempty"`
 }
 
 // DbcsSystemStatus defines the observed state of DbcsSystem
 type DbStatus struct {
-	Id           *string `json:"id,omitempty"`
-	DbName       string  `json:"dbName,omitempty"`
-	DbUniqueName string  `json:"dbUniqueName,omitempty"`
-	DbWorkload   string  `json:"dbWorkload,omitempty"`
-	DbHomeId     string  `json:"dbHomeId,omitempty"`
+	Id                   *string `json:"id,omitempty"`
+	DbName               string  `json:"dbName,omitempty"`
+	DbUniqueName         string  `json:"dbUniqueName,omitempty"`
+	DbWorkload           string  `json:"dbWorkload,omitempty"`
+	DbHomeId             string  `json:"dbHomeId,omitempty"`
+	ConnectionString     string  `json:"connectionString,omitempty"`
+	ConnectionStringLong string  `json:"connectionStringLong,omitempty"`
 }
 
 type DbWorkrequests struct {
-	OperationType   *string `json:"operationType,omitmpty"`
-	OperationId     *string `json:"operationId,omitemty"`
+	OperationType   *string `json:"operationType,omitempty"`
+	OperationId     *string `json:"operationId,omitempty"`
 	PercentComplete string  `json:"percentComplete,omitempty"`
 	TimeAccepted    string  `json:"timeAccepted,omitempty"`
 	TimeStarted     string  `json:"timeStarted,omitempty"`
@@ -171,7 +219,7 @@ type DbCloneConfig struct {
 	TdeWalletPasswordSecret    string   `json:"tdeWalletPasswordSecret,omitempty"`
 	DbName                     string   `json:"dbName"`
 	HostName                   string   `json:"hostName"`
-	DbUniqueName               string   `json:"dbDbUniqueName"`
+	DbUniqueName               string   `json:"dbUniqueName,omitempty"`
 	DisplayName                string   `json:"displayName"`
 	LicenseModel               string   `json:"licenseModel,omitempty"`
 	Domain                     string   `json:"domain,omitempty"`
@@ -184,27 +232,49 @@ type DbCloneConfig struct {
 	PrivateIp                  string   `json:"privateIp,omitempty"`
 }
 
+type DataGuardStatus struct {
+	Id                         *string `json:"id,omitempty"`
+	IsActiveDataGuardEnabled   bool    `json:"isActiveDataGuardEnabled,omitempty"`
+	PeerDbSystemId             *string `json:"peerDbSystemId,omitempty"`
+	PeerDatabaseId             *string `json:"peerDatabaseId,omitempty"`
+	DbName                     *string `json:"dbName,omitempty"`
+	DbWorkload                 string  `json:"dbWorkload,omitempty"`
+	PeerDbHomeId               *string `json:"peerDbHomeId,omitempty"`
+	PeerRole                   *string `json:"peerRole,omitempty"` // Options: "STANDBY", "PRIMARY"
+	Shape                      *string `json:"shape,omitempty"`
+	SubnetId                   *string `json:"subnetId,omitempty"`
+	PrimaryDatabaseId          *string `json:"primaryDatabaseId,omitempty"`
+	DbAdminPasswordSecret      *string `json:"dbAdminPasswordSecret,omitempty"`
+	TransportType              *string `json:"transportType,omitempty"`
+	ProtectionMode             *string `json:"protectionMode,omitempty"` // Options: "MAXIMUM_PROTECTION", "MAXIMUM_AVAILABILITY", "MAXIMUM_PERFORMANCE"
+	LifecycleState             *string `json:"lifecycleState,omitempty"`
+	PeerDataGuardAssociationId *string `json:"peerDataGuardAssociationId,omitempty"`
+	LifecycleDetails           *string `json:"lifecycleDetails,omitempty"`
+}
+
 // DbCloneStatus defines the observed state of DbClone
 type DbCloneStatus struct {
-	Id                   *string  `json:"id,omitempty"`
-	DbAdminPaswordSecret string   `json:"dbAdminPaswordSecret,omitempty"`
-	DbName               string   `json:"dbName,omitempty"`
-	HostName             string   `json:"hostName"`
-	DbUniqueName         string   `json:"dbDbUniqueName"`
-	DisplayName          string   `json:"displayName,omitempty"`
-	LicenseModel         string   `json:"licenseModel,omitempty"`
-	Domain               string   `json:"domain,omitempty"`
-	SshPublicKeys        []string `json:"sshPublicKeys,omitempty"`
-	SubnetId             string   `json:"subnetId,omitempty"`
+	Id                    *string  `json:"id,omitempty"`
+	DbAdminPasswordSecret string   `json:"dbAdminPasswordSecret,omitempty"`
+	DbName                string   `json:"dbName,omitempty"`
+	HostName              string   `json:"hostName,omitempty"`
+	DbUniqueName          string   `json:"dbUniqueName,omitempty"`
+	DisplayName           string   `json:"displayName,omitempty"`
+	LicenseModel          string   `json:"licenseModel,omitempty"`
+	Domain                string   `json:"domain,omitempty"`
+	SshPublicKeys         []string `json:"sshPublicKeys,omitempty"`
+	SubnetId              string   `json:"subnetId,omitempty"`
 }
 
 // +kubebuilder:object:root=true
 // +kubebuilder:subresource:status
 // +kubebuilder:resource:path=dbcssystems,scope=Namespaced
 // +kubebuilder:storageversion
-// +kubebuilder:storageversion
-
-// DbcsSystem is the Schema for the dbcssystems API
+// +kubebuilder:printcolumn:name="Display Name",type="string",JSONPath=".status.displayName"
+// +kubebuilder:printcolumn:name="DB Name",type="string",JSONPath=".status.dbInfo[0].dbName"
+// +kubebuilder:printcolumn:name="State",type="string",JSONPath=".status.state"
+// +kubebuilder:printcolumn:name="DB Version",type="string",JSONPath=".status.dbInfo[0].dbVersion"
+// +kubebuilder:printcolumn:name="ConnString",type="string",JSONPath=".status.dbInfo[0].connectionString"
 type DbcsSystem struct {
 	metav1.TypeMeta   `json:",inline"`
 	metav1.ObjectMeta `json:"metadata,omitempty"`
@@ -224,11 +294,13 @@ type DbcsSystemList struct {
 type LifecycleState string
 
 const (
-	Available LifecycleState = "AVAILABLE"
-	Failed    LifecycleState = "FAILED"
-	Update    LifecycleState = "UPDATING"
-	Provision LifecycleState = "PROVISIONING"
-	Terminate LifecycleState = "TERMINATED"
+	Available       LifecycleState = "AVAILABLE"
+	Failed          LifecycleState = "FAILED"
+	Update          LifecycleState = "UPDATING"
+	Provision       LifecycleState = "PROVISIONING"
+	Terminate       LifecycleState = "TERMINATING"
+	TerminatedState LifecycleState = "TERMINATED"
+	Upgrade         LifecycleState = "UPGRADING"
 )
 
 const lastSuccessfulSpec = "lastSuccessfulSpec"
diff --git a/apis/database/v4/dbcssystem_webhook.go b/apis/database/v4/dbcssystem_webhook.go
index c3ff8ddb..1fc85f80 100644
--- a/apis/database/v4/dbcssystem_webhook.go
+++ b/apis/database/v4/dbcssystem_webhook.go
@@ -1,98 +1,110 @@
-/*
-** Copyright (c) 2022 Oracle and/or its affiliates.
-**
-** The Universal Permissive License (UPL), Version 1.0
-**
-** Subject to the condition set forth below, permission is hereby granted to any
-** person obtaining a copy of this software, associated documentation and/or data
-** (collectively the "Software"), free of charge and under any and all copyright
-** rights in the Software, and any and all patent rights owned or freely
-** licensable by each licensor hereunder covering either (i) the unmodified
-** Software as contributed to or provided by such licensor, or (ii) the Larger
-** Works (as defined below), to deal in both
-**
-** (a) the Software, and
-** (b) any piece of software and/or hardware listed in the lrgrwrks.txt file if
-** one is included with the Software (each a "Larger Work" to which the Software
-** is contributed by such licensors),
-**
-** without restriction, including without limitation the rights to copy, create
-** derivative works of, display, perform, and distribute the Software and make,
-** use, sell, offer for sale, import, export, have made, and have sold the
-** Software and the Larger Work(s), and to sublicense the foregoing rights on
-** either these or other terms.
-**
-** This license is subject to the following condition:
-** The above copyright notice and either this complete permission notice or at
-** a minimum a reference to the UPL must be included in all copies or
-** substantial portions of the Software.
-**
-** THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-** IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-** FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-** AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-** LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-** OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
-** SOFTWARE.
- */
-
 package v4
 
 import (
+	"context"
+	"fmt"
+	"reflect"
+
+	apierrors "k8s.io/apimachinery/pkg/api/errors"
 	"k8s.io/apimachinery/pkg/runtime"
+	"k8s.io/apimachinery/pkg/runtime/schema"
 	ctrl "sigs.k8s.io/controller-runtime"
 	logf "sigs.k8s.io/controller-runtime/pkg/log"
 	"sigs.k8s.io/controller-runtime/pkg/webhook"
-	"sigs.k8s.io/controller-runtime/pkg/webhook/admission"
+	admission "sigs.k8s.io/controller-runtime/pkg/webhook/admission"
 )
 
 // log is for logging in this package.
 var dbcssystemlog = logf.Log.WithName("dbcssystem-resource")
 
+// SetupWebhookWithManager registers the webhook with the manager.
 func (r *DbcsSystem) SetupWebhookWithManager(mgr ctrl.Manager) error {
 	return ctrl.NewWebhookManagedBy(mgr).
-		For(r).
+		For(&DbcsSystem{}).
+		WithDefaulter(r).
+		WithValidator(r).
 		Complete()
 }
 
-// EDIT THIS FILE!  THIS IS SCAFFOLDING FOR YOU TO OWN!
+// Ensure our CRD type implements the webhook interfaces
+var _ webhook.CustomValidator = &DbcsSystem{}
+var _ webhook.CustomDefaulter = &DbcsSystem{}
 
-//+kubebuilder:webhook:path=/mutate-database-oracle-com-v4-dbcssystem,mutating=true,failurePolicy=fail,sideEffects=none,groups=database.oracle.com,resources=dbcssystems,verbs=create;update,versions=v4,name=mdbcssystemv4.kb.io,admissionReviewVersions=v1
+// +kubebuilder:webhook:path=/mutate-database-oracle-com-v4-dbcssystem,mutating=true,failurePolicy=fail,sideEffects=none,groups=database.oracle.com,resources=dbcssystems,verbs=create;update,versions=v4,name=mdbcssystemv4.kb.io,admissionReviewVersions=v1
 
-var _ webhook.Defaulter = &DbcsSystem{}
+// Default implements webhook.CustomDefaulter
+func (r *DbcsSystem) Default(ctx context.Context, obj runtime.Object) error {
+	cr, ok := obj.(*DbcsSystem)
+	if !ok {
+		return fmt.Errorf("expected *DbcsSystem but got %T", obj)
+	}
 
-// Default implements webhook.Defaulter so a webhook will be registered for the type
-func (r *DbcsSystem) Default() {
-	dbcssystemlog.Info("default", "name", r.Name)
+	dbcssystemlog.Info("default", "name", cr.Name)
 
-	// TODO(user): fill in your defaulting logic.
+	// TODO: add your defaulting logic here
+	return nil
 }
 
-// TODO(user): change verbs to "verbs=create;update;delete" if you want to enable deletion validation.
-
 // +kubebuilder:webhook:verbs=create;update;delete,path=/validate-database-oracle-com-v4-dbcssystem,mutating=false,failurePolicy=fail,sideEffects=None,groups=database.oracle.com,resources=dbcssystems,versions=v4,name=vdbcssystemv4.kb.io,admissionReviewVersions=v1
-var _ webhook.Validator = &DbcsSystem{}
 
-// ValidateCreate implements webhook.Validator so a webhook will be registered for the type
-func (r *DbcsSystem) ValidateCreate() (admission.Warnings, error) {
-	dbcssystemlog.Info("validate create", "name", r.Name)
+// ValidateCreate implements webhook.CustomValidator
+func (r *DbcsSystem) ValidateCreate(ctx context.Context, obj runtime.Object) (admission.Warnings, error) {
+	dbcssystemlog.Info("validate create")
+
+	cr, ok := obj.(*DbcsSystem)
+	if !ok {
+		return nil, apierrors.NewInternalError(fmt.Errorf("expected *DbcsSystem but got %T", obj))
+	}
+
+	blockedStates := map[string]bool{
+		"PROVISIONING": true,
+		"UPDATING":     true,
+		"TERMINATING":  true,
+	}
+
+	if blockedStates[string(cr.Status.State)] {
+		return nil, apierrors.NewForbidden(
+			schema.GroupResource{Group: "database.oracle.com", Resource: "DbcsSystem"},
+			cr.Name,
+			fmt.Errorf("creation not allowed while resource is in state %q", cr.Status.State),
+		)
+	}
 
-	// 	// TODO(user): fill in your validation logic upon object creation.
 	return nil, nil
 }
 
-// // ValidateUpdate implements webhook.Validator so a webhook will be registered for the type
-func (r *DbcsSystem) ValidateUpdate(old runtime.Object) (admission.Warnings, error) {
-	dbcssystemlog.Info("validate update", "name", r.Name)
+// ValidateUpdate implements webhook.CustomValidator
+func (r *DbcsSystem) ValidateUpdate(ctx context.Context, oldObj, newObj runtime.Object) (admission.Warnings, error) {
+	dbcssystemlog.Info("validate update")
+
+	oldCr, ok1 := oldObj.(*DbcsSystem)
+	newCr, ok2 := newObj.(*DbcsSystem)
+	if !ok1 || !ok2 {
+		return nil, apierrors.NewInternalError(fmt.Errorf("expected *DbcsSystem but got %T/%T", oldObj, newObj))
+	}
+
+	blockedStates := map[string]bool{
+		"UPDATING":     true,
+		"PROVISIONING": true,
+		"TERMINATING":  true,
+	}
+
+	if blockedStates[string(newCr.Status.State)] {
+		if !reflect.DeepEqual(oldCr.Spec, newCr.Spec) {
+			return nil, apierrors.NewForbidden(
+				schema.GroupResource{Group: "database.oracle.com", Resource: "DbcsSystem"},
+				newCr.Name,
+				fmt.Errorf("spec updates not allowed while resource is in state %q", newCr.Status.State),
+			)
+		}
+	}
 
-	// 	// TODO(user): fill in your validation logic upon object update.
 	return nil, nil
 }
 
-// ValidateDelete implements webhook.Validator so a webhook will be registered for the type
-func (r *DbcsSystem) ValidateDelete() (admission.Warnings, error) {
-	dbcssystemlog.Info("validate delete", "name", r.Name)
-
-	// TODO(user): fill in your validation logic upon object deletion.
+// ValidateDelete implements webhook.CustomValidator
+func (r *DbcsSystem) ValidateDelete(ctx context.Context, obj runtime.Object) (admission.Warnings, error) {
+	dbcssystemlog.Info("validate delete")
+	// TODO: Add delete validation if needed
 	return nil, nil
 }
diff --git a/apis/database/v4/lrest_types.go b/apis/database/v4/lrest_types.go
index 421a3ea1..ebe61704 100644
--- a/apis/database/v4/lrest_types.go
+++ b/apis/database/v4/lrest_types.go
@@ -51,22 +51,26 @@ type LRESTSpec struct {
 	LRESTName string `json:"cdbName,omitempty"`
 	// Name of the LREST Service
 	ServiceName string `json:"serviceName,omitempty"`
-
 	// Password for the LREST System Administrator
 	SysAdminPwd LRESTSysAdminPassword `json:"sysAdminPwd,omitempty"`
 	// User in the root container with sysdba priviledges to manage PDB lifecycle
 	LRESTAdminUser LRESTAdminUser `json:"cdbAdminUser,omitempty"`
 	// Password for the LREST Administrator to manage PDB lifecycle
 	LRESTAdminPwd LRESTAdminPassword `json:"cdbAdminPwd,omitempty"`
-
+	// Secret: tls.key
 	LRESTTlsKey LRESTTLSKEY `json:"cdbTlsKey,omitempty"`
+	// Secret: tls.crt
 	LRESTTlsCrt LRESTTLSCRT `json:"cdbTlsCrt,omitempty"`
+	// Secret: Pub.key
 	LRESTPubKey LRESTPUBKEY `json:"cdbPubKey,omitempty"`
+	// Secret: Priv.key
 	LRESTPriKey LRESTPRVKEY `json:"cdbPrvKey,omitempty"`
-
+	// Secret: Tls.cat
+	LRESTTlsCat LRPDBTLSCAT `json:"cdbTlsCat,omitempty"`
 	// Password for user LREST_PUBLIC_USER
 	LRESTPwd LRESTPassword `json:"lrestPwd,omitempty"`
 	// LREST server port. For now, keep it as 8888. TO BE USED IN FUTURE RELEASE.
+	// +kubebuilder:default=8888
 	LRESTPort int `json:"lrestPort,omitempty"`
 	// LREST Image Name
 	LRESTImage string `json:"lrestImage,omitempty"`
@@ -86,9 +90,30 @@ type LRESTSpec struct {
 	// DB server port
 	DBPort int `json:"dbPort,omitempty"`
 	// Node Selector for running the Pod
-	NodeSelector     map[string]string `json:"nodeSelector,omitempty"`
-	DBTnsurl         string            `json:"dbTnsurl,omitempty"`
-	DeletePDBCascade bool              `json:"deletePdbCascade,omitempty"`
+	NodeSelector map[string]string `json:"nodeSelector,omitempty"`
+	// Container database connect string
+	DBTnsurl string `json:"dbTnsurl,omitempty"`
+	// lrest server deletion automatically triggers associated pdb deletion
+	DeletePDBCascade bool `json:"deletePdbCascade,omitempty"`
+	// Name of the service account
+	SrvAccountName string `json:"serviceAccountName,omitempty"`
+	// Detection of pdb created manually via sqlplus or other cli db interface
+	// It automatically associates a resource to the new pdb
+	PdbAutoDiscover bool `json:"autodiscover,omitempty"`
+	// The namespace assigned by default to the new resource when autodiscover is turned on
+	NamesSpaceAutoDiscover string `json:"namespaceAutoDiscover,omitempty"`
+	// Specify if cluster ip is required when  corev1.Service starts. Note the lrest server
+	// it's an internal component that should never be visible from outside. Use this parameter
+	// only if you need to run the operator local.
+	// +kubebuilder:default=false
+	ClusterIP bool `json:"clusterIp,omitempty"`
+	// Create a load balancer: Use this parameter in conjunction with ClusterIP only if you need
+	// to run the operator local
+	// +kubebuilder:default=false
+	LoadBalancer bool `json:"loadBalancer,omitempty"`
+	// Turn on the  sqlnet.trace_level_client
+	// +kubebuilder:default=0
+	SqlNetTrace int `json:"trace_level_client,omitempty"`
 }
 
 // LRESTSecret defines the secretName
diff --git a/apis/database/v4/lrest_webhook.go b/apis/database/v4/lrest_webhook.go
index 9d65a1d6..2a91a17d 100644
--- a/apis/database/v4/lrest_webhook.go
+++ b/apis/database/v4/lrest_webhook.go
@@ -39,6 +39,7 @@
 package v4
 
 import (
+	"context"
 	"reflect"
 	"strings"
 
@@ -58,15 +59,17 @@ var lrestlog = logf.Log.WithName("lrest-webhook")
 func (r *LREST) SetupWebhookWithManager(mgr ctrl.Manager) error {
 	return ctrl.NewWebhookManagedBy(mgr).
 		For(r).
+		WithDefaulter(r).
+		WithValidator(r).
 		Complete()
 }
 
 //+kubebuilder:webhook:path=/mutate-database-oracle-com-v4-lrest,mutating=true,failurePolicy=fail,sideEffects=None,groups=database.oracle.com,resources=lrests,verbs=create;update,versions=v4,name=mlrest.kb.io,admissionReviewVersions={v4,v1beta1}
 
-var _ webhook.Defaulter = &LREST{}
+var _ webhook.CustomDefaulter = &LREST{}
 
 // Default implements webhook.Defaulter so a webhook will be registered for the type
-func (r *LREST) Default() {
+func (r *LREST) Default(ctx context.Context, obj runtime.Object) error {
 	lrestlog.Info("Setting default values in LREST spec for : " + r.Name)
 
 	if r.Spec.LRESTPort == 0 {
@@ -76,30 +79,33 @@ func (r *LREST) Default() {
 	if r.Spec.Replicas == 0 {
 		r.Spec.Replicas = 1
 	}
+
+	return nil
 }
 
 // TODO(user): change verbs to "verbs=create;update;delete" if you want to enable deletion validation.
 //+kubebuilder:webhook:path=/validate-database-oracle-com-v4-lrest,mutating=false,failurePolicy=fail,sideEffects=None,groups=database.oracle.com,resources=lrests,verbs=create;update,versions=v4,name=vlrest.kb.io,admissionReviewVersions={v4,v1beta1}
 
-var _ webhook.Validator = &LREST{}
+var _ webhook.CustomValidator = &LREST{}
 
 // ValidateCreate implements webhook.Validator so a webhook will be registered for the type
-func (r *LREST) ValidateCreate() (admission.Warnings, error) {
+func (r *LREST) ValidateCreate(ctx context.Context, obj runtime.Object) (admission.Warnings, error) {
 	lrestlog.Info("ValidateCreate", "name", r.Name)
+	lrest := obj.(*LREST)
 
 	var allErrs field.ErrorList
 
-	if r.Spec.ServiceName == "" && r.Spec.DBServer != "" {
+	if lrest.Spec.ServiceName == "" && lrest.Spec.DBServer != "" {
 		allErrs = append(allErrs,
 			field.Required(field.NewPath("spec").Child("serviceName"), "Please specify LREST Service name"))
 	}
 
-	if reflect.ValueOf(r.Spec.LRESTTlsKey).IsZero() {
+	if reflect.ValueOf(lrest.Spec.LRESTTlsKey).IsZero() {
 		allErrs = append(allErrs,
 			field.Required(field.NewPath("spec").Child("lrestTlsKey"), "Please specify LREST Tls key(secret)"))
 	}
 
-	if reflect.ValueOf(r.Spec.LRESTTlsCrt).IsZero() {
+	if reflect.ValueOf(lrest.Spec.LRESTTlsCrt).IsZero() {
 		allErrs = append(allErrs,
 			field.Required(field.NewPath("spec").Child("lrestTlsCrt"), "Please specify LREST Tls Certificate(secret)"))
 	}
@@ -109,41 +115,41 @@ func (r *LREST) ValidateCreate() (admission.Warnings, error) {
 			field.Required(field.NewPath("spec").Child("scanName"), "Please specify SCAN Name for LREST"))
 	}*/
 
-	if (r.Spec.DBServer == "" && r.Spec.DBTnsurl == "") || (r.Spec.DBServer != "" && r.Spec.DBTnsurl != "") {
+	if (lrest.Spec.DBServer == "" && lrest.Spec.DBTnsurl == "") || (lrest.Spec.DBServer != "" && lrest.Spec.DBTnsurl != "") {
 		allErrs = append(allErrs,
 			field.Required(field.NewPath("spec").Child("dbServer"), "Please specify Database Server Name/IP Address or tnsalias string"))
 	}
 
-	if r.Spec.DBTnsurl != "" && (r.Spec.DBServer != "" || r.Spec.DBPort != 0 || r.Spec.ServiceName != "") {
+	if lrest.Spec.DBTnsurl != "" && (lrest.Spec.DBServer != "" || lrest.Spec.DBPort != 0 || lrest.Spec.ServiceName != "") {
 		allErrs = append(allErrs,
 			field.Required(field.NewPath("spec").Child("dbServer"), "DBtnsurl is orthogonal to (DBServer,DBport,Services)"))
 	}
 
-	if r.Spec.DBPort == 0 && r.Spec.DBServer != "" {
+	if lrest.Spec.DBPort == 0 && lrest.Spec.DBServer != "" {
 		allErrs = append(allErrs,
 			field.Required(field.NewPath("spec").Child("dbPort"), "Please specify DB Server Port"))
 	}
-	if r.Spec.DBPort < 0 && r.Spec.DBServer != "" {
+	if lrest.Spec.DBPort < 0 && lrest.Spec.DBServer != "" {
 		allErrs = append(allErrs,
 			field.Required(field.NewPath("spec").Child("dbPort"), "Please specify a valid DB Server Port"))
 	}
-	if r.Spec.LRESTPort < 0 {
+	if lrest.Spec.LRESTPort < 0 {
 		allErrs = append(allErrs,
 			field.Required(field.NewPath("spec").Child("ordsPort"), "Please specify a valid LREST Port"))
 	}
-	if r.Spec.Replicas < 0 {
+	if lrest.Spec.Replicas < 0 {
 		allErrs = append(allErrs,
 			field.Required(field.NewPath("spec").Child("replicas"), "Please specify a valid value for Replicas"))
 	}
-	if r.Spec.LRESTImage == "" {
+	if lrest.Spec.LRESTImage == "" {
 		allErrs = append(allErrs,
-			field.Required(field.NewPath("spec").Child("ordsImage"), "Please specify name of LREST Image to be used"))
+			field.Required(field.NewPath("spec").Child("lrestImage"), "Please specify name of LREST Image to be used"))
 	}
-	if reflect.ValueOf(r.Spec.LRESTAdminUser).IsZero() {
+	if reflect.ValueOf(lrest.Spec.LRESTAdminUser).IsZero() {
 		allErrs = append(allErrs,
-			field.Required(field.NewPath("spec").Child("lrestAdminUser"), "Please specify user in the root container with sysdba priviledges to manage PDB lifecycle"))
+			field.Required(field.NewPath("spec").Child("cdbAdminUser"), "Please specify user in the root container with sysdba priviledges to manage PDB lifecycle"))
 	}
-	if reflect.ValueOf(r.Spec.LRESTAdminPwd).IsZero() {
+	if reflect.ValueOf(lrest.Spec.LRESTAdminPwd).IsZero() {
 		allErrs = append(allErrs,
 			field.Required(field.NewPath("spec").Child("lrestAdminPwd"), "Please specify password for the LREST Administrator to manage PDB lifecycle"))
 	}
@@ -151,11 +157,11 @@ func (r *LREST) ValidateCreate() (admission.Warnings, error) {
 		allErrs = append(allErrs,
 			field.Required(field.NewPath("spec").Child("ordsPwd"), "Please specify password for user LREST_PUBLIC_USER"))
 	} */
-	if reflect.ValueOf(r.Spec.WebLrestServerUser).IsZero() {
+	if reflect.ValueOf(lrest.Spec.WebLrestServerUser).IsZero() {
 		allErrs = append(allErrs,
-			field.Required(field.NewPath("spec").Child("webLrestServerUser"), "Please specify the Web Server User having SQL Administrator role"))
+			field.Required(field.NewPath("spec").Child("webServerUser"), "Please specify the Web Server User having SQL Administrator role"))
 	}
-	if reflect.ValueOf(r.Spec.WebLrestServerPwd).IsZero() {
+	if reflect.ValueOf(lrest.Spec.WebLrestServerPwd).IsZero() {
 		allErrs = append(allErrs,
 			field.Required(field.NewPath("spec").Child("webServerPwd"), "Please specify password for the Web Server User having SQL Administrator role"))
 	}
@@ -168,7 +174,7 @@ func (r *LREST) ValidateCreate() (admission.Warnings, error) {
 }
 
 // ValidateUpdate implements webhook.Validator so a webhook will be registered for the type
-func (r *LREST) ValidateUpdate(old runtime.Object) (admission.Warnings, error) {
+func (r *LREST) ValidateUpdate(ctx context.Context, old, newObj runtime.Object) (admission.Warnings, error) {
 	lrestlog.Info("validate update", "name", r.Name)
 
 	isLRESTMarkedToBeDeleted := r.GetDeletionTimestamp() != nil
@@ -211,7 +217,7 @@ func (r *LREST) ValidateUpdate(old runtime.Object) (admission.Warnings, error) {
 }
 
 // ValidateDelete implements webhook.Validator so a webhook will be registered for the type
-func (r *LREST) ValidateDelete() (admission.Warnings, error) {
+func (r *LREST) ValidateDelete(ctx context.Context, obj runtime.Object) (admission.Warnings, error) {
 	lrestlog.Info("validate delete", "name", r.Name)
 
 	// TODO(user): fill in your validation logic upon object deletion.
diff --git a/apis/database/v4/lrpdb_types.go b/apis/database/v4/lrpdb_types.go
index d37bebdc..4a6467de 100644
--- a/apis/database/v4/lrpdb_types.go
+++ b/apis/database/v4/lrpdb_types.go
@@ -44,14 +44,14 @@ import (
 
 // LRPDBSpec defines the desired state of LRPDB
 type LRPDBSpec struct {
-	// INSERT ADDITIONAL SPEC FIELDS - desired state of cluster
-	// Important: Run "make" to regenerate code after modifying this file
-
+	// Secret: tls.key
 	LRPDBTlsKey LRPDBTLSKEY `json:"lrpdbTlsKey,omitempty"`
+	// Secret: tls.crt
 	LRPDBTlsCrt LRPDBTLSCRT `json:"lrpdbTlsCrt,omitempty"`
+	//	Secret: ca.crt
 	LRPDBTlsCat LRPDBTLSCAT `json:"lrpdbTlsCat,omitempty"`
+	// Secret for private key
 	LRPDBPriKey LRPDBPRVKEY `json:"cdbPrvKey,omitempty"`
-
 	// Namespace of the rest server
 	CDBNamespace string `json:"cdbNamespace,omitempty"`
 	// Name of the CDB Custom Resource that runs the LREST container
@@ -66,10 +66,11 @@ type LRPDBSpec struct {
 	AdminName LRPDBAdminName `json:"adminName,omitempty"`
 	// The administrator password for the new LRPDB. This property is required when the Action property is Create.
 	AdminPwd LRPDBAdminPassword `json:"adminPwd,omitempty"`
-	// Relevant for Create and Plug operations. As defined in the  Oracle Multitenant Database documentation. Values can be a filename convert pattern or NONE.
+	// PDB Admin user
 	AdminpdbUser AdminpdbUser `json:"adminpdbUser,omitempty"`
+	// PDB Admin user password
 	AdminpdbPass AdminpdbPass `json:"adminpdbPass,omitempty"`
-
+	// Use this parameter on non ASM storage '....path....','pdbname' e.g. '/u01/oradata','dborcl'
 	FileNameConversions string `json:"fileNameConversions,omitempty"`
 	// This property is required when the Action property is Plug. As defined in the Oracle Multitenant Database documentation. Values can be a source filename convert pattern or NONE.
 	SourceFileNameConversions string `json:"sourceFileNameConversions,omitempty"`
@@ -84,8 +85,10 @@ type LRPDBSpec struct {
 	// A Path specified for sparse clone snapshot copy. (Optional)
 	SparseClonePath string `json:"sparseClonePath,omitempty"`
 	// Whether to reuse temp file
+	// +kubebuilder:default=true
 	ReuseTempFile *bool `json:"reuseTempFile,omitempty"`
 	// Relevant for Create and Plug operations. True for unlimited storage. Even when set to true, totalSize and tempSize MUST be specified in the request if Action is Create.
+	// +kubebuilder:default=true
 	UnlimitedStorage *bool `json:"unlimitedStorage,omitempty"`
 	// Indicate if 'AS CLONE' option should be used in the command to plug in a LRPDB. This property is applicable when the Action property is PLUG but not required.
 	AsClone *bool `json:"asClone,omitempty"`
@@ -96,41 +99,60 @@ type LRPDBSpec struct {
 	// Web Server User with SQL Administrator role to allow us to authenticate to the PDB Lifecycle Management REST endpoints
 	WebLrpdbServerUser WebLrpdbServerUser `json:"webServerUser,omitempty"`
 	// Password for the Web Server User
-	WebLrpdbServerPwd WebLrpdbServerPassword `json:"webServerPwd,omitempt"`
+	WebLrpdbServerPwd WebLrpdbServerPassword `json:"webServerPwd,omitempty"`
 	// TDE import for plug operations
+	// +hidefromdoc
 	LTDEImport *bool `json:"tdeImport,omitempty"`
 	// LTDE export for unplug operations
+	// +hidefromdoc
 	LTDEExport *bool `json:"tdeExport,omitempty"`
 	// TDE password if the tdeImport or tdeExport flag is set to true. Can be used in create, plug or unplug operations
+	// +hidefromdoc
 	LTDEPassword LTDEPwd `json:"tdePassword,omitempty"`
 	// LTDE keystore path is required if the tdeImport or tdeExport flag is set to true. Can be used in plug or unplug operations.
+	// +hidefromdoc
 	LTDEKeystorePath string `json:"tdeKeystorePath,omitempty"`
 	// LTDE secret is required if the tdeImport or tdeExport flag is set to true. Can be used in plug or unplug operations.
+	// +hidefromdoc
 	LTDESecret LTDESecret `json:"tdeSecret,omitempty"`
-	// Whether you need the script only or execute the script
+	//  Whether you need the script only or execute the script - legacy parameter
+	//  +kubebuilder:default=false
 	GetScript *bool `json:"getScript,omitempty"`
 	// Action to be taken: Create/Clone/Plug/Unplug/Delete/Modify/Status/Map/Alter. Map is used to map a Databse LRPDB to a Kubernetes LRPDB CR.
-	// +kubebuilder:validation:Enum=Create;Clone;Plug;Unplug;Delete;Modify;Status;Map;Alter;Noaction
-	Action string `json:"action"`
+	// Mainted for backward compatibility. No longer need
+	Action string `json:"action,omitempty"`
 	// Extra options for opening and closing a LRPDB
 	// +kubebuilder:validation:Enum=IMMEDIATE;NORMAL;READ ONLY;READ WRITE;RESTRICTED
 	ModifyOption string `json:"modifyOption,omitempty"`
+	// Modify Option2 of the LRPDB
+	// +kubebuilder:default=NONE
+	ModifyOption2 string `json:"modifyOption2,omitempty"`
 	// to be used with ALTER option - obsolete do not use
 	AlterSystem string `json:"alterSystem,omitempty"`
-	// to be used with ALTER option - the name of the parameter
-	AlterSystemParameter string `json:"alterSystemParameter"`
-	// to be used with ALTER option - the  value of the parameter
-	AlterSystemValue string `json:"alterSystemValue"`
-	// parameter scope
+	// To be used with ALTER option - the name of the parameter
+	AlterSystemParameter string `json:"alterSystemParameter,omitempty"`
+	// To be used with ALTER option - the  value of the parameter
+	AlterSystemValue string `json:"alterSystemValue,omitempty"`
+	// Init parameter scope
 	ParameterScope string `json:"parameterScope,omitempty"`
 	// The target state of the LRPDB
-	// +kubebuilder:validation:Enum=OPEN;CLOSE;ALTER
+	// +kubebuilder:validation:Enum=OPEN;CLOSE;ALTER;DELETE;UNPLUG;PLUG;CLONE;RESET;NONE
 	LRPDBState string `json:"pdbState,omitempty"`
-	// turn on the assertive approach to delete pdb resource
-	// kubectl delete pdb ..... automatically triggers the pluggable database
+	// Turn on the imperative approach to delete pdb resource
+	// kubectl delete pdb command automatically triggers the pluggable database
 	// deletion
-	AssertiveLrpdbDeletion bool   `json:"assertiveLrpdbDeletion,omitempty"`
-	PDBConfigMap           string `json:"pdbconfigmap,omitempty"`
+	ImperativeLrpdbDeletion bool `json:"imperativeLrpdbDeletion,omitempty"`
+	// Config map containing the pdb parameters
+	PDBConfigMap string `json:"pdbconfigmap,omitempty"`
+	// Config map containing sql(ddl)/plsql code
+	PLSQLBlock string `json:"codeconfigmap,omitempty"`
+	// Spare filed not used
+	PLSQLExecMode int `json:"plsqlexemode,omitempty"`
+	// For future use - rest bitmask status
+	// ++kubebuilder:default=0
+	PDBBitMask int `json:"reststate,omitempty"`
+	// Debug option , not yet implemented
+	Debug int `json:"debug,omitempty"`
 }
 
 // LRPDBAdminName defines the secret containing Sys Admin User mapped to key 'adminName' for LRPDB
@@ -208,16 +230,21 @@ type LRPDBStatus struct {
 	OpenMode string `json:"openMode,omitempty"`
 	// Modify Option of the LRPDB
 	ModifyOption string `json:"modifyOption,omitempty"`
+	// Restricted
+	Restricted string `json:"restricted,omitempty"`
 	// Message
 	Msg string `json:"msg,omitempty"`
 	// Last Completed Action
 	Action string `json:"action,omitempty"`
 	// Last Completed alter system
-	AlterSystem string `json:"alterSystem,omitempty"`
+	PDBBitMask    int    `json:"pdbBitMask,omitempty"`
+	PDBBitMaskStr string `json:"pdbBitMaskStr,omitempty"`
+	AlterSystem   string `json:"alterSystem,omitempty"`
 	// Last ORA-
-	SqlCode    int    `json:"sqlCode"`
-	Bitstat    int    `json:"bitstat,omitempty"`    /* Bitmask */
-	BitStatStr string `json:"bitstatstr,omitempty"` /* Decoded bitmask */
+	SqlCode      int    `json:"sqlCode"`
+	LastPLSQL    string `json:"lastplsql,omitempty"`
+	CmBitstat    int    `json:"bitstat,omitempty"`    /* Bitmask */
+	CmBitStatStr string `json:"bitstatstr,omitempty"` /* Decoded bitmask */
 }
 
 // +kubebuilder:object:root=true
@@ -226,9 +253,11 @@ type LRPDBStatus struct {
 // +kubebuilder:printcolumn:JSONPath=".spec.pdbName",name="PDB Name",type="string",description="Name of the PDB"
 // +kubebuilder:printcolumn:JSONPath=".status.openMode",name="PDB State",type="string",description="PDB Open Mode"
 // +kubebuilder:printcolumn:JSONPath=".status.totalSize",name="PDB Size",type="string",description="Total Size of the PDB"
-// +kubebuilder:printcolumn:JSONPath=".status.phase",name="Status",type="string",description="Status of the LRPDB Resource"
 // +kubebuilder:printcolumn:JSONPath=".status.msg",name="Message",type="string",description="Error message, if any"
+// +kubebuilder:printcolumn:JSONPath=".status.restricted",name="Restricted",type="string",description="open restricted"
 // +kubebuilder:printcolumn:JSONPath=".status.sqlCode",name="last sqlcode",type="integer",description="last sqlcode"
+// +kubebuilder:printcolumn:JSONPath=".status.lastplsql",name="last PLSQL",type="string",description="last plsql applied"
+// +kubebuilder:printcolumn:JSONPath=".status.pdbBitMaskStr",name="BITMASK STATUS",type="string",description="Bitmask status"
 // +kubebuilder:printcolumn:JSONPath=".status.connString",name="Connect_String",type="string",description="The connect string to be used"
 // +kubebuilder:resource:path=lrpdbs,scope=Namespaced
 // +kubebuilder:storageversion
diff --git a/apis/database/v4/lrpdb_webhook.go b/apis/database/v4/lrpdb_webhook.go
index d6807926..2e1b923d 100644
--- a/apis/database/v4/lrpdb_webhook.go
+++ b/apis/database/v4/lrpdb_webhook.go
@@ -49,6 +49,7 @@ import (
 	"strconv"
 	"strings"
 
+	. "github.com/oracle/oracle-database-operator/commons/multitenant/lrest"
 	apierrors "k8s.io/apimachinery/pkg/api/errors"
 	"k8s.io/apimachinery/pkg/runtime"
 	"k8s.io/apimachinery/pkg/runtime/schema"
@@ -150,39 +151,18 @@ func (r *LRPDB) ValidateCreate(ctx context.Context, obj runtime.Object) (admissi
 	return nil, apierrors.NewInvalid(
 		schema.GroupKind{Group: "database.oracle.com", Kind: "LRPDB"},
 		r.Name, allErrs)
-	return nil, nil
 }
 
 // Validate Action for required parameters
 func (r *LRPDB) validateAction(allErrs *field.ErrorList, ctx context.Context, pdb LRPDB) {
-	action := strings.ToUpper(pdb.Spec.Action)
-
-	lrpdblog.Info("Valdiating LRPDB Resource Action : " + action)
-
-	if reflect.ValueOf(pdb.Spec.LRPDBTlsKey).IsZero() {
-		*allErrs = append(*allErrs,
-			field.Required(field.NewPath("spec").Child("lrpdbTlsKey"), "Please specify LRPDB Tls Key(secret)"))
-	}
-
-	if reflect.ValueOf(pdb.Spec.LRPDBTlsCrt).IsZero() {
-		*allErrs = append(*allErrs,
-			field.Required(field.NewPath("spec").Child("lrpdbTlsCrt"), "Please specify LRPDB Tls Certificate(secret)"))
-	}
 
-	if reflect.ValueOf(pdb.Spec.LRPDBTlsCat).IsZero() {
-		*allErrs = append(*allErrs,
-			field.Required(field.NewPath("spec").Child("lrpdbTlsCat"), "Please specify LRPDB Tls Certificate Authority(secret)"))
-	}
+	pdbstate := strings.ToUpper(pdb.Spec.LRPDBState)
+	scrdatabase := strings.ToUpper(pdb.Spec.SrcLRPDBName)
+	//plsql := strings.ToUpper(pdb.Spec.PLSQLBlock)
 
-	switch action {
-	case "DELETE":
-		/* BUG 36752336 - LREST OPERATOR - DELETE NON-EXISTENT PDB SHOWS LRPDB CREATED MESSAGE */
-		if pdb.Status.OpenMode == "READ WRITE" {
-			lrpdblog.Info("Cannot delete: pdb is open ")
-			*allErrs = append(*allErrs, field.Invalid(field.NewPath("status").Child("OpenMode"), "READ WRITE", "pdb "+pdb.Spec.LRPDBName+" "+pdb.Status.OpenMode))
-		}
-		r.CheckObjExistence("DELETE", allErrs, ctx, pdb)
-	case "CREATE":
+	lrpdblog.Info("Valdiating LRPDB Resource ")
+	/* Parameters required by the creation */
+	if Bit(pdb.Status.PDBBitMask, PDBCRT) == false {
 		if reflect.ValueOf(pdb.Spec.AdminpdbUser).IsZero() {
 			*allErrs = append(*allErrs,
 				field.Required(field.NewPath("spec").Child("adminpdbUser"), "Please specify LRPDB System Administrator user"))
@@ -199,32 +179,32 @@ func (r *LRPDB) validateAction(allErrs *field.ErrorList, ctx context.Context, pd
 			*allErrs = append(*allErrs,
 				field.Required(field.NewPath("spec").Child("totalSize"), "When the storage is not UNLIMITED the Total Size must be specified"))
 		}
-		if pdb.Spec.TempSize == "" {
-			*allErrs = append(*allErrs,
-				field.Required(field.NewPath("spec").Child("tempSize"), "When the storage is not UNLIMITED the Temp Size must be specified"))
-		}
-		if *(pdb.Spec.LTDEImport) {
-			r.validateTDEInfo(allErrs, ctx, pdb)
-		}
-	case "CLONE":
-		// Sample Err: The LRPDB "lrpdb1-clone" is invalid: spec.srcPdbName: Required value: Please specify source LRPDB for Cloning
-		if pdb.Spec.SrcLRPDBName == "" {
-			*allErrs = append(*allErrs,
-				field.Required(field.NewPath("spec").Child("srcPdbName"), "Please specify source LRPDB name for Cloning"))
-		}
-		if pdb.Spec.TotalSize == "" {
-			*allErrs = append(*allErrs,
-				field.Required(field.NewPath("spec").Child("totalSize"), "When the storage is not UNLIMITED the Total Size must be specified"))
-		}
-		if pdb.Spec.TempSize == "" {
-			*allErrs = append(*allErrs,
-				field.Required(field.NewPath("spec").Child("tempSize"), "When the storage is not UNLIMITED the Temp Size must be specified"))
-		}
-		if pdb.Status.OpenMode == "MOUNT" {
-			lrpdblog.Info("Cannot clone: pdb is mount ")
-			*allErrs = append(*allErrs, field.Invalid(field.NewPath("status").Child("OpenMode"), "READ WRITE", "pdb "+pdb.Spec.LRPDBName+" "+pdb.Status.OpenMode))
-		}
-	case "PLUG":
+		/*
+			if pdb.Spec.TempSize == "" {
+				*allErrs = append(*allErrs,
+					field.Required(field.NewPath("spec").Child("tempSize"), "When the storage is not UNLIMITED the Temp Size must be specified"))
+			}
+			if *(pdb.Spec.LTDEImport) {
+				r.validateTDEInfo(allErrs, ctx, pdb)
+			}
+		*/
+
+	}
+
+	/* We cannot open|close|delete|unplug a non existing pdb */
+	if (pdbstate == "OPEN" || pdbstate == "CLOSE" || pdbstate == "DELETE" || pdbstate == "UNPLUG") && Bit(pdb.Status.PDBBitMask, PDBCRT) == false {
+		*allErrs = append(*allErrs,
+			field.Required(field.NewPath("spec").Child("LRPDBState"), "PDB does not exists"))
+	}
+
+	/* Database already exists
+	if scrdatabase != "" && Bit(pdb.Status.PDBBitMask, PDBCRT) == true {
+		*allErrs = append(*allErrs,
+			field.Required(field.NewPath("spec").Child("SrcLRPDBName"), "PDB already exists/Cannot clone"))
+	}
+	*/
+
+	if pdbstate == "PLUG" && pdb.Spec.XMLFileName != "" && Bit(pdb.Status.PDBBitMask, PDBCRT) == false && Bit(pdb.Status.PDBBitMask, PDBPLE) == false {
 		if pdb.Spec.XMLFileName == "" {
 			*allErrs = append(*allErrs,
 				field.Required(field.NewPath("spec").Child("xmlFileName"), "Please specify XML metadata filename"))
@@ -244,7 +224,10 @@ func (r *LRPDB) validateAction(allErrs *field.ErrorList, ctx context.Context, pd
 		if *(pdb.Spec.LTDEImport) {
 			r.validateTDEInfo(allErrs, ctx, pdb)
 		}
-	case "UNPLUG":
+
+	}
+
+	if pdbstate == "UNPLUG" && pdb.Spec.XMLFileName != "" && Bit(pdb.Status.PDBBitMask, PDBCRT) == true && Bit(pdb.Status.PDBBitMask, FNALAZ) == true && Bit(pdb.Status.PDBBitMask, PDBUPE) == false {
 		if pdb.Spec.XMLFileName == "" {
 			*allErrs = append(*allErrs,
 				field.Required(field.NewPath("spec").Child("xmlFileName"), "Please specify XML metadata filename"))
@@ -257,17 +240,53 @@ func (r *LRPDB) validateAction(allErrs *field.ErrorList, ctx context.Context, pd
 			*allErrs = append(*allErrs, field.Invalid(field.NewPath("status").Child("OpenMode"), "READ WRITE", "pdb "+pdb.Spec.LRPDBName+" "+pdb.Status.OpenMode))
 		}
 		r.CheckObjExistence("UNPLUG", allErrs, ctx, pdb)
-	case "MODIFY":
+	}
+
+	if reflect.ValueOf(pdb.Spec.LRPDBTlsKey).IsZero() {
+		*allErrs = append(*allErrs,
+			field.Required(field.NewPath("spec").Child("lrpdbTlsKey"), "Please specify LRPDB Tls Key(secret)"))
+	}
 
-		if pdb.Spec.LRPDBState == "" {
+	if reflect.ValueOf(pdb.Spec.LRPDBTlsCrt).IsZero() {
+		*allErrs = append(*allErrs,
+			field.Required(field.NewPath("spec").Child("lrpdbTlsCrt"), "Please specify LRPDB Tls Certificate(secret)"))
+	}
+
+	if reflect.ValueOf(pdb.Spec.LRPDBTlsCat).IsZero() {
+		*allErrs = append(*allErrs,
+			field.Required(field.NewPath("spec").Child("lrpdbTlsCat"), "Please specify LRPDB Tls Certificate Authority(secret)"))
+	}
+
+	/* Check clone parameters */
+	if scrdatabase != "" && Bit(pdb.Status.PDBBitMask, PDBCRT|FNALAZ|PDBCRE) == false {
+		if pdb.Spec.TotalSize == "" {
 			*allErrs = append(*allErrs,
-				field.Required(field.NewPath("spec").Child("lrpdbState"), "Please specify target state of LRPDB"))
+				field.Required(field.NewPath("spec").Child("totalSize"), "When the storage is not UNLIMITED the Total Size must be specified"))
 		}
-		if pdb.Spec.ModifyOption == "" && pdb.Spec.AlterSystem == "" {
+		if pdb.Spec.TempSize == "" {
 			*allErrs = append(*allErrs,
-				field.Required(field.NewPath("spec").Child("modifyOption"), "Please specify an option for opening/closing a LRPDB or alter system parameter"))
+				field.Required(field.NewPath("spec").Child("tempSize"), "When the storage is not UNLIMITED the Temp Size must be specified"))
+		}
+		if pdb.Status.OpenMode == "MOUNT" {
+			lrpdblog.Info("Cannot clone: pdb is mount ")
+			*allErrs = append(*allErrs, field.Invalid(field.NewPath("status").Child("OpenMode"), "READ WRITE", "pdb "+pdb.Spec.LRPDBName+" "+pdb.Status.OpenMode))
 		}
-		r.CheckObjExistence("MODIFY", allErrs, ctx, pdb)
+
+	}
+
+	if pdbstate == "UNPLUG" {
+		if pdb.Spec.XMLFileName == "" {
+			*allErrs = append(*allErrs,
+				field.Required(field.NewPath("spec").Child("xmlFileName"), "Please specify XML metadata filename"))
+		}
+		if *(pdb.Spec.LTDEExport) {
+			r.validateTDEInfo(allErrs, ctx, pdb)
+		}
+		if pdb.Status.OpenMode == "READ WRITE" {
+			lrpdblog.Info("Cannot unplug: pdb is open ")
+			*allErrs = append(*allErrs, field.Invalid(field.NewPath("status").Child("OpenMode"), "READ WRITE", "pdb "+pdb.Spec.LRPDBName+" "+pdb.Status.OpenMode))
+		}
+		r.CheckObjExistence("UNPLUG", allErrs, ctx, pdb)
 	}
 }
 
@@ -317,7 +336,6 @@ func (r *LRPDB) ValidateUpdate(ctx context.Context, obj runtime.Object, old runt
 	return nil, apierrors.NewInvalid(
 		schema.GroupKind{Group: "database.oracle.com", Kind: "LRPDB"},
 		r.Name, allErrs)
-	return nil, nil
 }
 
 // ValidateDelete implements webhook.Validator so a webhook will be registered for the type
@@ -332,10 +350,10 @@ func (r *LRPDB) ValidateDelete(ctx context.Context, obj runtime.Object) (admissi
 func (r *LRPDB) validateCommon(allErrs *field.ErrorList, ctx context.Context, pdb LRPDB) {
 	lrpdblog.Info("validateCommon", "name", pdb.Name)
 
-	if pdb.Spec.Action == "" {
+	/* if pdb.Spec.Action == "" {
 		*allErrs = append(*allErrs,
 			field.Required(field.NewPath("spec").Child("action"), "Please specify LRPDB operation to be performed"))
-	}
+	} */
 	if pdb.Spec.CDBResName == "" {
 		*allErrs = append(*allErrs,
 			field.Required(field.NewPath("spec").Child("cdbResName"), "Please specify the name of the CDB Kubernetes resource to use for LRPDB operations"))
diff --git a/apis/database/v4/oraclerestart_types.go b/apis/database/v4/oraclerestart_types.go
new file mode 100644
index 00000000..b0ae127d
--- /dev/null
+++ b/apis/database/v4/oraclerestart_types.go
@@ -0,0 +1,381 @@
+/*
+** Copyright (c) 2022 Oracle and/or its affiliates.
+**
+** The Universal Permissive License (UPL), Version 1.0
+**
+** Subject to the condition set forth below, permission is hereby granted to any
+** person obtaining a copy of this software, associated documentation and/or data
+** (collectively the "Software"), free of charge and under any and all copyright
+** rights in the Software, and any and all patent rights owned or freely
+** licensable by each licensor hereunder covering either (i) the unmodified
+** Software as contributed to or provided by such licensor, or (ii) the Larger
+** Works (as defined below), to deal in both
+**
+** (a) the Software, and
+** (b) any piece of software and/or hardware listed in the lrgrwrks.txt file if
+** one is included with the Software (each a "Larger Work" to which the Software
+** is contributed by such licensors),
+**
+** without restriction, including without limitation the rights to copy, create
+** derivative works of, display, perform, and distribute the Software and make,
+** use, sell, offer for sale, import, export, have made, and have sold the
+** Software and the Larger Work(s), and to sublicense the foregoing rights on
+** either these or other terms.
+**
+** This license is subject to the following condition:
+** The above copyright notice and either this complete permission notice or at
+** a minimum a reference to the UPL must be included in all copies or
+** substantial portions of the Software.
+**
+** THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+** IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+** FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+** AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+** LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+** OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+** SOFTWARE.
+ */
+
+package v4
+
+import (
+	"sync"
+
+	corev1 "k8s.io/api/core/v1"
+	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
+)
+
+// EDIT THIS FILE!  THIS IS SCAFFOLDING FOR YOU TO OWN!
+// NOTE: json tags are required.  Any new fields you add must have json tags for the fields to be serialized.
+
+// OracleRestartSpec defines the desired state of OracleRestart
+type OracleRestartSpec struct {
+	// INSERT ADDITIONAL SPEC FIELDS - desired state of cluster
+	// Important: Run "make" to regenerate code after modifying this file
+	InstDetails       OracleRestartInstDetailSpec    `json:"instDetails"`
+	ConfigParams      *InitParams                    `json:"configParams,omitempty"`
+	AsmStorageDetails *AsmDiskDetails                `json:"asmStorageDetails,omitempty"`
+	Image             string                         `json:"image,omitempty"`
+	ImagePullSecret   string                         `json:"imagePullSecret,omitempty"`
+	ScriptsLocation   string                         `json:"scriptsLocation,omitempty"`
+	SshKeySecret      *OracleRestartSshSecretDetails `json:"sshKeySecret,omitempty"`
+	// +kubebuilder:validation:Enum=Always;IfNotPresent;Never
+	// +kubebuilder:validation:default="Always"
+	ImagePullPolicy    *corev1.PullPolicy               `json:"imagePullPolicy,omitempty"`
+	ReadinessProbe     *corev1.Probe                    `json:"readinessProbe,omitempty"`
+	ScriptsGetCmd      string                           `json:"scriptsGetCmd,omitempty"`
+	IsDebug            string                           `json:"isDebug,omitempty"`
+	SecurityContext    *corev1.PodSecurityContext       `json:"securityContext"`
+	IsDeleteTopolgy    string                           `json:"isDeleteTopology,omitempty"`
+	DbSecret           *OracleRestartDbPwdSecretDetails `json:"dbSecret,omitempty"`
+	TdeWalletSecret    *OracleRestartDbPwdSecretDetails `json:"tdeWalletSecret,omitempty"`
+	ServiceDetails     ServiceSpec                      `json:"serviceDetails,omitempty"`
+	Resources          *corev1.ResourceRequirements     `json:"resources,omitempty" protobuf:"bytes,1,opt,name=resources"`
+	IsFailed           bool                             `json:"isFailed,omitempty"`
+	IsManual           bool                             `json:"isManual,omitempty"`
+	SrvAccountName     string                           `json:"serviceAccountName,omitempty"`
+	DataDgStorageClass string                           `json:"dataDgStorageClass,omitempty"`
+	RedoDgStorageClass string                           `json:"redoDgStorageClass,omitempty"`
+	RecoDgStorageClass string                           `json:"recoDgStorageClass,omitempty"`
+	SwStorageClass     string                           `json:"swDgStorageClass,omitempty"`
+	CrsDgStorageClass  string                           `json:"crsDgStorageClass,omitempty"`
+	LbService          OracleRestartNodePortSvc         `json:"lbService,omitempty"`
+	NodePortSvc        OracleRestartNodePortSvc         `json:"nodePortSvc,omitempty"` // Port mappings for the service that is created. The service is created if
+	// +kubebuilder:validation:Enum=enable;disable
+	// +kubebuilder:default="enable"
+	EnableOns string `json:"enableOns,omitempty"`
+}
+
+type AsmDiskDetails struct {
+	DisksBySize []DiskBySize `json:"disksBySize,omitempty"`
+	AutoUpdate  string       `json:"autoUpdate,omitempty"`
+}
+
+// DiskBySize represents a list of disks grouped by size
+type DiskBySize struct {
+	StorageSizeInGb int      `json:"storageSizeInGb,omitempty"`
+	DiskNames       []string `json:"diskNames,omitempty"`
+}
+
+type InitParams struct {
+	GridHome                string       `json:"gridHome,omitempty"`
+	DbHome                  string       `json:"dbHome,omitempty"`
+	GridBase                string       `json:"gridBase,omitempty"`
+	DbBase                  string       `json:"dbBase,omitempty"`
+	Inventory               string       `json:"inventory,omitempty"`
+	GridResponseFile        ResponseFile `json:"gridResponseFile,omitempty"`
+	DbResponseFile          ResponseFile `json:"dbResponseFile,omitempty"`
+	GridSwZipFile           string       `json:"gridSwZipFile,omitempty"`
+	DbSwZipFile             string       `json:"dbSwZipFile,omitempty"`
+	OPatchSwZipFile         string       `json:"oPatchSwZipFile,omitempty"`
+	StagingSoftwareLocation string       `json:"stagingSoftwareLocation,omitempty"`
+	OpType                  string       `json:"opType,omitempty"`
+	CpuCount                int          `json:"cpuCount,omitempty"`
+	SgaSize                 string       `json:"sgaSize,omitempty"`
+	PgaSize                 string       `json:"pgaSize,omitempty"`
+	Processes               int          `json:"processes,omitempty"`
+	DbUniqueName            string       `json:"dbUniqueName,omitempty"`
+	CrsAsmDiskDg            string       `json:"crsAsmDiskDg,omitempty"`
+	CrsAsmDeviceList        string       `json:"crsAsmDeviceList,omitempty"`
+	DbRecoveryFileDest      string       `json:"dbRecoveryFileDest,omitempty"`
+	DbRecoveryFileDestSize  string       `json:"dbRecoveryFileDestSize,omitempty"`
+	DbDataFileDestDg        string       `json:"dbDataFileDestDg,omitempty"`
+	CrsAsmDiskDgRedundancy  string       `json:"crsAsmDiskDgRedundancy,omitempty"`
+	DBAsmDiskDgRedundancy   string       `json:"dbAsmDiskDgRedundancy,omitempty"`
+	RecoAsmDiskDgRedundancy string       `json:"recoAsmDiskDgRedundancy,omitempty"`
+	RedoAsmDiskDgRedundancy string       `json:"redoAsmDiskDgRedundancy,omitempty"`
+	DbName                  string       `json:"dbName,omitempty"`
+	PdbName                 string       `json:"pdbName,omitempty"`
+	DbStorageType           string       `json:"dbStorageType,omitempty"`
+	DbAsmDeviceList         string       `json:"dbAsmDeviceList,omitempty"`
+	RecoAsmDeviceList       string       `json:"recoAsmDeviceList,omitempty"`
+	RedoAsmDeviceList       string       `json:"redoAsmDeviceList,omitempty"`
+	RedoAsmDiskDg           string       `json:"redoAsmDiskDg,omitempty"`
+	DbCharSet               string       `json:"dbCharSet,omitempty"`
+	DbRedoFileSize          string       `json:"dbRedoFileSize,omitempty"`
+	DbType                  string       `json:"dbType,omitempty"`
+	DbConfigType            string       `json:"dbConfigType,omitempty"`
+	EnableArchiveLog        string       `json:"enableArchiveLog,omitempty"`
+	SwMountLocation         string       `json:"swMountLocation,omitempty"`
+	HostSwStageLocation     string       `json:"hostSwStageLocation,omitempty"`
+	RuPatchLocation         string       `json:"ruPatchLocation,omitempty"`
+	RuFolderName            string       `json:"ruFolderName,omitempty"`
+	OPatchLocation          string       `json:"oPatchLocation,omitempty"`
+	SwStagePvc              string       `json:"swStagePvc,omitempty"`
+	SwStagePvcMountLocation string       `json:"swStagePvcMountLocation,omitempty"`
+	OneOffLocation          string       `json:"oneOffLocation,omitempty"`
+	DbOneOffIds             string       `json:"dbOneOffIds,omitempty"`
+	GridOneOffIds           string       `json:"gridOneOffIds,omitempty"`
+}
+
+type OracleRestartInstDetailSpec struct {
+	Name                 string          `json:"name,omitempty"` // Name of the Oracle Restart Instance
+	HostSwLocation       string          `json:"hostSwLocation,omitempty"`
+	SwLocStorageSizeInGb int             `json:"swLocStorageSizeInGb,omitempty"`
+	WorkerNode           []string        `json:"workerNode,omitempty"`
+	EnvVars              []corev1.EnvVar `json:"envVars,omitempty"` //Optional Env variables for Shards
+	Label                string          `json:"label,omitempty"`
+	IsDelete             string          `json:"isDelete,omitempty"`
+	IsForceDelete        string          `json:"isForceDelete,omitempty"`
+	EnvFile              string          `json:"envFile,omitempty"`
+	// +kubebuilder:validation:default="delete"
+	IsKeepPVC string            `json:"isKeepPVC,omitempty"`
+	PvcName   map[string]string `json:"pvcName,omitempty"`
+}
+
+// Responsefile Name
+type ResponseFile struct {
+	ConfigMapName string `json:"configMapName,omitempty"`
+	Name          string `json:"name,omitempty"`
+}
+
+// OracleRestart DB Secret Details
+type OracleRestartDbPwdSecretDetails struct {
+	Name                 string `json:"name,omitempty"`        // Name of the secret.
+	KeyFileName          string `json:"keyFileName,omitempty"` // Name of the key.
+	PwdFileName          string `json:"pwdFileName,omitempty"`
+	PwdFileMountLocation string `json:"pwdFileMountLocation,omitempty"`
+	KeyFileMountLocation string `json:"keyFileMountLocation,omitempty"`
+	KeySecretName        string `json:"keySecretName,omitempty"`
+	EncryptionType       string `json:"encryptionType,omitempty"`
+}
+
+// OracleRestart Ssh secret Details
+type OracleRestartSshSecretDetails struct {
+	Name              string `json:"name"` // Name of the secret.
+	KeyMountLocation  string `json:"keyMountLocation,omitempty"`
+	PrivKeySecretName string `json:"privKeySecretName,omitempty"`
+	PubKeySecretName  string `json:"pubKeySecretName,omitempty"`
+}
+
+// Service Definition
+type ServiceSpec struct {
+	Name                  string   `json:"name"` // Name of the shardSpace.
+	Cardinality           string   `json:"cardinality,omitempty"`
+	Preferred             []string `json:"preferred,omitempty"`
+	TafPolicy             string   `json:"tafPolicy,omitempty"`
+	Available             []string `json:"available,omitempty"`
+	Role                  string   `json:"role,omitempty"`
+	Notification          string   `json:"notification,omitempty"`
+	CommitOutCome         string   `json:"commitOutcome,omitempty"`
+	CommitOutComeFastPath string   `json:"commitOutComeFastPath,omitempty"`
+	Retention             int      `json:"retenion,omitempty"`
+	SessionState          string   `json:"sessionState,omitempty"`
+	Pdb                   string   `json:"pdb,omitempty"`
+	StopOption            string   `json:"stopOption,omitempty"`
+	DrainTimeOut          int      `json:"drainTimeOut,omitempty"`
+	FailOverType          string   `json:"failOverType,omitempty"`
+	FailOverDelay         int      `json:"failOverDelay,omitempty"`
+	FailOverRetry         int      `json:"failOverRetry,omitempty"`
+	FailBack              string   `json:"failBack,omitempty"`
+	FailOverRestore       string   `json:"failOverRestore,omitempty"`
+	ClbGoal               string   `json:"clbGoal,omitempty"`
+	RlbGoal               string   `json:"rlbGoal,omitempty"`
+	Dtp                   string   `json:"dtp,omitempty"`
+	Edition               string   `json:"edition,omitempty"`
+	SvcState              string   `json:"svcState,omitempty"`
+}
+
+// OracleRestartStatus defines the observed state of OracleRestart
+type OracleRestartStatus struct {
+	// INSERT ADDITIONAL STATUS FIELD - define observed state of cluster
+	// Important: Run "make" to regenerate code after modifying this file
+	DbName                string                     `json:"DbName,omitempty"`
+	ConnectString         string                     `json:"connectString,omitempty"`
+	PdbConnectString      string                     `json:"pdbConnectString,omitempty"`
+	ExternalConnectString string                     `json:"externalConnectString,omitempty"`
+	OracleRestartNodes    []*OracleRestartNodestatus `json:"OracleRestartNodes,omitempty"`
+	ReleaseUpdate         string                     `json:"releaseUpdate,omitempty"`
+	Role                  string                     `json:"role,omitempty"`
+	DbState               string                     `json:"dbState,omitempty"`
+	State                 string                     `json:"state,omitempty"`
+	InstallNode           string                     `json:"installNode,omitempty"`
+
+	// +patchMergeKey=type
+	// +patchStrategy=merge
+	// +listType=map
+	// +listMapKey=type
+	Conditions         []metav1.Condition               `json:"conditions,omitempty" patchStrategy:"merge" patchMergeKey:"type"`
+	InstDetails        *OracleRestartInstDetailSpec     `json:"instDetails,omitempty"`
+	ConfigParams       *InitParams                      `json:"configParams,omitempty"`
+	AsmDetails         *AsmInstanceStatus               `json:"asmDetails,omitempty"`
+	NfsStorageDetails  *corev1.NFSVolumeSource          `json:"nfsStorageDetails,omitempty"`
+	UseNfsforSwStorage string                           `json:"useNfsforSwStorage,omitempty"`
+	StorageClass       string                           `json:"storageClass,omitempty"`
+	StorageSizeInGB    int                              `json:"storageSizeInGB,omitempty"`
+	Image              string                           `json:"image,omitempty"`
+	ImagePullSecret    string                           `json:"imagePullSecret,omitempty"`
+	ScriptsLocation    string                           `json:"scriptsLocation,omitempty"`
+	IsDeleteOraPvc     string                           `json:"isDeleteOraPvc,omitempty"`
+	SshKeySecret       *OracleRestartSshSecretDetails   `json:"sshKeySecret,omitempty"`
+	ImagePullPolicy    *corev1.PullPolicy               `json:"imagePullPolicy,omitempty"`
+	ReadinessProbe     *corev1.Probe                    `json:"readinessProbe,omitempty"`
+	ScriptsGetCmd      string                           `json:"scriptsGetCmd,omitempty"`
+	IsDebug            string                           `json:"isDebug,omitempty"`
+	SecurityContext    *corev1.PodSecurityContext       `json:"securityContext,omitempty"`
+	IsDeleteTopolgy    string                           `json:"isDeleteTopology,omitempty"`
+	ExternalSvcType    *string                          `json:"externalSvcType,omitempty"`
+	DbSecret           *OracleRestartDbPwdSecretDetails `json:"dbSecret,omitempty"`
+	TdeWalletSecret    *OracleRestartDbPwdSecretDetails `json:"tdeWalletSecret,omitempty"`
+	ServiceDetails     ServiceSpec                      `json:"serviceDetails,omitempty"`
+	Resources          *corev1.ResourceRequirements     `json:"resources,omitempty" protobuf:"bytes,1,opt,name=resources"`
+	OldSpec            string                           `json:"oldSpec,omitempty"`
+}
+
+type OracleRestartNodePortSvc struct {
+	PortMappings  []OracleRestartPortMapping `json:"portMappings,omitempty"`
+	SvcName       string                     `json:"name,omitempty"`
+	SvcType       string                     `json:"svcType,omitempty"`
+	SvcLBIP       string                     `json:"svcLBIP,omitempty"`
+	SvcAnnotation map[string]string          `json:"svcAnnotation,omitempty"`
+	OnsTargetPort *int32                     `json:"onsTargetPort,omitempty"` // Port that will be exposed on the service.
+	OnsLocalPort  *int32                     `json:"onsLocalPort,omitempty"`  // Port that will be exposed on the service.
+}
+
+type OracleRestartPortMapping struct {
+	Port       int32 `json:"port,omitempty"`
+	TargetPort int32 `json:"targetPort,omitempty"`
+	// +kubebuilder:validation:Enum=TCP;UDP;SCTP
+	// +kubebuilder:default=TCP
+	Protocol corev1.Protocol `json:"protocol,omitempty"`
+	NodePort int32           `json:"nodePort,omitempty"`
+}
+
+type OracleRestartNodestatus struct {
+	Name        string                           `json:"name,omitempty"`
+	NodeDetails *OracleRestartNodeDetailedStatus `json:"nodeDetails,omitempty"`
+}
+
+type OracleRestartNodeDetailedStatus struct {
+	WorkerNode     string                     `json:"workerNode,omitempty"` //Optional Env variables for Shards
+	PvcName        map[string]string          `json:"pvcName,omitempty"`
+	NodePortSvc    []OracleRestartNodePortSvc `json:"nodePortSvc,omitempty"` // Port mappings for the service that is created. The service is created if
+	PortMappings   []OracleRestartPortMapping `json:"portMappings,omitempty"`
+	ClusterState   string                     `json:"clusterState,omitempty"`
+	InstanceState  string                     `json:"InstanceState,omitempty"`
+	PodState       string                     `json:"PodState,omitempty"`
+	IsDelete       string                     `json:"isDelete,omitempty"`
+	State          string                     `json:"state,omitempty"`
+	MountedDevices []string                   `json:"mountedDevices,omitempty"`
+}
+
+type AsmInstanceStatus struct {
+	Diskgroup []AsmDiskgroupStatus `json:"diskgroup,omitempty"`
+}
+
+type AsmDiskgroupStatus struct {
+	Name       string   `json:"name,omitempty"`
+	Disks      []string `json:"disks,omitempty"`
+	Redundancy string   `json:"redundancy,omitempty"`
+}
+
+type OracleRestartLifecycleState string
+
+const (
+	OracleRestartAvailableState      OracleRestartLifecycleState = "AVAILABLE"
+	OracleRestartFailedState         OracleRestartLifecycleState = "FAILED"
+	OracleRestartUpdateState         OracleRestartLifecycleState = "UPDATING"
+	OracleRestartProvisionState      OracleRestartLifecycleState = "PROVISIONING"
+	OracleRestartPendingState        OracleRestartLifecycleState = "PENDING"
+	OracleRestartFieldNotDefined     OracleRestartLifecycleState = "NOT_DEFINED"
+	OracleRestartPodNotReadyState    OracleRestartLifecycleState = "PODNOTREADY"
+	OracleRestartPodFailureState     OracleRestartLifecycleState = "PODFAILURE"
+	OracleRestartPodNotFound         OracleRestartLifecycleState = "PODNOTFOUND"
+	OracleRestartStatefulSetFailure  OracleRestartLifecycleState = "STATEFULSETFAILURE"
+	OracleRestartStatefulSetNotFound OracleRestartLifecycleState = "STATEFULSETNOTFOUND"
+	OracleRestartPodAvailableState   OracleRestartLifecycleState = "PODAVAILABLE"
+	OracleRestartDeletingState       OracleRestartLifecycleState = "DELETING"
+	OracleRestartDeleteErrorState    OracleRestartLifecycleState = "DELETE_ERROR"
+	OracleRestartTerminated          OracleRestartLifecycleState = "TERMINATED"
+	OracleRestartLabelPatchingError  OracleRestartLifecycleState = "LABELPATCHINGERROR"
+	OracleRestartDeletePVCError      OracleRestartLifecycleState = "DELETEPVCERROR"
+	OracleRestartAddInstState        OracleRestartLifecycleState = "OracleRestart_INST_ADDITION"
+	OracleRestartManualState         OracleRestartLifecycleState = "MANUAL"
+)
+
+type OracleRestartCrdReconcileState string
+
+const (
+	OracleRestartCrdReconcileErrorState     OracleRestartCrdReconcileState = "ReconcileError"
+	OracleRestartCrdReconcileErrorReason    OracleRestartCrdReconcileState = "LastReconcileCycleFailed"
+	OracleRestartCrdReconcileQueuedState    OracleRestartCrdReconcileState = "ReconcileQueued"
+	OracleRestartCrdReconcileQueuedReason   OracleRestartCrdReconcileState = "LastReconcileCycleQueued"
+	OracleRestartCrdReconcileCompeleteState OracleRestartCrdReconcileState = "ReconcileComplete"
+	OracleRestartCrdReconcileCompleteReason OracleRestartCrdReconcileState = "LastReconcileCycleCompleted"
+	OracleRestartCrdReconcileWaitingState   OracleRestartCrdReconcileState = "ReconcileWaiting"
+	OracleRestartCrdReconcileWaitingReason  OracleRestartCrdReconcileState = "LastReconcileCycleWaiting"
+)
+
+// var
+var OracleRestartKubeConfigOnce sync.Once
+
+// +kubebuilder:object:root=true
+// +kubebuilder:subresource:status
+// +kubebuilder:storageversion
+// +kubebuilder:printcolumn:JSONPath=".status.configParams.dbName",name="DbName",type="string"
+// +kubebuilder:printcolumn:JSONPath=".status.dbState",name="DbState",type="string"
+// +kubebuilder:printcolumn:JSONPath=".status.role",name="Role",type="string"
+// +kubebuilder:printcolumn:JSONPath=".status.releaseUpdate",name="Version",type="string"
+// +kubebuilder:printcolumn:JSONPath=".status.pdbConnectString",name="Pdb Connect Str",type="string"
+// +kubebuilder:printcolumn:JSONPath=".status.state",name="State",type="string"
+// OracleRestart is the Schema for the OracleRestarts API
+type OracleRestart struct {
+	metav1.TypeMeta   `json:",inline"`
+	metav1.ObjectMeta `json:"metadata,omitempty"`
+
+	Spec   OracleRestartSpec   `json:"spec,omitempty"`
+	Status OracleRestartStatus `json:"status,omitempty"`
+}
+
+//+kubebuilder:object:root=true
+
+// OracleRestartList contains a list of OracleRestart
+type OracleRestartList struct {
+	metav1.TypeMeta `json:",inline"`
+	metav1.ListMeta `json:"metadata,omitempty"`
+	Items           []OracleRestart `json:"items"`
+}
+
+func init() {
+	SchemeBuilder.Register(&OracleRestart{}, &OracleRestartList{})
+}
diff --git a/apis/database/v4/oraclerestart_webhook.go b/apis/database/v4/oraclerestart_webhook.go
new file mode 100644
index 00000000..51e6a7a0
--- /dev/null
+++ b/apis/database/v4/oraclerestart_webhook.go
@@ -0,0 +1,1194 @@
+/*
+** Copyright (c) 2022 Oracle and/or its affiliates.
+**
+** The Universal Permissive License (UPL), Version 1.0
+**
+** Subject to the condition set forth below, permission is hereby granted to any
+** person obtaining a copy of this software, associated documentation and/or data
+** (collectively the "Software"), free of charge and under any and all copyright
+** rights in the Software, and any and all patent rights owned or freely
+** licensable by each licensor hereunder covering either (i) the unmodified
+** Software as contributed to or provided by such licensor, or (ii) the Larger
+** Works (as defined below), to deal in both
+**
+** (a) the Software, and
+** (b) any piece of software and/or hardware listed in the lrgrwrks.txt file if
+** one is included with the Software (each a "Larger Work" to which the Software
+** is contributed by such licensors),
+**
+** without restriction, including without limitation the rights to copy, create
+** derivative works of, display, perform, and distribute the Software and make,
+** use, sell, offer for sale, import, export, have made, and have sold the
+** Software and the Larger Work(s), and to sublicense the foregoing rights on
+** either these or other terms.
+**
+** This license is subject to the following condition:
+** The above copyright notice and either this complete permission notice or at
+** a minimum a reference to the UPL must be included in all copies or
+** substantial portions of the Software.
+**
+** THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+** IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+** FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+** AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+** LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+** OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+** SOFTWARE.
+ */
+
+package v4
+
+import (
+	"context"
+	"fmt"
+	"reflect"
+	"regexp"
+	"strings"
+
+	utils "github.com/oracle/oracle-database-operator/commons/oraclerestart/utils"
+	apierrors "k8s.io/apimachinery/pkg/api/errors"
+	"k8s.io/apimachinery/pkg/runtime"
+	"k8s.io/apimachinery/pkg/runtime/schema"
+	"k8s.io/apimachinery/pkg/util/validation/field"
+	ctrl "sigs.k8s.io/controller-runtime"
+	logf "sigs.k8s.io/controller-runtime/pkg/log"
+	"sigs.k8s.io/controller-runtime/pkg/webhook"
+	"sigs.k8s.io/controller-runtime/pkg/webhook/admission"
+
+	corev1 "k8s.io/api/core/v1"
+)
+
+// log is for logging in this package.
+var OracleRestartlog = logf.Log.WithName("OracleRestart-resource")
+
+func (r *OracleRestart) SetupWebhookWithManager(mgr ctrl.Manager) error {
+	return ctrl.NewWebhookManagedBy(mgr).
+		For(&OracleRestart{}).
+		WithDefaulter(r).
+		WithValidator(r).
+		Complete()
+}
+
+// EDIT THIS FILE!  THIS IS SCAFFOLDING FOR YOU TO OWN!
+
+//+kubebuilder:webhook:path=/mutate-database-oracle-com-v4-oraclerestart,mutating=true,failurePolicy=fail,sideEffects=None,groups=database.oracle.com,resources=oraclerestarts,verbs=create;update,versions=v4,name=moraclerestart.kb.io,admissionReviewVersions={v1}
+
+var _ webhook.CustomDefaulter = &OracleRestart{}
+
+func (r *OracleRestart) Default(ctx context.Context, obj runtime.Object) error {
+	cr, ok := obj.(*OracleRestart)
+	if !ok {
+		return fmt.Errorf("expected *OracleRestart but got %T", obj)
+	}
+
+	OracleRestartlog.Info("default", "name", cr.Name)
+
+	if cr.Spec.ImagePullPolicy == nil {
+		policy := corev1.PullAlways
+		cr.Spec.ImagePullPolicy = &policy
+	}
+
+	if cr.Spec.SshKeySecret != nil && cr.Spec.SshKeySecret.KeyMountLocation == "" {
+		cr.Spec.SshKeySecret.KeyMountLocation = utils.OraRacSshSecretMount
+	}
+
+	if cr.Spec.DbSecret != nil && cr.Spec.DbSecret.Name != "" {
+		if cr.Spec.DbSecret.PwdFileMountLocation == "" {
+			cr.Spec.DbSecret.PwdFileMountLocation = utils.OraRacDbPwdFileSecretMount
+		}
+		if cr.Spec.DbSecret.KeyFileMountLocation == "" {
+			cr.Spec.DbSecret.KeyFileMountLocation = utils.OraRacDbKeyFileSecretMount
+		}
+	}
+
+	if cr.Spec.TdeWalletSecret != nil && cr.Spec.TdeWalletSecret.Name != "" {
+		if cr.Spec.TdeWalletSecret.PwdFileMountLocation == "" {
+			cr.Spec.TdeWalletSecret.PwdFileMountLocation = utils.OraRacTdePwdFileSecretMount
+		}
+		if cr.Spec.TdeWalletSecret.KeyFileMountLocation == "" {
+			cr.Spec.TdeWalletSecret.KeyFileMountLocation = utils.OraRacTdeKeyFileSecretMount
+		}
+	}
+
+	if cr.Spec.ConfigParams != nil {
+		if cr.Spec.ConfigParams.SwMountLocation == "" {
+			cr.Spec.ConfigParams.SwMountLocation = utils.OraSwLocation
+		}
+
+		if cr.Spec.ConfigParams.GridResponseFile.ConfigMapName == "" {
+			if cr.Spec.ConfigParams.CrsAsmDiskDg == "" {
+				cr.Spec.ConfigParams.CrsAsmDiskDg = "DATA"
+			}
+			if cr.Spec.ConfigParams.CrsAsmDiskDgRedundancy == "" {
+				cr.Spec.ConfigParams.CrsAsmDiskDgRedundancy = "external"
+			}
+		}
+
+		if cr.Spec.ConfigParams.DbResponseFile.ConfigMapName == "" {
+			if cr.Spec.ConfigParams.DbDataFileDestDg == "" {
+				cr.Spec.ConfigParams.DbDataFileDestDg = cr.Spec.ConfigParams.CrsAsmDiskDg
+			}
+			if cr.Spec.ConfigParams.DbRecoveryFileDest == "" {
+				cr.Spec.ConfigParams.DbRecoveryFileDest = cr.Spec.ConfigParams.DbDataFileDestDg
+			}
+			if cr.Spec.ConfigParams.DbCharSet == "" {
+				cr.Spec.ConfigParams.DbCharSet = "AL32UTF8"
+			}
+		}
+	}
+
+	return nil
+}
+
+// TODO(user): change verbs to "verbs=create;update;delete" if you want to enable deletion validation.
+//+kubebuilder:webhook:verbs=create;update;delete,path=/validate-database-oracle-com-v4-oraclerestart,mutating=false,failurePolicy=fail,sideEffects=None,groups=database.oracle.com,resources=oraclerestarts,versions=v4,name=voraclerestart.kb.io,admissionReviewVersions={v1}
+
+var _ webhook.CustomValidator = &OracleRestart{}
+
+// ValidateCreate implements webhook.Validator so a webhook will be registered for the type
+func (r *OracleRestart) ValidateCreate(ctx context.Context, obj runtime.Object) (admission.Warnings, error) {
+	cr, ok := obj.(*OracleRestart)
+	if !ok {
+		return nil, fmt.Errorf("expected *OracleRestart but got %T", obj)
+	}
+
+	OracleRestartlog.Info("validate create", "name", cr.Name)
+	var validationErrs field.ErrorList
+	var warnings admission.Warnings
+
+	namespaces := utils.GetWatchNamespaces()
+	_, containsNamespace := namespaces[cr.Namespace]
+
+	if len(namespaces) != 0 && !containsNamespace {
+		validationErrs = append(validationErrs,
+			field.Invalid(field.NewPath("metadata").Child("namespace"), cr.Namespace,
+				"Oracle database operator doesn't watch over this namespace"))
+	}
+
+	if cr.Spec.Image == "" {
+		validationErrs = append(validationErrs,
+			field.Invalid(field.NewPath("spec").Child("image"), cr.Spec.Image,
+				"image cannot be set to empty"))
+	}
+
+	validationErrs = append(validationErrs, cr.validateSshSecret()...)
+	validationErrs = append(validationErrs, cr.validateDbSecret()...)
+	validationErrs = append(validationErrs, cr.validateTdeSecret()...)
+	validationErrs = append(validationErrs, cr.validateServiceSpecs()...)
+	validationErrs = append(validationErrs, cr.validateAsmStorage()...)
+	validationErrs = append(validationErrs, cr.validateGeneric()...)
+
+	// ASM disk warnings
+	var deviceWarnings []string
+	w, errs := cr.validateCrsAsmDeviceListSize()
+	deviceWarnings = append(deviceWarnings, w...)
+	validationErrs = append(validationErrs, errs...)
+
+	w, errs = cr.validateDbAsmDeviceList()
+	deviceWarnings = append(deviceWarnings, w...)
+	validationErrs = append(validationErrs, errs...)
+
+	w, errs = cr.validateRecoAsmDeviceList()
+	deviceWarnings = append(deviceWarnings, w...)
+	validationErrs = append(validationErrs, errs...)
+
+	w, errs = cr.validateRedoAsmDeviceList()
+	deviceWarnings = append(deviceWarnings, w...)
+	validationErrs = append(validationErrs, errs...)
+
+	errs = cr.validateRedoAsmDG()
+	validationErrs = append(validationErrs, errs...)
+
+	errs = cr.validateRecoAsmDG()
+	validationErrs = append(validationErrs, errs...)
+
+	errs = cr.validateDataAsmDG()
+	validationErrs = append(validationErrs, errs...)
+
+	errs = cr.validateCrsAsmDG()
+	validationErrs = append(validationErrs, errs...)
+
+	errs = cr.validateCrsAsmDG()
+	validationErrs = append(validationErrs, errs...)
+
+	if cr.Spec.ConfigParams != nil {
+		// CRS
+		validationErrs = append(validationErrs,
+			cr.validateAsmRedundancyAndDisks(
+				cr.Spec.ConfigParams.CrsAsmDeviceList,
+				cr.Spec.ConfigParams.CrsAsmDiskDgRedundancy,
+				"crsAsmDeviceList")...,
+		)
+		// DB
+		validationErrs = append(validationErrs,
+			cr.validateAsmRedundancyAndDisks(
+				cr.Spec.ConfigParams.DbAsmDeviceList,
+				cr.Spec.ConfigParams.DBAsmDiskDgRedundancy,
+				"dbAsmDeviceList")...,
+		)
+		// RECO
+		validationErrs = append(validationErrs,
+			cr.validateAsmRedundancyAndDisks(
+				cr.Spec.ConfigParams.RecoAsmDeviceList,
+				cr.Spec.ConfigParams.RecoAsmDiskDgRedundancy,
+				"recoAsmDeviceList")...,
+		)
+	}
+
+	for _, warning := range deviceWarnings {
+		warnings = append(warnings, warning)
+	}
+
+	if len(validationErrs) > 0 {
+		return warnings, apierrors.NewInvalid(
+			schema.GroupKind{Group: "database.oracle.com", Kind: "OracleRestart"},
+			cr.Name, validationErrs)
+	}
+
+	return warnings, nil
+}
+
+// ValidateUpdate implements webhook.Validator so a webhook will be registered for the type
+func (r *OracleRestart) ValidateUpdate(ctx context.Context, oldObj, newObj runtime.Object) (admission.Warnings, error) {
+	old, okOld := oldObj.(*OracleRestart)
+	newCr, okNew := newObj.(*OracleRestart)
+	if !okOld || !okNew {
+		return nil, fmt.Errorf("expected *OracleRestart for both old and new objects")
+	}
+
+	OracleRestartlog.Info("validate update", "name", newCr.Name)
+
+	if newCr.Status.State == "PROVISIONING" || newCr.Status.State == "UPDATING" || newCr.Status.State == "PODAVAILABLE" {
+		if !reflect.DeepEqual(old.Spec, newCr.Spec) {
+			return nil, apierrors.NewForbidden(
+				schema.GroupResource{Group: "database.oracle.com", Resource: "OracleRestart"},
+				newCr.Name, fmt.Errorf("updates to Oracle Restart Spec is not allowed while its in state %s", newCr.Status.State))
+		}
+	}
+
+	if old.Spec.DataDgStorageClass != newCr.Spec.DataDgStorageClass {
+
+		return nil, apierrors.NewForbidden(
+			schema.GroupResource{Group: "database.oracle.com", Resource: "OracleRestart"},
+			newCr.Name, fmt.Errorf("updates to the Data storageclass is forbidden: %s", old.Spec.DataDgStorageClass))
+	}
+
+	if old.Spec.RecoDgStorageClass != newCr.Spec.RecoDgStorageClass {
+
+		return nil, apierrors.NewForbidden(
+			schema.GroupResource{Group: "database.oracle.com", Resource: "OracleRestart"},
+			newCr.Name, fmt.Errorf("updates to the Reco storageclass is forbidden: %s", old.Spec.RecoDgStorageClass))
+	}
+
+	if old.Spec.RedoDgStorageClass != newCr.Spec.RedoDgStorageClass {
+
+		return nil, apierrors.NewForbidden(
+			schema.GroupResource{Group: "database.oracle.com", Resource: "OracleRestart"},
+			newCr.Name, fmt.Errorf("updates to the Redo storageclass is forbidden: %s", old.Spec.RedoDgStorageClass))
+	}
+
+	if old.Spec.SwStorageClass != newCr.Spec.SwStorageClass {
+
+		return nil, apierrors.NewForbidden(
+			schema.GroupResource{Group: "database.oracle.com", Resource: "OracleRestart"},
+			newCr.Name, fmt.Errorf("updates to the Swstorageclass is forbidden: %s", old.Spec.SwStorageClass))
+	}
+
+	if old.Spec.CrsDgStorageClass != newCr.Spec.CrsDgStorageClass {
+
+		return nil, apierrors.NewForbidden(
+			schema.GroupResource{Group: "database.oracle.com", Resource: "OracleRestart"},
+			newCr.Name, fmt.Errorf("updates to the CrsDgStorageClass is forbidden: %s", old.Spec.CrsDgStorageClass))
+	}
+
+	if newCr.Spec.InstDetails.SwLocStorageSizeInGb < old.Spec.InstDetails.SwLocStorageSizeInGb {
+
+		return nil, apierrors.NewForbidden(
+			schema.GroupResource{Group: "database.oracle.com", Resource: "OracleRestart"},
+			newCr.Name, fmt.Errorf("SwLocStorageSizeInGb Storage size shrink is not allowed. Old value : %d and New value: %d. ", old.Spec.InstDetails.SwLocStorageSizeInGb, newCr.Spec.InstDetails.SwLocStorageSizeInGb))
+	}
+
+	isDiskChanged := !reflect.DeepEqual(old.Spec.AsmStorageDetails.DisksBySize, newCr.Spec.AsmStorageDetails.DisksBySize)
+	if isDiskChanged {
+		if old.Spec.ConfigParams.HostSwStageLocation != newCr.Spec.ConfigParams.HostSwStageLocation ||
+			old.Spec.ConfigParams.GridSwZipFile != newCr.Spec.ConfigParams.GridSwZipFile ||
+			old.Spec.ConfigParams.DbSwZipFile != newCr.Spec.ConfigParams.DbSwZipFile ||
+			old.Spec.Image != newCr.Spec.Image {
+
+			return nil, apierrors.NewForbidden(
+				schema.GroupResource{Group: "database.oracle.com", Resource: "OracleRestart"},
+				newCr.Name, fmt.Errorf("updates to the following fields are not allowed during ASM disk updates: %v", []string{"hostSwStageLocation", "gridSwZipFile", "dbSwZipFile", "image"}))
+		}
+	}
+
+	var validationErrs field.ErrorList
+
+	// Re-use create validations on update
+	warnings, err := r.ValidateCreate(ctx, newObj)
+	if err != nil {
+		return warnings, err
+	}
+
+	// ValidateDelete logic if being deleted
+	if newCr.GetDeletionTimestamp() != nil {
+		warnings, err := r.ValidateDelete(ctx, newObj)
+		if err != nil {
+			return warnings, err
+		}
+	}
+
+	// Skip if only metadata is changing
+	if reflect.DeepEqual(old.Spec, newCr.Spec) && reflect.DeepEqual(old.Status, newCr.Status) {
+		return nil, nil
+	}
+
+	validationErrs = append(validationErrs, newCr.validateUpdateSshSecret(old)...)
+	validationErrs = append(validationErrs, newCr.validateUpdateDbSecret(old)...)
+	validationErrs = append(validationErrs, newCr.validateUpdateTdeSecret(old)...)
+	validationErrs = append(validationErrs, newCr.validateUpdateServiceSpecs(old)...)
+	validationErrs = append(validationErrs, newCr.validateUpdateAsmStorage(old)...)
+	validationErrs = append(validationErrs, newCr.validateUpdateGeneric(old)...)
+
+	if old.Spec.ConfigParams != nil && newCr.Spec.ConfigParams != nil {
+
+		// CRS
+		if err := validateRedundancyOnUpdate(old.Spec.ConfigParams.CrsAsmDiskDgRedundancy, newCr.Spec.ConfigParams.CrsAsmDiskDgRedundancy, "crsAsmDiskDgRedundancy"); err != nil {
+			validationErrs = append(validationErrs, err)
+		}
+		// DB
+		if err := validateRedundancyOnUpdate(old.Spec.ConfigParams.DBAsmDiskDgRedundancy, newCr.Spec.ConfigParams.DBAsmDiskDgRedundancy, "dbAsmDiskDgRedundancy"); err != nil {
+			validationErrs = append(validationErrs, err)
+		}
+		// RECO
+		if err := validateRedundancyOnUpdate(old.Spec.ConfigParams.RecoAsmDiskDgRedundancy, newCr.Spec.ConfigParams.RecoAsmDiskDgRedundancy, "recoAsmDiskDgRedundancy"); err != nil {
+			validationErrs = append(validationErrs, err)
+		}
+	}
+
+	if old.Spec.AsmStorageDetails != nil && newCr.Spec.AsmStorageDetails != nil {
+		errs := validateAsmNoDiskResize(
+			old.Spec.AsmStorageDetails.DisksBySize,
+			newCr.Spec.AsmStorageDetails.DisksBySize,
+			field.NewPath("spec").Child("asmStorageDetails").Child("disksBySize"),
+		)
+		validationErrs = append(validationErrs, errs...)
+	}
+
+	if len(validationErrs) > 0 {
+		return nil, apierrors.NewInvalid(
+			schema.GroupKind{Group: "database.oracle.com", Kind: "OracleRestart"},
+			newCr.Name, validationErrs)
+	}
+
+	return nil, nil
+}
+
+func redundancyChanged(oldRed, newRed string) bool {
+	// Normalize and compare (case-insensitive, trim spaces)
+	return strings.ToUpper(strings.TrimSpace(oldRed)) != strings.ToUpper(strings.TrimSpace(newRed))
+}
+
+func validateRedundancyOnUpdate(
+	oldRed, newRed, fieldName string,
+) *field.Error {
+	normalizedOld := strings.ToUpper(strings.TrimSpace(oldRed))
+	normalizedNew := strings.ToUpper(strings.TrimSpace(newRed))
+
+	if normalizedOld == "" {
+		// Old value not set, treat as EXTERNAL only
+		if normalizedNew != "" && normalizedNew != "EXTERNAL" {
+			return field.Invalid(
+				field.NewPath("spec").Child("configParams").Child(fieldName),
+				newRed,
+				"Redundancy was not set before (treated as EXTERNAL); it can only be EXTERNAL now.",
+			)
+		}
+	} else {
+		// Old value set; do not allow changes
+		if redundancyChanged(normalizedOld, normalizedNew) {
+			return field.Invalid(
+				field.NewPath("spec").Child("configParams").Child(fieldName),
+				newRed,
+				fmt.Sprintf("Changing redundancy value for ASM diskgroup (%s) is not allowed on update.", fieldName),
+			)
+		}
+	}
+	return nil
+}
+
+func validateAsmNoDiskResize(
+	oldDisks, newDisks []DiskBySize,
+	fieldPath *field.Path,
+) field.ErrorList {
+	var errs field.ErrorList
+
+	// Build map of disk name -> size for old and new
+	oldDiskMap := make(map[string]int)
+	for _, disk := range oldDisks {
+		for _, name := range disk.DiskNames {
+			oldDiskMap[name] = disk.StorageSizeInGb
+		}
+	}
+	newDiskMap := make(map[string]int)
+	for _, disk := range newDisks {
+		for _, name := range disk.DiskNames {
+			newDiskMap[name] = disk.StorageSizeInGb
+		}
+	}
+
+	// For disks present in both old and new, size must not change
+	for name, oldSize := range oldDiskMap {
+		if newSize, exists := newDiskMap[name]; exists {
+			if newSize != oldSize {
+				errs = append(errs, field.Invalid(
+					fieldPath,
+					name,
+					fmt.Sprintf("cannot change size of existing ASM disk %s (old: %dGB, new: %dGB)", name, oldSize, newSize),
+				))
+			}
+		}
+	}
+	return errs
+}
+
+func (r *OracleRestart) ValidateDelete(ctx context.Context, obj runtime.Object) (admission.Warnings, error) {
+	cr, ok := obj.(*OracleRestart)
+	if !ok {
+		return nil, fmt.Errorf("expected *OracleRestart but got %T", obj)
+	}
+
+	OracleRestartlog.Info("validate delete", "name", cr.Name)
+
+	// TODO: Add any deletion-specific logic if required
+	return nil, nil
+}
+
+//========== User Functions to check the fields ==========
+
+func (r *OracleRestart) validateSshSecret() field.ErrorList {
+	var validationErrs field.ErrorList
+	sshPath := field.NewPath("spec").Child("SshKeySecret")
+
+	if r.Spec.SshKeySecret == nil {
+		validationErrs = append(validationErrs,
+			field.Required(sshPath, "SshKeySecret must be specified"))
+		return validationErrs
+	}
+
+	if r.Spec.SshKeySecret.Name == "" {
+		validationErrs = append(validationErrs,
+			field.Required(sshPath.Child("Name"), "SshKeySecret.Name cannot be empty"))
+	}
+	if r.Spec.SshKeySecret.PrivKeySecretName == "" {
+		validationErrs = append(validationErrs,
+			field.Required(sshPath.Child("PrivKeySecretName"), "PrivKeySecretName cannot be empty"))
+	}
+	if r.Spec.SshKeySecret.PubKeySecretName == "" {
+		validationErrs = append(validationErrs,
+			field.Required(sshPath.Child("PubKeySecretName"), "PubKeySecretName cannot be empty"))
+	}
+
+	return validationErrs
+}
+func (r *OracleRestart) validateDbSecret() field.ErrorList {
+	var validationErrs field.ErrorList
+	dbPath := field.NewPath("spec").Child("DbSecret")
+
+	if r.Spec.DbSecret.Name != "" && strings.ToLower(r.Spec.DbSecret.EncryptionType) != "base64" {
+		if r.Spec.DbSecret.KeyFileName == "" {
+			validationErrs = append(validationErrs,
+				field.Required(dbPath.Child("KeyFileName"), "KeyFileName cannot be empty when encryptionType is not 'base64'"))
+		}
+		if r.Spec.DbSecret.PwdFileName == "" {
+			validationErrs = append(validationErrs,
+				field.Required(dbPath.Child("PwdFileName"), "PwdFileName cannot be empty when encryptionType is not 'base64'"))
+		}
+	}
+
+	return validationErrs
+}
+func (r *OracleRestart) validateTdeSecret() field.ErrorList {
+	var validationErrs field.ErrorList
+	tdePath := field.NewPath("spec").Child("TdeWalletSecret")
+
+	if r.Spec.TdeWalletSecret != nil &&
+		r.Spec.TdeWalletSecret.Name != "" &&
+		strings.ToLower(r.Spec.TdeWalletSecret.EncryptionType) != "base64" {
+
+		if r.Spec.TdeWalletSecret.KeyFileName == "" {
+			validationErrs = append(validationErrs,
+				field.Required(tdePath.Child("KeyFileName"), "KeyFileName cannot be empty when encryptionType is not 'base64'"))
+		}
+		if r.Spec.TdeWalletSecret.PwdFileName == "" {
+			validationErrs = append(validationErrs,
+				field.Required(tdePath.Child("PwdFileName"), "PwdFileName cannot be empty when encryptionType is not 'base64'"))
+		}
+	}
+
+	return validationErrs
+}
+func (r *OracleRestart) validateServiceSpecs() field.ErrorList {
+	var validationErrs field.ErrorList
+	svcPath := field.NewPath("spec").Child("ServiceDetails")
+
+	svc := r.Spec.ServiceDetails
+	if svc.Name == "" {
+		return nil
+	}
+
+	if svc.Cardinality != "" {
+		if len(svc.Preferred) > 0 {
+			validationErrs = append(validationErrs,
+				field.Invalid(svcPath.Child("Preferred"), svc.Preferred,
+					"Preferred cannot be used with Cardinality. Use one or the other."))
+		}
+		if len(svc.Available) > 0 {
+			validationErrs = append(validationErrs,
+				field.Invalid(svcPath.Child("Available"), svc.Available,
+					"Available cannot be used with Cardinality. Use one or the other."))
+		}
+		if !utils.CheckStringInList(svc.Cardinality, utils.GetServiceCardinality()) {
+			validationErrs = append(validationErrs,
+				field.NotSupported(svcPath.Child("Cardinality"), svc.Cardinality, utils.GetServiceCardinality()))
+		}
+	}
+
+	if svc.TafPolicy != "" && !utils.CheckStringInList(svc.TafPolicy, utils.GetTafPolicy()) {
+		validationErrs = append(validationErrs,
+			field.NotSupported(svcPath.Child("TafPolicy"), svc.TafPolicy, utils.GetTafPolicy()))
+	}
+
+	if svc.FailOverType != "" && !utils.CheckStringInList(svc.FailOverType, utils.GetServiceFailoverType()) {
+		validationErrs = append(validationErrs,
+			field.NotSupported(svcPath.Child("FailOverType"), svc.FailOverType, utils.GetServiceFailoverType()))
+	}
+
+	if svc.Role != "" && !utils.CheckStringInList(svc.Role, utils.GetServiceRole()) {
+		validationErrs = append(validationErrs,
+			field.NotSupported(svcPath.Child("Role"), svc.Role, utils.GetServiceRole()))
+	}
+
+	return validationErrs
+}
+func (r *OracleRestart) validateAsmStorage() field.ErrorList {
+	var validationErrs field.ErrorList
+	asmPath := field.NewPath("spec").Child("AsmStorageDetails")
+
+	if r.Spec.AsmStorageDetails == nil {
+		validationErrs = append(validationErrs,
+			field.Required(asmPath, "ASM storage details must be provided"))
+		return validationErrs
+	}
+
+	if len(r.Spec.AsmStorageDetails.DisksBySize) == 0 {
+		validationErrs = append(validationErrs,
+			field.Invalid(asmPath.Child("DisksBySize"), r.Spec.AsmStorageDetails.DisksBySize,
+				"At least one disk size group must be defined"))
+	} else {
+		for i, group := range r.Spec.AsmStorageDetails.DisksBySize {
+			if len(group.DiskNames) == 0 {
+				validationErrs = append(validationErrs,
+					field.Invalid(asmPath.Child("DisksBySize").Index(i).Child("DiskNames"), group.DiskNames,
+						"Each disk size group must have at least one disk name"))
+			}
+		}
+	}
+
+	// Check ASM disks are not duplicate
+	if !r.validateAsmDiskUnqiueNames() {
+		validationErrs = append(validationErrs,
+			field.Invalid(asmPath.Child("DisksBySize"), asmPath, "Each ASM disk must be unique"))
+
+	}
+
+	return validationErrs
+}
+
+func (r *OracleRestart) validateAsmDiskUnqiueNames() bool {
+
+	seenDisks := make(map[string]bool) //store encounterednames
+	for _, disks := range r.Spec.AsmStorageDetails.DisksBySize {
+		for _, diskPath := range disks.DiskNames {
+			if seenDisks[diskPath] {
+				return false
+			}
+			seenDisks[diskPath] = true // disk is seen
+		}
+	}
+
+	return true
+}
+
+func (r *OracleRestart) validateGeneric() field.ErrorList {
+	var validationErrs field.ErrorList
+
+	if !utils.CheckStatusFlag(r.Spec.InstDetails.IsDelete) {
+		isAlphanumeric := regexp.MustCompile(`^[a-zA-Z0-9]*$`).MatchString(r.Spec.InstDetails.Name)
+		if !isAlphanumeric {
+			validationErrs = append(validationErrs,
+				field.Invalid(field.NewPath("spec").Child("InstDetails").Child("Name"), r.Spec.InstDetails.Name,
+					"Name must contain only alphanumeric characters"))
+		}
+
+		if r.Spec.InstDetails.HostSwLocation == "" && r.Spec.SwStorageClass == "" {
+			validationErrs = append(validationErrs,
+				field.Invalid(field.NewPath("spec").Child("InstDetails").Child("HostSwLocation"), r.Spec.InstDetails.HostSwLocation,
+					"Either HostSwLocation or SwStorageClass must be specified"))
+		}
+	}
+
+	if r.Spec.SwStorageClass != "" {
+		if r.Spec.InstDetails.SwLocStorageSizeInGb < 60 {
+			validationErrs = append(validationErrs,
+				field.Invalid(field.NewPath("spec").Child("InstDetails").Child("SwLocStorageSizeInGb"), r.Spec.InstDetails.SwLocStorageSizeInGb,
+					"SwLocStorageSizeInGb must be greater than 60GB"))
+		}
+	}
+
+	if r.Spec.ConfigParams == nil {
+		validationErrs = append(validationErrs,
+			field.Invalid(field.NewPath("spec").Child("ConfigParams"), r.Spec.ConfigParams,
+				"ConfigParams cannot be empty"))
+		return validationErrs
+	}
+
+	cfg := r.Spec.ConfigParams
+	cfgPath := field.NewPath("spec").Child("ConfigParams")
+
+	// Grid Response File validation
+	if cfg.GridResponseFile.ConfigMapName != "" {
+		if cfg.GridResponseFile.Name == "" {
+			validationErrs = append(validationErrs,
+				field.Invalid(cfgPath.Child("GridResponseFile").Child("Name"), cfg.GridResponseFile.Name,
+					"GridResponseFile name cannot be empty"))
+		}
+
+		for _, fieldVal := range []struct {
+			name  string
+			value string
+		}{
+			{"Inventory", cfg.Inventory},
+			{"CrsAsmDeviceList", cfg.CrsAsmDeviceList},
+			{"GridBase", cfg.GridBase},
+			{"CrsAsmDiskDg", cfg.CrsAsmDiskDg},
+			{"CrsAsmDiskDgRedundancy", cfg.CrsAsmDiskDgRedundancy},
+		} {
+			if fieldVal.value != "" {
+				validationErrs = append(validationErrs,
+					field.Invalid(cfgPath.Child(fieldVal.name), fieldVal.value,
+						fmt.Sprintf("%s cannot be used when GridResponseFile is set", fieldVal.name)))
+			}
+		}
+	} else {
+		if cfg.GridBase == "" {
+			validationErrs = append(validationErrs,
+				field.Invalid(cfgPath.Child("GridBase"), cfg.GridBase, "GridBase cannot be empty"))
+		}
+		if cfg.GridHome == "" {
+			validationErrs = append(validationErrs,
+				field.Invalid(cfgPath.Child("GridHome"), cfg.GridHome, "GridHome cannot be empty"))
+		}
+		if cfg.Inventory == "" {
+			validationErrs = append(validationErrs,
+				field.Invalid(cfgPath.Child("Inventory"), cfg.Inventory, "Inventory cannot be empty"))
+		}
+		if cfg.CrsAsmDeviceList == "" {
+			validationErrs = append(validationErrs,
+				field.Invalid(cfgPath.Child("CrsAsmDeviceList"), cfg.CrsAsmDeviceList, "CrsAsmDeviceList cannot be empty"))
+		}
+	}
+
+	// DB Response File validation
+	if cfg.DbResponseFile.ConfigMapName != "" {
+		if cfg.DbResponseFile.Name == "" {
+			validationErrs = append(validationErrs,
+				field.Invalid(cfgPath.Child("DbResponseFile").Child("Name"), cfg.DbResponseFile.Name,
+					"DbResponseFile name cannot be empty"))
+		}
+
+		for _, fieldVal := range []struct {
+			name  string
+			value string
+		}{
+			{"DbCharSet", cfg.DbCharSet},
+			{"DbConfigType", cfg.DbConfigType},
+			{"DbRedoFileSize", cfg.DbRedoFileSize},
+			{"DbType", cfg.DbType},
+			{"DbUniqueName", cfg.DbUniqueName},
+			{"DbStorageType", cfg.DbStorageType},
+			{"DbName", cfg.DbName},
+		} {
+			if fieldVal.value != "" {
+				validationErrs = append(validationErrs,
+					field.Invalid(cfgPath.Child(fieldVal.name), fieldVal.value,
+						fmt.Sprintf("%s cannot be used when DbResponseFile is set", fieldVal.name)))
+			}
+		}
+	} else {
+		if cfg.DbBase == "" {
+			validationErrs = append(validationErrs,
+				field.Invalid(cfgPath.Child("DbBase"), cfg.DbBase, "DbBase cannot be empty"))
+		}
+		if cfg.DbHome == "" {
+			validationErrs = append(validationErrs,
+				field.Invalid(cfgPath.Child("DbHome"), cfg.DbHome, "DbHome cannot be empty"))
+		}
+		if cfg.DbName == "" {
+			validationErrs = append(validationErrs,
+				field.Invalid(cfgPath.Child("DbName"), cfg.DbName, "DbName cannot be empty"))
+		}
+	}
+
+	if cfg.GridSwZipFile == "" {
+		validationErrs = append(validationErrs,
+			field.Invalid(cfgPath.Child("GridSwZipFile"), cfg.GridSwZipFile,
+				"GridSwZipFile cannot be empty"))
+	}
+	if cfg.DbSwZipFile == "" {
+		validationErrs = append(validationErrs,
+			field.Invalid(cfgPath.Child("DbSwZipFile"), cfg.DbSwZipFile,
+				"DbSwZipFile cannot be empty"))
+	}
+
+	if cfg.HostSwStageLocation == "" && r.Spec.SwStorageClass == "" {
+		validationErrs = append(validationErrs,
+			field.Invalid(cfgPath.Child("HostSwStageLocation"), cfg.HostSwStageLocation,
+				"Either HostSwStageLocation or SwDgStorageClass must be specified"))
+	}
+
+	if r.Spec.ConfigParams.RuPatchLocation != "" {
+		_, isPVCKey := r.Spec.InstDetails.PvcName[r.Spec.ConfigParams.RuPatchLocation]
+		if !isPVCKey {
+			// Not found in PVC map, treat as direct path — validate format
+			if !strings.HasPrefix(r.Spec.ConfigParams.RuPatchLocation, "/") {
+				validationErrs = append(validationErrs,
+					field.Invalid(
+						field.NewPath("spec").Child("configParams").Child("ruPatchLocation"),
+						r.Spec.ConfigParams.RuPatchLocation,
+						"ruPatchLocation must be either a key in instDetails.pvcName or an absolute path starting with '/'"))
+			}
+		}
+	}
+
+	if r.Spec.Image == "" {
+		validationErrs = append(validationErrs,
+			field.Invalid(field.NewPath("spec").Child("Image"), r.Spec.Image,
+				"Image cannot be empty"))
+	}
+
+	return validationErrs
+}
+
+//========================== Validate inital specs check ends here ================
+
+// =========================== Update specs checks block begin Here =======================
+
+func (r *OracleRestart) validateUpdateGeneric(old *OracleRestart) field.ErrorList {
+	var validationErrs field.ErrorList
+
+	check := func(path *field.Path, oldVal, newVal string) {
+		if oldVal != "" && newVal != "" && !strings.EqualFold(oldVal, newVal) {
+			validationErrs = append(validationErrs, field.Forbidden(path, path.String()+" cannot be changed post creation"))
+		}
+	}
+
+	if r.Spec.ConfigParams != nil && old.Spec.ConfigParams != nil {
+		cpPath := field.NewPath("spec", "ConfigParams")
+		check(cpPath.Child("DbName"), old.Spec.ConfigParams.DbName, r.Spec.ConfigParams.DbName)
+		check(cpPath.Child("GridBase"), old.Spec.ConfigParams.GridBase, r.Spec.ConfigParams.GridBase)
+		check(cpPath.Child("GridHome"), old.Spec.ConfigParams.GridHome, r.Spec.ConfigParams.GridHome)
+		check(cpPath.Child("DbBase"), old.Spec.ConfigParams.DbBase, r.Spec.ConfigParams.DbBase)
+		check(cpPath.Child("DbHome"), old.Spec.ConfigParams.DbHome, r.Spec.ConfigParams.DbHome)
+		check(cpPath.Child("CrsAsmDiskDg"), old.Spec.ConfigParams.CrsAsmDiskDg, r.Spec.ConfigParams.CrsAsmDiskDg)
+		check(cpPath.Child("CrsAsmDiskDgRedundancy"), old.Spec.ConfigParams.CrsAsmDiskDgRedundancy, r.Spec.ConfigParams.CrsAsmDiskDgRedundancy)
+		check(cpPath.Child("DBAsmDiskDgRedundancy"), old.Spec.ConfigParams.DBAsmDiskDgRedundancy, r.Spec.ConfigParams.DBAsmDiskDgRedundancy)
+		check(cpPath.Child("DbCharSet"), old.Spec.ConfigParams.DbCharSet, r.Spec.ConfigParams.DbCharSet)
+		check(cpPath.Child("DbConfigType"), old.Spec.ConfigParams.DbConfigType, r.Spec.ConfigParams.DbConfigType)
+		check(cpPath.Child("DbDataFileDestDg"), old.Spec.ConfigParams.DbDataFileDestDg, r.Spec.ConfigParams.DbDataFileDestDg)
+		check(cpPath.Child("DbUniqueName"), old.Spec.ConfigParams.DbUniqueName, r.Spec.ConfigParams.DbUniqueName)
+		check(cpPath.Child("DbRecoveryFileDest"), old.Spec.ConfigParams.DbRecoveryFileDest, r.Spec.ConfigParams.DbRecoveryFileDest)
+		check(cpPath.Child("DbRedoFileSize"), old.Spec.ConfigParams.DbRedoFileSize, r.Spec.ConfigParams.DbRedoFileSize)
+		check(cpPath.Child("DbStorageType"), old.Spec.ConfigParams.DbStorageType, r.Spec.ConfigParams.DbStorageType)
+		check(cpPath.Child("DbSwZipFile"), old.Spec.ConfigParams.DbSwZipFile, r.Spec.ConfigParams.DbSwZipFile)
+		check(cpPath.Child("GridSwZipFile"), old.Spec.ConfigParams.GridSwZipFile, r.Spec.ConfigParams.GridSwZipFile)
+
+		// Nested response files
+		check(cpPath.Child("GridResponseFile", "ConfigMapName"), old.Spec.ConfigParams.GridResponseFile.ConfigMapName, r.Spec.ConfigParams.GridResponseFile.ConfigMapName)
+		check(cpPath.Child("GridResponseFile", "Name"), old.Spec.ConfigParams.GridResponseFile.Name, r.Spec.ConfigParams.GridResponseFile.Name)
+		check(cpPath.Child("DbResponseFile", "ConfigMapName"), old.Spec.ConfigParams.DbResponseFile.ConfigMapName, r.Spec.ConfigParams.DbResponseFile.ConfigMapName)
+		check(cpPath.Child("DbResponseFile", "Name"), old.Spec.ConfigParams.DbResponseFile.Name, r.Spec.ConfigParams.DbResponseFile.Name)
+	}
+
+	return validationErrs
+}
+
+func (r *OracleRestart) validateUpdateServiceSpecs(old *OracleRestart) field.ErrorList {
+	var validationErrs field.ErrorList
+
+	check := func(path *field.Path, oldVal, newVal string) {
+		if oldVal != "" && newVal != "" && !strings.EqualFold(oldVal, newVal) {
+			validationErrs = append(validationErrs, field.Forbidden(path, path.String()+" cannot be changed post creation"))
+		}
+	}
+
+	sdPath := field.NewPath("spec", "ServiceDetail")
+
+	check(sdPath.Child("Name"), old.Status.ServiceDetails.Name, r.Spec.ServiceDetails.Name)
+	check(sdPath.Child("Cardinality"), old.Status.ServiceDetails.Cardinality, r.Spec.ServiceDetails.Cardinality)
+	check(sdPath.Child("Notification"), old.Status.ServiceDetails.Notification, r.Spec.ServiceDetails.Notification)
+	check(sdPath.Child("ClbGoal"), old.Status.ServiceDetails.ClbGoal, r.Spec.ServiceDetails.ClbGoal)
+	check(sdPath.Child("CommitOutCome"), old.Status.ServiceDetails.CommitOutCome, r.Spec.ServiceDetails.CommitOutCome)
+	check(sdPath.Child("CommitOutComeFastPath"), old.Status.ServiceDetails.CommitOutComeFastPath, r.Spec.ServiceDetails.CommitOutComeFastPath)
+	check(sdPath.Child("Dtp"), old.Status.ServiceDetails.Dtp, r.Spec.ServiceDetails.Dtp)
+	check(sdPath.Child("SessionState"), old.Status.ServiceDetails.SessionState, r.Spec.ServiceDetails.SessionState)
+	check(sdPath.Child("Edition"), old.Status.ServiceDetails.Edition, r.Spec.ServiceDetails.Edition)
+	check(sdPath.Child("FailBack"), old.Status.ServiceDetails.FailBack, r.Spec.ServiceDetails.FailBack)
+	check(sdPath.Child("FailOverRestore"), old.Status.ServiceDetails.FailOverRestore, r.Spec.ServiceDetails.FailOverRestore) // ✅ Fixed error message
+	check(sdPath.Child("FailOverType"), old.Status.ServiceDetails.FailOverType, r.Spec.ServiceDetails.FailOverType)
+	check(sdPath.Child("TafPolicy"), old.Status.ServiceDetails.TafPolicy, r.Spec.ServiceDetails.TafPolicy)
+	check(sdPath.Child("RlbGoal"), old.Status.ServiceDetails.RlbGoal, r.Spec.ServiceDetails.RlbGoal)
+	check(sdPath.Child("Role"), old.Status.ServiceDetails.Role, r.Spec.ServiceDetails.Role)
+	check(sdPath.Child("Pdb"), old.Status.ServiceDetails.Pdb, r.Spec.ServiceDetails.Pdb)
+
+	return validationErrs
+}
+
+func (r *OracleRestart) validateUpdateAsmStorage(old *OracleRestart) field.ErrorList {
+	var validationErrs field.ErrorList
+	// Add actual validation logic here if needed
+	if !strings.EqualFold(old.Spec.CrsDgStorageClass, r.Spec.CrsDgStorageClass) {
+		validationErrs = append(validationErrs,
+			field.Invalid(field.NewPath("spec").Child("CrsDgStorageClass"),
+				r.Spec.CrsDgStorageClass, "CrsDgStorageClass cannot be changed post creation"))
+	}
+
+	if !strings.EqualFold(old.Spec.CrsDgStorageClass, r.Spec.CrsDgStorageClass) {
+		validationErrs = append(validationErrs,
+			field.Invalid(field.NewPath("spec").Child("CrsDgStorageClass"),
+				r.Spec.CrsDgStorageClass, "CrsDgStorageClass cannot be changed post creation"))
+	}
+
+	if !strings.EqualFold(old.Spec.DataDgStorageClass, r.Spec.DataDgStorageClass) {
+		validationErrs = append(validationErrs,
+			field.Invalid(field.NewPath("spec").Child("DataDgStorageClass"),
+				r.Spec.CrsDgStorageClass, "DataDgStorageClass cannot be changed post creation"))
+	}
+
+	if !strings.EqualFold(old.Spec.RedoDgStorageClass, r.Spec.RedoDgStorageClass) {
+		validationErrs = append(validationErrs,
+			field.Invalid(field.NewPath("spec").Child("RedoDgStorageClass"),
+				r.Spec.CrsDgStorageClass, "RedoDgStorageClass cannot be changed post creation"))
+	}
+
+	if !strings.EqualFold(old.Spec.RecoDgStorageClass, r.Spec.RecoDgStorageClass) {
+		validationErrs = append(validationErrs,
+			field.Invalid(field.NewPath("spec").Child("RecoDgStorageClass"),
+				r.Spec.CrsDgStorageClass, "RecoDgStorageClass cannot be changed post creation"))
+	}
+
+	return validationErrs
+}
+
+func (r *OracleRestart) validateUpdateDbSecret(old *OracleRestart) field.ErrorList {
+	var validationErrs field.ErrorList
+
+	if r.Spec.DbSecret != nil && old.Status.DbSecret != nil {
+		if r.Spec.DbSecret.Name != "" && old.Status.DbSecret.Name != "" &&
+			!strings.EqualFold(old.Status.DbSecret.Name, r.Spec.DbSecret.Name) {
+			validationErrs = append(validationErrs,
+				field.Forbidden(field.NewPath("spec").Child("DbSecret").Child("Name"),
+					"DbSecret name cannot be changed post creation"))
+		}
+
+		if r.Spec.DbSecret.KeyFileName != "" && old.Status.DbSecret.KeyFileName != "" &&
+			!strings.EqualFold(old.Status.DbSecret.KeyFileName, r.Spec.DbSecret.KeyFileName) {
+			validationErrs = append(validationErrs,
+				field.Invalid(field.NewPath("spec").Child("DbSecret").Child("KeyFileName"),
+					r.Spec.DbSecret.KeyFileName, "KeyFileName cannot be changed post creation"))
+		}
+
+		if r.Spec.DbSecret.PwdFileName != "" && old.Status.DbSecret.PwdFileName != "" &&
+			!strings.EqualFold(old.Status.DbSecret.PwdFileName, r.Spec.DbSecret.PwdFileName) {
+			validationErrs = append(validationErrs,
+				field.Invalid(field.NewPath("spec").Child("DbSecret").Child("PwdFileName"),
+					r.Spec.DbSecret.PwdFileName, "PwdFileName cannot be changed post creation"))
+		}
+	}
+
+	return validationErrs
+}
+
+func (r *OracleRestart) validateUpdateTdeSecret(old *OracleRestart) field.ErrorList {
+	var validationErrs field.ErrorList
+
+	if r.Spec.TdeWalletSecret != nil && old.Status.TdeWalletSecret != nil {
+		if r.Spec.TdeWalletSecret.Name != "" && old.Status.TdeWalletSecret.Name != "" &&
+			!strings.EqualFold(old.Status.TdeWalletSecret.Name, r.Spec.TdeWalletSecret.Name) {
+			validationErrs = append(validationErrs,
+				field.Forbidden(field.NewPath("spec").Child("TdeWalletSecret").Child("Name"),
+					"TdeWalletSecret name cannot be changed post creation"))
+		}
+
+		if r.Spec.TdeWalletSecret.KeyFileName != "" && old.Status.TdeWalletSecret.KeyFileName != "" &&
+			!strings.EqualFold(old.Status.TdeWalletSecret.KeyFileName, r.Spec.TdeWalletSecret.KeyFileName) {
+			validationErrs = append(validationErrs,
+				field.Invalid(field.NewPath("spec").Child("TdeWalletSecret").Child("KeyFileName"),
+					r.Spec.TdeWalletSecret.KeyFileName, "KeyFileName cannot be changed post creation"))
+		}
+
+		if r.Spec.TdeWalletSecret.PwdFileName != "" && old.Status.TdeWalletSecret.PwdFileName != "" &&
+			!strings.EqualFold(old.Status.TdeWalletSecret.PwdFileName, r.Spec.TdeWalletSecret.PwdFileName) {
+			validationErrs = append(validationErrs,
+				field.Invalid(field.NewPath("spec").Child("TdeWalletSecret").Child("PwdFileName"),
+					r.Spec.TdeWalletSecret.PwdFileName, "PwdFileName cannot be changed post creation"))
+		}
+	}
+
+	return validationErrs
+}
+
+func (r *OracleRestart) validateUpdateSshSecret(old *OracleRestart) field.ErrorList {
+	var validationErrs field.ErrorList
+
+	if r.Spec.SshKeySecret != nil && old.Status.SshKeySecret != nil {
+		if r.Spec.SshKeySecret.Name != "" && old.Status.SshKeySecret.Name != "" &&
+			!strings.EqualFold(old.Status.SshKeySecret.Name, r.Spec.SshKeySecret.Name) {
+			validationErrs = append(validationErrs,
+				field.Forbidden(field.NewPath("spec").Child("SshKeySecret").Child("Name"),
+					"SshKeySecret name cannot be changed post creation"))
+		}
+
+		if r.Spec.SshKeySecret.PrivKeySecretName != "" && old.Status.SshKeySecret.PrivKeySecretName != "" &&
+			!strings.EqualFold(old.Status.SshKeySecret.PrivKeySecretName, r.Spec.SshKeySecret.PrivKeySecretName) {
+			validationErrs = append(validationErrs,
+				field.Invalid(field.NewPath("spec").Child("SshKeySecret").Child("PrivKeySecretName"),
+					r.Spec.SshKeySecret.PrivKeySecretName, "PrivKeySecretName cannot be changed post creation"))
+		}
+
+		if r.Spec.SshKeySecret.PubKeySecretName != "" && old.Status.SshKeySecret.PubKeySecretName != "" &&
+			!strings.EqualFold(old.Status.SshKeySecret.PubKeySecretName, r.Spec.SshKeySecret.PubKeySecretName) {
+			validationErrs = append(validationErrs,
+				field.Invalid(field.NewPath("spec").Child("SshKeySecret").Child("PubKeySecretName"),
+					r.Spec.SshKeySecret.PubKeySecretName, "PubKeySecretName cannot be changed post creation"))
+		}
+	}
+
+	return validationErrs
+}
+
+func (r *OracleRestart) validateAsmDeviceList(deviceListStr, deviceListName string) ([]string, field.ErrorList) {
+	var warnings []string
+	var validationErrs field.ErrorList
+
+	// Skip validation if the device list is empty or not provided
+	if deviceListStr == "" {
+		return warnings, validationErrs
+	}
+
+	if r.Spec.AsmStorageDetails == nil {
+		validationErrs = append(validationErrs,
+			field.Required(field.NewPath("spec").Child("AsmStorageDetails"),
+				"ASM storage details must be provided when device list is specified"))
+		return warnings, validationErrs
+	}
+
+	deviceList := strings.Split(deviceListStr, ",")
+	var sizeGroup string // Placeholder for the expected storage size as string
+
+	for _, device := range deviceList {
+		found := false
+		for _, diskBySize := range r.Spec.AsmStorageDetails.DisksBySize {
+			// Check if the device exists in the current size group
+			if contains(diskBySize.DiskNames, device) {
+				// Check for storage size mismatch
+				if sizeGroup == "" {
+					// Set the expected size group on first match
+					sizeGroup = fmt.Sprintf("%d", diskBySize.StorageSizeInGb)
+				} else if sizeGroup != fmt.Sprintf("%d", diskBySize.StorageSizeInGb) {
+					// Add warning for size mismatch
+					warnings = append(warnings,
+						fmt.Sprintf("Disk %s in %s is not of the same storage size as others (%s GB expected, but found %s GB)",
+							device, deviceListName, sizeGroup, fmt.Sprintf("%d", diskBySize.StorageSizeInGb)))
+				}
+				found = true
+				break
+			}
+		}
+		// Error if a device in the list is not found in any DisksBySize group
+		if !found {
+			validationErrs = append(validationErrs,
+				field.Invalid(field.NewPath("spec").Child("AsmStorageDetails").Child(deviceListName), device,
+					fmt.Sprintf("Disk %s not found in any storage size group", device)))
+		}
+	}
+
+	return warnings, validationErrs
+}
+
+func (r *OracleRestart) validateCrsAsmDeviceListSize() ([]string, field.ErrorList) {
+	var warnings []string
+	var validationErrs field.ErrorList
+
+	if r.Spec.ConfigParams == nil || r.Spec.ConfigParams.CrsAsmDeviceList == "" {
+		return warnings, validationErrs
+	}
+
+	return r.validateAsmDeviceList(r.Spec.ConfigParams.CrsAsmDeviceList, "CrsAsmDeviceList")
+}
+
+func (r *OracleRestart) validateDbAsmDeviceList() ([]string, field.ErrorList) {
+	var warnings []string
+	var validationErrs field.ErrorList
+
+	if r.Spec.ConfigParams == nil || r.Spec.ConfigParams.DbAsmDeviceList == "" {
+		return warnings, validationErrs
+	}
+
+	return r.validateAsmDeviceList(r.Spec.ConfigParams.DbAsmDeviceList, "DbAsmDeviceList")
+}
+
+func (r *OracleRestart) validateRecoAsmDeviceList() ([]string, field.ErrorList) {
+	var warnings []string
+	var validationErrs field.ErrorList
+
+	if r.Spec.ConfigParams == nil || r.Spec.ConfigParams.RecoAsmDeviceList == "" {
+		return warnings, validationErrs
+	}
+
+	return r.validateAsmDeviceList(r.Spec.ConfigParams.RecoAsmDeviceList, "RecoAsmDeviceList")
+}
+
+func (r *OracleRestart) validateRedoAsmDeviceList() ([]string, field.ErrorList) {
+	var warnings []string
+	var validationErrs field.ErrorList
+
+	if r.Spec.ConfigParams == nil || r.Spec.ConfigParams.RedoAsmDeviceList == "" {
+		return warnings, validationErrs
+	}
+
+	return r.validateAsmDeviceList(r.Spec.ConfigParams.RedoAsmDeviceList, "RedoAsmDeviceList")
+}
+
+func (r *OracleRestart) validateRedoAsmDG() field.ErrorList {
+	var validationErrs field.ErrorList
+
+	if r.Spec.RedoDgStorageClass != "" {
+		if r.Spec.ConfigParams == nil || r.Spec.ConfigParams.RedoAsmDeviceList == "" {
+			validationErrs = append(validationErrs,
+				field.Invalid(field.NewPath("spec").Child("RedoDgStorageClass"), r.Spec.RedoDgStorageClass, fmt.Sprintf("Redo ASM diskgroup storageclass set but Spec.ConfigParams.RedoAsmDeviceList is set to empty")))
+			return validationErrs
+		}
+	}
+	return nil
+}
+
+func (r *OracleRestart) validateRecoAsmDG() field.ErrorList {
+	var validationErrs field.ErrorList
+
+	if r.Spec.RecoDgStorageClass != "" {
+		if r.Spec.ConfigParams == nil || r.Spec.ConfigParams.RecoAsmDeviceList == "" {
+			validationErrs = append(validationErrs,
+				field.Invalid(field.NewPath("spec").Child("RecoDgStorageClass"), r.Spec.RecoDgStorageClass, fmt.Sprintf("Reco ASM diskgroup storageclass set but Spec.ConfigParams.RecoAsmDeviceList is set to empty")))
+			return validationErrs
+		}
+	}
+	return nil
+}
+
+func (r *OracleRestart) validateDataAsmDG() field.ErrorList {
+	var validationErrs field.ErrorList
+
+	if r.Spec.DataDgStorageClass != "" {
+		if r.Spec.ConfigParams == nil || r.Spec.ConfigParams.DbAsmDeviceList == "" {
+			validationErrs = append(validationErrs,
+				field.Invalid(field.NewPath("spec").Child("DataDgStorageClass"), r.Spec.RedoDgStorageClass, fmt.Sprintf("Data ASM diskgroup storageclass set but Spec.ConfigParams.DataAsmDeviceList is set to empty")))
+			return validationErrs
+		}
+	}
+	return nil
+}
+
+func (r *OracleRestart) validateCrsAsmDG() field.ErrorList {
+	var validationErrs field.ErrorList
+
+	if r.Spec.CrsDgStorageClass != "" {
+		if r.Spec.ConfigParams == nil || r.Spec.ConfigParams.CrsAsmDeviceList == "" {
+			validationErrs = append(validationErrs,
+				field.Invalid(field.NewPath("spec").Child("CrsDgStorageClass"), r.Spec.CrsDgStorageClass, fmt.Sprintf("Crs ASM diskgroup storageclass set but Spec.ConfigParams.CrsAsmDeviceList is set to empty")))
+			return validationErrs
+		}
+	}
+	return nil
+}
+
+// Helper function to check if a slice contains a specific element
+func contains(slice []string, item string) bool {
+	for _, elem := range slice {
+		if elem == item {
+			return true
+		}
+	}
+	return false
+}
+func getDeviceCount(deviceList string) int {
+	if deviceList == "" {
+		return 0
+	}
+	devices := strings.Split(deviceList, ",")
+	count := 0
+	for _, d := range devices {
+		if strings.TrimSpace(d) != "" {
+			count++
+		}
+	}
+	return count
+}
+
+func (r *OracleRestart) validateAsmRedundancyAndDisks(
+	devList, redundancy, paramField string,
+) field.ErrorList {
+	var errs field.ErrorList
+	diskCount := getDeviceCount(devList)
+
+	// Only validate if at least ONE of devList or redundancy is set/non-empty
+	if strings.TrimSpace(redundancy) == "" {
+		// Both are empty, nothing to validate
+		return errs
+	}
+
+	switch strings.ToUpper(redundancy) {
+	case "EXTERNAL":
+		if diskCount < 1 {
+			errs = append(errs, field.Invalid(
+				field.NewPath("spec").Child("configParams").Child(paramField),
+				devList,
+				"EXTERNAL redundancy requires disk count minimum 1",
+			))
+		}
+	case "NORMAL":
+		if diskCount < 2 {
+			errs = append(errs, field.Invalid(
+				field.NewPath("spec").Child("configParams").Child(paramField),
+				devList,
+				"NORMAL redundancy requires disk count minimum 2",
+			))
+		}
+	case "HIGH":
+		if diskCount < 3 {
+			errs = append(errs, field.Invalid(
+				field.NewPath("spec").Child("configParams").Child(paramField),
+				devList,
+				"HIGH redundancy requires disk count minimum 3",
+			))
+		}
+	default:
+		errs = append(errs, field.Invalid(
+			field.NewPath("spec").Child("configParams").Child(paramField),
+			redundancy,
+			"Invalid redundancy type; must be EXTERNAL, NORMAL, or HIGH",
+		))
+	}
+	return errs
+}
+
+// =========================== Update specs checks block ends Here =======================
diff --git a/apis/database/v4/oraclerestdataservice_types.go b/apis/database/v4/oraclerestdataservice_types.go
index 20cc7a74..c58de9f4 100644
--- a/apis/database/v4/oraclerestdataservice_types.go
+++ b/apis/database/v4/oraclerestdataservice_types.go
@@ -126,6 +126,7 @@ type OracleRestDataServiceStatus struct {
 }
 
 //+kubebuilder:object:root=true
+// +kubebuilder:resource:shortName=ords
 //+kubebuilder:subresource:status
 // +kubebuilder:printcolumn:JSONPath=".status.status",name="Status",type="string"
 // +kubebuilder:printcolumn:JSONPath=".spec.databaseRef",name="Database",type="string"
diff --git a/apis/database/v4/ordssrvs_types.go b/apis/database/v4/ordssrvs_types.go
index 1fbf820a..d7e5156a 100644
--- a/apis/database/v4/ordssrvs_types.go
+++ b/apis/database/v4/ordssrvs_types.go
@@ -39,8 +39,6 @@
 package v4
 
 import (
-	"time"
-
 	corev1 "k8s.io/api/core/v1"
 	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 )
@@ -74,7 +72,8 @@ type OrdsSrvsSpec struct {
 	EncPrivKey   PasswordSecret  `json:"encPrivKey,omitempty"`
 	PoolSettings []*PoolSettings `json:"poolSettings,omitempty"`
 	// +k8s:openapi-gen=true
-
+	// ServiceAccount of the OrdsSrvs Pod
+	ServiceAccountName string `json:"serviceAccountName,omitempty"`
 }
 
 type GlobalSettings struct {
@@ -82,15 +81,14 @@ type GlobalSettings struct {
 	CacheMetadataEnabled *bool `json:"cache.metadata.enabled,omitempty"`
 
 	// Specifies the duration after a GraphQL schema is not accessed from the cache that it expires.
-	CacheMetadataGraphQLExpireAfterAccess *time.Duration `json:"cache.metadata.graphql.expireAfterAccess,omitempty"`
+	CacheMetadataGraphQLExpireAfterAccess string `json:"cache.metadata.graphql.expireAfterAccess,omitempty"`
 
 	// Specifies the duration after a GraphQL schema is cached that it expires and has to be loaded again.
-	CacheMetadataGraphQLExpireAfterWrite *time.Duration `json:"cache.metadata.graphql.expireAfterWrite,omitempty"`
+	CacheMetadataGraphQLExpireAfterWrite string `json:"cache.metadata.graphql.expireAfterWrite,omitempty"`
 
 	// Specifies the setting to determine for how long a metadata record remains in the cache.
 	// Longer duration means, it takes longer to view the applied changes.
-	// The formats accepted are based on the ISO-8601 duration format.
-	CacheMetadataTimeout *time.Duration `json:"cache.metadata.timeout,omitempty"`
+	CacheMetadataTimeout string `json:"cache.metadata.timeout,omitempty"`
 
 	// Specifies the setting to enable or disable JWKS caching.
 	CacheMetadataJWKSEnabled *bool `json:"cache.metadata.jwks.enabled,omitempty"`
@@ -103,10 +101,10 @@ type GlobalSettings struct {
 
 	// Specifies the duration after a JWK is not accessed from the cache that it expires.
 	// By default this is disabled.
-	CacheMetadataJWKSExpireAfterAccess *time.Duration `json:"cache.metadata.jwks.expireAfterAccess,omitempty"`
+	CacheMetadataJWKSExpireAfterAccess string `json:"cache.metadata.jwks.expireAfterAccess,omitempty"`
 
 	// Specifies the duration after a JWK is cached, that is, it expires and has to be loaded again.
-	CacheMetadataJWKSExpireAfterWrite *time.Duration `json:"cache.metadata.jwks.expireAfterWrite,omitempty"`
+	CacheMetadataJWKSExpireAfterWrite string `json:"cache.metadata.jwks.expireAfterWrite,omitempty"`
 
 	// Specifies whether the Database API is enabled.
 	DatabaseAPIEnabled *bool `json:"database.api.enabled,omitempty"`
@@ -116,7 +114,7 @@ type GlobalSettings struct {
 	DatabaseAPIManagementServicesDisabled *bool `json:"database.api.management.services.disabled,omitempty"`
 
 	// Specifies how long to wait before retrying an invalid pool.
-	DBInvalidPoolTimeout *time.Duration `json:"db.invalidPoolTimeout,omitempty"`
+	DBInvalidPoolTimeout string `json:"db.invalidPoolTimeout,omitempty"`
 
 	// Specifies the maximum join nesting depth limit for GraphQL queries.
 	FeatureGraphQLMaxNestingDepth *int32 `json:"feature.grahpql.max.nesting.depth,omitempty"`
@@ -131,7 +129,7 @@ type GlobalSettings struct {
 	SecurityCredentialsAttempts *int32 `json:"security.credentials.attempts,omitempty"`
 
 	// Specifies the period to lock the account that has exceeded maximum attempts.
-	SecurityCredentialsLockTime *time.Duration `json:"security.credentials.lock.time,omitempty"`
+	SecurityCredentialsLockTime string `json:"security.credentials.lock.time,omitempty"`
 
 	// Specifies the HTTP listen port.
 	//+kubebuilder:default:=8080
@@ -145,7 +143,7 @@ type GlobalSettings struct {
 	StandaloneHTTPSPort *int32 `json:"standalone.https.port,omitempty"`
 
 	// Specifies the period for Standalone Mode to wait until it is gracefully shutdown.
-	StandaloneStopTimeout *time.Duration `json:"standalone.stop.timeout,omitempty"`
+	StandaloneStopTimeout string `json:"standalone.stop.timeout,omitempty"`
 
 	// Specifies whether to display error messages on the browser.
 	DebugPrintDebugToScreen *bool `json:"debug.printDebugToScreen,omitempty"`
@@ -181,10 +179,10 @@ type GlobalSettings struct {
 	MongoPort *int32 `json:"mongo.port,omitempty"`
 
 	// Specifies the maximum idle time for a Mongo connection in milliseconds.
-	MongoIdleTimeout *time.Duration `json:"mongo.idle.timeout,omitempty"`
+	MongoIdleTimeout string `json:"mongo.idle.timeout,omitempty"`
 
 	// Specifies the maximum time for a Mongo database operation in milliseconds.
-	MongoOpTimeout *time.Duration `json:"mongo.op.timeout,omitempty"`
+	MongoOpTimeout string `json:"mongo.op.timeout,omitempty"`
 
 	// If this value is set to true, then the Oracle REST Data Services internal exclusion list is not enforced.
 	// Oracle recommends that you do not set this value to true.
@@ -207,6 +205,19 @@ type GlobalSettings struct {
 	//+kubebuilder:default:="/ords"
 	StandaloneContextPath string `json:"standalone.context.path,omitempty"`
 
+	// Specify whether to download APEX installation files
+	// This setting will be ignored for ADB
+	//+kubebuilder:default:=false
+	APEXDownload bool `json:"apex.download,omitempty"`
+
+	// Specify the url to download APEX installation files
+	// This setting will be ignored for ADB
+	//+kubebuilder:default:="https://download.oracle.com/otn_software/apex/apex-latest.zip"
+	APEXDownloadUrl string `json:"apex.download.url,omitempty"`
+
+	// Specify the storage attributes for PersistenceVolume and PersistenceVolumeClaim
+	APEXInstallationPersistence Persistence `json:"apex.installation.persistence,omitempty"`
+
 	/*************************************************
 	* Undocumented
 	/************************************************/
@@ -303,6 +314,19 @@ type GlobalSettings struct {
 	// HARDCODED to global/logs
 }
 
+// Specify storage attributes of PV and PVC
+type Persistence struct {
+	//+kubebuilder:default="1Gi"
+	Size         string `json:"size,omitempty"`
+	StorageClass string `json:"storageClass,omitempty"`
+	//+kubebuilder:validation:Enum=ReadWriteOnce;ReadWriteMany
+	//+kubebuilder:default=ReadWriteOnce
+	AccessMode string `json:"accessMode,omitempty"`
+	VolumeName string `json:"volumeName,omitempty"`
+	//VolumeClaimAnnotation string `json:"volumeClaimAnnotation,omitempty"`
+	//SetWritePermissions   *bool  `json:"setWritePermissions,omitempty"`
+}
+
 type PoolSettings struct {
 	// Specifies the Pool Name
 	PoolName string `json:"poolName"`
@@ -372,7 +396,7 @@ type PoolSettings struct {
 	DBCredentialsSource string `json:"db.credentialsSource,omitempty"`
 
 	// Indicates how long to wait to gracefully destroy a pool before moving to forcefully destroy all connections including borrowed ones.
-	DBPoolDestroyTimeout *time.Duration `json:"db.poolDestroyTimeout,omitempty"`
+	DBPoolDestroyTimeout string `json:"db.poolDestroyTimeout,omitempty"`
 
 	// Specifies to enable tracking of JDBC resources.
 	// If not released causes in resource leaks or exhaustion in the database.
@@ -411,21 +435,21 @@ type PoolSettings struct {
 	SecurityJWKSSize *int32 `json:"security.jwks.size,omitempty"`
 
 	// Specifies the maximum amount of time before timing-out when accessing a JWK url.
-	SecurityJWKSConnectionTimeout *time.Duration `json:"security.jwks.connection.timeout,omitempty"`
+	SecurityJWKSConnectionTimeout string `json:"security.jwks.connection.timeout,omitempty"`
 
 	// Specifies the maximum amount of time reading a response from the JWK url before timing-out.
-	SecurityJWKSReadTimeout *time.Duration `json:"security.jwks.read.timeout,omitempty"`
+	SecurityJWKSReadTimeout string `json:"security.jwks.read.timeout,omitempty"`
 
 	// Specifies the minimum interval between refreshing the JWK cached value.
-	SecurityJWKSRefreshInterval *time.Duration `json:"security.jwks.refresh.interval,omitempty"`
+	SecurityJWKSRefreshInterval string `json:"security.jwks.refresh.interval,omitempty"`
 
 	// Specifies the maximum skew the JWT time claims are accepted.
 	// This is useful if the clock on the JWT issuer and ORDS differs by a few seconds.
-	SecurityJWTAllowedSkew *time.Duration `json:"security.jwt.allowed.skew,omitempty"`
+	SecurityJWTAllowedSkew string `json:"security.jwt.allowed.skew,omitempty"`
 
 	// Specifies the maximum allowed age of a JWT in seconds, regardless of expired claim.
 	// The age of the JWT is taken from the JWT issued at claim.
-	SecurityJWTAllowedAge *time.Duration `json:"security.jwt.allowed.age,omitempty"`
+	SecurityJWTAllowedAge string `json:"security.jwt.allowed.age,omitempty"`
 
 	// Indicates the type of security.requestValidationFunction: javascript or plsql.
 	//+kubebuilder:validation:Enum=plsql;javascript
@@ -471,7 +495,7 @@ type PoolSettings struct {
 	JDBCMaxConnectionReuseCount *int32 `json:"jdbc.MaxConnectionReuseCount,omitempty"`
 
 	// Sets the maximum connection reuse time property.
-	JDBCMaxConnectionReuseTime *int32 `json:"jdbc.MaxConnectionReuseTime,omitempty"`
+	JDBCMaxConnectionReuseTime string `json:"jdbc.MaxConnectionReuseTime,omitempty"`
 
 	// Sets the time in seconds to trust an idle connection to skip a validation test.
 	JDBCSecondsToTrustIdleConnection *int32 `json:"jdbc.SecondsToTrustIdleConnection,omitempty"`
diff --git a/apis/database/v4/pdb_types.go b/apis/database/v4/pdb_types.go
deleted file mode 100644
index 16021f12..00000000
--- a/apis/database/v4/pdb_types.go
+++ /dev/null
@@ -1,237 +0,0 @@
-/*
-** Copyright (c) 2022 Oracle and/or its affiliates.
-**
-** The Universal Permissive License (UPL), Version 1.0
-**
-** Subject to the condition set forth below, permission is hereby granted to any
-** person obtaining a copy of this software, associated documentation and/or data
-** (collectively the "Software"), free of charge and under any and all copyright
-** rights in the Software, and any and all patent rights owned or freely
-** licensable by each licensor hereunder covering either (i) the unmodified
-** Software as contributed to or provided by such licensor, or (ii) the Larger
-** Works (as defined below), to deal in both
-**
-** (a) the Software, and
-** (b) any piece of software and/or hardware listed in the lrgrwrks.txt file if
-** one is included with the Software (each a "Larger Work" to which the Software
-** is contributed by such licensors),
-**
-** without restriction, including without limitation the rights to copy, create
-** derivative works of, display, perform, and distribute the Software and make,
-** use, sell, offer for sale, import, export, have made, and have sold the
-** Software and the Larger Work(s), and to sublicense the foregoing rights on
-** either these or other terms.
-**
-** This license is subject to the following condition:
-** The above copyright notice and either this complete permission notice or at
-** a minimum a reference to the UPL must be included in all copies or
-** substantial portions of the Software.
-**
-** THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-** IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-** FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-** AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-** LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-** OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
-** SOFTWARE.
- */
-
-package v4
-
-import (
-	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
-)
-
-// PDBSpec defines the desired state of PDB
-type PDBSpec struct {
-	// INSERT ADDITIONAL SPEC FIELDS - desired state of cluster
-	// Important: Run "make" to regenerate code after modifying this file
-
-	PDBTlsKey PDBTLSKEY `json:"pdbTlsKey,omitempty"`
-	PDBTlsCrt PDBTLSCRT `json:"pdbTlsCrt,omitempty"`
-	PDBTlsCat PDBTLSCAT `json:"pdbTlsCat,omitempty"`
-
-	// CDB Namespace
-	CDBNamespace string `json:"cdbNamespace,omitempty"`
-	// Name of the CDB Custom Resource that runs the ORDS container
-	CDBResName string `json:"cdbResName,omitempty"`
-	// Name of the CDB
-	CDBName string `json:"cdbName,omitempty"`
-	// The name of the new PDB. Relevant for both Create and Plug Actions.
-	PDBName string `json:"pdbName,omitempty"`
-	// Name of the Source PDB from which to clone
-	SrcPDBName string `json:"srcPdbName,omitempty"`
-	// The administrator username for the new PDB. This property is required when the Action property is Create.
-	AdminName PDBAdminName `json:"adminName,omitempty"`
-	// The administrator password for the new PDB. This property is required when the Action property is Create.
-	AdminPwd PDBAdminPassword `json:"adminPwd,omitempty"`
-	// Web Server User with SQL Administrator role to allow us to authenticate to the PDB Lifecycle Management REST endpoints
-	WebServerUsr WebServerUserPDB `json:"webServerUser,omitempty"`
-	// Password for the Web ServerPDB User
-	WebServerPwd WebServerPasswordPDB `json:"webServerPwd,omitempty"`
-	// Relevant for Create and Plug operations. As defined in the  Oracle Multitenant Database documentation. Values can be a filename convert pattern or NONE.
-	FileNameConversions string `json:"fileNameConversions,omitempty"`
-	// This property is required when the Action property is Plug. As defined in the Oracle Multitenant Database documentation. Values can be a source filename convert pattern or NONE.
-	SourceFileNameConversions string `json:"sourceFileNameConversions,omitempty"`
-	// XML metadata filename to be used for Plug or Unplug operations
-	XMLFileName string `json:"xmlFileName,omitempty"`
-	// To copy files or not while cloning a PDB
-	// +kubebuilder:validation:Enum=COPY;NOCOPY;MOVE
-	CopyAction string `json:"copyAction,omitempty"`
-	// Specify if datafiles should be removed or not. The value can be INCLUDING or KEEP (default).
-	// +kubebuilder:validation:Enum=INCLUDING;KEEP
-	DropAction string `json:"dropAction,omitempty"`
-	// A Path specified for sparse clone snapshot copy. (Optional)
-	SparseClonePath string `json:"sparseClonePath,omitempty"`
-	// Whether to reuse temp file
-	ReuseTempFile *bool `json:"reuseTempFile,omitempty"`
-	// Relevant for Create and Plug operations. True for unlimited storage. Even when set to true, totalSize and tempSize MUST be specified in the request if Action is Create.
-	UnlimitedStorage *bool `json:"unlimitedStorage,omitempty"`
-	// Indicate if 'AS CLONE' option should be used in the command to plug in a PDB. This property is applicable when the Action property is PLUG but not required.
-	AsClone *bool `json:"asClone,omitempty"`
-	// Relevant for create and plug operations. Total size as defined in the Oracle Multitenant Database documentation. See size_clause description in Database SQL Language Reference documentation.
-	TotalSize string `json:"totalSize,omitempty"`
-	// Relevant for Create and Clone operations. Total size for temporary tablespace as defined in the Oracle Multitenant Database documentation. See size_clause description in Database SQL Language Reference documentation.
-	TempSize string `json:"tempSize,omitempty"`
-	// TDE import for plug operations
-	TDEImport *bool `json:"tdeImport,omitempty"`
-	// TDE export for unplug operations
-	TDEExport *bool `json:"tdeExport,omitempty"`
-	// TDE password if the tdeImport or tdeExport flag is set to true. Can be used in create, plug or unplug operations
-	TDEPassword TDEPwd `json:"tdePassword,omitempty"`
-	// TDE keystore path is required if the tdeImport or tdeExport flag is set to true. Can be used in plug or unplug operations.
-	TDEKeystorePath string `json:"tdeKeystorePath,omitempty"`
-	// TDE secret is required if the tdeImport or tdeExport flag is set to true. Can be used in plug or unplug operations.
-	TDESecret TDESecret `json:"tdeSecret,omitempty"`
-	// Whether you need the script only or execute the script
-	GetScript *bool `json:"getScript,omitempty"`
-	// Action to be taken: Create/Clone/Plug/Unplug/Delete/Modify/Status/Map. Map is used to map a Databse PDB to a Kubernetes PDB CR.
-	// +kubebuilder:validation:Enum=Create;Clone;Plug;Unplug;Delete;Modify;Status;Map
-	Action string `json:"action"`
-	// Extra options for opening and closing a PDB
-	// +kubebuilder:validation:Enum=IMMEDIATE;NORMAL;READ ONLY;READ WRITE;RESTRICTED
-	ModifyOption string `json:"modifyOption,omitempty"`
-	// The target state of the PDB
-	// +kubebuilder:validation:Enum=OPEN;CLOSE
-	PDBState string `json:"pdbState,omitempty"`
-	// turn on the assertive approach to delete pdb resource
-	// kubectl delete pdb ..... automatically triggers the pluggable database
-	// deletion
-	AssertivePdbDeletion bool       `json:"assertivePdbDeletion,omitempty"`
-	PDBPubKey            PDBPUBKEY  `json:"pdbOrdsPubKey,omitempty"`
-	PDBPriKey            PDBPRIVKEY `json:"pdbOrdsPrvKey,omitempty"`
-}
-
-// PDBAdminName defines the secret containing Sys Admin User mapped to key 'adminName' for PDB
-type PDBAdminName struct {
-	Secret PDBSecret `json:"secret"`
-}
-
-// PDBAdminPassword defines the secret containing Sys Admin Password mapped to key 'adminPwd' for PDB
-type PDBAdminPassword struct {
-	Secret PDBSecret `json:"secret"`
-}
-
-// TDEPwd defines the secret containing TDE Wallet Password mapped to key 'tdePassword' for PDB
-type TDEPwd struct {
-	Secret PDBSecret `json:"secret"`
-}
-
-// TDESecret defines the secret containing TDE Secret to key 'tdeSecret' for PDB
-type TDESecret struct {
-	Secret PDBSecret `json:"secret"`
-}
-
-// WebServerUser defines the secret containing Web Server User mapped to key 'webServerUser' to manage PDB lifecycle
-
-type WebServerUserPDB struct {
-	Secret PDBSecret `json:"secret"`
-}
-
-// WebServerPassword defines the secret containing password for Web Server User mapped to key 'webServerPwd' to manage PDB lifecycle
-type WebServerPasswordPDB struct {
-	Secret PDBSecret `json:"secret"`
-}
-
-// PDBSecret defines the secretName
-type PDBSecret struct {
-	SecretName string `json:"secretName"`
-	Key        string `json:"key"`
-}
-
-type PDBTLSKEY struct {
-	Secret PDBSecret `json:"secret"`
-}
-
-type PDBTLSCRT struct {
-	Secret PDBSecret `json:"secret"`
-}
-
-type PDBTLSCAT struct {
-	Secret PDBSecret `json:"secret"`
-}
-
-// PDBStatus defines the observed state of PDB
-type PDBStatus struct {
-	// INSERT ADDITIONAL STATUS FIELD - define observed state of cluster
-	// Important: Run "make" to regenerate code after modifying this file
-
-	// PDB Connect String
-	ConnString string `json:"connString,omitempty"`
-	// Phase of the PDB Resource
-	Phase string `json:"phase"`
-	// PDB Resource Status
-	Status bool `json:"status"`
-	// Total size of the PDB
-	TotalSize string `json:"totalSize,omitempty"`
-	// Open mode of the PDB
-	OpenMode string `json:"openMode,omitempty"`
-	// Modify Option of the PDB
-	ModifyOption string `json:"modifyOption,omitempty"`
-	// Message
-	Msg string `json:"msg,omitempty"`
-	// Last Completed Action
-	Action string `json:"action,omitempty"`
-}
-
-// +kubebuilder:object:root=true
-// +kubebuilder:subresource:status
-// +kubebuilder:printcolumn:JSONPath=".spec.cdbName",name="CDB Name",type="string",description="Name of the CDB"
-// +kubebuilder:printcolumn:JSONPath=".spec.pdbName",name="PDB Name",type="string",description="Name of the PDB"
-// +kubebuilder:printcolumn:JSONPath=".status.openMode",name="PDB State",type="string",description="PDB Open Mode"
-// +kubebuilder:printcolumn:JSONPath=".status.totalSize",name="PDB Size",type="string",description="Total Size of the PDB"
-// +kubebuilder:printcolumn:JSONPath=".status.phase",name="Status",type="string",description="Status of the PDB Resource"
-// +kubebuilder:printcolumn:JSONPath=".status.msg",name="Message",type="string",description="Error message, if any"
-// +kubebuilder:printcolumn:JSONPath=".status.connString",name="Connect_String",type="string",description="The connect string to be used"
-// +kubebuilder:resource:path=pdbs,scope=Namespaced
-// +kubebuilder:storageversion
-
-// PDB is the Schema for the pdbs API
-type PDB struct {
-	metav1.TypeMeta   `json:",inline"`
-	metav1.ObjectMeta `json:"metadata,omitempty"`
-
-	Spec   PDBSpec   `json:"spec,omitempty"`
-	Status PDBStatus `json:"status,omitempty"`
-}
-
-//+kubebuilder:object:root=true
-
-// PDBList contains a list of PDB
-type PDBList struct {
-	metav1.TypeMeta `json:",inline"`
-	metav1.ListMeta `json:"metadata,omitempty"`
-	Items           []PDB `json:"items"`
-}
-
-type PDBPUBKEY struct {
-	Secret PDBSecret `json:"secret"`
-}
-
-type PDBPRIVKEY struct {
-	Secret PDBSecret `json:"secret"`
-}
-
-func init() {
-	SchemeBuilder.Register(&PDB{}, &PDBList{})
-}
diff --git a/apis/database/v4/pdb_webhook.go b/apis/database/v4/pdb_webhook.go
deleted file mode 100644
index f651accf..00000000
--- a/apis/database/v4/pdb_webhook.go
+++ /dev/null
@@ -1,369 +0,0 @@
-/*
-** Copyright (c) 2022 Oracle and/or its affiliates.
-**
-** The Universal Permissive License (UPL), Version 1.0
-**
-** Subject to the condition set forth below, permission is hereby granted to any
-** person obtaining a copy of this software, associated documentation and/or data
-** (collectively the "Software"), free of charge and under any and all copyright
-** rights in the Software, and any and all patent rights owned or freely
-** licensable by each licensor hereunder covering either (i) the unmodified
-** Software as contributed to or provided by such licensor, or (ii) the Larger
-** Works (as defined below), to deal in both
-**
-** (a) the Software, and
-** (b) any piece of software and/or hardware listed in the lrgrwrks.txt file if
-** one is included with the Software (each a "Larger Work" to which the Software
-** is contributed by such licensors),
-**
-** without restriction, including without limitation the rights to copy, create
-** derivative works of, display, perform, and distribute the Software and make,
-** use, sell, offer for sale, import, export, have made, and have sold the
-** Software and the Larger Work(s), and to sublicense the foregoing rights on
-** either these or other terms.
-**
-** This license is subject to the following condition:
-** The above copyright notice and either this complete permission notice or at
-** a minimum a reference to the UPL must be included in all copies or
-** substantial portions of the Software.
-**
-** THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-** IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-** FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-** AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-** LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-** OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
-** SOFTWARE.
- */
-
-/*    MODIFIED   (MM/DD/YY)
-**    rcitton     07/14/22 - 33822886
- */
-
-package v4
-
-import (
-	"reflect"
-	"strconv"
-	"strings"
-
-	apierrors "k8s.io/apimachinery/pkg/api/errors"
-	"k8s.io/apimachinery/pkg/runtime"
-	"k8s.io/apimachinery/pkg/runtime/schema"
-	"k8s.io/apimachinery/pkg/util/validation/field"
-	ctrl "sigs.k8s.io/controller-runtime"
-	logf "sigs.k8s.io/controller-runtime/pkg/log"
-	"sigs.k8s.io/controller-runtime/pkg/webhook"
-	"sigs.k8s.io/controller-runtime/pkg/webhook/admission"
-)
-
-// log is for logging in this package.
-var pdblog = logf.Log.WithName("pdb-webhook")
-
-func (r *PDB) SetupWebhookWithManager(mgr ctrl.Manager) error {
-	return ctrl.NewWebhookManagedBy(mgr).
-		For(r).
-		Complete()
-}
-
-//+kubebuilder:webhook:path=/mutate-database-oracle-com-v4-pdb,mutating=true,failurePolicy=fail,sideEffects=None,groups=database.oracle.com,resources=pdbs,verbs=create;update,versions=v4,name=mpdb.kb.io,admissionReviewVersions={v1,v1beta1}
-
-var _ webhook.Defaulter = &PDB{}
-
-// Default implements webhook.Defaulter so a webhook will be registered for the type
-func (r *PDB) Default() {
-	pdblog.Info("Setting default values in PDB spec for : " + r.Name)
-
-	action := strings.ToUpper(r.Spec.Action)
-
-	if action == "DELETE" {
-		if r.Spec.DropAction == "" {
-			r.Spec.DropAction = "INCLUDING"
-			pdblog.Info(" - dropAction : INCLUDING")
-		}
-	} else if action != "MODIFY" && action != "STATUS" {
-		if r.Spec.ReuseTempFile == nil {
-			r.Spec.ReuseTempFile = new(bool)
-			*r.Spec.ReuseTempFile = true
-			pdblog.Info(" - reuseTempFile : " + strconv.FormatBool(*(r.Spec.ReuseTempFile)))
-		}
-		if r.Spec.UnlimitedStorage == nil {
-			r.Spec.UnlimitedStorage = new(bool)
-			*r.Spec.UnlimitedStorage = true
-			pdblog.Info(" - unlimitedStorage : " + strconv.FormatBool(*(r.Spec.UnlimitedStorage)))
-		}
-		if r.Spec.TDEImport == nil {
-			r.Spec.TDEImport = new(bool)
-			*r.Spec.TDEImport = false
-			pdblog.Info(" - tdeImport : " + strconv.FormatBool(*(r.Spec.TDEImport)))
-		}
-		if r.Spec.TDEExport == nil {
-			r.Spec.TDEExport = new(bool)
-			*r.Spec.TDEExport = false
-			pdblog.Info(" - tdeExport : " + strconv.FormatBool(*(r.Spec.TDEExport)))
-		}
-		if r.Spec.AsClone == nil {
-			r.Spec.AsClone = new(bool)
-			*r.Spec.AsClone = false
-			pdblog.Info(" - asClone : " + strconv.FormatBool(*(r.Spec.AsClone)))
-		}
-
-	}
-
-	if r.Spec.GetScript == nil {
-		r.Spec.GetScript = new(bool)
-		*r.Spec.GetScript = false
-		pdblog.Info(" - getScript : " + strconv.FormatBool(*(r.Spec.GetScript)))
-	}
-}
-
-// TODO(user): change verbs to "verbs=create;update;delete" if you want to enable deletion validation.
-//+kubebuilder:webhook:path=/validate-database-oracle-com-v4-pdb,mutating=false,failurePolicy=fail,sideEffects=None,groups=database.oracle.com,resources=pdbs,verbs=create;update,versions=v4,name=vpdb.kb.io,admissionReviewVersions={v1,v1beta1}
-
-var _ webhook.Validator = &PDB{}
-
-// ValidateCreate implements webhook.Validator so a webhook will be registered for the type
-func (r *PDB) ValidateCreate() (admission.Warnings, error) {
-	pdblog.Info("ValidateCreate-Validating PDB spec for : " + r.Name)
-
-	var allErrs field.ErrorList
-
-	r.validateCommon(&allErrs)
-
-	r.validateAction(&allErrs)
-
-	action := strings.ToUpper(r.Spec.Action)
-
-	if len(allErrs) == 0 {
-		pdblog.Info("PDB Resource : " + r.Name + " successfully validated for Action : " + action)
-		return nil, nil
-	}
-	return nil, apierrors.NewInvalid(
-		schema.GroupKind{Group: "database.oracle.com", Kind: "PDB"},
-		r.Name, allErrs)
-}
-
-// Validate Action for required parameters
-func (r *PDB) validateAction(allErrs *field.ErrorList) {
-	action := strings.ToUpper(r.Spec.Action)
-
-	pdblog.Info("Valdiating PDB Resource Action : " + action)
-
-	if reflect.ValueOf(r.Spec.PDBTlsKey).IsZero() {
-		*allErrs = append(*allErrs,
-			field.Required(field.NewPath("spec").Child("pdbTlsKey"), "Please specify PDB Tls Key(secret)"))
-	}
-
-	if reflect.ValueOf(r.Spec.PDBTlsCrt).IsZero() {
-		*allErrs = append(*allErrs,
-			field.Required(field.NewPath("spec").Child("pdbTlsCrt"), "Please specify PDB Tls Certificate(secret)"))
-	}
-
-	if reflect.ValueOf(r.Spec.PDBTlsCat).IsZero() {
-		*allErrs = append(*allErrs,
-			field.Required(field.NewPath("spec").Child("pdbTlsCat"), "Please specify PDB Tls Certificate Authority(secret)"))
-	}
-	if reflect.ValueOf(r.Spec.PDBPriKey).IsZero() {
-		*allErrs = append(*allErrs,
-			field.Required(field.NewPath("spec").Child("pdbOrdsPrvKey"), "Please specify PDB Tls Certificate Authority(secret)"))
-	}
-
-	switch action {
-	case "DELETE":
-		/* BUG 36752336 - LREST OPERATOR - DELETE NON-EXISTENT PDB SHOWS LRPDB CREATED MESSAGE */
-		if r.Status.OpenMode == "READ WRITE" {
-			pdblog.Info("Cannot delete: pdb is open ")
-			*allErrs = append(*allErrs, field.Invalid(field.NewPath("status").Child("OpenMode"), "READ WRITE", "pdb "+r.Spec.PDBName+" "+r.Status.OpenMode))
-		}
-		r.CheckObjExistence("DELETE", allErrs, r)
-	case "CREATE":
-		if reflect.ValueOf(r.Spec.AdminName).IsZero() {
-			*allErrs = append(*allErrs,
-				field.Required(field.NewPath("spec").Child("adminName"), "Please specify PDB System Administrator user"))
-		}
-		if reflect.ValueOf(r.Spec.AdminPwd).IsZero() {
-			*allErrs = append(*allErrs,
-				field.Required(field.NewPath("spec").Child("adminPwd"), "Please specify PDB System Administrator Password"))
-		}
-		if reflect.ValueOf(r.Spec.WebServerUsr).IsZero() {
-			*allErrs = append(*allErrs,
-				field.Required(field.NewPath("spec").Child("WebServerUser"), "Please specify the http webServerUser"))
-		}
-		if reflect.ValueOf(r.Spec.WebServerPwd).IsZero() {
-			*allErrs = append(*allErrs,
-				field.Required(field.NewPath("spec").Child("webServerPwd"), "Please specify the http webserverPassword"))
-		}
-
-		if r.Spec.FileNameConversions == "" {
-			*allErrs = append(*allErrs,
-				field.Required(field.NewPath("spec").Child("fileNameConversions"), "Please specify a value for fileNameConversions. Values can be a filename convert pattern or NONE"))
-		}
-		if r.Spec.TotalSize == "" {
-			*allErrs = append(*allErrs,
-				field.Required(field.NewPath("spec").Child("totalSize"), "When the storage is not UNLIMITED the Total Size must be specified"))
-		}
-		if r.Spec.TempSize == "" {
-			*allErrs = append(*allErrs,
-				field.Required(field.NewPath("spec").Child("tempSize"), "When the storage is not UNLIMITED the Temp Size must be specified"))
-		}
-		if *(r.Spec.TDEImport) {
-			r.validateTDEInfo(allErrs)
-		}
-	case "CLONE":
-		// Sample Err: The PDB "pdb1-clone" is invalid: spec.srcPdbName: Required value: Please specify source PDB for Cloning
-		if r.Spec.SrcPDBName == "" {
-			*allErrs = append(*allErrs,
-				field.Required(field.NewPath("spec").Child("srcPdbName"), "Please specify source PDB name for Cloning"))
-		}
-		if r.Spec.TotalSize == "" {
-			*allErrs = append(*allErrs,
-				field.Required(field.NewPath("spec").Child("totalSize"), "When the storage is not UNLIMITED the Total Size must be specified"))
-		}
-		if r.Spec.TempSize == "" {
-			*allErrs = append(*allErrs,
-				field.Required(field.NewPath("spec").Child("tempSize"), "When the storage is not UNLIMITED the Temp Size must be specified"))
-		}
-		/* We don't need this check as ords open the pdb before cloninig */
-		/*
-			if r.Status.OpenMode == "MOUNTED" {
-				pdblog.Info("Cannot clone: pdb is mount ")
-				*allErrs = append(*allErrs, field.Invalid(field.NewPath("status").Child("OpenMode"), "READ WRITE", "pdb "+r.Spec.PDBName+" "+r.Status.OpenMode))
-			}
-		*/
-	case "PLUG":
-		if r.Spec.XMLFileName == "" {
-			*allErrs = append(*allErrs,
-				field.Required(field.NewPath("spec").Child("xmlFileName"), "Please specify XML metadata filename"))
-		}
-		if r.Spec.FileNameConversions == "" {
-			*allErrs = append(*allErrs,
-				field.Required(field.NewPath("spec").Child("fileNameConversions"), "Please specify a value for fileNameConversions. Values can be a filename convert pattern or NONE"))
-		}
-		if r.Spec.SourceFileNameConversions == "" {
-			*allErrs = append(*allErrs,
-				field.Required(field.NewPath("spec").Child("sourceFileNameConversions"), "Please specify a value for sourceFileNameConversions. Values can be a filename convert pattern or NONE"))
-		}
-		if r.Spec.CopyAction == "" {
-			*allErrs = append(*allErrs,
-				field.Required(field.NewPath("spec").Child("copyAction"), "Please specify a value for copyAction. Values can be COPY, NOCOPY or MOVE"))
-		}
-		if *(r.Spec.TDEImport) {
-			r.validateTDEInfo(allErrs)
-		}
-	case "UNPLUG":
-		if r.Spec.XMLFileName == "" {
-			*allErrs = append(*allErrs,
-				field.Required(field.NewPath("spec").Child("xmlFileName"), "Please specify XML metadata filename"))
-		}
-		if *(r.Spec.TDEExport) {
-			r.validateTDEInfo(allErrs)
-		}
-		if r.Status.OpenMode == "READ WRITE" {
-			pdblog.Info("Cannot unplug: pdb is open ")
-			*allErrs = append(*allErrs, field.Invalid(field.NewPath("status").Child("OpenMode"), "READ WRITE", "pdb "+r.Spec.PDBName+" "+r.Status.OpenMode))
-		}
-		r.CheckObjExistence("UNPLUG", allErrs, r)
-	case "MODIFY":
-		if r.Spec.PDBState == "" {
-			*allErrs = append(*allErrs,
-				field.Required(field.NewPath("spec").Child("pdbState"), "Please specify target state of PDB"))
-		}
-		if r.Spec.ModifyOption == "" {
-			*allErrs = append(*allErrs,
-				field.Required(field.NewPath("spec").Child("modifyOption"), "Please specify an option for opening/closing a PDB"))
-		}
-		r.CheckObjExistence("MODIY", allErrs, r)
-	}
-}
-
-// ValidateUpdate implements webhook.Validator so a webhook will be registered for the type
-func (r *PDB) ValidateUpdate(old runtime.Object) (admission.Warnings, error) {
-	pdblog.Info("ValidateUpdate-Validating PDB spec for : " + r.Name)
-
-	isPDBMarkedToBeDeleted := r.GetDeletionTimestamp() != nil
-	if isPDBMarkedToBeDeleted {
-		return nil, nil
-	}
-
-	var allErrs field.ErrorList
-	action := strings.ToUpper(r.Spec.Action)
-
-	// If PDB CR has been created and in Ready state, only allow updates if the "action" value has changed as well
-	if (r.Status.Phase == "Ready") && (r.Status.Action != "MODIFY") && (r.Status.Action != "STATUS") && (r.Status.Action == action) {
-		allErrs = append(allErrs,
-			field.Required(field.NewPath("spec").Child("action"), "New action also needs to be specified after PDB is in Ready state"))
-	} else {
-
-		// Check Common Validations
-		r.validateCommon(&allErrs)
-
-		// Validate required parameters for Action specified
-		r.validateAction(&allErrs)
-
-		// Check TDE requirements
-		if (action != "DELETE") && (action != "MODIFY") && (action != "STATUS") && (*(r.Spec.TDEImport) || *(r.Spec.TDEExport)) {
-			r.validateTDEInfo(&allErrs)
-		}
-	}
-
-	if len(allErrs) == 0 {
-		return nil, nil
-	}
-	return nil, apierrors.NewInvalid(
-		schema.GroupKind{Group: "database.oracle.com", Kind: "PDB"},
-		r.Name, allErrs)
-}
-
-// ValidateDelete implements webhook.Validator so a webhook will be registered for the type
-func (r *PDB) ValidateDelete() (admission.Warnings, error) {
-	pdblog.Info("ValidateDelete-Validating PDB spec for : " + r.Name)
-
-	// TODO(user): fill in your validation logic upon object deletion.
-	return nil, nil
-}
-
-// Validate common specs needed for all PDB Actions
-func (r *PDB) validateCommon(allErrs *field.ErrorList) {
-	pdblog.Info("validateCommon", "name", r.Name)
-
-	if r.Spec.Action == "" {
-		*allErrs = append(*allErrs,
-			field.Required(field.NewPath("spec").Child("action"), "Please specify PDB operation to be performed"))
-	}
-	if r.Spec.CDBResName == "" {
-		*allErrs = append(*allErrs,
-			field.Required(field.NewPath("spec").Child("cdbResName"), "Please specify the name of the CDB Kubernetes resource to use for PDB operations"))
-	}
-	if r.Spec.PDBName == "" {
-		*allErrs = append(*allErrs,
-			field.Required(field.NewPath("spec").Child("pdbName"), "Please specify name of the PDB to be created"))
-	}
-}
-
-// Validate TDE information for Create, Plug and Unplug Actions
-func (r *PDB) validateTDEInfo(allErrs *field.ErrorList) {
-	pdblog.Info("validateTDEInfo", "name", r.Name)
-
-	if reflect.ValueOf(r.Spec.TDEPassword).IsZero() {
-		*allErrs = append(*allErrs,
-			field.Required(field.NewPath("spec").Child("tdePassword"), "Please specify a value for tdePassword."))
-	}
-	if r.Spec.TDEKeystorePath == "" {
-		*allErrs = append(*allErrs,
-			field.Required(field.NewPath("spec").Child("tdeKeystorePath"), "Please specify a value for tdeKeystorePath."))
-	}
-	if reflect.ValueOf(r.Spec.TDESecret).IsZero() {
-		*allErrs = append(*allErrs,
-			field.Required(field.NewPath("spec").Child("tdeSecret"), "Please specify a value for tdeSecret."))
-	}
-
-}
-
-func (r *PDB) CheckObjExistence(action string, allErrs *field.ErrorList, pdb *PDB) {
-	/* BUG 36752465 - lrest operator - open non-existent pdb creates a lrpdb with status failed */
-	pdblog.Info("Action [" + action + "] checkin " + pdb.Spec.PDBName + " existence")
-	if pdb.Status.OpenMode == "" {
-		*allErrs = append(*allErrs, field.NotFound(field.NewPath("Spec").Child("PDBName"), " "+pdb.Spec.PDBName+" does not exist : action "+action+" failure"))
-
-	}
-}
diff --git a/apis/database/v4/shardingdatabase_types.go b/apis/database/v4/shardingdatabase_types.go
index cc01b24d..3b33f64a 100644
--- a/apis/database/v4/shardingdatabase_types.go
+++ b/apis/database/v4/shardingdatabase_types.go
@@ -58,7 +58,7 @@ import (
 type ShardingDatabaseSpec struct {
 	// INSERT ADDITIONAL SPEC FIELDS - desired state of cluster
 	// Important: Run "make" to regenerate code after modifying this file
-	Shard                     []ShardSpec         `json:"shard"`
+	Shard                     []ShardSpec         `json:"shard,omitempty"`
 	Catalog                   []CatalogSpec       `json:"catalog"`                      // The catalogSpes accept all the catalog parameters
 	Gsm                       []GsmSpec           `json:"gsm"`                          // The GsmSpec will accept all the Gsm parameter
 	StorageClass              string              `json:"storageClass,omitempty"`       // Optional Accept storage class name
@@ -95,6 +95,8 @@ type ShardingDatabaseSpec struct {
 	TdeWalletPvcMountLocation string              `json:"tdeWalletPvcMountLocation,omitempty"`
 	DbEdition                 string              `json:"dbEdition,omitempty"`
 	TopicId                   string              `json:"topicId,omitempty"`
+	SrvAccountName            string              `json:"serviceAccountName,omitempty"`
+	ShardInfo                 []ShardingDetails   `json:"shardInfo,omitempty"`
 }
 
 // To understand Metav1.Condition, please refer the link https://pkg.go.dev/k8s.io/apimachinery/pkg/apis/meta/v1
@@ -157,9 +159,9 @@ type ShardingDatabase struct {
 	Status ShardingDatabaseStatus `json:"status,omitempty"`
 }
 
-//+kubebuilder:object:root=true
-
+// +kubebuilder:object:root=true
 // ShardingDatabaseList contains a list of ShardingDatabase
+// +kubebuilder:storageversion
 type ShardingDatabaseList struct {
 	metav1.TypeMeta `json:",inline"`
 	metav1.ListMeta `json:"metadata,omitempty"`
@@ -167,7 +169,6 @@ type ShardingDatabaseList struct {
 }
 
 // ShardSpec is a specification of Shards for an application deployment.
-// +k8s:openapi-gen=true
 type ShardSpec struct {
 	Name            string                       `json:"name"`                                                      // Shard name that will be used deploy StatefulSet
 	StorageSizeInGb int32                        `json:"storageSizeInGb,omitempty"`                                 // Optional Shard Storage Size
@@ -185,26 +186,26 @@ type ShardSpec struct {
 	ShardGroup       string             `json:"shardGroup,omitempty"`
 	ShardRegion      string             `json:"shardRegion,omitempty"`
 	DeployAs         string             `json:"deployAs,omitempty"`
+	ShardConfigData  *ConfigMapData     `json:"shardConfigData,omitempty"`
 }
 
 // CatalogSpec defines the desired state of CatalogSpec
-// +k8s:openapi-gen=true
 type CatalogSpec struct {
-	Name             string                       `json:"name"`                                                      // Catalog name that will be used deploy StatefulSet
-	StorageSizeInGb  int32                        `json:"storageSizeInGb,omitempty"`                                 // Optional Catalog Storage Size and This parameter will not be used if you use PvcName
-	EnvVars          []EnvironmentVariable        `json:"envVars,omitempty"`                                         //Optional Env variables for Catalog
-	Resources        *corev1.ResourceRequirements `json:"resources,omitempty" protobuf:"bytes,1,opt,name=resources"` // Optional resource requirement for the container.
-	PvcName          string                       `json:"pvcName,omitempty"`
-	Label            string                       `json:"label,omitempty"`
-	IsDelete         string                       `json:"isDelete,omitempty"`
-	NodeSelector     map[string]string            `json:"nodeSelector,omitempty"`
-	PvAnnotations    map[string]string            `json:"pvAnnotations,omitempty"`
-	PvMatchLabels    map[string]string            `json:"pvMatchLabels,omitempty"`
-	ImagePulllPolicy *corev1.PullPolicy           `json:"imagePullPolicy,omitempty"`
+	Name              string                       `json:"name"`                                                      // Catalog name that will be used deploy StatefulSet
+	StorageSizeInGb   int32                        `json:"storageSizeInGb,omitempty"`                                 // Optional Catalog Storage Size and This parameter will not be used if you use PvcName
+	EnvVars           []EnvironmentVariable        `json:"envVars,omitempty"`                                         //Optional Env variables for Catalog
+	Resources         *corev1.ResourceRequirements `json:"resources,omitempty" protobuf:"bytes,1,opt,name=resources"` // Optional resource requirement for the container.
+	PvcName           string                       `json:"pvcName,omitempty"`
+	Label             string                       `json:"label,omitempty"`
+	IsDelete          string                       `json:"isDelete,omitempty"`
+	NodeSelector      map[string]string            `json:"nodeSelector,omitempty"`
+	PvAnnotations     map[string]string            `json:"pvAnnotations,omitempty"`
+	PvMatchLabels     map[string]string            `json:"pvMatchLabels,omitempty"`
+	ImagePulllPolicy  *corev1.PullPolicy           `json:"imagePullPolicy,omitempty"`
+	CatalogConfigData *ConfigMapData               `json:"catalogConfigData,omitempty"`
 }
 
 // GsmSpec defines the desired state of GsmSpec
-// +k8s:openapi-gen=true
 type GsmSpec struct {
 	Name string `json:"name"` // Gsm name that will be used deploy StatefulSet
 
@@ -221,10 +222,10 @@ type GsmSpec struct {
 	ImagePulllPolicy *corev1.PullPolicy           `json:"imagePullPolicy,omitempty"`
 	Region           string                       `json:"region,omitempty"`
 	DirectorName     string                       `json:"directorName,omitempty"`
+	GsmConfigData    *ConfigMapData               `json:"gsmConfigData,omitempty"`
 }
 
 // ShardGroupSpec Specification
-
 type GsmShardGroupSpec struct {
 	Name     string `json:"name"` // Name of the shardgroup.
 	Region   string `json:"region,omitempty"`
@@ -270,6 +271,7 @@ type GsmServiceSpec struct {
 	TableFamily          string `json:"tableFamily,omitempty"`
 	Retention            string `json:"retention,omitempty"`
 	TfaPolicy            string `json:"tfaPolicy,omitempty"`
+	RuMode               string `json:"ruMode,omitempty"`
 }
 
 // Secret Details
@@ -283,17 +285,17 @@ type SecretDetails struct {
 	KeyFileMountLocation string `json:"keyFileMountLocation,omitempty"`
 	KeySecretName        string `json:"keySecretName,omitempty"`
 	EncryptionType       string `json:"encryptionType,omitempty"`
+	TdeKeyFileName       string `json:"tdeKeyFileName,omitempty"` // Name of the key.
+	TdePwdFileName       string `json:"tdePwdFileName"`
 }
 
 // EnvironmentVariable represents a named variable accessible for containers.
-// +k8s:openapi-gen=true
 type EnvironmentVariable struct {
 	Name  string `json:"name"`  // Name of the variable. Must be a C_IDENTIFIER.
 	Value string `json:"value"` // Value of the variable, as defined in Kubernetes core API.
 }
 
 // PortMapping is a specification of port mapping for an application deployment.
-// +k8s:openapi-gen=true
 type PortMapping struct {
 	Port       int32           `json:"port"`       // Port that will be exposed on the service.
 	TargetPort int32           `json:"targetPort"` // Docker image port for the application.
@@ -308,6 +310,34 @@ const (
 	ShardingDelLabelFalseValue SfsetLabel = "false"
 )
 
+type ConfigMapData struct {
+	Name      string `json:"name,omitempty"`
+	MountPath string `json:"mountPath,omitempty"`
+}
+
+// Shard structures based on managed Replicas
+type ShardingDetails struct {
+	ShardPreFixName   string      `json:"shardPreFixName"`
+	Shape             string      `json:"shape,omitempty"`
+	Replicas          int32       `json:"replicas,omitempty"`
+	StorageSizeInGb   int32       `json:"storageSizeInGb,omitempty"`
+	ShardGroupDetails *ShardGroup `json:"shardGroupDetails,omitempty"`
+	ShardSpaceDetails *ShardSpace `json:"shardSpaceDetails,omitempty"`
+}
+type ShardGroup struct {
+	ShardGroupName string `json:"shardGroupName,omitempty"`
+	Region         string `json:"region,omitempty"`
+	RepFactor      int    `json:"repFactor,omitempty"`
+	ShardSpace     string `json:"ShardSpace,omitempty"`
+	DeployAs       string `json:"deployAs,omitempty"`
+	IsDelete       string `json:"isDelete,omitempty"`
+}
+type ShardSpace struct {
+	ShardSpaceName string `json:"shardSpaceName,omitempty"`
+	Chunks         int    `json:"Chnuks,omitempty"`
+	ProtectMode    string `json:"protectMode,omitempty"` //Possible Values MAXPROTECTION, MAXAVAILABILITY,MAXPERFORMANCE
+}
+
 type ShardStatusMapKeys string
 
 const (
diff --git a/apis/database/v4/shardingdatabase_webhook.go b/apis/database/v4/shardingdatabase_webhook.go
index 1ac74d08..56922a7b 100644
--- a/apis/database/v4/shardingdatabase_webhook.go
+++ b/apis/database/v4/shardingdatabase_webhook.go
@@ -39,8 +39,12 @@
 package v4
 
 import (
+	"context"
+	"fmt"
+	"strconv"
 	"strings"
 
+	corev1 "k8s.io/api/core/v1"
 	apierrors "k8s.io/apimachinery/pkg/api/errors"
 	"k8s.io/apimachinery/pkg/runtime"
 	"k8s.io/apimachinery/pkg/runtime/schema"
@@ -51,54 +55,100 @@ import (
 	"sigs.k8s.io/controller-runtime/pkg/webhook/admission"
 )
 
+var totalShard int32 = 0
+
 // log is for logging in this package.
 var shardingdatabaselog = logf.Log.WithName("shardingdatabase-resource")
 
 func (r *ShardingDatabase) SetupWebhookWithManager(mgr ctrl.Manager) error {
 	return ctrl.NewWebhookManagedBy(mgr).
-		For(r).
+		For(&ShardingDatabase{}).
+    WithDefaulter(r).
+		WithValidator(r).
 		Complete()
 }
 
+var _ webhook.CustomDefaulter = &ShardingDatabase{}
+
+
 // EDIT THIS FILE!  THIS IS SCAFFOLDING FOR YOU TO OWN!
 
 //+kubebuilder:webhook:path=/mutate-database-oracle-com-v4-shardingdatabase,mutating=true,failurePolicy=fail,sideEffects=none,groups=database.oracle.com,resources=shardingdatabases,verbs=create;update,versions=v4,name=mshardingdatabasev4.kb.io,admissionReviewVersions=v1
 
-var _ webhook.Defaulter = &ShardingDatabase{}
-
 // Default implements webhook.Defaulter so a webhook will be registered for the type
-func (r *ShardingDatabase) Default() {
-	shardingdatabaselog.Info("default", "name", r.Name)
+func (r *ShardingDatabase) Default(ctx context.Context, obj runtime.Object) error {
+
+  cr , ok :=  obj.(*ShardingDatabase)
+
+ if  !ok {
+    return fmt.Errorf("xpected  obj.*ShardingDatabase but got %T", obj)
+ }
+
+	shardingdatabaselog.Info("default", "name", cr.Name)
+
+	var replicas int32
+
 
 	// TODO(user): fill in your defaulting logic.
-	if r.Spec.GsmDevMode != "" {
-		r.Spec.GsmDevMode = "dev"
+	if cr.Spec.GsmDevMode != "" {
+		cr.Spec.GsmDevMode = "dev"
 	}
 
-	if r.Spec.IsTdeWallet == "" {
-		r.Spec.IsTdeWallet = "disable"
+	if cr.Spec.IsTdeWallet == "" {
+		cr.Spec.IsTdeWallet = "disable"
 	}
-	for pindex := range r.Spec.Shard {
-		if strings.ToLower(r.Spec.Shard[pindex].IsDelete) == "" {
-			r.Spec.Shard[pindex].IsDelete = "disable"
+	for pindex := range cr.Spec.Shard {
+		if strings.ToLower(cr.Spec.Shard[pindex].IsDelete) == "" {
+			cr.Spec.Shard[pindex].IsDelete = "disable"
+		}
+	}
+
+	for pindex := range cr.Spec.ShardInfo {
+		if strings.ToLower(cr.Spec.ShardInfo[pindex].ShardGroupDetails.IsDelete) == "" {
+			cr.Spec.ShardInfo[pindex].ShardGroupDetails.IsDelete = "disable"
+		}
+	}
+
+	totalShard = 0
+	for pindex := range cr.Spec.ShardInfo {
+		replicas = 2
+		if cr.Spec.ShardInfo[pindex].Replicas != 0 {
+			replicas = cr.Spec.ShardInfo[pindex].Replicas
 		}
+		totalShard = totalShard + replicas
+	}
+
+	if totalShard > 0 {
+		cr.Spec.Shard = make([]ShardSpec, totalShard)
+		cr.initShardsSpec()
 	}
 
+	return nil
 }
 
 // TODO(user): change verbs to "verbs=create;update;delete" if you want to enable deletion validation.
 //+kubebuilder:webhook:verbs=create;update;delete,path=/validate-database-oracle-com-v4-shardingdatabase,mutating=false,failurePolicy=fail,sideEffects=None,groups=database.oracle.com,resources=shardingdatabases,versions=v4,name=vshardingdatabasev4.kb.io,admissionReviewVersions={v1}
 
-var _ webhook.Validator = &ShardingDatabase{}
+var _ webhook.CustomValidator = &ShardingDatabase{}
 
 // ValidateCreate implements webhook.Validator so a webhook will be registered for the type
-func (r *ShardingDatabase) ValidateCreate() (admission.Warnings, error) {
+func (r *ShardingDatabase) ValidateCreate(ctx context.Context, obj runtime.Object) (admission.Warnings, error) {
 	shardingdatabaselog.Info("validate create", "name", r.Name)
 
 	// TODO(user): fill in your validation logic upon object creation.
 	// Check Secret configuration
 	var validationErr field.ErrorList
 	var validationErrs1 field.ErrorList
+  cr , ok :=  obj.(*ShardingDatabase)
+
+ if  !ok {
+//    return fmt.Errorf("xpected  obj.*ShardingDatabase but got %T", obj)
+    validationErr = append(validationErr,field.Invalid(field.NewPath("obj"),"obj","Expected  obj.*ShardingDatabase."))
+	  return nil, apierrors.NewInvalid(
+	  	schema.GroupKind{Group: "database.oracle.com", Kind: "ShardingDatabase"},
+  		cr.Name, validationErr)
+ }
+
 
 	//namespaces := db.GetWatchNamespaces()
 	//_, containsNamespace := namespaces[r.Namespace]
@@ -109,25 +159,25 @@ func (r *ShardingDatabase) ValidateCreate() (admission.Warnings, error) {
 	//			"Oracle database operator doesn't watch over this namespace"))
 	//}
 
-	if r.Spec.DbSecret == nil {
+	if cr.Spec.DbSecret == nil {
 		validationErr = append(validationErr,
-			field.Invalid(field.NewPath("spec").Child("DbSecret"), r.Spec.DbSecret,
+			field.Invalid(field.NewPath("spec").Child("DbSecret"), cr.Spec.DbSecret,
 				"DbSecret cannot be set to nil"))
 	} else {
-		if len(r.Spec.DbSecret.Name) == 0 {
+		if len(cr.Spec.DbSecret.Name) == 0 {
 			validationErr = append(validationErr,
-				field.Invalid(field.NewPath("spec").Child("DbSecret").Child("Name"), r.Spec.DbSecret.Name,
+				field.Invalid(field.NewPath("spec").Child("DbSecret").Child("Name"), cr.Spec.DbSecret.Name,
 					"Secret name cannot be set empty"))
 		}
-		if len(r.Spec.DbSecret.PwdFileName) == 0 {
+		if len(cr.Spec.DbSecret.PwdFileName) == 0 {
 			validationErr = append(validationErr,
-				field.Invalid(field.NewPath("spec").Child("DbSecret").Child("PwdFileName"), r.Spec.DbSecret.PwdFileName,
+				field.Invalid(field.NewPath("spec").Child("DbSecret").Child("PwdFileName"), cr.Spec.DbSecret.PwdFileName,
 					"Password file name cannot be set empty"))
 		}
-		if strings.ToLower(r.Spec.DbSecret.EncryptionType) != "base64" {
-			if strings.ToLower(r.Spec.DbSecret.KeyFileName) == "" {
+		if strings.ToLower(cr.Spec.DbSecret.EncryptionType) != "base64" {
+			if strings.ToLower(cr.Spec.DbSecret.KeyFileName) == "" {
 				validationErr = append(validationErr,
-					field.Invalid(field.NewPath("spec").Child("DbSecret").Child("KeyFileName"), r.Spec.DbSecret.KeyFileName,
+					field.Invalid(field.NewPath("spec").Child("DbSecret").Child("KeyFileName"), cr.Spec.DbSecret.KeyFileName,
 						"Key file name cannot be empty"))
 			}
 		}
@@ -147,46 +197,55 @@ func (r *ShardingDatabase) ValidateCreate() (admission.Warnings, error) {
 		**/
 	}
 
-	if r.Spec.IsTdeWallet == "enable" {
-		if (len(r.Spec.FssStorageClass) == 0) && (len(r.Spec.TdeWalletPvc) == 0) {
+	if cr.Spec.IsTdeWallet == "enable" {
+		if (len(cr.Spec.FssStorageClass) == 0) && (len(cr.Spec.TdeWalletPvc) == 0) {
 			validationErr = append(validationErr,
-				field.Invalid(field.NewPath("spec").Child("FssStorageClass"), r.Spec.FssStorageClass,
+				field.Invalid(field.NewPath("spec").Child("FssStorageClass"), cr.Spec.FssStorageClass,
 					"FssStorageClass or TdeWalletPvc cannot be set empty if isTdeWallet set to true"))
 
 			validationErr = append(validationErr,
-				field.Invalid(field.NewPath("spec").Child("TdeWalletPvc"), r.Spec.TdeWalletPvc,
+				field.Invalid(field.NewPath("spec").Child("TdeWalletPvc"), cr.Spec.TdeWalletPvc,
 					"FssStorageClass or TdeWalletPvc cannot be set empty if isTdeWallet set to true"))
 		}
 	}
 
-	if r.Spec.IsTdeWallet != "" {
-		if (strings.ToLower(strings.TrimSpace(r.Spec.IsTdeWallet)) != "enable") && (strings.ToLower(strings.TrimSpace(r.Spec.IsTdeWallet)) != "disable") {
+	if cr.Spec.IsTdeWallet != "" {
+		if (strings.ToLower(strings.TrimSpace(cr.Spec.IsTdeWallet)) != "enable") && (strings.ToLower(strings.TrimSpace(cr.Spec.IsTdeWallet)) != "disable") {
 			validationErr = append(validationErr,
-				field.Invalid(field.NewPath("spec").Child("isTdeWallet"), r.Spec.IsTdeWallet,
+				field.Invalid(field.NewPath("spec").Child("isTdeWallet"), cr.Spec.IsTdeWallet,
 					"isTdeWallet can be set to only \"enable\" or \"disable\""))
 		}
 	}
 
-	validationErrs1 = r.validateShardIsDelete()
+	validationErrs1 = cr.validateShardIsDelete()
 	if validationErrs1 != nil {
 		validationErr = append(validationErr, validationErrs1...)
 	}
 
-	validationErrs1 = r.validateFreeEdition()
+	validationErrs1 = cr.validateFreeEdition()
 	if validationErrs1 != nil {
 		validationErr = append(validationErr, validationErrs1...)
 	}
 
-	validationErrs1 = r.validateCatalogName()
+	validationErrs1 = cr.validateCatalogName()
 	if validationErrs1 != nil {
 		validationErr = append(validationErr, validationErrs1...)
 	}
 
-	validationErrs1 = r.validateShardName()
+	//	validationErrs1 = r.validateShardName()
+	//	if validationErrs1 != nil {
+	//		validationErr = append(validationErr, validationErrs1...)
+	//	}
+
+	validationErrs1 = cr.validateShardInfo()
 	if validationErrs1 != nil {
 		validationErr = append(validationErr, validationErrs1...)
 	}
 
+	fmt.Println("TotalShard=[" + strconv.Itoa(int(totalShard)) + "]")
+	fmt.Println("Original shard buffer len=[" + strconv.Itoa(len(cr.Spec.Shard)) + "]")
+	fmt.Println("Original shard buffer capacity=[" + strconv.Itoa(cap(cr.Spec.Shard)) + "]")
+
 	// TODO(user): fill in your validation logic upon object creation.
 	if len(validationErr) == 0 {
 		return nil, nil
@@ -194,11 +253,11 @@ func (r *ShardingDatabase) ValidateCreate() (admission.Warnings, error) {
 
 	return nil, apierrors.NewInvalid(
 		schema.GroupKind{Group: "database.oracle.com", Kind: "ShardingDatabase"},
-		r.Name, validationErr)
+		cr.Name, validationErr)
 }
 
 // ValidateUpdate implements webhook.Validator so a webhook will be registered for the type
-func (r *ShardingDatabase) ValidateUpdate(old runtime.Object) (admission.Warnings, error) {
+func (r *ShardingDatabase) ValidateUpdate(ctx context.Context, old, newObj runtime.Object) (admission.Warnings, error) {
 	shardingdatabaselog.Info("validate update", "name", r.Name)
 
 	// TODO(user): fill in your validation logic upon object update.
@@ -206,7 +265,7 @@ func (r *ShardingDatabase) ValidateUpdate(old runtime.Object) (admission.Warning
 }
 
 // ValidateDelete implements webhook.Validator so a webhook will be registered for the type
-func (r *ShardingDatabase) ValidateDelete() (admission.Warnings, error) {
+func (r *ShardingDatabase) ValidateDelete(ctx context.Context, obj runtime.Object) (admission.Warnings, error) {
 	shardingdatabaselog.Info("validate delete", "name", r.Name)
 
 	// TODO(user): fill in your validation logic upon object deletion.
@@ -312,3 +371,68 @@ func (r *ShardingDatabase) validateCatalogName() field.ErrorList {
 	}
 	return nil
 }
+
+func (r *ShardingDatabase) validateShardInfo() field.ErrorList {
+	var validationErrs field.ErrorList
+	var replicas int32
+
+	totalShard = 0
+	for pindex := range r.Spec.ShardInfo {
+		replicas = 2
+		if r.Spec.ShardInfo[pindex].Replicas != 0 {
+			replicas = r.Spec.ShardInfo[pindex].Replicas
+		} else {
+			r.Spec.ShardInfo[pindex].Replicas = replicas
+		}
+
+		totalShard = totalShard + replicas
+		if r.Spec.ShardInfo[pindex].ShardGroupDetails != nil {
+			if r.Spec.ShardInfo[pindex].ShardGroupDetails.DeployAs == "" {
+				r.Spec.ShardInfo[pindex].ShardGroupDetails.DeployAs = "primary"
+			}
+			if (r.Spec.ShardInfo[pindex].ShardGroupDetails.DeployAs == "primary") && (replicas > 1) {
+				validationErrs = append(validationErrs,
+					field.Invalid(field.NewPath("spec").Child("shardInfo").Child("replicas"), r.Spec.ShardInfo[pindex].Replicas,
+						"Primary++ Shard Group can have only one replicas"))
+			}
+		} else {
+			if replicas > 1 {
+				validationErrs = append(validationErrs,
+					field.Invalid(field.NewPath("spec").Child("shardInfo").Child("replicas"), r.Spec.ShardInfo[pindex].Replicas,
+						"Primary!! Shard Group can have only one replicas"))
+			}
+		}
+	}
+
+	if len(validationErrs) > 0 {
+		return validationErrs
+	}
+	return nil
+}
+
+func (r *ShardingDatabase) initShardsSpec() error {
+	var shardIndex int
+
+	shardIndex = 0
+	for pindex := range r.Spec.ShardInfo {
+		for i := 0; i < int(r.Spec.ShardInfo[pindex].Replicas); i++ {
+			r.Spec.Shard[shardIndex].Name = r.Spec.ShardInfo[pindex].ShardPreFixName + strconv.Itoa(shardIndex+1)
+			r.Spec.Shard[shardIndex].StorageSizeInGb = r.Spec.ShardInfo[pindex].StorageSizeInGb
+			r.Spec.Shard[shardIndex].ShardGroup = r.Spec.ShardInfo[pindex].ShardGroupDetails.ShardGroupName
+			r.Spec.Shard[shardIndex].ShardRegion = r.Spec.ShardInfo[pindex].ShardGroupDetails.Region
+			r.Spec.Shard[shardIndex].DeployAs = r.Spec.ShardInfo[pindex].ShardGroupDetails.DeployAs
+			r.Spec.Shard[shardIndex].IsDelete = r.Spec.ShardInfo[pindex].ShardGroupDetails.IsDelete
+			r.Spec.Shard[shardIndex].ImagePulllPolicy = new(corev1.PullPolicy)
+			*(r.Spec.Shard[shardIndex].ImagePulllPolicy) = corev1.PullPolicy("Always")
+			fmt.Println("ShardName=[" + r.Spec.Shard[shardIndex].Name + "]")
+			if r.Spec.ShardInfo[pindex].ShardSpaceDetails != nil {
+				r.Spec.Shard[shardIndex].ShardSpace = r.Spec.ShardInfo[pindex].ShardSpaceDetails.ShardSpaceName
+			}
+
+			shardIndex++
+		}
+
+	}
+
+	return nil
+}
diff --git a/apis/database/v4/singleinstancedatabase_types.go b/apis/database/v4/singleinstancedatabase_types.go
index 4f4836d7..a8d004c7 100644
--- a/apis/database/v4/singleinstancedatabase_types.go
+++ b/apis/database/v4/singleinstancedatabase_types.go
@@ -193,8 +193,9 @@ type SingleInstanceDatabaseStatus struct {
 	ConvertToSnapshotStandby bool `json:"convertToSnapshotStandby,omitempty"`
 }
 
-//+kubebuilder:object:root=true
-//+kubebuilder:subresource:status
+// +kubebuilder:object:root=true
+// +kubebuilder:resource:shortName=sidb;sidbs
+// +kubebuilder:subresource:status
 // +kubebuilder:subresource:scale:specpath=.spec.replicas,statuspath=.status.replicas
 // +kubebuilder:printcolumn:JSONPath=".status.edition",name="Edition",type="string"
 // +kubebuilder:printcolumn:JSONPath=".status.sid",name="Sid",type="string",priority=1
diff --git a/apis/database/v4/zz_generated.deepcopy.go b/apis/database/v4/zz_generated.deepcopy.go
index 4eb9425d..c69f656a 100644
--- a/apis/database/v4/zz_generated.deepcopy.go
+++ b/apis/database/v4/zz_generated.deepcopy.go
@@ -46,7 +46,6 @@ import (
 	corev1 "k8s.io/api/core/v1"
 	"k8s.io/apimachinery/pkg/apis/meta/v1"
 	"k8s.io/apimachinery/pkg/runtime"
-	timex "time"
 )
 
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
@@ -98,6 +97,70 @@ func (in *AdminpdbUser) DeepCopy() *AdminpdbUser {
 	return out
 }
 
+// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
+func (in *AsmDiskDetails) DeepCopyInto(out *AsmDiskDetails) {
+	*out = *in
+	if in.DisksBySize != nil {
+		in, out := &in.DisksBySize, &out.DisksBySize
+		*out = make([]DiskBySize, len(*in))
+		for i := range *in {
+			(*in)[i].DeepCopyInto(&(*out)[i])
+		}
+	}
+}
+
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AsmDiskDetails.
+func (in *AsmDiskDetails) DeepCopy() *AsmDiskDetails {
+	if in == nil {
+		return nil
+	}
+	out := new(AsmDiskDetails)
+	in.DeepCopyInto(out)
+	return out
+}
+
+// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
+func (in *AsmDiskgroupStatus) DeepCopyInto(out *AsmDiskgroupStatus) {
+	*out = *in
+	if in.Disks != nil {
+		in, out := &in.Disks, &out.Disks
+		*out = make([]string, len(*in))
+		copy(*out, *in)
+	}
+}
+
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AsmDiskgroupStatus.
+func (in *AsmDiskgroupStatus) DeepCopy() *AsmDiskgroupStatus {
+	if in == nil {
+		return nil
+	}
+	out := new(AsmDiskgroupStatus)
+	in.DeepCopyInto(out)
+	return out
+}
+
+// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
+func (in *AsmInstanceStatus) DeepCopyInto(out *AsmInstanceStatus) {
+	*out = *in
+	if in.Diskgroup != nil {
+		in, out := &in.Diskgroup, &out.Diskgroup
+		*out = make([]AsmDiskgroupStatus, len(*in))
+		for i := range *in {
+			(*in)[i].DeepCopyInto(&(*out)[i])
+		}
+	}
+}
+
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AsmInstanceStatus.
+func (in *AsmInstanceStatus) DeepCopy() *AsmInstanceStatus {
+	if in == nil {
+		return nil
+	}
+	out := new(AsmInstanceStatus)
+	in.DeepCopyInto(out)
+	return out
+}
+
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
 func (in *AutonomousContainerDatabase) DeepCopyInto(out *AutonomousContainerDatabase) {
 	*out = *in
@@ -681,6 +744,21 @@ func (in *AutonomousDatabaseStatus) DeepCopy() *AutonomousDatabaseStatus {
 	return out
 }
 
+// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
+func (in *BackupInfo) DeepCopyInto(out *BackupInfo) {
+	*out = *in
+}
+
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new BackupInfo.
+func (in *BackupInfo) DeepCopy() *BackupInfo {
+	if in == nil {
+		return nil
+	}
+	out := new(BackupInfo)
+	in.DeepCopyInto(out)
+	return out
+}
+
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
 func (in *Backupconfig) DeepCopyInto(out *Backupconfig) {
 	*out = *in
@@ -716,239 +794,6 @@ func (in *Backupconfig) DeepCopy() *Backupconfig {
 	return out
 }
 
-// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
-func (in *CDB) DeepCopyInto(out *CDB) {
-	*out = *in
-	out.TypeMeta = in.TypeMeta
-	in.ObjectMeta.DeepCopyInto(&out.ObjectMeta)
-	in.Spec.DeepCopyInto(&out.Spec)
-	out.Status = in.Status
-}
-
-// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CDB.
-func (in *CDB) DeepCopy() *CDB {
-	if in == nil {
-		return nil
-	}
-	out := new(CDB)
-	in.DeepCopyInto(out)
-	return out
-}
-
-// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.
-func (in *CDB) DeepCopyObject() runtime.Object {
-	if c := in.DeepCopy(); c != nil {
-		return c
-	}
-	return nil
-}
-
-// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
-func (in *CDBAdminPassword) DeepCopyInto(out *CDBAdminPassword) {
-	*out = *in
-	out.Secret = in.Secret
-}
-
-// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CDBAdminPassword.
-func (in *CDBAdminPassword) DeepCopy() *CDBAdminPassword {
-	if in == nil {
-		return nil
-	}
-	out := new(CDBAdminPassword)
-	in.DeepCopyInto(out)
-	return out
-}
-
-// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
-func (in *CDBAdminUser) DeepCopyInto(out *CDBAdminUser) {
-	*out = *in
-	out.Secret = in.Secret
-}
-
-// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CDBAdminUser.
-func (in *CDBAdminUser) DeepCopy() *CDBAdminUser {
-	if in == nil {
-		return nil
-	}
-	out := new(CDBAdminUser)
-	in.DeepCopyInto(out)
-	return out
-}
-
-// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
-func (in *CDBList) DeepCopyInto(out *CDBList) {
-	*out = *in
-	out.TypeMeta = in.TypeMeta
-	in.ListMeta.DeepCopyInto(&out.ListMeta)
-	if in.Items != nil {
-		in, out := &in.Items, &out.Items
-		*out = make([]CDB, len(*in))
-		for i := range *in {
-			(*in)[i].DeepCopyInto(&(*out)[i])
-		}
-	}
-}
-
-// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CDBList.
-func (in *CDBList) DeepCopy() *CDBList {
-	if in == nil {
-		return nil
-	}
-	out := new(CDBList)
-	in.DeepCopyInto(out)
-	return out
-}
-
-// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.
-func (in *CDBList) DeepCopyObject() runtime.Object {
-	if c := in.DeepCopy(); c != nil {
-		return c
-	}
-	return nil
-}
-
-// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
-func (in *CDBPRIVKEY) DeepCopyInto(out *CDBPRIVKEY) {
-	*out = *in
-	out.Secret = in.Secret
-}
-
-// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CDBPRIVKEY.
-func (in *CDBPRIVKEY) DeepCopy() *CDBPRIVKEY {
-	if in == nil {
-		return nil
-	}
-	out := new(CDBPRIVKEY)
-	in.DeepCopyInto(out)
-	return out
-}
-
-// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
-func (in *CDBPUBKEY) DeepCopyInto(out *CDBPUBKEY) {
-	*out = *in
-	out.Secret = in.Secret
-}
-
-// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CDBPUBKEY.
-func (in *CDBPUBKEY) DeepCopy() *CDBPUBKEY {
-	if in == nil {
-		return nil
-	}
-	out := new(CDBPUBKEY)
-	in.DeepCopyInto(out)
-	return out
-}
-
-// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
-func (in *CDBSecret) DeepCopyInto(out *CDBSecret) {
-	*out = *in
-}
-
-// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CDBSecret.
-func (in *CDBSecret) DeepCopy() *CDBSecret {
-	if in == nil {
-		return nil
-	}
-	out := new(CDBSecret)
-	in.DeepCopyInto(out)
-	return out
-}
-
-// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
-func (in *CDBSpec) DeepCopyInto(out *CDBSpec) {
-	*out = *in
-	out.SysAdminPwd = in.SysAdminPwd
-	out.CDBAdminUser = in.CDBAdminUser
-	out.CDBAdminPwd = in.CDBAdminPwd
-	out.CDBTlsKey = in.CDBTlsKey
-	out.CDBTlsCrt = in.CDBTlsCrt
-	out.ORDSPwd = in.ORDSPwd
-	out.WebServerUser = in.WebServerUser
-	out.WebServerPwd = in.WebServerPwd
-	if in.NodeSelector != nil {
-		in, out := &in.NodeSelector, &out.NodeSelector
-		*out = make(map[string]string, len(*in))
-		for key, val := range *in {
-			(*out)[key] = val
-		}
-	}
-	out.CDBPubKey = in.CDBPubKey
-	out.CDBPriKey = in.CDBPriKey
-}
-
-// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CDBSpec.
-func (in *CDBSpec) DeepCopy() *CDBSpec {
-	if in == nil {
-		return nil
-	}
-	out := new(CDBSpec)
-	in.DeepCopyInto(out)
-	return out
-}
-
-// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
-func (in *CDBStatus) DeepCopyInto(out *CDBStatus) {
-	*out = *in
-}
-
-// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CDBStatus.
-func (in *CDBStatus) DeepCopy() *CDBStatus {
-	if in == nil {
-		return nil
-	}
-	out := new(CDBStatus)
-	in.DeepCopyInto(out)
-	return out
-}
-
-// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
-func (in *CDBSysAdminPassword) DeepCopyInto(out *CDBSysAdminPassword) {
-	*out = *in
-	out.Secret = in.Secret
-}
-
-// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CDBSysAdminPassword.
-func (in *CDBSysAdminPassword) DeepCopy() *CDBSysAdminPassword {
-	if in == nil {
-		return nil
-	}
-	out := new(CDBSysAdminPassword)
-	in.DeepCopyInto(out)
-	return out
-}
-
-// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
-func (in *CDBTLSCRT) DeepCopyInto(out *CDBTLSCRT) {
-	*out = *in
-	out.Secret = in.Secret
-}
-
-// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CDBTLSCRT.
-func (in *CDBTLSCRT) DeepCopy() *CDBTLSCRT {
-	if in == nil {
-		return nil
-	}
-	out := new(CDBTLSCRT)
-	in.DeepCopyInto(out)
-	return out
-}
-
-// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
-func (in *CDBTLSKEY) DeepCopyInto(out *CDBTLSKEY) {
-	*out = *in
-	out.Secret = in.Secret
-}
-
-// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CDBTLSKEY.
-func (in *CDBTLSKEY) DeepCopy() *CDBTLSKEY {
-	if in == nil {
-		return nil
-	}
-	out := new(CDBTLSKEY)
-	in.DeepCopyInto(out)
-	return out
-}
-
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
 func (in *CatalogSpec) DeepCopyInto(out *CatalogSpec) {
 	*out = *in
@@ -988,6 +833,11 @@ func (in *CatalogSpec) DeepCopyInto(out *CatalogSpec) {
 		*out = new(corev1.PullPolicy)
 		**out = **in
 	}
+	if in.CatalogConfigData != nil {
+		in, out := &in.CatalogConfigData, &out.CatalogConfigData
+		*out = new(ConfigMapData)
+		**out = **in
+	}
 }
 
 // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CatalogSpec.
@@ -1015,6 +865,21 @@ func (in *CertificateSecret) DeepCopy() *CertificateSecret {
 	return out
 }
 
+// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
+func (in *ConfigMapData) DeepCopyInto(out *ConfigMapData) {
+	*out = *in
+}
+
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ConfigMapData.
+func (in *ConfigMapData) DeepCopy() *ConfigMapData {
+	if in == nil {
+		return nil
+	}
+	out := new(ConfigMapData)
+	in.DeepCopyInto(out)
+	return out
+}
+
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
 func (in *ConnectionStringProfile) DeepCopyInto(out *ConnectionStringProfile) {
 	*out = *in
@@ -1066,21 +931,203 @@ func (in *DBWalletSecret) DeepCopy() *DBWalletSecret {
 }
 
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
-func (in *DataguardBroker) DeepCopyInto(out *DataguardBroker) {
+func (in *DataGuardConfig) DeepCopyInto(out *DataGuardConfig) {
 	*out = *in
-	out.TypeMeta = in.TypeMeta
-	in.ObjectMeta.DeepCopyInto(&out.ObjectMeta)
-	in.Spec.DeepCopyInto(&out.Spec)
-	in.Status.DeepCopyInto(&out.Status)
-}
-
-// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new DataguardBroker.
-func (in *DataguardBroker) DeepCopy() *DataguardBroker {
-	if in == nil {
-		return nil
+	if in.ProtectionMode != nil {
+		in, out := &in.ProtectionMode, &out.ProtectionMode
+		*out = new(string)
+		**out = **in
 	}
-	out := new(DataguardBroker)
-	in.DeepCopyInto(out)
+	if in.TransportType != nil {
+		in, out := &in.TransportType, &out.TransportType
+		*out = new(string)
+		**out = **in
+	}
+	if in.PeerRole != nil {
+		in, out := &in.PeerRole, &out.PeerRole
+		*out = new(string)
+		**out = **in
+	}
+	if in.DbAdminPasswordSecret != nil {
+		in, out := &in.DbAdminPasswordSecret, &out.DbAdminPasswordSecret
+		*out = new(string)
+		**out = **in
+	}
+	if in.DbName != nil {
+		in, out := &in.DbName, &out.DbName
+		*out = new(string)
+		**out = **in
+	}
+	if in.HostName != nil {
+		in, out := &in.HostName, &out.HostName
+		*out = new(string)
+		**out = **in
+	}
+	if in.DisplayName != nil {
+		in, out := &in.DisplayName, &out.DisplayName
+		*out = new(string)
+		**out = **in
+	}
+	if in.PeerSidPrefix != nil {
+		in, out := &in.PeerSidPrefix, &out.PeerSidPrefix
+		*out = new(string)
+		**out = **in
+	}
+	if in.PeerDbSystemId != nil {
+		in, out := &in.PeerDbSystemId, &out.PeerDbSystemId
+		*out = new(string)
+		**out = **in
+	}
+	if in.PeerDbHomeId != nil {
+		in, out := &in.PeerDbHomeId, &out.PeerDbHomeId
+		*out = new(string)
+		**out = **in
+	}
+	if in.PrimaryDatabaseId != nil {
+		in, out := &in.PrimaryDatabaseId, &out.PrimaryDatabaseId
+		*out = new(string)
+		**out = **in
+	}
+	if in.AvailabilityDomain != nil {
+		in, out := &in.AvailabilityDomain, &out.AvailabilityDomain
+		*out = new(string)
+		**out = **in
+	}
+	if in.SubnetId != nil {
+		in, out := &in.SubnetId, &out.SubnetId
+		*out = new(string)
+		**out = **in
+	}
+	if in.Shape != nil {
+		in, out := &in.Shape, &out.Shape
+		*out = new(string)
+		**out = **in
+	}
+	if in.DbSystemFreeformTags != nil {
+		in, out := &in.DbSystemFreeformTags, &out.DbSystemFreeformTags
+		*out = make(map[string]string, len(*in))
+		for key, val := range *in {
+			(*out)[key] = val
+		}
+	}
+}
+
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new DataGuardConfig.
+func (in *DataGuardConfig) DeepCopy() *DataGuardConfig {
+	if in == nil {
+		return nil
+	}
+	out := new(DataGuardConfig)
+	in.DeepCopyInto(out)
+	return out
+}
+
+// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
+func (in *DataGuardStatus) DeepCopyInto(out *DataGuardStatus) {
+	*out = *in
+	if in.Id != nil {
+		in, out := &in.Id, &out.Id
+		*out = new(string)
+		**out = **in
+	}
+	if in.PeerDbSystemId != nil {
+		in, out := &in.PeerDbSystemId, &out.PeerDbSystemId
+		*out = new(string)
+		**out = **in
+	}
+	if in.PeerDatabaseId != nil {
+		in, out := &in.PeerDatabaseId, &out.PeerDatabaseId
+		*out = new(string)
+		**out = **in
+	}
+	if in.DbName != nil {
+		in, out := &in.DbName, &out.DbName
+		*out = new(string)
+		**out = **in
+	}
+	if in.PeerDbHomeId != nil {
+		in, out := &in.PeerDbHomeId, &out.PeerDbHomeId
+		*out = new(string)
+		**out = **in
+	}
+	if in.PeerRole != nil {
+		in, out := &in.PeerRole, &out.PeerRole
+		*out = new(string)
+		**out = **in
+	}
+	if in.Shape != nil {
+		in, out := &in.Shape, &out.Shape
+		*out = new(string)
+		**out = **in
+	}
+	if in.SubnetId != nil {
+		in, out := &in.SubnetId, &out.SubnetId
+		*out = new(string)
+		**out = **in
+	}
+	if in.PrimaryDatabaseId != nil {
+		in, out := &in.PrimaryDatabaseId, &out.PrimaryDatabaseId
+		*out = new(string)
+		**out = **in
+	}
+	if in.DbAdminPasswordSecret != nil {
+		in, out := &in.DbAdminPasswordSecret, &out.DbAdminPasswordSecret
+		*out = new(string)
+		**out = **in
+	}
+	if in.TransportType != nil {
+		in, out := &in.TransportType, &out.TransportType
+		*out = new(string)
+		**out = **in
+	}
+	if in.ProtectionMode != nil {
+		in, out := &in.ProtectionMode, &out.ProtectionMode
+		*out = new(string)
+		**out = **in
+	}
+	if in.LifecycleState != nil {
+		in, out := &in.LifecycleState, &out.LifecycleState
+		*out = new(string)
+		**out = **in
+	}
+	if in.PeerDataGuardAssociationId != nil {
+		in, out := &in.PeerDataGuardAssociationId, &out.PeerDataGuardAssociationId
+		*out = new(string)
+		**out = **in
+	}
+	if in.LifecycleDetails != nil {
+		in, out := &in.LifecycleDetails, &out.LifecycleDetails
+		*out = new(string)
+		**out = **in
+	}
+}
+
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new DataGuardStatus.
+func (in *DataGuardStatus) DeepCopy() *DataGuardStatus {
+	if in == nil {
+		return nil
+	}
+	out := new(DataGuardStatus)
+	in.DeepCopyInto(out)
+	return out
+}
+
+// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
+func (in *DataguardBroker) DeepCopyInto(out *DataguardBroker) {
+	*out = *in
+	out.TypeMeta = in.TypeMeta
+	in.ObjectMeta.DeepCopyInto(&out.ObjectMeta)
+	in.Spec.DeepCopyInto(&out.Spec)
+	in.Status.DeepCopyInto(&out.Status)
+}
+
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new DataguardBroker.
+func (in *DataguardBroker) DeepCopy() *DataguardBroker {
+	if in == nil {
+		return nil
+	}
+	out := new(DataguardBroker)
+	in.DeepCopyInto(out)
 	return out
 }
 
@@ -1270,8 +1317,21 @@ func (in *DbSystemDetails) DeepCopyInto(out *DbSystemDetails) {
 			(*out)[key] = val
 		}
 	}
-	in.DbBackupConfig.DeepCopyInto(&out.DbBackupConfig)
-	out.KMSConfig = in.KMSConfig
+	if in.DbBackupConfig != nil {
+		in, out := &in.DbBackupConfig, &out.DbBackupConfig
+		*out = new(Backupconfig)
+		(*in).DeepCopyInto(*out)
+	}
+	if in.KMSConfig != nil {
+		in, out := &in.KMSConfig, &out.KMSConfig
+		*out = new(KMSConfig)
+		**out = **in
+	}
+	if in.RestoreConfig != nil {
+		in, out := &in.RestoreConfig, &out.RestoreConfig
+		*out = new(RestoreConfig)
+		(*in).DeepCopyInto(*out)
+	}
 }
 
 // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new DbSystemDetails.
@@ -1371,7 +1431,11 @@ func (in *DbcsSystemList) DeepCopyObject() runtime.Object {
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
 func (in *DbcsSystemSpec) DeepCopyInto(out *DbcsSystemSpec) {
 	*out = *in
-	in.DbSystem.DeepCopyInto(&out.DbSystem)
+	if in.DbSystem != nil {
+		in, out := &in.DbSystem, &out.DbSystem
+		*out = new(DbSystemDetails)
+		(*in).DeepCopyInto(*out)
+	}
 	if in.Id != nil {
 		in, out := &in.Id, &out.Id
 		*out = new(string)
@@ -1409,7 +1473,12 @@ func (in *DbcsSystemSpec) DeepCopyInto(out *DbcsSystemSpec) {
 		*out = new(string)
 		**out = **in
 	}
-	out.KMSConfig = in.KMSConfig
+	if in.KMSConfig != nil {
+		in, out := &in.KMSConfig, &out.KMSConfig
+		*out = new(KMSConfig)
+		**out = **in
+	}
+	in.DataGuard.DeepCopyInto(&out.DataGuard)
 }
 
 // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new DbcsSystemSpec.
@@ -1474,6 +1543,16 @@ func (in *DbcsSystemStatus) DeepCopyInto(out *DbcsSystemStatus) {
 			(*in)[i].DeepCopyInto(&(*out)[i])
 		}
 	}
+	if in.DataGuardStatus != nil {
+		in, out := &in.DataGuardStatus, &out.DataGuardStatus
+		*out = new(DataGuardStatus)
+		(*in).DeepCopyInto(*out)
+	}
+	if in.Backups != nil {
+		in, out := &in.Backups, &out.Backups
+		*out = make([]BackupInfo, len(*in))
+		copy(*out, *in)
+	}
 }
 
 // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new DbcsSystemStatus.
@@ -1486,6 +1565,26 @@ func (in *DbcsSystemStatus) DeepCopy() *DbcsSystemStatus {
 	return out
 }
 
+// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
+func (in *DiskBySize) DeepCopyInto(out *DiskBySize) {
+	*out = *in
+	if in.DiskNames != nil {
+		in, out := &in.DiskNames, &out.DiskNames
+		*out = make([]string, len(*in))
+		copy(*out, *in)
+	}
+}
+
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new DiskBySize.
+func (in *DiskBySize) DeepCopy() *DiskBySize {
+	if in == nil {
+		return nil
+	}
+	out := new(DiskBySize)
+	in.DeepCopyInto(out)
+	return out
+}
+
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
 func (in *EnvironmentVariable) DeepCopyInto(out *EnvironmentVariable) {
 	*out = *in
@@ -1509,21 +1608,6 @@ func (in *GlobalSettings) DeepCopyInto(out *GlobalSettings) {
 		*out = new(bool)
 		**out = **in
 	}
-	if in.CacheMetadataGraphQLExpireAfterAccess != nil {
-		in, out := &in.CacheMetadataGraphQLExpireAfterAccess, &out.CacheMetadataGraphQLExpireAfterAccess
-		*out = new(timex.Duration)
-		**out = **in
-	}
-	if in.CacheMetadataGraphQLExpireAfterWrite != nil {
-		in, out := &in.CacheMetadataGraphQLExpireAfterWrite, &out.CacheMetadataGraphQLExpireAfterWrite
-		*out = new(timex.Duration)
-		**out = **in
-	}
-	if in.CacheMetadataTimeout != nil {
-		in, out := &in.CacheMetadataTimeout, &out.CacheMetadataTimeout
-		*out = new(timex.Duration)
-		**out = **in
-	}
 	if in.CacheMetadataJWKSEnabled != nil {
 		in, out := &in.CacheMetadataJWKSEnabled, &out.CacheMetadataJWKSEnabled
 		*out = new(bool)
@@ -1539,16 +1623,6 @@ func (in *GlobalSettings) DeepCopyInto(out *GlobalSettings) {
 		*out = new(int32)
 		**out = **in
 	}
-	if in.CacheMetadataJWKSExpireAfterAccess != nil {
-		in, out := &in.CacheMetadataJWKSExpireAfterAccess, &out.CacheMetadataJWKSExpireAfterAccess
-		*out = new(timex.Duration)
-		**out = **in
-	}
-	if in.CacheMetadataJWKSExpireAfterWrite != nil {
-		in, out := &in.CacheMetadataJWKSExpireAfterWrite, &out.CacheMetadataJWKSExpireAfterWrite
-		*out = new(timex.Duration)
-		**out = **in
-	}
 	if in.DatabaseAPIEnabled != nil {
 		in, out := &in.DatabaseAPIEnabled, &out.DatabaseAPIEnabled
 		*out = new(bool)
@@ -1559,11 +1633,6 @@ func (in *GlobalSettings) DeepCopyInto(out *GlobalSettings) {
 		*out = new(bool)
 		**out = **in
 	}
-	if in.DBInvalidPoolTimeout != nil {
-		in, out := &in.DBInvalidPoolTimeout, &out.DBInvalidPoolTimeout
-		*out = new(timex.Duration)
-		**out = **in
-	}
 	if in.FeatureGraphQLMaxNestingDepth != nil {
 		in, out := &in.FeatureGraphQLMaxNestingDepth, &out.FeatureGraphQLMaxNestingDepth
 		*out = new(int32)
@@ -1574,11 +1643,6 @@ func (in *GlobalSettings) DeepCopyInto(out *GlobalSettings) {
 		*out = new(int32)
 		**out = **in
 	}
-	if in.SecurityCredentialsLockTime != nil {
-		in, out := &in.SecurityCredentialsLockTime, &out.SecurityCredentialsLockTime
-		*out = new(timex.Duration)
-		**out = **in
-	}
 	if in.StandaloneHTTPPort != nil {
 		in, out := &in.StandaloneHTTPPort, &out.StandaloneHTTPPort
 		*out = new(int32)
@@ -1589,11 +1653,6 @@ func (in *GlobalSettings) DeepCopyInto(out *GlobalSettings) {
 		*out = new(int32)
 		**out = **in
 	}
-	if in.StandaloneStopTimeout != nil {
-		in, out := &in.StandaloneStopTimeout, &out.StandaloneStopTimeout
-		*out = new(timex.Duration)
-		**out = **in
-	}
 	if in.DebugPrintDebugToScreen != nil {
 		in, out := &in.DebugPrintDebugToScreen, &out.DebugPrintDebugToScreen
 		*out = new(bool)
@@ -1614,16 +1673,6 @@ func (in *GlobalSettings) DeepCopyInto(out *GlobalSettings) {
 		*out = new(int32)
 		**out = **in
 	}
-	if in.MongoIdleTimeout != nil {
-		in, out := &in.MongoIdleTimeout, &out.MongoIdleTimeout
-		*out = new(timex.Duration)
-		**out = **in
-	}
-	if in.MongoOpTimeout != nil {
-		in, out := &in.MongoOpTimeout, &out.MongoOpTimeout
-		*out = new(timex.Duration)
-		**out = **in
-	}
 	if in.SecurityDisableDefaultExclusionList != nil {
 		in, out := &in.SecurityDisableDefaultExclusionList, &out.SecurityDisableDefaultExclusionList
 		*out = new(bool)
@@ -1639,6 +1688,7 @@ func (in *GlobalSettings) DeepCopyInto(out *GlobalSettings) {
 		*out = new(bool)
 		**out = **in
 	}
+	out.APEXInstallationPersistence = in.APEXInstallationPersistence
 	if in.CertSecret != nil {
 		in, out := &in.CertSecret, &out.CertSecret
 		*out = new(CertificateSecret)
@@ -1755,6 +1805,11 @@ func (in *GsmSpec) DeepCopyInto(out *GsmSpec) {
 		*out = new(corev1.PullPolicy)
 		**out = **in
 	}
+	if in.GsmConfigData != nil {
+		in, out := &in.GsmConfigData, &out.GsmConfigData
+		*out = new(ConfigMapData)
+		**out = **in
+	}
 }
 
 // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new GsmSpec.
@@ -1812,7 +1867,24 @@ func (in *GsmStatusDetails) DeepCopy() *GsmStatusDetails {
 }
 
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
-func (in *K8sADBBackupSpec) DeepCopyInto(out *K8sADBBackupSpec) {
+func (in *InitParams) DeepCopyInto(out *InitParams) {
+	*out = *in
+	out.GridResponseFile = in.GridResponseFile
+	out.DbResponseFile = in.DbResponseFile
+}
+
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new InitParams.
+func (in *InitParams) DeepCopy() *InitParams {
+	if in == nil {
+		return nil
+	}
+	out := new(InitParams)
+	in.DeepCopyInto(out)
+	return out
+}
+
+// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
+func (in *K8sAcdSpec) DeepCopyInto(out *K8sAcdSpec) {
 	*out = *in
 	if in.Name != nil {
 		in, out := &in.Name, &out.Name
@@ -1821,18 +1893,18 @@ func (in *K8sADBBackupSpec) DeepCopyInto(out *K8sADBBackupSpec) {
 	}
 }
 
-// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new K8sADBBackupSpec.
-func (in *K8sADBBackupSpec) DeepCopy() *K8sADBBackupSpec {
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new K8sAcdSpec.
+func (in *K8sAcdSpec) DeepCopy() *K8sAcdSpec {
 	if in == nil {
 		return nil
 	}
-	out := new(K8sADBBackupSpec)
+	out := new(K8sAcdSpec)
 	in.DeepCopyInto(out)
 	return out
 }
 
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
-func (in *K8sAcdSpec) DeepCopyInto(out *K8sAcdSpec) {
+func (in *K8sAdbBackupSpec) DeepCopyInto(out *K8sAdbBackupSpec) {
 	*out = *in
 	if in.Name != nil {
 		in, out := &in.Name, &out.Name
@@ -1841,12 +1913,12 @@ func (in *K8sAcdSpec) DeepCopyInto(out *K8sAcdSpec) {
 	}
 }
 
-// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new K8sAcdSpec.
-func (in *K8sAcdSpec) DeepCopy() *K8sAcdSpec {
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new K8sAdbBackupSpec.
+func (in *K8sAdbBackupSpec) DeepCopy() *K8sAdbBackupSpec {
 	if in == nil {
 		return nil
 	}
-	out := new(K8sAcdSpec)
+	out := new(K8sAdbBackupSpec)
 	in.DeepCopyInto(out)
 	return out
 }
@@ -2085,6 +2157,7 @@ func (in *LRESTSpec) DeepCopyInto(out *LRESTSpec) {
 	out.LRESTTlsCrt = in.LRESTTlsCrt
 	out.LRESTPubKey = in.LRESTPubKey
 	out.LRESTPriKey = in.LRESTPriKey
+	out.LRESTTlsCat = in.LRESTTlsCat
 	out.LRESTPwd = in.LRESTPwd
 	out.WebLrestServerUser = in.WebLrestServerUser
 	out.WebLrestServerPwd = in.WebLrestServerPwd
@@ -2444,22 +2517,6 @@ func (in *LTDESecret) DeepCopy() *LTDESecret {
 	return out
 }
 
-// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
-func (in *ORDSPassword) DeepCopyInto(out *ORDSPassword) {
-	*out = *in
-	out.Secret = in.Secret
-}
-
-// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ORDSPassword.
-func (in *ORDSPassword) DeepCopy() *ORDSPassword {
-	if in == nil {
-		return nil
-	}
-	out := new(ORDSPassword)
-	in.DeepCopyInto(out)
-	return out
-}
-
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
 func (in *OciAcdSpec) DeepCopyInto(out *OciAcdSpec) {
 	*out = *in
@@ -2483,8 +2540,8 @@ func (in *OciAcdSpec) DeepCopy() *OciAcdSpec {
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
 func (in *OciAdbSpec) DeepCopyInto(out *OciAdbSpec) {
 	*out = *in
-	if in.OCID != nil {
-		in, out := &in.OCID, &out.OCID
+	if in.Id != nil {
+		in, out := &in.Id, &out.Id
 		*out = new(string)
 		**out = **in
 	}
@@ -2729,7 +2786,7 @@ func (in *OracleRestDataServiceStatus) DeepCopy() *OracleRestDataServiceStatus {
 }
 
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
-func (in *OrdsSrvs) DeepCopyInto(out *OrdsSrvs) {
+func (in *OracleRestart) DeepCopyInto(out *OracleRestart) {
 	*out = *in
 	out.TypeMeta = in.TypeMeta
 	in.ObjectMeta.DeepCopyInto(&out.ObjectMeta)
@@ -2737,18 +2794,18 @@ func (in *OrdsSrvs) DeepCopyInto(out *OrdsSrvs) {
 	in.Status.DeepCopyInto(&out.Status)
 }
 
-// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new OrdsSrvs.
-func (in *OrdsSrvs) DeepCopy() *OrdsSrvs {
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new OracleRestart.
+func (in *OracleRestart) DeepCopy() *OracleRestart {
 	if in == nil {
 		return nil
 	}
-	out := new(OrdsSrvs)
+	out := new(OracleRestart)
 	in.DeepCopyInto(out)
 	return out
 }
 
 // DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.
-func (in *OrdsSrvs) DeepCopyObject() runtime.Object {
+func (in *OracleRestart) DeepCopyObject() runtime.Object {
 	if c := in.DeepCopy(); c != nil {
 		return c
 	}
@@ -2756,293 +2813,423 @@ func (in *OrdsSrvs) DeepCopyObject() runtime.Object {
 }
 
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
-func (in *OrdsSrvsList) DeepCopyInto(out *OrdsSrvsList) {
+func (in *OracleRestartDbPwdSecretDetails) DeepCopyInto(out *OracleRestartDbPwdSecretDetails) {
 	*out = *in
-	out.TypeMeta = in.TypeMeta
-	in.ListMeta.DeepCopyInto(&out.ListMeta)
-	if in.Items != nil {
-		in, out := &in.Items, &out.Items
-		*out = make([]OrdsSrvs, len(*in))
-		for i := range *in {
-			(*in)[i].DeepCopyInto(&(*out)[i])
-		}
-	}
 }
 
-// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new OrdsSrvsList.
-func (in *OrdsSrvsList) DeepCopy() *OrdsSrvsList {
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new OracleRestartDbPwdSecretDetails.
+func (in *OracleRestartDbPwdSecretDetails) DeepCopy() *OracleRestartDbPwdSecretDetails {
 	if in == nil {
 		return nil
 	}
-	out := new(OrdsSrvsList)
+	out := new(OracleRestartDbPwdSecretDetails)
 	in.DeepCopyInto(out)
 	return out
 }
 
-// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.
-func (in *OrdsSrvsList) DeepCopyObject() runtime.Object {
-	if c := in.DeepCopy(); c != nil {
-		return c
-	}
-	return nil
-}
-
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
-func (in *OrdsSrvsSpec) DeepCopyInto(out *OrdsSrvsSpec) {
+func (in *OracleRestartInstDetailSpec) DeepCopyInto(out *OracleRestartInstDetailSpec) {
 	*out = *in
-	in.GlobalSettings.DeepCopyInto(&out.GlobalSettings)
-	out.EncPrivKey = in.EncPrivKey
-	if in.PoolSettings != nil {
-		in, out := &in.PoolSettings, &out.PoolSettings
-		*out = make([]*PoolSettings, len(*in))
+	if in.WorkerNode != nil {
+		in, out := &in.WorkerNode, &out.WorkerNode
+		*out = make([]string, len(*in))
+		copy(*out, *in)
+	}
+	if in.EnvVars != nil {
+		in, out := &in.EnvVars, &out.EnvVars
+		*out = make([]corev1.EnvVar, len(*in))
 		for i := range *in {
-			if (*in)[i] != nil {
-				in, out := &(*in)[i], &(*out)[i]
-				*out = new(PoolSettings)
-				(*in).DeepCopyInto(*out)
-			}
+			(*in)[i].DeepCopyInto(&(*out)[i])
+		}
+	}
+	if in.PvcName != nil {
+		in, out := &in.PvcName, &out.PvcName
+		*out = make(map[string]string, len(*in))
+		for key, val := range *in {
+			(*out)[key] = val
 		}
 	}
 }
 
-// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new OrdsSrvsSpec.
-func (in *OrdsSrvsSpec) DeepCopy() *OrdsSrvsSpec {
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new OracleRestartInstDetailSpec.
+func (in *OracleRestartInstDetailSpec) DeepCopy() *OracleRestartInstDetailSpec {
 	if in == nil {
 		return nil
 	}
-	out := new(OrdsSrvsSpec)
+	out := new(OracleRestartInstDetailSpec)
 	in.DeepCopyInto(out)
 	return out
 }
 
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
-func (in *OrdsSrvsStatus) DeepCopyInto(out *OrdsSrvsStatus) {
+func (in *OracleRestartList) DeepCopyInto(out *OracleRestartList) {
 	*out = *in
-	if in.HTTPPort != nil {
-		in, out := &in.HTTPPort, &out.HTTPPort
-		*out = new(int32)
-		**out = **in
-	}
-	if in.HTTPSPort != nil {
-		in, out := &in.HTTPSPort, &out.HTTPSPort
-		*out = new(int32)
-		**out = **in
-	}
-	if in.Conditions != nil {
-		in, out := &in.Conditions, &out.Conditions
-		*out = make([]v1.Condition, len(*in))
+	out.TypeMeta = in.TypeMeta
+	in.ListMeta.DeepCopyInto(&out.ListMeta)
+	if in.Items != nil {
+		in, out := &in.Items, &out.Items
+		*out = make([]OracleRestart, len(*in))
 		for i := range *in {
 			(*in)[i].DeepCopyInto(&(*out)[i])
 		}
 	}
 }
 
-// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new OrdsSrvsStatus.
-func (in *OrdsSrvsStatus) DeepCopy() *OrdsSrvsStatus {
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new OracleRestartList.
+func (in *OracleRestartList) DeepCopy() *OracleRestartList {
 	if in == nil {
 		return nil
 	}
-	out := new(OrdsSrvsStatus)
+	out := new(OracleRestartList)
 	in.DeepCopyInto(out)
 	return out
 }
 
+// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.
+func (in *OracleRestartList) DeepCopyObject() runtime.Object {
+	if c := in.DeepCopy(); c != nil {
+		return c
+	}
+	return nil
+}
+
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
-func (in *PDB) DeepCopyInto(out *PDB) {
+func (in *OracleRestartNodeDetailedStatus) DeepCopyInto(out *OracleRestartNodeDetailedStatus) {
 	*out = *in
-	out.TypeMeta = in.TypeMeta
-	in.ObjectMeta.DeepCopyInto(&out.ObjectMeta)
-	in.Spec.DeepCopyInto(&out.Spec)
-	out.Status = in.Status
+	if in.PvcName != nil {
+		in, out := &in.PvcName, &out.PvcName
+		*out = make(map[string]string, len(*in))
+		for key, val := range *in {
+			(*out)[key] = val
+		}
+	}
+	if in.NodePortSvc != nil {
+		in, out := &in.NodePortSvc, &out.NodePortSvc
+		*out = make([]OracleRestartNodePortSvc, len(*in))
+		for i := range *in {
+			(*in)[i].DeepCopyInto(&(*out)[i])
+		}
+	}
+	if in.PortMappings != nil {
+		in, out := &in.PortMappings, &out.PortMappings
+		*out = make([]OracleRestartPortMapping, len(*in))
+		copy(*out, *in)
+	}
+	if in.MountedDevices != nil {
+		in, out := &in.MountedDevices, &out.MountedDevices
+		*out = make([]string, len(*in))
+		copy(*out, *in)
+	}
 }
 
-// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PDB.
-func (in *PDB) DeepCopy() *PDB {
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new OracleRestartNodeDetailedStatus.
+func (in *OracleRestartNodeDetailedStatus) DeepCopy() *OracleRestartNodeDetailedStatus {
 	if in == nil {
 		return nil
 	}
-	out := new(PDB)
+	out := new(OracleRestartNodeDetailedStatus)
 	in.DeepCopyInto(out)
 	return out
 }
 
-// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.
-func (in *PDB) DeepCopyObject() runtime.Object {
-	if c := in.DeepCopy(); c != nil {
-		return c
+// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
+func (in *OracleRestartNodePortSvc) DeepCopyInto(out *OracleRestartNodePortSvc) {
+	*out = *in
+	if in.PortMappings != nil {
+		in, out := &in.PortMappings, &out.PortMappings
+		*out = make([]OracleRestartPortMapping, len(*in))
+		copy(*out, *in)
 	}
-	return nil
+	if in.SvcAnnotation != nil {
+		in, out := &in.SvcAnnotation, &out.SvcAnnotation
+		*out = make(map[string]string, len(*in))
+		for key, val := range *in {
+			(*out)[key] = val
+		}
+	}
+	if in.OnsTargetPort != nil {
+		in, out := &in.OnsTargetPort, &out.OnsTargetPort
+		*out = new(int32)
+		**out = **in
+	}
+	if in.OnsLocalPort != nil {
+		in, out := &in.OnsLocalPort, &out.OnsLocalPort
+		*out = new(int32)
+		**out = **in
+	}
+}
+
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new OracleRestartNodePortSvc.
+func (in *OracleRestartNodePortSvc) DeepCopy() *OracleRestartNodePortSvc {
+	if in == nil {
+		return nil
+	}
+	out := new(OracleRestartNodePortSvc)
+	in.DeepCopyInto(out)
+	return out
 }
 
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
-func (in *PDBAdminName) DeepCopyInto(out *PDBAdminName) {
+func (in *OracleRestartNodestatus) DeepCopyInto(out *OracleRestartNodestatus) {
 	*out = *in
-	out.Secret = in.Secret
+	if in.NodeDetails != nil {
+		in, out := &in.NodeDetails, &out.NodeDetails
+		*out = new(OracleRestartNodeDetailedStatus)
+		(*in).DeepCopyInto(*out)
+	}
 }
 
-// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PDBAdminName.
-func (in *PDBAdminName) DeepCopy() *PDBAdminName {
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new OracleRestartNodestatus.
+func (in *OracleRestartNodestatus) DeepCopy() *OracleRestartNodestatus {
 	if in == nil {
 		return nil
 	}
-	out := new(PDBAdminName)
+	out := new(OracleRestartNodestatus)
 	in.DeepCopyInto(out)
 	return out
 }
 
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
-func (in *PDBAdminPassword) DeepCopyInto(out *PDBAdminPassword) {
+func (in *OracleRestartPortMapping) DeepCopyInto(out *OracleRestartPortMapping) {
 	*out = *in
-	out.Secret = in.Secret
 }
 
-// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PDBAdminPassword.
-func (in *PDBAdminPassword) DeepCopy() *PDBAdminPassword {
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new OracleRestartPortMapping.
+func (in *OracleRestartPortMapping) DeepCopy() *OracleRestartPortMapping {
 	if in == nil {
 		return nil
 	}
-	out := new(PDBAdminPassword)
+	out := new(OracleRestartPortMapping)
 	in.DeepCopyInto(out)
 	return out
 }
 
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
-func (in *PDBConfig) DeepCopyInto(out *PDBConfig) {
+func (in *OracleRestartSpec) DeepCopyInto(out *OracleRestartSpec) {
 	*out = *in
-	if in.PdbName != nil {
-		in, out := &in.PdbName, &out.PdbName
-		*out = new(string)
+	in.InstDetails.DeepCopyInto(&out.InstDetails)
+	if in.ConfigParams != nil {
+		in, out := &in.ConfigParams, &out.ConfigParams
+		*out = new(InitParams)
 		**out = **in
 	}
-	if in.PdbAdminPassword != nil {
-		in, out := &in.PdbAdminPassword, &out.PdbAdminPassword
-		*out = new(string)
-		**out = **in
+	if in.AsmStorageDetails != nil {
+		in, out := &in.AsmStorageDetails, &out.AsmStorageDetails
+		*out = new(AsmDiskDetails)
+		(*in).DeepCopyInto(*out)
 	}
-	if in.TdeWalletPassword != nil {
-		in, out := &in.TdeWalletPassword, &out.TdeWalletPassword
-		*out = new(string)
+	if in.SshKeySecret != nil {
+		in, out := &in.SshKeySecret, &out.SshKeySecret
+		*out = new(OracleRestartSshSecretDetails)
 		**out = **in
 	}
-	if in.ShouldPdbAdminAccountBeLocked != nil {
-		in, out := &in.ShouldPdbAdminAccountBeLocked, &out.ShouldPdbAdminAccountBeLocked
-		*out = new(bool)
+	if in.ImagePullPolicy != nil {
+		in, out := &in.ImagePullPolicy, &out.ImagePullPolicy
+		*out = new(corev1.PullPolicy)
 		**out = **in
 	}
-	if in.FreeformTags != nil {
-		in, out := &in.FreeformTags, &out.FreeformTags
-		*out = make(map[string]string, len(*in))
-		for key, val := range *in {
-			(*out)[key] = val
-		}
+	if in.ReadinessProbe != nil {
+		in, out := &in.ReadinessProbe, &out.ReadinessProbe
+		*out = new(corev1.Probe)
+		(*in).DeepCopyInto(*out)
 	}
-	if in.IsDelete != nil {
-		in, out := &in.IsDelete, &out.IsDelete
-		*out = new(bool)
+	if in.SecurityContext != nil {
+		in, out := &in.SecurityContext, &out.SecurityContext
+		*out = new(corev1.PodSecurityContext)
+		(*in).DeepCopyInto(*out)
+	}
+	if in.DbSecret != nil {
+		in, out := &in.DbSecret, &out.DbSecret
+		*out = new(OracleRestartDbPwdSecretDetails)
 		**out = **in
 	}
-	if in.PluggableDatabaseId != nil {
-		in, out := &in.PluggableDatabaseId, &out.PluggableDatabaseId
-		*out = new(string)
+	if in.TdeWalletSecret != nil {
+		in, out := &in.TdeWalletSecret, &out.TdeWalletSecret
+		*out = new(OracleRestartDbPwdSecretDetails)
 		**out = **in
 	}
+	in.ServiceDetails.DeepCopyInto(&out.ServiceDetails)
+	if in.Resources != nil {
+		in, out := &in.Resources, &out.Resources
+		*out = new(corev1.ResourceRequirements)
+		(*in).DeepCopyInto(*out)
+	}
+	in.LbService.DeepCopyInto(&out.LbService)
+	in.NodePortSvc.DeepCopyInto(&out.NodePortSvc)
 }
 
-// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PDBConfig.
-func (in *PDBConfig) DeepCopy() *PDBConfig {
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new OracleRestartSpec.
+func (in *OracleRestartSpec) DeepCopy() *OracleRestartSpec {
 	if in == nil {
 		return nil
 	}
-	out := new(PDBConfig)
+	out := new(OracleRestartSpec)
 	in.DeepCopyInto(out)
 	return out
 }
 
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
-func (in *PDBConfigStatus) DeepCopyInto(out *PDBConfigStatus) {
+func (in *OracleRestartSshSecretDetails) DeepCopyInto(out *OracleRestartSshSecretDetails) {
 	*out = *in
-	if in.PdbName != nil {
-		in, out := &in.PdbName, &out.PdbName
-		*out = new(string)
+}
+
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new OracleRestartSshSecretDetails.
+func (in *OracleRestartSshSecretDetails) DeepCopy() *OracleRestartSshSecretDetails {
+	if in == nil {
+		return nil
+	}
+	out := new(OracleRestartSshSecretDetails)
+	in.DeepCopyInto(out)
+	return out
+}
+
+// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
+func (in *OracleRestartStatus) DeepCopyInto(out *OracleRestartStatus) {
+	*out = *in
+	if in.OracleRestartNodes != nil {
+		in, out := &in.OracleRestartNodes, &out.OracleRestartNodes
+		*out = make([]*OracleRestartNodestatus, len(*in))
+		for i := range *in {
+			if (*in)[i] != nil {
+				in, out := &(*in)[i], &(*out)[i]
+				*out = new(OracleRestartNodestatus)
+				(*in).DeepCopyInto(*out)
+			}
+		}
+	}
+	if in.Conditions != nil {
+		in, out := &in.Conditions, &out.Conditions
+		*out = make([]v1.Condition, len(*in))
+		for i := range *in {
+			(*in)[i].DeepCopyInto(&(*out)[i])
+		}
+	}
+	if in.InstDetails != nil {
+		in, out := &in.InstDetails, &out.InstDetails
+		*out = new(OracleRestartInstDetailSpec)
+		(*in).DeepCopyInto(*out)
+	}
+	if in.ConfigParams != nil {
+		in, out := &in.ConfigParams, &out.ConfigParams
+		*out = new(InitParams)
 		**out = **in
 	}
-	if in.ShouldPdbAdminAccountBeLocked != nil {
-		in, out := &in.ShouldPdbAdminAccountBeLocked, &out.ShouldPdbAdminAccountBeLocked
-		*out = new(bool)
+	if in.AsmDetails != nil {
+		in, out := &in.AsmDetails, &out.AsmDetails
+		*out = new(AsmInstanceStatus)
+		(*in).DeepCopyInto(*out)
+	}
+	if in.NfsStorageDetails != nil {
+		in, out := &in.NfsStorageDetails, &out.NfsStorageDetails
+		*out = new(corev1.NFSVolumeSource)
 		**out = **in
 	}
-	if in.FreeformTags != nil {
-		in, out := &in.FreeformTags, &out.FreeformTags
-		*out = make(map[string]string, len(*in))
-		for key, val := range *in {
-			(*out)[key] = val
-		}
+	if in.SshKeySecret != nil {
+		in, out := &in.SshKeySecret, &out.SshKeySecret
+		*out = new(OracleRestartSshSecretDetails)
+		**out = **in
 	}
-	if in.PluggableDatabaseId != nil {
-		in, out := &in.PluggableDatabaseId, &out.PluggableDatabaseId
+	if in.ImagePullPolicy != nil {
+		in, out := &in.ImagePullPolicy, &out.ImagePullPolicy
+		*out = new(corev1.PullPolicy)
+		**out = **in
+	}
+	if in.ReadinessProbe != nil {
+		in, out := &in.ReadinessProbe, &out.ReadinessProbe
+		*out = new(corev1.Probe)
+		(*in).DeepCopyInto(*out)
+	}
+	if in.SecurityContext != nil {
+		in, out := &in.SecurityContext, &out.SecurityContext
+		*out = new(corev1.PodSecurityContext)
+		(*in).DeepCopyInto(*out)
+	}
+	if in.ExternalSvcType != nil {
+		in, out := &in.ExternalSvcType, &out.ExternalSvcType
 		*out = new(string)
 		**out = **in
 	}
+	if in.DbSecret != nil {
+		in, out := &in.DbSecret, &out.DbSecret
+		*out = new(OracleRestartDbPwdSecretDetails)
+		**out = **in
+	}
+	if in.TdeWalletSecret != nil {
+		in, out := &in.TdeWalletSecret, &out.TdeWalletSecret
+		*out = new(OracleRestartDbPwdSecretDetails)
+		**out = **in
+	}
+	in.ServiceDetails.DeepCopyInto(&out.ServiceDetails)
+	if in.Resources != nil {
+		in, out := &in.Resources, &out.Resources
+		*out = new(corev1.ResourceRequirements)
+		(*in).DeepCopyInto(*out)
+	}
 }
 
-// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PDBConfigStatus.
-func (in *PDBConfigStatus) DeepCopy() *PDBConfigStatus {
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new OracleRestartStatus.
+func (in *OracleRestartStatus) DeepCopy() *OracleRestartStatus {
 	if in == nil {
 		return nil
 	}
-	out := new(PDBConfigStatus)
+	out := new(OracleRestartStatus)
 	in.DeepCopyInto(out)
 	return out
 }
 
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
-func (in *PDBDetailsStatus) DeepCopyInto(out *PDBDetailsStatus) {
+func (in *OrdsSrvs) DeepCopyInto(out *OrdsSrvs) {
 	*out = *in
-	if in.PDBConfigStatus != nil {
-		in, out := &in.PDBConfigStatus, &out.PDBConfigStatus
-		*out = make([]PDBConfigStatus, len(*in))
-		for i := range *in {
-			(*in)[i].DeepCopyInto(&(*out)[i])
-		}
-	}
+	out.TypeMeta = in.TypeMeta
+	in.ObjectMeta.DeepCopyInto(&out.ObjectMeta)
+	in.Spec.DeepCopyInto(&out.Spec)
+	in.Status.DeepCopyInto(&out.Status)
 }
 
-// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PDBDetailsStatus.
-func (in *PDBDetailsStatus) DeepCopy() *PDBDetailsStatus {
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new OrdsSrvs.
+func (in *OrdsSrvs) DeepCopy() *OrdsSrvs {
 	if in == nil {
 		return nil
 	}
-	out := new(PDBDetailsStatus)
+	out := new(OrdsSrvs)
 	in.DeepCopyInto(out)
 	return out
 }
 
+// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.
+func (in *OrdsSrvs) DeepCopyObject() runtime.Object {
+	if c := in.DeepCopy(); c != nil {
+		return c
+	}
+	return nil
+}
+
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
-func (in *PDBList) DeepCopyInto(out *PDBList) {
+func (in *OrdsSrvsList) DeepCopyInto(out *OrdsSrvsList) {
 	*out = *in
 	out.TypeMeta = in.TypeMeta
 	in.ListMeta.DeepCopyInto(&out.ListMeta)
 	if in.Items != nil {
 		in, out := &in.Items, &out.Items
-		*out = make([]PDB, len(*in))
+		*out = make([]OrdsSrvs, len(*in))
 		for i := range *in {
 			(*in)[i].DeepCopyInto(&(*out)[i])
 		}
 	}
 }
 
-// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PDBList.
-func (in *PDBList) DeepCopy() *PDBList {
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new OrdsSrvsList.
+func (in *OrdsSrvsList) DeepCopy() *OrdsSrvsList {
 	if in == nil {
 		return nil
 	}
-	out := new(PDBList)
+	out := new(OrdsSrvsList)
 	in.DeepCopyInto(out)
 	return out
 }
 
 // DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.
-func (in *PDBList) DeepCopyObject() runtime.Object {
+func (in *OrdsSrvsList) DeepCopyObject() runtime.Object {
 	if c := in.DeepCopy(); c != nil {
 		return c
 	}
@@ -3050,167 +3237,172 @@ func (in *PDBList) DeepCopyObject() runtime.Object {
 }
 
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
-func (in *PDBPRIVKEY) DeepCopyInto(out *PDBPRIVKEY) {
+func (in *OrdsSrvsSpec) DeepCopyInto(out *OrdsSrvsSpec) {
 	*out = *in
-	out.Secret = in.Secret
-}
-
-// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PDBPRIVKEY.
-func (in *PDBPRIVKEY) DeepCopy() *PDBPRIVKEY {
-	if in == nil {
-		return nil
+	in.GlobalSettings.DeepCopyInto(&out.GlobalSettings)
+	out.EncPrivKey = in.EncPrivKey
+	if in.PoolSettings != nil {
+		in, out := &in.PoolSettings, &out.PoolSettings
+		*out = make([]*PoolSettings, len(*in))
+		for i := range *in {
+			if (*in)[i] != nil {
+				in, out := &(*in)[i], &(*out)[i]
+				*out = new(PoolSettings)
+				(*in).DeepCopyInto(*out)
+			}
+		}
 	}
-	out := new(PDBPRIVKEY)
-	in.DeepCopyInto(out)
-	return out
-}
-
-// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
-func (in *PDBPUBKEY) DeepCopyInto(out *PDBPUBKEY) {
-	*out = *in
-	out.Secret = in.Secret
 }
 
-// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PDBPUBKEY.
-func (in *PDBPUBKEY) DeepCopy() *PDBPUBKEY {
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new OrdsSrvsSpec.
+func (in *OrdsSrvsSpec) DeepCopy() *OrdsSrvsSpec {
 	if in == nil {
 		return nil
 	}
-	out := new(PDBPUBKEY)
+	out := new(OrdsSrvsSpec)
 	in.DeepCopyInto(out)
 	return out
 }
 
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
-func (in *PDBSecret) DeepCopyInto(out *PDBSecret) {
+func (in *OrdsSrvsStatus) DeepCopyInto(out *OrdsSrvsStatus) {
 	*out = *in
+	if in.HTTPPort != nil {
+		in, out := &in.HTTPPort, &out.HTTPPort
+		*out = new(int32)
+		**out = **in
+	}
+	if in.HTTPSPort != nil {
+		in, out := &in.HTTPSPort, &out.HTTPSPort
+		*out = new(int32)
+		**out = **in
+	}
+	if in.Conditions != nil {
+		in, out := &in.Conditions, &out.Conditions
+		*out = make([]v1.Condition, len(*in))
+		for i := range *in {
+			(*in)[i].DeepCopyInto(&(*out)[i])
+		}
+	}
 }
 
-// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PDBSecret.
-func (in *PDBSecret) DeepCopy() *PDBSecret {
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new OrdsSrvsStatus.
+func (in *OrdsSrvsStatus) DeepCopy() *OrdsSrvsStatus {
 	if in == nil {
 		return nil
 	}
-	out := new(PDBSecret)
+	out := new(OrdsSrvsStatus)
 	in.DeepCopyInto(out)
 	return out
 }
 
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
-func (in *PDBSpec) DeepCopyInto(out *PDBSpec) {
+func (in *PDBConfig) DeepCopyInto(out *PDBConfig) {
 	*out = *in
-	out.PDBTlsKey = in.PDBTlsKey
-	out.PDBTlsCrt = in.PDBTlsCrt
-	out.PDBTlsCat = in.PDBTlsCat
-	out.AdminName = in.AdminName
-	out.AdminPwd = in.AdminPwd
-	out.WebServerUsr = in.WebServerUsr
-	out.WebServerPwd = in.WebServerPwd
-	if in.ReuseTempFile != nil {
-		in, out := &in.ReuseTempFile, &out.ReuseTempFile
-		*out = new(bool)
+	if in.PdbName != nil {
+		in, out := &in.PdbName, &out.PdbName
+		*out = new(string)
 		**out = **in
 	}
-	if in.UnlimitedStorage != nil {
-		in, out := &in.UnlimitedStorage, &out.UnlimitedStorage
-		*out = new(bool)
+	if in.PdbAdminPassword != nil {
+		in, out := &in.PdbAdminPassword, &out.PdbAdminPassword
+		*out = new(string)
 		**out = **in
 	}
-	if in.AsClone != nil {
-		in, out := &in.AsClone, &out.AsClone
-		*out = new(bool)
+	if in.TdeWalletPassword != nil {
+		in, out := &in.TdeWalletPassword, &out.TdeWalletPassword
+		*out = new(string)
 		**out = **in
 	}
-	if in.TDEImport != nil {
-		in, out := &in.TDEImport, &out.TDEImport
+	if in.ShouldPdbAdminAccountBeLocked != nil {
+		in, out := &in.ShouldPdbAdminAccountBeLocked, &out.ShouldPdbAdminAccountBeLocked
 		*out = new(bool)
 		**out = **in
 	}
-	if in.TDEExport != nil {
-		in, out := &in.TDEExport, &out.TDEExport
+	if in.FreeformTags != nil {
+		in, out := &in.FreeformTags, &out.FreeformTags
+		*out = make(map[string]string, len(*in))
+		for key, val := range *in {
+			(*out)[key] = val
+		}
+	}
+	if in.IsDelete != nil {
+		in, out := &in.IsDelete, &out.IsDelete
 		*out = new(bool)
 		**out = **in
 	}
-	out.TDEPassword = in.TDEPassword
-	out.TDESecret = in.TDESecret
-	if in.GetScript != nil {
-		in, out := &in.GetScript, &out.GetScript
-		*out = new(bool)
+	if in.PluggableDatabaseId != nil {
+		in, out := &in.PluggableDatabaseId, &out.PluggableDatabaseId
+		*out = new(string)
 		**out = **in
 	}
-	out.PDBPubKey = in.PDBPubKey
-	out.PDBPriKey = in.PDBPriKey
 }
 
-// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PDBSpec.
-func (in *PDBSpec) DeepCopy() *PDBSpec {
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PDBConfig.
+func (in *PDBConfig) DeepCopy() *PDBConfig {
 	if in == nil {
 		return nil
 	}
-	out := new(PDBSpec)
+	out := new(PDBConfig)
 	in.DeepCopyInto(out)
 	return out
 }
 
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
-func (in *PDBStatus) DeepCopyInto(out *PDBStatus) {
+func (in *PDBConfigStatus) DeepCopyInto(out *PDBConfigStatus) {
 	*out = *in
-}
-
-// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PDBStatus.
-func (in *PDBStatus) DeepCopy() *PDBStatus {
-	if in == nil {
-		return nil
+	if in.PdbName != nil {
+		in, out := &in.PdbName, &out.PdbName
+		*out = new(string)
+		**out = **in
 	}
-	out := new(PDBStatus)
-	in.DeepCopyInto(out)
-	return out
-}
-
-// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
-func (in *PDBTLSCAT) DeepCopyInto(out *PDBTLSCAT) {
-	*out = *in
-	out.Secret = in.Secret
-}
-
-// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PDBTLSCAT.
-func (in *PDBTLSCAT) DeepCopy() *PDBTLSCAT {
-	if in == nil {
-		return nil
+	if in.ShouldPdbAdminAccountBeLocked != nil {
+		in, out := &in.ShouldPdbAdminAccountBeLocked, &out.ShouldPdbAdminAccountBeLocked
+		*out = new(bool)
+		**out = **in
+	}
+	if in.FreeformTags != nil {
+		in, out := &in.FreeformTags, &out.FreeformTags
+		*out = make(map[string]string, len(*in))
+		for key, val := range *in {
+			(*out)[key] = val
+		}
+	}
+	if in.PluggableDatabaseId != nil {
+		in, out := &in.PluggableDatabaseId, &out.PluggableDatabaseId
+		*out = new(string)
+		**out = **in
 	}
-	out := new(PDBTLSCAT)
-	in.DeepCopyInto(out)
-	return out
-}
-
-// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
-func (in *PDBTLSCRT) DeepCopyInto(out *PDBTLSCRT) {
-	*out = *in
-	out.Secret = in.Secret
 }
 
-// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PDBTLSCRT.
-func (in *PDBTLSCRT) DeepCopy() *PDBTLSCRT {
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PDBConfigStatus.
+func (in *PDBConfigStatus) DeepCopy() *PDBConfigStatus {
 	if in == nil {
 		return nil
 	}
-	out := new(PDBTLSCRT)
+	out := new(PDBConfigStatus)
 	in.DeepCopyInto(out)
 	return out
 }
 
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
-func (in *PDBTLSKEY) DeepCopyInto(out *PDBTLSKEY) {
+func (in *PDBDetailsStatus) DeepCopyInto(out *PDBDetailsStatus) {
 	*out = *in
-	out.Secret = in.Secret
+	if in.PDBConfigStatus != nil {
+		in, out := &in.PDBConfigStatus, &out.PDBConfigStatus
+		*out = make([]PDBConfigStatus, len(*in))
+		for i := range *in {
+			(*in)[i].DeepCopyInto(&(*out)[i])
+		}
+	}
 }
 
-// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PDBTLSKEY.
-func (in *PDBTLSKEY) DeepCopy() *PDBTLSKEY {
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PDBDetailsStatus.
+func (in *PDBDetailsStatus) DeepCopy() *PDBDetailsStatus {
 	if in == nil {
 		return nil
 	}
-	out := new(PDBTLSKEY)
+	out := new(PDBDetailsStatus)
 	in.DeepCopyInto(out)
 	return out
 }
@@ -3267,17 +3459,27 @@ func (in *PasswordSpec) DeepCopy() *PasswordSpec {
 	return out
 }
 
+// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
+func (in *Persistence) DeepCopyInto(out *Persistence) {
+	*out = *in
+}
+
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Persistence.
+func (in *Persistence) DeepCopy() *Persistence {
+	if in == nil {
+		return nil
+	}
+	out := new(Persistence)
+	in.DeepCopyInto(out)
+	return out
+}
+
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
 func (in *PoolSettings) DeepCopyInto(out *PoolSettings) {
 	*out = *in
 	out.DBSecret = in.DBSecret
 	out.DBAdminUserSecret = in.DBAdminUserSecret
 	out.DBCDBAdminUserSecret = in.DBCDBAdminUserSecret
-	if in.DBPoolDestroyTimeout != nil {
-		in, out := &in.DBPoolDestroyTimeout, &out.DBPoolDestroyTimeout
-		*out = new(timex.Duration)
-		**out = **in
-	}
 	if in.DebugTrackResources != nil {
 		in, out := &in.DebugTrackResources, &out.DebugTrackResources
 		*out = new(bool)
@@ -3308,31 +3510,6 @@ func (in *PoolSettings) DeepCopyInto(out *PoolSettings) {
 		*out = new(int32)
 		**out = **in
 	}
-	if in.SecurityJWKSConnectionTimeout != nil {
-		in, out := &in.SecurityJWKSConnectionTimeout, &out.SecurityJWKSConnectionTimeout
-		*out = new(timex.Duration)
-		**out = **in
-	}
-	if in.SecurityJWKSReadTimeout != nil {
-		in, out := &in.SecurityJWKSReadTimeout, &out.SecurityJWKSReadTimeout
-		*out = new(timex.Duration)
-		**out = **in
-	}
-	if in.SecurityJWKSRefreshInterval != nil {
-		in, out := &in.SecurityJWKSRefreshInterval, &out.SecurityJWKSRefreshInterval
-		*out = new(timex.Duration)
-		**out = **in
-	}
-	if in.SecurityJWTAllowedSkew != nil {
-		in, out := &in.SecurityJWTAllowedSkew, &out.SecurityJWTAllowedSkew
-		*out = new(timex.Duration)
-		**out = **in
-	}
-	if in.SecurityJWTAllowedAge != nil {
-		in, out := &in.SecurityJWTAllowedAge, &out.SecurityJWTAllowedAge
-		*out = new(timex.Duration)
-		**out = **in
-	}
 	if in.DBPort != nil {
 		in, out := &in.DBPort, &out.DBPort
 		*out = new(int32)
@@ -3353,11 +3530,6 @@ func (in *PoolSettings) DeepCopyInto(out *PoolSettings) {
 		*out = new(int32)
 		**out = **in
 	}
-	if in.JDBCMaxConnectionReuseTime != nil {
-		in, out := &in.JDBCMaxConnectionReuseTime, &out.JDBCMaxConnectionReuseTime
-		*out = new(int32)
-		**out = **in
-	}
 	if in.JDBCSecondsToTrustIdleConnection != nil {
 		in, out := &in.JDBCSecondsToTrustIdleConnection, &out.JDBCSecondsToTrustIdleConnection
 		*out = new(int32)
@@ -3451,6 +3623,45 @@ func (in *PriVKey) DeepCopy() *PriVKey {
 	return out
 }
 
+// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
+func (in *ResponseFile) DeepCopyInto(out *ResponseFile) {
+	*out = *in
+}
+
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ResponseFile.
+func (in *ResponseFile) DeepCopy() *ResponseFile {
+	if in == nil {
+		return nil
+	}
+	out := new(ResponseFile)
+	in.DeepCopyInto(out)
+	return out
+}
+
+// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
+func (in *RestoreConfig) DeepCopyInto(out *RestoreConfig) {
+	*out = *in
+	if in.Timestamp != nil {
+		in, out := &in.Timestamp, &out.Timestamp
+		*out = (*in).DeepCopy()
+	}
+	if in.SCN != nil {
+		in, out := &in.SCN, &out.SCN
+		*out = new(string)
+		**out = **in
+	}
+}
+
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new RestoreConfig.
+func (in *RestoreConfig) DeepCopy() *RestoreConfig {
+	if in == nil {
+		return nil
+	}
+	out := new(RestoreConfig)
+	in.DeepCopyInto(out)
+	return out
+}
+
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
 func (in *SecretDetails) DeepCopyInto(out *SecretDetails) {
 	*out = *in
@@ -3466,6 +3677,61 @@ func (in *SecretDetails) DeepCopy() *SecretDetails {
 	return out
 }
 
+// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
+func (in *ServiceSpec) DeepCopyInto(out *ServiceSpec) {
+	*out = *in
+	if in.Preferred != nil {
+		in, out := &in.Preferred, &out.Preferred
+		*out = make([]string, len(*in))
+		copy(*out, *in)
+	}
+	if in.Available != nil {
+		in, out := &in.Available, &out.Available
+		*out = make([]string, len(*in))
+		copy(*out, *in)
+	}
+}
+
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ServiceSpec.
+func (in *ServiceSpec) DeepCopy() *ServiceSpec {
+	if in == nil {
+		return nil
+	}
+	out := new(ServiceSpec)
+	in.DeepCopyInto(out)
+	return out
+}
+
+// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
+func (in *ShardGroup) DeepCopyInto(out *ShardGroup) {
+	*out = *in
+}
+
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ShardGroup.
+func (in *ShardGroup) DeepCopy() *ShardGroup {
+	if in == nil {
+		return nil
+	}
+	out := new(ShardGroup)
+	in.DeepCopyInto(out)
+	return out
+}
+
+// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
+func (in *ShardSpace) DeepCopyInto(out *ShardSpace) {
+	*out = *in
+}
+
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ShardSpace.
+func (in *ShardSpace) DeepCopy() *ShardSpace {
+	if in == nil {
+		return nil
+	}
+	out := new(ShardSpace)
+	in.DeepCopyInto(out)
+	return out
+}
+
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
 func (in *ShardSpec) DeepCopyInto(out *ShardSpec) {
 	*out = *in
@@ -3505,6 +3771,11 @@ func (in *ShardSpec) DeepCopyInto(out *ShardSpec) {
 		*out = new(corev1.PullPolicy)
 		**out = **in
 	}
+	if in.ShardConfigData != nil {
+		in, out := &in.ShardConfigData, &out.ShardConfigData
+		*out = new(ConfigMapData)
+		**out = **in
+	}
 }
 
 // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ShardSpec.
@@ -3630,6 +3901,13 @@ func (in *ShardingDatabaseSpec) DeepCopyInto(out *ShardingDatabaseSpec) {
 		*out = new(SecretDetails)
 		**out = **in
 	}
+	if in.ShardInfo != nil {
+		in, out := &in.ShardInfo, &out.ShardInfo
+		*out = make([]ShardingDetails, len(*in))
+		for i := range *in {
+			(*in)[i].DeepCopyInto(&(*out)[i])
+		}
+	}
 }
 
 // DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ShardingDatabaseSpec.
@@ -3679,6 +3957,31 @@ func (in *ShardingDatabaseStatus) DeepCopy() *ShardingDatabaseStatus {
 	return out
 }
 
+// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
+func (in *ShardingDetails) DeepCopyInto(out *ShardingDetails) {
+	*out = *in
+	if in.ShardGroupDetails != nil {
+		in, out := &in.ShardGroupDetails, &out.ShardGroupDetails
+		*out = new(ShardGroup)
+		**out = **in
+	}
+	if in.ShardSpaceDetails != nil {
+		in, out := &in.ShardSpaceDetails, &out.ShardSpaceDetails
+		*out = new(ShardSpace)
+		**out = **in
+	}
+}
+
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ShardingDetails.
+func (in *ShardingDetails) DeepCopy() *ShardingDetails {
+	if in == nil {
+		return nil
+	}
+	out := new(ShardingDetails)
+	in.DeepCopyInto(out)
+	return out
+}
+
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
 func (in *SingleInstanceDatabase) DeepCopyInto(out *SingleInstanceDatabase) {
 	*out = *in
@@ -3964,38 +4267,6 @@ func (in *SourceSpec) DeepCopy() *SourceSpec {
 	return out
 }
 
-// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
-func (in *TDEPwd) DeepCopyInto(out *TDEPwd) {
-	*out = *in
-	out.Secret = in.Secret
-}
-
-// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new TDEPwd.
-func (in *TDEPwd) DeepCopy() *TDEPwd {
-	if in == nil {
-		return nil
-	}
-	out := new(TDEPwd)
-	in.DeepCopyInto(out)
-	return out
-}
-
-// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
-func (in *TDESecret) DeepCopyInto(out *TDESecret) {
-	*out = *in
-	out.Secret = in.Secret
-}
-
-// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new TDESecret.
-func (in *TDESecret) DeepCopy() *TDESecret {
-	if in == nil {
-		return nil
-	}
-	out := new(TDESecret)
-	in.DeepCopyInto(out)
-	return out
-}
-
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
 func (in *TNSAdminSecret) DeepCopyInto(out *TNSAdminSecret) {
 	*out = *in
@@ -4147,67 +4418,3 @@ func (in *WebLrpdbServerUser) DeepCopy() *WebLrpdbServerUser {
 	in.DeepCopyInto(out)
 	return out
 }
-
-// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
-func (in *WebServerPassword) DeepCopyInto(out *WebServerPassword) {
-	*out = *in
-	out.Secret = in.Secret
-}
-
-// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new WebServerPassword.
-func (in *WebServerPassword) DeepCopy() *WebServerPassword {
-	if in == nil {
-		return nil
-	}
-	out := new(WebServerPassword)
-	in.DeepCopyInto(out)
-	return out
-}
-
-// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
-func (in *WebServerPasswordPDB) DeepCopyInto(out *WebServerPasswordPDB) {
-	*out = *in
-	out.Secret = in.Secret
-}
-
-// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new WebServerPasswordPDB.
-func (in *WebServerPasswordPDB) DeepCopy() *WebServerPasswordPDB {
-	if in == nil {
-		return nil
-	}
-	out := new(WebServerPasswordPDB)
-	in.DeepCopyInto(out)
-	return out
-}
-
-// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
-func (in *WebServerUser) DeepCopyInto(out *WebServerUser) {
-	*out = *in
-	out.Secret = in.Secret
-}
-
-// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new WebServerUser.
-func (in *WebServerUser) DeepCopy() *WebServerUser {
-	if in == nil {
-		return nil
-	}
-	out := new(WebServerUser)
-	in.DeepCopyInto(out)
-	return out
-}
-
-// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
-func (in *WebServerUserPDB) DeepCopyInto(out *WebServerUserPDB) {
-	*out = *in
-	out.Secret = in.Secret
-}
-
-// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new WebServerUserPDB.
-func (in *WebServerUserPDB) DeepCopy() *WebServerUserPDB {
-	if in == nil {
-		return nil
-	}
-	out := new(WebServerUserPDB)
-	in.DeepCopyInto(out)
-	return out
-}
diff --git a/apis/observability/v1/databaseobserver_types.go b/apis/observability/v1/databaseobserver_types.go
index 642ff18b..10a6c913 100644
--- a/apis/observability/v1/databaseobserver_types.go
+++ b/apis/observability/v1/databaseobserver_types.go
@@ -48,78 +48,107 @@ type StatusEnum string
 
 // DatabaseObserverSpec defines the desired state of DatabaseObserver
 type DatabaseObserverSpec struct {
-	Database         DatabaseObserverDatabase       `json:"database,omitempty"`
-	Exporter         DatabaseObserverExporterConfig `json:"exporter,omitempty"`
-	ExporterConfig   DatabaseObserverConfigMap      `json:"configuration,omitempty"`
-	Prometheus       PrometheusConfig               `json:"prometheus,omitempty"`
-	OCIConfig        OCIConfigSpec                  `json:"ociConfig,omitempty"`
-	Replicas         int32                          `json:"replicas,omitempty"`
-	Log              LogConfig                      `json:"log,omitempty"`
-	InheritLabels    []string                       `json:"inheritLabels,omitempty"`
-	ExporterSidecars []corev1.Container             `json:"sidecars,omitempty"`
-	SideCarVolumes   []corev1.Volume                `json:"sidecarVolumes,omitempty"`
+	Database       DatabaseConfig                 `json:"database,omitempty"`
+	Databases      map[string]MultiDatabaseConfig `json:"databases,omitempty"`
+	Wallet         WalletSecret                   `json:"wallet,omitempty"`
+	Deployment     ExporterDeployment             `json:"deployment,omitempty"`
+	Service        ExporterService                `json:"service,omitempty"`
+	ServiceMonitor ExporterServiceMonitor         `json:"serviceMonitor,omitempty"`
+	ExporterConfig ExporterConfig                 `json:"exporterConfig,omitempty"`
+	OCIConfig      OCIConfig                      `json:"ociConfig,omitempty"`
+	AzureConfig    AzureConfig                    `json:"azureConfig,omitempty"`
+	Metrics        MetricsConfig                  `json:"metrics,omitempty"`
+	Log            LogConfig                      `json:"log,omitempty"`
+	InheritLabels  []string                       `json:"inheritLabels,omitempty"`
+	Sidecar        SidecarConfig                  `json:"sidecar,omitempty"`
+	Replicas       int32                          `json:"replicas,omitempty"`
+}
+
+// SidecarConfig defines sidecar containers and volumes to add
+type SidecarConfig struct {
+	Containers []corev1.Container `json:"containers,omitempty"`
+	Volumes    []corev1.Volume    `json:"volumes,omitempty"`
+}
+
+// ExporterConfig defines configMap used for exporter configuration
+type ExporterConfig struct {
+	ConfigMap ConfigMapDetails `json:"configMap,omitempty"`
+	MountPath string           `json:"mountPath,omitempty"`
 }
 
 // LogConfig defines the configuration details relation to the logs of DatabaseObserver
 type LogConfig struct {
-	Path     string    `json:"path,omitempty"`
-	Filename string    `json:"filename,omitempty"`
-	Volume   LogVolume `json:"volume,omitempty"`
+	Disable     bool      `json:"disable,omitempty"`
+	Destination string    `json:"destination,omitempty"`
+	Filename    string    `json:"filename,omitempty"`
+	Volume      LogVolume `json:"volume,omitempty"`
 }
 
+// LogVolume defines the shared volume between the exporter container and other containers
 type LogVolume struct {
-	Name                  string           `json:"name,omitempty"`
-	PersistentVolumeClaim LogVolumePVClaim `json:"persistentVolumeClaim,omitempty"`
+	Name                  string       `json:"name,omitempty"`
+	PersistentVolumeClaim LogVolumePVC `json:"persistentVolumeClaim,omitempty"`
 }
 
-type LogVolumePVClaim struct {
+// LogVolumePVC defines the PVC in which to store the logs
+type LogVolumePVC struct {
 	ClaimName string `json:"claimName,omitempty"`
 }
 
-// DatabaseObserverDatabase defines the database details used for DatabaseObserver
-type DatabaseObserverDatabase struct {
-	DBUser             DBSecret          `json:"dbUser,omitempty"`
-	DBPassword         DBSecretWithVault `json:"dbPassword,omitempty"`
-	DBWallet           DBSecret          `json:"dbWallet,omitempty"`
-	DBConnectionString DBSecret          `json:"dbConnectionString,omitempty"`
+// DatabaseConfig defines the database details used for DatabaseObserver
+type DatabaseConfig struct {
+	DBUser             DBSecret     `json:"dbUser,omitempty"`
+	DBPassword         DBSecret     `json:"dbPassword,omitempty"`
+	DBConnectionString DBSecret     `json:"dbConnectionString,omitempty"`
+	OCIVault           DBOCIVault   `json:"oci,omitempty"`
+	AzureVault         DBAzureVault `json:"azure,omitempty"`
 }
 
-// DatabaseObserverExporterConfig defines the configuration details related to the exporters of DatabaseObserver
-type DatabaseObserverExporterConfig struct {
-	Deployment DatabaseObserverDeployment `json:"deployment,omitempty"`
-	Service    DatabaseObserverService    `json:"service,omitempty"`
+// MultiDatabaseConfig defines each database details used for DatabaseObserver
+type MultiDatabaseConfig struct {
+	DBUser             DBSecret `json:"dbUser,omitempty"`
+	DBPassword         DBSecret `json:"dbPassword,omitempty"`
+	DBConnectionString DBSecret `json:"dbConnectionString,omitempty"`
 }
 
-// DatabaseObserverDeployment defines the exporter deployment component of DatabaseObserver
-type DatabaseObserverDeployment struct {
-	ExporterImage         string                  `json:"image,omitempty"`
-	SecurityContext       *corev1.SecurityContext `json:"securityContext,omitempty"`
-	ExporterArgs          []string                `json:"args,omitempty"`
-	ExporterCommands      []string                `json:"commands,omitempty"`
-	ExporterEnvs          map[string]string       `json:"env,omitempty"`
-	Labels                map[string]string       `json:"labels,omitempty"`
-	DeploymentPodTemplate DeploymentPodTemplate   `json:"podTemplate,omitempty"`
+// DBAzureVault defines Azure Vault details
+type DBAzureVault struct {
+	VaultID             string `json:"vaultID,omitempty"`
+	VaultUsernameSecret string `json:"vaultUsernameSecret,omitempty"`
+	VaultPasswordSecret string `json:"vaultPasswordSecret,omitempty"`
+}
+
+// DBOCIVault defines OCI Vault details
+type DBOCIVault struct {
+	VaultID             string `json:"vaultID,omitempty"`
+	VaultPasswordSecret string `json:"vaultPasswordSecret,omitempty"`
+}
+
+// ExporterDeployment defines the exporter deployment component of DatabaseObserver
+type ExporterDeployment struct {
+	ExporterImage         string                     `json:"image,omitempty"`
+	SecurityContext       *corev1.SecurityContext    `json:"securityContext,omitempty"`
+	PodSecurityContext    *corev1.PodSecurityContext `json:"podSecurityContext,omitempty"`
+	ExporterArgs          []string                   `json:"args,omitempty"`
+	ExporterCommands      []string                   `json:"commands,omitempty"`
+	ExporterEnvs          map[string]string          `json:"env,omitempty"`
+	Labels                map[string]string          `json:"labels,omitempty"`
+	DeploymentPodTemplate DeploymentPodTemplate      `json:"podTemplate,omitempty"`
 }
 
 // DeploymentPodTemplate defines the labels for the DatabaseObserver pods component of a deployment
 type DeploymentPodTemplate struct {
-	SecurityContext *corev1.PodSecurityContext `json:"securityContext,omitempty"`
-	Labels          map[string]string          `json:"labels,omitempty"`
+	Labels map[string]string `json:"labels,omitempty"`
 }
 
-// DatabaseObserverService defines the exporter service component of DatabaseObserver
-type DatabaseObserverService struct {
+// ExporterService defines the exporter service component of DatabaseObserver
+type ExporterService struct {
 	Ports  []corev1.ServicePort `json:"ports,omitempty"`
 	Labels map[string]string    `json:"labels,omitempty"`
 }
 
-// PrometheusConfig defines the generated resources for Prometheus
-type PrometheusConfig struct {
-	ServiceMonitor PrometheusServiceMonitor `json:"serviceMonitor,omitempty"`
-}
-
-// PrometheusServiceMonitor defines DatabaseObserver servicemonitor spec
-type PrometheusServiceMonitor struct {
+// ExporterServiceMonitor defines DatabaseObserver servicemonitor spec
+type ExporterServiceMonitor struct {
 	Labels            map[string]string            `json:"labels,omitempty"`
 	NamespaceSelector *monitorv1.NamespaceSelector `json:"namespaceSelector,omitempty"`
 	Endpoints         []monitorv1.Endpoint         `json:"endpoints,omitempty"`
@@ -129,40 +158,57 @@ type PrometheusServiceMonitor struct {
 type DBSecret struct {
 	Key        string `json:"key,omitempty"`
 	SecretName string `json:"secret,omitempty"`
+	EnvName    string `json:"envName,omitempty"`
+}
+
+// WalletSecret defines secret and where the wallet will be mounted if provided
+type WalletSecret struct {
+	SecretName        string                    `json:"secret,omitempty"`
+	MountPath         string                    `json:"mountPath,omitempty"`
+	AdditionalWallets []AdditionalWalletSecrets `json:"additional,omitempty"`
 }
 
-// DBSecretWithVault  defines secrets used in reference with vault fields
-type DBSecretWithVault struct {
-	Key             string `json:"key,omitempty"`
-	SecretName      string `json:"secret,omitempty"`
-	VaultOCID       string `json:"vaultOCID,omitempty"`
-	VaultSecretName string `json:"vaultSecretName,omitempty"`
+// AdditionalWalletSecrets defines multiple other secrets and where the wallet will be mounted if provided
+type AdditionalWalletSecrets struct {
+	Name       string `json:"name,omitempty"`
+	SecretName string `json:"secret,omitempty"`
+	MountPath  string `json:"mountPath,omitempty"`
 }
 
-// DatabaseObserverConfigMap defines configMap used for metrics configuration
-type DatabaseObserverConfigMap struct {
-	Configmap ConfigMapDetails `json:"configMap,omitempty"`
+// MetricsConfig defines configMap used for multiple metrics TOML configuration
+type MetricsConfig struct {
+	Configmap []ConfigMapDetails `json:"configMap,omitempty"`
 }
 
-// ConfigMapDetails defines the configmap name
+// ConfigMapDetails defines the configmap name used by the exporterConfig and metricsConfig
 type ConfigMapDetails struct {
 	Key  string `json:"key,omitempty"`
 	Name string `json:"name,omitempty"`
 }
 
-// OCIConfigSpec defines the configmap name and secret name used for connecting to OCI
-type OCIConfigSpec struct {
-	ConfigMapName string `json:"configMapName,omitempty"`
-	SecretName    string `json:"secretName,omitempty"`
+// OCIConfig defines the configmap name and secret name used for connecting to OCI
+type OCIConfig struct {
+	ConfigMap  ConfigMapDetails `json:"configMap,omitempty"`
+	PrivateKey ConfigPrivateKey `json:"privateKey,omitempty"`
+	MountPath  string           `json:"mountPath,omitempty"`
+}
+
+type ConfigPrivateKey struct {
+	SecretName string `json:"secret,omitempty"`
+}
+
+// AzureConfig defines the configmap name and secret name used for connecting to Azure
+type AzureConfig struct {
+	ConfigMap ConfigMapDetails `json:"configMap,omitempty"`
 }
 
 // DatabaseObserverStatus defines the observed state of DatabaseObserver
 type DatabaseObserverStatus struct {
-	Conditions     []metav1.Condition `json:"conditions"`
-	Status         string             `json:"status,omitempty"`
-	ExporterConfig string             `json:"exporterConfig"`
-	Version        string             `json:"version"`
-	Replicas       int                `json:"replicas,omitempty"`
+	Conditions    []metav1.Condition `json:"conditions"`
+	Status        string             `json:"status,omitempty"`
+	MetricsConfig string             `json:"metricsConfig"`
+	Version       string             `json:"version"`
+	Replicas      int                `json:"replicas,omitempty"`
 }
 
 //+kubebuilder:object:root=true
@@ -170,7 +216,7 @@ type DatabaseObserverStatus struct {
 // +kubebuilder:resource:shortName="dbobserver";"dbobservers"
 
 // DatabaseObserver is the Schema for the databaseobservers API
-// +kubebuilder:printcolumn:JSONPath=".status.exporterConfig",name="ExporterConfig",type=string
+// +kubebuilder:printcolumn:JSONPath=".status.metricsConfig",name="MetricsConfig",type=string
 // +kubebuilder:printcolumn:JSONPath=".status.status",name="Status",type=string
 // +kubebuilder:printcolumn:JSONPath=".status.version",name="Version",type=string
 type DatabaseObserver struct {
diff --git a/apis/observability/v1/databaseobserver_webhook.go b/apis/observability/v1/databaseobserver_webhook.go
index 286d6ed6..809549d3 100644
--- a/apis/observability/v1/databaseobserver_webhook.go
+++ b/apis/observability/v1/databaseobserver_webhook.go
@@ -39,6 +39,7 @@
 package v1
 
 import (
+	"context"
 	dbcommons "github.com/oracle/oracle-database-operator/commons/database"
 	apierrors "k8s.io/apimachinery/pkg/api/errors"
 	"k8s.io/apimachinery/pkg/runtime"
@@ -48,7 +49,6 @@ import (
 	logf "sigs.k8s.io/controller-runtime/pkg/log"
 	"sigs.k8s.io/controller-runtime/pkg/webhook"
 	"sigs.k8s.io/controller-runtime/pkg/webhook/admission"
-	"strings"
 )
 
 // log is for logging in this package.
@@ -58,7 +58,7 @@ const (
 	AllowedExporterImage                       = "container-registry.oracle.com/database/observability-exporter"
 	ErrorSpecValidationMissingConnString       = "a required field for database connection string secret is missing or does not have a value"
 	ErrorSpecValidationMissingDBUser           = "a required field for database user secret is missing or does not have a value"
-	ErrorSpecValidationMissingDBVaultField     = "a field for the OCI vault has a value but the other required field is missing or does not have a value"
+	ErrorSpecValidationMissingVaultField       = "a field for configuring the vault has a value but the other required field(s) is missing or does not have a value"
 	ErrorSpecValidationMissingOCIConfig        = "a field(s) for the OCI Config is missing or does not have a value when fields for the OCI vault has values"
 	ErrorSpecValidationMissingDBPasswordSecret = "a required field for the database password secret is missing or does not have a value"
 	ErrorSpecExporterImageNotAllowed           = "a different exporter image was found, only official database exporter container images are currently supported"
@@ -67,6 +67,8 @@ const (
 func (r *DatabaseObserver) SetupWebhookWithManager(mgr ctrl.Manager) error {
 	return ctrl.NewWebhookManagedBy(mgr).
 		For(r).
+		WithDefaulter(r).
+		WithValidator(r).
 		Complete()
 }
 
@@ -74,112 +76,94 @@ func (r *DatabaseObserver) SetupWebhookWithManager(mgr ctrl.Manager) error {
 
 //+kubebuilder:webhook:path=/mutate-observability-oracle-com-v1-databaseobserver,mutating=true,sideEffects=none,failurePolicy=fail,groups=observability.oracle.com,resources=databaseobservers,verbs=create;update,versions=v1,name=mdatabaseobserver.kb.io,admissionReviewVersions=v1
 
-var _ webhook.Defaulter = &DatabaseObserver{}
+var _ webhook.CustomDefaulter = &DatabaseObserver{}
 
-// Default implements webhook.Defaulter so a webhook will be registered for the type
-func (r *DatabaseObserver) Default() {
-	databaseobserverlog.Info("default", "name", r.Name)
+// Default implements webhook.CustomDefaulter so a webhook will be registered for the type
+func (r *DatabaseObserver) Default(ctx context.Context, obj runtime.Object) error {
+	obs := obj.(*DatabaseObserver)
+	databaseobserverlog.Info("default", "name", obs.Name)
 
 	// TODO(user): fill in your defaulting logic.
+	return nil
 }
 
 // TODO(user): change verbs to "verbs=create;update;delete" if you want to enable deletion validation.
 //+kubebuilder:webhook:verbs=create;update,path=/validate-observability-oracle-com-v1-databaseobserver,mutating=false,sideEffects=none,failurePolicy=fail,groups=observability.oracle.com,resources=databaseobservers,versions=v1,name=vdatabaseobserver.kb.io,admissionReviewVersions=v1
 
-var _ webhook.Validator = &DatabaseObserver{}
+var _ webhook.CustomValidator = &DatabaseObserver{}
 
-// ValidateCreate implements webhook.Validator so a webhook will be registered for the type
-func (r *DatabaseObserver) ValidateCreate() (admission.Warnings, error) {
-	databaseobserverlog.Info("validate create", "name", r.Name)
+// ValidateCreate implements webhook.CustomValidator so a webhook will be registered for the type
+func (r *DatabaseObserver) ValidateCreate(ctx context.Context, obj runtime.Object) (admission.Warnings, error) {
+	obs := obj.(*DatabaseObserver)
+	databaseobserverlog.Info("validate create", "name", obs.Name)
 
 	var e field.ErrorList
 	ns := dbcommons.GetWatchNamespaces()
 
 	// Check for namespace/cluster scope access
-	if _, isDesiredNamespaceWithinScope := ns[r.Namespace]; !isDesiredNamespaceWithinScope && len(ns) > 0 {
+	if _, isDesiredNamespaceWithinScope := ns[obs.Namespace]; !isDesiredNamespaceWithinScope && len(ns) > 0 {
 		e = append(e,
-			field.Invalid(field.NewPath("metadata").Child("namespace"), r.Namespace,
+			field.Invalid(field.NewPath("metadata").Child("namespace"), obs.Namespace,
 				"Oracle database operator doesn't watch over this namespace"))
 	}
 
-	// Check required secret for db user has value
-	if r.Spec.Database.DBUser.SecretName == "" {
-		e = append(e,
-			field.Invalid(field.NewPath("spec").Child("database").Child("dbUser").Child("secret"), r.Spec.Database.DBUser.SecretName,
-				ErrorSpecValidationMissingDBUser))
-	}
-
-	// Check required secret for db connection string has value
-	if r.Spec.Database.DBConnectionString.SecretName == "" {
-		e = append(e,
-			field.Invalid(field.NewPath("spec").Child("database").Child("dbConnectionString").Child("secret"), r.Spec.Database.DBConnectionString.SecretName,
-				ErrorSpecValidationMissingConnString))
-	}
-
 	// The other vault field must have value if one does
-	if (r.Spec.Database.DBPassword.VaultOCID != "" && r.Spec.Database.DBPassword.VaultSecretName == "") ||
-		(r.Spec.Database.DBPassword.VaultSecretName != "" && r.Spec.Database.DBPassword.VaultOCID == "") {
-
-		e = append(e,
-			field.Invalid(field.NewPath("spec").Child("database").Child("dbPassword"), r.Spec.Database.DBPassword,
-				ErrorSpecValidationMissingDBVaultField))
-	}
-
-	// if vault fields have value, ociConfig must have values
-	if r.Spec.Database.DBPassword.VaultOCID != "" && r.Spec.Database.DBPassword.VaultSecretName != "" &&
-		(r.Spec.OCIConfig.SecretName == "" || r.Spec.OCIConfig.ConfigMapName == "") {
+	if (obs.Spec.Database.OCIVault.VaultID != "" && obs.Spec.Database.OCIVault.VaultPasswordSecret == "") ||
+		(obs.Spec.Database.OCIVault.VaultPasswordSecret != "" && obs.Spec.Database.OCIVault.VaultID == "") {
 
 		e = append(e,
-			field.Invalid(field.NewPath("spec").Child("ociConfig"), r.Spec.OCIConfig,
-				ErrorSpecValidationMissingOCIConfig))
+			field.Invalid(field.NewPath("spec").Child("database").Child("oci"), obs.Spec.Database.OCIVault,
+				ErrorSpecValidationMissingVaultField))
 	}
 
-	// If all of {DB Password Secret Name and vaultOCID+vaultSecretName} have no value, then error out
-	if r.Spec.Database.DBPassword.SecretName == "" &&
-		r.Spec.Database.DBPassword.VaultOCID == "" &&
-		r.Spec.Database.DBPassword.VaultSecretName == "" {
+	// The other vault field must have value if one does
+	if (obs.Spec.Database.AzureVault.VaultID != "" && (obs.Spec.Database.AzureVault.VaultPasswordSecret == "" && obs.Spec.Database.AzureVault.VaultUsernameSecret == "")) ||
+		(obs.Spec.Database.AzureVault.VaultPasswordSecret != "" && obs.Spec.Database.AzureVault.VaultID == "") ||
+		(obs.Spec.Database.AzureVault.VaultUsernameSecret != "" && obs.Spec.Database.AzureVault.VaultID == "") {
 
 		e = append(e,
-			field.Invalid(field.NewPath("spec").Child("database").Child("dbPassword").Child("secret"), r.Spec.Database.DBPassword.SecretName,
-				ErrorSpecValidationMissingDBPasswordSecret))
+			field.Invalid(field.NewPath("spec").Child("database").Child("azure"), obs.Spec.Database.AzureVault,
+				ErrorSpecValidationMissingVaultField))
 	}
 
 	// disallow usage of any other image than the observability-exporter
-	if r.Spec.Exporter.Deployment.ExporterImage != "" && !strings.HasPrefix(r.Spec.Exporter.Deployment.ExporterImage, AllowedExporterImage) {
-		e = append(e,
-			field.Invalid(field.NewPath("spec").Child("exporter").Child("image"), r.Spec.Exporter.Deployment.ExporterImage,
-				ErrorSpecExporterImageNotAllowed))
-	}
-
+	// temporarily disabled
+	//if obs.Spec.Deployment.ExporterImage != "" && !strings.HasPrefix(obs.Spec.Deployment.ExporterImage, AllowedExporterImage) {
+	//	e = append(e,
+	//		field.Invalid(field.NewPath("spec").Child("exporter").Child("image"), obs.Spec.Deployment.ExporterImage,
+	//			ErrorSpecExporterImageNotAllowed))
+	//}
 	// Return if any errors
 	if len(e) > 0 {
-		return nil, apierrors.NewInvalid(schema.GroupKind{Group: "observability.oracle.com", Kind: "DatabaseObserver"}, r.Name, e)
+		return nil, apierrors.NewInvalid(schema.GroupKind{Group: "observability.oracle.com", Kind: "DatabaseObserver"}, obs.Name, e)
 	}
 	return nil, nil
 
 }
 
-// ValidateUpdate implements webhook.Validator so a webhook will be registered for the type
-func (r *DatabaseObserver) ValidateUpdate(old runtime.Object) (admission.Warnings, error) {
-	databaseobserverlog.Info("validate update", "name", r.Name)
+// ValidateUpdate implements webhook.CustomValidator so a webhook will be registered for the type
+func (r *DatabaseObserver) ValidateUpdate(ctx context.Context, oldObj, newObj runtime.Object) (admission.Warnings, error) {
+	obs := newObj.(*DatabaseObserver)
+	databaseobserverlog.Info("validate update", "name", obs.Name)
 	var e field.ErrorList
 
 	// disallow usage of any other image than the observability-exporter
-	if r.Spec.Exporter.Deployment.ExporterImage != "" && !strings.HasPrefix(r.Spec.Exporter.Deployment.ExporterImage, AllowedExporterImage) {
-		e = append(e,
-			field.Invalid(field.NewPath("spec").Child("exporter").Child("image"), r.Spec.Exporter.Deployment.ExporterImage,
-				ErrorSpecExporterImageNotAllowed))
-	}
+	//if obs.Spec.Deployment.ExporterImage != "" && !strings.HasPrefix(obs.Spec.Deployment.ExporterImage, AllowedExporterImage) {
+	//	e = append(e,
+	//		field.Invalid(field.NewPath("spec").Child("exporter").Child("image"), obs.Spec.Deployment.ExporterImage,
+	//			ErrorSpecExporterImageNotAllowed))
+	//}
 	// Return if any errors
 	if len(e) > 0 {
-		return nil, apierrors.NewInvalid(schema.GroupKind{Group: "observability.oracle.com", Kind: "DatabaseObserver"}, r.Name, e)
+		return nil, apierrors.NewInvalid(schema.GroupKind{Group: "observability.oracle.com", Kind: "DatabaseObserver"}, obs.Name, e)
 	}
 	return nil, nil
 }
 
-// ValidateDelete implements webhook.Validator so a webhook will be registered for the type
-func (r *DatabaseObserver) ValidateDelete() (admission.Warnings, error) {
-	databaseobserverlog.Info("validate delete", "name", r.Name)
+// ValidateDelete implements webhook.CustomValidator so a webhook will be registered for the type
+func (r *DatabaseObserver) ValidateDelete(ctx context.Context, obj runtime.Object) (admission.Warnings, error) {
+	obs := obj.(*DatabaseObserver)
+	databaseobserverlog.Info("validate delete", "name", obs.Name)
 
 	return nil, nil
 }
diff --git a/apis/observability/v1/zz_generated.deepcopy.go b/apis/observability/v1/zz_generated.deepcopy.go
index 4924216f..0991c186 100644
--- a/apis/observability/v1/zz_generated.deepcopy.go
+++ b/apis/observability/v1/zz_generated.deepcopy.go
@@ -50,174 +50,158 @@ import (
 )
 
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
-func (in *ConfigMapDetails) DeepCopyInto(out *ConfigMapDetails) {
+func (in *AdditionalWalletSecrets) DeepCopyInto(out *AdditionalWalletSecrets) {
 	*out = *in
 }
 
-// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ConfigMapDetails.
-func (in *ConfigMapDetails) DeepCopy() *ConfigMapDetails {
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AdditionalWalletSecrets.
+func (in *AdditionalWalletSecrets) DeepCopy() *AdditionalWalletSecrets {
 	if in == nil {
 		return nil
 	}
-	out := new(ConfigMapDetails)
+	out := new(AdditionalWalletSecrets)
 	in.DeepCopyInto(out)
 	return out
 }
 
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
-func (in *DBSecret) DeepCopyInto(out *DBSecret) {
+func (in *AzureConfig) DeepCopyInto(out *AzureConfig) {
 	*out = *in
+	out.ConfigMap = in.ConfigMap
 }
 
-// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new DBSecret.
-func (in *DBSecret) DeepCopy() *DBSecret {
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AzureConfig.
+func (in *AzureConfig) DeepCopy() *AzureConfig {
 	if in == nil {
 		return nil
 	}
-	out := new(DBSecret)
+	out := new(AzureConfig)
 	in.DeepCopyInto(out)
 	return out
 }
 
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
-func (in *DBSecretWithVault) DeepCopyInto(out *DBSecretWithVault) {
+func (in *ConfigMapDetails) DeepCopyInto(out *ConfigMapDetails) {
 	*out = *in
 }
 
-// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new DBSecretWithVault.
-func (in *DBSecretWithVault) DeepCopy() *DBSecretWithVault {
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ConfigMapDetails.
+func (in *ConfigMapDetails) DeepCopy() *ConfigMapDetails {
 	if in == nil {
 		return nil
 	}
-	out := new(DBSecretWithVault)
+	out := new(ConfigMapDetails)
 	in.DeepCopyInto(out)
 	return out
 }
 
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
-func (in *DatabaseObserver) DeepCopyInto(out *DatabaseObserver) {
+func (in *ConfigPrivateKey) DeepCopyInto(out *ConfigPrivateKey) {
 	*out = *in
-	out.TypeMeta = in.TypeMeta
-	in.ObjectMeta.DeepCopyInto(&out.ObjectMeta)
-	in.Spec.DeepCopyInto(&out.Spec)
-	in.Status.DeepCopyInto(&out.Status)
 }
 
-// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new DatabaseObserver.
-func (in *DatabaseObserver) DeepCopy() *DatabaseObserver {
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ConfigPrivateKey.
+func (in *ConfigPrivateKey) DeepCopy() *ConfigPrivateKey {
 	if in == nil {
 		return nil
 	}
-	out := new(DatabaseObserver)
+	out := new(ConfigPrivateKey)
 	in.DeepCopyInto(out)
 	return out
 }
 
-// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.
-func (in *DatabaseObserver) DeepCopyObject() runtime.Object {
-	if c := in.DeepCopy(); c != nil {
-		return c
+// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
+func (in *DBAzureVault) DeepCopyInto(out *DBAzureVault) {
+	*out = *in
+}
+
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new DBAzureVault.
+func (in *DBAzureVault) DeepCopy() *DBAzureVault {
+	if in == nil {
+		return nil
 	}
-	return nil
+	out := new(DBAzureVault)
+	in.DeepCopyInto(out)
+	return out
 }
 
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
-func (in *DatabaseObserverConfigMap) DeepCopyInto(out *DatabaseObserverConfigMap) {
+func (in *DBOCIVault) DeepCopyInto(out *DBOCIVault) {
 	*out = *in
-	out.Configmap = in.Configmap
 }
 
-// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new DatabaseObserverConfigMap.
-func (in *DatabaseObserverConfigMap) DeepCopy() *DatabaseObserverConfigMap {
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new DBOCIVault.
+func (in *DBOCIVault) DeepCopy() *DBOCIVault {
 	if in == nil {
 		return nil
 	}
-	out := new(DatabaseObserverConfigMap)
+	out := new(DBOCIVault)
 	in.DeepCopyInto(out)
 	return out
 }
 
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
-func (in *DatabaseObserverDatabase) DeepCopyInto(out *DatabaseObserverDatabase) {
+func (in *DBSecret) DeepCopyInto(out *DBSecret) {
 	*out = *in
-	out.DBUser = in.DBUser
-	out.DBPassword = in.DBPassword
-	out.DBWallet = in.DBWallet
-	out.DBConnectionString = in.DBConnectionString
 }
 
-// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new DatabaseObserverDatabase.
-func (in *DatabaseObserverDatabase) DeepCopy() *DatabaseObserverDatabase {
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new DBSecret.
+func (in *DBSecret) DeepCopy() *DBSecret {
 	if in == nil {
 		return nil
 	}
-	out := new(DatabaseObserverDatabase)
+	out := new(DBSecret)
 	in.DeepCopyInto(out)
 	return out
 }
 
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
-func (in *DatabaseObserverDeployment) DeepCopyInto(out *DatabaseObserverDeployment) {
+func (in *DatabaseConfig) DeepCopyInto(out *DatabaseConfig) {
 	*out = *in
-	if in.SecurityContext != nil {
-		in, out := &in.SecurityContext, &out.SecurityContext
-		*out = new(corev1.SecurityContext)
-		(*in).DeepCopyInto(*out)
-	}
-	if in.ExporterArgs != nil {
-		in, out := &in.ExporterArgs, &out.ExporterArgs
-		*out = make([]string, len(*in))
-		copy(*out, *in)
-	}
-	if in.ExporterCommands != nil {
-		in, out := &in.ExporterCommands, &out.ExporterCommands
-		*out = make([]string, len(*in))
-		copy(*out, *in)
-	}
-	if in.ExporterEnvs != nil {
-		in, out := &in.ExporterEnvs, &out.ExporterEnvs
-		*out = make(map[string]string, len(*in))
-		for key, val := range *in {
-			(*out)[key] = val
-		}
-	}
-	if in.Labels != nil {
-		in, out := &in.Labels, &out.Labels
-		*out = make(map[string]string, len(*in))
-		for key, val := range *in {
-			(*out)[key] = val
-		}
-	}
-	in.DeploymentPodTemplate.DeepCopyInto(&out.DeploymentPodTemplate)
+	out.DBUser = in.DBUser
+	out.DBPassword = in.DBPassword
+	out.DBConnectionString = in.DBConnectionString
+	out.OCIVault = in.OCIVault
+	out.AzureVault = in.AzureVault
 }
 
-// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new DatabaseObserverDeployment.
-func (in *DatabaseObserverDeployment) DeepCopy() *DatabaseObserverDeployment {
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new DatabaseConfig.
+func (in *DatabaseConfig) DeepCopy() *DatabaseConfig {
 	if in == nil {
 		return nil
 	}
-	out := new(DatabaseObserverDeployment)
+	out := new(DatabaseConfig)
 	in.DeepCopyInto(out)
 	return out
 }
 
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
-func (in *DatabaseObserverExporterConfig) DeepCopyInto(out *DatabaseObserverExporterConfig) {
+func (in *DatabaseObserver) DeepCopyInto(out *DatabaseObserver) {
 	*out = *in
-	in.Deployment.DeepCopyInto(&out.Deployment)
-	in.Service.DeepCopyInto(&out.Service)
+	out.TypeMeta = in.TypeMeta
+	in.ObjectMeta.DeepCopyInto(&out.ObjectMeta)
+	in.Spec.DeepCopyInto(&out.Spec)
+	in.Status.DeepCopyInto(&out.Status)
 }
 
-// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new DatabaseObserverExporterConfig.
-func (in *DatabaseObserverExporterConfig) DeepCopy() *DatabaseObserverExporterConfig {
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new DatabaseObserver.
+func (in *DatabaseObserver) DeepCopy() *DatabaseObserver {
 	if in == nil {
 		return nil
 	}
-	out := new(DatabaseObserverExporterConfig)
+	out := new(DatabaseObserver)
 	in.DeepCopyInto(out)
 	return out
 }
 
+// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.
+func (in *DatabaseObserver) DeepCopyObject() runtime.Object {
+	if c := in.DeepCopy(); c != nil {
+		return c
+	}
+	return nil
+}
+
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
 func (in *DatabaseObserverList) DeepCopyInto(out *DatabaseObserverList) {
 	*out = *in
@@ -251,15 +235,68 @@ func (in *DatabaseObserverList) DeepCopyObject() runtime.Object {
 }
 
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
-func (in *DatabaseObserverService) DeepCopyInto(out *DatabaseObserverService) {
+func (in *DatabaseObserverSpec) DeepCopyInto(out *DatabaseObserverSpec) {
 	*out = *in
-	if in.Ports != nil {
-		in, out := &in.Ports, &out.Ports
-		*out = make([]corev1.ServicePort, len(*in))
+	out.Database = in.Database
+	if in.Databases != nil {
+		in, out := &in.Databases, &out.Databases
+		*out = make(map[string]MultiDatabaseConfig, len(*in))
+		for key, val := range *in {
+			(*out)[key] = val
+		}
+	}
+	in.Wallet.DeepCopyInto(&out.Wallet)
+	in.Deployment.DeepCopyInto(&out.Deployment)
+	in.Service.DeepCopyInto(&out.Service)
+	in.ServiceMonitor.DeepCopyInto(&out.ServiceMonitor)
+	out.ExporterConfig = in.ExporterConfig
+	out.OCIConfig = in.OCIConfig
+	out.AzureConfig = in.AzureConfig
+	in.Metrics.DeepCopyInto(&out.Metrics)
+	out.Log = in.Log
+	if in.InheritLabels != nil {
+		in, out := &in.InheritLabels, &out.InheritLabels
+		*out = make([]string, len(*in))
+		copy(*out, *in)
+	}
+	in.Sidecar.DeepCopyInto(&out.Sidecar)
+}
+
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new DatabaseObserverSpec.
+func (in *DatabaseObserverSpec) DeepCopy() *DatabaseObserverSpec {
+	if in == nil {
+		return nil
+	}
+	out := new(DatabaseObserverSpec)
+	in.DeepCopyInto(out)
+	return out
+}
+
+// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
+func (in *DatabaseObserverStatus) DeepCopyInto(out *DatabaseObserverStatus) {
+	*out = *in
+	if in.Conditions != nil {
+		in, out := &in.Conditions, &out.Conditions
+		*out = make([]metav1.Condition, len(*in))
 		for i := range *in {
 			(*in)[i].DeepCopyInto(&(*out)[i])
 		}
 	}
+}
+
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new DatabaseObserverStatus.
+func (in *DatabaseObserverStatus) DeepCopy() *DatabaseObserverStatus {
+	if in == nil {
+		return nil
+	}
+	out := new(DatabaseObserverStatus)
+	in.DeepCopyInto(out)
+	return out
+}
+
+// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
+func (in *DeploymentPodTemplate) DeepCopyInto(out *DeploymentPodTemplate) {
+	*out = *in
 	if in.Labels != nil {
 		in, out := &in.Labels, &out.Labels
 		*out = make(map[string]string, len(*in))
@@ -269,86 +306,114 @@ func (in *DatabaseObserverService) DeepCopyInto(out *DatabaseObserverService) {
 	}
 }
 
-// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new DatabaseObserverService.
-func (in *DatabaseObserverService) DeepCopy() *DatabaseObserverService {
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new DeploymentPodTemplate.
+func (in *DeploymentPodTemplate) DeepCopy() *DeploymentPodTemplate {
 	if in == nil {
 		return nil
 	}
-	out := new(DatabaseObserverService)
+	out := new(DeploymentPodTemplate)
 	in.DeepCopyInto(out)
 	return out
 }
 
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
-func (in *DatabaseObserverSpec) DeepCopyInto(out *DatabaseObserverSpec) {
+func (in *ExporterConfig) DeepCopyInto(out *ExporterConfig) {
 	*out = *in
-	out.Database = in.Database
-	in.Exporter.DeepCopyInto(&out.Exporter)
-	out.ExporterConfig = in.ExporterConfig
-	in.Prometheus.DeepCopyInto(&out.Prometheus)
-	out.OCIConfig = in.OCIConfig
-	out.Log = in.Log
-	if in.InheritLabels != nil {
-		in, out := &in.InheritLabels, &out.InheritLabels
+	out.ConfigMap = in.ConfigMap
+}
+
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ExporterConfig.
+func (in *ExporterConfig) DeepCopy() *ExporterConfig {
+	if in == nil {
+		return nil
+	}
+	out := new(ExporterConfig)
+	in.DeepCopyInto(out)
+	return out
+}
+
+// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
+func (in *ExporterDeployment) DeepCopyInto(out *ExporterDeployment) {
+	*out = *in
+	if in.SecurityContext != nil {
+		in, out := &in.SecurityContext, &out.SecurityContext
+		*out = new(corev1.SecurityContext)
+		(*in).DeepCopyInto(*out)
+	}
+	if in.PodSecurityContext != nil {
+		in, out := &in.PodSecurityContext, &out.PodSecurityContext
+		*out = new(corev1.PodSecurityContext)
+		(*in).DeepCopyInto(*out)
+	}
+	if in.ExporterArgs != nil {
+		in, out := &in.ExporterArgs, &out.ExporterArgs
 		*out = make([]string, len(*in))
 		copy(*out, *in)
 	}
-	if in.ExporterSidecars != nil {
-		in, out := &in.ExporterSidecars, &out.ExporterSidecars
-		*out = make([]corev1.Container, len(*in))
-		for i := range *in {
-			(*in)[i].DeepCopyInto(&(*out)[i])
+	if in.ExporterCommands != nil {
+		in, out := &in.ExporterCommands, &out.ExporterCommands
+		*out = make([]string, len(*in))
+		copy(*out, *in)
+	}
+	if in.ExporterEnvs != nil {
+		in, out := &in.ExporterEnvs, &out.ExporterEnvs
+		*out = make(map[string]string, len(*in))
+		for key, val := range *in {
+			(*out)[key] = val
 		}
 	}
-	if in.SideCarVolumes != nil {
-		in, out := &in.SideCarVolumes, &out.SideCarVolumes
-		*out = make([]corev1.Volume, len(*in))
-		for i := range *in {
-			(*in)[i].DeepCopyInto(&(*out)[i])
+	if in.Labels != nil {
+		in, out := &in.Labels, &out.Labels
+		*out = make(map[string]string, len(*in))
+		for key, val := range *in {
+			(*out)[key] = val
 		}
 	}
+	in.DeploymentPodTemplate.DeepCopyInto(&out.DeploymentPodTemplate)
 }
 
-// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new DatabaseObserverSpec.
-func (in *DatabaseObserverSpec) DeepCopy() *DatabaseObserverSpec {
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ExporterDeployment.
+func (in *ExporterDeployment) DeepCopy() *ExporterDeployment {
 	if in == nil {
 		return nil
 	}
-	out := new(DatabaseObserverSpec)
+	out := new(ExporterDeployment)
 	in.DeepCopyInto(out)
 	return out
 }
 
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
-func (in *DatabaseObserverStatus) DeepCopyInto(out *DatabaseObserverStatus) {
+func (in *ExporterService) DeepCopyInto(out *ExporterService) {
 	*out = *in
-	if in.Conditions != nil {
-		in, out := &in.Conditions, &out.Conditions
-		*out = make([]metav1.Condition, len(*in))
+	if in.Ports != nil {
+		in, out := &in.Ports, &out.Ports
+		*out = make([]corev1.ServicePort, len(*in))
 		for i := range *in {
 			(*in)[i].DeepCopyInto(&(*out)[i])
 		}
 	}
+	if in.Labels != nil {
+		in, out := &in.Labels, &out.Labels
+		*out = make(map[string]string, len(*in))
+		for key, val := range *in {
+			(*out)[key] = val
+		}
+	}
 }
 
-// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new DatabaseObserverStatus.
-func (in *DatabaseObserverStatus) DeepCopy() *DatabaseObserverStatus {
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ExporterService.
+func (in *ExporterService) DeepCopy() *ExporterService {
 	if in == nil {
 		return nil
 	}
-	out := new(DatabaseObserverStatus)
+	out := new(ExporterService)
 	in.DeepCopyInto(out)
 	return out
 }
 
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
-func (in *DeploymentPodTemplate) DeepCopyInto(out *DeploymentPodTemplate) {
+func (in *ExporterServiceMonitor) DeepCopyInto(out *ExporterServiceMonitor) {
 	*out = *in
-	if in.SecurityContext != nil {
-		in, out := &in.SecurityContext, &out.SecurityContext
-		*out = new(corev1.PodSecurityContext)
-		(*in).DeepCopyInto(*out)
-	}
 	if in.Labels != nil {
 		in, out := &in.Labels, &out.Labels
 		*out = make(map[string]string, len(*in))
@@ -356,14 +421,26 @@ func (in *DeploymentPodTemplate) DeepCopyInto(out *DeploymentPodTemplate) {
 			(*out)[key] = val
 		}
 	}
+	if in.NamespaceSelector != nil {
+		in, out := &in.NamespaceSelector, &out.NamespaceSelector
+		*out = new(monitoringv1.NamespaceSelector)
+		(*in).DeepCopyInto(*out)
+	}
+	if in.Endpoints != nil {
+		in, out := &in.Endpoints, &out.Endpoints
+		*out = make([]monitoringv1.Endpoint, len(*in))
+		for i := range *in {
+			(*in)[i].DeepCopyInto(&(*out)[i])
+		}
+	}
 }
 
-// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new DeploymentPodTemplate.
-func (in *DeploymentPodTemplate) DeepCopy() *DeploymentPodTemplate {
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ExporterServiceMonitor.
+func (in *ExporterServiceMonitor) DeepCopy() *ExporterServiceMonitor {
 	if in == nil {
 		return nil
 	}
-	out := new(DeploymentPodTemplate)
+	out := new(ExporterServiceMonitor)
 	in.DeepCopyInto(out)
 	return out
 }
@@ -401,81 +478,120 @@ func (in *LogVolume) DeepCopy() *LogVolume {
 }
 
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
-func (in *LogVolumePVClaim) DeepCopyInto(out *LogVolumePVClaim) {
+func (in *LogVolumePVC) DeepCopyInto(out *LogVolumePVC) {
 	*out = *in
 }
 
-// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new LogVolumePVClaim.
-func (in *LogVolumePVClaim) DeepCopy() *LogVolumePVClaim {
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new LogVolumePVC.
+func (in *LogVolumePVC) DeepCopy() *LogVolumePVC {
 	if in == nil {
 		return nil
 	}
-	out := new(LogVolumePVClaim)
+	out := new(LogVolumePVC)
 	in.DeepCopyInto(out)
 	return out
 }
 
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
-func (in *OCIConfigSpec) DeepCopyInto(out *OCIConfigSpec) {
+func (in *MetricsConfig) DeepCopyInto(out *MetricsConfig) {
 	*out = *in
+	if in.Configmap != nil {
+		in, out := &in.Configmap, &out.Configmap
+		*out = make([]ConfigMapDetails, len(*in))
+		copy(*out, *in)
+	}
 }
 
-// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new OCIConfigSpec.
-func (in *OCIConfigSpec) DeepCopy() *OCIConfigSpec {
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new MetricsConfig.
+func (in *MetricsConfig) DeepCopy() *MetricsConfig {
 	if in == nil {
 		return nil
 	}
-	out := new(OCIConfigSpec)
+	out := new(MetricsConfig)
 	in.DeepCopyInto(out)
 	return out
 }
 
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
-func (in *PrometheusConfig) DeepCopyInto(out *PrometheusConfig) {
+func (in *MultiDatabaseConfig) DeepCopyInto(out *MultiDatabaseConfig) {
 	*out = *in
-	in.ServiceMonitor.DeepCopyInto(&out.ServiceMonitor)
+	out.DBUser = in.DBUser
+	out.DBPassword = in.DBPassword
+	out.DBConnectionString = in.DBConnectionString
 }
 
-// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PrometheusConfig.
-func (in *PrometheusConfig) DeepCopy() *PrometheusConfig {
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new MultiDatabaseConfig.
+func (in *MultiDatabaseConfig) DeepCopy() *MultiDatabaseConfig {
 	if in == nil {
 		return nil
 	}
-	out := new(PrometheusConfig)
+	out := new(MultiDatabaseConfig)
 	in.DeepCopyInto(out)
 	return out
 }
 
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
-func (in *PrometheusServiceMonitor) DeepCopyInto(out *PrometheusServiceMonitor) {
+func (in *OCIConfig) DeepCopyInto(out *OCIConfig) {
 	*out = *in
-	if in.Labels != nil {
-		in, out := &in.Labels, &out.Labels
-		*out = make(map[string]string, len(*in))
-		for key, val := range *in {
-			(*out)[key] = val
-		}
+	out.ConfigMap = in.ConfigMap
+	out.PrivateKey = in.PrivateKey
+}
+
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new OCIConfig.
+func (in *OCIConfig) DeepCopy() *OCIConfig {
+	if in == nil {
+		return nil
 	}
-	if in.NamespaceSelector != nil {
-		in, out := &in.NamespaceSelector, &out.NamespaceSelector
-		*out = new(monitoringv1.NamespaceSelector)
-		(*in).DeepCopyInto(*out)
+	out := new(OCIConfig)
+	in.DeepCopyInto(out)
+	return out
+}
+
+// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
+func (in *SidecarConfig) DeepCopyInto(out *SidecarConfig) {
+	*out = *in
+	if in.Containers != nil {
+		in, out := &in.Containers, &out.Containers
+		*out = make([]corev1.Container, len(*in))
+		for i := range *in {
+			(*in)[i].DeepCopyInto(&(*out)[i])
+		}
 	}
-	if in.Endpoints != nil {
-		in, out := &in.Endpoints, &out.Endpoints
-		*out = make([]monitoringv1.Endpoint, len(*in))
+	if in.Volumes != nil {
+		in, out := &in.Volumes, &out.Volumes
+		*out = make([]corev1.Volume, len(*in))
 		for i := range *in {
 			(*in)[i].DeepCopyInto(&(*out)[i])
 		}
 	}
 }
 
-// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PrometheusServiceMonitor.
-func (in *PrometheusServiceMonitor) DeepCopy() *PrometheusServiceMonitor {
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new SidecarConfig.
+func (in *SidecarConfig) DeepCopy() *SidecarConfig {
+	if in == nil {
+		return nil
+	}
+	out := new(SidecarConfig)
+	in.DeepCopyInto(out)
+	return out
+}
+
+// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
+func (in *WalletSecret) DeepCopyInto(out *WalletSecret) {
+	*out = *in
+	if in.AdditionalWallets != nil {
+		in, out := &in.AdditionalWallets, &out.AdditionalWallets
+		*out = make([]AdditionalWalletSecrets, len(*in))
+		copy(*out, *in)
+	}
+}
+
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new WalletSecret.
+func (in *WalletSecret) DeepCopy() *WalletSecret {
 	if in == nil {
 		return nil
 	}
-	out := new(PrometheusServiceMonitor)
+	out := new(WalletSecret)
 	in.DeepCopyInto(out)
 	return out
 }
diff --git a/apis/observability/v1alpha1/databaseobserver_types.go b/apis/observability/v1alpha1/databaseobserver_types.go
index f4c62900..8d72b7b4 100644
--- a/apis/observability/v1alpha1/databaseobserver_types.go
+++ b/apis/observability/v1alpha1/databaseobserver_types.go
@@ -48,78 +48,107 @@ type StatusEnum string
 
 // DatabaseObserverSpec defines the desired state of DatabaseObserver
 type DatabaseObserverSpec struct {
-	Database         DatabaseObserverDatabase       `json:"database,omitempty"`
-	Exporter         DatabaseObserverExporterConfig `json:"exporter,omitempty"`
-	ExporterConfig   DatabaseObserverConfigMap      `json:"configuration,omitempty"`
-	Prometheus       PrometheusConfig               `json:"prometheus,omitempty"`
-	OCIConfig        OCIConfigSpec                  `json:"ociConfig,omitempty"`
-	Replicas         int32                          `json:"replicas,omitempty"`
-	Log              LogConfig                      `json:"log,omitempty"`
-	InheritLabels    []string                       `json:"inheritLabels,omitempty"`
-	ExporterSidecars []corev1.Container             `json:"sidecars,omitempty"`
-	SideCarVolumes   []corev1.Volume                `json:"sidecarVolumes,omitempty"`
+	Database       DatabaseConfig                 `json:"database,omitempty"`
+	Databases      map[string]MultiDatabaseConfig `json:"databases,omitempty"`
+	Wallet         WalletSecret                   `json:"wallet,omitempty"`
+	Deployment     ExporterDeployment             `json:"deployment,omitempty"`
+	Service        ExporterService                `json:"service,omitempty"`
+	ServiceMonitor ExporterServiceMonitor         `json:"serviceMonitor,omitempty"`
+	ExporterConfig ExporterConfig                 `json:"exporterConfig,omitempty"`
+	OCIConfig      OCIConfig                      `json:"ociConfig,omitempty"`
+	AzureConfig    AzureConfig                    `json:"azureConfig,omitempty"`
+	Metrics        MetricsConfig                  `json:"metrics,omitempty"`
+	InheritLabels  []string                       `json:"inheritLabels,omitempty"`
+	Log            LogConfig                      `json:"log,omitempty"`
+	Sidecar        SidecarConfig                  `json:"sidecar,omitempty"`
+	Replicas       int32                          `json:"replicas,omitempty"`
+}
+
+// SidecarConfig defines sidecar containers and volumes to add
+type SidecarConfig struct {
+	Containers []corev1.Container `json:"containers,omitempty"`
+	Volumes    []corev1.Volume    `json:"volumes,omitempty"`
+}
+
+// ExporterConfig defines configMap used for exporter configuration
+type ExporterConfig struct {
+	ConfigMap ConfigMapDetails `json:"configMap,omitempty"`
+	MountPath string           `json:"mountPath,omitempty"`
 }
 
 // LogConfig defines the configuration details relation to the logs of DatabaseObserver
 type LogConfig struct {
-	Path     string    `json:"path,omitempty"`
-	Filename string    `json:"filename,omitempty"`
-	Volume   LogVolume `json:"volume,omitempty"`
+	Disable     bool      `json:"disable,omitempty"`
+	Destination string    `json:"destination,omitempty"`
+	Filename    string    `json:"filename,omitempty"`
+	Volume      LogVolume `json:"volume,omitempty"`
 }
 
+// LogVolume defines the shared volume between the exporter container and other containers
 type LogVolume struct {
-	Name                  string           `json:"name,omitempty"`
-	PersistentVolumeClaim LogVolumePVClaim `json:"persistentVolumeClaim,omitempty"`
+	Name                  string       `json:"name,omitempty"`
+	PersistentVolumeClaim LogVolumePVC `json:"persistentVolumeClaim,omitempty"`
 }
 
-type LogVolumePVClaim struct {
+// LogVolumePVC defines the PVC in which to store the logs
+type LogVolumePVC struct {
 	ClaimName string `json:"claimName,omitempty"`
 }
 
-// DatabaseObserverDatabase defines the database details used for DatabaseObserver
-type DatabaseObserverDatabase struct {
-	DBUser             DBSecret          `json:"dbUser,omitempty"`
-	DBPassword         DBSecretWithVault `json:"dbPassword,omitempty"`
-	DBWallet           DBSecret          `json:"dbWallet,omitempty"`
-	DBConnectionString DBSecret          `json:"dbConnectionString,omitempty"`
+// DatabaseConfig defines the database details used for DatabaseObserver
+type DatabaseConfig struct {
+	DBUser             DBSecret     `json:"dbUser,omitempty"`
+	DBPassword         DBSecret     `json:"dbPassword,omitempty"`
+	DBConnectionString DBSecret     `json:"dbConnectionString,omitempty"`
+	OCIVault           DBOCIVault   `json:"oci,omitempty"`
+	AzureVault         DBAzureVault `json:"azure,omitempty"`
 }
 
-// DatabaseObserverExporterConfig defines the configuration details related to the exporters of DatabaseObserver
-type DatabaseObserverExporterConfig struct {
-	Deployment DatabaseObserverDeployment `json:"deployment,omitempty"`
-	Service    DatabaseObserverService    `json:"service,omitempty"`
+// MultiDatabaseConfig defines each database details used for DatabaseObserver
+type MultiDatabaseConfig struct {
+	DBUser             DBSecret `json:"dbUser,omitempty"`
+	DBPassword         DBSecret `json:"dbPassword,omitempty"`
+	DBConnectionString DBSecret `json:"dbConnectionString,omitempty"`
 }
 
-// DatabaseObserverDeployment defines the exporter deployment component of DatabaseObserver
-type DatabaseObserverDeployment struct {
-	ExporterImage         string                  `json:"image,omitempty"`
-	SecurityContext       *corev1.SecurityContext `json:"securityContext,omitempty"`
-	ExporterArgs          []string                `json:"args,omitempty"`
-	ExporterCommands      []string                `json:"commands,omitempty"`
-	ExporterEnvs          map[string]string       `json:"env,omitempty"`
-	Labels                map[string]string       `json:"labels,omitempty"`
-	DeploymentPodTemplate DeploymentPodTemplate   `json:"podTemplate,omitempty"`
+// DBAzureVault defines Azure Vault details
+type DBAzureVault struct {
+	VaultID             string `json:"vaultID,omitempty"`
+	VaultUsernameSecret string `json:"vaultUsernameSecret,omitempty"`
+	VaultPasswordSecret string `json:"vaultPasswordSecret,omitempty"`
+}
+
+// DBOCIVault defines OCI Vault details
+type DBOCIVault struct {
+	VaultID             string `json:"vaultID,omitempty"`
+	VaultPasswordSecret string `json:"vaultPasswordSecret,omitempty"`
+}
+
+// ExporterDeployment defines the exporter deployment component of DatabaseObserver
+type ExporterDeployment struct {
+	ExporterImage         string                     `json:"image,omitempty"`
+	SecurityContext       *corev1.SecurityContext    `json:"securityContext,omitempty"`
+	PodSecurityContext    *corev1.PodSecurityContext `json:"podSecurityContext,omitempty"`
+	ExporterArgs          []string                   `json:"args,omitempty"`
+	ExporterCommands      []string                   `json:"commands,omitempty"`
+	ExporterEnvs          map[string]string          `json:"env,omitempty"`
+	Labels                map[string]string          `json:"labels,omitempty"`
+	DeploymentPodTemplate DeploymentPodTemplate      `json:"podTemplate,omitempty"`
 }
 
 // DeploymentPodTemplate defines the labels for the DatabaseObserver pods component of a deployment
 type DeploymentPodTemplate struct {
-	SecurityContext *corev1.PodSecurityContext `json:"securityContext,omitempty"`
-	Labels          map[string]string          `json:"labels,omitempty"`
+	Labels map[string]string `json:"labels,omitempty"`
 }
 
-// DatabaseObserverService defines the exporter service component of DatabaseObserver
-type DatabaseObserverService struct {
+// ExporterService defines the exporter service component of DatabaseObserver
+type ExporterService struct {
 	Ports  []corev1.ServicePort `json:"ports,omitempty"`
 	Labels map[string]string    `json:"labels,omitempty"`
 }
 
-// PrometheusConfig defines the generated resources for Prometheus
-type PrometheusConfig struct {
-	ServiceMonitor PrometheusServiceMonitor `json:"serviceMonitor,omitempty"`
-}
-
-// PrometheusServiceMonitor defines DatabaseObserver servicemonitor spec
-type PrometheusServiceMonitor struct {
+// ExporterServiceMonitor defines DatabaseObserver servicemonitor spec
+type ExporterServiceMonitor struct {
 	Labels            map[string]string            `json:"labels,omitempty"`
 	NamespaceSelector *monitorv1.NamespaceSelector `json:"namespaceSelector,omitempty"`
 	Endpoints         []monitorv1.Endpoint         `json:"endpoints,omitempty"`
@@ -129,40 +158,57 @@ type PrometheusServiceMonitor struct {
 type DBSecret struct {
 	Key        string `json:"key,omitempty"`
 	SecretName string `json:"secret,omitempty"`
+	EnvName    string `json:"envName,omitempty"`
+}
+
+// WalletSecret defines secret and where the wallet will be mounted if provided
+type WalletSecret struct {
+	SecretName        string                    `json:"secret,omitempty"`
+	MountPath         string                    `json:"mountPath,omitempty"`
+	AdditionalWallets []AdditionalWalletSecrets `json:"additional,omitempty"`
 }
 
-// DBSecretWithVault  defines secrets used in reference with vault fields
-type DBSecretWithVault struct {
-	Key             string `json:"key,omitempty"`
-	SecretName      string `json:"secret,omitempty"`
-	VaultOCID       string `json:"vaultOCID,omitempty"`
-	VaultSecretName string `json:"vaultSecretName,omitempty"`
+// AdditionalWalletSecrets defines multiple other secrets and where the wallet will be mounted if provided
+type AdditionalWalletSecrets struct {
+	Name       string `json:"name,omitempty"`
+	SecretName string `json:"secret,omitempty"`
+	MountPath  string `json:"mountPath,omitempty"`
 }
 
-// DatabaseObserverConfigMap defines configMap used for metrics configuration
-type DatabaseObserverConfigMap struct {
-	Configmap ConfigMapDetails `json:"configMap,omitempty"`
+// MetricsConfig defines configMap used for multiple metrics TOML configuration
+type MetricsConfig struct {
+	Configmap []ConfigMapDetails `json:"configMap,omitempty"`
 }
 
-// ConfigMapDetails defines the configmap name
+// ConfigMapDetails defines the configmap name used by the exporterConfig and metricsConfig
 type ConfigMapDetails struct {
 	Key  string `json:"key,omitempty"`
 	Name string `json:"name,omitempty"`
 }
 
-// OCIConfigSpec defines the configmap name and secret name used for connecting to OCI
-type OCIConfigSpec struct {
-	ConfigMapName string `json:"configMapName,omitempty"`
-	SecretName    string `json:"secretName,omitempty"`
+// OCIConfig defines the configmap name and secret name used for connecting to OCI
+type OCIConfig struct {
+	ConfigMap  ConfigMapDetails `json:"configMap,omitempty"`
+	PrivateKey ConfigPrivateKey `json:"privateKey,omitempty"`
+	MountPath  string           `json:"mountPath,omitempty"`
+}
+
+type ConfigPrivateKey struct {
+	SecretName string `json:"secret,omitempty"`
+}
+
+// AzureConfig defines the configmap name and secret name used for connecting to Azure
+type AzureConfig struct {
+	ConfigMap ConfigMapDetails `json:"configMap,omitempty"`
 }
 
 // DatabaseObserverStatus defines the observed state of DatabaseObserver
 type DatabaseObserverStatus struct {
-	Conditions     []metav1.Condition `json:"conditions"`
-	Status         string             `json:"status,omitempty"`
-	ExporterConfig string             `json:"exporterConfig"`
-	Version        string             `json:"version"`
-	Replicas       int                `json:"replicas,omitempty"`
+	Conditions    []metav1.Condition `json:"conditions"`
+	Status        string             `json:"status,omitempty"`
+	MetricsConfig string             `json:"metricsConfig"`
+	Version       string             `json:"version"`
+	Replicas      int                `json:"replicas,omitempty"`
 }
 
 //+kubebuilder:object:root=true
@@ -170,7 +216,7 @@ type DatabaseObserverStatus struct {
 // +kubebuilder:resource:shortName="dbobserver";"dbobservers"
 
 // DatabaseObserver is the Schema for the databaseobservers API
-// +kubebuilder:printcolumn:JSONPath=".status.exporterConfig",name="ExporterConfig",type=string
+// +kubebuilder:printcolumn:JSONPath=".status.metricsConfig",name="MetricsConfig",type=string
 // +kubebuilder:printcolumn:JSONPath=".status.status",name="Status",type=string
 // +kubebuilder:printcolumn:JSONPath=".status.version",name="Version",type=string
 type DatabaseObserver struct {
diff --git a/apis/observability/v1alpha1/databaseobserver_webhook.go b/apis/observability/v1alpha1/databaseobserver_webhook.go
index 585ad3bf..da683b6b 100644
--- a/apis/observability/v1alpha1/databaseobserver_webhook.go
+++ b/apis/observability/v1alpha1/databaseobserver_webhook.go
@@ -39,6 +39,7 @@
 package v1alpha1
 
 import (
+	"context"
 	dbcommons "github.com/oracle/oracle-database-operator/commons/database"
 	apierrors "k8s.io/apimachinery/pkg/api/errors"
 	"k8s.io/apimachinery/pkg/runtime"
@@ -48,7 +49,6 @@ import (
 	logf "sigs.k8s.io/controller-runtime/pkg/log"
 	"sigs.k8s.io/controller-runtime/pkg/webhook"
 	"sigs.k8s.io/controller-runtime/pkg/webhook/admission"
-	"strings"
 )
 
 // log is for logging in this package.
@@ -58,7 +58,7 @@ const (
 	AllowedExporterImage                       = "container-registry.oracle.com/database/observability-exporter"
 	ErrorSpecValidationMissingConnString       = "a required field for database connection string secret is missing or does not have a value"
 	ErrorSpecValidationMissingDBUser           = "a required field for database user secret is missing or does not have a value"
-	ErrorSpecValidationMissingDBVaultField     = "a field for the OCI vault has a value but the other required field is missing or does not have a value"
+	ErrorSpecValidationMissingVaultField       = "a field for configuring the vault has a value but the other required field(s) is missing or does not have a value"
 	ErrorSpecValidationMissingOCIConfig        = "a field(s) for the OCI Config is missing or does not have a value when fields for the OCI vault has values"
 	ErrorSpecValidationMissingDBPasswordSecret = "a required field for the database password secret is missing or does not have a value"
 	ErrorSpecExporterImageNotAllowed           = "a different exporter image was found, only official database exporter container images are currently supported"
@@ -67,6 +67,8 @@ const (
 func (r *DatabaseObserver) SetupWebhookWithManager(mgr ctrl.Manager) error {
 	return ctrl.NewWebhookManagedBy(mgr).
 		For(r).
+		WithDefaulter(r).
+		WithValidator(r).
 		Complete()
 }
 
@@ -74,112 +76,95 @@ func (r *DatabaseObserver) SetupWebhookWithManager(mgr ctrl.Manager) error {
 
 //+kubebuilder:webhook:path=/mutate-observability-oracle-com-v1alpha1-databaseobserver,mutating=true,sideEffects=none,failurePolicy=fail,groups=observability.oracle.com,resources=databaseobservers,verbs=create;update,versions=v1alpha1,name=mdatabaseobserver.kb.io,admissionReviewVersions=v1
 
-var _ webhook.Defaulter = &DatabaseObserver{}
+var _ webhook.CustomDefaulter = &DatabaseObserver{}
 
-// Default implements webhook.Defaulter so a webhook will be registered for the type
-func (r *DatabaseObserver) Default() {
-	databaseobserverlog.Info("default", "name", r.Name)
+// Default implements webhook.CustomDefaulter so a webhook will be registered for the type
+func (r *DatabaseObserver) Default(ctx context.Context, obj runtime.Object) error {
+	obs := obj.(*DatabaseObserver)
+	databaseobserverlog.Info("default", "name", obs.Name)
 
 	// TODO(user): fill in your defaulting logic.
+	return nil
 }
 
 // TODO(user): change verbs to "verbs=create;update;delete" if you want to enable deletion validation.
 //+kubebuilder:webhook:verbs=create;update,path=/validate-observability-oracle-com-v1alpha1-databaseobserver,mutating=false,sideEffects=none,failurePolicy=fail,groups=observability.oracle.com,resources=databaseobservers,versions=v1alpha1,name=vdatabaseobserver.kb.io,admissionReviewVersions=v1
 
-var _ webhook.Validator = &DatabaseObserver{}
+var _ webhook.CustomValidator = &DatabaseObserver{}
 
-// ValidateCreate implements webhook.Validator so a webhook will be registered for the type
-func (r *DatabaseObserver) ValidateCreate() (admission.Warnings, error) {
-	databaseobserverlog.Info("validate create", "name", r.Name)
+// ValidateCreate implements webhook.CustomValidator so a webhook will be registered for the type
+func (r *DatabaseObserver) ValidateCreate(ctx context.Context, obj runtime.Object) (admission.Warnings, error) {
+	obs := obj.(*DatabaseObserver)
+	databaseobserverlog.Info("validate create", "name", obs.Name)
 
 	var e field.ErrorList
 	ns := dbcommons.GetWatchNamespaces()
 
 	// Check for namespace/cluster scope access
-	if _, isDesiredNamespaceWithinScope := ns[r.Namespace]; !isDesiredNamespaceWithinScope && len(ns) > 0 {
+	if _, isDesiredNamespaceWithinScope := ns[obs.Namespace]; !isDesiredNamespaceWithinScope && len(ns) > 0 {
 		e = append(e,
-			field.Invalid(field.NewPath("metadata").Child("namespace"), r.Namespace,
+			field.Invalid(field.NewPath("metadata").Child("namespace"), obs.Namespace,
 				"Oracle database operator doesn't watch over this namespace"))
 	}
 
-	// Check required secret for db user has value
-	if r.Spec.Database.DBUser.SecretName == "" {
-		e = append(e,
-			field.Invalid(field.NewPath("spec").Child("database").Child("dbUser").Child("secret"), r.Spec.Database.DBUser.SecretName,
-				ErrorSpecValidationMissingDBUser))
-	}
-
-	// Check required secret for db connection string has value
-	if r.Spec.Database.DBConnectionString.SecretName == "" {
-		e = append(e,
-			field.Invalid(field.NewPath("spec").Child("database").Child("dbConnectionString").Child("secret"), r.Spec.Database.DBConnectionString.SecretName,
-				ErrorSpecValidationMissingConnString))
-	}
-
 	// The other vault field must have value if one does
-	if (r.Spec.Database.DBPassword.VaultOCID != "" && r.Spec.Database.DBPassword.VaultSecretName == "") ||
-		(r.Spec.Database.DBPassword.VaultSecretName != "" && r.Spec.Database.DBPassword.VaultOCID == "") {
+	if (obs.Spec.Database.OCIVault.VaultID != "" && obs.Spec.Database.OCIVault.VaultPasswordSecret == "") ||
+		(obs.Spec.Database.OCIVault.VaultPasswordSecret != "" && obs.Spec.Database.OCIVault.VaultID == "") {
 
 		e = append(e,
-			field.Invalid(field.NewPath("spec").Child("database").Child("dbPassword"), r.Spec.Database.DBPassword,
-				ErrorSpecValidationMissingDBVaultField))
+			field.Invalid(field.NewPath("spec").Child("database").Child("oci"), obs.Spec.Database.OCIVault,
+				ErrorSpecValidationMissingVaultField))
 	}
 
-	// if vault fields have value, ociConfig must have values
-	if r.Spec.Database.DBPassword.VaultOCID != "" && r.Spec.Database.DBPassword.VaultSecretName != "" &&
-		(r.Spec.OCIConfig.SecretName == "" || r.Spec.OCIConfig.ConfigMapName == "") {
-
-		e = append(e,
-			field.Invalid(field.NewPath("spec").Child("ociConfig"), r.Spec.OCIConfig,
-				ErrorSpecValidationMissingOCIConfig))
-	}
-
-	// If all of {DB Password Secret Name and vaultOCID+vaultSecretName} have no value, then error out
-	if r.Spec.Database.DBPassword.SecretName == "" &&
-		r.Spec.Database.DBPassword.VaultOCID == "" &&
-		r.Spec.Database.DBPassword.VaultSecretName == "" {
+	// The other vault field must have value if one does
+	if (obs.Spec.Database.AzureVault.VaultID != "" && (obs.Spec.Database.AzureVault.VaultPasswordSecret == "" && obs.Spec.Database.AzureVault.VaultUsernameSecret == "")) ||
+		(obs.Spec.Database.AzureVault.VaultPasswordSecret != "" && obs.Spec.Database.AzureVault.VaultID == "") ||
+		(obs.Spec.Database.AzureVault.VaultUsernameSecret != "" && obs.Spec.Database.AzureVault.VaultID == "") {
 
 		e = append(e,
-			field.Invalid(field.NewPath("spec").Child("database").Child("dbPassword").Child("secret"), r.Spec.Database.DBPassword.SecretName,
-				ErrorSpecValidationMissingDBPasswordSecret))
+			field.Invalid(field.NewPath("spec").Child("database").Child("azure"), obs.Spec.Database.AzureVault,
+				ErrorSpecValidationMissingVaultField))
 	}
 
 	// disallow usage of any other image than the observability-exporter
-	if r.Spec.Exporter.Deployment.ExporterImage != "" && !strings.HasPrefix(r.Spec.Exporter.Deployment.ExporterImage, AllowedExporterImage) {
-		e = append(e,
-			field.Invalid(field.NewPath("spec").Child("exporter").Child("image"), r.Spec.Exporter.Deployment.ExporterImage,
-				ErrorSpecExporterImageNotAllowed))
-	}
+	// temporarily disabled
+	//if obs.Spec.Deployment.ExporterImage != "" && !strings.HasPrefix(obs.Spec.Deployment.ExporterImage, AllowedExporterImage) {
+	//	e = append(e,
+	//		field.Invalid(field.NewPath("spec").Child("exporter").Child("image"), obs.Spec.Deployment.ExporterImage,
+	//			ErrorSpecExporterImageNotAllowed))
+	//}
 
 	// Return if any errors
 	if len(e) > 0 {
-		return nil, apierrors.NewInvalid(schema.GroupKind{Group: "observability.oracle.com", Kind: "DatabaseObserver"}, r.Name, e)
+		return nil, apierrors.NewInvalid(schema.GroupKind{Group: "observability.oracle.com", Kind: "DatabaseObserver"}, obs.Name, e)
 	}
 	return nil, nil
 
 }
 
-// ValidateUpdate implements webhook.Validator so a webhook will be registered for the type
-func (r *DatabaseObserver) ValidateUpdate(old runtime.Object) (admission.Warnings, error) {
-	databaseobserverlog.Info("validate update", "name", r.Name)
+// ValidateUpdate implements webhook.CustomValidator so a webhook will be registered for the type
+func (r *DatabaseObserver) ValidateUpdate(ctx context.Context, oldObj, newObj runtime.Object) (admission.Warnings, error) {
+	obs := newObj.(*DatabaseObserver)
+	databaseobserverlog.Info("validate update", "name", obs.Name)
 	var e field.ErrorList
 
 	// disallow usage of any other image than the observability-exporter
-	if r.Spec.Exporter.Deployment.ExporterImage != "" && !strings.HasPrefix(r.Spec.Exporter.Deployment.ExporterImage, AllowedExporterImage) {
-		e = append(e,
-			field.Invalid(field.NewPath("spec").Child("exporter").Child("image"), r.Spec.Exporter.Deployment.ExporterImage,
-				ErrorSpecExporterImageNotAllowed))
-	}
+	//if obs.Spec.Deployment.ExporterImage != "" && !strings.HasPrefix(obs.Spec.Deployment.ExporterImage, AllowedExporterImage) {
+	//	e = append(e,
+	//		field.Invalid(field.NewPath("spec").Child("exporter").Child("image"), obs.Spec.Deployment.ExporterImage,
+	//			ErrorSpecExporterImageNotAllowed))
+	//}
 	// Return if any errors
 	if len(e) > 0 {
-		return nil, apierrors.NewInvalid(schema.GroupKind{Group: "observability.oracle.com", Kind: "DatabaseObserver"}, r.Name, e)
+		return nil, apierrors.NewInvalid(schema.GroupKind{Group: "observability.oracle.com", Kind: "DatabaseObserver"}, obs.Name, e)
 	}
 	return nil, nil
 }
 
-// ValidateDelete implements webhook.Validator so a webhook will be registered for the type
-func (r *DatabaseObserver) ValidateDelete() (admission.Warnings, error) {
-	databaseobserverlog.Info("validate delete", "name", r.Name)
+// ValidateDelete implements webhook.CustomValidator so a webhook will be registered for the type
+func (r *DatabaseObserver) ValidateDelete(ctx context.Context, obj runtime.Object) (admission.Warnings, error) {
+	obs := obj.(*DatabaseObserver)
+	databaseobserverlog.Info("validate delete", "name", obs.Name)
 
 	return nil, nil
 }
diff --git a/apis/observability/v1alpha1/zz_generated.deepcopy.go b/apis/observability/v1alpha1/zz_generated.deepcopy.go
index 4b2a29b0..c5e76104 100644
--- a/apis/observability/v1alpha1/zz_generated.deepcopy.go
+++ b/apis/observability/v1alpha1/zz_generated.deepcopy.go
@@ -50,174 +50,158 @@ import (
 )
 
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
-func (in *ConfigMapDetails) DeepCopyInto(out *ConfigMapDetails) {
+func (in *AdditionalWalletSecrets) DeepCopyInto(out *AdditionalWalletSecrets) {
 	*out = *in
 }
 
-// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ConfigMapDetails.
-func (in *ConfigMapDetails) DeepCopy() *ConfigMapDetails {
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AdditionalWalletSecrets.
+func (in *AdditionalWalletSecrets) DeepCopy() *AdditionalWalletSecrets {
 	if in == nil {
 		return nil
 	}
-	out := new(ConfigMapDetails)
+	out := new(AdditionalWalletSecrets)
 	in.DeepCopyInto(out)
 	return out
 }
 
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
-func (in *DBSecret) DeepCopyInto(out *DBSecret) {
+func (in *AzureConfig) DeepCopyInto(out *AzureConfig) {
 	*out = *in
+	out.ConfigMap = in.ConfigMap
 }
 
-// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new DBSecret.
-func (in *DBSecret) DeepCopy() *DBSecret {
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AzureConfig.
+func (in *AzureConfig) DeepCopy() *AzureConfig {
 	if in == nil {
 		return nil
 	}
-	out := new(DBSecret)
+	out := new(AzureConfig)
 	in.DeepCopyInto(out)
 	return out
 }
 
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
-func (in *DBSecretWithVault) DeepCopyInto(out *DBSecretWithVault) {
+func (in *ConfigMapDetails) DeepCopyInto(out *ConfigMapDetails) {
 	*out = *in
 }
 
-// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new DBSecretWithVault.
-func (in *DBSecretWithVault) DeepCopy() *DBSecretWithVault {
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ConfigMapDetails.
+func (in *ConfigMapDetails) DeepCopy() *ConfigMapDetails {
 	if in == nil {
 		return nil
 	}
-	out := new(DBSecretWithVault)
+	out := new(ConfigMapDetails)
 	in.DeepCopyInto(out)
 	return out
 }
 
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
-func (in *DatabaseObserver) DeepCopyInto(out *DatabaseObserver) {
+func (in *ConfigPrivateKey) DeepCopyInto(out *ConfigPrivateKey) {
 	*out = *in
-	out.TypeMeta = in.TypeMeta
-	in.ObjectMeta.DeepCopyInto(&out.ObjectMeta)
-	in.Spec.DeepCopyInto(&out.Spec)
-	in.Status.DeepCopyInto(&out.Status)
 }
 
-// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new DatabaseObserver.
-func (in *DatabaseObserver) DeepCopy() *DatabaseObserver {
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ConfigPrivateKey.
+func (in *ConfigPrivateKey) DeepCopy() *ConfigPrivateKey {
 	if in == nil {
 		return nil
 	}
-	out := new(DatabaseObserver)
+	out := new(ConfigPrivateKey)
 	in.DeepCopyInto(out)
 	return out
 }
 
-// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.
-func (in *DatabaseObserver) DeepCopyObject() runtime.Object {
-	if c := in.DeepCopy(); c != nil {
-		return c
+// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
+func (in *DBAzureVault) DeepCopyInto(out *DBAzureVault) {
+	*out = *in
+}
+
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new DBAzureVault.
+func (in *DBAzureVault) DeepCopy() *DBAzureVault {
+	if in == nil {
+		return nil
 	}
-	return nil
+	out := new(DBAzureVault)
+	in.DeepCopyInto(out)
+	return out
 }
 
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
-func (in *DatabaseObserverConfigMap) DeepCopyInto(out *DatabaseObserverConfigMap) {
+func (in *DBOCIVault) DeepCopyInto(out *DBOCIVault) {
 	*out = *in
-	out.Configmap = in.Configmap
 }
 
-// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new DatabaseObserverConfigMap.
-func (in *DatabaseObserverConfigMap) DeepCopy() *DatabaseObserverConfigMap {
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new DBOCIVault.
+func (in *DBOCIVault) DeepCopy() *DBOCIVault {
 	if in == nil {
 		return nil
 	}
-	out := new(DatabaseObserverConfigMap)
+	out := new(DBOCIVault)
 	in.DeepCopyInto(out)
 	return out
 }
 
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
-func (in *DatabaseObserverDatabase) DeepCopyInto(out *DatabaseObserverDatabase) {
+func (in *DBSecret) DeepCopyInto(out *DBSecret) {
 	*out = *in
-	out.DBUser = in.DBUser
-	out.DBPassword = in.DBPassword
-	out.DBWallet = in.DBWallet
-	out.DBConnectionString = in.DBConnectionString
 }
 
-// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new DatabaseObserverDatabase.
-func (in *DatabaseObserverDatabase) DeepCopy() *DatabaseObserverDatabase {
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new DBSecret.
+func (in *DBSecret) DeepCopy() *DBSecret {
 	if in == nil {
 		return nil
 	}
-	out := new(DatabaseObserverDatabase)
+	out := new(DBSecret)
 	in.DeepCopyInto(out)
 	return out
 }
 
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
-func (in *DatabaseObserverDeployment) DeepCopyInto(out *DatabaseObserverDeployment) {
+func (in *DatabaseConfig) DeepCopyInto(out *DatabaseConfig) {
 	*out = *in
-	if in.SecurityContext != nil {
-		in, out := &in.SecurityContext, &out.SecurityContext
-		*out = new(v1.SecurityContext)
-		(*in).DeepCopyInto(*out)
-	}
-	if in.ExporterArgs != nil {
-		in, out := &in.ExporterArgs, &out.ExporterArgs
-		*out = make([]string, len(*in))
-		copy(*out, *in)
-	}
-	if in.ExporterCommands != nil {
-		in, out := &in.ExporterCommands, &out.ExporterCommands
-		*out = make([]string, len(*in))
-		copy(*out, *in)
-	}
-	if in.ExporterEnvs != nil {
-		in, out := &in.ExporterEnvs, &out.ExporterEnvs
-		*out = make(map[string]string, len(*in))
-		for key, val := range *in {
-			(*out)[key] = val
-		}
-	}
-	if in.Labels != nil {
-		in, out := &in.Labels, &out.Labels
-		*out = make(map[string]string, len(*in))
-		for key, val := range *in {
-			(*out)[key] = val
-		}
-	}
-	in.DeploymentPodTemplate.DeepCopyInto(&out.DeploymentPodTemplate)
+	out.DBUser = in.DBUser
+	out.DBPassword = in.DBPassword
+	out.DBConnectionString = in.DBConnectionString
+	out.OCIVault = in.OCIVault
+	out.AzureVault = in.AzureVault
 }
 
-// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new DatabaseObserverDeployment.
-func (in *DatabaseObserverDeployment) DeepCopy() *DatabaseObserverDeployment {
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new DatabaseConfig.
+func (in *DatabaseConfig) DeepCopy() *DatabaseConfig {
 	if in == nil {
 		return nil
 	}
-	out := new(DatabaseObserverDeployment)
+	out := new(DatabaseConfig)
 	in.DeepCopyInto(out)
 	return out
 }
 
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
-func (in *DatabaseObserverExporterConfig) DeepCopyInto(out *DatabaseObserverExporterConfig) {
+func (in *DatabaseObserver) DeepCopyInto(out *DatabaseObserver) {
 	*out = *in
-	in.Deployment.DeepCopyInto(&out.Deployment)
-	in.Service.DeepCopyInto(&out.Service)
+	out.TypeMeta = in.TypeMeta
+	in.ObjectMeta.DeepCopyInto(&out.ObjectMeta)
+	in.Spec.DeepCopyInto(&out.Spec)
+	in.Status.DeepCopyInto(&out.Status)
 }
 
-// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new DatabaseObserverExporterConfig.
-func (in *DatabaseObserverExporterConfig) DeepCopy() *DatabaseObserverExporterConfig {
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new DatabaseObserver.
+func (in *DatabaseObserver) DeepCopy() *DatabaseObserver {
 	if in == nil {
 		return nil
 	}
-	out := new(DatabaseObserverExporterConfig)
+	out := new(DatabaseObserver)
 	in.DeepCopyInto(out)
 	return out
 }
 
+// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.
+func (in *DatabaseObserver) DeepCopyObject() runtime.Object {
+	if c := in.DeepCopy(); c != nil {
+		return c
+	}
+	return nil
+}
+
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
 func (in *DatabaseObserverList) DeepCopyInto(out *DatabaseObserverList) {
 	*out = *in
@@ -251,15 +235,68 @@ func (in *DatabaseObserverList) DeepCopyObject() runtime.Object {
 }
 
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
-func (in *DatabaseObserverService) DeepCopyInto(out *DatabaseObserverService) {
+func (in *DatabaseObserverSpec) DeepCopyInto(out *DatabaseObserverSpec) {
 	*out = *in
-	if in.Ports != nil {
-		in, out := &in.Ports, &out.Ports
-		*out = make([]v1.ServicePort, len(*in))
+	out.Database = in.Database
+	if in.Databases != nil {
+		in, out := &in.Databases, &out.Databases
+		*out = make(map[string]MultiDatabaseConfig, len(*in))
+		for key, val := range *in {
+			(*out)[key] = val
+		}
+	}
+	in.Wallet.DeepCopyInto(&out.Wallet)
+	in.Deployment.DeepCopyInto(&out.Deployment)
+	in.Service.DeepCopyInto(&out.Service)
+	in.ServiceMonitor.DeepCopyInto(&out.ServiceMonitor)
+	out.ExporterConfig = in.ExporterConfig
+	out.OCIConfig = in.OCIConfig
+	out.AzureConfig = in.AzureConfig
+	in.Metrics.DeepCopyInto(&out.Metrics)
+	if in.InheritLabels != nil {
+		in, out := &in.InheritLabels, &out.InheritLabels
+		*out = make([]string, len(*in))
+		copy(*out, *in)
+	}
+	out.Log = in.Log
+	in.Sidecar.DeepCopyInto(&out.Sidecar)
+}
+
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new DatabaseObserverSpec.
+func (in *DatabaseObserverSpec) DeepCopy() *DatabaseObserverSpec {
+	if in == nil {
+		return nil
+	}
+	out := new(DatabaseObserverSpec)
+	in.DeepCopyInto(out)
+	return out
+}
+
+// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
+func (in *DatabaseObserverStatus) DeepCopyInto(out *DatabaseObserverStatus) {
+	*out = *in
+	if in.Conditions != nil {
+		in, out := &in.Conditions, &out.Conditions
+		*out = make([]metav1.Condition, len(*in))
 		for i := range *in {
 			(*in)[i].DeepCopyInto(&(*out)[i])
 		}
 	}
+}
+
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new DatabaseObserverStatus.
+func (in *DatabaseObserverStatus) DeepCopy() *DatabaseObserverStatus {
+	if in == nil {
+		return nil
+	}
+	out := new(DatabaseObserverStatus)
+	in.DeepCopyInto(out)
+	return out
+}
+
+// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
+func (in *DeploymentPodTemplate) DeepCopyInto(out *DeploymentPodTemplate) {
+	*out = *in
 	if in.Labels != nil {
 		in, out := &in.Labels, &out.Labels
 		*out = make(map[string]string, len(*in))
@@ -269,86 +306,114 @@ func (in *DatabaseObserverService) DeepCopyInto(out *DatabaseObserverService) {
 	}
 }
 
-// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new DatabaseObserverService.
-func (in *DatabaseObserverService) DeepCopy() *DatabaseObserverService {
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new DeploymentPodTemplate.
+func (in *DeploymentPodTemplate) DeepCopy() *DeploymentPodTemplate {
 	if in == nil {
 		return nil
 	}
-	out := new(DatabaseObserverService)
+	out := new(DeploymentPodTemplate)
 	in.DeepCopyInto(out)
 	return out
 }
 
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
-func (in *DatabaseObserverSpec) DeepCopyInto(out *DatabaseObserverSpec) {
+func (in *ExporterConfig) DeepCopyInto(out *ExporterConfig) {
 	*out = *in
-	out.Database = in.Database
-	in.Exporter.DeepCopyInto(&out.Exporter)
-	out.ExporterConfig = in.ExporterConfig
-	in.Prometheus.DeepCopyInto(&out.Prometheus)
-	out.OCIConfig = in.OCIConfig
-	out.Log = in.Log
-	if in.InheritLabels != nil {
-		in, out := &in.InheritLabels, &out.InheritLabels
+	out.ConfigMap = in.ConfigMap
+}
+
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ExporterConfig.
+func (in *ExporterConfig) DeepCopy() *ExporterConfig {
+	if in == nil {
+		return nil
+	}
+	out := new(ExporterConfig)
+	in.DeepCopyInto(out)
+	return out
+}
+
+// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
+func (in *ExporterDeployment) DeepCopyInto(out *ExporterDeployment) {
+	*out = *in
+	if in.SecurityContext != nil {
+		in, out := &in.SecurityContext, &out.SecurityContext
+		*out = new(v1.SecurityContext)
+		(*in).DeepCopyInto(*out)
+	}
+	if in.PodSecurityContext != nil {
+		in, out := &in.PodSecurityContext, &out.PodSecurityContext
+		*out = new(v1.PodSecurityContext)
+		(*in).DeepCopyInto(*out)
+	}
+	if in.ExporterArgs != nil {
+		in, out := &in.ExporterArgs, &out.ExporterArgs
 		*out = make([]string, len(*in))
 		copy(*out, *in)
 	}
-	if in.ExporterSidecars != nil {
-		in, out := &in.ExporterSidecars, &out.ExporterSidecars
-		*out = make([]v1.Container, len(*in))
-		for i := range *in {
-			(*in)[i].DeepCopyInto(&(*out)[i])
+	if in.ExporterCommands != nil {
+		in, out := &in.ExporterCommands, &out.ExporterCommands
+		*out = make([]string, len(*in))
+		copy(*out, *in)
+	}
+	if in.ExporterEnvs != nil {
+		in, out := &in.ExporterEnvs, &out.ExporterEnvs
+		*out = make(map[string]string, len(*in))
+		for key, val := range *in {
+			(*out)[key] = val
 		}
 	}
-	if in.SideCarVolumes != nil {
-		in, out := &in.SideCarVolumes, &out.SideCarVolumes
-		*out = make([]v1.Volume, len(*in))
-		for i := range *in {
-			(*in)[i].DeepCopyInto(&(*out)[i])
+	if in.Labels != nil {
+		in, out := &in.Labels, &out.Labels
+		*out = make(map[string]string, len(*in))
+		for key, val := range *in {
+			(*out)[key] = val
 		}
 	}
+	in.DeploymentPodTemplate.DeepCopyInto(&out.DeploymentPodTemplate)
 }
 
-// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new DatabaseObserverSpec.
-func (in *DatabaseObserverSpec) DeepCopy() *DatabaseObserverSpec {
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ExporterDeployment.
+func (in *ExporterDeployment) DeepCopy() *ExporterDeployment {
 	if in == nil {
 		return nil
 	}
-	out := new(DatabaseObserverSpec)
+	out := new(ExporterDeployment)
 	in.DeepCopyInto(out)
 	return out
 }
 
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
-func (in *DatabaseObserverStatus) DeepCopyInto(out *DatabaseObserverStatus) {
+func (in *ExporterService) DeepCopyInto(out *ExporterService) {
 	*out = *in
-	if in.Conditions != nil {
-		in, out := &in.Conditions, &out.Conditions
-		*out = make([]metav1.Condition, len(*in))
+	if in.Ports != nil {
+		in, out := &in.Ports, &out.Ports
+		*out = make([]v1.ServicePort, len(*in))
 		for i := range *in {
 			(*in)[i].DeepCopyInto(&(*out)[i])
 		}
 	}
+	if in.Labels != nil {
+		in, out := &in.Labels, &out.Labels
+		*out = make(map[string]string, len(*in))
+		for key, val := range *in {
+			(*out)[key] = val
+		}
+	}
 }
 
-// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new DatabaseObserverStatus.
-func (in *DatabaseObserverStatus) DeepCopy() *DatabaseObserverStatus {
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ExporterService.
+func (in *ExporterService) DeepCopy() *ExporterService {
 	if in == nil {
 		return nil
 	}
-	out := new(DatabaseObserverStatus)
+	out := new(ExporterService)
 	in.DeepCopyInto(out)
 	return out
 }
 
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
-func (in *DeploymentPodTemplate) DeepCopyInto(out *DeploymentPodTemplate) {
+func (in *ExporterServiceMonitor) DeepCopyInto(out *ExporterServiceMonitor) {
 	*out = *in
-	if in.SecurityContext != nil {
-		in, out := &in.SecurityContext, &out.SecurityContext
-		*out = new(v1.PodSecurityContext)
-		(*in).DeepCopyInto(*out)
-	}
 	if in.Labels != nil {
 		in, out := &in.Labels, &out.Labels
 		*out = make(map[string]string, len(*in))
@@ -356,14 +421,26 @@ func (in *DeploymentPodTemplate) DeepCopyInto(out *DeploymentPodTemplate) {
 			(*out)[key] = val
 		}
 	}
+	if in.NamespaceSelector != nil {
+		in, out := &in.NamespaceSelector, &out.NamespaceSelector
+		*out = new(monitoringv1.NamespaceSelector)
+		(*in).DeepCopyInto(*out)
+	}
+	if in.Endpoints != nil {
+		in, out := &in.Endpoints, &out.Endpoints
+		*out = make([]monitoringv1.Endpoint, len(*in))
+		for i := range *in {
+			(*in)[i].DeepCopyInto(&(*out)[i])
+		}
+	}
 }
 
-// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new DeploymentPodTemplate.
-func (in *DeploymentPodTemplate) DeepCopy() *DeploymentPodTemplate {
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ExporterServiceMonitor.
+func (in *ExporterServiceMonitor) DeepCopy() *ExporterServiceMonitor {
 	if in == nil {
 		return nil
 	}
-	out := new(DeploymentPodTemplate)
+	out := new(ExporterServiceMonitor)
 	in.DeepCopyInto(out)
 	return out
 }
@@ -401,81 +478,120 @@ func (in *LogVolume) DeepCopy() *LogVolume {
 }
 
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
-func (in *LogVolumePVClaim) DeepCopyInto(out *LogVolumePVClaim) {
+func (in *LogVolumePVC) DeepCopyInto(out *LogVolumePVC) {
 	*out = *in
 }
 
-// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new LogVolumePVClaim.
-func (in *LogVolumePVClaim) DeepCopy() *LogVolumePVClaim {
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new LogVolumePVC.
+func (in *LogVolumePVC) DeepCopy() *LogVolumePVC {
 	if in == nil {
 		return nil
 	}
-	out := new(LogVolumePVClaim)
+	out := new(LogVolumePVC)
 	in.DeepCopyInto(out)
 	return out
 }
 
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
-func (in *OCIConfigSpec) DeepCopyInto(out *OCIConfigSpec) {
+func (in *MetricsConfig) DeepCopyInto(out *MetricsConfig) {
 	*out = *in
+	if in.Configmap != nil {
+		in, out := &in.Configmap, &out.Configmap
+		*out = make([]ConfigMapDetails, len(*in))
+		copy(*out, *in)
+	}
 }
 
-// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new OCIConfigSpec.
-func (in *OCIConfigSpec) DeepCopy() *OCIConfigSpec {
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new MetricsConfig.
+func (in *MetricsConfig) DeepCopy() *MetricsConfig {
 	if in == nil {
 		return nil
 	}
-	out := new(OCIConfigSpec)
+	out := new(MetricsConfig)
 	in.DeepCopyInto(out)
 	return out
 }
 
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
-func (in *PrometheusConfig) DeepCopyInto(out *PrometheusConfig) {
+func (in *MultiDatabaseConfig) DeepCopyInto(out *MultiDatabaseConfig) {
 	*out = *in
-	in.ServiceMonitor.DeepCopyInto(&out.ServiceMonitor)
+	out.DBUser = in.DBUser
+	out.DBPassword = in.DBPassword
+	out.DBConnectionString = in.DBConnectionString
 }
 
-// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PrometheusConfig.
-func (in *PrometheusConfig) DeepCopy() *PrometheusConfig {
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new MultiDatabaseConfig.
+func (in *MultiDatabaseConfig) DeepCopy() *MultiDatabaseConfig {
 	if in == nil {
 		return nil
 	}
-	out := new(PrometheusConfig)
+	out := new(MultiDatabaseConfig)
 	in.DeepCopyInto(out)
 	return out
 }
 
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
-func (in *PrometheusServiceMonitor) DeepCopyInto(out *PrometheusServiceMonitor) {
+func (in *OCIConfig) DeepCopyInto(out *OCIConfig) {
 	*out = *in
-	if in.Labels != nil {
-		in, out := &in.Labels, &out.Labels
-		*out = make(map[string]string, len(*in))
-		for key, val := range *in {
-			(*out)[key] = val
-		}
+	out.ConfigMap = in.ConfigMap
+	out.PrivateKey = in.PrivateKey
+}
+
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new OCIConfig.
+func (in *OCIConfig) DeepCopy() *OCIConfig {
+	if in == nil {
+		return nil
 	}
-	if in.NamespaceSelector != nil {
-		in, out := &in.NamespaceSelector, &out.NamespaceSelector
-		*out = new(monitoringv1.NamespaceSelector)
-		(*in).DeepCopyInto(*out)
+	out := new(OCIConfig)
+	in.DeepCopyInto(out)
+	return out
+}
+
+// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
+func (in *SidecarConfig) DeepCopyInto(out *SidecarConfig) {
+	*out = *in
+	if in.Containers != nil {
+		in, out := &in.Containers, &out.Containers
+		*out = make([]v1.Container, len(*in))
+		for i := range *in {
+			(*in)[i].DeepCopyInto(&(*out)[i])
+		}
 	}
-	if in.Endpoints != nil {
-		in, out := &in.Endpoints, &out.Endpoints
-		*out = make([]monitoringv1.Endpoint, len(*in))
+	if in.Volumes != nil {
+		in, out := &in.Volumes, &out.Volumes
+		*out = make([]v1.Volume, len(*in))
 		for i := range *in {
 			(*in)[i].DeepCopyInto(&(*out)[i])
 		}
 	}
 }
 
-// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PrometheusServiceMonitor.
-func (in *PrometheusServiceMonitor) DeepCopy() *PrometheusServiceMonitor {
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new SidecarConfig.
+func (in *SidecarConfig) DeepCopy() *SidecarConfig {
+	if in == nil {
+		return nil
+	}
+	out := new(SidecarConfig)
+	in.DeepCopyInto(out)
+	return out
+}
+
+// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
+func (in *WalletSecret) DeepCopyInto(out *WalletSecret) {
+	*out = *in
+	if in.AdditionalWallets != nil {
+		in, out := &in.AdditionalWallets, &out.AdditionalWallets
+		*out = make([]AdditionalWalletSecrets, len(*in))
+		copy(*out, *in)
+	}
+}
+
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new WalletSecret.
+func (in *WalletSecret) DeepCopy() *WalletSecret {
 	if in == nil {
 		return nil
 	}
-	out := new(PrometheusServiceMonitor)
+	out := new(WalletSecret)
 	in.DeepCopyInto(out)
 	return out
 }
diff --git a/apis/observability/v4/databaseobserver_types.go b/apis/observability/v4/databaseobserver_types.go
index 2b9df606..c37c67e2 100644
--- a/apis/observability/v4/databaseobserver_types.go
+++ b/apis/observability/v4/databaseobserver_types.go
@@ -48,78 +48,107 @@ type StatusEnum string
 
 // DatabaseObserverSpec defines the desired state of DatabaseObserver
 type DatabaseObserverSpec struct {
-	Database         DatabaseObserverDatabase       `json:"database,omitempty"`
-	Exporter         DatabaseObserverExporterConfig `json:"exporter,omitempty"`
-	ExporterConfig   DatabaseObserverConfigMap      `json:"configuration,omitempty"`
-	Prometheus       PrometheusConfig               `json:"prometheus,omitempty"`
-	OCIConfig        OCIConfigSpec                  `json:"ociConfig,omitempty"`
-	Replicas         int32                          `json:"replicas,omitempty"`
-	Log              LogConfig                      `json:"log,omitempty"`
-	InheritLabels    []string                       `json:"inheritLabels,omitempty"`
-	ExporterSidecars []corev1.Container             `json:"sidecars,omitempty"`
-	SideCarVolumes   []corev1.Volume                `json:"sidecarVolumes,omitempty"`
+	Database       DatabaseConfig                 `json:"database,omitempty"`
+	Databases      map[string]MultiDatabaseConfig `json:"databases,omitempty"`
+	Wallet         WalletSecret                   `json:"wallet,omitempty"`
+	Deployment     ExporterDeployment             `json:"deployment,omitempty"`
+	Service        ExporterService                `json:"service,omitempty"`
+	ServiceMonitor ExporterServiceMonitor         `json:"serviceMonitor,omitempty"`
+	ExporterConfig ExporterConfig                 `json:"exporterConfig,omitempty"`
+	OCIConfig      OCIConfig                      `json:"ociConfig,omitempty"`
+	AzureConfig    AzureConfig                    `json:"azureConfig,omitempty"`
+	Metrics        MetricsConfig                  `json:"metrics,omitempty"`
+	Log            LogConfig                      `json:"log,omitempty"`
+	InheritLabels  []string                       `json:"inheritLabels,omitempty"`
+	Sidecar        SidecarConfig                  `json:"sidecar,omitempty"`
+	Replicas       int32                          `json:"replicas,omitempty"`
+}
+
+// SidecarConfig defines sidecar containers and volumes to add
+type SidecarConfig struct {
+	Containers []corev1.Container `json:"containers,omitempty"`
+	Volumes    []corev1.Volume    `json:"volumes,omitempty"`
+}
+
+// ExporterConfig defines configMap used for exporter configuration
+type ExporterConfig struct {
+	ConfigMap ConfigMapDetails `json:"configMap,omitempty"`
+	MountPath string           `json:"mountPath,omitempty"`
 }
 
 // LogConfig defines the configuration details relation to the logs of DatabaseObserver
 type LogConfig struct {
-	Path     string    `json:"path,omitempty"`
-	Filename string    `json:"filename,omitempty"`
-	Volume   LogVolume `json:"volume,omitempty"`
+	Disable     bool      `json:"disable,omitempty"`
+	Destination string    `json:"destination,omitempty"`
+	Filename    string    `json:"filename,omitempty"`
+	Volume      LogVolume `json:"volume,omitempty"`
 }
 
+// LogVolume defines the shared volume between the exporter container and other containers
 type LogVolume struct {
-	Name                  string           `json:"name,omitempty"`
-	PersistentVolumeClaim LogVolumePVClaim `json:"persistentVolumeClaim,omitempty"`
+	Name                  string       `json:"name,omitempty"`
+	PersistentVolumeClaim LogVolumePVC `json:"persistentVolumeClaim,omitempty"`
 }
 
-type LogVolumePVClaim struct {
+// LogVolumePVC defines the PVC in which to store the logs
+type LogVolumePVC struct {
 	ClaimName string `json:"claimName,omitempty"`
 }
 
-// DatabaseObserverDatabase defines the database details used for DatabaseObserver
-type DatabaseObserverDatabase struct {
-	DBUser             DBSecret          `json:"dbUser,omitempty"`
-	DBPassword         DBSecretWithVault `json:"dbPassword,omitempty"`
-	DBWallet           DBSecret          `json:"dbWallet,omitempty"`
-	DBConnectionString DBSecret          `json:"dbConnectionString,omitempty"`
+// DatabaseConfig defines the database details used for DatabaseObserver
+type DatabaseConfig struct {
+	DBUser             DBSecret     `json:"dbUser,omitempty"`
+	DBPassword         DBSecret     `json:"dbPassword,omitempty"`
+	DBConnectionString DBSecret     `json:"dbConnectionString,omitempty"`
+	OCIVault           DBOCIVault   `json:"oci,omitempty"`
+	AzureVault         DBAzureVault `json:"azure,omitempty"`
 }
 
-// DatabaseObserverExporterConfig defines the configuration details related to the exporters of DatabaseObserver
-type DatabaseObserverExporterConfig struct {
-	Deployment DatabaseObserverDeployment `json:"deployment,omitempty"`
-	Service    DatabaseObserverService    `json:"service,omitempty"`
+// MultiDatabaseConfig defines each database details used for DatabaseObserver
+type MultiDatabaseConfig struct {
+	DBUser             DBSecret `json:"dbUser,omitempty"`
+	DBPassword         DBSecret `json:"dbPassword,omitempty"`
+	DBConnectionString DBSecret `json:"dbConnectionString,omitempty"`
 }
 
-// DatabaseObserverDeployment defines the exporter deployment component of DatabaseObserver
-type DatabaseObserverDeployment struct {
-	ExporterImage         string                  `json:"image,omitempty"`
-	SecurityContext       *corev1.SecurityContext `json:"securityContext,omitempty"`
-	ExporterArgs          []string                `json:"args,omitempty"`
-	ExporterCommands      []string                `json:"commands,omitempty"`
-	ExporterEnvs          map[string]string       `json:"env,omitempty"`
-	Labels                map[string]string       `json:"labels,omitempty"`
-	DeploymentPodTemplate DeploymentPodTemplate   `json:"podTemplate,omitempty"`
+// DBAzureVault defines Azure Vault details
+type DBAzureVault struct {
+	VaultID             string `json:"vaultID,omitempty"`
+	VaultUsernameSecret string `json:"vaultUsernameSecret,omitempty"`
+	VaultPasswordSecret string `json:"vaultPasswordSecret,omitempty"`
+}
+
+// DBOCIVault defines OCI Vault details
+type DBOCIVault struct {
+	VaultID             string `json:"vaultID,omitempty"`
+	VaultPasswordSecret string `json:"vaultPasswordSecret,omitempty"`
+}
+
+// ExporterDeployment defines the exporter deployment component of DatabaseObserver
+type ExporterDeployment struct {
+	ExporterImage         string                     `json:"image,omitempty"`
+	SecurityContext       *corev1.SecurityContext    `json:"securityContext,omitempty"`
+	PodSecurityContext    *corev1.PodSecurityContext `json:"podSecurityContext,omitempty"`
+	ExporterArgs          []string                   `json:"args,omitempty"`
+	ExporterCommands      []string                   `json:"commands,omitempty"`
+	ExporterEnvs          map[string]string          `json:"env,omitempty"`
+	Labels                map[string]string          `json:"labels,omitempty"`
+	DeploymentPodTemplate DeploymentPodTemplate      `json:"podTemplate,omitempty"`
 }
 
 // DeploymentPodTemplate defines the labels for the DatabaseObserver pods component of a deployment
 type DeploymentPodTemplate struct {
-	SecurityContext *corev1.PodSecurityContext `json:"securityContext,omitempty"`
-	Labels          map[string]string          `json:"labels,omitempty"`
+	Labels map[string]string `json:"labels,omitempty"`
 }
 
-// DatabaseObserverService defines the exporter service component of DatabaseObserver
-type DatabaseObserverService struct {
+// ExporterService defines the exporter service component of DatabaseObserver
+type ExporterService struct {
 	Ports  []corev1.ServicePort `json:"ports,omitempty"`
 	Labels map[string]string    `json:"labels,omitempty"`
 }
 
-// PrometheusConfig defines the generated resources for Prometheus
-type PrometheusConfig struct {
-	ServiceMonitor PrometheusServiceMonitor `json:"serviceMonitor,omitempty"`
-}
-
-// PrometheusServiceMonitor defines DatabaseObserver servicemonitor spec
-type PrometheusServiceMonitor struct {
+// ExporterServiceMonitor defines DatabaseObserver servicemonitor spec
+type ExporterServiceMonitor struct {
 	Labels            map[string]string            `json:"labels,omitempty"`
 	NamespaceSelector *monitorv1.NamespaceSelector `json:"namespaceSelector,omitempty"`
 	Endpoints         []monitorv1.Endpoint         `json:"endpoints,omitempty"`
@@ -129,40 +158,57 @@ type PrometheusServiceMonitor struct {
 type DBSecret struct {
 	Key        string `json:"key,omitempty"`
 	SecretName string `json:"secret,omitempty"`
+	EnvName    string `json:"envName,omitempty"`
+}
+
+// WalletSecret defines secret and where the wallet will be mounted if provided
+type WalletSecret struct {
+	SecretName        string                    `json:"secret,omitempty"`
+	MountPath         string                    `json:"mountPath,omitempty"`
+	AdditionalWallets []AdditionalWalletSecrets `json:"additional,omitempty"`
 }
 
-// DBSecretWithVault  defines secrets used in reference with vault fields
-type DBSecretWithVault struct {
-	Key             string `json:"key,omitempty"`
-	SecretName      string `json:"secret,omitempty"`
-	VaultOCID       string `json:"vaultOCID,omitempty"`
-	VaultSecretName string `json:"vaultSecretName,omitempty"`
+// AdditionalWalletSecrets defines multiple other secrets and where the wallet will be mounted if provided
+type AdditionalWalletSecrets struct {
+	Name       string `json:"name,omitempty"`
+	SecretName string `json:"secret,omitempty"`
+	MountPath  string `json:"mountPath,omitempty"`
 }
 
-// DatabaseObserverConfigMap defines configMap used for metrics configuration
-type DatabaseObserverConfigMap struct {
-	Configmap ConfigMapDetails `json:"configMap,omitempty"`
+// MetricsConfig defines configMap used for multiple metrics TOML configuration
+type MetricsConfig struct {
+	Configmap []ConfigMapDetails `json:"configMap,omitempty"`
 }
 
-// ConfigMapDetails defines the configmap name
+// ConfigMapDetails defines the configmap name used by the exporterConfig and metricsConfig
 type ConfigMapDetails struct {
 	Key  string `json:"key,omitempty"`
 	Name string `json:"name,omitempty"`
 }
 
-// OCIConfigSpec defines the configmap name and secret name used for connecting to OCI
-type OCIConfigSpec struct {
-	ConfigMapName string `json:"configMapName,omitempty"`
-	SecretName    string `json:"secretName,omitempty"`
+// OCIConfig defines the configmap name and secret name used for connecting to OCI
+type OCIConfig struct {
+	ConfigMap  ConfigMapDetails `json:"configMap,omitempty"`
+	PrivateKey ConfigPrivateKey `json:"privateKey,omitempty"`
+	MountPath  string           `json:"mountPath,omitempty"`
+}
+
+type ConfigPrivateKey struct {
+	SecretName string `json:"secret,omitempty"`
+}
+
+// AzureConfig defines the configmap name and secret name used for connecting to Azure
+type AzureConfig struct {
+	ConfigMap ConfigMapDetails `json:"configMap,omitempty"`
 }
 
 // DatabaseObserverStatus defines the observed state of DatabaseObserver
 type DatabaseObserverStatus struct {
-	Conditions     []metav1.Condition `json:"conditions"`
-	Status         string             `json:"status,omitempty"`
-	ExporterConfig string             `json:"exporterConfig"`
-	Version        string             `json:"version"`
-	Replicas       int                `json:"replicas,omitempty"`
+	Conditions    []metav1.Condition `json:"conditions"`
+	Status        string             `json:"status,omitempty"`
+	MetricsConfig string             `json:"metricsConfig"`
+	Version       string             `json:"version"`
+	Replicas      int                `json:"replicas,omitempty"`
 }
 
 //+kubebuilder:object:root=true
@@ -170,7 +216,7 @@ type DatabaseObserverStatus struct {
 // +kubebuilder:resource:shortName="dbobserver";"dbobservers"
 
 // DatabaseObserver is the Schema for the databaseobservers API
-// +kubebuilder:printcolumn:JSONPath=".status.exporterConfig",name="ExporterConfig",type=string
+// +kubebuilder:printcolumn:JSONPath=".status.metricsConfig",name="MetricsConfig",type=string
 // +kubebuilder:printcolumn:JSONPath=".status.status",name="Status",type=string
 // +kubebuilder:printcolumn:JSONPath=".status.version",name="Version",type=string
 // +kubebuilder:storageversion
diff --git a/apis/observability/v4/databaseobserver_webhook.go b/apis/observability/v4/databaseobserver_webhook.go
index c0a5d8b7..3cb8be87 100644
--- a/apis/observability/v4/databaseobserver_webhook.go
+++ b/apis/observability/v4/databaseobserver_webhook.go
@@ -39,6 +39,7 @@
 package v4
 
 import (
+	"context"
 	dbcommons "github.com/oracle/oracle-database-operator/commons/database"
 	apierrors "k8s.io/apimachinery/pkg/api/errors"
 	"k8s.io/apimachinery/pkg/runtime"
@@ -48,7 +49,6 @@ import (
 	logf "sigs.k8s.io/controller-runtime/pkg/log"
 	"sigs.k8s.io/controller-runtime/pkg/webhook"
 	"sigs.k8s.io/controller-runtime/pkg/webhook/admission"
-	"strings"
 )
 
 // log is for logging in this package.
@@ -58,7 +58,7 @@ const (
 	AllowedExporterImage                       = "container-registry.oracle.com/database/observability-exporter"
 	ErrorSpecValidationMissingConnString       = "a required field for database connection string secret is missing or does not have a value"
 	ErrorSpecValidationMissingDBUser           = "a required field for database user secret is missing or does not have a value"
-	ErrorSpecValidationMissingDBVaultField     = "a field for the OCI vault has a value but the other required field is missing or does not have a value"
+	ErrorSpecValidationMissingVaultField       = "a field for configuring the vault has a value but the other required field(s) is missing or does not have a value"
 	ErrorSpecValidationMissingOCIConfig        = "a field(s) for the OCI Config is missing or does not have a value when fields for the OCI vault has values"
 	ErrorSpecValidationMissingDBPasswordSecret = "a required field for the database password secret is missing or does not have a value"
 	ErrorSpecExporterImageNotAllowed           = "a different exporter image was found, only official database exporter container images are currently supported"
@@ -67,116 +67,102 @@ const (
 func (r *DatabaseObserver) SetupWebhookWithManager(mgr ctrl.Manager) error {
 	return ctrl.NewWebhookManagedBy(mgr).
 		For(r).
+		WithDefaulter(r).
+		WithValidator(r).
 		Complete()
 }
 
 //+kubebuilder:webhook:path=/mutate-observability-oracle-com-v4-databaseobserver,mutating=true,sideEffects=none,failurePolicy=fail,groups=observability.oracle.com,resources=databaseobservers,verbs=create;update,versions=v4,name=mdatabaseobserver.kb.io,admissionReviewVersions=v1
 
-var _ webhook.Defaulter = &DatabaseObserver{}
+var _ webhook.CustomDefaulter = &DatabaseObserver{}
 
 // EDIT THIS FILE!  THIS IS SCAFFOLDING FOR YOU TO OWN!
 
-// Default implements webhook.Defaulter so a webhook will be registered for the type
-func (r *DatabaseObserver) Default() {
-	databaseobserverlog.Info("default", "name", r.Name)
+// Default implements webhook.CustomDefaulter so a webhook will be registered for the type
+func (r *DatabaseObserver) Default(ctx context.Context, obj runtime.Object) error {
+	obs := obj.(*DatabaseObserver)
+	databaseobserverlog.Info("default", "name", obs.Name)
+
+	return nil
 }
 
 //+kubebuilder:webhook:verbs=create;update,path=/validate-observability-oracle-com-v4-databaseobserver,mutating=false,sideEffects=none,failurePolicy=fail,groups=observability.oracle.com,resources=databaseobservers,versions=v4,name=vdatabaseobserver.kb.io,admissionReviewVersions=v1
 
-var _ webhook.Validator = &DatabaseObserver{}
+var _ webhook.CustomValidator = &DatabaseObserver{}
 
-// ValidateCreate implements webhook.Validator so a webhook will be registered for the type
-func (r *DatabaseObserver) ValidateCreate() (admission.Warnings, error) {
-	databaseobserverlog.Info("validate create", "name", r.Name)
+// ValidateCreate implements webhook.CustomValidator so a webhook will be registered for the type
+func (r *DatabaseObserver) ValidateCreate(ctx context.Context, obj runtime.Object) (admission.Warnings, error) {
+	obs := obj.(*DatabaseObserver)
+	databaseobserverlog.Info("validate create", "name", obs.Name)
 
 	var e field.ErrorList
 	ns := dbcommons.GetWatchNamespaces()
 
 	// Check for namespace/cluster scope access
-	if _, isDesiredNamespaceWithinScope := ns[r.Namespace]; !isDesiredNamespaceWithinScope && len(ns) > 0 {
+	if _, isDesiredNamespaceWithinScope := ns[obs.Namespace]; !isDesiredNamespaceWithinScope && len(ns) > 0 {
 		e = append(e,
-			field.Invalid(field.NewPath("metadata").Child("namespace"), r.Namespace,
+			field.Invalid(field.NewPath("metadata").Child("namespace"), obs.Namespace,
 				"Oracle database operator doesn't watch over this namespace"))
 	}
 
-	// Check required secret for db user has value
-	if r.Spec.Database.DBUser.SecretName == "" {
-		e = append(e,
-			field.Invalid(field.NewPath("spec").Child("database").Child("dbUser").Child("secret"), r.Spec.Database.DBUser.SecretName,
-				ErrorSpecValidationMissingDBUser))
-	}
-
-	// Check required secret for db connection string has value
-	if r.Spec.Database.DBConnectionString.SecretName == "" {
-		e = append(e,
-			field.Invalid(field.NewPath("spec").Child("database").Child("dbConnectionString").Child("secret"), r.Spec.Database.DBConnectionString.SecretName,
-				ErrorSpecValidationMissingConnString))
-	}
-
 	// The other vault field must have value if one does
-	if (r.Spec.Database.DBPassword.VaultOCID != "" && r.Spec.Database.DBPassword.VaultSecretName == "") ||
-		(r.Spec.Database.DBPassword.VaultSecretName != "" && r.Spec.Database.DBPassword.VaultOCID == "") {
-
-		e = append(e,
-			field.Invalid(field.NewPath("spec").Child("database").Child("dbPassword"), r.Spec.Database.DBPassword,
-				ErrorSpecValidationMissingDBVaultField))
-	}
-
-	// if vault fields have value, ociConfig must have values
-	if r.Spec.Database.DBPassword.VaultOCID != "" && r.Spec.Database.DBPassword.VaultSecretName != "" &&
-		(r.Spec.OCIConfig.SecretName == "" || r.Spec.OCIConfig.ConfigMapName == "") {
+	if (obs.Spec.Database.OCIVault.VaultID != "" && obs.Spec.Database.OCIVault.VaultPasswordSecret == "") ||
+		(obs.Spec.Database.OCIVault.VaultPasswordSecret != "" && obs.Spec.Database.OCIVault.VaultID == "") {
 
 		e = append(e,
-			field.Invalid(field.NewPath("spec").Child("ociConfig"), r.Spec.OCIConfig,
-				ErrorSpecValidationMissingOCIConfig))
+			field.Invalid(field.NewPath("spec").Child("database").Child("oci"), obs.Spec.Database.OCIVault,
+				ErrorSpecValidationMissingVaultField))
 	}
 
-	// If all of {DB Password Secret Name and vaultOCID+vaultSecretName} have no value, then error out
-	if r.Spec.Database.DBPassword.SecretName == "" &&
-		r.Spec.Database.DBPassword.VaultOCID == "" &&
-		r.Spec.Database.DBPassword.VaultSecretName == "" {
+	// The other vault field must have value if one does
+	if (obs.Spec.Database.AzureVault.VaultID != "" && (obs.Spec.Database.AzureVault.VaultPasswordSecret == "" && obs.Spec.Database.AzureVault.VaultUsernameSecret == "")) ||
+		(obs.Spec.Database.AzureVault.VaultPasswordSecret != "" && obs.Spec.Database.AzureVault.VaultID == "") ||
+		(obs.Spec.Database.AzureVault.VaultUsernameSecret != "" && obs.Spec.Database.AzureVault.VaultID == "") {
 
 		e = append(e,
-			field.Invalid(field.NewPath("spec").Child("database").Child("dbPassword").Child("secret"), r.Spec.Database.DBPassword.SecretName,
-				ErrorSpecValidationMissingDBPasswordSecret))
+			field.Invalid(field.NewPath("spec").Child("database").Child("azure"), obs.Spec.Database.AzureVault,
+				ErrorSpecValidationMissingVaultField))
 	}
 
 	// disallow usage of any other image than the observability-exporter
-	if r.Spec.Exporter.Deployment.ExporterImage != "" && !strings.HasPrefix(r.Spec.Exporter.Deployment.ExporterImage, AllowedExporterImage) {
-		e = append(e,
-			field.Invalid(field.NewPath("spec").Child("exporter").Child("image"), r.Spec.Exporter.Deployment.ExporterImage,
-				ErrorSpecExporterImageNotAllowed))
-	}
+	// temporarily disabled
+	//if r.Spec.Deployment.ExporterImage != "" && !strings.HasPrefix(r.Spec.Deployment.ExporterImage, AllowedExporterImage) {
+	//	e = append(e,
+	//		field.Invalid(field.NewPath("spec").Child("exporter").Child("image"), r.Spec.Deployment.ExporterImage,
+	//			ErrorSpecExporterImageNotAllowed))
+	//}
 
 	// Return if any errors
 	if len(e) > 0 {
-		return nil, apierrors.NewInvalid(schema.GroupKind{Group: "observability.oracle.com", Kind: "DatabaseObserver"}, r.Name, e)
+		return nil, apierrors.NewInvalid(schema.GroupKind{Group: "observability.oracle.com", Kind: "DatabaseObserver"}, obs.Name, e)
 	}
 	return nil, nil
 
 }
 
-// ValidateUpdate implements webhook.Validator so a webhook will be registered for the type
-func (r *DatabaseObserver) ValidateUpdate(old runtime.Object) (admission.Warnings, error) {
-	databaseobserverlog.Info("validate update", "name", r.Name)
+// ValidateUpdate implements webhook.CustomValidator so a webhook will be registered for the type
+func (r *DatabaseObserver) ValidateUpdate(ctx context.Context, oldObj, newObj runtime.Object) (admission.Warnings, error) {
+	obs := newObj.(*DatabaseObserver)
+	databaseobserverlog.Info("validate update", "name", obs.Name)
 	var e field.ErrorList
 
 	// disallow usage of any other image than the observability-exporter
-	if r.Spec.Exporter.Deployment.ExporterImage != "" && !strings.HasPrefix(r.Spec.Exporter.Deployment.ExporterImage, AllowedExporterImage) {
-		e = append(e,
-			field.Invalid(field.NewPath("spec").Child("exporter").Child("image"), r.Spec.Exporter.Deployment.ExporterImage,
-				ErrorSpecExporterImageNotAllowed))
-	}
+	//if r.Spec.Deployment.ExporterImage != "" && !strings.HasPrefix(obs.Spec.Deployment.ExporterImage, AllowedExporterImage) {
+	//	e = append(e,
+	//		field.Invalid(field.NewPath("spec").Child("exporter").Child("image"), obs.Spec.Deployment.ExporterImage,
+	//			ErrorSpecExporterImageNotAllowed))
+	//}
 	// Return if any errors
 	if len(e) > 0 {
-		return nil, apierrors.NewInvalid(schema.GroupKind{Group: "observability.oracle.com", Kind: "DatabaseObserver"}, r.Name, e)
+		return nil, apierrors.NewInvalid(schema.GroupKind{Group: "observability.oracle.com", Kind: "DatabaseObserver"}, obs.Name, e)
 	}
 	return nil, nil
 }
 
-// ValidateDelete implements webhook.Validator so a webhook will be registered for the type
-func (r *DatabaseObserver) ValidateDelete() (admission.Warnings, error) {
-	databaseobserverlog.Info("validate delete", "name", r.Name)
+// ValidateDelete implements webhook.CustomValidator so a webhook will be registered for the type
+func (r *DatabaseObserver) ValidateDelete(ctx context.Context, obj runtime.Object) (admission.Warnings, error) {
+	obs := obj.(*DatabaseObserver)
+	databaseobserverlog.Info("validate delete", "name", obs.Name)
 
 	return nil, nil
 }
diff --git a/apis/observability/v4/zz_generated.deepcopy.go b/apis/observability/v4/zz_generated.deepcopy.go
index d9892643..1d3e1c11 100644
--- a/apis/observability/v4/zz_generated.deepcopy.go
+++ b/apis/observability/v4/zz_generated.deepcopy.go
@@ -50,174 +50,158 @@ import (
 )
 
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
-func (in *ConfigMapDetails) DeepCopyInto(out *ConfigMapDetails) {
+func (in *AdditionalWalletSecrets) DeepCopyInto(out *AdditionalWalletSecrets) {
 	*out = *in
 }
 
-// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ConfigMapDetails.
-func (in *ConfigMapDetails) DeepCopy() *ConfigMapDetails {
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AdditionalWalletSecrets.
+func (in *AdditionalWalletSecrets) DeepCopy() *AdditionalWalletSecrets {
 	if in == nil {
 		return nil
 	}
-	out := new(ConfigMapDetails)
+	out := new(AdditionalWalletSecrets)
 	in.DeepCopyInto(out)
 	return out
 }
 
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
-func (in *DBSecret) DeepCopyInto(out *DBSecret) {
+func (in *AzureConfig) DeepCopyInto(out *AzureConfig) {
 	*out = *in
+	out.ConfigMap = in.ConfigMap
 }
 
-// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new DBSecret.
-func (in *DBSecret) DeepCopy() *DBSecret {
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AzureConfig.
+func (in *AzureConfig) DeepCopy() *AzureConfig {
 	if in == nil {
 		return nil
 	}
-	out := new(DBSecret)
+	out := new(AzureConfig)
 	in.DeepCopyInto(out)
 	return out
 }
 
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
-func (in *DBSecretWithVault) DeepCopyInto(out *DBSecretWithVault) {
+func (in *ConfigMapDetails) DeepCopyInto(out *ConfigMapDetails) {
 	*out = *in
 }
 
-// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new DBSecretWithVault.
-func (in *DBSecretWithVault) DeepCopy() *DBSecretWithVault {
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ConfigMapDetails.
+func (in *ConfigMapDetails) DeepCopy() *ConfigMapDetails {
 	if in == nil {
 		return nil
 	}
-	out := new(DBSecretWithVault)
+	out := new(ConfigMapDetails)
 	in.DeepCopyInto(out)
 	return out
 }
 
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
-func (in *DatabaseObserver) DeepCopyInto(out *DatabaseObserver) {
+func (in *ConfigPrivateKey) DeepCopyInto(out *ConfigPrivateKey) {
 	*out = *in
-	out.TypeMeta = in.TypeMeta
-	in.ObjectMeta.DeepCopyInto(&out.ObjectMeta)
-	in.Spec.DeepCopyInto(&out.Spec)
-	in.Status.DeepCopyInto(&out.Status)
 }
 
-// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new DatabaseObserver.
-func (in *DatabaseObserver) DeepCopy() *DatabaseObserver {
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ConfigPrivateKey.
+func (in *ConfigPrivateKey) DeepCopy() *ConfigPrivateKey {
 	if in == nil {
 		return nil
 	}
-	out := new(DatabaseObserver)
+	out := new(ConfigPrivateKey)
 	in.DeepCopyInto(out)
 	return out
 }
 
-// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.
-func (in *DatabaseObserver) DeepCopyObject() runtime.Object {
-	if c := in.DeepCopy(); c != nil {
-		return c
+// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
+func (in *DBAzureVault) DeepCopyInto(out *DBAzureVault) {
+	*out = *in
+}
+
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new DBAzureVault.
+func (in *DBAzureVault) DeepCopy() *DBAzureVault {
+	if in == nil {
+		return nil
 	}
-	return nil
+	out := new(DBAzureVault)
+	in.DeepCopyInto(out)
+	return out
 }
 
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
-func (in *DatabaseObserverConfigMap) DeepCopyInto(out *DatabaseObserverConfigMap) {
+func (in *DBOCIVault) DeepCopyInto(out *DBOCIVault) {
 	*out = *in
-	out.Configmap = in.Configmap
 }
 
-// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new DatabaseObserverConfigMap.
-func (in *DatabaseObserverConfigMap) DeepCopy() *DatabaseObserverConfigMap {
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new DBOCIVault.
+func (in *DBOCIVault) DeepCopy() *DBOCIVault {
 	if in == nil {
 		return nil
 	}
-	out := new(DatabaseObserverConfigMap)
+	out := new(DBOCIVault)
 	in.DeepCopyInto(out)
 	return out
 }
 
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
-func (in *DatabaseObserverDatabase) DeepCopyInto(out *DatabaseObserverDatabase) {
+func (in *DBSecret) DeepCopyInto(out *DBSecret) {
 	*out = *in
-	out.DBUser = in.DBUser
-	out.DBPassword = in.DBPassword
-	out.DBWallet = in.DBWallet
-	out.DBConnectionString = in.DBConnectionString
 }
 
-// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new DatabaseObserverDatabase.
-func (in *DatabaseObserverDatabase) DeepCopy() *DatabaseObserverDatabase {
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new DBSecret.
+func (in *DBSecret) DeepCopy() *DBSecret {
 	if in == nil {
 		return nil
 	}
-	out := new(DatabaseObserverDatabase)
+	out := new(DBSecret)
 	in.DeepCopyInto(out)
 	return out
 }
 
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
-func (in *DatabaseObserverDeployment) DeepCopyInto(out *DatabaseObserverDeployment) {
+func (in *DatabaseConfig) DeepCopyInto(out *DatabaseConfig) {
 	*out = *in
-	if in.SecurityContext != nil {
-		in, out := &in.SecurityContext, &out.SecurityContext
-		*out = new(v1.SecurityContext)
-		(*in).DeepCopyInto(*out)
-	}
-	if in.ExporterArgs != nil {
-		in, out := &in.ExporterArgs, &out.ExporterArgs
-		*out = make([]string, len(*in))
-		copy(*out, *in)
-	}
-	if in.ExporterCommands != nil {
-		in, out := &in.ExporterCommands, &out.ExporterCommands
-		*out = make([]string, len(*in))
-		copy(*out, *in)
-	}
-	if in.ExporterEnvs != nil {
-		in, out := &in.ExporterEnvs, &out.ExporterEnvs
-		*out = make(map[string]string, len(*in))
-		for key, val := range *in {
-			(*out)[key] = val
-		}
-	}
-	if in.Labels != nil {
-		in, out := &in.Labels, &out.Labels
-		*out = make(map[string]string, len(*in))
-		for key, val := range *in {
-			(*out)[key] = val
-		}
-	}
-	in.DeploymentPodTemplate.DeepCopyInto(&out.DeploymentPodTemplate)
+	out.DBUser = in.DBUser
+	out.DBPassword = in.DBPassword
+	out.DBConnectionString = in.DBConnectionString
+	out.OCIVault = in.OCIVault
+	out.AzureVault = in.AzureVault
 }
 
-// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new DatabaseObserverDeployment.
-func (in *DatabaseObserverDeployment) DeepCopy() *DatabaseObserverDeployment {
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new DatabaseConfig.
+func (in *DatabaseConfig) DeepCopy() *DatabaseConfig {
 	if in == nil {
 		return nil
 	}
-	out := new(DatabaseObserverDeployment)
+	out := new(DatabaseConfig)
 	in.DeepCopyInto(out)
 	return out
 }
 
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
-func (in *DatabaseObserverExporterConfig) DeepCopyInto(out *DatabaseObserverExporterConfig) {
+func (in *DatabaseObserver) DeepCopyInto(out *DatabaseObserver) {
 	*out = *in
-	in.Deployment.DeepCopyInto(&out.Deployment)
-	in.Service.DeepCopyInto(&out.Service)
+	out.TypeMeta = in.TypeMeta
+	in.ObjectMeta.DeepCopyInto(&out.ObjectMeta)
+	in.Spec.DeepCopyInto(&out.Spec)
+	in.Status.DeepCopyInto(&out.Status)
 }
 
-// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new DatabaseObserverExporterConfig.
-func (in *DatabaseObserverExporterConfig) DeepCopy() *DatabaseObserverExporterConfig {
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new DatabaseObserver.
+func (in *DatabaseObserver) DeepCopy() *DatabaseObserver {
 	if in == nil {
 		return nil
 	}
-	out := new(DatabaseObserverExporterConfig)
+	out := new(DatabaseObserver)
 	in.DeepCopyInto(out)
 	return out
 }
 
+// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.
+func (in *DatabaseObserver) DeepCopyObject() runtime.Object {
+	if c := in.DeepCopy(); c != nil {
+		return c
+	}
+	return nil
+}
+
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
 func (in *DatabaseObserverList) DeepCopyInto(out *DatabaseObserverList) {
 	*out = *in
@@ -251,15 +235,68 @@ func (in *DatabaseObserverList) DeepCopyObject() runtime.Object {
 }
 
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
-func (in *DatabaseObserverService) DeepCopyInto(out *DatabaseObserverService) {
+func (in *DatabaseObserverSpec) DeepCopyInto(out *DatabaseObserverSpec) {
 	*out = *in
-	if in.Ports != nil {
-		in, out := &in.Ports, &out.Ports
-		*out = make([]v1.ServicePort, len(*in))
+	out.Database = in.Database
+	if in.Databases != nil {
+		in, out := &in.Databases, &out.Databases
+		*out = make(map[string]MultiDatabaseConfig, len(*in))
+		for key, val := range *in {
+			(*out)[key] = val
+		}
+	}
+	in.Wallet.DeepCopyInto(&out.Wallet)
+	in.Deployment.DeepCopyInto(&out.Deployment)
+	in.Service.DeepCopyInto(&out.Service)
+	in.ServiceMonitor.DeepCopyInto(&out.ServiceMonitor)
+	out.ExporterConfig = in.ExporterConfig
+	out.OCIConfig = in.OCIConfig
+	out.AzureConfig = in.AzureConfig
+	in.Metrics.DeepCopyInto(&out.Metrics)
+	out.Log = in.Log
+	if in.InheritLabels != nil {
+		in, out := &in.InheritLabels, &out.InheritLabels
+		*out = make([]string, len(*in))
+		copy(*out, *in)
+	}
+	in.Sidecar.DeepCopyInto(&out.Sidecar)
+}
+
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new DatabaseObserverSpec.
+func (in *DatabaseObserverSpec) DeepCopy() *DatabaseObserverSpec {
+	if in == nil {
+		return nil
+	}
+	out := new(DatabaseObserverSpec)
+	in.DeepCopyInto(out)
+	return out
+}
+
+// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
+func (in *DatabaseObserverStatus) DeepCopyInto(out *DatabaseObserverStatus) {
+	*out = *in
+	if in.Conditions != nil {
+		in, out := &in.Conditions, &out.Conditions
+		*out = make([]metav1.Condition, len(*in))
 		for i := range *in {
 			(*in)[i].DeepCopyInto(&(*out)[i])
 		}
 	}
+}
+
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new DatabaseObserverStatus.
+func (in *DatabaseObserverStatus) DeepCopy() *DatabaseObserverStatus {
+	if in == nil {
+		return nil
+	}
+	out := new(DatabaseObserverStatus)
+	in.DeepCopyInto(out)
+	return out
+}
+
+// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
+func (in *DeploymentPodTemplate) DeepCopyInto(out *DeploymentPodTemplate) {
+	*out = *in
 	if in.Labels != nil {
 		in, out := &in.Labels, &out.Labels
 		*out = make(map[string]string, len(*in))
@@ -269,86 +306,114 @@ func (in *DatabaseObserverService) DeepCopyInto(out *DatabaseObserverService) {
 	}
 }
 
-// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new DatabaseObserverService.
-func (in *DatabaseObserverService) DeepCopy() *DatabaseObserverService {
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new DeploymentPodTemplate.
+func (in *DeploymentPodTemplate) DeepCopy() *DeploymentPodTemplate {
 	if in == nil {
 		return nil
 	}
-	out := new(DatabaseObserverService)
+	out := new(DeploymentPodTemplate)
 	in.DeepCopyInto(out)
 	return out
 }
 
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
-func (in *DatabaseObserverSpec) DeepCopyInto(out *DatabaseObserverSpec) {
+func (in *ExporterConfig) DeepCopyInto(out *ExporterConfig) {
 	*out = *in
-	out.Database = in.Database
-	in.Exporter.DeepCopyInto(&out.Exporter)
-	out.ExporterConfig = in.ExporterConfig
-	in.Prometheus.DeepCopyInto(&out.Prometheus)
-	out.OCIConfig = in.OCIConfig
-	out.Log = in.Log
-	if in.InheritLabels != nil {
-		in, out := &in.InheritLabels, &out.InheritLabels
+	out.ConfigMap = in.ConfigMap
+}
+
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ExporterConfig.
+func (in *ExporterConfig) DeepCopy() *ExporterConfig {
+	if in == nil {
+		return nil
+	}
+	out := new(ExporterConfig)
+	in.DeepCopyInto(out)
+	return out
+}
+
+// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
+func (in *ExporterDeployment) DeepCopyInto(out *ExporterDeployment) {
+	*out = *in
+	if in.SecurityContext != nil {
+		in, out := &in.SecurityContext, &out.SecurityContext
+		*out = new(v1.SecurityContext)
+		(*in).DeepCopyInto(*out)
+	}
+	if in.PodSecurityContext != nil {
+		in, out := &in.PodSecurityContext, &out.PodSecurityContext
+		*out = new(v1.PodSecurityContext)
+		(*in).DeepCopyInto(*out)
+	}
+	if in.ExporterArgs != nil {
+		in, out := &in.ExporterArgs, &out.ExporterArgs
 		*out = make([]string, len(*in))
 		copy(*out, *in)
 	}
-	if in.ExporterSidecars != nil {
-		in, out := &in.ExporterSidecars, &out.ExporterSidecars
-		*out = make([]v1.Container, len(*in))
-		for i := range *in {
-			(*in)[i].DeepCopyInto(&(*out)[i])
+	if in.ExporterCommands != nil {
+		in, out := &in.ExporterCommands, &out.ExporterCommands
+		*out = make([]string, len(*in))
+		copy(*out, *in)
+	}
+	if in.ExporterEnvs != nil {
+		in, out := &in.ExporterEnvs, &out.ExporterEnvs
+		*out = make(map[string]string, len(*in))
+		for key, val := range *in {
+			(*out)[key] = val
 		}
 	}
-	if in.SideCarVolumes != nil {
-		in, out := &in.SideCarVolumes, &out.SideCarVolumes
-		*out = make([]v1.Volume, len(*in))
-		for i := range *in {
-			(*in)[i].DeepCopyInto(&(*out)[i])
+	if in.Labels != nil {
+		in, out := &in.Labels, &out.Labels
+		*out = make(map[string]string, len(*in))
+		for key, val := range *in {
+			(*out)[key] = val
 		}
 	}
+	in.DeploymentPodTemplate.DeepCopyInto(&out.DeploymentPodTemplate)
 }
 
-// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new DatabaseObserverSpec.
-func (in *DatabaseObserverSpec) DeepCopy() *DatabaseObserverSpec {
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ExporterDeployment.
+func (in *ExporterDeployment) DeepCopy() *ExporterDeployment {
 	if in == nil {
 		return nil
 	}
-	out := new(DatabaseObserverSpec)
+	out := new(ExporterDeployment)
 	in.DeepCopyInto(out)
 	return out
 }
 
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
-func (in *DatabaseObserverStatus) DeepCopyInto(out *DatabaseObserverStatus) {
+func (in *ExporterService) DeepCopyInto(out *ExporterService) {
 	*out = *in
-	if in.Conditions != nil {
-		in, out := &in.Conditions, &out.Conditions
-		*out = make([]metav1.Condition, len(*in))
+	if in.Ports != nil {
+		in, out := &in.Ports, &out.Ports
+		*out = make([]v1.ServicePort, len(*in))
 		for i := range *in {
 			(*in)[i].DeepCopyInto(&(*out)[i])
 		}
 	}
+	if in.Labels != nil {
+		in, out := &in.Labels, &out.Labels
+		*out = make(map[string]string, len(*in))
+		for key, val := range *in {
+			(*out)[key] = val
+		}
+	}
 }
 
-// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new DatabaseObserverStatus.
-func (in *DatabaseObserverStatus) DeepCopy() *DatabaseObserverStatus {
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ExporterService.
+func (in *ExporterService) DeepCopy() *ExporterService {
 	if in == nil {
 		return nil
 	}
-	out := new(DatabaseObserverStatus)
+	out := new(ExporterService)
 	in.DeepCopyInto(out)
 	return out
 }
 
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
-func (in *DeploymentPodTemplate) DeepCopyInto(out *DeploymentPodTemplate) {
+func (in *ExporterServiceMonitor) DeepCopyInto(out *ExporterServiceMonitor) {
 	*out = *in
-	if in.SecurityContext != nil {
-		in, out := &in.SecurityContext, &out.SecurityContext
-		*out = new(v1.PodSecurityContext)
-		(*in).DeepCopyInto(*out)
-	}
 	if in.Labels != nil {
 		in, out := &in.Labels, &out.Labels
 		*out = make(map[string]string, len(*in))
@@ -356,14 +421,26 @@ func (in *DeploymentPodTemplate) DeepCopyInto(out *DeploymentPodTemplate) {
 			(*out)[key] = val
 		}
 	}
+	if in.NamespaceSelector != nil {
+		in, out := &in.NamespaceSelector, &out.NamespaceSelector
+		*out = new(monitoringv1.NamespaceSelector)
+		(*in).DeepCopyInto(*out)
+	}
+	if in.Endpoints != nil {
+		in, out := &in.Endpoints, &out.Endpoints
+		*out = make([]monitoringv1.Endpoint, len(*in))
+		for i := range *in {
+			(*in)[i].DeepCopyInto(&(*out)[i])
+		}
+	}
 }
 
-// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new DeploymentPodTemplate.
-func (in *DeploymentPodTemplate) DeepCopy() *DeploymentPodTemplate {
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ExporterServiceMonitor.
+func (in *ExporterServiceMonitor) DeepCopy() *ExporterServiceMonitor {
 	if in == nil {
 		return nil
 	}
-	out := new(DeploymentPodTemplate)
+	out := new(ExporterServiceMonitor)
 	in.DeepCopyInto(out)
 	return out
 }
@@ -401,81 +478,120 @@ func (in *LogVolume) DeepCopy() *LogVolume {
 }
 
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
-func (in *LogVolumePVClaim) DeepCopyInto(out *LogVolumePVClaim) {
+func (in *LogVolumePVC) DeepCopyInto(out *LogVolumePVC) {
 	*out = *in
 }
 
-// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new LogVolumePVClaim.
-func (in *LogVolumePVClaim) DeepCopy() *LogVolumePVClaim {
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new LogVolumePVC.
+func (in *LogVolumePVC) DeepCopy() *LogVolumePVC {
 	if in == nil {
 		return nil
 	}
-	out := new(LogVolumePVClaim)
+	out := new(LogVolumePVC)
 	in.DeepCopyInto(out)
 	return out
 }
 
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
-func (in *OCIConfigSpec) DeepCopyInto(out *OCIConfigSpec) {
+func (in *MetricsConfig) DeepCopyInto(out *MetricsConfig) {
 	*out = *in
+	if in.Configmap != nil {
+		in, out := &in.Configmap, &out.Configmap
+		*out = make([]ConfigMapDetails, len(*in))
+		copy(*out, *in)
+	}
 }
 
-// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new OCIConfigSpec.
-func (in *OCIConfigSpec) DeepCopy() *OCIConfigSpec {
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new MetricsConfig.
+func (in *MetricsConfig) DeepCopy() *MetricsConfig {
 	if in == nil {
 		return nil
 	}
-	out := new(OCIConfigSpec)
+	out := new(MetricsConfig)
 	in.DeepCopyInto(out)
 	return out
 }
 
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
-func (in *PrometheusConfig) DeepCopyInto(out *PrometheusConfig) {
+func (in *MultiDatabaseConfig) DeepCopyInto(out *MultiDatabaseConfig) {
 	*out = *in
-	in.ServiceMonitor.DeepCopyInto(&out.ServiceMonitor)
+	out.DBUser = in.DBUser
+	out.DBPassword = in.DBPassword
+	out.DBConnectionString = in.DBConnectionString
 }
 
-// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PrometheusConfig.
-func (in *PrometheusConfig) DeepCopy() *PrometheusConfig {
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new MultiDatabaseConfig.
+func (in *MultiDatabaseConfig) DeepCopy() *MultiDatabaseConfig {
 	if in == nil {
 		return nil
 	}
-	out := new(PrometheusConfig)
+	out := new(MultiDatabaseConfig)
 	in.DeepCopyInto(out)
 	return out
 }
 
 // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
-func (in *PrometheusServiceMonitor) DeepCopyInto(out *PrometheusServiceMonitor) {
+func (in *OCIConfig) DeepCopyInto(out *OCIConfig) {
 	*out = *in
-	if in.Labels != nil {
-		in, out := &in.Labels, &out.Labels
-		*out = make(map[string]string, len(*in))
-		for key, val := range *in {
-			(*out)[key] = val
-		}
+	out.ConfigMap = in.ConfigMap
+	out.PrivateKey = in.PrivateKey
+}
+
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new OCIConfig.
+func (in *OCIConfig) DeepCopy() *OCIConfig {
+	if in == nil {
+		return nil
 	}
-	if in.NamespaceSelector != nil {
-		in, out := &in.NamespaceSelector, &out.NamespaceSelector
-		*out = new(monitoringv1.NamespaceSelector)
-		(*in).DeepCopyInto(*out)
+	out := new(OCIConfig)
+	in.DeepCopyInto(out)
+	return out
+}
+
+// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
+func (in *SidecarConfig) DeepCopyInto(out *SidecarConfig) {
+	*out = *in
+	if in.Containers != nil {
+		in, out := &in.Containers, &out.Containers
+		*out = make([]v1.Container, len(*in))
+		for i := range *in {
+			(*in)[i].DeepCopyInto(&(*out)[i])
+		}
 	}
-	if in.Endpoints != nil {
-		in, out := &in.Endpoints, &out.Endpoints
-		*out = make([]monitoringv1.Endpoint, len(*in))
+	if in.Volumes != nil {
+		in, out := &in.Volumes, &out.Volumes
+		*out = make([]v1.Volume, len(*in))
 		for i := range *in {
 			(*in)[i].DeepCopyInto(&(*out)[i])
 		}
 	}
 }
 
-// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PrometheusServiceMonitor.
-func (in *PrometheusServiceMonitor) DeepCopy() *PrometheusServiceMonitor {
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new SidecarConfig.
+func (in *SidecarConfig) DeepCopy() *SidecarConfig {
+	if in == nil {
+		return nil
+	}
+	out := new(SidecarConfig)
+	in.DeepCopyInto(out)
+	return out
+}
+
+// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
+func (in *WalletSecret) DeepCopyInto(out *WalletSecret) {
+	*out = *in
+	if in.AdditionalWallets != nil {
+		in, out := &in.AdditionalWallets, &out.AdditionalWallets
+		*out = make([]AdditionalWalletSecrets, len(*in))
+		copy(*out, *in)
+	}
+}
+
+// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new WalletSecret.
+func (in *WalletSecret) DeepCopy() *WalletSecret {
 	if in == nil {
 		return nil
 	}
-	out := new(PrometheusServiceMonitor)
+	out := new(WalletSecret)
 	in.DeepCopyInto(out)
 	return out
 }
diff --git a/bundle.Dockerfile b/bundle.Dockerfile
index d591c4ef..609d09c0 100644
--- a/bundle.Dockerfile
+++ b/bundle.Dockerfile
@@ -1,7 +1,3 @@
-# Copyright (c) 2022, Oracle and/or its affiliates.
-# Licensed under the Universal Permissive License v 1.0 as shown at https://oss.oracle.com/licenses/upl.
-#
-
 FROM scratch
 
 # Core bundle labels.
@@ -10,16 +6,10 @@ LABEL operators.operatorframework.io.bundle.manifests.v1=manifests/
 LABEL operators.operatorframework.io.bundle.metadata.v1=metadata/
 LABEL operators.operatorframework.io.bundle.package.v1=oracle-database-operator
 LABEL operators.operatorframework.io.bundle.channels.v1=alpha
-LABEL operators.operatorframework.io.bundle.channel.default.v1=alpha
+LABEL operators.operatorframework.io.metrics.builder=operator-sdk-v1.40.0
 LABEL operators.operatorframework.io.metrics.mediatype.v1=metrics+v1
-LABEL operators.operatorframework.io.metrics.builder=operator-sdk-v1.6.1+git
-LABEL operators.operatorframework.io.metrics.project_layout=go.kubebuilder.io/v2
-
-# Labels for testing.
-LABEL operators.operatorframework.io.test.mediatype.v1=scorecard+v1
-LABEL operators.operatorframework.io.test.config.v1=tests/scorecard/
+LABEL operators.operatorframework.io.metrics.project_layout=go.kubebuilder.io/v4
 
 # Copy files to locations specified by labels.
 COPY bundle/manifests /manifests/
 COPY bundle/metadata /metadata/
-COPY bundle/tests/scorecard /tests/scorecard/
diff --git a/config/database.oracle.com_autonomouscontainerdatabases.yaml b/bundle/manifests/database.oracle.com_autonomouscontainerdatabases.yaml
similarity index 50%
rename from config/database.oracle.com_autonomouscontainerdatabases.yaml
rename to bundle/manifests/database.oracle.com_autonomouscontainerdatabases.yaml
index bac3a28c..1cae1263 100644
--- a/config/database.oracle.com_autonomouscontainerdatabases.yaml
+++ b/bundle/manifests/database.oracle.com_autonomouscontainerdatabases.yaml
@@ -1,13 +1,24 @@
-
----
 apiVersion: apiextensions.k8s.io/v1
 kind: CustomResourceDefinition
 metadata:
   annotations:
-    controller-gen.kubebuilder.io/version: v0.6.1
+    cert-manager.io/inject-ca-from: oracle-database-operator-system/oracle-database-operator-serving-cert
+    controller-gen.kubebuilder.io/version: v0.16.5
   creationTimestamp: null
   name: autonomouscontainerdatabases.database.oracle.com
 spec:
+  conversion:
+    strategy: Webhook
+    webhook:
+      clientConfig:
+        service:
+          name: oracle-database-operator-webhook-service
+          namespace: oracle-database-operator-system
+          path: /convert
+      conversionReviewVersions:
+      - v1alpha1
+      - v1
+      - v4
   group: database.oracle.com
   names:
     kind: AutonomousContainerDatabase
@@ -32,24 +43,14 @@ spec:
     name: v1alpha1
     schema:
       openAPIV3Schema:
-        description: AutonomousContainerDatabase is the Schema for the autonomouscontainerdatabases
-          API
         properties:
           apiVersion:
-            description: 'APIVersion defines the versioned schema of this representation
-              of an object. Servers should convert recognized schemas to the latest
-              internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
             type: string
           kind:
-            description: 'Kind is a string value representing the REST resource this
-              object represents. Servers may infer this from the endpoint the client
-              submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
             type: string
           metadata:
             type: object
           spec:
-            description: AutonomousContainerDatabaseSpec defines the desired state
-              of AutonomousContainerDatabase
             properties:
               action:
                 enum:
@@ -58,8 +59,6 @@ spec:
                 - TERMINATE
                 type: string
               autonomousContainerDatabaseOCID:
-                description: 'INSERT ADDITIONAL SPEC FIELDS - desired state of cluster
-                  Important: Run "make" to regenerate code after modifying this file'
                 type: string
               autonomousExadataVMClusterOCID:
                 type: string
@@ -75,7 +74,6 @@ spec:
                 default: false
                 type: boolean
               ociConfig:
-                description: "*********************** *\tOCI config ***********************"
                 properties:
                   configMapName:
                     type: string
@@ -83,21 +81,84 @@ spec:
                     type: string
                 type: object
               patchModel:
-                description: 'AutonomousContainerDatabasePatchModelEnum Enum with
-                  underlying type: string'
                 enum:
                 - RELEASE_UPDATES
                 - RELEASE_UPDATE_REVISIONS
                 type: string
             type: object
           status:
-            description: AutonomousContainerDatabaseStatus defines the observed state
-              of AutonomousContainerDatabase
             properties:
               lifecycleState:
-                description: 'INSERT ADDITIONAL STATUS FIELD - define observed state
-                  of cluster Important: Run "make" to regenerate code after modifying
-                  this file'
+                type: string
+              timeCreated:
+                type: string
+            required:
+            - lifecycleState
+            type: object
+        type: object
+    served: true
+    storage: false
+    subresources:
+      status: {}
+  - additionalPrinterColumns:
+    - jsonPath: .spec.displayName
+      name: DisplayName
+      type: string
+    - jsonPath: .status.lifecycleState
+      name: State
+      type: string
+    - jsonPath: .status.timeCreated
+      name: Created
+      type: string
+    name: v4
+    schema:
+      openAPIV3Schema:
+        properties:
+          apiVersion:
+            type: string
+          kind:
+            type: string
+          metadata:
+            type: object
+          spec:
+            properties:
+              action:
+                enum:
+                - SYNC
+                - RESTART
+                - TERMINATE
+                type: string
+              autonomousContainerDatabaseOCID:
+                type: string
+              autonomousExadataVMClusterOCID:
+                type: string
+              compartmentOCID:
+                type: string
+              displayName:
+                type: string
+              freeformTags:
+                additionalProperties:
+                  type: string
+                type: object
+              hardLink:
+                default: false
+                type: boolean
+              ociConfig:
+                properties:
+                  configMapName:
+                    type: string
+                  secretName:
+                    type: string
+                type: object
+              patchModel:
+                enum:
+                - RELEASE_UPDATES
+                - RELEASE_UPDATE_REVISIONS
+                type: string
+            type: object
+          status:
+            properties:
+              lifecycleState:
                 type: string
               timeCreated:
                 type: string
@@ -113,5 +174,5 @@ status:
   acceptedNames:
     kind: ""
     plural: ""
-  conditions: []
-  storedVersions: []
+  conditions: null
+  storedVersions: null
diff --git a/config/database.oracle.com_autonomousdatabasebackups.yaml b/bundle/manifests/database.oracle.com_autonomousdatabasebackups.yaml
similarity index 50%
rename from config/database.oracle.com_autonomousdatabasebackups.yaml
rename to bundle/manifests/database.oracle.com_autonomousdatabasebackups.yaml
index a5c37507..06df19c3 100644
--- a/config/database.oracle.com_autonomousdatabasebackups.yaml
+++ b/bundle/manifests/database.oracle.com_autonomousdatabasebackups.yaml
@@ -1,13 +1,24 @@
-
----
 apiVersion: apiextensions.k8s.io/v1
 kind: CustomResourceDefinition
 metadata:
   annotations:
-    controller-gen.kubebuilder.io/version: v0.6.1
+    cert-manager.io/inject-ca-from: oracle-database-operator-system/oracle-database-operator-serving-cert
+    controller-gen.kubebuilder.io/version: v0.16.5
   creationTimestamp: null
   name: autonomousdatabasebackups.database.oracle.com
 spec:
+  conversion:
+    strategy: Webhook
+    webhook:
+      clientConfig:
+        service:
+          name: oracle-database-operator-webhook-service
+          namespace: oracle-database-operator-system
+          path: /convert
+      conversionReviewVersions:
+      - v1alpha1
+      - v1
+      - v4
   group: database.oracle.com
   names:
     kind: AutonomousDatabaseBackup
@@ -38,24 +49,14 @@ spec:
     name: v1alpha1
     schema:
       openAPIV3Schema:
-        description: AutonomousDatabaseBackup is the Schema for the autonomousdatabasebackups
-          API
         properties:
           apiVersion:
-            description: 'APIVersion defines the versioned schema of this representation
-              of an object. Servers should convert recognized schemas to the latest
-              internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
             type: string
           kind:
-            description: 'Kind is a string value representing the REST resource this
-              object represents. Servers may infer this from the endpoint the client
-              submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
             type: string
           metadata:
             type: object
           spec:
-            description: AutonomousDatabaseBackupSpec defines the desired state of
-              AutonomousDatabaseBackup
             properties:
               autonomousDatabaseBackupOCID:
                 type: string
@@ -64,7 +65,6 @@ spec:
               isLongTermBackup:
                 type: boolean
               ociConfig:
-                description: "*********************** *\tOCI config ***********************"
                 properties:
                   configMapName:
                     type: string
@@ -74,11 +74,8 @@ spec:
               retentionPeriodInDays:
                 type: integer
               target:
-                description: 'INSERT ADDITIONAL SPEC FIELDS - desired state of cluster
-                  Important: Run "make" to regenerate code after modifying this file'
                 properties:
                   k8sADB:
-                    description: "*********************** *\tADB spec ***********************"
                     properties:
                       name:
                         type: string
@@ -91,8 +88,6 @@ spec:
                 type: object
             type: object
           status:
-            description: AutonomousDatabaseBackupStatus defines the observed state
-              of AutonomousDatabaseBackup
             properties:
               autonomousDatabaseOCID:
                 type: string
@@ -105,16 +100,103 @@ spec:
               isAutomatic:
                 type: boolean
               lifecycleState:
-                description: 'AutonomousDatabaseBackupLifecycleStateEnum Enum with
-                  underlying type: string'
                 type: string
               timeEnded:
                 type: string
               timeStarted:
                 type: string
               type:
-                description: 'AutonomousDatabaseBackupTypeEnum Enum with underlying
-                  type: string'
+                type: string
+            required:
+            - autonomousDatabaseOCID
+            - compartmentOCID
+            - dbDisplayName
+            - dbName
+            - isAutomatic
+            - lifecycleState
+            - type
+            type: object
+        type: object
+    served: true
+    storage: false
+    subresources:
+      status: {}
+  - additionalPrinterColumns:
+    - jsonPath: .status.lifecycleState
+      name: State
+      type: string
+    - jsonPath: .status.dbDisplayName
+      name: DB DisplayName
+      type: string
+    - jsonPath: .status.type
+      name: Type
+      type: string
+    - jsonPath: .status.timeStarted
+      name: Started
+      type: string
+    - jsonPath: .status.timeEnded
+      name: Ended
+      type: string
+    name: v4
+    schema:
+      openAPIV3Schema:
+        properties:
+          apiVersion:
+            type: string
+          kind:
+            type: string
+          metadata:
+            type: object
+          spec:
+            properties:
+              autonomousDatabaseBackupOCID:
+                type: string
+              displayName:
+                type: string
+              isLongTermBackup:
+                type: boolean
+              ociConfig:
+                properties:
+                  configMapName:
+                    type: string
+                  secretName:
+                    type: string
+                type: object
+              retentionPeriodInDays:
+                type: integer
+              target:
+                properties:
+                  k8sADB:
+                    properties:
+                      name:
+                        type: string
+                    type: object
+                  ociADB:
+                    properties:
+                      ocid:
+                        type: string
+                    type: object
+                type: object
+            type: object
+          status:
+            properties:
+              autonomousDatabaseOCID:
+                type: string
+              compartmentOCID:
+                type: string
+              dbDisplayName:
+                type: string
+              dbName:
+                type: string
+              isAutomatic:
+                type: boolean
+              lifecycleState:
+                type: string
+              timeEnded:
+                type: string
+              timeStarted:
+                type: string
+              type:
                 type: string
             required:
             - autonomousDatabaseOCID
@@ -134,5 +216,5 @@ status:
   acceptedNames:
     kind: ""
     plural: ""
-  conditions: []
-  storedVersions: []
+  conditions: null
+  storedVersions: null
diff --git a/config/database.oracle.com_autonomousdatabaserestores.yaml b/bundle/manifests/database.oracle.com_autonomousdatabaserestores.yaml
similarity index 50%
rename from config/database.oracle.com_autonomousdatabaserestores.yaml
rename to bundle/manifests/database.oracle.com_autonomousdatabaserestores.yaml
index 5e9f2c73..7f2d386d 100644
--- a/config/database.oracle.com_autonomousdatabaserestores.yaml
+++ b/bundle/manifests/database.oracle.com_autonomousdatabaserestores.yaml
@@ -1,13 +1,24 @@
-
----
 apiVersion: apiextensions.k8s.io/v1
 kind: CustomResourceDefinition
 metadata:
   annotations:
-    controller-gen.kubebuilder.io/version: v0.6.1
+    cert-manager.io/inject-ca-from: oracle-database-operator-system/oracle-database-operator-serving-cert
+    controller-gen.kubebuilder.io/version: v0.16.5
   creationTimestamp: null
   name: autonomousdatabaserestores.database.oracle.com
 spec:
+  conversion:
+    strategy: Webhook
+    webhook:
+      clientConfig:
+        service:
+          name: oracle-database-operator-webhook-service
+          namespace: oracle-database-operator-system
+          path: /convert
+      conversionReviewVersions:
+      - v1alpha1
+      - v1
+      - v4
   group: database.oracle.com
   names:
     kind: AutonomousDatabaseRestore
@@ -32,27 +43,16 @@ spec:
     name: v1alpha1
     schema:
       openAPIV3Schema:
-        description: AutonomousDatabaseRestore is the Schema for the autonomousdatabaserestores
-          API
         properties:
           apiVersion:
-            description: 'APIVersion defines the versioned schema of this representation
-              of an object. Servers should convert recognized schemas to the latest
-              internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
             type: string
           kind:
-            description: 'Kind is a string value representing the REST resource this
-              object represents. Servers may infer this from the endpoint the client
-              submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
             type: string
           metadata:
             type: object
           spec:
-            description: AutonomousDatabaseRestoreSpec defines the desired state of
-              AutonomousDatabaseRestore
             properties:
               ociConfig:
-                description: "*********************** *\tOCI config ***********************"
                 properties:
                   configMapName:
                     type: string
@@ -62,9 +62,6 @@ spec:
               source:
                 properties:
                   k8sADBBackup:
-                    description: 'EDIT THIS FILE!  THIS IS SCAFFOLDING FOR YOU TO
-                      OWN! NOTE: json tags are required.  Any new fields you add must
-                      have json tags for the fields to be serialized.'
                     properties:
                       name:
                         type: string
@@ -72,17 +69,12 @@ spec:
                   pointInTime:
                     properties:
                       timestamp:
-                        description: 'The timestamp must follow this format: YYYY-MM-DD
-                          HH:MM:SS GMT'
                         type: string
                     type: object
                 type: object
               target:
-                description: 'INSERT ADDITIONAL SPEC FIELDS - desired state of cluster
-                  Important: Run "make" to regenerate code after modifying this file'
                 properties:
                   k8sADB:
-                    description: "*********************** *\tADB spec ***********************"
                     properties:
                       name:
                         type: string
@@ -98,18 +90,98 @@ spec:
             - target
             type: object
           status:
-            description: AutonomousDatabaseRestoreStatus defines the observed state
-              of AutonomousDatabaseRestore
             properties:
               dbName:
                 type: string
               displayName:
-                description: 'INSERT ADDITIONAL STATUS FIELD - define observed state
-                  of cluster Important: Run "make" to regenerate code after modifying
-                  this file'
                 type: string
               status:
-                description: 'WorkRequestStatusEnum Enum with underlying type: string'
+                type: string
+              timeAccepted:
+                type: string
+              timeEnded:
+                type: string
+              timeStarted:
+                type: string
+              workRequestOCID:
+                type: string
+            required:
+            - dbName
+            - displayName
+            - status
+            - workRequestOCID
+            type: object
+        type: object
+    served: true
+    storage: false
+    subresources:
+      status: {}
+  - additionalPrinterColumns:
+    - jsonPath: .status.status
+      name: Status
+      type: string
+    - jsonPath: .status.displayName
+      name: DbDisplayName
+      type: string
+    - jsonPath: .status.dbName
+      name: DbName
+      type: string
+    name: v4
+    schema:
+      openAPIV3Schema:
+        properties:
+          apiVersion:
+            type: string
+          kind:
+            type: string
+          metadata:
+            type: object
+          spec:
+            properties:
+              ociConfig:
+                properties:
+                  configMapName:
+                    type: string
+                  secretName:
+                    type: string
+                type: object
+              source:
+                properties:
+                  k8sADBBackup:
+                    properties:
+                      name:
+                        type: string
+                    type: object
+                  pointInTime:
+                    properties:
+                      timestamp:
+                        type: string
+                    type: object
+                type: object
+              target:
+                properties:
+                  k8sADB:
+                    properties:
+                      name:
+                        type: string
+                    type: object
+                  ociADB:
+                    properties:
+                      ocid:
+                        type: string
+                    type: object
+                type: object
+            required:
+            - source
+            - target
+            type: object
+          status:
+            properties:
+              dbName:
+                type: string
+              displayName:
+                type: string
+              status:
                 type: string
               timeAccepted:
                 type: string
@@ -134,5 +206,5 @@ status:
   acceptedNames:
     kind: ""
     plural: ""
-  conditions: []
-  storedVersions: []
+  conditions: null
+  storedVersions: null
diff --git a/bundle/manifests/database.oracle.com_autonomousdatabases.yaml b/bundle/manifests/database.oracle.com_autonomousdatabases.yaml
new file mode 100644
index 00000000..f2e82d0e
--- /dev/null
+++ b/bundle/manifests/database.oracle.com_autonomousdatabases.yaml
@@ -0,0 +1,704 @@
+apiVersion: apiextensions.k8s.io/v1
+kind: CustomResourceDefinition
+metadata:
+  annotations:
+    cert-manager.io/inject-ca-from: oracle-database-operator-system/oracle-database-operator-serving-cert
+    controller-gen.kubebuilder.io/version: v0.16.5
+  creationTimestamp: null
+  name: autonomousdatabases.database.oracle.com
+spec:
+  conversion:
+    strategy: Webhook
+    webhook:
+      clientConfig:
+        service:
+          name: oracle-database-operator-webhook-service
+          namespace: oracle-database-operator-system
+          path: /convert
+      conversionReviewVersions:
+      - v1alpha1
+      - v1
+      - v4
+  group: database.oracle.com
+  names:
+    kind: AutonomousDatabase
+    listKind: AutonomousDatabaseList
+    plural: autonomousdatabases
+    shortNames:
+    - adb
+    - adbs
+    singular: autonomousdatabase
+  scope: Namespaced
+  versions:
+  - additionalPrinterColumns:
+    - jsonPath: .spec.details.displayName
+      name: Display Name
+      type: string
+    - jsonPath: .spec.details.dbName
+      name: Db Name
+      type: string
+    - jsonPath: .status.lifecycleState
+      name: State
+      type: string
+    - jsonPath: .spec.details.isDedicated
+      name: Dedicated
+      type: string
+    - jsonPath: .spec.details.cpuCoreCount
+      name: OCPUs
+      type: integer
+    - jsonPath: .spec.details.dataStorageSizeInTBs
+      name: Storage (TB)
+      type: integer
+    - jsonPath: .spec.details.dbWorkload
+      name: Workload Type
+      type: string
+    - jsonPath: .status.timeCreated
+      name: Created
+      type: string
+    name: v1alpha1
+    schema:
+      openAPIV3Schema:
+        properties:
+          apiVersion:
+            type: string
+          kind:
+            type: string
+          metadata:
+            type: object
+          spec:
+            properties:
+              action:
+                enum:
+                - ""
+                - Create
+                - Sync
+                - Update
+                - Stop
+                - Start
+                - Terminate
+                - Clone
+                type: string
+              clone:
+                properties:
+                  adminPassword:
+                    properties:
+                      k8sSecret:
+                        properties:
+                          name:
+                            type: string
+                        type: object
+                      ociSecret:
+                        properties:
+                          id:
+                            type: string
+                        type: object
+                    type: object
+                  autonomousContainerDatabase:
+                    properties:
+                      k8sAcd:
+                        properties:
+                          name:
+                            type: string
+                        type: object
+                      ociAcd:
+                        properties:
+                          id:
+                            type: string
+                        type: object
+                    type: object
+                  cloneType:
+                    enum:
+                    - FULL
+                    - METADATA
+                    type: string
+                  compartmentId:
+                    type: string
+                  computeCount:
+                    type: number
+                  computeModel:
+                    enum:
+                    - ECPU
+                    - OCPU
+                    type: string
+                  cpuCoreCount:
+                    type: integer
+                  dataStorageSizeInTBs:
+                    type: integer
+                  dbName:
+                    type: string
+                  dbVersion:
+                    type: string
+                  dbWorkload:
+                    enum:
+                    - OLTP
+                    - DW
+                    - AJD
+                    - APEX
+                    type: string
+                  displayName:
+                    type: string
+                  freeformTags:
+                    additionalProperties:
+                      type: string
+                    type: object
+                  isAccessControlEnabled:
+                    type: boolean
+                  isAutoScalingEnabled:
+                    type: boolean
+                  isDedicated:
+                    type: boolean
+                  isFreeTier:
+                    type: boolean
+                  isMtlsConnectionRequired:
+                    type: boolean
+                  licenseModel:
+                    enum:
+                    - LICENSE_INCLUDED
+                    - BRING_YOUR_OWN_LICENSE
+                    type: string
+                  nsgIds:
+                    items:
+                      type: string
+                    type: array
+                  ocpuCount:
+                    type: number
+                  privateEndpointLabel:
+                    type: string
+                  subnetId:
+                    type: string
+                  whitelistedIps:
+                    items:
+                      type: string
+                    type: array
+                type: object
+              details:
+                properties:
+                  adminPassword:
+                    properties:
+                      k8sSecret:
+                        properties:
+                          name:
+                            type: string
+                        type: object
+                      ociSecret:
+                        properties:
+                          id:
+                            type: string
+                        type: object
+                    type: object
+                  autonomousContainerDatabase:
+                    properties:
+                      k8sAcd:
+                        properties:
+                          name:
+                            type: string
+                        type: object
+                      ociAcd:
+                        properties:
+                          id:
+                            type: string
+                        type: object
+                    type: object
+                  compartmentId:
+                    type: string
+                  computeCount:
+                    type: number
+                  computeModel:
+                    enum:
+                    - ECPU
+                    - OCPU
+                    type: string
+                  cpuCoreCount:
+                    type: integer
+                  dataStorageSizeInTBs:
+                    type: integer
+                  dbName:
+                    type: string
+                  dbVersion:
+                    type: string
+                  dbWorkload:
+                    enum:
+                    - OLTP
+                    - DW
+                    - AJD
+                    - APEX
+                    type: string
+                  displayName:
+                    type: string
+                  freeformTags:
+                    additionalProperties:
+                      type: string
+                    type: object
+                  id:
+                    type: string
+                  isAccessControlEnabled:
+                    type: boolean
+                  isAutoScalingEnabled:
+                    type: boolean
+                  isDedicated:
+                    type: boolean
+                  isFreeTier:
+                    type: boolean
+                  isMtlsConnectionRequired:
+                    type: boolean
+                  licenseModel:
+                    enum:
+                    - LICENSE_INCLUDED
+                    - BRING_YOUR_OWN_LICENSE
+                    type: string
+                  nsgIds:
+                    items:
+                      type: string
+                    type: array
+                  ocpuCount:
+                    type: number
+                  privateEndpointLabel:
+                    type: string
+                  subnetId:
+                    type: string
+                  whitelistedIps:
+                    items:
+                      type: string
+                    type: array
+                type: object
+              hardLink:
+                default: false
+                type: boolean
+              ociConfig:
+                properties:
+                  configMapName:
+                    type: string
+                  secretName:
+                    type: string
+                type: object
+              wallet:
+                properties:
+                  name:
+                    type: string
+                  password:
+                    properties:
+                      k8sSecret:
+                        properties:
+                          name:
+                            type: string
+                        type: object
+                      ociSecret:
+                        properties:
+                          id:
+                            type: string
+                        type: object
+                    type: object
+                type: object
+            required:
+            - action
+            type: object
+          status:
+            properties:
+              allConnectionStrings:
+                items:
+                  properties:
+                    connectionStrings:
+                      items:
+                        properties:
+                          connectionString:
+                            type: string
+                          tnsName:
+                            type: string
+                        type: object
+                      type: array
+                    tlsAuthentication:
+                      type: string
+                  required:
+                  - connectionStrings
+                  type: object
+                type: array
+              conditions:
+                items:
+                  properties:
+                    lastTransitionTime:
+                      format: date-time
+                      type: string
+                    message:
+                      maxLength: 32768
+                      type: string
+                    observedGeneration:
+                      format: int64
+                      minimum: 0
+                      type: integer
+                    reason:
+                      maxLength: 1024
+                      minLength: 1
+                      pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$
+                      type: string
+                    status:
+                      enum:
+                      - "True"
+                      - "False"
+                      - Unknown
+                      type: string
+                    type:
+                      maxLength: 316
+                      pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$
+                      type: string
+                  required:
+                  - lastTransitionTime
+                  - message
+                  - reason
+                  - status
+                  - type
+                  type: object
+                type: array
+                x-kubernetes-list-map-keys:
+                - type
+                x-kubernetes-list-type: map
+              lifecycleState:
+                type: string
+              timeCreated:
+                type: string
+              walletExpiringDate:
+                type: string
+            type: object
+        type: object
+    served: true
+    storage: false
+    subresources:
+      status: {}
+  - additionalPrinterColumns:
+    - jsonPath: .spec.details.displayName
+      name: Display Name
+      type: string
+    - jsonPath: .spec.details.dbName
+      name: Db Name
+      type: string
+    - jsonPath: .status.lifecycleState
+      name: State
+      type: string
+    - jsonPath: .spec.details.isDedicated
+      name: Dedicated
+      type: string
+    - jsonPath: .spec.details.cpuCoreCount
+      name: OCPUs
+      type: integer
+    - jsonPath: .spec.details.dataStorageSizeInTBs
+      name: Storage (TB)
+      type: integer
+    - jsonPath: .spec.details.dbWorkload
+      name: Workload Type
+      type: string
+    - jsonPath: .status.timeCreated
+      name: Created
+      type: string
+    name: v4
+    schema:
+      openAPIV3Schema:
+        properties:
+          apiVersion:
+            type: string
+          kind:
+            type: string
+          metadata:
+            type: object
+          spec:
+            properties:
+              action:
+                enum:
+                - ""
+                - Create
+                - Sync
+                - Update
+                - Stop
+                - Start
+                - Terminate
+                - Clone
+                type: string
+              clone:
+                properties:
+                  adminPassword:
+                    properties:
+                      k8sSecret:
+                        properties:
+                          name:
+                            type: string
+                        type: object
+                      ociSecret:
+                        properties:
+                          id:
+                            type: string
+                        type: object
+                    type: object
+                  autonomousContainerDatabase:
+                    properties:
+                      k8sAcd:
+                        properties:
+                          name:
+                            type: string
+                        type: object
+                      ociAcd:
+                        properties:
+                          id:
+                            type: string
+                        type: object
+                    type: object
+                  cloneType:
+                    enum:
+                    - FULL
+                    - METADATA
+                    type: string
+                  compartmentId:
+                    type: string
+                  computeCount:
+                    type: number
+                  computeModel:
+                    enum:
+                    - ECPU
+                    - OCPU
+                    type: string
+                  cpuCoreCount:
+                    type: integer
+                  dataStorageSizeInTBs:
+                    type: integer
+                  dbName:
+                    type: string
+                  dbVersion:
+                    type: string
+                  dbWorkload:
+                    enum:
+                    - OLTP
+                    - DW
+                    - AJD
+                    - APEX
+                    type: string
+                  displayName:
+                    type: string
+                  freeformTags:
+                    additionalProperties:
+                      type: string
+                    type: object
+                  isAccessControlEnabled:
+                    type: boolean
+                  isAutoScalingEnabled:
+                    type: boolean
+                  isDedicated:
+                    type: boolean
+                  isFreeTier:
+                    type: boolean
+                  isMtlsConnectionRequired:
+                    type: boolean
+                  licenseModel:
+                    enum:
+                    - LICENSE_INCLUDED
+                    - BRING_YOUR_OWN_LICENSE
+                    type: string
+                  nsgIds:
+                    items:
+                      type: string
+                    type: array
+                  ocpuCount:
+                    type: number
+                  privateEndpointLabel:
+                    type: string
+                  subnetId:
+                    type: string
+                  whitelistedIps:
+                    items:
+                      type: string
+                    type: array
+                type: object
+              details:
+                properties:
+                  adminPassword:
+                    properties:
+                      k8sSecret:
+                        properties:
+                          name:
+                            type: string
+                        type: object
+                      ociSecret:
+                        properties:
+                          id:
+                            type: string
+                        type: object
+                    type: object
+                  autonomousContainerDatabase:
+                    properties:
+                      k8sAcd:
+                        properties:
+                          name:
+                            type: string
+                        type: object
+                      ociAcd:
+                        properties:
+                          id:
+                            type: string
+                        type: object
+                    type: object
+                  compartmentId:
+                    type: string
+                  computeCount:
+                    type: number
+                  computeModel:
+                    enum:
+                    - ECPU
+                    - OCPU
+                    type: string
+                  cpuCoreCount:
+                    type: integer
+                  dataStorageSizeInTBs:
+                    type: integer
+                  dbName:
+                    type: string
+                  dbVersion:
+                    type: string
+                  dbWorkload:
+                    enum:
+                    - OLTP
+                    - DW
+                    - AJD
+                    - APEX
+                    type: string
+                  displayName:
+                    type: string
+                  freeformTags:
+                    additionalProperties:
+                      type: string
+                    type: object
+                  id:
+                    type: string
+                  isAccessControlEnabled:
+                    type: boolean
+                  isAutoScalingEnabled:
+                    type: boolean
+                  isDedicated:
+                    type: boolean
+                  isFreeTier:
+                    type: boolean
+                  isMtlsConnectionRequired:
+                    type: boolean
+                  licenseModel:
+                    enum:
+                    - LICENSE_INCLUDED
+                    - BRING_YOUR_OWN_LICENSE
+                    type: string
+                  nsgIds:
+                    items:
+                      type: string
+                    type: array
+                  ocpuCount:
+                    type: number
+                  privateEndpointLabel:
+                    type: string
+                  subnetId:
+                    type: string
+                  whitelistedIps:
+                    items:
+                      type: string
+                    type: array
+                type: object
+              hardLink:
+                default: false
+                type: boolean
+              ociConfig:
+                properties:
+                  configMapName:
+                    type: string
+                  secretName:
+                    type: string
+                type: object
+              wallet:
+                properties:
+                  name:
+                    type: string
+                  password:
+                    properties:
+                      k8sSecret:
+                        properties:
+                          name:
+                            type: string
+                        type: object
+                      ociSecret:
+                        properties:
+                          id:
+                            type: string
+                        type: object
+                    type: object
+                type: object
+            required:
+            - action
+            type: object
+          status:
+            properties:
+              allConnectionStrings:
+                items:
+                  properties:
+                    connectionStrings:
+                      items:
+                        properties:
+                          connectionString:
+                            type: string
+                          tnsName:
+                            type: string
+                        type: object
+                      type: array
+                    tlsAuthentication:
+                      type: string
+                  required:
+                  - connectionStrings
+                  type: object
+                type: array
+              conditions:
+                items:
+                  properties:
+                    lastTransitionTime:
+                      format: date-time
+                      type: string
+                    message:
+                      maxLength: 32768
+                      type: string
+                    observedGeneration:
+                      format: int64
+                      minimum: 0
+                      type: integer
+                    reason:
+                      maxLength: 1024
+                      minLength: 1
+                      pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$
+                      type: string
+                    status:
+                      enum:
+                      - "True"
+                      - "False"
+                      - Unknown
+                      type: string
+                    type:
+                      maxLength: 316
+                      pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$
+                      type: string
+                  required:
+                  - lastTransitionTime
+                  - message
+                  - reason
+                  - status
+                  - type
+                  type: object
+                type: array
+                x-kubernetes-list-map-keys:
+                - type
+                x-kubernetes-list-type: map
+              lifecycleState:
+                type: string
+              timeCreated:
+                type: string
+              walletExpiringDate:
+                type: string
+            type: object
+        type: object
+    served: true
+    storage: true
+    subresources:
+      status: {}
+status:
+  acceptedNames:
+    kind: ""
+    plural: ""
+  conditions: null
+  storedVersions: null
diff --git a/config/crd/bases/database.oracle.com_cdbs.yaml b/bundle/manifests/database.oracle.com_cdbs.yaml
similarity index 98%
rename from config/crd/bases/database.oracle.com_cdbs.yaml
rename to bundle/manifests/database.oracle.com_cdbs.yaml
index 924946ee..5ad34bbf 100644
--- a/config/crd/bases/database.oracle.com_cdbs.yaml
+++ b/bundle/manifests/database.oracle.com_cdbs.yaml
@@ -1,9 +1,10 @@
----
 apiVersion: apiextensions.k8s.io/v1
 kind: CustomResourceDefinition
 metadata:
   annotations:
+    cert-manager.io/inject-ca-from: oracle-database-operator-system/oracle-database-operator-serving-cert
     controller-gen.kubebuilder.io/version: v0.16.5
+  creationTimestamp: null
   name: cdbs.database.oracle.com
 spec:
   group: database.oracle.com
@@ -490,3 +491,9 @@ spec:
     storage: true
     subresources:
       status: {}
+status:
+  acceptedNames:
+    kind: ""
+    plural: ""
+  conditions: null
+  storedVersions: null
diff --git a/bundle/manifests/database.oracle.com_dataguardbrokers.yaml b/bundle/manifests/database.oracle.com_dataguardbrokers.yaml
new file mode 100644
index 00000000..029fb91e
--- /dev/null
+++ b/bundle/manifests/database.oracle.com_dataguardbrokers.yaml
@@ -0,0 +1,217 @@
+apiVersion: apiextensions.k8s.io/v1
+kind: CustomResourceDefinition
+metadata:
+  annotations:
+    cert-manager.io/inject-ca-from: oracle-database-operator-system/oracle-database-operator-serving-cert
+    controller-gen.kubebuilder.io/version: v0.16.5
+  creationTimestamp: null
+  name: dataguardbrokers.database.oracle.com
+spec:
+  group: database.oracle.com
+  names:
+    kind: DataguardBroker
+    listKind: DataguardBrokerList
+    plural: dataguardbrokers
+    singular: dataguardbroker
+  scope: Namespaced
+  versions:
+  - additionalPrinterColumns:
+    - jsonPath: .status.primaryDatabase
+      name: Primary
+      type: string
+    - jsonPath: .status.standbyDatabases
+      name: Standbys
+      type: string
+    - jsonPath: .spec.protectionMode
+      name: Protection Mode
+      type: string
+    - jsonPath: .status.clusterConnectString
+      name: Cluster Connect Str
+      priority: 1
+      type: string
+    - jsonPath: .status.externalConnectString
+      name: Connect Str
+      type: string
+    - jsonPath: .spec.primaryDatabaseRef
+      name: Primary Database
+      priority: 1
+      type: string
+    - jsonPath: .status.status
+      name: Status
+      type: string
+    - jsonPath: .status.fastStartFailover
+      name: FSFO
+      type: string
+    name: v1alpha1
+    schema:
+      openAPIV3Schema:
+        properties:
+          apiVersion:
+            type: string
+          kind:
+            type: string
+          metadata:
+            type: object
+          spec:
+            properties:
+              fastStartFailover:
+                type: boolean
+              loadBalancer:
+                type: boolean
+              nodeSelector:
+                additionalProperties:
+                  type: string
+                type: object
+              primaryDatabaseRef:
+                type: string
+              protectionMode:
+                enum:
+                - MaxPerformance
+                - MaxAvailability
+                type: string
+              serviceAnnotations:
+                additionalProperties:
+                  type: string
+                type: object
+              setAsPrimaryDatabase:
+                type: string
+              standbyDatabaseRefs:
+                items:
+                  type: string
+                type: array
+            required:
+            - primaryDatabaseRef
+            - protectionMode
+            - standbyDatabaseRefs
+            type: object
+          status:
+            properties:
+              clusterConnectString:
+                type: string
+              databasesInDataguardConfig:
+                additionalProperties:
+                  type: string
+                type: object
+              externalConnectString:
+                type: string
+              fastStartFailover:
+                type: string
+              primaryDatabase:
+                type: string
+              primaryDatabaseRef:
+                type: string
+              protectionMode:
+                type: string
+              standbyDatabases:
+                type: string
+              status:
+                type: string
+            type: object
+        type: object
+    served: true
+    storage: false
+    subresources:
+      status: {}
+  - additionalPrinterColumns:
+    - jsonPath: .status.primaryDatabase
+      name: Primary
+      type: string
+    - jsonPath: .status.standbyDatabases
+      name: Standbys
+      type: string
+    - jsonPath: .spec.protectionMode
+      name: Protection Mode
+      type: string
+    - jsonPath: .status.clusterConnectString
+      name: Cluster Connect Str
+      priority: 1
+      type: string
+    - jsonPath: .status.externalConnectString
+      name: Connect Str
+      type: string
+    - jsonPath: .spec.primaryDatabaseRef
+      name: Primary Database
+      priority: 1
+      type: string
+    - jsonPath: .status.status
+      name: Status
+      type: string
+    - jsonPath: .status.fastStartFailover
+      name: FSFO
+      type: string
+    name: v4
+    schema:
+      openAPIV3Schema:
+        properties:
+          apiVersion:
+            type: string
+          kind:
+            type: string
+          metadata:
+            type: object
+          spec:
+            properties:
+              fastStartFailover:
+                type: boolean
+              loadBalancer:
+                type: boolean
+              nodeSelector:
+                additionalProperties:
+                  type: string
+                type: object
+              primaryDatabaseRef:
+                type: string
+              protectionMode:
+                enum:
+                - MaxPerformance
+                - MaxAvailability
+                type: string
+              serviceAnnotations:
+                additionalProperties:
+                  type: string
+                type: object
+              setAsPrimaryDatabase:
+                type: string
+              standbyDatabaseRefs:
+                items:
+                  type: string
+                type: array
+            required:
+            - primaryDatabaseRef
+            - protectionMode
+            - standbyDatabaseRefs
+            type: object
+          status:
+            properties:
+              clusterConnectString:
+                type: string
+              databasesInDataguardConfig:
+                additionalProperties:
+                  type: string
+                type: object
+              externalConnectString:
+                type: string
+              fastStartFailover:
+                type: string
+              primaryDatabase:
+                type: string
+              primaryDatabaseRef:
+                type: string
+              protectionMode:
+                type: string
+              standbyDatabases:
+                type: string
+              status:
+                type: string
+            type: object
+        type: object
+    served: true
+    storage: true
+    subresources:
+      status: {}
+status:
+  acceptedNames:
+    kind: ""
+    plural: ""
+  conditions: null
+  storedVersions: null
diff --git a/config/database.oracle.com_DbcsSystem.yaml b/bundle/manifests/database.oracle.com_dbcssystems.yaml
similarity index 50%
rename from config/database.oracle.com_DbcsSystem.yaml
rename to bundle/manifests/database.oracle.com_dbcssystems.yaml
index c342c363..b925812d 100644
--- a/config/database.oracle.com_DbcsSystem.yaml
+++ b/bundle/manifests/database.oracle.com_dbcssystems.yaml
@@ -1,48 +1,37 @@
-
----
 apiVersion: apiextensions.k8s.io/v1
 kind: CustomResourceDefinition
 metadata:
   annotations:
+    cert-manager.io/inject-ca-from: oracle-database-operator-system/oracle-database-operator-serving-cert
     controller-gen.kubebuilder.io/version: v0.16.5
   creationTimestamp: null
-  name: DbcsSystem.database.oracle.com
+  name: dbcssystems.database.oracle.com
 spec:
   group: database.oracle.com
   names:
     kind: DbcsSystem
     listKind: DbcsSystemList
-    plural: DbcsSystem
+    plural: dbcssystems
     singular: dbcssystem
   scope: Namespaced
   versions:
-  - name: v4
+  - name: v1alpha1
     schema:
       openAPIV3Schema:
-        description: DbcsSystem is the Schema for the dbcssystems API
         properties:
           apiVersion:
-            description: 'APIVersion defines the versioned schema of this representation
-              of an object. Servers should convert recognized schemas to the latest
-              internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
             type: string
           kind:
-            description: 'Kind is a string value representing the REST resource this
-              object represents. Servers may infer this from the endpoint the client
-              submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
             type: string
           metadata:
             type: object
           spec:
-            description: DbcsSystemSpec defines the desired state of DbcsSystem
             properties:
               databaseId:
                 type: string
               dbBackupId:
                 type: string
               dbClone:
-                description: DbCloneConfig defines the configuration for the database
-                  clone
                 properties:
                   dbAdminPaswordSecret:
                     type: string
@@ -98,7 +87,6 @@ spec:
                   dbAdminPaswordSecret:
                     type: string
                   dbBackupConfig:
-                    description: DB Backup Config Network Struct
                     properties:
                       autoBackupEnabled:
                         type: boolean
@@ -205,44 +193,22 @@ spec:
                 type: string
               pdbConfigs:
                 items:
-                  description: PDBConfig defines details of PDB struct for DBCS systems
                   properties:
                     freeformTags:
                       additionalProperties:
                         type: string
-                      description: '// Free-form tags for this resource. Each tag
-                        is a simple key-value pair with no predefined name, type,
-                        or namespace. // For more information, see Resource Tags (https://docs.cloud.oracle.com/Content/General/Concepts/resourcetags.htm).
-                        // Example: `{"Department": "Finance"}`'
                       type: object
                     isDelete:
-                      description: To specify whether to delete the PDB
                       type: boolean
                     pdbAdminPassword:
-                      description: // A strong password for PDB Admin. The password
-                        must be at least nine characters and contain at least two
-                        uppercase, two lowercase, two numbers, and two special characters.
-                        The special characters must be _, \#, or -.
                       type: string
                     pdbName:
-                      description: The name for the pluggable database (PDB). The
-                        name is unique in the context of a Database. The name must
-                        begin with an alphabetic character and can contain a maximum
-                        of thirty alphanumeric characters. Special characters are
-                        not permitted. The pluggable database name should not be same
-                        as the container database name.
                       type: string
                     pluggableDatabaseId:
-                      description: The OCID of the PDB for deletion purposes.
                       type: string
                     shouldPdbAdminAccountBeLocked:
-                      description: // The locked mode of the pluggable database admin
-                        account. If false, the user needs to provide the PDB Admin
-                        Password to connect to it. // If true, the pluggable database
-                        will be locked and user cannot login to it.
                       type: boolean
                     tdeWalletPassword:
-                      description: // The existing TDE wallet password of the CDB.
                       type: string
                   required:
                   - freeformTags
@@ -258,7 +224,6 @@ spec:
             - ociConfigMap
             type: object
           status:
-            description: DbcsSystemStatus defines the observed state of DbcsSystem
             properties:
               availabilityDomain:
                 type: string
@@ -269,7 +234,6 @@ spec:
               dataStorageSizeInGBs:
                 type: integer
               dbCloneStatus:
-                description: DbCloneStatus defines the observed state of DbClone
                 properties:
                   dbAdminPaswordSecret:
                     type: string
@@ -301,7 +265,6 @@ spec:
                 type: string
               dbInfo:
                 items:
-                  description: DbcsSystemStatus defines the observed state of DbcsSystem
                   properties:
                     dbHomeId:
                       type: string
@@ -422,6 +385,375 @@ spec:
             type: object
         type: object
     served: true
+    storage: false
+    subresources:
+      status: {}
+  - name: v4
+    schema:
+      openAPIV3Schema:
+        properties:
+          apiVersion:
+            type: string
+          kind:
+            type: string
+          metadata:
+            type: object
+          spec:
+            properties:
+              databaseId:
+                type: string
+              dbBackupId:
+                type: string
+              dbClone:
+                properties:
+                  dbAdminPasswordSecret:
+                    type: string
+                  dbDbUniqueName:
+                    type: string
+                  dbName:
+                    type: string
+                  displayName:
+                    type: string
+                  domain:
+                    type: string
+                  hostName:
+                    type: string
+                  initialDataStorageSizeInGB:
+                    type: integer
+                  kmsKeyId:
+                    type: string
+                  kmsKeyVersionId:
+                    type: string
+                  licenseModel:
+                    type: string
+                  privateIp:
+                    type: string
+                  sidPrefix:
+                    type: string
+                  sshPublicKeys:
+                    items:
+                      type: string
+                    type: array
+                  subnetId:
+                    type: string
+                  tdeWalletPasswordSecret:
+                    type: string
+                required:
+                - dbDbUniqueName
+                - dbName
+                - displayName
+                - hostName
+                - subnetId
+                type: object
+              dbSystem:
+                properties:
+                  availabilityDomain:
+                    type: string
+                  backupSubnetId:
+                    type: string
+                  clusterName:
+                    type: string
+                  compartmentId:
+                    type: string
+                  cpuCoreCount:
+                    type: integer
+                  dbAdminPasswordSecret:
+                    type: string
+                  dbBackupConfig:
+                    properties:
+                      autoBackupEnabled:
+                        type: boolean
+                      autoBackupWindow:
+                        type: string
+                      backupDestinationDetails:
+                        type: string
+                      recoveryWindowsInDays:
+                        type: integer
+                    type: object
+                  dbDomain:
+                    type: string
+                  dbEdition:
+                    type: string
+                  dbName:
+                    type: string
+                  dbUniqueName:
+                    type: string
+                  dbVersion:
+                    type: string
+                  dbWorkload:
+                    type: string
+                  diskRedundancy:
+                    type: string
+                  displayName:
+                    type: string
+                  domain:
+                    type: string
+                  faultDomains:
+                    items:
+                      type: string
+                    type: array
+                  hostName:
+                    type: string
+                  initialDataStorageSizeInGB:
+                    type: integer
+                  kmsConfig:
+                    properties:
+                      compartmentId:
+                        type: string
+                      encryptionAlgo:
+                        type: string
+                      keyName:
+                        type: string
+                      vaultName:
+                        type: string
+                      vaultType:
+                        type: string
+                    type: object
+                  licenseModel:
+                    type: string
+                  nodeCount:
+                    type: integer
+                  pdbName:
+                    type: string
+                  privateIp:
+                    type: string
+                  shape:
+                    type: string
+                  sshPublicKeys:
+                    items:
+                      type: string
+                    type: array
+                  storageManagement:
+                    type: string
+                  subnetId:
+                    type: string
+                  tags:
+                    additionalProperties:
+                      type: string
+                    type: object
+                  tdeWalletPasswordSecret:
+                    type: string
+                  timeZone:
+                    type: string
+                required:
+                - availabilityDomain
+                - compartmentId
+                - dbAdminPasswordSecret
+                - hostName
+                - shape
+                - subnetId
+                type: object
+              hardLink:
+                type: boolean
+              id:
+                type: string
+              kmsConfig:
+                properties:
+                  compartmentId:
+                    type: string
+                  encryptionAlgo:
+                    type: string
+                  keyName:
+                    type: string
+                  vaultName:
+                    type: string
+                  vaultType:
+                    type: string
+                type: object
+              ociConfigMap:
+                type: string
+              ociSecret:
+                type: string
+              pdbConfigs:
+                items:
+                  properties:
+                    freeformTags:
+                      additionalProperties:
+                        type: string
+                      type: object
+                    isDelete:
+                      type: boolean
+                    pdbAdminPassword:
+                      type: string
+                    pdbName:
+                      type: string
+                    pluggableDatabaseId:
+                      type: string
+                    shouldPdbAdminAccountBeLocked:
+                      type: boolean
+                    tdeWalletPassword:
+                      type: string
+                  required:
+                  - freeformTags
+                  - pdbAdminPassword
+                  - pdbName
+                  - shouldPdbAdminAccountBeLocked
+                  - tdeWalletPassword
+                  type: object
+                type: array
+              setupDBCloning:
+                type: boolean
+            required:
+            - ociConfigMap
+            type: object
+          status:
+            properties:
+              availabilityDomain:
+                type: string
+              cpuCoreCount:
+                type: integer
+              dataStoragePercentage:
+                type: integer
+              dataStorageSizeInGBs:
+                type: integer
+              dbCloneStatus:
+                properties:
+                  dbAdminPaswordSecret:
+                    type: string
+                  dbDbUniqueName:
+                    type: string
+                  dbName:
+                    type: string
+                  displayName:
+                    type: string
+                  domain:
+                    type: string
+                  hostName:
+                    type: string
+                  id:
+                    type: string
+                  licenseModel:
+                    type: string
+                  sshPublicKeys:
+                    items:
+                      type: string
+                    type: array
+                  subnetId:
+                    type: string
+                required:
+                - dbDbUniqueName
+                - hostName
+                type: object
+              dbEdition:
+                type: string
+              dbInfo:
+                items:
+                  properties:
+                    dbHomeId:
+                      type: string
+                    dbName:
+                      type: string
+                    dbUniqueName:
+                      type: string
+                    dbWorkload:
+                      type: string
+                    id:
+                      type: string
+                  type: object
+                type: array
+              displayName:
+                type: string
+              id:
+                type: string
+              kmsDetailsStatus:
+                properties:
+                  compartmentId:
+                    type: string
+                  encryptionAlgo:
+                    type: string
+                  keyId:
+                    type: string
+                  keyName:
+                    type: string
+                  managementEndpoint:
+                    type: string
+                  vaultId:
+                    type: string
+                  vaultName:
+                    type: string
+                  vaultType:
+                    type: string
+                type: object
+              licenseModel:
+                type: string
+              network:
+                properties:
+                  clientSubnet:
+                    type: string
+                  domainName:
+                    type: string
+                  hostName:
+                    type: string
+                  listenerPort:
+                    type: integer
+                  networkSG:
+                    type: string
+                  scanDnsName:
+                    type: string
+                  vcnName:
+                    type: string
+                type: object
+              nodeCount:
+                type: integer
+              pdbDetailsStatus:
+                items:
+                  properties:
+                    pdbConfigStatus:
+                      items:
+                        properties:
+                          freeformTags:
+                            additionalProperties:
+                              type: string
+                            type: object
+                          pdbName:
+                            type: string
+                          pdbState:
+                            type: string
+                          pluggableDatabaseId:
+                            type: string
+                          shouldPdbAdminAccountBeLocked:
+                            type: boolean
+                        type: object
+                      type: array
+                  type: object
+                type: array
+              recoStorageSizeInGB:
+                type: integer
+              shape:
+                type: string
+              state:
+                type: string
+              storageManagement:
+                type: string
+              subnetId:
+                type: string
+              timeZone:
+                type: string
+              workRequests:
+                items:
+                  properties:
+                    operationId:
+                      type: string
+                    operationType:
+                      type: string
+                    percentComplete:
+                      type: string
+                    timeAccepted:
+                      type: string
+                    timeFinished:
+                      type: string
+                    timeStarted:
+                      type: string
+                  required:
+                  - operationId
+                  - operationType
+                  type: object
+                type: array
+            required:
+            - state
+            type: object
+        type: object
+    served: true
     storage: true
     subresources:
       status: {}
@@ -429,5 +761,5 @@ status:
   acceptedNames:
     kind: ""
     plural: ""
-  conditions: []
-  storedVersions: []
+  conditions: null
+  storedVersions: null
diff --git a/config/database.oracle.com_cdbs.yaml b/bundle/manifests/database.oracle.com_lrests.yaml
similarity index 63%
rename from config/database.oracle.com_cdbs.yaml
rename to bundle/manifests/database.oracle.com_lrests.yaml
index 6b1c350c..fb2d9300 100644
--- a/config/database.oracle.com_cdbs.yaml
+++ b/bundle/manifests/database.oracle.com_lrests.yaml
@@ -1,25 +1,24 @@
-
----
 apiVersion: apiextensions.k8s.io/v1
 kind: CustomResourceDefinition
 metadata:
   annotations:
-    controller-gen.kubebuilder.io/version: v0.6.1
+    cert-manager.io/inject-ca-from: oracle-database-operator-system/oracle-database-operator-serving-cert
+    controller-gen.kubebuilder.io/version: v0.16.5
   creationTimestamp: null
-  name: cdbs.database.oracle.com
+  name: lrests.database.oracle.com
 spec:
   group: database.oracle.com
   names:
-    kind: CDB
-    listKind: CDBList
-    plural: cdbs
-    singular: cdb
+    kind: LREST
+    listKind: LRESTList
+    plural: lrests
+    singular: lrest
   scope: Namespaced
   versions:
   - additionalPrinterColumns:
-    - description: Name of the CDB
+    - description: Name of the LREST
       jsonPath: .spec.cdbName
-      name: CDB Name
+      name: CDB NAME
       type: string
     - description: ' Name of the DB Server'
       jsonPath: .spec.dbServer
@@ -29,47 +28,37 @@ spec:
       jsonPath: .spec.dbPort
       name: DB Port
       type: integer
-    - description: ' string of the tnsalias'
-      jsonPath: .spec.dbTnsurl
-      name: TNS STRING
-      type: string
     - description: Replicas
       jsonPath: .spec.replicas
       name: Replicas
       type: integer
-    - description: Status of the CDB Resource
+    - description: Status of the LREST Resource
       jsonPath: .status.phase
       name: Status
       type: string
-    - description: Error message, if any
+    - description: Error message if any
       jsonPath: .status.msg
       name: Message
       type: string
-    name: v1alpha1
+    - description: string of the tnsalias
+      jsonPath: .spec.dbTnsurl
+      name: TNS STRING
+      type: string
+    name: v4
     schema:
       openAPIV3Schema:
-        description: CDB is the Schema for the cdbs API
         properties:
           apiVersion:
-            description: 'APIVersion defines the versioned schema of this representation
-              of an object. Servers should convert recognized schemas to the latest
-              internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
             type: string
           kind:
-            description: 'Kind is a string value representing the REST resource this
-              object represents. Servers may infer this from the endpoint the client
-              submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
             type: string
           metadata:
             type: object
           spec:
-            description: CDBSpec defines the desired state of CDB
             properties:
               cdbAdminPwd:
-                description: Password for the CDB Administrator to manage PDB lifecycle
                 properties:
                   secret:
-                    description: CDBSecret defines the secretName
                     properties:
                       key:
                         type: string
@@ -83,11 +72,8 @@ spec:
                 - secret
                 type: object
               cdbAdminUser:
-                description: User in the root container with sysdba priviledges to
-                  manage PDB lifecycle
                 properties:
                   secret:
-                    description: CDBSecret defines the secretName
                     properties:
                       key:
                         type: string
@@ -101,12 +87,40 @@ spec:
                 - secret
                 type: object
               cdbName:
-                description: Name of the CDB
                 type: string
+              cdbPrvKey:
+                properties:
+                  secret:
+                    properties:
+                      key:
+                        type: string
+                      secretName:
+                        type: string
+                    required:
+                    - key
+                    - secretName
+                    type: object
+                required:
+                - secret
+                type: object
+              cdbPubKey:
+                properties:
+                  secret:
+                    properties:
+                      key:
+                        type: string
+                      secretName:
+                        type: string
+                    required:
+                    - key
+                    - secretName
+                    type: object
+                required:
+                - secret
+                type: object
               cdbTlsCrt:
                 properties:
                   secret:
-                    description: CDBSecret defines the secretName
                     properties:
                       key:
                         type: string
@@ -122,7 +136,6 @@ spec:
               cdbTlsKey:
                 properties:
                   secret:
-                    description: CDBSecret defines the secretName
                     properties:
                       key:
                         type: string
@@ -136,40 +149,27 @@ spec:
                 - secret
                 type: object
               dbPort:
-                description: DB server port
                 type: integer
               dbServer:
-                description: Name of the DB server
                 type: string
               dbTnsurl:
                 type: string
-              nodeSelector:
-                additionalProperties:
-                  type: string
-                description: Node Selector for running the Pod
-                type: object
-              ordsImage:
-                description: ORDS Image Name
+              deletePdbCascade:
+                type: boolean
+              lrestImage:
                 type: string
-              ordsImagePullPolicy:
-                description: ORDS Image Pull Policy
+              lrestImagePullPolicy:
                 enum:
                 - Always
                 - Never
                 type: string
-              ordsImagePullSecret:
-                description: The name of the image pull secret in case of a private
-                  docker repository.
+              lrestImagePullSecret:
                 type: string
-              ordsPort:
-                description: ORDS server port. For now, keep it as 8888. TO BE USED
-                  IN FUTURE RELEASE.
+              lrestPort:
                 type: integer
-              ordsPwd:
-                description: Password for user ORDS_PUBLIC_USER
+              lrestPwd:
                 properties:
                   secret:
-                    description: CDBSecret defines the secretName
                     properties:
                       key:
                         type: string
@@ -182,17 +182,17 @@ spec:
                 required:
                 - secret
                 type: object
+              nodeSelector:
+                additionalProperties:
+                  type: string
+                type: object
               replicas:
-                description: Number of ORDS Containers to create
                 type: integer
               serviceName:
-                description: Name of the CDB Service
                 type: string
               sysAdminPwd:
-                description: Password for the CDB System Administrator
                 properties:
                   secret:
-                    description: CDBSecret defines the secretName
                     properties:
                       key:
                         type: string
@@ -206,10 +206,8 @@ spec:
                 - secret
                 type: object
               webServerPwd:
-                description: Password for the Web Server User
                 properties:
                   secret:
-                    description: CDBSecret defines the secretName
                     properties:
                       key:
                         type: string
@@ -223,11 +221,8 @@ spec:
                 - secret
                 type: object
               webServerUser:
-                description: Web Server User with SQL Administrator role to allow
-                  us to authenticate to the PDB Lifecycle Management REST endpoints
                 properties:
                   secret:
-                    description: CDBSecret defines the secretName
                     properties:
                       key:
                         type: string
@@ -242,16 +237,12 @@ spec:
                 type: object
             type: object
           status:
-            description: CDBStatus defines the observed state of CDB
             properties:
               msg:
-                description: Message
                 type: string
               phase:
-                description: Phase of the CDB Resource
                 type: string
               status:
-                description: CDB Resource Status
                 type: boolean
             required:
             - phase
@@ -266,5 +257,5 @@ status:
   acceptedNames:
     kind: ""
     plural: ""
-  conditions: []
-  storedVersions: []
+  conditions: null
+  storedVersions: null
diff --git a/config/database.oracle.com_pdbs.yaml b/bundle/manifests/database.oracle.com_lrpdbs.yaml
similarity index 55%
rename from config/database.oracle.com_pdbs.yaml
rename to bundle/manifests/database.oracle.com_lrpdbs.yaml
index 85af8c1b..c0ccee9d 100644
--- a/config/database.oracle.com_pdbs.yaml
+++ b/bundle/manifests/database.oracle.com_lrpdbs.yaml
@@ -1,26 +1,21 @@
-
----
 apiVersion: apiextensions.k8s.io/v1
 kind: CustomResourceDefinition
 metadata:
   annotations:
-    controller-gen.kubebuilder.io/version: v0.6.1
+    cert-manager.io/inject-ca-from: oracle-database-operator-system/oracle-database-operator-serving-cert
+    controller-gen.kubebuilder.io/version: v0.16.5
   creationTimestamp: null
-  name: pdbs.database.oracle.com
+  name: lrpdbs.database.oracle.com
 spec:
   group: database.oracle.com
   names:
-    kind: PDB
-    listKind: PDBList
-    plural: pdbs
-    singular: pdb
+    kind: LRPDB
+    listKind: LRPDBList
+    plural: lrpdbs
+    singular: lrpdb
   scope: Namespaced
   versions:
   - additionalPrinterColumns:
-    - description: The connect string to be used
-      jsonPath: .status.connString
-      name: Connect_String
-      type: string
     - description: Name of the CDB
       jsonPath: .spec.cdbName
       name: CDB Name
@@ -37,7 +32,7 @@ spec:
       jsonPath: .status.totalSize
       name: PDB Size
       type: string
-    - description: Status of the PDB Resource
+    - description: Status of the LRPDB Resource
       jsonPath: .status.phase
       name: Status
       type: string
@@ -45,29 +40,27 @@ spec:
       jsonPath: .status.msg
       name: Message
       type: string
-    name: v1alpha1
+    - description: last sqlcode
+      jsonPath: .status.sqlCode
+      name: last sqlcode
+      type: integer
+    - description: The connect string to be used
+      jsonPath: .status.connString
+      name: Connect_String
+      type: string
+    name: v4
     schema:
       openAPIV3Schema:
-        description: PDB is the Schema for the pdbs API
         properties:
           apiVersion:
-            description: 'APIVersion defines the versioned schema of this representation
-              of an object. Servers should convert recognized schemas to the latest
-              internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
             type: string
           kind:
-            description: 'Kind is a string value representing the REST resource this
-              object represents. Servers may infer this from the endpoint the client
-              submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
             type: string
           metadata:
             type: object
           spec:
-            description: PDBSpec defines the desired state of PDB
             properties:
               action:
-                description: 'Action to be taken: Create/Clone/Plug/Unplug/Delete/Modify/Status/Map.
-                  Map is used to map a Databse PDB to a Kubernetes PDB CR.'
                 enum:
                 - Create
                 - Clone
@@ -77,13 +70,12 @@ spec:
                 - Modify
                 - Status
                 - Map
+                - Alter
+                - Noaction
                 type: string
               adminName:
-                description: The administrator username for the new PDB. This property
-                  is required when the Action property is Create.
                 properties:
                   secret:
-                    description: PDBSecret defines the secretName
                     properties:
                       key:
                         type: string
@@ -97,11 +89,8 @@ spec:
                 - secret
                 type: object
               adminPwd:
-                description: The administrator password for the new PDB. This property
-                  is required when the Action property is Create.
                 properties:
                   secret:
-                    description: PDBSecret defines the secretName
                     properties:
                       key:
                         type: string
@@ -114,70 +103,85 @@ spec:
                 required:
                 - secret
                 type: object
+              adminpdbPass:
+                properties:
+                  secret:
+                    properties:
+                      key:
+                        type: string
+                      secretName:
+                        type: string
+                    required:
+                    - key
+                    - secretName
+                    type: object
+                required:
+                - secret
+                type: object
+              adminpdbUser:
+                properties:
+                  secret:
+                    properties:
+                      key:
+                        type: string
+                      secretName:
+                        type: string
+                    required:
+                    - key
+                    - secretName
+                    type: object
+                required:
+                - secret
+                type: object
+              alterSystem:
+                type: string
+              alterSystemParameter:
+                type: string
+              alterSystemValue:
+                type: string
               asClone:
-                description: Indicate if 'AS CLONE' option should be used in the command
-                  to plug in a PDB. This property is applicable when the Action property
-                  is PLUG but not required.
                 type: boolean
-              assertivePdbDeletion:
-                description: turn on the assertive approach to delete pdb resource
-                  kubectl delete pdb ..... automatically triggers the pluggable database
-                  deletion
+              assertiveLrpdbDeletion:
                 type: boolean
               cdbName:
-                description: Name of the CDB
                 type: string
               cdbNamespace:
-                description: CDB Namespace
                 type: string
+              cdbPrvKey:
+                properties:
+                  secret:
+                    properties:
+                      key:
+                        type: string
+                      secretName:
+                        type: string
+                    required:
+                    - key
+                    - secretName
+                    type: object
+                required:
+                - secret
+                type: object
               cdbResName:
-                description: Name of the CDB Custom Resource that runs the ORDS container
                 type: string
               copyAction:
-                description: To copy files or not while cloning a PDB
                 enum:
                 - COPY
                 - NOCOPY
                 - MOVE
                 type: string
               dropAction:
-                description: Specify if datafiles should be removed or not. The value
-                  can be INCLUDING or KEEP (default).
                 enum:
                 - INCLUDING
                 - KEEP
                 type: string
               fileNameConversions:
-                description: Relevant for Create and Plug operations. As defined in
-                  the  Oracle Multitenant Database documentation. Values can be a
-                  filename convert pattern or NONE.
                 type: string
               getScript:
-                description: Whether you need the script only or execute the script
                 type: boolean
-              modifyOption:
-                description: Extra options for opening and closing a PDB
-                enum:
-                - IMMEDIATE
-                - NORMAL
-                - READ ONLY
-                - READ WRITE
-                - RESTRICTED
-                type: string
-              pdbName:
-                description: The name of the new PDB. Relevant for both Create and
-                  Plug Actions.
-                type: string
-              pdbState:
-                description: The target state of the PDB
-                enum:
-                - OPEN
-                - CLOSE
-                type: string
-              pdbTlsCat:
+              lrpdbTlsCat:
                 properties:
                   secret:
-                    description: PDBSecret defines the secretName
                     properties:
                       key:
                         type: string
@@ -190,10 +194,9 @@ spec:
                 required:
                 - secret
                 type: object
-              pdbTlsCrt:
+              lrpdbTlsCrt:
                 properties:
                   secret:
-                    description: PDBSecret defines the secretName
                     properties:
                       key:
                         type: string
@@ -206,10 +209,9 @@ spec:
                 required:
                 - secret
                 type: object
-              pdbTlsKey:
+              lrpdbTlsKey:
                 properties:
                   secret:
-                    description: PDBSecret defines the secretName
                     properties:
                       key:
                         type: string
@@ -222,36 +224,43 @@ spec:
                 required:
                 - secret
                 type: object
+              modifyOption:
+                enum:
+                - IMMEDIATE
+                - NORMAL
+                - READ ONLY
+                - READ WRITE
+                - RESTRICTED
+                type: string
+              parameterScope:
+                type: string
+              pdbName:
+                type: string
+              pdbState:
+                enum:
+                - OPEN
+                - CLOSE
+                - ALTER
+                type: string
+              pdbconfigmap:
+                type: string
               reuseTempFile:
-                description: Whether to reuse temp file
                 type: boolean
               sourceFileNameConversions:
-                description: This property is required when the Action property is
-                  Plug. As defined in the Oracle Multitenant Database documentation.
-                  Values can be a source filename convert pattern or NONE.
                 type: string
               sparseClonePath:
-                description: A Path specified for sparse clone snapshot copy. (Optional)
                 type: string
               srcPdbName:
-                description: Name of the Source PDB from which to clone
                 type: string
               tdeExport:
-                description: TDE export for unplug operations
                 type: boolean
               tdeImport:
-                description: TDE import for plug operations
                 type: boolean
               tdeKeystorePath:
-                description: TDE keystore path is required if the tdeImport or tdeExport
-                  flag is set to true. Can be used in plug or unplug operations.
                 type: string
               tdePassword:
-                description: TDE password if the tdeImport or tdeExport flag is set
-                  to true. Can be used in create, plug or unplug operations
                 properties:
                   secret:
-                    description: PDBSecret defines the secretName
                     properties:
                       key:
                         type: string
@@ -265,11 +274,8 @@ spec:
                 - secret
                 type: object
               tdeSecret:
-                description: TDE secret is required if the tdeImport or tdeExport
-                  flag is set to true. Can be used in plug or unplug operations.
                 properties:
                   secret:
-                    description: PDBSecret defines the secretName
                     properties:
                       key:
                         type: string
@@ -283,26 +289,14 @@ spec:
                 - secret
                 type: object
               tempSize:
-                description: Relevant for Create and Clone operations. Total size
-                  for temporary tablespace as defined in the Oracle Multitenant Database
-                  documentation. See size_clause description in Database SQL Language
-                  Reference documentation.
                 type: string
               totalSize:
-                description: Relevant for create and plug operations. Total size as
-                  defined in the Oracle Multitenant Database documentation. See size_clause
-                  description in Database SQL Language Reference documentation.
                 type: string
               unlimitedStorage:
-                description: Relevant for Create and Plug operations. True for unlimited
-                  storage. Even when set to true, totalSize and tempSize MUST be specified
-                  in the request if Action is Create.
                 type: boolean
               webServerPwd:
-                description: Password for the Web ServerPDB User
                 properties:
                   secret:
-                    description: PDBSecret defines the secretName
                     properties:
                       key:
                         type: string
@@ -316,11 +310,8 @@ spec:
                 - secret
                 type: object
               webServerUser:
-                description: Web Server User with SQL Administrator role to allow
-                  us to authenticate to the PDB Lifecycle Management REST endpoints
                 properties:
                   secret:
-                    description: PDBSecret defines the secretName
                     properties:
                       key:
                         type: string
@@ -334,40 +325,42 @@ spec:
                 - secret
                 type: object
               xmlFileName:
-                description: XML metadata filename to be used for Plug or Unplug operations
                 type: string
             required:
             - action
+            - alterSystemParameter
+            - alterSystemValue
+            - webServerPwd
             type: object
           status:
-            description: PDBStatus defines the observed state of PDB
             properties:
               action:
-                description: Last Completed Action
+                type: string
+              alterSystem:
+                type: string
+              bitstat:
+                type: integer
+              bitstatstr:
                 type: string
               connString:
-                description: PDB Connect String
                 type: string
               modifyOption:
-                description: Modify Option of the PDB
                 type: string
               msg:
-                description: Message
                 type: string
               openMode:
-                description: Open mode of the PDB
                 type: string
               phase:
-                description: Phase of the PDB Resource
                 type: string
+              sqlCode:
+                type: integer
               status:
-                description: PDB Resource Status
                 type: boolean
               totalSize:
-                description: Total size of the PDB
                 type: string
             required:
             - phase
+            - sqlCode
             - status
             type: object
         type: object
@@ -379,5 +372,5 @@ status:
   acceptedNames:
     kind: ""
     plural: ""
-  conditions: []
-  storedVersions: []
+  conditions: null
+  storedVersions: null
diff --git a/config/database.oracle.com_oraclerestdataservices.yaml b/bundle/manifests/database.oracle.com_oraclerestdataservices.yaml
similarity index 50%
rename from config/database.oracle.com_oraclerestdataservices.yaml
rename to bundle/manifests/database.oracle.com_oraclerestdataservices.yaml
index 121383fd..acc46597 100644
--- a/config/database.oracle.com_oraclerestdataservices.yaml
+++ b/bundle/manifests/database.oracle.com_oraclerestdataservices.yaml
@@ -1,10 +1,9 @@
-
----
 apiVersion: apiextensions.k8s.io/v1
 kind: CustomResourceDefinition
 metadata:
   annotations:
-    controller-gen.kubebuilder.io/version: v0.6.1
+    cert-manager.io/inject-ca-from: oracle-database-operator-system/oracle-database-operator-serving-cert
+    controller-gen.kubebuilder.io/version: v0.16.5
   creationTimestamp: null
   name: oraclerestdataservices.database.oracle.com
 spec:
@@ -32,30 +31,22 @@ spec:
     - jsonPath: .status.apexUrl
       name: Apex URL
       type: string
+    - jsonPath: .status.mongoDbApiAccessUrl
+      name: MongoDbApi Access URL
+      type: string
     name: v1alpha1
     schema:
       openAPIV3Schema:
-        description: OracleRestDataService is the Schema for the oraclerestdataservices
-          API
         properties:
           apiVersion:
-            description: 'APIVersion defines the versioned schema of this representation
-              of an object. Servers should convert recognized schemas to the latest
-              internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
             type: string
           kind:
-            description: 'Kind is a string value representing the REST resource this
-              object represents. Servers may infer this from the endpoint the client
-              submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
             type: string
           metadata:
             type: object
           spec:
-            description: OracleRestDataServiceSpec defines the desired state of OracleRestDataService
             properties:
               adminPassword:
-                description: OracleRestDataServicePassword defines the secret containing
-                  Password mapped to secretKey
                 properties:
                   keepSecret:
                     type: boolean
@@ -67,9 +58,30 @@ spec:
                 required:
                 - secretName
                 type: object
-              apexPassword:
-                description: OracleRestDataServicePassword defines the secret containing
-                  Password mapped to secretKey
+              databaseRef:
+                type: string
+              image:
+                properties:
+                  pullFrom:
+                    type: string
+                  pullSecrets:
+                    type: string
+                  version:
+                    type: string
+                required:
+                - pullFrom
+                type: object
+              loadBalancer:
+                type: boolean
+              mongoDbApi:
+                type: boolean
+              nodeSelector:
+                additionalProperties:
+                  type: string
+                type: object
+              oracleService:
+                type: string
+              ordsPassword:
                 properties:
                   keepSecret:
                     type: boolean
@@ -81,11 +93,71 @@ spec:
                 required:
                 - secretName
                 type: object
+              ordsUser:
+                type: string
+              persistence:
+                properties:
+                  accessMode:
+                    enum:
+                    - ReadWriteOnce
+                    - ReadWriteMany
+                    type: string
+                  setWritePermissions:
+                    type: boolean
+                  size:
+                    type: string
+                  storageClass:
+                    type: string
+                  volumeName:
+                    type: string
+                type: object
+              readinessCheckPeriod:
+                type: integer
+              replicas:
+                minimum: 1
+                type: integer
+              restEnableSchemas:
+                items:
+                  properties:
+                    enable:
+                      type: boolean
+                    pdbName:
+                      type: string
+                    schemaName:
+                      type: string
+                    urlMapping:
+                      type: string
+                  required:
+                  - enable
+                  - schemaName
+                  type: object
+                type: array
+              serviceAccountName:
+                type: string
+              serviceAnnotations:
+                additionalProperties:
+                  type: string
+                type: object
+            required:
+            - adminPassword
+            - databaseRef
+            - ordsPassword
+            type: object
+          status:
+            properties:
+              apexConfigured:
+                type: boolean
+              apexUrl:
+                type: string
+              commonUsersCreated:
+                type: boolean
+              databaseActionsUrl:
+                type: string
+              databaseApiUrl:
+                type: string
               databaseRef:
                 type: string
               image:
-                description: OracleRestDataServiceImage defines the Image source and
-                  pullSecrets for POD
                 properties:
                   pullFrom:
                     type: string
@@ -97,6 +169,84 @@ spec:
                 - pullFrom
                 type: object
               loadBalancer:
+                type: string
+              mongoDbApi:
+                type: boolean
+              mongoDbApiAccessUrl:
+                type: string
+              ordsInstalled:
+                type: boolean
+              replicas:
+                type: integer
+              serviceIP:
+                type: string
+              status:
+                type: string
+            type: object
+        type: object
+    served: true
+    storage: false
+    subresources:
+      status: {}
+  - additionalPrinterColumns:
+    - jsonPath: .status.status
+      name: Status
+      type: string
+    - jsonPath: .spec.databaseRef
+      name: Database
+      type: string
+    - jsonPath: .status.databaseApiUrl
+      name: Database API URL
+      type: string
+    - jsonPath: .status.databaseActionsUrl
+      name: Database Actions URL
+      type: string
+    - jsonPath: .status.apexUrl
+      name: Apex URL
+      type: string
+    - jsonPath: .status.mongoDbApiAccessUrl
+      name: MongoDbApi Access URL
+      type: string
+    name: v4
+    schema:
+      openAPIV3Schema:
+        properties:
+          apiVersion:
+            type: string
+          kind:
+            type: string
+          metadata:
+            type: object
+          spec:
+            properties:
+              adminPassword:
+                properties:
+                  keepSecret:
+                    type: boolean
+                  secretKey:
+                    default: oracle_pwd
+                    type: string
+                  secretName:
+                    type: string
+                required:
+                - secretName
+                type: object
+              databaseRef:
+                type: string
+              image:
+                properties:
+                  pullFrom:
+                    type: string
+                  pullSecrets:
+                    type: string
+                  version:
+                    type: string
+                required:
+                - pullFrom
+                type: object
+              loadBalancer:
+                type: boolean
+              mongoDbApi:
                 type: boolean
               nodeSelector:
                 additionalProperties:
@@ -105,8 +255,6 @@ spec:
               oracleService:
                 type: string
               ordsPassword:
-                description: OracleRestDataServicePassword defines the secret containing
-                  Password mapped to secretKey
                 properties:
                   keepSecret:
                     type: boolean
@@ -121,14 +269,14 @@ spec:
               ordsUser:
                 type: string
               persistence:
-                description: OracleRestDataServicePersistence defines the storage
-                  releated params
                 properties:
                   accessMode:
                     enum:
                     - ReadWriteOnce
                     - ReadWriteMany
                     type: string
+                  setWritePermissions:
+                    type: boolean
                   size:
                     type: string
                   storageClass:
@@ -136,13 +284,13 @@ spec:
                   volumeName:
                     type: string
                 type: object
+              readinessCheckPeriod:
+                type: integer
               replicas:
                 minimum: 1
                 type: integer
               restEnableSchemas:
                 items:
-                  description: OracleRestDataServicePDBSchemas defines the PDB Schemas
-                    to be ORDS Enabled
                   properties:
                     enable:
                       type: boolean
@@ -169,8 +317,6 @@ spec:
             - ordsPassword
             type: object
           status:
-            description: OracleRestDataServiceStatus defines the observed state of
-              OracleRestDataService
             properties:
               apexConfigured:
                 type: boolean
@@ -185,8 +331,6 @@ spec:
               databaseRef:
                 type: string
               image:
-                description: OracleRestDataServiceImage defines the Image source and
-                  pullSecrets for POD
                 properties:
                   pullFrom:
                     type: string
@@ -199,6 +343,10 @@ spec:
                 type: object
               loadBalancer:
                 type: string
+              mongoDbApi:
+                type: boolean
+              mongoDbApiAccessUrl:
+                type: string
               ordsInstalled:
                 type: boolean
               replicas:
@@ -206,9 +354,6 @@ spec:
               serviceIP:
                 type: string
               status:
-                description: 'INSERT ADDITIONAL STATUS FIELD - define observed state
-                  of cluster Important: Run "make" to regenerate code after modifying
-                  this file'
                 type: string
             type: object
         type: object
@@ -220,5 +365,5 @@ status:
   acceptedNames:
     kind: ""
     plural: ""
-  conditions: []
-  storedVersions: []
+  conditions: null
+  storedVersions: null
diff --git a/bundle/manifests/database.oracle.com_ordssrvs.yaml b/bundle/manifests/database.oracle.com_ordssrvs.yaml
new file mode 100644
index 00000000..b97ace72
--- /dev/null
+++ b/bundle/manifests/database.oracle.com_ordssrvs.yaml
@@ -0,0 +1,495 @@
+apiVersion: apiextensions.k8s.io/v1
+kind: CustomResourceDefinition
+metadata:
+  annotations:
+    cert-manager.io/inject-ca-from: oracle-database-operator-system/oracle-database-operator-serving-cert
+    controller-gen.kubebuilder.io/version: v0.16.5
+  creationTimestamp: null
+  name: ordssrvs.database.oracle.com
+spec:
+  group: database.oracle.com
+  names:
+    kind: OrdsSrvs
+    listKind: OrdsSrvsList
+    plural: ordssrvs
+    singular: ordssrvs
+  scope: Namespaced
+  versions:
+  - additionalPrinterColumns:
+    - jsonPath: .status.status
+      name: status
+      type: string
+    - jsonPath: .status.workloadType
+      name: workloadType
+      type: string
+    - jsonPath: .status.ordsVersion
+      name: ordsVersion
+      type: string
+    - jsonPath: .status.httpPort
+      name: httpPort
+      type: integer
+    - jsonPath: .status.httpsPort
+      name: httpsPort
+      type: integer
+    - jsonPath: .status.mongoPort
+      name: MongoPort
+      type: integer
+    - jsonPath: .status.restartRequired
+      name: restartRequired
+      type: boolean
+    - jsonPath: .metadata.creationTimestamp
+      name: AGE
+      type: date
+    - jsonPath: .status.ordsInstalled
+      name: OrdsInstalled
+      type: boolean
+    name: v4
+    schema:
+      openAPIV3Schema:
+        properties:
+          apiVersion:
+            type: string
+          kind:
+            type: string
+          metadata:
+            type: object
+          spec:
+            properties:
+              encPrivKey:
+                properties:
+                  passwordKey:
+                    default: password
+                    type: string
+                  secretName:
+                    type: string
+                required:
+                - secretName
+                type: object
+              forceRestart:
+                type: boolean
+              globalSettings:
+                properties:
+                  cache.metadata.enabled:
+                    type: boolean
+                  cache.metadata.graphql.expireAfterAccess:
+                    format: int64
+                    type: integer
+                  cache.metadata.graphql.expireAfterWrite:
+                    format: int64
+                    type: integer
+                  cache.metadata.jwks.enabled:
+                    type: boolean
+                  cache.metadata.jwks.expireAfterAccess:
+                    format: int64
+                    type: integer
+                  cache.metadata.jwks.expireAfterWrite:
+                    format: int64
+                    type: integer
+                  cache.metadata.jwks.initialCapacity:
+                    format: int32
+                    type: integer
+                  cache.metadata.jwks.maximumSize:
+                    format: int32
+                    type: integer
+                  cache.metadata.timeout:
+                    format: int64
+                    type: integer
+                  certSecret:
+                    properties:
+                      cert:
+                        type: string
+                      key:
+                        type: string
+                      secretName:
+                        type: string
+                    required:
+                    - cert
+                    - key
+                    - secretName
+                    type: object
+                  database.api.enabled:
+                    type: boolean
+                  database.api.management.services.disabled:
+                    type: boolean
+                  db.invalidPoolTimeout:
+                    format: int64
+                    type: integer
+                  debug.printDebugToScreen:
+                    type: boolean
+                  enable.mongo.access.log:
+                    default: false
+                    type: boolean
+                  enable.standalone.access.log:
+                    default: false
+                    type: boolean
+                  error.responseFormat:
+                    type: string
+                  feature.grahpql.max.nesting.depth:
+                    format: int32
+                    type: integer
+                  icap.port:
+                    format: int32
+                    type: integer
+                  icap.secure.port:
+                    format: int32
+                    type: integer
+                  icap.server:
+                    type: string
+                  log.procedure:
+                    type: boolean
+                  mongo.enabled:
+                    type: boolean
+                  mongo.idle.timeout:
+                    format: int64
+                    type: integer
+                  mongo.op.timeout:
+                    format: int64
+                    type: integer
+                  mongo.port:
+                    default: 27017
+                    format: int32
+                    type: integer
+                  request.traceHeaderName:
+                    type: string
+                  security.credentials.attempts:
+                    format: int32
+                    type: integer
+                  security.credentials.lock.time:
+                    format: int64
+                    type: integer
+                  security.disableDefaultExclusionList:
+                    type: boolean
+                  security.exclusionList:
+                    type: string
+                  security.externalSessionTrustedOrigins:
+                    type: string
+                  security.forceHTTPS:
+                    type: boolean
+                  security.httpsHeaderCheck:
+                    type: string
+                  security.inclusionList:
+                    type: string
+                  security.maxEntries:
+                    format: int32
+                    type: integer
+                  security.verifySSL:
+                    type: boolean
+                  standalone.context.path:
+                    default: /ords
+                    type: string
+                  standalone.http.port:
+                    default: 8080
+                    format: int32
+                    type: integer
+                  standalone.https.host:
+                    type: string
+                  standalone.https.port:
+                    default: 8443
+                    format: int32
+                    type: integer
+                  standalone.stop.timeout:
+                    format: int64
+                    type: integer
+                type: object
+              image:
+                type: string
+              imagePullPolicy:
+                default: IfNotPresent
+                enum:
+                - IfNotPresent
+                - Always
+                - Never
+                type: string
+              imagePullSecrets:
+                type: string
+              poolSettings:
+                items:
+                  properties:
+                    apex.security.administrator.roles:
+                      type: string
+                    apex.security.user.roles:
+                      type: string
+                    autoUpgradeAPEX:
+                      default: false
+                      type: boolean
+                    autoUpgradeORDS:
+                      default: false
+                      type: boolean
+                    db.adminUser:
+                      type: string
+                    db.adminUser.secret:
+                      properties:
+                        passwordKey:
+                          default: password
+                          type: string
+                        secretName:
+                          type: string
+                      required:
+                      - secretName
+                      type: object
+                    db.cdb.adminUser:
+                      type: string
+                    db.cdb.adminUser.secret:
+                      properties:
+                        passwordKey:
+                          default: password
+                          type: string
+                        secretName:
+                          type: string
+                      required:
+                      - secretName
+                      type: object
+                    db.connectionType:
+                      enum:
+                      - basic
+                      - tns
+                      - customurl
+                      type: string
+                    db.credentialsSource:
+                      enum:
+                      - pool
+                      - request
+                      type: string
+                    db.customURL:
+                      type: string
+                    db.hostname:
+                      type: string
+                    db.poolDestroyTimeout:
+                      format: int64
+                      type: integer
+                    db.port:
+                      format: int32
+                      type: integer
+                    db.secret:
+                      properties:
+                        passwordKey:
+                          default: password
+                          type: string
+                        secretName:
+                          type: string
+                      required:
+                      - secretName
+                      type: object
+                    db.servicename:
+                      type: string
+                    db.sid:
+                      type: string
+                    db.tnsAliasName:
+                      type: string
+                    db.username:
+                      default: ORDS_PUBLIC_USER
+                      type: string
+                    db.wallet.zip.service:
+                      type: string
+                    dbWalletSecret:
+                      properties:
+                        secretName:
+                          type: string
+                        walletName:
+                          type: string
+                      required:
+                      - secretName
+                      - walletName
+                      type: object
+                    debug.trackResources:
+                      type: boolean
+                    feature.openservicebroker.exclude:
+                      type: boolean
+                    feature.sdw:
+                      type: boolean
+                    http.cookie.filter:
+                      type: string
+                    jdbc.DriverType:
+                      enum:
+                      - thin
+                      - oci8
+                      type: string
+                    jdbc.InactivityTimeout:
+                      format: int32
+                      type: integer
+                    jdbc.InitialLimit:
+                      format: int32
+                      type: integer
+                    jdbc.MaxConnectionReuseCount:
+                      format: int32
+                      type: integer
+                    jdbc.MaxConnectionReuseTime:
+                      format: int32
+                      type: integer
+                    jdbc.MaxLimit:
+                      format: int32
+                      type: integer
+                    jdbc.MaxStatementsLimit:
+                      format: int32
+                      type: integer
+                    jdbc.MinLimit:
+                      format: int32
+                      type: integer
+                    jdbc.SecondsToTrustIdleConnection:
+                      format: int32
+                      type: integer
+                    jdbc.auth.admin.role:
+                      type: string
+                    jdbc.auth.enabled:
+                      type: boolean
+                    jdbc.cleanup.mode:
+                      type: string
+                    jdbc.statementTimeout:
+                      format: int32
+                      type: integer
+                    misc.defaultPage:
+                      type: string
+                    misc.pagination.maxRows:
+                      format: int32
+                      type: integer
+                    owa.trace.sql:
+                      type: boolean
+                    plsql.gateway.mode:
+                      enum:
+                      - disabled
+                      - direct
+                      - proxied
+                      type: string
+                    poolName:
+                      type: string
+                    procedure.preProcess:
+                      type: string
+                    procedure.rest.preHook:
+                      type: string
+                    procedurePostProcess:
+                      type: string
+                    restEnabledSql.active:
+                      type: boolean
+                    security.jwks.connection.timeout:
+                      format: int64
+                      type: integer
+                    security.jwks.read.timeout:
+                      format: int64
+                      type: integer
+                    security.jwks.refresh.interval:
+                      format: int64
+                      type: integer
+                    security.jwks.size:
+                      format: int32
+                      type: integer
+                    security.jwt.allowed.age:
+                      format: int64
+                      type: integer
+                    security.jwt.allowed.skew:
+                      format: int64
+                      type: integer
+                    security.jwt.profile.enabled:
+                      type: boolean
+                    security.requestAuthenticationFunction:
+                      type: string
+                    security.requestValidationFunction:
+                      default: ords_util.authorize_plsql_gateway
+                      type: string
+                    security.validationFunctionType:
+                      enum:
+                      - plsql
+                      - javascript
+                      type: string
+                    soda.defaultLimit:
+                      type: string
+                    soda.maxLimit:
+                      type: string
+                    tnsAdminSecret:
+                      properties:
+                        secretName:
+                          type: string
+                      required:
+                      - secretName
+                      type: object
+                  required:
+                  - db.secret
+                  - poolName
+                  type: object
+                type: array
+              replicas:
+                default: 1
+                format: int32
+                minimum: 1
+                type: integer
+              workloadType:
+                default: Deployment
+                enum:
+                - Deployment
+                - StatefulSet
+                - DaemonSet
+                type: string
+            required:
+            - globalSettings
+            - image
+            type: object
+          status:
+            properties:
+              conditions:
+                items:
+                  properties:
+                    lastTransitionTime:
+                      format: date-time
+                      type: string
+                    message:
+                      maxLength: 32768
+                      type: string
+                    observedGeneration:
+                      format: int64
+                      minimum: 0
+                      type: integer
+                    reason:
+                      maxLength: 1024
+                      minLength: 1
+                      pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$
+                      type: string
+                    status:
+                      enum:
+                      - "True"
+                      - "False"
+                      - Unknown
+                      type: string
+                    type:
+                      maxLength: 316
+                      pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$
+                      type: string
+                  required:
+                  - lastTransitionTime
+                  - message
+                  - reason
+                  - status
+                  - type
+                  type: object
+                type: array
+              httpPort:
+                format: int32
+                type: integer
+              httpsPort:
+                format: int32
+                type: integer
+              mongoPort:
+                format: int32
+                type: integer
+              ordsInstalled:
+                type: boolean
+              ordsVersion:
+                type: string
+              restartRequired:
+                type: boolean
+              status:
+                type: string
+              workloadType:
+                type: string
+            required:
+            - restartRequired
+            type: object
+        type: object
+    served: true
+    storage: true
+    subresources:
+      status: {}
+status:
+  acceptedNames:
+    kind: ""
+    plural: ""
+  conditions: null
+  storedVersions: null
diff --git a/config/crd/bases/database.oracle.com_pdbs.yaml b/bundle/manifests/database.oracle.com_pdbs.yaml
similarity index 98%
rename from config/crd/bases/database.oracle.com_pdbs.yaml
rename to bundle/manifests/database.oracle.com_pdbs.yaml
index b2f37ac9..b1e1032f 100644
--- a/config/crd/bases/database.oracle.com_pdbs.yaml
+++ b/bundle/manifests/database.oracle.com_pdbs.yaml
@@ -1,9 +1,10 @@
----
 apiVersion: apiextensions.k8s.io/v1
 kind: CustomResourceDefinition
 metadata:
   annotations:
+    cert-manager.io/inject-ca-from: oracle-database-operator-system/oracle-database-operator-serving-cert
     controller-gen.kubebuilder.io/version: v0.16.5
+  creationTimestamp: null
   name: pdbs.database.oracle.com
 spec:
   group: database.oracle.com
@@ -632,3 +633,9 @@ spec:
     storage: true
     subresources:
       status: {}
+status:
+  acceptedNames:
+    kind: ""
+    plural: ""
+  conditions: null
+  storedVersions: null
diff --git a/bundle/manifests/database.oracle.com_shardingdatabases.yaml b/bundle/manifests/database.oracle.com_shardingdatabases.yaml
new file mode 100644
index 00000000..f8cd38a8
--- /dev/null
+++ b/bundle/manifests/database.oracle.com_shardingdatabases.yaml
@@ -0,0 +1,1115 @@
+apiVersion: apiextensions.k8s.io/v1
+kind: CustomResourceDefinition
+metadata:
+  annotations:
+    cert-manager.io/inject-ca-from: oracle-database-operator-system/oracle-database-operator-serving-cert
+    controller-gen.kubebuilder.io/version: v0.16.5
+  creationTimestamp: null
+  name: shardingdatabases.database.oracle.com
+spec:
+  group: database.oracle.com
+  names:
+    kind: ShardingDatabase
+    listKind: ShardingDatabaseList
+    plural: shardingdatabases
+    singular: shardingdatabase
+  scope: Namespaced
+  versions:
+  - additionalPrinterColumns:
+    - jsonPath: .status.gsm.state
+      name: Gsm State
+      type: string
+    - jsonPath: .status.gsm.services
+      name: Services
+      type: string
+    - jsonPath: .status.gsm.shards
+      name: shards
+      priority: 1
+      type: string
+    name: v1alpha1
+    schema:
+      openAPIV3Schema:
+        properties:
+          apiVersion:
+            type: string
+          kind:
+            type: string
+          metadata:
+            type: object
+          spec:
+            properties:
+              InvitedNodeSubnet:
+                type: string
+              catalog:
+                items:
+                  properties:
+                    envVars:
+                      items:
+                        properties:
+                          name:
+                            type: string
+                          value:
+                            type: string
+                        required:
+                        - name
+                        - value
+                        type: object
+                      type: array
+                    imagePullPolicy:
+                      type: string
+                    isDelete:
+                      type: string
+                    label:
+                      type: string
+                    name:
+                      type: string
+                    nodeSelector:
+                      additionalProperties:
+                        type: string
+                      type: object
+                    pvAnnotations:
+                      additionalProperties:
+                        type: string
+                      type: object
+                    pvMatchLabels:
+                      additionalProperties:
+                        type: string
+                      type: object
+                    pvcName:
+                      type: string
+                    resources:
+                      properties:
+                        claims:
+                          items:
+                            properties:
+                              name:
+                                type: string
+                              request:
+                                type: string
+                            required:
+                            - name
+                            type: object
+                          type: array
+                          x-kubernetes-list-map-keys:
+                          - name
+                          x-kubernetes-list-type: map
+                        limits:
+                          additionalProperties:
+                            anyOf:
+                            - type: integer
+                            - type: string
+                            pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+                            x-kubernetes-int-or-string: true
+                          type: object
+                        requests:
+                          additionalProperties:
+                            anyOf:
+                            - type: integer
+                            - type: string
+                            pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+                            x-kubernetes-int-or-string: true
+                          type: object
+                      type: object
+                    storageSizeInGb:
+                      format: int32
+                      type: integer
+                  required:
+                  - name
+                  type: object
+                type: array
+              dbEdition:
+                type: string
+              dbImage:
+                type: string
+              dbImagePullSecret:
+                type: string
+              dbSecret:
+                properties:
+                  encryptionType:
+                    type: string
+                  keyFileMountLocation:
+                    type: string
+                  keyFileName:
+                    type: string
+                  keySecretName:
+                    type: string
+                  name:
+                    type: string
+                  nsConfigMap:
+                    type: string
+                  nsSecret:
+                    type: string
+                  pwdFileMountLocation:
+                    type: string
+                  pwdFileName:
+                    type: string
+                required:
+                - name
+                - pwdFileName
+                type: object
+              fssStorageClass:
+                type: string
+              gsm:
+                items:
+                  properties:
+                    directorName:
+                      type: string
+                    envVars:
+                      items:
+                        properties:
+                          name:
+                            type: string
+                          value:
+                            type: string
+                        required:
+                        - name
+                        - value
+                        type: object
+                      type: array
+                    imagePullPolicy:
+                      type: string
+                    isDelete:
+                      type: string
+                    label:
+                      type: string
+                    name:
+                      type: string
+                    nodeSelector:
+                      additionalProperties:
+                        type: string
+                      type: object
+                    pvAnnotations:
+                      additionalProperties:
+                        type: string
+                      type: object
+                    pvMatchLabels:
+                      additionalProperties:
+                        type: string
+                      type: object
+                    pvcName:
+                      type: string
+                    region:
+                      type: string
+                    resources:
+                      properties:
+                        claims:
+                          items:
+                            properties:
+                              name:
+                                type: string
+                              request:
+                                type: string
+                            required:
+                            - name
+                            type: object
+                          type: array
+                          x-kubernetes-list-map-keys:
+                          - name
+                          x-kubernetes-list-type: map
+                        limits:
+                          additionalProperties:
+                            anyOf:
+                            - type: integer
+                            - type: string
+                            pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+                            x-kubernetes-int-or-string: true
+                          type: object
+                        requests:
+                          additionalProperties:
+                            anyOf:
+                            - type: integer
+                            - type: string
+                            pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+                            x-kubernetes-int-or-string: true
+                          type: object
+                      type: object
+                    storageSizeInGb:
+                      format: int32
+                      type: integer
+                  required:
+                  - name
+                  type: object
+                type: array
+              gsmDevMode:
+                type: string
+              gsmImage:
+                type: string
+              gsmImagePullSecret:
+                type: string
+              gsmService:
+                items:
+                  properties:
+                    available:
+                      type: string
+                    clbGoal:
+                      type: string
+                    commitOutcome:
+                      type: string
+                    drainTimeout:
+                      type: string
+                    dtp:
+                      type: string
+                    edition:
+                      type: string
+                    failoverDelay:
+                      type: string
+                    failoverMethod:
+                      type: string
+                    failoverPrimary:
+                      type: string
+                    failoverRestore:
+                      type: string
+                    failoverRetry:
+                      type: string
+                    failoverType:
+                      type: string
+                    gdsPool:
+                      type: string
+                    lag:
+                      type: integer
+                    locality:
+                      type: string
+                    name:
+                      type: string
+                    notification:
+                      type: string
+                    pdbName:
+                      type: string
+                    policy:
+                      type: string
+                    preferred:
+                      type: string
+                    prferredAll:
+                      type: string
+                    regionFailover:
+                      type: string
+                    retention:
+                      type: string
+                    role:
+                      type: string
+                    sessionState:
+                      type: string
+                    sqlTransactionProfile:
+                      type: string
+                    stopOption:
+                      type: string
+                    tableFamily:
+                      type: string
+                    tfaPolicy:
+                      type: string
+                  required:
+                  - name
+                  type: object
+                type: array
+              gsmShardGroup:
+                items:
+                  properties:
+                    deployAs:
+                      type: string
+                    name:
+                      type: string
+                    region:
+                      type: string
+                  required:
+                  - name
+                  type: object
+                type: array
+              gsmShardSpace:
+                items:
+                  properties:
+                    chunks:
+                      type: integer
+                    name:
+                      type: string
+                    protectionMode:
+                      type: string
+                    shardGroup:
+                      type: string
+                  required:
+                  - name
+                  type: object
+                type: array
+              invitedNodeSubnetFlag:
+                type: string
+              isClone:
+                type: boolean
+              isDataGuard:
+                type: boolean
+              isDebug:
+                type: boolean
+              isDeleteOraPvc:
+                type: boolean
+              isDownloadScripts:
+                type: boolean
+              isExternalSvc:
+                type: boolean
+              isTdeWallet:
+                type: string
+              liveinessCheckPeriod:
+                type: integer
+              portMappings:
+                items:
+                  properties:
+                    port:
+                      format: int32
+                      type: integer
+                    protocol:
+                      type: string
+                    targetPort:
+                      format: int32
+                      type: integer
+                  required:
+                  - port
+                  - protocol
+                  - targetPort
+                  type: object
+                type: array
+              readinessCheckPeriod:
+                type: integer
+              replicationType:
+                type: string
+              scriptsLocation:
+                type: string
+              shard:
+                items:
+                  properties:
+                    deployAs:
+                      type: string
+                    envVars:
+                      items:
+                        properties:
+                          name:
+                            type: string
+                          value:
+                            type: string
+                        required:
+                        - name
+                        - value
+                        type: object
+                      type: array
+                    imagePullPolicy:
+                      type: string
+                    isDelete:
+                      enum:
+                      - enable
+                      - disable
+                      - failed
+                      - force
+                      type: string
+                    label:
+                      type: string
+                    name:
+                      type: string
+                    nodeSelector:
+                      additionalProperties:
+                        type: string
+                      type: object
+                    pvAnnotations:
+                      additionalProperties:
+                        type: string
+                      type: object
+                    pvMatchLabels:
+                      additionalProperties:
+                        type: string
+                      type: object
+                    pvcName:
+                      type: string
+                    resources:
+                      properties:
+                        claims:
+                          items:
+                            properties:
+                              name:
+                                type: string
+                              request:
+                                type: string
+                            required:
+                            - name
+                            type: object
+                          type: array
+                          x-kubernetes-list-map-keys:
+                          - name
+                          x-kubernetes-list-type: map
+                        limits:
+                          additionalProperties:
+                            anyOf:
+                            - type: integer
+                            - type: string
+                            pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+                            x-kubernetes-int-or-string: true
+                          type: object
+                        requests:
+                          additionalProperties:
+                            anyOf:
+                            - type: integer
+                            - type: string
+                            pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+                            x-kubernetes-int-or-string: true
+                          type: object
+                      type: object
+                    shardGroup:
+                      type: string
+                    shardRegion:
+                      type: string
+                    shardSpace:
+                      type: string
+                    storageSizeInGb:
+                      format: int32
+                      type: integer
+                  required:
+                  - name
+                  type: object
+                type: array
+              shardBuddyRegion:
+                type: string
+              shardConfigName:
+                type: string
+              shardRegion:
+                items:
+                  type: string
+                type: array
+              shardingType:
+                type: string
+              stagePvcName:
+                type: string
+              storageClass:
+                type: string
+              tdeWalletPvc:
+                type: string
+              tdeWalletPvcMountLocation:
+                type: string
+              topicId:
+                type: string
+            required:
+            - catalog
+            - dbImage
+            - gsm
+            - gsmImage
+            - shard
+            type: object
+          status:
+            properties:
+              catalogs:
+                additionalProperties:
+                  type: string
+                type: object
+              conditions:
+                items:
+                  properties:
+                    lastTransitionTime:
+                      format: date-time
+                      type: string
+                    message:
+                      maxLength: 32768
+                      type: string
+                    observedGeneration:
+                      format: int64
+                      minimum: 0
+                      type: integer
+                    reason:
+                      maxLength: 1024
+                      minLength: 1
+                      pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$
+                      type: string
+                    status:
+                      enum:
+                      - "True"
+                      - "False"
+                      - Unknown
+                      type: string
+                    type:
+                      maxLength: 316
+                      pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$
+                      type: string
+                  required:
+                  - lastTransitionTime
+                  - message
+                  - reason
+                  - status
+                  - type
+                  type: object
+                type: array
+                x-kubernetes-list-map-keys:
+                - type
+                x-kubernetes-list-type: map
+              gsm:
+                properties:
+                  details:
+                    additionalProperties:
+                      type: string
+                    type: object
+                  externalConnectStr:
+                    type: string
+                  internalConnectStr:
+                    type: string
+                  services:
+                    type: string
+                  shards:
+                    additionalProperties:
+                      type: string
+                    type: object
+                  state:
+                    type: string
+                type: object
+              shards:
+                additionalProperties:
+                  type: string
+                type: object
+            type: object
+        type: object
+    served: true
+    storage: false
+    subresources:
+      status: {}
+  - additionalPrinterColumns:
+    - jsonPath: .status.gsm.state
+      name: Gsm State
+      type: string
+    - jsonPath: .status.gsm.services
+      name: Services
+      type: string
+    - jsonPath: .status.gsm.shards
+      name: shards
+      priority: 1
+      type: string
+    name: v4
+    schema:
+      openAPIV3Schema:
+        properties:
+          apiVersion:
+            type: string
+          kind:
+            type: string
+          metadata:
+            type: object
+          spec:
+            properties:
+              InvitedNodeSubnet:
+                type: string
+              catalog:
+                items:
+                  properties:
+                    envVars:
+                      items:
+                        properties:
+                          name:
+                            type: string
+                          value:
+                            type: string
+                        required:
+                        - name
+                        - value
+                        type: object
+                      type: array
+                    imagePullPolicy:
+                      type: string
+                    isDelete:
+                      type: string
+                    label:
+                      type: string
+                    name:
+                      type: string
+                    nodeSelector:
+                      additionalProperties:
+                        type: string
+                      type: object
+                    pvAnnotations:
+                      additionalProperties:
+                        type: string
+                      type: object
+                    pvMatchLabels:
+                      additionalProperties:
+                        type: string
+                      type: object
+                    pvcName:
+                      type: string
+                    resources:
+                      properties:
+                        claims:
+                          items:
+                            properties:
+                              name:
+                                type: string
+                              request:
+                                type: string
+                            required:
+                            - name
+                            type: object
+                          type: array
+                          x-kubernetes-list-map-keys:
+                          - name
+                          x-kubernetes-list-type: map
+                        limits:
+                          additionalProperties:
+                            anyOf:
+                            - type: integer
+                            - type: string
+                            pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+                            x-kubernetes-int-or-string: true
+                          type: object
+                        requests:
+                          additionalProperties:
+                            anyOf:
+                            - type: integer
+                            - type: string
+                            pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+                            x-kubernetes-int-or-string: true
+                          type: object
+                      type: object
+                    storageSizeInGb:
+                      format: int32
+                      type: integer
+                  required:
+                  - name
+                  type: object
+                type: array
+              dbEdition:
+                type: string
+              dbImage:
+                type: string
+              dbImagePullSecret:
+                type: string
+              dbSecret:
+                properties:
+                  encryptionType:
+                    type: string
+                  keyFileMountLocation:
+                    type: string
+                  keyFileName:
+                    type: string
+                  keySecretName:
+                    type: string
+                  name:
+                    type: string
+                  nsConfigMap:
+                    type: string
+                  nsSecret:
+                    type: string
+                  pwdFileMountLocation:
+                    type: string
+                  pwdFileName:
+                    type: string
+                required:
+                - name
+                - pwdFileName
+                type: object
+              fssStorageClass:
+                type: string
+              gsm:
+                items:
+                  properties:
+                    directorName:
+                      type: string
+                    envVars:
+                      items:
+                        properties:
+                          name:
+                            type: string
+                          value:
+                            type: string
+                        required:
+                        - name
+                        - value
+                        type: object
+                      type: array
+                    imagePullPolicy:
+                      type: string
+                    isDelete:
+                      type: string
+                    label:
+                      type: string
+                    name:
+                      type: string
+                    nodeSelector:
+                      additionalProperties:
+                        type: string
+                      type: object
+                    pvAnnotations:
+                      additionalProperties:
+                        type: string
+                      type: object
+                    pvMatchLabels:
+                      additionalProperties:
+                        type: string
+                      type: object
+                    pvcName:
+                      type: string
+                    region:
+                      type: string
+                    resources:
+                      properties:
+                        claims:
+                          items:
+                            properties:
+                              name:
+                                type: string
+                              request:
+                                type: string
+                            required:
+                            - name
+                            type: object
+                          type: array
+                          x-kubernetes-list-map-keys:
+                          - name
+                          x-kubernetes-list-type: map
+                        limits:
+                          additionalProperties:
+                            anyOf:
+                            - type: integer
+                            - type: string
+                            pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+                            x-kubernetes-int-or-string: true
+                          type: object
+                        requests:
+                          additionalProperties:
+                            anyOf:
+                            - type: integer
+                            - type: string
+                            pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+                            x-kubernetes-int-or-string: true
+                          type: object
+                      type: object
+                    storageSizeInGb:
+                      format: int32
+                      type: integer
+                  required:
+                  - name
+                  type: object
+                type: array
+              gsmDevMode:
+                type: string
+              gsmImage:
+                type: string
+              gsmImagePullSecret:
+                type: string
+              gsmService:
+                items:
+                  properties:
+                    available:
+                      type: string
+                    clbGoal:
+                      type: string
+                    commitOutcome:
+                      type: string
+                    drainTimeout:
+                      type: string
+                    dtp:
+                      type: string
+                    edition:
+                      type: string
+                    failoverDelay:
+                      type: string
+                    failoverMethod:
+                      type: string
+                    failoverPrimary:
+                      type: string
+                    failoverRestore:
+                      type: string
+                    failoverRetry:
+                      type: string
+                    failoverType:
+                      type: string
+                    gdsPool:
+                      type: string
+                    lag:
+                      type: integer
+                    locality:
+                      type: string
+                    name:
+                      type: string
+                    notification:
+                      type: string
+                    pdbName:
+                      type: string
+                    policy:
+                      type: string
+                    preferred:
+                      type: string
+                    prferredAll:
+                      type: string
+                    regionFailover:
+                      type: string
+                    retention:
+                      type: string
+                    role:
+                      type: string
+                    sessionState:
+                      type: string
+                    sqlTransactionProfile:
+                      type: string
+                    stopOption:
+                      type: string
+                    tableFamily:
+                      type: string
+                    tfaPolicy:
+                      type: string
+                  required:
+                  - name
+                  type: object
+                type: array
+              gsmShardGroup:
+                items:
+                  properties:
+                    deployAs:
+                      type: string
+                    name:
+                      type: string
+                    region:
+                      type: string
+                  required:
+                  - name
+                  type: object
+                type: array
+              gsmShardSpace:
+                items:
+                  properties:
+                    chunks:
+                      type: integer
+                    name:
+                      type: string
+                    protectionMode:
+                      type: string
+                    shardGroup:
+                      type: string
+                  required:
+                  - name
+                  type: object
+                type: array
+              invitedNodeSubnetFlag:
+                type: string
+              isClone:
+                type: boolean
+              isDataGuard:
+                type: boolean
+              isDebug:
+                type: boolean
+              isDeleteOraPvc:
+                type: boolean
+              isDownloadScripts:
+                type: boolean
+              isExternalSvc:
+                type: boolean
+              isTdeWallet:
+                type: string
+              liveinessCheckPeriod:
+                type: integer
+              portMappings:
+                items:
+                  properties:
+                    port:
+                      format: int32
+                      type: integer
+                    protocol:
+                      type: string
+                    targetPort:
+                      format: int32
+                      type: integer
+                  required:
+                  - port
+                  - protocol
+                  - targetPort
+                  type: object
+                type: array
+              readinessCheckPeriod:
+                type: integer
+              replicationType:
+                type: string
+              scriptsLocation:
+                type: string
+              shard:
+                items:
+                  properties:
+                    deployAs:
+                      type: string
+                    envVars:
+                      items:
+                        properties:
+                          name:
+                            type: string
+                          value:
+                            type: string
+                        required:
+                        - name
+                        - value
+                        type: object
+                      type: array
+                    imagePullPolicy:
+                      type: string
+                    isDelete:
+                      enum:
+                      - enable
+                      - disable
+                      - failed
+                      - force
+                      type: string
+                    label:
+                      type: string
+                    name:
+                      type: string
+                    nodeSelector:
+                      additionalProperties:
+                        type: string
+                      type: object
+                    pvAnnotations:
+                      additionalProperties:
+                        type: string
+                      type: object
+                    pvMatchLabels:
+                      additionalProperties:
+                        type: string
+                      type: object
+                    pvcName:
+                      type: string
+                    resources:
+                      properties:
+                        claims:
+                          items:
+                            properties:
+                              name:
+                                type: string
+                              request:
+                                type: string
+                            required:
+                            - name
+                            type: object
+                          type: array
+                          x-kubernetes-list-map-keys:
+                          - name
+                          x-kubernetes-list-type: map
+                        limits:
+                          additionalProperties:
+                            anyOf:
+                            - type: integer
+                            - type: string
+                            pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+                            x-kubernetes-int-or-string: true
+                          type: object
+                        requests:
+                          additionalProperties:
+                            anyOf:
+                            - type: integer
+                            - type: string
+                            pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+                            x-kubernetes-int-or-string: true
+                          type: object
+                      type: object
+                    shardGroup:
+                      type: string
+                    shardRegion:
+                      type: string
+                    shardSpace:
+                      type: string
+                    storageSizeInGb:
+                      format: int32
+                      type: integer
+                  required:
+                  - name
+                  type: object
+                type: array
+              shardBuddyRegion:
+                type: string
+              shardConfigName:
+                type: string
+              shardRegion:
+                items:
+                  type: string
+                type: array
+              shardingType:
+                type: string
+              stagePvcName:
+                type: string
+              storageClass:
+                type: string
+              tdeWalletPvc:
+                type: string
+              tdeWalletPvcMountLocation:
+                type: string
+              topicId:
+                type: string
+            required:
+            - catalog
+            - dbImage
+            - gsm
+            - gsmImage
+            - shard
+            type: object
+          status:
+            properties:
+              catalogs:
+                additionalProperties:
+                  type: string
+                type: object
+              conditions:
+                items:
+                  properties:
+                    lastTransitionTime:
+                      format: date-time
+                      type: string
+                    message:
+                      maxLength: 32768
+                      type: string
+                    observedGeneration:
+                      format: int64
+                      minimum: 0
+                      type: integer
+                    reason:
+                      maxLength: 1024
+                      minLength: 1
+                      pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$
+                      type: string
+                    status:
+                      enum:
+                      - "True"
+                      - "False"
+                      - Unknown
+                      type: string
+                    type:
+                      maxLength: 316
+                      pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$
+                      type: string
+                  required:
+                  - lastTransitionTime
+                  - message
+                  - reason
+                  - status
+                  - type
+                  type: object
+                type: array
+                x-kubernetes-list-map-keys:
+                - type
+                x-kubernetes-list-type: map
+              gsm:
+                properties:
+                  details:
+                    additionalProperties:
+                      type: string
+                    type: object
+                  externalConnectStr:
+                    type: string
+                  internalConnectStr:
+                    type: string
+                  services:
+                    type: string
+                  shards:
+                    additionalProperties:
+                      type: string
+                    type: object
+                  state:
+                    type: string
+                type: object
+              shards:
+                additionalProperties:
+                  type: string
+                type: object
+            type: object
+        type: object
+    served: true
+    storage: true
+    subresources:
+      status: {}
+status:
+  acceptedNames:
+    kind: ""
+    plural: ""
+  conditions: null
+  storedVersions: null
diff --git a/bundle/manifests/database.oracle.com_singleinstancedatabases.yaml b/bundle/manifests/database.oracle.com_singleinstancedatabases.yaml
new file mode 100644
index 00000000..2a633c70
--- /dev/null
+++ b/bundle/manifests/database.oracle.com_singleinstancedatabases.yaml
@@ -0,0 +1,717 @@
+apiVersion: apiextensions.k8s.io/v1
+kind: CustomResourceDefinition
+metadata:
+  annotations:
+    cert-manager.io/inject-ca-from: oracle-database-operator-system/oracle-database-operator-serving-cert
+    controller-gen.kubebuilder.io/version: v0.16.5
+  creationTimestamp: null
+  name: singleinstancedatabases.database.oracle.com
+spec:
+  group: database.oracle.com
+  names:
+    kind: SingleInstanceDatabase
+    listKind: SingleInstanceDatabaseList
+    plural: singleinstancedatabases
+    singular: singleinstancedatabase
+  scope: Namespaced
+  versions:
+  - additionalPrinterColumns:
+    - jsonPath: .status.edition
+      name: Edition
+      type: string
+    - jsonPath: .status.sid
+      name: Sid
+      priority: 1
+      type: string
+    - jsonPath: .status.status
+      name: Status
+      type: string
+    - jsonPath: .status.role
+      name: Role
+      type: string
+    - jsonPath: .status.releaseUpdate
+      name: Version
+      type: string
+    - jsonPath: .status.connectString
+      name: Connect Str
+      type: string
+    - jsonPath: .status.pdbConnectString
+      name: Pdb Connect Str
+      priority: 1
+      type: string
+    - jsonPath: .status.tcpsConnectString
+      name: TCPS Connect Str
+      type: string
+    - jsonPath: .status.tcpsPdbConnectString
+      name: TCPS Pdb Connect Str
+      priority: 1
+      type: string
+    - jsonPath: .status.oemExpressUrl
+      name: Oem Express Url
+      type: string
+    name: v1alpha1
+    schema:
+      openAPIV3Schema:
+        properties:
+          apiVersion:
+            type: string
+          kind:
+            type: string
+          metadata:
+            type: object
+          spec:
+            properties:
+              adminPassword:
+                properties:
+                  keepSecret:
+                    type: boolean
+                  secretKey:
+                    default: oracle_pwd
+                    type: string
+                  secretName:
+                    type: string
+                required:
+                - secretName
+                type: object
+              archiveLog:
+                type: boolean
+              charset:
+                type: string
+              convertToSnapshotStandby:
+                type: boolean
+              createAs:
+                enum:
+                - primary
+                - standby
+                - clone
+                - truecache
+                type: string
+              edition:
+                enum:
+                - standard
+                - enterprise
+                - express
+                - free
+                type: string
+              enableTCPS:
+                type: boolean
+              flashBack:
+                type: boolean
+              forceLog:
+                type: boolean
+              image:
+                properties:
+                  prebuiltDB:
+                    type: boolean
+                  pullFrom:
+                    type: string
+                  pullSecrets:
+                    type: string
+                  version:
+                    type: string
+                required:
+                - pullFrom
+                type: object
+              initParams:
+                properties:
+                  cpuCount:
+                    type: integer
+                  pgaAggregateTarget:
+                    type: integer
+                  processes:
+                    type: integer
+                  sgaTarget:
+                    type: integer
+                type: object
+              listenerPort:
+                type: integer
+              loadBalancer:
+                type: boolean
+              nodeSelector:
+                additionalProperties:
+                  type: string
+                type: object
+              pdbName:
+                type: string
+              persistence:
+                properties:
+                  accessMode:
+                    enum:
+                    - ReadWriteOnce
+                    - ReadWriteMany
+                    type: string
+                  datafilesVolumeName:
+                    type: string
+                  scriptsVolumeName:
+                    type: string
+                  setWritePermissions:
+                    type: boolean
+                  size:
+                    type: string
+                  storageClass:
+                    type: string
+                  volumeClaimAnnotation:
+                    type: string
+                type: object
+              primaryDatabaseRef:
+                type: string
+              readinessCheckPeriod:
+                type: integer
+              replicas:
+                type: integer
+              resources:
+                properties:
+                  limits:
+                    properties:
+                      cpu:
+                        type: string
+                      memory:
+                        type: string
+                    type: object
+                  requests:
+                    properties:
+                      cpu:
+                        type: string
+                      memory:
+                        type: string
+                    type: object
+                type: object
+              serviceAccountName:
+                type: string
+              serviceAnnotations:
+                additionalProperties:
+                  type: string
+                type: object
+              sid:
+                maxLength: 12
+                pattern: ^[a-zA-Z0-9]+$
+                type: string
+              tcpsCertRenewInterval:
+                type: string
+              tcpsListenerPort:
+                type: integer
+              tcpsTlsSecret:
+                type: string
+              trueCacheServices:
+                items:
+                  type: string
+                type: array
+            required:
+            - image
+            type: object
+          status:
+            properties:
+              apexInstalled:
+                type: boolean
+              archiveLog:
+                type: string
+              certCreationTimestamp:
+                type: string
+              certRenewInterval:
+                type: string
+              charset:
+                type: string
+              clientWalletLoc:
+                type: string
+              clusterConnectString:
+                type: string
+              conditions:
+                items:
+                  properties:
+                    lastTransitionTime:
+                      format: date-time
+                      type: string
+                    message:
+                      maxLength: 32768
+                      type: string
+                    observedGeneration:
+                      format: int64
+                      minimum: 0
+                      type: integer
+                    reason:
+                      maxLength: 1024
+                      minLength: 1
+                      pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$
+                      type: string
+                    status:
+                      enum:
+                      - "True"
+                      - "False"
+                      - Unknown
+                      type: string
+                    type:
+                      maxLength: 316
+                      pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$
+                      type: string
+                  required:
+                  - lastTransitionTime
+                  - message
+                  - reason
+                  - status
+                  - type
+                  type: object
+                type: array
+                x-kubernetes-list-map-keys:
+                - type
+                x-kubernetes-list-type: map
+              connectString:
+                type: string
+              convertToSnapshotStandby:
+                type: boolean
+              createdAs:
+                type: string
+              datafilesCreated:
+                default: "false"
+                type: string
+              datafilesPatched:
+                default: "false"
+                type: string
+              dgBroker:
+                type: string
+              edition:
+                type: string
+              flashBack:
+                type: string
+              forceLog:
+                type: string
+              initParams:
+                properties:
+                  cpuCount:
+                    type: integer
+                  pgaAggregateTarget:
+                    type: integer
+                  processes:
+                    type: integer
+                  sgaTarget:
+                    type: integer
+                type: object
+              initPgaSize:
+                type: integer
+              initSgaSize:
+                type: integer
+              isTcpsEnabled:
+                default: false
+                type: boolean
+              nodes:
+                items:
+                  type: string
+                type: array
+              oemExpressUrl:
+                type: string
+              ordsReference:
+                type: string
+              pdbConnectString:
+                type: string
+              pdbName:
+                type: string
+              persistence:
+                properties:
+                  accessMode:
+                    enum:
+                    - ReadWriteOnce
+                    - ReadWriteMany
+                    type: string
+                  datafilesVolumeName:
+                    type: string
+                  scriptsVolumeName:
+                    type: string
+                  setWritePermissions:
+                    type: boolean
+                  size:
+                    type: string
+                  storageClass:
+                    type: string
+                  volumeClaimAnnotation:
+                    type: string
+                type: object
+              prebuiltDB:
+                type: boolean
+              primaryDatabase:
+                type: string
+              releaseUpdate:
+                type: string
+              replicas:
+                type: integer
+              role:
+                type: string
+              sid:
+                type: string
+              standbyDatabases:
+                additionalProperties:
+                  type: string
+                type: object
+              status:
+                type: string
+              tcpsConnectString:
+                type: string
+              tcpsPdbConnectString:
+                type: string
+              tcpsTlsSecret:
+                default: ""
+                type: string
+            required:
+            - isTcpsEnabled
+            - persistence
+            - tcpsTlsSecret
+            type: object
+        type: object
+    served: true
+    storage: false
+    subresources:
+      scale:
+        specReplicasPath: .spec.replicas
+        statusReplicasPath: .status.replicas
+      status: {}
+  - additionalPrinterColumns:
+    - jsonPath: .status.edition
+      name: Edition
+      type: string
+    - jsonPath: .status.sid
+      name: Sid
+      priority: 1
+      type: string
+    - jsonPath: .status.status
+      name: Status
+      type: string
+    - jsonPath: .status.role
+      name: Role
+      type: string
+    - jsonPath: .status.releaseUpdate
+      name: Version
+      type: string
+    - jsonPath: .status.connectString
+      name: Connect Str
+      type: string
+    - jsonPath: .status.pdbConnectString
+      name: Pdb Connect Str
+      priority: 1
+      type: string
+    - jsonPath: .status.tcpsConnectString
+      name: TCPS Connect Str
+      type: string
+    - jsonPath: .status.tcpsPdbConnectString
+      name: TCPS Pdb Connect Str
+      priority: 1
+      type: string
+    - jsonPath: .status.oemExpressUrl
+      name: Oem Express Url
+      type: string
+    name: v4
+    schema:
+      openAPIV3Schema:
+        properties:
+          apiVersion:
+            type: string
+          kind:
+            type: string
+          metadata:
+            type: object
+          spec:
+            properties:
+              adminPassword:
+                properties:
+                  keepSecret:
+                    type: boolean
+                  secretKey:
+                    default: oracle_pwd
+                    type: string
+                  secretName:
+                    type: string
+                required:
+                - secretName
+                type: object
+              archiveLog:
+                type: boolean
+              charset:
+                type: string
+              convertToSnapshotStandby:
+                type: boolean
+              createAs:
+                enum:
+                - primary
+                - standby
+                - clone
+                - truecache
+                type: string
+              edition:
+                enum:
+                - standard
+                - enterprise
+                - express
+                - free
+                type: string
+              enableTCPS:
+                type: boolean
+              flashBack:
+                type: boolean
+              forceLog:
+                type: boolean
+              image:
+                properties:
+                  prebuiltDB:
+                    type: boolean
+                  pullFrom:
+                    type: string
+                  pullSecrets:
+                    type: string
+                  version:
+                    type: string
+                required:
+                - pullFrom
+                type: object
+              initParams:
+                properties:
+                  cpuCount:
+                    type: integer
+                  pgaAggregateTarget:
+                    type: integer
+                  processes:
+                    type: integer
+                  sgaTarget:
+                    type: integer
+                type: object
+              listenerPort:
+                type: integer
+              loadBalancer:
+                type: boolean
+              nodeSelector:
+                additionalProperties:
+                  type: string
+                type: object
+              pdbName:
+                type: string
+              persistence:
+                properties:
+                  accessMode:
+                    enum:
+                    - ReadWriteOnce
+                    - ReadWriteMany
+                    type: string
+                  datafilesVolumeName:
+                    type: string
+                  scriptsVolumeName:
+                    type: string
+                  setWritePermissions:
+                    type: boolean
+                  size:
+                    type: string
+                  storageClass:
+                    type: string
+                  volumeClaimAnnotation:
+                    type: string
+                type: object
+              primaryDatabaseRef:
+                type: string
+              readinessCheckPeriod:
+                type: integer
+              replicas:
+                type: integer
+              resources:
+                properties:
+                  limits:
+                    properties:
+                      cpu:
+                        type: string
+                      memory:
+                        type: string
+                    type: object
+                  requests:
+                    properties:
+                      cpu:
+                        type: string
+                      memory:
+                        type: string
+                    type: object
+                type: object
+              serviceAccountName:
+                type: string
+              serviceAnnotations:
+                additionalProperties:
+                  type: string
+                type: object
+              sid:
+                maxLength: 12
+                pattern: ^[a-zA-Z0-9]+$
+                type: string
+              tcpsCertRenewInterval:
+                type: string
+              tcpsListenerPort:
+                type: integer
+              tcpsTlsSecret:
+                type: string
+              trueCacheServices:
+                items:
+                  type: string
+                type: array
+            required:
+            - image
+            type: object
+          status:
+            properties:
+              apexInstalled:
+                type: boolean
+              archiveLog:
+                type: string
+              certCreationTimestamp:
+                type: string
+              certRenewInterval:
+                type: string
+              charset:
+                type: string
+              clientWalletLoc:
+                type: string
+              clusterConnectString:
+                type: string
+              conditions:
+                items:
+                  properties:
+                    lastTransitionTime:
+                      format: date-time
+                      type: string
+                    message:
+                      maxLength: 32768
+                      type: string
+                    observedGeneration:
+                      format: int64
+                      minimum: 0
+                      type: integer
+                    reason:
+                      maxLength: 1024
+                      minLength: 1
+                      pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$
+                      type: string
+                    status:
+                      enum:
+                      - "True"
+                      - "False"
+                      - Unknown
+                      type: string
+                    type:
+                      maxLength: 316
+                      pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$
+                      type: string
+                  required:
+                  - lastTransitionTime
+                  - message
+                  - reason
+                  - status
+                  - type
+                  type: object
+                type: array
+                x-kubernetes-list-map-keys:
+                - type
+                x-kubernetes-list-type: map
+              connectString:
+                type: string
+              convertToSnapshotStandby:
+                type: boolean
+              createdAs:
+                type: string
+              datafilesCreated:
+                default: "false"
+                type: string
+              datafilesPatched:
+                default: "false"
+                type: string
+              dgBroker:
+                type: string
+              edition:
+                type: string
+              flashBack:
+                type: string
+              forceLog:
+                type: string
+              initParams:
+                properties:
+                  cpuCount:
+                    type: integer
+                  pgaAggregateTarget:
+                    type: integer
+                  processes:
+                    type: integer
+                  sgaTarget:
+                    type: integer
+                type: object
+              initPgaSize:
+                type: integer
+              initSgaSize:
+                type: integer
+              isTcpsEnabled:
+                default: false
+                type: boolean
+              nodes:
+                items:
+                  type: string
+                type: array
+              oemExpressUrl:
+                type: string
+              ordsReference:
+                type: string
+              pdbConnectString:
+                type: string
+              pdbName:
+                type: string
+              persistence:
+                properties:
+                  accessMode:
+                    enum:
+                    - ReadWriteOnce
+                    - ReadWriteMany
+                    type: string
+                  datafilesVolumeName:
+                    type: string
+                  scriptsVolumeName:
+                    type: string
+                  setWritePermissions:
+                    type: boolean
+                  size:
+                    type: string
+                  storageClass:
+                    type: string
+                  volumeClaimAnnotation:
+                    type: string
+                type: object
+              prebuiltDB:
+                type: boolean
+              primaryDatabase:
+                type: string
+              releaseUpdate:
+                type: string
+              replicas:
+                type: integer
+              role:
+                type: string
+              sid:
+                type: string
+              standbyDatabases:
+                additionalProperties:
+                  type: string
+                type: object
+              status:
+                type: string
+              tcpsConnectString:
+                type: string
+              tcpsPdbConnectString:
+                type: string
+              tcpsTlsSecret:
+                default: ""
+                type: string
+            required:
+            - isTcpsEnabled
+            - persistence
+            - tcpsTlsSecret
+            type: object
+        type: object
+    served: true
+    storage: true
+    subresources:
+      scale:
+        specReplicasPath: .spec.replicas
+        statusReplicasPath: .status.replicas
+      status: {}
+status:
+  acceptedNames:
+    kind: ""
+    plural: ""
+  conditions: null
+  storedVersions: null
diff --git a/bundle/manifests/observability.oracle.com_databaseobservers.yaml b/bundle/manifests/observability.oracle.com_databaseobservers.yaml
new file mode 100644
index 00000000..652d773e
--- /dev/null
+++ b/bundle/manifests/observability.oracle.com_databaseobservers.yaml
@@ -0,0 +1,6995 @@
+apiVersion: apiextensions.k8s.io/v1
+kind: CustomResourceDefinition
+metadata:
+  annotations:
+    cert-manager.io/inject-ca-from: oracle-database-operator-system/oracle-database-operator-serving-cert
+    controller-gen.kubebuilder.io/version: v0.16.5
+  creationTimestamp: null
+  name: databaseobservers.observability.oracle.com
+spec:
+  group: observability.oracle.com
+  names:
+    kind: DatabaseObserver
+    listKind: DatabaseObserverList
+    plural: databaseobservers
+    shortNames:
+    - dbobserver
+    - dbobservers
+    singular: databaseobserver
+  scope: Namespaced
+  versions:
+  - additionalPrinterColumns:
+    - jsonPath: .status.exporterConfig
+      name: ExporterConfig
+      type: string
+    - jsonPath: .status.status
+      name: Status
+      type: string
+    - jsonPath: .status.version
+      name: Version
+      type: string
+    name: v1
+    schema:
+      openAPIV3Schema:
+        properties:
+          apiVersion:
+            type: string
+          kind:
+            type: string
+          metadata:
+            type: object
+          spec:
+            properties:
+              configuration:
+                properties:
+                  configMap:
+                    properties:
+                      key:
+                        type: string
+                      name:
+                        type: string
+                    type: object
+                type: object
+              database:
+                properties:
+                  dbConnectionString:
+                    properties:
+                      key:
+                        type: string
+                      secret:
+                        type: string
+                    type: object
+                  dbPassword:
+                    properties:
+                      key:
+                        type: string
+                      secret:
+                        type: string
+                      vaultOCID:
+                        type: string
+                      vaultSecretName:
+                        type: string
+                    type: object
+                  dbUser:
+                    properties:
+                      key:
+                        type: string
+                      secret:
+                        type: string
+                    type: object
+                  dbWallet:
+                    properties:
+                      key:
+                        type: string
+                      secret:
+                        type: string
+                    type: object
+                type: object
+              exporter:
+                properties:
+                  deployment:
+                    properties:
+                      args:
+                        items:
+                          type: string
+                        type: array
+                      commands:
+                        items:
+                          type: string
+                        type: array
+                      env:
+                        additionalProperties:
+                          type: string
+                        type: object
+                      image:
+                        type: string
+                      labels:
+                        additionalProperties:
+                          type: string
+                        type: object
+                      podTemplate:
+                        properties:
+                          labels:
+                            additionalProperties:
+                              type: string
+                            type: object
+                          securityContext:
+                            properties:
+                              appArmorProfile:
+                                properties:
+                                  localhostProfile:
+                                    type: string
+                                  type:
+                                    type: string
+                                required:
+                                - type
+                                type: object
+                              fsGroup:
+                                format: int64
+                                type: integer
+                              fsGroupChangePolicy:
+                                type: string
+                              runAsGroup:
+                                format: int64
+                                type: integer
+                              runAsNonRoot:
+                                type: boolean
+                              runAsUser:
+                                format: int64
+                                type: integer
+                              seLinuxOptions:
+                                properties:
+                                  level:
+                                    type: string
+                                  role:
+                                    type: string
+                                  type:
+                                    type: string
+                                  user:
+                                    type: string
+                                type: object
+                              seccompProfile:
+                                properties:
+                                  localhostProfile:
+                                    type: string
+                                  type:
+                                    type: string
+                                required:
+                                - type
+                                type: object
+                              supplementalGroups:
+                                items:
+                                  format: int64
+                                  type: integer
+                                type: array
+                                x-kubernetes-list-type: atomic
+                              supplementalGroupsPolicy:
+                                type: string
+                              sysctls:
+                                items:
+                                  properties:
+                                    name:
+                                      type: string
+                                    value:
+                                      type: string
+                                  required:
+                                  - name
+                                  - value
+                                  type: object
+                                type: array
+                                x-kubernetes-list-type: atomic
+                              windowsOptions:
+                                properties:
+                                  gmsaCredentialSpec:
+                                    type: string
+                                  gmsaCredentialSpecName:
+                                    type: string
+                                  hostProcess:
+                                    type: boolean
+                                  runAsUserName:
+                                    type: string
+                                type: object
+                            type: object
+                        type: object
+                      securityContext:
+                        properties:
+                          allowPrivilegeEscalation:
+                            type: boolean
+                          appArmorProfile:
+                            properties:
+                              localhostProfile:
+                                type: string
+                              type:
+                                type: string
+                            required:
+                            - type
+                            type: object
+                          capabilities:
+                            properties:
+                              add:
+                                items:
+                                  type: string
+                                type: array
+                                x-kubernetes-list-type: atomic
+                              drop:
+                                items:
+                                  type: string
+                                type: array
+                                x-kubernetes-list-type: atomic
+                            type: object
+                          privileged:
+                            type: boolean
+                          procMount:
+                            type: string
+                          readOnlyRootFilesystem:
+                            type: boolean
+                          runAsGroup:
+                            format: int64
+                            type: integer
+                          runAsNonRoot:
+                            type: boolean
+                          runAsUser:
+                            format: int64
+                            type: integer
+                          seLinuxOptions:
+                            properties:
+                              level:
+                                type: string
+                              role:
+                                type: string
+                              type:
+                                type: string
+                              user:
+                                type: string
+                            type: object
+                          seccompProfile:
+                            properties:
+                              localhostProfile:
+                                type: string
+                              type:
+                                type: string
+                            required:
+                            - type
+                            type: object
+                          windowsOptions:
+                            properties:
+                              gmsaCredentialSpec:
+                                type: string
+                              gmsaCredentialSpecName:
+                                type: string
+                              hostProcess:
+                                type: boolean
+                              runAsUserName:
+                                type: string
+                            type: object
+                        type: object
+                    type: object
+                  service:
+                    properties:
+                      labels:
+                        additionalProperties:
+                          type: string
+                        type: object
+                      ports:
+                        items:
+                          properties:
+                            appProtocol:
+                              type: string
+                            name:
+                              type: string
+                            nodePort:
+                              format: int32
+                              type: integer
+                            port:
+                              format: int32
+                              type: integer
+                            protocol:
+                              default: TCP
+                              type: string
+                            targetPort:
+                              anyOf:
+                              - type: integer
+                              - type: string
+                              x-kubernetes-int-or-string: true
+                          required:
+                          - port
+                          type: object
+                        type: array
+                    type: object
+                type: object
+              inheritLabels:
+                items:
+                  type: string
+                type: array
+              log:
+                properties:
+                  filename:
+                    type: string
+                  path:
+                    type: string
+                  volume:
+                    properties:
+                      name:
+                        type: string
+                      persistentVolumeClaim:
+                        properties:
+                          claimName:
+                            type: string
+                        type: object
+                    type: object
+                type: object
+              ociConfig:
+                properties:
+                  configMapName:
+                    type: string
+                  secretName:
+                    type: string
+                type: object
+              prometheus:
+                properties:
+                  serviceMonitor:
+                    properties:
+                      endpoints:
+                        items:
+                          properties:
+                            authorization:
+                              properties:
+                                credentials:
+                                  properties:
+                                    key:
+                                      type: string
+                                    name:
+                                      default: ""
+                                      type: string
+                                    optional:
+                                      type: boolean
+                                  required:
+                                  - key
+                                  type: object
+                                  x-kubernetes-map-type: atomic
+                                type:
+                                  type: string
+                              type: object
+                            basicAuth:
+                              properties:
+                                password:
+                                  properties:
+                                    key:
+                                      type: string
+                                    name:
+                                      default: ""
+                                      type: string
+                                    optional:
+                                      type: boolean
+                                  required:
+                                  - key
+                                  type: object
+                                  x-kubernetes-map-type: atomic
+                                username:
+                                  properties:
+                                    key:
+                                      type: string
+                                    name:
+                                      default: ""
+                                      type: string
+                                    optional:
+                                      type: boolean
+                                  required:
+                                  - key
+                                  type: object
+                                  x-kubernetes-map-type: atomic
+                              type: object
+                            bearerTokenFile:
+                              type: string
+                            bearerTokenSecret:
+                              properties:
+                                key:
+                                  type: string
+                                name:
+                                  default: ""
+                                  type: string
+                                optional:
+                                  type: boolean
+                              required:
+                              - key
+                              type: object
+                              x-kubernetes-map-type: atomic
+                            enableHttp2:
+                              type: boolean
+                            filterRunning:
+                              type: boolean
+                            followRedirects:
+                              type: boolean
+                            honorLabels:
+                              type: boolean
+                            honorTimestamps:
+                              type: boolean
+                            interval:
+                              pattern: ^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$
+                              type: string
+                            metricRelabelings:
+                              items:
+                                properties:
+                                  action:
+                                    default: replace
+                                    enum:
+                                    - replace
+                                    - Replace
+                                    - keep
+                                    - Keep
+                                    - drop
+                                    - Drop
+                                    - hashmod
+                                    - HashMod
+                                    - labelmap
+                                    - LabelMap
+                                    - labeldrop
+                                    - LabelDrop
+                                    - labelkeep
+                                    - LabelKeep
+                                    - lowercase
+                                    - Lowercase
+                                    - uppercase
+                                    - Uppercase
+                                    - keepequal
+                                    - KeepEqual
+                                    - dropequal
+                                    - DropEqual
+                                    type: string
+                                  modulus:
+                                    format: int64
+                                    type: integer
+                                  regex:
+                                    type: string
+                                  replacement:
+                                    type: string
+                                  separator:
+                                    type: string
+                                  sourceLabels:
+                                    items:
+                                      pattern: ^[a-zA-Z_][a-zA-Z0-9_]*$
+                                      type: string
+                                    type: array
+                                  targetLabel:
+                                    type: string
+                                type: object
+                              type: array
+                            oauth2:
+                              properties:
+                                clientId:
+                                  properties:
+                                    configMap:
+                                      properties:
+                                        key:
+                                          type: string
+                                        name:
+                                          default: ""
+                                          type: string
+                                        optional:
+                                          type: boolean
+                                      required:
+                                      - key
+                                      type: object
+                                      x-kubernetes-map-type: atomic
+                                    secret:
+                                      properties:
+                                        key:
+                                          type: string
+                                        name:
+                                          default: ""
+                                          type: string
+                                        optional:
+                                          type: boolean
+                                      required:
+                                      - key
+                                      type: object
+                                      x-kubernetes-map-type: atomic
+                                  type: object
+                                clientSecret:
+                                  properties:
+                                    key:
+                                      type: string
+                                    name:
+                                      default: ""
+                                      type: string
+                                    optional:
+                                      type: boolean
+                                  required:
+                                  - key
+                                  type: object
+                                  x-kubernetes-map-type: atomic
+                                endpointParams:
+                                  additionalProperties:
+                                    type: string
+                                  type: object
+                                noProxy:
+                                  type: string
+                                proxyConnectHeader:
+                                  additionalProperties:
+                                    items:
+                                      properties:
+                                        key:
+                                          type: string
+                                        name:
+                                          default: ""
+                                          type: string
+                                        optional:
+                                          type: boolean
+                                      required:
+                                      - key
+                                      type: object
+                                      x-kubernetes-map-type: atomic
+                                    type: array
+                                  type: object
+                                  x-kubernetes-map-type: atomic
+                                proxyFromEnvironment:
+                                  type: boolean
+                                proxyUrl:
+                                  pattern: ^http(s)?://.+$
+                                  type: string
+                                scopes:
+                                  items:
+                                    type: string
+                                  type: array
+                                tlsConfig:
+                                  properties:
+                                    ca:
+                                      properties:
+                                        configMap:
+                                          properties:
+                                            key:
+                                              type: string
+                                            name:
+                                              default: ""
+                                              type: string
+                                            optional:
+                                              type: boolean
+                                          required:
+                                          - key
+                                          type: object
+                                          x-kubernetes-map-type: atomic
+                                        secret:
+                                          properties:
+                                            key:
+                                              type: string
+                                            name:
+                                              default: ""
+                                              type: string
+                                            optional:
+                                              type: boolean
+                                          required:
+                                          - key
+                                          type: object
+                                          x-kubernetes-map-type: atomic
+                                      type: object
+                                    cert:
+                                      properties:
+                                        configMap:
+                                          properties:
+                                            key:
+                                              type: string
+                                            name:
+                                              default: ""
+                                              type: string
+                                            optional:
+                                              type: boolean
+                                          required:
+                                          - key
+                                          type: object
+                                          x-kubernetes-map-type: atomic
+                                        secret:
+                                          properties:
+                                            key:
+                                              type: string
+                                            name:
+                                              default: ""
+                                              type: string
+                                            optional:
+                                              type: boolean
+                                          required:
+                                          - key
+                                          type: object
+                                          x-kubernetes-map-type: atomic
+                                      type: object
+                                    insecureSkipVerify:
+                                      type: boolean
+                                    keySecret:
+                                      properties:
+                                        key:
+                                          type: string
+                                        name:
+                                          default: ""
+                                          type: string
+                                        optional:
+                                          type: boolean
+                                      required:
+                                      - key
+                                      type: object
+                                      x-kubernetes-map-type: atomic
+                                    maxVersion:
+                                      enum:
+                                      - TLS10
+                                      - TLS11
+                                      - TLS12
+                                      - TLS13
+                                      type: string
+                                    minVersion:
+                                      enum:
+                                      - TLS10
+                                      - TLS11
+                                      - TLS12
+                                      - TLS13
+                                      type: string
+                                    serverName:
+                                      type: string
+                                  type: object
+                                tokenUrl:
+                                  minLength: 1
+                                  type: string
+                              required:
+                              - clientId
+                              - clientSecret
+                              - tokenUrl
+                              type: object
+                            params:
+                              additionalProperties:
+                                items:
+                                  type: string
+                                type: array
+                              type: object
+                            path:
+                              type: string
+                            port:
+                              type: string
+                            proxyUrl:
+                              type: string
+                            relabelings:
+                              items:
+                                properties:
+                                  action:
+                                    default: replace
+                                    enum:
+                                    - replace
+                                    - Replace
+                                    - keep
+                                    - Keep
+                                    - drop
+                                    - Drop
+                                    - hashmod
+                                    - HashMod
+                                    - labelmap
+                                    - LabelMap
+                                    - labeldrop
+                                    - LabelDrop
+                                    - labelkeep
+                                    - LabelKeep
+                                    - lowercase
+                                    - Lowercase
+                                    - uppercase
+                                    - Uppercase
+                                    - keepequal
+                                    - KeepEqual
+                                    - dropequal
+                                    - DropEqual
+                                    type: string
+                                  modulus:
+                                    format: int64
+                                    type: integer
+                                  regex:
+                                    type: string
+                                  replacement:
+                                    type: string
+                                  separator:
+                                    type: string
+                                  sourceLabels:
+                                    items:
+                                      pattern: ^[a-zA-Z_][a-zA-Z0-9_]*$
+                                      type: string
+                                    type: array
+                                  targetLabel:
+                                    type: string
+                                type: object
+                              type: array
+                            scheme:
+                              enum:
+                              - http
+                              - https
+                              type: string
+                            scrapeTimeout:
+                              pattern: ^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$
+                              type: string
+                            targetPort:
+                              anyOf:
+                              - type: integer
+                              - type: string
+                              x-kubernetes-int-or-string: true
+                            tlsConfig:
+                              properties:
+                                ca:
+                                  properties:
+                                    configMap:
+                                      properties:
+                                        key:
+                                          type: string
+                                        name:
+                                          default: ""
+                                          type: string
+                                        optional:
+                                          type: boolean
+                                      required:
+                                      - key
+                                      type: object
+                                      x-kubernetes-map-type: atomic
+                                    secret:
+                                      properties:
+                                        key:
+                                          type: string
+                                        name:
+                                          default: ""
+                                          type: string
+                                        optional:
+                                          type: boolean
+                                      required:
+                                      - key
+                                      type: object
+                                      x-kubernetes-map-type: atomic
+                                  type: object
+                                caFile:
+                                  type: string
+                                cert:
+                                  properties:
+                                    configMap:
+                                      properties:
+                                        key:
+                                          type: string
+                                        name:
+                                          default: ""
+                                          type: string
+                                        optional:
+                                          type: boolean
+                                      required:
+                                      - key
+                                      type: object
+                                      x-kubernetes-map-type: atomic
+                                    secret:
+                                      properties:
+                                        key:
+                                          type: string
+                                        name:
+                                          default: ""
+                                          type: string
+                                        optional:
+                                          type: boolean
+                                      required:
+                                      - key
+                                      type: object
+                                      x-kubernetes-map-type: atomic
+                                  type: object
+                                certFile:
+                                  type: string
+                                insecureSkipVerify:
+                                  type: boolean
+                                keyFile:
+                                  type: string
+                                keySecret:
+                                  properties:
+                                    key:
+                                      type: string
+                                    name:
+                                      default: ""
+                                      type: string
+                                    optional:
+                                      type: boolean
+                                  required:
+                                  - key
+                                  type: object
+                                  x-kubernetes-map-type: atomic
+                                maxVersion:
+                                  enum:
+                                  - TLS10
+                                  - TLS11
+                                  - TLS12
+                                  - TLS13
+                                  type: string
+                                minVersion:
+                                  enum:
+                                  - TLS10
+                                  - TLS11
+                                  - TLS12
+                                  - TLS13
+                                  type: string
+                                serverName:
+                                  type: string
+                              type: object
+                            trackTimestampsStaleness:
+                              type: boolean
+                          type: object
+                        type: array
+                      labels:
+                        additionalProperties:
+                          type: string
+                        type: object
+                      namespaceSelector:
+                        properties:
+                          any:
+                            type: boolean
+                          matchNames:
+                            items:
+                              type: string
+                            type: array
+                        type: object
+                    type: object
+                type: object
+              replicas:
+                format: int32
+                type: integer
+              sidecarVolumes:
+                items:
+                  properties:
+                    awsElasticBlockStore:
+                      properties:
+                        fsType:
+                          type: string
+                        partition:
+                          format: int32
+                          type: integer
+                        readOnly:
+                          type: boolean
+                        volumeID:
+                          type: string
+                      required:
+                      - volumeID
+                      type: object
+                    azureDisk:
+                      properties:
+                        cachingMode:
+                          type: string
+                        diskName:
+                          type: string
+                        diskURI:
+                          type: string
+                        fsType:
+                          default: ext4
+                          type: string
+                        kind:
+                          type: string
+                        readOnly:
+                          default: false
+                          type: boolean
+                      required:
+                      - diskName
+                      - diskURI
+                      type: object
+                    azureFile:
+                      properties:
+                        readOnly:
+                          type: boolean
+                        secretName:
+                          type: string
+                        shareName:
+                          type: string
+                      required:
+                      - secretName
+                      - shareName
+                      type: object
+                    cephfs:
+                      properties:
+                        monitors:
+                          items:
+                            type: string
+                          type: array
+                          x-kubernetes-list-type: atomic
+                        path:
+                          type: string
+                        readOnly:
+                          type: boolean
+                        secretFile:
+                          type: string
+                        secretRef:
+                          properties:
+                            name:
+                              default: ""
+                              type: string
+                          type: object
+                          x-kubernetes-map-type: atomic
+                        user:
+                          type: string
+                      required:
+                      - monitors
+                      type: object
+                    cinder:
+                      properties:
+                        fsType:
+                          type: string
+                        readOnly:
+                          type: boolean
+                        secretRef:
+                          properties:
+                            name:
+                              default: ""
+                              type: string
+                          type: object
+                          x-kubernetes-map-type: atomic
+                        volumeID:
+                          type: string
+                      required:
+                      - volumeID
+                      type: object
+                    configMap:
+                      properties:
+                        defaultMode:
+                          format: int32
+                          type: integer
+                        items:
+                          items:
+                            properties:
+                              key:
+                                type: string
+                              mode:
+                                format: int32
+                                type: integer
+                              path:
+                                type: string
+                            required:
+                            - key
+                            - path
+                            type: object
+                          type: array
+                          x-kubernetes-list-type: atomic
+                        name:
+                          default: ""
+                          type: string
+                        optional:
+                          type: boolean
+                      type: object
+                      x-kubernetes-map-type: atomic
+                    csi:
+                      properties:
+                        driver:
+                          type: string
+                        fsType:
+                          type: string
+                        nodePublishSecretRef:
+                          properties:
+                            name:
+                              default: ""
+                              type: string
+                          type: object
+                          x-kubernetes-map-type: atomic
+                        readOnly:
+                          type: boolean
+                        volumeAttributes:
+                          additionalProperties:
+                            type: string
+                          type: object
+                      required:
+                      - driver
+                      type: object
+                    downwardAPI:
+                      properties:
+                        defaultMode:
+                          format: int32
+                          type: integer
+                        items:
+                          items:
+                            properties:
+                              fieldRef:
+                                properties:
+                                  apiVersion:
+                                    type: string
+                                  fieldPath:
+                                    type: string
+                                required:
+                                - fieldPath
+                                type: object
+                                x-kubernetes-map-type: atomic
+                              mode:
+                                format: int32
+                                type: integer
+                              path:
+                                type: string
+                              resourceFieldRef:
+                                properties:
+                                  containerName:
+                                    type: string
+                                  divisor:
+                                    anyOf:
+                                    - type: integer
+                                    - type: string
+                                    pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+                                    x-kubernetes-int-or-string: true
+                                  resource:
+                                    type: string
+                                required:
+                                - resource
+                                type: object
+                                x-kubernetes-map-type: atomic
+                            required:
+                            - path
+                            type: object
+                          type: array
+                          x-kubernetes-list-type: atomic
+                      type: object
+                    emptyDir:
+                      properties:
+                        medium:
+                          type: string
+                        sizeLimit:
+                          anyOf:
+                          - type: integer
+                          - type: string
+                          pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+                          x-kubernetes-int-or-string: true
+                      type: object
+                    ephemeral:
+                      properties:
+                        volumeClaimTemplate:
+                          properties:
+                            metadata:
+                              type: object
+                            spec:
+                              properties:
+                                accessModes:
+                                  items:
+                                    type: string
+                                  type: array
+                                  x-kubernetes-list-type: atomic
+                                dataSource:
+                                  properties:
+                                    apiGroup:
+                                      type: string
+                                    kind:
+                                      type: string
+                                    name:
+                                      type: string
+                                  required:
+                                  - kind
+                                  - name
+                                  type: object
+                                  x-kubernetes-map-type: atomic
+                                dataSourceRef:
+                                  properties:
+                                    apiGroup:
+                                      type: string
+                                    kind:
+                                      type: string
+                                    name:
+                                      type: string
+                                    namespace:
+                                      type: string
+                                  required:
+                                  - kind
+                                  - name
+                                  type: object
+                                resources:
+                                  properties:
+                                    limits:
+                                      additionalProperties:
+                                        anyOf:
+                                        - type: integer
+                                        - type: string
+                                        pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+                                        x-kubernetes-int-or-string: true
+                                      type: object
+                                    requests:
+                                      additionalProperties:
+                                        anyOf:
+                                        - type: integer
+                                        - type: string
+                                        pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+                                        x-kubernetes-int-or-string: true
+                                      type: object
+                                  type: object
+                                selector:
+                                  properties:
+                                    matchExpressions:
+                                      items:
+                                        properties:
+                                          key:
+                                            type: string
+                                          operator:
+                                            type: string
+                                          values:
+                                            items:
+                                              type: string
+                                            type: array
+                                            x-kubernetes-list-type: atomic
+                                        required:
+                                        - key
+                                        - operator
+                                        type: object
+                                      type: array
+                                      x-kubernetes-list-type: atomic
+                                    matchLabels:
+                                      additionalProperties:
+                                        type: string
+                                      type: object
+                                  type: object
+                                  x-kubernetes-map-type: atomic
+                                storageClassName:
+                                  type: string
+                                volumeAttributesClassName:
+                                  type: string
+                                volumeMode:
+                                  type: string
+                                volumeName:
+                                  type: string
+                              type: object
+                          required:
+                          - spec
+                          type: object
+                      type: object
+                    fc:
+                      properties:
+                        fsType:
+                          type: string
+                        lun:
+                          format: int32
+                          type: integer
+                        readOnly:
+                          type: boolean
+                        targetWWNs:
+                          items:
+                            type: string
+                          type: array
+                          x-kubernetes-list-type: atomic
+                        wwids:
+                          items:
+                            type: string
+                          type: array
+                          x-kubernetes-list-type: atomic
+                      type: object
+                    flexVolume:
+                      properties:
+                        driver:
+                          type: string
+                        fsType:
+                          type: string
+                        options:
+                          additionalProperties:
+                            type: string
+                          type: object
+                        readOnly:
+                          type: boolean
+                        secretRef:
+                          properties:
+                            name:
+                              default: ""
+                              type: string
+                          type: object
+                          x-kubernetes-map-type: atomic
+                      required:
+                      - driver
+                      type: object
+                    flocker:
+                      properties:
+                        datasetName:
+                          type: string
+                        datasetUUID:
+                          type: string
+                      type: object
+                    gcePersistentDisk:
+                      properties:
+                        fsType:
+                          type: string
+                        partition:
+                          format: int32
+                          type: integer
+                        pdName:
+                          type: string
+                        readOnly:
+                          type: boolean
+                      required:
+                      - pdName
+                      type: object
+                    gitRepo:
+                      properties:
+                        directory:
+                          type: string
+                        repository:
+                          type: string
+                        revision:
+                          type: string
+                      required:
+                      - repository
+                      type: object
+                    glusterfs:
+                      properties:
+                        endpoints:
+                          type: string
+                        path:
+                          type: string
+                        readOnly:
+                          type: boolean
+                      required:
+                      - endpoints
+                      - path
+                      type: object
+                    hostPath:
+                      properties:
+                        path:
+                          type: string
+                        type:
+                          type: string
+                      required:
+                      - path
+                      type: object
+                    image:
+                      properties:
+                        pullPolicy:
+                          type: string
+                        reference:
+                          type: string
+                      type: object
+                    iscsi:
+                      properties:
+                        chapAuthDiscovery:
+                          type: boolean
+                        chapAuthSession:
+                          type: boolean
+                        fsType:
+                          type: string
+                        initiatorName:
+                          type: string
+                        iqn:
+                          type: string
+                        iscsiInterface:
+                          default: default
+                          type: string
+                        lun:
+                          format: int32
+                          type: integer
+                        portals:
+                          items:
+                            type: string
+                          type: array
+                          x-kubernetes-list-type: atomic
+                        readOnly:
+                          type: boolean
+                        secretRef:
+                          properties:
+                            name:
+                              default: ""
+                              type: string
+                          type: object
+                          x-kubernetes-map-type: atomic
+                        targetPortal:
+                          type: string
+                      required:
+                      - iqn
+                      - lun
+                      - targetPortal
+                      type: object
+                    name:
+                      type: string
+                    nfs:
+                      properties:
+                        path:
+                          type: string
+                        readOnly:
+                          type: boolean
+                        server:
+                          type: string
+                      required:
+                      - path
+                      - server
+                      type: object
+                    persistentVolumeClaim:
+                      properties:
+                        claimName:
+                          type: string
+                        readOnly:
+                          type: boolean
+                      required:
+                      - claimName
+                      type: object
+                    photonPersistentDisk:
+                      properties:
+                        fsType:
+                          type: string
+                        pdID:
+                          type: string
+                      required:
+                      - pdID
+                      type: object
+                    portworxVolume:
+                      properties:
+                        fsType:
+                          type: string
+                        readOnly:
+                          type: boolean
+                        volumeID:
+                          type: string
+                      required:
+                      - volumeID
+                      type: object
+                    projected:
+                      properties:
+                        defaultMode:
+                          format: int32
+                          type: integer
+                        sources:
+                          items:
+                            properties:
+                              clusterTrustBundle:
+                                properties:
+                                  labelSelector:
+                                    properties:
+                                      matchExpressions:
+                                        items:
+                                          properties:
+                                            key:
+                                              type: string
+                                            operator:
+                                              type: string
+                                            values:
+                                              items:
+                                                type: string
+                                              type: array
+                                              x-kubernetes-list-type: atomic
+                                          required:
+                                          - key
+                                          - operator
+                                          type: object
+                                        type: array
+                                        x-kubernetes-list-type: atomic
+                                      matchLabels:
+                                        additionalProperties:
+                                          type: string
+                                        type: object
+                                    type: object
+                                    x-kubernetes-map-type: atomic
+                                  name:
+                                    type: string
+                                  optional:
+                                    type: boolean
+                                  path:
+                                    type: string
+                                  signerName:
+                                    type: string
+                                required:
+                                - path
+                                type: object
+                              configMap:
+                                properties:
+                                  items:
+                                    items:
+                                      properties:
+                                        key:
+                                          type: string
+                                        mode:
+                                          format: int32
+                                          type: integer
+                                        path:
+                                          type: string
+                                      required:
+                                      - key
+                                      - path
+                                      type: object
+                                    type: array
+                                    x-kubernetes-list-type: atomic
+                                  name:
+                                    default: ""
+                                    type: string
+                                  optional:
+                                    type: boolean
+                                type: object
+                                x-kubernetes-map-type: atomic
+                              downwardAPI:
+                                properties:
+                                  items:
+                                    items:
+                                      properties:
+                                        fieldRef:
+                                          properties:
+                                            apiVersion:
+                                              type: string
+                                            fieldPath:
+                                              type: string
+                                          required:
+                                          - fieldPath
+                                          type: object
+                                          x-kubernetes-map-type: atomic
+                                        mode:
+                                          format: int32
+                                          type: integer
+                                        path:
+                                          type: string
+                                        resourceFieldRef:
+                                          properties:
+                                            containerName:
+                                              type: string
+                                            divisor:
+                                              anyOf:
+                                              - type: integer
+                                              - type: string
+                                              pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+                                              x-kubernetes-int-or-string: true
+                                            resource:
+                                              type: string
+                                          required:
+                                          - resource
+                                          type: object
+                                          x-kubernetes-map-type: atomic
+                                      required:
+                                      - path
+                                      type: object
+                                    type: array
+                                    x-kubernetes-list-type: atomic
+                                type: object
+                              secret:
+                                properties:
+                                  items:
+                                    items:
+                                      properties:
+                                        key:
+                                          type: string
+                                        mode:
+                                          format: int32
+                                          type: integer
+                                        path:
+                                          type: string
+                                      required:
+                                      - key
+                                      - path
+                                      type: object
+                                    type: array
+                                    x-kubernetes-list-type: atomic
+                                  name:
+                                    default: ""
+                                    type: string
+                                  optional:
+                                    type: boolean
+                                type: object
+                                x-kubernetes-map-type: atomic
+                              serviceAccountToken:
+                                properties:
+                                  audience:
+                                    type: string
+                                  expirationSeconds:
+                                    format: int64
+                                    type: integer
+                                  path:
+                                    type: string
+                                required:
+                                - path
+                                type: object
+                            type: object
+                          type: array
+                          x-kubernetes-list-type: atomic
+                      type: object
+                    quobyte:
+                      properties:
+                        group:
+                          type: string
+                        readOnly:
+                          type: boolean
+                        registry:
+                          type: string
+                        tenant:
+                          type: string
+                        user:
+                          type: string
+                        volume:
+                          type: string
+                      required:
+                      - registry
+                      - volume
+                      type: object
+                    rbd:
+                      properties:
+                        fsType:
+                          type: string
+                        image:
+                          type: string
+                        keyring:
+                          default: /etc/ceph/keyring
+                          type: string
+                        monitors:
+                          items:
+                            type: string
+                          type: array
+                          x-kubernetes-list-type: atomic
+                        pool:
+                          default: rbd
+                          type: string
+                        readOnly:
+                          type: boolean
+                        secretRef:
+                          properties:
+                            name:
+                              default: ""
+                              type: string
+                          type: object
+                          x-kubernetes-map-type: atomic
+                        user:
+                          default: admin
+                          type: string
+                      required:
+                      - image
+                      - monitors
+                      type: object
+                    scaleIO:
+                      properties:
+                        fsType:
+                          default: xfs
+                          type: string
+                        gateway:
+                          type: string
+                        protectionDomain:
+                          type: string
+                        readOnly:
+                          type: boolean
+                        secretRef:
+                          properties:
+                            name:
+                              default: ""
+                              type: string
+                          type: object
+                          x-kubernetes-map-type: atomic
+                        sslEnabled:
+                          type: boolean
+                        storageMode:
+                          default: ThinProvisioned
+                          type: string
+                        storagePool:
+                          type: string
+                        system:
+                          type: string
+                        volumeName:
+                          type: string
+                      required:
+                      - gateway
+                      - secretRef
+                      - system
+                      type: object
+                    secret:
+                      properties:
+                        defaultMode:
+                          format: int32
+                          type: integer
+                        items:
+                          items:
+                            properties:
+                              key:
+                                type: string
+                              mode:
+                                format: int32
+                                type: integer
+                              path:
+                                type: string
+                            required:
+                            - key
+                            - path
+                            type: object
+                          type: array
+                          x-kubernetes-list-type: atomic
+                        optional:
+                          type: boolean
+                        secretName:
+                          type: string
+                      type: object
+                    storageos:
+                      properties:
+                        fsType:
+                          type: string
+                        readOnly:
+                          type: boolean
+                        secretRef:
+                          properties:
+                            name:
+                              default: ""
+                              type: string
+                          type: object
+                          x-kubernetes-map-type: atomic
+                        volumeName:
+                          type: string
+                        volumeNamespace:
+                          type: string
+                      type: object
+                    vsphereVolume:
+                      properties:
+                        fsType:
+                          type: string
+                        storagePolicyID:
+                          type: string
+                        storagePolicyName:
+                          type: string
+                        volumePath:
+                          type: string
+                      required:
+                      - volumePath
+                      type: object
+                  required:
+                  - name
+                  type: object
+                type: array
+              sidecars:
+                items:
+                  properties:
+                    args:
+                      items:
+                        type: string
+                      type: array
+                      x-kubernetes-list-type: atomic
+                    command:
+                      items:
+                        type: string
+                      type: array
+                      x-kubernetes-list-type: atomic
+                    env:
+                      items:
+                        properties:
+                          name:
+                            type: string
+                          value:
+                            type: string
+                          valueFrom:
+                            properties:
+                              configMapKeyRef:
+                                properties:
+                                  key:
+                                    type: string
+                                  name:
+                                    default: ""
+                                    type: string
+                                  optional:
+                                    type: boolean
+                                required:
+                                - key
+                                type: object
+                                x-kubernetes-map-type: atomic
+                              fieldRef:
+                                properties:
+                                  apiVersion:
+                                    type: string
+                                  fieldPath:
+                                    type: string
+                                required:
+                                - fieldPath
+                                type: object
+                                x-kubernetes-map-type: atomic
+                              resourceFieldRef:
+                                properties:
+                                  containerName:
+                                    type: string
+                                  divisor:
+                                    anyOf:
+                                    - type: integer
+                                    - type: string
+                                    pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+                                    x-kubernetes-int-or-string: true
+                                  resource:
+                                    type: string
+                                required:
+                                - resource
+                                type: object
+                                x-kubernetes-map-type: atomic
+                              secretKeyRef:
+                                properties:
+                                  key:
+                                    type: string
+                                  name:
+                                    default: ""
+                                    type: string
+                                  optional:
+                                    type: boolean
+                                required:
+                                - key
+                                type: object
+                                x-kubernetes-map-type: atomic
+                            type: object
+                        required:
+                        - name
+                        type: object
+                      type: array
+                      x-kubernetes-list-map-keys:
+                      - name
+                      x-kubernetes-list-type: map
+                    envFrom:
+                      items:
+                        properties:
+                          configMapRef:
+                            properties:
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            type: object
+                            x-kubernetes-map-type: atomic
+                          prefix:
+                            type: string
+                          secretRef:
+                            properties:
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                      type: array
+                      x-kubernetes-list-type: atomic
+                    image:
+                      type: string
+                    imagePullPolicy:
+                      type: string
+                    lifecycle:
+                      properties:
+                        postStart:
+                          properties:
+                            exec:
+                              properties:
+                                command:
+                                  items:
+                                    type: string
+                                  type: array
+                                  x-kubernetes-list-type: atomic
+                              type: object
+                            httpGet:
+                              properties:
+                                host:
+                                  type: string
+                                httpHeaders:
+                                  items:
+                                    properties:
+                                      name:
+                                        type: string
+                                      value:
+                                        type: string
+                                    required:
+                                    - name
+                                    - value
+                                    type: object
+                                  type: array
+                                  x-kubernetes-list-type: atomic
+                                path:
+                                  type: string
+                                port:
+                                  anyOf:
+                                  - type: integer
+                                  - type: string
+                                  x-kubernetes-int-or-string: true
+                                scheme:
+                                  type: string
+                              required:
+                              - port
+                              type: object
+                            sleep:
+                              properties:
+                                seconds:
+                                  format: int64
+                                  type: integer
+                              required:
+                              - seconds
+                              type: object
+                            tcpSocket:
+                              properties:
+                                host:
+                                  type: string
+                                port:
+                                  anyOf:
+                                  - type: integer
+                                  - type: string
+                                  x-kubernetes-int-or-string: true
+                              required:
+                              - port
+                              type: object
+                          type: object
+                        preStop:
+                          properties:
+                            exec:
+                              properties:
+                                command:
+                                  items:
+                                    type: string
+                                  type: array
+                                  x-kubernetes-list-type: atomic
+                              type: object
+                            httpGet:
+                              properties:
+                                host:
+                                  type: string
+                                httpHeaders:
+                                  items:
+                                    properties:
+                                      name:
+                                        type: string
+                                      value:
+                                        type: string
+                                    required:
+                                    - name
+                                    - value
+                                    type: object
+                                  type: array
+                                  x-kubernetes-list-type: atomic
+                                path:
+                                  type: string
+                                port:
+                                  anyOf:
+                                  - type: integer
+                                  - type: string
+                                  x-kubernetes-int-or-string: true
+                                scheme:
+                                  type: string
+                              required:
+                              - port
+                              type: object
+                            sleep:
+                              properties:
+                                seconds:
+                                  format: int64
+                                  type: integer
+                              required:
+                              - seconds
+                              type: object
+                            tcpSocket:
+                              properties:
+                                host:
+                                  type: string
+                                port:
+                                  anyOf:
+                                  - type: integer
+                                  - type: string
+                                  x-kubernetes-int-or-string: true
+                              required:
+                              - port
+                              type: object
+                          type: object
+                      type: object
+                    livenessProbe:
+                      properties:
+                        exec:
+                          properties:
+                            command:
+                              items:
+                                type: string
+                              type: array
+                              x-kubernetes-list-type: atomic
+                          type: object
+                        failureThreshold:
+                          format: int32
+                          type: integer
+                        grpc:
+                          properties:
+                            port:
+                              format: int32
+                              type: integer
+                            service:
+                              default: ""
+                              type: string
+                          required:
+                          - port
+                          type: object
+                        httpGet:
+                          properties:
+                            host:
+                              type: string
+                            httpHeaders:
+                              items:
+                                properties:
+                                  name:
+                                    type: string
+                                  value:
+                                    type: string
+                                required:
+                                - name
+                                - value
+                                type: object
+                              type: array
+                              x-kubernetes-list-type: atomic
+                            path:
+                              type: string
+                            port:
+                              anyOf:
+                              - type: integer
+                              - type: string
+                              x-kubernetes-int-or-string: true
+                            scheme:
+                              type: string
+                          required:
+                          - port
+                          type: object
+                        initialDelaySeconds:
+                          format: int32
+                          type: integer
+                        periodSeconds:
+                          format: int32
+                          type: integer
+                        successThreshold:
+                          format: int32
+                          type: integer
+                        tcpSocket:
+                          properties:
+                            host:
+                              type: string
+                            port:
+                              anyOf:
+                              - type: integer
+                              - type: string
+                              x-kubernetes-int-or-string: true
+                          required:
+                          - port
+                          type: object
+                        terminationGracePeriodSeconds:
+                          format: int64
+                          type: integer
+                        timeoutSeconds:
+                          format: int32
+                          type: integer
+                      type: object
+                    name:
+                      type: string
+                    ports:
+                      items:
+                        properties:
+                          containerPort:
+                            format: int32
+                            type: integer
+                          hostIP:
+                            type: string
+                          hostPort:
+                            format: int32
+                            type: integer
+                          name:
+                            type: string
+                          protocol:
+                            default: TCP
+                            type: string
+                        required:
+                        - containerPort
+                        type: object
+                      type: array
+                      x-kubernetes-list-map-keys:
+                      - containerPort
+                      - protocol
+                      x-kubernetes-list-type: map
+                    readinessProbe:
+                      properties:
+                        exec:
+                          properties:
+                            command:
+                              items:
+                                type: string
+                              type: array
+                              x-kubernetes-list-type: atomic
+                          type: object
+                        failureThreshold:
+                          format: int32
+                          type: integer
+                        grpc:
+                          properties:
+                            port:
+                              format: int32
+                              type: integer
+                            service:
+                              default: ""
+                              type: string
+                          required:
+                          - port
+                          type: object
+                        httpGet:
+                          properties:
+                            host:
+                              type: string
+                            httpHeaders:
+                              items:
+                                properties:
+                                  name:
+                                    type: string
+                                  value:
+                                    type: string
+                                required:
+                                - name
+                                - value
+                                type: object
+                              type: array
+                              x-kubernetes-list-type: atomic
+                            path:
+                              type: string
+                            port:
+                              anyOf:
+                              - type: integer
+                              - type: string
+                              x-kubernetes-int-or-string: true
+                            scheme:
+                              type: string
+                          required:
+                          - port
+                          type: object
+                        initialDelaySeconds:
+                          format: int32
+                          type: integer
+                        periodSeconds:
+                          format: int32
+                          type: integer
+                        successThreshold:
+                          format: int32
+                          type: integer
+                        tcpSocket:
+                          properties:
+                            host:
+                              type: string
+                            port:
+                              anyOf:
+                              - type: integer
+                              - type: string
+                              x-kubernetes-int-or-string: true
+                          required:
+                          - port
+                          type: object
+                        terminationGracePeriodSeconds:
+                          format: int64
+                          type: integer
+                        timeoutSeconds:
+                          format: int32
+                          type: integer
+                      type: object
+                    resizePolicy:
+                      items:
+                        properties:
+                          resourceName:
+                            type: string
+                          restartPolicy:
+                            type: string
+                        required:
+                        - resourceName
+                        - restartPolicy
+                        type: object
+                      type: array
+                      x-kubernetes-list-type: atomic
+                    resources:
+                      properties:
+                        claims:
+                          items:
+                            properties:
+                              name:
+                                type: string
+                              request:
+                                type: string
+                            required:
+                            - name
+                            type: object
+                          type: array
+                          x-kubernetes-list-map-keys:
+                          - name
+                          x-kubernetes-list-type: map
+                        limits:
+                          additionalProperties:
+                            anyOf:
+                            - type: integer
+                            - type: string
+                            pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+                            x-kubernetes-int-or-string: true
+                          type: object
+                        requests:
+                          additionalProperties:
+                            anyOf:
+                            - type: integer
+                            - type: string
+                            pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+                            x-kubernetes-int-or-string: true
+                          type: object
+                      type: object
+                    restartPolicy:
+                      type: string
+                    securityContext:
+                      properties:
+                        allowPrivilegeEscalation:
+                          type: boolean
+                        appArmorProfile:
+                          properties:
+                            localhostProfile:
+                              type: string
+                            type:
+                              type: string
+                          required:
+                          - type
+                          type: object
+                        capabilities:
+                          properties:
+                            add:
+                              items:
+                                type: string
+                              type: array
+                              x-kubernetes-list-type: atomic
+                            drop:
+                              items:
+                                type: string
+                              type: array
+                              x-kubernetes-list-type: atomic
+                          type: object
+                        privileged:
+                          type: boolean
+                        procMount:
+                          type: string
+                        readOnlyRootFilesystem:
+                          type: boolean
+                        runAsGroup:
+                          format: int64
+                          type: integer
+                        runAsNonRoot:
+                          type: boolean
+                        runAsUser:
+                          format: int64
+                          type: integer
+                        seLinuxOptions:
+                          properties:
+                            level:
+                              type: string
+                            role:
+                              type: string
+                            type:
+                              type: string
+                            user:
+                              type: string
+                          type: object
+                        seccompProfile:
+                          properties:
+                            localhostProfile:
+                              type: string
+                            type:
+                              type: string
+                          required:
+                          - type
+                          type: object
+                        windowsOptions:
+                          properties:
+                            gmsaCredentialSpec:
+                              type: string
+                            gmsaCredentialSpecName:
+                              type: string
+                            hostProcess:
+                              type: boolean
+                            runAsUserName:
+                              type: string
+                          type: object
+                      type: object
+                    startupProbe:
+                      properties:
+                        exec:
+                          properties:
+                            command:
+                              items:
+                                type: string
+                              type: array
+                              x-kubernetes-list-type: atomic
+                          type: object
+                        failureThreshold:
+                          format: int32
+                          type: integer
+                        grpc:
+                          properties:
+                            port:
+                              format: int32
+                              type: integer
+                            service:
+                              default: ""
+                              type: string
+                          required:
+                          - port
+                          type: object
+                        httpGet:
+                          properties:
+                            host:
+                              type: string
+                            httpHeaders:
+                              items:
+                                properties:
+                                  name:
+                                    type: string
+                                  value:
+                                    type: string
+                                required:
+                                - name
+                                - value
+                                type: object
+                              type: array
+                              x-kubernetes-list-type: atomic
+                            path:
+                              type: string
+                            port:
+                              anyOf:
+                              - type: integer
+                              - type: string
+                              x-kubernetes-int-or-string: true
+                            scheme:
+                              type: string
+                          required:
+                          - port
+                          type: object
+                        initialDelaySeconds:
+                          format: int32
+                          type: integer
+                        periodSeconds:
+                          format: int32
+                          type: integer
+                        successThreshold:
+                          format: int32
+                          type: integer
+                        tcpSocket:
+                          properties:
+                            host:
+                              type: string
+                            port:
+                              anyOf:
+                              - type: integer
+                              - type: string
+                              x-kubernetes-int-or-string: true
+                          required:
+                          - port
+                          type: object
+                        terminationGracePeriodSeconds:
+                          format: int64
+                          type: integer
+                        timeoutSeconds:
+                          format: int32
+                          type: integer
+                      type: object
+                    stdin:
+                      type: boolean
+                    stdinOnce:
+                      type: boolean
+                    terminationMessagePath:
+                      type: string
+                    terminationMessagePolicy:
+                      type: string
+                    tty:
+                      type: boolean
+                    volumeDevices:
+                      items:
+                        properties:
+                          devicePath:
+                            type: string
+                          name:
+                            type: string
+                        required:
+                        - devicePath
+                        - name
+                        type: object
+                      type: array
+                      x-kubernetes-list-map-keys:
+                      - devicePath
+                      x-kubernetes-list-type: map
+                    volumeMounts:
+                      items:
+                        properties:
+                          mountPath:
+                            type: string
+                          mountPropagation:
+                            type: string
+                          name:
+                            type: string
+                          readOnly:
+                            type: boolean
+                          recursiveReadOnly:
+                            type: string
+                          subPath:
+                            type: string
+                          subPathExpr:
+                            type: string
+                        required:
+                        - mountPath
+                        - name
+                        type: object
+                      type: array
+                      x-kubernetes-list-map-keys:
+                      - mountPath
+                      x-kubernetes-list-type: map
+                    workingDir:
+                      type: string
+                  required:
+                  - name
+                  type: object
+                type: array
+            type: object
+          status:
+            properties:
+              conditions:
+                items:
+                  properties:
+                    lastTransitionTime:
+                      format: date-time
+                      type: string
+                    message:
+                      maxLength: 32768
+                      type: string
+                    observedGeneration:
+                      format: int64
+                      minimum: 0
+                      type: integer
+                    reason:
+                      maxLength: 1024
+                      minLength: 1
+                      pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$
+                      type: string
+                    status:
+                      enum:
+                      - "True"
+                      - "False"
+                      - Unknown
+                      type: string
+                    type:
+                      maxLength: 316
+                      pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$
+                      type: string
+                  required:
+                  - lastTransitionTime
+                  - message
+                  - reason
+                  - status
+                  - type
+                  type: object
+                type: array
+              exporterConfig:
+                type: string
+              replicas:
+                type: integer
+              status:
+                type: string
+              version:
+                type: string
+            required:
+            - conditions
+            - exporterConfig
+            - version
+            type: object
+        type: object
+    served: true
+    storage: false
+    subresources:
+      status: {}
+  - additionalPrinterColumns:
+    - jsonPath: .status.exporterConfig
+      name: ExporterConfig
+      type: string
+    - jsonPath: .status.status
+      name: Status
+      type: string
+    - jsonPath: .status.version
+      name: Version
+      type: string
+    name: v1alpha1
+    schema:
+      openAPIV3Schema:
+        properties:
+          apiVersion:
+            type: string
+          kind:
+            type: string
+          metadata:
+            type: object
+          spec:
+            properties:
+              configuration:
+                properties:
+                  configMap:
+                    properties:
+                      key:
+                        type: string
+                      name:
+                        type: string
+                    type: object
+                type: object
+              database:
+                properties:
+                  dbConnectionString:
+                    properties:
+                      key:
+                        type: string
+                      secret:
+                        type: string
+                    type: object
+                  dbPassword:
+                    properties:
+                      key:
+                        type: string
+                      secret:
+                        type: string
+                      vaultOCID:
+                        type: string
+                      vaultSecretName:
+                        type: string
+                    type: object
+                  dbUser:
+                    properties:
+                      key:
+                        type: string
+                      secret:
+                        type: string
+                    type: object
+                  dbWallet:
+                    properties:
+                      key:
+                        type: string
+                      secret:
+                        type: string
+                    type: object
+                type: object
+              exporter:
+                properties:
+                  deployment:
+                    properties:
+                      args:
+                        items:
+                          type: string
+                        type: array
+                      commands:
+                        items:
+                          type: string
+                        type: array
+                      env:
+                        additionalProperties:
+                          type: string
+                        type: object
+                      image:
+                        type: string
+                      labels:
+                        additionalProperties:
+                          type: string
+                        type: object
+                      podTemplate:
+                        properties:
+                          labels:
+                            additionalProperties:
+                              type: string
+                            type: object
+                          securityContext:
+                            properties:
+                              appArmorProfile:
+                                properties:
+                                  localhostProfile:
+                                    type: string
+                                  type:
+                                    type: string
+                                required:
+                                - type
+                                type: object
+                              fsGroup:
+                                format: int64
+                                type: integer
+                              fsGroupChangePolicy:
+                                type: string
+                              runAsGroup:
+                                format: int64
+                                type: integer
+                              runAsNonRoot:
+                                type: boolean
+                              runAsUser:
+                                format: int64
+                                type: integer
+                              seLinuxOptions:
+                                properties:
+                                  level:
+                                    type: string
+                                  role:
+                                    type: string
+                                  type:
+                                    type: string
+                                  user:
+                                    type: string
+                                type: object
+                              seccompProfile:
+                                properties:
+                                  localhostProfile:
+                                    type: string
+                                  type:
+                                    type: string
+                                required:
+                                - type
+                                type: object
+                              supplementalGroups:
+                                items:
+                                  format: int64
+                                  type: integer
+                                type: array
+                                x-kubernetes-list-type: atomic
+                              supplementalGroupsPolicy:
+                                type: string
+                              sysctls:
+                                items:
+                                  properties:
+                                    name:
+                                      type: string
+                                    value:
+                                      type: string
+                                  required:
+                                  - name
+                                  - value
+                                  type: object
+                                type: array
+                                x-kubernetes-list-type: atomic
+                              windowsOptions:
+                                properties:
+                                  gmsaCredentialSpec:
+                                    type: string
+                                  gmsaCredentialSpecName:
+                                    type: string
+                                  hostProcess:
+                                    type: boolean
+                                  runAsUserName:
+                                    type: string
+                                type: object
+                            type: object
+                        type: object
+                      securityContext:
+                        properties:
+                          allowPrivilegeEscalation:
+                            type: boolean
+                          appArmorProfile:
+                            properties:
+                              localhostProfile:
+                                type: string
+                              type:
+                                type: string
+                            required:
+                            - type
+                            type: object
+                          capabilities:
+                            properties:
+                              add:
+                                items:
+                                  type: string
+                                type: array
+                                x-kubernetes-list-type: atomic
+                              drop:
+                                items:
+                                  type: string
+                                type: array
+                                x-kubernetes-list-type: atomic
+                            type: object
+                          privileged:
+                            type: boolean
+                          procMount:
+                            type: string
+                          readOnlyRootFilesystem:
+                            type: boolean
+                          runAsGroup:
+                            format: int64
+                            type: integer
+                          runAsNonRoot:
+                            type: boolean
+                          runAsUser:
+                            format: int64
+                            type: integer
+                          seLinuxOptions:
+                            properties:
+                              level:
+                                type: string
+                              role:
+                                type: string
+                              type:
+                                type: string
+                              user:
+                                type: string
+                            type: object
+                          seccompProfile:
+                            properties:
+                              localhostProfile:
+                                type: string
+                              type:
+                                type: string
+                            required:
+                            - type
+                            type: object
+                          windowsOptions:
+                            properties:
+                              gmsaCredentialSpec:
+                                type: string
+                              gmsaCredentialSpecName:
+                                type: string
+                              hostProcess:
+                                type: boolean
+                              runAsUserName:
+                                type: string
+                            type: object
+                        type: object
+                    type: object
+                  service:
+                    properties:
+                      labels:
+                        additionalProperties:
+                          type: string
+                        type: object
+                      ports:
+                        items:
+                          properties:
+                            appProtocol:
+                              type: string
+                            name:
+                              type: string
+                            nodePort:
+                              format: int32
+                              type: integer
+                            port:
+                              format: int32
+                              type: integer
+                            protocol:
+                              default: TCP
+                              type: string
+                            targetPort:
+                              anyOf:
+                              - type: integer
+                              - type: string
+                              x-kubernetes-int-or-string: true
+                          required:
+                          - port
+                          type: object
+                        type: array
+                    type: object
+                type: object
+              inheritLabels:
+                items:
+                  type: string
+                type: array
+              log:
+                properties:
+                  filename:
+                    type: string
+                  path:
+                    type: string
+                  volume:
+                    properties:
+                      name:
+                        type: string
+                      persistentVolumeClaim:
+                        properties:
+                          claimName:
+                            type: string
+                        type: object
+                    type: object
+                type: object
+              ociConfig:
+                properties:
+                  configMapName:
+                    type: string
+                  secretName:
+                    type: string
+                type: object
+              prometheus:
+                properties:
+                  serviceMonitor:
+                    properties:
+                      endpoints:
+                        items:
+                          properties:
+                            authorization:
+                              properties:
+                                credentials:
+                                  properties:
+                                    key:
+                                      type: string
+                                    name:
+                                      default: ""
+                                      type: string
+                                    optional:
+                                      type: boolean
+                                  required:
+                                  - key
+                                  type: object
+                                  x-kubernetes-map-type: atomic
+                                type:
+                                  type: string
+                              type: object
+                            basicAuth:
+                              properties:
+                                password:
+                                  properties:
+                                    key:
+                                      type: string
+                                    name:
+                                      default: ""
+                                      type: string
+                                    optional:
+                                      type: boolean
+                                  required:
+                                  - key
+                                  type: object
+                                  x-kubernetes-map-type: atomic
+                                username:
+                                  properties:
+                                    key:
+                                      type: string
+                                    name:
+                                      default: ""
+                                      type: string
+                                    optional:
+                                      type: boolean
+                                  required:
+                                  - key
+                                  type: object
+                                  x-kubernetes-map-type: atomic
+                              type: object
+                            bearerTokenFile:
+                              type: string
+                            bearerTokenSecret:
+                              properties:
+                                key:
+                                  type: string
+                                name:
+                                  default: ""
+                                  type: string
+                                optional:
+                                  type: boolean
+                              required:
+                              - key
+                              type: object
+                              x-kubernetes-map-type: atomic
+                            enableHttp2:
+                              type: boolean
+                            filterRunning:
+                              type: boolean
+                            followRedirects:
+                              type: boolean
+                            honorLabels:
+                              type: boolean
+                            honorTimestamps:
+                              type: boolean
+                            interval:
+                              pattern: ^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$
+                              type: string
+                            metricRelabelings:
+                              items:
+                                properties:
+                                  action:
+                                    default: replace
+                                    enum:
+                                    - replace
+                                    - Replace
+                                    - keep
+                                    - Keep
+                                    - drop
+                                    - Drop
+                                    - hashmod
+                                    - HashMod
+                                    - labelmap
+                                    - LabelMap
+                                    - labeldrop
+                                    - LabelDrop
+                                    - labelkeep
+                                    - LabelKeep
+                                    - lowercase
+                                    - Lowercase
+                                    - uppercase
+                                    - Uppercase
+                                    - keepequal
+                                    - KeepEqual
+                                    - dropequal
+                                    - DropEqual
+                                    type: string
+                                  modulus:
+                                    format: int64
+                                    type: integer
+                                  regex:
+                                    type: string
+                                  replacement:
+                                    type: string
+                                  separator:
+                                    type: string
+                                  sourceLabels:
+                                    items:
+                                      pattern: ^[a-zA-Z_][a-zA-Z0-9_]*$
+                                      type: string
+                                    type: array
+                                  targetLabel:
+                                    type: string
+                                type: object
+                              type: array
+                            oauth2:
+                              properties:
+                                clientId:
+                                  properties:
+                                    configMap:
+                                      properties:
+                                        key:
+                                          type: string
+                                        name:
+                                          default: ""
+                                          type: string
+                                        optional:
+                                          type: boolean
+                                      required:
+                                      - key
+                                      type: object
+                                      x-kubernetes-map-type: atomic
+                                    secret:
+                                      properties:
+                                        key:
+                                          type: string
+                                        name:
+                                          default: ""
+                                          type: string
+                                        optional:
+                                          type: boolean
+                                      required:
+                                      - key
+                                      type: object
+                                      x-kubernetes-map-type: atomic
+                                  type: object
+                                clientSecret:
+                                  properties:
+                                    key:
+                                      type: string
+                                    name:
+                                      default: ""
+                                      type: string
+                                    optional:
+                                      type: boolean
+                                  required:
+                                  - key
+                                  type: object
+                                  x-kubernetes-map-type: atomic
+                                endpointParams:
+                                  additionalProperties:
+                                    type: string
+                                  type: object
+                                noProxy:
+                                  type: string
+                                proxyConnectHeader:
+                                  additionalProperties:
+                                    items:
+                                      properties:
+                                        key:
+                                          type: string
+                                        name:
+                                          default: ""
+                                          type: string
+                                        optional:
+                                          type: boolean
+                                      required:
+                                      - key
+                                      type: object
+                                      x-kubernetes-map-type: atomic
+                                    type: array
+                                  type: object
+                                  x-kubernetes-map-type: atomic
+                                proxyFromEnvironment:
+                                  type: boolean
+                                proxyUrl:
+                                  pattern: ^http(s)?://.+$
+                                  type: string
+                                scopes:
+                                  items:
+                                    type: string
+                                  type: array
+                                tlsConfig:
+                                  properties:
+                                    ca:
+                                      properties:
+                                        configMap:
+                                          properties:
+                                            key:
+                                              type: string
+                                            name:
+                                              default: ""
+                                              type: string
+                                            optional:
+                                              type: boolean
+                                          required:
+                                          - key
+                                          type: object
+                                          x-kubernetes-map-type: atomic
+                                        secret:
+                                          properties:
+                                            key:
+                                              type: string
+                                            name:
+                                              default: ""
+                                              type: string
+                                            optional:
+                                              type: boolean
+                                          required:
+                                          - key
+                                          type: object
+                                          x-kubernetes-map-type: atomic
+                                      type: object
+                                    cert:
+                                      properties:
+                                        configMap:
+                                          properties:
+                                            key:
+                                              type: string
+                                            name:
+                                              default: ""
+                                              type: string
+                                            optional:
+                                              type: boolean
+                                          required:
+                                          - key
+                                          type: object
+                                          x-kubernetes-map-type: atomic
+                                        secret:
+                                          properties:
+                                            key:
+                                              type: string
+                                            name:
+                                              default: ""
+                                              type: string
+                                            optional:
+                                              type: boolean
+                                          required:
+                                          - key
+                                          type: object
+                                          x-kubernetes-map-type: atomic
+                                      type: object
+                                    insecureSkipVerify:
+                                      type: boolean
+                                    keySecret:
+                                      properties:
+                                        key:
+                                          type: string
+                                        name:
+                                          default: ""
+                                          type: string
+                                        optional:
+                                          type: boolean
+                                      required:
+                                      - key
+                                      type: object
+                                      x-kubernetes-map-type: atomic
+                                    maxVersion:
+                                      enum:
+                                      - TLS10
+                                      - TLS11
+                                      - TLS12
+                                      - TLS13
+                                      type: string
+                                    minVersion:
+                                      enum:
+                                      - TLS10
+                                      - TLS11
+                                      - TLS12
+                                      - TLS13
+                                      type: string
+                                    serverName:
+                                      type: string
+                                  type: object
+                                tokenUrl:
+                                  minLength: 1
+                                  type: string
+                              required:
+                              - clientId
+                              - clientSecret
+                              - tokenUrl
+                              type: object
+                            params:
+                              additionalProperties:
+                                items:
+                                  type: string
+                                type: array
+                              type: object
+                            path:
+                              type: string
+                            port:
+                              type: string
+                            proxyUrl:
+                              type: string
+                            relabelings:
+                              items:
+                                properties:
+                                  action:
+                                    default: replace
+                                    enum:
+                                    - replace
+                                    - Replace
+                                    - keep
+                                    - Keep
+                                    - drop
+                                    - Drop
+                                    - hashmod
+                                    - HashMod
+                                    - labelmap
+                                    - LabelMap
+                                    - labeldrop
+                                    - LabelDrop
+                                    - labelkeep
+                                    - LabelKeep
+                                    - lowercase
+                                    - Lowercase
+                                    - uppercase
+                                    - Uppercase
+                                    - keepequal
+                                    - KeepEqual
+                                    - dropequal
+                                    - DropEqual
+                                    type: string
+                                  modulus:
+                                    format: int64
+                                    type: integer
+                                  regex:
+                                    type: string
+                                  replacement:
+                                    type: string
+                                  separator:
+                                    type: string
+                                  sourceLabels:
+                                    items:
+                                      pattern: ^[a-zA-Z_][a-zA-Z0-9_]*$
+                                      type: string
+                                    type: array
+                                  targetLabel:
+                                    type: string
+                                type: object
+                              type: array
+                            scheme:
+                              enum:
+                              - http
+                              - https
+                              type: string
+                            scrapeTimeout:
+                              pattern: ^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$
+                              type: string
+                            targetPort:
+                              anyOf:
+                              - type: integer
+                              - type: string
+                              x-kubernetes-int-or-string: true
+                            tlsConfig:
+                              properties:
+                                ca:
+                                  properties:
+                                    configMap:
+                                      properties:
+                                        key:
+                                          type: string
+                                        name:
+                                          default: ""
+                                          type: string
+                                        optional:
+                                          type: boolean
+                                      required:
+                                      - key
+                                      type: object
+                                      x-kubernetes-map-type: atomic
+                                    secret:
+                                      properties:
+                                        key:
+                                          type: string
+                                        name:
+                                          default: ""
+                                          type: string
+                                        optional:
+                                          type: boolean
+                                      required:
+                                      - key
+                                      type: object
+                                      x-kubernetes-map-type: atomic
+                                  type: object
+                                caFile:
+                                  type: string
+                                cert:
+                                  properties:
+                                    configMap:
+                                      properties:
+                                        key:
+                                          type: string
+                                        name:
+                                          default: ""
+                                          type: string
+                                        optional:
+                                          type: boolean
+                                      required:
+                                      - key
+                                      type: object
+                                      x-kubernetes-map-type: atomic
+                                    secret:
+                                      properties:
+                                        key:
+                                          type: string
+                                        name:
+                                          default: ""
+                                          type: string
+                                        optional:
+                                          type: boolean
+                                      required:
+                                      - key
+                                      type: object
+                                      x-kubernetes-map-type: atomic
+                                  type: object
+                                certFile:
+                                  type: string
+                                insecureSkipVerify:
+                                  type: boolean
+                                keyFile:
+                                  type: string
+                                keySecret:
+                                  properties:
+                                    key:
+                                      type: string
+                                    name:
+                                      default: ""
+                                      type: string
+                                    optional:
+                                      type: boolean
+                                  required:
+                                  - key
+                                  type: object
+                                  x-kubernetes-map-type: atomic
+                                maxVersion:
+                                  enum:
+                                  - TLS10
+                                  - TLS11
+                                  - TLS12
+                                  - TLS13
+                                  type: string
+                                minVersion:
+                                  enum:
+                                  - TLS10
+                                  - TLS11
+                                  - TLS12
+                                  - TLS13
+                                  type: string
+                                serverName:
+                                  type: string
+                              type: object
+                            trackTimestampsStaleness:
+                              type: boolean
+                          type: object
+                        type: array
+                      labels:
+                        additionalProperties:
+                          type: string
+                        type: object
+                      namespaceSelector:
+                        properties:
+                          any:
+                            type: boolean
+                          matchNames:
+                            items:
+                              type: string
+                            type: array
+                        type: object
+                    type: object
+                type: object
+              replicas:
+                format: int32
+                type: integer
+              sidecarVolumes:
+                items:
+                  properties:
+                    awsElasticBlockStore:
+                      properties:
+                        fsType:
+                          type: string
+                        partition:
+                          format: int32
+                          type: integer
+                        readOnly:
+                          type: boolean
+                        volumeID:
+                          type: string
+                      required:
+                      - volumeID
+                      type: object
+                    azureDisk:
+                      properties:
+                        cachingMode:
+                          type: string
+                        diskName:
+                          type: string
+                        diskURI:
+                          type: string
+                        fsType:
+                          default: ext4
+                          type: string
+                        kind:
+                          type: string
+                        readOnly:
+                          default: false
+                          type: boolean
+                      required:
+                      - diskName
+                      - diskURI
+                      type: object
+                    azureFile:
+                      properties:
+                        readOnly:
+                          type: boolean
+                        secretName:
+                          type: string
+                        shareName:
+                          type: string
+                      required:
+                      - secretName
+                      - shareName
+                      type: object
+                    cephfs:
+                      properties:
+                        monitors:
+                          items:
+                            type: string
+                          type: array
+                          x-kubernetes-list-type: atomic
+                        path:
+                          type: string
+                        readOnly:
+                          type: boolean
+                        secretFile:
+                          type: string
+                        secretRef:
+                          properties:
+                            name:
+                              default: ""
+                              type: string
+                          type: object
+                          x-kubernetes-map-type: atomic
+                        user:
+                          type: string
+                      required:
+                      - monitors
+                      type: object
+                    cinder:
+                      properties:
+                        fsType:
+                          type: string
+                        readOnly:
+                          type: boolean
+                        secretRef:
+                          properties:
+                            name:
+                              default: ""
+                              type: string
+                          type: object
+                          x-kubernetes-map-type: atomic
+                        volumeID:
+                          type: string
+                      required:
+                      - volumeID
+                      type: object
+                    configMap:
+                      properties:
+                        defaultMode:
+                          format: int32
+                          type: integer
+                        items:
+                          items:
+                            properties:
+                              key:
+                                type: string
+                              mode:
+                                format: int32
+                                type: integer
+                              path:
+                                type: string
+                            required:
+                            - key
+                            - path
+                            type: object
+                          type: array
+                          x-kubernetes-list-type: atomic
+                        name:
+                          default: ""
+                          type: string
+                        optional:
+                          type: boolean
+                      type: object
+                      x-kubernetes-map-type: atomic
+                    csi:
+                      properties:
+                        driver:
+                          type: string
+                        fsType:
+                          type: string
+                        nodePublishSecretRef:
+                          properties:
+                            name:
+                              default: ""
+                              type: string
+                          type: object
+                          x-kubernetes-map-type: atomic
+                        readOnly:
+                          type: boolean
+                        volumeAttributes:
+                          additionalProperties:
+                            type: string
+                          type: object
+                      required:
+                      - driver
+                      type: object
+                    downwardAPI:
+                      properties:
+                        defaultMode:
+                          format: int32
+                          type: integer
+                        items:
+                          items:
+                            properties:
+                              fieldRef:
+                                properties:
+                                  apiVersion:
+                                    type: string
+                                  fieldPath:
+                                    type: string
+                                required:
+                                - fieldPath
+                                type: object
+                                x-kubernetes-map-type: atomic
+                              mode:
+                                format: int32
+                                type: integer
+                              path:
+                                type: string
+                              resourceFieldRef:
+                                properties:
+                                  containerName:
+                                    type: string
+                                  divisor:
+                                    anyOf:
+                                    - type: integer
+                                    - type: string
+                                    pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+                                    x-kubernetes-int-or-string: true
+                                  resource:
+                                    type: string
+                                required:
+                                - resource
+                                type: object
+                                x-kubernetes-map-type: atomic
+                            required:
+                            - path
+                            type: object
+                          type: array
+                          x-kubernetes-list-type: atomic
+                      type: object
+                    emptyDir:
+                      properties:
+                        medium:
+                          type: string
+                        sizeLimit:
+                          anyOf:
+                          - type: integer
+                          - type: string
+                          pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+                          x-kubernetes-int-or-string: true
+                      type: object
+                    ephemeral:
+                      properties:
+                        volumeClaimTemplate:
+                          properties:
+                            metadata:
+                              type: object
+                            spec:
+                              properties:
+                                accessModes:
+                                  items:
+                                    type: string
+                                  type: array
+                                  x-kubernetes-list-type: atomic
+                                dataSource:
+                                  properties:
+                                    apiGroup:
+                                      type: string
+                                    kind:
+                                      type: string
+                                    name:
+                                      type: string
+                                  required:
+                                  - kind
+                                  - name
+                                  type: object
+                                  x-kubernetes-map-type: atomic
+                                dataSourceRef:
+                                  properties:
+                                    apiGroup:
+                                      type: string
+                                    kind:
+                                      type: string
+                                    name:
+                                      type: string
+                                    namespace:
+                                      type: string
+                                  required:
+                                  - kind
+                                  - name
+                                  type: object
+                                resources:
+                                  properties:
+                                    limits:
+                                      additionalProperties:
+                                        anyOf:
+                                        - type: integer
+                                        - type: string
+                                        pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+                                        x-kubernetes-int-or-string: true
+                                      type: object
+                                    requests:
+                                      additionalProperties:
+                                        anyOf:
+                                        - type: integer
+                                        - type: string
+                                        pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+                                        x-kubernetes-int-or-string: true
+                                      type: object
+                                  type: object
+                                selector:
+                                  properties:
+                                    matchExpressions:
+                                      items:
+                                        properties:
+                                          key:
+                                            type: string
+                                          operator:
+                                            type: string
+                                          values:
+                                            items:
+                                              type: string
+                                            type: array
+                                            x-kubernetes-list-type: atomic
+                                        required:
+                                        - key
+                                        - operator
+                                        type: object
+                                      type: array
+                                      x-kubernetes-list-type: atomic
+                                    matchLabels:
+                                      additionalProperties:
+                                        type: string
+                                      type: object
+                                  type: object
+                                  x-kubernetes-map-type: atomic
+                                storageClassName:
+                                  type: string
+                                volumeAttributesClassName:
+                                  type: string
+                                volumeMode:
+                                  type: string
+                                volumeName:
+                                  type: string
+                              type: object
+                          required:
+                          - spec
+                          type: object
+                      type: object
+                    fc:
+                      properties:
+                        fsType:
+                          type: string
+                        lun:
+                          format: int32
+                          type: integer
+                        readOnly:
+                          type: boolean
+                        targetWWNs:
+                          items:
+                            type: string
+                          type: array
+                          x-kubernetes-list-type: atomic
+                        wwids:
+                          items:
+                            type: string
+                          type: array
+                          x-kubernetes-list-type: atomic
+                      type: object
+                    flexVolume:
+                      properties:
+                        driver:
+                          type: string
+                        fsType:
+                          type: string
+                        options:
+                          additionalProperties:
+                            type: string
+                          type: object
+                        readOnly:
+                          type: boolean
+                        secretRef:
+                          properties:
+                            name:
+                              default: ""
+                              type: string
+                          type: object
+                          x-kubernetes-map-type: atomic
+                      required:
+                      - driver
+                      type: object
+                    flocker:
+                      properties:
+                        datasetName:
+                          type: string
+                        datasetUUID:
+                          type: string
+                      type: object
+                    gcePersistentDisk:
+                      properties:
+                        fsType:
+                          type: string
+                        partition:
+                          format: int32
+                          type: integer
+                        pdName:
+                          type: string
+                        readOnly:
+                          type: boolean
+                      required:
+                      - pdName
+                      type: object
+                    gitRepo:
+                      properties:
+                        directory:
+                          type: string
+                        repository:
+                          type: string
+                        revision:
+                          type: string
+                      required:
+                      - repository
+                      type: object
+                    glusterfs:
+                      properties:
+                        endpoints:
+                          type: string
+                        path:
+                          type: string
+                        readOnly:
+                          type: boolean
+                      required:
+                      - endpoints
+                      - path
+                      type: object
+                    hostPath:
+                      properties:
+                        path:
+                          type: string
+                        type:
+                          type: string
+                      required:
+                      - path
+                      type: object
+                    image:
+                      properties:
+                        pullPolicy:
+                          type: string
+                        reference:
+                          type: string
+                      type: object
+                    iscsi:
+                      properties:
+                        chapAuthDiscovery:
+                          type: boolean
+                        chapAuthSession:
+                          type: boolean
+                        fsType:
+                          type: string
+                        initiatorName:
+                          type: string
+                        iqn:
+                          type: string
+                        iscsiInterface:
+                          default: default
+                          type: string
+                        lun:
+                          format: int32
+                          type: integer
+                        portals:
+                          items:
+                            type: string
+                          type: array
+                          x-kubernetes-list-type: atomic
+                        readOnly:
+                          type: boolean
+                        secretRef:
+                          properties:
+                            name:
+                              default: ""
+                              type: string
+                          type: object
+                          x-kubernetes-map-type: atomic
+                        targetPortal:
+                          type: string
+                      required:
+                      - iqn
+                      - lun
+                      - targetPortal
+                      type: object
+                    name:
+                      type: string
+                    nfs:
+                      properties:
+                        path:
+                          type: string
+                        readOnly:
+                          type: boolean
+                        server:
+                          type: string
+                      required:
+                      - path
+                      - server
+                      type: object
+                    persistentVolumeClaim:
+                      properties:
+                        claimName:
+                          type: string
+                        readOnly:
+                          type: boolean
+                      required:
+                      - claimName
+                      type: object
+                    photonPersistentDisk:
+                      properties:
+                        fsType:
+                          type: string
+                        pdID:
+                          type: string
+                      required:
+                      - pdID
+                      type: object
+                    portworxVolume:
+                      properties:
+                        fsType:
+                          type: string
+                        readOnly:
+                          type: boolean
+                        volumeID:
+                          type: string
+                      required:
+                      - volumeID
+                      type: object
+                    projected:
+                      properties:
+                        defaultMode:
+                          format: int32
+                          type: integer
+                        sources:
+                          items:
+                            properties:
+                              clusterTrustBundle:
+                                properties:
+                                  labelSelector:
+                                    properties:
+                                      matchExpressions:
+                                        items:
+                                          properties:
+                                            key:
+                                              type: string
+                                            operator:
+                                              type: string
+                                            values:
+                                              items:
+                                                type: string
+                                              type: array
+                                              x-kubernetes-list-type: atomic
+                                          required:
+                                          - key
+                                          - operator
+                                          type: object
+                                        type: array
+                                        x-kubernetes-list-type: atomic
+                                      matchLabels:
+                                        additionalProperties:
+                                          type: string
+                                        type: object
+                                    type: object
+                                    x-kubernetes-map-type: atomic
+                                  name:
+                                    type: string
+                                  optional:
+                                    type: boolean
+                                  path:
+                                    type: string
+                                  signerName:
+                                    type: string
+                                required:
+                                - path
+                                type: object
+                              configMap:
+                                properties:
+                                  items:
+                                    items:
+                                      properties:
+                                        key:
+                                          type: string
+                                        mode:
+                                          format: int32
+                                          type: integer
+                                        path:
+                                          type: string
+                                      required:
+                                      - key
+                                      - path
+                                      type: object
+                                    type: array
+                                    x-kubernetes-list-type: atomic
+                                  name:
+                                    default: ""
+                                    type: string
+                                  optional:
+                                    type: boolean
+                                type: object
+                                x-kubernetes-map-type: atomic
+                              downwardAPI:
+                                properties:
+                                  items:
+                                    items:
+                                      properties:
+                                        fieldRef:
+                                          properties:
+                                            apiVersion:
+                                              type: string
+                                            fieldPath:
+                                              type: string
+                                          required:
+                                          - fieldPath
+                                          type: object
+                                          x-kubernetes-map-type: atomic
+                                        mode:
+                                          format: int32
+                                          type: integer
+                                        path:
+                                          type: string
+                                        resourceFieldRef:
+                                          properties:
+                                            containerName:
+                                              type: string
+                                            divisor:
+                                              anyOf:
+                                              - type: integer
+                                              - type: string
+                                              pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+                                              x-kubernetes-int-or-string: true
+                                            resource:
+                                              type: string
+                                          required:
+                                          - resource
+                                          type: object
+                                          x-kubernetes-map-type: atomic
+                                      required:
+                                      - path
+                                      type: object
+                                    type: array
+                                    x-kubernetes-list-type: atomic
+                                type: object
+                              secret:
+                                properties:
+                                  items:
+                                    items:
+                                      properties:
+                                        key:
+                                          type: string
+                                        mode:
+                                          format: int32
+                                          type: integer
+                                        path:
+                                          type: string
+                                      required:
+                                      - key
+                                      - path
+                                      type: object
+                                    type: array
+                                    x-kubernetes-list-type: atomic
+                                  name:
+                                    default: ""
+                                    type: string
+                                  optional:
+                                    type: boolean
+                                type: object
+                                x-kubernetes-map-type: atomic
+                              serviceAccountToken:
+                                properties:
+                                  audience:
+                                    type: string
+                                  expirationSeconds:
+                                    format: int64
+                                    type: integer
+                                  path:
+                                    type: string
+                                required:
+                                - path
+                                type: object
+                            type: object
+                          type: array
+                          x-kubernetes-list-type: atomic
+                      type: object
+                    quobyte:
+                      properties:
+                        group:
+                          type: string
+                        readOnly:
+                          type: boolean
+                        registry:
+                          type: string
+                        tenant:
+                          type: string
+                        user:
+                          type: string
+                        volume:
+                          type: string
+                      required:
+                      - registry
+                      - volume
+                      type: object
+                    rbd:
+                      properties:
+                        fsType:
+                          type: string
+                        image:
+                          type: string
+                        keyring:
+                          default: /etc/ceph/keyring
+                          type: string
+                        monitors:
+                          items:
+                            type: string
+                          type: array
+                          x-kubernetes-list-type: atomic
+                        pool:
+                          default: rbd
+                          type: string
+                        readOnly:
+                          type: boolean
+                        secretRef:
+                          properties:
+                            name:
+                              default: ""
+                              type: string
+                          type: object
+                          x-kubernetes-map-type: atomic
+                        user:
+                          default: admin
+                          type: string
+                      required:
+                      - image
+                      - monitors
+                      type: object
+                    scaleIO:
+                      properties:
+                        fsType:
+                          default: xfs
+                          type: string
+                        gateway:
+                          type: string
+                        protectionDomain:
+                          type: string
+                        readOnly:
+                          type: boolean
+                        secretRef:
+                          properties:
+                            name:
+                              default: ""
+                              type: string
+                          type: object
+                          x-kubernetes-map-type: atomic
+                        sslEnabled:
+                          type: boolean
+                        storageMode:
+                          default: ThinProvisioned
+                          type: string
+                        storagePool:
+                          type: string
+                        system:
+                          type: string
+                        volumeName:
+                          type: string
+                      required:
+                      - gateway
+                      - secretRef
+                      - system
+                      type: object
+                    secret:
+                      properties:
+                        defaultMode:
+                          format: int32
+                          type: integer
+                        items:
+                          items:
+                            properties:
+                              key:
+                                type: string
+                              mode:
+                                format: int32
+                                type: integer
+                              path:
+                                type: string
+                            required:
+                            - key
+                            - path
+                            type: object
+                          type: array
+                          x-kubernetes-list-type: atomic
+                        optional:
+                          type: boolean
+                        secretName:
+                          type: string
+                      type: object
+                    storageos:
+                      properties:
+                        fsType:
+                          type: string
+                        readOnly:
+                          type: boolean
+                        secretRef:
+                          properties:
+                            name:
+                              default: ""
+                              type: string
+                          type: object
+                          x-kubernetes-map-type: atomic
+                        volumeName:
+                          type: string
+                        volumeNamespace:
+                          type: string
+                      type: object
+                    vsphereVolume:
+                      properties:
+                        fsType:
+                          type: string
+                        storagePolicyID:
+                          type: string
+                        storagePolicyName:
+                          type: string
+                        volumePath:
+                          type: string
+                      required:
+                      - volumePath
+                      type: object
+                  required:
+                  - name
+                  type: object
+                type: array
+              sidecars:
+                items:
+                  properties:
+                    args:
+                      items:
+                        type: string
+                      type: array
+                      x-kubernetes-list-type: atomic
+                    command:
+                      items:
+                        type: string
+                      type: array
+                      x-kubernetes-list-type: atomic
+                    env:
+                      items:
+                        properties:
+                          name:
+                            type: string
+                          value:
+                            type: string
+                          valueFrom:
+                            properties:
+                              configMapKeyRef:
+                                properties:
+                                  key:
+                                    type: string
+                                  name:
+                                    default: ""
+                                    type: string
+                                  optional:
+                                    type: boolean
+                                required:
+                                - key
+                                type: object
+                                x-kubernetes-map-type: atomic
+                              fieldRef:
+                                properties:
+                                  apiVersion:
+                                    type: string
+                                  fieldPath:
+                                    type: string
+                                required:
+                                - fieldPath
+                                type: object
+                                x-kubernetes-map-type: atomic
+                              resourceFieldRef:
+                                properties:
+                                  containerName:
+                                    type: string
+                                  divisor:
+                                    anyOf:
+                                    - type: integer
+                                    - type: string
+                                    pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+                                    x-kubernetes-int-or-string: true
+                                  resource:
+                                    type: string
+                                required:
+                                - resource
+                                type: object
+                                x-kubernetes-map-type: atomic
+                              secretKeyRef:
+                                properties:
+                                  key:
+                                    type: string
+                                  name:
+                                    default: ""
+                                    type: string
+                                  optional:
+                                    type: boolean
+                                required:
+                                - key
+                                type: object
+                                x-kubernetes-map-type: atomic
+                            type: object
+                        required:
+                        - name
+                        type: object
+                      type: array
+                      x-kubernetes-list-map-keys:
+                      - name
+                      x-kubernetes-list-type: map
+                    envFrom:
+                      items:
+                        properties:
+                          configMapRef:
+                            properties:
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            type: object
+                            x-kubernetes-map-type: atomic
+                          prefix:
+                            type: string
+                          secretRef:
+                            properties:
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                      type: array
+                      x-kubernetes-list-type: atomic
+                    image:
+                      type: string
+                    imagePullPolicy:
+                      type: string
+                    lifecycle:
+                      properties:
+                        postStart:
+                          properties:
+                            exec:
+                              properties:
+                                command:
+                                  items:
+                                    type: string
+                                  type: array
+                                  x-kubernetes-list-type: atomic
+                              type: object
+                            httpGet:
+                              properties:
+                                host:
+                                  type: string
+                                httpHeaders:
+                                  items:
+                                    properties:
+                                      name:
+                                        type: string
+                                      value:
+                                        type: string
+                                    required:
+                                    - name
+                                    - value
+                                    type: object
+                                  type: array
+                                  x-kubernetes-list-type: atomic
+                                path:
+                                  type: string
+                                port:
+                                  anyOf:
+                                  - type: integer
+                                  - type: string
+                                  x-kubernetes-int-or-string: true
+                                scheme:
+                                  type: string
+                              required:
+                              - port
+                              type: object
+                            sleep:
+                              properties:
+                                seconds:
+                                  format: int64
+                                  type: integer
+                              required:
+                              - seconds
+                              type: object
+                            tcpSocket:
+                              properties:
+                                host:
+                                  type: string
+                                port:
+                                  anyOf:
+                                  - type: integer
+                                  - type: string
+                                  x-kubernetes-int-or-string: true
+                              required:
+                              - port
+                              type: object
+                          type: object
+                        preStop:
+                          properties:
+                            exec:
+                              properties:
+                                command:
+                                  items:
+                                    type: string
+                                  type: array
+                                  x-kubernetes-list-type: atomic
+                              type: object
+                            httpGet:
+                              properties:
+                                host:
+                                  type: string
+                                httpHeaders:
+                                  items:
+                                    properties:
+                                      name:
+                                        type: string
+                                      value:
+                                        type: string
+                                    required:
+                                    - name
+                                    - value
+                                    type: object
+                                  type: array
+                                  x-kubernetes-list-type: atomic
+                                path:
+                                  type: string
+                                port:
+                                  anyOf:
+                                  - type: integer
+                                  - type: string
+                                  x-kubernetes-int-or-string: true
+                                scheme:
+                                  type: string
+                              required:
+                              - port
+                              type: object
+                            sleep:
+                              properties:
+                                seconds:
+                                  format: int64
+                                  type: integer
+                              required:
+                              - seconds
+                              type: object
+                            tcpSocket:
+                              properties:
+                                host:
+                                  type: string
+                                port:
+                                  anyOf:
+                                  - type: integer
+                                  - type: string
+                                  x-kubernetes-int-or-string: true
+                              required:
+                              - port
+                              type: object
+                          type: object
+                      type: object
+                    livenessProbe:
+                      properties:
+                        exec:
+                          properties:
+                            command:
+                              items:
+                                type: string
+                              type: array
+                              x-kubernetes-list-type: atomic
+                          type: object
+                        failureThreshold:
+                          format: int32
+                          type: integer
+                        grpc:
+                          properties:
+                            port:
+                              format: int32
+                              type: integer
+                            service:
+                              default: ""
+                              type: string
+                          required:
+                          - port
+                          type: object
+                        httpGet:
+                          properties:
+                            host:
+                              type: string
+                            httpHeaders:
+                              items:
+                                properties:
+                                  name:
+                                    type: string
+                                  value:
+                                    type: string
+                                required:
+                                - name
+                                - value
+                                type: object
+                              type: array
+                              x-kubernetes-list-type: atomic
+                            path:
+                              type: string
+                            port:
+                              anyOf:
+                              - type: integer
+                              - type: string
+                              x-kubernetes-int-or-string: true
+                            scheme:
+                              type: string
+                          required:
+                          - port
+                          type: object
+                        initialDelaySeconds:
+                          format: int32
+                          type: integer
+                        periodSeconds:
+                          format: int32
+                          type: integer
+                        successThreshold:
+                          format: int32
+                          type: integer
+                        tcpSocket:
+                          properties:
+                            host:
+                              type: string
+                            port:
+                              anyOf:
+                              - type: integer
+                              - type: string
+                              x-kubernetes-int-or-string: true
+                          required:
+                          - port
+                          type: object
+                        terminationGracePeriodSeconds:
+                          format: int64
+                          type: integer
+                        timeoutSeconds:
+                          format: int32
+                          type: integer
+                      type: object
+                    name:
+                      type: string
+                    ports:
+                      items:
+                        properties:
+                          containerPort:
+                            format: int32
+                            type: integer
+                          hostIP:
+                            type: string
+                          hostPort:
+                            format: int32
+                            type: integer
+                          name:
+                            type: string
+                          protocol:
+                            default: TCP
+                            type: string
+                        required:
+                        - containerPort
+                        type: object
+                      type: array
+                      x-kubernetes-list-map-keys:
+                      - containerPort
+                      - protocol
+                      x-kubernetes-list-type: map
+                    readinessProbe:
+                      properties:
+                        exec:
+                          properties:
+                            command:
+                              items:
+                                type: string
+                              type: array
+                              x-kubernetes-list-type: atomic
+                          type: object
+                        failureThreshold:
+                          format: int32
+                          type: integer
+                        grpc:
+                          properties:
+                            port:
+                              format: int32
+                              type: integer
+                            service:
+                              default: ""
+                              type: string
+                          required:
+                          - port
+                          type: object
+                        httpGet:
+                          properties:
+                            host:
+                              type: string
+                            httpHeaders:
+                              items:
+                                properties:
+                                  name:
+                                    type: string
+                                  value:
+                                    type: string
+                                required:
+                                - name
+                                - value
+                                type: object
+                              type: array
+                              x-kubernetes-list-type: atomic
+                            path:
+                              type: string
+                            port:
+                              anyOf:
+                              - type: integer
+                              - type: string
+                              x-kubernetes-int-or-string: true
+                            scheme:
+                              type: string
+                          required:
+                          - port
+                          type: object
+                        initialDelaySeconds:
+                          format: int32
+                          type: integer
+                        periodSeconds:
+                          format: int32
+                          type: integer
+                        successThreshold:
+                          format: int32
+                          type: integer
+                        tcpSocket:
+                          properties:
+                            host:
+                              type: string
+                            port:
+                              anyOf:
+                              - type: integer
+                              - type: string
+                              x-kubernetes-int-or-string: true
+                          required:
+                          - port
+                          type: object
+                        terminationGracePeriodSeconds:
+                          format: int64
+                          type: integer
+                        timeoutSeconds:
+                          format: int32
+                          type: integer
+                      type: object
+                    resizePolicy:
+                      items:
+                        properties:
+                          resourceName:
+                            type: string
+                          restartPolicy:
+                            type: string
+                        required:
+                        - resourceName
+                        - restartPolicy
+                        type: object
+                      type: array
+                      x-kubernetes-list-type: atomic
+                    resources:
+                      properties:
+                        claims:
+                          items:
+                            properties:
+                              name:
+                                type: string
+                              request:
+                                type: string
+                            required:
+                            - name
+                            type: object
+                          type: array
+                          x-kubernetes-list-map-keys:
+                          - name
+                          x-kubernetes-list-type: map
+                        limits:
+                          additionalProperties:
+                            anyOf:
+                            - type: integer
+                            - type: string
+                            pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+                            x-kubernetes-int-or-string: true
+                          type: object
+                        requests:
+                          additionalProperties:
+                            anyOf:
+                            - type: integer
+                            - type: string
+                            pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+                            x-kubernetes-int-or-string: true
+                          type: object
+                      type: object
+                    restartPolicy:
+                      type: string
+                    securityContext:
+                      properties:
+                        allowPrivilegeEscalation:
+                          type: boolean
+                        appArmorProfile:
+                          properties:
+                            localhostProfile:
+                              type: string
+                            type:
+                              type: string
+                          required:
+                          - type
+                          type: object
+                        capabilities:
+                          properties:
+                            add:
+                              items:
+                                type: string
+                              type: array
+                              x-kubernetes-list-type: atomic
+                            drop:
+                              items:
+                                type: string
+                              type: array
+                              x-kubernetes-list-type: atomic
+                          type: object
+                        privileged:
+                          type: boolean
+                        procMount:
+                          type: string
+                        readOnlyRootFilesystem:
+                          type: boolean
+                        runAsGroup:
+                          format: int64
+                          type: integer
+                        runAsNonRoot:
+                          type: boolean
+                        runAsUser:
+                          format: int64
+                          type: integer
+                        seLinuxOptions:
+                          properties:
+                            level:
+                              type: string
+                            role:
+                              type: string
+                            type:
+                              type: string
+                            user:
+                              type: string
+                          type: object
+                        seccompProfile:
+                          properties:
+                            localhostProfile:
+                              type: string
+                            type:
+                              type: string
+                          required:
+                          - type
+                          type: object
+                        windowsOptions:
+                          properties:
+                            gmsaCredentialSpec:
+                              type: string
+                            gmsaCredentialSpecName:
+                              type: string
+                            hostProcess:
+                              type: boolean
+                            runAsUserName:
+                              type: string
+                          type: object
+                      type: object
+                    startupProbe:
+                      properties:
+                        exec:
+                          properties:
+                            command:
+                              items:
+                                type: string
+                              type: array
+                              x-kubernetes-list-type: atomic
+                          type: object
+                        failureThreshold:
+                          format: int32
+                          type: integer
+                        grpc:
+                          properties:
+                            port:
+                              format: int32
+                              type: integer
+                            service:
+                              default: ""
+                              type: string
+                          required:
+                          - port
+                          type: object
+                        httpGet:
+                          properties:
+                            host:
+                              type: string
+                            httpHeaders:
+                              items:
+                                properties:
+                                  name:
+                                    type: string
+                                  value:
+                                    type: string
+                                required:
+                                - name
+                                - value
+                                type: object
+                              type: array
+                              x-kubernetes-list-type: atomic
+                            path:
+                              type: string
+                            port:
+                              anyOf:
+                              - type: integer
+                              - type: string
+                              x-kubernetes-int-or-string: true
+                            scheme:
+                              type: string
+                          required:
+                          - port
+                          type: object
+                        initialDelaySeconds:
+                          format: int32
+                          type: integer
+                        periodSeconds:
+                          format: int32
+                          type: integer
+                        successThreshold:
+                          format: int32
+                          type: integer
+                        tcpSocket:
+                          properties:
+                            host:
+                              type: string
+                            port:
+                              anyOf:
+                              - type: integer
+                              - type: string
+                              x-kubernetes-int-or-string: true
+                          required:
+                          - port
+                          type: object
+                        terminationGracePeriodSeconds:
+                          format: int64
+                          type: integer
+                        timeoutSeconds:
+                          format: int32
+                          type: integer
+                      type: object
+                    stdin:
+                      type: boolean
+                    stdinOnce:
+                      type: boolean
+                    terminationMessagePath:
+                      type: string
+                    terminationMessagePolicy:
+                      type: string
+                    tty:
+                      type: boolean
+                    volumeDevices:
+                      items:
+                        properties:
+                          devicePath:
+                            type: string
+                          name:
+                            type: string
+                        required:
+                        - devicePath
+                        - name
+                        type: object
+                      type: array
+                      x-kubernetes-list-map-keys:
+                      - devicePath
+                      x-kubernetes-list-type: map
+                    volumeMounts:
+                      items:
+                        properties:
+                          mountPath:
+                            type: string
+                          mountPropagation:
+                            type: string
+                          name:
+                            type: string
+                          readOnly:
+                            type: boolean
+                          recursiveReadOnly:
+                            type: string
+                          subPath:
+                            type: string
+                          subPathExpr:
+                            type: string
+                        required:
+                        - mountPath
+                        - name
+                        type: object
+                      type: array
+                      x-kubernetes-list-map-keys:
+                      - mountPath
+                      x-kubernetes-list-type: map
+                    workingDir:
+                      type: string
+                  required:
+                  - name
+                  type: object
+                type: array
+            type: object
+          status:
+            properties:
+              conditions:
+                items:
+                  properties:
+                    lastTransitionTime:
+                      format: date-time
+                      type: string
+                    message:
+                      maxLength: 32768
+                      type: string
+                    observedGeneration:
+                      format: int64
+                      minimum: 0
+                      type: integer
+                    reason:
+                      maxLength: 1024
+                      minLength: 1
+                      pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$
+                      type: string
+                    status:
+                      enum:
+                      - "True"
+                      - "False"
+                      - Unknown
+                      type: string
+                    type:
+                      maxLength: 316
+                      pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$
+                      type: string
+                  required:
+                  - lastTransitionTime
+                  - message
+                  - reason
+                  - status
+                  - type
+                  type: object
+                type: array
+              exporterConfig:
+                type: string
+              replicas:
+                type: integer
+              status:
+                type: string
+              version:
+                type: string
+            required:
+            - conditions
+            - exporterConfig
+            - version
+            type: object
+        type: object
+    served: true
+    storage: false
+    subresources:
+      status: {}
+  - additionalPrinterColumns:
+    - jsonPath: .status.exporterConfig
+      name: ExporterConfig
+      type: string
+    - jsonPath: .status.status
+      name: Status
+      type: string
+    - jsonPath: .status.version
+      name: Version
+      type: string
+    name: v4
+    schema:
+      openAPIV3Schema:
+        properties:
+          apiVersion:
+            type: string
+          kind:
+            type: string
+          metadata:
+            type: object
+          spec:
+            properties:
+              configuration:
+                properties:
+                  configMap:
+                    properties:
+                      key:
+                        type: string
+                      name:
+                        type: string
+                    type: object
+                type: object
+              database:
+                properties:
+                  dbConnectionString:
+                    properties:
+                      key:
+                        type: string
+                      secret:
+                        type: string
+                    type: object
+                  dbPassword:
+                    properties:
+                      key:
+                        type: string
+                      secret:
+                        type: string
+                      vaultOCID:
+                        type: string
+                      vaultSecretName:
+                        type: string
+                    type: object
+                  dbUser:
+                    properties:
+                      key:
+                        type: string
+                      secret:
+                        type: string
+                    type: object
+                  dbWallet:
+                    properties:
+                      key:
+                        type: string
+                      secret:
+                        type: string
+                    type: object
+                type: object
+              exporter:
+                properties:
+                  deployment:
+                    properties:
+                      args:
+                        items:
+                          type: string
+                        type: array
+                      commands:
+                        items:
+                          type: string
+                        type: array
+                      env:
+                        additionalProperties:
+                          type: string
+                        type: object
+                      image:
+                        type: string
+                      labels:
+                        additionalProperties:
+                          type: string
+                        type: object
+                      podTemplate:
+                        properties:
+                          labels:
+                            additionalProperties:
+                              type: string
+                            type: object
+                          securityContext:
+                            properties:
+                              appArmorProfile:
+                                properties:
+                                  localhostProfile:
+                                    type: string
+                                  type:
+                                    type: string
+                                required:
+                                - type
+                                type: object
+                              fsGroup:
+                                format: int64
+                                type: integer
+                              fsGroupChangePolicy:
+                                type: string
+                              runAsGroup:
+                                format: int64
+                                type: integer
+                              runAsNonRoot:
+                                type: boolean
+                              runAsUser:
+                                format: int64
+                                type: integer
+                              seLinuxOptions:
+                                properties:
+                                  level:
+                                    type: string
+                                  role:
+                                    type: string
+                                  type:
+                                    type: string
+                                  user:
+                                    type: string
+                                type: object
+                              seccompProfile:
+                                properties:
+                                  localhostProfile:
+                                    type: string
+                                  type:
+                                    type: string
+                                required:
+                                - type
+                                type: object
+                              supplementalGroups:
+                                items:
+                                  format: int64
+                                  type: integer
+                                type: array
+                                x-kubernetes-list-type: atomic
+                              supplementalGroupsPolicy:
+                                type: string
+                              sysctls:
+                                items:
+                                  properties:
+                                    name:
+                                      type: string
+                                    value:
+                                      type: string
+                                  required:
+                                  - name
+                                  - value
+                                  type: object
+                                type: array
+                                x-kubernetes-list-type: atomic
+                              windowsOptions:
+                                properties:
+                                  gmsaCredentialSpec:
+                                    type: string
+                                  gmsaCredentialSpecName:
+                                    type: string
+                                  hostProcess:
+                                    type: boolean
+                                  runAsUserName:
+                                    type: string
+                                type: object
+                            type: object
+                        type: object
+                      securityContext:
+                        properties:
+                          allowPrivilegeEscalation:
+                            type: boolean
+                          appArmorProfile:
+                            properties:
+                              localhostProfile:
+                                type: string
+                              type:
+                                type: string
+                            required:
+                            - type
+                            type: object
+                          capabilities:
+                            properties:
+                              add:
+                                items:
+                                  type: string
+                                type: array
+                                x-kubernetes-list-type: atomic
+                              drop:
+                                items:
+                                  type: string
+                                type: array
+                                x-kubernetes-list-type: atomic
+                            type: object
+                          privileged:
+                            type: boolean
+                          procMount:
+                            type: string
+                          readOnlyRootFilesystem:
+                            type: boolean
+                          runAsGroup:
+                            format: int64
+                            type: integer
+                          runAsNonRoot:
+                            type: boolean
+                          runAsUser:
+                            format: int64
+                            type: integer
+                          seLinuxOptions:
+                            properties:
+                              level:
+                                type: string
+                              role:
+                                type: string
+                              type:
+                                type: string
+                              user:
+                                type: string
+                            type: object
+                          seccompProfile:
+                            properties:
+                              localhostProfile:
+                                type: string
+                              type:
+                                type: string
+                            required:
+                            - type
+                            type: object
+                          windowsOptions:
+                            properties:
+                              gmsaCredentialSpec:
+                                type: string
+                              gmsaCredentialSpecName:
+                                type: string
+                              hostProcess:
+                                type: boolean
+                              runAsUserName:
+                                type: string
+                            type: object
+                        type: object
+                    type: object
+                  service:
+                    properties:
+                      labels:
+                        additionalProperties:
+                          type: string
+                        type: object
+                      ports:
+                        items:
+                          properties:
+                            appProtocol:
+                              type: string
+                            name:
+                              type: string
+                            nodePort:
+                              format: int32
+                              type: integer
+                            port:
+                              format: int32
+                              type: integer
+                            protocol:
+                              default: TCP
+                              type: string
+                            targetPort:
+                              anyOf:
+                              - type: integer
+                              - type: string
+                              x-kubernetes-int-or-string: true
+                          required:
+                          - port
+                          type: object
+                        type: array
+                    type: object
+                type: object
+              inheritLabels:
+                items:
+                  type: string
+                type: array
+              log:
+                properties:
+                  filename:
+                    type: string
+                  path:
+                    type: string
+                  volume:
+                    properties:
+                      name:
+                        type: string
+                      persistentVolumeClaim:
+                        properties:
+                          claimName:
+                            type: string
+                        type: object
+                    type: object
+                type: object
+              ociConfig:
+                properties:
+                  configMapName:
+                    type: string
+                  secretName:
+                    type: string
+                type: object
+              prometheus:
+                properties:
+                  serviceMonitor:
+                    properties:
+                      endpoints:
+                        items:
+                          properties:
+                            authorization:
+                              properties:
+                                credentials:
+                                  properties:
+                                    key:
+                                      type: string
+                                    name:
+                                      default: ""
+                                      type: string
+                                    optional:
+                                      type: boolean
+                                  required:
+                                  - key
+                                  type: object
+                                  x-kubernetes-map-type: atomic
+                                type:
+                                  type: string
+                              type: object
+                            basicAuth:
+                              properties:
+                                password:
+                                  properties:
+                                    key:
+                                      type: string
+                                    name:
+                                      default: ""
+                                      type: string
+                                    optional:
+                                      type: boolean
+                                  required:
+                                  - key
+                                  type: object
+                                  x-kubernetes-map-type: atomic
+                                username:
+                                  properties:
+                                    key:
+                                      type: string
+                                    name:
+                                      default: ""
+                                      type: string
+                                    optional:
+                                      type: boolean
+                                  required:
+                                  - key
+                                  type: object
+                                  x-kubernetes-map-type: atomic
+                              type: object
+                            bearerTokenFile:
+                              type: string
+                            bearerTokenSecret:
+                              properties:
+                                key:
+                                  type: string
+                                name:
+                                  default: ""
+                                  type: string
+                                optional:
+                                  type: boolean
+                              required:
+                              - key
+                              type: object
+                              x-kubernetes-map-type: atomic
+                            enableHttp2:
+                              type: boolean
+                            filterRunning:
+                              type: boolean
+                            followRedirects:
+                              type: boolean
+                            honorLabels:
+                              type: boolean
+                            honorTimestamps:
+                              type: boolean
+                            interval:
+                              pattern: ^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$
+                              type: string
+                            metricRelabelings:
+                              items:
+                                properties:
+                                  action:
+                                    default: replace
+                                    enum:
+                                    - replace
+                                    - Replace
+                                    - keep
+                                    - Keep
+                                    - drop
+                                    - Drop
+                                    - hashmod
+                                    - HashMod
+                                    - labelmap
+                                    - LabelMap
+                                    - labeldrop
+                                    - LabelDrop
+                                    - labelkeep
+                                    - LabelKeep
+                                    - lowercase
+                                    - Lowercase
+                                    - uppercase
+                                    - Uppercase
+                                    - keepequal
+                                    - KeepEqual
+                                    - dropequal
+                                    - DropEqual
+                                    type: string
+                                  modulus:
+                                    format: int64
+                                    type: integer
+                                  regex:
+                                    type: string
+                                  replacement:
+                                    type: string
+                                  separator:
+                                    type: string
+                                  sourceLabels:
+                                    items:
+                                      pattern: ^[a-zA-Z_][a-zA-Z0-9_]*$
+                                      type: string
+                                    type: array
+                                  targetLabel:
+                                    type: string
+                                type: object
+                              type: array
+                            oauth2:
+                              properties:
+                                clientId:
+                                  properties:
+                                    configMap:
+                                      properties:
+                                        key:
+                                          type: string
+                                        name:
+                                          default: ""
+                                          type: string
+                                        optional:
+                                          type: boolean
+                                      required:
+                                      - key
+                                      type: object
+                                      x-kubernetes-map-type: atomic
+                                    secret:
+                                      properties:
+                                        key:
+                                          type: string
+                                        name:
+                                          default: ""
+                                          type: string
+                                        optional:
+                                          type: boolean
+                                      required:
+                                      - key
+                                      type: object
+                                      x-kubernetes-map-type: atomic
+                                  type: object
+                                clientSecret:
+                                  properties:
+                                    key:
+                                      type: string
+                                    name:
+                                      default: ""
+                                      type: string
+                                    optional:
+                                      type: boolean
+                                  required:
+                                  - key
+                                  type: object
+                                  x-kubernetes-map-type: atomic
+                                endpointParams:
+                                  additionalProperties:
+                                    type: string
+                                  type: object
+                                noProxy:
+                                  type: string
+                                proxyConnectHeader:
+                                  additionalProperties:
+                                    items:
+                                      properties:
+                                        key:
+                                          type: string
+                                        name:
+                                          default: ""
+                                          type: string
+                                        optional:
+                                          type: boolean
+                                      required:
+                                      - key
+                                      type: object
+                                      x-kubernetes-map-type: atomic
+                                    type: array
+                                  type: object
+                                  x-kubernetes-map-type: atomic
+                                proxyFromEnvironment:
+                                  type: boolean
+                                proxyUrl:
+                                  pattern: ^http(s)?://.+$
+                                  type: string
+                                scopes:
+                                  items:
+                                    type: string
+                                  type: array
+                                tlsConfig:
+                                  properties:
+                                    ca:
+                                      properties:
+                                        configMap:
+                                          properties:
+                                            key:
+                                              type: string
+                                            name:
+                                              default: ""
+                                              type: string
+                                            optional:
+                                              type: boolean
+                                          required:
+                                          - key
+                                          type: object
+                                          x-kubernetes-map-type: atomic
+                                        secret:
+                                          properties:
+                                            key:
+                                              type: string
+                                            name:
+                                              default: ""
+                                              type: string
+                                            optional:
+                                              type: boolean
+                                          required:
+                                          - key
+                                          type: object
+                                          x-kubernetes-map-type: atomic
+                                      type: object
+                                    cert:
+                                      properties:
+                                        configMap:
+                                          properties:
+                                            key:
+                                              type: string
+                                            name:
+                                              default: ""
+                                              type: string
+                                            optional:
+                                              type: boolean
+                                          required:
+                                          - key
+                                          type: object
+                                          x-kubernetes-map-type: atomic
+                                        secret:
+                                          properties:
+                                            key:
+                                              type: string
+                                            name:
+                                              default: ""
+                                              type: string
+                                            optional:
+                                              type: boolean
+                                          required:
+                                          - key
+                                          type: object
+                                          x-kubernetes-map-type: atomic
+                                      type: object
+                                    insecureSkipVerify:
+                                      type: boolean
+                                    keySecret:
+                                      properties:
+                                        key:
+                                          type: string
+                                        name:
+                                          default: ""
+                                          type: string
+                                        optional:
+                                          type: boolean
+                                      required:
+                                      - key
+                                      type: object
+                                      x-kubernetes-map-type: atomic
+                                    maxVersion:
+                                      enum:
+                                      - TLS10
+                                      - TLS11
+                                      - TLS12
+                                      - TLS13
+                                      type: string
+                                    minVersion:
+                                      enum:
+                                      - TLS10
+                                      - TLS11
+                                      - TLS12
+                                      - TLS13
+                                      type: string
+                                    serverName:
+                                      type: string
+                                  type: object
+                                tokenUrl:
+                                  minLength: 1
+                                  type: string
+                              required:
+                              - clientId
+                              - clientSecret
+                              - tokenUrl
+                              type: object
+                            params:
+                              additionalProperties:
+                                items:
+                                  type: string
+                                type: array
+                              type: object
+                            path:
+                              type: string
+                            port:
+                              type: string
+                            proxyUrl:
+                              type: string
+                            relabelings:
+                              items:
+                                properties:
+                                  action:
+                                    default: replace
+                                    enum:
+                                    - replace
+                                    - Replace
+                                    - keep
+                                    - Keep
+                                    - drop
+                                    - Drop
+                                    - hashmod
+                                    - HashMod
+                                    - labelmap
+                                    - LabelMap
+                                    - labeldrop
+                                    - LabelDrop
+                                    - labelkeep
+                                    - LabelKeep
+                                    - lowercase
+                                    - Lowercase
+                                    - uppercase
+                                    - Uppercase
+                                    - keepequal
+                                    - KeepEqual
+                                    - dropequal
+                                    - DropEqual
+                                    type: string
+                                  modulus:
+                                    format: int64
+                                    type: integer
+                                  regex:
+                                    type: string
+                                  replacement:
+                                    type: string
+                                  separator:
+                                    type: string
+                                  sourceLabels:
+                                    items:
+                                      pattern: ^[a-zA-Z_][a-zA-Z0-9_]*$
+                                      type: string
+                                    type: array
+                                  targetLabel:
+                                    type: string
+                                type: object
+                              type: array
+                            scheme:
+                              enum:
+                              - http
+                              - https
+                              type: string
+                            scrapeTimeout:
+                              pattern: ^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$
+                              type: string
+                            targetPort:
+                              anyOf:
+                              - type: integer
+                              - type: string
+                              x-kubernetes-int-or-string: true
+                            tlsConfig:
+                              properties:
+                                ca:
+                                  properties:
+                                    configMap:
+                                      properties:
+                                        key:
+                                          type: string
+                                        name:
+                                          default: ""
+                                          type: string
+                                        optional:
+                                          type: boolean
+                                      required:
+                                      - key
+                                      type: object
+                                      x-kubernetes-map-type: atomic
+                                    secret:
+                                      properties:
+                                        key:
+                                          type: string
+                                        name:
+                                          default: ""
+                                          type: string
+                                        optional:
+                                          type: boolean
+                                      required:
+                                      - key
+                                      type: object
+                                      x-kubernetes-map-type: atomic
+                                  type: object
+                                caFile:
+                                  type: string
+                                cert:
+                                  properties:
+                                    configMap:
+                                      properties:
+                                        key:
+                                          type: string
+                                        name:
+                                          default: ""
+                                          type: string
+                                        optional:
+                                          type: boolean
+                                      required:
+                                      - key
+                                      type: object
+                                      x-kubernetes-map-type: atomic
+                                    secret:
+                                      properties:
+                                        key:
+                                          type: string
+                                        name:
+                                          default: ""
+                                          type: string
+                                        optional:
+                                          type: boolean
+                                      required:
+                                      - key
+                                      type: object
+                                      x-kubernetes-map-type: atomic
+                                  type: object
+                                certFile:
+                                  type: string
+                                insecureSkipVerify:
+                                  type: boolean
+                                keyFile:
+                                  type: string
+                                keySecret:
+                                  properties:
+                                    key:
+                                      type: string
+                                    name:
+                                      default: ""
+                                      type: string
+                                    optional:
+                                      type: boolean
+                                  required:
+                                  - key
+                                  type: object
+                                  x-kubernetes-map-type: atomic
+                                maxVersion:
+                                  enum:
+                                  - TLS10
+                                  - TLS11
+                                  - TLS12
+                                  - TLS13
+                                  type: string
+                                minVersion:
+                                  enum:
+                                  - TLS10
+                                  - TLS11
+                                  - TLS12
+                                  - TLS13
+                                  type: string
+                                serverName:
+                                  type: string
+                              type: object
+                            trackTimestampsStaleness:
+                              type: boolean
+                          type: object
+                        type: array
+                      labels:
+                        additionalProperties:
+                          type: string
+                        type: object
+                      namespaceSelector:
+                        properties:
+                          any:
+                            type: boolean
+                          matchNames:
+                            items:
+                              type: string
+                            type: array
+                        type: object
+                    type: object
+                type: object
+              replicas:
+                format: int32
+                type: integer
+              sidecarVolumes:
+                items:
+                  properties:
+                    awsElasticBlockStore:
+                      properties:
+                        fsType:
+                          type: string
+                        partition:
+                          format: int32
+                          type: integer
+                        readOnly:
+                          type: boolean
+                        volumeID:
+                          type: string
+                      required:
+                      - volumeID
+                      type: object
+                    azureDisk:
+                      properties:
+                        cachingMode:
+                          type: string
+                        diskName:
+                          type: string
+                        diskURI:
+                          type: string
+                        fsType:
+                          default: ext4
+                          type: string
+                        kind:
+                          type: string
+                        readOnly:
+                          default: false
+                          type: boolean
+                      required:
+                      - diskName
+                      - diskURI
+                      type: object
+                    azureFile:
+                      properties:
+                        readOnly:
+                          type: boolean
+                        secretName:
+                          type: string
+                        shareName:
+                          type: string
+                      required:
+                      - secretName
+                      - shareName
+                      type: object
+                    cephfs:
+                      properties:
+                        monitors:
+                          items:
+                            type: string
+                          type: array
+                          x-kubernetes-list-type: atomic
+                        path:
+                          type: string
+                        readOnly:
+                          type: boolean
+                        secretFile:
+                          type: string
+                        secretRef:
+                          properties:
+                            name:
+                              default: ""
+                              type: string
+                          type: object
+                          x-kubernetes-map-type: atomic
+                        user:
+                          type: string
+                      required:
+                      - monitors
+                      type: object
+                    cinder:
+                      properties:
+                        fsType:
+                          type: string
+                        readOnly:
+                          type: boolean
+                        secretRef:
+                          properties:
+                            name:
+                              default: ""
+                              type: string
+                          type: object
+                          x-kubernetes-map-type: atomic
+                        volumeID:
+                          type: string
+                      required:
+                      - volumeID
+                      type: object
+                    configMap:
+                      properties:
+                        defaultMode:
+                          format: int32
+                          type: integer
+                        items:
+                          items:
+                            properties:
+                              key:
+                                type: string
+                              mode:
+                                format: int32
+                                type: integer
+                              path:
+                                type: string
+                            required:
+                            - key
+                            - path
+                            type: object
+                          type: array
+                          x-kubernetes-list-type: atomic
+                        name:
+                          default: ""
+                          type: string
+                        optional:
+                          type: boolean
+                      type: object
+                      x-kubernetes-map-type: atomic
+                    csi:
+                      properties:
+                        driver:
+                          type: string
+                        fsType:
+                          type: string
+                        nodePublishSecretRef:
+                          properties:
+                            name:
+                              default: ""
+                              type: string
+                          type: object
+                          x-kubernetes-map-type: atomic
+                        readOnly:
+                          type: boolean
+                        volumeAttributes:
+                          additionalProperties:
+                            type: string
+                          type: object
+                      required:
+                      - driver
+                      type: object
+                    downwardAPI:
+                      properties:
+                        defaultMode:
+                          format: int32
+                          type: integer
+                        items:
+                          items:
+                            properties:
+                              fieldRef:
+                                properties:
+                                  apiVersion:
+                                    type: string
+                                  fieldPath:
+                                    type: string
+                                required:
+                                - fieldPath
+                                type: object
+                                x-kubernetes-map-type: atomic
+                              mode:
+                                format: int32
+                                type: integer
+                              path:
+                                type: string
+                              resourceFieldRef:
+                                properties:
+                                  containerName:
+                                    type: string
+                                  divisor:
+                                    anyOf:
+                                    - type: integer
+                                    - type: string
+                                    pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+                                    x-kubernetes-int-or-string: true
+                                  resource:
+                                    type: string
+                                required:
+                                - resource
+                                type: object
+                                x-kubernetes-map-type: atomic
+                            required:
+                            - path
+                            type: object
+                          type: array
+                          x-kubernetes-list-type: atomic
+                      type: object
+                    emptyDir:
+                      properties:
+                        medium:
+                          type: string
+                        sizeLimit:
+                          anyOf:
+                          - type: integer
+                          - type: string
+                          pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+                          x-kubernetes-int-or-string: true
+                      type: object
+                    ephemeral:
+                      properties:
+                        volumeClaimTemplate:
+                          properties:
+                            metadata:
+                              type: object
+                            spec:
+                              properties:
+                                accessModes:
+                                  items:
+                                    type: string
+                                  type: array
+                                  x-kubernetes-list-type: atomic
+                                dataSource:
+                                  properties:
+                                    apiGroup:
+                                      type: string
+                                    kind:
+                                      type: string
+                                    name:
+                                      type: string
+                                  required:
+                                  - kind
+                                  - name
+                                  type: object
+                                  x-kubernetes-map-type: atomic
+                                dataSourceRef:
+                                  properties:
+                                    apiGroup:
+                                      type: string
+                                    kind:
+                                      type: string
+                                    name:
+                                      type: string
+                                    namespace:
+                                      type: string
+                                  required:
+                                  - kind
+                                  - name
+                                  type: object
+                                resources:
+                                  properties:
+                                    limits:
+                                      additionalProperties:
+                                        anyOf:
+                                        - type: integer
+                                        - type: string
+                                        pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+                                        x-kubernetes-int-or-string: true
+                                      type: object
+                                    requests:
+                                      additionalProperties:
+                                        anyOf:
+                                        - type: integer
+                                        - type: string
+                                        pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+                                        x-kubernetes-int-or-string: true
+                                      type: object
+                                  type: object
+                                selector:
+                                  properties:
+                                    matchExpressions:
+                                      items:
+                                        properties:
+                                          key:
+                                            type: string
+                                          operator:
+                                            type: string
+                                          values:
+                                            items:
+                                              type: string
+                                            type: array
+                                            x-kubernetes-list-type: atomic
+                                        required:
+                                        - key
+                                        - operator
+                                        type: object
+                                      type: array
+                                      x-kubernetes-list-type: atomic
+                                    matchLabels:
+                                      additionalProperties:
+                                        type: string
+                                      type: object
+                                  type: object
+                                  x-kubernetes-map-type: atomic
+                                storageClassName:
+                                  type: string
+                                volumeAttributesClassName:
+                                  type: string
+                                volumeMode:
+                                  type: string
+                                volumeName:
+                                  type: string
+                              type: object
+                          required:
+                          - spec
+                          type: object
+                      type: object
+                    fc:
+                      properties:
+                        fsType:
+                          type: string
+                        lun:
+                          format: int32
+                          type: integer
+                        readOnly:
+                          type: boolean
+                        targetWWNs:
+                          items:
+                            type: string
+                          type: array
+                          x-kubernetes-list-type: atomic
+                        wwids:
+                          items:
+                            type: string
+                          type: array
+                          x-kubernetes-list-type: atomic
+                      type: object
+                    flexVolume:
+                      properties:
+                        driver:
+                          type: string
+                        fsType:
+                          type: string
+                        options:
+                          additionalProperties:
+                            type: string
+                          type: object
+                        readOnly:
+                          type: boolean
+                        secretRef:
+                          properties:
+                            name:
+                              default: ""
+                              type: string
+                          type: object
+                          x-kubernetes-map-type: atomic
+                      required:
+                      - driver
+                      type: object
+                    flocker:
+                      properties:
+                        datasetName:
+                          type: string
+                        datasetUUID:
+                          type: string
+                      type: object
+                    gcePersistentDisk:
+                      properties:
+                        fsType:
+                          type: string
+                        partition:
+                          format: int32
+                          type: integer
+                        pdName:
+                          type: string
+                        readOnly:
+                          type: boolean
+                      required:
+                      - pdName
+                      type: object
+                    gitRepo:
+                      properties:
+                        directory:
+                          type: string
+                        repository:
+                          type: string
+                        revision:
+                          type: string
+                      required:
+                      - repository
+                      type: object
+                    glusterfs:
+                      properties:
+                        endpoints:
+                          type: string
+                        path:
+                          type: string
+                        readOnly:
+                          type: boolean
+                      required:
+                      - endpoints
+                      - path
+                      type: object
+                    hostPath:
+                      properties:
+                        path:
+                          type: string
+                        type:
+                          type: string
+                      required:
+                      - path
+                      type: object
+                    image:
+                      properties:
+                        pullPolicy:
+                          type: string
+                        reference:
+                          type: string
+                      type: object
+                    iscsi:
+                      properties:
+                        chapAuthDiscovery:
+                          type: boolean
+                        chapAuthSession:
+                          type: boolean
+                        fsType:
+                          type: string
+                        initiatorName:
+                          type: string
+                        iqn:
+                          type: string
+                        iscsiInterface:
+                          default: default
+                          type: string
+                        lun:
+                          format: int32
+                          type: integer
+                        portals:
+                          items:
+                            type: string
+                          type: array
+                          x-kubernetes-list-type: atomic
+                        readOnly:
+                          type: boolean
+                        secretRef:
+                          properties:
+                            name:
+                              default: ""
+                              type: string
+                          type: object
+                          x-kubernetes-map-type: atomic
+                        targetPortal:
+                          type: string
+                      required:
+                      - iqn
+                      - lun
+                      - targetPortal
+                      type: object
+                    name:
+                      type: string
+                    nfs:
+                      properties:
+                        path:
+                          type: string
+                        readOnly:
+                          type: boolean
+                        server:
+                          type: string
+                      required:
+                      - path
+                      - server
+                      type: object
+                    persistentVolumeClaim:
+                      properties:
+                        claimName:
+                          type: string
+                        readOnly:
+                          type: boolean
+                      required:
+                      - claimName
+                      type: object
+                    photonPersistentDisk:
+                      properties:
+                        fsType:
+                          type: string
+                        pdID:
+                          type: string
+                      required:
+                      - pdID
+                      type: object
+                    portworxVolume:
+                      properties:
+                        fsType:
+                          type: string
+                        readOnly:
+                          type: boolean
+                        volumeID:
+                          type: string
+                      required:
+                      - volumeID
+                      type: object
+                    projected:
+                      properties:
+                        defaultMode:
+                          format: int32
+                          type: integer
+                        sources:
+                          items:
+                            properties:
+                              clusterTrustBundle:
+                                properties:
+                                  labelSelector:
+                                    properties:
+                                      matchExpressions:
+                                        items:
+                                          properties:
+                                            key:
+                                              type: string
+                                            operator:
+                                              type: string
+                                            values:
+                                              items:
+                                                type: string
+                                              type: array
+                                              x-kubernetes-list-type: atomic
+                                          required:
+                                          - key
+                                          - operator
+                                          type: object
+                                        type: array
+                                        x-kubernetes-list-type: atomic
+                                      matchLabels:
+                                        additionalProperties:
+                                          type: string
+                                        type: object
+                                    type: object
+                                    x-kubernetes-map-type: atomic
+                                  name:
+                                    type: string
+                                  optional:
+                                    type: boolean
+                                  path:
+                                    type: string
+                                  signerName:
+                                    type: string
+                                required:
+                                - path
+                                type: object
+                              configMap:
+                                properties:
+                                  items:
+                                    items:
+                                      properties:
+                                        key:
+                                          type: string
+                                        mode:
+                                          format: int32
+                                          type: integer
+                                        path:
+                                          type: string
+                                      required:
+                                      - key
+                                      - path
+                                      type: object
+                                    type: array
+                                    x-kubernetes-list-type: atomic
+                                  name:
+                                    default: ""
+                                    type: string
+                                  optional:
+                                    type: boolean
+                                type: object
+                                x-kubernetes-map-type: atomic
+                              downwardAPI:
+                                properties:
+                                  items:
+                                    items:
+                                      properties:
+                                        fieldRef:
+                                          properties:
+                                            apiVersion:
+                                              type: string
+                                            fieldPath:
+                                              type: string
+                                          required:
+                                          - fieldPath
+                                          type: object
+                                          x-kubernetes-map-type: atomic
+                                        mode:
+                                          format: int32
+                                          type: integer
+                                        path:
+                                          type: string
+                                        resourceFieldRef:
+                                          properties:
+                                            containerName:
+                                              type: string
+                                            divisor:
+                                              anyOf:
+                                              - type: integer
+                                              - type: string
+                                              pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+                                              x-kubernetes-int-or-string: true
+                                            resource:
+                                              type: string
+                                          required:
+                                          - resource
+                                          type: object
+                                          x-kubernetes-map-type: atomic
+                                      required:
+                                      - path
+                                      type: object
+                                    type: array
+                                    x-kubernetes-list-type: atomic
+                                type: object
+                              secret:
+                                properties:
+                                  items:
+                                    items:
+                                      properties:
+                                        key:
+                                          type: string
+                                        mode:
+                                          format: int32
+                                          type: integer
+                                        path:
+                                          type: string
+                                      required:
+                                      - key
+                                      - path
+                                      type: object
+                                    type: array
+                                    x-kubernetes-list-type: atomic
+                                  name:
+                                    default: ""
+                                    type: string
+                                  optional:
+                                    type: boolean
+                                type: object
+                                x-kubernetes-map-type: atomic
+                              serviceAccountToken:
+                                properties:
+                                  audience:
+                                    type: string
+                                  expirationSeconds:
+                                    format: int64
+                                    type: integer
+                                  path:
+                                    type: string
+                                required:
+                                - path
+                                type: object
+                            type: object
+                          type: array
+                          x-kubernetes-list-type: atomic
+                      type: object
+                    quobyte:
+                      properties:
+                        group:
+                          type: string
+                        readOnly:
+                          type: boolean
+                        registry:
+                          type: string
+                        tenant:
+                          type: string
+                        user:
+                          type: string
+                        volume:
+                          type: string
+                      required:
+                      - registry
+                      - volume
+                      type: object
+                    rbd:
+                      properties:
+                        fsType:
+                          type: string
+                        image:
+                          type: string
+                        keyring:
+                          default: /etc/ceph/keyring
+                          type: string
+                        monitors:
+                          items:
+                            type: string
+                          type: array
+                          x-kubernetes-list-type: atomic
+                        pool:
+                          default: rbd
+                          type: string
+                        readOnly:
+                          type: boolean
+                        secretRef:
+                          properties:
+                            name:
+                              default: ""
+                              type: string
+                          type: object
+                          x-kubernetes-map-type: atomic
+                        user:
+                          default: admin
+                          type: string
+                      required:
+                      - image
+                      - monitors
+                      type: object
+                    scaleIO:
+                      properties:
+                        fsType:
+                          default: xfs
+                          type: string
+                        gateway:
+                          type: string
+                        protectionDomain:
+                          type: string
+                        readOnly:
+                          type: boolean
+                        secretRef:
+                          properties:
+                            name:
+                              default: ""
+                              type: string
+                          type: object
+                          x-kubernetes-map-type: atomic
+                        sslEnabled:
+                          type: boolean
+                        storageMode:
+                          default: ThinProvisioned
+                          type: string
+                        storagePool:
+                          type: string
+                        system:
+                          type: string
+                        volumeName:
+                          type: string
+                      required:
+                      - gateway
+                      - secretRef
+                      - system
+                      type: object
+                    secret:
+                      properties:
+                        defaultMode:
+                          format: int32
+                          type: integer
+                        items:
+                          items:
+                            properties:
+                              key:
+                                type: string
+                              mode:
+                                format: int32
+                                type: integer
+                              path:
+                                type: string
+                            required:
+                            - key
+                            - path
+                            type: object
+                          type: array
+                          x-kubernetes-list-type: atomic
+                        optional:
+                          type: boolean
+                        secretName:
+                          type: string
+                      type: object
+                    storageos:
+                      properties:
+                        fsType:
+                          type: string
+                        readOnly:
+                          type: boolean
+                        secretRef:
+                          properties:
+                            name:
+                              default: ""
+                              type: string
+                          type: object
+                          x-kubernetes-map-type: atomic
+                        volumeName:
+                          type: string
+                        volumeNamespace:
+                          type: string
+                      type: object
+                    vsphereVolume:
+                      properties:
+                        fsType:
+                          type: string
+                        storagePolicyID:
+                          type: string
+                        storagePolicyName:
+                          type: string
+                        volumePath:
+                          type: string
+                      required:
+                      - volumePath
+                      type: object
+                  required:
+                  - name
+                  type: object
+                type: array
+              sidecars:
+                items:
+                  properties:
+                    args:
+                      items:
+                        type: string
+                      type: array
+                      x-kubernetes-list-type: atomic
+                    command:
+                      items:
+                        type: string
+                      type: array
+                      x-kubernetes-list-type: atomic
+                    env:
+                      items:
+                        properties:
+                          name:
+                            type: string
+                          value:
+                            type: string
+                          valueFrom:
+                            properties:
+                              configMapKeyRef:
+                                properties:
+                                  key:
+                                    type: string
+                                  name:
+                                    default: ""
+                                    type: string
+                                  optional:
+                                    type: boolean
+                                required:
+                                - key
+                                type: object
+                                x-kubernetes-map-type: atomic
+                              fieldRef:
+                                properties:
+                                  apiVersion:
+                                    type: string
+                                  fieldPath:
+                                    type: string
+                                required:
+                                - fieldPath
+                                type: object
+                                x-kubernetes-map-type: atomic
+                              resourceFieldRef:
+                                properties:
+                                  containerName:
+                                    type: string
+                                  divisor:
+                                    anyOf:
+                                    - type: integer
+                                    - type: string
+                                    pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+                                    x-kubernetes-int-or-string: true
+                                  resource:
+                                    type: string
+                                required:
+                                - resource
+                                type: object
+                                x-kubernetes-map-type: atomic
+                              secretKeyRef:
+                                properties:
+                                  key:
+                                    type: string
+                                  name:
+                                    default: ""
+                                    type: string
+                                  optional:
+                                    type: boolean
+                                required:
+                                - key
+                                type: object
+                                x-kubernetes-map-type: atomic
+                            type: object
+                        required:
+                        - name
+                        type: object
+                      type: array
+                      x-kubernetes-list-map-keys:
+                      - name
+                      x-kubernetes-list-type: map
+                    envFrom:
+                      items:
+                        properties:
+                          configMapRef:
+                            properties:
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            type: object
+                            x-kubernetes-map-type: atomic
+                          prefix:
+                            type: string
+                          secretRef:
+                            properties:
+                              name:
+                                default: ""
+                                type: string
+                              optional:
+                                type: boolean
+                            type: object
+                            x-kubernetes-map-type: atomic
+                        type: object
+                      type: array
+                      x-kubernetes-list-type: atomic
+                    image:
+                      type: string
+                    imagePullPolicy:
+                      type: string
+                    lifecycle:
+                      properties:
+                        postStart:
+                          properties:
+                            exec:
+                              properties:
+                                command:
+                                  items:
+                                    type: string
+                                  type: array
+                                  x-kubernetes-list-type: atomic
+                              type: object
+                            httpGet:
+                              properties:
+                                host:
+                                  type: string
+                                httpHeaders:
+                                  items:
+                                    properties:
+                                      name:
+                                        type: string
+                                      value:
+                                        type: string
+                                    required:
+                                    - name
+                                    - value
+                                    type: object
+                                  type: array
+                                  x-kubernetes-list-type: atomic
+                                path:
+                                  type: string
+                                port:
+                                  anyOf:
+                                  - type: integer
+                                  - type: string
+                                  x-kubernetes-int-or-string: true
+                                scheme:
+                                  type: string
+                              required:
+                              - port
+                              type: object
+                            sleep:
+                              properties:
+                                seconds:
+                                  format: int64
+                                  type: integer
+                              required:
+                              - seconds
+                              type: object
+                            tcpSocket:
+                              properties:
+                                host:
+                                  type: string
+                                port:
+                                  anyOf:
+                                  - type: integer
+                                  - type: string
+                                  x-kubernetes-int-or-string: true
+                              required:
+                              - port
+                              type: object
+                          type: object
+                        preStop:
+                          properties:
+                            exec:
+                              properties:
+                                command:
+                                  items:
+                                    type: string
+                                  type: array
+                                  x-kubernetes-list-type: atomic
+                              type: object
+                            httpGet:
+                              properties:
+                                host:
+                                  type: string
+                                httpHeaders:
+                                  items:
+                                    properties:
+                                      name:
+                                        type: string
+                                      value:
+                                        type: string
+                                    required:
+                                    - name
+                                    - value
+                                    type: object
+                                  type: array
+                                  x-kubernetes-list-type: atomic
+                                path:
+                                  type: string
+                                port:
+                                  anyOf:
+                                  - type: integer
+                                  - type: string
+                                  x-kubernetes-int-or-string: true
+                                scheme:
+                                  type: string
+                              required:
+                              - port
+                              type: object
+                            sleep:
+                              properties:
+                                seconds:
+                                  format: int64
+                                  type: integer
+                              required:
+                              - seconds
+                              type: object
+                            tcpSocket:
+                              properties:
+                                host:
+                                  type: string
+                                port:
+                                  anyOf:
+                                  - type: integer
+                                  - type: string
+                                  x-kubernetes-int-or-string: true
+                              required:
+                              - port
+                              type: object
+                          type: object
+                      type: object
+                    livenessProbe:
+                      properties:
+                        exec:
+                          properties:
+                            command:
+                              items:
+                                type: string
+                              type: array
+                              x-kubernetes-list-type: atomic
+                          type: object
+                        failureThreshold:
+                          format: int32
+                          type: integer
+                        grpc:
+                          properties:
+                            port:
+                              format: int32
+                              type: integer
+                            service:
+                              default: ""
+                              type: string
+                          required:
+                          - port
+                          type: object
+                        httpGet:
+                          properties:
+                            host:
+                              type: string
+                            httpHeaders:
+                              items:
+                                properties:
+                                  name:
+                                    type: string
+                                  value:
+                                    type: string
+                                required:
+                                - name
+                                - value
+                                type: object
+                              type: array
+                              x-kubernetes-list-type: atomic
+                            path:
+                              type: string
+                            port:
+                              anyOf:
+                              - type: integer
+                              - type: string
+                              x-kubernetes-int-or-string: true
+                            scheme:
+                              type: string
+                          required:
+                          - port
+                          type: object
+                        initialDelaySeconds:
+                          format: int32
+                          type: integer
+                        periodSeconds:
+                          format: int32
+                          type: integer
+                        successThreshold:
+                          format: int32
+                          type: integer
+                        tcpSocket:
+                          properties:
+                            host:
+                              type: string
+                            port:
+                              anyOf:
+                              - type: integer
+                              - type: string
+                              x-kubernetes-int-or-string: true
+                          required:
+                          - port
+                          type: object
+                        terminationGracePeriodSeconds:
+                          format: int64
+                          type: integer
+                        timeoutSeconds:
+                          format: int32
+                          type: integer
+                      type: object
+                    name:
+                      type: string
+                    ports:
+                      items:
+                        properties:
+                          containerPort:
+                            format: int32
+                            type: integer
+                          hostIP:
+                            type: string
+                          hostPort:
+                            format: int32
+                            type: integer
+                          name:
+                            type: string
+                          protocol:
+                            default: TCP
+                            type: string
+                        required:
+                        - containerPort
+                        type: object
+                      type: array
+                      x-kubernetes-list-map-keys:
+                      - containerPort
+                      - protocol
+                      x-kubernetes-list-type: map
+                    readinessProbe:
+                      properties:
+                        exec:
+                          properties:
+                            command:
+                              items:
+                                type: string
+                              type: array
+                              x-kubernetes-list-type: atomic
+                          type: object
+                        failureThreshold:
+                          format: int32
+                          type: integer
+                        grpc:
+                          properties:
+                            port:
+                              format: int32
+                              type: integer
+                            service:
+                              default: ""
+                              type: string
+                          required:
+                          - port
+                          type: object
+                        httpGet:
+                          properties:
+                            host:
+                              type: string
+                            httpHeaders:
+                              items:
+                                properties:
+                                  name:
+                                    type: string
+                                  value:
+                                    type: string
+                                required:
+                                - name
+                                - value
+                                type: object
+                              type: array
+                              x-kubernetes-list-type: atomic
+                            path:
+                              type: string
+                            port:
+                              anyOf:
+                              - type: integer
+                              - type: string
+                              x-kubernetes-int-or-string: true
+                            scheme:
+                              type: string
+                          required:
+                          - port
+                          type: object
+                        initialDelaySeconds:
+                          format: int32
+                          type: integer
+                        periodSeconds:
+                          format: int32
+                          type: integer
+                        successThreshold:
+                          format: int32
+                          type: integer
+                        tcpSocket:
+                          properties:
+                            host:
+                              type: string
+                            port:
+                              anyOf:
+                              - type: integer
+                              - type: string
+                              x-kubernetes-int-or-string: true
+                          required:
+                          - port
+                          type: object
+                        terminationGracePeriodSeconds:
+                          format: int64
+                          type: integer
+                        timeoutSeconds:
+                          format: int32
+                          type: integer
+                      type: object
+                    resizePolicy:
+                      items:
+                        properties:
+                          resourceName:
+                            type: string
+                          restartPolicy:
+                            type: string
+                        required:
+                        - resourceName
+                        - restartPolicy
+                        type: object
+                      type: array
+                      x-kubernetes-list-type: atomic
+                    resources:
+                      properties:
+                        claims:
+                          items:
+                            properties:
+                              name:
+                                type: string
+                              request:
+                                type: string
+                            required:
+                            - name
+                            type: object
+                          type: array
+                          x-kubernetes-list-map-keys:
+                          - name
+                          x-kubernetes-list-type: map
+                        limits:
+                          additionalProperties:
+                            anyOf:
+                            - type: integer
+                            - type: string
+                            pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+                            x-kubernetes-int-or-string: true
+                          type: object
+                        requests:
+                          additionalProperties:
+                            anyOf:
+                            - type: integer
+                            - type: string
+                            pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+                            x-kubernetes-int-or-string: true
+                          type: object
+                      type: object
+                    restartPolicy:
+                      type: string
+                    securityContext:
+                      properties:
+                        allowPrivilegeEscalation:
+                          type: boolean
+                        appArmorProfile:
+                          properties:
+                            localhostProfile:
+                              type: string
+                            type:
+                              type: string
+                          required:
+                          - type
+                          type: object
+                        capabilities:
+                          properties:
+                            add:
+                              items:
+                                type: string
+                              type: array
+                              x-kubernetes-list-type: atomic
+                            drop:
+                              items:
+                                type: string
+                              type: array
+                              x-kubernetes-list-type: atomic
+                          type: object
+                        privileged:
+                          type: boolean
+                        procMount:
+                          type: string
+                        readOnlyRootFilesystem:
+                          type: boolean
+                        runAsGroup:
+                          format: int64
+                          type: integer
+                        runAsNonRoot:
+                          type: boolean
+                        runAsUser:
+                          format: int64
+                          type: integer
+                        seLinuxOptions:
+                          properties:
+                            level:
+                              type: string
+                            role:
+                              type: string
+                            type:
+                              type: string
+                            user:
+                              type: string
+                          type: object
+                        seccompProfile:
+                          properties:
+                            localhostProfile:
+                              type: string
+                            type:
+                              type: string
+                          required:
+                          - type
+                          type: object
+                        windowsOptions:
+                          properties:
+                            gmsaCredentialSpec:
+                              type: string
+                            gmsaCredentialSpecName:
+                              type: string
+                            hostProcess:
+                              type: boolean
+                            runAsUserName:
+                              type: string
+                          type: object
+                      type: object
+                    startupProbe:
+                      properties:
+                        exec:
+                          properties:
+                            command:
+                              items:
+                                type: string
+                              type: array
+                              x-kubernetes-list-type: atomic
+                          type: object
+                        failureThreshold:
+                          format: int32
+                          type: integer
+                        grpc:
+                          properties:
+                            port:
+                              format: int32
+                              type: integer
+                            service:
+                              default: ""
+                              type: string
+                          required:
+                          - port
+                          type: object
+                        httpGet:
+                          properties:
+                            host:
+                              type: string
+                            httpHeaders:
+                              items:
+                                properties:
+                                  name:
+                                    type: string
+                                  value:
+                                    type: string
+                                required:
+                                - name
+                                - value
+                                type: object
+                              type: array
+                              x-kubernetes-list-type: atomic
+                            path:
+                              type: string
+                            port:
+                              anyOf:
+                              - type: integer
+                              - type: string
+                              x-kubernetes-int-or-string: true
+                            scheme:
+                              type: string
+                          required:
+                          - port
+                          type: object
+                        initialDelaySeconds:
+                          format: int32
+                          type: integer
+                        periodSeconds:
+                          format: int32
+                          type: integer
+                        successThreshold:
+                          format: int32
+                          type: integer
+                        tcpSocket:
+                          properties:
+                            host:
+                              type: string
+                            port:
+                              anyOf:
+                              - type: integer
+                              - type: string
+                              x-kubernetes-int-or-string: true
+                          required:
+                          - port
+                          type: object
+                        terminationGracePeriodSeconds:
+                          format: int64
+                          type: integer
+                        timeoutSeconds:
+                          format: int32
+                          type: integer
+                      type: object
+                    stdin:
+                      type: boolean
+                    stdinOnce:
+                      type: boolean
+                    terminationMessagePath:
+                      type: string
+                    terminationMessagePolicy:
+                      type: string
+                    tty:
+                      type: boolean
+                    volumeDevices:
+                      items:
+                        properties:
+                          devicePath:
+                            type: string
+                          name:
+                            type: string
+                        required:
+                        - devicePath
+                        - name
+                        type: object
+                      type: array
+                      x-kubernetes-list-map-keys:
+                      - devicePath
+                      x-kubernetes-list-type: map
+                    volumeMounts:
+                      items:
+                        properties:
+                          mountPath:
+                            type: string
+                          mountPropagation:
+                            type: string
+                          name:
+                            type: string
+                          readOnly:
+                            type: boolean
+                          recursiveReadOnly:
+                            type: string
+                          subPath:
+                            type: string
+                          subPathExpr:
+                            type: string
+                        required:
+                        - mountPath
+                        - name
+                        type: object
+                      type: array
+                      x-kubernetes-list-map-keys:
+                      - mountPath
+                      x-kubernetes-list-type: map
+                    workingDir:
+                      type: string
+                  required:
+                  - name
+                  type: object
+                type: array
+            type: object
+          status:
+            properties:
+              conditions:
+                items:
+                  properties:
+                    lastTransitionTime:
+                      format: date-time
+                      type: string
+                    message:
+                      maxLength: 32768
+                      type: string
+                    observedGeneration:
+                      format: int64
+                      minimum: 0
+                      type: integer
+                    reason:
+                      maxLength: 1024
+                      minLength: 1
+                      pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$
+                      type: string
+                    status:
+                      enum:
+                      - "True"
+                      - "False"
+                      - Unknown
+                      type: string
+                    type:
+                      maxLength: 316
+                      pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$
+                      type: string
+                  required:
+                  - lastTransitionTime
+                  - message
+                  - reason
+                  - status
+                  - type
+                  type: object
+                type: array
+              exporterConfig:
+                type: string
+              replicas:
+                type: integer
+              status:
+                type: string
+              version:
+                type: string
+            required:
+            - conditions
+            - exporterConfig
+            - version
+            type: object
+        type: object
+    served: true
+    storage: true
+    subresources:
+      status: {}
+status:
+  acceptedNames:
+    kind: ""
+    plural: ""
+  conditions: null
+  storedVersions: null
diff --git a/bundle/manifests/oracle-database-operator-controller-manager-metrics-service_v1_service.yaml b/bundle/manifests/oracle-database-operator-controller-manager-metrics-service_v1_service.yaml
new file mode 100644
index 00000000..ea25c27f
--- /dev/null
+++ b/bundle/manifests/oracle-database-operator-controller-manager-metrics-service_v1_service.yaml
@@ -0,0 +1,16 @@
+apiVersion: v1
+kind: Service
+metadata:
+  creationTimestamp: null
+  labels:
+    control-plane: controller-manager
+  name: oracle-database-operator-controller-manager-metrics-service
+spec:
+  ports:
+  - name: https
+    port: 8443
+    targetPort: https
+  selector:
+    control-plane: controller-manager
+status:
+  loadBalancer: {}
diff --git a/bundle/manifests/oracle-database-operator-metrics-reader_rbac.authorization.k8s.io_v1_clusterrole.yaml b/bundle/manifests/oracle-database-operator-metrics-reader_rbac.authorization.k8s.io_v1_clusterrole.yaml
new file mode 100644
index 00000000..f479f494
--- /dev/null
+++ b/bundle/manifests/oracle-database-operator-metrics-reader_rbac.authorization.k8s.io_v1_clusterrole.yaml
@@ -0,0 +1,10 @@
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRole
+metadata:
+  creationTimestamp: null
+  name: oracle-database-operator-metrics-reader
+rules:
+- nonResourceURLs:
+  - /metrics
+  verbs:
+  - get
diff --git a/bundle/manifests/oracle-database-operator-webhook-service_v1_service.yaml b/bundle/manifests/oracle-database-operator-webhook-service_v1_service.yaml
new file mode 100644
index 00000000..53f17480
--- /dev/null
+++ b/bundle/manifests/oracle-database-operator-webhook-service_v1_service.yaml
@@ -0,0 +1,14 @@
+apiVersion: v1
+kind: Service
+metadata:
+  creationTimestamp: null
+  name: oracle-database-operator-webhook-service
+spec:
+  ports:
+  - port: 443
+    protocol: TCP
+    targetPort: 9443
+  selector:
+    control-plane: controller-manager
+status:
+  loadBalancer: {}
diff --git a/bundle/manifests/oracle-database-operator.clusterserviceversion.yaml b/bundle/manifests/oracle-database-operator.clusterserviceversion.yaml
new file mode 100644
index 00000000..b6299ff7
--- /dev/null
+++ b/bundle/manifests/oracle-database-operator.clusterserviceversion.yaml
@@ -0,0 +1,1442 @@
+apiVersion: operators.coreos.com/v1alpha1
+kind: ClusterServiceVersion
+metadata:
+  annotations:
+    alm-examples: |-
+      [
+        {
+          "apiVersion": "database.oracle.com/v1alpha1",
+          "kind": "CDB",
+          "metadata": {
+            "name": "cdb-dev",
+            "namespace": "oracle-database-operator-system"
+          },
+          "spec": {
+            "cdbAdminPwd": {
+              "secret": {
+                "key": "cdbadmin_pwd",
+                "secretName": "cdb1-secret"
+              }
+            },
+            "cdbAdminUser": {
+              "secret": {
+                "key": "cdbadmin_user",
+                "secretName": "cdb1-secret"
+              }
+            },
+            "cdbName": "devcdb",
+            "dbPort": 1521,
+            "dbServer": "172.17.0.4",
+            "ordsImage": "",
+            "ordsImagePullPolicy": "Always",
+            "ordsPwd": {
+              "secret": {
+                "key": "ords_pwd",
+                "secretName": "cdb1-secret"
+              }
+            },
+            "replicas": 1,
+            "serviceName": "devdb.example.com",
+            "sysAdminPwd": {
+              "secret": {
+                "key": "sysadmin_pwd",
+                "secretName": "cdb1-secret"
+              }
+            },
+            "webServerPwd": {
+              "secret": {
+                "key": "webserver_pwd",
+                "secretName": "cdb1-secret"
+              }
+            },
+            "webServerUser": {
+              "secret": {
+                "key": "webserver_user",
+                "secretName": "cdb1-secret"
+              }
+            }
+          }
+        },
+        {
+          "apiVersion": "database.oracle.com/v1alpha1",
+          "kind": "DbcsSystem",
+          "metadata": {
+            "name": "dbcssystem-sample"
+          },
+          "spec": {
+            "foo": "bar"
+          }
+        },
+        {
+          "apiVersion": "database.oracle.com/v1alpha1",
+          "kind": "PDB",
+          "metadata": {
+            "labels": {
+              "cdb": "cdb-dev"
+            },
+            "name": "pdb1",
+            "namespace": "oracle-database-operator-system"
+          },
+          "spec": {
+            "action": "Create",
+            "adminName": {
+              "secret": {
+                "key": "sysadmin_user",
+                "secretName": "pdb1-secret"
+              }
+            },
+            "adminPwd": {
+              "secret": {
+                "key": "sysadmin_pwd",
+                "secretName": "pdb1-secret"
+              }
+            },
+            "cdbName": "devcdb",
+            "cdbResName": "cdb-dev",
+            "fileNameConversions": "NONE",
+            "pdbName": "pdbdev",
+            "tempSize": "100M",
+            "totalSize": "1G"
+          }
+        },
+        {
+          "apiVersion": "database.oracle.com/v4",
+          "kind": "AutonomousContainerDatabase",
+          "metadata": {
+            "name": "autonomouscontainerdatabase-sample"
+          },
+          "spec": {
+            "autonomousExadataVMClusterOCID": "ocid1.autonomousexainfrastructure...",
+            "compartmentOCID": "ocid1.compartment... OR ocid1.tenancy...",
+            "displayName": "newACD",
+            "ociConfig": {
+              "configMapName": "oci-cred",
+              "secretName": "oci-privatekey"
+            }
+          }
+        },
+        {
+          "apiVersion": "database.oracle.com/v4",
+          "kind": "AutonomousDatabase",
+          "metadata": {
+            "name": "autonomousdatabase-sample"
+          },
+          "spec": {
+            "action": "Create",
+            "details": {
+              "adminPassword": {
+                "k8sSecret": {
+                  "name": "admin-password"
+                }
+              },
+              "compartmentId": "ocid1.compartment... OR ocid1.tenancy...",
+              "cpuCoreCount": 1,
+              "dataStorageSizeInTBs": 1,
+              "dbName": "NewADB",
+              "displayName": "NewADB"
+            },
+            "ociConfig": {
+              "configMapName": "oci-cred",
+              "secretName": "oci-privatekey"
+            }
+          }
+        },
+        {
+          "apiVersion": "database.oracle.com/v4",
+          "kind": "AutonomousDatabaseBackup",
+          "metadata": {
+            "name": "autonomousdatabasebackup-sample"
+          },
+          "spec": {
+            "displayName": "autonomousdatabasebackup-sample",
+            "isLongTermBackup": true,
+            "ociConfig": {
+              "configMapName": "oci-cred",
+              "secretName": "oci-privatekey"
+            },
+            "retentionPeriodInDays": 90,
+            "target": {
+              "k8sADB": {
+                "name": "autonomousdatabase-sample"
+              }
+            }
+          }
+        },
+        {
+          "apiVersion": "database.oracle.com/v4",
+          "kind": "SingleInstanceDatabase",
+          "metadata": {
+            "name": "sidb-sample",
+            "namespace": "default"
+          },
+          "spec": {
+            "adminPassword": {
+              "secretName": "db-admin-secret"
+            },
+            "archiveLog": true,
+            "charset": "AL32UTF8",
+            "edition": "enterprise",
+            "image": {
+              "pullFrom": "container-registry.oracle.com/database/enterprise_ru:19",
+              "pullSecrets": "oracle-container-registry-secret"
+            },
+            "pdbName": "orclpdb1",
+            "persistence": {
+              "accessMode": "ReadWriteOnce",
+              "size": "100Gi",
+              "storageClass": "oci-bv"
+            },
+            "replicas": 1,
+            "sid": "ORCL1"
+          }
+        },
+        {
+          "apiVersion": "observability.oracle.com/v1alpha1",
+          "kind": "DatabaseObserver",
+          "metadata": {
+            "name": "obs-sample"
+          },
+          "spec": {
+            "database": {
+              "dbConnectionString": {
+                "key": "connection",
+                "secret": "db-secret"
+              },
+              "dbPassword": {
+                "key": "password",
+                "secret": "db-secret"
+              },
+              "dbUser": {
+                "key": "username",
+                "secret": "db-secret"
+              },
+              "dbWallet": {
+                "secret": "instance-wallet"
+              }
+            },
+            "exporter": {
+              "configuration": {
+                "configmap": {
+                  "configmapName": "devcm-oradevdb-config",
+                  "key": "config.toml"
+                }
+              },
+              "image": "container-registry.oracle.com/database/observability-exporter:latest",
+              "service": {
+                "port": 9161
+              }
+            },
+            "ociConfig": {
+              "configMapName": "oci-cred",
+              "secretName": "oci-privatekey"
+            },
+            "prometheus": {
+              "labels": {
+                "app": "app-sample-label"
+              },
+              "port": "metrics"
+            },
+            "replicas": 1
+          }
+        }
+      ]
+    capabilities: Seamless Upgrades
+    categories: Database
+    containerImage: container-registry.oracle.com/database/operator:1.2.0
+    createdAt: "2025-04-10T20:09:48Z"
+    operators.operatorframework.io/builder: operator-sdk-v1.39.2
+    operators.operatorframework.io/project_layout: go.kubebuilder.io/v4
+  name: oracle-database-operator.v2.0
+  namespace: oracle-database-operator-system
+spec:
+  apiservicedefinitions: {}
+  customresourcedefinitions:
+    owned:
+    - description: AutonomousContainerDatabase is the Schema for the autonomouscontainerdatabases
+        API
+      displayName: Autonomous Container Database
+      kind: AutonomousContainerDatabase
+      name: autonomouscontainerdatabases.database.oracle.com
+      version: v1alpha1
+    - description: AutonomousContainerDatabase is the Schema for the autonomouscontainerdatabases
+        API
+      displayName: Autonomous Container Database
+      kind: AutonomousContainerDatabase
+      name: autonomouscontainerdatabases.database.oracle.com
+      version: v4
+    - description: AutonomousDatabaseBackup is the Schema for the autonomousdatabasebackups
+        API
+      displayName: Autonomous Database Backup
+      kind: AutonomousDatabaseBackup
+      name: autonomousdatabasebackups.database.oracle.com
+      version: v1alpha1
+    - description: AutonomousDatabaseBackup is the Schema for the autonomousdatabasebackups
+        API
+      displayName: Autonomous Database Backup
+      kind: AutonomousDatabaseBackup
+      name: autonomousdatabasebackups.database.oracle.com
+      version: v4
+    - description: AutonomousDatabaseRestore is the Schema for the autonomousdatabaserestores
+        API
+      displayName: Autonomous Database Restore
+      kind: AutonomousDatabaseRestore
+      name: autonomousdatabaserestores.database.oracle.com
+      version: v1alpha1
+    - description: AutonomousDatabaseRestore is the Schema for the autonomousdatabaserestores
+        API
+      displayName: Autonomous Database Restore
+      kind: AutonomousDatabaseRestore
+      name: autonomousdatabaserestores.database.oracle.com
+      version: v4
+    - description: AutonomousDatabase is the Schema for the autonomousdatabases API
+      displayName: Autonomous Database
+      kind: AutonomousDatabase
+      name: autonomousdatabases.database.oracle.com
+      version: v1alpha1
+    - description: AutonomousDatabase is the Schema for the autonomousdatabases API
+      displayName: Autonomous Database
+      kind: AutonomousDatabase
+      name: autonomousdatabases.database.oracle.com
+      version: v4
+    - description: CDB is the Schema for the cdbs API
+      displayName: CDB
+      kind: CDB
+      name: cdbs.database.oracle.com
+      version: v1alpha1
+    - description: CDB is the Schema for the cdbs API
+      displayName: CDB
+      kind: CDB
+      name: cdbs.database.oracle.com
+      version: v4
+    - description: DatabaseObserver is the Schema for the databaseobservers API
+      displayName: Database Observer
+      kind: DatabaseObserver
+      name: databaseobservers.observability.oracle.com
+      version: v1
+    - description: DatabaseObserver is the Schema for the databaseobservers API
+      displayName: Database Observer
+      kind: DatabaseObserver
+      name: databaseobservers.observability.oracle.com
+      version: v1alpha1
+    - description: DatabaseObserver is the Schema for the databaseobservers API
+      displayName: Database Observer
+      kind: DatabaseObserver
+      name: databaseobservers.observability.oracle.com
+      version: v4
+    - description: DataguardBroker is the Schema for the dataguardbrokers API
+      displayName: Dataguard Broker
+      kind: DataguardBroker
+      name: dataguardbrokers.database.oracle.com
+      version: v1alpha1
+    - description: DataguardBroker is the Schema for the dataguardbrokers API
+      displayName: Dataguard Broker
+      kind: DataguardBroker
+      name: dataguardbrokers.database.oracle.com
+      version: v4
+    - description: DbcsSystem is the Schema for the dbcssystems API
+      displayName: Dbcs System
+      kind: DbcsSystem
+      name: dbcssystems.database.oracle.com
+      version: v1alpha1
+    - description: DbcsSystem is the Schema for the dbcssystems API
+      displayName: Dbcs System
+      kind: DbcsSystem
+      name: dbcssystems.database.oracle.com
+      version: v4
+    - description: LREST is the Schema for the lrests API
+      displayName: LREST
+      kind: LREST
+      name: lrests.database.oracle.com
+      version: v4
+    - description: LRPDB is the Schema for the pdbs API
+      displayName: LRPDB
+      kind: LRPDB
+      name: lrpdbs.database.oracle.com
+      version: v4
+    - description: OracleRestDataService is the Schema for the oraclerestdataservices
+        API
+      displayName: Oracle Rest Data Service
+      kind: OracleRestDataService
+      name: oraclerestdataservices.database.oracle.com
+      version: v1alpha1
+    - description: OracleRestDataService is the Schema for the oraclerestdataservices
+        API
+      displayName: Oracle Rest Data Service
+      kind: OracleRestDataService
+      name: oraclerestdataservices.database.oracle.com
+      version: v4
+    - description: OrdsSrvs is the Schema for the ordssrvs API
+      displayName: Ords Srvs
+      kind: OrdsSrvs
+      name: ordssrvs.database.oracle.com
+      statusDescriptors:
+      - displayName: Conditions
+        path: conditions
+      version: v4
+    - description: PDB is the Schema for the pdbs API
+      displayName: PDB
+      kind: PDB
+      name: pdbs.database.oracle.com
+      version: v1alpha1
+    - description: PDB is the Schema for the pdbs API
+      displayName: PDB
+      kind: PDB
+      name: pdbs.database.oracle.com
+      version: v4
+    - description: ShardingDatabase is the Schema for the shardingdatabases API
+      displayName: Sharding Database
+      kind: ShardingDatabase
+      name: shardingdatabases.database.oracle.com
+      version: v1alpha1
+    - description: ShardingDatabase is the Schema for the shardingdatabases API
+      displayName: Sharding Database
+      kind: ShardingDatabase
+      name: shardingdatabases.database.oracle.com
+      version: v4
+    - description: SingleInstanceDatabase is the Schema for the singleinstancedatabases
+        API
+      displayName: Single Instance Database
+      kind: SingleInstanceDatabase
+      name: singleinstancedatabases.database.oracle.com
+      version: v1alpha1
+    - description: SingleInstanceDatabase is the Schema for the singleinstancedatabases
+        API
+      displayName: Single Instance Database
+      kind: SingleInstanceDatabase
+      name: singleinstancedatabases.database.oracle.com
+      version: v4
+  description: |
+    As part of Oracle's resolution to make Oracle Database Kubernetes native (that is, observable and operable by Kubernetes), Oracle released Oracle Database Operator for Kubernetes (OraOperator or the operator). OraOperator extends the Kubernetes API with custom resources and controllers for automating Oracle Database lifecycle management.
+    In this v1.2.0 production release, OraOperator supports the following database configurations and infrastructure:
+    ##Supported Database Configurations:
+    * Oracle Cloud Infrastructure (OCI) Databases
+      * Oracle Autonomous Database Serverless (ADB-S)
+      * Oracle Autonomous Database on Dedicated on (ADB-D)
+      * Oracle Base Database Cloud Service (Base DB)
+    * Containerized Database deployments on Kubernetes
+      * Oracle Kubernetes Engine (OKE) and Oracle Cloud Native Environments (OCNE)
+        * Single Instance databases (SIDB)
+        * Globally Distributed Databases (Shared)
+        * Oracle Data Guard
+        * True Cache (Preview release)
+        * Oracle Database Observability
+    * On-Premises Databases
+      * Oracle Multitenant Databases (CDB/PDBs management)
+      * ORDS Services
+
+    Refer to full feature list and capabilities: [https://github.com/oracle/oracle-database-operator/blob/main/README.md](https://github.com/oracle/oracle-database-operator/blob/main/README.md)
+  displayName: Oracle Database Operator
+  icon:
+  - base64data: iVBORw0KGgoAAAANSUhEUgAAALQAAAC0CAYAAAA9zQYyAAAABGdBTUEAALGPC/xhBQAAACBjSFJNAAB6JgAAgIQAAPoAAACA6AAAdTAAAOpgAAA6mAAAF3CculE8AAAABmJLR0QAAAAAAAD5Q7t/AAAJjUlEQVR42u3cfcwcRQHH8S9PH0BokZfCVBgpOgjyFjRoQIQQkLeA0PLWqgQMFDVgja9AChIKKCEKSgQEQVsQJGKxtNCAvAi2vJiCqAQMUpQRMKM4vFiCQEUo/jH7kOt19m7vbveK8fdJLukzMzuzczc7OzszWxAREREREREREREREREREREREREREREREREREREREREREREREREREREREREREREREREREREREREREREREREREREREREREREREREREREREREREREREREREREREREREREREREREREREREREREREZH/X2tVSRStmwi8B5gErN1nWS8DAVhmgl9ZsdwpVc+xoteKc/iTCf7VujKN1o0A+xef5cDPTfCP1XjeY+VsAWwFTATGDZjdPSb4F6J1U9sjTPA31n3uXeq1MfBe4F30376ADo0lWjcBOAa4EHhHzXW4FzgDuNsE/2aHc3gJmFBz2WMuBc4ywT87SCbRunWAB4APtEV92gR/zaAnGa2bBJwInFVz/SeY4F+O1q32/Zvg6+xEyuq1PnA08F1gg7ryHSkpbDrwEnAZ9TdmgD2BxcDj0bptG8i/is8DMVq394D5zGb1xgxwdbRum34zjdaNi9adAjxD/Y15PxP8yzXn2UvdDiPdsX9IjY0ZOHOVKzFaNw64Apgx5DoelrvNNdxDt9rDBP/rXg+K1u0EPNIhyWPADp3uQiX5bggsIX+hDOp6E/z0lrKG1kMXQ7OLgJkNZL8SWO+tHjpatxbwM4bfmAEWRuuOWAPljrmvGGJVVlz8d3ZJth1wXI/5jgeW0UxjhnRnGrqifV1FM40ZYDcT/GujLQGnAUd2OGAu6Qd8oY/CxgGTgWOB3UvSzI/W7WiCf7RLXgcNUOnJwOUlcScCF/SQ10mAqZBubrTuVhP837sljNZB6lQmdUh2AbCUdMvu1Ssm+Of6OK4OXyb9/mV+DNxOf+0LE/yDUDwURuu2A/5YknYWcLEJ/pU6ahWt2wq4FtgjE/08YMZmQUqGHHua4O8boPx1gNuAvTPRI1WGB0UdnsxEPQzsnAm/HTjQBN8t36nAwpLoTwDzTfBv9Fv3kjIbH3JE6xzwREn0bOA7dY3px4Ycl5bEH2CC/1ZdjRnABP8UsBfwg0z0RODgusoqKf810uxNzsbdjm/pRXOOIP1A7Q4ADu2S7yjljXl7E/y8uhvzEF1YEj7FBH9OnQ+oI9G6zYF9MnEzTfB3NFG7ogf+ApDrsr7XRJlt/lYSvmGFY6cDu2XCZ5ngnwC+XXLcTcXDXpmyodheTcxpD0u0bjNgSibqZBP8orrLGyH1HjlXNFnRorc5KhPlioWcJo2WhL/e6aBo3abke+eVFL2QCX4F+eEMpDnXMsdnwu4ywd/T8HfRtLLv4pImChsFDsmEn2aCf73XzPrwUEn4+4Gep9F68LGS8G4PTN8vCf9oMZQBwAS/JFp3PTCtLd2MaN3ckmeAXIP+ZoPfwbCUDSFXFMO3Om03QlrkaLd4GDUtHsByPd7WTZUZrdsLuDUTdX+n5fBo3b6k4Ua7K0zw92fCy6an7o3WVV2seqRiurez3QfPopI5Jvhlo+SniPqaOunT05mwjmPZaN2WwKPAmy0fOvw99u/NOmR7aofyxgO/7OU4E/yz0brjSHOv7c4oPt3U9jC+Bk0aPItKvgZpDJ27zVZ5OKrLFpmwlzodYIL/K2k+egPgncX5bghsRJqp2KT4TAQ2LT6dGvONJvi7O8R/oyR8qgn+xQ7HXUP+wffrxSpjN+v195W+rQxj3vuQsd9hhDRJ326P3vLrTzGGOjoT9Zdux5rg7yWtxA3qsZJzGDvHXYCvZKIWAzd1OceVlE/X3VmsNnayfQ31W9MeaDj/W0zwN4/9MQosYvUv/YJo3UVVt3kOYAfyO/4qTVOZ4JcVu9EeAjbvo/xLSNNH/85FRuvWBsp67guBKRUfbM4jrcSucvqk1caxp/3rgE+2pfkqaWfi/7JfkO8w1m5i4mGUtGrWbhzwKdKKXiOKtf0rM1HPAbFqPib4GK17H2lRYv8Kh7xIWkj6kQned0n7JWB8JnwmaSfiFgzm4mjdomKxaQ6rN+jDo3UfMsH/dsBy1qSy/S4zaGBqeMQE/zTwu0zcT6J1u/WaYRVFr3YOsGsmema3JeJ2xUrmQcDFHZKdU9R3IxP86d0ac7Rua+D8XBRpP0iVi6eKecXFXXYneDBaN7mmsoau2MOyJBN1eTHjVKuxpe/PlMQvjdadUGGsV1mxcjSP8qf8Bf3ka4J/wwT/RdImmJwzSbv6uj5oFQ1sYUn0fkVZjwJn1/CV7ApM77Ik/1S0rq4LaE0o2+G3JFp3UjG0q8Vb49do3fnAyR3SngvcQ3rFqFfjAEtaaJjWId2uJvjftJxTX5uTonWHAzeURQMf7LT7LVp3LHB1Jup8E/ypLenWBVb08X3kbEbanLWU/J0L0uzP2aQ76qBTeq+a4B/ObU4CPlJTnVodTOpUypxH6smXD1JIa4MeBX5FfqFlGGaY4FcZUw+y264YLi3tkGQXE/zvM8dNIr0lkjO+faNWtG5n0sXai1syYfNN8EdF6zYhNeymHWmCv6GkQdftKtIo4GbgwCYLan9jZV1gPvDxIVSy1fEm+KvaAwfdPlqMg//cIcnhJviFbccsIr8dYD8TfLcN/ZVE6y4HPpeJOsAEf0dxUf2BNH/ehMXAPiZ4htSgNzbBLy+27l5Lfg9PLVZ5p7CYvjqU4b3V8B/gw7nGXIdi99umlO/FXRCtmzU29RatO4h8Y15QV2MuzCoJvz1aN8EE/w9gS3p74aAXx/T64D2AKSb45fDW1t1plD+zDWrf1V6SNcG/aYK/jDSmm917npU8Tdo7vH7TU1Im+OeBnShfBDkP+Gm0bgPyQwFIb7PUeU7/pHwx59wizQoT/CmAI793vF+fNcGHlr+P7zun7m4jrXO01h0T/BzSKu7pNZZ1nQn+rqr/L8dkYFvSvGu/T6T/Ap4CHjfBV9orEq07IRN8pwn+yV4LL17Q7PTj3UV+F95zTfw/FcVMSvb9zeIHz53/1sA2pEWZfmeermxfMIvW7Uh6EB3pL8tSN5vgn+mWqNibsw3wbvpvXwuqtisREREREREREREREREREREREREREREREREREREREREREREREREREREREREREREREREREREREREREREREREREREREREREREREREREREREREREREREREREREREREREREREREREREREREREREREWnxX2ox1/vZSvwPAAAAJXRFWHRkYXRlOmNyZWF0ZQAyMDI0LTA4LTEzVDE5OjUyOjMxKzAwOjAwsDIMcAAAACV0RVh0ZGF0ZTptb2RpZnkAMjAyNC0wOC0xM1QxOTo1MjozMSswMDowMMFvtMwAAABVdEVYdHN2Zzpjb21tZW50ACBVcGxvYWRlZCB0bzogU1ZHIFJlcG8sIHd3dy5zdmdyZXBvLmNvbSwgR2VuZXJhdG9yOiBTVkcgUmVwbyBNaXhlciBUb29scyBFB1wTAAAAAElFTkSuQmCC
+    mediatype: image/png
+  install:
+    spec:
+      clusterPermissions:
+      - rules:
+        - apiGroups:
+          - authentication.k8s.io
+          resources:
+          - tokenreviews
+          verbs:
+          - create
+        - apiGroups:
+          - authorization.k8s.io
+          resources:
+          - subjectaccessreviews
+          verbs:
+          - create
+        serviceAccountName: default
+      deployments:
+      - label:
+          control-plane: controller-manager
+        name: oracle-database-operator-controller-manager
+        spec:
+          replicas: 3
+          selector:
+            matchLabels:
+              control-plane: controller-manager
+          strategy: {}
+          template:
+            metadata:
+              labels:
+                control-plane: controller-manager
+            spec:
+              containers:
+              - args:
+                - --enable-leader-election
+                command:
+                - /manager
+                env:
+                - name: WATCH_NAMESPACE
+                  valueFrom:
+                    fieldRef:
+                      fieldPath: metadata.annotations['olm.targetNamespaces']
+                image: container-registry.oracle.com/database/operator:1.2.0
+                imagePullPolicy: Always
+                name: manager
+                ports:
+                - containerPort: 9443
+                  name: webhook-server
+                  protocol: TCP
+                resources:
+                  limits:
+                    cpu: 400m
+                    memory: 400Mi
+                  requests:
+                    cpu: 400m
+                    memory: 400Mi
+                volumeMounts:
+                - mountPath: /tmp/k8s-webhook-server/serving-certs
+                  name: cert
+                  readOnly: true
+              terminationGracePeriodSeconds: 10
+              volumes:
+              - name: cert
+                secret:
+                  defaultMode: 420
+                  secretName: webhook-server-cert
+      permissions:
+      - rules:
+        - apiGroups:
+          - ""
+          resources:
+          - configmaps
+          verbs:
+          - get
+          - list
+          - watch
+          - create
+          - update
+          - patch
+          - delete
+        - apiGroups:
+          - coordination.k8s.io
+          resources:
+          - leases
+          verbs:
+          - get
+          - list
+          - watch
+          - create
+          - update
+          - patch
+          - delete
+        - apiGroups:
+          - ""
+          resources:
+          - configmaps/status
+          verbs:
+          - get
+          - update
+          - patch
+        - apiGroups:
+          - ""
+          resources:
+          - events
+          verbs:
+          - create
+          - patch
+        - apiGroups:
+          - ""
+          resources:
+          - configmaps
+          - containers
+          - deployments
+          - events
+          - namespaces
+          - persistentvolumeclaims
+          - pods
+          - pods/exec
+          - pods/log
+          - replicasets
+          - secrets
+          - services
+          verbs:
+          - create
+          - delete
+          - get
+          - list
+          - patch
+          - update
+          - watch
+        - apiGroups:
+          - ""
+          resources:
+          - configmaps/status
+          - daemonsets/status
+          - deployments/status
+          - services/status
+          - statefulsets/status
+          verbs:
+          - get
+          - patch
+          - update
+        - apiGroups:
+          - ""
+          resources:
+          - persistentvolumes
+          verbs:
+          - get
+          - list
+          - watch
+        - apiGroups:
+          - ""
+          resources:
+          - secrets/status
+          verbs:
+          - get
+        - apiGroups:
+          - ''''''
+          resources:
+          - statefulsets/finalizers
+          verbs:
+          - create
+          - delete
+          - get
+          - list
+          - patch
+          - update
+          - watch
+        - apiGroups:
+          - apps
+          resources:
+          - configmaps
+          verbs:
+          - get
+          - list
+        - apiGroups:
+          - apps
+          resources:
+          - daemonsets
+          - deployments
+          - pods
+          - replicasets
+          - services
+          - statefulsets
+          verbs:
+          - create
+          - delete
+          - get
+          - list
+          - patch
+          - update
+          - watch
+        - apiGroups:
+          - coordination.k8s.io
+          resources:
+          - leases
+          verbs:
+          - create
+          - get
+          - list
+          - update
+        - apiGroups:
+          - database.oracle.com
+          resources:
+          - autonomouscontainerdatabases
+          - autonomousdatabases
+          - cdbs
+          - dataguardbrokers
+          - dbcssystems
+          - events
+          - lrests
+          - lrpdbs
+          - oraclerestdataservices
+          - ordssrvs
+          - pdbs
+          - shardingdatabases
+          - singleinstancedatabases
+          verbs:
+          - create
+          - delete
+          - get
+          - list
+          - patch
+          - update
+          - watch
+        - apiGroups:
+          - database.oracle.com
+          resources:
+          - autonomouscontainerdatabases/status
+          - autonomousdatabasebackups/status
+          - autonomousdatabaserestores/status
+          - cdbs/status
+          - dataguardbrokers/status
+          - dbcssystems/status
+          - lrests/status
+          - lrpdbs/status
+          - oraclerestdataservices/status
+          - ordssrvs/status
+          - pdbs/status
+          - shardingdatabases/status
+          - singleinstancedatabases/status
+          verbs:
+          - get
+          - patch
+          - update
+        - apiGroups:
+          - database.oracle.com
+          resources:
+          - autonomousdatabasebackups
+          - autonomousdatabaserestores
+          verbs:
+          - create
+          - delete
+          - get
+          - list
+          - update
+          - watch
+        - apiGroups:
+          - database.oracle.com
+          resources:
+          - autonomousdatabases/status
+          verbs:
+          - patch
+          - update
+        - apiGroups:
+          - database.oracle.com
+          resources:
+          - cdbs/finalizers
+          - dataguardbrokers/finalizers
+          - lrests/finalizers
+          - oraclerestdataservices/finalizers
+          - ordssrvs/finalizers
+          - singleinstancedatabases/finalizers
+          verbs:
+          - update
+        - apiGroups:
+          - database.oracle.com
+          resources:
+          - dbcssystems/finalizers
+          - lrpdbs/finalizers
+          - pdbs/finalizers
+          - shardingdatabases/finalizers
+          verbs:
+          - create
+          - delete
+          - get
+          - patch
+          - update
+        - apiGroups:
+          - monitoring.coreos.com
+          resources:
+          - servicemonitors
+          verbs:
+          - create
+          - delete
+          - get
+          - list
+          - patch
+          - update
+          - watch
+        - apiGroups:
+          - observability.oracle.com
+          resources:
+          - databaseobservers
+          verbs:
+          - create
+          - delete
+          - get
+          - list
+          - patch
+          - update
+          - watch
+        - apiGroups:
+          - observability.oracle.com
+          resources:
+          - databaseobservers/finalizers
+          verbs:
+          - update
+        - apiGroups:
+          - observability.oracle.com
+          resources:
+          - databaseobservers/status
+          verbs:
+          - get
+          - patch
+          - update
+        - apiGroups:
+          - storage.k8s.io
+          resources:
+          - storageclasses
+          verbs:
+          - get
+          - list
+          - watch
+        serviceAccountName: default
+    strategy: deployment
+  installModes:
+  - supported: false
+    type: OwnNamespace
+  - supported: false
+    type: SingleNamespace
+  - supported: false
+    type: MultiNamespace
+  - supported: true
+    type: AllNamespaces
+  keywords:
+  - Oracle
+  - Database
+  - Operator
+  links:
+  - name: Oracle Database Operator
+    url: https://github.com/oracle/oracle-database-operator
+  maturity: alpha
+  provider:
+    name: Oracle
+  replaces: oracle-database-operator.v1.1.0
+  version: 1.2.0
+  webhookdefinitions:
+  - admissionReviewVersions:
+    - v1alpha1
+    - v1
+    - v4
+    containerPort: 443
+    conversionCRDs:
+    - autonomouscontainerdatabases.database.oracle.com
+    - autonomousdatabasebackups.database.oracle.com
+    - autonomousdatabaserestores.database.oracle.com
+    - autonomousdatabases.database.oracle.com
+    deploymentName: oracle-database-operator-controller-manager
+    generateName: cautonomouscontainerdatabasesautonomousdatabasebackupsautonomousdatabaserestoresautonomousdatabases.kb.io
+    sideEffects: None
+    targetPort: 9443
+    type: ConversionWebhook
+    webhookPath: /convert
+  - admissionReviewVersions:
+    - v1
+    containerPort: 443
+    deploymentName: oracle-database-operator-controller-manager
+    failurePolicy: Fail
+    generateName: mautonomousdatabasebackupv1alpha1.kb.io
+    rules:
+    - apiGroups:
+      - database.oracle.com
+      apiVersions:
+      - v1alpha1
+      operations:
+      - CREATE
+      - UPDATE
+      resources:
+      - autonomousdatabasebackups
+    sideEffects: None
+    targetPort: 9443
+    type: MutatingAdmissionWebhook
+    webhookPath: /mutate-database-oracle-com-v1alpha1-autonomousdatabasebackup
+  - admissionReviewVersions:
+    - v1
+    containerPort: 443
+    deploymentName: oracle-database-operator-controller-manager
+    failurePolicy: Fail
+    generateName: mautonomousdatabasebackupv4.kb.io
+    rules:
+    - apiGroups:
+      - database.oracle.com
+      apiVersions:
+      - v4
+      operations:
+      - CREATE
+      - UPDATE
+      resources:
+      - autonomousdatabasebackups
+    sideEffects: None
+    targetPort: 9443
+    type: MutatingAdmissionWebhook
+    webhookPath: /mutate-database-oracle-com-v4-autonomousdatabasebackup
+  - admissionReviewVersions:
+    - v1
+    - v1beta1
+    containerPort: 443
+    deploymentName: oracle-database-operator-controller-manager
+    failurePolicy: Fail
+    generateName: mcdb.kb.io
+    rules:
+    - apiGroups:
+      - database.oracle.com
+      apiVersions:
+      - v4
+      operations:
+      - CREATE
+      - UPDATE
+      resources:
+      - cdbs
+    sideEffects: None
+    targetPort: 9443
+    type: MutatingAdmissionWebhook
+    webhookPath: /mutate-database-oracle-com-v4-cdb
+  - admissionReviewVersions:
+    - v1
+    containerPort: 443
+    deploymentName: oracle-database-operator-controller-manager
+    failurePolicy: Fail
+    generateName: mdatabaseobserver.kb.io
+    rules:
+    - apiGroups:
+      - observability.oracle.com
+      apiVersions:
+      - v4
+      operations:
+      - CREATE
+      - UPDATE
+      resources:
+      - databaseobservers
+    sideEffects: None
+    targetPort: 9443
+    type: MutatingAdmissionWebhook
+    webhookPath: /mutate-observability-oracle-com-v4-databaseobserver
+  - admissionReviewVersions:
+    - v1
+    - v1beta1
+    containerPort: 443
+    deploymentName: oracle-database-operator-controller-manager
+    failurePolicy: Fail
+    generateName: mdataguardbroker.kb.io
+    rules:
+    - apiGroups:
+      - database.oracle.com
+      apiVersions:
+      - v1alpha1
+      operations:
+      - CREATE
+      - UPDATE
+      resources:
+      - dataguardbrokers
+    sideEffects: None
+    targetPort: 9443
+    type: MutatingAdmissionWebhook
+    webhookPath: /mutate-database-oracle-com-v1alpha1-dataguardbroker
+  - admissionReviewVersions:
+    - v1
+    containerPort: 443
+    deploymentName: oracle-database-operator-controller-manager
+    failurePolicy: Fail
+    generateName: mdbcssystemv1alpha1.kb.io
+    rules:
+    - apiGroups:
+      - database.oracle.com
+      apiVersions:
+      - v4
+      operations:
+      - CREATE
+      - UPDATE
+      resources:
+      - dbcssystems
+    sideEffects: None
+    targetPort: 9443
+    type: MutatingAdmissionWebhook
+    webhookPath: /mutate-database-oracle-com-v4-dbcssystem
+  - admissionReviewVersions:
+    - v1
+    containerPort: 443
+    deploymentName: oracle-database-operator-controller-manager
+    failurePolicy: Fail
+    generateName: mdbcssystemv4.kb.io
+    rules:
+    - apiGroups:
+      - database.oracle.com
+      apiVersions:
+      - v4
+      operations:
+      - CREATE
+      - UPDATE
+      resources:
+      - dbcssystems
+    sideEffects: None
+    targetPort: 9443
+    type: MutatingAdmissionWebhook
+    webhookPath: /mutate-database-oracle-com-v4-dbcssystem
+  - admissionReviewVersions:
+    - v4
+    - v1beta1
+    containerPort: 443
+    deploymentName: oracle-database-operator-controller-manager
+    failurePolicy: Fail
+    generateName: mlrest.kb.io
+    rules:
+    - apiGroups:
+      - database.oracle.com
+      apiVersions:
+      - v4
+      operations:
+      - CREATE
+      - UPDATE
+      resources:
+      - lrests
+    sideEffects: None
+    targetPort: 9443
+    type: MutatingAdmissionWebhook
+    webhookPath: /mutate-database-oracle-com-v4-lrest
+  - admissionReviewVersions:
+    - v4
+    - v1beta1
+    containerPort: 443
+    deploymentName: oracle-database-operator-controller-manager
+    failurePolicy: Fail
+    generateName: mlrpdb.kb.io
+    rules:
+    - apiGroups:
+      - database.oracle.com
+      apiVersions:
+      - v4
+      operations:
+      - CREATE
+      - UPDATE
+      resources:
+      - lrpdbs
+    sideEffects: None
+    targetPort: 9443
+    type: MutatingAdmissionWebhook
+    webhookPath: /mutate-database-oracle-com-v4-lrpdb
+  - admissionReviewVersions:
+    - v1
+    - v1beta1
+    containerPort: 443
+    deploymentName: oracle-database-operator-controller-manager
+    failurePolicy: Fail
+    generateName: moraclerestdataservice.kb.io
+    rules:
+    - apiGroups:
+      - database.oracle.com
+      apiVersions:
+      - v1alpha1
+      operations:
+      - CREATE
+      - UPDATE
+      resources:
+      - oraclerestdataservices
+    sideEffects: None
+    targetPort: 9443
+    type: MutatingAdmissionWebhook
+    webhookPath: /mutate-database-oracle-com-v1alpha1-oraclerestdataservice
+  - admissionReviewVersions:
+    - v1
+    - v1beta1
+    containerPort: 443
+    deploymentName: oracle-database-operator-controller-manager
+    failurePolicy: Fail
+    generateName: mpdb.kb.io
+    rules:
+    - apiGroups:
+      - database.oracle.com
+      apiVersions:
+      - v4
+      operations:
+      - CREATE
+      - UPDATE
+      resources:
+      - pdbs
+    sideEffects: None
+    targetPort: 9443
+    type: MutatingAdmissionWebhook
+    webhookPath: /mutate-database-oracle-com-v4-pdb
+  - admissionReviewVersions:
+    - v1
+    containerPort: 443
+    deploymentName: oracle-database-operator-controller-manager
+    failurePolicy: Fail
+    generateName: mshardingdatabasev1alpha1.kb.io
+    rules:
+    - apiGroups:
+      - database.oracle.com
+      apiVersions:
+      - v1alpha1
+      operations:
+      - CREATE
+      - UPDATE
+      resources:
+      - shardingdatabases
+    sideEffects: None
+    targetPort: 9443
+    type: MutatingAdmissionWebhook
+    webhookPath: /mutate-database-oracle-com-v1alpha1-shardingdatabase
+  - admissionReviewVersions:
+    - v1
+    containerPort: 443
+    deploymentName: oracle-database-operator-controller-manager
+    failurePolicy: Fail
+    generateName: mshardingdatabasev4.kb.io
+    rules:
+    - apiGroups:
+      - database.oracle.com
+      apiVersions:
+      - v4
+      operations:
+      - CREATE
+      - UPDATE
+      resources:
+      - shardingdatabases
+    sideEffects: None
+    targetPort: 9443
+    type: MutatingAdmissionWebhook
+    webhookPath: /mutate-database-oracle-com-v4-shardingdatabase
+  - admissionReviewVersions:
+    - v1
+    - v1beta1
+    containerPort: 443
+    deploymentName: oracle-database-operator-controller-manager
+    failurePolicy: Fail
+    generateName: msingleinstancedatabase.kb.io
+    rules:
+    - apiGroups:
+      - database.oracle.com
+      apiVersions:
+      - v1alpha1
+      operations:
+      - CREATE
+      - UPDATE
+      resources:
+      - singleinstancedatabases
+    sideEffects: None
+    targetPort: 9443
+    type: MutatingAdmissionWebhook
+    webhookPath: /mutate-database-oracle-com-v1alpha1-singleinstancedatabase
+  - admissionReviewVersions:
+    - v1
+    containerPort: 443
+    deploymentName: oracle-database-operator-controller-manager
+    failurePolicy: Fail
+    generateName: vautonomouscontainerdatabasev1alpha1.kb.io
+    rules:
+    - apiGroups:
+      - database.oracle.com
+      apiVersions:
+      - v1alpha1
+      operations:
+      - CREATE
+      - UPDATE
+      resources:
+      - autonomouscontainerdatabases
+    sideEffects: None
+    targetPort: 9443
+    type: ValidatingAdmissionWebhook
+    webhookPath: /validate-database-oracle-com-v1alpha1-autonomouscontainerdatabase
+  - admissionReviewVersions:
+    - v1
+    containerPort: 443
+    deploymentName: oracle-database-operator-controller-manager
+    failurePolicy: Fail
+    generateName: vautonomouscontainerdatabasev4.kb.io
+    rules:
+    - apiGroups:
+      - database.oracle.com
+      apiVersions:
+      - v4
+      operations:
+      - CREATE
+      - UPDATE
+      resources:
+      - autonomouscontainerdatabases
+    sideEffects: None
+    targetPort: 9443
+    type: ValidatingAdmissionWebhook
+    webhookPath: /validate-database-oracle-com-v4-autonomouscontainerdatabase
+  - admissionReviewVersions:
+    - v1
+    containerPort: 443
+    deploymentName: oracle-database-operator-controller-manager
+    failurePolicy: Fail
+    generateName: vautonomousdatabasebackupv1alpha1.kb.io
+    rules:
+    - apiGroups:
+      - database.oracle.com
+      apiVersions:
+      - v1alpha1
+      operations:
+      - CREATE
+      - UPDATE
+      resources:
+      - autonomousdatabasebackups
+    sideEffects: None
+    targetPort: 9443
+    type: ValidatingAdmissionWebhook
+    webhookPath: /validate-database-oracle-com-v1alpha1-autonomousdatabasebackup
+  - admissionReviewVersions:
+    - v1
+    containerPort: 443
+    deploymentName: oracle-database-operator-controller-manager
+    failurePolicy: Fail
+    generateName: vautonomousdatabasebackupv4.kb.io
+    rules:
+    - apiGroups:
+      - database.oracle.com
+      apiVersions:
+      - v4
+      operations:
+      - CREATE
+      - UPDATE
+      resources:
+      - autonomousdatabasebackups
+    sideEffects: None
+    targetPort: 9443
+    type: ValidatingAdmissionWebhook
+    webhookPath: /validate-database-oracle-com-v4-autonomousdatabasebackup
+  - admissionReviewVersions:
+    - v1
+    containerPort: 443
+    deploymentName: oracle-database-operator-controller-manager
+    failurePolicy: Fail
+    generateName: vautonomousdatabaserestorev1alpha1.kb.io
+    rules:
+    - apiGroups:
+      - database.oracle.com
+      apiVersions:
+      - v1alpha1
+      operations:
+      - CREATE
+      - UPDATE
+      resources:
+      - autonomousdatabaserestores
+    sideEffects: None
+    targetPort: 9443
+    type: ValidatingAdmissionWebhook
+    webhookPath: /validate-database-oracle-com-v1alpha1-autonomousdatabaserestore
+  - admissionReviewVersions:
+    - v1
+    containerPort: 443
+    deploymentName: oracle-database-operator-controller-manager
+    failurePolicy: Fail
+    generateName: vautonomousdatabaserestorev4.kb.io
+    rules:
+    - apiGroups:
+      - database.oracle.com
+      apiVersions:
+      - v4
+      operations:
+      - CREATE
+      - UPDATE
+      resources:
+      - autonomousdatabaserestores
+    sideEffects: None
+    targetPort: 9443
+    type: ValidatingAdmissionWebhook
+    webhookPath: /validate-database-oracle-com-v4-autonomousdatabaserestore
+  - admissionReviewVersions:
+    - v1
+    containerPort: 443
+    deploymentName: oracle-database-operator-controller-manager
+    failurePolicy: Fail
+    generateName: vautonomousdatabasev1alpha1.kb.io
+    rules:
+    - apiGroups:
+      - database.oracle.com
+      apiVersions:
+      - v1alpha1
+      operations:
+      - CREATE
+      - UPDATE
+      resources:
+      - autonomousdatabases
+    sideEffects: None
+    targetPort: 9443
+    type: ValidatingAdmissionWebhook
+    webhookPath: /validate-database-oracle-com-v1alpha1-autonomousdatabase
+  - admissionReviewVersions:
+    - v1
+    - v1beta1
+    containerPort: 443
+    deploymentName: oracle-database-operator-controller-manager
+    failurePolicy: Fail
+    generateName: vcdb.kb.io
+    rules:
+    - apiGroups:
+      - database.oracle.com
+      apiVersions:
+      - v4
+      operations:
+      - CREATE
+      - UPDATE
+      resources:
+      - cdbs
+    sideEffects: None
+    targetPort: 9443
+    type: ValidatingAdmissionWebhook
+    webhookPath: /validate-database-oracle-com-v4-cdb
+  - admissionReviewVersions:
+    - v1
+    containerPort: 443
+    deploymentName: oracle-database-operator-controller-manager
+    failurePolicy: Fail
+    generateName: vdatabaseobserver.kb.io
+    rules:
+    - apiGroups:
+      - observability.oracle.com
+      apiVersions:
+      - v4
+      operations:
+      - CREATE
+      - UPDATE
+      resources:
+      - databaseobservers
+    sideEffects: None
+    targetPort: 9443
+    type: ValidatingAdmissionWebhook
+    webhookPath: /validate-observability-oracle-com-v4-databaseobserver
+  - admissionReviewVersions:
+    - v1
+    - v1beta1
+    containerPort: 443
+    deploymentName: oracle-database-operator-controller-manager
+    failurePolicy: Fail
+    generateName: vdataguardbroker.kb.io
+    rules:
+    - apiGroups:
+      - database.oracle.com
+      apiVersions:
+      - v1alpha1
+      operations:
+      - CREATE
+      - UPDATE
+      resources:
+      - dataguardbrokers
+    sideEffects: None
+    targetPort: 9443
+    type: ValidatingAdmissionWebhook
+    webhookPath: /validate-database-oracle-com-v1alpha1-dataguardbroker
+  - admissionReviewVersions:
+    - v4
+    - v1beta1
+    containerPort: 443
+    deploymentName: oracle-database-operator-controller-manager
+    failurePolicy: Fail
+    generateName: vlrest.kb.io
+    rules:
+    - apiGroups:
+      - database.oracle.com
+      apiVersions:
+      - v4
+      operations:
+      - CREATE
+      - UPDATE
+      resources:
+      - lrests
+    sideEffects: None
+    targetPort: 9443
+    type: ValidatingAdmissionWebhook
+    webhookPath: /validate-database-oracle-com-v4-lrest
+  - admissionReviewVersions:
+    - v4
+    - v1beta1
+    containerPort: 443
+    deploymentName: oracle-database-operator-controller-manager
+    failurePolicy: Fail
+    generateName: vlrpdb.kb.io
+    rules:
+    - apiGroups:
+      - database.oracle.com
+      apiVersions:
+      - v4
+      operations:
+      - CREATE
+      - UPDATE
+      resources:
+      - lrpdbs
+    sideEffects: None
+    targetPort: 9443
+    type: ValidatingAdmissionWebhook
+    webhookPath: /validate-database-oracle-com-v4-lrpdb
+  - admissionReviewVersions:
+    - v1
+    - v1beta1
+    containerPort: 443
+    deploymentName: oracle-database-operator-controller-manager
+    failurePolicy: Fail
+    generateName: voraclerestdataservice.kb.io
+    rules:
+    - apiGroups:
+      - database.oracle.com
+      apiVersions:
+      - v1alpha1
+      operations:
+      - CREATE
+      - UPDATE
+      resources:
+      - oraclerestdataservices
+    sideEffects: None
+    targetPort: 9443
+    type: ValidatingAdmissionWebhook
+    webhookPath: /validate-database-oracle-com-v1alpha1-oraclerestdataservice
+  - admissionReviewVersions:
+    - v1
+    - v1beta1
+    containerPort: 443
+    deploymentName: oracle-database-operator-controller-manager
+    failurePolicy: Fail
+    generateName: vpdb.kb.io
+    rules:
+    - apiGroups:
+      - database.oracle.com
+      apiVersions:
+      - v4
+      operations:
+      - CREATE
+      - UPDATE
+      resources:
+      - pdbs
+    sideEffects: None
+    targetPort: 9443
+    type: ValidatingAdmissionWebhook
+    webhookPath: /validate-database-oracle-com-v4-pdb
+  - admissionReviewVersions:
+    - v1
+    containerPort: 443
+    deploymentName: oracle-database-operator-controller-manager
+    failurePolicy: Fail
+    generateName: vshardingdatabasev1alpha1.kb.io
+    rules:
+    - apiGroups:
+      - database.oracle.com
+      apiVersions:
+      - v1alpha1
+      operations:
+      - CREATE
+      - UPDATE
+      - DELETE
+      resources:
+      - shardingdatabases
+    sideEffects: None
+    targetPort: 9443
+    type: ValidatingAdmissionWebhook
+    webhookPath: /validate-database-oracle-com-v1alpha1-shardingdatabase
+  - admissionReviewVersions:
+    - v1
+    containerPort: 443
+    deploymentName: oracle-database-operator-controller-manager
+    failurePolicy: Fail
+    generateName: vshardingdatabasev4.kb.io
+    rules:
+    - apiGroups:
+      - database.oracle.com
+      apiVersions:
+      - v4
+      operations:
+      - CREATE
+      - UPDATE
+      - DELETE
+      resources:
+      - shardingdatabases
+    sideEffects: None
+    targetPort: 9443
+    type: ValidatingAdmissionWebhook
+    webhookPath: /validate-database-oracle-com-v4-shardingdatabase
+  - admissionReviewVersions:
+    - v1
+    - v1beta1
+    containerPort: 443
+    deploymentName: oracle-database-operator-controller-manager
+    failurePolicy: Fail
+    generateName: vsingleinstancedatabase.kb.io
+    rules:
+    - apiGroups:
+      - database.oracle.com
+      apiVersions:
+      - v1alpha1
+      operations:
+      - CREATE
+      - UPDATE
+      - DELETE
+      resources:
+      - singleinstancedatabases
+    sideEffects: None
+    targetPort: 9443
+    type: ValidatingAdmissionWebhook
+    webhookPath: /validate-database-oracle-com-v1alpha1-singleinstancedatabase
diff --git a/bundle/metadata/annotations.yaml b/bundle/metadata/annotations.yaml
new file mode 100644
index 00000000..8a5ae70d
--- /dev/null
+++ b/bundle/metadata/annotations.yaml
@@ -0,0 +1,10 @@
+annotations:
+  # Core bundle annotations.
+  operators.operatorframework.io.bundle.mediatype.v1: registry+v1
+  operators.operatorframework.io.bundle.manifests.v1: manifests/
+  operators.operatorframework.io.bundle.metadata.v1: metadata/
+  operators.operatorframework.io.bundle.package.v1: oracle-database-operator
+  operators.operatorframework.io.bundle.channels.v1: stable
+  operators.operatorframework.io.metrics.builder: operator-sdk-v1.40.0
+  operators.operatorframework.io.metrics.mediatype.v1: metrics+v1
+  operators.operatorframework.io.metrics.project_layout: go.kubebuilder.io/v4
diff --git a/commons/adb_family/utils.go b/commons/adb_family/utils.go
index 591b3130..270e93d1 100644
--- a/commons/adb_family/utils.go
+++ b/commons/adb_family/utils.go
@@ -62,7 +62,7 @@ func VerifyTargetAdb(kubeClient client.Client, target dbv4.TargetSpec, namespace
 
 	} else {
 		// Find the target ADB using the ADB OCID
-		ownerAdb, err = k8s.FetchAutonomousDatabaseWithOCID(kubeClient, namespace, *target.OciAdb.OCID)
+		ownerAdb, err = k8s.FetchAutonomousDatabaseWithOCID(kubeClient, namespace, *target.OciAdb.Id)
 		if err != nil {
 			return nil, err
 		}
diff --git a/commons/dbcssystem/dbcs_reconciler.go b/commons/dbcssystem/dbcs_reconciler.go
index 6c498320..4aa6929b 100644
--- a/commons/dbcssystem/dbcs_reconciler.go
+++ b/commons/dbcssystem/dbcs_reconciler.go
@@ -65,11 +65,13 @@ import (
 )
 
 const (
-	checkInterval = 30 * time.Second
-	timeout       = 15 * time.Minute
+	checkInterval                                                                                        = 30 * time.Second
+	timeout                                                                                              = 15 * time.Minute
+	PatchHistoryEntrySummaryLifecycleStateInProgress database.PatchHistoryEntrySummaryLifecycleStateEnum = "IN_PROGRESS"
+	PatchHistoryEntrySummaryLifecycleStateSucceeded  database.PatchHistoryEntrySummaryLifecycleStateEnum = "SUCCEEDED"
 )
 
-func CreateAndGetDbcsId(logger logr.Logger, kubeClient client.Client, dbClient database.DatabaseClient, dbcs *databasev4.DbcsSystem, nwClient core.VirtualNetworkClient, wrClient workrequests.WorkRequestClient, kmsDetails *databasev4.KMSDetailsStatus) (string, error) {
+func CreateAndGetDbcsId(compartmentId string, logger logr.Logger, kubeClient client.Client, dbClient database.DatabaseClient, dbcs *databasev4.DbcsSystem, nwClient core.VirtualNetworkClient, wrClient workrequests.WorkRequestClient, kmsDetails *databasev4.KMSDetailsStatus) (string, error) {
 
 	ctx := context.TODO()
 	// Check if DBCS system already exists using the displayName
@@ -104,7 +106,7 @@ func CreateAndGetDbcsId(logger logr.Logger, kubeClient client.Client, dbClient d
 	licenceModel := getLicenceModel(dbcs)
 
 	// Get DB Home Details
-	dbHomeReq, err := GetDbHomeDetails(kubeClient, dbClient, dbcs)
+	dbHomeReq, err := GetDbHomeDetails(kubeClient, dbClient, dbcs, "")
 	if err != nil {
 		return "", err
 	}
@@ -160,7 +162,7 @@ func CreateAndGetDbcsId(logger logr.Logger, kubeClient client.Client, dbClient d
 	dbcs.Spec.Id = resp.DbSystem.Id
 
 	// Change the phase to "Provisioning"
-	if statusErr := SetLifecycleState(kubeClient, dbClient, dbcs, databasev4.Provision, nwClient, wrClient); statusErr != nil {
+	if statusErr := SetLifecycleState(compartmentId, kubeClient, dbClient, dbcs, databasev4.Provision, nwClient, wrClient); statusErr != nil {
 		return "", statusErr
 	}
 
@@ -194,7 +196,7 @@ func convertLicenseModel(licenseModel database.DbSystemLicenseModelEnum) (databa
 	}
 }
 
-func CloneAndGetDbcsId(logger logr.Logger, kubeClient client.Client, dbClient database.DatabaseClient, dbcs *databasev4.DbcsSystem, nwClient core.VirtualNetworkClient, wrClient workrequests.WorkRequestClient) (string, error) {
+func CloneAndGetDbcsId(compartmentId string, logger logr.Logger, kubeClient client.Client, dbClient database.DatabaseClient, dbcs *databasev4.DbcsSystem, nwClient core.VirtualNetworkClient, wrClient workrequests.WorkRequestClient) (string, error) {
 	ctx := context.TODO()
 	var err error
 	dbAdminPassword := ""
@@ -229,6 +231,10 @@ func CloneAndGetDbcsId(logger logr.Logger, kubeClient client.Client, dbClient da
 	if err != nil {
 		return "", err
 	}
+
+	if compartmentId == "" {
+		compartmentId = *existingDbSystem.CompartmentId
+	}
 	logger.Info("Retrieved existing Db System Details from OCI using Spec.Id")
 
 	// // Create the clone request payload
@@ -297,7 +303,7 @@ func CloneAndGetDbcsId(logger logr.Logger, kubeClient client.Client, dbClient da
 	dbcs.Status.DbCloneStatus.Id = response.DbSystem.Id
 
 	// Change the phase to "Provisioning"
-	if statusErr := SetLifecycleState(kubeClient, dbClient, dbcs, databasev4.Provision, nwClient, wrClient); statusErr != nil {
+	if statusErr := SetLifecycleState(compartmentId, kubeClient, dbClient, dbcs, databasev4.Provision, nwClient, wrClient); statusErr != nil {
 		return "", statusErr
 	}
 
@@ -310,9 +316,429 @@ func CloneAndGetDbcsId(logger logr.Logger, kubeClient client.Client, dbClient da
 	return *response.DbSystem.Id, nil
 	// return "", nil
 }
+func PatchDBSystem(
+	ctx context.Context,
+	compartmentId string,
+	logger logr.Logger,
+	kubeClient client.Client,
+	dbClient database.DatabaseClient,
+	dbcs *databasev4.DbcsSystem,
+	nwClient core.VirtualNetworkClient,
+	wrClient workrequests.WorkRequestClient,
+	dbHomeId, patchId string) error {
+
+	dbSystemId := dbcs.Spec.Id
+	// Check if patch is already applied or in progress then return
+	historyResp, err := dbClient.ListDbSystemPatchHistoryEntries(ctx, database.ListDbSystemPatchHistoryEntriesRequest{
+		DbSystemId: dbSystemId,
+	})
+	if err != nil {
+		logger.Error(err, "Failed to get patch history entries", "DBSystemID", dbSystemId)
+		return fmt.Errorf("failed to get patch history entries: %w", err)
+	}
+
+	for _, entry := range historyResp.Items {
+		if entry.PatchId != nil && *entry.PatchId == patchId {
+			if entry.LifecycleState == database.PatchHistoryEntrySummaryLifecycleStateSucceeded {
+				logger.Info("Patch already applied, skipping", "PatchID", patchId)
+				return nil
+			}
+			if entry.LifecycleState == database.PatchHistoryEntrySummaryLifecycleStateInProgress {
+				logger.Info("Patch in progress, waiting until it completes", "PatchID", patchId)
+				// Change the phase to "Provisioning"
+				if statusErr := SetLifecycleState(compartmentId, kubeClient, dbClient, dbcs, databasev4.Update, nwClient, wrClient); statusErr != nil {
+					logger.Error(statusErr, "Failed to update lifecycle state to Provisioning")
+					return statusErr
+				}
+				// Wait for the patch to complete
+				return CheckPatchState(ctx, logger, dbClient, dbSystemId, patchId)
+			}
+			if entry.LifecycleState == database.PatchHistoryEntrySummaryLifecycleStateFailed {
+				logger.Error(fmt.Errorf("patch failed"), "Patch failed", "PatchID", patchId)
+				return fmt.Errorf("patch %s failed", patchId)
+			}
+		}
+	}
+
+	logger.Info("Starting patch process for DB System", "DBSystemID", dbSystemId)
+
+	patchesResp, err := dbClient.ListDbSystemPatches(ctx, database.ListDbSystemPatchesRequest{
+		DbSystemId: dbSystemId,
+	})
+
+	if err != nil {
+		logger.Error(err, "Failed to list patches for DB System", "DBSystemID", dbSystemId)
+		return fmt.Errorf("failed to list patches for DB System: %w", err)
+	}
+
+	found := false
+
+	if len(patchesResp.Items) == 0 {
+		logger.Info("No patches available for this DB System", "DBSystemID", dbSystemId)
+	} else {
+		logger.Info("Available patches for DB System", "count", len(patchesResp.Items))
+		for _, patch := range patchesResp.Items {
+			logger.Info("Patch found",
+				"PatchID", *patch.Id,
+				"Description", *patch.Description,
+				"LifecycleState", patch.LifecycleState,
+				"ReleaseDate", patch.TimeReleased.String(),
+			)
+
+			// Check if patchId matches
+			if *patch.Id == patchId {
+				found = true
+			}
+		}
+	}
+
+	if !found {
+		logger.Error(nil, "Patch ID not found in available patches", "PatchID", patchId)
+		return fmt.Errorf("patch ID %s not found in available DB System patches", patchId)
+	}
+
+	updateDetails := database.UpdateDbSystemDetails{
+		Version: &database.PatchDetails{
+			PatchId: common.String(patchId),
+			Action:  database.PatchDetailsActionApply,
+		},
+	}
+
+	updateReq := database.UpdateDbSystemRequest{
+		DbSystemId:            dbSystemId,
+		UpdateDbSystemDetails: updateDetails,
+	}
+
+	updateResp, err := dbClient.UpdateDbSystem(ctx, updateReq)
+	if err != nil {
+		logger.Error(err, "Failed to apply patch to DB System", "PatchID", patchId, "DBSystemID", dbSystemId)
+		return fmt.Errorf("failed to patch DB System: %w", err)
+	}
+
+	logger.Info("Patch applied to DB System", "WorkRequestID", *updateResp.OpcWorkRequestId, "PatchID", patchId)
+
+	// Change the phase to "Provisioning"
+	if statusErr := SetLifecycleState(compartmentId, kubeClient, dbClient, dbcs, databasev4.Update, nwClient, wrClient); statusErr != nil {
+		logger.Error(statusErr, "Failed to update lifecycle state to Provisioning")
+		return statusErr
+	}
+
+	// Check the state
+	_, err = CheckResourceState(logger, dbClient, *updateResp.DbSystem.Id, string(databasev4.Update), string(databasev4.Available))
+	if err != nil {
+		logger.Error(err, "Failed to verify DB System state post patching")
+		return err
+	}
+
+	logger.Info("DB System patching process completed successfully", "DBSystemID", dbSystemId)
+	dbcs.Status.Message = "Patch applied successfully."
+
+	return nil
+}
+
+// CheckPatchState waits for a specific patch to finish applying.
+// It polls the patch history until the patch is SUCCEEDED or FAILED.
+func CheckPatchState(ctx context.Context, logger logr.Logger, dbClient database.DatabaseClient, dbSystemId *string, patchId string) error {
+	// Maximum wait duration: 120 minutes
+	timeout := 240 * time.Minute
+	start := time.Now()
+
+	for {
+		// Timeout guard
+		if time.Since(start) > timeout {
+			msg := fmt.Sprintf("timed out after %v waiting for patch %s to complete", timeout, patchId)
+			logger.Error(fmt.Errorf("timeout"), msg, "DBSystemID", *dbSystemId)
+			return fmt.Errorf(msg)
+		}
+
+		historyResp, err := dbClient.ListDbSystemPatchHistoryEntries(ctx, database.ListDbSystemPatchHistoryEntriesRequest{
+			DbSystemId: dbSystemId,
+		})
+		if err != nil {
+			logger.Error(err, "Failed to get patch history entries", "DBSystemID", *dbSystemId)
+			return fmt.Errorf("failed to get patch history entries: %w", err)
+		}
+
+		var found bool
+		for _, entry := range historyResp.Items {
+			if entry.PatchId != nil && *entry.PatchId == patchId {
+				found = true
+				switch entry.LifecycleState {
+				case database.PatchHistoryEntrySummaryLifecycleStateSucceeded:
+					logger.Info("Patch succeeded", "PatchID", patchId)
+					return nil
+
+				case database.PatchHistoryEntrySummaryLifecycleStateFailed:
+					logger.Error(fmt.Errorf("patch failed"), "Patch failed", "PatchID", patchId)
+					return fmt.Errorf("patch %s failed", patchId)
+
+				case database.PatchHistoryEntrySummaryLifecycleStateInProgress:
+					logger.Info("Patch still in progress, waiting", "PatchID", patchId)
+					time.Sleep(60 * time.Second)
+					continue
+				}
+			}
+		}
+
+		if !found {
+			logger.Info("Patch ID not found in history yet, waiting", "PatchID", patchId)
+			time.Sleep(60 * time.Second)
+			continue
+		}
+	}
+}
+
+func UpgradeDatabaseVersion(
+	ctx context.Context,
+	compartmentId string,
+	logger logr.Logger,
+	kubeClient client.Client,
+	dbClient database.DatabaseClient,
+	dbcs *databasev4.DbcsSystem,
+	nwClient core.VirtualNetworkClient,
+	wrClient workrequests.WorkRequestClient,
+	databaseId, targetVersion string) error {
+	dbSystemId := dbcs.Spec.Id
+	logger.Info("Starting GI upgrade", "DbSystemID", dbSystemId, "TargetGI", targetVersion)
+
+	// Step 1: Get current DB system details
+	getResp, err := dbClient.GetDbSystem(ctx, database.GetDbSystemRequest{
+		DbSystemId: dbSystemId,
+	})
+	if err != nil {
+		logger.Error(err, "Failed to get DB system details", "DbSystemID", dbSystemId)
+		return fmt.Errorf("failed to get DB system: %w", err)
+	}
+	currentGiVersion := getResp.DbSystem.Version
+	logger.Info("Current GI version", "CurrentGI", *currentGiVersion)
+
+	// Step 1: Check current GI version
+	if *currentGiVersion == targetVersion {
+		logger.Info("GI already at target version. Proceeding...")
+		// Do NOT return — continue to DB upgrade
+	} else {
+		// Step 2: Check for ongoing GI upgrade
+		workReqsResp, err := wrClient.ListWorkRequests(ctx, workrequests.ListWorkRequestsRequest{
+			CompartmentId: common.String(compartmentId),
+			ResourceId:    dbSystemId,
+		})
+		if err != nil {
+			logger.Error(err, "Failed to list work requests")
+			return fmt.Errorf("failed to list work requests: %w", err)
+		}
+
+		for _, wr := range workReqsResp.Items {
+			if wr.OperationType != nil && *wr.OperationType == "Upgrade Db System" &&
+				(wr.Status == workrequests.WorkRequestSummaryStatusAccepted ||
+					wr.Status == workrequests.WorkRequestSummaryStatusInProgress) {
+				logger.Info("GI upgrade already in progress", "WorkRequestID", *wr.Id)
+				dbcs.Status.Message = "GI upgrade already in progress"
+				return nil // Skip further steps while upgrade is ongoing
+			}
+		}
+		// Step 3: Construct the upgrade request
+		upgradeReq := database.UpgradeDbSystemRequest{
+			DbSystemId: dbSystemId,
+			UpgradeDbSystemDetails: database.UpgradeDbSystemDetails{
+				Action:                              database.UpgradeDbSystemDetailsActionUpgrade,
+				NewGiVersion:                        common.String(targetVersion),
+				SnapshotRetentionPeriodInDays:       common.Int(7),
+				IsSnapshotRetentionDaysForceUpdated: common.Bool(false),
+			},
+		}
+
+		// Step 4: Call the API
+		upgradeResp, err := dbClient.UpgradeDbSystem(ctx, upgradeReq)
+		if err != nil {
+			logger.Error(err, "Failed to initiate GI upgrade")
+			dbcs.Status.Message = "Failed to initiate GI upgrade"
+
+			return fmt.Errorf("GI upgrade failed: %w", err)
+		}
+
+		logger.Info("GI upgrade initiated", "WorkRequestID", *upgradeResp.OpcWorkRequestId)
+
+		// Step 3: Update status to upgrading
+		if statusErr := SetLifecycleState(compartmentId, kubeClient, dbClient, dbcs, databasev4.Upgrade, nwClient, wrClient); statusErr != nil {
+			logger.Error(statusErr, "Failed to update lifecycle state to Upgrading")
+			dbcs.Status.Message = "Failed to update lifecycle state to Upgrading"
+
+			return statusErr
+		}
+
+		// Step 4: Check status
+		_, err = CheckResourceState(logger, dbClient, *upgradeResp.Id, string(databasev4.Provision), string(databasev4.Available))
+		if err != nil {
+			logger.Error(err, "Failed to verify database state post upgrade")
+			dbcs.Status.Message = "Failed to verify database state post upgrade"
+
+			return err
+		}
+
+		// Step 5: Wait for completion
+		workReqId := upgradeResp.OpcWorkRequestId
+		for {
+			time.Sleep(30 * time.Second)
+
+			getWorkReqResp, err := wrClient.GetWorkRequest(ctx, workrequests.GetWorkRequestRequest{
+				WorkRequestId: workReqId,
+			})
+			if err != nil {
+				logger.Error(err, "Error fetching work request status", "WorkRequestID", *workReqId)
+				dbcs.Status.Message = "Error fetching work request status"
+				return fmt.Errorf("failed to check GI upgrade status: %w", err)
+			}
+
+			status := getWorkReqResp.WorkRequest.Status
+			logger.Info("GI upgrade work request status", "Status", status)
+
+			if status == workrequests.WorkRequestStatusSucceeded {
+				logger.Info("GI upgrade completed successfully")
+				dbcs.Status.Message = "GI upgrade completed successfully"
+
+				break
+			} else if status == workrequests.WorkRequestStatusFailed {
+				logger.Error(nil, "GI upgrade failed", "WorkRequestID", *workReqId)
+				dbcs.Status.Message = "GI upgrade failed"
+
+				return fmt.Errorf("GI upgrade failed: work request marked as failed")
+			}
+		}
+	}
+
+	// Step 1: Check if DB is already on the target version
+	dbResp, err := dbClient.GetDatabase(ctx, database.GetDatabaseRequest{
+		DatabaseId: common.String(databaseId),
+	})
+	if err != nil {
+		logger.Error(err, "Failed to fetch database details", "DatabaseID", databaseId)
+		dbcs.Status.Message = "Failed to fetch database details"
+		return fmt.Errorf("failed to get database details: %w", err)
+	}
+	// fmt.Printf("%+v\n", dbResp.Database)
+	dbHomeId := *dbResp.Database.DbHomeId
+	dbHomeResp, err := dbClient.GetDbHome(ctx, database.GetDbHomeRequest{
+		DbHomeId: &dbHomeId,
+	})
+	if err != nil {
+		dbcs.Status.Message = "Failed to get DB Home"
+		return fmt.Errorf("failed to get DB Home: %w", err)
+
+	}
+
+	currentDbVersion := dbHomeResp.DbHome.DbVersion
+	if currentDbVersion != nil && *currentDbVersion == targetVersion {
+		logger.Info("Database already at target version. Skipping database upgrade.", "Version", *currentDbVersion)
+		// Continue to post-upgrade or next steps if any
+		return nil
+	}
+
+	// Step 2: Check for ongoing DB upgrade work requests
+	workReqsRespDb, err := wrClient.ListWorkRequests(ctx, workrequests.ListWorkRequestsRequest{
+		CompartmentId: common.String(compartmentId),
+		ResourceId:    common.String(databaseId),
+	})
+	if err != nil {
+		logger.Error(err, "Failed to list database work requests")
+		dbcs.Status.Message = "Failed to list database work requests"
+		return fmt.Errorf("failed to list database work requests: %w", err)
+	}
+
+	for _, wr := range workReqsRespDb.Items {
+		if wr.OperationType != nil && *wr.OperationType == "Upgrade Database" &&
+			(wr.Status == workrequests.WorkRequestSummaryStatusAccepted ||
+				wr.Status == workrequests.WorkRequestSummaryStatusInProgress) {
+
+			logger.Info("Database upgrade already in progress, waiting for completion", "WorkRequestID", *wr.Id)
+			dbcs.Status.Message = "Database upgrade already in progress, waiting for completion."
+
+			// Poll the work request status
+			for {
+				time.Sleep(60 * time.Second)
+
+				workReqResp, err := wrClient.GetWorkRequest(ctx, workrequests.GetWorkRequestRequest{
+					WorkRequestId: wr.Id,
+				})
+				if err != nil {
+					logger.Error(err, "Failed to fetch work request status", "WorkRequestID", *wr.Id)
+					dbcs.Status.Message = "Failed to fetch work request status for database"
+					return fmt.Errorf("failed to get database upgrade work request status: %w", err)
+				}
+
+				status := workReqResp.WorkRequest.Status
+				logger.Info("Database upgrade work request status. Checking again in 60 seconds.", "Status", status, "WorkRequestID", *wr.Id)
+
+				if status == workrequests.WorkRequestStatusSucceeded {
+					logger.Info("Database upgrade completed successfully", "WorkRequestID", *wr.Id)
+					break
+				} else if status == workrequests.WorkRequestStatusFailed {
+					logger.Error(nil, "Database upgrade failed", "WorkRequestID", *wr.Id)
+					dbcs.Status.Message = "Database upgrade failed"
+					return fmt.Errorf("database upgrade failed: work request marked as failed")
+				}
+				// continue polling if still in progress
+			}
+			return nil
+		}
+	}
+
+	logger.Info("Starting upgrade process for Database", "DatabaseID", databaseId, "TargetVersion", targetVersion)
+
+	upgradeDetails := database.UpgradeDatabaseDetails{
+		DatabaseUpgradeSourceDetails: database.DatabaseUpgradeWithDbVersionDetails{
+			DbVersion: common.String(targetVersion),
+		},
+		Action: database.UpgradeDatabaseDetailsActionUpgrade,
+	}
+
+	// Step 3: Submit the upgrade request
+	upgradeReqDb := database.UpgradeDatabaseRequest{
+		DatabaseId:             common.String(databaseId),
+		UpgradeDatabaseDetails: upgradeDetails,
+	}
+
+	upgradeRespDb, err := dbClient.UpgradeDatabase(ctx, upgradeReqDb)
+	if err != nil {
+		logger.Error(err, "Failed to upgrade database version", "DatabaseID", databaseId)
+		dbcs.Status.Message = "Failed to upgrade database version"
+
+		return fmt.Errorf("failed to upgrade database: %w", err)
+	}
+
+	logger.Info("Upgrade initiated", "WorkRequestID", *upgradeRespDb.OpcWorkRequestId)
+
+	// Step 3: Update status to upgrading
+	if statusErr := SetLifecycleState(compartmentId, kubeClient, dbClient, dbcs, databasev4.Upgrade, nwClient, wrClient); statusErr != nil {
+		logger.Error(statusErr, "Failed to update lifecycle state to Upgrading")
+		dbcs.Status.Message = "Failed to update lifecycle state to Upgrading"
+
+		return statusErr
+	}
+
+	// Step 4: Check status
+	_, err = CheckResourceState(logger, dbClient, *upgradeRespDb.DbSystemId, string(databasev4.Provision), string(databasev4.Available))
+	if err != nil {
+		logger.Error(err, "Failed to verify database state post upgrade")
+		dbcs.Status.Message = "Upgrade Database Completed successfully."
+
+		return err
+	}
+
+	logger.Info("Database upgrade process completed successfully", "DatabaseID", databaseId)
+	dbcs.Status.Message = fmt.Sprintf("Database upgraded successfully to version %s", targetVersion)
+
+	return nil
+}
 
 // CloneFromBackupAndGetDbcsId clones a DB system from a backup and returns the new DB system's OCID.
-func CloneFromBackupAndGetDbcsId(logger logr.Logger, kubeClient client.Client, dbClient database.DatabaseClient, dbcs *databasev4.DbcsSystem, nwClient core.VirtualNetworkClient, wrClient workrequests.WorkRequestClient) (string, error) {
+func CloneFromBackupAndGetDbcsId(
+	compartmentId string,
+	logger logr.Logger,
+	kubeClient client.Client,
+	dbClient database.DatabaseClient,
+	dbcs *databasev4.DbcsSystem,
+	nwClient core.VirtualNetworkClient,
+	wrClient workrequests.WorkRequestClient) (string, error) {
 	ctx := context.TODO()
 
 	var err error
@@ -327,6 +753,7 @@ func CloneFromBackupAndGetDbcsId(logger logr.Logger, kubeClient client.Client, d
 		fmt.Println("Error getting backup details:", err)
 		return "", err
 	}
+	// Extract the DatabaseId from the backup details
 	databaseId := backupResp.Backup.DatabaseId
 	// Fetch the existing Database details
 	existingDatabase, err := dbClient.GetDatabase(ctx, database.GetDatabaseRequest{
@@ -343,6 +770,11 @@ func CloneFromBackupAndGetDbcsId(logger logr.Logger, kubeClient client.Client, d
 		logger.Error(err, "DBSystemId not found")
 		return "", err
 	}
+	dbcs.Spec.Id = dbSystemId
+
+	if compartmentId == "" {
+		compartmentId = *existingDatabase.CompartmentId
+	}
 
 	// Fetch the existing DB system details
 	existingDbSystem, err := dbClient.GetDbSystem(ctx, database.GetDbSystemRequest{
@@ -374,6 +806,11 @@ func CloneFromBackupAndGetDbcsId(logger logr.Logger, kubeClient client.Client, d
 		return "", err
 	}
 
+	// Change the phase to "Provisioning"
+	if statusErr := SetLifecycleState(compartmentId, kubeClient, dbClient, dbcs, databasev4.Provision, nwClient, wrClient); statusErr != nil {
+		return "", statusErr
+	}
+
 	// Create the clone request payload
 	cloneRequest := database.LaunchDbSystemFromBackupDetails{
 		CompartmentId:      existingDbSystem.DbSystem.CompartmentId,
@@ -427,15 +864,19 @@ func CloneFromBackupAndGetDbcsId(logger logr.Logger, kubeClient client.Client, d
 		LaunchDbSystemDetails: cloneRequest,
 	})
 	if err != nil {
+		// Change the phase to "Provisioning"
+		if statusErr := SetLifecycleState(compartmentId, kubeClient, dbClient, dbcs, databasev4.Failed, nwClient, wrClient); statusErr != nil {
+			return "", err
+		}
 		return "", err
 	}
 
 	dbcs.Status.DbCloneStatus.Id = response.DbSystem.Id
 
-	// Change the phase to "Provisioning"
-	if statusErr := SetLifecycleState(kubeClient, dbClient, dbcs, databasev4.Provision, nwClient, wrClient); statusErr != nil {
-		return "", statusErr
-	}
+	// // Change the phase to "Provisioning"
+	// if statusErr := SetLifecycleState(compartmentId, kubeClient, dbClient, dbcs, databasev4.Provision, nwClient, wrClient); statusErr != nil {
+	// 	return "", statusErr
+	// }
 
 	// Check the state
 	_, err = CheckResourceState(logger, dbClient, *response.DbSystem.Id, string(databasev4.Provision), string(databasev4.Available))
@@ -447,7 +888,7 @@ func CloneFromBackupAndGetDbcsId(logger logr.Logger, kubeClient client.Client, d
 }
 
 // Sync the DbcsSystem Database details
-func CloneFromDatabaseAndGetDbcsId(logger logr.Logger, kubeClient client.Client, dbClient database.DatabaseClient, dbcs *databasev4.DbcsSystem, nwClient core.VirtualNetworkClient, wrClient workrequests.WorkRequestClient) (string, error) {
+func CloneFromDatabaseAndGetDbcsId(compartmentId string, logger logr.Logger, kubeClient client.Client, dbClient database.DatabaseClient, dbcs *databasev4.DbcsSystem, nwClient core.VirtualNetworkClient, wrClient workrequests.WorkRequestClient) (string, error) {
 	ctx := context.TODO()
 	var err error
 	dbAdminPassword := ""
@@ -488,6 +929,10 @@ func CloneFromDatabaseAndGetDbcsId(logger logr.Logger, kubeClient client.Client,
 		logger.Error(err, "DBSystemId not found")
 		return "", err
 	}
+	dbcs.Spec.Id = dbSystemId
+	if compartmentId == "" {
+		compartmentId = *existingDatabase.CompartmentId
+	}
 
 	// Fetch the existing DB system details
 	existingDbSystem, err := dbClient.GetDbSystem(ctx, database.GetDbSystemRequest{
@@ -504,6 +949,51 @@ func CloneFromDatabaseAndGetDbcsId(logger logr.Logger, kubeClient client.Client,
 		logger.Error(err, "Failed to get SSH public key")
 		return "", err
 	}
+	// Before creating the clone request payload, check if a valid backup exists
+	backupsResp, err := dbClient.ListBackups(ctx, database.ListBackupsRequest{
+		DatabaseId: dbcs.Spec.DatabaseId,
+	})
+	if err != nil {
+		logger.Error(err, "Failed to list backups for database", "DatabaseId", dbcs.Spec.DatabaseId)
+		return "", fmt.Errorf("failed to list backups for database %s: %w", dbcs.Spec.DatabaseId, err)
+	}
+
+	if len(backupsResp.Items) == 0 {
+		msg := fmt.Sprintf("no backups found for database %s, cannot proceed with cloning", dbcs.Spec.DatabaseId)
+		logger.Error(nil, msg)
+		return "", fmt.Errorf(msg)
+	}
+
+	// Optional: ensure at least one backup is in the same AD
+	validBackupFound := false
+	for _, backup := range backupsResp.Items {
+		if backup.LifecycleState == database.BackupSummaryLifecycleStateActive &&
+			backup.AvailabilityDomain != nil &&
+			*backup.AvailabilityDomain == *existingDbSystem.DbSystem.AvailabilityDomain {
+
+			validBackupFound = true
+			logger.Info("Found valid backup for cloning",
+				"BackupId", *backup.Id,
+				"AvailabilityDomain", *backup.AvailabilityDomain,
+				"LifecycleState", backup.LifecycleState)
+			break
+		}
+
+	}
+
+	if !validBackupFound {
+		msg := fmt.Sprintf("no valid backups for database %s found in same AD %s, cannot proceed with cloning",
+			*dbcs.Spec.DatabaseId, *existingDbSystem.DbSystem.AvailabilityDomain)
+		logger.Error(nil, msg)
+		return "", fmt.Errorf(msg)
+	}
+
+	logger.Info("Valid backup found for cloning", "DatabaseId", dbcs.Spec.DatabaseId)
+
+	// Change the phase to "Provisioning"
+	if statusErr := SetLifecycleState(compartmentId, kubeClient, dbClient, dbcs, databasev4.Provision, nwClient, wrClient); statusErr != nil {
+		return "", statusErr
+	}
 
 	// Create the clone request payload
 	cloneRequest := database.LaunchDbSystemFromDatabaseDetails{
@@ -558,15 +1048,19 @@ func CloneFromDatabaseAndGetDbcsId(logger logr.Logger, kubeClient client.Client,
 		LaunchDbSystemDetails: cloneRequest,
 	})
 	if err != nil {
+		// Change the phase to "Provisioning"
+		if statusErr := SetLifecycleState(compartmentId, kubeClient, dbClient, dbcs, databasev4.Failed, nwClient, wrClient); statusErr != nil {
+			return "", err
+		}
 		return "", err
 	}
 
 	dbcs.Status.DbCloneStatus.Id = response.DbSystem.Id
 
-	// Change the phase to "Provisioning"
-	if statusErr := SetLifecycleState(kubeClient, dbClient, dbcs, databasev4.Provision, nwClient, wrClient); statusErr != nil {
-		return "", statusErr
-	}
+	// // Change the phase to "Provisioning"
+	// if statusErr := SetLifecycleState(compartmentId, kubeClient, dbClient, dbcs, databasev4.Provision, nwClient, wrClient); statusErr != nil {
+	// 	return "", statusErr
+	// }
 
 	// Check the state
 	_, err = CheckResourceState(logger, dbClient, *response.DbSystem.Id, string(databasev4.Provision), string(databasev4.Available))
@@ -751,7 +1245,7 @@ func DeleteDbcsSystemSystem(dbClient database.DatabaseClient, Id string) error {
 }
 
 // SetLifecycleState set status.state of the reosurce.
-func SetLifecycleState(kubeClient client.Client, dbClient database.DatabaseClient, dbcs *databasev4.DbcsSystem, state databasev4.LifecycleState, nwClient core.VirtualNetworkClient, wrClient workrequests.WorkRequestClient) error {
+func SetLifecycleState(compartmentId string, kubeClient client.Client, dbClient database.DatabaseClient, dbcs *databasev4.DbcsSystem, state databasev4.LifecycleState, nwClient core.VirtualNetworkClient, wrClient workrequests.WorkRequestClient) error {
 	maxRetries := 5
 	retryDelay := time.Second * 2
 
@@ -771,13 +1265,12 @@ func SetLifecycleState(kubeClient client.Client, dbClient database.DatabaseClien
 		}
 
 		// Set the status using the dbcs object
-		if statusErr := SetDBCSStatus(dbClient, dbcs, nwClient, wrClient); statusErr != nil {
+		if statusErr := SetDBCSStatus(state, compartmentId, dbClient, dbcs, nwClient, wrClient); statusErr != nil {
 			return statusErr
 		}
 
 		// Update the ResourceVersion of dbcs from latestInstance to avoid conflict
 		dbcs.ResourceVersion = latestInstance.ResourceVersion
-
 		// Attempt to patch the status of the instance
 		err = kubeClient.Status().Patch(context.TODO(), dbcs, client.MergeFrom(latestInstance))
 		if err != nil {
@@ -855,6 +1348,7 @@ func mergeInstancesFromLatest(instance, latestInstance *databasev4.DbcsSystem) e
 func mergeStructFields(instanceField, latestField reflect.Value) {
 	for i := 0; i < instanceField.NumField(); i++ {
 		subField := instanceField.Type().Field(i)
+
 		instanceSubField := instanceField.Field(i)
 		latestSubField := latestField.Field(i)
 
@@ -878,6 +1372,7 @@ func mergeStructFields(instanceField, latestField reflect.Value) {
 			}
 		}
 	}
+
 }
 
 func isExported(field reflect.StructField) bool {
@@ -886,7 +1381,7 @@ func isExported(field reflect.StructField) bool {
 
 // SetDBCSSystem LifeCycle state when state is provisioning
 
-func SetDBCSDatabaseLifecycleState(logger logr.Logger, kubeClient client.Client, dbClient database.DatabaseClient, dbcs *databasev4.DbcsSystem, nwClient core.VirtualNetworkClient, wrClient workrequests.WorkRequestClient) error {
+func SetDBCSDatabaseLifecycleState(compartmentId string, logger logr.Logger, kubeClient client.Client, dbClient database.DatabaseClient, dbcs *databasev4.DbcsSystem, nwClient core.VirtualNetworkClient, wrClient workrequests.WorkRequestClient) error {
 
 	dbcsId := *dbcs.Spec.Id
 
@@ -904,12 +1399,12 @@ func SetDBCSDatabaseLifecycleState(logger logr.Logger, kubeClient client.Client,
 		return nil
 	} else if string(resp.LifecycleState) == string(databasev4.Available) {
 		// Change the phase to "Available"
-		if statusErr := SetLifecycleState(kubeClient, dbClient, dbcs, databasev4.Available, nwClient, wrClient); statusErr != nil {
+		if statusErr := SetLifecycleState(compartmentId, kubeClient, dbClient, dbcs, databasev4.Available, nwClient, wrClient); statusErr != nil {
 			return statusErr
 		}
 	} else if string(resp.LifecycleState) == string(databasev4.Provision) {
 		// Change the phase to "Provisioning"
-		if statusErr := SetLifecycleState(kubeClient, dbClient, dbcs, databasev4.Provision, nwClient, wrClient); statusErr != nil {
+		if statusErr := SetLifecycleState(compartmentId, kubeClient, dbClient, dbcs, databasev4.Provision, nwClient, wrClient); statusErr != nil {
 			return statusErr
 		}
 		// Check the State
@@ -919,7 +1414,7 @@ func SetDBCSDatabaseLifecycleState(logger logr.Logger, kubeClient client.Client,
 		}
 	} else if string(resp.LifecycleState) == string(databasev4.Update) {
 		// Change the phase to "Updating"
-		if statusErr := SetLifecycleState(kubeClient, dbClient, dbcs, databasev4.Update, nwClient, wrClient); statusErr != nil {
+		if statusErr := SetLifecycleState(compartmentId, kubeClient, dbClient, dbcs, databasev4.Update, nwClient, wrClient); statusErr != nil {
 			return statusErr
 		}
 		// Check the State
@@ -929,15 +1424,25 @@ func SetDBCSDatabaseLifecycleState(logger logr.Logger, kubeClient client.Client,
 		}
 	} else if string(resp.LifecycleState) == string(databasev4.Failed) {
 		// Change the phase to "Updating"
-		if statusErr := SetLifecycleState(kubeClient, dbClient, dbcs, databasev4.Failed, nwClient, wrClient); statusErr != nil {
+		if statusErr := SetLifecycleState(compartmentId, kubeClient, dbClient, dbcs, databasev4.Failed, nwClient, wrClient); statusErr != nil {
 			return statusErr
 		}
 		return fmt.Errorf("DbSystem is in Failed State")
 	} else if string(resp.LifecycleState) == string(databasev4.Terminated) {
 		// Change the phase to "Terminated"
-		if statusErr := SetLifecycleState(kubeClient, dbClient, dbcs, databasev4.Terminate, nwClient, wrClient); statusErr != nil {
+		if statusErr := SetLifecycleState(compartmentId, kubeClient, dbClient, dbcs, databasev4.Terminate, nwClient, wrClient); statusErr != nil {
+			return statusErr
+		}
+	} else if string(resp.LifecycleState) == string(databasev4.Upgrade) {
+		// Change the phase to "Upgrading"
+		if statusErr := SetLifecycleState(compartmentId, kubeClient, dbClient, dbcs, databasev4.Upgrade, nwClient, wrClient); statusErr != nil {
 			return statusErr
 		}
+		// Check the State
+		_, err = CheckResourceState(logger, dbClient, *resp.DbSystem.Id, string(databasev4.Upgrade), string(databasev4.Available))
+		if err != nil {
+			return err
+		}
 	}
 	return nil
 }
@@ -954,43 +1459,51 @@ func GetDbSystemId(logger logr.Logger, dbClient database.DatabaseClient, dbcs *d
 		return err
 	}
 
-	dbcs.Spec.DbSystem.CompartmentId = *response.CompartmentId
-	if response.DisplayName != nil {
-		dbcs.Spec.DbSystem.DisplayName = *response.DisplayName
+	if dbcs.Spec.DbSystem == nil {
+		dbcs.Spec.DbSystem = &databasev4.DbSystemDetails{}
+	}
+	if response.DbSystem.CompartmentId != nil {
+		dbcs.Spec.DbSystem.CompartmentId = *response.DbSystem.CompartmentId
+	}
+	if response.DbSystem.DisplayName != nil {
+		dbcs.Spec.DbSystem.DisplayName = *response.DbSystem.DisplayName
 	}
 
-	if response.Hostname != nil {
-		dbcs.Spec.DbSystem.HostName = *response.Hostname
+	if response.DbSystem.Hostname != nil {
+		dbcs.Spec.DbSystem.HostName = *response.DbSystem.Hostname
 	}
-	if response.CpuCoreCount != nil {
-		dbcs.Spec.DbSystem.CpuCoreCount = *response.CpuCoreCount
+	if response.DbSystem.CpuCoreCount != nil {
+		dbcs.Spec.DbSystem.CpuCoreCount = *response.DbSystem.CpuCoreCount
 	}
-	dbcs.Spec.DbSystem.NodeCount = response.NodeCount
-	if response.ClusterName != nil {
-		dbcs.Spec.DbSystem.ClusterName = *response.ClusterName
+	dbcs.Spec.DbSystem.NodeCount = response.DbSystem.NodeCount
+	if response.DbSystem.ClusterName != nil {
+		dbcs.Spec.DbSystem.ClusterName = *response.DbSystem.ClusterName
 	}
-	//dbcs.Spec.DbSystem.DbUniqueName = *response.DbUniqueName
+	//dbcs.Spec.DbSystem.DbUniqueName = *response.DbSystem.DbUniqueName
 	if string(response.DbSystem.DatabaseEdition) != "" {
-		dbcs.Spec.DbSystem.DbEdition = string(response.DatabaseEdition)
+		dbcs.Spec.DbSystem.DbEdition = string(response.DbSystem.DatabaseEdition)
 	}
-	if string(response.DiskRedundancy) != "" {
-		dbcs.Spec.DbSystem.DiskRedundancy = string(response.DiskRedundancy)
+	if string(response.DbSystem.DiskRedundancy) != "" {
+		dbcs.Spec.DbSystem.DiskRedundancy = string(response.DbSystem.DiskRedundancy)
 	}
 
-	//dbcs.Spec.DbSystem.DbVersion = *response.
+	//dbcs.Spec.DbSystem.DbVersion = *response.DbSystem.
 
-	if response.BackupSubnetId != nil {
-		dbcs.Spec.DbSystem.BackupSubnetId = *response.BackupSubnetId
+	if response.DbSystem.BackupSubnetId != nil {
+		dbcs.Spec.DbSystem.BackupSubnetId = *response.DbSystem.BackupSubnetId
+	}
+	dbcs.Spec.DbSystem.Shape = *response.DbSystem.Shape
+	dbcs.Spec.DbSystem.SshPublicKeys = []string(response.DbSystem.SshPublicKeys)
+	if response.DbSystem.FaultDomains != nil {
+		dbcs.Spec.DbSystem.FaultDomains = []string(response.DbSystem.FaultDomains)
 	}
-	dbcs.Spec.DbSystem.Shape = *response.Shape
-	dbcs.Spec.DbSystem.SshPublicKeys = []string(response.SshPublicKeys)
-	if response.FaultDomains != nil {
-		dbcs.Spec.DbSystem.FaultDomains = []string(response.FaultDomains)
+	dbcs.Spec.DbSystem.SubnetId = *response.DbSystem.SubnetId
+	dbcs.Spec.DbSystem.AvailabilityDomain = *response.DbSystem.AvailabilityDomain
+	if response.DbSystem.KmsKeyId != nil {
+		dbcs.Status.KMSDetailsStatus.KeyId = *response.DbSystem.KmsKeyId
 	}
-	dbcs.Spec.DbSystem.SubnetId = *response.SubnetId
-	dbcs.Spec.DbSystem.AvailabilityDomain = *response.AvailabilityDomain
-	if response.KmsKeyId != nil {
-		dbcs.Status.KMSDetailsStatus.KeyId = *response.KmsKeyId
+	if response.DbSystem.Version != nil {
+		dbcs.Status.DbVersion = *response.DbSystem.Version
 	}
 	err = PopulateDBDetails(logger, dbClient, dbcs)
 	if err != nil {
@@ -1024,7 +1537,26 @@ func PopulateDBDetails(logger logr.Logger, dbClient database.DatabaseClient, dbc
 func GetListDbHomeRsp(logger logr.Logger, dbClient database.DatabaseClient, dbcs *databasev4.DbcsSystem) (database.ListDbHomesResponse, error) {
 
 	dbcsId := *dbcs.Spec.Id
-	CompartmentId := dbcs.Spec.DbSystem.CompartmentId
+	var CompartmentId string
+
+	// Check if the CompartmentId is defined in dbcs.Spec.DbSystem.CompartmentId
+	if dbcs.Spec.DbSystem.CompartmentId != "" {
+		CompartmentId = dbcs.Spec.DbSystem.CompartmentId
+	} else {
+		// If not defined, call GetDbSystem to fetch the details
+		getRequest := database.GetDbSystemRequest{
+			DbSystemId: &dbcsId,
+		}
+
+		// Call GetDbSystem API using the existing dbClient
+		getResponse, err := dbClient.GetDbSystem(context.TODO(), getRequest)
+		if err != nil {
+			return database.ListDbHomesResponse{}, fmt.Errorf("failed to get DB system details: %v", err)
+		}
+
+		// Extract the compartment ID from the DB system details
+		CompartmentId = *getResponse.DbSystem.CompartmentId
+	}
 
 	dbHomeReq := database.ListDbHomesRequest{
 		DbSystemId:    &dbcsId,
@@ -1056,7 +1588,7 @@ func GetListDatabaseRsp(logger logr.Logger, dbClient database.DatabaseClient, db
 	return response, nil
 }
 
-func UpdateDbcsSystemIdInst(log logr.Logger, dbClient database.DatabaseClient, dbcs *databasev4.DbcsSystem, kubeClient client.Client, nwClient core.VirtualNetworkClient, wrClient workrequests.WorkRequestClient, databaseID string) error {
+func UpdateDbcsSystemIdInst(compartmentId string, log logr.Logger, dbClient database.DatabaseClient, dbcs *databasev4.DbcsSystem, kubeClient client.Client, nwClient core.VirtualNetworkClient, wrClient workrequests.WorkRequestClient, databaseID string) error {
 	// log.Info("Existing DB System Getting Updated with new details in UpdateDbcsSystemIdInst")
 	var err error
 	updateFlag := false
@@ -1073,35 +1605,89 @@ func UpdateDbcsSystemIdInst(log logr.Logger, dbClient database.DatabaseClient, d
 	} else {
 		log.Info("Details of oldSpec", "oldSpec", oldSpec)
 	}
+
+	if dbcs.Spec.DbSystem == nil {
+		dbcs.Spec.DbSystem = &databasev4.DbSystemDetails{}
+	}
+	if oldSpec.DbSystem == nil {
+		oldSpec.DbSystem = &databasev4.DbSystemDetails{}
+	}
+
+	// Fetch latest DB System state from OCI
+	dbcsId := dbcs.Spec.Id
+	dbcsReq := database.GetDbSystemRequest{
+		DbSystemId: dbcsId,
+	}
+
+	response, err := dbClient.GetDbSystem(context.TODO(), dbcsReq)
+	if err != nil {
+		log.Error(err, "failed to fetch current DB system from OCI")
+		return err
+	}
+
+	current := response.DbSystem // OCI's current state
 	log.Info("Details of updateFlag -> " + fmt.Sprint(updateFlag))
+	if dbcs.Spec.DbSystem == nil {
+		dbcs.Spec.DbSystem = &databasev4.DbSystemDetails{}
+	}
+	// Compare and update CPU Core Count
+	if dbcs.Spec.DbSystem.CpuCoreCount > 0 &&
+		(dbcs.Spec.DbSystem.CpuCoreCount != oldSpec.DbSystem.CpuCoreCount ||
+			dbcs.Spec.DbSystem.CpuCoreCount != *current.CpuCoreCount) {
+
+		log.Info("CPU core count change detected",
+			"desired", dbcs.Spec.DbSystem.CpuCoreCount,
+			"old", oldSpec.DbSystem.CpuCoreCount,
+			"current", *current.CpuCoreCount)
 
-	if dbcs.Spec.DbSystem.CpuCoreCount > 0 && ((dbcs.Spec.DbSystem.CpuCoreCount != oldSpec.DbSystem.CpuCoreCount) || (dbcs.Spec.DbSystem.CpuCoreCount != *&dbcs.Status.CpuCoreCount)) {
-		log.Info("DB System cpu core count is: " + fmt.Sprint(dbcs.Spec.DbSystem.CpuCoreCount) + " DB System old cpu count is: " + fmt.Sprint(oldSpec.DbSystem.CpuCoreCount))
 		updateDbcsDetails.CpuCoreCount = common.Int(dbcs.Spec.DbSystem.CpuCoreCount)
 		updateFlag = true
 	}
-	if dbcs.Spec.DbSystem.Shape != "" && ((dbcs.Spec.DbSystem.Shape != oldSpec.DbSystem.Shape) || (dbcs.Spec.DbSystem.Shape != *dbcs.Status.Shape)) {
-		// log.Info("DB System desired shape is :" + string(dbcs.Spec.DbSystem.Shape) + "DB System old shape is " + string(oldSpec.DbSystem.Shape))
+
+	// Compare and update Shape
+	if dbcs.Spec.DbSystem.Shape != "" &&
+		(dbcs.Spec.DbSystem.Shape != oldSpec.DbSystem.Shape ||
+			dbcs.Spec.DbSystem.Shape != *current.Shape) {
+
+		log.Info("Shape change detected",
+			"desired", dbcs.Spec.DbSystem.Shape,
+			"old", oldSpec.DbSystem.Shape,
+			"current", *current.Shape)
+
 		updateDbcsDetails.Shape = common.String(dbcs.Spec.DbSystem.Shape)
 		updateFlag = true
 	}
 
-	if dbcs.Spec.DbSystem.LicenseModel != "" && ((dbcs.Spec.DbSystem.LicenseModel != oldSpec.DbSystem.LicenseModel) || (dbcs.Spec.DbSystem.LicenseModel != *&dbcs.Status.LicenseModel)) {
-		licenceModel := getLicenceModel(dbcs)
-		// log.Info("DB System desired License Model is :" + string(dbcs.Spec.DbSystem.LicenseModel) + "DB Sytsem old License Model is " + string(oldSpec.DbSystem.LicenseModel))
-		updateDbcsDetails.LicenseModel = database.UpdateDbSystemDetailsLicenseModelEnum(licenceModel)
+	// Compare and update License Model
+	if dbcs.Spec.DbSystem.LicenseModel != "" &&
+		(dbcs.Spec.DbSystem.LicenseModel != oldSpec.DbSystem.LicenseModel ||
+			dbcs.Spec.DbSystem.LicenseModel != string(current.LicenseModel)) {
+
+		log.Info("License model change detected",
+			"desired", dbcs.Spec.DbSystem.LicenseModel,
+			"old", oldSpec.DbSystem.LicenseModel,
+			"current", current.LicenseModel)
+
+		licenseModel := getLicenceModel(dbcs)
+		updateDbcsDetails.LicenseModel = database.UpdateDbSystemDetailsLicenseModelEnum(licenseModel)
 		updateFlag = true
 	}
 
-	if dbcs.Spec.DbSystem.InitialDataStorageSizeInGB != 0 && dbcs.Spec.DbSystem.InitialDataStorageSizeInGB != oldSpec.DbSystem.InitialDataStorageSizeInGB {
-		// log.Info("DB System desired Storage Size is :" + fmt.Sprint(dbcs.Spec.DbSystem.InitialDataStorageSizeInGB) + "DB System old Storage Size is " + fmt.Sprint(oldSpec.DbSystem.InitialDataStorageSizeInGB))
+	// Compare Storage Size only against oldSpec (assumes no dynamic resizing supported)
+	if dbcs.Spec.DbSystem.InitialDataStorageSizeInGB > 0 &&
+		dbcs.Spec.DbSystem.InitialDataStorageSizeInGB != oldSpec.DbSystem.InitialDataStorageSizeInGB {
+
+		log.Info("Data storage size change detected",
+			"desired", dbcs.Spec.DbSystem.InitialDataStorageSizeInGB,
+			"old", oldSpec.DbSystem.InitialDataStorageSizeInGB)
+
 		updateDbcsDetails.DataStorageSizeInGBs = &dbcs.Spec.DbSystem.InitialDataStorageSizeInGB
 		updateFlag = true
 	}
 
 	// // Check and update KMS details if necessary
-	if (dbcs.Spec.KMSConfig != databasev4.KMSConfig{}) {
-		if dbcs.Spec.KMSConfig != oldSpec.DbSystem.KMSConfig {
+	if dbcs.Spec.KMSConfig != nil {
+		if !reflect.DeepEqual(dbcs.Spec.KMSConfig, oldSpec.DbSystem.KMSConfig) {
 			log.Info("Updating KMS details in Existing Database")
 
 			kmsKeyID := dbcs.Status.KMSDetailsStatus.KeyId
@@ -1125,7 +1711,7 @@ func UpdateDbcsSystemIdInst(log logr.Logger, dbClient database.DatabaseClient, d
 			}
 
 			// Assign all available fields to KMSConfig
-			dbcs.Spec.DbSystem.KMSConfig = databasev4.KMSConfig{
+			dbcs.Spec.DbSystem.KMSConfig = &databasev4.KMSConfig{
 				VaultName:      dbcs.Spec.KMSConfig.VaultName,
 				CompartmentId:  dbcs.Spec.KMSConfig.CompartmentId,
 				KeyName:        dbcs.Spec.KMSConfig.KeyName,
@@ -1148,7 +1734,7 @@ func UpdateDbcsSystemIdInst(log logr.Logger, dbClient database.DatabaseClient, d
 				migrateRequest.AdminPassword = common.String(dbAdminPassword)
 			}
 			// Change the phase to "Updating"
-			if statusErr := SetLifecycleState(kubeClient, dbClient, dbcs, databasev4.Update, nwClient, wrClient); statusErr != nil {
+			if statusErr := SetLifecycleState(compartmentId, kubeClient, dbClient, dbcs, databasev4.Update, nwClient, wrClient); statusErr != nil {
 				return statusErr
 			}
 			// Send the request
@@ -1168,7 +1754,7 @@ func UpdateDbcsSystemIdInst(log logr.Logger, dbClient database.DatabaseClient, d
 
 			// // Wait for the database to reach the desired state after migration, timeout for 2 hours
 			// Define timeout and check interval
-			timeout := 2 * time.Hour
+			timeout := 4 * time.Hour
 			checkInterval := 1 * time.Minute
 
 			err = WaitForDatabaseState(log, dbClient, databaseID, "AVAILABLE", timeout, checkInterval)
@@ -1177,7 +1763,7 @@ func UpdateDbcsSystemIdInst(log logr.Logger, dbClient database.DatabaseClient, d
 				return err
 			}
 			// Change the phase to "Available"
-			if statusErr := SetLifecycleState(kubeClient, dbClient, dbcs, databasev4.Available, nwClient, wrClient); statusErr != nil {
+			if statusErr := SetLifecycleState(compartmentId, kubeClient, dbClient, dbcs, databasev4.Available, nwClient, wrClient); statusErr != nil {
 				return statusErr
 			}
 
@@ -1186,7 +1772,13 @@ func UpdateDbcsSystemIdInst(log logr.Logger, dbClient database.DatabaseClient, d
 	}
 
 	log.Info("Details of updateFlag after validations is " + fmt.Sprint(updateFlag))
+
 	if updateFlag {
+		cdbId := *dbcs.Status.DbInfo[0].Id
+		// Ensure DB system is AVAILABLE
+		if err := waitForDbSystemAvailable(cdbId, dbClient, *dbcs.Spec.Id, 30*time.Minute, log); err != nil {
+			return fmt.Errorf("cannot update DB system within 30 minutes, wait failed: %w", err)
+		}
 		updateDbcsRequest := database.UpdateDbSystemRequest{
 			DbSystemId:            common.String(*dbcs.Spec.Id),
 			UpdateDbSystemDetails: updateDbcsDetails,
@@ -1197,7 +1789,7 @@ func UpdateDbcsSystemIdInst(log logr.Logger, dbClient database.DatabaseClient, d
 		}
 
 		// Change the phase to "Provisioning"
-		if statusErr := SetLifecycleState(kubeClient, dbClient, dbcs, databasev4.Update, nwClient, wrClient); statusErr != nil {
+		if statusErr := SetLifecycleState(compartmentId, kubeClient, dbClient, dbcs, databasev4.Update, nwClient, wrClient); statusErr != nil {
 			return statusErr
 		}
 		// Check the State
@@ -1210,6 +1802,48 @@ func UpdateDbcsSystemIdInst(log logr.Logger, dbClient database.DatabaseClient, d
 	return nil
 }
 
+func waitForDbSystemAvailable(cdbId string, dbClient database.DatabaseClient, dbSystemId string, maxWait time.Duration, log logr.Logger) error {
+	start := time.Now()
+
+	for {
+		// 1. Check DB System lifecycle state
+		dbSysResp, err := dbClient.GetDbSystem(context.TODO(), database.GetDbSystemRequest{
+			DbSystemId: &dbSystemId,
+		})
+		if err != nil {
+			return fmt.Errorf("failed to get DB system: %w", err)
+		}
+		dbSysState := string(dbSysResp.DbSystem.LifecycleState)
+
+		// 2. Check CDB lifecycle state
+		dbResp, err := dbClient.GetDatabase(context.TODO(), database.GetDatabaseRequest{
+			DatabaseId: &cdbId,
+		})
+		if err != nil {
+			return fmt.Errorf("failed to get CDB database: %w", err)
+		}
+		dbState := string(dbResp.Database.LifecycleState)
+
+		log.Info("DBSystem state: %s, CDB state: %s", dbSysState, dbState)
+
+		if dbSysState == "AVAILABLE" && dbState == "AVAILABLE" {
+			log.Info("Both Db System and Db home is in available state, proceeding with update")
+			return nil // both ready
+		}
+
+		if time.Since(start) > maxWait {
+			return fmt.Errorf("timeout: DBSystem: %s, CDB: %s", dbSysState, dbState)
+		}
+		log.Info("Either of Db System or Db home is not in available state, rechecking in 30 seconds")
+
+		time.Sleep(30 * time.Second)
+	}
+}
+
+func isFieldUpdated[T comparable](specVal T, oldVal T, currentVal T) bool {
+	return specVal != oldVal || specVal != currentVal
+}
+
 func WaitForDatabaseState(
 	log logr.Logger,
 	dbClient database.DatabaseClient,
@@ -1271,58 +1905,139 @@ func UpdateDbcsSystemId(kubeClient client.Client, dbcs *databasev4.DbcsSystem) e
 	return kubeClient.Patch(context.TODO(), dbcs, patch)
 }
 
-func CheckResourceState(logger logr.Logger, dbClient database.DatabaseClient, Id string, currentState string, expectedState string) (string, error) {
-	// The database OCID is not available when the provisioning is onging.
-	// Retry until the new DbcsSystem is ready.
+// CheckDataGuardAssociationState will check the lifecycle state of the Data Guard Association
+// and wait until it reaches the expected state (e.g., "AVAILABLE").
+func CheckDataGuardAssociationState(logger logr.Logger, dbClient database.DatabaseClient, associationId string, currentState string, expectedState string, databaseId string) (string, error) {
+	// The DataGuard Association OCID is not available when provisioning is ongoing.
+	// Retry until the new Data Guard Association is ready.
 
 	var state string
 	var err error
 	for {
-		state, err = GetResourceState(logger, dbClient, Id)
+		state, err = GetDataGuardAssociationState(logger, dbClient, associationId, databaseId)
 		if err != nil {
-			logger.Info("Error occurred while collecting the resource life cycle state")
+			logger.Info("Error occurred while collecting the resource lifecycle state")
 			return "", err
 		}
 		if string(state) == expectedState {
 			break
-		} else if string(state) == currentState {
-			logger.Info("DB System current state is still:" + string(state) + ". Sleeping for 60 seconds.")
+		} else if string(state) != expectedState {
+			logger.Info("Data Guard Association current state is still:" + string(state) + ". Sleeping for 60 seconds.")
 			time.Sleep(60 * time.Second)
 			continue
-		} else {
-			msg := "DB System current state " + string(state) + " is not matching " + expectedState
-			logger.Info(msg)
-			return "", errors.New(msg)
 		}
 	}
 
 	return "", nil
 }
 
-func GetResourceState(logger logr.Logger, dbClient database.DatabaseClient, Id string) (string, error) {
+// GetDataGuardAssociationState retrieves the lifecycle state of the Data Guard Association.
+func GetDataGuardAssociationState(logger logr.Logger, dbClient database.DatabaseClient, associationId string, databaseID string) (string, error) { // Context with 2-hour timeout
+	ctx, cancel := context.WithTimeout(context.Background(), 2*time.Hour)
+	defer cancel()
 
-	dbcsId := Id
-	dbcsReq := database.GetDbSystemRequest{
-		DbSystemId: &dbcsId,
+	request := database.GetDataGuardAssociationRequest{
+		DatabaseId:             common.String(databaseID),
+		DataGuardAssociationId: common.String(associationId),
 	}
+	desiredState := "AVAILABLE"
 
-	response, err := dbClient.GetDbSystem(context.TODO(), dbcsReq)
-	if err != nil {
-		return "", err
+	ticker := time.NewTicker(1 * time.Minute)
+	defer ticker.Stop()
+
+	for {
+		select {
+		case <-ctx.Done():
+			// 2-hour timeout reached
+			return "", context.DeadlineExceeded
+		case <-ticker.C:
+			logger.Info("Polling Data Guard association state", "DatabaseID", databaseID, "AssociationID", associationId)
+
+			// Make the request using the context
+			response, err := dbClient.GetDataGuardAssociation(ctx, request)
+			if err != nil {
+				logger.Error(err, "Failed to get Data Guard association state")
+				return "", err
+			}
+
+			state := string(response.LifecycleState)
+			logger.Info("Current state", "State", state)
+
+			if state == desiredState {
+				return state, nil
+			}
+		}
 	}
+}
 
-	state := string(response.LifecycleState)
+// CheckResourceState waits until the resource moves from a transient state (e.g. PROVISIONING, UPDATING)
+// to the expected state (e.g. AVAILABLE). It retries until success, timeout (120 minutes), or unexpected state occurs.
+func CheckResourceState(logger logr.Logger, dbClient database.DatabaseClient, id string, transientState string, expectedState string) (string, error) {
+	var state string
+	var err error
 
-	return state, nil
+	timeout := 240 * time.Minute
+	start := time.Now()
+
+	for {
+		// Timeout guard
+		if time.Since(start) > timeout {
+			msg := fmt.Sprintf("timed out after %v waiting for DB System %s to reach state %s (last known state: %s)",
+				timeout, id, expectedState, state)
+			logger.Error(fmt.Errorf("timeout"), msg, "Id", id)
+			return state, errors.New(msg)
+		}
+
+		state, err = GetResourceState(logger, dbClient, id)
+		if err != nil {
+			logger.Error(err, "Error occurred while collecting the resource lifecycle state", "Id", id)
+			return "", err
+		}
+
+		switch state {
+		case expectedState:
+			logger.Info("DB System reached expected state", "State", state, "Id", id)
+			return state, nil
+		// Explicitly handle UPDATING as transient state (for patching)
+		case string(database.DbSystemLifecycleStateUpdating):
+			logger.Info("DB System is still updating ", "State", state, "Id", id)
+			time.Sleep(60 * time.Second)
+			continue
+		case string(database.DbSystemLifecycleStateUpgrading):
+			logger.Info("DB System is still upgrading ", "State", state, "Id", id)
+			time.Sleep(60 * time.Second)
+			continue
+		case transientState:
+			logger.Info("DB System still in transient state", "State", state, "Id", id)
+			time.Sleep(60 * time.Second) // sleep before re-checking
+			continue
+
+		default:
+			msg := fmt.Sprintf("DB System state %s is not matching expected state %s", state, expectedState)
+			logger.Error(errors.New(msg), "Unexpected DB System state", "Id", id)
+			return state, errors.New(msg)
+		}
+	}
 }
 
-func SetDBCSStatus(dbClient database.DatabaseClient, dbcs *databasev4.DbcsSystem, nwClient core.VirtualNetworkClient, wrClient workrequests.WorkRequestClient) error {
+// GetResourceState fetches the current lifecycle state of the DbSystem from OCI.
+func GetResourceState(logger logr.Logger, dbClient database.DatabaseClient, id string) (string, error) {
+	req := database.GetDbSystemRequest{
+		DbSystemId: common.String(id),
+	}
 
-	if dbcs.Spec.Id == nil {
-		dbcs.Status.State = "FAILED"
-		return nil
+	resp, err := dbClient.GetDbSystem(context.TODO(), req)
+	if err != nil {
+		return "", err
 	}
 
+	state := string(resp.LifecycleState)
+	logger.Info("Fetched DB System lifecycle state", "State", state, "Id", id)
+	return state, nil
+}
+
+func SetDBCSStatus(state databasev4.LifecycleState, compartmentId string, dbClient database.DatabaseClient, dbcs *databasev4.DbcsSystem, nwClient core.VirtualNetworkClient, wrClient workrequests.WorkRequestClient) error {
+
 	if dbcs.Spec.Id == nil {
 		dbcs.Status.State = "FAILED"
 		return nil
@@ -1338,6 +2053,7 @@ func SetDBCSStatus(dbClient database.DatabaseClient, dbcs *databasev4.DbcsSystem
 	if err != nil {
 		return err
 	}
+	compartmentId = *resp.CompartmentId
 
 	dbcs.Status.AvailabilityDomain = *resp.AvailabilityDomain
 	dbcs.Status.CpuCoreCount = *resp.CpuCoreCount
@@ -1358,12 +2074,22 @@ func SetDBCSStatus(dbClient database.DatabaseClient, dbcs *databasev4.DbcsSystem
 	dbcs.Status.Network.ListenerPort = resp.ListenerPort
 	dbcs.Status.Network.HostName = *resp.Hostname
 	dbcs.Status.Network.DomainName = *resp.Domain
-	if dbcs.Spec.KMSConfig.CompartmentId != "" {
+	if resp.Version != nil {
+		dbcs.Status.DbVersion = *resp.Version
+	} else {
+		dbcs.Status.DbVersion = ""
+	}
+
+	if dbcs.Spec.KMSConfig != nil && dbcs.Spec.KMSConfig.CompartmentId != "" {
 		dbcs.Status.KMSDetailsStatus.CompartmentId = dbcs.Spec.KMSConfig.CompartmentId
 		dbcs.Status.KMSDetailsStatus.VaultName = dbcs.Spec.KMSConfig.VaultName
 	}
-	dbcs.Status.State = databasev4.LifecycleState(resp.LifecycleState)
-	if dbcs.Spec.KMSConfig.CompartmentId != "" {
+	if state == "" {
+		dbcs.Status.State = databasev4.LifecycleState(resp.LifecycleState)
+	} else {
+		dbcs.Status.State = state
+	}
+	if dbcs.Spec.KMSConfig != nil && dbcs.Spec.KMSConfig.CompartmentId != "" {
 		dbcs.Status.KMSDetailsStatus.CompartmentId = dbcs.Spec.KMSConfig.CompartmentId
 		dbcs.Status.KMSDetailsStatus.VaultName = dbcs.Spec.KMSConfig.VaultName
 	}
@@ -1383,7 +2109,7 @@ func SetDBCSStatus(dbClient database.DatabaseClient, dbcs *databasev4.DbcsSystem
 	// Work Request Ststaus
 	dbWorkRequest := databasev4.DbWorkrequests{}
 
-	dbWorks, err := getWorkRequest(*resp.OpcRequestId, wrClient, dbcs)
+	dbWorks, err := getWorkRequest(compartmentId, *resp.OpcRequestId, wrClient, dbcs)
 	if err == nil {
 		for _, dbWork := range dbWorks {
 			//status := checkValue(dbcs, dbWork.Id)
@@ -1418,11 +2144,11 @@ func SetDBCSStatus(dbClient database.DatabaseClient, dbcs *databasev4.DbcsSystem
 	dbcs.Status.DbInfo = dbcs.Status.DbInfo[:0]
 	dbStatus := databasev4.DbStatus{}
 
-	dbHomes, err := getDbHomeList(dbClient, dbcs)
+	dbHomes, err := getDbHomeList(compartmentId, dbClient, dbcs)
 
 	if err == nil {
 		for _, dbHome := range dbHomes {
-			dbDetails, err := getDList(dbClient, dbcs, dbHome.Id)
+			dbDetails, err := getDList(compartmentId, dbClient, dbcs, dbHome.Id)
 			for _, dbDetail := range dbDetails {
 				if err == nil {
 					dbStatus.Id = dbDetail.Id
@@ -1430,6 +2156,13 @@ func SetDBCSStatus(dbClient database.DatabaseClient, dbcs *databasev4.DbcsSystem
 					dbStatus.DbName = *dbDetail.DbName
 					dbStatus.DbUniqueName = *dbDetail.DbUniqueName
 					dbStatus.DbWorkload = *dbDetail.DbWorkload
+					if dbDetail.ConnectionStrings != nil &&
+						dbDetail.ConnectionStrings.CdbDefault != nil &&
+						dbDetail.ConnectionStrings.CdbIpDefault != nil {
+
+						dbStatus.ConnectionString = *dbDetail.ConnectionStrings.CdbDefault
+						dbStatus.ConnectionStringLong = *dbDetail.ConnectionStrings.CdbIpDefault
+					}
 				}
 				dbcs.Status.DbInfo = append(dbcs.Status.DbInfo, dbStatus)
 				dbStatus = databasev4.DbStatus{}
@@ -1439,14 +2172,14 @@ func SetDBCSStatus(dbClient database.DatabaseClient, dbcs *databasev4.DbcsSystem
 	return nil
 }
 
-func getDbHomeList(dbClient database.DatabaseClient, dbcs *databasev4.DbcsSystem) ([]database.DbHomeSummary, error) {
+func getDbHomeList(compartmentId string, dbClient database.DatabaseClient, dbcs *databasev4.DbcsSystem) ([]database.DbHomeSummary, error) {
 
 	var items []database.DbHomeSummary
 	dbcsId := *dbcs.Spec.Id
 
 	dbcsReq := database.ListDbHomesRequest{
 		DbSystemId:    &dbcsId,
-		CompartmentId: &dbcs.Spec.DbSystem.CompartmentId,
+		CompartmentId: &compartmentId,
 	}
 
 	resp, err := dbClient.ListDbHomes(context.TODO(), dbcsReq)
@@ -1457,13 +2190,13 @@ func getDbHomeList(dbClient database.DatabaseClient, dbcs *databasev4.DbcsSystem
 	return resp.Items, nil
 }
 
-func getDList(dbClient database.DatabaseClient, dbcs *databasev4.DbcsSystem, dbHomeId *string) ([]database.DatabaseSummary, error) {
+func getDList(compartmentId string, dbClient database.DatabaseClient, dbcs *databasev4.DbcsSystem, dbHomeId *string) ([]database.DatabaseSummary, error) {
 
 	dbcsId := *dbcs.Spec.Id
 	var items []database.DatabaseSummary
 	dbcsReq := database.ListDatabasesRequest{
 		SystemId:      &dbcsId,
-		CompartmentId: &dbcs.Spec.DbSystem.CompartmentId,
+		CompartmentId: &compartmentId,
 		DbHomeId:      dbHomeId,
 	}
 
@@ -1517,6 +2250,12 @@ func ValidateSpex(logger logr.Logger, kubeClient client.Client, dbClient databas
 	}
 	// Check if last Successful update nil or not
 	if lastSuccSpec == nil {
+		if dbcs == nil {
+			return fmt.Errorf("DbcsSystem is nil")
+		}
+		if dbcs.Spec.DbSystem == nil {
+			return fmt.Errorf("DbSystem spec is missing in DbcsSystem %s", dbcs.Name)
+		}
 		if dbcs.Spec.DbSystem.DbVersion != "" {
 			_, err = GetDbLatestVersion(dbClient, dbcs, "")
 			if err != nil {
@@ -1565,3 +2304,278 @@ func ValidateSpex(logger logr.Logger, kubeClient client.Client, dbClient databas
 	return nil
 
 }
+
+func CreateDbcsBackup(
+	compartmentId string,
+	logger logr.Logger,
+	dbClient database.DatabaseClient,
+	dbcs *databasev4.DbcsSystem,
+	kubeClient client.Client,
+	nwClient core.VirtualNetworkClient,
+	wrClient workrequests.WorkRequestClient,
+) (string, error) {
+
+	ctx := context.TODO()
+
+	// Safety check: ensure DB system OCID is set
+	if dbcs.Spec.Id == nil || *dbcs.Spec.Id == "" {
+		return "", fmt.Errorf("cannot create backup: DbcsSystem ID is not set")
+	}
+	// Get DB Home Details
+	listDbHomeRsp, err := GetListDbHomeRsp(logger, dbClient, dbcs)
+	if err != nil {
+		logger.Info("Error Occurred while getting List of DBHomes")
+		return "", err
+	}
+	dbHomeId := listDbHomeRsp.Items[0].Id
+	// Retrieve the list of databases in the DB system
+	listDbsRequest := database.ListDatabasesRequest{
+		CompartmentId: &compartmentId,
+		SystemId:      dbcs.Spec.Id,
+		DbHomeId:      dbHomeId,
+	}
+
+	listDbsResponse, err := dbClient.ListDatabases(ctx, listDbsRequest)
+	if err != nil {
+		logger.Error(err, "Failed to list databases for DB system", "DbcsSystemID", *dbcs.Spec.Id)
+		return "", err
+	}
+
+	if len(listDbsResponse.Items) == 0 {
+		return "", fmt.Errorf("no databases found in DB system with ID: %s", *dbcs.Spec.Id)
+	}
+
+	// Assume the first database is the one to back up (customize as needed)
+	databaseId := listDbsResponse.Items[0].Id
+
+	// Generate a unique display name for the backup
+	// Determine the backup name
+	var backupPrefixName string
+	if dbcs.Spec.DbSystem.BackupDisplayName != "" {
+		backupPrefixName = dbcs.Spec.DbSystem.BackupDisplayName
+	} else {
+		backupPrefixName = "backup"
+	}
+	backupName := fmt.Sprintf("%s-%s", backupPrefixName, time.Now().Format("20060102-150405"))
+
+	// Check if backup with prefix already exists
+	listBackupsReq := database.ListBackupsRequest{
+		DatabaseId: databaseId,
+	}
+	listBackupsResp, err := dbClient.ListBackups(ctx, listBackupsReq)
+	if err != nil {
+		logger.Error(err, "Failed to list backups")
+		return "", err
+	}
+
+	// Check if a backup with same name already tracked in status
+	for _, b := range dbcs.Status.Backups {
+		if strings.HasPrefix(b.Name, backupPrefixName) {
+			logger.Info("Backup already tracked in status", "BackupName", b.Name)
+			return b.BackupID, nil
+		}
+	}
+
+	// Compare against latest backup stored in status or name prefix
+	for _, backup := range listBackupsResp.Items {
+		if backup.DisplayName != nil && strings.HasPrefix(*backup.DisplayName, backupPrefixName) {
+			logger.Info("Backup already exists, skipping new backup creation", "ExistingBackup", *backup.DisplayName)
+			return *backup.Id, nil
+		}
+	}
+
+	// Build the CreateBackupRequest
+	createBackupReq := database.CreateBackupRequest{
+		CreateBackupDetails: database.CreateBackupDetails{
+			DatabaseId:  databaseId,
+			DisplayName: common.String(backupName),
+		},
+	}
+
+	logger.Info("Creating manual backup for database", "DatabaseId", *databaseId, "BackupName", backupName)
+
+	// Change the phase to "Updating"
+	if statusErr := SetLifecycleState(compartmentId, kubeClient, dbClient, dbcs, databasev4.Update, nwClient, wrClient); statusErr != nil {
+		return "", statusErr
+	}
+	// Send the request
+	createBackupResp, err := dbClient.CreateBackup(ctx, createBackupReq)
+	if err != nil {
+		logger.Error(err, "Failed to create backup", "DatabaseId", *databaseId)
+		// Change the phase to "Failed"
+		if statusErr := SetLifecycleState(compartmentId, kubeClient, dbClient, dbcs, databasev4.Failed, nwClient, wrClient); statusErr != nil {
+			return "", statusErr
+		}
+		return "", err
+	}
+
+	logger.Info("Backup creation initiated", "BackupID", *createBackupResp.Backup.Id)
+	backupID := createBackupResp.Backup.Id
+	// ---- Wait for backup to complete ----
+	logger.Info("Waiting for backup to reach ACTIVE state...")
+
+	waitDuration := 240 * time.Minute
+	pollInterval := 30 * time.Second
+	timeout := time.After(waitDuration)
+	ticker := time.NewTicker(pollInterval)
+	defer ticker.Stop()
+
+	for {
+		select {
+		case <-timeout:
+			return *backupID, fmt.Errorf("timeout: backup %s did not complete within %v", *backupID, waitDuration)
+		case <-ticker.C:
+			// Get current backup status
+			getBackupReq := database.GetBackupRequest{
+				BackupId: backupID,
+			}
+			getBackupResp, err := dbClient.GetBackup(ctx, getBackupReq)
+			if err != nil {
+				logger.Error(err, "Failed to fetch backup status", "BackupID", *backupID)
+				continue
+			}
+
+			lifecycle := getBackupResp.Backup.LifecycleState
+			logger.Info("Polling backup status", "BackupID", *backupID, "State", lifecycle)
+
+			if lifecycle == database.BackupLifecycleStateActive {
+				logger.Info("Backup completed successfully", "BackupID", *backupID)
+				// After successful creation and backup becomes ACTIVE
+				listBackupsReq := database.ListBackupsRequest{
+					DatabaseId: databaseId,
+				}
+
+				listBackupsResp, err := dbClient.ListBackups(ctx, listBackupsReq)
+				if err != nil {
+					logger.Error(err, "Failed to list backups")
+					return *backupID, err
+				}
+
+				// Reset and populate status.Backups with up-to-date backup list
+				dbcs.Status.Backups = []databasev4.BackupInfo{}
+				for _, b := range listBackupsResp.Items {
+					if b.Id != nil && b.DisplayName != nil && b.TimeStarted != nil {
+						dbcs.Status.Backups = append(dbcs.Status.Backups, databasev4.BackupInfo{
+							Name:      *b.DisplayName,
+							BackupID:  *b.Id,
+							Timestamp: b.TimeStarted.Format(time.RFC3339),
+						})
+					}
+				}
+				// Change the phase to "Available"
+				if statusErr := SetLifecycleState(compartmentId, kubeClient, dbClient, dbcs, databasev4.Available, nwClient, wrClient); statusErr != nil {
+					return "", statusErr
+				}
+				return *backupID, nil
+			}
+
+			if lifecycle == database.BackupLifecycleStateFailed {
+				return *backupID, fmt.Errorf("backup failed: BackupID=%s", *backupID)
+			}
+		}
+	}
+
+}
+
+func RestoreDbcsToPoint(
+	compartmentId string,
+	logger logr.Logger,
+	dbClient database.DatabaseClient,
+	dbcs *databasev4.DbcsSystem,
+	restoreOpt databasev4.RestoreConfig,
+	kubeClient client.Client,
+	nwClient core.VirtualNetworkClient,
+	wrClient workrequests.WorkRequestClient,
+) error {
+	ctx := context.TODO()
+
+	if dbcs.Spec.Id == nil || *dbcs.Spec.Id == "" {
+		return fmt.Errorf("cannot restore: DbcsSystem ID is not set")
+	}
+
+	// Get DB Home
+	dbHomeResp, err := GetListDbHomeRsp(logger, dbClient, dbcs)
+	if err != nil || len(dbHomeResp.Items) == 0 {
+		return fmt.Errorf("no DB Homes found for DB system: %v", err)
+	}
+	dbHomeId := dbHomeResp.Items[0].Id
+
+	// Get DB
+	listDbsResp, err := dbClient.ListDatabases(ctx, database.ListDatabasesRequest{
+		CompartmentId: &compartmentId,
+		SystemId:      dbcs.Spec.Id,
+		DbHomeId:      dbHomeId,
+	})
+	if err != nil || len(listDbsResp.Items) == 0 {
+		return fmt.Errorf("no databases found to restore")
+	}
+	dbID := listDbsResp.Items[0].Id
+
+	// Change the phase to "Updating"
+	logger.Info("Changing State to Updating for ", "DatabaseID", *dbID, "RestoreOption", restoreOpt)
+	if statusErr := SetLifecycleState(compartmentId, kubeClient, dbClient, dbcs, databasev4.Update, nwClient, wrClient); statusErr != nil {
+		return statusErr
+	}
+
+	restoreDetails := database.RestoreDatabaseDetails{}
+
+	if restoreOpt.Latest {
+		restoreDetails.Latest = common.Bool(true)
+	}
+	if restoreOpt.Timestamp != nil {
+		restoreDetails.Timestamp = &common.SDKTime{Time: restoreOpt.Timestamp.Time}
+	}
+	if restoreOpt.SCN != nil {
+		restoreDetails.DatabaseSCN = restoreOpt.SCN
+	}
+
+	restoreReq := database.RestoreDatabaseRequest{
+		DatabaseId:             dbID,
+		RestoreDatabaseDetails: restoreDetails,
+	}
+
+	logger.Info("Initiating restore operation", "DatabaseID", *dbID, "RestoreOption", restoreOpt)
+
+	restoreResp, err := dbClient.RestoreDatabase(ctx, restoreReq)
+	if err != nil {
+		logger.Error(err, "Failed to restore database")
+		SetLifecycleState(compartmentId, kubeClient, dbClient, dbcs, databasev4.Failed, nwClient, wrClient)
+		return err
+	}
+
+	// Poll for completion
+	workRequestId := restoreResp.OpcWorkRequestId
+	logger.Info("Restore initiated", "WorkRequestID", *workRequestId)
+
+	timeout := time.After(240 * time.Minute)
+	ticker := time.NewTicker(30 * time.Second)
+	defer ticker.Stop()
+
+	for {
+		select {
+		case <-timeout:
+			return fmt.Errorf("restore timed out after 60 minutes")
+		case <-ticker.C:
+			dbStateResp, err := dbClient.GetDatabase(ctx, database.GetDatabaseRequest{DatabaseId: dbID})
+			if err != nil {
+				logger.Error(err, "Polling error")
+				continue
+			}
+			state := dbStateResp.Database.LifecycleState
+			logger.Info("Polling Restore Operation", "DatabaseID", *dbID, "State", state)
+
+			if state == database.DatabaseLifecycleStateAvailable {
+				logger.Info("Database restore completed", "DatabaseID", *dbID)
+				// Change the phase to "Available"
+				if statusErr := SetLifecycleState(compartmentId, kubeClient, dbClient, dbcs, databasev4.Available, nwClient, wrClient); statusErr != nil {
+					return statusErr
+				}
+				return nil
+			} else if state == database.DatabaseLifecycleStateRestoreFailed {
+				return fmt.Errorf("restore failed: DatabaseID=%s", *dbID)
+			} else if state == database.DatabaseLifecycleStateFailed {
+				return fmt.Errorf("restore failed: DatabaseID=%s", *dbID)
+			}
+		}
+	}
+}
diff --git a/commons/dbcssystem/dcommon.go b/commons/dbcssystem/dcommon.go
index beaa7c38..bef676d9 100644
--- a/commons/dbcssystem/dcommon.go
+++ b/commons/dbcssystem/dcommon.go
@@ -52,14 +52,20 @@ import (
 	databasev4 "github.com/oracle/oracle-database-operator/apis/database/v4"
 )
 
-func GetDbHomeDetails(kubeClient client.Client, dbClient database.DatabaseClient, dbcs *databasev4.DbcsSystem) (database.CreateDbHomeDetails, error) {
+func GetDbHomeDetails(kubeClient client.Client, dbClient database.DatabaseClient, dbcs *databasev4.DbcsSystem, id string) (database.CreateDbHomeDetails, error) {
 
 	dbHomeDetails := database.CreateDbHomeDetails{}
-
 	dbHomeReq, err := GetDbLatestVersion(dbClient, dbcs, "")
 	if err != nil {
 		return database.CreateDbHomeDetails{}, err
 	}
+	if dbcs.Spec.Id != nil {
+		dbHomeReq, err = GetDbLatestVersion(dbClient, dbcs, *dbcs.Spec.Id)
+		if err != nil {
+			return database.CreateDbHomeDetails{}, err
+		}
+	}
+
 	dbHomeDetails.DbVersion = &dbHomeReq
 
 	dbDetailsReq, err := GetDBDetails(kubeClient, dbcs)
@@ -180,16 +186,18 @@ func GetDBDetails(kubeClient client.Client, dbcs *databasev4.DbcsSystem) (databa
 		dbDetails.PdbName = &dbcs.Spec.DbSystem.PdbName
 	}
 
-	//backup configuration
-	if dbcs.Spec.DbSystem.DbBackupConfig.AutoBackupEnabled != nil {
-		if *dbcs.Spec.DbSystem.DbBackupConfig.AutoBackupEnabled {
-			backupConfig, err := getBackupConfig(kubeClient, dbcs)
-			if err != nil {
-				return dbDetails, err
-			} else {
-				dbDetails.DbBackupConfig = &backupConfig
-			}
+	backupCfg := dbcs.Spec.DbSystem.DbBackupConfig
+	if dbcs != nil &&
+		dbcs.Spec.DbSystem != nil &&
+		backupCfg != nil &&
+		backupCfg.AutoBackupEnabled != nil &&
+		*backupCfg.AutoBackupEnabled {
+
+		backupConfig, err := getBackupConfig(kubeClient, dbcs)
+		if err != nil {
+			return dbDetails, err
 		}
+		dbDetails.DbBackupConfig = &backupConfig
 	}
 
 	return dbDetails, nil
@@ -383,10 +391,10 @@ func GetDBbDiskRedundancy(
 	return database.LaunchDbSystemDetailsDiskRedundancyNormal
 }
 
-func getWorkRequest(workId string, wrClient workrequests.WorkRequestClient, dbcs *databasev4.DbcsSystem) ([]workrequests.WorkRequestSummary, error) {
+func getWorkRequest(compartmentId string, workId string, wrClient workrequests.WorkRequestClient, dbcs *databasev4.DbcsSystem) ([]workrequests.WorkRequestSummary, error) {
 	var workReq []workrequests.WorkRequestSummary
 
-	req := workrequests.ListWorkRequestsRequest{CompartmentId: &dbcs.Spec.DbSystem.CompartmentId, OpcRequestId: &workId, ResourceId: dbcs.Spec.Id}
+	req := workrequests.ListWorkRequestsRequest{CompartmentId: &compartmentId, OpcRequestId: &workId, ResourceId: dbcs.Spec.Id}
 	resp, err := wrClient.ListWorkRequests(context.Background(), req)
 	if err != nil {
 		return workReq, err
diff --git a/commons/k8s/create.go b/commons/k8s/create.go
index cd836af7..82e100a1 100644
--- a/commons/k8s/create.go
+++ b/commons/k8s/create.go
@@ -94,6 +94,9 @@ func CreateAutonomousBackup(kubeClient client.Client,
 				K8sAdb: dbv4.K8sAdbSpec{
 					Name: common.String(ownerAdb.Name),
 				},
+				OciAdb: dbv4.OciAdbSpec{
+					Id: backupSummary.AutonomousDatabaseId,
+				},
 			},
 			DisplayName:                  backupSummary.DisplayName,
 			AutonomousDatabaseBackupOCID: backupSummary.Id,
diff --git a/commons/k8s/utils.go b/commons/k8s/utils.go
index 37ec1a3f..0d6ea83b 100644
--- a/commons/k8s/utils.go
+++ b/commons/k8s/utils.go
@@ -84,3 +84,11 @@ func Patch(kubeClient client.Client, obj client.Object, path string, value inter
 	patch := client.RawPatch(types.JSONPatchType, payloadBytes)
 	return kubeClient.Patch(context.TODO(), obj, patch)
 }
+
+func Int64Pointer(d int64) *int64 {
+	return &d
+}
+
+func BoolPointer(d bool) *bool {
+	return &d
+}
diff --git a/commons/multitenant/lrest/common.go b/commons/multitenant/lrest/common.go
index e72e85b0..51194d13 100644
--- a/commons/multitenant/lrest/common.go
+++ b/commons/multitenant/lrest/common.go
@@ -39,7 +39,9 @@
 package lrest
 
 import (
+	"crypto/rand"
 	"crypto/rsa"
+	"crypto/sha256"
 	"crypto/x509"
 	"encoding/base64"
 	"encoding/pem"
@@ -52,7 +54,7 @@ import (
 	ctrl "sigs.k8s.io/controller-runtime"
 )
 
-func CommonDecryptWithPrivKey(Key string, Buffer string, req ctrl.Request) (string, error) {
+func CommonDecryptWithPrivKey2(Key string, Buffer string, req ctrl.Request) (string, error) {
 
 	Debug := 0
 	block, _ := pem.Decode([]byte(Key))
@@ -73,7 +75,7 @@ func CommonDecryptWithPrivKey(Key string, Buffer string, req ctrl.Request) (stri
 		return "", err
 	}
 
-	decryptedB, err := rsa.DecryptPKCS1v15(nil, pkcs8PrivateKey.(*rsa.PrivateKey), encString64)
+	decryptedB, err := rsa.DecryptOAEP(sha256.New(), rand.Reader, pkcs8PrivateKey.(*rsa.PrivateKey), encString64, nil)
 	if err != nil {
 		fmt.Printf("Failed to decrypt string %s\n", err.Error())
 		return "", err
@@ -111,3 +113,173 @@ func ParseConfigMapData(cfgmap *corev1.ConfigMap) []string {
 	return tokens
 
 }
+
+// * STATE TABLE *//
+const (
+	PDBCRT = 0x00000001 /* Create pdb */
+	PDBOPN = 0x00000002 /* Open pdb read write */
+	PDBCLS = 0x00000004 /* Close pdb */
+	PDBDIC = 0x00000008 /* Drop pdb include datafiles */
+	OCIHDL = 0x00000010 /* OCI handle allocation */
+	OCICON = 0x00000020 /* Rdbms connection */
+	FNALAZ = 0x00000040 /* Finalizer configured */
+	PDBUPL = 0x00000080 /* Unplug pdb  */
+	PDBPLG = 0x00000100 /* plug pdb */
+	/* Error section */
+	PDBCRE = 0x00001000 /* PDB creation error */
+	PDBOPE = 0x00002000 /* PDB open error */
+	PDBCLE = 0x00004000 /* PDB close error */
+	OCIHDE = 0x00008000 /* Allocation Handle Error */
+	OCICOE = 0x00010000 /* CDD connection Error */
+	FNALAE = 0x00020000
+	PDBUPE = 0x00040000 /* Unplug Error */
+	PDBPLE = 0x00080000 /* Plug Error */
+	PDBPLW = 0x00100000 /* Plug Warining */
+	/* Autodiscover */
+	PDBAUT = 0x01000000 /* Autodisover */
+)
+
+// * CONFIG MAP STATUS * //
+const (
+	MPAPPL = 0x00000001 /* The map config has been applyed */
+	MPSYNC = 0x00000002 /* The map config is in sync with v$parameters where is default=flase */
+	MPEMPT = 0x00000004 /* The map is empty - not specify */
+	MPWARN = 0x00000008 /* Map applied with warnings */
+	MPINIT = 0x00000010 /* Config map init */
+	SPARE3 = 0x00000020
+)
+
+func ParseTnsAlias2(tns *string, lrpdbsrv *string) {
+	fmt.Printf("Analyzing string [%s]\n", *tns)
+	fmt.Printf("Relacing  srv [%s]\n", *lrpdbsrv)
+	var swaptns string
+
+	if strings.Contains(strings.ToUpper(*tns), "SERVICE_NAME") == false {
+		fmt.Print("Cannot generate tns alias for pdb")
+		return
+	}
+
+	if strings.Contains(strings.ToUpper(*tns), "ORACLE_SID") == true {
+		fmt.Print("Cannot generate tns alias for pdb")
+		return
+	}
+
+	*tns = strings.ReplaceAll(*tns, " ", "")
+
+	swaptns = fmt.Sprintf("SERVICE_NAME=%s", *lrpdbsrv)
+	tnsreg := regexp.MustCompile(`SERVICE_NAME=\w+`)
+	*tns = tnsreg.ReplaceAllString(*tns, swaptns)
+
+	fmt.Printf("Newstring [%s]\n", *tns)
+
+}
+
+func Bid(bitmask int, bitval int) int {
+	bitmask ^= ((bitval) & (bitmask))
+	return bitmask
+}
+
+func Bit(bitmask int, bitval int) bool {
+	if ((bitmask) & (bitval)) != 0 {
+		return true
+	} else {
+		return false
+	}
+}
+
+func Bis(bitmask int, bitval int) int {
+	bitmask = ((bitmask) | (bitval))
+	return bitmask
+}
+
+func Bitmaskprint(bitmask int) string {
+	BitRead := "|"
+	if Bit(bitmask, PDBCRT) {
+		BitRead = strings.Join([]string{BitRead, "PDBCRT|"}, "")
+	}
+	if Bit(bitmask, PDBOPN) {
+		BitRead = strings.Join([]string{BitRead, "PDBOPN|"}, "")
+	}
+	if Bit(bitmask, PDBCLS) {
+		BitRead = strings.Join([]string{BitRead, "PDBCLS|"}, "")
+	}
+	if Bit(bitmask, PDBDIC) {
+		BitRead = strings.Join([]string{BitRead, "PDBDIC|"}, "")
+	}
+	if Bit(bitmask, OCIHDL) {
+		BitRead = strings.Join([]string{BitRead, "OCIHDL|"}, "")
+	}
+	if Bit(bitmask, OCICON) {
+		BitRead = strings.Join([]string{BitRead, "OCICON|"}, "")
+	}
+	if Bit(bitmask, FNALAZ) {
+		BitRead = strings.Join([]string{BitRead, "FNALAZ|"}, "")
+	}
+	if Bit(bitmask, PDBUPL) {
+		BitRead = strings.Join([]string{BitRead, "PDBUPL|"}, "")
+	}
+	if Bit(bitmask, PDBPLG) {
+		BitRead = strings.Join([]string{BitRead, "PDBPLG|"}, "")
+	}
+
+	if Bit(bitmask, PDBCRE) {
+		BitRead = strings.Join([]string{BitRead, "PDBCRE|"}, "")
+	}
+	if Bit(bitmask, PDBOPE) {
+		BitRead = strings.Join([]string{BitRead, "PDBOPE|"}, "")
+	}
+	if Bit(bitmask, PDBCLE) {
+		BitRead = strings.Join([]string{BitRead, "PDBCLE|"}, "")
+	}
+	if Bit(bitmask, OCIHDE) {
+		BitRead = strings.Join([]string{BitRead, "OCIHDE|"}, "")
+	}
+	if Bit(bitmask, OCICOE) {
+		BitRead = strings.Join([]string{BitRead, "OCICOE|"}, "")
+	}
+	if Bit(bitmask, FNALAE) {
+		BitRead = strings.Join([]string{BitRead, "FNALAE|"}, "")
+	}
+	if Bit(bitmask, PDBUPE) {
+		BitRead = strings.Join([]string{BitRead, "PDBUPE|"}, "")
+	}
+	if Bit(bitmask, PDBPLE) {
+		BitRead = strings.Join([]string{BitRead, "PDBPLE|"}, "")
+	}
+	if Bit(bitmask, PDBPLW) {
+		BitRead = strings.Join([]string{BitRead, "PDBPLW|"}, "")
+	}
+	if Bit(bitmask, PDBAUT) {
+		BitRead = strings.Join([]string{BitRead, "PDBAUT|"}, "")
+	}
+
+	BitRead = fmt.Sprintf("[%d]%s", bitmask, BitRead)
+	return BitRead
+}
+
+func CMBitmaskprint(bitmask int) string {
+
+	BitRead := "|"
+	/*** Bit mask for config map ***/
+	if Bit(bitmask, MPAPPL) {
+		BitRead = strings.Join([]string{BitRead, "MPAPPL|"}, "")
+	}
+	if Bit(bitmask, MPSYNC) {
+		BitRead = strings.Join([]string{BitRead, "MPSYNC|"}, "")
+	}
+	if Bit(bitmask, MPEMPT) {
+		BitRead = strings.Join([]string{BitRead, "MPEMPT|"}, "")
+	}
+	if Bit(bitmask, MPWARN) {
+		BitRead = strings.Join([]string{BitRead, "MPWARN|"}, "")
+	}
+	if Bit(bitmask, MPINIT) {
+		BitRead = strings.Join([]string{BitRead, "MPINIT|"}, "")
+	}
+	if Bit(bitmask, SPARE3) {
+		BitRead = strings.Join([]string{BitRead, "SPARE3|"}, "")
+	}
+
+	BitRead = fmt.Sprintf("[%d]%s", bitmask, BitRead)
+	return BitRead
+}
diff --git a/commons/observability/constants.go b/commons/observability/constants.go
index 45f06e49..9146fde4 100644
--- a/commons/observability/constants.go
+++ b/commons/observability/constants.go
@@ -9,6 +9,13 @@ const (
 	DefaultValue = "DEFAULT"
 )
 
+// Signals
+const (
+	VaultUsernameInUse = "VAULT_USERNAME"
+	VaultPasswordInUse = "VAULT_PASSWORD"
+	VaultIDProvided    = "VAULT_ID_PROVIDED"
+)
+
 // Observability Status
 const (
 	StatusObservabilityPending v4.StatusEnum = "PENDING"
@@ -29,61 +36,64 @@ const (
 	DefaultDbUserKey                 = "username"
 	DefaultDBPasswordKey             = "password"
 	DefaultDBConnectionStringKey     = "connection"
-	DefaultConfigVolumeString        = "config-volume"
+	DefaultConfigVolumeString        = "metrics-volume"
 	DefaultLogFilename               = "alert.log"
 	DefaultLogVolumeString           = "log-volume"
+	DefaultLogDestination            = "/log"
+	DefaultConfigMountPath           = "/config"
+	DefaultConfigVolumeName          = "config-volume"
 	DefaultWalletVolumeString        = "creds"
-	DefaultOCIPrivateKeyVolumeString = "ocikey"
+	DefaultOCIConfigVolumeName       = "oci-config-volume"
 	DefaultOCIConfigFingerprintKey   = "fingerprint"
 	DefaultOCIConfigRegionKey        = "region"
 	DefaultOCIConfigTenancyKey       = "tenancy"
 	DefaultOCIConfigUserKey          = "user"
-
-	DefaultExporterImage                 = "container-registry.oracle.com/database/observability-exporter:1.5.2"
-	DefaultServicePort                   = 9161
-	DefaultServiceTargetPort             = 9161
-	DefaultAppPort                       = 8080
-	DefaultPrometheusPort                = "metrics"
-	DefaultServiceType                   = "ClusterIP"
-	DefaultReplicaCount                  = 1
-	DefaultExporterConfigMountRootPath   = "/oracle/observability"
-	DefaultOracleHome                    = "/lib/oracle/21/client64/lib"
-	DefaultOracleTNSAdmin                = DefaultOracleHome + "/network/admin"
-	DefaultExporterConfigmapFilename     = "config.toml"
-	DefaultVaultPrivateKeyRootPath       = "/oracle/config"
-	DefaultPrivateKeyFileKey             = "privatekey"
-	DefaultPrivateKeyFileName            = "private.pem"
-	DefaultVaultPrivateKeyAbsolutePath   = DefaultVaultPrivateKeyRootPath + "/" + DefaultPrivateKeyFileName
-	DefaultExporterConfigmapAbsolutePath = DefaultExporterConfigMountRootPath + "/" + DefaultExporterConfigmapFilename
-)
-
-// labeling
-const (
-	DefaultSelectorLabelKey = "app"
-	DefaultReleaseLabelKey  = "release"
-)
-
-// default resource
-const (
-	DefaultExporterContainerName = "observability-exporter"
+	DefaultAzureConfigTenantId       = "tenantId"
+	DefaultAzureConfigClientId       = "clientId"
+	DefaultAzureConfigClientSecret   = "clientSecret"
+	DefaultEnvPasswordSuffix         = "_PASSWORD"
+	DefaultEnvUserSuffix             = "_USERNAME"
+	DefaultEnvConnectionStringSuffix = "_CONNECT_STRING"
+
+	DefaultExporterImage               = "container-registry.oracle.com/database/observability-exporter:2.0.2"
+	DefaultServicePort                 = 9161
+	DefaultServiceTargetPort           = 9161
+	DefaultAppPort                     = 8080
+	DefaultPrometheusPort              = "metrics"
+	DefaultServiceType                 = "ClusterIP"
+	DefaultReplicaCount                = 1
+	DefaultExporterConfigMountRootPath = "/oracle/observability"
+	DefaultOracleHome                  = "/lib/oracle/21/client64/lib"
+	DefaultOracleTNSAdmin              = DefaultOracleHome + "/network/admin"
+	DefaultOCIConfigPath               = "/.oci"
+	DefaultPrivateKeyFileName          = "private.pem"
+	DefaultVaultPrivateKeyAbsolutePath = DefaultOCIConfigPath + "/" + DefaultPrivateKeyFileName
+	DefaultExporterContainerName       = "exporter"
+	DefaultSelectorLabelKey            = "app"
 )
 
 // Known environment variables
 const (
 	EnvVarOracleHome                   = "ORACLE_HOME"
-	EnvVarDataSourceUser               = "DB_USERNAME"
+	EnvVarDataSourceUsername           = "DB_USERNAME"
 	EnvVarDataSourcePassword           = "DB_PASSWORD"
 	EnvVarDataSourceConnectString      = "DB_CONNECT_STRING"
 	EnvVarDataSourceLogDestination     = "LOG_DESTINATION"
-	EnvVarDataSourcePwdVaultSecretName = "VAULT_SECRET_NAME"
-	EnvVarDataSourcePwdVaultId         = "VAULT_ID"
+	EnvVarDataSourcePwdVaultSecretName = "OCI_VAULT_SECRET_NAME"
+	EnvVarDataSourcePwdVaultId         = "OCI_VAULT_ID"
 	EnvVarCustomConfigmap              = "CUSTOM_METRICS"
 	EnvVarTNSAdmin                     = "TNS_ADMIN"
-	EnvVarVaultTenancyOCID             = "vault_tenancy_ocid"
-	EnvVarVaultUserOCID                = "vault_user_ocid"
-	EnvVarVaultFingerprint             = "vault_fingerprint"
-	EnvVarVaultPrivateKeyPath          = "vault_private_key_path"
-	EnvVarVaultRegion                  = "vault_region"
+	EnvVarOCIVaultTenancyOCID          = "OCI_CLI_TENANCY"
+	EnvVarOCIVaultUserOCID             = "OCI_CLI_USER"
+	EnvVarOCIVaultFingerprint          = "OCI_CLI_FINGERPRINT"
+	EnvVarOCIVaultPrivateKeyPath       = "OCI_CLI_KEY_FILE"
+	EnvVarOCIVaultRegion               = "OCI_CLI_REGION"
+	EnvVarAzureVaultPasswordSecret     = "AZ_VAULT_PASSWORD_SECRET"
+	EnvVarAzureVaultUsernameSecret     = "AZ_VAULT_USERNAME_SECRET"
+	EnvVarAzureVaultID                 = "AZ_VAULT_ID"
+	EnvVarAzureTenantID                = "AZURE_TENANT_ID"
+	EnvVarAzureClientID                = "AZURE_CLIENT_ID"
+	EnvVarAzureClientSecret            = "AZURE_CLIENT_SECRET"
 )
 
 // Positive ConditionTypes
@@ -165,10 +175,10 @@ const (
 	EventMessageFailedCRRetrieval = "Encountered error retrieving databaseObserver instance"
 
 	EventReasonSpecError                                 = "DeploymentSpecValidationFailed"
-	EventMessageSpecErrorDBPasswordSecretMissing         = "Spec validation failed due to required dbPassword secret not found"
+	EventMessageSpecErrorConfigMapSpecifiedMissing       = "Spec validation failed due to referenced configMap not found"
 	EventMessageSpecErrorDBConnectionStringSecretMissing = "Spec validation failed due to required dbConnectionString secret not found"
 	EventMessageSpecErrorDBPUserSecretMissing            = "Spec validation failed due to dbUser secret not found"
-	EventMessageSpecErrorConfigmapMissing                = "Spec validation failed due to custom config configmap not found"
+	EventMessageSpecErrorDBPwdSecretMissing              = "Spec validation failed due to dbPassword secret not found"
 	EventMessageSpecErrorDBWalletSecretMissing           = "Spec validation failed due to provided dbWallet secret not found"
 
 	EventReasonUpdateSucceeded = "ExporterDeploymentUpdated"
diff --git a/commons/observability/utils.go b/commons/observability/utils.go
index 6eccb261..693c9718 100644
--- a/commons/observability/utils.go
+++ b/commons/observability/utils.go
@@ -11,21 +11,19 @@ import (
 
 func AddSidecarContainers(a *api.DatabaseObserver, listing *[]corev1.Container) {
 
-	if containers := a.Spec.ExporterSidecars; len(containers) > 0 {
+	if containers := a.Spec.Sidecar.Containers; len(containers) > 0 {
 		for _, container := range containers {
 			*listing = append(*listing, container)
 		}
-
 	}
 }
 
 func AddSidecarVolumes(a *api.DatabaseObserver, listing *[]corev1.Volume) {
 
-	if volumes := a.Spec.SideCarVolumes; len(volumes) > 0 {
+	if volumes := a.Spec.Sidecar.Volumes; len(volumes) > 0 {
 		for _, v := range volumes {
 			*listing = append(*listing, v)
 		}
-
 	}
 }
 
@@ -67,7 +65,7 @@ func GetSelectorLabel(a *api.DatabaseObserver) map[string]string {
 func GetExporterVersion(a *api.DatabaseObserver) string {
 	appVersion := "latest"
 	whichImage := DefaultExporterImage
-	if img := a.Spec.Exporter.Deployment.ExporterImage; img != "" {
+	if img := a.Spec.Deployment.ExporterImage; img != "" {
 		whichImage = img
 	}
 
@@ -80,7 +78,7 @@ func GetExporterVersion(a *api.DatabaseObserver) string {
 
 // GetExporterArgs retrieves args
 func GetExporterArgs(a *api.DatabaseObserver) []string {
-	if args := a.Spec.Exporter.Deployment.ExporterArgs; args != nil || len(args) > 0 {
+	if args := a.Spec.Deployment.ExporterArgs; args != nil || len(args) > 0 {
 		return args
 	}
 	return nil
@@ -88,7 +86,7 @@ func GetExporterArgs(a *api.DatabaseObserver) []string {
 
 // GetExporterDeploymentSecurityContext retrieves security context for container
 func GetExporterDeploymentSecurityContext(a *api.DatabaseObserver) *corev1.SecurityContext {
-	if sc := a.Spec.Exporter.Deployment.SecurityContext; sc != nil {
+	if sc := a.Spec.Deployment.SecurityContext; sc != nil {
 		return sc
 	}
 	return &corev1.SecurityContext{}
@@ -96,7 +94,7 @@ func GetExporterDeploymentSecurityContext(a *api.DatabaseObserver) *corev1.Secur
 
 // GetExporterPodSecurityContext retrieves security context for pods
 func GetExporterPodSecurityContext(a *api.DatabaseObserver) *corev1.PodSecurityContext {
-	if sc := a.Spec.Exporter.Deployment.DeploymentPodTemplate.SecurityContext; sc != nil {
+	if sc := a.Spec.Deployment.PodSecurityContext; sc != nil {
 		return sc
 	}
 	return &corev1.PodSecurityContext{}
@@ -104,7 +102,7 @@ func GetExporterPodSecurityContext(a *api.DatabaseObserver) *corev1.PodSecurityC
 
 // GetExporterCommands retrieves commands
 func GetExporterCommands(a *api.DatabaseObserver) []string {
-	if c := a.Spec.Exporter.Deployment.ExporterCommands; c != nil || len(c) > 0 {
+	if c := a.Spec.Deployment.ExporterCommands; c != nil || len(c) > 0 {
 		return c
 	}
 	return nil
@@ -116,7 +114,7 @@ func GetExporterServicePort(a *api.DatabaseObserver) []corev1.ServicePort {
 	servicePorts := make([]corev1.ServicePort, 0)
 
 	// get service ports
-	if ports := a.Spec.Exporter.Service.Ports; len(ports) > 0 {
+	if ports := a.Spec.Service.Ports; len(ports) > 0 {
 		for _, port := range ports {
 			servicePorts = append(servicePorts, port)
 		}
@@ -140,7 +138,7 @@ func GetEndpoints(a *api.DatabaseObserver) []monitorv1.Endpoint {
 	endpoints := make([]monitorv1.Endpoint, 0)
 
 	// get endpoints
-	if es := a.Spec.Prometheus.ServiceMonitor.Endpoints; len(es) > 0 {
+	if es := a.Spec.ServiceMonitor.Endpoints; len(es) > 0 {
 		for _, e := range es {
 			endpoints = append(endpoints, e)
 		}
@@ -157,8 +155,8 @@ func GetEndpoints(a *api.DatabaseObserver) []monitorv1.Endpoint {
 
 func AddNamespaceSelector(a *api.DatabaseObserver, spec *monitorv1.ServiceMonitorSpec) {
 
-	if ns := a.Spec.Prometheus.ServiceMonitor.NamespaceSelector; ns != nil {
-		a.Spec.Prometheus.ServiceMonitor.NamespaceSelector.DeepCopyInto(&spec.NamespaceSelector)
+	if ns := a.Spec.ServiceMonitor.NamespaceSelector; ns != nil {
+		a.Spec.ServiceMonitor.NamespaceSelector.DeepCopyInto(&spec.NamespaceSelector)
 	}
 
 }
@@ -168,25 +166,21 @@ func GetExporterDeploymentVolumeMounts(a *api.DatabaseObserver) []corev1.VolumeM
 
 	volM := make([]corev1.VolumeMount, 0)
 
-	if cVolumeSourceName := a.Spec.ExporterConfig.Configmap.Name; cVolumeSourceName != "" {
+	if len(a.Spec.Metrics.Configmap) > 0 {
 		volM = append(volM, corev1.VolumeMount{
 			Name:      DefaultConfigVolumeString,
 			MountPath: DefaultExporterConfigMountRootPath,
 		})
 	}
 
-	// a.Spec.Database.DBWallet.SecretName optional
+	// a.Spec.Wallet.SecretName optional
 	// if null, consider the database NON-ADB and connect as such
-	if secretName := a.Spec.Database.DBWallet.SecretName; secretName != "" {
+	if secretName := a.Spec.Wallet.SecretName; secretName != "" {
 
-		p := DefaultOracleTNSAdmin
-
-		// Determine what the value of TNS_ADMIN
-		// if custom TNS_ADMIN environment variable is set and found, use that instead as the path
-		if rCustomEnvs := a.Spec.Exporter.Deployment.ExporterEnvs; rCustomEnvs != nil {
-			if v, f := rCustomEnvs[EnvVarTNSAdmin]; f {
-				p = v
-			}
+		// Determine where to mount
+		p := a.Spec.Wallet.MountPath
+		if p == "" {
+			p = DefaultOracleTNSAdmin
 		}
 
 		volM = append(volM, corev1.VolumeMount{
@@ -195,20 +189,62 @@ func GetExporterDeploymentVolumeMounts(a *api.DatabaseObserver) []corev1.VolumeM
 		})
 	}
 
-	// a.Spec.OCIConfig.SecretName required if vault is used
-	if secretName := a.Spec.OCIConfig.SecretName; secretName != "" {
+	// a.Spec.Wallet.AdditionalWallets
+	if add := a.Spec.Wallet.AdditionalWallets; add != nil && len(add) > 0 {
+		for _, w := range add {
+			// Determine where to mount
+			volM = append(volM, corev1.VolumeMount{
+				Name:      w.Name,
+				MountPath: w.MountPath,
+			})
+		}
+
+	}
+
+	// a.Spec.OCIConfig.ConfigMap
+	// a.Spec.OCIConfig.SecretName
+	if oci := a.Spec.OCIConfig; oci.ConfigMap.Name != "" {
+
+		p := oci.MountPath
+		if p == "" { // overwrite
+			p = DefaultOCIConfigPath
+		}
+
 		volM = append(volM, corev1.VolumeMount{
-			Name:      DefaultOCIPrivateKeyVolumeString,
-			MountPath: DefaultVaultPrivateKeyRootPath,
+			Name:      DefaultOCIConfigVolumeName,
+			MountPath: p,
 		})
 	}
 
-	// a.Spec.Log.Path path to mount for a custom log path, a volume is required
-	if rLogPath := a.Spec.Log.Path; rLogPath != "" {
-		vName := GetLogName(a)
+	// a.Spec.Log.Destination path to mount for a custom log path, a volume is required
+	if disabled := a.Spec.Log.Disable; !disabled {
+
+		vName := a.Spec.Log.Volume.Name
+		if vName == "" {
+			vName = DefaultLogVolumeString
+		}
+
+		vDestination := a.Spec.Log.Destination
+		if vDestination == "" {
+			vDestination = DefaultLogDestination
+		}
+
 		volM = append(volM, corev1.VolumeMount{
 			Name:      vName,
-			MountPath: rLogPath,
+			MountPath: vDestination,
+		})
+	}
+
+	// ObserverConfig VolumeMount
+	if volumeName := a.Spec.ExporterConfig.ConfigMap.Name; volumeName != "" {
+		mp := a.Spec.ExporterConfig.MountPath
+		if mp == "" {
+			mp = DefaultConfigMountPath
+		}
+
+		volM = append(volM, corev1.VolumeMount{
+			Name:      DefaultConfigVolumeName,
+			MountPath: mp,
 		})
 	}
 
@@ -220,28 +256,48 @@ func GetExporterDeploymentVolumes(a *api.DatabaseObserver) []corev1.Volume {
 
 	vol := make([]corev1.Volume, 0)
 
-	// config-volume Volume
-	// if null, the exporter uses the default built-in config
-	if cVolumeSourceName := a.Spec.ExporterConfig.Configmap.Name; cVolumeSourceName != "" {
+	// metrics-volume Volume
+	// if null, the exporter uses the default built-in metrics config
+	if len(a.Spec.Metrics.Configmap) > 1 {
 
-		cVolumeSourceKey := a.Spec.ExporterConfig.Configmap.Key
-		cMSource := &corev1.ConfigMapVolumeSource{
+		vp := make([]corev1.VolumeProjection, 0)
+		for _, cm := range a.Spec.Metrics.Configmap {
+			cmSource := &corev1.ConfigMapProjection{
+				LocalObjectReference: corev1.LocalObjectReference{
+					Name: cm.Name,
+				},
+			}
+
+			vp = append(vp, corev1.VolumeProjection{ConfigMap: cmSource})
+		}
+
+		vol = append(vol, corev1.Volume{
+			Name: DefaultConfigVolumeString,
+			VolumeSource: corev1.VolumeSource{
+				Projected: &corev1.ProjectedVolumeSource{
+					Sources: vp,
+				},
+			}})
+
+	} else if len(a.Spec.Metrics.Configmap) == 1 {
+
+		cm := a.Spec.Metrics.Configmap[0]
+		cmSource := &corev1.ConfigMapVolumeSource{
 			LocalObjectReference: corev1.LocalObjectReference{
-				Name: cVolumeSourceName,
+				Name: cm.Name,
 			},
-			Items: []corev1.KeyToPath{{
-				Key:  cVolumeSourceKey,
-				Path: DefaultExporterConfigmapFilename,
-			}},
 		}
 
-		vol = append(vol, corev1.Volume{Name: DefaultConfigVolumeString, VolumeSource: corev1.VolumeSource{ConfigMap: cMSource}})
+		vol = append(vol, corev1.Volume{
+			Name:         DefaultConfigVolumeString,
+			VolumeSource: corev1.VolumeSource{ConfigMap: cmSource},
+		})
 	}
 
 	// creds Volume
 	// a.Spec.Database.DBWallet.SecretName optional
 	// if null, consider the database NON-ADB and connect as such
-	if secretName := a.Spec.Database.DBWallet.SecretName; secretName != "" {
+	if secretName := a.Spec.Wallet.SecretName; secretName != "" {
 
 		vol = append(vol, corev1.Volume{
 			Name: DefaultWalletVolumeString,
@@ -253,28 +309,57 @@ func GetExporterDeploymentVolumes(a *api.DatabaseObserver) []corev1.Volume {
 		})
 	}
 
-	// ocikey Volume
-	// a.Spec.Database.DBWallet.SecretName optional
-	if secretName := a.Spec.OCIConfig.SecretName; secretName != "" {
+	// a.Spec.Wallet.AdditionalWallets
+	if add := a.Spec.Wallet.AdditionalWallets; add != nil && len(add) > 0 {
+		for _, w := range add {
 
-		OCIConfigSource := &corev1.SecretVolumeSource{
-			SecretName: secretName,
-			Items: []corev1.KeyToPath{{
-				Key:  DefaultPrivateKeyFileKey,
-				Path: DefaultPrivateKeyFileName,
-			}},
+			vol = append(vol, corev1.Volume{
+				Name: w.Name,
+				VolumeSource: corev1.VolumeSource{
+					Secret: &corev1.SecretVolumeSource{
+						SecretName: w.SecretName,
+					},
+				},
+			})
+		}
+
+	}
+
+	// oci-config-volume Volume
+	// a.Spec.OCIConfig.PrivateKey.SecretName optional
+	if oci := a.Spec.OCIConfig; oci.ConfigMap.Name != "" && oci.PrivateKey.SecretName != "" {
+
+		vp := make([]corev1.VolumeProjection, 0)
+
+		cmSource := &corev1.ConfigMapProjection{
+			LocalObjectReference: corev1.LocalObjectReference{Name: oci.ConfigMap.Name},
+		}
+		secretSource := &corev1.SecretProjection{
+			LocalObjectReference: corev1.LocalObjectReference{Name: oci.PrivateKey.SecretName},
 		}
 
+		vp = append(vp, corev1.VolumeProjection{ConfigMap: cmSource})
+		vp = append(vp, corev1.VolumeProjection{Secret: secretSource})
+
 		vol = append(vol, corev1.Volume{
-			Name:         DefaultOCIPrivateKeyVolumeString,
-			VolumeSource: corev1.VolumeSource{Secret: OCIConfigSource},
+			Name: DefaultOCIConfigVolumeName,
+			VolumeSource: corev1.VolumeSource{
+				Projected: &corev1.ProjectedVolumeSource{
+					Sources: vp,
+				},
+			},
 		})
+
 	}
 
 	// log-volume Volume
-	if rLogPath := a.Spec.Log.Path; rLogPath != "" {
+	if disabled := a.Spec.Log.Disable; !disabled {
 		vs := GetLogVolumeSource(a)
-		vName := GetLogName(a)
+
+		vName := a.Spec.Log.Volume.Name
+		if vName == "" {
+			vName = DefaultLogVolumeString
+		}
 
 		vol = append(vol, corev1.Volume{
 			Name:         vName,
@@ -282,25 +367,35 @@ func GetExporterDeploymentVolumes(a *api.DatabaseObserver) []corev1.Volume {
 		})
 	}
 
-	return vol
-}
-
-// GetExporterConfig function retrieves config name for status
-func GetExporterConfig(a *api.DatabaseObserver) string {
+	// ObserverConfig Volume
+	if volumeName := a.Spec.ExporterConfig.ConfigMap.Name; volumeName != "" {
+		cMSource := &corev1.ConfigMapVolumeSource{
+			LocalObjectReference: corev1.LocalObjectReference{
+				Name: volumeName,
+			},
+		}
 
-	configName := DefaultValue
-	if cmName := a.Spec.ExporterConfig.Configmap.Name; cmName != "" {
-		configName = cmName
+		vol = append(vol, corev1.Volume{Name: DefaultConfigVolumeName, VolumeSource: corev1.VolumeSource{ConfigMap: cMSource}})
 	}
 
-	return configName
+	return vol
 }
 
-func GetLogName(a *api.DatabaseObserver) string {
-	if name := a.Spec.Log.Volume.Name; name != "" {
-		return name
+// GetMetricsConfig function retrieves config name for status
+func GetMetricsConfig(a *api.DatabaseObserver) string {
+
+	cms := a.Spec.Metrics.Configmap
+	if len(cms) > 1 {
+		metricsConfigList := make([]string, 0)
+		for _, cm := range cms {
+			metricsConfigList = append(metricsConfigList, cm.Name)
+		}
+		return strings.Join(metricsConfigList, ",")
+
+	} else if len(cms) == 1 {
+		return cms[0].Name
 	}
-	return DefaultLogVolumeString
+	return DefaultValue
 }
 
 // GetLogVolumeSource function retrieves the source to help GetExporterDeploymentVolumes
@@ -328,149 +423,241 @@ func AddEnv(env []corev1.EnvVar, existing map[string]string, name string, v stri
 	// Evaluate if env already exists
 	if _, f := existing[name]; !f {
 		env = append(env, corev1.EnvVar{Name: name, Value: v})
+		existing[name] = ""
 	}
 	return env
 }
 
-// AddEnvFrom is a helper method that appends an Env Var value source
-func AddEnvFrom(env []corev1.EnvVar, existing map[string]string, name string, v *corev1.EnvVarSource) []corev1.EnvVar {
-
+func AddEnvFromConfigMap(env []corev1.EnvVar, existing map[string]string, environmentName string, key string, configMap string) []corev1.EnvVar {
 	// Evaluate if env already exists
-	if _, f := existing[name]; !f {
-		env = append(env, corev1.EnvVar{Name: name, ValueFrom: v})
+	if _, f := existing[environmentName]; !f {
+
+		optional := true
+		cm := &corev1.EnvVarSource{
+			ConfigMapKeyRef: &corev1.ConfigMapKeySelector{
+				Key:                  key,
+				LocalObjectReference: corev1.LocalObjectReference{Name: configMap},
+				Optional:             &optional,
+			},
+		}
+		env = append(env, corev1.EnvVar{Name: environmentName, ValueFrom: cm})
 	}
 	return env
 }
 
-// GetExporterEnvs function retrieves env from a or provides default
-func GetExporterEnvs(a *api.DatabaseObserver) []corev1.EnvVar {
-
-	optional := true
-	rDBPasswordKey := a.Spec.Database.DBPassword.Key
-	rDBPasswordName := a.Spec.Database.DBPassword.SecretName
-	rDBConnectStrKey := a.Spec.Database.DBConnectionString.Key
-	rDBConnectStrName := a.Spec.Database.DBConnectionString.SecretName
-	rDBVaultSecretName := a.Spec.Database.DBPassword.VaultSecretName
-	rDBVaultOCID := a.Spec.Database.DBPassword.VaultOCID
-	rDBUserSKey := a.Spec.Database.DBUser.Key
-	rDBUserSName := a.Spec.Database.DBUser.SecretName
-	rOCIConfigCMName := a.Spec.OCIConfig.ConfigMapName
-	rLogPath := a.Spec.Log.Path
-	rLogFilename := a.Spec.Log.Filename
-	rCustomEnvs := a.Spec.Exporter.Deployment.ExporterEnvs
+func AddEnvFromSecret(env []corev1.EnvVar, existing map[string]string, environmentName string, key string, secretName string) []corev1.EnvVar {
+	// Evaluate if env already exists
+	if _, f := existing[environmentName]; !f {
 
-	var env = make([]corev1.EnvVar, 0)
+		optional := true
+		e := &corev1.EnvVarSource{
+			SecretKeyRef: &corev1.SecretKeySelector{
+				Key:                  key,
+				LocalObjectReference: corev1.LocalObjectReference{Name: secretName},
+				Optional:             &optional,
+			}}
 
-	// add CustomEnvs
-	if rCustomEnvs != nil {
-		for k, v := range rCustomEnvs {
-			env = append(env, corev1.EnvVar{Name: k, Value: v})
-		}
+		env = append(env, corev1.EnvVar{Name: environmentName, ValueFrom: e})
 	}
+	return env
+}
+
+func AddSingleDatabaseEnvs(a *api.DatabaseObserver, e map[string]string, source []corev1.EnvVar) []corev1.EnvVar {
+
+	u := a.Spec.Database.DBUser
+	c := a.Spec.Database.DBConnectionString
+	p := a.Spec.Database.DBPassword
+	o := a.Spec.Database.OCIVault
+	z := a.Spec.Database.AzureVault
 
 	// DB_USERNAME environment variable
-	if rDBUserSKey == "" { // overwrite
-		rDBUserSKey = DefaultDbUserKey
+	if IsUsingAzureVault(z, VaultUsernameInUse) {
+		source = AddEnv(source, e, EnvVarAzureVaultUsernameSecret, z.VaultUsernameSecret)
+		source = AddEnv(source, e, EnvVarAzureVaultID, z.VaultID)
+
+	} else if u.SecretName != "" {
+		uKey := u.Key
+		if uKey == "" { // overwrite
+			uKey = DefaultDbUserKey
+		}
+		source = AddEnvFromSecret(source, e, EnvVarDataSourceUsername, uKey, u.SecretName)
 	}
-	envUser := &corev1.EnvVarSource{
-		SecretKeyRef: &corev1.SecretKeySelector{
-			Key:                  rDBUserSKey,
-			LocalObjectReference: corev1.LocalObjectReference{Name: rDBUserSName},
-			Optional:             &optional,
-		}}
-	env = AddEnvFrom(env, rCustomEnvs, EnvVarDataSourceUser, envUser)
 
 	// DB_CONNECT_STRING environment variable
-	if rDBConnectStrKey == "" {
-		rDBConnectStrKey = DefaultDBConnectionStringKey
+	if c.SecretName != "" {
+		cKey := c.Key
+		if cKey == "" {
+			cKey = DefaultDBConnectionStringKey
+		}
+		source = AddEnvFromSecret(source, e, EnvVarDataSourceConnectString, cKey, c.SecretName)
 	}
-	envConnectStr := &corev1.EnvVarSource{
-		SecretKeyRef: &corev1.SecretKeySelector{
-			Key:                  rDBConnectStrKey,
-			LocalObjectReference: corev1.LocalObjectReference{Name: rDBConnectStrName},
-			Optional:             &optional,
-		}}
-	env = AddEnvFrom(env, rCustomEnvs, EnvVarDataSourceConnectString, envConnectStr)
 
 	// DB_PASSWORD environment variable
-	// if useVault, add environment variables for Vault ID and Vault Secret Name
-	useVault := rDBVaultSecretName != "" && rDBVaultOCID != ""
-	if useVault {
+	if IsUsingOCIVault(o) {
+		source = AddEnv(source, e, EnvVarDataSourcePwdVaultSecretName, o.VaultPasswordSecret)
+		source = AddEnv(source, e, EnvVarDataSourcePwdVaultId, o.VaultID)
+
+	} else if IsUsingAzureVault(z, VaultPasswordInUse) {
+		source = AddEnv(source, e, EnvVarAzureVaultPasswordSecret, z.VaultPasswordSecret)
+		source = AddEnv(source, e, EnvVarAzureVaultID, z.VaultID)
+
+	} else if p.SecretName != "" {
+		pKey := p.Key
+		if pKey == "" { // overwrite
+			pKey = DefaultDBPasswordKey
+		}
+		env := p.EnvName
+		if env == "" { // overwrite
+			env = EnvVarDataSourcePassword
+		}
+		source = AddEnvFromSecret(source, e, env, pKey, p.SecretName)
+	}
 
-		env = AddEnv(env, rCustomEnvs, EnvVarDataSourcePwdVaultSecretName, rDBVaultSecretName)
-		env = AddEnv(env, rCustomEnvs, EnvVarDataSourcePwdVaultId, rDBVaultOCID)
+	// Add OCI Vault Required Values
+	if a.Spec.OCIConfig.ConfigMap.Name != "" {
+		ociConfig := a.Spec.OCIConfig.ConfigMap.Name
+		source = AddEnv(source, e, EnvVarOCIVaultPrivateKeyPath, DefaultVaultPrivateKeyAbsolutePath)
+		source = AddEnvFromConfigMap(source, e, EnvVarOCIVaultFingerprint, DefaultOCIConfigFingerprintKey, ociConfig)
+		source = AddEnvFromConfigMap(source, e, EnvVarOCIVaultUserOCID, DefaultOCIConfigUserKey, ociConfig)
+		source = AddEnvFromConfigMap(source, e, EnvVarOCIVaultTenancyOCID, DefaultOCIConfigTenancyKey, ociConfig)
+		source = AddEnvFromConfigMap(source, e, EnvVarOCIVaultRegion, DefaultOCIConfigRegionKey, ociConfig)
+	}
 
-		// Configuring the configProvider prefixed with vault_
-		// https://github.com/oracle/oracle-db-appdev-monitoring/blob/main/vault/vault.go
-		configSourceFingerprintValue := &corev1.EnvVarSource{
-			ConfigMapKeyRef: &corev1.ConfigMapKeySelector{
-				Key:                  DefaultOCIConfigFingerprintKey,
-				LocalObjectReference: corev1.LocalObjectReference{Name: rOCIConfigCMName},
-				Optional:             &optional,
-			},
-		}
-		configSourceRegionValue := &corev1.EnvVarSource{
-			ConfigMapKeyRef: &corev1.ConfigMapKeySelector{
-				Key:                  DefaultOCIConfigRegionKey,
-				LocalObjectReference: corev1.LocalObjectReference{Name: rOCIConfigCMName},
-				Optional:             &optional,
-			},
+	// Add Azure Vault Required Values
+	if a.Spec.AzureConfig.ConfigMap.Name != "" {
+		azureConfig := a.Spec.AzureConfig.ConfigMap.Name
+		source = AddEnvFromConfigMap(source, e, EnvVarAzureTenantID, DefaultAzureConfigTenantId, azureConfig)
+		source = AddEnvFromConfigMap(source, e, EnvVarAzureClientID, DefaultAzureConfigClientId, azureConfig)
+		source = AddEnvFromConfigMap(source, e, EnvVarAzureClientSecret, DefaultAzureConfigClientSecret, azureConfig)
+	}
+
+	return source
+}
+
+func AddMultiDatabaseEnvs(a *api.DatabaseObserver, e map[string]string, source []corev1.EnvVar) []corev1.EnvVar {
+
+	for key, db := range a.Spec.Databases {
+		u := db.DBUser
+		c := db.DBConnectionString
+		p := db.DBPassword
+
+		// DB_USERNAME environment variable, if secret is defined
+		if u.SecretName != "" {
+			uKey := u.Key
+			if uKey == "" { // overwrite
+				uKey = DefaultDbUserKey
+			}
+			envUsername := u.EnvName
+			if envUsername == "" {
+				envUsername = key + DefaultEnvUserSuffix
+			}
+			source = AddEnvFromSecret(source, e, envUsername, uKey, u.SecretName)
 		}
-		configSourceTenancyValue := &corev1.EnvVarSource{
-			ConfigMapKeyRef: &corev1.ConfigMapKeySelector{
-				Key:                  DefaultOCIConfigTenancyKey,
-				LocalObjectReference: corev1.LocalObjectReference{Name: rOCIConfigCMName},
-				Optional:             &optional,
-			},
+
+		// DB_CONNECT_STRING environment variable, if secret is defined
+		if c.SecretName != "" {
+			cKey := c.Key
+			if cKey == "" {
+				cKey = key + DefaultEnvConnectionStringSuffix
+			}
+			envConnectionString := c.EnvName
+			if envConnectionString == "" {
+				envConnectionString = key + DefaultEnvConnectionStringSuffix
+			}
+			source = AddEnvFromSecret(source, e, envConnectionString, cKey, c.SecretName)
 		}
-		configSourceUserValue := &corev1.EnvVarSource{
-			ConfigMapKeyRef: &corev1.ConfigMapKeySelector{
-				Key:                  DefaultOCIConfigUserKey,
-				LocalObjectReference: corev1.LocalObjectReference{Name: rOCIConfigCMName},
-				Optional:             &optional,
-			},
+
+		// DB_PASSWORD environment variable, if secret is defined
+		if p.SecretName != "" {
+			pKey := p.Key
+			if pKey == "" { // overwrite
+				pKey = DefaultDBPasswordKey
+			}
+			env := p.EnvName
+			if env == "" { // overwrite
+				env = key + DefaultEnvPasswordSuffix
+			}
+			source = AddEnvFromSecret(source, e, env, pKey, p.SecretName)
 		}
-		env = AddEnvFrom(env, rCustomEnvs, EnvVarVaultFingerprint, configSourceFingerprintValue)
-		env = AddEnvFrom(env, rCustomEnvs, EnvVarVaultUserOCID, configSourceUserValue)
-		env = AddEnvFrom(env, rCustomEnvs, EnvVarVaultTenancyOCID, configSourceTenancyValue)
-		env = AddEnvFrom(env, rCustomEnvs, EnvVarVaultRegion, configSourceRegionValue)
-		env = AddEnv(env, rCustomEnvs, EnvVarVaultPrivateKeyPath, DefaultVaultPrivateKeyAbsolutePath)
 
-	} else {
+	}
+	return source
+}
 
-		if rDBPasswordKey == "" { // overwrite
-			rDBPasswordKey = DefaultDBPasswordKey
-		}
-		dbPassword := &corev1.EnvVarSource{
-			SecretKeyRef: &corev1.SecretKeySelector{
-				Key:                  rDBPasswordKey,
-				LocalObjectReference: corev1.LocalObjectReference{Name: rDBPasswordName},
-				Optional:             &optional,
-			}}
+func IsUsingOCIVault(f api.DBOCIVault) bool {
+	return f.VaultPasswordSecret != "" && f.VaultID != ""
+}
 
-		env = AddEnvFrom(env, rCustomEnvs, EnvVarDataSourcePassword, dbPassword)
+func IsUsingAzureVault(f api.DBAzureVault, v string) bool {
 
+	if v == VaultPasswordInUse {
+		return f.VaultID != "" && f.VaultPasswordSecret != ""
+	}
+	if v == VaultUsernameInUse {
+		return f.VaultID != "" && f.VaultUsernameSecret != ""
+	}
+	if v == VaultIDProvided {
+		return f.VaultID != ""
 	}
 
-	// CUSTOM_METRICS environment variable
-	if customMetricsName := a.Spec.ExporterConfig.Configmap.Name; customMetricsName != "" {
-		customMetrics := DefaultExporterConfigmapAbsolutePath
+	return false
+
+}
 
-		env = AddEnv(env, rCustomEnvs, EnvVarCustomConfigmap, customMetrics)
+func IsMultipleDatabasesDefined(a *api.DatabaseObserver) bool {
+	return a.Spec.Databases != nil && len(a.Spec.Databases) > 0
+}
+
+// GetExporterEnvs function retrieves env from a or provides default
+func GetExporterEnvs(a *api.DatabaseObserver) []corev1.EnvVar {
+
+	// create slices
+	var env = make([]corev1.EnvVar, 0)
+
+	// First, add all environment variables provided
+	e := a.Spec.Deployment.ExporterEnvs
+	if e != nil {
+		for k, v := range e {
+			env = append(env, corev1.EnvVar{Name: k, Value: v})
+		}
+	} else {
+		e = make(map[string]string)
 	}
 
-	env = AddEnv(env, rCustomEnvs, EnvVarOracleHome, DefaultOracleHome)
-	env = AddEnv(env, rCustomEnvs, EnvVarTNSAdmin, DefaultOracleTNSAdmin)
+	// Add database environment variables based on single or multi DB configuration
+	if IsMultipleDatabasesDefined(a) {
+		env = AddMultiDatabaseEnvs(a, e, env)
+	} else {
+		env = AddSingleDatabaseEnvs(a, e, env)
+	}
 
-	// LOG_DESTINATION environment variable
-	if rLogPath != "" {
-		if rLogFilename == "" {
-			rLogFilename = DefaultLogFilename
+	// CUSTOM_METRICS environment variable
+	if cms := a.Spec.Metrics.Configmap; cms != nil && len(cms) > 0 {
+		metricsConfigList := make([]string, 0)
+		for _, cm := range cms {
+			metricsConfigList = append(metricsConfigList, DefaultExporterConfigMountRootPath+"/"+cm.Key)
 		}
-		d := filepath.Join(rLogPath, rLogFilename)
-		env = AddEnv(env, rCustomEnvs, EnvVarDataSourceLogDestination, d)
+		customMetrics := strings.Join(metricsConfigList, ",")
+		env = AddEnv(env, e, EnvVarCustomConfigmap, customMetrics)
 	}
 
+	env = AddEnv(env, e, EnvVarOracleHome, DefaultOracleHome)
+	env = AddEnv(env, e, EnvVarTNSAdmin, DefaultOracleTNSAdmin)
+
+	// LOG_DESTINATION environment variable4
+	if disabled := a.Spec.Log.Disable; !disabled {
+		d := a.Spec.Log.Destination
+		if d == "" {
+			d = DefaultLogDestination
+		}
+
+		f := a.Spec.Log.Filename
+		if f == "" {
+			f = DefaultLogFilename
+		}
+		ld := filepath.Join(d, f)
+		env = AddEnv(env, e, EnvVarDataSourceLogDestination, ld)
+	}
 	return env
 }
 
@@ -484,10 +671,9 @@ func GetExporterReplicas(a *api.DatabaseObserver) int32 {
 
 // GetExporterImage function retrieves image from a or provides default
 func GetExporterImage(a *api.DatabaseObserver) string {
-	if img := a.Spec.Exporter.Deployment.ExporterImage; img != "" {
+	if img := a.Spec.Deployment.ExporterImage; img != "" {
 		return img
 	}
-
 	return DefaultExporterImage
 
 }
diff --git a/commons/oci/containerdatabase.go b/commons/oci/containerdatabase.go
index 9391d6f8..28b31353 100644
--- a/commons/oci/containerdatabase.go
+++ b/commons/oci/containerdatabase.go
@@ -56,7 +56,7 @@ func (d *DatabaseService) CreateAutonomousContainerDatabase(acd *dbv4.Autonomous
 			CompartmentId:              acd.Spec.CompartmentOCID,
 			DisplayName:                acd.Spec.DisplayName,
 			CloudAutonomousVmClusterId: acd.Spec.AutonomousExadataVMClusterOCID,
-			PatchModel:                 database.CreateAutonomousContainerDatabaseDetailsPatchModelUpdates,
+			PatchModel:                 database.CreateAutonomousContainerDatabaseBasePatchModelUpdates,
 		},
 	}
 
diff --git a/commons/oci/database.go b/commons/oci/database.go
index e43afb56..99240d1a 100644
--- a/commons/oci/database.go
+++ b/commons/oci/database.go
@@ -430,3 +430,27 @@ func (d *DatabaseService) CreateAutonomousDatabaseClone(adb *dbv4.AutonomousData
 
 	return d.dbClient.CreateAutonomousDatabase(context.TODO(), request)
 }
+
+func (d *DatabaseService) SwitchoverAutonomousDatabase(adbOCID string) (database.SwitchoverAutonomousDatabaseResponse, error) {
+	retryPolicy := common.DefaultRetryPolicy()
+
+	request := database.SwitchoverAutonomousDatabaseRequest{
+		AutonomousDatabaseId: common.String(adbOCID),
+		RequestMetadata: common.RequestMetadata{
+			RetryPolicy: &retryPolicy,
+		},
+	}
+	return d.dbClient.SwitchoverAutonomousDatabase(context.TODO(), request)
+}
+
+func (d *DatabaseService) FailoverAutonomousDatabase(adbOCID string) (database.FailOverAutonomousDatabaseResponse, error) {
+	retryPolicy := common.DefaultRetryPolicy()
+
+	request := database.FailOverAutonomousDatabaseRequest{
+		AutonomousDatabaseId: common.String(adbOCID),
+		RequestMetadata: common.RequestMetadata{
+			RetryPolicy: &retryPolicy,
+		},
+	}
+	return d.dbClient.FailOverAutonomousDatabase(context.TODO(), request)
+}
diff --git a/commons/oci/wallet.go b/commons/oci/wallet.go
index 076460b1..0cc2b434 100644
--- a/commons/oci/wallet.go
+++ b/commons/oci/wallet.go
@@ -41,7 +41,7 @@ package oci
 import (
 	"archive/zip"
 	"io"
-	"io/ioutil"
+	"os"
 	"strings"
 )
 
@@ -62,7 +62,7 @@ func ExtractWallet(content io.ReadCloser) (map[string][]byte, error) {
 func saveWalletZip(content io.ReadCloser) (string, error) {
 	// Create a temp file wallet*.zip
 	const walletFileName = "wallet*.zip"
-	outZip, err := ioutil.TempFile("", walletFileName)
+	outZip, err := os.CreateTemp("", walletFileName)
 	if err != nil {
 		return "", err
 	}
@@ -91,7 +91,7 @@ func unzipWallet(path string) (map[string][]byte, error) {
 			return files, err
 		}
 
-		content, err := ioutil.ReadAll(reader)
+		content, err := io.ReadAll(reader)
 		if err != nil {
 			return files, err
 		}
diff --git a/commons/oraclerestart/exec.go b/commons/oraclerestart/exec.go
new file mode 100644
index 00000000..b91d4226
--- /dev/null
+++ b/commons/oraclerestart/exec.go
@@ -0,0 +1,112 @@
+/*
+** Copyright (c) 2022 Oracle and/or its affiliates.
+**
+** The Universal Permissive License (UPL), Version 1.0
+**
+** Subject to the condition set forth below, permission is hereby granted to any
+** person obtaining a copy of this software, associated documentation and/or data
+** (collectively the "Software"), free of charge and under any and all copyright
+** rights in the Software, and any and all patent rights owned or freely
+** licensable by each licensor hereunder covering either (i) the unmodified
+** Software as contributed to or provided by such licensor, or (ii) the Larger
+** Works (as defined below), to deal in both
+**
+** (a) the Software, and
+** (b) any piece of software and/or hardware listed in the lrgrwrks.txt file if
+** one is included with the Software (each a "Larger Work" to which the Software
+** is contributed by such licensors),
+**
+** without restriction, including without limitation the rights to copy, create
+** derivative works of, display, perform, and distribute the Software and make,
+** use, sell, offer for sale, import, export, have made, and have sold the
+** Software and the Larger Work(s), and to sublicense the foregoing rights on
+** either these or other terms.
+**
+** This license is subject to the following condition:
+** The above copyright notice and either this complete permission notice or at
+** a minimum a reference to the UPL must be included in all copies or
+** substantial portions of the Software.
+**
+** THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+** IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+** FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+** AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+** LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+** OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+** SOFTWARE.
+ */
+
+package commons
+
+import (
+	"bytes"
+	"net/http"
+
+	oraclerestartdb "github.com/oracle/oracle-database-operator/apis/database/v4"
+
+	"github.com/go-logr/logr"
+	corev1 "k8s.io/api/core/v1"
+	"k8s.io/client-go/kubernetes"
+	"k8s.io/client-go/kubernetes/scheme"
+	"k8s.io/client-go/tools/clientcmd"
+	"k8s.io/client-go/tools/remotecommand"
+)
+
+// ExecCMDInContainer execute command in first container of a pod
+func ExecCommand(podName string, cmd []string, kubeClient kubernetes.Interface, kubeConfig clientcmd.ClientConfig, instance *oraclerestartdb.OracleRestart, logger logr.Logger) (string, string, error) {
+
+	var msg string
+	var (
+		execOut bytes.Buffer
+		execErr bytes.Buffer
+	)
+
+	req := kubeClient.CoreV1().RESTClient().
+		Post().
+		Namespace(instance.Namespace).
+		Resource("pods").
+		Name(podName).
+		SubResource("exec").
+		VersionedParams(&corev1.PodExecOptions{
+			Command: cmd,
+			Stdout:  true,
+			Stderr:  true,
+			TTY:     true,
+		}, scheme.ParameterCodec)
+
+	config, err := kubeConfig.ClientConfig()
+	if err != nil {
+		return "Error Occurred", "Error Occurred", err
+	}
+
+	if config.NegotiatedSerializer == nil {
+		config.NegotiatedSerializer = scheme.Codecs.WithoutConversion()
+	}
+
+	// Connect to url (constructed from req) using SPDY (HTTP/2) protocol which allows bidirectional streams.
+	exec, err := remotecommand.NewSPDYExecutor(config, http.MethodPost, req.URL())
+	if err != nil {
+		msg = "Error after executing remotecommand.NewSPDYExecutor"
+		LogMessages("Error", msg, err, instance, logger)
+		return "Error Occurred", "Error Occurred", err
+	}
+
+	err = exec.Stream(remotecommand.StreamOptions{
+		Stdout: &execOut,
+		Stderr: &execErr,
+		Tty:    true,
+	})
+	if err != nil {
+		msg = "Command execution failed inside the container!"
+		LogMessages("DEBUG", msg, err, instance, logger)
+		if len(execOut.String()) > 0 {
+			LogMessages("INFO", execOut.String(), nil, instance, logger)
+		}
+		if len(execErr.String()) > 0 {
+			LogMessages("INFO", execErr.String(), nil, instance, logger)
+		}
+		return execOut.String(), execErr.String(), err
+	}
+
+	return execOut.String(), execErr.String(), nil
+}
diff --git a/commons/oraclerestart/oraclerestartcommon.go b/commons/oraclerestart/oraclerestartcommon.go
new file mode 100644
index 00000000..434f1ce9
--- /dev/null
+++ b/commons/oraclerestart/oraclerestartcommon.go
@@ -0,0 +1,1397 @@
+/*
+** Copyright (c) 2022 Oracle and/or its affiliates.
+**
+** The Universal Permissive License (UPL), Version 1.0
+**
+** Subject to the condition set forth below, permission is hereby granted to any
+** person obtaining a copy of this software, associated documentation and/or data
+** (collectively the "Software"), free of charge and under any and all copyright
+** rights in the Software, and any and all patent rights owned or freely
+** licensable by each licensor hereunder covering either (i) the unmodified
+** Software as contributed to or provided by such licensor, or (ii) the Larger
+** Works (as defined below), to deal in both
+**
+** (a) the Software, and
+** (b) any piece of software and/or hardware listed in the lrgrwrks.txt file if
+** one is included with the Software (each a "Larger Work" to which the Software
+** is contributed by such licensors),
+**
+** without restriction, including without limitation the rights to copy, create
+** derivative works of, display, perform, and distribute the Software and make,
+** use, sell, offer for sale, import, export, have made, and have sold the
+** Software and the Larger Work(s), and to sublicense the foregoing rights on
+** either these or other terms.
+**
+** This license is subject to the following condition:
+** The above copyright notice and either this complete permission notice or at
+** a minimum a reference to the UPL must be included in all copies or
+** substantial portions of the Software.
+**
+** THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+** IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+** FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+** AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+** LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+** OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+** SOFTWARE.
+ */
+
+package commons
+
+import (
+	"bufio"
+	"context"
+	"errors"
+	"fmt"
+	"path/filepath"
+	"slices"
+	"strconv"
+
+	oraclerestart "github.com/oracle/oracle-database-operator/apis/database/v4"
+	utils "github.com/oracle/oracle-database-operator/commons/oraclerestart/utils"
+
+	"strings"
+
+	"github.com/go-logr/logr"
+	appsv1 "k8s.io/api/apps/v1"
+	corev1 "k8s.io/api/core/v1"
+	apierrors "k8s.io/apimachinery/pkg/api/errors"
+	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
+	"k8s.io/apimachinery/pkg/labels"
+	"k8s.io/apimachinery/pkg/types"
+	"k8s.io/apimachinery/pkg/util/intstr"
+	"k8s.io/apimachinery/pkg/util/rand"
+	"k8s.io/client-go/kubernetes"
+	"k8s.io/client-go/tools/clientcmd"
+	"sigs.k8s.io/controller-runtime/pkg/client"
+)
+
+// Function to build the env var specification
+func buildEnvVarsSpec(envVariables []corev1.EnvVar) []corev1.EnvVar {
+	var result []corev1.EnvVar
+
+	/**
+		if len(envVariables) > 0 {
+			result = append(result, corev1.EnvVar{Name: "container", Value: "true"})
+		} else {
+			result = append(result, corev1.EnvVar{Name: "container", Value: "true"})
+		}
+	**/
+
+	return result
+}
+
+func checkAbsPath(location string) bool {
+	return filepath.IsAbs(location)
+}
+
+// FUnction to build the svc definition for RAC
+func buildContainerPortsDef(instance *oraclerestart.OracleRestart) []corev1.ContainerPort {
+	var result []corev1.ContainerPort
+
+	/*
+		if len(OraRestartSpexPorts) > 0 {
+			for _, portMapping := range OraRestartSpexPorts {
+				name := generatePortMapping(portMapping)
+				if len(name) > 15 {
+					name = name[:15]
+				}
+				containerPort :=
+					corev1.ContainerPort{
+						Protocol:      portMapping.Protocol,
+						ContainerPort: portMapping.Port,
+						Name:          name,
+					}
+				result = append(result, containerPort)
+			}
+		} else {
+	*/
+
+	result = append(result, corev1.ContainerPort{Protocol: corev1.ProtocolTCP, ContainerPort: utils.OraDBPort, Name: truncateName(fmt.Sprintf("%s-%d", "tcp", utils.OraDBPort))})
+	result = append(result, corev1.ContainerPort{Protocol: corev1.ProtocolTCP, ContainerPort: utils.OraLsnrPort, Name: truncateName(fmt.Sprintf("%s-%d", "tcp", utils.OraLsnrPort))})
+	result = append(result, corev1.ContainerPort{Protocol: corev1.ProtocolTCP, ContainerPort: utils.OraSSHPort, Name: truncateName(fmt.Sprintf("%s-%d", "tcp", utils.OraSSHPort))})
+	result = append(result, corev1.ContainerPort{Protocol: corev1.ProtocolTCP, ContainerPort: utils.OraLocalOnsPort, Name: truncateName(fmt.Sprintf("%s-%d", "tcp", utils.OraLocalOnsPort))})
+	result = append(result, corev1.ContainerPort{Protocol: corev1.ProtocolTCP, ContainerPort: utils.OraOemPort, Name: truncateName(fmt.Sprintf("%s-%d", "tcp", utils.OraOemPort))})
+
+	return result
+}
+
+func truncateName(name string) string {
+	if len(name) > 15 {
+		return name[:15]
+	}
+	return name
+}
+
+// FUnction to build the svc definition for RAC
+func buildOracleRestartSvcPortsDef(npsvc oraclerestart.OracleRestartNodePortSvc) []corev1.ServicePort {
+	var result []corev1.ServicePort
+
+	for _, portMapping := range npsvc.PortMappings {
+		servicePort :=
+			corev1.ServicePort{
+				Protocol: portMapping.Protocol,
+				Port:     portMapping.Port,
+				Name:     generatePortMapping(portMapping),
+			}
+		if portMapping.TargetPort > 0 {
+			servicePort.TargetPort = intstr.IntOrString{
+				Type:   intstr.Int,
+				IntVal: portMapping.TargetPort,
+			}
+		}
+		if portMapping.NodePort > 0 {
+			servicePort.NodePort = portMapping.NodePort
+		}
+
+		result = append(result, servicePort)
+	}
+
+	return result
+}
+
+// Function to generate the Name
+func generateName(base string) string {
+	maxNameLength := 50
+	randomLength := 5
+	maxGeneratedLength := maxNameLength - randomLength
+	if len(base) > maxGeneratedLength {
+		base = base[:maxGeneratedLength]
+	}
+	return fmt.Sprintf("%s%s", base, rand.String(randomLength))
+}
+
+// Function to generate the port mapping
+func generatePortMapping(portMapping oraclerestart.OracleRestartPortMapping) string {
+	return generateName(fmt.Sprintf("%s-%d-%d-", "tcp",
+		portMapping.Port, portMapping.TargetPort))
+}
+
+func LogMessages(msgtype string, msg string, err error, instance *oraclerestart.OracleRestart, logger logr.Logger) {
+	// setting logrus formatter
+	//logrus.SetFormatter(&logrus.JSONFormatter{})
+	//logrus.SetOutput(os.Stdout)
+
+	if msgtype == "DEBUG" && utils.CheckStatusFlag(instance.Spec.IsDebug) {
+		if err != nil {
+			logger.Error(err, msg)
+		} else {
+			logger.Info(msg)
+		}
+	} else if msgtype == "INFO" {
+		logger.Info(msg)
+	}
+}
+
+func GetRacPodName(racName string) string {
+	podName := racName
+	return podName
+}
+
+func getlabelsForRac(instance *oraclerestart.OracleRestart) map[string]string {
+	return buildLabelsForOracleRestart(instance, "OracleRestart")
+}
+
+func GetAsmPvcName(name string, diskPath string, instance *oraclerestart.OracleRestart) string {
+
+	// pvcName := "asm-pvc-disk-" + strconv.Itoa(index) + "-" + name + "-" + dgType + "-" + "pvc"
+	dgType := CheckDiskInAsmDeviceList(instance, diskPath)
+	diskName := diskPath[strings.LastIndex(diskPath, "/")+1:]
+	pvcName := "asm-pvc-" + strings.ToLower(dgType) + "-" + diskName + "-" + name + "-" + instance.Spec.InstDetails.Name + "-0"
+
+	return pvcName
+}
+
+func GetAsmPvName(name string, diskPath string, instance *oraclerestart.OracleRestart) string {
+
+	dgType := CheckDiskInAsmDeviceList(instance, diskPath)
+	diskName := diskPath[strings.LastIndex(diskPath, "/")+1:]
+	pvName := "asm-pv-" + strings.ToLower(dgType) + "-" + diskName + "-" + name + "-" + instance.Spec.InstDetails.Name + "-0"
+	return pvName
+}
+
+func CheckSfset(sfsetName string, instance *oraclerestart.OracleRestart, kClient client.Client) (*appsv1.StatefulSet, error) {
+	sfSetFound := &appsv1.StatefulSet{}
+	err := kClient.Get(context.TODO(), types.NamespacedName{
+		Name:      sfsetName,
+		Namespace: instance.Namespace,
+	}, sfSetFound)
+	if err != nil {
+		return sfSetFound, err
+	}
+	return sfSetFound, nil
+}
+
+func GetRacK8sClientConfig(kClient client.Client) (clientcmd.ClientConfig, kubernetes.Interface, error) {
+	var err1 error
+	var kubeConfig clientcmd.ClientConfig
+	var kubeClient kubernetes.Interface
+
+	oraclerestart.KubeConfigOnce.Do(func() {
+		loadingRules := clientcmd.NewDefaultClientConfigLoadingRules()
+		configOverrides := &clientcmd.ConfigOverrides{}
+		kubeConfig = clientcmd.NewNonInteractiveDeferredLoadingClientConfig(loadingRules, configOverrides)
+		config, err := kubeConfig.ClientConfig()
+		if err != nil {
+			err1 = err
+		}
+		kubeClient, err = kubernetes.NewForConfig(config)
+		if err != nil {
+			err1 = err
+		}
+
+	})
+	return kubeConfig, kubeClient, err1
+}
+
+func oraclerestartValidationCmd() []string {
+
+	oraScriptMount1 := getOraScriptMount()
+	var oraShardValidateCmd = []string{oraScriptMount1 + "/cmdExec", "/bin/python3", oraScriptMount1 + "/main.py ", "--checkliveness=true ", "--optype=primaryoraclerestart"}
+	return oraShardValidateCmd
+}
+
+func OracleRestartNodeDelCmd() []string {
+	oraScriptMount1 := getOraScriptMount()
+	var oraOracleRestartNodeDelCmd = []string{oraScriptMount1 + "/cmdExec", "/bin/python3", oraScriptMount1 + "/main.py ", "--delOracleRestartNode=\"del_rachome=true;del_gridnode=true\""}
+	return oraOracleRestartNodeDelCmd
+}
+
+func oraclerestartLsnrSetup() []string {
+	oraScriptMount1 := getOraScriptMount()
+	var oraOracleRestartNodeDelCmd = []string{oraScriptMount1 + "/cmdExec", "/bin/python3", oraScriptMount1 + "/main.py ", "--setupdblsnr=\"del_rachome=true;del_gridnode=true\""}
+	return oraOracleRestartNodeDelCmd
+}
+
+func getAsmCmd() []string {
+	asmCmd := []string{"bash", "-c", "cat /etc/rac_env_vars/envfile | grep CRS_ASM_DEVICE_LIST"}
+	return asmCmd
+}
+
+func getDbAsmCmd() []string {
+	asmCmd := []string{"bash", "-c", "cat /etc/rac_env_vars/envfile | grep DB_ASM_DEVICE_LIST"}
+	return asmCmd
+}
+
+func getOraScriptMount() string {
+
+	return utils.OraScriptMount
+
+}
+
+func getOraDbUser() string {
+
+	return utils.OraDBUser
+
+}
+
+func getOraGiUser() string {
+
+	return utils.OraGridUser
+
+}
+
+func getOraPythonCmd() string {
+
+	return "/bin/python3"
+
+}
+
+func UpdateAsmCount(gihome string, podName string, instance *oraclerestart.OracleRestart, kubeClient kubernetes.Interface, kubeconfig clientcmd.ClientConfig, logger logr.Logger,
+) error {
+
+	_, _, err := ExecCommand(podName, getUpdateAsmCount(gihome), kubeClient, kubeconfig, instance, logger)
+	if err != nil {
+		return fmt.Errorf("error ocurred while updating TCP listener ports")
+	}
+
+	return nil
+}
+
+func ValidateDbSetup(podName string, instance *oraclerestart.OracleRestart, kubeClient kubernetes.Interface, kubeconfig clientcmd.ClientConfig, logger logr.Logger,
+) error {
+
+	_, _, err := ExecCommand(podName, oraclerestartValidationCmd(), kubeClient, kubeconfig, instance, logger)
+	if err != nil {
+		return fmt.Errorf("error ocurred while validating the DB Setup")
+	}
+	return nil
+}
+
+func DelOracleRestartNode(podName string, instance *oraclerestart.OracleRestart, kubeClient kubernetes.Interface, kubeconfig clientcmd.ClientConfig, logger logr.Logger,
+) error {
+
+	_, _, err := ExecCommand(podName, OracleRestartNodeDelCmd(), kubeClient, kubeconfig, instance, logger)
+	if err != nil {
+		return fmt.Errorf("error ocurred while deleting the RAC node")
+	}
+	return nil
+}
+
+func CheckAsmList(podName string, instance *oraclerestart.OracleRestart, kubeClient kubernetes.Interface, kubeconfig clientcmd.ClientConfig, logger logr.Logger) (string, error) {
+	output, _, err := ExecCommand(podName, getAsmCmd(), kubeClient, kubeconfig, instance, logger)
+	if err != nil {
+		return "", err
+	}
+
+	parts := strings.SplitN(output, "=", 2)
+	if len(parts) < 2 {
+		return "", fmt.Errorf("unable to parse ASM device list from output: %s", output)
+	}
+
+	// Trim the \r and \n characters from the end of the string
+	deviceList := strings.TrimSpace(parts[1])
+	deviceList = strings.ReplaceAll(deviceList, "\r", "")
+	return deviceList, nil
+}
+
+func CheckDbAsmList(podName string, instance *oraclerestart.OracleRestart, kubeClient kubernetes.Interface, kubeconfig clientcmd.ClientConfig, logger logr.Logger) (string, error) {
+	output, _, err := ExecCommand(podName, getDbAsmCmd(), kubeClient, kubeconfig, instance, logger)
+	if err != nil {
+		return "", err
+	}
+
+	parts := strings.SplitN(output, "=", 2)
+	if len(parts) < 2 {
+		return "", fmt.Errorf("unable to parse ASM device list from output: %s", output)
+	}
+
+	// Trim the \r and \n characters from the end of the string
+	deviceList := strings.TrimSpace(parts[1])
+	deviceList = strings.ReplaceAll(deviceList, "\r", "")
+	return deviceList, nil
+}
+
+func checkPvc(pvcName string, instance *oraclerestart.OracleRestart, kClient client.Client) (*corev1.PersistentVolumeClaim, error) {
+	pvcFound := &corev1.PersistentVolumeClaim{}
+	err := kClient.Get(context.TODO(), types.NamespacedName{
+		Name:      pvcName,
+		Namespace: instance.Namespace,
+	}, pvcFound)
+	if err != nil {
+		return pvcFound, err
+	}
+	return pvcFound, nil
+}
+
+func checkPv(pvName string, instance *oraclerestart.OracleRestart, kClient client.Client) (*corev1.PersistentVolume, error) {
+	pvFound := &corev1.PersistentVolume{}
+	err := kClient.Get(context.TODO(), types.NamespacedName{
+		Name:      pvName,
+		Namespace: instance.Namespace,
+	}, pvFound)
+	if err != nil {
+		return pvFound, err
+	}
+	return pvFound, nil
+}
+func DelORestartPVC(instance *oraclerestart.OracleRestart, pindex int, cindex int, diskName string, disk *oraclerestart.AsmDiskDetails, kClient client.Client, logger logr.Logger) error {
+	pvcName := GetAsmPvcName(instance.Name, diskName, instance)
+	LogMessages("DEBUG", "Attempting to delete PVC: "+GetFmtStr(pvcName), nil, instance, logger)
+
+	pvc, err := checkPvc(pvcName, instance, kClient)
+	if err != nil {
+		if apierrors.IsNotFound(err) {
+			LogMessages("DEBUG", "PVC not found, skipping deletion.", nil, instance, logger)
+			return nil
+		}
+		return err
+	}
+
+	// Remove finalizers if any
+	if len(pvc.GetFinalizers()) > 0 {
+		LogMessages("DEBUG", "Removing PVC finalizers", nil, instance, logger)
+		pvc.SetFinalizers([]string{})
+		if err := kClient.Update(context.Background(), pvc); err != nil {
+			return fmt.Errorf("failed to remove finalizers from PVC %s: %v", pvcName, err)
+		}
+	}
+
+	if err := kClient.Delete(context.Background(), pvc); err != nil {
+		return fmt.Errorf("failed to delete PVC %s: %v", pvcName, err)
+	}
+	return nil
+}
+
+func DelRestartSwPvc(instance *oraclerestart.OracleRestart, OraRestartSpex oraclerestart.OracleRestartInstDetailSpec, kClient client.Client, logger logr.Logger) error {
+
+	pvcName := GetSwPvcName(instance.Name, instance)
+	LogMessages("DEBUG", "Inside the delPvc and received param: "+GetFmtStr(pvcName), nil, instance, logger)
+	pvcFound, err := checkPvc(pvcName, instance, kClient)
+	if err != nil {
+		LogMessages("DEBUG", "Error occurred in finding the pvc claim!", nil, instance, logger)
+		return nil
+	}
+	err = kClient.Delete(context.Background(), pvcFound)
+	if err != nil {
+		LogMessages("DEBUG", "Error occurred in deleting the pvc claim!", nil, instance, logger)
+		return err
+	}
+	return nil
+}
+
+func DelORestartPv(instance *oraclerestart.OracleRestart, pindex int, cindex int, diskName string, disk *oraclerestart.AsmDiskDetails, kClient client.Client, logger logr.Logger) error {
+
+	pvName := GetAsmPvName(instance.Name, diskName, instance)
+	LogMessages("DEBUG", "Inside the delPv and received param: "+GetFmtStr(pvName), nil, instance, logger)
+	pvFound, err := checkPv(pvName, instance, kClient)
+	if err != nil {
+		LogMessages("DEBUG", "Error occurred in finding the pv claim!", nil, instance, logger)
+		return nil
+	}
+	err = kClient.Delete(context.Background(), pvFound)
+	if err != nil {
+		LogMessages("DEBUG", "Error occurred in deleting the pv claim!", nil, instance, logger)
+		return err
+	}
+	return nil
+}
+
+func CheckORestartSvc(instance *oraclerestart.OracleRestart, svcType string, OraRestartSpex oraclerestart.OracleRestartInstDetailSpec, svcName string, kClient client.Client) (*corev1.Service, error) {
+	svcFound := &corev1.Service{}
+	var name string
+
+	name = getOracleRestartSvcName(instance, OraRestartSpex, svcType)
+
+	err := kClient.Get(context.TODO(), types.NamespacedName{
+		Name:      name,
+		Namespace: instance.Namespace,
+	}, svcFound)
+	if err != nil {
+		return svcFound, err
+	}
+	return svcFound, nil
+}
+
+func PodListValidation(podList *corev1.PodList, sfName string, instance *oraclerestart.OracleRestart, kClient client.Client) (bool, *corev1.Pod, *corev1.Pod) {
+	var notReadyPod *corev1.Pod
+
+	for _, pod := range podList.Items {
+		if strings.Contains(pod.Name, sfName) {
+			// Check pod status
+			if pod.Status.Phase != corev1.PodRunning {
+				if notReadyPod == nil {
+					notReadyPod = &pod
+				}
+				continue
+			}
+
+			// Check container readiness
+			allContainersReady := true
+			for _, containerStatus := range pod.Status.ContainerStatuses {
+				if !containerStatus.Ready {
+					allContainersReady = false
+					break
+				}
+			}
+
+			if allContainersReady {
+				// Return the pod if it is ready
+				return true, &pod, nil
+			} else {
+				// Return the first not ready pod found
+				if notReadyPod == nil {
+					notReadyPod = &pod
+				}
+			}
+		}
+	}
+
+	// Return false if no ready pod was found, and the first not ready pod (if any)
+	return false, nil, notReadyPod
+}
+
+func GetPodList(sfsetName string, instance *oraclerestart.OracleRestart, kClient client.Client, OraRestartSpex oraclerestart.OracleRestartInstDetailSpec,
+) (*corev1.PodList, error) {
+	podList := &corev1.PodList{}
+	//labelSelector := labels.SelectorFromSet(getlabelsForRAC(instance))
+	//labelSelector := map[string]labels.Selector{}
+	var labelSelector labels.Selector = labels.SelectorFromSet(getSvcLabelsForOracleRestart(-1, OraRestartSpex))
+
+	listOps := &client.ListOptions{Namespace: instance.Namespace, LabelSelector: labelSelector}
+
+	err := kClient.List(context.TODO(), podList, listOps)
+	if err != nil {
+		return nil, err
+	}
+	return podList, nil
+}
+
+func checkPod(instance *oraclerestart.OracleRestart, pod *corev1.Pod, kClient client.Client,
+) error {
+	err := kClient.Get(context.TODO(), types.NamespacedName{
+		Name:      pod.Name,
+		Namespace: instance.Namespace,
+	}, pod)
+
+	if err != nil {
+		// Pod Doesn't exist
+		return err
+	}
+
+	return nil
+}
+
+func checkPodStatus(pod *corev1.Pod, kClient client.Client,
+) error {
+	var msg string
+	for _, condition := range pod.Status.Conditions {
+		if pod.Status.Phase == corev1.PodRunning {
+			if condition.Type == corev1.PodReady {
+				// msg = "Pod Status is running"
+				// LogMessages("DEBUG", msg)
+				return nil
+			}
+		} else {
+			msg = "Pod is not scheduled or ready " + pod.Name + ".Describe the pod to check the detailed message"
+			return fmt.Errorf(msg)
+		}
+	}
+	return nil
+}
+
+func checkContainerStatus(pod *corev1.Pod, kClient client.Client,
+) error {
+
+	var statuses []corev1.ContainerStatus
+	var msg string
+	//	msg = "Inside the function checkContainerStatus"
+	//	LogMessages("DEBUG", msg)
+	statuses = pod.Status.ContainerStatuses
+	var isRunning bool = false
+	for _, status := range statuses {
+		if status.State.Running == nil {
+			isRunning = false
+		} else {
+			isRunning = true
+			break
+		}
+	}
+	msg = "Container is not in running state" + pod.Name + ".Describe the pod to check the detailed message"
+	if isRunning {
+		return nil
+	} else {
+		return fmt.Errorf(msg)
+	}
+}
+
+// NewNamespace creates a corev1.Namespace object using the provided name.
+func NewNamespace(name string) *corev1.Namespace {
+	return &corev1.Namespace{
+		TypeMeta: metav1.TypeMeta{
+			Kind:       "Namespace",
+			APIVersion: corev1.SchemeGroupVersion.String(),
+		},
+		ObjectMeta: metav1.ObjectMeta{
+			Name: name,
+		},
+	}
+}
+
+func getOwnerRef(instance *oraclerestart.OracleRestart,
+) []metav1.OwnerReference {
+
+	var ownerRef []metav1.OwnerReference
+	ownerRef = append(ownerRef, metav1.OwnerReference{Kind: instance.GroupVersionKind().Kind, APIVersion: instance.APIVersion, Name: instance.Name, UID: types.UID(instance.UID)})
+	return ownerRef
+}
+
+func getRacInitContainerCmd(resType string, name string, oraScriptMount string,
+) string {
+	var initCmd string
+	if oraScriptMount != "NOLOC" {
+		initCmd = resType + ";chown -R 54321:54321 " + oraScriptMount + ";chmod 755 " + oraScriptMount + "/*"
+	} else {
+		initCmd = resType
+	}
+
+	return initCmd
+}
+
+func GetFmtStr(pstr string,
+) string {
+	return "[" + pstr + "]"
+}
+
+func getClusterState(podName string, instance *oraclerestart.OracleRestart, specidx int, kubeClient kubernetes.Interface, kubeConfig clientcmd.ClientConfig, logger logr.Logger,
+) string {
+	stdoutput, _, err := ExecCommand(podName, getGiHealthCmd(), kubeClient, kubeConfig, instance, logger)
+	if err != nil {
+		msg := "Pending"
+		LogMessages("DEBUG", msg, err, instance, logger)
+		return msg
+	}
+	return strings.TrimSpace(stdoutput)
+}
+
+func getDbInstState(podName string, instance *oraclerestart.OracleRestart, specidx int, kubeClient kubernetes.Interface, kubeConfig clientcmd.ClientConfig, logger logr.Logger,
+) string {
+	stdoutput, _, err := ExecCommand(podName, getOracleRestartDbModeCmd(), kubeClient, kubeConfig, instance, logger)
+	if err != nil {
+		msg := "Pending"
+		LogMessages("DEBUG", msg, err, instance, logger)
+		return msg
+	}
+	return strings.TrimSpace(stdoutput)
+}
+
+func getAsmInstState(podName string, instance *oraclerestart.OracleRestart, specidx int, kubeClient kubernetes.Interface, kubeConfig clientcmd.ClientConfig, logger logr.Logger,
+) *oraclerestart.AsmInstanceStatus {
+	AsmStorageStatus := &oraclerestart.AsmInstanceStatus{}
+	diskGroup := getAsmDiskgroup(podName, instance, specidx, kubeClient, kubeConfig, logger)
+	if diskGroup == "Pending" {
+		return AsmStorageStatus
+	}
+	dglist := strings.Split(diskGroup, ",")
+	for _, dg := range dglist {
+		asmdg := oraclerestart.AsmDiskgroupStatus{}
+		disks := getAsmDisks(podName, string(dg), instance, specidx, kubeClient, kubeConfig, logger)
+		redundancy := getAsmDgRedundancy(podName, string(dg), instance, specidx, kubeClient, kubeConfig, logger)
+
+		asmdg.Name = string(dg)
+		asmdg.Disks = disks
+		asmdg.Redundancy = redundancy
+		AsmStorageStatus.Diskgroup = append(AsmStorageStatus.Diskgroup, asmdg)
+	}
+	return AsmStorageStatus
+}
+func GetAsmInstState(podName string, instance *oraclerestart.OracleRestart, specidx int, kubeClient kubernetes.Interface, kubeConfig clientcmd.ClientConfig, logger logr.Logger,
+) *oraclerestart.AsmInstanceStatus {
+	AsmStorageStatus := &oraclerestart.AsmInstanceStatus{}
+	diskGroup := getAsmDiskgroup(podName, instance, specidx, kubeClient, kubeConfig, logger)
+	if diskGroup == "Pending" {
+		return AsmStorageStatus
+	}
+	dglist := strings.Split(diskGroup, ",")
+	for _, dg := range dglist {
+		asmdg := oraclerestart.AsmDiskgroupStatus{}
+		disks := getAsmDisks(podName, string(dg), instance, specidx, kubeClient, kubeConfig, logger)
+		redundancy := getAsmDgRedundancy(podName, string(dg), instance, specidx, kubeClient, kubeConfig, logger)
+
+		asmdg.Name = string(dg)
+		asmdg.Disks = disks
+		asmdg.Redundancy = redundancy
+		AsmStorageStatus.Diskgroup = append(AsmStorageStatus.Diskgroup, asmdg)
+	}
+	return AsmStorageStatus
+}
+
+func getAsmDiskgroup(podName string, instance *oraclerestart.OracleRestart, specidx int, kubeClient kubernetes.Interface, kubeConfig clientcmd.ClientConfig, logger logr.Logger,
+) string {
+
+	stdoutput, _, err := ExecCommand(podName, getAsmDiskgroupCmd(), kubeClient, kubeConfig, instance, logger)
+	if err != nil {
+		msg := "Pending"
+		LogMessages("DEBUG", msg, err, instance, logger)
+		return msg
+	}
+	return strings.TrimSpace(stdoutput)
+}
+
+func getAsmDisks(podName string, dg string, instance *oraclerestart.OracleRestart, specidx int, kubeClient kubernetes.Interface, kubeConfig clientcmd.ClientConfig, logger logr.Logger,
+) []string {
+
+	stdoutput, _, err := ExecCommand(podName, getAsmDisksCmd(dg), kubeClient, kubeConfig, instance, logger)
+	if err != nil {
+		msg := "Pending"
+		LogMessages("DEBUG", msg, err, instance, logger)
+		return strings.Split(msg, ",")
+	}
+	cleanOutput := strings.ReplaceAll(stdoutput, "\r", "")
+	return strings.Split(strings.TrimSpace(cleanOutput), "\n")
+}
+
+func getAsmDgRedundancy(podName string, dg string, instance *oraclerestart.OracleRestart, specidx int, kubeClient kubernetes.Interface, kubeConfig clientcmd.ClientConfig, logger logr.Logger,
+) string {
+
+	stdoutput, _, err := ExecCommand(podName, getAsmDgRedundancyCmd(dg), kubeClient, kubeConfig, instance, logger)
+	if err != nil {
+		msg := "Pending"
+		LogMessages("DEBUG", msg, err, instance, logger)
+		return msg
+	}
+	return strings.TrimSpace(stdoutput)
+}
+
+func getAsmInstName(podName string, instance *oraclerestart.OracleRestart, specidx int, kubeClient kubernetes.Interface, kubeConfig clientcmd.ClientConfig, logger logr.Logger,
+) string {
+
+	stdoutput, _, err := ExecCommand(podName, getAsmInstNameCmd(), kubeClient, kubeConfig, instance, logger)
+	if err != nil {
+		msg := "Pending"
+		LogMessages("DEBUG", msg, err, instance, logger)
+		return msg
+	}
+	return strings.TrimSpace(stdoutput)
+}
+
+func getAsmInstStatus(podName string, instance *oraclerestart.OracleRestart, specidx int, kubeClient kubernetes.Interface, kubeConfig clientcmd.ClientConfig, logger logr.Logger,
+) string {
+
+	stdoutput, _, err := ExecCommand(podName, getAsmInstStatusCmd(), kubeClient, kubeConfig, instance, logger)
+	if err != nil {
+		msg := "Pending"
+		LogMessages("DEBUG", msg, err, instance, logger)
+		return msg
+	}
+	return strings.TrimSpace(stdoutput)
+}
+
+func getOracleRestartInstStateFile(podName string, instance *oraclerestart.OracleRestart, specidx int, kubeClient kubernetes.Interface, kubeConfig clientcmd.ClientConfig, logger logr.Logger,
+) string {
+
+	stdoutput, _, err := ExecCommand(podName, getOracleRestartInstStateFileCmd(), kubeClient, kubeConfig, instance, logger)
+	if err != nil {
+		msg := "Pending"
+		LogMessages("DEBUG", msg, err, instance, logger)
+		return msg
+	}
+	//Possible values are "provisioning", "addnode", "failed", "completed"
+	if strings.ToLower(strings.TrimSpace(stdoutput)) == "provisioning" {
+		return string(oraclerestart.OracleRestartProvisionState)
+	} else if strings.ToLower(strings.TrimSpace(stdoutput)) == "completed" {
+		return string(oraclerestart.OracleRestartAvailableState)
+	} else if strings.ToLower(strings.TrimSpace(stdoutput)) == "addnode" {
+		return string(oraclerestart.OracleRestartAddInstState)
+	} else if strings.ToLower(strings.TrimSpace(stdoutput)) == "failed" {
+		return string(oraclerestart.OracleRestartFailedState)
+	} else {
+		return string(oraclerestart.OracleRestartPendingState)
+	}
+}
+
+func getDBVersion(podName string, instance *oraclerestart.OracleRestart, specidx int, kubeClient kubernetes.Interface, kubeConfig clientcmd.ClientConfig, logger logr.Logger,
+) string {
+	stdoutput, _, err := ExecCommand(podName, getOracleRestartDbVersionCmd(), kubeClient, kubeConfig, instance, logger)
+	if err != nil {
+		msg := "Pending"
+		LogMessages("DEBUG", msg, err, instance, logger)
+		return msg
+	}
+	if strings.Contains(stdoutput, "ERROR") {
+		return "NOTAVAILABLE"
+	} else {
+		return strings.TrimSpace(stdoutput)
+	}
+}
+
+func getDbState(podName string, instance *oraclerestart.OracleRestart, specidx int, kubeClient kubernetes.Interface, kubeConfig clientcmd.ClientConfig, logger logr.Logger,
+) string {
+	stdoutput, _, err := ExecCommand(podName, getOracleRestartHealthCmd(), kubeClient, kubeConfig, instance, logger)
+	if err != nil {
+		msg := "Pending"
+		LogMessages("DEBUG", msg, err, instance, logger)
+		return msg
+	}
+	return strings.TrimSpace(stdoutput)
+}
+
+func getDbRole(podName string, instance *oraclerestart.OracleRestart, specidx int, kubeClient kubernetes.Interface, kubeConfig clientcmd.ClientConfig, logger logr.Logger,
+) string {
+	stdoutput, _, err := ExecCommand(podName, getDbRoleCmd(), kubeClient, kubeConfig, instance, logger)
+	if err != nil {
+		msg := "Pending"
+		LogMessages("DEBUG", msg, err, instance, logger)
+		return msg
+	}
+	return strings.TrimSpace(stdoutput)
+}
+
+func getConnStr(podName string, instance *oraclerestart.OracleRestart, specidx int, kubeClient kubernetes.Interface, kubeConfig clientcmd.ClientConfig, logger logr.Logger,
+) string {
+	stdoutput, _, err := ExecCommand(podName, getConnStrCmd(), kubeClient, kubeConfig, instance, logger)
+	if err != nil {
+		msg := "Pending"
+		LogMessages("DEBUG", msg, err, instance, logger)
+		return msg
+	}
+	return strings.TrimSpace(stdoutput)
+}
+
+func getExternalConnStr(
+	podName string,
+	instance *oraclerestart.OracleRestart,
+	specidx int,
+	kubeClient kubernetes.Interface,
+	kubeConfig clientcmd.ClientConfig,
+	logger logr.Logger,
+) string {
+
+	switch {
+	// Case 1: Neither service defined
+	case len(instance.Spec.NodePortSvc.PortMappings) == 0 && len(instance.Spec.LbService.PortMappings) == 0:
+		return ""
+
+	// Case 2: LoadBalancer service defined, try to use it
+	case len(instance.Spec.LbService.PortMappings) != 0:
+		lbServiceName := instance.Spec.LbService.SvcName + "-0-lbsvc"
+		lbSvc, err := kubeClient.CoreV1().Services(instance.Namespace).Get(context.TODO(), lbServiceName, metav1.GetOptions{})
+		if err == nil && lbSvc.Spec.Type == corev1.ServiceTypeLoadBalancer {
+			// Extract external IP or hostname
+			var lbExtIP string
+			for _, ingress := range lbSvc.Status.LoadBalancer.Ingress {
+				if ingress.IP != "" {
+					lbExtIP = ingress.IP
+					break
+				} else if ingress.Hostname != "" {
+					lbExtIP = ingress.Hostname
+					break
+				}
+			}
+			// Find port 1521
+			var lbPort int32
+			for _, port := range lbSvc.Spec.Ports {
+				if port.Port == 1521 {
+					lbPort = port.Port
+					break
+				}
+			}
+			if lbExtIP != "" && lbPort != 0 {
+				serviceName := instance.Spec.ServiceDetails.Name
+				return fmt.Sprintf("EXTERNAL: %s:%d/%s", lbExtIP, lbPort, serviceName)
+			}
+		}
+		return ""
+
+	// Case 3: NodePort service defined, try to use it
+	case len(instance.Spec.NodePortSvc.PortMappings) != 0:
+		npServiceName := instance.Spec.NodePortSvc.SvcName + "-0-npsvc"
+		npSvc, err := kubeClient.CoreV1().Services(instance.Namespace).Get(context.TODO(), npServiceName, metav1.GetOptions{})
+		if err != nil || npSvc.Spec.Type != corev1.ServiceTypeNodePort {
+			return ""
+		}
+		// Find port 1521
+		var nodePort int32
+		for _, port := range npSvc.Spec.Ports {
+			if port.Port == 1521 {
+				nodePort = port.NodePort
+				break
+			}
+		}
+		if nodePort == 0 {
+			return ""
+		}
+		// Get first node external/internal IP
+		nodeList, err := kubeClient.CoreV1().Nodes().List(context.TODO(), metav1.ListOptions{})
+		if err != nil || len(nodeList.Items) == 0 {
+			return ""
+		}
+		var nodeIP string
+		for _, addr := range nodeList.Items[0].Status.Addresses {
+			if addr.Type == corev1.NodeExternalIP {
+				nodeIP = addr.Address
+				break
+			} else if addr.Type == corev1.NodeInternalIP && nodeIP == "" {
+				nodeIP = addr.Address
+			}
+		}
+		if nodeIP == "" {
+			return ""
+		}
+		serviceName := instance.Spec.ServiceDetails.Name
+		return fmt.Sprintf("%s:%d/%s", nodeIP, nodePort, serviceName)
+	}
+
+	return ""
+}
+
+func getClientEtcHost(podNames []string, instance *oraclerestart.OracleRestart, specidx int, kubeClient kubernetes.Interface, kubeConfig clientcmd.ClientConfig, logger logr.Logger, nodeDetails map[string]*corev1.Node) []string {
+	// Prepare to update ClientEtcHost
+	var clientEtcHost []string
+
+	// Loop through all pod names
+	for _, podName := range podNames {
+		node := nodeDetails[podName]
+		if node == nil {
+			logger.Error(nil, "Node details not found for pod", "podName", podName)
+			continue
+		}
+
+		// Get nodeIP from node details
+		nodeIP := getNodeIPFromNodeDetails(node)
+
+		// Construct the line to be added to ClientEtcHost
+		line := fmt.Sprintf("%s    %s.rac.svc.cluster.local %s-vip.rac.svc.cluster.local    OracleRestartNode-scan.rac.svc.cluster.local", nodeIP, podName, podName)
+		clientEtcHost = append(clientEtcHost, line)
+	}
+
+	// Assuming you are returning clientEtcHost as well for any further processing
+	return clientEtcHost
+}
+
+func getNodeIPFromNodeDetails(node *corev1.Node) string {
+	var internalIP, externalIP string
+
+	// Extract internal and external IPs from node details
+	for _, addr := range node.Status.Addresses {
+		if addr.Type == corev1.NodeInternalIP {
+			internalIP = addr.Address
+		} else if addr.Type == corev1.NodeExternalIP {
+			externalIP = addr.Address
+		}
+	}
+
+	// Return external IP if it exists, otherwise return internal IP
+	if externalIP != "" {
+		return externalIP
+	}
+	return internalIP
+}
+
+// readHostsFile reads the /etc/hosts file from the pod running in privileged mode
+func readHostsFile(podName string, kubeClient kubernetes.Interface, kubeConfig clientcmd.ClientConfig, instance *oraclerestart.OracleRestart, logger logr.Logger) (string, error) {
+
+	cmd := []string{"cat", "/etc/hosts"} // Assuming this matches the MountPath in buildContainerSpecForRac
+
+	stdOutput, _, err := ExecCommand(podName, cmd, kubeClient, kubeConfig, instance, logger)
+	if err != nil {
+		msg := "Failed to read /etc/hosts from pod" + podName
+		LogMessages("DEBUG", msg, err, instance, logger)
+		return "", err
+	}
+	return strings.TrimSpace(stdOutput), nil
+}
+
+// Helper function to parse /etc/hosts content
+func parseHostsContent(content string) string {
+	var uncommentedLines string
+
+	lines := strings.Split(content, "\n")
+	for _, line := range lines {
+		trimmedLine := strings.TrimSpace(line)
+		if trimmedLine != "" && !strings.HasPrefix(trimmedLine, "#") {
+			uncommentedLines = trimmedLine
+		}
+	}
+
+	return uncommentedLines
+}
+
+func getSvcState(podName string, instance *oraclerestart.OracleRestart, specidx int, kubeClient kubernetes.Interface, kubeConfig clientcmd.ClientConfig, logger logr.Logger,
+) string {
+
+	stdoutput, _, err := ExecCommand(podName, getDBServiceStatus(instance.Status.ConfigParams.DbHome, instance.Status.ConfigParams.DbName, instance.Status.ServiceDetails.Name), kubeClient, kubeConfig, instance, logger)
+	if err != nil {
+		msg := "Pending"
+		LogMessages("DEBUG", msg, err, instance, logger)
+		return msg
+	}
+	return strings.TrimSpace(stdoutput)
+}
+
+func getPdbConnStr(podName string, instance *oraclerestart.OracleRestart, specidx int, kubeClient kubernetes.Interface, kubeConfig clientcmd.ClientConfig, logger logr.Logger,
+) string {
+	stdoutput, _, err := ExecCommand(podName, getPdbConnStrCmd(), kubeClient, kubeConfig, instance, logger)
+	if err != nil {
+		msg := "Pending"
+		LogMessages("DEBUG", msg, err, instance, logger)
+		return msg
+	}
+	return strings.TrimSpace(stdoutput)
+}
+
+// getGridHome retrieves the GRID_HOME environment variable from the specified pod
+func getGridHome(podName string, instance *oraclerestart.OracleRestart, kubeClient kubernetes.Interface, kubeConfig clientcmd.ClientConfig, logger logr.Logger) (string, error) {
+	stdoutput, _, err := ExecCommand(podName, getGridHomeCmd(), kubeClient, kubeConfig, instance, logger)
+	if err != nil {
+		msg := "Error retrieving GRID_HOME"
+		LogMessages("DEBUG", msg, err, instance, logger)
+		return "", err
+	}
+
+	return strings.TrimSpace(stdoutput), nil
+}
+
+func GetAsmDevices(instance *oraclerestart.OracleRestart) string {
+	var asmDisk []string
+	if instance.Spec.AsmStorageDetails != nil {
+		// Loop through each DiskBySize and add disk names to asmDisk
+		for _, diskBySize := range instance.Spec.AsmStorageDetails.DisksBySize {
+			asmDisk = append(asmDisk, diskBySize.DiskNames...)
+		}
+	}
+	return strings.Join(asmDisk, ",")
+}
+
+// func GetScanname(instance *oraclerestart.OracleRestart) string {
+// 	return instance.Spec.ScanSvcName
+// }
+
+func GetSSHkey(instance *oraclerestart.OracleRestart, name string, kClient client.Client) (bool, bool) {
+
+	var privKeyFlag, pubKeyFlag bool
+	secretFound, err := CheckSecret(instance, name, kClient)
+
+	if err != nil {
+
+	} else {
+		for key := range secretFound.Data {
+			switch key {
+			case instance.Spec.SshKeySecret.PrivKeySecretName:
+				privKeyFlag = true
+			case instance.Spec.SshKeySecret.PubKeySecretName:
+				pubKeyFlag = true
+			}
+		}
+	}
+
+	return privKeyFlag, pubKeyFlag
+
+}
+
+func GetDbSecret(instance *oraclerestart.OracleRestart, name string, kClient client.Client) (bool, bool, bool) {
+
+	var commonospassflag, commonpwdfile, pwdkeyflag bool
+	secretFound, err := CheckSecret(instance, name, kClient)
+
+	if err != nil {
+		return false, false, false
+	} else {
+		for key := range secretFound.Data {
+			switch key {
+			case instance.Spec.DbSecret.PwdFileName:
+				commonospassflag = true
+			case instance.Spec.DbSecret.KeyFileName:
+				pwdkeyflag = true
+			case "pwdfile":
+				commonpwdfile = true
+			}
+		}
+	}
+
+	return commonospassflag, pwdkeyflag, commonpwdfile
+
+}
+
+func GetTdeWalletSecret(instance *oraclerestart.OracleRestart, name string, kClient client.Client) (bool, bool, bool) {
+
+	var commonospassflag, commonpwdfile, pwdkeyflag bool
+	secretFound, err := CheckSecret(instance, name, kClient)
+
+	if err != nil {
+		return false, false, false
+	} else {
+		for key := range secretFound.Data {
+			switch key {
+			case instance.Spec.TdeWalletSecret.PwdFileName:
+				commonospassflag = true
+			case instance.Spec.TdeWalletSecret.KeyFileName:
+				pwdkeyflag = true
+			case "pwdfile":
+				commonpwdfile = true
+			}
+		}
+	}
+	return commonospassflag, pwdkeyflag, commonpwdfile
+}
+
+func CheckSecret(instance *oraclerestart.OracleRestart, secretName string, kClient client.Client) (*corev1.Secret, error) {
+
+	secretFound := &corev1.Secret{}
+
+	err := kClient.Get(context.TODO(), types.NamespacedName{
+		Name:      secretName,
+		Namespace: instance.Namespace,
+	}, secretFound)
+
+	if err != nil {
+		return secretFound, err
+	}
+
+	return secretFound, nil
+}
+
+func GetGiResponseFile(instance *oraclerestart.OracleRestart, kClient client.Client) (bool, map[string]string) {
+
+	var giFileFlag bool
+	cName := instance.Spec.ConfigParams.GridResponseFile.ConfigMapName
+
+	configMapFound, err := CheckConfigMap(instance, cName, kClient)
+	if err != nil {
+
+	} else {
+		for key := range configMapFound.Data {
+			if key == instance.Spec.ConfigParams.GridResponseFile.Name {
+				giFileFlag = true
+			}
+		}
+	}
+	return giFileFlag, configMapFound.Data
+}
+
+func GetDbResponseFile(instance *oraclerestart.OracleRestart, kClient client.Client) (bool, map[string]string) {
+
+	var dbFileFlag bool
+	cName := instance.Spec.ConfigParams.DbResponseFile.ConfigMapName
+
+	configMapFound, err := CheckConfigMap(instance, cName, kClient)
+	if err != nil {
+
+	} else {
+		for key := range configMapFound.Data {
+			if key == instance.Spec.ConfigParams.DbResponseFile.Name {
+				dbFileFlag = true
+			}
+		}
+	}
+	return dbFileFlag, configMapFound.Data
+}
+
+func CheckConfigMap(instance *oraclerestart.OracleRestart, configMapName string, kClient client.Client) (*corev1.ConfigMap, error) {
+
+	configMapFound := &corev1.ConfigMap{}
+
+	err := kClient.Get(context.TODO(), types.NamespacedName{
+		Name:      configMapName,
+		Namespace: instance.Namespace,
+	}, configMapFound)
+
+	if err != nil {
+		return configMapFound, err
+	}
+
+	return configMapFound, nil
+
+}
+
+func GetConfigList(sfsetName string, instance *oraclerestart.OracleRestart, kClient client.Client, OraRestartSpex oraclerestart.OracleRestartInstDetailSpec,
+) (*corev1.ConfigMapList, error) {
+	cmapList := &corev1.ConfigMapList{}
+	//labelSelector := labels.SelectorFromSet(getlabelsForRAC(instance))
+	//labelSelector := map[string]labels.Selector{}
+	var labelSelector labels.Selector = labels.SelectorFromSet(getSvcLabelsForOracleRestart(-1, OraRestartSpex))
+
+	listOps := &client.ListOptions{Namespace: instance.Namespace, LabelSelector: labelSelector}
+
+	err := kClient.List(context.TODO(), cmapList, listOps)
+	if err != nil {
+		return nil, err
+	}
+	return cmapList, nil
+}
+
+func checkElem(list1 []string, element string) bool {
+
+	if element != "" {
+		if len(list1) > 0 {
+			for _, v := range list1 {
+				if v == element {
+					return true
+				}
+			}
+		}
+	}
+
+	return false
+}
+
+func ValidateNetInterface(net string, instance *oraclerestart.OracleRestart, rspNetData string) error {
+
+	var err error
+
+	if net != "" {
+		if !strings.Contains(rspNetData, net) {
+			err = fmt.Errorf("error occurred during retreiving network card detail from grid responsefile: %s", "The key does not exist")
+		}
+	}
+
+	return err
+}
+
+func CheckRspData(instance *oraclerestart.OracleRestart, kClient client.Client, key string, cName string, fname string) (string, error) {
+
+	var rspData string
+	configMapFound, _ := CheckConfigMap(instance, cName, kClient)
+	var status bool
+	var value []string
+
+	data := configMapFound.Data[fname]
+
+	scanner := bufio.NewScanner(strings.NewReader(data))
+	for scanner.Scan() {
+		if strings.Contains(strings.ToLower(scanner.Text()), strings.ToLower(key)) {
+			if strings.ToLower(key) == "variables=" {
+				str1 := strings.Replace(scanner.Text(), "=", ";", 1)
+				value = strings.Split(str1, ";")
+			} else {
+				value = strings.Split(scanner.Text(), "=")
+			}
+			rspData = value[1]
+			fmt.Print("Key = " + value[0] + " value= " + value[1])
+			status = true
+			break
+		}
+	}
+
+	if !status {
+		return "", errors.New("the " + key + " key and value does not exist in grid responsefile. Invalid grid responsefile.")
+	}
+
+	return rspData, nil
+}
+
+func GetServiceParams(instance *oraclerestart.OracleRestart) string {
+	var sparams string
+
+	sparams = "service:" + instance.Spec.ServiceDetails.Name
+	notficationFlag, _ := strconv.ParseBool(instance.Spec.ServiceDetails.Notification)
+	if notficationFlag {
+		sparams = sparams + ";notification:" + "True"
+	}
+	if instance.Spec.ServiceDetails.Cardinality != "" {
+		sparams = sparams + ";cardinality:" + instance.Spec.ServiceDetails.Cardinality
+	}
+	if len(instance.Spec.ServiceDetails.Preferred) > 0 {
+		sparams = sparams + ";preferred:" + strings.Join(instance.Spec.ServiceDetails.Preferred[:], ",")
+	}
+	if len(instance.Spec.ServiceDetails.Available) > 0 {
+		sparams = sparams + ";available:" + strings.Join(instance.Spec.ServiceDetails.Available[:], ",")
+	}
+	if instance.Spec.ServiceDetails.Pdb != "" {
+		sparams = sparams + ";pdb:" + instance.Spec.ServiceDetails.Pdb
+	}
+
+	if instance.Spec.ServiceDetails.ClbGoal != "" {
+		sparams = sparams + ";clbgoal:" + instance.Spec.ServiceDetails.ClbGoal
+	}
+
+	if instance.Spec.ServiceDetails.RlbGoal != "" {
+		sparams = sparams + ";rlbgoal:" + instance.Spec.ServiceDetails.RlbGoal
+	}
+
+	if instance.Spec.ServiceDetails.FailOverRestore != "" {
+		sparams = sparams + ";failover_restore:" + instance.Spec.ServiceDetails.FailOverRestore
+	}
+
+	if instance.Spec.ServiceDetails.FailBack != "" {
+		sparams = sparams + ";failback:" + instance.Spec.ServiceDetails.FailBack
+	}
+
+	cmdFlag, _ := strconv.ParseBool(instance.Spec.ServiceDetails.CommitOutCome)
+	if cmdFlag {
+		sparams = sparams + ";commit_outcome:" + "True"
+	}
+
+	cmtPathFlag, _ := strconv.ParseBool(instance.Spec.ServiceDetails.CommitOutComeFastPath)
+	if cmtPathFlag {
+		sparams = sparams + ";commit_outcome_fastpath:" + "True"
+	}
+
+	if instance.Spec.ServiceDetails.FailBack != "" {
+		sparams = sparams + ";failback:" + instance.Spec.ServiceDetails.FailBack
+	}
+
+	if instance.Spec.ServiceDetails.FailOverType != "" {
+		sparams = sparams + ";failovertype:" + instance.Spec.ServiceDetails.FailOverType
+	}
+
+	if instance.Spec.ServiceDetails.FailOverDelay > 0 {
+		sparams = sparams + ";failoverdelay:" + strconv.FormatInt(int64(instance.Spec.ServiceDetails.FailOverDelay), 10)
+	}
+
+	if instance.Spec.ServiceDetails.FailOverRetry > 0 {
+		sparams = sparams + ";failoverretry:" + strconv.FormatInt(int64(instance.Spec.ServiceDetails.FailOverRetry), 10)
+	}
+
+	if instance.Spec.ServiceDetails.DrainTimeOut > 0 {
+		sparams = sparams + ";drain_timeout:" + strconv.FormatInt(int64(instance.Spec.ServiceDetails.DrainTimeOut), 10)
+	}
+
+	if instance.Spec.ServiceDetails.Dtp != "" {
+		sparams = sparams + ";dtp:" + instance.Spec.ServiceDetails.Dtp
+	}
+
+	if instance.Spec.ServiceDetails.Role != "" {
+		sparams = sparams + ";role:" + instance.Spec.ServiceDetails.Role
+	}
+
+	if instance.Spec.ServiceDetails.Retention > 0 {
+		sparams = sparams + ";retention:" + strconv.FormatInt(int64(instance.Spec.ServiceDetails.Retention), 10)
+	}
+
+	return sparams
+}
+
+// . This function get the healthy node name from instance.status
+
+func GetHealthyNode(instance *oraclerestart.OracleRestart) (string, error) {
+	var i int32
+
+	if len(instance.Status.OracleRestartNodes) > 0 {
+		for i = 0; i < int32(len(instance.Status.OracleRestartNodes)); i++ {
+			if instance.Status.OracleRestartNodes[i].NodeDetails != nil {
+				if instance.Status.OracleRestartNodes[i].NodeDetails.ClusterState == "HEALTHY" {
+					return instance.Status.OracleRestartNodes[i].Name, nil
+				}
+			}
+		}
+	}
+	return "", fmt.Errorf("no healthy node exist")
+}
+
+func GetHealthyNodeCounts(instance *oraclerestart.OracleRestart) (int, error) {
+	var i, totalNodes, healthyNodeCount int
+
+	totalNodes = len(instance.Status.OracleRestartNodes)
+
+	if totalNodes > 0 {
+		for i = 0; i < totalNodes; i++ {
+			if instance.Status.OracleRestartNodes[i].NodeDetails != nil {
+				if instance.Status.OracleRestartNodes[i].NodeDetails.ClusterState == "HEALTHY" {
+					healthyNodeCount++
+				}
+			}
+		}
+	}
+
+	if totalNodes == healthyNodeCount {
+		return healthyNodeCount, nil
+	}
+	return 0, fmt.Errorf("healthy cluster node counts are not matching with total cluster nodes")
+}
+func GetSwPvcName(name string, instance *oraclerestart.OracleRestart) string {
+	//// If you are making any change, please refer SwVolumeClaimTemplatesForOracleRestart function as we add instance.Spec.InstDetails.Name + "-0"
+	pvcName := "odb-sw-pvc-" + name + "-" + instance.Spec.InstDetails.Name + "-0"
+	return pvcName
+}
+
+func CheckDiskInAsmDeviceList(instance *oraclerestart.OracleRestart, diskName string) string {
+	dgDisk := []string{"CRS", "DATA", "RECO", "REDO"}
+
+	recoDisk := strings.Split(instance.Spec.ConfigParams.RecoAsmDeviceList, ",")
+	redoDisk := strings.Split(instance.Spec.ConfigParams.RedoAsmDeviceList, ",")
+	dataDisk := strings.Split(instance.Spec.ConfigParams.DbAsmDeviceList, ",")
+	crsDisk := strings.Split(instance.Spec.ConfigParams.CrsAsmDeviceList, ",")
+
+	for _, value := range dgDisk {
+		switch value {
+		case "CRS":
+			if slices.Contains(crsDisk, diskName) {
+				return "CRSDG"
+			}
+		case "DATA":
+			if slices.Contains(dataDisk, diskName) {
+				return "DATADG"
+			}
+		case "RECO":
+			if slices.Contains(recoDisk, diskName) {
+				return "RECODG"
+			}
+		case "REDO":
+			if slices.Contains(redoDisk, diskName) {
+				return "REDODG"
+			}
+		default:
+			return "NODG"
+		}
+
+	}
+	return "NODG"
+}
+
+func CheckStorageClass(instance *oraclerestart.OracleRestart) string {
+	if len(instance.Spec.CrsDgStorageClass) == 0 && len(instance.Spec.DataDgStorageClass) == 0 && len(instance.Spec.RecoDgStorageClass) == 0 && len(instance.Spec.RedoDgStorageClass) == 0 {
+		return "NOSC"
+	}
+	return "SC"
+}
diff --git a/commons/oraclerestart/oraclerestartconstants.go b/commons/oraclerestart/oraclerestartconstants.go
new file mode 100644
index 00000000..b91d9cbf
--- /dev/null
+++ b/commons/oraclerestart/oraclerestartconstants.go
@@ -0,0 +1,159 @@
+/*
+** Copyright (c) 2022 Oracle and/or its affiliates.
+**
+** The Universal Permissive License (UPL), Version 1.0
+**
+** Subject to the condition set forth below, permission is hereby granted to any
+** person obtaining a copy of this software, associated documentation and/or data
+** (collectively the "Software"), free of charge and under any and all copyright
+** rights in the Software, and any and all patent rights owned or freely
+** licensable by each licensor hereunder covering either (i) the unmodified
+** Software as contributed to or provided by such licensor, or (ii) the Larger
+** Works (as defined below), to deal in both
+**
+** (a) the Software, and
+** (b) any piece of software and/or hardware listed in the lrgrwrks.txt file if
+** one is included with the Software (each a "Larger Work" to which the Software
+** is contributed by such licensors),
+**
+** without restriction, including without limitation the rights to copy, create
+** derivative works of, display, perform, and distribute the Software and make,
+** use, sell, offer for sale, import, export, have made, and have sold the
+** Software and the Larger Work(s), and to sublicense the foregoing rights on
+** either these or other terms.
+**
+** This license is subject to the following condition:
+** The above copyright notice and either this complete permission notice or at
+** a minimum a reference to the UPL must be included in all copies or
+** substantial portions of the Software.
+**
+** THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+** IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+** FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+** AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+** LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+** OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+** SOFTWARE.
+ */
+
+package commons
+
+func getOracleRestartDbModeCmd() []string {
+	oraScriptMount1 := getOraScriptMount()
+	oraPythonCmd := getOraPythonCmd()
+	var oraRacInstCmd = []string{oraScriptMount1 + "/cmdExec", oraPythonCmd, oraScriptMount1 + "/main.py ", "--checkracinst=true "}
+	return oraRacInstCmd
+}
+
+func getGiHealthCmd() []string {
+	oraScriptMount1 := getOraScriptMount()
+	oraPythonCmd := getOraPythonCmd()
+	var oraGiCmd = []string{oraScriptMount1 + "/cmdExec", oraPythonCmd, oraScriptMount1 + "/main.py ", "--checkgilocal=true "}
+	return oraGiCmd
+}
+
+func getOracleRestartHealthCmd() []string {
+	oraScriptMount1 := getOraScriptMount()
+	oraPythonCmd := getOraPythonCmd()
+	var oraRacCmd = []string{oraScriptMount1 + "/cmdExec", oraPythonCmd, oraScriptMount1 + "/main.py ", "--checkracdb=true "}
+	return oraRacCmd
+}
+
+func getConnStrCmd() []string {
+	oraScriptMount1 := getOraScriptMount()
+	oraPythonCmd := getOraPythonCmd()
+	var oraRacConnCmd = []string{oraScriptMount1 + "/cmdExec", oraPythonCmd, oraScriptMount1 + "/main.py ", "--checkconnstr=true "}
+	return oraRacConnCmd
+}
+func getGridHomeCmd() []string {
+	// Command to source the envfile and echo GRID_HOME
+	gridHomeCmd := []string{"sh", "-c", "grep '^GRID_HOME=' /etc/rac_env_vars/envfile | cut -d'=' -f2"}
+	return gridHomeCmd
+}
+
+func getPdbConnStrCmd() []string {
+	oraScriptMount1 := getOraScriptMount()
+	oraPythonCmd := getOraPythonCmd()
+	var oraRacConnCmd = []string{oraScriptMount1 + "/cmdExec", oraPythonCmd, oraScriptMount1 + "/main.py ", "--checkpdbconnstr=true "}
+	return oraRacConnCmd
+}
+
+func getDbRoleCmd() []string {
+	oraScriptMount1 := getOraScriptMount()
+	oraPythonCmd := getOraPythonCmd()
+	var oraRacRoleCmd = []string{oraScriptMount1 + "/cmdExec", oraPythonCmd, oraScriptMount1 + "/main.py ", "--checkdbrole=true "}
+	return oraRacRoleCmd
+}
+
+func getOracleRestartDbVersionCmd() []string {
+	oraScriptMount1 := getOraScriptMount()
+	oraPythonCmd := getOraPythonCmd()
+	var oraRacVersionCmd = []string{oraScriptMount1 + "/cmdExec", oraPythonCmd, oraScriptMount1 + "/main.py ", "--checkdbversion=true "}
+	return oraRacVersionCmd
+}
+
+func getDBServiceStatus(dbhome string, dbname string, svcname string) []string {
+	oraScriptMount1 := getOraScriptMount()
+	oraPythonCmd := getOraPythonCmd()
+	svcStr := "\"" + "service=" + svcname + ";dbname=" + dbname + "\""
+	var oraRacVersionCmd = []string{oraScriptMount1 + "/cmdExec", oraPythonCmd, oraScriptMount1 + "/main.py ", "--checkdbsvc=" + svcStr}
+	return oraRacVersionCmd
+}
+
+// func modifyDBServiceStatus(dbhome string, dbname string, svcname string) []string {
+// 	oraDBUser := getOraDbUser()
+
+// 	//oraGiUser := getOraGiUser()
+// 	svcModifyCmd := "su " + oraDBUser + " -c \"" + oraDBUser + " ;srvctl modify service -s " + svcname + " -d " + dbname + " " + dbhome + "\""
+// 	var oraModifySvcCmd = []string{svcModifyCmd}
+// 	return oraModifySvcCmd
+// }
+
+func getAsmDiskgroupCmd() []string {
+	oraScriptMount1 := getOraScriptMount()
+	oraPythonCmd := getOraPythonCmd()
+	diskgroupscmd := []string{oraScriptMount1 + "/cmdExec", oraPythonCmd, oraScriptMount1 + "/main.py ", "--getasmdiskgroup=true"}
+	return diskgroupscmd
+}
+
+func getAsmDisksCmd(diskgroup string) []string {
+	oraScriptMount1 := getOraScriptMount()
+	oraPythonCmd := getOraPythonCmd()
+	disks := []string{oraScriptMount1 + "/cmdExec", oraPythonCmd, oraScriptMount1 + "/main.py ", "--getasmdisks=" + diskgroup}
+	return disks
+}
+
+func getAsmDgRedundancyCmd(diskgroup string) []string {
+	oraScriptMount1 := getOraScriptMount()
+	oraPythonCmd := getOraPythonCmd()
+	redundancy := []string{oraScriptMount1 + "/cmdExec", oraPythonCmd, oraScriptMount1 + "/main.py ", "--getdgredundancy=" + diskgroup}
+	return redundancy
+}
+
+func getAsmInstNameCmd() []string {
+	oraScriptMount1 := getOraScriptMount()
+	oraPythonCmd := getOraPythonCmd()
+	name := []string{oraScriptMount1 + "/cmdExec", oraPythonCmd, oraScriptMount1 + "/main.py ", "--getasminstname=true"}
+	return name
+}
+
+func getAsmInstStatusCmd() []string {
+	oraScriptMount1 := getOraScriptMount()
+	oraPythonCmd := getOraPythonCmd()
+	status := []string{oraScriptMount1 + "/cmdExec", oraPythonCmd, oraScriptMount1 + "/main.py ", "--getasminststatus=true"}
+	return status
+}
+
+// This function generates cmmand for modifying asm cardinality for the nodes
+func getUpdateAsmCount(gihome string) []string {
+	oraScriptMount1 := getOraScriptMount()
+	oraPythonCmd := getOraPythonCmd()
+	var oraUpdAsmCountCmd = []string{oraScriptMount1 + "/cmdExec", oraPythonCmd, oraScriptMount1 + "/main.py ", "--updateasmcount=2"}
+	return oraUpdAsmCountCmd
+}
+
+// This function generates cmmand for modifying asm cardinality for the nodes
+func getOracleRestartInstStateFileCmd() []string {
+	var oraStateCmd = []string{"/bin/bash", "-c", "  cat /tmp/orod/.statefile"}
+	return oraStateCmd
+}
diff --git a/commons/oraclerestart/oraclerestartprov.go b/commons/oraclerestart/oraclerestartprov.go
new file mode 100644
index 00000000..81e8fb48
--- /dev/null
+++ b/commons/oraclerestart/oraclerestartprov.go
@@ -0,0 +1,1154 @@
+/*
+** Copyright (c) 2022 Oracle and/or its affiliates.
+**
+** The Universal Permissive License (UPL), Version 1.0
+**
+** Subject to the condition set forth below, permission is hereby granted to any
+** person obtaining a copy of this software, associated documentation and/or data
+** (collectively the "Software"), free of charge and under any and all copyright
+** rights in the Software, and any and all patent rights owned or freely
+** licensable by each licensor hereunder covering either (i) the unmodified
+** Software as contributed to or provided by such licensor, or (ii) the Larger
+** Works (as defined below), to deal in both
+**
+** (a) the Software, and
+** (b) any piece of software and/or hardware listed in the lrgrwrks.txt file if
+** one is included with the Software (each a "Larger Work" to which the Software
+** is contributed by such licensors),
+**
+** without restriction, including without limitation the rights to copy, create
+** derivative works of, display, perform, and distribute the Software and make,
+** use, sell, offer for sale, import, export, have made, and have sold the
+** Software and the Larger Work(s), and to sublicense the foregoing rights on
+** either these or other terms.
+**
+** This license is subject to the following condition:
+** The above copyright notice and either this complete permission notice or at
+** a minimum a reference to the UPL must be included in all copies or
+** substantial portions of the Software.
+**
+** THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+** IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+** FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+** AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+** LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+** OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+** SOFTWARE.
+ */
+
+package commons
+
+import (
+	"context"
+	"fmt"
+	"strconv"
+	"strings"
+
+	"github.com/go-logr/logr"
+	oraclerestart "github.com/oracle/oracle-database-operator/apis/database/v4"
+	utils "github.com/oracle/oracle-database-operator/commons/oraclerestart/utils"
+	appsv1 "k8s.io/api/apps/v1"
+	corev1 "k8s.io/api/core/v1"
+	storagev1 "k8s.io/api/storage/v1"
+	apierrors "k8s.io/apimachinery/pkg/api/errors"
+	"k8s.io/apimachinery/pkg/api/resource"
+	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
+	"k8s.io/apimachinery/pkg/types"
+	"k8s.io/apimachinery/pkg/util/intstr"
+	ctrl "sigs.k8s.io/controller-runtime"
+	"sigs.k8s.io/controller-runtime/pkg/client"
+)
+
+// Constants for rac-stateful StatefulSet & Volumes
+func buildLabelsForOracleRestart(instance *oraclerestart.OracleRestart, label string) map[string]string {
+	return map[string]string{
+		"cluster": "oraclerestart",
+	}
+
+	// "oralabel": getLabelForOracleRestart(instance),
+}
+
+func buildLabelsForAsmPv(instance *oraclerestart.OracleRestart, diskName string) map[string]string {
+	return map[string]string{
+		"asm_vol": "block-asm-pv-" + getLabelForOracleRestart(instance) + "-" + diskName[strings.LastIndex(diskName, "/")+1:],
+	}
+}
+
+func getLabelForOracleRestart(instance *oraclerestart.OracleRestart) string {
+
+	return instance.Name
+}
+
+func BuildStatefulSetForOracleRestart(instance *oraclerestart.OracleRestart, OracleRestartSpex oraclerestart.OracleRestartInstDetailSpec, kClient client.Client) *appsv1.StatefulSet {
+	sfset := &appsv1.StatefulSet{
+		TypeMeta:   buildTypeMetaForOracleRestart(),
+		ObjectMeta: builObjectMetaForOracleRestart(instance, OracleRestartSpex),
+		Spec:       *buildStatefulSpecForOracleRestart(instance, OracleRestartSpex, kClient),
+	}
+	return sfset
+}
+
+// Function to build TypeMeta
+func buildTypeMetaForOracleRestart() metav1.TypeMeta {
+	// building TypeMeta
+	typeMeta := metav1.TypeMeta{
+		Kind:       "StatefulSet",
+		APIVersion: "apps/v1",
+	}
+	return typeMeta
+}
+
+// Function to build ObjectMeta
+func builObjectMetaForOracleRestart(instance *oraclerestart.OracleRestart, OracleRestartSpex oraclerestart.OracleRestartInstDetailSpec) metav1.ObjectMeta {
+	// building objectMeta
+	objmeta := metav1.ObjectMeta{
+		Name:      OracleRestartSpex.Name,
+		Namespace: instance.Namespace,
+		Labels:    buildLabelsForOracleRestart(instance, "OracleRestart"),
+	}
+	return objmeta
+}
+
+// Function to build Stateful Specs
+func buildStatefulSpecForOracleRestart(
+	instance *oraclerestart.OracleRestart,
+	OracleRestartSpex oraclerestart.OracleRestartInstDetailSpec,
+	kClient client.Client,
+) *appsv1.StatefulSetSpec {
+
+	// Build PodSpec first
+	podSpec := buildPodSpecForOracleRestart(instance, OracleRestartSpex)
+
+	// Add service account name if specified
+	if instance.Spec.SrvAccountName != "" {
+		podSpec.ServiceAccountName = instance.Spec.SrvAccountName
+	}
+
+	// Build StatefulSetSpec
+	sfsetspec := &appsv1.StatefulSetSpec{
+		ServiceName: utils.OraSubDomain,
+		Selector: &metav1.LabelSelector{
+			MatchLabels: buildLabelsForOracleRestart(instance, "OracleRestart"),
+		},
+		Template: corev1.PodTemplateSpec{
+			ObjectMeta: metav1.ObjectMeta{
+				Name:   OracleRestartSpex.Name,
+				Labels: buildLabelsForOracleRestart(instance, "OracleRestart"),
+			},
+			Spec: *podSpec, // dereference after modification
+		},
+	}
+	// Add volume claim templates if a storage class is specified
+	if len(instance.Spec.DataDgStorageClass) != 0 && !asmPvcsExist(instance, kClient) {
+		sfsetspec.VolumeClaimTemplates = append(sfsetspec.VolumeClaimTemplates, ASMVolumeClaimTemplatesForDG(instance, OracleRestartSpex, &instance.Spec.DataDgStorageClass)...)
+	}
+
+	if len(instance.Spec.CrsDgStorageClass) != 0 && !asmPvcsExist(instance, kClient) {
+		sfsetspec.VolumeClaimTemplates = append(sfsetspec.VolumeClaimTemplates, ASMVolumeClaimTemplatesForDG(instance, OracleRestartSpex, &instance.Spec.CrsDgStorageClass)...)
+	}
+
+	if len(instance.Spec.RecoDgStorageClass) != 0 && !asmPvcsExist(instance, kClient) {
+		sfsetspec.VolumeClaimTemplates = append(sfsetspec.VolumeClaimTemplates, ASMVolumeClaimTemplatesForDG(instance, OracleRestartSpex, &instance.Spec.RecoDgStorageClass)...)
+	}
+
+	if len(instance.Spec.RedoDgStorageClass) != 0 && !asmPvcsExist(instance, kClient) {
+		sfsetspec.VolumeClaimTemplates = append(sfsetspec.VolumeClaimTemplates, ASMVolumeClaimTemplatesForDG(instance, OracleRestartSpex, &instance.Spec.RedoDgStorageClass)...)
+	}
+
+	if len(instance.Spec.SwStorageClass) != 0 && len(instance.Spec.InstDetails.HostSwLocation) == 0 {
+		sfsetspec.VolumeClaimTemplates = append(sfsetspec.VolumeClaimTemplates, SwVolumeClaimTemplatesForOracleRestart(instance, OracleRestartSpex))
+	}
+	// Add annotations to the Pod template
+	// sfsetspec.Template.Annotations = generateNetworkDetails(instance, OracleRestartSpex, kClient)
+
+	return sfsetspec
+}
+
+func asmPvcsExist(instance *oraclerestart.OracleRestart, kClient client.Client) bool {
+	for _, diskBySize := range instance.Spec.AsmStorageDetails.DisksBySize {
+		for _, diskName := range diskBySize.DiskNames {
+			pvcName := GetAsmPvcName(instance.Name, diskName, instance)
+			var pvc corev1.PersistentVolumeClaim
+			err := kClient.Get(context.TODO(), types.NamespacedName{
+				Name:      pvcName,
+				Namespace: instance.Namespace,
+			}, &pvc)
+
+			if err != nil {
+				if apierrors.IsNotFound(err) {
+					// If even one expected PVC is not found, treat as "not all exist"
+					return false
+				}
+				// If error is something else, assume PVCs exist to avoid accidental overwrite
+				return true
+			}
+		}
+	}
+	return true
+}
+
+// Function to build PodSpec
+
+func buildPodSpecForOracleRestart(instance *oraclerestart.OracleRestart, OracleRestartSpex oraclerestart.OracleRestartInstDetailSpec) *corev1.PodSpec {
+
+	spec := &corev1.PodSpec{
+		Hostname:       OracleRestartSpex.Name + "-0",
+		Subdomain:      utils.OraSubDomain,
+		InitContainers: buildInitContainerSpecForOracleRestart(instance, OracleRestartSpex),
+		Containers:     buildContainerSpecForOracleRestart(instance, OracleRestartSpex),
+		Volumes:        buildVolumeSpecForOracleRestart(instance, OracleRestartSpex),
+		Affinity:       getNodeAffinity(instance, OracleRestartSpex),
+	}
+
+	if instance.Spec.SecurityContext != nil {
+		spec.SecurityContext = instance.Spec.SecurityContext
+	}
+
+	if len(instance.Spec.ImagePullSecret) > 0 {
+		spec.ImagePullSecrets = []corev1.LocalObjectReference{
+			{
+				Name: instance.Spec.ImagePullSecret,
+			},
+		}
+	}
+	return spec
+}
+
+// Function get the Node Affinity
+func getNodeAffinity(instance *oraclerestart.OracleRestart, OracleRestartSpex oraclerestart.OracleRestartInstDetailSpec) *corev1.Affinity {
+
+	nodeAffinity := &corev1.NodeAffinity{
+		RequiredDuringSchedulingIgnoredDuringExecution: &corev1.NodeSelector{
+			NodeSelectorTerms: []corev1.NodeSelectorTerm{},
+		},
+	}
+
+	racTerm := corev1.NodeSelectorTerm{
+		MatchExpressions: []corev1.NodeSelectorRequirement{},
+	}
+
+	racMatch := corev1.NodeSelectorRequirement{
+		Key:      utils.OraNodeKey,
+		Operator: utils.OraOperatorKey,
+		Values:   OracleRestartSpex.WorkerNode,
+	}
+
+	racTerm.MatchExpressions = append(racTerm.MatchExpressions, racMatch)
+	nodeAffinity.RequiredDuringSchedulingIgnoredDuringExecution.NodeSelectorTerms = append(nodeAffinity.RequiredDuringSchedulingIgnoredDuringExecution.NodeSelectorTerms,
+		racTerm)
+
+	affinity := &corev1.Affinity{NodeAffinity: nodeAffinity}
+	return affinity
+
+}
+
+// Function get the Node Affinity
+func getAsmNodeAffinity(instance *oraclerestart.OracleRestart, disk *oraclerestart.AsmDiskDetails) *corev1.VolumeNodeAffinity {
+
+	nodeAffinity := &corev1.VolumeNodeAffinity{
+		Required: &corev1.NodeSelector{
+			NodeSelectorTerms: []corev1.NodeSelectorTerm{},
+		},
+	}
+
+	racTerm := corev1.NodeSelectorTerm{
+		MatchExpressions: []corev1.NodeSelectorRequirement{},
+	}
+
+	racMatch := corev1.NodeSelectorRequirement{
+		Key:      utils.OraNodeKey,
+		Operator: utils.OraOperatorKey,
+		Values:   instance.Spec.InstDetails.WorkerNode,
+	}
+
+	racTerm.MatchExpressions = append(racTerm.MatchExpressions, racMatch)
+	nodeAffinity.Required.NodeSelectorTerms = append(nodeAffinity.Required.NodeSelectorTerms,
+		racTerm)
+
+	return nodeAffinity
+
+}
+
+// Function to build Volume Spec
+func buildVolumeSpecForOracleRestart(instance *oraclerestart.OracleRestart, OracleRestartSpex oraclerestart.OracleRestartInstDetailSpec) []corev1.Volume {
+	var result []corev1.Volume
+	result = []corev1.Volume{
+		{
+			Name: OracleRestartSpex.Name + "-ssh-secretmap-vol",
+			VolumeSource: corev1.VolumeSource{
+				Secret: &corev1.SecretVolumeSource{
+					SecretName: instance.Spec.SshKeySecret.Name,
+				},
+			},
+		},
+		{
+			Name: OracleRestartSpex.Name + "-oradshm-vol",
+			VolumeSource: corev1.VolumeSource{
+				EmptyDir: &corev1.EmptyDirVolumeSource{Medium: corev1.StorageMediumMemory},
+			},
+		},
+	}
+
+	if len(instance.Spec.ScriptsLocation) != 0 {
+		result = append(result, corev1.Volume{Name: OracleRestartSpex.Name + "-oradata-scripts-vol", VolumeSource: corev1.VolumeSource{EmptyDir: &corev1.EmptyDirVolumeSource{}}})
+	}
+
+	if instance.Spec.DbSecret != nil {
+		if instance.Spec.DbSecret.Name != "" {
+			result = append(result, corev1.Volume{Name: OracleRestartSpex.Name + "-dbsecret-pwd-vol", VolumeSource: corev1.VolumeSource{Secret: &corev1.SecretVolumeSource{SecretName: instance.Spec.DbSecret.Name}}})
+		}
+
+		if instance.Spec.DbSecret.KeySecretName != "" {
+			result = append(result, corev1.Volume{Name: OracleRestartSpex.Name + "-dbsecret-key-vol", VolumeSource: corev1.VolumeSource{Secret: &corev1.SecretVolumeSource{SecretName: instance.Spec.DbSecret.KeySecretName}}})
+		}
+	}
+
+	if instance.Spec.TdeWalletSecret != nil {
+		if instance.Spec.TdeWalletSecret.Name != "" {
+			result = append(result, corev1.Volume{Name: OracleRestartSpex.Name + "-tdesecret-pwd-vol", VolumeSource: corev1.VolumeSource{Secret: &corev1.SecretVolumeSource{SecretName: instance.Spec.TdeWalletSecret.Name}}})
+		}
+
+		if instance.Spec.TdeWalletSecret.KeySecretName != "" {
+			result = append(result, corev1.Volume{Name: OracleRestartSpex.Name + "-tdesecret-key-vol", VolumeSource: corev1.VolumeSource{Secret: &corev1.SecretVolumeSource{SecretName: instance.Spec.TdeWalletSecret.KeySecretName}}})
+		}
+	}
+
+	if len(instance.Spec.ConfigParams.GridResponseFile.ConfigMapName) != 0 {
+		result = append(result, corev1.Volume{Name: OracleRestartSpex.Name + "-oradata-girsp", VolumeSource: corev1.VolumeSource{ConfigMap: &corev1.ConfigMapVolumeSource{LocalObjectReference: corev1.LocalObjectReference{Name: instance.Spec.ConfigParams.GridResponseFile.ConfigMapName}}}})
+	}
+
+	if len(instance.Spec.ConfigParams.DbResponseFile.ConfigMapName) != 0 {
+		result = append(result, corev1.Volume{Name: OracleRestartSpex.Name + "-oradata-dbrsp", VolumeSource: corev1.VolumeSource{ConfigMap: &corev1.ConfigMapVolumeSource{LocalObjectReference: corev1.LocalObjectReference{Name: instance.Spec.ConfigParams.DbResponseFile.ConfigMapName}}}})
+	}
+
+	if len(OracleRestartSpex.EnvFile) != 0 {
+		result = append(result, corev1.Volume{Name: OracleRestartSpex.Name + "-oradata-envfile", VolumeSource: corev1.VolumeSource{ConfigMap: &corev1.ConfigMapVolumeSource{LocalObjectReference: corev1.LocalObjectReference{Name: OracleRestartSpex.EnvFile}}}})
+	}
+
+	if len(OracleRestartSpex.HostSwLocation) != 0 {
+		result = append(result, corev1.Volume{Name: OracleRestartSpex.Name + "-oradata-sw-vol", VolumeSource: corev1.VolumeSource{HostPath: &corev1.HostPathVolumeSource{Path: OracleRestartSpex.HostSwLocation}}})
+	} else {
+		if instance.Spec.SwStorageClass != "" {
+			result = append(result, corev1.Volume{Name: OracleRestartSpex.Name + "-oradata-sw-vol", VolumeSource: corev1.VolumeSource{PersistentVolumeClaim: &corev1.PersistentVolumeClaimVolumeSource{ClaimName: GetSwPvcName(instance.Name, instance)}}})
+		}
+	}
+
+	// Following block checks for HostSwStageLocation, RUPatchLocation nd OpatchLocation
+	if instance.Spec.ConfigParams != nil && len(instance.Spec.ConfigParams.SwStagePvc) != 0 {
+		// FIrst Check
+		result = append(result, corev1.Volume{
+			Name:         OracleRestartSpex.Name + "-oradata-swstagepvc-vol",
+			VolumeSource: corev1.VolumeSource{PersistentVolumeClaim: &corev1.PersistentVolumeClaimVolumeSource{ClaimName: instance.Spec.ConfigParams.SwStagePvc}},
+		})
+	} else {
+		if len(instance.Spec.ConfigParams.HostSwStageLocation) != 0 {
+			result = append(result, corev1.Volume{
+				Name: OracleRestartSpex.Name + "-oradata-swstage-vol",
+				VolumeSource: corev1.VolumeSource{
+					HostPath: &corev1.HostPathVolumeSource{
+						Path: instance.Spec.ConfigParams.HostSwStageLocation,
+					},
+				},
+			})
+		}
+		if instance.Spec.ConfigParams.RuPatchLocation != "" {
+			result = append(result, corev1.Volume{
+				Name: OracleRestartSpex.Name + "-oradata-rupatch-vol",
+				VolumeSource: corev1.VolumeSource{
+					HostPath: &corev1.HostPathVolumeSource{
+						Path: instance.Spec.ConfigParams.RuPatchLocation,
+					},
+				},
+			})
+		}
+		if instance.Spec.ConfigParams.OPatchLocation != "" {
+			result = append(result, corev1.Volume{
+				Name: OracleRestartSpex.Name + "-oradata-opatch-vol",
+				VolumeSource: corev1.VolumeSource{
+					HostPath: &corev1.HostPathVolumeSource{
+						Path: instance.Spec.ConfigParams.OPatchLocation,
+					},
+				},
+			})
+		}
+		if instance.Spec.ConfigParams.OneOffLocation != "" {
+			result = append(result, corev1.Volume{
+				Name: OracleRestartSpex.Name + "-oradata-oneoff-vol",
+				VolumeSource: corev1.VolumeSource{
+					HostPath: &corev1.HostPathVolumeSource{
+						Path: instance.Spec.ConfigParams.OneOffLocation,
+					},
+				},
+			})
+		}
+	}
+
+	if len(OracleRestartSpex.PvcName) != 0 {
+		for source := range OracleRestartSpex.PvcName {
+			result = append(result, corev1.Volume{Name: OracleRestartSpex.Name + "-ora-vol-" + source, VolumeSource: corev1.VolumeSource{PersistentVolumeClaim: &corev1.PersistentVolumeClaimVolumeSource{ClaimName: source}}})
+		}
+	}
+
+	if instance.Spec.AsmStorageDetails != nil {
+		// Iterate over the DisksBySize slice
+		for _, diskBySize := range instance.Spec.AsmStorageDetails.DisksBySize {
+			// For each DiskBySize, append PVCs for the disks in DiskNames
+			for _, diskName := range diskBySize.DiskNames {
+				// Construct PVC name based on index and instance name
+				pvcName := GetAsmPvcName(instance.Name, diskName, instance)
+				result = append(result, corev1.Volume{
+					Name: pvcName,
+					VolumeSource: corev1.VolumeSource{
+						PersistentVolumeClaim: &corev1.PersistentVolumeClaimVolumeSource{
+							ClaimName: pvcName,
+						},
+					},
+				})
+			}
+		}
+	}
+
+	return result
+}
+
+// Function to build the container Specification
+func buildContainerSpecForOracleRestart(instance *oraclerestart.OracleRestart, OracleRestartSpex oraclerestart.OracleRestartInstDetailSpec) []corev1.Container {
+	// building Continer spec
+	var result []corev1.Container
+	privileged := false
+	failureThreshold := 1
+	periodSeconds := 5
+	initialDelaySeconds := 120
+	oraLsnrPort := 1521
+
+	// Get the Idx
+
+	containerSpec := corev1.Container{
+		Name:  OracleRestartSpex.Name,
+		Image: instance.Spec.Image,
+		SecurityContext: &corev1.SecurityContext{
+			Privileged: &privileged,
+			Capabilities: &corev1.Capabilities{
+				Add: []corev1.Capability{corev1.Capability("NET_ADMIN"), corev1.Capability("SYS_NICE"), corev1.Capability("SYS_RESOURCE"), corev1.Capability("AUDIT_WRITE"), corev1.Capability("NET_RAW"), corev1.Capability("AUDIT_CONTROL"), corev1.Capability("SYS_CHROOT")},
+			},
+		},
+		Command: []string{
+			"/usr/sbin/init",
+		},
+		VolumeDevices: getAsmVolumeDevices(instance, OracleRestartSpex),
+		Resources: corev1.ResourceRequirements{
+			Requests: make(map[corev1.ResourceName]resource.Quantity),
+		},
+		VolumeMounts: buildVolumeMountSpecForOracleRestart(instance, OracleRestartSpex),
+		ReadinessProbe: &corev1.Probe{
+			// TODO: Investigate if it's ok to call status every 10 seconds
+			FailureThreshold:    int32(failureThreshold),
+			PeriodSeconds:       int32(periodSeconds),
+			InitialDelaySeconds: int32(initialDelaySeconds),
+			ProbeHandler:        corev1.ProbeHandler{TCPSocket: &corev1.TCPSocketAction{Port: intstr.FromInt(int(oraLsnrPort))}},
+		},
+	}
+	if instance.Spec.Resources != nil {
+		containerSpec.Resources = *instance.Spec.Resources
+	}
+
+	if len(OracleRestartSpex.EnvVars) > 0 {
+		containerSpec.Env = buildEnvVarsSpec(OracleRestartSpex.EnvVars)
+	}
+
+	if instance.Spec.ReadinessProbe != nil {
+		containerSpec.ReadinessProbe = instance.Spec.ReadinessProbe
+	}
+	// building Complete Container Spec
+	containerSpec.Ports = buildContainerPortsDef(instance)
+
+	result = []corev1.Container{
+		containerSpec,
+	}
+	return result
+}
+
+func getAsmVolumeDevices(instance *oraclerestart.OracleRestart, OracleRestartSpex oraclerestart.OracleRestartInstDetailSpec) []corev1.VolumeDevice {
+	var result []corev1.VolumeDevice
+
+	if instance.Spec.AsmStorageDetails != nil {
+		// Iterate over the DisksBySize slice
+		for _, diskBySize := range instance.Spec.AsmStorageDetails.DisksBySize {
+			// For each disk in DiskNames, create a VolumeDevice
+			for _, diskName := range diskBySize.DiskNames {
+				// Create PVC name and append VolumeDevice to the result
+				pvcName := GetAsmPvcName(instance.Name, diskName, instance)
+				result = append(result, corev1.VolumeDevice{Name: pvcName, DevicePath: diskName})
+			}
+		}
+	}
+
+	return result
+}
+
+// Function to build the init Container Spec
+func buildInitContainerSpecForOracleRestart(instance *oraclerestart.OracleRestart, OracleRestartSpex oraclerestart.OracleRestartInstDetailSpec) []corev1.Container {
+	var result []corev1.Container
+	// building the init Container Spec
+	privFlag := true
+	var uid int64 = 0
+	var scriptsCmd string
+	var scriptsLocation string
+
+	if len(instance.Spec.ScriptsGetCmd) != 0 {
+		scriptsCmd = instance.Spec.ScriptsGetCmd
+	} else {
+		scriptsCmd = "/bin/true"
+	}
+
+	if len(instance.Spec.ScriptsLocation) != 0 {
+		scriptsLocation = instance.Spec.ScriptsLocation
+	} else {
+		scriptsLocation = "NOLOC"
+	}
+
+	init1spec := corev1.Container{
+		Name:  OracleRestartSpex.Name + "-init1",
+		Image: instance.Spec.Image,
+		SecurityContext: &corev1.SecurityContext{
+			Privileged: &privFlag,
+			RunAsUser:  &uid,
+		},
+		Command: []string{
+			"/bin/bash",
+			"-c",
+			getRacInitContainerCmd(scriptsCmd, instance.Name, scriptsLocation),
+		},
+		VolumeMounts: buildVolumeMountSpecForOracleRestart(instance, OracleRestartSpex),
+	}
+
+	// building Complete Init Container Spec
+	if instance.Spec.ImagePullPolicy != nil {
+		init1spec.ImagePullPolicy = *instance.Spec.ImagePullPolicy
+	}
+	result = []corev1.Container{
+		init1spec,
+	}
+	return result
+}
+
+func buildVolumeMountSpecForOracleRestart(instance *oraclerestart.OracleRestart, OracleRestartSpex oraclerestart.OracleRestartInstDetailSpec) []corev1.VolumeMount {
+	var result []corev1.VolumeMount
+	result = append(result, corev1.VolumeMount{Name: OracleRestartSpex.Name + "-ssh-secretmap-vol", MountPath: instance.Spec.SshKeySecret.KeyMountLocation, ReadOnly: true})
+	if instance.Spec.DbSecret != nil {
+		if instance.Spec.DbSecret.KeySecretName != "" {
+			result = append(result, corev1.VolumeMount{Name: OracleRestartSpex.Name + "-dbsecret-key-vol", MountPath: instance.Spec.DbSecret.KeyFileMountLocation, ReadOnly: true})
+		}
+		if instance.Spec.DbSecret.Name != "" {
+			result = append(result, corev1.VolumeMount{Name: OracleRestartSpex.Name + "-dbsecret-pwd-vol", MountPath: instance.Spec.DbSecret.PwdFileMountLocation, ReadOnly: true})
+		}
+	}
+
+	if instance.Spec.TdeWalletSecret != nil {
+		if instance.Spec.TdeWalletSecret.Name != "" {
+			result = append(result, corev1.VolumeMount{Name: OracleRestartSpex.Name + "-tdesecret-pwd-vol", MountPath: instance.Spec.TdeWalletSecret.PwdFileMountLocation, ReadOnly: true})
+		}
+
+		if instance.Spec.TdeWalletSecret.KeySecretName != "" {
+			result = append(result, corev1.VolumeMount{Name: OracleRestartSpex.Name + "-tdesecret-key-vol", MountPath: instance.Spec.TdeWalletSecret.KeyFileMountLocation, ReadOnly: true})
+		}
+	}
+	//result = append(result, corev1.VolumeMount{Name: OracleRestartSpex.Name + "-oradata-boot-vol", MountPath: oraBootVol})
+	result = append(result, corev1.VolumeMount{Name: OracleRestartSpex.Name + "-oradshm-vol", MountPath: utils.OraShm})
+
+	if len(instance.Spec.ConfigParams.GridResponseFile.ConfigMapName) != 0 {
+		result = append(result, corev1.VolumeMount{Name: OracleRestartSpex.Name + "-oradata-girsp", MountPath: utils.OraGiRsp})
+	}
+
+	if len(instance.Spec.ConfigParams.DbResponseFile.ConfigMapName) != 0 {
+		result = append(result, corev1.VolumeMount{Name: OracleRestartSpex.Name + "-oradata-dbrsp", MountPath: utils.OraDbRsp})
+	}
+
+	if len(OracleRestartSpex.EnvFile) != 0 {
+		result = append(result, corev1.VolumeMount{Name: OracleRestartSpex.Name + "-oradata-envfile", MountPath: utils.OraEnvFile})
+	}
+
+	if len(instance.Spec.ScriptsLocation) != 0 {
+		result = append(result, corev1.VolumeMount{Name: OracleRestartSpex.Name + "-oradata-scripts-vol", MountPath: instance.Spec.ScriptsLocation})
+	}
+	if len(OracleRestartSpex.HostSwLocation) != 0 {
+		result = append(result, corev1.VolumeMount{Name: OracleRestartSpex.Name + "-oradata-sw-vol", MountPath: instance.Spec.ConfigParams.SwMountLocation})
+	} else if len(instance.Spec.SwStorageClass) != 0 {
+		result = append(result, corev1.VolumeMount{Name: OracleRestartSpex.Name + "-oradata-sw-vol", MountPath: instance.Spec.ConfigParams.SwMountLocation})
+	} else {
+		fmt.Println("No Location is passed for the software storage in" + OracleRestartSpex.Name)
+	}
+
+	//var mountLoc string
+
+	// Check if ConfigParams is not nil
+	if instance.Spec.ConfigParams != nil {
+		// Check if HostSwStageLocation is provided in ConfigParams
+		if len(instance.Spec.ConfigParams.SwStagePvc) != 0 {
+			result = append(result, corev1.VolumeMount{Name: OracleRestartSpex.Name + "-oradata-swstagepvc-vol", MountPath: instance.Spec.ConfigParams.SwStagePvcMountLocation})
+		} else {
+			if instance.Spec.ConfigParams.HostSwStageLocation != "" {
+				result = append(result, corev1.VolumeMount{
+					Name:      OracleRestartSpex.Name + "-oradata-swstage-vol",
+					MountPath: instance.Spec.ConfigParams.HostSwStageLocation,
+				})
+			}
+
+			if instance.Spec.ConfigParams.RuPatchLocation != "" {
+				result = append(result, corev1.VolumeMount{
+					Name:      OracleRestartSpex.Name + "-oradata-rupatch-vol",
+					MountPath: instance.Spec.ConfigParams.RuPatchLocation,
+				})
+			}
+
+			if instance.Spec.ConfigParams.OPatchLocation != "" {
+				result = append(result, corev1.VolumeMount{
+					Name:      OracleRestartSpex.Name + "-oradata-opatch-vol",
+					MountPath: instance.Spec.ConfigParams.OPatchLocation,
+				})
+			}
+			if instance.Spec.ConfigParams.OneOffLocation != "" {
+				result = append(result, corev1.VolumeMount{
+					Name:      OracleRestartSpex.Name + "-oradata-oneoff-vol",
+					MountPath: instance.Spec.ConfigParams.OneOffLocation,
+				})
+			}
+		}
+	}
+
+	if len(OracleRestartSpex.PvcName) != 0 {
+		for source, target := range OracleRestartSpex.PvcName {
+			result = append(result, corev1.VolumeMount{Name: OracleRestartSpex.Name + "-ora-vol-" + source, MountPath: target})
+		}
+	}
+
+	return result
+}
+
+func VolumePVCForASM(instance *oraclerestart.OracleRestart, index int, diskName string, size int, asmStorage *oraclerestart.AsmDiskDetails, pvcName string, dgType string, k8sClient client.Client) *corev1.PersistentVolumeClaim {
+	// Set volume mode to block
+	volumeBlock := corev1.PersistentVolumeBlock
+
+	// Create PersistentVolumeClaim
+	asmPvc := &corev1.PersistentVolumeClaim{
+		ObjectMeta: metav1.ObjectMeta{
+			Name:      pvcName, // Use size to determine index
+			Namespace: instance.Namespace,
+			Labels:    buildLabelsForOracleRestart(instance, "OracleRestart"),
+		},
+		Spec: corev1.PersistentVolumeClaimSpec{
+			AccessModes: []corev1.PersistentVolumeAccessMode{
+				corev1.ReadWriteOnce,
+			},
+			VolumeMode: &volumeBlock,
+			Resources: corev1.VolumeResourceRequirements{
+				Requests: corev1.ResourceList{
+					corev1.ResourceStorage: resource.MustParse(strconv.FormatInt(int64(size), 10) + "Gi")},
+			},
+		},
+	}
+	var scName *string
+	switch dgType {
+	case "RECO":
+		if len(instance.Spec.RecoDgStorageClass) != 0 {
+			scName = &instance.Spec.RecoDgStorageClass
+		}
+	case "REDO":
+		if len(instance.Spec.RedoDgStorageClass) != 0 {
+			scName = &instance.Spec.RedoDgStorageClass
+		}
+	case "CRS":
+		if len(instance.Spec.CrsDgStorageClass) != 0 {
+			scName = &instance.Spec.CrsDgStorageClass
+		}
+	case "DATA":
+		if len(instance.Spec.DataDgStorageClass) != 0 {
+			scName = &instance.Spec.DataDgStorageClass
+		}
+	}
+
+	if scName == nil {
+		// Try to fetch the cluster's default StorageClass
+		if defaultSC, err := GetDefaultStorageClass(context.TODO(), k8sClient); err == nil && defaultSC != "" {
+			scName = &defaultSC
+		} else {
+			// No StorageClass, so use label selector and statically bound PVs
+			asmPvc.Spec.Selector = &metav1.LabelSelector{
+				MatchLabels: buildLabelsForAsmPv(instance, string(diskName)),
+			}
+			scName = nil
+		}
+	}
+	asmPvc.Spec.StorageClassName = scName
+
+	return asmPvc
+}
+
+func GetDefaultStorageClass(ctx context.Context, k8sClient client.Client) (string, error) {
+	var scList storagev1.StorageClassList
+	if err := k8sClient.List(ctx, &scList); err != nil {
+		return "", err
+	}
+	for _, sc := range scList.Items {
+		if sc.Annotations["storageclass.kubernetes.io/is-default-class"] == "true" ||
+			sc.Annotations["storageclass.beta.kubernetes.io/is-default-class"] == "true" {
+			return sc.Name, nil
+		}
+	}
+	return "", nil // No default StorageClass found
+}
+
+func VolumePVForASM(instance *oraclerestart.OracleRestart, diskName string, size int, asmStorage *oraclerestart.AsmDiskDetails, pvName string, k8sClient client.Client) *corev1.PersistentVolume {
+	volumeBlock := corev1.PersistentVolumeBlock
+
+	asmPvc := &corev1.PersistentVolume{
+		ObjectMeta: metav1.ObjectMeta{
+			Name:      pvName,
+			Namespace: instance.Namespace,
+			Labels:    buildLabelsForAsmPv(instance, diskName),
+		},
+		Spec: corev1.PersistentVolumeSpec{
+			AccessModes: []corev1.PersistentVolumeAccessMode{
+				corev1.ReadWriteOnce,
+			},
+			VolumeMode: &volumeBlock,
+			Capacity: corev1.ResourceList{
+				corev1.ResourceStorage: resource.MustParse(strconv.FormatInt(int64(size), 10) + "Gi")},
+		},
+	}
+
+	var scName *string
+	/*
+		if len(instance.Spec.StorageClass) != 0 {
+			scName = &instance.Spec.StorageClass
+			asmPvc.Spec.NodeAffinity = getAsmNodeAffinity(instance, index, asmStorage)
+			asmPvc.Spec.PersistentVolumeSource = corev1.PersistentVolumeSource{Local: &corev1.LocalVolumeSource{Path: diskName}}
+		} else {
+	*/
+	// Try to fetch the cluster's default StorageClass
+	if defaultSC, err := GetDefaultStorageClass(context.TODO(), k8sClient); err == nil && defaultSC != "" {
+		scName = &defaultSC
+	} else {
+		// No StorageClass, so use label selector and statically bound PVs
+		scName = nil
+	}
+	asmPvc.Spec.NodeAffinity = getAsmNodeAffinity(instance, asmStorage)
+	asmPvc.Spec.PersistentVolumeSource = corev1.PersistentVolumeSource{Local: &corev1.LocalVolumeSource{Path: diskName}}
+
+	if scName != nil {
+		asmPvc.Spec.StorageClassName = *scName
+	}
+
+	return asmPvc
+}
+
+func BuildServiceDefForOracleRestart(instance *oraclerestart.OracleRestart, replicaCount int32, OracleRestartSpex oraclerestart.OracleRestartInstDetailSpec, svctype string) *corev1.Service {
+	//service := &corev1.Service{}
+	service := &corev1.Service{
+		TypeMeta:   metav1.TypeMeta{Kind: "Service"},
+		ObjectMeta: buildSvcObjectMetaForOracleRestart(instance, replicaCount, OracleRestartSpex, svctype),
+		Spec:       corev1.ServiceSpec{},
+	}
+
+	// // Check if user want External Svc on each replica pod
+	if strings.ToUpper(svctype) == "VIP" || strings.ToUpper(svctype) == "LOCAL" {
+		service.Spec.ClusterIP = corev1.ClusterIPNone
+		service.Spec.Selector = getSvcLabelsForOracleRestart(replicaCount, OracleRestartSpex)
+
+	}
+
+	// if strings.ToUpper(svctype) == "SCAN" {
+	// 	service.Spec.ClusterIP = corev1.ClusterIPNone
+	// 	service.Spec.Selector = buildLabelsForOracleRestart(instance, "OracleRestart")
+	// }
+
+	service.Spec.PublishNotReadyAddresses = true
+
+	// build Service Ports Specs to be exposed. If the PortMappings is not set then default ports will be exposed.
+
+	return service
+}
+
+func BuildExternalServiceDefForOracleRestart(instance *oraclerestart.OracleRestart, index int32, OracleRestartSpex oraclerestart.OracleRestartInstDetailSpec, svctype string, opType string) *corev1.Service {
+	//service := &corev1.Service{}
+
+	var npSvc oraclerestart.OracleRestartNodePortSvc
+
+	service := &corev1.Service{
+		ObjectMeta: buildSvcObjectMetaForOracleRestart(instance, index, OracleRestartSpex, opType),
+		Spec:       corev1.ServiceSpec{},
+	}
+
+	// If user is setting Node Port Service
+	if opType == "nodeport" {
+		npSvc = instance.Spec.NodePortSvc
+		npSvc.PortMappings = instance.Spec.NodePortSvc.PortMappings
+		service.Spec.Type = corev1.ServiceTypeNodePort
+		if len(instance.Spec.NodePortSvc.SvcAnnotation) != 0 {
+			service.Annotations = instance.Spec.NodePortSvc.SvcAnnotation
+		}
+	} else if opType == "lbservice" {
+		npSvc = instance.Spec.LbService
+		npSvc.PortMappings = instance.Spec.LbService.PortMappings
+		service.Spec.Type = corev1.ServiceTypeLoadBalancer
+		if len(instance.Spec.LbService.SvcAnnotation) != 0 {
+			service.Annotations = instance.Spec.LbService.SvcAnnotation
+		}
+	}
+
+	//service.Name = npSvc.SvcName
+
+	service.Spec.Selector = getSvcLabelsForOracleRestart(0, OracleRestartSpex)
+	service.Spec.Ports = buildOracleRestartSvcPortsDef(npSvc)
+
+	// build Service Ports Specs to be exposed. If the PortMappings is not set then default ports will be exposed.
+
+	return service
+}
+
+// Function to build Service ObjectMeta
+func buildSvcObjectMetaForOracleRestart(instance *oraclerestart.OracleRestart, replicaCount int32, OracleRestartSpex oraclerestart.OracleRestartInstDetailSpec, svctype string) metav1.ObjectMeta {
+	// building objectMeta
+	//var svcName string
+
+	var labelStr map[string]string
+	labelStr = getSvcLabelsForOracleRestart(replicaCount, OracleRestartSpex)
+
+	objmeta := metav1.ObjectMeta{
+		Name:      getOracleRestartSvcName(instance, OracleRestartSpex, svctype),
+		Namespace: instance.Namespace,
+		Labels:    labelStr,
+	}
+
+	return objmeta
+}
+
+func getOracleRestartSvcName(instance *oraclerestart.OracleRestart, OracleRestartSpex oraclerestart.OracleRestartInstDetailSpec, svcType string) string {
+
+	switch svcType {
+	case "local":
+		return OracleRestartSpex.Name + "-0-local"
+	case "lbservice":
+		if instance.Spec.LbService.SvcName != "" {
+			return instance.Spec.LbService.SvcName + "-0-lbsvc"
+		} else {
+			return OracleRestartSpex.Name + "-0-lbsvc"
+		}
+	case "nodeport":
+		if instance.Spec.NodePortSvc.SvcName != "" {
+			return instance.Spec.NodePortSvc.SvcName + "-0-npsvc"
+		} else {
+			return OracleRestartSpex.Name + "-0-npsvc"
+		}
+	default:
+		return OracleRestartSpex.Name
+	}
+}
+
+func getSvcLabelsForOracleRestart(replicaCount int32, OracleRestartSpex oraclerestart.OracleRestartInstDetailSpec) map[string]string {
+
+	var labelStr map[string]string = make(map[string]string)
+	if replicaCount == -1 {
+		labelStr["statefulset.kubernetes.io/pod-name"] = OracleRestartSpex.Name + "-0"
+	} else {
+		labelStr["statefulset.kubernetes.io/pod-name"] = OracleRestartSpex.Name + "-0"
+	}
+
+	//  fmt.Println("Service Selector String Specification", labelStr)
+	return labelStr
+}
+
+// This function cleanup the shard from GSM
+func OraCleanupForOracleRestart(instance *oraclerestart.OracleRestart,
+	OracleRestartSpex oraclerestart.OracleRestartInstDetailSpec,
+	oldReplicaSize int32,
+	newReplicaSize int32,
+) string {
+	var err1 string
+	if oldReplicaSize > newReplicaSize {
+		for replicaCount := (oldReplicaSize - 1); replicaCount > (newReplicaSize - 1); replicaCount-- {
+			fmt.Println("Deleting the RAC " + OracleRestartSpex.Name + "-" + strconv.FormatInt(int64(replicaCount), 10))
+		}
+	}
+
+	err1 = "Test"
+	return err1
+}
+
+func UpdateProvForOracleRestart(instance *oraclerestart.OracleRestart,
+	OracleRestartSpex oraclerestart.OracleRestartInstDetailSpec, kClient client.Client, sfSet *appsv1.StatefulSet, gsmPod *corev1.Pod, logger logr.Logger,
+) (ctrl.Result, error) {
+
+	var msg string
+	var size int32 = 1
+	var isUpdate bool = false
+	var err error
+	//var i int
+
+	msg = "Inside the updateProvForOracleRestart"
+	LogMessages("DEBUG", msg, nil, instance, logger)
+
+	// Ensure deployment replicas match the desired state
+
+	if sfSet.Spec.Replicas != nil {
+		if *sfSet.Spec.Replicas != size {
+			msg = "Current StatefulSet replicas do not match configured Shard Replicas. Gsm is configured with only 1 but current replicas is set with " + strconv.FormatInt(int64(*sfSet.Spec.Replicas), 10)
+			LogMessages("DEBUG", msg, nil, instance, logger)
+			isUpdate = true
+		}
+	}
+
+	if isUpdate {
+		err = kClient.Update(context.Background(), BuildStatefulSetForOracleRestart(instance, OracleRestartSpex, kClient))
+		if err != nil {
+			msg = "Failed to update Shard StatefulSet " + "StatefulSet.Name : " + sfSet.Name
+			LogMessages("Error", msg, err, instance, logger)
+			return ctrl.Result{}, err
+		}
+
+	}
+
+	return ctrl.Result{}, nil
+}
+
+func ConfigMapSpecs(instance *oraclerestart.OracleRestart, cmData map[string]string, cmName string) *corev1.ConfigMap {
+	//cm := &corev1.ConfigMap{}
+
+	return &corev1.ConfigMap{
+		TypeMeta: metav1.TypeMeta{
+			Kind: "ConfigMap",
+		},
+		ObjectMeta: metav1.ObjectMeta{
+			Name:      cmName,
+			Namespace: instance.Namespace,
+			Labels: map[string]string{
+				"name": instance.Name + cmName,
+			},
+		},
+		Data: cmData,
+	}
+
+}
+
+func BuildDiskCheckDaemonSet(OracleRestart *oraclerestart.OracleRestart) *appsv1.DaemonSet {
+	labels := buildLabelsForOracleRestart(OracleRestart, "disk-check")
+
+	// Prepare the volume devices based on the PVCs
+	var volumeDevices []corev1.VolumeDevice
+	var volumes []corev1.Volume
+	disks := flattenDisksBySize(&OracleRestart.Spec)
+
+	for _, diskPath := range disks {
+		pvcName := GetAsmPvcName(OracleRestart.Name, diskPath, OracleRestart)
+		volumeName := pvcName
+
+		volumeDevices = append(volumeDevices, corev1.VolumeDevice{
+			Name:       volumeName,
+			DevicePath: diskPath,
+		})
+
+		volumes = append(volumes, corev1.Volume{
+			Name: volumeName,
+			VolumeSource: corev1.VolumeSource{
+				PersistentVolumeClaim: &corev1.PersistentVolumeClaimVolumeSource{
+					ClaimName: pvcName,
+				},
+			},
+		})
+
+	}
+
+	// Flatten the DisksBySize map to get a single slice of all disk names
+	diskNamesSlice := flattenDisksBySize(&OracleRestart.Spec)
+
+	// Join the flattened list of disk names into a single space-separated string
+	diskNames := strings.Join(diskNamesSlice, " ")
+
+	return &appsv1.DaemonSet{
+		ObjectMeta: metav1.ObjectMeta{
+			Name:      "disk-check-daemonset",
+			Namespace: OracleRestart.Namespace,
+			Labels:    labels,
+		},
+		Spec: appsv1.DaemonSetSpec{
+			Selector: &metav1.LabelSelector{
+				MatchLabels: labels,
+			},
+			Template: corev1.PodTemplateSpec{
+				ObjectMeta: metav1.ObjectMeta{
+					Labels: labels,
+				},
+				Spec: corev1.PodSpec{
+					Affinity: &corev1.Affinity{
+						NodeAffinity: &corev1.NodeAffinity{
+							RequiredDuringSchedulingIgnoredDuringExecution: &corev1.NodeSelector{
+								NodeSelectorTerms: []corev1.NodeSelectorTerm{
+									{
+										MatchExpressions: []corev1.NodeSelectorRequirement{
+											{
+												Key:      "kubernetes.io/hostname",
+												Operator: corev1.NodeSelectorOpIn,
+												Values:   OracleRestart.Spec.InstDetails.WorkerNode,
+											},
+										},
+									},
+								},
+							},
+						},
+					},
+					Containers: []corev1.Container{
+						{
+							Name:    "disk-check",
+							Image:   OracleRestart.Spec.Image,
+							Command: []string{"/bin/bash", "-c"},
+							Args: []string{
+								"for disk in " + diskNames + "; do " +
+									"if [ ! -e $disk ]; then " +
+									"echo Disk $disk is not a valid block device; " +
+									"exit 1; " +
+									"else " +
+									"echo Disk $disk is valid; " +
+									"fi; " +
+									"done; " +
+									"sleep 3600",
+							},
+
+							VolumeDevices: volumeDevices,
+						},
+					},
+					Volumes: volumes,
+				},
+			},
+		},
+	}
+}
+
+// Helper function to flatten DisksBySize into a single slice of disk names
+func flattenDisksBySize(oraclerestartSpec *oraclerestart.OracleRestartSpec) []string {
+	disksBySize := oraclerestartSpec.AsmStorageDetails.DisksBySize
+	var allDisks []string
+	for _, diskBySize := range disksBySize {
+		allDisks = append(allDisks, diskBySize.DiskNames...)
+	}
+	return allDisks
+}
+
+func CreateServiceAccountIfNotExists(instance *oraclerestart.OracleRestart, kClient client.Client) error {
+	if instance.Spec.SrvAccountName == "" {
+		return nil
+	}
+
+	ServiceAccountName := instance.Spec.SrvAccountName
+	if ServiceAccountName == "" {
+		ServiceAccountName = "default"
+		return nil
+	}
+	sa := &corev1.ServiceAccount{
+		ObjectMeta: metav1.ObjectMeta{
+			Name:      ServiceAccountName,
+			Namespace: instance.Namespace,
+		},
+	}
+
+	existingSA := &corev1.ServiceAccount{}
+	err := kClient.Get(context.TODO(), types.NamespacedName{Name: sa.Name, Namespace: sa.Namespace}, existingSA)
+	if err != nil {
+		if apierrors.IsNotFound(err) {
+			err = kClient.Create(context.TODO(), sa)
+			if err != nil {
+				return err
+			}
+		} else {
+			return err
+		}
+	}
+	return nil
+}
+
+func IsStaticProvisioning(k8sClient client.Client, instance *oraclerestart.OracleRestart) bool {
+	if CheckStorageClass(instance) == "NOSC" {
+		return false
+	}
+
+	var scList storagev1.StorageClassList
+	if err := k8sClient.List(context.TODO(), &scList); err != nil {
+		return true // fallback to static if we can't query SCs
+	}
+
+	// for _, sc := range scList.Items {
+	// 	if sc.Annotations["storageclass.kubernetes.io/is-default-class"] == "true" ||
+	// 		sc.Annotations["storageclass.beta.kubernetes.io/is-default-class"] == "true" {
+	// 		return false // dynamic provisioning is available
+	// 	}
+	// }
+
+	return true // no default SC → use static
+}
+
+func SwVolumeClaimTemplatesForOracleRestart(instance *oraclerestart.OracleRestart, OracleRestartSpex oraclerestart.OracleRestartInstDetailSpec) corev1.PersistentVolumeClaim {
+
+	// If user-provided PVC name exists, skip volume claim template creation
+	//pvcName := GetSwPvcName(OracleRestartSpex.Name)
+	// If you are making any change, please refer GetSwPvcName function as we add instance.Spec.InstDetails.Name + "-0"
+	pvcName := "odb-sw-pvc-" + instance.Name
+	return corev1.PersistentVolumeClaim{
+		ObjectMeta: metav1.ObjectMeta{
+			Name:      pvcName,
+			Namespace: instance.Namespace,
+			Labels:    buildLabelsForOracleRestart(instance, "OracleRestart"),
+		},
+		Spec: corev1.PersistentVolumeClaimSpec{
+			AccessModes: []corev1.PersistentVolumeAccessMode{
+				corev1.ReadWriteOnce,
+			},
+			StorageClassName: &instance.Spec.SwStorageClass,
+			Resources: corev1.VolumeResourceRequirements{
+				Requests: corev1.ResourceList{
+					corev1.ResourceStorage: resource.MustParse(fmt.Sprintf("%dGi", OracleRestartSpex.SwLocStorageSizeInGb)),
+				},
+			},
+		},
+	}
+}
+
+func ASMVolumeClaimTemplatesForDG(instance *oraclerestart.OracleRestart, OracleRestartSpex oraclerestart.OracleRestartInstDetailSpec, StorageClass *string) []corev1.PersistentVolumeClaim {
+	var claims []corev1.PersistentVolumeClaim
+	mode := corev1.PersistentVolumeBlock
+	// If user-provided PVC name exists, skip volume claim template creation
+	if len(OracleRestartSpex.PvcName) != 0 {
+		return claims
+	}
+
+	fmt.Printf("INFO", "working on asm storage class "+*StorageClass)
+
+	for _, diskBySize := range instance.Spec.AsmStorageDetails.DisksBySize {
+		for _, diskName := range diskBySize.DiskNames {
+			// The folowing peice of code is generating ASM PVC name because by default VolumeCLaim Template add Instance name like -dbmc1-0
+			dgType := CheckDiskInAsmDeviceList(instance, diskName)
+			disk := diskName[strings.LastIndex(diskName, "/")+1:]
+			pvcName := "asm-pvc-" + strings.ToLower(dgType) + "-" + disk + "-" + instance.Name
+
+			claims = append(claims, corev1.PersistentVolumeClaim{
+				ObjectMeta: metav1.ObjectMeta{
+					Name:      pvcName,
+					Namespace: instance.Namespace,
+					Labels:    buildLabelsForOracleRestart(instance, "OracleRestart"),
+				},
+				Spec: corev1.PersistentVolumeClaimSpec{
+					AccessModes: []corev1.PersistentVolumeAccessMode{
+						corev1.ReadWriteOnce,
+					},
+					VolumeMode:       &mode,
+					StorageClassName: StorageClass,
+					Resources: corev1.VolumeResourceRequirements{
+						Requests: corev1.ResourceList{
+							corev1.ResourceStorage: resource.MustParse(fmt.Sprintf("%dGi", diskBySize.StorageSizeInGb)),
+						},
+					},
+				},
+			})
+		}
+	}
+
+	return claims
+}
diff --git a/commons/oraclerestart/oraclerestartstatus.go b/commons/oraclerestart/oraclerestartstatus.go
new file mode 100644
index 00000000..a9dbf94f
--- /dev/null
+++ b/commons/oraclerestart/oraclerestartstatus.go
@@ -0,0 +1,340 @@
+/*
+** Copyright (c) 2022 Oracle and/or its affiliates.
+**
+** The Universal Permissive License (UPL), Version 1.0
+**
+** Subject to the condition set forth below, permission is hereby granted to any
+** person obtaining a copy of this software, associated documentation and/or data
+** (collectively the "Software"), free of charge and under any and all copyright
+** rights in the Software, and any and all patent rights owned or freely
+** licensable by each licensor hereunder covering either (i) the unmodified
+** Software as contributed to or provided by such licensor, or (ii) the Larger
+** Works (as defined below), to deal in both
+**
+** (a) the Software, and
+** (b) any piece of software and/or hardware listed in the lrgrwrks.txt file if
+** one is included with the Software (each a "Larger Work" to which the Software
+** is contributed by such licensors),
+**
+** without restriction, including without limitation the rights to copy, create
+** derivative works of, display, perform, and distribute the Software and make,
+** use, sell, offer for sale, import, export, have made, and have sold the
+** Software and the Larger Work(s), and to sublicense the foregoing rights on
+** either these or other terms.
+**
+** This license is subject to the following condition:
+** The above copyright notice and either this complete permission notice or at
+** a minimum a reference to the UPL must be included in all copies or
+** substantial portions of the Software.
+**
+** THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+** IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+** FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+** AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+** LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+** OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+** SOFTWARE.
+ */
+
+package commons
+
+import (
+	"context"
+	"strings"
+
+	"github.com/go-logr/logr"
+	oraclerestartdb "github.com/oracle/oracle-database-operator/apis/database/v4"
+	corev1 "k8s.io/api/core/v1"
+	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
+	"k8s.io/client-go/kubernetes"
+	"k8s.io/client-go/tools/clientcmd"
+	ctrl "sigs.k8s.io/controller-runtime"
+	"sigs.k8s.io/controller-runtime/pkg/client"
+)
+
+func UpdateOracleRestartInstStatusData(
+	OracleRestart *oraclerestartdb.OracleRestart,
+	ctx context.Context,
+	req ctrl.Request,
+	oraRestartSpex oraclerestartdb.OracleRestartInstDetailSpec,
+	state string,
+	kubeClient kubernetes.Interface,
+	kubeConfig clientcmd.ClientConfig,
+	logger logr.Logger,
+	kClient client.Client,
+) {
+	// podName is constructed based on oraRestartSpex.Name
+	podName := oraRestartSpex.Name + "-0"
+
+	oracleRestart := &oraclerestartdb.OracleRestartNodestatus{}
+	orestartNodeDetails := &oraclerestartdb.OracleRestartNodeDetailedStatus{}
+	strMap := make(map[string]string)
+
+	if OracleRestart.Status.AsmDetails == nil {
+		OracleRestart.Status.AsmDetails = &oraclerestartdb.AsmInstanceStatus{}
+	}
+
+	if OracleRestart.Status.ConfigParams == nil {
+		OracleRestart.Status.ConfigParams = &oraclerestartdb.InitParams{}
+	}
+
+	if state == string(oraclerestartdb.OracleRestartUpdateState) {
+		OracleRestart.Status.State = state
+	}
+	if state == string(oraclerestartdb.OracleRestartProvisionState) {
+		OracleRestart.Status.State = state
+	}
+	if state == string(oraclerestartdb.OracleRestartFailedState) {
+		clusterState := getClusterState(podName, OracleRestart, 0, kubeClient, kubeConfig, logger)
+		instanceState := getDbInstState(podName, OracleRestart, 0, kubeClient, kubeConfig, logger)
+		if clusterState == "HEALTHY" && instanceState == "OPEN" { // cluster is healthy and database is also fine
+			OracleRestart.Status.State = string(oraclerestartdb.OracleRestartAvailableState)
+			state = string(oraclerestartdb.OracleRestartAvailableState)
+		} else {
+			OracleRestart.Status.State = state
+		}
+	}
+	if state == string(oraclerestartdb.OracleRestartManualState) {
+		OracleRestart.Status.State = state
+	}
+	if state == string(oraclerestartdb.OracleRestartAvailableState) {
+		OracleRestart.Status.State = state
+		orestartNodeDetails.ClusterState = getClusterState(podName, OracleRestart, 0, kubeClient, kubeConfig, logger)
+		orestartNodeDetails.PodState = state
+		orestartNodeDetails.State = "OPEN"
+		oracleRestart.Name = podName
+
+		orestartNodeDetails.InstanceState = getDbInstState(podName, OracleRestart, 0, kubeClient, kubeConfig, logger)
+		orestartNodeDetails.MountedDevices = getMountedDevices(podName, OracleRestart.Namespace, oracleRestart, oraRestartSpex, kClient, kubeConfig, logger, kubeClient)
+		oracleRestart.NodeDetails = orestartNodeDetails
+		addOracleRestartNodestatus(OracleRestart, ctx, req, oracleRestart, oraRestartSpex, 0, kubeClient, kubeConfig, logger)
+
+		if len(oraRestartSpex.PvcName) > 0 {
+			orestartNodeDetails.PvcName = getPvcDetails(OracleRestart, oracleRestart, oraRestartSpex, kClient)
+		}
+	}
+
+	// Update status based on the state
+	if state == string(oraclerestartdb.OracleRestartPodAvailableState) {
+		OracleRestart.Status.State = state
+		orestartNodeDetails.ClusterState = getClusterState(podName, OracleRestart, 0, kubeClient, kubeConfig, logger)
+		orestartNodeDetails.PodState = state
+		orestartNodeDetails.State = "OPEN"
+		oracleRestart.Name = podName
+		orestartNodeDetails.InstanceState = getDbInstState(podName, OracleRestart, 0, kubeClient, kubeConfig, logger)
+		orestartNodeDetails.MountedDevices = getMountedDevices(podName, OracleRestart.Namespace, oracleRestart, oraRestartSpex, kClient, kubeConfig, logger, kubeClient)
+		oracleRestart.NodeDetails = orestartNodeDetails
+		OracleRestart.Status.ReleaseUpdate = "NOTAVAILABLE"
+		addOracleRestartNodestatus(OracleRestart, ctx, req, oracleRestart, oraRestartSpex, 0, kubeClient, kubeConfig, logger)
+
+		if len(oraRestartSpex.PvcName) > 0 {
+			orestartNodeDetails.PvcName = getPvcDetails(OracleRestart, oracleRestart, oraRestartSpex, kClient)
+		}
+		if OracleRestart.Spec.ConfigParams.GridHome != "" {
+			OracleRestart.Status.ConfigParams.GridHome = OracleRestart.Spec.ConfigParams.GridHome
+		}
+		if OracleRestart.Spec.ConfigParams.DbHome != "" {
+			OracleRestart.Status.ConfigParams.DbHome = OracleRestart.Spec.ConfigParams.DbHome
+		}
+		// OracleRestart.Status.ConfigParams.CrsAsmDeviceList = OracleRestart.Spec.ConfigParams.CrsAsmDeviceList
+		OracleRestart.Status.ConfigParams.CrsAsmDeviceList = getcrsAsmDeviceList(OracleRestart, oracleRestart, oraRestartSpex, kClient, kubeConfig, logger, kubeClient)
+
+		// OracleRestart.Status.ConfigParams.DbAsmDeviceList = OracleRestart.Spec.ConfigParams.DbAsmDeviceList
+		OracleRestart.Status.ConfigParams.DbAsmDeviceList = getdbAsmDeviceList(OracleRestart, oracleRestart, oraRestartSpex, kClient, kubeConfig, logger, kubeClient)
+
+	} else if state == string(oraclerestartdb.OracleRestartStatefulSetNotFound) {
+		neworacleRestart := delOracleRestartNodestatus(OracleRestart, oraRestartSpex.Name+"-0")
+		OracleRestart.Status.OracleRestartNodes = neworacleRestart
+		OracleRestart.Status.ReleaseUpdate = "NOTAVAILABLE"
+
+	} else if state == string(oraclerestartdb.PodNotFound) || state == string(oraclerestartdb.PodNotReadyState) || state == string(oraclerestartdb.PodFailureState) {
+		orestartNodeDetails.ClusterState = "NOTAVAILABLE"
+		orestartNodeDetails.PodState = state
+		// orestartNodeDetails.VipDetails = getVipDetails(OracleRestart, oracleRestart, oraRestartSpex, kClient)
+		orestartNodeDetails.InstanceState = "NOTAVAILABLE"
+		orestartNodeDetails.PvcName = strMap
+		OracleRestart.Status.ReleaseUpdate = "NOTAVAILABLE"
+	}
+}
+
+func addOracleRestartNodestatus(instance *oraclerestartdb.OracleRestart, ctx context.Context, req ctrl.Request, oracleRestart *oraclerestartdb.OracleRestartNodestatus, oraRestartSpex oraclerestartdb.OracleRestartInstDetailSpec, idx int, kubeClient kubernetes.Interface, kubeConfig clientcmd.ClientConfig, logger logr.Logger) {
+
+	var racState string
+	podName := oraRestartSpex.Name + "-0"
+	idx, status := contains(instance, oracleRestart)
+	if status {
+		// racstate need to be read before overwriting the instance.Status.OracleRestartNodes[idx] = oracleRestart
+		racState = instance.Status.OracleRestartNodes[idx].NodeDetails.State
+		instance.Status.OracleRestartNodes[idx] = oracleRestart
+		instState := instance.Status.OracleRestartNodes[idx].NodeDetails.InstanceState
+		if instState == "OPEN" {
+			instance.Status.OracleRestartNodes[idx].NodeDetails.State = "AVAILABLE"
+		} else {
+			if (racState == "PENDING") || (racState == "ADDNODE") || (racState == "PROVISIONING") || (racState == "FAILED") || (racState == "UPDATE") {
+				instance.Status.OracleRestartNodes[idx].NodeDetails.State = getOracleRestartInstStateFile(podName, instance, 0, kubeClient, kubeConfig, logger)
+			} else {
+				instance.Status.OracleRestartNodes[idx].NodeDetails.State = "PENDING"
+			}
+
+		}
+
+	} else {
+		instance.Status.OracleRestartNodes = append(instance.Status.OracleRestartNodes, oracleRestart)
+		instance.Status.OracleRestartNodes[idx].NodeDetails.State = "PENDING"
+	}
+
+}
+
+func UpdateOracleRestartInstState(instance *oraclerestartdb.OracleRestart, podName string, kubeClient kubernetes.Interface, kubeConfig clientcmd.ClientConfig, logger logr.Logger) {
+
+	// if len(instance.Status.OracleRestartNodes) > 0 {
+	//	for _, v := range instance.Status.OracleRestartNodes {
+	//        if v.NodeDetails.
+	//	}
+	//}
+
+}
+
+func UpdateoraclerestartdbTopologyState(instance *oraclerestartdb.OracleRestart, ctx context.Context, req ctrl.Request, podName string, kubeClient kubernetes.Interface, kubeConfig clientcmd.ClientConfig, logger logr.Logger) {
+	OracleRestart := &oraclerestartdb.OracleRestart{}
+	// fmt.Printf("I m inUpdateoraclerestartdbTopologyState")
+	if len(instance.Status.OracleRestartNodes) > 0 {
+		state := map[string]struct{}{}
+		for _, v := range instance.Status.OracleRestartNodes {
+			inst_state := strings.ToLower(strings.TrimSpace(v.NodeDetails.State))
+			// fmt.Printf("inst_state", inst_state)
+			state[inst_state] = struct{}{}
+		}
+		if len(state) == 0 {
+			OracleRestart.Status.State = string(oraclerestartdb.OracleRestartPendingState)
+		} else if _, curr_state := state["failed"]; curr_state {
+			OracleRestart.Status.State = string(oraclerestartdb.OracleRestartFailedState)
+		} else if _, curr_state := state["pending"]; curr_state {
+			OracleRestart.Status.State = string(oraclerestartdb.OracleRestartPendingState)
+		} else if _, curr_state := state["provisioning"]; curr_state {
+			OracleRestart.Status.State = string(oraclerestartdb.OracleRestartProvisionState)
+		} else if _, curr_state := state["update"]; curr_state {
+			OracleRestart.Status.State = string(oraclerestartdb.OracleRestartUpdateState)
+		} else if _, curr_state := state["addnode"]; curr_state {
+			OracleRestart.Status.State = string(oraclerestartdb.OracleRestartAddInstState)
+		} else if _, curr_state := state["podavailable"]; curr_state {
+			OracleRestart.Status.State = string(oraclerestartdb.OracleRestartPodAvailableState)
+		} else {
+			OracleRestart.Status.State = string(oraclerestartdb.OracleRestartAvailableState)
+		}
+		instance.Status.State = OracleRestart.Status.State
+		// fmt.Printf("instance.Status.State", instance.Status.State)
+	}
+
+}
+
+func UpdateoraclerestartdbStatusData(OracleRestart *oraclerestartdb.OracleRestart, ctx context.Context, req ctrl.Request, podNames []string, kubeClient kubernetes.Interface, kubeConfig clientcmd.ClientConfig, logger logr.Logger, nodeDetails map[string]*corev1.Node,
+) {
+	//mode := GetDbOpenMode(instance.Spec.Shard[0].Name+"-0", instance, kubeClient, kubeConfig, logger)
+	podName := podNames[len(podNames)-1]
+	OracleRestart.Status.DbState = getDbState(podName, OracleRestart, 0, kubeClient, kubeConfig, logger)
+	OracleRestart.Status.Role = getDbRole(podName, OracleRestart, 0, kubeClient, kubeConfig, logger)
+	OracleRestart.Status.ReleaseUpdate = getDBVersion(podName, OracleRestart, 0, kubeClient, kubeConfig, logger)
+	OracleRestart.Status.ConnectString = getConnStr(podName, OracleRestart, 0, kubeClient, kubeConfig, logger)
+	OracleRestart.Status.PdbConnectString = getPdbConnStr(podName, OracleRestart, 0, kubeClient, kubeConfig, logger)
+	OracleRestart.Status.ExternalConnectString = getExternalConnStr(podName, OracleRestart, 0, kubeClient, kubeConfig, logger)
+	OracleRestart.Status.DbSecret = OracleRestart.Spec.DbSecret
+	OracleRestart.Status.AsmDetails = getAsmInstState(podName, OracleRestart, 0, kubeClient, kubeConfig, logger)
+
+	UpdateoraclerestartdbServiceStatus(OracleRestart, ctx, req, podName, kubeClient, kubeConfig, logger)
+	UpdateoraclerestartdbTopologyState(OracleRestart, ctx, req, podName, kubeClient, kubeConfig, logger)
+}
+
+func UpdateoraclerestartdbServiceStatus(instance *oraclerestartdb.OracleRestart, ctx context.Context, req ctrl.Request, podName string, kubeClient kubernetes.Interface, kubeConfig clientcmd.ClientConfig, logger logr.Logger,
+) {
+	//This function update the instance.Status.ServiceDetails states
+	if instance.Spec.ServiceDetails.Name != "" {
+		instance.Status.ServiceDetails.Name = instance.Spec.ServiceDetails.Name
+		instance.Status.ServiceDetails.SvcState = getSvcState(podName, instance, 0, kubeClient, kubeConfig, logger)
+	}
+}
+
+func contains(instance *oraclerestartdb.OracleRestart, oracleRestart *oraclerestartdb.OracleRestartNodestatus) (int, bool) {
+	var index int
+	if len(instance.Status.OracleRestartNodes) > 0 {
+		for index, v := range instance.Status.OracleRestartNodes {
+			if v.Name == oracleRestart.Name {
+				return index, true
+			}
+		}
+	}
+
+	return index, false
+}
+
+func getcrsAsmDeviceList(instance *oraclerestartdb.OracleRestart, oracleRestart *oraclerestartdb.OracleRestartNodestatus, oraRestartSpex oraclerestartdb.OracleRestartInstDetailSpec, rclient client.Client, kubeConfig clientcmd.ClientConfig, logger logr.Logger, kubeClient kubernetes.Interface) string {
+	asmList := ""
+	var err error
+	if len(instance.Status.OracleRestartNodes) > 0 {
+		asmList, err = CheckAsmList(instance.Status.OracleRestartNodes[0].Name, instance, kubeClient, kubeConfig, logger)
+		if err != nil {
+			return ""
+		}
+
+	}
+
+	return asmList
+
+}
+func getdbAsmDeviceList(instance *oraclerestartdb.OracleRestart, oracleRestart *oraclerestartdb.OracleRestartNodestatus, oraRestartSpex oraclerestartdb.OracleRestartInstDetailSpec, rclient client.Client, kubeConfig clientcmd.ClientConfig, logger logr.Logger, kubeClient kubernetes.Interface) string {
+	dbasmList := ""
+	var err error
+	if len(instance.Status.OracleRestartNodes) > 0 {
+		dbasmList, err = CheckDbAsmList(instance.Status.OracleRestartNodes[0].Name, instance, kubeClient, kubeConfig, logger)
+		if err != nil {
+			return ""
+		}
+
+	}
+
+	return dbasmList
+
+}
+
+func getMountedDevices(podName, namespace string, oracleRestart *oraclerestartdb.OracleRestartNodestatus, oraRestartSpex oraclerestartdb.OracleRestartInstDetailSpec, rclient client.Client, kubeConfig clientcmd.ClientConfig, logger logr.Logger, kubeClient kubernetes.Interface) []string {
+	var asmList []string
+
+	// Get the pod associated with the RAC node
+	pod, err := kubeClient.CoreV1().Pods(namespace).Get(context.TODO(), podName, metav1.GetOptions{})
+	if err != nil {
+		logger.Error(err, "Failed to get pod for RAC node", "PodName", podName, "Namespace", namespace)
+		return nil
+	}
+
+	// Loop through the volume devices or mounted volumes in the pod spec
+	for _, container := range pod.Spec.Containers {
+		for _, volumeDevice := range container.VolumeDevices {
+			// Append the device path to the asmList
+			asmList = append(asmList, volumeDevice.DevicePath)
+		}
+	}
+
+	return asmList
+}
+
+func delOracleRestartNodestatus(instance *oraclerestartdb.OracleRestart, name string) []*oraclerestartdb.OracleRestartNodestatus {
+	neworacleRestart := []*oraclerestartdb.OracleRestartNodestatus{}
+	if len(instance.Status.OracleRestartNodes) > 0 {
+		for _, value := range instance.Status.OracleRestartNodes {
+			if ((value.Name) != (name)) && (value != nil) {
+				neworacleRestart = append(neworacleRestart, value)
+			}
+		}
+	}
+	return neworacleRestart
+}
+
+func getPvcDetails(instance *oraclerestartdb.OracleRestart, oracleRestart *oraclerestartdb.OracleRestartNodestatus, oraRestartSpex oraclerestartdb.OracleRestartInstDetailSpec, rclient client.Client) map[string]string {
+	strMap := make(map[string]string)
+	if len(oraRestartSpex.PvcName) > 0 {
+		strMap = oraRestartSpex.PvcName
+	}
+
+	return strMap
+
+}
diff --git a/commons/oraclerestart/utils/utils.go b/commons/oraclerestart/utils/utils.go
new file mode 100644
index 00000000..850f5110
--- /dev/null
+++ b/commons/oraclerestart/utils/utils.go
@@ -0,0 +1,189 @@
+/*
+** Copyright (c) 2022 Oracle and/or its affiliates.
+**
+** The Universal Permissive License (UPL), Version 1.0
+**
+** Subject to the condition set forth below, permission is hereby granted to any
+** person obtaining a copy of this software, associated documentation and/or data
+** (collectively the "Software"), free of charge and under any and all copyright
+** rights in the Software, and any and all patent rights owned or freely
+** licensable by each licensor hereunder covering either (i) the unmodified
+** Software as contributed to or provided by such licensor, or (ii) the Larger
+** Works (as defined below), to deal in both
+**
+** (a) the Software, and
+** (b) any piece of software and/or hardware listed in the lrgrwrks.txt file if
+** one is included with the Software (each a "Larger Work" to which the Software
+** is contributed by such licensors),
+**
+** without restriction, including without limitation the rights to copy, create
+** derivative works of, display, perform, and distribute the Software and make,
+** use, sell, offer for sale, import, export, have made, and have sold the
+** Software and the Larger Work(s), and to sublicense the foregoing rights on
+** either these or other terms.
+**
+** This license is subject to the following condition:
+** The above copyright notice and either this complete permission notice or at
+** a minimum a reference to the UPL must be included in all copies or
+** substantial portions of the Software.
+**
+** THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+** IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+** FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+** AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+** LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+** OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+** SOFTWARE.
+ */
+
+package commons
+
+import (
+	"os"
+	"strconv"
+	"strings"
+
+	corev1 "k8s.io/api/core/v1"
+)
+
+// Constants for RAC StatefulSet & Volumes
+const (
+	OraImagePullPolicy          = corev1.PullAlways
+	OrainitCmd1                 = "set -ex;" + "touch /tmp/test_cmd1.txt"
+	OrainitCmd5                 = "set -ex;" + "[[ `hostname` =~ -([0-9]+)$ ]] || exit 1 ;" + "ordinal=${BASH_REMATCH[1]};" + "cp /mnt/config-map/envfile  /mnt/conf.d/; cat /mnt/conf.d/envfile | awk -v env_var=$ordinal -F '=' '{print \"export \" $1\"=\"$2 env_var }' > /tmp/test.env; mv /tmp/test.env /mnt/conf.d/envfile"
+	OraConfigMapMount           = "/mnt/config-map"
+	OraEnvFileMount             = "/mnt/conf.d"
+	OraSubDomain                = "racnode"
+	OraEnvFile                  = "/etc/rac_env_vars"
+	OraRacSshSecretMount        = "/mnt/.ssh"
+	OraGiRsp                    = "/mnt/gridrsp"
+	OraDbRsp                    = "/mnt/dbrsp"
+	OraEnvVars                  = "/etc/rac_env_vars"
+	OraNodeKey                  = "kubernetes.io/hostname"
+	OraOperatorKey              = "In"
+	OraShm                      = "/dev/shm"
+	OraRacDbPwdFileSecretMount  = "/mnt/.dbsecrets"
+	OraRacDbKeyFileSecretMount  = "/mnt/.dbsecrets"
+	OraRacTdePwdFileSecretMount = "/mnt/.tdesecrets"
+	OraRacTdeKeyFileSecretMount = "/mnt/.tdesecrets"
+	OraStage                    = "/mnt/stage"
+	OraBootVol                  = "/boot"
+	OraSwLocation               = "/u01"
+	OraScriptMount              = "/opt/scripts/startup/scripts"
+	OraSSHPrivKey               = "/mnt/.ssh/ssh-privkey"
+	OraSSHPubKey                = "/mnt/.ssh/ssh-pubkey"
+	OraSwStageLocation          = "/mnt/stage/software"
+	OraRuPatchStageLocation     = "/mnt/stage/rupatch"
+	OraOPatchStageLocation      = "/mnt/stage/opatch"
+	OraDBPort                   = 1521
+	OraLsnrPort                 = 1522
+	OraLocalOnsPort             = 6200
+	OraSSHPort                  = 22
+	OraOemPort                  = 8080
+	OraDBUser                   = "oracle"
+	OraGridUser                 = "grid"
+)
+
+// Fixed Array Values
+
+var serviceCardinality = [...]string{"UNIFORM", "SINGLETON", "DUPLEX"}
+var tafPolicy = [...]string{"NONE", "BASIC", "PRECONNECT"}
+var serviceRole = [...]string{"PRIMARY", "PHYSICAL_STANDBY", "LOGICAL_STANDBY", "SNAPSHOT_STANDBY"}
+var servicePolicy = [...]string{"AUTOMATIC", "MANUAL"}
+var serviceResetState = [...]string{"NONE", "LEVEL1"}
+var ServiceFailoverType = [...]string{"NONE", "SESSION", "SELECT", "TRANSACTION", "AUTO"}
+
+/// ====== Getter Function Begins here ======= ///
+
+func GetServiceCardinality() []string {
+	return serviceCardinality[:]
+}
+
+func GetTafPolicy() []string {
+	return tafPolicy[:]
+}
+
+func ServiceRole() []string {
+	return serviceRole[:]
+}
+
+func GetServiceRole() []string {
+	return serviceRole[:]
+}
+
+func GetServiceResetState() []string {
+	return serviceResetState[:]
+}
+
+func GetServiceFailoverType() []string {
+	return ServiceFailoverType[:]
+}
+
+/// ====== Getter Function Ends here ======= ///
+
+func CheckStringInList(str1 string, arr []string) bool {
+
+	// iterate using the for loop
+	for i := 0; i < len(arr); i++ {
+		// check
+		if strings.ToLower(arr[i]) == strings.ToLower(str1) {
+			// return true
+			return true
+		}
+	}
+	return false
+}
+
+func CheckStatusFlag(flagStr string) bool {
+
+	if strings.ToLower(flagStr) == "delete" {
+		return true
+	}
+
+	isTrueFlag, err := strconv.ParseBool(flagStr)
+	if err != nil {
+		return false
+	}
+	return isTrueFlag
+}
+
+func GetWatchNamespaces() map[string]bool {
+	// Fetching the allowed namespaces from env variables
+	var watchNamespaceEnvVar = "WATCH_NAMESPACE"
+	ns, _ := os.LookupEnv(watchNamespaceEnvVar)
+	values := strings.Split(strings.TrimSpace(ns), ",")
+	namespaces := make(map[string]bool)
+	// put slice values into map
+	for _, s := range values {
+		namespaces[s] = true
+	}
+	return namespaces
+}
+
+func GetValue(variable string, subkey string) string {
+
+	str2 := ""
+
+	str1 := strings.Split(variable, ",")
+	for _, item := range str1 {
+		str2 := strings.Split(item, "=")
+		if strings.ToLower(str2[0]) == strings.ToLower(subkey) {
+			return str2[1]
+		}
+	}
+	return str2
+}
+
+func GetDBUser() string {
+	return OraDBUser
+}
+
+// Contains checks if a string is present in a slice.
+func Contains(slice []string, str string) bool {
+	for _, item := range slice {
+		if item == str {
+			return true
+		}
+	}
+	return false
+}
diff --git a/commons/sharding/catalog.go b/commons/sharding/catalog.go
index 646c89b8..db7ae50f 100644
--- a/commons/sharding/catalog.go
+++ b/commons/sharding/catalog.go
@@ -50,6 +50,8 @@ import (
 	"k8s.io/apimachinery/pkg/api/resource"
 	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 	ctrl "sigs.k8s.io/controller-runtime"
+	"k8s.io/client-go/kubernetes"
+	"k8s.io/client-go/tools/clientcmd"
 	"sigs.k8s.io/controller-runtime/pkg/client"
 )
 
@@ -137,11 +139,14 @@ func buildPodSpecForCatalog(instance *databasev4.ShardingDatabase, OraCatalogSpe
 	group := oraFsGroup
 	spec := &corev1.PodSpec{
 		SecurityContext: &corev1.PodSecurityContext{
+      RunAsNonRoot: BoolPointer(true),
 			RunAsUser: &user,
+      RunAsGroup: &group,
 			FSGroup:   &group,
 		},
 		Containers: buildContainerSpecForCatalog(instance, OraCatalogSpex),
 		Volumes:    buildVolumeSpecForCatalog(instance, OraCatalogSpex),
+    ServiceAccountName: instance.Spec.SrvAccountName,
 	}
 
 	if (instance.Spec.IsDownloadScripts) && (instance.Spec.ScriptsLocation != "") {
@@ -185,6 +190,10 @@ func buildVolumeSpecForCatalog(instance *databasev4.ShardingDatabase, OraCatalog
 		},
 	}
 
+        if OraCatalogSpex.CatalogConfigData != nil && len(OraCatalogSpex.CatalogConfigData.Name) != 0 {
+                result = append(result, corev1.Volume{Name: OraCatalogSpex.Name + "-oradata-configdata", VolumeSource: corev1.VolumeSource{ConfigMap: &corev1.ConfigMapVolumeSource{LocalObjectReference: corev1.LocalObjectReference{Name: OraCatalogSpex.CatalogConfigData.Name}}}})
+        }
+
 	if len(OraCatalogSpex.PvcName) != 0 {
 		result = append(result, corev1.Volume{Name: OraCatalogSpex.Name + "oradata-vol4", VolumeSource: corev1.VolumeSource{PersistentVolumeClaim: &corev1.PersistentVolumeClaimVolumeSource{ClaimName: OraCatalogSpex.PvcName}}})
 	}
@@ -210,12 +219,19 @@ func buildVolumeSpecForCatalog(instance *databasev4.ShardingDatabase, OraCatalog
 func buildContainerSpecForCatalog(instance *databasev4.ShardingDatabase, OraCatalogSpex databasev4.CatalogSpec) []corev1.Container {
 	// building Continer spec
 	var result []corev1.Container
+	user := oraRunAsUser
+	group := oraFsGroup
 	containerSpec := corev1.Container{
 		Name:  OraCatalogSpex.Name,
 		Image: instance.Spec.DbImage,
 		SecurityContext: &corev1.SecurityContext{
+      RunAsNonRoot: BoolPointer(true),
+      RunAsUser: &user,
+      RunAsGroup: &group,
+      AllowPrivilegeEscalation: BoolPointer(false),
 			Capabilities: &corev1.Capabilities{
 				Add: []corev1.Capability{corev1.Capability("NET_ADMIN"), corev1.Capability("SYS_NICE")},
+				Drop: []corev1.Capability{"ALL",},
 			},
 		},
 		Resources: corev1.ResourceRequirements{
@@ -299,8 +315,13 @@ func buildInitContainerSpecForCatalog(instance *databasev4.ShardingDatabase, Ora
 		Name:  OraCatalogSpex.Name + "-init1",
 		Image: instance.Spec.DbImage,
 		SecurityContext: &corev1.SecurityContext{
+      RunAsNonRoot: BoolPointer(true),
+      AllowPrivilegeEscalation: BoolPointer(false),
 			Privileged: &privFlag,
 			RunAsUser:  &uid,
+			Capabilities: &corev1.Capabilities{
+				Drop: []corev1.Capability{"ALL",},
+			},
 		},
 		Command: []string{
 			"/bin/bash",
@@ -329,6 +350,10 @@ func buildVolumeMountSpecForCatalog(instance *databasev4.ShardingDatabase, OraCa
 	}
 	result = append(result, corev1.VolumeMount{Name: OraCatalogSpex.Name + "oradshm-vol6", MountPath: oraShm})
 
+	if OraCatalogSpex.CatalogConfigData != nil && len(OraCatalogSpex.CatalogConfigData.Name) != 0 {
+          result = append(result, corev1.VolumeMount{Name: OraCatalogSpex.Name + "-oradata-configdata", MountPath: OraCatalogSpex.CatalogConfigData.MountPath})
+        }
+
 	if len(instance.Spec.StagePvcName) != 0 {
 		result = append(result, corev1.VolumeMount{Name: OraCatalogSpex.Name + "orastage-vol7", MountPath: oraStage})
 	}
@@ -526,3 +551,16 @@ func UpdateProvForCatalog(instance *databasev4.ShardingDatabase,
 
 	return ctrl.Result{}, nil
 }
+
+func ExportTDEKey(podName string, sparams string, instance *databasev4.ShardingDatabase, kubeClient kubernetes.Interface, kubeconfig clientcmd.ClientConfig, logger logr.Logger,) error {
+	var msg string
+
+  msg = ""
+	_, _, err := ExecCommand(podName, getExportTDEKeyCmd(sparams), kubeClient, kubeconfig, instance, logger)
+	if err != nil {
+		msg = "Error executing getExportTDEKeyCmd : podName=[" + podName + "]. errMsg=" + err.Error()
+		LogMessages("INFO", msg, nil, instance, logger)
+		return err
+	}
+	return nil
+}
diff --git a/commons/sharding/gsm.go b/commons/sharding/gsm.go
index e6be8770..5e0d5c46 100644
--- a/commons/sharding/gsm.go
+++ b/commons/sharding/gsm.go
@@ -142,11 +142,14 @@ func buildPodSpecForGsm(instance *databasev4.ShardingDatabase, OraGsmSpex databa
 	group := oraFsGroup
 	spec := &corev1.PodSpec{
 		SecurityContext: &corev1.PodSecurityContext{
+      RunAsNonRoot: BoolPointer(true),
 			RunAsUser: &user,
+      RunAsGroup: &group,
 			FSGroup:   &group,
 		},
 		Containers: buildContainerSpecForGsm(instance, OraGsmSpex),
 		Volumes:    buildVolumeSpecForGsm(instance, OraGsmSpex),
+    ServiceAccountName: instance.Spec.SrvAccountName,
 	}
 
 	if (instance.Spec.IsDownloadScripts) && (instance.Spec.ScriptsLocation != "") {
@@ -189,6 +192,10 @@ func buildVolumeSpecForGsm(instance *databasev4.ShardingDatabase, OraGsmSpex dat
 		},
 	}
 
+	if OraGsmSpex.GsmConfigData != nil && len(OraGsmSpex.GsmConfigData.Name) != 0 {
+                result = append(result, corev1.Volume{Name: OraGsmSpex.Name + "-oradata-configdata", VolumeSource: corev1.VolumeSource{ConfigMap: &corev1.ConfigMapVolumeSource{LocalObjectReference: corev1.LocalObjectReference{Name: OraGsmSpex.GsmConfigData.Name}}}})
+        }
+
 	if len(OraGsmSpex.PvcName) != 0 {
 		result = append(result, corev1.Volume{Name: OraGsmSpex.Name + "oradata-vol4", VolumeSource: corev1.VolumeSource{PersistentVolumeClaim: &corev1.PersistentVolumeClaimVolumeSource{ClaimName: OraGsmSpex.PvcName}}})
 	}
@@ -209,6 +216,8 @@ func buildContainerSpecForGsm(instance *databasev4.ShardingDatabase, OraGsmSpex
 	var result []corev1.Container
 	var masterGsmFlag = false
 	var idx int
+	user := oraRunAsUser
+	group := oraFsGroup
 	// Get the Idx
 	if instance.Spec.Gsm[0].Name == OraGsmSpex.Name {
 		masterGsmFlag = true
@@ -223,8 +232,13 @@ func buildContainerSpecForGsm(instance *databasev4.ShardingDatabase, OraGsmSpex
 		Name:  OraGsmSpex.Name,
 		Image: instance.Spec.GsmImage,
 		SecurityContext: &corev1.SecurityContext{
+      RunAsNonRoot: BoolPointer(true),
+      RunAsUser: &user,
+      RunAsGroup: &group,
+      AllowPrivilegeEscalation: BoolPointer(false),
 			Capabilities: &corev1.Capabilities{
 				Add: []corev1.Capability{"NET_RAW"},
+				Drop: []corev1.Capability{"ALL",},
 			},
 		},
 		Resources: corev1.ResourceRequirements{
@@ -288,8 +302,13 @@ func buildInitContainerSpecForGsm(instance *databasev4.ShardingDatabase, OraGsmS
 		Name:  OraGsmSpex.Name + "-init1",
 		Image: instance.Spec.GsmImage,
 		SecurityContext: &corev1.SecurityContext{
+      RunAsNonRoot: BoolPointer(true),
+      AllowPrivilegeEscalation: BoolPointer(false),
 			Privileged: &privFlag,
 			RunAsUser:  &uid,
+			Capabilities: &corev1.Capabilities{
+				Drop: []corev1.Capability{"ALL",},
+			},
 		},
 		Command: []string{
 			"/bin/bash",
@@ -318,6 +337,10 @@ func buildVolumeMountSpecForGsm(instance *databasev4.ShardingDatabase, OraGsmSpe
 	}
 	result = append(result, corev1.VolumeMount{Name: OraGsmSpex.Name + "oradshm-vol6", MountPath: oraShm})
 
+        if OraGsmSpex.GsmConfigData != nil && len(OraGsmSpex.GsmConfigData.Name) != 0 {
+                result = append(result, corev1.VolumeMount{Name: OraGsmSpex.Name + "-oradata-configdata", MountPath: OraGsmSpex.GsmConfigData.MountPath})
+        }
+
 	if len(instance.Spec.StagePvcName) != 0 {
 		result = append(result, corev1.VolumeMount{Name: OraGsmSpex.Name + "orastage-vol7", MountPath: oraStage})
 	}
diff --git a/commons/sharding/scommon.go b/commons/sharding/scommon.go
index 3b3f1b04..f284e5c6 100644
--- a/commons/sharding/scommon.go
+++ b/commons/sharding/scommon.go
@@ -238,6 +238,11 @@ func buildEnvVarsSpec(instance *databasev4.ShardingDatabase, variables []databas
 		result = append(result, corev1.EnvVar{Name: "KEY_SECRET_VOLUME", Value: oraSecretMount})
 	}
 
+	if checkTdeWalletFlag(instance) {
+		result = append(result, corev1.EnvVar{Name: "TDE_PWD_KEY", Value: instance.Spec.DbSecret.TdeKeyFileName})
+		result = append(result, corev1.EnvVar{Name: "TDE_PWD_FILE", Value: instance.Spec.DbSecret.TdePwdFileName})
+	}
+
 	if restype == "GSM" {
 		if !sDirectParam {
 			//varinfo = "director_name=sharddirector" + sDirectorCounter + ";director_region=primary;director_port=1521"
@@ -278,11 +283,14 @@ func buildEnvVarsSpec(instance *databasev4.ShardingDatabase, variables []databas
 		if len(instance.Spec.GsmService) > 0 {
 			svc = ""
 			for i := 0; i < len(instance.Spec.GsmService); i++ {
-				svc = svc + "service_name=" + instance.Spec.GsmService[i].Name + ";"
+				svc = svc + "service_name=" + instance.Spec.GsmService[i].Name
 				if len(instance.Spec.GsmService[i].Role) != 0 {
-					svc = svc + "service_role=" + instance.Spec.GsmService[i].Role
+					svc = svc + ";service_role=" + instance.Spec.GsmService[i].Role
 				} else {
-					svc = svc + "service_role=primary"
+					svc = svc + ";service_role=primary"
+				}
+				if len(instance.Spec.GsmService[i].RuMode) != 0 {
+					svc = svc + ";service_mode=" + instance.Spec.GsmService[i].RuMode
 				}
 				result = append(result, corev1.EnvVar{Name: "SERVICE" + fmt.Sprint(i) + "_PARAMS", Value: svc})
 				svc = ""
@@ -865,19 +873,26 @@ func buildDirectorParams(instance *databasev4.ShardingDatabase, oraGsmSpex datab
 	var varinfo string
 	var dnameFlag bool = false
 	var dportFlag bool = false
+	var dname string
+	var dport string
 
 	// Get the GSM Spec and build director params. idx feild is very important to build the unique director name and regiod. Idx is GSM array index.
 	variables = oraGsmSpex.EnvVars
 	for _, variable := range variables {
 		if variable.Name == "DIRECTOR_NAME" {
 			dnameFlag = true
+			dname = variable.Value
 		}
 		if variable.Name == "DIRECTOR_PORT" {
 			dportFlag = true
+			dport = variable.Value
 		}
 	}
 	if !dnameFlag {
-		varinfo = "director_name=sharddirector" + strconv.Itoa(idx) + ";"
+		varinfo = "director_name=sharddirector" + oraGsmSpex.Name + ";"
+		result = result + varinfo
+	} else {
+		varinfo = "director_name=" + dname + ";"
 		result = result + varinfo
 	}
 
@@ -901,7 +916,11 @@ func buildDirectorParams(instance *databasev4.ShardingDatabase, oraGsmSpex datab
 	if !dportFlag {
 		varinfo = "director_port=1522"
 		result = result + varinfo
+	} else {
+		varinfo = "director_port=" + dport
+		result = result + varinfo
 	}
+
 	result = strings.TrimSuffix(result, ";")
 	return result
 }
@@ -1168,6 +1187,16 @@ func getGsmvalidateCmd() []string {
 	return depCmd
 }
 
+func getExportTDEKeyCmd(sparamStr string) []string {
+	var exportTDEKeyCmd []string = []string{oraDbScriptMount + "/cmdExec", "/bin/python", oraDbScriptMount + "/main.py ", "--exporttdekey=" + strconv.Quote(sparamStr)}
+	return exportTDEKeyCmd
+}
+
+func getImportTDEKeyCmd(sparamStr string) []string {
+	var importTDEKeyCmd []string = []string{oraDbScriptMount + "/cmdExec", "/bin/python", oraDbScriptMount + "/main.py ", "--importtdekey=" + strconv.Quote(sparamStr)}
+	return importTDEKeyCmd
+}
+
 func getInitContainerCmd(resType string, name string,
 ) string {
 	var initCmd string
@@ -1530,6 +1559,15 @@ func checkTdeWalletFlag(instance *databasev4.ShardingDatabase) bool {
 	return false
 }
 
+func CheckIsTDEWalletFlag(instance *databasev4.ShardingDatabase, logger logr.Logger) bool {
+	LogMessages("INFO", "CheckIsTDEWalletFlag():isTdeWallet=["+instance.Spec.IsTdeWallet+"].", nil, instance, logger)
+	if strings.ToLower(instance.Spec.IsTdeWallet) == "enable" {
+		LogMessages("INFO", "CheckIsTDEWalletFlag():Returning true", nil, instance, logger)
+		return true
+	}
+	return false
+}
+
 func CheckIsDeleteFlag(delStr string, instance *databasev4.ShardingDatabase, logger logr.Logger) bool {
 	if strings.ToLower(delStr) == "enable" {
 		return true
@@ -1546,3 +1584,11 @@ func getTdeWalletMountLoc(instance *databasev4.ShardingDatabase) string {
 	}
 	return "/tdewallet/" + instance.Name
 }
+
+func Int64Pointer(d int64) *int64 {
+	return &d
+}
+
+func BoolPointer(d bool) *bool {
+	return &d
+}
diff --git a/commons/sharding/shard.go b/commons/sharding/shard.go
index e48b56dd..244589ab 100644
--- a/commons/sharding/shard.go
+++ b/commons/sharding/shard.go
@@ -42,6 +42,7 @@ import (
 	"context"
 	"reflect"
 	"strconv"
+	"strings"
 
 	databasev4 "github.com/oracle/oracle-database-operator/apis/database/v4"
 
@@ -51,6 +52,8 @@ import (
 	"k8s.io/apimachinery/pkg/api/resource"
 	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 	ctrl "sigs.k8s.io/controller-runtime"
+	"k8s.io/client-go/kubernetes"
+	"k8s.io/client-go/tools/clientcmd"
 	"sigs.k8s.io/controller-runtime/pkg/client"
 )
 
@@ -138,11 +141,14 @@ func buildPodSpecForShard(instance *databasev4.ShardingDatabase, OraShardSpex da
 	group := oraFsGroup
 	spec := &corev1.PodSpec{
 		SecurityContext: &corev1.PodSecurityContext{
+      RunAsNonRoot: BoolPointer(true),
 			RunAsUser: &user,
+      RunAsGroup: &group,
 			FSGroup:   &group,
 		},
 		Containers: buildContainerSpecForShard(instance, OraShardSpex),
 		Volumes:    buildVolumeSpecForShard(instance, OraShardSpex),
+    ServiceAccountName: instance.Spec.SrvAccountName,
 	}
 
 	if (instance.Spec.IsDownloadScripts) && (instance.Spec.ScriptsLocation != "") {
@@ -187,6 +193,10 @@ func buildVolumeSpecForShard(instance *databasev4.ShardingDatabase, OraShardSpex
 		},
 	}
 
+        if OraShardSpex.ShardConfigData != nil && len(OraShardSpex.ShardConfigData.Name) != 0 {
+                result = append(result, corev1.Volume{Name: OraShardSpex.Name + "-oradata-configdata", VolumeSource: corev1.VolumeSource{ConfigMap: &corev1.ConfigMapVolumeSource{LocalObjectReference: corev1.LocalObjectReference{Name: OraShardSpex.ShardConfigData.Name}}}})
+        }
+
 	if len(OraShardSpex.PvcName) != 0 {
 		result = append(result, corev1.Volume{Name: OraShardSpex.Name + "oradata-vol4", VolumeSource: corev1.VolumeSource{PersistentVolumeClaim: &corev1.PersistentVolumeClaimVolumeSource{ClaimName: OraShardSpex.PvcName}}})
 	}
@@ -211,12 +221,19 @@ func buildVolumeSpecForShard(instance *databasev4.ShardingDatabase, OraShardSpex
 func buildContainerSpecForShard(instance *databasev4.ShardingDatabase, OraShardSpex databasev4.ShardSpec) []corev1.Container {
 	// building Continer spec
 	var result []corev1.Container
+	user := oraRunAsUser
+	group := oraFsGroup
 	containerSpec := corev1.Container{
 		Name:  OraShardSpex.Name,
 		Image: instance.Spec.DbImage,
 		SecurityContext: &corev1.SecurityContext{
+      RunAsNonRoot: BoolPointer(true),
+      RunAsUser: &user,
+      RunAsGroup: &group,
+      AllowPrivilegeEscalation: BoolPointer(false),
 			Capabilities: &corev1.Capabilities{
 				Add: []corev1.Capability{corev1.Capability("NET_ADMIN"), corev1.Capability("SYS_NICE")},
+				Drop: []corev1.Capability{"ALL",},
 			},
 		},
 		Resources: corev1.ResourceRequirements{
@@ -304,8 +321,13 @@ func buildInitContainerSpecForShard(instance *databasev4.ShardingDatabase, OraSh
 		Name:  OraShardSpex.Name + "-init1",
 		Image: instance.Spec.DbImage,
 		SecurityContext: &corev1.SecurityContext{
+      RunAsNonRoot: BoolPointer(true),
+      AllowPrivilegeEscalation: BoolPointer(false),
 			Privileged: &privFlag,
 			RunAsUser:  &uid,
+			Capabilities: &corev1.Capabilities{
+				Drop: []corev1.Capability{"ALL",},
+			},
 		},
 		Command: []string{
 			"/bin/bash",
@@ -334,6 +356,10 @@ func buildVolumeMountSpecForShard(instance *databasev4.ShardingDatabase, OraShar
 	}
 	result = append(result, corev1.VolumeMount{Name: OraShardSpex.Name + "oradshm-vol6", MountPath: oraShm})
 
+        if OraShardSpex.ShardConfigData != nil && len(OraShardSpex.ShardConfigData.Name) != 0 {
+                result = append(result, corev1.VolumeMount{Name: OraShardSpex.Name + "-oradata-configdata", MountPath: OraShardSpex.ShardConfigData.MountPath})
+        }
+
 	if len(instance.Spec.StagePvcName) != 0 {
 		result = append(result, corev1.VolumeMount{Name: OraShardSpex.Name + "orastage-vol7", MountPath: oraStage})
 	}
@@ -510,3 +536,21 @@ func UpdateProvForShard(instance *databasev4.ShardingDatabase, OraShardSpex data
 	}
 	return ctrl.Result{}, nil
 }
+
+func ImportTDEKey(podName string, sparams string, instance *databasev4.ShardingDatabase, kubeClient kubernetes.Interface, kubeconfig clientcmd.ClientConfig, logger logr.Logger,) error {
+	var msg string
+
+  msg = ""
+	_, _, err := ExecCommand(podName, getImportTDEKeyCmd(sparams), kubeClient, kubeconfig, instance, logger)
+	if err != nil {
+		msg = "Error executing getImportTDEKeyCmd : podName=[" + podName + "]. errMsg=" + err.Error()
+		LogMessages("INFO", msg, nil, instance, logger)
+		return err
+	}
+
+  importArr := getImportTDEKeyCmd(sparams)
+  importCmd := strings.Join(importArr, " ")
+	msg = "Executed getImportTDEKeyCmd[" + importCmd + "] on pod " + podName
+	LogMessages("INFO", msg, nil, instance, logger)
+	return nil
+}
diff --git a/config/certmanager/certificate-metrics.yaml b/config/certmanager/certificate-metrics.yaml
new file mode 100644
index 00000000..c66f3fe6
--- /dev/null
+++ b/config/certmanager/certificate-metrics.yaml
@@ -0,0 +1,20 @@
+# The following manifests contain a self-signed issuer CR and a metrics certificate CR.
+# More document can be found at https://docs.cert-manager.io
+apiVersion: cert-manager.io/v1
+kind: Certificate
+metadata:
+  labels:
+    app.kubernetes.io/name: oracle-database-operator
+    app.kubernetes.io/managed-by: kustomize
+  name: metrics-certs  # this name should match the one appeared in kustomizeconfig.yaml
+  namespace: system
+spec:
+  dnsNames:
+  # SERVICE_NAME and SERVICE_NAMESPACE will be substituted by kustomize
+  # replacements in the config/default/kustomization.yaml file.
+  - SERVICE_NAME.SERVICE_NAMESPACE.svc
+  - SERVICE_NAME.SERVICE_NAMESPACE.svc.cluster.local
+  issuerRef:
+    kind: Issuer
+    name: selfsigned-issuer
+  secretName: metrics-server-cert
diff --git a/config/certmanager/certificate-webhook.yaml b/config/certmanager/certificate-webhook.yaml
new file mode 100644
index 00000000..1863f13b
--- /dev/null
+++ b/config/certmanager/certificate-webhook.yaml
@@ -0,0 +1,20 @@
+# The following manifests contain a self-signed issuer CR and a certificate CR.
+# More document can be found at https://docs.cert-manager.io
+apiVersion: cert-manager.io/v1
+kind: Certificate
+metadata:
+  labels:
+    app.kubernetes.io/name: oracle-database-operator
+    app.kubernetes.io/managed-by: kustomize
+  name: serving-cert  # this name should match the one appeared in kustomizeconfig.yaml
+  namespace: system
+spec:
+  # SERVICE_NAME and SERVICE_NAMESPACE will be substituted by kustomize
+  # replacements in the config/default/kustomization.yaml file.
+  dnsNames:
+  - SERVICE_NAME.SERVICE_NAMESPACE.svc
+  - SERVICE_NAME.SERVICE_NAMESPACE.svc.cluster.local
+  issuerRef:
+    kind: Issuer
+    name: selfsigned-issuer
+  secretName: webhook-server-cert
diff --git a/config/certmanager/certificate.yaml b/config/certmanager/certificate.yaml
index 6b331894..320f647e 100644
--- a/config/certmanager/certificate.yaml
+++ b/config/certmanager/certificate.yaml
@@ -21,10 +21,10 @@ metadata:
   name: serving-cert  # this name should match the one appeared in kustomizeconfig.yaml
   namespace: system
 spec:
-  # $(SERVICE_NAME) and $(SERVICE_NAMESPACE) will be substituted by kustomize
+  # SERVICE_NAME_PLACEHOLDER and SERVICE_NAMESPACE_PLACEHOLDER will be substituted by kustomize
   dnsNames:
-  - $(SERVICE_NAME).$(SERVICE_NAMESPACE).svc
-  - $(SERVICE_NAME).$(SERVICE_NAMESPACE).svc.cluster.local
+  - SERVICE_NAME_PLACEHOLDER.SERVICE_NAMESPACE_PLACEHOLDER.svc
+  - SERVICE_NAME_PLACEHOLDER.SERVICE_NAMESPACE_PLACEHOLDER.svc.cluster.local
   issuerRef:
     kind: Issuer
     name: selfsigned-issuer
diff --git a/config/certmanager/issuer.yaml b/config/certmanager/issuer.yaml
new file mode 100644
index 00000000..0518b674
--- /dev/null
+++ b/config/certmanager/issuer.yaml
@@ -0,0 +1,13 @@
+# The following manifest contains a self-signed issuer CR.
+# More information can be found at https://docs.cert-manager.io
+# WARNING: Targets CertManager v1.0. Check https://cert-manager.io/docs/installation/upgrading/ for breaking changes.
+apiVersion: cert-manager.io/v1
+kind: Issuer
+metadata:
+  labels:
+    app.kubernetes.io/name: oracle-database-operator
+    app.kubernetes.io/managed-by: kustomize
+  name: selfsigned-issuer
+  namespace: system
+spec:
+  selfSigned: {}
diff --git a/config/crd/bases/database.oracle.com_autonomouscontainerdatabases.yaml b/config/crd/bases/database.oracle.com_autonomouscontainerdatabases.yaml
index 1e078b63..78907768 100644
--- a/config/crd/bases/database.oracle.com_autonomouscontainerdatabases.yaml
+++ b/config/crd/bases/database.oracle.com_autonomouscontainerdatabases.yaml
@@ -3,7 +3,7 @@ apiVersion: apiextensions.k8s.io/v1
 kind: CustomResourceDefinition
 metadata:
   annotations:
-    controller-gen.kubebuilder.io/version: v0.16.5
+    controller-gen.kubebuilder.io/version: v0.17.3
   name: autonomouscontainerdatabases.database.oracle.com
 spec:
   group: database.oracle.com
diff --git a/config/crd/bases/database.oracle.com_autonomousdatabasebackups.yaml b/config/crd/bases/database.oracle.com_autonomousdatabasebackups.yaml
index b0d6f8ed..c4c49b93 100644
--- a/config/crd/bases/database.oracle.com_autonomousdatabasebackups.yaml
+++ b/config/crd/bases/database.oracle.com_autonomousdatabasebackups.yaml
@@ -3,7 +3,7 @@ apiVersion: apiextensions.k8s.io/v1
 kind: CustomResourceDefinition
 metadata:
   annotations:
-    controller-gen.kubebuilder.io/version: v0.16.5
+    controller-gen.kubebuilder.io/version: v0.17.3
   name: autonomousdatabasebackups.database.oracle.com
 spec:
   group: database.oracle.com
@@ -62,14 +62,14 @@ spec:
                 type: integer
               target:
                 properties:
-                  k8sADB:
+                  k8sAdb:
                     properties:
                       name:
                         type: string
                     type: object
-                  ociADB:
+                  ociAdb:
                     properties:
-                      ocid:
+                      id:
                         type: string
                     type: object
                 type: object
@@ -153,14 +153,14 @@ spec:
                 type: integer
               target:
                 properties:
-                  k8sADB:
+                  k8sAdb:
                     properties:
                       name:
                         type: string
                     type: object
-                  ociADB:
+                  ociAdb:
                     properties:
-                      ocid:
+                      id:
                         type: string
                     type: object
                 type: object
diff --git a/config/crd/bases/database.oracle.com_autonomousdatabaserestores.yaml b/config/crd/bases/database.oracle.com_autonomousdatabaserestores.yaml
index 3bfc5a4e..d59dfe2d 100644
--- a/config/crd/bases/database.oracle.com_autonomousdatabaserestores.yaml
+++ b/config/crd/bases/database.oracle.com_autonomousdatabaserestores.yaml
@@ -3,7 +3,7 @@ apiVersion: apiextensions.k8s.io/v1
 kind: CustomResourceDefinition
 metadata:
   annotations:
-    controller-gen.kubebuilder.io/version: v0.16.5
+    controller-gen.kubebuilder.io/version: v0.17.3
   name: autonomousdatabaserestores.database.oracle.com
 spec:
   group: database.oracle.com
@@ -48,7 +48,7 @@ spec:
                 type: object
               source:
                 properties:
-                  k8sADBBackup:
+                  k8sAdbBackup:
                     properties:
                       name:
                         type: string
@@ -61,14 +61,14 @@ spec:
                 type: object
               target:
                 properties:
-                  k8sADB:
+                  k8sAdb:
                     properties:
                       name:
                         type: string
                     type: object
-                  ociADB:
+                  ociAdb:
                     properties:
-                      ocid:
+                      id:
                         type: string
                     type: object
                 type: object
@@ -134,7 +134,7 @@ spec:
                 type: object
               source:
                 properties:
-                  k8sADBBackup:
+                  k8sAdbBackup:
                     properties:
                       name:
                         type: string
@@ -147,14 +147,14 @@ spec:
                 type: object
               target:
                 properties:
-                  k8sADB:
+                  k8sAdb:
                     properties:
                       name:
                         type: string
                     type: object
-                  ociADB:
+                  ociAdb:
                     properties:
-                      ocid:
+                      id:
                         type: string
                     type: object
                 type: object
diff --git a/config/crd/bases/database.oracle.com_autonomousdatabases.yaml b/config/crd/bases/database.oracle.com_autonomousdatabases.yaml
index 1672ae81..d8fdd561 100644
--- a/config/crd/bases/database.oracle.com_autonomousdatabases.yaml
+++ b/config/crd/bases/database.oracle.com_autonomousdatabases.yaml
@@ -3,7 +3,7 @@ apiVersion: apiextensions.k8s.io/v1
 kind: CustomResourceDefinition
 metadata:
   annotations:
-    controller-gen.kubebuilder.io/version: v0.16.5
+    controller-gen.kubebuilder.io/version: v0.17.3
   name: autonomousdatabases.database.oracle.com
 spec:
   group: database.oracle.com
@@ -30,9 +30,9 @@ spec:
     - jsonPath: .spec.details.isDedicated
       name: Dedicated
       type: string
-    - jsonPath: .spec.details.cpuCoreCount
-      name: OCPUs
-      type: integer
+    - jsonPath: .spec.details.computeCount
+      name: Compute Count
+      type: number
     - jsonPath: .spec.details.dataStorageSizeInTBs
       name: Storage (TB)
       type: integer
@@ -64,6 +64,8 @@ spec:
                 - Start
                 - Terminate
                 - Clone
+                - Switchover
+                - Failover
                 type: string
               clone:
                 properties:
@@ -363,9 +365,9 @@ spec:
     - jsonPath: .spec.details.isDedicated
       name: Dedicated
       type: string
-    - jsonPath: .spec.details.cpuCoreCount
-      name: OCPUs
-      type: integer
+    - jsonPath: .spec.details.computeCount
+      name: Compute Count
+      type: number
     - jsonPath: .spec.details.dataStorageSizeInTBs
       name: Storage (TB)
       type: integer
@@ -397,6 +399,8 @@ spec:
                 - Start
                 - Terminate
                 - Clone
+                - Switchover
+                - Failover
                 type: string
               clone:
                 properties:
diff --git a/config/crd/bases/database.oracle.com_dataguardbrokers.yaml b/config/crd/bases/database.oracle.com_dataguardbrokers.yaml
index 0e27126d..c71e94c0 100644
--- a/config/crd/bases/database.oracle.com_dataguardbrokers.yaml
+++ b/config/crd/bases/database.oracle.com_dataguardbrokers.yaml
@@ -3,7 +3,7 @@ apiVersion: apiextensions.k8s.io/v1
 kind: CustomResourceDefinition
 metadata:
   annotations:
-    controller-gen.kubebuilder.io/version: v0.16.5
+    controller-gen.kubebuilder.io/version: v0.17.3
   name: dataguardbrokers.database.oracle.com
 spec:
   group: database.oracle.com
@@ -11,6 +11,9 @@ spec:
     kind: DataguardBroker
     listKind: DataguardBrokerList
     plural: dataguardbrokers
+    shortNames:
+    - dgbroker
+    - dgbrokers
     singular: dataguardbroker
   scope: Namespaced
   versions:
diff --git a/config/crd/bases/database.oracle.com_dbcssystems.yaml b/config/crd/bases/database.oracle.com_dbcssystems.yaml
index 468d7612..351287e5 100644
--- a/config/crd/bases/database.oracle.com_dbcssystems.yaml
+++ b/config/crd/bases/database.oracle.com_dbcssystems.yaml
@@ -3,7 +3,7 @@ apiVersion: apiextensions.k8s.io/v1
 kind: CustomResourceDefinition
 metadata:
   annotations:
-    controller-gen.kubebuilder.io/version: v0.16.5
+    controller-gen.kubebuilder.io/version: v0.17.3
   name: dbcssystems.database.oracle.com
 spec:
   group: database.oracle.com
@@ -387,7 +387,23 @@ spec:
     storage: false
     subresources:
       status: {}
-  - name: v4
+  - additionalPrinterColumns:
+    - jsonPath: .status.displayName
+      name: Display Name
+      type: string
+    - jsonPath: .status.dbInfo[0].dbName
+      name: DB Name
+      type: string
+    - jsonPath: .status.state
+      name: State
+      type: string
+    - jsonPath: .status.dbInfo[0].dbVersion
+      name: DB Version
+      type: string
+    - jsonPath: .status.dbInfo[0].connectionString
+      name: ConnString
+      type: string
+    name: v4
     schema:
       openAPIV3Schema:
         properties:
@@ -399,6 +415,45 @@ spec:
             type: object
           spec:
             properties:
+              dataGuard:
+                properties:
+                  availabilityDomain:
+                    type: string
+                  dbAdminPasswordSecret:
+                    type: string
+                  dbName:
+                    type: string
+                  dbSystemFreeformTags:
+                    additionalProperties:
+                      type: string
+                    type: object
+                  displayName:
+                    type: string
+                  enabled:
+                    type: boolean
+                  hostName:
+                    type: string
+                  isDelete:
+                    type: boolean
+                  peerDbHomeId:
+                    type: string
+                  peerDbSystemId:
+                    type: string
+                  peerRole:
+                    type: string
+                  primaryDatabaseId:
+                    type: string
+                  protectionMode:
+                    type: string
+                  shape:
+                    type: string
+                  sidPrefix:
+                    type: string
+                  subnetId:
+                    type: string
+                  transportType:
+                    type: string
+                type: object
               databaseId:
                 type: string
               dbBackupId:
@@ -407,10 +462,10 @@ spec:
                 properties:
                   dbAdminPasswordSecret:
                     type: string
-                  dbDbUniqueName:
-                    type: string
                   dbName:
                     type: string
+                  dbUniqueName:
+                    type: string
                   displayName:
                     type: string
                   domain:
@@ -438,7 +493,6 @@ spec:
                   tdeWalletPasswordSecret:
                     type: string
                 required:
-                - dbDbUniqueName
                 - dbName
                 - displayName
                 - hostName
@@ -448,6 +502,8 @@ spec:
                 properties:
                   availabilityDomain:
                     type: string
+                  backupDisplayName:
+                    type: string
                   backupSubnetId:
                     type: string
                   clusterName:
@@ -473,10 +529,16 @@ spec:
                     type: string
                   dbEdition:
                     type: string
+                  dbHomeId:
+                    type: string
                   dbName:
                     type: string
+                  dbPatchOcid:
+                    type: string
                   dbUniqueName:
                     type: string
+                  dbUpgradeVersion:
+                    type: string
                   dbVersion:
                     type: string
                   dbWorkload:
@@ -516,6 +578,16 @@ spec:
                     type: string
                   privateIp:
                     type: string
+                  restoreConfig:
+                    properties:
+                      latest:
+                        type: boolean
+                      scn:
+                        type: string
+                      timestamp:
+                        format: date-time
+                        type: string
+                    type: object
                   shape:
                     type: string
                   sshPublicKeys:
@@ -534,18 +606,17 @@ spec:
                     type: string
                   timeZone:
                     type: string
-                required:
-                - availabilityDomain
-                - compartmentId
-                - dbAdminPasswordSecret
-                - hostName
-                - shape
-                - subnetId
                 type: object
+              enableBackup:
+                type: boolean
               hardLink:
                 type: boolean
               id:
                 type: string
+              isPatch:
+                type: boolean
+              isUpgrade:
+                type: boolean
               kmsConfig:
                 properties:
                   compartmentId:
@@ -599,20 +670,72 @@ spec:
             properties:
               availabilityDomain:
                 type: string
+              backups:
+                items:
+                  properties:
+                    backupId:
+                      type: string
+                    name:
+                      type: string
+                    timestamp:
+                      type: string
+                  required:
+                  - backupId
+                  - name
+                  - timestamp
+                  type: object
+                type: array
               cpuCoreCount:
                 type: integer
+              dataGuardStatus:
+                properties:
+                  dbAdminPasswordSecret:
+                    type: string
+                  dbName:
+                    type: string
+                  dbWorkload:
+                    type: string
+                  id:
+                    type: string
+                  isActiveDataGuardEnabled:
+                    type: boolean
+                  lifecycleDetails:
+                    type: string
+                  lifecycleState:
+                    type: string
+                  peerDataGuardAssociationId:
+                    type: string
+                  peerDatabaseId:
+                    type: string
+                  peerDbHomeId:
+                    type: string
+                  peerDbSystemId:
+                    type: string
+                  peerRole:
+                    type: string
+                  primaryDatabaseId:
+                    type: string
+                  protectionMode:
+                    type: string
+                  shape:
+                    type: string
+                  subnetId:
+                    type: string
+                  transportType:
+                    type: string
+                type: object
               dataStoragePercentage:
                 type: integer
               dataStorageSizeInGBs:
                 type: integer
               dbCloneStatus:
                 properties:
-                  dbAdminPaswordSecret:
-                    type: string
-                  dbDbUniqueName:
+                  dbAdminPasswordSecret:
                     type: string
                   dbName:
                     type: string
+                  dbUniqueName:
+                    type: string
                   displayName:
                     type: string
                   domain:
@@ -629,15 +752,16 @@ spec:
                     type: array
                   subnetId:
                     type: string
-                required:
-                - dbDbUniqueName
-                - hostName
                 type: object
               dbEdition:
                 type: string
               dbInfo:
                 items:
                   properties:
+                    connectionString:
+                      type: string
+                    connectionStringLong:
+                      type: string
                     dbHomeId:
                       type: string
                     dbName:
@@ -650,6 +774,8 @@ spec:
                       type: string
                   type: object
                 type: array
+              dbVersion:
+                type: string
               displayName:
                 type: string
               id:
@@ -675,6 +801,8 @@ spec:
                 type: object
               licenseModel:
                 type: string
+              message:
+                type: string
               network:
                 properties:
                   clientSubnet:
@@ -743,9 +871,6 @@ spec:
                       type: string
                     timeStarted:
                       type: string
-                  required:
-                  - operationId
-                  - operationType
                   type: object
                 type: array
             required:
diff --git a/config/crd/bases/database.oracle.com_lrests.yaml b/config/crd/bases/database.oracle.com_lrests.yaml
index c20356e7..4edf8f84 100644
--- a/config/crd/bases/database.oracle.com_lrests.yaml
+++ b/config/crd/bases/database.oracle.com_lrests.yaml
@@ -3,7 +3,7 @@ apiVersion: apiextensions.k8s.io/v1
 kind: CustomResourceDefinition
 metadata:
   annotations:
-    controller-gen.kubebuilder.io/version: v0.16.5
+    controller-gen.kubebuilder.io/version: v0.17.3
   name: lrests.database.oracle.com
 spec:
   group: database.oracle.com
@@ -55,6 +55,8 @@ spec:
             type: object
           spec:
             properties:
+              autodiscover:
+                type: boolean
               cdbAdminPwd:
                 properties:
                   secret:
@@ -117,6 +119,21 @@ spec:
                 required:
                 - secret
                 type: object
+              cdbTlsCat:
+                properties:
+                  secret:
+                    properties:
+                      key:
+                        type: string
+                      secretName:
+                        type: string
+                    required:
+                    - key
+                    - secretName
+                    type: object
+                required:
+                - secret
+                type: object
               cdbTlsCrt:
                 properties:
                   secret:
@@ -147,6 +164,9 @@ spec:
                 required:
                 - secret
                 type: object
+              clusterIp:
+                default: false
+                type: boolean
               dbPort:
                 type: integer
               dbServer:
@@ -155,6 +175,9 @@ spec:
                 type: string
               deletePdbCascade:
                 type: boolean
+              loadBalancer:
+                default: false
+                type: boolean
               lrestImage:
                 type: string
               lrestImagePullPolicy:
@@ -165,6 +188,7 @@ spec:
               lrestImagePullSecret:
                 type: string
               lrestPort:
+                default: 8888
                 type: integer
               lrestPwd:
                 properties:
@@ -181,12 +205,16 @@ spec:
                 required:
                 - secret
                 type: object
+              namespaceAutoDiscover:
+                type: string
               nodeSelector:
                 additionalProperties:
                   type: string
                 type: object
               replicas:
                 type: integer
+              serviceAccountName:
+                type: string
               serviceName:
                 type: string
               sysAdminPwd:
@@ -204,6 +232,9 @@ spec:
                 required:
                 - secret
                 type: object
+              trace_level_client:
+                default: 0
+                type: integer
               webServerPwd:
                 properties:
                   secret:
diff --git a/config/crd/bases/database.oracle.com_lrpdbs.yaml b/config/crd/bases/database.oracle.com_lrpdbs.yaml
index 14ad7f29..b58d9d89 100644
--- a/config/crd/bases/database.oracle.com_lrpdbs.yaml
+++ b/config/crd/bases/database.oracle.com_lrpdbs.yaml
@@ -3,7 +3,7 @@ apiVersion: apiextensions.k8s.io/v1
 kind: CustomResourceDefinition
 metadata:
   annotations:
-    controller-gen.kubebuilder.io/version: v0.16.5
+    controller-gen.kubebuilder.io/version: v0.17.3
   name: lrpdbs.database.oracle.com
 spec:
   group: database.oracle.com
@@ -31,18 +31,26 @@ spec:
       jsonPath: .status.totalSize
       name: PDB Size
       type: string
-    - description: Status of the LRPDB Resource
-      jsonPath: .status.phase
-      name: Status
-      type: string
     - description: Error message, if any
       jsonPath: .status.msg
       name: Message
       type: string
+    - description: open restricted
+      jsonPath: .status.restricted
+      name: Restricted
+      type: string
     - description: last sqlcode
       jsonPath: .status.sqlCode
       name: last sqlcode
       type: integer
+    - description: last plsql applied
+      jsonPath: .status.lastplsql
+      name: last PLSQL
+      type: string
+    - description: Bitmask status
+      jsonPath: .status.pdbBitMaskStr
+      name: BITMASK STATUS
+      type: string
     - description: The connect string to be used
       jsonPath: .status.connString
       name: Connect_String
@@ -60,17 +68,6 @@ spec:
           spec:
             properties:
               action:
-                enum:
-                - Create
-                - Clone
-                - Plug
-                - Unplug
-                - Delete
-                - Modify
-                - Status
-                - Map
-                - Alter
-                - Noaction
                 type: string
               adminName:
                 properties:
@@ -140,8 +137,6 @@ spec:
                 type: string
               asClone:
                 type: boolean
-              assertiveLrpdbDeletion:
-                type: boolean
               cdbName:
                 type: string
               cdbNamespace:
@@ -163,12 +158,16 @@ spec:
                 type: object
               cdbResName:
                 type: string
+              codeconfigmap:
+                type: string
               copyAction:
                 enum:
                 - COPY
                 - NOCOPY
                 - MOVE
                 type: string
+              debug:
+                type: integer
               dropAction:
                 enum:
                 - INCLUDING
@@ -177,6 +176,9 @@ spec:
               fileNameConversions:
                 type: string
               getScript:
+                default: false
+                type: boolean
+              imperativeLrpdbDeletion:
                 type: boolean
               lrpdbTlsCat:
                 properties:
@@ -231,6 +233,9 @@ spec:
                 - READ WRITE
                 - RESTRICTED
                 type: string
+              modifyOption2:
+                default: NONE
+                type: string
               parameterScope:
                 type: string
               pdbName:
@@ -240,10 +245,21 @@ spec:
                 - OPEN
                 - CLOSE
                 - ALTER
+                - DELETE
+                - UNPLUG
+                - PLUG
+                - CLONE
+                - RESET
+                - NONE
                 type: string
               pdbconfigmap:
                 type: string
+              plsqlexemode:
+                type: integer
+              reststate:
+                type: integer
               reuseTempFile:
+                default: true
                 type: boolean
               sourceFileNameConversions:
                 type: string
@@ -292,6 +308,7 @@ spec:
               totalSize:
                 type: string
               unlimitedStorage:
+                default: true
                 type: boolean
               webServerPwd:
                 properties:
@@ -325,11 +342,6 @@ spec:
                 type: object
               xmlFileName:
                 type: string
-            required:
-            - action
-            - alterSystemParameter
-            - alterSystemValue
-            - webServerPwd
             type: object
           status:
             properties:
@@ -343,14 +355,22 @@ spec:
                 type: string
               connString:
                 type: string
+              lastplsql:
+                type: string
               modifyOption:
                 type: string
               msg:
                 type: string
               openMode:
                 type: string
+              pdbBitMask:
+                type: integer
+              pdbBitMaskStr:
+                type: string
               phase:
                 type: string
+              restricted:
+                type: string
               sqlCode:
                 type: integer
               status:
diff --git a/config/crd/bases/database.oracle.com_oraclerestartnews.yaml b/config/crd/bases/database.oracle.com_oraclerestartnews.yaml
new file mode 100644
index 00000000..3aece252
--- /dev/null
+++ b/config/crd/bases/database.oracle.com_oraclerestartnews.yaml
@@ -0,0 +1,1468 @@
+---
+apiVersion: apiextensions.k8s.io/v1
+kind: CustomResourceDefinition
+metadata:
+  annotations:
+    controller-gen.kubebuilder.io/version: v0.16.5
+  name: oraclerestartnews.database.oracle.com
+spec:
+  group: database.oracle.com
+  names:
+    kind: OracleRestartNew
+    listKind: OracleRestartNewList
+    plural: oraclerestartnews
+    singular: oraclerestartnew
+  scope: Namespaced
+  versions:
+  - additionalPrinterColumns:
+    - jsonPath: .status.configParams.dbName
+      name: DbName
+      type: string
+    - jsonPath: .status.dbState
+      name: DbState
+      type: string
+    - jsonPath: .status.role
+      name: Role
+      type: string
+    - jsonPath: .status.releaseUpdate
+      name: Version
+      type: string
+    - jsonPath: .status.pdbConnectString
+      name: Pdb Connect Str
+      type: string
+    - jsonPath: .status.state
+      name: State
+      type: string
+    name: v4
+    schema:
+      openAPIV3Schema:
+        properties:
+          apiVersion:
+            type: string
+          kind:
+            type: string
+          metadata:
+            type: object
+          spec:
+            properties:
+              asmStorageDetails:
+                properties:
+                  autoUpdate:
+                    type: string
+                  disksBySize:
+                    items:
+                      properties:
+                        diskNames:
+                          items:
+                            type: string
+                          type: array
+                        storageSizeInGb:
+                          type: integer
+                      type: object
+                    type: array
+                  workerNodes:
+                    items:
+                      type: string
+                    type: array
+                type: object
+              configParams:
+                properties:
+                  cpuCount:
+                    type: integer
+                  crsAsmDeviceList:
+                    type: string
+                  crsAsmDiskDg:
+                    type: string
+                  crsAsmDiskDgRedundancy:
+                    type: string
+                  dbAsmDeviceList:
+                    type: string
+                  dbAsmDiskDgRedundancy:
+                    type: string
+                  dbBase:
+                    type: string
+                  dbCharSet:
+                    type: string
+                  dbConfigType:
+                    type: string
+                  dbDataFileDestDg:
+                    type: string
+                  dbHome:
+                    type: string
+                  dbName:
+                    type: string
+                  dbRecoveryFileDest:
+                    type: string
+                  dbRecoveryFileDestSize:
+                    type: string
+                  dbRedoFileSize:
+                    type: string
+                  dbResponseFile:
+                    properties:
+                      configMapName:
+                        type: string
+                      name:
+                        type: string
+                    type: object
+                  dbStorageType:
+                    type: string
+                  dbSwZipFile:
+                    type: string
+                  dbType:
+                    type: string
+                  dbUniqueName:
+                    type: string
+                  enableArchiveLog:
+                    type: string
+                  gridBase:
+                    type: string
+                  gridHome:
+                    type: string
+                  gridResponseFile:
+                    properties:
+                      configMapName:
+                        type: string
+                      name:
+                        type: string
+                    type: object
+                  gridSwZipFile:
+                    type: string
+                  hostSwStageLocation:
+                    type: string
+                  inventory:
+                    type: string
+                  opType:
+                    type: string
+                  pdbName:
+                    type: string
+                  pgaSize:
+                    type: string
+                  processes:
+                    type: integer
+                  recoAsmDeviceList:
+                    type: string
+                  recoAsmDiskDgRedudancy:
+                    type: string
+                  redoAsmDeviceList:
+                    type: string
+                  redoAsmDiskDgRedundancy:
+                    type: string
+                  sgaSize:
+                    type: string
+                  stagingSoftwareLocation:
+                    type: string
+                  swMountLocation:
+                    type: string
+                type: object
+              dbSecret:
+                properties:
+                  encryptionType:
+                    type: string
+                  keyFileMountLocation:
+                    type: string
+                  keyFileName:
+                    type: string
+                  keySecretName:
+                    type: string
+                  name:
+                    type: string
+                  pwdFileMountLocation:
+                    type: string
+                  pwdFileName:
+                    type: string
+                type: object
+              externalSvcType:
+                type: string
+              image:
+                type: string
+              imagePullPolicy:
+                type: string
+              imagePullSecret:
+                type: string
+              instDetails:
+                items:
+                  properties:
+                    envFile:
+                      type: string
+                    envVars:
+                      items:
+                        properties:
+                          name:
+                            type: string
+                          value:
+                            type: string
+                          valueFrom:
+                            properties:
+                              configMapKeyRef:
+                                properties:
+                                  key:
+                                    type: string
+                                  name:
+                                    default: ""
+                                    type: string
+                                  optional:
+                                    type: boolean
+                                required:
+                                - key
+                                type: object
+                                x-kubernetes-map-type: atomic
+                              fieldRef:
+                                properties:
+                                  apiVersion:
+                                    type: string
+                                  fieldPath:
+                                    type: string
+                                required:
+                                - fieldPath
+                                type: object
+                                x-kubernetes-map-type: atomic
+                              resourceFieldRef:
+                                properties:
+                                  containerName:
+                                    type: string
+                                  divisor:
+                                    anyOf:
+                                    - type: integer
+                                    - type: string
+                                    pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+                                    x-kubernetes-int-or-string: true
+                                  resource:
+                                    type: string
+                                required:
+                                - resource
+                                type: object
+                                x-kubernetes-map-type: atomic
+                              secretKeyRef:
+                                properties:
+                                  key:
+                                    type: string
+                                  name:
+                                    default: ""
+                                    type: string
+                                  optional:
+                                    type: boolean
+                                required:
+                                - key
+                                type: object
+                                x-kubernetes-map-type: atomic
+                            type: object
+                        required:
+                        - name
+                        type: object
+                      type: array
+                    hostSwLocation:
+                      type: string
+                    isDelete:
+                      type: string
+                    isForceDelete:
+                      type: string
+                    isKeepPVC:
+                      type: string
+                    label:
+                      type: string
+                    lsnrLocalPort:
+                      format: int32
+                      type: integer
+                    lsnrTargetPort:
+                      format: int32
+                      type: integer
+                    name:
+                      type: string
+                    nodePortSvc:
+                      items:
+                        properties:
+                          name:
+                            type: string
+                          portMappings:
+                            items:
+                              properties:
+                                nodePort:
+                                  format: int32
+                                  type: integer
+                                port:
+                                  format: int32
+                                  type: integer
+                                protocol:
+                                  type: string
+                                targetPort:
+                                  format: int32
+                                  type: integer
+                              required:
+                              - port
+                              - protocol
+                              - targetPort
+                              type: object
+                            type: array
+                          svcType:
+                            type: string
+                        required:
+                        - name
+                        - svcType
+                        type: object
+                      type: array
+                    onsLocalPort:
+                      format: int32
+                      type: integer
+                    onsTargetPort:
+                      format: int32
+                      type: integer
+                    portMappings:
+                      items:
+                        properties:
+                          nodePort:
+                            format: int32
+                            type: integer
+                          port:
+                            format: int32
+                            type: integer
+                          protocol:
+                            type: string
+                          targetPort:
+                            format: int32
+                            type: integer
+                        required:
+                        - port
+                        - protocol
+                        - targetPort
+                        type: object
+                      type: array
+                    pvcName:
+                      additionalProperties:
+                        type: string
+                      type: object
+                    resources:
+                      properties:
+                        claims:
+                          items:
+                            properties:
+                              name:
+                                type: string
+                              request:
+                                type: string
+                            required:
+                            - name
+                            type: object
+                          type: array
+                          x-kubernetes-list-map-keys:
+                          - name
+                          x-kubernetes-list-type: map
+                        limits:
+                          additionalProperties:
+                            anyOf:
+                            - type: integer
+                            - type: string
+                            pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+                            x-kubernetes-int-or-string: true
+                          type: object
+                        requests:
+                          additionalProperties:
+                            anyOf:
+                            - type: integer
+                            - type: string
+                            pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+                            x-kubernetes-int-or-string: true
+                          type: object
+                      type: object
+                    workerNode:
+                      items:
+                        type: string
+                      type: array
+                  required:
+                  - name
+                  type: object
+                type: array
+              isDebug:
+                type: string
+              isDeleteOraPvc:
+                type: string
+              isDeleteTopology:
+                type: string
+              isFailed:
+                type: boolean
+              isManual:
+                type: boolean
+              nfsStorageDetails:
+                properties:
+                  path:
+                    type: string
+                  readOnly:
+                    type: boolean
+                  server:
+                    type: string
+                required:
+                - path
+                - server
+                type: object
+              readinessProbe:
+                properties:
+                  exec:
+                    properties:
+                      command:
+                        items:
+                          type: string
+                        type: array
+                        x-kubernetes-list-type: atomic
+                    type: object
+                  failureThreshold:
+                    format: int32
+                    type: integer
+                  grpc:
+                    properties:
+                      port:
+                        format: int32
+                        type: integer
+                      service:
+                        default: ""
+                        type: string
+                    required:
+                    - port
+                    type: object
+                  httpGet:
+                    properties:
+                      host:
+                        type: string
+                      httpHeaders:
+                        items:
+                          properties:
+                            name:
+                              type: string
+                            value:
+                              type: string
+                          required:
+                          - name
+                          - value
+                          type: object
+                        type: array
+                        x-kubernetes-list-type: atomic
+                      path:
+                        type: string
+                      port:
+                        anyOf:
+                        - type: integer
+                        - type: string
+                        x-kubernetes-int-or-string: true
+                      scheme:
+                        type: string
+                    required:
+                    - port
+                    type: object
+                  initialDelaySeconds:
+                    format: int32
+                    type: integer
+                  periodSeconds:
+                    format: int32
+                    type: integer
+                  successThreshold:
+                    format: int32
+                    type: integer
+                  tcpSocket:
+                    properties:
+                      host:
+                        type: string
+                      port:
+                        anyOf:
+                        - type: integer
+                        - type: string
+                        x-kubernetes-int-or-string: true
+                    required:
+                    - port
+                    type: object
+                  terminationGracePeriodSeconds:
+                    format: int64
+                    type: integer
+                  timeoutSeconds:
+                    format: int32
+                    type: integer
+                type: object
+              resources:
+                properties:
+                  claims:
+                    items:
+                      properties:
+                        name:
+                          type: string
+                        request:
+                          type: string
+                      required:
+                      - name
+                      type: object
+                    type: array
+                    x-kubernetes-list-map-keys:
+                    - name
+                    x-kubernetes-list-type: map
+                  limits:
+                    additionalProperties:
+                      anyOf:
+                      - type: integer
+                      - type: string
+                      pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+                      x-kubernetes-int-or-string: true
+                    type: object
+                  requests:
+                    additionalProperties:
+                      anyOf:
+                      - type: integer
+                      - type: string
+                      pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+                      x-kubernetes-int-or-string: true
+                    type: object
+                type: object
+              scriptsGetCmd:
+                type: string
+              scriptsLocation:
+                type: string
+              securityContext:
+                properties:
+                  appArmorProfile:
+                    properties:
+                      localhostProfile:
+                        type: string
+                      type:
+                        type: string
+                    required:
+                    - type
+                    type: object
+                  fsGroup:
+                    format: int64
+                    type: integer
+                  fsGroupChangePolicy:
+                    type: string
+                  runAsGroup:
+                    format: int64
+                    type: integer
+                  runAsNonRoot:
+                    type: boolean
+                  runAsUser:
+                    format: int64
+                    type: integer
+                  seLinuxOptions:
+                    properties:
+                      level:
+                        type: string
+                      role:
+                        type: string
+                      type:
+                        type: string
+                      user:
+                        type: string
+                    type: object
+                  seccompProfile:
+                    properties:
+                      localhostProfile:
+                        type: string
+                      type:
+                        type: string
+                    required:
+                    - type
+                    type: object
+                  supplementalGroups:
+                    items:
+                      format: int64
+                      type: integer
+                    type: array
+                    x-kubernetes-list-type: atomic
+                  supplementalGroupsPolicy:
+                    type: string
+                  sysctls:
+                    items:
+                      properties:
+                        name:
+                          type: string
+                        value:
+                          type: string
+                      required:
+                      - name
+                      - value
+                      type: object
+                    type: array
+                    x-kubernetes-list-type: atomic
+                  windowsOptions:
+                    properties:
+                      gmsaCredentialSpec:
+                        type: string
+                      gmsaCredentialSpecName:
+                        type: string
+                      hostProcess:
+                        type: boolean
+                      runAsUserName:
+                        type: string
+                    type: object
+                type: object
+              serviceDetails:
+                properties:
+                  available:
+                    items:
+                      type: string
+                    type: array
+                  cardinality:
+                    type: string
+                  clbGoal:
+                    type: string
+                  commitOutComeFastPath:
+                    type: string
+                  commitOutcome:
+                    type: string
+                  drainTimeOut:
+                    type: integer
+                  dtp:
+                    type: string
+                  edition:
+                    type: string
+                  failBack:
+                    type: string
+                  failOverDelay:
+                    type: integer
+                  failOverRestore:
+                    type: string
+                  failOverRetry:
+                    type: integer
+                  failOverType:
+                    type: string
+                  name:
+                    type: string
+                  notification:
+                    type: string
+                  pdb:
+                    type: string
+                  preferred:
+                    items:
+                      type: string
+                    type: array
+                  retenion:
+                    type: integer
+                  rlbGoal:
+                    type: string
+                  role:
+                    type: string
+                  sessionState:
+                    type: string
+                  stopOption:
+                    type: string
+                  svcState:
+                    type: string
+                  tafPolicy:
+                    type: string
+                required:
+                - name
+                type: object
+              sshKeySecret:
+                properties:
+                  keyMountLocation:
+                    type: string
+                  name:
+                    type: string
+                  privKeySecretName:
+                    type: string
+                  pubKeySecretName:
+                    type: string
+                required:
+                - name
+                type: object
+              storageClass:
+                type: string
+              storageSizeInGB:
+                type: integer
+              tdeWalletSecret:
+                properties:
+                  encryptionType:
+                    type: string
+                  keyFileMountLocation:
+                    type: string
+                  keyFileName:
+                    type: string
+                  keySecretName:
+                    type: string
+                  name:
+                    type: string
+                  pwdFileMountLocation:
+                    type: string
+                  pwdFileName:
+                    type: string
+                type: object
+              useNfsforSwStorage:
+                type: string
+            required:
+            - instDetails
+            - securityContext
+            type: object
+          status:
+            properties:
+              DbName:
+                type: string
+              OracleRestartNodes:
+                items:
+                  properties:
+                    name:
+                      type: string
+                    nodeDetails:
+                      properties:
+                        InstanceState:
+                          type: string
+                        PodState:
+                          type: string
+                        clusterState:
+                          type: string
+                        isDelete:
+                          type: string
+                        mountedDevices:
+                          items:
+                            type: string
+                          type: array
+                        nodePortSvc:
+                          items:
+                            properties:
+                              name:
+                                type: string
+                              portMappings:
+                                items:
+                                  properties:
+                                    nodePort:
+                                      format: int32
+                                      type: integer
+                                    port:
+                                      format: int32
+                                      type: integer
+                                    protocol:
+                                      type: string
+                                    targetPort:
+                                      format: int32
+                                      type: integer
+                                  required:
+                                  - port
+                                  - protocol
+                                  - targetPort
+                                  type: object
+                                type: array
+                              svcType:
+                                type: string
+                            required:
+                            - name
+                            - svcType
+                            type: object
+                          type: array
+                        portMappings:
+                          items:
+                            properties:
+                              nodePort:
+                                format: int32
+                                type: integer
+                              port:
+                                format: int32
+                                type: integer
+                              protocol:
+                                type: string
+                              targetPort:
+                                format: int32
+                                type: integer
+                            required:
+                            - port
+                            - protocol
+                            - targetPort
+                            type: object
+                          type: array
+                        pvcName:
+                          additionalProperties:
+                            type: string
+                          type: object
+                        state:
+                          type: string
+                        workerNode:
+                          type: string
+                      type: object
+                  type: object
+                type: array
+              asmDetails:
+                properties:
+                  diskgroup:
+                    items:
+                      properties:
+                        disks:
+                          items:
+                            type: string
+                          type: array
+                        name:
+                          type: string
+                        redundancy:
+                          type: string
+                      type: object
+                    type: array
+                type: object
+              clientEtcHost:
+                items:
+                  type: string
+                type: array
+              conditions:
+                items:
+                  properties:
+                    lastTransitionTime:
+                      format: date-time
+                      type: string
+                    message:
+                      maxLength: 32768
+                      type: string
+                    observedGeneration:
+                      format: int64
+                      minimum: 0
+                      type: integer
+                    reason:
+                      maxLength: 1024
+                      minLength: 1
+                      pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$
+                      type: string
+                    status:
+                      enum:
+                      - "True"
+                      - "False"
+                      - Unknown
+                      type: string
+                    type:
+                      maxLength: 316
+                      pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$
+                      type: string
+                  required:
+                  - lastTransitionTime
+                  - message
+                  - reason
+                  - status
+                  - type
+                  type: object
+                type: array
+                x-kubernetes-list-map-keys:
+                - type
+                x-kubernetes-list-type: map
+              configParams:
+                properties:
+                  cpuCount:
+                    type: integer
+                  crsAsmDeviceList:
+                    type: string
+                  crsAsmDiskDg:
+                    type: string
+                  crsAsmDiskDgRedundancy:
+                    type: string
+                  dbAsmDeviceList:
+                    type: string
+                  dbAsmDiskDgRedundancy:
+                    type: string
+                  dbBase:
+                    type: string
+                  dbCharSet:
+                    type: string
+                  dbConfigType:
+                    type: string
+                  dbDataFileDestDg:
+                    type: string
+                  dbHome:
+                    type: string
+                  dbName:
+                    type: string
+                  dbRecoveryFileDest:
+                    type: string
+                  dbRecoveryFileDestSize:
+                    type: string
+                  dbRedoFileSize:
+                    type: string
+                  dbResponseFile:
+                    properties:
+                      configMapName:
+                        type: string
+                      name:
+                        type: string
+                    type: object
+                  dbStorageType:
+                    type: string
+                  dbSwZipFile:
+                    type: string
+                  dbType:
+                    type: string
+                  dbUniqueName:
+                    type: string
+                  enableArchiveLog:
+                    type: string
+                  gridBase:
+                    type: string
+                  gridHome:
+                    type: string
+                  gridResponseFile:
+                    properties:
+                      configMapName:
+                        type: string
+                      name:
+                        type: string
+                    type: object
+                  gridSwZipFile:
+                    type: string
+                  hostSwStageLocation:
+                    type: string
+                  inventory:
+                    type: string
+                  opType:
+                    type: string
+                  pdbName:
+                    type: string
+                  pgaSize:
+                    type: string
+                  processes:
+                    type: integer
+                  recoAsmDeviceList:
+                    type: string
+                  recoAsmDiskDgRedudancy:
+                    type: string
+                  redoAsmDeviceList:
+                    type: string
+                  redoAsmDiskDgRedundancy:
+                    type: string
+                  sgaSize:
+                    type: string
+                  stagingSoftwareLocation:
+                    type: string
+                  swMountLocation:
+                    type: string
+                type: object
+              connectString:
+                type: string
+              dbSecret:
+                properties:
+                  encryptionType:
+                    type: string
+                  keyFileMountLocation:
+                    type: string
+                  keyFileName:
+                    type: string
+                  keySecretName:
+                    type: string
+                  name:
+                    type: string
+                  pwdFileMountLocation:
+                    type: string
+                  pwdFileName:
+                    type: string
+                type: object
+              dbState:
+                type: string
+              externalConnectString:
+                type: string
+              externalSvcType:
+                type: string
+              image:
+                type: string
+              imagePullPolicy:
+                type: string
+              imagePullSecret:
+                type: string
+              instDetails:
+                items:
+                  properties:
+                    envFile:
+                      type: string
+                    envVars:
+                      items:
+                        properties:
+                          name:
+                            type: string
+                          value:
+                            type: string
+                          valueFrom:
+                            properties:
+                              configMapKeyRef:
+                                properties:
+                                  key:
+                                    type: string
+                                  name:
+                                    default: ""
+                                    type: string
+                                  optional:
+                                    type: boolean
+                                required:
+                                - key
+                                type: object
+                                x-kubernetes-map-type: atomic
+                              fieldRef:
+                                properties:
+                                  apiVersion:
+                                    type: string
+                                  fieldPath:
+                                    type: string
+                                required:
+                                - fieldPath
+                                type: object
+                                x-kubernetes-map-type: atomic
+                              resourceFieldRef:
+                                properties:
+                                  containerName:
+                                    type: string
+                                  divisor:
+                                    anyOf:
+                                    - type: integer
+                                    - type: string
+                                    pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+                                    x-kubernetes-int-or-string: true
+                                  resource:
+                                    type: string
+                                required:
+                                - resource
+                                type: object
+                                x-kubernetes-map-type: atomic
+                              secretKeyRef:
+                                properties:
+                                  key:
+                                    type: string
+                                  name:
+                                    default: ""
+                                    type: string
+                                  optional:
+                                    type: boolean
+                                required:
+                                - key
+                                type: object
+                                x-kubernetes-map-type: atomic
+                            type: object
+                        required:
+                        - name
+                        type: object
+                      type: array
+                    hostSwLocation:
+                      type: string
+                    isDelete:
+                      type: string
+                    isForceDelete:
+                      type: string
+                    isKeepPVC:
+                      type: string
+                    label:
+                      type: string
+                    lsnrLocalPort:
+                      format: int32
+                      type: integer
+                    lsnrTargetPort:
+                      format: int32
+                      type: integer
+                    name:
+                      type: string
+                    nodePortSvc:
+                      items:
+                        properties:
+                          name:
+                            type: string
+                          portMappings:
+                            items:
+                              properties:
+                                nodePort:
+                                  format: int32
+                                  type: integer
+                                port:
+                                  format: int32
+                                  type: integer
+                                protocol:
+                                  type: string
+                                targetPort:
+                                  format: int32
+                                  type: integer
+                              required:
+                              - port
+                              - protocol
+                              - targetPort
+                              type: object
+                            type: array
+                          svcType:
+                            type: string
+                        required:
+                        - name
+                        - svcType
+                        type: object
+                      type: array
+                    onsLocalPort:
+                      format: int32
+                      type: integer
+                    onsTargetPort:
+                      format: int32
+                      type: integer
+                    portMappings:
+                      items:
+                        properties:
+                          nodePort:
+                            format: int32
+                            type: integer
+                          port:
+                            format: int32
+                            type: integer
+                          protocol:
+                            type: string
+                          targetPort:
+                            format: int32
+                            type: integer
+                        required:
+                        - port
+                        - protocol
+                        - targetPort
+                        type: object
+                      type: array
+                    pvcName:
+                      additionalProperties:
+                        type: string
+                      type: object
+                    resources:
+                      properties:
+                        claims:
+                          items:
+                            properties:
+                              name:
+                                type: string
+                              request:
+                                type: string
+                            required:
+                            - name
+                            type: object
+                          type: array
+                          x-kubernetes-list-map-keys:
+                          - name
+                          x-kubernetes-list-type: map
+                        limits:
+                          additionalProperties:
+                            anyOf:
+                            - type: integer
+                            - type: string
+                            pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+                            x-kubernetes-int-or-string: true
+                          type: object
+                        requests:
+                          additionalProperties:
+                            anyOf:
+                            - type: integer
+                            - type: string
+                            pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+                            x-kubernetes-int-or-string: true
+                          type: object
+                      type: object
+                    workerNode:
+                      items:
+                        type: string
+                      type: array
+                  required:
+                  - name
+                  type: object
+                type: array
+              installNode:
+                type: string
+              isDebug:
+                type: string
+              isDeleteOraPvc:
+                type: string
+              isDeleteTopology:
+                type: string
+              nfsStorageDetails:
+                properties:
+                  path:
+                    type: string
+                  readOnly:
+                    type: boolean
+                  server:
+                    type: string
+                required:
+                - path
+                - server
+                type: object
+              oldSpec:
+                type: string
+              pdbConnectString:
+                type: string
+              readinessProbe:
+                properties:
+                  exec:
+                    properties:
+                      command:
+                        items:
+                          type: string
+                        type: array
+                        x-kubernetes-list-type: atomic
+                    type: object
+                  failureThreshold:
+                    format: int32
+                    type: integer
+                  grpc:
+                    properties:
+                      port:
+                        format: int32
+                        type: integer
+                      service:
+                        default: ""
+                        type: string
+                    required:
+                    - port
+                    type: object
+                  httpGet:
+                    properties:
+                      host:
+                        type: string
+                      httpHeaders:
+                        items:
+                          properties:
+                            name:
+                              type: string
+                            value:
+                              type: string
+                          required:
+                          - name
+                          - value
+                          type: object
+                        type: array
+                        x-kubernetes-list-type: atomic
+                      path:
+                        type: string
+                      port:
+                        anyOf:
+                        - type: integer
+                        - type: string
+                        x-kubernetes-int-or-string: true
+                      scheme:
+                        type: string
+                    required:
+                    - port
+                    type: object
+                  initialDelaySeconds:
+                    format: int32
+                    type: integer
+                  periodSeconds:
+                    format: int32
+                    type: integer
+                  successThreshold:
+                    format: int32
+                    type: integer
+                  tcpSocket:
+                    properties:
+                      host:
+                        type: string
+                      port:
+                        anyOf:
+                        - type: integer
+                        - type: string
+                        x-kubernetes-int-or-string: true
+                    required:
+                    - port
+                    type: object
+                  terminationGracePeriodSeconds:
+                    format: int64
+                    type: integer
+                  timeoutSeconds:
+                    format: int32
+                    type: integer
+                type: object
+              releaseUpdate:
+                type: string
+              resources:
+                properties:
+                  claims:
+                    items:
+                      properties:
+                        name:
+                          type: string
+                        request:
+                          type: string
+                      required:
+                      - name
+                      type: object
+                    type: array
+                    x-kubernetes-list-map-keys:
+                    - name
+                    x-kubernetes-list-type: map
+                  limits:
+                    additionalProperties:
+                      anyOf:
+                      - type: integer
+                      - type: string
+                      pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+                      x-kubernetes-int-or-string: true
+                    type: object
+                  requests:
+                    additionalProperties:
+                      anyOf:
+                      - type: integer
+                      - type: string
+                      pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+                      x-kubernetes-int-or-string: true
+                    type: object
+                type: object
+              role:
+                type: string
+              scriptsGetCmd:
+                type: string
+              scriptsLocation:
+                type: string
+              securityContext:
+                properties:
+                  appArmorProfile:
+                    properties:
+                      localhostProfile:
+                        type: string
+                      type:
+                        type: string
+                    required:
+                    - type
+                    type: object
+                  fsGroup:
+                    format: int64
+                    type: integer
+                  fsGroupChangePolicy:
+                    type: string
+                  runAsGroup:
+                    format: int64
+                    type: integer
+                  runAsNonRoot:
+                    type: boolean
+                  runAsUser:
+                    format: int64
+                    type: integer
+                  seLinuxOptions:
+                    properties:
+                      level:
+                        type: string
+                      role:
+                        type: string
+                      type:
+                        type: string
+                      user:
+                        type: string
+                    type: object
+                  seccompProfile:
+                    properties:
+                      localhostProfile:
+                        type: string
+                      type:
+                        type: string
+                    required:
+                    - type
+                    type: object
+                  supplementalGroups:
+                    items:
+                      format: int64
+                      type: integer
+                    type: array
+                    x-kubernetes-list-type: atomic
+                  supplementalGroupsPolicy:
+                    type: string
+                  sysctls:
+                    items:
+                      properties:
+                        name:
+                          type: string
+                        value:
+                          type: string
+                      required:
+                      - name
+                      - value
+                      type: object
+                    type: array
+                    x-kubernetes-list-type: atomic
+                  windowsOptions:
+                    properties:
+                      gmsaCredentialSpec:
+                        type: string
+                      gmsaCredentialSpecName:
+                        type: string
+                      hostProcess:
+                        type: boolean
+                      runAsUserName:
+                        type: string
+                    type: object
+                type: object
+              serviceDetails:
+                properties:
+                  available:
+                    items:
+                      type: string
+                    type: array
+                  cardinality:
+                    type: string
+                  clbGoal:
+                    type: string
+                  commitOutComeFastPath:
+                    type: string
+                  commitOutcome:
+                    type: string
+                  drainTimeOut:
+                    type: integer
+                  dtp:
+                    type: string
+                  edition:
+                    type: string
+                  failBack:
+                    type: string
+                  failOverDelay:
+                    type: integer
+                  failOverRestore:
+                    type: string
+                  failOverRetry:
+                    type: integer
+                  failOverType:
+                    type: string
+                  name:
+                    type: string
+                  notification:
+                    type: string
+                  pdb:
+                    type: string
+                  preferred:
+                    items:
+                      type: string
+                    type: array
+                  retenion:
+                    type: integer
+                  rlbGoal:
+                    type: string
+                  role:
+                    type: string
+                  sessionState:
+                    type: string
+                  stopOption:
+                    type: string
+                  svcState:
+                    type: string
+                  tafPolicy:
+                    type: string
+                required:
+                - name
+                type: object
+              sshKeySecret:
+                properties:
+                  keyMountLocation:
+                    type: string
+                  name:
+                    type: string
+                  privKeySecretName:
+                    type: string
+                  pubKeySecretName:
+                    type: string
+                required:
+                - name
+                type: object
+              state:
+                type: string
+              storageClass:
+                type: string
+              storageSizeInGB:
+                type: integer
+              tdeWalletSecret:
+                properties:
+                  encryptionType:
+                    type: string
+                  keyFileMountLocation:
+                    type: string
+                  keyFileName:
+                    type: string
+                  keySecretName:
+                    type: string
+                  name:
+                    type: string
+                  pwdFileMountLocation:
+                    type: string
+                  pwdFileName:
+                    type: string
+                type: object
+              useNfsforSwStorage:
+                type: string
+            type: object
+        type: object
+    served: true
+    storage: true
+    subresources:
+      status: {}
diff --git a/config/crd/bases/database.oracle.com_oraclerestarts.yaml b/config/crd/bases/database.oracle.com_oraclerestarts.yaml
new file mode 100644
index 00000000..5db2113c
--- /dev/null
+++ b/config/crd/bases/database.oracle.com_oraclerestarts.yaml
@@ -0,0 +1,1431 @@
+---
+apiVersion: apiextensions.k8s.io/v1
+kind: CustomResourceDefinition
+metadata:
+  annotations:
+    controller-gen.kubebuilder.io/version: v0.17.3
+  name: oraclerestarts.database.oracle.com
+spec:
+  group: database.oracle.com
+  names:
+    kind: OracleRestart
+    listKind: OracleRestartList
+    plural: oraclerestarts
+    singular: oraclerestart
+  scope: Namespaced
+  versions:
+  - additionalPrinterColumns:
+    - jsonPath: .status.configParams.dbName
+      name: DbName
+      type: string
+    - jsonPath: .status.dbState
+      name: DbState
+      type: string
+    - jsonPath: .status.role
+      name: Role
+      type: string
+    - jsonPath: .status.releaseUpdate
+      name: Version
+      type: string
+    - jsonPath: .status.pdbConnectString
+      name: Pdb Connect Str
+      type: string
+    - jsonPath: .status.state
+      name: State
+      type: string
+    name: v4
+    schema:
+      openAPIV3Schema:
+        properties:
+          apiVersion:
+            type: string
+          kind:
+            type: string
+          metadata:
+            type: object
+          spec:
+            properties:
+              asmStorageDetails:
+                properties:
+                  autoUpdate:
+                    type: string
+                  disksBySize:
+                    items:
+                      properties:
+                        diskNames:
+                          items:
+                            type: string
+                          type: array
+                        storageSizeInGb:
+                          type: integer
+                      type: object
+                    type: array
+                type: object
+              configParams:
+                properties:
+                  cpuCount:
+                    type: integer
+                  crsAsmDeviceList:
+                    type: string
+                  crsAsmDiskDg:
+                    type: string
+                  crsAsmDiskDgRedundancy:
+                    type: string
+                  dbAsmDeviceList:
+                    type: string
+                  dbAsmDiskDgRedundancy:
+                    type: string
+                  dbBase:
+                    type: string
+                  dbCharSet:
+                    type: string
+                  dbConfigType:
+                    type: string
+                  dbDataFileDestDg:
+                    type: string
+                  dbHome:
+                    type: string
+                  dbName:
+                    type: string
+                  dbOneOffIds:
+                    type: string
+                  dbRecoveryFileDest:
+                    type: string
+                  dbRecoveryFileDestSize:
+                    type: string
+                  dbRedoFileSize:
+                    type: string
+                  dbResponseFile:
+                    properties:
+                      configMapName:
+                        type: string
+                      name:
+                        type: string
+                    type: object
+                  dbStorageType:
+                    type: string
+                  dbSwZipFile:
+                    type: string
+                  dbType:
+                    type: string
+                  dbUniqueName:
+                    type: string
+                  enableArchiveLog:
+                    type: string
+                  gridBase:
+                    type: string
+                  gridHome:
+                    type: string
+                  gridOneOffIds:
+                    type: string
+                  gridResponseFile:
+                    properties:
+                      configMapName:
+                        type: string
+                      name:
+                        type: string
+                    type: object
+                  gridSwZipFile:
+                    type: string
+                  hostSwStageLocation:
+                    type: string
+                  inventory:
+                    type: string
+                  oPatchLocation:
+                    type: string
+                  oPatchSwZipFile:
+                    type: string
+                  oneOffLocation:
+                    type: string
+                  opType:
+                    type: string
+                  pdbName:
+                    type: string
+                  pgaSize:
+                    type: string
+                  processes:
+                    type: integer
+                  recoAsmDeviceList:
+                    type: string
+                  recoAsmDiskDgRedundancy:
+                    type: string
+                  redoAsmDeviceList:
+                    type: string
+                  redoAsmDiskDg:
+                    type: string
+                  redoAsmDiskDgRedundancy:
+                    type: string
+                  ruFolderName:
+                    type: string
+                  ruPatchLocation:
+                    type: string
+                  sgaSize:
+                    type: string
+                  stagingSoftwareLocation:
+                    type: string
+                  swMountLocation:
+                    type: string
+                  swStagePvc:
+                    type: string
+                  swStagePvcMountLocation:
+                    type: string
+                type: object
+              crsDgStorageClass:
+                type: string
+              dataDgStorageClass:
+                type: string
+              dbSecret:
+                properties:
+                  encryptionType:
+                    type: string
+                  keyFileMountLocation:
+                    type: string
+                  keyFileName:
+                    type: string
+                  keySecretName:
+                    type: string
+                  name:
+                    type: string
+                  pwdFileMountLocation:
+                    type: string
+                  pwdFileName:
+                    type: string
+                type: object
+              enableOns:
+                default: enable
+                enum:
+                - enable
+                - disable
+                type: string
+              image:
+                type: string
+              imagePullPolicy:
+                enum:
+                - Always
+                - IfNotPresent
+                - Never
+                type: string
+              imagePullSecret:
+                type: string
+              instDetails:
+                properties:
+                  envFile:
+                    type: string
+                  envVars:
+                    items:
+                      properties:
+                        name:
+                          type: string
+                        value:
+                          type: string
+                        valueFrom:
+                          properties:
+                            configMapKeyRef:
+                              properties:
+                                key:
+                                  type: string
+                                name:
+                                  default: ""
+                                  type: string
+                                optional:
+                                  type: boolean
+                              required:
+                              - key
+                              type: object
+                              x-kubernetes-map-type: atomic
+                            fieldRef:
+                              properties:
+                                apiVersion:
+                                  type: string
+                                fieldPath:
+                                  type: string
+                              required:
+                              - fieldPath
+                              type: object
+                              x-kubernetes-map-type: atomic
+                            fileKeyRef:
+                              properties:
+                                key:
+                                  type: string
+                                optional:
+                                  default: false
+                                  type: boolean
+                                path:
+                                  type: string
+                                volumeName:
+                                  type: string
+                              required:
+                              - key
+                              - path
+                              - volumeName
+                              type: object
+                              x-kubernetes-map-type: atomic
+                            resourceFieldRef:
+                              properties:
+                                containerName:
+                                  type: string
+                                divisor:
+                                  anyOf:
+                                  - type: integer
+                                  - type: string
+                                  pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+                                  x-kubernetes-int-or-string: true
+                                resource:
+                                  type: string
+                              required:
+                              - resource
+                              type: object
+                              x-kubernetes-map-type: atomic
+                            secretKeyRef:
+                              properties:
+                                key:
+                                  type: string
+                                name:
+                                  default: ""
+                                  type: string
+                                optional:
+                                  type: boolean
+                              required:
+                              - key
+                              type: object
+                              x-kubernetes-map-type: atomic
+                          type: object
+                      required:
+                      - name
+                      type: object
+                    type: array
+                  hostSwLocation:
+                    type: string
+                  isDelete:
+                    type: string
+                  isForceDelete:
+                    type: string
+                  isKeepPVC:
+                    type: string
+                  label:
+                    type: string
+                  name:
+                    type: string
+                  pvcName:
+                    additionalProperties:
+                      type: string
+                    type: object
+                  swLocStorageSizeInGb:
+                    type: integer
+                  workerNode:
+                    items:
+                      type: string
+                    type: array
+                type: object
+              isDebug:
+                type: string
+              isDeleteTopology:
+                type: string
+              isFailed:
+                type: boolean
+              isManual:
+                type: boolean
+              lbService:
+                properties:
+                  name:
+                    type: string
+                  onsLocalPort:
+                    format: int32
+                    type: integer
+                  onsTargetPort:
+                    format: int32
+                    type: integer
+                  portMappings:
+                    items:
+                      properties:
+                        nodePort:
+                          format: int32
+                          type: integer
+                        port:
+                          format: int32
+                          type: integer
+                        protocol:
+                          default: TCP
+                          enum:
+                          - TCP
+                          - UDP
+                          - SCTP
+                          type: string
+                        targetPort:
+                          format: int32
+                          type: integer
+                      type: object
+                    type: array
+                  svcAnnotation:
+                    additionalProperties:
+                      type: string
+                    type: object
+                  svcLBIP:
+                    type: string
+                  svcType:
+                    type: string
+                type: object
+              nodePortSvc:
+                properties:
+                  name:
+                    type: string
+                  onsLocalPort:
+                    format: int32
+                    type: integer
+                  onsTargetPort:
+                    format: int32
+                    type: integer
+                  portMappings:
+                    items:
+                      properties:
+                        nodePort:
+                          format: int32
+                          type: integer
+                        port:
+                          format: int32
+                          type: integer
+                        protocol:
+                          default: TCP
+                          enum:
+                          - TCP
+                          - UDP
+                          - SCTP
+                          type: string
+                        targetPort:
+                          format: int32
+                          type: integer
+                      type: object
+                    type: array
+                  svcAnnotation:
+                    additionalProperties:
+                      type: string
+                    type: object
+                  svcLBIP:
+                    type: string
+                  svcType:
+                    type: string
+                type: object
+              readinessProbe:
+                properties:
+                  exec:
+                    properties:
+                      command:
+                        items:
+                          type: string
+                        type: array
+                        x-kubernetes-list-type: atomic
+                    type: object
+                  failureThreshold:
+                    format: int32
+                    type: integer
+                  grpc:
+                    properties:
+                      port:
+                        format: int32
+                        type: integer
+                      service:
+                        default: ""
+                        type: string
+                    required:
+                    - port
+                    type: object
+                  httpGet:
+                    properties:
+                      host:
+                        type: string
+                      httpHeaders:
+                        items:
+                          properties:
+                            name:
+                              type: string
+                            value:
+                              type: string
+                          required:
+                          - name
+                          - value
+                          type: object
+                        type: array
+                        x-kubernetes-list-type: atomic
+                      path:
+                        type: string
+                      port:
+                        anyOf:
+                        - type: integer
+                        - type: string
+                        x-kubernetes-int-or-string: true
+                      scheme:
+                        type: string
+                    required:
+                    - port
+                    type: object
+                  initialDelaySeconds:
+                    format: int32
+                    type: integer
+                  periodSeconds:
+                    format: int32
+                    type: integer
+                  successThreshold:
+                    format: int32
+                    type: integer
+                  tcpSocket:
+                    properties:
+                      host:
+                        type: string
+                      port:
+                        anyOf:
+                        - type: integer
+                        - type: string
+                        x-kubernetes-int-or-string: true
+                    required:
+                    - port
+                    type: object
+                  terminationGracePeriodSeconds:
+                    format: int64
+                    type: integer
+                  timeoutSeconds:
+                    format: int32
+                    type: integer
+                type: object
+              recoDgStorageClass:
+                type: string
+              redoDgStorageClass:
+                type: string
+              resources:
+                properties:
+                  claims:
+                    items:
+                      properties:
+                        name:
+                          type: string
+                        request:
+                          type: string
+                      required:
+                      - name
+                      type: object
+                    type: array
+                    x-kubernetes-list-map-keys:
+                    - name
+                    x-kubernetes-list-type: map
+                  limits:
+                    additionalProperties:
+                      anyOf:
+                      - type: integer
+                      - type: string
+                      pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+                      x-kubernetes-int-or-string: true
+                    type: object
+                  requests:
+                    additionalProperties:
+                      anyOf:
+                      - type: integer
+                      - type: string
+                      pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+                      x-kubernetes-int-or-string: true
+                    type: object
+                type: object
+              scriptsGetCmd:
+                type: string
+              scriptsLocation:
+                type: string
+              securityContext:
+                properties:
+                  appArmorProfile:
+                    properties:
+                      localhostProfile:
+                        type: string
+                      type:
+                        type: string
+                    required:
+                    - type
+                    type: object
+                  fsGroup:
+                    format: int64
+                    type: integer
+                  fsGroupChangePolicy:
+                    type: string
+                  runAsGroup:
+                    format: int64
+                    type: integer
+                  runAsNonRoot:
+                    type: boolean
+                  runAsUser:
+                    format: int64
+                    type: integer
+                  seLinuxChangePolicy:
+                    type: string
+                  seLinuxOptions:
+                    properties:
+                      level:
+                        type: string
+                      role:
+                        type: string
+                      type:
+                        type: string
+                      user:
+                        type: string
+                    type: object
+                  seccompProfile:
+                    properties:
+                      localhostProfile:
+                        type: string
+                      type:
+                        type: string
+                    required:
+                    - type
+                    type: object
+                  supplementalGroups:
+                    items:
+                      format: int64
+                      type: integer
+                    type: array
+                    x-kubernetes-list-type: atomic
+                  supplementalGroupsPolicy:
+                    type: string
+                  sysctls:
+                    items:
+                      properties:
+                        name:
+                          type: string
+                        value:
+                          type: string
+                      required:
+                      - name
+                      - value
+                      type: object
+                    type: array
+                    x-kubernetes-list-type: atomic
+                  windowsOptions:
+                    properties:
+                      gmsaCredentialSpec:
+                        type: string
+                      gmsaCredentialSpecName:
+                        type: string
+                      hostProcess:
+                        type: boolean
+                      runAsUserName:
+                        type: string
+                    type: object
+                type: object
+              serviceAccountName:
+                type: string
+              serviceDetails:
+                properties:
+                  available:
+                    items:
+                      type: string
+                    type: array
+                  cardinality:
+                    type: string
+                  clbGoal:
+                    type: string
+                  commitOutComeFastPath:
+                    type: string
+                  commitOutcome:
+                    type: string
+                  drainTimeOut:
+                    type: integer
+                  dtp:
+                    type: string
+                  edition:
+                    type: string
+                  failBack:
+                    type: string
+                  failOverDelay:
+                    type: integer
+                  failOverRestore:
+                    type: string
+                  failOverRetry:
+                    type: integer
+                  failOverType:
+                    type: string
+                  name:
+                    type: string
+                  notification:
+                    type: string
+                  pdb:
+                    type: string
+                  preferred:
+                    items:
+                      type: string
+                    type: array
+                  retenion:
+                    type: integer
+                  rlbGoal:
+                    type: string
+                  role:
+                    type: string
+                  sessionState:
+                    type: string
+                  stopOption:
+                    type: string
+                  svcState:
+                    type: string
+                  tafPolicy:
+                    type: string
+                required:
+                - name
+                type: object
+              sshKeySecret:
+                properties:
+                  keyMountLocation:
+                    type: string
+                  name:
+                    type: string
+                  privKeySecretName:
+                    type: string
+                  pubKeySecretName:
+                    type: string
+                required:
+                - name
+                type: object
+              swDgStorageClass:
+                type: string
+              tdeWalletSecret:
+                properties:
+                  encryptionType:
+                    type: string
+                  keyFileMountLocation:
+                    type: string
+                  keyFileName:
+                    type: string
+                  keySecretName:
+                    type: string
+                  name:
+                    type: string
+                  pwdFileMountLocation:
+                    type: string
+                  pwdFileName:
+                    type: string
+                type: object
+            required:
+            - instDetails
+            - securityContext
+            type: object
+          status:
+            properties:
+              DbName:
+                type: string
+              OracleRestartNodes:
+                items:
+                  properties:
+                    name:
+                      type: string
+                    nodeDetails:
+                      properties:
+                        InstanceState:
+                          type: string
+                        PodState:
+                          type: string
+                        clusterState:
+                          type: string
+                        isDelete:
+                          type: string
+                        mountedDevices:
+                          items:
+                            type: string
+                          type: array
+                        nodePortSvc:
+                          items:
+                            properties:
+                              name:
+                                type: string
+                              onsLocalPort:
+                                format: int32
+                                type: integer
+                              onsTargetPort:
+                                format: int32
+                                type: integer
+                              portMappings:
+                                items:
+                                  properties:
+                                    nodePort:
+                                      format: int32
+                                      type: integer
+                                    port:
+                                      format: int32
+                                      type: integer
+                                    protocol:
+                                      default: TCP
+                                      enum:
+                                      - TCP
+                                      - UDP
+                                      - SCTP
+                                      type: string
+                                    targetPort:
+                                      format: int32
+                                      type: integer
+                                  type: object
+                                type: array
+                              svcAnnotation:
+                                additionalProperties:
+                                  type: string
+                                type: object
+                              svcLBIP:
+                                type: string
+                              svcType:
+                                type: string
+                            type: object
+                          type: array
+                        portMappings:
+                          items:
+                            properties:
+                              nodePort:
+                                format: int32
+                                type: integer
+                              port:
+                                format: int32
+                                type: integer
+                              protocol:
+                                default: TCP
+                                enum:
+                                - TCP
+                                - UDP
+                                - SCTP
+                                type: string
+                              targetPort:
+                                format: int32
+                                type: integer
+                            type: object
+                          type: array
+                        pvcName:
+                          additionalProperties:
+                            type: string
+                          type: object
+                        state:
+                          type: string
+                        workerNode:
+                          type: string
+                      type: object
+                  type: object
+                type: array
+              asmDetails:
+                properties:
+                  diskgroup:
+                    items:
+                      properties:
+                        disks:
+                          items:
+                            type: string
+                          type: array
+                        name:
+                          type: string
+                        redundancy:
+                          type: string
+                      type: object
+                    type: array
+                type: object
+              conditions:
+                items:
+                  properties:
+                    lastTransitionTime:
+                      format: date-time
+                      type: string
+                    message:
+                      maxLength: 32768
+                      type: string
+                    observedGeneration:
+                      format: int64
+                      minimum: 0
+                      type: integer
+                    reason:
+                      maxLength: 1024
+                      minLength: 1
+                      pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$
+                      type: string
+                    status:
+                      enum:
+                      - "True"
+                      - "False"
+                      - Unknown
+                      type: string
+                    type:
+                      maxLength: 316
+                      pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$
+                      type: string
+                  required:
+                  - lastTransitionTime
+                  - message
+                  - reason
+                  - status
+                  - type
+                  type: object
+                type: array
+                x-kubernetes-list-map-keys:
+                - type
+                x-kubernetes-list-type: map
+              configParams:
+                properties:
+                  cpuCount:
+                    type: integer
+                  crsAsmDeviceList:
+                    type: string
+                  crsAsmDiskDg:
+                    type: string
+                  crsAsmDiskDgRedundancy:
+                    type: string
+                  dbAsmDeviceList:
+                    type: string
+                  dbAsmDiskDgRedundancy:
+                    type: string
+                  dbBase:
+                    type: string
+                  dbCharSet:
+                    type: string
+                  dbConfigType:
+                    type: string
+                  dbDataFileDestDg:
+                    type: string
+                  dbHome:
+                    type: string
+                  dbName:
+                    type: string
+                  dbOneOffIds:
+                    type: string
+                  dbRecoveryFileDest:
+                    type: string
+                  dbRecoveryFileDestSize:
+                    type: string
+                  dbRedoFileSize:
+                    type: string
+                  dbResponseFile:
+                    properties:
+                      configMapName:
+                        type: string
+                      name:
+                        type: string
+                    type: object
+                  dbStorageType:
+                    type: string
+                  dbSwZipFile:
+                    type: string
+                  dbType:
+                    type: string
+                  dbUniqueName:
+                    type: string
+                  enableArchiveLog:
+                    type: string
+                  gridBase:
+                    type: string
+                  gridHome:
+                    type: string
+                  gridOneOffIds:
+                    type: string
+                  gridResponseFile:
+                    properties:
+                      configMapName:
+                        type: string
+                      name:
+                        type: string
+                    type: object
+                  gridSwZipFile:
+                    type: string
+                  hostSwStageLocation:
+                    type: string
+                  inventory:
+                    type: string
+                  oPatchLocation:
+                    type: string
+                  oPatchSwZipFile:
+                    type: string
+                  oneOffLocation:
+                    type: string
+                  opType:
+                    type: string
+                  pdbName:
+                    type: string
+                  pgaSize:
+                    type: string
+                  processes:
+                    type: integer
+                  recoAsmDeviceList:
+                    type: string
+                  recoAsmDiskDgRedundancy:
+                    type: string
+                  redoAsmDeviceList:
+                    type: string
+                  redoAsmDiskDg:
+                    type: string
+                  redoAsmDiskDgRedundancy:
+                    type: string
+                  ruFolderName:
+                    type: string
+                  ruPatchLocation:
+                    type: string
+                  sgaSize:
+                    type: string
+                  stagingSoftwareLocation:
+                    type: string
+                  swMountLocation:
+                    type: string
+                  swStagePvc:
+                    type: string
+                  swStagePvcMountLocation:
+                    type: string
+                type: object
+              connectString:
+                type: string
+              dbSecret:
+                properties:
+                  encryptionType:
+                    type: string
+                  keyFileMountLocation:
+                    type: string
+                  keyFileName:
+                    type: string
+                  keySecretName:
+                    type: string
+                  name:
+                    type: string
+                  pwdFileMountLocation:
+                    type: string
+                  pwdFileName:
+                    type: string
+                type: object
+              dbState:
+                type: string
+              externalConnectString:
+                type: string
+              externalSvcType:
+                type: string
+              image:
+                type: string
+              imagePullPolicy:
+                type: string
+              imagePullSecret:
+                type: string
+              instDetails:
+                properties:
+                  envFile:
+                    type: string
+                  envVars:
+                    items:
+                      properties:
+                        name:
+                          type: string
+                        value:
+                          type: string
+                        valueFrom:
+                          properties:
+                            configMapKeyRef:
+                              properties:
+                                key:
+                                  type: string
+                                name:
+                                  default: ""
+                                  type: string
+                                optional:
+                                  type: boolean
+                              required:
+                              - key
+                              type: object
+                              x-kubernetes-map-type: atomic
+                            fieldRef:
+                              properties:
+                                apiVersion:
+                                  type: string
+                                fieldPath:
+                                  type: string
+                              required:
+                              - fieldPath
+                              type: object
+                              x-kubernetes-map-type: atomic
+                            fileKeyRef:
+                              properties:
+                                key:
+                                  type: string
+                                optional:
+                                  default: false
+                                  type: boolean
+                                path:
+                                  type: string
+                                volumeName:
+                                  type: string
+                              required:
+                              - key
+                              - path
+                              - volumeName
+                              type: object
+                              x-kubernetes-map-type: atomic
+                            resourceFieldRef:
+                              properties:
+                                containerName:
+                                  type: string
+                                divisor:
+                                  anyOf:
+                                  - type: integer
+                                  - type: string
+                                  pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+                                  x-kubernetes-int-or-string: true
+                                resource:
+                                  type: string
+                              required:
+                              - resource
+                              type: object
+                              x-kubernetes-map-type: atomic
+                            secretKeyRef:
+                              properties:
+                                key:
+                                  type: string
+                                name:
+                                  default: ""
+                                  type: string
+                                optional:
+                                  type: boolean
+                              required:
+                              - key
+                              type: object
+                              x-kubernetes-map-type: atomic
+                          type: object
+                      required:
+                      - name
+                      type: object
+                    type: array
+                  hostSwLocation:
+                    type: string
+                  isDelete:
+                    type: string
+                  isForceDelete:
+                    type: string
+                  isKeepPVC:
+                    type: string
+                  label:
+                    type: string
+                  name:
+                    type: string
+                  pvcName:
+                    additionalProperties:
+                      type: string
+                    type: object
+                  swLocStorageSizeInGb:
+                    type: integer
+                  workerNode:
+                    items:
+                      type: string
+                    type: array
+                type: object
+              installNode:
+                type: string
+              isDebug:
+                type: string
+              isDeleteOraPvc:
+                type: string
+              isDeleteTopology:
+                type: string
+              nfsStorageDetails:
+                properties:
+                  path:
+                    type: string
+                  readOnly:
+                    type: boolean
+                  server:
+                    type: string
+                required:
+                - path
+                - server
+                type: object
+              oldSpec:
+                type: string
+              pdbConnectString:
+                type: string
+              readinessProbe:
+                properties:
+                  exec:
+                    properties:
+                      command:
+                        items:
+                          type: string
+                        type: array
+                        x-kubernetes-list-type: atomic
+                    type: object
+                  failureThreshold:
+                    format: int32
+                    type: integer
+                  grpc:
+                    properties:
+                      port:
+                        format: int32
+                        type: integer
+                      service:
+                        default: ""
+                        type: string
+                    required:
+                    - port
+                    type: object
+                  httpGet:
+                    properties:
+                      host:
+                        type: string
+                      httpHeaders:
+                        items:
+                          properties:
+                            name:
+                              type: string
+                            value:
+                              type: string
+                          required:
+                          - name
+                          - value
+                          type: object
+                        type: array
+                        x-kubernetes-list-type: atomic
+                      path:
+                        type: string
+                      port:
+                        anyOf:
+                        - type: integer
+                        - type: string
+                        x-kubernetes-int-or-string: true
+                      scheme:
+                        type: string
+                    required:
+                    - port
+                    type: object
+                  initialDelaySeconds:
+                    format: int32
+                    type: integer
+                  periodSeconds:
+                    format: int32
+                    type: integer
+                  successThreshold:
+                    format: int32
+                    type: integer
+                  tcpSocket:
+                    properties:
+                      host:
+                        type: string
+                      port:
+                        anyOf:
+                        - type: integer
+                        - type: string
+                        x-kubernetes-int-or-string: true
+                    required:
+                    - port
+                    type: object
+                  terminationGracePeriodSeconds:
+                    format: int64
+                    type: integer
+                  timeoutSeconds:
+                    format: int32
+                    type: integer
+                type: object
+              releaseUpdate:
+                type: string
+              resources:
+                properties:
+                  claims:
+                    items:
+                      properties:
+                        name:
+                          type: string
+                        request:
+                          type: string
+                      required:
+                      - name
+                      type: object
+                    type: array
+                    x-kubernetes-list-map-keys:
+                    - name
+                    x-kubernetes-list-type: map
+                  limits:
+                    additionalProperties:
+                      anyOf:
+                      - type: integer
+                      - type: string
+                      pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+                      x-kubernetes-int-or-string: true
+                    type: object
+                  requests:
+                    additionalProperties:
+                      anyOf:
+                      - type: integer
+                      - type: string
+                      pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+                      x-kubernetes-int-or-string: true
+                    type: object
+                type: object
+              role:
+                type: string
+              scriptsGetCmd:
+                type: string
+              scriptsLocation:
+                type: string
+              securityContext:
+                properties:
+                  appArmorProfile:
+                    properties:
+                      localhostProfile:
+                        type: string
+                      type:
+                        type: string
+                    required:
+                    - type
+                    type: object
+                  fsGroup:
+                    format: int64
+                    type: integer
+                  fsGroupChangePolicy:
+                    type: string
+                  runAsGroup:
+                    format: int64
+                    type: integer
+                  runAsNonRoot:
+                    type: boolean
+                  runAsUser:
+                    format: int64
+                    type: integer
+                  seLinuxChangePolicy:
+                    type: string
+                  seLinuxOptions:
+                    properties:
+                      level:
+                        type: string
+                      role:
+                        type: string
+                      type:
+                        type: string
+                      user:
+                        type: string
+                    type: object
+                  seccompProfile:
+                    properties:
+                      localhostProfile:
+                        type: string
+                      type:
+                        type: string
+                    required:
+                    - type
+                    type: object
+                  supplementalGroups:
+                    items:
+                      format: int64
+                      type: integer
+                    type: array
+                    x-kubernetes-list-type: atomic
+                  supplementalGroupsPolicy:
+                    type: string
+                  sysctls:
+                    items:
+                      properties:
+                        name:
+                          type: string
+                        value:
+                          type: string
+                      required:
+                      - name
+                      - value
+                      type: object
+                    type: array
+                    x-kubernetes-list-type: atomic
+                  windowsOptions:
+                    properties:
+                      gmsaCredentialSpec:
+                        type: string
+                      gmsaCredentialSpecName:
+                        type: string
+                      hostProcess:
+                        type: boolean
+                      runAsUserName:
+                        type: string
+                    type: object
+                type: object
+              serviceDetails:
+                properties:
+                  available:
+                    items:
+                      type: string
+                    type: array
+                  cardinality:
+                    type: string
+                  clbGoal:
+                    type: string
+                  commitOutComeFastPath:
+                    type: string
+                  commitOutcome:
+                    type: string
+                  drainTimeOut:
+                    type: integer
+                  dtp:
+                    type: string
+                  edition:
+                    type: string
+                  failBack:
+                    type: string
+                  failOverDelay:
+                    type: integer
+                  failOverRestore:
+                    type: string
+                  failOverRetry:
+                    type: integer
+                  failOverType:
+                    type: string
+                  name:
+                    type: string
+                  notification:
+                    type: string
+                  pdb:
+                    type: string
+                  preferred:
+                    items:
+                      type: string
+                    type: array
+                  retenion:
+                    type: integer
+                  rlbGoal:
+                    type: string
+                  role:
+                    type: string
+                  sessionState:
+                    type: string
+                  stopOption:
+                    type: string
+                  svcState:
+                    type: string
+                  tafPolicy:
+                    type: string
+                required:
+                - name
+                type: object
+              sshKeySecret:
+                properties:
+                  keyMountLocation:
+                    type: string
+                  name:
+                    type: string
+                  privKeySecretName:
+                    type: string
+                  pubKeySecretName:
+                    type: string
+                required:
+                - name
+                type: object
+              state:
+                type: string
+              storageClass:
+                type: string
+              storageSizeInGB:
+                type: integer
+              tdeWalletSecret:
+                properties:
+                  encryptionType:
+                    type: string
+                  keyFileMountLocation:
+                    type: string
+                  keyFileName:
+                    type: string
+                  keySecretName:
+                    type: string
+                  name:
+                    type: string
+                  pwdFileMountLocation:
+                    type: string
+                  pwdFileName:
+                    type: string
+                type: object
+              useNfsforSwStorage:
+                type: string
+            type: object
+        type: object
+    served: true
+    storage: true
+    subresources:
+      status: {}
diff --git a/config/crd/bases/database.oracle.com_oraclerestartservices.yaml b/config/crd/bases/database.oracle.com_oraclerestartservices.yaml
new file mode 100644
index 00000000..3f798336
--- /dev/null
+++ b/config/crd/bases/database.oracle.com_oraclerestartservices.yaml
@@ -0,0 +1,1468 @@
+---
+apiVersion: apiextensions.k8s.io/v1
+kind: CustomResourceDefinition
+metadata:
+  annotations:
+    controller-gen.kubebuilder.io/version: v0.16.5
+  name: oraclerestartservices.database.oracle.com
+spec:
+  group: database.oracle.com
+  names:
+    kind: OracleRestartService
+    listKind: OracleRestartServiceList
+    plural: oraclerestartservices
+    singular: oraclerestartservice
+  scope: Namespaced
+  versions:
+  - additionalPrinterColumns:
+    - jsonPath: .status.configParams.dbName
+      name: DbName
+      type: string
+    - jsonPath: .status.dbState
+      name: DbState
+      type: string
+    - jsonPath: .status.role
+      name: Role
+      type: string
+    - jsonPath: .status.releaseUpdate
+      name: Version
+      type: string
+    - jsonPath: .status.pdbConnectString
+      name: Pdb Connect Str
+      type: string
+    - jsonPath: .status.state
+      name: State
+      type: string
+    name: v4
+    schema:
+      openAPIV3Schema:
+        properties:
+          apiVersion:
+            type: string
+          kind:
+            type: string
+          metadata:
+            type: object
+          spec:
+            properties:
+              asmStorageDetails:
+                properties:
+                  autoUpdate:
+                    type: string
+                  disksBySize:
+                    items:
+                      properties:
+                        diskNames:
+                          items:
+                            type: string
+                          type: array
+                        storageSizeInGb:
+                          type: integer
+                      type: object
+                    type: array
+                  workerNodes:
+                    items:
+                      type: string
+                    type: array
+                type: object
+              configParams:
+                properties:
+                  cpuCount:
+                    type: integer
+                  crsAsmDeviceList:
+                    type: string
+                  crsAsmDiskDg:
+                    type: string
+                  crsAsmDiskDgRedundancy:
+                    type: string
+                  dbAsmDeviceList:
+                    type: string
+                  dbAsmDiskDgRedundancy:
+                    type: string
+                  dbBase:
+                    type: string
+                  dbCharSet:
+                    type: string
+                  dbConfigType:
+                    type: string
+                  dbDataFileDestDg:
+                    type: string
+                  dbHome:
+                    type: string
+                  dbName:
+                    type: string
+                  dbRecoveryFileDest:
+                    type: string
+                  dbRecoveryFileDestSize:
+                    type: string
+                  dbRedoFileSize:
+                    type: string
+                  dbResponseFile:
+                    properties:
+                      configMapName:
+                        type: string
+                      name:
+                        type: string
+                    type: object
+                  dbStorageType:
+                    type: string
+                  dbSwZipFile:
+                    type: string
+                  dbType:
+                    type: string
+                  dbUniqueName:
+                    type: string
+                  enableArchiveLog:
+                    type: string
+                  gridBase:
+                    type: string
+                  gridHome:
+                    type: string
+                  gridResponseFile:
+                    properties:
+                      configMapName:
+                        type: string
+                      name:
+                        type: string
+                    type: object
+                  gridSwZipFile:
+                    type: string
+                  hostSwStageLocation:
+                    type: string
+                  inventory:
+                    type: string
+                  opType:
+                    type: string
+                  pdbName:
+                    type: string
+                  pgaSize:
+                    type: string
+                  processes:
+                    type: integer
+                  recoAsmDeviceList:
+                    type: string
+                  recoAsmDiskDgRedudancy:
+                    type: string
+                  redoAsmDeviceList:
+                    type: string
+                  redoAsmDiskDgRedundancy:
+                    type: string
+                  sgaSize:
+                    type: string
+                  stagingSoftwareLocation:
+                    type: string
+                  swMountLocation:
+                    type: string
+                type: object
+              dbSecret:
+                properties:
+                  encryptionType:
+                    type: string
+                  keyFileMountLocation:
+                    type: string
+                  keyFileName:
+                    type: string
+                  keySecretName:
+                    type: string
+                  name:
+                    type: string
+                  pwdFileMountLocation:
+                    type: string
+                  pwdFileName:
+                    type: string
+                type: object
+              externalSvcType:
+                type: string
+              image:
+                type: string
+              imagePullPolicy:
+                type: string
+              imagePullSecret:
+                type: string
+              instDetails:
+                items:
+                  properties:
+                    envFile:
+                      type: string
+                    envVars:
+                      items:
+                        properties:
+                          name:
+                            type: string
+                          value:
+                            type: string
+                          valueFrom:
+                            properties:
+                              configMapKeyRef:
+                                properties:
+                                  key:
+                                    type: string
+                                  name:
+                                    default: ""
+                                    type: string
+                                  optional:
+                                    type: boolean
+                                required:
+                                - key
+                                type: object
+                                x-kubernetes-map-type: atomic
+                              fieldRef:
+                                properties:
+                                  apiVersion:
+                                    type: string
+                                  fieldPath:
+                                    type: string
+                                required:
+                                - fieldPath
+                                type: object
+                                x-kubernetes-map-type: atomic
+                              resourceFieldRef:
+                                properties:
+                                  containerName:
+                                    type: string
+                                  divisor:
+                                    anyOf:
+                                    - type: integer
+                                    - type: string
+                                    pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+                                    x-kubernetes-int-or-string: true
+                                  resource:
+                                    type: string
+                                required:
+                                - resource
+                                type: object
+                                x-kubernetes-map-type: atomic
+                              secretKeyRef:
+                                properties:
+                                  key:
+                                    type: string
+                                  name:
+                                    default: ""
+                                    type: string
+                                  optional:
+                                    type: boolean
+                                required:
+                                - key
+                                type: object
+                                x-kubernetes-map-type: atomic
+                            type: object
+                        required:
+                        - name
+                        type: object
+                      type: array
+                    hostSwLocation:
+                      type: string
+                    isDelete:
+                      type: string
+                    isForceDelete:
+                      type: string
+                    isKeepPVC:
+                      type: string
+                    label:
+                      type: string
+                    lsnrLocalPort:
+                      format: int32
+                      type: integer
+                    lsnrTargetPort:
+                      format: int32
+                      type: integer
+                    name:
+                      type: string
+                    nodePortSvc:
+                      items:
+                        properties:
+                          name:
+                            type: string
+                          portMappings:
+                            items:
+                              properties:
+                                nodePort:
+                                  format: int32
+                                  type: integer
+                                port:
+                                  format: int32
+                                  type: integer
+                                protocol:
+                                  type: string
+                                targetPort:
+                                  format: int32
+                                  type: integer
+                              required:
+                              - port
+                              - protocol
+                              - targetPort
+                              type: object
+                            type: array
+                          svcType:
+                            type: string
+                        required:
+                        - name
+                        - svcType
+                        type: object
+                      type: array
+                    onsLocalPort:
+                      format: int32
+                      type: integer
+                    onsTargetPort:
+                      format: int32
+                      type: integer
+                    portMappings:
+                      items:
+                        properties:
+                          nodePort:
+                            format: int32
+                            type: integer
+                          port:
+                            format: int32
+                            type: integer
+                          protocol:
+                            type: string
+                          targetPort:
+                            format: int32
+                            type: integer
+                        required:
+                        - port
+                        - protocol
+                        - targetPort
+                        type: object
+                      type: array
+                    pvcName:
+                      additionalProperties:
+                        type: string
+                      type: object
+                    resources:
+                      properties:
+                        claims:
+                          items:
+                            properties:
+                              name:
+                                type: string
+                              request:
+                                type: string
+                            required:
+                            - name
+                            type: object
+                          type: array
+                          x-kubernetes-list-map-keys:
+                          - name
+                          x-kubernetes-list-type: map
+                        limits:
+                          additionalProperties:
+                            anyOf:
+                            - type: integer
+                            - type: string
+                            pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+                            x-kubernetes-int-or-string: true
+                          type: object
+                        requests:
+                          additionalProperties:
+                            anyOf:
+                            - type: integer
+                            - type: string
+                            pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+                            x-kubernetes-int-or-string: true
+                          type: object
+                      type: object
+                    workerNode:
+                      items:
+                        type: string
+                      type: array
+                  required:
+                  - name
+                  type: object
+                type: array
+              isDebug:
+                type: string
+              isDeleteOraPvc:
+                type: string
+              isDeleteTopology:
+                type: string
+              isFailed:
+                type: boolean
+              isManual:
+                type: boolean
+              nfsStorageDetails:
+                properties:
+                  path:
+                    type: string
+                  readOnly:
+                    type: boolean
+                  server:
+                    type: string
+                required:
+                - path
+                - server
+                type: object
+              readinessProbe:
+                properties:
+                  exec:
+                    properties:
+                      command:
+                        items:
+                          type: string
+                        type: array
+                        x-kubernetes-list-type: atomic
+                    type: object
+                  failureThreshold:
+                    format: int32
+                    type: integer
+                  grpc:
+                    properties:
+                      port:
+                        format: int32
+                        type: integer
+                      service:
+                        default: ""
+                        type: string
+                    required:
+                    - port
+                    type: object
+                  httpGet:
+                    properties:
+                      host:
+                        type: string
+                      httpHeaders:
+                        items:
+                          properties:
+                            name:
+                              type: string
+                            value:
+                              type: string
+                          required:
+                          - name
+                          - value
+                          type: object
+                        type: array
+                        x-kubernetes-list-type: atomic
+                      path:
+                        type: string
+                      port:
+                        anyOf:
+                        - type: integer
+                        - type: string
+                        x-kubernetes-int-or-string: true
+                      scheme:
+                        type: string
+                    required:
+                    - port
+                    type: object
+                  initialDelaySeconds:
+                    format: int32
+                    type: integer
+                  periodSeconds:
+                    format: int32
+                    type: integer
+                  successThreshold:
+                    format: int32
+                    type: integer
+                  tcpSocket:
+                    properties:
+                      host:
+                        type: string
+                      port:
+                        anyOf:
+                        - type: integer
+                        - type: string
+                        x-kubernetes-int-or-string: true
+                    required:
+                    - port
+                    type: object
+                  terminationGracePeriodSeconds:
+                    format: int64
+                    type: integer
+                  timeoutSeconds:
+                    format: int32
+                    type: integer
+                type: object
+              resources:
+                properties:
+                  claims:
+                    items:
+                      properties:
+                        name:
+                          type: string
+                        request:
+                          type: string
+                      required:
+                      - name
+                      type: object
+                    type: array
+                    x-kubernetes-list-map-keys:
+                    - name
+                    x-kubernetes-list-type: map
+                  limits:
+                    additionalProperties:
+                      anyOf:
+                      - type: integer
+                      - type: string
+                      pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+                      x-kubernetes-int-or-string: true
+                    type: object
+                  requests:
+                    additionalProperties:
+                      anyOf:
+                      - type: integer
+                      - type: string
+                      pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+                      x-kubernetes-int-or-string: true
+                    type: object
+                type: object
+              scriptsGetCmd:
+                type: string
+              scriptsLocation:
+                type: string
+              securityContext:
+                properties:
+                  appArmorProfile:
+                    properties:
+                      localhostProfile:
+                        type: string
+                      type:
+                        type: string
+                    required:
+                    - type
+                    type: object
+                  fsGroup:
+                    format: int64
+                    type: integer
+                  fsGroupChangePolicy:
+                    type: string
+                  runAsGroup:
+                    format: int64
+                    type: integer
+                  runAsNonRoot:
+                    type: boolean
+                  runAsUser:
+                    format: int64
+                    type: integer
+                  seLinuxOptions:
+                    properties:
+                      level:
+                        type: string
+                      role:
+                        type: string
+                      type:
+                        type: string
+                      user:
+                        type: string
+                    type: object
+                  seccompProfile:
+                    properties:
+                      localhostProfile:
+                        type: string
+                      type:
+                        type: string
+                    required:
+                    - type
+                    type: object
+                  supplementalGroups:
+                    items:
+                      format: int64
+                      type: integer
+                    type: array
+                    x-kubernetes-list-type: atomic
+                  supplementalGroupsPolicy:
+                    type: string
+                  sysctls:
+                    items:
+                      properties:
+                        name:
+                          type: string
+                        value:
+                          type: string
+                      required:
+                      - name
+                      - value
+                      type: object
+                    type: array
+                    x-kubernetes-list-type: atomic
+                  windowsOptions:
+                    properties:
+                      gmsaCredentialSpec:
+                        type: string
+                      gmsaCredentialSpecName:
+                        type: string
+                      hostProcess:
+                        type: boolean
+                      runAsUserName:
+                        type: string
+                    type: object
+                type: object
+              serviceDetails:
+                properties:
+                  available:
+                    items:
+                      type: string
+                    type: array
+                  cardinality:
+                    type: string
+                  clbGoal:
+                    type: string
+                  commitOutComeFastPath:
+                    type: string
+                  commitOutcome:
+                    type: string
+                  drainTimeOut:
+                    type: integer
+                  dtp:
+                    type: string
+                  edition:
+                    type: string
+                  failBack:
+                    type: string
+                  failOverDelay:
+                    type: integer
+                  failOverRestore:
+                    type: string
+                  failOverRetry:
+                    type: integer
+                  failOverType:
+                    type: string
+                  name:
+                    type: string
+                  notification:
+                    type: string
+                  pdb:
+                    type: string
+                  preferred:
+                    items:
+                      type: string
+                    type: array
+                  retenion:
+                    type: integer
+                  rlbGoal:
+                    type: string
+                  role:
+                    type: string
+                  sessionState:
+                    type: string
+                  stopOption:
+                    type: string
+                  svcState:
+                    type: string
+                  tafPolicy:
+                    type: string
+                required:
+                - name
+                type: object
+              sshKeySecret:
+                properties:
+                  keyMountLocation:
+                    type: string
+                  name:
+                    type: string
+                  privKeySecretName:
+                    type: string
+                  pubKeySecretName:
+                    type: string
+                required:
+                - name
+                type: object
+              storageClass:
+                type: string
+              storageSizeInGB:
+                type: integer
+              tdeWalletSecret:
+                properties:
+                  encryptionType:
+                    type: string
+                  keyFileMountLocation:
+                    type: string
+                  keyFileName:
+                    type: string
+                  keySecretName:
+                    type: string
+                  name:
+                    type: string
+                  pwdFileMountLocation:
+                    type: string
+                  pwdFileName:
+                    type: string
+                type: object
+              useNfsforSwStorage:
+                type: string
+            required:
+            - instDetails
+            - securityContext
+            type: object
+          status:
+            properties:
+              DbName:
+                type: string
+              OracleRestartNodes:
+                items:
+                  properties:
+                    name:
+                      type: string
+                    nodeDetails:
+                      properties:
+                        InstanceState:
+                          type: string
+                        PodState:
+                          type: string
+                        clusterState:
+                          type: string
+                        isDelete:
+                          type: string
+                        mountedDevices:
+                          items:
+                            type: string
+                          type: array
+                        nodePortSvc:
+                          items:
+                            properties:
+                              name:
+                                type: string
+                              portMappings:
+                                items:
+                                  properties:
+                                    nodePort:
+                                      format: int32
+                                      type: integer
+                                    port:
+                                      format: int32
+                                      type: integer
+                                    protocol:
+                                      type: string
+                                    targetPort:
+                                      format: int32
+                                      type: integer
+                                  required:
+                                  - port
+                                  - protocol
+                                  - targetPort
+                                  type: object
+                                type: array
+                              svcType:
+                                type: string
+                            required:
+                            - name
+                            - svcType
+                            type: object
+                          type: array
+                        portMappings:
+                          items:
+                            properties:
+                              nodePort:
+                                format: int32
+                                type: integer
+                              port:
+                                format: int32
+                                type: integer
+                              protocol:
+                                type: string
+                              targetPort:
+                                format: int32
+                                type: integer
+                            required:
+                            - port
+                            - protocol
+                            - targetPort
+                            type: object
+                          type: array
+                        pvcName:
+                          additionalProperties:
+                            type: string
+                          type: object
+                        state:
+                          type: string
+                        workerNode:
+                          type: string
+                      type: object
+                  type: object
+                type: array
+              asmDetails:
+                properties:
+                  diskgroup:
+                    items:
+                      properties:
+                        disks:
+                          items:
+                            type: string
+                          type: array
+                        name:
+                          type: string
+                        redundancy:
+                          type: string
+                      type: object
+                    type: array
+                type: object
+              clientEtcHost:
+                items:
+                  type: string
+                type: array
+              conditions:
+                items:
+                  properties:
+                    lastTransitionTime:
+                      format: date-time
+                      type: string
+                    message:
+                      maxLength: 32768
+                      type: string
+                    observedGeneration:
+                      format: int64
+                      minimum: 0
+                      type: integer
+                    reason:
+                      maxLength: 1024
+                      minLength: 1
+                      pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$
+                      type: string
+                    status:
+                      enum:
+                      - "True"
+                      - "False"
+                      - Unknown
+                      type: string
+                    type:
+                      maxLength: 316
+                      pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$
+                      type: string
+                  required:
+                  - lastTransitionTime
+                  - message
+                  - reason
+                  - status
+                  - type
+                  type: object
+                type: array
+                x-kubernetes-list-map-keys:
+                - type
+                x-kubernetes-list-type: map
+              configParams:
+                properties:
+                  cpuCount:
+                    type: integer
+                  crsAsmDeviceList:
+                    type: string
+                  crsAsmDiskDg:
+                    type: string
+                  crsAsmDiskDgRedundancy:
+                    type: string
+                  dbAsmDeviceList:
+                    type: string
+                  dbAsmDiskDgRedundancy:
+                    type: string
+                  dbBase:
+                    type: string
+                  dbCharSet:
+                    type: string
+                  dbConfigType:
+                    type: string
+                  dbDataFileDestDg:
+                    type: string
+                  dbHome:
+                    type: string
+                  dbName:
+                    type: string
+                  dbRecoveryFileDest:
+                    type: string
+                  dbRecoveryFileDestSize:
+                    type: string
+                  dbRedoFileSize:
+                    type: string
+                  dbResponseFile:
+                    properties:
+                      configMapName:
+                        type: string
+                      name:
+                        type: string
+                    type: object
+                  dbStorageType:
+                    type: string
+                  dbSwZipFile:
+                    type: string
+                  dbType:
+                    type: string
+                  dbUniqueName:
+                    type: string
+                  enableArchiveLog:
+                    type: string
+                  gridBase:
+                    type: string
+                  gridHome:
+                    type: string
+                  gridResponseFile:
+                    properties:
+                      configMapName:
+                        type: string
+                      name:
+                        type: string
+                    type: object
+                  gridSwZipFile:
+                    type: string
+                  hostSwStageLocation:
+                    type: string
+                  inventory:
+                    type: string
+                  opType:
+                    type: string
+                  pdbName:
+                    type: string
+                  pgaSize:
+                    type: string
+                  processes:
+                    type: integer
+                  recoAsmDeviceList:
+                    type: string
+                  recoAsmDiskDgRedudancy:
+                    type: string
+                  redoAsmDeviceList:
+                    type: string
+                  redoAsmDiskDgRedundancy:
+                    type: string
+                  sgaSize:
+                    type: string
+                  stagingSoftwareLocation:
+                    type: string
+                  swMountLocation:
+                    type: string
+                type: object
+              connectString:
+                type: string
+              dbSecret:
+                properties:
+                  encryptionType:
+                    type: string
+                  keyFileMountLocation:
+                    type: string
+                  keyFileName:
+                    type: string
+                  keySecretName:
+                    type: string
+                  name:
+                    type: string
+                  pwdFileMountLocation:
+                    type: string
+                  pwdFileName:
+                    type: string
+                type: object
+              dbState:
+                type: string
+              externalConnectString:
+                type: string
+              externalSvcType:
+                type: string
+              image:
+                type: string
+              imagePullPolicy:
+                type: string
+              imagePullSecret:
+                type: string
+              instDetails:
+                items:
+                  properties:
+                    envFile:
+                      type: string
+                    envVars:
+                      items:
+                        properties:
+                          name:
+                            type: string
+                          value:
+                            type: string
+                          valueFrom:
+                            properties:
+                              configMapKeyRef:
+                                properties:
+                                  key:
+                                    type: string
+                                  name:
+                                    default: ""
+                                    type: string
+                                  optional:
+                                    type: boolean
+                                required:
+                                - key
+                                type: object
+                                x-kubernetes-map-type: atomic
+                              fieldRef:
+                                properties:
+                                  apiVersion:
+                                    type: string
+                                  fieldPath:
+                                    type: string
+                                required:
+                                - fieldPath
+                                type: object
+                                x-kubernetes-map-type: atomic
+                              resourceFieldRef:
+                                properties:
+                                  containerName:
+                                    type: string
+                                  divisor:
+                                    anyOf:
+                                    - type: integer
+                                    - type: string
+                                    pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+                                    x-kubernetes-int-or-string: true
+                                  resource:
+                                    type: string
+                                required:
+                                - resource
+                                type: object
+                                x-kubernetes-map-type: atomic
+                              secretKeyRef:
+                                properties:
+                                  key:
+                                    type: string
+                                  name:
+                                    default: ""
+                                    type: string
+                                  optional:
+                                    type: boolean
+                                required:
+                                - key
+                                type: object
+                                x-kubernetes-map-type: atomic
+                            type: object
+                        required:
+                        - name
+                        type: object
+                      type: array
+                    hostSwLocation:
+                      type: string
+                    isDelete:
+                      type: string
+                    isForceDelete:
+                      type: string
+                    isKeepPVC:
+                      type: string
+                    label:
+                      type: string
+                    lsnrLocalPort:
+                      format: int32
+                      type: integer
+                    lsnrTargetPort:
+                      format: int32
+                      type: integer
+                    name:
+                      type: string
+                    nodePortSvc:
+                      items:
+                        properties:
+                          name:
+                            type: string
+                          portMappings:
+                            items:
+                              properties:
+                                nodePort:
+                                  format: int32
+                                  type: integer
+                                port:
+                                  format: int32
+                                  type: integer
+                                protocol:
+                                  type: string
+                                targetPort:
+                                  format: int32
+                                  type: integer
+                              required:
+                              - port
+                              - protocol
+                              - targetPort
+                              type: object
+                            type: array
+                          svcType:
+                            type: string
+                        required:
+                        - name
+                        - svcType
+                        type: object
+                      type: array
+                    onsLocalPort:
+                      format: int32
+                      type: integer
+                    onsTargetPort:
+                      format: int32
+                      type: integer
+                    portMappings:
+                      items:
+                        properties:
+                          nodePort:
+                            format: int32
+                            type: integer
+                          port:
+                            format: int32
+                            type: integer
+                          protocol:
+                            type: string
+                          targetPort:
+                            format: int32
+                            type: integer
+                        required:
+                        - port
+                        - protocol
+                        - targetPort
+                        type: object
+                      type: array
+                    pvcName:
+                      additionalProperties:
+                        type: string
+                      type: object
+                    resources:
+                      properties:
+                        claims:
+                          items:
+                            properties:
+                              name:
+                                type: string
+                              request:
+                                type: string
+                            required:
+                            - name
+                            type: object
+                          type: array
+                          x-kubernetes-list-map-keys:
+                          - name
+                          x-kubernetes-list-type: map
+                        limits:
+                          additionalProperties:
+                            anyOf:
+                            - type: integer
+                            - type: string
+                            pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+                            x-kubernetes-int-or-string: true
+                          type: object
+                        requests:
+                          additionalProperties:
+                            anyOf:
+                            - type: integer
+                            - type: string
+                            pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+                            x-kubernetes-int-or-string: true
+                          type: object
+                      type: object
+                    workerNode:
+                      items:
+                        type: string
+                      type: array
+                  required:
+                  - name
+                  type: object
+                type: array
+              installNode:
+                type: string
+              isDebug:
+                type: string
+              isDeleteOraPvc:
+                type: string
+              isDeleteTopology:
+                type: string
+              nfsStorageDetails:
+                properties:
+                  path:
+                    type: string
+                  readOnly:
+                    type: boolean
+                  server:
+                    type: string
+                required:
+                - path
+                - server
+                type: object
+              oldSpec:
+                type: string
+              pdbConnectString:
+                type: string
+              readinessProbe:
+                properties:
+                  exec:
+                    properties:
+                      command:
+                        items:
+                          type: string
+                        type: array
+                        x-kubernetes-list-type: atomic
+                    type: object
+                  failureThreshold:
+                    format: int32
+                    type: integer
+                  grpc:
+                    properties:
+                      port:
+                        format: int32
+                        type: integer
+                      service:
+                        default: ""
+                        type: string
+                    required:
+                    - port
+                    type: object
+                  httpGet:
+                    properties:
+                      host:
+                        type: string
+                      httpHeaders:
+                        items:
+                          properties:
+                            name:
+                              type: string
+                            value:
+                              type: string
+                          required:
+                          - name
+                          - value
+                          type: object
+                        type: array
+                        x-kubernetes-list-type: atomic
+                      path:
+                        type: string
+                      port:
+                        anyOf:
+                        - type: integer
+                        - type: string
+                        x-kubernetes-int-or-string: true
+                      scheme:
+                        type: string
+                    required:
+                    - port
+                    type: object
+                  initialDelaySeconds:
+                    format: int32
+                    type: integer
+                  periodSeconds:
+                    format: int32
+                    type: integer
+                  successThreshold:
+                    format: int32
+                    type: integer
+                  tcpSocket:
+                    properties:
+                      host:
+                        type: string
+                      port:
+                        anyOf:
+                        - type: integer
+                        - type: string
+                        x-kubernetes-int-or-string: true
+                    required:
+                    - port
+                    type: object
+                  terminationGracePeriodSeconds:
+                    format: int64
+                    type: integer
+                  timeoutSeconds:
+                    format: int32
+                    type: integer
+                type: object
+              releaseUpdate:
+                type: string
+              resources:
+                properties:
+                  claims:
+                    items:
+                      properties:
+                        name:
+                          type: string
+                        request:
+                          type: string
+                      required:
+                      - name
+                      type: object
+                    type: array
+                    x-kubernetes-list-map-keys:
+                    - name
+                    x-kubernetes-list-type: map
+                  limits:
+                    additionalProperties:
+                      anyOf:
+                      - type: integer
+                      - type: string
+                      pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+                      x-kubernetes-int-or-string: true
+                    type: object
+                  requests:
+                    additionalProperties:
+                      anyOf:
+                      - type: integer
+                      - type: string
+                      pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+                      x-kubernetes-int-or-string: true
+                    type: object
+                type: object
+              role:
+                type: string
+              scriptsGetCmd:
+                type: string
+              scriptsLocation:
+                type: string
+              securityContext:
+                properties:
+                  appArmorProfile:
+                    properties:
+                      localhostProfile:
+                        type: string
+                      type:
+                        type: string
+                    required:
+                    - type
+                    type: object
+                  fsGroup:
+                    format: int64
+                    type: integer
+                  fsGroupChangePolicy:
+                    type: string
+                  runAsGroup:
+                    format: int64
+                    type: integer
+                  runAsNonRoot:
+                    type: boolean
+                  runAsUser:
+                    format: int64
+                    type: integer
+                  seLinuxOptions:
+                    properties:
+                      level:
+                        type: string
+                      role:
+                        type: string
+                      type:
+                        type: string
+                      user:
+                        type: string
+                    type: object
+                  seccompProfile:
+                    properties:
+                      localhostProfile:
+                        type: string
+                      type:
+                        type: string
+                    required:
+                    - type
+                    type: object
+                  supplementalGroups:
+                    items:
+                      format: int64
+                      type: integer
+                    type: array
+                    x-kubernetes-list-type: atomic
+                  supplementalGroupsPolicy:
+                    type: string
+                  sysctls:
+                    items:
+                      properties:
+                        name:
+                          type: string
+                        value:
+                          type: string
+                      required:
+                      - name
+                      - value
+                      type: object
+                    type: array
+                    x-kubernetes-list-type: atomic
+                  windowsOptions:
+                    properties:
+                      gmsaCredentialSpec:
+                        type: string
+                      gmsaCredentialSpecName:
+                        type: string
+                      hostProcess:
+                        type: boolean
+                      runAsUserName:
+                        type: string
+                    type: object
+                type: object
+              serviceDetails:
+                properties:
+                  available:
+                    items:
+                      type: string
+                    type: array
+                  cardinality:
+                    type: string
+                  clbGoal:
+                    type: string
+                  commitOutComeFastPath:
+                    type: string
+                  commitOutcome:
+                    type: string
+                  drainTimeOut:
+                    type: integer
+                  dtp:
+                    type: string
+                  edition:
+                    type: string
+                  failBack:
+                    type: string
+                  failOverDelay:
+                    type: integer
+                  failOverRestore:
+                    type: string
+                  failOverRetry:
+                    type: integer
+                  failOverType:
+                    type: string
+                  name:
+                    type: string
+                  notification:
+                    type: string
+                  pdb:
+                    type: string
+                  preferred:
+                    items:
+                      type: string
+                    type: array
+                  retenion:
+                    type: integer
+                  rlbGoal:
+                    type: string
+                  role:
+                    type: string
+                  sessionState:
+                    type: string
+                  stopOption:
+                    type: string
+                  svcState:
+                    type: string
+                  tafPolicy:
+                    type: string
+                required:
+                - name
+                type: object
+              sshKeySecret:
+                properties:
+                  keyMountLocation:
+                    type: string
+                  name:
+                    type: string
+                  privKeySecretName:
+                    type: string
+                  pubKeySecretName:
+                    type: string
+                required:
+                - name
+                type: object
+              state:
+                type: string
+              storageClass:
+                type: string
+              storageSizeInGB:
+                type: integer
+              tdeWalletSecret:
+                properties:
+                  encryptionType:
+                    type: string
+                  keyFileMountLocation:
+                    type: string
+                  keyFileName:
+                    type: string
+                  keySecretName:
+                    type: string
+                  name:
+                    type: string
+                  pwdFileMountLocation:
+                    type: string
+                  pwdFileName:
+                    type: string
+                type: object
+              useNfsforSwStorage:
+                type: string
+            type: object
+        type: object
+    served: true
+    storage: true
+    subresources:
+      status: {}
diff --git a/config/crd/bases/database.oracle.com_oraclerestdataservices.yaml b/config/crd/bases/database.oracle.com_oraclerestdataservices.yaml
index fe93a531..82479941 100644
--- a/config/crd/bases/database.oracle.com_oraclerestdataservices.yaml
+++ b/config/crd/bases/database.oracle.com_oraclerestdataservices.yaml
@@ -3,7 +3,7 @@ apiVersion: apiextensions.k8s.io/v1
 kind: CustomResourceDefinition
 metadata:
   annotations:
-    controller-gen.kubebuilder.io/version: v0.16.5
+    controller-gen.kubebuilder.io/version: v0.17.3
   name: oraclerestdataservices.database.oracle.com
 spec:
   group: database.oracle.com
@@ -11,6 +11,8 @@ spec:
     kind: OracleRestDataService
     listKind: OracleRestDataServiceList
     plural: oraclerestdataservices
+    shortNames:
+    - ords
     singular: oraclerestdataservice
   scope: Namespaced
   versions:
diff --git a/config/crd/bases/database.oracle.com_ordssrvs.yaml b/config/crd/bases/database.oracle.com_ordssrvs.yaml
index 9c4ab88f..bb2208d6 100644
--- a/config/crd/bases/database.oracle.com_ordssrvs.yaml
+++ b/config/crd/bases/database.oracle.com_ordssrvs.yaml
@@ -3,7 +3,7 @@ apiVersion: apiextensions.k8s.io/v1
 kind: CustomResourceDefinition
 metadata:
   annotations:
-    controller-gen.kubebuilder.io/version: v0.16.5
+    controller-gen.kubebuilder.io/version: v0.17.3
   name: ordssrvs.database.oracle.com
 spec:
   group: database.oracle.com
@@ -68,22 +68,40 @@ spec:
                 type: boolean
               globalSettings:
                 properties:
+                  apex.download:
+                    default: false
+                    type: boolean
+                  apex.download.url:
+                    default: https://download.oracle.com/otn_software/apex/apex-latest.zip
+                    type: string
+                  apex.installation.persistence:
+                    properties:
+                      accessMode:
+                        default: ReadWriteOnce
+                        enum:
+                        - ReadWriteOnce
+                        - ReadWriteMany
+                        type: string
+                      size:
+                        default: 1Gi
+                        type: string
+                      storageClass:
+                        type: string
+                      volumeName:
+                        type: string
+                    type: object
                   cache.metadata.enabled:
                     type: boolean
                   cache.metadata.graphql.expireAfterAccess:
-                    format: int64
-                    type: integer
+                    type: string
                   cache.metadata.graphql.expireAfterWrite:
-                    format: int64
-                    type: integer
+                    type: string
                   cache.metadata.jwks.enabled:
                     type: boolean
                   cache.metadata.jwks.expireAfterAccess:
-                    format: int64
-                    type: integer
+                    type: string
                   cache.metadata.jwks.expireAfterWrite:
-                    format: int64
-                    type: integer
+                    type: string
                   cache.metadata.jwks.initialCapacity:
                     format: int32
                     type: integer
@@ -91,8 +109,7 @@ spec:
                     format: int32
                     type: integer
                   cache.metadata.timeout:
-                    format: int64
-                    type: integer
+                    type: string
                   certSecret:
                     properties:
                       cert:
@@ -111,8 +128,7 @@ spec:
                   database.api.management.services.disabled:
                     type: boolean
                   db.invalidPoolTimeout:
-                    format: int64
-                    type: integer
+                    type: string
                   debug.printDebugToScreen:
                     type: boolean
                   enable.mongo.access.log:
@@ -139,11 +155,9 @@ spec:
                   mongo.enabled:
                     type: boolean
                   mongo.idle.timeout:
-                    format: int64
-                    type: integer
+                    type: string
                   mongo.op.timeout:
-                    format: int64
-                    type: integer
+                    type: string
                   mongo.port:
                     default: 27017
                     format: int32
@@ -154,8 +168,7 @@ spec:
                     format: int32
                     type: integer
                   security.credentials.lock.time:
-                    format: int64
-                    type: integer
+                    type: string
                   security.disableDefaultExclusionList:
                     type: boolean
                   security.exclusionList:
@@ -187,8 +200,7 @@ spec:
                     format: int32
                     type: integer
                   standalone.stop.timeout:
-                    format: int64
-                    type: integer
+                    type: string
                 type: object
               image:
                 type: string
@@ -254,8 +266,7 @@ spec:
                     db.hostname:
                       type: string
                     db.poolDestroyTimeout:
-                      format: int64
-                      type: integer
+                      type: string
                     db.port:
                       format: int32
                       type: integer
@@ -313,8 +324,7 @@ spec:
                       format: int32
                       type: integer
                     jdbc.MaxConnectionReuseTime:
-                      format: int32
-                      type: integer
+                      type: string
                     jdbc.MaxLimit:
                       format: int32
                       type: integer
@@ -360,23 +370,18 @@ spec:
                     restEnabledSql.active:
                       type: boolean
                     security.jwks.connection.timeout:
-                      format: int64
-                      type: integer
+                      type: string
                     security.jwks.read.timeout:
-                      format: int64
-                      type: integer
+                      type: string
                     security.jwks.refresh.interval:
-                      format: int64
-                      type: integer
+                      type: string
                     security.jwks.size:
                       format: int32
                       type: integer
                     security.jwt.allowed.age:
-                      format: int64
-                      type: integer
+                      type: string
                     security.jwt.allowed.skew:
-                      format: int64
-                      type: integer
+                      type: string
                     security.jwt.profile.enabled:
                       type: boolean
                     security.requestAuthenticationFunction:
@@ -410,6 +415,8 @@ spec:
                 format: int32
                 minimum: 1
                 type: integer
+              serviceAccountName:
+                type: string
               workloadType:
                 default: Deployment
                 enum:
diff --git a/config/crd/bases/database.oracle.com_shardingdatabases.yaml b/config/crd/bases/database.oracle.com_shardingdatabases.yaml
index 90c6dd53..df7ab8ed 100644
--- a/config/crd/bases/database.oracle.com_shardingdatabases.yaml
+++ b/config/crd/bases/database.oracle.com_shardingdatabases.yaml
@@ -3,7 +3,7 @@ apiVersion: apiextensions.k8s.io/v1
 kind: CustomResourceDefinition
 metadata:
   annotations:
-    controller-gen.kubebuilder.io/version: v0.16.5
+    controller-gen.kubebuilder.io/version: v0.17.3
   name: shardingdatabases.database.oracle.com
 spec:
   group: database.oracle.com
@@ -588,6 +588,13 @@ spec:
               catalog:
                 items:
                   properties:
+                    catalogConfigData:
+                      properties:
+                        mountPath:
+                          type: string
+                        name:
+                          type: string
+                      type: object
                     envVars:
                       items:
                         properties:
@@ -688,9 +695,14 @@ spec:
                     type: string
                   pwdFileName:
                     type: string
+                  tdeKeyFileName:
+                    type: string
+                  tdePwdFileName:
+                    type: string
                 required:
                 - name
                 - pwdFileName
+                - tdePwdFileName
                 type: object
               fssStorageClass:
                 type: string
@@ -711,6 +723,13 @@ spec:
                         - value
                         type: object
                       type: array
+                    gsmConfigData:
+                      properties:
+                        mountPath:
+                          type: string
+                        name:
+                          type: string
+                      type: object
                     imagePullPolicy:
                       type: string
                     isDelete:
@@ -832,6 +851,8 @@ spec:
                       type: string
                     role:
                       type: string
+                    ruMode:
+                      type: string
                     sessionState:
                       type: string
                     sqlTransactionProfile:
@@ -915,6 +936,8 @@ spec:
                 type: string
               scriptsLocation:
                 type: string
+              serviceAccountName:
+                type: string
               shard:
                 items:
                   properties:
@@ -992,6 +1015,13 @@ spec:
                             x-kubernetes-int-or-string: true
                           type: object
                       type: object
+                    shardConfigData:
+                      properties:
+                        mountPath:
+                          type: string
+                        name:
+                          type: string
+                      type: object
                     shardGroup:
                       type: string
                     shardRegion:
@@ -1009,6 +1039,47 @@ spec:
                 type: string
               shardConfigName:
                 type: string
+              shardInfo:
+                items:
+                  properties:
+                    replicas:
+                      format: int32
+                      type: integer
+                    shape:
+                      type: string
+                    shardGroupDetails:
+                      properties:
+                        ShardSpace:
+                          type: string
+                        deployAs:
+                          type: string
+                        isDelete:
+                          type: string
+                        region:
+                          type: string
+                        repFactor:
+                          type: integer
+                        shardGroupName:
+                          type: string
+                      type: object
+                    shardPreFixName:
+                      type: string
+                    shardSpaceDetails:
+                      properties:
+                        Chnuks:
+                          type: integer
+                        protectMode:
+                          type: string
+                        shardSpaceName:
+                          type: string
+                      type: object
+                    storageSizeInGb:
+                      format: int32
+                      type: integer
+                  required:
+                  - shardPreFixName
+                  type: object
+                type: array
               shardRegion:
                 items:
                   type: string
@@ -1030,7 +1101,6 @@ spec:
             - dbImage
             - gsm
             - gsmImage
-            - shard
             type: object
           status:
             properties:
diff --git a/config/crd/bases/database.oracle.com_singleinstancedatabases.yaml b/config/crd/bases/database.oracle.com_singleinstancedatabases.yaml
index 8357f2c5..247a5308 100644
--- a/config/crd/bases/database.oracle.com_singleinstancedatabases.yaml
+++ b/config/crd/bases/database.oracle.com_singleinstancedatabases.yaml
@@ -3,7 +3,7 @@ apiVersion: apiextensions.k8s.io/v1
 kind: CustomResourceDefinition
 metadata:
   annotations:
-    controller-gen.kubebuilder.io/version: v0.16.5
+    controller-gen.kubebuilder.io/version: v0.17.3
   name: singleinstancedatabases.database.oracle.com
 spec:
   group: database.oracle.com
@@ -11,6 +11,9 @@ spec:
     kind: SingleInstanceDatabase
     listKind: SingleInstanceDatabaseList
     plural: singleinstancedatabases
+    shortNames:
+    - sidb
+    - sidbs
     singular: singleinstancedatabase
   scope: Namespaced
   versions:
diff --git a/config/crd/bases/observability.oracle.com_databaseobservers.yaml b/config/crd/bases/observability.oracle.com_databaseobservers.yaml
index 298f9d4e..200902bc 100644
--- a/config/crd/bases/observability.oracle.com_databaseobservers.yaml
+++ b/config/crd/bases/observability.oracle.com_databaseobservers.yaml
@@ -3,7 +3,7 @@ apiVersion: apiextensions.k8s.io/v1
 kind: CustomResourceDefinition
 metadata:
   annotations:
-    controller-gen.kubebuilder.io/version: v0.16.5
+    controller-gen.kubebuilder.io/version: v0.17.3
   name: databaseobservers.observability.oracle.com
 spec:
   group: observability.oracle.com
@@ -18,8 +18,8 @@ spec:
   scope: Namespaced
   versions:
   - additionalPrinterColumns:
-    - jsonPath: .status.exporterConfig
-      name: ExporterConfig
+    - jsonPath: .status.metricsConfig
+      name: MetricsConfig
       type: string
     - jsonPath: .status.status
       name: Status
@@ -39,7 +39,7 @@ spec:
             type: object
           spec:
             properties:
-              configuration:
+              azureConfig:
                 properties:
                   configMap:
                     properties:
@@ -51,8 +51,19 @@ spec:
                 type: object
               database:
                 properties:
+                  azure:
+                    properties:
+                      vaultID:
+                        type: string
+                      vaultPasswordSecret:
+                        type: string
+                      vaultUsernameSecret:
+                        type: string
+                    type: object
                   dbConnectionString:
                     properties:
+                      envName:
+                        type: string
                       key:
                         type: string
                       secret:
@@ -60,241 +71,252 @@ spec:
                     type: object
                   dbPassword:
                     properties:
+                      envName:
+                        type: string
                       key:
                         type: string
                       secret:
                         type: string
-                      vaultOCID:
-                        type: string
-                      vaultSecretName:
-                        type: string
                     type: object
                   dbUser:
                     properties:
+                      envName:
+                        type: string
                       key:
                         type: string
                       secret:
                         type: string
                     type: object
-                  dbWallet:
+                  oci:
                     properties:
-                      key:
+                      vaultID:
                         type: string
-                      secret:
+                      vaultPasswordSecret:
                         type: string
                     type: object
                 type: object
-              exporter:
-                properties:
-                  deployment:
-                    properties:
-                      args:
-                        items:
+              databases:
+                additionalProperties:
+                  properties:
+                    dbConnectionString:
+                      properties:
+                        envName:
                           type: string
-                        type: array
-                      commands:
-                        items:
+                        key:
                           type: string
-                        type: array
-                      env:
-                        additionalProperties:
+                        secret:
+                          type: string
+                      type: object
+                    dbPassword:
+                      properties:
+                        envName:
                           type: string
+                        key:
+                          type: string
+                        secret:
+                          type: string
+                      type: object
+                    dbUser:
+                      properties:
+                        envName:
+                          type: string
+                        key:
+                          type: string
+                        secret:
+                          type: string
+                      type: object
+                  type: object
+                type: object
+              deployment:
+                properties:
+                  args:
+                    items:
+                      type: string
+                    type: array
+                  commands:
+                    items:
+                      type: string
+                    type: array
+                  env:
+                    additionalProperties:
+                      type: string
+                    type: object
+                  image:
+                    type: string
+                  labels:
+                    additionalProperties:
+                      type: string
+                    type: object
+                  podSecurityContext:
+                    properties:
+                      appArmorProfile:
+                        properties:
+                          localhostProfile:
+                            type: string
+                          type:
+                            type: string
+                        required:
+                        - type
                         type: object
-                      image:
+                      fsGroup:
+                        format: int64
+                        type: integer
+                      fsGroupChangePolicy:
                         type: string
-                      labels:
-                        additionalProperties:
-                          type: string
+                      runAsGroup:
+                        format: int64
+                        type: integer
+                      runAsNonRoot:
+                        type: boolean
+                      runAsUser:
+                        format: int64
+                        type: integer
+                      seLinuxChangePolicy:
+                        type: string
+                      seLinuxOptions:
+                        properties:
+                          level:
+                            type: string
+                          role:
+                            type: string
+                          type:
+                            type: string
+                          user:
+                            type: string
                         type: object
-                      podTemplate:
+                      seccompProfile:
                         properties:
-                          labels:
-                            additionalProperties:
-                              type: string
-                            type: object
-                          securityContext:
-                            properties:
-                              appArmorProfile:
-                                properties:
-                                  localhostProfile:
-                                    type: string
-                                  type:
-                                    type: string
-                                required:
-                                - type
-                                type: object
-                              fsGroup:
-                                format: int64
-                                type: integer
-                              fsGroupChangePolicy:
-                                type: string
-                              runAsGroup:
-                                format: int64
-                                type: integer
-                              runAsNonRoot:
-                                type: boolean
-                              runAsUser:
-                                format: int64
-                                type: integer
-                              seLinuxOptions:
-                                properties:
-                                  level:
-                                    type: string
-                                  role:
-                                    type: string
-                                  type:
-                                    type: string
-                                  user:
-                                    type: string
-                                type: object
-                              seccompProfile:
-                                properties:
-                                  localhostProfile:
-                                    type: string
-                                  type:
-                                    type: string
-                                required:
-                                - type
-                                type: object
-                              supplementalGroups:
-                                items:
-                                  format: int64
-                                  type: integer
-                                type: array
-                                x-kubernetes-list-type: atomic
-                              supplementalGroupsPolicy:
-                                type: string
-                              sysctls:
-                                items:
-                                  properties:
-                                    name:
-                                      type: string
-                                    value:
-                                      type: string
-                                  required:
-                                  - name
-                                  - value
-                                  type: object
-                                type: array
-                                x-kubernetes-list-type: atomic
-                              windowsOptions:
-                                properties:
-                                  gmsaCredentialSpec:
-                                    type: string
-                                  gmsaCredentialSpecName:
-                                    type: string
-                                  hostProcess:
-                                    type: boolean
-                                  runAsUserName:
-                                    type: string
-                                type: object
-                            type: object
+                          localhostProfile:
+                            type: string
+                          type:
+                            type: string
+                        required:
+                        - type
                         type: object
-                      securityContext:
+                      supplementalGroups:
+                        items:
+                          format: int64
+                          type: integer
+                        type: array
+                        x-kubernetes-list-type: atomic
+                      supplementalGroupsPolicy:
+                        type: string
+                      sysctls:
+                        items:
+                          properties:
+                            name:
+                              type: string
+                            value:
+                              type: string
+                          required:
+                          - name
+                          - value
+                          type: object
+                        type: array
+                        x-kubernetes-list-type: atomic
+                      windowsOptions:
                         properties:
-                          allowPrivilegeEscalation:
-                            type: boolean
-                          appArmorProfile:
-                            properties:
-                              localhostProfile:
-                                type: string
-                              type:
-                                type: string
-                            required:
-                            - type
-                            type: object
-                          capabilities:
-                            properties:
-                              add:
-                                items:
-                                  type: string
-                                type: array
-                                x-kubernetes-list-type: atomic
-                              drop:
-                                items:
-                                  type: string
-                                type: array
-                                x-kubernetes-list-type: atomic
-                            type: object
-                          privileged:
-                            type: boolean
-                          procMount:
+                          gmsaCredentialSpec:
                             type: string
-                          readOnlyRootFilesystem:
-                            type: boolean
-                          runAsGroup:
-                            format: int64
-                            type: integer
-                          runAsNonRoot:
+                          gmsaCredentialSpecName:
+                            type: string
+                          hostProcess:
                             type: boolean
-                          runAsUser:
-                            format: int64
-                            type: integer
-                          seLinuxOptions:
-                            properties:
-                              level:
-                                type: string
-                              role:
-                                type: string
-                              type:
-                                type: string
-                              user:
-                                type: string
-                            type: object
-                          seccompProfile:
-                            properties:
-                              localhostProfile:
-                                type: string
-                              type:
-                                type: string
-                            required:
-                            - type
-                            type: object
-                          windowsOptions:
-                            properties:
-                              gmsaCredentialSpec:
-                                type: string
-                              gmsaCredentialSpecName:
-                                type: string
-                              hostProcess:
-                                type: boolean
-                              runAsUserName:
-                                type: string
-                            type: object
+                          runAsUserName:
+                            type: string
                         type: object
                     type: object
-                  service:
+                  podTemplate:
                     properties:
                       labels:
                         additionalProperties:
                           type: string
                         type: object
-                      ports:
-                        items:
-                          properties:
-                            appProtocol:
-                              type: string
-                            name:
+                    type: object
+                  securityContext:
+                    properties:
+                      allowPrivilegeEscalation:
+                        type: boolean
+                      appArmorProfile:
+                        properties:
+                          localhostProfile:
+                            type: string
+                          type:
+                            type: string
+                        required:
+                        - type
+                        type: object
+                      capabilities:
+                        properties:
+                          add:
+                            items:
                               type: string
-                            nodePort:
-                              format: int32
-                              type: integer
-                            port:
-                              format: int32
-                              type: integer
-                            protocol:
-                              default: TCP
+                            type: array
+                            x-kubernetes-list-type: atomic
+                          drop:
+                            items:
                               type: string
-                            targetPort:
-                              anyOf:
-                              - type: integer
-                              - type: string
-                              x-kubernetes-int-or-string: true
-                          required:
-                          - port
-                          type: object
-                        type: array
+                            type: array
+                            x-kubernetes-list-type: atomic
+                        type: object
+                      privileged:
+                        type: boolean
+                      procMount:
+                        type: string
+                      readOnlyRootFilesystem:
+                        type: boolean
+                      runAsGroup:
+                        format: int64
+                        type: integer
+                      runAsNonRoot:
+                        type: boolean
+                      runAsUser:
+                        format: int64
+                        type: integer
+                      seLinuxOptions:
+                        properties:
+                          level:
+                            type: string
+                          role:
+                            type: string
+                          type:
+                            type: string
+                          user:
+                            type: string
+                        type: object
+                      seccompProfile:
+                        properties:
+                          localhostProfile:
+                            type: string
+                          type:
+                            type: string
+                        required:
+                        - type
+                        type: object
+                      windowsOptions:
+                        properties:
+                          gmsaCredentialSpec:
+                            type: string
+                          gmsaCredentialSpecName:
+                            type: string
+                          hostProcess:
+                            type: boolean
+                          runAsUserName:
+                            type: string
+                        type: object
+                    type: object
+                type: object
+              exporterConfig:
+                properties:
+                  configMap:
+                    properties:
+                      key:
+                        type: string
+                      name:
+                        type: string
                     type: object
+                  mountPath:
+                    type: string
                 type: object
               inheritLabels:
                 items:
@@ -302,9 +324,11 @@ spec:
                 type: array
               log:
                 properties:
-                  filename:
+                  destination:
                     type: string
-                  path:
+                  disable:
+                    type: boolean
+                  filename:
                     type: string
                   volume:
                     properties:
@@ -317,41 +341,204 @@ spec:
                         type: object
                     type: object
                 type: object
+              metrics:
+                properties:
+                  configMap:
+                    items:
+                      properties:
+                        key:
+                          type: string
+                        name:
+                          type: string
+                      type: object
+                    type: array
+                type: object
               ociConfig:
                 properties:
-                  configMapName:
-                    type: string
-                  secretName:
+                  configMap:
+                    properties:
+                      key:
+                        type: string
+                      name:
+                        type: string
+                    type: object
+                  mountPath:
                     type: string
+                  privateKey:
+                    properties:
+                      secret:
+                        type: string
+                    type: object
                 type: object
-              prometheus:
+              replicas:
+                format: int32
+                type: integer
+              service:
                 properties:
-                  serviceMonitor:
-                    properties:
-                      endpoints:
-                        items:
-                          properties:
-                            authorization:
-                              properties:
-                                credentials:
-                                  properties:
-                                    key:
-                                      type: string
-                                    name:
-                                      default: ""
-                                      type: string
-                                    optional:
-                                      type: boolean
-                                  required:
-                                  - key
-                                  type: object
-                                  x-kubernetes-map-type: atomic
-                                type:
-                                  type: string
-                              type: object
-                            basicAuth:
-                              properties:
-                                password:
+                  labels:
+                    additionalProperties:
+                      type: string
+                    type: object
+                  ports:
+                    items:
+                      properties:
+                        appProtocol:
+                          type: string
+                        name:
+                          type: string
+                        nodePort:
+                          format: int32
+                          type: integer
+                        port:
+                          format: int32
+                          type: integer
+                        protocol:
+                          default: TCP
+                          type: string
+                        targetPort:
+                          anyOf:
+                          - type: integer
+                          - type: string
+                          x-kubernetes-int-or-string: true
+                      required:
+                      - port
+                      type: object
+                    type: array
+                type: object
+              serviceMonitor:
+                properties:
+                  endpoints:
+                    items:
+                      properties:
+                        authorization:
+                          properties:
+                            credentials:
+                              properties:
+                                key:
+                                  type: string
+                                name:
+                                  default: ""
+                                  type: string
+                                optional:
+                                  type: boolean
+                              required:
+                              - key
+                              type: object
+                              x-kubernetes-map-type: atomic
+                            type:
+                              type: string
+                          type: object
+                        basicAuth:
+                          properties:
+                            password:
+                              properties:
+                                key:
+                                  type: string
+                                name:
+                                  default: ""
+                                  type: string
+                                optional:
+                                  type: boolean
+                              required:
+                              - key
+                              type: object
+                              x-kubernetes-map-type: atomic
+                            username:
+                              properties:
+                                key:
+                                  type: string
+                                name:
+                                  default: ""
+                                  type: string
+                                optional:
+                                  type: boolean
+                              required:
+                              - key
+                              type: object
+                              x-kubernetes-map-type: atomic
+                          type: object
+                        bearerTokenFile:
+                          type: string
+                        bearerTokenSecret:
+                          properties:
+                            key:
+                              type: string
+                            name:
+                              default: ""
+                              type: string
+                            optional:
+                              type: boolean
+                          required:
+                          - key
+                          type: object
+                          x-kubernetes-map-type: atomic
+                        enableHttp2:
+                          type: boolean
+                        filterRunning:
+                          type: boolean
+                        followRedirects:
+                          type: boolean
+                        honorLabels:
+                          type: boolean
+                        honorTimestamps:
+                          type: boolean
+                        interval:
+                          pattern: ^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$
+                          type: string
+                        metricRelabelings:
+                          items:
+                            properties:
+                              action:
+                                default: replace
+                                enum:
+                                - replace
+                                - Replace
+                                - keep
+                                - Keep
+                                - drop
+                                - Drop
+                                - hashmod
+                                - HashMod
+                                - labelmap
+                                - LabelMap
+                                - labeldrop
+                                - LabelDrop
+                                - labelkeep
+                                - LabelKeep
+                                - lowercase
+                                - Lowercase
+                                - uppercase
+                                - Uppercase
+                                - keepequal
+                                - KeepEqual
+                                - dropequal
+                                - DropEqual
+                                type: string
+                              modulus:
+                                format: int64
+                                type: integer
+                              regex:
+                                type: string
+                              replacement:
+                                type: string
+                              separator:
+                                type: string
+                              sourceLabels:
+                                items:
+                                  pattern: ^[a-zA-Z_][a-zA-Z0-9_]*$
+                                  type: string
+                                type: array
+                              targetLabel:
+                                type: string
+                            type: object
+                          type: array
+                        noProxy:
+                          type: string
+                        oauth2:
+                          properties:
+                            clientId:
+                              properties:
+                                configMap:
                                   properties:
                                     key:
                                       type: string
@@ -364,7 +551,7 @@ spec:
                                   - key
                                   type: object
                                   x-kubernetes-map-type: atomic
-                                username:
+                                secret:
                                   properties:
                                     key:
                                       type: string
@@ -378,9 +565,7 @@ spec:
                                   type: object
                                   x-kubernetes-map-type: atomic
                               type: object
-                            bearerTokenFile:
-                              type: string
-                            bearerTokenSecret:
+                            clientSecret:
                               properties:
                                 key:
                                   type: string
@@ -393,98 +578,15 @@ spec:
                               - key
                               type: object
                               x-kubernetes-map-type: atomic
-                            enableHttp2:
-                              type: boolean
-                            filterRunning:
-                              type: boolean
-                            followRedirects:
-                              type: boolean
-                            honorLabels:
-                              type: boolean
-                            honorTimestamps:
-                              type: boolean
-                            interval:
-                              pattern: ^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$
+                            endpointParams:
+                              additionalProperties:
+                                type: string
+                              type: object
+                            noProxy:
                               type: string
-                            metricRelabelings:
-                              items:
-                                properties:
-                                  action:
-                                    default: replace
-                                    enum:
-                                    - replace
-                                    - Replace
-                                    - keep
-                                    - Keep
-                                    - drop
-                                    - Drop
-                                    - hashmod
-                                    - HashMod
-                                    - labelmap
-                                    - LabelMap
-                                    - labeldrop
-                                    - LabelDrop
-                                    - labelkeep
-                                    - LabelKeep
-                                    - lowercase
-                                    - Lowercase
-                                    - uppercase
-                                    - Uppercase
-                                    - keepequal
-                                    - KeepEqual
-                                    - dropequal
-                                    - DropEqual
-                                    type: string
-                                  modulus:
-                                    format: int64
-                                    type: integer
-                                  regex:
-                                    type: string
-                                  replacement:
-                                    type: string
-                                  separator:
-                                    type: string
-                                  sourceLabels:
-                                    items:
-                                      pattern: ^[a-zA-Z_][a-zA-Z0-9_]*$
-                                      type: string
-                                    type: array
-                                  targetLabel:
-                                    type: string
-                                type: object
-                              type: array
-                            oauth2:
-                              properties:
-                                clientId:
-                                  properties:
-                                    configMap:
-                                      properties:
-                                        key:
-                                          type: string
-                                        name:
-                                          default: ""
-                                          type: string
-                                        optional:
-                                          type: boolean
-                                      required:
-                                      - key
-                                      type: object
-                                      x-kubernetes-map-type: atomic
-                                    secret:
-                                      properties:
-                                        key:
-                                          type: string
-                                        name:
-                                          default: ""
-                                          type: string
-                                        optional:
-                                          type: boolean
-                                      required:
-                                      - key
-                                      type: object
-                                      x-kubernetes-map-type: atomic
-                                  type: object
-                                clientSecret:
+                            proxyConnectHeader:
+                              additionalProperties:
+                                items:
                                   properties:
                                     key:
                                       type: string
@@ -497,211 +599,18 @@ spec:
                                   - key
                                   type: object
                                   x-kubernetes-map-type: atomic
-                                endpointParams:
-                                  additionalProperties:
-                                    type: string
-                                  type: object
-                                noProxy:
-                                  type: string
-                                proxyConnectHeader:
-                                  additionalProperties:
-                                    items:
-                                      properties:
-                                        key:
-                                          type: string
-                                        name:
-                                          default: ""
-                                          type: string
-                                        optional:
-                                          type: boolean
-                                      required:
-                                      - key
-                                      type: object
-                                      x-kubernetes-map-type: atomic
-                                    type: array
-                                  type: object
-                                  x-kubernetes-map-type: atomic
-                                proxyFromEnvironment:
-                                  type: boolean
-                                proxyUrl:
-                                  pattern: ^http(s)?://.+$
-                                  type: string
-                                scopes:
-                                  items:
-                                    type: string
-                                  type: array
-                                tlsConfig:
-                                  properties:
-                                    ca:
-                                      properties:
-                                        configMap:
-                                          properties:
-                                            key:
-                                              type: string
-                                            name:
-                                              default: ""
-                                              type: string
-                                            optional:
-                                              type: boolean
-                                          required:
-                                          - key
-                                          type: object
-                                          x-kubernetes-map-type: atomic
-                                        secret:
-                                          properties:
-                                            key:
-                                              type: string
-                                            name:
-                                              default: ""
-                                              type: string
-                                            optional:
-                                              type: boolean
-                                          required:
-                                          - key
-                                          type: object
-                                          x-kubernetes-map-type: atomic
-                                      type: object
-                                    cert:
-                                      properties:
-                                        configMap:
-                                          properties:
-                                            key:
-                                              type: string
-                                            name:
-                                              default: ""
-                                              type: string
-                                            optional:
-                                              type: boolean
-                                          required:
-                                          - key
-                                          type: object
-                                          x-kubernetes-map-type: atomic
-                                        secret:
-                                          properties:
-                                            key:
-                                              type: string
-                                            name:
-                                              default: ""
-                                              type: string
-                                            optional:
-                                              type: boolean
-                                          required:
-                                          - key
-                                          type: object
-                                          x-kubernetes-map-type: atomic
-                                      type: object
-                                    insecureSkipVerify:
-                                      type: boolean
-                                    keySecret:
-                                      properties:
-                                        key:
-                                          type: string
-                                        name:
-                                          default: ""
-                                          type: string
-                                        optional:
-                                          type: boolean
-                                      required:
-                                      - key
-                                      type: object
-                                      x-kubernetes-map-type: atomic
-                                    maxVersion:
-                                      enum:
-                                      - TLS10
-                                      - TLS11
-                                      - TLS12
-                                      - TLS13
-                                      type: string
-                                    minVersion:
-                                      enum:
-                                      - TLS10
-                                      - TLS11
-                                      - TLS12
-                                      - TLS13
-                                      type: string
-                                    serverName:
-                                      type: string
-                                  type: object
-                                tokenUrl:
-                                  minLength: 1
-                                  type: string
-                              required:
-                              - clientId
-                              - clientSecret
-                              - tokenUrl
-                              type: object
-                            params:
-                              additionalProperties:
-                                items:
-                                  type: string
                                 type: array
                               type: object
-                            path:
-                              type: string
-                            port:
-                              type: string
+                              x-kubernetes-map-type: atomic
+                            proxyFromEnvironment:
+                              type: boolean
                             proxyUrl:
+                              pattern: ^(http|https|socks5)://.+$
                               type: string
-                            relabelings:
+                            scopes:
                               items:
-                                properties:
-                                  action:
-                                    default: replace
-                                    enum:
-                                    - replace
-                                    - Replace
-                                    - keep
-                                    - Keep
-                                    - drop
-                                    - Drop
-                                    - hashmod
-                                    - HashMod
-                                    - labelmap
-                                    - LabelMap
-                                    - labeldrop
-                                    - LabelDrop
-                                    - labelkeep
-                                    - LabelKeep
-                                    - lowercase
-                                    - Lowercase
-                                    - uppercase
-                                    - Uppercase
-                                    - keepequal
-                                    - KeepEqual
-                                    - dropequal
-                                    - DropEqual
-                                    type: string
-                                  modulus:
-                                    format: int64
-                                    type: integer
-                                  regex:
-                                    type: string
-                                  replacement:
-                                    type: string
-                                  separator:
-                                    type: string
-                                  sourceLabels:
-                                    items:
-                                      pattern: ^[a-zA-Z_][a-zA-Z0-9_]*$
-                                      type: string
-                                    type: array
-                                  targetLabel:
-                                    type: string
-                                type: object
+                                type: string
                               type: array
-                            scheme:
-                              enum:
-                              - http
-                              - https
-                              type: string
-                            scrapeTimeout:
-                              pattern: ^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$
-                              type: string
-                            targetPort:
-                              anyOf:
-                              - type: integer
-                              - type: string
-                              x-kubernetes-int-or-string: true
                             tlsConfig:
                               properties:
                                 ca:
@@ -733,8 +642,6 @@ spec:
                                       type: object
                                       x-kubernetes-map-type: atomic
                                   type: object
-                                caFile:
-                                  type: string
                                 cert:
                                   properties:
                                     configMap:
@@ -764,12 +671,8 @@ spec:
                                       type: object
                                       x-kubernetes-map-type: atomic
                                   type: object
-                                certFile:
-                                  type: string
                                 insecureSkipVerify:
                                   type: boolean
-                                keyFile:
-                                  type: string
                                 keySecret:
                                   properties:
                                     key:
@@ -800,573 +703,329 @@ spec:
                                 serverName:
                                   type: string
                               type: object
-                            trackTimestampsStaleness:
-                              type: boolean
+                            tokenUrl:
+                              minLength: 1
+                              type: string
+                          required:
+                          - clientId
+                          - clientSecret
+                          - tokenUrl
                           type: object
-                        type: array
-                      labels:
-                        additionalProperties:
-                          type: string
-                        type: object
-                      namespaceSelector:
-                        properties:
-                          any:
-                            type: boolean
-                          matchNames:
+                        params:
+                          additionalProperties:
                             items:
                               type: string
                             type: array
-                        type: object
-                    type: object
-                type: object
-              replicas:
-                format: int32
-                type: integer
-              sidecarVolumes:
-                items:
-                  properties:
-                    awsElasticBlockStore:
-                      properties:
-                        fsType:
-                          type: string
-                        partition:
-                          format: int32
-                          type: integer
-                        readOnly:
-                          type: boolean
-                        volumeID:
-                          type: string
-                      required:
-                      - volumeID
-                      type: object
-                    azureDisk:
-                      properties:
-                        cachingMode:
-                          type: string
-                        diskName:
-                          type: string
-                        diskURI:
-                          type: string
-                        fsType:
-                          default: ext4
-                          type: string
-                        kind:
-                          type: string
-                        readOnly:
-                          default: false
-                          type: boolean
-                      required:
-                      - diskName
-                      - diskURI
-                      type: object
-                    azureFile:
-                      properties:
-                        readOnly:
-                          type: boolean
-                        secretName:
-                          type: string
-                        shareName:
-                          type: string
-                      required:
-                      - secretName
-                      - shareName
-                      type: object
-                    cephfs:
-                      properties:
-                        monitors:
-                          items:
-                            type: string
-                          type: array
-                          x-kubernetes-list-type: atomic
+                          type: object
                         path:
                           type: string
-                        readOnly:
-                          type: boolean
-                        secretFile:
+                        port:
                           type: string
-                        secretRef:
-                          properties:
-                            name:
-                              default: ""
-                              type: string
+                        proxyConnectHeader:
+                          additionalProperties:
+                            items:
+                              properties:
+                                key:
+                                  type: string
+                                name:
+                                  default: ""
+                                  type: string
+                                optional:
+                                  type: boolean
+                              required:
+                              - key
+                              type: object
+                              x-kubernetes-map-type: atomic
+                            type: array
                           type: object
                           x-kubernetes-map-type: atomic
-                        user:
-                          type: string
-                      required:
-                      - monitors
-                      type: object
-                    cinder:
-                      properties:
-                        fsType:
-                          type: string
-                        readOnly:
+                        proxyFromEnvironment:
                           type: boolean
-                        secretRef:
-                          properties:
-                            name:
-                              default: ""
-                              type: string
-                          type: object
-                          x-kubernetes-map-type: atomic
-                        volumeID:
+                        proxyUrl:
+                          pattern: ^(http|https|socks5)://.+$
                           type: string
-                      required:
-                      - volumeID
-                      type: object
-                    configMap:
-                      properties:
-                        defaultMode:
-                          format: int32
-                          type: integer
-                        items:
+                        relabelings:
                           items:
                             properties:
-                              key:
+                              action:
+                                default: replace
+                                enum:
+                                - replace
+                                - Replace
+                                - keep
+                                - Keep
+                                - drop
+                                - Drop
+                                - hashmod
+                                - HashMod
+                                - labelmap
+                                - LabelMap
+                                - labeldrop
+                                - LabelDrop
+                                - labelkeep
+                                - LabelKeep
+                                - lowercase
+                                - Lowercase
+                                - uppercase
+                                - Uppercase
+                                - keepequal
+                                - KeepEqual
+                                - dropequal
+                                - DropEqual
                                 type: string
-                              mode:
-                                format: int32
+                              modulus:
+                                format: int64
                                 type: integer
-                              path:
+                              regex:
                                 type: string
-                            required:
-                            - key
-                            - path
-                            type: object
-                          type: array
-                          x-kubernetes-list-type: atomic
-                        name:
-                          default: ""
-                          type: string
-                        optional:
-                          type: boolean
-                      type: object
-                      x-kubernetes-map-type: atomic
-                    csi:
-                      properties:
-                        driver:
-                          type: string
-                        fsType:
-                          type: string
-                        nodePublishSecretRef:
-                          properties:
-                            name:
-                              default: ""
-                              type: string
-                          type: object
-                          x-kubernetes-map-type: atomic
-                        readOnly:
-                          type: boolean
-                        volumeAttributes:
-                          additionalProperties:
-                            type: string
-                          type: object
-                      required:
-                      - driver
-                      type: object
-                    downwardAPI:
-                      properties:
-                        defaultMode:
-                          format: int32
-                          type: integer
-                        items:
-                          items:
-                            properties:
-                              fieldRef:
-                                properties:
-                                  apiVersion:
-                                    type: string
-                                  fieldPath:
-                                    type: string
-                                required:
-                                - fieldPath
-                                type: object
-                                x-kubernetes-map-type: atomic
-                              mode:
-                                format: int32
-                                type: integer
-                              path:
+                              replacement:
+                                type: string
+                              separator:
+                                type: string
+                              sourceLabels:
+                                items:
+                                  pattern: ^[a-zA-Z_][a-zA-Z0-9_]*$
+                                  type: string
+                                type: array
+                              targetLabel:
                                 type: string
-                              resourceFieldRef:
-                                properties:
-                                  containerName:
-                                    type: string
-                                  divisor:
-                                    anyOf:
-                                    - type: integer
-                                    - type: string
-                                    pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
-                                    x-kubernetes-int-or-string: true
-                                  resource:
-                                    type: string
-                                required:
-                                - resource
-                                type: object
-                                x-kubernetes-map-type: atomic
-                            required:
-                            - path
                             type: object
                           type: array
-                          x-kubernetes-list-type: atomic
-                      type: object
-                    emptyDir:
-                      properties:
-                        medium:
+                        scheme:
+                          enum:
+                          - http
+                          - https
                           type: string
-                        sizeLimit:
+                        scrapeTimeout:
+                          pattern: ^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$
+                          type: string
+                        targetPort:
                           anyOf:
                           - type: integer
                           - type: string
-                          pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
                           x-kubernetes-int-or-string: true
-                      type: object
-                    ephemeral:
-                      properties:
-                        volumeClaimTemplate:
+                        tlsConfig:
                           properties:
-                            metadata:
-                              type: object
-                            spec:
+                            ca:
                               properties:
-                                accessModes:
-                                  items:
-                                    type: string
-                                  type: array
-                                  x-kubernetes-list-type: atomic
-                                dataSource:
+                                configMap:
                                   properties:
-                                    apiGroup:
-                                      type: string
-                                    kind:
+                                    key:
                                       type: string
                                     name:
+                                      default: ""
                                       type: string
+                                    optional:
+                                      type: boolean
                                   required:
-                                  - kind
-                                  - name
+                                  - key
                                   type: object
                                   x-kubernetes-map-type: atomic
-                                dataSourceRef:
+                                secret:
                                   properties:
-                                    apiGroup:
-                                      type: string
-                                    kind:
+                                    key:
                                       type: string
                                     name:
+                                      default: ""
                                       type: string
-                                    namespace:
-                                      type: string
+                                    optional:
+                                      type: boolean
                                   required:
-                                  - kind
-                                  - name
+                                  - key
                                   type: object
-                                resources:
+                                  x-kubernetes-map-type: atomic
+                              type: object
+                            caFile:
+                              type: string
+                            cert:
+                              properties:
+                                configMap:
                                   properties:
-                                    limits:
-                                      additionalProperties:
-                                        anyOf:
-                                        - type: integer
-                                        - type: string
-                                        pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
-                                        x-kubernetes-int-or-string: true
-                                      type: object
-                                    requests:
-                                      additionalProperties:
-                                        anyOf:
-                                        - type: integer
-                                        - type: string
-                                        pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
-                                        x-kubernetes-int-or-string: true
-                                      type: object
+                                    key:
+                                      type: string
+                                    name:
+                                      default: ""
+                                      type: string
+                                    optional:
+                                      type: boolean
+                                  required:
+                                  - key
                                   type: object
-                                selector:
+                                  x-kubernetes-map-type: atomic
+                                secret:
                                   properties:
-                                    matchExpressions:
-                                      items:
-                                        properties:
-                                          key:
-                                            type: string
-                                          operator:
-                                            type: string
-                                          values:
-                                            items:
-                                              type: string
-                                            type: array
-                                            x-kubernetes-list-type: atomic
-                                        required:
-                                        - key
-                                        - operator
-                                        type: object
-                                      type: array
-                                      x-kubernetes-list-type: atomic
-                                    matchLabels:
-                                      additionalProperties:
-                                        type: string
-                                      type: object
+                                    key:
+                                      type: string
+                                    name:
+                                      default: ""
+                                      type: string
+                                    optional:
+                                      type: boolean
+                                  required:
+                                  - key
                                   type: object
                                   x-kubernetes-map-type: atomic
-                                storageClassName:
-                                  type: string
-                                volumeAttributesClassName:
-                                  type: string
-                                volumeMode:
+                              type: object
+                            certFile:
+                              type: string
+                            insecureSkipVerify:
+                              type: boolean
+                            keyFile:
+                              type: string
+                            keySecret:
+                              properties:
+                                key:
                                   type: string
-                                volumeName:
+                                name:
+                                  default: ""
                                   type: string
+                                optional:
+                                  type: boolean
+                              required:
+                              - key
                               type: object
-                          required:
-                          - spec
+                              x-kubernetes-map-type: atomic
+                            maxVersion:
+                              enum:
+                              - TLS10
+                              - TLS11
+                              - TLS12
+                              - TLS13
+                              type: string
+                            minVersion:
+                              enum:
+                              - TLS10
+                              - TLS11
+                              - TLS12
+                              - TLS13
+                              type: string
+                            serverName:
+                              type: string
                           type: object
+                        trackTimestampsStaleness:
+                          type: boolean
                       type: object
-                    fc:
-                      properties:
-                        fsType:
+                    type: array
+                  labels:
+                    additionalProperties:
+                      type: string
+                    type: object
+                  namespaceSelector:
+                    properties:
+                      any:
+                        type: boolean
+                      matchNames:
+                        items:
                           type: string
-                        lun:
-                          format: int32
-                          type: integer
-                        readOnly:
-                          type: boolean
-                        targetWWNs:
+                        type: array
+                    type: object
+                type: object
+              sidecar:
+                properties:
+                  containers:
+                    items:
+                      properties:
+                        args:
                           items:
                             type: string
                           type: array
                           x-kubernetes-list-type: atomic
-                        wwids:
+                        command:
                           items:
                             type: string
                           type: array
                           x-kubernetes-list-type: atomic
-                      type: object
-                    flexVolume:
-                      properties:
-                        driver:
-                          type: string
-                        fsType:
-                          type: string
-                        options:
-                          additionalProperties:
-                            type: string
-                          type: object
-                        readOnly:
-                          type: boolean
-                        secretRef:
-                          properties:
-                            name:
-                              default: ""
-                              type: string
-                          type: object
-                          x-kubernetes-map-type: atomic
-                      required:
-                      - driver
-                      type: object
-                    flocker:
-                      properties:
-                        datasetName:
-                          type: string
-                        datasetUUID:
-                          type: string
-                      type: object
-                    gcePersistentDisk:
-                      properties:
-                        fsType:
-                          type: string
-                        partition:
-                          format: int32
-                          type: integer
-                        pdName:
-                          type: string
-                        readOnly:
-                          type: boolean
-                      required:
-                      - pdName
-                      type: object
-                    gitRepo:
-                      properties:
-                        directory:
-                          type: string
-                        repository:
-                          type: string
-                        revision:
-                          type: string
-                      required:
-                      - repository
-                      type: object
-                    glusterfs:
-                      properties:
-                        endpoints:
-                          type: string
-                        path:
-                          type: string
-                        readOnly:
-                          type: boolean
-                      required:
-                      - endpoints
-                      - path
-                      type: object
-                    hostPath:
-                      properties:
-                        path:
-                          type: string
-                        type:
-                          type: string
-                      required:
-                      - path
-                      type: object
-                    image:
-                      properties:
-                        pullPolicy:
-                          type: string
-                        reference:
-                          type: string
-                      type: object
-                    iscsi:
-                      properties:
-                        chapAuthDiscovery:
-                          type: boolean
-                        chapAuthSession:
-                          type: boolean
-                        fsType:
-                          type: string
-                        initiatorName:
-                          type: string
-                        iqn:
-                          type: string
-                        iscsiInterface:
-                          default: default
-                          type: string
-                        lun:
-                          format: int32
-                          type: integer
-                        portals:
-                          items:
-                            type: string
-                          type: array
-                          x-kubernetes-list-type: atomic
-                        readOnly:
-                          type: boolean
-                        secretRef:
-                          properties:
-                            name:
-                              default: ""
-                              type: string
-                          type: object
-                          x-kubernetes-map-type: atomic
-                        targetPortal:
-                          type: string
-                      required:
-                      - iqn
-                      - lun
-                      - targetPortal
-                      type: object
-                    name:
-                      type: string
-                    nfs:
-                      properties:
-                        path:
-                          type: string
-                        readOnly:
-                          type: boolean
-                        server:
-                          type: string
-                      required:
-                      - path
-                      - server
-                      type: object
-                    persistentVolumeClaim:
-                      properties:
-                        claimName:
-                          type: string
-                        readOnly:
-                          type: boolean
-                      required:
-                      - claimName
-                      type: object
-                    photonPersistentDisk:
-                      properties:
-                        fsType:
-                          type: string
-                        pdID:
-                          type: string
-                      required:
-                      - pdID
-                      type: object
-                    portworxVolume:
-                      properties:
-                        fsType:
-                          type: string
-                        readOnly:
-                          type: boolean
-                        volumeID:
-                          type: string
-                      required:
-                      - volumeID
-                      type: object
-                    projected:
-                      properties:
-                        defaultMode:
-                          format: int32
-                          type: integer
-                        sources:
+                        env:
                           items:
                             properties:
-                              clusterTrustBundle:
+                              name:
+                                type: string
+                              value:
+                                type: string
+                              valueFrom:
                                 properties:
-                                  labelSelector:
+                                  configMapKeyRef:
                                     properties:
-                                      matchExpressions:
-                                        items:
-                                          properties:
-                                            key:
-                                              type: string
-                                            operator:
-                                              type: string
-                                            values:
-                                              items:
-                                                type: string
-                                              type: array
-                                              x-kubernetes-list-type: atomic
-                                          required:
-                                          - key
-                                          - operator
-                                          type: object
-                                        type: array
-                                        x-kubernetes-list-type: atomic
-                                      matchLabels:
-                                        additionalProperties:
-                                          type: string
-                                        type: object
+                                      key:
+                                        type: string
+                                      name:
+                                        default: ""
+                                        type: string
+                                      optional:
+                                        type: boolean
+                                    required:
+                                    - key
+                                    type: object
+                                    x-kubernetes-map-type: atomic
+                                  fieldRef:
+                                    properties:
+                                      apiVersion:
+                                        type: string
+                                      fieldPath:
+                                        type: string
+                                    required:
+                                    - fieldPath
+                                    type: object
+                                    x-kubernetes-map-type: atomic
+                                  fileKeyRef:
+                                    properties:
+                                      key:
+                                        type: string
+                                      optional:
+                                        default: false
+                                        type: boolean
+                                      path:
+                                        type: string
+                                      volumeName:
+                                        type: string
+                                    required:
+                                    - key
+                                    - path
+                                    - volumeName
+                                    type: object
+                                    x-kubernetes-map-type: atomic
+                                  resourceFieldRef:
+                                    properties:
+                                      containerName:
+                                        type: string
+                                      divisor:
+                                        anyOf:
+                                        - type: integer
+                                        - type: string
+                                        pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+                                        x-kubernetes-int-or-string: true
+                                      resource:
+                                        type: string
+                                    required:
+                                    - resource
+                                    type: object
+                                    x-kubernetes-map-type: atomic
+                                  secretKeyRef:
+                                    properties:
+                                      key:
+                                        type: string
+                                      name:
+                                        default: ""
+                                        type: string
+                                      optional:
+                                        type: boolean
+                                    required:
+                                    - key
                                     type: object
                                     x-kubernetes-map-type: atomic
-                                  name:
-                                    type: string
-                                  optional:
-                                    type: boolean
-                                  path:
-                                    type: string
-                                  signerName:
-                                    type: string
-                                required:
-                                - path
                                 type: object
-                              configMap:
+                            required:
+                            - name
+                            type: object
+                          type: array
+                          x-kubernetes-list-map-keys:
+                          - name
+                          x-kubernetes-list-type: map
+                        envFrom:
+                          items:
+                            properties:
+                              configMapRef:
                                 properties:
-                                  items:
-                                    items:
-                                      properties:
-                                        key:
-                                          type: string
-                                        mode:
-                                          format: int32
-                                          type: integer
-                                        path:
-                                          type: string
-                                      required:
-                                      - key
-                                      - path
-                                      type: object
-                                    type: array
-                                    x-kubernetes-list-type: atomic
                                   name:
                                     default: ""
                                     type: string
@@ -1374,66 +1033,10 @@ spec:
                                     type: boolean
                                 type: object
                                 x-kubernetes-map-type: atomic
-                              downwardAPI:
-                                properties:
-                                  items:
-                                    items:
-                                      properties:
-                                        fieldRef:
-                                          properties:
-                                            apiVersion:
-                                              type: string
-                                            fieldPath:
-                                              type: string
-                                          required:
-                                          - fieldPath
-                                          type: object
-                                          x-kubernetes-map-type: atomic
-                                        mode:
-                                          format: int32
-                                          type: integer
-                                        path:
-                                          type: string
-                                        resourceFieldRef:
-                                          properties:
-                                            containerName:
-                                              type: string
-                                            divisor:
-                                              anyOf:
-                                              - type: integer
-                                              - type: string
-                                              pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
-                                              x-kubernetes-int-or-string: true
-                                            resource:
-                                              type: string
-                                          required:
-                                          - resource
-                                          type: object
-                                          x-kubernetes-map-type: atomic
-                                      required:
-                                      - path
-                                      type: object
-                                    type: array
-                                    x-kubernetes-list-type: atomic
-                                type: object
-                              secret:
+                              prefix:
+                                type: string
+                              secretRef:
                                 properties:
-                                  items:
-                                    items:
-                                      properties:
-                                        key:
-                                          type: string
-                                        mode:
-                                          format: int32
-                                          type: integer
-                                        path:
-                                          type: string
-                                      required:
-                                      - key
-                                      - path
-                                      type: object
-                                    type: array
-                                    x-kubernetes-list-type: atomic
                                   name:
                                     default: ""
                                     type: string
@@ -1441,283 +1044,139 @@ spec:
                                     type: boolean
                                 type: object
                                 x-kubernetes-map-type: atomic
-                              serviceAccountToken:
-                                properties:
-                                  audience:
-                                    type: string
-                                  expirationSeconds:
-                                    format: int64
-                                    type: integer
-                                  path:
-                                    type: string
-                                required:
-                                - path
-                                type: object
                             type: object
                           type: array
                           x-kubernetes-list-type: atomic
-                      type: object
-                    quobyte:
-                      properties:
-                        group:
-                          type: string
-                        readOnly:
-                          type: boolean
-                        registry:
-                          type: string
-                        tenant:
-                          type: string
-                        user:
-                          type: string
-                        volume:
-                          type: string
-                      required:
-                      - registry
-                      - volume
-                      type: object
-                    rbd:
-                      properties:
-                        fsType:
-                          type: string
                         image:
                           type: string
-                        keyring:
-                          default: /etc/ceph/keyring
-                          type: string
-                        monitors:
-                          items:
-                            type: string
-                          type: array
-                          x-kubernetes-list-type: atomic
-                        pool:
-                          default: rbd
-                          type: string
-                        readOnly:
-                          type: boolean
-                        secretRef:
-                          properties:
-                            name:
-                              default: ""
-                              type: string
-                          type: object
-                          x-kubernetes-map-type: atomic
-                        user:
-                          default: admin
-                          type: string
-                      required:
-                      - image
-                      - monitors
-                      type: object
-                    scaleIO:
-                      properties:
-                        fsType:
-                          default: xfs
-                          type: string
-                        gateway:
-                          type: string
-                        protectionDomain:
+                        imagePullPolicy:
                           type: string
-                        readOnly:
-                          type: boolean
-                        secretRef:
+                        lifecycle:
                           properties:
-                            name:
-                              default: ""
-                              type: string
-                          type: object
-                          x-kubernetes-map-type: atomic
-                        sslEnabled:
-                          type: boolean
-                        storageMode:
-                          default: ThinProvisioned
-                          type: string
-                        storagePool:
-                          type: string
-                        system:
-                          type: string
-                        volumeName:
-                          type: string
-                      required:
-                      - gateway
-                      - secretRef
-                      - system
-                      type: object
-                    secret:
-                      properties:
-                        defaultMode:
-                          format: int32
-                          type: integer
-                        items:
-                          items:
-                            properties:
-                              key:
-                                type: string
-                              mode:
-                                format: int32
-                                type: integer
-                              path:
-                                type: string
-                            required:
-                            - key
-                            - path
-                            type: object
-                          type: array
-                          x-kubernetes-list-type: atomic
-                        optional:
-                          type: boolean
-                        secretName:
-                          type: string
-                      type: object
-                    storageos:
-                      properties:
-                        fsType:
-                          type: string
-                        readOnly:
-                          type: boolean
-                        secretRef:
-                          properties:
-                            name:
-                              default: ""
+                            postStart:
+                              properties:
+                                exec:
+                                  properties:
+                                    command:
+                                      items:
+                                        type: string
+                                      type: array
+                                      x-kubernetes-list-type: atomic
+                                  type: object
+                                httpGet:
+                                  properties:
+                                    host:
+                                      type: string
+                                    httpHeaders:
+                                      items:
+                                        properties:
+                                          name:
+                                            type: string
+                                          value:
+                                            type: string
+                                        required:
+                                        - name
+                                        - value
+                                        type: object
+                                      type: array
+                                      x-kubernetes-list-type: atomic
+                                    path:
+                                      type: string
+                                    port:
+                                      anyOf:
+                                      - type: integer
+                                      - type: string
+                                      x-kubernetes-int-or-string: true
+                                    scheme:
+                                      type: string
+                                  required:
+                                  - port
+                                  type: object
+                                sleep:
+                                  properties:
+                                    seconds:
+                                      format: int64
+                                      type: integer
+                                  required:
+                                  - seconds
+                                  type: object
+                                tcpSocket:
+                                  properties:
+                                    host:
+                                      type: string
+                                    port:
+                                      anyOf:
+                                      - type: integer
+                                      - type: string
+                                      x-kubernetes-int-or-string: true
+                                  required:
+                                  - port
+                                  type: object
+                              type: object
+                            preStop:
+                              properties:
+                                exec:
+                                  properties:
+                                    command:
+                                      items:
+                                        type: string
+                                      type: array
+                                      x-kubernetes-list-type: atomic
+                                  type: object
+                                httpGet:
+                                  properties:
+                                    host:
+                                      type: string
+                                    httpHeaders:
+                                      items:
+                                        properties:
+                                          name:
+                                            type: string
+                                          value:
+                                            type: string
+                                        required:
+                                        - name
+                                        - value
+                                        type: object
+                                      type: array
+                                      x-kubernetes-list-type: atomic
+                                    path:
+                                      type: string
+                                    port:
+                                      anyOf:
+                                      - type: integer
+                                      - type: string
+                                      x-kubernetes-int-or-string: true
+                                    scheme:
+                                      type: string
+                                  required:
+                                  - port
+                                  type: object
+                                sleep:
+                                  properties:
+                                    seconds:
+                                      format: int64
+                                      type: integer
+                                  required:
+                                  - seconds
+                                  type: object
+                                tcpSocket:
+                                  properties:
+                                    host:
+                                      type: string
+                                    port:
+                                      anyOf:
+                                      - type: integer
+                                      - type: string
+                                      x-kubernetes-int-or-string: true
+                                  required:
+                                  - port
+                                  type: object
+                              type: object
+                            stopSignal:
                               type: string
                           type: object
-                          x-kubernetes-map-type: atomic
-                        volumeName:
-                          type: string
-                        volumeNamespace:
-                          type: string
-                      type: object
-                    vsphereVolume:
-                      properties:
-                        fsType:
-                          type: string
-                        storagePolicyID:
-                          type: string
-                        storagePolicyName:
-                          type: string
-                        volumePath:
-                          type: string
-                      required:
-                      - volumePath
-                      type: object
-                  required:
-                  - name
-                  type: object
-                type: array
-              sidecars:
-                items:
-                  properties:
-                    args:
-                      items:
-                        type: string
-                      type: array
-                      x-kubernetes-list-type: atomic
-                    command:
-                      items:
-                        type: string
-                      type: array
-                      x-kubernetes-list-type: atomic
-                    env:
-                      items:
-                        properties:
-                          name:
-                            type: string
-                          value:
-                            type: string
-                          valueFrom:
-                            properties:
-                              configMapKeyRef:
-                                properties:
-                                  key:
-                                    type: string
-                                  name:
-                                    default: ""
-                                    type: string
-                                  optional:
-                                    type: boolean
-                                required:
-                                - key
-                                type: object
-                                x-kubernetes-map-type: atomic
-                              fieldRef:
-                                properties:
-                                  apiVersion:
-                                    type: string
-                                  fieldPath:
-                                    type: string
-                                required:
-                                - fieldPath
-                                type: object
-                                x-kubernetes-map-type: atomic
-                              resourceFieldRef:
-                                properties:
-                                  containerName:
-                                    type: string
-                                  divisor:
-                                    anyOf:
-                                    - type: integer
-                                    - type: string
-                                    pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
-                                    x-kubernetes-int-or-string: true
-                                  resource:
-                                    type: string
-                                required:
-                                - resource
-                                type: object
-                                x-kubernetes-map-type: atomic
-                              secretKeyRef:
-                                properties:
-                                  key:
-                                    type: string
-                                  name:
-                                    default: ""
-                                    type: string
-                                  optional:
-                                    type: boolean
-                                required:
-                                - key
-                                type: object
-                                x-kubernetes-map-type: atomic
-                            type: object
-                        required:
-                        - name
-                        type: object
-                      type: array
-                      x-kubernetes-list-map-keys:
-                      - name
-                      x-kubernetes-list-type: map
-                    envFrom:
-                      items:
-                        properties:
-                          configMapRef:
-                            properties:
-                              name:
-                                default: ""
-                                type: string
-                              optional:
-                                type: boolean
-                            type: object
-                            x-kubernetes-map-type: atomic
-                          prefix:
-                            type: string
-                          secretRef:
-                            properties:
-                              name:
-                                default: ""
-                                type: string
-                              optional:
-                                type: boolean
-                            type: object
-                            x-kubernetes-map-type: atomic
-                        type: object
-                      type: array
-                      x-kubernetes-list-type: atomic
-                    image:
-                      type: string
-                    imagePullPolicy:
-                      type: string
-                    lifecycle:
-                      properties:
-                        postStart:
+                        livenessProbe:
                           properties:
                             exec:
                               properties:
@@ -1727,6 +1186,20 @@ spec:
                                   type: array
                                   x-kubernetes-list-type: atomic
                               type: object
+                            failureThreshold:
+                              format: int32
+                              type: integer
+                            grpc:
+                              properties:
+                                port:
+                                  format: int32
+                                  type: integer
+                                service:
+                                  default: ""
+                                  type: string
+                              required:
+                              - port
+                              type: object
                             httpGet:
                               properties:
                                 host:
@@ -1756,14 +1229,15 @@ spec:
                               required:
                               - port
                               type: object
-                            sleep:
-                              properties:
-                                seconds:
-                                  format: int64
-                                  type: integer
-                              required:
-                              - seconds
-                              type: object
+                            initialDelaySeconds:
+                              format: int32
+                              type: integer
+                            periodSeconds:
+                              format: int32
+                              type: integer
+                            successThreshold:
+                              format: int32
+                              type: integer
                             tcpSocket:
                               properties:
                                 host:
@@ -1776,8 +1250,40 @@ spec:
                               required:
                               - port
                               type: object
+                            terminationGracePeriodSeconds:
+                              format: int64
+                              type: integer
+                            timeoutSeconds:
+                              format: int32
+                              type: integer
                           type: object
-                        preStop:
+                        name:
+                          type: string
+                        ports:
+                          items:
+                            properties:
+                              containerPort:
+                                format: int32
+                                type: integer
+                              hostIP:
+                                type: string
+                              hostPort:
+                                format: int32
+                                type: integer
+                              name:
+                                type: string
+                              protocol:
+                                default: TCP
+                                type: string
+                            required:
+                            - containerPort
+                            type: object
+                          type: array
+                          x-kubernetes-list-map-keys:
+                          - containerPort
+                          - protocol
+                          x-kubernetes-list-type: map
+                        readinessProbe:
                           properties:
                             exec:
                               properties:
@@ -1787,6 +1293,20 @@ spec:
                                   type: array
                                   x-kubernetes-list-type: atomic
                               type: object
+                            failureThreshold:
+                              format: int32
+                              type: integer
+                            grpc:
+                              properties:
+                                port:
+                                  format: int32
+                                  type: integer
+                                service:
+                                  default: ""
+                                  type: string
+                              required:
+                              - port
+                              type: object
                             httpGet:
                               properties:
                                 host:
@@ -1816,14 +1336,15 @@ spec:
                               required:
                               - port
                               type: object
-                            sleep:
-                              properties:
-                                seconds:
-                                  format: int64
-                                  type: integer
-                              required:
-                              - seconds
-                              type: object
+                            initialDelaySeconds:
+                              format: int32
+                              type: integer
+                            periodSeconds:
+                              format: int32
+                              type: integer
+                            successThreshold:
+                              format: int32
+                              type: integer
                             tcpSocket:
                               properties:
                                 host:
@@ -1836,513 +1357,1172 @@ spec:
                               required:
                               - port
                               type: object
-                          type: object
-                      type: object
-                    livenessProbe:
-                      properties:
-                        exec:
-                          properties:
-                            command:
-                              items:
-                                type: string
-                              type: array
-                              x-kubernetes-list-type: atomic
-                          type: object
-                        failureThreshold:
-                          format: int32
-                          type: integer
-                        grpc:
-                          properties:
-                            port:
+                            terminationGracePeriodSeconds:
+                              format: int64
+                              type: integer
+                            timeoutSeconds:
                               format: int32
                               type: integer
-                            service:
-                              default: ""
-                              type: string
-                          required:
-                          - port
                           type: object
-                        httpGet:
+                        resizePolicy:
+                          items:
+                            properties:
+                              resourceName:
+                                type: string
+                              restartPolicy:
+                                type: string
+                            required:
+                            - resourceName
+                            - restartPolicy
+                            type: object
+                          type: array
+                          x-kubernetes-list-type: atomic
+                        resources:
                           properties:
-                            host:
-                              type: string
-                            httpHeaders:
+                            claims:
                               items:
                                 properties:
                                   name:
                                     type: string
-                                  value:
+                                  request:
                                     type: string
                                 required:
                                 - name
-                                - value
                                 type: object
                               type: array
-                              x-kubernetes-list-type: atomic
-                            path:
-                              type: string
-                            port:
-                              anyOf:
-                              - type: integer
-                              - type: string
-                              x-kubernetes-int-or-string: true
-                            scheme:
-                              type: string
-                          required:
-                          - port
+                              x-kubernetes-list-map-keys:
+                              - name
+                              x-kubernetes-list-type: map
+                            limits:
+                              additionalProperties:
+                                anyOf:
+                                - type: integer
+                                - type: string
+                                pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+                                x-kubernetes-int-or-string: true
+                              type: object
+                            requests:
+                              additionalProperties:
+                                anyOf:
+                                - type: integer
+                                - type: string
+                                pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+                                x-kubernetes-int-or-string: true
+                              type: object
                           type: object
-                        initialDelaySeconds:
-                          format: int32
-                          type: integer
-                        periodSeconds:
-                          format: int32
-                          type: integer
-                        successThreshold:
-                          format: int32
-                          type: integer
-                        tcpSocket:
-                          properties:
-                            host:
-                              type: string
-                            port:
-                              anyOf:
-                              - type: integer
-                              - type: string
-                              x-kubernetes-int-or-string: true
-                          required:
-                          - port
-                          type: object
-                        terminationGracePeriodSeconds:
-                          format: int64
-                          type: integer
-                        timeoutSeconds:
-                          format: int32
-                          type: integer
-                      type: object
-                    name:
-                      type: string
-                    ports:
-                      items:
-                        properties:
-                          containerPort:
-                            format: int32
-                            type: integer
-                          hostIP:
-                            type: string
-                          hostPort:
-                            format: int32
-                            type: integer
-                          name:
-                            type: string
-                          protocol:
-                            default: TCP
-                            type: string
-                        required:
-                        - containerPort
-                        type: object
-                      type: array
-                      x-kubernetes-list-map-keys:
-                      - containerPort
-                      - protocol
-                      x-kubernetes-list-type: map
-                    readinessProbe:
-                      properties:
-                        exec:
-                          properties:
-                            command:
-                              items:
+                        restartPolicy:
+                          type: string
+                        restartPolicyRules:
+                          items:
+                            properties:
+                              action:
                                 type: string
-                              type: array
-                              x-kubernetes-list-type: atomic
-                          type: object
-                        failureThreshold:
-                          format: int32
-                          type: integer
-                        grpc:
-                          properties:
-                            port:
-                              format: int32
-                              type: integer
-                            service:
-                              default: ""
-                              type: string
-                          required:
-                          - port
-                          type: object
-                        httpGet:
-                          properties:
-                            host:
-                              type: string
-                            httpHeaders:
-                              items:
+                              exitCodes:
                                 properties:
-                                  name:
-                                    type: string
-                                  value:
+                                  operator:
                                     type: string
+                                  values:
+                                    items:
+                                      format: int32
+                                      type: integer
+                                    type: array
+                                    x-kubernetes-list-type: set
                                 required:
-                                - name
-                                - value
+                                - operator
                                 type: object
-                              type: array
-                              x-kubernetes-list-type: atomic
-                            path:
-                              type: string
-                            port:
-                              anyOf:
-                              - type: integer
-                              - type: string
-                              x-kubernetes-int-or-string: true
-                            scheme:
+                            required:
+                            - action
+                            type: object
+                          type: array
+                          x-kubernetes-list-type: atomic
+                        securityContext:
+                          properties:
+                            allowPrivilegeEscalation:
+                              type: boolean
+                            appArmorProfile:
+                              properties:
+                                localhostProfile:
+                                  type: string
+                                type:
+                                  type: string
+                              required:
+                              - type
+                              type: object
+                            capabilities:
+                              properties:
+                                add:
+                                  items:
+                                    type: string
+                                  type: array
+                                  x-kubernetes-list-type: atomic
+                                drop:
+                                  items:
+                                    type: string
+                                  type: array
+                                  x-kubernetes-list-type: atomic
+                              type: object
+                            privileged:
+                              type: boolean
+                            procMount:
                               type: string
-                          required:
-                          - port
+                            readOnlyRootFilesystem:
+                              type: boolean
+                            runAsGroup:
+                              format: int64
+                              type: integer
+                            runAsNonRoot:
+                              type: boolean
+                            runAsUser:
+                              format: int64
+                              type: integer
+                            seLinuxOptions:
+                              properties:
+                                level:
+                                  type: string
+                                role:
+                                  type: string
+                                type:
+                                  type: string
+                                user:
+                                  type: string
+                              type: object
+                            seccompProfile:
+                              properties:
+                                localhostProfile:
+                                  type: string
+                                type:
+                                  type: string
+                              required:
+                              - type
+                              type: object
+                            windowsOptions:
+                              properties:
+                                gmsaCredentialSpec:
+                                  type: string
+                                gmsaCredentialSpecName:
+                                  type: string
+                                hostProcess:
+                                  type: boolean
+                                runAsUserName:
+                                  type: string
+                              type: object
                           type: object
-                        initialDelaySeconds:
-                          format: int32
-                          type: integer
-                        periodSeconds:
-                          format: int32
-                          type: integer
-                        successThreshold:
-                          format: int32
-                          type: integer
-                        tcpSocket:
+                        startupProbe:
                           properties:
-                            host:
-                              type: string
-                            port:
-                              anyOf:
-                              - type: integer
-                              - type: string
-                              x-kubernetes-int-or-string: true
-                          required:
-                          - port
+                            exec:
+                              properties:
+                                command:
+                                  items:
+                                    type: string
+                                  type: array
+                                  x-kubernetes-list-type: atomic
+                              type: object
+                            failureThreshold:
+                              format: int32
+                              type: integer
+                            grpc:
+                              properties:
+                                port:
+                                  format: int32
+                                  type: integer
+                                service:
+                                  default: ""
+                                  type: string
+                              required:
+                              - port
+                              type: object
+                            httpGet:
+                              properties:
+                                host:
+                                  type: string
+                                httpHeaders:
+                                  items:
+                                    properties:
+                                      name:
+                                        type: string
+                                      value:
+                                        type: string
+                                    required:
+                                    - name
+                                    - value
+                                    type: object
+                                  type: array
+                                  x-kubernetes-list-type: atomic
+                                path:
+                                  type: string
+                                port:
+                                  anyOf:
+                                  - type: integer
+                                  - type: string
+                                  x-kubernetes-int-or-string: true
+                                scheme:
+                                  type: string
+                              required:
+                              - port
+                              type: object
+                            initialDelaySeconds:
+                              format: int32
+                              type: integer
+                            periodSeconds:
+                              format: int32
+                              type: integer
+                            successThreshold:
+                              format: int32
+                              type: integer
+                            tcpSocket:
+                              properties:
+                                host:
+                                  type: string
+                                port:
+                                  anyOf:
+                                  - type: integer
+                                  - type: string
+                                  x-kubernetes-int-or-string: true
+                              required:
+                              - port
+                              type: object
+                            terminationGracePeriodSeconds:
+                              format: int64
+                              type: integer
+                            timeoutSeconds:
+                              format: int32
+                              type: integer
                           type: object
-                        terminationGracePeriodSeconds:
-                          format: int64
-                          type: integer
-                        timeoutSeconds:
-                          format: int32
-                          type: integer
-                      type: object
-                    resizePolicy:
-                      items:
-                        properties:
-                          resourceName:
-                            type: string
-                          restartPolicy:
-                            type: string
-                        required:
-                        - resourceName
-                        - restartPolicy
-                        type: object
-                      type: array
-                      x-kubernetes-list-type: atomic
-                    resources:
-                      properties:
-                        claims:
+                        stdin:
+                          type: boolean
+                        stdinOnce:
+                          type: boolean
+                        terminationMessagePath:
+                          type: string
+                        terminationMessagePolicy:
+                          type: string
+                        tty:
+                          type: boolean
+                        volumeDevices:
+                          items:
+                            properties:
+                              devicePath:
+                                type: string
+                              name:
+                                type: string
+                            required:
+                            - devicePath
+                            - name
+                            type: object
+                          type: array
+                          x-kubernetes-list-map-keys:
+                          - devicePath
+                          x-kubernetes-list-type: map
+                        volumeMounts:
                           items:
                             properties:
+                              mountPath:
+                                type: string
+                              mountPropagation:
+                                type: string
                               name:
                                 type: string
-                              request:
+                              readOnly:
+                                type: boolean
+                              recursiveReadOnly:
+                                type: string
+                              subPath:
+                                type: string
+                              subPathExpr:
                                 type: string
                             required:
+                            - mountPath
                             - name
                             type: object
                           type: array
                           x-kubernetes-list-map-keys:
-                          - name
+                          - mountPath
                           x-kubernetes-list-type: map
-                        limits:
-                          additionalProperties:
-                            anyOf:
-                            - type: integer
-                            - type: string
-                            pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
-                            x-kubernetes-int-or-string: true
-                          type: object
-                        requests:
-                          additionalProperties:
-                            anyOf:
-                            - type: integer
-                            - type: string
-                            pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
-                            x-kubernetes-int-or-string: true
-                          type: object
+                        workingDir:
+                          type: string
+                      required:
+                      - name
                       type: object
-                    restartPolicy:
-                      type: string
-                    securityContext:
+                    type: array
+                  volumes:
+                    items:
                       properties:
-                        allowPrivilegeEscalation:
-                          type: boolean
-                        appArmorProfile:
+                        awsElasticBlockStore:
                           properties:
-                            localhostProfile:
+                            fsType:
                               type: string
-                            type:
+                            partition:
+                              format: int32
+                              type: integer
+                            readOnly:
+                              type: boolean
+                            volumeID:
                               type: string
                           required:
-                          - type
-                          type: object
-                        capabilities:
-                          properties:
-                            add:
-                              items:
-                                type: string
-                              type: array
-                              x-kubernetes-list-type: atomic
-                            drop:
-                              items:
-                                type: string
-                              type: array
-                              x-kubernetes-list-type: atomic
+                          - volumeID
                           type: object
-                        privileged:
-                          type: boolean
-                        procMount:
-                          type: string
-                        readOnlyRootFilesystem:
-                          type: boolean
-                        runAsGroup:
-                          format: int64
-                          type: integer
-                        runAsNonRoot:
-                          type: boolean
-                        runAsUser:
-                          format: int64
-                          type: integer
-                        seLinuxOptions:
+                        azureDisk:
                           properties:
-                            level:
-                              type: string
-                            role:
+                            cachingMode:
                               type: string
-                            type:
+                            diskName:
                               type: string
-                            user:
+                            diskURI:
                               type: string
-                          type: object
-                        seccompProfile:
-                          properties:
-                            localhostProfile:
+                            fsType:
+                              default: ext4
                               type: string
-                            type:
+                            kind:
                               type: string
+                            readOnly:
+                              default: false
+                              type: boolean
                           required:
-                          - type
+                          - diskName
+                          - diskURI
                           type: object
-                        windowsOptions:
+                        azureFile:
                           properties:
-                            gmsaCredentialSpec:
-                              type: string
-                            gmsaCredentialSpecName:
-                              type: string
-                            hostProcess:
+                            readOnly:
                               type: boolean
-                            runAsUserName:
+                            secretName:
                               type: string
+                            shareName:
+                              type: string
+                          required:
+                          - secretName
+                          - shareName
                           type: object
-                      type: object
-                    startupProbe:
-                      properties:
-                        exec:
+                        cephfs:
                           properties:
-                            command:
+                            monitors:
                               items:
                                 type: string
                               type: array
                               x-kubernetes-list-type: atomic
+                            path:
+                              type: string
+                            readOnly:
+                              type: boolean
+                            secretFile:
+                              type: string
+                            secretRef:
+                              properties:
+                                name:
+                                  default: ""
+                                  type: string
+                              type: object
+                              x-kubernetes-map-type: atomic
+                            user:
+                              type: string
+                          required:
+                          - monitors
                           type: object
-                        failureThreshold:
-                          format: int32
-                          type: integer
-                        grpc:
+                        cinder:
+                          properties:
+                            fsType:
+                              type: string
+                            readOnly:
+                              type: boolean
+                            secretRef:
+                              properties:
+                                name:
+                                  default: ""
+                                  type: string
+                              type: object
+                              x-kubernetes-map-type: atomic
+                            volumeID:
+                              type: string
+                          required:
+                          - volumeID
+                          type: object
+                        configMap:
                           properties:
-                            port:
+                            defaultMode:
                               format: int32
                               type: integer
-                            service:
+                            items:
+                              items:
+                                properties:
+                                  key:
+                                    type: string
+                                  mode:
+                                    format: int32
+                                    type: integer
+                                  path:
+                                    type: string
+                                required:
+                                - key
+                                - path
+                                type: object
+                              type: array
+                              x-kubernetes-list-type: atomic
+                            name:
                               default: ""
                               type: string
-                          required:
-                          - port
+                            optional:
+                              type: boolean
                           type: object
-                        httpGet:
+                          x-kubernetes-map-type: atomic
+                        csi:
                           properties:
-                            host:
+                            driver:
+                              type: string
+                            fsType:
                               type: string
-                            httpHeaders:
+                            nodePublishSecretRef:
+                              properties:
+                                name:
+                                  default: ""
+                                  type: string
+                              type: object
+                              x-kubernetes-map-type: atomic
+                            readOnly:
+                              type: boolean
+                            volumeAttributes:
+                              additionalProperties:
+                                type: string
+                              type: object
+                          required:
+                          - driver
+                          type: object
+                        downwardAPI:
+                          properties:
+                            defaultMode:
+                              format: int32
+                              type: integer
+                            items:
                               items:
                                 properties:
-                                  name:
-                                    type: string
-                                  value:
+                                  fieldRef:
+                                    properties:
+                                      apiVersion:
+                                        type: string
+                                      fieldPath:
+                                        type: string
+                                    required:
+                                    - fieldPath
+                                    type: object
+                                    x-kubernetes-map-type: atomic
+                                  mode:
+                                    format: int32
+                                    type: integer
+                                  path:
                                     type: string
+                                  resourceFieldRef:
+                                    properties:
+                                      containerName:
+                                        type: string
+                                      divisor:
+                                        anyOf:
+                                        - type: integer
+                                        - type: string
+                                        pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+                                        x-kubernetes-int-or-string: true
+                                      resource:
+                                        type: string
+                                    required:
+                                    - resource
+                                    type: object
+                                    x-kubernetes-map-type: atomic
                                 required:
-                                - name
-                                - value
+                                - path
                                 type: object
                               type: array
                               x-kubernetes-list-type: atomic
-                            path:
+                          type: object
+                        emptyDir:
+                          properties:
+                            medium:
                               type: string
-                            port:
+                            sizeLimit:
                               anyOf:
                               - type: integer
                               - type: string
+                              pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
                               x-kubernetes-int-or-string: true
-                            scheme:
+                          type: object
+                        ephemeral:
+                          properties:
+                            volumeClaimTemplate:
+                              properties:
+                                metadata:
+                                  type: object
+                                spec:
+                                  properties:
+                                    accessModes:
+                                      items:
+                                        type: string
+                                      type: array
+                                      x-kubernetes-list-type: atomic
+                                    dataSource:
+                                      properties:
+                                        apiGroup:
+                                          type: string
+                                        kind:
+                                          type: string
+                                        name:
+                                          type: string
+                                      required:
+                                      - kind
+                                      - name
+                                      type: object
+                                      x-kubernetes-map-type: atomic
+                                    dataSourceRef:
+                                      properties:
+                                        apiGroup:
+                                          type: string
+                                        kind:
+                                          type: string
+                                        name:
+                                          type: string
+                                        namespace:
+                                          type: string
+                                      required:
+                                      - kind
+                                      - name
+                                      type: object
+                                    resources:
+                                      properties:
+                                        limits:
+                                          additionalProperties:
+                                            anyOf:
+                                            - type: integer
+                                            - type: string
+                                            pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+                                            x-kubernetes-int-or-string: true
+                                          type: object
+                                        requests:
+                                          additionalProperties:
+                                            anyOf:
+                                            - type: integer
+                                            - type: string
+                                            pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+                                            x-kubernetes-int-or-string: true
+                                          type: object
+                                      type: object
+                                    selector:
+                                      properties:
+                                        matchExpressions:
+                                          items:
+                                            properties:
+                                              key:
+                                                type: string
+                                              operator:
+                                                type: string
+                                              values:
+                                                items:
+                                                  type: string
+                                                type: array
+                                                x-kubernetes-list-type: atomic
+                                            required:
+                                            - key
+                                            - operator
+                                            type: object
+                                          type: array
+                                          x-kubernetes-list-type: atomic
+                                        matchLabels:
+                                          additionalProperties:
+                                            type: string
+                                          type: object
+                                      type: object
+                                      x-kubernetes-map-type: atomic
+                                    storageClassName:
+                                      type: string
+                                    volumeAttributesClassName:
+                                      type: string
+                                    volumeMode:
+                                      type: string
+                                    volumeName:
+                                      type: string
+                                  type: object
+                              required:
+                              - spec
+                              type: object
+                          type: object
+                        fc:
+                          properties:
+                            fsType:
+                              type: string
+                            lun:
+                              format: int32
+                              type: integer
+                            readOnly:
+                              type: boolean
+                            targetWWNs:
+                              items:
+                                type: string
+                              type: array
+                              x-kubernetes-list-type: atomic
+                            wwids:
+                              items:
+                                type: string
+                              type: array
+                              x-kubernetes-list-type: atomic
+                          type: object
+                        flexVolume:
+                          properties:
+                            driver:
+                              type: string
+                            fsType:
                               type: string
+                            options:
+                              additionalProperties:
+                                type: string
+                              type: object
+                            readOnly:
+                              type: boolean
+                            secretRef:
+                              properties:
+                                name:
+                                  default: ""
+                                  type: string
+                              type: object
+                              x-kubernetes-map-type: atomic
                           required:
-                          - port
+                          - driver
                           type: object
-                        initialDelaySeconds:
-                          format: int32
-                          type: integer
-                        periodSeconds:
-                          format: int32
-                          type: integer
-                        successThreshold:
-                          format: int32
-                          type: integer
-                        tcpSocket:
+                        flocker:
                           properties:
-                            host:
+                            datasetName:
                               type: string
-                            port:
-                              anyOf:
-                              - type: integer
-                              - type: string
-                              x-kubernetes-int-or-string: true
+                            datasetUUID:
+                              type: string
+                          type: object
+                        gcePersistentDisk:
+                          properties:
+                            fsType:
+                              type: string
+                            partition:
+                              format: int32
+                              type: integer
+                            pdName:
+                              type: string
+                            readOnly:
+                              type: boolean
                           required:
-                          - port
+                          - pdName
                           type: object
-                        terminationGracePeriodSeconds:
-                          format: int64
-                          type: integer
-                        timeoutSeconds:
-                          format: int32
-                          type: integer
-                      type: object
-                    stdin:
-                      type: boolean
-                    stdinOnce:
-                      type: boolean
-                    terminationMessagePath:
-                      type: string
-                    terminationMessagePolicy:
-                      type: string
-                    tty:
-                      type: boolean
-                    volumeDevices:
-                      items:
-                        properties:
-                          devicePath:
-                            type: string
-                          name:
-                            type: string
-                        required:
-                        - devicePath
-                        - name
-                        type: object
-                      type: array
-                      x-kubernetes-list-map-keys:
-                      - devicePath
-                      x-kubernetes-list-type: map
-                    volumeMounts:
-                      items:
-                        properties:
-                          mountPath:
-                            type: string
-                          mountPropagation:
-                            type: string
-                          name:
-                            type: string
-                          readOnly:
-                            type: boolean
-                          recursiveReadOnly:
-                            type: string
-                          subPath:
-                            type: string
-                          subPathExpr:
-                            type: string
-                        required:
-                        - mountPath
-                        - name
-                        type: object
-                      type: array
-                      x-kubernetes-list-map-keys:
-                      - mountPath
-                      x-kubernetes-list-type: map
-                    workingDir:
-                      type: string
-                  required:
-                  - name
-                  type: object
-                type: array
-            type: object
-          status:
-            properties:
-              conditions:
-                items:
-                  properties:
-                    lastTransitionTime:
-                      format: date-time
-                      type: string
-                    message:
-                      maxLength: 32768
-                      type: string
-                    observedGeneration:
-                      format: int64
-                      minimum: 0
-                      type: integer
-                    reason:
-                      maxLength: 1024
-                      minLength: 1
-                      pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$
-                      type: string
-                    status:
-                      enum:
-                      - "True"
-                      - "False"
-                      - Unknown
-                      type: string
-                    type:
-                      maxLength: 316
-                      pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$
-                      type: string
-                  required:
-                  - lastTransitionTime
-                  - message
-                  - reason
-                  - status
-                  - type
-                  type: object
-                type: array
-              exporterConfig:
-                type: string
-              replicas:
-                type: integer
-              status:
-                type: string
-              version:
-                type: string
-            required:
-            - conditions
-            - exporterConfig
-            - version
-            type: object
-        type: object
+                        gitRepo:
+                          properties:
+                            directory:
+                              type: string
+                            repository:
+                              type: string
+                            revision:
+                              type: string
+                          required:
+                          - repository
+                          type: object
+                        glusterfs:
+                          properties:
+                            endpoints:
+                              type: string
+                            path:
+                              type: string
+                            readOnly:
+                              type: boolean
+                          required:
+                          - endpoints
+                          - path
+                          type: object
+                        hostPath:
+                          properties:
+                            path:
+                              type: string
+                            type:
+                              type: string
+                          required:
+                          - path
+                          type: object
+                        image:
+                          properties:
+                            pullPolicy:
+                              type: string
+                            reference:
+                              type: string
+                          type: object
+                        iscsi:
+                          properties:
+                            chapAuthDiscovery:
+                              type: boolean
+                            chapAuthSession:
+                              type: boolean
+                            fsType:
+                              type: string
+                            initiatorName:
+                              type: string
+                            iqn:
+                              type: string
+                            iscsiInterface:
+                              default: default
+                              type: string
+                            lun:
+                              format: int32
+                              type: integer
+                            portals:
+                              items:
+                                type: string
+                              type: array
+                              x-kubernetes-list-type: atomic
+                            readOnly:
+                              type: boolean
+                            secretRef:
+                              properties:
+                                name:
+                                  default: ""
+                                  type: string
+                              type: object
+                              x-kubernetes-map-type: atomic
+                            targetPortal:
+                              type: string
+                          required:
+                          - iqn
+                          - lun
+                          - targetPortal
+                          type: object
+                        name:
+                          type: string
+                        nfs:
+                          properties:
+                            path:
+                              type: string
+                            readOnly:
+                              type: boolean
+                            server:
+                              type: string
+                          required:
+                          - path
+                          - server
+                          type: object
+                        persistentVolumeClaim:
+                          properties:
+                            claimName:
+                              type: string
+                            readOnly:
+                              type: boolean
+                          required:
+                          - claimName
+                          type: object
+                        photonPersistentDisk:
+                          properties:
+                            fsType:
+                              type: string
+                            pdID:
+                              type: string
+                          required:
+                          - pdID
+                          type: object
+                        portworxVolume:
+                          properties:
+                            fsType:
+                              type: string
+                            readOnly:
+                              type: boolean
+                            volumeID:
+                              type: string
+                          required:
+                          - volumeID
+                          type: object
+                        projected:
+                          properties:
+                            defaultMode:
+                              format: int32
+                              type: integer
+                            sources:
+                              items:
+                                properties:
+                                  clusterTrustBundle:
+                                    properties:
+                                      labelSelector:
+                                        properties:
+                                          matchExpressions:
+                                            items:
+                                              properties:
+                                                key:
+                                                  type: string
+                                                operator:
+                                                  type: string
+                                                values:
+                                                  items:
+                                                    type: string
+                                                  type: array
+                                                  x-kubernetes-list-type: atomic
+                                              required:
+                                              - key
+                                              - operator
+                                              type: object
+                                            type: array
+                                            x-kubernetes-list-type: atomic
+                                          matchLabels:
+                                            additionalProperties:
+                                              type: string
+                                            type: object
+                                        type: object
+                                        x-kubernetes-map-type: atomic
+                                      name:
+                                        type: string
+                                      optional:
+                                        type: boolean
+                                      path:
+                                        type: string
+                                      signerName:
+                                        type: string
+                                    required:
+                                    - path
+                                    type: object
+                                  configMap:
+                                    properties:
+                                      items:
+                                        items:
+                                          properties:
+                                            key:
+                                              type: string
+                                            mode:
+                                              format: int32
+                                              type: integer
+                                            path:
+                                              type: string
+                                          required:
+                                          - key
+                                          - path
+                                          type: object
+                                        type: array
+                                        x-kubernetes-list-type: atomic
+                                      name:
+                                        default: ""
+                                        type: string
+                                      optional:
+                                        type: boolean
+                                    type: object
+                                    x-kubernetes-map-type: atomic
+                                  downwardAPI:
+                                    properties:
+                                      items:
+                                        items:
+                                          properties:
+                                            fieldRef:
+                                              properties:
+                                                apiVersion:
+                                                  type: string
+                                                fieldPath:
+                                                  type: string
+                                              required:
+                                              - fieldPath
+                                              type: object
+                                              x-kubernetes-map-type: atomic
+                                            mode:
+                                              format: int32
+                                              type: integer
+                                            path:
+                                              type: string
+                                            resourceFieldRef:
+                                              properties:
+                                                containerName:
+                                                  type: string
+                                                divisor:
+                                                  anyOf:
+                                                  - type: integer
+                                                  - type: string
+                                                  pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+                                                  x-kubernetes-int-or-string: true
+                                                resource:
+                                                  type: string
+                                              required:
+                                              - resource
+                                              type: object
+                                              x-kubernetes-map-type: atomic
+                                          required:
+                                          - path
+                                          type: object
+                                        type: array
+                                        x-kubernetes-list-type: atomic
+                                    type: object
+                                  podCertificate:
+                                    properties:
+                                      certificateChainPath:
+                                        type: string
+                                      credentialBundlePath:
+                                        type: string
+                                      keyPath:
+                                        type: string
+                                      keyType:
+                                        type: string
+                                      maxExpirationSeconds:
+                                        format: int32
+                                        type: integer
+                                      signerName:
+                                        type: string
+                                    required:
+                                    - keyType
+                                    - signerName
+                                    type: object
+                                  secret:
+                                    properties:
+                                      items:
+                                        items:
+                                          properties:
+                                            key:
+                                              type: string
+                                            mode:
+                                              format: int32
+                                              type: integer
+                                            path:
+                                              type: string
+                                          required:
+                                          - key
+                                          - path
+                                          type: object
+                                        type: array
+                                        x-kubernetes-list-type: atomic
+                                      name:
+                                        default: ""
+                                        type: string
+                                      optional:
+                                        type: boolean
+                                    type: object
+                                    x-kubernetes-map-type: atomic
+                                  serviceAccountToken:
+                                    properties:
+                                      audience:
+                                        type: string
+                                      expirationSeconds:
+                                        format: int64
+                                        type: integer
+                                      path:
+                                        type: string
+                                    required:
+                                    - path
+                                    type: object
+                                type: object
+                              type: array
+                              x-kubernetes-list-type: atomic
+                          type: object
+                        quobyte:
+                          properties:
+                            group:
+                              type: string
+                            readOnly:
+                              type: boolean
+                            registry:
+                              type: string
+                            tenant:
+                              type: string
+                            user:
+                              type: string
+                            volume:
+                              type: string
+                          required:
+                          - registry
+                          - volume
+                          type: object
+                        rbd:
+                          properties:
+                            fsType:
+                              type: string
+                            image:
+                              type: string
+                            keyring:
+                              default: /etc/ceph/keyring
+                              type: string
+                            monitors:
+                              items:
+                                type: string
+                              type: array
+                              x-kubernetes-list-type: atomic
+                            pool:
+                              default: rbd
+                              type: string
+                            readOnly:
+                              type: boolean
+                            secretRef:
+                              properties:
+                                name:
+                                  default: ""
+                                  type: string
+                              type: object
+                              x-kubernetes-map-type: atomic
+                            user:
+                              default: admin
+                              type: string
+                          required:
+                          - image
+                          - monitors
+                          type: object
+                        scaleIO:
+                          properties:
+                            fsType:
+                              default: xfs
+                              type: string
+                            gateway:
+                              type: string
+                            protectionDomain:
+                              type: string
+                            readOnly:
+                              type: boolean
+                            secretRef:
+                              properties:
+                                name:
+                                  default: ""
+                                  type: string
+                              type: object
+                              x-kubernetes-map-type: atomic
+                            sslEnabled:
+                              type: boolean
+                            storageMode:
+                              default: ThinProvisioned
+                              type: string
+                            storagePool:
+                              type: string
+                            system:
+                              type: string
+                            volumeName:
+                              type: string
+                          required:
+                          - gateway
+                          - secretRef
+                          - system
+                          type: object
+                        secret:
+                          properties:
+                            defaultMode:
+                              format: int32
+                              type: integer
+                            items:
+                              items:
+                                properties:
+                                  key:
+                                    type: string
+                                  mode:
+                                    format: int32
+                                    type: integer
+                                  path:
+                                    type: string
+                                required:
+                                - key
+                                - path
+                                type: object
+                              type: array
+                              x-kubernetes-list-type: atomic
+                            optional:
+                              type: boolean
+                            secretName:
+                              type: string
+                          type: object
+                        storageos:
+                          properties:
+                            fsType:
+                              type: string
+                            readOnly:
+                              type: boolean
+                            secretRef:
+                              properties:
+                                name:
+                                  default: ""
+                                  type: string
+                              type: object
+                              x-kubernetes-map-type: atomic
+                            volumeName:
+                              type: string
+                            volumeNamespace:
+                              type: string
+                          type: object
+                        vsphereVolume:
+                          properties:
+                            fsType:
+                              type: string
+                            storagePolicyID:
+                              type: string
+                            storagePolicyName:
+                              type: string
+                            volumePath:
+                              type: string
+                          required:
+                          - volumePath
+                          type: object
+                      required:
+                      - name
+                      type: object
+                    type: array
+                type: object
+              wallet:
+                properties:
+                  additional:
+                    items:
+                      properties:
+                        mountPath:
+                          type: string
+                        name:
+                          type: string
+                        secret:
+                          type: string
+                      type: object
+                    type: array
+                  mountPath:
+                    type: string
+                  secret:
+                    type: string
+                type: object
+            type: object
+          status:
+            properties:
+              conditions:
+                items:
+                  properties:
+                    lastTransitionTime:
+                      format: date-time
+                      type: string
+                    message:
+                      maxLength: 32768
+                      type: string
+                    observedGeneration:
+                      format: int64
+                      minimum: 0
+                      type: integer
+                    reason:
+                      maxLength: 1024
+                      minLength: 1
+                      pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$
+                      type: string
+                    status:
+                      enum:
+                      - "True"
+                      - "False"
+                      - Unknown
+                      type: string
+                    type:
+                      maxLength: 316
+                      pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$
+                      type: string
+                  required:
+                  - lastTransitionTime
+                  - message
+                  - reason
+                  - status
+                  - type
+                  type: object
+                type: array
+              metricsConfig:
+                type: string
+              replicas:
+                type: integer
+              status:
+                type: string
+              version:
+                type: string
+            required:
+            - conditions
+            - metricsConfig
+            - version
+            type: object
+        type: object
     served: true
     storage: false
     subresources:
       status: {}
   - additionalPrinterColumns:
-    - jsonPath: .status.exporterConfig
-      name: ExporterConfig
+    - jsonPath: .status.metricsConfig
+      name: MetricsConfig
       type: string
     - jsonPath: .status.status
       name: Status
@@ -2362,7 +2542,7 @@ spec:
             type: object
           spec:
             properties:
-              configuration:
+              azureConfig:
                 properties:
                   configMap:
                     properties:
@@ -2374,8 +2554,19 @@ spec:
                 type: object
               database:
                 properties:
+                  azure:
+                    properties:
+                      vaultID:
+                        type: string
+                      vaultPasswordSecret:
+                        type: string
+                      vaultUsernameSecret:
+                        type: string
+                    type: object
                   dbConnectionString:
                     properties:
+                      envName:
+                        type: string
                       key:
                         type: string
                       secret:
@@ -2383,241 +2574,252 @@ spec:
                     type: object
                   dbPassword:
                     properties:
+                      envName:
+                        type: string
                       key:
                         type: string
                       secret:
                         type: string
-                      vaultOCID:
-                        type: string
-                      vaultSecretName:
-                        type: string
                     type: object
                   dbUser:
                     properties:
+                      envName:
+                        type: string
                       key:
                         type: string
                       secret:
                         type: string
                     type: object
-                  dbWallet:
+                  oci:
                     properties:
-                      key:
+                      vaultID:
                         type: string
-                      secret:
+                      vaultPasswordSecret:
                         type: string
                     type: object
                 type: object
-              exporter:
-                properties:
-                  deployment:
-                    properties:
-                      args:
-                        items:
+              databases:
+                additionalProperties:
+                  properties:
+                    dbConnectionString:
+                      properties:
+                        envName:
                           type: string
-                        type: array
-                      commands:
-                        items:
+                        key:
                           type: string
-                        type: array
-                      env:
-                        additionalProperties:
+                        secret:
                           type: string
-                        type: object
-                      image:
-                        type: string
-                      labels:
-                        additionalProperties:
+                      type: object
+                    dbPassword:
+                      properties:
+                        envName:
                           type: string
+                        key:
+                          type: string
+                        secret:
+                          type: string
+                      type: object
+                    dbUser:
+                      properties:
+                        envName:
+                          type: string
+                        key:
+                          type: string
+                        secret:
+                          type: string
+                      type: object
+                  type: object
+                type: object
+              deployment:
+                properties:
+                  args:
+                    items:
+                      type: string
+                    type: array
+                  commands:
+                    items:
+                      type: string
+                    type: array
+                  env:
+                    additionalProperties:
+                      type: string
+                    type: object
+                  image:
+                    type: string
+                  labels:
+                    additionalProperties:
+                      type: string
+                    type: object
+                  podSecurityContext:
+                    properties:
+                      appArmorProfile:
+                        properties:
+                          localhostProfile:
+                            type: string
+                          type:
+                            type: string
+                        required:
+                        - type
                         type: object
-                      podTemplate:
-                        properties:
-                          labels:
-                            additionalProperties:
-                              type: string
-                            type: object
-                          securityContext:
-                            properties:
-                              appArmorProfile:
-                                properties:
-                                  localhostProfile:
-                                    type: string
-                                  type:
-                                    type: string
-                                required:
-                                - type
-                                type: object
-                              fsGroup:
-                                format: int64
-                                type: integer
-                              fsGroupChangePolicy:
-                                type: string
-                              runAsGroup:
-                                format: int64
-                                type: integer
-                              runAsNonRoot:
-                                type: boolean
-                              runAsUser:
-                                format: int64
-                                type: integer
-                              seLinuxOptions:
-                                properties:
-                                  level:
-                                    type: string
-                                  role:
-                                    type: string
-                                  type:
-                                    type: string
-                                  user:
-                                    type: string
-                                type: object
-                              seccompProfile:
-                                properties:
-                                  localhostProfile:
-                                    type: string
-                                  type:
-                                    type: string
-                                required:
-                                - type
-                                type: object
-                              supplementalGroups:
-                                items:
-                                  format: int64
-                                  type: integer
-                                type: array
-                                x-kubernetes-list-type: atomic
-                              supplementalGroupsPolicy:
-                                type: string
-                              sysctls:
-                                items:
-                                  properties:
-                                    name:
-                                      type: string
-                                    value:
-                                      type: string
-                                  required:
-                                  - name
-                                  - value
-                                  type: object
-                                type: array
-                                x-kubernetes-list-type: atomic
-                              windowsOptions:
-                                properties:
-                                  gmsaCredentialSpec:
-                                    type: string
-                                  gmsaCredentialSpecName:
-                                    type: string
-                                  hostProcess:
-                                    type: boolean
-                                  runAsUserName:
-                                    type: string
-                                type: object
-                            type: object
-                        type: object
-                      securityContext:
+                      fsGroup:
+                        format: int64
+                        type: integer
+                      fsGroupChangePolicy:
+                        type: string
+                      runAsGroup:
+                        format: int64
+                        type: integer
+                      runAsNonRoot:
+                        type: boolean
+                      runAsUser:
+                        format: int64
+                        type: integer
+                      seLinuxChangePolicy:
+                        type: string
+                      seLinuxOptions:
                         properties:
-                          allowPrivilegeEscalation:
-                            type: boolean
-                          appArmorProfile:
-                            properties:
-                              localhostProfile:
-                                type: string
-                              type:
-                                type: string
-                            required:
-                            - type
-                            type: object
-                          capabilities:
-                            properties:
-                              add:
-                                items:
-                                  type: string
-                                type: array
-                                x-kubernetes-list-type: atomic
-                              drop:
-                                items:
-                                  type: string
-                                type: array
-                                x-kubernetes-list-type: atomic
-                            type: object
-                          privileged:
-                            type: boolean
-                          procMount:
+                          level:
+                            type: string
+                          role:
+                            type: string
+                          type:
+                            type: string
+                          user:
                             type: string
-                          readOnlyRootFilesystem:
-                            type: boolean
-                          runAsGroup:
-                            format: int64
-                            type: integer
-                          runAsNonRoot:
-                            type: boolean
-                          runAsUser:
-                            format: int64
-                            type: integer
-                          seLinuxOptions:
-                            properties:
-                              level:
-                                type: string
-                              role:
-                                type: string
-                              type:
-                                type: string
-                              user:
-                                type: string
-                            type: object
-                          seccompProfile:
-                            properties:
-                              localhostProfile:
-                                type: string
-                              type:
-                                type: string
-                            required:
-                            - type
-                            type: object
-                          windowsOptions:
-                            properties:
-                              gmsaCredentialSpec:
-                                type: string
-                              gmsaCredentialSpecName:
-                                type: string
-                              hostProcess:
-                                type: boolean
-                              runAsUserName:
-                                type: string
-                            type: object
                         type: object
-                    type: object
-                  service:
-                    properties:
-                      labels:
-                        additionalProperties:
-                          type: string
+                      seccompProfile:
+                        properties:
+                          localhostProfile:
+                            type: string
+                          type:
+                            type: string
+                        required:
+                        - type
                         type: object
-                      ports:
+                      supplementalGroups:
+                        items:
+                          format: int64
+                          type: integer
+                        type: array
+                        x-kubernetes-list-type: atomic
+                      supplementalGroupsPolicy:
+                        type: string
+                      sysctls:
                         items:
                           properties:
-                            appProtocol:
-                              type: string
                             name:
                               type: string
-                            nodePort:
-                              format: int32
-                              type: integer
-                            port:
-                              format: int32
-                              type: integer
-                            protocol:
-                              default: TCP
+                            value:
                               type: string
-                            targetPort:
-                              anyOf:
-                              - type: integer
-                              - type: string
-                              x-kubernetes-int-or-string: true
                           required:
-                          - port
+                          - name
+                          - value
                           type: object
                         type: array
+                        x-kubernetes-list-type: atomic
+                      windowsOptions:
+                        properties:
+                          gmsaCredentialSpec:
+                            type: string
+                          gmsaCredentialSpecName:
+                            type: string
+                          hostProcess:
+                            type: boolean
+                          runAsUserName:
+                            type: string
+                        type: object
+                    type: object
+                  podTemplate:
+                    properties:
+                      labels:
+                        additionalProperties:
+                          type: string
+                        type: object
+                    type: object
+                  securityContext:
+                    properties:
+                      allowPrivilegeEscalation:
+                        type: boolean
+                      appArmorProfile:
+                        properties:
+                          localhostProfile:
+                            type: string
+                          type:
+                            type: string
+                        required:
+                        - type
+                        type: object
+                      capabilities:
+                        properties:
+                          add:
+                            items:
+                              type: string
+                            type: array
+                            x-kubernetes-list-type: atomic
+                          drop:
+                            items:
+                              type: string
+                            type: array
+                            x-kubernetes-list-type: atomic
+                        type: object
+                      privileged:
+                        type: boolean
+                      procMount:
+                        type: string
+                      readOnlyRootFilesystem:
+                        type: boolean
+                      runAsGroup:
+                        format: int64
+                        type: integer
+                      runAsNonRoot:
+                        type: boolean
+                      runAsUser:
+                        format: int64
+                        type: integer
+                      seLinuxOptions:
+                        properties:
+                          level:
+                            type: string
+                          role:
+                            type: string
+                          type:
+                            type: string
+                          user:
+                            type: string
+                        type: object
+                      seccompProfile:
+                        properties:
+                          localhostProfile:
+                            type: string
+                          type:
+                            type: string
+                        required:
+                        - type
+                        type: object
+                      windowsOptions:
+                        properties:
+                          gmsaCredentialSpec:
+                            type: string
+                          gmsaCredentialSpecName:
+                            type: string
+                          hostProcess:
+                            type: boolean
+                          runAsUserName:
+                            type: string
+                        type: object
+                    type: object
+                type: object
+              exporterConfig:
+                properties:
+                  configMap:
+                    properties:
+                      key:
+                        type: string
+                      name:
+                        type: string
                     type: object
+                  mountPath:
+                    type: string
                 type: object
               inheritLabels:
                 items:
@@ -2625,9 +2827,11 @@ spec:
                 type: array
               log:
                 properties:
-                  filename:
+                  destination:
                     type: string
-                  path:
+                  disable:
+                    type: boolean
+                  filename:
                     type: string
                   volume:
                     properties:
@@ -2640,41 +2844,204 @@ spec:
                         type: object
                     type: object
                 type: object
+              metrics:
+                properties:
+                  configMap:
+                    items:
+                      properties:
+                        key:
+                          type: string
+                        name:
+                          type: string
+                      type: object
+                    type: array
+                type: object
               ociConfig:
                 properties:
-                  configMapName:
-                    type: string
-                  secretName:
+                  configMap:
+                    properties:
+                      key:
+                        type: string
+                      name:
+                        type: string
+                    type: object
+                  mountPath:
                     type: string
+                  privateKey:
+                    properties:
+                      secret:
+                        type: string
+                    type: object
                 type: object
-              prometheus:
+              replicas:
+                format: int32
+                type: integer
+              service:
                 properties:
-                  serviceMonitor:
-                    properties:
-                      endpoints:
-                        items:
+                  labels:
+                    additionalProperties:
+                      type: string
+                    type: object
+                  ports:
+                    items:
+                      properties:
+                        appProtocol:
+                          type: string
+                        name:
+                          type: string
+                        nodePort:
+                          format: int32
+                          type: integer
+                        port:
+                          format: int32
+                          type: integer
+                        protocol:
+                          default: TCP
+                          type: string
+                        targetPort:
+                          anyOf:
+                          - type: integer
+                          - type: string
+                          x-kubernetes-int-or-string: true
+                      required:
+                      - port
+                      type: object
+                    type: array
+                type: object
+              serviceMonitor:
+                properties:
+                  endpoints:
+                    items:
+                      properties:
+                        authorization:
                           properties:
-                            authorization:
+                            credentials:
                               properties:
-                                credentials:
-                                  properties:
-                                    key:
-                                      type: string
-                                    name:
-                                      default: ""
-                                      type: string
-                                    optional:
-                                      type: boolean
-                                  required:
-                                  - key
-                                  type: object
-                                  x-kubernetes-map-type: atomic
-                                type:
+                                key:
+                                  type: string
+                                name:
+                                  default: ""
+                                  type: string
+                                optional:
+                                  type: boolean
+                              required:
+                              - key
+                              type: object
+                              x-kubernetes-map-type: atomic
+                            type:
+                              type: string
+                          type: object
+                        basicAuth:
+                          properties:
+                            password:
+                              properties:
+                                key:
+                                  type: string
+                                name:
+                                  default: ""
+                                  type: string
+                                optional:
+                                  type: boolean
+                              required:
+                              - key
+                              type: object
+                              x-kubernetes-map-type: atomic
+                            username:
+                              properties:
+                                key:
                                   type: string
+                                name:
+                                  default: ""
+                                  type: string
+                                optional:
+                                  type: boolean
+                              required:
+                              - key
                               type: object
-                            basicAuth:
+                              x-kubernetes-map-type: atomic
+                          type: object
+                        bearerTokenFile:
+                          type: string
+                        bearerTokenSecret:
+                          properties:
+                            key:
+                              type: string
+                            name:
+                              default: ""
+                              type: string
+                            optional:
+                              type: boolean
+                          required:
+                          - key
+                          type: object
+                          x-kubernetes-map-type: atomic
+                        enableHttp2:
+                          type: boolean
+                        filterRunning:
+                          type: boolean
+                        followRedirects:
+                          type: boolean
+                        honorLabels:
+                          type: boolean
+                        honorTimestamps:
+                          type: boolean
+                        interval:
+                          pattern: ^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$
+                          type: string
+                        metricRelabelings:
+                          items:
+                            properties:
+                              action:
+                                default: replace
+                                enum:
+                                - replace
+                                - Replace
+                                - keep
+                                - Keep
+                                - drop
+                                - Drop
+                                - hashmod
+                                - HashMod
+                                - labelmap
+                                - LabelMap
+                                - labeldrop
+                                - LabelDrop
+                                - labelkeep
+                                - LabelKeep
+                                - lowercase
+                                - Lowercase
+                                - uppercase
+                                - Uppercase
+                                - keepequal
+                                - KeepEqual
+                                - dropequal
+                                - DropEqual
+                                type: string
+                              modulus:
+                                format: int64
+                                type: integer
+                              regex:
+                                type: string
+                              replacement:
+                                type: string
+                              separator:
+                                type: string
+                              sourceLabels:
+                                items:
+                                  pattern: ^[a-zA-Z_][a-zA-Z0-9_]*$
+                                  type: string
+                                type: array
+                              targetLabel:
+                                type: string
+                            type: object
+                          type: array
+                        noProxy:
+                          type: string
+                        oauth2:
+                          properties:
+                            clientId:
                               properties:
-                                password:
+                                configMap:
                                   properties:
                                     key:
                                       type: string
@@ -2687,7 +3054,7 @@ spec:
                                   - key
                                   type: object
                                   x-kubernetes-map-type: atomic
-                                username:
+                                secret:
                                   properties:
                                     key:
                                       type: string
@@ -2701,9 +3068,7 @@ spec:
                                   type: object
                                   x-kubernetes-map-type: atomic
                               type: object
-                            bearerTokenFile:
-                              type: string
-                            bearerTokenSecret:
+                            clientSecret:
                               properties:
                                 key:
                                   type: string
@@ -2716,98 +3081,15 @@ spec:
                               - key
                               type: object
                               x-kubernetes-map-type: atomic
-                            enableHttp2:
-                              type: boolean
-                            filterRunning:
-                              type: boolean
-                            followRedirects:
-                              type: boolean
-                            honorLabels:
-                              type: boolean
-                            honorTimestamps:
-                              type: boolean
-                            interval:
-                              pattern: ^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$
+                            endpointParams:
+                              additionalProperties:
+                                type: string
+                              type: object
+                            noProxy:
                               type: string
-                            metricRelabelings:
-                              items:
-                                properties:
-                                  action:
-                                    default: replace
-                                    enum:
-                                    - replace
-                                    - Replace
-                                    - keep
-                                    - Keep
-                                    - drop
-                                    - Drop
-                                    - hashmod
-                                    - HashMod
-                                    - labelmap
-                                    - LabelMap
-                                    - labeldrop
-                                    - LabelDrop
-                                    - labelkeep
-                                    - LabelKeep
-                                    - lowercase
-                                    - Lowercase
-                                    - uppercase
-                                    - Uppercase
-                                    - keepequal
-                                    - KeepEqual
-                                    - dropequal
-                                    - DropEqual
-                                    type: string
-                                  modulus:
-                                    format: int64
-                                    type: integer
-                                  regex:
-                                    type: string
-                                  replacement:
-                                    type: string
-                                  separator:
-                                    type: string
-                                  sourceLabels:
-                                    items:
-                                      pattern: ^[a-zA-Z_][a-zA-Z0-9_]*$
-                                      type: string
-                                    type: array
-                                  targetLabel:
-                                    type: string
-                                type: object
-                              type: array
-                            oauth2:
-                              properties:
-                                clientId:
-                                  properties:
-                                    configMap:
-                                      properties:
-                                        key:
-                                          type: string
-                                        name:
-                                          default: ""
-                                          type: string
-                                        optional:
-                                          type: boolean
-                                      required:
-                                      - key
-                                      type: object
-                                      x-kubernetes-map-type: atomic
-                                    secret:
-                                      properties:
-                                        key:
-                                          type: string
-                                        name:
-                                          default: ""
-                                          type: string
-                                        optional:
-                                          type: boolean
-                                      required:
-                                      - key
-                                      type: object
-                                      x-kubernetes-map-type: atomic
-                                  type: object
-                                clientSecret:
+                            proxyConnectHeader:
+                              additionalProperties:
+                                items:
                                   properties:
                                     key:
                                       type: string
@@ -2820,211 +3102,18 @@ spec:
                                   - key
                                   type: object
                                   x-kubernetes-map-type: atomic
-                                endpointParams:
-                                  additionalProperties:
-                                    type: string
-                                  type: object
-                                noProxy:
-                                  type: string
-                                proxyConnectHeader:
-                                  additionalProperties:
-                                    items:
-                                      properties:
-                                        key:
-                                          type: string
-                                        name:
-                                          default: ""
-                                          type: string
-                                        optional:
-                                          type: boolean
-                                      required:
-                                      - key
-                                      type: object
-                                      x-kubernetes-map-type: atomic
-                                    type: array
-                                  type: object
-                                  x-kubernetes-map-type: atomic
-                                proxyFromEnvironment:
-                                  type: boolean
-                                proxyUrl:
-                                  pattern: ^http(s)?://.+$
-                                  type: string
-                                scopes:
-                                  items:
-                                    type: string
-                                  type: array
-                                tlsConfig:
-                                  properties:
-                                    ca:
-                                      properties:
-                                        configMap:
-                                          properties:
-                                            key:
-                                              type: string
-                                            name:
-                                              default: ""
-                                              type: string
-                                            optional:
-                                              type: boolean
-                                          required:
-                                          - key
-                                          type: object
-                                          x-kubernetes-map-type: atomic
-                                        secret:
-                                          properties:
-                                            key:
-                                              type: string
-                                            name:
-                                              default: ""
-                                              type: string
-                                            optional:
-                                              type: boolean
-                                          required:
-                                          - key
-                                          type: object
-                                          x-kubernetes-map-type: atomic
-                                      type: object
-                                    cert:
-                                      properties:
-                                        configMap:
-                                          properties:
-                                            key:
-                                              type: string
-                                            name:
-                                              default: ""
-                                              type: string
-                                            optional:
-                                              type: boolean
-                                          required:
-                                          - key
-                                          type: object
-                                          x-kubernetes-map-type: atomic
-                                        secret:
-                                          properties:
-                                            key:
-                                              type: string
-                                            name:
-                                              default: ""
-                                              type: string
-                                            optional:
-                                              type: boolean
-                                          required:
-                                          - key
-                                          type: object
-                                          x-kubernetes-map-type: atomic
-                                      type: object
-                                    insecureSkipVerify:
-                                      type: boolean
-                                    keySecret:
-                                      properties:
-                                        key:
-                                          type: string
-                                        name:
-                                          default: ""
-                                          type: string
-                                        optional:
-                                          type: boolean
-                                      required:
-                                      - key
-                                      type: object
-                                      x-kubernetes-map-type: atomic
-                                    maxVersion:
-                                      enum:
-                                      - TLS10
-                                      - TLS11
-                                      - TLS12
-                                      - TLS13
-                                      type: string
-                                    minVersion:
-                                      enum:
-                                      - TLS10
-                                      - TLS11
-                                      - TLS12
-                                      - TLS13
-                                      type: string
-                                    serverName:
-                                      type: string
-                                  type: object
-                                tokenUrl:
-                                  minLength: 1
-                                  type: string
-                              required:
-                              - clientId
-                              - clientSecret
-                              - tokenUrl
-                              type: object
-                            params:
-                              additionalProperties:
-                                items:
-                                  type: string
                                 type: array
                               type: object
-                            path:
-                              type: string
-                            port:
-                              type: string
+                              x-kubernetes-map-type: atomic
+                            proxyFromEnvironment:
+                              type: boolean
                             proxyUrl:
+                              pattern: ^(http|https|socks5)://.+$
                               type: string
-                            relabelings:
+                            scopes:
                               items:
-                                properties:
-                                  action:
-                                    default: replace
-                                    enum:
-                                    - replace
-                                    - Replace
-                                    - keep
-                                    - Keep
-                                    - drop
-                                    - Drop
-                                    - hashmod
-                                    - HashMod
-                                    - labelmap
-                                    - LabelMap
-                                    - labeldrop
-                                    - LabelDrop
-                                    - labelkeep
-                                    - LabelKeep
-                                    - lowercase
-                                    - Lowercase
-                                    - uppercase
-                                    - Uppercase
-                                    - keepequal
-                                    - KeepEqual
-                                    - dropequal
-                                    - DropEqual
-                                    type: string
-                                  modulus:
-                                    format: int64
-                                    type: integer
-                                  regex:
-                                    type: string
-                                  replacement:
-                                    type: string
-                                  separator:
-                                    type: string
-                                  sourceLabels:
-                                    items:
-                                      pattern: ^[a-zA-Z_][a-zA-Z0-9_]*$
-                                      type: string
-                                    type: array
-                                  targetLabel:
-                                    type: string
-                                type: object
+                                type: string
                               type: array
-                            scheme:
-                              enum:
-                              - http
-                              - https
-                              type: string
-                            scrapeTimeout:
-                              pattern: ^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$
-                              type: string
-                            targetPort:
-                              anyOf:
-                              - type: integer
-                              - type: string
-                              x-kubernetes-int-or-string: true
                             tlsConfig:
                               properties:
                                 ca:
@@ -3056,8 +3145,6 @@ spec:
                                       type: object
                                       x-kubernetes-map-type: atomic
                                   type: object
-                                caFile:
-                                  type: string
                                 cert:
                                   properties:
                                     configMap:
@@ -3087,12 +3174,8 @@ spec:
                                       type: object
                                       x-kubernetes-map-type: atomic
                                   type: object
-                                certFile:
-                                  type: string
                                 insecureSkipVerify:
                                   type: boolean
-                                keyFile:
-                                  type: string
                                 keySecret:
                                   properties:
                                     key:
@@ -3123,573 +3206,329 @@ spec:
                                 serverName:
                                   type: string
                               type: object
-                            trackTimestampsStaleness:
-                              type: boolean
+                            tokenUrl:
+                              minLength: 1
+                              type: string
+                          required:
+                          - clientId
+                          - clientSecret
+                          - tokenUrl
                           type: object
-                        type: array
-                      labels:
-                        additionalProperties:
-                          type: string
-                        type: object
-                      namespaceSelector:
-                        properties:
-                          any:
-                            type: boolean
-                          matchNames:
+                        params:
+                          additionalProperties:
                             items:
                               type: string
                             type: array
-                        type: object
-                    type: object
-                type: object
-              replicas:
-                format: int32
-                type: integer
-              sidecarVolumes:
-                items:
-                  properties:
-                    awsElasticBlockStore:
-                      properties:
-                        fsType:
-                          type: string
-                        partition:
-                          format: int32
-                          type: integer
-                        readOnly:
-                          type: boolean
-                        volumeID:
-                          type: string
-                      required:
-                      - volumeID
-                      type: object
-                    azureDisk:
-                      properties:
-                        cachingMode:
-                          type: string
-                        diskName:
-                          type: string
-                        diskURI:
-                          type: string
-                        fsType:
-                          default: ext4
-                          type: string
-                        kind:
-                          type: string
-                        readOnly:
-                          default: false
-                          type: boolean
-                      required:
-                      - diskName
-                      - diskURI
-                      type: object
-                    azureFile:
-                      properties:
-                        readOnly:
-                          type: boolean
-                        secretName:
-                          type: string
-                        shareName:
-                          type: string
-                      required:
-                      - secretName
-                      - shareName
-                      type: object
-                    cephfs:
-                      properties:
-                        monitors:
-                          items:
-                            type: string
-                          type: array
-                          x-kubernetes-list-type: atomic
-                        path:
-                          type: string
-                        readOnly:
-                          type: boolean
-                        secretFile:
-                          type: string
-                        secretRef:
-                          properties:
-                            name:
-                              default: ""
-                              type: string
-                          type: object
-                          x-kubernetes-map-type: atomic
-                        user:
-                          type: string
-                      required:
-                      - monitors
-                      type: object
-                    cinder:
-                      properties:
-                        fsType:
-                          type: string
-                        readOnly:
-                          type: boolean
-                        secretRef:
-                          properties:
-                            name:
-                              default: ""
-                              type: string
                           type: object
-                          x-kubernetes-map-type: atomic
-                        volumeID:
-                          type: string
-                      required:
-                      - volumeID
-                      type: object
-                    configMap:
-                      properties:
-                        defaultMode:
-                          format: int32
-                          type: integer
-                        items:
-                          items:
-                            properties:
-                              key:
-                                type: string
-                              mode:
-                                format: int32
-                                type: integer
-                              path:
-                                type: string
-                            required:
-                            - key
-                            - path
-                            type: object
-                          type: array
-                          x-kubernetes-list-type: atomic
-                        name:
-                          default: ""
-                          type: string
-                        optional:
-                          type: boolean
-                      type: object
-                      x-kubernetes-map-type: atomic
-                    csi:
-                      properties:
-                        driver:
+                        path:
                           type: string
-                        fsType:
+                        port:
                           type: string
-                        nodePublishSecretRef:
-                          properties:
-                            name:
-                              default: ""
-                              type: string
+                        proxyConnectHeader:
+                          additionalProperties:
+                            items:
+                              properties:
+                                key:
+                                  type: string
+                                name:
+                                  default: ""
+                                  type: string
+                                optional:
+                                  type: boolean
+                              required:
+                              - key
+                              type: object
+                              x-kubernetes-map-type: atomic
+                            type: array
                           type: object
                           x-kubernetes-map-type: atomic
-                        readOnly:
+                        proxyFromEnvironment:
                           type: boolean
-                        volumeAttributes:
-                          additionalProperties:
-                            type: string
-                          type: object
-                      required:
-                      - driver
-                      type: object
-                    downwardAPI:
-                      properties:
-                        defaultMode:
-                          format: int32
-                          type: integer
-                        items:
+                        proxyUrl:
+                          pattern: ^(http|https|socks5)://.+$
+                          type: string
+                        relabelings:
                           items:
                             properties:
-                              fieldRef:
-                                properties:
-                                  apiVersion:
-                                    type: string
-                                  fieldPath:
-                                    type: string
-                                required:
-                                - fieldPath
-                                type: object
-                                x-kubernetes-map-type: atomic
-                              mode:
-                                format: int32
+                              action:
+                                default: replace
+                                enum:
+                                - replace
+                                - Replace
+                                - keep
+                                - Keep
+                                - drop
+                                - Drop
+                                - hashmod
+                                - HashMod
+                                - labelmap
+                                - LabelMap
+                                - labeldrop
+                                - LabelDrop
+                                - labelkeep
+                                - LabelKeep
+                                - lowercase
+                                - Lowercase
+                                - uppercase
+                                - Uppercase
+                                - keepequal
+                                - KeepEqual
+                                - dropequal
+                                - DropEqual
+                                type: string
+                              modulus:
+                                format: int64
                                 type: integer
-                              path:
+                              regex:
+                                type: string
+                              replacement:
+                                type: string
+                              separator:
+                                type: string
+                              sourceLabels:
+                                items:
+                                  pattern: ^[a-zA-Z_][a-zA-Z0-9_]*$
+                                  type: string
+                                type: array
+                              targetLabel:
                                 type: string
-                              resourceFieldRef:
-                                properties:
-                                  containerName:
-                                    type: string
-                                  divisor:
-                                    anyOf:
-                                    - type: integer
-                                    - type: string
-                                    pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
-                                    x-kubernetes-int-or-string: true
-                                  resource:
-                                    type: string
-                                required:
-                                - resource
-                                type: object
-                                x-kubernetes-map-type: atomic
-                            required:
-                            - path
                             type: object
                           type: array
-                          x-kubernetes-list-type: atomic
-                      type: object
-                    emptyDir:
-                      properties:
-                        medium:
+                        scheme:
+                          enum:
+                          - http
+                          - https
                           type: string
-                        sizeLimit:
+                        scrapeTimeout:
+                          pattern: ^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$
+                          type: string
+                        targetPort:
                           anyOf:
                           - type: integer
                           - type: string
-                          pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
                           x-kubernetes-int-or-string: true
-                      type: object
-                    ephemeral:
-                      properties:
-                        volumeClaimTemplate:
+                        tlsConfig:
                           properties:
-                            metadata:
-                              type: object
-                            spec:
+                            ca:
                               properties:
-                                accessModes:
-                                  items:
-                                    type: string
-                                  type: array
-                                  x-kubernetes-list-type: atomic
-                                dataSource:
+                                configMap:
                                   properties:
-                                    apiGroup:
-                                      type: string
-                                    kind:
+                                    key:
                                       type: string
                                     name:
+                                      default: ""
                                       type: string
+                                    optional:
+                                      type: boolean
                                   required:
-                                  - kind
-                                  - name
+                                  - key
                                   type: object
                                   x-kubernetes-map-type: atomic
-                                dataSourceRef:
+                                secret:
                                   properties:
-                                    apiGroup:
-                                      type: string
-                                    kind:
+                                    key:
                                       type: string
                                     name:
+                                      default: ""
                                       type: string
-                                    namespace:
-                                      type: string
+                                    optional:
+                                      type: boolean
                                   required:
-                                  - kind
-                                  - name
+                                  - key
                                   type: object
-                                resources:
+                                  x-kubernetes-map-type: atomic
+                              type: object
+                            caFile:
+                              type: string
+                            cert:
+                              properties:
+                                configMap:
                                   properties:
-                                    limits:
-                                      additionalProperties:
-                                        anyOf:
-                                        - type: integer
-                                        - type: string
-                                        pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
-                                        x-kubernetes-int-or-string: true
-                                      type: object
-                                    requests:
-                                      additionalProperties:
-                                        anyOf:
-                                        - type: integer
-                                        - type: string
-                                        pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
-                                        x-kubernetes-int-or-string: true
-                                      type: object
+                                    key:
+                                      type: string
+                                    name:
+                                      default: ""
+                                      type: string
+                                    optional:
+                                      type: boolean
+                                  required:
+                                  - key
                                   type: object
-                                selector:
+                                  x-kubernetes-map-type: atomic
+                                secret:
                                   properties:
-                                    matchExpressions:
-                                      items:
-                                        properties:
-                                          key:
-                                            type: string
-                                          operator:
-                                            type: string
-                                          values:
-                                            items:
-                                              type: string
-                                            type: array
-                                            x-kubernetes-list-type: atomic
-                                        required:
-                                        - key
-                                        - operator
-                                        type: object
-                                      type: array
-                                      x-kubernetes-list-type: atomic
-                                    matchLabels:
-                                      additionalProperties:
-                                        type: string
-                                      type: object
+                                    key:
+                                      type: string
+                                    name:
+                                      default: ""
+                                      type: string
+                                    optional:
+                                      type: boolean
+                                  required:
+                                  - key
                                   type: object
                                   x-kubernetes-map-type: atomic
-                                storageClassName:
-                                  type: string
-                                volumeAttributesClassName:
-                                  type: string
-                                volumeMode:
+                              type: object
+                            certFile:
+                              type: string
+                            insecureSkipVerify:
+                              type: boolean
+                            keyFile:
+                              type: string
+                            keySecret:
+                              properties:
+                                key:
                                   type: string
-                                volumeName:
+                                name:
+                                  default: ""
                                   type: string
+                                optional:
+                                  type: boolean
+                              required:
+                              - key
                               type: object
-                          required:
-                          - spec
+                              x-kubernetes-map-type: atomic
+                            maxVersion:
+                              enum:
+                              - TLS10
+                              - TLS11
+                              - TLS12
+                              - TLS13
+                              type: string
+                            minVersion:
+                              enum:
+                              - TLS10
+                              - TLS11
+                              - TLS12
+                              - TLS13
+                              type: string
+                            serverName:
+                              type: string
                           type: object
+                        trackTimestampsStaleness:
+                          type: boolean
                       type: object
-                    fc:
-                      properties:
-                        fsType:
+                    type: array
+                  labels:
+                    additionalProperties:
+                      type: string
+                    type: object
+                  namespaceSelector:
+                    properties:
+                      any:
+                        type: boolean
+                      matchNames:
+                        items:
                           type: string
-                        lun:
-                          format: int32
-                          type: integer
-                        readOnly:
-                          type: boolean
-                        targetWWNs:
-                          items:
-                            type: string
-                          type: array
-                          x-kubernetes-list-type: atomic
-                        wwids:
+                        type: array
+                    type: object
+                type: object
+              sidecar:
+                properties:
+                  containers:
+                    items:
+                      properties:
+                        args:
                           items:
                             type: string
                           type: array
                           x-kubernetes-list-type: atomic
-                      type: object
-                    flexVolume:
-                      properties:
-                        driver:
-                          type: string
-                        fsType:
-                          type: string
-                        options:
-                          additionalProperties:
-                            type: string
-                          type: object
-                        readOnly:
-                          type: boolean
-                        secretRef:
-                          properties:
-                            name:
-                              default: ""
-                              type: string
-                          type: object
-                          x-kubernetes-map-type: atomic
-                      required:
-                      - driver
-                      type: object
-                    flocker:
-                      properties:
-                        datasetName:
-                          type: string
-                        datasetUUID:
-                          type: string
-                      type: object
-                    gcePersistentDisk:
-                      properties:
-                        fsType:
-                          type: string
-                        partition:
-                          format: int32
-                          type: integer
-                        pdName:
-                          type: string
-                        readOnly:
-                          type: boolean
-                      required:
-                      - pdName
-                      type: object
-                    gitRepo:
-                      properties:
-                        directory:
-                          type: string
-                        repository:
-                          type: string
-                        revision:
-                          type: string
-                      required:
-                      - repository
-                      type: object
-                    glusterfs:
-                      properties:
-                        endpoints:
-                          type: string
-                        path:
-                          type: string
-                        readOnly:
-                          type: boolean
-                      required:
-                      - endpoints
-                      - path
-                      type: object
-                    hostPath:
-                      properties:
-                        path:
-                          type: string
-                        type:
-                          type: string
-                      required:
-                      - path
-                      type: object
-                    image:
-                      properties:
-                        pullPolicy:
-                          type: string
-                        reference:
-                          type: string
-                      type: object
-                    iscsi:
-                      properties:
-                        chapAuthDiscovery:
-                          type: boolean
-                        chapAuthSession:
-                          type: boolean
-                        fsType:
-                          type: string
-                        initiatorName:
-                          type: string
-                        iqn:
-                          type: string
-                        iscsiInterface:
-                          default: default
-                          type: string
-                        lun:
-                          format: int32
-                          type: integer
-                        portals:
+                        command:
                           items:
                             type: string
                           type: array
                           x-kubernetes-list-type: atomic
-                        readOnly:
-                          type: boolean
-                        secretRef:
-                          properties:
-                            name:
-                              default: ""
-                              type: string
-                          type: object
-                          x-kubernetes-map-type: atomic
-                        targetPortal:
-                          type: string
-                      required:
-                      - iqn
-                      - lun
-                      - targetPortal
-                      type: object
-                    name:
-                      type: string
-                    nfs:
-                      properties:
-                        path:
-                          type: string
-                        readOnly:
-                          type: boolean
-                        server:
-                          type: string
-                      required:
-                      - path
-                      - server
-                      type: object
-                    persistentVolumeClaim:
-                      properties:
-                        claimName:
-                          type: string
-                        readOnly:
-                          type: boolean
-                      required:
-                      - claimName
-                      type: object
-                    photonPersistentDisk:
-                      properties:
-                        fsType:
-                          type: string
-                        pdID:
-                          type: string
-                      required:
-                      - pdID
-                      type: object
-                    portworxVolume:
-                      properties:
-                        fsType:
-                          type: string
-                        readOnly:
-                          type: boolean
-                        volumeID:
-                          type: string
-                      required:
-                      - volumeID
-                      type: object
-                    projected:
-                      properties:
-                        defaultMode:
-                          format: int32
-                          type: integer
-                        sources:
+                        env:
                           items:
                             properties:
-                              clusterTrustBundle:
+                              name:
+                                type: string
+                              value:
+                                type: string
+                              valueFrom:
                                 properties:
-                                  labelSelector:
+                                  configMapKeyRef:
                                     properties:
-                                      matchExpressions:
-                                        items:
-                                          properties:
-                                            key:
-                                              type: string
-                                            operator:
-                                              type: string
-                                            values:
-                                              items:
-                                                type: string
-                                              type: array
-                                              x-kubernetes-list-type: atomic
-                                          required:
-                                          - key
-                                          - operator
-                                          type: object
-                                        type: array
-                                        x-kubernetes-list-type: atomic
-                                      matchLabels:
-                                        additionalProperties:
-                                          type: string
-                                        type: object
+                                      key:
+                                        type: string
+                                      name:
+                                        default: ""
+                                        type: string
+                                      optional:
+                                        type: boolean
+                                    required:
+                                    - key
+                                    type: object
+                                    x-kubernetes-map-type: atomic
+                                  fieldRef:
+                                    properties:
+                                      apiVersion:
+                                        type: string
+                                      fieldPath:
+                                        type: string
+                                    required:
+                                    - fieldPath
+                                    type: object
+                                    x-kubernetes-map-type: atomic
+                                  fileKeyRef:
+                                    properties:
+                                      key:
+                                        type: string
+                                      optional:
+                                        default: false
+                                        type: boolean
+                                      path:
+                                        type: string
+                                      volumeName:
+                                        type: string
+                                    required:
+                                    - key
+                                    - path
+                                    - volumeName
+                                    type: object
+                                    x-kubernetes-map-type: atomic
+                                  resourceFieldRef:
+                                    properties:
+                                      containerName:
+                                        type: string
+                                      divisor:
+                                        anyOf:
+                                        - type: integer
+                                        - type: string
+                                        pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+                                        x-kubernetes-int-or-string: true
+                                      resource:
+                                        type: string
+                                    required:
+                                    - resource
+                                    type: object
+                                    x-kubernetes-map-type: atomic
+                                  secretKeyRef:
+                                    properties:
+                                      key:
+                                        type: string
+                                      name:
+                                        default: ""
+                                        type: string
+                                      optional:
+                                        type: boolean
+                                    required:
+                                    - key
                                     type: object
                                     x-kubernetes-map-type: atomic
-                                  name:
-                                    type: string
-                                  optional:
-                                    type: boolean
-                                  path:
-                                    type: string
-                                  signerName:
-                                    type: string
-                                required:
-                                - path
                                 type: object
-                              configMap:
+                            required:
+                            - name
+                            type: object
+                          type: array
+                          x-kubernetes-list-map-keys:
+                          - name
+                          x-kubernetes-list-type: map
+                        envFrom:
+                          items:
+                            properties:
+                              configMapRef:
                                 properties:
-                                  items:
-                                    items:
-                                      properties:
-                                        key:
-                                          type: string
-                                        mode:
-                                          format: int32
-                                          type: integer
-                                        path:
-                                          type: string
-                                      required:
-                                      - key
-                                      - path
-                                      type: object
-                                    type: array
-                                    x-kubernetes-list-type: atomic
                                   name:
                                     default: ""
                                     type: string
@@ -3697,66 +3536,10 @@ spec:
                                     type: boolean
                                 type: object
                                 x-kubernetes-map-type: atomic
-                              downwardAPI:
-                                properties:
-                                  items:
-                                    items:
-                                      properties:
-                                        fieldRef:
-                                          properties:
-                                            apiVersion:
-                                              type: string
-                                            fieldPath:
-                                              type: string
-                                          required:
-                                          - fieldPath
-                                          type: object
-                                          x-kubernetes-map-type: atomic
-                                        mode:
-                                          format: int32
-                                          type: integer
-                                        path:
-                                          type: string
-                                        resourceFieldRef:
-                                          properties:
-                                            containerName:
-                                              type: string
-                                            divisor:
-                                              anyOf:
-                                              - type: integer
-                                              - type: string
-                                              pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
-                                              x-kubernetes-int-or-string: true
-                                            resource:
-                                              type: string
-                                          required:
-                                          - resource
-                                          type: object
-                                          x-kubernetes-map-type: atomic
-                                      required:
-                                      - path
-                                      type: object
-                                    type: array
-                                    x-kubernetes-list-type: atomic
-                                type: object
-                              secret:
+                              prefix:
+                                type: string
+                              secretRef:
                                 properties:
-                                  items:
-                                    items:
-                                      properties:
-                                        key:
-                                          type: string
-                                        mode:
-                                          format: int32
-                                          type: integer
-                                        path:
-                                          type: string
-                                      required:
-                                      - key
-                                      - path
-                                      type: object
-                                    type: array
-                                    x-kubernetes-list-type: atomic
                                   name:
                                     default: ""
                                     type: string
@@ -3764,283 +3547,470 @@ spec:
                                     type: boolean
                                 type: object
                                 x-kubernetes-map-type: atomic
-                              serviceAccountToken:
-                                properties:
-                                  audience:
-                                    type: string
-                                  expirationSeconds:
-                                    format: int64
-                                    type: integer
-                                  path:
-                                    type: string
-                                required:
-                                - path
-                                type: object
                             type: object
                           type: array
                           x-kubernetes-list-type: atomic
-                      type: object
-                    quobyte:
-                      properties:
-                        group:
-                          type: string
-                        readOnly:
-                          type: boolean
-                        registry:
-                          type: string
-                        tenant:
-                          type: string
-                        user:
-                          type: string
-                        volume:
-                          type: string
-                      required:
-                      - registry
-                      - volume
-                      type: object
-                    rbd:
-                      properties:
-                        fsType:
-                          type: string
                         image:
                           type: string
-                        keyring:
-                          default: /etc/ceph/keyring
-                          type: string
-                        monitors:
-                          items:
-                            type: string
-                          type: array
-                          x-kubernetes-list-type: atomic
-                        pool:
-                          default: rbd
+                        imagePullPolicy:
                           type: string
-                        readOnly:
-                          type: boolean
-                        secretRef:
+                        lifecycle:
                           properties:
-                            name:
-                              default: ""
+                            postStart:
+                              properties:
+                                exec:
+                                  properties:
+                                    command:
+                                      items:
+                                        type: string
+                                      type: array
+                                      x-kubernetes-list-type: atomic
+                                  type: object
+                                httpGet:
+                                  properties:
+                                    host:
+                                      type: string
+                                    httpHeaders:
+                                      items:
+                                        properties:
+                                          name:
+                                            type: string
+                                          value:
+                                            type: string
+                                        required:
+                                        - name
+                                        - value
+                                        type: object
+                                      type: array
+                                      x-kubernetes-list-type: atomic
+                                    path:
+                                      type: string
+                                    port:
+                                      anyOf:
+                                      - type: integer
+                                      - type: string
+                                      x-kubernetes-int-or-string: true
+                                    scheme:
+                                      type: string
+                                  required:
+                                  - port
+                                  type: object
+                                sleep:
+                                  properties:
+                                    seconds:
+                                      format: int64
+                                      type: integer
+                                  required:
+                                  - seconds
+                                  type: object
+                                tcpSocket:
+                                  properties:
+                                    host:
+                                      type: string
+                                    port:
+                                      anyOf:
+                                      - type: integer
+                                      - type: string
+                                      x-kubernetes-int-or-string: true
+                                  required:
+                                  - port
+                                  type: object
+                              type: object
+                            preStop:
+                              properties:
+                                exec:
+                                  properties:
+                                    command:
+                                      items:
+                                        type: string
+                                      type: array
+                                      x-kubernetes-list-type: atomic
+                                  type: object
+                                httpGet:
+                                  properties:
+                                    host:
+                                      type: string
+                                    httpHeaders:
+                                      items:
+                                        properties:
+                                          name:
+                                            type: string
+                                          value:
+                                            type: string
+                                        required:
+                                        - name
+                                        - value
+                                        type: object
+                                      type: array
+                                      x-kubernetes-list-type: atomic
+                                    path:
+                                      type: string
+                                    port:
+                                      anyOf:
+                                      - type: integer
+                                      - type: string
+                                      x-kubernetes-int-or-string: true
+                                    scheme:
+                                      type: string
+                                  required:
+                                  - port
+                                  type: object
+                                sleep:
+                                  properties:
+                                    seconds:
+                                      format: int64
+                                      type: integer
+                                  required:
+                                  - seconds
+                                  type: object
+                                tcpSocket:
+                                  properties:
+                                    host:
+                                      type: string
+                                    port:
+                                      anyOf:
+                                      - type: integer
+                                      - type: string
+                                      x-kubernetes-int-or-string: true
+                                  required:
+                                  - port
+                                  type: object
+                              type: object
+                            stopSignal:
                               type: string
                           type: object
-                          x-kubernetes-map-type: atomic
-                        user:
-                          default: admin
-                          type: string
-                      required:
-                      - image
-                      - monitors
-                      type: object
-                    scaleIO:
-                      properties:
-                        fsType:
-                          default: xfs
-                          type: string
-                        gateway:
-                          type: string
-                        protectionDomain:
-                          type: string
-                        readOnly:
-                          type: boolean
-                        secretRef:
+                        livenessProbe:
                           properties:
-                            name:
-                              default: ""
-                              type: string
+                            exec:
+                              properties:
+                                command:
+                                  items:
+                                    type: string
+                                  type: array
+                                  x-kubernetes-list-type: atomic
+                              type: object
+                            failureThreshold:
+                              format: int32
+                              type: integer
+                            grpc:
+                              properties:
+                                port:
+                                  format: int32
+                                  type: integer
+                                service:
+                                  default: ""
+                                  type: string
+                              required:
+                              - port
+                              type: object
+                            httpGet:
+                              properties:
+                                host:
+                                  type: string
+                                httpHeaders:
+                                  items:
+                                    properties:
+                                      name:
+                                        type: string
+                                      value:
+                                        type: string
+                                    required:
+                                    - name
+                                    - value
+                                    type: object
+                                  type: array
+                                  x-kubernetes-list-type: atomic
+                                path:
+                                  type: string
+                                port:
+                                  anyOf:
+                                  - type: integer
+                                  - type: string
+                                  x-kubernetes-int-or-string: true
+                                scheme:
+                                  type: string
+                              required:
+                              - port
+                              type: object
+                            initialDelaySeconds:
+                              format: int32
+                              type: integer
+                            periodSeconds:
+                              format: int32
+                              type: integer
+                            successThreshold:
+                              format: int32
+                              type: integer
+                            tcpSocket:
+                              properties:
+                                host:
+                                  type: string
+                                port:
+                                  anyOf:
+                                  - type: integer
+                                  - type: string
+                                  x-kubernetes-int-or-string: true
+                              required:
+                              - port
+                              type: object
+                            terminationGracePeriodSeconds:
+                              format: int64
+                              type: integer
+                            timeoutSeconds:
+                              format: int32
+                              type: integer
                           type: object
-                          x-kubernetes-map-type: atomic
-                        sslEnabled:
-                          type: boolean
-                        storageMode:
-                          default: ThinProvisioned
-                          type: string
-                        storagePool:
-                          type: string
-                        system:
-                          type: string
-                        volumeName:
+                        name:
                           type: string
-                      required:
-                      - gateway
-                      - secretRef
-                      - system
-                      type: object
-                    secret:
-                      properties:
-                        defaultMode:
-                          format: int32
-                          type: integer
-                        items:
+                        ports:
                           items:
                             properties:
-                              key:
+                              containerPort:
+                                format: int32
+                                type: integer
+                              hostIP:
                                 type: string
-                              mode:
+                              hostPort:
                                 format: int32
                                 type: integer
-                              path:
+                              name:
+                                type: string
+                              protocol:
+                                default: TCP
                                 type: string
                             required:
-                            - key
-                            - path
+                            - containerPort
                             type: object
                           type: array
-                          x-kubernetes-list-type: atomic
-                        optional:
-                          type: boolean
-                        secretName:
-                          type: string
-                      type: object
-                    storageos:
-                      properties:
-                        fsType:
-                          type: string
-                        readOnly:
-                          type: boolean
-                        secretRef:
+                          x-kubernetes-list-map-keys:
+                          - containerPort
+                          - protocol
+                          x-kubernetes-list-type: map
+                        readinessProbe:
                           properties:
-                            name:
-                              default: ""
-                              type: string
+                            exec:
+                              properties:
+                                command:
+                                  items:
+                                    type: string
+                                  type: array
+                                  x-kubernetes-list-type: atomic
+                              type: object
+                            failureThreshold:
+                              format: int32
+                              type: integer
+                            grpc:
+                              properties:
+                                port:
+                                  format: int32
+                                  type: integer
+                                service:
+                                  default: ""
+                                  type: string
+                              required:
+                              - port
+                              type: object
+                            httpGet:
+                              properties:
+                                host:
+                                  type: string
+                                httpHeaders:
+                                  items:
+                                    properties:
+                                      name:
+                                        type: string
+                                      value:
+                                        type: string
+                                    required:
+                                    - name
+                                    - value
+                                    type: object
+                                  type: array
+                                  x-kubernetes-list-type: atomic
+                                path:
+                                  type: string
+                                port:
+                                  anyOf:
+                                  - type: integer
+                                  - type: string
+                                  x-kubernetes-int-or-string: true
+                                scheme:
+                                  type: string
+                              required:
+                              - port
+                              type: object
+                            initialDelaySeconds:
+                              format: int32
+                              type: integer
+                            periodSeconds:
+                              format: int32
+                              type: integer
+                            successThreshold:
+                              format: int32
+                              type: integer
+                            tcpSocket:
+                              properties:
+                                host:
+                                  type: string
+                                port:
+                                  anyOf:
+                                  - type: integer
+                                  - type: string
+                                  x-kubernetes-int-or-string: true
+                              required:
+                              - port
+                              type: object
+                            terminationGracePeriodSeconds:
+                              format: int64
+                              type: integer
+                            timeoutSeconds:
+                              format: int32
+                              type: integer
                           type: object
-                          x-kubernetes-map-type: atomic
-                        volumeName:
-                          type: string
-                        volumeNamespace:
-                          type: string
-                      type: object
-                    vsphereVolume:
-                      properties:
-                        fsType:
-                          type: string
-                        storagePolicyID:
-                          type: string
-                        storagePolicyName:
-                          type: string
-                        volumePath:
-                          type: string
-                      required:
-                      - volumePath
-                      type: object
-                  required:
-                  - name
-                  type: object
-                type: array
-              sidecars:
-                items:
-                  properties:
-                    args:
-                      items:
-                        type: string
-                      type: array
-                      x-kubernetes-list-type: atomic
-                    command:
-                      items:
-                        type: string
-                      type: array
-                      x-kubernetes-list-type: atomic
-                    env:
-                      items:
-                        properties:
-                          name:
-                            type: string
-                          value:
-                            type: string
-                          valueFrom:
+                        resizePolicy:
+                          items:
                             properties:
-                              configMapKeyRef:
+                              resourceName:
+                                type: string
+                              restartPolicy:
+                                type: string
+                            required:
+                            - resourceName
+                            - restartPolicy
+                            type: object
+                          type: array
+                          x-kubernetes-list-type: atomic
+                        resources:
+                          properties:
+                            claims:
+                              items:
                                 properties:
-                                  key:
-                                    type: string
                                   name:
-                                    default: ""
-                                    type: string
-                                  optional:
-                                    type: boolean
-                                required:
-                                - key
-                                type: object
-                                x-kubernetes-map-type: atomic
-                              fieldRef:
-                                properties:
-                                  apiVersion:
                                     type: string
-                                  fieldPath:
+                                  request:
                                     type: string
                                 required:
-                                - fieldPath
+                                - name
                                 type: object
-                                x-kubernetes-map-type: atomic
-                              resourceFieldRef:
+                              type: array
+                              x-kubernetes-list-map-keys:
+                              - name
+                              x-kubernetes-list-type: map
+                            limits:
+                              additionalProperties:
+                                anyOf:
+                                - type: integer
+                                - type: string
+                                pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+                                x-kubernetes-int-or-string: true
+                              type: object
+                            requests:
+                              additionalProperties:
+                                anyOf:
+                                - type: integer
+                                - type: string
+                                pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+                                x-kubernetes-int-or-string: true
+                              type: object
+                          type: object
+                        restartPolicy:
+                          type: string
+                        restartPolicyRules:
+                          items:
+                            properties:
+                              action:
+                                type: string
+                              exitCodes:
                                 properties:
-                                  containerName:
-                                    type: string
-                                  divisor:
-                                    anyOf:
-                                    - type: integer
-                                    - type: string
-                                    pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
-                                    x-kubernetes-int-or-string: true
-                                  resource:
+                                  operator:
                                     type: string
+                                  values:
+                                    items:
+                                      format: int32
+                                      type: integer
+                                    type: array
+                                    x-kubernetes-list-type: set
                                 required:
-                                - resource
+                                - operator
                                 type: object
-                                x-kubernetes-map-type: atomic
-                              secretKeyRef:
-                                properties:
-                                  key:
+                            required:
+                            - action
+                            type: object
+                          type: array
+                          x-kubernetes-list-type: atomic
+                        securityContext:
+                          properties:
+                            allowPrivilegeEscalation:
+                              type: boolean
+                            appArmorProfile:
+                              properties:
+                                localhostProfile:
+                                  type: string
+                                type:
+                                  type: string
+                              required:
+                              - type
+                              type: object
+                            capabilities:
+                              properties:
+                                add:
+                                  items:
                                     type: string
-                                  name:
-                                    default: ""
+                                  type: array
+                                  x-kubernetes-list-type: atomic
+                                drop:
+                                  items:
                                     type: string
-                                  optional:
-                                    type: boolean
-                                required:
-                                - key
-                                type: object
-                                x-kubernetes-map-type: atomic
-                            type: object
-                        required:
-                        - name
-                        type: object
-                      type: array
-                      x-kubernetes-list-map-keys:
-                      - name
-                      x-kubernetes-list-type: map
-                    envFrom:
-                      items:
-                        properties:
-                          configMapRef:
-                            properties:
-                              name:
-                                default: ""
-                                type: string
-                              optional:
-                                type: boolean
-                            type: object
-                            x-kubernetes-map-type: atomic
-                          prefix:
-                            type: string
-                          secretRef:
-                            properties:
-                              name:
-                                default: ""
-                                type: string
-                              optional:
-                                type: boolean
-                            type: object
-                            x-kubernetes-map-type: atomic
-                        type: object
-                      type: array
-                      x-kubernetes-list-type: atomic
-                    image:
-                      type: string
-                    imagePullPolicy:
-                      type: string
-                    lifecycle:
-                      properties:
-                        postStart:
+                                  type: array
+                                  x-kubernetes-list-type: atomic
+                              type: object
+                            privileged:
+                              type: boolean
+                            procMount:
+                              type: string
+                            readOnlyRootFilesystem:
+                              type: boolean
+                            runAsGroup:
+                              format: int64
+                              type: integer
+                            runAsNonRoot:
+                              type: boolean
+                            runAsUser:
+                              format: int64
+                              type: integer
+                            seLinuxOptions:
+                              properties:
+                                level:
+                                  type: string
+                                role:
+                                  type: string
+                                type:
+                                  type: string
+                                user:
+                                  type: string
+                              type: object
+                            seccompProfile:
+                              properties:
+                                localhostProfile:
+                                  type: string
+                                type:
+                                  type: string
+                              required:
+                              - type
+                              type: object
+                            windowsOptions:
+                              properties:
+                                gmsaCredentialSpec:
+                                  type: string
+                                gmsaCredentialSpecName:
+                                  type: string
+                                hostProcess:
+                                  type: boolean
+                                runAsUserName:
+                                  type: string
+                              type: object
+                          type: object
+                        startupProbe:
                           properties:
                             exec:
                               properties:
@@ -4050,6 +4020,20 @@ spec:
                                   type: array
                                   x-kubernetes-list-type: atomic
                               type: object
+                            failureThreshold:
+                              format: int32
+                              type: integer
+                            grpc:
+                              properties:
+                                port:
+                                  format: int32
+                                  type: integer
+                                service:
+                                  default: ""
+                                  type: string
+                              required:
+                              - port
+                              type: object
                             httpGet:
                               properties:
                                 host:
@@ -4079,14 +4063,15 @@ spec:
                               required:
                               - port
                               type: object
-                            sleep:
-                              properties:
-                                seconds:
-                                  format: int64
-                                  type: integer
-                              required:
-                              - seconds
-                              type: object
+                            initialDelaySeconds:
+                              format: int32
+                              type: integer
+                            periodSeconds:
+                              format: int32
+                              type: integer
+                            successThreshold:
+                              format: int32
+                              type: integer
                             tcpSocket:
                               properties:
                                 host:
@@ -4099,513 +4084,888 @@ spec:
                               required:
                               - port
                               type: object
+                            terminationGracePeriodSeconds:
+                              format: int64
+                              type: integer
+                            timeoutSeconds:
+                              format: int32
+                              type: integer
+                          type: object
+                        stdin:
+                          type: boolean
+                        stdinOnce:
+                          type: boolean
+                        terminationMessagePath:
+                          type: string
+                        terminationMessagePolicy:
+                          type: string
+                        tty:
+                          type: boolean
+                        volumeDevices:
+                          items:
+                            properties:
+                              devicePath:
+                                type: string
+                              name:
+                                type: string
+                            required:
+                            - devicePath
+                            - name
+                            type: object
+                          type: array
+                          x-kubernetes-list-map-keys:
+                          - devicePath
+                          x-kubernetes-list-type: map
+                        volumeMounts:
+                          items:
+                            properties:
+                              mountPath:
+                                type: string
+                              mountPropagation:
+                                type: string
+                              name:
+                                type: string
+                              readOnly:
+                                type: boolean
+                              recursiveReadOnly:
+                                type: string
+                              subPath:
+                                type: string
+                              subPathExpr:
+                                type: string
+                            required:
+                            - mountPath
+                            - name
+                            type: object
+                          type: array
+                          x-kubernetes-list-map-keys:
+                          - mountPath
+                          x-kubernetes-list-type: map
+                        workingDir:
+                          type: string
+                      required:
+                      - name
+                      type: object
+                    type: array
+                  volumes:
+                    items:
+                      properties:
+                        awsElasticBlockStore:
+                          properties:
+                            fsType:
+                              type: string
+                            partition:
+                              format: int32
+                              type: integer
+                            readOnly:
+                              type: boolean
+                            volumeID:
+                              type: string
+                          required:
+                          - volumeID
                           type: object
-                        preStop:
+                        azureDisk:
                           properties:
-                            exec:
+                            cachingMode:
+                              type: string
+                            diskName:
+                              type: string
+                            diskURI:
+                              type: string
+                            fsType:
+                              default: ext4
+                              type: string
+                            kind:
+                              type: string
+                            readOnly:
+                              default: false
+                              type: boolean
+                          required:
+                          - diskName
+                          - diskURI
+                          type: object
+                        azureFile:
+                          properties:
+                            readOnly:
+                              type: boolean
+                            secretName:
+                              type: string
+                            shareName:
+                              type: string
+                          required:
+                          - secretName
+                          - shareName
+                          type: object
+                        cephfs:
+                          properties:
+                            monitors:
+                              items:
+                                type: string
+                              type: array
+                              x-kubernetes-list-type: atomic
+                            path:
+                              type: string
+                            readOnly:
+                              type: boolean
+                            secretFile:
+                              type: string
+                            secretRef:
                               properties:
-                                command:
-                                  items:
-                                    type: string
-                                  type: array
-                                  x-kubernetes-list-type: atomic
+                                name:
+                                  default: ""
+                                  type: string
                               type: object
-                            httpGet:
+                              x-kubernetes-map-type: atomic
+                            user:
+                              type: string
+                          required:
+                          - monitors
+                          type: object
+                        cinder:
+                          properties:
+                            fsType:
+                              type: string
+                            readOnly:
+                              type: boolean
+                            secretRef:
                               properties:
-                                host:
+                                name:
+                                  default: ""
                                   type: string
-                                httpHeaders:
-                                  items:
+                              type: object
+                              x-kubernetes-map-type: atomic
+                            volumeID:
+                              type: string
+                          required:
+                          - volumeID
+                          type: object
+                        configMap:
+                          properties:
+                            defaultMode:
+                              format: int32
+                              type: integer
+                            items:
+                              items:
+                                properties:
+                                  key:
+                                    type: string
+                                  mode:
+                                    format: int32
+                                    type: integer
+                                  path:
+                                    type: string
+                                required:
+                                - key
+                                - path
+                                type: object
+                              type: array
+                              x-kubernetes-list-type: atomic
+                            name:
+                              default: ""
+                              type: string
+                            optional:
+                              type: boolean
+                          type: object
+                          x-kubernetes-map-type: atomic
+                        csi:
+                          properties:
+                            driver:
+                              type: string
+                            fsType:
+                              type: string
+                            nodePublishSecretRef:
+                              properties:
+                                name:
+                                  default: ""
+                                  type: string
+                              type: object
+                              x-kubernetes-map-type: atomic
+                            readOnly:
+                              type: boolean
+                            volumeAttributes:
+                              additionalProperties:
+                                type: string
+                              type: object
+                          required:
+                          - driver
+                          type: object
+                        downwardAPI:
+                          properties:
+                            defaultMode:
+                              format: int32
+                              type: integer
+                            items:
+                              items:
+                                properties:
+                                  fieldRef:
                                     properties:
-                                      name:
+                                      apiVersion:
                                         type: string
-                                      value:
+                                      fieldPath:
                                         type: string
                                     required:
-                                    - name
-                                    - value
+                                    - fieldPath
                                     type: object
-                                  type: array
-                                  x-kubernetes-list-type: atomic
-                                path:
-                                  type: string
-                                port:
-                                  anyOf:
-                                  - type: integer
-                                  - type: string
-                                  x-kubernetes-int-or-string: true
-                                scheme:
-                                  type: string
-                              required:
-                              - port
-                              type: object
-                            sleep:
+                                    x-kubernetes-map-type: atomic
+                                  mode:
+                                    format: int32
+                                    type: integer
+                                  path:
+                                    type: string
+                                  resourceFieldRef:
+                                    properties:
+                                      containerName:
+                                        type: string
+                                      divisor:
+                                        anyOf:
+                                        - type: integer
+                                        - type: string
+                                        pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+                                        x-kubernetes-int-or-string: true
+                                      resource:
+                                        type: string
+                                    required:
+                                    - resource
+                                    type: object
+                                    x-kubernetes-map-type: atomic
+                                required:
+                                - path
+                                type: object
+                              type: array
+                              x-kubernetes-list-type: atomic
+                          type: object
+                        emptyDir:
+                          properties:
+                            medium:
+                              type: string
+                            sizeLimit:
+                              anyOf:
+                              - type: integer
+                              - type: string
+                              pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+                              x-kubernetes-int-or-string: true
+                          type: object
+                        ephemeral:
+                          properties:
+                            volumeClaimTemplate:
                               properties:
-                                seconds:
-                                  format: int64
-                                  type: integer
+                                metadata:
+                                  type: object
+                                spec:
+                                  properties:
+                                    accessModes:
+                                      items:
+                                        type: string
+                                      type: array
+                                      x-kubernetes-list-type: atomic
+                                    dataSource:
+                                      properties:
+                                        apiGroup:
+                                          type: string
+                                        kind:
+                                          type: string
+                                        name:
+                                          type: string
+                                      required:
+                                      - kind
+                                      - name
+                                      type: object
+                                      x-kubernetes-map-type: atomic
+                                    dataSourceRef:
+                                      properties:
+                                        apiGroup:
+                                          type: string
+                                        kind:
+                                          type: string
+                                        name:
+                                          type: string
+                                        namespace:
+                                          type: string
+                                      required:
+                                      - kind
+                                      - name
+                                      type: object
+                                    resources:
+                                      properties:
+                                        limits:
+                                          additionalProperties:
+                                            anyOf:
+                                            - type: integer
+                                            - type: string
+                                            pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+                                            x-kubernetes-int-or-string: true
+                                          type: object
+                                        requests:
+                                          additionalProperties:
+                                            anyOf:
+                                            - type: integer
+                                            - type: string
+                                            pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+                                            x-kubernetes-int-or-string: true
+                                          type: object
+                                      type: object
+                                    selector:
+                                      properties:
+                                        matchExpressions:
+                                          items:
+                                            properties:
+                                              key:
+                                                type: string
+                                              operator:
+                                                type: string
+                                              values:
+                                                items:
+                                                  type: string
+                                                type: array
+                                                x-kubernetes-list-type: atomic
+                                            required:
+                                            - key
+                                            - operator
+                                            type: object
+                                          type: array
+                                          x-kubernetes-list-type: atomic
+                                        matchLabels:
+                                          additionalProperties:
+                                            type: string
+                                          type: object
+                                      type: object
+                                      x-kubernetes-map-type: atomic
+                                    storageClassName:
+                                      type: string
+                                    volumeAttributesClassName:
+                                      type: string
+                                    volumeMode:
+                                      type: string
+                                    volumeName:
+                                      type: string
+                                  type: object
                               required:
-                              - seconds
+                              - spec
+                              type: object
+                          type: object
+                        fc:
+                          properties:
+                            fsType:
+                              type: string
+                            lun:
+                              format: int32
+                              type: integer
+                            readOnly:
+                              type: boolean
+                            targetWWNs:
+                              items:
+                                type: string
+                              type: array
+                              x-kubernetes-list-type: atomic
+                            wwids:
+                              items:
+                                type: string
+                              type: array
+                              x-kubernetes-list-type: atomic
+                          type: object
+                        flexVolume:
+                          properties:
+                            driver:
+                              type: string
+                            fsType:
+                              type: string
+                            options:
+                              additionalProperties:
+                                type: string
                               type: object
-                            tcpSocket:
+                            readOnly:
+                              type: boolean
+                            secretRef:
                               properties:
-                                host:
+                                name:
+                                  default: ""
                                   type: string
-                                port:
-                                  anyOf:
-                                  - type: integer
-                                  - type: string
-                                  x-kubernetes-int-or-string: true
-                              required:
-                              - port
                               type: object
+                              x-kubernetes-map-type: atomic
+                          required:
+                          - driver
                           type: object
-                      type: object
-                    livenessProbe:
-                      properties:
-                        exec:
+                        flocker:
                           properties:
-                            command:
-                              items:
-                                type: string
-                              type: array
-                              x-kubernetes-list-type: atomic
+                            datasetName:
+                              type: string
+                            datasetUUID:
+                              type: string
                           type: object
-                        failureThreshold:
-                          format: int32
-                          type: integer
-                        grpc:
+                        gcePersistentDisk:
                           properties:
-                            port:
+                            fsType:
+                              type: string
+                            partition:
                               format: int32
                               type: integer
-                            service:
-                              default: ""
+                            pdName:
                               type: string
+                            readOnly:
+                              type: boolean
                           required:
-                          - port
+                          - pdName
                           type: object
-                        httpGet:
+                        gitRepo:
                           properties:
-                            host:
+                            directory:
                               type: string
-                            httpHeaders:
-                              items:
-                                properties:
-                                  name:
-                                    type: string
-                                  value:
-                                    type: string
-                                required:
-                                - name
-                                - value
-                                type: object
-                              type: array
-                              x-kubernetes-list-type: atomic
-                            path:
+                            repository:
                               type: string
-                            port:
-                              anyOf:
-                              - type: integer
-                              - type: string
-                              x-kubernetes-int-or-string: true
-                            scheme:
+                            revision:
                               type: string
                           required:
-                          - port
+                          - repository
                           type: object
-                        initialDelaySeconds:
-                          format: int32
-                          type: integer
-                        periodSeconds:
-                          format: int32
-                          type: integer
-                        successThreshold:
-                          format: int32
-                          type: integer
-                        tcpSocket:
+                        glusterfs:
                           properties:
-                            host:
+                            endpoints:
                               type: string
-                            port:
-                              anyOf:
-                              - type: integer
-                              - type: string
-                              x-kubernetes-int-or-string: true
+                            path:
+                              type: string
+                            readOnly:
+                              type: boolean
                           required:
-                          - port
+                          - endpoints
+                          - path
                           type: object
-                        terminationGracePeriodSeconds:
-                          format: int64
-                          type: integer
-                        timeoutSeconds:
-                          format: int32
-                          type: integer
-                      type: object
-                    name:
-                      type: string
-                    ports:
-                      items:
-                        properties:
-                          containerPort:
-                            format: int32
-                            type: integer
-                          hostIP:
-                            type: string
-                          hostPort:
-                            format: int32
-                            type: integer
-                          name:
-                            type: string
-                          protocol:
-                            default: TCP
-                            type: string
-                        required:
-                        - containerPort
-                        type: object
-                      type: array
-                      x-kubernetes-list-map-keys:
-                      - containerPort
-                      - protocol
-                      x-kubernetes-list-type: map
-                    readinessProbe:
-                      properties:
-                        exec:
+                        hostPath:
                           properties:
-                            command:
-                              items:
-                                type: string
-                              type: array
-                              x-kubernetes-list-type: atomic
+                            path:
+                              type: string
+                            type:
+                              type: string
+                          required:
+                          - path
                           type: object
-                        failureThreshold:
-                          format: int32
-                          type: integer
-                        grpc:
+                        image:
                           properties:
-                            port:
-                              format: int32
-                              type: integer
-                            service:
-                              default: ""
+                            pullPolicy:
+                              type: string
+                            reference:
                               type: string
-                          required:
-                          - port
                           type: object
-                        httpGet:
+                        iscsi:
                           properties:
-                            host:
+                            chapAuthDiscovery:
+                              type: boolean
+                            chapAuthSession:
+                              type: boolean
+                            fsType:
+                              type: string
+                            initiatorName:
+                              type: string
+                            iqn:
+                              type: string
+                            iscsiInterface:
+                              default: default
                               type: string
-                            httpHeaders:
+                            lun:
+                              format: int32
+                              type: integer
+                            portals:
                               items:
-                                properties:
-                                  name:
-                                    type: string
-                                  value:
-                                    type: string
-                                required:
-                                - name
-                                - value
-                                type: object
+                                type: string
                               type: array
                               x-kubernetes-list-type: atomic
+                            readOnly:
+                              type: boolean
+                            secretRef:
+                              properties:
+                                name:
+                                  default: ""
+                                  type: string
+                              type: object
+                              x-kubernetes-map-type: atomic
+                            targetPortal:
+                              type: string
+                          required:
+                          - iqn
+                          - lun
+                          - targetPortal
+                          type: object
+                        name:
+                          type: string
+                        nfs:
+                          properties:
                             path:
                               type: string
-                            port:
-                              anyOf:
-                              - type: integer
-                              - type: string
-                              x-kubernetes-int-or-string: true
-                            scheme:
+                            readOnly:
+                              type: boolean
+                            server:
                               type: string
                           required:
-                          - port
+                          - path
+                          - server
                           type: object
-                        initialDelaySeconds:
-                          format: int32
-                          type: integer
-                        periodSeconds:
-                          format: int32
-                          type: integer
-                        successThreshold:
-                          format: int32
-                          type: integer
-                        tcpSocket:
+                        persistentVolumeClaim:
                           properties:
-                            host:
+                            claimName:
                               type: string
-                            port:
-                              anyOf:
-                              - type: integer
-                              - type: string
-                              x-kubernetes-int-or-string: true
+                            readOnly:
+                              type: boolean
                           required:
-                          - port
-                          type: object
-                        terminationGracePeriodSeconds:
-                          format: int64
-                          type: integer
-                        timeoutSeconds:
-                          format: int32
-                          type: integer
-                      type: object
-                    resizePolicy:
-                      items:
-                        properties:
-                          resourceName:
-                            type: string
-                          restartPolicy:
-                            type: string
-                        required:
-                        - resourceName
-                        - restartPolicy
-                        type: object
-                      type: array
-                      x-kubernetes-list-type: atomic
-                    resources:
-                      properties:
-                        claims:
-                          items:
-                            properties:
-                              name:
-                                type: string
-                              request:
-                                type: string
-                            required:
-                            - name
-                            type: object
-                          type: array
-                          x-kubernetes-list-map-keys:
-                          - name
-                          x-kubernetes-list-type: map
-                        limits:
-                          additionalProperties:
-                            anyOf:
-                            - type: integer
-                            - type: string
-                            pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
-                            x-kubernetes-int-or-string: true
+                          - claimName
                           type: object
-                        requests:
-                          additionalProperties:
-                            anyOf:
-                            - type: integer
-                            - type: string
-                            pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
-                            x-kubernetes-int-or-string: true
+                        photonPersistentDisk:
+                          properties:
+                            fsType:
+                              type: string
+                            pdID:
+                              type: string
+                          required:
+                          - pdID
                           type: object
-                      type: object
-                    restartPolicy:
-                      type: string
-                    securityContext:
-                      properties:
-                        allowPrivilegeEscalation:
-                          type: boolean
-                        appArmorProfile:
+                        portworxVolume:
                           properties:
-                            localhostProfile:
+                            fsType:
                               type: string
-                            type:
+                            readOnly:
+                              type: boolean
+                            volumeID:
                               type: string
                           required:
-                          - type
+                          - volumeID
                           type: object
-                        capabilities:
+                        projected:
                           properties:
-                            add:
-                              items:
-                                type: string
-                              type: array
-                              x-kubernetes-list-type: atomic
-                            drop:
+                            defaultMode:
+                              format: int32
+                              type: integer
+                            sources:
                               items:
-                                type: string
+                                properties:
+                                  clusterTrustBundle:
+                                    properties:
+                                      labelSelector:
+                                        properties:
+                                          matchExpressions:
+                                            items:
+                                              properties:
+                                                key:
+                                                  type: string
+                                                operator:
+                                                  type: string
+                                                values:
+                                                  items:
+                                                    type: string
+                                                  type: array
+                                                  x-kubernetes-list-type: atomic
+                                              required:
+                                              - key
+                                              - operator
+                                              type: object
+                                            type: array
+                                            x-kubernetes-list-type: atomic
+                                          matchLabels:
+                                            additionalProperties:
+                                              type: string
+                                            type: object
+                                        type: object
+                                        x-kubernetes-map-type: atomic
+                                      name:
+                                        type: string
+                                      optional:
+                                        type: boolean
+                                      path:
+                                        type: string
+                                      signerName:
+                                        type: string
+                                    required:
+                                    - path
+                                    type: object
+                                  configMap:
+                                    properties:
+                                      items:
+                                        items:
+                                          properties:
+                                            key:
+                                              type: string
+                                            mode:
+                                              format: int32
+                                              type: integer
+                                            path:
+                                              type: string
+                                          required:
+                                          - key
+                                          - path
+                                          type: object
+                                        type: array
+                                        x-kubernetes-list-type: atomic
+                                      name:
+                                        default: ""
+                                        type: string
+                                      optional:
+                                        type: boolean
+                                    type: object
+                                    x-kubernetes-map-type: atomic
+                                  downwardAPI:
+                                    properties:
+                                      items:
+                                        items:
+                                          properties:
+                                            fieldRef:
+                                              properties:
+                                                apiVersion:
+                                                  type: string
+                                                fieldPath:
+                                                  type: string
+                                              required:
+                                              - fieldPath
+                                              type: object
+                                              x-kubernetes-map-type: atomic
+                                            mode:
+                                              format: int32
+                                              type: integer
+                                            path:
+                                              type: string
+                                            resourceFieldRef:
+                                              properties:
+                                                containerName:
+                                                  type: string
+                                                divisor:
+                                                  anyOf:
+                                                  - type: integer
+                                                  - type: string
+                                                  pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+                                                  x-kubernetes-int-or-string: true
+                                                resource:
+                                                  type: string
+                                              required:
+                                              - resource
+                                              type: object
+                                              x-kubernetes-map-type: atomic
+                                          required:
+                                          - path
+                                          type: object
+                                        type: array
+                                        x-kubernetes-list-type: atomic
+                                    type: object
+                                  podCertificate:
+                                    properties:
+                                      certificateChainPath:
+                                        type: string
+                                      credentialBundlePath:
+                                        type: string
+                                      keyPath:
+                                        type: string
+                                      keyType:
+                                        type: string
+                                      maxExpirationSeconds:
+                                        format: int32
+                                        type: integer
+                                      signerName:
+                                        type: string
+                                    required:
+                                    - keyType
+                                    - signerName
+                                    type: object
+                                  secret:
+                                    properties:
+                                      items:
+                                        items:
+                                          properties:
+                                            key:
+                                              type: string
+                                            mode:
+                                              format: int32
+                                              type: integer
+                                            path:
+                                              type: string
+                                          required:
+                                          - key
+                                          - path
+                                          type: object
+                                        type: array
+                                        x-kubernetes-list-type: atomic
+                                      name:
+                                        default: ""
+                                        type: string
+                                      optional:
+                                        type: boolean
+                                    type: object
+                                    x-kubernetes-map-type: atomic
+                                  serviceAccountToken:
+                                    properties:
+                                      audience:
+                                        type: string
+                                      expirationSeconds:
+                                        format: int64
+                                        type: integer
+                                      path:
+                                        type: string
+                                    required:
+                                    - path
+                                    type: object
+                                type: object
                               type: array
                               x-kubernetes-list-type: atomic
                           type: object
-                        privileged:
-                          type: boolean
-                        procMount:
-                          type: string
-                        readOnlyRootFilesystem:
-                          type: boolean
-                        runAsGroup:
-                          format: int64
-                          type: integer
-                        runAsNonRoot:
-                          type: boolean
-                        runAsUser:
-                          format: int64
-                          type: integer
-                        seLinuxOptions:
+                        quobyte:
                           properties:
-                            level:
+                            group:
                               type: string
-                            role:
+                            readOnly:
+                              type: boolean
+                            registry:
                               type: string
-                            type:
+                            tenant:
                               type: string
                             user:
                               type: string
-                          type: object
-                        seccompProfile:
-                          properties:
-                            localhostProfile:
-                              type: string
-                            type:
+                            volume:
                               type: string
                           required:
-                          - type
+                          - registry
+                          - volume
                           type: object
-                        windowsOptions:
+                        rbd:
                           properties:
-                            gmsaCredentialSpec:
+                            fsType:
                               type: string
-                            gmsaCredentialSpecName:
+                            image:
                               type: string
-                            hostProcess:
-                              type: boolean
-                            runAsUserName:
+                            keyring:
+                              default: /etc/ceph/keyring
                               type: string
-                          type: object
-                      type: object
-                    startupProbe:
-                      properties:
-                        exec:
-                          properties:
-                            command:
+                            monitors:
                               items:
                                 type: string
                               type: array
                               x-kubernetes-list-type: atomic
+                            pool:
+                              default: rbd
+                              type: string
+                            readOnly:
+                              type: boolean
+                            secretRef:
+                              properties:
+                                name:
+                                  default: ""
+                                  type: string
+                              type: object
+                              x-kubernetes-map-type: atomic
+                            user:
+                              default: admin
+                              type: string
+                          required:
+                          - image
+                          - monitors
                           type: object
-                        failureThreshold:
-                          format: int32
-                          type: integer
-                        grpc:
+                        scaleIO:
                           properties:
-                            port:
-                              format: int32
-                              type: integer
-                            service:
-                              default: ""
+                            fsType:
+                              default: xfs
+                              type: string
+                            gateway:
+                              type: string
+                            protectionDomain:
+                              type: string
+                            readOnly:
+                              type: boolean
+                            secretRef:
+                              properties:
+                                name:
+                                  default: ""
+                                  type: string
+                              type: object
+                              x-kubernetes-map-type: atomic
+                            sslEnabled:
+                              type: boolean
+                            storageMode:
+                              default: ThinProvisioned
+                              type: string
+                            storagePool:
+                              type: string
+                            system:
+                              type: string
+                            volumeName:
                               type: string
                           required:
-                          - port
+                          - gateway
+                          - secretRef
+                          - system
                           type: object
-                        httpGet:
+                        secret:
                           properties:
-                            host:
-                              type: string
-                            httpHeaders:
+                            defaultMode:
+                              format: int32
+                              type: integer
+                            items:
                               items:
                                 properties:
-                                  name:
+                                  key:
                                     type: string
-                                  value:
+                                  mode:
+                                    format: int32
+                                    type: integer
+                                  path:
                                     type: string
                                 required:
-                                - name
-                                - value
+                                - key
+                                - path
                                 type: object
                               type: array
                               x-kubernetes-list-type: atomic
-                            path:
+                            optional:
+                              type: boolean
+                            secretName:
                               type: string
-                            port:
-                              anyOf:
-                              - type: integer
-                              - type: string
-                              x-kubernetes-int-or-string: true
-                            scheme:
+                          type: object
+                        storageos:
+                          properties:
+                            fsType:
+                              type: string
+                            readOnly:
+                              type: boolean
+                            secretRef:
+                              properties:
+                                name:
+                                  default: ""
+                                  type: string
+                              type: object
+                              x-kubernetes-map-type: atomic
+                            volumeName:
+                              type: string
+                            volumeNamespace:
                               type: string
-                          required:
-                          - port
                           type: object
-                        initialDelaySeconds:
-                          format: int32
-                          type: integer
-                        periodSeconds:
-                          format: int32
-                          type: integer
-                        successThreshold:
-                          format: int32
-                          type: integer
-                        tcpSocket:
+                        vsphereVolume:
                           properties:
-                            host:
+                            fsType:
+                              type: string
+                            storagePolicyID:
+                              type: string
+                            storagePolicyName:
+                              type: string
+                            volumePath:
                               type: string
-                            port:
-                              anyOf:
-                              - type: integer
-                              - type: string
-                              x-kubernetes-int-or-string: true
                           required:
-                          - port
+                          - volumePath
                           type: object
-                        terminationGracePeriodSeconds:
-                          format: int64
-                          type: integer
-                        timeoutSeconds:
-                          format: int32
-                          type: integer
+                      required:
+                      - name
                       type: object
-                    stdin:
-                      type: boolean
-                    stdinOnce:
-                      type: boolean
-                    terminationMessagePath:
-                      type: string
-                    terminationMessagePolicy:
-                      type: string
-                    tty:
-                      type: boolean
-                    volumeDevices:
-                      items:
-                        properties:
-                          devicePath:
-                            type: string
-                          name:
-                            type: string
-                        required:
-                        - devicePath
-                        - name
-                        type: object
-                      type: array
-                      x-kubernetes-list-map-keys:
-                      - devicePath
-                      x-kubernetes-list-type: map
-                    volumeMounts:
-                      items:
-                        properties:
-                          mountPath:
-                            type: string
-                          mountPropagation:
-                            type: string
-                          name:
-                            type: string
-                          readOnly:
-                            type: boolean
-                          recursiveReadOnly:
-                            type: string
-                          subPath:
-                            type: string
-                          subPathExpr:
-                            type: string
-                        required:
-                        - mountPath
-                        - name
-                        type: object
-                      type: array
-                      x-kubernetes-list-map-keys:
-                      - mountPath
-                      x-kubernetes-list-type: map
-                    workingDir:
-                      type: string
-                  required:
-                  - name
-                  type: object
-                type: array
+                    type: array
+                type: object
+              wallet:
+                properties:
+                  additional:
+                    items:
+                      properties:
+                        mountPath:
+                          type: string
+                        name:
+                          type: string
+                        secret:
+                          type: string
+                      type: object
+                    type: array
+                  mountPath:
+                    type: string
+                  secret:
+                    type: string
+                type: object
             type: object
           status:
             properties:
@@ -4645,7 +5005,7 @@ spec:
                   - type
                   type: object
                 type: array
-              exporterConfig:
+              metricsConfig:
                 type: string
               replicas:
                 type: integer
@@ -4655,7 +5015,7 @@ spec:
                 type: string
             required:
             - conditions
-            - exporterConfig
+            - metricsConfig
             - version
             type: object
         type: object
@@ -4664,8 +5024,8 @@ spec:
     subresources:
       status: {}
   - additionalPrinterColumns:
-    - jsonPath: .status.exporterConfig
-      name: ExporterConfig
+    - jsonPath: .status.metricsConfig
+      name: MetricsConfig
       type: string
     - jsonPath: .status.status
       name: Status
@@ -4685,7 +5045,7 @@ spec:
             type: object
           spec:
             properties:
-              configuration:
+              azureConfig:
                 properties:
                   configMap:
                     properties:
@@ -4697,8 +5057,19 @@ spec:
                 type: object
               database:
                 properties:
+                  azure:
+                    properties:
+                      vaultID:
+                        type: string
+                      vaultPasswordSecret:
+                        type: string
+                      vaultUsernameSecret:
+                        type: string
+                    type: object
                   dbConnectionString:
                     properties:
+                      envName:
+                        type: string
                       key:
                         type: string
                       secret:
@@ -4706,241 +5077,252 @@ spec:
                     type: object
                   dbPassword:
                     properties:
+                      envName:
+                        type: string
                       key:
                         type: string
                       secret:
                         type: string
-                      vaultOCID:
-                        type: string
-                      vaultSecretName:
-                        type: string
                     type: object
                   dbUser:
                     properties:
+                      envName:
+                        type: string
                       key:
                         type: string
                       secret:
                         type: string
                     type: object
-                  dbWallet:
+                  oci:
                     properties:
-                      key:
+                      vaultID:
                         type: string
-                      secret:
+                      vaultPasswordSecret:
                         type: string
                     type: object
                 type: object
-              exporter:
-                properties:
-                  deployment:
-                    properties:
-                      args:
-                        items:
+              databases:
+                additionalProperties:
+                  properties:
+                    dbConnectionString:
+                      properties:
+                        envName:
                           type: string
-                        type: array
-                      commands:
-                        items:
+                        key:
                           type: string
-                        type: array
-                      env:
-                        additionalProperties:
+                        secret:
+                          type: string
+                      type: object
+                    dbPassword:
+                      properties:
+                        envName:
+                          type: string
+                        key:
+                          type: string
+                        secret:
+                          type: string
+                      type: object
+                    dbUser:
+                      properties:
+                        envName:
+                          type: string
+                        key:
                           type: string
+                        secret:
+                          type: string
+                      type: object
+                  type: object
+                type: object
+              deployment:
+                properties:
+                  args:
+                    items:
+                      type: string
+                    type: array
+                  commands:
+                    items:
+                      type: string
+                    type: array
+                  env:
+                    additionalProperties:
+                      type: string
+                    type: object
+                  image:
+                    type: string
+                  labels:
+                    additionalProperties:
+                      type: string
+                    type: object
+                  podSecurityContext:
+                    properties:
+                      appArmorProfile:
+                        properties:
+                          localhostProfile:
+                            type: string
+                          type:
+                            type: string
+                        required:
+                        - type
                         type: object
-                      image:
+                      fsGroup:
+                        format: int64
+                        type: integer
+                      fsGroupChangePolicy:
                         type: string
-                      labels:
-                        additionalProperties:
-                          type: string
+                      runAsGroup:
+                        format: int64
+                        type: integer
+                      runAsNonRoot:
+                        type: boolean
+                      runAsUser:
+                        format: int64
+                        type: integer
+                      seLinuxChangePolicy:
+                        type: string
+                      seLinuxOptions:
+                        properties:
+                          level:
+                            type: string
+                          role:
+                            type: string
+                          type:
+                            type: string
+                          user:
+                            type: string
                         type: object
-                      podTemplate:
+                      seccompProfile:
                         properties:
-                          labels:
-                            additionalProperties:
-                              type: string
-                            type: object
-                          securityContext:
-                            properties:
-                              appArmorProfile:
-                                properties:
-                                  localhostProfile:
-                                    type: string
-                                  type:
-                                    type: string
-                                required:
-                                - type
-                                type: object
-                              fsGroup:
-                                format: int64
-                                type: integer
-                              fsGroupChangePolicy:
-                                type: string
-                              runAsGroup:
-                                format: int64
-                                type: integer
-                              runAsNonRoot:
-                                type: boolean
-                              runAsUser:
-                                format: int64
-                                type: integer
-                              seLinuxOptions:
-                                properties:
-                                  level:
-                                    type: string
-                                  role:
-                                    type: string
-                                  type:
-                                    type: string
-                                  user:
-                                    type: string
-                                type: object
-                              seccompProfile:
-                                properties:
-                                  localhostProfile:
-                                    type: string
-                                  type:
-                                    type: string
-                                required:
-                                - type
-                                type: object
-                              supplementalGroups:
-                                items:
-                                  format: int64
-                                  type: integer
-                                type: array
-                                x-kubernetes-list-type: atomic
-                              supplementalGroupsPolicy:
-                                type: string
-                              sysctls:
-                                items:
-                                  properties:
-                                    name:
-                                      type: string
-                                    value:
-                                      type: string
-                                  required:
-                                  - name
-                                  - value
-                                  type: object
-                                type: array
-                                x-kubernetes-list-type: atomic
-                              windowsOptions:
-                                properties:
-                                  gmsaCredentialSpec:
-                                    type: string
-                                  gmsaCredentialSpecName:
-                                    type: string
-                                  hostProcess:
-                                    type: boolean
-                                  runAsUserName:
-                                    type: string
-                                type: object
-                            type: object
+                          localhostProfile:
+                            type: string
+                          type:
+                            type: string
+                        required:
+                        - type
                         type: object
-                      securityContext:
+                      supplementalGroups:
+                        items:
+                          format: int64
+                          type: integer
+                        type: array
+                        x-kubernetes-list-type: atomic
+                      supplementalGroupsPolicy:
+                        type: string
+                      sysctls:
+                        items:
+                          properties:
+                            name:
+                              type: string
+                            value:
+                              type: string
+                          required:
+                          - name
+                          - value
+                          type: object
+                        type: array
+                        x-kubernetes-list-type: atomic
+                      windowsOptions:
                         properties:
-                          allowPrivilegeEscalation:
-                            type: boolean
-                          appArmorProfile:
-                            properties:
-                              localhostProfile:
-                                type: string
-                              type:
-                                type: string
-                            required:
-                            - type
-                            type: object
-                          capabilities:
-                            properties:
-                              add:
-                                items:
-                                  type: string
-                                type: array
-                                x-kubernetes-list-type: atomic
-                              drop:
-                                items:
-                                  type: string
-                                type: array
-                                x-kubernetes-list-type: atomic
-                            type: object
-                          privileged:
-                            type: boolean
-                          procMount:
+                          gmsaCredentialSpec:
                             type: string
-                          readOnlyRootFilesystem:
-                            type: boolean
-                          runAsGroup:
-                            format: int64
-                            type: integer
-                          runAsNonRoot:
+                          gmsaCredentialSpecName:
+                            type: string
+                          hostProcess:
                             type: boolean
-                          runAsUser:
-                            format: int64
-                            type: integer
-                          seLinuxOptions:
-                            properties:
-                              level:
-                                type: string
-                              role:
-                                type: string
-                              type:
-                                type: string
-                              user:
-                                type: string
-                            type: object
-                          seccompProfile:
-                            properties:
-                              localhostProfile:
-                                type: string
-                              type:
-                                type: string
-                            required:
-                            - type
-                            type: object
-                          windowsOptions:
-                            properties:
-                              gmsaCredentialSpec:
-                                type: string
-                              gmsaCredentialSpecName:
-                                type: string
-                              hostProcess:
-                                type: boolean
-                              runAsUserName:
-                                type: string
-                            type: object
+                          runAsUserName:
+                            type: string
                         type: object
                     type: object
-                  service:
+                  podTemplate:
                     properties:
                       labels:
                         additionalProperties:
                           type: string
                         type: object
-                      ports:
-                        items:
-                          properties:
-                            appProtocol:
-                              type: string
-                            name:
+                    type: object
+                  securityContext:
+                    properties:
+                      allowPrivilegeEscalation:
+                        type: boolean
+                      appArmorProfile:
+                        properties:
+                          localhostProfile:
+                            type: string
+                          type:
+                            type: string
+                        required:
+                        - type
+                        type: object
+                      capabilities:
+                        properties:
+                          add:
+                            items:
                               type: string
-                            nodePort:
-                              format: int32
-                              type: integer
-                            port:
-                              format: int32
-                              type: integer
-                            protocol:
-                              default: TCP
+                            type: array
+                            x-kubernetes-list-type: atomic
+                          drop:
+                            items:
                               type: string
-                            targetPort:
-                              anyOf:
-                              - type: integer
-                              - type: string
-                              x-kubernetes-int-or-string: true
-                          required:
-                          - port
-                          type: object
-                        type: array
+                            type: array
+                            x-kubernetes-list-type: atomic
+                        type: object
+                      privileged:
+                        type: boolean
+                      procMount:
+                        type: string
+                      readOnlyRootFilesystem:
+                        type: boolean
+                      runAsGroup:
+                        format: int64
+                        type: integer
+                      runAsNonRoot:
+                        type: boolean
+                      runAsUser:
+                        format: int64
+                        type: integer
+                      seLinuxOptions:
+                        properties:
+                          level:
+                            type: string
+                          role:
+                            type: string
+                          type:
+                            type: string
+                          user:
+                            type: string
+                        type: object
+                      seccompProfile:
+                        properties:
+                          localhostProfile:
+                            type: string
+                          type:
+                            type: string
+                        required:
+                        - type
+                        type: object
+                      windowsOptions:
+                        properties:
+                          gmsaCredentialSpec:
+                            type: string
+                          gmsaCredentialSpecName:
+                            type: string
+                          hostProcess:
+                            type: boolean
+                          runAsUserName:
+                            type: string
+                        type: object
+                    type: object
+                type: object
+              exporterConfig:
+                properties:
+                  configMap:
+                    properties:
+                      key:
+                        type: string
+                      name:
+                        type: string
                     type: object
+                  mountPath:
+                    type: string
                 type: object
               inheritLabels:
                 items:
@@ -4948,9 +5330,11 @@ spec:
                 type: array
               log:
                 properties:
-                  filename:
+                  destination:
                     type: string
-                  path:
+                  disable:
+                    type: boolean
+                  filename:
                     type: string
                   volume:
                     properties:
@@ -4963,41 +5347,204 @@ spec:
                         type: object
                     type: object
                 type: object
+              metrics:
+                properties:
+                  configMap:
+                    items:
+                      properties:
+                        key:
+                          type: string
+                        name:
+                          type: string
+                      type: object
+                    type: array
+                type: object
               ociConfig:
                 properties:
-                  configMapName:
-                    type: string
-                  secretName:
+                  configMap:
+                    properties:
+                      key:
+                        type: string
+                      name:
+                        type: string
+                    type: object
+                  mountPath:
                     type: string
+                  privateKey:
+                    properties:
+                      secret:
+                        type: string
+                    type: object
                 type: object
-              prometheus:
+              replicas:
+                format: int32
+                type: integer
+              service:
                 properties:
-                  serviceMonitor:
-                    properties:
-                      endpoints:
-                        items:
+                  labels:
+                    additionalProperties:
+                      type: string
+                    type: object
+                  ports:
+                    items:
+                      properties:
+                        appProtocol:
+                          type: string
+                        name:
+                          type: string
+                        nodePort:
+                          format: int32
+                          type: integer
+                        port:
+                          format: int32
+                          type: integer
+                        protocol:
+                          default: TCP
+                          type: string
+                        targetPort:
+                          anyOf:
+                          - type: integer
+                          - type: string
+                          x-kubernetes-int-or-string: true
+                      required:
+                      - port
+                      type: object
+                    type: array
+                type: object
+              serviceMonitor:
+                properties:
+                  endpoints:
+                    items:
+                      properties:
+                        authorization:
                           properties:
-                            authorization:
+                            credentials:
                               properties:
-                                credentials:
-                                  properties:
-                                    key:
-                                      type: string
-                                    name:
-                                      default: ""
-                                      type: string
-                                    optional:
-                                      type: boolean
-                                  required:
-                                  - key
-                                  type: object
-                                  x-kubernetes-map-type: atomic
-                                type:
+                                key:
+                                  type: string
+                                name:
+                                  default: ""
+                                  type: string
+                                optional:
+                                  type: boolean
+                              required:
+                              - key
+                              type: object
+                              x-kubernetes-map-type: atomic
+                            type:
+                              type: string
+                          type: object
+                        basicAuth:
+                          properties:
+                            password:
+                              properties:
+                                key:
+                                  type: string
+                                name:
+                                  default: ""
+                                  type: string
+                                optional:
+                                  type: boolean
+                              required:
+                              - key
+                              type: object
+                              x-kubernetes-map-type: atomic
+                            username:
+                              properties:
+                                key:
+                                  type: string
+                                name:
+                                  default: ""
                                   type: string
+                                optional:
+                                  type: boolean
+                              required:
+                              - key
                               type: object
-                            basicAuth:
+                              x-kubernetes-map-type: atomic
+                          type: object
+                        bearerTokenFile:
+                          type: string
+                        bearerTokenSecret:
+                          properties:
+                            key:
+                              type: string
+                            name:
+                              default: ""
+                              type: string
+                            optional:
+                              type: boolean
+                          required:
+                          - key
+                          type: object
+                          x-kubernetes-map-type: atomic
+                        enableHttp2:
+                          type: boolean
+                        filterRunning:
+                          type: boolean
+                        followRedirects:
+                          type: boolean
+                        honorLabels:
+                          type: boolean
+                        honorTimestamps:
+                          type: boolean
+                        interval:
+                          pattern: ^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$
+                          type: string
+                        metricRelabelings:
+                          items:
+                            properties:
+                              action:
+                                default: replace
+                                enum:
+                                - replace
+                                - Replace
+                                - keep
+                                - Keep
+                                - drop
+                                - Drop
+                                - hashmod
+                                - HashMod
+                                - labelmap
+                                - LabelMap
+                                - labeldrop
+                                - LabelDrop
+                                - labelkeep
+                                - LabelKeep
+                                - lowercase
+                                - Lowercase
+                                - uppercase
+                                - Uppercase
+                                - keepequal
+                                - KeepEqual
+                                - dropequal
+                                - DropEqual
+                                type: string
+                              modulus:
+                                format: int64
+                                type: integer
+                              regex:
+                                type: string
+                              replacement:
+                                type: string
+                              separator:
+                                type: string
+                              sourceLabels:
+                                items:
+                                  pattern: ^[a-zA-Z_][a-zA-Z0-9_]*$
+                                  type: string
+                                type: array
+                              targetLabel:
+                                type: string
+                            type: object
+                          type: array
+                        noProxy:
+                          type: string
+                        oauth2:
+                          properties:
+                            clientId:
                               properties:
-                                password:
+                                configMap:
                                   properties:
                                     key:
                                       type: string
@@ -5010,7 +5557,7 @@ spec:
                                   - key
                                   type: object
                                   x-kubernetes-map-type: atomic
-                                username:
+                                secret:
                                   properties:
                                     key:
                                       type: string
@@ -5024,9 +5571,7 @@ spec:
                                   type: object
                                   x-kubernetes-map-type: atomic
                               type: object
-                            bearerTokenFile:
-                              type: string
-                            bearerTokenSecret:
+                            clientSecret:
                               properties:
                                 key:
                                   type: string
@@ -5039,98 +5584,15 @@ spec:
                               - key
                               type: object
                               x-kubernetes-map-type: atomic
-                            enableHttp2:
-                              type: boolean
-                            filterRunning:
-                              type: boolean
-                            followRedirects:
-                              type: boolean
-                            honorLabels:
-                              type: boolean
-                            honorTimestamps:
-                              type: boolean
-                            interval:
-                              pattern: ^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$
-                              type: string
-                            metricRelabelings:
-                              items:
-                                properties:
-                                  action:
-                                    default: replace
-                                    enum:
-                                    - replace
-                                    - Replace
-                                    - keep
-                                    - Keep
-                                    - drop
-                                    - Drop
-                                    - hashmod
-                                    - HashMod
-                                    - labelmap
-                                    - LabelMap
-                                    - labeldrop
-                                    - LabelDrop
-                                    - labelkeep
-                                    - LabelKeep
-                                    - lowercase
-                                    - Lowercase
-                                    - uppercase
-                                    - Uppercase
-                                    - keepequal
-                                    - KeepEqual
-                                    - dropequal
-                                    - DropEqual
-                                    type: string
-                                  modulus:
-                                    format: int64
-                                    type: integer
-                                  regex:
-                                    type: string
-                                  replacement:
-                                    type: string
-                                  separator:
-                                    type: string
-                                  sourceLabels:
-                                    items:
-                                      pattern: ^[a-zA-Z_][a-zA-Z0-9_]*$
-                                      type: string
-                                    type: array
-                                  targetLabel:
-                                    type: string
-                                type: object
-                              type: array
-                            oauth2:
-                              properties:
-                                clientId:
-                                  properties:
-                                    configMap:
-                                      properties:
-                                        key:
-                                          type: string
-                                        name:
-                                          default: ""
-                                          type: string
-                                        optional:
-                                          type: boolean
-                                      required:
-                                      - key
-                                      type: object
-                                      x-kubernetes-map-type: atomic
-                                    secret:
-                                      properties:
-                                        key:
-                                          type: string
-                                        name:
-                                          default: ""
-                                          type: string
-                                        optional:
-                                          type: boolean
-                                      required:
-                                      - key
-                                      type: object
-                                      x-kubernetes-map-type: atomic
-                                  type: object
-                                clientSecret:
+                            endpointParams:
+                              additionalProperties:
+                                type: string
+                              type: object
+                            noProxy:
+                              type: string
+                            proxyConnectHeader:
+                              additionalProperties:
+                                items:
                                   properties:
                                     key:
                                       type: string
@@ -5143,211 +5605,18 @@ spec:
                                   - key
                                   type: object
                                   x-kubernetes-map-type: atomic
-                                endpointParams:
-                                  additionalProperties:
-                                    type: string
-                                  type: object
-                                noProxy:
-                                  type: string
-                                proxyConnectHeader:
-                                  additionalProperties:
-                                    items:
-                                      properties:
-                                        key:
-                                          type: string
-                                        name:
-                                          default: ""
-                                          type: string
-                                        optional:
-                                          type: boolean
-                                      required:
-                                      - key
-                                      type: object
-                                      x-kubernetes-map-type: atomic
-                                    type: array
-                                  type: object
-                                  x-kubernetes-map-type: atomic
-                                proxyFromEnvironment:
-                                  type: boolean
-                                proxyUrl:
-                                  pattern: ^http(s)?://.+$
-                                  type: string
-                                scopes:
-                                  items:
-                                    type: string
-                                  type: array
-                                tlsConfig:
-                                  properties:
-                                    ca:
-                                      properties:
-                                        configMap:
-                                          properties:
-                                            key:
-                                              type: string
-                                            name:
-                                              default: ""
-                                              type: string
-                                            optional:
-                                              type: boolean
-                                          required:
-                                          - key
-                                          type: object
-                                          x-kubernetes-map-type: atomic
-                                        secret:
-                                          properties:
-                                            key:
-                                              type: string
-                                            name:
-                                              default: ""
-                                              type: string
-                                            optional:
-                                              type: boolean
-                                          required:
-                                          - key
-                                          type: object
-                                          x-kubernetes-map-type: atomic
-                                      type: object
-                                    cert:
-                                      properties:
-                                        configMap:
-                                          properties:
-                                            key:
-                                              type: string
-                                            name:
-                                              default: ""
-                                              type: string
-                                            optional:
-                                              type: boolean
-                                          required:
-                                          - key
-                                          type: object
-                                          x-kubernetes-map-type: atomic
-                                        secret:
-                                          properties:
-                                            key:
-                                              type: string
-                                            name:
-                                              default: ""
-                                              type: string
-                                            optional:
-                                              type: boolean
-                                          required:
-                                          - key
-                                          type: object
-                                          x-kubernetes-map-type: atomic
-                                      type: object
-                                    insecureSkipVerify:
-                                      type: boolean
-                                    keySecret:
-                                      properties:
-                                        key:
-                                          type: string
-                                        name:
-                                          default: ""
-                                          type: string
-                                        optional:
-                                          type: boolean
-                                      required:
-                                      - key
-                                      type: object
-                                      x-kubernetes-map-type: atomic
-                                    maxVersion:
-                                      enum:
-                                      - TLS10
-                                      - TLS11
-                                      - TLS12
-                                      - TLS13
-                                      type: string
-                                    minVersion:
-                                      enum:
-                                      - TLS10
-                                      - TLS11
-                                      - TLS12
-                                      - TLS13
-                                      type: string
-                                    serverName:
-                                      type: string
-                                  type: object
-                                tokenUrl:
-                                  minLength: 1
-                                  type: string
-                              required:
-                              - clientId
-                              - clientSecret
-                              - tokenUrl
-                              type: object
-                            params:
-                              additionalProperties:
-                                items:
-                                  type: string
                                 type: array
                               type: object
-                            path:
-                              type: string
-                            port:
-                              type: string
+                              x-kubernetes-map-type: atomic
+                            proxyFromEnvironment:
+                              type: boolean
                             proxyUrl:
+                              pattern: ^(http|https|socks5)://.+$
                               type: string
-                            relabelings:
+                            scopes:
                               items:
-                                properties:
-                                  action:
-                                    default: replace
-                                    enum:
-                                    - replace
-                                    - Replace
-                                    - keep
-                                    - Keep
-                                    - drop
-                                    - Drop
-                                    - hashmod
-                                    - HashMod
-                                    - labelmap
-                                    - LabelMap
-                                    - labeldrop
-                                    - LabelDrop
-                                    - labelkeep
-                                    - LabelKeep
-                                    - lowercase
-                                    - Lowercase
-                                    - uppercase
-                                    - Uppercase
-                                    - keepequal
-                                    - KeepEqual
-                                    - dropequal
-                                    - DropEqual
-                                    type: string
-                                  modulus:
-                                    format: int64
-                                    type: integer
-                                  regex:
-                                    type: string
-                                  replacement:
-                                    type: string
-                                  separator:
-                                    type: string
-                                  sourceLabels:
-                                    items:
-                                      pattern: ^[a-zA-Z_][a-zA-Z0-9_]*$
-                                      type: string
-                                    type: array
-                                  targetLabel:
-                                    type: string
-                                type: object
+                                type: string
                               type: array
-                            scheme:
-                              enum:
-                              - http
-                              - https
-                              type: string
-                            scrapeTimeout:
-                              pattern: ^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$
-                              type: string
-                            targetPort:
-                              anyOf:
-                              - type: integer
-                              - type: string
-                              x-kubernetes-int-or-string: true
                             tlsConfig:
                               properties:
                                 ca:
@@ -5379,8 +5648,6 @@ spec:
                                       type: object
                                       x-kubernetes-map-type: atomic
                                   type: object
-                                caFile:
-                                  type: string
                                 cert:
                                   properties:
                                     configMap:
@@ -5410,12 +5677,8 @@ spec:
                                       type: object
                                       x-kubernetes-map-type: atomic
                                   type: object
-                                certFile:
-                                  type: string
                                 insecureSkipVerify:
                                   type: boolean
-                                keyFile:
-                                  type: string
                                 keySecret:
                                   properties:
                                     key:
@@ -5446,573 +5709,329 @@ spec:
                                 serverName:
                                   type: string
                               type: object
-                            trackTimestampsStaleness:
-                              type: boolean
+                            tokenUrl:
+                              minLength: 1
+                              type: string
+                          required:
+                          - clientId
+                          - clientSecret
+                          - tokenUrl
                           type: object
-                        type: array
-                      labels:
-                        additionalProperties:
-                          type: string
-                        type: object
-                      namespaceSelector:
-                        properties:
-                          any:
-                            type: boolean
-                          matchNames:
+                        params:
+                          additionalProperties:
                             items:
                               type: string
                             type: array
-                        type: object
-                    type: object
-                type: object
-              replicas:
-                format: int32
-                type: integer
-              sidecarVolumes:
-                items:
-                  properties:
-                    awsElasticBlockStore:
-                      properties:
-                        fsType:
-                          type: string
-                        partition:
-                          format: int32
-                          type: integer
-                        readOnly:
-                          type: boolean
-                        volumeID:
-                          type: string
-                      required:
-                      - volumeID
-                      type: object
-                    azureDisk:
-                      properties:
-                        cachingMode:
-                          type: string
-                        diskName:
-                          type: string
-                        diskURI:
-                          type: string
-                        fsType:
-                          default: ext4
-                          type: string
-                        kind:
-                          type: string
-                        readOnly:
-                          default: false
-                          type: boolean
-                      required:
-                      - diskName
-                      - diskURI
-                      type: object
-                    azureFile:
-                      properties:
-                        readOnly:
-                          type: boolean
-                        secretName:
-                          type: string
-                        shareName:
-                          type: string
-                      required:
-                      - secretName
-                      - shareName
-                      type: object
-                    cephfs:
-                      properties:
-                        monitors:
-                          items:
-                            type: string
-                          type: array
-                          x-kubernetes-list-type: atomic
+                          type: object
                         path:
                           type: string
-                        readOnly:
-                          type: boolean
-                        secretFile:
+                        port:
                           type: string
-                        secretRef:
-                          properties:
-                            name:
-                              default: ""
-                              type: string
+                        proxyConnectHeader:
+                          additionalProperties:
+                            items:
+                              properties:
+                                key:
+                                  type: string
+                                name:
+                                  default: ""
+                                  type: string
+                                optional:
+                                  type: boolean
+                              required:
+                              - key
+                              type: object
+                              x-kubernetes-map-type: atomic
+                            type: array
                           type: object
                           x-kubernetes-map-type: atomic
-                        user:
-                          type: string
-                      required:
-                      - monitors
-                      type: object
-                    cinder:
-                      properties:
-                        fsType:
-                          type: string
-                        readOnly:
+                        proxyFromEnvironment:
                           type: boolean
-                        secretRef:
-                          properties:
-                            name:
-                              default: ""
-                              type: string
-                          type: object
-                          x-kubernetes-map-type: atomic
-                        volumeID:
+                        proxyUrl:
+                          pattern: ^(http|https|socks5)://.+$
                           type: string
-                      required:
-                      - volumeID
-                      type: object
-                    configMap:
-                      properties:
-                        defaultMode:
-                          format: int32
-                          type: integer
-                        items:
+                        relabelings:
                           items:
                             properties:
-                              key:
+                              action:
+                                default: replace
+                                enum:
+                                - replace
+                                - Replace
+                                - keep
+                                - Keep
+                                - drop
+                                - Drop
+                                - hashmod
+                                - HashMod
+                                - labelmap
+                                - LabelMap
+                                - labeldrop
+                                - LabelDrop
+                                - labelkeep
+                                - LabelKeep
+                                - lowercase
+                                - Lowercase
+                                - uppercase
+                                - Uppercase
+                                - keepequal
+                                - KeepEqual
+                                - dropequal
+                                - DropEqual
                                 type: string
-                              mode:
-                                format: int32
+                              modulus:
+                                format: int64
                                 type: integer
-                              path:
+                              regex:
                                 type: string
-                            required:
-                            - key
-                            - path
-                            type: object
-                          type: array
-                          x-kubernetes-list-type: atomic
-                        name:
-                          default: ""
-                          type: string
-                        optional:
-                          type: boolean
-                      type: object
-                      x-kubernetes-map-type: atomic
-                    csi:
-                      properties:
-                        driver:
-                          type: string
-                        fsType:
-                          type: string
-                        nodePublishSecretRef:
-                          properties:
-                            name:
-                              default: ""
-                              type: string
-                          type: object
-                          x-kubernetes-map-type: atomic
-                        readOnly:
-                          type: boolean
-                        volumeAttributes:
-                          additionalProperties:
-                            type: string
-                          type: object
-                      required:
-                      - driver
-                      type: object
-                    downwardAPI:
-                      properties:
-                        defaultMode:
-                          format: int32
-                          type: integer
-                        items:
-                          items:
-                            properties:
-                              fieldRef:
-                                properties:
-                                  apiVersion:
-                                    type: string
-                                  fieldPath:
-                                    type: string
-                                required:
-                                - fieldPath
-                                type: object
-                                x-kubernetes-map-type: atomic
-                              mode:
-                                format: int32
-                                type: integer
-                              path:
+                              replacement:
+                                type: string
+                              separator:
+                                type: string
+                              sourceLabels:
+                                items:
+                                  pattern: ^[a-zA-Z_][a-zA-Z0-9_]*$
+                                  type: string
+                                type: array
+                              targetLabel:
                                 type: string
-                              resourceFieldRef:
-                                properties:
-                                  containerName:
-                                    type: string
-                                  divisor:
-                                    anyOf:
-                                    - type: integer
-                                    - type: string
-                                    pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
-                                    x-kubernetes-int-or-string: true
-                                  resource:
-                                    type: string
-                                required:
-                                - resource
-                                type: object
-                                x-kubernetes-map-type: atomic
-                            required:
-                            - path
                             type: object
                           type: array
-                          x-kubernetes-list-type: atomic
-                      type: object
-                    emptyDir:
-                      properties:
-                        medium:
+                        scheme:
+                          enum:
+                          - http
+                          - https
                           type: string
-                        sizeLimit:
+                        scrapeTimeout:
+                          pattern: ^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$
+                          type: string
+                        targetPort:
                           anyOf:
                           - type: integer
                           - type: string
-                          pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
-                          x-kubernetes-int-or-string: true
-                      type: object
-                    ephemeral:
-                      properties:
-                        volumeClaimTemplate:
+                          x-kubernetes-int-or-string: true
+                        tlsConfig:
                           properties:
-                            metadata:
-                              type: object
-                            spec:
+                            ca:
                               properties:
-                                accessModes:
-                                  items:
-                                    type: string
-                                  type: array
-                                  x-kubernetes-list-type: atomic
-                                dataSource:
+                                configMap:
                                   properties:
-                                    apiGroup:
-                                      type: string
-                                    kind:
+                                    key:
                                       type: string
                                     name:
+                                      default: ""
                                       type: string
+                                    optional:
+                                      type: boolean
                                   required:
-                                  - kind
-                                  - name
+                                  - key
                                   type: object
                                   x-kubernetes-map-type: atomic
-                                dataSourceRef:
+                                secret:
                                   properties:
-                                    apiGroup:
-                                      type: string
-                                    kind:
+                                    key:
                                       type: string
                                     name:
+                                      default: ""
                                       type: string
-                                    namespace:
-                                      type: string
+                                    optional:
+                                      type: boolean
                                   required:
-                                  - kind
-                                  - name
+                                  - key
                                   type: object
-                                resources:
+                                  x-kubernetes-map-type: atomic
+                              type: object
+                            caFile:
+                              type: string
+                            cert:
+                              properties:
+                                configMap:
                                   properties:
-                                    limits:
-                                      additionalProperties:
-                                        anyOf:
-                                        - type: integer
-                                        - type: string
-                                        pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
-                                        x-kubernetes-int-or-string: true
-                                      type: object
-                                    requests:
-                                      additionalProperties:
-                                        anyOf:
-                                        - type: integer
-                                        - type: string
-                                        pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
-                                        x-kubernetes-int-or-string: true
-                                      type: object
+                                    key:
+                                      type: string
+                                    name:
+                                      default: ""
+                                      type: string
+                                    optional:
+                                      type: boolean
+                                  required:
+                                  - key
                                   type: object
-                                selector:
+                                  x-kubernetes-map-type: atomic
+                                secret:
                                   properties:
-                                    matchExpressions:
-                                      items:
-                                        properties:
-                                          key:
-                                            type: string
-                                          operator:
-                                            type: string
-                                          values:
-                                            items:
-                                              type: string
-                                            type: array
-                                            x-kubernetes-list-type: atomic
-                                        required:
-                                        - key
-                                        - operator
-                                        type: object
-                                      type: array
-                                      x-kubernetes-list-type: atomic
-                                    matchLabels:
-                                      additionalProperties:
-                                        type: string
-                                      type: object
+                                    key:
+                                      type: string
+                                    name:
+                                      default: ""
+                                      type: string
+                                    optional:
+                                      type: boolean
+                                  required:
+                                  - key
                                   type: object
                                   x-kubernetes-map-type: atomic
-                                storageClassName:
-                                  type: string
-                                volumeAttributesClassName:
-                                  type: string
-                                volumeMode:
+                              type: object
+                            certFile:
+                              type: string
+                            insecureSkipVerify:
+                              type: boolean
+                            keyFile:
+                              type: string
+                            keySecret:
+                              properties:
+                                key:
                                   type: string
-                                volumeName:
+                                name:
+                                  default: ""
                                   type: string
+                                optional:
+                                  type: boolean
+                              required:
+                              - key
                               type: object
-                          required:
-                          - spec
+                              x-kubernetes-map-type: atomic
+                            maxVersion:
+                              enum:
+                              - TLS10
+                              - TLS11
+                              - TLS12
+                              - TLS13
+                              type: string
+                            minVersion:
+                              enum:
+                              - TLS10
+                              - TLS11
+                              - TLS12
+                              - TLS13
+                              type: string
+                            serverName:
+                              type: string
                           type: object
+                        trackTimestampsStaleness:
+                          type: boolean
                       type: object
-                    fc:
-                      properties:
-                        fsType:
+                    type: array
+                  labels:
+                    additionalProperties:
+                      type: string
+                    type: object
+                  namespaceSelector:
+                    properties:
+                      any:
+                        type: boolean
+                      matchNames:
+                        items:
                           type: string
-                        lun:
-                          format: int32
-                          type: integer
-                        readOnly:
-                          type: boolean
-                        targetWWNs:
-                          items:
-                            type: string
-                          type: array
-                          x-kubernetes-list-type: atomic
-                        wwids:
+                        type: array
+                    type: object
+                type: object
+              sidecar:
+                properties:
+                  containers:
+                    items:
+                      properties:
+                        args:
                           items:
                             type: string
                           type: array
                           x-kubernetes-list-type: atomic
-                      type: object
-                    flexVolume:
-                      properties:
-                        driver:
-                          type: string
-                        fsType:
-                          type: string
-                        options:
-                          additionalProperties:
-                            type: string
-                          type: object
-                        readOnly:
-                          type: boolean
-                        secretRef:
-                          properties:
-                            name:
-                              default: ""
-                              type: string
-                          type: object
-                          x-kubernetes-map-type: atomic
-                      required:
-                      - driver
-                      type: object
-                    flocker:
-                      properties:
-                        datasetName:
-                          type: string
-                        datasetUUID:
-                          type: string
-                      type: object
-                    gcePersistentDisk:
-                      properties:
-                        fsType:
-                          type: string
-                        partition:
-                          format: int32
-                          type: integer
-                        pdName:
-                          type: string
-                        readOnly:
-                          type: boolean
-                      required:
-                      - pdName
-                      type: object
-                    gitRepo:
-                      properties:
-                        directory:
-                          type: string
-                        repository:
-                          type: string
-                        revision:
-                          type: string
-                      required:
-                      - repository
-                      type: object
-                    glusterfs:
-                      properties:
-                        endpoints:
-                          type: string
-                        path:
-                          type: string
-                        readOnly:
-                          type: boolean
-                      required:
-                      - endpoints
-                      - path
-                      type: object
-                    hostPath:
-                      properties:
-                        path:
-                          type: string
-                        type:
-                          type: string
-                      required:
-                      - path
-                      type: object
-                    image:
-                      properties:
-                        pullPolicy:
-                          type: string
-                        reference:
-                          type: string
-                      type: object
-                    iscsi:
-                      properties:
-                        chapAuthDiscovery:
-                          type: boolean
-                        chapAuthSession:
-                          type: boolean
-                        fsType:
-                          type: string
-                        initiatorName:
-                          type: string
-                        iqn:
-                          type: string
-                        iscsiInterface:
-                          default: default
-                          type: string
-                        lun:
-                          format: int32
-                          type: integer
-                        portals:
+                        command:
                           items:
                             type: string
                           type: array
                           x-kubernetes-list-type: atomic
-                        readOnly:
-                          type: boolean
-                        secretRef:
-                          properties:
-                            name:
-                              default: ""
-                              type: string
-                          type: object
-                          x-kubernetes-map-type: atomic
-                        targetPortal:
-                          type: string
-                      required:
-                      - iqn
-                      - lun
-                      - targetPortal
-                      type: object
-                    name:
-                      type: string
-                    nfs:
-                      properties:
-                        path:
-                          type: string
-                        readOnly:
-                          type: boolean
-                        server:
-                          type: string
-                      required:
-                      - path
-                      - server
-                      type: object
-                    persistentVolumeClaim:
-                      properties:
-                        claimName:
-                          type: string
-                        readOnly:
-                          type: boolean
-                      required:
-                      - claimName
-                      type: object
-                    photonPersistentDisk:
-                      properties:
-                        fsType:
-                          type: string
-                        pdID:
-                          type: string
-                      required:
-                      - pdID
-                      type: object
-                    portworxVolume:
-                      properties:
-                        fsType:
-                          type: string
-                        readOnly:
-                          type: boolean
-                        volumeID:
-                          type: string
-                      required:
-                      - volumeID
-                      type: object
-                    projected:
-                      properties:
-                        defaultMode:
-                          format: int32
-                          type: integer
-                        sources:
+                        env:
                           items:
                             properties:
-                              clusterTrustBundle:
+                              name:
+                                type: string
+                              value:
+                                type: string
+                              valueFrom:
                                 properties:
-                                  labelSelector:
+                                  configMapKeyRef:
                                     properties:
-                                      matchExpressions:
-                                        items:
-                                          properties:
-                                            key:
-                                              type: string
-                                            operator:
-                                              type: string
-                                            values:
-                                              items:
-                                                type: string
-                                              type: array
-                                              x-kubernetes-list-type: atomic
-                                          required:
-                                          - key
-                                          - operator
-                                          type: object
-                                        type: array
-                                        x-kubernetes-list-type: atomic
-                                      matchLabels:
-                                        additionalProperties:
-                                          type: string
-                                        type: object
+                                      key:
+                                        type: string
+                                      name:
+                                        default: ""
+                                        type: string
+                                      optional:
+                                        type: boolean
+                                    required:
+                                    - key
+                                    type: object
+                                    x-kubernetes-map-type: atomic
+                                  fieldRef:
+                                    properties:
+                                      apiVersion:
+                                        type: string
+                                      fieldPath:
+                                        type: string
+                                    required:
+                                    - fieldPath
+                                    type: object
+                                    x-kubernetes-map-type: atomic
+                                  fileKeyRef:
+                                    properties:
+                                      key:
+                                        type: string
+                                      optional:
+                                        default: false
+                                        type: boolean
+                                      path:
+                                        type: string
+                                      volumeName:
+                                        type: string
+                                    required:
+                                    - key
+                                    - path
+                                    - volumeName
+                                    type: object
+                                    x-kubernetes-map-type: atomic
+                                  resourceFieldRef:
+                                    properties:
+                                      containerName:
+                                        type: string
+                                      divisor:
+                                        anyOf:
+                                        - type: integer
+                                        - type: string
+                                        pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+                                        x-kubernetes-int-or-string: true
+                                      resource:
+                                        type: string
+                                    required:
+                                    - resource
+                                    type: object
+                                    x-kubernetes-map-type: atomic
+                                  secretKeyRef:
+                                    properties:
+                                      key:
+                                        type: string
+                                      name:
+                                        default: ""
+                                        type: string
+                                      optional:
+                                        type: boolean
+                                    required:
+                                    - key
                                     type: object
                                     x-kubernetes-map-type: atomic
-                                  name:
-                                    type: string
-                                  optional:
-                                    type: boolean
-                                  path:
-                                    type: string
-                                  signerName:
-                                    type: string
-                                required:
-                                - path
                                 type: object
-                              configMap:
+                            required:
+                            - name
+                            type: object
+                          type: array
+                          x-kubernetes-list-map-keys:
+                          - name
+                          x-kubernetes-list-type: map
+                        envFrom:
+                          items:
+                            properties:
+                              configMapRef:
                                 properties:
-                                  items:
-                                    items:
-                                      properties:
-                                        key:
-                                          type: string
-                                        mode:
-                                          format: int32
-                                          type: integer
-                                        path:
-                                          type: string
-                                      required:
-                                      - key
-                                      - path
-                                      type: object
-                                    type: array
-                                    x-kubernetes-list-type: atomic
                                   name:
                                     default: ""
                                     type: string
@@ -6020,66 +6039,10 @@ spec:
                                     type: boolean
                                 type: object
                                 x-kubernetes-map-type: atomic
-                              downwardAPI:
-                                properties:
-                                  items:
-                                    items:
-                                      properties:
-                                        fieldRef:
-                                          properties:
-                                            apiVersion:
-                                              type: string
-                                            fieldPath:
-                                              type: string
-                                          required:
-                                          - fieldPath
-                                          type: object
-                                          x-kubernetes-map-type: atomic
-                                        mode:
-                                          format: int32
-                                          type: integer
-                                        path:
-                                          type: string
-                                        resourceFieldRef:
-                                          properties:
-                                            containerName:
-                                              type: string
-                                            divisor:
-                                              anyOf:
-                                              - type: integer
-                                              - type: string
-                                              pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
-                                              x-kubernetes-int-or-string: true
-                                            resource:
-                                              type: string
-                                          required:
-                                          - resource
-                                          type: object
-                                          x-kubernetes-map-type: atomic
-                                      required:
-                                      - path
-                                      type: object
-                                    type: array
-                                    x-kubernetes-list-type: atomic
-                                type: object
-                              secret:
+                              prefix:
+                                type: string
+                              secretRef:
                                 properties:
-                                  items:
-                                    items:
-                                      properties:
-                                        key:
-                                          type: string
-                                        mode:
-                                          format: int32
-                                          type: integer
-                                        path:
-                                          type: string
-                                      required:
-                                      - key
-                                      - path
-                                      type: object
-                                    type: array
-                                    x-kubernetes-list-type: atomic
                                   name:
                                     default: ""
                                     type: string
@@ -6087,283 +6050,246 @@ spec:
                                     type: boolean
                                 type: object
                                 x-kubernetes-map-type: atomic
-                              serviceAccountToken:
-                                properties:
-                                  audience:
-                                    type: string
-                                  expirationSeconds:
-                                    format: int64
-                                    type: integer
-                                  path:
-                                    type: string
-                                required:
-                                - path
-                                type: object
                             type: object
                           type: array
                           x-kubernetes-list-type: atomic
-                      type: object
-                    quobyte:
-                      properties:
-                        group:
-                          type: string
-                        readOnly:
-                          type: boolean
-                        registry:
-                          type: string
-                        tenant:
-                          type: string
-                        user:
-                          type: string
-                        volume:
-                          type: string
-                      required:
-                      - registry
-                      - volume
-                      type: object
-                    rbd:
-                      properties:
-                        fsType:
-                          type: string
                         image:
                           type: string
-                        keyring:
-                          default: /etc/ceph/keyring
-                          type: string
-                        monitors:
-                          items:
-                            type: string
-                          type: array
-                          x-kubernetes-list-type: atomic
-                        pool:
-                          default: rbd
-                          type: string
-                        readOnly:
-                          type: boolean
-                        secretRef:
-                          properties:
-                            name:
-                              default: ""
-                              type: string
-                          type: object
-                          x-kubernetes-map-type: atomic
-                        user:
-                          default: admin
-                          type: string
-                      required:
-                      - image
-                      - monitors
-                      type: object
-                    scaleIO:
-                      properties:
-                        fsType:
-                          default: xfs
-                          type: string
-                        gateway:
-                          type: string
-                        protectionDomain:
+                        imagePullPolicy:
                           type: string
-                        readOnly:
-                          type: boolean
-                        secretRef:
+                        lifecycle:
                           properties:
-                            name:
-                              default: ""
+                            postStart:
+                              properties:
+                                exec:
+                                  properties:
+                                    command:
+                                      items:
+                                        type: string
+                                      type: array
+                                      x-kubernetes-list-type: atomic
+                                  type: object
+                                httpGet:
+                                  properties:
+                                    host:
+                                      type: string
+                                    httpHeaders:
+                                      items:
+                                        properties:
+                                          name:
+                                            type: string
+                                          value:
+                                            type: string
+                                        required:
+                                        - name
+                                        - value
+                                        type: object
+                                      type: array
+                                      x-kubernetes-list-type: atomic
+                                    path:
+                                      type: string
+                                    port:
+                                      anyOf:
+                                      - type: integer
+                                      - type: string
+                                      x-kubernetes-int-or-string: true
+                                    scheme:
+                                      type: string
+                                  required:
+                                  - port
+                                  type: object
+                                sleep:
+                                  properties:
+                                    seconds:
+                                      format: int64
+                                      type: integer
+                                  required:
+                                  - seconds
+                                  type: object
+                                tcpSocket:
+                                  properties:
+                                    host:
+                                      type: string
+                                    port:
+                                      anyOf:
+                                      - type: integer
+                                      - type: string
+                                      x-kubernetes-int-or-string: true
+                                  required:
+                                  - port
+                                  type: object
+                              type: object
+                            preStop:
+                              properties:
+                                exec:
+                                  properties:
+                                    command:
+                                      items:
+                                        type: string
+                                      type: array
+                                      x-kubernetes-list-type: atomic
+                                  type: object
+                                httpGet:
+                                  properties:
+                                    host:
+                                      type: string
+                                    httpHeaders:
+                                      items:
+                                        properties:
+                                          name:
+                                            type: string
+                                          value:
+                                            type: string
+                                        required:
+                                        - name
+                                        - value
+                                        type: object
+                                      type: array
+                                      x-kubernetes-list-type: atomic
+                                    path:
+                                      type: string
+                                    port:
+                                      anyOf:
+                                      - type: integer
+                                      - type: string
+                                      x-kubernetes-int-or-string: true
+                                    scheme:
+                                      type: string
+                                  required:
+                                  - port
+                                  type: object
+                                sleep:
+                                  properties:
+                                    seconds:
+                                      format: int64
+                                      type: integer
+                                  required:
+                                  - seconds
+                                  type: object
+                                tcpSocket:
+                                  properties:
+                                    host:
+                                      type: string
+                                    port:
+                                      anyOf:
+                                      - type: integer
+                                      - type: string
+                                      x-kubernetes-int-or-string: true
+                                  required:
+                                  - port
+                                  type: object
+                              type: object
+                            stopSignal:
                               type: string
                           type: object
-                          x-kubernetes-map-type: atomic
-                        sslEnabled:
-                          type: boolean
-                        storageMode:
-                          default: ThinProvisioned
-                          type: string
-                        storagePool:
-                          type: string
-                        system:
-                          type: string
-                        volumeName:
-                          type: string
-                      required:
-                      - gateway
-                      - secretRef
-                      - system
-                      type: object
-                    secret:
-                      properties:
-                        defaultMode:
-                          format: int32
-                          type: integer
-                        items:
-                          items:
-                            properties:
-                              key:
-                                type: string
-                              mode:
-                                format: int32
-                                type: integer
-                              path:
-                                type: string
-                            required:
-                            - key
-                            - path
-                            type: object
-                          type: array
-                          x-kubernetes-list-type: atomic
-                        optional:
-                          type: boolean
-                        secretName:
-                          type: string
-                      type: object
-                    storageos:
-                      properties:
-                        fsType:
-                          type: string
-                        readOnly:
-                          type: boolean
-                        secretRef:
+                        livenessProbe:
                           properties:
-                            name:
-                              default: ""
-                              type: string
+                            exec:
+                              properties:
+                                command:
+                                  items:
+                                    type: string
+                                  type: array
+                                  x-kubernetes-list-type: atomic
+                              type: object
+                            failureThreshold:
+                              format: int32
+                              type: integer
+                            grpc:
+                              properties:
+                                port:
+                                  format: int32
+                                  type: integer
+                                service:
+                                  default: ""
+                                  type: string
+                              required:
+                              - port
+                              type: object
+                            httpGet:
+                              properties:
+                                host:
+                                  type: string
+                                httpHeaders:
+                                  items:
+                                    properties:
+                                      name:
+                                        type: string
+                                      value:
+                                        type: string
+                                    required:
+                                    - name
+                                    - value
+                                    type: object
+                                  type: array
+                                  x-kubernetes-list-type: atomic
+                                path:
+                                  type: string
+                                port:
+                                  anyOf:
+                                  - type: integer
+                                  - type: string
+                                  x-kubernetes-int-or-string: true
+                                scheme:
+                                  type: string
+                              required:
+                              - port
+                              type: object
+                            initialDelaySeconds:
+                              format: int32
+                              type: integer
+                            periodSeconds:
+                              format: int32
+                              type: integer
+                            successThreshold:
+                              format: int32
+                              type: integer
+                            tcpSocket:
+                              properties:
+                                host:
+                                  type: string
+                                port:
+                                  anyOf:
+                                  - type: integer
+                                  - type: string
+                                  x-kubernetes-int-or-string: true
+                              required:
+                              - port
+                              type: object
+                            terminationGracePeriodSeconds:
+                              format: int64
+                              type: integer
+                            timeoutSeconds:
+                              format: int32
+                              type: integer
                           type: object
-                          x-kubernetes-map-type: atomic
-                        volumeName:
-                          type: string
-                        volumeNamespace:
-                          type: string
-                      type: object
-                    vsphereVolume:
-                      properties:
-                        fsType:
-                          type: string
-                        storagePolicyID:
-                          type: string
-                        storagePolicyName:
-                          type: string
-                        volumePath:
+                        name:
                           type: string
-                      required:
-                      - volumePath
-                      type: object
-                  required:
-                  - name
-                  type: object
-                type: array
-              sidecars:
-                items:
-                  properties:
-                    args:
-                      items:
-                        type: string
-                      type: array
-                      x-kubernetes-list-type: atomic
-                    command:
-                      items:
-                        type: string
-                      type: array
-                      x-kubernetes-list-type: atomic
-                    env:
-                      items:
-                        properties:
-                          name:
-                            type: string
-                          value:
-                            type: string
-                          valueFrom:
-                            properties:
-                              configMapKeyRef:
-                                properties:
-                                  key:
-                                    type: string
-                                  name:
-                                    default: ""
-                                    type: string
-                                  optional:
-                                    type: boolean
-                                required:
-                                - key
-                                type: object
-                                x-kubernetes-map-type: atomic
-                              fieldRef:
-                                properties:
-                                  apiVersion:
-                                    type: string
-                                  fieldPath:
-                                    type: string
-                                required:
-                                - fieldPath
-                                type: object
-                                x-kubernetes-map-type: atomic
-                              resourceFieldRef:
-                                properties:
-                                  containerName:
-                                    type: string
-                                  divisor:
-                                    anyOf:
-                                    - type: integer
-                                    - type: string
-                                    pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
-                                    x-kubernetes-int-or-string: true
-                                  resource:
-                                    type: string
-                                required:
-                                - resource
-                                type: object
-                                x-kubernetes-map-type: atomic
-                              secretKeyRef:
-                                properties:
-                                  key:
-                                    type: string
-                                  name:
-                                    default: ""
-                                    type: string
-                                  optional:
-                                    type: boolean
-                                required:
-                                - key
-                                type: object
-                                x-kubernetes-map-type: atomic
-                            type: object
-                        required:
-                        - name
-                        type: object
-                      type: array
-                      x-kubernetes-list-map-keys:
-                      - name
-                      x-kubernetes-list-type: map
-                    envFrom:
-                      items:
-                        properties:
-                          configMapRef:
+                        ports:
+                          items:
                             properties:
-                              name:
-                                default: ""
+                              containerPort:
+                                format: int32
+                                type: integer
+                              hostIP:
                                 type: string
-                              optional:
-                                type: boolean
-                            type: object
-                            x-kubernetes-map-type: atomic
-                          prefix:
-                            type: string
-                          secretRef:
-                            properties:
+                              hostPort:
+                                format: int32
+                                type: integer
                               name:
-                                default: ""
                                 type: string
-                              optional:
-                                type: boolean
+                              protocol:
+                                default: TCP
+                                type: string
+                            required:
+                            - containerPort
                             type: object
-                            x-kubernetes-map-type: atomic
-                        type: object
-                      type: array
-                      x-kubernetes-list-type: atomic
-                    image:
-                      type: string
-                    imagePullPolicy:
-                      type: string
-                    lifecycle:
-                      properties:
-                        postStart:
+                          type: array
+                          x-kubernetes-list-map-keys:
+                          - containerPort
+                          - protocol
+                          x-kubernetes-list-type: map
+                        readinessProbe:
                           properties:
                             exec:
                               properties:
@@ -6373,6 +6299,20 @@ spec:
                                   type: array
                                   x-kubernetes-list-type: atomic
                               type: object
+                            failureThreshold:
+                              format: int32
+                              type: integer
+                            grpc:
+                              properties:
+                                port:
+                                  format: int32
+                                  type: integer
+                                service:
+                                  default: ""
+                                  type: string
+                              required:
+                              - port
+                              type: object
                             httpGet:
                               properties:
                                 host:
@@ -6402,14 +6342,15 @@ spec:
                               required:
                               - port
                               type: object
-                            sleep:
-                              properties:
-                                seconds:
-                                  format: int64
-                                  type: integer
-                              required:
-                              - seconds
-                              type: object
+                            initialDelaySeconds:
+                              format: int32
+                              type: integer
+                            periodSeconds:
+                              format: int32
+                              type: integer
+                            successThreshold:
+                              format: int32
+                              type: integer
                             tcpSocket:
                               properties:
                                 host:
@@ -6422,8 +6363,157 @@ spec:
                               required:
                               - port
                               type: object
+                            terminationGracePeriodSeconds:
+                              format: int64
+                              type: integer
+                            timeoutSeconds:
+                              format: int32
+                              type: integer
+                          type: object
+                        resizePolicy:
+                          items:
+                            properties:
+                              resourceName:
+                                type: string
+                              restartPolicy:
+                                type: string
+                            required:
+                            - resourceName
+                            - restartPolicy
+                            type: object
+                          type: array
+                          x-kubernetes-list-type: atomic
+                        resources:
+                          properties:
+                            claims:
+                              items:
+                                properties:
+                                  name:
+                                    type: string
+                                  request:
+                                    type: string
+                                required:
+                                - name
+                                type: object
+                              type: array
+                              x-kubernetes-list-map-keys:
+                              - name
+                              x-kubernetes-list-type: map
+                            limits:
+                              additionalProperties:
+                                anyOf:
+                                - type: integer
+                                - type: string
+                                pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+                                x-kubernetes-int-or-string: true
+                              type: object
+                            requests:
+                              additionalProperties:
+                                anyOf:
+                                - type: integer
+                                - type: string
+                                pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+                                x-kubernetes-int-or-string: true
+                              type: object
+                          type: object
+                        restartPolicy:
+                          type: string
+                        restartPolicyRules:
+                          items:
+                            properties:
+                              action:
+                                type: string
+                              exitCodes:
+                                properties:
+                                  operator:
+                                    type: string
+                                  values:
+                                    items:
+                                      format: int32
+                                      type: integer
+                                    type: array
+                                    x-kubernetes-list-type: set
+                                required:
+                                - operator
+                                type: object
+                            required:
+                            - action
+                            type: object
+                          type: array
+                          x-kubernetes-list-type: atomic
+                        securityContext:
+                          properties:
+                            allowPrivilegeEscalation:
+                              type: boolean
+                            appArmorProfile:
+                              properties:
+                                localhostProfile:
+                                  type: string
+                                type:
+                                  type: string
+                              required:
+                              - type
+                              type: object
+                            capabilities:
+                              properties:
+                                add:
+                                  items:
+                                    type: string
+                                  type: array
+                                  x-kubernetes-list-type: atomic
+                                drop:
+                                  items:
+                                    type: string
+                                  type: array
+                                  x-kubernetes-list-type: atomic
+                              type: object
+                            privileged:
+                              type: boolean
+                            procMount:
+                              type: string
+                            readOnlyRootFilesystem:
+                              type: boolean
+                            runAsGroup:
+                              format: int64
+                              type: integer
+                            runAsNonRoot:
+                              type: boolean
+                            runAsUser:
+                              format: int64
+                              type: integer
+                            seLinuxOptions:
+                              properties:
+                                level:
+                                  type: string
+                                role:
+                                  type: string
+                                type:
+                                  type: string
+                                user:
+                                  type: string
+                              type: object
+                            seccompProfile:
+                              properties:
+                                localhostProfile:
+                                  type: string
+                                type:
+                                  type: string
+                              required:
+                              - type
+                              type: object
+                            windowsOptions:
+                              properties:
+                                gmsaCredentialSpec:
+                                  type: string
+                                gmsaCredentialSpecName:
+                                  type: string
+                                hostProcess:
+                                  type: boolean
+                                runAsUserName:
+                                  type: string
+                              type: object
                           type: object
-                        preStop:
+                        startupProbe:
                           properties:
                             exec:
                               properties:
@@ -6433,6 +6523,20 @@ spec:
                                   type: array
                                   x-kubernetes-list-type: atomic
                               type: object
+                            failureThreshold:
+                              format: int32
+                              type: integer
+                            grpc:
+                              properties:
+                                port:
+                                  format: int32
+                                  type: integer
+                                service:
+                                  default: ""
+                                  type: string
+                              required:
+                              - port
+                              type: object
                             httpGet:
                               properties:
                                 host:
@@ -6462,14 +6566,15 @@ spec:
                               required:
                               - port
                               type: object
-                            sleep:
-                              properties:
-                                seconds:
-                                  format: int64
-                                  type: integer
-                              required:
-                              - seconds
-                              type: object
+                            initialDelaySeconds:
+                              format: int32
+                              type: integer
+                            periodSeconds:
+                              format: int32
+                              type: integer
+                            successThreshold:
+                              format: int32
+                              type: integer
                             tcpSocket:
                               properties:
                                 host:
@@ -6482,453 +6587,888 @@ spec:
                               required:
                               - port
                               type: object
+                            terminationGracePeriodSeconds:
+                              format: int64
+                              type: integer
+                            timeoutSeconds:
+                              format: int32
+                              type: integer
+                          type: object
+                        stdin:
+                          type: boolean
+                        stdinOnce:
+                          type: boolean
+                        terminationMessagePath:
+                          type: string
+                        terminationMessagePolicy:
+                          type: string
+                        tty:
+                          type: boolean
+                        volumeDevices:
+                          items:
+                            properties:
+                              devicePath:
+                                type: string
+                              name:
+                                type: string
+                            required:
+                            - devicePath
+                            - name
+                            type: object
+                          type: array
+                          x-kubernetes-list-map-keys:
+                          - devicePath
+                          x-kubernetes-list-type: map
+                        volumeMounts:
+                          items:
+                            properties:
+                              mountPath:
+                                type: string
+                              mountPropagation:
+                                type: string
+                              name:
+                                type: string
+                              readOnly:
+                                type: boolean
+                              recursiveReadOnly:
+                                type: string
+                              subPath:
+                                type: string
+                              subPathExpr:
+                                type: string
+                            required:
+                            - mountPath
+                            - name
+                            type: object
+                          type: array
+                          x-kubernetes-list-map-keys:
+                          - mountPath
+                          x-kubernetes-list-type: map
+                        workingDir:
+                          type: string
+                      required:
+                      - name
+                      type: object
+                    type: array
+                  volumes:
+                    items:
+                      properties:
+                        awsElasticBlockStore:
+                          properties:
+                            fsType:
+                              type: string
+                            partition:
+                              format: int32
+                              type: integer
+                            readOnly:
+                              type: boolean
+                            volumeID:
+                              type: string
+                          required:
+                          - volumeID
+                          type: object
+                        azureDisk:
+                          properties:
+                            cachingMode:
+                              type: string
+                            diskName:
+                              type: string
+                            diskURI:
+                              type: string
+                            fsType:
+                              default: ext4
+                              type: string
+                            kind:
+                              type: string
+                            readOnly:
+                              default: false
+                              type: boolean
+                          required:
+                          - diskName
+                          - diskURI
                           type: object
-                      type: object
-                    livenessProbe:
-                      properties:
-                        exec:
+                        azureFile:
+                          properties:
+                            readOnly:
+                              type: boolean
+                            secretName:
+                              type: string
+                            shareName:
+                              type: string
+                          required:
+                          - secretName
+                          - shareName
+                          type: object
+                        cephfs:
                           properties:
-                            command:
+                            monitors:
                               items:
                                 type: string
                               type: array
                               x-kubernetes-list-type: atomic
+                            path:
+                              type: string
+                            readOnly:
+                              type: boolean
+                            secretFile:
+                              type: string
+                            secretRef:
+                              properties:
+                                name:
+                                  default: ""
+                                  type: string
+                              type: object
+                              x-kubernetes-map-type: atomic
+                            user:
+                              type: string
+                          required:
+                          - monitors
                           type: object
-                        failureThreshold:
-                          format: int32
-                          type: integer
-                        grpc:
+                        cinder:
                           properties:
-                            port:
-                              format: int32
-                              type: integer
-                            service:
-                              default: ""
+                            fsType:
+                              type: string
+                            readOnly:
+                              type: boolean
+                            secretRef:
+                              properties:
+                                name:
+                                  default: ""
+                                  type: string
+                              type: object
+                              x-kubernetes-map-type: atomic
+                            volumeID:
                               type: string
                           required:
-                          - port
+                          - volumeID
                           type: object
-                        httpGet:
+                        configMap:
                           properties:
-                            host:
-                              type: string
-                            httpHeaders:
+                            defaultMode:
+                              format: int32
+                              type: integer
+                            items:
                               items:
                                 properties:
-                                  name:
+                                  key:
                                     type: string
-                                  value:
+                                  mode:
+                                    format: int32
+                                    type: integer
+                                  path:
                                     type: string
                                 required:
-                                - name
-                                - value
+                                - key
+                                - path
                                 type: object
                               type: array
                               x-kubernetes-list-type: atomic
-                            path:
+                            name:
+                              default: ""
                               type: string
-                            port:
-                              anyOf:
-                              - type: integer
-                              - type: string
-                              x-kubernetes-int-or-string: true
-                            scheme:
+                            optional:
+                              type: boolean
+                          type: object
+                          x-kubernetes-map-type: atomic
+                        csi:
+                          properties:
+                            driver:
                               type: string
+                            fsType:
+                              type: string
+                            nodePublishSecretRef:
+                              properties:
+                                name:
+                                  default: ""
+                                  type: string
+                              type: object
+                              x-kubernetes-map-type: atomic
+                            readOnly:
+                              type: boolean
+                            volumeAttributes:
+                              additionalProperties:
+                                type: string
+                              type: object
                           required:
-                          - port
+                          - driver
                           type: object
-                        initialDelaySeconds:
-                          format: int32
-                          type: integer
-                        periodSeconds:
-                          format: int32
-                          type: integer
-                        successThreshold:
-                          format: int32
-                          type: integer
-                        tcpSocket:
+                        downwardAPI:
+                          properties:
+                            defaultMode:
+                              format: int32
+                              type: integer
+                            items:
+                              items:
+                                properties:
+                                  fieldRef:
+                                    properties:
+                                      apiVersion:
+                                        type: string
+                                      fieldPath:
+                                        type: string
+                                    required:
+                                    - fieldPath
+                                    type: object
+                                    x-kubernetes-map-type: atomic
+                                  mode:
+                                    format: int32
+                                    type: integer
+                                  path:
+                                    type: string
+                                  resourceFieldRef:
+                                    properties:
+                                      containerName:
+                                        type: string
+                                      divisor:
+                                        anyOf:
+                                        - type: integer
+                                        - type: string
+                                        pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+                                        x-kubernetes-int-or-string: true
+                                      resource:
+                                        type: string
+                                    required:
+                                    - resource
+                                    type: object
+                                    x-kubernetes-map-type: atomic
+                                required:
+                                - path
+                                type: object
+                              type: array
+                              x-kubernetes-list-type: atomic
+                          type: object
+                        emptyDir:
                           properties:
-                            host:
+                            medium:
                               type: string
-                            port:
+                            sizeLimit:
                               anyOf:
                               - type: integer
                               - type: string
+                              pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
                               x-kubernetes-int-or-string: true
-                          required:
-                          - port
                           type: object
-                        terminationGracePeriodSeconds:
-                          format: int64
-                          type: integer
-                        timeoutSeconds:
-                          format: int32
-                          type: integer
-                      type: object
-                    name:
-                      type: string
-                    ports:
-                      items:
-                        properties:
-                          containerPort:
-                            format: int32
-                            type: integer
-                          hostIP:
-                            type: string
-                          hostPort:
-                            format: int32
-                            type: integer
-                          name:
-                            type: string
-                          protocol:
-                            default: TCP
-                            type: string
-                        required:
-                        - containerPort
-                        type: object
-                      type: array
-                      x-kubernetes-list-map-keys:
-                      - containerPort
-                      - protocol
-                      x-kubernetes-list-type: map
-                    readinessProbe:
-                      properties:
-                        exec:
+                        ephemeral:
+                          properties:
+                            volumeClaimTemplate:
+                              properties:
+                                metadata:
+                                  type: object
+                                spec:
+                                  properties:
+                                    accessModes:
+                                      items:
+                                        type: string
+                                      type: array
+                                      x-kubernetes-list-type: atomic
+                                    dataSource:
+                                      properties:
+                                        apiGroup:
+                                          type: string
+                                        kind:
+                                          type: string
+                                        name:
+                                          type: string
+                                      required:
+                                      - kind
+                                      - name
+                                      type: object
+                                      x-kubernetes-map-type: atomic
+                                    dataSourceRef:
+                                      properties:
+                                        apiGroup:
+                                          type: string
+                                        kind:
+                                          type: string
+                                        name:
+                                          type: string
+                                        namespace:
+                                          type: string
+                                      required:
+                                      - kind
+                                      - name
+                                      type: object
+                                    resources:
+                                      properties:
+                                        limits:
+                                          additionalProperties:
+                                            anyOf:
+                                            - type: integer
+                                            - type: string
+                                            pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+                                            x-kubernetes-int-or-string: true
+                                          type: object
+                                        requests:
+                                          additionalProperties:
+                                            anyOf:
+                                            - type: integer
+                                            - type: string
+                                            pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+                                            x-kubernetes-int-or-string: true
+                                          type: object
+                                      type: object
+                                    selector:
+                                      properties:
+                                        matchExpressions:
+                                          items:
+                                            properties:
+                                              key:
+                                                type: string
+                                              operator:
+                                                type: string
+                                              values:
+                                                items:
+                                                  type: string
+                                                type: array
+                                                x-kubernetes-list-type: atomic
+                                            required:
+                                            - key
+                                            - operator
+                                            type: object
+                                          type: array
+                                          x-kubernetes-list-type: atomic
+                                        matchLabels:
+                                          additionalProperties:
+                                            type: string
+                                          type: object
+                                      type: object
+                                      x-kubernetes-map-type: atomic
+                                    storageClassName:
+                                      type: string
+                                    volumeAttributesClassName:
+                                      type: string
+                                    volumeMode:
+                                      type: string
+                                    volumeName:
+                                      type: string
+                                  type: object
+                              required:
+                              - spec
+                              type: object
+                          type: object
+                        fc:
                           properties:
-                            command:
+                            fsType:
+                              type: string
+                            lun:
+                              format: int32
+                              type: integer
+                            readOnly:
+                              type: boolean
+                            targetWWNs:
+                              items:
+                                type: string
+                              type: array
+                              x-kubernetes-list-type: atomic
+                            wwids:
                               items:
                                 type: string
                               type: array
                               x-kubernetes-list-type: atomic
                           type: object
-                        failureThreshold:
-                          format: int32
-                          type: integer
-                        grpc:
+                        flexVolume:
                           properties:
-                            port:
-                              format: int32
-                              type: integer
-                            service:
-                              default: ""
+                            driver:
+                              type: string
+                            fsType:
                               type: string
+                            options:
+                              additionalProperties:
+                                type: string
+                              type: object
+                            readOnly:
+                              type: boolean
+                            secretRef:
+                              properties:
+                                name:
+                                  default: ""
+                                  type: string
+                              type: object
+                              x-kubernetes-map-type: atomic
                           required:
-                          - port
+                          - driver
                           type: object
-                        httpGet:
+                        flocker:
                           properties:
-                            host:
+                            datasetName:
                               type: string
-                            httpHeaders:
-                              items:
-                                properties:
-                                  name:
-                                    type: string
-                                  value:
-                                    type: string
-                                required:
-                                - name
-                                - value
-                                type: object
-                              type: array
-                              x-kubernetes-list-type: atomic
-                            path:
+                            datasetUUID:
                               type: string
-                            port:
-                              anyOf:
-                              - type: integer
-                              - type: string
-                              x-kubernetes-int-or-string: true
-                            scheme:
+                          type: object
+                        gcePersistentDisk:
+                          properties:
+                            fsType:
+                              type: string
+                            partition:
+                              format: int32
+                              type: integer
+                            pdName:
                               type: string
+                            readOnly:
+                              type: boolean
                           required:
-                          - port
+                          - pdName
                           type: object
-                        initialDelaySeconds:
-                          format: int32
-                          type: integer
-                        periodSeconds:
-                          format: int32
-                          type: integer
-                        successThreshold:
-                          format: int32
-                          type: integer
-                        tcpSocket:
+                        gitRepo:
                           properties:
-                            host:
+                            directory:
+                              type: string
+                            repository:
+                              type: string
+                            revision:
                               type: string
-                            port:
-                              anyOf:
-                              - type: integer
-                              - type: string
-                              x-kubernetes-int-or-string: true
                           required:
-                          - port
-                          type: object
-                        terminationGracePeriodSeconds:
-                          format: int64
-                          type: integer
-                        timeoutSeconds:
-                          format: int32
-                          type: integer
-                      type: object
-                    resizePolicy:
-                      items:
-                        properties:
-                          resourceName:
-                            type: string
-                          restartPolicy:
-                            type: string
-                        required:
-                        - resourceName
-                        - restartPolicy
-                        type: object
-                      type: array
-                      x-kubernetes-list-type: atomic
-                    resources:
-                      properties:
-                        claims:
-                          items:
-                            properties:
-                              name:
-                                type: string
-                              request:
-                                type: string
-                            required:
-                            - name
-                            type: object
-                          type: array
-                          x-kubernetes-list-map-keys:
-                          - name
-                          x-kubernetes-list-type: map
-                        limits:
-                          additionalProperties:
-                            anyOf:
-                            - type: integer
-                            - type: string
-                            pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
-                            x-kubernetes-int-or-string: true
+                          - repository
                           type: object
-                        requests:
-                          additionalProperties:
-                            anyOf:
-                            - type: integer
-                            - type: string
-                            pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
-                            x-kubernetes-int-or-string: true
+                        glusterfs:
+                          properties:
+                            endpoints:
+                              type: string
+                            path:
+                              type: string
+                            readOnly:
+                              type: boolean
+                          required:
+                          - endpoints
+                          - path
                           type: object
-                      type: object
-                    restartPolicy:
-                      type: string
-                    securityContext:
-                      properties:
-                        allowPrivilegeEscalation:
-                          type: boolean
-                        appArmorProfile:
+                        hostPath:
                           properties:
-                            localhostProfile:
+                            path:
                               type: string
                             type:
                               type: string
                           required:
-                          - type
+                          - path
                           type: object
-                        capabilities:
+                        image:
                           properties:
-                            add:
-                              items:
-                                type: string
-                              type: array
-                              x-kubernetes-list-type: atomic
-                            drop:
+                            pullPolicy:
+                              type: string
+                            reference:
+                              type: string
+                          type: object
+                        iscsi:
+                          properties:
+                            chapAuthDiscovery:
+                              type: boolean
+                            chapAuthSession:
+                              type: boolean
+                            fsType:
+                              type: string
+                            initiatorName:
+                              type: string
+                            iqn:
+                              type: string
+                            iscsiInterface:
+                              default: default
+                              type: string
+                            lun:
+                              format: int32
+                              type: integer
+                            portals:
                               items:
                                 type: string
                               type: array
                               x-kubernetes-list-type: atomic
+                            readOnly:
+                              type: boolean
+                            secretRef:
+                              properties:
+                                name:
+                                  default: ""
+                                  type: string
+                              type: object
+                              x-kubernetes-map-type: atomic
+                            targetPortal:
+                              type: string
+                          required:
+                          - iqn
+                          - lun
+                          - targetPortal
                           type: object
-                        privileged:
-                          type: boolean
-                        procMount:
+                        name:
                           type: string
-                        readOnlyRootFilesystem:
-                          type: boolean
-                        runAsGroup:
-                          format: int64
-                          type: integer
-                        runAsNonRoot:
-                          type: boolean
-                        runAsUser:
-                          format: int64
-                          type: integer
-                        seLinuxOptions:
+                        nfs:
                           properties:
-                            level:
-                              type: string
-                            role:
+                            path:
                               type: string
-                            type:
+                            readOnly:
+                              type: boolean
+                            server:
                               type: string
-                            user:
+                          required:
+                          - path
+                          - server
+                          type: object
+                        persistentVolumeClaim:
+                          properties:
+                            claimName:
                               type: string
+                            readOnly:
+                              type: boolean
+                          required:
+                          - claimName
                           type: object
-                        seccompProfile:
+                        photonPersistentDisk:
                           properties:
-                            localhostProfile:
+                            fsType:
                               type: string
-                            type:
+                            pdID:
                               type: string
                           required:
-                          - type
+                          - pdID
                           type: object
-                        windowsOptions:
+                        portworxVolume:
                           properties:
-                            gmsaCredentialSpec:
+                            fsType:
+                              type: string
+                            readOnly:
+                              type: boolean
+                            volumeID:
                               type: string
-                            gmsaCredentialSpecName:
+                          required:
+                          - volumeID
+                          type: object
+                        projected:
+                          properties:
+                            defaultMode:
+                              format: int32
+                              type: integer
+                            sources:
+                              items:
+                                properties:
+                                  clusterTrustBundle:
+                                    properties:
+                                      labelSelector:
+                                        properties:
+                                          matchExpressions:
+                                            items:
+                                              properties:
+                                                key:
+                                                  type: string
+                                                operator:
+                                                  type: string
+                                                values:
+                                                  items:
+                                                    type: string
+                                                  type: array
+                                                  x-kubernetes-list-type: atomic
+                                              required:
+                                              - key
+                                              - operator
+                                              type: object
+                                            type: array
+                                            x-kubernetes-list-type: atomic
+                                          matchLabels:
+                                            additionalProperties:
+                                              type: string
+                                            type: object
+                                        type: object
+                                        x-kubernetes-map-type: atomic
+                                      name:
+                                        type: string
+                                      optional:
+                                        type: boolean
+                                      path:
+                                        type: string
+                                      signerName:
+                                        type: string
+                                    required:
+                                    - path
+                                    type: object
+                                  configMap:
+                                    properties:
+                                      items:
+                                        items:
+                                          properties:
+                                            key:
+                                              type: string
+                                            mode:
+                                              format: int32
+                                              type: integer
+                                            path:
+                                              type: string
+                                          required:
+                                          - key
+                                          - path
+                                          type: object
+                                        type: array
+                                        x-kubernetes-list-type: atomic
+                                      name:
+                                        default: ""
+                                        type: string
+                                      optional:
+                                        type: boolean
+                                    type: object
+                                    x-kubernetes-map-type: atomic
+                                  downwardAPI:
+                                    properties:
+                                      items:
+                                        items:
+                                          properties:
+                                            fieldRef:
+                                              properties:
+                                                apiVersion:
+                                                  type: string
+                                                fieldPath:
+                                                  type: string
+                                              required:
+                                              - fieldPath
+                                              type: object
+                                              x-kubernetes-map-type: atomic
+                                            mode:
+                                              format: int32
+                                              type: integer
+                                            path:
+                                              type: string
+                                            resourceFieldRef:
+                                              properties:
+                                                containerName:
+                                                  type: string
+                                                divisor:
+                                                  anyOf:
+                                                  - type: integer
+                                                  - type: string
+                                                  pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+                                                  x-kubernetes-int-or-string: true
+                                                resource:
+                                                  type: string
+                                              required:
+                                              - resource
+                                              type: object
+                                              x-kubernetes-map-type: atomic
+                                          required:
+                                          - path
+                                          type: object
+                                        type: array
+                                        x-kubernetes-list-type: atomic
+                                    type: object
+                                  podCertificate:
+                                    properties:
+                                      certificateChainPath:
+                                        type: string
+                                      credentialBundlePath:
+                                        type: string
+                                      keyPath:
+                                        type: string
+                                      keyType:
+                                        type: string
+                                      maxExpirationSeconds:
+                                        format: int32
+                                        type: integer
+                                      signerName:
+                                        type: string
+                                    required:
+                                    - keyType
+                                    - signerName
+                                    type: object
+                                  secret:
+                                    properties:
+                                      items:
+                                        items:
+                                          properties:
+                                            key:
+                                              type: string
+                                            mode:
+                                              format: int32
+                                              type: integer
+                                            path:
+                                              type: string
+                                          required:
+                                          - key
+                                          - path
+                                          type: object
+                                        type: array
+                                        x-kubernetes-list-type: atomic
+                                      name:
+                                        default: ""
+                                        type: string
+                                      optional:
+                                        type: boolean
+                                    type: object
+                                    x-kubernetes-map-type: atomic
+                                  serviceAccountToken:
+                                    properties:
+                                      audience:
+                                        type: string
+                                      expirationSeconds:
+                                        format: int64
+                                        type: integer
+                                      path:
+                                        type: string
+                                    required:
+                                    - path
+                                    type: object
+                                type: object
+                              type: array
+                              x-kubernetes-list-type: atomic
+                          type: object
+                        quobyte:
+                          properties:
+                            group:
                               type: string
-                            hostProcess:
+                            readOnly:
                               type: boolean
-                            runAsUserName:
+                            registry:
+                              type: string
+                            tenant:
                               type: string
+                            user:
+                              type: string
+                            volume:
+                              type: string
+                          required:
+                          - registry
+                          - volume
                           type: object
-                      type: object
-                    startupProbe:
-                      properties:
-                        exec:
+                        rbd:
                           properties:
-                            command:
+                            fsType:
+                              type: string
+                            image:
+                              type: string
+                            keyring:
+                              default: /etc/ceph/keyring
+                              type: string
+                            monitors:
                               items:
                                 type: string
                               type: array
                               x-kubernetes-list-type: atomic
+                            pool:
+                              default: rbd
+                              type: string
+                            readOnly:
+                              type: boolean
+                            secretRef:
+                              properties:
+                                name:
+                                  default: ""
+                                  type: string
+                              type: object
+                              x-kubernetes-map-type: atomic
+                            user:
+                              default: admin
+                              type: string
+                          required:
+                          - image
+                          - monitors
                           type: object
-                        failureThreshold:
-                          format: int32
-                          type: integer
-                        grpc:
+                        scaleIO:
                           properties:
-                            port:
-                              format: int32
-                              type: integer
-                            service:
-                              default: ""
+                            fsType:
+                              default: xfs
+                              type: string
+                            gateway:
+                              type: string
+                            protectionDomain:
+                              type: string
+                            readOnly:
+                              type: boolean
+                            secretRef:
+                              properties:
+                                name:
+                                  default: ""
+                                  type: string
+                              type: object
+                              x-kubernetes-map-type: atomic
+                            sslEnabled:
+                              type: boolean
+                            storageMode:
+                              default: ThinProvisioned
+                              type: string
+                            storagePool:
+                              type: string
+                            system:
+                              type: string
+                            volumeName:
                               type: string
                           required:
-                          - port
+                          - gateway
+                          - secretRef
+                          - system
                           type: object
-                        httpGet:
+                        secret:
                           properties:
-                            host:
-                              type: string
-                            httpHeaders:
+                            defaultMode:
+                              format: int32
+                              type: integer
+                            items:
                               items:
                                 properties:
-                                  name:
+                                  key:
                                     type: string
-                                  value:
+                                  mode:
+                                    format: int32
+                                    type: integer
+                                  path:
                                     type: string
                                 required:
-                                - name
-                                - value
+                                - key
+                                - path
                                 type: object
                               type: array
                               x-kubernetes-list-type: atomic
-                            path:
+                            optional:
+                              type: boolean
+                            secretName:
                               type: string
-                            port:
-                              anyOf:
-                              - type: integer
-                              - type: string
-                              x-kubernetes-int-or-string: true
-                            scheme:
+                          type: object
+                        storageos:
+                          properties:
+                            fsType:
+                              type: string
+                            readOnly:
+                              type: boolean
+                            secretRef:
+                              properties:
+                                name:
+                                  default: ""
+                                  type: string
+                              type: object
+                              x-kubernetes-map-type: atomic
+                            volumeName:
+                              type: string
+                            volumeNamespace:
                               type: string
-                          required:
-                          - port
                           type: object
-                        initialDelaySeconds:
-                          format: int32
-                          type: integer
-                        periodSeconds:
-                          format: int32
-                          type: integer
-                        successThreshold:
-                          format: int32
-                          type: integer
-                        tcpSocket:
+                        vsphereVolume:
                           properties:
-                            host:
+                            fsType:
+                              type: string
+                            storagePolicyID:
+                              type: string
+                            storagePolicyName:
+                              type: string
+                            volumePath:
                               type: string
-                            port:
-                              anyOf:
-                              - type: integer
-                              - type: string
-                              x-kubernetes-int-or-string: true
                           required:
-                          - port
+                          - volumePath
                           type: object
-                        terminationGracePeriodSeconds:
-                          format: int64
-                          type: integer
-                        timeoutSeconds:
-                          format: int32
-                          type: integer
+                      required:
+                      - name
                       type: object
-                    stdin:
-                      type: boolean
-                    stdinOnce:
-                      type: boolean
-                    terminationMessagePath:
-                      type: string
-                    terminationMessagePolicy:
-                      type: string
-                    tty:
-                      type: boolean
-                    volumeDevices:
-                      items:
-                        properties:
-                          devicePath:
-                            type: string
-                          name:
-                            type: string
-                        required:
-                        - devicePath
-                        - name
-                        type: object
-                      type: array
-                      x-kubernetes-list-map-keys:
-                      - devicePath
-                      x-kubernetes-list-type: map
-                    volumeMounts:
-                      items:
-                        properties:
-                          mountPath:
-                            type: string
-                          mountPropagation:
-                            type: string
-                          name:
-                            type: string
-                          readOnly:
-                            type: boolean
-                          recursiveReadOnly:
-                            type: string
-                          subPath:
-                            type: string
-                          subPathExpr:
-                            type: string
-                        required:
-                        - mountPath
-                        - name
-                        type: object
-                      type: array
-                      x-kubernetes-list-map-keys:
-                      - mountPath
-                      x-kubernetes-list-type: map
-                    workingDir:
-                      type: string
-                  required:
-                  - name
-                  type: object
-                type: array
+                    type: array
+                type: object
+              wallet:
+                properties:
+                  additional:
+                    items:
+                      properties:
+                        mountPath:
+                          type: string
+                        name:
+                          type: string
+                        secret:
+                          type: string
+                      type: object
+                    type: array
+                  mountPath:
+                    type: string
+                  secret:
+                    type: string
+                type: object
             type: object
           status:
             properties:
@@ -6968,7 +7508,7 @@ spec:
                   - type
                   type: object
                 type: array
-              exporterConfig:
+              metricsConfig:
                 type: string
               replicas:
                 type: integer
@@ -6978,7 +7518,7 @@ spec:
                 type: string
             required:
             - conditions
-            - exporterConfig
+            - metricsConfig
             - version
             type: object
         type: object
diff --git a/config/crd/kustomization.yaml b/config/crd/kustomization.yaml
index 726521b0..59f9af93 100644
--- a/config/crd/kustomization.yaml
+++ b/config/crd/kustomization.yaml
@@ -11,8 +11,6 @@ resources:
 - bases/database.oracle.com_autonomousdatabaserestores.yaml
 - bases/database.oracle.com_singleinstancedatabases.yaml
 - bases/database.oracle.com_shardingdatabases.yaml
-- bases/database.oracle.com_pdbs.yaml
-- bases/database.oracle.com_cdbs.yaml
 - bases/database.oracle.com_oraclerestdataservices.yaml
 - bases/database.oracle.com_autonomouscontainerdatabases.yaml
 - bases/database.oracle.com_dbcssystems.yaml
@@ -21,51 +19,62 @@ resources:
 - bases/database.oracle.com_lrests.yaml
 - bases/database.oracle.com_lrpdbs.yaml
 - bases/database.oracle.com_ordssrvs.yaml
+- bases/database.oracle.com_oraclerestarts.yaml
 # +kubebuilder:scaffold:crdkustomizeresource
 
-patchesStrategicMerge:
+patches:
+
 # [WEBHOOK] To enable webhook, uncomment all the sections with [WEBHOOK] prefix.
 # patches here are for enabling the conversion webhook for each CRD
 #- patches/webhook_in_provshards.yaml
 #- patches/webhook_in_singleinstancedatabases.yaml
 #- patches/webhook_in_shardingdatabases.yaml
-#- patches/webhook_in_pdbs.yaml
-#- patches/webhook_in_cdbs.yaml
 #- patches/webhook_in_oraclerestdataservices.yaml
 #- patches/webhook_in_dbcssystems.yaml
 #- patches/webhook_in_dataguardbrokers.yaml
 #- patches/webhook_in_databaseobservers.yaml
-- patches/webhook_in_autonomousdatabases.yaml
-- patches/webhook_in_autonomousdatabasebackups.yaml
-- patches/webhook_in_autonomousdatabaserestores.yaml
-- patches/webhook_in_autonomouscontainerdatabases.yaml
+- path: patches/webhook_in_autonomousdatabases.yaml
+- path: patches/webhook_in_autonomousdatabasebackups.yaml
+- path: patches/webhook_in_autonomousdatabaserestores.yaml
+- path: patches/webhook_in_autonomouscontainerdatabases.yaml
 #- patches/webhook_in_lrests.yaml
 #- patches/webhook_in_lrpdbs.yaml
 #- patches/webhook_in_ordssrvs.yaml
 # +kubebuilder:scaffold:crdkustomizewebhookpatch
 
-# [CERTMANAGER] To enable webhook, uncomment all the sections with [CERTMANAGER] prefix.
+# [CERTMANAGER] To enable cert-manager, uncomment all the sections with [CERTMANAGER] prefix.
 # patches here are for enabling the CA injection for each CRD
 #- patches/cainjection_in_provshards.yaml
-- patches/cainjection_in_singleinstancedatabases.yaml
-- patches/cainjection_in_shardingdatabases.yaml
-- patches/cainjection_in_pdbs.yaml
-- patches/cainjection_in_cdbs.yaml
 #- patches/cainjection_in_oraclerestdataservices.yaml
-#- patches/cainjection_in_autonomouscontainerdatabases.yaml
-- patches/cainjection_in_dbcssystems.yaml
 #- patches/cainjection_in_dataguardbrokers.yaml
 #- patches/cainjection_in_databaseobservers.yaml
-- patches/cainjection_in_autonomousdatabases.yaml
-- patches/cainjection_in_autonomousdatabasebackups.yaml
-- patches/cainjection_in_autonomousdatabaserestores.yaml
-- patches/cainjection_in_autonomouscontainerdatabases.yaml
 #- patches/cainjection_in_lrests.yaml
 #- patches/cainjection_in_lrpdbs.yaml
 #- patches/cainjection_in_ordssrvs.yaml
-#- patches/cainjection_in_singleinstancedatabases.yaml
+- path: patches/cainjection_in_singleinstancedatabases.yaml
+- path: patches/cainjection_in_shardingdatabases.yaml
+- path: patches/cainjection_in_dbcssystems.yaml
+- path: patches/cainjection_in_autonomousdatabases.yaml
+- path: patches/cainjection_in_autonomousdatabasebackups.yaml
+- path: patches/cainjection_in_autonomousdatabaserestores.yaml
+- path: patches/cainjection_in_autonomouscontainerdatabases.yaml
+
 # +kubebuilder:scaffold:crdkustomizecainjectionpatch
 
 # the following config is for teaching kustomize how to do kustomization for CRDs.
 configurations:
 - kustomizeconfig.yaml
+apiVersion: kustomize.config.k8s.io/v1beta1
+kind: Kustomization
+patches:
+- path: patches/webhook_in_autonomousdatabases.yaml
+- path: patches/webhook_in_autonomousdatabasebackups.yaml
+- path: patches/webhook_in_autonomousdatabaserestores.yaml
+- path: patches/webhook_in_autonomouscontainerdatabases.yaml
+- path: patches/cainjection_in_singleinstancedatabases.yaml
+- path: patches/cainjection_in_shardingdatabases.yaml
+- path: patches/cainjection_in_dbcssystems.yaml
+- path: patches/cainjection_in_autonomousdatabases.yaml
+- path: patches/cainjection_in_autonomousdatabasebackups.yaml
+- path: patches/cainjection_in_autonomousdatabaserestores.yaml
+- path: patches/cainjection_in_autonomouscontainerdatabases.yaml
diff --git a/config/crd/patches/cainjection_in_autonomouscontainerdatabases.yaml b/config/crd/patches/cainjection_in_autonomouscontainerdatabases.yaml
index 734407bc..45edfbf0 100644
--- a/config/crd/patches/cainjection_in_autonomouscontainerdatabases.yaml
+++ b/config/crd/patches/cainjection_in_autonomouscontainerdatabases.yaml
@@ -4,5 +4,5 @@ apiVersion: apiextensions.k8s.io/v1
 kind: CustomResourceDefinition
 metadata:
   annotations:
-    cert-manager.io/inject-ca-from: $(CERTIFICATE_NAMESPACE)/$(CERTIFICATE_NAME)
+    cert-manager.io/inject-ca-from: CERTIFICATE_NAMESPACE_PLACEHOLDER/CERTIFICATE_NAME_PLACEHOLDER
   name: autonomouscontainerdatabases.database.oracle.com
diff --git a/config/crd/patches/cainjection_in_autonomousdatabasebackups.yaml b/config/crd/patches/cainjection_in_autonomousdatabasebackups.yaml
index 9468569d..65af0df2 100644
--- a/config/crd/patches/cainjection_in_autonomousdatabasebackups.yaml
+++ b/config/crd/patches/cainjection_in_autonomousdatabasebackups.yaml
@@ -4,5 +4,5 @@ apiVersion: apiextensions.k8s.io/v1
 kind: CustomResourceDefinition
 metadata:
   annotations:
-    cert-manager.io/inject-ca-from: $(CERTIFICATE_NAMESPACE)/$(CERTIFICATE_NAME)
+    cert-manager.io/inject-ca-from: CERTIFICATE_NAMESPACE_PLACEHOLDER/CERTIFICATE_NAME_PLACEHOLDER
   name: autonomousdatabasebackups.database.oracle.com
diff --git a/config/crd/patches/cainjection_in_autonomousdatabaserestores.yaml b/config/crd/patches/cainjection_in_autonomousdatabaserestores.yaml
index cfc941f8..bf846773 100644
--- a/config/crd/patches/cainjection_in_autonomousdatabaserestores.yaml
+++ b/config/crd/patches/cainjection_in_autonomousdatabaserestores.yaml
@@ -4,5 +4,5 @@ apiVersion: apiextensions.k8s.io/v1
 kind: CustomResourceDefinition
 metadata:
   annotations:
-    cert-manager.io/inject-ca-from: $(CERTIFICATE_NAMESPACE)/$(CERTIFICATE_NAME)
+    cert-manager.io/inject-ca-from: CERTIFICATE_NAMESPACE_PLACEHOLDER/CERTIFICATE_NAME_PLACEHOLDER
   name: autonomousdatabaserestores.database.oracle.com
diff --git a/config/crd/patches/cainjection_in_autonomousdatabases.yaml b/config/crd/patches/cainjection_in_autonomousdatabases.yaml
index 05842d0b..45c3325d 100644
--- a/config/crd/patches/cainjection_in_autonomousdatabases.yaml
+++ b/config/crd/patches/cainjection_in_autonomousdatabases.yaml
@@ -8,5 +8,5 @@ apiVersion: apiextensions.k8s.io/v1
 kind: CustomResourceDefinition
 metadata:
   annotations:
-    cert-manager.io/inject-ca-from: $(CERTIFICATE_NAMESPACE)/$(CERTIFICATE_NAME)
+    cert-manager.io/inject-ca-from: CERTIFICATE_NAMESPACE_PLACEHOLDER/CERTIFICATE_NAME_PLACEHOLDER
   name: autonomousdatabases.database.oracle.com
diff --git a/config/crd/patches/cainjection_in_cdbs.yaml b/config/crd/patches/cainjection_in_cdbs.yaml
index 8cb50343..97b3a780 100644
--- a/config/crd/patches/cainjection_in_cdbs.yaml
+++ b/config/crd/patches/cainjection_in_cdbs.yaml
@@ -4,5 +4,5 @@ apiVersion: apiextensions.k8s.io/v1
 kind: CustomResourceDefinition
 metadata:
   annotations:
-    cert-manager.io/inject-ca-from: $(CERTIFICATE_NAMESPACE)/$(CERTIFICATE_NAME)
+    cert-manager.io/inject-ca-from: CERTIFICATE_NAMESPACE_PLACEHOLDER/CERTIFICATE_NAME_PLACEHOLDER
   name: cdbs.database.oracle.com
diff --git a/config/crd/patches/cainjection_in_dbcssystems.yaml b/config/crd/patches/cainjection_in_dbcssystems.yaml
index 1c14e1fd..31bdd9e1 100644
--- a/config/crd/patches/cainjection_in_dbcssystems.yaml
+++ b/config/crd/patches/cainjection_in_dbcssystems.yaml
@@ -4,5 +4,5 @@ apiVersion: apiextensions.k8s.io/v1
 kind: CustomResourceDefinition
 metadata:
   annotations:
-    cert-manager.io/inject-ca-from: $(CERTIFICATE_NAMESPACE)/$(CERTIFICATE_NAME)
+    cert-manager.io/inject-ca-from: CERTIFICATE_NAMESPACE_PLACEHOLDER/CERTIFICATE_NAME_PLACEHOLDER
   name: dbcssystems.database.oracle.com
diff --git a/config/crd/patches/cainjection_in_pdbs.yaml b/config/crd/patches/cainjection_in_pdbs.yaml
index 8c41010a..90ee25bb 100644
--- a/config/crd/patches/cainjection_in_pdbs.yaml
+++ b/config/crd/patches/cainjection_in_pdbs.yaml
@@ -4,5 +4,5 @@ apiVersion: apiextensions.k8s.io/v1
 kind: CustomResourceDefinition
 metadata:
   annotations:
-    cert-manager.io/inject-ca-from: $(CERTIFICATE_NAMESPACE)/$(CERTIFICATE_NAME)
+    cert-manager.io/inject-ca-from: CERTIFICATE_NAMESPACE_PLACEHOLDER/CERTIFICATE_NAME_PLACEHOLDER
   name: pdbs.database.oracle.com
diff --git a/config/crd/patches/cainjection_in_shardingdatabases.yaml b/config/crd/patches/cainjection_in_shardingdatabases.yaml
index 45d35376..f7220bc6 100644
--- a/config/crd/patches/cainjection_in_shardingdatabases.yaml
+++ b/config/crd/patches/cainjection_in_shardingdatabases.yaml
@@ -8,5 +8,5 @@ apiVersion: apiextensions.k8s.io/v1
 kind: CustomResourceDefinition
 metadata:
   annotations:
-    cert-manager.io/inject-ca-from: $(CERTIFICATE_NAMESPACE)/$(CERTIFICATE_NAME)
+    cert-manager.io/inject-ca-from: CERTIFICATE_NAMESPACE_PLACEHOLDER/CERTIFICATE_NAME_PLACEHOLDER
   name: shardingdatabases.database.oracle.com
diff --git a/config/crd/patches/cainjection_in_singleinstancedatabases.yaml b/config/crd/patches/cainjection_in_singleinstancedatabases.yaml
index 11114339..65d1336e 100644
--- a/config/crd/patches/cainjection_in_singleinstancedatabases.yaml
+++ b/config/crd/patches/cainjection_in_singleinstancedatabases.yaml
@@ -8,5 +8,5 @@ apiVersion: apiextensions.k8s.io/v1
 kind: CustomResourceDefinition
 metadata:
   annotations:
-    cert-manager.io/inject-ca-from: $(CERTIFICATE_NAMESPACE)/$(CERTIFICATE_NAME)
+    cert-manager.io/inject-ca-from: CERTIFICATE_NAMESPACE_PLACEHOLDER/CERTIFICATE_NAME_PLACEHOLDER
   name: singleinstancedatabases.database.oracle.com
diff --git a/config/database.oracle.com_autonomousdatabases.yaml b/config/database.oracle.com_autonomousdatabases.yaml
deleted file mode 100644
index f77407f3..00000000
--- a/config/database.oracle.com_autonomousdatabases.yaml
+++ /dev/null
@@ -1,324 +0,0 @@
-
----
-apiVersion: apiextensions.k8s.io/v1
-kind: CustomResourceDefinition
-metadata:
-  annotations:
-    controller-gen.kubebuilder.io/version: v0.6.1
-  creationTimestamp: null
-  name: autonomousdatabases.database.oracle.com
-spec:
-  group: database.oracle.com
-  names:
-    kind: AutonomousDatabase
-    listKind: AutonomousDatabaseList
-    plural: autonomousdatabases
-    shortNames:
-    - adb
-    - adbs
-    singular: autonomousdatabase
-  scope: Namespaced
-  versions:
-  - additionalPrinterColumns:
-    - jsonPath: .spec.details.displayName
-      name: Display Name
-      type: string
-    - jsonPath: .spec.details.dbName
-      name: Db Name
-      type: string
-    - jsonPath: .status.lifecycleState
-      name: State
-      type: string
-    - jsonPath: .spec.details.isDedicated
-      name: Dedicated
-      type: string
-    - jsonPath: .spec.details.cpuCoreCount
-      name: OCPUs
-      type: integer
-    - jsonPath: .spec.details.dataStorageSizeInTBs
-      name: Storage (TB)
-      type: integer
-    - jsonPath: .spec.details.dbWorkload
-      name: Workload Type
-      type: string
-    - jsonPath: .status.timeCreated
-      name: Created
-      type: string
-    name: v1alpha1
-    schema:
-      openAPIV3Schema:
-        description: AutonomousDatabase is the Schema for the autonomousdatabases
-          API
-        properties:
-          apiVersion:
-            description: 'APIVersion defines the versioned schema of this representation
-              of an object. Servers should convert recognized schemas to the latest
-              internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
-            type: string
-          kind:
-            description: 'Kind is a string value representing the REST resource this
-              object represents. Servers may infer this from the endpoint the client
-              submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
-            type: string
-          metadata:
-            type: object
-          spec:
-            description: 'AutonomousDatabaseSpec defines the desired state of AutonomousDatabase
-              Important: Run "make" to regenerate code after modifying this file'
-            properties:
-              details:
-                description: AutonomousDatabaseDetails defines the detail information
-                  of AutonomousDatabase, corresponding to oci-go-sdk/database/AutonomousDatabase
-                properties:
-                  adminPassword:
-                    properties:
-                      k8sSecret:
-                        description: "*********************** *\tSecret specs ***********************"
-                        properties:
-                          name:
-                            type: string
-                        type: object
-                      ociSecret:
-                        properties:
-                          ocid:
-                            type: string
-                        type: object
-                    type: object
-                  autonomousContainerDatabase:
-                    description: ACDSpec defines the spec of the target for backup/restore
-                      runs. The name could be the name of an AutonomousDatabase or
-                      an AutonomousDatabaseBackup
-                    properties:
-                      k8sACD:
-                        description: "*********************** *\tACD specs ***********************"
-                        properties:
-                          name:
-                            type: string
-                        type: object
-                      ociACD:
-                        properties:
-                          ocid:
-                            type: string
-                        type: object
-                    type: object
-                  autonomousDatabaseOCID:
-                    type: string
-                  compartmentOCID:
-                    type: string
-                  cpuCoreCount:
-                    type: integer
-                  dataStorageSizeInTBs:
-                    type: integer
-                  dbName:
-                    type: string
-                  dbVersion:
-                    type: string
-                  dbWorkload:
-                    description: 'AutonomousDatabaseDbWorkloadEnum Enum with underlying
-                      type: string'
-                    enum:
-                    - OLTP
-                    - DW
-                    - AJD
-                    - APEX
-                    type: string
-                  displayName:
-                    type: string
-                  freeformTags:
-                    additionalProperties:
-                      type: string
-                    type: object
-                  isAutoScalingEnabled:
-                    type: boolean
-                  isDedicated:
-                    type: boolean
-                  licenseModel:
-                    description: 'AutonomousDatabaseLicenseModelEnum Enum with underlying
-                      type: string'
-                    enum:
-                    - LICENSE_INCLUDED
-                    - BRING_YOUR_OWN_LICENSE
-                    type: string
-                  lifecycleState:
-                    description: 'AutonomousDatabaseLifecycleStateEnum Enum with underlying
-                      type: string'
-                    type: string
-                  networkAccess:
-                    properties:
-                      accessControlList:
-                        items:
-                          type: string
-                        type: array
-                      accessType:
-                        enum:
-                        - ""
-                        - PUBLIC
-                        - RESTRICTED
-                        - PRIVATE
-                        type: string
-                      isAccessControlEnabled:
-                        type: boolean
-                      isMTLSConnectionRequired:
-                        type: boolean
-                      privateEndpoint:
-                        properties:
-                          hostnamePrefix:
-                            type: string
-                          nsgOCIDs:
-                            items:
-                              type: string
-                            type: array
-                          subnetOCID:
-                            type: string
-                        type: object
-                    type: object
-                  wallet:
-                    properties:
-                      name:
-                        type: string
-                      password:
-                        properties:
-                          k8sSecret:
-                            description: "*********************** *\tSecret specs
-                              ***********************"
-                            properties:
-                              name:
-                                type: string
-                            type: object
-                          ociSecret:
-                            properties:
-                              ocid:
-                                type: string
-                            type: object
-                        type: object
-                    type: object
-                type: object
-              hardLink:
-                default: false
-                type: boolean
-              ociConfig:
-                description: "*********************** *\tOCI config ***********************"
-                properties:
-                  configMapName:
-                    type: string
-                  secretName:
-                    type: string
-                type: object
-            required:
-            - details
-            type: object
-          status:
-            description: AutonomousDatabaseStatus defines the observed state of AutonomousDatabase
-            properties:
-              allConnectionStrings:
-                items:
-                  properties:
-                    connectionStrings:
-                      items:
-                        properties:
-                          connectionString:
-                            type: string
-                          tnsName:
-                            type: string
-                        type: object
-                      type: array
-                    tlsAuthentication:
-                      type: string
-                  required:
-                  - connectionStrings
-                  type: object
-                type: array
-              conditions:
-                items:
-                  description: "Condition contains details for one aspect of the current
-                    state of this API Resource. --- This struct is intended for direct
-                    use as an array at the field path .status.conditions.  For example,
-                    \n \ttype FooStatus struct{ \t    // Represents the observations
-                    of a foo's current state. \t    // Known .status.conditions.type
-                    are: \"Available\", \"Progressing\", and \"Degraded\" \t    //
-                    +patchMergeKey=type \t    // +patchStrategy=merge \t    // +listType=map
-                    \t    // +listMapKey=type \t    Conditions []metav1.Condition
-                    `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\"
-                    protobuf:\"bytes,1,rep,name=conditions\"` \n \t    // other fields
-                    \t}"
-                  properties:
-                    lastTransitionTime:
-                      description: lastTransitionTime is the last time the condition
-                        transitioned from one status to another. This should be when
-                        the underlying condition changed.  If that is not known, then
-                        using the time when the API field changed is acceptable.
-                      format: date-time
-                      type: string
-                    message:
-                      description: message is a human readable message indicating
-                        details about the transition. This may be an empty string.
-                      maxLength: 32768
-                      type: string
-                    observedGeneration:
-                      description: observedGeneration represents the .metadata.generation
-                        that the condition was set based upon. For instance, if .metadata.generation
-                        is currently 12, but the .status.conditions[x].observedGeneration
-                        is 9, the condition is out of date with respect to the current
-                        state of the instance.
-                      format: int64
-                      minimum: 0
-                      type: integer
-                    reason:
-                      description: reason contains a programmatic identifier indicating
-                        the reason for the condition's last transition. Producers
-                        of specific condition types may define expected values and
-                        meanings for this field, and whether the values are considered
-                        a guaranteed API. The value should be a CamelCase string.
-                        This field may not be empty.
-                      maxLength: 1024
-                      minLength: 1
-                      pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$
-                      type: string
-                    status:
-                      description: status of the condition, one of True, False, Unknown.
-                      enum:
-                      - "True"
-                      - "False"
-                      - Unknown
-                      type: string
-                    type:
-                      description: type of condition in CamelCase or in foo.example.com/CamelCase.
-                        --- Many .condition.type values are consistent across resources
-                        like Available, but because arbitrary conditions can be useful
-                        (see .node.status.conditions), the ability to deconflict is
-                        important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt)
-                      maxLength: 316
-                      pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$
-                      type: string
-                  required:
-                  - lastTransitionTime
-                  - message
-                  - reason
-                  - status
-                  - type
-                  type: object
-                type: array
-                x-kubernetes-list-map-keys:
-                - type
-                x-kubernetes-list-type: map
-              lifecycleState:
-                description: 'INSERT ADDITIONAL STATUS FIELD - define observed state
-                  of cluster Important: Run "make" to regenerate code after modifying
-                  this file'
-                type: string
-              timeCreated:
-                type: string
-              walletExpiringDate:
-                type: string
-            type: object
-        type: object
-    served: true
-    storage: true
-    subresources:
-      status: {}
-status:
-  acceptedNames:
-    kind: ""
-    plural: ""
-  conditions: []
-  storedVersions: []
diff --git a/config/database.oracle.com_dataguardbrokers.yaml b/config/database.oracle.com_dataguardbrokers.yaml
deleted file mode 100644
index f19a3e22..00000000
--- a/config/database.oracle.com_dataguardbrokers.yaml
+++ /dev/null
@@ -1,134 +0,0 @@
-
----
-apiVersion: apiextensions.k8s.io/v1
-kind: CustomResourceDefinition
-metadata:
-  annotations:
-    controller-gen.kubebuilder.io/version: v0.6.1
-  creationTimestamp: null
-  name: dataguardbrokers.database.oracle.com
-spec:
-  group: database.oracle.com
-  names:
-    kind: DataguardBroker
-    listKind: DataguardBrokerList
-    plural: dataguardbrokers
-    singular: dataguardbroker
-  scope: Namespaced
-  versions:
-  - additionalPrinterColumns:
-    - jsonPath: .status.primaryDatabase
-      name: Primary
-      type: string
-    - jsonPath: .status.standbyDatabases
-      name: Standbys
-      type: string
-    - jsonPath: .spec.protectionMode
-      name: Protection Mode
-      type: string
-    - jsonPath: .status.clusterConnectString
-      name: Cluster Connect Str
-      priority: 1
-      type: string
-    - jsonPath: .status.externalConnectString
-      name: Connect Str
-      type: string
-    - jsonPath: .spec.primaryDatabaseRef
-      name: Primary Database
-      priority: 1
-      type: string
-    - jsonPath: .status.status
-      name: Status
-      type: string
-    name: v1alpha1
-    schema:
-      openAPIV3Schema:
-        description: DataguardBroker is the Schema for the dataguardbrokers API
-        properties:
-          apiVersion:
-            description: 'APIVersion defines the versioned schema of this representation
-              of an object. Servers should convert recognized schemas to the latest
-              internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
-            type: string
-          kind:
-            description: 'Kind is a string value representing the REST resource this
-              object represents. Servers may infer this from the endpoint the client
-              submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
-            type: string
-          metadata:
-            type: object
-          spec:
-            description: DataguardBrokerSpec defines the desired state of DataguardBroker
-            properties:
-              fastStartFailOver:
-                properties:
-                  enable:
-                    type: boolean
-                  strategy:
-                    items:
-                      description: FSFO strategy
-                      properties:
-                        sourceDatabaseRef:
-                          type: string
-                        targetDatabaseRefs:
-                          type: string
-                      type: object
-                    type: array
-                type: object
-              loadBalancer:
-                type: boolean
-              nodeSelector:
-                additionalProperties:
-                  type: string
-                type: object
-              primaryDatabaseRef:
-                type: string
-              protectionMode:
-                enum:
-                - MaxPerformance
-                - MaxAvailability
-                type: string
-              serviceAnnotations:
-                additionalProperties:
-                  type: string
-                type: object
-              setAsPrimaryDatabase:
-                type: string
-              standbyDatabaseRefs:
-                items:
-                  type: string
-                type: array
-            required:
-            - primaryDatabaseRef
-            - protectionMode
-            - standbyDatabaseRefs
-            type: object
-          status:
-            description: DataguardBrokerStatus defines the observed state of DataguardBroker
-            properties:
-              clusterConnectString:
-                type: string
-              externalConnectString:
-                type: string
-              primaryDatabase:
-                type: string
-              primaryDatabaseRef:
-                type: string
-              protectionMode:
-                type: string
-              standbyDatabases:
-                type: string
-              status:
-                type: string
-            type: object
-        type: object
-    served: true
-    storage: true
-    subresources:
-      status: {}
-status:
-  acceptedNames:
-    kind: ""
-    plural: ""
-  conditions: []
-  storedVersions: []
diff --git a/config/database.oracle.com_shardingdatabases.yaml b/config/database.oracle.com_shardingdatabases.yaml
deleted file mode 100644
index bb9bbd38..00000000
--- a/config/database.oracle.com_shardingdatabases.yaml
+++ /dev/null
@@ -1,688 +0,0 @@
-
----
-apiVersion: apiextensions.k8s.io/v1
-kind: CustomResourceDefinition
-metadata:
-  annotations:
-    controller-gen.kubebuilder.io/version: v0.16.5
-  creationTimestamp: null
-  name: shardingdatabases.database.oracle.com
-spec:
-  group: database.oracle.com
-  names:
-    kind: ShardingDatabase
-    listKind: ShardingDatabaseList
-    plural: shardingdatabases
-    singular: shardingdatabase
-  scope: Namespaced
-  versions:
-  - additionalPrinterColumns:
-    - jsonPath: .status.gsm.state
-      name: Gsm State
-      type: string
-    - jsonPath: .status.gsm.services
-      name: Services
-      type: string
-    - jsonPath: .status.gsm.shards
-      name: shards
-      priority: 1
-      type: string
-    name: v4
-    schema:
-      openAPIV3Schema:
-        description: ShardingDatabase is the Schema for the shardingdatabases API
-        properties:
-          apiVersion:
-            description: 'APIVersion defines the versioned schema of this representation
-              of an object. Servers should convert recognized schemas to the latest
-              internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
-            type: string
-          kind:
-            description: 'Kind is a string value representing the REST resource this
-              object represents. Servers may infer this from the endpoint the client
-              submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
-            type: string
-          metadata:
-            type: object
-          spec:
-            description: ShardingDatabaseSpec defines the desired state of ShardingDatabase
-            properties:
-              InvitedNodeSubnet:
-                type: string
-              catalog:
-                items:
-                  description: CatalogSpec defines the desired state of CatalogSpec
-                  properties:
-                    envVars:
-                      items:
-                        description: EnvironmentVariable represents a named variable
-                          accessible for containers.
-                        properties:
-                          name:
-                            type: string
-                          value:
-                            type: string
-                        required:
-                        - name
-                        - value
-                        type: object
-                      type: array
-                    imagePullPolicy:
-                      description: PullPolicy describes a policy for if/when to pull
-                        a container image
-                      type: string
-                    isDelete:
-                      type: string
-                    label:
-                      type: string
-                    name:
-                      type: string
-                    nodeSelector:
-                      additionalProperties:
-                        type: string
-                      type: object
-                    pvAnnotations:
-                      additionalProperties:
-                        type: string
-                      type: object
-                    pvMatchLabels:
-                      additionalProperties:
-                        type: string
-                      type: object
-                    pvcName:
-                      type: string
-                    resources:
-                      description: ResourceRequirements describes the compute resource
-                        requirements.
-                      properties:
-                        claims:
-                          description: "Claims lists the names of resources, defined
-                            in spec.resourceClaims, that are used by this container.
-                            \n This is an alpha field and requires enabling the DynamicResourceAllocation
-                            feature gate. \n This field is immutable. It can only
-                            be set for containers."
-                          items:
-                            description: ResourceClaim references one entry in PodSpec.ResourceClaims.
-                            properties:
-                              name:
-                                description: Name must match the name of one entry
-                                  in pod.spec.resourceClaims of the Pod where this
-                                  field is used. It makes that resource available
-                                  inside a container.
-                                type: string
-                            required:
-                            - name
-                            type: object
-                          type: array
-                          x-kubernetes-list-map-keys:
-                          - name
-                          x-kubernetes-list-type: map
-                        limits:
-                          additionalProperties:
-                            anyOf:
-                            - type: integer
-                            - type: string
-                            pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
-                            x-kubernetes-int-or-string: true
-                          description: 'Limits describes the maximum amount of compute
-                            resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
-                          type: object
-                        requests:
-                          additionalProperties:
-                            anyOf:
-                            - type: integer
-                            - type: string
-                            pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
-                            x-kubernetes-int-or-string: true
-                          description: 'Requests describes the minimum amount of compute
-                            resources required. If Requests is omitted for a container,
-                            it defaults to Limits if that is explicitly specified,
-                            otherwise to an implementation-defined value. Requests
-                            cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
-                          type: object
-                      type: object
-                    storageSizeInGb:
-                      format: int32
-                      type: integer
-                  required:
-                  - name
-                  type: object
-                type: array
-              dbEdition:
-                type: string
-              dbImage:
-                type: string
-              dbImagePullSecret:
-                type: string
-              dbSecret:
-                description: Secret Details
-                properties:
-                  encryptionType:
-                    type: string
-                  keyFileMountLocation:
-                    type: string
-                  keyFileName:
-                    type: string
-                  keySecretName:
-                    type: string
-                  name:
-                    type: string
-                  nsConfigMap:
-                    type: string
-                  nsSecret:
-                    type: string
-                  pwdFileMountLocation:
-                    type: string
-                  pwdFileName:
-                    type: string
-                required:
-                - name
-                - pwdFileName
-                type: object
-              fssStorageClass:
-                type: string
-              gsm:
-                items:
-                  description: GsmSpec defines the desired state of GsmSpec
-                  properties:
-                    directorName:
-                      type: string
-                    envVars:
-                      description: Replicas         int32                        `json:"replicas,omitempty"`                                        //
-                        Gsm Replicas. If you set OraGsmPvcName then it is set default
-                        to 1.
-                      items:
-                        description: EnvironmentVariable represents a named variable
-                          accessible for containers.
-                        properties:
-                          name:
-                            type: string
-                          value:
-                            type: string
-                        required:
-                        - name
-                        - value
-                        type: object
-                      type: array
-                    imagePullPolicy:
-                      description: PullPolicy describes a policy for if/when to pull
-                        a container image
-                      type: string
-                    isDelete:
-                      type: string
-                    label:
-                      type: string
-                    name:
-                      type: string
-                    nodeSelector:
-                      additionalProperties:
-                        type: string
-                      type: object
-                    pvMatchLabels:
-                      additionalProperties:
-                        type: string
-                      type: object
-                    pvcName:
-                      type: string
-                    region:
-                      type: string
-                    resources:
-                      description: ResourceRequirements describes the compute resource
-                        requirements.
-                      properties:
-                        claims:
-                          description: "Claims lists the names of resources, defined
-                            in spec.resourceClaims, that are used by this container.
-                            \n This is an alpha field and requires enabling the DynamicResourceAllocation
-                            feature gate. \n This field is immutable. It can only
-                            be set for containers."
-                          items:
-                            description: ResourceClaim references one entry in PodSpec.ResourceClaims.
-                            properties:
-                              name:
-                                description: Name must match the name of one entry
-                                  in pod.spec.resourceClaims of the Pod where this
-                                  field is used. It makes that resource available
-                                  inside a container.
-                                type: string
-                            required:
-                            - name
-                            type: object
-                          type: array
-                          x-kubernetes-list-map-keys:
-                          - name
-                          x-kubernetes-list-type: map
-                        limits:
-                          additionalProperties:
-                            anyOf:
-                            - type: integer
-                            - type: string
-                            pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
-                            x-kubernetes-int-or-string: true
-                          description: 'Limits describes the maximum amount of compute
-                            resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
-                          type: object
-                        requests:
-                          additionalProperties:
-                            anyOf:
-                            - type: integer
-                            - type: string
-                            pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
-                            x-kubernetes-int-or-string: true
-                          description: 'Requests describes the minimum amount of compute
-                            resources required. If Requests is omitted for a container,
-                            it defaults to Limits if that is explicitly specified,
-                            otherwise to an implementation-defined value. Requests
-                            cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
-                          type: object
-                      type: object
-                    storageSizeInGb:
-                      format: int32
-                      type: integer
-                  required:
-                  - name
-                  type: object
-                type: array
-              gsmDevMode:
-                type: string
-              gsmImage:
-                type: string
-              gsmImagePullSecret:
-                type: string
-              gsmService:
-                items:
-                  description: Service Definition
-                  properties:
-                    available:
-                      type: string
-                    clbGoal:
-                      type: string
-                    commitOutcome:
-                      type: string
-                    drainTimeout:
-                      type: string
-                    dtp:
-                      type: string
-                    edition:
-                      type: string
-                    failoverDelay:
-                      type: string
-                    failoverMethod:
-                      type: string
-                    failoverPrimary:
-                      type: string
-                    failoverRestore:
-                      type: string
-                    failoverRetry:
-                      type: string
-                    failoverType:
-                      type: string
-                    gdsPool:
-                      type: string
-                    lag:
-                      type: integer
-                    locality:
-                      type: string
-                    name:
-                      type: string
-                    notification:
-                      type: string
-                    pdbName:
-                      type: string
-                    policy:
-                      type: string
-                    preferred:
-                      type: string
-                    prferredAll:
-                      type: string
-                    regionFailover:
-                      type: string
-                    retention:
-                      type: string
-                    role:
-                      type: string
-                    sessionState:
-                      type: string
-                    sqlTransactionProfile:
-                      type: string
-                    stopOption:
-                      type: string
-                    tableFamily:
-                      type: string
-                    tfaPolicy:
-                      type: string
-                  required:
-                  - name
-                  type: object
-                type: array
-              gsmShardGroup:
-                items:
-                  properties:
-                    deployAs:
-                      type: string
-                    name:
-                      type: string
-                    region:
-                      type: string
-                  required:
-                  - name
-                  type: object
-                type: array
-              gsmShardSpace:
-                items:
-                  description: ShardSpace Specs
-                  properties:
-                    chunks:
-                      type: integer
-                    name:
-                      type: string
-                    protectionMode:
-                      type: string
-                    shardGroup:
-                      type: string
-                  required:
-                  - name
-                  type: object
-                type: array
-              invitedNodeSubnetFlag:
-                type: string
-              isClone:
-                type: boolean
-              isDataGuard:
-                type: boolean
-              isDebug:
-                type: boolean
-              isDeleteOraPvc:
-                type: boolean
-              isDownloadScripts:
-                type: boolean
-              isExternalSvc:
-                type: boolean
-              isTdeWallet:
-                type: string
-              liveinessCheckPeriod:
-                type: integer
-              namespace:
-                type: string
-              portMappings:
-                items:
-                  description: PortMapping is a specification of port mapping for
-                    an application deployment.
-                  properties:
-                    port:
-                      format: int32
-                      type: integer
-                    protocol:
-                      default: TCP
-                      type: string
-                    targetPort:
-                      format: int32
-                      type: integer
-                  required:
-                  - port
-                  - protocol
-                  - targetPort
-                  type: object
-                type: array
-              readinessCheckPeriod:
-                type: integer
-              replicationType:
-                type: string
-              scriptsLocation:
-                type: string
-              shard:
-                description: 'INSERT ADDITIONAL SPEC FIELDS - desired state of cluster
-                  Important: Run "make" to regenerate code after modifying this file'
-                items:
-                  description: ShardSpec is a specification of Shards for an application
-                    deployment.
-                  properties:
-                    deployAs:
-                      type: string
-                    envVars:
-                      items:
-                        description: EnvironmentVariable represents a named variable
-                          accessible for containers.
-                        properties:
-                          name:
-                            type: string
-                          value:
-                            type: string
-                        required:
-                        - name
-                        - value
-                        type: object
-                      type: array
-                    imagePullPolicy:
-                      description: PullPolicy describes a policy for if/when to pull
-                        a container image
-                      type: string
-                    isDelete:
-                      enum:
-                      - enable
-                      - disable
-                      - failed
-                      - force
-                      type: string
-                    label:
-                      type: string
-                    name:
-                      type: string
-                    nodeSelector:
-                      additionalProperties:
-                        type: string
-                      type: object
-                    pvAnnotations:
-                      additionalProperties:
-                        type: string
-                      type: object
-                    pvMatchLabels:
-                      additionalProperties:
-                        type: string
-                      type: object
-                    pvcName:
-                      type: string
-                    resources:
-                      description: ResourceRequirements describes the compute resource
-                        requirements.
-                      properties:
-                        claims:
-                          description: "Claims lists the names of resources, defined
-                            in spec.resourceClaims, that are used by this container.
-                            \n This is an alpha field and requires enabling the DynamicResourceAllocation
-                            feature gate. \n This field is immutable. It can only
-                            be set for containers."
-                          items:
-                            description: ResourceClaim references one entry in PodSpec.ResourceClaims.
-                            properties:
-                              name:
-                                description: Name must match the name of one entry
-                                  in pod.spec.resourceClaims of the Pod where this
-                                  field is used. It makes that resource available
-                                  inside a container.
-                                type: string
-                            required:
-                            - name
-                            type: object
-                          type: array
-                          x-kubernetes-list-map-keys:
-                          - name
-                          x-kubernetes-list-type: map
-                        limits:
-                          additionalProperties:
-                            anyOf:
-                            - type: integer
-                            - type: string
-                            pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
-                            x-kubernetes-int-or-string: true
-                          description: 'Limits describes the maximum amount of compute
-                            resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
-                          type: object
-                        requests:
-                          additionalProperties:
-                            anyOf:
-                            - type: integer
-                            - type: string
-                            pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
-                            x-kubernetes-int-or-string: true
-                          description: 'Requests describes the minimum amount of compute
-                            resources required. If Requests is omitted for a container,
-                            it defaults to Limits if that is explicitly specified,
-                            otherwise to an implementation-defined value. Requests
-                            cannot exceed Limits. More info: https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/'
-                          type: object
-                      type: object
-                    shardGroup:
-                      type: string
-                    shardRegion:
-                      type: string
-                    shardSpace:
-                      type: string
-                    storageSizeInGb:
-                      format: int32
-                      type: integer
-                  required:
-                  - name
-                  type: object
-                type: array
-              shardBuddyRegion:
-                type: string
-              shardConfigName:
-                type: string
-              shardRegion:
-                items:
-                  type: string
-                type: array
-              shardingType:
-                type: string
-              stagePvcName:
-                type: string
-              storageClass:
-                type: string
-              tdeWalletPvc:
-                type: string
-              tdeWalletPvcMountLocation:
-                type: string
-            required:
-            - catalog
-            - dbImage
-            - gsm
-            - gsmImage
-            - shard
-            type: object
-          status:
-            description: To understand Metav1.Condition, please refer the link https://pkg.go.dev/k8s.io/apimachinery/pkg/apis/meta/v1
-              ShardingDatabaseStatus defines the observed state of ShardingDatabase
-            properties:
-              catalogs:
-                additionalProperties:
-                  type: string
-                type: object
-              conditions:
-                items:
-                  description: "Condition contains details for one aspect of the current
-                    state of this API Resource. --- This struct is intended for direct
-                    use as an array at the field path .status.conditions.  For example,
-                    \n \ttype FooStatus struct{ \t    // Represents the observations
-                    of a foo's current state. \t    // Known .status.conditions.type
-                    are: \"Available\", \"Progressing\", and \"Degraded\" \t    //
-                    +patchMergeKey=type \t    // +patchStrategy=merge \t    // +listType=map
-                    \t    // +listMapKey=type \t    Conditions []metav1.Condition
-                    `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\"
-                    protobuf:\"bytes,1,rep,name=conditions\"` \n \t    // other fields
-                    \t}"
-                  properties:
-                    lastTransitionTime:
-                      description: lastTransitionTime is the last time the condition
-                        transitioned from one status to another. This should be when
-                        the underlying condition changed.  If that is not known, then
-                        using the time when the API field changed is acceptable.
-                      format: date-time
-                      type: string
-                    message:
-                      description: message is a human readable message indicating
-                        details about the transition. This may be an empty string.
-                      maxLength: 32768
-                      type: string
-                    observedGeneration:
-                      description: observedGeneration represents the .metadata.generation
-                        that the condition was set based upon. For instance, if .metadata.generation
-                        is currently 12, but the .status.conditions[x].observedGeneration
-                        is 9, the condition is out of date with respect to the current
-                        state of the instance.
-                      format: int64
-                      minimum: 0
-                      type: integer
-                    reason:
-                      description: reason contains a programmatic identifier indicating
-                        the reason for the condition's last transition. Producers
-                        of specific condition types may define expected values and
-                        meanings for this field, and whether the values are considered
-                        a guaranteed API. The value should be a CamelCase string.
-                        This field may not be empty.
-                      maxLength: 1024
-                      minLength: 1
-                      pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$
-                      type: string
-                    status:
-                      description: status of the condition, one of True, False, Unknown.
-                      enum:
-                      - "True"
-                      - "False"
-                      - Unknown
-                      type: string
-                    type:
-                      description: type of condition in CamelCase or in foo.example.com/CamelCase.
-                        --- Many .condition.type values are consistent across resources
-                        like Available, but because arbitrary conditions can be useful
-                        (see .node.status.conditions), the ability to deconflict is
-                        important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt)
-                      maxLength: 316
-                      pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$
-                      type: string
-                  required:
-                  - lastTransitionTime
-                  - message
-                  - reason
-                  - status
-                  - type
-                  type: object
-                type: array
-                x-kubernetes-list-map-keys:
-                - type
-                x-kubernetes-list-type: map
-              gsm:
-                properties:
-                  details:
-                    additionalProperties:
-                      type: string
-                    type: object
-                  externalConnectStr:
-                    type: string
-                  internalConnectStr:
-                    type: string
-                  services:
-                    type: string
-                  shards:
-                    additionalProperties:
-                      type: string
-                    type: object
-                  state:
-                    type: string
-                type: object
-              shards:
-                additionalProperties:
-                  type: string
-                type: object
-            type: object
-        type: object
-    served: true
-    storage: true
-    subresources:
-      status: {}
-status:
-  acceptedNames:
-    kind: ""
-    plural: ""
-  conditions: []
-  storedVersions: []
diff --git a/config/database.oracle.com_singleinstancedatabases.yaml b/config/database.oracle.com_singleinstancedatabases.yaml
deleted file mode 100644
index 1c011e17..00000000
--- a/config/database.oracle.com_singleinstancedatabases.yaml
+++ /dev/null
@@ -1,421 +0,0 @@
-
----
-apiVersion: apiextensions.k8s.io/v1
-kind: CustomResourceDefinition
-metadata:
-  annotations:
-    controller-gen.kubebuilder.io/version: v0.6.1
-  creationTimestamp: null
-  name: singleinstancedatabases.database.oracle.com
-spec:
-  group: database.oracle.com
-  names:
-    kind: SingleInstanceDatabase
-    listKind: SingleInstanceDatabaseList
-    plural: singleinstancedatabases
-    singular: singleinstancedatabase
-  scope: Namespaced
-  versions:
-  - additionalPrinterColumns:
-    - jsonPath: .status.edition
-      name: Edition
-      type: string
-    - jsonPath: .status.sid
-      name: Sid
-      priority: 1
-      type: string
-    - jsonPath: .status.status
-      name: Status
-      type: string
-    - jsonPath: .status.role
-      name: Role
-      type: string
-    - jsonPath: .status.releaseUpdate
-      name: Version
-      type: string
-    - jsonPath: .status.connectString
-      name: Connect Str
-      type: string
-    - jsonPath: .status.pdbConnectString
-      name: Pdb Connect Str
-      priority: 1
-      type: string
-    - jsonPath: .status.tcpsConnectString
-      name: TCPS Connect Str
-      type: string
-    - jsonPath: .status.tcpsPdbConnectString
-      name: TCPS Pdb Connect Str
-      priority: 1
-      type: string
-    - jsonPath: .status.oemExpressUrl
-      name: Oem Express Url
-      type: string
-    name: v1alpha1
-    schema:
-      openAPIV3Schema:
-        description: SingleInstanceDatabase is the Schema for the singleinstancedatabases
-          API
-        properties:
-          apiVersion:
-            description: 'APIVersion defines the versioned schema of this representation
-              of an object. Servers should convert recognized schemas to the latest
-              internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
-            type: string
-          kind:
-            description: 'Kind is a string value representing the REST resource this
-              object represents. Servers may infer this from the endpoint the client
-              submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
-            type: string
-          metadata:
-            type: object
-          spec:
-            description: SingleInstanceDatabaseSpec defines the desired state of SingleInstanceDatabase
-            properties:
-              adminPassword:
-                description: SingleInsatnceAdminPassword defines the secret containing
-                  Admin Password mapped to secretKey for Database
-                properties:
-                  keepSecret:
-                    type: boolean
-                  secretKey:
-                    default: oracle_pwd
-                    type: string
-                  secretName:
-                    type: string
-                required:
-                - secretName
-                type: object
-              archiveLog:
-                type: boolean
-              charset:
-                type: string
-              createAs:
-                enum:
-                - primary
-                - standby
-                - clone
-                type: string
-              dgBrokerConfigured:
-                type: boolean
-              edition:
-                enum:
-                - standard
-                - enterprise
-                - express
-                - free
-                type: string
-              enableTCPS:
-                type: boolean
-              flashBack:
-                type: boolean
-              forceLog:
-                type: boolean
-              image:
-                description: SingleInstanceDatabaseImage defines the Image source
-                  and pullSecrets for POD
-                properties:
-                  prebuiltDB:
-                    type: boolean
-                  pullFrom:
-                    type: string
-                  pullSecrets:
-                    type: string
-                  version:
-                    type: string
-                required:
-                - pullFrom
-                type: object
-              initParams:
-                description: SingleInstanceDatabaseInitParams defines the Init Parameters
-                properties:
-                  cpuCount:
-                    type: integer
-                  pgaAggregateTarget:
-                    type: integer
-                  processes:
-                    type: integer
-                  sgaTarget:
-                    type: integer
-                type: object
-              listenerPort:
-                type: integer
-              loadBalancer:
-                type: boolean
-              nodeSelector:
-                additionalProperties:
-                  type: string
-                type: object
-              pdbName:
-                type: string
-              persistence:
-                description: SingleInstanceDatabasePersistence defines the storage
-                  size and class for PVC
-                properties:
-                  accessMode:
-                    enum:
-                    - ReadWriteOnce
-                    - ReadWriteMany
-                    type: string
-                  datafilesVolumeName:
-                    type: string
-                  scriptsVolumeName:
-                    type: string
-                  setWritePermissions:
-                    type: boolean
-                  size:
-                    type: string
-                  storageClass:
-                    type: string
-                  volumeClaimAnnotation:
-                    type: string
-                type: object
-              primaryDatabaseRef:
-                type: string
-              readinessCheckPeriod:
-                type: integer
-              replicas:
-                type: integer
-              resources:
-                properties:
-                  limits:
-                    properties:
-                      cpu:
-                        type: string
-                      memory:
-                        type: string
-                    type: object
-                  requests:
-                    properties:
-                      cpu:
-                        type: string
-                      memory:
-                        type: string
-                    type: object
-                type: object
-              serviceAccountName:
-                type: string
-              serviceAnnotations:
-                additionalProperties:
-                  type: string
-                type: object
-              sid:
-                description: SID must be alphanumeric (no special characters, only
-                  a-z, A-Z, 0-9), and no longer than 12 characters.
-                maxLength: 12
-                pattern: ^[a-zA-Z0-9]+$
-                type: string
-              tcpsCertRenewInterval:
-                type: string
-              tcpsListenerPort:
-                type: integer
-              tcpsTlsSecret:
-                type: string
-            required:
-            - image
-            type: object
-          status:
-            description: SingleInstanceDatabaseStatus defines the observed state of
-              SingleInstanceDatabase
-            properties:
-              apexInstalled:
-                type: boolean
-              archiveLog:
-                type: string
-              certCreationTimestamp:
-                type: string
-              certRenewInterval:
-                type: string
-              charset:
-                type: string
-              clientWalletLoc:
-                type: string
-              clusterConnectString:
-                type: string
-              conditions:
-                items:
-                  description: "Condition contains details for one aspect of the current
-                    state of this API Resource. --- This struct is intended for direct
-                    use as an array at the field path .status.conditions.  For example,
-                    \n \ttype FooStatus struct{ \t    // Represents the observations
-                    of a foo's current state. \t    // Known .status.conditions.type
-                    are: \"Available\", \"Progressing\", and \"Degraded\" \t    //
-                    +patchMergeKey=type \t    // +patchStrategy=merge \t    // +listType=map
-                    \t    // +listMapKey=type \t    Conditions []metav1.Condition
-                    `json:\"conditions,omitempty\" patchStrategy:\"merge\" patchMergeKey:\"type\"
-                    protobuf:\"bytes,1,rep,name=conditions\"` \n \t    // other fields
-                    \t}"
-                  properties:
-                    lastTransitionTime:
-                      description: lastTransitionTime is the last time the condition
-                        transitioned from one status to another. This should be when
-                        the underlying condition changed.  If that is not known, then
-                        using the time when the API field changed is acceptable.
-                      format: date-time
-                      type: string
-                    message:
-                      description: message is a human readable message indicating
-                        details about the transition. This may be an empty string.
-                      maxLength: 32768
-                      type: string
-                    observedGeneration:
-                      description: observedGeneration represents the .metadata.generation
-                        that the condition was set based upon. For instance, if .metadata.generation
-                        is currently 12, but the .status.conditions[x].observedGeneration
-                        is 9, the condition is out of date with respect to the current
-                        state of the instance.
-                      format: int64
-                      minimum: 0
-                      type: integer
-                    reason:
-                      description: reason contains a programmatic identifier indicating
-                        the reason for the condition's last transition. Producers
-                        of specific condition types may define expected values and
-                        meanings for this field, and whether the values are considered
-                        a guaranteed API. The value should be a CamelCase string.
-                        This field may not be empty.
-                      maxLength: 1024
-                      minLength: 1
-                      pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$
-                      type: string
-                    status:
-                      description: status of the condition, one of True, False, Unknown.
-                      enum:
-                      - "True"
-                      - "False"
-                      - Unknown
-                      type: string
-                    type:
-                      description: type of condition in CamelCase or in foo.example.com/CamelCase.
-                        --- Many .condition.type values are consistent across resources
-                        like Available, but because arbitrary conditions can be useful
-                        (see .node.status.conditions), the ability to deconflict is
-                        important. The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt)
-                      maxLength: 316
-                      pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$
-                      type: string
-                  required:
-                  - lastTransitionTime
-                  - message
-                  - reason
-                  - status
-                  - type
-                  type: object
-                type: array
-                x-kubernetes-list-map-keys:
-                - type
-                x-kubernetes-list-type: map
-              connectString:
-                type: string
-              createdAs:
-                type: string
-              datafilesCreated:
-                default: "false"
-                type: string
-              datafilesPatched:
-                default: "false"
-                type: string
-              dgBrokerConfigured:
-                type: boolean
-              edition:
-                type: string
-              flashBack:
-                type: string
-              forceLog:
-                type: string
-              initParams:
-                description: SingleInstanceDatabaseInitParams defines the Init Parameters
-                properties:
-                  cpuCount:
-                    type: integer
-                  pgaAggregateTarget:
-                    type: integer
-                  processes:
-                    type: integer
-                  sgaTarget:
-                    type: integer
-                type: object
-              initPgaSize:
-                type: integer
-              initSgaSize:
-                type: integer
-              isTcpsEnabled:
-                default: false
-                type: boolean
-              nodes:
-                items:
-                  type: string
-                type: array
-              oemExpressUrl:
-                type: string
-              ordsReference:
-                type: string
-              pdbConnectString:
-                type: string
-              pdbName:
-                type: string
-              persistence:
-                description: SingleInstanceDatabasePersistence defines the storage
-                  size and class for PVC
-                properties:
-                  accessMode:
-                    enum:
-                    - ReadWriteOnce
-                    - ReadWriteMany
-                    type: string
-                  datafilesVolumeName:
-                    type: string
-                  scriptsVolumeName:
-                    type: string
-                  setWritePermissions:
-                    type: boolean
-                  size:
-                    type: string
-                  storageClass:
-                    type: string
-                  volumeClaimAnnotation:
-                    type: string
-                type: object
-              prebuiltDB:
-                type: boolean
-              primaryDatabase:
-                type: string
-              releaseUpdate:
-                type: string
-              replicas:
-                type: integer
-              role:
-                type: string
-              sid:
-                type: string
-              standbyDatabases:
-                additionalProperties:
-                  type: string
-                type: object
-              status:
-                type: string
-              tcpsConnectString:
-                type: string
-              tcpsPdbConnectString:
-                type: string
-              tcpsTlsSecret:
-                default: ""
-                type: string
-            required:
-            - isTcpsEnabled
-            - persistence
-            - tcpsTlsSecret
-            type: object
-        type: object
-    served: true
-    storage: true
-    subresources:
-      scale:
-        specReplicasPath: .spec.replicas
-        statusReplicasPath: .status.replicas
-      status: {}
-status:
-  acceptedNames:
-    kind: ""
-    plural: ""
-  conditions: []
-  storedVersions: []
diff --git a/config/default/kustomization.yaml b/config/default/kustomization.yaml
index d41001b0..f2bd4689 100644
--- a/config/default/kustomization.yaml
+++ b/config/default/kustomization.yaml
@@ -17,59 +17,125 @@ namePrefix: oracle-database-operator-
 #commonLabels:
 #  someName: someValue
 
-bases:
+resources:
 - ../crd
 - ../rbac
 - ../manager
-# [WEBHOOK] To enable webhook, uncomment all the sections with [WEBHOOK] prefix including the one in
-# crd/kustomization.yaml
 - ../webhook
-# [CERTMANAGER] To enable cert-manager, uncomment all sections with 'CERTMANAGER'. 'WEBHOOK' components are required.
 - ../certmanager
 # [PROMETHEUS] To enable prometheus monitor, uncomment all sections with 'PROMETHEUS'.
 #- ../prometheus
 
-patchesStrategicMerge:
   # Protect the /metrics endpoint by putting it behind auth.
   # If you want your controller-manager to expose the /metrics
   # endpoint w/o any authn/z, please comment the following line.
 #- manager_auth_proxy_patch.yaml
 
+patches:
 # [WEBHOOK] To enable webhook, uncomment all the sections with [WEBHOOK] prefix including the one in
 # crd/kustomization.yaml
-- manager_webhook_patch.yaml
-
+- path: manager_webhook_patch.yaml
 # [CERTMANAGER] To enable cert-manager, uncomment all sections with 'CERTMANAGER'.
 # Uncomment 'CERTMANAGER' sections in crd/kustomization.yaml to enable the CA injection in the admission webhooks.
 # 'CERTMANAGER' needs to be enabled to use ca injection
-- webhookcainjection_patch.yaml
+- path: webhookcainjection_patch.yaml
 
-# the following config is for teaching kustomize how to do var substitution
-vars:
 # [CERTMANAGER] To enable cert-manager, uncomment all sections with 'CERTMANAGER' prefix.
-- name: CERTIFICATE_NAMESPACE # namespace of the certificate CR
-  objref:
-    kind: Certificate
-    group: cert-manager.io
-    version: v1
-    name: serving-cert # this name should match the one in certificate.yaml
-  fieldref:
-    fieldpath: metadata.namespace
-- name: CERTIFICATE_NAME
-  objref:
-    kind: Certificate
-    group: cert-manager.io
-    version: v1
-    name: serving-cert # this name should match the one in certificate.yaml
-- name: SERVICE_NAMESPACE # namespace of the service
-  objref:
-    kind: Service
-    version: v1
-    name: webhook-service
-  fieldref:
-    fieldpath: metadata.namespace
-- name: SERVICE_NAME
-  objref:
-    kind: Service
-    version: v1
-    name: webhook-service
+# Uncomment the following replacements to add the cert-manager CA injection annotations
+replacements:
+ - source: # Add cert-manager annotation to ValidatingWebhookConfiguration, MutatingWebhookConfiguration and CRDs
+     kind: Certificate
+     group: cert-manager.io
+     version: v1
+     name: serving-cert # this name should match the one in certificate.yaml
+     fieldPath: .metadata.namespace # namespace of the certificate CR
+   targets:
+     - select:
+         kind: ValidatingWebhookConfiguration
+       fieldPaths:
+         - .metadata.annotations.[cert-manager.io/inject-ca-from]
+       options:
+         delimiter: '/'
+         index: 0
+         create: true
+     - select:
+         kind: MutatingWebhookConfiguration
+       fieldPaths:
+         - .metadata.annotations.[cert-manager.io/inject-ca-from]
+       options:
+         delimiter: '/'
+         index: 0
+         create: true
+     - select:
+         kind: CustomResourceDefinition
+       fieldPaths:
+         - .metadata.annotations.[cert-manager.io/inject-ca-from]
+       options:
+         delimiter: '/'
+         index: 0
+         create: true
+ - source:
+     kind: Certificate
+     group: cert-manager.io
+     version: v1
+     name: serving-cert # this name should match the one in certificate.yaml
+     fieldPath: .metadata.name
+   targets:
+     - select:
+         kind: ValidatingWebhookConfiguration
+       fieldPaths:
+         - .metadata.annotations.[cert-manager.io/inject-ca-from]
+       options:
+         delimiter: '/'
+         index: 1
+         create: true
+     - select:
+         kind: MutatingWebhookConfiguration
+       fieldPaths:
+         - .metadata.annotations.[cert-manager.io/inject-ca-from]
+       options:
+         delimiter: '/'
+         index: 1
+         create: true
+     - select:
+         kind: CustomResourceDefinition
+       fieldPaths:
+         - .metadata.annotations.[cert-manager.io/inject-ca-from]
+       options:
+         delimiter: '/'
+         index: 1
+         create: true
+ - source: # Add cert-manager annotation to the webhook Service
+     kind: Service
+     version: v1
+     name: webhook-service
+     fieldPath: .metadata.name # namespace of the service
+   targets:
+     - select:
+         kind: Certificate
+         group: cert-manager.io
+         version: v1
+       fieldPaths:
+         - .spec.dnsNames.0
+         - .spec.dnsNames.1
+       options:
+         delimiter: '.'
+         index: 0
+         create: true
+ - source:
+     kind: Service
+     version: v1
+     name: webhook-service
+     fieldPath: .metadata.namespace # namespace of the service
+   targets:
+     - select:
+         kind: Certificate
+         group: cert-manager.io
+         version: v1
+       fieldPaths:
+         - .spec.dnsNames.0
+         - .spec.dnsNames.1
+       options:
+         delimiter: '.'
+         index: 1
+         create: true
diff --git a/config/default/webhookcainjection_patch.yaml b/config/default/webhookcainjection_patch.yaml
index c6b7ea34..63ef5ff6 100644
--- a/config/default/webhookcainjection_patch.yaml
+++ b/config/default/webhookcainjection_patch.yaml
@@ -4,17 +4,17 @@
 #
 
 # This patch add annotation to admission webhook config and
-# the variables $(CERTIFICATE_NAMESPACE) and $(CERTIFICATE_NAME) will be substituted by kustomize.
+# the variables CERTIFICATE_NAMESPACE_PLACEHOLDER and CERTIFICATE_NAME_PLACEHOLDER will be substituted by kustomize.
 apiVersion: admissionregistration.k8s.io/v1
 kind: MutatingWebhookConfiguration
 metadata:
   name: mutating-webhook-configuration
   annotations:
-    cert-manager.io/inject-ca-from: $(CERTIFICATE_NAMESPACE)/$(CERTIFICATE_NAME)
+    cert-manager.io/inject-ca-from: CERTIFICATE_NAMESPACE_PLACEHOLDER/CERTIFICATE_NAME_PLACEHOLDER
 ---
 apiVersion: admissionregistration.k8s.io/v1
 kind: ValidatingWebhookConfiguration
 metadata:
   name: validating-webhook-configuration
   annotations:
-    cert-manager.io/inject-ca-from: $(CERTIFICATE_NAMESPACE)/$(CERTIFICATE_NAME)
+    cert-manager.io/inject-ca-from: CERTIFICATE_NAMESPACE_PLACEHOLDER/CERTIFICATE_NAME_PLACEHOLDER
diff --git a/config/manager/kustomization.yaml b/config/manager/kustomization.yaml
index 7a52fb17..6173a20a 100644
--- a/config/manager/kustomization.yaml
+++ b/config/manager/kustomization.yaml
@@ -8,5 +8,5 @@ apiVersion: kustomize.config.k8s.io/v1beta1
 kind: Kustomization
 images:
 - name: controller
-  newName: container-registry.oracle.com/database/operator
-  newTag: 1.2.0
+  newName: phx.ocir.io/intsanjaysingh/db-repo/oracle/database
+  newTag: orestart-operator-sa
diff --git a/config/manifests/bases/oracle-database-operator.clusterserviceversion.yaml b/config/manifests/bases/oracle-database-operator.clusterserviceversion.yaml
index 933a2bfa..79cb8430 100644
--- a/config/manifests/bases/oracle-database-operator.clusterserviceversion.yaml
+++ b/config/manifests/bases/oracle-database-operator.clusterserviceversion.yaml
@@ -4,47 +4,82 @@ metadata:
   annotations:
     alm-examples: '[]'
     capabilities: Seamless Upgrades
-    operators.operatorframework.io/builder: operator-sdk-v1.2.0
-    operators.operatorframework.io/project_layout: go.kubebuilder.io/v2
-  name: oracle-database-operator.v1.1.0
+    categories: Database
+    containerImage: container-registry.oracle.com/database/operator:2.0
+    operators.operatorframework.io/builder: operator-sdk-v1.39.2
+    operators.operatorframework.io/project_layout: go.kubebuilder.io/v4
+  name: oracle-database-operator.v2.0
   namespace: oracle-database-operator-system
 spec:
   apiservicedefinitions: {}
   customresourcedefinitions:
     owned:
-    - description: DbcsSystem is the Schema for the dbcssystems API
-      displayName: Dbcs System
-      kind: DbcsSystem
-      name: DbcsSystem.database.oracle.com
-      version: v4
     - description: AutonomousContainerDatabase is the Schema for the autonomouscontainerdatabases
         API
       displayName: Autonomous Container Database
       kind: AutonomousContainerDatabase
       name: autonomouscontainerdatabases.database.oracle.com
       version: v1alpha1
+    - description: AutonomousContainerDatabase is the Schema for the autonomouscontainerdatabases
+        API
+      displayName: Autonomous Container Database
+      kind: AutonomousContainerDatabase
+      name: autonomouscontainerdatabases.database.oracle.com
+      version: v4
     - description: AutonomousDatabaseBackup is the Schema for the autonomousdatabasebackups
         API
       displayName: Autonomous Database Backup
       kind: AutonomousDatabaseBackup
       name: autonomousdatabasebackups.database.oracle.com
       version: v1alpha1
+    - description: AutonomousDatabaseBackup is the Schema for the autonomousdatabasebackups
+        API
+      displayName: Autonomous Database Backup
+      kind: AutonomousDatabaseBackup
+      name: autonomousdatabasebackups.database.oracle.com
+      version: v4
     - description: AutonomousDatabaseRestore is the Schema for the autonomousdatabaserestores
         API
       displayName: Autonomous Database Restore
       kind: AutonomousDatabaseRestore
       name: autonomousdatabaserestores.database.oracle.com
       version: v1alpha1
+    - description: AutonomousDatabaseRestore is the Schema for the autonomousdatabaserestores
+        API
+      displayName: Autonomous Database Restore
+      kind: AutonomousDatabaseRestore
+      name: autonomousdatabaserestores.database.oracle.com
+      version: v4
     - description: AutonomousDatabase is the Schema for the autonomousdatabases API
       displayName: Autonomous Database
       kind: AutonomousDatabase
       name: autonomousdatabases.database.oracle.com
       version: v1alpha1
+    - description: AutonomousDatabase is the Schema for the autonomousdatabases API
+      displayName: Autonomous Database
+      kind: AutonomousDatabase
+      name: autonomousdatabases.database.oracle.com
+      version: v4
     - description: CDB is the Schema for the cdbs API
       displayName: CDB
       kind: CDB
       name: cdbs.database.oracle.com
       version: v1alpha1
+    - description: CDB is the Schema for the cdbs API
+      displayName: CDB
+      kind: CDB
+      name: cdbs.database.oracle.com
+      version: v4
+    - description: DatabaseObserver is the Schema for the databaseobservers API
+      displayName: Database Observer
+      kind: DatabaseObserver
+      name: databaseobservers.observability.oracle.com
+      version: v4
+    - description: DatabaseObserver is the Schema for the databaseobservers API
+      displayName: Database Observer
+      kind: DatabaseObserver
+      name: databaseobservers.observability.oracle.com
+      version: v1
     - description: DatabaseObserver is the Schema for the databaseobservers API
       displayName: Database Observer
       kind: DatabaseObserver
@@ -54,22 +89,85 @@ spec:
       displayName: Dataguard Broker
       kind: DataguardBroker
       name: dataguardbrokers.database.oracle.com
+      version: v4
+    - description: DataguardBroker is the Schema for the dataguardbrokers API
+      displayName: Dataguard Broker
+      kind: DataguardBroker
+      name: dataguardbrokers.database.oracle.com
+      version: v1alpha1
+    - description: DbcsSystem is the Schema for the dbcssystems API
+      displayName: Dbcs System
+      kind: DbcsSystem
+      name: dbcssystems.database.oracle.com
+      version: v4
+    - description: DbcsSystem is the Schema for the dbcssystems API
+      displayName: Dbcs System
+      kind: DbcsSystem
+      name: dbcssystems.database.oracle.com
       version: v1alpha1
+    - description: LREST is the Schema for the lrests API
+      displayName: LREST
+      kind: LREST
+      name: lrests.database.oracle.com
+      version: v4
+    - description: LRPDB is the Schema for the pdbs API
+      displayName: LRPDB
+      kind: LRPDB
+      name: lrpdbs.database.oracle.com
+      version: v4
+    - description: OracleRestDataService is the Schema for the oraclerestdataservices
+        API
+      displayName: Oracle Rest Data Service
+      kind: OracleRestDataService
+      name: oraclerestdataservices.database.oracle.com
+      version: v4
     - description: OracleRestDataService is the Schema for the oraclerestdataservices
         API
       displayName: Oracle Rest Data Service
       kind: OracleRestDataService
       name: oraclerestdataservices.database.oracle.com
       version: v1alpha1
+    - description: OrdsSrvs is the Schema for the ordssrvs API
+      displayName: Ords Srvs
+      kind: OrdsSrvs
+      name: ordssrvs.database.oracle.com
+      statusDescriptors:
+      - displayName: Conditions
+        path: conditions
+      version: v1alpha1
+    - description: OrdsSrvs is the Schema for the ordssrvs API
+      displayName: Ords Srvs
+      kind: OrdsSrvs
+      name: ordssrvs.database.oracle.com
+      statusDescriptors:
+      - displayName: Conditions
+        path: conditions
+      version: v4
     - description: PDB is the Schema for the pdbs API
       displayName: PDB
       kind: PDB
       name: pdbs.database.oracle.com
       version: v1alpha1
+    - description: PDB is the Schema for the pdbs API
+      displayName: PDB
+      kind: PDB
+      name: pdbs.database.oracle.com
+      version: v4
+    - description: ShardingDatabase is the Schema for the shardingdatabases API
+      displayName: Sharding Database
+      kind: ShardingDatabase
+      name: shardingdatabases.database.oracle.com
+      version: v4
     - description: ShardingDatabase is the Schema for the shardingdatabases API
       displayName: Sharding Database
       kind: ShardingDatabase
       name: shardingdatabases.database.oracle.com
+      version: v1alpha1
+    - description: SingleInstanceDatabase is the Schema for the singleinstancedatabases
+        API
+      displayName: Single Instance Database
+      kind: SingleInstanceDatabase
+      name: singleinstancedatabases.database.oracle.com
       version: v4
     - description: SingleInstanceDatabase is the Schema for the singleinstancedatabases
         API
@@ -79,22 +177,28 @@ spec:
       version: v1alpha1
   description: |
     As part of Oracle's resolution to make Oracle Database Kubernetes native (that is, observable and operable by Kubernetes), Oracle released Oracle Database Operator for Kubernetes (OraOperator or the operator). OraOperator extends the Kubernetes API with custom resources and controllers for automating Oracle Database lifecycle management.
-    In this v1.1.0 production release, OraOperator supports the following database configurations and infrastructure:
-    ## Oracle Autonomous Database:
-    * Oracle Autonomous Database shared Oracle Cloud Infrastructure (OCI) (ADB-S)
-    * Oracle Autonomous Database on dedicated Cloud infrastructure (ADB-D)
-    * Oracle Autonomous Container Database (ACD) (infrastructure) is the infrastructure for provisioning Autonomous Databases.
-    * Containerized Single Instance databases (SIDB) deployed in the Oracle Kubernetes Engine (OKE) and any k8s where OraOperator is deployed
-    * Containerized Sharded databases (SHARDED) deployed in OKE and any k8s where OraOperator is deployed
-    * Oracle Multitenant Databases (CDB/PDBs)
-    * Oracle Base Database Cloud Service (BDBCS)
-    * Oracle Data Guard (Preview status)
-    * Oracle Database Observability (Preview status)
-    * Oracle will continue to extend OraOperator to support additional Oracle Database configurations.
+    In this v1.2.0 production release, OraOperator supports the following database configurations and infrastructure:
+    ##Supported Database Configurations:
+    * Oracle Cloud Infrastructure (OCI) Databases
+      * Oracle Autonomous Database Serverless (ADB-S)
+      * Oracle Autonomous Database on Dedicated on (ADB-D)
+      * Oracle Base Database Cloud Service (Base DB)
+    * Containerized Database deployments on Kubernetes
+      * Oracle Kubernetes Engine (OKE) and Oracle Cloud Native Environments (OCNE)
+        * Single Instance databases (SIDB)
+        * Globally Distributed Databases (Shared)
+        * Oracle Data Guard
+        * True Cache (Preview release)
+        * Oracle Database Observability
+    * On-Premises Databases
+      * Oracle Multitenant Databases (CDB/PDBs management)
+      * ORDS Services
+
+    Refer to full feature list and capabilities: [https://github.com/oracle/oracle-database-operator/blob/main/README.md](https://github.com/oracle/oracle-database-operator/blob/main/README.md)
   displayName: Oracle Database Operator
   icon:
   - base64data: iVBORw0KGgoAAAANSUhEUgAAALQAAAC0CAYAAAA9zQYyAAAABGdBTUEAALGPC/xhBQAAACBjSFJNAAB6JgAAgIQAAPoAAACA6AAAdTAAAOpgAAA6mAAAF3CculE8AAAABmJLR0QAAAAAAAD5Q7t/AAAJjUlEQVR42u3cfcwcRQHH8S9PH0BokZfCVBgpOgjyFjRoQIQQkLeA0PLWqgQMFDVgja9AChIKKCEKSgQEQVsQJGKxtNCAvAi2vJiCqAQMUpQRMKM4vFiCQEUo/jH7kOt19m7vbveK8fdJLukzMzuzczc7OzszWxAREREREREREREREREREREREREREREREREREREREREREREREREREREREREREREREREREREREREREREREREREREREREREREREREREREREREREREREREREREREREREREREREREREREREREREREZH/X2tVSRStmwi8B5gErN1nWS8DAVhmgl9ZsdwpVc+xoteKc/iTCf7VujKN1o0A+xef5cDPTfCP1XjeY+VsAWwFTATGDZjdPSb4F6J1U9sjTPA31n3uXeq1MfBe4F30376ADo0lWjcBOAa4EHhHzXW4FzgDuNsE/2aHc3gJmFBz2WMuBc4ywT87SCbRunWAB4APtEV92gR/zaAnGa2bBJwInFVz/SeY4F+O1q32/Zvg6+xEyuq1PnA08F1gg7ryHSkpbDrwEnAZ9TdmgD2BxcDj0bptG8i/is8DMVq394D5zGb1xgxwdbRum34zjdaNi9adAjxD/Y15PxP8yzXn2UvdDiPdsX9IjY0ZOHOVKzFaNw64Apgx5DoelrvNNdxDt9rDBP/rXg+K1u0EPNIhyWPADp3uQiX5bggsIX+hDOp6E/z0lrKG1kMXQ7OLgJkNZL8SWO+tHjpatxbwM4bfmAEWRuuOWAPljrmvGGJVVlz8d3ZJth1wXI/5jgeW0UxjhnRnGrqifV1FM40ZYDcT/GujLQGnAUd2OGAu6Qd8oY/CxgGTgWOB3UvSzI/W7WiCf7RLXgcNUOnJwOUlcScCF/SQ10mAqZBubrTuVhP837sljNZB6lQmdUh2AbCUdMvu1Ssm+Of6OK4OXyb9/mV+DNxOf+0LE/yDUDwURuu2A/5YknYWcLEJ/pU6ahWt2wq4FtgjE/08YMZmQUqGHHua4O8boPx1gNuAvTPRI1WGB0UdnsxEPQzsnAm/HTjQBN8t36nAwpLoTwDzTfBv9Fv3kjIbH3JE6xzwREn0bOA7dY3px4Ycl5bEH2CC/1ZdjRnABP8UsBfwg0z0RODgusoqKf810uxNzsbdjm/pRXOOIP1A7Q4ADu2S7yjljXl7E/y8uhvzEF1YEj7FBH9OnQ+oI9G6zYF9MnEzTfB3NFG7ogf+ApDrsr7XRJlt/lYSvmGFY6cDu2XCZ5ngnwC+XXLcTcXDXpmyodheTcxpD0u0bjNgSibqZBP8orrLGyH1HjlXNFnRorc5KhPlioWcJo2WhL/e6aBo3abke+eVFL2QCX4F+eEMpDnXMsdnwu4ywd/T8HfRtLLv4pImChsFDsmEn2aCf73XzPrwUEn4+4Gep9F68LGS8G4PTN8vCf9oMZQBwAS/JFp3PTCtLd2MaN3ckmeAXIP+ZoPfwbCUDSFXFMO3Om03QlrkaLd4GDUtHsByPd7WTZUZrdsLuDUTdX+n5fBo3b6k4Ua7K0zw92fCy6an7o3WVV2seqRiurez3QfPopI5Jvhlo+SniPqaOunT05mwjmPZaN2WwKPAmy0fOvw99u/NOmR7aofyxgO/7OU4E/yz0brjSHOv7c4oPt3U9jC+Bk0aPItKvgZpDJ27zVZ5OKrLFpmwlzodYIL/K2k+egPgncX5bghsRJqp2KT4TAQ2LT6dGvONJvi7O8R/oyR8qgn+xQ7HXUP+wffrxSpjN+v195W+rQxj3vuQsd9hhDRJ326P3vLrTzGGOjoT9Zdux5rg7yWtxA3qsZJzGDvHXYCvZKIWAzd1OceVlE/X3VmsNnayfQ31W9MeaDj/W0zwN4/9MQosYvUv/YJo3UVVt3kOYAfyO/4qTVOZ4JcVu9EeAjbvo/xLSNNH/85FRuvWBsp67guBKRUfbM4jrcSucvqk1caxp/3rgE+2pfkqaWfi/7JfkO8w1m5i4mGUtGrWbhzwKdKKXiOKtf0rM1HPAbFqPib4GK17H2lRYv8Kh7xIWkj6kQned0n7JWB8JnwmaSfiFgzm4mjdomKxaQ6rN+jDo3UfMsH/dsBy1qSy/S4zaGBqeMQE/zTwu0zcT6J1u/WaYRVFr3YOsGsmema3JeJ2xUrmQcDFHZKdU9R3IxP86d0ac7Rua+D8XBRpP0iVi6eKecXFXXYneDBaN7mmsoau2MOyJBN1eTHjVKuxpe/PlMQvjdadUGGsV1mxcjSP8qf8Bf3ka4J/wwT/RdImmJwzSbv6uj5oFQ1sYUn0fkVZjwJn1/CV7ApM77Ik/1S0rq4LaE0o2+G3JFp3UjG0q8Vb49do3fnAyR3SngvcQ3rFqFfjAEtaaJjWId2uJvjftJxTX5uTonWHAzeURQMf7LT7LVp3LHB1Jup8E/ypLenWBVb08X3kbEbanLWU/J0L0uzP2aQ76qBTeq+a4B/ObU4CPlJTnVodTOpUypxH6smXD1JIa4MeBX5FfqFlGGaY4FcZUw+y264YLi3tkGQXE/zvM8dNIr0lkjO+faNWtG5n0sXai1syYfNN8EdF6zYhNeymHWmCv6GkQdftKtIo4GbgwCYLan9jZV1gPvDxIVSy1fEm+KvaAwfdPlqMg//cIcnhJviFbccsIr8dYD8TfLcN/ZVE6y4HPpeJOsAEf0dxUf2BNH/ehMXAPiZ4htSgNzbBLy+27l5Lfg9PLVZ5p7CYvjqU4b3V8B/gw7nGXIdi99umlO/FXRCtmzU29RatO4h8Y15QV2MuzCoJvz1aN8EE/w9gS3p74aAXx/T64D2AKSb45fDW1t1plD+zDWrf1V6SNcG/aYK/jDSmm917npU8Tdo7vH7TU1Im+OeBnShfBDkP+Gm0bgPyQwFIb7PUeU7/pHwx59wizQoT/CmAI793vF+fNcGHlr+P7zun7m4jrXO01h0T/BzSKu7pNZZ1nQn+rqr/L8dkYFvSvGu/T6T/Ap4CHjfBV9orEq07IRN8pwn+yV4LL17Q7PTj3UV+F95zTfw/FcVMSvb9zeIHz53/1sA2pEWZfmeermxfMIvW7Uh6EB3pL8tSN5vgn+mWqNibsw3wbvpvXwuqtisREREREREREREREREREREREREREREREREREREREREREREREREREREREREREREREREREREREREREREREREREREREREREREREREREREREREREREREREREREREREREREREREREREREREREREREWnxX2ox1/vZSvwPAAAAJXRFWHRkYXRlOmNyZWF0ZQAyMDI0LTA4LTEzVDE5OjUyOjMxKzAwOjAwsDIMcAAAACV0RVh0ZGF0ZTptb2RpZnkAMjAyNC0wOC0xM1QxOTo1MjozMSswMDowMMFvtMwAAABVdEVYdHN2Zzpjb21tZW50ACBVcGxvYWRlZCB0bzogU1ZHIFJlcG8sIHd3dy5zdmdyZXBvLmNvbSwgR2VuZXJhdG9yOiBTVkcgUmVwbyBNaXhlciBUb29scyBFB1wTAAAAAElFTkSuQmCC
-    mediatype: png
+    mediatype: image/png
   install:
     spec:
       deployments: null
@@ -118,4 +222,5 @@ spec:
   maturity: alpha
   provider:
     name: Oracle
+  replaces: oracle-database-operator.v1.1.0
   version: 1.2.0
diff --git a/config/network-policy/allow-webhook-traffic.yaml b/config/network-policy/allow-webhook-traffic.yaml
new file mode 100644
index 00000000..7acb3a39
--- /dev/null
+++ b/config/network-policy/allow-webhook-traffic.yaml
@@ -0,0 +1,27 @@
+# This NetworkPolicy allows ingress traffic to your webhook server running
+# as part of the controller-manager from specific namespaces and pods. CR(s) which uses webhooks
+# will only work when applied in namespaces labeled with 'webhook: enabled'
+apiVersion: networking.k8s.io/v1
+kind: NetworkPolicy
+metadata:
+  labels:
+    app.kubernetes.io/name: oracle-database-operator
+    app.kubernetes.io/managed-by: kustomize
+  name: allow-webhook-traffic
+  namespace: system
+spec:
+  podSelector:
+    matchLabels:
+      control-plane: controller-manager
+      app.kubernetes.io/name: oracle-database-operator
+  policyTypes:
+    - Ingress
+  ingress:
+    # This allows ingress traffic from any namespace with the label webhook: enabled
+    - from:
+      - namespaceSelector:
+          matchLabels:
+            webhook: enabled # Only from namespaces with this label
+      ports:
+        - port: 443
+          protocol: TCP
diff --git a/config/rbac/cdb_editor_role.yaml b/config/rbac/cdb_editor_role.yaml
deleted file mode 100644
index 244ddff2..00000000
--- a/config/rbac/cdb_editor_role.yaml
+++ /dev/null
@@ -1,24 +0,0 @@
-# permissions for end users to edit cdbs.
-apiVersion: rbac.authorization.k8s.io/v1
-kind: ClusterRole
-metadata:
-  name: cdb-editor-role
-rules:
-- apiGroups:
-  - database.oracle.com
-  resources:
-  - cdbs
-  verbs:
-  - create
-  - delete
-  - get
-  - list
-  - patch
-  - update
-  - watch
-- apiGroups:
-  - database.oracle.com
-  resources:
-  - cdbs/status
-  verbs:
-  - get
diff --git a/config/rbac/cdb_viewer_role.yaml b/config/rbac/cdb_viewer_role.yaml
deleted file mode 100644
index 78a84283..00000000
--- a/config/rbac/cdb_viewer_role.yaml
+++ /dev/null
@@ -1,20 +0,0 @@
-# permissions for end users to view cdbs.
-apiVersion: rbac.authorization.k8s.io/v1
-kind: ClusterRole
-metadata:
-  name: cdb-viewer-role
-rules:
-- apiGroups:
-  - database.oracle.com
-  resources:
-  - cdbs
-  verbs:
-  - get
-  - list
-  - watch
-- apiGroups:
-  - database.oracle.com
-  resources:
-  - cdbs/status
-  verbs:
-  - get
diff --git a/config/rbac/database_oraclerestart_admin_role.yaml b/config/rbac/database_oraclerestart_admin_role.yaml
new file mode 100644
index 00000000..a07ef7e9
--- /dev/null
+++ b/config/rbac/database_oraclerestart_admin_role.yaml
@@ -0,0 +1,27 @@
+# This rule is not used by the project oracle-database-operator itself.
+# It is provided to allow the cluster admin to help manage permissions for users.
+#
+# Grants full permissions ('*') over database.oracle.com.
+# This role is intended for users authorized to modify roles and bindings within the cluster,
+# enabling them to delegate specific permissions to other users or groups as needed.
+
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRole
+metadata:
+  labels:
+    app.kubernetes.io/name: oracle-database-operator
+    app.kubernetes.io/managed-by: kustomize
+  name: database-oraclerestart-admin-role
+rules:
+- apiGroups:
+  - database.oracle.com
+  resources:
+  - oraclerestarts
+  verbs:
+  - '*'
+- apiGroups:
+  - database.oracle.com
+  resources:
+  - oraclerestarts/status
+  verbs:
+  - get
diff --git a/config/rbac/database_oraclerestart_editor_role.yaml b/config/rbac/database_oraclerestart_editor_role.yaml
new file mode 100644
index 00000000..ac68b530
--- /dev/null
+++ b/config/rbac/database_oraclerestart_editor_role.yaml
@@ -0,0 +1,33 @@
+# This rule is not used by the project oracle-database-operator itself.
+# It is provided to allow the cluster admin to help manage permissions for users.
+#
+# Grants permissions to create, update, and delete resources within the database.oracle.com.
+# This role is intended for users who need to manage these resources
+# but should not control RBAC or manage permissions for others.
+
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRole
+metadata:
+  labels:
+    app.kubernetes.io/name: oracle-database-operator
+    app.kubernetes.io/managed-by: kustomize
+  name: database-oraclerestart-editor-role
+rules:
+- apiGroups:
+  - database.oracle.com
+  resources:
+  - oraclerestarts
+  verbs:
+  - create
+  - delete
+  - get
+  - list
+  - patch
+  - update
+  - watch
+- apiGroups:
+  - database.oracle.com
+  resources:
+  - oraclerestarts/status
+  verbs:
+  - get
diff --git a/config/rbac/database_oraclerestart_viewer_role.yaml b/config/rbac/database_oraclerestart_viewer_role.yaml
new file mode 100644
index 00000000..fba2f80b
--- /dev/null
+++ b/config/rbac/database_oraclerestart_viewer_role.yaml
@@ -0,0 +1,29 @@
+# This rule is not used by the project oracle-database-operator itself.
+# It is provided to allow the cluster admin to help manage permissions for users.
+#
+# Grants read-only access to database.oracle.com resources.
+# This role is intended for users who need visibility into these resources
+# without permissions to modify them. It is ideal for monitoring purposes and limited-access viewing.
+
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRole
+metadata:
+  labels:
+    app.kubernetes.io/name: oracle-database-operator
+    app.kubernetes.io/managed-by: kustomize
+  name: database-oraclerestart-viewer-role
+rules:
+- apiGroups:
+  - database.oracle.com
+  resources:
+  - oraclerestarts
+  verbs:
+  - get
+  - list
+  - watch
+- apiGroups:
+  - database.oracle.com
+  resources:
+  - oraclerestarts/status
+  verbs:
+  - get
diff --git a/config/rbac/kustomization.yaml b/config/rbac/kustomization.yaml
index 7a20231c..e9c0caa0 100644
--- a/config/rbac/kustomization.yaml
+++ b/config/rbac/kustomization.yaml
@@ -14,3 +14,9 @@ resources:
 - auth_proxy_role.yaml
 - auth_proxy_role_binding.yaml
 - auth_proxy_client_clusterrole.yaml
+# For each CRD, "Admin", "Editor" and "Viewer" roles are scaffolded by
+# default, aiding admins in cluster management. Those roles are
+# not used by the {{ .ProjectName }} itself. You can comment the following lines
+# if you do not want those helpers be installed with your Project.
+
+
diff --git a/config/rbac/pdb_editor_role.yaml b/config/rbac/pdb_editor_role.yaml
deleted file mode 100644
index 7d668e4a..00000000
--- a/config/rbac/pdb_editor_role.yaml
+++ /dev/null
@@ -1,24 +0,0 @@
-# permissions for end users to edit pdbs.
-apiVersion: rbac.authorization.k8s.io/v1
-kind: ClusterRole
-metadata:
-  name: pdb-editor-role
-rules:
-- apiGroups:
-  - database.oracle.com
-  resources:
-  - pdbs
-  verbs:
-  - create
-  - delete
-  - get
-  - list
-  - patch
-  - update
-  - watch
-- apiGroups:
-  - database.oracle.com
-  resources:
-  - pdbs/status
-  verbs:
-  - get
diff --git a/config/rbac/pdb_viewer_role.yaml b/config/rbac/pdb_viewer_role.yaml
deleted file mode 100644
index 5fcf68c9..00000000
--- a/config/rbac/pdb_viewer_role.yaml
+++ /dev/null
@@ -1,20 +0,0 @@
-# permissions for end users to view pdbs.
-apiVersion: rbac.authorization.k8s.io/v1
-kind: ClusterRole
-metadata:
-  name: pdb-viewer-role
-rules:
-- apiGroups:
-  - database.oracle.com
-  resources:
-  - pdbs
-  verbs:
-  - get
-  - list
-  - watch
-- apiGroups:
-  - database.oracle.com
-  resources:
-  - pdbs/status
-  verbs:
-  - get
diff --git a/config/rbac/role.yaml b/config/rbac/role.yaml
index 3a12386c..e6086c1d 100644
--- a/config/rbac/role.yaml
+++ b/config/rbac/role.yaml
@@ -10,9 +10,12 @@ rules:
   - configmaps
   - containers
   - deployments
+  - endpoints
   - events
   - namespaces
+  - persistentvolumeclaim
   - persistentvolumeclaims
+  - persistentvolumes
   - pods
   - pods/exec
   - pods/log
@@ -33,20 +36,13 @@ rules:
   - configmaps/status
   - daemonsets/status
   - deployments/status
+  - persistentvolumeclaim/status
   - services/status
   - statefulsets/status
   verbs:
   - get
   - patch
   - update
-- apiGroups:
-  - ""
-  resources:
-  - persistentvolumes
-  verbs:
-  - get
-  - list
-  - watch
 - apiGroups:
   - ""
   resources:
@@ -103,15 +99,14 @@ rules:
   resources:
   - autonomouscontainerdatabases
   - autonomousdatabases
-  - cdbs
   - dataguardbrokers
   - dbcssystems
   - events
   - lrests
   - lrpdbs
+  - oraclerestarts
   - oraclerestdataservices
   - ordssrvs
-  - pdbs
   - shardingdatabases
   - singleinstancedatabases
   verbs:
@@ -128,14 +123,13 @@ rules:
   - autonomouscontainerdatabases/status
   - autonomousdatabasebackups/status
   - autonomousdatabaserestores/status
-  - cdbs/status
   - dataguardbrokers/status
   - dbcssystems/status
   - lrests/status
   - lrpdbs/status
+  - oraclerestarts/status
   - oraclerestdataservices/status
   - ordssrvs/status
-  - pdbs/status
   - shardingdatabases/status
   - singleinstancedatabases/status
   verbs:
@@ -164,7 +158,6 @@ rules:
 - apiGroups:
   - database.oracle.com
   resources:
-  - cdbs/finalizers
   - dataguardbrokers/finalizers
   - lrests/finalizers
   - oraclerestdataservices/finalizers
@@ -176,8 +169,9 @@ rules:
   - database.oracle.com
   resources:
   - dbcssystems/finalizers
+  - lrpdbs/configmaps
   - lrpdbs/finalizers
-  - pdbs/finalizers
+  - oraclerestarts/finalizers
   - shardingdatabases/finalizers
   verbs:
   - create
diff --git a/config/samples/acd/autonomouscontainerdatabase_bind.yaml b/config/samples/acd/autonomouscontainerdatabase_bind.yaml
index 3d28ba4d..12912ac9 100644
--- a/config/samples/acd/autonomouscontainerdatabase_bind.yaml
+++ b/config/samples/acd/autonomouscontainerdatabase_bind.yaml
@@ -2,7 +2,7 @@
 # Copyright (c) 2022, Oracle and/or its affiliates. 
 # Licensed under the Universal Permissive License v 1.0 as shown at http://oss.oracle.com/licenses/upl.
 #
-apiVersion: database.oracle.com/v1alpha1
+apiVersion: database.oracle.com/v4
 kind: AutonomousContainerDatabase
 metadata:
   name: autonomouscontainerdatabase-sample
diff --git a/config/samples/acd/autonomouscontainerdatabase_change_displayname.yaml b/config/samples/acd/autonomouscontainerdatabase_change_displayname.yaml
index dd75250d..99568e52 100644
--- a/config/samples/acd/autonomouscontainerdatabase_change_displayname.yaml
+++ b/config/samples/acd/autonomouscontainerdatabase_change_displayname.yaml
@@ -2,7 +2,7 @@
 # Copyright (c) 2022, Oracle and/or its affiliates. 
 # Licensed under the Universal Permissive License v 1.0 as shown at http://oss.oracle.com/licenses/upl.
 #
-apiVersion: database.oracle.com/v1alpha1
+apiVersion: database.oracle.com/v4
 kind: AutonomousContainerDatabase
 metadata:
   name: autonomouscontainerdatabase-sample
diff --git a/config/samples/acd/autonomouscontainerdatabase_create.yaml b/config/samples/acd/autonomouscontainerdatabase_create.yaml
index 5f42a136..1a1daeb6 100644
--- a/config/samples/acd/autonomouscontainerdatabase_create.yaml
+++ b/config/samples/acd/autonomouscontainerdatabase_create.yaml
@@ -2,7 +2,7 @@
 # Copyright (c) 2022, Oracle and/or its affiliates. 
 # Licensed under the Universal Permissive License v 1.0 as shown at http://oss.oracle.com/licenses/upl.
 #
-apiVersion: database.oracle.com/v1alpha1
+apiVersion: database.oracle.com/v4
 kind: AutonomousContainerDatabase
 metadata:
   name: autonomouscontainerdatabase-sample
diff --git a/config/samples/acd/autonomouscontainerdatabase_delete_resource.yaml b/config/samples/acd/autonomouscontainerdatabase_delete_resource.yaml
index 5be06b5a..b2bd4c33 100644
--- a/config/samples/acd/autonomouscontainerdatabase_delete_resource.yaml
+++ b/config/samples/acd/autonomouscontainerdatabase_delete_resource.yaml
@@ -2,7 +2,7 @@
 # Copyright (c) 2022, Oracle and/or its affiliates. 
 # Licensed under the Universal Permissive License v 1.0 as shown at http://oss.oracle.com/licenses/upl.
 #
-apiVersion: database.oracle.com/v1alpha1
+apiVersion: database.oracle.com/v4
 kind: AutonomousContainerDatabase
 metadata:
   name: autonomouscontainerdatabase-sample
diff --git a/config/samples/acd/autonomouscontainerdatabase_restart_terminate.yaml b/config/samples/acd/autonomouscontainerdatabase_restart_terminate.yaml
index 0e884f6e..96644fed 100644
--- a/config/samples/acd/autonomouscontainerdatabase_restart_terminate.yaml
+++ b/config/samples/acd/autonomouscontainerdatabase_restart_terminate.yaml
@@ -2,7 +2,7 @@
 # Copyright (c) 2022, Oracle and/or its affiliates. 
 # Licensed under the Universal Permissive License v 1.0 as shown at http://oss.oracle.com/licenses/upl.
 #
-apiVersion: database.oracle.com/v1alpha1
+apiVersion: database.oracle.com/v4
 kind: AutonomousContainerDatabase
 metadata:
   name: autonomouscontainerdatabase-sample
diff --git a/config/samples/adb/autonomousdatabase_backup.yaml b/config/samples/adb/autonomousdatabase_backup.yaml
index 0099a347..448481ee 100644
--- a/config/samples/adb/autonomousdatabase_backup.yaml
+++ b/config/samples/adb/autonomousdatabase_backup.yaml
@@ -2,7 +2,7 @@
 # Copyright (c) 2022, Oracle and/or its affiliates. 
 # Licensed under the Universal Permissive License v 1.0 as shown at http://oss.oracle.com/licenses/upl.
 #
-apiVersion: database.oracle.com/v1alpha1
+apiVersion: database.oracle.com/v4
 kind: AutonomousDatabaseBackup
 metadata:
   name: autonomousdatabasebackup-sample
@@ -10,11 +10,11 @@ spec:
   # Before you can create on-demand backups, you must have an Object Storage bucket and your database must be configured to connect to it. This is a one-time operation.
   # See https://docs.oracle.com/en-us/iaas/Content/Database/Tasks/adbbackingup.htm#creatingbucket
   target:
-    k8sADB:
+    k8sAdb:
       name: autonomousdatabase-sample
     # # Uncomment the below block if you use ADB OCID as the input of the target ADB
-    # ociADB:
-    #   ocid: ocid1.autonomousdatabase...
+    # ociAdb:
+    #   id: ocid1.autonomousdatabase...
   displayName: autonomousdatabasebackup-sample
   isLongTermBackup: true
   retentionPeriodInDays: 90 # minimum retention period is 90 days
diff --git a/config/samples/adb/autonomousdatabase_bind.yaml b/config/samples/adb/autonomousdatabase_bind.yaml
index 702b8f03..29105860 100644
--- a/config/samples/adb/autonomousdatabase_bind.yaml
+++ b/config/samples/adb/autonomousdatabase_bind.yaml
@@ -2,7 +2,7 @@
 # Copyright (c) 2022, Oracle and/or its affiliates. 
 # Licensed under the Universal Permissive License v 1.0 as shown at http://oss.oracle.com/licenses/upl.
 #
-apiVersion: database.oracle.com/v1alpha1
+apiVersion: database.oracle.com/v4
 kind: AutonomousDatabase
 metadata:
   name: autonomousdatabase-sample
diff --git a/config/samples/adb/autonomousdatabase_clone.yaml b/config/samples/adb/autonomousdatabase_clone.yaml
index 559d7185..3a01d606 100644
--- a/config/samples/adb/autonomousdatabase_clone.yaml
+++ b/config/samples/adb/autonomousdatabase_clone.yaml
@@ -2,7 +2,7 @@
 # Copyright (c) 2022, 2024, Oracle and/or its affiliates.
 # Licensed under the Universal Permissive License v 1.0 as shown at http://oss.oracle.com/licenses/upl.
 #
-apiVersion: database.oracle.com/v1alpha1
+apiVersion: database.oracle.com/v4
 kind: AutonomousDatabase
 metadata:
   name: autonomousdatabase-sample
@@ -16,7 +16,8 @@ spec:
     # The dbName must begin with an alphabetic character and can contain a maximum of 14 alphanumeric characters. Special characters are not permitted. The database name must be unique in the tenancy.
     dbName: ClonedADB
     displayName: ClonedADB
-    cpuCoreCount: 1
+    computeModel: ECPU
+    computeCount: 1
     adminPassword:
       # Comment out k8sSecret and uncomment ociSecret if you pass the admin password using OCI Secret.
       k8sSecret:
diff --git a/config/samples/adb/autonomousdatabase_create.yaml b/config/samples/adb/autonomousdatabase_create.yaml
index d633cb84..682a271d 100644
--- a/config/samples/adb/autonomousdatabase_create.yaml
+++ b/config/samples/adb/autonomousdatabase_create.yaml
@@ -2,7 +2,7 @@
 # Copyright (c) 2022, 2024, Oracle and/or its affiliates.
 # Licensed under the Universal Permissive License v 1.0 as shown at http://oss.oracle.com/licenses/upl.
 #
-apiVersion: database.oracle.com/v1alpha1
+apiVersion: database.oracle.com/v4
 kind: AutonomousDatabase
 metadata:
   name: autonomousdatabase-sample
@@ -14,7 +14,8 @@ spec:
     # The dbName must begin with an alphabetic character and can contain a maximum of 14 alphanumeric characters. Special characters are not permitted. The database name must be unique in the tenancy.
     dbName: NewADB
     displayName: NewADB
-    cpuCoreCount: 1
+    computeModel: ECPU
+    computeCount: 1
     adminPassword:
       # Comment out k8sSecret and uncomment ociSecret if you pass the admin password using OCI Secret.
       k8sSecret:
@@ -25,39 +26,30 @@ spec:
       #   ocid: ocid1.vaultsecret...
     dataStorageSizeInTBs: 1
 
-    # networkAccess:
-    #   # Uncomment this block to configure the network access type with the PUBLIC option, which allows secure access from everywhere.
-    #   accessType: PUBLIC
+    # # Uncomment this block to configure the network access type with the RESTRICTED option.
+    # # This option lets you restrict access by defining access control rules in an Access Control List (ACL).
+    # # By specifying an ACL, the database will be accessible from a whitelisted set of IP addresses, CIDR (Classless Inter-Domain Routing) blocks, or VCNs.
+    # # Use a semicolon (;) as a deliminator between the VCN-specific subnets or IPs.
+    # whitelistedIps:
+    # - 1.1.1.1
+    # - 1.1.0.0/16
+    # - ocid1.vcn...
+    # - ocid1.vcn...;1.1.1.1
+    # - ocid1.vcn...;1.1.0.0/16
+    # isMtlsConnectionRequired: true
 
-    #   # Uncomment this block to configure the network access type with the RESTRICTED option.
-    #   # This option lets you restrict access by defining access control rules in an Access Control List (ACL).
-    #   # By specifying an ACL, the database will be accessible from a whitelisted set of IP addresses, CIDR (Classless Inter-Domain Routing) blocks, or VCNs.
-    #   # Use a semicolon (;) as a deliminator between the VCN-specific subnets or IPs.
-    #   accessType: RESTRICTED
-    #   accessControlList:
-    #   - 1.1.1.1
-    #   - 1.1.0.0/16
-    #   - ocid1.vcn...
-    #   - ocid1.vcn...;1.1.1.1
-    #   - ocid1.vcn...;1.1.0.0/16
-    #   isMTLSConnectionRequired: true
+    # # Uncomment this block to configure the network access type with the PRIVATE option.
+    # # This option assigns a private endpoint, private IP, and hostname to your database.
+    # # Specifying this option allows traffic only from the VCN you specify.
+    # # This allows you to define security rules, ingress/egress, at the Network Security Group (NSG) level and to control traffic to your Autonomous Database.
+    # subnetId: ocid1.subnet...
+    # isMtlsConnectionRequired: true
 
-    #   # Uncomment this block to configure the network access type with the PRIVATE option.
-    #   # This option assigns a private endpoint, private IP, and hostname to your database.
-    #   # Specifying this option allows traffic only from the VCN you specify.
-    #   # This allows you to define security rules, ingress/egress, at the Network Security Group (NSG) level and to control traffic to your Autonomous Database.
-    #   accessType: PRIVATE
-    #   privateEndpoint:
-    #     subnetOCID: ocid1.subnet...
-    #     nsgOCIDs:
-    #     - ocid1.networksecuritygroup...
-    #   isMTLSConnectionRequired: true
-
-    #   # Uncomment this block to configure the network access of an dedicated Autonomous Database (ADB-D) with an access control list.
-    #   isAccessControlEnabled: true
-    #   accessControlList:
-    #   - 1.1.1.1
-    #   - 1.1.0.0/16
+    # # Uncomment this block to configure the network access of an dedicated Autonomous Database (ADB-D) with an access control list.
+    # isAccessControlEnabled: true
+    # whitelistedIps:
+    # - 1.1.1.1
+    # - 1.1.0.0/16
 
   # Authorize the operator with API signing key pair. Comment out the ociConfig fields if your nodes are already authorized with instance principal.
   ociConfig:
diff --git a/config/samples/adb/autonomousdatabase_delete_resource.yaml b/config/samples/adb/autonomousdatabase_delete_resource.yaml
index bae1f605..0d5504a7 100644
--- a/config/samples/adb/autonomousdatabase_delete_resource.yaml
+++ b/config/samples/adb/autonomousdatabase_delete_resource.yaml
@@ -2,7 +2,7 @@
 # Copyright (c) 2022, Oracle and/or its affiliates. 
 # Licensed under the Universal Permissive License v 1.0 as shown at http://oss.oracle.com/licenses/upl.
 #
-apiVersion: database.oracle.com/v1alpha1
+apiVersion: database.oracle.com/v4
 kind: AutonomousDatabase
 metadata:
   name: autonomousdatabase-sample
diff --git a/config/samples/adb/autonomousdatabase_wallet.yaml b/config/samples/adb/autonomousdatabase_download_wallet.yaml
similarity index 96%
rename from config/samples/adb/autonomousdatabase_wallet.yaml
rename to config/samples/adb/autonomousdatabase_download_wallet.yaml
index 84136647..c717c4f3 100644
--- a/config/samples/adb/autonomousdatabase_wallet.yaml
+++ b/config/samples/adb/autonomousdatabase_download_wallet.yaml
@@ -2,7 +2,7 @@
 # Copyright (c) 2022, Oracle and/or its affiliates. 
 # Licensed under the Universal Permissive License v 1.0 as shown at http://oss.oracle.com/licenses/upl.
 #
-apiVersion: database.oracle.com/v1alpha1
+apiVersion: database.oracle.com/v4
 kind: AutonomousDatabase
 metadata:
   name: autonomousdatabase-sample
diff --git a/config/samples/adb/autonomousdatabase_manual_failover.yaml b/config/samples/adb/autonomousdatabase_manual_failover.yaml
new file mode 100644
index 00000000..3182d607
--- /dev/null
+++ b/config/samples/adb/autonomousdatabase_manual_failover.yaml
@@ -0,0 +1,17 @@
+#
+# Copyright (c) 2022, 2025, Oracle and/or its affiliates.
+# Licensed under the Universal Permissive License v 1.0 as shown at http://oss.oracle.com/licenses/upl.
+#
+apiVersion: database.oracle.com/v4
+kind: AutonomousDatabase
+metadata:
+  name: autonomousdatabase-sample
+spec:
+  action: Failover
+  details:
+    id: ocid1.autonomousdatabase...
+  # Authorize the operator with API signing key pair. Comment out the ociConfig fields if your nodes are already authorized with instance principal.
+  ociConfig:
+    configMapName: oci-cred
+    # Comment out secretName if using OKE workload identity
+    secretName: oci-privatekey
\ No newline at end of file
diff --git a/config/samples/adb/autonomousdatabase_rename.yaml b/config/samples/adb/autonomousdatabase_rename.yaml
index 22dbcc0f..1d5f3d0f 100644
--- a/config/samples/adb/autonomousdatabase_rename.yaml
+++ b/config/samples/adb/autonomousdatabase_rename.yaml
@@ -2,7 +2,7 @@
 # Copyright (c) 2022, Oracle and/or its affiliates. 
 # Licensed under the Universal Permissive License v 1.0 as shown at http://oss.oracle.com/licenses/upl.
 #
-apiVersion: database.oracle.com/v1alpha1
+apiVersion: database.oracle.com/v4
 kind: AutonomousDatabase
 metadata:
   name: autonomousdatabase-sample
diff --git a/config/samples/adb/autonomousdatabase_restore.yaml b/config/samples/adb/autonomousdatabase_restore.yaml
index 3db8a1b6..98d9a827 100644
--- a/config/samples/adb/autonomousdatabase_restore.yaml
+++ b/config/samples/adb/autonomousdatabase_restore.yaml
@@ -2,7 +2,7 @@
 # Copyright (c) 2022, Oracle and/or its affiliates. 
 # Licensed under the Universal Permissive License v 1.0 as shown at http://oss.oracle.com/licenses/upl.
 #
-apiVersion: database.oracle.com/v1alpha1
+apiVersion: database.oracle.com/v4
 kind: AutonomousDatabaseRestore
 metadata:
   name: autonomousdatabaserestore-sample
@@ -10,13 +10,13 @@ spec:
   # Restore the database either from a backup or using point-in-time restore
   # The name of your AutonomousDatabaseBackup resource
   target:
-    k8sADB:
+    k8sAdb:
       name: autonomousdatabase-sample
     # # Uncomment the below block if you use ADB OCID as the input of the target ADB
-    # ociADB:
-    #   ocid: ocid1.autonomousdatabase...
+    # ociAdb:
+    #   id: ocid1.autonomousdatabase...
   source:
-    k8sADBBackup: 
+    k8sAdbBackup: 
       name: autonomousdatabasebackup-sample
     # # Uncomment the following field to perform point-in-time restore
     # pointInTime: 
diff --git a/config/samples/adb/autonomousdatabase_scale.yaml b/config/samples/adb/autonomousdatabase_scale.yaml
index ea53e94d..3698bda0 100644
--- a/config/samples/adb/autonomousdatabase_scale.yaml
+++ b/config/samples/adb/autonomousdatabase_scale.yaml
@@ -2,7 +2,7 @@
 # Copyright (c) 2022, Oracle and/or its affiliates. 
 # Licensed under the Universal Permissive License v 1.0 as shown at http://oss.oracle.com/licenses/upl.
 #
-apiVersion: database.oracle.com/v1alpha1
+apiVersion: database.oracle.com/v4
 kind: AutonomousDatabase
 metadata:
   name: autonomousdatabase-sample
@@ -10,8 +10,8 @@ spec:
   action: Update
   details:
     id: ocid1.autonomousdatabase...
-    # Your database's OPCU core count
-    cpuCoreCount: 2
+    # Your database's compute count
+    computeCount: 2
     # Your database's storage size in TB
     dataStorageSizeInTBs: 2
     # Enable/Disable auto scaling for your database
diff --git a/config/samples/adb/autonomousdatabase_stop_start_terminate.yaml b/config/samples/adb/autonomousdatabase_stop_start_terminate.yaml
index 4a191dd6..f6daf426 100644
--- a/config/samples/adb/autonomousdatabase_stop_start_terminate.yaml
+++ b/config/samples/adb/autonomousdatabase_stop_start_terminate.yaml
@@ -2,13 +2,13 @@
 # Copyright (c) 2022, Oracle and/or its affiliates. 
 # Licensed under the Universal Permissive License v 1.0 as shown at http://oss.oracle.com/licenses/upl.
 #
-apiVersion: database.oracle.com/v1alpha1
+apiVersion: database.oracle.com/v4
 kind: AutonomousDatabase
 metadata:
   name: autonomousdatabase-sample
 spec:
   
-  action: Stop # Use the value "Start" to start the database
+  action: Stop # Use the value "Start" to start the database, or "Terminate" to terminate the database
   details:
     id: ocid1.autonomousdatabase...
   # Authorize the operator with API signing key pair. Comment out the ociConfig fields if your nodes are already authorized with instance principal.
diff --git a/config/samples/adb/autonomousdatabase_switchover.yaml b/config/samples/adb/autonomousdatabase_switchover.yaml
new file mode 100644
index 00000000..8cd1fce1
--- /dev/null
+++ b/config/samples/adb/autonomousdatabase_switchover.yaml
@@ -0,0 +1,17 @@
+#
+# Copyright (c) 2022, 2025, Oracle and/or its affiliates.
+# Licensed under the Universal Permissive License v 1.0 as shown at http://oss.oracle.com/licenses/upl.
+#
+apiVersion: database.oracle.com/v4
+kind: AutonomousDatabase
+metadata:
+  name: autonomousdatabase-sample
+spec:
+  action: Switchover
+  details:
+    id: ocid1.autonomousdatabase...
+  # Authorize the operator with API signing key pair. Comment out the ociConfig fields if your nodes are already authorized with instance principal.
+  ociConfig:
+    configMapName: oci-cred
+    # Comment out secretName if using OKE workload identity
+    secretName: oci-privatekey
\ No newline at end of file
diff --git a/config/samples/adb/autonomousdatabase_update_admin_password.yaml b/config/samples/adb/autonomousdatabase_update_admin_password.yaml
index be7aca69..14a43639 100644
--- a/config/samples/adb/autonomousdatabase_update_admin_password.yaml
+++ b/config/samples/adb/autonomousdatabase_update_admin_password.yaml
@@ -2,7 +2,7 @@
 # Copyright (c) 2022, Oracle and/or its affiliates. 
 # Licensed under the Universal Permissive License v 1.0 as shown at http://oss.oracle.com/licenses/upl.
 #
-apiVersion: database.oracle.com/v1alpha1
+apiVersion: database.oracle.com/v4
 kind: AutonomousDatabase
 metadata:
   name: autonomousdatabase-sample
diff --git a/config/samples/adb/autonomousdatabase_update_mtls.yaml b/config/samples/adb/autonomousdatabase_update_mtls.yaml
index 25eda529..87c98bbc 100644
--- a/config/samples/adb/autonomousdatabase_update_mtls.yaml
+++ b/config/samples/adb/autonomousdatabase_update_mtls.yaml
@@ -2,7 +2,7 @@
 # Copyright (c) 2022, Oracle and/or its affiliates. 
 # Licensed under the Universal Permissive License v 1.0 as shown at http://oss.oracle.com/licenses/upl.
 #
-apiVersion: database.oracle.com/v1alpha1
+apiVersion: database.oracle.com/v4
 kind: AutonomousDatabase
 metadata:
   name: autonomousdatabase-sample
@@ -11,7 +11,7 @@ spec:
   details:
     id: ocid1.autonomousdatabase...
     # Set the patameter to false to allow both TLS and mutual TLS (mTLS) authentication, or true to require mTLS connections and disallow TLS connections.
-    isMTLSConnectionRequired: true
+    isMtlsConnectionRequired: true
 
   # Authorize the operator with API signing key pair. Comment out the ociConfig fields if your nodes are already authorized with instance principal.
   ociConfig:
diff --git a/config/samples/adb/autonomousdatabase_update_network_access.yaml b/config/samples/adb/autonomousdatabase_update_network_access.yaml
index 7dd3fa0c..2c704d53 100644
--- a/config/samples/adb/autonomousdatabase_update_network_access.yaml
+++ b/config/samples/adb/autonomousdatabase_update_network_access.yaml
@@ -2,7 +2,7 @@
 # Copyright (c) 2022, Oracle and/or its affiliates. 
 # Licensed under the Universal Permissive License v 1.0 as shown at http://oss.oracle.com/licenses/upl.
 #
-apiVersion: database.oracle.com/v1alpha1
+apiVersion: database.oracle.com/v4
 kind: AutonomousDatabase
 metadata:
   name: autonomousdatabase-sample
@@ -11,15 +11,13 @@ spec:
   details:
     id: ocid1.autonomousdatabase...
     # # Allow secure access from everywhere. Uncomment one of the following field depends on your network access configuration.
-    # accessControlList:
-    # -
-    # privateEndpoint: ""
+    # privateEndpointLabel: ""
 
     # # Uncomment this block to configure the network access type with the RESTRICTED option.
     # # This option lets you restrict access by defining access control rules in an Access Control List (ACL).
-    # # By specifying an ACL, the database will be accessible from a whitelisted set of IP addresses, CIDR (Classless Inter-Domain Routing) blocks, or VCNs. 
+    # # By specifying an ACL, the database will be accessible from a whitelisted set of IP addresses, CIDR (Classless Inter-Domain Routing) blocks, or VCNs.
     # # Use a semicolon (;) as a deliminator between the VCN-specific subnets or IPs.
-    # accessControlList:
+    # whitelistedIps:
     # - 1.1.1.1
     # - 1.1.0.0/16
     # - ocid1.vcn...
@@ -27,16 +25,16 @@ spec:
     # - ocid1.vcn...;1.1.0.0/16
 
     # # Uncomment this block to configure the network access type with the PRIVATE option.
-    # # This option assigns a private endpoint, private IP, and hostname to your database. 
+    # # This option assigns a private endpoint, private IP, and hostname to your database.
     # # Specifying this option allows traffic only from the VCN you specify.
     # # This allows you to define security rules, ingress/egress, at the Network Security Group (NSG) level and to control traffic to your Autonomous Database.
-    # privateEndpoint:
-    #   subnetOCID: ocid1.subnet...
-    #   nsgOCIDs: # Optional
-    #   - ocid1.networksecuritygroup...
+    # subnetId: ocid1.subnet...
+    # nsgIds:
+    # - ocid1.networksecuritygroup...
 
     # # Uncomment this block to configure the network access of an dedicated Autonomous Database (ADB-D) with an access control list.
-    # accessControlList:
+    # isAccessControlEnabled: true
+    # whitelistedIps:
     # - 1.1.1.1
     # - 1.1.0.0/16
 
diff --git a/config/samples/database_v4_oraclerestart.yaml b/config/samples/database_v4_oraclerestart.yaml
new file mode 100644
index 00000000..de72184a
--- /dev/null
+++ b/config/samples/database_v4_oraclerestart.yaml
@@ -0,0 +1,9 @@
+apiVersion: database.oracle.com/v4
+kind: OracleRestart
+metadata:
+  labels:
+    app.kubernetes.io/name: oracle-database-operator
+    app.kubernetes.io/managed-by: kustomize
+  name: oraclerestart-sample
+spec:
+  # TODO(user): Add fields here
diff --git a/config/samples/kustomization.yaml b/config/samples/kustomization.yaml
index 1a032832..da2a839d 100644
--- a/config/samples/kustomization.yaml
+++ b/config/samples/kustomization.yaml
@@ -5,47 +5,15 @@
 
 ## Append samples you want in your CSV to this file as resources ##
 resources:
-  - multitenant/pdb_plug.yaml
-  - multitenant/cdb_secret.yaml
-  - multitenant/pdb_secret.yaml
-  - multitenant/pdb_clone.yaml
-  - multitenant/cdb.yaml
-  - sidb/singleinstancedatabase_patch.yaml
-  - sidb/oraclerestdataservice_apex.yaml
-  - sidb/singleinstancedatabase_express.yaml
-  - sidb/singleinstancedatabase_secrets.yaml
-  - sidb/singleinstancedatabase_clone.yaml
-  - sidb/singleinstancedatabase_prebuiltdb.yaml
-  - sidb/dataguardbroker.yaml
-  - sidb/oraclerestdataservice_secrets.yaml
-  - sidb/singleinstancedatabase_free.yaml
-  - sidb/singleinstancedatabase_standby.yaml
-  - sidb/openshift_rbac.yaml
-  - sharding/sharding_v1alpha1_provshard_clonespec1.yaml
-  - sharding/shardingdatabase.yaml
-  - sharding/sharding_v1alpha1_provshard_clonespec.yaml
-  - observability/databaseobserver_vault.yaml
-  - observability/databaseobserver_minimal.yaml
-  - adb/autonomousdatabase_bind.yaml
-  - adb/autonomousdatabase_backup.yaml
-  - adb/autonomousdatabase_restore.yaml
-  - acd/autonomouscontainerdatabase_create.yaml
-  - sidb/singleinstancedatabase.yaml
-  - sharding/shardingdatabase.yaml
-  - sharding/sharding_v1alpha1_provshard.yaml
-  - dbcs/database_v1alpha1_dbcssystem.yaml
-  - database_v1alpha1_dataguardbroker.yaml
-  - database_v1alpha1_shardingdatabase.yaml
-  - observability/v1alpha1/databaseobserver.yaml
-  - observability/v1/databaseobserver.yaml
-  - observability/v4/databaseobserver.yaml
-  - acd/autonomouscontainerdatabase_restart_terminate.yaml
-  - database_v4_shardingdatabase.yaml
-  - database_v4_dbcssystem.yaml
-- database_v4_lrest.yaml
-- database_v4_lrpdb.yaml
-- database_v4_ordssrvs.yaml
-- database_v4_singleinstancedatabase.yaml
-- database_v4_dataguardbroker.yaml
-- database_v4_oraclerestdataservice.yaml
-  # +kubebuilder:scaffold:manifestskustomizesamples
+- acd/autonomouscontainerdatabase_create.yaml
+- adb/autonomousdatabase_backup.yaml
+- adb/autonomousdatabase_create.yaml
+- dbcs/database_v1alpha1_dbcssystem.yaml
+- multitenant/cdb.yaml
+- multitenant/pdb_create.yaml
+- observability/databaseobserver.yaml
+- sharding/sharding_v1alpha1_provshard.yaml
+- sidb/singleinstancedatabase_create.yaml
+- omlai_v4_privateai.yaml
+- database_v4_oraclerestart.yaml
+# +kubebuilder:scaffold:manifestskustomizesamples
diff --git a/config/samples/multitenant/cdb.yaml b/config/samples/multitenant/cdb.yaml
deleted file mode 100644
index e3513d12..00000000
--- a/config/samples/multitenant/cdb.yaml
+++ /dev/null
@@ -1,43 +0,0 @@
-#
-# Copyright (c) 2022, Oracle and/or its affiliates. All rights reserved.
-# Licensed under the Universal Permissive License v 1.0 as shown at http://oss.oracle.com/licenses/upl.
-#
-apiVersion: database.oracle.com/v1alpha1
-kind: CDB 
-metadata: 
-  name: cdb-dev
-  namespace: oracle-database-operator-system
-spec:
-  cdbName: "devcdb"
-  dbServer: "172.17.0.4"
-  dbPort: 1521
-  replicas: 1
-  ordsImage: ""
-  ordsImagePullPolicy: "Always"
-  # Uncomment Below Secret Format for accessing ords image from private docker registry
-  # ordsImagePullSecret: ""
-  serviceName: "devdb.example.com"
-  sysAdminPwd: 
-    secret: 
-      secretName: "cdb1-secret"
-      key: "sysadmin_pwd"
-  ordsPwd:
-    secret: 
-      secretName: "cdb1-secret"
-      key: "ords_pwd"  
-  cdbAdminUser: 
-    secret: 
-      secretName: "cdb1-secret"
-      key: "cdbadmin_user"
-  cdbAdminPwd: 
-    secret: 
-      secretName: "cdb1-secret"
-      key: "cdbadmin_pwd"
-  webServerUser: 
-    secret: 
-      secretName: "cdb1-secret"
-      key: "webserver_user"
-  webServerPwd: 
-    secret: 
-      secretName: "cdb1-secret"
-      key: "webserver_pwd"  
diff --git a/config/samples/multitenant/cdb_secret.yaml b/config/samples/multitenant/cdb_secret.yaml
deleted file mode 100644
index e270100d..00000000
--- a/config/samples/multitenant/cdb_secret.yaml
+++ /dev/null
@@ -1,17 +0,0 @@
-#
-# Copyright (c) 2022, Oracle and/or its affiliates. All rights reserved.
-# Licensed under the Universal Permissive License v 1.0 as shown at http://oss.oracle.com/licenses/upl.
-#
-apiVersion: v1
-kind: Secret
-metadata:
-  name: cdb1-secret
-  namespace: oracle-database-operator-system
-type: Opaque 
-data: 
-  ords_pwd: "[base64 encode value]"
-  sysadmin_pwd: "[base64 encode value]"
-  cdbadmin_user: "[base64 encode value]"
-  cdbadmin_pwd: "[base64 encode value]"
-  webserver_user: "[base64 encode values]"
-  webserver_pwd: "[base64 encode values]"
diff --git a/config/samples/multitenant/pdb_clone.yaml b/config/samples/multitenant/pdb_clone.yaml
deleted file mode 100644
index f36e904d..00000000
--- a/config/samples/multitenant/pdb_clone.yaml
+++ /dev/null
@@ -1,27 +0,0 @@
-#
-# Copyright (c) 2022, Oracle and/or its affiliates. All rights reserved.
-# Licensed under the Universal Permissive License v 1.0 as shown at http://oss.oracle.com/licenses/upl.
-#
-apiVersion: database.oracle.com/v1alpha1
-kind: PDB 
-metadata: 
-  name: pdb1-clone
-  namespace: oracle-database-operator-system
-  labels:
-    cdb: cdb-dev
-spec:
-  cdbResName: "cdb-dev"
-  cdbName: "devcdb"
-  pdbName: "pdbdevclone"
-  adminName: 
-    secret: 
-      secretName: "pdb1-secret"
-      key: "sysadmin_user"  
-  adminPwd: 
-    secret: 
-      secretName: "pdb1-secret"
-      key: "sysadmin_pwd"
-  fileNameConversions: "NONE"
-  totalSize: "1G"
-  tempSize: "100M"
-  action: "Clone"
diff --git a/config/samples/multitenant/pdb_create.yaml b/config/samples/multitenant/pdb_create.yaml
deleted file mode 100644
index 2be31acf..00000000
--- a/config/samples/multitenant/pdb_create.yaml
+++ /dev/null
@@ -1,27 +0,0 @@
-#
-# Copyright (c) 2022, Oracle and/or its affiliates. All rights reserved.
-# Licensed under the Universal Permissive License v 1.0 as shown at http://oss.oracle.com/licenses/upl.
-#
-apiVersion: database.oracle.com/v1alpha1
-kind: PDB 
-metadata: 
-  name: pdb1
-  namespace: oracle-database-operator-system
-  labels:
-    cdb: cdb-dev
-spec:
-  cdbResName: "cdb-dev"
-  cdbName: "devcdb"
-  pdbName: "pdbdev"
-  adminName: 
-    secret: 
-      secretName: "pdb1-secret"
-      key: "sysadmin_user"  
-  adminPwd: 
-    secret: 
-      secretName: "pdb1-secret"
-      key: "sysadmin_pwd"
-  fileNameConversions: "NONE"
-  totalSize: "1G"
-  tempSize: "100M"
-  action: "Create"
diff --git a/config/samples/multitenant/pdb_delete.yaml b/config/samples/multitenant/pdb_delete.yaml
deleted file mode 100644
index 6c5299c0..00000000
--- a/config/samples/multitenant/pdb_delete.yaml
+++ /dev/null
@@ -1,16 +0,0 @@
-#
-# Copyright (c) 2022, Oracle and/or its affiliates. All rights reserved.
-# Licensed under the Universal Permissive License v 1.0 as shown at http://oss.oracle.com/licenses/upl.
-#
-apiVersion: database.oracle.com/v1alpha1
-kind: PDB 
-metadata: 
-  name: pdb1
-  namespace: oracle-database-operator-system
-  labels:
-    cdb: cdb-dev
-spec:
-  cdbResName: "cdb-dev"
-  pdbName: "pdbdev"
-  action: "Delete"
-  dropAction: "INCLUDING"
\ No newline at end of file
diff --git a/config/samples/multitenant/pdb_modify.yaml b/config/samples/multitenant/pdb_modify.yaml
deleted file mode 100644
index feac2dbf..00000000
--- a/config/samples/multitenant/pdb_modify.yaml
+++ /dev/null
@@ -1,22 +0,0 @@
-#
-# Copyright (c) 2022, Oracle and/or its affiliates. All rights reserved.
-# Licensed under the Universal Permissive License v 1.0 as shown at http://oss.oracle.com/licenses/upl.
-#
-apiVersion: database.oracle.com/v1alpha1
-kind: PDB 
-metadata: 
-  name: pdb1
-  namespace: oracle-database-operator-system
-  labels:
-    cdb: cdb-dev
-spec:
-  cdbResName: "cdb-dev"
-  cdbName: "democdb"
-  pdbName: "demotest"
-  action: "Modify"
-  pdbState: "CLOSE"
-  modifyOption: "IMMEDIATE"
-  
-  # To Open an existing PDB, uncomment the below lines and comment the two lines above
-  #pdbState: "OPEN"
-  #modifyOption: "READ WRITE"
\ No newline at end of file
diff --git a/config/samples/multitenant/pdb_plug.yaml b/config/samples/multitenant/pdb_plug.yaml
deleted file mode 100644
index b48c4ffc..00000000
--- a/config/samples/multitenant/pdb_plug.yaml
+++ /dev/null
@@ -1,19 +0,0 @@
-#
-# Copyright (c) 2022, Oracle and/or its affiliates. All rights reserved.
-# Licensed under the Universal Permissive License v 1.0 as shown at http://oss.oracle.com/licenses/upl.
-#
-apiVersion: database.oracle.com/v1alpha1
-kind: PDB 
-metadata: 
-  name: pdb1
-  namespace: oracle-database-operator-system
-  labels:
-    cdb: cdb-dev
-spec:
-  cdbResName: "cdb-dev"
-  pdbName: "pdbdev"
-  xmlFileName: "/opt/oracle/oradata/pdbdev.xml"
-  sourceFileNameConversions: "NONE"
-  fileNameConversions: "NONE"
-  copyAction: "NOCOPY"
-  action: "Plug"
\ No newline at end of file
diff --git a/config/samples/multitenant/pdb_secret.yaml b/config/samples/multitenant/pdb_secret.yaml
deleted file mode 100644
index 8a3202d9..00000000
--- a/config/samples/multitenant/pdb_secret.yaml
+++ /dev/null
@@ -1,13 +0,0 @@
-#
-# Copyright (c) 2022, Oracle and/or its affiliates. All rights reserved.
-# Licensed under the Universal Permissive License v 1.0 as shown at http://oss.oracle.com/licenses/upl.
-#
-apiVersion: v1
-kind: Secret
-metadata:
-  name: pdb1-secret
-  namespace: oracle-database-operator-system
-type: Opaque 
-data: 
-  sysadmin_user: "[ base64 encode value]"
-  sysadmin_pwd: "[ base64 encode value]"
diff --git a/config/samples/multitenant/pdb_unplug.yaml b/config/samples/multitenant/pdb_unplug.yaml
deleted file mode 100644
index 21d7b187..00000000
--- a/config/samples/multitenant/pdb_unplug.yaml
+++ /dev/null
@@ -1,27 +0,0 @@
-#
-# Copyright (c) 2022, Oracle and/or its affiliates. All rights reserved.
-# Licensed under the Universal Permissive License v 1.0 as shown at http://oss.oracle.com/licenses/upl.
-#
-apiVersion: database.oracle.com/v1alpha1
-kind: PDB 
-metadata: 
-  name: pdb1
-  namespace: oracle-database-operator-system
-  labels:
-    cdb: cdb-dev
-spec:
-  cdbResName: "cdb-dev"
-  pdbName: "pdbdev"
-  xmlFileName: "/opt/oracle/oradata/demotest_pdb.xml"
-  action: "Unplug"
-  tdeExport: true
-  tdeSecret:
-    secret: 
-      secretName: "pdb1-secret"
-      key: "tde_secret"
-  tdeKeystorePath: "/opt/oracle/test"
-  tdePassword: 
-    secret: 
-      secretName: "pdb1-secret"
-      key: "tde_pwd"
-  getScript: true      
\ No newline at end of file
diff --git a/config/samples/observability/databaseobserver.yaml b/config/samples/observability/databaseobserver.yaml
index b3140549..8b5245cc 100644
--- a/config/samples/observability/databaseobserver.yaml
+++ b/config/samples/observability/databaseobserver.yaml
@@ -1,5 +1,5 @@
 # example
-apiVersion: observability.oracle.com/v1alpha1
+apiVersion: observability.oracle.com/v4
 kind: DatabaseObserver
 metadata:
   name: obs-sample
@@ -17,28 +17,9 @@ spec:
       key: "connection"
       secret: db-secret
 
-    dbWallet:
-      secret: instance-wallet
-
-  exporter:
-    image: "container-registry.oracle.com/database/observability-exporter:latest"
-    configuration:
-      configmap:
-        key: "config.toml"
-        configmapName: "devcm-oradevdb-config"
-
-    service:
-      port: 9161
-
-  prometheus:
-    port: metrics
-    labels:
-      app: app-sample-label
-
-  replicas: 1
-
-  ociConfig:
-    configMapName: oci-cred
-    secretName: oci-privatekey
-
+  wallet:
+    secret: instance-wallet
 
+  serviceMonitor:
+      labels:
+        release: prometheus
diff --git a/config/samples/observability/databaseobserver_custom_config.yaml b/config/samples/observability/databaseobserver_custom_config.yaml
deleted file mode 100644
index 1e9fff47..00000000
--- a/config/samples/observability/databaseobserver_custom_config.yaml
+++ /dev/null
@@ -1,28 +0,0 @@
-# example
-apiVersion: observability.oracle.com/v1alpha1
-kind: DatabaseObserver
-metadata:
-  name: obs-sample
-  namespace: observer
-spec:
-  database:
-    dbUser:
-      key: "username"
-      secret: db-secret
-
-    dbPassword:
-      key: "password"
-      secret: db-secret
-
-    dbConnectionString:
-      key: "connection"
-      secret: db-secret
-
-    dbWallet:
-      secret: instance-wallet
-
-  exporter:
-   configuration:
-     configmap:
-       key: "config.toml"
-       configmapName: "devcm-oradevdb-config"
\ No newline at end of file
diff --git a/config/samples/observability/databaseobserver_minimal.yaml b/config/samples/observability/databaseobserver_minimal.yaml
deleted file mode 100644
index 2eeaf3ab..00000000
--- a/config/samples/observability/databaseobserver_minimal.yaml
+++ /dev/null
@@ -1,22 +0,0 @@
-# example
-apiVersion: observability.oracle.com/v1alpha1
-kind: DatabaseObserver
-metadata:
-  name: obs-sample
-  namespace: observer
-spec:
-  database:
-    dbUser:
-      key: "username"
-      secret: db-secret
-
-    dbPassword:
-      key: "password"
-      secret: db-secret
-
-    dbConnectionString:
-      key: "connection"
-      secret: db-secret
-
-    dbWallet:
-      secret: instance-wallets
\ No newline at end of file
diff --git a/config/samples/observability/databaseobserver_vault.yaml b/config/samples/observability/databaseobserver_vault.yaml
deleted file mode 100644
index fa2e09d4..00000000
--- a/config/samples/observability/databaseobserver_vault.yaml
+++ /dev/null
@@ -1,25 +0,0 @@
-# example
-apiVersion: observability.oracle.com/v1alpha1
-kind: DatabaseObserver
-metadata:
-  name: obs-sample
-spec:
-  database:
-    dbUser:
-      key: "username"
-      secret: db-secret
-
-    dbPassword:
-      vaultSecretName: sample_secret
-      vaultOCID: ocid1.vault.oc1.<region>.<vault-ocid>
-
-    dbConnectionString:
-      key: "connection"
-      secret: db-secret
-
-    dbWallet:
-      secret: instance-wallet
-
-  ociConfig:
-    configMapName: oci-cred
-    secretName: oci-privatekey
\ No newline at end of file
diff --git a/config/samples/observability/v1/databaseobserver.yaml b/config/samples/observability/v1/databaseobserver.yaml
index 82a7e89e..26ffe3ff 100644
--- a/config/samples/observability/v1/databaseobserver.yaml
+++ b/config/samples/observability/v1/databaseobserver.yaml
@@ -6,7 +6,7 @@ metadata:
   labels:
     app.kubernetes.io/name: observability-exporter
     app.kubernetes.io/instance: obs-sample
-    app.kubernetes.io/version: 1.5.1
+    app.kubernetes.io/version: 2.0.2
 spec:
   database:
     dbUser:
@@ -21,61 +21,56 @@ spec:
       key: "connection"
       secret: db-secret
 
-    dbWallet:
-      secret: instance-wallet
-
-  inheritLabels:
-    - app.kubernetes.io/name
-    - app.kubernetes.io/instance
-    - app.kubernetes.io/version
-
-  sidecars: [ ]
-  sidecarVolumes: [ ]
-
-  exporter:
-    deployment:
-      env:
-        TNS_ADMIN: /some/custom/path
-        ORACLE_HOME: /some/custom/path
-        DB_ROLE: SYSDBA
-      image: "container-registry.oracle.com/database/observability-exporter:1.5.1"
-      args: [ "--log.level=info" ]
-      commands: [ "/oracledb_exporter" ]
-
-      labels:
-        environment: dev
-      podTemplate:
-        labels:
-          environment: dev
-
-    service:
+  wallet:
+    secret: instance-wallet
+
+  sidecar:
+    containers: [ ]
+    volumes: [ ]
+
+  deployment:
+    env:
+      TNS_ADMIN: /some/custom/path
+      ORACLE_HOME: /some/custom/path
+      DB_ROLE: SYSDBA
+    image: "container-registry.oracle.com/database/observability-exporter:2.0.2"
+    args: [ "--log.level=info" ]
+    commands: [ "/oracledb_exporter" ]
+
+    labels:
+      environment: dev
+    podTemplate:
       labels:
         environment: dev
 
-  configuration:
-    configMap:
-      key: "config.toml"
-      name: "devcm-oradevdb-config"
+  service:
+    labels:
+      environment: dev
 
   prometheus:
     serviceMonitor:
       labels:
         release: prometheus
 
+  metrics:
+    configMap:
+      - name: "devcm-oradevdb-config"
+        key: "config.toml"
 
   log:
     filename: "alert.log"
-    path: "/log"
-
+    destination: "/log"
     volume:
-      name: volume
       persistentVolumeClaim:
         claimName: "my-pvc"
 
-  replicas: 1
-
   ociConfig:
-    configMapName: oci-cred
-    secretName: oci-privatekey
+    configMap:
+      key: config
+      name: oci-cred
+    privateKey:
+      secret: oci-privatekey
+    mountPath: "/.oci"
 
+  replicas: 1
 
diff --git a/config/samples/observability/v1/databaseobserver_customization_fields.yaml b/config/samples/observability/v1/databaseobserver_customization_fields.yaml
index d88caec4..5cc5d319 100644
--- a/config/samples/observability/v1/databaseobserver_customization_fields.yaml
+++ b/config/samples/observability/v1/databaseobserver_customization_fields.yaml
@@ -17,38 +17,40 @@ spec:
       key: "connection"
       secret: db-secret
 
-    dbWallet:
-      secret: instance-wallets
-
-  exporter:
-    deployment:
-      image: "container-registry.oracle.com/database/observability-exporter:1.5.1"
-      args:
-        - "--log.level=info"
-      commands:
-        - "/oracledb_exporter"
-      env:
-        TNS_ADMIN: /some/custom/path
+  wallet:
+    secret: instance-wallet
+
+
+
+  deployment:
+    image: "container-registry.oracle.com/database/observability-exporter:2.0.2"
+    args:
+      - "--log.level=info"
+    commands:
+      - "/oracledb_exporter"
+    env:
+      TNS_ADMIN: /some/custom/path
+    labels:
+      environment: dev
+    podTemplate:
       labels:
         environment: dev
-      podTemplate:
-        labels:
-          environment: dev
-    service:
-      ports:
+
+  service:
+    ports:
       - name: "metrics"
         port: 9161
         targetPort: 9161
-      labels:
-        environment: dev
+    labels:
+      environment: dev
 
-  prometheus:
-    serviceMonitor:
-      endpoints:
-        - bearerTokenSecret:
-            key: ''
-          interval: 15s
-          port: metrics
-      labels:
-        release: prometheus
+
+  serviceMonitor:
+    endpoints:
+      - bearerTokenSecret:
+          key: ''
+        interval: 15s
+        port: metrics
+    labels:
+      release: prometheus
 
diff --git a/config/samples/observability/v1/databaseobserver_logs_promtail.yaml b/config/samples/observability/v1/databaseobserver_logs_promtail.yaml
index 8130f487..31a56573 100644
--- a/config/samples/observability/v1/databaseobserver_logs_promtail.yaml
+++ b/config/samples/observability/v1/databaseobserver_logs_promtail.yaml
@@ -6,7 +6,7 @@ metadata:
   labels:
     app.kubernetes.io/name: observability-exporter
     app.kubernetes.io/instance: obs-sample
-    app.kubernetes.io/version: 1.5.1
+    app.kubernetes.io/version: 2.0.2
 spec:
   database:
     dbUser:
@@ -21,54 +21,48 @@ spec:
       key: "connection"
       secret: db-secret
 
-    dbWallet:
-      secret: instance-wallet
+  wallet:
+    secret: instance-wallet
+
 
   inheritLabels:
     - app.kubernetes.io/name
     - app.kubernetes.io/instance
     - app.kubernetes.io/version
 
-  sidecars:
-    - name: promtail
-      image: grafana/promtail
-      args:
-        - -config.file=/etc/promtail/promtail.yaml
-      volumeMounts:
-        - name: config
-          mountPath: /etc/promtail
-        - name: log-volume
-          mountPath: /log
+  sidecar:
+    containers:
+      - name: promtail
+        image: grafana/promtail
+        args:
+          - -config.file=/etc/promtail/promtail.yaml
+        volumeMounts:
+          - name: config
+            mountPath: /etc/promtail
+          - name: log-volume
+            mountPath: /log
+    volumes:
+      - name: config
+        configMap:
+          name: promtail-sidecar-config
 
-  sidecarVolumes:
-    - name: config
-      configMap:
-        name: promtail-sidecar-config
-  exporter:
-    deployment:
-      image: "container-registry.oracle.com/database/observability-exporter:1.5.1"
-      args: [ "--log.level=info" ]
-      commands: [ "/oracledb_exporter" ]
+  deployment:
+    image: "container-registry.oracle.com/database/observability-exporter:2.0.2"
+    args: [ "--log.level=info" ]
+    commands: [ "/oracledb_exporter" ]
 
-  configuration:
+  metrics:
     configMap:
-      key: "config.toml"
-      name: "devcm-oradevdb-config"
+      - name: "devcm-oradevdb-config"
+        key: "config.toml"
+
 
-  prometheus:
-    serviceMonitor:
-      labels:
-        release: prometheus
+  serviceMonitor:
+    labels:
+      release: prometheus
 
   log:
+    destination: "/log"
     filename: "alert.log"
-    path: "/log"
-
-    volume:
-      name: log-volume
 
   replicas: 1
-
-  ociConfig:
-    configMapName: oci-cred
-    secretName: oci-privatekey
diff --git a/config/samples/observability/v1alpha1/databaseobserver.yaml b/config/samples/observability/v1alpha1/databaseobserver.yaml
index 24672d8b..077d4941 100644
--- a/config/samples/observability/v1alpha1/databaseobserver.yaml
+++ b/config/samples/observability/v1alpha1/databaseobserver.yaml
@@ -6,7 +6,7 @@ metadata:
   labels:
     app.kubernetes.io/name: observability-exporter
     app.kubernetes.io/instance: obs-sample
-    app.kubernetes.io/version: 1.5.1
+    app.kubernetes.io/version: 2.0.2
 spec:
   database:
     dbUser:
@@ -21,8 +21,9 @@ spec:
       key: "connection"
       secret: db-secret
 
-    dbWallet:
-      secret: instance-wallet
+  wallet:
+    secret: instance-wallet
+
 
 
   inheritLabels:
@@ -30,51 +31,57 @@ spec:
     - app.kubernetes.io/instance
     - app.kubernetes.io/version
 
-  sidecars: [ ]
-  sidecarVolumes: [ ]
-
-  exporter:
-    deployment:
-      image: "container-registry.oracle.com/database/observability-exporter:1.5.1"
-      args: [ "--log.level=info" ]
-      commands: [ "/oracledb_exporter" ]
-      env:
-        TNS_ADMIN: /some/custom/path
-        ORACLE_HOME: /some/custom/path
-      labels:
-        environment: dev
-      podTemplate:
-        labels:
-          environment: dev
+  sidecar:
+    containers: [ ]
+    volumes: [ ]
+
+
+  deployment:
+    env:
+      TNS_ADMIN: /some/custom/path
+      ORACLE_HOME: /some/custom/path
+      DB_ROLE: SYSDBA
+    image: "container-registry.oracle.com/database/observability-exporter:2.0.2"
+    args: [ "--log.level=info" ]
+    commands: [ "/oracledb_exporter" ]
 
-    service:
+    labels:
+      environment: dev
+    podTemplate:
       labels:
         environment: dev
 
-  configuration:
+  service:
+    labels:
+      environment: dev
+
+  metrics:
     configMap:
-      key: "config.toml"
-      name: "devcm-oradevdb-config"
+      - name: "devcm-oradevdb-config"
+        key: "config.toml"
 
-  prometheus:
-    serviceMonitor:
-      labels:
-        release: prometheus
+  serviceMonitor:
+    labels:
+      release: prometheus
 
 
   log:
     filename: "alert.log"
-    path: "/log"
+    destination: "/log"
 
     volume:
-      name: volume
       persistentVolumeClaim:
         claimName: "my-pvc"
 
+  ociConfig:
+    configMap:
+      key: config
+      name: oci-cred
+    privateKey:
+      secret: oci-privatekey
+    mountPath: "/.oci"
+    
   replicas: 1
 
-  ociConfig:
-    configMapName: oci-cred
-    secretName: oci-privatekey
 
 
diff --git a/config/samples/observability/v1alpha1/databaseobserver_custom_config.yaml b/config/samples/observability/v1alpha1/databaseobserver_custom_config.yaml
index 8e0d0623..e0ad4e9c 100644
--- a/config/samples/observability/v1alpha1/databaseobserver_custom_config.yaml
+++ b/config/samples/observability/v1alpha1/databaseobserver_custom_config.yaml
@@ -3,10 +3,6 @@ apiVersion: observability.oracle.com/v1alpha1
 kind: DatabaseObserver
 metadata:
   name: obs-sample
-  labels:
-    app.kubernetes.io/name: observability-exporter
-    app.kubernetes.io/instance: obs-sample
-    app.kubernetes.io/version: 1.5.1
 spec:
   database:
     dbUser:
@@ -21,26 +17,21 @@ spec:
       key: "connection"
       secret: db-secret
 
-    dbWallet:
-      secret: instance-wallet
+  wallet:
+    secret: instance-wallet
 
-  inherit_labels:
-    - app.kubernetes.io/name
-    - app.kubernetes.io/instance
-    - app.kubernetes.io/version
 
-  exporter:
-    deployment:
-      image: "container-registry.oracle.com/database/observability-exporter:1.5.1"
-      args: [ "--log.level=info" ]
-      commands: [ "/oracledb_exporter" ]
+  deployment:
+    image: "container-registry.oracle.com/database/observability-exporter:2.0.2"
+    args: [ "--log.level=info" ]
+    commands: [ "/oracledb_exporter" ]
 
-  prometheus:
-    serviceMonitor:
-      labels:
-        release: prometheus
 
-  configuration:
+  serviceMonitor:
+    labels:
+      release: prometheus
+
+  metrics:
     configMap:
-      key: "config.toml"
-      name: "devcm-oradevdb-config"
\ No newline at end of file
+      - name: "devcm-oradevdb-config"
+        key: "config.toml"
diff --git a/config/samples/observability/v1alpha1/databaseobserver_logs_promtail.yaml b/config/samples/observability/v1alpha1/databaseobserver_logs_promtail.yaml
index 28592cb0..f2345bee 100644
--- a/config/samples/observability/v1alpha1/databaseobserver_logs_promtail.yaml
+++ b/config/samples/observability/v1alpha1/databaseobserver_logs_promtail.yaml
@@ -3,10 +3,6 @@ apiVersion: observability.oracle.com/v1alpha1
 kind: DatabaseObserver
 metadata:
   name: obs-sample
-  labels:
-    app.kubernetes.io/name: observability-exporter
-    app.kubernetes.io/instance: obs-sample
-    app.kubernetes.io/version: 1.5.1
 spec:
   database:
     dbUser:
@@ -21,54 +17,41 @@ spec:
       key: "connection"
       secret: db-secret
 
-    dbWallet:
-      secret: instance-wallet
-
-  inheritLabels:
-    - app.kubernetes.io/name
-    - app.kubernetes.io/instance
-    - app.kubernetes.io/version
-
-  sidecars:
-    - name: promtail
-      image: grafana/promtail
-      args:
-        - -config.file=/etc/promtail/promtail.yaml
-      volumeMounts:
-        - name: config
-          mountPath: /etc/promtail
-        - name: log-volume
-          mountPath: /log
-
-  sidecarVolumes:
-    - name: config
-      configMap:
-        name: promtail-sidecar-config
-  exporter:
-    deployment:
-      image: "container-registry.oracle.com/database/observability-exporter:1.5.1"
-      args: [ "--log.level=info" ]
-      commands: [ "/oracledb_exporter" ]
-
-  configuration:
+  wallet:
+    secret: instance-wallet
+
+  sidecar:
+    containers:
+      - name: promtail
+        image: grafana/promtail
+        args:
+          - -config.file=/etc/promtail/promtail.yaml
+        volumeMounts:
+          - name: config
+            mountPath: /etc/promtail
+          - name: log-volume
+            mountPath: /log
+    volumes:
+      - name: config
+        configMap:
+          name: promtail-sidecar-config
+
+  deployment:
+    image: "container-registry.oracle.com/database/observability-exporter:1.5.1"
+    args: [ "--log.level=info" ]
+    commands: [ "/oracledb_exporter" ]
+
+  serviceMonitor:
+    labels:
+      release: prometheus
+  metrics:
     configMap:
-      key: "config.toml"
-      name: "devcm-oradevdb-config"
-
-  prometheus:
-    serviceMonitor:
-      labels:
-        release: prometheus
+      - name: "devcm-oradevdb-config"
+        key: "config.toml"
 
   log:
+    destination: "/log"
     filename: "alert.log"
-    path: "/log"
-
-    volume:
-      name: log-volume
 
   replicas: 1
 
-  ociConfig:
-    configMapName: oci-cred
-    secretName: oci-privatekey
diff --git a/config/samples/observability/v1alpha1/databaseobserver_minimal.yaml b/config/samples/observability/v1alpha1/databaseobserver_minimal.yaml
index 74620ac7..9c2044bf 100644
--- a/config/samples/observability/v1alpha1/databaseobserver_minimal.yaml
+++ b/config/samples/observability/v1alpha1/databaseobserver_minimal.yaml
@@ -6,21 +6,18 @@ metadata:
 spec:
   database:
     dbUser:
-      key: "username"
       secret: db-secret
 
     dbPassword:
-      key: "password"
       secret: db-secret
 
     dbConnectionString:
-      key: "connection"
       secret: db-secret
 
-    dbWallet:
-      secret: instance-wallets
+  wallet:
+    secret: instance-wallet
 
-  prometheus:
-    serviceMonitor:
-      labels:
-        release: prometheus
\ No newline at end of file
+
+  serviceMonitor:
+    labels:
+      release: prometheus
\ No newline at end of file
diff --git a/config/samples/observability/v1alpha1/databaseobserver_vault.yaml b/config/samples/observability/v1alpha1/databaseobserver_vault.yaml
deleted file mode 100644
index 2fc3c9f0..00000000
--- a/config/samples/observability/v1alpha1/databaseobserver_vault.yaml
+++ /dev/null
@@ -1,30 +0,0 @@
-# example
-apiVersion: observability.oracle.com/v1alpha1
-kind: DatabaseObserver
-metadata:
-  name: obs-sample
-spec:
-  database:
-    dbUser:
-      key: "username"
-      secret: db-secret
-
-    dbPassword:
-      vaultSecretName: sample_secret
-      vaultOCID: ocid1.vault.oc1.<region>.<vault-ocid>
-
-    dbConnectionString:
-      key: "connection"
-      secret: db-secret
-
-    dbWallet:
-      secret: instance-wallet
-
-  prometheus:
-    serviceMonitor:
-      labels:
-        release: prometheus
-
-  ociConfig:
-    configMapName: oci-cred
-    secretName: oci-privatekey
\ No newline at end of file
diff --git a/config/samples/observability/v1alpha1/databaseobserver_vault_oci.yaml b/config/samples/observability/v1alpha1/databaseobserver_vault_oci.yaml
new file mode 100644
index 00000000..5efb9bff
--- /dev/null
+++ b/config/samples/observability/v1alpha1/databaseobserver_vault_oci.yaml
@@ -0,0 +1,29 @@
+# example
+apiVersion: observability.oracle.com/v1alpha1
+kind: DatabaseObserver
+metadata:
+  name: obs-sample
+spec:
+  database:
+    dbUser:
+      secret: db-secret
+    dbConnectionString:
+      secret: db-secret
+    oci:
+      vaultID: ocid1.vault.oc1.<region>.<vault-ocid>
+      vaultPasswordSecret: sample_secret
+
+  wallet:
+    secret: instance-wallet
+
+  serviceMonitor:
+    labels:
+      release: prometheus
+
+  ociConfig:
+    configMap:
+      key: config
+      name: oci-cred
+    privateKey:
+      secret: oci-privatekey
+    mountPath: "/.oci"
\ No newline at end of file
diff --git a/config/samples/observability/v4/databaseobserver.yaml b/config/samples/observability/v4/databaseobserver.yaml
index f7b310f7..1abcc721 100644
--- a/config/samples/observability/v4/databaseobserver.yaml
+++ b/config/samples/observability/v4/databaseobserver.yaml
@@ -21,59 +21,60 @@ spec:
       key: "connection"
       secret: db-secret
 
-    dbWallet:
-      secret: instance-wallet
+  wallet:
+    secret: instance-wallet
 
   inheritLabels:
     - app.kubernetes.io/name
     - app.kubernetes.io/instance
     - app.kubernetes.io/version
 
-  sidecars: [ ]
-  sidecarVolumes: [ ]
-
-  exporter:
-    deployment:
-      image: "container-registry.oracle.com/database/observability-exporter:1.5.1"
-      args: [ "--log.level=info" ]
-      commands: [ "/oracledb_exporter" ]
-      env:
-        TNS_ADMIN: /some/custom/path
-        ORACLE_HOME: /some/custom/path
+  sidecar:
+    containers: [ ]
+    volumes: [ ]
+
+  deployment:
+    env:
+      TNS_ADMIN: /some/custom/path
+      ORACLE_HOME: /some/custom/path
+      DB_ROLE: SYSDBA
+    image: "container-registry.oracle.com/database/observability-exporter:2.0.2"
+    args: [ "--log.level=info" ]
+    commands: [ "/oracledb_exporter" ]
+
+    labels:
+      environment: dev
+    podTemplate:
       labels:
         environment: dev
-      podTemplate:
-        labels:
-          environment: dev
 
-    service:
-      labels:
-        environment: dev
+  service:
+    labels:
+      environment: dev
 
+  serviceMonitor:
+    labels:
+      release: prometheus
 
-  configuration:
+  metrics:
     configMap:
-      key: "config.toml"
-      name: "devcm-oradevdb-config"
-
-  prometheus:
-    serviceMonitor:
-      labels:
-        release: prometheus
+      - name: "devcm-oradevdb-config"
+        key: "config.toml"
 
   log:
     filename: "alert.log"
-    path: "/log"
+    destination: "/log"
 
     volume:
-      name: volume
       persistentVolumeClaim:
         claimName: "my-pvc"
 
-  replicas: 1
-
   ociConfig:
-    configMapName: oci-cred
-    secretName: oci-privatekey
-
+    configMap:
+      key: config
+      name: oci-cred
+    privateKey:
+      secret: oci-privatekey
+    mountPath: "/.oci"
 
+  replicas: 1
diff --git a/config/samples/observability/v4/databaseobserver_custom_config.yaml b/config/samples/observability/v4/databaseobserver_custom_config.yaml
index dd2e3da5..e82f7478 100644
--- a/config/samples/observability/v4/databaseobserver_custom_config.yaml
+++ b/config/samples/observability/v4/databaseobserver_custom_config.yaml
@@ -6,7 +6,7 @@ metadata:
   labels:
     app.kubernetes.io/name: observability-exporter
     app.kubernetes.io/instance: obs-sample
-    app.kubernetes.io/version: latest
+    app.kubernetes.io/version: 2.0.2
 spec:
   database:
     dbUser:
@@ -21,26 +21,26 @@ spec:
       key: "connection"
       secret: db-secret
 
-    dbWallet:
-      secret: instance-wallet
+  wallet:
+    secret: instance-wallet
 
   inherit_labels:
     - app.kubernetes.io/name
     - app.kubernetes.io/instance
     - app.kubernetes.io/version
 
-  exporter:
-    deployment:
-      image: "container-registry.oracle.com/database/observability-exporter:1.5.1"
-      args: [ "--log.level=info" ]
-      commands: [ "/oracledb_exporter" ]
 
-  configuration:
+  deployment:
+    image: "container-registry.oracle.com/database/observability-exporter:1.5.1"
+    args: [ "--log.level=info" ]
+    commands: [ "/oracledb_exporter" ]
+
+  metrics:
     configMap:
-      key: "config.toml"
-      name: "devcm-oradevdb-config"
+      - name: "devcm-oradevdb-config"
+        key: "config.toml"
+
 
-  prometheus:
-    serviceMonitor:
-      labels:
-        release: prometheus
\ No newline at end of file
+  serviceMonitor:
+    labels:
+      release: prometheus
\ No newline at end of file
diff --git a/config/samples/observability/v4/databaseobserver_exporter_config_file.yaml b/config/samples/observability/v4/databaseobserver_exporter_config_file.yaml
new file mode 100644
index 00000000..fac3359e
--- /dev/null
+++ b/config/samples/observability/v4/databaseobserver_exporter_config_file.yaml
@@ -0,0 +1,42 @@
+# example
+apiVersion: observability.oracle.com/v4
+kind: DatabaseObserver
+metadata:
+  name: obs-sample
+spec:
+
+  deployment:
+    args:
+    - "--config.file=/config/config.yaml"
+
+    # alternatively, the CONFIG_FILE environment variable can be set
+    #env:
+    #  CONFIG_FILE: "/config/config.yaml"
+
+  exporterConfig:
+    configMap:
+      key: config.yaml
+      name: exporter-config-file
+
+  databases:
+    db1:
+      dbUser:
+        secret: db1-secret
+      dbPassword:
+        secret: db1-secret
+      dbConnectionString:
+        secret: db1-secret
+    db2:
+      dbUser:
+        secret: db2-secret
+      dbPassword:
+        secret: db2-secret
+      dbConnectionString:
+        secret: db2-secret
+  wallet:
+    secret: instance-wallet
+
+
+  serviceMonitor:
+    labels:
+      release: prometheus
diff --git a/config/samples/observability/v4/databaseobserver_logs_promtail.yaml b/config/samples/observability/v4/databaseobserver_logs_promtail.yaml
index 26a747a3..ae639308 100644
--- a/config/samples/observability/v4/databaseobserver_logs_promtail.yaml
+++ b/config/samples/observability/v4/databaseobserver_logs_promtail.yaml
@@ -6,7 +6,7 @@ metadata:
   labels:
     app.kubernetes.io/name: observability-exporter
     app.kubernetes.io/instance: obs-sample
-    app.kubernetes.io/version: latest
+    app.kubernetes.io/version: 2.0.2
 spec:
   database:
     dbUser:
@@ -21,56 +21,54 @@ spec:
       key: "connection"
       secret: db-secret
 
-    dbWallet:
-      secret: instance-wallet
+  wallet:
+    secret: instance-wallet
 
   inheritLabels:
     - app.kubernetes.io/name
     - app.kubernetes.io/instance
     - app.kubernetes.io/version
 
-  sidecars:
-    - name: promtail
-      image: grafana/promtail
-      args:
-        - -config.file=/etc/promtail/promtail.yaml
-      volumeMounts:
-        - name: config
-          mountPath: /etc/promtail
-        - name: log-volume
-          mountPath: /log
+  sidecar:
+    containers:
+      - name: promtail
+        image: grafana/promtail
+        args:
+          - -config.file=/etc/promtail/promtail.yaml
+        volumeMounts:
+          - name: config
+            mountPath: /etc/promtail
+          - name: log-volume
+            mountPath: /log
+    volumes:
+      - name: config
+        configMap:
+          name: promtail-sidecar-config
+
+
+  deployment:
+    image: "container-registry.oracle.com/database/observability-exporter:2.0.2"
+    args: [ "--log.level=info" ]
+    commands: [ "/oracledb_exporter" ]
 
-  sidecarVolumes:
-    - name: config
-      configMap:
-        name: promtail-sidecar-config
-  exporter:
-    deployment:
-      image: "container-registry.oracle.com/database/observability-exporter:1.5.1"
-      args: [ "--log.level=info" ]
-      commands: [ "/oracledb_exporter" ]
 
-  configuration:
-    configMap:
-      key: "config.toml"
-      name: "devcm-oradevdb-config"
 
-  prometheus:
-    serviceMonitor:
-      labels:
-        release: prometheus
+  serviceMonitor:
+    labels:
+      release: prometheus
+
+  metrics:
+    configMap:
+      - name: "devcm-oradevdb-config"
+        key: "config.toml"
 
   log:
+    destination: "/log"
     filename: "alert.log"
-    path: "/log"
 
-    volume:
-      name: log-volume
-
-  replicas: 1
 
   ociConfig:
     configMapName: oci-cred
     secretName: oci-privatekey
 
-
+  replicas: 1
diff --git a/config/samples/observability/v4/databaseobserver_minimal.yaml b/config/samples/observability/v4/databaseobserver_minimal.yaml
index cc14fbea..9f913058 100644
--- a/config/samples/observability/v4/databaseobserver_minimal.yaml
+++ b/config/samples/observability/v4/databaseobserver_minimal.yaml
@@ -6,21 +6,18 @@ metadata:
 spec:
   database:
     dbUser:
-      key: "username"
       secret: db-secret
 
     dbPassword:
-      key: "password"
       secret: db-secret
 
     dbConnectionString:
-      key: "connection"
       secret: db-secret
 
-    dbWallet:
-      secret: instance-wallets
+  wallet:
+    secret: instance-wallet
 
-  prometheus:
-    serviceMonitor:
-      labels:
-        release: prometheus
+
+  serviceMonitor:
+    labels:
+      release: prometheus
diff --git a/config/samples/observability/v4/databaseobserver_vault.yaml b/config/samples/observability/v4/databaseobserver_vault.yaml
deleted file mode 100644
index 4f5845f6..00000000
--- a/config/samples/observability/v4/databaseobserver_vault.yaml
+++ /dev/null
@@ -1,39 +0,0 @@
-# example
-apiVersion: observability.oracle.com/v4
-kind: DatabaseObserver
-metadata:
-  name: obs-sample
-  labels:
-    app.kubernetes.io/name: observability-exporter
-    app.kubernetes.io/instance: obs-sample
-    app.kubernetes.io/version: latest
-spec:
-  database:
-    dbUser:
-      key: "username"
-      secret: db-secret
-
-    dbPassword:
-      vaultSecretName: sample_secret
-      vaultOCID: ocid1.vault.oc1.<region>.<vault-ocid>
-
-    dbConnectionString:
-      key: "connection"
-      secret: db-secret
-
-    dbWallet:
-      secret: instance-wallet
-
-  inherit_labels:
-    - app.kubernetes.io/name
-    - app.kubernetes.io/instance
-    - app.kubernetes.io/version
-
-  prometheus:
-    serviceMonitor:
-      labels:
-        release: prometheus
-
-  ociConfig:
-    configMapName: oci-cred
-    secretName: oci-privatekey
\ No newline at end of file
diff --git a/config/samples/observability/v4/databaseobserver_vault_azure.yaml b/config/samples/observability/v4/databaseobserver_vault_azure.yaml
new file mode 100644
index 00000000..2c83ccc8
--- /dev/null
+++ b/config/samples/observability/v4/databaseobserver_vault_azure.yaml
@@ -0,0 +1,24 @@
+# example
+apiVersion: observability.oracle.com/v4
+kind: DatabaseObserver
+metadata:
+  name: obs-sample
+spec:
+  database:
+    dbConnectionString:
+      secret: db-secret
+    azure:
+      vaultID: "..."
+      vaultUsernameSecret: sample_un_secret
+      vaultPasswordSecret: sample_pwd_secret
+
+  wallet:
+    secret: instance-wallet
+
+  serviceMonitor:
+    labels:
+      release: prometheus
+
+  azureConfig:
+    configMap:
+      name: azure-cred
\ No newline at end of file
diff --git a/config/samples/observability/v4/databaseobserver_vault_oci.yaml b/config/samples/observability/v4/databaseobserver_vault_oci.yaml
new file mode 100644
index 00000000..9e60c16f
--- /dev/null
+++ b/config/samples/observability/v4/databaseobserver_vault_oci.yaml
@@ -0,0 +1,29 @@
+# example
+apiVersion: observability.oracle.com/v4
+kind: DatabaseObserver
+metadata:
+  name: obs-sample
+spec:
+  database:
+    dbUser:
+      secret: db-secret
+    dbConnectionString:
+      secret: db-secret
+    oci:
+      vaultID: ocid1.vault.oc1.<region>.<vault-ocid>
+      vaultPasswordSecret: sample_secret
+
+  wallet:
+    secret: instance-wallet
+
+  serviceMonitor:
+    labels:
+      release: prometheus
+
+  ociConfig:
+    configMap:
+      key: config
+      name: oci-cred
+    privateKey:
+      secret: oci-privatekey
+    mountPath: "/.oci"
\ No newline at end of file
diff --git a/config/samples/sidb/singleinstancedatabase.yaml b/config/samples/sidb/singleinstancedatabase.yaml
index 368762f5..a99a569c 100644
--- a/config/samples/sidb/singleinstancedatabase.yaml
+++ b/config/samples/sidb/singleinstancedatabase.yaml
@@ -118,6 +118,9 @@ spec:
   ## memory is measured in bytes and can be expressed in plain integer or as a fixed-point number
   ## using one of these quantity suffixes: E, P, T, G, M, k.
   ## You can also use the power-of-two equivalents: Ei, Pi, Ti, Gi, Mi, Ki.
+  ## For Enterprise Edition, the recommended values are:
+  ## cpu="2"
+  ## memory="16Gi"
   resources:
     ## requests denotes minimum node resources required/to be utilized by the database pod
     requests:
diff --git a/config/scorecard/kustomization.yaml b/config/scorecard/kustomization.yaml
index bf4c1e7c..576c02a4 100644
--- a/config/scorecard/kustomization.yaml
+++ b/config/scorecard/kustomization.yaml
@@ -4,17 +4,18 @@
 #
 resources:
 - bases/config.yaml
-patchesJson6902:
+apiVersion: kustomize.config.k8s.io/v1beta1
+kind: Kustomization
+patches:
 - path: patches/basic.config.yaml
   target:
     group: scorecard.operatorframework.io
-    version: v1alpha3
     kind: Configuration
     name: config
+    version: v1alpha3
 - path: patches/olm.config.yaml
   target:
     group: scorecard.operatorframework.io
-    version: v1alpha3
     kind: Configuration
     name: config
-# +kubebuilder:scaffold:patchesJson6902
+    version: v1alpha3
diff --git a/config/webhook/manifests.yaml b/config/webhook/manifests.yaml
index b186a5b0..43539626 100644
--- a/config/webhook/manifests.yaml
+++ b/config/webhook/manifests.yaml
@@ -4,47 +4,6 @@ kind: MutatingWebhookConfiguration
 metadata:
   name: mutating-webhook-configuration
 webhooks:
-- admissionReviewVersions:
-  - v1
-  clientConfig:
-    service:
-      name: webhook-service
-      namespace: system
-      path: /mutate-database-oracle-com-v4-autonomousdatabasebackup
-  failurePolicy: Fail
-  name: mautonomousdatabasebackupv4.kb.io
-  rules:
-  - apiGroups:
-    - database.oracle.com
-    apiVersions:
-    - v4
-    operations:
-    - CREATE
-    - UPDATE
-    resources:
-    - autonomousdatabasebackups
-  sideEffects: None
-- admissionReviewVersions:
-  - v1
-  - v1beta1
-  clientConfig:
-    service:
-      name: webhook-service
-      namespace: system
-      path: /mutate-database-oracle-com-v4-cdb
-  failurePolicy: Fail
-  name: mcdb.kb.io
-  rules:
-  - apiGroups:
-    - database.oracle.com
-    apiVersions:
-    - v4
-    operations:
-    - CREATE
-    - UPDATE
-    resources:
-    - cdbs
-  sideEffects: None
 - admissionReviewVersions:
   - v1
   clientConfig:
@@ -109,14 +68,13 @@ webhooks:
   sideEffects: None
 - admissionReviewVersions:
   - v1
-  - v1beta1
   clientConfig:
     service:
       name: webhook-service
       namespace: system
-      path: /mutate-database-oracle-com-v4-pdb
+      path: /mutate-database-oracle-com-v4-oraclerestart
   failurePolicy: Fail
-  name: mpdb.kb.io
+  name: moraclerestart.kb.io
   rules:
   - apiGroups:
     - database.oracle.com
@@ -126,7 +84,7 @@ webhooks:
     - CREATE
     - UPDATE
     resources:
-    - pdbs
+    - oraclerestarts
   sideEffects: None
 - admissionReviewVersions:
   - v1
@@ -148,47 +106,6 @@ webhooks:
     resources:
     - shardingdatabases
   sideEffects: None
-- admissionReviewVersions:
-  - v1
-  clientConfig:
-    service:
-      name: webhook-service
-      namespace: system
-      path: /mutate-database-oracle-com-v1alpha1-autonomousdatabasebackup
-  failurePolicy: Fail
-  name: mautonomousdatabasebackupv1alpha1.kb.io
-  rules:
-  - apiGroups:
-    - database.oracle.com
-    apiVersions:
-    - v1alpha1
-    operations:
-    - CREATE
-    - UPDATE
-    resources:
-    - autonomousdatabasebackups
-  sideEffects: None
-- admissionReviewVersions:
-  - v1
-  - v1beta1
-  clientConfig:
-    service:
-      name: webhook-service
-      namespace: system
-      path: /mutate-database-oracle-com-v4-cdb
-  failurePolicy: Fail
-  name: mcdb.kb.io
-  rules:
-  - apiGroups:
-    - database.oracle.com
-    apiVersions:
-    - v4
-    operations:
-    - CREATE
-    - UPDATE
-    resources:
-    - cdbs
-  sideEffects: None
 - admissionReviewVersions:
   - v1
   - v1beta1
@@ -251,47 +168,6 @@ webhooks:
     resources:
     - oraclerestdataservices
   sideEffects: None
-- admissionReviewVersions:
-  - v1
-  - v1beta1
-  clientConfig:
-    service:
-      name: webhook-service
-      namespace: system
-      path: /mutate-database-oracle-com-v4-pdb
-  failurePolicy: Fail
-  name: mpdb.kb.io
-  rules:
-  - apiGroups:
-    - database.oracle.com
-    apiVersions:
-    - v4
-    operations:
-    - CREATE
-    - UPDATE
-    resources:
-    - pdbs
-  sideEffects: None
-- admissionReviewVersions:
-  - v1
-  clientConfig:
-    service:
-      name: webhook-service
-      namespace: system
-      path: /mutate-database-oracle-com-v1alpha1-shardingdatabase
-  failurePolicy: Fail
-  name: mshardingdatabasev1alpha1.kb.io
-  rules:
-  - apiGroups:
-    - database.oracle.com
-    apiVersions:
-    - v1alpha1
-    operations:
-    - CREATE
-    - UPDATE
-    resources:
-    - shardingdatabases
-  sideEffects: None
 - admissionReviewVersions:
   - v1
   - v1beta1
@@ -441,14 +317,13 @@ webhooks:
   sideEffects: None
 - admissionReviewVersions:
   - v1
-  - v1beta1
   clientConfig:
     service:
       name: webhook-service
       namespace: system
-      path: /validate-database-oracle-com-v4-cdb
+      path: /validate-database-oracle-com-v4-autonomousdatabase
   failurePolicy: Fail
-  name: vcdb.kb.io
+  name: vautonomousdatabasev4.kb.io
   rules:
   - apiGroups:
     - database.oracle.com
@@ -458,7 +333,28 @@ webhooks:
     - CREATE
     - UPDATE
     resources:
-    - cdbs
+    - autonomousdatabases
+  sideEffects: None
+- admissionReviewVersions:
+  - v1
+  clientConfig:
+    service:
+      name: webhook-service
+      namespace: system
+      path: /validate-database-oracle-com-v4-dbcssystem
+  failurePolicy: Fail
+  name: vdbcssystemv4.kb.io
+  rules:
+  - apiGroups:
+    - database.oracle.com
+    apiVersions:
+    - v4
+    operations:
+    - CREATE
+    - UPDATE
+    - DELETE
+    resources:
+    - dbcssystems
   sideEffects: None
 - admissionReviewVersions:
   - v4
@@ -504,14 +400,13 @@ webhooks:
   sideEffects: None
 - admissionReviewVersions:
   - v1
-  - v1beta1
   clientConfig:
     service:
       name: webhook-service
       namespace: system
-      path: /validate-database-oracle-com-v4-pdb
+      path: /validate-database-oracle-com-v4-oraclerestart
   failurePolicy: Fail
-  name: vpdb.kb.io
+  name: voraclerestart.kb.io
   rules:
   - apiGroups:
     - database.oracle.com
@@ -520,8 +415,9 @@ webhooks:
     operations:
     - CREATE
     - UPDATE
+    - DELETE
     resources:
-    - pdbs
+    - oraclerestarts
   sideEffects: None
 - admissionReviewVersions:
   - v1
@@ -624,27 +520,6 @@ webhooks:
     resources:
     - autonomousdatabases
   sideEffects: None
-- admissionReviewVersions:
-  - v1
-  - v1beta1
-  clientConfig:
-    service:
-      name: webhook-service
-      namespace: system
-      path: /validate-database-oracle-com-v4-cdb
-  failurePolicy: Fail
-  name: vcdb.kb.io
-  rules:
-  - apiGroups:
-    - database.oracle.com
-    apiVersions:
-    - v4
-    operations:
-    - CREATE
-    - UPDATE
-    resources:
-    - cdbs
-  sideEffects: None
 - admissionReviewVersions:
   - v1
   - v1beta1
@@ -687,48 +562,6 @@ webhooks:
     resources:
     - oraclerestdataservices
   sideEffects: None
-- admissionReviewVersions:
-  - v1
-  - v1beta1
-  clientConfig:
-    service:
-      name: webhook-service
-      namespace: system
-      path: /validate-database-oracle-com-v4-pdb
-  failurePolicy: Fail
-  name: vpdb.kb.io
-  rules:
-  - apiGroups:
-    - database.oracle.com
-    apiVersions:
-    - v4
-    operations:
-    - CREATE
-    - UPDATE
-    resources:
-    - pdbs
-  sideEffects: None
-- admissionReviewVersions:
-  - v1
-  clientConfig:
-    service:
-      name: webhook-service
-      namespace: system
-      path: /validate-database-oracle-com-v1alpha1-shardingdatabase
-  failurePolicy: Fail
-  name: vshardingdatabasev1alpha1.kb.io
-  rules:
-  - apiGroups:
-    - database.oracle.com
-    apiVersions:
-    - v1alpha1
-    operations:
-    - CREATE
-    - UPDATE
-    - DELETE
-    resources:
-    - shardingdatabases
-  sideEffects: None
 - admissionReviewVersions:
   - v1
   - v1beta1
diff --git a/controllers/database/autonomousdatabase_controller.go b/controllers/database/autonomousdatabase_controller.go
index 37ae1b14..989e7b5d 100644
--- a/controllers/database/autonomousdatabase_controller.go
+++ b/controllers/database/autonomousdatabase_controller.go
@@ -39,9 +39,11 @@
 package controllers
 
 import (
+	"bytes"
 	"context"
 	"errors"
 	"fmt"
+	"io"
 	"reflect"
 	"regexp"
 	"strings"
@@ -276,6 +278,7 @@ func (r *AutonomousDatabaseReconciler) Reconcile(ctx context.Context, req ctrl.R
 				if err := k8s.RemoveFinalizerAndPatch(r.KubeClient, desiredAdb, ADB_FINALIZER); err != nil {
 					return emptyResult, fmt.Errorf("Failed to remove finalizer to Autonomous Database "+desiredAdb.Name+": %w", err)
 				}
+				return emptyResult, nil
 			} else {
 				// Remove the Autonomous Database in OCI.
 				// Change the action to Terminate and proceed with the rest of the reconcile logic
@@ -327,7 +330,7 @@ func (r *AutonomousDatabaseReconciler) Reconcile(ctx context.Context, req ctrl.R
 	/******************************************************************
 	* Update the Autonomous Database at the end of every reconcile.
 	******************************************************************/
-	if specChanged {
+	if specChanged && desiredAdb.Status.LifecycleState != database.AutonomousDatabaseLifecycleStateTerminating {
 		if err := r.KubeClient.Update(context.TODO(), desiredAdb); err != nil {
 			return r.manageError(
 				logger.WithName("updateSpec"),
@@ -568,6 +571,30 @@ func (r *AutonomousDatabaseReconciler) performOperation(
 		}
 		return true, nil
 
+	case "Switchover":
+		l.Info("Sending SwitchoverAutonomousDatabase request to OCI")
+
+		resp, err := r.dbService.SwitchoverAutonomousDatabase(*adb.Spec.Details.Id)
+		if err != nil {
+			return false, err
+		}
+
+		adb.Spec.Action = ""
+		adb.Status.LifecycleState = resp.LifecycleState
+		return true, nil
+
+	case "Failover":
+		l.Info("Sending FailOverAutonomousDatabase request to OCI")
+
+		resp, err := r.dbService.FailoverAutonomousDatabase(*adb.Spec.Details.Id)
+		if err != nil {
+			return false, err
+		}
+
+		adb.Spec.Action = ""
+		adb.Status.LifecycleState = resp.LifecycleState
+		return true, nil
+
 	case "":
 		// No-op
 		return false, nil
@@ -697,11 +724,18 @@ func (r *AutonomousDatabaseReconciler) validateWallet(logger logr.Logger, adb *d
 		return err
 	}
 
-	data, err := oci.ExtractWallet(resp.Content)
+	walletBytes, err := io.ReadAll(resp.Content)
+
+	data, err := oci.ExtractWallet(io.NopCloser(bytes.NewReader(walletBytes)))
 	if err != nil {
 		return err
 	}
 
+	// Include the unextracted zip file
+	// https://github.com/oracle/oracle-database-operator/issues/97
+	zipFileName := fmt.Sprintf("Wallet_%s.zip", *adb.Spec.Details.DbName)
+	data[zipFileName] = walletBytes
+
 	adb.Status.WalletExpiringDate = oci.WalletExpiringDate(data)
 
 	label := map[string]string{"app": adb.GetName()}
diff --git a/controllers/database/autonomousdatabasebackup_controller.go b/controllers/database/autonomousdatabasebackup_controller.go
index 9744f3fb..b647ac4c 100644
--- a/controllers/database/autonomousdatabasebackup_controller.go
+++ b/controllers/database/autonomousdatabasebackup_controller.go
@@ -227,8 +227,8 @@ func (r *AutonomousDatabaseBackupReconciler) verifyTargetAdb(backup *dbv4.Autono
 		}
 	}
 
-	if backup.Spec.Target.OciAdb.OCID != nil {
-		return *backup.Spec.Target.OciAdb.OCID, nil
+	if backup.Spec.Target.OciAdb.Id != nil {
+		return *backup.Spec.Target.OciAdb.Id, nil
 	}
 	if ownerAdb != nil && ownerAdb.Spec.Details.Id != nil {
 		return *ownerAdb.Spec.Details.Id, nil
diff --git a/controllers/database/autonomousdatabaserestore_controller.go b/controllers/database/autonomousdatabaserestore_controller.go
index 61b84c5d..93f1c57e 100644
--- a/controllers/database/autonomousdatabaserestore_controller.go
+++ b/controllers/database/autonomousdatabaserestore_controller.go
@@ -236,8 +236,8 @@ func (r *AutonomousDatabaseRestoreReconciler) verifyTargetAdb(restore *dbv4.Auto
 		}
 	}
 
-	if restore.Spec.Target.OciAdb.OCID != nil {
-		return *restore.Spec.Target.OciAdb.OCID, nil
+	if restore.Spec.Target.OciAdb.Id != nil {
+		return *restore.Spec.Target.OciAdb.Id, nil
 	}
 	if ownerAdb != nil && ownerAdb.Spec.Details.Id != nil {
 		return *ownerAdb.Spec.Details.Id, nil
diff --git a/controllers/database/cdb_controller.go b/controllers/database/cdb_controller.go
deleted file mode 100644
index 6c5fc747..00000000
--- a/controllers/database/cdb_controller.go
+++ /dev/null
@@ -1,1093 +0,0 @@
-/*
-** Copyright (c) 2022 Oracle and/or its affiliates.
-**
-** The Universal Permissive License (UPL), Version 1.0
-**
-** Subject to the condition set forth below, permission is hereby granted to any
-** person obtaining a copy of this software, associated documentation and/or data
-** (collectively the "Software"), free of charge and under any and all copyright
-** rights in the Software, and any and all patent rights owned or freely
-** licensable by each licensor hereunder covering either (i) the unmodified
-** Software as contributed to or provided by such licensor, or (ii) the Larger
-** Works (as defined below), to deal in both
-**
-** (a) the Software, and
-** (b) any piece of software and/or hardware listed in the lrgrwrks.txt file if
-** one is included with the Software (each a "Larger Work" to which the Software
-** is contributed by such licensors),
-**
-** without restriction, including without limitation the rights to copy, create
-** derivative works of, display, perform, and distribute the Software and make,
-** use, sell, offer for sale, import, export, have made, and have sold the
-** Software and the Larger Work(s), and to sublicense the foregoing rights on
-** either these or other terms.
-**
-** This license is subject to the following condition:
-** The above copyright notice and either this complete permission notice or at
-** a minimum a reference to the UPL must be included in all copies or
-** substantial portions of the Software.
-**
-** THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-** IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-** FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-** AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-** LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-** OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
-** SOFTWARE.
- */
-
-package controllers
-
-import (
-	"context"
-	"encoding/json"
-	"errors"
-	"fmt"
-
-	//"fmt"
-	"strconv"
-	"strings"
-	"time"
-
-	"github.com/go-logr/logr"
-	appsv1 "k8s.io/api/apps/v1"
-	corev1 "k8s.io/api/core/v1"
-	apierrors "k8s.io/apimachinery/pkg/api/errors"
-	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
-	"k8s.io/apimachinery/pkg/runtime"
-	"k8s.io/apimachinery/pkg/types"
-	"k8s.io/client-go/kubernetes"
-	"k8s.io/client-go/rest"
-	"k8s.io/client-go/tools/record"
-	ctrl "sigs.k8s.io/controller-runtime"
-	"sigs.k8s.io/controller-runtime/pkg/client"
-	"sigs.k8s.io/controller-runtime/pkg/controller"
-	"sigs.k8s.io/controller-runtime/pkg/controller/controllerutil"
-	"sigs.k8s.io/controller-runtime/pkg/event"
-	"sigs.k8s.io/controller-runtime/pkg/predicate"
-
-	dbapi "github.com/oracle/oracle-database-operator/apis/database/v4"
-	dbcommons "github.com/oracle/oracle-database-operator/commons/database"
-)
-
-// CDBReconciler reconciles a CDB object
-type CDBReconciler struct {
-	client.Client
-	Scheme   *runtime.Scheme
-	Config   *rest.Config
-	Log      logr.Logger
-	Interval time.Duration
-	Recorder record.EventRecorder
-}
-
-var (
-	cdbPhaseInit    = "Initializing"
-	cdbPhasePod     = "CreatingPod"
-	cdbPhaseValPod  = "ValidatingPods"
-	cdbPhaseService = "CreatingService"
-	cdbPhaseSecrets = "DeletingSecrets"
-	cdbPhaseReady   = "Ready"
-	cdbPhaseDelete  = "Deleting"
-	cdbPhaseFail    = "Failed"
-)
-
-const CDBFinalizer = "database.oracle.com/CDBfinalizer"
-
-//+kubebuilder:rbac:groups=database.oracle.com,resources=cdbs,verbs=get;list;watch;create;update;patch;delete
-//+kubebuilder:rbac:groups=database.oracle.com,resources=cdbs/status,verbs=get;update;patch
-//+kubebuilder:rbac:groups=database.oracle.com,resources=cdbs/finalizers,verbs=update
-//+kubebuilder:rbac:groups="",resources=pods;pods/log;pods/exec;services;configmaps;events;replicasets,verbs=create;delete;get;list;patch;update;watch
-//+kubebuilder:rbac:groups=core,resources=pods;secrets;services;configmaps;namespaces,verbs=get;list;watch;create;update;patch;delete
-//+kubebuilder:rbac:groups=apps,resources=replicasets,verbs=get;list;watch;create;update;patch;delete
-
-// Reconcile is part of the main kubernetes reconciliation loop which aims to
-// move the current state of the cluster closer to the desired state.
-// TODO(user): Modify the Reconcile function to compare the state specified by
-// the CDB object against the actual cluster state, and then
-// perform operations to make the cluster state reflect the state specified by
-// the user.
-//
-// For more details, check Reconcile and its Result here:
-// - https://pkg.go.dev/sigs.k8s.io/controller-runtime@v0.9.2/pkg/reconcile
-func (r *CDBReconciler) Reconcile(ctx context.Context, req ctrl.Request) (ctrl.Result, error) {
-
-	log := r.Log.WithValues("multitenantoperator", req.NamespacedName)
-	log.Info("Reconcile requested")
-
-	reconcilePeriod := r.Interval * time.Second
-	requeueY := ctrl.Result{Requeue: true, RequeueAfter: reconcilePeriod}
-	requeueN := ctrl.Result{}
-
-	var err error
-	cdb := &dbapi.CDB{}
-
-	// Execute for every reconcile
-	defer func() {
-		log.Info("DEFER", "Name", cdb.Name, "Phase", cdb.Status.Phase, "Status", strconv.FormatBool(cdb.Status.Status))
-		if !cdb.Status.Status {
-			if err := r.Status().Update(ctx, cdb); err != nil {
-				log.Error(err, "Failed to update status for :"+cdb.Name, "err", err.Error())
-			}
-		}
-	}()
-
-	err = r.Client.Get(context.TODO(), req.NamespacedName, cdb)
-	if err != nil {
-		if apierrors.IsNotFound(err) {
-			log.Info("CDB Resource Not found", "Name", cdb.Name)
-			// Request object not found, could have been deleted after reconcile req.
-			// Owned objects are automatically garbage collected. For additional cleanup logic use finalizers.
-			// Return and don't requeue
-			cdb.Status.Status = true
-			return requeueN, nil
-		}
-		// Error reading the object - requeue the req.
-		return requeueY, err
-	}
-
-	log.Info("Res Status:", "Name", cdb.Name, "Phase", cdb.Status.Phase, "Status", strconv.FormatBool(cdb.Status.Status))
-
-	// Finalizer section
-	err = r.manageCDBDeletion(ctx, req, cdb)
-	if err != nil {
-		log.Info("Reconcile queued")
-		return requeueY, nil
-	}
-
-	// If post-creation, CDB spec is changed, check and take appropriate action
-	if (cdb.Status.Phase == cdbPhaseReady) && cdb.Status.Status {
-		r.evaluateSpecChange(ctx, req, cdb)
-	}
-
-	if !cdb.Status.Status {
-		phase := cdb.Status.Phase
-		log.Info("Current Phase:"+phase, "Name", cdb.Name)
-
-		switch phase {
-		case cdbPhaseInit:
-			err = r.verifySecrets(ctx, req, cdb)
-			if err != nil {
-				cdb.Status.Phase = cdbPhaseFail
-				return requeueN, nil
-			}
-			cdb.Status.Phase = cdbPhasePod
-		case cdbPhasePod:
-			// Create ORDS PODs
-			err = r.createORDSInstances(ctx, req, cdb)
-			if err != nil {
-				log.Info("Reconcile queued")
-				return requeueY, nil
-			}
-			cdb.Status.Phase = cdbPhaseValPod
-		case cdbPhaseValPod:
-			// Validate ORDS PODs
-			err = r.validateORDSPods(ctx, req, cdb)
-			if err != nil {
-				if cdb.Status.Phase == cdbPhaseFail {
-					return requeueN, nil
-				}
-				log.Info("Reconcile queued")
-				return requeueY, nil
-			}
-			cdb.Status.Phase = cdbPhaseService
-		case cdbPhaseService:
-			// Create ORDS Service
-			err = r.createORDSSVC(ctx, req, cdb)
-			if err != nil {
-				log.Info("Reconcile queued")
-				return requeueY, nil
-			}
-			//cdb.Status.Phase = cdbPhaseSecrets
-			cdb.Status.Phase = cdbPhaseReady
-		case cdbPhaseSecrets:
-			// Delete CDB Secrets
-			//r.deleteSecrets(ctx, req, cdb)
-			cdb.Status.Phase = cdbPhaseReady
-			cdb.Status.Msg = "Success"
-		case cdbPhaseReady:
-			cdb.Status.Status = true
-			r.Status().Update(ctx, cdb)
-			return requeueN, nil
-		default:
-			cdb.Status.Phase = cdbPhaseInit
-			log.Info("DEFAULT:", "Name", cdb.Name, "Phase", phase, "Status", strconv.FormatBool(cdb.Status.Status))
-		}
-
-		if err := r.Status().Update(ctx, cdb); err != nil {
-			log.Error(err, "Failed to update status for :"+cdb.Name, "err", err.Error())
-		}
-		return requeueY, nil
-	}
-
-	log.Info("Reconcile completed")
-	return requeueN, nil
-}
-
-/*
-*********************************************************
-  - Create a ReplicaSet for pods based on the ORDS container
-    /*******************************************************
-*/
-func (r *CDBReconciler) createORDSInstances(ctx context.Context, req ctrl.Request, cdb *dbapi.CDB) error {
-
-	log := r.Log.WithValues("createORDSInstances", req.NamespacedName)
-
-	replicaSet := r.createReplicaSetSpec(cdb)
-
-	foundRS := &appsv1.ReplicaSet{}
-	err := r.Get(context.TODO(), types.NamespacedName{Name: replicaSet.Name, Namespace: cdb.Namespace}, foundRS)
-	if err != nil && apierrors.IsNotFound(err) {
-		log.Info("Creating ORDS Replicaset: " + replicaSet.Name)
-		err = r.Create(ctx, replicaSet)
-		if err != nil {
-			log.Error(err, "Failed to create ReplicaSet for :"+cdb.Name, "Namespace", replicaSet.Namespace, "Name", replicaSet.Name)
-			return err
-		}
-	} else if err != nil {
-		log.Error(err, "Replicaset : "+replicaSet.Name+" already exists.")
-		return err
-	}
-
-	// Set CDB instance as the owner and controller
-	ctrl.SetControllerReference(cdb, replicaSet, r.Scheme)
-
-	log.Info("Created ORDS ReplicaSet successfully")
-	r.Recorder.Eventf(cdb, corev1.EventTypeNormal, "CreatedORDSReplicaSet", "Created ORDS Replicaset (Replicas - %s) for %s", strconv.Itoa(cdb.Spec.Replicas), cdb.Name)
-	return nil
-}
-
-/*
-************************************************
-  - Validate ORDS Pod. Check if there are any errors
-    /***********************************************
-*/
-func (r *CDBReconciler) validateORDSPods(ctx context.Context, req ctrl.Request, cdb *dbapi.CDB) error {
-
-	log := r.Log.WithValues("validateORDSPod", req.NamespacedName)
-
-	log.Info("Validating Pod creation for :" + cdb.Name)
-
-	podName := cdb.Name + "-ords"
-	podList := &corev1.PodList{}
-	listOpts := []client.ListOption{client.InNamespace(req.Namespace), client.MatchingLabels{"name": podName}}
-
-	// List retrieves list of objects for a given namespace and list options.
-	err := r.List(ctx, podList, listOpts...)
-	if err != nil {
-		log.Info("Failed to list pods of: "+podName, "Namespace", req.Namespace)
-		return err
-	}
-
-	if len(podList.Items) == 0 {
-		log.Info("No pods found for: "+podName, "Namespace", req.Namespace)
-		cdb.Status.Msg = "Waiting for ORDS Pod(s) to start"
-		return errors.New("Waiting for ORDS pods to start")
-	}
-
-	/* /opt/oracle/ords/secrets/$TLSKEY /opt/oracle/ords/secrets/$TLSCRT */
-	getORDSStatus := " curl --cert /opt/oracle/ords/secrets/tls.crt  --key /opt/oracle/ords/secrets/tls.key  -sSkv -k -X GET https://localhost:" + strconv.Itoa(cdb.Spec.ORDSPort) + "/ords/_/db-api/stable/metadata-catalog/ || curl --cert /opt/oracle/ords/secrets/tls.crt  --key /opt/oracle/ords/secrets/tls.key   -sSkv -X GET http://localhost:" + strconv.Itoa(cdb.Spec.ORDSPort) + "/ords/_/db-api/stable/metadata-catalog/ "
-	readyPods := 0
-	for _, pod := range podList.Items {
-		if pod.Status.Phase == corev1.PodRunning {
-			// Get ORDS Status
-			out, err := dbcommons.ExecCommand(r, r.Config, pod.Name, pod.Namespace, "", ctx, req, false, "bash", "-c", getORDSStatus)
-			if strings.Contains(out, "HTTP/1.1 200 OK") || strings.Contains(strings.ToUpper(err.Error()), "HTTP/1.1 200 OK") ||
-				strings.Contains(out, "HTTP/2") || strings.Contains(strings.ToUpper(err.Error()), " HTTP/2") {
-				readyPods++
-			} else if strings.Contains(out, "HTTP/1.1 404 Not Found") || strings.Contains(strings.ToUpper(err.Error()), "HTTP/1.1 404 NOT FOUND") || strings.Contains(strings.ToUpper(err.Error()), "HTTP/2 404") || strings.Contains(strings.ToUpper(err.Error()), "Failed to connect to localhost") {
-				// Check if DB connection parameters are correct
-				getORDSInstallStatus := " grep -q 'Failed to' /tmp/ords_install.log; echo $?;"
-				out, _ := dbcommons.ExecCommand(r, r.Config, pod.Name, pod.Namespace, "", ctx, req, false, "bash", "-c", getORDSInstallStatus)
-				if strings.TrimSpace(out) == "0" {
-					cdb.Status.Msg = "Check DB connection parameters"
-					cdb.Status.Phase = cdbPhaseFail
-					// Delete existing ReplicaSet
-					r.deleteReplicaSet(ctx, req, cdb)
-					return errors.New("Check DB connection parameters")
-				}
-			}
-		}
-	}
-
-	if readyPods != cdb.Spec.Replicas {
-		log.Info("Replicas: "+strconv.Itoa(cdb.Spec.Replicas), "Ready Pods: ", readyPods)
-		cdb.Status.Msg = "Waiting for ORDS Pod(s) to be ready"
-		return errors.New("Waiting for ORDS pods to be ready")
-	}
-
-	cdb.Status.Msg = ""
-	return nil
-}
-
-/*
-***********************
-  - Create Pod spec
-
-/***********************
-*/
-func (r *CDBReconciler) createPodSpec(cdb *dbapi.CDB) corev1.PodSpec {
-
-	podSpec := corev1.PodSpec{
-		Volumes: []corev1.Volume{{
-			Name: "secrets",
-			VolumeSource: corev1.VolumeSource{
-				Projected: &corev1.ProjectedVolumeSource{
-					DefaultMode: func() *int32 { i := int32(0666); return &i }(),
-					Sources: []corev1.VolumeProjection{
-						{
-							Secret: &corev1.SecretProjection{
-								LocalObjectReference: corev1.LocalObjectReference{
-									Name: cdb.Spec.SysAdminPwd.Secret.SecretName,
-								},
-								Items: []corev1.KeyToPath{
-									{
-										Key:  cdb.Spec.SysAdminPwd.Secret.Key,
-										Path: cdb.Spec.SysAdminPwd.Secret.Key,
-									},
-								},
-							},
-						},
-						{
-							Secret: &corev1.SecretProjection{
-								LocalObjectReference: corev1.LocalObjectReference{
-									Name: cdb.Spec.CDBAdminUser.Secret.SecretName,
-								},
-								Items: []corev1.KeyToPath{
-									{
-										Key:  cdb.Spec.CDBAdminUser.Secret.Key,
-										Path: cdb.Spec.CDBAdminUser.Secret.Key,
-									},
-								},
-							},
-						},
-						/***/
-						{
-							Secret: &corev1.SecretProjection{
-								LocalObjectReference: corev1.LocalObjectReference{
-									Name: cdb.Spec.CDBTlsKey.Secret.SecretName,
-								},
-								Items: []corev1.KeyToPath{
-									{
-										Key:  cdb.Spec.CDBTlsKey.Secret.Key,
-										Path: cdb.Spec.CDBTlsKey.Secret.Key,
-									},
-								},
-							},
-						},
-
-						{
-							Secret: &corev1.SecretProjection{
-								LocalObjectReference: corev1.LocalObjectReference{
-									Name: cdb.Spec.CDBTlsCrt.Secret.SecretName,
-								},
-								Items: []corev1.KeyToPath{
-									{
-										Key:  cdb.Spec.CDBTlsCrt.Secret.Key,
-										Path: cdb.Spec.CDBTlsCrt.Secret.Key,
-									},
-								},
-							},
-						},
-
-						/***/
-						{
-							Secret: &corev1.SecretProjection{
-								LocalObjectReference: corev1.LocalObjectReference{
-									Name: cdb.Spec.CDBAdminPwd.Secret.SecretName,
-								},
-								Items: []corev1.KeyToPath{
-									{
-										Key:  cdb.Spec.CDBAdminPwd.Secret.Key,
-										Path: cdb.Spec.CDBAdminPwd.Secret.Key,
-									},
-								},
-							},
-						},
-						{
-							Secret: &corev1.SecretProjection{
-								LocalObjectReference: corev1.LocalObjectReference{
-									Name: cdb.Spec.ORDSPwd.Secret.SecretName,
-								},
-								Items: []corev1.KeyToPath{
-									{
-										Key:  cdb.Spec.ORDSPwd.Secret.Key,
-										Path: cdb.Spec.ORDSPwd.Secret.Key,
-									},
-								},
-							},
-						},
-						{
-							Secret: &corev1.SecretProjection{
-								LocalObjectReference: corev1.LocalObjectReference{
-									Name: cdb.Spec.WebServerUser.Secret.SecretName,
-								},
-								Items: []corev1.KeyToPath{
-									{
-										Key:  cdb.Spec.WebServerUser.Secret.Key,
-										Path: cdb.Spec.WebServerUser.Secret.Key,
-									},
-								},
-							},
-						},
-						{
-							Secret: &corev1.SecretProjection{
-								LocalObjectReference: corev1.LocalObjectReference{
-									Name: cdb.Spec.WebServerPwd.Secret.SecretName,
-								},
-								Items: []corev1.KeyToPath{
-									{
-										Key:  cdb.Spec.WebServerPwd.Secret.Key,
-										Path: cdb.Spec.WebServerPwd.Secret.Key,
-									},
-								},
-							},
-						},
-					},
-				},
-			},
-		}},
-		Containers: []corev1.Container{{
-			Name:  cdb.Name + "-ords",
-			Image: cdb.Spec.ORDSImage,
-			VolumeMounts: []corev1.VolumeMount{{
-				MountPath: "/opt/oracle/ords/secrets",
-				Name:      "secrets",
-				ReadOnly:  true,
-			}},
-			Env: func() []corev1.EnvVar {
-				return []corev1.EnvVar{
-					{
-						Name:  "ORACLE_HOST",
-						Value: cdb.Spec.DBServer,
-					},
-					{
-						Name:  "DBTNSURL",
-						Value: cdb.Spec.DBTnsurl,
-					},
-					{
-						Name:  "TLSCRT",
-						Value: cdb.Spec.CDBTlsCrt.Secret.Key,
-					},
-					{
-						Name:  "TLSKEY",
-						Value: cdb.Spec.CDBTlsKey.Secret.Key,
-					},
-					{
-						Name:  "ORACLE_PORT",
-						Value: strconv.Itoa(cdb.Spec.DBPort),
-					},
-					{
-						Name:  "ORDS_PORT",
-						Value: strconv.Itoa(cdb.Spec.ORDSPort),
-					},
-					{
-						Name:  "ORACLE_SERVICE",
-						Value: cdb.Spec.ServiceName,
-					},
-					{
-						Name:  "ORACLE_PWD_KEY",
-						Value: cdb.Spec.SysAdminPwd.Secret.Key,
-					},
-					{
-						Name:  "CDBADMIN_USER_KEY",
-						Value: cdb.Spec.CDBAdminUser.Secret.Key,
-					},
-					{
-						Name:  "CDBADMIN_PWD_KEY",
-						Value: cdb.Spec.CDBAdminPwd.Secret.Key,
-					},
-					{
-						Name:  "ORDS_PWD_KEY",
-						Value: cdb.Spec.ORDSPwd.Secret.Key,
-					},
-					{
-						Name:  "WEBSERVER_USER_KEY",
-						Value: cdb.Spec.WebServerUser.Secret.Key,
-					},
-					{
-						Name:  "WEBSERVER_PASSWORD_KEY",
-						Value: cdb.Spec.WebServerPwd.Secret.Key,
-					},
-					{
-						Name: "R1",
-						ValueFrom: &corev1.EnvVarSource{
-							SecretKeyRef: &corev1.SecretKeySelector{
-								LocalObjectReference: corev1.LocalObjectReference{
-									Name: cdb.Spec.CDBPriKey.Secret.SecretName,
-								},
-								Key: cdb.Spec.CDBPriKey.Secret.Key,
-							},
-						},
-					},
-				}
-			}(),
-		}},
-
-		NodeSelector: func() map[string]string {
-			ns := make(map[string]string)
-			if len(cdb.Spec.NodeSelector) != 0 {
-				for key, value := range cdb.Spec.NodeSelector {
-					ns[key] = value
-				}
-			}
-			return ns
-		}(),
-	}
-
-	if len(cdb.Spec.ORDSImagePullSecret) > 0 {
-		podSpec.ImagePullSecrets = []corev1.LocalObjectReference{
-			{
-				Name: cdb.Spec.ORDSImagePullSecret,
-			},
-		}
-	}
-
-	podSpec.Containers[0].ImagePullPolicy = corev1.PullAlways
-
-	if len(cdb.Spec.ORDSImagePullPolicy) > 0 {
-		if strings.ToUpper(cdb.Spec.ORDSImagePullPolicy) == "NEVER" {
-			podSpec.Containers[0].ImagePullPolicy = corev1.PullNever
-		}
-	}
-
-	return podSpec
-}
-
-/*
-***********************
-  - Create ReplicaSet spec
-
-/***********************
-*/
-func (r *CDBReconciler) createReplicaSetSpec(cdb *dbapi.CDB) *appsv1.ReplicaSet {
-
-	replicas := int32(cdb.Spec.Replicas)
-	podSpec := r.createPodSpec(cdb)
-
-	replicaSet := &appsv1.ReplicaSet{
-		ObjectMeta: metav1.ObjectMeta{
-			Name:      cdb.Name + "-ords-rs",
-			Namespace: cdb.Namespace,
-			Labels: map[string]string{
-				"name": cdb.Name + "-ords-rs",
-			},
-		},
-		Spec: appsv1.ReplicaSetSpec{
-			Replicas: &replicas,
-			Template: corev1.PodTemplateSpec{
-				ObjectMeta: metav1.ObjectMeta{
-					Name:      cdb.Name + "-ords",
-					Namespace: cdb.Namespace,
-					Labels: map[string]string{
-						"name": cdb.Name + "-ords",
-					},
-				},
-				Spec: podSpec,
-			},
-			Selector: &metav1.LabelSelector{
-				MatchLabels: map[string]string{
-					"name": cdb.Name + "-ords",
-				},
-			},
-		},
-	}
-
-	return replicaSet
-}
-
-/*
-*********************************************************
-  - Evaluate change in Spec post creation and instantiation
-    /*******************************************************
-*/
-func (r *CDBReconciler) deleteReplicaSet(ctx context.Context, req ctrl.Request, cdb *dbapi.CDB) error {
-	log := r.Log.WithValues("deleteReplicaSet", req.NamespacedName)
-
-	k_client, err := kubernetes.NewForConfig(r.Config)
-	if err != nil {
-		log.Error(err, "Kubernetes Config Error")
-		return err
-	}
-
-	replicaSetName := cdb.Name + "-ords-rs"
-	err = k_client.AppsV1().ReplicaSets(cdb.Namespace).Delete(context.TODO(), replicaSetName, metav1.DeleteOptions{})
-	if err != nil {
-		log.Info("Could not delete ReplicaSet", "RS Name", replicaSetName, "err", err.Error())
-		if !strings.Contains(strings.ToUpper(err.Error()), "NOT FOUND") {
-			return err
-		}
-	} else {
-		log.Info("Successfully deleted ORDS ReplicaSet", "RS Name", replicaSetName)
-	}
-
-	return nil
-}
-
-/*
-*********************************************************
-  - Evaluate change in Spec post creation and instantiation
-    /*******************************************************
-*/
-func (r *CDBReconciler) evaluateSpecChange(ctx context.Context, req ctrl.Request, cdb *dbapi.CDB) error {
-	log := r.Log.WithValues("evaluateSpecChange", req.NamespacedName)
-
-	// List the Pods matching the PodTemplate Labels
-	podName := cdb.Name + "-ords"
-	podList := &corev1.PodList{}
-	listOpts := []client.ListOption{client.InNamespace(req.Namespace), client.MatchingLabels{"name": podName}}
-
-	// List retrieves list of objects for a given namespace and list options.
-	err := r.List(ctx, podList, listOpts...)
-	if err != nil {
-		log.Info("Failed to list pods of: "+podName, "Namespace", req.Namespace)
-		return err
-	}
-
-	var foundPod corev1.Pod
-	for _, pod := range podList.Items {
-		foundPod = pod
-		break
-	}
-
-	ordsSpecChange := false
-	for _, envVar := range foundPod.Spec.Containers[0].Env {
-		if envVar.Name == "ORACLE_HOST" && envVar.Value != cdb.Spec.DBServer {
-			ordsSpecChange = true
-		} else if envVar.Name == "ORACLE_PORT" && envVar.Value != strconv.Itoa(cdb.Spec.DBPort) {
-			ordsSpecChange = true
-		} else if envVar.Name == "ORDS_PORT" && envVar.Value != strconv.Itoa(cdb.Spec.ORDSPort) {
-			ordsSpecChange = true
-		} else if envVar.Name == "ORACLE_SERVICE" && envVar.Value != cdb.Spec.ServiceName {
-			ordsSpecChange = true
-		}
-	}
-
-	if ordsSpecChange {
-		// Delete existing ReplicaSet
-		err = r.deleteReplicaSet(ctx, req, cdb)
-		if err != nil {
-			return err
-		}
-
-		cdb.Status.Phase = cdbPhaseInit
-		cdb.Status.Status = false
-		r.Status().Update(ctx, cdb)
-	} else {
-		// Update the RS if the value of "replicas" is changed
-		replicaSetName := cdb.Name + "-ords-rs"
-
-		foundRS := &appsv1.ReplicaSet{}
-		err := r.Get(context.TODO(), types.NamespacedName{Name: replicaSetName, Namespace: cdb.Namespace}, foundRS)
-		if err != nil {
-			log.Error(err, "Unable to get ORDS Replicaset: "+replicaSetName)
-			return err
-		}
-
-		// Check if number of replicas have changed
-		replicas := int32(cdb.Spec.Replicas)
-		if cdb.Spec.Replicas != int(*(foundRS.Spec.Replicas)) {
-			log.Info("Existing Replicas: " + strconv.Itoa(int(*(foundRS.Spec.Replicas))) + ", New Replicas: " + strconv.Itoa(cdb.Spec.Replicas))
-			foundRS.Spec.Replicas = &replicas
-			err = r.Update(ctx, foundRS)
-			if err != nil {
-				log.Error(err, "Failed to update ReplicaSet for :"+cdb.Name, "Namespace", cdb.Namespace, "Name", replicaSetName)
-				return err
-			}
-			cdb.Status.Phase = cdbPhaseValPod
-			cdb.Status.Status = false
-			r.Status().Update(ctx, cdb)
-		}
-	}
-
-	return nil
-}
-
-/*
-************************************************
-  - Create a Cluster Service for ORDS CDB Pod
-    /***********************************************
-*/
-func (r *CDBReconciler) createORDSSVC(ctx context.Context, req ctrl.Request, cdb *dbapi.CDB) error {
-
-	log := r.Log.WithValues("createORDSSVC", req.NamespacedName)
-
-	foundSvc := &corev1.Service{}
-	err := r.Get(context.TODO(), types.NamespacedName{Name: cdb.Name + "-ords", Namespace: cdb.Namespace}, foundSvc)
-	if err != nil && apierrors.IsNotFound(err) {
-		svc := r.createSvcSpec(cdb)
-
-		log.Info("Creating a new Cluster Service for: "+cdb.Name, "Svc.Namespace", svc.Namespace, "Service.Name", svc.Name)
-		err := r.Create(ctx, svc)
-		if err != nil {
-			log.Error(err, "Failed to create new Cluster Service for: "+cdb.Name, "Svc.Namespace", svc.Namespace, "Service.Name", svc.Name)
-			return err
-		}
-
-		log.Info("Created ORDS Cluster Service successfully")
-		r.Recorder.Eventf(cdb, corev1.EventTypeNormal, "CreatedORDSService", "Created ORDS Service for %s", cdb.Name)
-	} else {
-		log.Info("ORDS Cluster Service already exists")
-	}
-
-	return nil
-}
-
-/*
-***********************
-  - Create Service spec
-    /***********************
-*/
-func (r *CDBReconciler) createSvcSpec(cdb *dbapi.CDB) *corev1.Service {
-
-	svc := &corev1.Service{
-		TypeMeta: metav1.TypeMeta{
-			Kind: "Service",
-		},
-		ObjectMeta: metav1.ObjectMeta{
-			Name:      cdb.Name + "-ords",
-			Namespace: cdb.Namespace,
-		},
-		Spec: corev1.ServiceSpec{
-			Selector: map[string]string{
-				"name": cdb.Name + "-ords",
-			},
-			ClusterIP: corev1.ClusterIPNone,
-		},
-	}
-	// Set CDB instance as the owner and controller
-	ctrl.SetControllerReference(cdb, svc, r.Scheme)
-	return svc
-}
-
-/*
-************************************************
-  - Check CDB deletion
-
-/***********************************************
-*/
-func (r *CDBReconciler) manageCDBDeletion(ctx context.Context, req ctrl.Request, cdb *dbapi.CDB) error {
-	log := r.Log.WithValues("manageCDBDeletion", req.NamespacedName)
-
-	/* REGISTER FINALIZER */
-	if cdb.ObjectMeta.DeletionTimestamp.IsZero() {
-		if !controllerutil.ContainsFinalizer(cdb, CDBFinalizer) {
-			controllerutil.AddFinalizer(cdb, CDBFinalizer)
-			if err := r.Update(ctx, cdb); err != nil {
-				return err
-			}
-		}
-
-	} else {
-		log.Info("cdb set to be deleted")
-		cdb.Status.Phase = cdbPhaseDelete
-		cdb.Status.Status = true
-		r.Status().Update(ctx, cdb)
-
-		if controllerutil.ContainsFinalizer(cdb, CDBFinalizer) {
-
-			if err := r.DeletePDBS(ctx, req, cdb); err != nil {
-				log.Info("Cannot delete pdbs")
-				return err
-			}
-
-			controllerutil.RemoveFinalizer(cdb, CDBFinalizer)
-			if err := r.Update(ctx, cdb); err != nil {
-				return err
-			}
-		}
-
-		err := r.deleteCDBInstance(ctx, req, cdb)
-		if err != nil {
-			log.Info("Could not delete CDB Resource", "CDB Name", cdb.Spec.CDBName, "err", err.Error())
-			return err
-		}
-
-	}
-	return nil
-}
-
-/*
-************************************************
-  - Delete CDB Resource
-
-/***********************************************
-*/
-func (r *CDBReconciler) deleteCDBInstance(ctx context.Context, req ctrl.Request, cdb *dbapi.CDB) error {
-
-	log := r.Log.WithValues("deleteCDBInstance", req.NamespacedName)
-
-	k_client, err := kubernetes.NewForConfig(r.Config)
-	if err != nil {
-		log.Error(err, "Kubernetes Config Error")
-	}
-
-	replicaSetName := cdb.Name + "-ords-rs"
-
-	err = k_client.AppsV1().ReplicaSets(cdb.Namespace).Delete(context.TODO(), replicaSetName, metav1.DeleteOptions{})
-	if err != nil {
-		log.Info("Could not delete ReplicaSet", "RS Name", replicaSetName, "err", err.Error())
-		if !strings.Contains(strings.ToUpper(err.Error()), "NOT FOUND") {
-			return err
-		}
-	} else {
-		log.Info("Successfully deleted ORDS ReplicaSet", "RS Name", replicaSetName)
-	}
-
-	r.Recorder.Eventf(cdb, corev1.EventTypeNormal, "DeletedORDSReplicaSet", "Deleted ORDS ReplicaSet for %s", cdb.Name)
-
-	svcName := cdb.Name + "-ords"
-
-	err = k_client.CoreV1().Services(cdb.Namespace).Delete(context.TODO(), svcName, metav1.DeleteOptions{})
-	if err != nil {
-		log.Info("Could not delete Service", "Service Name", svcName, "err", err.Error())
-		if !strings.Contains(strings.ToUpper(err.Error()), "NOT FOUND") {
-			return err
-		}
-	} else {
-		r.Recorder.Eventf(cdb, corev1.EventTypeNormal, "DeletedORDSService", "Deleted ORDS Service for %s", cdb.Name)
-		log.Info("Successfully deleted ORDS Service", "Service Name", svcName)
-	}
-
-	log.Info("Successfully deleted CDB resource", "CDB Name", cdb.Spec.CDBName)
-	return nil
-}
-
-/*
-************************************************
-  - Get Secret Key for a Secret Name
-
-/***********************************************
-*/
-func (r *CDBReconciler) verifySecrets(ctx context.Context, req ctrl.Request, cdb *dbapi.CDB) error {
-
-	log := r.Log.WithValues("verifySecrets", req.NamespacedName)
-
-	if err := r.checkSecret(ctx, req, cdb, cdb.Spec.SysAdminPwd.Secret.SecretName); err != nil {
-		return err
-	}
-	if err := r.checkSecret(ctx, req, cdb, cdb.Spec.CDBAdminUser.Secret.SecretName); err != nil {
-		return err
-	}
-	if err := r.checkSecret(ctx, req, cdb, cdb.Spec.CDBAdminPwd.Secret.SecretName); err != nil {
-		return err
-	}
-	if err := r.checkSecret(ctx, req, cdb, cdb.Spec.ORDSPwd.Secret.SecretName); err != nil {
-		return err
-	}
-	if err := r.checkSecret(ctx, req, cdb, cdb.Spec.WebServerUser.Secret.SecretName); err != nil {
-		return err
-	}
-	if err := r.checkSecret(ctx, req, cdb, cdb.Spec.WebServerPwd.Secret.SecretName); err != nil {
-		return err
-	}
-	if err := r.checkSecret(ctx, req, cdb, cdb.Spec.CDBPriKey.Secret.SecretName); err != nil {
-		return err
-	}
-
-	cdb.Status.Msg = ""
-	log.Info("Verified secrets successfully")
-	return nil
-}
-
-/*
-************************************************
-  - Get Secret Key for a Secret Name
-
-/***********************************************
-*/
-func (r *CDBReconciler) checkSecret(ctx context.Context, req ctrl.Request, cdb *dbapi.CDB, secretName string) error {
-
-	log := r.Log.WithValues("checkSecret", req.NamespacedName)
-
-	secret := &corev1.Secret{}
-	err := r.Get(ctx, types.NamespacedName{Name: secretName, Namespace: cdb.Namespace}, secret)
-	if err != nil {
-		if apierrors.IsNotFound(err) {
-			log.Info("Secret not found:" + secretName)
-			cdb.Status.Msg = "Secret not found:" + secretName
-			return err
-		}
-		log.Error(err, "Unable to get the secret.")
-		return err
-	}
-
-	return nil
-}
-
-/*
-************************************************
-  - Delete Secrets
-
-/***********************************************
-*/
-func (r *CDBReconciler) deleteSecrets(ctx context.Context, req ctrl.Request, cdb *dbapi.CDB) {
-
-	log := r.Log.WithValues("deleteSecrets", req.NamespacedName)
-
-	log.Info("Deleting CDB secrets")
-	secret := &corev1.Secret{}
-	err := r.Get(ctx, types.NamespacedName{Name: cdb.Spec.SysAdminPwd.Secret.SecretName, Namespace: cdb.Namespace}, secret)
-	if err == nil {
-		err := r.Delete(ctx, secret)
-		if err == nil {
-			log.Info("Deleted the secret : " + cdb.Spec.SysAdminPwd.Secret.SecretName)
-		}
-	}
-
-	err = r.Get(ctx, types.NamespacedName{Name: cdb.Spec.CDBAdminUser.Secret.SecretName, Namespace: cdb.Namespace}, secret)
-	if err == nil {
-		err := r.Delete(ctx, secret)
-		if err == nil {
-			log.Info("Deleted the secret : " + cdb.Spec.CDBAdminUser.Secret.SecretName)
-		}
-	}
-
-	err = r.Get(ctx, types.NamespacedName{Name: cdb.Spec.CDBAdminPwd.Secret.SecretName, Namespace: cdb.Namespace}, secret)
-	if err == nil {
-		err := r.Delete(ctx, secret)
-		if err == nil {
-			log.Info("Deleted the secret : " + cdb.Spec.CDBAdminPwd.Secret.SecretName)
-		}
-	}
-
-	err = r.Get(ctx, types.NamespacedName{Name: cdb.Spec.ORDSPwd.Secret.SecretName, Namespace: cdb.Namespace}, secret)
-	if err == nil {
-		err := r.Delete(ctx, secret)
-		if err == nil {
-			log.Info("Deleted the secret : " + cdb.Spec.ORDSPwd.Secret.SecretName)
-		}
-	}
-
-	err = r.Get(ctx, types.NamespacedName{Name: cdb.Spec.WebServerUser.Secret.SecretName, Namespace: cdb.Namespace}, secret)
-	if err == nil {
-		err := r.Delete(ctx, secret)
-		if err == nil {
-			log.Info("Deleted the secret : " + cdb.Spec.WebServerUser.Secret.SecretName)
-		}
-	}
-
-	err = r.Get(ctx, types.NamespacedName{Name: cdb.Spec.WebServerPwd.Secret.SecretName, Namespace: cdb.Namespace}, secret)
-	if err == nil {
-		err := r.Delete(ctx, secret)
-		if err == nil {
-			log.Info("Deleted the secret : " + cdb.Spec.WebServerPwd.Secret.SecretName)
-		}
-	}
-}
-
-/* Delete cascade option */
-
-/*
-*************************************************************
-  - SetupWithManager sets up the controller with the Manager.
-/************************************************************
-*/
-
-func (r *CDBReconciler) DeletePDBS(ctx context.Context, req ctrl.Request, cdb *dbapi.CDB) error {
-	log := r.Log.WithValues("DeletePDBS", req.NamespacedName)
-
-	/* =================== DELETE CASCADE ================ */
-	if cdb.Spec.DeletePDBCascade == true {
-		log.Info("DELETE PDB CASCADE OPTION")
-		pdbList := &dbapi.PDBList{}
-		listOpts := []client.ListOption{}
-		err := r.List(ctx, pdbList, listOpts...)
-		if err != nil {
-			log.Info("Failed to get the list of pdbs")
-		}
-
-		var url string
-		if err == nil {
-			for _, pdbitem := range pdbList.Items {
-				log.Info("pdbitem.Spec.CDBName     :               " + pdbitem.Spec.CDBName)
-				log.Info("pdbitem.Spec.CDBNamespace:               " + pdbitem.Spec.CDBNamespace)
-				log.Info("cdb.Spec.CDBName         :               " + cdb.Spec.CDBName)
-				log.Info("cdb.Namespace            :               " + cdb.Namespace)
-				if pdbitem.Spec.CDBName == cdb.Spec.CDBName && pdbitem.Spec.CDBNamespace == cdb.Namespace {
-					fmt.Printf("DeletePDBS Call Delete function for %s %s\n", pdbitem.Name, pdbitem.Spec.PDBName)
-
-					var objmap map[string]interface{} /* Used for the return payload */
-					values := map[string]string{
-						"state":        "CLOSE",
-						"modifyOption": "IMMEDIATE",
-						"getScript":    "FALSE",
-					}
-
-					//url := "https://" + pdbitem.Spec.CDBResName + "-cdb." + pdbitem.Spec.CDBNamespace + ":" + strconv.Itoa(cdb.Spec.ORDSPort) + "/database/pdbs/" + pdbitem.Spec.PDBName
-					url = "https://" + pdbitem.Spec.CDBResName + "-ords." + pdbitem.Spec.CDBNamespace + ":" + strconv.Itoa(cdb.Spec.ORDSPort) + "/ords/_/db-api/latest/database/pdbs/" + pdbitem.Spec.PDBName + "/status"
-
-					log.Info("callAPI(URL):" + url)
-					log.Info("pdbitem.Status.OpenMode" + pdbitem.Status.OpenMode)
-
-					if pdbitem.Status.OpenMode != "MOUNTED" {
-
-						log.Info("Force pdb closure")
-						respData, errapi := NewCallApi(r, ctx, req, &pdbitem, url, values, "POST")
-
-						fmt.Printf("Debug NEWCALL:%s\n", respData)
-						if err := json.Unmarshal([]byte(respData), &objmap); err != nil {
-							log.Error(err, "failed to get respData from callAPI", "err", err.Error())
-							return err
-						}
-
-						if errapi != nil {
-							log.Error(err, "callAPI cannot close pdb "+pdbitem.Spec.PDBName, "err", err.Error())
-							return err
-						}
-
-						r.Recorder.Eventf(cdb, corev1.EventTypeNormal, "close pdb", "pdbname=%s", pdbitem.Spec.PDBName)
-					}
-
-					/* start dropping pdb */
-					log.Info("Drop pluggable database")
-					values = map[string]string{
-						"action":    "INCLUDING",
-						"getScript": "FALSE",
-					}
-					url = "https://" + pdbitem.Spec.CDBResName + "-ords." + pdbitem.Spec.CDBNamespace + ":" + strconv.Itoa(cdb.Spec.ORDSPort) + "/ords/_/db-api/latest/database/pdbs/" + pdbitem.Spec.PDBName + "/"
-					respData, errapi := NewCallApi(r, ctx, req, &pdbitem, url, values, "DELETE")
-
-					if err := json.Unmarshal([]byte(respData), &objmap); err != nil {
-						log.Error(err, "failed to get respData from callAPI", "err", err.Error())
-						return err
-					}
-
-					if errapi != nil {
-						log.Error(err, "callAPI cannot drop pdb "+pdbitem.Spec.PDBName, "err", err.Error())
-						return err
-					}
-					r.Recorder.Eventf(cdb, corev1.EventTypeNormal, "drop pdb", "pdbname=%s", pdbitem.Spec.PDBName)
-
-					err = r.Delete(context.Background(), &pdbitem, client.GracePeriodSeconds(0))
-					if err != nil {
-						log.Info("Could not delete PDB resource", "err", err.Error())
-						return err
-					}
-
-				} /* check pdb name */
-			} /* end of loop */
-		}
-
-	}
-	/* ================================================ */
-	return nil
-}
-
-func (r *CDBReconciler) SetupWithManager(mgr ctrl.Manager) error {
-	return ctrl.NewControllerManagedBy(mgr).
-		For(&dbapi.CDB{}).
-		Owns(&appsv1.ReplicaSet{}). //Watch for deleted RS owned by this controller
-		WithEventFilter(predicate.Funcs{
-			UpdateFunc: func(e event.UpdateEvent) bool {
-				// Ignore updates to CR status in which case metadata.Generation does not change
-				return e.ObjectOld.GetGeneration() != e.ObjectNew.GetGeneration()
-			},
-			DeleteFunc: func(e event.DeleteEvent) bool {
-				// Evaluates to false if the object has been confirmed deleted.
-				//return !e.DeleteStateUnknown
-				return false
-			},
-		}).
-		WithOptions(controller.Options{MaxConcurrentReconciles: 100}).
-		Complete(r)
-}
diff --git a/controllers/database/dbcssystem_controller.go b/controllers/database/dbcssystem_controller.go
index 1fd94dde..6b4a135a 100644
--- a/controllers/database/dbcssystem_controller.go
+++ b/controllers/database/dbcssystem_controller.go
@@ -39,14 +39,16 @@
 package controllers
 
 import (
+	"bytes"
 	"context"
+	"encoding/json"
 	"fmt"
 	"reflect"
 	"strings"
 	"time"
 
 	databasev4 "github.com/oracle/oracle-database-operator/apis/database/v4"
-	dbcsv1 "github.com/oracle/oracle-database-operator/commons/dbcssystem"
+	dbcsv4 "github.com/oracle/oracle-database-operator/commons/dbcssystem"
 	"github.com/oracle/oracle-database-operator/commons/finalizer"
 	"github.com/oracle/oracle-database-operator/commons/oci"
 
@@ -103,15 +105,16 @@ func (r *DbcsSystemReconciler) Reconcile(ctx context.Context, req ctrl.Request)
 	var err error
 	resultNq := ctrl.Result{Requeue: false}
 	resultQ := ctrl.Result{Requeue: true, RequeueAfter: 60 * time.Second}
-
 	// Get the dbcs instance from the cluster
 	dbcsInst := &databasev4.DbcsSystem{}
 	r.Logger.Info("Reconciling DbSystemDetails", "name", req.NamespacedName)
-
-	if err := r.KubeClient.Get(context.TODO(), req.NamespacedName, dbcsInst); err != nil {
-		if !errors.IsNotFound(err) {
-			return ctrl.Result{}, err
+	if err := r.KubeClient.Get(ctx, req.NamespacedName, dbcsInst); err != nil {
+		if errors.IsNotFound(err) {
+			// CR was deleted → stop reconciling
+			r.Logger.Info("DbcsSystem resource not found.", "name", req.NamespacedName)
+			return ctrl.Result{}, nil
 		}
+		return ctrl.Result{}, err
 	}
 
 	// Create oci-go-sdk client
@@ -144,10 +147,23 @@ func (r *DbcsSystemReconciler) Reconcile(ctx context.Context, req ctrl.Request)
 		result := resultNq
 		return result, err
 	}
+
+	var compartmentId string
+	if dbcsInst.Spec.DbSystem != nil && dbcsInst.Spec.DbSystem.CompartmentId != "" {
+		compartmentId = dbcsInst.Spec.DbSystem.CompartmentId
+	} else if dbcsInst.Spec.Id != nil && *dbcsInst.Spec.Id != "" {
+		var err error
+		compartmentId, err = r.getCompartmentIDByDbSystemID(ctx, *dbcsInst.Spec.Id)
+		if err != nil {
+			fmt.Printf("Failed to get compartment ID: %v\n", err)
+			dbcsInst.Status.Message = err.Error()
+			return ctrl.Result{}, err
+		}
+	}
 	r.Logger.Info("OCI provider configured succesfully")
 
 	/*
-	   Using Finalizer for object deletion
+		Using Finalizer for object deletion
 	*/
 
 	if dbcsInst.ObjectMeta.DeletionTimestamp.IsZero() {
@@ -162,10 +178,11 @@ func (r *DbcsSystemReconciler) Reconcile(ctx context.Context, req ctrl.Request)
 	} else {
 		// The object is being deleted
 		r.Logger.Info("Terminate DbcsSystem Database: " + dbcsInst.Spec.DbSystem.DisplayName)
-		if err := dbcsv1.DeleteDbcsSystemSystem(r.dbClient, *dbcsInst.Spec.Id); err != nil {
+		if err := dbcsv4.DeleteDbcsSystemSystem(r.dbClient, *dbcsInst.Spec.Id); err != nil {
 			r.Logger.Error(err, "Fail to terminate DbcsSystem Instance")
+			dbcsInst.Status.Message = err.Error()
 			// Change the status to Failed
-			if statusErr := dbcsv1.SetLifecycleState(r.KubeClient, r.dbClient, dbcsInst, databasev4.Terminate, r.nwClient, r.wrClient); statusErr != nil {
+			if statusErr := dbcsv4.SetLifecycleState(compartmentId, r.KubeClient, r.dbClient, dbcsInst, databasev4.Terminate, r.nwClient, r.wrClient); statusErr != nil {
 				result := resultNq
 				return result, err
 			}
@@ -183,6 +200,7 @@ func (r *DbcsSystemReconciler) Reconcile(ctx context.Context, req ctrl.Request)
 					// Call deletePluggableDatabase function
 					dbSystemId := *dbcsInst.Spec.Id
 					if err := r.deletePluggableDatabase(ctx, pdbConfig, dbSystemId); err != nil {
+						dbcsInst.Status.Message = err.Error()
 						result := resultNq
 						return result, err
 					}
@@ -200,7 +218,7 @@ func (r *DbcsSystemReconciler) Reconcile(ctx context.Context, req ctrl.Request)
 	}
 
 	/*
-	   Determine whether it's a provision or bind operation
+		Determine whether it's a provision or bind operation
 	*/
 	lastSuccessfullSpec, err := dbcsInst.GetLastSuccessfulSpec()
 	if err != nil {
@@ -217,7 +235,7 @@ func (r *DbcsSystemReconciler) Reconcile(ctx context.Context, req ctrl.Request)
 
 	if lastSuccessfullKMSConfig == nil && lastSuccessfullKMSStatus == nil {
 
-		if dbcsInst.Spec.KMSConfig.KeyName != "" {
+		if dbcsInst.Spec.KMSConfig != nil && dbcsInst.Spec.KMSConfig.KeyName != "" {
 
 			kmsVaultClient, err := keymanagement.NewKmsVaultClientWithConfigurationProvider(provider)
 
@@ -236,6 +254,7 @@ func (r *DbcsSystemReconciler) Reconcile(ctx context.Context, req ctrl.Request)
 
 			listResp, err := kmsVaultClient.ListVaults(ctx, getVaultReq)
 			if err != nil {
+				dbcsInst.Status.Message = err.Error()
 				return ctrl.Result{}, fmt.Errorf("error listing vaults: %v", err)
 			}
 
@@ -260,8 +279,9 @@ func (r *DbcsSystemReconciler) Reconcile(ctx context.Context, req ctrl.Request)
 			if existingVaultId == nil {
 
 				// Create the KMS vault
-				createResp, err := r.createKMSVault(ctx, &dbcsInst.Spec.KMSConfig, kmsClient, &dbcsInst.Status.KMSDetailsStatus)
+				createResp, err := r.createKMSVault(ctx, dbcsInst.Spec.KMSConfig, kmsClient, &dbcsInst.Status.KMSDetailsStatus)
 				if err != nil {
+					dbcsInst.Status.Message = err.Error()
 					return ctrl.Result{}, fmt.Errorf("error creating vault: %v", err)
 				}
 				existingVaultId = createResp.Id
@@ -287,6 +307,7 @@ func (r *DbcsSystemReconciler) Reconcile(ctx context.Context, req ctrl.Request)
 				listKeysResp, err := kmsClient.ListKeys(ctx, listKeysReq)
 				if err != nil {
 					r.Logger.Error(err, "Error listing keys in existing vault")
+					dbcsInst.Status.Message = err.Error()
 					return ctrl.Result{}, err
 				}
 
@@ -305,7 +326,7 @@ func (r *DbcsSystemReconciler) Reconcile(ctx context.Context, req ctrl.Request)
 					r.Logger.Info("Master key not found in existing vault, creating new key")
 
 					// Create the KMS key in the existing vault
-					keyResponse, err := r.createKMSKey(ctx, &dbcsInst.Spec.KMSConfig, kmsClient, &dbcsInst.Status.KMSDetailsStatus)
+					keyResponse, err := r.createKMSKey(ctx, dbcsInst.Spec.KMSConfig, kmsClient, &dbcsInst.Status.KMSDetailsStatus)
 					if err != nil {
 						return ctrl.Result{}, err
 					}
@@ -324,15 +345,17 @@ func (r *DbcsSystemReconciler) Reconcile(ctx context.Context, req ctrl.Request)
 				r.Logger.Info("Creating new vault")
 
 				// Create the new vault
-				vaultResponse, err := r.createKMSVault(ctx, &dbcsInst.Spec.KMSConfig, kmsClient, &dbcsInst.Status.KMSDetailsStatus)
+				vaultResponse, err := r.createKMSVault(ctx, dbcsInst.Spec.KMSConfig, kmsClient, &dbcsInst.Status.KMSDetailsStatus)
 				if err != nil {
+					dbcsInst.Status.Message = err.Error()
 					return ctrl.Result{}, err
 				}
 				dbcsInst.Status.KMSDetailsStatus.VaultId = *vaultResponse.Id
 				dbcsInst.Status.KMSDetailsStatus.ManagementEndpoint = *vaultResponse.ManagementEndpoint
 				// Create the KMS key in the newly created vault
-				keyResponse, err := r.createKMSKey(ctx, &dbcsInst.Spec.KMSConfig, kmsClient, &dbcsInst.Status.KMSDetailsStatus)
+				keyResponse, err := r.createKMSKey(ctx, dbcsInst.Spec.KMSConfig, kmsClient, &dbcsInst.Status.KMSDetailsStatus)
 				if err != nil {
+					dbcsInst.Status.Message = err.Error()
 					return ctrl.Result{}, err
 				}
 
@@ -343,11 +366,207 @@ func (r *DbcsSystemReconciler) Reconcile(ctx context.Context, req ctrl.Request)
 			}
 		}
 	}
-	//debugging
-	// lastSuccessfullSpec = nil
-	// r.ensureDBSystemSpec(&dbcsInst.Spec.DbSystem)
-	// Check if cloning is needed, debugging
-	// *dbcsInst.Status.DbCloneStatus.Id = ""
+	// Backup Creation
+	if dbcsInst.Spec.EnableBackup {
+		var compartmentId string
+		if dbcsInst.Spec.DbSystem.CompartmentId != "" {
+			compartmentId = dbcsInst.Spec.DbSystem.CompartmentId
+		} else if dbcsInst.Spec.Id != nil && *dbcsInst.Spec.Id != "" {
+			var err error
+			compartmentId, err = r.getCompartmentIDByDbSystemID(ctx, *dbcsInst.Spec.Id)
+			if err != nil {
+				fmt.Printf("Failed to get compartment ID: %v\n", err)
+				dbcsInst.Status.Message = err.Error()
+				return ctrl.Result{}, err
+			}
+		} else {
+			err := fmt.Errorf("compartment ID or DB system ID must be set")
+			dbcsInst.Status.Message = err.Error()
+			return ctrl.Result{}, err
+		}
+		backupId, err := dbcsv4.CreateDbcsBackup(compartmentId, r.Logger, r.dbClient, dbcsInst, r.KubeClient, r.nwClient, r.wrClient)
+		if err != nil {
+			r.Logger.Error(err, "Backup creation failed")
+			dbcsInst.Status.Message = err.Error()
+			return ctrl.Result{}, nil
+		} else {
+
+			dbHomeId, err := r.getDbHomeIdByDbSystemID(ctx, compartmentId, *dbcsInst.Spec.Id)
+			if err != nil {
+				fmt.Printf("Failed to get DB Home ID: %v\n", err)
+				dbcsInst.Status.Message = err.Error()
+				return ctrl.Result{}, err
+			}
+
+			databaseIds, err := r.getDatabaseIDByDbSystemID(ctx, *dbcsInst.Spec.Id, compartmentId, dbHomeId)
+			if err != nil {
+				fmt.Printf("Failed to get database IDs: %v\n", err)
+				dbcsInst.Status.Message = err.Error()
+				return ctrl.Result{}, err
+			}
+
+			// Assume the first database is the one to back up (customize as needed)
+			databaseId := databaseIds[0]
+			// After successful creation and backup becomes ACTIVE
+			listBackupsReq := database.ListBackupsRequest{
+				DatabaseId: &databaseId,
+			}
+
+			listBackupsResp, err := r.dbClient.ListBackups(ctx, listBackupsReq)
+			if err != nil {
+				r.Logger.Error(err, "Failed to list backups")
+				dbcsInst.Status.Message = err.Error()
+				return ctrl.Result{}, nil
+			}
+
+			// Reset and populate status.Backups with up-to-date backup list
+			dbcsInst.Status.Backups = []databasev4.BackupInfo{}
+			for _, b := range listBackupsResp.Items {
+				if b.Id != nil && b.DisplayName != nil && b.TimeStarted != nil {
+					dbcsInst.Status.Backups = append(dbcsInst.Status.Backups, databasev4.BackupInfo{
+						Name:      *b.DisplayName,
+						BackupID:  *b.Id,
+						Timestamp: b.TimeStarted.Format(time.RFC3339),
+					})
+				}
+			}
+			r.Logger.Info("Backup Completed successfully", "BackupID", backupId)
+		}
+	}
+	restoreCount := 0
+	var restoreInfo *databasev4.RestoreConfig
+	if dbcsInst.Spec.DbSystem != nil {
+		restoreInfo = dbcsInst.Spec.DbSystem.RestoreConfig
+	}
+	if restoreInfo != nil {
+		if restoreInfo.Latest {
+			restoreCount++
+		}
+		if restoreInfo.Timestamp != nil {
+			restoreCount++
+		}
+		if restoreInfo.SCN != nil {
+			restoreCount++
+		}
+
+		if restoreCount > 1 {
+			return ctrl.Result{}, fmt.Errorf("exactly one of Timestamp, SCN, or Latest must be specified for restore")
+		}
+
+		aj, _ := json.Marshal(dbcsInst.Spec)
+		bj, _ := json.Marshal(lastSuccessfullSpec)
+
+		if bytes.Equal(aj, bj) {
+			r.Logger.Info("Restore already applied — skipping", "DbcsSystem", dbcsInst.Name)
+		} else if restoreCount == 1 { // do restore when exactly one restore is new spec and defined correctly
+			switch {
+			case restoreInfo.Latest:
+				err = dbcsv4.RestoreDbcsToPoint(compartmentId, r.Logger, r.dbClient, dbcsInst,
+					databasev4.RestoreConfig{Latest: true},
+					r.KubeClient, r.nwClient, r.wrClient)
+
+			case restoreInfo.Timestamp != nil:
+				err = dbcsv4.RestoreDbcsToPoint(compartmentId, r.Logger, r.dbClient, dbcsInst,
+					databasev4.RestoreConfig{Timestamp: restoreInfo.Timestamp},
+					r.KubeClient, r.nwClient, r.wrClient)
+
+			case restoreInfo.SCN != nil:
+				err = dbcsv4.RestoreDbcsToPoint(compartmentId, r.Logger, r.dbClient, dbcsInst,
+					databasev4.RestoreConfig{SCN: restoreInfo.SCN},
+					r.KubeClient, r.nwClient, r.wrClient)
+			}
+
+			if err != nil {
+				r.Logger.Error(err, "Restore failed")
+				return ctrl.Result{}, err
+			}
+
+			// STEP 4: Mark spec as successfully applied
+			if err := dbcsInst.UpdateLastSuccessfulSpec(r.KubeClient); err != nil {
+				dbcsInst.Status.Message = err.Error()
+				return ctrl.Result{}, err
+			}
+
+			r.Logger.Info("Restore Operation Completed and lastSuccessfulSpec updated", "DbcsSystem", dbcsInst.Name)
+			return ctrl.Result{}, nil
+		}
+	}
+
+	switch {
+	case dbcsInst.Spec.IsPatch && dbcsInst.Spec.IsUpgrade:
+		errMsg := "Both IsPatch and IsUpgrade are set. Only one operation can be performed at a time."
+		r.Logger.Error(nil, errMsg)
+		dbcsInst.Status.Message = errMsg
+		return ctrl.Result{}, nil
+
+	case dbcsInst.Spec.IsPatch:
+		if dbcsInst.Spec.Id == nil || dbcsInst.Spec.DbSystem.PatchOCID == "" {
+			errMsg := "Patching is requested but Patch Version or DB System ID is missing."
+			r.Logger.Error(nil, errMsg)
+			dbcsInst.Status.Message = errMsg
+			return ctrl.Result{}, nil
+		}
+		compartmentId, err := r.getCompartmentIDByDbSystemID(ctx, *dbcsInst.Spec.Id)
+		if err != nil {
+			fmt.Printf("Failed to get compartment ID: %v\n", err)
+			dbcsInst.Status.Message = err.Error()
+			return ctrl.Result{}, err
+		}
+
+		err = dbcsv4.PatchDBSystem(ctx, compartmentId, r.Logger, r.KubeClient, r.dbClient, dbcsInst, r.nwClient, r.wrClient, dbcsInst.Spec.DbSystem.DbHomeId, dbcsInst.Spec.DbSystem.PatchOCID)
+		if err != nil {
+			r.Logger.Error(err, "Fail to patch db system")
+			if statusErr := dbcsv4.SetLifecycleState(compartmentId, r.KubeClient, r.dbClient, dbcsInst, databasev4.Failed, r.nwClient, r.wrClient); statusErr != nil {
+				dbcsInst.Status.Message = err.Error()
+				return ctrl.Result{}, statusErr
+			}
+		}
+
+	case dbcsInst.Spec.IsUpgrade:
+		if dbcsInst.Spec.Id == nil || dbcsInst.Spec.DbSystem.UpgradeVersion == "" {
+			errMsg := "Upgrade is requested but Upgrade Version or DB System ID is missing."
+			r.Logger.Error(nil, errMsg)
+			dbcsInst.Status.Message = errMsg
+			return ctrl.Result{}, nil
+		}
+		compartmentId, err := r.getCompartmentIDByDbSystemID(ctx, *dbcsInst.Spec.Id)
+		if err != nil {
+			fmt.Printf("Failed to get compartment ID: %v\n", err)
+			dbcsInst.Status.Message = err.Error()
+			return ctrl.Result{}, err
+		}
+
+		err = dbcsv4.UpgradeDatabaseVersion(ctx, compartmentId, r.Logger, r.KubeClient, r.dbClient, dbcsInst, r.nwClient, r.wrClient, *dbcsInst.Spec.DatabaseId, dbcsInst.Spec.DbSystem.UpgradeVersion)
+		if err != nil {
+			r.Logger.Error(err, "Failed to upgrade DB Home.")
+			dbcsInst.Status.Message = fmt.Sprintf("Upgrade failed: %v", err)
+			return ctrl.Result{}, err
+		}
+
+	}
+
+	isDeleteDataguard := false
+	setupDataguard := false
+
+	// Check if DataGuard is marked for deletion
+	if dbcsInst.Spec.DataGuard.IsDelete {
+		isDeleteDataguard = true
+		// If marked for delete, skip DataGuard setup
+		setupDataguard = false
+	} else if dbcsInst.Spec.DataGuard.Enabled {
+		// Proceed to check required fields for DataGuard setup
+		if dbcsInst.Spec.DataGuard.PrimaryDatabaseId == nil ||
+			dbcsInst.Spec.DataGuard.DbAdminPasswordSecret == nil ||
+			dbcsInst.Spec.DataGuard.DisplayName == nil {
+			r.Logger.Error(err, "setupDataguard is defined but other necessary details are not present. Refer README.md file for instructions.")
+			return ctrl.Result{}, nil
+		}
+		// All required fields are present, enable setup
+		setupDataguard = true
+	}
+
+	//-----------------Clone Setup---------------------------------//
+
 	setupCloning := false
 	// Check if SetupDBCloning is true and ensure one of the required fields is provided
 	if dbcsInst.Spec.SetupDBCloning {
@@ -355,6 +574,7 @@ func (r *DbcsSystemReconciler) Reconcile(ctx context.Context, req ctrl.Request)
 		if dbcsInst.Spec.Id == nil && dbcsInst.Spec.DbBackupId == nil && dbcsInst.Spec.DatabaseId == nil {
 			// If none of the required fields are set, log an error and exit the function
 			r.Logger.Error(err, "SetupDBCloning is defined but other necessary details (Id, DbBackupId, DatabaseId) are not present. Refer README.md file for instructions.")
+			dbcsInst.Status.Message = "SetupDBCloning is defined but other necessary details (Id, DbBackupId, DatabaseId) are not present. Refer README.md file for instructions."
 			return ctrl.Result{}, nil
 		}
 		// If the condition is met, proceed with cloning setup
@@ -363,17 +583,19 @@ func (r *DbcsSystemReconciler) Reconcile(ctx context.Context, req ctrl.Request)
 		// If SetupDBCloning is false, continue as usual without cloning
 		setupCloning = false
 	}
-
 	var dbSystemId string
 	// Executing DB Cloning Process, if defined. Do not repeat cloning again when Status has Id present.
 	if setupCloning && dbcsInst.Status.DbCloneStatus.Id == nil {
+		// if setupCloning {
+
 		switch {
 
 		case dbcsInst.Spec.SetupDBCloning && dbcsInst.Spec.DbBackupId != nil:
-			dbSystemId, err = dbcsv1.CloneFromBackupAndGetDbcsId(r.Logger, r.KubeClient, r.dbClient, dbcsInst, r.nwClient, r.wrClient)
+			dbSystemId, err = dbcsv4.CloneFromBackupAndGetDbcsId(compartmentId, r.Logger, r.KubeClient, r.dbClient, dbcsInst, r.nwClient, r.wrClient)
 			if err != nil {
 				r.Logger.Error(err, "Fail to clone db system from backup and get DbcsSystem System ID")
-				if statusErr := dbcsv1.SetLifecycleState(r.KubeClient, r.dbClient, dbcsInst, databasev4.Failed, r.nwClient, r.wrClient); statusErr != nil {
+				if statusErr := dbcsv4.SetLifecycleState(compartmentId, r.KubeClient, r.dbClient, dbcsInst, databasev4.Failed, r.nwClient, r.wrClient); statusErr != nil {
+					dbcsInst.Status.Message = err.Error()
 					return ctrl.Result{}, statusErr
 				}
 
@@ -382,10 +604,12 @@ func (r *DbcsSystemReconciler) Reconcile(ctx context.Context, req ctrl.Request)
 			r.Logger.Info("DB Cloning completed successfully from provided backup DB system")
 
 		case dbcsInst.Spec.SetupDBCloning && dbcsInst.Spec.DatabaseId != nil:
-			dbSystemId, err = dbcsv1.CloneFromDatabaseAndGetDbcsId(r.Logger, r.KubeClient, r.dbClient, dbcsInst, r.nwClient, r.wrClient)
+			dbSystemId, err = dbcsv4.CloneFromDatabaseAndGetDbcsId(compartmentId, r.Logger, r.KubeClient, r.dbClient, dbcsInst, r.nwClient, r.wrClient)
 			if err != nil {
 				r.Logger.Error(err, "Fail to clone db system from DatabaseID provided")
-				if statusErr := dbcsv1.SetLifecycleState(r.KubeClient, r.dbClient, dbcsInst, databasev4.Failed, r.nwClient, r.wrClient); statusErr != nil {
+				dbcsInst.Status.Message = err.Error()
+				if statusErr := dbcsv4.SetLifecycleState(compartmentId, r.KubeClient, r.dbClient, dbcsInst, databasev4.Failed, r.nwClient, r.wrClient); statusErr != nil {
+
 					return ctrl.Result{}, statusErr
 				}
 
@@ -394,31 +618,38 @@ func (r *DbcsSystemReconciler) Reconcile(ctx context.Context, req ctrl.Request)
 			r.Logger.Info("DB Cloning completed successfully from provided databaseId")
 
 		case dbcsInst.Spec.SetupDBCloning && dbcsInst.Spec.DbBackupId == nil && dbcsInst.Spec.DatabaseId == nil:
-			dbSystemId, err = dbcsv1.CloneAndGetDbcsId(r.Logger, r.KubeClient, r.dbClient, dbcsInst, r.nwClient, r.wrClient)
+			dbSystemId, err = dbcsv4.CloneAndGetDbcsId(compartmentId, r.Logger, r.KubeClient, r.dbClient, dbcsInst, r.nwClient, r.wrClient)
 			if err != nil {
 				r.Logger.Error(err, "Fail to clone db system and get DbcsSystem System ID")
-				if statusErr := dbcsv1.SetLifecycleState(r.KubeClient, r.dbClient, dbcsInst, databasev4.Failed, r.nwClient, r.wrClient); statusErr != nil {
+				if statusErr := dbcsv4.SetLifecycleState(compartmentId, r.KubeClient, r.dbClient, dbcsInst, databasev4.Failed, r.nwClient, r.wrClient); statusErr != nil {
+					dbcsInst.Status.Message = err.Error()
 					return ctrl.Result{}, statusErr
 				}
 				return ctrl.Result{}, nil
 			}
 			r.Logger.Info("DB Cloning completed successfully from provided db system")
 		}
-	} else if !setupCloning {
+	} else if !setupCloning && !setupDataguard && !isDeleteDataguard {
 		if dbcsInst.Spec.Id == nil && lastSuccessfullSpec == nil {
 			// If no DbcsSystem ID specified, create a new DB System
 			// ======================== Validate Specs ==============
-			err = dbcsv1.ValidateSpex(r.Logger, r.KubeClient, r.dbClient, dbcsInst, r.nwClient, r.Recorder)
+			if dbcsInst == nil {
+				// Safety guard
+				return ctrl.Result{}, nil
+			}
+			err = dbcsv4.ValidateSpex(r.Logger, r.KubeClient, r.dbClient, dbcsInst, r.nwClient, r.Recorder)
 			if err != nil {
+				dbcsInst.Status.Message = err.Error()
 				return ctrl.Result{}, err
 			}
 			r.Logger.Info("DbcsSystem DBSystem provisioning")
-			dbcsID, err := dbcsv1.CreateAndGetDbcsId(r.Logger, r.KubeClient, r.dbClient, dbcsInst, r.nwClient, r.wrClient, &dbcsInst.Status.KMSDetailsStatus)
+			dbcsID, err := dbcsv4.CreateAndGetDbcsId(compartmentId, r.Logger, r.KubeClient, r.dbClient, dbcsInst, r.nwClient, r.wrClient, &dbcsInst.Status.KMSDetailsStatus)
 			if err != nil {
+				dbcsInst.Status.Message = err.Error()
 				r.Logger.Error(err, "Fail to provision and get DbcsSystem System ID")
 
 				// Change the status to Failed
-				if statusErr := dbcsv1.SetLifecycleState(r.KubeClient, r.dbClient, dbcsInst, databasev4.Failed, r.nwClient, r.wrClient); statusErr != nil {
+				if statusErr := dbcsv4.SetLifecycleState(compartmentId, r.KubeClient, r.dbClient, dbcsInst, databasev4.Failed, r.nwClient, r.wrClient); statusErr != nil {
 					return ctrl.Result{}, statusErr
 				}
 				// The reconciler should not requeue since the error returned from OCI during update will not be solved by requeue
@@ -428,16 +659,17 @@ func (r *DbcsSystemReconciler) Reconcile(ctx context.Context, req ctrl.Request)
 			assignDBCSID(dbcsInst, dbcsID)
 			// Check if KMSConfig is specified
 			kmsConfig := dbcsInst.Spec.KMSConfig
-			if kmsConfig != (databasev4.KMSConfig{}) {
+			if kmsConfig != nil {
 				// Check if KMSDetailsStatus is uninitialized (zero value)
-				if dbcsInst.Spec.DbSystem.KMSConfig != dbcsInst.Spec.KMSConfig {
+				if dbcsInst.Spec.DbSystem.KMSConfig != nil && dbcsInst.Spec.KMSConfig != nil &&
+					*dbcsInst.Spec.DbSystem.KMSConfig != *dbcsInst.Spec.KMSConfig {
 					dbcsInst.Spec.DbSystem.KMSConfig = dbcsInst.Spec.KMSConfig
 				}
 			}
-			if err := dbcsv1.UpdateDbcsSystemId(r.KubeClient, dbcsInst); err != nil {
+			if err := dbcsv4.UpdateDbcsSystemId(r.KubeClient, dbcsInst); err != nil {
 				// Change the status to Failed
 				assignDBCSID(dbcsInst, dbcsID)
-				if statusErr := dbcsv1.SetLifecycleState(r.KubeClient, r.dbClient, dbcsInst, databasev4.Failed, r.nwClient, r.wrClient); statusErr != nil {
+				if statusErr := dbcsv4.SetLifecycleState(compartmentId, r.KubeClient, r.dbClient, dbcsInst, databasev4.Failed, r.nwClient, r.wrClient); statusErr != nil {
 					return ctrl.Result{}, statusErr
 				}
 				return ctrl.Result{}, err
@@ -446,28 +678,30 @@ func (r *DbcsSystemReconciler) Reconcile(ctx context.Context, req ctrl.Request)
 			r.Logger.Info("DbcsSystem system provisioned succesfully")
 			assignDBCSID(dbcsInst, dbcsID)
 			if err := dbcsInst.UpdateLastSuccessfulSpec(r.KubeClient); err != nil {
+				dbcsInst.Status.Message = err.Error()
 				return ctrl.Result{}, err
 			}
 			assignDBCSID(dbcsInst, dbcsID)
 		} else {
-			if lastSuccessfullSpec == nil { // first time after creation of DB
-				if err := dbcsv1.GetDbSystemId(r.Logger, r.dbClient, dbcsInst); err != nil {
+			if lastSuccessfullSpec == nil { // first time update after creation of DB
+				if err := dbcsv4.GetDbSystemId(r.Logger, r.dbClient, dbcsInst); err != nil {
 					// Change the status to Failed
-					if statusErr := dbcsv1.SetLifecycleState(r.KubeClient, r.dbClient, dbcsInst, databasev4.Failed, r.nwClient, r.wrClient); statusErr != nil {
+					if statusErr := dbcsv4.SetLifecycleState(compartmentId, r.KubeClient, r.dbClient, dbcsInst, databasev4.Failed, r.nwClient, r.wrClient); statusErr != nil {
 						return ctrl.Result{}, statusErr
 					}
 					return ctrl.Result{}, err
 				}
-				if err := dbcsv1.SetDBCSDatabaseLifecycleState(r.Logger, r.KubeClient, r.dbClient, dbcsInst, r.nwClient, r.wrClient); err != nil {
+				if err := dbcsv4.SetDBCSDatabaseLifecycleState(compartmentId, r.Logger, r.KubeClient, r.dbClient, dbcsInst, r.nwClient, r.wrClient); err != nil {
 					// Change the status to required state
+					dbcsInst.Status.Message = err.Error()
 					return ctrl.Result{}, err
 				}
 
 				dbSystemId := *dbcsInst.Spec.Id
-				if err := dbcsv1.UpdateDbcsSystemId(r.KubeClient, dbcsInst); err != nil {
+				if err := dbcsv4.UpdateDbcsSystemId(r.KubeClient, dbcsInst); err != nil {
 					// Change the status to Failed
 					assignDBCSID(dbcsInst, dbSystemId)
-					if statusErr := dbcsv1.SetLifecycleState(r.KubeClient, r.dbClient, dbcsInst, databasev4.Failed, r.nwClient, r.wrClient); statusErr != nil {
+					if statusErr := dbcsv4.SetLifecycleState(compartmentId, r.KubeClient, r.dbClient, dbcsInst, databasev4.Failed, r.nwClient, r.wrClient); statusErr != nil {
 						return ctrl.Result{}, statusErr
 					}
 					return ctrl.Result{}, err
@@ -477,6 +711,7 @@ func (r *DbcsSystemReconciler) Reconcile(ctx context.Context, req ctrl.Request)
 
 				dbSystemId = *dbcsInst.Spec.Id
 				if err := dbcsInst.UpdateLastSuccessfulSpec(r.KubeClient); err != nil {
+					dbcsInst.Status.Message = err.Error()
 					return ctrl.Result{}, err
 				}
 				assignDBCSID(dbcsInst, dbSystemId)
@@ -489,46 +724,75 @@ func (r *DbcsSystemReconciler) Reconcile(ctx context.Context, req ctrl.Request)
 					dbSystemId = *dbcsInst.Spec.Id
 				}
 				//debugging
-				// *dbcsInst.Spec.Id = "ocid1.dbsystem.oc1.iad.anuwcljsabf7htya55wz5vfil7ul3pkzpubnymp6zrp3fhgomv3fcdr2vtiq"
+
 				compartmentId, err := r.getCompartmentIDByDbSystemID(ctx, *dbcsInst.Spec.Id)
 				if err != nil {
 					fmt.Printf("Failed to get compartment ID: %v\n", err)
+					dbcsInst.Status.Message = err.Error()
 					return ctrl.Result{}, err
 				}
 				dbHomeId, err := r.getDbHomeIdByDbSystemID(ctx, compartmentId, *dbcsInst.Spec.Id)
 				if err != nil {
 					fmt.Printf("Failed to get DB Home ID: %v\n", err)
+					dbcsInst.Status.Message = err.Error()
 					return ctrl.Result{}, err
 				}
 
 				databaseIds, err := r.getDatabaseIDByDbSystemID(ctx, *dbcsInst.Spec.Id, compartmentId, dbHomeId)
 				if err != nil {
 					fmt.Printf("Failed to get database IDs: %v\n", err)
+					dbcsInst.Status.Message = err.Error()
 					return ctrl.Result{}, err
 				}
 				err = r.getPluggableDatabaseDetails(ctx, dbcsInst, *dbcsInst.Spec.Id, databaseIds)
 				if err != nil {
 					fmt.Printf("Failed to get pluggable database details: %v\n", err)
+					dbcsInst.Status.Message = err.Error()
 					return ctrl.Result{}, err
 				}
+				// Example: assume you have dataGuardRetryCount as an int
 
-				if err := dbcsv1.UpdateDbcsSystemIdInst(r.Logger, r.dbClient, dbcsInst, r.KubeClient, r.nwClient, r.wrClient, databaseIds[0]); err != nil {
+				if len(databaseIds) > 0 && dbcsInst.Spec.Id != nil {
+					dataGuardRetryCount := 0
+					if dataGuardRetryCount < 5 {
+						err = r.getDataGuardStatusAndUpdate(ctx, dbcsInst, databaseIds[0], *dbcsInst.Spec.Id)
+						if err != nil {
+							dataGuardRetryCount++
+							// persist the updated retry count
+
+							fmt.Printf("Failed to get dataguard details (attempt %d/5): %v\n",
+								dataGuardRetryCount, err)
+							return ctrl.Result{Requeue: true}, err
+						}
+						// reset retry count on success
+						dataGuardRetryCount = 0
+					} else {
+						fmt.Println("Max retries (5) reached. Failing DataGuard status update.")
+						return ctrl.Result{}, fmt.Errorf("max retries reached for DataGuard status update")
+					}
+				} else {
+					fmt.Println("Skipping DataGuard status update as DatabaseIds or DbcsSystem ID is nil")
+				}
+
+				if err := dbcsv4.UpdateDbcsSystemIdInst(compartmentId, r.Logger, r.dbClient, dbcsInst, r.KubeClient, r.nwClient, r.wrClient, databaseIds[0]); err != nil {
 					r.Logger.Error(err, "Fail to update DbcsSystem Id")
+					dbcsInst.Status.Message = err.Error()
 
 					// Change the status to Failed
-					if statusErr := dbcsv1.SetLifecycleState(r.KubeClient, r.dbClient, dbcsInst, databasev4.Failed, r.nwClient, r.wrClient); statusErr != nil {
+					if statusErr := dbcsv4.SetLifecycleState(compartmentId, r.KubeClient, r.dbClient, dbcsInst, databasev4.Failed, r.nwClient, r.wrClient); statusErr != nil {
 						return ctrl.Result{}, statusErr
 					}
 					// The reconciler should not requeue since the error returned from OCI during update will not be solved by requeue
 					return ctrl.Result{}, nil
 				}
-				if err := dbcsv1.SetDBCSDatabaseLifecycleState(r.Logger, r.KubeClient, r.dbClient, dbcsInst, r.nwClient, r.wrClient); err != nil {
+				if err := dbcsv4.SetDBCSDatabaseLifecycleState(compartmentId, r.Logger, r.KubeClient, r.dbClient, dbcsInst, r.nwClient, r.wrClient); err != nil {
 					// Change the status to required state
 					return ctrl.Result{}, err
 				}
 				// Update Spec and Status
 				result, err := r.updateSpecsAndStatus(ctx, dbcsInst, dbSystemId)
 				if err != nil {
+					dbcsInst.Status.Message = err.Error()
 					return result, err
 				}
 			}
@@ -537,29 +801,85 @@ func (r *DbcsSystemReconciler) Reconcile(ctx context.Context, req ctrl.Request)
 
 	// Update the Wallet Secret when the secret name is given
 	//r.updateWalletSecret(dbcs)
+	// Dataguard enablement
+	switch {
+	case setupDataguard:
+		// Data Guard Creation Flow
+		compartmentId, err := r.getCompartmentIDByDbSystemID(ctx, *dbcsInst.Spec.Id)
+		if err != nil {
+			fmt.Printf("Failed to get compartment ID: %v\n", err)
+			dbcsInst.Status.Message = err.Error()
+			return ctrl.Result{}, err
+		}
+		if err := r.EnableDataGuard(ctx, compartmentId, r.Logger, r.dbClient, dbcsInst, r.KubeClient, r.nwClient, r.wrClient, *dbcsInst.Spec.DataGuard.PrimaryDatabaseId, &dbcsInst.Spec.DataGuard); err != nil {
+			r.Logger.Error(err, "Failed to enable Data Guard and update DbcsSystem ID")
+
+			// Update status to Failed
+			if statusErr := dbcsv4.SetLifecycleState(compartmentId, r.KubeClient, r.dbClient, dbcsInst, databasev4.Failed, r.nwClient, r.wrClient); statusErr != nil {
+				return ctrl.Result{}, statusErr
+			}
+			return ctrl.Result{}, nil
+		}
+
+		if err := r.KubeClient.Status().Update(ctx, dbcsInst); err != nil {
+			r.Logger.Error(err, "Failed to update DB status")
+			return reconcile.Result{}, err
+		}
+
+		if dbcsInst.Status.DataGuardStatus != nil && dbcsInst.Status.DataGuardStatus.PeerDbSystemId != nil {
+			dbSystemId = *dbcsInst.Status.DataGuardStatus.PeerDbSystemId
+			assignDBCSID(dbcsInst, dbSystemId)
+		}
+		if err := dbcsInst.UpdateLastSuccessfulSpec(r.KubeClient); err != nil {
+			return ctrl.Result{}, err
+		}
+
+	case isDeleteDataguard:
+		// Data Guard Deletion Flow
+		compartmentId, err := r.getCompartmentIDByDbSystemID(ctx, *dbcsInst.Spec.Id)
+		if err != nil {
+			fmt.Printf("Failed to get compartment ID: %v\n", err)
+			dbcsInst.Status.Message = err.Error()
+			return ctrl.Result{}, err
+		}
+		if err := r.DeleteDataGuard(ctx, compartmentId, r.Logger, r.dbClient, dbcsInst); err != nil {
+			r.Logger.Error(err, "Failed to delete Data Guard")
+
+			// Update status to Failed
+			if statusErr := dbcsv4.SetLifecycleState(compartmentId, r.KubeClient, r.dbClient, dbcsInst, databasev4.Failed, r.nwClient, r.wrClient); statusErr != nil {
+				return ctrl.Result{}, statusErr
+			}
+			return ctrl.Result{}, nil
+		}
+
+	}
 
 	// Update the last succesful spec
 	if dbcsInst.Spec.Id != nil {
 		dbSystemId = *dbcsInst.Spec.Id
 
 		if err := dbcsInst.UpdateLastSuccessfulSpec(r.KubeClient); err != nil {
+			dbcsInst.Status.Message = err.Error()
 			return ctrl.Result{}, err
 		}
 	} else if dbcsInst.Status.DbCloneStatus.Id != nil {
 		dbSystemId = *dbcsInst.Status.DbCloneStatus.Id
+	} else if setupDataguard {
+		dbSystemId = *dbcsInst.Status.DataGuardStatus.PeerDbSystemId
 	}
-	//assignDBCSID(dbcsInst,dbcsI)
+
 	// Change the phase to "Available"
 	assignDBCSID(dbcsInst, dbSystemId)
-	if statusErr := dbcsv1.SetLifecycleState(r.KubeClient, r.dbClient, dbcsInst, databasev4.Available, r.nwClient, r.wrClient); statusErr != nil {
+	if statusErr := dbcsv4.SetLifecycleState(compartmentId, r.KubeClient, r.dbClient, dbcsInst, databasev4.Available, r.nwClient, r.wrClient); statusErr != nil {
 		return ctrl.Result{}, statusErr
 	}
 
-	r.Logger.Info("DBInst after assignment", "dbcsInst:->", dbcsInst)
+	// r.Logger.Info("DBInst after assignment", "dbcsInst:->", dbcsInst)
 
 	// Check if specified PDB exists or needs to be created
 	exists, err := r.validatePDBExistence(dbcsInst)
 	if err != nil {
+		dbcsInst.Status.Message = err.Error()
 		fmt.Printf("Failed to get PDB Details: %v\n", err)
 		return ctrl.Result{}, err
 	}
@@ -572,17 +892,20 @@ func (r *DbcsSystemReconciler) Reconcile(ctx context.Context, req ctrl.Request)
 					// Get Compartment ID by DB System ID
 					compartmentId, err := r.getCompartmentIDByDbSystemID(ctx, dbSystemId)
 					if err != nil {
+						dbcsInst.Status.Message = err.Error()
 						fmt.Printf("Failed to get compartment ID: %v\n", err)
 						return ctrl.Result{}, err
 					}
 					dbHomeId, err := r.getDbHomeIdByDbSystemID(ctx, compartmentId, dbSystemId)
 					if err != nil {
 						fmt.Printf("Failed to get DB Home ID: %v\n", err)
+						dbcsInst.Status.Message = err.Error()
 						return ctrl.Result{}, err
 					}
 					databaseIds, err := r.getDatabaseIDByDbSystemID(ctx, dbSystemId, compartmentId, dbHomeId)
 					if err != nil {
 						fmt.Printf("Failed to get database IDs: %v\n", err)
+						dbcsInst.Status.Message = err.Error()
 						return ctrl.Result{}, err
 					}
 
@@ -593,6 +916,7 @@ func (r *DbcsSystemReconciler) Reconcile(ctx context.Context, req ctrl.Request)
 					if pdbConfig.IsDelete != nil && *pdbConfig.IsDelete {
 						// Call deletePluggableDatabase function
 						if err := r.deletePluggableDatabase(ctx, pdbConfig, dbSystemId); err != nil {
+							dbcsInst.Status.Message = err.Error()
 							return ctrl.Result{}, err
 						}
 						// Continue to the next pdbConfig
@@ -603,6 +927,7 @@ func (r *DbcsSystemReconciler) Reconcile(ctx context.Context, req ctrl.Request)
 						pdbId, err := r.createPluggableDatabase(ctx, dbcsInst, pdbConfig, databaseIds[0], compartmentId, dbSystemId)
 						if err != nil {
 							// Handle error if required
+							dbcsInst.Status.Message = err.Error()
 							return ctrl.Result{}, err
 						}
 
@@ -638,10 +963,9 @@ func (r *DbcsSystemReconciler) Reconcile(ctx context.Context, req ctrl.Request)
 
 						// Assign the updated slice to dbcsInst.Status.PdbDetailsStatus
 						dbcsInst.Status.PdbDetailsStatus = updatedPdbDetailsStatus
-						// Update the status in Kubernetes
-						// Update the status subresource
 						err = r.KubeClient.Status().Update(ctx, dbcsInst)
 						if err != nil {
+							dbcsInst.Status.Message = err.Error()
 							r.Logger.Error(err, "Failed to update DB status")
 							return reconcile.Result{}, err
 						}
@@ -653,10 +977,6 @@ func (r *DbcsSystemReconciler) Reconcile(ctx context.Context, req ctrl.Request)
 			r.Logger.Info("No change in PDB configurations or, already existed PDB Status.")
 		}
 	}
-	// } else {
-	// 	r.Logger.Info("No PDB configurations given.")
-	// }
-	// r.Logger.Info("DBInst after assignment", "dbcsInst:->", dbcsInst)
 	// // Check if PDBConfig is defined and needs to be created or deleted
 	pdbConfigs := dbcsInst.Spec.PdbConfigs
 	if pdbConfigs != nil {
@@ -667,16 +987,19 @@ func (r *DbcsSystemReconciler) Reconcile(ctx context.Context, req ctrl.Request)
 				// Get Compartment ID by DB System ID
 				compartmentId, err := r.getCompartmentIDByDbSystemID(ctx, dbSystemId)
 				if err != nil {
+					dbcsInst.Status.Message = err.Error()
 					fmt.Printf("Failed to get compartment ID: %v\n", err)
 					return ctrl.Result{}, err
 				}
 				dbHomeId, err := r.getDbHomeIdByDbSystemID(ctx, compartmentId, dbSystemId)
 				if err != nil {
+					dbcsInst.Status.Message = err.Error()
 					fmt.Printf("Failed to get DB Home ID: %v\n", err)
 					return ctrl.Result{}, err
 				}
 				databaseIds, err := r.getDatabaseIDByDbSystemID(ctx, dbSystemId, compartmentId, dbHomeId)
 				if err != nil {
+					dbcsInst.Status.Message = err.Error()
 					fmt.Printf("Failed to get database IDs: %v\n", err)
 					return ctrl.Result{}, err
 				}
@@ -688,6 +1011,7 @@ func (r *DbcsSystemReconciler) Reconcile(ctx context.Context, req ctrl.Request)
 				if pdbConfig.IsDelete != nil && *pdbConfig.IsDelete {
 					// Call deletePluggableDatabase function
 					if err := r.deletePluggableDatabase(ctx, pdbConfig, dbSystemId); err != nil {
+						dbcsInst.Status.Message = err.Error()
 						return ctrl.Result{}, err
 					}
 					// Continue to the next pdbConfig
@@ -698,6 +1022,7 @@ func (r *DbcsSystemReconciler) Reconcile(ctx context.Context, req ctrl.Request)
 					_, err := r.createPluggableDatabase(ctx, dbcsInst, pdbConfig, databaseIds[0], compartmentId, dbSystemId)
 					if err != nil {
 						// Handle error if required
+						dbcsInst.Status.Message = err.Error()
 						return ctrl.Result{}, err
 					}
 				}
@@ -708,6 +1033,386 @@ func (r *DbcsSystemReconciler) Reconcile(ctx context.Context, req ctrl.Request)
 	return resultQ, nil
 
 }
+
+func (r *DbcsSystemReconciler) DeleteDataGuard(
+	ctx context.Context,
+	compartmentId string,
+	log logr.Logger,
+	dbClient database.DatabaseClient,
+	dbcsInst *databasev4.DbcsSystem,
+) error {
+	dataGuardStatus := dbcsInst.Status.DataGuardStatus
+	var peerDbSystemId *string
+
+	// Prefer runtime status, fallback to spec if available
+	if dataGuardStatus != nil && dataGuardStatus.PeerDbSystemId != nil {
+		peerDbSystemId = dataGuardStatus.PeerDbSystemId
+	}
+	if dbcsInst.Spec.DataGuard.PeerDbSystemId != nil {
+		peerDbSystemId = dbcsInst.Spec.DataGuard.PeerDbSystemId
+	}
+
+	if peerDbSystemId == nil {
+		msg := "Skipping Data Guard deletion — peer DB System ID is nil"
+		log.Info(msg)
+		dbcsInst.Status.Message = msg
+		dbcsInst.Status.DataGuardStatus = nil
+		_ = r.KubeClient.Status().Update(ctx, dbcsInst)
+		return nil
+	}
+	if dbcsInst.Status.DataGuardStatus == nil {
+		dbcsInst.Status.DataGuardStatus = &databasev4.DataGuardStatus{}
+	}
+	status := dbcsInst.Status.DataGuardStatus
+
+	// Use Spec to fill necessary details
+	spec := dbcsInst.Spec.DataGuard
+
+	// Populate Status from Spec (if present)
+	status.DbAdminPasswordSecret = spec.DbAdminPasswordSecret
+	// status.PeerDbSystemId = spec.PeerDbSystemId
+	status.PrimaryDatabaseId = dbcsInst.Spec.Id
+	status.ProtectionMode = spec.ProtectionMode
+	status.TransportType = spec.TransportType
+	status.PeerRole = spec.PeerRole
+	status.Shape = spec.Shape
+	status.SubnetId = spec.SubnetId
+
+	getDbSystemResp, err := dbClient.GetDbSystem(ctx, database.GetDbSystemRequest{
+		DbSystemId: peerDbSystemId,
+	})
+	if err != nil {
+		if svcErr, ok := err.(common.ServiceError); ok && svcErr.GetHTTPStatusCode() == 404 {
+			msg := fmt.Sprintf("Peer DB System %s already terminated or not found, cleaning up Data Guardstatus",
+				func(s *string) string {
+					if s == nil {
+						return "<nil>"
+					}
+					return *s
+				}(peerDbSystemId),
+			)
+			log.Info(msg)
+			dbcsInst.Status.Message = msg
+			dbcsInst.Status.DataGuardStatus = nil
+			_ = r.KubeClient.Status().Update(ctx, dbcsInst)
+			return nil
+		}
+
+		log.Error(err, "Failed to fetch peer DB system status")
+		dbcsInst.Status.Message = "Failed to fetch peer DB system status"
+		_ = r.KubeClient.Status().Update(ctx, dbcsInst)
+		return err
+	}
+
+	var primaryDatabaseId *string
+
+	// List DB Homes
+	dbHomesResp, err := dbClient.ListDbHomes(ctx, database.ListDbHomesRequest{
+		CompartmentId: &compartmentId,
+		DbSystemId:    dbcsInst.Spec.Id,
+	})
+	if err != nil {
+		return fmt.Errorf("failed to list DB Homes for system %s: %w", *dbcsInst.Spec.Id, err)
+	}
+
+	// Iterate DB Homes
+	for _, home := range dbHomesResp.Items {
+		dbsResp, err := dbClient.ListDatabases(ctx, database.ListDatabasesRequest{
+			CompartmentId: &compartmentId,
+			DbHomeId:      home.Id,
+		})
+		if err != nil {
+			return fmt.Errorf("failed to list databases for DB Home %s: %w", *home.Id, err)
+		}
+
+		for _, db := range dbsResp.Items {
+			// List DG associations for this DB
+			dgResp, err := dbClient.ListDataGuardAssociations(ctx, database.ListDataGuardAssociationsRequest{
+				DatabaseId: db.Id,
+			})
+			if err != nil {
+				return fmt.Errorf("failed to list Data Guard associations for DB %s: %w", *db.Id, err)
+			}
+
+			for _, assoc := range dgResp.Items {
+				if assoc.Role == database.DataGuardAssociationSummaryRolePrimary {
+					primaryDatabaseId = db.Id
+					if dbcsInst.Status.DataGuardStatus == nil {
+						dbcsInst.Status.DataGuardStatus = &databasev4.DataGuardStatus{}
+					}
+					dbcsInst.Status.DataGuardStatus.PrimaryDatabaseId = primaryDatabaseId
+					dbcsInst.Status.DataGuardStatus.PeerDbSystemId = assoc.PeerDbSystemId
+					break
+				}
+			}
+
+			if primaryDatabaseId != nil {
+				break
+			}
+		}
+
+		if primaryDatabaseId != nil {
+			break
+		}
+	}
+
+	if primaryDatabaseId == nil {
+		msg := fmt.Sprintf(
+			"Skipping Data Guard deletion — peer DB %s is not associated with primary DB %s",
+			strVal(peerDbSystemId),
+			strVal(primaryDatabaseId),
+		)
+		log.Info(msg)
+
+		dbcsInst.Status.Message = msg
+
+		dbcsInst.Status.Message = msg
+		_ = r.KubeClient.Status().Update(ctx, dbcsInst)
+		return nil
+	}
+
+	// Verify Data Guard association exists
+	listAssocResp, err := dbClient.ListDataGuardAssociations(ctx, database.ListDataGuardAssociationsRequest{
+		DatabaseId: primaryDatabaseId,
+	})
+	if err != nil {
+		log.Error(err, "Failed to list Data Guard associations for primary DB")
+		dbcsInst.Status.Message = "Failed to list Data Guard associations"
+		_ = r.KubeClient.Status().Update(ctx, dbcsInst)
+		return err
+	}
+
+	var association *database.DataGuardAssociationSummary
+	for _, assoc := range listAssocResp.Items {
+		if assoc.PeerDbSystemId != nil && *assoc.PeerDbSystemId == *peerDbSystemId {
+			association = &assoc
+			break
+		}
+	}
+
+	if association == nil {
+		msg := fmt.Sprintf(
+			"Skipping Data Guard deletion — peer DB %s is not associated with primary DB %s",
+			*peerDbSystemId, primaryDatabaseId,
+		)
+		log.Info(msg)
+		dbcsInst.Status.Message = msg
+		if dbcsInst.Status.DataGuardStatus == nil {
+			dbcsInst.Status.DataGuardStatus = &databasev4.DataGuardStatus{}
+		}
+		dbcsInst.Status.DataGuardStatus.LifecycleDetails = &msg
+
+		_ = r.KubeClient.Status().Update(ctx, dbcsInst)
+
+		return fmt.Errorf(msg)
+	}
+
+	// At this point, we know the primary and peer DB are actually in Data Guard
+	log.Info("Confirmed Data Guard association, proceeding with deletion",
+		"primary", primaryDatabaseId,
+		"peer", *peerDbSystemId)
+
+	switch getDbSystemResp.DbSystem.LifecycleState {
+
+	case database.DbSystemLifecycleStateTerminated:
+		log.Info("Peer DB system is already terminated.", "peerDbSystemId", *peerDbSystemId)
+
+		terminated := string(database.DbSystemLifecycleStateTerminated)
+		dbcsInst.Status.DataGuardStatus.LifecycleState = &terminated
+		details := "Peer DB system already terminated"
+		dbcsInst.Status.DataGuardStatus.LifecycleDetails = &details
+
+		dbcsInst.Status.Message = "Data Guard peer already terminated"
+
+		if statusErr := dbcsv4.SetLifecycleState(
+			compartmentId, r.KubeClient, r.dbClient, dbcsInst,
+			databasev4.Available, r.nwClient, r.wrClient,
+		); statusErr != nil {
+			return statusErr
+		}
+
+		return r.KubeClient.Status().Update(ctx, dbcsInst)
+
+	case database.DbSystemLifecycleStateTerminating:
+		// Wait until it becomes TERMINATED (with timeout)
+		log.Info("Peer DB system is in TERMINATING state, waiting for it to reach TERMINATED...",
+			"peerDbSystemId", *peerDbSystemId)
+		status := dbcsInst.Status.DataGuardStatus
+
+		// Use Spec to fill necessary details
+		spec := dbcsInst.Spec.DataGuard
+
+		// Populate Status from Spec (if present)
+		status.DbAdminPasswordSecret = spec.DbAdminPasswordSecret
+		// status.PeerDbSystemId = spec.PeerDbSystemId
+		status.PrimaryDatabaseId = dbcsInst.Spec.Id
+		status.ProtectionMode = spec.ProtectionMode
+		status.TransportType = spec.TransportType
+		status.PeerRole = spec.PeerRole
+		status.Shape = spec.Shape
+		status.SubnetId = spec.SubnetId
+		terminatingState := string(database.DbSystemLifecycleStateTerminating)
+		status.LifecycleState = &terminatingState
+		status.LifecycleDetails = common.String("Dataguard Peer DB system is terminating...")
+		dbcsInst.Status.State = databasev4.Update
+		dbcsInst.Status.Message = "Peer DB system is terminating..."
+		_ = r.KubeClient.Status().Update(ctx, dbcsInst)
+
+		pollInterval := 30 * time.Second
+		maxWait := 120 * time.Minute
+		timeout := time.After(maxWait)
+
+		for {
+			select {
+			case <-ctx.Done():
+				return ctx.Err()
+			case <-timeout:
+				dbcsInst.Status.Message = "Timeout while waiting for peer DB system termination"
+				_ = r.KubeClient.Status().Update(ctx, dbcsInst)
+				return fmt.Errorf("timed out waiting for peer DB system %s to terminate", *peerDbSystemId)
+
+			case <-time.After(pollInterval):
+				latest, err := dbClient.GetDbSystem(ctx, database.GetDbSystemRequest{
+					DbSystemId: peerDbSystemId,
+				})
+				if err != nil {
+					log.Error(err, "Failed to poll DB system lifecycle state")
+					return err
+				}
+
+				switch latest.DbSystem.LifecycleState {
+				case database.DbSystemLifecycleStateTerminated:
+					log.Info("Peer DB system successfully terminated", "peerDbSystemId", *peerDbSystemId)
+					goto Cleanup
+				case database.DbSystemLifecycleStateFailed:
+					dbcsInst.Status.Message = "Peer DB system termination failed"
+					dbcsInst.Status.State = databasev4.Available
+					_ = r.KubeClient.Status().Update(ctx, dbcsInst)
+					return fmt.Errorf("DB system termination failed for peer %s", *peerDbSystemId)
+				default:
+					log.Info("Peer DB system still terminating...",
+						"peerDbSystemId", *peerDbSystemId,
+						"lifecycleState", latest.DbSystem.LifecycleState)
+				}
+			}
+		}
+
+	default:
+		// Active or other state → initiate termination
+		if statusErr := dbcsv4.SetLifecycleState(compartmentId, r.KubeClient, r.dbClient,
+			dbcsInst, databasev4.Update, r.nwClient, r.wrClient); statusErr != nil {
+			return statusErr
+		}
+
+		log.Info("Terminating peer DB system", "peerDbSystemId", *peerDbSystemId)
+		status := dbcsInst.Status.DataGuardStatus
+
+		// Use Spec to fill necessary details
+		spec := dbcsInst.Spec.DataGuard
+
+		// Populate Status from Spec (if present)
+		status.DbAdminPasswordSecret = spec.DbAdminPasswordSecret
+		// status.PeerDbSystemId = spec.PeerDbSystemId
+		status.PrimaryDatabaseId = dbcsInst.Spec.Id
+		status.ProtectionMode = spec.ProtectionMode
+		status.TransportType = spec.TransportType
+		status.PeerRole = spec.PeerRole
+		status.Shape = spec.Shape
+		status.SubnetId = spec.SubnetId
+		terminatingState := string(database.DbSystemLifecycleStateTerminating)
+		status.LifecycleState = &terminatingState
+		status.LifecycleDetails = common.String("Dataguard Peer DB system is terminating...")
+		dbcsInst.Status.State = databasev4.Update
+		dbcsInst.Status.Message = "Peer DB system is terminating..."
+
+		dbcsInst.Status.Message = "Initiating peer DB system termination"
+		_ = r.KubeClient.Status().Update(ctx, dbcsInst)
+
+		termSysResp, err := dbClient.TerminateDbSystem(ctx, database.TerminateDbSystemRequest{
+			DbSystemId: peerDbSystemId,
+		})
+		if err != nil {
+			log.Error(err, "Failed to initiate termination of peer DB System")
+			dbcsInst.Status.Message = "Failed to initiate peer DB system termination"
+			_ = r.KubeClient.Status().Update(ctx, dbcsInst)
+			return err
+		}
+
+		if err := r.waitForWorkRequest(ctx, log, termSysResp.OpcWorkRequestId); err != nil {
+			log.Error(err, "Peer DB system termination failed or timed out")
+			dbcsInst.Status.Message = "Peer DB system termination failed or timed out"
+			_ = r.KubeClient.Status().Update(ctx, dbcsInst)
+			return err
+		}
+		if statusErr := dbcsv4.SetLifecycleState(compartmentId, r.KubeClient, r.dbClient,
+			dbcsInst, databasev4.Available, r.nwClient, r.wrClient); statusErr != nil {
+			return statusErr
+		}
+	}
+
+Cleanup:
+	// Final cleanup — clear DataGuardStatus
+	dbcsInst.Status.Message = "Data Guard peer deleted successfully"
+	if statusErr := dbcsv4.SetLifecycleState(compartmentId, r.KubeClient, r.dbClient,
+		dbcsInst, databasev4.Available, r.nwClient, r.wrClient); statusErr != nil {
+		return statusErr
+	}
+	if err := r.KubeClient.Status().Update(ctx, dbcsInst); err != nil {
+		log.Error(err, "Failed to update DB status after deleting Data Guard")
+		return err
+	}
+	log.Info("Successfully deleted Data Guard association")
+	return nil
+}
+func strVal(s *string) string {
+	if s == nil {
+		return ""
+	}
+	return *s
+}
+
+func (r *DbcsSystemReconciler) waitForWorkRequest(
+	ctx context.Context,
+	log logr.Logger,
+	workRequestID *string,
+) error {
+	if workRequestID == nil {
+		return fmt.Errorf("missing WorkRequest ID")
+	}
+
+	log.Info("Waiting for work request to complete", "workRequestID", *workRequestID)
+	timeout := time.After(120 * time.Minute)
+	pollInterval := 30 * time.Second
+
+	for {
+		select {
+		case <-timeout:
+			return fmt.Errorf("timed out waiting for WorkRequest %s", *workRequestID)
+		default:
+			resp, err := r.wrClient.GetWorkRequest(ctx, workrequests.GetWorkRequestRequest{
+				WorkRequestId: workRequestID,
+			})
+			if err != nil {
+				log.Error(err, "Failed to get WorkRequest status", "workRequestID", *workRequestID)
+				return err
+			}
+
+			status := resp.WorkRequest.Status
+			log.Info("Polling WorkRequest status", "status", status)
+
+			switch status {
+			case workrequests.WorkRequestStatusSucceeded:
+				log.Info("WorkRequest succeeded", "workRequestID", *workRequestID)
+				return nil
+			case workrequests.WorkRequestStatusFailed:
+				return fmt.Errorf("work request %s failed", *workRequestID)
+			}
+
+			time.Sleep(pollInterval)
+		}
+	}
+}
+
 func (r *DbcsSystemReconciler) updateSpecsAndStatus(ctx context.Context, dbcsInst *databasev4.DbcsSystem, dbSystemId string) (reconcile.Result, error) {
 
 	// Retry mechanism for handling resource version conflicts
@@ -913,7 +1618,7 @@ func (r *DbcsSystemReconciler) createPluggableDatabase(ctx context.Context, dbcs
 		return "", err
 	}
 	// Change the status to Provisioning
-	if statusErr := dbcsv1.SetLifecycleState(r.KubeClient, r.dbClient, dbcs, databasev4.Provision, r.nwClient, r.wrClient); statusErr != nil {
+	if statusErr := dbcsv4.SetLifecycleState(compartmentId, r.KubeClient, r.dbClient, dbcs, databasev4.Provision, r.nwClient, r.wrClient); statusErr != nil {
 		r.Logger.Error(err, "Failed to set DBCS LifeCycle State to Provisioning")
 		return "", statusErr
 	}
@@ -961,7 +1666,7 @@ func (r *DbcsSystemReconciler) createPluggableDatabase(ctx context.Context, dbcs
 		if pdbStatus == database.PluggableDatabaseLifecycleStateAvailable {
 			r.Logger.Info("Pluggable database successfully created", "PDBName", pdbConfig.PdbName, "PDBID", *pdbConfig.PluggableDatabaseId)
 			// Change the status to Available
-			if statusErr := dbcsv1.SetLifecycleState(r.KubeClient, r.dbClient, dbcs, databasev4.Available, r.nwClient, r.wrClient); statusErr != nil {
+			if statusErr := dbcsv4.SetLifecycleState(compartmentId, r.KubeClient, r.dbClient, dbcs, databasev4.Available, r.nwClient, r.wrClient); statusErr != nil {
 				return "", statusErr
 			}
 			return *response.PluggableDatabase.Id, nil
@@ -970,7 +1675,7 @@ func (r *DbcsSystemReconciler) createPluggableDatabase(ctx context.Context, dbcs
 		if pdbStatus == database.PluggableDatabaseLifecycleStateFailed {
 			r.Logger.Error(fmt.Errorf("pluggable database creation failed"), "PDBName", pdbConfig.PdbName, "PDBID", *pdbConfig.PluggableDatabaseId)
 			// Change the status to Failed
-			if statusErr := dbcsv1.SetLifecycleState(r.KubeClient, r.dbClient, dbcs, databasev4.Failed, r.nwClient, r.wrClient); statusErr != nil {
+			if statusErr := dbcsv4.SetLifecycleState(compartmentId, r.KubeClient, r.dbClient, dbcs, databasev4.Failed, r.nwClient, r.wrClient); statusErr != nil {
 				return "", statusErr
 			}
 			return "", fmt.Errorf("pluggable database creation failed")
@@ -1079,6 +1784,59 @@ func (r *DbcsSystemReconciler) getPluggableDatabaseID(ctx context.Context, pdbCo
 	return pdbID, nil
 }
 
+func (r *DbcsSystemReconciler) getDataGuardStatusAndUpdate(
+	ctx context.Context,
+	dbcsInst *databasev4.DbcsSystem,
+	primaryDatabaseId string,
+	dbSystemId string,
+) error {
+	log := r.Logger.WithValues("func", "getDataGuardStatusAndUpdate")
+
+	// compartmentId, err := r.getCompartmentIDByDbSystemID(ctx, dbSystemId)
+	// if err != nil {
+	// 	log.Error(err, "Failed to get compartment ID for DB System")
+	// 	return err
+	// }
+
+	listRequest := database.ListDataGuardAssociationsRequest{
+		DatabaseId: common.String(primaryDatabaseId),
+	}
+
+	listResp, err := r.dbClient.ListDataGuardAssociations(ctx, listRequest)
+	if err != nil {
+		log.Error(err, "Failed to list Data Guard associations")
+		return err
+	}
+
+	if len(listResp.Items) == 0 {
+		// log.Info("No Data Guard associations found")
+		dbcsInst.Status.DataGuardStatus = &databasev4.DataGuardStatus{} // reset to empty
+		return nil
+	}
+
+	// Assuming one-to-one association
+	dg := listResp.Items[0]
+
+	status := databasev4.DataGuardStatus{
+		Id:                         dg.Id,
+		PeerDatabaseId:             dg.PeerDatabaseId,
+		PeerDbSystemId:             dg.PeerDbSystemId,
+		PeerDbHomeId:               dg.PeerDbHomeId,
+		PeerRole:                   (*string)(&dg.Role), // Cast enum to string pointer
+		PrimaryDatabaseId:          dg.DatabaseId,
+		TransportType:              (*string)(&dg.TransportType),
+		ProtectionMode:             (*string)(&dg.ProtectionMode),
+		LifecycleState:             (*string)(&dg.LifecycleState),
+		LifecycleDetails:           dg.LifecycleDetails,
+		PeerDataGuardAssociationId: dg.Id,
+	}
+
+	dbcsInst.Status.DataGuardStatus = &status
+
+	log.Info("Updated DataGuardStatus in CR", "DataGuardAssociationId", *dg.Id)
+	return nil
+}
+
 func (r *DbcsSystemReconciler) getPluggableDatabaseDetails(ctx context.Context, dbcsInst *databasev4.DbcsSystem, dbSystemId string, databaseIds []string) error {
 	compartmentId, err := r.getCompartmentIDByDbSystemID(ctx, dbSystemId)
 	if err != nil {
@@ -1097,12 +1855,6 @@ func (r *DbcsSystemReconciler) getPluggableDatabaseDetails(ctx context.Context,
 	// Create a map to track existing PDBDetailsStatus by PdbName
 	pdbDetailsMap := make(map[string]databasev4.PDBConfigStatus)
 
-	// Populate the map with existing PDBDetailsStatus from dbcsInst.Status.PdbDetailsStatus
-	// for _, existingPdbDetails := range dbcsInst.Status.PdbDetailsStatus {
-	// 	for _, existingPdbConfig := range existingPdbDetails.PDBConfigStatus {
-	// 		pdbDetailsMap[*existingPdbConfig.PdbName] = existingPdbConfig
-	// 	}
-	// }
 	// Convert databaseIds array to a set for quick lookup
 	databaseIdsSet := make(map[string]struct{})
 	for _, id := range databaseIds {
@@ -1186,6 +1938,283 @@ func (r *DbcsSystemReconciler) doesPluggableDatabaseExist(ctx context.Context, c
 	return false, nil, nil
 }
 
+// Enable Dataguard
+func (r *DbcsSystemReconciler) EnableDataGuard(
+	ctx context.Context,
+	compartmentId string,
+	log logr.Logger,
+	dbClient database.DatabaseClient,
+	dbcsSystem *databasev4.DbcsSystem,
+	kubeClient client.Client,
+	nwClient core.VirtualNetworkClient,
+	wrClient workrequests.WorkRequestClient,
+	databaseID string,
+	dataGuardConfig *databasev4.DataGuardConfig,
+) error {
+
+	// Check if the `Id` field is set
+	if databaseID == "" {
+		return fmt.Errorf("DbcsSystem.Spec.DataGuard.peerDBSytemID is not set")
+	}
+
+	// Extract last successful spec for comparison (optional)
+	oldSpec, err := dbcsSystem.GetLastSuccessfulSpecWithLog(log)
+	if err != nil {
+		log.Error(err, "Failed to get last successful spec for DbcsSystem")
+		return err
+	}
+
+	// Compare DataGuard configurations to determine if an update is required
+	updateFlag := false
+
+	if oldSpec == nil || !reflect.DeepEqual(oldSpec.DataGuard, dataGuardConfig) {
+		updateFlag = true
+	}
+
+	databaseAdminPassword, err := r.getSecret(ctx, dbcsSystem.Namespace, *dataGuardConfig.DbAdminPasswordSecret)
+	if err != nil {
+		return err
+	}
+	// Trim newline character from the password
+	databaseAdminPassword = strings.TrimSpace(databaseAdminPassword)
+	if updateFlag {
+
+		exists, err := r.checkExistingDataGuardAssociation(ctx, dbClient, dbcsSystem, databaseID, r.KubeClient, r.nwClient, r.wrClient)
+		if err != nil {
+			return err
+		}
+
+		if exists {
+			log.Info("Skipping Data Guard creation as it already exists for the database", "DatabaseID", databaseID)
+			return nil
+		}
+		// Change the phase to "Provisioning"
+		if statusErr := dbcsv4.SetLifecycleState(compartmentId, kubeClient, dbClient, dbcsSystem, databasev4.Update, nwClient, wrClient); statusErr != nil {
+			return statusErr
+		}
+
+		request := database.CreateDataGuardAssociationRequest{
+			DatabaseId: common.String(databaseID),
+			CreateDataGuardAssociationDetails: database.CreateDataGuardAssociationWithNewDbSystemDetails{
+				// CreationType:          common.String("NewDbSystem"),
+				DatabaseAdminPassword: common.String(databaseAdminPassword),
+				ProtectionMode:        database.CreateDataGuardAssociationDetailsProtectionModeEnum(*dataGuardConfig.ProtectionMode),
+				TransportType:         database.CreateDataGuardAssociationDetailsTransportTypeEnum(*dataGuardConfig.TransportType),
+				AvailabilityDomain:    dataGuardConfig.AvailabilityDomain,
+				DisplayName:           dataGuardConfig.DisplayName,
+				Hostname:              dataGuardConfig.HostName,
+				Shape:                 dataGuardConfig.Shape,
+				SubnetId:              dataGuardConfig.SubnetId,
+			},
+		}
+
+		response, err := dbClient.CreateDataGuardAssociation(ctx, request)
+		// fmt.Printf("Response:\n%+v\n", response)
+		if err != nil {
+			r.Logger.Error(err, "DbcsSystem did not reach desired state after DataGuard update")
+			return err
+		}
+
+		r.Logger.Info("Data Guard association creation started")
+		if dbcsSystem.Status.DataGuardStatus == nil {
+			dbcsSystem.Status.DataGuardStatus = &databasev4.DataGuardStatus{}
+		}
+		status := dbcsSystem.Status.DataGuardStatus
+
+		// Use Spec to fill necessary details
+		spec := dbcsSystem.Spec.DataGuard
+
+		// Populate Status from Spec (if present)
+		if spec.DbAdminPasswordSecret != nil {
+			status.DbAdminPasswordSecret = spec.DbAdminPasswordSecret
+		}
+
+		if spec.PeerDbSystemId != nil {
+			status.PeerDbSystemId = spec.PeerDbSystemId
+		}
+		if dbcsSystem.Spec.Id != nil {
+			status.PrimaryDatabaseId = dbcsSystem.Spec.Id
+		}
+		if spec.ProtectionMode != nil {
+			status.ProtectionMode = spec.ProtectionMode
+		}
+
+		if spec.TransportType != nil {
+			status.TransportType = spec.TransportType
+		}
+
+		if spec.PeerRole != nil {
+			status.PeerRole = spec.PeerRole
+		}
+
+		if spec.Shape != nil {
+			status.Shape = spec.Shape
+		}
+
+		if spec.SubnetId != nil {
+			status.SubnetId = spec.SubnetId
+		}
+
+		// Mark lifecycle as provisioning
+		provisioningState := string(database.DbSystemLifecycleStateProvisioning)
+		status.LifecycleState = &provisioningState
+		status.LifecycleDetails = common.String("Dataguard Peer DB system is Provisioning...")
+
+		dbcsSystem.Status.State = databasev4.Update
+		dbcsSystem.Status.Message = "Peer DB system is provisioning..."
+
+		dbcsSystem.Status.Message = "Initiating peer DB system provisioning for Data Guard association"
+		_ = r.KubeClient.Status().Update(ctx, dbcsSystem)
+
+		// Extract the DataGuardAssociation ID from the response
+		associationId := *response.DataGuardAssociation.Id
+
+		// Wait for the update to be applied and resource state to become "AVAILABLE"
+		// _, err = dbcsv4.CheckResourceState(log, dbClient, *dbcsSystem.Spec.Id, "UPDATING", "AVAILABLE")
+		_, err = dbcsv4.CheckDataGuardAssociationState(log, dbClient, associationId, "UPDATING", "AVAILABLE", databaseID)
+		if err != nil {
+			r.Logger.Error(err, "Error checking Data Guard Association state")
+		}
+
+		r.Logger.Info("Data Guard Association is now in the 'AVAILABLE' state.")
+
+		r.Logger.Info("DataGuard update successful", "dbSystemId", *dbcsSystem.Spec.Id)
+	} else {
+		r.Logger.Info("No DataGuard update required; configurations match")
+	}
+
+	_, err = r.checkExistingDataGuardAssociation(ctx, dbClient, dbcsSystem, databaseID, r.KubeClient, r.nwClient, r.wrClient)
+	if err != nil {
+		return err
+	}
+
+	return nil
+}
+
+// Get Dataguard Details
+func (r *DbcsSystemReconciler) checkExistingDataGuardAssociation(
+	ctx context.Context,
+	dbClient database.DatabaseClient,
+	dbcsSystem *databasev4.DbcsSystem,
+	databaseID string,
+	kubeClient client.Client,
+	nwClient core.VirtualNetworkClient,
+	wrClient workrequests.WorkRequestClient,
+) (bool, error) {
+
+	request := database.ListDataGuardAssociationsRequest{
+		DatabaseId: common.String(databaseID),
+	}
+
+	response, err := dbClient.ListDataGuardAssociations(ctx, request)
+	if err != nil {
+		return false, fmt.Errorf("failed to list Data Guard associations: %w", err)
+	}
+
+	if len(response.Items) > 0 {
+		item := response.Items[0]
+
+		// r.Logger.Info("Data Guard association found for the database", "DatabaseID", databaseID)
+
+		// Ensure DataGuardStatus struct exists
+		if dbcsSystem.Status.DataGuardStatus == nil {
+			dbcsSystem.Status.DataGuardStatus = &databasev4.DataGuardStatus{}
+		}
+		status := dbcsSystem.Status.DataGuardStatus
+
+		if item.PeerDbSystemId != nil {
+			status.PeerDbSystemId = item.PeerDbSystemId
+		}
+
+		if item.DatabaseId != nil {
+			status.PrimaryDatabaseId = item.DatabaseId
+		}
+
+		status.DbAdminPasswordSecret = dbcsSystem.Spec.DataGuard.DbAdminPasswordSecret
+
+		if item.IsActiveDataGuardEnabled != nil {
+			status.IsActiveDataGuardEnabled = *item.IsActiveDataGuardEnabled
+		}
+
+		if item.PeerRole != "" {
+			s := string(item.PeerRole)
+			status.PeerRole = &s
+		}
+
+		if item.ProtectionMode != "" {
+			s := string(item.ProtectionMode)
+			status.ProtectionMode = &s
+		}
+
+		if item.TransportType != "" {
+			s := string(item.TransportType)
+			status.TransportType = &s
+		}
+
+		if item.LifecycleState != "" {
+			s := string(item.LifecycleState)
+			status.LifecycleState = &s
+		}
+
+		if item.PeerDataGuardAssociationId != nil {
+			status.PeerDataGuardAssociationId = item.PeerDataGuardAssociationId
+		}
+
+		if item.LifecycleDetails != nil {
+			status.LifecycleDetails = item.LifecycleDetails
+		} else {
+			status.LifecycleDetails = common.String("Dataguard association enabled for the database")
+		}
+
+		if item.Id != nil {
+			status.Id = item.Id
+		}
+
+		if item.PeerDatabaseId != nil {
+			status.PeerDatabaseId = item.PeerDatabaseId
+		}
+
+		if item.LifecycleState == database.DataGuardAssociationSummaryLifecycleStateAvailable {
+			status.LifecycleDetails = common.String("Data Guard association is available")
+
+			r.Logger.Info("Data Guard association is available", "DatabaseID", databaseID)
+
+			if err := r.KubeClient.Status().Update(ctx, dbcsSystem); err != nil {
+				return false, fmt.Errorf("failed to update DbcsSystem status: %w", err)
+			}
+
+			return true, nil
+		}
+
+		if item.LifecycleState == database.DataGuardAssociationSummaryLifecycleStateFailed {
+			if item.LifecycleDetails != nil {
+				status.LifecycleDetails = item.LifecycleDetails
+			} else {
+				status.LifecycleDetails = common.String("Data Guard association is failed")
+			}
+
+			_ = r.KubeClient.Status().Update(ctx, dbcsSystem)
+
+			return false, fmt.Errorf("data guard association failed: %s", *status.LifecycleDetails)
+		}
+
+		if item.LifecycleState == database.DataGuardAssociationSummaryLifecycleStateProvisioning {
+			status.LifecycleDetails = common.String("Data Guard association is getting provisioned")
+
+			if err := r.KubeClient.Status().Update(ctx, dbcsSystem); err != nil {
+				return false, fmt.Errorf("failed to update DbcsSystem status during provisioning: %w", err)
+			}
+
+			r.Logger.Info("Data Guard association is provisioning", "DatabaseID", databaseID)
+			return true, nil
+		}
+
+	} else {
+		return false, nil
+	}
+	return false, nil
+}
+
 // Function to create KMS vault
 func (r *DbcsSystemReconciler) createKMSVault(ctx context.Context, kmsConfig *databasev4.KMSConfig, kmsClient keymanagement.KmsManagementClient, kmsInst *databasev4.KMSDetailsStatus) (*keymanagement.CreateVaultResponse, error) {
 	// Dereference the ConfigurationProvider pointer
@@ -1230,7 +2259,7 @@ func (r *DbcsSystemReconciler) createKMSVault(ctx context.Context, kmsConfig *da
 		return nil, err
 	}
 	// Wait until vault becomes active or timeout
-	timeout := time.After(5 * time.Minute) // Example timeout: 5 minutes
+	timeout := time.After(15 * time.Minute) // Example timeout: 5 minutes
 	ticker := time.NewTicker(10 * time.Second)
 	defer ticker.Stop()
 
@@ -1327,100 +2356,6 @@ func (r *DbcsSystemReconciler) getSecret(ctx context.Context, namespace, secretN
 	return "", fmt.Errorf("secret %s is empty", secretName)
 }
 
-// func (r *DbcsSystemReconciler) cloneDbSystem(ctx context.Context, dbcsInst *databasev4.DbcsSystem, provider common.ConfigurationProvider) error {
-
-// 	// Initialize OCI clients
-// 	dbClient, err := database.NewDatabaseClientWithConfigurationProvider(provider)
-// 	if err != nil {
-// 		return fmt.Errorf("failed to create OCI database client: %v", err)
-// 	}
-
-// 	// Get DB System details
-// 	compartmentId, err := r.getCompartmentIDByDbSystemID(ctx, *dbcsInst.Status.Id)
-// 	if err != nil {
-// 		fmt.Printf("Failed to get compartment ID: %v\n", err)
-// 		return err
-// 	}
-
-// 	dbHomeId, err := r.getDbHomeIdByDbSystemID(ctx, compartmentId, *dbcsInst.Status.Id)
-// 	if err != nil {
-// 		fmt.Printf("Failed to get DB Home ID: %v\n", err)
-// 		return err
-// 	}
-
-// 	databaseIds, err := r.getDatabaseIDByDbSystemID(ctx, *dbcsInst.Status.Id, compartmentId, dbHomeId)
-// 	if err != nil {
-// 		fmt.Printf("Failed to get database IDs: %v\n", err)
-// 		return err
-// 	}
-
-// 	// Use the first database ID for cloning
-// 	if len(databaseIds) == 0 {
-// 		return fmt.Errorf("no databases found in the DB system")
-// 	}
-
-// 	// Retrieve details of the database to clone
-// 	sourceDatabaseId := databaseIds[0]
-// 	_, err = dbClient.GetDatabase(ctx, database.GetDatabaseRequest{
-// 		DatabaseId: common.String(sourceDatabaseId),
-// 	})
-// 	if err != nil {
-// 		return fmt.Errorf("failed to get source database details: %v", err)
-// 	}
-
-// 	// adminPassword, err := dbcsv1.GetAdminPassword(kubeClient, dbcsInstance)
-// 	// if err != nil {
-// 	// 	log.Fatalf("Error getting admin password: %v", err)
-// 	// }
-
-// 	// tdePassword, err := GetTdePassword(kubeClient, dbcsInstance)
-// 	// if err != nil {
-// 	// 	log.Fatalf("Error getting TDE password: %v", err)
-// 	// }
-
-// 	// Define the details for creating the database from the existing DB system
-// 	// createDatabaseDetails := CreateDatabaseBaseWrapper{
-// 	// 	CreateDatabaseFromDbSystemDetails: database.CreateDatabaseFromDbSystemDetails{
-// 	// 		AdminPassword: common.String(adminPassword),                       // Replace with actual admin password
-// 	// 		DbName:        common.String(dbcsInst.Spec.DbSystem.DbName),       // Use the dbName from DbcsSystemSpec
-// 	// 		DbDomain:      common.String(dbcsInst.Spec.DbSystem.DbDomain),     // Use the dbDomain from DbcsSystemSpec
-// 	// 		DbUniqueName:  common.String(dbcsInst.Spec.DbSystem.DbUniqueName), // Use the dbUniqueName from DbcsSystemSpec
-// 	// 		DbBackupConfig: &database.DbBackupConfig{
-// 	// 			AutoBackupEnabled:    dbcsInst.Spec.DbSystem.DbBackupConfig.AutoBackupEnabled,
-// 	// 			RecoveryWindowInDays: dbcsInst.Spec.DbSystem.DbBackupConfig.RecoveryWindowsInDays,
-// 	// 		},
-// 	// 		FreeformTags: dbcsInst.Spec.DbSystem.Tags,
-// 	// 		DefinedTags: map[string]map[string]interface{}{
-// 	// 			"Namespace": {
-// 	// 				"TagKey": "TagValue", // Replace with actual defined tags if needed
-// 	// 			},
-// 	// 		},
-// 	// 	},
-// 	// }
-// 	// createDatabaseRequest := database.CreateDatabaseRequest{
-// 	// 	CreateNewDatabaseDetails: &createDatabaseDetails,
-// 	// }
-
-// 	// createDatabaseResponse, err := dbClient.CreateDatabase(ctx, createDatabaseRequest)
-// 	// if err != nil {
-// 	// 	return fmt.Errorf("failed to create database from DB system: %v", err)
-// 	// }
-
-// 	// // Update instance status with the new database ID
-// 	// dbcsInst.Status.DbInfo = append(dbcsInst.Status.DbInfo, databasev4.DbStatus{
-// 	// 	Id:           createDatabaseResponse.Database.Id,
-// 	// 	DbName:       dbcsInst.Spec.DbSystem.DbName,
-// 	// 	DbUniqueName: dbcsInst.Spec.DbSystem.DbUniqueName,
-// 	// })
-
-// 	// err = r.KubeClient.Status().Update(ctx, dbcsInst)
-// 	// if err != nil {
-// 	// 	return fmt.Errorf("failed to update instance status with database ID: %v", err)
-// 	// }
-
-// 	return nil
-// }
-
 // Convert DbBackupConfigAutoBackupWindowEnum to *string
 func autoBackupWindowEnumToStringPtr(enum *database.DbBackupConfigAutoBackupWindowEnum) *string {
 	if enum == nil {
diff --git a/controllers/database/lrest_controller.go b/controllers/database/lrest_controller.go
index 91c883e1..a7b07816 100644
--- a/controllers/database/lrest_controller.go
+++ b/controllers/database/lrest_controller.go
@@ -39,10 +39,17 @@
 package controllers
 
 import (
+	"bytes"
 	"context"
+	"crypto/tls"
+	"crypto/x509"
 	"encoding/json"
 	"errors"
 	"fmt"
+	"io/ioutil"
+	"net"
+	"net/http"
+	"slices"
 
 	//"fmt"
 	"strconv"
@@ -52,10 +59,15 @@ import (
 	"github.com/go-logr/logr"
 	appsv1 "k8s.io/api/apps/v1"
 	corev1 "k8s.io/api/core/v1"
+	v1 "k8s.io/api/core/v1"
 	apierrors "k8s.io/apimachinery/pkg/api/errors"
 	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
+	"k8s.io/apimachinery/pkg/apis/meta/v1/unstructured"
 	"k8s.io/apimachinery/pkg/runtime"
+	"k8s.io/apimachinery/pkg/runtime/schema"
 	"k8s.io/apimachinery/pkg/types"
+	"k8s.io/apimachinery/pkg/util/intstr"
+	"k8s.io/client-go/dynamic"
 	"k8s.io/client-go/kubernetes"
 	"k8s.io/client-go/rest"
 	"k8s.io/client-go/tools/record"
@@ -68,6 +80,9 @@ import (
 
 	dbapi "github.com/oracle/oracle-database-operator/apis/database/v4"
 	dbcommons "github.com/oracle/oracle-database-operator/commons/database"
+	"github.com/oracle/oracle-database-operator/commons/k8s"
+	. "github.com/oracle/oracle-database-operator/commons/multitenant/lrest"
+	lrcommons "github.com/oracle/oracle-database-operator/commons/multitenant/lrest"
 	//lrcommons "github.com/oracle/oracle-database-operator/commons/multitenant/lrest"
 )
 
@@ -90,6 +105,8 @@ var (
 	lrestPhaseReady   = "Ready"
 	lrestPhaseDelete  = "Deleting"
 	lrestPhaseFail    = "Failed"
+	lrestHealthy      = "Healthy"
+	lrestUnHealthy    = "Unhealthy"
 )
 
 const LRESTFinalizer = "database.oracle.com/LRESTfinalizer"
@@ -97,7 +114,7 @@ const LRESTFinalizer = "database.oracle.com/LRESTfinalizer"
 //+kubebuilder:rbac:groups=database.oracle.com,resources=lrests,verbs=get;list;watch;create;update;patch;delete
 //+kubebuilder:rbac:groups=database.oracle.com,resources=lrests/status,verbs=get;update;patch
 //+kubebuilder:rbac:groups=database.oracle.com,resources=lrests/finalizers,verbs=update
-//+kubebuilder:rbac:groups="",resources=pods;pods/log;pods/exec;services;configmaps;events;replicasets,verbs=create;delete;get;list;patch;update;watch
+//+kubebuilder:rbac:groups="",resources=pods;pods/log;services;configmaps;events;replicasets,verbs=create;delete;get;list;patch;update;watch
 //+kubebuilder:rbac:groups=core,resources=pods;secrets;services;configmaps;namespaces,verbs=get;list;watch;create;update;patch;delete
 //+kubebuilder:rbac:groups=apps,resources=replicasets,verbs=get;list;watch;create;update;patch;delete
 
@@ -158,6 +175,13 @@ func (r *LRESTReconciler) Reconcile(ctx context.Context, req ctrl.Request) (ctrl
 	// If post-creation, LREST spec is changed, check and take appropriate action
 	if (lrest.Status.Phase == lrestPhaseReady) && lrest.Status.Status {
 		r.evaluateSpecChange(ctx, req, lrest)
+		r.lrestHealthCheck(ctx, req, lrest)
+	}
+
+	// Auto discover functionality looks for pdb with no crd
+	if lrest.Spec.PdbAutoDiscover == true && lrest.Status.Status == true {
+		log.Info("PDB auto discover turned on")
+		r.PdbAutoDiscover(ctx, req, lrest)
 	}
 
 	if !lrest.Status.Status {
@@ -179,10 +203,10 @@ func (r *LRESTReconciler) Reconcile(ctx context.Context, req ctrl.Request) (ctrl
 				log.Info("Reconcile queued")
 				return requeueY, nil
 			}
-			lrest.Status.Phase = lrestPhaseValPod
+			lrest.Status.Phase = lrestPhaseService
 		case lrestPhaseValPod:
 			// Validate LREST PODs
-			err = r.validateLRESTPods(ctx, req, lrest)
+			err = r.validateLRESTPods2(ctx, req, lrest)
 			if err != nil {
 				if lrest.Status.Phase == lrestPhaseFail {
 					return requeueN, nil
@@ -190,7 +214,7 @@ func (r *LRESTReconciler) Reconcile(ctx context.Context, req ctrl.Request) (ctrl
 				log.Info("Reconcile queued")
 				return requeueY, nil
 			}
-			lrest.Status.Phase = lrestPhaseService
+			lrest.Status.Phase = lrestPhaseReady
 		case lrestPhaseService:
 			// Create LREST Service
 			err = r.createLRESTSVC(ctx, req, lrest)
@@ -199,7 +223,7 @@ func (r *LRESTReconciler) Reconcile(ctx context.Context, req ctrl.Request) (ctrl
 				return requeueY, nil
 			}
 			//lrest.Status.Phase = lrestPhaseSecrets
-			lrest.Status.Phase = lrestPhaseReady
+			lrest.Status.Phase = lrestPhaseValPod
 		case lrestPhaseSecrets:
 			// Delete LREST Secrets
 			//r.deleteSecrets(ctx, req, lrest)
@@ -208,7 +232,7 @@ func (r *LRESTReconciler) Reconcile(ctx context.Context, req ctrl.Request) (ctrl
 		case lrestPhaseReady:
 			lrest.Status.Status = true
 			r.Status().Update(ctx, lrest)
-			return requeueN, nil
+			return requeueY, nil
 		default:
 			lrest.Status.Phase = lrestPhaseInit
 			log.Info("DEFAULT:", "Name", lrest.Name, "Phase", phase, "Status", strconv.FormatBool(lrest.Status.Status))
@@ -217,11 +241,12 @@ func (r *LRESTReconciler) Reconcile(ctx context.Context, req ctrl.Request) (ctrl
 		if err := r.Status().Update(ctx, lrest); err != nil {
 			log.Error(err, "Failed to update status for :"+lrest.Name, "err", err.Error())
 		}
+
 		return requeueY, nil
 	}
 
 	log.Info("Reconcile completed")
-	return requeueN, nil
+	return requeueY, nil
 }
 
 /*
@@ -262,6 +287,40 @@ func (r *LRESTReconciler) createLRESTInstances(ctx context.Context, req ctrl.Req
   - Validate LREST Pod. Check if there are any errors
     /***********************************************
 */
+func (r *LRESTReconciler) validateLRESTPods2(ctx context.Context, req ctrl.Request, lrest *dbapi.LREST) error {
+	log := r.Log.WithValues("validateLRESTPod2", req.NamespacedName)
+	log.Info("Validating Pod creation for :" + lrest.Name)
+
+	/*
+		_, err := r.SelectFromVpdbs(ctx, req, lrest)
+		if err != nil {
+			log.Info("LREST is not ready ", "Namespace", req.Namespace)
+			lrest.Status.Msg = "Waiting for LREST Pod(s) to be read"
+			return errors.New("Waiting for LREST pods to be ready")
+		}
+	*/
+
+	/* Using a smarter and ligther method to validate the pod
+	   No need  to read the whole v$pdbs*/
+	RestPort := lrest.Spec.LRESTPort
+	RestName := lrest.Name + "-lrest"
+	RestNmsp := lrest.Namespace
+	Ip := RestName + "." + RestNmsp + ":" + strconv.Itoa(RestPort)
+
+	url := "https://" + Ip + "/database/pdbs/PDB$SEED/status/"
+	_, err := NewCallAPIAllPdbs(r, ctx, req, lrest, url, nil, "GET")
+	if err != nil {
+		log.Info("LREST is not ready ", "Namespace", req.Namespace)
+		lrest.Status.Msg = "Waiting for LREST Pod(s) to be read"
+		return errors.New("Waiting for LREST pods to be ready")
+	}
+
+	lrest.Status.Msg = ""
+	return nil
+
+}
+
+/* Un-used function
 func (r *LRESTReconciler) validateLRESTPods(ctx context.Context, req ctrl.Request, lrest *dbapi.LREST) error {
 
 	log := r.Log.WithValues("validateLRESTPod", req.NamespacedName)
@@ -318,6 +377,7 @@ func (r *LRESTReconciler) validateLRESTPods(ctx context.Context, req ctrl.Reques
 	lrest.Status.Msg = ""
 	return nil
 }
+*/
 
 /*
 ***********************
@@ -328,97 +388,16 @@ func (r *LRESTReconciler) validateLRESTPods(ctx context.Context, req ctrl.Reques
 func (r *LRESTReconciler) createPodSpec(lrest *dbapi.LREST) corev1.PodSpec {
 
 	podSpec := corev1.PodSpec{
-		Volumes: []corev1.Volume{{
-			Name: "secrets",
-			VolumeSource: corev1.VolumeSource{
-				Projected: &corev1.ProjectedVolumeSource{
-					DefaultMode: func() *int32 { i := int32(0666); return &i }(),
-					Sources: []corev1.VolumeProjection{
-						{
-							Secret: &corev1.SecretProjection{
-								LocalObjectReference: corev1.LocalObjectReference{
-									Name: lrest.Spec.LRESTPubKey.Secret.SecretName,
-								},
-								Items: []corev1.KeyToPath{
-									{
-										Key:  lrest.Spec.LRESTPubKey.Secret.Key,
-										Path: lrest.Spec.LRESTPubKey.Secret.Key,
-									},
-								},
-							},
-						},
-						{
-							Secret: &corev1.SecretProjection{
-								LocalObjectReference: corev1.LocalObjectReference{
-									Name: lrest.Spec.LRESTPriKey.Secret.SecretName,
-								},
-								Items: []corev1.KeyToPath{
-									{
-										Key:  lrest.Spec.LRESTPriKey.Secret.Key,
-										Path: lrest.Spec.LRESTPriKey.Secret.Key,
-									},
-								},
-							},
-						},
-
-						/***/
-						{
-							Secret: &corev1.SecretProjection{
-								LocalObjectReference: corev1.LocalObjectReference{
-									Name: lrest.Spec.LRESTTlsKey.Secret.SecretName,
-								},
-								Items: []corev1.KeyToPath{
-									{
-										Key:  lrest.Spec.LRESTTlsKey.Secret.Key,
-										Path: lrest.Spec.LRESTTlsKey.Secret.Key,
-									},
-								},
-							},
-						},
-						{
-							Secret: &corev1.SecretProjection{
-								LocalObjectReference: corev1.LocalObjectReference{
-									Name: lrest.Spec.LRESTTlsCrt.Secret.SecretName,
-								},
-								Items: []corev1.KeyToPath{
-									{
-										Key:  lrest.Spec.LRESTTlsCrt.Secret.Key,
-										Path: lrest.Spec.LRESTTlsCrt.Secret.Key,
-									},
-								},
-							},
-						},
-					},
-				},
-			},
-		}},
+		Volumes: PodVolumes(lrest), /* Volumes */
 		SecurityContext: &corev1.PodSecurityContext{
-			RunAsNonRoot: &[]bool{true}[0],
-			FSGroup:      &[]int64{54321}[0],
-			SeccompProfile: &corev1.SeccompProfile{
-				Type: corev1.SeccompProfileTypeRuntimeDefault,
-			},
+			RunAsNonRoot: k8s.BoolPointer(true),
+			RunAsUser:    k8s.Int64Pointer(dbcommons.ORACLE_UID),
+			RunAsGroup:   k8s.Int64Pointer(dbcommons.ORACLE_GUID),
+			FSGroup:      k8s.Int64Pointer(dbcommons.ORACLE_GUID),
+			//SeccompProfile: &corev1.SeccompProfile{
+			//	Type: corev1.SeccompProfileTypeRuntimeDefault,
+			//},
 		},
-		/*InitContainers: []corev1.Container{{
-			Image:           lrest.Spec.LRESTImage,
-			Name:            lrest.Name + "-init",
-			ImagePullPolicy: corev1.PullIfNotPresent,
-			SecurityContext: securityContextDefineLrest(),
-			Command:         []string{"echo test > /opt/oracle/lrest/certificates/tests"},
-			Env: func() []corev1.EnvVar {
-				return []corev1.EnvVar{
-					{
-						Name:  "ORACLE_HOST",
-						Value: lrest.Spec.DBTnsurl,
-					}}
-			}(),
-			VolumeMounts: []corev1.VolumeMount{
-				{
-					MountPath: "/opt/oracle/lrest/certificates",
-					Name:      "secrets",
-					ReadOnly:  false,
-				}},
-		}},*/
 		Containers: []corev1.Container{{
 			Image:           lrest.Spec.LRESTImage,
 			Name:            lrest.Name + "-lrest",
@@ -431,90 +410,7 @@ func (r *LRESTReconciler) createPodSpec(lrest *dbapi.LREST) corev1.PodSpec {
 					ReadOnly:  true,
 				},
 			},
-			Env: func() []corev1.EnvVar {
-				return []corev1.EnvVar{
-					{
-						Name:  "ORACLE_HOST",
-						Value: lrest.Spec.DBServer,
-					},
-					{
-						Name:  "DBTNSURL",
-						Value: lrest.Spec.DBTnsurl,
-					},
-					{
-						Name:  "TLSCRT",
-						Value: lrest.Spec.LRESTTlsCrt.Secret.Key,
-					},
-					{
-						Name:  "TLSKEY",
-						Value: lrest.Spec.LRESTTlsKey.Secret.Key,
-					},
-					{
-						Name:  "PUBKEY",
-						Value: lrest.Spec.LRESTPubKey.Secret.Key,
-					},
-					{
-						Name:  "PRVKEY",
-						Value: lrest.Spec.LRESTPriKey.Secret.Key,
-					},
-					{
-						Name:  "ORACLE_PORT",
-						Value: strconv.Itoa(lrest.Spec.DBPort),
-					},
-					{
-						Name:  "LREST_PORT",
-						Value: strconv.Itoa(lrest.Spec.LRESTPort),
-					},
-					{
-						Name:  "ORACLE_SERVICE",
-						Value: lrest.Spec.ServiceName,
-					},
-					{
-						Name: "R1",
-						ValueFrom: &corev1.EnvVarSource{
-							SecretKeyRef: &corev1.SecretKeySelector{
-								LocalObjectReference: corev1.LocalObjectReference{
-									Name: lrest.Spec.LRESTAdminUser.Secret.SecretName,
-								},
-								Key: lrest.Spec.LRESTAdminUser.Secret.Key,
-							},
-						},
-					},
-					{
-						Name: "R2",
-						ValueFrom: &corev1.EnvVarSource{
-							SecretKeyRef: &corev1.SecretKeySelector{
-								LocalObjectReference: corev1.LocalObjectReference{
-									Name: lrest.Spec.LRESTAdminPwd.Secret.SecretName,
-								},
-								Key: lrest.Spec.LRESTAdminPwd.Secret.Key,
-							},
-						},
-					},
-					{
-						Name: "R3",
-						ValueFrom: &corev1.EnvVarSource{
-							SecretKeyRef: &corev1.SecretKeySelector{
-								LocalObjectReference: corev1.LocalObjectReference{
-									Name: lrest.Spec.WebLrestServerUser.Secret.SecretName,
-								},
-								Key: lrest.Spec.WebLrestServerUser.Secret.Key,
-							},
-						},
-					},
-					{
-						Name: "R4",
-						ValueFrom: &corev1.EnvVarSource{
-							SecretKeyRef: &corev1.SecretKeySelector{
-								LocalObjectReference: corev1.LocalObjectReference{
-									Name: lrest.Spec.WebLrestServerPwd.Secret.SecretName,
-								},
-								Key: lrest.Spec.WebLrestServerPwd.Secret.Key,
-							},
-						},
-					},
-				}
-			}(),
+			Env: ContainerEnv(lrest), /* Environment Variables */
 		}},
 
 		NodeSelector: func() map[string]string {
@@ -526,6 +422,8 @@ func (r *LRESTReconciler) createPodSpec(lrest *dbapi.LREST) corev1.PodSpec {
 			}
 			return ns
 		}(),
+
+		ServiceAccountName: lrest.Spec.SrvAccountName,
 	}
 
 	if len(lrest.Spec.LRESTImagePullSecret) > 0 {
@@ -594,7 +492,7 @@ func (r *LRESTReconciler) createReplicaSetSpec(lrest *dbapi.LREST) *appsv1.Repli
   - Evaluate change in Spec post creation and instantiation
     /*******************************************************
 */
-func (r *LRESTReconciler) deleteReplicaSet(ctx context.Context, req ctrl.Request, lrest *dbapi.LREST) error {
+func (r *LRESTReconciler) deleteReplicaSet(req ctrl.Request, lrest *dbapi.LREST) error {
 	log := r.Log.WithValues("deleteReplicaSet", req.NamespacedName)
 
 	k_client, err := kubernetes.NewForConfig(r.Config)
@@ -658,7 +556,7 @@ func (r *LRESTReconciler) evaluateSpecChange(ctx context.Context, req ctrl.Reque
 
 	if lrestSpecChange {
 		// Delete existing ReplicaSet
-		err = r.deleteReplicaSet(ctx, req, lrest)
+		err = r.deleteReplicaSet(req, lrest)
 		if err != nil {
 			return err
 		}
@@ -708,7 +606,7 @@ func (r *LRESTReconciler) createLRESTSVC(ctx context.Context, req ctrl.Request,
 	foundSvc := &corev1.Service{}
 	err := r.Get(context.TODO(), types.NamespacedName{Name: lrest.Name + "-lrest", Namespace: lrest.Namespace}, foundSvc)
 	if err != nil && apierrors.IsNotFound(err) {
-		svc := r.createSvcSpec(lrest)
+		svc := r.createCoreService(lrest)
 
 		log.Info("Creating a new Cluster Service for: "+lrest.Name, "Svc.Namespace", svc.Namespace, "Service.Name", svc.Name)
 		err := r.Create(ctx, svc)
@@ -731,7 +629,34 @@ func (r *LRESTReconciler) createLRESTSVC(ctx context.Context, req ctrl.Request,
   - Create Service spec
     /***********************
 */
-func (r *LRESTReconciler) createSvcSpec(lrest *dbapi.LREST) *corev1.Service {
+
+func (r *LRESTReconciler) createCoreService(lrest *dbapi.LREST) *corev1.Service {
+	var portLrest int32
+	fmt.Sscan(fmt.Sprintf("%d", lrest.Spec.LRESTPort), &portLrest) // 64->32
+	svcspecIp := corev1.ServiceSpec{}
+	svcspecIp.Selector = map[string]string{"name": lrest.Name + "-lrest"}
+
+	if lrest.Spec.ClusterIP == false {
+		svcspecIp.ClusterIP = corev1.ClusterIPNone
+	} else {
+		svcspecIp.Ports = []v1.ServicePort{
+			{
+				Protocol:   v1.ProtocolTCP,
+				Port:       443,
+				TargetPort: intstr.FromInt(443),
+				Name:       "https",
+			},
+			{
+				Protocol:   v1.ProtocolTCP,
+				Port:       portLrest,
+				TargetPort: intstr.FromInt(lrest.Spec.LRESTPort),
+				Name:       "lrest-port",
+			},
+		}
+		if lrest.Spec.LoadBalancer == true {
+			svcspecIp.Type = v1.ServiceTypeLoadBalancer
+		}
+	}
 
 	svc := &corev1.Service{
 		TypeMeta: metav1.TypeMeta{
@@ -741,12 +666,7 @@ func (r *LRESTReconciler) createSvcSpec(lrest *dbapi.LREST) *corev1.Service {
 			Name:      lrest.Name + "-lrest",
 			Namespace: lrest.Namespace,
 		},
-		Spec: corev1.ServiceSpec{
-			Selector: map[string]string{
-				"name": lrest.Name + "-lrest",
-			},
-			ClusterIP: corev1.ClusterIPNone,
-		},
+		Spec: svcspecIp,
 	}
 	// Set LREST instance as the owner and controller
 	ctrl.SetControllerReference(lrest, svc, r.Scheme)
@@ -772,7 +692,7 @@ func (r *LRESTReconciler) manageLRESTDeletion(ctx context.Context, req ctrl.Requ
 		}
 
 	} else {
-		log.Info("lrest set to be deleted")
+		log.Info("lrest mark to be delited")
 		lrest.Status.Phase = lrestPhaseDelete
 		lrest.Status.Status = true
 		r.Status().Update(ctx, lrest)
@@ -790,7 +710,7 @@ func (r *LRESTReconciler) manageLRESTDeletion(ctx context.Context, req ctrl.Requ
 			}
 		}
 
-		err := r.deleteLRESTInstance(ctx, req, lrest)
+		err := r.deleteLRESTInstance(req, lrest)
 		if err != nil {
 			log.Info("Could not delete LREST Resource", "LREST Name", lrest.Spec.LRESTName, "err", err.Error())
 			return err
@@ -806,7 +726,7 @@ func (r *LRESTReconciler) manageLRESTDeletion(ctx context.Context, req ctrl.Requ
 
 /***********************************************
 */
-func (r *LRESTReconciler) deleteLRESTInstance(ctx context.Context, req ctrl.Request, lrest *dbapi.LREST) error {
+func (r *LRESTReconciler) deleteLRESTInstance(req ctrl.Request, lrest *dbapi.LREST) error {
 
 	log := r.Log.WithValues("deleteLRESTInstance", req.NamespacedName)
 
@@ -907,23 +827,15 @@ func (r *LRESTReconciler) checkSecret(ctx context.Context, req ctrl.Request, lre
 /*
 ************************************************
   - Delete Secrets
-    /***********************************************
-*/
+  - No longer used
+************************************************/
+/*
 func (r *LRESTReconciler) deleteSecrets(ctx context.Context, req ctrl.Request, lrest *dbapi.LREST) {
 
 	log := r.Log.WithValues("deleteSecrets", req.NamespacedName)
 
 	log.Info("Deleting LREST secrets")
 	secret := &corev1.Secret{}
-	/*
-		err := r.Get(ctx, types.NamespacedName{Name: lrest.Spec.SysAdminPwd.Secret.SecretName, Namespace: lrest.Namespace}, secret)
-		if err == nil {
-			err := r.Delete(ctx, secret)
-			if err == nil {
-				log.Info("Deleted the secret : " + lrest.Spec.SysAdminPwd.Secret.SecretName)
-			}
-		}
-	*/
 
 	err := r.Get(ctx, types.NamespacedName{Name: lrest.Spec.LRESTAdminUser.Secret.SecretName, Namespace: lrest.Namespace}, secret)
 	if err == nil {
@@ -940,15 +852,6 @@ func (r *LRESTReconciler) deleteSecrets(ctx context.Context, req ctrl.Request, l
 			log.Info("Deleted the secret : " + lrest.Spec.LRESTAdminPwd.Secret.SecretName)
 		}
 	}
-	/*
-		err = r.Get(ctx, types.NamespacedName{Name: lrest.Spec.LRESTPwd.Secret.SecretName, Namespace: lrest.Namespace}, secret)
-		if err == nil {
-			err := r.Delete(ctx, secret)
-			if err == nil {
-				log.Info("Deleted the secret : " + lrest.Spec.LRESTPwd.Secret.SecretName)
-			}
-		}
-	*/
 
 	err = r.Get(ctx, types.NamespacedName{Name: lrest.Spec.WebLrestServerUser.Secret.SecretName, Namespace: lrest.Namespace}, secret)
 	if err == nil {
@@ -966,6 +869,7 @@ func (r *LRESTReconciler) deleteSecrets(ctx context.Context, req ctrl.Request, l
 		}
 	}
 }
+*/
 
 /*
 *************************************************************
@@ -993,8 +897,9 @@ func (r *LRESTReconciler) SetupWithManager(mgr ctrl.Manager) error {
 
 func securityContextDefineLrest() *corev1.SecurityContext {
 	return &corev1.SecurityContext{
-		RunAsNonRoot:             &[]bool{true}[0],
-		RunAsUser:                &[]int64{54321}[0],
+		RunAsNonRoot:             k8s.BoolPointer(true),
+		RunAsUser:                k8s.Int64Pointer(dbcommons.ORACLE_UID),
+		RunAsGroup:               k8s.Int64Pointer(dbcommons.ORACLE_GUID),
 		AllowPrivilegeEscalation: &[]bool{false}[0],
 		Capabilities: &corev1.Capabilities{
 			Drop: []corev1.Capability{
@@ -1004,6 +909,166 @@ func securityContextDefineLrest() *corev1.SecurityContext {
 	}
 }
 
+func ContainerEnv(lrest *dbapi.LREST) []corev1.EnvVar {
+	EnvVar := []corev1.EnvVar{
+		{
+			Name:  "ORACLE_HOST",
+			Value: lrest.Spec.DBServer,
+		},
+		{
+			Name:  "DBTNSURL",
+			Value: lrest.Spec.DBTnsurl,
+		},
+		{
+			Name:  "TLSCRT",
+			Value: lrest.Spec.LRESTTlsCrt.Secret.Key,
+		},
+		{
+			Name:  "TLSKEY",
+			Value: lrest.Spec.LRESTTlsKey.Secret.Key,
+		},
+		{
+			Name:  "PUBKEY",
+			Value: lrest.Spec.LRESTPubKey.Secret.Key,
+		},
+		{
+			Name:  "PRVKEY",
+			Value: lrest.Spec.LRESTPriKey.Secret.Key,
+		},
+		{
+			Name:  "ORACLE_PORT",
+			Value: strconv.Itoa(lrest.Spec.DBPort),
+		},
+		{
+			Name:  "LREST_PORT",
+			Value: strconv.Itoa(lrest.Spec.LRESTPort),
+		},
+		{
+			Name:  "ORACLE_SERVICE",
+			Value: lrest.Spec.ServiceName,
+		},
+		{
+			Name:  "TRACE_LEVEL_CLIENT",
+			Value: strconv.Itoa(lrest.Spec.SqlNetTrace),
+		},
+		{
+			Name: "R1",
+			ValueFrom: &corev1.EnvVarSource{
+				SecretKeyRef: &corev1.SecretKeySelector{
+					LocalObjectReference: corev1.LocalObjectReference{
+						Name: lrest.Spec.LRESTAdminUser.Secret.SecretName,
+					},
+					Key: lrest.Spec.LRESTAdminUser.Secret.Key,
+				},
+			},
+		},
+		{
+			Name: "R2",
+			ValueFrom: &corev1.EnvVarSource{
+				SecretKeyRef: &corev1.SecretKeySelector{
+					LocalObjectReference: corev1.LocalObjectReference{
+						Name: lrest.Spec.LRESTAdminPwd.Secret.SecretName,
+					},
+					Key: lrest.Spec.LRESTAdminPwd.Secret.Key,
+				},
+			},
+		},
+		{
+			Name: "R3",
+			ValueFrom: &corev1.EnvVarSource{
+				SecretKeyRef: &corev1.SecretKeySelector{
+					LocalObjectReference: corev1.LocalObjectReference{
+						Name: lrest.Spec.WebLrestServerUser.Secret.SecretName,
+					},
+					Key: lrest.Spec.WebLrestServerUser.Secret.Key,
+				},
+			},
+		},
+		{
+			Name: "R4",
+			ValueFrom: &corev1.EnvVarSource{
+				SecretKeyRef: &corev1.SecretKeySelector{
+					LocalObjectReference: corev1.LocalObjectReference{
+						Name: lrest.Spec.WebLrestServerPwd.Secret.SecretName,
+					},
+					Key: lrest.Spec.WebLrestServerPwd.Secret.Key,
+				},
+			},
+		},
+	}
+
+	return EnvVar
+}
+
+func PodVolumes(lrest *dbapi.LREST) []corev1.Volume {
+
+	Volumes := []corev1.Volume{{
+		Name: "secrets",
+		VolumeSource: corev1.VolumeSource{
+			Projected: &corev1.ProjectedVolumeSource{
+				DefaultMode: func() *int32 { i := int32(0666); return &i }(),
+				Sources: []corev1.VolumeProjection{
+					{
+						Secret: &corev1.SecretProjection{
+							LocalObjectReference: corev1.LocalObjectReference{
+								Name: lrest.Spec.LRESTPubKey.Secret.SecretName,
+							},
+							Items: []corev1.KeyToPath{
+								{
+									Key:  lrest.Spec.LRESTPubKey.Secret.Key,
+									Path: lrest.Spec.LRESTPubKey.Secret.Key,
+								},
+							},
+						},
+					},
+					{
+						Secret: &corev1.SecretProjection{
+							LocalObjectReference: corev1.LocalObjectReference{
+								Name: lrest.Spec.LRESTPriKey.Secret.SecretName,
+							},
+							Items: []corev1.KeyToPath{
+								{
+									Key:  lrest.Spec.LRESTPriKey.Secret.Key,
+									Path: lrest.Spec.LRESTPriKey.Secret.Key,
+								},
+							},
+						},
+					},
+
+					{
+						Secret: &corev1.SecretProjection{
+							LocalObjectReference: corev1.LocalObjectReference{
+								Name: lrest.Spec.LRESTTlsKey.Secret.SecretName,
+							},
+							Items: []corev1.KeyToPath{
+								{
+									Key:  lrest.Spec.LRESTTlsKey.Secret.Key,
+									Path: lrest.Spec.LRESTTlsKey.Secret.Key,
+								},
+							},
+						},
+					},
+					{
+						Secret: &corev1.SecretProjection{
+							LocalObjectReference: corev1.LocalObjectReference{
+								Name: lrest.Spec.LRESTTlsCrt.Secret.SecretName,
+							},
+							Items: []corev1.KeyToPath{
+								{
+									Key:  lrest.Spec.LRESTTlsCrt.Secret.Key,
+									Path: lrest.Spec.LRESTTlsCrt.Secret.Key,
+								},
+							},
+						},
+					},
+				},
+			},
+		},
+	}}
+
+	return Volumes
+}
+
 func (r *LRESTReconciler) DeletePDBS(ctx context.Context, req ctrl.Request, lrest *dbapi.LREST) error {
 	log := r.Log.WithValues("DeletePDBS", req.NamespacedName)
 
@@ -1046,7 +1111,7 @@ func (r *LRESTReconciler) DeletePDBS(ctx context.Context, req ctrl.Request, lres
 						}
 
 						pdbitem.Status.SqlCode = int(objmap["sqlcode"].(float64))
-						log.Info("pdb closure.......:", "sqlcode", pdbitem.Status.SqlCode)
+						log.Info("pdb closuer.......:", "sqlcode", pdbitem.Status.SqlCode)
 
 						if errapi != nil {
 							log.Error(err, "callAPI cannot close pdb "+pdbitem.Spec.LRPDBName, "err", err.Error())
@@ -1061,7 +1126,7 @@ func (r *LRESTReconciler) DeletePDBS(ctx context.Context, req ctrl.Request, lres
 					values = map[string]string{
 						"action": "INCLUDING",
 					}
-					respData, errapi := NewCallLAPI(r, ctx, req, &pdbitem, url, values, "DELETE")
+					respData, errapi := NewCallAPISQL(r, ctx, req, &pdbitem, url, values, "DELETE")
 
 					if err := json.Unmarshal([]byte(respData), &objmap); err != nil {
 						log.Error(err, "failed to get respData from callAPI", "err", err.Error())
@@ -1076,7 +1141,6 @@ func (r *LRESTReconciler) DeletePDBS(ctx context.Context, req ctrl.Request, lres
 						return err
 					}
 					r.Recorder.Eventf(lrest, corev1.EventTypeNormal, "drop pdb", "pdbname=%s", pdbitem.Spec.LRPDBName)
-
 					/* remove finalizer */
 
 					if controllerutil.ContainsFinalizer(&pdbitem, LRPDBFinalizer) {
@@ -1100,6 +1164,524 @@ func (r *LRESTReconciler) DeletePDBS(ctx context.Context, req ctrl.Request, lres
 		}
 
 	}
-	/* ================================================ */
 	return nil
 }
+
+func SearchElementInDbList(element string, TheList []string) bool {
+	var inthelist bool
+	inthelist = false
+	for idx := range TheList {
+		if strings.ToLower(element) == strings.ToLower(TheList[idx]) {
+			inthelist = true
+			return inthelist
+		}
+	}
+	return inthelist
+}
+
+func (r *LRESTReconciler) SelectFromVpdbs(ctx context.Context, req ctrl.Request, lrest *dbapi.LREST) ([]interface{}, error) {
+	log := r.Log.WithValues("SelectFromVpdbs", req.NamespacedName)
+	url := "https://" + lrest.Name + "-lrest." + lrest.Namespace + ":" + strconv.Itoa(lrest.Spec.LRESTPort) + "/database/pdbs/"
+
+	output, err := NewCallAPIAllPdbs(r, ctx, req, lrest, url, nil, "GET")
+	if err != nil {
+		log.Info("NewCallAPIAllPdbs Error")
+	}
+
+	data := []byte(` {"PDBS":` + output + `}`)
+	var idata interface{}
+	err = json.Unmarshal(data, &idata)
+	if err != nil {
+		log.Info("error json.Unmarshal")
+		return nil, err
+	}
+
+	mdata := idata.(map[string]interface{})
+	ndata := mdata["PDBS"].([]interface{})
+
+	return ndata, nil
+
+}
+
+func (r *LRESTReconciler) LrpdbCreation(ctx context.Context, req ctrl.Request, lrest *dbapi.LREST, dbinfo []interface{}, idx int) error {
+	log := r.Log.WithValues("LrpdbCreation", req.NamespacedName)
+	log.Info("Creating LRPDB for :" + dbinfo[idx].(map[string]interface{})["name"].(string))
+
+	cln, err := dynamic.NewForConfig(r.Config)
+	if err != nil {
+		log.Error(err, "Kubernetes Config Error")
+		return err
+	}
+
+	TlsCrtecobj := &unstructured.Unstructured{
+		Object: map[string]interface{}{
+			"secret": map[string]interface{}{
+				"key":        lrest.Spec.LRESTTlsCrt.Secret.Key,
+				"secretName": lrest.Spec.LRESTTlsCrt.Secret.SecretName,
+			},
+		},
+	}
+
+	TlsCatecobj := &unstructured.Unstructured{
+		Object: map[string]interface{}{
+			"secret": map[string]interface{}{
+				"key":        lrest.Spec.LRESTTlsCat.Secret.Key,
+				"secretName": lrest.Spec.LRESTTlsCat.Secret.SecretName,
+			},
+		},
+	}
+
+	TlsKeyecobj := &unstructured.Unstructured{
+		Object: map[string]interface{}{
+			"secret": map[string]interface{}{
+				"key":        lrest.Spec.LRESTTlsKey.Secret.Key,
+				"secretName": lrest.Spec.LRESTTlsKey.Secret.SecretName,
+			},
+		},
+	}
+
+	WebUseObj := &unstructured.Unstructured{
+		Object: map[string]interface{}{
+			"secret": map[string]interface{}{
+				"key":        lrest.Spec.WebLrestServerUser.Secret.Key,
+				"secretName": lrest.Spec.WebLrestServerUser.Secret.SecretName,
+			},
+		},
+	}
+
+	WebPasObj := &unstructured.Unstructured{
+		Object: map[string]interface{}{
+			"secret": map[string]interface{}{
+				"key":        lrest.Spec.WebLrestServerPwd.Secret.Key,
+				"secretName": lrest.Spec.WebLrestServerPwd.Secret.SecretName,
+			},
+		},
+	}
+
+	CdbPrvKeyObj := &unstructured.Unstructured{
+		Object: map[string]interface{}{
+			"secret": map[string]interface{}{
+				"key":        lrest.Spec.LRESTPriKey.Secret.Key,
+				"secretName": lrest.Spec.LRESTPriKey.Secret.SecretName,
+			},
+		},
+	}
+
+	TotSzStr := fmt.Sprintf("%f", dbinfo[idx].(map[string]interface{})["total_size"].(float64))
+
+	log.Info("secretName:" + lrest.Spec.WebLrestServerUser.Secret.SecretName)
+	log.Info("secretName:" + lrest.Spec.WebLrestServerPwd.Secret.SecretName)
+	log.Info("DEBUGSIZE::" + TotSzStr)
+
+	var NamesSpaceAutoDiscover string
+	if lrest.Spec.NamesSpaceAutoDiscover != "" {
+		NamesSpaceAutoDiscover = lrest.Spec.NamesSpaceAutoDiscover
+	} else {
+		NamesSpaceAutoDiscover = lrest.Namespace
+	}
+	log.Info("NamesSpaceAutoDiscover := " + NamesSpaceAutoDiscover)
+
+	Resname := "atd-" + strings.ToLower(dbinfo[idx].(map[string]interface{})["name"].(string))
+	Resname = strings.ReplaceAll(Resname, "_", "-")
+
+	obj := &unstructured.Unstructured{
+		Object: map[string]interface{}{
+			"apiVersion": "database.oracle.com/v4",
+			"kind":       "LRPDB",
+			"metadata": map[string]interface{}{
+				"name":      Resname,
+				"namespace": NamesSpaceAutoDiscover,
+			},
+			"spec": map[string]interface{}{
+				"pdbName":                 dbinfo[idx].(map[string]interface{})["name"].(string),
+				"cdbNamespace":            lrest.Namespace,
+				"cdbResName":              lrest.Name,
+				"cdbName":                 lrest.Spec.LRESTName,
+				"totalSize":               TotSzStr,
+				"lrpdbTlsCrt":             TlsCrtecobj,
+				"lrpdbTlsCat":             TlsCatecobj,
+				"lrpdbTlsKey":             TlsKeyecobj,
+				"cdbPrvKey":               CdbPrvKeyObj,
+				"webServerUser":           WebUseObj,
+				"webServerPwd":            WebPasObj,
+				"adminName":               WebUseObj, /* Place holder */
+				"adminPwd":                WebUseObj, /* Place holder */
+				"adminpdbUser":            WebUseObj, /* Place holder */
+				"adminpdbPass":            WebUseObj, /* Place holder */
+				"fileNameConversions":     "NONE",
+				"imperativeLrpdbDeletion": true,
+				"reststate":               PDBAUT,
+				"pdbState":                "RESET",
+			},
+		},
+	}
+
+	obj.SetGroupVersionKind(schema.GroupVersionKind{
+		Group:   "database.oracle.com",
+		Version: "v4",
+		Kind:    "LRPDB",
+	})
+	result, err := cln.Resource(schema.GroupVersionResource{
+		Group:    "database.oracle.com",
+		Version:  "v4",
+		Resource: "lrpdbs",
+	}).Namespace(NamesSpaceAutoDiscover).Create(context.TODO(), obj, metav1.CreateOptions{})
+
+	if err != nil {
+		log.Error(err, "Error creating custom resource: ")
+	} else {
+		log.Info("Custom resource created successfully ")
+		fmt.Printf("obj:%s\n", result)
+		r.Recorder.Eventf(lrest, corev1.EventTypeNormal, "LrpdbCreation", "created lrpdb:%s", Resname)
+
+	}
+
+	var lrpdb dbapi.LRPDB
+
+	err = r.Get(context.Background(), client.ObjectKey{
+		Namespace: NamesSpaceAutoDiscover,
+		Name:      Resname,
+	}, &lrpdb)
+
+	lrpdb.Status.PDBBitMask = Bis(lrpdb.Status.PDBBitMask, PDBAUT)
+	lrpdb.Status.PDBBitMaskStr = Bitmaskprint(lrpdb.Status.PDBBitMask)
+
+	err = r.Status().Update(context.Background(), &lrpdb)
+
+	return nil
+}
+
+func (r *LRESTReconciler) PdbAutoDiscover(ctx context.Context, req ctrl.Request, lrest *dbapi.LREST) error {
+	log := r.Log.WithValues("PdbAutoDiscover", req.NamespacedName)
+
+	// SELECT * FROM V$PDBS
+	ndata, err := r.SelectFromVpdbs(ctx, req, lrest)
+
+	// LIST OF ALL LRPDB
+	log.Info("Get list of lrpdb resources\n")
+	var pdbNameList []string /* the list of pdb name */
+	lrpdbList := &dbapi.LRPDBList{}
+	listOpts := []client.ListOption{}
+	err = r.List(ctx, lrpdbList, listOpts...)
+	if err != nil {
+		log.Info("Failed to get the list of pdbs")
+		return err
+	}
+
+	for _, pdbitem := range lrpdbList.Items {
+		if (pdbitem.Spec.CDBName == lrest.Spec.LRESTName) && Bit(pdbitem.Status.PDBBitMask, PDBCRT) == true {
+			log.Info("CRD(lrpdb): " + pdbitem.Name + ":" + pdbitem.Spec.LRPDBName)
+			pdbNameList = slices.Insert(pdbNameList, len(pdbNameList), pdbitem.Spec.LRPDBName)
+		}
+	}
+
+	lrpdbList01 := &dbapi.LRPDBList{}
+	for idx := range ndata {
+		name := ndata[idx].(map[string]interface{})["name"].(string)
+		log.Info("PDB:" + name)
+		if name != "PDB$SEED" {
+			InTheList := SearchElementInDbList(name, pdbNameList)
+			if InTheList == false {
+				log.Info("Orphan PDB:[" + name + "]")
+				/*** Final check ***/
+				listOpts01 := []client.ListOption{client.MatchingFields{"spec.pdbName": strings.ToLower(name)}}
+				err = r.List(ctx, lrpdbList01, listOpts01...)
+				if err != nil {
+					log.Info("Failed to get the list02 of pdbs")
+
+					return err
+				}
+				if len(lrpdbList01.Items) != 0 {
+					log.Info("Db gets crd in the meantime.....")
+					return nil
+				}
+
+				err := r.LrpdbCreation(ctx, req, lrest, ndata, idx)
+				if err != nil {
+					log.Error(err, "error calling r.LrpdbCreation")
+				}
+			}
+		}
+	}
+
+	return nil
+
+}
+
+func NewCallAPIAllPdbs(intr interface{}, ctx context.Context, req ctrl.Request, lrest *dbapi.LREST, url string, payload map[string]string, action string) (string, error) {
+	var c client.Client
+	var r logr.Logger
+	var e record.EventRecorder
+	var err error
+
+	recpdb, ok1 := intr.(*LRPDBReconciler)
+	if ok1 {
+		fmt.Printf("func NewCallLApi ((*PDBReconciler),......)\n")
+		c = recpdb.Client
+		e = recpdb.Recorder
+		r = recpdb.Log
+	}
+
+	reccdb, ok2 := intr.(*LRESTReconciler)
+	if ok2 {
+		fmt.Printf("func NewCallLApi ((*CDBReconciler),......)\n")
+		c = reccdb.Client
+		e = reccdb.Recorder
+		r = reccdb.Log
+	}
+
+	log := r.WithValues("NewCallAPIAllPdbs", req.NamespacedName)
+
+	secret := &corev1.Secret{}
+
+	err = c.Get(ctx, types.NamespacedName{Name: lrest.Spec.LRESTTlsKey.Secret.SecretName, Namespace: lrest.Namespace}, secret)
+
+	if err != nil {
+		if apierrors.IsNotFound(err) {
+			log.Info("Secret not found:" + lrest.Spec.LRESTTlsKey.Secret.SecretName)
+			return "", err
+		}
+		log.Error(err, "Unable to get the secret.")
+		return "", err
+	}
+	rsaKeyPEM := secret.Data[lrest.Spec.LRESTTlsKey.Secret.Key]
+
+	err = c.Get(ctx, types.NamespacedName{Name: lrest.Spec.LRESTTlsCrt.Secret.SecretName, Namespace: lrest.Namespace}, secret)
+
+	if err != nil {
+		if apierrors.IsNotFound(err) {
+			log.Info("Secret not found:" + lrest.Spec.LRESTTlsCrt.Secret.SecretName)
+			return "", err
+		}
+		log.Error(err, "Unable to get the secret.")
+		return "", err
+	}
+
+	rsaCertPEM := secret.Data[lrest.Spec.LRESTTlsCrt.Secret.Key]
+
+	err = c.Get(ctx, types.NamespacedName{Name: lrest.Spec.LRESTTlsCat.Secret.SecretName, Namespace: lrest.Namespace}, secret)
+
+	if err != nil {
+		if apierrors.IsNotFound(err) {
+			log.Info("Secret not found:" + lrest.Spec.LRESTTlsCat.Secret.SecretName)
+			return "", err
+		}
+		log.Error(err, "Unable to get the secret.")
+		return "", err
+	}
+
+	caCert := secret.Data[lrest.Spec.LRESTTlsCat.Secret.Key]
+
+	certificate, err := tls.X509KeyPair([]byte(rsaCertPEM), []byte(rsaKeyPEM))
+	if err != nil {
+		lrest.Status.Msg = "Error tls.X509KeyPair"
+		return "", err
+	}
+
+	caCertPool := x509.NewCertPool()
+	caCertPool.AppendCertsFromPEM(caCert)
+	/*
+			tlsConf := &tls.Config{Certificates: []tls.Certificate{certificate},
+		                               RootCAs: caCertPool}
+	*/
+	tlsConf := &tls.Config{Certificates: []tls.Certificate{certificate},
+		RootCAs: caCertPool,
+		//MinVersion:               tls.VersionTLS12,
+		CurvePreferences:         []tls.CurveID{tls.CurveP521, tls.CurveP384, tls.CurveP256},
+		PreferServerCipherSuites: true,
+		CipherSuites: []uint16{
+			tls.TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384,
+			tls.TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA,
+			tls.TLS_RSA_WITH_AES_256_GCM_SHA384,
+			tls.TLS_RSA_WITH_AES_256_CBC_SHA,
+		},
+	}
+
+	tr := &http.Transport{TLSClientConfig: tlsConf}
+
+	httpclient := &http.Client{Transport: tr}
+
+	log.Info("Issuing REST call", "URL", url, "Action", action)
+
+	// Get Web Server User
+	//secret := &corev1.Secret{}
+	err = c.Get(ctx, types.NamespacedName{Name: lrest.Spec.WebLrestServerUser.Secret.SecretName, Namespace: lrest.Namespace}, secret)
+	if err != nil {
+		if apierrors.IsNotFound(err) {
+			log.Info("Secret not found:" + lrest.Spec.WebLrestServerUser.Secret.SecretName)
+			return "", err
+		}
+		log.Error(err, "Unable to get the secret.")
+		return "", err
+	}
+	webUserEnc := string(secret.Data[lrest.Spec.WebLrestServerUser.Secret.Key])
+	webUserEnc = strings.TrimSpace(webUserEnc)
+
+	err = c.Get(ctx, types.NamespacedName{Name: lrest.Spec.LRESTPriKey.Secret.SecretName, Namespace: lrest.Namespace}, secret)
+	if err != nil {
+		if apierrors.IsNotFound(err) {
+			log.Info("Secret not found:" + lrest.Spec.LRESTPriKey.Secret.SecretName)
+			return "", err
+		}
+		log.Error(err, "Unable to get the secret.")
+		return "", err
+	}
+	privKey := string(secret.Data[lrest.Spec.LRESTPriKey.Secret.Key])
+	webUser, err := lrcommons.CommonDecryptWithPrivKey2(privKey, webUserEnc, req)
+
+	// Get Web Server User Password
+	secret = &corev1.Secret{}
+	err = c.Get(ctx, types.NamespacedName{Name: lrest.Spec.WebLrestServerPwd.Secret.SecretName, Namespace: lrest.Namespace}, secret)
+	if err != nil {
+		if apierrors.IsNotFound(err) {
+			log.Info("Secret not found:" + lrest.Spec.WebLrestServerPwd.Secret.SecretName)
+			return "", err
+		}
+		log.Error(err, "Unable to get the secret.")
+		return "", err
+	}
+	webUserPwdEnc := string(secret.Data[lrest.Spec.WebLrestServerPwd.Secret.Key])
+	webUserPwdEnc = strings.TrimSpace(webUserPwdEnc)
+	webUserPwd, err := lrcommons.CommonDecryptWithPrivKey2(privKey, webUserPwdEnc, req)
+
+	var httpreq *http.Request
+	if action == "GET" {
+		httpreq, err = http.NewRequest(action, url, nil)
+	} else {
+		jsonValue, _ := json.Marshal(payload)
+		httpreq, err = http.NewRequest(action, url, bytes.NewBuffer(jsonValue))
+	}
+
+	if err != nil {
+		log.Info("Unable to create HTTP Request for LRPDB : "+lrest.Name, "err", err.Error())
+		return "", err
+	}
+
+	httpreq.Header.Add("Accept", "application/json")
+	httpreq.Header.Add("Content-Type", "application/json")
+	httpreq.SetBasicAuth(webUser, webUserPwd)
+
+	resp, err := httpclient.Do(httpreq)
+	if err != nil {
+		log.Info("Rest server temporary unavailable")
+		errmsg := err.Error()
+		log.Error(err, "Failed - Could not connect to LREST Pod", "err", err.Error())
+		lrest.Status.Msg = "Error: Could not connect to LREST Pod"
+		e.Eventf(lrest, corev1.EventTypeWarning, "LRESTError", errmsg)
+		return "", err
+	}
+
+	e.Eventf(lrest, corev1.EventTypeWarning, "Done", lrest.Spec.LRESTName)
+	if resp.StatusCode != http.StatusOK {
+		bb, _ := ioutil.ReadAll(resp.Body)
+
+		if resp.StatusCode == 404 {
+			log.Info("error 404")
+
+		} else {
+			if flood_control == false {
+				lrest.Status.Msg = "LREST Error - HTTP Status Code:" + strconv.Itoa(resp.StatusCode)
+			}
+		}
+
+		if flood_control == false {
+			log.Info("LREST Error - HTTP Status Code :"+strconv.Itoa(resp.StatusCode), "Err", string(bb))
+		}
+
+		var apiErr LRESTError
+		json.Unmarshal([]byte(bb), &apiErr)
+		if flood_control == false {
+			e.Eventf(lrest, corev1.EventTypeWarning, "LRESTError", "Failed: %s", apiErr.Message)
+		}
+		fmt.Printf("\n================== APIERR ======================\n")
+		fmt.Printf("%+v \n", apiErr)
+		fmt.Printf("URL=%s\n", url)
+		fmt.Printf("resp.StatusCode=%s\n", strconv.Itoa(resp.StatusCode))
+		fmt.Printf("\n================== APIERR ======================\n")
+		flood_control = true
+		return "", errors.New("LREST Error")
+	}
+	flood_control = false
+
+	defer resp.Body.Close()
+
+	bodyBytes, err := ioutil.ReadAll(resp.Body)
+	if err != nil {
+		fmt.Print(err.Error())
+	}
+	respData := string(bodyBytes)
+	fmt.Print("CALL API return msg.....:")
+	fmt.Println(string(bodyBytes))
+
+	var apiResponse restSQLCollection
+	json.Unmarshal([]byte(bodyBytes), &apiResponse)
+	fmt.Printf("===> %#v\n", apiResponse)
+	fmt.Printf("===> %+v\n", apiResponse)
+
+	errFound := false
+	for _, sqlItem := range apiResponse.Items {
+		if sqlItem.ErrorDetails != "" {
+			log.Info("LREST Error - Oracle Error Code :" + strconv.Itoa(sqlItem.ErrorCode))
+			if !errFound {
+				lrest.Status.Msg = sqlItem.ErrorDetails
+			}
+			e.Eventf(lrest, corev1.EventTypeWarning, "OraError", "%s", sqlItem.ErrorDetails)
+			errFound = true
+		}
+	}
+
+	if errFound {
+		return "", errors.New("Oracle Error")
+	}
+
+	return respData, nil
+}
+
+func (r *LRESTReconciler) lrestHealthCheck(ctx context.Context, req ctrl.Request, lrest *dbapi.LREST) {
+	log := r.Log.WithValues("lrestHealthCheck", req.NamespacedName)
+
+	//* Check port status *//
+
+	//      lrestHealthy      = "Healthy"
+	//      lrestUnHealthy    = "Unhealthy"
+
+	log.Info("starting lrest health check")
+	lrest.Status.Msg = lrestHealthy
+	RestPort := lrest.Spec.LRESTPort
+	RestName := lrest.Name + "-lrest"
+	RestNmsp := lrest.Namespace
+	Ip := RestName + "." + RestNmsp + ":" + strconv.Itoa(RestPort)
+	_, err := net.DialTimeout("tcp", Ip, time.Duration(300)*time.Millisecond)
+
+	if err != nil {
+		log.Error(err, "net.DialTimeout", "err", err.Error())
+		if lrest.Status.Msg == lrestHealthy {
+			// Sent event only if we go from Healthy to unHealthy
+			r.Recorder.Eventf(lrest, corev1.EventTypeWarning, "net.DialTimeout ", "lrest=%s", lrest.Name+"."+lrest.Namespace)
+		}
+
+		lrest.Status.Msg = lrestUnHealthy
+
+	}
+
+	//* Check rdbms availability *//
+	//  We can check the pdb$seed status to verify that cdb is aliave
+	//  in the future we can expose a rest call for OCIPing
+
+	url := "https://" + Ip + "/database/pdbs/PDB$SEED/status/"
+	_, err = NewCallAPIAllPdbs(r, ctx, req, lrest, url, nil, "GET")
+	if err != nil {
+		log.Info("NewCallAPIAllPdbs Error")
+		if lrest.Status.Msg == lrestHealthy {
+			// Sent event only if we go from Healthy to unHealthy
+			r.Recorder.Eventf(lrest, corev1.EventTypeWarning, "RDBMS issue ", "lrest=%s", lrest.Name+"."+lrest.Namespace)
+		}
+
+		lrest.Status.Msg = lrestUnHealthy
+	}
+
+	if err := r.Status().Update(ctx, lrest); err != nil {
+		log.Error(err, "Failed to update status for :"+lrest.Name, "err", err.Error())
+	}
+
+}
diff --git a/controllers/database/lrpdb_controller.go b/controllers/database/lrpdb_controller.go
index 1aadf65b..5b12fa66 100644
--- a/controllers/database/lrpdb_controller.go
+++ b/controllers/database/lrpdb_controller.go
@@ -41,12 +41,16 @@ package controllers
 import (
 	"bytes"
 	"context"
+	"crypto/rand"
 	"crypto/rsa"
+	"crypto/sha256"
 	"crypto/tls"
 	"crypto/x509"
 	"encoding/base64"
 	"encoding/json"
 	"encoding/pem"
+	"reflect"
+	"sort"
 
 	//"encoding/pem"
 	"errors"
@@ -58,9 +62,10 @@ import (
 	"strings"
 	"time"
 
+	databasev4 "github.com/oracle/oracle-database-operator/apis/database/v4"
 	dbapi "github.com/oracle/oracle-database-operator/apis/database/v4"
 	"github.com/oracle/oracle-database-operator/commons/k8s"
-	lrcommons "github.com/oracle/oracle-database-operator/commons/multitenant/lrest"
+	. "github.com/oracle/oracle-database-operator/commons/multitenant/lrest"
 
 	"github.com/go-logr/logr"
 	corev1 "k8s.io/api/core/v1"
@@ -80,14 +85,50 @@ import (
 	"sigs.k8s.io/controller-runtime/pkg/predicate"
 )
 
+/*
+
+   BITMASK STATUS RECAP.
+   ~~~~~~~~~~~~~~~~~~~~
+   PDBCRT = 0x00000001 -- Create pdb
+   PDBOPN = 0x00000002 -- Open pdb read write
+   PDBCLS = 0x00000004 -- Close pdb
+   PDBDIC = 0x00000008 -- Drop pdb include datafiles
+   OCIHDL = 0x00000010 -- OCI handle allocation
+   OCICON = 0x00000020 -- Rdbms connection
+   FNALAZ = 0x00000040 -- Finalizer configured
+   PDBUPL = 0x00000080 -- Unplug pdb
+   PDBPLG = 0x00000100 -- plug pdb
+   -- Error section --
+   PDBCRE = 0x00001000 -- PDB creation error
+   PDBOPE = 0x00002000 -- PDB open error
+   PDBCLE = 0x00004000 -- PDB close error
+   OCIHDE = 0x00008000 -- Allocation Handle Error
+   OCICOE = 0x00010000 -- CDD connection Error
+   FNALAE = 0x00020000 -- Finalizer error
+   PDBUPE = 0x00040000 -- Unplug Error
+   PDBPLE = 0x00080000 -- Plug Error
+   PDBPLW = 0x00100000 -- Plug Warining
+   -- Autodiscover
+   PDBAUT = 0x01000000 -- Autodisover
+
+
+   BITMASK CONFIGMAP PARAMETER RECAP.
+   ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+   MPAPPL = 0x00000001 -- The map config has been applyed
+   MPSYNC = 0x00000002 -- The map config is in sync with v$parameters where is default=flase
+   MPEMPT = 0x00000004 -- The map is empty - not specify
+   MPWARN = 0x00000008 -- Map applied with warnings
+   MPINIT = 0x00000010 -- Config map init
+   SPARE3 = 0x00000020 --
+
+
+*/
+
 // Bitmask functions
+
 const (
-	MPAPPL = 0x00000001 /* The map config has been applyed */
-	MPSYNC = 0x00000002 /* The map config is in sync with v$parameters where is default=flase */
-	MPEMPT = 0x00000004 /* The map is empty - not specify */
-	MPWARN = 0x00000008 /* Map applied with warnings */
-	MPINIT = 0x00000010 /* Config map init */
-	SPARE3 = 0x00000020
+	DBGAPI = 0x00000001 /* Debug NewcallApi */
+	DBGCRT = 0x00000002 /* Debug pdb creation */
 )
 
 func bis(bitmask int, bitval int) int {
@@ -95,6 +136,7 @@ func bis(bitmask int, bitval int) int {
 	return bitmask
 }
 
+/*
 func bit(bitmask int, bitval int) bool {
 	if bitmask&bitval != 0 {
 		return true
@@ -102,35 +144,14 @@ func bit(bitmask int, bitval int) bool {
 		return false
 	}
 }
+*/
 
+/*
 func bid(bitmask int, bitval int) int {
 	bitmask ^= ((bitval) & (bitmask))
 	return bitmask
 }
-
-func bitmaskprint(bitmask int) string {
-	BitRead := "|"
-	if bit(bitmask, MPAPPL) {
-		BitRead = strings.Join([]string{BitRead, "MPAPPL|"}, "")
-	}
-	if bit(bitmask, MPSYNC) {
-		BitRead = strings.Join([]string{BitRead, "MPSYNC|"}, "")
-	}
-	if bit(bitmask, MPEMPT) {
-		BitRead = strings.Join([]string{BitRead, "MPEMPT|"}, "")
-	}
-	if bit(bitmask, MPWARN) {
-		BitRead = strings.Join([]string{BitRead, "MPWARN|"}, "")
-	}
-	if bit(bitmask, MPINIT) {
-		BitRead = strings.Join([]string{BitRead, "MPINIT|"}, "")
-	}
-	if bit(bitmask, SPARE3) {
-		BitRead = strings.Join([]string{BitRead, "SPARE3|"}, "")
-	}
-
-	return BitRead
-}
+*/
 
 // LRPDBReconciler reconciles a LRPDB object
 type LRPDBReconciler struct {
@@ -165,28 +186,17 @@ type LRESTError struct {
 	Instance string `json:"instance,omitempty"`
 }
 
-var (
-	lrpdbPhaseCreate    = "Creating"
-	lrpdbPhasePlug      = "Plugging"
-	lrpdbPhaseUnplug    = "Unplugging"
-	lrpdbPhaseClone     = "Cloning"
-	lrpdbPhaseFinish    = "Finishing"
-	lrpdbPhaseReady     = "Ready"
-	lrpdbPhaseDelete    = "Deleting"
-	lrpdbPhaseModify    = "Modifying"
-	lrpdbPhaseMap       = "Mapping"
-	lrpdbPhaseStatus    = "CheckingState"
-	lrpdbPhaseFail      = "Failed"
-	lrpdbPhaseAlterPlug = "AlterPlugDb"
-	lrpdbPhaseSpare     = "NoAction"
-)
+type PLSQLPayLoad struct {
+	Values    map[string]string
+	Sqltokens []string
+}
 
 const LRPDBFinalizer = "database.oracle.com/LRPDBfinalizer"
 
 var tde_Password string
 var tde_Secret string
 var flood_control bool = false
-var assertiveLpdbDeletion bool = false /* Global variable for assertive pdb deletion */
+var imperativeLpdbDeletion bool = false /* Global variable for imperative pdb deletion */
 /*
 	        We need to record the config map name after pdb creation
 		in order to use it during open and clone op if config map
@@ -200,6 +210,7 @@ var globalsqlcode int
 //+kubebuilder:rbac:groups=database.oracle.com,resources=events,verbs=get;list;watch;create;update;patch;delete
 //+kubebuilder:rbac:groups=database.oracle.com,resources=lrpdbs/status,verbs=get;update;patch
 //+kubebuilder:rbac:groups=database.oracle.com,resources=lrpdbs/finalizers,verbs=get;create;update;patch;delete
+//+kubebuilder:rbac:groups=database.oracle.com,resources=lrpdbs/configmaps,verbs=get;create;update;patch;delete
 
 // Reconcile is part of the main kubernetes reconciliation loop which aims to
 // move the current state of the cluster closer to the desired state.
@@ -210,786 +221,635 @@ var globalsqlcode int
 //
 // For more details, check Reconcile and its Result here:
 // - https://pkg.go.dev/sigs.k8s.io/controller-runtime@v0.9.2/pkg/reconcile
+
+/**** RECONCILIATION LOOP ****/
 func (r *LRPDBReconciler) Reconcile(ctx context.Context, req ctrl.Request) (ctrl.Result, error) {
 	log := r.Log.WithValues("multitenantoperator", req.NamespacedName)
 	log.Info("Reconcile requested")
 
 	reconcilePeriod := r.Interval * time.Second
 	requeueY := ctrl.Result{Requeue: true, RequeueAfter: reconcilePeriod}
-	requeueN := ctrl.Result{}
+	//requeueN := ctrl.Result{}
 
 	var err error
 	lrpdb := &dbapi.LRPDB{}
 
-	// Execute for every reconcile
-	defer func() {
-		//log.Info("DEFER LRPDB", "Name", lrpdb.Name, "Phase", lrpdb.Status.Phase, "Status", strconv.FormatBool(lrpdb.Status.Status))
-		if !lrpdb.Status.Status {
-			if lrpdb.Status.Phase == lrpdbPhaseReady {
-				lrpdb.Status.Status = true
-			}
-			if err := r.Status().Update(ctx, lrpdb); err != nil {
-				log.Error(err, "Failed to update status for :"+lrpdb.Name, "err", err.Error())
-			}
-		}
-	}()
-
+	/**** GET CLIENT ****/
 	err = r.Client.Get(context.TODO(), req.NamespacedName, lrpdb)
 	if err != nil {
 		if apierrors.IsNotFound(err) {
-			log.Info("LRPDB Resource Not found", "Name", lrpdb.Name)
-			// Request object not found, could have been deleted after reconcile req.
-			// Owned objects are automatically garbage collected. For additional cleanup logic use finalizers.
-			// Return and don't requeue
-			lrpdb.Status.Status = true
+			log.Info("PDB resource not found", "Pdb", lrpdb.Spec.LRPDBName)
 			return requeueN, nil
 		}
-		// Error reading the object - requeue the req.
-		return requeueY, err
+		log.Info("Client.Get Error")
+		return requeueN, err
 	}
 
-	// Finalizer section
-	err = r.manageLRPDBDeletion2(ctx, req, lrpdb)
-	if err != nil {
-		log.Info("Reconcile queued")
-		return requeueY, nil
-	}
-
-	// Check for Duplicate LRPDB
-	if !lrpdb.Status.Status {
-		err = r.checkDuplicateLRPDB(ctx, req, lrpdb)
+	/****  CREATE ****/
+	if Bit(lrpdb.Status.PDBBitMask, PDBCRT) == false && Bit(lrpdb.Status.PDBBitMask, PDBCRE) == false && lrpdb.Spec.SrcLRPDBName == "" && lrpdb.Spec.XMLFileName == "" {
+		log.Info("REC. LOOP: create pdb")
+		err = r.CreateLRPDB(ctx, req, lrpdb)
 		if err != nil {
-			return requeueN, nil
+			log.Error(err, err.Error())
+			return requeueN, err
 		}
+
 	}
 
-	action := strings.ToUpper(lrpdb.Spec.Action)
-	/*
-		       	Bug 36714702 - LREST OPERATOR - POST ALTER PDB OPTION LRPDB STATUS INTERMITTENTLY
-			  	               SHOWS "WAITING FOR LRPDB PARAMETER TO BE MODIFIED"
-		        introducing additional check to avoid alter system repetition during
-			reconciliation loop
-	*/
-	if lrpdb.Status.Phase == lrpdbPhaseReady {
-		if (lrpdb.Status.Action != "" || action != "NOACTION") && (action == "ALTER" || action == "MODIFY" || action == "STATUS" || lrpdb.Status.Action != action) {
-			lrpdb.Status.Status = false
-		} else {
-			err = r.getLRPDBState(ctx, req, lrpdb)
-			if err != nil {
-				lrpdb.Status.Phase = lrpdbPhaseFail
-			} else {
-				lrpdb.Status.Phase = lrpdbPhaseReady
-				lrpdb.Status.Msg = "Success"
+	/*** INIT CONFIG MAP ***/
+	if Bit(lrpdb.Status.PDBBitMask, PDBCRT) == true && Bit(lrpdb.Status.CmBitstat, MPINIT) == false {
+		log.Info("REC. LOOP: init config map")
+		r.InitConfigMap(ctx, req, lrpdb)
+	}
+
+	/*** FINALYZER ***/
+	if Bit(lrpdb.Status.PDBBitMask, FNALAZ) == false && Bit(lrpdb.Status.PDBBitMask, PDBCRT) == true {
+		if lrpdb.ObjectMeta.DeletionTimestamp.IsZero() {
+			if !controllerutil.ContainsFinalizer(lrpdb, LRPDBFinalizer) {
+				log.Info("add finalizer:" + lrpdb.Spec.LRPDBName)
+				controllerutil.AddFinalizer(lrpdb, LRPDBFinalizer)
+				if err := r.Update(ctx, lrpdb); err != nil {
+					log.Info("Cannot add finalizer")
+					return requeueN, err
+
+				}
+				lrpdb.Status.PDBBitMask = Bis(lrpdb.Status.PDBBitMask, FNALAZ)
+				lrpdb.Status.PDBBitMaskStr = Bitmaskprint(lrpdb.Status.PDBBitMask)
+				r.UpdateStatus(ctx, req, lrpdb)
 			}
-			r.Status().Update(ctx, lrpdb)
 		}
 	}
 
-	if !lrpdb.Status.Status {
-		r.validatePhase(ctx, req, lrpdb)
-		phase := lrpdb.Status.Phase
-		log.Info("LRPDB:", "Name", lrpdb.Name, "Phase", phase, "Status", strconv.FormatBool(lrpdb.Status.Status))
-
-		switch phase {
-		case lrpdbPhaseCreate:
-			err = r.createLRPDB(ctx, req, lrpdb)
-		case lrpdbPhaseClone:
-			err = r.cloneLRPDB(ctx, req, lrpdb)
-		case lrpdbPhasePlug:
-			err = r.plugLRPDB(ctx, req, lrpdb)
-		case lrpdbPhaseUnplug:
-			err = r.unplugLRPDB(ctx, req, lrpdb)
-		case lrpdbPhaseModify:
-			err = r.modifyLRPDB(ctx, req, lrpdb)
-		case lrpdbPhaseDelete:
-			err = r.deleteLRPDB(ctx, req, lrpdb)
-		case lrpdbPhaseStatus:
-			err = r.getLRPDBState(ctx, req, lrpdb)
-		case lrpdbPhaseMap:
-			err = r.mapLRPDB(ctx, req, lrpdb)
-		case lrpdbPhaseFail:
-			err = r.mapLRPDB(ctx, req, lrpdb)
-		case lrpdbPhaseAlterPlug:
-			err = r.alterSystemLRPDB(ctx, req, lrpdb)
-		default:
-			log.Info("DEFAULT:", "Name", lrpdb.Name, "Phase", phase, "Status", strconv.FormatBool(lrpdb.Status.Status))
-			return requeueN, nil
-		}
-		lrpdb.Status.Action = strings.ToUpper(lrpdb.Spec.Action)
+	/**** OPEN ****/
+	if lrpdb.Spec.LRPDBState == "OPEN" && Bit(lrpdb.Status.PDBBitMask, PDBOPN) == false && Bit(lrpdb.Status.PDBBitMask, PDBOPE) == false {
+		log.Info("REC. LOOP: open pdb")
+		err = r.OpenLRPDB(ctx, req, lrpdb)
 		if err != nil {
-			lrpdb.Status.Phase = lrpdbPhaseFail
-			lrpdb.Status.SqlCode = globalsqlcode
-		} else {
-			lrpdb.Status.Phase = lrpdbPhaseReady
-			lrpdb.Status.Msg = "Success"
+			log.Error(err, err.Error())
+			return requeueN, err
 		}
 	}
 
-	r.ManageConfigMapForCloningAndPlugin(ctx, req, lrpdb)
-	lrpdb.Status.BitStatStr = bitmaskprint(lrpdb.Status.Bitstat)
+	/**** CLOSE ****/
+	if lrpdb.Spec.LRPDBState == "CLOSE" && Bit(lrpdb.Status.PDBBitMask, PDBOPN) == true {
+		log.Info("REC. LOOP: open pdb")
+		err = r.CloseLRPDB(ctx, req, lrpdb)
+		if err != nil {
+			log.Error(err, err.Error())
+			return requeueN, err
+		}
+	}
 
-	log.Info("Reconcile completed")
-	return requeueY, nil
-}
+	/**** DELETE (imperative approach) ****/
+	if !lrpdb.ObjectMeta.DeletionTimestamp.IsZero() && Bit(lrpdb.Status.PDBBitMask, PDBCRT) == true && Bit(lrpdb.Status.PDBBitMask, FNALAZ) == true && Bit(lrpdb.Status.PDBBitMask, PDBDIC) == false {
+		log.Info("REC. LOOP: delete  pdb - imperative approach")
+		log.Info(" ObjectMeta.DeletionTimestamp.IsZero is not null")
+		err = r.DeleteLRPDB(ctx, req, lrpdb)
+		if err != nil {
+			log.Error(err, err.Error())
+			return requeueN, err
+		}
 
-/*
-************************************************
-  - Validate the LRPDB Spec
-    /***********************************************
-*/
-func (r *LRPDBReconciler) validatePhase(ctx context.Context, req ctrl.Request, lrpdb *dbapi.LRPDB) {
-
-	log := r.Log.WithValues("validatePhase", req.NamespacedName)
-
-	action := strings.ToUpper(lrpdb.Spec.Action)
-
-	log.Info("Validating LRPDB phase for: "+lrpdb.Name, "Action", action)
-
-	switch action {
-	case "CREATE":
-		lrpdb.Status.Phase = lrpdbPhaseCreate
-	case "CLONE":
-		lrpdb.Status.Phase = lrpdbPhaseClone
-	case "PLUG":
-		lrpdb.Status.Phase = lrpdbPhasePlug
-	case "UNPLUG":
-		lrpdb.Status.Phase = lrpdbPhaseUnplug
-	case "MODIFY":
-		lrpdb.Status.Phase = lrpdbPhaseModify
-	case "DELETE":
-		lrpdb.Status.Phase = lrpdbPhaseDelete
-	case "STATUS":
-		lrpdb.Status.Phase = lrpdbPhaseStatus
-	case "MAP":
-		lrpdb.Status.Phase = lrpdbPhaseMap
-	case "ALTER":
-		lrpdb.Status.Phase = lrpdbPhaseAlterPlug
-	case "NOACTION":
-		lrpdb.Status.Phase = lrpdbPhaseStatus
-
-	}
-
-	log.Info("Validation complete")
-}
+	}
 
-/*
-   This function scans the list of crd
-   pdb to verify the existence of the
-   pdb (crd) that we want to clone.
-   Bug 36752925 - LREST OPERATOR - CLONE NON-EXISTENT
-                  PDB CREATES A LRPDB WITH STATUS FAILED
+	/**** DELETE (declarative approach) ****/
+	if lrpdb.Spec.LRPDBState == "DELETE" && Bit(lrpdb.Status.PDBBitMask, PDBCRT) == true && Bit(lrpdb.Status.PDBBitMask, FNALAZ) == true && Bit(lrpdb.Status.PDBBitMask, PDBDIC) == false {
+		log.Info("REC. LOOP: delete  pdb - imperative approach")
+		err = r.DeleteLRPDBDeclarative(ctx, req, lrpdb)
+		if err != nil {
+			log.Error(err, err.Error())
+			return requeueN, err
+		}
 
-   return 1 - CRD found
-   return 0 - CRD not found / Stop clone process
+	}
 
-   Bug 36753107 - LREST OPERATOR - CLONE
-                  CLOSED PDB SUCCESSFULLY CLONES
+	/**** CLONE *****/
+	if lrpdb.Spec.SrcLRPDBName != "" && Bit(lrpdb.Status.PDBBitMask, PDBCRT|FNALAZ|PDBCRE) == false {
+		log.Info("REC. LOOP: clone  pdb ")
+		err = r.CloneLRPDB(ctx, req, lrpdb)
+		if err != nil {
+			log.Error(err, err.Error())
+			return requeueN, err
+		}
 
-*/
+	}
 
-func (r *LRPDBReconciler) checkPDBforCloninig(ctx context.Context, req ctrl.Request, lrpdb *dbapi.LRPDB, targetPdbName string) (int, error) {
-	log := r.Log.WithValues("checkDuplicateLRPDB", req.NamespacedName)
-	var pdbCounter int
-	pdbCounter = 0
+	/**** UNPLUG AND PLUG SECTION ****/
+	if lrpdb.Spec.LRPDBState == "UNPLUG" && lrpdb.Spec.XMLFileName != "" && Bit(lrpdb.Status.PDBBitMask, PDBCRT) == true && Bit(lrpdb.Status.PDBBitMask, FNALAZ) == true && Bit(lrpdb.Status.PDBBitMask, PDBUPE) == false {
+		log.Info("REC. LOOP: unplug  pdb ")
+		err = r.UnplugLRPDB(ctx, req, lrpdb)
+		if err != nil {
+			log.Error(err, err.Error())
+			return requeueN, err
+		}
 
-	lrpdbList := &dbapi.LRPDBList{}
-	listOpts := []client.ListOption{client.InNamespace(req.Namespace), client.MatchingFields{"spec.pdbName": targetPdbName}}
-	err := r.List(ctx, lrpdbList, listOpts...)
-	if err != nil {
-		log.Info("Failed to list lrpdbs", "Namespace", req.Namespace, "Error", err)
-		return 0, err
-	}
-	if len(lrpdbList.Items) == 0 {
-		log.Info("No pdbs  available")
-		return pdbCounter, err
 	}
 
-	for _, p := range lrpdbList.Items {
-		fmt.Printf("DEBUGCLONE %s %s %i\n", p.Spec.LRPDBName, targetPdbName, pdbCounter)
-		if p.Spec.LRPDBName == targetPdbName {
-			log.Info("Found " + targetPdbName + " in the crd list")
-			if p.Status.OpenMode == "MOUNTED" {
-				log.Info("Cannot clone a mounted pdb")
-				return pdbCounter, err
-			}
-			pdbCounter++
-			fmt.Printf("DEBUGCLONE %s %s %i\n", p.Spec.LRPDBName, targetPdbName, pdbCounter)
-			return pdbCounter, err
+	if lrpdb.Spec.LRPDBState == "PLUG" && lrpdb.Spec.XMLFileName != "" && Bit(lrpdb.Status.PDBBitMask, PDBCRT) == false && Bit(lrpdb.Status.PDBBitMask, PDBPLE) == false {
+		log.Info("REC. LOOP: plug  pdb ")
+		err = r.PlugLRPDB(ctx, req, lrpdb)
+		if err != nil {
+			log.Error(err, err.Error())
+			return requeueN, err
 		}
 
 	}
-	return pdbCounter, err
-}
 
-/*
-***************************************************************
-  - Check for Duplicate LRPDB. Same LRPDB name on the same LREST resource.
+	/**** APPLY CONFIG MAP PARAMETER ****/
+	if lrpdb.Spec.PDBConfigMap != "" && Bit(lrpdb.Status.PDBBitMask, PDBOPN) == true && Bit(lrpdb.Status.PDBBitMask, PDBCRT) == true && Bit(lrpdb.Status.CmBitstat, MPAPPL) == false && lrpdb.Spec.LRPDBState != "UNPLUG" {
+		log.Info("REC. LOOP: plug  pdb ")
+		log.Info("Apply configmap:" + lrpdb.Spec.PDBConfigMap)
+		Cardinality, err := r.ApplyConfigMap(ctx, req, lrpdb)
+		if err != nil {
+			log.Error(err, err.Error())
+			return requeueN, err
+		}
+		log.Info("Config. Map Cardinality:" + strconv.FormatInt(int64(Cardinality), 10))
 
-/**************************************************************
-*/
-func (r *LRPDBReconciler) checkDuplicateLRPDB(ctx context.Context, req ctrl.Request, lrpdb *dbapi.LRPDB) error {
+	}
 
-	log := r.Log.WithValues("checkDuplicateLRPDB", req.NamespacedName)
+	/**** APPLY PLSQL/SQL SCRIPT *****/
+	if lrpdb.Spec.PLSQLBlock != "" && Bit(lrpdb.Status.PDBBitMask, PDBOPN) == true && Bit(lrpdb.Status.PDBBitMask, PDBCRT) == true && lrpdb.Spec.LRPDBState != "UNPLUG" && Bit(lrpdb.Status.CmBitstat, MPINIT) == true && Bit(lrpdb.Status.PDBBitMask, FNALAZ) == true {
+		log.Info("REC. LOOP: apply plsql/sql")
+		err = r.execPLSQL(ctx, req, lrpdb)
+		if err != nil {
+			log.Error(err, err.Error())
+			return requeueN, err
+		}
 
-	// Name of the LREST CR that holds the LREST container
-	lrestResName := lrpdb.Spec.CDBResName
-	//lrestame := lrpdb.Spec.LRESTName
+	}
 
-	// Name of the LRPDB resource
-	lrpdbResName := lrpdb.Spec.LRPDBName
+	/**** ALTER SYSTEM ****/
+	if lrpdb.Spec.AlterSystemValue != "" && lrpdb.Spec.AlterSystemParameter != "" && Bit(lrpdb.Status.PDBBitMask, PDBOPN) == true && Bit(lrpdb.Status.PDBBitMask, PDBCRT) == true && lrpdb.Spec.LRPDBState != "UNPLUG" && Bit(lrpdb.Status.CmBitstat, MPINIT) == true && Bit(lrpdb.Status.PDBBitMask, FNALAZ) == true && lrpdb.Spec.PLSQLBlock == "" {
+		log.Info("REC. LOOP: Alter system ")
+		err = r.alterSystemLRPDB(ctx, req, lrpdb)
+		if err != nil {
+			log.Error(err, err.Error())
+			return requeueN, err
+		}
 
-	lrpdbList := &dbapi.LRPDBList{}
+	}
 
-	listOpts := []client.ListOption{client.InNamespace(req.Namespace), client.MatchingFields{"spec.pdbName": lrpdbResName}}
+	/****  MONITOR PDB *****/
+	if Bit(lrpdb.Status.PDBBitMask, PDBCRT) == true && Bit(lrpdb.Status.PDBBitMask, FNALAZ) == true && lrpdb.Spec.PLSQLBlock == "" && lrpdb.Spec.AlterSystemValue == "" && lrpdb.Spec.XMLFileName == "" && Bit(lrpdb.Status.CmBitstat, MPINIT) == true {
+		log.Info("REC. LOOP: Monitor PDB")
+		err = r.MonitorLRPDB(ctx, req, lrpdb)
+		if err != nil {
+			log.Error(err, err.Error())
+			return requeueN, err
+		}
 
-	// List retrieves list of objects for a given namespace and list options.
-	err := r.List(ctx, lrpdbList, listOpts...)
-	if err != nil {
-		log.Info("Failed to list lrpdbs", "Namespace", req.Namespace, "Error", err)
-		return err
 	}
 
-	if len(lrpdbList.Items) == 0 {
-		log.Info("No lrpdbs found for LRPDBName: "+lrpdbResName, "CDBResName", lrestResName)
-		return nil
-	}
+	/* REST STAT */
+	if lrpdb.Spec.PDBBitMask != 0 && lrpdb.Spec.LRPDBState == "RESET" {
+		log.Info("REC. LOOP: reset state")
+		lrpdb.Status.PDBBitMask = lrpdb.Spec.PDBBitMask
+		log.Info("lrpdb.Status.PDBBitMask:" + strconv.Itoa(lrpdb.Status.PDBBitMask))
+		log.Info("lrpdb.Spec.PDBBitMask:" + strconv.Itoa(lrpdb.Spec.PDBBitMask))
+		if Bit(lrpdb.Spec.PDBBitMask, PDBAUT) == true {
+			log.Info("reset state PDBAUT")
+			if controllerutil.ContainsFinalizer(lrpdb, LRPDBFinalizer) {
+				lrpdb.Status.PDBBitMask = Bis(lrpdb.Status.PDBBitMask, FNALAZ)
+			}
 
-	for _, p := range lrpdbList.Items {
-		log.Info("Found LRPDB: " + p.Name)
-		if (p.Name != lrpdb.Name) && (p.Spec.CDBResName == lrestResName) {
-			log.Info("Duplicate LRPDB found")
-			lrpdb.Status.Msg = "LRPDB Resource already exists"
-			lrpdb.Status.Status = false
-			lrpdb.Status.Phase = lrpdbPhaseFail
-			return errors.New("Duplicate LRPDB found")
+			lrpdb.Status.PDBBitMask = Bis(lrpdb.Status.PDBBitMask, PDBCRT)
+		}
+		lrpdb.Status.PDBBitMaskStr = Bitmaskprint(lrpdb.Status.PDBBitMask)
+		r.UpdateStatus(ctx, req, lrpdb)
+
+		lrpdb.Spec.PDBBitMask = 0
+		lrpdb.Spec.LRPDBState = "NONE"
+
+		err = r.Update(ctx, lrpdb)
+		if err != nil {
+			log.Error(err, err.Error())
+			return requeueN, err
 		}
 	}
-	return nil
+
+	return requeueY, nil
 }
 
 /*
-***************************************************************
-  - Get the Custom Resource for the LREST mentioned in the LRPDB Spec
-    /**************************************************************
-*/
-func (r *LRPDBReconciler) getLRESTResource(ctx context.Context, req ctrl.Request, lrpdb *dbapi.LRPDB) (dbapi.LREST, error) {
-
-	log := r.Log.WithValues("getLRESTResource", req.NamespacedName)
+*********************************************************************
+  - MONITOR PDB
 
-	var lrest dbapi.LREST // LREST CR corresponding to the LREST name specified in the LRPDB spec
+*********************************************************************
+*/
 
-	// Name of the LREST CR that holds the LREST container
-	lrestResName := lrpdb.Spec.CDBResName
-	lrestNamespace := lrpdb.Spec.CDBNamespace
+func (r *LRPDBReconciler) MonitorLRPDB(ctx context.Context, req ctrl.Request, lrpdb *dbapi.LRPDB) error {
+	log := r.Log.WithValues("MonitorLRPDB ", req.NamespacedName)
+	r.getLRPDBState(ctx, req, lrpdb)
 
-	log.Info("lrestResName...........:" + lrestResName)
-	log.Info("lrestNamespace.........:" + lrestNamespace)
+	/* Check open mode consistency */
+	if Bit(lrpdb.Status.PDBBitMask, PDBCLS) == true && lrpdb.Status.OpenMode == "READ WRITE" {
+		log.Info("Open mode inconsistency.......:target:close - status read write")
+		log.Info("Fix inconsistency.............:call(r.CloseLRPDB(ctx, req, lrpdb) )")
+		r.Recorder.Eventf(lrpdb, corev1.EventTypeWarning, "open mode inconsistency", "Target:[PDBCLS] Status:['%s']", lrpdb.Status.OpenMode)
+		err := r.CloseLRPDB(ctx, req, lrpdb)
+		if err != nil {
+			log.Error(err, err.Error())
+			return err
+		}
 
-	// Get LREST CR corresponding to the LREST name specified in the LRPDB spec
-	err := r.Get(context.Background(), client.ObjectKey{
-		Namespace: lrestNamespace,
-		Name:      lrestResName,
-	}, &lrest)
+		return nil
+	}
 
-	if err != nil {
-		log.Info("Failed to get CRD for LREST", "Name", lrestResName, "Namespace", lrestNamespace, "Error", err.Error())
-		lrpdb.Status.Msg = "Unable to get CRD for LREST : " + lrestResName
-		r.Status().Update(ctx, lrpdb)
-		return lrest, err
+	if Bit(lrpdb.Status.PDBBitMask, PDBOPN) == true && lrpdb.Status.OpenMode == "MOUNTED" {
+		log.Info("Open mode inconsistency.......:target:read write - status mounted")
+		log.Info("Fix inconsistency.............:call(r.OpenLRPDB(ctx, req, lrpdb) )")
+		r.Recorder.Eventf(lrpdb, corev1.EventTypeWarning, "open mode inconsistency", "Target:[PDBOPN] Status:['%s']", lrpdb.Status.OpenMode)
+		err := r.OpenLRPDB(ctx, req, lrpdb)
+		if err != nil {
+			log.Error(err, err.Error())
+			return err
+		}
+		return nil
 	}
 
-	log.Info("Found CR for LREST", "Name", lrestResName, "CR Name", lrest.Name)
-	return lrest, nil
+	return nil
 }
 
 /*
-***************************************************************
-  - Get the LREST Pod for the LREST mentioned in the LRPDB Spec
-    /**************************************************************
-*/
-func (r *LRPDBReconciler) getLRESTPod(ctx context.Context, req ctrl.Request, lrpdb *dbapi.LRPDB) (corev1.Pod, error) {
+*********************************************************************
+  - PLUG PDB
 
-	log := r.Log.WithValues("getLRESTPod", req.NamespacedName)
+*********************************************************************
+*/
 
-	var lrestPod corev1.Pod // LREST Pod container with connection to the concerned LREST
+func (r *LRPDBReconciler) PlugLRPDB(ctx context.Context, req ctrl.Request, lrpdb *dbapi.LRPDB) error {
 
-	// Name of the LREST CR that holds the LREST container
-	lrestResName := lrpdb.Spec.CDBResName
+	log := r.Log.WithValues("PlugLRPDB", req.NamespacedName)
+	globalsqlcode = 0
 
-	// Get LREST Pod associated with the LREST Name specified in the LRPDB Spec
-	err := r.Get(context.Background(), client.ObjectKey{
-		Namespace: req.Namespace,
-		Name:      lrestResName + "-lrest",
-	}, &lrestPod)
+	var err error
+	// var tde_Password string
+	// var tde_Secret string
 
+	lrest, err := r.getLRESTResource(ctx, req, lrpdb)
 	if err != nil {
-		log.Info("Failed to get Pod for LREST", "Name", lrestResName, "Namespace", req.Namespace, "Error", err.Error())
-		lrpdb.Status.Msg = "Unable to get LREST Pod for LREST : " + lrestResName
-		return lrestPod, err
+		return err
 	}
 
-	log.Info("Found LREST Pod for LREST", "Name", lrestResName, "Pod Name", lrestPod.Name, "LREST Container hostname", lrestPod.Spec.Hostname)
-	return lrestPod, nil
-}
+	values := map[string]string{
+		"method":                    "PLUG",
+		"xmlFileName":               lrpdb.Spec.XMLFileName,
+		"pdb_name":                  lrpdb.Spec.LRPDBName,
+		"sourceFileNameConversions": lrpdb.Spec.SourceFileNameConversions,
+		"copyAction":                lrpdb.Spec.CopyAction,
+		"fileNameConversions":       lrpdb.Spec.FileNameConversions,
+		"unlimitedStorage":          strconv.FormatBool(*(lrpdb.Spec.UnlimitedStorage)),
+		"reuseTempFile":             strconv.FormatBool(*(lrpdb.Spec.ReuseTempFile)),
+		"totalSize":                 lrpdb.Spec.TotalSize,
+		"tempSize":                  lrpdb.Spec.TempSize,
+		"getScript":                 strconv.FormatBool(*(lrpdb.Spec.GetScript))}
 
-/*
-************************************************
-  - Get Secret Key for a Secret Name
-    /***********************************************
-*/
-func (r *LRPDBReconciler) getSecret(ctx context.Context, req ctrl.Request, lrpdb *dbapi.LRPDB, secretName string, keyName string) (string, error) {
+	/*
+			if *(lrpdb.Spec.LTDEImport) {
+				tde_Password, err = r.getSecret(ctx, req, lrpdb, lrpdb.Spec.LTDEPassword.Secret.SecretName, lrpdb.Spec.LTDEPassword.Secret.Key)
+				if err != nil {
+					return err
+				}
+				tde_Secret, err = r.getSecret(ctx, req, lrpdb, lrpdb.Spec.LTDESecret.Secret.SecretName, lrpdb.Spec.LTDESecret.Secret.Key)
+				if err != nil {
+					return err
+				}
 
-	log := r.Log.WithValues("getSecret", req.NamespacedName)
+				tde_Secret = tde_Secret[:len(tde_Secret)-1]
+				tde_Password = tde_Secret[:len(tde_Password)-1]
+				values["tde_Password"] = tde_Password
+				values["tdeKeystorePath"] = lrpdb.Spec.LTDEKeystorePath
+				values["tde_Secret"] = tde_Secret
+				values["tdeImport"] = strconv.FormatBool(*(lrpdb.Spec.LTDEImport))
+			}
 
-	secret := &corev1.Secret{}
-	err := r.Get(ctx, types.NamespacedName{Name: secretName, Namespace: lrpdb.Namespace}, secret)
-	if err != nil {
-		if apierrors.IsNotFound(err) {
-			log.Info("Secret not found:" + secretName)
-			lrpdb.Status.Msg = "Secret not found:" + secretName
-			return "", err
+		if *(lrpdb.Spec.AsClone) {
+			values["asClone"] = strconv.FormatBool(*(lrpdb.Spec.AsClone))
 		}
-		log.Error(err, "Unable to get the secret.")
-		return "", err
-	}
+	*/
 
-	return string(secret.Data[keyName]), nil
-}
+	lrpdb.Status.Msg = "plug:[op. in progress]"
+	lrpdb.Status.PDBBitMask = Bis(lrpdb.Status.PDBBitMask, PDBPLG)
+	lrpdb.Status.PDBBitMaskStr = Bitmaskprint(lrpdb.Status.PDBBitMask)
+	r.UpdateStatus(ctx, req, lrpdb)
 
-/*
-************************************************
-  - Issue a REST API Call to the LREST container
-    /***********************************************
-*/
-func (r *LRPDBReconciler) callAPI(ctx context.Context, req ctrl.Request, lrpdb *dbapi.LRPDB, url string, payload map[string]string, action string) (string, error) {
-	log := r.Log.WithValues("callAPI", req.NamespacedName)
+	url := r.BaseUrl(ctx, req, lrpdb, lrest)
 
-	var err error
+	respData, err := NewCallAPISQL(r, ctx, req, lrpdb, url, values, "POST")
+	if err != nil {
+		log.Error(err, "Failure NewCallAPISQL( "+url+")", "err", err.Error())
+		return err
+	}
 
-	secret := &corev1.Secret{}
+	r.GetSqlCode(respData, &(lrpdb.Status.SqlCode))
+	globalsqlcode = lrpdb.Status.SqlCode
 
-	err = r.Get(ctx, types.NamespacedName{Name: lrpdb.Spec.LRPDBTlsKey.Secret.SecretName, Namespace: lrpdb.Namespace}, secret)
+	if lrpdb.Status.SqlCode != 0 {
+		globalsqlcode = lrpdb.Status.SqlCode
+		lrpdb.Status.PDBBitMask = Bis(lrpdb.Status.PDBBitMask, PDBPLE) /* Upplug error */
+		lrpdb.Status.PDBBitMask = Bid(lrpdb.Status.PDBBitMask, PDBPLG) /* Remove unplug flag */
+		lrpdb.Status.PDBBitMaskStr = Bitmaskprint(lrpdb.Status.PDBBitMask)
+		oer := fmt.Sprintf("ORA-%d", lrpdb.Status.SqlCode) /* Print the oracle error */
+		lrpdb.Status.Msg = "close:[" + oer + "]"
+		r.UpdateStatus(ctx, req, lrpdb)
+		return errors.New(oer)
 
-	if err != nil {
-		if apierrors.IsNotFound(err) {
-			log.Info("Secret not found:" + lrpdb.Spec.LRPDBTlsKey.Secret.SecretName)
-			return "", err
-		}
-		log.Error(err, "Unable to get the secret.")
-		return "", err
-	}
-	rsaKeyPEM := secret.Data[lrpdb.Spec.LRPDBTlsKey.Secret.Key]
-
-	err = r.Get(ctx, types.NamespacedName{Name: lrpdb.Spec.LRPDBTlsCrt.Secret.SecretName, Namespace: lrpdb.Namespace}, secret)
-
-	if err != nil {
-		if apierrors.IsNotFound(err) {
-			log.Info("Secret not found:" + lrpdb.Spec.LRPDBTlsCrt.Secret.SecretName)
-			return "", err
-		}
-		log.Error(err, "Unable to get the secret.")
-		return "", err
-	}
-
-	rsaCertPEM := secret.Data[lrpdb.Spec.LRPDBTlsCrt.Secret.Key]
-
-	err = r.Get(ctx, types.NamespacedName{Name: lrpdb.Spec.LRPDBTlsCat.Secret.SecretName, Namespace: lrpdb.Namespace}, secret)
-
-	if err != nil {
-		if apierrors.IsNotFound(err) {
-			log.Info("Secret not found:" + lrpdb.Spec.LRPDBTlsCat.Secret.SecretName)
-			return "", err
-		}
-		log.Error(err, "Unable to get the secret.")
-		return "", err
 	}
 
-	caCert := secret.Data[lrpdb.Spec.LRPDBTlsCat.Secret.Key]
-	/*
-		r.Recorder.Eventf(lrpdb, corev1.EventTypeWarning, "LRESTINFO", string(rsaKeyPEM))
-		r.Recorder.Eventf(lrpdb, corev1.EventTypeWarning, "LRESTINFO", string(rsaCertPEM))
-		r.Recorder.Eventf(lrpdb, corev1.EventTypeWarning, "LRESTINFO", string(caCert))
-	*/
+	r.Recorder.Eventf(lrpdb, corev1.EventTypeNormal, "Created", "LRPDB '%s' plugged successfully", lrpdb.Spec.LRPDBName)
 
-	certificate, err := tls.X509KeyPair([]byte(rsaCertPEM), []byte(rsaKeyPEM))
-	if err != nil {
-		lrpdb.Status.Msg = "Error tls.X509KeyPair"
-		return "", err
+	if lrest.Spec.DBServer != "" {
+		lrpdb.Status.ConnString = lrest.Spec.DBServer + ":" + strconv.Itoa(lrest.Spec.DBPort) + "/" + lrpdb.Spec.LRPDBName
+	} else {
+		log.Info("Parsing connectstring")
+		lrpdb.Status.ConnString = lrest.Spec.DBTnsurl
+		parseTnsAlias(&(lrpdb.Status.ConnString), &(lrpdb.Spec.LRPDBName))
 	}
 
-	caCertPool := x509.NewCertPool()
-	caCertPool.AppendCertsFromPEM(caCert)
-	/*
-			tlsConf := &tls.Config{Certificates: []tls.Certificate{certificate},
-		                               RootCAs: caCertPool}
-	*/
-	tlsConf := &tls.Config{Certificates: []tls.Certificate{certificate},
-		RootCAs: caCertPool,
-		//MinVersion:               tls.VersionTLS12,
-		CurvePreferences:         []tls.CurveID{tls.CurveP521, tls.CurveP384, tls.CurveP256},
-		PreferServerCipherSuites: true,
-		CipherSuites: []uint16{
-			tls.TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384,
-			tls.TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA,
-			tls.TLS_RSA_WITH_AES_256_GCM_SHA384,
-			tls.TLS_RSA_WITH_AES_256_CBC_SHA,
-		},
+	imperativeLpdbDeletion = lrpdb.Spec.ImperativeLrpdbDeletion
+	if lrpdb.Spec.ImperativeLrpdbDeletion == true {
+		r.Recorder.Eventf(lrpdb, corev1.EventTypeNormal, "Plug", "PDB '%s' imperative pdb deletion turned on", lrpdb.Spec.LRPDBName)
 	}
 
-	tr := &http.Transport{TLSClientConfig: tlsConf}
+	r.getLRPDBState(ctx, req, lrpdb)
 
-	httpclient := &http.Client{Transport: tr}
+	lrpdb.Status.Msg = "plug:[op. completed]"
+	lrpdb.Status.PDBBitMask = Bis(lrpdb.Status.PDBBitMask, PDBCRT) /* Set the creation flag */
+	lrpdb.Status.PDBBitMask = Bis(lrpdb.Status.PDBBitMask, PDBOPN) /* Set the creation flag */
+	lrpdb.Status.PDBBitMaskStr = Bitmaskprint(lrpdb.Status.PDBBitMask)
+	r.UpdateStatus(ctx, req, lrpdb)
 
-	log.Info("Issuing REST call", "URL", url, "Action", action)
+	log.Info("Successfully plugged LRPDB", "LRPDB Name", lrpdb.Spec.LRPDBName)
+	return nil
+}
 
-	webUser, err := r.getEncriptedSecret(ctx, req, lrpdb, lrpdb.Spec.WebLrpdbServerUser.Secret.SecretName, lrpdb.Spec.WebLrpdbServerUser.Secret.Key, lrpdb.Spec.LRPDBPriKey.Secret.SecretName, lrpdb.Spec.LRPDBPriKey.Secret.Key)
-	if err != nil {
-		log.Error(err, "Unable to get webuser account name   ")
-		return "", err
-	}
+/*
+*********************************************************************
+  - UNPLUG PDB
 
-	webUserPwd, err := r.getEncriptedSecret(ctx, req, lrpdb, lrpdb.Spec.WebLrpdbServerPwd.Secret.SecretName, lrpdb.Spec.WebLrpdbServerPwd.Secret.Key, lrpdb.Spec.LRPDBPriKey.Secret.SecretName, lrpdb.Spec.LRPDBPriKey.Secret.Key)
-	if err != nil {
-		log.Error(err, "Unable to get webuser account password  ")
-		return "", err
-	}
+*********************************************************************
+*/
 
-	var httpreq *http.Request
-	if action == "GET" {
-		httpreq, err = http.NewRequest(action, url, nil)
-	} else {
-		jsonValue, _ := json.Marshal(payload)
-		httpreq, err = http.NewRequest(action, url, bytes.NewBuffer(jsonValue))
-	}
+func (r *LRPDBReconciler) UnplugLRPDB(ctx context.Context, req ctrl.Request, lrpdb *dbapi.LRPDB) error {
 
-	if err != nil {
-		log.Info("Unable to create HTTP Request for LRPDB : "+lrpdb.Name, "err", err.Error())
-		return "", err
-	}
+	log := r.Log.WithValues("unplugLRPDB", req.NamespacedName)
+	globalsqlcode = 0
 
-	httpreq.Header.Add("Accept", "application/json")
-	httpreq.Header.Add("Content-Type", "application/json")
-	httpreq.SetBasicAuth(webUser, webUserPwd)
+	var err error
+	//var tde_Password string
+	//var tde_Secret string
 
-	resp, err := httpclient.Do(httpreq)
+	lrest, err := r.getLRESTResource(ctx, req, lrpdb)
 	if err != nil {
-		errmsg := err.Error()
-		log.Error(err, "Failed - Could not connect to LREST Pod", "err", err.Error())
-		lrpdb.Status.Msg = "Error: Could not connect to LREST Pod"
-		r.Recorder.Eventf(lrpdb, corev1.EventTypeWarning, "LRESTError", errmsg)
-		return "", err
+		return err
 	}
 
-	r.Recorder.Eventf(lrpdb, corev1.EventTypeWarning, "Done", lrpdb.Spec.CDBResName)
-	if resp.StatusCode != http.StatusOK {
-		bb, _ := ioutil.ReadAll(resp.Body)
-
-		if resp.StatusCode == 404 {
-			lrpdb.Status.ConnString = ""
-			lrpdb.Status.Msg = lrpdb.Spec.LRPDBName + " not found"
+	values := map[string]string{
+		"method":      "UNPLUG",
+		"xmlFileName": lrpdb.Spec.XMLFileName,
+		"getScript":   strconv.FormatBool(*(lrpdb.Spec.GetScript))}
 
-		} else {
-			if flood_control == false {
-				lrpdb.Status.Msg = "LREST Error - HTTP Status Code:" + strconv.Itoa(resp.StatusCode)
+	/*
+		if *(lrpdb.Spec.LTDEExport) {
+			tde_Password, err = r.getSecret(ctx, req, lrpdb, lrpdb.Spec.LTDEPassword.Secret.SecretName, lrpdb.Spec.LTDEPassword.Secret.Key)
+			if err != nil {
+				return err
+			}
+			tde_Secret, err = r.getSecret(ctx, req, lrpdb, lrpdb.Spec.LTDESecret.Secret.SecretName, lrpdb.Spec.LTDESecret.Secret.Key)
+			if err != nil {
+				return err
 			}
-		}
 
-		if flood_control == false {
-			log.Info("LREST Error - HTTP Status Code :"+strconv.Itoa(resp.StatusCode), "Err", string(bb))
+			tde_Secret = tde_Secret[:len(tde_Secret)-1]
+			tde_Password = tde_Secret[:len(tde_Password)-1]
+			values["tde_Password"] = tde_Password
+			values["tdeKeystorePath"] = lrpdb.Spec.LTDEKeystorePath
+			values["tde_Secret"] = tde_Secret
+			values["tdeExport"] = strconv.FormatBool(*(lrpdb.Spec.LTDEExport))
 		}
+	*/
 
-		var apiErr LRESTError
-		json.Unmarshal([]byte(bb), &apiErr)
-		if flood_control == false {
-			r.Recorder.Eventf(lrpdb, corev1.EventTypeWarning, "LRESTError", "Failed: %s", apiErr.Message)
-		}
-		fmt.Printf("\n================== APIERR ======================\n")
-		fmt.Printf("%+v \n", apiErr)
-		fmt.Printf(string(bb))
-		fmt.Printf("URL=%s\n", url)
-		fmt.Printf("resp.StatusCode=%s\n", strconv.Itoa(resp.StatusCode))
-		fmt.Printf("\n================== APIERR ======================\n")
-		flood_control = true
-		return "", errors.New("LREST Error")
+	lrpdb.Status.Msg = "unplug:[op. in progress]"
+	lrpdb.Status.PDBBitMask = Bis(lrpdb.Status.PDBBitMask, PDBUPL)
+	lrpdb.Status.PDBBitMaskStr = Bitmaskprint(lrpdb.Status.PDBBitMask)
+
+	if Bit(lrpdb.Status.PDBBitMask, PDBPLG) { /*database already plugged in the past */
+		lrpdb.Status.PDBBitMask = Bid(lrpdb.Status.PDBBitMask, PDBPLG)
+		lrpdb.Status.PDBBitMaskStr = Bitmaskprint(lrpdb.Status.PDBBitMask)
 	}
-	flood_control = false
 
-	defer resp.Body.Close()
+	r.UpdateStatus(ctx, req, lrpdb)
+	url := r.BaseUrl(ctx, req, lrpdb, lrest) + lrpdb.Spec.LRPDBName
 
-	bodyBytes, err := ioutil.ReadAll(resp.Body)
+	log.Info("CallAPI(url)", "url", url)
+	respData, err := NewCallAPISQL(r, ctx, req, lrpdb, url, values, "POST")
 	if err != nil {
-		fmt.Print(err.Error())
+		log.Error(err, "Failure NewCallAPISQL( "+url+")", "err", err.Error())
+		return err
 	}
-	respData := string(bodyBytes)
-	fmt.Print("CALL API return msg.....:")
-	fmt.Println(string(bodyBytes))
 
-	var apiResponse restSQLCollection
-	json.Unmarshal([]byte(bodyBytes), &apiResponse)
-	fmt.Printf("===> %#v\n", apiResponse)
-	fmt.Printf("===> %+v\n", apiResponse)
+	r.GetSqlCode(respData, &(lrpdb.Status.SqlCode))
+	r.UpdateStatus(ctx, req, lrpdb)
+
+	if lrpdb.Status.SqlCode != 0 {
+		globalsqlcode = lrpdb.Status.SqlCode
+		lrpdb.Status.PDBBitMask = Bis(lrpdb.Status.PDBBitMask, PDBUPE) /* Upplug error */
+		lrpdb.Status.PDBBitMask = Bid(lrpdb.Status.PDBBitMask, PDBUPL) /* Remove unplug flag */
+		lrpdb.Status.PDBBitMaskStr = Bitmaskprint(lrpdb.Status.PDBBitMask)
+		oer := fmt.Sprintf("ORA-%d", lrpdb.Status.SqlCode) /* Print the oracle error */
+		lrpdb.Status.Msg = "close:[" + oer + "]"
+		r.UpdateStatus(ctx, req, lrpdb)
+		return errors.New(oer)
 
-	errFound := false
-	for _, sqlItem := range apiResponse.Items {
-		if sqlItem.ErrorDetails != "" {
-			log.Info("LREST Error - Oracle Error Code :" + strconv.Itoa(sqlItem.ErrorCode))
-			if !errFound {
-				lrpdb.Status.Msg = sqlItem.ErrorDetails
-			}
-			r.Recorder.Eventf(lrpdb, corev1.EventTypeWarning, "OraError", "%s", sqlItem.ErrorDetails)
-			errFound = true
-		}
 	}
 
-	if errFound {
-		return "", errors.New("Oracle Error")
+	/*... CRD is going to be delete... loging message in the logfile */
+	lrpdb.Status.Msg = "unplug:[op. completed]"
+	r.UpdateStatus(ctx, req, lrpdb)
+	log.Info("unplug:[op. completed]")
+
+	if controllerutil.ContainsFinalizer(lrpdb, LRPDBFinalizer) {
+		log.Info("Removing finalizer")
+		controllerutil.RemoveFinalizer(lrpdb, LRPDBFinalizer)
+		err = r.Update(ctx, lrpdb)
+		if err != nil {
+			log.Info("Could not remove finalizer", "err", err.Error())
+			return err
+		}
+		lrpdb.Status.Status = true
+		err = r.Delete(context.Background(), lrpdb, client.GracePeriodSeconds(1))
+		if err != nil {
+			log.Info("Could not delete LRPDB resource", "err", err.Error())
+			return err
+		}
 	}
 
-	return respData, nil
+	r.Recorder.Eventf(lrpdb, corev1.EventTypeNormal, "Unplugged", "LRPDB '%s' unplugged successfully", lrpdb.Spec.LRPDBName)
+	globalsqlcode = 0
+	log.Info("Successfully unplugged LRPDB resource")
+	return nil
 }
 
 /*
-************************************************
-  - Create a LRPDB
+*********************************************************************
+  - OPEN PDB
 
-***********************************************
+*********************************************************************
 */
-func (r *LRPDBReconciler) createLRPDB(ctx context.Context, req ctrl.Request, lrpdb *dbapi.LRPDB) error {
-
-	log := r.Log.WithValues("createLRPDB", req.NamespacedName)
+func (r *LRPDBReconciler) OpenLRPDB(ctx context.Context, req ctrl.Request, lrpdb *dbapi.LRPDB) error {
 
-	var err error
-	var tde_Password string
-	var tde_Secret string
+	log := r.Log.WithValues("OpenLRPDB", req.NamespacedName)
+	r.Recorder.Eventf(lrpdb, corev1.EventTypeNormal, "Modify", "Info:'%s %s %s' ", lrpdb.Spec.LRPDBName, lrpdb.Spec.LRPDBState, lrpdb.Status.ModifyOption)
 
-	log.Info("call  getLRESTResource \n")
 	lrest, err := r.getLRESTResource(ctx, req, lrpdb)
 	if err != nil {
+		log.Info("Failure: Cannot get lrest info")
 		return err
 	}
 
-	lrpdbAdminName, err := r.getEncriptedSecret(ctx, req, lrpdb, lrpdb.Spec.AdminpdbUser.Secret.SecretName, lrpdb.Spec.AdminpdbUser.Secret.Key, lrpdb.Spec.LRPDBPriKey.Secret.SecretName, lrpdb.Spec.LRPDBPriKey.Secret.Key)
-	if err != nil {
-		log.Error(err, "Unable to find pdb admin user ")
-		return err
-	}
-
-	lrpdbAdminPwd, err := r.getEncriptedSecret(ctx, req, lrpdb, lrpdb.Spec.AdminpdbPass.Secret.SecretName, lrpdb.Spec.AdminpdbPass.Secret.Key, lrpdb.Spec.LRPDBPriKey.Secret.SecretName, lrpdb.Spec.LRPDBPriKey.Secret.Key)
+	values := map[string]string{}
+	values = map[string]string{
+		"state":         lrpdb.Spec.LRPDBState,
+		"modifyOption":  lrpdb.Spec.ModifyOption,
+		"modifyOption2": lrpdb.Spec.ModifyOption2,
+		"getScript":     strconv.FormatBool(*(lrpdb.Spec.GetScript))}
 
-	if err != nil {
-		log.Error(err, "Unable to find pdb admin password ")
-		return err
+	if lrpdb.Spec.LRPDBState == "OPEN" || lrpdb.Spec.LRPDBState == "CLOSE" {
+		log.Info("MODIFY LRPDB", "lrpdb.Spec.LRPDBState=", lrpdb.Spec.LRPDBState, "lrpdb.Spec.ModifyOption=", lrpdb.Spec.ModifyOption)
+		log.Info("LRPDB STATUS OPENMODE", "lrpdb.Status.OpenMode=", lrpdb.Status.OpenMode)
 	}
 
-	err = r.getLRPDBState(ctx, req, lrpdb)
-	if err != nil {
-		if apierrors.IsNotFound(err) {
-			log.Info("Check LRPDB not existence completed", "LRPDB Name", lrpdb.Spec.LRPDBName)
-		}
+	lrpdbName := lrpdb.Spec.LRPDBName
+	url := r.BaseUrl(ctx, req, lrpdb, lrest) + lrpdbName
 
-	} else {
+	lrpdb.Status.Msg = "open:[op in progress]"
+	r.UpdateStatus(ctx, req, lrpdb)
 
-		lrpdb.Status.Phase = lrpdbPhaseFail
-		lrpdb.Status.Msg = "PDB " + lrpdb.Spec.LRPDBName + " already exists "
-		if err := r.Status().Update(ctx, lrpdb); err != nil {
-			log.Error(err, "Failed to update status for :"+lrpdb.Name, "err", err.Error())
-		}
-		log.Info("Database already exists ", "LRPDB Name", lrpdb.Spec.LRPDBName)
-		err := fmt.Errorf("%v", 65012)
+	respData, err := NewCallAPISQL(r, ctx, req, lrpdb, url, values, "POST")
+	if err != nil {
+		log.Error(err, "Failure NewCallAPISQL( "+url+")", "err", err.Error())
 		return err
 	}
 
-	values := map[string]string{
-		"method":              "CREATE",
-		"pdb_name":            lrpdb.Spec.LRPDBName,
-		"adminName":           lrpdbAdminName,
-		"adminPwd":            lrpdbAdminPwd,
-		"fileNameConversions": lrpdb.Spec.FileNameConversions,
-		"reuseTempFile":       strconv.FormatBool(*(lrpdb.Spec.ReuseTempFile)),
-		"unlimitedStorage":    strconv.FormatBool(*(lrpdb.Spec.UnlimitedStorage)),
-		"totalSize":           lrpdb.Spec.TotalSize,
-		"tempSize":            lrpdb.Spec.TempSize,
-		"getScript":           strconv.FormatBool(*(lrpdb.Spec.GetScript))}
-
-	fmt.Printf("===== PAYLOAD ===\n")
-	fmt.Print(" method ", values["method"], "\n")
-	fmt.Print(" pdb_name ", values["pdb_name"], "\n")
-	fmt.Print(" adminName ", values["adminName"], "\n")
-	fmt.Print(" adminPwd --------------\n")
-	fmt.Print(" fileNameConversions ", values["fileNameConversions"], "\n")
-	fmt.Print(" unlimitedStorage ", values["unlimitedStorage"], "\n")
-	fmt.Print(" reuseTempFile ", values["reuseTempFile"], "\n")
-	fmt.Print(" tempSize ", values["tempSize"], "\n")
-	fmt.Print(" totalSize ", values["totalSize"], "\n")
-	fmt.Print(" getScript ", values["getScript"], "\n")
-
-	if *(lrpdb.Spec.LTDEImport) {
-		tde_Password, err = r.getSecret(ctx, req, lrpdb, lrpdb.Spec.LTDEPassword.Secret.SecretName, lrpdb.Spec.LTDEPassword.Secret.Key)
-		if err != nil {
-			return err
-		}
-		tde_Secret, err = r.getSecret(ctx, req, lrpdb, lrpdb.Spec.LTDESecret.Secret.SecretName, lrpdb.Spec.LTDESecret.Secret.Key)
-		if err != nil {
-			return err
-		}
-
-		tde_Secret = tde_Secret[:len(tde_Secret)-1]
-		tde_Password = tde_Secret[:len(tde_Password)-1]
-		values["tde_Password"] = tde_Password
-		values["tdeKeystorePath"] = lrpdb.Spec.LTDEKeystorePath
-		values["tde_Secret"] = tde_Secret
+	r.GetSqlCode(respData, &(lrpdb.Status.SqlCode))
+	/* if sqlcode is zero then unset the closebit */
+	if lrpdb.Status.SqlCode == 0 {
+		lrpdb.Status.PDBBitMask = Bid(lrpdb.Status.PDBBitMask, PDBCLS)
+		lrpdb.Status.PDBBitMaskStr = Bitmaskprint(lrpdb.Status.PDBBitMask)
 	}
 
-	//url := "https://" + lrpdb.Spec.CDBResName + "-lrest:" + strconv.Itoa(lrest.Spec.LRESTPort) + "/database/pdbs/"
-	url := r.BaseUrl(ctx, req, lrpdb, lrest)
-	fmt.Print("============================================================\n")
-	fmt.Print(url)
-	fmt.Print("\n============================================================\n")
-	lrpdb.Status.TotalSize = lrpdb.Spec.TotalSize
-	lrpdb.Status.Phase = lrpdbPhaseCreate
-	lrpdb.Status.Msg = "Waiting for LRPDB to be created"
-
-	if err := r.Status().Update(ctx, lrpdb); err != nil {
-		log.Error(err, "Failed to update status for :"+lrpdb.Name, "err", err.Error())
-	}
+	r.UpdateStatus(ctx, req, lrpdb)
 
-	respData, err := NewCallLAPI(r, ctx, req, lrpdb, url, values, "POST")
-	if err != nil {
-		log.Error(err, "Failure NewCallLAPI( "+url+")", "err", err.Error())
-		return err
+	/* Return Error if sqlcode != */
+	if lrpdb.Status.SqlCode != 0 {
+		lrpdb.Status.PDBBitMask = Bis(lrpdb.Status.PDBBitMask, PDBOPE)
+		lrpdb.Status.PDBBitMaskStr = Bitmaskprint(lrpdb.Status.PDBBitMask)
+		oer := fmt.Sprintf("ORA-%d", lrpdb.Status.SqlCode)
+		lrpdb.Status.Msg = "open:[" + oer + "]"
+		r.UpdateStatus(ctx, req, lrpdb)
+		return errors.New(oer)
 	}
 
-	r.GetSqlCode(respData, &(lrpdb.Status.SqlCode))
 	globalsqlcode = lrpdb.Status.SqlCode
-	if lrpdb.Status.SqlCode != 0 {
-		err := fmt.Errorf("%v", lrpdb.Status.SqlCode)
-		return err
-	}
+	r.getLRPDBState(ctx, req, lrpdb)
 
-	r.Recorder.Eventf(lrpdb, corev1.EventTypeNormal,
-		"Created", "LRPDB '%s' created successfully", lrpdb.Spec.LRPDBName)
+	if lrpdb.Spec.LRPDBState == "OPEN" || lrpdb.Spec.LRPDBState == "CLOSE" {
+		r.Recorder.Eventf(lrpdb, corev1.EventTypeNormal, "Modified", " '%s' modified successfully '%s'", lrpdb.Spec.LRPDBName, lrpdb.Spec.LRPDBState)
+	}
 
 	if lrest.Spec.DBServer != "" {
-		lrpdb.Status.ConnString =
-			lrest.Spec.DBServer + ":" + strconv.Itoa(lrest.Spec.DBPort) + "/" + lrpdb.Spec.LRPDBName
+		lrpdb.Status.ConnString = lrest.Spec.DBServer + ":" + strconv.Itoa(lrest.Spec.DBPort) + "/" + lrpdb.Spec.LRPDBName
 	} else {
-		log.Info("Parsing connectstring")
 		lrpdb.Status.ConnString = lrest.Spec.DBTnsurl
 		parseTnsAlias(&(lrpdb.Status.ConnString), &(lrpdb.Spec.LRPDBName))
-	}
 
-	assertiveLpdbDeletion = lrpdb.Spec.AssertiveLrpdbDeletion
-	if lrpdb.Spec.AssertiveLrpdbDeletion == true {
-		r.Recorder.Eventf(lrpdb, corev1.EventTypeNormal, "Created", "PDB '%s' assertive pdb deletion turned on", lrpdb.Spec.LRPDBName)
 	}
 
-	r.getLRPDBState(ctx, req, lrpdb)
-	log.Info("Created LRPDB Resource", "LRPDB Name", lrpdb.Spec.LRPDBName)
+	log.Info("Successfully modified LRPDB state", "LRPDB Name", lrpdb.Spec.LRPDBName)
 
-	if bit(lrpdb.Status.Bitstat, MPINIT) == false {
-		r.InitConfigMap(ctx, req, lrpdb)
-		Cardinality, _ := r.ApplyConfigMap(ctx, req, lrpdb)
-		log.Info("Config Map Cardinality " + strconv.Itoa(int(Cardinality)))
-	}
+	/* After database openining we reapply the config map if warning is present */
+	if lrpdb.Spec.LRPDBState == "OPEN" {
+		if Bit(lrpdb.Status.CmBitstat, MPWARN|MPINIT) {
+			log.Info("re-apply config map")
+			r.ApplyConfigMap(ctx, req, lrpdb)
 
-	if err := r.Status().Update(ctx, lrpdb); err != nil {
-		log.Error(err, "Failed to update status for :"+lrpdb.Name, "err", err.Error())
+		}
 	}
+	lrpdb.Status.Msg = "open:[op. completed]"
+	lrpdb.Status.PDBBitMask = Bis(lrpdb.Status.PDBBitMask, PDBOPN)
+	lrpdb.Status.PDBBitMaskStr = Bitmaskprint(lrpdb.Status.PDBBitMask)
+	r.UpdateStatus(ctx, req, lrpdb)
 
 	return nil
 }
 
 /*
-************************************************
-  - Clone a LRPDB
-    /***********************************************
-*/
-func (r *LRPDBReconciler) cloneLRPDB(ctx context.Context, req ctrl.Request, lrpdb *dbapi.LRPDB) error {
-
-	if lrpdb.Spec.LRPDBName == lrpdb.Spec.SrcLRPDBName {
-		return nil
-	}
+*********************************************************************
+  - CLOSE PDB
 
-	log := r.Log.WithValues("cloneLRPDB", req.NamespacedName)
+*********************************************************************
+*/
+func (r *LRPDBReconciler) CloseLRPDB(ctx context.Context, req ctrl.Request, lrpdb *dbapi.LRPDB) error {
 
-	globalsqlcode = 0
-	var err error
+	log := r.Log.WithValues("CloseLRPDB", req.NamespacedName)
+	r.Recorder.Eventf(lrpdb, corev1.EventTypeNormal, "Close", "Info:'%s %s %s' ", lrpdb.Spec.LRPDBName, lrpdb.Spec.LRPDBState, lrpdb.Status.ModifyOption)
 
 	lrest, err := r.getLRESTResource(ctx, req, lrpdb)
 	if err != nil {
+		log.Info("Failure: Cannot get lrest info")
 		return err
 	}
 
-	/* Prevent cloning an existing lrpdb */
-	err = r.getLRPDBState(ctx, req, lrpdb)
-	if err != nil {
-		if apierrors.IsNotFound(err) {
-			log.Info("Check LRPDB not existence completed", "LRPDB Name", lrpdb.Spec.LRPDBName)
-		}
-
-	} else {
-		log.Info("Database already exists ", "LRPDB Name", lrpdb.Spec.LRPDBName)
-		return nil
-	}
-
-	values := map[string]string{
-		"method":           "CLONE",
-		"pdb_name":         lrpdb.Spec.LRPDBName,
-		"srcPdbName":       lrpdb.Spec.SrcLRPDBName,
-		"reuseTempFile":    strconv.FormatBool(*(lrpdb.Spec.ReuseTempFile)),
-		"unlimitedStorage": strconv.FormatBool(*(lrpdb.Spec.UnlimitedStorage)),
-		"getScript":        strconv.FormatBool(*(lrpdb.Spec.GetScript))}
+	values := map[string]string{}
+	values = map[string]string{
+		"state":         lrpdb.Spec.LRPDBState,
+		"modifyOption":  lrpdb.Spec.ModifyOption,
+		"modifyOption2": lrpdb.Spec.ModifyOption2,
+		"getScript":     strconv.FormatBool(*(lrpdb.Spec.GetScript))}
 
-	//* check the existence of lrpdb.Spec.SrcLRPDBName //
-	var allErrs field.ErrorList
-	pdbCounter, _ := r.checkPDBforCloninig(ctx, req, lrpdb, lrpdb.Spec.SrcLRPDBName)
-	if pdbCounter == 0 {
-		log.Info("target pdb " + lrpdb.Spec.SrcLRPDBName + " does not exists or is not open")
-		allErrs = append(allErrs, field.NotFound(field.NewPath("Spec").Child("LRPDBName"), " "+lrpdb.Spec.LRPDBName+" does not exist :  failure"))
-		r.Delete(context.Background(), lrpdb, client.GracePeriodSeconds(1))
-		return nil
+	if lrpdb.Spec.LRPDBState == "OPEN" || lrpdb.Spec.LRPDBState == "CLOSE" {
+		log.Info("MODIFY LRPDB", "lrpdb.Spec.LRPDBState=", lrpdb.Spec.LRPDBState, "lrpdb.Spec.ModifyOption=", lrpdb.Spec.ModifyOption)
+		log.Info("LRPDB STATUS OPENMODE", "lrpdb.Status.OpenMode=", lrpdb.Status.OpenMode)
 	}
 
-	if lrpdb.Spec.SparseClonePath != "" {
-		values["sparseClonePath"] = lrpdb.Spec.SparseClonePath
-	}
-	if lrpdb.Spec.FileNameConversions != "" {
-		values["fileNameConversions"] = lrpdb.Spec.FileNameConversions
-	}
-	if lrpdb.Spec.TotalSize != "" {
-		values["totalSize"] = lrpdb.Spec.TotalSize
-	}
-	if lrpdb.Spec.TempSize != "" {
-		values["tempSize"] = lrpdb.Spec.TempSize
-	}
+	lrpdbName := lrpdb.Spec.LRPDBName
+	url := r.BaseUrl(ctx, req, lrpdb, lrest) + lrpdbName
 
-	url := r.BaseUrl(ctx, req, lrpdb, lrest) + lrpdb.Spec.LRPDBName + "/"
+	lrpdb.Status.Msg = "close:[op. in progress]"
+	r.UpdateStatus(ctx, req, lrpdb)
 
-	lrpdb.Status.Phase = lrpdbPhaseClone
-	lrpdb.Status.Msg = "Waiting for LRPDB to be cloned"
-	if err := r.Status().Update(ctx, lrpdb); err != nil {
-		log.Error(err, "Failed to update status for :"+lrpdb.Name, "err", err.Error())
-	}
-	respData, err := NewCallLAPI(r, ctx, req, lrpdb, url, values, "POST")
+	respData, err := NewCallAPISQL(r, ctx, req, lrpdb, url, values, "POST")
 	if err != nil {
-		log.Error(err, "Failure NewCallLAPI( "+url+")", "err", err.Error())
+		log.Error(err, "Failure NewCallAPISQL( "+url+")", "err", err.Error())
 		return err
 	}
 
 	r.GetSqlCode(respData, &(lrpdb.Status.SqlCode))
-	globalsqlcode = lrpdb.Status.SqlCode
+	/* if sqlcode is zero then unset the openbit */
+	if lrpdb.Status.SqlCode == 0 {
+		lrpdb.Status.PDBBitMask = Bid(lrpdb.Status.PDBBitMask, PDBOPN)
+		lrpdb.Status.PDBBitMaskStr = Bitmaskprint(lrpdb.Status.PDBBitMask)
+	}
 
+	r.UpdateStatus(ctx, req, lrpdb)
+
+	/* Return Error if sqlcode != */
 	if lrpdb.Status.SqlCode != 0 {
-		errclone := errors.New("Cannot clone database: ora-" + strconv.Itoa(lrpdb.Status.SqlCode))
-		log.Info("Cannot clone database ora-" + strconv.Itoa(lrpdb.Status.SqlCode))
-		lrpdb.Status.Msg = lrpdb.Spec.SrcLRPDBName + " is open in mount cannot clone "
-		if err := r.Status().Update(ctx, lrpdb); err != nil {
-			log.Error(err, "Failed to update status for :"+lrpdb.Name, "err", err.Error())
-		}
-		return errclone
+		lrpdb.Status.PDBBitMask = Bis(lrpdb.Status.PDBBitMask, PDBCLE)
+		lrpdb.Status.PDBBitMaskStr = Bitmaskprint(lrpdb.Status.PDBBitMask)
+		oer := fmt.Sprintf("ORA-%d", lrpdb.Status.SqlCode)
+		lrpdb.Status.Msg = "close:[" + oer + "]"
+		r.UpdateStatus(ctx, req, lrpdb)
+		return errors.New(oer)
 	}
 
-	r.Recorder.Eventf(lrpdb, corev1.EventTypeNormal, "Created", "LRPDB '%s' cloned successfully", lrpdb.Spec.LRPDBName)
+	globalsqlcode = lrpdb.Status.SqlCode
+	r.getLRPDBState(ctx, req, lrpdb)
+
+	if lrpdb.Spec.LRPDBState == "OPEN" || lrpdb.Spec.LRPDBState == "CLOSE" {
+		r.Recorder.Eventf(lrpdb, corev1.EventTypeNormal, "Modified", " '%s' modified successfully '%s'", lrpdb.Spec.LRPDBName, lrpdb.Spec.LRPDBState)
+	}
 
 	if lrest.Spec.DBServer != "" {
 		lrpdb.Status.ConnString = lrest.Spec.DBServer + ":" + strconv.Itoa(lrest.Spec.DBPort) + "/" + lrpdb.Spec.LRPDBName
@@ -998,1133 +858,2031 @@ func (r *LRPDBReconciler) cloneLRPDB(ctx context.Context, req ctrl.Request, lrpd
 		parseTnsAlias(&(lrpdb.Status.ConnString), &(lrpdb.Spec.LRPDBName))
 
 	}
-	assertiveLpdbDeletion = lrpdb.Spec.AssertiveLrpdbDeletion
-	if lrpdb.Spec.AssertiveLrpdbDeletion == true {
-		r.Recorder.Eventf(lrpdb, corev1.EventTypeNormal, "Clone", "PDB '%s' assertive pdb deletion turned on", lrpdb.Spec.LRPDBName)
-	}
 
-	log.Info("Cloned LRPDB successfully", "Source LRPDB Name", lrpdb.Spec.SrcLRPDBName, "Clone LRPDB Name", lrpdb.Spec.LRPDBName)
-	r.getLRPDBState(ctx, req, lrpdb)
+	lrpdb.Status.Msg = "close:[op. completed]"
+	log.Info("Successfully modified LRPDB state", "LRPDB Name", lrpdb.Spec.LRPDBName)
+	lrpdb.Status.PDBBitMask = Bis(lrpdb.Status.PDBBitMask, PDBCLS)
+	lrpdb.Status.PDBBitMaskStr = Bitmaskprint(lrpdb.Status.PDBBitMask)
+	r.UpdateStatus(ctx, req, lrpdb)
+
 	return nil
 }
 
 /*
-************************************************
-  - Plug a LRPDB
+*********************************************************************
+  - DELETE PDB - IMPERATIVE APPROAC
 
-***********************************************
+*********************************************************************
 */
-func (r *LRPDBReconciler) plugLRPDB(ctx context.Context, req ctrl.Request, lrpdb *dbapi.LRPDB) error {
-
-	log := r.Log.WithValues("plugLRPDB", req.NamespacedName)
-	globalsqlcode = 0
+func (r *LRPDBReconciler) DeleteLRPDB(ctx context.Context, req ctrl.Request, lrpdb *dbapi.LRPDB) error {
+	log := r.Log.WithValues("deleteLRPDB", req.NamespacedName)
 
 	var err error
-	var tde_Password string
-	var tde_Secret string
 
 	lrest, err := r.getLRESTResource(ctx, req, lrpdb)
 	if err != nil {
+		log.Info("Failure: Cannot get lrest info")
 		return err
 	}
 
-	values := map[string]string{
-		"method":                    "PLUG",
-		"xmlFileName":               lrpdb.Spec.XMLFileName,
-		"pdb_name":                  lrpdb.Spec.LRPDBName,
-		"sourceFileNameConversions": lrpdb.Spec.SourceFileNameConversions,
-		"copyAction":                lrpdb.Spec.CopyAction,
-		"fileNameConversions":       lrpdb.Spec.FileNameConversions,
-		"unlimitedStorage":          strconv.FormatBool(*(lrpdb.Spec.UnlimitedStorage)),
-		"reuseTempFile":             strconv.FormatBool(*(lrpdb.Spec.ReuseTempFile)),
-		"totalSize":                 lrpdb.Spec.TotalSize,
-		"tempSize":                  lrpdb.Spec.TempSize,
-		"getScript":                 strconv.FormatBool(*(lrpdb.Spec.GetScript))}
+	if lrpdb.Spec.ImperativeLrpdbDeletion == true {
+		/* Close the pdb if it's open */
+		if Bit(lrpdb.Status.PDBBitMask, PDBOPN) == true {
+			valuesclose := map[string]string{
+				"state":        "CLOSE",
+				"modifyOption": "IMMEDIATE",
+				"getScript":    "FALSE"}
+			lrpdbName := lrpdb.Spec.LRPDBName
+			url := r.BaseUrl(ctx, req, lrpdb, lrest) + lrpdbName
+			respData, err := NewCallAPISQL(r, ctx, req, lrpdb, url, valuesclose, "POST")
+			r.GetSqlCode(respData, &(lrpdb.Status.SqlCode))
+			if lrpdb.Status.SqlCode != 0 {
+				oer := fmt.Sprintf("ORA-%d", lrpdb.Status.SqlCode)
+				lrpdb.Status.Msg = "close:[" + oer + "]"
+				r.UpdateStatus(ctx, req, lrpdb)
+			}
+			if err != nil {
+				log.Info("Warning error closing lrpdb continue anyway")
+
+			}
+			lrpdb.Status.PDBBitMask = Bid(lrpdb.Status.PDBBitMask, PDBOPN)
+			lrpdb.Status.PDBBitMask = Bis(lrpdb.Status.PDBBitMask, PDBCLS)
+			lrpdb.Status.PDBBitMaskStr = Bitmaskprint(lrpdb.Status.PDBBitMask)
+			r.UpdateStatus(ctx, req, lrpdb)
 
-	if *(lrpdb.Spec.LTDEImport) {
-		tde_Password, err = r.getSecret(ctx, req, lrpdb, lrpdb.Spec.LTDEPassword.Secret.SecretName, lrpdb.Spec.LTDEPassword.Secret.Key)
-		if err != nil {
-			return err
-		}
-		tde_Secret, err = r.getSecret(ctx, req, lrpdb, lrpdb.Spec.LTDESecret.Secret.SecretName, lrpdb.Spec.LTDESecret.Secret.Key)
-		if err != nil {
-			return err
 		}
 
-		tde_Secret = tde_Secret[:len(tde_Secret)-1]
-		tde_Password = tde_Secret[:len(tde_Password)-1]
-		values["tde_Password"] = tde_Password
-		values["tdeKeystorePath"] = lrpdb.Spec.LTDEKeystorePath
-		values["tde_Secret"] = tde_Secret
-		values["tdeImport"] = strconv.FormatBool(*(lrpdb.Spec.LTDEImport))
-	}
-	if *(lrpdb.Spec.AsClone) {
-		values["asClone"] = strconv.FormatBool(*(lrpdb.Spec.AsClone))
-	}
+		values := map[string]string{
+			"action":    "INCLUDING",
+			"getScript": strconv.FormatBool(*(lrpdb.Spec.GetScript))}
 
-	url := r.BaseUrl(ctx, req, lrpdb, lrest)
+		if lrpdb.Spec.DropAction != "" {
+			values["action"] = lrpdb.Spec.DropAction
+		}
 
-	lrpdb.Status.TotalSize = lrpdb.Spec.TotalSize
-	lrpdb.Status.Phase = lrpdbPhasePlug
-	lrpdb.Status.Msg = "Waiting for LRPDB to be plugged"
-	if err := r.Status().Update(ctx, lrpdb); err != nil {
-		log.Error(err, "Failed to update status for :"+lrpdb.Name, "err", err.Error())
-	}
+		lrpdbName := lrpdb.Spec.LRPDBName
+		url := r.BaseUrl(ctx, req, lrpdb, lrest) + lrpdbName
 
-	respData, err := NewCallLAPI(r, ctx, req, lrpdb, url, values, "POST")
-	if err != nil {
-		log.Error(err, "Failure NewCallLAPI( "+url+")", "err", err.Error())
-		return err
-	}
+		respData, err := NewCallAPISQL(r, ctx, req, lrpdb, url, values, "DELETE")
+		if err != nil {
+			log.Error(err, "Failure NewCallAPISQL( "+url+")", "err", err.Error())
+			return err
+		}
 
-	r.GetSqlCode(respData, &(lrpdb.Status.SqlCode))
-	globalsqlcode = lrpdb.Status.SqlCode
+		r.GetSqlCode(respData, &(lrpdb.Status.SqlCode))
+		globalsqlcode = lrpdb.Status.SqlCode
+		if lrpdb.Status.SqlCode != 0 {
+			lrpdb.Status.PDBBitMask = Bis(lrpdb.Status.PDBBitMask, FNALAE)
+			lrpdb.Status.PDBBitMaskStr = Bitmaskprint(lrpdb.Status.PDBBitMask)
+			oer := fmt.Sprintf("ORA-%d", lrpdb.Status.SqlCode)
+			lrpdb.Status.Msg = "delete:[" + oer + "]"
+			r.UpdateStatus(ctx, req, lrpdb)
+			return err
+		} else {
+			lrpdb.Status.PDBBitMask = Bis(lrpdb.Status.PDBBitMask, PDBDIC)
+			lrpdb.Status.PDBBitMaskStr = Bitmaskprint(lrpdb.Status.PDBBitMask)
+			r.UpdateStatus(ctx, req, lrpdb)
+		}
 
-	if lrpdb.Status.SqlCode != 0 {
-		log.Info("Plug database failure........:" + strconv.Itoa(lrpdb.Status.SqlCode))
-		err = fmt.Errorf("%v", lrpdb.Status.SqlCode)
-		return err
 	}
 
-	r.Recorder.Eventf(lrpdb, corev1.EventTypeNormal, "Created", "LRPDB '%s' plugged successfully", lrpdb.Spec.LRPDBName)
-
-	if lrest.Spec.DBServer != "" {
-		lrpdb.Status.ConnString = lrest.Spec.DBServer + ":" + strconv.Itoa(lrest.Spec.DBPort) + "/" + lrpdb.Spec.LRPDBName
-	} else {
-		log.Info("Parsing connectstring")
-		lrpdb.Status.ConnString = lrest.Spec.DBTnsurl
-		parseTnsAlias(&(lrpdb.Status.ConnString), &(lrpdb.Spec.LRPDBName))
-	}
+	log.Info("Successfully dropped LRPDB", "LRPDB Name", lrpdb.Spec.LRPDBName)
 
-	assertiveLpdbDeletion = lrpdb.Spec.AssertiveLrpdbDeletion
-	if lrpdb.Spec.AssertiveLrpdbDeletion == true {
-		r.Recorder.Eventf(lrpdb, corev1.EventTypeNormal, "Plug", "PDB '%s' assertive pdb deletion turned on", lrpdb.Spec.LRPDBName)
+	controllerutil.RemoveFinalizer(lrpdb, LRPDBFinalizer)
+	if err := r.Update(ctx, lrpdb); err != nil {
+		log.Info("Cannot remove finalizer")
+		return err
 	}
 
-	log.Info("Successfully plugged LRPDB", "LRPDB Name", lrpdb.Spec.LRPDBName)
-	r.getLRPDBState(ctx, req, lrpdb)
 	return nil
 }
 
 /*
-************************************************
-  - Unplug a LRPDB
+*********************************************************************
+  - DELETE PDB - DECLARATIVE APPROACH
 
-***********************************************
+*********************************************************************
 */
-func (r *LRPDBReconciler) unplugLRPDB(ctx context.Context, req ctrl.Request, lrpdb *dbapi.LRPDB) error {
 
-	log := r.Log.WithValues("unplugLRPDB", req.NamespacedName)
-	globalsqlcode = 0
+func (r *LRPDBReconciler) DeleteLRPDBDeclarative(ctx context.Context, req ctrl.Request, lrpdb *dbapi.LRPDB) error {
+	log := r.Log.WithValues("deleteLRPDBDeclaratve", req.NamespacedName)
 
 	var err error
-	var tde_Password string
-	var tde_Secret string
 
 	lrest, err := r.getLRESTResource(ctx, req, lrpdb)
 	if err != nil {
+		log.Info("Failure: Cannot get lrest info")
 		return err
 	}
 
-	values := map[string]string{
-		"method":      "UNPLUG",
-		"xmlFileName": lrpdb.Spec.XMLFileName,
-		"getScript":   strconv.FormatBool(*(lrpdb.Spec.GetScript))}
+	if lrpdb.Spec.ImperativeLrpdbDeletion == true {
+		/* Close the pdb if it's open */
+		if Bit(lrpdb.Status.PDBBitMask, PDBOPN) == true {
+			valuesclose := map[string]string{
+				"state":        "CLOSE",
+				"modifyOption": "IMMEDIATE",
+				"getScript":    "FALSE"}
+			lrpdbName := lrpdb.Spec.LRPDBName
+			url := r.BaseUrl(ctx, req, lrpdb, lrest) + lrpdbName
+			respData, err := NewCallAPISQL(r, ctx, req, lrpdb, url, valuesclose, "POST")
+			r.GetSqlCode(respData, &(lrpdb.Status.SqlCode))
+			if lrpdb.Status.SqlCode != 0 {
+				oer := fmt.Sprintf("ORA-%d", lrpdb.Status.SqlCode)
+				lrpdb.Status.Msg = "close:[" + oer + "]"
+				r.UpdateStatus(ctx, req, lrpdb)
+			}
+			if err != nil {
+				log.Info("Warning error closing lrpdb continue anyway")
+
+			}
+			lrpdb.Status.PDBBitMask = Bid(lrpdb.Status.PDBBitMask, PDBOPN)
+			lrpdb.Status.PDBBitMask = Bis(lrpdb.Status.PDBBitMask, PDBCLS)
+			lrpdb.Status.PDBBitMaskStr = Bitmaskprint(lrpdb.Status.PDBBitMask)
+			r.UpdateStatus(ctx, req, lrpdb)
 
-	if *(lrpdb.Spec.LTDEExport) {
-		// Get the TDE Password
-		tde_Password, err = r.getSecret(ctx, req, lrpdb, lrpdb.Spec.LTDEPassword.Secret.SecretName, lrpdb.Spec.LTDEPassword.Secret.Key)
-		if err != nil {
-			return err
-		}
-		tde_Secret, err = r.getSecret(ctx, req, lrpdb, lrpdb.Spec.LTDESecret.Secret.SecretName, lrpdb.Spec.LTDESecret.Secret.Key)
-		if err != nil {
-			return err
 		}
 
-		tde_Secret = tde_Secret[:len(tde_Secret)-1]
-		tde_Password = tde_Secret[:len(tde_Password)-1]
-		values["tde_Password"] = tde_Password
-		values["tdeKeystorePath"] = lrpdb.Spec.LTDEKeystorePath
-		values["tde_Secret"] = tde_Secret
-		values["tdeExport"] = strconv.FormatBool(*(lrpdb.Spec.LTDEExport))
-	}
+		values := map[string]string{
+			"action":    "INCLUDING",
+			"getScript": strconv.FormatBool(*(lrpdb.Spec.GetScript))}
 
-	url := r.BaseUrl(ctx, req, lrpdb, lrest) + lrpdb.Spec.LRPDBName + "/"
+		if lrpdb.Spec.DropAction != "" {
+			values["action"] = lrpdb.Spec.DropAction
+		}
 
-	log.Info("CallAPI(url)", "url", url)
-	lrpdb.Status.Phase = lrpdbPhaseUnplug
-	lrpdb.Status.Msg = "Waiting for LRPDB to be unplugged"
-	if err := r.Status().Update(ctx, lrpdb); err != nil {
-		log.Error(err, "Failed to update status for :"+lrpdb.Name, "err", err.Error())
-	}
-	respData, err := NewCallLAPI(r, ctx, req, lrpdb, url, values, "POST")
-	if err != nil {
-		log.Error(err, "Failure NewCallLAPI( "+url+")", "err", err.Error())
-		return err
-	}
+		lrpdbName := lrpdb.Spec.LRPDBName
+		url := r.BaseUrl(ctx, req, lrpdb, lrest) + lrpdbName
 
-	r.GetSqlCode(respData, &(lrpdb.Status.SqlCode))
+		respData, err := NewCallAPISQL(r, ctx, req, lrpdb, url, values, "DELETE")
+		if err != nil {
+			log.Error(err, "Failure NewCallAPISQL( "+url+")", "err", err.Error())
+			return err
+		}
 
-	if lrpdb.Status.SqlCode != 0 {
+		r.GetSqlCode(respData, &(lrpdb.Status.SqlCode))
 		globalsqlcode = lrpdb.Status.SqlCode
-
-		lrpdb.Status.Msg = lrpdb.Spec.LRPDBName + " database cannot be unplugged  "
-		log.Info(lrpdb.Spec.LRPDBName + " database cannot be unplugged  ")
-		if lrpdb.Status.SqlCode == 65170 {
-			log.Info(lrpdb.Spec.XMLFileName + " xml file already exists  ")
+		if lrpdb.Status.SqlCode != 0 {
+			lrpdb.Status.PDBBitMask = Bis(lrpdb.Status.PDBBitMask, FNALAE)
+			lrpdb.Status.PDBBitMaskStr = Bitmaskprint(lrpdb.Status.PDBBitMask)
+			oer := fmt.Sprintf("ORA-%d", lrpdb.Status.SqlCode)
+			lrpdb.Status.Msg = "delete:[" + oer + "]"
+			r.UpdateStatus(ctx, req, lrpdb)
+			return err
+		} else {
+			lrpdb.Status.PDBBitMask = Bis(lrpdb.Status.PDBBitMask, PDBDIC)
+			lrpdb.Status.PDBBitMaskStr = Bitmaskprint(lrpdb.Status.PDBBitMask)
+			r.UpdateStatus(ctx, req, lrpdb)
 		}
-
-		/*
-			err := r.Update(ctx, lrpdb)
-			if err != nil {
-				log.Info("Fail to update crd", "err", err.Error())
-				return err
-			}
-
-			if err := r.Status().Update(ctx, lrpdb); err != nil {
-				log.Error(err, "Failed to update status"+lrpdb.Name, "err", err.Error())
-				return err
-			}
-		*/
-
-		r.Recorder.Eventf(lrpdb, corev1.EventTypeNormal, "Unplugged", " ORA-%s ", strconv.Itoa(lrpdb.Status.SqlCode))
-		err = fmt.Errorf("%v", lrpdb.Status.SqlCode)
-		return err
 	}
+	log.Info("Successfully dropped LRPDB", "LRPDB Name", lrpdb.Spec.LRPDBName)
 
 	if controllerutil.ContainsFinalizer(lrpdb, LRPDBFinalizer) {
 		log.Info("Removing finalizer")
 		controllerutil.RemoveFinalizer(lrpdb, LRPDBFinalizer)
-		err = r.Update(ctx, lrpdb)
+		err := r.Update(ctx, lrpdb)
 		if err != nil {
 			log.Info("Could not remove finalizer", "err", err.Error())
 			return err
 		}
-		lrpdb.Status.Status = true
-		err = r.Delete(context.Background(), lrpdb, client.GracePeriodSeconds(1))
-		if err != nil {
-			log.Info("Could not delete LRPDB resource", "err", err.Error())
-			return err
-		}
 	}
 
-	r.Recorder.Eventf(lrpdb, corev1.EventTypeNormal, "Unplugged", "LRPDB '%s' unplugged successfully", lrpdb.Spec.LRPDBName)
-	globalsqlcode = 0
-	log.Info("Successfully unplugged LRPDB resource")
+	err = r.Delete(context.Background(), lrpdb, client.GracePeriodSeconds(1))
+	if err != nil {
+		log.Info("Could not delete LRPDB resource", "err", err.Error())
+		return err
+	}
+
 	return nil
 }
 
-/**************************************************
-Alter system LRPDB
-**************************************************/
-
-/**just push the trasnsaction **/
-func (r *LRPDBReconciler) alterSystemLRPDB(ctx context.Context, req ctrl.Request, lrpdb *dbapi.LRPDB) error {
+/*
+*********************************************************************
+  - CHECK BEFORE CLONING
 
-	log := r.Log.WithValues("alterSystemLRPDB", req.NamespacedName)
-	globalsqlcode = 0
+*********************************************************************
+*/
+func (r *LRPDBReconciler) checkPDBforCloninig(ctx context.Context, req ctrl.Request, targetPdbName string) (int, error) {
+	log := r.Log.WithValues("checkPDBforCloninig", req.NamespacedName)
+	var pdbCounter int
+	pdbCounter = 0
 
-	var err error
-	err = r.getLRPDBState(ctx, req, lrpdb)
+	lrpdbList := &dbapi.LRPDBList{}
+	listOpts := []client.ListOption{client.InNamespace(req.Namespace), client.MatchingFields{"spec.pdbName": targetPdbName}}
+	err := r.List(ctx, lrpdbList, listOpts...)
 	if err != nil {
-		if apierrors.IsNotFound(err) {
-			log.Info("Warning LRPDB does not exist", "LRPDB Name", lrpdb.Spec.LRPDBName)
-			return nil
-		}
-		return err
+		log.Info("Failed to list lrpdbs", "Namespace", req.Namespace, "Error", err)
+		return 0, err
 	}
-
-	lrest, err := r.getLRESTResource(ctx, req, lrpdb)
-	if err != nil {
-		log.Info("Cannot find LREST server")
-		return err
+	if len(lrpdbList.Items) == 0 {
+		log.Info("No pdbs  available")
+		return pdbCounter, err
 	}
 
-	/* alter system payload */
+	for _, p := range lrpdbList.Items {
+		fmt.Printf("DEBUGCLONE %s %s %d\n", p.Spec.LRPDBName, targetPdbName, pdbCounter)
+		if p.Spec.LRPDBName == targetPdbName {
+			log.Info("Found " + targetPdbName + " in the crd list")
+			if p.Status.OpenMode == "MOUNTED" {
+				log.Info("Cannot clone a mounted pdb")
+				return pdbCounter, err
+			}
+			pdbCounter++
+			fmt.Printf("DEBUGCLONE %s %s %d\n", p.Spec.LRPDBName, targetPdbName, pdbCounter)
+			return pdbCounter, err
+		}
 
-	values := map[string]string{
-		"state":                "ALTER",
-		"alterSystemParameter": lrpdb.Spec.AlterSystemParameter,
-		"alterSystemValue":     lrpdb.Spec.AlterSystemValue,
-		"parameterScope":       lrpdb.Spec.ParameterScope,
 	}
+	return pdbCounter, err
+}
 
-	lrpdbName := lrpdb.Spec.LRPDBName
-	url := r.BaseUrl(ctx, req, lrpdb, lrest) + lrpdbName
-	log.Info("alter system payload...:", "lrpdb.Spec.AlterSystemValue=", lrpdb.Spec.AlterSystemValue)
-	log.Info("alter system payload...:", "lrpdb.Spec.AlterSystemParameter=", lrpdb.Spec.AlterSystemParameter)
-	log.Info("alter system payload...:", "lrpdb.Spec.ParameterScope=", lrpdb.Spec.ParameterScope)
-	log.Info("alter system path.......:", "url=", url)
-
-	lrpdb.Status.Phase = lrpdbPhaseAlterPlug
-	lrpdb.Status.ModifyOption = lrpdb.Spec.AlterSystem + " " + lrpdb.Spec.ParameterScope
-	lrpdb.Status.Msg = "Waiting for LRPDB parameter to be modified"
-	if err := r.Status().Update(ctx, lrpdb); err != nil {
-		log.Error(err, "Failed to update lrpdb parameter  :"+lrpdb.Name, "err", err.Error())
-		return err
-	}
-
-	respData, err := NewCallLAPI(r, ctx, req, lrpdb, url, values, "POST")
-	if err != nil {
-		log.Error(err, "Failure NewCallLAPI( "+url+")", "err", err.Error())
-		return err
-	}
-
-	r.GetSqlCode(respData, &(lrpdb.Status.SqlCode))
-	globalsqlcode = lrpdb.Status.SqlCode
-
-	if lrpdb.Status.SqlCode == 0 {
-		r.Recorder.Eventf(lrpdb, corev1.EventTypeNormal, "Altered", "LRPDB(name,cmd,sqlcode) '%s %s %d' ", lrpdb.Spec.LRPDBName, lrpdb.Spec.AlterSystem, lrpdb.Status.SqlCode)
-		lrpdb.Status.Phase = lrpdbPhaseReady
-		lrpdb.Spec.Action = "Noaction"
-		lrpdb.Status.Action = "Noaction"
-		lrpdb.Status.Status = true
+/*
+*********************************************************************
+  - CLONE PDB
 
-		if err := r.Update(ctx, lrpdb); err != nil {
-			log.Error(err, "Cannot rest lrpdb Spec  :"+lrpdb.Name, "err", err.Error())
-			return err
-		}
+*********************************************************************
+*/
+func (r *LRPDBReconciler) CloneLRPDB(ctx context.Context, req ctrl.Request, lrpdb *dbapi.LRPDB) error {
 
-		if err := r.Status().Update(ctx, lrpdb); err != nil {
-			log.Error(err, "Failed to update lrpdb parameter  :"+lrpdb.Name, "err", err.Error())
-			return err
-		}
+	log := r.Log.WithValues("CloneLRPDB", req.NamespacedName)
+	if lrpdb.Spec.LRPDBName == lrpdb.Spec.SrcLRPDBName {
+		log.Info("Invalid Name")
 		return nil
-
-	}
-
-	if lrpdb.Status.SqlCode != 0 {
-		r.Recorder.Eventf(lrpdb, corev1.EventTypeWarning, "alter system failure", "LRPDB(name,cmd,sqlcode) '%s %s %d' ", lrpdb.Spec.LRPDBName, lrpdb.Spec.AlterSystem, lrpdb.Status.SqlCode)
-		erralter := errors.New("Error: cannot modify parameter")
-
-		lrpdb.Status.ModifyOption = lrpdb.Spec.AlterSystem + " " + lrpdb.Spec.ParameterScope
-		lrpdb.Status.Msg = "Failed: cannot modify system parameter"
-		lrpdb.Status.Phase = lrpdbPhaseStatus
-		lrpdb.Spec.AlterSystem = ""
-		lrpdb.Spec.ParameterScope = ""
-		lrpdb.Spec.Action = "Noaction"
-		if err := r.Update(ctx, lrpdb); err != nil {
-			log.Error(err, "Cannot rest lrpdb Spec  :"+lrpdb.Name, "err", err.Error())
-			return err
-		}
-
-		if err := r.Status().Update(ctx, lrpdb); err != nil {
-			log.Error(err, "Failed to update lrpdb parameter  :"+lrpdb.Name, "err", err.Error())
-			return err
-		}
-		return erralter
 	}
 
-	lrpdb.Status.Status = false
+	globalsqlcode = 0
+	var err error
 
-	if err := r.Status().Update(ctx, lrpdb); err != nil {
-		log.Error(err, "Failed to update lrpdb parameter  :"+lrpdb.Name, "err", err.Error())
+	lrest, err := r.getLRESTResource(ctx, req, lrpdb)
+	if err != nil {
 		return err
 	}
-	return nil
-}
-
-/*************************************************
- * Modify a LRPDB state
- ***********************************************/
-func (r *LRPDBReconciler) modifyLRPDB(ctx context.Context, req ctrl.Request, lrpdb *dbapi.LRPDB) error {
-
-	log := r.Log.WithValues("modifyLRPDB", req.NamespacedName)
-	r.Recorder.Eventf(lrpdb, corev1.EventTypeNormal, "Modify", "Info:'%s %s %s' ", lrpdb.Spec.LRPDBName, lrpdb.Spec.LRPDBState, lrpdb.Status.ModifyOption)
 
-	var err error
+	/* Prevent cloning an existing lrpdb */
 	err = r.getLRPDBState(ctx, req, lrpdb)
 	if err != nil {
-		if lrpdb.Status.SqlCode == 1403 {
-			// BUG 36752465
-			// We have to handle to verify a non existings results using both
-			log.Info("Database does not exists ")
-			r.Delete(context.Background(), lrpdb, client.GracePeriodSeconds(1))
-			return nil
-		}
 		if apierrors.IsNotFound(err) {
-			log.Info("Warning LRPDB does not exist", "LRPDB Name", lrpdb.Spec.LRPDBName)
-			r.Delete(context.Background(), lrpdb, client.GracePeriodSeconds(1))
-			return nil
+			log.Info("Check LRPDB not existence completed", "LRPDB Name", lrpdb.Spec.LRPDBName)
 		}
-		return err
-	}
 
-	/* This scenario is managed by webhook acceptance test ... leave it here anyway */
-	if lrpdb.Status.OpenMode == "READ WRITE" && lrpdb.Spec.LRPDBState == "OPEN" && lrpdb.Spec.ModifyOption == "READ WRITE" {
-		/* Database is already open no action required */
+	} else {
+		log.Info("Database already exists ", "LRPDB Name", lrpdb.Spec.LRPDBName)
 		return nil
 	}
 
-	if lrpdb.Status.OpenMode == "MOUNTED" && lrpdb.Spec.LRPDBState == "CLOSE" && lrpdb.Spec.ModifyOption == "IMMEDIATE" {
-		/* Database is already close no action required */
+	values := map[string]string{
+		"method":           "CLONE",
+		"pdb_name":         lrpdb.Spec.LRPDBName,
+		"srcPdbName":       lrpdb.Spec.SrcLRPDBName,
+		"reuseTempFile":    strconv.FormatBool(*(lrpdb.Spec.ReuseTempFile)),
+		"unlimitedStorage": strconv.FormatBool(*(lrpdb.Spec.UnlimitedStorage)),
+		"getScript":        strconv.FormatBool(*(lrpdb.Spec.GetScript))}
+
+	//* check the existence of lrpdb.Spec.SrcLRPDBName //
+	var allErrs field.ErrorList
+	pdbCounter, _ := r.checkPDBforCloninig(ctx, req, lrpdb.Spec.SrcLRPDBName)
+	if pdbCounter == 0 {
+		log.Info("target pdb " + lrpdb.Spec.SrcLRPDBName + " does not exists or is not open")
+		allErrs = append(allErrs, field.NotFound(field.NewPath("Spec").Child("LRPDBName"), " "+lrpdb.Spec.LRPDBName+" does not exist :  failure"))
+		r.Delete(context.Background(), lrpdb, client.GracePeriodSeconds(1))
 		return nil
 	}
 
-	lrest, err := r.getLRESTResource(ctx, req, lrpdb)
-	if err != nil {
-		return err
+	if lrpdb.Spec.SparseClonePath != "" {
+		values["sparseClonePath"] = lrpdb.Spec.SparseClonePath
 	}
-
-	values := map[string]string{}
-	if lrpdb.Spec.LRPDBState == "OPEN" || lrpdb.Spec.LRPDBState == "CLOSE" {
-		values = map[string]string{
-			"state":        lrpdb.Spec.LRPDBState,
-			"modifyOption": lrpdb.Spec.ModifyOption,
-			"getScript":    strconv.FormatBool(*(lrpdb.Spec.GetScript))}
-		if lrpdb.Spec.LRPDBState == "OPEN" || lrpdb.Spec.LRPDBState == "CLOSE" {
-			log.Info("MODIFY LRPDB", "lrpdb.Spec.LRPDBState=", lrpdb.Spec.LRPDBState, "lrpdb.Spec.ModifyOption=", lrpdb.Spec.ModifyOption)
-			log.Info("LRPDB STATUS OPENMODE", "lrpdb.Status.OpenMode=", lrpdb.Status.OpenMode)
-		}
+	if lrpdb.Spec.FileNameConversions != "" {
+		values["fileNameConversions"] = lrpdb.Spec.FileNameConversions
 	}
-
-	lrpdbName := lrpdb.Spec.LRPDBName
-	url := r.BaseUrl(ctx, req, lrpdb, lrest) + lrpdbName + "/status/"
-
-	lrpdb.Status.Phase = lrpdbPhaseModify
-	if lrpdb.Spec.LRPDBState == "OPEN" || lrpdb.Spec.LRPDBState == "CLOSE" {
-		lrpdb.Status.ModifyOption = lrpdb.Spec.LRPDBState + "-" + lrpdb.Spec.ModifyOption
+	if lrpdb.Spec.TotalSize != "" {
+		values["totalSize"] = lrpdb.Spec.TotalSize
 	}
-
-	lrpdb.Status.Msg = "Waiting for LRPDB to be modified"
-	if err := r.Status().Update(ctx, lrpdb); err != nil {
-		log.Error(err, "Failed to update status for :"+lrpdb.Name, "err", err.Error())
+	if lrpdb.Spec.TempSize != "" {
+		values["tempSize"] = lrpdb.Spec.TempSize
 	}
 
-	respData, err := NewCallLAPI(r, ctx, req, lrpdb, url, values, "POST")
+	url := r.BaseUrl(ctx, req, lrpdb, lrest) + lrpdb.Spec.LRPDBName + "/"
+
+	lrpdb.Status.Msg = "clone:[op. in progress]"
+	r.UpdateStatus(ctx, req, lrpdb)
+
+	respData, err := NewCallAPISQL(r, ctx, req, lrpdb, url, values, "POST")
 	if err != nil {
-		log.Error(err, "Failure NewCallLAPI( "+url+")", "err", err.Error())
+		log.Error(err, "Failure NewCallAPISQL( "+url+")", "err", err.Error())
 		return err
 	}
 
 	r.GetSqlCode(respData, &(lrpdb.Status.SqlCode))
 	globalsqlcode = lrpdb.Status.SqlCode
+	r.UpdateStatus(ctx, req, lrpdb)
+
+	if lrpdb.Status.SqlCode != 0 {
+		lrpdb.Status.PDBBitMask = Bis(lrpdb.Status.PDBBitMask, PDBCRE)
+		lrpdb.Status.PDBBitMaskStr = Bitmaskprint(lrpdb.Status.PDBBitMask)
+		oer := fmt.Sprintf("ORA-%d", lrpdb.Status.SqlCode)
+		lrpdb.Status.Msg = "open:[" + oer + "]"
+		r.UpdateStatus(ctx, req, lrpdb)
+		return errors.New(oer)
 
-	if lrpdb.Spec.LRPDBState == "OPEN" || lrpdb.Spec.LRPDBState == "CLOSE" {
-		r.Recorder.Eventf(lrpdb, corev1.EventTypeNormal, "Modified", " '%s' modified successfully '%s'", lrpdb.Spec.LRPDBName, lrpdb.Spec.LRPDBState)
 	}
 
+	r.Recorder.Eventf(lrpdb, corev1.EventTypeNormal, "Created", "LRPDB '%s' cloned successfully", lrpdb.Spec.LRPDBName)
+	lrpdb.Status.TotalSize = r.GetPdbSize(ctx, req, lrpdb, lrpdb.Spec.SrcLRPDBName)
+
 	if lrest.Spec.DBServer != "" {
 		lrpdb.Status.ConnString = lrest.Spec.DBServer + ":" + strconv.Itoa(lrest.Spec.DBPort) + "/" + lrpdb.Spec.LRPDBName
 	} else {
-		lrpdb.Status.ConnString = lrest.Spec.DBTnsurl
+		lrpdb.Status.ConnString = strings.TrimSpace(lrest.Spec.DBTnsurl)
 		parseTnsAlias(&(lrpdb.Status.ConnString), &(lrpdb.Spec.LRPDBName))
 
 	}
+	imperativeLpdbDeletion = lrpdb.Spec.ImperativeLrpdbDeletion
+	if lrpdb.Spec.ImperativeLrpdbDeletion == true {
+		r.Recorder.Eventf(lrpdb, corev1.EventTypeNormal, "Clone", "PDB '%s' imperative pdb deletion turned on", lrpdb.Spec.LRPDBName)
+	}
 
-	lrpdb.Status.Msg = "alter lrpdb completed"
-	lrpdb.Status.Status = false
-	lrpdb.Status.Phase = lrpdbPhaseReady
-
-	log.Info("Successfully modified LRPDB state", "LRPDB Name", lrpdb.Spec.LRPDBName)
+	log.Info("Cloned LRPDB successfully", "Source LRPDB Name", lrpdb.Spec.SrcLRPDBName, "Clone LRPDB Name", lrpdb.Spec.LRPDBName)
+	r.getLRPDBState(ctx, req, lrpdb)
 
-	/* After database openining we reapply the config map if warning is present */
-	if lrpdb.Spec.LRPDBState == "OPEN" {
-		if bit(lrpdb.Status.Bitstat, MPWARN|MPINIT) {
-			log.Info("re-apply config map")
-			r.ApplyConfigMap(ctx, req, lrpdb)
+	lrpdb.Status.PDBBitMask = Bis(lrpdb.Status.PDBBitMask, PDBCRT)
+	lrpdb.Status.PDBBitMaskStr = Bitmaskprint(lrpdb.Status.PDBBitMask)
+	lrpdb.Status.Msg = "clone:[op. completed]"
+	r.UpdateStatus(ctx, req, lrpdb)
 
-		}
-	}
-	if err := r.Status().Update(ctx, lrpdb); err != nil {
-		log.Error(err, "Failed to update status for :"+lrpdb.Name, "err", err.Error())
+	/* If we clone we don't have to re-exec sql/plsql */
+	lrpdb.Spec.PLSQLBlock = ""
+	if err := r.Update(ctx, lrpdb); err != nil {
+		log.Error(err, "Failred to update lrpdb Spec  :"+lrpdb.Name, "err", err.Error())
+		return err
 	}
+	log.Info("plsql block reset :[" + lrpdb.Spec.PLSQLBlock + "]")
 
-	//r.getLRPDBState(ctx, req, lrpdb)
 	return nil
 }
 
 /*
-************************************************
-  - Get LRPDB State
-    /***********************************************
+**************************************************************
+  - Check for Duplicate LRPDB. Same LRPDB name on the same LREST resource.
+  - Decomissioned function
+**************************************************************
 */
-func (r *LRPDBReconciler) getLRPDBState(ctx context.Context, req ctrl.Request, lrpdb *dbapi.LRPDB) error {
+/*
+func (r *LRPDBReconciler) checkDuplicateLRPDB(ctx context.Context, req ctrl.Request, lrpdb *dbapi.LRPDB) error {
 
-	log := r.Log.WithValues("getLRPDBState", req.NamespacedName)
+	log := r.Log.WithValues("checkDuplicateLRPDB", req.NamespacedName)
 
-	var err error
+	// Name of the LREST CR that holds the LREST container
+	lrestResName := lrpdb.Spec.CDBResName
+	//lrestame := lrpdb.Spec.LRESTName
 
-	lrest, err := r.getLRESTResource(ctx, req, lrpdb)
-	if err != nil {
-		return err
-	}
+	// Name of the LRPDB resource
+	lrpdbResName := lrpdb.Spec.LRPDBName
 
-	lrpdbName := lrpdb.Spec.LRPDBName
-	url := r.BaseUrl(ctx, req, lrpdb, lrest) + lrpdbName + "/status/"
+	lrpdbList := &dbapi.LRPDBList{}
 
-	lrpdb.Status.Msg = "Getting LRPDB state"
-	fmt.Print("============================\n")
-	fmt.Println(lrpdb.Status)
-	fmt.Print("============================\n")
-	if err := r.Status().Update(ctx, lrpdb); err != nil {
-		log.Error(err, "Failed to update status for :"+lrpdb.Name, "err", err.Error())
-	}
+	listOpts := []client.ListOption{client.InNamespace(req.Namespace), client.MatchingFields{"spec.pdbName": lrpdbResName}}
 
-	respData, err := NewCallLAPI(r, ctx, req, lrpdb, url, nil, "GET")
+	// List retrieves list of objects for a given namespace and list options.
+	err := r.List(ctx, lrpdbList, listOpts...)
 	if err != nil {
-		log.Info("Begin respData")
-		log.Info(respData)
-		log.Info("End respData")
-		lrpdb.Status.Msg = "getLRPDBState failure : check lrpdb status"
-		lrpdb.Status.Status = false
-		log.Error(err, "Failure NewCallLAPI( "+url+")", "err", err.Error())
+		log.Info("Failed to list lrpdbs", "Namespace", req.Namespace, "Error", err)
 		return err
 	}
 
-	r.GetSqlCode(respData, &(lrpdb.Status.SqlCode))
-	globalsqlcode = lrpdb.Status.SqlCode
-
-	if lrpdb.Status.SqlCode == 1403 {
-		lrpdb.Status.OpenMode = "unknown"
-		lrpdb.Status.Msg = "check lrpdb status"
-		lrpdb.Status.Status = false
-		return errors.New("NO_DATA_FOUND")
-	}
-
-	var objmap map[string]interface{}
-	if err := json.Unmarshal([]byte(respData), &objmap); err != nil {
-		log.Error(err, "Failed to get state of LRPDB :"+lrpdbName, "err", err.Error())
+	if len(lrpdbList.Items) == 0 {
+		log.Info("No lrpdbs found for LRPDBName: "+lrpdbResName, "CDBResName", lrestResName)
+		return nil
 	}
-	lrpdb.Status.OpenMode = objmap["open_mode"].(string)
-
-	/*	if lrpdb.Status.Phase == lrpdbPhaseCreate && sqlcode == 1403 {
-
-			if lrpdb.Status.OpenMode == "READ WRITE" {
-				err := r.mapLRPDB(ctx, req, lrpdb)
-				if err != nil {
-					log.Info("Fail to Map resource getting LRPDB state")
-				}
-			}
-
-			if lrpdb.Status.OpenMode == "MOUNTED" {
-				err := r.mapLRPDB(ctx, req, lrpdb)
-				if err != nil {
-					log.Info("Fail to Map resource getting LRPDB state")
-				}
-			}
-	       }*/
 
-	lrpdb.Status.Msg = "check lrpdb ok"
-	if err := r.Status().Update(ctx, lrpdb); err != nil {
-		log.Error(err, "Failed to update status for :"+lrpdb.Name, "err", err.Error())
+	for _, p := range lrpdbList.Items {
+		log.Info("Found LRPDB: " + p.Name)
+		if (p.Name != lrpdb.Name) && (p.Spec.CDBResName == lrestResName) {
+			log.Info("Duplicate LRPDB found")
+			lrpdb.Status.Msg = "LRPDB Resource already exists"
+			lrpdb.Status.Status = false
+			return errors.New("Duplicate LRPDB found")
+		}
 	}
-
-	log.Info("Successfully obtained LRPDB state", "LRPDB Name", lrpdb.Spec.LRPDBName, "State", objmap["open_mode"].(string))
 	return nil
 }
+*/
 
 /*
-************************************************
-  - Map Database LRPDB to Kubernetes LRPDB CR
+*********************************************************************
+  - GET THE CUSTOM RESOURCE FOR THE LREST MENTIONED IN THE LRPDB SPEC
 
-/***********************************************
+*********************************************************************
 */
-func (r *LRPDBReconciler) mapLRPDB(ctx context.Context, req ctrl.Request, lrpdb *dbapi.LRPDB) error {
+func (r *LRPDBReconciler) getLRESTResource(ctx context.Context, req ctrl.Request, lrpdb *dbapi.LRPDB) (dbapi.LREST, error) {
 
-	log := r.Log.WithValues("mapLRPDB", req.NamespacedName)
+	log := r.Log.WithValues("getLRESTResource", req.NamespacedName)
 
-	var err error
+	var lrest dbapi.LREST // LREST CR corresponding to the LREST name specified in the LRPDB spec
 
-	lrest, err := r.getLRESTResource(ctx, req, lrpdb)
-	if err != nil {
-		return err
-	}
+	// Name of the LREST CR that holds the LREST container
+	lrestResName := lrpdb.Spec.CDBResName
+	lrestNamespace := lrpdb.Spec.CDBNamespace
 
-	log.Info("callapi get to map lrpdb")
+	log.Info("lrestResName...........:" + lrestResName)
+	log.Info("lrestNamespace.........:" + lrestNamespace)
 
-	lrpdbName := lrpdb.Spec.LRPDBName
-	url := r.BaseUrl(ctx, req, lrpdb, lrest) + lrpdbName
-	log.Info("DEBUG NEW URL " + url)
+	// Get LREST CR corresponding to the LREST name specified in the LRPDB spec
+	err := r.Get(context.Background(), client.ObjectKey{
+		Namespace: lrestNamespace,
+		Name:      lrestResName,
+	}, &lrest)
 
-	respData, err := NewCallLAPI(r, ctx, req, lrpdb, url, nil, "GET")
 	if err != nil {
-		log.Error(err, "Failure NewCallLAPI( "+url+")", "err", err.Error())
-		return err
+		log.Info("Failed to get CRD for LREST", "Name", lrestResName, "Namespace", lrestNamespace, "Error", err.Error())
+		lrpdb.Status.Msg = "Unable to get CRD for LREST : " + lrestResName
+		r.Status().Update(ctx, lrpdb)
+		return lrest, err
 	}
 
-	var objmap map[string]interface{}
-	if err := json.Unmarshal([]byte(respData), &objmap); err != nil {
-		log.Error(err, "Failed json.Unmarshal :"+lrpdbName, "err", err.Error())
-	}
+	return lrest, nil
+}
 
-	//fmt.Printf("%+v\n", objmap)
-	totSizeInBytes := objmap["total_size"].(float64)
-	totSizeInGB := totSizeInBytes / 1024 / 1024 / 1024
+/*
+*********************************************************************
+  - GET THE LREST POD FOR THE LREST MENTIONED IN THE LRPDB SPEC
+  - Decommissione function
+*********************************************************************
+*/
+/*
+func (r *LRPDBReconciler) getLRESTPod(ctx context.Context, req ctrl.Request, lrpdb *dbapi.LRPDB) (corev1.Pod, error) {
 
-	lrpdb.Status.OpenMode = objmap["open_mode"].(string)
-	lrpdb.Status.TotalSize = fmt.Sprintf("%4.2f", totSizeInGB) + "G"
-	assertiveLpdbDeletion = lrpdb.Spec.AssertiveLrpdbDeletion
-	if lrpdb.Spec.AssertiveLrpdbDeletion == true {
-		r.Recorder.Eventf(lrpdb, corev1.EventTypeNormal, "Map", "PDB '%s' assertive pdb deletion turned on", lrpdb.Spec.LRPDBName)
-	}
+	log := r.Log.WithValues("getLRESTPod", req.NamespacedName)
 
-	if lrest.Spec.DBServer != "" {
-		lrpdb.Status.ConnString = lrest.Spec.DBServer + ":" + strconv.Itoa(lrest.Spec.DBPort) + "/" + lrpdb.Spec.LRPDBName
-	} else {
-		lrpdb.Status.ConnString = lrest.Spec.DBTnsurl
-		parseTnsAlias(&(lrpdb.Status.ConnString), &(lrpdb.Spec.LRPDBName))
-	}
+	var lrestPod corev1.Pod // LREST Pod container with connection to the concerned LREST
 
-	lrpdb.Status.Phase = lrpdbPhaseReady
+	// Name of the LREST CR that holds the LREST container
+	lrestResName := lrpdb.Spec.CDBResName
 
-	if err := r.Status().Update(ctx, lrpdb); err != nil {
-		log.Error(err, "Failed to update status for :"+lrpdb.Name, "err", err.Error())
+	// Get LREST Pod associated with the LREST Name specified in the LRPDB Spec
+	err := r.Get(context.Background(), client.ObjectKey{
+		Namespace: req.Namespace,
+		Name:      lrestResName + "-lrest",
+	}, &lrestPod)
+
+	if err != nil {
+		log.Info("Failed to get Pod for LREST", "Name", lrestResName, "Namespace", req.Namespace, "Error", err.Error())
+		lrpdb.Status.Msg = "Unable to get LREST Pod for LREST : " + lrestResName
+		return lrestPod, err
 	}
 
-	log.Info("Successfully mapped LRPDB to Kubernetes resource", "LRPDB Name", lrpdb.Spec.LRPDBName)
-	lrpdb.Status.Status = true
-	return nil
+	log.Info("Found LREST Pod for LREST", "Name", lrestResName, "Pod Name", lrestPod.Name, "LREST Container hostname", lrestPod.Spec.Hostname)
+	return lrestPod, nil
 }
+*/
 
 /*
-************************************************
-  - Delete a LRPDB
-    /***********************************************
+*********************************************************************
+  - GET SECRET KEY FOR A SECRET NAME
+
+*********************************************************************
 */
-func (r *LRPDBReconciler) deleteLRPDB(ctx context.Context, req ctrl.Request, lrpdb *dbapi.LRPDB) error {
+func (r *LRPDBReconciler) getSecret(ctx context.Context, req ctrl.Request, lrpdb *dbapi.LRPDB, secretName string, keyName string) (string, error) {
 
-	log := r.Log.WithValues("deleteLRPDB", req.NamespacedName)
+	log := r.Log.WithValues("getSecret", req.NamespacedName)
 
-	errstate := r.getLRPDBState(ctx, req, lrpdb)
-	if errstate != nil {
-		if lrpdb.Status.SqlCode == 1403 {
-			// BUG 36752336:
-			log.Info("Database does not exists ")
-			r.Delete(context.Background(), lrpdb, client.GracePeriodSeconds(1))
-			return nil
-		}
-		if apierrors.IsNotFound(errstate) {
-			log.Info("Warning LRPDB does not exist", "LRPDB Name", lrpdb.Spec.LRPDBName)
-			r.Delete(context.Background(), lrpdb, client.GracePeriodSeconds(1))
-			return nil
+	secret := &corev1.Secret{}
+	err := r.Get(ctx, types.NamespacedName{Name: secretName, Namespace: lrpdb.Namespace}, secret)
+	if err != nil {
+		if apierrors.IsNotFound(err) {
+			log.Info("Secret not found:" + secretName)
+			lrpdb.Status.Msg = "Secret not found:" + secretName
+			return "", err
 		}
-		log.Error(errstate, "Failed to update status for :"+lrpdb.Name, "err", errstate.Error())
-		return errstate
-		//* if the pdb does not exists delete the crd *//
-
+		log.Error(err, "Unable to get the secret.")
+		return "", err
 	}
 
-	if lrpdb.Status.OpenMode == "READ WRITE" {
+	return string(secret.Data[keyName]), nil
+}
 
-		errdel := errors.New("pdb is open cannot delete it")
-		log.Info("LRPDB is open in read write cannot drop ")
-		lrpdb.Status.Msg = "LRPDB is open in read write cannot drop "
-		if err := r.Status().Update(ctx, lrpdb); err != nil {
-			log.Error(err, "Failed to update status for :"+lrpdb.Name, "err", err.Error())
-		}
+/*
+*********************************************************************
+  - CREATE PDB
 
-		return errdel
-	}
+*********************************************************************
+*/
+func (r *LRPDBReconciler) CreateLRPDB(ctx context.Context, req ctrl.Request, lrpdb *dbapi.LRPDB) error {
 
-	err := r.deleteLRPDBInstance(req, ctx, lrpdb)
+	log := r.Log.WithValues("CreateLRPDB", req.NamespacedName)
+	log.Info("call  getLRESTResource \n")
+	lrest, err := r.getLRESTResource(ctx, req, lrpdb)
 	if err != nil {
-		log.Info("Could not delete LRPDB", "LRPDB Name", lrpdb.Spec.LRPDBName, "err", err.Error())
 		return err
 	}
+	/* If it's not created by lrest autodiscover */
+	if Bit(lrpdb.Status.PDBBitMask, PDBAUT) == false && lrpdb.Spec.PDBBitMask == 0 {
 
-	if controllerutil.ContainsFinalizer(lrpdb, LRPDBFinalizer) {
-		log.Info("Removing finalizer")
-		controllerutil.RemoveFinalizer(lrpdb, LRPDBFinalizer)
-		err := r.Update(ctx, lrpdb)
+		var err error
+		var tde_Password string
+		var tde_Secret string
+
+		AutoDiscover := lrest.Spec.PdbAutoDiscover
+		err = r.AutoDiscoverActivation(ctx, req, lrpdb, false)
+
+		/*** reset sqlcode***/
+		lrpdb.Status.SqlCode = 0
+
+		lrpdbAdminName, err := r.getEncriptedSecret(ctx, req, lrpdb, lrpdb.Spec.AdminpdbUser.Secret.SecretName, lrpdb.Spec.AdminpdbUser.Secret.Key, lrpdb.Spec.LRPDBPriKey.Secret.SecretName, lrpdb.Spec.LRPDBPriKey.Secret.Key)
 		if err != nil {
-			log.Info("Could not remove finalizer", "err", err.Error())
+			log.Error(err, "Unable to find pdb admin user ")
+			_ = r.AutoDiscoverActivation(ctx, req, lrpdb, AutoDiscover)
 			return err
 		}
-		lrpdb.Status.Status = true
-		err = r.Delete(context.Background(), lrpdb, client.GracePeriodSeconds(1))
+
+		lrpdbAdminPwd, err := r.getEncriptedSecret(ctx, req, lrpdb, lrpdb.Spec.AdminpdbPass.Secret.SecretName, lrpdb.Spec.AdminpdbPass.Secret.Key, lrpdb.Spec.LRPDBPriKey.Secret.SecretName, lrpdb.Spec.LRPDBPriKey.Secret.Key)
+
 		if err != nil {
-			log.Info("Could not delete LRPDB resource", "err", err.Error())
+			log.Error(err, "Unable to find pdb admin password ")
+			_ = r.AutoDiscoverActivation(ctx, req, lrpdb, AutoDiscover)
 			return err
 		}
-	}
-
-	r.Recorder.Eventf(lrpdb, corev1.EventTypeNormal, "Deleted", "LRPDB '%s' dropped successfully", lrpdb.Spec.LRPDBName)
-
-	log.Info("Successfully deleted LRPDB resource")
-	return nil
-}
-
-/*
-************************************************
-  - Check LRPDB deletion
-    /***********************************************
-*/
-func (r *LRPDBReconciler) manageLRPDBDeletion(ctx context.Context, req ctrl.Request, lrpdb *dbapi.LRPDB) error {
-	log := r.Log.WithValues("manageLRPDBDeletion", req.NamespacedName)
-
-	// Check if the LRPDB instance is marked to be deleted, which is
-	// indicated by the deletion timestamp being set.
-	isLRPDBMarkedToBeDeleted := lrpdb.GetDeletionTimestamp() != nil
-	if isLRPDBMarkedToBeDeleted {
-		log.Info("Marked to be deleted")
-		lrpdb.Status.Phase = lrpdbPhaseDelete
-		lrpdb.Status.Status = true
-		r.Status().Update(ctx, lrpdb)
 
-		if controllerutil.ContainsFinalizer(lrpdb, LRPDBFinalizer) {
-			// Remove LRPDBFinalizer. Once all finalizers have been
-			// removed, the object will be deleted.
-			log.Info("Removing finalizer")
-			controllerutil.RemoveFinalizer(lrpdb, LRPDBFinalizer)
-			err := r.Update(ctx, lrpdb)
+		values := map[string]string{
+			"method":              "CREATE",
+			"pdb_name":            lrpdb.Spec.LRPDBName,
+			"adminName":           lrpdbAdminName,
+			"adminPwd":            lrpdbAdminPwd,
+			"fileNameConversions": lrpdb.Spec.FileNameConversions,
+			"reuseTempFile":       strconv.FormatBool(*(lrpdb.Spec.ReuseTempFile)),
+			"unlimitedStorage":    strconv.FormatBool(*(lrpdb.Spec.UnlimitedStorage)),
+			"totalSize":           lrpdb.Spec.TotalSize,
+			"tempSize":            lrpdb.Spec.TempSize,
+			"getScript":           strconv.FormatBool(*(lrpdb.Spec.GetScript))}
+
+		fmt.Printf("===== PAYLOAD ===\n")
+		fmt.Print(" method ", values["method"], "\n")
+		fmt.Print(" pdb_name ", values["pdb_name"], "\n")
+		fmt.Print(" adminName ", values["adminName"], "\n")
+		fmt.Print(" adminPwd --------------\n")
+		fmt.Print(" fileNameConversions ", values["fileNameConversions"], "\n")
+		fmt.Print(" unlimitedStorage ", values["unlimitedStorage"], "\n")
+		fmt.Print(" reuseTempFile ", values["reuseTempFile"], "\n")
+		fmt.Print(" tempSize ", values["tempSize"], "\n")
+		fmt.Print(" totalSize ", values["totalSize"], "\n")
+		fmt.Print(" getScript ", values["getScript"], "\n")
+
+		if *(lrpdb.Spec.LTDEImport) {
+			tde_Password, err = r.getSecret(ctx, req, lrpdb, lrpdb.Spec.LTDEPassword.Secret.SecretName, lrpdb.Spec.LTDEPassword.Secret.Key)
 			if err != nil {
-				log.Info("Could not remove finalizer", "err", err.Error())
+				_ = r.AutoDiscoverActivation(ctx, req, lrpdb, AutoDiscover)
 				return err
 			}
-			log.Info("Successfully removed LRPDB resource")
-			return nil
+			tde_Secret, err = r.getSecret(ctx, req, lrpdb, lrpdb.Spec.LTDESecret.Secret.SecretName, lrpdb.Spec.LTDESecret.Secret.Key)
+			if err != nil {
+				_ = r.AutoDiscoverActivation(ctx, req, lrpdb, AutoDiscover)
+				return err
+			}
+
+			tde_Secret = tde_Secret[:len(tde_Secret)-1]
+			tde_Password = tde_Secret[:len(tde_Password)-1]
+			values["tde_Password"] = tde_Password
+			values["tdeKeystorePath"] = lrpdb.Spec.LTDEKeystorePath
+			values["tde_Secret"] = tde_Secret
 		}
-	}
 
-	// Add finalizer for this CR
-	if !controllerutil.ContainsFinalizer(lrpdb, LRPDBFinalizer) {
-		log.Info("Adding finalizer")
-		controllerutil.AddFinalizer(lrpdb, LRPDBFinalizer)
-		err := r.Update(ctx, lrpdb)
+		url := r.BaseUrl(ctx, req, lrpdb, lrest)
+		fmt.Print("============================================================\n")
+		fmt.Print(url)
+		fmt.Print("\n============================================================\n")
+		lrpdb.Status.Msg = "create:[op in progress]"
+
+		r.UpdateStatus(ctx, req, lrpdb)
+
+		respData, err := NewCallAPISQL(r, ctx, req, lrpdb, url, values, "POST")
 		if err != nil {
-			log.Info("Could not add finalizer", "err", err.Error())
+			log.Error(err, "Failure NewCallAPISQL( "+url+")", "err", err.Error())
+			_ = r.AutoDiscoverActivation(ctx, req, lrpdb, AutoDiscover)
 			return err
 		}
-		lrpdb.Status.Status = false
+
+		r.GetSqlCode(respData, &(lrpdb.Status.SqlCode))
+		globalsqlcode = lrpdb.Status.SqlCode
+		if lrpdb.Status.SqlCode != 0 {
+			lrpdb.Status.PDBBitMask = Bis(lrpdb.Status.PDBBitMask, PDBCRE)
+			lrpdb.Status.PDBBitMaskStr = Bitmaskprint(lrpdb.Status.PDBBitMask)
+			oer := fmt.Sprintf("ORA-%d", lrpdb.Status.SqlCode)
+			lrpdb.Status.Msg = "create:[" + oer + "]"
+			r.UpdateStatus(ctx, req, lrpdb)
+			return errors.New(oer)
+		} else {
+			lrpdb.Status.PDBBitMask = Bis(lrpdb.Status.PDBBitMask, PDBCRT)
+			lrpdb.Status.PDBBitMaskStr = Bitmaskprint(lrpdb.Status.PDBBitMask)
+			r.UpdateStatus(ctx, req, lrpdb)
+		}
+
+		r.getLRPDBState(ctx, req, lrpdb)
+		r.Recorder.Eventf(lrpdb, corev1.EventTypeNormal,
+			"Created", "LRPDB '%s' created successfully", lrpdb.Spec.LRPDBName)
+
+		log.Info("Parsing connectstring")
+		lrpdb.Status.ConnString = strings.TrimSpace(lrest.Spec.DBTnsurl)
+		parseTnsAlias(&(lrpdb.Status.ConnString), &(lrpdb.Spec.LRPDBName))
+		r.UpdateStatus(ctx, req, lrpdb)
+
+		imperativeLpdbDeletion = lrpdb.Spec.ImperativeLrpdbDeletion
+		if lrpdb.Spec.ImperativeLrpdbDeletion == true {
+			r.Recorder.Eventf(lrpdb, corev1.EventTypeNormal, "Created", "PDB '%s' imperative pdb deletion turned on", lrpdb.Spec.LRPDBName)
+		}
+
+		_ = r.AutoDiscoverActivation(ctx, req, lrpdb, AutoDiscover)
+
+		lrpdb.Status.Msg = "create:[op completed]"
+		r.UpdateStatus(ctx, req, lrpdb)
+	} else {
+		log.Info("CRD created by autodiscover")
+		lrpdb.Status.PDBBitMask = Bis(lrpdb.Status.PDBBitMask, PDBCRT)
+		lrpdb.Status.PDBBitMask = Bis(lrpdb.Status.PDBBitMask, PDBAUT)
+		lrpdb.Status.PDBBitMaskStr = Bitmaskprint(lrpdb.Status.PDBBitMask)
+		lrpdb.Status.ConnString = strings.TrimSpace(lrest.Spec.DBTnsurl)
+		parseTnsAlias(&(lrpdb.Status.ConnString), &(lrpdb.Spec.LRPDBName))
+		lrpdb.Status.Msg = "autodiscover:[op completed]"
+		r.UpdateStatus(ctx, req, lrpdb)
 	}
 	return nil
 }
 
-/*
-************************************************
-  - Finalization logic for LRPDBFinalizer
+/**************************************************
+ALTER SYSTEM lRPDB
+**************************************************/
 
-***********************************************
-*/
-func (r *LRPDBReconciler) deleteLRPDBInstance(req ctrl.Request, ctx context.Context, lrpdb *dbapi.LRPDB) error {
+/**just push the trasnsaction **/
+func (r *LRPDBReconciler) alterSystemLRPDB(ctx context.Context, req ctrl.Request, lrpdb *dbapi.LRPDB) error {
 
-	log := r.Log.WithValues("deleteLRPDBInstance", req.NamespacedName)
+	log := r.Log.WithValues("alterSystemLRPDB", req.NamespacedName)
+	globalsqlcode = 0
 
 	var err error
+	err = r.getLRPDBState(ctx, req, lrpdb)
+	if err != nil {
+		if apierrors.IsNotFound(err) {
+			log.Info("Warning LRPDB does not exist", "LRPDB Name", lrpdb.Spec.LRPDBName)
+			return nil
+		}
+		return err
+	}
 
 	lrest, err := r.getLRESTResource(ctx, req, lrpdb)
 	if err != nil {
+		log.Info("Cannot find LREST server")
 		return err
 	}
 
-	values := map[string]string{
-		"action":    "KEEP",
-		"getScript": strconv.FormatBool(*(lrpdb.Spec.GetScript))}
+	/* alter system payload */
 
-	if lrpdb.Spec.DropAction != "" {
-		values["action"] = lrpdb.Spec.DropAction
+	values := map[string]string{
+		"state":                "ALTER",
+		"alterSystemParameter": lrpdb.Spec.AlterSystemParameter,
+		"alterSystemValue":     lrpdb.Spec.AlterSystemValue,
+		"parameterScope":       lrpdb.Spec.ParameterScope,
 	}
 
 	lrpdbName := lrpdb.Spec.LRPDBName
-	url := r.BaseUrl(ctx, req, lrpdb, lrest) + lrpdbName + "/"
+	url := r.BaseUrl(ctx, req, lrpdb, lrest) + lrpdbName
+	log.Info("alter system payload...:", "lrpdb.Spec.AlterSystemValue=", lrpdb.Spec.AlterSystemValue)
+	log.Info("alter system payload...:", "lrpdb.Spec.AlterSystemParameter=", lrpdb.Spec.AlterSystemParameter)
+	log.Info("alter system payload...:", "lrpdb.Spec.ParameterScope=", lrpdb.Spec.ParameterScope)
+	log.Info("alter system path.......:", "url=", url)
 
-	lrpdb.Status.Phase = lrpdbPhaseDelete
-	lrpdb.Status.Msg = "Waiting for LRPDB to be deleted"
-	if err := r.Status().Update(ctx, lrpdb); err != nil {
-		log.Error(err, "Failed to update status for :"+lrpdb.Name, "err", err.Error())
-	}
+	lrpdb.Status.ModifyOption = lrpdb.Spec.AlterSystem + " " + lrpdb.Spec.ParameterScope
+	lrpdb.Status.Msg = "alter system:[op. in progress]"
+	r.UpdateStatus(ctx, req, lrpdb)
 
-	respData, err := NewCallLAPI(r, ctx, req, lrpdb, url, values, "DELETE")
+	respData, err := NewCallAPISQL(r, ctx, req, lrpdb, url, values, "POST")
 	if err != nil {
-		log.Error(err, "Failure NewCallLAPI( "+url+")", "err", err.Error())
+		log.Error(err, "Failure NewCallAPISQL( "+url+")", "err", err.Error())
 		return err
 	}
 
 	r.GetSqlCode(respData, &(lrpdb.Status.SqlCode))
 	globalsqlcode = lrpdb.Status.SqlCode
 
-	log.Info("Successfully dropped LRPDB", "LRPDB Name", lrpdbName)
-	return nil
-}
+	if lrpdb.Status.SqlCode == 0 {
 
-/*
-***********************************************************
-  - SetupWithManager sets up the controller with the Manager
+		r.Recorder.Eventf(lrpdb, corev1.EventTypeNormal, "Altered", "LRPDB(name,cmd,sqlcode) '%s %s %d' ", lrpdb.Spec.LRPDBName, lrpdb.Spec.AlterSystem, lrpdb.Status.SqlCode)
+		lrpdb.Status.Msg = "alter system:[op. completed]"
+		r.UpdateStatus(ctx, req, lrpdb)
 
-************************************************************
-*/
-func (r *LRPDBReconciler) SetupWithManager(mgr ctrl.Manager) error {
-	return ctrl.NewControllerManagedBy(mgr).
-		For(&dbapi.LRPDB{}).
-		WithEventFilter(predicate.Funcs{
-			UpdateFunc: func(e event.UpdateEvent) bool {
-				// Ignore updates to CR status in which case metadata.Generation does not change
-				return e.ObjectOld.GetGeneration() != e.ObjectNew.GetGeneration()
-			},
-			DeleteFunc: func(e event.DeleteEvent) bool {
-				// Evaluates to false if the object has been confirmed deleted.
-				//return !e.DeleteStateUnknown
-				return false
-			},
-		}).
-		WithOptions(controller.Options{MaxConcurrentReconciles: 100}).
-		Complete(r)
-}
+		/* Reset parameters */
+		lrpdb.Spec.AlterSystemValue = ""
+		lrpdb.Spec.AlterSystemParameter = ""
+		lrpdb.Spec.ParameterScope = ""
 
-/*************************************************************
-Enh 35357707 - PROVIDE THE LRPDB TNSALIAS INFORMATION
-**************************************************************/
+		if err := r.Update(ctx, lrpdb); err != nil {
+			log.Error(err, "Cannot rest lrpdb Spec  :"+lrpdb.Name, "err", err.Error())
+			return err
+		}
 
-func parseTnsAlias(tns *string, lrpdbsrv *string) {
-	fmt.Printf("Analyzing string [%s]\n", *tns)
-	fmt.Printf("Relacing  srv [%s]\n", *lrpdbsrv)
-	var swaptns string
+		return nil
 
-	if strings.Contains(strings.ToUpper(*tns), "SERVICE_NAME") == false {
-		fmt.Print("Cannot generate tns alias for lrpdb")
-		return
 	}
 
-	if strings.Contains(strings.ToUpper(*tns), "ORACLE_SID") == true {
-		fmt.Print("Cannot generate tns alias for lrpdb")
-		return
-	}
+	if lrpdb.Status.SqlCode != 0 {
+		r.Recorder.Eventf(lrpdb, corev1.EventTypeWarning, "alter system failure", "LRPDB(name,cmd,sqlcode) '%s %s %d' ", lrpdb.Spec.LRPDBName, lrpdb.Spec.AlterSystem, lrpdb.Status.SqlCode)
+		erralter := errors.New("Error: cannot modify parameter")
 
-	swaptns = fmt.Sprintf("SERVICE_NAME=%s", *lrpdbsrv)
-	tnsreg := regexp.MustCompile(`SERVICE_NAME=\w+`)
-	*tns = tnsreg.ReplaceAllString(*tns, swaptns)
+		lrpdb.Status.Msg = "alter system:[op. failure]"
+		r.UpdateStatus(ctx, req, lrpdb)
 
-	fmt.Printf("Newstring [%s]\n", *tns)
+		lrpdb.Spec.AlterSystem = ""
+		lrpdb.Spec.ParameterScope = ""
+		lrpdb.Spec.ParameterScope = ""
 
-}
+		if err := r.Update(ctx, lrpdb); err != nil {
+			log.Error(err, "Cannot rest lrpdb Spec  :"+lrpdb.Name, "err", err.Error())
+			return err
+		}
 
-// Compose url
-func (r *LRPDBReconciler) BaseUrl(ctx context.Context, req ctrl.Request, lrpdb *dbapi.LRPDB, lrest dbapi.LREST) string {
-	log := r.Log.WithValues("BaseUrl", req.NamespacedName)
-	baseurl := "https://" + lrpdb.Spec.CDBResName + "-lrest." + lrpdb.Spec.CDBNamespace + ":" + strconv.Itoa(lrest.Spec.LRESTPort) + "/database/pdbs/"
-	log.Info("Baseurl:" + baseurl)
-	return baseurl
+		return erralter
+	}
+
+	return nil
 }
 
-func (r *LRPDBReconciler) DecryptWithPrivKey(Key string, Buffer string, req ctrl.Request) (string, error) {
-	log := r.Log.WithValues("DecryptWithPrivKey", req.NamespacedName)
-	Debug := 0
-	block, _ := pem.Decode([]byte(Key))
-	pkcs8PrivateKey, err := x509.ParsePKCS8PrivateKey(block.Bytes)
-	if err != nil {
-		log.Error(err, "Failed to parse private key - "+err.Error())
-		return "", err
-	}
-	if Debug == 1 {
-		fmt.Printf("======================================\n")
-		fmt.Printf("%s\n", Key)
-		fmt.Printf("======================================\n")
-	}
+func (r *LRPDBReconciler) execPLSQL(ctx context.Context, req ctrl.Request, lrpdb *dbapi.LRPDB) error {
+	log := r.Log.WithValues("execPLSQL", req.NamespacedName)
 
-	encString64, err := base64.StdEncoding.DecodeString(string(Buffer))
+	// TO BE DONE Ad control for the pdb existence
+	lrpdbName := lrpdb.Spec.LRPDBName
+
+	log.Info("Reading code config Map ")
+	configmap, err := r.GetConfigMapCode(ctx, req, lrpdb)
 	if err != nil {
-		log.Error(err, "Failed to decode encrypted string to base64 - "+err.Error())
-		return "", err
+		log.Error(err, "Fail to fetch code configmap", "err", err.Error())
+		return err
 	}
 
-	decryptedB, err := rsa.DecryptPKCS1v15(nil, pkcs8PrivateKey.(*rsa.PrivateKey), encString64)
+	lrest, err := r.getLRESTResource(ctx, req, lrpdb)
 	if err != nil {
-		log.Error(err, "Failed to decrypt string - "+err.Error())
-		return "", err
+		return err
 	}
-	if Debug == 1 {
-		fmt.Printf("[%s]\n", string(decryptedB))
+
+	lrpdb.Status.Msg = "plsql/sql apply[op. in progress]"
+	r.UpdateStatus(ctx, req, lrpdb)
+
+	var tokens []string
+	var CodeSize int
+	/** Sort keys **/
+	keys := reflect.ValueOf(configmap.Data).MapKeys()
+	keysOrder := func(i, j int) bool { return keys[i].Interface().(string) < keys[j].Interface().(string) }
+	sort.Slice(keys, keysOrder)
+	/** End of sort section **/
+
+	for _, key := range keys {
+		Value := configmap.Data[key.Interface().(string)]
+		fmt.Printf("Code Block Name (SQL/PLSQL):%s\n", key)
+		tokens = strings.Split(Value, "\n")
+		/* Debug Section */
+		for cnt := range tokens {
+			fmt.Printf("line[%d]:%s\n", cnt, tokens[cnt])
+			CodeSize += len(tokens[cnt])
+		}
+
+		//* removing laste null emlements
+		if len(tokens) > 0 {
+			tokens = tokens[:len(tokens)-1]
+		}
+
+		fmt.Printf("call to restsertver (%s,%d)\n", key, CodeSize)
+
+		jsonpayload := &PLSQLPayLoad{Values: map[string]string{"method": "APPLYSQL"}, Sqltokens: tokens}
+		//* Debug section **//
+
+		encjson, _ := json.Marshal(jsonpayload)
+		fmt.Println(string(encjson))
+
+		url := r.BaseUrl(ctx, req, lrpdb, lrest) + lrpdbName
+
+		respData, err := NewCallAPISQL(r, ctx, req, lrpdb, url, jsonpayload, "POST")
+		if err != nil {
+			log.Error(err, "Failure NewCallAPISQL( "+url+")", "err", err.Error())
+			return err
+		}
+
+		r.GetSqlCode(respData, &(lrpdb.Status.SqlCode))
+
+		EvLevel := corev1.EventTypeNormal
+		skey := fmt.Sprintf("[%s]", key)
+		if lrpdb.Status.SqlCode != 0 {
+			oer := fmt.Sprintf("ORA-%d", lrpdb.Status.SqlCode)
+			lrpdb.Status.Msg = skey + ":[" + oer + "]"
+			r.UpdateStatus(ctx, req, lrpdb)
+			EvLevel = corev1.EventTypeWarning
+		}
+		/*
+		   Add the timestamp to the event
+		*/
+		t := time.Now()
+		formatted := fmt.Sprintf("APPLYSQL-%02d%02d%02d", t.Hour(), t.Minute(), t.Second())
+		r.Recorder.Eventf(lrpdb, EvLevel, formatted, " CODE:SQLCODE '%s':'%d'", skey, lrpdb.Status.SqlCode)
+
+		/* sql execution complete successfully than report the name of the tag */
+		if lrpdb.Status.SqlCode == 0 {
+			lrpdb.Status.LastPLSQL = skey
+			r.UpdateStatus(ctx, req, lrpdb)
+			/* reset code buffer */
+		}
+		tokens = nil
+		CodeSize = 0
 	}
-	return strings.TrimSpace(string(decryptedB)), err
 
+	lrpdb.Spec.PLSQLBlock = "" /* rest block */
+	if err := r.Update(ctx, lrpdb); err != nil {
+		log.Error(err, "Failred to update lrpdb Spec  :"+lrpdb.Name, "err", err.Error())
+		return err
+	}
+	lrpdb.Status.Msg = "plsql/sql apply[op. completed]"
+	r.UpdateStatus(ctx, req, lrpdb)
+	log.Info("plsql block reset :[" + lrpdb.Spec.PLSQLBlock + "]")
+	return nil
 }
 
-// New function to decrypt credential using private key
-func (r *LRPDBReconciler) getEncriptedSecret(ctx context.Context, req ctrl.Request, lrpdb *dbapi.LRPDB, secretName string, keyName string, secretNamePk string, keyNamePk string) (string, error) {
+/*
+************************************************
+  - Get LRPDB State
 
-	log := r.Log.WithValues("getEncriptedSecret", req.NamespacedName)
+************************************************
+*/
+func (r *LRPDBReconciler) getLRPDBState(ctx context.Context, req ctrl.Request, lrpdb *dbapi.LRPDB) error {
 
-	log.Info("getEncriptedSecret :" + secretName)
-	secret1 := &corev1.Secret{}
-	err := r.Get(ctx, types.NamespacedName{Name: secretName, Namespace: lrpdb.Namespace}, secret1)
+	log := r.Log.WithValues("getLRPDBState", req.NamespacedName)
+
+	var err error
+
+	lrest, err := r.getLRESTResource(ctx, req, lrpdb)
 	if err != nil {
-		if apierrors.IsNotFound(err) {
-			log.Info("Secret not found:" + secretName)
-			lrpdb.Status.Msg = "Secret not found:" + secretName
-			return "", err
-		}
-		log.Error(err, "Unable to get the secret.")
-		return "", err
+		return err
 	}
 
-	secret2 := &corev1.Secret{}
-	err = r.Get(ctx, types.NamespacedName{Name: secretNamePk, Namespace: lrpdb.Namespace}, secret2)
+	lrpdbName := lrpdb.Spec.LRPDBName
+	url := r.BaseUrl(ctx, req, lrpdb, lrest) + lrpdbName + "/status/"
+
+	respData, err := NewCallAPISQL(r, ctx, req, lrpdb, url, nil, "GET")
 	if err != nil {
-		if apierrors.IsNotFound(err) {
-			log.Info("Secret not found:" + secretNamePk)
-			lrpdb.Status.Msg = "Secret not found:" + secretNamePk
-			return "", err
-		}
-		log.Error(err, "Unable to get the secret.")
-		return "", err
+		lrpdb.Status.Msg = "getLRPDBState failure : check lrpdb status"
+		log.Error(err, "Failure NewCallLAPI( "+url+")", "err", err.Error())
+		r.UpdateStatus(ctx, req, lrpdb)
+		return err
 	}
 
-	Encval := string(secret1.Data[keyName])
-	Encval = strings.TrimSpace(Encval)
+	r.GetSqlCode(respData, &(lrpdb.Status.SqlCode))
+	globalsqlcode = lrpdb.Status.SqlCode
+	if lrpdb.Status.SqlCode == 1403 {
+		lrpdb.Status.OpenMode = "N/A"
+		lrpdb.Status.Msg = "N/A ORA-1403"
+		return errors.New("NO_DATA_FOUND")
+	}
 
-	privKey := string(secret2.Data[keyNamePk])
-	privKey = strings.TrimSpace(privKey)
+	r.GetOpenMode(respData, &(lrpdb.Status.OpenMode))
+	r.GetRestricted(respData, &(lrpdb.Status.Restricted))
+	r.GetPdbSize2(respData, &(lrpdb.Status.TotalSize))
 
-	/* Debuug info for dev phase
-	fmt.Printf("DEBUG Secretename:secretName :%s\n", secretName)
-	fmt.Printf("DEBUG privKey                :%s\n", privKey)
-	fmt.Printf("DEBUG Encval                 :%s\n", Encval)
+	r.UpdateStatus(ctx, req, lrpdb)
+
+	/* lrpdb.Status.Msg = "check lrpdb ok"
+	if err := r.Status().Update(ctx, lrpdb); err != nil {
+		log.Error(err, "Failed to update status for :"+lrpdb.Name, "err", err.Error())
+	}
 	*/
 
-	DecVal, err := r.DecryptWithPrivKey(privKey, Encval, req)
+	log.Info("Successfully obtained LRPDB state", "LRPDB Name", lrpdb.Spec.LRPDBName, "State", lrpdb.Status.OpenMode)
+	return nil
+}
+
+/*
+************************************************
+  - Map Database LRPDB to Kubernetes LRPDB CR
+  - Decommissioned function
+************************************************/
+
+/*
+func (r *LRPDBReconciler) mapLRPDB(ctx context.Context, req ctrl.Request, lrpdb *dbapi.LRPDB) error {
+
+	log := r.Log.WithValues("mapLRPDB", req.NamespacedName)
+
+	var err error
+
+	lrest, err := r.getLRESTResource(ctx, req, lrpdb)
 	if err != nil {
-		log.Error(err, "Fail to decrypt secret:"+secretName)
-		lrpdb.Status.Msg = " Fail to decrypt secret:" + secretName
-		return "", err
+		return err
 	}
-	return DecVal, nil
-}
 
-func (r *LRPDBReconciler) manageLRPDBDeletion2(ctx context.Context, req ctrl.Request, lrpdb *dbapi.LRPDB) error {
-	log := r.Log.WithValues("manageLRPDBDeletion", req.NamespacedName)
-	if lrpdb.ObjectMeta.DeletionTimestamp.IsZero() {
-		if !controllerutil.ContainsFinalizer(lrpdb, LRPDBFinalizer) {
-			controllerutil.AddFinalizer(lrpdb, LRPDBFinalizer)
-			if err := r.Update(ctx, lrpdb); err != nil {
-				return err
-			}
-		}
-	} else {
-		log.Info("Pdb marked to be delted")
-		if controllerutil.ContainsFinalizer(lrpdb, LRPDBFinalizer) {
-			if assertiveLpdbDeletion == true {
-				log.Info("Deleting lrpdb CRD: Assertive approach is turned on ")
-				lrest, err := r.getLRESTResource(ctx, req, lrpdb)
-				if err != nil {
-					log.Error(err, "Cannont find cdb resource ", "err", err.Error())
-					return err
-				}
+	log.Info("callapi get to map lrpdb")
 
-				lrpdbName := lrpdb.Spec.LRPDBName
-				if lrpdb.Status.OpenMode == "READ WRITE" {
-					valuesclose := map[string]string{
-						"state":        "CLOSE",
-						"modifyOption": "IMMEDIATE",
-						"getScript":    "FALSE"}
-					lrpdbName := lrpdb.Spec.LRPDBName
-					url := r.BaseUrl(ctx, req, lrpdb, lrest) + lrpdbName + "/status/"
-					_, errclose := r.callAPI(ctx, req, lrpdb, url, valuesclose, "POST")
-					if errclose != nil {
-						log.Info("Warning error closing lrpdb continue anyway")
-					}
-				}
+	lrpdbName := lrpdb.Spec.LRPDBName
+	url := r.BaseUrl(ctx, req, lrpdb, lrest) + lrpdbName + "/status/"
+	log.Info("DEBUG NEW URL " + url)
 
-				valuesdrop := map[string]string{
-					"action":    "INCLUDING",
-					"getScript": "FALSE"}
-				url := r.BaseUrl(ctx, req, lrpdb, lrest) + lrpdbName + "/"
+	respData, err := NewCallAPISQL(r, ctx, req, lrpdb, url, nil, "GET")
+	if err != nil {
+		log.Error(err, "Failure NewCallAPISQL( "+url+")", "err", err.Error())
+		return err
+	}
 
-				log.Info("Call Delete()")
-				_, errdelete := r.callAPI(ctx, req, lrpdb, url, valuesdrop, "DELETE")
-				if errdelete != nil {
-					log.Error(errdelete, "Fail to delete lrpdb :"+lrpdb.Name, "err", err.Error())
-					return errdelete
-				}
-			} /* END OF ASSERTIVE SECTION */
+	var objmap map[string]interface{}
+	if err := json.Unmarshal([]byte(respData), &objmap); err != nil {
+		log.Error(err, "Failed json.Unmarshal :"+lrpdbName, "err", err.Error())
+	}
 
-			log.Info("Marked to be deleted")
-			lrpdb.Status.Phase = lrpdbPhaseDelete
-			lrpdb.Status.Status = true
-			r.Status().Update(ctx, lrpdb)
+	//fmt.Printf("%+v\n", objmap)
+	totSizeInBytes := objmap["total_size"].(float64)
+	totSizeInGB := totSizeInBytes / 1024 / 1024 / 1024
 
-			controllerutil.RemoveFinalizer(lrpdb, LRPDBFinalizer)
-			if err := r.Update(ctx, lrpdb); err != nil {
-				log.Info("Cannot remove finalizer")
-				return err
-			}
+	lrpdb.Status.OpenMode = objmap["open_mode"].(string)
+	lrpdb.Status.TotalSize = fmt.Sprintf("%4.2f", totSizeInGB) + "G"
+	imperativeLpdbDeletion = lrpdb.Spec.ImperativeLrpdbDeletion
+	if lrpdb.Spec.ImperativeLrpdbDeletion == true {
+		r.Recorder.Eventf(lrpdb, corev1.EventTypeNormal, "Map", "PDB '%s' imperative pdb deletion turned on", lrpdb.Spec.LRPDBName)
+	}
 
-		}
+	if lrest.Spec.DBServer != "" {
+		lrpdb.Status.ConnString = lrest.Spec.DBServer + ":" + strconv.Itoa(lrest.Spec.DBPort) + "/" + lrpdb.Spec.LRPDBName
+	} else {
+		lrpdb.Status.ConnString = lrest.Spec.DBTnsurl
+		parseTnsAlias(&(lrpdb.Status.ConnString), &(lrpdb.Spec.LRPDBName))
+	}
 
-		return nil
+	lrpdb.Status.Status = true
+
+	if err := r.Status().Update(ctx, lrpdb); err != nil {
+		log.Error(err, "Failed to update status for :"+lrpdb.Name, "err", err.Error())
 	}
 
+	log.Info("Successfully mapped LRPDB to Kubernetes resource", "LRPDB Name", lrpdb.Spec.LRPDBName)
 	return nil
 }
+*/
 
-func (r *LRPDBReconciler) InitConfigMap(ctx context.Context, req ctrl.Request, lrpdb *dbapi.LRPDB) *corev1.ConfigMap {
-	log := r.Log.WithValues("InitConfigMap", req.NamespacedName)
-	log.Info("ConfigMap..............:" + "ConfigMap" + lrpdb.Name)
-	log.Info("ConfigMap nmsp.........:" + lrpdb.Namespace)
-	/*
-	 *  PDB SYSTEM PARAMETER
-	 *  record [name,value=[paramete_val|reset],level=[session|system]]
-	 */
-
-	if lrpdb.Spec.PDBConfigMap == "" {
-		/* if users does not specify a config map
-		we generate an empty new one for possible
-		future pdb parameter  modification */
-
-		var SystemParameters map[string]string
+/*
+************************************************
+  - Delete a LRPDB
+  - Decommissioned function
+************************************************/
+/*
+func (r *LRPDBReconciler) deleteLRPDB2(ctx context.Context, req ctrl.Request, lrpdb *dbapi.LRPDB) error {
 
-		log.Info("Generating an empty configmap")
-		globalconfigmap = "configmap-" + lrpdb.Spec.LRPDBName + "-default"
-		DbParameters := &corev1.ConfigMap{
-			TypeMeta: metav1.TypeMeta{
-				Kind:       "configmap",
-				APIVersion: "v1",
-			},
-			ObjectMeta: metav1.ObjectMeta{
-				Name:      globalconfigmap,
-				Namespace: lrpdb.Namespace,
-			},
-			Data: SystemParameters,
-		}
+	log := r.Log.WithValues("deleteLRPDB2", req.NamespacedName)
 
-		if err := ctrl.SetControllerReference(lrpdb, DbParameters, r.Scheme); err != nil {
-			log.Error(err, "Fail to set SetControllerReference", "err", err.Error())
+	errstate := r.getLRPDBState(ctx, req, lrpdb)
+	if errstate != nil {
+		if lrpdb.Status.SqlCode == 1403 {
+			log.Info("Database does not exists ")
+			r.Delete(context.Background(), lrpdb, client.GracePeriodSeconds(1))
 			return nil
 		}
-
-		/* Update Spec.PDBConfigMap */
-		lrpdb.Spec.PDBConfigMap = "configmap" + lrpdb.Spec.LRPDBName + "default"
-		if err := r.Update(ctx, lrpdb); err != nil {
-			log.Error(err, "Failure updating Spec.PDBConfigMap ", "err", err.Error())
+		if apierrors.IsNotFound(errstate) {
+			log.Info("Warning LRPDB does not exist", "LRPDB Name", lrpdb.Spec.LRPDBName)
+			r.Delete(context.Background(), lrpdb, client.GracePeriodSeconds(1))
 			return nil
 		}
-		lrpdb.Status.Bitstat = bis(lrpdb.Status.Bitstat, MPEMPT)
-		return DbParameters
+		log.Error(errstate, "Failed to update status for :"+lrpdb.Name, "err", errstate.Error())
+		return errstate
+
+	}
+
+	if lrpdb.Status.OpenMode == "READ WRITE" {
+
+		errdel := errors.New("pdb is open cannot delete it")
+		log.Info("LRPDB is open in read write cannot drop ")
+		lrpdb.Status.Msg = "LRPDB is open in read write cannot drop "
+		if err := r.Status().Update(ctx, lrpdb); err != nil {
+			log.Error(err, "Failed to update status for :"+lrpdb.Name, "err", err.Error())
+		}
+
+		return errdel
+	}
+
+	err := r.deleteLRPDBInstance(req, ctx, lrpdb)
+	if err != nil {
+		log.Info("Could not delete LRPDB", "LRPDB Name", lrpdb.Spec.LRPDBName, "err", err.Error())
+		return err
+	}
+
+	if controllerutil.ContainsFinalizer(lrpdb, LRPDBFinalizer) {
+		log.Info("Removing finalizer")
+		controllerutil.RemoveFinalizer(lrpdb, LRPDBFinalizer)
+		err := r.Update(ctx, lrpdb)
+		if err != nil {
+			log.Info("Could not remove finalizer", "err", err.Error())
+			return err
+		}
+		lrpdb.Status.Status = true
+		err = r.Delete(context.Background(), lrpdb, client.GracePeriodSeconds(1))
+		if err != nil {
+			log.Info("Could not delete LRPDB resource", "err", err.Error())
+			return err
+		}
+	}
+
+	r.Recorder.Eventf(lrpdb, corev1.EventTypeNormal, "Deleted", "LRPDB '%s' dropped successfully", lrpdb.Spec.LRPDBName)
+
+	log.Info("Successfully deleted LRPDB resource")
+	return nil
+}
+*/
+
+/*
+************************************************
+  - Check LRPDB deletion
+  - Decommissioned function
+***********************************************
+/*
+func (r *LRPDBReconciler) manageLRPDBDeletion(ctx context.Context, req ctrl.Request, lrpdb *dbapi.LRPDB) error {
+	log := r.Log.WithValues("manageLRPDBDeletion", req.NamespacedName)
+
+	isLRPDBMarkedToBeDeleted := lrpdb.GetDeletionTimestamp() != nil
+	if isLRPDBMarkedToBeDeleted {
+		log.Info("Marked to be deleted")
+		lrpdb.Status.Status = true
+		r.Status().Update(ctx, lrpdb)
+
+		if controllerutil.ContainsFinalizer(lrpdb, LRPDBFinalizer) {
+			log.Info("Removing finalizer")
+			controllerutil.RemoveFinalizer(lrpdb, LRPDBFinalizer)
+			err := r.Update(ctx, lrpdb)
+			if err != nil {
+				log.Info("Could not remove finalizer", "err", err.Error())
+				return err
+			}
+			log.Info("Successfully removed LRPDB resource")
+			return nil
+		}
+	}
+
+	if !controllerutil.ContainsFinalizer(lrpdb, LRPDBFinalizer) {
+		log.Info("Adding finalizer")
+		controllerutil.AddFinalizer(lrpdb, LRPDBFinalizer)
+		err := r.Update(ctx, lrpdb)
+		if err != nil {
+			log.Info("Could not add finalizer", "err", err.Error())
+			return err
+		}
+		lrpdb.Status.Status = false
+	}
+	return nil
+}
+*/
+
+/*
+************************************************
+  - Finalization logic for LRPDBFinalizer
+  - Decommisssioned function
+***********************************************
+*/
+/*
+func (r *LRPDBReconciler) deleteLRPDBInstance(req ctrl.Request, ctx context.Context, lrpdb *dbapi.LRPDB) error {
+
+	log := r.Log.WithValues("deleteLRPDBInstance", req.NamespacedName)
+
+	var err error
+
+	lrest, err := r.getLRESTResource(ctx, req, lrpdb)
+	if err != nil {
+		return err
+	}
+
+	values := map[string]string{
+		"action":    "KEEP",
+		"getScript": strconv.FormatBool(*(lrpdb.Spec.GetScript))}
+
+	if lrpdb.Spec.DropAction != "" {
+		values["action"] = lrpdb.Spec.DropAction
+	}
+
+	lrpdbName := lrpdb.Spec.LRPDBName
+	url := r.BaseUrl(ctx, req, lrpdb, lrest) + lrpdbName
+
+	lrpdb.Status.Msg = "Waiting for LRPDB to be deleted"
+	if err := r.Status().Update(ctx, lrpdb); err != nil {
+		log.Error(err, "Failed to update status for :"+lrpdb.Name, "err", err.Error())
+	}
+
+	respData, err := NewCallAPISQL(r, ctx, req, lrpdb, url, values, "DELETE")
+	if err != nil {
+		log.Error(err, "Failure NewCallAPISQL( "+url+")", "err", err.Error())
+		return err
+	}
+
+	r.GetSqlCode(respData, &(lrpdb.Status.SqlCode))
+	globalsqlcode = lrpdb.Status.SqlCode
+
+	log.Info("Successfully dropped LRPDB", "LRPDB Name", lrpdbName)
+	return nil
+}
+*/
+
+/*
+***********************************************************
+  - SetupWithManager sets up the controller with the Manager
+
+************************************************************
+*/
+func (r *LRPDBReconciler) SetupWithManager(mgr ctrl.Manager) error {
+	return ctrl.NewControllerManagedBy(mgr).
+		For(&dbapi.LRPDB{}).
+		WithEventFilter(predicate.Funcs{
+			UpdateFunc: func(e event.UpdateEvent) bool {
+				// Ignore updates to CR status in which case metadata.Generation does not change
+				return e.ObjectOld.GetGeneration() != e.ObjectNew.GetGeneration()
+			},
+			DeleteFunc: func(e event.DeleteEvent) bool {
+				// Evaluates to false if the object has been confirmed deleted.
+				//return !e.DeleteStateUnknown
+				return false
+			},
+		}).
+		WithOptions(controller.Options{MaxConcurrentReconciles: 100}).
+		Complete(r)
+}
+
+/*************************************************************
+Enh 35357707 - PROVIDE THE LRPDB TNSALIAS INFORMATION
+**************************************************************/
+
+func parseTnsAlias(tns *string, lrpdbsrv *string) {
+	fmt.Printf("Analyzing string [%s]\n", *tns)
+	fmt.Printf("Relacing  srv [%s]\n", *lrpdbsrv)
+	var swaptns string
+
+	if strings.Contains(strings.ToUpper(*tns), "SERVICE_NAME") == false {
+		fmt.Print("Cannot generate tns alias for lrpdb")
+		return
+	}
+
+	if strings.Contains(strings.ToUpper(*tns), "ORACLE_SID") == true {
+		fmt.Print("Cannot generate tns alias for lrpdb")
+		return
+	}
+
+	*tns = strings.ReplaceAll(*tns, " ", "")
+
+	swaptns = fmt.Sprintf("SERVICE_NAME=%s", *lrpdbsrv)
+	tnsreg := regexp.MustCompile(`SERVICE_NAME=\w+`)
+	*tns = tnsreg.ReplaceAllString(*tns, swaptns)
+
+	fmt.Printf("Newstring [%s]\n", *tns)
+
+}
+
+// Compose url
+func (r *LRPDBReconciler) BaseUrl(ctx context.Context, req ctrl.Request, lrpdb *dbapi.LRPDB, lrest dbapi.LREST) string {
+	log := r.Log.WithValues("BaseUrl", req.NamespacedName)
+	baseurl := "https://" + lrpdb.Spec.CDBResName + "-lrest." + lrpdb.Spec.CDBNamespace + ":" + strconv.Itoa(lrest.Spec.LRESTPort) + "/database/pdbs/"
+	log.Info("Baseurl:" + baseurl)
+	return baseurl
+}
+
+func (r *LRPDBReconciler) DecryptWithPrivKey(Key string, Buffer string, req ctrl.Request) (string, error) {
+	log := r.Log.WithValues("DecryptWithPrivKey", req.NamespacedName)
+	Debug := 0
+	block, _ := pem.Decode([]byte(Key))
+	pkcs8PrivateKey, err := x509.ParsePKCS8PrivateKey(block.Bytes)
+	if err != nil {
+		log.Error(err, "Failed to parse private key - "+err.Error())
+		return "", err
+	}
+	if Debug == 1 {
+		fmt.Printf("======================================\n")
+		fmt.Printf("%s\n", Key)
+		fmt.Printf("======================================\n")
+	}
+
+	encString64, err := base64.StdEncoding.DecodeString(string(Buffer))
+	if err != nil {
+		log.Error(err, "Failed to decode encrypted string to base64 - "+err.Error())
+		return "", err
+	}
+
+	decryptedB, err := rsa.DecryptOAEP(sha256.New(), rand.Reader, pkcs8PrivateKey.(*rsa.PrivateKey), encString64, nil)
+	if err != nil {
+		log.Error(err, "Failed to decrypt string - "+err.Error())
+		return "", err
+	}
+	if Debug == 1 {
+		fmt.Printf("[%s]\n", string(decryptedB))
+	}
+	return strings.TrimSpace(string(decryptedB)), err
+
+}
+
+// New function to decrypt credential using private key
+func (r *LRPDBReconciler) getEncriptedSecret(ctx context.Context, req ctrl.Request, lrpdb *dbapi.LRPDB, secretName string, keyName string, secretNamePk string, keyNamePk string) (string, error) {
+
+	log := r.Log.WithValues("getEncriptedSecret", req.NamespacedName)
+
+	log.Info("getEncriptedSecret :" + secretName)
+	secret1 := &corev1.Secret{}
+	err := r.Get(ctx, types.NamespacedName{Name: secretName, Namespace: lrpdb.Namespace}, secret1)
+	if err != nil {
+		if apierrors.IsNotFound(err) {
+			log.Info("Secret not found:" + secretName)
+			lrpdb.Status.Msg = "Secret not found:" + secretName
+			return "", err
+		}
+		log.Error(err, "Unable to get the secret.")
+		return "", err
+	}
+
+	secret2 := &corev1.Secret{}
+	err = r.Get(ctx, types.NamespacedName{Name: secretNamePk, Namespace: lrpdb.Namespace}, secret2)
+	if err != nil {
+		if apierrors.IsNotFound(err) {
+			log.Info("Secret not found:" + secretNamePk)
+			lrpdb.Status.Msg = "Secret not found:" + secretNamePk
+			return "", err
+		}
+		log.Error(err, "Unable to get the secret.")
+		return "", err
+	}
+
+	Encval := string(secret1.Data[keyName])
+	Encval = strings.TrimSpace(Encval)
+
+	privKey := string(secret2.Data[keyNamePk])
+	privKey = strings.TrimSpace(privKey)
+
+	/* Debuug info for dev phase
+	fmt.Printf("DEBUG Secretename:secretName :%s\n", secretName)
+	fmt.Printf("DEBUG privKey                :%s\n", privKey)
+	fmt.Printf("DEBUG Encval                 :%s\n", Encval)
+	*/
+
+	DecVal, err := r.DecryptWithPrivKey(privKey, Encval, req)
+	if err != nil {
+		log.Error(err, "Fail to decrypt secret:"+secretName)
+		lrpdb.Status.Msg = " Fail to decrypt secret:" + secretName
+		return "", err
+	}
+	return DecVal, nil
+}
+
+/*
+func (r *LRPDBReconciler) manageLRPDBDeletion2(ctx context.Context, req ctrl.Request, lrpdb *dbapi.LRPDB) error {
+	log := r.Log.WithValues("manageLRPDBDeletion", req.NamespacedName)
+	if lrpdb.ObjectMeta.DeletionTimestamp.IsZero() {
+		if !controllerutil.ContainsFinalizer(lrpdb, LRPDBFinalizer) {
+			controllerutil.AddFinalizer(lrpdb, LRPDBFinalizer)
+			if err := r.Update(ctx, lrpdb); err != nil {
+				return err
+			}
+		}
+	} else {
+		log.Info("Pdb marked to be delted")
+		if controllerutil.ContainsFinalizer(lrpdb, LRPDBFinalizer) {
+			if imperativeLpdbDeletion == true {
+				log.Info("Deleting lrpdb CRD: Imperative approach is turned on ")
+				lrest, err := r.getLRESTResource(ctx, req, lrpdb)
+				if err != nil {
+					log.Error(err, "Cannont find cdb resource ", "err", err.Error())
+					return err
+				}
+
+				lrpdbName := lrpdb.Spec.LRPDBName
+				if lrpdb.Status.OpenMode == "READ WRITE" {
+					valuesclose := map[string]string{
+						"state":        "CLOSE",
+						"modifyOption": "IMMEDIATE",
+						"getScript":    "FALSE"}
+					lrpdbName := lrpdb.Spec.LRPDBName
+					url := r.BaseUrl(ctx, req, lrpdb, lrest) + lrpdbName + "/status/"
+					_, errclose := r.callAPI(ctx, req, lrpdb, url, valuesclose, "POST")
+					if errclose != nil {
+						log.Info("Warning error closing lrpdb continue anyway")
+					}
+				}
+
+				valuesdrop := map[string]string{
+					"action":    "INCLUDING",
+					"getScript": "FALSE"}
+				url := r.BaseUrl(ctx, req, lrpdb, lrest) + lrpdbName
+
+				log.Info("Call Delete()")
+				_, errdelete := r.callAPI(ctx, req, lrpdb, url, valuesdrop, "DELETE")
+				if errdelete != nil {
+					log.Error(errdelete, "Fail to delete lrpdb :"+lrpdb.Name, "err", errdelete.Error())
+					return errdelete
+				}
+
+			}
+
+			log.Info("Marked to be deleted")
+			lrpdb.Status.Status = true
+			r.Status().Update(ctx, lrpdb)
+
+			controllerutil.RemoveFinalizer(lrpdb, LRPDBFinalizer)
+			if err := r.Update(ctx, lrpdb); err != nil {
+				log.Info("Cannot remove finalizer")
+				return err
+			}
+
+		}
+
+		return nil
+	}
+
+	return nil
+}
+*/
+
+func (r *LRPDBReconciler) InitConfigMap(ctx context.Context, req ctrl.Request, lrpdb *dbapi.LRPDB) *corev1.ConfigMap {
+	log := r.Log.WithValues("InitConfigMap", req.NamespacedName)
+	log.Info("ConfigMap..............:" + "ConfigMap" + lrpdb.Name)
+	log.Info("ConfigMap nmsp.........:" + lrpdb.Namespace)
+	/*
+	 *  PDB SYSTEM PARAMETER
+	 *  record [name,value=[paramete_val|reset],level=[session|system]]
+	 */
+
+	if lrpdb.Spec.PDBConfigMap == "" {
+		/* if users does not specify a config map
+		we generate an empty new one for possible
+		future pdb parameter  modification */
+
+		var SystemParameters map[string]string
+
+		log.Info("Generating an empty configmap")
+		globalconfigmap = "configmap-" + lrpdb.Spec.LRPDBName + "-default"
+		// RFC 1123
+		globalconfigmap = strings.ToLower(globalconfigmap)
+		globalconfigmap = strings.ReplaceAll(globalconfigmap, "_", "-")
+
+		DbParameters := &corev1.ConfigMap{
+			TypeMeta: metav1.TypeMeta{
+				Kind:       "configmap",
+				APIVersion: "v1",
+			},
+			ObjectMeta: metav1.ObjectMeta{
+				Name:      globalconfigmap,
+				Namespace: lrpdb.Namespace,
+			},
+			Data: SystemParameters,
+		}
+
+		if err := ctrl.SetControllerReference(lrpdb, DbParameters, r.Scheme); err != nil {
+			log.Error(err, "Fail to set SetControllerReference", "err", err.Error())
+			return nil
+		}
+
+		if err := r.Create(ctx, DbParameters); err != nil {
+			log.Error(err, "Failed to create the default configmap", "Namespace", lrpdb.Namespace, "Default configmap", globalconfigmap)
+			return nil
+		}
+
+		/* Update Spec.PDBConfigMap */
+		//lrpdb.Spec.PDBConfigMap = "configmap" + lrpdb.Spec.LRPDBName + "default"
+		lrpdb.Spec.PDBConfigMap = globalconfigmap
+		if err := r.Update(ctx, lrpdb); err != nil {
+			log.Error(err, "Failure updating Spec.PDBConfigMap ", "err", err.Error())
+			return nil
+		}
+		lrpdb.Status.CmBitstat = bis(lrpdb.Status.CmBitstat, MPEMPT)
+		lrpdb.Status.CmBitStatStr = CMBitmaskprint(lrpdb.Status.CmBitstat)
+		r.UpdateStatus(ctx, req, lrpdb)
+		return DbParameters
+
+	} else {
+
+		lrpdb.Status.CmBitstat = bis(lrpdb.Status.CmBitstat, MPINIT)
+		lrpdb.Status.CmBitStatStr = CMBitmaskprint(lrpdb.Status.CmBitstat)
+		globalconfigmap = lrpdb.Spec.PDBConfigMap
+		DbParameters, err := r.GetConfigMap(ctx, req, lrpdb)
+		if err != nil {
+			log.Error(err, "Fail to fetch configmap ", "err", err.Error())
+			return nil
+		}
+
+		//ParseConfigMapData(DbParameters)
+
+		r.UpdateStatus(ctx, req, lrpdb)
+		return DbParameters
+	}
+
+	// return nil
+}
+
+func (r *LRPDBReconciler) GetConfigMap(ctx context.Context, req ctrl.Request, lrpdb *dbapi.LRPDB) (*corev1.ConfigMap, error) {
+	log := r.Log.WithValues("GetConfigMap", req.NamespacedName)
+	log.Info("ConfigMapGlobal.............:" + globalconfigmap)
+	DbParameters, err := k8s.FetchConfigMap(r.Client, lrpdb.Namespace, globalconfigmap)
+	if err != nil {
+		log.Error(err, "Fail to fetch configmap", "err", err.Error())
+		return nil, err
+	}
+
+	return DbParameters, nil
+}
+
+func (r *LRPDBReconciler) GetConfigMapCode(ctx context.Context, req ctrl.Request, lrpdb *dbapi.LRPDB) (*corev1.ConfigMap, error) {
+	log := r.Log.WithValues("GetConfigMapCode", req.NamespacedName)
+	log.Info("CodeMapGlobal.............:" + lrpdb.Spec.PLSQLBlock)
+	CodeBlock, err := k8s.FetchConfigMap(r.Client, lrpdb.Namespace, lrpdb.Spec.PLSQLBlock)
+	if err != nil {
+		log.Error(err, "Fail to fetch configmap", "err", err.Error())
+		return nil, err
+	}
+
+	return CodeBlock, nil
+}
+
+func (r *LRPDBReconciler) ApplyConfigMap(ctx context.Context, req ctrl.Request, lrpdb *dbapi.LRPDB) (int32, error) {
+	log := r.Log.WithValues("ApplyConfigMap", req.NamespacedName)
+	/* We read the config map and apply the setting to the  pdb */
+
+	log.Info("Starting Apply Config Map Process")
+	configmap, err := r.GetConfigMap(ctx, req, lrpdb)
+	if err != nil {
+		log.Info("Cannot get config map in the open yaml file")
+		return 0, nil
+	}
+	Cardinality := int32(len(configmap.Data))
+	if Cardinality == 0 {
+		log.Info("Empty config map... nothing to do ")
+		return 0, nil
+	}
+	log.Info("GetConfigMap completed")
+
+	lrest, err := r.getLRESTResource(ctx, req, lrpdb)
+	if err != nil {
+		log.Info("Cannot find lrest server")
+		return 0, nil
+	}
+	tokens := ParseConfigMapData(configmap)
+	for cnt := range tokens {
+		if len(tokens[cnt]) != 0 {
+			/*  avoid null token and check malformed value  */
+			fmt.Printf("token=[%s]\n", tokens[cnt])
+			Parameter := strings.Split(tokens[cnt], " ")
+			if len(Parameter) != 3 {
+				log.Info("WARNING  malformed value in the configmap")
+			} else {
+				fmt.Printf("alter system set %s=%s scope=%s instances=all\n", Parameter[0], Parameter[1], Parameter[2])
+				/* Preparing PayLoad
+				   -----------------
+				   WARNING: event setting is not yet supported. It will be implemented in future release
+				*/
+				AlterSystemPayload := map[string]string{
+					"state":                "ALTER",
+					"alterSystemParameter": Parameter[0],
+					"alterSystemValue":     Parameter[1],
+					"parameterScope":       Parameter[2],
+				}
+				url := r.BaseUrl(ctx, req, lrpdb, lrest) + lrpdb.Spec.LRPDBName
+				respData, err := r.callAPI(ctx, req, lrpdb, url, AlterSystemPayload, "POST")
+				if err != nil {
+					log.Error(err, "callAPI failure durring Apply Config Map", "err", err.Error())
+					return 0, err
+				}
+				/* check sql code execution */
+				var retJson map[string]interface{}
+				if err := json.Unmarshal([]byte(respData), &retJson); err != nil {
+					log.Error(err, "failed to get Data from callAPI", "err", err.Error())
+					return 0, err
+				}
+				/* We do not the execution if something goes wrong for a single parameter
+				   just report the error in the event queue */
+				SqlCode := strconv.Itoa(int(retJson["sqlcode"].(float64)))
+				AlterMsg := fmt.Sprintf("pdb=%s:%s:%s:%s:%s", lrpdb.Spec.LRPDBName, Parameter[0], Parameter[1], Parameter[2], SqlCode)
+				log.Info("Config Map Apply:......." + AlterMsg)
+
+				if SqlCode != "0" {
+					r.Recorder.Eventf(lrpdb, corev1.EventTypeWarning, "lrpdbinfo", AlterMsg)
+					lrpdb.Status.CmBitstat = bis(lrpdb.Status.CmBitstat, MPWARN)
+				}
+
+			}
+		}
+
+	}
+
+	if err := r.Update(ctx, lrpdb); err != nil {
+		log.Error(err, "Cannot rest lrpdb Spec  :"+lrpdb.Name, "err", err.Error())
+	}
+
+	lrpdb.Status.CmBitstat = bis(lrpdb.Status.CmBitstat, MPAPPL)
+	lrpdb.Status.CmBitStatStr = CMBitmaskprint(lrpdb.Status.CmBitstat)
+	r.UpdateStatus(ctx, req, lrpdb)
+
+	return Cardinality, nil
+}
+
+func (r *LRPDBReconciler) ManageConfigMapForCloningAndPlugin(ctx context.Context, req ctrl.Request, lrpdb *dbapi.LRPDB) error {
+	log := r.Log.WithValues("ManageConfigMapForCloningAndPlugin", req.NamespacedName)
+	log.Info("Frame:")
+	/*
+	   If configmap parameter is set and init flag is not set
+	   then we need to iniialized the init mask. This is the case for
+	   pdb generated by clone and plug action
+	*/
+	if lrpdb.Spec.Action != "CREATE" && lrpdb.Spec.Action != "APPLYSQL" && lrpdb.Spec.PDBConfigMap != "" && Bit(lrpdb.Status.CmBitstat, MPINIT) == false {
+		if r.InitConfigMap(ctx, req, lrpdb) == nil {
+			log.Info("Cannot initialize config map for pdb.........:" + lrpdb.Spec.LRPDBName)
+			return nil
+		}
+		log.Info("Call...........:ApplyConfigMap(ctx, req, lrpdb)")
+		Cardinality, _ := r.ApplyConfigMap(ctx, req, lrpdb)
+		log.Info("Cardnality:....:" + strconv.Itoa(int(Cardinality)))
+		if Cardinality == 0 {
+			return nil
+		}
+
+	}
+	return nil
+}
+
+func NewCallLAPI(intr interface{}, ctx context.Context, req ctrl.Request, lrpdb *dbapi.LRPDB, url string, payload map[string]string, action string) (string, error) {
+	var c client.Client
+	var r logr.Logger
+	var e record.EventRecorder
+	var err error
+
+	recpdb, ok1 := intr.(*LRPDBReconciler)
+	if ok1 {
+		fmt.Printf("func NewCallLApi ((*PDBReconciler),......)\n")
+		c = recpdb.Client
+		e = recpdb.Recorder
+		r = recpdb.Log
+	}
+
+	reccdb, ok2 := intr.(*LRESTReconciler)
+	if ok2 {
+		fmt.Printf("func NewCallLApi ((*CDBReconciler),......)\n")
+		c = reccdb.Client
+		e = reccdb.Recorder
+		r = reccdb.Log
+	}
+
+	log := r.WithValues("NewCallAPISQL", req.NamespacedName)
+
+	secret := &corev1.Secret{}
+
+	err = c.Get(ctx, types.NamespacedName{Name: lrpdb.Spec.LRPDBTlsKey.Secret.SecretName, Namespace: lrpdb.Namespace}, secret)
+
+	if err != nil {
+		if apierrors.IsNotFound(err) {
+			log.Info("Secret not found:" + lrpdb.Spec.LRPDBTlsKey.Secret.SecretName)
+			return "", err
+		}
+		log.Error(err, "Unable to get the secret.")
+		return "", err
+	}
+	rsaKeyPEM := secret.Data[lrpdb.Spec.LRPDBTlsKey.Secret.Key]
+
+	err = c.Get(ctx, types.NamespacedName{Name: lrpdb.Spec.LRPDBTlsCrt.Secret.SecretName, Namespace: lrpdb.Namespace}, secret)
+
+	if err != nil {
+		if apierrors.IsNotFound(err) {
+			log.Info("Secret not found:" + lrpdb.Spec.LRPDBTlsCrt.Secret.SecretName)
+			return "", err
+		}
+		log.Error(err, "Unable to get the secret.")
+		return "", err
+	}
+
+	rsaCertPEM := secret.Data[lrpdb.Spec.LRPDBTlsCrt.Secret.Key]
+
+	err = c.Get(ctx, types.NamespacedName{Name: lrpdb.Spec.LRPDBTlsCat.Secret.SecretName, Namespace: lrpdb.Namespace}, secret)
+
+	if err != nil {
+		if apierrors.IsNotFound(err) {
+			log.Info("Secret not found:" + lrpdb.Spec.LRPDBTlsCat.Secret.SecretName)
+			return "", err
+		}
+		log.Error(err, "Unable to get the secret.")
+		return "", err
+	}
+
+	caCert := secret.Data[lrpdb.Spec.LRPDBTlsCat.Secret.Key]
+	/*
+		r.Recorder.Eventf(lrpdb, corev1.EventTypeWarning, "LRESTINFO", string(rsaKeyPEM))
+		r.Recorder.Eventf(lrpdb, corev1.EventTypeWarning, "LRESTINFO", string(rsaCertPEM))
+		r.Recorder.Eventf(lrpdb, corev1.EventTypeWarning, "LRESTINFO", string(caCert))
+	*/
+
+	certificate, err := tls.X509KeyPair([]byte(rsaCertPEM), []byte(rsaKeyPEM))
+	if err != nil {
+		lrpdb.Status.Msg = "Error tls.X509KeyPair"
+		return "", err
+	}
+
+	caCertPool := x509.NewCertPool()
+	caCertPool.AppendCertsFromPEM(caCert)
+	/*
+			tlsConf := &tls.Config{Certificates: []tls.Certificate{certificate},
+		                               RootCAs: caCertPool}
+	*/
+	tlsConf := &tls.Config{Certificates: []tls.Certificate{certificate},
+		RootCAs: caCertPool,
+		//MinVersion:               tls.VersionTLS12,
+		CurvePreferences:         []tls.CurveID{tls.CurveP521, tls.CurveP384, tls.CurveP256},
+		PreferServerCipherSuites: true,
+		CipherSuites: []uint16{
+			tls.TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384,
+			tls.TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA,
+			tls.TLS_RSA_WITH_AES_256_GCM_SHA384,
+			tls.TLS_RSA_WITH_AES_256_CBC_SHA,
+		},
+	}
+
+	tr := &http.Transport{TLSClientConfig: tlsConf}
+
+	httpclient := &http.Client{Transport: tr}
+
+	log.Info("Issuing REST call", "URL", url, "Action", action)
+
+	// Get Web Server User
+	//secret := &corev1.Secret{}
+	err = c.Get(ctx, types.NamespacedName{Name: lrpdb.Spec.WebLrpdbServerUser.Secret.SecretName, Namespace: lrpdb.Namespace}, secret)
+	if err != nil {
+		if apierrors.IsNotFound(err) {
+			log.Info("Secret not found:" + lrpdb.Spec.WebLrpdbServerUser.Secret.SecretName)
+			return "", err
+		}
+		log.Error(err, "Unable to get the secret.")
+		return "", err
+	}
+	webUserEnc := string(secret.Data[lrpdb.Spec.WebLrpdbServerUser.Secret.Key])
+	webUserEnc = strings.TrimSpace(webUserEnc)
+
+	err = c.Get(ctx, types.NamespacedName{Name: lrpdb.Spec.LRPDBPriKey.Secret.SecretName, Namespace: lrpdb.Namespace}, secret)
+	if err != nil {
+		if apierrors.IsNotFound(err) {
+			log.Info("Secret not found:" + lrpdb.Spec.LRPDBPriKey.Secret.SecretName)
+			return "", err
+		}
+		log.Error(err, "Unable to get the secret.")
+		return "", err
+	}
+	privKey := string(secret.Data[lrpdb.Spec.LRPDBPriKey.Secret.Key])
+	webUser, err := CommonDecryptWithPrivKey2(privKey, webUserEnc, req)
+
+	// Get Web Server User Password
+	secret = &corev1.Secret{}
+	err = c.Get(ctx, types.NamespacedName{Name: lrpdb.Spec.WebLrpdbServerPwd.Secret.SecretName, Namespace: lrpdb.Namespace}, secret)
+	if err != nil {
+		if apierrors.IsNotFound(err) {
+			log.Info("Secret not found:" + lrpdb.Spec.WebLrpdbServerPwd.Secret.SecretName)
+			return "", err
+		}
+		log.Error(err, "Unable to get the secret.")
+		return "", err
+	}
+	webUserPwdEnc := string(secret.Data[lrpdb.Spec.WebLrpdbServerPwd.Secret.Key])
+	webUserPwdEnc = strings.TrimSpace(webUserPwdEnc)
+	webUserPwd, err := CommonDecryptWithPrivKey2(privKey, webUserPwdEnc, req)
+
+	var httpreq *http.Request
+	if action == "GET" {
+		httpreq, err = http.NewRequest(action, url, nil)
+	} else {
+		jsonValue, _ := json.Marshal(payload)
+		httpreq, err = http.NewRequest(action, url, bytes.NewBuffer(jsonValue))
+	}
+
+	if err != nil {
+		log.Info("Unable to create HTTP Request for LRPDB : "+lrpdb.Name, "err", err.Error())
+		return "", err
+	}
+
+	httpreq.Header.Add("Accept", "application/json")
+	httpreq.Header.Add("Content-Type", "application/json")
+	httpreq.SetBasicAuth(webUser, webUserPwd)
+
+	resp, err := httpclient.Do(httpreq)
+	if err != nil {
+		errmsg := err.Error()
+		log.Error(err, "Failed - Could not connect to LREST Pod", "err", err.Error())
+		lrpdb.Status.Msg = "Error: Could not connect to LREST Pod"
+		e.Eventf(lrpdb, corev1.EventTypeWarning, "LRESTError", errmsg)
+		return "", err
+	}
+
+	if resp.StatusCode != http.StatusOK {
+		bb, _ := ioutil.ReadAll(resp.Body)
+
+		if resp.StatusCode == 404 {
+			lrpdb.Status.ConnString = ""
+			lrpdb.Status.Msg = lrpdb.Spec.LRPDBName + " not found"
+
+		} else {
+			if flood_control == false {
+				lrpdb.Status.Msg = "LREST Error - HTTP Status Code:" + strconv.Itoa(resp.StatusCode)
+			}
+		}
+
+		if flood_control == false {
+			log.Info("LREST Error - HTTP Status Code :"+strconv.Itoa(resp.StatusCode), "Err", string(bb))
+		}
+
+		var apiErr LRESTError
+		json.Unmarshal([]byte(bb), &apiErr)
+		if flood_control == false {
+			e.Eventf(lrpdb, corev1.EventTypeWarning, "LRESTError", "Failed: %s", apiErr.Message)
+		}
+		fmt.Printf("\n================== APIERR ======================\n")
+		fmt.Printf("URL=%s\n", url)
+		fmt.Printf("resp.StatusCode=%s\n", strconv.Itoa(resp.StatusCode))
+		fmt.Printf("\n================== APIERR ======================\n")
+		flood_control = true
+		return "", errors.New("LREST Error")
+	}
+	flood_control = false
+
+	defer resp.Body.Close()
+
+	bodyBytes, err := ioutil.ReadAll(resp.Body)
+	if err != nil {
+		fmt.Print(err.Error())
+	}
+	respData := string(bodyBytes)
+	fmt.Print("CALL API return msg.....:")
+	fmt.Println(string(bodyBytes))
+
+	var apiResponse restSQLCollection
+	json.Unmarshal([]byte(bodyBytes), &apiResponse)
+	fmt.Printf("===> %#v\n", apiResponse)
+	fmt.Printf("===> %+v\n", apiResponse)
+
+	errFound := false
+	for _, sqlItem := range apiResponse.Items {
+		if sqlItem.ErrorDetails != "" {
+			log.Info("LREST Error - Oracle Error Code :" + strconv.Itoa(sqlItem.ErrorCode))
+			if !errFound {
+				lrpdb.Status.Msg = sqlItem.ErrorDetails
+			}
+			e.Eventf(lrpdb, corev1.EventTypeWarning, "OraError", "%s", sqlItem.ErrorDetails)
+			errFound = true
+		}
+	}
+
+	if errFound {
+		return "", errors.New("Oracle Error")
+	}
+
+	return respData, nil
+}
+
+func (r *LRPDBReconciler) GetSqlCode(rsp string, sqlcode *int) error {
+	log := r.Log.WithValues("GetSqlCode", "callAPI(...)")
+
+	var objmap map[string]interface{}
+	if err := json.Unmarshal([]byte(rsp), &objmap); err != nil {
+		log.Error(err, "failed to get respData from callAPI", "err", err.Error())
+		return err
+	}
+
+	*sqlcode = int(objmap["sqlcode"].(float64))
+	log.Info("sqlcode.......:ora-" + strconv.Itoa(*sqlcode))
+	if *sqlcode != 0 {
+		switch strconv.Itoa(*sqlcode) {
+		case "65019": /* already open */
+			return nil
+		case "65020": /* already closed */
+			return nil
+		}
+		err := fmt.Errorf("%v", sqlcode)
+		return err
+	}
+	return nil
+}
+
+func (r *LRPDBReconciler) GetRestricted(rsp string, restrictmode *string) error {
+	log := r.Log.WithValues("GetRestriced", "callAPI(...)")
+
+	var objmap map[string]interface{}
+	if err := json.Unmarshal([]byte(rsp), &objmap); err != nil {
+		log.Error(err, "failed to get respData from callAPI", "err", err.Error())
+		return err
+	}
+
+	*restrictmode = string(objmap["restricted"].(string))
+
+	return nil
+}
+
+func (r *LRPDBReconciler) GetPdbSize2(rsp string, pdbsize *string) error {
+	log := r.Log.WithValues("GetPdbSize2", "callAPI(...)")
+	var objmap map[string]interface{}
+	if err := json.Unmarshal([]byte(rsp), &objmap); err != nil {
+		log.Error(err, "failed to get respData from callAPI", "err", err.Error())
+		return err
+	}
+	*pdbsize = fmt.Sprintf("%4.2f", ((objmap["total_size"].(float64))/1024/1024/1024)) + "G"
+	return nil
+}
+
+func (r *LRPDBReconciler) GetOpenMode(rsp string, openmode *string) error {
+	log := r.Log.WithValues("GetRestriced", "callAPI(...)")
+
+	var objmap map[string]interface{}
+	if err := json.Unmarshal([]byte(rsp), &objmap); err != nil {
+		log.Error(err, "failed to get respData from callAPI", "err", err.Error())
+		return err
+	}
+
+	*openmode = string(objmap["open_mode"].(string))
+
+	return nil
+}
+
+/*
+************************************************
+  - Issue a REST API Call to the LREST container
+    /***********************************************
+*/
+func (r *LRPDBReconciler) callAPI(ctx context.Context, req ctrl.Request, lrpdb *dbapi.LRPDB, url string, payload map[string]string, action string) (string, error) {
+	log := r.Log.WithValues("callAPI", req.NamespacedName)
+
+	var err error
+
+	secret := &corev1.Secret{}
+
+	err = r.Get(ctx, types.NamespacedName{Name: lrpdb.Spec.LRPDBTlsKey.Secret.SecretName, Namespace: lrpdb.Namespace}, secret)
+
+	if err != nil {
+		if apierrors.IsNotFound(err) {
+			log.Info("Secret not found:" + lrpdb.Spec.LRPDBTlsKey.Secret.SecretName)
+			return "", err
+		}
+		log.Error(err, "Unable to get the secret.")
+		return "", err
+	}
+	rsaKeyPEM := secret.Data[lrpdb.Spec.LRPDBTlsKey.Secret.Key]
+
+	err = r.Get(ctx, types.NamespacedName{Name: lrpdb.Spec.LRPDBTlsCrt.Secret.SecretName, Namespace: lrpdb.Namespace}, secret)
+
+	if err != nil {
+		if apierrors.IsNotFound(err) {
+			log.Info("Secret not found:" + lrpdb.Spec.LRPDBTlsCrt.Secret.SecretName)
+			return "", err
+		}
+		log.Error(err, "Unable to get the secret.")
+		return "", err
+	}
+
+	rsaCertPEM := secret.Data[lrpdb.Spec.LRPDBTlsCrt.Secret.Key]
+
+	err = r.Get(ctx, types.NamespacedName{Name: lrpdb.Spec.LRPDBTlsCat.Secret.SecretName, Namespace: lrpdb.Namespace}, secret)
+
+	if err != nil {
+		if apierrors.IsNotFound(err) {
+			log.Info("Secret not found:" + lrpdb.Spec.LRPDBTlsCat.Secret.SecretName)
+			return "", err
+		}
+		log.Error(err, "Unable to get the secret.")
+		return "", err
+	}
+
+	caCert := secret.Data[lrpdb.Spec.LRPDBTlsCat.Secret.Key]
+	/*
+		r.Recorder.Eventf(lrpdb, corev1.EventTypeWarning, "LRESTINFO", string(rsaKeyPEM))
+		r.Recorder.Eventf(lrpdb, corev1.EventTypeWarning, "LRESTINFO", string(rsaCertPEM))
+		r.Recorder.Eventf(lrpdb, corev1.EventTypeWarning, "LRESTINFO", string(caCert))
+	*/
+
+	certificate, err := tls.X509KeyPair([]byte(rsaCertPEM), []byte(rsaKeyPEM))
+	if err != nil {
+		lrpdb.Status.Msg = "Error tls.X509KeyPair"
+		return "", err
+	}
+
+	caCertPool := x509.NewCertPool()
+	caCertPool.AppendCertsFromPEM(caCert)
+	/*
+			tlsConf := &tls.Config{Certificates: []tls.Certificate{certificate},
+		                               RootCAs: caCertPool}
+	*/
+	tlsConf := &tls.Config{Certificates: []tls.Certificate{certificate},
+		RootCAs: caCertPool,
+		//MinVersion:               tls.VersionTLS12,
+		CurvePreferences:         []tls.CurveID{tls.CurveP521, tls.CurveP384, tls.CurveP256},
+		PreferServerCipherSuites: true,
+		CipherSuites: []uint16{
+			tls.TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384,
+			tls.TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA,
+			tls.TLS_RSA_WITH_AES_256_GCM_SHA384,
+			tls.TLS_RSA_WITH_AES_256_CBC_SHA,
+		},
+	}
 
-	} else {
+	tr := &http.Transport{TLSClientConfig: tlsConf}
 
-		lrpdb.Status.Bitstat = bis(lrpdb.Status.Bitstat, MPINIT)
-		globalconfigmap = lrpdb.Spec.PDBConfigMap
-		DbParameters, err := r.GetConfigMap(ctx, req, lrpdb)
-		if err != nil {
-			log.Error(err, "Fail to fetch configmap ", "err", err.Error())
-			return nil
-		}
+	httpclient := &http.Client{Transport: tr}
 
-		//ParseConfigMapData(DbParameters)
+	log.Info("Issuing REST call", "URL", url, "Action", action)
 
-		return DbParameters
+	webUser, err := r.getEncriptedSecret(ctx, req, lrpdb, lrpdb.Spec.WebLrpdbServerUser.Secret.SecretName, lrpdb.Spec.WebLrpdbServerUser.Secret.Key, lrpdb.Spec.LRPDBPriKey.Secret.SecretName, lrpdb.Spec.LRPDBPriKey.Secret.Key)
+	if err != nil {
+		log.Error(err, "Unable to get webuser account name   ")
+		return "", err
 	}
 
-	return nil
-}
-
-func (r *LRPDBReconciler) GetConfigMap(ctx context.Context, req ctrl.Request, lrpdb *dbapi.LRPDB) (*corev1.ConfigMap, error) {
-	log := r.Log.WithValues("GetConfigMap", req.NamespacedName)
-	log.Info("ConfigMapGlobal.............:" + globalconfigmap)
-	DbParameters, err := k8s.FetchConfigMap(r.Client, lrpdb.Namespace, globalconfigmap)
+	webUserPwd, err := r.getEncriptedSecret(ctx, req, lrpdb, lrpdb.Spec.WebLrpdbServerPwd.Secret.SecretName, lrpdb.Spec.WebLrpdbServerPwd.Secret.Key, lrpdb.Spec.LRPDBPriKey.Secret.SecretName, lrpdb.Spec.LRPDBPriKey.Secret.Key)
 	if err != nil {
-		log.Error(err, "Fail to fetch configmap", "err", err.Error())
-		return nil, err
+		log.Error(err, "Unable to get webuser account password  ")
+		return "", err
 	}
 
-	return DbParameters, nil
-}
-
-func (r *LRPDBReconciler) ApplyConfigMap(ctx context.Context, req ctrl.Request, lrpdb *dbapi.LRPDB) (int32, error) {
-	log := r.Log.WithValues("ApplyConfigMap", req.NamespacedName)
-	/* We read the config map and apply the setting to the  pdb */
+	var httpreq *http.Request
+	if action == "GET" {
+		httpreq, err = http.NewRequest(action, url, nil)
+	} else {
+		jsonValue, _ := json.Marshal(payload)
+		httpreq, err = http.NewRequest(action, url, bytes.NewBuffer(jsonValue))
+	}
 
-	log.Info("Starting Apply Config Map Process")
-	configmap, err := r.GetConfigMap(ctx, req, lrpdb)
 	if err != nil {
-		log.Info("Cannot get config map in the open yaml file")
-		return 0, nil
-	}
-	Cardinality := int32(len(configmap.Data))
-	if Cardinality == 0 {
-		log.Info("Empty config map... nothing to do ")
-		return 0, nil
+		log.Info("Unable to create HTTP Request for LRPDB : "+lrpdb.Name, "err", err.Error())
+		return "", err
 	}
-	log.Info("GetConfigMap completed")
 
-	lrest, err := r.getLRESTResource(ctx, req, lrpdb)
+	httpreq.Header.Add("Accept", "application/json")
+	httpreq.Header.Add("Content-Type", "application/json")
+	httpreq.SetBasicAuth(webUser, webUserPwd)
+
+	resp, err := httpclient.Do(httpreq)
 	if err != nil {
-		log.Info("Cannot find lrest server")
-		return 0, nil
+		errmsg := err.Error()
+		log.Error(err, "Failed - Could not connect to LREST Pod", "err", err.Error())
+		lrpdb.Status.Msg = "Error: Could not connect to LREST Pod"
+		r.Recorder.Eventf(lrpdb, corev1.EventTypeWarning, "LRESTError", errmsg)
+		return "", err
 	}
-	tokens := lrcommons.ParseConfigMapData(configmap)
-	for cnt := range tokens {
-		if len(tokens[cnt]) != 0 {
-			/*  avoid null token and check malformed value  */
-			fmt.Printf("token=[%s]\n", tokens[cnt])
-			Parameter := strings.Split(tokens[cnt], " ")
-			if len(Parameter) != 3 {
-				log.Info("WARNING  malformed value in the configmap")
-			} else {
-				fmt.Printf("alter system set %s=%s scope=%s instances=all\n", Parameter[0], Parameter[1], Parameter[2])
-				/* Preparing PayLoad
-				   -----------------
-				   WARNING: event setting is not yet supported. It will be implemented in future release
-				*/
-				AlterSystemPayload := map[string]string{
-					"state":                "ALTER",
-					"alterSystemParameter": Parameter[0],
-					"alterSystemValue":     Parameter[1],
-					"parameterScope":       Parameter[2],
-				}
-				url := r.BaseUrl(ctx, req, lrpdb, lrest) + lrpdb.Spec.LRPDBName
-				respData, err := r.callAPI(ctx, req, lrpdb, url, AlterSystemPayload, "POST")
-				if err != nil {
-					log.Error(err, "callAPI failure durring Apply Config Map", "err", err.Error())
-					return 0, err
-				}
-				/* check sql code execution */
-				var retJson map[string]interface{}
-				if err := json.Unmarshal([]byte(respData), &retJson); err != nil {
-					log.Error(err, "failed to get Data from callAPI", "err", err.Error())
-					return 0, err
-				}
-				/* We do not the execution if something goes wrong for a single parameter
-				   just report the error in the event queue */
-				SqlCode := strconv.Itoa(int(retJson["sqlcode"].(float64)))
-				AlterMsg := fmt.Sprintf("pdb=%s:%s:%s:%s:%s", lrpdb.Spec.LRPDBName, Parameter[0], Parameter[1], Parameter[2], SqlCode)
-				log.Info("Config Map Apply:......." + AlterMsg)
 
-				if SqlCode != "0" {
-					r.Recorder.Eventf(lrpdb, corev1.EventTypeWarning, "LRESTINFO", AlterMsg)
-					lrpdb.Status.Bitstat = bis(lrpdb.Status.Bitstat, MPWARN)
-				}
+	if resp.StatusCode != http.StatusOK {
+		bb, _ := ioutil.ReadAll(resp.Body)
+
+		if resp.StatusCode == 404 {
+			lrpdb.Status.ConnString = ""
+			lrpdb.Status.Msg = lrpdb.Spec.LRPDBName + " not found"
 
+		} else {
+			if flood_control == false {
+				lrpdb.Status.Msg = "LREST Error - HTTP Status Code:" + strconv.Itoa(resp.StatusCode)
 			}
 		}
 
+		if flood_control == false {
+			log.Info("LREST Error - HTTP Status Code :"+strconv.Itoa(resp.StatusCode), "Err", string(bb))
+		}
+
+		var apiErr LRESTError
+		json.Unmarshal([]byte(bb), &apiErr)
+		if flood_control == false {
+			r.Recorder.Eventf(lrpdb, corev1.EventTypeWarning, "LRESTError", "Failed: %s", apiErr.Message)
+		}
+		fmt.Printf("\n================== APIERR ======================\n")
+		fmt.Printf("%+v \n", apiErr)
+		fmt.Printf("URL=%s\n", url)
+		fmt.Printf("resp.StatusCode=%s\n", strconv.Itoa(resp.StatusCode))
+		fmt.Printf("\n================== APIERR ======================\n")
+		flood_control = true
+		return "", errors.New("LREST Error")
 	}
+	flood_control = false
 
-	lrpdb.Status.Bitstat = bis(lrpdb.Status.Bitstat, MPAPPL)
+	defer resp.Body.Close()
 
-	return Cardinality, nil
-}
+	bodyBytes, err := ioutil.ReadAll(resp.Body)
+	if err != nil {
+		fmt.Print(err.Error())
+	}
+	respData := string(bodyBytes)
+	fmt.Print("CALL API return msg.....:")
+	fmt.Println(string(bodyBytes))
 
-func (r *LRPDBReconciler) ManageConfigMapForCloningAndPlugin(ctx context.Context, req ctrl.Request, lrpdb *dbapi.LRPDB) error {
-	log := r.Log.WithValues("ManageConfigMapForCloningAndPlugin", req.NamespacedName)
-	log.Info("Frame:")
-	/*
-	   If configmap parameter is set and init flag is not set
-	   then we need to iniialized the init mask. This is the case for
-	   pdb generated by clone and plug action
-	*/
-	if lrpdb.Spec.Action != "CREATE" && lrpdb.Spec.PDBConfigMap != "" && bit(lrpdb.Status.Bitstat, MPINIT) == false {
-		if r.InitConfigMap(ctx, req, lrpdb) == nil {
-			log.Info("Cannot initialize config map for pdb.........:" + lrpdb.Spec.LRPDBName)
-			return nil
-		}
-		log.Info("Call...........:ApplyConfigMap(ctx, req, lrpdb)")
-		Cardinality, _ := r.ApplyConfigMap(ctx, req, lrpdb)
-		log.Info("Cardnality:....:" + strconv.Itoa(int(Cardinality)))
-		if Cardinality == 0 {
-			return nil
+	var apiResponse restSQLCollection
+	json.Unmarshal([]byte(bodyBytes), &apiResponse)
+	fmt.Printf("===> %#v\n", apiResponse)
+	fmt.Printf("===> %+v\n", apiResponse)
+
+	errFound := false
+	for _, sqlItem := range apiResponse.Items {
+		if sqlItem.ErrorDetails != "" {
+			log.Info("LREST Error - Oracle Error Code :" + strconv.Itoa(sqlItem.ErrorCode))
+			if !errFound {
+				lrpdb.Status.Msg = sqlItem.ErrorDetails
+			}
+			r.Recorder.Eventf(lrpdb, corev1.EventTypeWarning, "OraError", "%s", sqlItem.ErrorDetails)
+			errFound = true
 		}
+	}
 
+	if errFound {
+		return "", errors.New("Oracle Error")
 	}
-	return nil
+
+	return respData, nil
 }
 
-func NewCallLAPI(intr interface{}, ctx context.Context, req ctrl.Request, lrpdb *dbapi.LRPDB, url string, payload map[string]string, action string) (string, error) {
+func NewCallAPISQL(intr interface{}, ctx context.Context, req ctrl.Request, lrpdb *dbapi.LRPDB, url string, payload interface{}, action string) (string, error) {
 	var c client.Client
 	var r logr.Logger
 	var e record.EventRecorder
+	var TestBuffer string
+	var jsonMap map[string]interface{}
 	var err error
 
 	recpdb, ok1 := intr.(*LRPDBReconciler)
@@ -2143,7 +2901,7 @@ func NewCallLAPI(intr interface{}, ctx context.Context, req ctrl.Request, lrpdb
 		r = reccdb.Log
 	}
 
-	log := r.WithValues("NewCallLAPI", req.NamespacedName)
+	log := r.WithValues("NewCallAPISQL", req.NamespacedName)
 
 	secret := &corev1.Secret{}
 
@@ -2203,8 +2961,7 @@ func NewCallLAPI(intr interface{}, ctx context.Context, req ctrl.Request, lrpdb
 		                               RootCAs: caCertPool}
 	*/
 	tlsConf := &tls.Config{Certificates: []tls.Certificate{certificate},
-		RootCAs: caCertPool,
-		//MinVersion:               tls.VersionTLS12,
+		RootCAs:                  caCertPool,
 		CurvePreferences:         []tls.CurveID{tls.CurveP521, tls.CurveP384, tls.CurveP256},
 		PreferServerCipherSuites: true,
 		CipherSuites: []uint16{
@@ -2245,7 +3002,7 @@ func NewCallLAPI(intr interface{}, ctx context.Context, req ctrl.Request, lrpdb
 		return "", err
 	}
 	privKey := string(secret.Data[lrpdb.Spec.LRPDBPriKey.Secret.Key])
-	webUser, err := lrcommons.CommonDecryptWithPrivKey(privKey, webUserEnc, req)
+	webUser, err := CommonDecryptWithPrivKey2(privKey, webUserEnc, req)
 
 	// Get Web Server User Password
 	secret = &corev1.Secret{}
@@ -2260,26 +3017,52 @@ func NewCallLAPI(intr interface{}, ctx context.Context, req ctrl.Request, lrpdb
 	}
 	webUserPwdEnc := string(secret.Data[lrpdb.Spec.WebLrpdbServerPwd.Secret.Key])
 	webUserPwdEnc = strings.TrimSpace(webUserPwdEnc)
-	webUserPwd, err := lrcommons.CommonDecryptWithPrivKey(privKey, webUserPwdEnc, req)
+	webUserPwd, err := CommonDecryptWithPrivKey2(privKey, webUserPwdEnc, req)
+
+	var Httpreq *http.Request
 
-	var httpreq *http.Request
 	if action == "GET" {
-		httpreq, err = http.NewRequest(action, url, nil)
+		Httpreq, err = http.NewRequest(action, url, nil)
 	} else {
-		jsonValue, _ := json.Marshal(payload)
-		httpreq, err = http.NewRequest(action, url, bytes.NewBuffer(jsonValue))
-	}
-
-	if err != nil {
-		log.Info("Unable to create HTTP Request for LRPDB : "+lrpdb.Name, "err", err.Error())
-		return "", err
+		/* Section to execute sql and plsql code */
+		payloadsql, ok4 := payload.(*PLSQLPayLoad)
+		if ok4 {
+			TestBuffer = ParseSQLPayload(payloadsql)
+			json.Unmarshal([]byte(TestBuffer), &jsonMap)
+			jsonValue, _ := json.Marshal(jsonMap)
+			Httpreq, err = http.NewRequest(action, url, bytes.NewBuffer(jsonValue))
+			if Bit(lrpdb.Spec.Debug, DBGAPI) {
+				fmt.Println("=========================PLSQLDEBUG==============================")
+				fmt.Println(string(jsonValue))
+				fmt.Println("=========================PLSQLDEBUG==============================")
+			}
+			if err != nil {
+				log.Info("Unable to create HTTP Request for LRPDB : "+lrpdb.Name, "err", err.Error())
+				return "", err
+			}
+		}
+		/* Section to execute standard pdb operation */
+		payloadpdb, ok3 := payload.(map[string]string)
+		if ok3 {
+			jsonValue, _ := json.Marshal(payloadpdb)
+			Httpreq, err = http.NewRequest(action, url, bytes.NewBuffer(jsonValue))
+			if Bit(lrpdb.Spec.Debug, DBGAPI) {
+				fmt.Println("=========================PLSQLDEBUG==============================")
+				fmt.Println(string(jsonValue))
+				fmt.Println("=========================PLSQLDEBUG==============================")
+			}
+			if err != nil {
+				log.Info("Unable to create HTTP Request for LRPDB : "+lrpdb.Name, "err", err.Error())
+				return "", err
+			}
+		}
 	}
 
-	httpreq.Header.Add("Accept", "application/json")
-	httpreq.Header.Add("Content-Type", "application/json")
-	httpreq.SetBasicAuth(webUser, webUserPwd)
+	Httpreq.Header.Add("Accept", "application/json")
+	Httpreq.Header.Add("Content-Type", "application/json")
+	Httpreq.SetBasicAuth(webUser, webUserPwd)
 
-	resp, err := httpclient.Do(httpreq)
+	resp, err := httpclient.Do(Httpreq)
 	if err != nil {
 		errmsg := err.Error()
 		log.Error(err, "Failed - Could not connect to LREST Pod", "err", err.Error())
@@ -2288,7 +3071,6 @@ func NewCallLAPI(intr interface{}, ctx context.Context, req ctrl.Request, lrpdb
 		return "", err
 	}
 
-	e.Eventf(lrpdb, corev1.EventTypeWarning, "Done", lrpdb.Spec.CDBResName)
 	if resp.StatusCode != http.StatusOK {
 		bb, _ := ioutil.ReadAll(resp.Body)
 
@@ -2313,7 +3095,6 @@ func NewCallLAPI(intr interface{}, ctx context.Context, req ctrl.Request, lrpdb
 		}
 		fmt.Printf("\n================== APIERR ======================\n")
 		fmt.Printf("%+v \n", apiErr)
-		fmt.Printf(string(bb))
 		fmt.Printf("URL=%s\n", url)
 		fmt.Printf("resp.StatusCode=%s\n", strconv.Itoa(resp.StatusCode))
 		fmt.Printf("\n================== APIERR ======================\n")
@@ -2330,6 +3111,8 @@ func NewCallLAPI(intr interface{}, ctx context.Context, req ctrl.Request, lrpdb
 	}
 	respData := string(bodyBytes)
 	fmt.Print("CALL API return msg.....:")
+	fmt.Printf("%s\n", respData)
+
 	fmt.Println(string(bodyBytes))
 
 	var apiResponse restSQLCollection
@@ -2356,26 +3139,90 @@ func NewCallLAPI(intr interface{}, ctx context.Context, req ctrl.Request, lrpdb
 	return respData, nil
 }
 
-func (r *LRPDBReconciler) GetSqlCode(rsp string, sqlcode *int) error {
-	log := r.Log.WithValues("GetSqlCode", "callAPI(...)")
+func ParseSQLPayload(payload *PLSQLPayLoad) string {
+	var Buffer string
 
-	var objmap map[string]interface{}
-	if err := json.Unmarshal([]byte(rsp), &objmap); err != nil {
-		log.Error(err, "failed to get respData from callAPI", "err", err.Error())
-		return err
+	cnt := 0
+	Buffer = "{"
+	for key, value := range payload.Values {
+		Buffer += "\"" + key + "\" : \"" + value + "\","
 	}
 
-	*sqlcode = int(objmap["sqlcode"].(float64))
-	log.Info("sqlcode.......:ora-" + strconv.Itoa(*sqlcode))
-	if *sqlcode != 0 {
-		switch strconv.Itoa(*sqlcode) {
-		case "65019": /* already open */
-			return nil
-		case "65020": /* already closed */
-			return nil
+	Nelem := len(payload.Sqltokens)
+	fmt.Printf("ParseSQLPayload :: Num tokens %d\n", Nelem)
+	Buffer += "\"Sqltokens\":["
+	for _, value := range payload.Sqltokens {
+		Buffer += "\"" + value + "\""
+		if cnt < (Nelem - 1) {
+			Buffer += ","
 		}
-		err := fmt.Errorf("%v", sqlcode)
+		cnt++
+	}
+
+	Buffer += "]}"
+	fmt.Printf("ParseSQLPayload :: %s\n", Buffer)
+	return Buffer
+}
+
+func (r *LRPDBReconciler) AutoDiscoverActivation(ctx context.Context, req ctrl.Request, lrpdb *dbapi.LRPDB, active bool) error {
+
+	log := r.Log.WithValues("AutoDiscoverActivation", req.NamespacedName)
+	if active == false {
+		log.Info("Disable autodiscover")
+	} else {
+		log.Info("Enable autodiscover")
+	}
+
+	var lrest dbapi.LREST
+	lrestResName := lrpdb.Spec.CDBResName
+	lrestNamespace := lrpdb.Spec.CDBNamespace
+	err := r.Get(context.Background(), client.ObjectKey{
+		Namespace: lrestNamespace,
+		Name:      lrestResName,
+	}, &lrest)
+	lrest.Spec.PdbAutoDiscover = active
+	err = r.Update(context.TODO(), &lrest)
+	if err != nil {
 		return err
 	}
+
 	return nil
 }
+
+func (r *LRPDBReconciler) GetPdbSize(ctx context.Context, req ctrl.Request, lrpdb *dbapi.LRPDB, pdbaname string) string {
+	log := r.Log.WithValues("GetPdbSize", req.NamespacedName)
+	var PdbSize string
+	// if we cannot get the pdbsize ,whatever reason, we return "undefined" size
+	lrest, err := r.getLRESTResource(ctx, req, lrpdb)
+	if err != nil {
+		log.Info("Cannot get lrest server")
+		return "undefined"
+	}
+
+	lrpdbName := lrpdb.Spec.LRPDBName
+	url := r.BaseUrl(ctx, req, lrpdb, lrest) + lrpdbName + "/status/"
+
+	respData, err := NewCallAPISQL(r, ctx, req, lrpdb, url, nil, "GET")
+	if err != nil {
+		log.Error(err, "Failure NewCallAPISQL( "+url+")", "err", err.Error())
+		return "undefined"
+	}
+
+	var objmap map[string]interface{}
+	if err := json.Unmarshal([]byte(respData), &objmap); err != nil {
+		log.Error(err, "Failed json.Unmarshal :"+lrpdbName, "err", err.Error())
+		return "undefined"
+	}
+
+	PdbSize = fmt.Sprintf("%4.2f", ((objmap["total_size"].(float64))/1024/1024/1024)) + "G"
+	return PdbSize
+}
+
+func (r *LRPDBReconciler) UpdateStatus(ctx context.Context, req ctrl.Request, lrpdb *databasev4.LRPDB) {
+	log := r.Log.WithValues("UpdateStatus", req.NamespacedName)
+	err := r.Status().Update(ctx, lrpdb)
+	if err != nil {
+		fmt.Printf("[1]Error updating status\n")
+		log.Error(err, err.Error())
+	}
+}
diff --git a/controllers/database/oraclerestart_controller.go b/controllers/database/oraclerestart_controller.go
new file mode 100644
index 00000000..b42f8302
--- /dev/null
+++ b/controllers/database/oraclerestart_controller.go
@@ -0,0 +1,3529 @@
+/*
+** Copyright (c) 2022 Oracle and/or its affiliates.
+**
+** The Universal Permissive License (UPL), Version 1.0
+**
+** Subject to the condition set forth below, permission is hereby granted to any
+** person obtaining a copy of this software, associated documentation and/or data
+** (collectively the "Software"), free of charge and under any and all copyright
+** rights in the Software, and any and all patent rights owned or freely
+** licensable by each licensor hereunder covering either (i) the unmodified
+** Software as contributed to or provided by such licensor, or (ii) the Larger
+** Works (as defined below), to deal in both
+**
+** (a) the Software, and
+** (b) any piece of software and/or hardware listed in the lrgrwrks.txt file if
+** one is included with the Software (each a "Larger Work" to which the Software
+** is contributed by such licensors),
+**
+** without restriction, including without limitation the rights to copy, create
+** derivative works of, display, perform, and distribute the Software and make,
+** use, sell, offer for sale, import, export, have made, and have sold the
+** Software and the Larger Work(s), and to sublicense the foregoing rights on
+** either these or other terms.
+**
+** This license is subject to the following condition:
+** The above copyright notice and either this complete permission notice or at
+** a minimum a reference to the UPL must be included in all copies or
+** substantial portions of the Software.
+**
+** THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+** IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+** FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+** AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+** LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+** OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+** SOFTWARE.
+ */
+
+package controllers
+
+import (
+	"bytes"
+	"context"
+	"encoding/json"
+	"errors"
+	"fmt"
+	"reflect"
+	"strconv"
+	"strings"
+	"time"
+
+	"github.com/go-logr/logr"
+	oraclerestartdb "github.com/oracle/oracle-database-operator/apis/database/v4"
+	oraclerestartcommon "github.com/oracle/oracle-database-operator/commons/oraclerestart"
+	utils "github.com/oracle/oracle-database-operator/commons/oraclerestart/utils"
+	appsv1 "k8s.io/api/apps/v1"
+	corev1 "k8s.io/api/core/v1"
+	storagev1 "k8s.io/api/storage/v1"
+	apierrors "k8s.io/apimachinery/pkg/api/errors"
+	"k8s.io/apimachinery/pkg/api/meta"
+	"k8s.io/apimachinery/pkg/api/resource"
+	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
+	"k8s.io/apimachinery/pkg/runtime"
+	"k8s.io/apimachinery/pkg/types"
+	"k8s.io/client-go/kubernetes"
+	"k8s.io/client-go/rest"
+	"k8s.io/client-go/tools/clientcmd"
+	"k8s.io/client-go/tools/record"
+	ctrl "sigs.k8s.io/controller-runtime"
+	"sigs.k8s.io/controller-runtime/pkg/client"
+	"sigs.k8s.io/controller-runtime/pkg/controller"
+	"sigs.k8s.io/controller-runtime/pkg/controller/controllerutil"
+	"sigs.k8s.io/controller-runtime/pkg/reconcile"
+)
+
+// OracleRestartReconciler reconciles a OracleRestart object
+type OracleRestartReconciler struct {
+	client.Client
+	Log        logr.Logger
+	Scheme     *runtime.Scheme
+	Config     *rest.Config
+	kubeClient kubernetes.Interface
+	kubeConfig clientcmd.ClientConfig
+	Recorder   record.EventRecorder
+}
+
+const oracleRestartFinalizer = "database.oracle.com/oraclerestartfinalizer"
+
+//+kubebuilder:rbac:groups="database.oracle.com",resources=oraclerestarts,verbs=get;list;watch;create;update;patch;delete
+//+kubebuilder:rbac:groups="database.oracle.com",resources=oraclerestarts/status,verbs=get;update;patch
+//+kubebuilder:rbac:groups="database.oracle.com",resources=oraclerestarts/finalizers,verbs=get;create;update;patch;delete
+//+kubebuilder:rbac:groups="",resources=pods;pods/log;pods/exec;secrets;endpoints;services;events;configmaps;persistentvolumes;persistentvolumeclaims;namespaces,verbs=get;list;watch;create;update;patch;delete
+//+kubebuilder:rbac:groups="apps",resources=statefulsets,verbs=get;list;watch;create;update;patch;delete
+//+kubebuilder:rbac:groups='',resources=statefulsets/finalizers,verbs=get;list;watch;create;update;patch;delete
+
+// Reconcile is part of the main kubernetes reconciliation loop which aims to
+// move the current state of the cluster closer to the desired state.
+// TODO(user): Modify the Reconcile function to compare the state specified by
+// the OracleRestart object against the actual cluster state, and then
+// perform operations to make the cluster state reflect the state specified by
+// the user.
+//
+// For more details, check Reconcile and its Result here:
+// - https://pkg.go.dev/sigs.k8s.io/controller-runtime@v0.6.4/pkg/reconcile
+func (r *OracleRestartReconciler) Reconcile(ctx context.Context, req ctrl.Request) (ctrl.Result, error) {
+
+	//ctx := context.Background()
+	_ = r.Log.WithValues("oraclerestart", req.NamespacedName)
+	r.Log.Info("Reconcile requested")
+	var result ctrl.Result
+	var err error
+	completed := false
+	blocked := false
+	// var svcType string
+	var nilErr error = nil
+
+	resultNq := ctrl.Result{Requeue: false}
+	resultQ := ctrl.Result{Requeue: true, RequeueAfter: 60 * time.Second}
+
+	oracleRestart := &oraclerestartdb.OracleRestart{}
+	configMapData := make(map[string]string)
+
+	// Execute for every reconcile
+	defer r.updateReconcileStatus(oracleRestart, ctx, req, &result, &err, &blocked, &completed)
+
+	err = r.Get(ctx, types.NamespacedName{Namespace: req.Namespace, Name: req.Name}, oracleRestart)
+	if err != nil {
+		if apierrors.IsNotFound(err) {
+			r.Log.Info("Resource not found")
+			return requeueN, nil
+		}
+		r.Log.Error(err, err.Error())
+		oracleRestart.Spec.IsFailed = true
+		return resultQ, err
+	}
+
+	// Retrieve the old spec from annotations
+	oldSpec, err := r.GetOldSpec(oracleRestart)
+	if err != nil {
+		r.Log.Error(err, "Failed to update old spec annotation")
+		oracleRestart.Spec.IsFailed = true
+		return resultQ, nil
+	}
+
+	// Initialize oracleRestart.Status if it's not already initialized
+	if oracleRestart.Status.ConfigParams == nil {
+		oracleRestart.Status.ConfigParams = &oraclerestartdb.InitParams{}
+	}
+
+	// Initialize ConfigParams fields if they are not already initialized
+	if oracleRestart.Status.ConfigParams.DbHome == "" {
+		oracleRestart.Status.ConfigParams.DbHome = string(oraclerestartdb.OracleRestartFieldNotDefined)
+	}
+	if oracleRestart.Status.DbState == "" {
+		oracleRestart.Status.State = string(oraclerestartdb.OracleRestartPendingState)
+		oracleRestart.Status.DbState = string(oraclerestartdb.OracleRestartPendingState)
+		oracleRestart.Status.Role = string(oraclerestartdb.OracleRestartFieldNotDefined)
+		oracleRestart.Status.ConnectString = string(oraclerestartdb.OracleRestartFieldNotDefined)
+		oracleRestart.Status.PdbConnectString = string(oraclerestartdb.OracleRestartFieldNotDefined)
+		oracleRestart.Status.ExternalConnectString = string(oraclerestartdb.OracleRestartFieldNotDefined)
+		oracleRestart.Status.ReleaseUpdate = string(oraclerestartdb.OracleRestartFieldNotDefined)
+		oracleRestart.Status.ConfigParams.DbHome = string(oraclerestartdb.OracleRestartFieldNotDefined)
+		oracleRestart.Status.ConfigParams.GridHome = string(oraclerestartdb.OracleRestartFieldNotDefined)
+		r.Status().Update(ctx, oracleRestart)
+	}
+
+	// Kube Client Config Setup
+	if r.kubeConfig == nil && r.kubeClient == nil {
+		r.kubeConfig, r.kubeClient, err = oraclerestartcommon.GetRacK8sClientConfig(r.Client)
+		if err != nil {
+			return ctrl.Result{}, err
+		}
+	}
+
+	// Manage OracleRestart Deletion , if delete topology is called
+	err = r.manageOracleRestartDeletion(req, ctx, oracleRestart)
+	if err != nil {
+		result = resultNq
+		return result, err
+	}
+
+	// cleanup RAC Instance
+	// This is a special case if user wants just delete the pod and recreate it
+	_, err = r.cleanupOracleRestartInstance(req, ctx, oracleRestart)
+	if err != nil {
+		result = resultQ
+		r.Log.Info(err.Error())
+		return result, nilErr
+	}
+
+	// debugging
+	err = checkOracleRestartState(oracleRestart)
+	if err != nil {
+		result = resultQ
+		r.Log.Info("Oracle Restart object is in restricted state, returning back")
+		return result, nilErr
+	}
+
+	// First Validate
+	err = r.validateSpex(oracleRestart, oldSpec, ctx)
+	if err != nil {
+		r.Log.Info("Spec validation failed")
+		result = resultQ
+		r.Log.Info(err.Error())
+		return result, nilErr
+	}
+
+	err = r.setDefaults(oracleRestart)
+	if err != nil {
+		//	time.Sleep(30 * time.Second)
+		result = resultQ
+		r.Log.Info(err.Error())
+		return result, nilErr
+	}
+
+	// Update RAC ConfigParams
+	err = r.updateGiConfigParamStatus(oracleRestart)
+	if err != nil {
+		//	time.Sleep(30 * time.Second)
+		result = resultQ
+		r.Log.Info(err.Error())
+		return result, nilErr
+	}
+
+	err = r.updateDbConfigParamStatus(oracleRestart)
+	if err != nil {
+		//	time.Sleep(30 * time.Second)
+		result = resultQ
+		r.Log.Info(err.Error())
+		err = nilErr
+		return result, err
+	}
+
+	if oracleRestart.Spec.ConfigParams != nil {
+		configMapData, err = r.generateConfigMap(oracleRestart)
+		if err != nil {
+			result = resultNq
+			return result, err
+		}
+	}
+	var svcType string
+
+	result, err = r.createOrReplaceService(ctx, oracleRestart, oraclerestartcommon.BuildServiceDefForOracleRestart(oracleRestart, 0, oracleRestart.Spec.InstDetails, "local"))
+	if err != nil {
+		result = resultNq
+		return result, err
+	}
+
+	if len(oracleRestart.Spec.NodePortSvc.PortMappings) != 0 {
+		result, err = r.createOrReplaceService(ctx, oracleRestart, oraclerestartcommon.BuildExternalServiceDefForOracleRestart(oracleRestart, 0, oracleRestart.Spec.InstDetails, svcType, "nodeport"))
+		if err != nil {
+			result = resultNq
+			return result, err
+		}
+	}
+
+	if len(oracleRestart.Spec.LbService.PortMappings) != 0 {
+		result, err = r.createOrReplaceService(ctx, oracleRestart, oraclerestartcommon.BuildExternalServiceDefForOracleRestart(oracleRestart, 0, oracleRestart.Spec.InstDetails, svcType, "lbservice"))
+		if err != nil {
+			result = resultNq
+			return result, err
+		}
+	}
+
+	r.ensureAsmStorageStatus(oracleRestart)
+	isNewSetup := true
+	for _, n := range oracleRestart.Status.OracleRestartNodes {
+		if n.NodeDetails.State == "AVAILABLE" &&
+			n.NodeDetails.InstanceState == "OPEN" &&
+			n.NodeDetails.PodState == "AVAILABLE" &&
+			n.NodeDetails.ClusterState == "HEALTHY" &&
+			len(n.NodeDetails.MountedDevices) > 0 {
+			// Found at least one node that is healthy and operational
+			isNewSetup = false
+			break
+		}
+	}
+
+	isDiskChanged := false
+	addedAsmDisks := []string{}
+	removedAsmDisks := []string{}
+	if !isNewSetup {
+		if oldSpec != nil { // old spec required for comparison
+			// Check each RAC node for mounted devices
+			for index, _ := range oracleRestart.Status.OracleRestartNodes {
+				addedAsmDisks, removedAsmDisks = getAddedAndRemovedDisks(oracleRestart, oldSpec, index)
+				if len(addedAsmDisks) > 0 && len(removedAsmDisks) > 0 {
+					r.Log.Info("Detected Addition as well as Deletion, setup cannot run both together", "addedAsmDisks", addedAsmDisks, "removedAsmDisks", removedAsmDisks)
+					result = resultQ
+					return result, err
+				}
+				// You can now use the added and removed disks as needed
+				if len(addedAsmDisks) > 0 {
+					r.Log.Info("Detected Addition of ASM Disks:", "addedAsmDisks", addedAsmDisks)
+				}
+
+				if len(removedAsmDisks) > 0 {
+					r.Log.Info("Detected Removal of ASM Disks:", "removedAsmDisks", removedAsmDisks)
+				}
+				if len(addedAsmDisks) > 0 || len(removedAsmDisks) > 0 {
+
+					isDiskChanged = true
+					break // Exit loop once a difference is found
+				}
+			}
+		}
+	}
+
+	var autoUpdate bool
+	// Initialize autoUpdate based on the AutoUpdate field in the specification
+	switch strings.ToLower(oracleRestart.Spec.AsmStorageDetails.AutoUpdate) {
+	case "false":
+		// If AutoUpdate is explicitly set to "false" by the user, set autoUpdate to false
+		autoUpdate = false
+		r.Log.Info("Initialized autoUpdate from provided specification", "autoUpdate", autoUpdate)
+	default:
+		// If AutoUpdate is not set or is set to any value other than "false", default to true
+		autoUpdate = true
+		r.Log.Info("Initialized autoUpdate as true (default)")
+	}
+
+	// PV Creation
+	if oraclerestartcommon.CheckStorageClass(oracleRestart) == "NOSC" {
+		if isNewSetup || isDiskChanged {
+			if oracleRestart.Spec.AsmStorageDetails != nil {
+				for _, diskBySize := range oracleRestart.Spec.AsmStorageDetails.DisksBySize {
+					for _, diskName := range diskBySize.DiskNames {
+						pvName := oraclerestartcommon.GetAsmPvName(oracleRestart.Name, diskName, oracleRestart)
+						pvVolume := oraclerestartcommon.VolumePVForASM(
+							oracleRestart,
+							diskName,
+							diskBySize.StorageSizeInGb,
+							oracleRestart.Spec.AsmStorageDetails,
+							pvName,
+							r.Client,
+						)
+						// if pvVolume == nil {
+						// 	r.Log.Info("VolumePVForASM returned nil for Dynamic Provisioning", "diskName", diskName, "index", index)
+						// 	continue // or return error
+						// }
+						_, result, err = r.createOrReplaceAsmPv(ctx, oracleRestart, pvVolume)
+						if err != nil {
+							result = resultNq
+							return result, err
+						}
+					}
+				}
+			}
+		}
+
+		// PVC Creation
+		if isNewSetup || isDiskChanged {
+			if oracleRestart.Spec.AsmStorageDetails != nil {
+				for _, diskBySize := range oracleRestart.Spec.AsmStorageDetails.DisksBySize {
+					for _, diskName := range diskBySize.DiskNames {
+						dgType := oraclerestartcommon.CheckDiskInAsmDeviceList(oracleRestart, diskName)
+						pvcName := oraclerestartcommon.GetAsmPvcName(oracleRestart.Name, diskName, oracleRestart)
+						pvcVolume := oraclerestartcommon.VolumePVCForASM(
+							oracleRestart,
+							diskBySize.StorageSizeInGb,
+							diskName,
+							diskBySize.StorageSizeInGb,
+							oracleRestart.Spec.AsmStorageDetails,
+							pvcName,
+							dgType,
+							r.Client,
+						)
+
+						_, result, err = r.createOrReplaceAsmPvC(ctx, oracleRestart, pvcVolume)
+						if err != nil {
+							result = resultNq
+							return result, err
+						}
+					}
+				}
+			}
+		}
+	}
+
+	index := 0
+	isLast := true
+	oldState := oracleRestart.Status.State
+	if !utils.CheckStatusFlag(oracleRestart.Spec.InstDetails.IsDelete) {
+		switch {
+		case isNewSetup && !isDiskChanged:
+			cmName := oracleRestart.Spec.InstDetails.Name + oracleRestart.Name + "-cmap"
+			cm := oraclerestartcommon.ConfigMapSpecs(oracleRestart, configMapData, cmName)
+			result, configmapEnvKeyChanged, err := r.createConfigMap(ctx, *oracleRestart, cm)
+			if err != nil {
+				// handle error
+			}
+			if err != nil {
+				result = resultNq
+				return result, err
+			}
+			err = oraclerestartcommon.CreateServiceAccountIfNotExists(oracleRestart, r.Client)
+			if err != nil {
+				result = resultNq
+				return result, err
+			}
+
+			oracleRestart.Spec.InstDetails.EnvFile = cmName
+			dep := oraclerestartcommon.BuildStatefulSetForOracleRestart(oracleRestart, oracleRestart.Spec.InstDetails, r.Client)
+			result, err = r.createOrReplaceSfs(ctx, req, *oracleRestart, dep, index, isLast, oldState, configmapEnvKeyChanged)
+			if err != nil {
+				result = resultNq
+				return result, err
+			}
+
+		case isDiskChanged && !isNewSetup:
+			if oraclerestartcommon.CheckStorageClass(oracleRestart) == "NOSC" {
+				if len(addedAsmDisks) > 0 {
+					err = r.validateASMDisks(oracleRestart, ctx)
+					if err != nil {
+						result = resultQ
+						r.Log.Info(err.Error())
+						err = nilErr
+						return result, err
+					}
+					if ready, err := checkDaemonSetStatus(ctx, r, oracleRestart); err != nil || !ready {
+						msg := "Any of provided ASM Disks are invalid, pls check disk-check daemon set for logs. Fix the asm disk to the valid one and redeploy."
+						r.Log.Info(msg)
+						err = r.cleanupDaemonSet(oracleRestart, ctx)
+						if err != nil {
+							result = resultQ
+							r.Log.Info(err.Error())
+							err = nilErr
+							return result, err
+						}
+						addedAsmDisksMap := make(map[string]bool)
+						for _, disk := range addedAsmDisks {
+							addedAsmDisksMap[disk] = true
+						}
+						for pindex, diskBySize := range oracleRestart.Spec.AsmStorageDetails.DisksBySize {
+							for cindex, diskName := range diskBySize.DiskNames {
+								if _, ok := addedAsmDisksMap[diskName]; ok {
+									// r.Log.Info("Found disk at index", "index", index)
+
+									err = oraclerestartcommon.DelORestartPVC(oracleRestart, pindex, cindex, diskName, oracleRestart.Spec.AsmStorageDetails, r.Client, r.Log)
+									if err != nil {
+										return resultQ, err
+									}
+
+									err = oraclerestartcommon.DelORestartPv(oracleRestart, pindex, cindex, diskName, oracleRestart.Spec.AsmStorageDetails, r.Client, r.Log)
+									if err != nil {
+										return resultQ, err
+									}
+								}
+							}
+						}
+
+						if err = r.SetCurrentSpec(ctx, oracleRestart, req); err != nil {
+							r.Log.Error(err, "Failed to set current spec annotation")
+							oracleRestart.Spec.IsFailed = true
+							return resultQ, err
+						}
+						return result, errors.New(msg)
+					} else {
+						r.Log.Info("Provided ASM Disks are valid, proceeding further")
+					}
+				}
+			}
+			cmName := oracleRestart.Spec.InstDetails.Name + oracleRestart.Name + "-cmap"
+			configMapDataAutoUpdate, err := r.generateConfigMapAutoUpdate(ctx, oracleRestart, cmName)
+			if err != nil {
+				result = resultNq
+				return result, err
+			}
+			result, err = r.updateConfigMap(ctx, oracleRestart, configMapDataAutoUpdate, cmName)
+			if err != nil {
+				result = resultNq
+				return result, err
+			}
+			r.Log.Info("Config Map updated successfully with new asm details")
+			oracleRestart.Spec.InstDetails.EnvFile = cmName
+			result, err = r.createOrReplaceSfsAsm(ctx, req, oracleRestart, oraclerestartcommon.BuildStatefulSetForOracleRestart(oracleRestart, oracleRestart.Spec.InstDetails, r.Client), autoUpdate, index, isLast, oldSpec)
+			if err != nil {
+				if autoUpdate {
+					result = resultQ
+				} else {
+					result = resultNq
+				}
+				result = resultQ
+				return result, err
+			}
+		}
+	}
+	if oraclerestartcommon.CheckStorageClass(oracleRestart) == "NOSC" {
+		if len(addedAsmDisks) > 0 {
+
+			err = r.cleanupDaemonSet(oracleRestart, ctx)
+			if err != nil {
+				result = resultQ
+				r.Log.Info(err.Error())
+				err = nilErr
+				return result, err
+			}
+		}
+	}
+
+	if oracleRestart.Spec.EnableOns == "enable" || oracleRestart.Spec.EnableOns == "disable" {
+		OraRestartSpex := oracleRestart.Spec.InstDetails
+		orestartSfSet, err := oraclerestartcommon.CheckSfset(OraRestartSpex.Name, oracleRestart, r.Client)
+		if err != nil {
+			r.updateOracleRestartInstStatus(oracleRestart, ctx, req, OraRestartSpex, string(oraclerestartdb.StatefulSetNotFound), r.Client, false)
+			return ctrl.Result{}, err
+		}
+
+		podList, err := oraclerestartcommon.GetPodList(orestartSfSet.Name, oracleRestart, r.Client, oracleRestart.Spec.InstDetails)
+		if err != nil {
+			r.Log.Error(err, "Failed to list pods")
+			return ctrl.Result{}, err
+		}
+		// default is to start
+		onsOp := "start"
+		if oracleRestart.Spec.EnableOns == "disable" {
+			onsOp = "stop"
+		}
+
+		err = r.updateONS(ctx, podList, oracleRestart, onsOp)
+		if err != nil {
+			return ctrl.Result{}, err
+		}
+	}
+
+	err = r.expandStorageClassSWVolume(ctx, oracleRestart, oldSpec)
+	if err != nil {
+		return ctrl.Result{}, err
+	}
+
+	completed = true
+	// // Update the current spec after successful reconciliation
+	if err = r.SetCurrentSpec(ctx, oracleRestart, req); err != nil {
+		r.Log.Error(err, "Failed to set current spec annotation")
+		oracleRestart.Spec.IsFailed = true
+		return resultQ, err
+	}
+	r.Log.Info("Reconcile completed. Requeuing....")
+	// uncomment this only to debugging null pointer exception
+	// r.updateReconcileStatus(OracleRestart, ctx, req, &result, &err, &blocked, &completed)
+	// time.Sleep(1 * time.Minute)
+	return resultQ, nil
+}
+
+// Function to check the RAC topology state and return/dont proceed when matched.
+func checkOracleRestartState(oracleRestart *oraclerestartdb.OracleRestart) error {
+	if oracleRestart.Status.State == string(oraclerestartdb.OracleRestartProvisionState) ||
+		oracleRestart.Status.State == string(oraclerestartdb.OracleRestartUpdateState) ||
+		oracleRestart.Status.State == string(oraclerestartdb.OracleRestartPodAvailableState) ||
+		oracleRestart.Status.State == string(oraclerestartdb.OracleRestartAddInstState) ||
+		oracleRestart.Status.State == string(oraclerestartdb.OracleRestartDeletingState) ||
+		oracleRestart.Status.State == string(oraclerestartdb.OracleRestartFailedState) ||
+		oracleRestart.Status.State == string(oraclerestartdb.OracleRestartManualState) ||
+		oracleRestart.Spec.IsFailed ||
+		oracleRestart.Spec.IsManual {
+		return errors.New(fmt.Sprintf("oracle restart database is in a restricted state: %s", oracleRestart.Status.State))
+	}
+	return nil
+}
+
+func (r *OracleRestartReconciler) generateConfigMapAutoUpdate(ctx context.Context, instance *oraclerestartdb.OracleRestart, cmName string) (map[string]string, error) {
+	// Fetch the existing ConfigMap
+	cm := &corev1.ConfigMap{}
+	err := r.Client.Get(ctx, types.NamespacedName{Name: cmName, Namespace: instance.Namespace}, cm)
+	if err != nil {
+		return nil, err
+	}
+	r.Log.Info("Updating existing configmap")
+	// Get the existing config map data
+	configMapData := cm.Data
+	envFileData := configMapData["envfile"]
+	envVars := make(map[string]string)
+
+	// Parse the envfile into a map
+	lines := strings.Split(envFileData, "\r\n")
+	for _, line := range lines {
+		parts := strings.SplitN(line, "=", 2)
+		if len(parts) == 2 {
+			envVars[parts[0]] = parts[1]
+		}
+	}
+
+	// Get latest ASM devices
+	asmDevices := oraclerestartcommon.GetAsmDevices(instance)
+
+	// Update selective fields
+	if instance.Spec.ConfigParams.CrsAsmDeviceList != "" {
+		envVars["CRS_ASM_DEVICE_LIST"] = instance.Spec.ConfigParams.CrsAsmDeviceList
+	} else {
+		envVars["CRS_ASM_DEVICE_LIST"] = asmDevices
+	}
+
+	if instance.Spec.ConfigParams.RecoAsmDeviceList != "" {
+		envVars["RECO_ASM_DEVICE_LIST"] = instance.Spec.ConfigParams.RecoAsmDeviceList
+	} else if instance.Status.ConfigParams != nil && instance.Status.ConfigParams.RecoAsmDeviceList != "" {
+		envVars["RECO_ASM_DEVICE_LIST"] = instance.Status.ConfigParams.RecoAsmDeviceList
+	}
+
+	if instance.Spec.ConfigParams.RedoAsmDeviceList != "" {
+		envVars["REDO_ASM_DEVICE_LIST"] = instance.Spec.ConfigParams.RedoAsmDeviceList
+	} else if instance.Status.ConfigParams != nil && instance.Status.ConfigParams.RedoAsmDeviceList != "" {
+		envVars["REDO_ASM_DEVICE_LIST"] = instance.Status.ConfigParams.RedoAsmDeviceList
+	}
+
+	// Convert the envVars map back to a single string
+	var updatedData []string
+	for key, value := range envVars {
+		updatedData = append(updatedData, fmt.Sprintf("%s=%s", key, value))
+	}
+	configMapData["envfile"] = strings.Join(updatedData, "\r\n")
+
+	return configMapData, nil
+}
+
+func (r *OracleRestartReconciler) updateConfigMap(ctx context.Context, instance *oraclerestartdb.OracleRestart, configMapData map[string]string, cmName string) (ctrl.Result, error) {
+	cm := &corev1.ConfigMap{
+		ObjectMeta: metav1.ObjectMeta{
+			Name:      cmName,
+			Namespace: instance.Namespace,
+		},
+		Data: configMapData,
+	}
+
+	err := r.Client.Update(ctx, cm)
+	if err != nil {
+		return ctrl.Result{}, err
+	}
+
+	return ctrl.Result{}, nil
+}
+
+// #############################################################################
+//
+//	Update each reconcile condition/status
+//
+// #############################################################################
+func (r *OracleRestartReconciler) updateReconcileStatus(oracleRestart *oraclerestartdb.OracleRestart, ctx context.Context, req ctrl.Request, result *ctrl.Result, err *error, blocked *bool, completed *bool) {
+	const maxRetries = 5
+	const retryDelay = 2 * time.Second
+
+	// First update RAC topology
+	podNames, nodeDetails, err1 := r.updateOracleRestartInstTopologyStatus(oracleRestart, ctx, req)
+
+	// Update RAC DB topology
+	if err1 == nil {
+		_ = r.updateoraclerestartdbTopologyStatus(oracleRestart, ctx, req, podNames, nodeDetails)
+	} else {
+		r.Log.Info("Error during Oracle Restart update", "err1", err1)
+	}
+
+	var condition metav1.Condition
+
+	if *completed {
+		condition = metav1.Condition{
+			Type:               string(oraclerestartdb.CrdReconcileCompeleteState),
+			LastTransitionTime: metav1.Now(),
+			ObservedGeneration: oracleRestart.GetGeneration(),
+			Reason:             string(oraclerestartdb.OracleRestartCrdReconcileCompleteReason),
+			Message:            "reconcile completed successfully", // no error text
+			Status:             metav1.ConditionTrue,
+		}
+	} else if *blocked {
+		condition = metav1.Condition{
+			Type:               string(oraclerestartdb.CrdReconcileWaitingState),
+			LastTransitionTime: metav1.Now(),
+			ObservedGeneration: oracleRestart.GetGeneration(),
+			Reason:             string(oraclerestartdb.OracleRestartCrdReconcileWaitingReason),
+			Message:            "reconcile is waiting on dependencies", // neutral message
+			Status:             metav1.ConditionTrue,
+		}
+	} else if result.Requeue {
+		condition = metav1.Condition{
+			Type:               string(oraclerestartdb.CrdReconcileQueuedState),
+			LastTransitionTime: metav1.Now(),
+			ObservedGeneration: oracleRestart.GetGeneration(),
+			Reason:             string(oraclerestartdb.CrdReconcileQueuedReason),
+			Message:            "reconcile has been queued", // neutral message
+			Status:             metav1.ConditionTrue,
+		}
+	} else if err != nil && *err != nil {
+		condition = metav1.Condition{
+			Type:               string(oraclerestartdb.CrdReconcileErrorState),
+			LastTransitionTime: metav1.Now(),
+			ObservedGeneration: oracleRestart.GetGeneration(),
+			Reason:             string(oraclerestartdb.CrdReconcileErrorReason),
+			Message:            (*err).Error(), // show actual error only here
+			Status:             metav1.ConditionTrue,
+		}
+	} else {
+		return
+	}
+
+	if len(oracleRestart.Status.Conditions) > 0 {
+		meta.RemoveStatusCondition(&oracleRestart.Status.Conditions, condition.Type)
+	}
+	meta.SetStatusCondition(&oracleRestart.Status.Conditions, condition)
+
+	if oracleRestart.Status.State == string(oraclerestartdb.OracleRestartPodAvailableState) &&
+		condition.Type == string(oraclerestartdb.CrdReconcileCompeleteState) {
+		r.Log.Info("All validations and updation are completed. Changing State to AVAILABLE")
+		oracleRestart.Status.State = string(oraclerestartdb.OracleRestartAvailableState)
+	}
+
+	for attempt := 0; attempt < maxRetries; attempt++ {
+		// Fetch the latest version of the object
+		latestInstance := &oraclerestartdb.OracleRestart{}
+		err := r.Client.Get(ctx, req.NamespacedName, latestInstance)
+		if err != nil {
+			r.Log.Error(err, "Failed to fetch the latest version of Oracle Restart instance, retrying...")
+			time.Sleep(retryDelay)
+			continue // Retry fetching the latest instance
+		}
+
+		// Merge the instance fields into latestInstance
+		err = mergeInstancesFromLatest(oracleRestart, latestInstance)
+		if err != nil {
+			r.Log.Error(err, "Failed to merge instances, retrying...")
+			time.Sleep(retryDelay)
+			continue // Retry merging
+		}
+
+		// Update the ResourceVersion of instance from latestInstance to avoid conflict
+		oracleRestart.ResourceVersion = latestInstance.ResourceVersion
+		err = r.Client.Status().Patch(ctx, oracleRestart, client.MergeFrom(latestInstance))
+
+		if err != nil {
+			if apierrors.IsConflict(err) {
+				r.Log.Info("Conflict detected, retrying update...", "attempt", attempt+1)
+				time.Sleep(retryDelay)
+				continue // Retry on conflict
+			}
+			r.Log.Error(err, "Failed to update the Oracle Restart DB instance, retrying...")
+			time.Sleep(retryDelay)
+			continue // Retry on other errors
+		}
+
+		// If update was successful, exit the loop
+		r.Log.Info("Updated Oracle Restart instance status successfully", "Instance", oracleRestart.Name)
+		break
+	}
+
+	r.Log.Info("Returning from updateReconcileStatus")
+}
+
+// #############################################################################
+//
+//	Validate the CRD specs
+//
+// #############################################################################
+func (r *OracleRestartReconciler) validateSpex(oracleRestart *oraclerestartdb.OracleRestart, oldSpec *oraclerestartdb.OracleRestartSpec, ctx context.Context) error {
+	var err error
+	eventReason := "Spec Error"
+
+	//var eventMsgs []string
+
+	r.Log.Info("Entering reconcile validation")
+
+	//First check image pull secrets
+	if oracleRestart.Spec.ImagePullSecret != "" {
+		secret := &corev1.Secret{}
+		err = r.Get(ctx, types.NamespacedName{Name: oracleRestart.Spec.ImagePullSecret, Namespace: oracleRestart.Namespace}, secret)
+		if err != nil {
+			if apierrors.IsNotFound(err) {
+				// Secret not found
+				r.Recorder.Eventf(oracleRestart, corev1.EventTypeWarning, eventReason, err.Error())
+				r.Log.Info(err.Error())
+				return err
+			}
+			r.Log.Error(err, err.Error())
+			return err
+		}
+	}
+
+	// ========  Config Params Checks
+	// Checking Secret for ssh key
+	privKeyFlag, pubKeyFlag := oraclerestartcommon.GetSSHkey(oracleRestart, oracleRestart.Spec.SshKeySecret.Name, r.Client)
+	if !privKeyFlag {
+		return errors.New("private key name is not set to " + oracleRestart.Spec.SshKeySecret.PrivKeySecretName + " in SshKeySecret")
+	}
+	if !pubKeyFlag {
+		return errors.New("public key name is not set to " + oracleRestart.Spec.SshKeySecret.PubKeySecretName + " in SshKeySecret")
+	}
+
+	// Checking Gi Responsefile
+	if oracleRestart.Spec.ConfigParams.GridResponseFile.ConfigMapName != "" {
+		giRspFlg, _ := oraclerestartcommon.GetGiResponseFile(oracleRestart, r.Client)
+		if !(giRspFlg) {
+			return errors.New("GridResponseFile name must be " + oracleRestart.Spec.ConfigParams.GridResponseFile.Name)
+		}
+	}
+
+	if oracleRestart.Spec.ConfigParams.DbResponseFile.ConfigMapName != "" {
+		DbRspFlg, _ := oraclerestartcommon.GetDbResponseFile(oracleRestart, r.Client)
+		if !(DbRspFlg) {
+			return errors.New("DbResponseFile name must be " + oracleRestart.Spec.ConfigParams.DbResponseFile.Name)
+		}
+	}
+	r.ensureAsmStorageStatus(oracleRestart)
+
+	specDisks := flattenDisksBySize(&oracleRestart.Spec)
+
+	// Loop through all disk groups in Status.AsmDetails
+	for _, diskgroup := range oracleRestart.Status.AsmDetails.Diskgroup {
+		// Compare the number of disks in each diskgroup to the number of disks in Spec
+		if len(specDisks) < len(diskgroup.Disks) {
+			r.Log.Info("Validating Disk to remove for Diskgroup", "DiskgroupName", diskgroup.Name)
+
+			// Call findDisksToRemove for this diskgroup to validate disk removal
+			_, err := findDisksToRemove(specDisks, diskgroup.Disks, oracleRestart)
+			if err != nil {
+				oracleRestart.Spec.IsFailed = true
+				return errors.New("required Disk is part of the disk group " + diskgroup.Name + " and cannot be removed. Review it manually.")
+			}
+			// else {
+			// 	r.Log.Info("Disks to be removed validated for Diskgroup", "DiskgroupName", diskgroup.Name)
+			// }
+		}
+	}
+
+	// Validation to check if new ASM Disk is already part of POD; return error if it is.
+	// Loop through all disk groups in Status.AsmDetails
+	for _, diskgroup := range oracleRestart.Status.AsmDetails.Diskgroup {
+		// Compare the number of disks in each diskgroup to the number of disks in Spec
+		for _, diskgroupDisks := range diskgroup.Disks {
+			disks := strings.Split(diskgroupDisks, ",")
+			if len(specDisks) > len(disks) {
+				// r.Log.Info("Validating newly added Disk for Diskgroup", "DiskgroupName", diskgroup.Name)
+
+				// Call findDisksToAdd to validate the newly added disks
+				_, err := findDisksToAdd(specDisks, diskgroup.Disks, oracleRestart, oldSpec)
+				if err != nil {
+					return err
+				}
+				// else {
+				// 	r.Log.Info("Disk to be added validated for Diskgroup", "DiskgroupName", diskgroup.Name, "Disk", fmt.Sprintf("%v", disk))
+				// }
+			}
+		}
+	}
+
+	// Checking the network cards in response files
+
+	if oracleRestart.Spec.ConfigParams.GridResponseFile.ConfigMapName != "" {
+		_, err := oraclerestartcommon.CheckRspData(oracleRestart, r.Client, "networkInterfaceList", oracleRestart.Spec.ConfigParams.GridResponseFile.ConfigMapName, oracleRestart.Spec.ConfigParams.GridResponseFile.Name)
+		if err != nil {
+			oracleRestart.Spec.IsFailed = true
+			return err
+		}
+
+		// Check if IsDelete is defined
+		switch isDeleteStr := oracleRestart.Spec.InstDetails.IsDelete; isDeleteStr {
+		case "true":
+
+			r.Log.Info("Performing operation for IsDelete true")
+
+		default:
+			// Validate network cards for both "false" and when IsDelete is not defined
+			if isDeleteStr != "" {
+				r.Log.Info("Unexpected value for IsDelete: " + isDeleteStr)
+			}
+
+		}
+
+	}
+
+	r.Log.Info("Completed reconcile validation")
+
+	return nil
+
+}
+
+// Helper function to flatten DisksBySize into a single slice of disk names
+func flattenDisksBySize(oraclerestartdbSpec *oraclerestartdb.OracleRestartSpec) []string {
+	disksBySize := oraclerestartdbSpec.AsmStorageDetails.DisksBySize
+	var allDisks []string
+	for _, diskBySize := range disksBySize {
+		allDisks = append(allDisks, diskBySize.DiskNames...)
+	}
+	return allDisks
+}
+
+// #############################################################################
+//
+//	Validate the CRD specs
+//
+// #############################################################################
+func (r *OracleRestartReconciler) validateASMDisks(oracleRestart *oraclerestartdb.OracleRestart, ctx context.Context) error {
+	//var eventMsgs []string
+
+	r.Log.Info("Validate New ASM Disks")
+	desiredDaemonSet := oraclerestartcommon.BuildDiskCheckDaemonSet(oracleRestart)
+
+	// Try to get the existing DaemonSet
+	existingDaemonSet := &appsv1.DaemonSet{}
+	err := r.Client.Get(ctx, types.NamespacedName{
+		Name:      desiredDaemonSet.Name,
+		Namespace: desiredDaemonSet.Namespace,
+	}, existingDaemonSet)
+
+	if err != nil {
+		if apierrors.IsNotFound(err) {
+			// DaemonSet does not exist, so create it
+			r.Log.Info("Creating DaemonSet:", "desiredDaemonSet.Name", desiredDaemonSet.Name)
+			if err := r.Client.Create(ctx, desiredDaemonSet); err != nil {
+				oracleRestart.Spec.IsFailed = true
+				return err
+			}
+		} else {
+			// Some other error occurred in fetching the DaemonSet
+			oracleRestart.Spec.IsFailed = true
+			return err
+		}
+	} else {
+		// DaemonSet exists, so check if an update is necessary
+		if !reflect.DeepEqual(existingDaemonSet.Spec.Template.Spec.Volumes, desiredDaemonSet.Spec.Template.Spec.Volumes) {
+			// Update the existing DaemonSet with the desired state
+			r.Log.Info("Updating DaemonSet:", "desiredDaemonSet.Name", desiredDaemonSet.Name)
+			existingDaemonSet.Spec = desiredDaemonSet.Spec
+			if err := r.Client.Update(ctx, existingDaemonSet); err != nil {
+				return err
+			}
+			r.Log.Info("Updating Daemon set, takes upto 1 minute")
+			time.Sleep(1 * time.Second * 60)
+			//update takes times to terminate and recreate
+		}
+	}
+
+	// r.Log.Info("Checking ASM DaemonSet Pod Status")
+
+	return nil
+
+}
+
+func (r *OracleRestartReconciler) cleanupDaemonSet(OracleRestart *oraclerestartdb.OracleRestart, ctx context.Context) error {
+	// r.Log.Info("CleanupDaemonSet")
+	desiredDaemonSet := oraclerestartcommon.BuildDiskCheckDaemonSet(OracleRestart)
+
+	// Try to get the existing DaemonSet
+	existingDaemonSet := &appsv1.DaemonSet{}
+	err := r.Client.Get(ctx, types.NamespacedName{
+		Name:      desiredDaemonSet.Name,
+		Namespace: desiredDaemonSet.Namespace,
+	}, existingDaemonSet)
+
+	if err != nil {
+		if apierrors.IsNotFound(err) {
+			// DaemonSet does not exist, so nothing to delete
+			// r.Log.Info("No DaemonSet Found To Delete")
+			return nil
+		}
+		// Some other error occurred in fetching the DaemonSet
+		// r.Log.Error(err, "Some other error occurred in fetching the DaemonSet")
+		return err
+	}
+
+	// DaemonSet exists, attempt to delete it
+	// r.Log.Info("Deleting DaemonSet", "DaemonSet.Name", existingDaemonSet.Name)
+	if err := r.Client.Delete(ctx, existingDaemonSet); err != nil {
+		r.Log.Error(err, "Failed to delete DaemonSet", "DaemonSet.Name", existingDaemonSet.Name)
+		return err
+	}
+
+	// Poll for the DaemonSet to be deleted
+	timeout := 30 * time.Second
+	pollInterval := 5 * time.Second
+	startTime := time.Now()
+
+	for {
+		// Check if we have exceeded the timeout
+		if time.Since(startTime) > timeout {
+			return fmt.Errorf("timeout waiting for DaemonSet %s to be deleted", existingDaemonSet.Name)
+		}
+
+		// Check if the DaemonSet still exists
+		err = r.Client.Get(ctx, types.NamespacedName{
+			Name:      existingDaemonSet.Name,
+			Namespace: existingDaemonSet.Namespace,
+		}, existingDaemonSet)
+
+		if err != nil {
+			if apierrors.IsNotFound(err) {
+				// DaemonSet no longer exists
+				r.Log.Info("DaemonSet deleted successfully", "DaemonSet.Name", existingDaemonSet.Name)
+				return nil
+			}
+			// Some other error occurred in fetching the DaemonSet
+			r.Log.Error(err, "Error checking for DaemonSet deletion", "DaemonSet.Name", existingDaemonSet.Name)
+			return err
+		}
+
+		// Wait before checking again
+		time.Sleep(pollInterval)
+	}
+}
+
+func findDisksToRemove(specDisks, statusDisks []string, instance *oraclerestartdb.OracleRestart) ([]string, error) {
+	// Convert specDisks to a set for fast lookups
+	specDiskSet := make(map[string]struct{})
+	for _, disk := range specDisks {
+		specDiskSet[disk] = struct{}{}
+	}
+
+	// Find disks in statusDisks that are not in specDiskSet
+	var disksToRemove []string
+	for _, disk := range statusDisks {
+		if _, found := specDiskSet[disk]; !found {
+			disksToRemove = append(disksToRemove, disk)
+		}
+	}
+
+	// Validate that disks to be removed are not part of any other ASM device list
+	combinedList := strings.Join([]string{
+		instance.Spec.ConfigParams.CrsAsmDeviceList,
+		instance.Spec.ConfigParams.RecoAsmDeviceList,
+		instance.Spec.ConfigParams.RedoAsmDeviceList,
+		instance.Spec.ConfigParams.DbAsmDeviceList,
+	}, ",")
+	combinedSet := make(map[string]struct{})
+	for _, disk := range strings.Split(combinedList, ",") {
+		combinedSet[disk] = struct{}{}
+	}
+
+	// Check for any disks to remove that are part of the combined ASM device list
+	var validatedDisks []string
+	for _, disk := range disksToRemove {
+		if _, found := combinedSet[disk]; found {
+			return nil, fmt.Errorf("disk %s to be removed is part of a disk group, hence cannot be removed", disk)
+		}
+		validatedDisks = append(validatedDisks, disk)
+	}
+
+	return validatedDisks, nil
+}
+
+func findDisksToAdd(newSpecDisks, statusDisks []string, instance *oraclerestartdb.OracleRestart, oldSpec *oraclerestartdb.OracleRestartSpec) ([]string, error) {
+	// Create a set for statusDisks to allow valid reuse of existing disks
+	// Step 1: Check for duplicates within newSpecDisks itself
+	oldAsmDisks := flattenDisksBySize(oldSpec)
+
+	if len(oldAsmDisks) == len(newSpecDisks) {
+		oldDiskSet := make(map[string]struct{})
+		for _, disk := range oldAsmDisks {
+			oldDiskSet[strings.TrimSpace(disk)] = struct{}{}
+		}
+
+		allDisksMatch := true
+		for _, newDisk := range newSpecDisks {
+			if _, found := oldDiskSet[strings.TrimSpace(newDisk)]; !found {
+				allDisksMatch = false
+				break
+			}
+		}
+
+		if allDisksMatch {
+			return nil, nil // No new disks to add
+		}
+	}
+
+	seenDisks := make(map[string]struct{})
+	for _, newDisk := range newSpecDisks {
+		trimmedDisk := strings.TrimSpace(newDisk)
+
+		// Check if the disk is already in the seenDisks set, indicating a duplicate within newSpecDisks
+		if _, found := seenDisks[trimmedDisk]; found {
+			return nil, fmt.Errorf("disk '%s' is defined more than once in the new spec and cannot be added multiple times", trimmedDisk)
+		}
+		seenDisks[trimmedDisk] = struct{}{}
+	}
+
+	// Step 2: Create a set for the actual statusDisks by splitting each entry
+	statusDiskSet := make(map[string]struct{})
+	for _, diskEntry := range statusDisks {
+		// Split the disk entry by commas to handle multiple disks in a single string
+		for _, disk := range strings.Split(diskEntry, ",") {
+			statusDiskSet[strings.TrimSpace(disk)] = struct{}{}
+		}
+	}
+
+	// Create sets for each of the individual ASM device lists
+	crsAsmDeviceSet := make(map[string]struct{})
+	recoAsmDeviceSet := make(map[string]struct{})
+	redoAsmDeviceSet := make(map[string]struct{})
+	dbAsmDeviceSet := make(map[string]struct{})
+
+	// Step 4: Create a set to track newly added disks that are valid for addition
+	var validDisksToAdd []string
+	newDiskSet := make(map[string]struct{})
+
+	for _, newDisk := range newSpecDisks {
+		trimmedDisk := strings.TrimSpace(newDisk)
+
+		// If the disk is already part of the statusDisks (existing disks), allow it to stay
+		if _, found := statusDiskSet[trimmedDisk]; found {
+			continue
+		}
+
+		// Check if the disk is already part of any individual ASM device list
+		if _, found := crsAsmDeviceSet[trimmedDisk]; found {
+			return nil, fmt.Errorf("disk '%s' is already part of CRS ASM device list and cannot be added again", trimmedDisk)
+		}
+		if _, found := recoAsmDeviceSet[trimmedDisk]; found {
+			return nil, fmt.Errorf("disk '%s' is already part of RECO ASM device list and cannot be added again", trimmedDisk)
+		}
+		if _, found := redoAsmDeviceSet[trimmedDisk]; found {
+			return nil, fmt.Errorf("disk '%s' is already part of REDO ASM device list and cannot be added again", trimmedDisk)
+		}
+		if _, found := dbAsmDeviceSet[trimmedDisk]; found {
+			return nil, fmt.Errorf("disk '%s' is already part of DB ASM device list and cannot be added again", trimmedDisk)
+		}
+
+		// Add the disk to newDiskSet and consider it valid for addition
+		newDiskSet[trimmedDisk] = struct{}{}
+		validDisksToAdd = append(validDisksToAdd, trimmedDisk)
+	}
+
+	return validDisksToAdd, nil
+}
+
+func (r *OracleRestartReconciler) setDefaults(oracleRestart *oraclerestartdb.OracleRestart) error {
+
+	if oracleRestart.Spec.ImagePullPolicy == nil {
+		*oracleRestart.Spec.ImagePullPolicy = "Always"
+	}
+
+	if oracleRestart.Spec.SshKeySecret != nil {
+		if oracleRestart.Spec.SshKeySecret.KeyMountLocation == "" {
+			oracleRestart.Spec.SshKeySecret.KeyMountLocation = utils.OraRacSshSecretMount
+		}
+	}
+
+	if oracleRestart.Spec.DbSecret != nil {
+		if oracleRestart.Spec.DbSecret.Name != "" {
+			if oracleRestart.Spec.DbSecret.PwdFileMountLocation == "" {
+				oracleRestart.Spec.DbSecret.PwdFileMountLocation = utils.OraRacDbPwdFileSecretMount
+			}
+			if oracleRestart.Spec.DbSecret.KeyFileMountLocation == "" {
+				oracleRestart.Spec.DbSecret.KeyFileMountLocation = utils.OraRacDbKeyFileSecretMount
+			}
+		}
+	}
+
+	if oracleRestart.Spec.TdeWalletSecret != nil {
+		if oracleRestart.Spec.TdeWalletSecret.Name != "" {
+			if oracleRestart.Spec.TdeWalletSecret.PwdFileMountLocation == "" {
+				oracleRestart.Spec.TdeWalletSecret.PwdFileMountLocation = utils.OraRacTdePwdFileSecretMount
+			}
+			if oracleRestart.Spec.TdeWalletSecret.KeyFileMountLocation == "" {
+				oracleRestart.Spec.TdeWalletSecret.KeyFileMountLocation = utils.OraRacTdeKeyFileSecretMount
+			}
+		}
+	}
+
+	if oracleRestart.Spec.ConfigParams != nil {
+		if oracleRestart.Spec.ConfigParams.SwMountLocation == "" {
+			oracleRestart.Spec.ConfigParams.SwMountLocation = utils.OraSwLocation
+		}
+
+		if oracleRestart.Spec.ConfigParams.GridResponseFile.ConfigMapName == "" {
+			if oracleRestart.Spec.ConfigParams.CrsAsmDiskDg == "" {
+				oracleRestart.Spec.ConfigParams.CrsAsmDiskDg = "+DATA"
+			}
+
+			if oracleRestart.Spec.ConfigParams.CrsAsmDiskDgRedundancy == "" {
+				oracleRestart.Spec.ConfigParams.CrsAsmDiskDgRedundancy = "external"
+			}
+		}
+
+		if oracleRestart.Spec.ConfigParams.DbResponseFile.ConfigMapName == "" {
+			if oracleRestart.Spec.ConfigParams.DbDataFileDestDg == "" {
+				oracleRestart.Spec.ConfigParams.DbDataFileDestDg = oracleRestart.Spec.ConfigParams.CrsAsmDiskDg
+			}
+
+			if oracleRestart.Spec.ConfigParams.DbRecoveryFileDest == "" {
+				oracleRestart.Spec.ConfigParams.DbRecoveryFileDest = oracleRestart.Spec.ConfigParams.DbDataFileDestDg
+			}
+
+			if oracleRestart.Spec.ConfigParams.DbCharSet == "" {
+				oracleRestart.Spec.ConfigParams.DbCharSet = "AL32UTF8"
+			}
+		}
+
+	}
+	return nil
+
+}
+
+func (r *OracleRestartReconciler) updateGiConfigParamStatus(oracleRestart *oraclerestartdb.OracleRestart) error {
+
+	//orestartPod := &corev1.Pod{}
+
+	var cName, fName string
+
+	if oracleRestart.Spec.ConfigParams.GridResponseFile.ConfigMapName != "" {
+		cName = oracleRestart.Spec.ConfigParams.GridResponseFile.ConfigMapName
+	}
+	if oracleRestart.Spec.ConfigParams.GridResponseFile.Name != "" {
+		fName = oracleRestart.Spec.ConfigParams.GridResponseFile.Name
+	}
+
+	if oracleRestart.Status.ConfigParams == nil {
+		oracleRestart.Status.ConfigParams = new(oraclerestartdb.InitParams)
+	}
+
+	if oracleRestart.Spec.ConfigParams != nil {
+		if oracleRestart.Status.ConfigParams.CrsAsmDeviceList == "" {
+			if oracleRestart.Spec.ConfigParams.CrsAsmDeviceList != "" {
+				oracleRestart.Status.ConfigParams.CrsAsmDeviceList = oracleRestart.Spec.ConfigParams.CrsAsmDeviceList
+			} else {
+				diskList, err := oraclerestartcommon.CheckRspData(oracleRestart, r.Client, "diskList", cName, fName)
+				if err != nil {
+					return errors.New(("error in responsefile, unable to read diskList"))
+				}
+				oracleRestart.Status.ConfigParams.CrsAsmDeviceList = diskList
+			}
+		}
+		if oracleRestart.Status.ConfigParams.Inventory == "" {
+			if oracleRestart.Spec.ConfigParams.Inventory != "" {
+				oracleRestart.Status.ConfigParams.Inventory = oracleRestart.Spec.ConfigParams.Inventory
+			} else {
+				invlocation, err := oraclerestartcommon.CheckRspData(oracleRestart, r.Client, "INVENTORY_LOCATION", cName, fName)
+				if err != nil {
+					oracleRestart.Spec.IsFailed = true
+					return errors.New(("error in responsefile, unable to read inventory_location"))
+				} else {
+					oracleRestart.Status.ConfigParams.Inventory = invlocation
+				}
+			}
+		}
+
+		if oracleRestart.Status.ConfigParams.GridBase == "" {
+			if oracleRestart.Spec.ConfigParams.GridBase != "" {
+				oracleRestart.Status.ConfigParams.GridBase = oracleRestart.Spec.ConfigParams.GridBase
+			} else {
+				gibase, err := oraclerestartcommon.CheckRspData(oracleRestart, r.Client, "ORACLE_BASE", cName, fName)
+				if err != nil {
+					oracleRestart.Spec.IsFailed = true
+					return errors.New(("error in responsefile, unable to read oracle_base"))
+				} else {
+					oracleRestart.Status.ConfigParams.GridBase = gibase
+				}
+			}
+		}
+		if oracleRestart.Status.ConfigParams.GridHome == "NOT_DEFINED" {
+			if oracleRestart.Spec.ConfigParams.GridHome != "" {
+				oracleRestart.Status.ConfigParams.GridHome = oracleRestart.Spec.ConfigParams.GridHome
+			} else {
+				gihome, err := oraclerestartcommon.CheckRspData(oracleRestart, r.Client, "GRID_HOME", cName, fName)
+				if err != nil {
+					oracleRestart.Spec.IsFailed = true
+					return errors.New(("error in responsefile, unable to read oracle_base"))
+				} else {
+					oracleRestart.Status.ConfigParams.GridHome = gihome
+				}
+			}
+		}
+
+		// if oracleRestart.Status.ScanSvcName == "" {
+		// 	if oracleRestart.Spec.ScanSvcName != "" {
+		// 		oracleRestart.Status.ScanSvcName = oracleRestart.Spec.ScanSvcName
+		// 	} else {
+		// 		scanname, err := oraclerestartcommon.CheckRspData(OracleRestart, r.Client, "scanName", cName, fName)
+		// 		if err != nil {
+		// 			oracleRestart.Spec.IsFailed = true
+		// 			return errors.New(("error in responsefile, unable to read scanName"))
+		// 		} else {
+		// 			oracleRestart.Status.ScanSvcName = scanname
+		// 		}
+		// 	}
+		// }
+
+		if oracleRestart.Status.ConfigParams.CrsAsmDiskDg == "" {
+			if oracleRestart.Spec.ConfigParams.CrsAsmDiskDg != "" {
+				oracleRestart.Status.ConfigParams.CrsAsmDiskDg = oracleRestart.Spec.ConfigParams.CrsAsmDiskDg
+			} else {
+				diskGroupName, err := oraclerestartcommon.CheckRspData(oracleRestart, r.Client, "diskGroupName", cName, fName)
+				if err != nil {
+					oracleRestart.Spec.IsFailed = true
+					return errors.New(("error in responsefile, unable to read diskGroupName"))
+				} else {
+					oracleRestart.Status.ConfigParams.CrsAsmDiskDg = diskGroupName
+				}
+			}
+		}
+
+		if oracleRestart.Status.ConfigParams.CrsAsmDiskDgRedundancy == "" {
+			if oracleRestart.Spec.ConfigParams.CrsAsmDiskDgRedundancy != "" {
+				oracleRestart.Status.ConfigParams.CrsAsmDiskDgRedundancy = oracleRestart.Spec.ConfigParams.CrsAsmDiskDgRedundancy
+			} else {
+				redundancy, err := oraclerestartcommon.CheckRspData(oracleRestart, r.Client, "redundancy", cName, fName)
+				if err != nil {
+					oracleRestart.Spec.IsFailed = true
+					return errors.New(("error in responsefile, unable to read redundancy"))
+				} else {
+					oracleRestart.Status.ConfigParams.CrsAsmDiskDgRedundancy = redundancy
+				}
+			}
+		}
+	}
+
+	return nil
+
+}
+
+func (r *OracleRestartReconciler) updateDbConfigParamStatus(oracleRestart *oraclerestartdb.OracleRestart) error {
+
+	//orestartPod := &corev1.Pod{}
+
+	var cName, fName string
+
+	if oracleRestart.Spec.ConfigParams.DbResponseFile.ConfigMapName != "" {
+		cName = oracleRestart.Spec.ConfigParams.DbResponseFile.ConfigMapName
+	}
+	if oracleRestart.Spec.ConfigParams.DbResponseFile.Name != "" {
+		fName = oracleRestart.Spec.ConfigParams.DbResponseFile.Name
+	}
+
+	if oracleRestart.Status.ConfigParams == nil {
+		oracleRestart.Status.ConfigParams = new(oraclerestartdb.InitParams)
+	}
+
+	if oracleRestart.Spec.ConfigParams != nil {
+		if oracleRestart.Spec.ConfigParams.DbAsmDeviceList != "" {
+			oracleRestart.Status.ConfigParams.DbAsmDeviceList = oracleRestart.Spec.ConfigParams.DbAsmDeviceList
+		}
+
+		if oracleRestart.Spec.ConfigParams.RecoAsmDeviceList != "" {
+			oracleRestart.Status.ConfigParams.RecoAsmDeviceList = oracleRestart.Spec.ConfigParams.RecoAsmDeviceList
+		}
+		if oracleRestart.Spec.ConfigParams.DBAsmDiskDgRedundancy != "" {
+			oracleRestart.Status.ConfigParams.DBAsmDiskDgRedundancy = oracleRestart.Spec.ConfigParams.DBAsmDiskDgRedundancy
+		}
+
+		if oracleRestart.Status.ConfigParams.DbName == "" {
+			if oracleRestart.Spec.ConfigParams.DbName != "" {
+				oracleRestart.Status.ConfigParams.DbName = oracleRestart.Spec.ConfigParams.DbName
+			} else {
+				variable, err := oraclerestartcommon.CheckRspData(oracleRestart, r.Client, "variables=", cName, fName)
+				if err != nil {
+					oracleRestart.Spec.IsFailed = true
+					return errors.New(("error in responsefile, unable to read variable"))
+				}
+				dbName := utils.GetValue(variable, "DB_NAME")
+				if err != nil {
+					oracleRestart.Spec.IsFailed = true
+					return errors.New(("error in responsefile, unable to read DB_NAME"))
+				}
+				oracleRestart.Status.ConfigParams.DbName = dbName
+			}
+		}
+
+		if oracleRestart.Status.ConfigParams.DbDataFileDestDg == "" {
+			if oracleRestart.Spec.ConfigParams.DbDataFileDestDg != "" {
+				oracleRestart.Status.ConfigParams.DbDataFileDestDg = oracleRestart.Spec.ConfigParams.DbDataFileDestDg
+				if oracleRestart.Spec.ConfigParams.DbAsmDeviceList != "" {
+					oracleRestart.Status.ConfigParams.DbAsmDeviceList = oracleRestart.Spec.ConfigParams.DbAsmDeviceList
+					// Logic to validate and set Disk group using grid response file and dbca response file
+					var gcName, gfName string
+
+					if oracleRestart.Spec.ConfigParams.GridResponseFile.ConfigMapName != "" {
+						gcName = oracleRestart.Spec.ConfigParams.GridResponseFile.ConfigMapName
+					}
+					if oracleRestart.Spec.ConfigParams.GridResponseFile.Name != "" {
+						gfName = oracleRestart.Spec.ConfigParams.GridResponseFile.Name
+					}
+					if gcName != "" && gfName != "" {
+						diskGroupName, err := oraclerestartcommon.CheckRspData(oracleRestart, r.Client, "diskGroupName", gcName, gfName)
+						if err != nil {
+							oracleRestart.Spec.IsFailed = true
+							return errors.New(("error in responsefile, unable to read diskGroupName"))
+						}
+
+						if oracleRestart.Status.ConfigParams.DbDataFileDestDg != diskGroupName {
+							return nil
+						} else {
+							oracleRestart.Status.ConfigParams.DbDataFileDestDg = diskGroupName
+						}
+					}
+				}
+			} else {
+				// Logic to validate and set Disk group using grid response file and dbca response file
+				var gcName, gfName string
+
+				if oracleRestart.Spec.ConfigParams.GridResponseFile.ConfigMapName != "" {
+					gcName = oracleRestart.Spec.ConfigParams.GridResponseFile.ConfigMapName
+				}
+				if oracleRestart.Spec.ConfigParams.GridResponseFile.Name != "" {
+					gfName = oracleRestart.Spec.ConfigParams.GridResponseFile.Name
+				}
+				if gcName != "" && gfName != "" {
+					diskGroupName, err := oraclerestartcommon.CheckRspData(oracleRestart, r.Client, "diskGroupName", gcName, gfName)
+					if err != nil {
+						oracleRestart.Spec.IsFailed = true
+						return errors.New(("error in grid responsefile, unable to read diskGroupName to set DbDataFileDestDg"))
+					}
+					oracleRestart.Status.ConfigParams.DbDataFileDestDg = diskGroupName
+					dbdgloc, err := oraclerestartcommon.CheckRspData(oracleRestart, r.Client, "datafileDestination", cName, fName)
+					if err != nil {
+						oracleRestart.Spec.IsFailed = true
+						oracleRestart.Status.ConfigParams.DbDataFileDestDg = diskGroupName
+					} else {
+						dbdg := strings.Split(dbdgloc, "/")
+						if len(dbdg) == 0 {
+							return errors.New("error in responsefile, unable to read datafileDestination diskgroup")
+						}
+						oracleRestart.Status.ConfigParams.DbDataFileDestDg = dbdg[0]
+					}
+				} else {
+					return errors.New("neither DbDataFileDestDg is set , nor grid response file is set. One of them is required")
+				}
+			}
+		}
+
+		if oracleRestart.Status.ConfigParams.DbRecoveryFileDest == "" {
+			if oracleRestart.Spec.ConfigParams.DbRecoveryFileDest != "" {
+				oracleRestart.Status.ConfigParams.DbRecoveryFileDest = oracleRestart.Spec.ConfigParams.DbRecoveryFileDest
+			} else {
+				if cName != "" && fName != "" {
+					recodgloc, err := oraclerestartcommon.CheckRspData(oracleRestart, r.Client, "recoveryAreaDestination", cName, fName)
+					if err != nil {
+						oracleRestart.Spec.IsFailed = true
+						return errors.New(("error in responsefile, unable to read recoveryAreaDestination"))
+					}
+					recodg := strings.Split(recodgloc, "/")
+					if len(recodg) == 0 {
+						return errors.New("error in responsefile, unable to read recoveryAreaDestination diskgroup")
+					}
+					oracleRestart.Status.ConfigParams.DbDataFileDestDg = recodg[0]
+				}
+			}
+		}
+
+		if oracleRestart.Status.ConfigParams.DbBase == "" {
+			if oracleRestart.Spec.ConfigParams.DbBase != "" {
+				oracleRestart.Status.ConfigParams.DbBase = oracleRestart.Spec.ConfigParams.DbBase
+			} else {
+				variable, err := oraclerestartcommon.CheckRspData(oracleRestart, r.Client, "variables=", cName, fName)
+				if err != nil {
+					oracleRestart.Spec.IsFailed = true
+					return errors.New(("error in responsefile, unable to read variable"))
+				}
+				obase := utils.GetValue(variable, "ORACLE_BASE")
+				if len(obase) == 0 {
+					return errors.New(("error in responsefile, unable to read ORACLE_BASE"))
+				}
+				oracleRestart.Status.ConfigParams.DbBase = obase
+			}
+		}
+		if oracleRestart.Status.ConfigParams.DbHome == "NOT_DEFINED" {
+			if oracleRestart.Spec.ConfigParams.DbHome != "" {
+				oracleRestart.Status.ConfigParams.DbHome = oracleRestart.Spec.ConfigParams.DbHome
+			} else {
+				variable, err := oraclerestartcommon.CheckRspData(oracleRestart, r.Client, "variables=", cName, fName)
+				if err != nil {
+					oracleRestart.Spec.IsFailed = true
+					return errors.New(("error in responsefile, unable to read variable"))
+				}
+				ohome := utils.GetValue(variable, "ORACLE_HOME")
+				if len(ohome) == 0 {
+					return errors.New(("error in responsefile, unable to read ORACLE_BASE"))
+				}
+				oracleRestart.Status.ConfigParams.DbHome = ohome
+			}
+		}
+
+		if oracleRestart.Status.ConfigParams.DbHome == "" {
+			if oracleRestart.Spec.ConfigParams.DbHome != "" {
+				oracleRestart.Status.ConfigParams.DbHome = oracleRestart.Spec.ConfigParams.DbHome
+			} else {
+				variable, err := oraclerestartcommon.CheckRspData(oracleRestart, r.Client, "variables=", cName, fName)
+				if err != nil {
+					oracleRestart.Spec.IsFailed = true
+					return errors.New(("error in responsefile, unable to read variable"))
+				}
+				ohome := utils.GetValue(variable, "ORACLE_HOME")
+				if len(ohome) == 0 {
+					return errors.New(("error in responsefile, unable to read ORACLE_HOME"))
+				}
+				oracleRestart.Status.ConfigParams.DbHome = ohome
+			}
+		}
+	}
+
+	if oracleRestart.Status.ConfigParams.GridHome == "" {
+		if oracleRestart.Spec.ConfigParams.GridHome != "" {
+			oracleRestart.Status.ConfigParams.GridHome = oracleRestart.Spec.ConfigParams.GridHome
+		} else {
+			variable, err := oraclerestartcommon.CheckRspData(oracleRestart, r.Client, "variables=", cName, fName)
+			if err != nil {
+				oracleRestart.Spec.IsFailed = true
+				return errors.New(("error in responsefile, unable to read variable"))
+			}
+			ghome := utils.GetValue(variable, "ORACLE_HOME")
+			if len(ghome) == 0 {
+				return errors.New(("error in responsefile, unable to read ORACLE_HOME"))
+			}
+			oracleRestart.Status.ConfigParams.GridHome = ghome
+		}
+	}
+
+	return nil
+
+}
+
+func (r *OracleRestartReconciler) updateOracleRestartInstTopologyStatus(oracleRestart *oraclerestartdb.OracleRestart, ctx context.Context, req ctrl.Request) ([]string, map[string]*corev1.Node, error) {
+
+	//orestartPod := &corev1.Pod{}
+	var podNames []string
+	nodeDetails := make(map[string]*corev1.Node)
+
+	if strings.ToLower(oracleRestart.Spec.InstDetails.IsDelete) != "true" {
+		_, pod, err := r.validateOracleRestartInst(oracleRestart, ctx, req, oracleRestart.Spec.InstDetails, 0)
+		if err != nil {
+			return podNames, nodeDetails, err
+		}
+		podNames = append(podNames, pod.Name)
+
+		// Get node details for the node where the pod is running
+		node, err := r.getNodeDetails(pod.Spec.NodeName)
+		if err != nil {
+			return podNames, nodeDetails, fmt.Errorf("failed to get node details for pod %s: %v", pod.Name, err)
+		}
+		nodeDetails[pod.Name] = node
+	}
+
+	if len(podNames) == 0 || len(nodeDetails) == 0 {
+		oracleRestart.Spec.IsFailed = true
+		return podNames, nodeDetails, errors.New("error occurred while collecting Oracle Restart pod or node details")
+	} else {
+		oracleRestart.Spec.IsFailed = false
+	}
+
+	return podNames, nodeDetails, nil
+}
+
+func (r *OracleRestartReconciler) getNodeDetails(nodeName string) (*corev1.Node, error) {
+	node := &corev1.Node{}
+	err := r.Client.Get(context.TODO(), client.ObjectKey{
+		Namespace: "",
+		Name:      nodeName,
+	}, node)
+	if err != nil {
+		return nil, err
+	}
+	return node, nil
+}
+
+func (r *OracleRestartReconciler) updateoraclerestartdbTopologyStatus(OracleRestart *oraclerestartdb.OracleRestart, ctx context.Context, req ctrl.Request, podNames []string, nodeDetails map[string]*corev1.Node) error {
+
+	//orestartPod := &corev1.Pod{}
+	var err error
+	_, _, err = r.validateoraclerestartdb(OracleRestart, ctx, req, podNames, nodeDetails)
+	if err != nil {
+		return err
+	}
+	return nil
+}
+
+func (r *OracleRestartReconciler) validateoraclerestartdb(oracleRestart *oraclerestartdb.OracleRestart, ctx context.Context, req ctrl.Request, podNames []string, nodeDetails map[string]*corev1.Node,
+) (*appsv1.StatefulSet, *corev1.Pod, error) {
+
+	orestartSfSet := &appsv1.StatefulSet{}
+	orestartPod := &corev1.Pod{}
+	const maxRetries = 5
+	const retryDelay = 2 * time.Second
+	oraclerestartcommon.UpdateoraclerestartdbStatusData(oracleRestart, ctx, req, podNames, r.kubeClient, r.kubeConfig, r.Log, nodeDetails)
+	// Log the start of the status update process
+	r.Log.Info("Updating Oracle Restart instance status with validateoraclerestartdb", "Instance", oracleRestart.Name)
+
+	for attempt := 0; attempt < maxRetries; attempt++ {
+		// // Fetch the latest version of the object
+		latestInstance := &oraclerestartdb.OracleRestart{}
+		err := r.Client.Get(ctx, req.NamespacedName, latestInstance)
+		if err != nil {
+			r.Log.Error(err, "Failed to fetch the latest version of Oracle Restart instance")
+			return orestartSfSet, orestartPod, err // Return the error if fetching the latest version fails
+		}
+
+		// Merge the instance fields into latestInstance
+		err = mergeInstancesFromLatest(oracleRestart, latestInstance)
+		if err != nil {
+			r.Log.Error(err, "Failed to merge instances")
+			return orestartSfSet, orestartPod, err
+		}
+
+		// Attempt to update the status of the instance directly
+		// err = r.Status().Update(ctx, instance)
+
+		// Update the ResourceVersion of instance from latestInstance to avoid conflict
+		oracleRestart.ResourceVersion = latestInstance.ResourceVersion
+		err = r.Client.Status().Patch(ctx, oracleRestart, client.MergeFrom(latestInstance))
+
+		if err != nil {
+			if apierrors.IsConflict(err) {
+				// Handle the conflict and retry
+				r.Log.Info("Conflict detected in validateoraclerestartdb, retrying...", "attempt", attempt+1)
+				time.Sleep(retryDelay)
+				continue
+				// Retry
+			}
+			// For other errors, log and continue the retry loop
+			r.Log.Error(err, "Failed to update the Oracle Restart DB instance, retrying")
+			continue
+		}
+
+		// If update was successful, exit the loop
+		r.Log.Info("Updated Oracle Restart instance status with validateoraclerestartdb", "Instance", oracleRestart.Name)
+
+		return orestartSfSet, orestartPod, nil
+	}
+
+	// If all retries fail, return an error
+	return orestartSfSet, orestartPod, fmt.Errorf("failed to update Oracle Restart DB Status after %d attempts", maxRetries)
+}
+
+// ======= Function to validate Shard
+func (r *OracleRestartReconciler) validateOracleRestartInst(oracleRestart *oraclerestartdb.OracleRestart, ctx context.Context, req ctrl.Request, OraRestartSpex oraclerestartdb.OracleRestartInstDetailSpec, specId int) (*appsv1.StatefulSet, *corev1.Pod, error) {
+
+	var err error
+	orestartSfSet := &appsv1.StatefulSet{}
+	orestartPod := &corev1.Pod{}
+
+	orestartSfSet, err = oraclerestartcommon.CheckSfset(OraRestartSpex.Name, oracleRestart, r.Client)
+	if err != nil {
+		//msg := "Unable to find Oracle Restart statefulset " + oraclerestartcommon.GetFmtStr(OraRestartSpex.Name) + "."
+		//oraclerestartcommon.LogMessages("INFO", msg, nil, instance, r.Log)
+		r.updateOracleRestartInstStatus(oracleRestart, ctx, req, OraRestartSpex, string(oraclerestartdb.StatefulSetNotFound), r.Client, false)
+		return orestartSfSet, orestartPod, err
+	}
+
+	podList, err := oraclerestartcommon.GetPodList(orestartSfSet.Name, oracleRestart, r.Client, OraRestartSpex)
+	if err != nil {
+		msg := "Unable to find any pod in statefulset " + oraclerestartcommon.GetFmtStr(orestartSfSet.Name) + "."
+		oraclerestartcommon.LogMessages("INFO", msg, nil, oracleRestart, r.Log)
+		r.updateOracleRestartInstStatus(oracleRestart, ctx, req, OraRestartSpex, string(oraclerestartdb.PodNotFound), r.Client, false)
+		return orestartSfSet, orestartPod, err
+	}
+	// Validate the pod list and get the list of not ready pods
+	isPodExist, orestartPod, notReadyPod := oraclerestartcommon.PodListValidation(podList, orestartSfSet.Name, oracleRestart, r.Client)
+	// Check if the pod is ready
+	if !isPodExist {
+		msg := ""
+		if notReadyPod != nil {
+			// Log the name of the first not ready pod
+			msg = "unable to validate Oracle Restart pod. The  pod not ready  is: " + notReadyPod.Name
+			oraclerestartcommon.LogMessages("INFO", msg, nil, oracleRestart, r.Log)
+			return orestartSfSet, orestartPod, fmt.Errorf(msg)
+		} else {
+			// Handle the case where no pods were found at all
+			msg = "unable to validate Oracle Restart pod. No pods matching the criteria were found"
+			oraclerestartcommon.LogMessages("INFO", msg, nil, oracleRestart, r.Log)
+			return orestartSfSet, orestartPod, fmt.Errorf(msg)
+		}
+
+	}
+	// Update status when PODs are ready
+	state := oracleRestart.Status.State
+	if oracleRestart.Spec.IsManual { // if user changes spec  to manual mode, lets change status column same as well
+		state = string(oraclerestartdb.OracleRestartManualState)
+	}
+	if oracleRestart.Spec.IsFailed { // if controller changes spec  to failed mode, lets change status column same as well
+		state = string(oraclerestartdb.OracleRestartFailedState)
+	}
+
+	switch {
+	case isPodExist && (state == string(oraclerestartdb.OracleRestartProvisionState) ||
+		state == string(oraclerestartdb.OracleRestartUpdateState) ||
+		state == string(oraclerestartdb.OracleRestartPendingState)):
+		// When previous update or provision is there, change to POD available intermittent state
+		state = string(oraclerestartdb.OracleRestartPodAvailableState)
+	case state == string(oraclerestartdb.OracleRestartFailedState):
+		// Failed state handling, remain in failed state or take specific action
+		state = string(oraclerestartdb.OracleRestartFailedState)
+	case state == string(oraclerestartdb.OracleRestartManualState):
+		// Manual state handling, e.g., do not modify state automatically
+		state = string(oraclerestartdb.OracleRestartManualState)
+	default:
+		// Continue with the current state for others, if no conditions are met
+		state = oracleRestart.Status.State
+	}
+
+	r.updateOracleRestartInstStatus(oracleRestart, ctx, req, OraRestartSpex, state, r.Client, true)
+	r.Log.Info("Completed Update of Oracle Restart instance status")
+	return orestartSfSet, orestartPod, nil
+}
+
+func (r *OracleRestartReconciler) updateOracleRestartInstStatus(
+	oracleRestart *oraclerestartdb.OracleRestart,
+	ctx context.Context,
+	req ctrl.Request,
+	OraRestartSpex oraclerestartdb.OracleRestartInstDetailSpec,
+	state string,
+	kClient client.Client,
+	mergingRequired bool,
+) {
+	const maxRetries = 5
+	const retryDelay = 2 * time.Second
+
+	var lastErr error
+	var failedUpdate bool
+	// Get/Update RAC instance status data
+	oraclerestartcommon.UpdateOracleRestartInstStatusData(oracleRestart, ctx, req, OraRestartSpex, state, r.kubeClient, r.kubeConfig, r.Log, r.Client)
+
+	for attempt := 0; attempt < maxRetries; attempt++ {
+
+		// Fetch the latest version of the object
+		latestInstance := &oraclerestartdb.OracleRestart{}
+		err := r.Client.Get(ctx, req.NamespacedName, latestInstance)
+		if err != nil {
+			r.Log.Error(err, "Failed to fetch the latest version of Oracle Restart instance")
+			lastErr = err
+			continue // Continue to retry
+		}
+		latestInstance.Status.OracleRestartNodes = oracleRestart.Status.OracleRestartNodes
+		if mergingRequired {
+
+			// Ensure latestInstance has the most recent version
+			r.ensureAsmStorageStatus(latestInstance)
+
+			// Merge the instance fields into latestInstance
+			err = mergeInstancesFromLatest(oracleRestart, latestInstance)
+			if err != nil {
+				r.Log.Error(err, "Failed to merge instances")
+			}
+		}
+
+		// Attempt to update the combined instance back to the Kubernetes API
+		// err = r.Status().Update(ctx, instance)
+		oracleRestart.ResourceVersion = latestInstance.ResourceVersion
+
+		err = r.Status().Update(ctx, oracleRestart)
+		if err != nil {
+			if apierrors.IsConflict(err) {
+				r.Log.Info("Conflict detected in updateOracleRestartInstStatus, retrying...", "attempt", attempt+1)
+				time.Sleep(retryDelay)
+				failedUpdate = true
+				continue // Retry
+			}
+			// For other errors, log and return
+			r.Log.Error(err, "Failed to update the Oracle Restart instance")
+			lastErr = err
+			failedUpdate = true
+			continue // Continue to retry
+		}
+		r.Log.Info("Oracle Restart Object updated with updateOracleRestartInstStatus")
+		failedUpdate = false
+		break //break if its updated successfully
+	}
+
+	// If we exhaust all retries, print the last error encountered
+	if failedUpdate {
+		r.Log.Info("failed to update Oracle Restart instance after 5 attempts", "lastErr", lastErr)
+	}
+}
+
+// GetRestrictedFields returns a set of field names that are restricted from being updated.
+func GetRestrictedFields() map[string]struct{} {
+	return map[string]struct{}{
+		"ConfigParams.DbName":                         {},
+		"ConfigParams.GridBase":                       {},
+		"ConfigParams.GridHome":                       {},
+		"ConfigParams.DbBase":                         {},
+		"ConfigParams.DbHome":                         {},
+		"ConfigParams.CrsAsmDiskDg":                   {},
+		"ConfigParams.CrsAsmDiskDgRedundancy":         {},
+		"ConfigParams.DBAsmDiskDgRedundancy":          {},
+		"ConfigParams.DbCharSet":                      {},
+		"ConfigParams.DbConfigType":                   {},
+		"ConfigParams.DbDataFileDestDg":               {},
+		"ConfigParams.DbUniqueName":                   {},
+		"ConfigParams.DbRecoveryFileDest":             {},
+		"ConfigParams.DbRedoFileSize":                 {},
+		"ConfigParams.DbStorageType":                  {},
+		"ConfigParams.DbSwZipFile":                    {},
+		"ConfigParams.GridSwZipFile":                  {},
+		"ConfigParams.GridResponseFile.ConfigMapName": {},
+		"ConfigParams.GridResponseFile.Name":          {},
+		"ConfigParams.DbResponseFile.ConfigMapName":   {},
+		"ConfigParams.DbResponseFile.Name":            {},
+	}
+}
+
+func mergeInstancesFromLatest(instance, latestInstance *oraclerestartdb.OracleRestart) error {
+	instanceVal := reflect.ValueOf(instance).Elem()
+	latestVal := reflect.ValueOf(latestInstance).Elem()
+
+	// Assuming `Status` is a field in `OracleRestart`
+	instanceStatus := instanceVal.FieldByName("Status")
+	latestStatus := latestVal.FieldByName("Status")
+
+	if !instanceStatus.IsValid() || !latestStatus.IsValid() {
+		return fmt.Errorf("status field is not valid in one of the instances")
+	}
+
+	// Merge the Status field
+	return mergeStructFields(instanceStatus, latestStatus)
+}
+
+func mergeStructFields(instanceField, latestField reflect.Value) error {
+	if instanceField.Kind() != reflect.Struct || latestField.Kind() != reflect.Struct {
+		return fmt.Errorf("fields to be merged must be of struct type")
+	}
+
+	for i := 0; i < instanceField.NumField(); i++ {
+		subField := instanceField.Type().Field(i)
+		instanceSubField := instanceField.Field(i)
+		latestSubField := latestField.Field(i)
+
+		if !isExported(subField) || !instanceSubField.CanSet() {
+			continue
+		}
+
+		switch latestSubField.Kind() {
+		case reflect.Ptr:
+			if !latestSubField.IsNil() && instanceSubField.IsNil() {
+				instanceSubField.Set(latestSubField)
+			}
+		case reflect.String:
+			if latestSubField.String() != "" && latestSubField.String() != "NOT_DEFINED" && instanceSubField.String() == "" {
+				instanceSubField.Set(latestSubField)
+			}
+		case reflect.Struct:
+			if err := mergeStructFields(instanceSubField, latestSubField); err != nil {
+				return err
+			}
+		default:
+			if reflect.DeepEqual(instanceSubField.Interface(), reflect.Zero(instanceSubField.Type()).Interface()) {
+				instanceSubField.Set(latestSubField)
+			}
+		}
+	}
+	return nil
+}
+
+func isExported(field reflect.StructField) bool {
+	return field.PkgPath == ""
+}
+
+// Create Configmap
+func (r *OracleRestartReconciler) generateConfigMap(instance *oraclerestartdb.OracleRestart) (map[string]string, error) {
+	configMapData := make(map[string]string, 0)
+	// new_crs_nodes, existing_crs_nodes_healthy, existing_crs_nodes_not_healthy, install_node, new_crs_nodes_list := oraclerestartcommon.GetCrsNodes(instance, r.kubeClient, r.kubeConfig, r.Log, r.Client)
+	install_node := instance.Spec.InstDetails.Name + "-0"
+	asm_devices := oraclerestartcommon.GetAsmDevices(instance)
+	var data []string
+	var addnodeFlag bool
+
+	data = append(data, "OP_TYPE=setuprac")
+	// --- Pick ALL envVars directly from CR spec ---
+	for _, e := range instance.Spec.InstDetails.EnvVars {
+		data = append(data, fmt.Sprintf("%s=%s", e.Name, e.Value))
+	}
+
+	// Service Parameters
+	if instance.Spec.ServiceDetails.Name != "" {
+		sparams := oraclerestartcommon.GetServiceParams(instance)
+		data = append(data, "DB_SERVICE="+sparams)
+	}
+	data = append(data, "CRS_GPC=true")
+
+	if instance.Spec.ConfigParams.PdbName != "" {
+		data = append(data, "ORACLE_PDB="+instance.Spec.ConfigParams.PdbName)
+	}
+
+	if instance.Spec.ConfigParams.DbHome != "" {
+		data = append(data, "DB_HOME="+instance.Spec.ConfigParams.DbHome)
+	} else {
+		if instance.Status.ConfigParams != nil {
+			if instance.Status.ConfigParams.DbHome != "" {
+				data = append(data, "DB_HOME="+instance.Status.ConfigParams.DbHome)
+			}
+		}
+	}
+
+	if instance.Spec.ConfigParams.DbBase != "" {
+		data = append(data, "DB_BASE="+instance.Spec.ConfigParams.DbBase)
+	} else {
+		if instance.Status.ConfigParams != nil {
+			if instance.Status.ConfigParams.DbBase != "" {
+				data = append(data, "DB_BASE="+instance.Status.ConfigParams.DbBase)
+			}
+		}
+	}
+
+	if instance.Spec.ConfigParams.GridBase != "" {
+		data = append(data, "GRID_BASE="+instance.Spec.ConfigParams.GridBase)
+	} else {
+		if instance.Status.ConfigParams != nil {
+			if instance.Status.ConfigParams.GridBase != "" {
+				data = append(data, "GRID_BASE="+instance.Status.ConfigParams.GridBase)
+			}
+		}
+	}
+
+	if instance.Spec.ConfigParams.GridHome != "" {
+		data = append(data, "GRID_HOME="+instance.Spec.ConfigParams.GridHome)
+	} else {
+		if instance.Status.ConfigParams != nil {
+			if instance.Status.ConfigParams.GridHome != "" {
+				data = append(data, "GRID_HOME="+instance.Status.ConfigParams.GridHome)
+			}
+		}
+	}
+
+	if instance.Spec.ConfigParams.Inventory != "" {
+		data = append(data, "INVENTORY="+instance.Spec.ConfigParams.Inventory)
+	} else {
+		if instance.Status.ConfigParams != nil {
+			if instance.Status.ConfigParams.Inventory != "" {
+				data = append(data, "INVENTORY="+instance.Status.ConfigParams.Inventory)
+			}
+		}
+	}
+
+	if instance.Spec.SshKeySecret.Name != " " {
+		//SecretMap check is done in ValidateSpex
+		data = append(data, "SSH_PRIVATE_KEY="+instance.Spec.SshKeySecret.KeyMountLocation+"/"+instance.Spec.SshKeySecret.PrivKeySecretName)
+		data = append(data, "SSH_PUBLIC_KEY="+instance.Spec.SshKeySecret.KeyMountLocation+"/"+instance.Spec.SshKeySecret.PubKeySecretName)
+	}
+
+	if instance.Spec.DbSecret != nil {
+		if instance.Spec.DbSecret.Name != "" {
+			data = append(data, "SECRET_VOLUME="+instance.Spec.DbSecret.PwdFileMountLocation)
+			commonpassflag, pwdkeyflag, _ := oraclerestartcommon.GetDbSecret(instance, instance.Spec.DbSecret.Name, r.Client)
+			if commonpassflag && pwdkeyflag {
+				data = append(data, "DB_PWD_FILE="+instance.Spec.DbSecret.PwdFileName)
+				data = append(data, "PWD_KEY="+instance.Spec.DbSecret.KeyFileName)
+			} else {
+				data = append(data, "PASSWORD_FILE=pwdfile")
+			}
+		}
+	}
+
+	if instance.Spec.TdeWalletSecret != nil {
+		if instance.Spec.TdeWalletSecret.Name != "" {
+			data = append(data, "TDE_SECRET_VOLUME="+instance.Spec.TdeWalletSecret.PwdFileMountLocation)
+			data = append(data, "SETUP_TDE_WALLET=true")
+			tdepassflag, tdepwdkeyflag, _ := oraclerestartcommon.GetTdeWalletSecret(instance, instance.Spec.TdeWalletSecret.Name, r.Client)
+			if tdepassflag && tdepwdkeyflag {
+				data = append(data, "TDE_PWD_FILE="+instance.Spec.TdeWalletSecret.PwdFileName)
+				data = append(data, "TDE_PWD_KEY="+instance.Spec.TdeWalletSecret.KeyFileName)
+			} else {
+				data = append(data, "PASSWORD_FILE=tdepwdfile")
+			}
+		}
+	}
+
+	data = append(data, "PROFILE_FLAG=true")
+	// data = append(data, "SCAN_NAME="+scan_name)
+
+	data = append(data, "INSTALL_NODE="+install_node)
+
+	if instance.Spec.ConfigParams.DbName != "" {
+		data = append(data, "DB_NAME="+instance.Spec.ConfigParams.DbName)
+	} else {
+		if instance.Status.ConfigParams != nil {
+			if instance.Status.ConfigParams.DbName != "" {
+				data = append(data, "DB_NAME="+instance.Status.ConfigParams.DbName)
+			}
+		}
+	}
+
+	if instance.Spec.ConfigParams.PdbName != "" {
+		data = append(data, "ORACLE_PDB_NAME="+instance.Spec.ConfigParams.PdbName)
+	} else {
+		if instance.Status.ConfigParams != nil {
+			if instance.Status.ConfigParams.PdbName != "" {
+				data = append(data, "ORACLE_PDB_NAME="+instance.Status.ConfigParams.PdbName)
+			}
+		}
+	}
+
+	if instance.Spec.ConfigParams.DbUniqueName != "" {
+		// Configmap check is done in ValidateSpex
+		data = append(data, "DB_UNIQUE_NAME="+instance.Spec.ConfigParams.DbUniqueName)
+	} else {
+		if instance.Status.ConfigParams != nil {
+			if instance.Status.ConfigParams.DbUniqueName != "" {
+				data = append(data, "DB_UNIQUE_NAME="+instance.Status.ConfigParams.DbUniqueName)
+			}
+		}
+	}
+
+	if instance.Spec.ConfigParams.GridSwZipFile != "" {
+		data = append(data, "GRID_SW_ZIP_FILE="+instance.Spec.ConfigParams.GridSwZipFile)
+		//data = append(data, "COPY_GRID_SOFTWARE=true")
+	}
+
+	if instance.Spec.ConfigParams.HostSwStageLocation != "" {
+		data = append(data, "STAGING_SOFTWARE_LOC="+instance.Spec.ConfigParams.HostSwStageLocation)
+	} else {
+		data = append(data, "STAGING_SOFTWARE_LOC="+utils.OraSwStageLocation)
+	}
+
+	if instance.Spec.ConfigParams.RuPatchLocation != "" {
+		data = append(data, "APPLY_RU_LOCATION="+instance.Spec.ConfigParams.RuPatchLocation)
+	}
+
+	if instance.Spec.ConfigParams.RuFolderName != "" {
+		data = append(data, "RU_FOLDER_NAME="+instance.Spec.ConfigParams.RuFolderName)
+	}
+
+	if instance.Spec.ConfigParams.OPatchLocation != "" {
+		data = append(data, "OPATCH_ZIP_FILE="+instance.Spec.ConfigParams.OPatchLocation+"/"+instance.Spec.ConfigParams.OPatchSwZipFile)
+	}
+	if instance.Spec.ConfigParams.OneOffLocation != "" {
+		data = append(data, "ONEOFF_FOLDER_NAME="+instance.Spec.ConfigParams.OneOffLocation)
+	}
+	if instance.Spec.ConfigParams.DbOneOffIds != "" {
+		data = append(data, "DB_ONEOFF_IDS="+instance.Spec.ConfigParams.DbOneOffIds)
+	}
+
+	if instance.Spec.ConfigParams.GridOneOffIds != "" {
+		data = append(data, "GRID_ONEOFF_IDS="+instance.Spec.ConfigParams.GridOneOffIds)
+	}
+
+	if instance.Spec.ConfigParams.DbSwZipFile != "" {
+		data = append(data, "DB_SW_ZIP_FILE="+instance.Spec.ConfigParams.DbSwZipFile)
+		//data = append(data, "COPY_DB_SOFTWARE=true")
+	}
+
+	if instance.Spec.ConfigParams.CrsAsmDiskDg != "" {
+		data = append(data, "CRS_ASM_DISKGROUP="+instance.Spec.ConfigParams.CrsAsmDiskDg)
+	} else {
+		if instance.Status.ConfigParams != nil {
+			if instance.Status.ConfigParams.CrsAsmDiskDg != "" {
+				data = append(data, "CRS_ASM_DISKGROUP="+instance.Status.ConfigParams.CrsAsmDiskDg)
+			}
+		}
+	}
+
+	if instance.Spec.ConfigParams.DbAsmDeviceList != "" {
+		data = append(data, "DB_ASM_DEVICE_LIST="+instance.Spec.ConfigParams.DbAsmDeviceList)
+	} else {
+		if instance.Status.ConfigParams != nil {
+			if instance.Status.ConfigParams.DbAsmDeviceList != "" {
+				data = append(data, "DB_ASM_DEVICE_LIST="+instance.Status.ConfigParams.DbAsmDeviceList)
+			}
+		}
+	}
+
+	if instance.Spec.ConfigParams.CrsAsmDeviceList != "" {
+		data = append(data, "CRS_ASM_DEVICE_LIST="+instance.Spec.ConfigParams.CrsAsmDeviceList)
+	} else {
+		data = append(data, "CRS_ASM_DEVICE_LIST="+asm_devices)
+	}
+
+	if instance.Spec.ConfigParams.RecoAsmDeviceList != "" {
+		data = append(data, "RECO_ASM_DEVICE_LIST="+instance.Spec.ConfigParams.RecoAsmDeviceList)
+	} else {
+		if instance.Status.ConfigParams != nil {
+			if instance.Status.ConfigParams.RecoAsmDeviceList != "" {
+				data = append(data, "RECO_ASM_DEVICE_LIST="+instance.Status.ConfigParams.RecoAsmDeviceList)
+			}
+		}
+	}
+
+	if instance.Spec.ConfigParams.RedoAsmDeviceList != "" {
+		data = append(data, "REDO_ASM_DEVICE_LIST="+instance.Spec.ConfigParams.RedoAsmDeviceList)
+	} else {
+		if instance.Status.ConfigParams != nil {
+			if instance.Status.ConfigParams.RedoAsmDeviceList != "" {
+				data = append(data, "REDO_ASM_DEVICE_LIST="+instance.Status.ConfigParams.RedoAsmDeviceList)
+			}
+		}
+	}
+
+	// Perform following if operation is not add node
+	if !addnodeFlag {
+		if instance.Spec.ConfigParams.DbDataFileDestDg != "" {
+			data = append(data, "DB_DATA_FILE_DEST="+instance.Spec.ConfigParams.DbDataFileDestDg)
+		}
+
+		if instance.Spec.ConfigParams.DbStorageType != "" {
+			data = append(data, "DB_STORAGE_TYPE="+instance.Spec.ConfigParams.DbStorageType)
+		}
+
+		if instance.Spec.ConfigParams.DbCharSet != "" {
+			data = append(data, "DB_CHARACTERSET="+instance.Spec.ConfigParams.DbCharSet)
+		}
+
+		if instance.Spec.ConfigParams.DbRedoFileSize != "" {
+			data = append(data, "DB_REDO_FILE_SIZE="+instance.Spec.ConfigParams.DbRedoFileSize)
+		}
+
+		if instance.Spec.ConfigParams.DbType != "" {
+			data = append(data, "DB_TYPE="+instance.Spec.ConfigParams.DbType)
+		}
+
+		if instance.Spec.ConfigParams.DbConfigType != "" {
+			data = append(data, "DB_CONFIG_TYPE="+instance.Spec.ConfigParams.DbConfigType)
+		}
+
+		if instance.Spec.ConfigParams.EnableArchiveLog != "" {
+			data = append(data, "ENABLE_ARCHIVELOG="+instance.Spec.ConfigParams.EnableArchiveLog)
+		}
+
+		if instance.Spec.ConfigParams.GridResponseFile.ConfigMapName != "" {
+			// Configmap check is done in ValidateSpex
+			data = append(data, "GRID_RESPONSE_FILE="+utils.OraGiRsp+"/"+instance.Spec.ConfigParams.GridResponseFile.Name)
+		}
+
+		if instance.Spec.ConfigParams.DbResponseFile.ConfigMapName != "" {
+			// Configmap check is done in ValidateSpex
+			data = append(data, "DBCA_RESPONSE_FILE="+utils.OraDbRsp+"/"+instance.Spec.ConfigParams.DbResponseFile.Name)
+		}
+
+		// Getting DB Related paraeters
+
+		if instance.Spec.ConfigParams.SgaSize != "" {
+			// Configmap check is done in ValidateSpex
+			data = append(data, "INIT_SGA_SIZE="+instance.Spec.ConfigParams.SgaSize)
+		}
+
+		if instance.Spec.ConfigParams.PgaSize != "" {
+			// Configmap check is done in ValidateSpex
+			data = append(data, "INIT_PGA_SIZE="+instance.Spec.ConfigParams.PgaSize)
+		}
+
+		if instance.Spec.ConfigParams.Processes > 0 {
+			// Configmap check is done in ValidateSpex
+			data = append(data, "INIT_PROCESSES="+strconv.Itoa(instance.Spec.ConfigParams.Processes))
+		}
+
+		if instance.Spec.ConfigParams.CpuCount > 0 {
+			// Configmap check is done in ValidateSpex
+			data = append(data, "CPU_COUNT="+strconv.Itoa(instance.Spec.ConfigParams.CpuCount))
+		}
+
+		if instance.Spec.ConfigParams.DbRecoveryFileDest != "" {
+			// Configmap check is done in ValidateSpex
+			data = append(data, "DB_RECOVERY_FILE_DEST="+instance.Spec.ConfigParams.DbRecoveryFileDest)
+		}
+
+		if instance.Spec.ConfigParams.RedoAsmDiskDg != "" {
+			// Configmap check is done in ValidateSpex
+			data = append(data, "LOG_FILE_DEST="+instance.Spec.ConfigParams.RedoAsmDiskDg)
+		}
+
+		if instance.Spec.ConfigParams.DbRecoveryFileDestSize != "" {
+			// Configmap check is done in ValidateSpex
+			data = append(data, "DB_RECOVERY_FILE_DEST_SIZE="+instance.Spec.ConfigParams.DbRecoveryFileDestSize)
+		}
+		if instance.Spec.ConfigParams.DBAsmDiskDgRedundancy != "" {
+			data = append(data, "DB_ASMDG_PROPERTIES="+"redundancy:"+instance.Spec.ConfigParams.DBAsmDiskDgRedundancy)
+		}
+
+		if instance.Spec.ConfigParams.RedoAsmDiskDgRedundancy != "" {
+			data = append(data, "REDO_ASMDG_PROPERTIES="+"redundancy:"+instance.Spec.ConfigParams.RedoAsmDiskDgRedundancy)
+		}
+
+		if instance.Spec.ConfigParams.RecoAsmDiskDgRedundancy != "" {
+			data = append(data, "RECO_ASMDG_PROPERTIES="+"redundancy:"+instance.Spec.ConfigParams.RecoAsmDiskDgRedundancy)
+		}
+
+		if instance.Spec.ConfigParams.CrsAsmDiskDgRedundancy != "" {
+			data = append(data, "CRS_ASMDG_REDUNDANCY="+"redundancy="+instance.Spec.ConfigParams.CrsAsmDiskDgRedundancy)
+		}
+	}
+
+	configMapData["envfile"] = strings.Join(data, "\r\n")
+
+	return configMapData, nil
+}
+
+// ================================== CREATE FUNCTIONS =============================
+
+// Create the configmap
+
+func (r *OracleRestartReconciler) createConfigMap(
+	ctx context.Context,
+	instance oraclerestartdb.OracleRestart,
+	cm *corev1.ConfigMap,
+) (ctrl.Result, bool, error) { // Added `bool` return
+	reqLogger := r.Log.WithValues("Instance.Namespace", instance.Namespace, "Instance.Name", instance.Name)
+
+	found := &corev1.ConfigMap{}
+	err := r.Get(ctx, types.NamespacedName{
+		Name:      cm.Name,
+		Namespace: instance.Namespace,
+	}, found)
+	if err != nil && apierrors.IsNotFound(err) {
+		// ConfigMap does not exist - create it
+		reqLogger.Info("Creating Configmap Normally")
+		if err = r.Create(ctx, cm); err != nil {
+			reqLogger.Error(err, "failed to create configmap", "namespace", instance.Namespace)
+			return ctrl.Result{}, false, err
+		}
+		return ctrl.Result{Requeue: true}, true, nil // Indicate configmap was created
+	} else if err != nil {
+		// Error getting ConfigMap
+		reqLogger.Error(err, "failed to find the configmap details")
+		return ctrl.Result{}, false, err
+	}
+
+	// At this point, ConfigMap exists: found
+	// Compare data and update if needed only for environment variables changes
+	if found.Data["envfile"] != cm.Data["envfile"] {
+		reqLogger.Info("ConfigMap env key changed, updating")
+		found.Data["envfile"] = cm.Data["envfile"]
+		if err := r.Update(ctx, found); err != nil {
+			reqLogger.Error(err, "failed to update configmap", "namespace", instance.Namespace)
+			return ctrl.Result{}, false, err
+		}
+		return ctrl.Result{Requeue: true}, true, nil // Indicate data was changed
+	}
+
+	// No changes needed
+	return ctrl.Result{}, false, nil
+}
+
+// This function create a service based isExtern parameter set in the yaml file
+func (r *OracleRestartReconciler) createOrReplaceService(ctx context.Context, instance *oraclerestartdb.OracleRestart,
+	dep *corev1.Service,
+) (ctrl.Result, error) {
+	reqLogger := r.Log.WithValues("Instance.Namespace", instance.Namespace, "Instance.Name", instance.Name)
+	// See if Service already exists and create if it doesn't
+
+	found := &corev1.Service{}
+
+	err := r.Get(ctx, types.NamespacedName{
+		Name:      dep.Name,
+		Namespace: instance.Namespace,
+	}, found)
+
+	jsn, _ := json.Marshal(dep)
+	oraclerestartcommon.LogMessages("DEBUG", string(jsn), nil, instance, r.Log)
+	if err != nil && apierrors.IsNotFound(err) {
+		// Create the Service
+		reqLogger.Info("Creating a service")
+		err = r.Create(ctx, dep)
+		if err != nil {
+			// Service creation failed
+			instance.Spec.IsFailed = true
+			reqLogger.Error(err, "Failed to create Service", "Service.Namespace", dep.Namespace, "Service.Name", dep.Name)
+			return ctrl.Result{}, nil
+		} else {
+			// Service creation was successful
+			return ctrl.Result{Requeue: true}, nil
+		}
+	} else if err != nil {
+		// Error that isn't due to the Service not existing
+		reqLogger.Error(err, "Failed to find the  Service details")
+		return ctrl.Result{}, err
+	}
+
+	return ctrl.Result{}, nil
+}
+
+// ================================== CREATE FUNCTIONS =============================
+// This function create a service based isExtern parameter set in the yaml file
+
+func (r *OracleRestartReconciler) createOrReplaceAsmPv(
+	ctx context.Context,
+	instance *oraclerestartdb.OracleRestart,
+	dep *corev1.PersistentVolume,
+) (string, ctrl.Result, error) {
+	reqLogger := r.Log.WithValues("Instance.Namespace", instance.Namespace, "Instance.Name", instance.Name)
+	found := &corev1.PersistentVolume{}
+	if dep == nil {
+		reqLogger.Error(nil, "PersistentVolume spec (dep) is nil")
+		return "", ctrl.Result{}, fmt.Errorf("PV object is nil")
+	}
+
+	// Fetch the existing PV
+	err := r.Get(context.TODO(), types.NamespacedName{
+		Name: dep.Name,
+	}, found)
+
+	jsn, _ := json.Marshal(dep)
+	oraclerestartcommon.LogMessages("DEBUG", string(jsn), nil, instance, r.Log)
+
+	if err != nil && apierrors.IsNotFound(err) {
+		// PV does not exist, create it
+		reqLogger.Info("Creating a new PV", "dep.Name", dep.Name)
+		err = r.Create(context.TODO(), dep)
+		if err != nil {
+			// PV creation failed
+			instance.Spec.IsFailed = true
+			reqLogger.Error(err, "Failed to create Persistent Volume", "PV.Name", dep.Name)
+			return "", ctrl.Result{}, err
+		}
+		return dep.Name, ctrl.Result{}, nil
+	} else if err != nil {
+		// Other errors fetching the PV
+		reqLogger.Error(err, "Failed to get Persistent Volume details")
+		return "", ctrl.Result{}, err
+	}
+
+	// Check if the disk path or configuration differs from the existing PV
+	if !reflect.DeepEqual(dep.Spec.PersistentVolumeSource.Local, found.Spec.PersistentVolumeSource.Local) {
+		// Disk configuration has changed, delete the old PV and create a new one
+		reqLogger.Info("Detected existing PV with different disk details and as the configuration has changed, setup cannot continue", "dep.Name", dep.Name)
+		return "", ctrl.Result{}, fmt.Errorf("persistent volume %s has a different disk configuration. Please delete or update the existing PV to proceed", dep.Name)
+	}
+
+	reqLogger.Info("PV Found", "dep.Name", dep.Name)
+
+	return found.Name, ctrl.Result{}, nil
+}
+
+// ================================== CREATE FUNCTIONS =============================
+// This function create a PVC set in the yaml file
+func (r *OracleRestartReconciler) createOrReplaceAsmPvC(ctx context.Context, instance *oraclerestartdb.OracleRestart,
+	dep *corev1.PersistentVolumeClaim,
+) (string, ctrl.Result, error) {
+	reqLogger := r.Log.WithValues("Instance.Namespace", instance.Namespace, "Instance.Name", instance.Name)
+	found := &corev1.PersistentVolumeClaim{}
+
+	err := r.Get(ctx, types.NamespacedName{
+		Name:      dep.Name,
+		Namespace: instance.Namespace,
+	}, found)
+
+	jsn, _ := json.Marshal(dep)
+	oraclerestartcommon.LogMessages("DEBUG", string(jsn), nil, instance, r.Log)
+	if err != nil && apierrors.IsNotFound(err) {
+		// Create the Service
+		reqLogger.Info("Creating a PVC")
+		dep.Spec.Selector = nil
+		err = r.Create(ctx, dep)
+		if err != nil {
+			// Service creation failed
+			instance.Spec.IsFailed = true
+			reqLogger.Error(err, "Failed to create Persistent Volume", "PVC.Namespace", dep.Namespace, "PersistentVolume.Name", dep.Name)
+			return "", ctrl.Result{}, err
+		} else {
+			// Service creation was successful
+			return dep.Name, ctrl.Result{}, nil
+		}
+	} else if err != nil {
+		// Error that isn't due to the Service not existing
+		reqLogger.Error(err, "Failed to find the persistent volume Claim details")
+		return "", ctrl.Result{}, err
+	}
+
+	return found.Name, ctrl.Result{}, nil
+}
+
+// ensureAsmStorageStatus initializes AsmStorageDetails and AsmStorageStatus if they are nil
+func (r *OracleRestartReconciler) ensureAsmStorageStatus(oracleRestart *oraclerestartdb.OracleRestart) {
+	// Check if AsmDetails is nil and initialize it if necessary
+	if oracleRestart.Status.AsmDetails == nil {
+		oracleRestart.Status.AsmDetails = &oraclerestartdb.AsmInstanceStatus{
+			Diskgroup: []oraclerestartdb.AsmDiskgroupStatus{},
+		}
+	}
+
+}
+
+func (r *OracleRestartReconciler) ensureStatefulSetUpdated(ctx context.Context,
+	reqLogger logr.Logger,
+	oracleRestart *oraclerestartdb.OracleRestart,
+	desired *appsv1.StatefulSet,
+	asmAutoUpdate bool,
+	// isDelete bool,
+	req ctrl.Request) error {
+	timeout := 15 * time.Minute // Set a timeout for the update wait
+	timeoutCtx, cancel := context.WithTimeout(ctx, timeout)
+	defer cancel()
+
+	// Fetch the existing StatefulSet
+	existing := &appsv1.StatefulSet{}
+	err := r.Get(ctx, types.NamespacedName{
+		Name:      desired.Name,
+		Namespace: oracleRestart.Namespace,
+	}, existing)
+	if err != nil {
+		if apierrors.IsNotFound(err) {
+			// If the StatefulSet doesn't exist, create it
+			reqLogger.Info("StatefulSet not found, creating new one", "StatefulSet.Namespace", oracleRestart.Namespace, "StatefulSet.Name", desired.Name)
+			return r.Create(ctx, desired)
+		}
+		reqLogger.Error(err, "Failed to get StatefulSet", "StatefulSet.Namespace", oracleRestart.Namespace, "StatefulSet.Name", desired.Name)
+		return err
+	}
+
+	// Compare the existing StatefulSet spec with the desired spec, sfs is replaced when ASM devices are added or removed
+	if len(existing.Spec.Template.Spec.Containers[0].VolumeDevices) != len(desired.Spec.Template.Spec.Containers[0].VolumeDevices) {
+		r.Log.Info("Change State to UPDATING")
+
+		// Update status for each instance
+		r.updateOracleRestartInstStatus(oracleRestart, ctx, req, oracleRestart.Spec.InstDetails, string(oraclerestartdb.OracleRestartUpdateState), r.Client, true)
+
+		reqLogger.Info("StatefulSet spec differs for volume devices, updating StatefulSet (pods may be recreated)", "StatefulSet.Namespace", oracleRestart.Namespace, "StatefulSet.Name", desired.Name)
+
+		// Perform the update
+		err := r.Update(ctx, desired)
+		if err != nil {
+			reqLogger.Error(err, "Failed to update StatefulSet", "StatefulSet.Namespace", oracleRestart.Namespace, "StatefulSet.Name", desired.Name)
+			return err
+		}
+
+		reqLogger.Info("StatefulSet update applied, waiting for pod recreation", "StatefulSet.Namespace", oracleRestart.Namespace, "StatefulSet.Name", desired.Name)
+		// } else {
+		// r.Log.Info("Change State to UPDATING")
+
+		// Wait for the update to be applied
+		for {
+			select {
+			case <-timeoutCtx.Done():
+				reqLogger.Error(timeoutCtx.Err(), "Timed out waiting for StatefulSet update", "StatefulSet.Namespace", oracleRestart.Namespace, "StatefulSet.Name", desired.Name)
+				return timeoutCtx.Err()
+
+			default:
+				updated := &appsv1.StatefulSet{}
+				err := r.Get(ctx, client.ObjectKey{
+					Name:      desired.Name,
+					Namespace: oracleRestart.Namespace,
+				}, updated)
+
+				if err != nil {
+					reqLogger.Error(err, "Failed to get StatefulSet after update", "StatefulSet.Namespace", oracleRestart.Namespace, "StatefulSet.Name", desired.Name)
+					return err
+				}
+
+				if reflect.DeepEqual(updated.Spec.Template.Spec.Containers[0].VolumeDevices, desired.Spec.Template.Spec.Containers[0].VolumeDevices) {
+					reqLogger.Info("StatefulSet update is applied successfully", "StatefulSet.Namespace", oracleRestart.Namespace, "StatefulSet.Name", desired.Name)
+					return nil
+				}
+
+				reqLogger.Info("Waiting for StatefulSet update to be applied", "StatefulSet.Namespace", oracleRestart.Namespace, "StatefulSet.Name", desired.Name)
+				time.Sleep(5 * time.Second)
+			}
+		}
+		// }
+	} else {
+		reqLogger.Info("StatefulSet matches for  ASM devices, SFS wont be updated", "StatefulSet.Namespace", oracleRestart.Namespace, "StatefulSet.Name", desired.Name)
+		return nil
+	}
+}
+
+func executeDiskGroupCommand(podName string, cmd []string, kubeClient kubernetes.Interface, kubeConfig clientcmd.ClientConfig, instance *oraclerestartdb.OracleRestart, logger logr.Logger) (string, string, error) {
+	return oraclerestartcommon.ExecCommand(podName, cmd, kubeClient, kubeConfig, instance, logger)
+}
+
+// Function to get the disk group name
+func getDiskGroupName(deviceDg string, oracleRestart *oraclerestartdb.OracleRestart) string {
+	switch deviceDg {
+	case oracleRestart.Spec.ConfigParams.CrsAsmDeviceList:
+		return oracleRestart.Spec.ConfigParams.CrsAsmDiskDg
+	case oracleRestart.Spec.ConfigParams.DbAsmDeviceList:
+		return oracleRestart.Spec.ConfigParams.DbDataFileDestDg
+	default:
+		return ""
+	}
+}
+
+// Function to check if a disk group exists
+func (r *OracleRestartReconciler) diskGroupExists(podName, diskGroupName string, kubeClient kubernetes.Interface, kubeConfig clientcmd.ClientConfig, instance *oraclerestartdb.OracleRestart, logger logr.Logger) (bool, error) {
+	reqLogger := r.Log.WithValues("Instance.Namespace", instance.Namespace, "Instance.Name", instance.Name)
+	cmd := "python3 /opt/scripts/startup/scripts/main.py --getasmdiskgroup=true"
+	stdout, _, err := oraclerestartcommon.ExecCommand(podName, []string{"bash", "-c", cmd}, r.kubeClient, r.kubeConfig, instance, reqLogger)
+	if err != nil {
+		return false, err
+	}
+	if strings.Contains(stdout, diskGroupName) {
+		return true, nil
+	}
+	return false, nil
+}
+
+// Function to add disks
+func (r *OracleRestartReconciler) addDisks(ctx context.Context, podList *corev1.PodList, instance *oraclerestartdb.OracleRestart, diskGroupName string, deviceList []string) error {
+	reqLogger := r.Log.WithValues("Instance.Namespace", instance.Namespace, "Instance.Name", instance.Name)
+	// Remove '+' prefix if present
+	if strings.HasPrefix(diskGroupName, "+") {
+		diskGroupName = strings.TrimPrefix(diskGroupName, "+")
+	}
+
+	for _, pod := range podList.Items {
+		podName := pod.Name
+
+		// Check if the disk group exists before trying to add disks
+		exists, err := r.diskGroupExists(podName, diskGroupName, r.kubeClient, r.kubeConfig, instance, reqLogger)
+		if err != nil {
+			reqLogger.Error(err, "Failed to check if disk group exists", "Pod.Name", podName, "DiskGroup", diskGroupName)
+			return err
+		}
+		if !exists {
+			err = fmt.Errorf("disk group %s does not exist", diskGroupName)
+			reqLogger.Error(err, "Disk group does not exist", "Pod.Name", podName, "DiskGroup", diskGroupName)
+			return err
+		}
+
+		for _, disk := range deviceList {
+			cmd := fmt.Sprintf("python3 /opt/scripts/startup/scripts/main.py --updateasmdevices=\"diskname=%s;diskgroup=%s;processtype=addition\"", disk, diskGroupName)
+			reqLogger.Info("Executing command to add disk", "Pod.Name", podName, "Command", cmd)
+			stdout, stderr, err := oraclerestartcommon.ExecCommand(podName, []string{"bash", "-c", cmd}, r.kubeClient, r.kubeConfig, instance, reqLogger)
+			if err != nil {
+				instance.Spec.IsFailed = true
+				reqLogger.Error(err, "Failed to execute command", "Pod.Name", podName, "Command", cmd, "Stdout", stdout, "Stderr", stderr)
+				return err
+			}
+		}
+	}
+	return nil
+}
+
+// Function to check DaemonSet status with retry, timeout, and log analysis
+func checkDaemonSetStatus(ctx context.Context, r *OracleRestartReconciler, oracleRestart *oraclerestartdb.OracleRestart) (bool, error) {
+	timeout := time.After(2 * time.Minute)
+	tick := time.NewTicker(10 * time.Second) // Poll every 10 seconds
+	defer tick.Stop()
+	// Sleep for 60 seconds
+	for {
+		select {
+		case <-timeout:
+			// Timeout reached
+			ds := &appsv1.DaemonSet{}
+			err := r.Client.Get(ctx, types.NamespacedName{
+				Name:      "disk-check-daemonset",
+				Namespace: oracleRestart.Namespace,
+			}, ds)
+			if err != nil {
+				return false, err
+			}
+
+			// Fetch the list of Pods managed by the DaemonSet
+			pods, err := r.kubeClient.CoreV1().Pods(oracleRestart.Namespace).List(ctx, metav1.ListOptions{
+				LabelSelector: "app=disk-check",
+			})
+			if err != nil {
+				return false, err
+			}
+
+			// Check logs from each Pod
+			for _, pod := range pods.Items {
+				if pod.Status.Phase != corev1.PodRunning {
+					// Pod is not running, check for logs and errors
+					logs, err := r.kubeClient.CoreV1().Pods(oracleRestart.Namespace).GetLogs(
+						pod.Name,
+						&corev1.PodLogOptions{},
+					).DoRaw(ctx)
+					if err != nil {
+						return false, err
+					}
+
+					if bytes.Contains(logs, []byte("not a valid block device")) {
+						// Disk validation failed
+						return false, nil
+					}
+				}
+			}
+
+			// DaemonSet did not become ready or running within the timeout
+			return false, fmt.Errorf("DaemonSet %s/%s did not become ready or running within 5 minutes", oracleRestart.Namespace, "disk-check-daemonset")
+
+		case <-tick.C:
+			// Check DaemonSet status
+			ds := &appsv1.DaemonSet{}
+			err := r.Client.Get(ctx, types.NamespacedName{
+				Name:      "disk-check-daemonset",
+				Namespace: oracleRestart.Namespace,
+			}, ds)
+			if err != nil {
+				return false, err
+			}
+
+			// Check DaemonSet readiness
+			if ds.Status.NumberReady == ds.Status.DesiredNumberScheduled && ds.Status.NumberReady > 0 {
+				// DaemonSet is running and ready
+				return true, nil
+			}
+
+			// If DaemonSet is not ready, fetch the list of Pods managed by the DaemonSet
+			pods, err := r.kubeClient.CoreV1().Pods(oracleRestart.Namespace).List(ctx, metav1.ListOptions{
+				LabelSelector: "app=disk-check",
+			})
+			if err != nil {
+				return false, err
+			}
+
+			// Check logs from each Pod
+			for _, pod := range pods.Items {
+				// Pod is not running, check for logs and errors
+				logs, err := r.kubeClient.CoreV1().Pods(oracleRestart.Namespace).GetLogs(
+					pod.Name,
+					&corev1.PodLogOptions{},
+				).DoRaw(ctx)
+				if err != nil {
+					return false, err
+				}
+
+				if bytes.Contains(logs, []byte("not a valid block device")) {
+					// Disk validation failed
+					return false, nil
+				}
+
+			}
+		}
+	}
+}
+
+// ================================== CREATE FUNCTIONS =============================
+func (r *OracleRestartReconciler) createOrReplaceSfs(
+	ctx context.Context,
+	req ctrl.Request,
+	oracleRestart oraclerestartdb.OracleRestart,
+	dep *appsv1.StatefulSet,
+	index int,
+	isLast bool,
+	oldState string,
+	configmapChanged bool,
+) (ctrl.Result, error) {
+	reqLogger := r.Log.WithValues("Instance.Namespace", oracleRestart.Namespace, "Instance.Name", oracleRestart.Name)
+	found := &appsv1.StatefulSet{}
+
+	err := r.Get(ctx, types.NamespacedName{
+		Name:      dep.Name,
+		Namespace: oracleRestart.Namespace,
+	}, found)
+
+	jsn, _ := json.Marshal(dep)
+	oraclerestartcommon.LogMessages("DEBUG", string(jsn), nil, &oracleRestart, r.Log)
+
+	if err != nil && apierrors.IsNotFound(err) {
+		// CREATE
+		r.updateOracleRestartInstStatus(&oracleRestart, ctx, req, oracleRestart.Spec.InstDetails,
+			string(oraclerestartdb.OracleRestartProvisionState), r.Client, true)
+		reqLogger.Info("Creating a StatefulSet Normally", "StatefulSetName", dep.Name)
+		err = r.Create(ctx, dep)
+		if err != nil {
+			oracleRestart.Spec.IsFailed = true
+			reqLogger.Error(err, "Failed to create StatefulSet", "StatefulSet.Namespace", dep.Namespace, "StatefulSet.Name", dep.Name)
+			return ctrl.Result{}, err
+		} else if !isLast {
+			// StatefulSet creation was successful
+			return ctrl.Result{}, nil
+		}
+	} else if err != nil {
+		// Any other Get error
+		reqLogger.Error(err, "Failed to find the StatefulSet details")
+		return ctrl.Result{}, err
+	} else {
+		// Compare resource requirements
+		foundRes := found.Spec.Template.Spec.Containers[0].Resources
+		depRes := dep.Spec.Template.Spec.Containers[0].Resources
+		resourcesChanged := !reflect.DeepEqual(foundRes, depRes)
+
+		// Compare configMap relevant data (example: pass in variable configmapChanged)
+		if resourcesChanged || configmapChanged {
+			// Copy metadata fields that must be preserved
+			dep.ResourceVersion = found.ResourceVersion
+			dep.UID = found.UID
+			dep.CreationTimestamp = found.CreationTimestamp
+			dep.ManagedFields = found.ManagedFields
+			dep.Status = found.Status
+
+			reason := "unknown"
+			if resourcesChanged && configmapChanged {
+				reason = "resource and configmap change"
+			} else if resourcesChanged {
+				reason = "resource change"
+			} else if configmapChanged {
+				reason = "configmap change"
+			}
+
+			reqLogger.Info("Updating StatefulSet due to "+reason, "StatefulSetName", dep.Name)
+			err = r.Update(ctx, dep)
+			if err != nil {
+				oracleRestart.Spec.IsFailed = true
+				reqLogger.Error(err, "Failed to update StatefulSet", "StatefulSet.Namespace", dep.Namespace, "StatefulSet.Name", dep.Name)
+				return ctrl.Result{}, err
+			}
+		}
+	}
+
+	return ctrl.Result{}, nil
+}
+
+// ================================== CREATE FUNCTIONS =============================
+// This function create a PVC set in the yaml file
+func (r *OracleRestartReconciler) createOrReplaceSfsAsm(ctx context.Context, req ctrl.Request, oracleRestart *oraclerestartdb.OracleRestart,
+	dep *appsv1.StatefulSet, asmAutoUpdate bool, index int, isLast bool, oldSpec *oraclerestartdb.OracleRestartSpec,
+) (ctrl.Result, error) {
+	reqLogger := r.Log.WithValues("oracleRestart.Namespace", oracleRestart.Namespace, "oracleRestart.Name", oracleRestart.Name)
+
+	found := &appsv1.StatefulSet{}
+
+	// Check if the StatefulSet was found successfully
+	err := r.Get(ctx, types.NamespacedName{
+		Name:      dep.Name,
+		Namespace: oracleRestart.Namespace,
+	}, found)
+	if err != nil {
+		reqLogger.Error(err, "Failed to find existing StatefulSet to update")
+		return ctrl.Result{}, err
+	}
+
+	addedAsmDisks, removedAsmDisks := getAddedAndRemovedDisks(oracleRestart, oldSpec, index)
+
+	// Deletion Process execution
+	// isDelete := false
+	inUse := false
+	if len(removedAsmDisks) > 0 {
+		OraRacSpex := oracleRestart.Spec.InstDetails
+		racSfSet, err := oraclerestartcommon.CheckSfset(OraRacSpex.Name, oracleRestart, r.Client)
+		if err != nil {
+			errMsg := fmt.Errorf("failed to retrieve StatefulSet for RAC database '%s': %w", OraRacSpex.Name, err)
+			r.Log.Error(err, errMsg.Error())
+			return reconcile.Result{}, errMsg
+		}
+
+		// Step 2: Get the Pod list
+		podList, err := oraclerestartcommon.GetPodList(racSfSet.Name, oracleRestart, r.Client, OraRacSpex)
+		if err != nil {
+			errMsg := fmt.Errorf("failed to retrieve pod list for StatefulSet '%s': %w", racSfSet.Name, err)
+			r.Log.Error(err, errMsg.Error())
+			return reconcile.Result{}, errMsg
+		}
+		if len(podList.Items) == 0 {
+			errMsg := fmt.Errorf("no pods found for StatefulSet '%s'", racSfSet.Name)
+			r.Log.Error(errMsg, "Empty pod list")
+			return reconcile.Result{}, errMsg
+		}
+
+		// Step 3: Use last pod to get ASM state
+		podName := podList.Items[len(podList.Items)-1].Name
+		oracleRestart.Status.AsmDetails = oraclerestartcommon.GetAsmInstState(podName, oracleRestart, 0, r.kubeClient, r.kubeConfig, r.Log)
+
+		// Check if removed disks are in use in any diskgroup
+		asmInstanceStatus := oracleRestart.Status.AsmDetails
+		// isDelete = true
+		for _, removedAsmDisk := range removedAsmDisks {
+			for _, diskgroup := range asmInstanceStatus.Diskgroup {
+				for _, asmDiskStr := range diskgroup.Disks {
+					asmDisks := strings.Split(asmDiskStr, ",")
+					// Now compare each disk with removedAsmDisk
+					for _, asmDisk := range asmDisks {
+						if removedAsmDisk == asmDisk {
+							inUse = true
+							// / Disk is in use, return a message to the user and dont proceed further
+							err := fmt.Errorf("disk '%s' is part of diskgroup '%s' and must be manually removed before proceeding", removedAsmDisk, diskgroup.Name)
+							r.Log.Info("Disk is in use and cannot be removed. Must be manually removed before proceeding", "disk", removedAsmDisk, "diskgroup", diskgroup.Name)
+							return reconcile.Result{}, err
+						}
+					}
+				}
+			}
+		}
+	}
+
+	r.ensureAsmStorageStatus(oracleRestart)
+
+	// Ensure the StatefulSet is updated or re-created based on autoUpdate set to true/false
+	// err = r.ensureStatefulSetUpdated(ctx, reqLogger, OracleRestart, dep, autoUpdate, isDelete, req)
+	err = r.ensureStatefulSetUpdated(ctx, reqLogger, oracleRestart, dep, asmAutoUpdate, req)
+	if err != nil {
+		oracleRestart.Spec.IsFailed = true
+		reqLogger.Error(err, "Failed to ensure StatefulSet is updated or created")
+		r.updateOracleRestartInstStatus(oracleRestart, ctx, req, oracleRestart.Spec.InstDetails, string(oraclerestartdb.OracleRestartFailedState), r.Client, true)
+		return ctrl.Result{}, err
+	}
+
+	// Wait for all Pods to be created and running
+	podList := &corev1.PodList{}
+	timeout := time.After(15 * time.Minute) // 15-minute timeout
+	ticker := time.NewTicker(1 * time.Minute)
+	defer ticker.Stop()
+
+	allPodsRunning := false
+
+waitLoop:
+	for {
+		select {
+		case <-timeout:
+			reqLogger.Info("Timed out waiting for all Pods to be created and running", "StatefulSet.Namespace", dep.Namespace, "StatefulSet.Name", dep.Name)
+			return reconcile.Result{}, fmt.Errorf("timed out waiting for all Pods to be created and running")
+		case <-ticker.C:
+			err = r.List(ctx, podList, client.InNamespace(dep.Namespace), client.MatchingLabels(dep.Spec.Template.Labels))
+			if err != nil {
+				reqLogger.Error(err, "Failed to list Pods", "StatefulSet.Namespace", dep.Namespace, "StatefulSet.Name", dep.Name)
+				return reconcile.Result{}, err
+			}
+
+			allPodsRunning = true
+			for _, pod := range podList.Items {
+				if pod.Status.Phase != corev1.PodRunning {
+					allPodsRunning = false
+					reqLogger.Info("Waiting for Pod to be running", "Pod.Namespace", pod.Namespace, "Pod.Name", pod.Name)
+					break
+				}
+			}
+
+			if allPodsRunning {
+				reqLogger.Info("All Pods are running", "StatefulSet.Namespace", dep.Namespace, "StatefulSet.Name", dep.Name)
+				break waitLoop
+			}
+		}
+	}
+
+	if allPodsRunning {
+		const (
+			podCheckInterval = 15 * time.Second // Interval between pod readiness checks
+			podReadyTimeout  = 15 * time.Minute // Maximum wait time for pod readiness
+		)
+
+		timeoutCtx, cancel := context.WithTimeout(ctx, podReadyTimeout)
+		defer cancel()
+
+		// Wait for StatefulSet pods to be ready
+		for i := 0; i < len(dep.Spec.Template.Spec.Containers); i++ {
+			podName := fmt.Sprintf("%s-%d", dep.Name, i)
+			var isPodReady bool
+
+		waitForPodASM:
+			for {
+				select {
+				case <-timeoutCtx.Done():
+					reqLogger.Error(timeoutCtx.Err(), "Timed out waiting for pod to be ready", "Pod.Name", podName)
+					r.updateOracleRestartInstStatus(oracleRestart, ctx, req, oracleRestart.Spec.InstDetails, string(oraclerestartdb.OracleRestartFailedState), r.Client, true)
+					return ctrl.Result{}, timeoutCtx.Err()
+				default:
+					podList, err := oraclerestartcommon.GetPodList(dep.Name, oracleRestart, r.Client, oracleRestart.Spec.InstDetails)
+					if err != nil {
+						reqLogger.Error(err, "Failed to list pods")
+						return ctrl.Result{}, err
+					}
+					time.Sleep(podCheckInterval)
+					isPodReady, _, _ = oraclerestartcommon.PodListValidation(podList, dep.Name, oracleRestart, r.Client)
+					if isPodReady {
+						reqLogger.Info("Pod is ready", "Pod.Name", podName)
+						break waitForPodASM // Break out of the labeled loop
+					} else {
+						reqLogger.Info("Pod is not ready yet", "Pod.Name", podName)
+						time.Sleep(podCheckInterval)
+					}
+				}
+			}
+		}
+
+	}
+
+	// Disk is not in use, proceed with PV and PVC deletion in last stage
+	if isLast && !inUse {
+		// Use oraclerestartcommon.GetAsmPvcName and oraclerestartcommon.getAsmPvName to generate PVC and PV names
+
+		// Find and delete the corresponding PVC
+		for _, diskName := range oracleRestart.Status.OracleRestartNodes[index].NodeDetails.MountedDevices {
+			for _, removedAsmDisk := range removedAsmDisks {
+				if diskName == removedAsmDisk {
+					pvcName := oraclerestartcommon.GetAsmPvcName(oracleRestart.Name, diskName, oracleRestart) // Use the existing function
+					pvc := &corev1.PersistentVolumeClaim{}
+					err := r.Get(ctx, client.ObjectKey{
+						Name:      pvcName,
+						Namespace: oracleRestart.Namespace,
+					}, pvc)
+					if err != nil {
+						if !apierrors.IsNotFound(err) {
+							r.Log.Error(err, "Failed to get PVC", "PVC.Name", pvcName)
+							return reconcile.Result{}, err
+						}
+						// PVC already deleted
+					} else {
+						err = r.Delete(ctx, pvc)
+						if err != nil {
+							r.Log.Error(err, "Failed to delete PVC", "PVC.Name", pvcName)
+							return reconcile.Result{}, err
+						}
+						r.Log.Info("Successfully deleted PVC", "PVC.Name", pvcName)
+					}
+
+					// Find and delete the corresponding PV
+					pvName := oraclerestartcommon.GetAsmPvName(oracleRestart.Name, diskName, oracleRestart) // Use the existing function
+					pv := &corev1.PersistentVolume{}
+					err = r.Get(ctx, client.ObjectKey{
+						Name: pvName,
+					}, pv)
+					if err != nil {
+						if !apierrors.IsNotFound(err) {
+							r.Log.Error(err, "Failed to get PV", "PV.Name", pvName)
+							return reconcile.Result{}, err
+						}
+						// PV already deleted
+					} else {
+						err = r.Delete(ctx, pv)
+						if err != nil {
+							r.Log.Error(err, "Failed to delete PV", "PV.Name", pvName)
+							return reconcile.Result{}, err
+						}
+						r.Log.Info("Successfully deleted PV", "PV.Name", pvName)
+					}
+				}
+			}
+		}
+	}
+
+	if isLast && asmAutoUpdate {
+		// last iteration
+		deviceDg := ""
+		for _, disk := range addedAsmDisks {
+			if isDiskInDeviceList(disk, oracleRestart.Spec.ConfigParams.CrsAsmDeviceList) {
+				reqLogger.Info("New disk to be added to CRS ASM device list ", "disk", disk)
+				deviceDg = oracleRestart.Spec.ConfigParams.CrsAsmDiskDg
+			}
+			if isDiskInDeviceList(disk, oracleRestart.Spec.ConfigParams.DbAsmDeviceList) {
+				reqLogger.Info("New disk to be added to DB ASM device list ", "disk", disk)
+				deviceDg = oracleRestart.Spec.ConfigParams.DbDataFileDestDg
+			}
+			if isDiskInDeviceList(disk, oracleRestart.Spec.ConfigParams.RecoAsmDeviceList) {
+				reqLogger.Info("New disk to be added to RECO ASM device list ", "disk", disk)
+				deviceDg = oracleRestart.Spec.ConfigParams.RecoAsmDiskDgRedundancy
+			}
+			if isDiskInDeviceList(disk, oracleRestart.Spec.ConfigParams.RedoAsmDeviceList) {
+				reqLogger.Info("New disk to be added to REDO ASM device list ", "disk", disk)
+				deviceDg = oracleRestart.Spec.ConfigParams.RedoAsmDiskDgRedundancy
+			}
+		}
+		if deviceDg != "" {
+			// Add disks after POD recreation
+			podList, err := oraclerestartcommon.GetPodList(dep.Name, oracleRestart, r.Client, oracleRestart.Spec.InstDetails)
+			if err != nil {
+				reqLogger.Error(err, "Failed to list pods")
+				return ctrl.Result{}, err
+			}
+			err = r.addDisks(ctx, podList, oracleRestart, deviceDg, addedAsmDisks)
+			if err != nil {
+				return ctrl.Result{}, err
+			}
+			reqLogger.Info("New Disks added to CRS Disks Group")
+		}
+	}
+
+	return ctrl.Result{}, nil
+}
+
+func getAddedAndRemovedDisks(oracleRestart *oraclerestartdb.OracleRestart, oldSpec *oraclerestartdb.OracleRestartSpec, index int) ([]string, []string) {
+	addedAsmDisks := []string{}
+	removedAsmDisks := []string{}
+
+	// Helper function to compare desired and previous disk lists
+	compareDisks := func(newDisks, oldDisks []string) ([]string, []string) {
+		newDiskMap := make(map[string]bool)
+		oldDiskMap := make(map[string]bool)
+
+		for _, disk := range newDisks {
+			if disk != "" {
+				newDiskMap[disk] = true
+			}
+		}
+		for _, disk := range oldDisks {
+			if disk != "" {
+				oldDiskMap[disk] = true
+			}
+		}
+
+		// Initialize added and removed slices for this comparison
+		added := []string{}
+		removed := []string{}
+
+		for _, disk := range newDisks {
+			if disk != "" && !oldDiskMap[disk] {
+				added = append(added, disk)
+			}
+		}
+		for _, disk := range oldDisks {
+			if disk != "" && !newDiskMap[disk] {
+				removed = append(removed, disk)
+			}
+		}
+
+		return added, removed
+	}
+
+	// Flatten the new desired ASM disk lists
+	desiredAsmDisks := flattenDisksBySize(&oracleRestart.Spec)
+	oldAsmDisks := flattenDisksBySize(oldSpec)
+
+	// Additional device lists
+	newCrsAsmDisks := strings.Split(oracleRestart.Spec.ConfigParams.CrsAsmDeviceList, ",")
+	oldCrsAsmDisks := strings.Split(oldSpec.ConfigParams.CrsAsmDeviceList, ",")
+
+	newDbAsmDisks := strings.Split(oracleRestart.Spec.ConfigParams.DbAsmDeviceList, ",")
+	oldDbAsmDisks := strings.Split(oldSpec.ConfigParams.DbAsmDeviceList, ",")
+
+	newRecoAsmDisks := strings.Split(oracleRestart.Spec.ConfigParams.RecoAsmDeviceList, ",")
+	oldRecoAsmDisks := strings.Split(oldSpec.ConfigParams.RecoAsmDeviceList, ",")
+
+	newRedoAsmDisks := strings.Split(oracleRestart.Spec.ConfigParams.RedoAsmDeviceList, ",")
+	oldRedoAsmDisks := strings.Split(oldSpec.ConfigParams.RedoAsmDeviceList, ",")
+
+	// Track unique added and removed disks
+	addedDiskSet := make(map[string]bool)
+	removedDiskSet := make(map[string]bool)
+
+	// Compare ASM and other device lists
+	for _, diskLists := range [][2][]string{
+		{desiredAsmDisks, oldAsmDisks},
+		{newCrsAsmDisks, oldCrsAsmDisks},
+		{newDbAsmDisks, oldDbAsmDisks},
+		{newRecoAsmDisks, oldRecoAsmDisks},
+		{newRedoAsmDisks, oldRedoAsmDisks},
+	} {
+		added, removed := compareDisks(diskLists[0], diskLists[1])
+		for _, disk := range added {
+			addedDiskSet[disk] = true
+		}
+		for _, disk := range removed {
+			removedDiskSet[disk] = true
+		}
+	}
+
+	// Convert sets back to slices
+	for disk := range addedDiskSet {
+		addedAsmDisks = append(addedAsmDisks, disk)
+	}
+	for disk := range removedDiskSet {
+		removedAsmDisks = append(removedAsmDisks, disk)
+	}
+
+	// Return the final list of added and removed disks
+	return addedAsmDisks, removedAsmDisks
+}
+
+// Function to check if a disk is part of a device list
+func isDiskInDeviceList(disk string, deviceList string) bool {
+	devices := strings.Split(deviceList, ",")
+	for _, device := range devices {
+		if strings.TrimSpace(device) == disk {
+			return true
+		}
+	}
+	return false
+}
+
+// #############################################################################
+//
+//	Manage Finalizer to cleanup before deletion of OracleRestart
+//
+// #############################################################################
+
+// manageOracleRestartDeletion manages the deletion of the OracleRestart resource
+func (r *OracleRestartReconciler) manageOracleRestartDeletion(req ctrl.Request, ctx context.Context, oracleRestart *oraclerestartdb.OracleRestart) error {
+	log := r.Log.WithValues("manageOracleRestartDeletion", req.NamespacedName)
+
+	// Check if the OracleRestart instance is marked to be deleted
+	isOracleRestartMarkedToBeDeleted := oracleRestart.GetDeletionTimestamp() != nil
+	if isOracleRestartMarkedToBeDeleted {
+		if controllerutil.ContainsFinalizer(oracleRestart, oracleRestartFinalizer) {
+			// Run finalization logic
+			err := r.cleanupOracleRestart(req, oracleRestart)
+			if err != nil {
+				return err
+			}
+
+			// Remove finalizer and update the resource
+			if err := r.patchFinalizer(ctx, oracleRestart, false); err != nil {
+				log.Error(err, "Failed to remove finalizer")
+				return err
+			}
+			log.Info("Successfully removed OracleRestart finalizer")
+		}
+		return errors.New("deletion pending")
+	}
+
+	// Add finalizer for this CR if not present
+	if !controllerutil.ContainsFinalizer(oracleRestart, oracleRestartFinalizer) {
+		if err := r.patchFinalizer(ctx, oracleRestart, true); err != nil {
+			log.Error(err, "Failed to add finalizer")
+			return err
+		}
+	}
+	return nil
+}
+
+// patchFinalizer updates the finalizer for the given resource
+func (r *OracleRestartReconciler) patchFinalizer(ctx context.Context, cr *oraclerestartdb.OracleRestart, add bool) error {
+	var finalizers []string
+	if add {
+		finalizers = append(cr.GetFinalizers(), oracleRestartFinalizer)
+	} else {
+		for _, finalizer := range cr.GetFinalizers() {
+			if finalizer != oracleRestartFinalizer {
+				finalizers = append(finalizers, finalizer)
+			}
+		}
+	}
+
+	// Prepare patch payload
+	patchData := map[string]interface{}{
+		"metadata": map[string]interface{}{
+			"finalizers": finalizers,
+		},
+	}
+	patchBytes, err := json.Marshal(patchData)
+	if err != nil {
+		return err
+	}
+
+	patch := client.RawPatch(types.MergePatchType, patchBytes)
+	return r.Client.Patch(ctx, cr, patch, &client.PatchOptions{
+		FieldManager: "rac-database-finalizer-manager",
+	})
+}
+
+// #############################################################################
+//
+//	Finalization logic for OracleRestartFinalizer
+//
+// #############################################################################
+func (r *OracleRestartReconciler) cleanupOracleRestart(req ctrl.Request,
+	oracleRestart *oraclerestartdb.OracleRestart) error {
+	log := r.Log.WithValues("cleanupOracleRestart", req.NamespacedName)
+	// Cleanup steps that the operator needs to do before the CR can be deleted.
+
+	sfSetFound := &appsv1.StatefulSet{}
+
+	var err error
+
+	oraRestartSpex := oracleRestart.Spec.InstDetails
+	sfSetFound, err = oraclerestartcommon.CheckSfset(oraRestartSpex.Name, oracleRestart, r.Client)
+	if err == nil {
+		log.Info("Deleting ORestart Statefulset " + sfSetFound.Name)
+		if err := r.Client.Delete(context.Background(), sfSetFound); err != nil {
+			return err
+		}
+	}
+
+	cmName := oraRestartSpex.Name + oracleRestart.Name + "-cmap"
+	configMapFound, err := oraclerestartcommon.CheckConfigMap(oracleRestart, cmName, r.Client)
+	if err == nil {
+		log.Info("Deleting Oracle Restart Configmap " + configMapFound.Name)
+		if err := r.Client.Delete(context.Background(), configMapFound); err != nil {
+			return err
+		}
+	}
+
+	if !utils.CheckStatusFlag(oraRestartSpex.IsKeepPVC) {
+		if err := oraclerestartcommon.DelRestartSwPvc(oracleRestart, oraRestartSpex, r.Client, r.Log); err != nil {
+			return err
+		}
+	}
+
+	// // Deleting the DaemonSet
+	daemonSetName := "disk-check-daemonset"
+	daemonSet := &appsv1.DaemonSet{}
+
+	// Attempt to get the DaemonSet
+	err = r.Client.Get(context.TODO(), types.NamespacedName{
+		Name:      daemonSetName,
+		Namespace: oracleRestart.Namespace,
+	}, daemonSet)
+
+	if err != nil {
+		if apierrors.IsNotFound(err) {
+			r.Log.Info("DaemonSet not found, skipping deletion", "DaemonSet.Name", daemonSetName)
+		} else {
+			r.Log.Error(err, "Failed to get DaemonSet", "DaemonSet.Name", daemonSetName)
+			return err
+		}
+	} else {
+		// DaemonSet exists, attempt to delete it
+		// r.Log.Info("Deleting DaemonSet", "DaemonSet.Name", daemonSetName)
+		err = r.Client.Delete(context.TODO(), daemonSet)
+		if err != nil {
+			r.Log.Error(err, "Failed to delete DaemonSet", "DaemonSet.Name", daemonSetName)
+			return err
+		}
+	}
+
+	if !utils.CheckStatusFlag(oraRestartSpex.IsKeepPVC) {
+		if oracleRestart.Spec.AsmStorageDetails != nil {
+			// Delete PVCs for each disk in DisksBySize
+			for pindex, diskBySize := range oracleRestart.Spec.AsmStorageDetails.DisksBySize {
+				for cindex, disk := range diskBySize.DiskNames {
+					err = oraclerestartcommon.DelORestartPVC(oracleRestart, pindex, cindex, disk, oracleRestart.Spec.AsmStorageDetails, r.Client, r.Log)
+					if err != nil {
+						return err
+					}
+				}
+			}
+		}
+	}
+
+	if !utils.CheckStatusFlag(oraRestartSpex.IsKeepPVC) {
+		if oraclerestartcommon.IsStaticProvisioning(r.Client, oracleRestart) {
+			if oracleRestart.Spec.AsmStorageDetails != nil {
+				// Delete PVs for each disk in DisksBySize
+				for pindex, diskBySize := range oracleRestart.Spec.AsmStorageDetails.DisksBySize {
+					for cindex, disk := range diskBySize.DiskNames {
+						err = oraclerestartcommon.DelORestartPv(oracleRestart, pindex, cindex, disk, oracleRestart.Spec.AsmStorageDetails, r.Client, r.Log)
+						if err != nil {
+							return err
+						}
+					}
+				}
+			}
+		}
+	}
+
+	svcTypes := []string{"local", "lbservice", "nodeport"}
+	for _, svcType := range svcTypes {
+		svcFound, err := oraclerestartcommon.CheckORestartSvc(oracleRestart, svcType, oraRestartSpex, "", r.Client)
+		if err == nil {
+			log.Info("Deleting ORestart Service " + svcFound.Name)
+			if err := r.Client.Delete(context.Background(), svcFound); err != nil {
+				return err
+			}
+		}
+	}
+
+	log.Info("Successfully cleaned up OracleRestart")
+	return nil
+}
+
+// #############################################################################
+//
+//	CLeanup RAC Instance
+//
+// #############################################################################
+func (r *OracleRestartReconciler) cleanupOracleRestartInstance(req ctrl.Request, ctx context.Context, oracleRestart *oraclerestartdb.OracleRestart) (int32, error) {
+	log := r.Log.WithValues("cleanupOracleRestartInstance", req.NamespacedName)
+	// Cleanup steps that the operator needs to do before the CR can be deleted.
+
+	var i int32
+	var err error
+
+	OraRestartSpex := oracleRestart.Spec.InstDetails
+	if utils.CheckStatusFlag(OraRestartSpex.IsDelete) {
+		if len(oracleRestart.Status.OracleRestartNodes) > 0 {
+			for _, oraRacSatus := range oracleRestart.Status.OracleRestartNodes {
+				if strings.ToUpper(oraRacSatus.Name) == (strings.ToUpper(OraRestartSpex.Name) + "-0") {
+					if !utils.CheckStatusFlag(oraRacSatus.NodeDetails.IsDelete) {
+						oraRacSatus.NodeDetails.IsDelete = "true"
+						log.Info("Setting Oracle Restart status instance " + oraRacSatus.Name + " delete flag true")
+						err = r.deleteOracleRestartInst(OraRestartSpex, req, ctx, oracleRestart)
+						oraRacSatus.NodeDetails.IsDelete = "false"
+						if err != nil {
+							log.Info("Error occurred Oracle Restart instance " + oraRacSatus.Name + " deletion")
+							return 0, err // return value should be adjusted according to the function signature
+						}
+					}
+				}
+			}
+		}
+	}
+
+	return i, nil
+}
+
+func (r *OracleRestartReconciler) deleteOracleRestartInst(OraRestartSpex oraclerestartdb.OracleRestartInstDetailSpec, req ctrl.Request, ctx context.Context, oracleRestart *oraclerestartdb.OracleRestart) error {
+	log := r.Log.WithValues("cleanupOracleRestartInstance", req.NamespacedName)
+	// delete steps that the operator needs to do before the CR can be deleted.
+
+	//var i int32
+	var err error
+	var cmName string
+
+	//nodeCount, err = oraclerestartcommon.GetHealthyNodeCounts(oracleRestart)
+	//healthyNode, err = oraclerestartcommon.GetHealthyNode(oracleRestart)
+	if err != nil {
+		return fmt.Errorf("no healthy node found in the cluster to perform delete node operator. manual intervention required")
+	}
+
+	// var endp string = ""
+	// _, endp, err = oraclerestartcommon.GetDBLsnrEndPoints(oracleRestart)
+	// if err != nil {
+	// 	return fmt.Errorf("endpoint generation error in delete block")
+	// }
+
+	sfSetFound := &appsv1.StatefulSet{}
+	svcFound := &corev1.Service{}
+	configMapFound := &corev1.ConfigMap{}
+
+	sfSetFound, err = oraclerestartcommon.CheckSfset(OraRestartSpex.Name, oracleRestart, r.Client)
+	if err == nil {
+		// See if StatefulSets already exists and create if it doesn't
+		if strings.ToLower(OraRestartSpex.IsDelete) != "force" {
+			err = oraclerestartcommon.DelOracleRestartNode(sfSetFound.Name+"-0", oracleRestart, r.kubeClient, r.kubeConfig, r.Log)
+			if err != nil {
+				return err
+			}
+		}
+		err = r.Client.Delete(context.Background(), sfSetFound)
+		if err != nil {
+			return err
+		}
+	}
+	if !utils.CheckStatusFlag(OraRestartSpex.IsKeepPVC) {
+		err = oraclerestartcommon.DelRestartSwPvc(oracleRestart, OraRestartSpex, r.Client, r.Log)
+		if err != nil {
+			return err
+		}
+	}
+
+	//cmName = oracleRestart.Spec.InstDetails[i].Name + oracleRestart.Name + "-cmap"
+	cmName = OraRestartSpex.Name + oracleRestart.Name + "-cmap"
+	configMapFound, err = oraclerestartcommon.CheckConfigMap(oracleRestart, cmName, r.Client)
+	if err == nil {
+
+		err = r.Client.Delete(context.Background(), configMapFound)
+		if err != nil {
+			return err
+		}
+	}
+
+	svcFound, err = oraclerestartcommon.CheckORestartSvc(oracleRestart, "local", OraRestartSpex, "", r.Client)
+	if err == nil {
+		// See if service already exists and create if it doesn't
+		err = r.Client.Delete(context.Background(), svcFound)
+		if err != nil {
+			return err
+		}
+	}
+
+	//NodePort Service
+	if len(oracleRestart.Spec.NodePortSvc.PortMappings) != 0 {
+		svcFound, err = oraclerestartcommon.CheckORestartSvc(oracleRestart, "nodeport", OraRestartSpex, "", r.Client)
+		if err == nil {
+			// See if service already exists and create if it doesn't
+			err = r.Client.Delete(context.Background(), svcFound)
+			if err != nil {
+				return err
+			}
+		}
+	}
+
+	//NodePort Service
+	if len(oracleRestart.Spec.LbService.PortMappings) != 0 {
+		svcFound, err = oraclerestartcommon.CheckORestartSvc(oracleRestart, "lbservice", OraRestartSpex, "", r.Client)
+		if err == nil {
+			// See if service already exists and create if it doesn't
+			err = r.Client.Delete(context.Background(), svcFound)
+			if err != nil {
+				return err
+			}
+		}
+	}
+
+	log.Info("Successfully cleaned up OracleRestartInstance")
+	return nil
+}
+
+func IsStaticProvisioningUsed(ctx context.Context, c client.Client, storageClassName string) bool {
+	if storageClassName != "" {
+		return false
+	}
+
+	var scList storagev1.StorageClassList
+	err := c.List(ctx, &scList)
+	if err != nil {
+		// Can't determine SCs — safest to assume static provisioning
+		return true
+	}
+
+	for _, sc := range scList.Items {
+		if sc.Annotations["storageclass.kubernetes.io/is-default-class"] == "true" ||
+			sc.Annotations["storageclass.beta.kubernetes.io/is-default-class"] == "true" {
+			return false
+		}
+	}
+
+	// No default SC found → static provisioning is expected
+	return true
+}
+
+// SetupWithManager sets up the controller with the Manager.
+func (r *OracleRestartReconciler) SetupWithManager(mgr ctrl.Manager) error {
+	return ctrl.NewControllerManagedBy(mgr).
+		For(&oraclerestartdb.OracleRestart{}).
+		Owns(&corev1.ConfigMap{}).
+		Owns(&corev1.Secret{}).
+		Owns(&corev1.Service{}).
+		Owns(&corev1.Pod{}).
+		Owns(&appsv1.StatefulSet{}).
+		WithOptions(controller.Options{MaxConcurrentReconciles: 100}). //ReconcileHandler is never invoked concurrently with the same object.
+		Complete(r)
+}
+
+const oldSpecAnnotation = "OracleRestarts.database.oracle.com/old-spec"
+
+// GetOldSpec retrieves the old spec from annotations.
+// Returns nil, nil if the annotation does not exist.
+func (r *OracleRestartReconciler) GetOldSpec(oracleRestart *oraclerestartdb.OracleRestart) (*oraclerestartdb.OracleRestartSpec, error) {
+	// Check if annotations exist
+	annotations := oracleRestart.GetAnnotations()
+	if annotations == nil {
+		r.Log.Info("No annotations found on OracleRestart")
+		return nil, nil
+	}
+
+	// Retrieve the specific annotation
+	val, ok := annotations[oldSpecAnnotation]
+	if !ok {
+		r.Log.Info("Old spec annotation not found")
+		return nil, nil
+	}
+
+	// Unmarshal the old spec JSON string
+	specBytes := []byte(val)
+	var oldSpec oraclerestartdb.OracleRestartSpec
+	if err := json.Unmarshal(specBytes, &oldSpec); err != nil {
+		r.Log.Error(err, "Failed to unmarshal old spec from annotation")
+		return nil, fmt.Errorf("failed to unmarshal old spec from annotation: %w", err)
+	}
+
+	// r.Log.Info("Successfully retrieved old spec from annotation", "spec", oldSpec)
+	return &oldSpec, nil
+}
+
+// SetCurrentSpec stores the current spec as an annotation with retry logic, updating only if the annotation value has changed.
+func (r *OracleRestartReconciler) SetCurrentSpec(ctx context.Context, oracleRestart *oraclerestartdb.OracleRestart, req ctrl.Request) error {
+	// Marshal the current spec into JSON
+	currentSpecData, err := json.Marshal(oracleRestart.Spec)
+	if err != nil {
+		return fmt.Errorf("failed to marshal current spec: %w", err)
+	}
+	currentSpecStr := string(currentSpecData)
+
+	// Ensure Annotations map is initialized
+	if oracleRestart.Annotations == nil {
+		oracleRestart.Annotations = make(map[string]string)
+	}
+
+	// Check if the annotation value has changed
+	existingSpecStr, exists := oracleRestart.Annotations[oldSpecAnnotation]
+	if exists && existingSpecStr == currentSpecStr {
+		r.Log.Info("Annotations are already up to date. Skipping update.")
+		return nil // No update needed
+	}
+
+	// Update the annotation with the new spec
+	oracleRestart.Annotations[oldSpecAnnotation] = currentSpecStr
+
+	// // Create a patch to update only the annotations
+	patchData, err := json.Marshal(map[string]interface{}{
+		"metadata": map[string]interface{}{
+			"annotations": oracleRestart.Annotations,
+		},
+	})
+	if err != nil {
+		r.Log.Error(err, "Failed to marshal annotation patch data")
+		return err
+	}
+
+	// Apply the patch
+	err = r.Patch(ctx, oracleRestart, client.RawPatch(types.MergePatchType, patchData))
+	if err != nil {
+		if apierrors.IsConflict(err) {
+			r.Log.Info("Conflict detected while updating annotations, retrying...")
+			return fmt.Errorf("conflict occurred while updating annotations: %w", err)
+		}
+		r.Log.Error(err, "Failed to update Oracle Restart instance annotations")
+		return fmt.Errorf("failed to update Oracle Restart  instance annotations: %w", err)
+	}
+
+	r.Log.Info("Oracle Restart Object annotations updated with current spec annotation")
+	return nil
+}
+
+func (r *OracleRestartReconciler) updateONS(ctx context.Context, podList *corev1.PodList, instance *oraclerestartdb.OracleRestart, onsState string) error {
+	reqLogger := r.Log.WithValues("Instance.Namespace", instance.Namespace, "Instance.Name", instance.Name)
+
+	for _, pod := range podList.Items {
+		podName := pod.Name
+
+		cmd := fmt.Sprintf("python3 /opt/scripts/startup/scripts/main.py --ons=%s", onsState)
+		// reqLogger.Info("Executing command to update ONS", "Pod.Name", podName, "Command", cmd)
+
+		stdout, stderr, err := oraclerestartcommon.ExecCommand(
+			podName,
+			[]string{"bash", "-c", cmd},
+			r.kubeClient,
+			r.kubeConfig,
+			instance,
+			reqLogger,
+		)
+		if err != nil {
+			instance.Spec.IsFailed = true
+			reqLogger.Error(err, "Failed to execute command", "Pod.Name", podName, "Command", cmd, "Stdout", stdout, "Stderr", stderr)
+			return err
+		}
+		r.Log.Info("ONS Running successfully", "podName", podName)
+	}
+
+	return nil
+}
+func (r *OracleRestartReconciler) expandStorageClassSWVolume(ctx context.Context, instance *oraclerestartdb.OracleRestart, oldSpec *oraclerestartdb.OracleRestartSpec) error {
+	//reqLogger := r.Log.WithValues("Instance.Namespace", instance.Namespace, "Instance.Name", instance.Name)
+
+	if oldSpec != nil {
+		// fmt.Printf("Received OldSpec", oldSpec.InstDetails.SwLocStorageSizeInGb)
+		if instance.Spec.InstDetails.SwLocStorageSizeInGb > oldSpec.InstDetails.SwLocStorageSizeInGb {
+			fmt.Printf("Inside OldSpec and newSpec Change", oldSpec.InstDetails.SwLocStorageSizeInGb, instance.Spec.InstDetails.SwLocStorageSizeInGb)
+			storageClass := &storagev1.StorageClass{}
+			pvc := &corev1.PersistentVolumeClaim{}
+
+			if instance.Spec.SwStorageClass != "" {
+
+				err := r.Get(ctx, types.NamespacedName{Name: instance.Spec.SwStorageClass}, storageClass)
+				if err != nil {
+					return fmt.Errorf("error while fetching the storage class")
+				}
+
+				pvcName := oraclerestartcommon.GetSwPvcName(instance.Name, instance)
+				err = r.Get(ctx, types.NamespacedName{
+					Name:      pvcName,
+					Namespace: instance.Namespace,
+				}, pvc)
+
+				// fmt.Printf("PvcName set to ", pvc.Name)
+
+				if err == nil {
+					if storageClass.AllowVolumeExpansion == nil || !*storageClass.AllowVolumeExpansion {
+						r.Recorder.Eventf(instance, corev1.EventTypeWarning, "PVC not resizable", "The storage class doesn't support volume expansion")
+						return fmt.Errorf("the storage class %s doesn't support volume expansion", instance.Spec.SwStorageClass)
+					}
+
+					newPVCSize := resource.MustParse(strconv.Itoa(instance.Spec.InstDetails.SwLocStorageSizeInGb) + "Gi")
+					newPVCSizeAdd := &newPVCSize
+
+					fmt.Printf("New PvcSize set to ", newPVCSizeAdd)
+					if newPVCSizeAdd.Cmp(pvc.Spec.Resources.Requests["storage"]) < 0 {
+						return fmt.Errorf("Resizing PVC to lower size volume not allowed")
+					}
+
+					pvc.Spec.Resources.Requests["storage"] = resource.MustParse(strconv.Itoa(instance.Spec.InstDetails.SwLocStorageSizeInGb) + "Gi")
+					fmt.Printf("Updating PVC", "pvc", pvc.Name, "volume", pvc.Spec.VolumeName)
+					err = r.Update(ctx, pvc)
+					if err != nil {
+						return fmt.Errorf("error while updating the PVCs")
+					}
+
+				}
+			}
+		}
+	}
+	return nil
+}
diff --git a/controllers/database/ordssrvs_controller.go b/controllers/database/ordssrvs_controller.go
index 14c7f46e..db831805 100644
--- a/controllers/database/ordssrvs_controller.go
+++ b/controllers/database/ordssrvs_controller.go
@@ -40,6 +40,7 @@ package controllers
 
 import (
 	"context"
+	"crypto/rand"
 	"crypto/rsa"
 	"crypto/sha256"
 	"crypto/x509"
@@ -59,6 +60,7 @@ import (
 	"k8s.io/apimachinery/pkg/api/equality"
 	apierrors "k8s.io/apimachinery/pkg/api/errors"
 	"k8s.io/apimachinery/pkg/api/meta"
+	"k8s.io/apimachinery/pkg/api/resource"
 	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 	"k8s.io/apimachinery/pkg/runtime"
 	"k8s.io/apimachinery/pkg/types"
@@ -69,23 +71,29 @@ import (
 	"sigs.k8s.io/controller-runtime/pkg/log"
 
 	//	dbapi "example.com/oracle-ords-operator/api/v1"
+	"github.com/go-logr/logr"
 	dbapi "github.com/oracle/oracle-database-operator/apis/database/v4"
+	dbcommons "github.com/oracle/oracle-database-operator/commons/database"
+	"github.com/oracle/oracle-database-operator/commons/k8s"
 )
 
 // Definitions of Standards
 const (
-	ordsSABase           = "/opt/oracle/sa"
-	serviceHTTPPortName  = "svc-http-port"
-	serviceHTTPSPortName = "svc-https-port"
-	serviceMongoPortName = "svc-mongo-port"
-	targetHTTPPortName   = "pod-http-port"
-	targetHTTPSPortName  = "pod-https-port"
-	targetMongoPortName  = "pod-mongo-port"
-	globalConfigMapName  = "settings-global"
-	poolConfigPreName    = "settings-" // Append PoolName
-	controllerLabelKey   = "oracle.com/ords-operator-filter"
-	controllerLabelVal   = "oracle-database-operator"
-	specHashLabel        = "oracle.com/ords-operator-spec-hash"
+	ordsSABase            = "/opt/oracle/sa"
+	serviceHTTPPortName   = "svc-http-port"
+	serviceHTTPSPortName  = "svc-https-port"
+	serviceMongoPortName  = "svc-mongo-port"
+	targetHTTPPortName    = "pod-http-port"
+	targetHTTPSPortName   = "pod-https-port"
+	targetMongoPortName   = "pod-mongo-port"
+	globalConfigMapName   = "settings-global"
+	poolConfigPreName     = "settings-" // Append PoolName
+	controllerLabelKey    = "oracle.com/ords-operator-filter"
+	controllerLabelVal    = "oracle-database-operator"
+	specHashLabel         = "oracle.com/ords-operator-spec-hash"
+	APEXInstallationPV    = "apex-installation-pv"
+	APEXInstallationPVC   = "apex-installation-pvc"
+	APEXInstallationMount = "/opt/oracle/apex"
 )
 
 // Definitions to manage status conditions
@@ -96,6 +104,12 @@ const (
 	typeUnsyncedORDS = "Unsynced"
 )
 
+// Definitions used in the controller
+var ordsInitScript string = ""
+var ordsStartScript string = ""
+var ordsGlobalConfig string = ""
+var APEXInstallationExternal string = "false"
+
 // Trigger a restart of Pods on Config Changes
 var RestartPods bool = false
 
@@ -104,6 +118,7 @@ type OrdsSrvsReconciler struct {
 	client.Client
 	Scheme   *runtime.Scheme
 	Recorder record.EventRecorder
+	Log      logr.Logger
 }
 
 //+kubebuilder:rbac:groups=database.oracle.com,resources=ordssrvs,verbs=get;list;watch;create;update;patch;delete
@@ -116,6 +131,8 @@ type OrdsSrvsReconciler struct {
 //+kubebuilder:rbac:groups=core,resources=secrets/status,verbs=get
 //+kubebuilder:rbac:groups=core,resources=services,verbs=get;list;watch;create;update;patch;delete
 //+kubebuilder:rbac:groups=core,resources=services/status,verbs=get;update;patch
+//+kubebuilder:rbac:groups=core,resources=persistentvolumeclaim,verbs=get;list;watch;create;update;patch;delete
+//+kubebuilder:rbac:groups=core,resources=persistentvolumeclaim/status,verbs=get;update;patch
 //+kubebuilder:rbac:groups=apps,resources=deployments,verbs=get;list;watch;create;update;patch;delete
 //+kubebuilder:rbac:groups=core,resources=deployments/status,verbs=get;update;patch
 //+kubebuilder:rbac:groups=apps,resources=daemonsets,verbs=get;list;watch;create;update;patch;delete
@@ -133,63 +150,92 @@ func (r *OrdsSrvsReconciler) SetupWithManager(mgr ctrl.Manager) error {
 		Owns(&appsv1.StatefulSet{}).
 		Owns(&appsv1.DaemonSet{}).
 		Owns(&corev1.Service{}).
+		Owns(&corev1.PersistentVolumeClaim{}).
 		Complete(r)
 }
 
 func (r *OrdsSrvsReconciler) Reconcile(ctx context.Context, req ctrl.Request) (ctrl.Result, error) {
-	logr := log.FromContext(ctx)
-	ords := &dbapi.OrdsSrvs{}
+	logger := log.FromContext(ctx)
+	ordssrvs := &dbapi.OrdsSrvs{}
 
 	// Check if resource exists or was deleted
-	if err := r.Get(ctx, req.NamespacedName, ords); err != nil {
+	if err := r.Get(ctx, req.NamespacedName, ordssrvs); err != nil {
 		if apierrors.IsNotFound(err) {
-			logr.Info("Resource deleted")
+			logger.Info("Resource deleted")
 			return ctrl.Result{}, nil
 		}
-		logr.Error(err, "Error retrieving resource")
+		logger.Error(err, "Error retrieving resource")
 		return ctrl.Result{Requeue: true, RequeueAfter: time.Minute}, err
 	}
 
+	ordsInitScript = ordssrvs.Name + "-init-script"
+	ordsStartScript = ordssrvs.Name + "-start-script"
+	ordsGlobalConfig = ordssrvs.Name + "-" + globalConfigMapName
+
+	// APEXInstallationExternal
+	// true: persistence volume
+	// false: no persistence volume
+	if ordssrvs.Spec.GlobalSettings.APEXInstallationPersistence.VolumeName != "" || ordssrvs.Spec.GlobalSettings.APEXInstallationPersistence.StorageClass != "" {
+		APEXInstallationExternal = "true"
+	}
+	logger.Info("Setting env external_apex to " + APEXInstallationExternal)
+
 	// Set the status as Unknown when no status are available
-	if ords.Status.Conditions == nil || len(ords.Status.Conditions) == 0 {
+	if len(ordssrvs.Status.Conditions) == 0 {
 		condition := metav1.Condition{Type: typeUnsyncedORDS, Status: metav1.ConditionUnknown, Reason: "Reconciling", Message: "Starting reconciliation"}
-		if err := r.SetStatus(ctx, req, ords, condition); err != nil {
+		if err := r.SetStatus(ctx, req, ordssrvs, condition); err != nil {
 			return ctrl.Result{}, err
 		}
 	}
 
 	// ConfigMap - Init Script
-	if err := r.ConfigMapReconcile(ctx, ords, ords.Name+"-"+"init-script", 0); err != nil {
-		logr.Error(err, "Error in ConfigMapReconcile (init-script)")
+	if err := r.ConfigMapReconcile(ctx, ordssrvs, ordsInitScript, 0); err != nil {
+		logger.Error(err, "Error in ConfigMapReconcile (init-script)")
 		return ctrl.Result{}, err
 	}
 
+	// ConfigMap - Start Script
+	if err := r.ConfigMapReconcile(ctx, ordssrvs, ordsStartScript, 0); err != nil {
+		logger.Error(err, "Error in ConfigMapReconcile (start-script)")
+		return ctrl.Result{}, err
+	}
+
+	if APEXInstallationExternal == "true" {
+		// ApexInstallation PVC
+		if err := r.ApexInstallationPVCReconcile(ctx, ordssrvs); err != nil {
+			logger.Error(err, "Error in ApexInstallation PVC reconcile")
+			return ctrl.Result{}, err
+		}
+	} else {
+		logger.Info("ApexInstallation PVC not defined, no external APEX installation files")
+	}
+
 	// ConfigMap - Global Settings
-	if err := r.ConfigMapReconcile(ctx, ords, ords.Name+"-"+globalConfigMapName, 0); err != nil {
-		logr.Error(err, "Error in ConfigMapReconcile (Global)")
+	if err := r.ConfigMapReconcile(ctx, ordssrvs, ordsGlobalConfig, 0); err != nil {
+		logger.Error(err, "Error in ConfigMapReconcile (Global)")
 		return ctrl.Result{}, err
 	}
 
 	// ConfigMap - Pool Settings
 	definedPools := make(map[string]bool)
-	for i := 0; i < len(ords.Spec.PoolSettings); i++ {
-		poolName := strings.ToLower(ords.Spec.PoolSettings[i].PoolName)
-		poolConfigMapName := ords.Name + "-" + poolConfigPreName + poolName
+	for i := 0; i < len(ordssrvs.Spec.PoolSettings); i++ {
+		poolName := strings.ToLower(ordssrvs.Spec.PoolSettings[i].PoolName)
+		poolConfigMapName := ordssrvs.Name + "-" + poolConfigPreName + poolName
 		if definedPools[poolConfigMapName] {
 			return ctrl.Result{}, errors.New("poolName: " + poolName + " is not unique")
 		}
 		definedPools[poolConfigMapName] = true
-		if err := r.ConfigMapReconcile(ctx, ords, poolConfigMapName, i); err != nil {
-			logr.Error(err, "Error in ConfigMapReconcile (Pools)")
+		if err := r.ConfigMapReconcile(ctx, ordssrvs, poolConfigMapName, i); err != nil {
+			logger.Error(err, "Error in ConfigMapReconcile (Pools)")
 			return ctrl.Result{}, err
 		}
 	}
-	if err := r.ConfigMapDelete(ctx, req, ords, definedPools); err != nil {
-		logr.Error(err, "Error in ConfigMapDelete (Pools)")
+	if err := r.ConfigMapDelete(ctx, req, ordssrvs, definedPools); err != nil {
+		logger.Error(err, "Error in ConfigMapDelete (Pools)")
 		return ctrl.Result{}, err
 	}
-	if err := r.Get(ctx, req.NamespacedName, ords); err != nil {
-		logr.Error(err, "Failed to re-fetch")
+	if err := r.Get(ctx, req.NamespacedName, ordssrvs); err != nil {
+		logger.Error(err, "Failed to re-fetch")
 		return ctrl.Result{}, err
 	}
 
@@ -204,40 +250,40 @@ func (r *OrdsSrvsReconciler) Reconcile(ctx context.Context, req ctrl.Request) (c
 	// Set the Type as Unsynced when a pod restart is required
 	if RestartPods {
 		condition := metav1.Condition{Type: typeUnsyncedORDS, Status: metav1.ConditionTrue, Reason: "Unsynced", Message: "Configurations have changed"}
-		if err := r.SetStatus(ctx, req, ords, condition); err != nil {
+		if err := r.SetStatus(ctx, req, ordssrvs, condition); err != nil {
 			return ctrl.Result{}, err
 		}
 	}
 
 	// Workloads
-	if err := r.WorkloadReconcile(ctx, req, ords, ords.Spec.WorkloadType); err != nil {
-		logr.Error(err, "Error in WorkloadReconcile")
+	if err := r.WorkloadReconcile(ctx, req, ordssrvs, ordssrvs.Spec.WorkloadType); err != nil {
+		logger.Error(err, "Error in WorkloadReconcile")
 		return ctrl.Result{}, err
 	}
-	if err := r.WorkloadDelete(ctx, req, ords, ords.Spec.WorkloadType); err != nil {
-		logr.Error(err, "Error in WorkloadDelete")
+	if err := r.WorkloadDelete(ctx, req, ordssrvs, ordssrvs.Spec.WorkloadType); err != nil {
+		logger.Error(err, "Error in WorkloadDelete")
 		return ctrl.Result{}, err
 	}
-	if err := r.Get(ctx, req.NamespacedName, ords); err != nil {
-		logr.Error(err, "Failed to re-fetch")
+	if err := r.Get(ctx, req.NamespacedName, ordssrvs); err != nil {
+		logger.Error(err, "Failed to re-fetch")
 		return ctrl.Result{}, err
 	}
 
 	// Service
-	if err := r.ServiceReconcile(ctx, ords); err != nil {
-		logr.Error(err, "Error in ServiceReconcile")
+	if err := r.ServiceReconcile(ctx, ordssrvs); err != nil {
+		logger.Error(err, "Error in ServiceReconcile")
 		return ctrl.Result{}, err
 	}
 
 	// Set the Type as Available when a pod restart is not required
 	if !RestartPods {
 		condition := metav1.Condition{Type: typeAvailableORDS, Status: metav1.ConditionTrue, Reason: "Available", Message: "Workload in Sync"}
-		if err := r.SetStatus(ctx, req, ords, condition); err != nil {
+		if err := r.SetStatus(ctx, req, ordssrvs, condition); err != nil {
 			return ctrl.Result{}, err
 		}
 	}
-	if err := r.Get(ctx, req.NamespacedName, ords); err != nil {
-		logr.Error(err, "Failed to re-fetch")
+	if err := r.Get(ctx, req.NamespacedName, ordssrvs); err != nil {
+		logger.Error(err, "Failed to re-fetch")
 		return ctrl.Result{}, err
 	}
 
@@ -284,12 +330,13 @@ func (r *OrdsSrvsReconciler) SetStatus(ctx context.Context, req ctrl.Request, or
 	}
 
 	var workloadStatus string
-	if readyWorkload == 0 {
+	switch readyWorkload {
+	case 0:
 		workloadStatus = "Preparing"
-	} else if readyWorkload == desiredWorkload {
+	case desiredWorkload:
 		workloadStatus = "Healthy"
 		ords.Status.OrdsInstalled = true
-	} else {
+	default:
 		workloadStatus = "Progressing"
 	}
 
@@ -313,25 +360,58 @@ func (r *OrdsSrvsReconciler) SetStatus(ctx context.Context, req ctrl.Request, or
 	return nil
 }
 
+/************************************************
+ * APEX Installation PVC Reconcile
+ *************************************************/
+func (r *OrdsSrvsReconciler) ApexInstallationPVCReconcile(ctx context.Context, ordssrvs *dbapi.OrdsSrvs) (err error) {
+	logr := log.FromContext(ctx).WithName("ApexInstallationPVCReconcile")
+
+	if ordssrvs.Spec.GlobalSettings.APEXInstallationPersistence.Size == "" {
+		msg := "APEX Installation PVC Size not defined"
+		err = r.Create(ctx, ordssrvs)
+		logr.Error(err, msg)
+		return err
+	}
+
+	pvc := &corev1.PersistentVolumeClaim{}
+	err = r.Get(ctx, types.NamespacedName{Name: APEXInstallationPVC, Namespace: ordssrvs.Namespace}, pvc)
+	if err == nil {
+		logr.Info("Found APEX Installation PVC : " + APEXInstallationPVC)
+		return nil
+	}
+
+	volumeName := ordssrvs.Spec.GlobalSettings.APEXInstallationPersistence.VolumeName
+	pvc = r.APEXInstallationPVCDefine(ctx, ordssrvs)
+
+	message := fmt.Sprintf("APEX Installation PVC : %s for PV : %s", APEXInstallationPVC, volumeName)
+	logr.Info("Creating " + message)
+	err = r.Create(ctx, pvc)
+	if err != nil {
+		logr.Error(err, "Failed to create "+message)
+	}
+
+	return err
+}
+
 /************************************************
  * ConfigMaps
  *************************************************/
-func (r *OrdsSrvsReconciler) ConfigMapReconcile(ctx context.Context, ords *dbapi.OrdsSrvs, configMapName string, poolIndex int) (err error) {
+func (r *OrdsSrvsReconciler) ConfigMapReconcile(ctx context.Context, ordssrvs *dbapi.OrdsSrvs, configMapName string, poolIndex int) (err error) {
 	logr := log.FromContext(ctx).WithName("ConfigMapReconcile")
-	desiredConfigMap := r.ConfigMapDefine(ctx, ords, configMapName, poolIndex)
+	desiredConfigMap := r.ConfigMapDefine(ctx, ordssrvs, configMapName, poolIndex)
 
 	// Create if ConfigMap not found
 	definedConfigMap := &corev1.ConfigMap{}
-	if err = r.Get(ctx, types.NamespacedName{Name: configMapName, Namespace: ords.Namespace}, definedConfigMap); err != nil {
+	if err = r.Get(ctx, types.NamespacedName{Name: configMapName, Namespace: ordssrvs.Namespace}, definedConfigMap); err != nil {
 		if apierrors.IsNotFound(err) {
 			if err := r.Create(ctx, desiredConfigMap); err != nil {
 				return err
 			}
 			logr.Info("Created: " + configMapName)
 			RestartPods = true
-			r.Recorder.Eventf(ords, corev1.EventTypeNormal, "Create", "ConfigMap %s Created", configMapName)
+			r.Recorder.Eventf(ordssrvs, corev1.EventTypeNormal, "Create", "ConfigMap %s Created", configMapName)
 			// Requery for comparison
-			if err := r.Get(ctx, types.NamespacedName{Name: configMapName, Namespace: ords.Namespace}, definedConfigMap); err != nil {
+			if err := r.Get(ctx, types.NamespacedName{Name: configMapName, Namespace: ordssrvs.Namespace}, definedConfigMap); err != nil {
 				return err
 			}
 		} else {
@@ -344,7 +424,7 @@ func (r *OrdsSrvsReconciler) ConfigMapReconcile(ctx context.Context, ords *dbapi
 		}
 		logr.Info("Updated: " + configMapName)
 		RestartPods = true
-		r.Recorder.Eventf(ords, corev1.EventTypeNormal, "Update", "ConfigMap %s Updated", configMapName)
+		r.Recorder.Eventf(ordssrvs, corev1.EventTypeNormal, "Update", "ConfigMap %s Updated", configMapName)
 	}
 	return nil
 }
@@ -387,22 +467,24 @@ func (r *OrdsSrvsReconciler) ConfigMapReconcile(ctx context.Context, ords *dbapi
 /************************************************
  * Workloads
  *************************************************/
-func (r *OrdsSrvsReconciler) WorkloadReconcile(ctx context.Context, req ctrl.Request, ords *dbapi.OrdsSrvs, kind string) (err error) {
+func (r *OrdsSrvsReconciler) WorkloadReconcile(ctx context.Context, req ctrl.Request, ordssrvs *dbapi.OrdsSrvs, kind string) (err error) {
 	logr := log.FromContext(ctx).WithName("WorkloadReconcile")
-	objectMeta := objectMetaDefine(ords, ords.Name)
-	selector := selectorDefine(ords)
-	template := r.podTemplateSpecDefine(ords, ctx, req)
+	objectMeta := objectMetaDefine(ordssrvs, ordssrvs.Name)
+	selector := selectorDefine(ordssrvs)
+	template := r.podTemplateSpecDefine(ordssrvs, ctx, req)
 
 	var desiredWorkload client.Object
 	var desiredSpecHash string
 	var definedSpecHash string
 
+	var ProgressDeadlineSeconds int32 = 3600
+
 	switch kind {
 	case "StatefulSet":
 		desiredWorkload = &appsv1.StatefulSet{
 			ObjectMeta: objectMeta,
 			Spec: appsv1.StatefulSetSpec{
-				Replicas: &ords.Spec.Replicas,
+				Replicas: &ordssrvs.Spec.Replicas,
 				Selector: &selector,
 				Template: template,
 			},
@@ -423,37 +505,38 @@ func (r *OrdsSrvsReconciler) WorkloadReconcile(ctx context.Context, req ctrl.Req
 		desiredWorkload = &appsv1.Deployment{
 			ObjectMeta: objectMeta,
 			Spec: appsv1.DeploymentSpec{
-				Replicas: &ords.Spec.Replicas,
-				Selector: &selector,
-				Template: template,
+				Replicas:                &ordssrvs.Spec.Replicas,
+				Selector:                &selector,
+				Template:                template,
+				ProgressDeadlineSeconds: &ProgressDeadlineSeconds,
 			},
 		}
 		desiredSpecHash = generateSpecHash(desiredWorkload.(*appsv1.Deployment).Spec)
 		desiredWorkload.(*appsv1.Deployment).ObjectMeta.Labels[specHashLabel] = desiredSpecHash
 	}
 
-	if err := ctrl.SetControllerReference(ords, desiredWorkload, r.Scheme); err != nil {
+	if err := ctrl.SetControllerReference(ordssrvs, desiredWorkload, r.Scheme); err != nil {
 		return err
 	}
 
 	definedWorkload := reflect.New(reflect.TypeOf(desiredWorkload).Elem()).Interface().(client.Object)
-	if err = r.Get(ctx, types.NamespacedName{Name: ords.Name, Namespace: ords.Namespace}, definedWorkload); err != nil {
+	if err = r.Get(ctx, types.NamespacedName{Name: ordssrvs.Name, Namespace: ordssrvs.Namespace}, definedWorkload); err != nil {
 		if apierrors.IsNotFound(err) {
 			if err := r.Create(ctx, desiredWorkload); err != nil {
 				condition := metav1.Condition{
 					Type:    typeAvailableORDS,
 					Status:  metav1.ConditionFalse,
 					Reason:  "Reconciling",
-					Message: fmt.Sprintf("Failed to create %s for the custom resource (%s): (%s)", kind, ords.Name, err),
+					Message: fmt.Sprintf("Failed to create %s for the custom resource (%s): (%s)", kind, ordssrvs.Name, err),
 				}
-				if statusErr := r.SetStatus(ctx, req, ords, condition); statusErr != nil {
+				if statusErr := r.SetStatus(ctx, req, ordssrvs, condition); statusErr != nil {
 					return statusErr
 				}
 				return err
 			}
 			logr.Info("Created: " + kind)
 			RestartPods = false
-			r.Recorder.Eventf(ords, corev1.EventTypeNormal, "Create", "Created %s", kind)
+			r.Recorder.Eventf(ordssrvs, corev1.EventTypeNormal, "Create", "Created %s", kind)
 
 			return nil
 		} else {
@@ -477,10 +560,10 @@ func (r *OrdsSrvsReconciler) WorkloadReconcile(ctx context.Context, req ctrl.Req
 			return err
 		}
 		RestartPods = true
-		r.Recorder.Eventf(ords, corev1.EventTypeNormal, "Update", "Updated %s", kind)
+		r.Recorder.Eventf(ordssrvs, corev1.EventTypeNormal, "Update", "Updated %s", kind)
 	}
 
-	if RestartPods && ords.Spec.ForceRestart {
+	if RestartPods && ordssrvs.Spec.ForceRestart {
 		logr.Info("Cycling: " + kind)
 		labelsField := reflect.ValueOf(desiredWorkload).Elem().FieldByName("Spec").FieldByName("Template").FieldByName("ObjectMeta").FieldByName("Labels")
 		if labelsField.IsValid() {
@@ -490,7 +573,7 @@ func (r *OrdsSrvsReconciler) WorkloadReconcile(ctx context.Context, req ctrl.Req
 			if err := r.Update(ctx, desiredWorkload); err != nil {
 				return err
 			}
-			r.Recorder.Eventf(ords, corev1.EventTypeNormal, "Restart", "Restarted %s", kind)
+			r.Recorder.Eventf(ordssrvs, corev1.EventTypeNormal, "Restart", "Restarted %s", kind)
 			RestartPods = false
 		}
 	}
@@ -588,9 +671,9 @@ func selectorDefine(ords *dbapi.OrdsSrvs) metav1.LabelSelector {
 	}
 }
 
-func (r *OrdsSrvsReconciler) podTemplateSpecDefine(ords *dbapi.OrdsSrvs, ctx context.Context, req ctrl.Request) corev1.PodTemplateSpec {
+func (r *OrdsSrvsReconciler) podTemplateSpecDefine(ords *dbapi.OrdsSrvs, ctx context.Context, _ ctrl.Request) corev1.PodTemplateSpec {
 	labels := getLabels(ords.Name)
-	specVolumes, specVolumeMounts := VolumesDefine(ords)
+	specVolumes, specVolumeMounts := VolumesDefine(ctx, ords)
 
 	envPorts := []corev1.ContainerPort{
 		{
@@ -611,27 +694,20 @@ func (r *OrdsSrvsReconciler) podTemplateSpecDefine(ords *dbapi.OrdsSrvs, ctx con
 		envPorts = append(envPorts, mongoPort)
 	}
 
-	// Environment From Source
 	podSpecTemplate :=
 		corev1.PodTemplateSpec{
 			ObjectMeta: metav1.ObjectMeta{
 				Labels: labels,
 			},
 			Spec: corev1.PodSpec{
-				Volumes: specVolumes,
-				SecurityContext: &corev1.PodSecurityContext{
-					RunAsNonRoot: &[]bool{true}[0],
-					FSGroup:      &[]int64{54321}[0],
-					SeccompProfile: &corev1.SeccompProfile{
-						Type: corev1.SeccompProfileTypeRuntimeDefault,
-					},
-				},
+				Volumes:         specVolumes,
+				SecurityContext: podSecurityContextDefine(),
 				InitContainers: []corev1.Container{{
 					Image:           ords.Spec.Image,
 					Name:            ords.Name + "-init",
 					ImagePullPolicy: corev1.PullIfNotPresent,
 					SecurityContext: securityContextDefine(),
-					Command:         []string{"sh", "-c", ordsSABase + "/bin/init_script.sh"},
+					Command:         []string{"/bin/bash", "-c", ordsSABase + "/init/ords_init.sh"},
 					Env:             r.envDefine(ords, true, ctx),
 					VolumeMounts:    specVolumeMounts,
 				}},
@@ -641,28 +717,44 @@ func (r *OrdsSrvsReconciler) podTemplateSpecDefine(ords *dbapi.OrdsSrvs, ctx con
 					ImagePullPolicy: corev1.PullIfNotPresent,
 					SecurityContext: securityContextDefine(),
 					Ports:           envPorts,
-					Command:         []string{"/bin/bash", "-c", "ords --config $ORDS_CONFIG serve --apex-images /opt/oracle/apex/$APEX_VER/images --debug"},
+					Command:         []string{"/bin/bash", "-c", ordsSABase + "/start/ords_start.sh"},
 					Env:             r.envDefine(ords, false, ctx),
 					VolumeMounts:    specVolumeMounts,
-				}}},
+				}},
+				ServiceAccountName: ords.Spec.ServiceAccountName,
+			},
 		}
 
 	return podSpecTemplate
 }
 
 // Volumes
-func VolumesDefine(ords *dbapi.OrdsSrvs) ([]corev1.Volume, []corev1.VolumeMount) {
+func VolumesDefine(ctx context.Context, ords *dbapi.OrdsSrvs) ([]corev1.Volume, []corev1.VolumeMount) {
 	// Initialize the slice to hold specifications
 	var volumes []corev1.Volume
 	var volumeMounts []corev1.VolumeMount
 
 	// SecretHelper
-	secretHelperVolume := volumeBuild(ords.Name+"-"+"init-script", "ConfigMap", 0770)
-	secretHelperVolumeMount := volumeMountBuild(ords.Name+"-"+"init-script", ordsSABase+"/bin", true)
-
+	secretHelperVolume := volumeBuild(ordsInitScript, "ConfigMap", 0770)
+	secretHelperVolumeMount := volumeMountBuild(ordsInitScript, ordsSABase+"/init", true)
 	volumes = append(volumes, secretHelperVolume)
 	volumeMounts = append(volumeMounts, secretHelperVolumeMount)
 
+	// start-script
+	startScriptVolume := volumeBuild(ordsStartScript, "ConfigMap", 0770)
+	startScriptVolumeMount := volumeMountBuild(ordsStartScript, ordsSABase+"/start", true)
+	volumes = append(volumes, startScriptVolume)
+	volumeMounts = append(volumeMounts, startScriptVolumeMount)
+
+	if APEXInstallationExternal == "true" {
+		// volume for APEX installation, same optional folder as for ORDS image
+		apexInstallationVolume := APEXInstallationVolumeDefine(ctx, ords)
+		apexInstallationReadOnly := false
+		apexInstallationVolumeMount := volumeMountBuild(APEXInstallationPV, APEXInstallationMount, apexInstallationReadOnly)
+		volumes = append(volumes, apexInstallationVolume)
+		volumeMounts = append(volumeMounts, apexInstallationVolumeMount)
+	}
+
 	// Build volume specifications for globalSettings
 	standaloneVolume := volumeBuild("standalone", "EmptyDir")
 	standaloneVolumeMount := volumeMountBuild("standalone", ordsSABase+"/config/global/standalone/", false)
@@ -673,8 +765,8 @@ func VolumesDefine(ords *dbapi.OrdsSrvs) ([]corev1.Volume, []corev1.VolumeMount)
 	globalLogVolume := volumeBuild("sa-log-global", "EmptyDir")
 	globalLogVolumeMount := volumeMountBuild("sa-log-global", ordsSABase+"/log/global/", false)
 
-	globalConfigVolume := volumeBuild(ords.Name+"-"+globalConfigMapName, "ConfigMap")
-	globalConfigVolumeMount := volumeMountBuild(ords.Name+"-"+globalConfigMapName, ordsSABase+"/config/global/", true)
+	globalConfigVolume := volumeBuild(ordsGlobalConfig, "ConfigMap")
+	globalConfigVolumeMount := volumeMountBuild(ordsGlobalConfig, ordsSABase+"/config/global/", true)
 
 	globalDocRootVolume := volumeBuild("sa-doc-root", "EmptyDir")
 	globalDocRootVolumeMount := volumeMountBuild("sa-doc-root", ordsSABase+"/config/global/doc_root/", false)
@@ -826,81 +918,165 @@ func (r *OrdsSrvsReconciler) ServiceDefine(ctx context.Context, ords *dbapi.Ords
 	return def
 }
 
+func podSecurityContextDefine() *corev1.PodSecurityContext {
+
+	return &corev1.PodSecurityContext{
+		RunAsNonRoot: k8s.BoolPointer(true),
+		RunAsUser:    k8s.Int64Pointer(dbcommons.ORACLE_UID),
+		RunAsGroup:   k8s.Int64Pointer(dbcommons.ORACLE_GUID),
+		FSGroup:      k8s.Int64Pointer(dbcommons.ORACLE_GUID),
+	}
+
+}
+
 func securityContextDefine() *corev1.SecurityContext {
+
 	return &corev1.SecurityContext{
-		RunAsNonRoot:             &[]bool{true}[0],
-		RunAsUser:                &[]int64{54321}[0],
-		AllowPrivilegeEscalation: &[]bool{false}[0],
+		RunAsNonRoot:             k8s.BoolPointer(true),
+		RunAsUser:                k8s.Int64Pointer(dbcommons.ORACLE_UID),
+		RunAsGroup:               k8s.Int64Pointer(dbcommons.ORACLE_GUID),
+		AllowPrivilegeEscalation: k8s.BoolPointer(false),
 		Capabilities: &corev1.Capabilities{
 			Drop: []corev1.Capability{
 				"ALL",
 			},
 		},
 	}
+
 }
 
-func (r *OrdsSrvsReconciler) envDefine(ords *dbapi.OrdsSrvs, initContainer bool, ctx context.Context) []corev1.EnvVar {
-	envVarSecrets := []corev1.EnvVar{
-		{
-			Name:  "ORDS_CONFIG",
-			Value: ordsSABase + "/config",
-		},
-		{
-			Name:  "JAVA_TOOL_OPTIONS",
-			Value: "-Doracle.ml.version_check=false",
-		},
+func addEnvVar(envVars []corev1.EnvVar, name string, value string) []corev1.EnvVar {
+	newEnvVar := corev1.EnvVar{
+		Name:  name,
+		Value: value,
 	}
+	return append(envVars, newEnvVar)
+}
+
+// Sets environment variables in the containers
+func (r *OrdsSrvsReconciler) envDefine(ordssrvs *dbapi.OrdsSrvs, initContainer bool, ctx context.Context) []corev1.EnvVar {
+	logger := log.FromContext(ctx).WithName("envDefine")
+
+	envVars := []corev1.EnvVar{}
+
+	// ORDS_CONFIG
+	ORDS_CONFIG := ordsSABase + "/config"
+	logger.Info("Setting ORDS_CONFIG to " + ORDS_CONFIG)
+	envVars = addEnvVar(envVars, "ORDS_CONFIG", ORDS_CONFIG)
+
+	// avoid Java warning about JAVA_TOOL_OPTIONS
+	envVars = addEnvVar(envVars, "JAVA_TOOL_OPTIONS", "-Doracle.ml.version_check=false")
 
 	// Limitation case for ADB/mTLS/OraOper edge
-	if len(ords.Spec.PoolSettings) == 1 {
-		poolName := strings.ToLower(ords.Spec.PoolSettings[0].PoolName)
-		tnsAdmin := corev1.EnvVar{
-			Name:  "TNS_ADMIN",
-			Value: ordsSABase + "/config/databases/" + poolName + "/network/admin/",
-		}
-		envVarSecrets = append(envVarSecrets, tnsAdmin)
+	if len(ordssrvs.Spec.PoolSettings) == 1 {
+		poolName := strings.ToLower(ordssrvs.Spec.PoolSettings[0].PoolName)
+		tnsAdmin := ordsSABase + "/config/databases/" + poolName + "/network/admin/"
+		envVars = addEnvVar(envVars, "TNS_ADMIN", tnsAdmin)
 	}
+
+	// passwords are set for the init container only
 	if initContainer {
-		for i := 0; i < len(ords.Spec.PoolSettings); i++ {
-			poolName := strings.ReplaceAll(strings.ToLower(ords.Spec.PoolSettings[i].PoolName), "-", "_")
+		envVars = addEnvVar(envVars, "download_apex", strconv.FormatBool(ordssrvs.Spec.GlobalSettings.APEXDownload))
+		envVars = addEnvVar(envVars, "download_url_apex", ordssrvs.Spec.GlobalSettings.APEXDownloadUrl)
+		envVars = addEnvVar(envVars, "external_apex", APEXInstallationExternal)
+
+		for i := 0; i < len(ordssrvs.Spec.PoolSettings); i++ {
+			poolName := strings.ReplaceAll(strings.ToLower(ordssrvs.Spec.PoolSettings[i].PoolName), "-", "_")
+
+			// dbpassword
+			secretName := poolName + "_dbpassword"
+			secretValue := r.CommonDecryptWithPrivKey3(ordssrvs, ordssrvs.Spec.PoolSettings[i].DBSecret.SecretName, ordssrvs.Spec.PoolSettings[i].DBSecret.PasswordKey, ctx)
+			envVars = addEnvVar(envVars, secretName, secretValue)
+
+			// dbadminuserpassword
+			if ordssrvs.Spec.PoolSettings[i].DBAdminUserSecret.SecretName != "" {
+				envVars = addEnvVar(envVars, poolName+"_autoupgrade_ords", strconv.FormatBool(ordssrvs.Spec.PoolSettings[i].AutoUpgradeORDS))
+				envVars = addEnvVar(envVars, poolName+"_autoupgrade_apex", strconv.FormatBool(ordssrvs.Spec.PoolSettings[i].AutoUpgradeAPEX))
+				dbAdminUserPassword := r.CommonDecryptWithPrivKey3(ordssrvs, ordssrvs.Spec.PoolSettings[i].DBAdminUserSecret.SecretName, ordssrvs.Spec.PoolSettings[i].DBAdminUserSecret.PasswordKey, ctx)
+				envVars = addEnvVar(envVars, poolName+"_dbadminuserpassword", dbAdminUserPassword)
+			}
 
-			dbSecret := corev1.EnvVar{
-				Name:  poolName + "_dbsecret",
-				Value: r.CommonDecryptWithPrivKey3(ords, ords.Spec.PoolSettings[i].DBSecret.SecretName, ords.Spec.PoolSettings[i].DBSecret.PasswordKey, ctx),
+			// dbcdbadminuserpassword
+			if ordssrvs.Spec.PoolSettings[i].DBCDBAdminUserSecret.SecretName != "" {
+				dbCDBAdminUserPassword := r.CommonDecryptWithPrivKey3(ordssrvs, ordssrvs.Spec.PoolSettings[i].DBCDBAdminUserSecret.SecretName, ordssrvs.Spec.PoolSettings[i].DBCDBAdminUserSecret.PasswordKey, ctx)
+				envVars = addEnvVar(envVars, poolName+"_dbcdbadminuserpassword", dbCDBAdminUserPassword)
 			}
+		}
+	}
 
-			envVarSecrets = append(envVarSecrets, dbSecret)
+	return envVars
+}
 
-			if ords.Spec.PoolSettings[i].DBAdminUserSecret.SecretName != "" {
-				autoUpgradeORDSEnv := corev1.EnvVar{
-					Name:  poolName + "_autoupgrade_ords",
-					Value: strconv.FormatBool(ords.Spec.PoolSettings[i].AutoUpgradeORDS),
-				}
-				autoUpgradeAPEXEnv := corev1.EnvVar{
-					Name:  poolName + "_autoupgrade_apex",
-					Value: strconv.FormatBool(ords.Spec.PoolSettings[i].AutoUpgradeAPEX),
-				}
+func APEXInstallationVolumeDefine(ctx context.Context, ordssrvs *dbapi.OrdsSrvs) corev1.Volume {
+	logger := log.FromContext(ctx).WithName("APEXInstallationVolumeDefine")
 
-				dbAdminUserSecret := corev1.EnvVar{
-					Name:  poolName + "_dbadminusersecret",
-					Value: r.CommonDecryptWithPrivKey3(ords, ords.Spec.PoolSettings[i].DBAdminUserSecret.SecretName, ords.Spec.PoolSettings[i].DBAdminUserSecret.PasswordKey, ctx),
-				}
-				envVarSecrets = append(envVarSecrets, dbAdminUserSecret, autoUpgradeORDSEnv, autoUpgradeAPEXEnv)
-			}
+	var vs corev1.VolumeSource
+	if APEXInstallationExternal == "false" {
+		vs = corev1.VolumeSource{
+			EmptyDir: &corev1.EmptyDirVolumeSource{},
+		}
+		logger.Info("APEX installation on empty dir")
+	} else {
 
-			if ords.Spec.PoolSettings[i].DBCDBAdminUserSecret.SecretName != "" {
+		vs = corev1.VolumeSource{
+			PersistentVolumeClaim: &corev1.PersistentVolumeClaimVolumeSource{
+				ClaimName: APEXInstallationPVC,
+				ReadOnly:  false,
+			},
+		}
+		logger.Info("APEX installation PVC : " + APEXInstallationPVC)
+	}
 
-				dbCDBAdminUserSecret := corev1.EnvVar{
-					Name:  poolName + "_dbcdbadminusersecret",
-					Value: r.CommonDecryptWithPrivKey3(ords, ords.Spec.PoolSettings[i].DBCDBAdminUserSecret.SecretName, ords.Spec.PoolSettings[i].DBCDBAdminUserSecret.PasswordKey, ctx),
-				}
+	volume := corev1.Volume{
+		Name:         APEXInstallationPV,
+		VolumeSource: vs,
+	}
+
+	return volume
+}
+
+func (r *OrdsSrvsReconciler) APEXInstallationPVCDefine(ctx context.Context, ordssrvs *dbapi.OrdsSrvs) *corev1.PersistentVolumeClaim {
+	logger := log.FromContext(ctx).WithName("APEXInstallationPVCDefine")
+
+	size := ordssrvs.Spec.GlobalSettings.APEXInstallationPersistence.Size
+
+	if size == "" {
 
-				envVarSecrets = append(envVarSecrets, dbCDBAdminUserSecret)
-			}
-		}
 	}
 
-	return envVarSecrets
+	volumeName := ordssrvs.Spec.GlobalSettings.APEXInstallationPersistence.VolumeName
+	storageClassName := ordssrvs.Spec.GlobalSettings.APEXInstallationPersistence.StorageClass
+	accessMode := ordssrvs.Spec.GlobalSettings.APEXInstallationPersistence.AccessMode
+
+	message := fmt.Sprintf("Preparing PVC definition, volumeName %s, storageClass %s, size %s, accessMode %s", volumeName, storageClassName, size, accessMode)
+	logger.Info(message)
+
+	// PVC Definition
+	pvc := &corev1.PersistentVolumeClaim{
+		ObjectMeta: metav1.ObjectMeta{
+			Name:      APEXInstallationPVC,
+			Namespace: ordssrvs.Namespace,
+			Labels:    getLabels(ordssrvs.Name),
+		},
+		Spec: corev1.PersistentVolumeClaimSpec{
+			AccessModes: []corev1.PersistentVolumeAccessMode{corev1.PersistentVolumeAccessMode(accessMode)},
+			Resources: corev1.VolumeResourceRequirements{
+				Requests: corev1.ResourceList{
+					corev1.ResourceStorage: resource.MustParse(size),
+				},
+			},
+			VolumeName:       volumeName,
+			StorageClassName: &storageClassName,
+		},
+	}
+
+	// Set the ownerRef
+	if err := ctrl.SetControllerReference(ordssrvs, pvc, r.Scheme); err != nil {
+		return nil
+	}
+
+	return pvc
+
 }
 
 /*************************************************
@@ -918,7 +1094,7 @@ func (r *OrdsSrvsReconciler) ConfigMapDelete(ctx context.Context, req ctrl.Reque
 	}
 
 	for _, configMap := range configMapList.Items {
-		if configMap.Name == ords.Name+"-"+globalConfigMapName || configMap.Name == ords.Name+"-init-script" {
+		if configMap.Name == ordsGlobalConfig || configMap.Name == ordsInitScript || configMap.Name == ordsStartScript {
 			continue
 		}
 		if _, exists := definedPools[configMap.Name]; !exists {
@@ -1069,7 +1245,7 @@ func CommonDecryptWithPrivKey(Key string, Buffer string) (string, error) {
 		fmt.Printf("======================================\n")
 	}
 
-	decryptedB, err := rsa.DecryptPKCS1v15(nil, pkcs8PrivateKey.(*rsa.PrivateKey), encString64)
+	decryptedB, err := rsa.DecryptOAEP(sha256.New(), rand.Reader, pkcs8PrivateKey.(*rsa.PrivateKey), encString64, nil)
 	if err != nil {
 		fmt.Printf("Failed to decrypt string %s\n", err.Error())
 		return "", err
diff --git a/controllers/database/ordssrvs_ordsconfig.go b/controllers/database/ordssrvs_ordsconfig.go
index edb2e0f6..5cd29536 100644
--- a/controllers/database/ordssrvs_ordsconfig.go
+++ b/controllers/database/ordssrvs_ordsconfig.go
@@ -49,20 +49,38 @@ import (
 	corev1 "k8s.io/api/core/v1"
 	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 	ctrl "sigs.k8s.io/controller-runtime"
+	ctrllog "sigs.k8s.io/controller-runtime/pkg/log"
 )
 
 func (r *OrdsSrvsReconciler) ConfigMapDefine(ctx context.Context, ords *dbapi.OrdsSrvs, configMapName string, poolIndex int) *corev1.ConfigMap {
+
+	log := ctrllog.FromContext(ctx).WithName("ConfigMapDefine")
+
 	var defData map[string]string
-	if configMapName == ords.Name+"-init-script" {
+	switch configMapName {
+	case ords.Name + "-init-script":
 		// Read the file from controller's filesystem
 		filePath := "/ords_init.sh"
 		scriptData, err := os.ReadFile(filePath)
 		if err != nil {
+			log.Error(err, "Error reading /ords_init.sh")
 			return nil
 		}
+		log.Info("adding ords_init.sh")
 		defData = map[string]string{
-			"init_script.sh": string(scriptData)}
-	} else if configMapName == ords.Name+"-"+globalConfigMapName {
+			"ords_init.sh": string(scriptData)}
+	case ords.Name + "-start-script":
+		// Read the file from controller's filesystem
+		filePath := "/ords_start.sh"
+		scriptData, err := os.ReadFile(filePath)
+		if err != nil {
+			log.Error(err, "Error reading /ords_start.sh")
+			return nil
+		}
+		log.Info("adding ords_start.sh")
+		defData = map[string]string{
+			"ords_start.sh": string(scriptData)}
+	case ords.Name + "-" + globalConfigMapName:
 		// GlobalConfigMap
 		var defStandaloneAccessLog string
 		if ords.Spec.GlobalSettings.EnableStandaloneAccessLog {
@@ -78,7 +96,7 @@ func (r *OrdsSrvsReconciler) ConfigMapDefine(ctx context.Context, ords *dbapi.Or
 				`  <entry key="standalone.https.cert.key">` + ordsSABase + `/config/certficate/` + ords.Spec.GlobalSettings.CertSecret.CertificateKey + `</entry>` + "\n"
 		}
 		defData = map[string]string{
-			"settings.xml": fmt.Sprintf(`<?xml version="1.0" encoding="UTF-8"?>` + "\n" +
+			"settings.xml": fmt.Sprint(`<?xml version="1.0" encoding="UTF-8"?>` + "\n" +
 				`<!DOCTYPE properties SYSTEM "http://java.sun.com/dtd/properties.dtd">` + "\n" +
 				`<properties>` + "\n" +
 				conditionalEntry("cache.metadata.graphql.expireAfterAccess", ords.Spec.GlobalSettings.CacheMetadataGraphQLExpireAfterAccess) +
@@ -139,7 +157,7 @@ func (r *OrdsSrvsReconciler) ConfigMapDefine(ctx context.Context, ords *dbapi.Or
 				`java.util.logging.FileHandler.pattern = ` + ordsSABase + `/log/global/debug.log` + "\n" +
 				`java.util.logging.FileHandler.formatter = java.util.logging.SimpleFormatter`),
 		}
-	} else {
+	default:
 		// PoolConfigMap
 		poolName := strings.ToLower(ords.Spec.PoolSettings[poolIndex].PoolName)
 		var defDBNetworkPath string
@@ -150,7 +168,7 @@ func (r *OrdsSrvsReconciler) ConfigMapDefine(ctx context.Context, ords *dbapi.Or
 			defDBNetworkPath = `  <entry key="db.tnsDirectory">` + ordsSABase + `/config/databases/` + poolName + `/network/admin/</entry>` + "\n"
 		}
 		defData = map[string]string{
-			"pool.xml": fmt.Sprintf(`<?xml version="1.0" encoding="UTF-8"?>` + "\n" +
+			"pool.xml": fmt.Sprint(`<?xml version="1.0" encoding="UTF-8"?>` + "\n" +
 				`<!DOCTYPE properties SYSTEM "http://java.sun.com/dtd/properties.dtd">` + "\n" +
 				`<properties>` + "\n" +
 				`  <entry key="db.username">` + ords.Spec.PoolSettings[poolIndex].DBUsername + `</entry>` + "\n" +
diff --git a/controllers/database/pdb_controller.go b/controllers/database/pdb_controller.go
deleted file mode 100644
index a2ca0f85..00000000
--- a/controllers/database/pdb_controller.go
+++ /dev/null
@@ -1,1631 +0,0 @@
-/*
-** Copyright (c) 2022 Oracle and/or its affiliates.
-**
-** The Universal Permissive License (UPL), Version 1.0
-**
-** Subject to the condition set forth below, permission is hereby granted to any
-** person obtaining a copy of this software, associated documentation and/or data
-** (collectively the "Software"), free of charge and under any and all copyright
-** rights in the Software, and any and all patent rights owned or freely
-** licensable by each licensor hereunder covering either (i) the unmodified
-** Software as contributed to or provided by such licensor, or (ii) the Larger
-** Works (as defined below), to deal in both
-**
-** (a) the Software, and
-** (b) any piece of software and/or hardware listed in the lrgrwrks.txt file if
-** one is included with the Software (each a "Larger Work" to which the Software
-** is contributed by such licensors),
-**
-** without restriction, including without limitation the rights to copy, create
-** derivative works of, display, perform, and distribute the Software and make,
-** use, sell, offer for sale, import, export, have made, and have sold the
-** Software and the Larger Work(s), and to sublicense the foregoing rights on
-** either these or other terms.
-**
-** This license is subject to the following condition:
-** The above copyright notice and either this complete permission notice or at
-** a minimum a reference to the UPL must be included in all copies or
-** substantial portions of the Software.
-**
-** THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-** IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-** FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-** AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-** LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-** OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
-** SOFTWARE.
- */
-
-package controllers
-
-import (
-	"bytes"
-	"context"
-	"crypto/tls"
-	"crypto/x509"
-	"encoding/json"
-
-	//"encoding/pem"
-	"errors"
-	"fmt"
-	"io/ioutil"
-	"net/http"
-	"regexp"
-	"strconv"
-	"strings"
-	"time"
-
-	dbapi "github.com/oracle/oracle-database-operator/apis/database/v4"
-	lrcommons "github.com/oracle/oracle-database-operator/commons/multitenant/lrest"
-
-	"github.com/go-logr/logr"
-	corev1 "k8s.io/api/core/v1"
-	apierrors "k8s.io/apimachinery/pkg/api/errors"
-
-	//metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
-	"k8s.io/apimachinery/pkg/runtime"
-	"k8s.io/apimachinery/pkg/types"
-	"k8s.io/client-go/tools/record"
-	ctrl "sigs.k8s.io/controller-runtime"
-	"sigs.k8s.io/controller-runtime/pkg/client"
-	"sigs.k8s.io/controller-runtime/pkg/controller"
-	"sigs.k8s.io/controller-runtime/pkg/controller/controllerutil"
-	"sigs.k8s.io/controller-runtime/pkg/event"
-	"sigs.k8s.io/controller-runtime/pkg/predicate"
-)
-
-// PDBReconciler reconciles a PDB object
-type PDBReconciler struct {
-	client.Client
-	Log      logr.Logger
-	Scheme   *runtime.Scheme
-	Interval time.Duration
-	Recorder record.EventRecorder
-}
-
-type controllers struct {
-	Pdbc PDBReconciler
-	Cdbc CDBReconciler
-}
-
-type RESTSQLCollection struct {
-	Env struct {
-		DefaultTimeZone string `json:"defaultTimeZone,omitempty"`
-	} `json:"env"`
-	Items []SQLItem `json:"items"`
-}
-
-type SQLItem struct {
-	StatementId  int      `json:"statementId,omitempty"`
-	Response     []string `json:"response"`
-	ErrorCode    int      `json:"errorCode,omitempty"`
-	ErrorLine    int      `json:"errorLine,omitempty"`
-	ErrorColumn  int      `json:"errorColumn,omitempty"`
-	ErrorDetails string   `json:"errorDetails,omitempty"`
-	Result       int      `json:"result,omitempty"`
-}
-
-type ORDSError struct {
-	Code     string `json:"code,omitempty"`
-	Message  string `json:"message,omitempty"`
-	Type     string `json:"type,omitempty"`
-	Instance string `json:"instance,omitempty"`
-}
-
-var (
-	pdbPhaseCreate = "Creating"
-	pdbPhasePlug   = "Plugging"
-	pdbPhaseUnplug = "Unplugging"
-	pdbPhaseClone  = "Cloning"
-	pdbPhaseFinish = "Finishing"
-	pdbPhaseReady  = "Ready"
-	pdbPhaseDelete = "Deleting"
-	pdbPhaseModify = "Modifying"
-	pdbPhaseMap    = "Mapping"
-	pdbPhaseStatus = "CheckingState"
-	pdbPhaseFail   = "Failed"
-)
-
-const PDBFinalizer = "database.oracle.com/PDBfinalizer"
-const ONE = 1
-const ZERO = 0
-
-var tdePassword string
-var tdeSecret string
-var floodcontrol bool = false
-var assertivePdbDeletion bool = false /* Global variable for assertive pdb deletion */
-
-//+kubebuilder:rbac:groups=database.oracle.com,resources=pdbs,verbs=get;list;watch;create;update;patch;delete
-//+kubebuilder:rbac:groups=database.oracle.com,resources=pdbs/status,verbs=get;update;patch
-//+kubebuilder:rbac:groups=database.oracle.com,resources=pdbs/finalizers,verbs=get;create;update;patch;delete
-
-// +kubebuilder:rbac:groups=core,resources=pods;pods/log;pods/exec;secrets;containers;services;events;configmaps;namespaces,verbs=get;list;watch;create;update;patch;delete
-// +kubebuilder:rbac:groups=core,resources=pods/exec,verbs=create
-// +kubebuilder:rbac:groups=apps,resources=statefulsets,verbs=get;list;watch;create;update;patch;delete
-// +kubebuilder:rbac:groups='',resources=statefulsets/finalizers,verbs=get;list;watch;create;update;patch;delete
-
-// Reconcile is part of the main kubernetes reconciliation loop which aims to
-// move the current state of the cluster closer to the desired state.
-// TODO(user): Modify the Reconcile function to compare the state specified by
-// the PDB object against the actual cluster state, and then
-// perform operations to make the cluster state reflect the state specified by
-// the user.
-//
-// For more details, check Reconcile and its Result here:
-// - https://pkg.go.dev/sigs.k8s.io/controller-runtime@v0.9.2/pkg/reconcile
-
-func (r *PDBReconciler) Reconcile(ctx context.Context, req ctrl.Request) (ctrl.Result, error) {
-	log := r.Log.WithValues("multitenantoperator", req.NamespacedName)
-	log.Info("Reconcile requested")
-
-	reconcilePeriod := r.Interval * time.Second
-	requeueY := ctrl.Result{Requeue: true, RequeueAfter: reconcilePeriod}
-	requeueN := ctrl.Result{}
-
-	var err error
-	pdb := &dbapi.PDB{}
-
-	// Execute for every reconcile
-	defer func() {
-		//log.Info("DEFER PDB", "Name", pdb.Name, "Phase", pdb.Status.Phase, "Status", strconv.FormatBool(pdb.Status.Status))
-		if !pdb.Status.Status {
-			if pdb.Status.Phase == pdbPhaseReady {
-				pdb.Status.Status = true
-			}
-			if err := r.Status().Update(ctx, pdb); err != nil {
-				log.Error(err, "Failed to update status for :"+pdb.Name, "err", err.Error())
-			}
-		}
-	}()
-
-	err = r.Client.Get(context.TODO(), req.NamespacedName, pdb)
-	if err != nil {
-		if apierrors.IsNotFound(err) {
-			log.Info("PDB Resource Not found", "Name", pdb.Name)
-			// Request object not found, could have been deleted after reconcile req.
-			// Owned objects are automatically garbage collected. For additional cleanup logic use finalizers.
-			// Return and don't requeue
-			pdb.Status.Status = true
-			return requeueN, nil
-		}
-		// Error reading the object - requeue the req.
-		return requeueY, err
-	}
-
-	// Finalizer section
-	err = r.managePDBDeletion2(ctx, req, pdb)
-	if err != nil {
-		log.Info("managePDBDeletion2 Error Deleting resource ")
-		return requeueY, nil
-	}
-
-	// Check for Duplicate PDB
-	if !pdb.Status.Status {
-		err = r.checkDuplicatePDB(ctx, req, pdb)
-		if err != nil {
-			return requeueN, nil
-		}
-	}
-
-	action := strings.ToUpper(pdb.Spec.Action)
-
-	if pdb.Status.Phase == pdbPhaseReady {
-		//log.Info("PDB:", "Name", pdb.Name, "Phase", pdb.Status.Phase, "Status", strconv.FormatBool(pdb.Status.Status))
-		if (pdb.Status.Action != "") && (action == "MODIFY" || action == "STATUS" || pdb.Status.Action != action) {
-			pdb.Status.Status = false
-		} else {
-			err = r.getPDBState(ctx, req, pdb)
-			if err != nil {
-				pdb.Status.Phase = pdbPhaseFail
-			} else {
-				pdb.Status.Phase = pdbPhaseReady
-				pdb.Status.Msg = "Success"
-			}
-			r.Status().Update(ctx, pdb)
-		}
-	}
-
-	if !pdb.Status.Status {
-		r.validatePhase(ctx, req, pdb)
-		phase := pdb.Status.Phase
-		log.Info("PDB:", "Name", pdb.Name, "Phase", phase, "Status", strconv.FormatBool(pdb.Status.Status))
-
-		switch phase {
-		case pdbPhaseCreate:
-			err = r.createPDB(ctx, req, pdb)
-		case pdbPhaseClone:
-			err = r.clonePDB(ctx, req, pdb)
-		case pdbPhasePlug:
-			err = r.plugPDB(ctx, req, pdb)
-		case pdbPhaseUnplug:
-			err = r.unplugPDB(ctx, req, pdb)
-		case pdbPhaseModify:
-			err = r.modifyPDB(ctx, req, pdb)
-		case pdbPhaseDelete:
-			err = r.deletePDB(ctx, req, pdb)
-		case pdbPhaseStatus:
-			err = r.getPDBState(ctx, req, pdb)
-		case pdbPhaseMap:
-			err = r.mapPDB(ctx, req, pdb)
-		case pdbPhaseFail:
-			err = r.mapPDB(ctx, req, pdb)
-		default:
-			log.Info("DEFAULT:", "Name", pdb.Name, "Phase", phase, "Status", strconv.FormatBool(pdb.Status.Status))
-			return requeueN, nil
-		}
-		pdb.Status.Action = strings.ToUpper(pdb.Spec.Action)
-		if err != nil {
-			pdb.Status.Phase = pdbPhaseFail
-		} else {
-			pdb.Status.Phase = pdbPhaseReady
-			pdb.Status.Msg = "Success"
-		}
-	}
-
-	log.Info("Reconcile completed")
-	return requeueY, nil
-}
-
-/*
-************************************************
-  - Validate the PDB Spec
-    /***********************************************
-*/
-func (r *PDBReconciler) validatePhase(ctx context.Context, req ctrl.Request, pdb *dbapi.PDB) {
-
-	log := r.Log.WithValues("validatePhase", req.NamespacedName)
-
-	action := strings.ToUpper(pdb.Spec.Action)
-
-	log.Info("Validating PDB phase for: "+pdb.Name, "Action", action)
-
-	switch action {
-	case "CREATE":
-		pdb.Status.Phase = pdbPhaseCreate
-	case "CLONE":
-		pdb.Status.Phase = pdbPhaseClone
-	case "PLUG":
-		pdb.Status.Phase = pdbPhasePlug
-	case "UNPLUG":
-		pdb.Status.Phase = pdbPhaseUnplug
-	case "MODIFY":
-		pdb.Status.Phase = pdbPhaseModify
-	case "DELETE":
-		pdb.Status.Phase = pdbPhaseDelete
-	case "STATUS":
-		pdb.Status.Phase = pdbPhaseStatus
-	case "MAP":
-		pdb.Status.Phase = pdbPhaseMap
-	}
-
-	log.Info("Validation complete")
-}
-
-/*
-***************************************************************
-  - Check for Duplicate PDB. Same PDB name on the same CDB resource.
-    /**************************************************************
-*/
-func (r *PDBReconciler) checkDuplicatePDB(ctx context.Context, req ctrl.Request, pdb *dbapi.PDB) error {
-
-	// Name of the CDB CR that holds the ORDS container
-	cdbResName := pdb.Spec.CDBResName
-
-	log := r.Log.WithValues("checkDuplicatePDB", pdb.Spec.CDBNamespace)
-	pdbResName := pdb.Spec.PDBName
-
-	pdbList := &dbapi.PDBList{}
-
-	listOpts := []client.ListOption{client.InNamespace(pdb.Spec.CDBNamespace), client.MatchingFields{"spec.pdbName": pdbResName}}
-
-	// List retrieves list of objects for a given namespace and list options.
-	err := r.List(ctx, pdbList, listOpts...)
-	if err != nil {
-		log.Info("Failed to list pdbs", "Namespace", pdb.Spec.CDBNamespace, "Error", err)
-		return err
-	}
-
-	if len(pdbList.Items) == 0 {
-		log.Info("No pdbs found for PDBName: "+pdbResName, "CDBResName", cdbResName)
-		return nil
-	}
-
-	for _, p := range pdbList.Items {
-		log.Info("Found PDB: " + p.Name)
-		if (p.Name != pdb.Name) && (p.Spec.CDBResName == cdbResName) {
-			log.Info("Duplicate PDB found")
-			pdb.Status.Msg = "PDB Resource already exists"
-			pdb.Status.Status = false
-			pdb.Status.Phase = pdbPhaseFail
-			return errors.New("Duplicate PDB found")
-		}
-	}
-	return nil
-}
-
-/*
-***************************************************************
-  - Get the Custom Resource for the CDB mentioned in the PDB Spec
-    /**************************************************************
-*/
-func (r *PDBReconciler) getCDBResource(ctx context.Context, req ctrl.Request, pdb *dbapi.PDB) (dbapi.CDB, error) {
-
-	log := r.Log.WithValues("getCDBResource", req.NamespacedName)
-
-	var cdb dbapi.CDB // CDB CR corresponding to the CDB name specified in the PDB spec
-
-	// Name of the CDB CR that holds the ORDS container
-	cdbResName := pdb.Spec.CDBResName
-	cdbNamespace := pdb.Spec.CDBNamespace
-
-	// Get CDB CR corresponding to the CDB name specified in the PDB spec
-	err := r.Get(context.Background(), client.ObjectKey{
-		Namespace: cdbNamespace,
-		Name:      cdbResName,
-	}, &cdb)
-
-	if err != nil {
-		log.Info("Failed to get CRD for CDB", "Name", cdbResName, "Namespace", pdb.Spec.CDBNamespace, "Error", err.Error())
-		pdb.Status.Msg = "Unable to get CRD for CDB : " + cdbResName
-		r.Status().Update(ctx, pdb)
-		return cdb, err
-	}
-
-	log.Info("Found CR for CDB", "Name", cdbResName, "CR Name", cdb.Name)
-	return cdb, nil
-}
-
-/*
-***************************************************************
-  - Get the ORDS Pod for the CDB mentioned in the PDB Spec
-    /**************************************************************
-*/
-func (r *PDBReconciler) getORDSPod(ctx context.Context, req ctrl.Request, pdb *dbapi.PDB) (corev1.Pod, error) {
-
-	log := r.Log.WithValues("getORDSPod", req.NamespacedName)
-
-	var cdbPod corev1.Pod // ORDS Pod container with connection to the concerned CDB
-
-	// Name of the CDB CR that holds the ORDS container
-	cdbResName := pdb.Spec.CDBResName
-
-	// Get ORDS Pod associated with the CDB Name specified in the PDB Spec
-	err := r.Get(context.Background(), client.ObjectKey{
-		Namespace: pdb.Spec.CDBNamespace,
-		Name:      cdbResName + "-ords",
-	}, &cdbPod)
-
-	if err != nil {
-		log.Info("Failed to get Pod for CDB", "Name", cdbResName, "Namespace", pdb.Spec.CDBNamespace, "Error", err.Error())
-		pdb.Status.Msg = "Unable to get ORDS Pod for CDB : " + cdbResName
-		return cdbPod, err
-	}
-
-	log.Info("Found ORDS Pod for CDB", "Name", cdbResName, "Pod Name", cdbPod.Name, "ORDS Container hostname", cdbPod.Spec.Hostname)
-	return cdbPod, nil
-}
-
-/*
-************************************************
-  - Get Secret Key for a Secret Name
-    /***********************************************
-*/
-func (r *PDBReconciler) getSecret(ctx context.Context, req ctrl.Request, pdb *dbapi.PDB, secretName string, keyName string) (string, error) {
-
-	log := r.Log.WithValues("getSecret", req.NamespacedName)
-
-	secret := &corev1.Secret{}
-	err := r.Get(ctx, types.NamespacedName{Name: secretName, Namespace: pdb.Namespace}, secret)
-	if err != nil {
-		if apierrors.IsNotFound(err) {
-			log.Info("Secret not found:" + secretName)
-			pdb.Status.Msg = "Secret not found:" + secretName
-			return "", err
-		}
-		log.Error(err, "Unable to get the secret.")
-		return "", err
-	}
-
-	return string(secret.Data[keyName]), nil
-}
-
-/*
-************************************************
-  - Issue a REST API Call to the ORDS container
-
-***********************************************
-*/
-func (r *PDBReconciler) callAPI(ctx context.Context, req ctrl.Request, pdb *dbapi.PDB, url string, payload map[string]string, action string) (string, error) {
-	log := r.Log.WithValues("callAPI", req.NamespacedName)
-
-	var err error
-
-	secret := &corev1.Secret{}
-
-	err = r.Get(ctx, types.NamespacedName{Name: pdb.Spec.PDBTlsKey.Secret.SecretName, Namespace: pdb.Namespace}, secret)
-
-	if err != nil {
-		if apierrors.IsNotFound(err) {
-			log.Info("Secret not found:" + pdb.Spec.PDBTlsKey.Secret.SecretName)
-			return "", err
-		}
-		log.Error(err, "Unable to get the secret.")
-		return "", err
-	}
-	rsaKeyPEM := secret.Data[pdb.Spec.PDBTlsKey.Secret.Key]
-
-	err = r.Get(ctx, types.NamespacedName{Name: pdb.Spec.PDBTlsCrt.Secret.SecretName, Namespace: pdb.Namespace}, secret)
-
-	if err != nil {
-		if apierrors.IsNotFound(err) {
-			log.Info("Secret not found:" + pdb.Spec.PDBTlsCrt.Secret.SecretName)
-			return "", err
-		}
-		log.Error(err, "Unable to get the secret.")
-		return "", err
-	}
-
-	rsaCertPEM := secret.Data[pdb.Spec.PDBTlsCrt.Secret.Key]
-
-	err = r.Get(ctx, types.NamespacedName{Name: pdb.Spec.PDBTlsCat.Secret.SecretName, Namespace: pdb.Namespace}, secret)
-
-	if err != nil {
-		if apierrors.IsNotFound(err) {
-			log.Info("Secret not found:" + pdb.Spec.PDBTlsCat.Secret.SecretName)
-			return "", err
-		}
-		log.Error(err, "Unable to get the secret.")
-		return "", err
-	}
-
-	caCert := secret.Data[pdb.Spec.PDBTlsCat.Secret.Key]
-
-	certificate, err := tls.X509KeyPair([]byte(rsaCertPEM), []byte(rsaKeyPEM))
-	if err != nil {
-		pdb.Status.Msg = "Error tls.X509KeyPair"
-		return "", err
-	}
-
-	caCertPool := x509.NewCertPool()
-	caCertPool.AppendCertsFromPEM(caCert)
-
-	tlsConf := &tls.Config{Certificates: []tls.Certificate{certificate}, RootCAs: caCertPool}
-
-	tr := &http.Transport{TLSClientConfig: tlsConf}
-
-	httpclient := &http.Client{Transport: tr}
-
-	log.Info("Issuing REST call", "URL", url, "Action", action)
-
-	/*
-		cdb, err := r.getCDBResource(ctx, req, pdb)
-		if err != nil {
-			return "", err
-		}
-	*/
-
-	err = r.Get(ctx, types.NamespacedName{Name: pdb.Spec.WebServerUsr.Secret.SecretName, Namespace: pdb.Namespace}, secret)
-	if err != nil {
-		if apierrors.IsNotFound(err) {
-			log.Info("Secret not found:" + pdb.Spec.WebServerUsr.Secret.SecretName)
-			return "", err
-		}
-		log.Error(err, "Unable to get the secret.")
-		return "", err
-	}
-
-	webUser := string(secret.Data[pdb.Spec.WebServerUsr.Secret.Key])
-	webUser = strings.TrimSpace(webUser)
-
-	secret = &corev1.Secret{}
-	err = r.Get(ctx, types.NamespacedName{Name: pdb.Spec.WebServerPwd.Secret.SecretName, Namespace: pdb.Namespace}, secret)
-	if err != nil {
-		if apierrors.IsNotFound(err) {
-			log.Info("Secret not found:" + pdb.Spec.WebServerPwd.Secret.SecretName)
-			return "", err
-		}
-		log.Error(err, "Unable to get the secret.")
-		return "", err
-	}
-	webUserPwd := string(secret.Data[pdb.Spec.WebServerPwd.Secret.Key])
-	webUserPwd = strings.TrimSpace(webUserPwd)
-
-	var httpreq *http.Request
-	if action == "GET" {
-		httpreq, err = http.NewRequest(action, url, nil)
-	} else {
-		jsonValue, _ := json.Marshal(payload)
-		httpreq, err = http.NewRequest(action, url, bytes.NewBuffer(jsonValue))
-	}
-
-	if err != nil {
-		log.Info("Unable to create HTTP Request for PDB : "+pdb.Name, "err", err.Error())
-		return "", err
-	}
-
-	httpreq.Header.Add("Accept", "application/json")
-	httpreq.Header.Add("Content-Type", "application/json")
-	httpreq.SetBasicAuth(webUser, webUserPwd)
-
-	resp, err := httpclient.Do(httpreq)
-	if err != nil {
-		errmsg := err.Error()
-		log.Error(err, "Failed - Could not connect to ORDS Pod", "err", err.Error())
-		pdb.Status.Msg = "Error: Could not connect to ORDS Pod"
-		r.Recorder.Eventf(pdb, corev1.EventTypeWarning, "ORDSError", errmsg)
-		return "", err
-	}
-
-	r.Recorder.Eventf(pdb, corev1.EventTypeWarning, "Done", pdb.Spec.CDBResName)
-	if resp.StatusCode != http.StatusOK {
-		bb, _ := ioutil.ReadAll(resp.Body)
-
-		if resp.StatusCode == 404 {
-			pdb.Status.ConnString = ""
-			pdb.Status.Msg = pdb.Spec.PDBName + " not found"
-
-		} else {
-			if floodcontrol == false {
-				pdb.Status.Msg = "ORDS Error - HTTP Status Code:" + strconv.Itoa(resp.StatusCode)
-			}
-		}
-
-		if floodcontrol == false {
-			log.Info("ORDS Error - HTTP Status Code :"+strconv.Itoa(resp.StatusCode), "Err", string(bb))
-		}
-
-		var apiErr ORDSError
-		json.Unmarshal([]byte(bb), &apiErr)
-		if floodcontrol == false {
-			r.Recorder.Eventf(pdb, corev1.EventTypeWarning, "ORDSError", "Failed: %s", apiErr.Message)
-		}
-		//fmt.Printf("%+v", apiErr)
-		//fmt.Println(string(bb))
-		floodcontrol = true
-		return "", errors.New("ORDS Error")
-	}
-	floodcontrol = false
-
-	defer resp.Body.Close()
-
-	bodyBytes, err := ioutil.ReadAll(resp.Body)
-	if err != nil {
-		fmt.Print(err.Error())
-	}
-	respData := string(bodyBytes)
-	//fmt.Println(string(bodyBytes))
-
-	var apiResponse RESTSQLCollection
-	json.Unmarshal([]byte(bodyBytes), &apiResponse)
-	//fmt.Printf("%#v", apiResponse)
-	//fmt.Printf("%+v", apiResponse)
-
-	errFound := false
-	for _, sqlItem := range apiResponse.Items {
-		if sqlItem.ErrorDetails != "" {
-			log.Info("ORDS Error - Oracle Error Code :" + strconv.Itoa(sqlItem.ErrorCode))
-			if !errFound {
-				pdb.Status.Msg = sqlItem.ErrorDetails
-			}
-			r.Recorder.Eventf(pdb, corev1.EventTypeWarning, "OraError", "%s", sqlItem.ErrorDetails)
-			errFound = true
-		}
-	}
-
-	if errFound {
-		return "", errors.New("Oracle Error")
-	}
-
-	return respData, nil
-}
-
-/*
-************************************************
-  - Create a PDB
-
-***********************************************
-*/
-func (r *PDBReconciler) createPDB(ctx context.Context, req ctrl.Request, pdb *dbapi.PDB) error {
-
-	log := r.Log.WithValues("createPDB", req.NamespacedName)
-
-	var err error
-	var tdePassword string
-	var tdeSecret string
-
-	cdb, err := r.getCDBResource(ctx, req, pdb)
-	if err != nil {
-		return err
-	}
-
-	/*** BEGIN GET ENCPASS ***/
-	secret := &corev1.Secret{}
-
-	err = r.Get(ctx, types.NamespacedName{Name: pdb.Spec.AdminName.Secret.SecretName, Namespace: pdb.Namespace}, secret)
-	if err != nil {
-		if apierrors.IsNotFound(err) {
-			log.Info("Secret not found:" + pdb.Spec.AdminName.Secret.SecretName)
-			return err
-		}
-		log.Error(err, "Unable to get the secret.")
-		return err
-	}
-	pdbAdminNameEnc := string(secret.Data[pdb.Spec.AdminName.Secret.Key])
-	pdbAdminNameEnc = strings.TrimSpace(pdbAdminNameEnc)
-
-	err = r.Get(ctx, types.NamespacedName{Name: pdb.Spec.PDBPriKey.Secret.SecretName, Namespace: pdb.Namespace}, secret)
-	if err != nil {
-		if apierrors.IsNotFound(err) {
-			log.Info("Secret not found:" + pdb.Spec.PDBPriKey.Secret.SecretName)
-			return err
-		}
-		log.Error(err, "Unable to get the secret.")
-		return err
-	}
-	privKey := string(secret.Data[pdb.Spec.PDBPriKey.Secret.Key])
-	pdbAdminName, err := lrcommons.CommonDecryptWithPrivKey(privKey, pdbAdminNameEnc, req)
-
-	// Get Web Server User Password
-	secret = &corev1.Secret{}
-	err = r.Get(ctx, types.NamespacedName{Name: pdb.Spec.AdminPwd.Secret.SecretName, Namespace: pdb.Namespace}, secret)
-	if err != nil {
-		if apierrors.IsNotFound(err) {
-			log.Info("Secret not found:" + pdb.Spec.AdminPwd.Secret.SecretName)
-			return err
-		}
-		log.Error(err, "Unable to get the secret.")
-		return err
-	}
-	pdbAdminPwdEnc := string(secret.Data[pdb.Spec.AdminPwd.Secret.Key])
-	pdbAdminPwdEnc = strings.TrimSpace(pdbAdminPwdEnc)
-	pdbAdminPwd, err := lrcommons.CommonDecryptWithPrivKey(privKey, pdbAdminPwdEnc, req)
-	pdbAdminName = strings.TrimSuffix(pdbAdminName, "\n")
-	pdbAdminPwd = strings.TrimSuffix(pdbAdminPwd, "\n")
-	/*** END GET ENCPASS ***/
-
-	log.Info("====================> " + pdbAdminName + ":" + pdbAdminPwd)
-	/* Prevent creating an existing pdb */
-	err = r.getPDBState(ctx, req, pdb)
-	if err != nil {
-		if apierrors.IsNotFound(err) {
-			log.Info("Check PDB not existence completed", "PDB Name", pdb.Spec.PDBName)
-		}
-
-	} else {
-		log.Info("Database already exists ", "PDB Name", pdb.Spec.PDBName)
-		return nil
-	}
-
-	values := map[string]string{
-		"method":              "CREATE",
-		"pdb_name":            pdb.Spec.PDBName,
-		"adminName":           pdbAdminName,
-		"adminPwd":            pdbAdminPwd,
-		"fileNameConversions": pdb.Spec.FileNameConversions,
-		"reuseTempFile":       strconv.FormatBool(*(pdb.Spec.ReuseTempFile)),
-		"unlimitedStorage":    strconv.FormatBool(*(pdb.Spec.UnlimitedStorage)),
-		"totalSize":           pdb.Spec.TotalSize,
-		"tempSize":            pdb.Spec.TempSize,
-		"getScript":           strconv.FormatBool(*(pdb.Spec.GetScript))}
-
-	if *(pdb.Spec.TDEImport) {
-		tdePassword, err = r.getSecret(ctx, req, pdb, pdb.Spec.TDEPassword.Secret.SecretName, pdb.Spec.TDEPassword.Secret.Key)
-		if err != nil {
-			return err
-		}
-		tdeSecret, err = r.getSecret(ctx, req, pdb, pdb.Spec.TDESecret.Secret.SecretName, pdb.Spec.TDESecret.Secret.Key)
-		if err != nil {
-			return err
-		}
-
-		tdeSecret = tdeSecret[:len(tdeSecret)-1]
-		tdePassword = tdeSecret[:len(tdePassword)-1]
-		values["tdePassword"] = tdePassword
-		values["tdeKeystorePath"] = pdb.Spec.TDEKeystorePath
-		values["tdeSecret"] = tdeSecret
-	}
-
-	url := "https://" + pdb.Spec.CDBResName + "-ords." + pdb.Spec.CDBNamespace + ":" + strconv.Itoa(cdb.Spec.ORDSPort) + "/ords/_/db-api/latest/database/pdbs/"
-
-	pdb.Status.TotalSize = pdb.Spec.TotalSize
-	pdb.Status.Phase = pdbPhaseCreate
-	pdb.Status.Msg = "Waiting for PDB to be created"
-	if err := r.Status().Update(ctx, pdb); err != nil {
-		log.Error(err, "Failed to update status for :"+pdb.Name, "err", err.Error())
-	}
-	_, err = NewCallApi(r, ctx, req, pdb, url, values, "POST")
-	if err != nil {
-		log.Error(err, "callAPI error", "err", err.Error())
-		return err
-	}
-
-	r.Recorder.Eventf(pdb, corev1.EventTypeNormal, "Created", "PDB '%s' created successfully", pdb.Spec.PDBName)
-
-	if cdb.Spec.DBServer != "" {
-		pdb.Status.ConnString = cdb.Spec.DBServer + ":" + strconv.Itoa(cdb.Spec.DBPort) + "/" + pdb.Spec.PDBName
-	} else {
-		pdb.Status.ConnString = cdb.Spec.DBTnsurl
-		ParseTnsAlias(&(pdb.Status.ConnString), &(pdb.Spec.PDBName))
-	}
-
-	assertivePdbDeletion = pdb.Spec.AssertivePdbDeletion
-	if pdb.Spec.AssertivePdbDeletion == true {
-		r.Recorder.Eventf(pdb, corev1.EventTypeNormal, "Created", "PDB '%s' assertive pdb deletion turned on", pdb.Spec.PDBName)
-	}
-	log.Info("New connect strinng", "tnsurl", cdb.Spec.DBTnsurl)
-	log.Info("Created PDB Resource", "PDB Name", pdb.Spec.PDBName)
-	r.getPDBState(ctx, req, pdb)
-	return nil
-}
-
-/*
-************************************************
-  - Clone a PDB
-
-***********************************************
-*/
-func (r *PDBReconciler) clonePDB(ctx context.Context, req ctrl.Request, pdb *dbapi.PDB) error {
-
-	if pdb.Spec.PDBName == pdb.Spec.SrcPDBName {
-		return nil
-	}
-
-	log := r.Log.WithValues("clonePDB", req.NamespacedName)
-
-	var err error
-
-	cdb, err := r.getCDBResource(ctx, req, pdb)
-	if err != nil {
-		return err
-	}
-
-	/* Prevent cloning an existing pdb */
-	err = r.getPDBState(ctx, req, pdb)
-	if err != nil {
-		if apierrors.IsNotFound(err) {
-			log.Info("Check PDB not existence completed", "PDB Name", pdb.Spec.PDBName)
-		}
-
-	} else {
-		log.Info("Database already exists ", "PDB Name", pdb.Spec.PDBName)
-		return nil
-	}
-
-	values := map[string]string{
-		"method":           "CLONE",
-		"clonePDBName":     pdb.Spec.PDBName,
-		"reuseTempFile":    strconv.FormatBool(*(pdb.Spec.ReuseTempFile)),
-		"unlimitedStorage": strconv.FormatBool(*(pdb.Spec.UnlimitedStorage)),
-		"getScript":        strconv.FormatBool(*(pdb.Spec.GetScript))}
-
-	if pdb.Spec.SparseClonePath != "" {
-		values["sparseClonePath"] = pdb.Spec.SparseClonePath
-	}
-	if pdb.Spec.FileNameConversions != "" {
-		values["fileNameConversions"] = pdb.Spec.FileNameConversions
-	}
-	if pdb.Spec.TotalSize != "" {
-		values["totalSize"] = pdb.Spec.TotalSize
-	}
-	if pdb.Spec.TempSize != "" {
-		values["tempSize"] = pdb.Spec.TempSize
-	}
-
-	url := "https://" + pdb.Spec.CDBResName + "-ords." + pdb.Spec.CDBNamespace + ":" + strconv.Itoa(cdb.Spec.ORDSPort) + "/ords/_/db-api/latest/database/pdbs/" + pdb.Spec.SrcPDBName + "/"
-
-	pdb.Status.Phase = pdbPhaseClone
-	pdb.Status.Msg = "Waiting for PDB to be cloned"
-	if err := r.Status().Update(ctx, pdb); err != nil {
-		log.Error(err, "Failed to update status for :"+pdb.Name, "err", err.Error())
-	}
-	_, err = NewCallApi(r, ctx, req, pdb, url, values, "POST")
-	if err != nil {
-		return err
-	}
-
-	r.Recorder.Eventf(pdb, corev1.EventTypeNormal, "Created", "PDB '%s' cloned successfully", pdb.Spec.PDBName)
-
-	if cdb.Spec.DBServer != "" {
-		pdb.Status.ConnString = cdb.Spec.DBServer + ":" + strconv.Itoa(cdb.Spec.DBPort) + "/" + pdb.Spec.PDBName
-	} else {
-		pdb.Status.ConnString = cdb.Spec.DBTnsurl
-		ParseTnsAlias(&(pdb.Status.ConnString), &(pdb.Spec.PDBName))
-	}
-
-	assertivePdbDeletion = pdb.Spec.AssertivePdbDeletion
-	if pdb.Spec.AssertivePdbDeletion == true {
-		r.Recorder.Eventf(pdb, corev1.EventTypeNormal, "Clone", "PDB '%s' assertive pdb deletion turned on", pdb.Spec.PDBName)
-	}
-
-	log.Info("Cloned PDB successfully", "Source PDB Name", pdb.Spec.SrcPDBName, "Clone PDB Name", pdb.Spec.PDBName)
-	r.getPDBState(ctx, req, pdb)
-	return nil
-}
-
-/*
-************************************************
-  - Plug a PDB
-
-***********************************************
-*/
-func (r *PDBReconciler) plugPDB(ctx context.Context, req ctrl.Request, pdb *dbapi.PDB) error {
-
-	log := r.Log.WithValues("plugPDB", req.NamespacedName)
-
-	var err error
-	var tdePassword string
-	var tdeSecret string
-
-	cdb, err := r.getCDBResource(ctx, req, pdb)
-	if err != nil {
-		return err
-	}
-
-	values := map[string]string{
-		"method":      "PLUG",
-		"xmlFileName": pdb.Spec.XMLFileName,
-		"pdb_name":    pdb.Spec.PDBName,
-		//"adminName":                 pdbAdminName,
-		//"adminPwd":                  pdbAdminPwd,
-		"sourceFileNameConversions": pdb.Spec.SourceFileNameConversions,
-		"copyAction":                pdb.Spec.CopyAction,
-		"fileNameConversions":       pdb.Spec.FileNameConversions,
-		"unlimitedStorage":          strconv.FormatBool(*(pdb.Spec.UnlimitedStorage)),
-		"reuseTempFile":             strconv.FormatBool(*(pdb.Spec.ReuseTempFile)),
-		"totalSize":                 pdb.Spec.TotalSize,
-		"tempSize":                  pdb.Spec.TempSize,
-		"getScript":                 strconv.FormatBool(*(pdb.Spec.GetScript))}
-
-	if *(pdb.Spec.TDEImport) {
-		tdePassword, err = r.getSecret(ctx, req, pdb, pdb.Spec.TDEPassword.Secret.SecretName, pdb.Spec.TDEPassword.Secret.Key)
-		if err != nil {
-			return err
-		}
-		tdeSecret, err = r.getSecret(ctx, req, pdb, pdb.Spec.TDESecret.Secret.SecretName, pdb.Spec.TDESecret.Secret.Key)
-		if err != nil {
-			return err
-		}
-
-		tdeSecret = tdeSecret[:len(tdeSecret)-1]
-		tdePassword = tdeSecret[:len(tdePassword)-1]
-		values["tdePassword"] = tdePassword
-		values["tdeKeystorePath"] = pdb.Spec.TDEKeystorePath
-		values["tdeSecret"] = tdeSecret
-		values["tdeImport"] = strconv.FormatBool(*(pdb.Spec.TDEImport))
-	}
-	if *(pdb.Spec.AsClone) {
-		values["asClone"] = strconv.FormatBool(*(pdb.Spec.AsClone))
-	}
-
-	url := "https://" + pdb.Spec.CDBResName + "-ords." + pdb.Spec.CDBNamespace + ":" + strconv.Itoa(cdb.Spec.ORDSPort) + "/ords/_/db-api/latest/database/pdbs/"
-
-	pdb.Status.TotalSize = pdb.Spec.TotalSize
-	pdb.Status.Phase = pdbPhasePlug
-	pdb.Status.Msg = "Waiting for PDB to be plugged"
-	if err := r.Status().Update(ctx, pdb); err != nil {
-		log.Error(err, "Failed to update status for :"+pdb.Name, "err", err.Error())
-	}
-	_, err = NewCallApi(r, ctx, req, pdb, url, values, "POST")
-	if err != nil {
-		return err
-	}
-
-	r.Recorder.Eventf(pdb, corev1.EventTypeNormal, "Created", "PDB '%s' plugged successfully", pdb.Spec.PDBName)
-
-	if cdb.Spec.DBServer != "" {
-		pdb.Status.ConnString = cdb.Spec.DBServer + ":" + strconv.Itoa(cdb.Spec.DBPort) + "/" + pdb.Spec.PDBName
-	} else {
-		pdb.Status.ConnString = cdb.Spec.DBTnsurl
-		ParseTnsAlias(&(pdb.Status.ConnString), &(pdb.Spec.PDBName))
-	}
-
-	assertivePdbDeletion = pdb.Spec.AssertivePdbDeletion
-	if pdb.Spec.AssertivePdbDeletion == true {
-		r.Recorder.Eventf(pdb, corev1.EventTypeNormal, "Plugged", "PDB '%s' assertive pdb deletion turned on", pdb.Spec.PDBName)
-	}
-
-	log.Info("Successfully plugged PDB", "PDB Name", pdb.Spec.PDBName)
-	r.getPDBState(ctx, req, pdb)
-	return nil
-}
-
-/*
-************************************************
-  - Unplug a PDB
-
-***********************************************
-*/
-func (r *PDBReconciler) unplugPDB(ctx context.Context, req ctrl.Request, pdb *dbapi.PDB) error {
-
-	log := r.Log.WithValues("unplugPDB", req.NamespacedName)
-
-	var err error
-	var tdePassword string
-	var tdeSecret string
-
-	cdb, err := r.getCDBResource(ctx, req, pdb)
-	if err != nil {
-		return err
-	}
-
-	values := map[string]string{
-		"method":      "UNPLUG",
-		"xmlFileName": pdb.Spec.XMLFileName,
-		"getScript":   strconv.FormatBool(*(pdb.Spec.GetScript))}
-
-	if *(pdb.Spec.TDEExport) {
-		// Get the TDE Password
-		tdePassword, err = r.getSecret(ctx, req, pdb, pdb.Spec.TDEPassword.Secret.SecretName, pdb.Spec.TDEPassword.Secret.Key)
-		if err != nil {
-			return err
-		}
-		tdeSecret, err = r.getSecret(ctx, req, pdb, pdb.Spec.TDESecret.Secret.SecretName, pdb.Spec.TDESecret.Secret.Key)
-		if err != nil {
-			return err
-		}
-
-		tdeSecret = tdeSecret[:len(tdeSecret)-1]
-		tdePassword = tdeSecret[:len(tdePassword)-1]
-		values["tdePassword"] = tdePassword
-		values["tdeKeystorePath"] = pdb.Spec.TDEKeystorePath
-		values["tdeSecret"] = tdeSecret
-		values["tdeExport"] = strconv.FormatBool(*(pdb.Spec.TDEExport))
-	}
-
-	url := "https://" + pdb.Spec.CDBResName + "-ords." + pdb.Spec.CDBNamespace + ":" + strconv.Itoa(cdb.Spec.ORDSPort) + "/ords/_/db-api/latest/database/pdbs/" + pdb.Spec.PDBName + "/"
-
-	log.Info("CallAPI(url)", "url", url)
-
-	pdb.Status.Phase = pdbPhaseUnplug
-	pdb.Status.Msg = "Waiting for PDB to be unplugged"
-
-	if cdb.Spec.DBServer != "" {
-		pdb.Status.ConnString = cdb.Spec.DBServer + ":" + strconv.Itoa(cdb.Spec.DBPort) + "/" + pdb.Spec.PDBName
-	} else {
-		pdb.Status.ConnString = cdb.Spec.DBTnsurl
-		ParseTnsAlias(&(pdb.Status.ConnString), &(pdb.Spec.PDBName))
-	}
-
-	if err := r.Status().Update(ctx, pdb); err != nil {
-		log.Error(err, "Failed to update status for :"+pdb.Name, "err", err.Error())
-	}
-	_, err = NewCallApi(r, ctx, req, pdb, url, values, "POST")
-	if err != nil {
-		return err
-	}
-
-	if controllerutil.ContainsFinalizer(pdb, PDBFinalizer) {
-		log.Info("Removing finalizer")
-		controllerutil.RemoveFinalizer(pdb, PDBFinalizer)
-		err := r.Update(ctx, pdb)
-		if err != nil {
-			log.Info("Could not remove finalizer", "err", err.Error())
-			return err
-		}
-		pdb.Status.Status = true
-		err = r.Delete(context.Background(), pdb, client.GracePeriodSeconds(1))
-		if err != nil {
-			log.Info("Could not delete PDB resource", "err", err.Error())
-			return err
-		}
-	}
-
-	r.Recorder.Eventf(pdb, corev1.EventTypeNormal, "Unplugged", "PDB '%s' unplugged successfully", pdb.Spec.PDBName)
-
-	log.Info("Successfully unplugged PDB resource")
-	return nil
-}
-
-/*
-************************************************
-  - Modify a PDB state
-    /***********************************************
-*/
-func (r *PDBReconciler) modifyPDB(ctx context.Context, req ctrl.Request, pdb *dbapi.PDB) error {
-
-	log := r.Log.WithValues("modifyPDB", req.NamespacedName)
-
-	var err error
-
-	err = r.getPDBState(ctx, req, pdb)
-	if err != nil {
-		if apierrors.IsNotFound(err) {
-			log.Info("Warning PDB does not exist", "PDB Name", pdb.Spec.PDBName)
-			return nil
-		}
-		return err
-	}
-
-	if pdb.Status.OpenMode == "READ WRITE" && pdb.Spec.PDBState == "OPEN" && pdb.Spec.ModifyOption == "READ WRITE" {
-		/* Database is already open no action required */
-		return nil
-	}
-
-	if pdb.Status.OpenMode == "MOUNTED" && pdb.Spec.PDBState == "CLOSE" && pdb.Spec.ModifyOption == "IMMEDIATE" {
-		/* Database is already close no action required */
-		return nil
-	}
-
-	// To prevent Reconcile from Modifying again whenever the Operator gets re-started
-	/*
-		modOption := pdb.Spec.PDBState + "-" + pdb.Spec.ModifyOption
-		if pdb.Status.ModifyOption == modOption {
-			return nil
-		}
-	*/
-
-	cdb, err := r.getCDBResource(ctx, req, pdb)
-	if err != nil {
-		return err
-	}
-
-	values := map[string]string{
-		"state":        pdb.Spec.PDBState,
-		"modifyOption": pdb.Spec.ModifyOption,
-		"getScript":    strconv.FormatBool(*(pdb.Spec.GetScript))}
-	log.Info("MODIFY PDB", "pdb.Spec.PDBState=", pdb.Spec.PDBState, "pdb.Spec.ModifyOption=", pdb.Spec.ModifyOption)
-	log.Info("PDB STATUS OPENMODE", "pdb.Status.OpenMode=", pdb.Status.OpenMode)
-
-	pdbName := pdb.Spec.PDBName
-	url := "https://" + pdb.Spec.CDBResName + "-ords." + pdb.Spec.CDBNamespace + ":" + strconv.Itoa(cdb.Spec.ORDSPort) + "/ords/_/db-api/latest/database/pdbs/" + pdbName + "/status"
-
-	pdb.Status.Phase = pdbPhaseModify
-	pdb.Status.ModifyOption = pdb.Spec.PDBState + "-" + pdb.Spec.ModifyOption
-	pdb.Status.Msg = "Waiting for PDB to be modified"
-	if err := r.Status().Update(ctx, pdb); err != nil {
-		log.Error(err, "Failed to update status for :"+pdb.Name, "err", err.Error())
-	}
-	_, err = NewCallApi(r, ctx, req, pdb, url, values, "POST")
-	if err != nil {
-		return err
-	}
-
-	r.Recorder.Eventf(pdb, corev1.EventTypeNormal, "Modified", "PDB '%s' modified successfully", pdb.Spec.PDBName)
-
-	if cdb.Spec.DBServer != "" {
-		pdb.Status.ConnString = cdb.Spec.DBServer + ":" + strconv.Itoa(cdb.Spec.DBPort) + "/" + pdb.Spec.PDBName
-	} else {
-		pdb.Status.ConnString = cdb.Spec.DBTnsurl
-	}
-
-	log.Info("Successfully modified PDB state", "PDB Name", pdb.Spec.PDBName)
-	r.getPDBState(ctx, req, pdb)
-	return nil
-}
-
-/*
-************************************************
-  - Get PDB State
-    /***********************************************
-*/
-func (r *PDBReconciler) getPDBState(ctx context.Context, req ctrl.Request, pdb *dbapi.PDB) error {
-
-	log := r.Log.WithValues("getPDBState", req.NamespacedName)
-
-	var err error
-
-	cdb, err := r.getCDBResource(ctx, req, pdb)
-	if err != nil {
-		return err
-	}
-
-	pdbName := pdb.Spec.PDBName
-	url := "https://" + pdb.Spec.CDBResName + "-ords." + pdb.Spec.CDBNamespace + ":" + strconv.Itoa(cdb.Spec.ORDSPort) + "/ords/_/db-api/latest/database/pdbs/" + pdbName + "/status"
-
-	pdb.Status.Msg = "Getting PDB state"
-	if err := r.Status().Update(ctx, pdb); err != nil {
-		log.Error(err, "Failed to update status for :"+pdb.Name, "err", err.Error())
-	}
-
-	respData, err := NewCallApi(r, ctx, req, pdb, url, nil, "GET")
-
-	if err != nil {
-		pdb.Status.OpenMode = "UNKNOWN"
-		pdb.Status.Msg = "CHECK PDB STATUS"
-		pdb.Status.Status = false
-		return err
-	}
-
-	var objmap map[string]interface{}
-	if err := json.Unmarshal([]byte(respData), &objmap); err != nil {
-		log.Error(err, "Failed to get state of PDB :"+pdbName, "err", err.Error())
-	}
-
-	pdb.Status.OpenMode = objmap["open_mode"].(string)
-
-	if pdb.Status.OpenMode == "READ WRITE" {
-		err := r.mapPDB(ctx, req, pdb)
-		if err != nil {
-			log.Info("Fail to Map resource getting PDB state")
-		}
-	}
-
-	log.Info("Successfully obtained PDB state", "PDB Name", pdb.Spec.PDBName, "State", objmap["open_mode"].(string))
-	return nil
-}
-
-/*
-************************************************
-  - Map Database PDB to Kubernetes PDB CR
-    /***********************************************
-*/
-func (r *PDBReconciler) mapPDB(ctx context.Context, req ctrl.Request, pdb *dbapi.PDB) error {
-
-	log := r.Log.WithValues("mapPDB", req.NamespacedName)
-
-	var err error
-
-	cdb, err := r.getCDBResource(ctx, req, pdb)
-	if err != nil {
-		return err
-	}
-
-	pdbName := pdb.Spec.PDBName
-	url := "https://" + pdb.Spec.CDBResName + "-ords." + pdb.Spec.CDBNamespace + ":" + strconv.Itoa(cdb.Spec.ORDSPort) + "/ords/_/db-api/latest/database/pdbs/" + pdbName + "/"
-
-	pdb.Status.Msg = "Mapping PDB"
-	if err := r.Status().Update(ctx, pdb); err != nil {
-		log.Error(err, "Failed to update status for :"+pdb.Name, "err", err.Error())
-	}
-
-	respData, err := NewCallApi(r, ctx, req, pdb, url, nil, "GET")
-
-	if err != nil {
-		pdb.Status.OpenMode = "UNKNOWN"
-		return err
-	}
-
-	var objmap map[string]interface{}
-	if err := json.Unmarshal([]byte(respData), &objmap); err != nil {
-		log.Error(err, "Failed to get state of PDB :"+pdbName, "err", err.Error())
-	}
-
-	totSizeInBytes := objmap["total_size"].(float64)
-	totSizeInGB := totSizeInBytes / 1024 / 1024 / 1024
-
-	pdb.Status.OpenMode = objmap["open_mode"].(string)
-	pdb.Status.TotalSize = fmt.Sprintf("%.2f", totSizeInGB) + "G"
-	assertivePdbDeletion = pdb.Spec.AssertivePdbDeletion
-	if pdb.Spec.AssertivePdbDeletion == true {
-		r.Recorder.Eventf(pdb, corev1.EventTypeNormal, "Mapped", "PDB '%s' assertive pdb deletion turned on", pdb.Spec.PDBName)
-	}
-
-	if cdb.Spec.DBServer != "" {
-		pdb.Status.ConnString = cdb.Spec.DBServer + ":" + strconv.Itoa(cdb.Spec.DBPort) + "/" + pdb.Spec.PDBName
-	} else {
-		pdb.Status.ConnString = cdb.Spec.DBTnsurl
-		ParseTnsAlias(&(pdb.Status.ConnString), &(pdb.Spec.PDBName))
-	}
-
-	if err := r.Status().Update(ctx, pdb); err != nil {
-		log.Error(err, "Failed to update status for :"+pdb.Name, "err", err.Error())
-	}
-
-	log.Info("Successfully mapped PDB to Kubernetes resource", "PDB Name", pdb.Spec.PDBName)
-	return nil
-}
-
-/*
-************************************************
-  - Delete a PDB
-    /***********************************************
-*/
-func (r *PDBReconciler) deletePDB(ctx context.Context, req ctrl.Request, pdb *dbapi.PDB) error {
-
-	log := r.Log.WithValues("deletePDB", req.NamespacedName)
-
-	err := r.deletePDBInstance(req, ctx, pdb)
-	if err != nil {
-		log.Info("Could not delete PDB", "PDB Name", pdb.Spec.PDBName, "err", err.Error())
-		return err
-	}
-
-	if controllerutil.ContainsFinalizer(pdb, PDBFinalizer) {
-		log.Info("Removing finalizer")
-		controllerutil.RemoveFinalizer(pdb, PDBFinalizer)
-		err := r.Update(ctx, pdb)
-		if err != nil {
-			log.Info("Could not remove finalizer", "err", err.Error())
-			return err
-		}
-		pdb.Status.Status = true
-		err = r.Delete(context.Background(), pdb, client.GracePeriodSeconds(1))
-		if err != nil {
-			log.Info("Could not delete PDB resource", "err", err.Error())
-			return err
-		}
-	}
-
-	r.Recorder.Eventf(pdb, corev1.EventTypeNormal, "Deleted", "PDB '%s' dropped successfully", pdb.Spec.PDBName)
-
-	log.Info("Successfully deleted PDB resource")
-	return nil
-}
-
-/*************************************************
-  - Check PDB deletion
-**************************************************/
-
-func (r *PDBReconciler) managePDBDeletion2(ctx context.Context, req ctrl.Request, pdb *dbapi.PDB) error {
-	log := r.Log.WithValues("managePDBDeletion", req.NamespacedName)
-	if pdb.ObjectMeta.DeletionTimestamp.IsZero() {
-		if !controllerutil.ContainsFinalizer(pdb, PDBFinalizer) {
-			controllerutil.AddFinalizer(pdb, PDBFinalizer)
-			if err := r.Update(ctx, pdb); err != nil {
-				return err
-			}
-		}
-	} else {
-		log.Info("Pdb marked to be delted")
-		if controllerutil.ContainsFinalizer(pdb, PDBFinalizer) {
-			if assertivePdbDeletion == true {
-				log.Info("Deleting pdb CRD: Assertive approach is turned on ")
-				cdb, err := r.getCDBResource(ctx, req, pdb)
-				if err != nil {
-					log.Error(err, "Cannont find cdb resource ", "err", err.Error())
-					return err
-				}
-
-				var errclose error
-				pdbName := pdb.Spec.PDBName
-				if pdb.Status.OpenMode == "READ WRITE" {
-					valuesclose := map[string]string{
-						"state":        "CLOSE",
-						"modifyOption": "IMMEDIATE",
-						"getScript":    "FALSE"}
-					url := "https://" + pdb.Spec.CDBResName + "-ords." + pdb.Spec.CDBNamespace + ":" + strconv.Itoa(cdb.Spec.ORDSPort) + "/ords/_/db-api/latest/database/pdbs/" + pdbName + "/status"
-					_, errclose = NewCallApi(r, ctx, req, pdb, url, valuesclose, "POST")
-					if errclose != nil {
-						log.Info("Warning error closing pdb continue anyway")
-					}
-				}
-
-				if errclose == nil {
-					valuesdrop := map[string]string{
-						"action":    "INCLUDING",
-						"getScript": "FALSE"}
-					url := "https://" + pdb.Spec.CDBResName + "-ords." + pdb.Spec.CDBNamespace + ":" + strconv.Itoa(cdb.Spec.ORDSPort) + "/ords/_/db-api/latest/database/pdbs/" + pdbName + "/"
-
-					log.Info("Call Delete()")
-					_, errdelete := NewCallApi(r, ctx, req, pdb, url, valuesdrop, "DELETE")
-					if errdelete != nil {
-						log.Error(errdelete, "Fail to delete pdb :"+pdb.Name, "err", errdelete.Error())
-						return errdelete
-					}
-				}
-
-			} /* END OF ASSERTIVE SECTION */
-
-			log.Info("Marked to be deleted")
-			pdb.Status.Phase = pdbPhaseDelete
-			pdb.Status.Status = true
-			r.Status().Update(ctx, pdb)
-
-			controllerutil.RemoveFinalizer(pdb, PDBFinalizer)
-			if err := r.Update(ctx, pdb); err != nil {
-				log.Info("Cannot remove finalizer")
-				return err
-			}
-
-		}
-
-		return nil
-	}
-
-	return nil
-}
-
-/*
-************************************************
-  - Finalization logic for PDBFinalizer
-    /***********************************************
-*/
-func (r *PDBReconciler) deletePDBInstance(req ctrl.Request, ctx context.Context, pdb *dbapi.PDB) error {
-
-	log := r.Log.WithValues("deletePDBInstance", req.NamespacedName)
-
-	var err error
-
-	cdb, err := r.getCDBResource(ctx, req, pdb)
-	if err != nil {
-		return err
-	}
-
-	values := map[string]string{
-		"action":    "KEEP",
-		"getScript": strconv.FormatBool(*(pdb.Spec.GetScript))}
-
-	if pdb.Spec.DropAction != "" {
-		values["action"] = pdb.Spec.DropAction
-	}
-
-	pdbName := pdb.Spec.PDBName
-	url := "https://" + pdb.Spec.CDBResName + "-ords." + pdb.Spec.CDBNamespace + ":" + strconv.Itoa(cdb.Spec.ORDSPort) + "/ords/_/db-api/latest/database/pdbs/" + pdbName + "/"
-
-	pdb.Status.Phase = pdbPhaseDelete
-	pdb.Status.Msg = "Waiting for PDB to be deleted"
-	if err := r.Status().Update(ctx, pdb); err != nil {
-		log.Error(err, "Failed to update status for :"+pdb.Name, "err", err.Error())
-	}
-	_, err = NewCallApi(r, ctx, req, pdb, url, values, "DELETE")
-	if err != nil {
-		pdb.Status.ConnString = ""
-		return err
-	}
-
-	log.Info("Successfully dropped PDB", "PDB Name", pdbName)
-	return nil
-}
-
-/*
-*************************************************************
-  - SetupWithManager sets up the controller with the Manager.
-    /************************************************************
-*/
-func (r *PDBReconciler) SetupWithManager(mgr ctrl.Manager) error {
-	return ctrl.NewControllerManagedBy(mgr).
-		For(&dbapi.PDB{}).
-		WithEventFilter(predicate.Funcs{
-			UpdateFunc: func(e event.UpdateEvent) bool {
-				// Ignore updates to CR status in which case metadata.Generation does not change
-				return e.ObjectOld.GetGeneration() != e.ObjectNew.GetGeneration()
-			},
-			DeleteFunc: func(e event.DeleteEvent) bool {
-				// Evaluates to false if the object has been confirmed deleted.
-				//return !e.DeleteStateUnknown
-				return false
-			},
-		}).
-		WithOptions(controller.Options{MaxConcurrentReconciles: 100}).
-		Complete(r)
-}
-
-/*************************************************************
-Enh 35357707 - PROVIDE THE PDB TNSALIAS INFORMATION
-**************************************************************/
-
-func ParseTnsAlias(tns *string, pdbsrv *string) {
-	var swaptns string
-	fmt.Printf("Analyzing string [%s]\n", *tns)
-	fmt.Printf("Relacing  srv [%s]\n", *pdbsrv)
-
-	if strings.Contains(strings.ToUpper(*tns), "SERVICE_NAME") == false {
-		fmt.Print("Cannot generate tns alias for pdb")
-		return
-	}
-
-	if strings.Contains(strings.ToUpper(*tns), "ORACLE_SID") == true {
-		fmt.Print("Cannot generate tns alias for pdb")
-		return
-	}
-
-	swaptns = fmt.Sprintf("SERVICE_NAME=%s", *pdbsrv)
-	tnsreg := regexp.MustCompile(`SERVICE_NAME=\w+`)
-	*tns = tnsreg.ReplaceAllString(*tns, swaptns)
-
-	fmt.Printf("Newstring [%s]\n", *tns)
-
-}
-
-func NewCallApi(intr interface{}, ctx context.Context, req ctrl.Request, pdb *dbapi.PDB, url string, payload map[string]string, action string) (string, error) {
-
-	var c client.Client
-	var r logr.Logger
-	var e record.EventRecorder
-	var err error
-
-	recpdb, ok1 := intr.(*PDBReconciler)
-	if ok1 {
-		fmt.Printf("func NewCallApi ((*PDBReconciler),......)\n")
-		c = recpdb.Client
-		e = recpdb.Recorder
-		r = recpdb.Log
-	}
-
-	reccdb, ok2 := intr.(*CDBReconciler)
-	if ok2 {
-		fmt.Printf("func NewCallApi ((*CDBReconciler),......)\n")
-		c = reccdb.Client
-		e = reccdb.Recorder
-		r = reccdb.Log
-	}
-
-	secret := &corev1.Secret{}
-
-	log := r.WithValues("NewCallApi", req.NamespacedName)
-	log.Info("Call c.Get")
-	err = c.Get(ctx, types.NamespacedName{Name: pdb.Spec.PDBTlsKey.Secret.SecretName, Namespace: pdb.Namespace}, secret)
-
-	if err != nil {
-		if apierrors.IsNotFound(err) {
-			log.Info("Secret not found:" + pdb.Spec.PDBTlsKey.Secret.SecretName)
-			return "", err
-		}
-		log.Error(err, "Unable to get the secret.")
-		return "", err
-	}
-	rsaKeyPEM := secret.Data[pdb.Spec.PDBTlsKey.Secret.Key]
-
-	err = c.Get(ctx, types.NamespacedName{Name: pdb.Spec.PDBTlsCrt.Secret.SecretName, Namespace: pdb.Namespace}, secret)
-
-	if err != nil {
-		if apierrors.IsNotFound(err) {
-			log.Info("Secret not found:" + pdb.Spec.PDBTlsCrt.Secret.SecretName)
-			return "", err
-		}
-		log.Error(err, "Unable to get the secret.")
-		return "", err
-	}
-
-	rsaCertPEM := secret.Data[pdb.Spec.PDBTlsCrt.Secret.Key]
-
-	err = c.Get(ctx, types.NamespacedName{Name: pdb.Spec.PDBTlsCat.Secret.SecretName, Namespace: pdb.Namespace}, secret)
-
-	if err != nil {
-		if apierrors.IsNotFound(err) {
-			log.Info("Secret not found:" + pdb.Spec.PDBTlsCat.Secret.SecretName)
-			return "", err
-		}
-		log.Error(err, "Unable to get the secret.")
-		return "", err
-	}
-
-	caCert := secret.Data[pdb.Spec.PDBTlsCat.Secret.Key]
-	/*
-		r.Recorder.Eventf(pdb, corev1.EventTypeWarning, "ORDSINFO", string(rsaKeyPEM))
-		r.Recorder.Eventf(pdb, corev1.EventTypeWarning, "ORDSINFO", string(rsaCertPEM))
-		r.Recorder.Eventf(pdb, corev1.EventTypeWarning, "ORDSINFO", string(caCert))
-	*/
-
-	certificate, err := tls.X509KeyPair([]byte(rsaCertPEM), []byte(rsaKeyPEM))
-	if err != nil {
-		pdb.Status.Msg = "Error tls.X509KeyPair"
-		return "", err
-	}
-
-	caCertPool := x509.NewCertPool()
-	caCertPool.AppendCertsFromPEM(caCert)
-
-	tlsConf := &tls.Config{Certificates: []tls.Certificate{certificate}, RootCAs: caCertPool}
-
-	tr := &http.Transport{TLSClientConfig: tlsConf}
-
-	httpclient := &http.Client{Transport: tr}
-
-	log.Info("Issuing REST call", "URL", url, "Action", action)
-
-	/*
-		cdb, err := r.getCDBResource(ctx, req, pdb)
-		if err != nil {
-			return "", err
-		}
-	*/
-
-	err = c.Get(ctx, types.NamespacedName{Name: pdb.Spec.WebServerUsr.Secret.SecretName, Namespace: pdb.Namespace}, secret)
-	if err != nil {
-		if apierrors.IsNotFound(err) {
-			log.Info("Secret not found:" + pdb.Spec.WebServerUsr.Secret.SecretName)
-			return "", err
-		}
-		log.Error(err, "Unable to get the secret.")
-		return "", err
-	}
-	webUserEnc := string(secret.Data[pdb.Spec.WebServerUsr.Secret.Key])
-	webUserEnc = strings.TrimSpace(webUserEnc)
-
-	err = c.Get(ctx, types.NamespacedName{Name: pdb.Spec.PDBPriKey.Secret.SecretName, Namespace: pdb.Namespace}, secret)
-	if err != nil {
-		if apierrors.IsNotFound(err) {
-			log.Info("Secret not found:" + pdb.Spec.PDBPriKey.Secret.SecretName)
-			return "", err
-		}
-		log.Error(err, "Unable to get the secret.")
-		return "", err
-	}
-	privKey := string(secret.Data[pdb.Spec.PDBPriKey.Secret.Key])
-	webUser, err := lrcommons.CommonDecryptWithPrivKey(privKey, webUserEnc, req)
-
-	// Get Web Server User Password
-	secret = &corev1.Secret{}
-	err = c.Get(ctx, types.NamespacedName{Name: pdb.Spec.WebServerPwd.Secret.SecretName, Namespace: pdb.Namespace}, secret)
-	if err != nil {
-		if apierrors.IsNotFound(err) {
-			log.Info("Secret not found:" + pdb.Spec.WebServerPwd.Secret.SecretName)
-			return "", err
-		}
-		log.Error(err, "Unable to get the secret.")
-		return "", err
-	}
-	webUserPwdEnc := string(secret.Data[pdb.Spec.WebServerPwd.Secret.Key])
-	webUserPwdEnc = strings.TrimSpace(webUserPwdEnc)
-	webUserPwd, err := lrcommons.CommonDecryptWithPrivKey(privKey, webUserPwdEnc, req)
-	///////////////////////////////////////////////////////////////////////////////////
-
-	var httpreq *http.Request
-	if action == "GET" {
-		httpreq, err = http.NewRequest(action, url, nil)
-	} else {
-		jsonValue, _ := json.Marshal(payload)
-		httpreq, err = http.NewRequest(action, url, bytes.NewBuffer(jsonValue))
-	}
-
-	if err != nil {
-		log.Info("Unable to create HTTP Request for PDB : "+pdb.Name, "err", err.Error())
-		return "", err
-	}
-
-	httpreq.Header.Add("Accept", "application/json")
-	httpreq.Header.Add("Content-Type", "application/json")
-	httpreq.SetBasicAuth(webUser, webUserPwd)
-
-	resp, err := httpclient.Do(httpreq)
-	if err != nil {
-		errmsg := err.Error()
-		log.Error(err, "Failed - Could not connect to ORDS Pod", "err", err.Error())
-		pdb.Status.Msg = "Error: Could not connect to ORDS Pod"
-		e.Eventf(pdb, corev1.EventTypeWarning, "ORDSError", errmsg)
-		return "", err
-	}
-
-	e.Eventf(pdb, corev1.EventTypeWarning, "Done", pdb.Spec.CDBResName)
-	if resp.StatusCode != http.StatusOK {
-		bb, _ := ioutil.ReadAll(resp.Body)
-
-		if resp.StatusCode == 404 {
-			pdb.Status.ConnString = ""
-			pdb.Status.Msg = pdb.Spec.PDBName + " not found"
-
-		} else {
-			if floodcontrol == false {
-				pdb.Status.Msg = "ORDS Error - HTTP Status Code:" + strconv.Itoa(resp.StatusCode)
-			}
-		}
-
-		if floodcontrol == false {
-			log.Info("ORDS Error - HTTP Status Code :"+strconv.Itoa(resp.StatusCode), "Err", string(bb))
-		}
-
-		var apiErr ORDSError
-		json.Unmarshal([]byte(bb), &apiErr)
-		if floodcontrol == false {
-			e.Eventf(pdb, corev1.EventTypeWarning, "ORDSError", "Failed: %s", apiErr.Message)
-		}
-		//fmt.Printf("%+v", apiErr)
-		//fmt.Println(string(bb))
-		floodcontrol = true
-		return "", errors.New("ORDS Error")
-	}
-	floodcontrol = false
-
-	defer resp.Body.Close()
-
-	bodyBytes, err := ioutil.ReadAll(resp.Body)
-	if err != nil {
-		fmt.Print(err.Error())
-	}
-	respData := string(bodyBytes)
-	//fmt.Println(string(bodyBytes))
-
-	var apiResponse RESTSQLCollection
-	json.Unmarshal([]byte(bodyBytes), &apiResponse)
-	//fmt.Printf("%#v", apiResponse)
-	//fmt.Printf("%+v", apiResponse)
-
-	errFound := false
-	for _, sqlItem := range apiResponse.Items {
-		if sqlItem.ErrorDetails != "" {
-			log.Info("ORDS Error - Oracle Error Code :" + strconv.Itoa(sqlItem.ErrorCode))
-			if !errFound {
-				pdb.Status.Msg = sqlItem.ErrorDetails
-			}
-			e.Eventf(pdb, corev1.EventTypeWarning, "OraError", "%s", sqlItem.ErrorDetails)
-			errFound = true
-		}
-	}
-
-	if errFound {
-		return "", errors.New("Oracle Error")
-	}
-
-	return respData, nil
-}
diff --git a/controllers/database/shardingdatabase_controller.go b/controllers/database/shardingdatabase_controller.go
index 1ec77253..3d3ca021 100644
--- a/controllers/database/shardingdatabase_controller.go
+++ b/controllers/database/shardingdatabase_controller.go
@@ -48,8 +48,6 @@ import (
 	"time"
 
 	"github.com/go-logr/logr"
-	"github.com/oracle/oci-go-sdk/v65/common"
-	"github.com/oracle/oci-go-sdk/v65/ons"
 	appsv1 "k8s.io/api/apps/v1"
 	corev1 "k8s.io/api/core/v1"
 	"k8s.io/apimachinery/pkg/api/errors"
@@ -71,15 +69,6 @@ import (
 	shardingv1 "github.com/oracle/oracle-database-operator/commons/sharding"
 )
 
-// Struct keeping Oracle Notification Server Info
-type OnsStatus struct {
-	Topicid         string                          `json:"topicid,omitempty"`
-	Instance        *databasev4.ShardingDatabase    `json:"instance,omitempty"`
-	OnsProvider     common.ConfigurationProvider    `json:"onsProvider,omitempty"`
-	OnsProviderFlag bool                            `json:"onsProviderFlag,omitempty"`
-	Rclient         ons.NotificationDataPlaneClient `json:"rclient,omitempty"`
-}
-
 // ShardingDatabaseReconciler reconciles a ShardingDatabase object
 type ShardingDatabaseReconciler struct {
 	client.Client
@@ -88,14 +77,10 @@ type ShardingDatabaseReconciler struct {
 	kubeClient kubernetes.Interface
 	kubeConfig clientcmd.ClientConfig
 	Recorder   record.EventRecorder
-	InCluster  bool
-	Namespace  string
 }
 
-var sentFailMsg = make(map[string]bool)
-var sentCompleteMsg = make(map[string]bool)
-
-var oshMap = make(map[string]*OnsStatus)
+var exportedTDEKeys bool = false
+var importedTDEKeys []bool
 
 // +kubebuilder:rbac:groups=database.oracle.com,resources=shardingdatabases,verbs=get;list;watch;create;update;patch;delete
 // +kubebuilder:rbac:groups=database.oracle.com,resources=shardingdatabases/status,verbs=get;update;patch
@@ -147,7 +132,7 @@ func (r *ShardingDatabaseReconciler) Reconcile(ctx context.Context, req ctrl.Req
 	}
 	// Fetch the ProvShard instance
 	instance := &databasev4.ShardingDatabase{}
-	err = r.Client.Get(context.TODO(), req.NamespacedName, instance)
+	err = r.Get(ctx, types.NamespacedName{Namespace: req.Namespace, Name: req.Name}, instance)
 	if err != nil {
 		if errors.IsNotFound(err) {
 			// Request object not found, could have been deleted after reconcile req.
@@ -158,12 +143,6 @@ func (r *ShardingDatabaseReconciler) Reconcile(ctx context.Context, req ctrl.Req
 		// Error reading the object - requeue the req.
 		return ctrl.Result{}, err
 	}
-
-	instFlag := r.checkProvInstance(instance)
-	if !instFlag {
-		oshMap[instance.Name] = &OnsStatus{}
-		oshMap[instance.Name].Instance = instance
-	}
 	defer r.setCrdLifeCycleState(instance, &result, &err, &stateType)
 	defer r.updateShardTopologyStatus(instance)
 	// =============================== Check Deletion TimeStamp========
@@ -182,23 +161,17 @@ func (r *ShardingDatabaseReconciler) Reconcile(ctx context.Context, req ctrl.Req
 		}
 	}
 
-	// ======== Setting the flag and Index to be used later in this function ========
-	//	instFlag = r.checkProvInstance(instance)
-	//	if !instFlag {
-	//r.setCrdLifeCycleState(instance, &result, &err, stateType)
-	////		result = resultNq
-	//		return result, fmt.Errorf("DId not find the instance in checkProvInstance")
-	//	}
-
-	// ================================  OCI Notification Provider ===========
-	r.getOnsConfigProvider(instance)
-
-	// =============================== Checking Namespace ==============
+	if len(importedTDEKeys) == 0 {
+		importedTDEKeys = make([]bool, int32(len(instance.Spec.Shard)), int32(len(instance.Spec.Shard)))
+		for i = 0; i < int32(len(instance.Spec.Shard)); i++ {
+			importedTDEKeys[i] = false
+			shardingv1.LogMessages("INFO", "Initializing importedTDEKeys to false", nil, instance, r.Log)
+		}
+	}
 
 	// ======================== Validate Specs ==============
 	err = r.validateSpex(instance)
 	if err != nil {
-		//r.setCrdLifeCycleState(instance, &result, &err, stateType)
 		result = resultNq
 		return result, err
 	}
@@ -384,6 +357,13 @@ func (r *ShardingDatabaseReconciler) Reconcile(ctx context.Context, req ctrl.Req
 			result = resultNq
 			return result, err
 		}
+
+		if shardingv1.CheckIsTDEWalletFlag(instance, r.Log) && !exportedTDEKeys {
+			exportTDEfname := "expTDEFile"
+			shardingv1.LogMessages("INFO", "Catalog calling ExportTDEKey", nil, instance, r.Log)
+			shardingv1.ExportTDEKey(OraCatalogSpex.Name+"-0", exportTDEfname, instance, r.kubeClient, r.kubeConfig, r.Log)
+			exportedTDEKeys = true
+		}
 	}
 
 	// ====================== Update Setup for Shard ==============================
@@ -403,6 +383,14 @@ func (r *ShardingDatabaseReconciler) Reconcile(ctx context.Context, req ctrl.Req
 				return result, err
 			}
 		}
+		if shardingv1.CheckIsTDEWalletFlag(instance, r.Log) && exportedTDEKeys {
+			importTDEfname := "impTDEFile"
+			shardingv1.LogMessages("INFO", "Calling ImportTDEKey()", nil, instance, r.Log)
+			if !importedTDEKeys[i] {
+				shardingv1.ImportTDEKey(OraShardSpex.Name+"-0", importTDEfname, instance, r.kubeClient, r.kubeConfig, r.Log)
+			}
+			importedTDEKeys[i] = true
+		}
 	}
 
 	// ====================== Update Setup for Gsm ==============================
@@ -455,51 +443,32 @@ func (r *ShardingDatabaseReconciler) eventFilterPredicate() predicate.Predicate
 			return true
 		},
 		UpdateFunc: func(e event.UpdateEvent) bool {
-			instance := &databasev4.ShardingDatabase{}
-			if old, ok := e.ObjectOld.(*corev1.Secret); ok {
-				if new, ok := e.ObjectNew.(*corev1.Secret); ok {
-					oshInst := instance
-					if (new.Name == oshInst.Spec.DbSecret.Name) && (new.Name == old.Name) {
-						_, ok := old.Data[oshInst.Spec.DbSecret.PwdFileName]
-						if ok {
-							if !reflect.DeepEqual(old.Data[oshInst.Spec.DbSecret.PwdFileName], new.Data[oshInst.Spec.DbSecret.PwdFileName]) {
-								shardingv1.LogMessages("INFO", "Secret Changed", nil, oshInst, r.Log)
-							}
-						}
-						shardingv1.LogMessages("INFO", "Secret update block", nil, oshInst, r.Log)
-					}
-				}
-			}
 			return true
 		},
 		DeleteFunc: func(e event.DeleteEvent) bool {
-			instance := &databasev4.ShardingDatabase{}
-			_, podOk := e.Object.GetLabels()["statefulset.kubernetes.io/pod-name"]
-			if oshMap[instance.Name] != nil {
-				oshInst := instance
-				if instance.DeletionTimestamp == nil {
-
-					if e.Object.GetLabels()[string(databasev4.ShardingDelLabelKey)] == string(databasev4.ShardingDelLabelTrueValue) {
-					}
-
-					if podOk {
-						delObj := e.Object.(*corev1.Pod)
-						if e.Object.GetLabels()["type"] == "Shard" && e.Object.GetLabels()["app"] == "OracleSharding" && e.Object.GetLabels()["oralabel"] == oshInst.Name {
-
-							if delObj.DeletionTimestamp != nil {
-								go r.gsmInvitedNodeOp(oshInst, delObj.Name)
-							}
-						}
-
-						if e.Object.GetLabels()["type"] == "Catalog" && e.Object.GetLabels()["app"] == "OracleSharding" && e.Object.GetLabels()["oralabel"] == oshInst.Name {
-
-							if delObj.DeletionTimestamp != nil {
-								go r.gsmInvitedNodeOp(oshInst, delObj.Name)
-							}
-						}
-					}
-				}
-			}
+			// //instance := &databasev4.ShardingDatabase{}
+			// _, podOk := e.Object.GetLabels()["statefulset.kubernetes.io/pod-name"]
+			// instance, _ := e.Object.DeepCopyObject().(*databasev4.ShardingDatabase)
+			// if e.Object.GetDeletionTimestamp() == nil {
+			// 	if e.Object.GetLabels()[string(databasev4.ShardingDelLabelKey)] == string(databasev4.ShardingDelLabelTrueValue) {
+			// 	}
+			// 	if podOk {
+			// 		delObj := e.Object.(*corev1.Pod)
+			// 		if e.Object.GetLabels()["type"] == "Shard" && e.Object.GetLabels()["app"] == "OracleSharding" && e.Object.GetLabels()["oralabel"] == instance.Name {
+			// 			if delObj.DeletionTimestamp != nil {
+			// 				go r.gsmInvitedNodeOp(instance, delObj.Name)
+			// 			}
+			// 		}
+
+			// 		if e.Object.GetLabels()["type"] == "Catalog" && e.Object.GetLabels()["app"] == "OracleSharding" && e.Object.GetLabels()["oralabel"] == instance.Name {
+
+			// 			if delObj.DeletionTimestamp != nil {
+			// 				go r.gsmInvitedNodeOp(instance, delObj.Name)
+			// 			}
+			// 		}
+			// 	}
+
+			// }
 			return true
 		},
 	}
@@ -524,59 +493,6 @@ func (r *ShardingDatabaseReconciler) UpdateSecret(instance *databasev4.ShardingD
 	return ctrl.Result{}, nil
 }
 
-// ================== Function to get the Notification controller ==============
-func (r *ShardingDatabaseReconciler) getOnsConfigProvider(instance *databasev4.ShardingDatabase) {
-	var err error
-	if instance.Spec.DbSecret.NsConfigMap != "" && instance.Spec.DbSecret.NsSecret != "" && oshMap[instance.Name].OnsProviderFlag != true {
-		cmName := instance.Spec.DbSecret.NsConfigMap
-		secName := instance.Spec.DbSecret.NsSecret
-		shardingv1.LogMessages("DEBUG", "Received parameters are "+shardingv1.GetFmtStr(cmName)+","+shardingv1.GetFmtStr(secName), nil, instance, r.Log)
-		region, user, tenancy, passphrase, fingerprint, topicid := shardingv1.ReadConfigMap(cmName, instance, r.Client, r.Log)
-		privatekey := shardingv1.ReadSecret(secName, instance, r.Client, r.Log)
-
-		oshMap[instance.Name].Topicid = topicid
-		oshMap[instance.Name].OnsProvider = common.NewRawConfigurationProvider(tenancy, user, region, fingerprint, privatekey, &passphrase)
-		//VV    instance.Spec.TopicId = topicid
-		oshMap[instance.Name].Rclient, err = ons.NewNotificationDataPlaneClientWithConfigurationProvider(oshMap[instance.Name].OnsProvider)
-		if err != nil {
-			msg := "Error occurred in getting the OCI notification service based client."
-			oshMap[instance.Name].OnsProviderFlag = false
-			r.Log.Error(err, msg)
-			shardingv1.LogMessages("Error", msg, nil, instance, r.Log)
-		} else {
-			oshMap[instance.Name].OnsProviderFlag = true
-		}
-	}
-}
-
-func (r ShardingDatabaseReconciler) marshalOnsInfo(instance *databasev4.ShardingDatabase) (OnsStatus, error) {
-	onsData := OnsStatus{}
-	specBytes, err := instance.GetLastSuccessfulOnsInfo()
-	if err != nil {
-		shardingv1.LogMessages("Error", "error occurred while getting the data from getLastSuccessfulOnsInfo", nil, instance, r.Log)
-		return onsData, err
-	} else {
-		shardingv1.LogMessages("Error", "error occurred while getting the data from getLastSuccessfulOnsInfo and unmarshaling the object", nil, instance, r.Log)
-		err := json.Unmarshal(specBytes, &onsData)
-		if err != nil {
-			return onsData, err
-		}
-	}
-	return onsData, nil
-}
-
-// ================== Function the Message  ==============
-func (r *ShardingDatabaseReconciler) sendMessage(instance *databasev4.ShardingDatabase, title string, body string) {
-	instFlag := r.checkProvInstance(instance)
-	if instFlag {
-		shardingv1.LogMessages("INFO", "sendMessage():instFlag true", nil, instance, r.Log)
-		if oshMap[instance.Name].OnsProviderFlag {
-			shardingv1.LogMessages("INFO", "sendMessage():OnsProviderFlag true", nil, instance, r.Log)
-			shardingv1.SendNotification(title, body, instance, oshMap[instance.Name].Topicid, oshMap[instance.Name].Rclient, r.Log)
-		}
-	}
-}
-
 func (r *ShardingDatabaseReconciler) publishEvents(instance *databasev4.ShardingDatabase, eventMsg string, state string) {
 
 	if state == string(databasev4.AvailableState) || state == string(databasev4.AddingShardState) || state == string(databasev4.ShardOnlineState) || state == string(databasev4.ProvisionState) || state == string(databasev4.DeletingState) || state == string(databasev4.Terminated) {
@@ -649,8 +565,6 @@ func (r *ShardingDatabaseReconciler) finalizeShardingDatabase(instance *database
 	var i int32
 	var err error
 	var pvcName string
-
-	r.checkProvInstance(instance)
 	sfSetFound := &appsv1.StatefulSet{}
 	svcFound := &corev1.Service{}
 	if len(instance.Spec.Shard) > 0 {
@@ -839,27 +753,9 @@ func (r *ShardingDatabaseReconciler) finalizeShardingDatabase(instance *database
 		}
 	}
 
-	oshMap[instance.Name].Instance = &databasev4.ShardingDatabase{}
-
 	return nil
 }
 
-// Get the current instance
-func (r *ShardingDatabaseReconciler) checkProvInstance(instance *databasev4.ShardingDatabase,
-) bool {
-
-	var status bool = false
-	if oshMap[instance.Name] != nil {
-		title := "checkProvInstance()"
-		message := "oshMap.Instance.Name=[" + oshMap[instance.Name].Instance.Name + "]. instance.Name=[" + instance.Name + "]."
-		shardingv1.LogMessages("INFO", title+":"+message, nil, instance, r.Log)
-		if oshMap[instance.Name].Instance.Name == instance.Name {
-			status = true
-		}
-	}
-	return status
-}
-
 // =========== validate Specs ============
 func (r *ShardingDatabaseReconciler) validateSpex(instance *databasev4.ShardingDatabase) error {
 
@@ -1567,14 +1463,7 @@ func (r *ShardingDatabaseReconciler) addPrimaryShards(instance *databasev4.Shard
 				if err != nil {
 					r.updateGsmShardStatus(instance, OraShardSpex.Name, string(databasev4.AddingShardErrorState))
 					title = instance.Namespace + ":Shard Addition Failure"
-					message = "TopicId:" + oshMap[instance.Name].Topicid + ":Error occurred during shard " + shardingv1.GetFmtStr(OraShardSpex.Name) + " addition."
 					shardingv1.LogMessages("Error", title+":"+message, nil, instance, r.Log)
-					msgKey := instance.Namespace + "-" + OraShardSpex.Name
-					if sentFailMsg[msgKey] != true {
-						r.sendMessage(instance, title, message)
-					}
-					sentFailMsg[msgKey] = true
-					sentCompleteMsg[msgKey] = false
 					deployFlag = false
 				}
 			}
@@ -1624,15 +1513,8 @@ func (r *ShardingDatabaseReconciler) verifyShards(instance *databasev4.ShardingD
 	// Following logic will sent a email only once
 	if oldStateStr != string(databasev4.ShardOnlineState) {
 		title = instance.Namespace + ":Shard Addition Completed"
-		message = "TopicId:" + oshMap[instance.Name].Topicid + ":Shard addition completed for shard " + shardingv1.GetFmtStr(shardSfSet.Name) + " in GSM."
+		message = ":Shard addition completed for shard " + shardingv1.GetFmtStr(shardSfSet.Name) + " in GSM."
 		shardingv1.LogMessages("INFO", title+":"+message, nil, instance, r.Log)
-		msgKey := instance.Namespace + "-" + shardSfSet.Name
-		if sentCompleteMsg[msgKey] != true {
-			r.sendMessage(instance, title, message)
-		}
-
-		sentCompleteMsg[msgKey] = true
-		sentFailMsg[msgKey] = false
 	}
 	return nil
 }
@@ -1653,8 +1535,6 @@ func (r *ShardingDatabaseReconciler) delGsmShard(instance *databasev4.ShardingDa
 	//gsmSfSet := &appsv1.StatefulSet{}
 	gsmPod := &corev1.Pod{}
 	var msg string
-	var title string
-	var message string
 	var setLifeCycleFlag = false
 
 	shardingv1.LogMessages("DEBUG", "Starting shard deletion operation.", nil, instance, r.Log)
@@ -1716,9 +1596,6 @@ func (r *ShardingDatabaseReconciler) delGsmShard(instance *databasev4.ShardingDa
 						err = shardingv1.MoveChunks(gsmPod.Name, sparams, instance, r.kubeClient, r.kubeConfig, r.Log)
 						if err != nil {
 							r.updateGsmShardStatus(instance, OraShardSpex.Name, string(databasev4.ChunkMoveError))
-							title = "Chunk Movement Failure"
-							message = "Error occurred during chunk movement in shard " + shardingv1.GetFmtStr(OraShardSpex.Name) + " deletion."
-							r.sendMessage(instance, title, message)
 							instance.Spec.Shard[i].IsDelete = "failed"
 							err = shardingv1.InstanceShardPatch(instance, instance, r.Client, i, "isDelete", "failed")
 							if err != nil {
@@ -1776,9 +1653,6 @@ func (r *ShardingDatabaseReconciler) delGsmShard(instance *databasev4.ShardingDa
 				r.delShard(instance, shardSfSet.Name, shardSfSet, shardPod, int(i))
 				r.updateGsmShardStatus(instance, OraShardSpex.Name, string(databasev4.Terminated))
 				r.updateShardStatus(instance, int(i), string(databasev4.Terminated))
-				title = "Shard Deletion Completed"
-				message = "Shard deletion completed for shard " + shardingv1.GetFmtStr(OraShardSpex.Name) + " in GSM."
-				r.sendMessage(instance, title, message)
 			}
 		}
 	}
diff --git a/controllers/database/singleinstancedatabase_controller.go b/controllers/database/singleinstancedatabase_controller.go
index 13f2ec6f..b9352d83 100644
--- a/controllers/database/singleinstancedatabase_controller.go
+++ b/controllers/database/singleinstancedatabase_controller.go
@@ -3241,6 +3241,7 @@ func (r *SingleInstanceDatabaseReconciler) manageConvPhysicalToSnapshot(ctx cont
 	if err != nil {
 		return requeueY, err
 	}
+
 	if sidbReadyPod.Name == "" {
 		log.Info("No ready Pod for the requested singleinstancedatabase")
 		return requeueY, nil
@@ -3248,25 +3249,30 @@ func (r *SingleInstanceDatabaseReconciler) manageConvPhysicalToSnapshot(ctx cont
 
 	if singleInstanceDatabase.Spec.ConvertToSnapshotStandby {
 		// Convert a PHYSICAL_STANDBY -> SNAPSHOT_STANDBY
-		singleInstanceDatabase.Status.Status = dbcommons.StatusUpdating
+		if singleInstanceDatabase.Status.Status != dbcommons.StatusPending {
+			singleInstanceDatabase.Status.Status = dbcommons.StatusUpdating
+		}
+
 		r.Status().Update(ctx, &singleInstanceDatabase)
 		if err := convertPhysicalStdToSnapshotStdDB(r, &singleInstanceDatabase, &sidbReadyPod, ctx, req); err != nil {
+			singleInstanceDatabase.Status.Status = dbcommons.StatusPending
+			r.Status().Update(ctx, &singleInstanceDatabase)
 			switch err {
 			case ErrNotPhysicalStandby:
-				r.Recorder.Event(&singleInstanceDatabase, corev1.EventTypeWarning, "Conversion to Snapshot Standby Not allowed", "Database not in physical standby role")
-				log.Info("Conversion to Snapshot Standby not allowed as database not in physical standby role")
+				r.Recorder.Event(&singleInstanceDatabase, corev1.EventTypeWarning, "Error: Conversion to Snapshot Standby Not allowed", "Database not in physical standby role")
+				log.Info("Error: Conversion to Snapshot Standby not allowed as database not in physical standby role")
 				return requeueY, nil
 			case ErrDBNotConfiguredWithDG:
 				// cannot convert to snapshot database
-				r.Recorder.Event(&singleInstanceDatabase, corev1.EventTypeWarning, "Conversion to Snapshot Standby Not allowed", "Database is not configured with dataguard")
+				r.Recorder.Event(&singleInstanceDatabase, corev1.EventTypeWarning, "Error: Conversion to Snapshot Standby Not allowed", "Database is not configured with dataguard")
 				log.Info("Conversion to Snapshot Standby not allowed as requested database is not configured with dataguard")
 				return requeueY, nil
 			case ErrFSFOEnabledForDGConfig:
-				r.Recorder.Event(&singleInstanceDatabase, corev1.EventTypeWarning, "Conversion to Snapshot Standby Not allowed", "Database is a FastStartFailover target")
+				r.Recorder.Event(&singleInstanceDatabase, corev1.EventTypeWarning, "Error: Conversion to Snapshot Standby Not allowed", "Database is a FastStartFailover target")
 				log.Info("Conversion to Snapshot Standby Not allowed as database is a FastStartFailover target")
 				return requeueY, nil
 			case ErrAdminPasswordSecretNotFound:
-				r.Recorder.Event(&singleInstanceDatabase, corev1.EventTypeWarning, "Admin Password", "Database admin password secret not found")
+				r.Recorder.Event(&singleInstanceDatabase, corev1.EventTypeWarning, "Error: Admin Password", "Database admin password secret not found")
 				log.Info("Database admin password secret not found")
 				return requeueY, nil
 			default:
diff --git a/controllers/dataguard/dataguard_utils.go b/controllers/dataguard/dataguard_utils.go
index 4c16f82b..a528dbdb 100644
--- a/controllers/dataguard/dataguard_utils.go
+++ b/controllers/dataguard/dataguard_utils.go
@@ -545,6 +545,8 @@ func patchService(r *DataguardBrokerReconciler, broker *dbapi.DataguardBroker, c
 				lbAddress = svc.Status.LoadBalancer.Ingress[0].IP
 			}
 			broker.Status.ExternalConnectString = lbAddress + ":" + fmt.Sprint(svc.Spec.Ports[0].Port) + "/DATAGUARD"
+		} else {
+			return errors.New("load balancer ingress IP not available")
 		}
 	} else {
 		nodeip := dbcommons.GetNodeIp(r, ctx, req)
diff --git a/controllers/dataguard/dataguardbroker_controller.go b/controllers/dataguard/dataguardbroker_controller.go
index 4d7ae044..6ed4e4d8 100644
--- a/controllers/dataguard/dataguardbroker_controller.go
+++ b/controllers/dataguard/dataguardbroker_controller.go
@@ -202,7 +202,7 @@ func (r *DataguardBrokerReconciler) Reconcile(ctx context.Context, req ctrl.Requ
 
 	// Update Status for broker and sidb resources
 	if err := updateReconcileStatus(r, &dataguardBroker, ctx, req); err != nil {
-		return ctrl.Result{Requeue: false}, err
+		return ctrl.Result{Requeue: true, RequeueAfter: 30 * time.Second}, err
 	}
 
 	dataguardBroker.Status.Status = dbcommons.StatusReady
diff --git a/controllers/observability/databaseobserver_controller.go b/controllers/observability/databaseobserver_controller.go
index e17ee0b3..468f35c5 100644
--- a/controllers/observability/databaseobserver_controller.go
+++ b/controllers/observability/databaseobserver_controller.go
@@ -197,7 +197,7 @@ func (r *DatabaseObserverReconciler) initialize(ctx context.Context, a *api.Data
 		})
 
 		a.Status.Status = string(constants.StatusObservabilityPending)
-		a.Status.ExporterConfig = constants.UnknownValue
+		a.Status.MetricsConfig = constants.UnknownValue
 		a.Status.Version = constants.UnknownValue
 		if e := r.Status().Update(ctx, a); e != nil {
 			r.Log.WithName(constants.LogReconcile).Error(e, constants.ErrorStatusUpdate)
@@ -212,42 +212,74 @@ func (r *DatabaseObserverReconciler) initialize(ctx context.Context, a *api.Data
 // validateSpecs method checks the values and secrets passed in the spec
 func (r *DatabaseObserverReconciler) validateSpecs(a *api.DatabaseObserver) error {
 
-	// If either Vault Fields are empty, then assume a DBPassword secret is supplied. If the DBPassword secret not found, then error out
-	if a.Spec.Database.DBPassword.VaultOCID == "" || a.Spec.Database.DBPassword.VaultSecretName == "" {
-		dbSecret := &corev1.Secret{}
-		if e := r.Get(context.TODO(), types.NamespacedName{Name: a.Spec.Database.DBPassword.SecretName, Namespace: a.Namespace}, dbSecret); e != nil {
-			r.Recorder.Event(a, corev1.EventTypeWarning, constants.EventReasonSpecError, constants.EventMessageSpecErrorDBPasswordSecretMissing)
+	// if Database Wallet is defined, validate resource
+
+	// if Sidecar volumes set, validate volumeSource
+
+	// if Custom Exporter is defined, validate resource
+	if exporterConfig := a.Spec.ExporterConfig.ConfigMap.Name; exporterConfig != "" {
+		configMap := &corev1.ConfigMap{}
+		resource := types.NamespacedName{Name: exporterConfig, Namespace: a.Namespace}
+
+		if e := r.Get(context.TODO(), resource, configMap); e != nil {
+			r.Recorder.Event(a, corev1.EventTypeWarning, constants.EventReasonSpecError, constants.EventMessageSpecErrorConfigMapSpecifiedMissing)
+			return e
+		}
+	}
+
+	// if metrics custom is set, check configMaps
+	for _, cm := range a.Spec.Metrics.Configmap {
+		configMap := &corev1.ConfigMap{}
+		resource := types.NamespacedName{Name: cm.Name, Namespace: a.Namespace}
+
+		if e := r.Get(context.TODO(), resource, configMap); e != nil {
+			r.Recorder.Event(a, corev1.EventTypeWarning, constants.EventReasonSpecError, constants.EventMessageSpecErrorConfigMapSpecifiedMissing)
 			return e
 		}
 	}
 
+	checked := map[string]bool{}
 	// Does DB Connection String Secret Name actually exist
-	dbConnectSecret := &corev1.Secret{}
-	if e := r.Get(context.TODO(), types.NamespacedName{Name: a.Spec.Database.DBConnectionString.SecretName, Namespace: a.Namespace}, dbConnectSecret); e != nil {
-		r.Recorder.Event(a, corev1.EventTypeWarning, constants.EventReasonSpecError, constants.EventMessageSpecErrorDBConnectionStringSecretMissing)
-		return e
+	if connectionString := a.Spec.Database.DBConnectionString.SecretName; connectionString != "" {
+		secret := &corev1.Secret{}
+		resource := types.NamespacedName{Name: connectionString, Namespace: a.Namespace}
+
+		if e := r.Get(context.TODO(), resource, secret); e != nil {
+			r.Recorder.Event(a, corev1.EventTypeWarning, constants.EventReasonSpecError, constants.EventMessageSpecErrorDBConnectionStringSecretMissing)
+			return e
+		}
+		checked[connectionString] = true
 	}
 
 	// Does DB User String Secret Name actually exist
-	dbUserSecret := &corev1.Secret{}
-	if e := r.Get(context.TODO(), types.NamespacedName{Name: a.Spec.Database.DBUser.SecretName, Namespace: a.Namespace}, dbUserSecret); e != nil {
-		r.Recorder.Event(a, corev1.EventTypeWarning, constants.EventReasonSpecError, constants.EventMessageSpecErrorDBPUserSecretMissing)
-		return e
+	if usernameString := a.Spec.Database.DBUser.SecretName; usernameString != "" && !checked[usernameString] {
+		secret := &corev1.Secret{}
+		resource := types.NamespacedName{Name: usernameString, Namespace: a.Namespace}
+
+		if e := r.Get(context.TODO(), resource, secret); e != nil {
+			r.Recorder.Event(a, corev1.EventTypeWarning, constants.EventReasonSpecError, constants.EventMessageSpecErrorDBPUserSecretMissing)
+			return e
+		}
+		checked[usernameString] = true
 	}
 
-	// Does a custom configuration configmap actually exist, if provided
-	if configurationCMName := a.Spec.ExporterConfig.Configmap.Name; configurationCMName != "" {
-		configurationCM := &corev1.ConfigMap{}
-		if e := r.Get(context.TODO(), types.NamespacedName{Name: configurationCMName, Namespace: a.Namespace}, configurationCM); e != nil {
-			r.Recorder.Event(a, corev1.EventTypeWarning, constants.EventReasonSpecError, constants.EventMessageSpecErrorConfigmapMissing)
+	// Does DB Password String Secret Name actually exist
+	if passwordString := a.Spec.Database.DBPassword.SecretName; passwordString != "" && !checked[passwordString] {
+		secret := &corev1.Secret{}
+		resource := types.NamespacedName{Name: passwordString, Namespace: a.Namespace}
+
+		if e := r.Get(context.TODO(), resource, secret); e != nil {
+			r.Recorder.Event(a, corev1.EventTypeWarning, constants.EventReasonSpecError, constants.EventMessageSpecErrorDBPwdSecretMissing)
 			return e
 		}
+		checked[passwordString] = true
 	}
 
 	// Does DBWallet actually exist, if provided
-	if dbWalletSecretName := a.Spec.Database.DBWallet.SecretName; dbWalletSecretName != "" {
-		dbWalletSecret := &corev1.Secret{}
-		if e := r.Get(context.TODO(), types.NamespacedName{Name: dbWalletSecretName, Namespace: a.Namespace}, dbWalletSecret); e != nil {
+	if walletString := a.Spec.Wallet.SecretName; walletString != "" {
+		secret := &corev1.Secret{}
+		resource := types.NamespacedName{Name: walletString, Namespace: a.Namespace}
+		if e := r.Get(context.TODO(), resource, secret); e != nil {
 			r.Recorder.Event(a, corev1.EventTypeWarning, constants.EventReasonSpecError, constants.EventMessageSpecErrorDBWalletSecretMissing)
 			return e
 		}
@@ -446,7 +478,7 @@ func (r *DatabaseObserverReconciler) validateDeploymentReadiness(a *api.Database
 		Message: constants.MessageExporterDeploymentSuccessful,
 	})
 	a.Status.Version = constants.GetExporterVersion(a)
-	a.Status.ExporterConfig = constants.GetExporterConfig(a)
+	a.Status.MetricsConfig = constants.GetMetricsConfig(a)
 	return ctrl.Result{}, nil
 }
 
@@ -471,6 +503,7 @@ func (r *DatabaseObserverReconciler) validateCustomResourceReadiness(ctx context
 			Message: constants.MessageCRValidationWaiting,
 		})
 		a.Status.Status = string(constants.StatusObservabilityPending)
+
 	} else if meta.IsStatusConditionFalse(a.Status.Conditions, constants.IsExporterDeploymentReady) ||
 		meta.IsStatusConditionFalse(a.Status.Conditions, constants.IsExporterServiceReady) ||
 		meta.IsStatusConditionFalse(a.Status.Conditions, constants.IsExporterServiceMonitorReady) {
diff --git a/controllers/observability/databaseobserver_resource.go b/controllers/observability/databaseobserver_resource.go
index 6be6f693..82febe43 100644
--- a/controllers/observability/databaseobserver_resource.go
+++ b/controllers/observability/databaseobserver_resource.go
@@ -40,8 +40,8 @@ func (resource *ObservabilityDeploymentResource) generate(a *api.DatabaseObserve
 	rReplicas := constants.GetExporterReplicas(a)
 	rEnvs := constants.GetExporterEnvs(a)
 
-	rLabels := constants.GetLabels(a, a.Spec.Exporter.Deployment.Labels)
-	rPodLabels := constants.GetLabels(a, a.Spec.Exporter.Deployment.DeploymentPodTemplate.Labels)
+	rLabels := constants.GetLabels(a, a.Spec.Deployment.Labels)
+	rPodLabels := constants.GetLabels(a, a.Spec.Deployment.DeploymentPodTemplate.Labels)
 	rSelector := constants.GetSelectorLabel(a)
 
 	rDeploymentSecurityContext := constants.GetExporterDeploymentSecurityContext(a)
@@ -108,7 +108,7 @@ func (resource *ObservabilityDeploymentResource) generate(a *api.DatabaseObserve
 
 func (resource *ObservabilityServiceResource) generate(a *api.DatabaseObserver, scheme *runtime.Scheme) (*unstructured.Unstructured, error) {
 	rServiceName := a.Name
-	rLabels := constants.GetLabels(a, a.Spec.Exporter.Service.Labels)
+	rLabels := constants.GetLabels(a, a.Spec.Service.Labels)
 	rSelector := constants.GetSelectorLabel(a)
 	rPorts := constants.GetExporterServicePort(a)
 
@@ -141,7 +141,7 @@ func (resource *ObservabilityServiceMonitorResource) generate(a *api.DatabaseObs
 	rEndpoints := constants.GetEndpoints(a)
 
 	rSelector := constants.GetSelectorLabel(a)
-	rLabels := constants.GetLabels(a, a.Spec.Prometheus.ServiceMonitor.Labels)
+	rLabels := constants.GetLabels(a, a.Spec.ServiceMonitor.Labels)
 
 	smSpec := monitorv1.ServiceMonitorSpec{
 		Endpoints: rEndpoints,
diff --git a/docs/adb/ACD.md b/docs/adb/ACD.md
index 81ee1a65..5f06eb56 100644
--- a/docs/adb/ACD.md
+++ b/docs/adb/ACD.md
@@ -1,10 +1,10 @@
 # Managing Oracle Autonomous Container Databases on Dedicated Exadata Infrastructure
 
-Oracle Database Operator for Kubernetes (`OraOperator`) includes the Oracle Autonomous Container Database Controller. Autonomous Container Database is one of the resources of Oracle Autonomous Database dedicated Exadata infrastructure feature. You can create multiple Autonomous Container Database resources in a single Autonomous Exadata VM Cluster resource, but you must create at least one before you can create any Autonomous Databases.
+Oracle Database Operator for Kubernetes (`OraOperator`) includes the Oracle Autonomous Container Database Controller. Autonomous Container Database is one of the resources of the Oracle Autonomous Database on Dedicated Exadata Infrastructure feature. You can create multiple Autonomous Container Database resources in a single Autonomous Exadata VM Cluster resource, but you must create at least one before you can create any Autonomous Databases.
 
-Before you use the Oracle Database Operator for Kubernetes (the operator), ensure your system meets all of the Oracle Autonomous Database (ADB) Prerequisites [ADB_PREREQUISITES](./../adb/ADB_PREREQUISITES.md).
+Before you use the Oracle Database Operator for Kubernetes (the operator), ensure that your system meets all of the Oracle Autonomous Database (ADB) Prerequisites [ADB_PREREQUISITES](./../adb/ADB_PREREQUISITES.md).
 
-As indicated in the prerequisites (see above), to interact with OCI services, either the cluster has to be authorized using Principal Instance, or using the API Key Authentication by specifying the configMap and the secret under the `ociConfig` field.
+As indicated in the prerequisites (see above), to interact with OCI services, either the cluster must be authorized by using Principal Instance, or by using the API Key Authentication and specifying the configMap and the secret under the `ociConfig` field.
 
 ## Required Permissions
 
diff --git a/docs/adb/ADB_LONG_TERM_BACKUP.md b/docs/adb/ADB_LONG_TERM_BACKUP.md
index 312dac0d..37c8611e 100644
--- a/docs/adb/ADB_LONG_TERM_BACKUP.md
+++ b/docs/adb/ADB_LONG_TERM_BACKUP.md
@@ -14,8 +14,8 @@ To back up an Autonomous Database, complete this procedure.
     | `spec.displayName` | string | The user-friendly name for the backup. This name does not have to be unique. | Yes |
     | `spec.isLongTermBackup` | boolean | Indicates whether the backup is long-term. | Yes |
     | `spec.retentionPeriodInDays` | string | Retention period, in days, for long-term backups. Minimum retention period is 90 days. | Yes |
-    | `spec.target.k8sADB.name` | string | The name of custom resource of the target Autonomous Database. Choose either the `spec.target.k8sADB.name` or the `spec.target.ociADB.ocid`, but not both. | Conditional |
-    | `spec.target.ociADB.ocid` | string | The [OCID](https://docs.cloud.oracle.com/Content/General/Concepts/identifiers.htm) of the target AutonomousDatabase. Choose either the `spec.target.k8sADB.name` or the `spec.target.ociADB.ocid`, but not both. | Conditional |
+    | `spec.target.k8sAdb.name` | string | The name of custom resource of the target Autonomous Database. Choose either the `spec.target.k8sAdb.name` or the `spec.target.ociAdb.id`, but not both. | Conditional |
+    | `spec.target.ociAdb.id` | string | The [OCID](https://docs.cloud.oracle.com/Content/General/Concepts/identifiers.htm) of the target AutonomousDatabase. Choose either the `spec.target.k8sAdb.name` or the `spec.target.ociAdb.id`, but not both. | Conditional |
     | `spec.ociConfig` | dictionary | Not required when the Operator is authorized with [Instance Principal](./ADB_PREREQUISITES.md#authorized-with-instance-principal). Otherwise, you will need the values from this section: [Authorized with API Key Authentication](./ADB_PREREQUISITES.md#authorized-with-api-key-authentication). | Conditional |
     | `spec.ociConfig.configMapName` | string | Name of the ConfigMap that holds the local OCI configuration | Conditional |
     | `spec.ociConfig.secretName`| string | Name of the Kubernetes (K8s) Secret that holds the private key value | Conditional |
@@ -28,11 +28,11 @@ To back up an Autonomous Database, complete this procedure.
       name: autonomousdatabasebackup-sample
     spec:
       target:
-        k8sADB:
+        k8sAdb:
           name: autonomousdatabase-sample
         # # Uncomment the below block if you use ADB OCID as the input of the target ADB
-        # ociADB:
-        #   ocid: ocid1.autonomousdatabase...
+        # ociAdb:
+        #   id: ocid1.autonomousdatabase...
       displayName: autonomousdatabasebackup-sample
       isLongTermBackup: true
       retentionPeriodInDays: 90
diff --git a/docs/adb/ADB_RESTORE.md b/docs/adb/ADB_RESTORE.md
index 7a80090a..9d607787 100644
--- a/docs/adb/ADB_RESTORE.md
+++ b/docs/adb/ADB_RESTORE.md
@@ -11,10 +11,10 @@ To restore an Autonomous Database from a backup, or by using point-in-time resto
 1. Add the following fields to the AutonomousDatabaseBackup resource definition. An example `.yaml` file is available here: [`config/samples/adb/autonomousdatabase_restore.yaml`](./../../config/samples/adb/autonomousdatabase_restore.yaml)
     | Attribute | Type | Description | Required? |
     |----|----|----|----|
-    | `spec.target.k8sADB.name` | string | The name of custom resource of the target Autonomous Database (`AutonomousDatabase`). Choose either the `spec.target.k8sADB.name` or the `spec.target.ociADB.ocid`, but not both. | Conditional |
-    | `spec.target.ociADB.ocid` | string | The [OCID](https://docs.cloud.oracle.com/Content/General/Concepts/identifiers.htm) of the target `AutonomousDatabase`. Choose either the `spec.target.k8sADB.name` or the `spec.target.ociADB.ocid`, but not both. | Conditional |
-    | `spec.source.k8sADBBackup.name` | string | The name of custom resource of the `AutonomousDatabaseBackup` that you want to restore from. Choose either the `spec.source.k8sADBBackup.name` or the `spec.source.pointInTime.timestamp`, but not both. | Conditional |
-    | `spec.source.pointInTime.timestamp` | string | The timestamp to specify the point in time to which you want the database restored. Your Autonomous Database identifies which backup to use for the fastest restore. The timestamp must follow this format: YYYY-MM-DD HH:MM:SS GMT. Choose either the `spec.source.k8sADBBackup.name` or the `spec.source.pointInTime.timestamp`, but not both. | Conditional |
+    | `spec.target.k8sAdb.name` | string | The name of custom resource of the target Autonomous Database (`AutonomousDatabase`). Choose either the `spec.target.k8sAdb.name` or the `spec.target.ociAdb.id`, but not both. | Conditional |
+    | `spec.target.ociAdb.id` | string | The [OCID](https://docs.cloud.oracle.com/Content/General/Concepts/identifiers.htm) of the target `AutonomousDatabase`. Choose either the `spec.target.k8sAdb.name` or the `spec.target.ociAdb.id`, but not both. | Conditional |
+    | `spec.source.k8sAdbBackup.name` | string | The name of custom resource of the `AutonomousDatabaseBackup` that you want to restore from. Choose either the `spec.source.k8sAdbBackup.name` or the `spec.source.pointInTime.timestamp`, but not both. | Conditional |
+    | `spec.source.pointInTime.timestamp` | string | The timestamp to specify the point in time to which you want the database restored. Your Autonomous Database identifies which backup to use for the fastest restore. The timestamp must follow this format: YYYY-MM-DD HH:MM:SS GMT. Choose either the `spec.source.k8sAdbBackup.name` or the `spec.source.pointInTime.timestamp`, but not both. | Conditional |
     | `spec.ociConfig` | dictionary | Not required when the Operator is authorized with [Instance Principal](./ADB_PREREQUISITES.md#authorized-with-instance-principal). Otherwise, you will need the values from this section: [Authorized with API Key Authentication](./ADB_PREREQUISITES.md#authorized-with-api-key-authentication). | Conditional |
     | `spec.ociConfig.configMapName` | string | Name of the `ConfigMap` that holds the local OCI configuration | Conditional |
     | `spec.ociConfig.secretName`| string | Name of the Kubernetes (K8s) Secret that holds the private key value | Conditional |
@@ -27,13 +27,13 @@ To restore an Autonomous Database from a backup, or by using point-in-time resto
       name: autonomousdatabaserestore-sample
     spec:
       target:
-        k8sADB:
+        k8sAdb:
           name: autonomousdatabase-sample
         # # Uncomment the below block if you use ADB OCID as the input of the target ADB
-        # ociADB:
-        #   ocid: ocid1.autonomousdatabase...
+        # ociAdb:
+        #   id: ocid1.autonomousdatabase...
       source:
-        k8sADBBackup: 
+        k8sAdbBackup: 
           name: autonomousdatabasebackup-sample
         # # Uncomment the following field to perform point-in-time restore
         # pointInTime: 
diff --git a/docs/adb/NETWORK_ACCESS_OPTIONS.md b/docs/adb/NETWORK_ACCESS_OPTIONS.md
index e7eb0a56..e945df04 100644
--- a/docs/adb/NETWORK_ACCESS_OPTIONS.md
+++ b/docs/adb/NETWORK_ACCESS_OPTIONS.md
@@ -17,7 +17,7 @@ Review the following options available to you with Autonomous Database.
 
 ## Configuring Network Access with Allowing Secure Access from Anywhere
 
-Before changing the Network Access to Allowing Secure Access from Anywhere, ensure that your network security protocol requries only mTLS (Mutual TLS) authentication. For more details, see: [Allow both TLS and mutual TLS (mTLS) authentication](#allow-both-tls-and-mutual-tls-mtls-authentication). If mTLS enforcement is already enabled on your Autonomous Database, then you can skip this step.
+Before changing the Network Access to Allowing Secure Access from Anywhere, ensure that the enforcement mTLS (Mutual TLS) authentication is set to **true** in your network security protocol. For more details, see: [Allow both TLS and mutual TLS (mTLS) authentication](#allow-both-tls-and-mutual-tls-mtls-authentication). If mTLS enforcement is already enabled on your Autonomous Database, then you can skip this step.
 
 To specify that Autonomous Database can be connected from any location with a valid credential, complete one of the following procedures, based on your network access configuration.
 
@@ -58,7 +58,7 @@ To specify that Autonomous Database can be connected from any location with a va
 
     | Attribute | Type | Description |
     |----|----|----|
-    | `privateEndpointLabel` | string | The hostname prefix for the resource. |
+    | `privateEndpointLabel` | string | The resource's private endpoint label.<br> - Setting the endpoint label to a non-empty string creates a private endpoint database.<br> - Resetting the endpoint label to an empty string, after the creation of the private endpoint database, changes the private endpoint database to a public endpoint database.<br> - Setting the endpoint label to a non-empty string value, updates to a new private endpoint database, when the database is disabled and re-enabled.<br><br>This setting cannot be updated in parallel with any of the following: licenseModel, dbEdition, cpuCoreCount, computeCount, computeModel, adminPassword, whitelistedIps, isMTLSConnectionRequired, dbWorkload, dbVersion, isRefreshable, dbName, scheduledOperations, dbToolsDetails, or isFreeTier. |
 
     ```yaml
     ---
@@ -104,14 +104,13 @@ To configure Network Access with ACLs, complete this procedure.
       action: Update
       details:
         autonomousDatabaseOCID: ocid1.autonomousdatabase...
-        networkAccess:
-          # Restrict access by defining access control rules in an Access Control List (ACL).
-          whitelistedIps:
-          - 1.1.1.1
-          - 1.1.0.0/16
-          - ocid1.vcn...
-          - ocid1.vcn...;1.1.1.1
-          - ocid1.vcn...;1.1.0.0/16
+        # Restrict access by defining access control rules in an Access Control List (ACL).
+        whitelistedIps:
+        - 1.1.1.1
+        - 1.1.0.0/16
+        - ocid1.vcn...
+        - ocid1.vcn...;1.1.1.1
+        - ocid1.vcn...;1.1.0.0/16
       ociConfig:
         configMapName: oci-cred
         secretName: oci-privatekey
diff --git a/docs/adb/README.md b/docs/adb/README.md
index e8164697..15e78a2c 100644
--- a/docs/adb/README.md
+++ b/docs/adb/README.md
@@ -2,11 +2,14 @@
 
 Before you use the Oracle Database Operator for Kubernetes (the operator), ensure that your system meets all of the Oracle Autonomous Database (ADB) Prerequisites [ADB_PREREQUISITES](./ADB_PREREQUISITES.md).
 
-As indicated in the prerequisites (see above), to interact with OCI services, either the cluster must be authorized using Principal Instance, or the cluster must be authorized using the API Key Authentication by specifying the configMap and the secret under the `ociConfig` field.
+To allow your Kubernetes cluster to interact with OCI services, your cluster must be authorized with one of the following: 
+- Instance Principal authentication
+- API Key Authentication (specify the required configMap and Secret under `ociConfig`).
+
 
 ## Required Permissions
 
-The operator must be given the required type of access in a policy written by an administrator to manage the Autonomous Databases. For examples of Autonomous Database policies, see: [Let database and fleet admins manage Autonomous Databases](https://docs.oracle.com/en-us/iaas/Content/Identity/Concepts/commonpolicies.htm#db-admins-manage-adb)
+The operator requires appropriate OCI policies, written by an administrator, to manage Autonomous Databases. For examples of Autonomous Database policies, see: [Let database and fleet admins manage Autonomous Databases](https://docs.oracle.com/en-us/iaas/Content/Identity/Concepts/commonpolicies.htm#db-admins-manage-adb)
 
 Permissions to view the work requests are also required, so that the operator can update the resources when the work is done. For example work request policies, see: [Viewing Work Requests](https://docs.oracle.com/en-us/iaas/Content/ContEng/Tasks/contengviewingworkrequests.htm#contengviewingworkrequests) 
 
@@ -26,6 +29,8 @@ After you create the resource, you can use the operator to perform the following
 * [Stop/Start/Terminate](#stopstartterminate) an Autonomous Database
 * [Delete the resource](#delete-the-resource) from the cluster
 * [Clone](#clone-an-existing-autonomous-database) an existing Autonomous Database
+* [Switchover](#switchover-an-existing-autonomous-database) an existing Autonomous Database
+* [Perform Manual Failover](#manually-failover-an-existing-autonomous-database) to an existing Autonomous Database
 
 To debug the Oracle Autonomous Databases with Oracle Database Operator, see [Debugging and troubleshooting](#debugging-and-troubleshooting)
 
@@ -113,7 +118,8 @@ To provision an Autonomous Database that will map objects in your cluster, compl
         compartmentId: ocid1.compartment...
         dbName: NewADB
         displayName: NewADB
-        cpuCoreCount: 1
+        computeModel: ECPU
+        computeCount: 1
         adminPassword:
           k8sSecret:
             name: admin-password # use the name of the secret from step 2
@@ -187,7 +193,7 @@ The operator also generates the `AutonomousBackup` custom resources if a databas
 
 > Note: this operation requires an `AutonomousDatabase` object to be in your cluster. To use this example, either the provision operation or the bind operation must be completed, and the operator must be authorized with API Key Authentication.
 
-You can scale up or scale down the Oracle Autonomous Database OCPU core count or storage by updating the `cpuCoreCount` and `dataStorageSizeInTBs` parameters. The `isAutoScalingEnabled` indicates whether auto scaling is enabled. In this example, the CPU count and storage size (TB) are scaled up to 2 and the auto-scaling is turned off by updating the `autonomousdatabase-sample` custom resource.
+You can scale up or scale down the Oracle Autonomous Database OCPU core count or storage by updating the `computeCount` and `dataStorageSizeInTBs` parameters. The `isAutoScalingEnabled` indicates whether auto scaling is enabled. In this example, the CPU count and storage size (TB) are scaled up to 2 and the auto-scaling is turned off by updating the `autonomousdatabase-sample` custom resource.
 
 1. An example YAML file is available here: [config/samples/adb/autonomousdatabase_scale.yaml](./../../config/samples/adb/autonomousdatabase_scale.yaml)
 
@@ -201,7 +207,7 @@ You can scale up or scale down the Oracle Autonomous Database OCPU core count or
       action: Update
       details:
         id: ocid1.autonomousdatabase...
-        cpuCoreCount: 2
+        computeCount: 2
         dataStorageSizeInTBs: 2
         isAutoScalingEnabled: false
       ociConfig:
@@ -310,7 +316,7 @@ A client Wallet is required to connect to a shared Oracle Autonomous Database. U
 
     \* The password must be at least 8 characters long and must include at least 1 letter and either 1 numeric character or 1 special character.
 
-2. Update the example [config/samples/adb/autonomousdatabase_wallet.yaml](./../../config/samples/adb/autonomousdatabase_wallet.yaml)
+2. Update the example [config/samples/adb/autonomousdatabase_download_wallet.yaml](./../../config/samples/adb/autonomousdatabase_download_wallet.yaml)
 
     ```yaml
     ---
@@ -487,7 +493,8 @@ To clone an existing Autonomous Database, complete these steps:
         compartmentId: ocid1.compartment... OR ocid1.tenancy...
         dbName: ClonedADB
         displayName: ClonedADB
-        cpuCoreCount: 1
+        computeModel: ECPU
+        computeCount: 1
         adminPassword:
           k8sSecret:
             name: admin-password
@@ -508,6 +515,78 @@ To clone an existing Autonomous Database, complete these steps:
 
 Now, you can verify that a cloned database with name "ClonedADB" is being provisioned on the Cloud Console.
 
+## Switchover an existing Autonomous Database
+
+> Note: this operation requires an `AutonomousDatabase` object to be in your cluster. This example assumes the provision operation or the bind operation has been done by the users and the operator is authorized with API Key Authentication.
+
+To switchover an existing Autonomous Database, complete these steps:
+
+1. Add the following fields to the AutonomousDatabase resource definition. An example YAML file is available here: [config/samples/adb/autonomousdatabase_switchover.yaml](./../../config/samples/adb/autonomousdatabase_switchover.yaml)
+    | Attribute | Type | Description | Required? |
+    |----|----|----|----|
+    | `spec.details.id` | string | The [OCID](https://docs.cloud.oracle.com/Content/General/Concepts/identifiers.htm) of the source Autonomous Database that you will clone to create a new Autonomous Database. | Yes |
+    | `spec.ociConfig` | dictionary | Not required when the Operator is authorized with [Instance Principal](./ADB_PREREQUISITES.md#authorized-with-instance-principal). Otherwise, you will need the values from the [Authorized with API Key Authentication](./ADB_PREREQUISITES.md#authorized-with-api-key-authentication) section. | Conditional |
+    | `spec.ociConfig.configMapName` | string | Name of the ConfigMap that holds the local OCI configuration | Conditional |
+    | `spec.ociConfig.secretName`| string | Name of the K8s Secret that holds the private key value | Conditional |
+
+    ```yaml
+    ---
+    apiVersion: database.oracle.com/v4
+    kind: AutonomousDatabase
+    metadata:
+      name: autonomousdatabase-sample
+    spec:
+      action: Switchover
+      details:
+        id: ocid1.autonomousdatabase...
+      ociConfig:
+        configMapName: oci-cred
+        secretName: oci-privatekey
+    ```
+
+2. Apply the yaml
+
+    ```sh
+    kubectl apply -f config/samples/adb/autonomousdatabase_switchover.yaml
+    autonomousdatabase.database.oracle.com/autonomousdatabase-sample configured
+    ```
+
+## Manually failover an existing Autonomous Database
+
+> Note: this operation requires an `AutonomousDatabase` object to be in your cluster. This example assumes the provision operation or the bind operation has been done by the users and the operator is authorized with API Key Authentication.
+
+To manually failover an existing Autonomous Database, complete these steps:
+
+1. Add the following fields to the AutonomousDatabase resource definition. An example YAML file is available here: [config/samples/adb/autonomousdatabase_manual_failover.yaml](./../../config/samples/adb/autonomousdatabase_manual_failover.yaml)
+    | Attribute | Type | Description | Required? |
+    |----|----|----|----|
+    | `spec.details.id` | string | The [OCID](https://docs.cloud.oracle.com/Content/General/Concepts/identifiers.htm) of the source Autonomous Database that you will clone to create a new Autonomous Database. | Yes |
+    | `spec.ociConfig` | dictionary | Not required when the Operator is authorized with [Instance Principal](./ADB_PREREQUISITES.md#authorized-with-instance-principal). Otherwise, you will need the values from the [Authorized with API Key Authentication](./ADB_PREREQUISITES.md#authorized-with-api-key-authentication) section. | Conditional |
+    | `spec.ociConfig.configMapName` | string | Name of the ConfigMap that holds the local OCI configuration | Conditional |
+    | `spec.ociConfig.secretName`| string | Name of the K8s Secret that holds the private key value | Conditional |
+
+    ```yaml
+    ---
+    apiVersion: database.oracle.com/v4
+    kind: AutonomousDatabase
+    metadata:
+      name: autonomousdatabase-sample
+    spec:
+      action: Failover
+      details:
+        id: ocid1.autonomousdatabase...
+      ociConfig:
+        configMapName: oci-cred
+        secretName: oci-privatekey
+    ```
+
+2. Apply the yaml
+
+    ```sh
+    kubectl apply -f config/samples/adb/autonomousdatabase_failover.yaml
+    autonomousdatabase.database.oracle.com/autonomousdatabase-sample configured
+    ```
+
 ## Roles and Privileges requirements for Oracle Autonomous Database Controller
 
 Autonomous Database controller uses Kubernetes objects such as:
@@ -520,6 +599,18 @@ Autonomous Database controller uses Kubernetes objects such as:
 
 The defintion of all the Kubernetes Objects, which are to be used by the Oracle Autonomous Database Controller, comes from the `oracle-database-operator.yaml` file which is applied to deploy the **Oracle Database Operator**.
 
+## OpenShift Support
+
+The Autonomous Database (ADB) Controller has been tested on OpenShift clusters and verified to work with the following use cases:
+
+* **Create** – Provision a new Autonomous Database
+* **Sync (Binding)** – Synchronize with existing Autonomous Database resources
+* **Update** – Apply configuration changes
+* **Stop** – Stop an Autonomous Database instance
+* **Start** – Start an Autonomous Database instance
+* **Terminate** – Delete an Autonomous Database instance
+* **Clone** – Create a clone from an existing Autonomous Database
+
 ## Debugging and troubleshooting
 
 ### Show the details of the resource
@@ -547,3 +638,24 @@ To check the logs, use these steps:
     ```sh
     kubectl logs -f pod/oracle-database-operator-controller-manager-78666fdddb-s4xcm -n oracle-database-operator-system
     ```
+
+## Known Issues
+
+### Failed to validate Wallet: "read-only file system"
+
+In some environments, e.g. OKE using the Operator add-on, the operator fails to validate the wallet due to encountering a **read-only file system** error. This prevents successful wallet validation and can disrupt operator functionality.
+
+For example, logs from the controller pod may show:
+
+```text
+"error": "Failed to validate Wallet: open /tmp/wallet1208873634.zip: read-only file system"
+```
+
+#### Workaround
+
+* Ensure wallet directories and mounted volumes have correct **read-write** permissions.
+* Confirm that file system mounts used by the operator are writable.
+
+#### Reference
+
+See GitHub issue **#193** in the [oracle-database-operator repository](https://github.com/oracle/oracle-database-operator/issues/193) for details and steps to work around.
diff --git a/docs/config/samples/orestart/custom-kubeletconfig.yaml b/docs/config/samples/orestart/custom-kubeletconfig.yaml
new file mode 100644
index 00000000..7549ae2a
--- /dev/null
+++ b/docs/config/samples/orestart/custom-kubeletconfig.yaml
@@ -0,0 +1,13 @@
+apiVersion: machineconfiguration.openshift.io/v1
+kind: KubeletConfig
+metadata:
+  name: enable-unsafe-sysctls
+spec:
+  machineConfigPoolSelector:
+    matchLabels:
+      custom-kubelet: enable-unsafe-sysctls
+  kubeletConfig:
+    allowedUnsafeSysctls:
+      - "kernel.shm*"
+      - "kernel.sem"
+      - "net.*"
\ No newline at end of file
diff --git a/docs/config/samples/orestart/custom-scc.yaml b/docs/config/samples/orestart/custom-scc.yaml
new file mode 100644
index 00000000..92facf67
--- /dev/null
+++ b/docs/config/samples/orestart/custom-scc.yaml
@@ -0,0 +1,50 @@
+apiVersion: security.openshift.io/v1
+kind: SecurityContextConstraints
+metadata:
+  name: custom-scc
+allowPrivilegedContainer: true
+allowedCapabilities:
+  - '*'
+allowedUnsafeSysctls:
+  - kernel.shm*
+  - net.*
+  - kernel.sem
+runAsUser:
+  type: RunAsAny
+seLinuxContext:
+  type: RunAsAny
+supplementalGroups:
+  type: RunAsAny
+fsGroup:
+  type: RunAsAny
+volumes:
+  - awsElasticBlockStore
+  - azureDisk
+  - azureFile
+  - cephFS
+  - cinder
+  - configMap
+  - csi
+  - downwardAPI
+  - emptyDir
+  - ephemeral
+  - fc
+  - flexVolume
+  - flocker
+  - gcePersistentDisk
+  - gitRepo
+  - glusterfs
+  - hostPath
+  - image
+  - iscsi
+  - nfs
+  - persistentVolumeClaim
+  - photonPersistentDisk
+  - portworxVolume
+  - projected
+  - quobyte
+  - rbd
+  - scaleIO
+  - secret
+  - storageOS
+  - vsphere
\ No newline at end of file
diff --git a/docs/dbcs/README.md b/docs/dbcs/README.md
index 2c06511c..4be4e95a 100644
--- a/docs/dbcs/README.md
+++ b/docs/dbcs/README.md
@@ -44,7 +44,8 @@ default                           Active   118d
 kube-node-lease                   Active   118d
 kube-public                       Active   118d
 kube-system                       Active   118d
-oracle-database-operator-system   Active   10m    <<<< namespace to deploy the Oracle Database Operator
+oracle-database-operator-system   Active   10m   # <<<< NAMESPACE TO DEPLOY ORACLE DB OPERATOR 
+
  
  
 [root@test-server oracle-database-operator]# kubectl get all -n  oracle-database-operator-system
@@ -73,7 +74,7 @@ certificaterequests.cert-manager.io              2022-02-22T23:21:35Z
 certificates.cert-manager.io                     2022-02-22T23:21:36Z
 challenges.acme.cert-manager.io                  2022-02-22T23:21:36Z
 clusterissuers.cert-manager.io                   2022-02-22T23:21:36Z
-dbcssystems.database.oracle.com                  2022-02-22T23:23:25Z  <<<< CRD for OBDS Controller
+dbcssystems.database.oracle.com                  2022-02-22T23:23:25Z  # <<<< CRD for OBDS Controller
 issuers.cert-manager.io                          2022-02-22T23:21:36Z
 orders.acme.cert-manager.io                      2022-02-22T23:21:37Z
 shardingdatabases.database.oracle.com            2022-02-22T23:23:25Z
@@ -107,21 +108,21 @@ kubectl create secret generic oci-privatekey --from-file=privatekey=/root/.oci/o
 ```
 
 
-## 3. Create a Kubernetes secret named `admin-password`; This passward must meet the minimum passward requirements for the OCI OBDS Service.
+## 3. Create a Kubernetes secret named `admin-password`; This password must meet the minimum password requirements for the OCI OBDS Service.
 For example:
 
 ```bash
-#-- assuming the passward has been added to a text file named "admin-password":
+#-- assuming the password has been added to a text file named "admin-password":
 
 kubectl create secret generic admin-password --from-file=./admin-password -n default
 ```
 
 
-## 4. Create a Kubernetes secret named `tde-password`; this passward must meet the minimum passward requirements for the OCI OBDS Service.
+## 4. Create a Kubernetes secret named `tde-password`; this password must meet the minimum password requirements for the OCI OBDS Service.
 For example:
 
 ```bash
-# -- assuming the passward has been added to a text file named "tde-password":
+# -- assuming the password has been added to a text file named "tde-password":
 
 kubectl create secret generic tde-password --from-file=./tde-password -n default
 ```
@@ -161,20 +162,26 @@ For more informatoin about the multiple use cases available to you to deploy and
 [1. Deploy a DB System using OCI OBDS Service with minimal parameters](./provisioning/dbcs_service_with_minimal_parameters.md)  
 [2. Binding to an existing OBDS System already deployed in OCI Oracle Base Database Service](./provisioning/bind_to_existing_dbcs_system.md)  
 [3. Scale UP the shape of an existing OBDS System](./provisioning/scale_up_dbcs_system_shape.md)  
-[4. Scale DOWN the shape of an existing OBDS System](./provisioning/scale_down_dbcs_system_shape.md)  
-[5. Scale UP the storage of an existing OBDS System](./provisioning/scale_up_storage.md)  
-[6. Update License type of an existing OBDS System](./provisioning/update_license.md)  
+[4. Scale DOWN the shape of an existing OBDS System](./provisioning/scale_down_dbcs_system_shape.md)   
+[5. Scale UP the storage of an existing OBDS System](./provisioning/scale_up_storage.md)    
+[6. Update License type of an existing OBDS System](./provisioning/update_license.md)   
 [7. Terminate an existing OBDS System](./provisioning/terminate_dbcs_system.md)  
 [8. Create OBDS with All Parameters with Storage Management as LVM](./provisioning/dbcs_service_with_all_parameters_lvm.md)  
 [9. Create OBDS with All Parameters with Storage Management as ASM](./provisioning/dbcs_service_with_all_parameters_asm.md)  
 [10. Deploy a 2 Node RAC DB System using OCI OBDS Service](./provisioning/dbcs_service_with_2_node_rac.md)  
-[11. Create PDB to an existing OBDS System already deployed in OCI OBDS Service](./provisioning/create_pdb_to_existing_dbcs_system.md)   
-[12. Create OBDS with PDB in OCI](./provisioning/create_dbcs_with_pdb.md)  
-[13. Create OBDS with KMS Vault Encryption in OCI](./provisioning/create_dbcs_with_kms.md)    
+[11. Create PDB to an existing OBDS System already deployed in OCI OBDS Service](./provisioning/create_pdb_to_existing_dbcs_system.md)    
+[12. Create OBDS with PDB in OCI](./provisioning/create_dbcs_with_pdb.md)   
+[13. Create OBDS with KMS Vault Encryption in OCI](./provisioning/create_dbcs_with_kms.md)     
 [14. Migrate to KMS vault from TDE Wallet password encryption of an existing OBDS System already deployed in OCI Base OBDS Service](./provisioning/migrate_to_kms.md)  
 [15. Clone DB System from Existing DB System in OCI OBDS Service](./provisioning/clone_from_existing_dbcs.md)  
 [16. Clone DB System from Backup of Existing DB System in OCI OBDS Service](./provisioning/clone_from_backup_dbcs.md)  
 [17. Clone DB System from Existing Database of DB System in OCI OBDS Service](./provisioning/clone_from_database.md)  
+[18. Create Backup of Existing Database of DB System in OCI OBDS Service](./provisioning/backup_of_database.md)  
+[19. Restore from Backup of Existing Database of DB System in OCI OBDS Service](./provisioning/restore_of_database.md)  
+[20. Setup Dataguard Association to Existing Database of DB System in OCI Base DBCS Service](./provisioning/dataguard_to_database.md)  
+[21. Disable Dataguard Association to Existing Database of DB System and Terminate Peer DB System in OCI Base DBCS Service](./provisioning/disable_dataguard_to_database.md)  
+[22. Patching Existing Database of DB System in OCI Base DBCS Service](./provisioning/patching_database.md)   
+[23. Upgrading Existing Database of DB System in OCI Base DBCS Service](./provisioning/upgrading_database.md)  
 
 ## Connecting to OCI OBDS database deployed using Oracle DB Operator OBDS Controller
 
diff --git a/docs/dbcs/provisioning/backup_database_sample_output.log b/docs/dbcs/provisioning/backup_database_sample_output.log
new file mode 100644
index 00000000..6d76dc4c
--- /dev/null
+++ b/docs/dbcs/provisioning/backup_database_sample_output.log
@@ -0,0 +1,100 @@
+2025-04-09T08:57:48Z    INFO    Backup creation initiated       {"controller": "dbcssystem", "controllerGroup": "database.oracle.com", "controllerKind": "DbcsSystem", "DbcsSystem": {"name":"dbcssystem-existing","namespace":"default"}, "namespace": "default", "name": "dbcssystem-existing", "reconcileID": "a1edd2a5-7a6a-4dde-a071-e2a634b4b3b9", "BackupID": "ocid1.dbbackup.oc1.ap-mumbai-1.anrg6ljrabf7htyadzfhqva7rs7ttlz3ql3vwexfl4yoghzsllg7hy7oxdga"}
+2025-04-09T08:57:48Z    INFO    Waiting for backup to reach ACTIVE state...     {"controller": "dbcssystem", "controllerGroup": "database.oracle.com", "controllerKind": "DbcsSystem", "DbcsSystem": {"name":"dbcssystem-existing","namespace":"default"}, "namespace": "default", "name": "dbcssystem-existing", "reconcileID": "a1edd2a5-7a6a-4dde-a071-e2a634b4b3b9"}
+2025-04-09T08:58:19Z    INFO    Polling backup status   {"controller": "dbcssystem", "controllerGroup": "database.oracle.com", "controllerKind": "DbcsSystem", "DbcsSystem": {"name":"dbcssystem-existing","namespace":"default"}, "namespace": "default", "name": "dbcssystem-existing", "reconcileID": "a1edd2a5-7a6a-4dde-a071-e2a634b4b3b9", "BackupID": "ocid1.dbbackup.oc1.ap-mumbai-1.anrg6ljrabf7htyadzfhqva7rs7ttlz3ql3vwexfl4yoghzsllg7hy7oxdga", "State": "CREATING"}
+2025-04-09T08:58:48Z    INFO    Polling backup status   {"controller": "dbcssystem", "controllerGroup": "database.oracle.com", "controllerKind": "DbcsSystem", "DbcsSystem": {"name":"dbcssystem-existing","namespace":"default"}, "namespace": "default", "name": "dbcssystem-existing", "reconcileID": "a1edd2a5-7a6a-4dde-a071-e2a634b4b3b9", "BackupID": "ocid1.dbbackup.oc1.ap-mumbai-1.anrg6ljrabf7htyadzfhqva7rs7ttlz3ql3vwexfl4yoghzsllg7hy7oxdga", "State": "CREATING"}
+2025-04-09T08:59:18Z    INFO    Polling backup status   {"controller": "dbcssystem", "controllerGroup": "database.oracle.com", "controllerKind": "DbcsSystem", "DbcsSystem": {"name":"dbcssystem-existing","namespace":"default"}, "namespace": "default", "name": "dbcssystem-existing", "reconcileID": "a1edd2a5-7a6a-4dde-a071-e2a634b4b3b9", "BackupID": "ocid1.dbbackup.oc1.ap-mumbai-1.anrg6ljrabf7htyadzfhqva7rs7ttlz3ql3vwexfl4yoghzsllg7hy7oxdga", "State": "CREATING"}
+2025-04-09T08:59:48Z    INFO    Polling backup status   {"controller": "dbcssystem", "controllerGroup": "database.oracle.com", "controllerKind": "DbcsSystem", "DbcsSystem": {"name":"dbcssystem-existing","namespace":"default"}, "namespace": "default", "name": "dbcssystem-existing", "reconcileID": "a1edd2a5-7a6a-4dde-a071-e2a634b4b3b9", "BackupID": "ocid1.dbbackup.oc1.ap-mumbai-1.anrg6ljrabf7htyadzfhqva7rs7ttlz3ql3vwexfl4yoghzsllg7hy7oxdga", "State": "CREATING"}
+2025-04-09T09:00:18Z    INFO    Polling backup status   {"controller": "dbcssystem", "controllerGroup": "database.oracle.com", "controllerKind": "DbcsSystem", "DbcsSystem": {"name":"dbcssystem-existing","namespace":"default"}, "namespace": "default", "name": "dbcssystem-existing", "reconcileID": "a1edd2a5-7a6a-4dde-a071-e2a634b4b3b9", "BackupID": "ocid1.dbbackup.oc1.ap-mumbai-1.anrg6ljrabf7htyadzfhqva7rs7ttlz3ql3vwexfl4yoghzsllg7hy7oxdga", "State": "CREATING"}
+2025-04-09T09:00:48Z    INFO    Polling backup status   {"controller": "dbcssystem", "controllerGroup": "database.oracle.com", "controllerKind": "DbcsSystem", "DbcsSystem": {"name":"dbcssystem-existing","namespace":"default"}, "namespace": "default", "name": "dbcssystem-existing", "reconcileID": "a1edd2a5-7a6a-4dde-a071-e2a634b4b3b9", "BackupID": "ocid1.dbbackup.oc1.ap-mumbai-1.anrg6ljrabf7htyadzfhqva7rs7ttlz3ql3vwexfl4yoghzsllg7hy7oxdga", "State": "CREATING"}
+2025-04-09T09:09:48Z    INFO    Polling backup status   {"controller": "dbcssystem", "controllerGroup": "database.oracle.com", "controllerKind": "DbcsSystem", "DbcsSystem": {"name":"dbcssystem-existing","namespace":"default"}, "namespace": "default", "name": "dbcssystem-existing", "reconcileID": "a1edd2a5-7a6a-4dde-a071-e2a634b4b3b9", "BackupID": "ocid1.dbbackup.oc1.ap-mumbai-1.anrg6ljrabf7htyadzfhqva7rs7ttlz3ql3vwexfl4yoghzsllg7hy7oxdga", "State": "CREATING"}
+2025-04-09T09:10:18Z    INFO    Polling backup status   {"controller": "dbcssystem", "controllerGroup": "database.oracle.com", "controllerKind": "DbcsSystem", "DbcsSystem": {"name":"dbcssystem-existing","namespace":"default"}, "namespace": "default", "name": "dbcssystem-existing", "reconcileID": "a1edd2a5-7a6a-4dde-a071-e2a634b4b3b9", "BackupID": "ocid1.dbbackup.oc1.ap-mumbai-1.anrg6ljrabf7htyadzfhqva7rs7ttlz3ql3vwexfl4yoghzsllg7hy7oxdga", "State": "CREATING"}
+2025-04-09T09:10:48Z    INFO    Polling backup status   {"controller": "dbcssystem", "controllerGroup": "database.oracle.com", "controllerKind": "DbcsSystem", "DbcsSystem": {"name":"dbcssystem-existing","namespace":"default"}, "namespace": "default", "name": "dbcssystem-existing", "reconcileID": "a1edd2a5-7a6a-4dde-a071-e2a634b4b3b9", "BackupID": "ocid1.dbbackup.oc1.ap-mumbai-1.anrg6ljrabf7htyadzfhqva7rs7ttlz3ql3vwexfl4yoghzsllg7hy7oxdga", "State": "CREATING"}
+2025-04-09T09:11:18Z    INFO    Polling backup status   {"controller": "dbcssystem", "controllerGroup": "database.oracle.com", "controllerKind": "DbcsSystem", "DbcsSystem": {"name":"dbcssystem-existing","namespace":"default"}, "namespace": "default", "name": "dbcssystem-existing", "reconcileID": "a1edd2a5-7a6a-4dde-a071-e2a634b4b3b9", "BackupID": "ocid1.dbbackup.oc1.ap-mumbai-1.anrg6ljrabf7htyadzfhqva7rs7ttlz3ql3vwexfl4yoghzsllg7hy7oxdga", "State": "CREATING"}
+2025-04-09T09:11:48Z    INFO    Polling backup status   {"controller": "dbcssystem", "controllerGroup": "database.oracle.com", "controllerKind": "DbcsSystem", "DbcsSystem": {"name":"dbcssystem-existing","namespace":"default"}, "namespace": "default", "name": "dbcssystem-existing", "reconcileID": "a1edd2a5-7a6a-4dde-a071-e2a634b4b3b9", "BackupID": "ocid1.dbbackup.oc1.ap-mumbai-1.anrg6ljrabf7htyadzfhqva7rs7ttlz3ql3vwexfl4yoghzsllg7hy7oxdga", "State": "CREATING"}
+2025-04-09T09:12:18Z    INFO    Polling backup status   {"controller": "dbcssystem", "controllerGroup": "database.oracle.com", "controllerKind": "DbcsSystem", "DbcsSystem": {"name":"dbcssystem-existing","namespace":"default"}, "namespace": "default", "name": "dbcssystem-existing", "reconcileID": "a1edd2a5-7a6a-4dde-a071-e2a634b4b3b9", "BackupID": "ocid1.dbbackup.oc1.ap-mumbai-1.anrg6ljrabf7htyadzfhqva7rs7ttlz3ql3vwexfl4yoghzsllg7hy7oxdga", "State": "CREATING"}
+2025-04-09T09:12:48Z    INFO    Polling backup status   {"controller": "dbcssystem", "controllerGroup": "database.oracle.com", "controllerKind": "DbcsSystem", "DbcsSystem": {"name":"dbcssystem-existing","namespace":"default"}, "namespace": "default", "name": "dbcssystem-existing", "reconcileID": "a1edd2a5-7a6a-4dde-a071-e2a634b4b3b9", "BackupID": "ocid1.dbbackup.oc1.ap-mumbai-1.anrg6ljrabf7htyadzfhqva7rs7ttlz3ql3vwexfl4yoghzsllg7hy7oxdga", "State": "ACTIVE"}
+2025-04-09T09:12:48Z    INFO    Backup completed successfully   {"controller": "dbcssystem", "controllerGroup": "database.oracle.com", "controllerKind": "DbcsSystem", "DbcsSystem": {"name":"dbcssystem-existing","namespace":"default"}, "namespace": "default", "name": "dbcssystem-existing", "reconcileID": "a1edd2a5-7a6a-4dde-a071-e2a634b4b3b9", "BackupID": "ocid1.dbbackup.oc1.ap-mumbai-1.anrg6ljrabf7htyadzfhqva7rs7ttlz3ql3vwexfl4yoghzsllg7hy7oxdga"}
+2025-04-09T09:12:51Z    INFO    Backup Completed successfully   {"controller": "dbcssystem", "controllerGroup": "database.oracle.com", "controllerKind": "DbcsSystem", "DbcsSystem": {"name":"dbcssystem-existing","namespace":"default"}, "namespace": "default", "name": "dbcssystem-existing", "reconcileID": "a1edd2a5-7a6a-4dde-a071-e2a634b4b3b9", "BackupID": "ocid1.dbbackup.oc1.ap-mumbai-1.anrg6ljrabf7htyadzfhqva7rs7ttlz3ql3vwexfl4yoghzsllg7hy7oxdga"}
+
+
+kubectl describe dbcssystems.database.oracle.com/dbcssystem-existing
+Warning: To increase security of your API key located at /home/sauahuja/.oci/oci_api_key.pem, append an extra line with 'OCI_API_KEY' at the end. For more information, refer to https://docs.oracle.com/iaas/Content/API/Concepts/apisigningkey.htm. To suppress the warning, set the env variable SUPPRESS_LABEL_WARNING=True
+Name:         dbcssystem-existing
+Namespace:    default
+Labels:       <none>
+Annotations:  lastSuccessfulSpec:
+                {"dbSystem":{"compartmentId":"","availabilityDomain":"","subnetId":"","shape":"","hostName":"","backupDisplayName":"Full-Backup","dbAdminP...
+API Version:  database.oracle.com/v4
+Kind:         DbcsSystem
+Metadata:
+  Creation Timestamp:  2025-04-09T08:57:34Z
+  Generation:          2
+  Resource Version:    168679344
+  UID:                 0633f774-92a9-4ab0-b65e-616be3fc7adb
+Spec:
+  Db System:
+    Availability Domain:       
+    Backup Display Name:       Full-Backup
+    Compartment Id:            
+    Db Admin Password Secret:  
+    Db Backup Config:
+    Host Name:  
+    Kms Config:
+    Shape:        
+    Subnet Id:    
+  Enable Backup:  true
+  Id:             ocid1.dbsystem.oc1.ap-mumbai-1.anrg6ljrabf7htyaezbusohovqidnjud2w5wmeisqydsmkqlzcghctvrscfq
+  Kms Config:
+  Oci Config Map:  oci-cred-mumbai
+  Oci Secret:      oci-privatekey
+Status:
+  Availability Domain:  OLou:AP-MUMBAI-1-AD-1
+  Backups:
+    Backup Id:                ocid1.dbbackup.oc1.ap-mumbai-1.anrg6ljrabf7htyadzfhqva7rs7ttlz3ql3vwexfl4yoghzsllg7hy7oxdga
+    Name:                     Full-Backup-20250409-085744
+    Timestamp:                2025-04-09T08:57:53Z
+    Backup Id:                ocid1.dbbackup.oc1.ap-mumbai-1.anrg6ljrabf7htyazmu2w7bjtivgbjj37aym6cfsnutruzyrb2t7uiuidksq
+    Name:                     Saurabh-JustInTime-manual-20250408-144538
+    Timestamp:                2025-04-08T14:45:48Z
+    Backup Id:                ocid1.dbbackup.oc1.ap-mumbai-1.anrg6ljrabf7htyab6cgmv5vs6rtyfusfw3w7dj5e5ck5h6x32xuz253qcla
+    Name:                     backup-20250408-142512
+    Timestamp:                2025-04-08T14:25:22Z
+  Cpu Core Count:             1
+  Data Storage Percentage:    80
+  Data Storage Size In G Bs:  256
+  Db Clone Status:
+    Db Db Unique Name:  
+    Host Name:          
+  Db Edition:           ENTERPRISE_EDITION_HIGH_PERFORMANCE
+  Display Name:         dbsystem123
+  Id:                   ocid1.dbsystem.oc1.ap-mumbai-1.anrg6ljrabf7htyaezbusohovqidnjud2w5wmeisqydsmkqlzcghctvrscfq
+  Kms Details Status:
+  License Model:  BRING_YOUR_OWN_LICENSE
+  Network:
+    Client Subnet:  oke-nodesubnet-quick-cluster1-2bebe95db-regional
+    Domain Name:    subdda0b5eaa.cluster1.oraclevcn.com
+    Host Name:      host123
+    Listener Port:  1521
+    Scan Dns Name:  host123-scan.subdda0b5eaa.cluster1.oraclevcn.com
+    Vcn Name:       oke-vcn-quick-cluster1-2bebe95db
+  Node Count:       1
+  Pdb Details Status:
+    Pdb Config Status:
+      Pdb Name:               cdb123_pdb1
+      Pdb State:              AVAILABLE
+      Pluggable Database Id:  ocid1.pluggabledatabase.oc1.ap-mumbai-1.anrg6ljrabf7htyao76wku3parutii5ojxmejzfbevloxcizvt3lt5pyzvja
+  Reco Storage Size In GB:    256
+  Shape:                      VM.Standard2.1
+  State:                      AVAILABLE
+  Storage Management:         ASM
+  Subnet Id:                  ocid1.subnet.oc1.ap-mumbai-1.aaaaaaaa5zpzfax66omtbmjwlv4thruyru7focnu7fjcjksujmgwmr6vpbvq
+  Time Zone:                  UTC
+  Work Requests:
+    Operation Id:      ocid1.coreservicesworkrequest.oc1.ap-mumbai-1.abrg6ljrjajnyzhsjbuaxu76mc3ku2xr2itlip45hj75rhyd7xtdcvtar77q
+    Operation Type:    Create DB System
+    Percent Complete:  100
+    Time Accepted:     2025-04-06 04:55:35.586 +0000 UTC
+    Time Finished:     2025-04-06 07:24:02.505 +0000 UTC
+    Time Started:      2025-04-06 04:55:39.439 +0000 UTC
+Events:                <none>
+basedb/ $ 
\ No newline at end of file
diff --git a/docs/dbcs/provisioning/backup_of_database.md b/docs/dbcs/provisioning/backup_of_database.md
new file mode 100644
index 00000000..6d17f2ef
--- /dev/null
+++ b/docs/dbcs/provisioning/backup_of_database.md
@@ -0,0 +1,35 @@
+# Create Backup of Existing Database of DB System in OCI OBDS Service
+
+In this example, an existing OCI OBDS system previously deployed with an existing Database is updated to have a full manual backup in the OCI Base OBDS Service using the existing Compartment ID and database system ID. 
+
+To use this example on your system, before you begin, obtain the details of the database OCID for the existing OBDS System which you want to backup.  
+
+**NOTE:** We are assuming that before this step, you have followed the [prerequisite](./../README.md#prerequisites-to-deploy-a-dbcs-system-using-oracle-db-operator-dbcs-controller) steps to create the configmap and the secrets required during the deployment.
+
+This example uses `backup_of_database.yaml` to clone a Single Instance OBDS VMDB using Oracle DB Operator OBDS Controller with the following configuration:
+- OCID of existing as DB System as `id`
+- OCI Configmap as `oci-cred`  
+- OCI Secret as `oci-privatekey`
+- enableBackup: as `true` 
+- Specification of backup prefix as - Details of `backupDisplayName`. This field is optional. If it is not provided, then the controller uses the keyword `backup` as the prefix. In both cases of displayName, whether you provide a backup display name or not, the suffix of the backup name is the timestamp. The timestamp ensure that the backup name created for the database is unique.
+**NOTE:** For the details of the parameters to be used in the .yaml file, see [DBCS controller parameters](./dbcs_controller_parameters.md).
+
+Use the file: [backup_of_database.yaml](./backup_of_database.yaml) for this use case. Example:
+
+1. Deploy the .yaml file:  
+```sh
+[root@docker-test-server OBDS]# kubectl apply -f backup_of_database.yaml
+dbcssystem.database.oracle.com/dbcssystem-backup configured
+```
+
+2. Monitor the Oracle Database Operator Pod `pod/oracle-database-operator-controller-manager-665874bd57-g2cgw` for the progress of the OBDS VMDB creation of PDBs. 
+
+NOTE: Check the DB Operator Pod name in your environment.
+
+```
+[root@docker-test-server OBDS]# kubectl logs -f pod/oracle-database-operator-controller-manager-665874bd57-g2cgw -n  oracle-database-operator-system
+```
+
+## Sample Output
+
+[Backup Database Sample Output Log](./backup_database_sample_output.log) is an example output for a backup an existing OBDS System deployed in OCI using the Oracle Database Operator OBDS Controller.
\ No newline at end of file
diff --git a/docs/dbcs/provisioning/backup_of_database.yaml b/docs/dbcs/provisioning/backup_of_database.yaml
new file mode 100644
index 00000000..f9edd741
--- /dev/null
+++ b/docs/dbcs/provisioning/backup_of_database.yaml
@@ -0,0 +1,11 @@
+apiVersion: database.oracle.com/v4
+kind: DbcsSystem
+metadata:
+  name: dbcssystem-backup
+spec:
+  id: "ocid1.dbsystem.oc1.ap-mumbai-1.anrg6ljrabf7htyaezbusohovqidnjud2w5wmeisqydsmkqlzcghctvrscfq"
+  ociConfigMap: "oci-cred"
+  ociSecret: "oci-privatekey"
+  enableBackup: true
+  dbSystem:
+      backupDisplayName: "Full-Backup"
\ No newline at end of file
diff --git a/docs/dbcs/provisioning/bind_to_existing_dbcs_system.md b/docs/dbcs/provisioning/bind_to_existing_dbcs_system.md
index eced7538..0cad1db4 100644
--- a/docs/dbcs/provisioning/bind_to_existing_dbcs_system.md
+++ b/docs/dbcs/provisioning/bind_to_existing_dbcs_system.md
@@ -1,25 +1,25 @@
 # Binding to an existing OBDS System already deployed in OCI Oracle Base Database Service
 
-In this use case, we bind the Oracle DB Operator OBDS Controller to an existing OCI OBDS System which has already been deployed earlier. This will help to manage the life cycle of that OBDS System using the Oracle DB Operator OBDS Controller.
+In this use case, we bind the Oracle DB Operator OBDS Controller to an existing OCI OBDS System that has already been deployed. After you bind the Controller, you are able to use it to manage the lifecycle of that OBDS System.
 
 **NOTE** We are assuming that before this step, you have followed the [prerequisite](./../README.md#prerequsites-to-deploy-a-dbcs-system-using-oracle-db-operator-dbcs-controller) steps to create the configmap and the secrets required during the deployment.
 
-This example uses `bind_to_existing_dbcs_system.yaml` to bind to an existing OBDS VMDB using Oracle DB Operator OBDS Controller with:
+This example uses `bind_to_existing_dbcs_system.yaml` to bind to an existing OBDS VMDB using Oracle DB Operator OBDS Controller with the following:
 
 - OCI Configmap as `oci-cred-mumbai`  
 - OCI Secret as `oci-privatekey`  
 - OCID of the existing OBDS System as `ocid1.dbsystem.oc1.ap-mumbai-1.anrg6ljrabf7htyadgsso7aessztysrwaj5gcl3tp7ce6asijm2japyvmroa`
 
 
-Use the file: [bind_to_existing_dbcs_system.yaml](./bind_to_existing_dbcs_system.yaml) for this use case as below:
+Use the file: [bind_to_existing_dbcs_system.yaml](./bind_to_existing_dbcs_system.yaml) for this use case, as described in the following steps:
 
-1. Deploy the .yaml file:  
+1. Deploy the `.yaml` file:  
 ```bash
 kubectl apply -f bind_to_existing_dbcs_system.yaml
 dbcssystem.database.oracle.com/dbcssystem-existing created
 ```
 
-2. Monitor the Oracle DB Leader Operator Pod `pod/oracle-database-operator-controller-manager-665874bd57-g2cgw` for the progress of the OBDS VMDB deployment. 
+2. Monitor the Oracle DB Leader Operator Pod `pod/oracle-database-operator-controller-manager-665874bd57-g2cgw` to follow the progress of the OBDS VMDB deployment. 
 
 NOTE: Check the DB Operator Pod name in your environment.
 
@@ -29,4 +29,4 @@ NOTE: Check the DB Operator Pod name in your environment.
 
 ## Sample Output
 
-[Here](./bind_to_existing_dbcs_system_sample_output.log) is the sample output for binding to an existing OBDS System already deployed in OCI using Oracle DB Operator OBDS Controller.
+[Here](./bind_to_existing_dbcs_system_sample_output.log) is an example of the output for binding to an existing OBDS System already deployed in OCI using Oracle DB Operator OBDS Controller.
diff --git a/docs/dbcs/provisioning/bind_to_existing_dbcs_system.yaml b/docs/dbcs/provisioning/bind_to_existing_dbcs_system.yaml
index 6ff24bc8..05885fdb 100644
--- a/docs/dbcs/provisioning/bind_to_existing_dbcs_system.yaml
+++ b/docs/dbcs/provisioning/bind_to_existing_dbcs_system.yaml
@@ -1,8 +1,21 @@
+# The API group and version this custom resource belongs to (Oracle Database Operator CRD v4)
 apiVersion: database.oracle.com/v4
+
+# The type of resource (DbcsSystem manages an OCI DB System)
 kind: DbcsSystem
+
+# Standard Kubernetes object metadata
 metadata:
+  # The name of this DbcsSystem resource (must be unique within the namespace)
   name: dbcssystem-existing
+
+# Specification of the desired state for the DbcsSystem
 spec:
-  id: "ocid1.dbsystem.oc1.ap-mumbai-1.anrg6ljrabf7htyadgsso7aessztysrwaj5gcl3tp7ce6asijm2japyvmroa"
-  ociConfigMap: "oci-cred"
-  ociSecret: "oci-privatekey"
+  # The OCID of the existing DB System in OCI that this resource manages
+  id: "ocid1.dbsystem.oc1.ap-mumbai-1.anrg6ljrabf7htyagag6vwgkdcf5g6srfykrsqnfnryfskfhblntsjypiajq"
+
+  # The name of the ConfigMap containing OCI credentials (tenancy, region, etc.)
+  ociConfigMap: "oci-cred-mumbai"
+
+  # The name of the Secret containing the OCI private key used for authentication
+  ociSecret: "oci-privatekey"
\ No newline at end of file
diff --git a/docs/dbcs/provisioning/clone_dbcs_system_from_backup_sample_output.log b/docs/dbcs/provisioning/clone_dbcs_system_from_backup_sample_output.log
index 82531993..43480edc 100644
--- a/docs/dbcs/provisioning/clone_dbcs_system_from_backup_sample_output.log
+++ b/docs/dbcs/provisioning/clone_dbcs_system_from_backup_sample_output.log
@@ -72,4 +72,68 @@
 2024-09-18T14:05:43Z    INFO    DB System current state is still:PROVISIONING. Sleeping for 60 seconds. {"controller": "dbcssystem", "controllerGroup": "database.oracle.com", "controllerKind": "DbcsSystem", "DbcsSystem": {"name":"dbcssystem-clone","namespace":"default"}, "namespace": "default", "name": "dbcssystem-clone", "reconcileID": "a299bb7c-22eb-4db4-9037-ce81897345df"}
 2024-09-18T14:06:44Z    INFO    DB System current state is still:PROVISIONING. Sleeping for 60 seconds. {"controller": "dbcssystem", "controllerGroup": "database.oracle.com", "controllerKind": "DbcsSystem", "DbcsSystem": {"name":"dbcssystem-clone","namespace":"default"}, "namespace": "default", "name": "dbcssystem-clone", "reconcileID": "a299bb7c-22eb-4db4-9037-ce81897345df"}
 2024-09-18T14:07:45Z    INFO    DB System current state is still:PROVISIONING. Sleeping for 60 seconds. {"controller": "dbcssystem", "controllerGroup": "database.oracle.com", "controllerKind": "DbcsSystem", "DbcsSystem": {"name":"dbcssystem-clone","namespace":"default"}, "namespace": "default", "name": "dbcssystem-clone", "reconcileID": "a299bb7c-22eb-4db4-9037-ce81897345df"}
-2024-09-18T14:08:46Z    INFO    DB Cloning completed successfully from provided backup DB system. {"controller": "dbcssystem", "controllerGroup": "database.oracle.com", "controllerKind": "DbcsSystem", "DbcsSystem": {"name":"dbcssystem-clone","namespace":"default"}, "namespace": "default", "name": "dbcssystem-clone", "reconcileID": "a299bb7c-22eb-4db4-9037-ce81897345df"}
\ No newline at end of file
+2024-09-18T14:08:46Z    INFO    DB Cloning completed successfully from provided backup DB system. {"controller": "dbcssystem", "controllerGroup": "database.oracle.com", "controllerKind": "DbcsSystem", "DbcsSystem": {"name":"dbcssystem-clone","namespace":"default"}, "namespace": "default", "name": "dbcssystem-clone", "reconcileID": "a299bb7c-22eb-4db4-9037-ce81897345df"}
+
+
+#kubectl describe dbcssystems/dbcssystem-clone
+Name:         dbcssystem-clone
+Namespace:    default
+Labels:       <none>
+Annotations:  <none>
+API Version:  database.oracle.com/v4
+Kind:         DbcsSystem
+Metadata:
+  Creation Timestamp:  2024-12-10T14:05:34Z
+  Generation:          1
+  Resource Version:    118098180
+  UID:                 6b96d17c-b788-4bb7-bc0e-098ade53100c
+Spec:
+  Db Clone:
+    Db Admin Pasword Secret:  admin-password
+    Db Db Unique Name:        
+    Db Name:                  db1212
+    Display Name:             dbsystem01312
+    Domain:                   subdda0b5eaa.cluster1.oraclevcn.com
+    Host Name:                host1213
+    License Model:            BRING_YOUR_OWN_LICENSE
+    Ssh Public Keys:
+      oci-publickey
+    Subnet Id:  ocid1.subnet.oc1.ap-mumbai-1.aaaaaaaa5zpzfax66omtbmjwlv4thruyru7focnu7fjcjksujmgwmr6vpbvq
+  Db System:
+    Availability Domain:      
+    Compartment Id:           
+    Db Admin Pasword Secret:  
+    Db Backup Config:
+    Host Name:  
+    Kms Config:
+    Shape:      
+    Subnet Id:  
+  Id:           ocid1.dbsystem.oc1.ap-mumbai-1.anrg6ljrabf7htyadgsso7aessztysrwaj5gcl3tp7ce6asijm2japyvmroa
+  Kms Config:
+  Oci Config Map:    oci-cred-mumbai
+  Oci Secret:        oci-privatekey
+  Setup DB Cloning:  true
+Status:
+  Availability Domain:        OLou:AP-MUMBAI-1-AD-1
+  Cpu Core Count:             1
+  Data Storage Percentage:    80
+  Data Storage Size In G Bs:  512
+  Db Edition:                 ENTERPRISE_EDITION_HIGH_PERFORMANCE
+  Display Name:               dbsystem1234
+  Id:                         ocid1.dbsystem.oc1.ap-mumbai-1.anrg6ljrabf7htyadgsso7aessztysrwaj5gcl3tp7ce6asijm2japyvmroa
+  License Model:              BRING_YOUR_OWN_LICENSE
+  Network:
+    Client Subnet:          oke-nodesubnet-quick-cluster1-2bebe95db-regional
+    Domain Name:            subdda0b5eaa.cluster1.oraclevcn.com
+    Host Name:              host1234
+    Listener Port:          1521
+    Scan Dns Name:          host1234-scan.subdda0b5eaa.cluster1.oraclevcn.com
+    Vcn Name:               oke-vcn-quick-cluster1-2bebe95db
+  Node Count:               1
+  Reco Storage Size In GB:  256
+  Shape:                    VM.Standard2.1
+  State:                    AVAILABLE
+  Storage Management:       ASM
+  Subnet Id:                ocid1.subnet.oc1.ap-mumbai-1.aaaaaaaa5zpzfax66omtbmjwlv4thruyru7focnu7fjcjksujmgwmr6vpbvq
+  Time Zone:                UTC
+Events:                     <none>
\ No newline at end of file
diff --git a/docs/dbcs/provisioning/clone_dbcs_system_from_database_sample_output.log b/docs/dbcs/provisioning/clone_dbcs_system_from_database_sample_output.log
index 2881051d..9889daa2 100644
--- a/docs/dbcs/provisioning/clone_dbcs_system_from_database_sample_output.log
+++ b/docs/dbcs/provisioning/clone_dbcs_system_from_database_sample_output.log
@@ -36,4 +36,68 @@
 .oracle.com", "controllerKind": "DbcsSystem", "DbcsSystem": {"name":"dbcssystem-clone","namespace":"default"}, "namespace": "default", "name": "dbcssystem-clone"
 , "reconcileID": "3ea6b5b1-1196-4279-bf8f-9e663f9a5543"}
 2024-09-20T10:00:46Z    INFO    DB System current state is still:PROVISIONING. Sleeping for 60 seconds. {"controller": "dbcssystem", "controllerGroup": "database.oracle.com", "controllerKind": "DbcsSystem", "DbcsSystem": {"name":"dbcssystem-clone","namespace":"default"}, "namespace": "default", "name": "dbcssystem-clone", "reconcileID": "3ea6b5b1-1196-4279-bf8f-9e663f9a5543"}
-2024-09-20T10:01:47Z    INFO    DB Cloning completed successfully from provided backup DB system        {"controller": "dbcssystem", "controllerGroup": "database.oracle.com", "controllerKind": "DbcsSystem", "DbcsSystem": {"name":"dbcssystem-clone","namespace":"default"}, "namespace": "default", "name": "dbcssystem-clone", "reconcileID": "3ea6b5b1-1196-4279-bf8f-9e663f9a5543"}
\ No newline at end of file
+2024-09-20T10:01:47Z    INFO    DB Cloning completed successfully from provided backup DB system        {"controller": "dbcssystem", "controllerGroup": "database.oracle.com", "controllerKind": "DbcsSystem", "DbcsSystem": {"name":"dbcssystem-clone","namespace":"default"}, "namespace": "default", "name": "dbcssystem-clone", "reconcileID": "3ea6b5b1-1196-4279-bf8f-9e663f9a5543"}
+
+
+#kubectl describe dbcssystems/dbcssystem-clone
+Name:         dbcssystem-clone
+Namespace:    default
+Labels:       <none>
+Annotations:  <none>
+API Version:  database.oracle.com/v4
+Kind:         DbcsSystem
+Metadata:
+  Creation Timestamp:  2024-12-10T14:05:34Z
+  Generation:          1
+  Resource Version:    118098180
+  UID:                 6b96d17c-b788-4bb7-bc0e-098ade53100c
+Spec:
+  Db Clone:
+    Db Admin Pasword Secret:  admin-password
+    Db Db Unique Name:        
+    Db Name:                  db1212
+    Display Name:             dbsystem01312
+    Domain:                   subdda0b5eaa.cluster1.oraclevcn.com
+    Host Name:                host1213
+    License Model:            BRING_YOUR_OWN_LICENSE
+    Ssh Public Keys:
+      oci-publickey
+    Subnet Id:  ocid1.subnet.oc1.ap-mumbai-1.aaaaaaaa5zpzfax66omtbmjwlv4thruyru7focnu7fjcjksujmgwmr6vpbvq
+  Db System:
+    Availability Domain:      
+    Compartment Id:           
+    Db Admin Pasword Secret:  
+    Db Backup Config:
+    Host Name:  
+    Kms Config:
+    Shape:      
+    Subnet Id:  
+  Id:           ocid1.dbsystem.oc1.ap-mumbai-1.anrg6ljrabf7htyadgsso7aessztysrwaj5gcl3tp7ce6asijm2japyvmroa
+  Kms Config:
+  Oci Config Map:    oci-cred-mumbai
+  Oci Secret:        oci-privatekey
+  Setup DB Cloning:  true
+Status:
+  Availability Domain:        OLou:AP-MUMBAI-1-AD-1
+  Cpu Core Count:             1
+  Data Storage Percentage:    80
+  Data Storage Size In G Bs:  512
+  Db Edition:                 ENTERPRISE_EDITION_HIGH_PERFORMANCE
+  Display Name:               dbsystem1234
+  Id:                         ocid1.dbsystem.oc1.ap-mumbai-1.anrg6ljrabf7htyadgsso7aessztysrwaj5gcl3tp7ce6asijm2japyvmroa
+  License Model:              BRING_YOUR_OWN_LICENSE
+  Network:
+    Client Subnet:          oke-nodesubnet-quick-cluster1-2bebe95db-regional
+    Domain Name:            subdda0b5eaa.cluster1.oraclevcn.com
+    Host Name:              host1234
+    Listener Port:          1521
+    Scan Dns Name:          host1234-scan.subdda0b5eaa.cluster1.oraclevcn.com
+    Vcn Name:               oke-vcn-quick-cluster1-2bebe95db
+  Node Count:               1
+  Reco Storage Size In GB:  256
+  Shape:                    VM.Standard2.1
+  State:                    AVAILABLE
+  Storage Management:       ASM
+  Subnet Id:                ocid1.subnet.oc1.ap-mumbai-1.aaaaaaaa5zpzfax66omtbmjwlv4thruyru7focnu7fjcjksujmgwmr6vpbvq
+  Time Zone:                UTC
+Events:                     <none>
\ No newline at end of file
diff --git a/docs/dbcs/provisioning/clone_dbcs_system_sample_output.log b/docs/dbcs/provisioning/clone_dbcs_system_sample_output.log
index 22d86e1e..b85588db 100644
--- a/docs/dbcs/provisioning/clone_dbcs_system_sample_output.log
+++ b/docs/dbcs/provisioning/clone_dbcs_system_sample_output.log
@@ -58,3 +58,66 @@
 2024-09-17T12:35:21Z    INFO    DB System current state is still:PROVISIONING. Sleeping for 60 seconds. {"controller": "dbcssystem", "controllerGroup": "database.oracle.com", "controllerKind": "DbcsSystem", "DbcsSystem": {"name":"dbcssystem-clone.yaml","namespace":"default"}, "namespace": "default", "name": "dbcssystem-clone.yaml", "reconcileID": "bf0c98c6-13b6-4c15-938a-3594cd4cf1f3"}
 2024-09-17T12:36:22Z    INFO    DB System current state is still:PROVISIONING. Sleeping for 60 seconds. {"controller": "dbcssystem", "controllerGroup": "database.oracle.com", "controllerKind": "DbcsSystem", "DbcsSystem": {"name":"dbcssystem-clone.yaml","namespace":"default"}, "namespace": "default", "name": "dbcssystem-clone.yaml", "reconcileID": "bf0c98c6-13b6-4c15-938a-3594cd4cf1f3"}
 2024-09-17T12:36:22Z    INFO    DB Cloning completed successfully from provided db system {"controller": "dbcssystem", "controllerGroup": "database.oracle.com", "controllerKind": "DbcsSystem", "DbcsSystem": {"name":"dbcssystem-clone.yaml","namespace":"default"}, "namespace": "default", "name": "dbcssystem-clone.yaml", "reconcileID": "bf0c98c6-13b6-4c15-938a-3594cd4cf1f3"}
+
+#kubectl describe dbcssystems/dbcssystem-clone
+Name:         dbcssystem-clone
+Namespace:    default
+Labels:       <none>
+Annotations:  <none>
+API Version:  database.oracle.com/v4
+Kind:         DbcsSystem
+Metadata:
+  Creation Timestamp:  2024-12-10T14:05:34Z
+  Generation:          1
+  Resource Version:    118098180
+  UID:                 6b96d17c-b788-4bb7-bc0e-098ade53100c
+Spec:
+  Db Clone:
+    Db Admin Pasword Secret:  admin-password
+    Db Db Unique Name:        
+    Db Name:                  db1212
+    Display Name:             dbsystem01312
+    Domain:                   subdda0b5eaa.cluster1.oraclevcn.com
+    Host Name:                host1213
+    License Model:            BRING_YOUR_OWN_LICENSE
+    Ssh Public Keys:
+      oci-publickey
+    Subnet Id:  ocid1.subnet.oc1.ap-mumbai-1.aaaaaaaa5zpzfax66omtbmjwlv4thruyru7focnu7fjcjksujmgwmr6vpbvq
+  Db System:
+    Availability Domain:      
+    Compartment Id:           
+    Db Admin Pasword Secret:  
+    Db Backup Config:
+    Host Name:  
+    Kms Config:
+    Shape:      
+    Subnet Id:  
+  Id:           ocid1.dbsystem.oc1.ap-mumbai-1.anrg6ljrabf7htyadgsso7aessztysrwaj5gcl3tp7ce6asijm2japyvmroa
+  Kms Config:
+  Oci Config Map:    oci-cred-mumbai
+  Oci Secret:        oci-privatekey
+  Setup DB Cloning:  true
+Status:
+  Availability Domain:        OLou:AP-MUMBAI-1-AD-1
+  Cpu Core Count:             1
+  Data Storage Percentage:    80
+  Data Storage Size In G Bs:  512
+  Db Edition:                 ENTERPRISE_EDITION_HIGH_PERFORMANCE
+  Display Name:               dbsystem1234
+  Id:                         ocid1.dbsystem.oc1.ap-mumbai-1.anrg6ljrabf7htyadgsso7aessztysrwaj5gcl3tp7ce6asijm2japyvmroa
+  License Model:              BRING_YOUR_OWN_LICENSE
+  Network:
+    Client Subnet:          oke-nodesubnet-quick-cluster1-2bebe95db-regional
+    Domain Name:            subdda0b5eaa.cluster1.oraclevcn.com
+    Host Name:              host1234
+    Listener Port:          1521
+    Scan Dns Name:          host1234-scan.subdda0b5eaa.cluster1.oraclevcn.com
+    Vcn Name:               oke-vcn-quick-cluster1-2bebe95db
+  Node Count:               1
+  Reco Storage Size In GB:  256
+  Shape:                    VM.Standard2.1
+  State:                    AVAILABLE
+  Storage Management:       ASM
+  Subnet Id:                ocid1.subnet.oc1.ap-mumbai-1.aaaaaaaa5zpzfax66omtbmjwlv4thruyru7focnu7fjcjksujmgwmr6vpbvq
+  Time Zone:                UTC
+Events:                     <none>
\ No newline at end of file
diff --git a/docs/dbcs/provisioning/clone_from_backup_dbcs.md b/docs/dbcs/provisioning/clone_from_backup_dbcs.md
index 4597cff7..fbc2ad5e 100644
--- a/docs/dbcs/provisioning/clone_from_backup_dbcs.md
+++ b/docs/dbcs/provisioning/clone_from_backup_dbcs.md
@@ -1,8 +1,8 @@
 # Clone DB System from Backup of Existing DB System in OCI Oracle Base Database System (OBDS)
 
-In this use case, an existing OCI OBDS system deployed earlier with the Backup is going to be cloned.
+In this use case, you can see how to clone an existing OCI OBDS system deployed earlier with the Backup.
 
-In order to clone OBDS to an existing OBDS system using Backup, get the details of OCID of backup in OCI OBDS. 
+To clone OBDS to an existing OBDS system using Backup, you must obtain the OCID details for the backup in OCI OBDS. 
 
 **NOTE:** We are assuming that before this step, you have followed the [prerequisite](./../README.md#prerequisites-to-deploy-a-dbcs-system-using-oracle-db-operator-dbcs-controller) steps to create the configmap and the secrets required during the deployment.
 
@@ -15,15 +15,15 @@ This example uses `clone_dbcs_system_from_backup.yaml` to clone a Single Instanc
 - Specification for DB Cloning as `dbClone`-> `dbAdminPasswordSecret`,`tdeWalletPasswordSecret`, `dbName`,`hostName`,`displayName`,`licenseModel`,`domain`,`sshPublicKeys`,`subnetId`, `initialDataStorageSizeInGB`
 **NOTE:** For the details of the parameters to be used in the .yaml file, please refer [here](./dbcs_controller_parameters.md).
 
-Use the file: [clone_dbcs_system_from_backup.yaml](./clone_dbcs_system_from_backup.yaml) for this use case as below:
+Use the file: [clone_dbcs_system_from_backup.yaml](./clone_dbcs_system_from_backup.yaml) for this use case, as described in the following steps:
 
-1. Deploy the .yaml file:  
+1. Deploy the `.yaml` file:  
 ```sh
 [root@docker-test-server OBDS]# kubectl apply -f clone_dbcs_system_from_backup.yaml
 dbcssystem.database.oracle.com/dbcssystem-clone created
 ```
 
-2. Monitor the Oracle DB Operator Pod `pod/oracle-database-operator-controller-manager-665874bd57-g2cgw` for the progress of the OBDS VMDB creation of PDBs. 
+2. Monitor the Oracle DB Operator Pod `pod/oracle-database-operator-controller-manager-665874bd57-g2cgw` to track the progress of the OBDS VMDB creation of PDBs. 
 
 NOTE: Check the DB Operator Pod name in your environment.
 
@@ -33,4 +33,4 @@ NOTE: Check the DB Operator Pod name in your environment.
 
 ## Sample Output
 
-[Here](./clone_dbcs_system_from_backup_sample_output.log) is the sample output for cloning an existing OBDS System deployed in OCI using Oracle DB Operator OBDS Controller.
+[Here](./clone_dbcs_system_from_backup_sample_output.log) is an example output log for cloning an existing OBDS System deployed in OCI using Oracle DB Operator OBDS Controller.
diff --git a/docs/dbcs/provisioning/clone_from_database.md b/docs/dbcs/provisioning/clone_from_database.md
index 05b294b5..70b5792e 100644
--- a/docs/dbcs/provisioning/clone_from_database.md
+++ b/docs/dbcs/provisioning/clone_from_database.md
@@ -2,11 +2,11 @@
 
 In this use case, an existing OCI OBDS system deployed earlier with existing Database is going to be cloned in OCI Base OBDS Service using existing Database ID. 
 
-As an pre-requisite, get the details of OCID of database of an existing OBDS System which you want to clone.  
+As an prerequisite, obtain the details of OCID of database of an existing OBDS System that you want to clone.  
 
-**NOTE:** We are assuming that before this step, you have followed the [prerequisite](./../README.md#prerequisites-to-deploy-a-dbcs-system-using-oracle-db-operator-dbcs-controller) steps to create the configmap and the secrets required during the deployment.
+**NOTE:** We are assuming that before this step, you have followed the [prerequisite steps](./../README.md#prerequisites-to-deploy-a-dbcs-system-using-oracle-db-operator-dbcs-controller) to create the configmap and the secrets required during the deployment.
 
-This example uses `clone_dbcs_system_from_database.yaml` to clone a Single Instance OBDS VMDB using Oracle DB Operator OBDS Controller with:
+This example uses `clone_dbcs_system_from_database.yaml` to clone a Single Instance OBDS VMDB using Oracle DB Operator OBDS Controller with the following:
 - OCID of existing as `databaseId`
 - OCI Configmap as `oci-cred`  
 - OCI Secret as `oci-privatekey`
@@ -14,7 +14,7 @@ This example uses `clone_dbcs_system_from_database.yaml` to clone a Single Insta
 - Specification of dbClone as - Details of new DB system for cloning `dbAdminPasswordSecret`,`tdeWalletPasswordSecret`, `dbName`,`hostName`,`displayName`,`licenseModel`,`domain`,`sshPublicKeys`,`subnetId`, `initialDataStorageSizeInGB`
 **NOTE:** For the details of the parameters to be used in the .yaml file, please refer [here](./dbcs_controller_parameters.md).
 
-Use the file: [clone_dbcs_system_from_database.yaml](./clone_dbcs_system_from_database.yaml) for this use case as below:
+Use the file: [clone_dbcs_system_from_database.yaml](./clone_dbcs_system_from_database.yaml) for this use case as described in the following steps:
 
 1. Deploy the .yaml file:  
 ```sh
@@ -22,7 +22,7 @@ Use the file: [clone_dbcs_system_from_database.yaml](./clone_dbcs_system_from_da
 dbcssystem.database.oracle.com/dbcssystem-clone created
 ```
 
-2. Monitor the Oracle DB Operator Pod `pod/oracle-database-operator-controller-manager-665874bd57-g2cgw` for the progress of the OBDS VMDB creation of PDBs. 
+2. Monitor the Oracle DB Operator Pod `pod/oracle-database-operator-controller-manager-665874bd57-g2cgw` to follow the progress of the OBDS VMDB creation of PDBs. 
 
 NOTE: Check the DB Operator Pod name in your environment.
 
@@ -32,4 +32,4 @@ NOTE: Check the DB Operator Pod name in your environment.
 
 ## Sample Output
 
-[Here](./clone_dbcs_system_from_database_sample_output.log) is the sample output for cloning an existing OBDS System deployed in OCI using Oracle DB Operator OBDS Controller.
+[This log file](./clone_dbcs_system_from_database_sample_output.log) is an example output log file for cloning an existing OBDS System deployed in OCI using Oracle DB Operator OBDS Controller.
diff --git a/docs/dbcs/provisioning/clone_from_existing_dbcs.md b/docs/dbcs/provisioning/clone_from_existing_dbcs.md
index 61665188..48f2b375 100644
--- a/docs/dbcs/provisioning/clone_from_existing_dbcs.md
+++ b/docs/dbcs/provisioning/clone_from_existing_dbcs.md
@@ -1,12 +1,12 @@
 # Clone DB System from Existing DB System in OCI Oracle Base Database System (OBDS)
 
-In this use case, an existing OCI OBDS system deployed earlier is going to be cloned in OCI Oracle Base Database System (OBDS). Its a 2 Step operation.
+In this use case, an existing OCI OBDS system deployed earlier is going to be cloned in OCI Oracle Base Database System (OBDS). It is a two-step operation. 
 
-In order to clone OBDS to an existing OBDS system, get the OCID of DB System ID  you want to clone.
+To clone OBDS to an existing OBDS system, obtain the OCID of the database system ID that you want to clone.
 
-**NOTE:** We are assuming that before this step, you have followed the [prerequisite](./../README.md#prerequisites-to-deploy-a-dbcs-system-using-oracle-db-operator-dbcs-controller) steps to create the configmap and the secrets required during the deployment.
+**NOTE:** We are assuming that before this step, you have followed the [prerequisite steps](./../README.md#prerequisites-to-deploy-a-dbcs-system-using-oracle-db-operator-dbcs-controller) to create the configmap and the secrets required during the deployment.
 
-This example uses `clone_dbcs_system.yaml` to clone a Single Instance OBDS VMDB using Oracle DB Operator OBDS Controller with:
+This example uses `clone_dbcs_system.yaml` to clone a Single Instance OBDS VMDB using Oracle DB Operator OBDS Controller with the following:
 
 - OCID of existing VMDB as `id` to be cloned.
 - OCI Configmap as `oci-cred`  
@@ -15,15 +15,15 @@ This example uses `clone_dbcs_system.yaml` to clone a Single Instance OBDS VMDB
 - Specification of DB System been cloned as `dbClone` -> `dbAdminPaswordSecret`, `dbName`,`hostName`,`displayName`,`licenseModel`,`domain`,`sshPublicKeys`,`subnetId`. These must be unique and new details for new cloned DB system to be created.
 **NOTE:** For the details of the parameters to be used in the .yaml file, please refer [here](./dbcs_controller_parameters.md).
 
-Use the file: [clone_dbcs_system.yaml](./clone_dbcs_system.yaml) for this use case as below:
+Use the file: [clone_dbcs_system.yaml](./clone_dbcs_system.yaml) for this use case as described in the following steps:
 
-1. Deploy the .yaml file:  
+1. Deploy the `.yaml` file:  
 ```sh
 [root@docker-test-server DBCS]# kubectl apply -f clone_dbcs_system.yaml
 dbcssystem.database.oracle.com/dbcssystem-clone created
 ```
 
-2. Monitor the Oracle DB Operator Pod `pod/oracle-database-operator-controller-manager-665874bd57-g2cgw` for the progress of the DBCS VMDB creation of PDBs. 
+2. Monitor the Oracle DB Operator Pod `pod/oracle-database-operator-controller-manager-665874bd57-g2cgw` to follow the progress of the DBCS VMDB creation of PDBs. 
 
 NOTE: Check the DB Operator Pod name in your environment.
 
@@ -33,4 +33,4 @@ NOTE: Check the DB Operator Pod name in your environment.
 
 ## Sample Output
 
-[Here](./clone_dbcs_system_sample_output.log) is the sample output for cloning an existing DBCS System deployed in OCI using Oracle DB Operator DBCS Controller.
+[This log file](./clone_dbcs_system_sample_output.log) is an example output log file for cloning an existing DBCS System deployed in OCI using Oracle DB Operator DBCS Controller.
diff --git a/docs/dbcs/provisioning/create_dbcs_with_kms.md b/docs/dbcs/provisioning/create_dbcs_with_kms.md
index 97d912d4..b6005e7f 100644
--- a/docs/dbcs/provisioning/create_dbcs_with_kms.md
+++ b/docs/dbcs/provisioning/create_dbcs_with_kms.md
@@ -2,12 +2,13 @@
 
 In this use case, an OCI OBDS system is deployed using Oracle DB Operator OBDS controller along with KMS Vault configuration
 
-**NOTE** It is assumed that before this step, you have followed the [prerequisite](./../README.md#prerequsites-to-deploy-a-dbcs-system-using-oracle-db-operator-dbcs-controller) steps to create the configmap and the secrets required during the deployment.
+**NOTE** We assume that before this procedure, you have followed the [prerequisite steps](./../README.md#prerequsites-to-deploy-a-dbcs-system-using-oracle-db-operator-dbcs-controller) to create the configmap and the secrets required during the deployment.
 
 ## Pre-requisites for KMS Vaults related to OBDS System
-There is also other set of pre-requisites for KMS Vaults related to dynamic group and policies. Please follow instructions for same. 
-1. Create Dynamic group with rule `ALL {resource.compartment.id =<ocid>` and give it some name.
-2. Create policy in your compartment for this dynamic group to access to key/vaults by database.
+You also must have completed the prerequisites for KMS Vaults related to dynamic group and policies. 
+
+1. Create Dynamic group with rule `ALL {resource.compartment.id =<ocid>` and give it a name.
+2. Create a policy in your compartment for this dynamic group to grant it access to key/vaults by database.
 
 ```txt
 Allow dynamic-group <> to manage secret-family in compartment <>	
@@ -17,7 +18,7 @@ Allow dynamic-group <> to manage keys in compartment <>
 Allow dynamic-group <> to manage vaults in compartment <>
 ```
 
-E.g
+For example: 
 
 ```txt
 ALL {resource.compartment.id = 'ocid1.compartment.oc1..aaaaaaaa63yqilqhgxv3dszur3a2fgwc64ohpfy43vpqjm7q5zq4q4yaw72a'}
@@ -29,9 +30,9 @@ Allow dynamic-group db_dynamic_group to manage database-family in compartment sa
 Allow dynamic-group db_dynamic_group to manage keys in compartment sauahuja
 Allow dynamic-group db_dynamic_group to manage vaults in compartment sauahuja
 ```
-3. Do also create KMS Vault and KMS Key in order to use it during OBDS provisioning. We are going to refer those variables (`vaultName`, `keyName`) in the yaml file.
+3. Create KMS Vault and KMS Keys so that you can use it during OBDS provisioning. We refer to those variables (`vaultName`, `keyName`) in the yaml file.
 
-This example uses `dbcs_service_with_kms.yaml` to deploy a Single Instance OBDS VMDB using Oracle DB Operator OBDS Controller with:
+This example uses `dbcs_service_with_kms.yaml` to deploy a Single Instance OBDS VMDB using Oracle DB Operator OBDS Controller with the following:
 
 - OCI Configmap as `oci-cred`  
 - OCI Secret as `oci-privatekey`  
@@ -50,17 +51,17 @@ This example uses `dbcs_service_with_kms.yaml` to deploy a Single Instance OBDS
 - KMS Compartment Id as `ocid1.compartment.oc1..aaaaaaaa63yqilqhgxv3dszur3a2fgwc64ohpfy43vpqjm7q5zq4q4yaw72a`
 - KMS Key Name as `dbkey`
 
-**NOTE:** For the details of the parameters to be used in the .yaml file, please refer [here](./dbcs_controller_parameters.md). While giving KMS Vault make sure not to pass TDE wallet password in DB creation as either of them can be only used for encryption.
+**NOTE:** For the details of the parameters used in the `.yaml` file, see: [DBCS Controller Parameters](./dbcs_controller_parameters.md). When providing the KMS Vault, ensure that you do not pass the TDE wallet password in database creation, because either of them can be used only for encryption.
 
-Use the file: [dbcs_service_with_kms.yaml](./dbcs_service_with_kms.yaml) for this use case as below:
+For the steps that follow, use this file: [dbcs_service_with_kms.yaml](./dbcs_service_with_kms.yaml). Complete the following steps: 
 
-1. Deploy the .yaml file:  
+1. Deploy the `.yaml` file:  
 ```bash
 [root@docker-test-server OBDS]# kubectl apply -f dbcs_service_with_kms.yaml
 dbcssystem.database.oracle.com/dbcssystem-create created
 ```
 
-2. Monitor the Oracle DB Operator Pod `pod/oracle-database-operator-controller-manager-665874bd57-g2cgw` for the progress of the OBDS VMDB deployment. 
+2. Monitor the Oracle DB Operator Pod `pod/oracle-database-operator-controller-manager-665874bd57-g2cgw` to monitor the progress of the OBDS VMDB deployment. 
 
 NOTE: Check the DB Operator Pod name in your environment.
 
@@ -70,4 +71,4 @@ NOTE: Check the DB Operator Pod name in your environment.
 
 ## Sample Output
 
-[Here](./dbcs_service_with_kms_sample_output.log) is the sample output for a OBDS System deployed in OCI using Oracle DB Operator OBDS Controller with KMS configurations.
+[This log file](./dbcs_service_with_kms_sample_output.log) is an example output log file for a OBDS System deployed in OCI using Oracle DB Operator OBDS Controller with KMS configurations.
diff --git a/docs/dbcs/provisioning/dataguard_in_database.yaml b/docs/dbcs/provisioning/dataguard_in_database.yaml
new file mode 100644
index 00000000..25fa8dd1
--- /dev/null
+++ b/docs/dbcs/provisioning/dataguard_in_database.yaml
@@ -0,0 +1,20 @@
+apiVersion: database.oracle.com/v4
+kind: DbcsSystem
+metadata:
+  name: dbcssystem-existing
+spec:
+  id: "ocid1.dbsystem.oc1.ap-mumbai-1.anrg6ljrabf7htyagag6vwgkdcf5g6srfykrsqnfnryfskfhblntsjypiajq"
+  ociConfigMap: "oci-cred"
+  ociSecret: "oci-privatekey"
+  dataGuard:
+    primaryDatabaseId: "ocid1.database.oc1.ap-mumbai-1.anrg6ljrabf7htya2mo5an5blhlvx5euyqnazi45hli7zqs5uig7juzgme5a"
+    dbAdminPasswordSecret: "admin-password"
+    protectionMode: "MAXIMUM_PERFORMANCE"
+    transportType: "ASYNC"
+    enabled: true
+    displayName: "standbydbsystem2"
+    availabilityDomain: "OLou:AP-MUMBAI-1-AD-1"
+    shape: "VM.Standard2.1"
+    subnetId: "ocid1.subnet.oc1.ap-mumbai-1.aaaaaaaaklvzufcgma65ibn4al7xukjmyfz7nnrpaewfzbffz5zrnz3htweq"
+    hostName: "shost1234"
+
diff --git a/docs/dbcs/provisioning/dataguard_in_database_sample_output.log b/docs/dbcs/provisioning/dataguard_in_database_sample_output.log
new file mode 100644
index 00000000..e21c3130
--- /dev/null
+++ b/docs/dbcs/provisioning/dataguard_in_database_sample_output.log
@@ -0,0 +1,226 @@
+2025-06-18T11:52:25Z    INFO    No Data Guard association found for the database        {"controller": "dbcssystem", "controllerGroup": "database.oracle.com", "controllerKind": "DbcsSystem", "DbcsSystem": {"name":"dbcssystem-existing","namespace":"default"}, "namespace": "default", "name": "dbcssystem-existing", "reconcileID": "60685efa-37f7-4185-b109-9b25c334ec62", "DatabaseID": "ocid1.database.oc1.ap-mumbai-1.anrg6ljrabf7htya2mo5an5blhlvx5euyqnazi45hli7zqs5uig7juzgme5a"}
+2025-06-18T11:52:28Z    INFO    Data Guard association created successfully.    {"controller": "dbcssystem", "controllerGroup": "database.oracle.com", "controllerKind": "DbcsSystem", "DbcsSystem": {"name":"dbcssystem-existing","namespace":"default"}, "namespace": "default", "name": "dbcssystem-existing", "reconcileID": "60685efa-37f7-4185-b109-9b25c334ec62"}
+2025-06-18T11:53:28Z    INFO    Polling Data Guard association state    {"controller": "dbcssystem", "controllerGroup": "database.oracle.com", "controllerKind": "DbcsSystem", "DbcsSystem": {"name":"dbcssystem-existing","namespace":"default"}, "namespace": "default", "name": "dbcssystem-existing", "reconcileID": "60685efa-37f7-4185-b109-9b25c334ec62", "DatabaseID": "ocid1.database.oc1.ap-mumbai-1.anrg6ljrabf7htya2mo5an5blhlvx5euyqnazi45hli7zqs5uig7juzgme5a", "AssociationID": "ocid1.dgassociation.oc1.ap-mumbai-1.anrg6ljrabf7htyaqnw7fmovwf6hn4ja2zw6lk663tmq22bl6333m53q36ra"}
+2025-06-18T11:53:29Z    INFO    Current state   {"controller": "dbcssystem", "controllerGroup": "database.oracle.com", "controllerKind": "DbcsSystem", "DbcsSystem": {"name":"dbcssystem-existing","namespace":"default"}, "namespace": "default", "name": "dbcssystem-existing", "reconcileID": "60685efa-37f7-4185-b109-9b25c334ec62", "State": "PROVISIONING"}
+2025-06-18T11:54:28Z    INFO    Polling Data Guard association state    {"controller": "dbcssystem", "controllerGroup": "database.oracle.com", "controllerKind": "DbcsSystem", "DbcsSystem": {"name":"dbcssystem-existing","namespace":"default"}, "namespace": "default", "name": "dbcssystem-existing", "reconcileID": "60685efa-37f7-4185-b109-9b25c334ec62", "DatabaseID": "ocid1.database.oc1.ap-mumbai-1.anrg6ljrabf7htya2mo5an5blhlvx5euyqnazi45hli7zqs5uig7juzgme5a", "AssociationID": "ocid1.dgassociation.oc1.ap-mumbai-1.anrg6ljrabf7htyaqnw7fmovwf6hn4ja2zw6lk663tmq22bl6333m53q36ra"}
+2025-06-18T11:54:29Z    INFO    Current state   {"controller": "dbcssystem", "controllerGroup": "database.oracle.com", "controllerKind": "DbcsSystem", "DbcsSystem": {"name":"dbcssystem-existing","namespace":"default"}, "namespace": "default", "name": "dbcssystem-existing", "reconcileID": "60685efa-37f7-4185-b109-9b25c334ec62", "State": "PROVISIONING"}
+2025-06-18T11:55:28Z    INFO    Polling Data Guard association state    {"controller": "dbcssystem", "controllerGroup": "database.oracle.com", "controllerKind": "DbcsSystem", "DbcsSystem": {"name":"dbcssystem-existing","namespace":"default"}, "namespace": "default", "name": "dbcssystem-existing", "reconcileID": "60685efa-37f7-4185-b109-9b25c334ec62", "DatabaseID": "ocid1.database.oc1.ap-mumbai-1.anrg6ljrabf7htya2mo5an5blhlvx5euyqnazi45hli7zqs5uig7juzgme5a", "AssociationID": "ocid1.dgassociation.oc1.ap-mumbai-1.anrg6ljrabf7htyaqnw7fmovwf6hn4ja2zw6lk663tmq22bl6333m53q36ra"}
+2025-06-18T11:55:29Z    INFO    Current state   {"controller": "dbcssystem", "controllerGroup": "database.oracle.com", "controllerKind": "DbcsSystem", "DbcsSystem": {"name":"dbcssystem-existing","namespace":"default"}, "namespace": "default", "name": "dbcssystem-existing", "reconcileID": "60685efa-37f7-4185-b109-9b25c334ec62", "State": "PROVISIONING"}
+2025-06-18T11:56:28Z    INFO    Polling Data Guard association state    {"controller": "dbcssystem", "controllerGroup": "database.oracle.com", "controllerKind": "DbcsSystem", "DbcsSystem": {"name":"dbcssystem-existing","namespace":"default"}, "namespace": "default", "name": "dbcssystem-existing", "reconcileID": "60685efa-37f7-4185-b109-9b25c334ec62", "DatabaseID": "ocid1.database.oc1.ap-mumbai-1.anrg6ljrabf7htya2mo5an5blhlvx5euyqnazi45hli7zqs5uig7juzgme5a", "AssociationID": "ocid1.dgassociation.oc1.ap-mumbai-1.anrg6ljrabf7htyaqnw7fmovwf6hn4ja2zw6lk663tmq22bl6333m53q36ra"}
+2025-06-18T11:56:29Z    INFO    Current state   {"controller": "dbcssystem", "controllerGroup": "database.oracle.com", "controllerKind": "DbcsSystem", "DbcsSystem": {"name":"dbcssystem-existing","namespace":"default"}, "namespace": "default", "name": "dbcssystem-existing", "reconcileID": "60685efa-37f7-4185-b109-9b25c334ec62", "State": "PROVISIONING"}
+2025-06-18T11:57:28Z    INFO    Polling Data Guard association state    {"controller": "dbcssystem", "controllerGroup": "database.oracle.com", "controllerKind": "DbcsSystem", "DbcsSystem": {"name":"dbcssystem-existing","namespace":"default"}, "namespace": "default", "name": "dbcssystem-existing", "reconcileID": "60685efa-37f7-4185-b109-9b25c334ec62", "DatabaseID": "ocid1.database.oc1.ap-mumbai-1.anrg6ljrabf7htya2mo5an5blhlvx5euyqnazi45hli7zqs5uig7juzgme5a", "AssociationID": "ocid1.dgassociation.oc1.ap-mumbai-1.anrg6ljrabf7htyaqnw7fmovwf6hn4ja2zw6lk663tmq22bl6333m53q36ra"}
+2025-06-18T11:57:29Z    INFO    Current state   {"controller": "dbcssystem", "controllerGroup": "database.oracle.com", "controllerKind": "DbcsSystem", "DbcsSystem": {"name":"dbcssystem-existing","namespace":"default"}, "namespace": "default", "name": "dbcssystem-existing", "reconcileID": "60685efa-37f7-4185-b109-9b25c334ec62", "State": "PROVISIONING"}
+2025-06-18T11:58:28Z    INFO    Polling Data Guard association state    {"controller": "dbcssystem", "controllerGroup": "database.oracle.com", "controllerKind": "DbcsSystem", "DbcsSystem": {"name":"dbcssystem-existing","namespace":"default"}, "namespace": "default", "name": "dbcssystem-existing", "reconcileID": "60685efa-37f7-4185-b109-9b25c334ec62", "DatabaseID": "ocid1.database.oc1.ap-mumbai-1.anrg6ljrabf7htya2mo5an5blhlvx5euyqnazi45hli7zqs5uig7juzgme5a", "AssociationID": "ocid1.dgassociation.oc1.ap-mumbai-1.anrg6ljrabf7htyaqnw7fmovwf6hn4ja2zw6lk663tmq22bl6333m53q36ra"}
+2025-06-18T11:58:29Z    INFO    Current state   {"controller": "dbcssystem", "controllerGroup": "database.oracle.com", "controllerKind": "DbcsSystem", "DbcsSystem": {"name":"dbcssystem-existing","namespace":"default"}, "namespace": "default", "name": "dbcssystem-existing", "reconcileID": "60685efa-37f7-4185-b109-9b25c334ec62", "State": "PROVISIONING"}
+2025-06-18T11:59:28Z    INFO    Polling Data Guard association state    {"controller": "dbcssystem", "controllerGroup": "database.oracle.com", "controllerKind": "DbcsSystem", "DbcsSystem": {"name":"dbcssystem-existing","namespace":"default"}, "namespace": "default", "name": "dbcssystem-existing", "reconcileID": "60685efa-37f7-4185-b109-9b25c334ec62", "DatabaseID": "ocid1.database.oc1.ap-mumbai-1.anrg6ljrabf7htya2mo5an5blhlvx5euyqnazi45hli7zqs5uig7juzgme5a", "AssociationID": "ocid1.dgassociation.oc1.ap-mumbai-1.anrg6ljrabf7htyaqnw7fmovwf6hn4ja2zw6lk663tmq22bl6333m53q36ra"}
+2025-06-18T11:59:29Z    INFO    Current state   {"controller": "dbcssystem", "controllerGroup": "database.oracle.com", "controllerKind": "DbcsSystem", "DbcsSystem": {"name":"dbcssystem-existing","namespace":"default"}, "namespace": "default", "name": "dbcssystem-existing", "reconcileID": "60685efa-37f7-4185-b109-9b25c334ec62", "State": "PROVISIONING"}
+2025-06-18T12:00:28Z    INFO    Polling Data Guard association state    {"controller": "dbcssystem", "controllerGroup": "database.oracle.com", "controllerKind": "DbcsSystem", "DbcsSystem": {"name":"dbcssystem-existing","namespace":"default"}, "namespace": "default", "name": "dbcssystem-existing", "reconcileID": "60685efa-37f7-4185-b109-9b25c334ec62", "DatabaseID": "ocid1.database.oc1.ap-mumbai-1.anrg6ljrabf7htya2mo5an5blhlvx5euyqnazi45hli7zqs5uig7juzgme5a", "AssociationID": "ocid1.dgassociation.oc1.ap-mumbai-1.anrg6ljrabf7htyaqnw7fmovwf6hn4ja2zw6lk663tmq22bl6333m53q36ra"}
+2025-06-18T12:00:29Z    INFO    Current state   {"controller": "dbcssystem", "controllerGroup": "database.oracle.com", "controllerKind": "DbcsSystem", "DbcsSystem": {"name":"dbcssystem-existing","namespace":"default"}, "namespace": "default", "name": "dbcssystem-existing", "reconcileID": "60685efa-37f7-4185-b109-9b25c334ec62", "State": "PROVISIONING"}
+2025-06-18T12:01:28Z    INFO    Polling Data Guard association state    {"controller": "dbcssystem", "controllerGroup": "database.oracle.com", "controllerKind": "DbcsSystem", "DbcsSystem": {"name":"dbcssystem-existing","namespace":"default"}, "namespace": "default", "name": "dbcssystem-existing", "reconcileID": "60685efa-37f7-4185-b109-9b25c334ec62", "DatabaseID": "ocid1.database.oc1.ap-mumbai-1.anrg6ljrabf7htya2mo5an5blhlvx5euyqnazi45hli7zqs5uig7juzgme5a", "AssociationID": "ocid1.dgassociation.oc1.ap-mumbai-1.anrg6ljrabf7htyaqnw7fmovwf6hn4ja2zw6lk663tmq22bl6333m53q36ra"}
+2025-06-18T12:01:29Z    INFO    Current state   {"controller": "dbcssystem", "controllerGroup": "database.oracle.com", "controllerKind": "DbcsSystem", "DbcsSystem": {"name":"dbcssystem-existing","namespace":"default"}, "namespace": "default", "name": "dbcssystem-existing", "reconcileID": "60685efa-37f7-4185-b109-9b25c334ec62", "State": "PROVISIONING"}
+2025-06-18T12:02:28Z    INFO    Polling Data Guard association state    {"controller": "dbcssystem", "controllerGroup": "database.oracle.com", "controllerKind": "DbcsSystem", "DbcsSystem": {"name":"dbcssystem-existing","namespace":"default"}, "namespace": "default", "name": "dbcssystem-existing", "reconcileID": "60685efa-37f7-4185-b109-9b25c334ec62", "DatabaseID": "ocid1.database.oc1.ap-mumbai-1.anrg6ljrabf7htya2mo5an5blhlvx5euyqnazi45hli7zqs5uig7juzgme5a", "AssociationID": "ocid1.dgassociation.oc1.ap-mumbai-1.anrg6ljrabf7htyaqnw7fmovwf6hn4ja2zw6lk663tmq22bl6333m53q36ra"}
+2025-06-18T12:02:29Z    INFO    Current state   {"controller": "dbcssystem", "controllerGroup": "database.oracle.com", "controllerKind": "DbcsSystem", "DbcsSystem": {"name":"dbcssystem-existing","namespace":"default"}, "namespace": "default", "name": "dbcssystem-existing", "reconcileID": "60685efa-37f7-4185-b109-9b25c334ec62", "State": "PROVISIONING"}
+2025-06-18T12:03:28Z    INFO    Polling Data Guard association state    {"controller": "dbcssystem", "controllerGroup": "database.oracle.com", "controllerKind": "DbcsSystem", "DbcsSystem": {"name":"dbcssystem-existing","namespace":"default"}, "namespace": "default", "name": "dbcssystem-existing", "reconcileID": "60685efa-37f7-4185-b109-9b25c334ec62", "DatabaseID": "ocid1.database.oc1.ap-mumbai-1.anrg6ljrabf7htya2mo5an5blhlvx5euyqnazi45hli7zqs5uig7juzgme5a", "AssociationID": "ocid1.dgassociation.oc1.ap-mumbai-1.anrg6ljrabf7htyaqnw7fmovwf6hn4ja2zw6lk663tmq22bl6333m53q36ra"}
+2025-06-18T12:03:29Z    INFO    Current state   {"controller": "dbcssystem", "controllerGroup": "database.oracle.com", "controllerKind": "DbcsSystem", "DbcsSystem": {"name":"dbcssystem-existing","namespace":"default"}, "namespace": "default", "name": "dbcssystem-existing", "reconcileID": "60685efa-37f7-4185-b109-9b25c334ec62", "State": "PROVISIONING"}
+2025-06-18T12:04:28Z    INFO    Polling Data Guard association state    {"controller": "dbcssystem", "controllerGroup": "database.oracle.com", "controllerKind": "DbcsSystem", "DbcsSystem": {"name":"dbcssystem-existing","namespace":"default"}, "namespace": "default", "name": "dbcssystem-existing", "reconcileID": "60685efa-37f7-4185-b109-9b25c334ec62", "DatabaseID": "ocid1.database.oc1.ap-mumbai-1.anrg6ljrabf7htya2mo5an5blhlvx5euyqnazi45hli7zqs5uig7juzgme5a", "AssociationID": "ocid1.dgassociation.oc1.ap-mumbai-1.anrg6ljrabf7htyaqnw7fmovwf6hn4ja2zw6lk663tmq22bl6333m53q36ra"}
+2025-06-18T12:04:29Z    INFO    Current state   {"controller": "dbcssystem", "controllerGroup": "database.oracle.com", "controllerKind": "DbcsSystem", "DbcsSystem": {"name":"dbcssystem-existing","namespace":"default"}, "namespace": "default", "name": "dbcssystem-existing", "reconcileID": "60685efa-37f7-4185-b109-9b25c334ec62", "State": "PROVISIONING"}
+2025-06-18T12:05:28Z    INFO    Polling Data Guard association state    {"controller": "dbcssystem", "controllerGroup": "database.oracle.com", "controllerKind": "DbcsSystem", "DbcsSystem": {"name":"dbcssystem-existing","namespace":"default"}, "namespace": "default", "name": "dbcssystem-existing", "reconcileID": "60685efa-37f7-4185-b109-9b25c334ec62", "DatabaseID": "ocid1.database.oc1.ap-mumbai-1.anrg6ljrabf7htya2mo5an5blhlvx5euyqnazi45hli7zqs5uig7juzgme5a", "AssociationID": "ocid1.dgassociation.oc1.ap-mumbai-1.anrg6ljrabf7htyaqnw7fmovwf6hn4ja2zw6lk663tmq22bl6333m53q36ra"}
+2025-06-18T12:05:29Z    INFO    Current state   {"controller": "dbcssystem", "controllerGroup": "database.oracle.com", "controllerKind": "DbcsSystem", "DbcsSystem": {"name":"dbcssystem-existing","namespace":"default"}, "namespace": "default", "name": "dbcssystem-existing", "reconcileID": "60685efa-37f7-4185-b109-9b25c334ec62", "State": "PROVISIONING"}
+2025-06-18T12:06:28Z    INFO    Polling Data Guard association state    {"controller": "dbcssystem", "controllerGroup": "database.oracle.com", "controllerKind": "DbcsSystem", "DbcsSystem": {"name":"dbcssystem-existing","namespace":"default"}, "namespace": "default", "name": "dbcssystem-existing", "reconcileID": "60685efa-37f7-4185-b109-9b25c334ec62", "DatabaseID": "ocid1.database.oc1.ap-mumbai-1.anrg6ljrabf7htya2mo5an5blhlvx5euyqnazi45hli7zqs5uig7juzgme5a", "AssociationID": "ocid1.dgassociation.oc1.ap-mumbai-1.anrg6ljrabf7htyaqnw7fmovwf6hn4ja2zw6lk663tmq22bl6333m53q36ra"}
+2025-06-18T12:06:29Z    INFO    Current state   {"controller": "dbcssystem", "controllerGroup": "database.oracle.com", "controllerKind": "DbcsSystem", "DbcsSystem": {"name":"dbcssystem-existing","namespace":"default"}, "namespace": "default", "name": "dbcssystem-existing", "reconcileID": "60685efa-37f7-4185-b109-9b25c334ec62", "State": "PROVISIONING"}
+2025-06-18T12:07:28Z    INFO    Polling Data Guard association state    {"controller": "dbcssystem", "controllerGroup": "database.oracle.com", "controllerKind": "DbcsSystem", "DbcsSystem": {"name":"dbcssystem-existing","namespace":"default"}, "namespace": "default", "name": "dbcssystem-existing", "reconcileID": "60685efa-37f7-4185-b109-9b25c334ec62", "DatabaseID": "ocid1.database.oc1.ap-mumbai-1.anrg6ljrabf7htya2mo5an5blhlvx5euyqnazi45hli7zqs5uig7juzgme5a", "AssociationID": "ocid1.dgassociation.oc1.ap-mumbai-1.anrg6ljrabf7htyaqnw7fmovwf6hn4ja2zw6lk663tmq22bl6333m53q36ra"}
+2025-06-18T12:07:29Z    INFO    Current state   {"controller": "dbcssystem", "controllerGroup": "database.oracle.com", "controllerKind": "DbcsSystem", "DbcsSystem": {"name":"dbcssystem-existing","namespace":"default"}, "namespace": "default", "name": "dbcssystem-existing", "reconcileID": "60685efa-37f7-4185-b109-9b25c334ec62", "State": "PROVISIONING"}
+2025-06-18T12:08:28Z    INFO    Polling Data Guard association state    {"controller": "dbcssystem", "controllerGroup": "database.oracle.com", "controllerKind": "DbcsSystem", "DbcsSystem": {"name":"dbcssystem-existing","namespace":"default"}, "namespace": "default", "name": "dbcssystem-existing", "reconcileID": "60685efa-37f7-4185-b109-9b25c334ec62", "DatabaseID": "ocid1.database.oc1.ap-mumbai-1.anrg6ljrabf7htya2mo5an5blhlvx5euyqnazi45hli7zqs5uig7juzgme5a", "AssociationID": "ocid1.dgassociation.oc1.ap-mumbai-1.anrg6ljrabf7htyaqnw7fmovwf6hn4ja2zw6lk663tmq22bl6333m53q36ra"}
+2025-06-18T12:08:29Z    INFO    Current state   {"controller": "dbcssystem", "controllerGroup": "database.oracle.com", "controllerKind": "DbcsSystem", "DbcsSystem": {"name":"dbcssystem-existing","namespace":"default"}, "namespace": "default", "name": "dbcssystem-existing", "reconcileID": "60685efa-37f7-4185-b109-9b25c334ec62", "State": "PROVISIONING"}
+2025-06-18T12:09:28Z    INFO    Polling Data Guard association state    {"controller": "dbcssystem", "controllerGroup": "database.oracle.com", "controllerKind": "DbcsSystem", "DbcsSystem": {"name":"dbcssystem-existing","namespace":"default"}, "namespace": "default", "name": "dbcssystem-existing", "reconcileID": "60685efa-37f7-4185-b109-9b25c334ec62", "DatabaseID": "ocid1.database.oc1.ap-mumbai-1.anrg6ljrabf7htya2mo5an5blhlvx5euyqnazi45hli7zqs5uig7juzgme5a", "AssociationID": "ocid1.dgassociation.oc1.ap-mumbai-1.anrg6ljrabf7htyaqnw7fmovwf6hn4ja2zw6lk663tmq22bl6333m53q36ra"}
+2025-06-18T12:09:29Z    INFO    Current state   {"controller": "dbcssystem", "controllerGroup": "database.oracle.com", "controllerKind": "DbcsSystem", "DbcsSystem": {"name":"dbcssystem-existing","namespace":"default"}, "namespace": "default", "name": "dbcssystem-existing", "reconcileID": "60685efa-37f7-4185-b109-9b25c334ec62", "State": "PROVISIONING"}
+2025-06-18T12:10:28Z    INFO    Polling Data Guard association state    {"controller": "dbcssystem", "controllerGroup": "database.oracle.com", "controllerKind": "DbcsSystem", "DbcsSystem": {"name":"dbcssystem-existing","namespace":"default"}, "namespace": "default", "name": "dbcssystem-existing", "reconcileID": "60685efa-37f7-4185-b109-9b25c334ec62", "DatabaseID": "ocid1.database.oc1.ap-mumbai-1.anrg6ljrabf7htya2mo5an5blhlvx5euyqnazi45hli7zqs5uig7juzgme5a", "AssociationID": "ocid1.dgassociation.oc1.ap-mumbai-1.anrg6ljrabf7htyaqnw7fmovwf6hn4ja2zw6lk663tmq22bl6333m53q36ra"}
+2025-06-18T12:10:29Z    INFO    Current state   {"controller": "dbcssystem", "controllerGroup": "database.oracle.com", "controllerKind": "DbcsSystem", "DbcsSystem": {"name":"dbcssystem-existing","namespace":"default"}, "namespace": "default", "name": "dbcssystem-existing", "reconcileID": "60685efa-37f7-4185-b109-9b25c334ec62", "State": "PROVISIONING"}
+2025-06-18T12:11:28Z    INFO    Polling Data Guard association state    {"controller": "dbcssystem", "controllerGroup": "database.oracle.com", "controllerKind": "DbcsSystem", "DbcsSystem": {"name":"dbcssystem-existing","namespace":"default"}, "namespace": "default", "name": "dbcssystem-existing", "reconcileID": "60685efa-37f7-4185-b109-9b25c334ec62", "DatabaseID": "ocid1.database.oc1.ap-mumbai-1.anrg6ljrabf7htya2mo5an5blhlvx5euyqnazi45hli7zqs5uig7juzgme5a", "AssociationID": "ocid1.dgassociation.oc1.ap-mumbai-1.anrg6ljrabf7htyaqnw7fmovwf6hn4ja2zw6lk663tmq22bl6333m53q36ra"}
+2025-06-18T12:11:29Z    INFO    Current state   {"controller": "dbcssystem", "controllerGroup": "database.oracle.com", "controllerKind": "DbcsSystem", "DbcsSystem": {"name":"dbcssystem-existing","namespace":"default"}, "namespace": "default", "name": "dbcssystem-existing", "reconcileID": "60685efa-37f7-4185-b109-9b25c334ec62", "State": "PROVISIONING"}
+2025-06-18T12:12:28Z    INFO    Polling Data Guard association state    {"controller": "dbcssystem", "controllerGroup": "database.oracle.com", "controllerKind": "DbcsSystem", "DbcsSystem": {"name":"dbcssystem-existing","namespace":"default"}, "namespace": "default", "name": "dbcssystem-existing", "reconcileID": "60685efa-37f7-4185-b109-9b25c334ec62", "DatabaseID": "ocid1.database.oc1.ap-mumbai-1.anrg6ljrabf7htya2mo5an5blhlvx5euyqnazi45hli7zqs5uig7juzgme5a", "AssociationID": "ocid1.dgassociation.oc1.ap-mumbai-1.anrg6ljrabf7htyaqnw7fmovwf6hn4ja2zw6lk663tmq22bl6333m53q36ra"}
+2025-06-18T12:12:29Z    INFO    Current state   {"controller": "dbcssystem", "controllerGroup": "database.oracle.com", "controllerKind": "DbcsSystem", "DbcsSystem": {"name":"dbcssystem-existing","namespace":"default"}, "namespace": "default", "name": "dbcssystem-existing", "reconcileID": "60685efa-37f7-4185-b109-9b25c334ec62", "State": "PROVISIONING"}
+2025-06-18T12:13:28Z    INFO    Polling Data Guard association state    {"controller": "dbcssystem", "controllerGroup": "database.oracle.com", "controllerKind": "DbcsSystem", "DbcsSystem": {"name":"dbcssystem-existing","namespace":"default"}, "namespace": "default", "name": "dbcssystem-existing", "reconcileID": "60685efa-37f7-4185-b109-9b25c334ec62", "DatabaseID": "ocid1.database.oc1.ap-mumbai-1.anrg6ljrabf7htya2mo5an5blhlvx5euyqnazi45hli7zqs5uig7juzgme5a", "AssociationID": "ocid1.dgassociation.oc1.ap-mumbai-1.anrg6ljrabf7htyaqnw7fmovwf6hn4ja2zw6lk663tmq22bl6333m53q36ra"}
+2025-06-18T12:13:29Z    INFO    Current state   {"controller": "dbcssystem", "controllerGroup": "database.oracle.com", "controllerKind": "DbcsSystem", "DbcsSystem": {"name":"dbcssystem-existing","namespace":"default"}, "namespace": "default", "name": "dbcssystem-existing", "reconcileID": "60685efa-37f7-4185-b109-9b25c334ec62", "State": "PROVISIONING"}
+2025-06-18T12:14:28Z    INFO    Polling Data Guard association state    {"controller": "dbcssystem", "controllerGroup": "database.oracle.com", "controllerKind": "DbcsSystem", "DbcsSystem": {"name":"dbcssystem-existing","namespace":"default"}, "namespace": "default", "name": "dbcssystem-existing", "reconcileID": "60685efa-37f7-4185-b109-9b25c334ec62", "DatabaseID": "ocid1.database.oc1.ap-mumbai-1.anrg6ljrabf7htya2mo5an5blhlvx5euyqnazi45hli7zqs5uig7juzgme5a", "AssociationID": "ocid1.dgassociation.oc1.ap-mumbai-1.anrg6ljrabf7htyaqnw7fmovwf6hn4ja2zw6lk663tmq22bl6333m53q36ra"}
+2025-06-18T12:14:29Z    INFO    Current state   {"controller": "dbcssystem", "controllerGroup": "database.oracle.com", "controllerKind": "DbcsSystem", "DbcsSystem": {"name":"dbcssystem-existing","namespace":"default"}, "namespace": "default", "name": "dbcssystem-existing", "reconcileID": "60685efa-37f7-4185-b109-9b25c334ec62", "State": "PROVISIONING"}
+2025-06-18T12:15:28Z    INFO    Polling Data Guard association state    {"controller": "dbcssystem", "controllerGroup": "database.oracle.com", "controllerKind": "DbcsSystem", "DbcsSystem": {"name":"dbcssystem-existing","namespace":"default"}, "namespace": "default", "name": "dbcssystem-existing", "reconcileID": "60685efa-37f7-4185-b109-9b25c334ec62", "DatabaseID": "ocid1.database.oc1.ap-mumbai-1.anrg6ljrabf7htya2mo5an5blhlvx5euyqnazi45hli7zqs5uig7juzgme5a", "AssociationID": "ocid1.dgassociation.oc1.ap-mumbai-1.anrg6ljrabf7htyaqnw7fmovwf6hn4ja2zw6lk663tmq22bl6333m53q36ra"}
+2025-06-18T12:15:29Z    INFO    Current state   {"controller": "dbcssystem", "controllerGroup": "database.oracle.com", "controllerKind": "DbcsSystem", "DbcsSystem": {"name":"dbcssystem-existing","namespace":"default"}, "namespace": "default", "name": "dbcssystem-existing", "reconcileID": "60685efa-37f7-4185-b109-9b25c334ec62", "State": "PROVISIONING"}
+2025-06-18T12:16:28Z    INFO    Polling Data Guard association state    {"controller": "dbcssystem", "controllerGroup": "database.oracle.com", "controllerKind": "DbcsSystem", "DbcsSystem": {"name":"dbcssystem-existing","namespace":"default"}, "namespace": "default", "name": "dbcssystem-existing", "reconcileID": "60685efa-37f7-4185-b109-9b25c334ec62", "DatabaseID": "ocid1.database.oc1.ap-mumbai-1.anrg6ljrabf7htya2mo5an5blhlvx5euyqnazi45hli7zqs5uig7juzgme5a", "AssociationID": "ocid1.dgassociation.oc1.ap-mumbai-1.anrg6ljrabf7htyaqnw7fmovwf6hn4ja2zw6lk663tmq22bl6333m53q36ra"}
+2025-06-18T12:16:29Z    INFO    Current state   {"controller": "dbcssystem", "controllerGroup": "database.oracle.com", "controllerKind": "DbcsSystem", "DbcsSystem": {"name":"dbcssystem-existing","namespace":"default"}, "namespace": "default", "name": "dbcssystem-existing", "reconcileID": "60685efa-37f7-4185-b109-9b25c334ec62", "State": "PROVISIONING"}
+2025-06-18T12:17:28Z    INFO    Polling Data Guard association state    {"controller": "dbcssystem", "controllerGroup": "database.oracle.com", "controllerKind": "DbcsSystem", "DbcsSystem": {"name":"dbcssystem-existing","namespace":"default"}, "namespace": "default", "name": "dbcssystem-existing", "reconcileID": "60685efa-37f7-4185-b109-9b25c334ec62", "DatabaseID": "ocid1.database.oc1.ap-mumbai-1.anrg6ljrabf7htya2mo5an5blhlvx5euyqnazi45hli7zqs5uig7juzgme5a", "AssociationID": "ocid1.dgassociation.oc1.ap-mumbai-1.anrg6ljrabf7htyaqnw7fmovwf6hn4ja2zw6lk663tmq22bl6333m53q36ra"}
+2025-06-18T12:17:29Z    INFO    Current state   {"controller": "dbcssystem", "controllerGroup": "database.oracle.com", "controllerKind": "DbcsSystem", "DbcsSystem": {"name":"dbcssystem-existing","namespace":"default"}, "namespace": "default", "name": "dbcssystem-existing", "reconcileID": "60685efa-37f7-4185-b109-9b25c334ec62", "State": "PROVISIONING"}
+2025-06-18T12:18:28Z    INFO    Polling Data Guard association state    {"controller": "dbcssystem", "controllerGroup": "database.oracle.com", "controllerKind": "DbcsSystem", "DbcsSystem": {"name":"dbcssystem-existing","namespace":"default"}, "namespace": "default", "name": "dbcssystem-existing", "reconcileID": "60685efa-37f7-4185-b109-9b25c334ec62", "DatabaseID": "ocid1.database.oc1.ap-mumbai-1.anrg6ljrabf7htya2mo5an5blhlvx5euyqnazi45hli7zqs5uig7juzgme5a", "AssociationID": "ocid1.dgassociation.oc1.ap-mumbai-1.anrg6ljrabf7htyaqnw7fmovwf6hn4ja2zw6lk663tmq22bl6333m53q36ra"}
+2025-06-18T12:18:29Z    INFO    Current state   {"controller": "dbcssystem", "controllerGroup": "database.oracle.com", "controllerKind": "DbcsSystem", "DbcsSystem": {"name":"dbcssystem-existing","namespace":"default"}, "namespace": "default", "name": "dbcssystem-existing", "reconcileID": "60685efa-37f7-4185-b109-9b25c334ec62", "State": "PROVISIONING"}
+2025-06-18T12:19:28Z    INFO    Polling Data Guard association state    {"controller": "dbcssystem", "controllerGroup": "database.oracle.com", "controllerKind": "DbcsSystem", "DbcsSystem": {"name":"dbcssystem-existing","namespace":"default"}, "namespace": "default", "name": "dbcssystem-existing", "reconcileID": "60685efa-37f7-4185-b109-9b25c334ec62", "DatabaseID": "ocid1.database.oc1.ap-mumbai-1.anrg6ljrabf7htya2mo5an5blhlvx5euyqnazi45hli7zqs5uig7juzgme5a", "AssociationID": "ocid1.dgassociation.oc1.ap-mumbai-1.anrg6ljrabf7htyaqnw7fmovwf6hn4ja2zw6lk663tmq22bl6333m53q36ra"}
+2025-06-18T12:19:29Z    INFO    Current state   {"controller": "dbcssystem", "controllerGroup": "database.oracle.com", "controllerKind": "DbcsSystem", "DbcsSystem": {"name":"dbcssystem-existing","namespace":"default"}, "namespace": "default", "name": "dbcssystem-existing", "reconcileID": "60685efa-37f7-4185-b109-9b25c334ec62", "State": "PROVISIONING"}
+2025-06-18T12:20:28Z    INFO    Polling Data Guard association state    {"controller": "dbcssystem", "controllerGroup": "database.oracle.com", "controllerKind": "DbcsSystem", "DbcsSystem": {"name":"dbcssystem-existing","namespace":"default"}, "namespace": "default", "name": "dbcssystem-existing", "reconcileID": "60685efa-37f7-4185-b109-9b25c334ec62", "DatabaseID": "ocid1.database.oc1.ap-mumbai-1.anrg6ljrabf7htya2mo5an5blhlvx5euyqnazi45hli7zqs5uig7juzgme5a", "AssociationID": "ocid1.dgassociation.oc1.ap-mumbai-1.anrg6ljrabf7htyaqnw7fmovwf6hn4ja2zw6lk663tmq22bl6333m53q36ra"}
+2025-06-18T12:20:29Z    INFO    Current state   {"controller": "dbcssystem", "controllerGroup": "database.oracle.com", "controllerKind": "DbcsSystem", "DbcsSystem": {"name":"dbcssystem-existing","namespace":"default"}, "namespace": "default", "name": "dbcssystem-existing", "reconcileID": "60685efa-37f7-4185-b109-9b25c334ec62", "State": "PROVISIONING"}
+2025-06-18T12:21:28Z    INFO    Polling Data Guard association state    {"controller": "dbcssystem", "controllerGroup": "database.oracle.com", "controllerKind": "DbcsSystem", "DbcsSystem": {"name":"dbcssystem-existing","namespace":"default"}, "namespace": "default", "name": "dbcssystem-existing", "reconcileID": "60685efa-37f7-4185-b109-9b25c334ec62", "DatabaseID": "ocid1.database.oc1.ap-mumbai-1.anrg6ljrabf7htya2mo5an5blhlvx5euyqnazi45hli7zqs5uig7juzgme5a", "AssociationID": "ocid1.dgassociation.oc1.ap-mumbai-1.anrg6ljrabf7htyaqnw7fmovwf6hn4ja2zw6lk663tmq22bl6333m53q36ra"}
+2025-06-18T12:21:29Z    INFO    Current state   {"controller": "dbcssystem", "controllerGroup": "database.oracle.com", "controllerKind": "DbcsSystem", "DbcsSystem": {"name":"dbcssystem-existing","namespace":"default"}, "namespace": "default", "name": "dbcssystem-existing", "reconcileID": "60685efa-37f7-4185-b109-9b25c334ec62", "State": "PROVISIONING"}
+2025-06-18T12:22:28Z    INFO    Polling Data Guard association state    {"controller": "dbcssystem", "controllerGroup": "database.oracle.com", "controllerKind": "DbcsSystem", "DbcsSystem": {"name":"dbcssystem-existing","namespace":"default"}, "namespace": "default", "name": "dbcssystem-existing", "reconcileID": "60685efa-37f7-4185-b109-9b25c334ec62", "DatabaseID": "ocid1.database.oc1.ap-mumbai-1.anrg6ljrabf7htya2mo5an5blhlvx5euyqnazi45hli7zqs5uig7juzgme5a", "AssociationID": "ocid1.dgassociation.oc1.ap-mumbai-1.anrg6ljrabf7htyaqnw7fmovwf6hn4ja2zw6lk663tmq22bl6333m53q36ra"}
+2025-06-18T12:22:29Z    INFO    Current state   {"controller": "dbcssystem", "controllerGroup": "database.oracle.com", "controllerKind": "DbcsSystem", "DbcsSystem": {"name":"dbcssystem-existing","namespace":"default"}, "namespace": "default", "name": "dbcssystem-existing", "reconcileID": "60685efa-37f7-4185-b109-9b25c334ec62", "State": "PROVISIONING"}
+2025-06-18T12:23:28Z    INFO    Polling Data Guard association state    {"controller": "dbcssystem", "controllerGroup": "database.oracle.com", "controllerKind": "DbcsSystem", "DbcsSystem": {"name":"dbcssystem-existing","namespace":"default"}, "namespace": "default", "name": "dbcssystem-existing", "reconcileID": "60685efa-37f7-4185-b109-9b25c334ec62", "DatabaseID": "ocid1.database.oc1.ap-mumbai-1.anrg6ljrabf7htya2mo5an5blhlvx5euyqnazi45hli7zqs5uig7juzgme5a", "AssociationID": "ocid1.dgassociation.oc1.ap-mumbai-1.anrg6ljrabf7htyaqnw7fmovwf6hn4ja2zw6lk663tmq22bl6333m53q36ra"}
+2025-06-18T12:23:29Z    INFO    Current state   {"controller": "dbcssystem", "controllerGroup": "database.oracle.com", "controllerKind": "DbcsSystem", "DbcsSystem": {"name":"dbcssystem-existing","namespace":"default"}, "namespace": "default", "name": "dbcssystem-existing", "reconcileID": "60685efa-37f7-4185-b109-9b25c334ec62", "State": "PROVISIONING"}
+2025-06-18T12:24:28Z    INFO    Polling Data Guard association state    {"controller": "dbcssystem", "controllerGroup": "database.oracle.com", "controllerKind": "DbcsSystem", "DbcsSystem": {"name":"dbcssystem-existing","namespace":"default"}, "namespace": "default", "name": "dbcssystem-existing", "reconcileID": "60685efa-37f7-4185-b109-9b25c334ec62", "DatabaseID": "ocid1.database.oc1.ap-mumbai-1.anrg6ljrabf7htya2mo5an5blhlvx5euyqnazi45hli7zqs5uig7juzgme5a", "AssociationID": "ocid1.dgassociation.oc1.ap-mumbai-1.anrg6ljrabf7htyaqnw7fmovwf6hn4ja2zw6lk663tmq22bl6333m53q36ra"}
+2025-06-18T12:24:29Z    INFO    Current state   {"controller": "dbcssystem", "controllerGroup": "database.oracle.com", "controllerKind": "DbcsSystem", "DbcsSystem": {"name":"dbcssystem-existing","namespace":"default"}, "namespace": "default", "name": "dbcssystem-existing", "reconcileID": "60685efa-37f7-4185-b109-9b25c334ec62", "State": "PROVISIONING"}
+2025-06-18T12:25:28Z    INFO    Polling Data Guard association state    {"controller": "dbcssystem", "controllerGroup": "database.oracle.com", "controllerKind": "DbcsSystem", "DbcsSystem": {"name":"dbcssystem-existing","namespace":"default"}, "namespace": "default", "name": "dbcssystem-existing", "reconcileID": "60685efa-37f7-4185-b109-9b25c334ec62", "DatabaseID": "ocid1.database.oc1.ap-mumbai-1.anrg6ljrabf7htya2mo5an5blhlvx5euyqnazi45hli7zqs5uig7juzgme5a", "AssociationID": "ocid1.dgassociation.oc1.ap-mumbai-1.anrg6ljrabf7htyaqnw7fmovwf6hn4ja2zw6lk663tmq22bl6333m53q36ra"}
+2025-06-18T12:25:29Z    INFO    Current state   {"controller": "dbcssystem", "controllerGroup": "database.oracle.com", "controllerKind": "DbcsSystem", "DbcsSystem": {"name":"dbcssystem-existing","namespace":"default"}, "namespace": "default", "name": "dbcssystem-existing", "reconcileID": "60685efa-37f7-4185-b109-9b25c334ec62", "State": "PROVISIONING"}
+2025-06-18T12:26:28Z    INFO    Polling Data Guard association state    {"controller": "dbcssystem", "controllerGroup": "database.oracle.com", "controllerKind": "DbcsSystem", "DbcsSystem": {"name":"dbcssystem-existing","namespace":"default"}, "namespace": "default", "name": "dbcssystem-existing", "reconcileID": "60685efa-37f7-4185-b109-9b25c334ec62", "DatabaseID": "ocid1.database.oc1.ap-mumbai-1.anrg6ljrabf7htya2mo5an5blhlvx5euyqnazi45hli7zqs5uig7juzgme5a", "AssociationID": "ocid1.dgassociation.oc1.ap-mumbai-1.anrg6ljrabf7htyaqnw7fmovwf6hn4ja2zw6lk663tmq22bl6333m53q36ra"}
+2025-06-18T12:26:29Z    INFO    Current state   {"controller": "dbcssystem", "controllerGroup": "database.oracle.com", "controllerKind": "DbcsSystem", "DbcsSystem": {"name":"dbcssystem-existing","namespace":"default"}, "namespace": "default", "name": "dbcssystem-existing", "reconcileID": "60685efa-37f7-4185-b109-9b25c334ec62", "State": "PROVISIONING"}
+2025-06-18T12:27:28Z    INFO    Polling Data Guard association state    {"controller": "dbcssystem", "controllerGroup": "database.oracle.com", "controllerKind": "DbcsSystem", "DbcsSystem": {"name":"dbcssystem-existing","namespace":"default"}, "namespace": "default", "name": "dbcssystem-existing", "reconcileID": "60685efa-37f7-4185-b109-9b25c334ec62", "DatabaseID": "ocid1.database.oc1.ap-mumbai-1.anrg6ljrabf7htya2mo5an5blhlvx5euyqnazi45hli7zqs5uig7juzgme5a", "AssociationID": "ocid1.dgassociation.oc1.ap-mumbai-1.anrg6ljrabf7htyaqnw7fmovwf6hn4ja2zw6lk663tmq22bl6333m53q36ra"}
+2025-06-18T12:27:29Z    INFO    Current state   {"controller": "dbcssystem", "controllerGroup": "database.oracle.com", "controllerKind": "DbcsSystem", "DbcsSystem": {"name":"dbcssystem-existing","namespace":"default"}, "namespace": "default", "name": "dbcssystem-existing", "reconcileID": "60685efa-37f7-4185-b109-9b25c334ec62", "State": "PROVISIONING"}
+2025-06-18T12:28:28Z    INFO    Polling Data Guard association state    {"controller": "dbcssystem", "controllerGroup": "database.oracle.com", "controllerKind": "DbcsSystem", "DbcsSystem": {"name":"dbcssystem-existing","namespace":"default"}, "namespace": "default", "name": "dbcssystem-existing", "reconcileID": "60685efa-37f7-4185-b109-9b25c334ec62", "DatabaseID": "ocid1.database.oc1.ap-mumbai-1.anrg6ljrabf7htya2mo5an5blhlvx5euyqnazi45hli7zqs5uig7juzgme5a", "AssociationID": "ocid1.dgassociation.oc1.ap-mumbai-1.anrg6ljrabf7htyaqnw7fmovwf6hn4ja2zw6lk663tmq22bl6333m53q36ra"}
+2025-06-18T12:28:29Z    INFO    Current state   {"controller": "dbcssystem", "controllerGroup": "database.oracle.com", "controllerKind": "DbcsSystem", "DbcsSystem": {"name":"dbcssystem-existing","namespace":"default"}, "namespace": "default", "name": "dbcssystem-existing", "reconcileID": "60685efa-37f7-4185-b109-9b25c334ec62", "State": "PROVISIONING"}
+2025-06-18T12:29:28Z    INFO    Polling Data Guard association state    {"controller": "dbcssystem", "controllerGroup": "database.oracle.com", "controllerKind": "DbcsSystem", "DbcsSystem": {"name":"dbcssystem-existing","namespace":"default"}, "namespace": "default", "name": "dbcssystem-existing", "reconcileID": "60685efa-37f7-4185-b109-9b25c334ec62", "DatabaseID": "ocid1.database.oc1.ap-mumbai-1.anrg6ljrabf7htya2mo5an5blhlvx5euyqnazi45hli7zqs5uig7juzgme5a", "AssociationID": "ocid1.dgassociation.oc1.ap-mumbai-1.anrg6ljrabf7htyaqnw7fmovwf6hn4ja2zw6lk663tmq22bl6333m53q36ra"}
+2025-06-18T12:29:29Z    INFO    Current state   {"controller": "dbcssystem", "controllerGroup": "database.oracle.com", "controllerKind": "DbcsSystem", "DbcsSystem": {"name":"dbcssystem-existing","namespace":"default"}, "namespace": "default", "name": "dbcssystem-existing", "reconcileID": "60685efa-37f7-4185-b109-9b25c334ec62", "State": "PROVISIONING"}
+2025-06-18T12:30:28Z    INFO    Polling Data Guard association state    {"controller": "dbcssystem", "controllerGroup": "database.oracle.com", "controllerKind": "DbcsSystem", "DbcsSystem": {"name":"dbcssystem-existing","namespace":"default"}, "namespace": "default", "name": "dbcssystem-existing", "reconcileID": "60685efa-37f7-4185-b109-9b25c334ec62", "DatabaseID": "ocid1.database.oc1.ap-mumbai-1.anrg6ljrabf7htya2mo5an5blhlvx5euyqnazi45hli7zqs5uig7juzgme5a", "AssociationID": "ocid1.dgassociation.oc1.ap-mumbai-1.anrg6ljrabf7htyaqnw7fmovwf6hn4ja2zw6lk663tmq22bl6333m53q36ra"}
+2025-06-18T12:30:29Z    INFO    Current state   {"controller": "dbcssystem", "controllerGroup": "database.oracle.com", "controllerKind": "DbcsSystem", "DbcsSystem": {"name":"dbcssystem-existing","namespace":"default"}, "namespace": "default", "name": "dbcssystem-existing", "reconcileID": "60685efa-37f7-4185-b109-9b25c334ec62", "State": "PROVISIONING"}
+2025-06-18T12:31:28Z    INFO    Polling Data Guard association state    {"controller": "dbcssystem", "controllerGroup": "database.oracle.com", "controllerKind": "DbcsSystem", "DbcsSystem": {"name":"dbcssystem-existing","namespace":"default"}, "namespace": "default", "name": "dbcssystem-existing", "reconcileID": "60685efa-37f7-4185-b109-9b25c334ec62", "DatabaseID": "ocid1.database.oc1.ap-mumbai-1.anrg6ljrabf7htya2mo5an5blhlvx5euyqnazi45hli7zqs5uig7juzgme5a", "AssociationID": "ocid1.dgassociation.oc1.ap-mumbai-1.anrg6ljrabf7htyaqnw7fmovwf6hn4ja2zw6lk663tmq22bl6333m53q36ra"}
+2025-06-18T12:31:29Z    INFO    Current state   {"controller": "dbcssystem", "controllerGroup": "database.oracle.com", "controllerKind": "DbcsSystem", "DbcsSystem": {"name":"dbcssystem-existing","namespace":"default"}, "namespace": "default", "name": "dbcssystem-existing", "reconcileID": "60685efa-37f7-4185-b109-9b25c334ec62", "State": "PROVISIONING"}
+2025-06-18T12:32:28Z    INFO    Polling Data Guard association state    {"controller": "dbcssystem", "controllerGroup": "database.oracle.com", "controllerKind": "DbcsSystem", "DbcsSystem": {"name":"dbcssystem-existing","namespace":"default"}, "namespace": "default", "name": "dbcssystem-existing", "reconcileID": "60685efa-37f7-4185-b109-9b25c334ec62", "DatabaseID": "ocid1.database.oc1.ap-mumbai-1.anrg6ljrabf7htya2mo5an5blhlvx5euyqnazi45hli7zqs5uig7juzgme5a", "AssociationID": "ocid1.dgassociation.oc1.ap-mumbai-1.anrg6ljrabf7htyaqnw7fmovwf6hn4ja2zw6lk663tmq22bl6333m53q36ra"}
+2025-06-18T12:32:29Z    INFO    Current state   {"controller": "dbcssystem", "controllerGroup": "database.oracle.com", "controllerKind": "DbcsSystem", "DbcsSystem": {"name":"dbcssystem-existing","namespace":"default"}, "namespace": "default", "name": "dbcssystem-existing", "reconcileID": "60685efa-37f7-4185-b109-9b25c334ec62", "State": "PROVISIONING"}
+2025-06-18T12:33:28Z    INFO    Polling Data Guard association state    {"controller": "dbcssystem", "controllerGroup": "database.oracle.com", "controllerKind": "DbcsSystem", "DbcsSystem": {"name":"dbcssystem-existing","namespace":"default"}, "namespace": "default", "name": "dbcssystem-existing", "reconcileID": "60685efa-37f7-4185-b109-9b25c334ec62", "DatabaseID": "ocid1.database.oc1.ap-mumbai-1.anrg6ljrabf7htya2mo5an5blhlvx5euyqnazi45hli7zqs5uig7juzgme5a", "AssociationID": "ocid1.dgassociation.oc1.ap-mumbai-1.anrg6ljrabf7htyaqnw7fmovwf6hn4ja2zw6lk663tmq22bl6333m53q36ra"}
+2025-06-18T12:33:29Z    INFO    Current state   {"controller": "dbcssystem", "controllerGroup": "database.oracle.com", "controllerKind": "DbcsSystem", "DbcsSystem": {"name":"dbcssystem-existing","namespace":"default"}, "namespace": "default", "name": "dbcssystem-existing", "reconcileID": "60685efa-37f7-4185-b109-9b25c334ec62", "State": "PROVISIONING"}
+2025-06-18T12:34:28Z    INFO    Polling Data Guard association state    {"controller": "dbcssystem", "controllerGroup": "database.oracle.com", "controllerKind": "DbcsSystem", "DbcsSystem": {"name":"dbcssystem-existing","namespace":"default"}, "namespace": "default", "name": "dbcssystem-existing", "reconcileID": "60685efa-37f7-4185-b109-9b25c334ec62", "DatabaseID": "ocid1.database.oc1.ap-mumbai-1.anrg6ljrabf7htya2mo5an5blhlvx5euyqnazi45hli7zqs5uig7juzgme5a", "AssociationID": "ocid1.dgassociation.oc1.ap-mumbai-1.anrg6ljrabf7htyaqnw7fmovwf6hn4ja2zw6lk663tmq22bl6333m53q36ra"}
+2025-06-18T12:34:29Z    INFO    Current state   {"controller": "dbcssystem", "controllerGroup": "database.oracle.com", "controllerKind": "DbcsSystem", "DbcsSystem": {"name":"dbcssystem-existing","namespace":"default"}, "namespace": "default", "name": "dbcssystem-existing", "reconcileID": "60685efa-37f7-4185-b109-9b25c334ec62", "State": "PROVISIONING"}
+2025-06-18T12:35:28Z    INFO    Polling Data Guard association state    {"controller": "dbcssystem", "controllerGroup": "database.oracle.com", "controllerKind": "DbcsSystem", "DbcsSystem": {"name":"dbcssystem-existing","namespace":"default"}, "namespace": "default", "name": "dbcssystem-existing", "reconcileID": "60685efa-37f7-4185-b109-9b25c334ec62", "DatabaseID": "ocid1.database.oc1.ap-mumbai-1.anrg6ljrabf7htya2mo5an5blhlvx5euyqnazi45hli7zqs5uig7juzgme5a", "AssociationID": "ocid1.dgassociation.oc1.ap-mumbai-1.anrg6ljrabf7htyaqnw7fmovwf6hn4ja2zw6lk663tmq22bl6333m53q36ra"}
+2025-06-18T12:35:29Z    INFO    Current state   {"controller": "dbcssystem", "controllerGroup": "database.oracle.com", "controllerKind": "DbcsSystem", "DbcsSystem": {"name":"dbcssystem-existing","namespace":"default"}, "namespace": "default", "name": "dbcssystem-existing", "reconcileID": "60685efa-37f7-4185-b109-9b25c334ec62", "State": "PROVISIONING"}
+2025-06-18T12:36:28Z    INFO    Polling Data Guard association state    {"controller": "dbcssystem", "controllerGroup": "database.oracle.com", "controllerKind": "DbcsSystem", "DbcsSystem": {"name":"dbcssystem-existing","namespace":"default"}, "namespace": "default", "name": "dbcssystem-existing", "reconcileID": "60685efa-37f7-4185-b109-9b25c334ec62", "DatabaseID": "ocid1.database.oc1.ap-mumbai-1.anrg6ljrabf7htya2mo5an5blhlvx5euyqnazi45hli7zqs5uig7juzgme5a", "AssociationID": "ocid1.dgassociation.oc1.ap-mumbai-1.anrg6ljrabf7htyaqnw7fmovwf6hn4ja2zw6lk663tmq22bl6333m53q36ra"}
+2025-06-18T12:36:29Z    INFO    Current state   {"controller": "dbcssystem", "controllerGroup": "database.oracle.com", "controllerKind": "DbcsSystem", "DbcsSystem": {"name":"dbcssystem-existing","namespace":"default"}, "namespace": "default", "name": "dbcssystem-existing", "reconcileID": "60685efa-37f7-4185-b109-9b25c334ec62", "State": "PROVISIONING"}
+2025-06-18T12:37:28Z    INFO    Polling Data Guard association state    {"controller": "dbcssystem", "controllerGroup": "database.oracle.com", "controllerKind": "DbcsSystem", "DbcsSystem": {"name":"dbcssystem-existing","namespace":"default"}, "namespace": "default", "name": "dbcssystem-existing", "reconcileID": "60685efa-37f7-4185-b109-9b25c334ec62", "DatabaseID": "ocid1.database.oc1.ap-mumbai-1.anrg6ljrabf7htya2mo5an5blhlvx5euyqnazi45hli7zqs5uig7juzgme5a", "AssociationID": "ocid1.dgassociation.oc1.ap-mumbai-1.anrg6ljrabf7htyaqnw7fmovwf6hn4ja2zw6lk663tmq22bl6333m53q36ra"}
+2025-06-18T12:37:29Z    INFO    Current state   {"controller": "dbcssystem", "controllerGroup": "database.oracle.com", "controllerKind": "DbcsSystem", "DbcsSystem": {"name":"dbcssystem-existing","namespace":"default"}, "namespace": "default", "name": "dbcssystem-existing", "reconcileID": "60685efa-37f7-4185-b109-9b25c334ec62", "State": "PROVISIONING"}
+2025-06-18T12:38:28Z    INFO    Polling Data Guard association state    {"controller": "dbcssystem", "controllerGroup": "database.oracle.com", "controllerKind": "DbcsSystem", "DbcsSystem": {"name":"dbcssystem-existing","namespace":"default"}, "namespace": "default", "name": "dbcssystem-existing", "reconcileID": "60685efa-37f7-4185-b109-9b25c334ec62", "DatabaseID": "ocid1.database.oc1.ap-mumbai-1.anrg6ljrabf7htya2mo5an5blhlvx5euyqnazi45hli7zqs5uig7juzgme5a", "AssociationID": "ocid1.dgassociation.oc1.ap-mumbai-1.anrg6ljrabf7htyaqnw7fmovwf6hn4ja2zw6lk663tmq22bl6333m53q36ra"}
+2025-06-18T12:38:29Z    INFO    Current state   {"controller": "dbcssystem", "controllerGroup": "database.oracle.com", "controllerKind": "DbcsSystem", "DbcsSystem": {"name":"dbcssystem-existing","namespace":"default"}, "namespace": "default", "name": "dbcssystem-existing", "reconcileID": "60685efa-37f7-4185-b109-9b25c334ec62", "State": "PROVISIONING"}
+2025-06-18T12:39:28Z    INFO    Polling Data Guard association state    {"controller": "dbcssystem", "controllerGroup": "database.oracle.com", "controllerKind": "DbcsSystem", "DbcsSystem": {"name":"dbcssystem-existing","namespace":"default"}, "namespace": "default", "name": "dbcssystem-existing", "reconcileID": "60685efa-37f7-4185-b109-9b25c334ec62", "DatabaseID": "ocid1.database.oc1.ap-mumbai-1.anrg6ljrabf7htya2mo5an5blhlvx5euyqnazi45hli7zqs5uig7juzgme5a", "AssociationID": "ocid1.dgassociation.oc1.ap-mumbai-1.anrg6ljrabf7htyaqnw7fmovwf6hn4ja2zw6lk663tmq22bl6333m53q36ra"}
+2025-06-18T12:39:29Z    INFO    Current state   {"controller": "dbcssystem", "controllerGroup": "database.oracle.com", "controllerKind": "DbcsSystem", "DbcsSystem": {"name":"dbcssystem-existing","namespace":"default"}, "namespace": "default", "name": "dbcssystem-existing", "reconcileID": "60685efa-37f7-4185-b109-9b25c334ec62", "State": "PROVISIONING"}
+2025-06-18T12:40:28Z    INFO    Polling Data Guard association state    {"controller": "dbcssystem", "controllerGroup": "database.oracle.com", "controllerKind": "DbcsSystem", "DbcsSystem": {"name":"dbcssystem-existing","namespace":"default"}, "namespace": "default", "name": "dbcssystem-existing", "reconcileID": "60685efa-37f7-4185-b109-9b25c334ec62", "DatabaseID": "ocid1.database.oc1.ap-mumbai-1.anrg6ljrabf7htya2mo5an5blhlvx5euyqnazi45hli7zqs5uig7juzgme5a", "AssociationID": "ocid1.dgassociation.oc1.ap-mumbai-1.anrg6ljrabf7htyaqnw7fmovwf6hn4ja2zw6lk663tmq22bl6333m53q36ra"}
+2025-06-18T12:40:29Z    INFO    Current state   {"controller": "dbcssystem", "controllerGroup": "database.oracle.com", "controllerKind": "DbcsSystem", "DbcsSystem": {"name":"dbcssystem-existing","namespace":"default"}, "namespace": "default", "name": "dbcssystem-existing", "reconcileID": "60685efa-37f7-4185-b109-9b25c334ec62", "State": "PROVISIONING"}
+2025-06-18T12:41:28Z    INFO    Polling Data Guard association state    {"controller": "dbcssystem", "controllerGroup": "database.oracle.com", "controllerKind": "DbcsSystem", "DbcsSystem": {"name":"dbcssystem-existing","namespace":"default"}, "namespace": "default", "name": "dbcssystem-existing", "reconcileID": "60685efa-37f7-4185-b109-9b25c334ec62", "DatabaseID": "ocid1.database.oc1.ap-mumbai-1.anrg6ljrabf7htya2mo5an5blhlvx5euyqnazi45hli7zqs5uig7juzgme5a", "AssociationID": "ocid1.dgassociation.oc1.ap-mumbai-1.anrg6ljrabf7htyaqnw7fmovwf6hn4ja2zw6lk663tmq22bl6333m53q36ra"}
+2025-06-18T12:41:29Z    INFO    Current state   {"controller": "dbcssystem", "controllerGroup": "database.oracle.com", "controllerKind": "DbcsSystem", "DbcsSystem": {"name":"dbcssystem-existing","namespace":"default"}, "namespace": "default", "name": "dbcssystem-existing", "reconcileID": "60685efa-37f7-4185-b109-9b25c334ec62", "State": "PROVISIONING"}
+2025-06-18T12:42:28Z    INFO    Polling Data Guard association state    {"controller": "dbcssystem", "controllerGroup": "database.oracle.com", "controllerKind": "DbcsSystem", "DbcsSystem": {"name":"dbcssystem-existing","namespace":"default"}, "namespace": "default", "name": "dbcssystem-existing", "reconcileID": "60685efa-37f7-4185-b109-9b25c334ec62", "DatabaseID": "ocid1.database.oc1.ap-mumbai-1.anrg6ljrabf7htya2mo5an5blhlvx5euyqnazi45hli7zqs5uig7juzgme5a", "AssociationID": "ocid1.dgassociation.oc1.ap-mumbai-1.anrg6ljrabf7htyaqnw7fmovwf6hn4ja2zw6lk663tmq22bl6333m53q36ra"}
+2025-06-18T12:42:29Z    INFO    Current state   {"controller": "dbcssystem", "controllerGroup": "database.oracle.com", "controllerKind": "DbcsSystem", "DbcsSystem": {"name":"dbcssystem-existing","namespace":"default"}, "namespace": "default", "name": "dbcssystem-existing", "reconcileID": "60685efa-37f7-4185-b109-9b25c334ec62", "State": "PROVISIONING"}
+2025-06-18T12:43:28Z    INFO    Polling Data Guard association state    {"controller": "dbcssystem", "controllerGroup": "database.oracle.com", "controllerKind": "DbcsSystem", "DbcsSystem": {"name":"dbcssystem-existing","namespace":"default"}, "namespace": "default", "name": "dbcssystem-existing", "reconcileID": "60685efa-37f7-4185-b109-9b25c334ec62", "DatabaseID": "ocid1.database.oc1.ap-mumbai-1.anrg6ljrabf7htya2mo5an5blhlvx5euyqnazi45hli7zqs5uig7juzgme5a", "AssociationID": "ocid1.dgassociation.oc1.ap-mumbai-1.anrg6ljrabf7htyaqnw7fmovwf6hn4ja2zw6lk663tmq22bl6333m53q36ra"}
+2025-06-18T12:43:29Z    INFO    Current state   {"controller": "dbcssystem", "controllerGroup": "database.oracle.com", "controllerKind": "DbcsSystem", "DbcsSystem": {"name":"dbcssystem-existing","namespace":"default"}, "namespace": "default", "name": "dbcssystem-existing", "reconcileID": "60685efa-37f7-4185-b109-9b25c334ec62", "State": "PROVISIONING"}
+2025-06-18T12:44:28Z    INFO    Polling Data Guard association state    {"controller": "dbcssystem", "controllerGroup": "database.oracle.com", "controllerKind": "DbcsSystem", "DbcsSystem": {"name":"dbcssystem-existing","namespace":"default"}, "namespace": "default", "name": "dbcssystem-existing", "reconcileID": "60685efa-37f7-4185-b109-9b25c334ec62", "DatabaseID": "ocid1.database.oc1.ap-mumbai-1.anrg6ljrabf7htya2mo5an5blhlvx5euyqnazi45hli7zqs5uig7juzgme5a", "AssociationID": "ocid1.dgassociation.oc1.ap-mumbai-1.anrg6ljrabf7htyaqnw7fmovwf6hn4ja2zw6lk663tmq22bl6333m53q36ra"}
+2025-06-18T12:44:29Z    INFO    Current state   {"controller": "dbcssystem", "controllerGroup": "database.oracle.com", "controllerKind": "DbcsSystem", "DbcsSystem": {"name":"dbcssystem-existing","namespace":"default"}, "namespace": "default", "name": "dbcssystem-existing", "reconcileID": "60685efa-37f7-4185-b109-9b25c334ec62", "State": "PROVISIONING"}
+2025-06-18T12:45:28Z    INFO    Polling Data Guard association state    {"controller": "dbcssystem", "controllerGroup": "database.oracle.com", "controllerKind": "DbcsSystem", "DbcsSystem": {"name":"dbcssystem-existing","namespace":"default"}, "namespace": "default", "name": "dbcssystem-existing", "reconcileID": "60685efa-37f7-4185-b109-9b25c334ec62", "DatabaseID": "ocid1.database.oc1.ap-mumbai-1.anrg6ljrabf7htya2mo5an5blhlvx5euyqnazi45hli7zqs5uig7juzgme5a", "AssociationID": "ocid1.dgassociation.oc1.ap-mumbai-1.anrg6ljrabf7htyaqnw7fmovwf6hn4ja2zw6lk663tmq22bl6333m53q36ra"}
+2025-06-18T13:42:28Z    INFO    Polling Data Guard association state    {"controller": "dbcssystem", "controllerGroup": "database.oracle.com", "controllerKind": "DbcsSystem", "DbcsSystem": {"name":"dbcssystem-existing","namespace":"default"}, "namespace": "default", "name": "dbcssystem-existing", "reconcileID": "60685efa-37f7-4185-b109-9b25c334ec62", "DatabaseID": "ocid1.database.oc1.ap-mumbai-1.anrg6ljrabf7htya2mo5an5blhlvx5euyqnazi45hli7zqs5uig7juzgme5a", "AssociationID": "ocid1.dgassociation.oc1.ap-mumbai-1.anrg6ljrabf7htyaqnw7fmovwf6hn4ja2zw6lk663tmq22bl6333m53q36ra"}
+2025-06-18T13:42:29Z    INFO    Current state   {"controller": "dbcssystem", "controllerGroup": "database.oracle.com", "controllerKind": "DbcsSystem", "DbcsSystem": {"name":"dbcssystem-existing","namespace":"default"}, "namespace": "default", "name": "dbcssystem-existing", "reconcileID": "60685efa-37f7-4185-b109-9b25c334ec62", "State": "PROVISIONING"}
+2025-06-18T13:43:28Z    INFO    Polling Data Guard association state    {"controller": "dbcssystem", "controllerGroup": "database.oracle.com", "controllerKind": "DbcsSystem", "DbcsSystem": {"name":"dbcssystem-existing","namespace":"default"}, "namespace": "default", "name": "dbcssystem-existing", "reconcileID": "60685efa-37f7-4185-b109-9b25c334ec62", "DatabaseID": "ocid1.database.oc1.ap-mumbai-1.anrg6ljrabf7htya2mo5an5blhlvx5euyqnazi45hli7zqs5uig7juzgme5a", "AssociationID": "ocid1.dgassociation.oc1.ap-mumbai-1.anrg6ljrabf7htyaqnw7fmovwf6hn4ja2zw6lk663tmq22bl6333m53q36ra"}
+2025-06-18T13:43:29Z    INFO    Current state   {"controller": "dbcssystem", "controllerGroup": "database.oracle.com", "controllerKind": "DbcsSystem", "DbcsSystem": {"name":"dbcssystem-existing","namespace":"default"}, "namespace": "default", "name": "dbcssystem-existing", "reconcileID": "60685efa-37f7-4185-b109-9b25c334ec62", "State": "PROVISIONING"}
+2025-06-18T13:44:28Z    INFO    Polling Data Guard association state    {"controller": "dbcssystem", "controllerGroup": "database.oracle.com", "controllerKind": "DbcsSystem", "DbcsSystem": {"name":"dbcssystem-existing","namespace":"default"}, "namespace": "default", "name": "dbcssystem-existing", "reconcileID": "60685efa-37f7-4185-b109-9b25c334ec62", "DatabaseID": "ocid1.database.oc1.ap-mumbai-1.anrg6ljrabf7htya2mo5an5blhlvx5euyqnazi45hli7zqs5uig7juzgme5a", "AssociationID": "ocid1.dgassociation.oc1.ap-mumbai-1.anrg6ljrabf7htyaqnw7fmovwf6hn4ja2zw6lk663tmq22bl6333m53q36ra"}
+2025-06-18T13:44:29Z    INFO    Current state   {"controller": "dbcssystem", "controllerGroup": "database.oracle.com", "controllerKind": "DbcsSystem", "DbcsSystem": {"name":"dbcssystem-existing","namespace":"default"}, "namespace": "default", "name": "dbcssystem-existing", "reconcileID": "60685efa-37f7-4185-b109-9b25c334ec62", "State": "PROVISIONING"}
+2025-06-18T13:45:28Z    INFO    Polling Data Guard association state    {"controller": "dbcssystem", "controllerGroup": "database.oracle.com", "controllerKind": "DbcsSystem", "DbcsSystem": {"name":"dbcssystem-existing","namespace":"default"}, "namespace": "default", "name": "dbcssystem-existing", "reconcileID": "60685efa-37f7-4185-b109-9b25c334ec62", "DatabaseID": "ocid1.database.oc1.ap-mumbai-1.anrg6ljrabf7htya2mo5an5blhlvx5euyqnazi45hli7zqs5uig7juzgme5a", "AssociationID": "ocid1.dgassociation.oc1.ap-mumbai-1.anrg6ljrabf7htyaqnw7fmovwf6hn4ja2zw6lk663tmq22bl6333m53q36ra"}
+2025-06-18T13:45:29Z    INFO    Current state   {"controller": "dbcssystem", "controllerGroup": "database.oracle.com", "controllerKind": "DbcsSystem", "DbcsSystem": {"name":"dbcssystem-existing","namespace":"default"}, "namespace": "default", "name": "dbcssystem-existing", "reconcileID": "60685efa-37f7-4185-b109-9b25c334ec62", "State": "PROVISIONING"}
+
+
+
+ kubectl describe dbcssystems.database.oracle.com dbcssystem-existing
+Name:         dbcssystem-existing
+Namespace:    default
+Labels:       <none>
+Annotations:  lastSuccessfulSpec:
+                {"dbSystem":{"compartmentId":"","availabilityDomain":"","subnetId":"","shape":"","hostName":"","dbAdminPasswordSecret":"","dbBackupConfig"...
+API Version:  database.oracle.com/v4
+Kind:         DbcsSystem
+Metadata:
+  Creation Timestamp:  2025-06-18T11:47:51Z
+  Generation:          3
+  Resource Version:    198491318
+  UID:                 dd584c17-bed5-477c-b1ae-90deed556ee9
+Spec:
+  Data Guard:
+    Availability Domain:       OLou:AP-MUMBAI-1-AD-1
+    Db Admin Password Secret:  admin-password
+    Display Name:              sdbsystem1234
+    Enabled:                   true
+    Host Name:                 shost1234
+    Primary Database Id:       ocid1.database.oc1.ap-mumbai-1.anrg6ljrabf7htya2mo5an5blhlvx5euyqnazi45hli7zqs5uig7juzgme5a
+    Protection Mode:           MAXIMUM_PERFORMANCE
+    Shape:                     VM.Standard2.1
+    Subnet Id:                 ocid1.subnet.oc1.ap-mumbai-1.aaaaaaaaklvzufcgma65ibn4al7xukjmyfz7nnrpaewfzbffz5zrnz3htweq
+    Transport Type:            ASYNC
+  Db System:
+    Availability Domain:       
+    Compartment Id:            
+    Db Admin Password Secret:  
+    Db Backup Config:
+    Host Name:  
+    Kms Config:
+    Shape:      
+    Subnet Id:  
+  Kms Config:
+  Oci Config Map:  oci-cred-mumbai
+  Oci Secret:      oci-privatekey
+Status:
+  Availability Domain:  OLou:AP-MUMBAI-1-AD-1
+  Cpu Core Count:       1
+  Data Guard Status:
+    Db Admin Password Secret:        admin-password
+    Id:                              ocid1.dgassociation.oc1.ap-mumbai-1.anrg6ljrabf7htyaqnw7fmovwf6hn4ja2zw6lk663tmq22bl6333m53q36ra
+    Lifecycle State:                 AVAILABLE
+    Peer Data Guard Association Id:  ocid1.dgassociation.oc1.ap-mumbai-1.anrg6ljrabf7htyabee2lili5bw2fhfykp6ex762nvg5vihc4zl33oxvzp4q
+    Peer Database Id:                ocid1.database.oc1.ap-mumbai-1.anrg6ljrabf7htya5zaiiz6ydeomvqysoin5cylevcy5z5ritblpnl3qjhga
+    Peer Db Home Id:                 ocid1.dbhome.oc1.ap-mumbai-1.anrg6ljrqlb5nxiaewh5smvdfbv7t5xoz4pjagwcm5py72eoyoejlxfcyhzq
+    Peer Db System Id:               ocid1.dbsystem.oc1.ap-mumbai-1.anrg6ljrabf7htyaywwjkya5wcimrcsxip777dld3fluu2nlb3kf6mjjtnuq
+    Peer Role:                       STANDBY
+    Primary Database Id:             ocid1.database.oc1.ap-mumbai-1.anrg6ljrabf7htya2mo5an5blhlvx5euyqnazi45hli7zqs5uig7juzgme5a
+    Protection Mode:                 MAXIMUM_PERFORMANCE
+    Transport Type:                  ASYNC
+  Data Storage Percentage:           80
+  Data Storage Size In G Bs:         256
+  Db Clone Status:
+    Db Db Unique Name:  
+    Host Name:          
+  Db Edition:           ENTERPRISE_EDITION_HIGH_PERFORMANCE
+  Display Name:         sdbsystem1234
+  Id:                   ocid1.dbsystem.oc1.ap-mumbai-1.anrg6ljrabf7htyaywwjkya5wcimrcsxip777dld3fluu2nlb3kf6mjjtnuq
+  Kms Details Status:
+  License Model:  BRING_YOUR_OWN_LICENSE
+  Network:
+    Client Subnet:          oke-k8sApiEndpoint-subnet-quick-cluster1-2bebe95db-regional
+    Domain Name:            sub0ea2e07ef.cluster1.oraclevcn.com
+    Host Name:              shost1234
+    Listener Port:          1521
+    Scan Dns Name:          shost1234-scan.sub0ea2e07ef.cluster1.oraclevcn.com
+    Vcn Name:               oke-vcn-quick-cluster1-2bebe95db
+  Node Count:               1
+  Reco Storage Size In GB:  256
+  Shape:                    VM.Standard2.1
+  State:                    AVAILABLE
+  Storage Management:       ASM
+  Subnet Id:                ocid1.subnet.oc1.ap-mumbai-1.aaaaaaaaklvzufcgma65ibn4al7xukjmyfz7nnrpaewfzbffz5zrnz3htweq
+  Time Zone:                UTC
+  Work Requests:
+    Operation Id:      ocid1.coreservicesworkrequest.oc1.ap-mumbai-1.abrg6ljr745m6kvhdlchnbfpgfi53oabqpbp6edr4sihrrlhh3vpx272q32a
+    Operation Type:    Create Data Guard
+    Percent Complete:  100
+    Time Accepted:     2025-06-18 11:23:18.919 +0000 UTC
+    Time Finished:     2025-06-18 11:28:17.598 +0000 UTC
+    Time Started:      2025-06-18 11:23:28.016 +0000 UTC
+    Operation Id:      ocid1.coreservicesworkrequest.oc1.ap-mumbai-1.abrg6ljrxow6rzn63igski66j7264ft3bnnjkvg74vd6xf77rqg6tkakrlkq
+    Operation Type:    Create Data Guard
+    Percent Complete:  100
+    Time Accepted:     2025-06-18 11:15:30.139 +0000 UTC
+    Time Finished:     2025-06-18 11:22:04.763 +0000 UTC
+    Time Started:      2025-06-18 11:15:36.599 +0000 UTC
+    Operation Id:      ocid1.coreservicesworkrequest.oc1.ap-mumbai-1.abrg6ljrzj4cnxwitxjjlcwwymbpby7chckrq5vtm2hpykprgxrm5rtw2eqq
+    Operation Type:    Create Data Guard
+    Percent Complete:  100
+    Time Accepted:     2025-06-18 10:59:14.372 +0000 UTC
+    Time Finished:     2025-06-18 11:15:15.936 +0000 UTC
+    Time Started:      2025-06-18 10:59:20.854 +0000 UTC
+    Operation Id:      ocid1.coreservicesworkrequest.oc1.ap-mumbai-1.abrg6ljrsfschtlkucf65m575jyswb6xsk3mpfx26gsrumrfa6huzhjswbxq
+    Operation Type:    Create Data Guard
+    Percent Complete:  100
+    Time Accepted:     2025-06-18 07:20:00.043 +0000 UTC
+    Time Finished:     2025-06-18 07:43:54.273 +0000 UTC
+    Time Started:      2025-06-18 07:20:07.169 +0000 UTC
+    Operation Id:      ocid1.coreservicesworkrequest.oc1.ap-mumbai-1.abrg6ljryitxrazcuutk3ttxscpudqtaeq7o3havhhh3aov5tdtvuhmnclma
+    Operation Type:    Create DB System
+    Percent Complete:  100
+    Time Accepted:     2025-06-13 11:53:36.483 +0000 UTC
+    Time Finished:     2025-06-13 14:10:52.388 +0000 UTC
+    Time Started:      2025-06-13 11:53:43.916 +0000 UTC
+Events:                <none>
diff --git a/docs/dbcs/provisioning/dataguard_to_database.md b/docs/dbcs/provisioning/dataguard_to_database.md
new file mode 100644
index 00000000..67c923b6
--- /dev/null
+++ b/docs/dbcs/provisioning/dataguard_to_database.md
@@ -0,0 +1,33 @@
+# Setup Dataguard Association to Existing Database of DB System in OCI Base DBCS Service
+
+In this use case, an existing OCI DBCS system previously deployed with an existing Database is provided with an Oracle Data Guard association in OCI Base DBCS Service using the existing Database ID. 
+
+As a prerequisite, obtain the OCID details for the database of the existing DBCS System that you want to clone.  
+
+**NOTE:** We are assuming that before this step, you have followed the [prerequisite](./../README.md#prerequisites-to-deploy-a-dbcs-system-using-oracle-db-operator-dbcs-controller) steps to create the configmap and the secrets required during the deployment.
+
+This example uses `dataguard_in_database.yaml` to clone a Single Instance DBCS VMDB using Oracle DB Operator DBCS Controller with:
+- OCI Configmap as `oci-cred`  
+- OCI Secret as `oci-privatekey`
+- Specification of dataGuard as - Details for dataguard setup `primaryDatabaseId`,`dbAdminPasswordSecret`, `protectionMode`,`transportType`,`displayName`,`availabilityDomain`,`shape`,`subnetId`,`hostName`.
+**NOTE:** For the details of the parameters to be used in the .yaml file, please refer [here](./dbcs_controller_parameters.md).
+
+Use the file: [dataguard_in_database.yaml](./dataguard_in_database.yaml) for this use case as below:
+
+1. Deploy the `.yaml` file:  
+```sh
+[root@docker-test-server DBCS]# kubectl apply -f dataguard_in_database.yaml
+dbcssystem.database.oracle.com/dbcssystem-existing configured
+```
+
+2. Monitor the Oracle DB Operator Pod `pod/oracle-database-operator-controller-manager-665874bd57-g2cgw` to follow the progress of the DBCS VMDB creation of PDBs. 
+
+NOTE: Check the DB Operator Pod name in your environment.
+
+```
+[root@docker-test-server DBCS]# kubectl logs -f pod/oracle-database-operator-controller-manager-665874bd57-g2cgw -n  oracle-database-operator-system
+```
+
+## Sample Output
+
+[Here](./dataguard_in_database_sample_output.log) is the example output log for cloning an existing DBCS System deployed in OCI using Oracle DB Operator DBCS Controller.
diff --git a/docs/dbcs/provisioning/delete_pdb.md b/docs/dbcs/provisioning/delete_pdb.md
index 84d676bc..b9bb8b8d 100644
--- a/docs/dbcs/provisioning/delete_pdb.md
+++ b/docs/dbcs/provisioning/delete_pdb.md
@@ -1,32 +1,32 @@
 # Delete PDB of an existing DBCS System
 
-In this use case, an existing OCI DBCS system deployed earlier is going to have PDB/PDBs deleted. Its a 2 Step operation.
+In this use case, an existing OCI DBCS system deployed earlier is going to have PDB/PDBs deleted. This is a two-step operation.
 
-In order to create PDBs to an existing DBCS system, the steps will be:
+To create PDBs and add them to an existing DBCS system, the two steps are as follows:
 
 1. Bind the existing DBCS System to DBCS Controller.
 2. Apply the change to delete PDBs.
 
-**NOTE:** We are assuming that before this step, you have followed the [prerequisite](./../README.md#prerequsites-to-deploy-a-dbcs-system-using-oracle-db-operator-dbcs-controller) steps to create the configmap and the secrets required during the deployment.
+**NOTE:** We are assuming that before this step, you have followed the [prerequisite steps](./../README.md#prerequsites-to-deploy-a-dbcs-system-using-oracle-db-operator-dbcs-controller) to create the configmap and the secrets required during the deployment.
 
-As step 1, first bind the existing DBCS System to DBCS Controller following [documentation](./../provisioning/bind_to_existing_dbcs_system.md). After successful binding, it will show as below-
+In the first step, you first bind the existing DBCS System to DBCS Controller following [the Bind to Existing DBCS System documentation](./../provisioning/bind_to_existing_dbcs_system.md). After successful binding, it will appear as follows:
 ```bash
 kubectl get dbcssystems
 NAME                  AGE
 dbcssystem-existing   3m33s
 ```
 
-This example uses `deletepdb_in_existing_dbcs_system_list.yaml` to delete PDBs of a Single Instance DBCS VMDB using Oracle DB Operator DBCS Controller with:
+This example uses `deletepdb_in_existing_dbcs_system_list.yaml` to delete PDBs of a Single Instance DBCS VMDB using Oracle DB Operator DBCS Controller with the following:
 
 - OCID of existing VMDB as `ocid1.dbsystem.oc1.iad.anuwcljsabf7htyag4akvoakzw4qk7cae55qyp7hlffbouozvyl5ngoputza`
 - OCI Configmap as `oci-cred`  
 - OCI Secret as `oci-privatekey`
 - PDB Name to be deleted e.g `pdb_sauahuja_11` and `pdb_sauahuja_12`
-**NOTE:** For the details of the parameters to be used in the .yaml file, please refer [here](./dbcs_controller_parameters.md).
+**NOTE:** For the details of the parameters to be used in the `.yaml` file, see: [DBCS Controller Parameters](./dbcs_controller_parameters.md).
 
-Use the file: [deletepdb_in_existing_dbcs_system_list.yaml](./deletepdb_in_existing_dbcs_system_list.yaml) for this use case as below:
+Use the file: [deletepdb_in_existing_dbcs_system_list.yaml](./deletepdb_in_existing_dbcs_system_list.yaml) for this use case as described in the following steps:
 
-1. Deploy the .yaml file:  
+1. Deploy the `.yaml` file:  
 ```sh
 [root@docker-test-server DBCS]# kubectl apply -f deletepdb_in_existing_dbcs_system_list.yaml
 dbcssystem.database.oracle.com/dbcssystem-existing configured
@@ -40,11 +40,11 @@ NOTE: Check the DB Operator Pod name in your environment.
 [root@docker-test-server DBCS]# kubectl logs -f pod/oracle-database-operator-controller-manager-665874bd57-g2cgw -n  oracle-database-operator-system
 ```
 
-3. Remove DBCS Systems resource-
+3. Remove the DBCS Systems resource-
 ```bash
 kubectl delete -f deletepdb_in_existing_dbcs_system_list.yaml
 ```
 
 ## Sample Output
 
-[Here](./deletepdb_in_existing_dbcs_system_list_sample_output.log) is the sample output for deletion of PDBs from an existing DBCS System deployed in OCI using Oracle DB Operator DBCS Controller.
\ No newline at end of file
+[This example log file](./deletepdb_in_existing_dbcs_system_list_sample_output.log) is an example log file output for deletion of PDBs from an existing DBCS System deployed in OCI using Oracle DB Operator DBCS Controller.
\ No newline at end of file
diff --git a/docs/dbcs/provisioning/disable_dataguard_in_database.yaml b/docs/dbcs/provisioning/disable_dataguard_in_database.yaml
new file mode 100644
index 00000000..f8cb8463
--- /dev/null
+++ b/docs/dbcs/provisioning/disable_dataguard_in_database.yaml
@@ -0,0 +1,12 @@
+apiVersion: database.oracle.com/v4
+kind: DbcsSystem
+metadata:
+  name: dbcssystem-existing
+spec:
+  id: "ocid1.dbsystem.oc1.ap-mumbai-1.anrg6ljrabf7htyagag6vwgkdcf5g6srfykrsqnfnryfskfhblntsjypiajq"
+  ociConfigMap: "oci-cred-mumbai"
+  ociSecret: "oci-privatekey"
+  dataGuard:
+    enabled: false              # <=== Mark for deletion (don't enable)
+    isDelete: true
+    peerDbSystemId: ocid1.dbsystem.oc1.ap-mumbai-1.anrg6ljrabf7htyakjqrailvboa6efrypg3oxaqis44433rjd3hjuzeygcuq
\ No newline at end of file
diff --git a/docs/dbcs/provisioning/disable_dataguard_in_database_sample_output.log b/docs/dbcs/provisioning/disable_dataguard_in_database_sample_output.log
new file mode 100644
index 00000000..af0c1e61
--- /dev/null
+++ b/docs/dbcs/provisioning/disable_dataguard_in_database_sample_output.log
@@ -0,0 +1,141 @@
+2025-06-20T16:40:02Z    INFO    Terminating peer DB system      {"controller": "dbcssystem", "controllerGroup": "database.oracle.com", "controllerKind": "DbcsSystem", "DbcsSystem": {"name":"dbcssystem-existing","namespace":"default"}, "namespace": "default", "name": "dbcssystem-existing", "reconcileID": "61f3d6fa-6bc2-480f-a16b-2bf3f0262c36", "peerDbSystemId": "ocid1.dbsystem.oc1.ap-mumbai-1.anrg6ljrabf7htyakjqrailvboa6efrypg3oxaqis44433rjd3hjuzeygcuq"}
+2025-06-20T16:40:03Z    INFO    Waiting for work request to complete    {"controller": "dbcssystem", "controllerGroup": "database.oracle.com", "controllerKind": "DbcsSystem", "DbcsSystem": {"name":"dbcssystem-existing","namespace":"default"}, "namespace": "default", "name": "dbcssystem-existing", "reconcileID": "61f3d6fa-6bc2-480f-a16b-2bf3f0262c36", "workRequestID": "ocid1.coreservicesworkrequest.oc1.ap-mumbai-1.abrg6ljrm6qzswsn5x3payealiktawjfpnfggonbbznu3ylxzth2nofn3p4a"}
+2025-06-20T16:40:04Z    INFO    Polling WorkRequest status      {"controller": "dbcssystem", "controllerGroup": "database.oracle.com", "controllerKind": "DbcsSystem", "DbcsSystem": {"name":"dbcssystem-existing","namespace":"default"}, "namespace": "default", "name": "dbcssystem-existing", "reconcileID": "61f3d6fa-6bc2-480f-a16b-2bf3f0262c36", "status": "ACCEPTED"}
+2025-06-20T16:40:35Z    INFO    Polling WorkRequest status      {"controller": "dbcssystem", "controllerGroup": "database.oracle.com", "controllerKind": "DbcsSystem", "DbcsSystem": {"name":"dbcssystem-existing","namespace":"default"}, "namespace": "default", "name": "dbcssystem-existing", "reconcileID": "61f3d6fa-6bc2-480f-a16b-2bf3f0262c36", "status": "IN_PROGRESS"}
+2025-06-20T16:41:06Z    INFO    Polling WorkRequest status      {"controller": "dbcssystem", "controllerGroup": "database.oracle.com", "controllerKind": "DbcsSystem", "DbcsSystem": {"name":"dbcssystem-existing","namespace":"default"}, "namespace": "default", "name": "dbcssystem-existing", "reconcileID": "61f3d6fa-6bc2-480f-a16b-2bf3f0262c36", "status": "IN_PROGRESS"}
+2025-06-20T16:41:36Z    INFO    Polling WorkRequest status      {"controller": "dbcssystem", "controllerGroup": "database.oracle.com", "controllerKind": "DbcsSystem", "DbcsSystem": {"name":"dbcssystem-existing","namespace":"default"}, "namespace": "default", "name": "dbcssystem-existing", "reconcileID": "61f3d6fa-6bc2-480f-a16b-2bf3f0262c36", "status": "IN_PROGRESS"}
+2025-06-20T16:42:07Z    INFO    Polling WorkRequest status      {"controller": "dbcssystem", "controllerGroup": "database.oracle.com", "controllerKind": "DbcsSystem", "DbcsSystem": {"name":"dbcssystem-existing","namespace":"default"}, "namespace": "default", "name": "dbcssystem-existing", "reconcileID": "61f3d6fa-6bc2-480f-a16b-2bf3f0262c36", "status": "IN_PROGRESS"}
+2025-06-20T16:42:38Z    INFO    Polling WorkRequest status      {"controller": "dbcssystem", "controllerGroup": "database.oracle.com", "controllerKind": "DbcsSystem", "DbcsSystem": {"name":"dbcssystem-existing","namespace":"default"}, "namespace": "default", "name": "dbcssystem-existing", "reconcileID": "61f3d6fa-6bc2-480f-a16b-2bf3f0262c36", "status": "IN_PROGRESS"}
+2025-06-20T16:43:09Z    INFO    Polling WorkRequest status      {"controller": "dbcssystem", "controllerGroup": "database.oracle.com", "controllerKind": "DbcsSystem", "DbcsSystem": {"name":"dbcssystem-existing","namespace":"default"}, "namespace": "default", "name": "dbcssystem-existing", "reconcileID": "61f3d6fa-6bc2-480f-a16b-2bf3f0262c36", "status": "IN_PROGRESS"}
+2025-06-20T16:43:40Z    INFO    Polling WorkRequest status      {"controller": "dbcssystem", "controllerGroup": "database.oracle.com", "controllerKind": "DbcsSystem", "DbcsSystem": {"name":"dbcssystem-existing","namespace":"default"}, "namespace": "default", "name": "dbcssystem-existing", "reconcileID": "61f3d6fa-6bc2-480f-a16b-2bf3f0262c36", "status": "IN_PROGRESS"}
+2025-06-20T16:44:10Z    INFO    Polling WorkRequest status      {"controller": "dbcssystem", "controllerGroup": "database.oracle.com", "controllerKind": "DbcsSystem", "DbcsSystem": {"name":"dbcssystem-existing","namespace":"default"}, "namespace": "default", "name": "dbcssystem-existing", "reconcileID": "61f3d6fa-6bc2-480f-a16b-2bf3f0262c36", "status": "IN_PROGRESS"}
+2025-06-20T16:44:41Z    INFO    Polling WorkRequest status      {"controller": "dbcssystem", "controllerGroup": "database.oracle.com", "controllerKind": "DbcsSystem", "DbcsSystem": {"name":"dbcssystem-existing","namespace":"default"}, "namespace": "default", "name": "dbcssystem-existing", "reconcileID": "61f3d6fa-6bc2-480f-a16b-2bf3f0262c36", "status": "IN_PROGRESS"}
+2025-06-20T16:45:12Z    INFO    Polling WorkRequest status      {"controller": "dbcssystem", "controllerGroup": "database.oracle.com", "controllerKind": "DbcsSystem", "DbcsSystem": {"name":"dbcssystem-existing","namespace":"default"}, "namespace": "default", "name": "dbcssystem-existing", "reconcileID": "61f3d6fa-6bc2-480f-a16b-2bf3f0262c36", "status": "IN_PROGRESS"}
+2025-06-20T16:45:43Z    INFO    Polling WorkRequest status      {"controller": "dbcssystem", "controllerGroup": "database.oracle.com", "controllerKind": "DbcsSystem", "DbcsSystem": {"name":"dbcssystem-existing","namespace":"default"}, "namespace": "default", "name": "dbcssystem-existing", "reconcileID": "61f3d6fa-6bc2-480f-a16b-2bf3f0262c36", "status": "IN_PROGRESS"}
+2025-06-20T16:46:14Z    INFO    Polling WorkRequest status      {"controller": "dbcssystem", "controllerGroup": "database.oracle.com", "controllerKind": "DbcsSystem", "DbcsSystem": {"name":"dbcssystem-existing","namespace":"default"}, "namespace": "default", "name": "dbcssystem-existing", "reconcileID": "61f3d6fa-6bc2-480f-a16b-2bf3f0262c36", "status": "IN_PROGRESS"}
+2025-06-20T16:46:45Z    INFO    Polling WorkRequest status      {"controller": "dbcssystem", "controllerGroup": "database.oracle.com", "controllerKind": "DbcsSystem", "DbcsSystem": {"name":"dbcssystem-existing","namespace":"default"}, "namespace": "default", "name": "dbcssystem-existing", "reconcileID": "61f3d6fa-6bc2-480f-a16b-2bf3f0262c36", "status": "IN_PROGRESS"}
+2025-06-20T16:47:15Z    INFO    Polling WorkRequest status      {"controller": "dbcssystem", "controllerGroup": "database.oracle.com", "controllerKind": "DbcsSystem", "DbcsSystem": {"name":"dbcssystem-existing","namespace":"default"}, "namespace": "default", "name": "dbcssystem-existing", "reconcileID": "61f3d6fa-6bc2-480f-a16b-2bf3f0262c36", "status": "IN_PROGRESS"}
+2025-06-20T16:47:46Z    INFO    Polling WorkRequest status      {"controller": "dbcssystem", "controllerGroup": "database.oracle.com", "controllerKind": "DbcsSystem", "DbcsSystem": {"name":"dbcssystem-existing","namespace":"default"}, "namespace": "default", "name": "dbcssystem-existing", "reconcileID": "61f3d6fa-6bc2-480f-a16b-2bf3f0262c36", "status": "IN_PROGRESS"}
+2025-06-20T16:48:17Z    INFO    Polling WorkRequest status      {"controller": "dbcssystem", "controllerGroup": "database.oracle.com", "controllerKind": "DbcsSystem", "DbcsSystem": {"name":"dbcssystem-existing","namespace":"default"}, "namespace": "default", "name": "dbcssystem-existing", "reconcileID": "61f3d6fa-6bc2-480f-a16b-2bf3f0262c36", "status": "IN_PROGRESS"}
+2025-06-20T16:48:48Z    INFO    Polling WorkRequest status      {"controller": "dbcssystem", "controllerGroup": "database.oracle.com", "controllerKind": "DbcsSystem", "DbcsSystem": {"name":"dbcssystem-existing","namespace":"default"}, "namespace": "default", "name": "dbcssystem-existing", "reconcileID": "61f3d6fa-6bc2-480f-a16b-2bf3f0262c36", "status": "IN_PROGRESS"}
+2025-06-20T16:49:19Z    INFO    Polling WorkRequest status      {"controller": "dbcssystem", "controllerGroup": "database.oracle.com", "controllerKind": "DbcsSystem", "DbcsSystem": {"name":"dbcssystem-existing","namespace":"default"}, "namespace": "default", "name": "dbcssystem-existing", "reconcileID": "61f3d6fa-6bc2-480f-a16b-2bf3f0262c36", "status": "IN_PROGRESS"}
+2025-06-20T16:49:50Z    INFO    Polling WorkRequest status      {"controller": "dbcssystem", "controllerGroup": "database.oracle.com", "controllerKind": "DbcsSystem", "DbcsSystem": {"name":"dbcssystem-existing","namespace":"default"}, "namespace": "default", "name": "dbcssystem-existing", "reconcileID": "61f3d6fa-6bc2-480f-a16b-2bf3f0262c36", "status": "IN_PROGRESS"}
+2025-06-20T16:50:21Z    INFO    Polling WorkRequest status      {"controller": "dbcssystem", "controllerGroup": "database.oracle.com", "controllerKind": "DbcsSystem", "DbcsSystem": {"name":"dbcssystem-existing","namespace":"default"}, "namespace": "default", "name": "dbcssystem-existing", "reconcileID": "61f3d6fa-6bc2-480f-a16b-2bf3f0262c36", "status": "IN_PROGRESS"}
+2025-06-20T16:50:52Z    INFO    Polling WorkRequest status      {"controller": "dbcssystem", "controllerGroup": "database.oracle.com", "controllerKind": "DbcsSystem", "DbcsSystem": {"name":"dbcssystem-existing","namespace":"default"}, "namespace": "default", "name": "dbcssystem-existing", "reconcileID": "61f3d6fa-6bc2-480f-a16b-2bf3f0262c36", "status": "IN_PROGRESS"}
+2025-06-20T16:51:22Z    INFO    Polling WorkRequest status      {"controller": "dbcssystem", "controllerGroup": "database.oracle.com", "controllerKind": "DbcsSystem", "DbcsSystem": {"name":"dbcssystem-existing","namespace":"default"}, "namespace": "default", "name": "dbcssystem-existing", "reconcileID": "61f3d6fa-6bc2-480f-a16b-2bf3f0262c36", "status": "IN_PROGRESS"}
+2025-06-20T16:51:53Z    INFO    Polling WorkRequest status      {"controller": "dbcssystem", "controllerGroup": "database.oracle.com", "controllerKind": "DbcsSystem", "DbcsSystem": {"name":"dbcssystem-existing","namespace":"default"}, "namespace": "default", "name": "dbcssystem-existing", "reconcileID": "61f3d6fa-6bc2-480f-a16b-2bf3f0262c36", "status": "IN_PROGRESS"}
+2025-06-20T16:52:24Z    INFO    Polling WorkRequest status      {"controller": "dbcssystem", "controllerGroup": "database.oracle.com", "controllerKind": "DbcsSystem", "DbcsSystem": {"name":"dbcssystem-existing","namespace":"default"}, "namespace": "default", "name": "dbcssystem-existing", "reconcileID": "61f3d6fa-6bc2-480f-a16b-2bf3f0262c36", "status": "IN_PROGRESS"}
+2025-06-20T16:52:55Z    INFO    Polling WorkRequest status      {"controller": "dbcssystem", "controllerGroup": "database.oracle.com", "controllerKind": "DbcsSystem", "DbcsSystem": {"name":"dbcssystem-existing","namespace":"default"}, "namespace": "default", "name": "dbcssystem-existing", "reconcileID": "61f3d6fa-6bc2-480f-a16b-2bf3f0262c36", "status": "SUCCEEDED"}
+2025-06-20T16:52:55Z    INFO    WorkRequest succeeded   {"controller": "dbcssystem", "controllerGroup": "database.oracle.com", "controllerKind": "DbcsSystem", "DbcsSystem": {"name":"dbcssystem-existing","namespace":"default"}, "namespace": "default", "name": "dbcssystem-existing", "reconcileID": "61f3d6fa-6bc2-480f-a16b-2bf3f0262c36", "workRequestID": "ocid1.coreservicesworkrequest.oc1.ap-mumbai-1.abrg6ljrm6qzswsn5x3payealiktawjfpnfggonbbznu3ylxzth2nofn3p4a"}
+2025-06-20T16:52:55Z    INFO    Successfully deleted Data Guard association     {"controller": "dbcssystem", "controllerGroup": "database.oracle.com", "controllerKind": "DbcsSystem", "DbcsSystem": {"name":"dbcssystem-existing","namespace":"default"}, "namespace": "default", "name": "dbcssystem-existing", "reconcileID": "61f3d6fa-6bc2-480f-a16b-2bf3f0262c36"}
+
+kubectl describe dbcssystems.database.oracle.com dbcssystem-existing
+Name:         dbcssystem-existing
+Namespace:    default
+Labels:       <none>
+Annotations:  lastSuccessfulSpec:
+                {"id":"ocid1.dbsystem.oc1.ap-mumbai-1.anrg6ljrabf7htyagag6vwgkdcf5g6srfykrsqnfnryfskfhblntsjypiajq","ociConfigMap":"oci-cred-mumbai","ociS...
+API Version:  database.oracle.com/v4
+Kind:         DbcsSystem
+Metadata:
+  Creation Timestamp:  2025-06-20T16:39:48Z
+  Generation:          2
+  Resource Version:    199426196
+  UID:                 36dedd91-369a-4f7f-bde7-3dcd0fb80bc0
+Spec:
+  Data Guard:
+    Is Delete:          true
+    Peer Db System Id:  ocid1.dbsystem.oc1.ap-mumbai-1.anrg6ljrabf7htyakjqrailvboa6efrypg3oxaqis44433rjd3hjuzeygcuq
+  Id:                   ocid1.dbsystem.oc1.ap-mumbai-1.anrg6ljrabf7htyagag6vwgkdcf5g6srfykrsqnfnryfskfhblntsjypiajq
+  Oci Config Map:       oci-cred-mumbai
+  Oci Secret:           oci-privatekey
+Status:
+  Availability Domain:  OLou:AP-MUMBAI-1-AD-1
+  Cpu Core Count:       1
+  Data Guard Status:
+  Data Storage Percentage:    80
+  Data Storage Size In G Bs:  256
+  Db Clone Status:
+    Db Db Unique Name:  
+    Host Name:          
+  Db Edition:           ENTERPRISE_EDITION_HIGH_PERFORMANCE
+  Db Info:
+    Db Home Id:      ocid1.dbhome.oc1.ap-mumbai-1.anrg6ljrqlb5nxia62a4renaws56iay2nboazrndrw2p5fxgdtxbjggjkjbq
+    Db Name:         cdb1234
+    Db Unique Name:  cdb1234_dgk_bom
+    Db Workload:     OLTP
+    Id:              ocid1.database.oc1.ap-mumbai-1.anrg6ljrabf7htya2mo5an5blhlvx5euyqnazi45hli7zqs5uig7juzgme5a
+  Display Name:      dbsystem123
+  Id:                ocid1.dbsystem.oc1.ap-mumbai-1.anrg6ljrabf7htyagag6vwgkdcf5g6srfykrsqnfnryfskfhblntsjypiajq
+  Kms Details Status:
+  License Model:  BRING_YOUR_OWN_LICENSE
+  Network:
+    Client Subnet:          oke-k8sApiEndpoint-subnet-quick-cluster1-2bebe95db-regional
+    Domain Name:            sub0ea2e07ef.cluster1.oraclevcn.com
+    Host Name:              host123
+    Listener Port:          1521
+    Scan Dns Name:          host123-scan.sub0ea2e07ef.cluster1.oraclevcn.com
+    Vcn Name:               oke-vcn-quick-cluster1-2bebe95db
+  Node Count:               1
+  Reco Storage Size In GB:  256
+  Shape:                    VM.Standard2.1
+  State:                    AVAILABLE
+  Storage Management:       ASM
+  Subnet Id:                ocid1.subnet.oc1.ap-mumbai-1.aaaaaaaaklvzufcgma65ibn4al7xukjmyfz7nnrpaewfzbffz5zrnz3htweq
+  Time Zone:                UTC
+  Work Requests:
+    Operation Id:      ocid1.coreservicesworkrequest.oc1.ap-mumbai-1.abrg6ljrezh3gctuqydvhcwp3s7ciihu2wnjzzrmz7rfw5jnkiwarjxbz6ia
+    Operation Type:    Create Data Guard
+    Percent Complete:  100
+    Time Accepted:     2025-06-20 11:51:32.803 +0000 UTC
+    Time Finished:     2025-06-20 14:07:19.763 +0000 UTC
+    Time Started:      2025-06-20 11:51:39.534 +0000 UTC
+    Operation Id:      ocid1.coreservicesworkrequest.oc1.ap-mumbai-1.abrg6ljromubu2srfzznxbgv6ussbgbii6ln6t7sb6nkpwkab4meqxoionjq
+    Operation Type:    Create Data Guard
+    Percent Complete:  100
+    Time Accepted:     2025-06-19 16:39:05.542 +0000 UTC
+    Time Finished:     2025-06-19 18:37:19.007 +0000 UTC
+    Time Started:      2025-06-19 16:39:13.226 +0000 UTC
+    Operation Id:      ocid1.coreservicesworkrequest.oc1.ap-mumbai-1.abrg6ljr7oy4dlwckl7r6ukwg5mxxnjjocp5wqp5ehsx3zblow2zza6h7j4q
+    Operation Type:    Create Data Guard
+    Percent Complete:  100
+    Time Accepted:     2025-06-19 09:30:22.587 +0000 UTC
+    Time Finished:     2025-06-19 11:51:06.723 +0000 UTC
+    Time Started:      2025-06-19 09:30:30.03 +0000 UTC
+    Operation Id:      ocid1.coreservicesworkrequest.oc1.ap-mumbai-1.abrg6ljrlansxzbmlry2uw3f2wlg3c32poxxpqqxiqvs4jeza5kp3a3zjdaa
+    Operation Type:    Create Data Guard
+    Percent Complete:  100
+    Time Accepted:     2025-06-18 11:52:28.133 +0000 UTC
+    Time Finished:     2025-06-18 13:54:02.717 +0000 UTC
+    Time Started:      2025-06-18 11:52:31.256 +0000 UTC
+    Operation Id:      ocid1.coreservicesworkrequest.oc1.ap-mumbai-1.abrg6ljr745m6kvhdlchnbfpgfi53oabqpbp6edr4sihrrlhh3vpx272q32a
+    Operation Type:    Create Data Guard
+    Percent Complete:  100
+    Time Accepted:     2025-06-18 11:23:18.919 +0000 UTC
+    Time Finished:     2025-06-18 11:28:17.598 +0000 UTC
+    Time Started:      2025-06-18 11:23:28.016 +0000 UTC
+    Operation Id:      ocid1.coreservicesworkrequest.oc1.ap-mumbai-1.abrg6ljrxow6rzn63igski66j7264ft3bnnjkvg74vd6xf77rqg6tkakrlkq
+    Operation Type:    Create Data Guard
+    Percent Complete:  100
+    Time Accepted:     2025-06-18 11:15:30.139 +0000 UTC
+    Time Finished:     2025-06-18 11:22:04.763 +0000 UTC
+    Time Started:      2025-06-18 11:15:36.599 +0000 UTC
+    Operation Id:      ocid1.coreservicesworkrequest.oc1.ap-mumbai-1.abrg6ljrzj4cnxwitxjjlcwwymbpby7chckrq5vtm2hpykprgxrm5rtw2eqq
+    Operation Type:    Create Data Guard
+    Percent Complete:  100
+    Time Accepted:     2025-06-18 10:59:14.372 +0000 UTC
+    Time Finished:     2025-06-18 11:15:15.936 +0000 UTC
+    Time Started:      2025-06-18 10:59:20.854 +0000 UTC
+    Operation Id:      ocid1.coreservicesworkrequest.oc1.ap-mumbai-1.abrg6ljrsfschtlkucf65m575jyswb6xsk3mpfx26gsrumrfa6huzhjswbxq
+    Operation Type:    Create Data Guard
+    Percent Complete:  100
+    Time Accepted:     2025-06-18 07:20:00.043 +0000 UTC
+    Time Finished:     2025-06-18 07:43:54.273 +0000 UTC
+    Time Started:      2025-06-18 07:20:07.169 +0000 UTC
+    Operation Id:      ocid1.coreservicesworkrequest.oc1.ap-mumbai-1.abrg6ljryitxrazcuutk3ttxscpudqtaeq7o3havhhh3aov5tdtvuhmnclma
+    Operation Type:    Create DB System
+    Percent Complete:  100
+    Time Accepted:     2025-06-13 11:53:36.483 +0000 UTC
+    Time Finished:     2025-06-13 14:10:52.388 +0000 UTC
+    Time Started:      2025-06-13 11:53:43.916 +0000 UTC
+Events:                <none>
\ No newline at end of file
diff --git a/docs/dbcs/provisioning/disable_dataguard_to_database.md b/docs/dbcs/provisioning/disable_dataguard_to_database.md
new file mode 100644
index 00000000..f6682e03
--- /dev/null
+++ b/docs/dbcs/provisioning/disable_dataguard_to_database.md
@@ -0,0 +1,40 @@
+# Disable Dataguard Association to Existing Database of DB System and Terminate Peer DB System in OCI Base DBCS Service
+
+In this use case, we are going to disable Dataguard and Terminate Peer DB System of an existing OCI OCS system deployed earlier with existing Database and dataguard association. Note: Both disable Dataguard and Terminate Peer DB System will happen together. 
+
+As an pre-requisite, get the details of OCID of database of an existing DBCS System which you want to clone.  
+
+**NOTE:** We are assuming that before this step, you have followed the [prerequisite](./../README.md#prerequisites-to-deploy-a-dbcs-system-using-oracle-db-operator-dbcs-controller) steps to create the configmap and the secrets required during the deployment.
+
+This example uses `dataguard_in_database.yaml` to clone a Single Instance DBCS VMDB using Oracle DB Operator DBCS Controller with:
+- OCI Configmap as `oci-cred`  
+- OCI Secret as `oci-privatekey`
+- Specification of dataGuard as - Details for dataguard setup `peerDbSystemId`, `enabled: false` and `isDelete: true`.
+**NOTE:** For the details of the parameters to be used in the .yaml file, please refer [here](./dbcs_controller_parameters.md).
+
+Use the file: [disable_dataguard_in_database.yaml](./disable_dataguard_in_database.yaml) for this use case as below:
+
+1. Deploy the .yaml file:  
+```sh
+[root@docker-test-server DBCS]# kubectl apply -f disable_dataguard_in_database.yaml
+dbcssystem.database.oracle.com/dbcssystem-existing configured
+```
+
+2. Monitor the Oracle DB Operator Pod `pod/oracle-database-operator-controller-manager-665874bd57-g2cgw` for the progress of the DBCS VMDB creation of PDBs. 
+
+NOTE: Check the DB Operator Pod name in your environment.
+
+```
+[root@docker-test-server DBCS]# kubectl logs -f pod/oracle-database-operator-controller-manager-665874bd57-g2cgw -n  oracle-database-operator-system
+```
+3. Describe the Kubernetes object to see more details
+```bash
+kubectl describe dbcssystems.database.oracle.com dbcssystem-existing
+```
+More precisely
+```bash
+kubectl get dbcssystems.database.oracle.com dbcssystem-existing  -o jsonpath='{.status.dataGuardStatus.lifecycleState}'
+TERMINATED
+```
+
+
diff --git a/docs/dbcs/provisioning/disabled_dataguard_to_database.md b/docs/dbcs/provisioning/disabled_dataguard_to_database.md
new file mode 100644
index 00000000..e69de29b
diff --git a/docs/dbcs/provisioning/patch_dbcs_system.yaml b/docs/dbcs/provisioning/patch_dbcs_system.yaml
new file mode 100644
index 00000000..6f6e6ed0
--- /dev/null
+++ b/docs/dbcs/provisioning/patch_dbcs_system.yaml
@@ -0,0 +1,29 @@
+# The API group and version this custom resource belongs to (Oracle Database Operator CRD v4)
+apiVersion: database.oracle.com/v4
+
+# The type of resource (DbcsSystem manages an OCI DB System)
+kind: DbcsSystem
+
+# Standard Kubernetes object metadata
+metadata:
+  # The name of this DbcsSystem resource (must be unique within the namespace)
+  name: dbcssystem-existing
+
+# Specification of the desired state for the DbcsSystem
+spec:
+  # The OCID of the existing DB System in OCI that this resource manages
+  id: "ocid1.dbsystem.oc1.ap-mumbai-1.anrg6ljrabf7htyagag6vwgkdcf5g6srfykrsqnfnryfskfhblntsjypiajq"
+
+  # The name of the ConfigMap containing OCI credentials (tenancy, region, etc.)
+  ociConfigMap: "oci-cred-mumbai"
+
+  # The name of the Secret containing the OCI private key used for authentication
+  ociSecret: "oci-privatekey"
+
+  # Indicates that this CR should apply a patch/update instead of creating a new DB system
+  isPatch: true
+
+  # DB system-specific configuration (nested object)
+  dbSystem:
+    # The OCID of the database patch (db update) you want to apply to this DB system
+    dbPatchOcid: "ocid1.dbupdate.oc1.ap-mumbai-1.anrg6ljrt5t4sqqa2z6zz3vxd4u2gmkvrofeatpufsbw332yksvuzc2xmgxq"
diff --git a/docs/dbcs/provisioning/patch_dbcs_system_sample_output.log b/docs/dbcs/provisioning/patch_dbcs_system_sample_output.log
new file mode 100644
index 00000000..e69de29b
diff --git a/docs/dbcs/provisioning/patching_database.md b/docs/dbcs/provisioning/patching_database.md
new file mode 100644
index 00000000..cfee83d9
--- /dev/null
+++ b/docs/dbcs/provisioning/patching_database.md
@@ -0,0 +1,45 @@
+# Patching Existing Database of DB System in OCI Base DBCS Service
+
+In this use case, see how an existing OCI OBDS system deployed earlier can be patched using the OCI Oracle Base Database System (OBDS). This is a two-step operation. 
+
+To patch OBDS to an existing OBDS system, obtain the OCID of the database system ID that you want to patch.
+
+**NOTE:** We are assuming that before this step, you have followed the [prerequisite](./../README.md#prerequisites-to-deploy-a-dbcs-system-using-oracle-db-operator-dbcs-controller) steps to create the configmap and the secrets required during the deployment.
+As step 1, first bind the existing DBCS System to DBCS Controller following [documentation](./../provisioning/bind_to_existing_dbcs_system.md). After successful binding, it will appear as follows:
+```bash
+kubectl get dbcssystems
+NAME                  AGE
+dbcssystem-existing   3m33s
+```
+
+Step 2 uses `patch_dbcs_system.yaml` to patch a Single Instance OBDS VMDB using Oracle DB Operator OBDS Controller with the following:
+
+- OCID of the existing VMDB as `id` to be patched.
+- OCI Configmap as `oci-cred`  
+- OCI Secret as `oci-privatekey`
+- `isPatch` as true
+- Specification of the database system that you are patching as `dbPatchOcid`. The OCIDs must be unique, and you must provide new details for new patched DB system that are to be created.
+**NOTE:** For the details of the parameters to be used in the `.yaml` file, see: [here](./dbcs_controller_parameters.md).
+
+Use the file: [patch_dbcs_system.yaml](./patch_dbcs_system.yaml) for this use case as described in the following steps:
+
+1. Deploy the `.yaml` file:  
+```sh
+[root@docker-test-server DBCS]# kubectl apply -f patch_dbcs_system.yaml
+dbcssystem.database.oracle.com/dbcssystem-existing configured
+```
+
+2. Monitor the Oracle DB Operator Pod `pod/oracle-database-operator-controller-manager-665874bd57-g2cgw` to follow the progress of the DBCS VMDB creation of PDBs. 
+
+NOTE: Check the DB Operator Pod name in your environment.
+
+```
+[root@docker-test-server DBCS]# kubectl logs -f pod/oracle-database-operator-controller-manager-665874bd57-g2cgw -n  oracle-database-operator-system
+```
+3. Check details of the Kubernetes object post patching to ensure that it is complete, and verify that the patched version is as expected:
+```bash
+kubectl describe dbcssystems.database.oracle.com dbcssystem-existing
+
+kubectl get dbcssystems.database.oracle.com dbcssystem-existing -o jsonpath='{.status.dbVersion}'
+19.28.0.0.0
+```
\ No newline at end of file
diff --git a/docs/dbcs/provisioning/restore_database_sample_output.log b/docs/dbcs/provisioning/restore_database_sample_output.log
new file mode 100644
index 00000000..8b5b738a
--- /dev/null
+++ b/docs/dbcs/provisioning/restore_database_sample_output.log
@@ -0,0 +1,22 @@
+2025-04-15T10:28:10Z    INFO    Initiating restore operation    {"controller": "dbcssystem", "controllerGroup": "database.oracle.com", "controllerKind": "DbcsSystem", "DbcsSystem": {"name":"dbcssystem-restore","namespace":"default"}, "namespace": "default", "name": "dbcssystem-restore", "reconcileID": "0777d0ff-0746-447e-adac-6d59e37958eb", "DatabaseID": "ocid1.database.oc1.ap-mumbai-1.anrg6ljrabf7htyarrvtdd42dwcncvrj3bic2yds2es2ubic3bjiwq4omgxq", "RestoreOption": {"latest":true}}
+2025-04-15T10:28:11Z    INFO    Restore initiated       {"controller": "dbcssystem", "controllerGroup": "database.oracle.com", "controllerKind": "DbcsSystem", "DbcsSystem": {"name":"dbcssystem-restore","namespace":"default"}, "namespace": "default", "name": "dbcssystem-restore", "reconcileID": "0777d0ff-0746-447e-adac-6d59e37958eb", "WorkRequestID": "ocid1.coreservicesworkrequest.oc1.ap-mumbai-1.abrg6ljrr3kjbgleo3d3w75q3flj5mk2l4feiptvbzqxlpmdnzgld6jqqyaq"}
+2025-04-15T10:28:42Z    INFO    Polling Restore Operation       {"controller": "dbcssystem", "controllerGroup": "database.oracle.com", "controllerKind": "DbcsSystem", "DbcsSystem": {"name":"dbcssystem-restore","namespace":"default"}, "namespace": "default", "name": "dbcssystem-restore", "reconcileID": "0777d0ff-0746-447e-adac-6d59e37958eb", "DatabaseID": "ocid1.database.oc1.ap-mumbai-1.anrg6ljrabf7htyarrvtdd42dwcncvrj3bic2yds2es2ubic3bjiwq4omgxq", "State": "UPDATING"}
+2025-04-15T10:29:11Z    INFO    Polling Restore Operation       {"controller": "dbcssystem", "controllerGroup": "database.oracle.com", "controllerKind": "DbcsSystem", "DbcsSystem": {"name":"dbcssystem-restore","namespace":"default"}, "namespace": "default", "name": "dbcssystem-restore", "reconcileID": "0777d0ff-0746-447e-adac-6d59e37958eb", "DatabaseID": "ocid1.database.oc1.ap-mumbai-1.anrg6ljrabf7htyarrvtdd42dwcncvrj3bic2yds2es2ubic3bjiwq4omgxq", "State": "UPDATING"}
+2025-04-15T10:29:41Z    INFO    Polling Restore Operation       {"controller": "dbcssystem", "controllerGroup": "database.oracle.com", "controllerKind": "DbcsSystem", "DbcsSystem": {"name":"dbcssystem-restore","namespace":"default"}, "namespace": "default", "name": "dbcssystem-restore", "reconcileID": "0777d0ff-0746-447e-adac-6d59e37958eb", "DatabaseID": "ocid1.database.oc1.ap-mumbai-1.anrg6ljrabf7htyarrvtdd42dwcncvrj3bic2yds2es2ubic3bjiwq4omgxq", "State": "UPDATING"}
+2025-04-15T10:30:11Z    INFO    Polling Restore Operation       {"controller": "dbcssystem", "controllerGroup": "database.oracle.com", "controllerKind": "DbcsSystem", "DbcsSystem": {"name":"dbcssystem-restore","namespace":"default"}, "namespace": "default", "name": "dbcssystem-restore", "reconcileID": "0777d0ff-0746-447e-adac-6d59e37958eb", "DatabaseID": "ocid1.database.oc1.ap-mumbai-1.anrg6ljrabf7htyarrvtdd42dwcncvrj3bic2yds2es2ubic3bjiwq4omgxq", "State": "UPDATING"}
+2025-04-15T10:30:41Z    INFO    Polling Restore Operation       {"controller": "dbcssystem", "controllerGroup": "database.oracle.com", "controllerKind": "DbcsSystem", "DbcsSystem": {"name":"dbcssystem-restore","namespace":"default"}, "namespace": "default", "name": "dbcssystem-restore", "reconcileID": "0777d0ff-0746-447e-adac-6d59e37958eb", "DatabaseID": "ocid1.database.oc1.ap-mumbai-1.anrg6ljrabf7htyarrvtdd42dwcncvrj3bic2yds2es2ubic3bjiwq4omgxq", "State": "UPDATING"}
+2025-04-15T10:31:11Z    INFO    Polling Restore Operation       {"controller": "dbcssystem", "controllerGroup": "database.oracle.com", "controllerKind": "DbcsSystem", "DbcsSystem": {"name":"dbcssystem-restore","namespace":"default"}, "namespace": "default", "name": "dbcssystem-restore", "reconcileID": "0777d0ff-0746-447e-adac-6d59e37958eb", "DatabaseID": "ocid1.database.oc1.ap-mumbai-1.anrg6ljrabf7htyarrvtdd42dwcncvrj3bic2yds2es2ubic3bjiwq4omgxq", "State": "UPDATING"}
+2025-04-15T10:31:41Z    INFO    Polling Restore Operation       {"controller": "dbcssystem", "controllerGroup": "database.oracle.com", "controllerKind": "DbcsSystem", "DbcsSystem": {"name":"dbcssystem-restore","namespace":"default"}, "namespace": "default", "name": "dbcssystem-restore", "reconcileID": "0777d0ff-0746-447e-adac-6d59e37958eb", "DatabaseID": "ocid1.database.oc1.ap-mumbai-1.anrg6ljrabf7htyarrvtdd42dwcncvrj3bic2yds2es2ubic3bjiwq4omgxq", "State": "UPDATING"}
+2025-04-15T10:32:11Z    INFO    Polling Restore Operation       {"controller": "dbcssystem", "controllerGroup": "database.oracle.com", "controllerKind": "DbcsSystem", "DbcsSystem": {"name":"dbcssystem-restore","namespace":"default"}, "namespace": "default", "name": "dbcssystem-restore", "reconcileID": "0777d0ff-0746-447e-adac-6d59e37958eb", "DatabaseID": "ocid1.database.oc1.ap-mumbai-1.anrg6ljrabf7htyarrvtdd42dwcncvrj3bic2yds2es2ubic3bjiwq4omgxq", "State": "UPDATING"}
+2025-04-15T10:32:41Z    INFO    Polling Restore Operation       {"controller": "dbcssystem", "controllerGroup": "database.oracle.com", "controllerKind": "DbcsSystem", "DbcsSystem": {"name":"dbcssystem-restore","namespace":"default"}, "namespace": "default", "name": "dbcssystem-restore", "reconcileID": "0777d0ff-0746-447e-adac-6d59e37958eb", "DatabaseID": "ocid1.database.oc1.ap-mumbai-1.anrg6ljrabf7htyarrvtdd42dwcncvrj3bic2yds2es2ubic3bjiwq4omgxq", "State": "UPDATING"}
+2025-04-15T10:33:11Z    INFO    Polling Restore Operation       {"controller": "dbcssystem", "controllerGroup": "database.oracle.com", "controllerKind": "DbcsSystem", "DbcsSystem": {"name":"dbcssystem-restore","namespace":"default"}, "namespace": "default", "name": "dbcssystem-restore", "reconcileID": "0777d0ff-0746-447e-adac-6d59e37958eb", "DatabaseID": "ocid1.database.oc1.ap-mumbai-1.anrg6ljrabf7htyarrvtdd42dwcncvrj3bic2yds2es2ubic3bjiwq4omgxq", "State": "UPDATING"}
+2025-04-15T10:33:41Z    INFO    Polling Restore Operation       {"controller": "dbcssystem", "controllerGroup": "database.oracle.com", "controllerKind": "DbcsSystem", "DbcsSystem": {"name":"dbcssystem-restore","namespace":"default"}, "namespace": "default", "name": "dbcssystem-restore", "reconcileID": "0777d0ff-0746-447e-adac-6d59e37958eb", "DatabaseID": "ocid1.database.oc1.ap-mumbai-1.anrg6ljrabf7htyarrvtdd42dwcncvrj3bic2yds2es2ubic3bjiwq4omgxq", "State": "UPDATING"}
+2025-04-15T10:42:41Z    INFO    Polling Restore Operation       {"controller": "dbcssystem", "controllerGroup": "database.oracle.com", "controllerKind": "DbcsSystem", "DbcsSystem": {"name":"dbcssystem-restore","namespace":"default"}, "namespace": "default", "name": "dbcssystem-restore", "reconcileID": "0777d0ff-0746-447e-adac-6d59e37958eb", "DatabaseID": "ocid1.database.oc1.ap-mumbai-1.anrg6ljrabf7htyarrvtdd42dwcncvrj3bic2yds2es2ubic3bjiwq4omgxq", "State": "UPDATING"}
+2025-04-15T10:43:11Z    INFO    Polling Restore Operation       {"controller": "dbcssystem", "controllerGroup": "database.oracle.com", "controllerKind": "DbcsSystem", "DbcsSystem": {"name":"dbcssystem-restore","namespace":"default"}, "namespace": "default", "name": "dbcssystem-restore", "reconcileID": "0777d0ff-0746-447e-adac-6d59e37958eb", "DatabaseID": "ocid1.database.oc1.ap-mumbai-1.anrg6ljrabf7htyarrvtdd42dwcncvrj3bic2yds2es2ubic3bjiwq4omgxq", "State": "UPDATING"}
+2025-04-15T10:43:41Z    INFO    Polling Restore Operation       {"controller": "dbcssystem", "controllerGroup": "database.oracle.com", "controllerKind": "DbcsSystem", "DbcsSystem": {"name":"dbcssystem-restore","namespace":"default"}, "namespace": "default", "name": "dbcssystem-restore", "reconcileID": "0777d0ff-0746-447e-adac-6d59e37958eb", "DatabaseID": "ocid1.database.oc1.ap-mumbai-1.anrg6ljrabf7htyarrvtdd42dwcncvrj3bic2yds2es2ubic3bjiwq4omgxq", "State": "UPDATING"}
+2025-04-15T10:44:11Z    INFO    Polling Restore Operation       {"controller": "dbcssystem", "controllerGroup": "database.oracle.com", "controllerKind": "DbcsSystem", "DbcsSystem": {"name":"dbcssystem-restore","namespace":"default"}, "namespace": "default", "name": "dbcssystem-restore", "reconcileID": "0777d0ff-0746-447e-adac-6d59e37958eb", "DatabaseID": "ocid1.database.oc1.ap-mumbai-1.anrg6ljrabf7htyarrvtdd42dwcncvrj3bic2yds2es2ubic3bjiwq4omgxq", "State": "UPDATING"}
+2025-04-15T10:44:41Z    INFO    Polling Restore Operation       {"controller": "dbcssystem", "controllerGroup": "database.oracle.com", "controllerKind": "DbcsSystem", "DbcsSystem": {"name":"dbcssystem-restore","namespace":"default"}, "namespace": "default", "name": "dbcssystem-restore", "reconcileID": "0777d0ff-0746-447e-adac-6d59e37958eb", "DatabaseID": "ocid1.database.oc1.ap-mumbai-1.anrg6ljrabf7htyarrvtdd42dwcncvrj3bic2yds2es2ubic3bjiwq4omgxq", "State": "AVAILABLE"}
+2025-04-15T10:44:41Z    INFO    Database restore completed      {"controller": "dbcssystem", "controllerGroup": "database.oracle.com", "controllerKind": "DbcsSystem", "DbcsSystem": {"name":"dbcssystem-restore","namespace":"default"}, "namespace": "default", "name": "dbcssystem-restore", "reconcileID": "0777d0ff-0746-447e-adac-6d59e37958eb", "DatabaseID": "ocid1.database.oc1.ap-mumbai-1.anrg6ljrabf7htyarrvtdd42dwcncvrj3bic2yds2es2ubic3bjiwq4omgxq"}
+2025-04-15T10:44:44Z    INFO    dbcssystem-resource     default {"name": "dbcssystem-restore"}
+2025-04-15T10:44:44Z    INFO    dbcssystem-resource     default {"name": "dbcssystem-restore"}
+2025-04-15T10:44:44Z    INFO    Restore Operation Completed and lastSuccessfulSpec updated      {"controller": "dbcssystem", "controllerGroup": "database.oracle.com", "controllerKind": "DbcsSystem", "DbcsSystem": {"name":"dbcssystem-restore","namespace":"default"}, "namespace": "default", "name": "dbcssystem-restore", "reconcileID": "0777d0ff-0746-447e-adac-6d59e37958eb", "DbcsSystem": "dbcssystem-restore"}
diff --git a/docs/dbcs/provisioning/restore_of_database.md b/docs/dbcs/provisioning/restore_of_database.md
new file mode 100644
index 00000000..3630259d
--- /dev/null
+++ b/docs/dbcs/provisioning/restore_of_database.md
@@ -0,0 +1,34 @@
+# Restore from Backup of Existing Database of DB System in OCI OBDS Service
+
+In this use case, an existing OCI OBDS system deployed earlier with existing backup of Database is configured to use restore in OCI Base OBDS Service with an existing database system ID. 
+
+As an prerequisite, obtain the OCID details for the database of an existing OBDS System that you want to back up.  
+
+**NOTE:** We are assuming that before this step, you have followed the [prerequisite](./../README.md#prerequisites-to-deploy-a-dbcs-system-using-oracle-db-operator-dbcs-controller) steps to create the configmap and the secrets required during the deployment.
+
+This example uses `restore_of_database.yaml` to clone a Single Instance OBDS VMDB using Oracle DB Operator OBDS Controller with the following:
+- OCID of existing as DB System as `id`
+- OCI Configmap as `oci-cred`  
+- OCI Secret as `oci-privatekey`
+- Restore Configuration with the restore taken from a backup. To perform the restoration, the backup is provided with one of `latest` , `scn` and `timestamp` under `restoreConfig`. For restorations, do not provide more than one option.
+**NOTE:** For the details of the parameters to be used in the `.yaml` file, see [dBCS Controller Parameters](./dbcs_controller_parameters.md).
+
+Use the file: [restore_of_database.yaml](./restore_of_database.yaml) for this use case, as described in the following steps:
+
+1. Deploy the .yaml file:  
+```sh
+[root@docker-test-server OBDS]# kubectl apply -f restore_of_database.yaml
+dbcssystem.database.oracle.com/dbcssystem-restore configured
+```
+
+2. Monitor the Oracle DB Operator Pod `pod/oracle-database-operator-controller-manager-665874bd57-g2cgw` for the progress of the OBDS VMDB creation of PDBs. 
+
+NOTE: Check the DB Operator Pod name in your environment.
+
+```
+[root@docker-test-server OBDS]# kubectl logs -f pod/oracle-database-operator-controller-manager-665874bd57-g2cgw -n  oracle-database-operator-system
+```
+
+## Sample Output
+
+[Here](./restore_database_sample_output.log) is an example output log of a restore from an existing OBDS System deployed in OCI using Oracle DB Operator OBDS Controller.
\ No newline at end of file
diff --git a/docs/dbcs/provisioning/restore_of_database.yaml b/docs/dbcs/provisioning/restore_of_database.yaml
new file mode 100644
index 00000000..af0bbe64
--- /dev/null
+++ b/docs/dbcs/provisioning/restore_of_database.yaml
@@ -0,0 +1,11 @@
+apiVersion: database.oracle.com/v4
+kind: DbcsSystem
+metadata:
+  name: dbcssystem-restore
+spec:
+  id: "ocid1.dbsystem.oc1.ap-mumbai-1.anrg6ljrabf7htyaezbusohovqidnjud2w5wmeisqydsmkqlzcghctvrscfq"
+  ociConfigMap: "oci-cred"
+  ociSecret: "oci-privatekey"
+  dbSystem:
+    restoreConfig:
+      latest: true
\ No newline at end of file
diff --git a/docs/dbcs/provisioning/scale_down_dbcs_system_shape.md b/docs/dbcs/provisioning/scale_down_dbcs_system_shape.md
index 1f03ff9f..149b8e10 100644
--- a/docs/dbcs/provisioning/scale_down_dbcs_system_shape.md
+++ b/docs/dbcs/provisioning/scale_down_dbcs_system_shape.md
@@ -1,15 +1,15 @@
 # Scale Down the shape of an existing OBDS System
 
-In this use case, an existing OCI OBDS system deployed earlier is scaled down for its shape using Oracle DB Operator OBDS controller. Its a 2 Step operation.
+In this use case, an existing OCI OBDS system deployed earlier is scaled down for its shape using Oracle DB Operator OBDS controller. This is a two-step operation.
 
-In order to scale down an existing OBDS system, the steps will be:
+To scale down an existing OBDS system, the two steps are as follows:
 
 1. Bind the existing OBDS System to OBDS Controller.
 2. Apply the change to scale down its shape.
 
-**NOTE** We are assuming that before this step, you have followed the [prerequisite](./../README.md#prerequsites-to-deploy-a-dbcs-system-using-oracle-db-operator-dbcs-controller) steps to create the configmap and the secrets required during the deployment.
+**NOTE** We are assuming that before this step, you have followed the [prerequisite steps](./../README.md#prerequsites-to-deploy-a-dbcs-system-using-oracle-db-operator-dbcs-controller) to create the configmap and the secrets required during the deployment.
 
-This example uses `scale_down_dbcs_system_shape.yaml` to scale down a Single Instance OBDS VMDB using Oracle DB Operator OBDS Controller with:
+This example uses `scale_down_dbcs_system_shape.yaml` to scale down a Single Instance OBDS VMDB using Oracle DB Operator OBDS Controller with the following:
 
 - OCID of existing VMDB as `ocid1.dbsystem.oc1.ap-mumbai-1.anrg6ljrabf7htyadgsso7aessztysrwaj5gcl3tp7ce6asijm2japyvmroa`
 - OCI Configmap as `oci-cred`  
@@ -22,9 +22,9 @@ This example uses `scale_down_dbcs_system_shape.yaml` to scale down a Single Ins
 - SSH Public key for the OBDS system being deployed as `oci-publickey`  
 - OCID of the Subnet as `ocid1.subnet.oc1.ap-mumbai-1.aaaaaaaa5zpzfax66omtbmjwlv4thruyru7focnu7fjcjksujmgwmr6vpbvq`  
 
-**NOTE:** For the details of the parameters to be used in the .yaml file, please refer [here](./dbcs_controller_parameters.md).
+**NOTE:** For the details of the parameters to be used in the `.yaml` file, see: [DBCS Controller Parameters](./dbcs_controller_parameters.md).
 
-Use the file: [scale_down_dbcs_system_shape.yaml](./scale_down_dbcs_system_shape.yaml) for this use case as below:
+Use the file: [scale_down_dbcs_system_shape.yaml](./scale_down_dbcs_system_shape.yaml) for this use case as follows:
 
 1. Deploy the .yaml file:  
 ```sh
@@ -42,4 +42,4 @@ NOTE: Check the DB Operator Pod name in your environment.
 
 ## Sample Output
 
-[Here](./scale_down_dbcs_system_shape_sample_output.log) is the sample output for scaling down the shape of an existing OBDS System deployed in OCI using Oracle DB Operator OBDS Controller.
+[This log file](./scale_down_dbcs_system_shape_sample_output.log) is an example output log file for scaling down the shape of an existing OBDS System deployed in OCI using Oracle DB Operator OBDS Controller.
diff --git a/docs/dbcs/provisioning/scale_up_dbcs_system_shape.md b/docs/dbcs/provisioning/scale_up_dbcs_system_shape.md
index 924a8517..5ec4f3da 100644
--- a/docs/dbcs/provisioning/scale_up_dbcs_system_shape.md
+++ b/docs/dbcs/provisioning/scale_up_dbcs_system_shape.md
@@ -1,8 +1,8 @@
 # Scale UP the shape of an existing OBDS System
 
-In this use case, an existing OCI OBDS system deployed earlier is scaled up for its shape using Oracle DB Operator OBDS controller. Its a 2 Step operation.
+In this use case, an existing OCI OBDS system deployed earlier is scaled up for its shape using Oracle DB Operator OBDS controller. This is a two-step operation.
 
-In order to scale up an existing OBDS system, the steps will be:
+To scale up an existing OBDS system, the two steps are:
 
 1. Bind the existing OBDS System to OBDS Controller.
 2. Apply the change to scale up its shape.
@@ -22,17 +22,17 @@ This example uses `scale_up_dbcs_system_shape.yaml` to scale up a Single Instanc
 - SSH Public key for the OBDS system being deployed as `oci-publickey`  
 - OCID of the Subnet as `ocid1.subnet.oc1.ap-mumbai-1.aaaaaaaa5zpzfax66omtbmjwlv4thruyru7focnu7fjcjksujmgwmr6vpbvq`  
 
-**NOTE:** For the details of the parameters to be used in the .yaml file, please refer [here](./dbcs_controller_parameters.md).
+**NOTE:** For the details of the parameters to be used in the `.yaml` file, see: [DBCS Controller Parameters](./dbcs_controller_parameters.md).
 
-Use the file: [scale_up_dbcs_system_shape.yaml](./scale_up_dbcs_system_shape.yaml) for this use case as below:
+Use the file: [scale_up_dbcs_system_shape.yaml](./scale_up_dbcs_system_shape.yaml) for this use case as described in the following steps:
 
-1. Deploy the .yaml file:  
+1. Deploy the `.yaml` file:  
 ```sh
 [root@docker-test-server OBDS]# kubectl apply -f scale_up_dbcs_system_shape.yaml
 dbcssystem.database.oracle.com/dbcssystem-existing configured
 ```
 
-2. Monitor the Oracle DB Operator Pod `pod/oracle-database-operator-controller-manager-665874bd57-g2cgw` for the progress of the OBDS VMDB Scale up. 
+2. Monitor the Oracle DB Operator Pod `pod/oracle-database-operator-controller-manager-665874bd57-g2cgw` to see the progress of the OBDS VMDB Scale up. 
 
 NOTE: Check the DB Operator Pod name in your environment.
 
@@ -42,4 +42,4 @@ NOTE: Check the DB Operator Pod name in your environment.
 
 ## Sample Output
 
-[Here](./scale_up_dbcs_system_shape_sample_output.log) is the sample output for scaling up the shape of an existing OBDS System deployed in OCI using Oracle DB Operator OBDS Controller.
+[this log file](./scale_up_dbcs_system_shape_sample_output.log) is an example log output for scaling up the shape of an existing OBDS System deployed in OCI using Oracle DB Operator OBDS Controller.
diff --git a/docs/dbcs/provisioning/scale_up_dbcs_system_shape.yaml b/docs/dbcs/provisioning/scale_up_dbcs_system_shape.yaml
index 0be84c53..8d78fc5d 100644
--- a/docs/dbcs/provisioning/scale_up_dbcs_system_shape.yaml
+++ b/docs/dbcs/provisioning/scale_up_dbcs_system_shape.yaml
@@ -3,16 +3,24 @@ kind: DbcsSystem
 metadata:
   name: dbcssystem-existing
 spec:
+<<<<<<< HEAD
+  id: "ocid1.dbsystem.oc1.ap-mumbai-1.anrg6ljrabf7htyamvvn4n2yg6gv6s5c42qgfhtxrzcbdootuiki4wb3s5yq"
+=======
   id: "ocid1.dbsystem.oc1.ap-mumbai-1.anrg6ljrabf7htyadgsso7aessztysrwaj5gcl3tp7ce6asijm2japyvmroa"
+>>>>>>> origin/master
   ociConfigMap: "oci-cred"
   ociSecret: "oci-privatekey"
   dbSystem:
     availabilityDomain: "OLou:AP-MUMBAI-1-AD-1"
     compartmentId: "ocid1.compartment.oc1..aaaaaaaa63yqilqhgxv3dszur3a2fgwc64ohpfy43vpqjm7q5zq4q4yaw72a"
     dbAdminPasswordSecret: "admin-password"
+<<<<<<< HEAD
+    hostName: "host12345"
+=======
     hostName: "host1234"
+>>>>>>> origin/master
     shape: "VM.Standard2.2"
-    domain: "subdda0b5eaa.cluster1.oraclevcn.com"
+    domain: "sub0ea2e07ef.cluster1.oraclevcn.com"
     sshPublicKeys:
      - "oci-publickey"
-    subnetId: "ocid1.subnet.oc1.ap-mumbai-1.aaaaaaaa5zpzfax66omtbmjwlv4thruyru7focnu7fjcjksujmgwmr6vpbvq"
+    subnetId: "ocid1.subnet.oc1.ap-mumbai-1.aaaaaaaaklvzufcgma65ibn4al7xukjmyfz7nnrpaewfzbffz5zrnz3htweq"
diff --git a/docs/dbcs/provisioning/scale_up_storage.md b/docs/dbcs/provisioning/scale_up_storage.md
index ff16cbf9..f5bfa8b8 100644
--- a/docs/dbcs/provisioning/scale_up_storage.md
+++ b/docs/dbcs/provisioning/scale_up_storage.md
@@ -1,15 +1,15 @@
 # Scale UP the storage of an existing OBDS System
 
-In this use case, an existing OCI OBDS system deployed earlier is scaled up for its storage using Oracle DB Operator OBDS controller. Its a 2 Step operation.
+In this use case, an existing OCI OBDS system deployed earlier is scaled up for its storage using Oracle DB Operator OBDS controller. This is a two-step operation.
 
-In order to scale up storage of an existing OBDS system, the steps will be:
+To scale up storage of an existing OBDS system, the two steps are as follows:
 
 1. Bind the existing OBDS System to OBDS Controller.
 2. Apply the change to scale up its storage.
 
-**NOTE** We are assuming that before this step, you have followed the [prerequisite](./../README.md#prerequsites-to-deploy-a-dbcs-system-using-oracle-db-operator-dbcs-controller) steps to create the configmap and the secrets required during the deployment.
+**NOTE** We are assuming that before this step, you have followed the [prerequisite steps](./../README.md#prerequsites-to-deploy-a-dbcs-system-using-oracle-db-operator-dbcs-controller) to create the configmap and the secrets required during the deployment.
 
-This example uses `scale_up_storage.yaml` to scale up storage of an existing Single Instance OBDS VMDB using Oracle DB Operator OBDS Controller with:
+This example uses `scale_up_storage.yaml` to scale up storage of an existing Single Instance OBDS VMDB using Oracle DB Operator OBDS Controller with the following:
 
 - OCID of existing VMDB as `ocid1.dbsystem.oc1.ap-mumbai-1.anrg6ljrabf7htyadgsso7aessztysrwaj5gcl3tp7ce6asijm2japyvmroa`
 - OCI Configmap as `oci-cred`  
@@ -24,9 +24,9 @@ This example uses `scale_up_storage.yaml` to scale up storage of an existing Sin
 - OCID of the Subnet as `ocid1.subnet.oc1.ap-mumbai-1.aaaaaaaa5zpzfax66omtbmjwlv4thruyru7focnu7fjcjksujmgwmr6vpbvq`  
 
 
-Use the file: [scale_up_storage.yaml](./scale_up_storage.yaml) for this use case as below:
+Use the file: [scale_up_storage.yaml](./scale_up_storage.yaml) for this use case as described in the following steps:
 
-1. Deploy the .yaml file:  
+1. Deploy the `.yaml` file:  
 ```sh
 [root@test-server OBDS]# kubectl apply -f scale_storage.yaml
 dbcssystem.database.oracle.com/dbcssystem-existing configured
@@ -42,4 +42,4 @@ NOTE: Check the DB Operator Pod name in your environment.
 
 ## Sample Output
 
-[Here](./scale_up_storage_sample_output.log) is the sample output for scaling up the storage of an existing OBDS System deployed in OCI using Oracle DB Operator OBDS Controller with minimal parameters.
+[this log file](./scale_up_storage_sample_output.log) is an example of an output log file for scaling up the storage of an existing OBDS System deployed in OCI using Oracle DB Operator OBDS Controller with minimal parameters.
diff --git a/docs/dbcs/provisioning/terminate_dbcs_system.md b/docs/dbcs/provisioning/terminate_dbcs_system.md
index f3b19cbc..8dae2818 100644
--- a/docs/dbcs/provisioning/terminate_dbcs_system.md
+++ b/docs/dbcs/provisioning/terminate_dbcs_system.md
@@ -1,25 +1,25 @@
 # Terminate an existing Oracle Base Database System (OBDS)
 
-In this use case, an existing OCI OBDS system deployed earlier is terminated using Oracle DB Operator OBDS controller. Its a 2 Step operation.
+In this use case, an existing OCI OBDS system deployed earlier is terminated using Oracle DB Operator OBDS controller. This is a two-step operation.
 
-In order to terminate an existing OBDS system, the steps will be:
+In order to terminate an existing OBDS system, the two steps are as follows:
 
 1. Bind the existing OBDS System to OBDS Controller.
 2. Apply the change to terminate this OBDS System.
 
-**NOTE** We are assuming that before this step, you have followed the [prerequisite](./../README.md#prerequsites-to-deploy-a-dbcs-system-using-oracle-db-operator-dbcs-controller) steps to create the configmap and the secrets required during the deployment.
+**NOTE** We are assuming that before this step, you have followed the [prerequisite steps](./../README.md#prerequsites-to-deploy-a-dbcs-system-using-oracle-db-operator-dbcs-controller) to create the configmap and the secrets required during the deployment.
 
-This example uses `terminate_dbcs_system.yaml` to terminated a Single Instance OBDS VMDB using Oracle DB Operator OBDS Controller with:
+This example uses `terminate_dbcs_system.yaml` to terminated a Single Instance OBDS VMDB using Oracle DB Operator OBDS Controller with the following:
 
 - OCID of existing VMDB as `ocid1.dbsystem.oc1.phx.anyhqljrabf7htyanr3lnp6wtu5ld7qwszohiteodvwahonr2yymrftarkqa`
 - OCI Configmap as `oci-cred`  
 - OCI Secret as `oci-privatekey`  
 
-**NOTE:** For the details of the parameters to be used in the .yaml file, please refer [here](./dbcs_controller_parameters.md).
+**NOTE:** For the details of the parameters to be used in the `.yaml` file, see [DBCS Controller Parameters](./dbcs_controller_parameters.md).
 
-Use the file: [terminate_dbcs_system.yaml](./terminate_dbcs_system.yaml) for this use case as below:
+Use the file: [terminate_dbcs_system.yaml](./terminate_dbcs_system.yaml) for this use case as described in the following steps:
 
-1. Deploy the .yaml file:  
+1. Deploy the `.yaml` file:  
 ```sh
 [root@test-server OBDS]# kubectl apply -f terminate_dbcs_system.yaml
 dbcssystem.database.oracle.com/dbcssystem-terminate created
@@ -29,13 +29,13 @@ dbcssystem.database.oracle.com/dbcssystem-terminate created
 dbcssystem.database.oracle.com "dbcssystem-terminate" deleted
 ```
 
-2. Check the logs of Oracle DB Operator Pod `pod/oracle-database-operator-controller-manager-665874bd57-g2cgw` for an update on the terminate operation been accepted. 
+2. Check the logs of Oracle DB Operator Pod `pod/oracle-database-operator-controller-manager-665874bd57-g2cgw` for an update on the terminate operation to confirm it has been accepted. 
 
 ```
 [root@test-server OBDS]# kubectl logs -f pod/oracle-database-operator-controller-manager-665874bd57-g2cgw -n  oracle-database-operator-system
 ```
 
-3. Check and confirm if the existing OCI OBDS system is NO longer available after sometime because of termination:
+3. Give some time for the termination operation to be completed, and then check and confirm if the existing OCI OBDS system is no longer available:
 
 ```
 [root@test-server OBDS]# kubectl describe dbcssystems.database.oracle.com dbcssystem-terminate
@@ -43,4 +43,4 @@ dbcssystem.database.oracle.com "dbcssystem-terminate" deleted
 
 ## Sample Output
 
-[Here](./terminate_dbcs_system_sample_output.log) is the sample output for terminating an existing OBDS System deployed in OCI using Oracle DB Operator OBDS Controller with minimal parameters.
+[This example log](./terminate_dbcs_system_sample_output.log) is an example output log for terminating an existing OBDS System deployed in OCI using Oracle DB Operator OBDS Controller with minimal parameters.
diff --git a/docs/dbcs/provisioning/update_license.md b/docs/dbcs/provisioning/update_license.md
index 6f32c31b..aef88fd7 100644
--- a/docs/dbcs/provisioning/update_license.md
+++ b/docs/dbcs/provisioning/update_license.md
@@ -1,15 +1,15 @@
 # Update License type of an existing OBDS System
 
-In this use case, the license type of an existing OCI OBDS system deployed earlier is changed from `License Included` to `Bring your own license` using Oracle DB Operator OBDS controller. Its a 2 Step operation.
+In this use case, the license type of an existing OCI OBDS system deployed earlier is changed from `License Included` to `Bring your own license` using Oracle DB Operator OBDS controller. This is a two-step operation.
 
-In order to update the license type an existing OBDS system, the steps will be:
+To update the license type an existing OBDS system, the two steps are as follows:
 
 1. Bind the existing OBDS System to OBDS Controller.
 2. Apply the change to change its license type.
 
-**NOTE** We are assuming that before this step, you have followed the [prerequisite](./../README.md#prerequsites-to-deploy-a-dbcs-system-using-oracle-db-operator-dbcs-controller) steps to create the configmap and the secrets required during the deployment.
+**NOTE** We are assuming that before this step, you have followed the [prerequisite steps](./../README.md#prerequsites-to-deploy-a-dbcs-system-using-oracle-db-operator-dbcs-controller) to create the configmap and the secrets required during the deployment.
 
-This example uses `update_license.yaml` to change the license type of a Single Instance OBDS VMDB using Oracle DB Operator OBDS Controller with:
+This example uses `update_license.yaml` to change the license type of a Single Instance OBDS VMDB using Oracle DB Operator OBDS Controller with the following:
 
 - OCID of existing VMDB as `ocid1.dbsystem.oc1.ap-mumbai-1.anrg6ljrabf7htyadgsso7aessztysrwaj5gcl3tp7ce6asijm2japyvmroa`
 - OCI Configmap as `oci-cred`  
@@ -23,17 +23,17 @@ This example uses `update_license.yaml` to change the license type of a Single I
 - SSH Public key for the OBDS system being deployed as `oci-publickey`  
 - OCID of the Subnet as `ocid1.subnet.oc1.ap-mumbai-1.aaaaaaaa5zpzfax66omtbmjwlv4thruyru7focnu7fjcjksujmgwmr6vpbvq`  
 
-**NOTE:** For the details of the parameters to be used in the .yaml file, please refer [here](./dbcs_controller_parameters.md).
+**NOTE:** For the details of the parameters to be used in the `.yaml` file, see: [DBCS Controller Parameters](./dbcs_controller_parameters.md).
 
-Use the file: [update_license.yaml](./update_license.yaml) for this use case as below:
+Use the file: [update_license.yaml](./update_license.yaml) for this use case as described in the following steps:
 
-1. Deploy the .yaml file:  
+1. Deploy the `.yaml` file:  
 ```sh
 [root@test-server OBDS]# kubectl apply -f update_license.yaml
 dbcssystem.database.oracle.com/dbcssystem-existing configured
 ```
 
-2. Monitor the Oracle DB Operator Pod `pod/oracle-database-operator-controller-manager-665874bd57-g2cgw` for the progress of the OBDS VMDB Scale up. 
+2. Monitor the Oracle DB Operator Pod `pod/oracle-database-operator-controller-manager-665874bd57-g2cgw` to follow the progress of the OBDS VMDB Scale up. 
 
 NOTE: Check the DB Operator Pod name in your environment.
 
@@ -43,4 +43,4 @@ NOTE: Check the DB Operator Pod name in your environment.
 
 ## Sample Output
 
-[Here](./update_license_sample_output.log) is the sample output for updating the license type an existing OBDS System deployed in OCI using Oracle DB Operator OBDS Controller.
+[This log file](./update_license_sample_output.log) is an example output log file for updating the license type an existing OBDS System deployed in OCI using Oracle DB Operator OBDS Controller.
diff --git a/docs/dbcs/provisioning/upgrade_dbcs_system.yaml b/docs/dbcs/provisioning/upgrade_dbcs_system.yaml
new file mode 100644
index 00000000..38b3df6f
--- /dev/null
+++ b/docs/dbcs/provisioning/upgrade_dbcs_system.yaml
@@ -0,0 +1,32 @@
+# API group and version for Oracle DBCS operator
+apiVersion: database.oracle.com/v4  
+
+# Kubernetes resource kind — represents a DB system in OCI
+kind: DbcsSystem  
+
+# Standard Kubernetes metadata (object name, namespace, labels etc.)
+metadata:  
+  # The name of this DbcsSystem object inside the cluster
+  name: dbcssystem-existing  
+
+# Specification of the DBCS system
+spec:  
+  # OCID of the existing DB System in OCI (the one we want to manage/upgrade)
+  id: "ocid1.dbsystem.oc1.ap-mumbai-1.anrg6ljrabf7htyagag6vwgkdcf5g6srfykrsqnfnryfskfhblntsjypiajq"  
+
+  # Name of the ConfigMap that holds OCI credentials (tenancy, user, fingerprint, region)
+  ociConfigMap: "oci-cred-mumbai"  
+
+  # Name of the Secret that contains the private key for authentication
+  ociSecret: "oci-privatekey"  
+
+  # Flag indicating this spec is meant to perform an upgrade on the DB system
+  isUpgrade: true  
+
+  # OCID of the specific database inside the DB System (not the DB system itself)
+  databaseId: "ocid1.database.oc1.ap-mumbai-1.anrg6ljrabf7htya2mo5an5blhlvx5euyqnazi45hli7zqs5uig7juzgme5a"  
+
+  # dbSystem section holds DB system upgrade target details
+  dbSystem:  
+    # Target database version for upgrade (new GI/DB version)
+    dbUpgradeVersion: "23.6.0.24.10"  
diff --git a/docs/dbcs/provisioning/upgrade_dbcs_system_sample_output.log b/docs/dbcs/provisioning/upgrade_dbcs_system_sample_output.log
new file mode 100644
index 00000000..9f83ebf5
--- /dev/null
+++ b/docs/dbcs/provisioning/upgrade_dbcs_system_sample_output.log
@@ -0,0 +1,2 @@
+2025-07-15T14:13:15Z	INFO	Database upgrade work request status	{"controller": "dbcssystem", "controllerGroup": "database.oracle.com", "controllerKind": "DbcsSystem", "DbcsSystem": {"name":"dbcssystem-upgrade","namespace":"default"}, "namespace": "default", "name": "dbcssystem-upgrade", "reconcileID": "a07a5fe3-cbf0-4094-a603-51bc8cbb1caf", "Status": "IN_PROGRESS", "WorkRequestID": "ocid1.coreservicesworkrequest.oc1.ap-mumbai-1.abrg6ljr4cqbpeuh6rhrrn2anmz3bsvk5b2jp4jxbebr6c7lr5ybmzt6unkq"}
+2025-07-15T14:14:16Z	INFO	Database upgrade work request status	{"controller": "dbcssystem", "controllerGroup": "database.oracle.com", "controllerKind": "DbcsSystem", "DbcsSystem": {"name":"dbcssystem-upgrade","namespace":"default"}, "namespace": "default", "name": "dbcssystem-upgrade", "reconcileID": "a07a5fe3-cbf0-4094-a603-51bc8cbb1caf", "Status": "IN_PROGRESS", "WorkRequestID": "ocid1.coreservicesworkrequest.oc1.ap-mumbai-1.abrg6ljr4cqbpeuh6rhrrn2anmz3bsvk5b2jp4jxbebr6c7lr5ybmzt6unkq"}
\ No newline at end of file
diff --git a/docs/dbcs/provisioning/upgrading_database.md b/docs/dbcs/provisioning/upgrading_database.md
new file mode 100644
index 00000000..a82a922c
--- /dev/null
+++ b/docs/dbcs/provisioning/upgrading_database.md
@@ -0,0 +1,45 @@
+# Upgrade Existing Database of DB System in OCI Base DBCS Service
+
+In this use case, an existing OCI OBDS system deployed earlier is going to be upgraded in OCI Oracle Base Database System (OBDS). This is a two-step operation.
+
+To upgrade OBDS to an existing OBDS system, obtain the OCID of DB System ID that you want to upgrade.
+
+**NOTE:** We are assuming that before this step, you have followed the [prerequisite steps](./../README.md#prerequisites-to-deploy-a-dbcs-system-using-oracle-db-operator-dbcs-controller) to create the configmap and the secrets required during the deployment.
+
+For the first step, bind the existing DBCS System to DBCS Controller following the [Bind ot Existing DBCS System documentation](./../provisioning/bind_to_existing_dbcs_system.md). After successful binding, it will show as follows: 
+```bash
+kubectl get dbcssystems
+NAME                  AGE
+dbcssystem-existing   3m33s
+```
+
+Step 2 uses `upgrade_dbcs_system.yaml` to upgrade a Single Instance OBDS VMDB using Oracle DB Operator OBDS Controller with the following:
+
+- OCID of existing VMDB as `id` to be upgraded.
+- OCI Configmap as `oci-cred`  
+- OCI Secret as `oci-privatekey`
+- `isupgrade` as true
+- Specification of the DB System being upgraded as `dbUpgradeVersion`. The specification details must be unique and new for the new upgraded DB system that is created.
+**NOTE:** For the details of the parameters to be used in the `.yaml` file, see: [DBCS Controller Parameters](./dbcs_controller_parameters.md).
+
+Use the file: [upgrade_dbcs_system.yaml](./upgrade_dbcs_system.yaml) for this use case as described in the following steps:
+
+1. Deploy the `.yaml` file:  
+```sh
+[root@docker-test-server DBCS]# kubectl apply -f upgrade_dbcs_system.yaml
+dbcssystem.database.oracle.com/dbcssystem-existing configured
+```
+
+2. Monitor the Oracle DB Operator Pod `pod/oracle-database-operator-controller-manager-665874bd57-g2cgw` for the progress of the DBCS VMDB creation of PDBs. 
+
+NOTE: Check the DB Operator Pod name in your environment.
+
+```
+[root@docker-test-server DBCS]# kubectl logs -f pod/oracle-database-operator-controller-manager-665874bd57-g2cgw -n  oracle-database-operator-system
+```
+
+3. After the upgrade, describe the Kubernetes object to ensure that the correct database version is completed: 
+```bash
+kubectl get dbcssystems.database.oracle.com dbcssystem-existing
+kubectl get dbcssystems.database.oracle.com dbcssystem-existing -o jsonpath='{.status.dbVersion}'
+```
\ No newline at end of file
diff --git a/docs/multitenant/NamespaceSeg.md b/docs/multitenant/NamespaceSeg.md
deleted file mode 100644
index 6738fe56..00000000
--- a/docs/multitenant/NamespaceSeg.md
+++ /dev/null
@@ -1,14 +0,0 @@
-<span style="font-family:Liberation mono; font-size:0.8em; line-height: 1.2em">
-
-# Namespace segregation
-
-With the namespace segregation pdb controller and cdb controller run in different namespaces. The new functionality introduces a new parameter (the cdb namespace) in pdb crd definition. In case you don't need the namespace segregation you have to sepcify the namespace name that you are using for yours crd and pods anyway. Refer to usercase01 and usecase02 to see single namespace configuration. Refer to usecase03 to see examples of namespace segregation. 
-
-# Secrets 
-
-In order to use multiple namespace we need to create approriate secrets in each namespace. Tls certificate secrets must be created in all namespaces (db-ca db-tls). 
-
-![general_schema](./images/K8S_NAMESPACE_SEG.png)
-
-
-</span>
diff --git a/docs/multitenant/README.md b/docs/multitenant/README.md
index 0d3057fc..8d9e7024 100644
--- a/docs/multitenant/README.md
+++ b/docs/multitenant/README.md
@@ -1,11 +1,798 @@
-# Multitenant Controllers 
+<!-- vscode-markdown-toc -->
+* 1. [WHAT'S NEW](#WHATSNEW)
+	* 1.1. [Kubectl get lrpdb format](#Kubectlgetlrpdbformat)
+	* 1.2. [Pdb status table](#Pdbstatustable)
+* 2. [STEP BY STEP CONFIGURATION](#STEPBYSTEPCONFIGURATION)
+	* 2.1. [Multiple namespace setup](#Multiplenamespacesetup)
+	* 2.2. [Apply rolebinding](#Applyrolebinding)
+	* 2.3. [Create the operator](#Createtheoperator)
+	* 2.4. [ClusterRole and ClusterRoleBinding for NodePort services](#ClusterRoleandClusterRoleBindingforNodePortservices)
+	* 2.5. [Container database setup](#Containerdatabasesetup)
+	* 2.6. [Certificate and credentials](#Certificateandcredentials)
+		* 2.6.1. [Private key 🔑](#Privatekey)
+		* 2.6.2. [Public Key 🔑](#PublicKey)
+		* 2.6.3. [Certificates](#Certificates)
+	* 2.7. [Create secrets for certificate and keys](#Createsecretsforcertificateandkeys)
+	* 2.8. [Create secrets with encrypted password](#Createsecretswithencryptedpassword)
+	* 2.9. [Create lrest pod](#Createlrestpod)
+	* 2.10. [Openshift configuration](#Openshiftconfiguration)
+	* 2.11. [Create PDB](#CreatePDB)
+		* 2.11.1. [pdb config map](#pdbconfigmap)
+	* 2.12. [Open PDB](#OpenPDB)
+	* 2.13. [Close PDB](#ClosePDB)
+	* 2.14. [Clone PDB ###](#ClonePDB)
+	* 2.15. [Unplug PDB](#UnplugPDB)
+	* 2.16. [Plug PDB](#PlugPDB)
+	* 2.17. [Delete PDB](#DeletePDB)
+* 3. [SQL/PLSQL SCRIPT EXECUTION](#SQLPLSQLSCRIPTEXECUTION)
+	* 3.1. [Apply plsql configmap](#Applyplsqlconfigmap)
+	* 3.2. [Limitation](#Limitation)
+* 4. [TROUBLESHOOTING](#TROUBLESHOOTING)
+	* 4.1. [Get rid of error status](#Getridoferrorstatus)
+* 5. [UPGRADE EXISTING INSTALLATION](#UPGRADEEXISTINGINSTALLATION)
+* 6. [KNOWN ISSUES](#KNOWNISSUES)
 
-Starting from OraOperator version 1.2.0, there are two classes of multitenant controllers: one based on [ORDS](https://www.oracle.com/uk/database/technologies/appdev/rest.html) and another based on a dedicated REST server for the operator, called LREST. In both cases, the features remains unchanged (a part from CRD name changes). A pod running a REST server (either LREST or ORDS) acts as the proxy server connected to the container database (CDB) for all incoming kubectl requests.  We plan to discontinue the ORDS based controller, in the next release; no regression (a part form CRD name changes).
+<!-- vscode-markdown-toc-config
+	numbering=true
+	autoSave=true
+	/vscode-markdown-toc-config -->
+<!-- /vscode-markdown-toc -->
 
-## What are the differences
 
-- Regarding the YAML file, the parameters for the existing functionalities are unchanged.
-- The **CRD** names are different: for controllers based on [ORDS](./ords-based/README.md), we have **PDB** and **CDB**, while for controllers based on [LREST](./lrest-based/README.md), we have **LRPDB** and **LREST**.
-- If you use an LREST-based controller, there is no need to manually create the REST server pod. The image is available for download on OCR.
-- Controllers based on **LREST** allow you to manage PDB parameters using kubectl.
-- ORDS controllers currently do not support ORDS version 24.1.
+<span style="font-family:Liberation mono; font-size:0.9em; line-height: 1.1em">
+
+
+**Lrpdb** and **lrest** are two controllers for PDB lifecycle management (**PDBLCM**). They rely on a dedicated REST server (Lite Rest Server) container image. The `lrest` controller is available on the Oracle Container Registry (OCR). The container database can be anywhere (on-premises or in the Cloud). 
+
+![generaleschema](./images/Generalschema2.jpg)
+
+##  1. <a name='WHATSNEW'></a>WHAT'S NEW
+
+- Version 2.0 mplements the request described in the github [issue 170](https://github.com/oracle/oracle-database-operator/issues/170): remove The **action** fileds to reduce the number of input directives and  simplif the logic of the reconciliation loop. In addition to that the *kubectl get lrpdb*  commands exposes a bitmask which represent the CRD status.      
+
+![kubectlget_format](./images/KubectlGetSchema2.jpg)
+
+-  The **Map** action has been replaced by the **autodoscovery** option. If a pluggable database is created manually via command line then the lrest  detects the new pdb and automatically creates the CRD.
+
+- [sql/plsql sript execution](#sqlplsql-script-execution) this functionality enables the capability of sql/plsql code execution. 
+
+###  1.1. <a name='Kubectlgetlrpdbformat'></a>Kubectl get lrpdb format
+| Name          | Description                                             | 
+|---------------|---------------------------------------------------------|
+| NAME          | The name of the **CRD**                                 |     
+| CDB NAME      | The name of the container DB                            |
+| PDB NAME      | The name of the **Pluggable database**                  |
+| PDB STATE     | The pdb open mode                                       |
+| PDB SIZE      | Size of the Pluggable database                          | 
+| MESSAGE       | Message to verify the progress of the current request   |
+| RESTRICED     | Bool variable: database open in restricted mode         |
+| LAST SQLCODE  | Sqlcode of the last command (see [OCIErrorGet](https://docs.oracle.com/en/database/oracle/oracle-database/19/lnoci/miscellaneous-functions.html#GUID-4B99087C-74F6-498A-8310-D6645172390A)) |
+| LAST PLSQL    | Sqlcode of the last plsql execution                     |
+| BITMASK STATUS| The status of pdb represented using a bitmask           | 
+| CONNECT_STRING| The tns string for pdb connection                       |
+
+###  1.2. <a name='Pdbstatustable'></a>Pdb status table 
+
+| Name    | Value     | Description                                       |
+|---------|-----------|---------------------------------------------------|
+|  PDBCRT |0x00000001 | Create PDB                                        |
+|  PDBOPN |0x00000002 | Open pdb read write                               |
+|  PDBCLS |0x00000004 | Close pdb                                         |
+|  PDBDIC |0x00000008 | Drop pdb include datafiles                        |
+|  OCIHDL |0x00000010 | OCI handle allocation (**for future use**)        |
+|  OCICON |0x00000020 | Rdbms connection (**for future use**)             |
+|  FNALAZ |0x00000040 | Finalizer configured                              |
+| **ERROR CODES**                                                         |
+| PDBCRE  |0x00001000 | PDB creation error                                |
+| PDBOPE  |0x00002000 | PDB open error                                    |
+| PDBCLE  |0x00004000 | PDB close error                                   |
+| OCIHDE  |0x00008000 | Allocation Handle Error (**for future use**)      |
+| OCICOE  |0x00010000 | CDB connection Error (**for future use**)         |
+| PDBPLE  |0x00080000 | Plug Error                                        |
+| **OTHER INFO**                                                          |
+| PDBAUT | 0x01000000 | Autodisover                                       |
+
+> In case of error codes the reconciliation loop does  not take any action see 
+[Get rid of error status](#get-rid-of-error-status); human action is required.
+
+##  2. <a name='STEPBYSTEPCONFIGURATION'></a>STEP BY STEP CONFIGURATION
+Complete each of these steps in the order given. 
+
+###  2.1. <a name='Multiplenamespacesetup'></a>Multiple namespace setup
+
+Before proceeding with controllers setup, ensure that the Oracle Database Operator (operator) is configured to work with multiple namespaces, as specified in the [README](../../../README.md).
+In this document, each controller is running in a dedicated namespace: lrest controller is running in **cdbnamespace** , lrpdb controller is running in **pdbnamespace**. The [usecase directory](./usecase/README.md) contains sample files and additional scripts for yaml files customization. 
+
+Configure the **WACTH_NAMESPACE** list of the operator `yaml` file 
+
+```bash 
+sed -i 's/value: ""/value: "oracle-database-operator-system,pdbnamespace,cdbnamespace"/g' oracle-database-operator.yaml
+```
+###  2.2. <a name='Applyrolebinding'></a>Apply rolebinding 
+
+
+Apply the following files : [`pdbnamespace_binding.yaml`](./usecase/pdbnamespace_binding.yaml) [`cdbnamespace_binding.yaml`](./usecase/cdbnamespace_binding.yaml)
+```bash
+kubectl apply -f pdbnamespace_binding.yaml
+kubectl apply -f cdbnamespace_binding.yaml
+```
+
+###  2.3. <a name='Createtheoperator'></a>Create the operator
+Run the following command:
+
+```bash
+kubectl apply -f oracle-database-operator.yaml
+```
+Check the controller:
+```bash
+kubectl get pods -n oracle-database-operator-system
+NAME                                                           READY   STATUS    RESTARTS   AGE
+oracle-database-operator-controller-manager-796c9b87df-6xn7c   1/1     Running   0          22m
+oracle-database-operator-controller-manager-796c9b87df-sckf2   1/1     Running   0          22m
+oracle-database-operator-controller-manager-796c9b87df-t4qns   1/1     Running   0          22m
+```
+
+###  2.4. <a name='ClusterRoleandClusterRoleBindingforNodePortservices'></a>ClusterRole and ClusterRoleBinding for NodePort services
+
+To expose services on each node's IP and port (the NodePort), apply the node-rbac.yaml. Note that this step is not required for LoadBalancer services.
+
+```bash
+  kubectl apply -f rbac/node-rbac.yaml
+```
+
+
+###  2.5. <a name='Containerdatabasesetup'></a>Container database setup
+
+On the container database, use the following commands to configure the account for PDB administration: 
+
+```sql
+alter session set "_oracle_script"=true;
+create user <ADMINUSERNAME> identified by <PASSWORD>;
+grant create session to <ADMINUSERNAME> container=all;
+grant sysdba to <ADMINUSERNAME> container=all;
+```
+
+###  2.6. <a name='Certificateandcredentials'></a>Certificate and credentials
+You must create the public key, private key, certificates and Kubernetes Secrets for the security configuration. 
+
+####  2.6.1. <a name='Privatekey'></a>Private key 🔑
+> Note: Only private key **PCKS8** format is supported by LREST controllers. Before you start configuration, ensure that you can use it. If you are using [`openssl3`](https://docs.openssl.org/master/) then `pcks8` is generated by default. If it is not already generated, then use the following command to create a `pcks8` private key
+
+```bash
+openssl genpkey -algorithm RSA  -pkeyopt rsa_keygen_bits:2048 -pkeyopt rsa_keygen_pubexp:65537 -out private.key
+```
+####  2.6.2. <a name='PublicKey'></a>Public Key 🔑
+Create the public key. 
+
+```bash
+/usr/bin/openssl rsa -in private.key -outform PEM  -pubout -out public.pem
+```
+####  2.6.3. <a name='Certificates'></a>Certificates
+Create certificates. 
+```bash
+openssl req -new -x509 -days 365 -key private.key -subj "/C=CN/ST=GD/L=SZ/O=oracle, Inc./CN=oracle Root CA" -out ca.crt
+```
+```bash
+openssl req -newkey rsa:2048 -nodes -keyout tls.key -subj "/C=CN/ST=GD/L=SZ/O=oracle, Inc./CN=cdb-dev-lrest.cdbnamespace" -out server.csr
+```
+```bash
+/usr/bin/echo "subjectAltName=DNS:cdb-dev-lrest.cdbnamespace,DNS:www.example.com" > extfile.txt
+```
+```bash
+/usr/bin/openssl x509 -req -extfile extfile.txt -days 365 -in server.csr -CA ca.crt -CAkey private.key -CAcreateserial -out tls.crt
+```
+
+###  2.7. <a name='Createsecretsforcertificateandkeys'></a>Create secrets for certificate and keys
+Create the Kubernetes Secrets. 
+
+```bash 
+kubectl create secret tls db-tls --key="tls.key" --cert="tls.crt"  -n oracle-database-operator-system 
+kubectl create secret generic db-ca --from-file="ca.crt" -n oracle-database-operator-system 
+kubectl create secret tls db-tls --key="tls.key" --cert="tls.crt"  -n cdbnamespace 
+kubectl create secret generic db-ca --from-file="ca.crt" -n cdbnamespace 
+kubectl create secret tls db-tls --key="tls.key" --cert="tls.crt"  -n pdbnamespace 
+kubectl create secret generic db-ca --from-file="ca.crt" -n pdbnamespace 
+```
+
+```bash
+kubectl create secret tls prvkey --key="private.key" --cert=ca.crt  -n cdbnamespace 
+kubectl create secret generic pubkey --from-file=publicKey=public.pem -n cdbnamespace 
+kubectl create secret generic prvkey --from-file=privateKey="private.key" -n pdbnamespace
+```
+
+###  2.8. <a name='Createsecretswithencryptedpassword'></a>Create secrets with encrypted password 
+
+In this example, we create the Secrets for each credential (username and password)
+
+| secret usr | secrets pwd | credential description                                    |
+| -----------|-------------|-----------------------------------------------------------|
+| **dbuser** |**dbpass**   | the administrative user created on the container database |
+| **wbuser** |**wbpass**   | the user for https authentication                         |
+| **pdbusr** |**pdbpwd**   | the administrative user of the pdbs                       |
+
+
+```bash
+echo "[ADMINUSERNAME]"           > dbuser.txt 
+echo "[ADMINUSERNAME PASSWORD]"  > dbpass.txt 
+echo "[WEBUSER]"                 > wbuser.txt 
+echo "[WEBUSER PASSWORD]"        > wbpass.txt 
+echo "[PDBUSERNAME]"             > pdbusr.txt 
+echo "[PDBUSERNAME PASSWORD]"    > pdbpwd.txt 
+
+##  3. <a name='Encryptthecredentials'></a>Encrypt the credentials
+openssl pkeyutl -encrypt -pubin -inkey public.pem -in dbuser.txt -pkeyopt rsa_padding_mode:oaep -pkeyopt rsa_oaep_md:sha256 |base64 > e_dbuser.txt 
+openssl pkeyutl -encrypt -pubin -inkey public.pem -in dbpass.txt -pkeyopt rsa_padding_mode:oaep -pkeyopt rsa_oaep_md:sha256 |base64 > e_dbpass.txt 
+openssl pkeyutl -encrypt -pubin -inkey public.pem -in wbuser.txt -pkeyopt rsa_padding_mode:oaep -pkeyopt rsa_oaep_md:sha256 |base64 > e_wbuser.txt 
+openssl pkeyutl -encrypt -pubin -inkey public.pem -in wbpass.txt -pkeyopt rsa_padding_mode:oaep -pkeyopt rsa_oaep_md:sha256 |base64 > e_wbpass.txt 
+openssl pkeyutl -encrypt -pubin -inkey public.pem -in pdbusr.txt -pkeyopt rsa_padding_mode:oaep -pkeyopt rsa_oaep_md:sha256 |base64 > e_pdbusr.txt 
+openssl pkeyutl -encrypt -pubin -inkey public.pem -in pdbpwd.txt -pkeyopt rsa_padding_mode:oaep -pkeyopt rsa_oaep_md:sha256 |base64 > e_pdbpwd.txt 
+
+kubectl create secret generic dbuser --from-file=e_dbuser.txt -n  cdbnamespace 
+kubectl create secret generic dbpass --from-file=e_dbpass.txt -n  cdbnamespace 
+kubectl create secret generic wbuser --from-file=e_wbuser.txt -n  cdbnamespace 
+kubectl create secret generic wbpass --from-file=e_wbpass.txt -n  cdbnamespace 
+kubectl create secret generic wbuser --from-file=e_wbuser.txt -n  pdbnamespace 
+kubectl create secret generic wbpass --from-file=e_wbpass.txt -n  pdbnamespace 
+kubectl create secret generic pdbusr --from-file=e_pdbusr.txt -n  pdbnamespace 
+kubectl create secret generic pdbpwd --from-file=e_pdbpwd.txt -n  pdbnamespace 
+
+rm  dbuser.txt dbpass.txt wbuser.txt wbpass.txt pdbusr.txt pdbpwd.txt \
+    e_dbuser.txt e_dbpass.txt e_wbuser.txt e_wbpass.txt e_pdbusr.txt e_pdbpwd.txt
+```
+
+###  2.9. <a name='Createlrestpod'></a>Create lrest pod
+
+To create the REST pod and monitor its processing, use the `yaml` file [`create_lrest_pod.yaml`](./usecase/create_lrest_pod.yaml) 
+
+Ensure that you update the **lrestImage** with the latest version available on the [Oracle Container Registry (OCR)](https://container-registry.oracle.com/ords/f?p=113:4:104288359787984:::4:P4_REPOSITORY,AI_REPOSITORY,AI_REPOSITORY_NAME,P4_REPOSITORY_NAME,P4_EULA_ID,P4_BUSINESS_AREA_ID:1283,1283,This%20image%20is%20part%20of%20and%20for%20use%20with%20the%20Oracle%20Database%20Operator%20for%20Kubernetes,This%20image%20is%20part%20of%20and%20for%20use%20with%20the%20Oracle%20Database%20Operator%20for%20Kubernetes,1,0&cs=3076h-hg1qX3eJANBcUHBNBCmYWjMvxLkZyTAhDn2e8VR8Gxb_a-I8jZLhf9j6gmnimHwlP_a0OQjX6vjBfSAqQ) 
+
+```bash
+--> for amd64
+lrestImage: container-registry.oracle.com/database/operator:lrest-241210-amd64
+
+--> for arm64
+lrestImage: container-registry.oracle.com/database/operator:lrest-241210-arm64
+```
+
+```bash 
+kubectl apply -f create_lrest_pod.yaml
+```
+
+monitor the file processing:
+
+```bash 
+kubectl get pods -n cdbnamespace --watch
+NAME                     READY   STATUS    RESTARTS   AGE
+cdb-dev-lrest-rs-9gvx2   0/1     Pending   0          0s
+cdb-dev-lrest-rs-9gvx2   0/1     Pending   0          0s
+cdb-dev-lrest-rs-9gvx2   0/1     ContainerCreating   0          0s
+cdb-dev-lrest-rs-9gvx2   1/1     Running             0          2s
+
+kubectl get lrest -n cdbnamespace
+NAME CDB NAME   DB SERVER   DB PORT   TNS STRING  REPLICAS   STATUS   MESSAGE
+cdb-dev   DB12                             (DESCRIPTION=(CONNECT_TIMEOUT=90)(RETRY_COUNT=30)(RETRY_DELAY=10)(TRANSPORT_CONNECT_TIMEOUT=70)(LOAD_BALLANCE=ON)(ADDRESS=(PROTOCOL=TCP)(HOST=scan12.testrac.com)(PORT=1521)(IP=V4_ONLY))(LOAD_BALLANCE=ON)(ADDRESS=(PROTOCOL=TCP)(HOST=scan34.testrac.com)(PORT=1521)(IP=V4_ONLY))(CONNECT_DATA=(SERVER=DEDICATED)(SERVICE_NAME=TESTORDS)))   1          Ready
+```
+
+Check the Pod logs: 
+
+```bash 
+/usr/local/go/bin/kubectl logs -f `/usr/local/go/bin/kubectl get pods -n cdbnamespace|grep lrest|cut -d ' ' -f 1` -n cdbnamespace
+```
+
+Output example:
+
+```text
+...
+...
+2024/09/05 12:44:09 wallet file /opt/oracle/lrest/walletfile exists completed
+2024/09/05 12:44:09 call: C.ReadWallet
+LENCHECK: 7 11 7 8
+2024/09/05 12:44:09 ===== DUMP INFO ====
+00000000  28 44 45 53 43 52 49 50  54 49 4f 4e 3d 28 43 4f  |(DESCRIPTION=(CO|
+00000010  4e 4e 45 43 54 5f 54 49  4d 45 4f 55 54 3d 39 30  |NNECT_TIMEOUT=90|
+00000020  29 28 52 45 54 52 59 5f  43 4f 55 4e 54 3d 33 30  |)(RETRY_COUNT=30|
+00000030  29 28 52 45 54 52 59 5f  44 45 4c 41 59 3d 31 30  |)(RETRY_DELAY=10|
+00000040  29 28 54 52 41 4e 53 50  4f 52 54 5f 43 4f 4e 4e  |)(TRANSPORT_CONN|
+00000050  45 43 54 5f 54 49 4d 45  4f 55 54 3d 37 30 29 28  |ECT_TIMEOUT=70)(|
+00000060  4c 4f 41 44 5f 42 41 4c  4c 41 4e 43 45 3d 4f 4e  |LOAD_BALLANCE=ON|
+00000070  29 28 41 44 44 52 45 53  53 3d 28 50 52 4f 54 4f  |)(ADDRESS=(PROTO|
+00000080  43 4f 4c 3d 54 43 50 29  28 48 4f 53 54 3d 73 63  |COL=TCP)(HOST=sc|
+00000090  61 6e 31 32 2e 74 65 73  74 72 61 63 2e 63 6f 6d  |an12.testrac.com|
+000000a0  29 28 50 4f 52 54 3d 31  35 32 31 29 28 49 50 3d  |)(PORT=1521)(IP=|
+000000b0  56 34 5f 4f 4e 4c 59 29  29 28 4c 4f 41 44 5f 42  |V4_ONLY))(LOAD_B|
+000000c0  41 4c 4c 41 4e 43 45 3d  4f 4e 29 28 41 44 44 52  |ALLANCE=ON)(ADDR|
+000000d0  45 53 53 3d 28 50 52 4f  54 4f 43 4f 4c 3d 54 43  |ESS=(PROTOCOL=TC|
+000000e0  50 29 28 48 4f 53 54 3d  73 63 61 6e 33 34 2e 74  |P)(HOST=scan34.t|
+000000f0  65 73 74 72 61 63 2e 63  6f 6d 29 28 50 4f 52 54  |estrac.com)(PORT|
+00000100  3d 31 35 32 31 29 28 49  50 3d 56 34 5f 4f 4e 4c  |=1521)(IP=V4_ONL|
+00000110  59 29 29 28 43 4f 4e 4e  45 43 54 5f 44 41 54 41  |Y))(CONNECT_DATA|
+00000120  3d 28 53 45 52 56 45 52  3d 44 45 44 49 43 41 54  |=(SERVER=DEDICAT|
+00000130  45 44 29 28 53 45 52 56  49 43 45 5f 4e 41 4d 45  |ED)(SERVICE_NAME|
+00000140  3d 54 45 53 54 4f 52 44  53 29 29 29              |=TESTORDS)))|
+00000000  2f 6f 70 74 2f 6f 72 61  63 6c 65 2f 6c 72 65 73  |/opt/oracle/lres|
+00000010  74 2f 77 61 6c 6c 65 74  66 69 6c 65              |t/walletfile|
+2024/09/05 12:44:09 Get credential from wallet
+7
+8
+2024/09/05 12:44:09 dbuser: restdba webuser :welcome
+2024/09/05 12:44:09 Connections Handle
+2024/09/05 12:44:09 Working Session Aarry dbhanlde=0x1944120
+2024/09/05 12:44:09 Monitor Session Array dbhanlde=0x1a4af70
+2024/09/05 12:44:09 Open cursors
+Parsing sqltext=select inst_id,con_id,open_mode,nvl(restricted,'NONE'),total_size from gv$pdbs where inst_id = SYS_CONTEXT('USERENV','INSTANCE') and name =upper(:b1)
+Parsing sqltext=select count(*) from pdb_plug_in_violations where name =:b1
+2024/09/05 12:44:11 Protocol=https
+2024/09/05 12:44:11 starting HTTPS/SSL server
+2024/09/05 12:44:11 ==== TLS CONFIGURATION ===
+2024/09/05 12:44:11 srv=0xc000106000
+2024/09/05 12:44:11 cfg=0xc0000a2058
+2024/09/05 12:44:11 mux=0xc0000a2050
+2024/09/05 12:44:11 tls.minversion=771
+2024/09/05 12:44:11 CipherSuites=[49200 49172 157 53]
+2024/09/05 12:44:11 cer=/opt/oracle/lrest/certificates/tls.crt
+2024/09/05 12:44:11 key=/opt/oracle/lrest/certificates/tls.key
+2024/09/05 12:44:11 ==========================
+2024/09/05 12:44:11 HTTPS: Listening port=8888
+2024/09/05 12:44:23 call BasicAuth Succeded
+2024/09/05 12:44:23 HTTP: [1:0] Invalid credential <-- This message can be ignored
+
+```
+
+**lrest Pod creation** - parameters list
+|  Name                   | Dcription                                                                     |
+--------------------------|-------------------------------------------------------------------------------|
+|cdbName                  | Name of the container database (db)                                           |
+|lrestImage (DO NOT EDIT) | **container-registry.oracle.com/database/lrest-dboper:latest** use the latest label availble on OCR |
+|dbTnsurl                 | The string of the tns alias to connect to cdb. Attention: remove all white space from string  |
+|deletePdbCascade         | Delete all of the PDBs associated to a CDB resource when the CDB resource is dropped   |
+|autodiscover             | boolean parameter: enable the capability of automatic CRD/LRPDB creation if a PDB is manually created via CLI |
+|namespaceAutoDiscover    | Namespace name used by autodiscery                  |
+|cdbAdminUser             | Secret: the administrative (admin) user             |
+|cdbAdminPwd              | Secret: the admin user password                     |
+|webServerUser            | Secret: the HTTPS user                              |
+|webServerPwd             | Secret: the HTTPS user password                     |
+|cdbTlsCrt                | Secret: the `tls.crt `                              |
+|cdbPubKey                | Secret: the public key                              |
+|cdbPrvKey                | Secret: the private key                             |
+|loadBalancer             | Expose lrest pod ip                                 |
+|clusterip                | Assigne a cluster ip                                |
+|trace_level_client       | Turn on the sqlnet **trace_level_client**           |
+
+###  2.10. <a name='Openshiftconfiguration'></a>Openshift configuration 
+
+For the open shift installation you need to do the following
+- Before lrest pod creation; create a security context by appling the yaml file [security_context.yaml](./usecase/security_context.yaml): mind to specify the correnct **namespace** and the **service name account**.
+
+```yaml 
+[...]
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+  name: lrest-sa
+  namespace: cdbnamespace
+[...]
+```
+
+- Specify  `serviceAccountName` parameter  in the lrest server yaml file 
+
+```yaml
+[...]
+   serviceAccountName: lrest-sa
+[...]
+```
+
+
+###  2.11. <a name='CreatePDB'></a>Create PDB  
+
+To create a pluggable database, apply the yaml file [`create_pdb1_resource.yaml`](./usecase/create_pdb1_resource.yaml)  
+
+```bash
+kubectl apply -f create_pdb1_resource.yaml
+```
+Check the status of the resource and the PDB existence on the container db: 
+
+```bash 
+kubectl get lrpdb -n pdbnamespace
+NAME CONNECT_STRING CDB NAME   LRPDB NAME   LRPDB STATE   LRPDB SIZE   STATUS   MESSAGE   LAST SQLCODE
+lrpdb1   (DESCRIPTION=(CONNECT_TIMEOUT=90)(RETRY_COUNT=30)(RETRY_DELAY=10)(TRANSPORT_CONNECT_TIMEOUT=70)(LOAD_BALLANCE=ON)(ADDRESS=(PROTOCOL=TCP)(HOST=scan12.testrac.com)(PORT=1521)(IP=V4_ONLY))(LOAD_BALLANCE=ON)(ADDRESS=(PROTOCOL=TCP)(HOST=scan34.testrac.com)(PORT=1521)(IP=V4_ONLY))(CONNECT_DATA=(SERVER=DEDICATED)(SERVICE_NAME=pdbdev))) DB12  pdbdev  MOUNTED  2G  Ready  Success 
+```
+
+```bash 
+SQL> show pdbs
+
+    CON_ID CON_NAME                       OPEN MODE  RESTRICTED
+---------- ------------------------------ ---------- ----------
+         2 PDB$SEED                       READ ONLY  NO
+         3 PDBDEV                         MOUNTED
+SQL> 
+```
+
+> Note that after creation, the PDB is not open. You must explicitly open it using a dedicated `yaml` file.
+
+**pdb creation** - parameters list
+
+|  Name                   | Dcription                                                                     |
+|-------------------------|-------------------------------------------------------------------------------|
+|cdbResName               | REST server resource name                                                     |
+|cdbNamespace             | Namespace of the REST server                                                  |
+|cdbName                  | Name of the container database                                                |
+|pdbName                  | Name of the PDB that you want to create                                       |
+|assertiveLrpdbDeletion   | Boolean:  true - CRD and PDB are deleted both ; false - olny CRD is deleted             |
+|adminpdbUser             | Secret: PDB admin user                                                        |
+|adminpdbPass             | Secret: password of PDB admin user                                            |
+|lrpdbTlsKey              | Secret: `tls.key  `                                                           |
+|lrpdbTlsCrt              | Secret: `tls.crt`                                                             |
+|lrpdbTlsCat              | Secret: `ca.crt`                                                              |
+|webServerUser            | Secret: the HTTPS user                                                        |
+|webServerPwd             | Secret: the HTTPS user password                                               |
+|cdbPrvKey                | Secret: private key                                                           |
+|cdbPubKey                | Secret: public key                                                            |
+|pdbconfigmap             | kubernetes config map that contains the PDB initialization (init) parameters  |
+
+> NOTE: **assertiveLrpdbDeletion** needs to be explicitly set for PDB  **CLONE** **CREATE** **PLUG** .  
+
+🔥 **assertiveLrpdbDeletion** drops pluggable database using **INCLUDE DATAFILES** option
+
+The following parameters **adminpdbUser** **adminpdbPass** **lrpdbTlsKey** **lrpdbTlsCrt** **lrpdbTlsCat** **webServerUser** **webServerPwd** **cdbPrvKey** **cdbPubKey** must be specified in all PDB lifecycle management `yaml` files. For the sake of presentation they will be omitted in the subsequent tables.
+
+
+####  2.11.1. <a name='pdbconfigmap'></a>pdb config map 
+
+**pdbconfigmap** parameters specifies a kubernetes `configmap` with init PDB parameters. The config map payload has the following format:
+
+
+```
+<parameter name1>;<parameter value1>;<scope:system|spfile|both>
+<parameter name2>;<parameter value2>;<scope:system|spfile|both>
+<parameter name3>;<parameter value3>;<scope:system|spfile|both>
+....
+....
+<parameter nameN>;<parameter valueN>;<scope:system|spfile|both>
+```
+
+Example of `configmap` creation:
+
+```bash
+cat <<EOF > parameters.txt
+session_cached_cursors;100;spfile      
+open_cursors;100;spfile                 
+db_file_multiblock_read_count;16;spfile  
+EOF
+
+kubectl create  configmap config-map-pdb -n pdbnamespace --from-file=./parameters.txt
+
+kubectl describe configmap config-map-pdb -n pdbnamespace
+Name:         config-map-pdb
+Namespace:    pdbnamespace
+Labels:       <none>
+Annotations:  <none>
+
+Data
+====
+parameters.txt:
+----
+session_cached_cursors;100;spfile
+open_cursors;100;spfile
+db_file_multiblock_read_count;16;spfile
+test_invalid_parameter;16;spfile
+```
+
+- If specified, the `configmap` is applied during PDB **cloning**, **opening** and **plugging**
+- The `configmap` is not monitored by the reconciliation loop; this feature will be available in future releases. This means that if someone decides to manually alter an init parameter, then the operator does not take any actions to syncronize PDB configuration with the `configmap`.
+- **Alter system parameter feature** will be available in future releases. 
+- A `configmap` misconfiguration (typo, invalid parameter, invalid value) does not stop the operation. A warning with the associated SQL code is written in the log file.
+
+- **PDB configmap bitmap** status is not reported by the *kubectl get lrpdb* command; You can describe the resource to verify the bitmap status (*kubectl describe lrpdb ....*).
+
+| Name    | Value     | Description                                       |
+|---------|-----------|---------------------------------------------------|
+| MPAPPL  | 0x00000001|The map config has been applyed                    |
+| MPSYNC  | 0x00000002|The map config is in sync with v$parameters where is default=flase (**not yet available**)|
+| MPEMPT  | 0x00000004| The map is empty - not specify                    |
+| MPWARN  | 0x00000008| Map applied with warnings                         |
+| MPINIT  | 0x00000010| Config map init
+
+
+
+###  2.12. <a name='OpenPDB'></a>Open PDB
+
+To open the PDB, use the file [`open_pdb1_resource.yaml`](./usecase/open_pdb1_resource.yaml):
+
+```bash
+kubectl apply -f open_pdb1_resource.yaml
+```
+ 
+ **pdb opening** - parameters list
+ 
+|  Name                   | Description/Value                                                      |
+|-------------------------|------------------------------------------------------------------------|
+|cdbResName               | REST server resource name                                              |
+|cdbNamespace             | Namespace of the REST server                                           |
+|cdbName                  | Name of the container database (CDB)                                   |
+|pdbName                  | Name of the pluggable database (PDB) that you are creating             |
+|pdbState                 | Use `OPEN`  to open the PDB                                          |
+|modifyOption             | Use **READ WRITE** to open the PDB                                     |
+|modifyOprion2            | Default is NONE, set to **RESTRICT** to open the pdb in restrited mode | 
+
+**Imperative command:**
+
+```bash
+kubectl patch lrpdb [lrpdb_resource_name] -n [ppdb_namespace] -p \
+                '{"spec":{"pdbState":"OPEN","modifyOption":"READ WRITE","modifyOption2":"NONE"}}' --type=merge
+```
+
+###  2.13. <a name='ClosePDB'></a>Close PDB
+
+To close the PDB, use the file [`close_pdb1_resource.yaml`](./usecase/close_pdb1_resource.yaml): 
+
+```bash
+kubectl apply -f close_pdb1_resource.yaml
+```
+**pdb closing** - parameters list 
+|  Name                   | Description/Value                                                             |
+|-------------------------|-------------------------------------------------------------------------------|
+|cdbResName               | REST server resource name                                                     |
+|cdbNamespace             | Namespace of the REST server                                                  |
+|cdbName                  | Name of the container database (CDB)                                          |
+|pdbName                  | Name of the pluggable database (PDB) that you want to create                  |
+|pdbState                 | Use `CLOSE`  to close the PDB                                               |
+|modifyOption             | Use **IMMEDIATE** to close the PDB                                            |
+
+
+**Imperative command:**
+
+```bash
+kubectl patch lrpdb [lrpdb_resource_name] -n [ppdb_namespace] -p \
+           '{"spec":{"pdbState":"CLOSE","modifyOption":"IMMEDIATE"}}' --type=merge
+```
+
+###  2.14. <a name='ClonePDB'></a>Clone PDB ### 
+
+To clone the PDB, use the file [`clone_pdb1_resource.yaml`](./usecase/clone_pdb1_resource.yaml): 
+
+```bash
+kubeclt apply -f clone_pdb1_resource.yaml
+```
+**pdb cloning** - parameters list 
+|  Name                   | Description/Value                                                             |
+|-------------------------|-------------------------------------------------------------------------------|
+|cdbResName               | REST server resource name                                                     |
+|cdbNamespace             | Namespace of the REST server                                                  |
+|cdbName                  | Name of the container database (CDB)                                          |
+|pdbName                  | The name of the new pluggable database (PDB)                                  |
+|`srcPdbName`               | The name of the source PDB                                                  |
+|fileNameConversions      | File name convert pattern  **("path1","path2")** or **NONE**                  | 
+|totalSize                | Set **unlimited** for cloning                                                 |
+|tempSize                 | Set **unlimited** for cloning                                                 |
+|pdbconfigmap             | kubernetes **configmap** which contains the PDB init parameters                 |
+
+
+###  2.15. <a name='UnplugPDB'></a>Unplug PDB
+
+To unplug the PDB, use the file [`unplug_pdb1_resource.yaml`](./usecase/unplug_pdb1_resource.yaml):
+
+**pdb unplugging** 
+|  Name                   | Description/Value                                                             |
+|-------------------------|-------------------------------------------------------------------------------|
+|cdbResName               | REST server resource name                                                     |
+|cdbNamespace             | Namespace of the REST server                                                  |
+|cdbName                  | Name of the container database (CDB)                                          |
+|pdbName                  | Name of the pluggable database (PDB)                                          |
+|xmlFileName              | Unplug xmlfile path                                                            |
+|pdbState                 | `UNPLUG` 
+
+###  2.16. <a name='PlugPDB'></a>Plug PDB 
+
+To plug in the PDB, use the file [`plug_pdb1_resource.yaml`](./usecase/plug_pdb1_resource.yaml). In this example, we plug in the PDB that was unpluged in the previous step:
+
+**pdb plugging** 
+|  Name                   | Description/Value                                                             |
+|-------------------------|-------------------------------------------------------------------------------|
+|cdbResName               | REST server resource name                                                     |
+|cdbNamespace             | Namespace of the REST  server                                                 |
+|cdbName                  | Name of the container database (CDB)|                                         |
+|pdbName                  | Name of the pluggable database (PDB)                                          |
+|**xmlFileName**          | XML file path                                                                 |
+|fileNameConversions      | File name convert pattern  **("path1","path2")** or **NONE**                  | 
+|sourceFileNameConversion | See parameter [SOURCE_FILE_NAME_CONVERT](https://docs.oracle.com/en/database/oracle/oracle-database/23/sqlrf/CREATE-PLUGGABLE-DATABASE.html#GUID-F2DBA8DD-EEA8-4BB7-A07F-78DC04DB1FFC__CCHEJFID) documentation         |
+|pdbconfigmap             | Kubernetes  `configmap` that contains the PDB init parameters                 |
+|pdbState                 | `PLUG` 
+
+###  2.17. <a name='DeletePDB'></a>Delete PDB
+
+To delete the PDB, use the file [`delete_pdb1_resource.yaml`](./usecase/delete_pdb1_resource.yaml)
+
+**pdb deletion** 
+
+|  Name                   | Dcription/Value                                                               |
+|-------------------------|-------------------------------------------------------------------------------|
+|cdbResName               | REST server resource name                                                     |
+|cdbNamespace             | Namespace of the REST server                                                  |
+|cdbName                  | Name of the container database (CDB)                                          |
+|pdbState                 | `DELETE`                                                                      |
+|dropAction               | **INCLUDING** - Including datafiles or **NONE**                               |
+|imperativeLrpdbDeletion  | boolean:  if true pdb and k8s resource will be deleted if false only resource is deleted|
+
+
+In order to delete crd and pdbs using yaml file the **imperativeLrpdbDeletion: true** must be specified in the yaml. **If the parameter is not specified  PDB will not be deleted; regardless the setting during creation**.  Imperative command (kubectl delete lrpdb <resname>) acts according to imperativeLrdbDeletion setting. You can check the imperativeLrpdbDeletion setting using 
+
+**Imperative command**
+
+```bash
+kubectl delete lrpdb <pdbname> -n <namespace>
+```
+
+**Check imperativelrpdbdeletion setting**
+```bash
+/usr/bin/kubectl get lrpdb -n pdbnamespace \
+        -o jsonpath='{range .items[*]}{.metadata.name}{" "}{.spec.pdbName}{" "}{.status.openMode}{" "}{.spec.imperativeLrpdbDeletion}{" "}{"\t\t"}{"\n"}{end}'| sed 's/READ WRITE/READ_WRITE/g' |awk ' BEGIN { printf( "%-20s %-10s %-10s %10s\n","CRD","PDB NAME","OPEN MODE","IMPERATIVELRPDBDELETION"); \
+         printf( "%-20s %-10s %-10s %-23s\n","--------------------","----------","----------","-----------------------");\
+         } { printf("%-20s %-10s %-10s %-23s\n",$1,$2,$3,$4) }'
+
+CRD                  PDB NAME   OPEN MODE  IMPERATIVELRPDBDELETION
+-------------------- ---------- ---------- -----------------------
+pdb1                 pdbdev     READ_WRITE true                  
+pdb2                 pdbprd     MOUNTED    true	 
+```
+
+##  3. <a name='SQLPLSQLSCRIPTEXECUTION'></a>SQL/PLSQL SCRIPT EXECUTION
+
+
+Plsql and sql script can be stored in a kubernetes configmap, each block can be tagged with a label as describe in the example. 
+
+```yaml 
+
+##  4. <a name='PLSQLSQLBlockconfigschema'></a>PLSQL / SQL Block config schema
+
+apiVersion 
+kind CofigMap
+  name: <config_map_name>
+  namespace: <namespace>
+data:
+<tag#1>:|
+    <code block #1> 
+<tag#2>:|
+    <code block #2>
+[...]
+<tag#N> 
+    <code block #N>
+```
+
+![plsqlblock](./images/plsqlmap.jpg)
+
+The sql and plsqlcode must be indented using tab (makefile stile). The code blocks will be executed following the alphabetic tag order. 
+
+###  3.1. <a name='Applyplsqlconfigmap'></a>Apply plsql configmap 
+
+```bash
+kubectl patch lrpdb pdb1 -n pdbnamespace -p '{"spec":{"codeconfigmap":"<config_map_name>"}}' --type=merge
+```
+
+The **kubectl get** commands shows only the return code of the last plsql code executed.  Describe the resource if you need to verify the overall status of the whole config map execution; see the events history in the example 
+
+```bash
+/usr/bin/kubectl patch lrpdb pdb1 -n pdbnamespace -p \
+       '{"spec":{"codeconfigmap":"sql-map-example1"}}' --type=merge
+lrpdb.database.oracle.com/pdb1 patched
+
+
+/usr/bin/kubectl get events --sort-by='.lastTimestamp' -n pdbnamespace
+LAST SEEN   TYPE      REASON            OBJECT       MESSAGE
+66s         Normal    Created           lrpdb/pdb1   LRPDB 'pdbdev' created successfully
+66s         Normal    Created           lrpdb/pdb1   PDB 'pdbdev' imperative pdb deletion turned on
+57s         Normal    Modify            lrpdb/pdb1   Info:'pdbdev OPEN '
+50s         Normal    Modified          lrpdb/pdb1   'pdbdev' modified successfully 'OPEN'
+38s         Warning   lrpdbinfo         lrpdb/pdb1   pdb=pdbdev:test_invalid_parameter:16:spfile:2065
+11s         Normal    APPLYSQL-143002   lrpdb/pdb1   CODE:SQLCODE '[plblock1.sql]':'0'
+8s          Normal    APPLYSQL-143005   lrpdb/pdb1   CODE:SQLCODE '[plblock2.sql]':'0'
+5s          Normal    APPLYSQL-143008   lrpdb/pdb1   CODE:SQLCODE '[plblock3.sql]':'0'
+2s          Normal    APPLYSQL-143011   lrpdb/pdb1   CODE:SQLCODE '[plblock4.sql]':'0'
+```
+The message format for the **APPLYSQL** is `CODE:SQLCODE '[<tagname>]':'<PLSQL RETURN CODE>'`
+
+###  3.2. <a name='Limitation'></a>Limitation 
+
+- All the objects in the plsql confgmap must be rapresented in the form `<onwer>.<object_name>`. Due to this constraint it's not possible to rename table 
+
+```bash
++----------------------------------------------------------------------+
+| plblock1.sql: |                                                      |
+|       rename plsqltestuser.k8splsqltab to plsqltestuser.tablerename  |--------------+
++----------------------------------------------------------------------+              |
+                                                                                      |
+                                                                                      +
+3m55s       Warning   APPLYSQL-100536   lrpdb/pdb1   CODE:SQLCODE '[plblock1.sql]':'1765'
+
+```
+
+- The nummber of code lines is limited by the configmap capability. To workaround this limitation you can use more configmaps. 
+
+##  4. <a name='TROUBLESHOOTING'></a>TROUBLESHOOTING 
+
+###  4.1. <a name='Getridoferrorstatus'></a>Get rid of error status
+
+If for some reason you get an operation failure it's possible to manually fix the problem and then rest the bitmask status to re-execute the operation. Consider the following example: the unplug command does not complete successfully because xmlfile already exists ; **ORA-65170** and **PDBUPE** flag is on. You can remove the file and then rest the bitmask status in order to retry the operation. 
+
+```text 
+RESOURCE STATUS:
+~~~~~~~~~~~~~~~~
+kubectl get lrpdb -n pdbnamespace 
+NAME   CDB NAME   PDB NAME   PDB STATE   PDB SIZE   MESSAGE             RESTRICTED   LAST SQLCODE   LAST PLSQL   BITMASK STATUS                          CONNECT_STRING 
+pdb1   DB12       pdbdev     MOUNTED     0.80G      close:[ORA-65170]   NONE         65170                       [262213]|PDBCRT|PDBCLS|FNALAZ|PDBUPE|   (DESCRIPTION=(CONNECT_TIMEOUT....
+
+FIX THE PROBLEM:                                                                                                                   
+~~~~~~~~~~~~~~~~                                                                                                                                           
+RM THE XMLFILE  
+
+UPDATE THE BITMASK STATUS: 
+~~~~~~~~~~~~~~~~~~~~~~~~~
+Calculate the bitmask status without the PDBUPE flag  and patch the resource 
+[262213]|PDBCRT|PDBCLS|FNALAZ|PDBUPE| -> [69]|PDBCRT|PDBCLS|FNALAZ| = 0x00000001 | 0x00000004 | 0x00000040
+                             +------+
+kubectl patch lrpdb pdb1 -n pdbnamespace -p \ 
+               '{"spec":{"pdbState":"RESET","reststate":69}}' --type=merge
+
+kubectl get lrpdb -n pdbnamespace  
+NAME   CDB NAME   PDB NAME   PDB STATE   PDB SIZE   MESSAGE              RESTRICTED   LAST SQLCODE   LAST PLSQL   BITMASK STATUS               CONNECT_STRING 
+pdb1   DB12       pdbdev     MOUNTED     0.80G      close:[ORA-65170]    NONE         65170                       [69]|PDBCRT|PDBCLS|FNALAZ|   (DESCRIPTION=(CONNECT_TIMEOUT....
+                                                                                                                  ^^^^^^^^^^^^^^^^^^^^^^^^^^
+                                                                                                                  [READY TO BE UNPLUGGED]
+```
+##  5. <a name='UPGRADEEXISTINGINSTALLATION'></a>UPGRADE EXISTING INSTALLATION 
+
+In order to migrante an existing installation to the new version of controller you can laverage on the autodiscover installation. Patch all your lrpdb resources by setting **assertiveLrpdbDeletion** false. After that you can delete lrest resource and all lrpdbs. Upgrade the operator and create lrest server with **autodiscover** and **namespaceAutoDiscover** configured. 
+
+- For each CRD/LRPDB turn off **assertiveLrpdbDeletion** 
+
+```bash
+kubectl patch lrpdb <resourcename> -n <namespace> -p '{"spec":{"imperativeLrpdbDeletion":false}}' --type=merge
+
+kubectl wait --for jsonpath='{.spec.imperativeLrpdbDeletion'}=false lrpdb <resourcename> -n <namespace>  --timeout=3m
+
+```
+
+- Delete **LRPDB** resource 
+
+```bash 
+kubectl delete lrpdb <resourcename> -n <namespace>  
+```
+
+- Delete **LREST** resource
+```bash
+kubectl delete rest <ressourcename> -n <namespace>
+```
+- Upgrade the operator
+
+```bash 
+kubectl replace -f oracle-database-database.yaml 
+```
+
+- (**A**) deploy **LREST** controller 
+
+```
+kubectl apply -f create_lrest_pod.yaml
+```
+- Turn on the **autodiscover**
+
+```bash
+kubectl patch lrest <lrestresname> -n <lrestnamespace> -p '{"spec":{"autodiscover":true}}' --type=merge
+kubectl patch lrest <lrestresname> -n <lrestnamespace> -p '{"spec":{"namespaceAutoDiscover":"<namespace>}}' --type=merge
+```
+Check the lrpdb resource existence 
+
+- Turn off the **autodiscover**
+
+```bash
+kubectl patch lrest cdb-dev -n <lrestresname> -p '{"spec":{"autodiscover":false}}' --type=merge
+```
+
+## DEPLOY MULTITENANT CONTROLLERS ON CDB WITH EXISTINGS PDBS
+
+- To deploy multitenant controllers on a container database with existing pdbs start the previous procedure at point (**A**)
+
+##  6. <a name='KNOWNISSUES'></a>KNOWN ISSUES 
+
+- Error message `ORA-01005` is not reported in the lrest database login phase if password is mistakenly null. Trace log shows the message ORA-1012.
+
+- 
+</span>
diff --git a/docs/multitenant/lrest-based/images/Generalschema2.jpg b/docs/multitenant/images/Generalschema2.jpg
similarity index 100%
rename from docs/multitenant/lrest-based/images/Generalschema2.jpg
rename to docs/multitenant/images/Generalschema2.jpg
diff --git a/docs/multitenant/images/KubectlGetSchema.jpg b/docs/multitenant/images/KubectlGetSchema.jpg
new file mode 100644
index 0000000000000000000000000000000000000000..93b107cc4c92bbbddb5071d3c92582c0ca7ffb57
GIT binary patch
literal 206768
zcmeFZ1yoz#)-Rft8Z8yHMO!3zpg?eI@dPWu2~tRq;8LJ?4fh1sV!_>|&=!Z_?k(;V
zC{_yG^qlv-_T2aXe`DPH-o5XQ@12#Aow@g#YpuEG{!Q5{d+m$yi!XqCP&tSk;L;@k
z;1d1=xR}2*4w05NdInRKgDA=Vv!VllFIOG|05-NS9AWZOk92hP9$o+P&lbPxj1f-u
zzkdIw;QKus{na}FFa-J=p8xDHA=1<dfoJ%J|1vq^2geIbhNsEQ|4Fm{qD}rui~XWq
zU)aCE^E~@SJ8HnB@iY=ovzq@woBTl|>>Ypchv0d{Y^<GsjrFVil9<TUR#P4SdjtQa
z0XP9*0C|Aauk*+6<BMH703dV#01!m{K4uaR095+|01qaAA7gqC0Ni~C095t;KK5HD
z_QsCJ|LE=tetX%>3;@{61^{mB0sy4_0KiT7KkD$Czme?`zKRAfmmU6N4zLE80v-V%
z09yb8z=fxH0gnMZ0D+4sfHZ*M@~`r1OMov|u3h<6Zd|)|^%~)gn>Pt>5E9-bx=VEP
z)}32~gtv)r-?@A59`U`KL?omn_ek;dy<eSN`qh%)$_;$Od$$O0;g9|gmWz)7;v1LW
z+~6d*!~nQVe2IYg(nSk^7O!rCOaCbUak^KpUB7XK;PNFxe6`s<0N~msf=gGfT)TPu
z#*Hh0yMRlV39jH-h)GCqklm+e(2f}<r(opKh<d;)_*7F%$0d4*i3O~t?&ypzEw30H
zVdWE$GB(euB!rnbxW0~z6{`C58OWTL&M%KC8<3X4W9$Wf92&eS{8NnokmA=kSFhkj
z!Pm+Y<E`ZKrE50{?p`7I2OoZynBWQtIX%z7RkEjQFpbExp>L$dXa-&|zq*Noqtk0l
zY1!aczKrruQqsGOGH=qaF<ndohzKs>Po01mAPLwC<s9tcD<2YrwY963PVi<9es*3-
zE-+Peury`PVv|e8;eO)!a5z0rx<MbUxb{`7WF23DB4-D?sRb8@kz|&(PZ&-!n3jp7
z$oh$~jk}y&<}NJCJ22+-WSgO0!%D&@TkCilB<OV|LBObIpUD*|md%r+QZ^iO3$6NQ
zn(daJMylc=dzE<g!@F-Wtqw{uay4Fkx4yL*_{T1^AjXKvN9cYOxgAs%U$00V!SeiI
z3*YvCJE^)p^x%xF{YXwepDHi~;kMX$sCzbg-;V+0^!+{$&nSo$$Oh%Ze9LbcoDEAp
z&f;KU6o9}qhxw+1RAkLEQ!Nf1t{v=yZD0Rj*+Ud6dl6SfV?Au5r0h3BXLp8lvwO_8
zTjWRPa7Mwh#rb{HD{DpfPTbFOX9xdK1KnMeWWEyOyZXZ!3b@r3jS*a>bEQy#!*oO@
z%ZeI3a|Xi&z%F8iO6gR$G^GzMs=Vm7>FFo-K_WU%JoJNBv)Y$#4VmsBoP0c#Rse=k
zw{;#}k6z5or9+7fye8iaQ2N$)L;mdGRMXBz;`dN@f9oOa<#5tm1x2Dv*~hf?re-(t
zWnoPlb!V>hn-aHEmT*G6REjngF=LddxVKM*qH9ua&9qWRVlk4Hw$-yby|~icJ7fKM
zT7p*Bd?%O5A8icKecwuF9iFHic3U^U7j0MfGUIj3`ckDZ#S3%U!j+Nb!OU;VMx?0r
z;>moE;=fh|&D4EE{tWiP%?}SorCRj6xrTM(wgLP755S{Zy@julgGtr{<$gGp%!Z;g
z)*cA2Bm)Cm#uhMMxw^lhHW1X(=BVV|X6B%uvy~8s4s?z_-RI@6p27C2aU+<%53c2e
z2U2PW_JQ4kvz3=F0Nh5ET8Fz|4lzF}+9YLp&icQ3K+g0K57Xn$S64U@&no*Qi;GM1
zM>_dQ^S>80aj9QdGu-6hU|~{%o(`~u<-uWys^mE5<OW<ryUN<3hVCdqsM*rJ`50-{
zJ7e$7Yb(c0?|hrv+3K_V>C40WvU%!W!b_`n>=WVmaliZgMxpelEtUgRh<6a;G$YpZ
zFmSZvWHX6ekotU*hhlo67=caF)V;};T+Fz(X^UC6{^7ruL^mB>OB}sZe&~TQ*Orxh
zG~)Fv*(5P|d>!k0(^5hJn}LgJ21TPSVR8_gsy@dAOF`0>9{IXE2S~Sy6(#x9TH<Cm
z&z=wB-orcA=YNTg5NQ?uyShlSJbnMil^`Wo@{*XBhRR{3*GRUhp(2*~N!>PS#}>|V
zzK-rv$Dm3!<#@Vt95oy{uR$3joue0w(Sfw?+W8lh;)<!vu)U0hBt0W-aH5LgfNnKl
zMFQbjjEsT$Qj5%D)daDG_ZuNQ?tfUw_|M;t;tva<+3~lctLIk92akz$WPBQt=Zkw#
z_@P;I)4L^DfcvvT#L%^rz+9e_wx_wwDH(E>(2$T&uY%g^FIsY}oZCer$#H{Se)FT*
zsv%`$RU=SrIpyk|(fZEM{AF1pIGIONFjeGc7U8`6mc@Q|DU}`f)Y`^jwufo&iv`uv
z^&k0qoD6=AR>HKDf(-l~%5`B{Y8{6#m>fJZo^I|X&Tsv(+npl0=mj)Qr=!)rD+5+n
z2N}&)Q2HWlCNyxhGx&a1`<6o84L&H$yrVC2hoJQ1a4Q{}apZjXYe+UVdxt$ody!?*
zrm_<sU-{jn2bnaagk4TEPZQDe;L$Rw55}3|ytnK?tjD~>yFk{E!)e^%Nj2ZuZe>V2
z=><TUpLE|h{6wGLmMS2LioxAzUE>Rpr+!LOHtDrotQU<{U|j0D@m}-FUjx1R)yZa;
zTS_7K=ZC-S;ouK2ru}X)a58GWE*FQQu*&)NHC;ah@vx-Y)L-z+Mu<E-5L&fAZwVpZ
zI;y5Q%5{${NDx+yTsTUoSt_XhhUK+5+R@T3sS9K+38&J7Lv@)oKBYr7=5%ktUUH+y
zjw+iwGf0tAmG)yd)T`;5EDN{&{xHLr;+f}#JmCXMJ};a=ht<nG8ROdXR2yE=Caj&M
zb*m?>K%iIB(H$d?oo@&%6APmv9Ad`asVoP>%-&|H&D7=V(dh-RzXf#cCLMu0)@M4F
zJ3IQgS|{^MB9*B~!@6uZU2g<G1y5Od-Bgsx%B6A3WhsRR{>bQUM4}p+mNpJoJY4=-
z9C-^{U5A7(`*vKL81Y3@H)SX8tQ$}jCdG*X1XB$$Qzs|ypquCVLR|<B*GIEOoFC6c
zn@?Ig{v$1J;of-5Bjwyc=@9t}Gn<z9Jp}J?HqE;WfGih?coM?4Op?Xg5hG`2s^@5t
zSDVhjO_)OU^+w2!>Mwt__WPpz>90QN4vR}yk0@HJ3J=dfTY+O*3(L+gwJ3U8u3;g;
zy=vmD>sV^khOLa1+Z70-WFk(-sL%OkhVFgsWOMDBB#5r)GuAI1Z4;4U`dT&bfK?dr
z+tdZU4rWD6n||FnGEo&}Q&GK&#64x_&Wy_6{JY1tdJoJ0S`^&3t}{iI2Gj9EY~ylF
zMNOeNu>PK@_5eMJHh=e(x}k2f+B+{g()rup^rz3jbKx<=ce)cQb4AjZ=^q?OKJKKc
z{7hAii*^cWDUhX^P^!oY8!LF<&eFf&%Nk(@(}U^pJMDd+)&lWSjM!cPYKHXbJ=}i<
z*VU%qvF*<oPim05UUWaBE;&(U<d$dAd_FrSaL`lmawYLsN?it05{)=DL}CzEoz_=2
zIn3G*rqDhw0>)<NH*X0#$5<*To~-AaBo~?%xV!sp3Rlz47U*87u?neKF0(;_dHod;
zkec*;p`?VkDLYBmLY`)QddZ`)EtP|*-%kBcJEDBwV|o|mEg4}taW<-rh|rR%bUqdO
zMk%!JE^4K&%uHiOIs~MQcLH+v^~k|*-!RuA2lo`-k|(l%*Lo)IJpv#3BZ7xFPd?4M
zVcMFl?C=JhiEH{v(!S$ErtjY?zwPQ1P`pYUugW|8t?7oL<jKZi-t4YL_O!>1pR>j1
zy{})8eIPpxH-4Bnasim==X$%vYqvV^U4C)izOPMJeysRFk!?81>0#%AI$2RC+atYJ
zW%A}+Gvo`gH@cF5K$&RbNV+!DroPhDo$&16kxagt^R#5XDRE44lB2yGl+0dER#*0B
z2dV@;;Vx@rD&kPIgsCE?!x0R7lJt8&>18yd$6hXlchR1FB`Rj_DARlFV2R~p(a_|1
zINY)vCHTANKipFK2l+h9_nSSM1t%?y-#3+*1!T?E=s`*T9zljqK`<FKY^;_9CIin2
z2wtX-G}eoq6tNANKuo9)nXYRABR>a5Loy43YPW{FZE}-es%fRX4Wp00(n*{q=XG86
z%_y9X7$d7aLWQ06+-um!U(bj5>#6yn=?_;V_B%#BF6iU$$#Svm;b*+IMT{;Qx^6ph
zn0j1obki~k6(uw+s)M1YOj|zMU*o4n(?E8`JLLynM&HH?t0Z)X46d-DW68=(t1PJ<
z$>jGRbx{-XmwIg_&K==eG+!$dyH%&wgi(GayZ|&d*}A6xb<RY2r)cHm3hhfnk`F4w
zNhXm=a^(3+Uv;cpi$vKv(Nhkpsh==0lP|#&EZ&5Cj8jh2KF*42&Z0!ao92+5eI}t~
zSXhg@6$&R~t0J+f!Xkc9VUxv8y_w70rS+DnlMfPm6-ZctEEO1`Iye~)<&XXO0iQHj
zHU4$dV6M843uhZCh$-6Fs)S&2dw?U&*@d5VU3}FjzgVD7NpkHYJ3?j3g#*-V4N>C0
z7#SOWE42(Q%gq^C`H!v?E}<WSYPD%HWQ$QJM6Ih5@5sXT<c6RQDneBwou8q^WlHG<
z32ebV4QHKUR9^}4sZ_P-<o&;f34+H17#=XI@OfS?I-(K|bmoL;Qy9c4vyMykIZiOI
zknl}6g#2vhWr3F$Ag*^Aipw@8$MPA#nqTN**?V40<`b4D`p!-YP?_dFLodF2m@&$r
z?m^w&ZA^yT4J><<@ApzFx#m}X{o>(Y3XnnE!Oy4(-agz{UNPUZTO3)W^85+Ub?%>v
z+HxLQafl@z<{hLw$xvV_1Z5#(yZg|Dh-?|{*JM_4;R3U9UsLYopZ_?^tIqo)5BkIS
zgTk^5R_;&Mhgh7`CUmtth!3Ac#t4+8$znjJl*f@1VFOT`Q8Y%Q5@ZRcs<L5&WJktj
zo4Qfds&;IbxNj*3%A&H5uh4{fc989kwvH6UGN%zb)Uw%61<4v_;N2|E%mskuR-m1w
zqq}AB`u-6EK6hor3zR!M_BT1&f@z_9CF*JNh7E-ib5%KE%c|q(uAtRd;cIa2G1m!e
zp|$c^^gJ30C5sI}7gj@qJ9NLFN_LdZ=yq}xRU$Mpe%_DoD)d!0cvrD?Gp+KI!Y{ly
z`7K%k<8e~mj{A^JkT5X)FdXk^f2FS%fH|W|(J9H_%9o##W4FvH;G4{Yj+fBOcT6#7
zw3&jyp&Q1On^BR(wq|BNTYNkyN*lVW)!qa%w=J#=%jNq);~foV>O5RK^H1H{RO+Z8
zEomzx8BcR>amm1KG29J^fln`5Of@EjF96I3OA}g}5ldji{D_9xkU#>~XEP%Oo<o$s
zS-M$zqKMM2(wr;0Th?CIz68oLoY3~J@q#Z>{b%*p@(9>ZIXyVNVUwC$(XJbB|Lo~f
z-m9+0Zo2M=QB~0%rUpO0{K@&s@;z_ypF>If$@yPwP!1gl>{=DJ6(gx!d5fx>QOZ6Z
zeL!2`wrXq!M{8lV(joC~o8BI`eod$S7cDF7%4{m{pHpe0rTci5ROTLJ*wrd!DUs(w
zBFQsFqSKM6+ws<KrjU`bJAs4-aWC?L_3;?XENKypgFqQj-m9DAIaL4UrgKOgp{=Ne
zv7-7m$ZS%*uI6V8n&CUD&B-Vnb;vJk6~2V)Db5X~k~R&R;CP#ZVuQId6NMufK^-{X
z@Kze1Z(K&3$*JqtTfUANfMw(gRcpSg5O(u8{<K{ClxJd<XX0cwROFl!v{@QP$G^)|
z$t`hQ&6N(M?SXAF)b!wVc86%0e#FvDqZEw^ZJI->+#+oYht140>25u9f76>uy4Tg2
zpg90U!#tW?)mLARw1;zfM##u_+f?tJF0{^vNgm(lK2+&Dxb&O6JY?W(^Ahp8Z1n<=
z-el$q>Vj%vqz0kT;9p{QAZu34JgNK`qhLF{iVdi|+$hbst)#XwBW)u#CjX3*m?`OC
zRi(g+#BGsG#ux7g<&Z9YWDXaAkF`E!E<QPT|DcJLHP!P7zj!vfe9_+QU6RNz7vQ+V
z>9_49*2ECA;H<{jR~1X^NdLJgF3@4V!lvZiH$k|nniVwJzH0GnJX2S<Lq<*OY<lbP
zgu3+riuB7iQPqMe%_*7_J-P;_YUr9(<yOS?k4{+^c{lwr?4Kf#@{ck5bvH`k&y)S=
zLp(Si)Pr1h%YrP1c9lk2=fPbVyYkt>KE1tO*bkSli)eKuq>1uWKI-d33%TWaaI9%E
zI&ExZ^qR%kct6z$k{j-}XOO9NVJw?4t`Lx$B<w(`Bjw9(uXsCxNw_3f7cKy=9WMaL
z%?rRYvBC|m2M0+(S{cah(tu{()PN+DmRVG+#=M?`#i}Ee0&B>W(``zv$S@bUC4nIs
zZOD)|ouk(-7mZRaeMn|mRTgt6bEPCdZNAigVs`=e4pUud+^z*d@3sm?R8nt~#L`;F
zN1j*<jNdaJ`4p~eKv^@u0QP%eTCpo_lNrbcRoo%Q7oQT%pK9$FfXhqgofGHp#r~kR
z^74!4n1vp4g~pMe^3^Un$(Q;&RG0cHmv0xF+L+z6PqNEVC$<ijvJUr~;i^YLvTY5-
zyJNW(q>U5ES+2eKI%37_cqo#K!E(@|M}(WTJ>15U?eYQ$V-(iKDk=KV!5y`f6rVeP
zL+?)%I&D;j-i`J2^~P;$yg#&QCsF1>o4XY$liZf+5{WyE;mlm0@3aAl4!DbgB&yv}
zP{NfY=a!gdC?g-=p57t6)v;<uE^S5F+ax=|pU|?#g`%t21OXel3NhicfOCs9izD<j
z76P9#O;364(EZD$`PV&`K@%If{{tgze4@-2^UM<}EhtT2_RhS8HIq%bVoR|OUK(%C
z!zpQfDD?KqJxet<4jX-nXqFBi{mmYYloeB>JmD51G}lu`W>*H3W|4BN@G9Y}a);`)
zA~wc)`WsADpKsI<$EGa18vPAU?<xlNT3FXFavYjFGO}crx0hHZ)O&uOV?oa<D`e?R
zRub3VA)ajKg<u(p_{$VKs;t9J_W2}vDng{WyT2|y-e6~2E%Q~-JP^gt)P;^eo`hR|
z@~43%IiRH=tk5VkGuhJH4K6R~4vWl3&d0wsUSn2{d~S?T2ahBN3M8vr8E=ezSAEV$
zqk0A&R_&#bT(b8|;=%Ij9H%%WRof^==44NoGxL?KGIyg!gBlsl(j8)=-hQ9bQ>va0
zWvOW*YUw4XSo6tMe`R0Fv({z*EjK>TB2=x&C)cn4mByc-`;+!O%i0*A^y&EJ9Ns=k
z%jwFoE)70bh}X8ey-JGU_U4v%zUF_=!)+6#7JH6h51;TL(FA^wJ-3QO-qjnE!piz4
z)pSSSY~*O!SBnQfe&?_Z&$WV18@BdXf-}1|{u+0~BL<?xVs~Rzrf;6bPoG=5B+3r2
z2d%f4SrvH8$`)9~X_1SMFY*Dy^zWiL8wN3Jbc<M=ywu>8T4uD1X^t=#g5A%$Hqx-h
ztg;ajNvx*T91uwS4wNn(tY({{ALWrVR0dW2?fD6Qlb6}^82T+d8_mw&;N6jgyJVKo
za^TvQOTxV4X6A^NIL{$%sTa2bABJs$0|;VMWdJs$GxE*_QY>f8$ggx)Aa3`9$~g1`
zupP&Jp@PB6VJcZ5W_DVy;hNdbW&c1&GGwEnToffSrLFhhd1RvX9e&5ow7m^@zb0Pk
z&%WR3;*u6+X?LD`wz@JU{hFlHK`+x2Tf`{NB(dUN^rEwsV!7yARD66qQ={>E{QDP&
z_dlF_JI8ir96KjP?Ph1S8=%H3ejo*Q7!eI<s1(UAuPR2S>{PkoUBd^{W{yRvKnVe5
z%2UB!PUe(0&S$mUq>3-5tV2Ub%TU?ct)i(Eqs8&ert7=%4}ac@J!LWf@md01@lQiA
z-7NmZ&QTunR?<YN6+cBda)3_I8?;W#u|#7-%b50nlsMPOgplwc0fzCT{P{Y<;IEv<
zYppxQ&pVrWR09W0v&Pq5kXNcE^@N$Q%6EhYCt2>LLm?dMDRR-d*M<KY9envJ{@v&Q
z2p2*-W<Nv<6uCd`DO~_S-MQuRi;5|&wPO`nQ;DxNn|?IDBqIG^3p!<M;~({7p0d~p
zZ#v1p9~@m&v*pvzU`fS%R<@pk2XeAQP15erS0yNNR&^25nrqeyc0zS?&B{ss)eZgY
z9<x=E!WZj0$<^YC<jw{-oo~Pb`GaJu;#!iJEAFcsUNYHaQ=qJh1YAJCFcLl85m0^F
z0=z2y8*G2z?ke+sp$H@Q$uGQDhbM(kZ(jh2jr!SB{>3Ru-dXn|2nAhLjNQ(Rr#Mbd
z-SIhpRe?<*?A|$}!nZ70{bN3a{Px2@t|qAcG3k6gm6D|pXG3=fSZFBFlqoZpWf{YW
zFZ+!2b`KGl^-meA;himC1A}VhS>q;Bjn-qFW4y*4jCwXwx5(!WXDfpfax3;?=5>>4
zJ9^p58PtF%aC~GurCsTX+k>KY{_u}_n2_17f@%z5o|R6ou#q-{-F1C;l89*18@kz!
zHqDH@4BwT!J^u)7p1nq-Z5yfj-p_V+X|mZn$}CIl*Yo(8`DJ>WAV$2Q)aA4uHJmnF
zU6lyIF8kxc(RNu-zQ&rd+E=me!pD{JuZF?|(v5G|L>HXAAC_PC2roNjUvst@&OZ~i
zwM~XbO@oF41S#r7kh1XQVa)S*brsRi>RTK+(P<XCBoSs&3AWz<qS}AGw2!~nByEBP
z4EBBn-OC>?w=SW2QQ0oFSI@!&Sm<$Y)}?Xe@2U;MrV%efZv*{$ILo?7qQD9a)*l|G
zdV&AenZnHSs<1*2x&Il=iDOr%L&C+xW#5nJH{Y#vNlVbZsx$&Gl%&m0cB8?Fki7+x
zq#7kCi^j|vN`JL`uhS^gCbbNSFq(uTi8<1fyL;PZy3QBM7KHCjnS#nHI#)Qhh(ecA
zV=qgiQhr<OtKZ~n>mLioX=OVRc*J&X(fN-fg!z3B#S3+ZZ)lBKeMpA-u_gJPZh)zC
z_=OE~32l&X7?~QN41DvMDQ!kdu1`uE5Nu|L^{ky?dE`mmc|TE3RLAT@CkE19hy5{u
z3p1*X={D_JgJknj@0dE7)o1?`4O1R;{ZqfZDIKd;dj;OzlvNu?92Q}pBOK=7To~I&
zgBj8RyfE_8lrBhQ<R;Q10>^S_(O!1*H14FxBhHkx5Y>1&+}!M^OlLueD*g8)?;YAq
zXTs%p*PMBM-P|Z!d^nx{6LEh=HCcXbm6kq&rJ?G}csI{8t@yN@2rJ;ARv<_z>c+YG
zChs$s%_V0GrJ50S(H=F~@K2wSlVFk*o8#qZq5ZaK5Ick1n%_d~gI0L-k=xd`{*O8J
z&SXa%MXJrUs7SEvO|Z)`aptg`1;1^jZ3ZYH<L~59b{;Vtm$4TxQa$6xBW-0E#8%vA
zy|yQGB7Vpd@hn~OUJ)CuF|Rt^Q^sOiNW@Sfs4`KRwNp7Bogjrq@lI<N*FXNMHSnl8
zzsqsci?iQTyTq}o_1ZzJ5kKd6%)(YpxrD7)QNGz!i=Aj$cVuvQkkAF-i+<CDsO0eV
zKj<sk1|n&EA17X100xZk+3i#>PRDussqyn|b&O0}jcsM3m=<FxbzZ_S83|+6%BJ_8
z@-72VAa>9<79G%mdlxMcsM5}xFXm4@YCT_dwRL_6I{<DKjWBR)Wty=|EV&N^6-3A&
zV*_R6JT)-;9Dk1eFLY*+$zbU1f25p+^Vb!925(FMT(mmZy&?ZHBmDeo_Zg=A?8zaD
zU|S_V5gzRoqH`$N(?s3$)SWR*Ky#OxpVSV>F_mbga%ydc8FxSCWeFKNI#+h!70Y1i
za7-xuwj7sW!m!KZ_B~3u@<+O91_1CQw&T^`-(M5352cDbjx2faS14Qn2CrQJ&YCqT
zwG!Mm3`;qVvSExD0BBqI1t4eS$=`SKU#G@YXXOGw_QU@I;D2oQvz?JDr>nH@obBN5
z1>o+txsxzC0?ofW*-Oz@EHn3|e0DFJUjW$WZfiVQ)}gqaGeX#YaO+lj=lb9tlKFOz
z6CVPT%g9utTo=s}NfIUFVGB>)36dXAo<QuO28$6^O)vt@OVM6|Gcl6P$?S&$^#}Ba
zEG{}f6JF$xPwouA8hK)BWa4TX-kA;k5L$Gm@F(XZ{%4fhe|GioPtMyK*EIj^%KuN!
ze-HZqclGWcY7`ac4zz8sKWcw#M9tEb=u5%}LB$OOo%=wr{b;7N3dSH<R3r%u&A`C$
zh-&puL+Gk#>eJ<qH~Qe95`M<c`0xUtmKTx_{dwT3r+GSY8z%WZ^Nr7$T;88;{;Sdi
zg54FiW>1qkhdIr)_Qlu-KV!+k-v{|%`>=%;clFX9Na{^U7DQu$&H}ux2<kYFnS281
zYM>rA>T1{Yk(+P&^6ATL`ni@!{trR&3&1t1oPXE;TO0pNu+hBmaaf5!_nWngORX8D
zvz9!?SM}$!PqL&)941l9g|~b!i@rl<iyi4ko`0LZ&TMW_ST9^!q|?(AldnG3{>j)h
z!Y)2>*hGWPrv7TW^#X`#FREOzLFoMnn!MdB+%~VUB-qA)V)SNA&Jd-HpGMX2Waupj
z8#De61?@rU#v0JQ%*%Lb?Qb0crMBq>Kv9-$?uXK;o6*sM^^$PY1t5u2B%>g~F8yFc
zTO<|3_f*#b85G0PY2!6gd&|ZOBDO}H78Ng$zFZD<9j~S|N7$GQaW*USoQb!VKM*(}
z7pK;8DW!LGdptnDlmKam$xZ6>@tyE#OEOA`y1iPp|1Hg>Tk*?eR6c?56-xc=^r2_X
zE}uUgrq|OewWFA`?+>Ba^#a)#`Q|a>0e#Dl$dsA)M+|JVcT6>NE&xLh3nb4oG-*Dh
zdu4s6n$zLGjE&V`1DTsoBr&ujv}$r~d!%^kn)Qw=paT6E)MBo!15{&h&<qNRbpG}1
z?|;#fCOtZRr;VC|e9IJ;-etr6_*BTNZpyimVogs&tqP_T5)#r765`ch+<g8z&V$ln
zJDpozVo^tOdB*%utF@C=@92v!hh3`4^p(3ILO%U`cM)9T!(zX=ecoRHzHywR{Ga0Q
z0<?b)UAnYz=izsv=JD=u=erN=F97e&=-Tu>a#B|%f8M+RBpCPm9OGRq_~Vn8&HiTu
zj}LhlW~AF_Bv&c@OJnKQS$^R2zROL^apxoyRsx+jmt||S?RdH8#{V}D|Kj2KRiB>6
z_vjvfy#PGHiHFo2J=^ua`{SDNrfGX!;Q3qpKOe;>Sla9Osehw=r7PF}w<_n~(*4f^
z>;Id&16+Cdmk6>4JU#wPJNf$t_5$TDYD0yvt@@yijY{2zEv=7(X|R{SZG^!J<{gxf
zXwjlJf5oi6ZkssQ$nCFpX8yqS$4l4$+I*7$_q_kw6#i>933CauQW1T!TBV&?eb2F~
z>&NA(Kzbb4Vi&l@x@N~sb`Dt=MH%Uq;C6qG(*L=*U`suRg$J1Owu*{diqy%(qFuQ^
zyhdgxo}ZS3wGpi+AKPo%V@pZbMT-PH`uTr)&9vW2CVh4J?r-<^hr3Y|`oGsAV}(QW
z8)_iMS0I%ml1|zZHJbd{X4L;)`UC`~!qp}xheY}al>qMC+C)s)UD+Hes*B7Wjo1sc
zpFuCV5TynQa@A6mF0kms6I=IOdx-27eVBL8^52OfeoM>p_aOWqM(w{F{EmVDR_h-L
z#{Yx|{5O{VjivvmqUpb}^lvQv8%zIjZ}`8+8LOB~gx)cwLME`7Q9g;DUJ~SLlo3qu
z!1}+;&F=S&S#_=?-YP{0BQ9OS&aGWb_jcmLKXzMmi8dqEk@MlcZTTsO$&eFf&{(K-
z7J*h)5=ju^*6EEXj>l3;#mqPDL6utJzi(>W6LnU<;qu8}2d+%Kvt+lj`cXA&dNgTK
zL=i~nTsJ6420s{`d}g7tuII)SJouQ>5SZs)`bO6xS<6tt+q-5_P%Cy|OW$k7Vj=Gq
zhT&u2-n$q`On);JKf%Zk93du&u_QApmo!{H^c+++4fT5_<r^nekr;zyZ3lt!S?kNO
zeh@ViF-K~f&(M%r*l3i!B;#~I-9sIAQBh0f%h~Hc>x9X5fO$sVFM^8}gWP7ovDZ^=
z7OCa1ivm!TC4-)UJX1WYuijAk5we=iVT&YLXINo83*1Q_rL<I@-esA!65LSu*%oH#
z&YLtIWt%WiyL$n6exu;jkRNM{Mad<umM1v#i1-I8cg)pRnjr&1F>GO(qBQaNm6d~?
z3lr?)xTt7HE@o(z<%eZ+CsXVs@XqGOo^`sk)`{4p;7phryH%Y^uQ~_N87{p?PRFj)
z7fX0+e}-9%)XBT;W%S|Q#BocB6qrh8yMA#CQZ%|Ps0)<>t}>-9_e^lc2(3Z5gR0iz
znYwXCrJE9Hu8c*h`fufj7)Oy+@)BI<wPC8`#mX$KhWxUM$bML^(T44tlZXf!t8Dk4
z+&aPhx<rAp#QUjl7HQMeL*Qvg4>?|RmY8sW>S@r(0s2N(HFO}<2uN(dP`gcqKty^a
z{zz4fRi6)2vAb6geR(!39@k}HvI1otKxVCRJ<h6<$xsgkPvk-+Ka@dd$4patIoCxh
ztt$p9mn`cI<#Ky_qvlmQAxu$kO;xGoG9%sT{CeVZ`XT(ReJhX&_!FKP`CZFw$_}co
zp7U?H8{IZDz<7`%6DX@&AZCKik{6`_rZ|T@q7+0nj#2d$=t^9N=Yb#SyPrunbCy{i
zJS%6*P8YrDZc<q7-dht5L}~LblxF@68QBl89TKc|kDS=AXv8Mt7Fy;tg#!@JF!Wvn
zd#?_MRxn6UvT9)ND9MMAV`)%Gpm}4qqW_`FCyE9q6~|4x`<*Z5$SQLJ=6MbGIVg*~
z3{ZE)x(CV2o~;3!;Y+K#Q)u-?AUmUrZrx`8cGAxmZQK=DY;qkOvV~M8lQzAAhGi-l
zFQO^3tSdPZl!i0Je||(h@V5r3mJaGA%lgZQjD1ebjjHpYd-H<L=%%I&d^Mcj<@zX8
zoeh~;H%St9JI!LzHa=yzM`cv}*+|Ho3ReA7t4@c5flueRNk+8))H^JLj8}|dluRYa
zYCZ!NSpJl=BakWdh%4fC<{5@RFN3AF-FR@x+0AKW$%zX??|k?WV;B{sO;R%`R8C)k
zzLhhP*37^F3#p=`F2W^8aO7Eh-#aCFeG@#5w%G!ChWNp`6>7aO8}&535TR-jq$SgP
zTx5F!ggHg#LDJlhC(d#z!fyw)O>{Pi2A6&Yi7%F8t7{8voO$a@qjbKJ<Z>u>gH!n*
zQUrUQ#7FdV)T>z)W$U4eu3~kr2?s7y8d9?Gey|fXGv+g#B2gn((=*Mm84=2kvIMer
z2YYY?Rgc4qz8jT(TEj|)>kcoBjK`20Gnb|4d%o^qFG|{cYbNue*HVg(C6*CmORtg;
zv*w^i6>PlLQ(;%80=ZmHfXiEh6$<A$dYXAZ7Qf>qi%7(Ti|jiR)ANiCX#<7Ir9!WF
z;5t5<yEl1EhDln}vbH%W?Gxu0)wUNQ846dcxTPGd%SjuODg@aoI(3CAX`FZEmDwd^
zGWbYpQYeG)vs&LH7q=J4csTAypcwB9Scc7!#tL`0qZc+V00rexYDURZCYDM)9}}X|
zX<mWsbvoiZ21LxuCcPB)3GvEO=t;s`#%)0GLWqdp)KrgxE>ojJ`f>tKX5HJQXX`3z
zAziM_ZRnVdf_Yu&yFDt!%w6z`tMipp0~vIkExO;lDP!5gFJwR0IIE$IPZ7mW*IK(N
z+Z5@w`#DbAcE%!+k+8=}NtDp;T5qXm(_>$fTv$?-39U5qg2Rm7^qR9~`=IWl!6Hux
zE0{9BR)QFDo`*jp?h8P`LMYqjYnEGM*aIKVwu%MHw$=BuU>uQ)(g|V7&a%w>VzuC6
zI&Vy8^J;m$XR`e{;?mLP{$#z;!KBsk#!IZY0s9WAoV>hCgVt_P-h|wSj6E<<RRPO7
z`64DZLnw;lP1ST2Uxm-WK!lY5e4?7J%Nfr5I<l?QbRiF2q3Af)AJ2Bzb%ML`tAs~Z
zncW+;R>JWUH%iDVj;<xaWoh*NY8%48nlA5yT0yo<kBTQ%j-taYu!Ey|NVCQ0<Xt41
zbT!iJD^FJLW^{U7=xEwnj8Q1e_=qHO&N`S&a1HL0Q_jR|2hq1^v+{zc714yEro)k&
zWW_&J9^>G^O|Qh++5VPf<Ir{!Q>EC%#Tr#Ebx>hj-<dj?4Z?S}z~i~4n*Rfn`3=0x
z6|IGEDsn1Vzr*Bn7q}nN4P)$d%CF~u1`J}K`E1yx$W|@OX$O|Q$Tz4sbcQXeFTZq=
zr|fVfzXNwnSG4#U6;(Hgt7ha*W}jh(M@B~ERA<qq@L(T{gJV7kY|&2cc}i7v17m(R
zmjq4LHuM=vr9{LedcmvAss<H7gN9FdZB)m$M?`!QKMfxDtZ~+_{%~_joa}KYfBS4&
zNc}db>a%Dc7(Fh~DU%_=!CxGiB}N`_n6(ATP1v2-P_x>lQKu?s;rPCAzoQI1A$9@y
z4E0_d+)(h#+?+^Dm(R3<Bpi;1G9v{G%?1n}j&3=%IU8wkJ5U=4M+bL&{#vrNw;(C7
zb$W#jyHL{=5i1O=o&W=9E%{(Vtf5lfxe2u6`J&!SA7nDx2z5fQh~!tPc`rF~u*2jQ
zWpFlux3j7S75Kr`3ZYEN{YV*tRHIQF<^B)uTLd`|dIY!;0Ux_d0%|$kdL^_}Dg~}6
z<ZR2lWdbS)3RBiVf%hYc9rz@_KXDvY_rpIO^W(fUn*(QCLbgtGO4Y3rve^>xGgrYh
z^NDV=M!Iw=vobYGpogU+O2#Zh?fcwkPM;B@bKeWV?xhwz=P8WtL%X}(&W!gzXPQi4
zCf>0QtVXisv+lqIf%6W?jiN{W^Ndutnc$f{97|<2EDw4sZ)x(YxX9<|Wg7%Zd$4X6
zqYX#+!)s2ma!68*+Y&re_$0~{x1uofW*)@%Noh4FJW6|0Ek?v>f`wahLHxJ<iz2ov
zbV-=xw};Fm%9tv4C_0<N7HmMs0oG12VKyfCc!rDOX8h}sxk(m)S$drrk8#+P0>*=%
zvr_H^Q>MdT%NR@)dq)NZ{@xu+`jm2;a?JeahPpE^RXwjIa=c~^u3WmA7j#5W;x4v2
zQp}pLDsq~ct`s`KAV>{W=&y8O*y9}(y|P$KXFPFVg;%NmQCUNE;x%ZNj;^AkQtYt$
zLkM+Pjae2YkO>~28cBRJh3_?9$@`kvli-@rbJB-*Ygq4<i7E(pbz&pB-#I)G?u_kX
zCq&A`^v@H@*IIkT(>6ibJs1uVL#>M<PMC%9DpD`{%=9kX=e7KO4Kj^{rYDa2Hq1V3
zt5xZ92>fcn4sfXM@Nz{gg$nGDFu^oe13T~eFc4NW=->o=_-x{7<oE8dw&Dg$)twMV
zqk3hlI~=aQT5DW<Pp=9~Tz5<8LVycn0wd}}TplW!Q<^SP+s2DvM}2Kk+9~I+vkZW;
zaR@hM8LOWr^RyrIhw&?mU(?qT&#ElzN6eF<)NJt!?9aZYSY7ooH{0SU549}I%!x{v
zBC;jg2%dYJsG-{dHI-M{p}z$ie0Q>Gr7|0sd9_}FFP2{tQc?(YziBKSy)ZIn6%tK_
z{+!unvtS)^?g%Nixd4m{d+44%-_S~2=PD)Vzjm9OaG>@<`X*&eAfzglY664_G)1{)
zssOFjvY>KP#4JG}N1)Gi6^BLx?v^$@TE)*_HYj=L(TJ?q(_lI5c&-w?&+tk0$jMBU
zc?%sjvjl}Z%{fHMZ62jlwxg^wv=8JADKYKCn$KoXi&{l7jzB?!OIPW)gEah>%4<v3
z6+)Mfch%6Ypl0x>vf1z!d>F@>1zWghPb6QFr9yoji(i95BrHKFJnS{omu_90aGb>y
zosEp&W1RL81zHJU*JiN%{yo^%rRS8(Ic5(|xp)^=oao$<5VUGe_1X)iehaX}qHNiT
zy9|1)h{I=fw{)Z_v?@L&nNbV@47avn5t6=>z9$k`A!I+m8UYh#LYJ*=moos-A^znm
z_THa_8q2G>RSLeDTI%Z_noUzUZl8$f_E85Vq5Nt&=FeN!wUBe*H0E$ww)v+it9NY*
zjd1hN^evaXlZS_w+?`z$KF40=V-(b1vTl6SrI+kHGXYbLPq>A4;r;IGU0uChtXduI
zH_HEdb^>Qd6|d^pE9|Omh~+GzE_Pryag5k+K|6EE_=RJOB^i0au_{9@h|PUzZB2QD
zY*4fpm$-3|bjZ&&7`3d%m<T$9jjJx*K1n-1*E7n9hw^?zNbaWpL>{`AAIEvweMQ==
zk?(F-hxKA%)$?wd8k@*^py6B9ib-^8Vi1JR;`<XPXTdWD_nO&crP|Jt2Gy^pgmIZv
zn%dGO-keTVnr~<v6>le^AFd@Mx)rS>*$gxuRr4<9&wJ<{29yr4I8hnU!N*48a~G<#
z2wS%A-^&xBh1Hl9dI@*iIn$Th#jL5Z_Q=VWj3ZpMHs|isl($R`2}En#Q8dzE4U*Z0
z);>8OnNVB7+p1zF7aP+Z%AseH`0SyA3z0d4eletyfe`+_dK|;Mwend>v9f1*tYIrX
zBhfR+13ma-S^y6Iww{{)c5nREv#nEgD+*~o*;TOnl%j3sy7L`bQ-*bGQHqVh1C)U2
zfW?e-Ph@<JKedxHy^Oc_Yjo~O_}Qa)NATNw!v#<|;>)u`*Il_v+gM=JlRYmc9NNZ)
z^cmKgL$b=slmgl3<xCq}FwZa}UX+{p4l%2q9z;#bc`wq#F!XP)VO6xJ=gNh%Y5F&>
zqrZaAlAt|fg!5{Njb@FO^y!v{u`UmM1!C_F`#Xr)nv`ZP@Q;L<=4ZK>(&s{C5U5%Z
zyQ0`hf*bnKa9Iwze`&>kl3R}-4$HUqB7XnbDx>vtu9Il?URJk*Ew<ZPkb+GfygUDn
z1Jeb(&&cp~X+^oi!@*LTYS+!zWYT4(h&#lLn1^lmLHpJc-dS{}V}wa5t-qA`h0d$-
zuI=mHvz(#9G|piTO*Z%AK7@8P4V8KQR4EP8%bqNWr5)BTuU6s9M=j<_%eI8SZ7Z9`
z;X-gn@48>?myyR*$yImJw9l_=zTIVExP<JLihjN?>guZhYWf{B6!S?;qbkOODR}u2
z^`o2CwB`dFO09a%y7>>R8w&4!pwv(@Y<2v^4UT3T?d8?7C5ceb%@uQn0OdTa5uJ*Y
z1W)%A%i2n3tUnfla4EdSzG!K02u1-mbHXHK`Td@6uAyNdo|pK+t<{?@_X~cA=TdO1
zug&IvtyMb4(Zr??&bB7)TcZP+=Oem?(^Y{?wUjn>0gcBsuK+hDgt>%o9#Vk#9u=A_
zcg7;6id^8RXdt#~y|60eq>yznMGno&CEGal3VrEm#n#pL70x50M|v}_#y-}tL>sVc
zDH3AMNL8q96FJo1#S-2jPSaO9&It)e?2%|CRA+%rm0a}_1IJ?I1|MQ~wAB)hA(fF-
z_aCCW3!+H^ItFU#ma2O%k6*5}$`x^z$4GrH+TV0+qAy#R&I9U|3{QxKBfpQs0<ETh
z1_#nDGpVB&f;wUYn9nPA65k~PHKVYnlO|L>Wu6mr@n9=P2)C_RK)2UN2%xBK*h?%v
z8v4n2C2r${iMeM2+@tq67xyUG2{sONCV^AZEhoRTr7le1%NZ?FLv0rsyNP3z*wrJ}
ziszNRh_WEiB!Ni>C=*Exn%}0BDxmQMQ1^d*ZsKO<mhNC(!-qog^5F&;Gwh^FS*^*5
zvi@p9_X`q4F7oRhBO?g2(iE{bVdWA$WZL>l-*TJ$I;)1C2{}{Zaj2@`EK{PgtFw@b
zlP-uxz1`VSWor8g*L!w!rMcpxMLr(3y4WE3hT^crTIaCoHkq1D`f>+bq0Zujdr`y%
z!$=tjBj4V=Xs^tAQA4N(yRzp{BH<0=6Q~)N`qh!F7(Ml3A(SE(`A)#M5PE`+Vv{c=
zj=TNfs#K~@ML2ysXF1hv^%l-mwn3}XN`E)<Rr^8N+QdG3Grw*-NrmnXFCH)5!G>Av
z=hIumIM{jF`;blMk?FRm7G9==M$NWSl-&U1FTRkEdLPXPJ)~E!i0Di(eQ+FFW@qkj
zVM1*q`!SR&Q%s4WX+usyF=)Np5XR|1$lMD3iIGKPU+6$(lyK4H%LEij(wmW>vX?;0
zPF5+cD%g(p>zXJbU#c5N40=l4h(}ZpZc0`5$@DMrDUQ<6b95xItPQ#mNr_VQn7z?=
zT=y(fM!{U=mTD<I7rDORFA_n!nv-gTcD0SP)t#<ed3tcn?e7hPJ-5J|fhayka4tLK
z<b+Bo9Os`<&Dm<JSK*z(oR>61ll^>>3p_fbL<wSw+Tc!5`k_M44#{O7?+6L$sJ_I0
zIl%oS%{06zhOXjE>SfueIMs=t2>%(Xh;%+hc8}aoT$DgL2;cN^YHS4NGrzhLKNy>m
zxGupR9c`!DNK4z|HZzsmojtr-s4r}9IJMP8ZnOX3){`5a#eB`*L@-Ugymg)~rCh*_
zL@VK(5R#E5vIAO}dhMnM#RcG{{M33%+`@Ow3EA@ulY@%Ubtp%HnZCRkXDe$pgm-;Z
z!5-Jp9hmY31Q1i6h1FZX0O?B^#LFrzyo<jf*u@)#Qk)S#dC>!bLEzSAa`0^_Zl+-a
ziDql7JU*fwy7W}r#$-=8haAHP9*;-|(>ttDU$>EPrf}RxohMI<B|lDeM`myI<fump
z^}Up(pWsy=9-Xd@@-~oGX)$l2t)kOc)cD>m;cjhxU#-+LbbW57aCoXcE@#%mGYwox
zCDzeBIDYm0RqorPJ(R;%+N>2v+K(GjI<e$z9WTaqnH&9JnfS!UMktGfP!U2^H6AKs
z<mrolS>Ve}F4VfwYpTIf8o@%QBUVs{7bs67EMa;L4CUo7#tsF~C-((giC015ua{i0
zIadrbiC(ganj0PZB$yBevjz&%W;nN^sqGSQ!RVOGEMViZnG8HW;Ag$s_kGpV)OOrH
zZQJ=h-D=XW9&+?YzA;l-jd>Vcx8ok@-0_mhrBtMNS_J`d4JK^KeJOjms-y?Va63%-
zCfH9I0%VGr3M0YPX<$IzxRCIj;6+_EY@4Mu+iit#dP3)HJzdZpdf7US==+hsN^CE|
z`sHl-`~)=&a`0P$oqDOLwI4xPC0F|GVe{p7I22qH`#`G40?Zl`B_~^oU$VinZo6i;
zKHiXC?Tdf|uPyK~C`jW((0q(AeMo`^Jn|&+><e8#d5Dw7i@wKZy>g5>HLX(`ndZp4
zjhB1sHv&TX3Tz5Go0#&qs!r9<zMka{pYb=fHwvm*((xf=XQy6&OH#Dhk=fxA@=G)?
zh)xg*a%k&Um~(;+qCvQTt8sWcx(eITs>rA8Trj4j!_G(Rk`3CZ<*^vZnOH5BgWvam
z9#vtDLL%Y!<0CgOk6uo+!bcw2SpMuI_fo&HrMnF+X1PGaR!jF8k8s(Fc35XK>?9+Q
z#8sPN%Bw?GW{YKF&?_JO%=t)#X+j|)u29;F{Y~|>=SWMUB65dOH@^cd+j#y2Y)`&^
zCOfoY_v%iuXgk)^Qo8rqk%t`3u`Y-)F)z4PevIi+C{*CYfnoZPezUNf2Od-SFsCyw
zTTq^DTp&1<zgqp8A_OSXy^N8-1VGW2&?;U=MqbcI=&Rg8%h{;K%Jr&tenHa8H-QCO
z>`K%*eHHQHHOl2QqrUN^MM9ZrH|Ee$=?si~<Eqk)8Kq?<*y7r^?4L6ym5xI?q-Fzb
zSrU=!H%<gQCD3lfwuYvQ1k;xva^SxGypy@JA5xS`Tc8+du{_yp$#|vGu2o!KBWl}&
zuC-~FJb$~N>UJ;<+2W6>SHrYPV4bII_;7x<&OV%(by!=YKgCavR8(2xg9iIBUh=x6
z?~f0V2qSqrqf`X?{bFB|9z<!fq^e++K`qfC20C%D>HC9~Px7fzgURI!K!vLLCT!kN
zG|H+dWoYuFQx-eX&lEB@B5s@Gn#ma;(;@F3FL%<lcbCbN=59q&#+UB>&_;BWYD#mZ
zf6AioT&#RFpCwZmI<KdJvHk!WG_6`h^uX}~I7KOaTEj<Z7kNXdaMW(0j*GRUD!MKN
zC^s)KT|FKAoZ|6+7bGu{W0vBINL99_;}=IX$d#xd6QfS>VA^uN@jw+J{KCF-8{Czg
zn}sO_C{v)Umb6pu%YvKrOC;>s(Ap6Es{<wD;v5v2>db4sa^nuW`|K_5%#@0P(?hoT
zX>(l_+*_mAOZ`c*1UAw9o<U?$xe(YPBU5}V?m5eor=FglYR2;yk|{<=C-O=p-|0@$
zj73dSg&bw=*@0BSQB{Re84g!u%+hD+1gb3>rW?Nhper_3U1CEoGG<zyGZfsE5?mg0
zWf4glYK3QqEtPH?{tC@}l|B$FP$4U4r95$<xjdzl4ZWl*W%ZZ#r;hOADk~uPUF5c<
z8Zoh3d^i_lQ35dM{?+j3?yYYZWAbcN$*4m7m^!abdQTV#B*AK8mTI?30S$n?Nj)vK
zF-T2aX|T~{YD;&STvZ@e*9KTyXr+dRp}CWAhh&{1XKD9Jk0-2qtUktN#M9d^=+>j9
z@h|U_f<RGssguacAdv|QM-05;uZ*6U8zKG8!`~!)*xgWRyzLE5<L6sYqI<IlWP`;k
zCL1!BLHjcxbc;~P*0Pi~`=~PgClf8zo&)W>?HL9Y*&B3~4Z*~<J(*}rIJ+~71tv33
z)FT>;O`UsmA3)xAz@d_2;u%x^)4_UVq}o-uWwHbntUph-;6y6{r}xF*fE#Fa;9o!$
zZo+d`H5@AX{zGBwj?=Vb-SR5hxpHvpftkjj+Ga{HR1MVA*HII>{hag3e+QfYmv<k5
zr_LVXmx-JCEFOIJe1fX}@iZqj33mbL+;}B#u`(Te{pVD{dDl3u-o&{7fZ)N$lH4-=
zkeN28o9xKSb4R|QKtAl=-5pTnuAb@+8xwej<}~v81t8Hmbpn1L@Nh-bMb){$zVLh9
zkt!GOEusvK<v!dhyEbuk9r(MmjUx080>^6;oshN*OX5-h4MO=CNOdScu`aJWc*e^L
zZ-#@~?QiH*!5n|i3QUxi=U0cB4de&sOKI&9MWNQ|qaDE~VW*Va<b}srSDWymVeKj2
zLwR)@2XdI64VyIokdEJ;KDZ_WnA-_TxDn8S?;jjb{J^0o#yk`?s~W^sXf#ACW-Ax_
z1jS`mdQ#35>4Yj{j8qOT&GwPxKcU1w5q1H1`n=Q3nsuMC%S=(V!vER+HMyx=HDWXx
zX<nxk?zk_>c+!gC81W>%(V62wlrX9US4xm#(4r?VOF@mrm?=oj+EjuEaymNdf>cg#
z*#mxxspLjy`2xA9lp?Yy7NJueIR8!0#SSwjS5pO}Yw=P^dR2TA_<62PL!ZZYxUgN{
zm%^Ie%wp?}b=orfQQlG^==fR5n{8!E*P$Le@4ItS@|Uv?$QM_@@l*jFS_iHSt@}iF
zYWqEpYx82m<c8SYH|je)^^4p`C?Ie)^$uR?ZQjlXtN9Q8u`mqGm3~C17!^u^TixWP
z5-U@aD##Fv$1f^YlpyHUKnov@>Y}@CCE962l29CwJqU4pPQclCRU^t9ac$Cz|3jkB
zWo_nJq!rbzn`@?5Wy+P_$)TI=L?-L37~mFalrgQfCjeYMj}Z%S#6a_doO$TV_2)gL
zd7ZloD|FHOijHvB(CSg2Lur{XTh2_;IwY@rb0Cwqhn|Um8`eDYKxaR|@(0MbHH$i5
z96gf+J?IFsl>FhhuK?}dNrN)(@li#AT!uJ6l2+>ZTLqc@P5kSl!y{w|-TGJ~2Y+2w
znLfAWSUm^kl$i6^sXfb__`8pwbs&M80Ij9^7tk0YSFSsxZm5T|e?g^U9k!rC58;JT
zMCF7ubiA@B)hhFlLRH>LUZ}YyA0gf82$Jiuwz8V`r_*PiE-MK(tX4q=tU}V2&U1;m
z<GJW5nT}INadLk6|MqkxC1gX~>&d_B6cBwDdq<i0Ep&>Zx`;tFk`4Agt(<R<DXXs$
zQUCG!$x)g}R9ot#TDnTrn(dY08I~aoTsK23IVtKXrpa02>;a}Fx(xriw1k0u&n`R^
z@o)5|b3K2%DA@_S0OUSP0?^!b%Q_(tk4UqUbBY`66q$MST3(Z+EdCiu3nlHR19tef
zf-_8C)x{#9BSFg5zLPq?d#4~?Mc4te^dlb|ZzxJ|(}{k_Yz)&lAu6|o^N1Z|(2I$s
zl3ukGjR+jc8jeK6QqrgdRbPf20Y`tTlXqG>Slv7|2aZD9=0&RXtfyfAjk5QOYO3x2
zMe$Wp5KyXyqS6TnNJ6g)AwWWrE(Am%1VRs0K+snNDWN2UK&VneFVdT0p#=yn^r}*&
zD^-eqC*MB*amLyEZeL}rG1gc&Yh^xj&R^SEli|`a$b5~`53EyC5}Fo+;%!dvO4#GJ
z%-t4>A2)?q;<=+yr5n8x(~9WriIo76jPD8qU$hZoG}=+%j<KNo2B3tN&Nf!Bc+@&l
zbo1GJOA4h%-AA$)Nb>3Rp~MT3+_4TH763{GcmAYN1AbONJ^5h#!cuWDL%q=^(jN_7
zMCJiaKmOw}ykN><k^jy6ew_gcmtiD^Oqq+(8tUwApBRw%^lo1H%kEyPsj~{B7i*xm
zw$~#W(WyQZ9!{3gxny7h3&kdT_^(cDsl;=4tG5r=1X|nF%<2!LJ%4ztebvTDDv5Ue
z{>c0srQiQ2s7TL?Su`YIJ~?Gy<IU+M2IUlkKp<A_F(|`Eb(Y*5Z^h;$){4!}-m2gT
zP*~Ue(SH6}92d$2Mh~Q|tsNCKeqvw@oYA3+Bg4(k``iA0`8fj7bR;fKu>pNDSBL`L
z#Awb5MUGZ@aDhM}@0<f8ja-hz<@5@J&pMx~Tr{iy+r!rJ%RYGA?(8<^OT%biR~4)2
z*u%)jUFRy-Ld_QNzgp|}z)D>8f=sYR1Mh+xHto7L9Nj_W?<8-f_-{uU<0gtpcbnrs
z2)1Iwy$mz-H}%8;h;=j7*gz&kjBPCJtN(`6wrIh6kE~y;QscWNXION+eu`Yb@`T(V
zqHxSynXSi=%vp7Zi`N!pif^Qw-T?V*-`(`hoY%?N{-ePr-(P#L(0)lV&{%QSYu_xH
z+PvNR3v<%yX0`T%xUqKuvK1~0`pJ?36YH!O-&c#(Vx3f?RkkQ)!HXrYMT9G#HGAO=
zyhFW|!*zEl=h^v1i_eH2NgJFqy|Lc`5MB@F-*S5tQOVXp;VMv*Ei5!aIjsdW&0b4)
zaDYN*b0F5`e}^+n63v}jE^Tfy-S>CXbB46`NnPWH#~BHZYkUE-N!N3FHx`(`#tT{J
z%-){#d~vs+@5eV}^LT}aYPs@{R5qk5lb0r~KcG@lHVcboWFkI+_XFGRukfUoE~QBC
z{oq8JSMnQw@OHK;x9}Gh0)2DsaTWqCtwJJnfRhzPhXa1?6LD0wQ(6JUbwpctS;>)0
z@+hVE>~E=xAP39%Kc5Sq$IGw-6H*&{nvmlzzqiLf9I|@Fs;L2z#}HNo+Q|G|kec5O
zI|3vXSHHpCD~3dn0DG{Qy4HyC8O|_Oe$~0!&t8MS<ukH&)KCMVmQOomzv!gg<S(di
zLL`4CU&BbwcM>}brmkc!x(rS>RNYN3EH^5WARqvARbiBH2)3zqfqcK))a&Jk%2wO2
z>c?Q1?;*Gm=B}1`<(kX!?#I8u-kX0t`u|SN&rfP-xSFLDdOR`sm5tsIQ*jFF;h&j{
zS=e>qYYQ-d!HgD)|1tfgz<zR-8dhILbWw49I<~#q6J$TPkRZ<RG0rsklt{D-_tAmf
z@<NRk8Y>sRJ@we9o79ZGbZrf+whb(!-SW6%WhxzOIxeZc{y6IWt?Ttr-QE^IXT>ka
zUn%%Hg^=y`Zuz?xqJq+s@O}LUnwoc9tR1}H?>&U3xL)Y3$<&HJnro?@rIv;j<9G(e
zok3b4>7+pJ_q&gN2`H2~t=+E)1%pL}SfB;k5lE7s70k@WNj*S%jfmDB@49OGOFL;*
z7{q29lwzc&>~UM#q`W1Y?{M<*6O2q)UA_{J$VuH!8Ci|zp0L@mu&^&qKx}aUsMV-J
zMNV*l__gkoe5uobb^5}kG%o#XEyU=^vTT?UnIey4R^g8x;CM8HkDM=Mgv~Bf`<?&8
zpd)8keS1)D3V;%KA4oOIw0Enuor^`!QI18~fs(?)24o0bz=XpA0L(itDnmVrI7yWQ
zvR~sxr@S9mHjme?X1RHl;9Jbp+TapfB16t03#@6m<mIO#2fd@XqN&U^Q`M5Wf|qsw
zYM@%=loBI<ye|-%?+h<Xa+;%@$M~;4BtBY?u7BL|xo!?2Uemu1BhP>HFF#GgY90q-
zTWW5@deJV?k4RU>(O!6j4ZZBgG*UC|1In*czAd&eJ|>C}c}w*w=20TlSbGCzuq_<C
zUWVN|RqS~U>h&CB^wrQ*ctv2YaoN7#Xw#0EMyPR*<59i^mC&h#^cwayBxabi6Kc(j
zfFW*RQ4vZb2+UFk7~2Nr&U(o7+;wLJ3(arc#*>@x&D?L1%H|30$2)T(tDyTvrBWC^
zKWz(WzL1<nPhg~;La}^5*nj+<re&6D|MM`$?%7ss%X;E0T&3~Kt+X-mLO$`%=ACrv
z+w<0{8=DU<P(Q>T0<oDU82(3xO>n<A9`E`(=w>oQ*Fu*YJ6Ov<<VJ+0T{J`393W0~
zWE;N5tiNTrK+VpR-xnIQkLY^p7`!!tZ1}A)S5~fsCyPm@skW+ZOlzVF5`?tPk6VCZ
z5fD{Rh8H>MJUaG;AwdA10(1FY<EM~{F;z;fznBpnv;*K{*=J;q`COSKgk_DM#Bu-l
zvp22~sowpLub<Vr^U(Ryhra3>$&Roa*$xY)X?kusejxPN8>2D4)ze=7u>P=8#=<|f
zLzSPdNUi|_Z>Mcu9-}I$bnW`o&Jkm0Kd9HgG_k8ZRAK`mAB0>J=ZH?%@j3NUrCGc&
zBu=cl=$H4)UaOB3$hUsAkpF5@Gxa4A=A->vCBWT_yFwlhydve_5|?&$?6V?rog_tV
z+PQI|dqyy~Eg^@5W^r*gS?<q$aYwT}<w?VnPdTP*6u;p)ad^?_P+mP}JlY@-WZE?Z
z5>%Q}GfV$K+q%a3gx=CTXuhS35#}v$jamt5>}S$ED#+TEAp!Ej?td*pYw2y9yp{U{
zjm5i8LoZ(uXx6R~g}Qqce3;8?KBLN?0^DMko{bs3PXU`7=;6|YHJY0KziEj%P>c+1
z9t)cX;o|2f9@8EqxRJ~TB@2vW&Z^~Sv3#=9F6%wM2{L&NJe^@7@i7cnv;3vr_CL-R
zzLUE!TUnE0DRBz-DV9`=o*g(vB7WH#w(zWLWnufNa0Z6rVzWHhJ8J2AO@BQ69+0vP
zi@nn(=r?hI)Yo<{T}zHU;1>d8jEKuGv~XF8xv11o+`mhqZ}e`PbGPV1)Y84++Gb~-
z1}-vrG8`6#_+BX?kSM^Xz59hS(@%yAou|_}sk5uC+j4Ep`(HLzorpFNo(<x5?YEx9
z(IG8n6YC<{j8}tf?7If3fALmPfLqz08?0K>>b*-w>#AB!A2M$$mxi|@Iyts05kZM$
zpq;qdJ_PceU9j$l+Bz<md_-=a^XN`lItn2xwA;;v%!Ju?wL?F5CX=<J_qZD8g<#h!
zpmZZB1?uQB6oP`hXgOUWH-yZ{&jcBJEtHwx;CdA)YHCZ|M=r@_5sk8faxsjlf~n2)
zC0L3`uF#y^J*9hjpA-^#ve%D7;@0k0*Qt?so}Emlb@RI$CLRk}G*Gn9m&i-z5Fbz~
zuYk7M1_ht`yw2io&FvYKzJV7HbiqOCKMb+&^sHX8+0#mm*V`**mu=V5oomQ5=xt<N
zzgvyw)iS>#&Uh7(Q-_f8;Anp0NNJZkTJftVjo?|!WoRze1vc&uSnrW3_p{9kR)|%)
zA7ybWR@wS`***D0eH2RORci^fh?F%dET>R<ykD~1v8mHg8ak8M)Yu_?9a*pzXZz@K
z(!kcZ&zzh=CZ(Bv)P;%gA;SRMH6ll|PQ^!&edbXvr|i#c|BZHp%<}yBjkxEL?f<-d
zMuu4kcZX(8%}tfndjI17#>)%cfK~Fk^J%2Btf_w%SUi^S<5x#a8G%e`+S9y2NO5o1
zvRrvzV2u;JhJn0z9&m)UUT)ykcr~^fy}o>-ri^mbz0q=SRY(dQhWoR>!O<j#p?~HV
z`aa~G>HcWE{x-g<Zfwgk`1fdtD539?U5}a&1nrM(&e<I*ZIO?(nv3w!N_ROmP5P)~
zl(rt!ywoCg!M^PD`KnH!iv~q%)4p-<?@dClUMO^3ehQ)~OO}+s{~XsOB=fnmq0JCn
zkz*wgkL&@_B$3Mc7C@FdAp5+SgPrS~moyCSo$;sv)PUzg!a!ibkPFd4L1Q5*RXV9l
zr4-+-nc75Ar^Qv}dbVv2_w3zEzS%;76JzHA^-&TtzBB{;t8ddM{7KG)!Zyiu6}&$7
z7w^D%`-^1#sh5mWGb+jno>V1p+jt+VW=qd1+%F?SmzzU!0Z|b^Ckse-$K&4i$C6hk
zp5R2N2@ufL(1O_K$j^s94wCC~SyrPawaj#a&zH;!yN|DJ#0_4zLflkpY;^_{tBt%!
zg)M;FfAH$WafRSRe~F#Vf}!enju^5oep-2STUsnN53NN%cj&w9HQ@{0r@~pzp;D>q
z%hExE==*1PF8=!MaW8QsT}o+|a4crHU>2hMYKq{X0=T`TT{<Y=!!!9or)F&SRDXTI
zX}BfE=$$RsK!Yhn<oKC~2JM7Um;AkcI-}kG+EQ)IQ2uwFczf2k-*Us9Zk3`$+lQXS
zVZ0Dbzx@|G`;9Y(#n`<vxI}ibq`9WJR`nx49>>fVb(4=so~r(42tVa6t2BTTd{~;W
zupAMSv~?DOby**Nrp*6aF?b5A9#cE%F(6ac+Crf{N~g_1muJ$XO?ik!WWhRbteOb5
zEsMb~>FGAi=@|a*o<is>x#gd4j@+GC_k^6AsjIX1M9yXs{ol7DQBhkR5v0ODcN#RS
z=;=oe?)<rY9WnvdV*Pu}Gpf&26H{UDY6vkS>7u5H!US(+Bmq}yAT;;aU+8QpfPw$t
z8Gq59Gkuj<bVM4|-yA6Ru&urJi7?u3&&C{M{SROC{+^BNaH>)nB#jl>{2H0E7zVX>
z@8bL24z8}+2og=&;7(+S+f+A~tOgp|sR*pKbt-qJ@dbj^7Lm2#!olI0%YDs-LCFkX
z>HtZIjULxFo3Zk8oPyQf?U(B}mCNlxW1i)d_rtE8=j}h|A29euzd{=uWvMt27hF<V
zozqbzt4#`)H9($t?mo4!$EzmB7EvNIC&ApG8*jM&U@z$v@10&U3s92XYPqPl9q4-7
zD08YIOD(kZjL7Z9p>^f#3;qkMG1<*?thyd7-82>WjN$uS{QYbKS~I-pS-WnWJ4#Cj
zJFfpkH`X%1;t_Aos}yS>OY^4jdkkL)GCJXQ5=ha!h3*k+WgqzjTt1T>jpV+L{trV(
zsO@N)oWnz_vH-+tn!=Z7jh?5NxmRi2?Y-X&z`_r4!4ioTJrZct^t6R}#~aBFZI`L{
z9YF1sb|Z2vrbD*T`jVhpZcguA_H-zDeWFMw#j#jrM~%=Gy$%*UMJS3j_D3V|JVk_j
zdPv38`4P_ph6`T=%47jarMB~NA4{gf!NF5Jnlm+<%0(;fP<_k1Ecb?#WiQRJpP~e`
z7(B2*q_Cg1^UJjV@b+!dRHtVlOHDj=dnYD6Sl_S~C2p3t#LeBzAw}eCGGc35+O-C6
z=2~;hnN(D^Ug14)YGj1TbUqB0=&HSCCb>HEE*4j06ofMsR-UfLsjrKM%ik$%mt1P^
z7OOx!3`!eINY0fOFVM=|Jr@j;hZ{W|J;i=cP{w&Eod3J?MtRsBWe72@A%Pd3IFcJ~
z=JfPb)YAcol~rMz$!%qS#mM5M=N@kY(JH4?qH3%yu{;*h2uu&hSW|wHDkalp9FPBA
zNQ*QDq@}Z|eZg4#2xNTa0X4<&Lc!LL+f?1$gvF%_s;@WXqF|;cyt#zu@jfK!MhBJa
z5d`Pm;Zc`U`zqxfgO}Fs?YSz+^EM`a%%_uH?>|PZfJ_%~twxIM*W=e=2`qO+yeRQ?
za^cX}6x6g8<FoB9`)IL8b0NJS=BCrBIZe8&tZ7-+oIhm!Fwzz8n@rMw%UZvqq%U}+
z&FQBiOkNt0Zf}_X8bH48a=fm-abr@U@=_EI#}NX+rQON&U13>!1d@KxQM{<U;1jhB
zE2AE4%b)yJFw=jvoVJUA3BMn*>COoS){n-)y?@G6U`Ema((S`(^zX5$>~@kJ1md}L
zqZXm!9A`#csc&jG<ymbYRd&LCT(44x{>4wr?yGT?wVC|r2;@=R^YP9<=Q_W-_Y~H(
z{kTqaFs$JE>np-s#Y}7Amw>DignW?jp4?{23|QaU2?N%qc#2F8H2-cNy<buxY9b}W
zY}0ASlWtKoFCqw&m(B-CV~>QTzkK|^tocBdCpKytTiZn{E{$qzIfmQ1oiR(DE?#<=
ztG&*RB$hlR9Bv{C47pUTDO2nZ-q-kdK9olEZJyq%4d%84g_b?mmU5}`ucMJgO*xsQ
z`3sVvGsmvvF(GX%4FYvi-K=j<cHW*)L3>0*HdN!>N4=bgL&}|s0_*Ar1SJ40?zJ*9
zm2Y{WXaD6VHM{=)+HIqZtUD$?e!=x&fFv9wqUMKDgG1=nDoWmmE0$Fn0WCLUA;HVO
z%OTMRF-ZtYwIpaBGmI@u?fhsTsGB?m33fVx+Q+kcmD8;fO0YJdMA{7e%}_;kV`hqG
zaQK~9g_hr&6ix3Lt#S+2cc<`3VcQE_t~u~b6o}+Ok#;5?dNK8SA#soLMe{V$AEr27
zFwwE|M;G0ojhWORUm@9~P!6~fA;^4Fk^ZOrP5;bPT3cqoNCUTB_?}ew-7KLDwJTYb
z(pHMxGtQh6J(Z(4i|km&48Eo%*Z%0X(S5Ul(kfI9&RLv^OzchZ-Ng1(i#%B@-mB$m
zsTM?~3VP@2tnj*wn#X{ZGz8y4w>b;({-WPvKfZGx;Msh;LCJsT^v@O^kp(fvyozi3
z7{U}l9iqfgBYbm4S~W_{_~WrI99A2SAD`01%?DrlE!I}aeBgUu`!z(Hg+eHzdtoEa
zmoLIDWPA@Vkbj|xJ?P`lu?PYbtG~(alHYh0R1t$+ZTM>AQO+N$4-RbCmqE|<<9zns
z%veKRotj!QRUn;K&W7DMqzTOgWo}5(C}>SDf0`TEWa8)L)mT{Vf&ot*v8pp7j*NfA
z`*Lb_$l|OVSikgSC83QpFO}@CvS*<d5(EkAeRe`%aei&Y6!yduDh^_G{8A#Pz9tLg
zs1Qa^Q@jsjYN$D0t4>Woue;gbQp@xAVZx%A`7l3WVWDg9n7!X_>|8J6D7))|mtk|+
z%QXssWn8<4=3ph@vqA2hG8M5vQveBfGj~v3E^rervT$x~f8K1Z#bcc=+4?2N6R2OR
zQ-(GvEuPk<A?qa)3WWSANzvU<$F~fHzekE3Zry+Xc&{jK^3k^s&I#ShyBx)OXhM6#
zZU^eG5hNcTouWa2K+&dLM_Or1Es%Z+mzBWExi@7)ntcQ#uwZk)|BuEPUi6$0ZP}|<
zJW7YBDX*Sheo}7!6aL}Bd)mzVsN%gW?|bOR)Xve@C0p%?`YIG&yGa_`D+x9Ls>ig5
zhyGQX;WPqeb$`6@vZ6|0yBs8<oq&m&8y7uF7s>2{rwG+g<3kEwz}IZyYo_ec$^Tru
zJ|MYoC5^PyBhcKXSIyeZZV)nZvELgPQ@Zq8S^6nM&a-PmoZl{9o9ve~bg(=~QyyB@
zi+w$+<rkZ>y7j1hYaTn}s2}crz$?R)K4br+GgTcwm!RAJ<8EC=Ux5imO1<w;wn_k@
zVW}W+sVUcnB-&_eK;p>4xNF}?0STMY5X7^WtCdCr^3hFZSp&7D2YsJGMl!iJiTwxz
zWjbQ)G%h3WJR7$V&YXzW4mK}Lpuwj6qrD7>-&9RXLbA`%u3k4U^xUubK*rH?F@8}>
zy(X`%DKtEtm6-cG4swwDIz9Li?VYgzPDCC1m%FyuWx6(x4&XbLQQw;;Q$(YQok6{5
zQ{HS0P#SwYOO5bj8|FnPx?Fdxz0>PiS)iMsa8&Y(FD!c6Nl)|D#DT<M<0}Uv6r$uk
z9(6IP;UD?;=J%+3`kt+=TWhv%m^P8O*xr^J>Gf6ZXZ?RHG99ielEe3vS3cryjH#)+
zn{%J0rac|n^d@$|Pg4juCo|Hla0o2tq`0X4TzCC;ztB$c54wN#dHf4pC2vr-`v*-a
zn>`sD{1{Mxmf;zLqnjaAHaZYzB@;X1V8i)3iJ}N;@g|bb9}k=Q9jM=GwoX%~%zCWA
zpk82U`hoIZXt;4?-HnlM^a3Mnz4D6#DI_GBrMx!Cym<J2ob<hx+A>%3jjVT19zHq|
zspNE?3|Q&MTv`7a2vbPu`O%!lS&PL+71Wj8uu^SC;)SIRYGpJ3!?5ibn{~1N32wuG
zTeoAkA~)1Bj5wT`nKbpu;<uYT{%efcW1kOq6Wr#e*N)cz>@CPujf7gJIkg0?7+VuZ
z9(-~BD04b+uGz=&R!B88Nf<rcT-jMLU?eK(8$;<8ZMnr{Ji_%mVSzB!H3+`sG>%!F
z82W9$n!L%5)XVDlHMYkutUbM{I3g`IEf#6Dia&^#t{wxPMok~vu_50((b*qf6^~nt
z6<AF-eJC4d4Vp6+ONAbu<0H2C%^0vxuWk)lN!`P){!ii5R8DY7)1b9z^vWpgv#Zz_
zRU~f$>B{A}iPeDd5sb+0MGrqy!0x-`%5B|(qu=}k##O0lYVn_4NHR9hq3_`yi5ph+
z?IZjkb1EKTM%Y9a-fhkp!<z-Od<0cfw`9XqJ4R>Yc+1n|%Dq#LEsdujpx+>wb#rOW
zFHKsRX<(s~0m+jnu~`+``Ni75_{9)L7t4o^rn$q=T*i$)wd*yK9|aT3&0r?~20V69
z@Piouk+ar#Lu|lU!i&+X>4DHd$?o-x*^?_grElcQ<)@5&@#HP)#iWHfnX9%Zq6IQc
z3cEej(9*+x80gx$>rFCs5nfAmf6`WfZp>a%<by&MY3=Gv1_~jK1){{hgK%z7exDhl
zj-2P=u8o}Qi1Wpc9|2(d*R_EymWt#4d@f_W!J>GVqKmI<=VA+<_4h)Z)}3?P$kwef
z{e9g@njfhWE@RdXlU4A^17^CfmeC|xrjZPM6Q}**cAjG6ycurqb^hjaE$N>9IjaK2
z&Mmb==`Ar&spSLWq^(+sXk$AYhgCKW8Af-_+QnVh=%!~+r7le&Dtd8f9HGg%@rxOf
z`fLE7lf0f0kLoqPKe0kNX&>>bDK%jF$sKg4b}7s(XXL1sCpE3c*m}o`)7a1OVla7p
z1GE081;?x6FJxvoT7%1Wy|E1}Q0b-Idm)KObu#h90>?(*@~2~O4{6;h{O_rEo&Lw9
z8zDuUFpR!*A^a&0fbHLEqYAmu9#{61{=GjHd}{NvP^j+TiXtKKmf#vmzVHa)W@fS~
z3<e4Q@Td>M$?{SB(snDp>vpjV%*KrVI=e+=zj509uHj+G>s~WEQ@~x?2tGk_HbVRz
z`YE{kaM$Rsv{ApS2Hw*8A-+@LxoqsLwLVU81%od6wcM>kvm%FZ*k}*E5Ijh$YW28y
zGm1#9ZA3|9SLm+j?;|=Z3gIvdGAQovn=rH9tF{9o6U&5*cBi?^=a*1QxUrRboS&qU
zhzwU}MurNzJ$Bu*zyLoJ0>m)WM{Qamofk$`5ApUee<L7e#nOutzuTB(<iHCuD}ECG
z#f%UJG>~DfpB=h)JeTQ$f)q@Paef0o&#gDcJGR)(DT#c1_eQnGlvCqB3@<DAt6%vA
z{RobwJYB3C@|!K$crl~(NKJcPfrxs~6o0ZklRv&8Qf0*d`)78I8+MYrr3#cj_#ToP
zdNp7yEQI~#$V*q8!haYH)|U6*{Q!u>D!yZLXKi#xRkp}<2&)+CKFe6|53j@$`<XGF
z8HNdJxa40>^JMt~x%SLNb4p(Z$;v~D+r}~2a%6KruFrr_%8{=~^;a~K5(-2w!=bZ#
z#@|aAhH3<!)9e=77bfDRMRfCD#oO#W{+wb@ds$zppRNmR9KaBWbMoy8vmot8(=AQk
zwukG6b5^4YYW=qY4h6ox*K*WxWHJtp@=Y4{I=Zo(Q+5Oo=c>-Y#;TEU3?mOr-4#9>
z`bci<NbM=9DjvV!S!(?Ayhuc7G>(XQ;@C~w3TBcp!)C)2WyD^1X74^=09QVk{G&8_
zt$FJ2(-3pen(8RK<rUVJcTPHkqA(rlk33Qd(xW00r)blP=A30MYumG;TW8~@(w<ca
zlFtR6goi%-wLx~z=(-Tu{=}HoEyWX#ls;{QkbFs!vjL7V`l8Z1dPkUQQ}~{_@9!6d
ztZT|+v|PXFPvz;kf{j^Dpe<E_5t&NRE%~?ea|4}egJIW<P#)&4q$f{fQHEi*62q&l
zZ}51-m|BA`=p!uQIc^|rR-;!8hJJ$JwRoF*!8EPxR>d{D##U#%t@G6i6m2J1FYDP4
zOq2ckO-_Z<vHB6!Li}}P>qIxI^35u$YQ4*^pr{9!#15+I1-J_&k0#Vxvhax<kedtf
zj|j)n!7yxUZPToi)o0%eS>s31G(Jz%rnIYMkV1rd$$G6(lpVz^U4>Ei&XLr%;9+2b
zfmnisW@!#(IYMW}c}CpO9V6}^c0FOh0vi5fkN8-3CO5h$170Nw3FuTxf2dekUb4s$
zDZFR;lJ?2UmlfI_s7TmjF>R}T1s4$wB5-aH)_FN<5pL=IaQbSMr{93rgxWNRjidf|
zzx_{k!p2eV3P}teGcu>|H+e(H8&Uhmv!vJM8e)L#hMAzfN%p{=hRBnPgNCS=J1+}g
znn+L?%T%#QCwF#DL9nsqv6@9L{)14n1Yj~vRDLE0Ife-26BQ1Re*wA)G<zHcSjSs`
zCi0nANjYl*4ZK}zLUM5or!Nz`_jsST36%HCt!M9)ZE*73M+S_2wN)EPNvMva5VC3c
z^!C!_BZ)os1_Qg&v_0efKajBAKhyoQT$a{p1|FL*b8lth9}Z2myyENlMw5cZGZK6M
z|Lp9qp1+#=A>mmKtMy9yJaRj2?z^BQPPi!2+NiM9z@QT0iC16;ki1>?UnXC$%`BOE
zE}#-@#owg;D`>s_HgEt}l6I|NLY%`vWhVg}zotQH$FQb(1hKy?xa|RQ6^wLF(G9gz
zZB9R*HHgsxqD@jNKcWBT!YihM(C5KgqJWT>9~r1sXD~OSmbp=wnzGl_&GEjbSRodG
z`J;3udHhPdr(*lo7b6HPaObMQ4&6x!=>TsZvDHaj@%i2a5Sb8%`0<$)rivU+LhWh|
zy2XphDKR6>aFg5K#Pb+N{6*=yZ7Fgp0Dth;Bc!RLSLt_`E5pZU*<NXnMyutQd<U8y
z!{$5_mVrj+`PYek!W#Mvmt}8FNUKxt?S+P3Bgyo4#4@*do%Ui{nH;QN4SUz)L&S%}
zT;x4uADsVn{MMzgYgDI>>HrnK5Y`p-6x*`Pc8)_>*B`iYxa;5s4N+&kyzm#e)d>1>
zsUo{W=Yn?Oqz0IRIeU+<T@C5!;d(vOjf1PI|BkN5XRa|#n2V1J3quETL1*?ya%Wcc
zPj}JajLApmXX=(E@i{FlUogcu?uHD95W{w(X1p7IaUw;?nrFP$B247V!9N!j2TJd&
ztM({0n-4vxN}Bx6EwWT=Q6N%3DuRL(^V=rB=2?c43!9{mZ-gdPrr%D<rl(3%oF&)C
zdZHi6WlCuyHb5{Ng)ffF<Z*gL833QU)|updA?yNa<wHSz(&c8$+vb57X1D^TYV}@C
zo09Y7=j39u(a}5Jsu?jU=GWN|$0ALP>|z>u&Ak=((IIIZjT3k?i<CKn-ag>Y*SmM#
za;+YQnF!=3;FXdApGXnU>ZEpjQsU}?Wv?*<RRR!_zBbKW9<Pu00DoV<ZsTrsqf-B8
z!p(tlY01E^Wew8GsC1?fmdrBWlu?8Iz}j!_tH^wi@xs%4pVTLU0>>I^cf3|>*e)^h
zr%1v#MHKrb3`#w0lX`(LeJb^@lVEyvgJu*s`pMe9zx7+1vo2Fm;y`gW;K#OMKt|kg
za3JA*k-crBPU%BBH4|BhFStAY$-E-)g>hN6K#w>Qts4n0m$ITcwb$+{^0#F$p&u5W
zW^u2x|1w^{75j1W*d(f$;76T!tTYxT1tF;updz~^@iwwlpvZUefA1w%K_X3o2Cy+a
zNP9pK^iRT)BFmwMqJh1P#RlSi<l?NAVUL+})4c^hRjva6*iv$@XSz-To<?q+E*xN9
zHMgFwG*-enr*9X49=$Ju|9smkQaA-PdRN>Vl`CUlJA+;k9sy~_(KqNc7}L)iH|e))
z(QmJaMp9~fmo=%-0<z?KW4~nJ<lMY&SK-!c0C8<#wciKs7n55t6KtQwlhx*<a5mN^
z@Mh+XDaicB{PUP;IxcMcf8xUQf%-D){km?qgA`+RpHaVC6&y+V27|cf#GaKBMM`U(
zbSk#Op)<A<iIU5@oku@Ax25vUf0k83qOuf^Gy+Xr!x`Q0_JM*}{pc~ZZ%i_b@=t~f
z@l;AL5G;I`*NtT(*v;rpbq_ApfNB<K>@1p|uk#4m3M)|%6upa&9?)A|yjG+;wtwaz
zeCKh-cJcKkYryk$z-3WgcJNmbhs6oPU+?mGG@4VmzIcqhg@;4xmJ7wb#_;!t8C-%t
z6xF8zx~?mIcp(!Dn<?ZXNq*jC`Oe9tJ!etWCs-x<tTl=w2gZ><M{^e`_vjWNjjmZ<
z3D)D;QFjV4^ld80q*J^^aDZHGXCt*9YNPdS@wJ+q?tgq4L$ZQi(h`*VG$l|WT&*WR
zUUpTy(Y%szpzOO4IFT7@*f?$RjAAww&=lAio=2y>iPZ```cz~0k^58io|w~<)jmRo
zMD%Ff?i)ZYW}8UJxM2WGS#1y@xC<GtA|FWK1<h*GT5U{8vL>rdna|ZzUSO?!uN}uu
zOb4>6?i(wy%m%)$?4~Se6TbG{J@L#3H)xM-adeng1Q2g)kG8lNd06dB85A=aK`?fY
z*1#qg_d)X_1*RN$6rI+PZp(04H`~0EYr@$P<o?$3X)QPJ0?jn9ImT8vUuW)SzrWb<
z1``Sifi2_bX!&=W7zXUOImwt`a26W!{FSH+GX2p4@G-d#L_BE1Q!N^}F|o&|iPAuW
z#+exEU(9dP4A{`4w0vjFoTTeLGZHW?^zqe#lBPv{k6n~#iF>pe&nuTE9&b+6GzX7e
z6TNrI_$M=dlPz=AZ~f_#3fSL)^46%X(m*dn043Ny%Mml+CZv;~y6=X7Pj`}X)(<Qj
zB7D#ZcVk*t(;GfE1WmULLEJMro9Z#$d40;Y0`j`pMf{9|%%ui)QA8ol9Tr1XxC@Bt
zLEGQyse;8F?JZn-tsALmj+ZNkE<JEZ{h3<TSN?Mg^#R-5-Z+*bEXoc5u&OgK1}7f9
zqInj}g<UM|73J=?;w(czT4QT&rGj`TVhy3mXA&sbtYX%(VI>L@b%zRd9(p(<3-=2#
zOE1I`G&_Z}OdglBwYaxvQ0IVrMs{Y{DoK~l6XoZG9N;_@;#kBm_%r(j?E@rIHApnr
z1!#F#((K1~pvdm3b{VZ8q{Dv4@jAr|2{ka+w~;s!*`b5P>WF&H6qnx%y6IN-GdhJ`
ztYe6wmYywlo5V)ql6NC4y#um1i!c^+(-Reh7?`q`iZ~WB<U=O5l~Z3o*^p`s3OrCA
zl`*J`pv67EVuNNqWOcc%BN6gN-V-e^X!jSn6QT1tH7JgT1z#^3yOxP)!nAE1Z9Cdd
zEb$QK+RA8Af<4weYOg;_WIe>GeH!wgdY|-^_R?iSpzxrzM*c@Sb{tflk$%p6@YK3L
zXUWuxb|=u3ljW;deVLBvfE&!D#LlqiXtusF@e!g%FFe`S${?tnwV*FE(dJ#})lshc
zZi~q@{*2ci=ElXZqZIS$`ji;TCwGRsVyFg%lMkrN3M6Ucmg-c;%PXQ9^NWd%_<cwf
zBBjtov0V&5ua3q3E=N))io|?uikGQr+n(hsw$JfqUftL)GoBM02@v#hQ!;^_Jp)S&
z^Na#q`pvA%SdU&XP1Shw$aW}GC2bj^G+UJMi06zkKfKUb5hj&*cevJ!W4$Cn^1o4j
z){<@JKL!R>97#I0ee6k=<N9qlj1+TQ!o?O)j<M?88z<4?a1O9Y9?Yy!Q{<__TR@kO
zo0n)^tfZOG+Gh*EVMFbbt?6Uye(ayf<xb%sdE$+IuhtE^JCeTGvG75B?6xq$Lo9cZ
z4S8?wu}$j^ke9zdy1Z2Uu?jZ{x~q$dp*EA*Q)Ga4`oBeD;ftvvRGClUiNIa>{OFI2
zw{7vtQ-_fQ(3i`td{=43syp){Ju#b1_>+pHfPh(R(A;PXd-^_t{&r{Fl+UN}ey-dE
zu5l}!*f(>qtnUz8Q}HaQQ|VEtyY1D}61`cTS$g06%x%YU+2WV1)J(=4x>9r%r+Dq>
zSD4AF_^t4(f#ir&D?&;833GV&d$gvOYlb;uWuPa!xS;~E?8$GyY$4$z2=}6iyglti
z8<0}$1~ef^C=z<}8+S-(?yCo5&v*@F1<~&t2W$FcQj12jvSVg`0|${gq)<pD-d&U~
zaDyOI0oHeea3cuVshU2Z&AX=;B)S-w`H%n)9cMPP`22Qud78cOuPKsvWOkj{Z;(!(
zvgbIT)Nh(?Wma}r5)8##=Yc~`Jik2V)+K1|U<YhW-vK^fI%^*^)x>*)fnn&mPnYI>
zqQcMcrcm|%MLo@waLqqI9lqEbon{_{Y9>jy`0p+C&@SXLFdyZj4pmd4##}8-S8D#*
zP%%iHs~43O6+<EJ;mION{ksx${o19A)0KvvJ2E+RqPik@Bd6*01}*0`krc?<{#uIo
z2Rg9I3PB4k?inT^q+(27zKqHkqYiA#(_cqdrOR`KNh-{sMa}_H0#A@2psJ)?&^7?}
z!U0W$w3s`~M6n>nPyLA+$a!js<FOOMjDv7^V;>k;JiA!1OpApZ0Jfgb_+sOe(oJGm
z75~GaufVxa%01EW&Aq|v^*7mFd=0F%7y6BTM&(%O^M4o=H??XT!8ub2lWN7ytujDS
zJL{Z~ME+)Wl2R7_v(dxmY582GVB=*k;%e=@h+cb7!T(Q+kU{wcV`(U1LEccKN!@cs
z=*pDMuJ<L@B8)>B5x-2?e`(NOJjcHD^W^6S6;2rU1+*VQ6V3zLNDlET34H;JP``Fn
z!PXU+ty1z(m~Pzg3`vI6>w+S9LNnTxiVu_B<^8+nSqEfmW~gA<Seb^$TW#Xs4I?I)
z7scTEu+(w08{hL_UtQSMS~yrck6$vZ@V7_U$D-L@F0~voq5}!E$4iZ*e>Q5`q{#Qv
zD>9Ik$NBd+j5<ppQ0Q}FSgA<<T#qF*Io5QBK(mA0*0wWHp2@UfCoaRZV+bjK_CUh2
z>6CD~CQvpLvmwP};|0fHZo|y*b7QE;DY`m0iH<<S?EDo54_vR7myK3*w?eajSPrWA
z{H)TF`LM27>z;Q%?l-l4MgX7hCl#ll80izBXkeBAk^PXv_n~-@yc!f$s={i>s*%9q
zRb&}Msm%Td;u?|~aJ8}nTdHqnu}2*d=wUUg$74|W27$f|E8#NZ{YDzY)T+KF*dg<m
zUs<%jhN>;MEUAI5^V!R5i~90qvX-8lGNO}4h02XIWQvJ`=#|Q#XH_MUFIE499n*@Z
zZQ-@8nf^&eg%K_(n;V)NLU6ApK3BRrSxDGGkjX@p*TS{<f9AyMjXS3oQeFrT{LORv
zq<(Z?$ab=~JZIACUbnTt(Ft!zWBq?cfjHu_>#ANe8`tQ$mS`(Yo*4TSa9h#)M}OdP
zpX#xPT}!J&pt)E_zX(^;DN~LvumPx5Yb#Uq*Wk>B*WYk`L+=f*V48LZ%62`o(o(m(
z$hyo~&f6}iqqQ61Re33zI=0$t+^3)%0bi~9npaTX?Y3Fds{CQ5wMh8BW8DCJ{XUK9
zs);C|6!Bk25>n0r%6aZ$qVP9hgpj?4T$_(Bcd4t><G5eFBGs=VF8sg`78FlN6#MMW
zPtBbDG55qvnbt2!L35vO!#{5cKYiy{u>(1kIv48@ln>4fwzfFPC=&42=@n!BE93cH
zlzzmBw<zaq(b*O$i>l;*zul7V&IaR_gPYRNx7Bd>*G0N;mrE1*Qd5?@G2ZGO_X$yV
z2gXTcSyBasdbIH#!B^UWiNk6~tH{~t{i6|}82<+f@RDxKJ;&n(|5t7>XmFfs;^aE2
z(lqaF8OhbvG1e9u%go0da&lb;)XUm9b9Jl%Kw=k(p;FJIix`yaY~_bEyT5O!1Mpz#
zV!!aeu>+NT(_~2R$fEUpeet*BXQnVM)5O{pMFV<HPvC-qgDy1a`Jh!;iE23f<#$jW
z_0)0#{iIC=upleUgVOK>?GDy&mXy0jvXuz|Rt=R=rD6$xe+52eSj-X#*&!~g26AeS
z^5@CbA1%q1m~{2Q`I=Xl&4ejcV)pJJqi(a=m0Q{7Ud03#d~=3jd|sQp6NwQ}z*Rr3
z>$K_lB-ItQe1$7jhC}SJK4B~n12z$x4QC~>li1%<uoQQOi?MCy=!KFG<s@UrSBp1^
z7<5h9TwjZ?km_34`^3|4E$p=hcT88TmH$$t$JdMdSMLCMuV*_`U3c}2t-*X<UO!Ky
zI+h-K=DXbRkd*9QO8gF9$PQsnth(y5lQEZQ1Y~r7wEgYE%eFK<|As99Q`i2J<;VW@
z;>c&=r4N8rMlJ_$SB@k86)#E!G<$r5LQ_noD7F}8kC=IKAn4S{qPtvt@ps{~6ss@z
z&NnupbMrdh0E}(2alN|`SpJZ`eJ(!Sg2AuJsi)fQ*F6W;UQoC-<hMMkV`}B-pF=Op
zuvk+-ivPInq=HD32)?iyC-Ijq^=>U>U~tSX!fb{Fg@zHkpyogAFIPqe;W5uV(md?O
zT6^U(GX)5Wi*xjy&g)#piF|lbl^Dd?pW#*nwy%vgz;3jl_Zm4!Y3<wg;w||1iO*0Z
z@64~`f)p$+?H_chQS<Rnq_Ovt*yOiIWj%hg>Kh|J*z5Eaj(A@P<%?vQ-|-s=PO%Fg
zwYNJIEM`-W&=7{d#*FXnZVP@$il}1X*C{*2l$hHM%DspK*ujk;J#J3s-FeY1Tm!v3
z;RC<-k)q6oLEo#7w7HfN@J+%7&6PA6D{uG4oMjtt@mQ->cAr{S!${ocT>B)#Mq4Nv
z{(7u&1&&}-;F@;i;6RdV*C_ICX0eDnR{v9XzMSa}f3BzA=i^_yQrCZQ%IuYbv1TJ}
z1`v*Uk#F0##2z)YzQ(&0rhbM*wMN|$XyN(6psc$U61VB4L7o_pr|h+0*EQ-`CYr1c
zJ1IV8&m&gfJQ`6hY>!Tm4vyUOLZXT}KMEcX9&}h1YuOE!Ysj5(um9opvLAcS(*sPk
z3>uZ;TFYx=hP(XZ@Jw-TmrXpbzsOz(#`W)vRF}j}qC%D=<FV(YirHLM*?E5Dm}=2)
zpN;{qw<lix{a#04!Fv}|>ZB#>!(_)i|GbwBn9JA9e>y~)ZL<CTah^}oYE6TSf~Ac#
zEexN${he{6z8R&zw_qEK<!Lg=$x{5I!oFAmdjE1J>|4VZpm&BN`T42+cNyL+kcj`c
zdQwThlhh}Mj-Lp{g$aSsZuHK#8oZiJqn&bphz3$*-AVDyz{f_#-hp`HtT*EMU!4pP
zi>8ZWw9B4Ez^-tYU1Z+zumaN=tmk`bJJbuRXs2W^WOz*Tnkrdo^cJD*!AW~UvIqQ-
zl_@e~a6G~>#DeXQQ3&hC$*<OOk4k|tUY<m+3_5CqLKIT^cL5CD2SQ~UL2p;n9$V$k
zFDmO02qPm1&Agcv{WceWHs^tN8)oG4{ARDpJz;pCXM&`|ZM}DnB#^(lS-GSU>$spT
z6oRj6jmC)UE+Y=UBB=unX<v>1YP&HwXBPtRG`n66T>{kf`o;j5J`zVCyjouAi}5YY
zi&A0FH(LS4!V(*52^B+5)|WY0qWw#rH8M%|GiQ3_PYbjYdb(wtCYIj)vhkK|pYFW}
ze8X)=Jgp%V;ZHytvk&E3cD(!r$M0T@bajKeCJ%Jkk85aTCx5LoNt~D;3jJq=v&@IL
z8R%x-2~90%KQ@kdZgKozh_;?2#TCSJ9O4yPe=M9`cHQb*Y<}}^!Q)i(r!jJb)A^Ln
zz6%8dCVXW+Wv}F)=i%PA{e(<75x6FsY@|Ke5{TN3{Iy|a4S{3*kWtr8DlI!1@+6jS
zwxF^T@f1w*NKH7(@Z0%<U!S4ovR4&Fsd8J8Fta4yfF3(<9c-Qf)=pFr*_3cqgJ9Pr
z9StP&x)7Sm-z^Mg25A~D=sx>1*SWqDm$=igNHo$*eO4;@`T*?J%{9u;WK>%8$mlIC
zZ|d8{6geYlsQ9bR2u`vpDoe)<B_*oL_xM@gTlp=6Yi8f_HSo4@W}(#)(fYPFcjzhs
z&(c?8UeuI(1B`m--mmYws-5Tbm9Jv7&CniHP=kDPk5yv_UJP=6mk5_ah=tqF3fm6F
zY`?uQXnXzojnPdbSIXPPJ>Prmv-%t!mKfXZd-Ct%C_e(bGw{SyY0l2?o@fJ(rafuO
zlQT(CgRPH+Or`+9(|}9J7b-7)Yv4-%TN1wKjD<Ru)UIv@g-1O-Cf2R!#cRh5e^cFT
z9QQA?aa>F!6t5(ZygCEzLNIW)G#n}3+Z?;foK5<1rfdw|uCgq*AcY6cTKdqfw!B~!
zgsrFnkpo*yp>{|Po?r|#@QJfXWlwDRpX&4f{#@u0$dNyjub|4;z8cH~CkPvrZ3`{S
z%zj2FU_Z>yM$@FeD$+<mLSa?|pGQE<Xlnv9=)son|Mrak^WxS*#q8LqM-^5JgXXyA
z=VGtz=;r`82-2y!5uIUB(vPR}i^!s@1sXBfZVH3S70J$qYrGSldp-O<rkY?RsYuHw
zLBp2x=E1gWa8-hOF|c+gliW<h7xrrA2}<)_f|>5t_ms5st3mrImF}pX{7(|*_QqS$
zJkdoqj{z#uM_5Yi7j(3<JluF07NM<<CFoc(+*-((9h(bE9AB}pg=9S{$26N6gVzH{
z$zQ+lPdjjGN*S-T(jgIP%A>uRc+beXHFsu7-j*OMD^9;>@4k0BnrI2GjMowrXVJoD
z6J)^u>P#pxfeb$_hDS$a!cw`nbuF{HhSI&#PS&r%%!;}Hj*5tU+`G#^THdN4d%Zi)
z9nw}oXVjTsf5VC?el;zA`D4~k<bd5%ZxGxcXs^t7%H!d_NBiKZn9`O%Y|g>XYF3Lh
zcOI~5c-g^3%}r};o6L^LRRTPE<yHBhd{iSmP@PGp$E=xy)xbn(w&BwizHd`UE-_N<
zV`qk1_nQlP>Zo`-(si2F&p)r#ZlR*LzgB58(R_2vrWI#gn8gUGq6Ff)6tv)b%S7V_
zmT!ykSpL(J@u)|P(PK4e`f}5xriv1et!R%q7T+tj#>EFx7WXp?0tq}|P#NC1SNU#X
zz~RFB`1~c$VDV^D{VpWL*tF($Gz~~zk!TW2{@ytA#5%v-iv-v=KF(UA>wC!`dt2@t
z`gRwpbNoQB***A}_GGkC!7aSmkLyV$@EP71{{pKI{SQOeUH;>uP;O`33Mud?FxjQX
z{jU4-xx{KdKXte9y(cb4Rq~@YJwTaa5(f=JpZmsMX^J;?sME^SKZ<qNrvQ?QPXg@{
zl%jC3_7pE2$(D9AL3kV$%BFq8&!VAMC$k>@kW<rrj;1&B>EijXZuvHIu$PoGJ2}22
z*ed7BloQ^R<m_$Qprc}_{T*@HBc7{Ja1CJYVH<nM;oOKi;aUE0#o7b3?dojmkJY&_
zASu}P`q2_DJ@>)6!S0Yz>vF4McSyUpn3{)4pRXcyqDriu3{{h7@Y|_6a*KaD00~2=
zSF2`|Tn@3z6Db)_7rYzN!K8;Ag6~G}$$x!jgYT`?^xh!@NX)6~0+85gczyXyo~~x=
z;YpfA$hxUj-@UdET(`=zdV~(9LMS`Z%+meNbXHZ5YtrREteWO}T6`3bnQR-h03}7J
z6_K}Ul>!^CJ^}!eS;FjmvpQra1jNF4K2R{L<$Wh+I~#X<l6~p1-6Db=_zvpZEV}8N
z$WGWD&N-Kivm(_uzt+SDF*9xFIcuDw84#W9xohP?`M7{Cg2e%!j<LRl4eC2+M!&U~
zzgM(X&+#Q2V`{X=TnTj}$~dKRc|99-lcTg{h#K!*XxRfPm;X{N;jwG~9bDK6-c&>t
zDH=$O*6hqUW<owIs9F5lO5++Ny$~P5X;v9Nmt3&8xuj<P_=~*?w%a1$Znn!<$;5XK
zWk7i>&(hmZS9sCU8kG&aE!fTM9g>(p5IP0PGFwRk%{QYOKeH0p&MuhVFdhElUOub9
zw<&+fG5}o8H;#HcO=X#Uv;(ea;vDh-oo8k-PZ57>P$lZ?YX;m=a{UpK&g4l$!dday
zw6StDWx`15BjhDZQ{8_U{=-lJelfHad1f13sLpjD|NG1@qo~?lNZc^=`76)H4gEm7
zEP9yG4Egq|#<z>WZ51Bv`s(kEvxpi@)*CwK%GSVV@N#&)jUTpu_m@i=|LktY)#wTa
zm2&It3b{XCt<6a<T|(6DA`K%hSN`UWGn}Fol_8_Jf<*)wJNU?Gu=${%NUBeJhejuc
z+ON02JceuuDjOE#xg0gxBFp}1;o}=GF_sYNUhz9dp0yA2U?wxAb)bNuAt%tb?}dR7
z)v6i|`@jLdq*8WoA5htvA20gWe$^5WJF$p2Q|qI0Z<7EzCek#ZP-JY$K-dLUz<Da{
zp=Mm^bC4_EQHyWLCVidlYH&(~AJ#bzW}QzUW&CbnX5}0AY|Qv=tzbS*25FocV+@!f
zR{_PrfawH|zPfsp^~g2$G+5k816n8Dvj^a{FM~z#`A!Em_aVncvM_9-1pHqM%8Q$d
zL*QY}(cj}T*Ru0Rg{|POCOjQ%4KLdmMXVJ^MLz2%CKklma^cZxE&HKr0Ja_mz(OYa
z+GCfkt<_z5N-dQ*(<q9l+kpwY-sWS*bT8G9(PvGj)%`fId<J!B0Kv|V9AmL_{CW^>
z;dGpyV{Dy-9x+XYz?ka9^F7{i&Dh$ZcoCJSC<qxSLZCyLNYwxaf2oO4;bI*Hms{Sh
zVkz8JHRP5UtnH_YJoR%$gwEQNBA8jSu^!@iGVOhiD9;b@BWlgO=vZGd=KV;;?eFn(
zPhOqLm10Z!mgnB=>4^)Kj3LMzx2uy6oPEOk%c@V??FSi@hYWo+r|!$g8<+d`+dMnJ
z`Z(~O<%D7Dzjo&~SEFa1=-`%@_U64HwN}f;<7>w$N8|>h1ZTY&@r!K~>)xBnE;;J6
ztF>n4Zg28o=610X!sZoqf-bcjP*d(7#gyny24z|s|HQ;$j;!0wgI-`&W+})~bvKk4
z4D88vk>BRn49nvXPQfh=DXFg2vP`&5QAgQdIiC=%|3&8jubF_E*F*iyQz-8vCSKWx
zaxG_^;2uZ!Jo92EG~E<!(u5FSi9H{0DNJg9d4<tMdBUgERwg$-!-v%QMBr_(GNF4*
zZr#_#1_4iE$c(xT-p)Hdb-g^QAj%kN9wU;09r94DK@-E0EH>utdce>3CV|~(htl2@
zvsf_uZLa??q*f|A>OuT4WPOY1UKV^dd~hfAz;LMU!4)O_FoFJqRoCvhV!PT`Wvx-F
zqM5(B%F07YKv6!QuEcTAKz;2XQ(2V5Y)+qy_&cmlTFC9ojK`Mq<IyX_EB>0|F7m(2
zODU$8mI6k_T*BC`drHUfBV-JdBn)Aj`H*yLgRa{&s+r}y|M^!rOpT;q9{-(jHMqCo
zfJW9coHS>I#8jIPt*b9v)HdWXyCpZ2G_#+GeGakDd^9vn%{5yMZXukow4Swy1526E
zCqK#1nDy2%x61NhE2^LTyRTVz>7)U@_Lpp)wZr8Ck0ugq<5QObUQmEv9AlxiP7)y9
zdb{b?X+jxY^z-X20TPwM*0fw8tR?s84f$ln+d#=wIwfsp=`gfcW_(WP+cGCCakH?W
zXQb6o%zXZ)fX*rm(@mK5=6wXk%S}DFh^yZRP}w2~XhW>HaFlB?VEafX7$a1<TAp^<
z3n7?xE4?tqj9X;umL_W{{QqI^y~CQ?)_zg!6_l!UA)z-3O}cbKm0kiOkN^Qf2}O~n
zqV$$fLzP}ak=|h`y$hi?6#__?F4Y^?+Iz{~XYF(EIrrPo^F8P6{J|44=NNO$cl_Qu
z#&}=NE;q6$<;rRJjAe|zdqJC>?R-m2A~HaMS<V)gXZMuKkD3eKO3I?lhR&oxdy*0I
zvjM<s11~OwZmVeukJ@+$6*1*tD8=r<J@4*2H5RxR>QgBQ)u_A}mx|sci&oT8Typ44
zLeG}*DjF;1&6ieaUd`#)RJ$TNdA)n{=!kQY&ent)4Jc!eJ_M9*5wfSlScb-n;975k
zt{aC2y51w2ON_6%)l9aFdBzJJzSLHxXV(5|Mo4mnLccXl{tj!+x$GF0QphT{Q=P2(
zn*cLj?$Hpfx6ROZp*sz!_C;Smm*?Fy6heM#?Y!X>cG+)zuN*mT>@H+q9tA%*{d8hF
zM)ZVQQ6OKNUy?Q~fgiNOjP0LQuR&3_Xt2fu)tTMeEn9-enb;v<p{MSII8FrW&~{hc
zPFzK3MYNOe+iLzq@q?l)G0cuG(ta=?on<fCfB&g$xK!J$smj#sz;4_UDzn4k?S(}4
za?W<~VIJeS1gI#&or_H}ztZAOC4k?|)tS>)f9j1y^&(SSmmJ;A1P`8sj0CkR7Ss&Z
z2su|l+1ubj-Q0e^x`KRKb0Qy_XBRoi>bpA$OE-#}QOjgJY&IgITQb*!wrJqSEX<YT
zTztB#c0<c2k_b6!b#KZ-6TzejJ(&;D1HdY21*yj<N7RBbX@LM1Fp@pT+x;mfedKn$
z#b70!Rl2HLS3qzHuTppyq1I-1Ah0ou{m^<rUX_39^M#moF07Cy?-2c?4kt;);uh1l
zt+p0f!PM{8N8#tYO!^LJINoM5x|zhcsj?2K2#U5Of$d#fw<<)qKNgzjR&$pg-g-as
z$eAN<NcxJYv688|L!1RmtgbD`b?0*SF@zm6pZsxjQ5ex(4byPD<75fkn6aGgJa@cq
zZ-o=C62%qQ6aOSpC5kiKBX<z)8X7eyxUtxe{E}!#MV?d_WT9W1tbJ;ipd(YQN`Wh3
zbGhz$$J8xLFwW#93Aqy<Z7fR@oefciJ5L`R<Q^Uqxj1Be)a@I-`!r!Zvx-`ZdyoFI
z5Q`Tl_)d@RG^_j@b#N8^4dE1s-RszS4h}H+4PKk=d5uvqlg3ef{HM8ElOffv(5AcU
z-YpU!uSxK37W4HiutKv#wuJJMEWQ+PDd(Rl_@xl2fz%|JNZL7r<HJUoCWj2yM3dh1
z+LXAh$QHZQ#{dTKOlBPIC^`Kl$*Luqo|wJ%>MBd4Xylq%a@S+7#H#C$In*_2JmcNU
zoKoY=IKPau%V#OE>dFU<3v$Q3$2kKhVy)kO`t6GJSAG3t?V(A8dgo?npZ`f$%*c@L
zlm%5q=&&xUELCO=r<(iNbI7`Dk}<8be01gO43zL3c3?h+wd}L#C6@II0yW~S2;&vd
z^XN2CQs@?X5|2wlSL#*{u4pj!nNUGIZgddMDL=b0Kh8$nva_v@pF=J~=az=9=Qst~
z*I0fGpRn3x&Z*<=mDEOP(DHJp$Wozo62BP~t_c^p$TgCb#5m3KTT9>2AF9Z7@4|+U
zy39>Yx5v(*M;|-vnohd1@bO$mt2|0RA|gWinCB3R+M{juAgS(N`E1U0W8Ib6Z$da-
zBJ<VB5(O)+COYqwX7P&WhstM(G<E@mds^ot29F_HLe^k%^PG9}H~JO_m%qVuc_>$1
z#7aXL)U0nSE2Y0lxa$UlW<Ld@6L+2xj?*UmAPR=ECG>oc$kcjbXi3iB#@{V=%;|MR
zeLvA1lx$+BXd*|sTAos-8V;@C;o<IO)nM}`BkY`+U768@<v)kJc%alf(mI<#7e6Ye
z(h!@=g+^BnwSCN9IYg3jXk^*iOf7cLUxUh}{dSSwM>p|i<J@iT=Ubw<)*$xPOj$vL
z?v=zQHu|+a=e9#Lb~N+ckmDj=v`*vQ0l(l8XV%M{D!u1>dy<|E4hEdzatfgL%`WN7
zi0JT;wZdjNLO4zjCqwG&_!8x2L-b__jx`Vht+?(hm5Om|sL^pU$mvMEQj>noW8A@9
z!!mq-`6`~Ly7L)c70hu1oY~uozKL^R9S_Y=VC;4*=J$wi6u(1eVZVr%L5j2HR#y3-
z5(0x%9Z2PwkMNyJeC4d|dPF4FsF(9G4Sp+|MnYs#G}yK$M#_0A>Y8Mh)k9VH&_0Jj
z<s7fTUW<4(H=VmpLxoQUCHyXRBd;4ryeMTGMSYYHVPbcXwHxXp?$r7OySS{K0Z#B>
zyfEvdDDv)Hr_tlol-JW{gL8MOAn1=~a7)7&rqR&`tK~K7m?v{#T@X0Px}M(8P9*vB
z$X6FPHVY;#%-h;DGOV}*<Uszb;fX%&r;_*qV|F7yx8c>NZM0tF8`oWXW76pFprc%Z
z^<zjeBy&X6z}h2K23)*5geIZ;GZI%fwyuVxEv)R`Fw`Y%8=yg(is<@JX$cp`l-X_V
zXxdgvhPqc-YFYF)c7q8&Tg`2rg7ih}rL4T3bF?QqozORsp<}$)vri+xK0Mb~U8!@~
z+D6@EBi`qk-aZB8BLLWiq{2d?;=Ovrb2)9g@K{|>iE&}CJ=YOa0mGm{PYz={Y2drx
zN*YX4v%b&V>nzdqHG;10PJk-N0QyQvghYwLWMFM=QwCFB+UIh)M3=9mVdU@Jvzlm#
z)wLqV@0|?lO(}d4aaN(zkDRr5_zJgqduJW3jx(N+9m=6M4r5oDl+oMiX0uH#fvwUO
zm;ql(rDso&SHwLyo*2ynqgPJG{k1r<d*|FV1z&%|n<N1-sCBtKqRZsi2d#|)<7L!A
z7PHx+FFRY-imKNe%Z>BCWvZE-6efhPq^=3xKHkgdqzPiwGz^M>5lVKzG@oyMbq=Am
zns`IKrBlS?eAk%+1V*9NI#qbSqgE}S5z$RX!-*@4?JAKjNVQR#W+c62JJyQQi`7yD
zIgvS;xJl=(3#%UdIN8CH6(hK;B7+18fa5Y)J{;+{_k40Z--)|%%R&w@+QN;lK-)5d
zfy%5&?Ws<c%%CxR0pU1D+|1Xv=XxLA=T2_K*|tozbE{qt@L<ygjMKsP84h=!-=p9y
znj)Ur!gnT#OjW6bHjX|++<))3O|!-yVP+lA3flPaU`B22RKdVoScg}dAQ2OJl8WIx
z)vp!JV=WT{>TXsSrR7DjiB)@9wb*(orAbwxC%+1Es5MraFiRg|WzcBfH83h}<3<0G
zlKJR_-`nQ_uPxTdEBBvGzh>u7=)AbyZ7%O0ri7O-8y8QF%UTd!(S>gj+t)VsF1dDd
zhbZPB)4UlI{(c;YW~m=}G*km;?|U0tY5C5|&NXTf1o4mI;Lr}ia(+v&4eA|hN%Wa3
zM9yN2E*|hO;Gv$CD_yen5#3112unT?fc*0VF;<q`YW3k2YF5%X_2LiP^{m|BZ%eF(
zyj=+m+G5BFRpP?V%YohDnl#rGHP9W$ZC@tNt3Jn#FPzS4F1hGC!dc2#QL60)glrjo
z2xWk~09ia@p0s>BP$=ti42wgK%ecJhc_MyO_cl&j!Kd_tYQi<S-lzL?8EO8V_G-+6
z3qTI=(Gfolpr88q2xPq-MDGgg#-8xBas>{<0D>V7CO+;=@8P4F^}h9Cwf59Mh(^$_
zeh?Yj-MhfngF)t$`zJxStHdU6`ZBdq8#fMPuS~t<&-_93Zpy0B;1q%KK6y=*VBCiz
zmg#$!6i3pPf{L{YpV6Ism=VR>s0&tW2Xic`-<t@}R<97wtj}bmLc<pn<=lwqoI@>Y
zG6n?az<2zhC5ZA3fsT!JL`uF#?LMIpSe-quM46_FY-aLnm!--q9`Tx94#9(Y@F1~n
z+s<AH$;%v3z;Ki+@3I}DLjN%4{GPrv6?ek$+o(E6p6?xQJh?T6<F`;$OJlwnFD|?k
zIN=`3ccgq5Tz`i-PGtn6@x6kT(y~9R??ecr`r;D>SJayF1~gVVOny`ex+<iK>nNQ9
z@w6(O<}IK9*7Ly+h`GS_epG>H%w8(P?S7)37jtwu)rJ$VExzk&Xc(Nu?E%q;-Gv2>
zB6r>4i{|ku`uM!D-RP^2*eti1G-8+9w^-AqCd~8~idbr|4naLhW7|C6UWF8><R5CY
zYQ(wX0__u+-#itj5e5iMeQeGJr(zBjA!{X$B~<VG4yT#diw$;(0~6e0@k$uD+D-Sj
zSaxV<0IRQOCCmMt@{BqqW{#VAirazADg^jE%@uPj?n;(sZZAKToJ^35uoxcN2KL9$
z*pJ8f568S($%t0E?hFPvupNv94h^CeGd?*?=3~RuuTgH&$Ihu^Fq|gsSr0r@7V9E7
zRHailQsa6a%Z*%MNrc!*m+vvfv}c!mXQJ`&rXCLooTY*7+jG((;wWIH^x6co=8b&@
z>*)N~lreq2u$4?xlY&u<m`(fuNNr}BE>4G6Yg$O1KlZcS#(m0Lq3)0JyT-2@)t9QM
zt7zXqhe@Uo-6!U5^E5PA)GHGb;pV8GgzkG;&QaPIDcTn#9<Vxp59hKbzB125i>TRR
z7UWtC{5YVDGquFouZQ=ISC-blIZ_ttFwX7_usF<7f?OO&4;8(R9rTmg=#2q30IBcD
zyddG}`!uW;rCypJNbaVxPm$O3ft!OD@okZ&W6Z6tGP&ey^E%ue;*5a>XwRW^t*pK<
z8lo-wJ=9}ubqm=Y>4qeY(Q8&7k_Q-}O0sE%H#%$)V@#}SDp+{<tJrdpVG}o0-nI;1
zDv6{%(Sv1u(Ofa}OgB+Qp%+l9gOS+zszNnH;4O(g^=}DKvPBStx_WY>JAlVaL{0@Z
z<RCw=w$u4d6~WZE)0kexJQU1X;G#ZnxiRx)%ms5HqMPHsE}{|bcR$i$C)st#28_vB
ztM7?;_wWj>t#I_>VSsZ!hFHPhjy1uGBScvbm>>JODgo4uG>N)4hXeunnQRUO<T$Of
z=kOW;$A`sFhv^HpZkBkE+(CD~3^o+&sdmbmG5Fve->ssDLkf(o^b3{(K*FO;DuAgl
zd0!DFA`+=qTV&F!i8}S!Cm0jaq1tKB_`dQ~B~E&;=jG%5-c`oYTVzvy-XxW;$*;S(
z)?0Z3L)%jo6Faf@r~EFJHx9QIK)Lu>o#D@Ywgoc@4(W<w2zenGn?MmqT3^P(^FhY3
z=AOGU(L938v^Q%Z(TdNU`VEgh2Cf^-RaLM#{tn-hvZ;@)Z4X|7qu4U_HZX~Z+%Q$y
zM|MJ2RoF2k&f`Cb#4^&~mu^)Q42_GX=}ykMEF0KCHVfSY;eH9-U^j<Wo0E%}1l@9$
z4>Gxd?)Qim)or@A!mOM5r!-Y}wwX}h+DuJC1fj#i6#T(A3H7M1N@&)u>Q&=3I0dw7
zc63#BrgXY{y3&($bndP`&8<~(d!=r*L0g(=q<6ihhTJ&jT&H?>;G=0_h;Hnpm8{`H
zEN)53h(;R@;;kWQ-U*JxF`A_u4>hi2xwnNOp-?C2l=)al+<N8qpl$5XQ-~S|9Kp*H
zr>i17=vh|6Uf;3gu@m~rw6OqZ@P+zRk4wiD%h;X^>u8y8mp`cIrE$|SeXyqVDl@5)
z&W&V89auISLCAIZ+Xadaj)jzb8-M1Zs5oiz2ul|`LJEmh{gpcxaMBG!D1O3DvR+e4
zjCa}^P_0IDB5i4pL2E0COpvn`yY_r{8!yUIDqWw&{QeE8*MeF>H&SM;;01}@dp)-h
z+i69<%*|b<BxBQFEJl(693j>#sl(-<I=ygl9|O))jYp6fBlaf+CCY%6U;wunML{q9
zs%P|)XQgqwc_dc7&~BoIyL?$*nSb7u0&FYM<VT~^M|#K(?sOXM*<(p*GyP5^>M$yg
z>@*O=zA=N~jZCv0{pBA^V~iAGS4h9AJ{y0v;Rees<iTiG5p?6noNJ>Z^8-S+99UrP
z&&l(|Y7(A|>$#m~b|h?Si$wIsSW}m`s(T6Rk;cYuDdXsQ4>F*;Ls`@gR$?YZ$e~M9
zeCnQ3%QwBacw@-bQ(>XO$vy6NR9XkxO_#K3UvGoGPec0IjwdK=Wn(juW4>;+d;P%v
z@+hs`q+vDVw1ndX@jbz6y1YI9FoK^NdCYdN6LRfodIfL_#t8y@<n#n+6F|i5_~F4D
z`To}q_QV}w8@vl8dbm^&PgwgLN342GZnujPxRmD@t?+K{@&DpVWO!%AhoyC^q7TsS
zk!d4R8Vj?&;7=$7ev*&n(hnk($MFKo6IrWD+DDc}vXd|g?Hv4rBY(5KB&VSY#v@&;
zCl9vow+mJ3mqAwM9WX41tDcg%LBy>pv57hC>4Ixsr4f&{DB{M9#tl1F4wvv~6+&f{
zD1!jf)in=I)fdZT*y2VqeKV6hUDYCEjdREMl{lYwJ3v*#$QoE}nN=RO^Xxgb+rJ=@
zSY1t)!TuI;`DMIqgU_RQ{oeO!RUasg)Gvb@w<fd^3^~R(Iy%AHQ{Jq$ldq1^5)&oi
zd(lN7leJt79g`|^pHg{O4~%!*Q!(li!OXQ}4F0Bl>*WLaG7ou0UmGiEru&niZhn=U
zi*%_$u>0a`dWojgT8CK2+^~*4yq`))Psjr3To;ug6l;Tt`Yw!t3elLdu8^9n+J6N;
zbbnvHMJFCp@i>!ZlvYQDQ163X>YLUKFsi<Rb0xvkaF{gXy;{jLPN8A_Mdc)0BkX6*
zknDcLG}ps`TX|nypV`9?&MWbu=?Q`5*$mAoc0-+nfNadA@YuG>?wOZiyy0r?*vRAT
z7`2?YOxN8q)1rG>gOqtUMqz9?!8jUMb^hK6&GH0R&)`082a=1mb469}xwoETd38^h
zojW2w!54surXUA!mI*P5eReOTxRK}zaIw}ix5S6XJO+iN^XDy`75wgF>7Kt&V*-<P
zZrm2OxH>#N%6u{LazDD?+Sr^fbdP4noczn<kG0l%8WTF37DWrQzfJO>TMUdH0K{C5
ziTSh9nQ@=i!+nQo#)vwD;&?rEnLpHr&drVizS+m7R)|uO$GeML`FevLE-Zr%I{DuA
zTNpWf7)MT)yJybde#$vU@nG-%7H+TD@P5rUJ>OmebxAPf^suLKj}RC8$Fi^FvlrBx
z28rd57pzY;O)j*nXYAcQk*A>vd)zbT2cgbI8GjwZW_QDZX%aCPd-lMj4p!Dj3z8|c
zP==Z^X{^rCiw2_WeE#ECitPKBhfY6>PFA+nHjH06pV66V>u>6U@J9Bq$M{c+QQ&ns
zxZ*c`2%Au~8qj9-bG_7rt%Tw?k!FaZ?&p^I+*R0#fNu>``A^xGu**qF+1T0pyUo|4
zXCZdM(Q}0o<s7QomCPC~g#2ljyMryedrN|o+V76qH@YcIvD)A3bP$rhW9W9VoW1FZ
zhlAo{Gtp~i#HF`P##4v$PJZ)o)luB^zVw?VJeyK#`jDLrDt#`I19<qQa@+q)I|3S=
z3g*<VM%S<h9uHZ3KOgd?Qf4Jl;IKlv`pU0Y<9m4a!gco&DPyjzap8QJ7!E_}AY`&S
zN;;4&(^$%r0AqC$W~u&?R=zRc2^B8E*nP4-<|}vSGxb{r9--SUj4G^!D;v$+6;jo2
z0Pi0Tnrfgppbe3kj6mT27LOmxsz+XFot{n1<LtKKo}x>orpU&v8bT%9c$Y*%snL4+
z?>yJ#f~I=D7ZA1uh9Vk&%|)x{mA$7pLNep$g$nOAMjG|)B7Wnl#l<_ke-4pog0b8H
z7}HCs0>-`Er7M_*Ua+5O`V0~Ie4*#GP;>qK4$=R=3%RyOjW^-`>iHfT<qHasFavSX
z7FT$rV<AhKeP-X~mMS_y;bekiV?>;3_59%N17Dj}?aNnkh3{N#2TTaSq#7Fyo~mO6
zW6*%cQeNn&5Q~+vwx%mvf5&Bou??MhckF=Jv}za@V{*fN`cKM0CXpK7o_;RpAYt=9
zjw``n?oJ*HcSyQe`ReEFp9|h2UtP;F)_n1B$mDh*7i@lK08>}A;g7#FujJekosNLo
zs?OMfR~yBt55*6{GtVh}o4mK%i#ah)ox0F$?>8!Jy=&|1bm#5A>B5!!?v88XIumzH
zD)<yv-26C0>s2foiK6|Nh74{efNbSjyxS3-vqHd-MMMk3Bw;E27I!)!%Tp15Hm}u?
zDB`?4g`uoqbfEu=t&GG#ZWyq93!mK4jpSo$e@;4PAR{<w<^cT?xsi`3|FR6<6;_)l
zz=Lhol(d-gBmzIqIdYJ=0JEf2K;X>!7j9=T&+rRd|H$Y6g%?CUW$HACS2W@DDyxTK
zPrA~STdf|9NCGjr(r+fhwp?zx__YkhfmLMK))J&3&#w!t(Hd%u>-7{_wCQ=G<DH{b
zLz;`}35i=Dd=ku~!!^!#a`JQ#N@+4RM>p*_X@6b!m5cv+%Bbhd8CF|Uvd$|&*y;x~
zYWLpl*6xzHrq<Y!J<@EaMD;zZ0_`(3bfMrEY>0k=;38X_)X-`64k3jQa@F@Yzd1%*
zU!CWAKZt7Fr9VGp{ZE^J9}NOlsD=tPHpQyc-9$9`pDQ`!+Hc%bP4CKt0CAV)sZ0?=
zl4f^aV#dnhf(iSdOF?`*AFO||?5$r~;PHz~cm8w1*XjRAl3bzR8ymH*yZ6M^h&xQP
zdmT}{ZuExg-DHmJRNxyH7Y4pDmc1|xuyOOjwjvZh<-ZnUS!7i`tZyE=QfVfZzD_HA
z8(Kw^8qy>7%9z6Joz$VO+}*X3ack9G`HbcDw3vpe+Rg{Nbl0n_Ir6_df2s`+vXetN
zX(zemjJ)Bn({BOK%EQ62yXm#!p<jhB+)=;ZP3s}3w*{0uhZW`UcA9V-7M-3nVqqJU
zjV=NfsW3~1DPB1G|6pgF5yt;$fc&?)AbUfsHAM8o#{E{)ah>$7hQs;(LSs@+kf}_X
zDqK|s9fM-u69BLJz!pnh;5B+ob8N-ID<s))Q{i_o=YG<7yR_)nI@m7>L)4(v=+pN{
z{dbrr9izO9c?L7+C4W(f#A<b8%ulv_#bhff;9`)c5<L5WLf8(bR1OJ_qf($#kY>;l
zQ&kNs9R1|<9ep#pSbh)<jDx>O|Nf_CbM9AfH$D>m-*n-8Vgd4of?yTfut|=w3v*E$
zHaVg4P_R>EijOrOoJ1Vt@E}t-`M8GLe@uYKbM@qndw3i6ezHO`^4Thv;_8C_!?@|h
zGU1QqX_y;eH!*p;#Zn4Ce00jG!aL}6gd51rHkmYk=xc3F%=-#9y5jmGSi&1tx`jPF
zdgfZ{B_?HOaZKu+tD!v|ZR5Y@;3njqqji|np!faEAror-kHE#d!;m<)ocq(SR@)-2
zkb`efg(SHnrTX1pN@6>C0^RPO^)&tqEs+0o^*{J={~^hLNb;vs{~s{?2MqrXFtFaA
z5~>%ilM`PN4-z47ydA^&TRa=Zm;2op<<$fyt^p^B<Iqn(xd=$M2L3!;0W-~Qpug4R
z`TZJY@eiUS@vAF@1#X($t~#9qcdy>*)ALn?pI4`33D+LlzWw7k#s$vRimzW8nEStx
zej-!=8SivsJju|bHh}#gQc_sPoSyGmidZmKQTjn-GyL$6CO`keOye5pNi!_J4z4l(
zAetU5LC<_TwHa2_8;=_ptTH?lhQzl1AgarX922SfL6ji$=vUKo{>E0fcdE)S!(7mF
zn8aNp2BC<j)UNT~6*yHC{gGe?Lggj(EF3I{ihykju-!oHNmkuI7vqhdaQj}9-*luI
z;~Q{goF~UDB!S>;mLC{=cN%_pS#M7jK03RQPk3V~y;C|yXl1ewuWj)uZr<!mvmOz(
z!9TY6hu(;FiC|`D8@&I=&V(NQyC1Ljjaa3nLYVmVvHFn!C#D@DC7CSIRpSiZG4@JC
z3brM9Tt-NBzqWb>Pz?eJ0H|KZ*nFD4W7@QNo=`J~^JAFqFY*$>j0nF`9C{F{I32_t
zx6=^-P%3@Ov9tYy=+-vhLHL6UdS~uF`}JJhvW9cseIYgq975PHj8}b)ei)At2}Zpy
ze~2>f6n<sh)2n1zgE=4-IsHiU;%3fq9%1ecj^(AhQcs3`TOQi}1}fgl`9b7nwt1T{
zF5i8E|4(`@|3#PYA2-PTy}{*z3mkvmaO>|)Xx{zm()Vvo2tWm;{_O_RlRw-1?6m2h
zJI%kq`R5Ic{eRV~^sj;bMW;k-((@U@8on3o6!*7z(z$*Ry&YDhPJD8b;Rc|8O5CyP
zI&%qnz)#7k#=2O;R5=kjnT^P@0t<PiqNq{6<^BsliFrP#(4+M<^$E;7M5Z_n!MPP2
z4sgG2Y?<XQT=K+?PVhMd&_J`tCouQ!#@Mgd{fmK}p&*v%e}jVm^Da+tjB-X5F-?af
z<^8@ZI`q;fetOi6(Vq{7FDt|^82eeuuchd*k_8J1I8wONhS4Q}6OyG=wCneI0z)je
zC6CKroI%drL4h!rZh@Y?fOCGY_;vgrD`lw0U5`fsdE6ec<u$W5kTGu@Uv2c2^KAtF
zIjny<ufG30uV=x+`03Ai&Ao{|{u=;&|Lpa*Khg4!^lSQ~Q>E>{H@UK3+7xG9K-u)!
z7Tv#1Mc5*;LzA0rvvA8id%{}g^`v2YvT!MXw%q2V4uYe#P*v+*w3V0g2pk|Sz)UD!
zyT|pjJnw(c&rNKFW5#%fF2m^sic;SL)JW6mKz<<IK5_1lJtGrt^`$nsQIwu)PD1Vq
zP%IWGm>p}Qg+l9sjaIFcO4jgC*j~UM6EE}4Tjn=qIGcTY^374pmy2HSgf{pGkss0U
zLzl+#+2<wMVxq~*dVIF(${6#YIpH`IKm*&RN4=Qd>WpU^bjZ3P+^fv2#RAuF^W<P#
zFeT&_Ap#Zkq=d)tq<#j~mqaW;sjmL6pE}ZQh}Qs>#OBj!y8v2js-3x0LbaCjeny**
zeHE;Ob(FJkv^ufBHl3xqFbG1rDzEVMpGWjRAMd~G>fZF8?dm*wvZn(iNrdx+s9uR-
zHW{xjxPn)9Q>u-f3$Y<2Cpf@hF!7t-LDR9)tjU~v!gae$pJ&of^~JD<B9uRfE>rZv
z3FVd4TwTP6@*fW+pg_&!Z3sSQ#bkrfe1U$2;JFUD%xM)WL_(x|y2@Z-=$^J_&#T2f
zHh0701Xt|X#Kus-Sn{~#7JRVS(ymGScU^V%VQ23o=n0sa#Zy>BXO2okSkZ~{*<k^G
zYRR)*F`m8icNP0z^UxD_UAJ-ixN?vEX-Ig@i@6o!kqjXYC6o6UOlqH%r4F?LbmNpt
z(2=08Ha8Ajh|U@hMCbll^TCWo_7z4Qj~@p7AnGb7yu_~$wLZaYX_ZRx{c=h$XZYJM
z=Yt9&2wQl)B?x6Mj=N7S!wF#ib^F<G|NBbxZ@o|(z#VIbl}_(HNj)Cc7t)Gxk3CA(
z^_{(Z?FUh>-jjcLr?U?xeE(m0#eZu0-|Js$4beQYyr{X|8W#6d%WENaq?pjGDb!9u
z<m@#t3#l9kK&byAz;k*K#2A*){QYInkvd@NjR@_KnvS}l+@-qi%syL*uI1XV9exI!
zALO=7%_W6Dw&+i}*-Az%fRCG3e-Odx0T$WBwTNQiF~Dk<>%RHyUa5VQXsr6aA@YV+
z3`a~>`ZD!{L3c2^(GnmXmBG_(m(3ZxSSljb{F<`^X;OUWd}u<5j-D3Hrm%dE(n*MQ
zTd(=?!<Lh5)Vj=OnW67(erb57XXMLwqo(5ddAXJET!2qD$XPmsmRr^u$(^g0fsM=9
zqpIhKavD@!2%KZQt=~H~N;+)R2Emk8TvQnqBhE{orR`|wQ&a>CCN(ZjuxzK!5xeO{
zuv9iK9&!?j4ca;PRQk?KqH6GS)QtMgYb~2pn!o7bH)r+k^qz$ePI;f{0?KX%JzF)v
z-(661HI6^NR4h~u#meoT#XUgX2{Qg!><$Y6a?HPt^|iGE4(ESAf3MC0dy-Lx0+1UY
zVNdn3k?~6rRm8_L#yb6L68rO&3xIG~gXn5l``wPiN=65^z!$?d#!dM&rtwSZn`+t>
zqKHdxNPD?o$>rS5Qi4c6rtg*bzANgChpbi3Z-*HCB9?4b=$_wTLDjvmP@KsGMGcN+
z^n<&DwB>c+IDZ&nm)2nBeSaVi{hcaRJFV4;o+=<FBFqs^f2UHt?41iGPq6J$<%Y5;
zv~3J^oh>?URxCS+9Adx6!YNuUZ-qYSsY(%vbImCgp|b`ok9k+8Fb|)Z954G3#+I9!
z6L1E+#9h_`i|64hg_e(ym7Uq-0IXx+q%LUA7Bn{LZf_O&B?a$!uV-(2(vg3oclQPf
zE>LLCqj1vA8NtJhQ}Ad@GB)5<`3@RSAoIGWvb9i%HWLdC=~1HZW_EE|_(3G^@Ssh}
zZqr0+O7r&j@dD|<yQ$@ak{wdQcDH6Pv#kk6AW1Q-W$<i32+X5MDJq?kmz4d>OqYpu
zv=$>!u#ryNPsbk~**6W+Unpgs+GpNT8%`E4?tt?f)yP{Fl#11e2-#@g!9`trou*N%
zvAKj|;bno)1Sux>1a@+QoTsXCBvI9WM+rmIFO&qJ+qEiKLuynS-j|G|flJ;zo<kMS
zcnm$o5WiCaax!0o(7v`(Oy2@*Q!09DeVrQN1Zs~%N8$B(wtJ-7U*hyt9`HVxQ}$?S
z3!KHU@Z^xme_?qXbZ~<qz01~}LsRH=eJtK=Zas|;RA~at@8U;sRG>JnZ*QvvhDLOB
zgsRQgz{shG`=JicORsex>#?`a7bJw}>B>(y^A#bs!t~}75j-txwc1vYA4F529v5vl
z9k%urq{^C98#&boK!94c2C!tr)Ix?<VfKeAl^m>EK~A=5LQ|*u2rh)#M*$v&qo^-U
z9rt~6A1*l+>4d%1BYmS+?Bk&7(o#=%Cm^a#DI_A~4dpPU7O4kTSIt0R!!`$zftdO9
zi$-TT>1Hx=aNhb#4!kq^DLC<)`RQ*_Q%C!%*lF=a&AO-I3~_RKLz5?3wBhdPf%-fb
z+Wan-w_lp$ERV!uy~v_yI55iY{2j1M9K;y=49k=mvqrhZwyo(J+&FE*W@rS~d~fzy
zh}kdhI4eqma3^qFgJv}Trb=JSd^)+l0!<&<4YJ<iv?uSMNZ8KkmLbiXehoa;QMJuv
z-c2CZrFLr=22mzdA=Dd%hSt@fuMUC1q`)v0?dZ%b4lqr07AYY?@$H~)WJl6?k>ify
zEdQ2h$nPj6#h-zxo|`dM@v?uMm6%Pv4n?5`M8;g+MfG0fQX7ZXNWVdVi>8#MhKUE&
z5u(Ox?qm2zF^zit$4?5vb?(0%6VX04SX!vC2<jtKubzHyA6@1FH>QZ~%+N-sYmvsq
zAC1~IMokn`+A^4o*CeRNK~yGDW^hN<;Fx^*r)1@%?QZl!sI*zxnmhD09@pkDjw+r2
z=Qfa3VZdb2EbHkn2D<fY!rqAOm-nIO3V%b1IXpV{6y<tDrtU-SCK-^Kty&T;D$c+>
zFtT!g7Tj=<(vl8PL0d~p8<wx9JJ1?EeYR_|_R!6F^Q$}MV0vftGR<<{4fx1lB?WjA
z`7F{ajN{0XS%j|J@>FM>Hk==|Yfs>4QkK7#DNGI(Rp;7wNiN449mBZ8ahCqwcasYO
z`vLAj4y+KZ7{=`J4rr1~-unz^Nx6qd`gR)eQ@jwj8db-l%Nq5<Dmv6#!bRlUZ6HD4
zgC9f-{Tu8L79e(u1ZE)!li_zq&JyxDe+`xVM|+`zt1)~XIZwHeH{D?!$lfX5rQr1>
zXrU&1wkRq8kOIz#s*e%C%YnC&M;ek;!TYlMIScf=K4ur4M^J~^$w}pn-wp$Vl?m)=
zGh^rWHVlDAE0(XrI;sfuDB30nB9$~6>O$CT@>B0Htk5eCCGgI3?q6;<e#6>E=^3ur
z<gutV0~LPH9+?}+V(&nTp$X}T=z$k=Pr@D85Q9;mPp4nvZ6gk)AqSm=%FzO$g5%OP
z$*0UsZ`~g7vA4DdpYRw|)HLB3$eTMC+1|H(_z=u$Tf~af%N|f@*wu6C=4}^Z(*t?=
zQ~`@{tLFR&3jzM<I<!;_nofoTn9gn`@5z|b25b7n4>&VDn>PDXsl=x;ekZb57A1%4
z+0=9N^yY6(aUv#wHJ5qxF1^9_rAuoTl*tR5YLkUyJ@e!hmhQyk&F2qb&Qw2nWKs1s
z8&fB;-h>8ZECA2X4SSZzYy~)NZ~CQg@15ZtU0!i@n=D#AWHxM&KFHbN+muIS-lA&o
z6p0rJ;cOiY(Pkf4tLw-?rxxK|$-i8;b}KV}PjQdmF0xNPu$5RFRsoh={@ThNIG2c<
zglQSGiSUFupgba*XuE3(7)+58_!|geXCA8OnoU)_<P&E;VH2uDQL4crV<xYoc`tIH
zlfC5QPlh!hF_kj$V3=I1Ii6Fa2u8qhbg#eTU_4z0Z61c^S^TL0^&V(-PI_+GrIx{1
z69a+q%kqjUAnm6GuyN>WktYD@Ed^#g`KixHxz3RHj7DW1C=`1#AMU0-V%QudI4F)R
zjeXSIrRSodr2CqEPpQjckit`>qhk;*tz3C~k3Oqhr4$GsbkWv9Zn|#^Uzc>P8krZ5
z5bOey(ZW@xHR>n84YmGOJ`w4Kh16CMan6*EsXrOe{>;1kQpVXHlG*8B2tpCgp#C7D
zCRkwyU&MlBa<9hEQ~GF9yiFk6Xnxj^%#Teua_w?;SN~KY*-KY_;8;1|5U#ZT)HksB
zD`iq0S2jY3z-q=x_Gs(R<?gf3BCKwqu=ks7wpv@*b6m_Ad>_X3BrI2|e(AQDuObxE
ztD0P3(vHd%T`fSL#@%hUSx`(*2;}lXOqLJ|_k?yIp~<N~Ff)6Ftkw6j;bnCcq~^wy
z7IuC2T(6pFo(K+U_EAaCI|b<QbU8bf+KYY7#|by~!DHSbP2#Tbbi=XNIdg7_3$xmm
z`)=XX?DJXO)Y@vE`~0Q+do65KBxd>=y87inSk0MxO3kfS*^gy`DO=7TcRhxwa;Qhv
z848zaEGG+%K(u4}KGNv-nFFq%o<e&=A^N#9-V?N!S5Qx8Av(?)&*RyX^~ejIl?+^j
zG6O?<0$nV*yRA+12xe#M-)+B=Gt<sUD-^JKfqXAPspjfUPt%=!&W@?pO+3s6DqzW*
z)oIi0aJ>SQUOUJ4b}>miq?8`sLQ`As!Db;K8Bly{B$>Y-yV<QK$KlY%YwV(<F$<6i
z|K@xXcP}*dm2mH6LN?(|fyr*Cq%xkcia+F_^vUlcm^?ss_*j*>uNW6>fsPPrvf7!D
zcqJ>IR%LMhimK0o*Zw-a288W+gT8@5$@UCde9DdqcEaGQVzWfwT31nU9#1~B4Au@#
zhXf(m-k0ZD*N&jK0F&PR-7dG?Czi4(TtEp&67T&pzaU0M-6t&T%OXDQuPZB2FdDUo
zi8EE!6!Z*295PWYuo{@wGXkSHiz+J7B7bKTp}%Gn&cQmxB{~y_CJymB>)G+inujem
z)$`FI=SvWAj7Wh<NO+$5gIFWyR`M`5Xbx&s5pr7KDGwLCKIJ|fQm5(<s+<?sPT+pt
zHob_W2CIdQ`!^Sf;Is#0qJqF#ig3x$(BNk?rh^22asIo7A^l5j$eL-E-AF3_(or?^
zZiRJVEW2T3R!uiMuHM~@g=}cjdRt1NiZPjO!E#>4;|5E1h^I-bAAdF=cY>QMQzjBU
z)s2f_y6Q%#qZs=-_0wd}GuNt<dqdKFicRy80oZ$8TcK*{>@E45#b^<pAPv=MX#B3u
zOLa;eH8nN$r~5nY$JqFBfsWmUno3nA^pNG<HgQvH);@}wF5MN%7C9Sp`+FT>H*0ML
zL@(`!IIt})NSwjfWutxbR$q}K-*SVH+x<M<$WV#&TK1v=Dtx%jE|0n>t0o${Eh;Ib
zrzapFAT(nwRgEtKK$V#5{>3~P_QMgh-NquzNG?{4*b>#|bV>Uvc0ic+8h(2~kHx=B
z`%x4?DyU!&#D7q{CX~KsINhk<rzsh)>ohl}ZVMw0H3|wotS&ud7W)7dn;6E&R8F8X
zwgCKbf5>W#bJE`|Jl`|)$6DSnSQS!Y7%FS!R~(j;ah8A7cwZUxET^N$6Wd>NC?Q1*
z+?@5Qty?#7*NeJ5)FZ8hdSX~Vp2M6q#4kk|W|BXS(l6gu(iW_o^thOrvLqlw7UCVc
z$N#n0Wy(wwJ39^|hk}9zqb}2u-fI%pt+_5cqAtK7Mzw<dJQ*UGb{QJYp@feD71MX~
zC8mlT{uJ$hb5%$W&Tz^ZUxm`MXuw!g?v31#XyrcNBlT!JS=1GpvV`2NNBatD9q_;v
zq`>R_&P@+?DWCAE`hX1fQTrRj`9U6$GQGxrpmXE9@$Vgh(a-RTwxYlu1v))aQVhYw
z8&s&t4Ai9Uety=rdh#!ZaB(kYFfLo*d`(Z|z~b8vr6BD4Vzwx5Rh#5+hrGZLR^9BL
znD@;pxW$gZjt*O9&TeFv_pS@0s{?=$kc{E|>9YE@yVSSo!^ugzN{oZoPfR)A$9<j@
z<vx{ZyPcWGWnNgdaS;l&-pj$WR@~rB^q;eKGc|5G;7YuHLrwDD7(x}rQb}fO#AJmA
zIEC(k5AO7EnVr@;_xILCtWnNQ7W#fQaqOevJIFN0b#5gYmvXBa=Qn71Y7{B2!bN#i
zLp~T$^1mTfWOZ=k7c%xe;LLU(7Pu3LPfhPX!=7gyfZe$oE9qF)PF?b&0bRo;9RYl7
zcyy&&P}>QJ7eXDE3CTR&jQ1}dUK1{F>?z4LauqUMTE6STihx$)i~}$tiP}?IWW<t!
zd5UlW;HDOrC4i}CZrobK6W}7PiFW&4My>w~a_7%{d~WG@xeWm=2v=F2Q%cxj-4wS>
zSv8nis$dHAo~#GMQ~(G15aX+at<!;_E#V1v48+)y)MP)ddp<zl6m@?AYs2n<US$xx
z6E&fl9m53Hx;F#|?Nn}&i&{ZQJ@N^nl3G#eZ{nQeuUS-z`ZSwx7LTS#!|(({KShWt
zbIpz5)XJk+HDyM7%lV0OOeGV{=P{dOL04)bw+EI_lc8aA-Ps*oGV`FU_XRSo-Xy$g
zx({k@R=>Fy-5eIhi<HZJLz;=J;$xzF%3ZO&@acC?y)5_(!4Zo%!=`8FA-r$b_Z-ec
z?YFLiMP{8%)8voExfqKTEeMDWC>B`wAlnF>8#v{J4m%|rO^LWPYD3KQwyG$rq$gp;
zs6BuuC!+<$%B7}icD1MjjkC1^F&ISIdf2d}PGEvU%XpHVP4*P$LZQxov#qJlI5uZJ
z(Ush8{-epn9-n;Q$37w~@$R8Ju_^1@1tLt>@ae!}_Y?#qvnM3B?Pu8+Y-oD0e_KlS
z;8PXYafNJ=IS)^3<FXN?izia4l>?ELJ5q>-kW#Nhl^#pRto9RBMe5%HG5gnmxczLT
z4sK=Ys;i3uV7*6xD#1Gm<IWZuus39nk=!{6a%7QyAbhrdDYN9MBmd`uHIDSryQebI
zAA0CGdn~dHMs7(P@cW5<P#OMoS1ybN84p5unLbI94XylH4$MI$c8B0$079YOkXu#c
zEyid3JW9x2<0kX`2YXp59Kpi*G&h2o-)z2;iE5QnaG8GW-9PZ<8=NhIe17;7a;~)e
zgJd`IXtpqQ*?}orD<40P=I&TuJf=2jMF@6_f}lI}UXyaSC){x3*$hUh^nsC{nCoq(
zF+CGp1R7x4I{^-=N(4!9bo?t)bVdQ)y2M%xpHUonuq!ODeS<rSmtNZw`&FluIja>6
zgKJ+McP@nuYMTP7IW9->K9*a|HSW!!F+4V`saP3cjBg(N*kin;lO%8TY!_M^*jtUb
z9}dTFzmCP#IHZ%egC-Xidrt#@8o3k4zf%GH*Q2<4GtSI4inJ;W>=BoCt22zjHaUz$
zK6k)U*(fal-vO%-pv<9ARCb<E;~d))7*p;Xo|XvQ-c0F`dMqV7!<kJ=x?79YtDMZD
zzp6s4VUNpmR+XV4du2>0v`ht05slp;L_O&&{|KJ}rvI8Txprtab1)k6>jDuO+=)yf
z)NUH8jyG$*i~cnAK%}4g_}s=x%4dm9A4^1)P^UDnx7EPy^CuE*#=+tY>y6$8Qnxc{
zlSfE>x(OL7yvCQ<J8!UE<7B&;IEg{ag~LjI5OJJ|HDdl6la%=k1R)iv)88>3gBro<
z>vPU3WG%2Ew63OQ2KKgeBvNN5ZD~=nTo<BtfGWycNtM?gWf=@aF;gjU#L#DQT84?G
z6Y7=5aQ`5($a4M!BS|AU{_3pEIwWtUG8Xz^2Ew>?)`+_DONpPA4n+$zC)sxa)E5h0
zwS66HWua4Tx7);uQ|K3@l?e_VrnfsK+Gi-ko1OM#$U<w7DuMOrI;Ex8>=huWP(oJs
zu!_1D^KZp5qC4%ZVT;$9<U~5lqt?9A-bPv#1}Q>40bJcVKdtXSqj^;SB2uN(xW<%O
zU5dq_#y{!jx7Fz5F%JsMtjS0pAQHDa=6pWLaEFHCUH1+M{F$YMVlZ*fYVod$_qgVq
z1JUBRArp(w#CT9s6At?`Bd1D}T?kTX78Dxp4z2zfM!oXO+hyX*8GqAf@C^@HHgt=!
zS=D*G;>^maqdFtbhYqqulpUlpPe$}bZS$|(7K0En=QAz>%(gn@h9hAZMP4lm3xj8)
zopdv~5UQj&Mqqn>(si5s1PcobyQZdW>3Ng3&J@L0T*hx=)SI2lYKsajykdIaT*_vM
zv=`3mKu=y1;*Kl>lU6Hw0*^x$sI+89ns#_a7K!g158hv$cN-3PY3kZn9h9=j_VSz4
zR`~7T-nWL}^juro8k`00gz2Yr*7g52qPZVR*(t-!I0$~u@Xk1!UIsx78T_@o^(Ii)
zWm>;kaQHA6qq?`qx#=i!UdWW<$l#N3q^eVAu6=DOFtejqQQmBgoZ8($_jlo<AqD=M
zTd?{s&>ZSlt`Ti%I3gY2TUCuwjV>hC>&b0fU88jyuJ(@{Jj#4Z9H&1Qgy5-ZwSBw<
zra`Ck^%+b6)Sa-`YwLrO1~4M>0|sfKWP4z+bDQp#ku1hPT_h-bN*nVj_Z7kmox)a;
z!PRXIBUoFgzX#NKq<^_@XYegsY(62bn9mH|<|*BMuW>iO+)RkI)Kc@kUNEhRU}21)
z22GM`$CirPpclH4HHOr1YN&^@5NxMx(qW|W_(ZID5-U8~`{>$wP(y#jt?d*O52R#h
zM<oD6Siz89JOgG%voldV18sBL)3mt~cFJIj$m=X8lpDIG*GRU+CY8%N3+ph5q4fqS
z$f3l6ePMNK5%%#;{_>Km&;i{WWnhoaEpa{m_$bfp6MT9XM7|}%F}Q}D%Lv7yRM}!-
z#xP7r&h;)Yzr9#|2b(WkY8X~Ux$%QYv93My$lr$9I+ag`mqxdU#2K(u9I9bN2zUJ<
z0#i?aU+UQTYj^jSgHH5Eb6s*!XnJQgW#nyD@7*kwNjEZWw2Jaj1&0bD>Wa!!(IVKo
zsOymFw4H{e=glml)B>n{mS`^ap4mGj{V%?hI+A6|s_CGct;UgTCI}u3_4CKDTF_K!
z;ZL(*78x2YjQ^bh{{?J0i`>HpAJkf!7gScc58rh&2j#35mUN4qDnFZKjm2pL(ncf8
z+)7m@Wzkl}fGx>}3BMv^k8G0P6pa@Y)hC|1wnP~PPfRGfIo1ur(tYTxA#5f_SseC5
zs#<yCq+1%>ZCjI*VrN3IY-jv}GnUG0s3{b;^r&c&v(HO@&NURT-_xIyNFpz`@7b<C
z{B9fU6nd1D8a3Bb>jUQne`<vnPiU#z_evb2Wlf#Z+@K;l{9}=QW(=zs?Z|-=N(~p8
zEJE5QXnD#EtS%f@CqS?c{;rdl-~THP=EwvUNB=Zt)X{Fn;?5EZPtQm#e8~_3oW8DI
z>}2njt8H&?P>r|SPjRDPkh3QXx*qsSzwHY(Dz`rHxV2nYNa=*J@ED)=g9y_`PRA5u
z_Gw>n5z7=B!rAri8&_v;g`T{64%y+tv~VWTg%w7IUi>nNCl|0OtL^@TC@MEQ{raaw
z_f=~;;|$O#{&kyEU|=fqk)r_k;P%NGoh~t!dI--=P2%?L`f|hYz}}>ZGgKv=YnWUD
z)hR8vQX1H?1<xP>*|JS(2?#uh!z6HElJ#2bFv+OfMQ6G>W1!r)eRIcOZ!3xrC-nUb
z8k~(&>TRYBBq+pbsC!GEpy@pF92Jn>mqIUFvx@L;PCt(PK#R5k=JsH;`=OZQ*6QzC
zdkF(3ezY~+_vVpfMQ=0pRYksB2Y)l;Ot+ufC{&94z~CLFqSlFEg8IlST0xb3{#b?s
zgyR3O=pbh-x-+l|h`2m#&!z<(Gnmui){@G*SqHk5B{-26TD~t86~I8K8-_De|De(-
zq4qHyFctcIyZ2$c>qNvH!=vHBx8%t}Mft&Q`4fa}8-;CON|!&5vs|BU1x6~BP@^!U
z?SFT0otL)6&Hk|PH~w0O7g(O8yCwoXX(C7#W@s^?In0k@Dn(&N-$DW-W^PW1I#1&L
zZ1z=CZ8CPWt%{lU%0^GP@?Tzm-#xxH@Wkbi*g#t|`QE^_Z3~@z3vn(tV&NqxoqRCB
zMKf!O>VM!Mi7{6mvzAis<&y{59PHbWJxBG74j`bG*3IdjYt_1Szt5MU`BLA$&B+10
zd+{&%__~6pS6@N%$~{7%dT&IMRkmF8hfYLea}Wzt3wxt$9;>3#Q5z>ULp3~>4b4Z<
z&=lD+LLb~xMT?EyQRW4MSV=h{2u=yT2ez7I9xc>_d_w%Oo74_Q0yaOxRu2y75S>mx
z*BJW$nnqah2}X6JzFQjlZSZdg4>BoSKR?Y!D66(~Hflyoq1xGQhSZZCLZ}%fBb;|z
z#AV?cE-oYi3^f&^`YPyz-M;pMCra;h=)&-=KB~kOEMOpaPl9$tFoiEab<muLy~6fc
z7VrFP7UvYA&k~GXF5{|+5N8RxawUk_;o(Uvqw~4jkGjDgL+p43B{pzYT3_%}r@?eB
zV8=eWwos00x_(DZRD6r=MH3%h?bR%%4>tLDn!#p#qc|6)vJ^;2V7RyA4P5^{$f)`M
zzSwf`Bq1iiRvuo;FMdsfw*uduNag05aNr!9Nj9iKNR{b$FZvA`+E#`va327oayIHN
zt+m1tggL%V3M>x#XSsBiCk<aHMs_u76J}$nR0I3d5!r(8nY+Xsi&7oN(nBZ2DMo9j
zz`@aj`{CXAbmK((Q|pe(x$Vs39*DnpR@2huv{R(e4<hc@f}}ehR4j%yl0u^*n3;ud
zZ6s7A27;e)iE23c2|k;?bWC!YK&7?)3nEDk!~b4;L4J)!RF1a|L{}y+Xk14d<w7E7
zU^o?LJ=BKS{|xfij1EhNj|6c{Rp|t3tNMbd3+f@DHXnACPP3t|<8bVw^-LJyKxqi?
zh^b$2j=O{%)m?dN?j45kN0@QaUSjsx8GLrHT;7i7x~BgRqI>U8)6UOG@m-;@X%4nO
z45v;%21H0p6%X^;_W*|=EzL;SnB8-Gt}jNde#sA8%pAtE3P;pCqBx@-r>Kh$!ok{K
z$jwU7Ug!)K&YEZS_^)3<J=p<To9e2MX}Yggwv=p_23ReLZJ|uXuG2(zvqlM4d&?p?
zHZ)jnu?1JIJh>BUXIqsj?UF2L+IG;ukS!fyJ97&KZ*4wMEVJC{)o;=<-bom9iPImV
z<`L((m_3^=uvU07Z46d6q9L}OdOcZ=kws*|m0G4^-1$~+nlw-`UTky=&<^V9*Y!(o
zuR~W?X4je=HfZwFdW09AldwS8c??(Y_*Bs^jl|m0QGbWjc!f4Pi1TjnJ`mCv6`p+7
z+FZK0FS??t#<bh+E>Nl*dpHvPV4D*#-tsLbD>+Jf{AKSg#jts9{Ik9|!$(F^yK;s1
zdq%i|LDa98QEkp0#vXvWgzlg_0xZ<P!}{~cpnOOE#m8Is*GdhmtUb$onBg#MnnF*G
zgz7F`ujb3hSV7*4U~NOs&(&~eMO)_C96J4usSpdT)Z+4@i^g$bmUq4KF;Ocy_)X(d
z_CgL7E9Nn85-}^Z)WsCoQc6n{Nb=OYn5ciyxc<9_16DPF!x`bxvoiNt<nW0*dFHZO
zs2{7|Qb$2vd4$&G3p~a3*#h&pC{Z4%L2$*k9Lb%Y7!GL@gNJ3)$}a<!Qqp9q+N|Ka
z^p!&2y0vCd)E$Mrp&xFy#N8g%&D5>m2CjD+uskRdugoNwIafZfhg68!(dwF&&`xFf
zfUM=v-%F_RQ}`Z0b51hob2wzzOravgzZsw3nc10DMQcRWi-~&e1FM`?Nba$1zLA#l
zzFQbSV_AG}zRl!mFK0<GYzPjQois~LpomV;L<*u}KkRVQWSmBfoFX6nAnKXBS;8*~
zY#GOWwsk=s-zwHzBo@|OxBj_^MI9UA-TCbk{;u@UJ$R|Fi}<mE@57$*Ul_lT*Zi2U
zS?(+LL}H3@(?Mjk`Q$-pnaXO>H(FJ1&I%k|aMy@~uM2WG?tQoyl^ZUnL5MuuIdhDq
z9M>|c6lXYPj|Kx%L7n*=pw(s#rzGYwP2_j?yW~cuF)fL7K2Qp;2Ja+ArgojRj0T?h
zUigQv+nQ8fJrO~Sh!+cOlG#=hKZy1{d%vDI=&$x0p#@UrMo1WZpHhZiqSP<j=7x3Y
zX?Maq+IsHF=azu?rUW7#xU!d<EK9BSd!mNxlr8tGYCTBwr8QZ<9DA~+b)*!8qIGbV
zGNlnLdy`;{i%a&z&}-j<Ocs^}sL*{%EY)tS``G`(-g}2N{cY*uU_ntp0YT|fLN5|}
z7Yrq#cOeuh0Rn_xq^ooYEun>~^p5l*pwdI{9g!|wdR1@EoSEzQ%$zfK?#%C*IrsOR
z4}Xv+`Ru;-UTg2Y*83*s4O@$?Pt)bWM2N>Be%!sJvO(+IQ!3BKT&Sxm!x}M8lROkX
z_POlI9u`oR*-Z`}(Hxd;l<i<1oYgV&c}?u(vd38Y0!&QW;Az8mBbcts{XV`xllVX;
zVev{vz$n632ks2kB#Q#`_T$?+uVwn&PLtSi>10&K%zmR!XqLIzQe35%Bjhe#r1FrQ
zvqd6FD^o}^TH+nYvv2{;I5rFB1q<f;KeC<>BgW<xdtLfy@XF((WD3foB9&_@<M0ow
zt&}MTKi<q~cL#>InG;z^XM<Np3s!uJV@zKqccs`4gstyM(Jf87?o9a5k5)S*8C|Ik
zOe2woOAqQ2LZF<I9C{9;A1IP?Sotdhm)hEwqI?a6$JA1YYN^oTh|J}SgqRigWWU}7
zFX2Li2Jd(|*Aotf+O#X0oB59Nq0HT}!IJ*rI}hrBg3*Kcq*1AqVTa{jf~H3GvtY=<
z2MEs-3EDt|hb}*aWl5V1{WGOIBzVi4d2Y-t70G6-R=geO2i0(+jF2O7p4*pitX_ur
zs5OHU;#YX-@d?vhMmot=>Qsi~1A=VRRXnH>B&nq!=R0mu9q$Oz`=$(vb6#<F4K#re
z%p?<kVU$zb|91G%#6_TN1&FZ+tT~6IvYiTiY}Y>`DZg%Cjw6Y1R5Sffo4K{*|J=S;
zv1R4V@qmb7^FDh@Thyj*XZ1#IV!B$ePQ8!;jmwU`jcIi#ZTc=PjiF&|*R6-2jc|u!
zz7*ezEoM%$7hHTr&I#@v-=^Ge`&<lUvPk_QWhC%$k?7_5v45dU@!9z|0_Qu0NJW8u
zreby2MD?-16sx&?scEHADAcQyMwscCa&!Ek_!%71;ui)3R`+T+HQwEkOe+OpTp38(
zi@%QQE)Dd*!<IbOXS`!>dDJ0|X1#>V_2nt@-VxCIX&LYh@1CldO6QczItkzmrdF6Z
zc0m@Z%3=r6Z2&;M;usbVX?1nqSSRy(g{_i)_l=O}>C9U7)bCd)@#<o1rffZ0>=ho#
zFoJ=SXUINcK<!#;Kjao_@vK85MLnb4i}J-j4IM3*RumC>)yn3Uoc61=1G}ln;A=e<
z6=D;_N|mp)mL3TA$ards-L9|SAj_2V<YSic&-ZZcc2W{XIoD4E*4rLsJY80Mn(usC
zWa#qc_1SSLBcUs%uGKZ_@raeB8tG#!fkXj8lS6U)w7NWHmEf@5N$K)T2luSjfj)C-
zKJnEgiSeBoNH|Ez!h4G2Wiz>uy&AP2T|Y|}4$Rnp-SaHs=j$T|F@}cuKY5LKZ6;%y
zgtK^_?Azqe`P{zxQvP$`_1*AaczG$|=dE2=W%pBt)$314&zntuq+feT{tHhPN9h<G
zb8f^qwaD<s%x@vjSnSM^FyP`Bo)C%G1k#h6qj4vH|B3yZ5v%u~UNcZv1V29tQ{~Yh
zz1fNe5DG6n@T3tVaOAiFcO6<O?N+y#k;q*0vU)dZDRy1=kz|xoq_=zTTX%sSpB(SW
z6sT+Bxv*yZl_kK4IVC1%3EVn&c9cwFonOQ>yl%D5JlwIzYdl2dA=;vEEgulSdG#=J
zz@;v=i}q9cSxa8doSJi}KPhLnzN(FT9oFwO20-fAHAKNX*oesdYOovIiVmIY>RMY?
zH|lflR$~+rUbt05spEOd7b`+oP{znPHMWSAs+;q8NtotW8})JE;K_+Mrq0IRUqL%}
zgxx~B+3ri3P2(`NnK})Ub%rTJ07v^hqMB=~dDR|YFxZWBMW^5=YzSTMO}2mRTV7WF
z?65v4?>){sU!Ry{xd{bRq4zo>j)Z970tRT+ZKFh#^aQ?<r1$%c{;2Sxup);Qst#9j
z4ZGtWwY!+AXoJmRXdOkGd8>S&6Ls6l#DlK4f;~BvY7iz_S9>H1K^-m`Br&yX0ghjy
z+DQ@OBMkI(PcwGsPt(+=q$p8~Bi1xP(>=+{O_0WcorTTJa|*G=QL%^G;nh7l_HJ4A
zV<^4;dRhn(raNHObMcwW;&pFJkufX?M<U3&yr0<a3bz%+><rr@kx?8=mejuwCFNc|
z-Eh2+EeJ@93g~4dJ`*v~RbM!lnhLny<DV<D^6s!#dRw%7?RfAcV&9x%u4=a};-{k#
zF2t>zk}>nPFCY0v%;;T<D{{aE`lpH_GrT2yQ>FQO7s7SRB>SxPp=}2VKRK;8QTIVk
zt8*ZSt@Eiq;|M}oPAg=ZXHGy6vp<uct__=s%O6HmG~E*^x4u70u;1XI)M+K34*YyR
zu9oVYC5@H*h36^n(<4L<kxk73uW#Jn)u2G;nU`#Y$_&eweEuNW(Qx()FVmP~u5&YE
zIwIc?D{zNm)Sx%<O>8LB1DGPxcs>yu%m_wKQ!jY-x6SonX9!xd5PD*)OG!e8TxAk-
zK25SomIfLh=Q9vMR2#c<S8PuG@*P>h4g1raK(#f)0-}7f<8{8&q5+Ko7w!{%E4X_@
z0s+huVSyIZ*;Qy`<?VF0_pzb}6;_xj0wXpta$}a&LcQVkL4`(l`b)(FO_S!A&gg2n
z3U0nOXmw=#m_UC0L!t*Ud8%R|)E;CwEmTUd67mH?F(L;Q#7LG&kzM<lDAsT}-k0IY
z{=xT%$ED8|u#z$!sr5zST>^dzolufkB;_nJ%h1x@mZh<E#7arq7h~Yy6UTsYw^fM;
zWi43nT=iNo3_U2TFPllsOXXtt>o>JazwnMnqx}(c0XF6I^LD@R<d*%Nh6DPUNorO1
zJ@|g%m18Gc&w2wt;=D!@YlU*D<|N71HTaRC<O9QI0z!>dVfJQvdmU&xD`kXD;+zH2
zG7G$at}Zau;>z@Bf;c~AG`z2T;BcNS%BeGV*ixhFPEWDt%3#WIs9_HmIhB!~CQ-`t
zw;N@ZL+IEyLTp&YxmRKpF{wTZlhigX(=WX5vT<08Bq(c&$W(pG)~H1^r)i2^^RqvA
zi3+oqJS1x7DN7RKuww&r$_cw0^+n827iG;vDijv&ajs6P+8Sr2#qb0JHwit+DA9uK
zVck)jkjUOXWXu|WKHfl+%GRceww1)poj{4^?&|P)X``1D6b;2A>F+Tb$MK>>=@i9Q
z+aW1l2~I-dAy|dY+iC6}1?Eside1_-hmkQVd^^f4J>aJD$4yusjtUGqUMv48Dg#DF
z?pQx6IWcR)r)<u0pcUiJp!_Pu*@}r7jT2<F{Bgsm9uH@E*=AMGBkB)P2F-F?x(1Xo
z5xuCopT-JB8{;t@hOtJmp=5>JwP-eqjxjIHN<;irBRxamg;(LD>SXVz(&T=c2lwB8
z@|qf)5mT81lVZFowGr`PqNWS1GA}WMwyWAET@TlE3x32Vz|yv)?D}5K9jFH>eWcKt
zmN{0I9km5yE+wh1giK^88Bpcgg3sBzkJ`E-5aiTNgPBLAIx3Y&8Sa=jc8P_$D=&Ag
z6w#(*68gfd40ggqLB6Dffd;)XRL-*yW4V!RXgJHhfL=Q^(t%FjF@94)w($I>P61Mv
zd}@G?%z_gJM~2>BQ(3BHR`>F&2C&t3_UY+mvZ?!V5VA0`gE1(jusQ(&oMAuM*L4Kb
z1Dq%V5+jTp$!YtyZCE#=QDe4r@=~1~0Z>@fYQh}{N<PLZHC7;3Ng7<reDBUP%aF|2
zNu_@IQI^E-V%4WYRd=xodC8@RWlJek0pZZ6XY|TI>c-?biV7W7o*VfL2!3M$IYJ}w
zTFYVhLPM|%Nv3%MrZoDUzAT!0cRpn5y))*3l-_`m148S;&-b=YD+q97<Lw*^3ktHl
zBAm}2mO5*iUWD@`T@BpimC4L9{iHiBX|g!V=1<d6veDqWTBrU|(Yp8~^dpIpr#epq
zo9|!^w}dsr$OqdEuP9${-*K#KDL;h5NWI)lClQIxrQ?T@=Bi1KD&#(?<SoC*uZ(oV
z4;GRaGGX+J?8xn!D&l)@xe*Qa3$?1`fFJs18B8%#zE45`xw}zOl;rOeV2;485e5S)
z8r7r}^+1qi(A*(WhP+;ZOmSTGsbDw%RXN@n!F7J;@GhRh{WT@m58V;9s3V;g3?UOP
z{H*fZZZ1m{s~_!kaA$aGpVv%@rcKRUT#gPV#`?LQsK0(*1Bt1HSH#lLRtr(Ni=~*$
z;<(T?5C@r7f)FX8JKAZ^cVznAvS7-XLfnsn&+fNwPudro(B^+=$XBpqEu3Kpe6W-~
z*%xRyQ^qwC?@niE0_SOjuRzR5P)hNE0QdKV%j5zAh!5(D-K)(6nKES99a|uG_H#4w
zrUmX;B*M`DqCl@N)obAW#&gz!2^&K?#DRh8G8P2gKj*(2vuF?{RQ7K3L8({;Jl(Eq
z$Ef^GhtF0*bmOQxPx1)O;WtiON*7vQj%7Zy?MiN~_}L9_KUaPlb;Y6qkzjok>_^7h
z#t$|5VvMjX*_$jg4cK$>4fDrel_Cy@ma)1<Akigk4KSYPlo;f59>-z+3$Kt$H7{ql
zqi4UAvlmm|evoE6eVV7K6b^gQOHS+(+xHNvl0;5dgX%uZ)EHY7gaGG_$?!#I_HaP@
z+X7M!7IisTU_Zr<6iVM*e~139fbFi7F>mSF2|0};bvQnOCM{SxLG;QROk8-QikGcx
zgo%FMBi!|_%!u7usr#Kb6z)<h@Wgt5?hg(8Y3}#M?Hh+>la(MBc89`Yr}ihBUU5e+
zZzJtgch)9Uh70>1iuoLQhu-B=V=gqvQI-<*PGK%L(@ssW5Y1=k?v*nKjtSwSMyw7V
zIfftbpe%)(AGDW#r=$7&1bRAhoFNgVr>pABwUQv+t~cw{{qx)fylwvN8dv*3B#2Zs
z@9XQ4g`+^+mRyV)ryJzRTW=``j1WJ&TCw|SaNE0HU{MDbg^ZpJ{VrL&sd&zA!xa1n
z4<Ww?JbzR+KaIcJs~5|lGe4P9TQ0yAH-m=o?#0;?U9YZIwp{nN@F5wM$O|?)Znc6g
zp3UsS+Be%FPykS46{S_<Eg4mQiEMHH_^O%0O4r>M`K>CpgvH1_J)?U4QO&0+<|J~7
zvPxL;qujJ}<-*|Dy2tCP4if6LUL>7Nv9)u8h04&Npk0Na?TbRnHr9{B&>~2r7%8(=
zE{sF*<_a$hY}oK^T5NDm;%8U)90m=PWlb(yB{IzR6Q5|^q=WyFJmuK3pXK(xYl^8I
zeU@UBQ|R(+eL;=NWNB-+_P$GDav8Iu2szzhYS$YbV>MU<HBo4f14n6@ZF}?x4;-z~
zj*x}t#k4@UsyYqjiYQ0yB;KJ?^mQ+<3HZia!Zn%Kn74->BJ&C&RsLk@(VFb4bu6#y
zdOB5<igg`R*CuN5qEY4;I?hQb2oedfajEUFPtsLRL@@FIFLzQM*|9v|4`R0?gVzm(
zC{ro=xEv7A`}b2m1kFRr1i?j_)OU%bGzB7*vu14|Br@8Ln3KMKONEwq_=Xj0=J49F
z4$9Pmltn1iF;8#&^ileR;>|9m!ZV#{4$9jQ%j%XxhHzB>1To8nR^Xb|1Qx)KWlQ_2
zzCJ1HP%y5HPFz@CHMC#WGZ4B~%xfiDA5Ff^6KEDnCr2@&?7$OWs8Ex*wFHrVjSq1a
zfcIC9s;=$o_dAt>`km76juiEao6oe=W(l3BQ(mY<)I;0e%o53Y%P~vayj%gZg_mIp
zE>r53<m)fBH8+i-`!76$SCc!k4($2FI}5i73-%<{J4&0P-=qbn!bP6z=*8|gcK|91
z#=tmaebBX^83<AY+TE45w{-u2Q}Uxe=|e(n*_G00*n<ZoIyxWubEknG-OzjWGpeM@
zCvNWKG1N3mc1LyK*vP&uU>fJir=u^a8g>F@5B7(tdBnFXaHK%dZJ_OZ)r6|MZ?y7s
zsyrleQ~>g0yexi3_>U%54vU=yjqvaTpZ>*0o^oGfoB?+dd58-AY5hnA;U>zwO!QBu
zT1t4gW?M9qmjX8OvizNJ9wA&oJm!Ue+~3v2M0Wlx4KOSpFx76A8PDGS{;}&R-gS}S
zo(sin>PQjQ{bJvrtHfRH(B@S6sEQb=J9b(tS@xD?(1Di47C%BhCkVA=Oc5HWhow6H
zB9pu+9V!<X10S%UxMGv#s|d$dbmcuoi_gG(S!c_UZ9DHa2ojz-^()E6_2z(usGC0I
z+{yxmhY!?c0(*x$O4dtnMtPi+T6*09SQ}92TzTBkKOh>VHRhhkd2-n~_h`F_8&vv6
zc~3N#Rg8*9{zK$kI1TT+4zvg!_FY@_)&T>~T2vJbG@LU`HUMydy>Risq@=z}pRRKj
z4-|{N#GPaDSW)XIS&8a}Yw7Fs2Rh3~N-&12%R6%v)yLdnem|g?gxvuI#pOb&!xA$W
zC`#lg0>uM@EzfzGi|YwAYJm@zW-Y4K)e~;7LK}bKeI9-B!1Ej+KkUrum64g{Yb2Yo
zKK)b(nT3GIh@TdJJD%4a!H6OI1v+v!DWDV$0yU)i2+|<3`|a5XDG-^KEz7pg1xq&5
zd01bhbI4|^i@4NNtb<?+T4S@yV5B%IIc{Up0=XKLI4x(CxKUYaMtvUwvlGc~1hwiI
z%PlF6z7ohM7cMNqrZ`es@##Pr-~~ym`rKROZ<Im`n{T=i9=?ZJ4mZ@%TcL!U7yQBo
z5g{D!#N9KNCTEOc8CQ<AS#rE{C8cPiS)~pKRV*mUSect~6n5s&jkp_|``sXp6w?wd
z<#KH}il3_XPe)cJ4lDXQY*yadGl>zAcL&gB@p+pAahNki_08wN#@m`2Drw36sCn%j
z(KnVY8fUxUsqS`4`J9=k>nvkUdgXU(GL?~vo!rj3BDC04$W+6%ow+iYb>)L)C6R1E
z>FH94$ffhlR~{<RXr<)lT*=~s9pf;~+$3{v)dxERDjlTm>7rOnIdfN>I!6r$Z;>*g
z&GP$;6h{w@gr)@c6RE_H0@UB}IvcC<_KBHz@bK>BUjNH0olN*2wyHP$OmF#8#z<BU
zhDzhOEtc<Hx#8hSl|B7^ee(D9NkBaP(fh2TP_S+>#_grXBL_i`@RV^UI3Y`}MA|bP
zNo`YKUsrkST;L?D>9O~q8};pbBvDw4pLB=K)8(ND+mO7*H4J7_K=h^eFT9@yr@;-k
z%2YmX9%p=`r(B_L0RF-&p741)^i(Yx>y1leESBgy*w*%=<nnix_wKsfGr|OnZ%GZ=
zJf@ZaeDfSQRD)#-eE<Fn&rbS#-Q#0y(hrlW`Rl)vP~Rr_r~H~mG1h%ok}@-cO+4LF
zF1R3Z{gTtCzmpKW!OyNV3H99*Tr)V7xp(iRYVUVplE0J4zI|o0o%C)&qW`bdkAdyz
zjpaHMMP~twl7Fc`O5%g`xHr_flm1yhDykl9GB>Ms$&T#pb<W09yk$9DE^zoId2zcI
z(=4E(E@`&d-Zjjxy5#5BTd*lydpe6!!QtsNS=EU1o5|~vpo;Z@-@d<nGH0_xE>!e&
zgbWPv6b-SiAjPdRQBMe_riCdr;q8&rt5{J*_U^(WBvqs?JUInkY-IA~f-S@6Z+E!G
zpBwJ&_FriE-{r`x{&<WL>kf7<qLN3xtg=ws9jq})oO2G1J+#br0P5EXkK*{jfCqCn
z(b)wvvkMMjT!7pD1%3;OdN8`Zlh$yLSGSc)!65a~C}rMBSYC>Sad}a4SksIIRk|AT
zxu)*3oTBl*MoD%e5o!rgziqu>5K1e3fDy9|GO@C<m|S#_-9qzSG+Q?k-?){ju!2*7
zB<EjF^xMuo0NTc`Dt%j+G)bud+->jQ5^**~%Vu1Xvb0`l>&3;N6Mnz5y!Ctf2;L{A
zLmf%1d*uTMF=sCWYBFC!W4%{;f0i5UzW$wp_{Q}=X9w@ATJxu8*s=cdhj~YzXo{ht
zuUK7ET(NZiYxB#Ni=r#b{CU3~5B|DwlqPX9cl~}`ecr4rBWr0`*q}Mj2@}uH{X5k^
zIAebtH}9xrS-N$(1ISi7L*@WN<H|gh3dS~D2Hr&3E~~Yd7)1R?yjgPA){ZRpGCtCZ
z_0Nmk`PV6%yg5&G7sU4|Ob*G*SXqVJ)jI!HlOKKir&;(V>aR@0|0!WqU3~QHCDbFt
zb3%lSmo<I^XbnI)tC90mf<V1CvZRdh0mUts7|bsBC%)jguP??k<%Khw6J_qM8Ys|y
zo#aoIK*&E>Fg_VoQJV_aaV3^Mn{+kyd&pInooYZ0QkW|Txx2zw1#?m1Cuw}?Atyj4
znatC6>puztkxJxs%EGcnM}ec#;5I4~5(-hlegReStRqd`tV0Q_KRFHjP4T!X=%GBc
zm%g>}*W}~3NCnE`4NvnuYw=8R<v!004ZZx^E6blVT>HNiUvQV(aF0qlvZza>xjBKF
z{JR0@2n3-)tX9`x+^FpPPR%~1^@Y_P9FmKbu`vj}(|r)h;dFbYGclYWT;*Q(-0Pk&
zd=sD~qguU-L&8p6VS9>DQw>(2UDT#u^P=}YQ|D~&%H~LEo~P`u27wG6DZ|2|8cziN
z=6c`t=V^2FSLe-tW54`oruBcYdK{ETRMm9$9fHT{W<4a8dz9V0mW7&j-Z@ts?nISf
zefKF8{Cz;2y$^=DuU6{xb%JHUmG;K^Plh$qLs}<657nWoQ*;}~@+bhOIdlJ@F8{yQ
zu>Vt2`wva}cP#+&mkRg4P|m+gKaOgT49^u;!C)=Zw1ax><4A!s_d!Z9hRwZ}H7lRU
zCwCVuUp^AD9#+lYgT=I->uH9H3iVkH%xcPuO!`%ilGifH-b`6?J~X7zRH{tEi&lZ#
zpdX})K;3cb%PJ#FC-7)i4d?Go<sj#FE31*CJ<q1tvg!GwGmJ2g=#;i?VRCW?Jj&^B
zT07UVf7beL)qh7?Uv|K_=6L9mVX=N^rCF_)x3rQgBulYmSuePV+!m52ZCW8SW<L`2
zV>i1Wvy0N$#$AwAOK`%43sg(S{XphlE<TkzZ5y)ODxvIqq>*dsG?g@h$hf;H*_R(%
zQ)(*}CHXQ%%knQ5FDR>6s7#W@I7Uyb3}dvJnruH9$dSiIe6P#>M(srAR3?8eC;*3A
z^V=Bo7Bp3=_;Gi1iW(MfIM<(3<RSN#q9jOqThG{C?SWe<J2=%wC`AK;qnB^Dl?pR?
z_U~xj|KRleO9S~ox2pbO^$1+~8LN`EB3D07l+`I|P?7IxJyWjiAllaLRjFA=#WkA>
zUx49G<Q)WG-2S?qBDCi3GfFF!I4Y6{4_`-0iY8yMax|%z;NkB$k5OIdGG1=^%%p?5
zH=;Ko0BjU-J;bgk5o(ES9G<8=qEcAxMVta>ozMPgYhUluzqK;1GA_84nL8Ox+iRYj
zchsN7#3xTK99C_YVr4Z<Iq^3|_u7BC1OCHS(f`c&{C8Gw-1>GaP3vs6Kubk^oU>p)
z7%j$)j&Q;tP)w{)x!d7H**}a==lTYnt?=keB*mQyBiJKBV&@8);R#D>!h&B4>sS=J
zt8F7ehD^gR@NQ21eeGHQ`)c#A;l_w{{xz-`4#)D}tqxIfb=}-%_Ak8qPt<?f7XJy%
zRoQQ#NM`@~4IGq6(R=EGe>eI6Ge5qwvnn04sU<4unZG|do=H;1$vOyn)WxK{0l(u9
z=^kn0Sh0hKK$e2ov7AyUH%^oB>IrWj$AZnGe2ix33P3e+Ap4_g8at^sv7`s7=`-*i
z@*U8kuytuBHsfPlVa6TeZv;HCTgN}>GcCN@(*)@9Br)r0W=+NX<|&dkX?iO#>4O==
zo@f1N>!D{jGV)x211WRd1jWp5&lffNmug9Mu)9yX_ET$3)4k@#sXQH&9Rzq8`RC_i
z>x0J(RZbvda7fgRgis~CwF0{L2t-B0`M7_A$i745!>)tgLcRs3*mh;s2M0rK06MT&
z=l$T6aAgE16EEl72@k=*GI!w)A96XY&z{8s!^;?8e#|_)<oR;sZBGFr-@utWKB`~9
z(giYasM1%<vi(%(DeWoJqqV)#STpif7q@-Z)Jo#>618ZJ-br@My(WO8QZXymzSD52
zF-UAoD+bLe2;g-vzWpB+hU>{6ggkJ-hG-9$ktQ_D5V1&YU2Ut)x_YJr#j7ifi}9<T
zd9O*m;leITTsVvtvhSZB_+P*UdZ_)vTeML4g@-$Yq5p-K^h8MGzXx3Ke+1F+ABFxC
z_T*nkz`q8JjHD#bni0$MxHk*$M4Kh&Y^a=iu8e4OyxA&s0l1CTYM`~e0BjW*vvCYx
z9zOX$$SMwHjX%mt2UU^wk-nrUKMe&cx@3>SA}_$8EI{=lwGJpJ?i}~W@P+Kfb<Ruj
z58VE$;=0=i&&_AsYTFg(f*bl3H4BBf)w8FieYckZt(M?JV|)?&$2S#<@POqN5|v#m
zqq!!Xlm0o<e|R&l=oL}%AG5mm$2V=?{=F9(CpQs=H{^Sry6d2i9Q2*r;eg&RC`%|^
zL4<_1R%=(;a5N}11;GX8sVTiPbv07Mf{S^eV*!?pEVvfMTs{3Pb6!+JQ1pKorN676
zxx9W7Y8KRQEKeL*wQcl9nUUE)Bny9%+vUag<PxH#lcD5HC>5UokZ;sUVCiSWXI8M=
zWq)fiod`#-@>>|yc|Ix4K*Fn>E9Vm}g-402HHWIJHv~s$z@<4U4WuPW7vW_uS<XrZ
z-gIg*35JYp@d-s5l#($1DLZl+sy{tmRQJlG9yxx!s+*Qj_k84Bf`bB0^JpuUyxAJx
zpU+nI3s0}K`^Jewr+Hl@QxdS3Ga-a&fKDRLQbB83UrpO;)mwGqVMjb55ef%Sui=8C
zc&{$cDja%}DcJ|4+f^c2<I}9@D11o{t}FyQ3lexitmB`94p>gdYqKw5jJ2oIz7rp;
ze^=lh^^=9q=Z=*g8N0MNBs{wJQG~62CLgUz`vR!9quY%lnL1cksB|Q67w~%%JhHVH
zVtX8JG#aiA?4HpMW0Gdc6&MmiNAUDZ%U7+5zv$G*EQ@Wcv|KXObv{ZZ%$;~3&txR#
zAnyY5L<2%2-y{&mfLll&l25}LVnY9&O4z88ZysL?IrvtT(glZG?#^qjQ|Wkna_7xa
z0x|qOrR1=}j&4sZDmF{ITzn6#&XMJ8l_g8XhPa_|Wz!aLYqbSC<5T}~IOONOUO#m8
zsnfEkl;}>NoKvQL`E;?%*|pGR1)4J%o)fjv`L<4^$ajC}c6$DYP^!-xUG~)EK^M*b
z{m`UO4`hD#4!xk+$H0RH%N?mXQCysq#EYRcw(+eK+qo9JcW1u~+RrAwVo1DXgYPbO
zI(a+K5(F(umz!4Ut$x3G?+*q2ZaaxU;Ar%eARFPa_m7l1zE|x2zYCK5-4^FG`ZSNv
z??ly$C%4BNeDR<Cp`bss1^M-8xt92!hp_kS9fscp{hN{gmrgdt`$wn!-*?(g5iOxe
zl_S4KICW|gsEcV~@C-<V#TqiDWu&CBh~f+$G|jsj3{8<N1NqcdXwvV&M}DZDGZxyR
z$)Zw2&FZfbe?Z)yH0J127_~vq9xXRFD9(kYLBLS26k<4z(!T94hIFvp9AQ2xx$x}h
zQmulh5zz6IIe%)fEp8FuP={~#CJ2yk0`Ugzv8FTIWeTQHU;*#Hz3%)G=#=)Xav)H)
z-O;vE9yZBWHp}dnX4v1l$2Aq(qd$K&G76XTMUL2QvbW5+{b6zVhislY{b8Q{V?yu#
z|9KUBX;W5Q33)DdQ)2CihJB|8x%hU(4h{zZjC4S-1}geaP(X`Rn@w^N9|^)uH&|!b
z$k0NkeJ4EnDc+60W&~Z8TFyLJs+(r9^1-jUz)$a-Y?e%=DvbRJl%YEUOr+aAs??&D
zi*zgGWEBSf>0wZ(bu!IfrSF;k`4;x*OuLLTdQ$5pdC*3xn!54Nl3g1-oGa<?S0tT3
z`^Uula9LlxIy&=X-%$u&WQZ-FPVdJf2w0B3d*quv4V4+Y6)nm)d=LY(|AnVPpLs8r
zF7F?&{TDj~W}MryuFG)t`c1&0?(>BGuA3Lqn%g*7qMO&D$4rs@ZCpkCGbI^11?T>3
zwoCV@-#gm8FaN5HY97Oq?wf_`)(w<Nu;9QKzx>5;T>WFz{vVZ3LT*Q$ecG}O(H~l+
z(6stph%)XnwhbUS6Pr-T=~qowD?-D}Bp{>ohX4J#o*Reh4cM7mzx!8xQtCBVYaK=2
zj(R+TvX_5H`=slF!-EaHR9Au5FM{sA%Kx@Lmqhea_Vo`r95*;RKp`eehD|xdAJ`+^
z98mNWzenaM1XlLqWm)tZa_G5<7`RyQFtw!IF%1*p@Zgx7Cx5R{0VMwm@8xvAyAz3i
z){a=ABeU#$rR%K<JH28cjn|&8LcB`51HjP-*~<l8v#Ks0@={jMfoqb{0BL{W(U=}r
zF^%=84b>;8k)$OI3`DO?l9ohhJNcCOcp7=te|r|PC|X7cQFU-uTeB57c+9Zz6c_ay
zuyJinpgYY`^{D^DZQVyFVt&H8ZXOfl+v9KwvH?l2`?JDKH1_o%<ya_>rKNlY{j3mg
zrJZoL-Gpu+ykC#%*1gf`vG03n%^cQniRSm=Bt@Ktz-N-wCfH2?s3w0MOoh26i?>n=
zsNNxWo_+Y-StV7hlWi%1zu+OTP-DHYHcKgnds^iIuVx+HDw*~dO1PG>U>r*GJ$hR`
z!XjB%v%EeUph}sSRjxT_Mf<4x>nLvLa39N|{)JBff9$Eim!XuR=KI4&ZMri>Tx=DM
zU4RNwh+yt|9ZPKjl^4pZP!id6GUrNsir{e{rF56h)^@h1Y&|6ojmRt6Kgs9h8Y!bS
z^lDPbrxTuKQpeV2*a>EI`hoUIzT&rv$IUQQvwBTy>z5X5(~vi|A{#8ZHH}8|Mk>0m
zE^4~t^Kv>+p?)_xtd^8tV@OdWut{-o?~qcdLQn0Tg6*<-vpN!aNyX*LJe{BvF~F&@
zK|}3TLa&7kkO|)%zt_0<{kF0A&h)GXB!baWd0;9}H&cCefb?0)ro{oy&wNZPp>7Wo
z$y&16S>L{MH~O1HtitD6)d4mUMzmR6XX2@cHW}2WJ~vdeFQ!1gZCGl&Hxaw^_S=10
zvs90UNqc6IF;H*TCxCg1X{>qm$&T<``?RWju_kt0QM1toAiUKhc%Yc`W~$dMB|105
zjxu+PpmZbW5@K&fa8JHG+QOaCtZQIeeX@ch;RBA)XZqcMvL+drHJXEYz1M~03jdQ-
zL`|gD`($xwzHs$fACf_)+m&->eOdH;Rsln4)L`qrB(OmPnMR<<GQiVZLf%HoEjdk^
z*&iOyI1iv6v=HZ`#w#2vmG>||mhg}8`>8QAUrws3Oy1h5J<JvJ5JH6Ji75mYh%O&v
z<MZj^1Ua>80Efq@#l#Iw`z%K1?H|SBuhT7Ol3v@w{H4dgWSS_H?>zu}ky`RIF}pyI
zOtg~vSr&64b2uIxl=dOs^eZ#JEFo7NCzVS`^`Wwbd8mjccS-S=xY#PjPKyUGtu820
zuy!gO=|Rrv>IzDb>VVh3e#ftbx-GAQ-&dWq?VX_k{HK0EVuRGV)U@VSu9(TP`zCl-
z*%_`ik}sCa0mOwd3y>V+|1>od4=kdFn#mSWTU@6|+!dG(p!!g4^`i^RCyU%FcF!Y3
zGjFlCj6<YZU=?u(JhgovYZJ>RVbeSr638XaR({xvm>zRiU<-wZ^ivQ-j#fEmn5Txz
zMKjx+X=)@}s#`+m*5kG2DxiwKY0-D;50Vm(yR6ooo_INZ)rO|coaUrJg_<p4bK?Dt
zSwaeGTg#{2-6whQI)`Ta#_s*qwfaudeeWKGkM^B1!S;Sus~W_J@I?#<?NFm9F*FW^
zI?#ert18efT}MjDoQ#eCFm4R}B3LPTF^787vy|J|V`md=3<x@AewH8(g;A;-)5J-B
zMuFkLsqXGUEO~86*{7i>&4J3~=V{!RxAI@xq-mLm*cmW2I5r_lfvKpy?Zg)IXMH>z
zny5Oac^0$Tr($G^c2eMurA-Hsg2SUPF)Z!UJlLYDXOuuY2HROz756U7Nx=DSWe1ej
z#Ju)bU#L1WyOC?{TE69!7H5%jiP_bze_ma_?jh{+`_e+73kO7HGD~R&s-Og5erpS$
zt_A9Ky(byR$2QK-SQ}P*=-tdaEat!Eij1bnO~{RhNTiC_PDd;P;`zy_c=bgHJI^^3
z;5JwjyLpK{Z???Y&BS;MsvkeuM5wA8-XyJ!slX8*hz|sm!vsrEr420otd<IJ!OR7G
z&;O)$`riS)ezykx8I7CJFw^gL>4VD{GltZ09M|9w@0+BoOy_OpL+_85;x~u>MZ-M%
z-x>ywM(pjsDgR#lzXXX(XRrQqVEBzv^_CDG9Eq39mGU{+!($H8hvMhC^*>GdZq<Ky
z9|gOnqU1_1F1Goa;+#V+yY^_wa;Y{KUAhf%YZ{Y3JSX&HyG&X#?T-CesI=N_-g!us
zl3t{-xwJ`}@4!<rT_Z@!A8Oona6N{ab(Qy1)>Q;yXFu06PZpExZh}{?u}Vf^K5JW@
zpg+W^pI`qDOynH$3s0v}bKd@w!I<TS++>_D%+NdhMTOn7XoLgE(K9P%{sNQ>VBOPx
z&3={=b`?acHaY_q{$fmS*Ef@H(&my^!*;F3qTzi@{w-7O*pWo2zWjV*6-%b74?~vu
z9W}KPA1Fw_qvX?)NVt?-@q?vAYZGmK{v=fNiHe)((MYz4*im<{g(gGnk9muR>x~Je
zhcj94jqL2Np(uQ?5mgRGAwBD<s$7UPL+?_D_+8kT!s-U)<+^V7npGF)#<Q{+O|(ke
z*0;)uRqUXdQbpIS3iyUg_WKOALg?E@R@B0<=Nsfm7Lx!Z?4#SoVy?&(Y~Y=)m8MBo
z#d#%Hi8YPdJ8mot6kOK<25_Hq+{j?@J<kv2mH+s}V1w5#yZX#O>+2X5VCORaV4Siv
zqK?w-Kwp(PuQi;-3S}IRB`H;An))J`iMp-))muLfK5u25d+{z`Ad<YYi~sWWo|((q
zEO&{W_mjEUBna1Cl`7W9N~|Nn1wG<p#;WnC5_8>3GqL!ca5rOzs*U3`B>_@1II*xk
zu|}tDPlWHSNwLoUc47N&7zs;!5C%1dQcRj9oU;(<tYVpJKu&v}*yc+>0Y|_^fiE;u
zY0n%uSVCX2_j77n<>bP(h_GPIhn%Y~zZBYjkueVIsT+eoniUV!Nhv`g7{^UT@D`=D
z=AnM`*>K`g%b;#3aq*~3T6dz)#4EZTy&DsmD`%far_FdN?o6~_kGa;77@HB)onb^=
zXDG-424|`cWLvLgN{kwf3&-oKfQ(=CA4?FAc0E?auB&o*q?@eXX(`i1){P9a%o|#C
zAi7j<uSF{_cSw#lB(665u<cOfP6gJe8aF49nlOoPrH6+Y_1S8+1UlypEtBd6x{WCK
z@th}iH7c8tmVGans_#00VaL3E-w+uL7ngnSVMFNksuc!HP(NdjVZ4JF7wm~FnxvZ+
z0KB~#V7d^_U470QYG@@o_XdmUvE>F5FewPITWPYO%S7X;!*fva876VLoceTwz3#fY
z<ovfI%!h%)E4C+@vJGt&y<GWQJFaUBE^mltHu!VEtcGmHfZAoa_8o{$`pEv{Q=r;h
zQxG7@rXN_?JNdfLQQ*v(^*oPD6tLC4W#5>X?o~%hG_=J5jf!gurU_sVT&)ZnB%3TT
zHFQZ=>~nueJetRCv9WC{_s&CSnm@1Gn|z}>b&i>pD;)EMEH8_pr&b{^9wkJ7X+O$U
z%H|Q@UKzs4EqzA~--`}w7qMgrKeZm`sWs9}>~;nt+E}<?RKg$mKqtt}JeXL;T|wjL
zpIGIJDxv}gq~?!G%<o(luTE4&<D#1_EEG1D>QQ%7YGsd30aP5U0kn$G-G1RoG<d{N
zRHchejBF0GeGQM2jZI8ca+*q92FE-`WlvqGv73qZ6KJFwiKx)Fxd`Vki<bu^3})<T
zcb9P1E!6sj#yuGwa+=V#$Vrv!Z`CYDX@LdEFT_1XcLUTzHa<{?e7QEpk!!7)s3Ars
zM3^7m=|EJ6L3D+U*($1}$G(wufGCo!M6B7X-v9O<kGksLtfGJQ3((k)8TJ4X9vrXg
zQ?gdp{N3Sa=M9cOvhcn;C4K&R5uhVsg#W#<W$@vZZcQv6?dsFNn#=#pmsEMtepsi$
zl}8L?kBx51C`zx?TOSbJ+q}<voi_DC(2w+7+(=+QQS*4~ht?gn5{nBvGezSh+aP9-
zkJqZ~xI)f(6~3=2JPUue5^@jSq_q|N2@94swY8G3nX;D3mR|JgIuOLM$GO?By(OJ?
zt!hyX8ym|=Z%MI9bUC1&D(k5TSrH=#E3(ASq&+JUUKb);wohzkX0~tYepz}+dScof
ztZt0R-H4-q6W8R@e9QSoMwBhRb_Z==CbOZc19#t;6;7+`SY<Mn!3<1ff`&h$Rw+3G
zp;Y#@Tbl?wmcmJ`QCQ{e!G1eg--Up|-aa5vIYUQUk?lnXKZU3HyvjA<iL&ZCvKq$9
zCB@negmuHViK$HAwbv;phC>M1+88hN3t~=78}13RuY(EryzO?_JbI8dRJlI~iDh?+
z2bqANUiU~ebLlcF={yR%U1-63q!0<cIM(Xa+x^NQw)=?Ej%s)$z`jtG3eaYVQix&V
z2}!k1SU#Gpp6XACFsSO*x!`&(JYoHK+Oc4RG>%%k<A(JHmE&n0zj{y0Zlm8-cr1>3
zc>JrBYqgAuy^x%Al~j!6gc)7p@)aX>kC9u;3|aL%zW1|*u%9eT-Hio$v**4Ybr?g5
z?6Zuw(5;!GQC0sVcNs_c_on2bIYg}}#|Du*gg?blJvCBcMZRUVb{Rx<Y7<aTkmql0
zghT&zyLGC=`vjS!4&*kz3cM5lp~=L4YTwbCxgH#5k9iP^y#q)C3Nfb^$gpIrWJw`i
zMXYd095VD(dVsZa0@VD_>ir_dso`ZR=85rRr+2xdh-q?`^71jmF<Z!ZSDp&nn`W}*
zZ{y9P>95<m=_)GB&A_Af69BLvns-C3S7V%#WA8B4>T<Qg%O3t?F<%C~)EJeQ6zkIO
zJNn^~d$~?O$624-(H5Pp79C8R#;A}G3USZt#u|~gr_EiRDyf>M_)L4CAwb&;!Xtqv
z+`(K?en1nI9i;V$4QoG%vfnAO1ONmAEjrI3Yx%85>kWl+4J~J<6qHRL-bUt1M^YKk
zptEWrn#?^$NomuxVJPr=drWs&i&;`b!sz-V<Oj(rjeST+g?)>_(Rt1zmK3M~I7C5B
ze6)<?4huS3Fq`e{5J8YcmV<(jbM}_FyFTcszA&LSV16h@fh=aRV7HQZD5U!ZCKS}`
zb(?jP=UagNW>`O$V4*)Wq`&NCS?Jo!YU*^41Wo#P#gutZz5RNM#>UpLpjo8Sv(oy|
z+wob<a@{AINqy#=0aN4oVi{7X6{-vYWz?tzM|Oe#0>{^1c%QZmi6SHSt|~ZGST1@2
z-2JyUGILuL!`25sn@A;Y@+273A&KY}c&I((h9$^&t~iRVeAM=xIoM2;RoGEUx91@0
z5%D1Dn#OeLD$T5whXy~>;eA{4LhY-)!Dx^cR77X>%|xFiCzN1XFgHb&)egukOF!!s
z9Fbb_g~qjf`e%)8h?KJ5_x>IE30_1mdVr(-%_ysjAuqA0<(BVIg1Z)U*GQ!=cy*ws
zkzn^NvyP+;f{M!%7MBIpBb$}8KTFYNNmkCm@>u$3zN_p**#W4Pdi4<P;z5lgBh}pD
zU@dhQpiFXi*Ea%i{txt}^oD~0gV^Wljfkyoc%tTNnQsFt7Hd!>H<Xlas8w?yn9|+g
zG)=S51h#vD$CVPEpX^_}nCR`3IeNtrGglju*S1GeF%Hp7$Z4p~DV5+Ll#!P|^#5*=
z;uX4NK(Cs(eDq^tmOs9IwvcXd{4^f}<E|~^(#)k14$8MAQ#zUJ9_)MmiGXT`p$a9m
zCpj{Ex7H43K83tA5Q$xZ_=VrAW4eQ}{!oaTOAM{&OA_vv^aNw#?#I_}$4pP0(suE4
zT)>EmoJF;`iYz*lSVa_YEXwQChBLTmL=yT<Ln9%wc&qHWzCOFJ*GWHa>rW@Kt3n*B
zI~u~XvxB2#0W$+k4rNSHDhhgo4>fPtN*kS1Up1uE@|4ugr&U`3&~d#Dt+9s~i}(TP
z_jEu`x2{&h(`lZ1uziY5(=<!MAzvIZ3!Y`wC5H_l!^EJkiEc0$9aoX`P;JRoGh!nF
zpp-tZvCls-55OABsIQqa2{0bL+pc<h*4HzAl+38$p8=xMi1%=PIO0LoC%QT9fZ+;l
zC6`QS;40p5?4WgjfsbCAPpE!)r#cl8`4wieayIg=zLk58lUW7J%r?{q6Ssd4VFpU0
zNDt5L*&EBJ28lAWs3Tu}>i`+1C5e^97<uR?k*_5Yn6S|x)TQ(15jht=j5oVn&s)yj
zV(~gRFCU+H7Ps#_`POJhnk<6Oni&+%S61G{(40z?DzSO@9W`Mq;WjL!7#5U*rS!%&
zX8Lp~{R`PiCabENyhG&WgPy9C%iU=l&I2s(Sqx2obEWbq4$MM86N4#K@cxF^!}Edr
zo9Y)p%%ZTU+$1zo3^3zKQ=2w6WgA<=bEwiTsij_!OI7Z9FK(yhl5&QGBVuUr(KeC#
z!`E{~#Z;_J6=Tq}`zHQ&1}X7A7)%Pz_v=)E?9-nWzO+_O6^TF<OL-tSqnap=sTOw{
zDit}n#&}HHAaWss_=R_cLtfE)%fPM9ncKhr%|K0jJKxS8%9izkm3;rfvh_(Z>w?_F
zb{vw)C=MjI*9FMWD^M!Z4X@xGe3_vc+t2RqF6!qyjUv8dAlU1asx{uhg7c+Do-hee
zmIMlQ^4q^S<l53{&tr<VW}h{TT%CJ{@aACF&#Aj_Dw6oq$Lm$<{UompndrHZq1o>E
zzNR;FS(7O*T9$bw<2kHmGUSMB$86;K!fn9?sM5Nru1Thz{VP?9-fnJfQsD{yO*2ew
zjXSKVj7Q{K+)j7zx>Q)pd2IgX`Y*hEx30tC@^iQE)Huhbdq`~T*1L~pW<1Fi=C%2m
ze(Qw9)iX-{%33j44kl&+fdeMSlLtR6F5|2jQau8ujqvTwL0+1(NmM8EW@F@0jlpEG
z)l?1;W<F+SKB;zDYf;VRo2is$N-sC##<&84sCE@_z}xQUPP1`TjvohC_>E!=-=F`;
zSkZ<jI?BhwT-e`^w7u4b(}VKXR5n01XXF{-xm`-9nmLi-yOz)hf3b(OT?Gzqdu;DL
zl`*ZrdN2AXUf0Z8`mA8@H)^%WMtjXvX*S-^TB9q_RuH-Fuv>CdcD%7VpI+P971jH)
z>lGS)1;_bN)aK?AfU4lO2IN6#AoG%SMP_nZ7ck9&zeM#5bKLkBeI8o`aLY;rkifxK
ziBh)5ohSr|Ij%hMt>Q^dIf3@`<aZPcz|Q#%Gxb_A!8S82ZzC*j8x&wkaLn~3l>!iC
zd=`*@*b;=A3Jd!<b&Z^9;5}06TgAa#XLQ_jk6?#<R3Lx+dD4Iq+XIE{L%!62G(T<u
zZn?Y@N<O=U(YA(4UX9`$HF$%TvMbLl90Dlsi&<knM_P!ldMdtJJ;BsCxJOl>!JX3)
zYdn5;n<!SSjALt`hj+l8c}pD{16jy(tVe}}eMr*<w6@=R&TDl!P=O>TpHz0SEIFAn
z?K$T1FXoo*tu}^-tM+L1ODi44`zoE{kA2_a;x<m~@IxA?>3^Juy-PyXDEhq7A9V`*
zar3+Loh2XoUhq|?oaCV|ccpo23}4P!YmWP!{6&Hf8`&|u#w123%j+!*BFQ~&vs!L@
z)MKh@9WIiG^u>+u2eh2I@}?{MFgI3>U1&C{YsiwYmT;c1Qy`F!e}8yu+obYlS%%@X
zK4>i8<?cD}GjxYQrXQBf$jVU5AC)57;}{wI4JEAb)99(~@bO*z<l><A0shlLdbzoJ
z*6nG{Nx%)O8l`DdCNK^mda`yF=ePOfYI0LL18OmHFjI0!m#T;t?^3cn^JGPV5YUhs
z1Hhq6m{>Q&u5eUta92m5@+p*Ih;W-V)$31S)z046H(#~t(wio3xND_4TPAozzSiJ^
zh0=C&jBtP?6WOcDH_ilXW=2^b8&0<ZjYPJ!F5*Xs$1X_fN3HgFko_!6N_}-q_+u~g
z-hMS$vMeX){|01f6?}j$th6$CVz&^^mxE(>h^SpypTgZRs3R}I0wGnx_Gg<J_?QM_
zRTn+hg&Q3ZER?+COO97@_`cNWNzs8!^V?VVIA-)HFk0zIt@qlu*t6Wx6T)B++BM{=
zo(vh8IO|~fY>eNxORV+1+OYcsRg0-|Oh;TW7?!ldRzp!oyVuWfqp*XNx|SKYwwXVn
z9_yVE-{QQmyPM2k!V@+2DeNeSal>lHt6uf-AUaKZgDafAW6l3r8=rV9*8wX(;dvCT
z-82YdUb;n~$ulC8Jc2Dw!G-jik-#SGD;?wugsF4GErbo|6cXDCF?W{AKq8D)W6li|
zwgS)%XShrKa!ypd*hl7tJ<?hG$|71Wt(7ZqzjI%-f<Ahp85WKWQ!{+m6(Mm8$b~gv
zPl4y;{=$n#*s#3wHBwCcT-Z8EOi@{59`Ql{J4R2-R7H=mDi#FYZOL_3hTEsD<fb6Q
zQ1T6#u?<a!{4+-3B=7Q4z@>JE;T#Yp9GsC%a#+h*Kj%<Pr77!?axX!)OzJPZ1Ijo1
zNx$&2JWa790Yw_OXAnB0MA0{c%cKg<nsYcqbXi+fxWe{oh;gv_YU0)0*y=czzOig3
zCgvZD5@ycY+Rt~!OLLUm`$Q%@j6z3dd2qd9tgMLw%j^hDxm3FCo?Qy`kIiK=mnLqj
zlBcU1kTn)+iaVQ@Ax6bWO4lD;1`pYXb*IWYRI%)q^E~7l5QJ(8ju-H|XFqyTXj1&%
z#U8w$FGTQ+kI|k}*)m&QX-<|D)epdNN3((~sa?Gz^9L<>t)i@79_+8hMC_n#KDWy5
z%2#~seNDe6fB55o{#%2zh!91zT(=zy(*~!pZA#)ykF8dQt*}bW>TUD}RlXli$<eOu
z`log*iTPV_(Z@xY&%C;HJuvLvG|%f`Q`uL14>U|vl4EHJ(W!E_VWVLNY|D4@QDOJ(
zwHEOE`1rQi_c^A^EQB*GH*SZM*SCcBC%jXm)=HeyEVMZf2RpNxC_EMKyWvOhOg3Rm
z@ngsCSLlTDioNP<z`gf-6x6yM?Nqr?4o)1MHWJzLJ@#Mr-}r}dm+1>jTo<>7eE%6}
z@l`_M=}^QU02IG*cypZ6x5|hV|H7+!YfK;}a%6MCeBdT(z094xHF=SPhhLTQFB$&+
ze-8f9x3^F6<NBtw);}ZCLdGt?na`-7^0j}AV+_!Wv!hV`eW+R!-KqH9SEiT&O;39^
z%5nLp^U+uAYTrzf#o~&&ZQrOs_4Cq$>K12|qZTqY-S0L7>a;LQkXpgoeI7z4CNL@K
z{d3tN9<HJ)F7GsdW1lr!C^pntC<G>+1;p9OBxo0UUIoj;LhT@b%Pb%>PxC0I@EzU&
z<H^er>eZ%{ZQZFj794ePSqz-N=-8E)%hXjlr%Mw)&*>T}1c2b+U2q`l;nSx|i|wg;
z6Pz{U19FBgg_l&0`obf6${PZt4yi=7b`YJsSvjq2unY6ln`2k%l*dFnWrHb7DRtj+
zE$%(nQ}Qdkb*E><XzH6VYRT{!qGfYrR%uJr27W^|R{_F;3THL#@bDY)+)T}@?1Ig7
z!j5|^cN|y;-IH|Ua}sCEo9gc800>$8IhpP27Q5nhPmMbBBCd<0r!OJ-Ps0g1qkY#O
zyNaS$=Lh{;B_j0!;&UBMF84RK<;RtSS~wtH&S262Ymb1DV#+1jB90#i*Kbk-vOQgA
zE6r%*Yn)P&BIHzU4aaK8Q|oO73<{(s`3tk~21;-n4ylqLH6OYJdfP`<jB0_7!n9S$
zQ81je|HMQ&!urkasBF!5idYD<7IJWhOZKQzcd1gY%QVtzJ9?iJ#07TN6~r2aH%PH*
zX&EvzO(%KPqHqKDFxDqq>*uxC4`q)UZ_c<-_Yi8ZxesV>h9ZCxt_%w<-rA~-O7Tl7
zr;sm@F*NR$r8_j^p>-5fiI;=!^1aWn31irlCc;X9@JqHWqU#|Q37XSO$#5h;ieM2H
zuTU;<&&}56t3bV9rd#w4ukn3n-Mre*DCCa8w6d-X6`RIpsx4KcJutX5uOE&eWE0)4
z)TD|_-agN<pM>Q4P`V(D>ZlEi^QV<D#MO0!fvQgqix7Dz2M*8(S>m~~KHUf!u(>8A
z_>^jL>N00Q*O$;D3R@GRei|==a1?IKS!9bKu2FKgnikGv#j=9Ftl6+&Fqy|c2WPZ_
zwL-9TqD!)%I^#%Qzqt)<i^g?&brGJ)_zSw}+YloN77hV(0GXzwhX2(6YbUq?yZs%C
zQGBsd)JY=A#TT-k5N|G`w>dU9;?u;~Q97P7$42<SxO?xYrq=Ck)V*!n0!k623nY;M
z0ZHg}(*g;E5;~y>gg_FCR7HwzrFW9ho6<YdLKXK`N&*3;N=K<um8uBh%{kvVzu&(1
z`@TEQA7_kP^3TdxW2|?qx6L)*IiLAF#F-d)fr!Yd^<n66oB|K!P(v<eXo4VWd1u>A
zH!qD(^HwGprJDX7r@JPae<QOT2?WD&|6>6y^TMt#%CSlyJkzeHWow0Di<#-<M>9I=
z1+@R(&;P4`=TOG81yOsx^T#^BNQw}`wm3Di(|(?rx^?a1r4XUdr3czge+pfx+}wH8
zjj=iN%b@xHs*(SP?){SG{x|4?*}mVlLFA)be=_;tKgiHu73vKMk&EAG@VE*&yc)Yz
zO|TeONxZA@wKV`dJ^cE~#>g`cmREB&BKz5EZP*Ae2aFi)RY*6*O`y<_{9LJzg4M~g
zxqy2l!_C%^)$URSkJEM(6x8^_!P4sq8NcVsq_)*<u(LsDNomN_OiTM|jPU5kZH!8y
zj246Nagg?*#dP$wSSGlJ?)m<Dc+1eOL)+id8KZi2!s1qQf;mrx#V?9yD`SX45gwQt
z(b`yViUZ!Z?enJV2)4ze_{SpJ;Pc}&&djt2IS{+5%G4)WzI@0SDQ#MNkr`0W$@9P^
zAn0rOrnh_z=!xd;E)1$x#TCS6=`dm{0BkI5HCqFxIA^Cg?PsrcL@7)bILw%Ko}?~`
zO+s>sv(N9@rg?};`P*JuosUgNdo@nSJ<+#K>0Co5ToHjml47Yx@fY&W2sb$H%O4*>
ztqzdC2)jw?Tt4Cu8AsFwr46{p@SuS2<6n(xwl&_0|9NH$3_M=ZlD^RY!L6k@(B9@U
zR(~8)?(XbtVyw^&CnM>X(f36WKPuv1P2JgM9C(W0z^+V94}Uq-U712GE3(#CL=s}S
zSRQqWD8kg<;Sd|x=cUn?xTQPLjW=9X8fK~4^RN3VaHGW&W`lB9OYPLr<9Kub{ci(!
zgoqpm=;gF&%BI^3mL*F+##;QZodS)UVdJkkGl!maoCt2avKe<yL#kf~jEW6=DU*(%
zwsDNZn?&<K=zd=(=N1$nZ`rQkIgOn1a6mou!uM%xKP_{-P0HIXX|1bIz$X^(KrP=a
z$C^obJ;BMy7!v3u!mDqs;gw?jpY>ySXJal**&O?tLWg#UUb=On&d`aA`ZLqxiw7LF
zH6<dzP!Bg?fAY$St!raeTEp~bcKx?M&j=qzK;nM$Fisf#M8``jjC!IfW257nwW2BH
zi4z(vzSBj7Co+i0jV@kz7+^ix^_pg{Qkk~=`k^STJaU24v!$PI5WS(VxW#Kp$;wuE
z^`P6u?o-0UC@a!?=bB~tP0i>oWcF1wD*o&gdeloVXKvs<Vn2R-BNB_(c5wJz;V+x#
zgBcx+`m4f>uyJajnjoO5Rk}SJx=8oc;te3<$0}VE6Ss|km!<WF_I6jRT?-S0BxxSI
zIqKuCGda_o!TcSD7wr<bii*acdr%6bvVrdnYYds?Zf0dRKnJ8z*Xt#djb#RX%(5bi
zyhwTX%rMFBB)VG!5C`m-9;8MHCy>EpQUBpoU#KWd^cJuFwfOf~8J4dL-AdBb;k0Q$
zJ)*5%6lyHG3t@`+{@CeRHVC!R&U%{^u8=S~ftS*1*MBF2XkwdU0y^a<lQ*L{%>cqz
zl68)R`9~PEQ4Hy9L&PI>2HRt2OPlamK9vVeGBfGm*hQDBNItE!#c<=cDMJz^a}&Ar
z=s~>isg+5e>?$lf?nATrgXxSF4R-A953RrWRg*RDn@>t7Sqx?+ry>wpc5<R_+;4o}
zt@|L-t-b0j?|zG)Qhju*(oXp@-J-^leWl{1XXm0%E|PPYt4TI@01O0QvC2D%S9su?
zoy!ta%^t(fYfuj4&SYoKHIv^w<B!3;=m}uRrCPMjw3?f9x1DwB57x@0_E$m*GoI%h
zVzzMwJYEH^ju+NyWU49q-1eV;O`a;YVpNA+ZC>aYf>ZvI|9-ugjW3}Mu7gJxmd51I
zA7L9A__Xx3B9DqefZOxs)Q0U<^>vI}XXj$AL6CvzCZ+tVof_lxDCqIrpMKPrF3@Ud
zN6N7s=(Dgd?iNE;`1?0jy7+W`plMsZ&pB6?5xLi<Ol?9{Tj+|NVPajH8STZW>gieQ
z+=M*;W*G{4rmMzh{8_&?gs<j)c+m(O@Nh#e>r&Ul^KZRwDgSv6v7}?;?4$7qB!0}U
zQYah={`%|Wu=g`>?`G?-OZwAW`fop9x_gFyE8Io8=k>05*#rCPuovwHUW}?(U4sEi
zdFATJy(;rO@<2ImDqG9W>Rbvprw>%T?H+t{qv)^K`+d8m{9zyou63#_Y^QxI?!M{x
zapXvhXejE1QTFg}l+=`ztZ@YF)&`r+DF0f5YN3&~icnKSc={AhtMa&WhqORHw?JRT
zz>I-_q$ps}kD50Wk2`KYSJmwhEs&gt<>Vbs8k5I{>c=%_0agQ~r1<%@<@mFCzcPO2
zfcPNW?ZUO!m~Cd$EyJhC=_fUrpMb7ur6o};Z6nJC#1erL?m3~E2HJ26GmJ(DG9LT?
zo={IKUzc3RZ-V?w9MqSrS@y?k8mjA?({gF?<OWX&ri|7>m4=C^8rV7y4tji<Nxi`i
z`sm6^hd#Ic$R+<$sSk5r;C;or5^M^I4UoK$T%cJQ1{{!(X4NanIQE~?ew6K0i%T$R
zDYM)wc24YnVJ=#mmUih=heNWvK|j$yABG%7TK2Xk`@2W<?e=Y|bArb`=mD*V$pj3D
zJ(WjIT<fN%9<6@}s0c5FFyffxZ8X2Rs*g%6Jq5E!N+z2#;}3^;WOqC$p#K1=Wt<=A
ztFl#cw(E0AVZbFI;2oTacnEJ$mHWE)wbbTAbD$FP0F)TQmnJ?RR8p3_q&?kH44S&>
z{j_6Jj*T4dl_fuUSD~!63(s>hs~Sielx=BZ7L~iaJR1j&kW3DR8AN{MwQ4g=3lHgW
zZS`=&@`PiQCtnt=YDPKn9Lat2^E7ZRMHlzlF7F}j5Q3jzTBHKe>3_u9d-Bexj(hjS
zVWbRu+Nz*$5|!uKtz_8^M=?Sv+nA%9`_VJmZ~2=<zF+xyW~}TSh{EWVY&^}HW_z8)
zSyC6D`J$3l7N_jdzE&Kn*pI=lAc336`QiQOBwwzfj5T$P&6S1{2*pxC<VRK&nm3&{
z^SqSyVBHPCB8%|twGJdQ<&CepZr!HyYO*W%S<f|)>cicx=)(Mawc*|aM^@L9_H?je
zQR)VJ`{-1mxnJbLO4WI{%`%-TX?M&T@?F%X*0XEYZp=RgfYbS9_k6H>A@4@=Jb}8O
zHVYyB!54H>xRhg;bAe6iujOSnqALrsSA{C7+dg}^{zVDdaQt2*HucKQcFw+-vTY4F
z{JOi4JZcsI*h>)U#6$4#lLWBbvwvv%q3<8jm|yxcXBXu?kQ3e$69|H=bv1Z(E<lGO
z&kScGP4iRO*myGYKVN%MLNtPTXRci!#+Yy&T5)oG=wgOY4T5^OD7P3V(G;BStK;8;
z@8lZ1kz->|jhSi(n#2^Vk477J1wh)!W=8(=T3nu0G4QD05-u-<7#_;F-K<I0Y-k?c
zm|44#X((R&?oG9EkC;Tvtz~|?uU+CaQS0hNV*0yb?z$q{Au_#dRQ?&$&lHp(AcM!P
zlLBmbi9SV5GL+6C$?VW#_GurLlRjj0e0)c5<A1rMmV1&5@&clQ;mg3>s;ad2AEG@p
zKe3Zm?}urnH3anx>l>Kn!X^eVDQo~ncQTHb?uIc=#X};R!re_V1N>U^q;;n1mOZfG
zI=q;NjW?~RDDHDsbR2^@W)gS&N<eN6jYlV8<D4z`IIyG5$E`hSf3=P*O;Xo$M1fv#
zBjJn7%dM<oV+3k-lb)Hd#mB?IApa~|uDalxP22h?{~t@d0t&<Mj2w%<2tK$cXcPR*
z;ljg%`X$qi>VTQPN-JXZ&ioUeRMyrblpGjJ4{<OPv(f~mZW}3e3&u8^di**c>zX<l
z4sO`sA&uPgylviMTnvUil#F<>5EqkQK=g!@cVVIsS`zKSm-w~#NvkR@4I)Zfpz#~X
z10%TY#qn}722hmE+7@wZnlzNMJ0D7;QE!5{WAu~Cs`RTyj@M_N^CktmC~tjlo^+bx
z7RbQn?H7@Wu5U1QH-S7^j9h@{ZdAc&bF$@9R%^oVPx0)FqB)hZJgW{zuWgw!C0L1<
z>?{<BbgvB`!A2UJlENeSLGG_h8Ou#Ax@=2a3`C%kLDaQ)|6+qxkb%#%8U>4CpGD;7
zo#-Emszo2IUhVQVADyWyz8NtmdiSMbioF{Bi~VC?Ul+jF`$26wXhBW#$x>;S#i(9M
zH5Dw;;Ue&2XqpfzG7?<nyf)b~AFQOvh!n(ZP2On;z%H20a}KeOFP5W8t}9+VLCIc|
zIH$zB2N#3L6JPan&Gq!S?1J9s+H6Kn;~UF+Eens5!?Tj!(n7vG?YR;6+JVnHV02?$
zO4Y2^_fjKnApz^591dw%A*h2$N2gA2EpHlW3i0;bbsToRlpclKHt5?d&!G58O+CDt
zW`-B&(Vx3FZd`9*03tF4g!R}x&l-<xMghD1tB)B4>5yg+q*$b0WI+kE98hB<zrZ(8
zMt_60wdE{yEJ2k9eAju#n{id4G4(7L8ee0kb*QOK<y?AQk{;dnvMOVJpityq#&p}O
zc5K=bM2EtW7_!{*R>g3b+&KAT(C-ghl+Ot-*aa=B?Tg{u<ugo0={?ZA7hkY6Sxu1T
zs7|?+5Pa{Kp-neKr7~muXnfeXWYKudu<B}XYgbwy*D&|UhxJ?_&>Ik+<H`3A`{SZ9
z64d1~dILW_n&yF2Zkm=+3OySqOi`RB0(|bx0)a+F@o7`~Cx@^bRVlt=2e0^P%NDk;
zFv?F{g%MBfP8ww(bRVuMhfmMpeVml4@0FAFA3`YkkW(p}@%}9d)=o&cTk-F&S2?MC
z0ph+&H6C)JWhAvBIsk{+Y7I(eQT^u*|5v!{Z@MBtLg>CoquI7vc$l}<&ogenw_SFK
z4efoAG_d~j%;qO<%|z4>UiIjcTvncM{bJt_PRq}n@mP8MUk2k}fBq}p^*!moaER<p
z>fdit$v^scq?hy^M~iH`%@C){-_myh((7o5OI^x|(6#m6rQRrY*}kyhS7TD<MrG?u
zKkR80KJm3uO=OF*<WD0>w{PJ6QKsNBB4v*Xjwa(rh1XcQ!SF&^Y91*@_f@UIfrN#N
zV6Ll;(K7^XLyjBJ-U}G-uZev7SIr$u)}BD<V&l{RAnWvsLCME_vlKDv#Me!|3+1m@
zunmMIgMc8^@Mj!nM6u5FhEo~}vV-tQlzA5{Bsw#;O6@X_zt)f_^JK<yD$kxWFQ>JC
zBzw=(F=3XFn^DSn9REC$SFVb_YJz+)gGMhfT~ry5z5?(28p_#9tA;8j>o;&0FDiC0
zpsKBI#nhnG4m&bGA-8A}j#H^_w%+g&y-(#NK1eGH7^aX3>s-tIR%4g4+KX-Z@L4uQ
zi?Q6U(oZ~?9rwGE8>u3LFlcZbqz9cNieE1NEda{hdfNrv8O+Kv>B8E*f&WwsJ*kA2
z_PQ^*Fr)GP5wjov3Z=YQ|E&OicUBIXmsvhyvm@t$#o+*1n?D>@K-+8q<u)&8mDDUZ
zL6Sfn+h--`s73YDL>>QfEYY>G+?X$s*T4%K<}8x6g*O~S9l&Oc!J{3YjSkp*8kppo
z_jay;&m%$(Zum>s&~d-=KUDqX>*V8}B8(JKXUc{k0Eg4VmZi@UT+#l$LUi9Bnyr1M
zOBQz^cD_Bb7cN8R5+kaqWOfzc8&Z;22ov<`j#Me$muO{3*=9TcwR)W=g2+>P-H>-0
z??IukJsXhDHqa)RW)=;<aY!n_`8_C6x_GU-d`G<3F;D;)^6=9}s7|T*2&A|%YXG1_
zfFiuGI+z~|+$EVY9hDZQGUaSpgh<F^dIHC-q?DE=>Ojw6<;{jh1e;(l-DDy_Oyf|D
z_I7mwwfKJQNKF>A-iXq%iIHo}d?6Hm#Kx0e(*H@jOpSIzA*oTBkOa+@HofAk6mi*E
z&5<f^KnhC(L512B--i){%?y)$KzLCNwP+)ki4~3L5#3%Hg0<WY6OwzvWsXa(k!TzN
zs>QB@fH2<DI{joGygb;n^mLOaMm7`VCDK>rZ_dtAlwT@F{c82sP<a-abpYO1+y@@!
zijYz^@8!x|t8Q5T+*(TqmQN9N6TB)K3cH_n94tR&Flu~YR|{Sm^d6cs6(^45>Ob<q
zd-~)cv|};SI%R%D@!eGeRk|xyUg7?`jAjA{_m~M*HrmRwE5PVZCKyAw7XvCpWE*&l
zCu!n}Qm*e?e{#6(mZp|RZ)lOs*>awQHyaFaMx*XL^}J(qqz;ZQQv7Z?Sq!iFvYuc!
zAa3MyqpR<0iBqx*?`+vf)8)iN&oOe#sa}rFLjJEcnI#*G+W2F|x>;u@(TdjaEi2QN
z(FGEUZbUOKaI@)cHzL@hI3Wg|FJ4gpAUUVEvWo*p<hb~`U4H)t7rloSzT~To{R^C)
z(A^ShPnGq+^KCgicDAs2V?(yOzug_<0~3Dw`(|Wfy+BowVhjhLro7Rfjq1@3rovM^
zs2g|*HuGR-dqD9#=W>nCaeHjqUF)&2VQU)x9>LkzRNPEvICA)7F;?e^g5^STlI8_U
zW^#>Z$l73GW@4><0P%cTU!`ZgQuAR{EWEKg(+|#IkHNLBJz1kpi+SWf9XPbdBbN%1
zT=0djGcUb}4yD67^cPV2cF9x-EMBvsqwSfq97X@IelGE-m5rK>CwjNiFe+4?f`B}o
z`aR2Xi^=SZaeBde$@AD&EouDCo<UScPoj=;Pf)hZ1O}qe`y`E7hD=$fAkb-r2+yy2
zZgw``uT1qbN^iGOX`nw}q@);<UVCJwoYyx8)|c35L-si*!2py8jwnYusto)`SDq(v
zwG(VcLg3#XiGDM0fR(9`dNaP=|4`7YF7R>Yp}kPJ;%WECcZ>aRqojooiM9vohw`vL
z@{Ij1ysLpm%QsUflE}KW0rPQ@7ezWgrM#X-_b0YB8gK|u-r}DfBQ>Fk-+H_2D<msH
z67{q&xfAz|o^Mtkz0$Qin3BTV^R1`arSI1KUkaZ6);X9_$;l~4u`x165R(k@)z!5x
z8(gjrI_k4sg)FP~$G5(>9UzDjozW)lfO|%asiUD>1C8ABsr=yQS>6?2{9q+@4!Q=$
zp{xQSZlY7!UsEcV1V0NC@E6FT2xg8zsvuNa?`<*MloA;D{N<lA3DAOp-5hijmoMMW
zWSKcPH}F$Zg9xm)6$)ENC+}VI^Un$@H&|sPIgeC|X#7eA@K~Zf91`DnDnXH$+ePJI
z5d}L?awHuIT?)BQ*><bfr-}?`WaJVoWK`Jv8fJKFC7wR9!BI@17`TxRuiK`Lmw!oI
z-UdEGEXOts^;Wj1|DDz6o1$ue<@D$L$u}UDN|Egi@=cMK%-M(437IVJuCoV1)$IZ&
zXhx5zjRalS^nrzzra_ba0Gd}`r_O=w(@7%^R5^~sOw8>}m^AuS>!ie3uFLzBvwPdU
zD#Q&;Vc&NpT{t`VoRuU}O^w;p(jO3#Tr8;tdO6-1DbjPcyYGy2y$0RooK9#Vp)JXf
z1Q3(978~p#mK9pW*0>@wGVYe?nsDX15w$+6&+xwUxZdtUq<I>8_ggU_JbO?XZ=7;7
zCZ+=fk}S~Nk`Cq8y-TbimIhE{ty0I(6*pB=rPP;VHt<vosZ^B8z_qHT2DHUZ*2{s#
zpt9FcLU<hXDopfct=l=3s}A(oqqh<Y#1DekWTUQs_q?o;73g>t@xtIXd(qCctH4KP
zwb(Q=`qOUFq<E>&AD9cBPU;kt>pf*XE`%b5gjj+^&de|``Ari8qHmlEex6}5|1&Ci
z-OG{aYUVq(70{LcG}aLD8{VTRc}fH%Q&_SQQJ-nL-HF)+l$8^X#$QS<-rl;By{s&A
z*2F)rK@f~!Z20uwz7b;F0~DCCCK_6$+!#eT?Y9*jv{0$j_p{JM#4VcuiAI$vSM{fy
z9o26NT)7U0J+UxiMgg^6MY8%gSp}I-OQpHCIU-uhV9|vJ(`O{OU)}zdn{H=XM!rHN
zW3}&FMUm8SOr>h2N~yz{M)j#Sd+3K_NHth~0NBhSYFwb!{19H5j;|gnJF*WnK(Vav
z(wr#g80kD?!d|k+2C-!oqGq0%9)Izo)MH9X&9<Gs`&Bnt-K@%5)Gh?;M`iz!{9dm<
zF)BKyOL&})P2I%V#f2uhKxdK|Jw9oNk6XLzb9&g;j@e~8*rp0vs49uq_DhN{E8I+Y
z2fa51^tCl#S3r1?(Md7HR1*su8}=r@Wt2Ib@9t8cDR^}NEV8bM)qyv8wq~+%t%T{w
zAZ*V|+!>4i&eSMq>U^5ufGoOKSzwSfD>WVc`dWB+7S}p^Ith!7kR^&jO{@9XY^yeO
zsRcRH14A~4bvUb5wX6JYf)6jqTtk0YWS6pOHS={<AO3j;E8kM?5!aR#<LRqlI9e3c
z+;wzqJC4Ze%DDlC8HTQLP6`I3E{@rpeJ`E@L|fN41eMq&mYf<X$=v9{m?{^Fx`IDY
zvJ4$Of;C($c~q2s^^H#h$U`mb7m5>4e4kY6u(5T7WGYY{Gs`<`S&?$=2#4e&=g{1p
zcw^C+hjUgGo9^niMq1_iZMxGvr%7X9t^DLElRmo{GGt#^+%}m~#UL|A8)`g*-lNu<
zvdYe|*!*AI;9viS3{PW|(+G?e8t8wtb^YSg@Xl*rN4`Iw`fx2`?C`;>h3cxuXI91k
z<vahs;W{Auw_K3;4PGTTZ6=R;sg>`iFO`eUTrehQcblg$fKuugjSFVuW~TK%Cpktc
z3Dwv!Y3aj0sb*L>JAE9{8B#6~B?rHHeUk@dmAbIZ>1u9UQIXN%>@WgTJD+^s`wf56
zdnqR6{VV@#SA8|?S|5$A|9FRABYrXt{7R0-&Jq$C#w^%hFkgB_5Biz>^tH2R|MrN1
zqgHTpjy7n+Jka?8@z&+}|9%0%n@eG>zD!>HvEyeCZNGEOb}aBH*cLW$ys^31<Docy
zXTCOL9<5rE)?YT$PvV3lA^nVw_*18|9~1R9(wWTTj%^qJ)>>L;_*ZYmNYr@QX4jVy
z*#o(KxjSVQF8jCM!@U5w)^dCKYy|MqQXx!@q=U)KJpFbM`|rKXIZu!ZDp7>!|L(ZW
z1N71b&=%*Y#9B#?+mAn-Io<Kl{Tdza{kIqS-*(HGV%-fiyR4!stPe_<JI{Cr$06iG
zj@dHv=C@=HZoK;M;Z>EP{qS98lK5AC{e8b_|8{#&7u2gs4|h9~M3b5FC~2&ae*U#A
z0wmj+Z|Z(z{rUN!MVn#LkWZ0>=b;)E3WbT1{=Mevudy5mIH2@g66SP2%Z(2SK9$KM
z=vhRWxZ4H+=!jWy=uCWk^DdN4{cpW`;F9uvnaRIywf)CGm%-k@R>9}??y`Dupo_wt
z;BG>jO5K>P!Wu+EuZRo`Vxo8R-+HT^bd^<q`|rp9Hj~A*&()>}g~<UGDl)1HwSYID
zpbJmpBPE8jYSLy_tij&$eR-ZbB?IH{3beaYf#QG`X7U+;#iZQK{5QM$+r-T+Is2Ez
zn>Rzj?~$&4x$6*nGkm>g!vYSQOVV+O;re;zksn*<zthwI?0QEyx-?G8!f(xKf0oqE
z=ISmw;7WvwszyyZtU+N5i|&@aOTivkEKW<`^5kzT<8M1|`2D-Qt<~%FwlRT>JYL$b
z&3_x&zb(!G(;gZB{ofq8Gyl$%$^Gw4g&HLE()OIs)$D51$(WB-kD+S7!a+Ym_E9r$
zFNJ*rTG@tEmXTnGcOh!(C-XP8XYEWd`SUUl{=0YQzW>8IyktvW8sT32zqcbv|Fk!y
z|5}j$*=e#l^Z$e4mk9gMt#7>8gDttx<upBZA)}tzmMz2JvWE3yl8vmL;kQy}pGPuW
z$48&*E(!lfzYYJ{NzmjYG521ehD#jw&he~$qm?kjrHuN$s)dXkp<h56E#WXJDW^Np
z^Z$-<uK&;Olz(%o{;NLO>hH!u?G7zIKFP*+PjnZm$o$+3{&VjeVwGf3-~M4F_}>4$
zU|H9>W#7<%r=t6r>PB6KaKrg@L8t=fv^xMWR>#J(soUA5`)W>DT>7cuP!tMA6%h<$
zXNnB;`_#Sov1MT)vv0`w^UPVj=>N$r`em1VocT}S-e^eC>B>J8lK%<Z>u${7c8qx>
zqIFs<GA^F=H>{mNeA0(+k1RDns!BU0W{0V#<-WQeq2_%7Po;uc;bE<msZ4g|ZGk?+
zx(P}`-Ff=GRJ$dnx)G{+*VssEsX4i(;z8a3h)VxtR?HJ@(_==wt<ks3%hz{o&<a~@
z7bu!i9oeLQA2&@PKj{n8dxE-b%EQB?ng6z8^?YL6GbntqbzFQ9bKkvE0*RfMUHS?t
zk4!G+cUAPd^&KVmsThFaIu6RrB_irr8K%(I`o@CO#P!3X<>%wp{Q@oa#`YuTl*WFN
zfEc#<>Jb?aU%}}ezjjV|So~pdtcJfKiqKhlcS^-92cDj9iK-u#z@(!3eQ(U_bv6@Z
z-E1>2T_)dd=RhdTqPgEKMWpyA#bn8bI;NA?bOdz&tjqZ-*Z6b?ly;QK?t4jkqBpBu
zw<pMuDUY|PbBvePlt8i<Nksh$6E1Z>{bf?>FNxY=yC-pX2sPz>{#{16Q}|eDFdYDi
zoC-5oOB^1iJfoi@$)*cIcZKZy*f(=>Tp$I{=`#J7>&4=+HPX_)es!3{)lHmZ@=`>*
z0CgO$Ps}nQ%dr8Pp~~GHM0<RVbX~HWobp$MNm`u>|Kjx+@2uhGSj(j#jn|eJ_Dq2-
z$7rmG;Zt*kIWJ{Yx{xEu4hA4aM~+Npo8*jsYWpL#*;N@85?^<@28ZdheXeIO=kjuf
zRCuH=rMwE@>M}r|G{blW11?^$_g9TG0sIx^7;ogYoY{c;YAH<f6xR~49Y7d$8HrJC
zvO=Y^L&I^TcWV#}x$5ymHB*s7aBFI)yuC$INP_rZ+koS88;HBn57})B4<NoHx>=^k
zG~03vR5?<2wkovX%K%4xO(p$9%Q4kZN*kWt=B@%1UkFPG|FmwEKd)u(*oh6(+IWm>
z%8H8`$595rEtU!8<0ifZbf}0e`7}_XroL7-Ka1ZqbnEL(tmi~s5f9(a)V+RMg1hMS
z&oidS+Dz=^v_6vE5sJpJUFkx74v^;Zm4Ah6i?}E?I+K<-0&r3${#t`VOKclSa&dWx
zqf^CiL&3%1U|m4D6#FHWqU7K*!u^NcnU)(J5Ef^7^>XeD-3*EI<vMBL;fSwk0>laf
z^KMA$eu9cHs@ls(eRIJ|y6k4+W7~BWK(1Ccvd7A4cB=L%=)i~D!*ou;T5Ex$OlQG!
zj5j%*?_P2t48fLBXE1E9o(saR`CnL~zn7`MSe(<`r}rq4Qk;H$O*$J(xs{A6qVsb$
z`Ybe&$~nh^8f$Y=1z%QG&E!Ub>#TCQeT{U^_$0KH4Bk-9*UO@Y!+5$^2efgt**`Rd
z;nM8XN2ZV6OF%+s6^f_Tgie{5k@e@+OXw=-rUdXMX)K{R^eG5)WA-SuJCXp6G|dx@
zc1M~R0KE!qHlL5&xEc9aZ=8o*zA{{CB3eGJus-y#Ss-?CizJX{(X&Q<Q*(<h9tr^x
zfjqqNl;D#uA)*akcJsI3tOr*&V`09|Q{zp6<-OK3=?_V~VuS$q@F+VG^t;GuU|C!W
zPjZc`-G*B)EWZloi5x+CP}5%B?&FyM@*vRgZEM>%ixohta|WR)u?dWQEr{QHkg==n
z#!uA>710RUtTfpPaLvL9j!0F<ftUe~$e{`B<rj@LxIrQV=~{VSv5Bp1#&YzjTxO%6
znjlCAF(rF^cJtke9OeB7w9m$rjgR_;SI}1$4IW+iD}dLS#Ew<XwBcsOdN}14r4W#w
zaq2R0A6MSym>hD^ThAxbMr}^2hMTN(H&ul{dts3(rQXb5f}kc`UQcQI3zVmFJ-Q%>
z@omLfH)GxO4Mc2xxo3#LGkV`UzQnSZzs@nT^TIbwd4Ku5hRfH)W+_3t!#yFwNu^0W
z6NiNnc`wxv!+Q*iT(7J@Z)Ix(vr>y5!UR6F)1r7ZLAtBxSg#xngOp4X^=VhT{Da?(
zbC<z)bB{k3(86R@nnTw;=heA34%$wB2sS(BfA65~3NeycH^(j-$}BLIB1_&7?Kg%o
zg&^NnaG<6%X{ye1U$IHmNSUZ!p4~A@SZ<AB<oPKpWyYl)1|_*&wYt+f*q{fakL`kG
zO2oG3p0o#J6*oK(7|C)-2LVLdi(CU!<c%N*KuY4XLc(M$^3Z#!0W{E34I(m1<Gj@M
zMSKv_9c0TD-Qyk@f4{!}rL2b@Z$&azWQ?OnO6sYD?b7+$>@2<me4>?H1`skqwrQnM
z?OP$^P`KjH$N~SG2RozRvtoyNJdHb>b7YI6qsJE`iMCW}Ik5qF7!K#w@{&zPd9=bg
zP{a*KIheHLm)B7lds~N{b6pX0(>M>73Nsq;B**u4q8#E9fe!fHeR3;Lu}Y?22GVIR
zHO}My(;#zL>@TIxYOy{IvnU7GPaGxHUm?w+9M7by?UCapOI(V1*~>u|+B%!x2}<K^
zCPlkI)&48Czx99KE=o^cv9XzRecpujF55j0Dfg2l^ed6#6Y0knZg^iZWw{2R)XVcd
zC~iUGQ|0FdZpWI{Wo-0j60{AR4wDy+0Ph+h06f}|d1BPaiI0+B=Jk12yB1lA-;SF_
zYmoc9U5Ajd-Hggsx%mAVZPQp7Aw@*xH%wH+RaqUqy<2acc@}iGB0gnIg8BO${eHkC
zvxWL3@Lt{@b$fvp8m5lY?cP3W6Jpv`KyTHx`i;wu^oPbk1oC?7wd{xUm5JtEwYq={
zTdpes-<F8Ms+Pkg{4`&e@@|9|XH)Thb#bw~?16deJqRT)EaI(k<El0^K_gS)T2WxX
z0AmVo+<td|RVb9oiS7Gsxw7W9jj0f#{sW4~>j~m0?uJ+L-P9DPE<*!+@vmc*W!sZ;
zZ(oEm6AjO=Z0HAh@c_l40Nw<_M+Baxx8R2^DZ9h`gI{629_i$Qi?2u1spjb1$9<DY
z!lqbAV@Kq8Q+Yl5(gk<9S{IlU+`*Z{qydF=vDg`q9XYz$1#RxxmIfHKhM(j~M4oVE
zdtSmHc2N9o&=?FFGr>3=TRU+otsAGHRB=;njLVW80_3(Jt|LQ3X8nd?)1;0=NOb4U
z^|uFn+8a#@=02O1KvCbse1YalpE4@x1LHGvNz;~v6^_0!B44PlMVo=pUn7cj2vZ{*
z*<R*4-P>IUj&`u>yYKkd;X)W)GqkPpoN3@dwzrz_LSvL{dxzEa1@?Iao4u8(`@I~P
z76QCyYB=e}Gncc@Rqe(Je)cdjd?%CZOYw`{6+^rauO~infgfp&W@{r6wTl+w$@TI}
z!Sa}Ayol`alB}O+IMhFwul0`cvV@nhsMwOAI#wJ!J@lRwIy}7ASF;?R2f{hSREGzy
zme-RjGGA&l+FC6l<aTov7yANAF}O<_H%gU_N&NEPI1<XirdcORqzDkR_Gz%Gpdt`6
zSW+R=_fltc!|shK7Q9Ii6fI5HJ@1i<jp34)ykUn(B-w#4d8QUEWdiNxNd4Fy&7#q2
z<v6hdx_y%~>3)zs@X7irH^Ti>pVsvzg*7(cNvT_3jh0vUw&9%Lnpn>Dw;tTN6t%0g
z?1n4!A%12LZkIXQEQA`<^;}iW>O)x$nOY!-xGBb><@mLd9|e94(yz6<Z5aWL4Le{P
zs7HPeWaE}e%apCHXkR7-FggluHm_+AfKEoqYm!LM7Zax3<ey%XuE@UJHn&hAuezl(
z<|3bQ;%3)eXCI8+wCOXez?Y&^vj?h%7g%)cILW*N4o}uRbtJ^gC>-2YM7tl_2fkh)
zTCEqybihq#(OPgcO&x%NhI{DfV6Ma8*+UYoLTxXRb7&v*sv5%j7Ccs$;7&vgSiv!f
zh@h5Q7FC0gh)f<HAEVKM+T7qFMuoektN!S$Q&N^ec{-tc04YGW5}@tO8~<fGAZ{R~
zxR9j|(!ncmufVavJf5&B-k}f6TY&by<^EpD%BmRmDE^tet!!kxkINl+<8%1>4Y8I?
zwyfj?if-p&)os+BEwzVpmXKdDXzwBgsX@bbFf2c9m(KuUJDa>Pj?>pN+dH94&k1%E
zUhMYM!#mK|rt>-ihbk-H*pBCYmTQFk<{tyHizh9dq_%~8o%R)#(1meM$rtR%Iar^}
z`ix#_TgQLnxY-}?%9|v?R*^0fHRE1c*p)g;DbOxg;0NEyhl<D+>x<|WxQ&7b^fPlz
zYf<V@{Vu8Y9vgO+KSIt6SI^nB50S4A+P1ePQ!;rijlBqJ@tsch3Wo)hdp`NZJ16n#
zAQ|$6D!gcc_OwoNk$Qx*pTov1G#`>ikTwo&7J;6uW@(47oA(_}IyowCnMH^3{7#pw
z%*HSAWZ8ojI;U7(FIA^u2_kCE6L3$<gUr!+bV9C1rS6pR<+7f=KEijz#K1{IEg1#U
zvU-<dlA7HCqDI*tx%%gP$RnAr@!G9>nd}{Fxp@;TnxvFs^|KM$Oo7HCEjLbTDhSR0
zi8H3yc{n)7zhRCg6i7<YcZCx*s{wMAKcHPux3cAF8FxRK#_}5@E_MTPkVeU5BVq6Q
zb^CxTYw|>cSX0S&WK*8B#kVT@FO-h(D;u?SNrcv`2Fdqoa9s(ILj+)i2|`}CPHrS!
zCz+L*Zic5bbab)^odx2hslI1^Dfk}|^O*AEMw3%73^VWl7#RMydWsJprJw%TKP?Mv
zIr}jnG*9|lCGpl7rN001)c<rI{Qt-eXw6{WgHG$(?^A!IJvx#CFslMJE8;5~lJbPf
z5~tK>IH6O6$%vn4-VvVtXL@w@U-Vzs%KlZ5_KSqs=jU;FjhR>Mr#cZokh)bCvVS`?
ztMCZ@_2slG%<zHVqG9Ql#1Hgxhq1w~8fvhKRkfp}gcX9SG_AE_<LvhxSW7M#@0=8I
z>eP2_0<(~!Gvu;@QY2%-ELeEjdg?QI74#yEBAikeS}jd)izvd4T5Zs;B21{o<tqCz
zy|dwXPaM3M-CXz6w!L8IJ6`no-NUOtHV-`tr<!#ZYfayJ{bJoh0kZ|~W{Q>U#`GL&
zs?Y}TA`nJ&*q4Fe;i}V(g+o{h!q>MC(d*@ENCRh>&dARz_9qXs0kUm)#HQp@JXavu
zr~~8d4xTZLOLSxB8{mL{J6q{%zZ^el+M;{vGSE)dQmGCmkh~;T5?N(w{BktFz?GVe
z^ZC{S#}0jNQ}8r-yKg1BS(>IjBJoh2(|U=kSUc{oYZiBmn!97fCK4iU$2NP0n8V>X
zZIkjX<LB=cPZ%ZY7EZi10-~+Lubh%>G(X=+U`NqSNhki|W_VzsA2$7Pjak5rc{{ve
zl#i8tuVB6>1qgAFy^;H<`}o`xd<9dO`Y;0=mg0q<EL=jErkxlQMwp6=;)Y`i9j_xQ
zc>j3LTl<tUl@Ru35f(rD-UhS)_(nB(hC-&5Ez6v1(3I_D4Q)$V$sI00>v!ijYzH{y
zF9cHkhV%f>=MYc2$M{|A93Kv|Pf}K{H%ZdP(W8_3rmy9o4aiZ<HBZ(~JWls9W9+6v
zL*c>~3Z>?CUs}LJdpTZoUM!$K;uW2M<QPG=N`B*7-{rDXk$pb6p6-)$B4Q}NTi6nJ
zx!mII^Vfhfx*^iD+3X)ed!;U-qL7}H8t;JH=C*x;jmyewOdgDeqL!5Du7HRN=hJgZ
zDkUE!hNO(9|B^ilUC{b@Cf@N*``T8d4L)*g!cA`W^}!0o&*iH*e65y=A1#W3qVsh~
z!5rHm$J>rF){kvPMgqJm2Ekh*qiK5y76oA|k_IOg^$Atz)=z-V%HrZHI=GLD1fZ~K
zX;zWapA<ZhJ+&(-`5n}*b56tk*P5gZEX!Jf)CX9oOsmAFH*}Ulv9a<;<@A=s({6=q
zgg^bDell-Z5aGdN*@&;XL56oh?UEO4=!OAV9GA7LdJLmbB{zVF(`Kfm#c+4cjv{sn
z95F+)j}VDtOj%_e5TiIhRwFFS7A6Ys%h)k04lGZn#-CqDz&^h5nU1LGUOn<vtQV$N
zyVj!-7u-Ea1P#E553;J@^NqqcFZu&lR%I0h9WSg?`32*r@HMYNIXFysA$o?4LnO~b
z5oOV%BvWqTDHFLulqW1*c7YW!`qJ}j0f!r_mP;#;5+Im3L)N^rI8Zo@(Z4rN5|sl`
z)jA(+x8S`jf>i{H`lfwdgV9*U(t=llDg*F)S;>p+0$Mi7kvUL<SXUzQDvjdWQd?N+
zda{mDcS)haY>6^GenC^-YVom=g4tHTH+tnY7o>?6ys3yy=hLjL1V$s$A`0oj$~r}W
zaUI{Znu3Fl4f!%U(brJ8D*b%e+;)8j83QOlVMw!U!bt6eUZ;Sr9a20sz6RriHXF^@
z?!<%4Pyxvnt~9S#f=}WMxJ$KDE*781+h(VclBZZ`8wOsyf|}qfA41H7uZ;@aA8!4Y
z+ewH|oj9OeQxK$;jQ7Wg!)n-BO2%%ikVVP4mfx|c%+>)_B`+-)convq*;iDqd#2&d
z0P)I|9UHSai1Jbh$DF$OSB=Prs^9J3f6S-+Jfk$Sy871JFjQQ?>yHi&`4+lFU5>y^
zl1f;?%5X<IhKGHXx}>LUfJRRNdURuLV5VHdX1!rLsR0^^ZT35g4Yl#cCpQCy&iQv<
zNuNLdc}7ZYq-DST{e$_RXO{h2w^n<-Wlr*IzFRrQnytjq?Z`G^8}XJD-bwT_!l&M*
zExg;cScBe4&ef8qO@F8f36xQy>}8HH7H3gaqvnSy5qjPwJe(cMmBw3=Q$gt;8l&s&
zK3{s08BZsTta(XlYllZp-8-so5CPuN3EeQ2N2S^sTuNnM&nNW>_+D+2EnO7r_w#(?
z>LpJwX5b>qRnkfE9o^zT&p66v^H-NP=ce*!q&M}oJX!V(sbmdU1Mrqe7RrBY5&$eH
z1YjxLA~Q6H=ZqL9wwNz~CK1`R;XP?tCS$uNQ_O|TWaVJ~r02N{GD-rFsbetSk8H{~
z-#M!b0$xfwr?QKn@^R@|RmO_I{-J>>#|_W6e9#Y|zQ+&XL-iP65u9(3Uvf^b7&(s2
zpIwg{=~XlKaQNfRcG2YR(EjuXOvUtXN1JBPq+LxWi-@fm0h@-di-eEg>8STD$OU&&
z2?fQZWe9f73h8m2OusW6ETGYSr%K%wW5cSJ(39k5L;-T$AR>8nB8wH8<<q>miwq{l
z3*;U;Dvp1as+4InxEi}|e809bc5~AE9{RgS<5SyzvZ#>AOd^%H-Xb!Xk*&KUTPEgd
zFE(PN5z+lnhZyC03;&`Q+dpo%v1fa}!G~CMzc%KWID}2;Oe@QkNaL>PWmPoP=l^Lv
zZgOv1ChkE%rZ3S^wEp?y<sk*7Zffp~6Fz2+E0swmjP|-625{M}O7ZhwRfEH-!7)$Y
zFE<Ui90|-BgRi1uW*6F_>|Qa*<TUf0&M8+Q5p7P?6r-zfTb-#bJYdqS`*P`)y>Hm>
zN0t6b7Kvj?_w?b~4J~<Qt?M-6<W&MbxocpAP)sbBQXJ_6eUH%w%dv@(UNXIq<+;J(
zEF~o-uWO2dRS;5gV^xaD^Te5sRHCF(hx1LLD4@|7W4U5xkc~EY@+-c;+1ua3Vqx4j
z$-Qa{$Xez41rnej+FPVMqS&zGejTy|C!jv|*MZtRs0BKim*uCB)~1rVNW+9HfQNF`
zUN5uno|+66;{qFx0GJ%Pj{AbRq49$L@Ws@Pv;`+pn{V7paRTQ$sY%v!s6M4R-w<cG
z$V)hNnYui&C1imE=)Xu1Dk(4*Urd)?O0H39t7$J@lOzS-dMN}`$_Z93r~67i<@rMp
z<6HM8I@2KN66pP$_3e}qsA=XVSwxN2aq8L6K)b(OaAO`1D~Zv*-2o@amv{Sa_B3Qu
z+^((fD-O6MOsZz=;_Yy3#sMb!-;JngtXhLw$poz_Ed+iSaj1XoELY;oAZVrq$CMYq
zde=-1uNN3HYgR6w4K*#B@h(Ez@ajkBdApcq#VC~IjEPq&eLllB$x>B;#9O{7yFL4o
z2T=6qV=DXc92Tyx#40=F0mp@;<uko~wdm~%opW3lGb{;$*AiFvtB|-?pz;_WwsHj0
zK^w|rP-YOG3I^08Y4I^|%;&oN!P{D(55JzhFd)8n5>k(J-_4BoD}Dck6ka@7gz)OV
zcZj6ep*$o<R$Gf`jOec-`M+gnpSjMnjkhX&kdWvWAZYfb@_K5=j5*M#jMDh5g+w7~
z$Z-$4F5Q0p;aBljVg-$z)SkOW>yxG>%B6L~whsZ{QK*M-om5|>d00%|bkHX7_cP`%
zwsaD*XB>Vn>)Gb3Da`tTpV8l@$4Hs6@)<Ywp?6-jdjS!0kRqmZR5wzH5oO}gdr#u(
zA^b`TP1hN#B2rxt9aGdVVFMYy?WheWYq7kRDizf%?N8ZZd(bq3pJ+bw<=qUN=Dtz;
zQGQ)?vJ2+|_K!}ZC_b@8=)kdhb!o>uKhMmmy*BwRE5BX$+RE~)!{}eF|IXJa$jbgr
zW8Qc@iuhQa+iG&*=b2b){h6~lW&asp`~RU<&Wdl&u7+cow!6BFr}XC;vT&Z`j|&yh
znt`wf=NDdW5H9%qJhMcviu-xy+1T&@nU}oSXT0t9D7yBOkm<h?alcxY&TDfGKWYsF
zp2S@FPKmRw`1=_n5UTO?;}7eTj4!J_nZ{FA--`!Za52`dnLW>JR?;W!#4j8OSAMeo
zc}7e1;W4+U?&GB(f{)?-C==sG2mJ?Ga(8sF!D5MpMPo{8yZ(jOi5L3_MIU$^v_pfO
z@CeYkz{0j{xUEyVqt<0ahhL@@Z4V(V4ue8P)O1hZ?b-C(IVlQDTy>EmUJPW)E^2|#
z6Bd$(4WI8*6_<s(?sx^ngfJM{vgyJqPuCMMWeT7BdcWMvXUlBJMO)R*-b>r7<64wz
zn-RG?>~TLbZAfe$m^ahnv&R)(^1b-OOG_UtKZoh&KJR%>aflJET0-{W!V_1VW{ieI
z7LSxpA|lTIm|dwKlL$?VPwJ?R!(u-M?XBnFe)K~y{RedG8jO8xcejMQ?Pu$ml}*Va
zIVrP2NX2P-Fq+RW91uSx3d7{+(?Kr1utr>=%l`NF;M6s^il7u(JAi)PF<k@fx6FBS
zFB^ZZ?J$O=JQIMt#~6@6qzLPTgm2ddKF%$<ADD6Az}d~9Sy0G@*@vZUrMY!2C<4Zo
z^rmFWgm9Y$o0^$k*wyJ{>zoxZ3zM^`U^HC)BgN*>X{1s6HMF5_q=Qs3zCa2%*TMmS
z37WR7=@HC4b0UOUIm$n_f>A!A%S*~`to<KW#td4kD_;H~APuGzEEJ%K8xtg4y)*Lq
z+U)=jcv0F4dD?g4t(^M1k&Qxw8u~ri_e*0+uB_5-wqxZQ0>3pSzcFMu>mfiJ*z^HA
z^J#*dY$MNYy0#myDH|UUx#C6yjc1`kni{J8^lJM$`8*^`Zhwq6X;tbUQiqD)=I!V_
zf}Cf<2Ty(Ok4&_NNXpkp1;buCQio&xW|zzP-w$AfOv{FnYxR<*Ud;dK-OG(WzW`CN
zbhF5bsh!|*aZ4w7vUsXHiNK%#S(&7@We$94y_b7lCjd4F8qHYdajYj1F<4x!&Nvp&
zWtYy~{;2U6*PSnMtNy!kGfZYf>YHq18v9U*TA#@Nk&2*(*g(sIaco++8g)piVzNB6
z=!)@fc2>)`IC<F#@^$PIl@$Ym?W6!kgLUIQD_??3%-;Jac<yMXbC`YyhNf41JICkt
z3Fzp*xj3y`WG)(g)LHJ!w_Z<?*I#M`cN(l0CDa>uWtPR1vMAw3V9HYtl^%YH;6HE>
z0;^oqOXCa?oJP3<kK_?r7$S?W_BjrcWH=ieKP5S$3fab|?9jAqb$v}y5;JL*NRZc!
z8CjzstJ;8rG7;FuK=0`;^M^ekHTxOSl5-Kl;83XD4@$AH7duL&>>W;@?}s%0SL$1*
zA*Ja09++o}Q8%&1%p)DB<iy=kj0|LxhmX1mJe4V#y=_jwIJhIk;&okSs|lq$?X(@s
z^*W+>FlGt^f|yBZ@7%hT=NJ@^Ds6{MtiHzsnlI^#F1c%n)_C%t20$JjW$H$r%~`)8
zkMT=f$b1e0UAuhk9_^Vp$L?)VH_W~=HvRg%X&T1K@VP6!;qy6!k1MTzUgJuC?N}NC
zB_|)GULbeMCsSlMt|YkKoi$mjpRwm-hi~Te1lgj8_^`xnEMoOjR%44=`TGlGk^I~b
zi1K{Xq&kw;ANKd+II{W&voFOL?@xnVfv4GC@*yO0zy%|*=IM8NBkUhWuxy{dJn&p@
z9GAP1Qc>w`2Ic=MIlHEV24zEbG!@fHYvr}%?QI_RL&$hx&PzK+#*3?s&(jKW)U?Do
zMqw}3Q;Dx`_I2zy{-Msjohw)y^jSl?_xW3I<I>ZzV=JeiFx3uYv{$)b+xJYX$(;9?
z;woR%n4hKJMCzsYBGi#ML|b&6K@lpmu#-n3st7+CM(;J|2c!wv@4Q-+S(v{NqMrZs
zVfWdOQeVGB>4mM%s5@4^TRyF2>3x4|i!ao%z>>EeQNnmjPVCRWB3z#G!1Va(i#(sq
zbJJ_CgROqvfsEulysdeN0u)%bs=L184Bg)|*<rx0Rkzd*_!L@R^ky+$pdgzvTK#|r
zeR)puBVGMqO{&gE4jl6KB`Dv-QNVVNZe2uaMu$qQ*l5E<arkHjtzQmyY3aoi%x^Fl
z49N*6slBBGSDaHTZKqvJkIpLANJsY2sz!`OPKmx=9Cncl@(UOPPqAsgYT#HFX&M8(
zJz@nc><_)hMcaV!;|isUe2lE@|4edaBN+9WNz12S$2mUuRu)My<79Lpn-~lS2mHIe
zbZ84q!dDq2Q!*(#SQD1ITB`oJv_2~>Q{S`bsQFWcO4O&y;r+On>wBdBoU9c+ohrMD
zg;@gL0lXIMyg%snP<}vVJ0!SOut&GQ-!J!<U~qtj^@oARVaWw5m2Y>&pl5R;Ng#5d
zSJ21Q4rvlz>c<rQjgIbMFtEJFyn9juYp~xY67@_i;@6%p?Ao=JrPyxvU$l>3MNt95
ztmTpvi<GK&2-qWR)=Nn9N#tQW_p=6ijez_!bM1%z#mqpEYZ32waOe*b`R1%6zE|R|
zal@GECF_RY-sBEe#zHc!l|Xfcn#$8LYYM}Zrw^6*5DM3EyZSk5@#spOIah+WClVqR
zBNHE}(}j69lF7D<=X~(obyF|AWV`CF?7o8JN9ACSen(9xAILm7#cNo<S>#4eePmu+
zOsQ$9!u9>Rz-lx7qMmg96E{{~VhnVkV(hup^VH6$)Y<P?FOQF8w=oebq$&3M2tH}z
zZT)c0!;;ag!~=8g-CnNglhIK4Qb#o0XT}o%$A+ttVIshgb+PK(FM}JoG8dFH^FB0<
z&Mtpyg>dTMPeRG-Pl&p{w|bY<5HS`2dViykmPBfvlx4&;Y7Lq9w1%}SkG-wzlG6XQ
zGHlvM+jMnFC5uRjzE~fxUn^{{it)HLZdA<z2FnWLrNGlMZa<z`zs`HVDYSU{i);F5
z=_Pve9~W|`b&E&R(fT&McyZH{l_w6<!Uo9rVch{`%SytO>>JQu9|no34hUrrMD9&?
zT)#R+!NF5zG7;%RlzSFEtZ%ckyo6zr-Xs_dxhJ_OcY{#z%WsRb22iP<x|9W7VqE-Y
zVL;iIWTqx0qo=rolErcXQ#vAyr+RrFib#iSDAl6<M`Y8B#=pqj|Ah{_T0X#ATi#>$
z6eBW3v-;%h>~_1X&)l%HNlHk;9KRuaS(BHFW_?qxs7n8yo==M_u>s_~?q;|wSpGhy
z8YTLgG=k#TF0i>>%9%Zpung9}eLXL~1TV|2g|+>8rYNJTNVmCftZiL%>B1)R2tDCd
zw_FVwz*Naor(FWa+AB<fz`C+wBqB$!F)+MWb~1*uiDQaPfr*!s6SqQ27w(t=8;5{j
zrx3FJv7ScYM#Tm5LJ=r3j<zOi%GTswQJ$Odz;ByRg1>r8sGRlPhaeWakh~{((qZr$
zF0A|;`omJ(5aR#A-gyT#xv%@)<+34y(xtj60YVi*Z!RH}geIX0p-3k{z)+>SRC*_&
zC3Hwa@4c$@(0d7ON$*Nk1YI|KpSiR5%(-Xgo|%2`+;Z~gJ9+1Q^3HFbCr|r+&?xjo
z%E#@$u89!#xA^FdYLD4&(psihnjh;bwWa9t=L7Chlc&4?*!LG@jFQ9}>Wk_(rTGey
zBw^2179Qm*Pn(kpS^Pb}1Ps0LFi(zpFc#daYWtpFp7lK^7V1{ec4D7$LUHSL6yZrR
zp#`(_3~jkK%Tb&z!OWL6`p=`sN-!(wVAs3}p7{X_K;HtlnorLIA`l{qmnj6$!?y6r
zgianle1ARHXmZPI>x5=%#!2c}y^}xt%U0T*p7K!FY@ivTyCk0**b#IyE?YH=cjG;1
zF}&T*hMw4AT=rGBsA}FKA{8QyLQ+W!o<mr(yEWIrjzFIltZ7jSi-FY0#bb|MvO`b(
z>jXUq6#5gkVJ$I7u2Qs-egPkbMq{L~Nu^PVk@<q@<}SGO4aUIyeG;M0-Ii6&w*?{l
zATIHD%X{7ZkPjC2Pz!tZz#&yCAv3Wj&ytgK7z{4%VEO>-hNgZQh#57-8<^smbCVSM
zqYLq7A;~@ZMWEgX{^8m5J-SC+xHw@LBObqCP@w<XsP<BfR8QW3Za$&r^}3aiMshUv
zI<^t*ss!p)g->!fKERmfr?5v$rHyE_WVAzjtFEjHxQF<gIS#(x(@3CYIN^h$*EF^u
zk^9_zS*DET7SB>x0e3;iyb>03*+yGB@?x}E8*w}58KBqUBObJse&U~#8|RF}HHs!y
z8VwV<FqWK~E9R~5t>10x0d8%Hb{L2Wlz9gbJ7ct~qg}NFsUZ(a&FnYkR6Y69VCeZ<
zdlcDGZu@LL`+8tt8b0t)g~6v#*T(krBB2*BSkccR<1%^u1{O_hK^v4e<X4ebU}L(?
z!#7s=UYhdg^{SZBHtvjwT3;t0_s%E@-?6@v96I(~VbS@0@D5b%mcaw7z>FU%iWK}o
zpsv)UMr(d?Nx8`jPW(&R!_Pi<jYqQVSpkdZ&M{P3)&@K_s<8`EpOG?`5SVSwvut=V
zEYZE8u5d$U)mm4NI4I&%qXK~tk+TaQMo}{%jA0QYNp_MsrF6~o@f%|NiUx5hZ3{_J
z)boO{RP~nBxB~v!p+MGYb54nX2yX0`X`==4&==#+2OMrux*6nW6jD8x>VOSy3Hq%D
zNf4e})XK67rU|HJ(Z%MBzy1@_-~mq3m8MRb^kswX`$t36&Dnvs(w<?=FBE3UM`j$l
zQbQwkJ;q=SqEqzFA$8b!%3y`Q)|!N!Ki9oo>hxFD<><gX0LU+Ml7G?EB=BTc^wyTa
z6E~N+XQv>x_a>DF&-*8~n}*fTdEJ){;P<Js%vhUC1Lzvryo<$vt+HrM05B*60#vr*
zuPY-dQ~zpKw>%0m`GuO>FpVntiZSV9V*1FS!>z^wS-}Ot!wxcxAc~iBg#h6ArtB3F
zYWV4>p+j#(*h)WcoqT5AC0h#U0XIdNKWKaoKj0RpXI_2KajQTz6>Y#b6sd=lofaG^
z#pY~RU|%Tsy>)_>OW|(1f{vBYN=--AcBqSKp_)V;>7{x5#l(*__%BExO!t<BcI44^
z^34Tb*M2E-4pS>3yF2h(^`B;IlS1rJz#y)u*tM;OY?O^#P)=(8Esn23F^M+(7w7z$
z8vfR1Kc$4EEpq{4+4S1%o#MReh)3du&0TH)U@xx1hr^<Ly=!s~Owa`J8`TL;_O}!x
zA#$y8O5p*Dv8oLr<OxpSr*?L5GZ6GZz!>AsfM0|#X3hc|*mp~F3FXSlm_~ZO#Jv}E
z+p9X4Lf_3>O{Hd;EH_0)q;0-PNn&&cC;+EU2R_u~&+g!2mgNNx34q~O=e(=M#-HQY
zwEwBr@oQhFfm`-+%WETrt6%>OLE-Z^1jX6EDChr|R1SWLaH(`|y}BOq;?+5>HgWoe
zLFr;EdSk^aC@1|j|H8df4gva5c2|^(`91Xer(&$EG~HeT&cQ6hprGvI)_b`m25Q+b
z1Fi`-;ga)`<WmH6X?{ovo%#-uefMd%dDI#Ya*F<$MsAv412fNZX>(yFs$+k~Xqhcv
zDG%LhbawPq0auX&iq<c~$tvL6N!mMK#8i9mW``9UI81Tfyvmcf0=C{`!qi6$*Ut2y
zO-<P!mq-jJi3%kwf7eIba51saXr6w8Y*KoUhBHhbJ2+4biY;ll8HTGMu8re0b=|N7
zZi$V_j--AbQ^sOlz<M1aiIOk5tbA4{h}fA&1ZGccHgmkX5UHuI?fV*8GP{|qVf!_1
znqxiBQgHt}Fes@-cC9)4lQ%^Xq$}8GNb;(#uE3@+OC|%J@rbe5K820mshTZHNK#xm
zVUwfFx*WIp*EPG#@)!NCJFb;%r8;D6ip)*<9U=L<P*N{f<e&&vAQ}cPgitn<@Pnhp
zw=^y1JELi{ml1~Z=a#Ze4ITyb9cqcbMXqIqEvQVeeN+B=d1J6XD}WDdf4vdoTbT66
z(|+z<F>X!uL?a8MsXoL|7QpD}d7ie-R$(h=#~}r)JiJ7<=1R+(TF?62!doV-Fd6&Y
zY9@$frm!JNS8BK1!08u{x@7T8e`hFUGkKw0Fy$k^MgbJ9f#E(LkP=`Vs1TPFIH<@a
zFZLJXrusdk(u4`7K8mg57Y+F13uE-eC%G{EFn>0`z3-wLds6gdiv3W@XC8E6X7C<+
zgt<k8QSHj6LjxHJSO<qMsA|P*Qq=Q-&Asim0f<a-mXU_ia$_+3;Y>!;SF>414u{%t
zHAg(gk!VsVE6LYH5KK&FO8~sC`$_00Rn&;s-HdUHoBDJvdpHAW0>ieSHs-LmHC$+z
z&zwdc!Ob5U0P+|67kR~8=cHwyKDIO`0VRX#P40$7Q<e);dD}uIPnZoz5#RC7AQ<|s
z3Og&kt_uj@kL1*zZ@gWQYo*M#d@*DBar}+K$poumg(|Q2G`EH>9Y+dqi;;l*Fm#pp
zJGbZZ#ODcN?v~t-Nv<(A#?v!cY0P>1jE=8EgZ=@Vgk()3u>fajCOV_-Ko4^@SvMSL
z8We8T>F#AopVRIW`?5!EOAJv`wPh@t*qevWqwW!(9%~=sqWUaEr`I7oJmO(nj%6|j
zTZ#T$5ZaoNn?A@hBd4`w_zXAmP;!M^ad*!Br;eTE&9{7|o;*CY_T(46YB_7)6R5>I
z^6T=Ve*`317%&cp3S`HhRO9*8Xt4lj^a_5w;S*h{L+a0`=`Vt-szvr-r7xWky_fB0
zJp@i0^#N9ld)l8w)#UYosRn3tS5)LtLr4DTFxvc?I~{XvscdTcNXn)^fTQBT&M;wa
zB>d}*O8likra4m&7-2F1;p)}UY{Wi{>X!0lW(X?1tF$JhF61zr!_H=uzG21&Ze(5?
z&}W9KPPqC^0~)#D&eGrS=rf|~H<}hX2AP_>MLC0u{8EmE?M1`rEw%M!h*QqebV-6y
zn$=hee<k*oHR1cmB6)o{V}BKN&P)<@_bR(+_LZw`54}P;8UUozZf?=5vzQ=1QiTkU
z5ssuHcWJ!(cP<r$jXj~#W^j$R97EBtQGjMFa;g2slCL)114QJ2;jkV>m=e(eg(gD{
zmW>O}#`lf=)KXU_$f?o{EVgcX+pBYNoYM*su(UZ;tv6-cU78y*cZJs6<bHhcOH!E4
zNfmj?bxI%|^P=^6&7vh7_8ZjGu4V<U(ak)zYU#6af;??m;Y26n+x{>C4SP&Eow~A)
z)@@eOVr+b{29v=4W~k$gGQD~&U2@S0TlAK}eSjrEa9))xz+uKWLx#16LrPc=)JH&X
zj1WHn*&cz$3cE%Cdp!yGT@m#@<RmcS!6FLk38#AM=l!{5X!u6XldkscYQMUlA$Qx-
zxPi>F`y1lc+$aN^FSU{sP8gmb!e|S#h@Z_H+rjdYv{ay=b1UbMR?JTvH;E2Ml0m+F
z{WSLDdhN{gwgZMP!D)#oJs<&U6BZ!CH{q5$fl&T>HzT;<bB$l!E-iMa!1qM@5o=ab
zk1)LQ-F$_PdYASv6z-;yKeq|EK^)uM;}KKRnZa7LTCIPI9uX?9niBiU8ezbn{i_VW
zbGs$Fwa#ShQ=P_m=4tc8(dePbjF*Fxd`t=K<C!43hOTmn)8Xh?cD9V@>7G4$vYe+y
zXd~lJQJkxHe0x?}f8*w-qGT6dT|1dcU^8VrNkl*t8#frC`xcA^EC>KV;|+;lwOf1n
zpViCd+jO&EEkUV-)q><t%<wWd*y8wHA@mI=lvY#1&%ds9Jo%4eFr|1u`BlEb^oQG}
zg6Yp@-P~yn<N1O^gffNe8Z>SFeSJnl`q{rE@?QH_tjxTi_ZE2K$NQSoJw*A4RxhMC
zR}7Z(`V+Wq;b8C(+^3IsmPgXJEZIuB4J%WizUES0R8t3%ResdbGZKn7zFCcoNSzHQ
zF5!J0+D^0gmZC6-phvGJ^v+^@``c-)Y~KhQOG~hL`p~ttL;6;CW8HpT?Ry!Inx!Gd
znU+A>yW0HXTZu=ka=Kq20z{`BYGS<E?kz%7yK(gtFbT-n()f;r*|tN#TM*@-6;96d
z*X6(jO_7ue1Ryt@y25*!>g5}!H@T?V>x)g<q${u?$`x~G2P#x1S*GE;d&^O1om3Qn
z$>KRp!?Cf|EUBoVcv=o4%{K+%6F%r$d$OM~*3eNit^~i`SMYq+uGpoW%GgVPsG?o{
zUG%HD_zoak6oW7WxNKCj`HJ?DZ+R6dc*cbc9_#A%dkL~V9}F`!w!2%Mnnh0KOps-v
z=M`fk^<}yxq|qa-5Yj9X^6C21?LrffX5H|T_etw4ViVJvMlI>OU8NZ+fpm<g-jB(Q
z#6(YjdM<c)u;h|v^JiwFtp}G6@y!1+Y5rD(OZkD%p&j5A?j*3SmbL$Gy$rp1nJqvm
zmD623@Nm~h+f3#tqy4&=UeZe*y{&qiTF`v`XZfP%8#kra+Yk;o*TOO~+(O#{*k{`-
zRhq`Ls%78?4r)6Wv!4n!o(-b4?8vc`kC_J?+%i>txv5hg9wjq<{0WlSvW1@1LI}eX
zXXX{i5AwB(F4tX@bDo|FnG`X5`DVPWE{sDr3^RmIJkYB2Bz71gPPO9T7245D@Y2bJ
z;K;~wb%Q|FdNBF;+n&CYh&9}84=H}2$D0x>ril1<9oLlvw1~aXkKl&<b*=dp`o}To
zge6$HGZ!(#ZW?CXzt>ZO(3RQpiepJ)o2oo9Fh?Z&7hNTiwLc#;V{_7^rtiUj!Lac^
zeZ-3*Av5B#OeCC~(LBlt=)9`kXRr4Sl5$3?GWse@j{}?=r=4+;we+qC(2FNj$2=f$
z-L$cYXMsr<K)yh?*Aj_s>hiO3B}2pY`!)*A^P~JDHEreI2dfpZt)mw`br}v*-!wAt
z?-GD7(W%L4G~dEg8)Vs55g?G+Bl_&t@vF^2^MbwPz`Km*hAqRQ4xS{9!8&2y&l)F7
zV)+gk@uI!olJag$z*n5IpXdKC76DpDVL`%|r9eu%%}EDWsazs2x?0>*<hj7nAezCc
zA5KV)5KtNRBFRKiIYcpgS^&;cU3efbpB6*qI9}ICFQgoOi6so#@+)e_FRmrJmB8xF
z7I^I4DR~f#n3y`v#dUy&^!a0x(245Z5^?TR2y&Qapv*35@ip&=$dUdVQ=LhlqrAEw
zna>ZaA16&)bo!PSow%SN{Og7G0^^{vwWUI7F=8|`VdeRA`0peM?Zqf2`W;*hEp>Hn
z5HDSm<b%*=?wS|LgT1SZDisTCGE&hi_eU4&OV{BG`+XVfQx`(VTUFoLvFTF*3O!?h
zS-V#0W_5`{d2j<x#Y4+QzPM%`!6&?7;<DJTz5gklJiG4CQ6y(ft1UC}wwH)2*K5`3
z6vB(Cn)!6u5U^UFIwSdL(o2EJ{!A%sNlClUbQyDjP<ccD<_eh$$Trd7FwFiK3czg<
zsfi12c{L&TW#@ee!ss|bGxnGj&$H(8fE)+||A#?=mJGy~5s6zR$GdMLXAF4Bg8_=0
z>l$Pvp}b>@+wE|kK5E9FesEZO%)D-EZW5CMw7$CkE?e`c?wFx>STE?8FaDE3)L--s
zTaS1A#Lq4p7Oz@@f+A{p#}4$xMw+?O){wS_k`~K8_&q;@nO4~KyM-!iy#~W{lnR9_
z1_=<-rgSh2aQfp+^s`891&_#;`|GdoraJoE_I!Twi1v!{`Bqn(VuE(TmxxDmZ3-Oz
z{$DoM#iYzqoiICqcnD@sX;J#Q^zf2y&k*z#)U)UD2C(R`yqHEVd<qXxA|r1Q<O-lP
zDv&!v8S@NT>{jg>6G($0ch{5M?;=$4jG6ws?01;GRw$y3tFKGxgETMmL}$%lnJRY?
z6_%>=-KZt=!`o5aAF6`<ZvF9nIVOIpyVzzrbpVc<*M=CREra;z;=SHa>-tnhMXsUu
z%U)h3f6?$%Or9PGNki-XI}t>@%rS@H(F5X=;U)$kfY!>?TgXvG#G7xvCeCI1o*MOf
z@fN&sZ(!&c=7`+(9)n-(Tb%!Ot=}q&=me_=ce@4%*m$4ITW}132dDHa?B^X)#S0~F
zLR3QBJCUog#~lV%n7Cpq$jPZ;^+QWVe=lr}qg7T+te=;I>16yb0=A+9RP9R;EA<@=
zxcsZ~R}j_wA&qIu$B!blP(iF{fdCH;=v<^x!BBnFr>-+uPxJ}@77pgHE&Mf>F8j|B
zhmjXFo5|1tHoLZFtqf+p0M@yLBGiQs6=f(_Owr9=YKqu6E76<p_$qGmk@9ps^Lc}=
z-Qd#z2y!!-Owk7i7d({r^_;r*y~4q<9KQA?UM8piL&-|M&(2-1iU#I`cg6k<B*Jmj
z!--DaPSLd1h-PHHOK?xBBC*;1slGt#Xjy)ar0^nrN5*iU`B;SzFJvE|v~O?!Iw(Q`
z;pFU=UDF8YKjugS4sD~ZggVasx{~ir&egkJl!iVZPIhiL;p9=FEiTa5Irgziou8Fj
zo)*{esif(Rc5kmwcwWla`xwZA!o^3=d|DZDm)eqNRarX}qEC4kr=%;Icc1bg*SW9a
z0!|{b3X^dhy>*|TagWv8#C%AAO-{||>o^*U)P!ONWbLYmGX(mtZc+ANh>BBllCA$C
ze)rT2m;0mLZ2)d=I61OqXqec{uW;EjS^TP?4G-$8SYftUs`L0T5i|xaXxUIM^eoep
zA{Ud*ei<qu&VRo+8(w!gwC@Ds&53G~@!|qhNKHfgFv)iUvb>TI`gooe5C4<R?n#-c
zNiPomQSQ+%_eyxj8CV#zRCMYT2n;dWUo7L}vGh8zBt5$9%^c0wnOEVk_S@5uO%+dK
z!2S7(*YCNe5;|irW`;6YNn-K#aZA;h9*Li9o`{+ujyV>nXs$aPWRT<C?x}rRxW`{n
z<01*RJ2rMo<OoQo@~m&Yg&)W^NOsH9X&ZdKsS~w<mS=UVB_CxtRielX#WbC2nEXbH
zI;0e#ZwbPCAwU8O7;LR~0Qwu0V>X%VrAP3ACC~Y2hcDWY(v4l&b@@g+-+^%AL6d$P
zk}3Js2^=-4lKNwD8c++MV;hQs=Qi*>vGU1lNpUQzC}c{CRW!pbuFYZyX4=8c50)wg
zMO!A3c`1ac@|N>qA?e(S`bzJdq`2D>Q<=D1?ju=<pDg!(Yf(4t@`~?V+_Te&EYu}N
zW@_IDx;ND+_9#&)$`rsRDKuWOgJ0}oSFGzF-Ow5GqsExs7pOHZmb%g;0tiW(@w$R|
z01+>_7G4NfP7b1Sgx^We=OIOvIN0PwIzI5pD+l+jP3o4`6~w8#O_4@=DPp_pD#wp(
z1Rc6NoR%#h4fWEEj9Bq4?wp-jr@%}Bi8A09Zt}Rn(%h2Cd^>ir_?(Hi4M!y{#2cDM
z4@)Iy0rv5@>5oEYN&39jVn5}yOE7;to>9Ipr9r<@*u{Y_F^rX2)8`jgi>h<=rz!P=
zK%Phf9-P?yC~z97e!~m+Xg9f*n&!`WPg}}@BO>m51V5!X81fb(DmQg|Mnew>&R^>u
zbikeJWbY1ZDwOsgekt7zQaO`qtSz<gE3YvO8sH!_;OmYGM?-`t8q7aE(tB<2Y|81M
zzQ>?9n?Yr=^e2zXid<xSONDpt_$p2;qFj>XsSLQ)0ZPx_LbXU%QLMO>`-MwYM;sqL
z`s-}tIhgD~l5<<eN!6~vNQ&aS!s0obY9K!QJ~wzCIF-XfoxLr|0=?QYJ**PeDd;j6
ziqe~Dw1IZVV%^!sYS!@sQe6g*cj<OePgTN%$2ZkmLYHwwp|{h9%$lEY#_6^5^FMA3
zvFNh2*!D&IUQ2-wWuGuTZY=>&3P6qHF9#jiA%>xvCn7(;_D<fMZiNp0%5Ut*Gh+Eh
z&!>BqX((l8PScYiiRDtDg`rH&{*y?DI%R57Zx`SxewgL>z4rBdXRSj2(RV8U8$&KM
zF~K5lHtCdU)scPHK2xe<+dJq?1DOSPzGMhQB=SOFkHy4k7O|XK$kemg)G?Y1*0pEX
zt|y4{m5vxzKr@kYt4%WVNo6?LOufLkn1%z_=9p^>b0N5%`oX)1^-~6k1)ZAkQQn%W
zH<D^c!uTs`QBS<o;0|JzZAT8z;3{KG0vfQvTo>Q74dPo!B@giG>OHO^X0{c^745Oa
zks8t9f-Eb1&RiV2j7_S%&U;yA0z97cDA|BtRlr#Z!|lgd)Kxd5)H)Q#%3#RzeA!RK
z)nO9qE|O}r`_Ow4nr%K2M!4D04}#DSjS~<v2x@~b_dK2n+qSZaL5!KFiJX$sHEB5Q
z&@fhi*22`j#?*B>#_19&T=A?Bcu8?osD?&npql9H=3py#y68E;cX>NsW)0T*HuX|0
zFG3fpn#<e|qlXHp%qvphaUMtI@RW*E`7<l|$X1GXH8Wtt+r!LpdxrL=N{!!vZ}IdQ
zhr$rqX-R7-Y&knC&5N5S+!mX3YWZeoA?grK8F!Ue?y?zh$1j`p+-r5{^`2oL2@ZQQ
z|CpBV$KhoGBUd$q{taAg-+LWzxL{`*zN9A0=+lc=4%vzhOG_`mPuN#9Yr&NgEi%N`
z4>v0Wc6jZxw;IN-^F+RN#a_E+Ny&KsZ$_*9=kxVnQhXgR)3hjMfUd`sG5}LloRNbi
zHe`dp^837=QRNSht@QtsM)%T{=TGPZrA^FB_ro5WzFOAXRKSW{F}HgEhQ@|xr@^so
zu#Ou$Qto`I&eHx-_dGOnS6MA$t~{hke@+eN2u<%h-0w4n5w$iw6u?B?(_>Um3zD$v
zQRG;`9-Bb_O^x?}x=0<RUNU=cVl%PeLylScd*=A+<Z06<;{kNf>+}SQ*5XA0tlec<
za~JLiA!f9TRY=cFmd(7LtB-_VK$OY^M-*rYMwk*}+H+S$X_POi(dRX6F}Wub=DO9l
z>5{h$8LIyr#>Q2I^+?^Ned3CxEdE$jibdtf;H_pX8_kyNi`GCa+2b}fby!Us8WiA*
z6fSncMMdrM(eEy%Ve>mb)rwfN)gUq=uM+2Lu#bvOQknH0Hyze=xwA)_vm3}AXIUK-
zdOcCTsMS|g?H`yd^K?B!$x;t|Sy-$IXN1@I?|U^r5mH2Q3!0TkrZM@9qJ1G}R2$4c
z9W7aLyLK&z`Dm-c;dDLS(r#SpWKEWMDz0fqo3Fm?uWPgZ&b$UW-xtzxF8M{xM#l7)
z)8~P`Hd?kblY%6%!=xm25`}QA{HSdR!=_MBH5oc7h!DxE$I`PSxdO8<aj~1;1)9~m
z>=8+(w)dY4i9ucqaQhd#6A-Z{{m5H`9I$MWJdxZ)%sN6`Oao45Ll)2YG()CJU&FmA
zlfim(f*Sp!%#_7Ug*%@2!sx^#F)|D!pAA;6!}ZWgAJObv8X;=%{gY7pImbJVwbbyh
z2jZKp?k$%TPID;{(Fp<la(@8T$25rq0&;i(3hqS>5PUQu9UB#?ZW_})(1Y9IN_7Dj
zP5Ru{t8PPsWrm9m$ul6JTkfbARJR+8kG(qQmQS!t|H-S%!qHRwV#-(*k}oBw14w0s
zV2en1AQT-D&=a1Ep<cg#xd6wJ)RwtSsf5gIHEcxcSNc&&Gc%gFrBi-Ua%j()5i1Q3
z(*laqFqR)`LeAuY6iqlzEJzoOnHBSam6;V-qUJXeoNC+-sRb0DHyD&poT&3K==`>z
z!yKX?Z40DTNohbBl(s1pn1Y~~(7kilqGz55x+LcVNeu>KmC*V$PsjS|M;pgZ0uYw(
z#e;*T)xn_XPrqSWAh%n>3;oK>QrufR$7Xo#c9UMZS#(yJCqrzr1g-sTW?Jy|I<R?b
zt;rfj^2`>);RwKcg!uiFt1+^;rTtoWNo{y7f5qpe82VL5wOeoIX*lf_&9qST{4#Id
zvNmh{PgWa^$VMm8P<p4PqqQa6%e%lqi>R-DOd=nuOH1+9i4%WLb!X=r5$y;xgf3`*
z)D8FY9&WC;G(ZqHWoWM=Py89G?9iB~g|`n#Ld8IB_As91FL5Eu3f!{RqmEYb(Q`F4
z$ErphrJ*hc?&=18XRgLav3fbicl&r!Y|?DZME6t6kgfZyl5-WGhblxs2Fa4KM;vOZ
zu(xKyKJ=pwcelnH1|6qIw#gMkb4uolWTo&+zyMvKR<DdFa#PBadj>Q#AKy8T=ul#;
zwKkv#MCU`3>)EtDS`-ylN5`yYtQ_Q(ryHKi+zgG4wohfSABq%G%@a+L9ANdxC6XXK
zu67`^vb16N$yqqE*c_poIx)L`p&Iz}J}n9RRo41$TX&j>A&p7(3_&DaZCJ&FflJG6
zEwx`CulYGE#f3|(tXA8O>@Zzzzw)Vyta$H@33JNO{IGwNPW_8Q=6qRrG&#|+Rwmx5
zpu0axB1>N)!&K4hlJh7b#=*$UM90)2@yhkv_-x#l%FZRR2uc74Exq@;iqOxS*a=X&
z9X(mAd~e{M?c0K9wQS%uW^^S~$M{3yMoMM`<L;)mPE)1S9)2%g4#UTnSbvBX6I_c*
zwJX-VS65J)#;#uEWU$mBiG_1`_Jpu~WB=q{C{`HsBVk!#vB}?SVJKLverMlHld#jP
zS%O@fg?UJpJjc@X3>s|ml++kTs?eL{?+(xFs6)|?pUR<uLklJ+S(<;d-+!=<z7^!y
zyr-)+^sq6?kUttZB#>7vHqm|t(3kiP!=4Xz48;Od$>#UHR5ATu$6bV6i(G6BCcDAU
znZ_5Qm_ma~bsEsn2iE(1Ni09r5;BKtkUF^^{xsOUxHoqX;TAYs<}B&HTU#SdR6N0V
zq}^FhR+sE>6P$v=qXBu2aF%BXE^P#MM}sBZN=B=uy|1*4$cO1hUyf&>I(aUa(Fy%l
z(fLkBKqDQE`l=g@`xDu%!tcWSBLbSwMKXrkdhTugNdSzJ=F4kPSW{BzII6pJSj7tM
z$17FnCFVt?qc~BGjQ`>x6ps2`YG1QjPbRRqbg2Eh_jJcb!@BL)Fr>JNK|<G{M5&ue
z&um7N*Uj%=XF4fqkcSLjaKcdooDbkyNTT54UiI*t{QlS?T;!pNxVblv?PuHjdCgRs
z!IfsReP#A>-{VB{;jT|}#|UMEBn`FS>&zF*QrBFhibdoQ29&lKB@5wLoBt&vBMa0g
z*(~)vi{-bvE*qtdpOz_FO~qB{6H!t9S{f7gqxBj<8tHNV(_%j7bp%t%Y-G)Npw(Va
zf@6^9F|$c8B*)Qr;)J5~M17l}?xObkCP|*IMfuJ_Uinm@u>D0E7G;1-*#GP}1od_r
zIT0k4mu=2LYqF5Q?H(a`<+QR{4XNS5#Ir@GDJ^YeZWIFWNOX3fShrZ-S9pHJ*IHXQ
zMu6K+t_m-c9)9JrbH6!N@s}M=UVnF)LjUrOp!^1uV~E3c6svg`&e&+<H0^>*^fpg#
zP0`$`>#d{tlZRD0(cdPY>C9Ap$G7}-jq0wx?tQNHiL_?s9ihwk=lU)1=i|?(AB)(m
z285;BRgmXFPW(npPf<O<mTzN_3Q1mt`358yq1i%XF{}aQk%X96Sx92^j_zjia;TBY
ziLvR`-v>8WBRhP6R`8;sp;23&#jD7eey;|*l%5&OUqo6(dR;Brduqw#UVvEM_8?-$
zV^z|V)zLh#TU~BEjejZ#(}H#}@Xs!-JeOr+l$#Ef5#%??c8CM#+?{Bizw1@$MU|Rm
z)2%WuxhHI<kOHJlD!y~7ZMSS|E8Wdw>kD-SO%!3R)L9;v4jyxuoGSrl<W*Ao7uUOB
zq~O~IfV2!rz#*Ojje!(f7+EB|icR}n!Yzjv>o3mTUjT0My%96;>ex)sRIF3#t55&>
zL>4a(vaSe+szHeogaLGJN-dw#cEdsZ@s--{)ee^H;>m2gt}Z|Z7Vb_JeF%J5#~vFy
zXq6EyGZT0OaW8!EuGon)_k^6KPC}LGGlh(Bu?jVC^cx&0y0S7KYT01#dpm0I#@#0l
zg`xzay3C`%!BYDL#!|gg-NuS+iY?+XO3m6vmoRz%K-T<opZCCF0G?2D`eX<znKgO7
z?6kv@x+18+8PVzZR)SQMIHLU8C+YFRp%lLDM`6fkQHn0|`gjn}1vj8N3D5yG8Q6Ge
z7E-d#Hi&*Pw^(N05Wy0qFR`^{s+A(-6d*g?YuKp<akZ~r|Aao5X34Eot~X`{@E5Gu
zieAN_Bp63pg+Y%;t99Al#LPa4>mT+E+_y1yCB!8xC^F5VY>Lp?IHT|fm#y4NRQd|5
zQTz@aTTNg8#5q4#_L{12l9y34TY|r%=Nuf*1Pk`_LS(|~2HoYiv2^7da<zPEgp<!%
z6RvuB1z=G{t##DVY;_prWRwg%lz0R_f0o*^FLhO~L|l}X($HQV3}Ozkh>YzHF)j~y
zUpRf?!>`G5zn)YA1b!~He#5NuN*Fvp7}@lh+e5B>j5sv0YXYt@`5|>AmE~0&=ju4E
zfTNL#YfadxMg;2>JKmeA>U#Eq1QX^+xkZh{K%&Vh_r~g8@`&jX+<*KGOt_~vdUo`9
z$caI(z+o>XtYe|+U?(fUO*k>KkP)kYC$y_PL&#hw+o8*pGK?(=AvPy&elL{0Idcy=
zxbMra8QKR+Z-_GB7Exv;uaiUzGAod67{f@wSu$FR5ESBlcPah}ipUvNNtiN4>}9Pm
zr1+`aMQLIyYvaE72|N!@-K3wn#Agd9x<3;AD%0sGAEU2m(c^7M-?e2YBMm!X{wcw{
ztf-y%-9kRztltGpqQ4)%=i>ny^~M>t#+>@DLaJUow6w~6aVkf{5v4!7RzGB-?n^<O
zrcP?{@y#HhFc(RlMG_x{@4&>VI(*VJzxjmt-4}P~oLOqd>_)Mlj?xJyg|u!ict9v*
zmxRZp<|IqA$|SSmm>t1_uL_;pW=?*MO3^JXaM%9+`$#TOv}Q-f<gV%zlKBvON*xuT
zc>LG31_1?}V}HFNZPYKZx>L%g{UA3(>dxgJ;k%z{taKHE3EokmgCt)CD&oAm8b7|Y
z;<ZBmWMA;~31^7Dv+~nG1GgQ7gsIcin0?hz@yj(^-(%}kJwH#3G&2odS8RA-XWIBn
z%3=iuWKM(NRzY*qfd}(Gc-`1vQJUg>I^mYx!zgj2DXn^3)4(pGWFjhd6S=NeI#S$)
z?DU@Z527d2y#GB;8>FJF!jG$sE*`#i&Fufj?Ah)zsfLm(Gear4vcSW?HPIsum8q=H
zDr#=N-a|d^E&0#q<p0Av{uOK+k;_K|butku{SpfI_Ly8H`$eKVm$PJt<(22dm{K8{
zta@x?!M9k&fKYAw;{`8}LXQ~JywkId>G9Q>SJPMfHwV?hj-`Bt$0ccsMT^Uhl(6NW
zQOXPWQPQy1J&{%PDm!gGAS26#(!J5u;V{oIDX^;G0j6$bOmeH22iJhRf)WQ^VC(?8
z$F5Q*JZAJ)C2Sy{I0s27_k_Dyce{jpJj?R+z%OI7JZlKA@8%)3VSYOd39WY~$U|{Z
zzM`1%#X?0(qSDfz!_%))XE~Qi7eB?hL`|GREeu{rp>xrDp1xDVy6|dRVUmBZ)hU~d
zGK1`W+tn00G#V<t@ZEZT>qg|MPK023H=D-ZVRlrK3r%KGm01E%IEq_mD7}G<5U)Z*
z<M=Q#-!76^X+b^qb6YK(Pt_qQYuKga;Cmg!7}Mx(DV;pnpFO4;{iLtMTPDP36V&S}
zhN;7X)7!4N+0<vd=038Z$&7EZ(h^^k+{^aY+^<Zwt|TwpZ?fq`E~*-ZiFSbT6oXbB
zRjZ>ISnB-4h*44X3t1zw^M%j3hlkRV4dLLnEQ6bu<`&I!2k#YlcNNYjPUY|L1dBsX
zsra>F$@2jg&(w22r31KbQ+;DJ6knGHEZ2;zaaT3IOsQrjdAg32Q_Xcu^Fvlfk$s9T
z=hVD9#SShF_{~#~k@urjng<Tu72kMj7`0@E=uHqlUt?p@jf`uhenU}!8psW`{4YyS
zKb*0(?;%x&ojsi;vgJNQ3acIMbXy<*HpYhJd;kijZ>M}N`J_XdI6KQWKON|j1u3-c
zO|<vuLv)GrNarSa{Lnn0$-^^H>I{$|62uKG8HX6~nS4}R?gT;cHb(AI8}(dKarx<X
zn&w+%HNHh0Uv^XEXC8Lg_)RX{tC^%Jtr~G{4ci+Q-0V9nikq~SrelH7+Y?lx_|63u
zFTO5z*w*Q84lEc?)BN7;eSP*Bf^V0RY$Dl8dpI4$Dq9-aY8!vl(#i55OI3iuy=W@5
zX@OF~#A(I$L|dVEPIo{8+PSj)dd+c($|4&bFvTlxf=E*YBxr#z@5Wmszt*3Gf&`|r
zltE6sIeHmYQm4Pz6ZJa9#GpRfRQX0$ig#U}bL^r34Hz#Zbz&4DM<2(R4{J&~X1k@G
zw$OKQ&3OFe-kWwQ^~GBrL|H)aLx1i%2ex|gGkICMl{w-GLJX_Y00)uPNFpcsC$A70
zGBMifMcq=@RjP)v^kq`a-*D>9zc-1QZrV3}<d(Q!Qz5I{z=^sAG2B52n+f($*%z#A
zz5B$O&9ixN{jpz>lf6L(hIyvGv|dl4cfEBgaa_%?6wIgai9R({W?mF*5jhm`#O8mw
z7Kp{SO+BabX@%f7=gwYi1Fm0ya%Tr3O*y|>W35Z(8*HV*&^DrdR$jS-2zaI$FZ2P_
z0IfarT4G<Z)@Vt*U**@vf~GE!?9VKw)TGQRXjZ)L5o&?u5j@I}Z$Tr>M~nO?MxQg%
zOKAo-gvwm@%^0=g$%`OPkBPDumTwaxx2tyZ3B6-3yChqBhdk$FtC1uim2?sZp|q&o
zLt(f?(tHtf#})9=y0Nval5d72h%s4j4A6oluA$~EQA+j&q6NaKi$=-$O@I3tV}((^
zZeRY$Q5=AMRQ%edo_OW#=YBc0&=Dj$yXSN9UD^HplQVzhx_~)0uO*O>_@^+S7x7qr
zh|;u%xx-!f@LKBxHV3(_f$~Z78P`o$vtlS^I<!v&O<=q}dSALsM7+mAPo!=y>5KlW
zZ>5VrS+`Gi{H()646nBIb8?j1B`)9D9x7YDS+Dlw2z*eIl<H(6C9k1P1tr8;^QeB;
z_47iZ^#cW%_ioR4*vka@qrU+krmlm>_q@e&U;MyL$F9Dtzcqla$QEIouseK@Znl8s
zH7y_x5&q(NFf59uo<t}{ctz`iD>Ge_*7~A2i;^B9Q(0Bvh=vJ>>I3y^0G|~YtX@q=
zON-dG@M8S1weh)twa<RX2p1{X8n!&}(LpfYf?1v+$SQr*&kzEoatuuZ)UG1Ldd8br
z&di^_Gu}Y>$i6&k=|2a5UP#8PBgKwaKA!+QevStzR4Ou6WN1u(xWTxC9rU+&=+m^p
z@NF^{SNQzB_X#N7Z<2Cqb&MN!gECH2xNA>Sw!Z`Vqp+ln5mhgad_6H8Pj`~6KF67I
zb-?ZWEg1W(uVR*ej@t6BZB-+DM3QThteIOZN)aM`ZwG1R0b7~;3&?y3Zi>K~1mMdW
z8X9WgSu}BW@!oA@D4K}19gnPc&PC$VpNUz3E8pVO-126))UraT08-gCrp;{VphiiF
zuhR<ivkG=;lQS9?QJ5k(UQLIaEtx*3nPhy-*P)?EPccX~xUEanvt4SyWIYp9`=bq5
zySoD8EUYyE!*$A?=XD_ZzCITBNZqGjCB?a+d&4Qkh4Pc90XK<qXN*IRH+?3jz4qDa
z14ORSBQA<-UV%GGZ<Dx#rAzb&%ElWFG=eTz662<EqRd?qmu;8N_K^7>eaFkf2S&=7
z<NIU8lz8G{q-Xxhtb);_y4spIQ0veqIu~}|-y{7CtEBZ=D@KpMolO^g*iVu=SSMvM
z8CF;%NX?<3hEdva8u}#Ou_bN3+$asqIeY|z+kWIcU_pP_C)R^8uw!7xwcajg0=N>P
zcnL1;XgK;A_O1cnMWsVAGHL%U)KyxeKS5z8+R1G+OLu}c4pHyRf+(y;b$z?Lt3Bz|
z=jj%~d>Ub*C->D%TNcvwGAf7!&NuVq<vrmFN>ls7(Sa`D>`zM`e5bXh->u(!>ANUv
z?tfouuOc5JcNytZCra(34Wr>hNHTHEno4L^dRMCCPereNBreXWRoBP4B)l^zs7M-j
zSBo;$52?8mnHr);uT6qK=vm$6$k0)vtD54}9}pCDT$@+g9b`tXcZT>(`Z}f$iFOyI
zo)p<#O{pKIDND-Ceux4|8?u#e!FX_mmP-JiJhs5su9m?{$He{J-AP?8Z>8Q<zIWl;
zTa&062X1}Vq9`aloKQqkiai%?pKW>iX5Ea=!S{iPS*?_0#L^odnY;Xe0+1U)mUEp4
zBH+a%fNqaGzi5l-db;l>CZ(u%P`;&=q2LZQ;5WjG6;ry4FUhb)^C?FcShC~4ee804
z^c9ngOWD${a~0Ur9q(Sens|x3b;u{n1wZ62@F(UGz>8=r%5GZ<z@B`+c$@X)E)i#Y
zP6iu;TwC<|R>i1;4$W*XZ;gtlSwov2iF^(S=3lj~?`{S>+Tsv{^R@lpJ>~|+IWU@q
znOC4lONVUyI)4-@XnQ!Vk~~4%^Y)tCZG%xO$b|THM-2_issy~&ri2MGP}}OgG30tf
z5OvgJuDCP~jf)qKdN)W+oyw;5%h%*ZxwtJVf4iR@X-{YC`0dQ<QI^GU|HiHc;t`<F
z*#0DmXM%CTiQ%_T*wcB4mX4avTL{oyq2WTX5o#+TJrB|-ZPCD}doOVLj_np%gW-`A
zHUs6p1BPe#?l8~bhCI2|f|``lVekTCW%PAsAFlHEQ(}JV$XhXaz+Bo*ItF7&vVGyA
zyU<0ibB_PCLMqN=GaQ|->Mv}cB=~jgcSMFhNNH!wboqk>kP>JD3emO9=;86RC9%`c
z>M@>654H97M`{V5uYTHnOh>5DWqs1!S=OW_y*lRg1E@xL$xtaj!Xw$mDin+0<+ywO
zWA#9R6D(`$>hg8u&5eXzlh}%hxACR)y|&iM&x#R_dg|Ck%@of2NnT>-E9T(TWP9+s
z6SHnP5USIU23rSY51adZS{8V-@e&W`0>wy2%LB2;xnH;K2a#=)B%3LQI5{M`#dRJ1
zBt5+5ItbXlpSkn&X{SWMLc077p^>aGq``!GVA-eBPi$iyX$+<er?{ublG6S`Kb_i)
z4tOYzyD+1oqgT0PT|(?>XLAO<RO37!Mz241u-I00LQ55*m#0}nZ!JN`)PI9a=Wk$;
z&t|`DeP6-jQLxPPIZTX)&21yuk-uXyPUSn#SpXG0%74UB>omCl)@U-ol6x&Oa!zOH
z;Mz4PC2{#D;?Rw%f0kHO;sAVk-H|g*J9{litg^P}uWL+5`)jx5|3x##|HGW=KYj5Q
z@a@x4&rJSzfQ&MEMVP3oosK^ZxQq|rE|VgNX){!A1X0qWh0p0(-wJU7TZ1a4ribt1
zIHcc61P!z{c0@e-14ue@`Pe=1^0Us6UYTySOwM=m%X@vR*@(Ryk?-XczE6+R<gAL>
znfZHf2I9*WCO;2{ysE!5PT2K+Nxw22R`%M+F{VIr{_%h}|Mop88J54Jgb*J<kD~nx
zD}riw>qE95F`npKTsTd;{1}rOVNtC(*bMLdJDCV6cgyZbU+Qc$HQ0m#F#3lDx3Hbt
z#!GEubC!SS92H(03IT3rHy@9dP^d*g|1e-u&hl<+BaWT=@063eKUow0Vfy`l7{KO4
zooDKMqGt1V%#BRuuM+=c`9B$;^T}K2aM{^S?C;Q@$v+&Q{KImUe;9zs6brLl7^VsP
zJM`#3e0MaUu(8rs|NnY*|Jz<&7w>_wO_`AbMIOZ2xEAHv<^XJQ5w2Q5FJ(I3PmYX+
zP7nf+UXn83np~i;6c%2t&;K|h|KTBZH~Z@v1)yhiwr2qpJGs~MjfpK7yx&5`H9doH
z{v6Q3qyfHizMT4mQMRJu!@+_rV`Il0gSQ`F{R-CBmT+#;%W)A?*VLry%d%y3u5Xu_
z+AHzt5;M@bnyG&@y3x^7P4}Sszm7D8Q}$opfa0nD-*==T7Cp5Z3x?Sshln2jKtD>5
z`8P)yVE3kqBGC1B*E@C1__SfU@3%<{lk-(bf0ms-tx+1K=7pNBNddz7B4fNj%8`-p
zUzy)Fk6xosuaNg?mN(Hifh1VzTag`Yku^s$lv3{>|1P%vD+GT>X34)o&4;)?=Co%I
zCkL8rXZq~QAAAsIp%3E`4>1HVE*r=#_Y3&5mh-7MC*5CWtqd^ESqif1^#qFPnL*?Z
zhKjK_L3b6y7q(bE*;M&3uDk$tjT+ImUSzm)O1N33%gt;=a7t&c2aK&FEa8;5ud>=x
z>N%}uY9V9aE1w&e>gy3v1%@{?G;1Pv6?6?TD*{l7TU9~C61`ti)@5f?nUm2kG+h*n
z>l}!zKBvFoGy3FHf)b?A^aUVZ9^Qsv)0wT!NypK6U)*>QF<<x0O83Ro!>NSz(1Wm>
zv9u?Ybwa&?SnNG+7#wQ!4)ovkcz={$YV6z$Q*WQ`1%7#+A3hwqS+-sF8^oP=@XyJe
z1ny9!HK+kA{aBd5>kfH_8=Ys@P0&+D^#;YJ4NT^;!B1u0^Y(C+yT3K8-$(PzKJtn8
zoY^Y}lqa;6O}v$S*><sS9+P*TVtzl_enRwwV^$(3>SGZC`)nS5l;3dTAtdsus-Us?
zWO2HM`O_Dk727$mt*JzysFWdtllsPdxa^xTEz<Fz$=;rAhBJHsn(A0zmbl=odS_;J
zrXB!P)tVv*Mn(?xM{LmzIoC#Gn){}ov=XKt*XfmGuB*B8MGgzwY9m|T&4WYG+Mbe<
z$E>%A4spA>8uFM=P1#QJWz=G2?R6CyQS&CGln05IP`P0pn*wx0T<5E?SwK({9Sh*M
z6y#V&+wxCZOPkbze!f{@fOmCaB?4nA;bS=gOcHvco<abkJt^Sp8Z!c)qa&PkhsmlG
znBm;2`wPZZm%qb&ex|u#cEg&cf!UDZOShm!=EimoD-%PUm32_++rO^Wyq0U-*|+Fm
zW;bO~#x7SbAk^g#kEh~YH_H=>rkwjt3;GV8d;DCx7#Ww%5SA#}ZYwpHn!QUZuw@m~
zLW!&s6^5z8xM%G6)rgaK(U-{LA`+@o>bGSW6_l6n&|a)7N&52oklXQrZeDre5TDkR
z9208WvLv*zl*=o(D4rPDO~!B(2%p1rUEN}*w{b&pJcH=fuO8=rh;*pX1s!H<wEnR)
z#XRSQxVUaE)z=KR$`P>Z+hA?vfE>ZbA{xj7(oRgnn_oKY;jS;<l(V@aGMft@c<K@M
zJlY>*$aykwl0*uMPJP#LR1sWAE;Ly!ye^5g7*Kt1(&y8q?O8fMcffD5fDtBRxO<eD
zz8x*QfI_Dt9wzS64~0s7LR%OLn?G{|7l`&fu}x>ToylE$9yoRJmf!9>28A9?;h~?@
zz|B5tL=W}yoqm%CoRTFtk%S(RsM_^VdU>IOgze1&`{!9ISa8W;zQx)@6Kze$A8qQI
zWwv(HOPvZYv|#jUlYr5AD2(|N-(*YNE&Dgt5K~Dn;Fgb`VkHieJZWjqWai0U*_WF?
z(X%tQ{&eT5xe0LtkC%DpsW7n+9+3!D{q~57tLyBx<!METfCsJs;H&KL>u_HUu)by$
z8oL+z4pFb}kMCdKGVZ`KIJ$f3)4~%s1Ml6IpAvFw*y8K~sp{x(F>-xM`rSxiT~9aK
zvDK7GjJu;iq@fe5I*4&vzJp#JOiJqrVM((t6`8`hxE%+BU9V*9w3^F2m6u|qYps$b
zHdmV_-37@yb%cDG{@KNT%;>nZGQff~RG2j`w%3qW`xY`4wmkHWmNAWc5Qf++F+$LM
zo<hupj`|}J3qAndq$D@W>3w*%9`LcSiKwiNS+vwTG^2mkf(MtUNa}PKV*-8G9+Q_P
z`6FivK5g^GPFHmw75S#mB<%64tK`U~u}k3gq}&GcusoZd1`yhINj%sgzScE(yFyfh
zm{cv8od5JuTC}GKVSKy77iS56XBxM5B5~>Q_Ncjh@%Pk*Tp+ced!OvoM9R$>##M9J
ztM~7DASb}l6fd5GTHe`Vz8=I*<$>p^*!$n!wnD$=b|uMWy$#LNPR)-e4>xTKuuCh|
zXd^Z)lHoDy{&X9CE*6>#{t*-;6RMsbUB~JU<^7vV?_z8O^Y4?CN~a)7TPcQdXnOez
z#AoAI&bP&t63QmDI_?$baJ4KMOLtXs^U)Z4)KFYE3xi7Ogp$kTy@^=y`)y`o12J3`
z<>~pRJcj$d$j1Ax-|z5U^%Rx3WI0!)M@}_ddz*D%-b?tMWFv3B9UBs(v%9rp72tLF
zJrG!oNDe3KXM{u-G=)UBi)%F{-Io_>CRNybLwknfMQ4a9tJ!G{;yRmt1#XiaTYasR
zO%#i^M#Uwg?PItu#?p*GNFmBMp=!Ro$$)XfDlz{e@twc3Tk`8b+ysTI#S8j;%E0?m
z3;P2ap>VEUXwy9B(7^t7Va<DJr%VeAs@Yu%UCJ6rVKP{P&Y*!Y+K6-~?pt+OmA9L(
zB}`oEy7_@^mbL0$tOpE)6kk`{)tZV43wD$Fm-Fs$z0S;qZPjlX<@@fv5aFm&Z|r_P
zh*$KE*A0b*uZj|ie-twG5BznFx}_q?hRVAp(W8<1j4}<OUR(q2lwpNUju~bgCSL%-
zNi0dm<_^Bi;SkrtX7CV~Z;{d5qKQ^+vIiX27~h*PB`D-k&Ye7>eHRWU$CAR5aw#6E
z`MiNpE4C+LJX&RDHpRa;KPqW~e23fw@MBRhFIFGE6z;Cz2wg=wu0gl4x?|;JHO2in
zt`3>3bsEFT!IBD*1@6OV1R3IDeBbMr8E#{hkPaY^*zL_Y3V;LOUuyZE(aQo!TgBu9
z>rIgUH#=ktT5KGGd`9!%-OdZJ_6|qGiz8^|ONo>cvPMNlAYXDmuX3a0MYq_EL&2Yf
zUEWiIo5@HktkpJU^6)C2K0tXTfzYV$9`x6>nH3N2L30cdi*M&|d{f#)3rTm-bDj>?
zlU!$;XO35Wug1V2udD&fcQ`A4dC^j!Z*~WEXSycQmlN`FQ-7-MC)iSw#J9;TX7`A`
z=2r2#JQrgs&N;`2o}?^?U+(q*LZ8Zop8fzqa*K16mVL?@HJ@bZ^<Mj>^|ycbck2J<
zG4x+jx4$mt(ENP*?uY8lHY2IPL;di-uKo7$XWsQ?73PG%`=y^=$4dNcw=Vhp8nf4j
zfA`z}=Po=-5v78`2>3WF2=5cnU)P#K{`jA`@%D)3q2J#HWS^cSU1t4_<oJu!K}3wY
z%G#Xf=Gp6WZ|YpacHv^+ovY=_pCfO)A30!NYb4}95l9OUksMHIe@!u(T|W2UJ?egP
z&f>^l*XXRrR0{q(`{G8qen+?{{;zAESK1f!EN4LGYNLM^s@=DLeY@*>^@YTz(KyMR
zy2>-H>r}5S6^_>(`y@}x;C8JTK(Jgco3G^JpO~eo>8<n4S<!RluRM3;ER}tYpGYQ1
zo_Xz?^IJJw?u>qfYDZ8og#HFt)7%_L!$hUD|99w0u)Aa7nt|kKr1@)%llASdpJS3w
zkgb)bgxSM=(d8WFl)f~YW|VT{irqz6;Qf)>#_Hzg)S^|n8IU$tRXIGQlpEu=1<sJ=
z*p(@g_=bAwvCSUt)QmjwkSJ-Y5BDNmgfqcTeVyzXWtdQzi39*%;mW7sof$sa9t|7x
z;sH_itbf|1{HXx&PuMwxht(H+w+_{A>tiwcZ{)pKR8#B!?(161uBcQ61f_&tB%wEd
zQW6pfC3Herv_Jv@=>noImEI(TK&Vm@I!FsuSc{qf0SQGqN|jJls?>F|&lqR#v&Y_-
z|1<W*nODgiBl9YA&hPs^&+~bRzvzY4Wr1&;u_T1S#!@B%TxYfH^Ps3&zCDOou7Ma~
z$9gSmg)!DA6Whb)mJj^;4X`$_hBT<Urh897O8)BoAUvK`eK?$|No{MK@n1MNXhFAO
z6qkV>4j}GzYE{f=(+Un?{EkfTCd;_GR!St+m%5Qn>oZO37Tk#GZ`2qk&$H?_b3|Y5
z2L#KTLP}xth<-`gt2!nDqI^wZ;*EvvGoiN~%baa3_uB<BogZB62#A`ZX3X;2%0c3l
z(igROyZPx9W~MD?QGG?0({!d0#cKJZercF@L#rXP2BtahXbdZ+p|~T=N4`?uH6!S^
zN(xEj8S}T_sp`4JqBOdu@~T^E{nFtFASUK8Es?H=7A@34{r!S-eX$UVn~b;`R5vHS
zT$FP5?}ZGi8$Rp-j-_*-svTI$59beU)_JvGUbI<Lt(f&IDMEvQx)WDLcfPhDl?40u
zOuRUa#x=|=^t>&qgUqk@`Ir2%d^>R0=K(ev-^~}AYR=o3ZSLJH)XRtTd)Gjzh2<iy
z{*oSc%U!s3Oe^Ll{`F@n@Dh2Ut>#*%5$}z-?qUYaMT3Ex`Y<rW@y-+7$I%b~;mQ;J
zZal6fGvr@!d>Q^$!5jjpeKj)$QoH#rbwnUmY$;{#)hI+T92}{N2OM6-`BYFlUR?L}
z2*)$EdP@Hj9g^gxrfEbx-zU!gZ6R)_$~5B+^jF1=rHcT1CmK|0e!yb&UV|#et%Y4A
zS1?#i?+p=9z;ChcK+D$KA+}fe%8(->9iz-Z2SQYmhVc)eHQa~e0JyU&<TNT9mOnPI
zSr8?thWp%{WUF@V)<EB8hL5g6qQH_Jeh<YMAp5h4cH(__9}@K3Y99>pvyFNGA;pq~
zUHS8392e*v7A#QbINlNl^6R~>1|-i5KO2sZ+EIRz@)TsecGz8``R|3BgS%6v8$VC3
zYm({KKl1!X4gd|(O+CqT*(@bl0A%56ZIi9UE)!pbatsJ-;2|-)8@%`%yJ}?)W`yH<
z09;3v)D+<=cb6}<y}jgRC0WU*Inan290JnpC-lp>18vgNJY}B{XJMd}`gH=X*B@I$
z>P?mHok@rmZs~V|supK07D6}y{tGT3nPageCjC5*DaS_W>Ml(qAYmO<M28@;ZX&)h
zGl=Ynrh5B~NER#?l?R9b7oAl1j7K6222isr&4{0wC*|4Ew=$kSgugHXKSbCH+nqaj
zD>puPnkM414gl;xmAt_<_RJ$8Wm2{CQM*d6Rfku?V8m)czyD3ba@Pydm>vF^RO1iF
zcQ!D>2orbF1RC_em8`Gn%bPrHwKv|?uB%Dm?yb$v`&t5Z#waQG{qw2NFCZ|5<2c1$
zE0x-mX%aC=CGQNv$`#9g@hv)xJv+1bI7HsYB2QD>dp<{P82{YeHIWlvX%_5OjGuxw
zj6Rf}61)M$cU8af&=7KO>EqbAUPY~tp0zEa2nSJzl^X{R8S5npr-KPSZ&|9uZ$Cb~
z;bC0Nq|t+14c)yplfbzKc5o@#0asb-@L;mvk3v#K@4EEQX`8wE_9|)90ubGBy_Rw9
zstJI%<N#*S2m)!f4fZu%xM*w^Keoz!qo~>PwMeCBNcIiMM-Oz~RWdwZfD&8Y%yx{M
z`5;q{?h!6b3;Wq4-drzCPFzx2xz!HLw&Q2Yj!XK;8mlhOvNElHUUmdh1s%qswX%+v
zjy)ws?vHk@-|sY6SEpL@nOM4a%0%<}t^V@;`$!ISr8%Xf$s4SP5lQ=vCo%Hx3mpH;
z>xXsXcd_E_5#6I^-?M@Xg#VWibLGw3_S=V}$NAG=ZbyzEJnLAjtax={P3nJljsH{U
z1_J-bknqR5{VbbWxa8Ihu#Tg;3Z9FOceP-%xBsx4rX;$RP&tQ(OG=xS(<meKi^V+1
zN>NCMqvwAgI4(MRO`RAhadbVbAN(<~x#F(GUb1D?jAQ>CDX<iQXBX-e8;iE^62Akr
z6`W5`!Tt=D1E~6KFaA_$-oLM6G~RjdV14|U6zdUDzW;!8sICGbYpl4dN{NVEOtBA^
zUT$=m`7nyhb{yUsgEmzW2{d8hWy7Ok#gUKBV>yyz&;MaBQy?}8BB#}tZf6?$eUF^U
z1I1Ey!ygzBAs78&v4&Pm;G%vLQzp5V{CcH1KJ;Aob(#B#??k^^86`V4=ofzoBpc=^
z+Opw>gR0gd5;aI*G)Uy!^1y8K%%lV}?#UO}=^r^m>rksQ#xspO!Dmnb?iOsouC{pB
zr`cbAf*HMk#|2<18e4nK0r~+dt!$sFW{xAv`QCtI!=9&h0YkPj(WZVUZZwh}B5=~*
z;xlsFUww{SltD|$_k!{gQ&K$bu9RsN?hl&`TiPX)>+x#(_C%X{S4?2((>!t7O|B*J
zJJFv!4Wnv3XAl-p;e~*u{a!z9noYE4kLzTjc}<W)YS=i{)Oeiw$XYVmqS0#F=!?GJ
zMB=ENUZix&R&z;X)<}fL=1d|++gBc<uxIUtM_8J_Qyi!>7ZkxkOEFl2fOW_d`DFsC
zlSKp;c`W<Z#aMvsNp`jH58d~ID_F~Xm>;$bdsC4UU#sM`U&-UEFQv4Rwl$C}yYYJ}
z&+}oJ?)Ubu>UdR#x+uQr(_0}i%#2@Kuo6(aU){(p{ND?|3Xx|zkg*>*7dQXW$1`tm
zrIxI3*)wMw?|#)VIB8)f!hHTf?btyp$N5^|q7;x)=-u?zy54IA&&XHqKKx|h@4DD*
ze$%!KV4S-l<qlO+_O6q~sM3J8c^3hf)>iX`?lq-2C>iNZqkfiKe=;-n?m3v^p1y5W
zx5@MG1>?O#!*ajFTC8q!%I}&LZz`S&EAUAzYm!K*u(3MWH3?zh?&A(hS7!dd7Z|@)
z+`U&Nz;_Ff0Pg?p;xujS*J2p%2}NCse>a&l@F*-fb5`-L_=MZ^^W<bQo^8!e((}ah
ztMBMK3Cy2v(g_mxszB26>dSp@eyfy~C&emoq%)Wn8;&?N#d^Nc=54Seo6IJhycZ@N
zjqWWq?`mu6`Rpvoqr^d)$o4?d{0@mp8@H5qY~;`oPOE+~1}f(?ZZhDFKKr_e(@Xgu
zaRn`9hoI7I57y(wTzRaDp56qnbi6YZz(-$Gn8~oZ3^(?v>=RXTnepfSF8gp`*}UgE
zj7kVUE7>wwd01GF7@N)$6)(dU(Jp^%qqFwz^gHOy8ACfmLoFIvE={Yv?-mXHtJ#-+
z@aos4bLg>Ut)FHS1ax~^ZoBTC$#*pEjd_97sbg#PV(r@)e<t;cg5~#dx{f7pt#@KK
zEU3VJQLfw#mChATOgT!~N&=Y0vvYw5cEUcB#fXRI4MROMPG%k(l}Y@%#aqKY=-tkL
zRw2o{-e-RaNg0~h-d~+jm93wN2LxI~=z1q23G4H&>|5?7A-r2wM7t5w=V~VJ+(&ke
z*SXIM$Hww+B%Gq?ONw$&U~l!j5DXM)Q-4{%#$<E6AlUA$9ZBT+SKR$onb{P<UgXUV
zg;Z$$NljLejQS${D$s6*h2CEUtk+u`DQuZ`OoTl*%QzyKus11F+)nz{WRwXE{N7j{
zR?w)SnIww&f+Qx2bN)VEy8PWrvO1?f(_yCEs;=y4>f)T%t01d;k@HZSJ-ZuGw#6xI
zX<CAcQ~q~ib~%_FFC}@Qat4ZLdnI;?sr3*~I3n6B&KB~w)Q+L7O2P0qa!;g^pGbp7
ziuz#G&=XlNVV%UwkwrL+?9o>9dXu$>_5dADyZ^VRbnfG+Ut8U<lOq%GtJ14yX?F?%
zyBPkcXhR%Q7Xy`{%=q8+*43{c{-Y^ABF+_XJy6DnN4TpPsN05d@ts@x>4$;-SbjlF
zsYD*b6qFXfc+rc<nMdw)z8j@;#pv*xe~-(3zk#T|EA9MIpO+m)t3|?aSZXi^e>|JH
zcn4K$=%6H#rFgmuW^s$yEV9a{pKn9ZFCkvew}$k+yUNP4Y|L`KVoReJjg&OIXv_9E
z60bKJsFm=%<V5D1k4p6HpNgvZN!7EZO={|ISsPrG(S#-+WxsQ$XRR`H<RffK?o7(2
zj!WuYMlL<mH^SM_F;JCm7~pRhJ+?`#mSHR)^wRD9jI~d)`Hu$23Ry|9K|RS>M?t`@
ztNl<Vl$=@Gux6QuwI7cPjKc}cOo!&UuK=xsB$^UAwnXc`NjgCIpQMmFAU;m*X!-U>
zxg!z9`^hFC=-9N^len}9Frj}ewsQI13fITN0bQ>Iy-}KI$)}GLvoI-^i!eTRpN(w=
z1=n}LA*d=FTLmC>5ptwR$v_Dp-`+ycy~P4jlfoPE(_*mxv0=mStHTcmYLfoFpuNPK
z5)BV;r+SqepA>D>G*K22xrWdOW}?PCGaNB(kx$FJ3L@qt%cL?6fpsp8v9zCI&(qlH
zZ)g6KteUChuS}a@v}>H5HDjBWPqP}@YnL(;Gm5@_NdNI%-gN!L6#OYZEA*xf04JVh
zZ85z%J-6Tr9xz_kd-J5!A;8@7_qZ}{fVsd`%bzpxyj3vk%UMvswK*^<oSoeV<#Dp~
zF0dH3$0@VrUS_f?^LP93L$^xzv7gqrCe+`9-N~+iHTA&;o+kx5JlN9f5t2%L?+QSs
zl*=A1nFT-D&qo}COJdD8mEIusv+NaJ#oNfe@0}}{4J+_J{OrTODjwdeEiCn?p|E+T
zG??%c@n{Z_6>37h#zU`(QZykI?IYj{jf3_0PiyvrH8*ZVSh25KYKR%erMJX3DAq0G
z4BcSzkRYG%TOVVmoSr<y{9%`W;{rATr`7s-u-~WC4v7h;Drz3z6AzO#e_Ob!_Zq;0
zQ;I02q{m;`jF{?!uQt0ztry-AZFUeVE-B|t&J-~KZIA@4Ek_ZDK=arsR%}o<CI+hp
zzBxklRX=;tAabj9{ya#5g(OQUvkC&OFzdoX;PZO~WzyIrkXWG;Q|xH(@8SVyS;YBp
zVvdBD^$MSGjI+Ap<b4F3TEdpt%cCPFofIPCttMvVA2e0G-U|<LK*Q|S;`MOKV^e%q
zu*F5oWj*D?!1UU;-VI?YD*Q1aH__!m(v|qrmHKS`QWO-HW0zPBhU9^)?Gs`SCu4eo
zD#Sl*izFFM+_P#pNHg1(<Vz3d6tDRR{16L}sM3wc9ui2(8{drkn*9`UXBP>Bo4jqS
z#;r&*%+k40RQdV42n)xYI^Uq^rK=qu8+x6`ny<4Zu#Be-uTM#`zcw?M4Uq2K3{g-`
zd8R@8*x)uW9C`36rD)&wEt`Y{;$FXu#14OPjYjOFB^_s6P(07Z)#;p1&$4ww%<_yF
z?e=Xk-sY`x2i|>;keJY4f5^I0BY&g0HIF(V*(~d8<Cctr;1jdx2ANnauWESiYN5hX
zk0NKCRT0`z^FZ9p1H|zGw#{5oityz#T#>Bj$VT=ai<Yn~)Zl2#UC|gSg<X}Xxe+Js
zdwgupwdhSm5gRdyF8)h=rHoj0ckiCuG}sugRe){IoKrCHld-V!P(B(PPUNr`wo_Ry
z)V>^P9pu{B3r}$2vOT!BdY}2AlL?%WakPZDZHQ)fz_Dfa7Kb+QJ-U|4g9YL?3TNCK
zrtLAAcY(g|#hVor$7m+o%wIf^<V!5Y6+%%@2GG4@Z@gmnS|o#RfI@K1L`f-tL{G8y
z=FF6bWNUQNYQ~DamkcgnF{R9=J=HGw)5C{}vRqaVyo>OGd`8Ky6AKpISkgmJsHWY|
zm)b90qr0;<^gAbVT*lzR)cRc*^8@wS>cw&X&)=7?NSb?a$7`)6=(y`eHG!J_pAx{e
zGuTGp(9iSf<M@<~)TTtMyhaeGhxW@$p&4V!LnaAP*~;9g%^lw+Qo*zMR57<j({SR^
zy#;@5dW&S*Dr<NPc|%!!Vmyl~grfp8n06v1_)bSdV*v2lbzz`5G~D~~4c3bjGX}t<
zKC{*p@eji~glQ#ESVT1zy?|O0SXep7fY9NY2?GIIr@a=7e<B?;bIv+`5y|br*`P#?
z35pWOfM}(cVZ(#_n%)QIM?9*_m%X(B>6=O=!`0`$FJ;>ZZ%&pVzpcf_#I`AAeONou
zMe$lCt`fJ2p5XTixTT5*|BR^x{n6k%+2#gmg=Z!j=d%VBC{T&-Svv6@J^!F}Sb*_t
z;!bwAPryv}LF*s!-2GnaHv1f8q3h7eZam50$@|#RsT)9B{^uqU)Rttq?r)$9|6p;v
zj(tlj7pFh3?)D=Ry96Gb&WEsi0}xF}lw$Q4W}6lU+kc8_((26-{Czgl@TjD=)@b0G
zKM6{B4OKoSwJ?i<?ifG;dSCg1_kwr%M;vcLT8h)MN1a4#_#G!&Mj!m1EO=QyvRW&$
z!mPfakJzssD-|Tl0?FZyE7?;MePAkVmksBnb{-6kT5DDKHK{*(>+wt9J+Z2A!qUi6
zlV9u}VYgUxN|*NCjnu`$$?RT6dD$V{>QlT`GPj5Lq|M?#IX5(EC@}pJ{>m<Ez#F|Y
z)UPvCDnKUft0y<pz#iiWnxkF;P<Xlqn{nW>1+|R-G7<ckS9p1gN|WF-RKDY2{m%|t
zv}pY?Vl+Xv(E=?GzpgbL%V**j<|i=}S5j<&9bcP>C1cS!UYDIJtfn1pA}`w(+mamu
z!UnL$d6BNS2P$JlTRek&h)pE0=R_R>iZR1+R1W?k=1HyDb(N~$omQzQlNXil(Fq#5
z;uiw|iEc|hO23A?jRMJcjcC`NCiX~-tqE(z#EPLbSlK)xy0(U{NX#_1Fba*5{<a}2
z#|R(`U4&BzCtXo{k;fYTAOt>q8x@|gr1{BlK&53E8ItQ<VKf|Y#oV21K1IzSyNsME
ztVBsWd?71jly@lw0IB(jh#4%r+#*37Dz@nJY0B%rzD}Hy(%c?bCvw^@Z0=<mVQmZc
zd1Sry4n2-xU2|_s%UDi9pVF)7Vx$sBY<vFQ_l{^my7tyfKO)l|b@{m7iKOjc@ZcZ2
z_p=*p@##lRk?dlNXAcwuWZO<pBfIW@+QfNakhvqa%iiv}E6Jx;y*A~3YeiC$G~_^<
ztg-Uj{BtQWn(QtVU?>M!R+{`p0dc@kJ$;y|cai>v^e(J4tm8RezxiI=MrTaDIc+{8
zZY}M%w_lHpH8MP`KQ||2g>4cTiqkQ-nif+KT~DXny(us=l4vm!Nj4Ccodp3G0v^EO
zy^qceMk`o%gVcK`3xkCE{-~dvm68)i*-s?m&)k~cO8d5<g?zc6a~ge!03`<9zFH`?
z>Mu<Uy_9KeI2^P_1FFm)SxP61K*J=bE;Xjy>6H4MGf*1tuU4qHuV!cX?*#}Ud*vta
zesC_@;_v8N`kSE$m#nJ(FP`7@MBeR2B|Yc&ZbYy=3Go3EElHEdOE|Rt{FC_gy&Lhf
zUK+ouvCdccDE^vZT?r<q!a-69arTr-33G7eXou`zTNI<Je=hT<Cf~tdr~2H_3coi5
zDK&myQ{ic*miaA1lSq&2ZxJhdGBcE8;@5VBryHEf4zWK!YU@`LET5Rgt)#!a4GLa;
z4@-!b2K_m$GX3HE+eRKTqrgn43*b%S<=uAu%>88?q*ez4MdS_0OfQbS00&haH&h%2
zr+7x?qpeC@;JviEO!cEw%%bh1!6{?7xxtg71#D+*3s)?=gNR*1qUI=NO=P;`#*q1A
z{VJ@|8<nEA{@pNp6(Nt?H1V-<ErAJ?>TUv9+yYxMHXUq-C;17BfF{vu4)U%rx<Kz<
zhaByxRL<iJcj@~mu<5MWvTQn(wUJlVVsFP-dP`D|X0y+pgRF<n6gg+|hV}mT+A#0;
zo<a9-Q&u8uvwy9Th&?)47z~#$KjR&q3RJ3?eX@Ubym`|_gh!&j+qg8>*o4Kn`M5?T
zV2Z+Lb?YB^*t>X#*}oCcYYrMut+dwK_*TbT_Oe{k-y9&*?xTzcIH0V;GsoLk!M5|}
zGe~>CGYGZRw)cm1&9qFExA1CrXXf&~^q~EryTakow)!Xrqe|0Y%5hy=4>}#B3(=5Z
zTA2srG4%&Sus??KIvFFmCa>Z|l!IY8*jQ{MJIwQZlJN#%5&&B8`;k?2mYCZge=iTj
z%c5hch^g4G+I^46ns@KX^btx;rMoqL>3*6BsM$M^*M|Y%++U|b>%?*T;qEbwTp64N
zO8A3?4`1V>KM;&A-lBDpS2_JaJ^;4b;{Tu{RT(l)+1NvF<zl2TQWA)C`^sBtZ`qIs
zY1P?~3omIF%UXM?kS#7^#BW_vv!VHdUaC=hq#|e%ZXU_ksYcQ(R=+$QpMqU!iQBLy
zIi!tN)^4G>|C0!DK~#|~b!h^IR9wLxso5_2`1v3n>?4^oI2@og><1v(DNXHUp3NCE
zCZBG4Y)RE98!gc4QF7boROi=zhkVI9iJSGx&`DNL)_}9!#y|Db#6)OJHNnOSb!I$q
z`Vy)XZn|%c_^}@JZ2a7~+g7=9@@~)v7c<f|WPilC*l*G!x@;65fEb<xdn{4`*_x|J
zb*S%=dia&cI%V6l;7LP>AZx%pMPA+IDYQ`Y(tB<06_+H(k$4N>QFC|5LH|Jhn^WkZ
zlO`8_{sr+GwLq%hC7*7-4d}Dq?)|RcXi-lBFL}ZaWsj~NpHm(3q`j@54spt^Z$G|l
zh+A3aLFD>TJ%iZsq*fuA^+oMP!vNqUHQ65)+(`bLm|0frTc){N2yCj?Yo3p$thO!V
zo9aDn=6~Zmks4GeL-Fjgia_tkp|AH8nsIj5g_0z2g(8c!BEm2untt_HTPt#K_9q!!
zj>^xcZS(2UDM@fjL9mVpe**!YH3SAaS!9Kh#}X4g&i(XI?#;I^mj;Xe?GJurXT*8G
zg4IvmFC|lZug;rXiYWKm5O~#PR320+mtW{EX(m~xeYwu*F=(!S1O6jXtULe9bZBxN
z9C~rqTmfk}t8Hjo>4lg@5E>+5ASFq#$H`(-Q-)fNs$Zp|xx<zP(-sWD&pV(GI$V`O
zm8-3>nEOhu@d<m8Wm*xl{{DIpepYkT!ZVMLitVEIgh79;!QLh*yV7D)C6nvvG4u~F
z8pb~gdf&K5gLeGx9rErpl<oTp?G_~xdq_=4rVfUdWW;{1wX@{J8hYMdgzDh{L_W$c
zP&Q`x{OcK)&HsKQ__zN@GrjWZ`SOdkkY91<uizTaiz6mY2kb{5oz8N8|0WqGc_`TV
zSf%{m3w7@uu1vWtj1+!LrmcL<OQ=n*c4EG}aCyk{f4TgBg?(^EkC{|uGCmtue6N3J
z!&b>I_Ew_mj-OS!-Z)2QRI`bOOGd16j*j5Ful{%p$Pm3Qfkz(ibs!q76xJs!@yv_a
zNp)uahHd_E@0M@gr+iD7{@nC%mD7M%Frd|6>RWtx_tiM!vB@vGpJKA*P=?A?dX3ij
zIk^L813L?NJB8PcvA{*3E(u(z+0mjqhI{K9{C%RjbWgSiTe>m@-?fl8NrhY<|1~#J
zIu++<($s&?xzKJfH|Sz<Vh=!0B4!|fXRu7{FkrW|E;q2N;a0xYpHBng2fIWD2w_MM
zBC?03&|5kU$D>?ZW`dF$IaI=(!HuyPh=U|lxhmhsz9GVtSl(ipPa%>B4Gy-muor)&
zb?`*}KGckmSptbS)y}$0b}HxEnMRunh2w&iq}M)t%^^J6bfo0Q?aKGpNj(ov0&AEd
zpEo(o-@iL$c<X(fD2i>=Tyi}#M=6ifsuzrMfmRKVZ@c(>y=#}2H8+|%?$hbgX`x?s
z{ZB)Tp)92y0waJaNErTS)7K)(Dr8kyvT6cPw^%U0mse?*Fp;@nt2d@u_@yK)7M}Pw
zO`zAt_o4mWbY9TA6?B(YuFhPLgh*6cNfS}|1<YD!{pL<>&s|xyDknS#sYzc&vH-5v
zy@@|1KFaXZHfr}bt4E<oVUQYjUDR1#&EU|`{7OZ!$a|undhXO`sqFYVEAA@)WZA3l
zx=NXuQ1WLgK20bpK9(;;BUc~^>B{Y6J-Zgt?79(QB8D9>&5F3DSQJ|z;Wz2~7oQQ8
zez|h2a?HJkdp)iosNABvxA@I}CDZ#2Juul&N!SA2@}}5k9xBX_8VkXC@!~0_9?c}N
zMI#3IMfjcUzM8?8?Bw_)m$45RseI89J}xnifty8xV{UInV{k}fUdr=Tm!IJqlNHlL
z-k;fg#=NcNhrAV9TP1?R{BB*Wep6_!BqorVm}ZDKFOt1(A6S|s3mQdwj4uQ@;S9~|
zC*t|$EIlCcS3)-it`Ld#izr_Gu=M23(v5)P9WVDz<-|lh2AOhT1{jy@Ap5<)M+n9B
zv$VwT`3gQ`V)AA0spvaZGcn9;XCQ(y_LTz;PE{sMRSLeQLxqLD)qH9*9+nB$O7(bZ
zt2W(Jo9L6CDS0Q;`SSFibvw_^*$w>mD(hg04qwOlnlml37o}s<z8iHt>{V(tE5>jO
zY|fO6`<*7M*7ay#asa_U_ePB#__?-pcS0-!u1!}J(o1_pvv4`@^7Mx4l7q9yS~4Z<
z(j%Omv44p6$oq?07?LqEs&c)5{YU_Rq3UofN6}uJ%k#%SJ#O{(oMfm>|9=c1v!6a1
z&4GXf99x(ZH_XzkX50dNw{CMKqLIMW#0&rjJz(_GD3)S6_4rEGW(y;Y2FA-I_Iz*l
zRJTrLia9*i8s(ij_|I&Al+@aU)3j-Kyk{3MU8s@YUqxSr7x$%&JcbRW?4sN%V<B3W
zQ(0HyA>ojB3vSIi^5}cLL-4lVBt7-s&@6>Xq^wHcYl0V30?))l5rjf07L@dD=^5Qe
ze^!Z8CPbJv(Mew6Fup;78eSCzz7<^xu^?Rou;2a9p$bpo98Bq2oL74-hCEH=45O7W
z>Tf`bbM;Z7JkJXCNguIBp~?dH_Upvk{ap4E)1ZO*sRkxc=v>#7n46APrPtWW<mAxh
zP_03Jou>YW)AI<^8mV5SlDSP>X9|07Ho8G=!L{j}P87`yPyT(^I3GGyMMyP9E3SXk
zA1o^5{(u>{-xwOS{-M~9GR8pA8rfxKHSdRtnJ9i24s}Dh*W9g)$WgG8knobI&CbPr
z7EITE{yd6{!0ooXi*Fc0_J^kP22?d<j)5n-i{5`S_>xnoT&GTWloK*u!A$3gG)o!m
z+q%K=Vxr$ciQha`jt;WERv2_!sMF=P>aZ#^wMQ@gj^3j3?6H%P|7Xyda`$dy0U1OT
zxPK$)L(YNcGDMgBdSTdQt?^tZ1v`~>ISm5QPo7`SXblYXb=5o5>}8xzH#YItEFkI4
z1GsmF%;NY`1OaUahb@?ulvd@JMnX*3+5fbL_=sAuA5;RTp%PDCeqe<Hk8X@`>z$Ci
zGEqt*9v)3fj@DN$*3u;k+$agzF^a>JwX^H+yIK>Y*UePxPqT8-(De7!^N+ycZ`9J&
zUa4f7NlT!Uc2<PFZPmVcxM=71t&E9ox;<~&s(F|5TLgxwzXEcbSmHT&l)X-k|6P|Z
z@1iYjh*8Y#TMp;FJES_)h-~=W$!lAw9Fj598)CxS{Gp}2TjaBF)qbCF;Pk7yw_S*7
zgaF>7)fXT-<1wa<eBfpG8RTmVB*O><)Q9B|t~bJF0JI{Ju<YL6chZ@TEmR$Ek88~L
znVJEC$7L|0hUnf_rj7Geox3!6Rs=i?O3Zp5vM_SenKo*P1Yo3Mrn?&;7D|SOU)Jt%
z<rp-6NH?wk_IHT7;6x@W|7mDd1!kyjfz5Ag;y<i6b}D4HblY<krR1hheb%6Y#OhR4
zc-cs^up484S7e1)#kGdGW-AL=KaV01m5p-z7*9&05<NxBlX_v++b>ar!7~Ew<qbo%
z>*=9fOyVxkBR8sC*q?$B?bJnY&yBNDm^Y8z`Z$@YC@==ZL)RXaP`#N|?!KHJ$~~cX
zB0q&hRwn)U_X4yQTf`w!KPsWa0jUwHKPnkK1hK=F^sSfwy)ZU7>am0fy6nTV`q=PE
zvhc1@e}yH|^4faNNRmO)X0$`Z`7M5IKG_O|#$rH<MY!-IomIQSY!~*Yb}Q&X-ezUA
z|GxZFpS@8Y{+MVfYn$cl7lvL5PM~!Ft3w;d2K`bl7g3x>JjD$C^ztxqhp1MRRbpnb
z9Pg>?l_W_43)u#a%%E<`TSA@)tMKAg;4i_<PW(1Ma80z8k{4<7*n`Kd@t!zJdk?B$
z<$sNWdt+jZjDliiQ~1mpQ}~QWbAnt3yAa`);zqL8iEb9p3h$;V!WZVc(=r;^wE#^!
zrak_-&Qdu-`T{*1Tu}%l1%`mT=@^=}8cwXA(M`f#xr39&%JCx~(;5WV4_4Kq7@J|^
zil`m-F@SW4X(g^*(rQLvSeilbzfZJ{6!XO`TJ8MVfYjC(UOXR)W6UDqEwM71I7P{|
zrpk-aH%bat8dILQ=j13<v_veI^1d+tT^TOcf^C!V?G+;%yfsR_CF$jCau**AHDJMu
z{XmM_B;E;^kHKjLo-3hJbrCM9(;6cGI2QJC$5}7!O|YeR8FOwH=(Q>j!Awm<kX2l6
z03%5T_96o=Co${Dz}wbOGz6G3{lkXeO!d_qhb!l~{9I4TeZ6tumab7o#46;SC9IkM
z)lAnCR?0JadwQmtC}L(i*0Pz)Ec^S5g0;4c@n*?{nN84|Eq1xBe<JtByCYmC5_6<0
z0@|4tYy@*(F~c_Suw3l~V@EwyON0dla}xiFXhBlAPrJid7ixe%r_va9jly;W{SR4|
zSKDAj{`!^f=O`;UZaveBKkKy(^RjZkT<rejlc*U(zu3pZxVUqM>jSQRoZceEEc0gM
zf^mcPcNtox!u{ggF0XsJwcJkw`|7@z26K%=b=~Tev)0=py8{WYS8;P<Y2^Xa*IVm&
z_^;#o9;D+}te!3}GJdp-(FvX7h9&?>!<t1tTPTsJJly|y!ih=&7Ya{)4^q9PrR*xL
z953clY*_f$e<-tdYz4_|Q*x97Vdw*pMdLL{d#_$j3`<Z~aM(}HqQ*>MZA(T5jkO`3
zF-aQE?tJ9yV#9j(`T$E>iR*IgBmxd!iE-=)!fv~jf}!eqKBI%fqt~X!#pIpB-E9e<
zzkdIl+~H%dvNDj$UL>c;@WwG!;b=FE&g~Zl)_;fq#{w$&${&+4<bL~aa@_>_Tizc6
zhW^elG?KClLs;bMuYzGPTu~_$VUY?{ja9dxQxxv<_Xj-3o%zXo)&Bk=vm^#r{M8U;
zE=zpW<xQ&c`vij_p+rd}FYk_IM%i%;ol>vtT&5oRcFcuZH;N&K@>t?{G`p{=aeU^k
zGIP_8y^dSfla37u02CLt7>uD;(V}H4G841k?-9;8?VKFkL!n94lGH*7b&Md~xuH2@
z5XW3hp@nuP?cgHw-=?$SYiAor{1fD=Wk2**RJg&gvv#vp`KdRcfWDK8m|6Qd@fKC+
z(*rqiYU)}IuYi|XAS~VtYu^$gPAvhzOC8uUON)RDot9;`6-!#<=q@OG<&d1xXpolv
zPg@^OZht7JiInn^t-o5ck47w-%y#3UBP5|2ub|w&ZdsF=kj|@vs51)rOmhe%dZ+G+
zEV#_E?BvBf46a?bnJApn`!p&pJd{O~e0ly88C{&QAMD_e@gGU{h4KPN4IXI>6s)JO
zJ{tM$=L$6u&;CG`vcU3ORV=!Qr`a|>yzo2q|6U3H|HJKUyK;Q;givZJ!V_N{H~I$K
z5o!P71&d@t|2+Ku?ZZjnOmQQC{fxo_bMiWQKEAu4`!jI2bBGw|pu5}tC}4Yi0mmjV
z<I^EeMD86trp!h~{bA1v&#F=UR$s4=3o6Xqtryc50S<Ca0NY*|kJdtcA)y?Y9AvcQ
z4O`M)L-Ss2C(tt{mY@C3aA0fwAKqrc$zAnMcCrB#NgR$@#R<0a)RxR$wh190IY}yF
z?5oh|Q<}CL2Fla7dwY-T@+oQ;WZ`51asLPl)9}uHad`2-aIoRFsaFF}bho~{CGdwo
zuqrKeup^J>tAXDQvzAk3jb?R2Vbz)P*E4$tF~gqyXRdGmz2JN%lHb`N)}N$xsa-yi
zX>n|wo$Q+QSyEar*9#Wft6k^`t%#>4oclk1yeE2b$lPfB`Mgc;aI;_%)~l(wRx}YF
z0#R~5yV{W7(PCBYcwhSF91Y$86dO5rSb;!H=j>F=UtDS?5>tFX93Ko02JzqQ-DB>`
zj!R{~=mmHm*<J=gQ>RRYkL{2iBY*ul3VS*>%|c1YvvcO?%qIKFjr``QAegF+-rXx6
zImw>s7!qVmcU8dMe=%KAp_lVUCeh>WWVtg6Tr4lKwY7BI=$r1d3em<LsJ}?mYaj?H
z`?=ZMHYwcUui%1_O33&?iN&Ywz4-`3f|qV$r$b$GSKuU!g)z+hC<2whp&XIyN4MI3
z1L4gT*t3QOiVJf?j>a`C_eZoUHzg|eFHQ4H9H$Ak)DpTxG6rpbF$goB*vz-ONckY7
zZS}{jZcnF~r=rB%oC3AL=Y{pR9H8au^gL^fbg27EgcV0@t?Re|-@T^=Eivo9MMZ(y
zw!l!1#O^}I?62~gzoq&m%VfD`EZdm7L*V<}^WS%O^~$Fi167P)2b@_ewGAk8pGZ!E
zYcMODm6P!D&61SNeoqiM)<lvan#vThi;pupn0&tX(mdeW<WRBv)$zga@_j<z`nR!_
z)c^zJ-c&Ml$zRihfG<tsxH^G-cz`u9?$tfJ@*5~k-<nvAZEar$b5ji2HWMQ!E!S@e
z<;`QjzG?REzet)Ve^BKGGP```fC5U77-u{kLwrV~s|7GPisVzc6TH~}vjS3AW$qqS
zs+{3a;I-PEWLVMqqE;^}_-lL92xCbKMu4&4am39kK*ylUr+dBf|6UL;O52SX@>abf
zKQ7)7CGOF`dDq_G?MYVT3Yxm&O1$wiHwAq;_eMAImJqUZV$MlK$)`Z6e3)VN!?wL{
z!%?lM#U$s+pg-?K*f5FyRRIxO&2g{aAy`fS0}SyT`Hr$|0P+)sf!x|oV_p{ishmL0
zs7EoA*Ty%t%|}c$PItFBvoJ|{m|JGC-Qy8DZ&H`IChH@_N@I4n6$l1qIPogGXQd!}
zm8*<3OC(7QvwPG#j7O=i<{X?=G!DyV6vd{k2O7O7(94CQ+=&kAg)!3yle1G3gQ>ej
ziD<;DiWPPRcEug!&VE?+VSmK^`9r^3ym(Cg(0KGz!)ce;yI#(;`L%!t!9$SEmb;6O
z%9@NdF>@2<QUNi_cvP+e4jIZbbt~FS9vyFZ<WsJdDx#(tBIR%(?;auNU08>a-hLt`
zmCh#fIj~4^`YLXn)Gd!4L+QO-|8k?(5?-kYrk{*_E6zDLP%f|3iOd!;*}wZ}>}J$(
z9ZsMwc>K_90P_zEjM94phJd2*>6Tg?E8P=C?0JKZXV9!SZuf3AdZ@G8Z&_ux-ZuUs
zbj&0{&;!9TcFaIq#MNxp2JG8vx4a@ZNc;KAjSDw^ZkT-hzTa0qR{egzsoX$(iYZ6j
z*w;6%U~(T^gSbv~?W9+c`dGZ;SJ5lL*vQdPxQb{KcGpiyd=(^=hY>5ojQe_Q4^j}o
z6KWIvTy^Ql^6Lsm>1>#vuG=CRUT9<xRA5%Rzlome5pjQzp68Dl$|O{{+;*;7;|0s|
zAqGj%zM@Bi#G8^06be^kW?*as$Dy_;Y)*1Yf32;ZGkRowTLALfm3^WItmPzFd&A4N
z66#E#U0p8RHQU6^o*!+yq~Og3nX|3h8`!lK<j5eiBdf{o1!;AA(T-!jeS@Hz{O3Vn
zqg3<2Pf1*X*w9Gq#o5aX87#aYN6E6+!fTF=x78Hc1jFF$-o2eV+mpu_NB45uEwF&I
zwJ#3}+=dGZ)qniPX1g3f@!U=}m~wEGeA43PR<JYK+H?_Y&Te6(PdQu|U+pUxN9Vf3
zhAp19IDqpRp$Eo=qO^zoHB|{_vj_(l?Kw;SxAq8kYFh$z`1>vCzB*Y*bX5%P6fx)q
zWK~mUd2_87*|%*uTL?I7!nxde-#1men#_aeV|i9R&R@M6xXttEd)Z-RSpjC{B_Vc8
zAZH2#bax50@`7`UmJUzXR5T7b*5t5H2Kg@}`TR$W-zUF!&RGgA+vKJAeAUf9c|3|~
z;;Al<b?V%gR-t`&$fp(l{g(%7>$SzMA{XIi(~R^i{`f(j=*Tk44ecEt%K<rl{l|!!
zgC;(7)BMvg^gPh>R^f&*TsK1@mdWyF11-{k*9CZV5^(3-d7+~1i`G~U&1c{I8Xl<j
zEAg?_DYE;n2(egoO|E>VJxSQijVSf>-BT;RV*5Jt>&`lUYyAjeZZ+b^7U=z%Ks?xO
z3LrJ7_xO{a;kc|sUy#qGOTkd(UeL2uh(l_Rs+@A9oP~H;qR{hCl`~2aH9Y;mBfOJp
zOg}pFyJAo4u)gy2m&`<qfz5X5f0`%G^eabLc;?i9{>oHQhT057b@SY>a7T<qs&7c)
zOASnb*4AVLtpnNGQ}xxTER((K!!lzDh1a4IHR%@Rad+=0%gU$K((!!LF#MDx<B2!Y
z-<oIez&7RI3)TOT<@E-a6nCueV?WOtvmHHWzRYRqD4(<hb50qGd^UuYeKd3Vevj(A
z0*~zMX$h=(lpQ*bQv=jJqrrS%ir*ZLy_HR`^!gqS@syo2DuTXoHpIi?j#U;njKQyq
zWEyuT8E!9+5+|*F9%;VV1@#5cw%UW6T0t4r2nV2!xvVT{n^mHSq!nRL=3ROF$mJNy
z{7EI3k^iph6~%F*m821~4Y{Cbt@8fy>NGBBcLq@?j`WqO7!m?6N>N5X8)jI`<ChB%
z7W&OtJEbQXYj&lT&3L-WFo4=wH}$TDd2w03(E_I@cHdA=p@W-3Qq}**@pbT=Xc}L_
ze(O1Xa@D$Yd^!#9LF}nhoS-{dEg>pR%WQ(#lt!@!Q)025ti>Tae-w_T@P`uFyq!2D
zij{?9mi1Kw!Us+p84m8Bky1t!_udMdf-Sy~G+MtDd3o2(ri=AdOoF`Y7Kvg=@eIT&
z`e8?*B&Z^>RMeyHfN#t`S!S$cKP@aha}|Gs!3>un4aOP8UaRaUEJBSGi*XLxMww%t
z;B_<Be+V3&)Jy*<wRv)*;~$>~xWSuARhCA@B9fA!H>qg2EX&W1gNarQCNSLFXHrhP
zP9j~>CI$I*-;8MizTMk$vn#1$tzdShoQvusWf)La1H@|(P+0bGGJcga7C+*^$qpw!
z-xbbQBfBE+ZP5cTL$BcfDD>j?SBqw>ow*Y#x8ofB1J-p*5C_`VRM%5lSoK{2lLz<T
zo~RAb|IEBo@sgu>;8CUThhz@Ir*yR0ErH1A@%QKzIJoR86quv)JmuWGEvAj7Oa7i=
zYf@0GJm1mbGX8Z9zWwh7^__FNZE*IQR-Ph~ueozuZlz~<mHOg1(!^ZZzqNcQKf~Z@
z6X{}|7<J6O*~h)+C(k8m<M6v1xzR4isU;PC#l3s|i`m;AibZ02kw!@$W3R1xifBJK
zZ{EbG_=Njte7g9vr7Yh1ZeqyEcjkWKh@MyUor71Sv(^^j2A(+tC7i5Ha7*t>YEM$~
z<kUsJ;Oi3~y+kGl2~J|D7ZD(6#Mc`{$FF?Y>959Ll(}qswmq`PLGQk%+mt6EE!qsQ
z9d9>^f5^$yzZIHGYefrN4M2%o3m1g5$s_CvWfQyQ-;$d_k)f@pw9$+)>Sv<|za_#b
zN>$ZJR-GLIRz496dv7Ny>09-rDAsQd?aiSjB68BRw$>QT{@Fp)CGzZcxZ101rm=Hs
z%eWBkcmryTJ74+s^WO`KY4U4FF+n-Gk_mJ67H-OWkHqXuRW}*}1f8YBIOe=(o=)2m
zzAe8|%w14pC08G%amM3E<Bh%hUdnY?(Zkt|xkgo*F8o2A{9lx||LMd7wFk{}=fWND
zBmR3Z^5Q5(P?qZ?+4(`%_`esXKFPgKFUa%T6xj{yI8nd!DS`k$<I|2g&2{AcH6U@k
ze_ndwg7@mH|LLm#?aO}!uvpHZGP#Us{K0+LnL7L#m}M>uap-D>5;QncC=Z+EILfo}
zZVjak?a=j}S;7wYxC!S}(ZrP2^}s@TFV%jm+uD(%u5PFkIz;Swh--ZoBr}4rVArou
z`_$Hi`U9E|6A@vBrx)(`?`a6os~=^DsQ1_o_-t{zqm8mwvvZfnA2GNJ6N=foA3(_;
zxr*Xl7JNaVO0=@jRGgT#vK8KGWX^FcyIy^O*R}CR=|&3%M<Dv^l5P^d<^i!1vx8LD
zO3uiv+M<njx}l5kbjx~dlOKW!h+*t9X%stsFaOeJADz~c!-*|$!iKq!5W?-y1ub?`
zrgMD%U9DWoPY^h{d}k*@;!Q~t4=8t)^6rHwV*w;=`~+}vZ`azhX;?DW>uI)U9v1Ko
zfM$_}pMC+mDQ-RZTLUl&2s$==XNF?499J{Wh#g#@PFGilibj5zF`-2$Oxq#wybp0;
z+|sI}?naV}LuzV*d%cC4n3}VdK6^r1&&sxOu(aRoSpusN;9a9DWtvK33xIK;3PcI3
z5Ss$5SEW+V0kDE0R=PMDQCRzs8Dy;Bm+A7Z)RVL-E+ULH#1qyiv0HSz8Qs$?*q!FA
z6x<-a)~aXZSl4mfM}lJ48xSUJ-^k+!JXx6;T8J}D(JsXucpvOM(Wv2-_(fRtIGTWM
zN!50a+0jC8WeLVB%hcwH9re5Q;b)4-JVa~@W5!k$s<>IJb?{*BL5PuK&q4rnw>lBu
zrxXEQ;CFMgcY6vEI~n-iUbLBeWfYKdSN2y*$>1J2dzwhMCSCe3FX+Ke))evb|D1k0
zKuz=%nfdpE*@><v`r?cMjKc|tK(gQHhJO$8<?&bUK($0(ksF&OB#nwXt9$)k1xHA4
z8_V$UcuOJDq{M-eB*}1n(NZ~%YZ^uG!b>nAVLe2vjW$^}7iI0zyO(<gr7xB05hNLr
zhXetyGDC|V*|fbx4Iy}?kDvDDqP2X<y`)!mOg7ORoh(?dwe#F`^&7E$zq{UM^C~tv
zi<~8Ti`a2K7LMWRyFw6@J)_2u;h>!(=C&Sqd71WEq4o+XyRjegG6_#gzq2l%<%WOw
z4qimN&sFcY*nlhL8V{|n&Vd*FSkp9D8UrwIDdqIn)3_3n5poJ>BQ1X)%PLNjnLa(S
zjib$hkr5=%lXe4G`uNjCm@KtS^}G_(t`IxQ%(q!aQ~)=n0UvSWiH#9&#E{%`M`=A#
z7+{oHu1Jh0%+wIzQ((K9KgxYC>J?;yH??$?QEn<yI-|lI32PLHTiU`25G;GwDP2_$
zX;Klg051S9Ujjb-^v83Nx^DZ0hu~ZLH#g%z{w~uK4Z)>-HnZtrI6etXkmuWIdtt<<
zs2M;>d<yToDtG%0k3LXd1qcfpg?Up59pe3*3qPI(8x1$N{IXmXZFb4PG$b`hx^)Vo
zcb{eK=z83z=tKx>{c*vl{jBsjB-h<GNh8s9L`t4*{V1T?q*C|eW**kcjhQ2c&wzK-
zXtZ3{VclkXu<yl_4^Ytx737ZJQ<EJT1F=7pj?#`Rvrr-iwqhK!L2K$aDQV3;IK}*n
zBwo?BzP0-d<Dr(nii0gw6DYMtn8hAqz}m!0o!DbBH&<WM&_B&m5#Z180vOvI4hm&w
zzi6hpJbr($44X@a{9SWDwD~A?U#%*@EfXc!94xRIr;H)fqc72hWaS?%M=y%IH+@wn
z<iL0e%%nY;r{$)#q{T3#@MpQYSiTcb6tleclC_;J$XY9A1Q{G=uY>n)knO3Ux%p&2
zHcTPnD5durJ;u?2)sb};LtXjP_gCho)&kt`UmL8*TprJ2<y2VoWkv59>SCd-H<;x6
zi~3`mZW`DnD7}G^@>Xt`{|IOSdPw8a-8hb9%Xt=b<ITI5$aPF&D;->g%s`o_<=h_>
zyzEzMN7RiSw{bgql6{lIp|Ebfs{MM<y2J;6Av-F<;&sH$Mgh4jK~Gz%){J$5{&*$?
zH;oE2i(I{%h?A-IV{S;sivARB-$TtljcGqDD%|0s>->G9D0082e0TlcKDVMl-tV7$
zUz8E%W0-d!*KVL!Pr7aa*mnM;d)fjticX^%1vQ_gOvkcEO*!KMlq{?$Ug#o{1EIgH
zr-x*})4(-o+-%iS;A$aMjKc3v+22>z(-<GFahrEvmGF3cNmA~GF&&$l(BBSsj86hM
zqIdREn|VnZ#DEN#^L$#ocgUMi3sBr|#V%TLesyzjNB3`><jO<YMiI{UiWB4_@Si6m
ze$vefxkwWw2LQGylFuTN69xnVcUcp}Qq0$n6{aVTsbhRoEon~-#f_FU+_nF`pkTkw
zqhcb*mzCw{E_=8rLiTTdAQmE?CG4Fj=02xf@tImd6rB8I>fqcBRjPgsWyQ=7tya35
zzOOZV11Y}Yk5HMqu76oGdHB(<M#dBz{>)G_$Dl4=X5f{L`_boEb`B1`236S33AXnc
ze$BsH-)h-4tOJcl?}oi0-`h6NLR#ns{8sxGzKpmvtv0!Qg~R@Gg+S=-6wR@~pG<B0
zuz@{B>dttpGSX2)-c+Hrj`mPEb01e#Nb?@*pQz&hkb!`%M_9)$H?3<gDo1QfYKwiO
ze#-mDB_hp{p;5ZPw=Ve4=2}-47ALJ3f!d^guPqtU@bQN)`rQ_K4gS6j=>hC+hQNi2
z7?@*8Ydfef$M&Vc-1_pUYKInoFDmq5BCV=rBPkPsgR)orN>A|?&h$_hI}ak46)F!a
z7q1c{j18l|*a(*{Ay<;=kKf8Jwn`}){Ip@JMqJK88#j?8>r;a6=z$vqPoL$6KdEe~
zDdEYm(u%E#869fPr-@H%xN;cvngPkZikyZQqccJ1J^?>H3<zk#xjRWi3Sx^ha`U^R
z?@In9G+LE1{}mdot;cKT_@#(%Iz<56GL^|wpT|vDH%r-ueCSo;H&i6Ing=qHj_;SX
zxoBM?%bIc2R~DAH52RefinQxOh3YFy7>L@?y{zm5pe^4Zxui_#Xjxx*@@?95hYIbX
zC4BVs2{d$2uv{VK+B13sgWRE-r@S#8{QI+>v%#++>9KmK`kz?6v@KVf(g0$kYA0S*
zsb0Zv(AY{b_KwGYQhwm0HWOcmUjC|yf3)O)9SEL)0T<nJngvrs3&OB3f1p1?<vv<I
zVz=bBn5dJ&o0=V@Se5wH`vCLW7)K8qwc-a44<^x8mptc2&A)|}Qte-FrGylxezwpS
zm^>xeKMNc=X!UI*wXgCv?9g&dfRk$9jl*?3LMOaz89kzE3A1yy7O66e1bVAYx9d9s
z`6FsEJeB6>$B0yX4W;<LZ?5>1|LJv>Ws!}5pha76L3{8071|5*2m0XH-{0jqV%Oqs
zTeqafuht=GRbY}NIGmXA(F~;Ej?RdmLylB*SO#6=^sjhrCCmB1<={9chF!YoejhT@
zRZPUBOs9yC!{d`2d@uQ>636JkYxJ{&`VH|{rb+{1Ublim_Qy#`lj|4BFwH4OMnYFL
z)IM_8BZSr?BnyDbLozAL;Z;iUBhLF6a^J&411};lEQ?u5Uq}Pc<g0^-c}2TJ(%1tz
zBs=Q>H<E3n?Ve5GPaWL{%`&c*>jzY+F2aBYu@b8!zC+m<ntd~Sir@)h5rmpC&$;U!
zdbt4u=6{Q+#V)!MnjLc#_>64Xg*$jIy%w!a=L6I>X8VyiT4KyN%XUO15}N&FL+&K!
z^hF(cQ1(D8m7Pd&Gy6U8ls5xODF`}*_i!{G>3jhr!>--=P;U+YvY2jTC$UVepw2R9
zvIo@sNybiG5AmDD4(1y`Lr<vB8V<pF0D8;+W@Lob8}z?$L9XO~O#i}|7h7D9vsil2
z^uue;oaTp~`KPmu=OY)MsTzLy_d>+uGJ&cKzZ{%A;?Jd~sTXefzyBY<{XhQcW+SA1
z`Iqm`%?HdovWxkJ3;xeljxOKczsgPjb3A(#Ceq*ErX1@PHKy1#LC}A01czCz3+eOy
zU);UtSCeV@w(HEOV?(7&mlBW?kkI=8p(OOs2}K|T0t5(6X*#1)LMPM&0#XucKw2Om
zI4Ui4Na#(v6j7=I>TG^{z3;pB{tx!rpYkbRo~+#Kx}N(yj#Ee%e3ovQIb+`ByM#E<
z5&iBjg=|fTp9t#e3X0PlF|V5d8ea{IsGI?CHLR-pNncM6#p|<ka_v%nITR+pQ*Yuo
z$DU~;3Jtde|GTuEmmOQJs+HsatH|E0Av=)s*dU!MNv2)FUq=*L-z+fWw`nuOKbTX2
zJVn3*5PGNC=oZTG@P!oMirxQyfLDKWne9=WD<~I=x*Dvw8>m(NVKmkugN%SsC7&m8
z6q$^zY$F1Odw=;P;X_1$g85EIBlicL|J@E&>IjHmH_(;3oU>}2ac{7!p^HQ{)!s3L
zZY$3v!c?m>xY_5RudB=br8yaz)&Jh=H$njglO6vU=<~Pb=CI9tZ0*#$>m2`EpMd$%
zTm##?rrf(`GIV~LOe^6!xD5aEK@@mP5L$h~!1L^c=g8nQ9iOJY*XRq-C}V7y1ia1$
z_RPcBsOg4H`6+w24dUw9)R1_X=4Y|1j?Zdttr1YUYiE!MF0DyP&KZy=!r^G6z}>8V
zN__F<K}nyHRY$ALV3Ow=xB(cubCZ^xvCLGvwJ{6MhxRqPnt%~6DLuGmHscF^GE8s|
zU$_(v9#iaImzURIzkf+8{gM|q@A-}LCV*kAG(TptrW$wN;`IPq!B_y7m%dkSJu|^1
zuq~_)QpN7K7J)#`ibM7d;vUM)LH7XmDCdmbT1_}bnSxE4_73@a&khr;WL#KTzYx>Z
zwgxajOQMkPlfP@Pq#MyPGI(<HuYNYbt+8Pq2d982l{LeBt+qG6f(*=KOzQM&Rq>{^
z(pqdV9@haqqKFkqqP`;b=T!-nwYoCW=-&#21>5${(Hlg+-XMFK^4Zmg4R-q*<<V8R
zqwpo?@WrjO0KiQv(NM9Rva+;zAj7ixvt!ziKhu$_v3!reH>>+B_q0iK^rnHv$0lLS
z0H`jBObD>C7mR@(U1wPQ0prjUy+NC}i?0=K`<q^O{8+PF-Z#GPXyw(xVE%nSq2j7K
zx;glI5++t>%4WhqZw>`i5QhFtB}J!|WCshcc13~JGL}~F75tFd2>{jw><`4<=qfZo
z^ncnoNNLXWTI9nBC<z;y6>+m6aa!YoiS5oK7a_w--cIqAr{dQOmhYWEF-09Y#x#c3
z&Pgqm>_SYC`gF0LPt{e0@@XL|tS9T#^Lr%4A!{Ggi>r6bdkm*zw2mvV3E5WqCz_+d
z19Y(42ry{Lnj7QAwRlWsDIMdUKTgZv5>+hR$dK@>RwK(-WT_6r$z#HvGq!U~#gnnX
zMAPOz@Z&Y%K>bf*`6zTx5FHZHEity1m9t@gWc$s9XO#K3`!qMIWJp0h(fjMh{n2#`
z$DUr9xmJ?{1np);=@<FyP2Ui27<by}nW@40-hJsvuudDx>`jTOTfhA{Xy<%4=|}eH
z=d=|J`C7oFM--L_4?&9?5(1*>TFj2@fdRx`h^i8UUEx~d7BS`Dt0CmJqKtL50F&~W
z9!_?FK1@aP$?cNP`Q7CXE>x!}!ByE2<_s_h&6>>zcCd?DNn=WHZIe;?&@q*%OP7Yj
z;17o$4$Sk+^4L^Wbo8xSId<o|?%-^4=}2?XnVTM5@#vSA;>P)p^%eplggk0GQ+la<
zQ@!~)YKUkiXzQiauCcM!?s%2Orv17CyAWw|ONpnPs}!O+n<56^Un>Eomp;gC*V~eb
zTK9wnOD2zae>}jM!-n-OQ-fic8zwy?<|_6CSYcJhRzMMeHN)xQPTm_mg%UNVhqpp3
z+YMHqoVXeM<H^Nh)|Q)N?>Q+M*#;|Vu-Gkk0+*5GhhcD-{rI*d3UZ+6Z`AV5D9XSy
z@*lvU(^-@is3`t`mn^E}0<5SbclKC6K+|rE%>)~TySF%_Zu9nKk-kEs6Jt0dXp;(C
z9r<@}06MEDncjA-)n8jEJs8p&p5>xSgRmy)``~jZE|xD5bIT;?1f)pHI+NPwT8w-;
zs%{hkL1lCe+|~-y^0bE)6}d@Wj}}~hFqbuBjJ^?({nZN4Lx))9bRnPWX$jbMB!BXG
zq(=SLj5o4#2{fIzvGU}(DrC2^yDb6E8Q=<mBi%a$_VVc%7MaO0KGf-Gt*qEU)TC#f
zY0tQ3ylrT^prM09n^*04TaW%xVAq2|$<5INq119hD9(7MxycZ*a)I=;HhrApn%EpH
z)y{eS#|H!NuM>cn5&hDo6$R<?f!y0Z0L+rd68dDxLvR`Q@zS8fg!5YwrgXIZ?~G63
z%qPudzDei!T;dQKf*}`%v3h3Sew>;F;)R{I(s?SzGp#a`E-u;Y*_BcM%B#DMF(|=p
zO<I3vMT`7*N%Hjv-(WT>pz}COKRs5mFGggm7yf!pdG6(QmM@gW7$TDlMiu#*>^9``
zwGAo0S5_YmOo7tn%Z1&DNx{|vS(<D1Lsod}J4cgHAa3Or?yW^=hQQA&(TmaVX-93h
zu6mcWy{O{NO=BV>kcFQ2KHt_g;a%(qJ2g#`d?p(=k8W{vzV^xJRpSB#6Ln#kO-{>*
zZde>uO)<wy!1e)3>0R03i)wfBH?OLfS3Sd6X&zRba;2X>$XX`3LbSyi6*H#BCW!g{
z1)rK{6K)mVpBVghkJRh#glg8u*SdsPIr%2wMTm7#$=+VF(2W8c$}Likpu*2o-vvn#
z$bqP!vr&^8;-nRQD_Je<B!XpVPsdNdnm+Qp+_v~bgrt=y>Y8KoC+X3Jo6rkB8e&mW
zJEgE(e`&b!vqfK}f;vT+F%J?q$#j@9rbW<Bdf~S@xSY|orFEp-96xv}&hjOd^1Wto
z95TOsAwu`reQ_f@W+C)V&GN@5KQz-+9xs<Qt$W@fO;lD?h}&2TpvnKUOL&Rn4EvR&
zv6AnrC@&}O&j0=BK*QAeJ-tDNjG8xi^kmra4_17-QHKhkMFf7=*%w+Yr4F+?oqioF
zDOc&WB^}o#@w&r$;?|dkoiD7&(;pnDS~zGg$&o%FCLVdlAMqvuRi`}i)T_Z<H|FQy
z^B}*3H~(EK)mBz|^_z3o0Sylz+qy~pv%Th->vqK`qMMKy6*H`u`ZZ;onAxwFKb>OG
zZW#S$NV3dey#DXrAQ!Z=i&(?NXU{j~wUxeSVIk7B)wt)0AHtLBQgclz4i+&1fUAB`
zOWbx$C7YT4e%0&@NIP!Rsi^ei`0e$NLFHz|JHo{TsDvn3?N83>fnbGQAj(<_IzbC^
ze1I#ly7#uE>g0HaXUvak$&*^^#~x{$^)W~WzHXa2l7HJ<ug!ET4y}*bVDRL1mGe7N
zE*nD7-n|#vAKH_H1;-|s;*uOAY5S&(g<NNn)q|qim<vMYRIM@jjm0ZGjHMZ1jL9xM
z&)8SQUv{5RE(}rU9lc=~MsY%sC;gd7N48~1u-wxi!aw3r5%A`RH~nxRMc!e(EpmjH
zZ$awlO<G{BN%iz?iHzPZ3PqfT7S1Uv@IAw44lCT28J!#F<SA$8AxTP$U{>|+Jg4e_
zPinoa`wBie|LxV<)BJB{zSnfPy_6X0p#pg2`wyRt!f<fUuRrSwnp<BU>gZYvZ0z-+
zuZf@fKgD&l4wtXx5PCDV%zm-+R#p-6zS*7t;oq{&6OVGIA(X;INNk`0bdK;N3%={&
zeY@hv7?FkJ&tcQNudD5{@Xrk&u34wHu3#ng*x-cZk-mh476lF{@iF6OfzzCd$M$;w
zi;NwaUgQPQ{zE$T;xG(*k>0P-&)xOCvJg?Km=WM>ew>I5*F$<J*L{>v?sZ*pLAk#2
znw5Wct4{H(<Mc!x#2*}W(Mq0B2@sgxtCAj~_=w@9Lsl*n359EV164e!E~%f;CnX+f
zO!+XYG_A;&)9=D<Z1d%Zj+@ZbLz5${IL_XBY(AL|_kVm8=8Ii73{||(aX|+(^nQiD
zp=xWczo{IrETOT1vQh!ch$nlRaDaDrS!cQF#kY}$s6#6#;*=^E*A5*v@y#>oqd1k-
z0F;}*VQY*1^bNYwummT^Jxb=M)1pD?e91Qwm+a*lXjwBzxs>|9j(R}cUeq5<8TwsF
z4#&1li5Ol;LH0^p=Ek#U8$8)lsOObTo+oDyPXxQS8yr+qQpV;1Z29%s3%Km&YjX<0
zAVDH)uAmAG1@APr5*svA4YRFhw=tajs2!{m(*DEX*<XKSvj;OPa$40t2?hYrz?kar
zxW=u%V3UJc=U@u~tXY<g%t!`4bL+^up11sefmi=HCZS!4A$PbEV|rhw4Q>B-Y4;Pi
zuF3xs#nSE-|CJ&Herh3i>xWlXOyosc?C(p;A%FevJ>ma+3Q6kFi2wIBkWs(Ip7;Ow
zF|Run#oU5JeyxAcJrI-Ih5<b)|6d}@>Aqig;*UKKJU<lidg-9twsV0ik!~5=0bv!G
z^>w9(7+<tgN@QyS8J-hp8q3vuLT6_=&<9o;`)7gQ)i4IJ2$O>fpP@;mtiG`}O{q}n
zTXmfM4OlhS_n@%;{_G!8vCTlpQkl8-uBeG0Na^CwE@u?{$*5g-#dM<=E0uKLhQn1Q
zSuI0c!R<=Pf)7BPr@DG_16fvzS46WXit*B2_4N5Cuc-w%iVF2Ud{Y=^139QFq^EZU
zSDE(xpl>8F_qA(fm8mIR4d~-*j1i1l(~`|;`#YlY^a_jIYkG)_Y!~Wl!6yH}f$A(E
z0%CuMGu7X;7om1TvbdTv^GlcjYzAG%Q}9%l6|WezmojIg@RPIeTyj1AsDCjnmP_qQ
zrRB<3{RvZc%Dx9wS=1e}LYZ^pWX-^*zb!&-e+oN`_e)2~K8D;eb#Is2pYgU?4rArP
zLsIGTY9HW9?kDpQJbP3C)XByfyhqyEkS8m1DRDXcJTBYbJ{$PmgVwqcd?N;H|C-?&
zvB4OrEl~>jpVat)!U3z9JgYiG$#l>c=~8l>W~RWRSWRPexV@9$<iaFtfrga*Ene7n
zJZHH*AYN#}_45ioqcw$oW5%E!@2{?dS19mEg)3F68U~P&Y61f?y8QQx!CBH}s4pPp
zAS}ZBpa{hHl)F@G`dKvPea{A*_HsQw%q`|m-rVGTR=!4Lbhok<E(UTv*~d|H7R&7P
z0Vy1{h>E;jKINpE*|gtG<~`(yk&`TW5wt5I1T#*czgG<w3dHUq;5FH87vq7yH%WcF
zgGsdVy6F^54DH?BaU6Fx{=B08enS4)??yyMQ1+)>3G_!obmzYCvmUuTm!p#pGEE<R
zcNGYG%aMmrwfgfa(a@<Ou)#POFKJN%(ZYVyj`=2+SMwK;71h=<;mvW9;cF7nQ#Ga&
z!Ugzc>u5MB>3qZ%ZaY36TcQwDpv0D5!5D(^e}pRHu+SBwJ|7-gw?Lt$-|USBL06B)
zxPy2)^X9XU+}Gm9vV56unQQY#&ph&n%GwZTGyWr}J7P@*t4&t{|Ex9C@9>(O*4QXr
zKc91upLLcpTyI0auDmE+3-RJLGc*(apr@sTgCRV2_uR1xi|R85`Z42CwlFm_pEd=T
z<?-Z>iBE4jtDWIG#%BrBX&Hfq{;p`Ccx96-|37if0H@L<kCgfD5K#35{M^s!rLNdW
zJWFo?S37sndf!T4ym)gC9U{h4+yJTgk!jW~)sXbYF75UQ;9P#e=*Ng?zN+b<NCgzR
z{Tcy-4`53%2{yxv>qpbYOGIH1uyef2#L3@Xl#saBla+F_DYA=5t*bw$hd2=f4hfiG
zVQNFr!uEZ9G!0lrC4p98%{=~^Prjl2e?JKx6S=aWW&K(PEw#7nNlj25yZ<0l^3%3{
zVi4{*$dSDQZDK@z4l^FK2Ngb3&m?LNKO!(3Qx)=u84<e(n}<iUZC6S|k2^T(1-Jxk
zY+7eoTpVTeOq+m$CNtvzVetmhH=cHCl=&3vwy{ln;$LrFwP2rzr7S-JkhsjHrTD4z
zxf?MR0eX+JEFx52;!lf>fw=0X;X6{PCx`b-=$Ozkm;#R9?+Ka=?(d~#f<%jR`PYYx
z6+@Y*FeycnF{Gm9to#C>?q-=t83trAovj?~ZQrJvr10+&GqlhpH{jxh@Ea02%K)iu
z91P_sGxiQHLI__PZt$(f58XQ)p4uwZ67J_dI=t6?oFutD(1PSo2%TpHF(nq!_?v+w
zF3<Y(T0f{d7D9p=4&SlWr;MsRM^5no!WCY$XKV&CooDTFJDwuWC-VuL5ML-9oYz-x
zBJL|P3w`pX4_BLR?-PwuJ=?X#UXUfXB}BfL??1{*4)>*g;z->ywD{)vGd1RExf|JR
zFZu^nDElO-+wE0xQ%UzhRJ(JW^LP3EPgV|QnR4%7V`_H*oB62D=c7JW`R%+Zms6t|
z?V!B%!;0ZTZ&`h>d*PBV`<eJ%PiCfKe@qPAp0gw1>-$Z<q)PNn#r)u+xC&#vYbiqn
zkl2H9giB^=klc3Di>uZB<J$qtt6>?t*rgUp<HT8)^|wnK(50Ux<>*<zt5_qWsI)Nz
zP5*ILAfl{WQ<?cgo%)2mK}>j)Z?)S*EHsloAt^0ZY?wJ`RY9%otc;DY0J6Pu=nZhT
zA3LdSSb-QjK70K?iKC=t2CF*BX&avsltNTc3zU9wyM@2x880T&W`}#P5E*j&EDBJ8
zO{6YZWIn}}DPIgqLSP!Jf|@3+&)hQ$(oIh_n-SkyEi9+X{k8lJ=AYTQKJbQT7aSdZ
zB00+I2$l`}6}$A`B|!hLO8sQnqw&*1`s?F(rGd&d;?qoBQgssCyh0Mm{<Hg73O;Nc
zx~5vVH^Z8t{Bmy@r(&NQn!NhQ1zF~R#fzHz5uc9SrDj6?;k5bbyhB5jM1EM)o7&xG
zKo@EFDiU2cdH~#Vk+-XKN+c6gQIncUg6%*{=8#$+N_2U6h!HoHUU_+4qlNWA#2IVY
zL}}8F%M0dFZ)(MXAQE`q$L8;5e8*H&B1;33<BA@9HxWsZj}X@$F(h;wxe0W#!Z)@6
zW`HcxhaD}t5v``>V^Xa~m71V^iN7yVR@lj|PCwj{38i6L*T*psjMkQXR_T#tDdb3V
z!~<l$QBv@V8Oby2X;P)8IDK!yiwM?0-L@!rDbFI;6pOPv_%7k0gp1&jc(w>U;Uwn`
z55FZwO%lkH4a8Z&&)adYdngAcw?b|apZa^*eMQo)V@k5rZo11t{plD-=d516MQFMg
zO#%l&di)8aJltMTWhB?;18q}<&G2?Z;b&nb8_M(Ar9;OHdD~fjC~1u3HU;S%u3(j0
zrnGrD&#NqTk)ZJgPb!n?YxA<*S?`nwPXO#2wS_%T!O_(DCo*AyP}H{X7s{~)`wPd2
zx9>s_3x+7{9Qv(pw+wD?E_W9HV+|<JdtA-lX#M-=KZ=wWO)^X#TL(yrmj0fECNKRy
zr#_&PYp(Wi(u|ZHR39>0E7ohJ`a-{_ME5|6yU{X)XZobc6L-K*;|ku0{*CosOn|#=
zLr<rE-G0Q$j^inx;jMWnQHA<(PI~$T7}s3j_X~&WfkWbu5#2zW^T~yX#$0cnmxico
zN||Y4{Lu8+eZ^upk0cl&zUkdG*4SV3yHdv=)R0mw5LiOiDd1fW8*y|8qpTvJmjxBI
z!ieoJjcl+gb`9>B{WQnOv{)i`y0*_v4+yE-+Cg0ooZ)IUeFK?k2PpCRNN~3@Ak4u!
zNm5H6=4zjxAU<?uLM3%p-sI6wu}~e4d3$@-@;ivu)B8i$6@ISTb!pxh4$AU^ytB_6
zD;I;igfawP0MyJrzXf^bS~6M+e}qp*S2eR+e5sx9sW_~O>{-S=nXkhlKa5+NwxZRM
z<2Jssw*kg>>z^u8B<geCGkXH1n$1r6zsz__4AdPEx*fLxw#hA+a@YP!;*dDpQGBFQ
zC~4TfgR{(rz)?PD%|ft@0cVJvMZY9x+s?k<EpRGUP#gFRN;1=a>UmhcrXVENhB4~`
zQf-!-7zryl3Cpb3D4t5F6~1t@VrIfH@1x_@5;r5fNDE)>(_y&fXm%%+pi2SI054*4
zeQ6#_tbyP9B4omJILL!F4+koZoY!q{I&!pM_e1BIf#G`~XCiDM5o`8fBv>qiC(`Xn
zHAlBP*=`s=b+`LKojxs#U7`I!JMmh$z=8IWj~g0zQfa)uzgaUzL4z2-NyD)wNskB@
zhZ%+OZ<f{VH8lZh(u_ii?`^%%I$w%_xKf4^Vy9sZ)`50r#9{puoa0X0fmyAMj;gaa
zLmUM+N5`6V%*0nwgT>o|pr5}lKG<sZomDTcWN2Y8@5}vD{S4SL|ICfKppueUs*zct
z%5Y#*Z<VZvk1?)5*L<dnl#T{ZS<3_5)Oezo^Z7SI54EN{<=qk{ey}=%7EOaO<~RzF
z<j`qIX_0Np<qu`N9lQX!mIgcy*jD+x-O!sJ-wXY0W2cPE`#@9mC==Ti+!2~${~P`m
zNj@unypvD>GehrRbRW45JDHmlEUP+xkm-F`R-(ZjdAEP~U0%oflALa5NfP1BKwpav
zh&!=lHaoA-X8O{Qr=Mw(>DiYny-oQFt%3a1Gz(N1Pe1viVZ`*<+5sriFPP({k|gQD
zXn)#gtXL^973sms8lLq#O$Bz*+k4-St$w7wuO*Fcs$4DD?9MhHW2`qm?x+-^L=ZrO
zalpX>-Omk4&(_SK4E*VJkB1>Y0?fAZx1^{P2j@m*n<h;cHhUdiv)1g0Nby+KU4;7+
zp!EG~x1L!(l%a~9ey>IAhHz1Q1452ZO#1?)aE8cSn^>OveF=kfcyy0W-emD3wSvl^
zpdYJ39htwe&?E^1%3iYS&Z3HZShS%JfR*P$Ao+QX`}z3mOP8|#|6*qTJ-%8soa&{X
zVy2zX_a1ah1j}NcVvWu;sew<@9V<a%fU47r#A=4HX(`UQV4<5WD`$v%Nbo#!`EB3B
zXBB@{><A2pCHvmaowoF5bB8Ui-x_rsC*QJd1~zvQ_FKzyW(%PS(>@9LFq6J-OPGB%
ztz&rpPwn!!PNB5p?VqsIZ9_nfz52ilq(h-r9Q{>Ss<&gf8b?K=&=>zqbBtH3?5j3}
zb7p%d{#58rL4?zI^nMD)Tca$^B6(bjzSVNaZY^Zq<s6zowPX@VpgeS&$)}n%Qny;;
zWrMZS+4zdciK218Sh9v=0o1)}H=noiAIl*P+41%pfsen$dwGyeS4?N7hH~0I^HNi~
zTT&L{^7U(j1DnZHP*$_Fe+^8td#o(_+PGnsdGx3bBZ}&|76-Gz$X4#lTB%~r+#N6j
zYbNiLLR|D3>`>5&a=P@}y6^wm!Ed|vol9?=s2t&y3_kOtULR`>65dIN?SU$|y#*uc
z*OvCmXe^l!o*-HCTo3@CB*<4xcmc`q;Fx68uYUN-U$XO{I-gg6yRnegR~Wb2*-sFk
z5oaL2NwDq2ZBbu*OkwJ4q|9>Le%w%#l?=<EqB5(LCcdw(UsX5VN<2}DdHKhYvc1`z
zhqaY^8w?Y#fajnodDqd*1Aam*%|XQ7!!hPFSuJgWv(65TeVr)@RaptenJR8S>Q`o(
zx0Ze^gy>czL`ffwnUN=d>3r)*QOlGops>*kM~RjUE;5rmr;?xD|MHvF`_$)+*?{Sv
zUZJO~q&xR>yQQZ4`e>}I#PE^EUsWn$Q8C!{W+jDkqyDkmCNM!0O4V>b)dbK-&@Q6u
z#Wc4TLeb{J#(>Z35^_y;p~FHI>WMu#`)b~Q#Sj?&u-$C4fx^#DOS+O|s7Sh58yS`f
zD*#+rgI+a2B;9J<nx0x=Fi~lXTg|rM?Fto~Xw5;ev*YavsD~yFvni@<s^|@j1u#Ul
z+VYDvO^BWh!wwhvH?|+Bp66aRBfhyk*cyYR3eNPMlBVR;o?l>4fM%St3cy0Fbz@^+
zQp_3VidumO+hvzc(3%DRv`+JGKFaW~Tvc$*wsFt^Vp$Z&@8%{ixMwSqcpeOO<UkIN
zCcZW3@KiT{fF46DD@Tjr?%9c1mDA?FN3B&(C9Owc_3j*{?QM3mI4U#iwA>Q_Fz95E
z$JZ?wHFlv}vVEB%IXCMxw}<>NzV25^l13Z<QylHRfs{-t3Vhu1-HdC^;onP-M)`*_
zPTZOKZwUWgvcAWh=<Qqc4m&k-QIC52?oZz9%>r>tq00qbs;$Nm(&9vMdSEr(fDYZt
z7@iStLQX7HRPTSvNs%!BNdG6n*+_MWkb3f744<qqu{tF7Qt3*q7$td=6(7Nx@*3Gb
z><!AEvz_d?zk8bWh?^!J_&9zA2il1y@2zO<K6&80u{@ZynxYuYHR}w;Hsfq?3Kkg|
zyh(#kj!YU;l}Jv}LAD7OZ+OO6%v0Q>+^$?cs%;+ziqWplx;TZyR7B;7I`X@Q3Z~q)
zVe$7T?2E0}X(^}jmE4MUSq<{y`Neg`sXyYz4`eb}-sb2EQ*gmV*hQV1<{)EvjKy^_
zy20Q|V??TFCYZ=|I{1oG&-G}6k$HJv-<hW(?!B8;Yh1d|w()|LQ!=A>#J8e*D&oga
z|COpRCq5nT`Dac+n$jE$7v1jHdB;y`)o$RqvSu`C4FC<EI6O2}p?Me3RFh5;>aQ4&
z;_6=tK7B;6&p}Nl4FBu9^?Jw8elNiL8_!M{XRyZ*HA4&^2JwQ5?v0TCJTMV)3ZFp%
zN5-DdZkv~$z`GjM{VA=Ele)3CPAa~;hBo6h#5hJzIq&kn`IrxiHR-q+Y5Uva5YR~V
zvA2tooH;1Q@m=MvuLpbcQFfN(3qjLQJ02cR9R)Azew^>(`@M3^qPZ%ZTkER8lD<{=
z8Q$Zc+5ycgBHGW38pC6ZU`d0KT%2k1Hk&d?MF(OuP3Y1)J-?|d-z%d_N$BJBAMs}B
z9x+n4*qQH9imQyh@o|s(J`sjZ@-$ojjN}nFh%&;2?>^{LORnNGP7~KeiLbCROe=E8
z<9>3+<1^KX2>uBTdh4)U!pF1TXWoI?-YF}GvU2j%qX9l}sm*frf%GZP9Nc~j2mMC4
z_C;d0wFYPSZ2peDl8AZn3Lz>glQSMOco6L|iF)r&nv=i%8zgb(<x4hr5O$ItBcf+h
zCOsyi4JaE1kWaqM)QzZjZhTJJ)eC=?W>XDYH7RR}J1e7ca}N4Xr)J}laYiCKp}~4A
z{HCK9f_*Eze^jt~PTPw5+Z@-A4M#gdA2vR8eIfJ}xh(2S{ZXf$aNzI>aO+(<I8*X+
zZE<zXIBI#b&qpob)uSgjEf<FmeQ#mfx%*|5<{TARK(0C<bYmD~<Lx<smUz2<e$%1n
z)mBXGRg5?%aL;n+3Q_7&Hyk$S45{Nwj6heeRiwlvV4KC>q{V!@=f3Ifwzb&^rFbV<
zhfcwo<%H`hp2lCP>Ak;ZbNZWGv$B2*L{(1V{v7&6a?WUTWu`Y}N{iss@rT0nGpV4@
z{*Rs4FMN9{FP+AXBBt*hT~s|XL<khH^JIdAE4mimgWIlI<1T@q#UW7II|RP);>qr)
zn}^|iS!9daA6vr>KZkiKG?`cF-%=UR+n#ZGuAa$n9X($5Dg`2oV$VH^%t-co3NW&-
zY-mt!fL~9WS-m~+AwbKF_ui9!Cs%YsdaQ`9AtGz1+N3HBoF(C@i1IA~R(scdIiHw_
zI-5vQ-<`=@riH8ih<m+e^C)o6g!~#i@g2Gx%$MG!yjfn7Ma>&q?_AspV>se@*q@@*
zX0?<jxf-Kf>@(B0CT{EAxs#bPZaXoO^+OWJbr`64v^gv-ZGxs`k$}Y{0&J%TssIu;
z8rKSC4yI|m_YahlS!epn4ET_2MY8k0`oZG7`d<c-01cR9QXVwG$SQ!_iiu}`3el;}
z_U4^@!ud;%fQU?p?AiEzeNZYnk(^SISQz&NxPAQBBistRWKTM}&nXK`J-tukA#Rtm
z9V(f+ofav~*O+Oh=>PR_0rEkb;>7H~g=$YS%FyoFYZ1xt7GLyDN=k~5eV3TSrw5zm
zMPF?yzHBTaV!l0Ts5J9Mwyh!Z3+vE<|Ct@!ri&-DI^@P#-iV?50S4H?W1C!@>wxip
zLmV=J*^FiE>xj-6<#U}LhBrCQ{-ZakDJMFJLWz0&>C|2j@QdZh_yoqE#%uMu6wt6b
zL|q}Q#nyRc`ptlgzyp{V9>KO|ah4POlD&(IE-s?r#uOZjmP{BI)yy^PSxlXKInafC
zd7%>JL9cny5<Ywz^Ppe{Zi$MtPw?Ngs^P0nE{KfVU`e)HYdy%2^?fC&btNCNtz5W$
zVCE~%M3f2LQ4m|X=wm6`Hm}(+zn)en<SEpdnPSwM57O_;zfN9hT1`xy<%0>qMh&xY
zlVi#yfPjwgIo%a!#B7h5MTzn}<jp(x8~c}?hV&T$w>uRT->be!nE=G+cE{{^C>9$+
z#c~C*d<~%gU21Z*PH|Z`b=pc+WIT#Bjo^F{@mpn2Vu+7*JWt^+_*8yy$T??9jFtDX
z)mPx_pJILqYZG%F(8h@9?I$u#8nDcap4#$f+^({dWi3TCWz!ah`#Y#o$K5<}mQL_W
z4(f6B#&amk^>g?A_lo*9RkD~*YKUY<)gI9TM8u#PCl1l>4h&gnP!^$(Ko`mQBtT^V
zpqn>E(m%7FFY$2ub|W(P)a>#tH~z@0z?;?|J;noO+N^`Uw8ux@P+PJ7No@oyI#?wI
z>ZCcl68!=kmami;78=p1enfE2)f%YpFTn1QjI(H_j<cE!Swrh*68w1ytH2tfRYpVB
z(dY|k?B+Pq%|0(HDxc)gQzzZ7;rrAZZ%@1VVA!`d@Uy5oB0yhnxw19=e?Y1(yVa%=
z(dl`UL^-OwHEEOxWzKVHQQ@A+69eYgtquMnd~-`@#x@FLN#ag+bI36uX7$yyF72K8
z-mqK-E6QHIC|!Zzd!-w8_MM!&n)>Y%N=&S#c9L$Q+}0B-c@ea6ICm3O>!nL65BP|D
z)^#^Y8)zC1UHVAhTlsoG@VP5{!=qdYaAXAb<{~?ZyGbmi#<GU!vX>#6{Sj8|SZdy+
zd7u;@VDvL;Kwv0XP2#290)mH2APmmRz79=%FG&WSSHv)qXA6`vje3*3PP#HzTNJX|
z#?g<8$dQda3HL(qaTMcp{KJVb$*TT}ohl^lDi*+E-iLXR8h<C855PO5QHC>&IPt2C
z?B*KL2_NqCav3srFPHZipF{-cureWykBDB_8)!;?dhF4{+W56^jt{bMqINHc+fR!T
z>IzlXzW&_h5j}Y&zBTO56(_r`)M|FM=Uy}NbZHb*`yC;x-_9_*++!}ixn5*WO=l{+
zE2>B*%9)WsL);Q6X;G$B{)4#z66qYWebMOYKNF;fJFIzFx`u-$r!=e}5r!qQMhI4i
zf*HFf%}QBQkvPCqZ_N6>$Xc^<rq!;i0S*6SQP1Yd_Ux?kA7bQp%_hGw{d2-OhJl_~
zWJ~>*8f|u>h~jojN}OoFI3GHm6(9{pP%gLdtTb1LSfQy@`D9mym68suk!LiF3#pR!
zh^D}C%UZuSZrlIN%7czuD;Giqlov%PkD5|yC3PPR8B!9zKW;h{sRduT`p>pN%!y9o
z$m`xa7W<lu11fd6fiJ|GY<jTgXFW`&4*|`hqvky+VdH0FEPG8s;qEMaX3B17zlKkc
zdGXfWFm#H8sBfO=c!1<T#d(nB`(t`N8^`qEfDFZ#s!?r7za!(c^OWtL3P@wuv3j^i
z<-HBhipf^{ZqK^p9AQ28)BVyu^ik;>{?xL|z~KPNMw4o&W#Pq<2Wbv;c(r`ync;Po
zAt42XeUPDWS^M4Z4Xzs26zkW^Q>|&repq%4^9hr-;!%#i@JQJ70Lq;sI{v$~aE`zD
zfr2lnwin>Nqu|cYl2yadM*fT&&y^5wlDM10!RPj~CJ-g<*`3neTo&n|!9_=0Yfk?>
z(|+z6F9luBR$aIMS%=n#fTqtiHwfYg5tg_0&WxQV8A&GbLgj-)r1HuE55--DTKdco
zH7eB_!9CktF{4FFRk{)VU1d7T);8HVjGD8u(r1A1i1Oma;Y{|*MoaDb4;-DE|CE{Z
zLa|RZJ<<H}OzgW0D+&Cvb@I?-Lj0N8Oh&q!*kOO73qlc53aP=NoHE}zdKg$^eJN3A
z|6N*auFM-^7F(W#FlFr8S^zyF%h~o#JdLNe%931&EX%**emYLQb!Dc;TQxYU?iTta
zLnQ1FX8uU;m9C~F`2DGmXDM#UtEAj6`hkD0a9KMo{1286@5#Wju7v&d5Pg&)n+-}9
z1$jWfS_(y&Sl87_KlH!z`y_nkgeTlxHnsPDbMMLr8rfIL^N^UlrXteB2)1}NYrK$B
zFZ|1y^Haq|J>%87ZKWLd=kB@q-vN}Gx3b-PByo0Nw9JB^Y?bsjL;{(EFq1?~aS-Tm
zRx$ej%yZ3iZ;@{|Cu@+W=Q(rHDvncmmOBERvRspPi4ce5^~?D)(Ar>78R^qrz1BnQ
zVkz>40<_e>wjq-i1gL7SbP}qL02eGIhksy43Q{~q>vt<>U}B{HayaTlDC5d?lz~{z
zU@QRGMt)M+RKbiQKqrb^HhHw`CwzX1=9_#dQA#zY%TVs?C5d}(F2Ym0!V|5{8(szk
zP`deit#)U`7__{RX1L|?)8d~N#1voQcYX#z(<-Tk>a9tEVg$?@Jsp<f10$f!diB`y
zw$TvlBzsX2u|%sP1+EtS#L^FnEzOnYQh2N!*69_?*IHwyHPGnvrt-9}2r%cmb6d$*
zBg0UcZJZ^*j+JjAY&YHl5iBC)Ed5u5jD>?-NW_^6NyY8vI<8K1-C|BNsZZW@1^iMm
ztV-1BT6R50R>lEnP4BIWU9;US%3l+Cv;P2hpRqD;_{XRg5T;!w`e_(nmJcR<UZ6~X
zbVC>lR_JtVG>f3D)m5ACtMtpdM$N!nw|X{td^^N(!qVrF`ykD*!XIZwU3_ikG{m=8
zYZyFUa&QP7h#K@j4iCVmwts0s&-2@SF4@Z~D;T0dr1gt%FZ+~>X$%l|ZKie)ll1(1
zS@Ogp6xJbXwOevH=OM>$FsC*E>TQe;Y=|ucpi^sc8?w)?1QitQ-08vL)uPxuJ6-;?
ztHqO!*l?XU7o=o$<cX)B?+!M~uscd0Vwn^6ZOzxW50F**jUskRUwz#{G4_0@K<QxX
zL~Vj*ma)iD1V7iEipg2Onc-d=7i>u0+~A<NzABY_gkoO#BPDFGnA8~nc&Qw#(&z)V
z`V>u9;*DR0H_p{m{}t8%%;a*2^CV}pBLRa^fSg&_sU3d>jyLO_5vJ!P#1q}c7C|jh
ztiVd?xV7V(LO$=Vo%s*gcCMGpcZKyz6qWNZBTc!KjpC+9a@8r18>VhpTf7ekK`LGP
z3eZLqfWqA(ffVhcVa=3JPyH;)9H=_B+PHB0R4?eDbAbMEPhBSP^Z?M8oC}*vRUCWV
zVmW)}3;Os%F?!AQCx(9b=9yJ!A=jUmcS%mOvkyP}O%Bw>0wgIhh+t>^0HMpg5xI2L
zXsm|BGf?eX#Q5PE8o-<_58U4xSIGG!<CoW-9(UbLM_h4wL~(rlqN?C~Kh&;?XBP)r
zrKQ(+n_3V3cj;|^m}~T*79qckmy$K>W!GB2Vk!*_O2~`*Yaw~-rc_u{hz<g*SbzSI
zS|8mO!12^@&UcN-%uwSt599uwsc|dQe6AN*6)d$)IKR5LD`t>+#S%uvZlsU}BrlV5
z+{8-#yvjz3$cUo73cuzamY8&#Rn^~vm4j+9HPzw~;UpH!t2Ub0tVn5DL&kl^4d|J#
zHDu=csTmWjHN3rN5R-4*bu@7O#WUU#&gk=`>)#|?bMo_`aI+rWhg+RrAOiZ(p)ywB
zm5~sTSs+%v(f-%7>)%wYi%%l@>lb|KN=w`g)q(fh=(A4KPvJio1C-mgKaGpL!Rcng
z?*35fL-{~k6qREuaLqxl?N*$+rhLu?jPPmh72Oh6M!k@ph6@FniToNQhE3yQXrcjO
zY%c=q8X)2&PQRG8uUY(aPjt6slX@`cbIo4sO7a^Hm1NYX{IYTte!mRqoC6^@E<QP>
z))gi?gOD1jRaoYEb`FVescbm-q&(&?Q@8C_9XFu(&^V2z&PZ0yg^}KX>3~gs6}DVE
zVjFaJ!h5%BPUFpCi9&?htRhmOGHo3LdeF+42vjv&9cl`c4Cqnq1CTK?tp_SY<1-xt
z<-N~Lg72Xpduu_WZVbqKja2khZ>SibXr#$!IJi!}%Xd-e$b7j=B?N2S;ls?T4wgQ@
zJ41M^<gc#R<Na>pphlzmAgWP1s#Jh~;c=qr_hOwGBWjmh^k5ukayVI|L*@;0>&b@t
z*3=LFE@+}@S&jJPnGryoySd(KLy((<i<cB6^QChZ!n=1kFT|w|9P;dXmE=0uU6t%u
z!L3#L@W*_W6fl@9Y}ZC8pU)NKbt9Qbg2H-c;XPnPsRCNiyDQ0KelMcguyW?am;QB5
zQ~dI7!v_JpKJQhnfcTjR^B!fsD2kFi<VqW@QsSZ`3y~RgB3j{nhRxoLw4fZRX=|w5
z=xdrKZprlbHqhZ}Vmq9`TmtUBsJaiNQq0H6I12@Wg^MiiQv~)bkeana?MY9pm)#p`
zR)=dFGj3Q1<KxQVL51!<A#{`|XuaVL9gIL4MRbO#Y^L?Iay2z2M~Z%ZAbr2z=+Dv*
zUghjG!G7qq<Q6&6L*Z5Wh>8U2sklgr8L`@pCHg@*)&Tx4#yW)|x@e@G%jViQSGd{v
zo@+sED79d`?pgynzg(~^VsmZZP1Q>lRL)8mFHw?}G=>Py9a!=32=+_X6fOZO!?W*g
zh*UGpn|%R^47G}-KlNc;et8$v`?wzN<<Z!dkah5Z=smd0)SCHiOrM6b7Z>4$PsQgI
z-)^~(8@umqOMhC#t#CZP-xuDTm1!9J@Th8fn0IImBWe{oiGn8ib$Tj>$aF6j69#Nd
z+hxAs9q&&bu*9-o&Qv5Mc|XDLE1pK5=caEu7r7`&T`gT${P3pHPoTH4f6(M37}l^J
znqXmEgB6}4=f~KXsZb(osJUz}d_gUG9RRL8d6%DEr*AhXA^f$J|05yz3+$<AUgFfB
ztCa0wLaGbslxI^<s5dznb{hPCutLthmK4Sl5bF<)PO(1tU&*;1k0I3D|93KQiv8n5
zrY`eDjljFG`ctP;J{_5&w>=L&#m)EBaNe8QT-4}wDMcjYD}R5G&6I2AHshr*1(ckQ
zszxl3CM4wEVyG!8=^Al#xj$RP6R|24T9&z1j?HFO^ihzFKGBM&{~A4X9B_756_&o`
zDeL!V_<xs{^(3$OuB4Bf79UYn*M++t283aw2M6;NbA>ftY^TC2RKE20e!W-3if<&s
z?CTbSat`acR%P4fMIMd&KaR^8d$0s3oNvV(awm|_NFxPXDM7s;O(XlpX#1wv-$UUd
z<<DTk?Gi%4?}rOU&nwCCzsXOH5|*he^X}bcOz_P81ZGpk_q4*wlZZh-(5*Ozg(N7t
zkUz1;(M)_m(&p5n??pxnNFS)?DII>2nu;)NQuftKIOR!^;GgoRu{Q&Mn!c0&5gu<s
zaH9B22ixxw!@RC)9&9zV%5dNQB06Mvv6`#mY>WmYNjut)Q&7jL#hbI1-KI~og#LL2
zek&QgPR~2Lm&T<l88;^IA#4MN%vOKC_B3PvuolhEyE)vnSb^mEmE{|UcFFS2R6JYJ
z+)a|}E-&Syyh-e?RtgIct=Nn-jhhL8wnRY0*CNHtb~k}13!%@&5-xZrghvEb(<g89
z-b~n;tb|O;1MOmMEbf=-;2`$u77wrOrwkt63cHSygMQz0XvCSf(_)})#<=G|<@c_}
zx*!VI%ZovVba#GhkAzED#bM24sG#W)#}6AwMpe#9RO&cvhP@vu%5>I1(3|Tqj%~X>
z+W?*eQ47<H4DPAmIcG&;;1j#bd_T+Pa!AOKVIw6!!B^Nb`GY%Jb1I_Eud38;jZ(e4
zTy`QSXC|$)2$B<i%$N^fV*B8`KQ~twTmBwp{4`L_WQT_W6<xIc()rZTVCzle!D$~=
zr2f(yYgQGzLwRrD&eJ#~Ex?7SPx?^UoK$fkl1K_)Xv9pHxanGMR9W8$lZw!qOPu{U
zSI$)88akD61PLgQNSyqgLSYS>9=2r+B*AQN<jiOxW|~$wAO8x)o7A88=c8}R7Qco)
zo3xfRrIJq4fja#GzN;%T(+m$&-AvrHnt$F%4>;56GnYKI_K1wPa2Z!>>Avc0X7nlh
z#I^e4U3Af_>=;I48k#G^GF5crjMNuc)o(c?iW?=L%2nZ%>A*H*iFkqHW<Gdu2Ng-F
zf9c7~L-?1;tBzOo8{4VhT^V^0B5B*`m!eMV-CYMK&cj0I!C7zpn_3&at}7}&d(bhC
zt65#h4XIXt;Dqr`R{LvMC((7a0mMzo5Z4+QzaPzaeR@!Mf|AAIsUom3XEd0QP@pxb
ze8YA83cBz^NeHV~GICCYm^kH3o{@zHzn6=EX6;_U))!RrRZp`v^9m;Q%_z?5USe;%
z(}cz9<BS!`gvX@KNlO#e)QRjIzw(!^X6NC(e2Z{+{YdRNB!Dg5sBiSC5#0Tdd|Z(<
zY6cmS0_Af*wC<A0PBg5IzxsZQhHYpyJsM75v74*Sl;>EzRotL04qh24n_*==L;BPf
z&s!nCDG{D|>GJ*xR}oMhOzQjM)JLhy*{wukUmm73oTr*ZmDJKCFOT2Kq3<tOp!V7j
z5oH6W;R6;Pb_lekN`~!U9zWS;^ZJ?8vpZU2x<=`9l~4gAPLco^4}2OG{puvPphIY%
zjqzuI)(&1K*-(ok$|It@CZ8JId}Wb2uG$o!93Y8YDoHi!HiYwUj19X|k;FU0BlnQ+
zhO}EUTwI95w6r9XPOkwv2LnZ{&C0ET8gT=Ty|fRwXizI<V<UL5h0vUn0Fi0f6A}f~
z%8j|d2g06AcZbbcZGe%Jer&630N_SG#=nXK(cV}F-S{F{93gdhVy^yVS?u-Mmz4i5
z@uYEmS6Dv!!8iFp==$TgFV!`^X)hoAbd8rgeiEQ#H0$9KtF0v@_-;ibXMP$!*<abv
zVX7LoH_<VgM;a7&-YBff(>KiNw62{g`dwkhUpx5tP$ATZt8Ce(wQ2IT^}uct+tUVT
z_4AzN66)GUt>5j+0QE5~R#`~IO_4RE*{d@X(djlfQ;ftz7Uiz5MkH~QymkH?v7N+|
z(A8dj!-l01&*itjJSB=|N!AtnJ2H2EmyV!L@65=2QdYTEYa`AZinl>jlb5xC7VMPb
zhLu=8X$1^`dTtKPxM=qoGITLsDX4A#N3dUnNz5X<qGj(7cJA+6-L&H9I?whakd@vr
z>Ibk9&irxOQBgN88=AFL<RP!W%d4|k7l3DEi)A@y{z4x~tTEOvLWaGv?73<<X{`>I
z;OQ+cZStdUm!&;qD`iR_*SZ=;@of+Xe+p1Vh`*7t+SpZcasPghLoR2#U0<q)1Ntjm
z4ClVEUnlVaFTx;}IN0}`ZIH;)U=QD`NZ~31uz;b0@iU3hmAjT^;3ZW{v*Z-?|FbQF
zm~P%50dsyrHecI8=?1*qdzq25aNXPM27&5wadTCF`{r#(`gY3<bu{zB%Jp=gHLshr
z^Xr*Q+2rhqSJ~Z_QITwJ8;Tn4>0nko#}b5Q#^GsdD|wsk=asj;o}$y;QbQf<zJY#v
zo<{P~wWZLFEmyN-)5;8+`PuI$=EljpaIVF$L;YQL^Gaq}dKoY75M7Z1XO;Gpw+y_)
z#1phgUjbVMNARuKX8p`hOGUpK1v8DMQd>M!bB9VHs#}_4+GHEwRA*euxQF?9Q-FPP
zZ*%WnQ%^_o29+UD7f{gvkZQA5QD`r4G$vR@5*6EWu?P$nj26l`5Y_mF_tmUfcf6u>
zqW1MFB+-FPU8I5f;Si^3^a;`H0IE&_mZu|1^*9Wnkg^mJQROff1tRYZzZQ@Qoqh96
z(e(ywfx<L#re6sBJ&v7{fLIx7&Lk<z6F0kLnrUH~ztM7CHUMHZ?CXWB_3~%rXvNN1
zO`4ZC`ua<)mIS}o>@6_5N>Wp(dGD$E+=;liwmlRTQ_mV$v*9=__qT0xV75c80!XZc
zA32k}Tgg@?lRQ2k1IlhYjDuKx)w7}CO6NQj?s7+NlJh<r*ba3xX9DM&g}-MojI`)P
z@mq=dwP1bm^9Mdm940_mQnykwxkXsPOrDEIRHz-?F1^8w*1tKbVHA{qbHMp_O4ZI;
zg@St)b-@MdNil|hp?)Y3H0+;Q0@-b?zb;~WZJPVZvOI>A(Evk+%K5+Ny0dv%qpLfN
z^w{6s8ALNamT1FYbp{%xzg~0t?^0P_O_@PU|3usNy*`%d>;uy41<wH|IHAP>ji&Z|
zu6}G&0yXipD$B~$G3adB%I329#e;f!ZkN9H9t)JL$ysF;$U{9S`|(oIzrnl`0_A8f
zOL4^tt|3I2T~41m;Qsw$TgYN*Q08CB4|3V;$UVc1+;4pgVtW1rr_y|6=i#C%wc;gs
zre)mjr{1A)`unEbhb7tN4TU{($?N7N8}`&azzK`-3oZLUc_w&m+s<M|xJ!skBBL+!
z-|t&>e&Pj2gPp<}>2enxHHpXjFNCf5@~HGK1Luao_TuCFbZ~!x#H}p2*f-&ye)eA_
z)of~%Sz=$#Jup}AdJ%7?47OWBm4;!4t<ih}!MZ$0kwlA*-e>m{Q5|~)+mw2~Sq1h!
zg`q3VTXGzAU#3*@*1q2r4YQnb{Kf;bOby_*Bo6kqSY>c8$>$+>B@37FRQvQTgkMtl
zE=H=4wG6?%(;B+gf?UP%A!^**xY>COsn}=-6*JAW&v9uar!NLoXtyeHHJn{-;`{d^
ziMA|B#t{`Ge26B>^iX*fC1F^Nmk8N2G(>pLCHZbBx&Q6#tF;JWt%A1Syy}{@?%cL+
zfWqGN$46ix64)b**n`$wK*m={0GOR)N`=O5t6tMBr5I>aBU87r#=&(cI<w6so!(SU
zR}%O<{Tll`{jl%3aVpdZOobXV%Zdekbwpkl=51!tLez@gYv=VVnee2ID$)Ln#RLm#
zd4=^qcF_l~xWeO57$19X0jr2z=y-JWc++Z~*PS)cYF7$MFyjQlG(&nSEG>_@W4P$X
zdh^@LD1fpv76qD5j?KS2xIeg8Z2x3%$}M?5zC=BDrGxWC2!)L24a>#F^E%nMqMVF>
zdCqx?UMneth*!}rY$2q!e@tek?iHKg%KJ9Gh;)=(tw;9Euax|pL41%U&{JI&5Iz8)
z<UCeNG2-*ji6NDd;K41PAEwU~U0n5JTT;zQ<xzrauk8XgcZT}Dg9{#wuDI!ORSe?~
zQeDlt+0D}`BeU@<r(}tL9_868{VcTN8ur$JZ~9KB&TD@e7!MH321368>M;;*_QONL
z^C5?le^)&B!{i~=eW1(gR@+<C_@KbfaacJ#)xTH5btRkize|J*z;Ps%u7z)!otk!~
zREtZ%LRBeBJXNsNwoXlR*rG{Yky%suV=kN+<*BQ$h={^`U&14$*4ws5b$F_k7daBI
z&ADgq=I!XMpVu32wU7b-?Lv;p-r!}vAFeS^x0+WfmJ|Wx(0M!dTDN-C#7nLaW8c2#
zZY~e}y;E7oQ_8RY+Bh_574*JPx4fbd0=o`b8W)-F9sB9WFrEo<&^Tpd`0vIE;~!s_
z;Hk8rnk(?kfR}X3Cu0E+FF%t+fCQpQWYKph-)}l$IMwKd#aBocfmnqPBZ<nCKWL>y
zUT(DZbIz;ZUQvYaBFk_>`fK14(WNj}e}p%@S26CG*P!YirpqJsP_b=*WRPc~m)!mX
zD~Xka`VaP<$%398;|wk;m;Gf2Ce3tYW-m%^Jw2s<wb?ugDg8hq0`AVokQcmb5B)32
zmQCs}02GvNk;qc$gT!rdNwSr~!_7hI--kD6=9VlN{}*@f8PsGR#_hVh>e@i5N>xgL
z00ANN=1LEt7&-)Gflva3-iz*v^d15sp(!O0Isrn5RcavgP(pKs08*7AMbv%s&U?;#
z&bRaJoS8F|c_v@-A@j`qpLy>4_q#5?q_n1r8kajZl0F8e(S)&C_Q`-{d-gs=9SdK4
zT(MQu+pEtb)6-p`?@o$u_cLfsjxzZV|Nd1s^qfcG=)qI9B15oIx4iYHKEk8@AnHKo
z4>7z8+6#B(irq6^+K)wvm&zdKBJ~gU_hJ<XQ#u#zem_dCeDTM=`}ysqrMkl}Upjgw
z?tiyx$-Kh9@yGw}hy8#5g~vA|hVtbD<G~Z!BOR~0RMo1`g&$Qd(8q&X(o_@7gOkJ>
zrDU&XyU5JCGnTJF-K7JO3>iM2hXSJk;Qx!`!RZ*B;ta3E8)RF%sd560skUV~zk-_f
z{>kR?_vk2zl;<?*D21agYI0hy?l+tl6n(4JDBk|60sitm>Vz3U%<9?ONI~$h<aDLh
zOJvx^cwav{dZm#_sc$Z3lLlZ{R$^m*Z#G;;&(yw+5oTmBpXK37r$9|R)Xhs3O09iq
zL*N`C*XS+g2K&6gAj=>vaT{HmA2BVeax|&meSQF0k{T~@Ta2j%hd`C%vh19>c~}HO
z9Fq5bj(|gqGV>;<W(nHa+&YqZo4a5|DGwI?IJO7me`cdUb_YgX8^yxY&4(KTS@`X2
z85`}vi_Tw@HbLmKAaT{~`~eF`Z5^oQ#1?2%s%0%g<Kn+7rXKA*Z9e~A(HQ$bZuBpi
zE2mB~oo73MvEuL~h4#gkU%_LBNU6^w(M6VS(Z%IlP^i1-rC;{b;}ucYmGsk?0l6+R
zH<a(uFydVWsiB?lCQB&CdUhOdioq@z*^8&r%n@vWA?w#1qoM%O7Y+;dg_U_fgQ7C*
zH_y`N8Q=PT;e-Z85d!j4GW(OXT5fH88gd9*BT8dS5P{KThLVr6!`ELw3-|k?{#_qP
z*rMyr$=a|ggw1&TGAvO<W@sH1Dy=|?wNcqf<n^hxSDW1!*LlYW%`>ew#arE}R>tE4
z7eBZM%8-MO<-5gRR(7Rl=HgwZt*g9N`Qu#|3U&PE5Q|;WKqIoS>Gv+`zkX42$Wz^o
z(p)9w_|V#Aq4zp_SxVJBnVV|OS<Np{-M_>>m11hs(9<6u=BW9SykjH%s?<m$4e?%I
zkaiAgI|H+$0T;d3)d6jv)h?Kth!x{ExpbxIBuR7YbY0Aa=cTrnrBo`q_({vVKbstX
z6S0IU?Yfcr%x2A!I13`0GS}v?QI~LeI+|jFW2gDDi3z9L&U5^Ch1jjpFnbttzwAvR
z)^3r3r7Lu;ih5cfz}xwgd>WQ&g+L|hAR&^1T8X@oVTOxll76Y>X5mLu<bmvcj`O9k
z%)!4fO)Qr$_WT+JZW!_XnIn*!goKDwpa7MqVnFq%k3hsOeu|(*`FqFln$=pPkxMQu
z=>cXZzASrkHKhFeL$|TH0@R>YQvoI?QWBDtmF3%EbN0CJzbl#E|5Nhkk;J7NMLb49
z2ri+ZD_7(^@3<_Hv{F`v+d3QHK-*1vv{Nypa=pZ`XXVO56?9#sK7~lm|3qGdZ5<&H
zr7)s?lnR4?$SJRSKi|=At;V)RQOPQtzrgt5UYv23GrMk_nM8c|veJjZ+E@PQXu}Vn
zpMiXT&Ny1AW|L&fgN)&-Gqy6<%qqU@znOvL9f#cyy+2V<UapVhcxZ7@u3=u7X=H~s
zJd+2tf}hBJc^|x*@$1a_w*WJlpxG>Z=7<1#jq{>>i@U|QtQ@$UHh}u{z2AumUYF0P
z=FzVl>ln<c)Wwg%dNYDTJaYLKE-^kM=nnzz?G#^L2U)Z>OIt14ME$E0DCZ&lg10m5
zw!rwGf+a)M#>R0GdSt!af^U~DD<`@VayFo|2LY_*O`9eL!aClv&@2|ocZFe0O=3tj
z*B<Rt8eodJ2>G=xUaY~L&T<W4p~y9RA7ptJzNhe7s1z{xYIMi^9$hreR3bHXOt*Al
zbjhMDWZ|IbNk#Y|JZq+TAG2h=FRb;>)cL}ib=*I*T!D}#V37ODXbHymBDq~~GbBx}
zb~r?tq<@!fZ*HgO=jCsNm+QZQ`Blfp9k?BUl0jH;u30)1z?1#j%cvE=BN&l7Jm2j(
zO)a)~MDMl8v>i>!=zCMw?hwkGV&gp3rX;v9O(UANXp+l#BZNq4o3Q{M8>K3Oy9ajS
z(qv5-!~%@TmrLS2wkyVMppR5rvq(B4D_LAhX|@K4JhwT@9WhDsT*Jlf6E*jo8cen#
zPXXwm+x(;T^Ih|=PNK0nuJbnc4bU@<H`#qe%`B1vC@fSL9sMRZBm{jAlT|S(DvCyz
zj*Q@OHmOL(J3ovDp105v&wpC6p9#M(8Hl=7`6ANRWk6ogA0O5E7!puH9WL}wGKB4!
zsE;;rhd}SW6Wut=-q{B4bv{H<f>uH(leTr@>m^3ivrM1bnWvy}qm>dc*m^S(&Mx9t
zf6#nE9`G|cRr7vOQT)_^yJQB~JiK85_$s|O#lw#9ZGr_!P)U>k5mD^*83y`8(DFF8
zs^jq{amn?xYF4`M!FiLM(lgg-;f6&ZQKy!m-MOqxE9dZQOV?=gK}3gv1}Z>f#0J9K
z?toiAwLN-Zi%erhOclEKga2F7c5}w1_ge93>b#@yg7uDA7GoA?s&~@@%nbzmk>Ydt
zSai^V=b*AEHIBo#a&GB`Hvsic-RE)N_;}A)SIVrnoijzjRLL3L=*M)+IlGz&4hoRu
zun!ZHo3LCaZSQB_s~Vb{?;3^?{P^6Pv+$uuf<95&tAineyRhAsC}lW~<!`gb>dX~r
z<8y6uq?au0S=6*EIh)Q>eze|^5kqUTjwsX}ZN9X3-^um6ElheZEzhgA)6PZzfpOo-
z5t4gbT5TLBCLM1jH#X<)Wj)TDc1u`J*$<{9>#6aAwaA?we5pJBVo5Pg=13QxXE{C;
zBR!;24QuEd&Gg|DT{Pdi?r4rdifoiuwbWOw)<4;Y51dMePk2b{a8uyJj}Q@3jl1b%
zBWe}p^8S^DMNO6!!tD0qsuDDknbpwE=32;8A@PRGX-^BT&`>)8LdE78opU72v&7MM
zI3A}Mz;AEeJOE|GBQV~ma{SyPtrW?hI!u0`m9qIQLs@+$x^8h^EJQ6!>lB0+Tj5XM
z%8VBqM#(t`$-nlWXUp3xdwYG$mN}h0mYw7Cz<H(@Z9K59SaN#iF?I6Z?a-~MDMf?u
zTU{TLg*gl;=Q;C$37tA9;XNr3Cr+Y6=>2Ne&LwrHV=a$vHY;_XPh(G}!&N|IJr>H+
z!+~ANhlx{wrB!wQ4+o87eeP;(Jh^tLX5v{62`-|jQVOd)T|82qXad!lkB6bx=puHt
zBB*stsPv?}vJtsK^|nKqQ4uXRgi)Sg!tw~W!}ivva*UvwB~|)+F}Ijx^VlLxPOg$G
zM&}=?7H+hr@u;^X?w<Hyb3LinLQjm7e4o+^7taqUk70(?P)G%$E+Q)BkHIMI^%ME}
zlM2yn$S+Htsw+O>P4hgr(0!(W15X`-13HJ-;(sFR270L?tg<lcfv@&2f7Q22b<b7i
z4nj3X5?iFZwn<D}vIpmC2!p(6K?BFrvBsIN7`+Cr5OENee(>C*8XuRrL7x92m$Dt~
z%N4Ae)mgayY@Hk}`e?E>6QhwWA_~m*Pn|BcR}yaC@kJ7!g{a@0iO~q+OSIEO(JsjM
z?>S*tZn3{*XCd3i6jg{|%J3%0i|G=Z5~SmOsd*N7|G_bx9eOtlLLk1i%Dz#L#)Z0p
z2(wZpJztO+Lue*OpY`bI=^nyc(|?`gCz$+X^{dy|#xXIRwD&pHc0(E=F+vLWU!dTr
zx6t6jnP03cA?!t3#`#OKRN4od1OP9yx5UtTQ15Za``)mt)4-^FinWwXEy-xa8|Wi>
zRUP`fDDdKj*aEckF!vH^lv@Unf}tbuxe>W<w(S2dV4R<<7Cm{$%rD${uq4Nl(8F%g
z=%7$%Uc3`LCK)0HkvCyOt1wf-o-8-VkN2Lc{0K=7xKN3ABI4@Q+2S9B*OX993aO;b
zb;3t7nO0e^gyMiGWW9}^-9&fIB;lezcecQ1V$!sgavavXi{%||;#gMPlv|WOFBs{M
ziM?M76o6Nof$2At9oJsL_Tr~sALwS?jX!l6vVU)7Rj`U^wdPi#@<$jo;71B7QU}KY
zi79T)5pUOwDDy1yoP>NukS_YR!@3AA+bh1*+${K0^T;blO&`UMt)OE6cq50QLX;##
zEw^nTJ^Nz1?i4K#mb1-XRJM?l4%y~GxyyQ^JmPKKI4LzQy0+9Ok`{96&9U%0;^5?7
zF4vqHtD(5&RlMQ2u$+e#xXuD>Cb{8Ef63bshgOWKRIN?@P8dfoqDs*viokX*Gob~-
zguXnVXDjk*iIK)B7=&>zJ)PJ)w0mL}n0n*uLpitatI+8{=!s;vwKZZ7F#z}8VuLLi
zJSFD~BQd<@i{W^)Agvb@*vctCMS+@E?#k+7OsH6(@JJHRr_6_Ti$h8nvh{AAf^Ipx
zrK1%N9l?f`0ZxVd2B03ZaLiRnR|{ubVUU61yuNZb1FQJ*){yzdJpJhB@LD#`GWNxt
z$}|(UBZbODxKj7?-TWUfZ**&{hO|aMyq^`fHYu0HV?x#r**}44&B|p128VxKtt^!v
zeV!Z&;ZZUmL4&}{<H0%~GkT@&mgE4p1S579>QvT~6@gw#X!la^F&KQjY<w304{1sJ
zYeLkM%IPu9#H6Z>1k8iV2MWV%Y`?q2`hE|7djq~5lEAN>#)RFvk1Q&_y$SGZm>j(S
z+G>0jWJ%*s5T(lJCB(W-Z6kN2d>PvD)X+csFy2`L<>l@A-xzIPy8yQtg>sEh@cq7?
z_6|vgtz@U#8kcHKbW2UFNaR&MA`b9E<s{d%ilw=^!)z3FbxOk<Hk?_ay<&m17&U*E
zEia!sQ#Y#eqWEcjeGqt*Wc}$=@!+SQyxE*1CATTsj>f?T=_4#&P*hgOn)N1SDR;0$
zqnDe~#QNj4*D<|L{|5nHH6NaqBQ@tI)5wK_G^J8QKk}U512FI0R;$=efsi0HCWq(N
zY5E8E2R$sM^FBMQj=rbm|5{IfwrlUnaT`R0vkdzN-O6mKQ%iF9R3Mj;V-Vk%Spq>^
zDf<l1YRG?Ao<OB$#<ncV6-o_#6iPUG^+UqI6r^O;BC)=z!>ckcc}Dkjb6K6Vn4tM|
z{5f0g02><Pu3w9JzIieYf1us)siQDoQKa{YYUiw}+pbs|<#sq8&@qCyFx;9p;$BS5
zH!_dfZyQk;RFnz5pN^PotE<&-Bn?P0jM_%Q;wW$Cew1L{>N@0zDMIJg&KW83%0I=&
z2#o!@QK`tgA5&)bhw~zt)YPhj&Kuk-j9aZ@dxFl(0ImV#0K*7~;x|!K-t*dP18zA1
zTId;#p7J$UrPG&O^d=rh^)y+9Q7&{lGgf)N7%2Q*I$vQx0&#d>r;|O37_8>ViZ!OT
z`9>v1YEf^+CcE5wILn{hD$&1(LYaw_x$`<TVl{owupfNA+2M+9SYw*5u5PIo^BoHU
zn-I^)l)66kP0GY@V4-QE9JZ0=8_2`z_)f|514&oZwnV2cc;zG4`vBrCur>x$(<(2P
zzZro)?$+%0aAPvHtUT;`RQw?LmUg#W9A;<cnA-oYAVBqc{PXR2JmW>~rUF@1|AW)k
z<`P%8^1^)WiTX$MTXL8c*pTja75NN4vQ`*mEni|7Afqa9IwBq%(7oiH6c(tEkA(3^
z(8|Muw8m_U0zli`5utFNYOipNs;Fm^9W+8zVzUX=K1i^vov7Ld`Vh;BGC(o+!o)7#
zzo_3Yoq)|HLt?|g!-WM*SJI&8ewnpl19p|3{>mY7S7$}ZycDc$i8e2KTAjsqZ%i>a
z)JkCAofKP1ceLmL{XK8*3d!(4HtCg<bE8<|YRf3#$g1=uNoaqwPtG9(sPEFO7vyb*
zEBuj^Zy;h9)?^Bl0=H1MHZCmjovHCMR<aK)4q@h<D%3$_0>;o;o*NUUGAfpPl)p)r
zN<4F2d??O2x_9IdWeX0sI#bSY8Xux`<ji*q&6vUXu~#<$Edj!G*(~fT><;(nqtQ3@
z79mAq9=Qe`gCT0KiUicL=)#)79!q<L?koR-JowxBFRnv%kp2aB4`o4d84xSi%w1MD
ztzG`v-4N@oIhe46!I+@m!`FSfu{u(Jg&G2c)N#B<!qd?yTbDBmHk_*-R^89*l@}B9
zdWI~n+}ae+cn({1vyhR$U$fBJajxBt<!<4M_TAzsI(P-cu}9W)98eZo!zWNw>i0$#
z+n>&F+FvPLpMgjn<ab+AI|OR<-nsruXM3xf33e96tbMSzUN^MZfhPUyZU|v#aYDt^
zOm<nN8i4zc_`D19zFxcAl0~=gpg;=}gbA{D7xtTHkkA`O>?UM1DDAnIqQv2MDPdfh
zW3Eq7n%0}4rQXJIG5H;Wz5*DyZD;-_pTs#;?rm=GpP1|J?!b184$m0xhC?QzG(+Rw
zebr{t?^<RSArt+DybV)4-hl;-A@q{0%28<#y`$OJRAMwqI!)ueV%BRj$gk?MH{OOI
ze9G{e$KQ+Klzz6a=&kCw$|G;QIC>(}&e7iWenCD27!O;9D6OG&31%+~9WtnqMU$z|
znpaCrcJ>c;`AUjbns0}HZtlEZWB#q!vdLnswt_!kUcj7!BHr4mY1@n9f;(v`sa8dT
zAKuJ|u`cQjbnxbQ^HAjIX7A)#jFjL3<!aG}!)Q|x>Y1XCzJWzgXF`?jT-uJWLGnx!
z<{z3%X(;>-`xsUPieonm3qkk_VI5Ma*}ZrZz5}<m8a-xmfN2Nm9r0rWa~~7SHh&a-
z3Zk<bH;)AlXV52G(h#P9WN~E=d*>^2nm}d#M&B8`5G-(U)-`K`D3lE+n=a|^A~ycJ
z!hcxPE7HF)oWjkL%~_{!93^pxDRpkmykz~Nkevcip^&$@0u+5P`zEt1E;JuM5o+}p
zi9EXQOsZ<?;78><TCLKPN1I=gnDFdZ>4@aB)Kz;&VT(kWVsxsJ9u1{C5pt`KZ>B<S
z5nmA6L3saewBv%kY}}GjJMC72JWW;wl-(bxEL`!D|M-cg3Y6qcWn#1@J}MKok@%Yl
zBi;F!7Plbw&F8k`F0}K{3fK~;?t@7O=TaqVXXjK&c`Kit#4OE!csiOzF#4|c>dg0%
zdC=e0^zIa!Tyv0g)gGJ}s8Lb)v|O|`>ze!+i}>FPMLok%Lo@u1>4?x`FI0;kvQ~H6
zD^XfUow{v}M%ApVRZcVvszOKZ=slXwp~8GWqH~&1LeRCXMa&+)Yv$U%V#=3}hPWg*
zGrED|1XUXJ;y!j63t)pe9I0{r(8@jl4BC(~-@Q3iMC%do>&w(5rvtrpR688tE7-Ap
zq47Bl$623RUw-6n++SPOBR4s51G0W3p(UUrvT>Ab-t+T)YE1rN{sWwR(49Wuh%_nh
zv3D8VR-FwOfO~!PA!+g;i;j{)ZgK8dmjT^N%tT;p_h>cGvAjK&$>%W#7RI$c20QF(
z<Lt)M=?09#376%cs38?vXxfDHb`LZR^Zi!WbUSC7a$0xV!nCTD<cOWFUl%{N;B&zA
z(delT|1*-?3R#mp!75els8wDymR9||@Kbq?)j=I?3tW4|>+|U&Db$+eT96`U+Ahan
z&*lNWEs<3kMlZQF`szmE)8D-;i@5rOvt#<!4`?xHDRO>$CMa{hQEpRMV;*9--7k@3
zSKcIVM2l|s@mAJyrL=G_iP2cZ_U~3KQY_+EJO7^6*oe+kgrX`OnB~#@tjWyX&6!I3
zQ`1qfnE>Va3wzcM^BJd56YASl%lD1xtGAWRd2`<jYCre7l{@n~hb;?u+sHB}no%MG
zN{!DhEaU)>KE&8trP%w-N&d;@XsPx-ta?R+Jfx)__%GV@GG_mjjjknAgIl!WK(AUx
zvv|$ECDg&>as97Bnu`!#GopZ_3GLMabuxCDd>l&}s+W&Zcw03Tc%LXH#1uGUM&@#W
ziASYcm+EhZPeXDG5Th}v1x!r<Sfqe5q4d8~hk7AjN{Rqne%HR5DjR1+@PBiFM2YxD
z6<yv@GM$}?m1){LPPF&%-ArFau;}Fk-4)HxPz01z<NUbDQ-a=!N@;5WS4V#zU@dO}
z=F-Z5dTp&vuJgGO?y?b1nccT~aCGm6S8+92nlcT9C8NYtbTl`D#4y-=4u6=pvD~CW
zbN|XGGEuU~py;a;n->bKc{&uVggHo(A~LsgmQN$LmPk3GWqe-dYKFq*P()Fl<*el;
zj?_ZcUkH`B82&N-`H<_!ufK|Eh7Xq5Z}=f()y<T0dwLWhwJ|D3wlClrhN8GH0F|UW
zkEn^Ml-CFDx`qFnlb1Sx|9?;#rT@RDG?M<+^!3&O!*9KIVyH)mGO<9rHe&Jly972r
zrafjjZ~G+ecTkB9yhh&yS3&UDzOA3<tX4>{X8jmoKPdiZ@ohSNu&ABH*PKpmEy`Yr
zYLrLG#(w67tTy`6@4p?T!YaYvU;TH*DaiQw2kVgQ?aBOPfe=TKzGy!l>mm@$bIaHG
zbF8CMns3*k#4NA{a0`-EI`yo2TfcWFXEvTE)s24JcVWqklfZf8{P@Gmp@O(zA0-5a
z4PY`-W6okocd+xJy_6_XO(rIVi%I4^_fmLiLBfXQCRhR+)jC-0+{QkX4U10X-1M;F
zZp)g9ynO@4`vAUtagf6cd#BgYUw-;aEk1z&{t~?rj<~HNZX;hZPDT(VaL&KN&GSQb
zq}+NA7MIiMz-G{lusIpF2j6NN@Ac9wK-o1Hhfh7lr8>AphL`mt(iIHZ0eyDGrAPhl
zG@z(&;1PCcQ&_0w`3^MC{qNyfczGC6v8@BOY{o8<E#ApK{mRHNC8Q0378X8+vE59i
zzX~d`vqsT(%@u#G0Q6FJ9wX_j23hN5S=Z0D!;ae3Ub#78HlkHRwO(P_o9+Q^SQv2O
z99Q(N>_J(oGFKp8Ki|1cm2*hIw}}%^d`8OwJe2gZG$fevpc7|i<mo^ygC5F1jGfb3
zn5WY_968LHLw&I6+cFf;UP;IhwqJ*!`-mZlZUS?(7M)y*Xy(Wn>>(%ag5}K6BPUm)
z9XS^G{Y?(&J+R$`-AhayQNf_R?n^pyJ4UCKGFLy-nu*DtW8<{sdX(2e^J(C~SMoS{
z`X_Bo)%N{5x%e+&jVgQ2@C4>OkhAzQ6Dj*a<cS<J7$|wY(77et$|1eWo`9M04O5wl
zV5?;oD;2p2I0JkJg{7?L=MoNg5oGdgpn*rO1i^Ns%%4kdqtCi>hb9S&EL=$Pv6lb-
zbAX5E`{m89$Zx&kgp?TTq{<XIF><!jZ(oXqMdVNDF*ibfZ-0nJ8<2;Nd2aVx6oxO>
zP?w$$a#R-<9Qo`@jm(>_N^Z!!<YodU$&O~PksXFAN7$Q8;<NvUM5MQCK%H1NSTXAm
zxZC}3+^3~VtKFdCtzNl$&Gej&G{&b>o1}H(r#ZbNX4kg1?3cuQ&jiqY8nKZq*5(~r
z>eBuq$T@9=u2Vge=nse%;KdOi@6mj!97+m>Jk8h3jRTNH_$95nOZ<1VeIcRQc5bIy
zO~Y1w;<>E`b!3a<@rV?y>!q6+yzogjT!yXL$EVbMIfIlWLp0gq$(HZ!AmwD722-kz
z7faErk_Gk&pvF-bdL!-J%g!(`Xm4I4+cPuQHp>I>-pP(>%)(yf#gzU%bSdK4?)31+
zh{K?;YjgPixa#$haw)4ql9>L1v8JLV@+J!Q@qjK`5Qf9?0IxdeJYY(}3M(zcntW>t
zhmJJXCOFTzg2$Adc=^oe1L?aQHwCPy;$9sYN)?=FU!zd%7!I{@&BY+|9nZI3j$h;A
zn(t(Db`NL4WN?)Y|90~J{$7qRR_F#4%_nx#xXTyRx3k|^>S|c~<@=9O`yTzq@(xI)
zZLW@6F+$PS!luR*Qd$=a1#Fhs8tnkjHb=wP(RhahNRe*tiV{Uq%M`cw2pMc(<BoKU
z7s5P!|Hk2uF~_k_%Si!}(GXd6|F6kwM&d#w!qVDj9sJEc7!bNvBpUkz>F!o_hBGO`
zJ@;biobd?=JrG`=7%J6^ygIlM3<z^aFTx`wFUSP$HR~w$G$a2W&uu2wnRB7e#L2F}
zaM)EfpXQ=+>Lgqz8xAuJ$la=yZdiPfS-Gpcgwmx0Oe<a`Mc<7$Q!?o2oIh1yY#7=6
zcjdQ#x3a#YG+rMzSrlK177YII>vs;?!S@cw(H}4NTc5}jKNPw&@VGNV=;a^&*!TYP
zk*9UUwX|-%szR^AlO>3+Q9ctoFpCWhRnWp?CJ4s3Vq=;<o=F=nFI4XLOE`KG2L-Fe
zwo6B3B)qsK9rSTkV5ofRTqk4ixd5w1*LmR4L-&??i_fmEDm;v{$EaKD60zP95bgeI
z9-mng7pYsi2D||T+Ez^Z`lS*AjXcn}Jth~);l&(>xr{a99ef&pZ@j%59^QANWQw>E
zLg2wOa*TY(fkG8#`DWds(^H3FK*h#0<nr0xU5=!`|2#in`Q>Z(eF0*Ud0#aMLtZE4
zqDy7F+zmze|0xWct=YkH$HB6wL;JVcUogpZihLH?GGkzyo24Olh2Fc|RhdxP$sW+f
z-qT%ETK?u_95@gDq11oeT0#Kh1o&@<G!&kCG7NMGuRct;Y_<N>K96WUle8&B`RVS-
z6b(tm;tX+-Nnfe?(xict%|}G>iLnKfE?AMxh}3jIixfrcMRKUf?Fv7cASL6`nZ|(h
z1D~pI0sn~Z>9s#q?j%YLcguU`^lbHPI;(5Gt2$~^0pud}H~`HE##6$Jf!r-4&-Mdy
zo_W$h1!MWx$hiC3i^EsoWgcof^_Q;cBs(4BFf5S6g)*U|&i0k{iOgGZSCNe&RBAjP
zGk3~R$Rv5)miDDGJ$%mH*PlK*wK1Xbay9<^IU*MiM?UX#@-!hQE)}tU)E}Z(5ZinQ
z?QQ<tWtwO^0Zcg_XBv4TOUUn=!A4^Q%fZ0>gL=%R(Hfa<KON=Qh&CP$ns9SC2GZ^b
z7K55*@9atr`^XuR*{kXg<B8kZs+;+CRT_g;bj30(<)(t#Mev;0+9rkh>TbLkVNE!^
z9}8l_NvLITF96>E^q9xGEq~IBw>jra&^;iE^`%~rsj`)+Myu0`+k>PhVh(1m;OUd%
z-zbfp{GAHph&d^dF==|CjH3OrgQ0OFS0(lFQaV5?m;&OZeSFJD9Pq(p-K(7O7RXh9
zGovW5tZlrca)J0}<7Jas=K++Y2-Mjz%Sq;?p1GwKhDy^ApG<myXcndvzY@j4KZ;md
zx9!$j<qIEEObLzf2q8k$xittMKJTU)iSn7}%ZLrhAj+7zm(s+sqz(_Y5b+k9n-mgo
zAsx=d26a;9S4Jhi><b3uWy3>74jqxc<TzrEf2J4o_2Q|*9#S5bd;p2}=1eWgu#`Ku
zb!Ln`vvobS3i2uEyq+a=`W(555L0dYNcLd^-a?XsbB<g4TPrrcz2&nyQIjcOpR=fv
zMuK@4OC4E_j@DE@I_f3=cjbO5ki0n*P%f1L<KuNW*0yTr#@4oL_JAzXM^j*{yKWnn
zipQ%iUw5`)<9apvJQj#0Dd3IG?GStOC8H(48!E;9DVQVTayThPM^lDMzh?b==D)Og
z=C%b_n%TVCW89*$m?N)lk*{26^sMeqb+^KcB%&TEg$ZW`XM4V|3E_Ljm*Q-Wm2X#B
zpQNqVVSlYxVmWx5?a^2aaZuXm+30<!Sra)$#Es*J>T{C+q}j>Winci3;w*^!#Nlol
zU@#ERtE)U&A__1CdIem4Ei@p7D5FX8#x2h9{1eofsttYc4L2z8*8rVLu}gCC#>6lG
zh`nj32o+n5XsH=P`3+B}dx;n(Q7bI7iq$@Tac%0Rvgj8g+U^}RE=jj^H5cXJmiryV
zDVrbGzrc0<8N|EFl-uT+aDM>6A<Syj)PF^PW^_q9Bv-C|Atdfc%aM<b>gnF1>O?mX
zHm<C@6qK5P(cSJbm=TuY%U$0&t#F_DYQ1Z6sHs_B$S06tCqFnHvQr{nF1>PMhm>1U
z7J$f?u9XXkZ*<JGv)mdV6wvhPjQYI;_GbeFySy+F%WPj6G%^FeDHbN`&KzKp-NA3k
zUV^_%f$M#n1R82cEls@@=+Ft$B?+K9D>2P`Fak9}(@48QLw8*uC#}nIyw}scW_$8B
z9|)S=XCq?0(NA(_js6Z2d)IRkI^eP#al=9X4jv%HLPRR^Ceoszo9vNti|H9Qfu1V6
zauTjp2e_rh{y9dCJ;Y1h+fCBzUG8MjmI#uiG9RFpO@F`DaVMemx4G|2py{xd+$H1c
z?N2sonlG=RhpmKNM^HU6;(P~09Zx&<G#U1}=x}^yHW;F7!ogdvwWG@BJ%!R9t`&E;
zQ*UGN<va8WbVgp~$rw)IWw9%rgzh@Gs2!aK!1I|C0gm3%;S&?3_xt|asws1U!W{((
z;yEFldG<N)5_sKi8eNEzpYKahQv#1=!I!hY&MoiAa9HH7AVZ=dst9~r_<(l=TgP6)
zCOT)(Wn9vNGyiE2taW}lNf(Y|lR9)>WSwrh(lop}Gpm_3?e^s{<s@LAy)2AwzD9}z
z15C;ap0+At&Am`fn&*|7Q8;1GG{k@faclpVQX4gF-bWq<>D$++|GL8V^RQ;Q<ALDY
z4t2XTAx*lfx?ToPqYhqOx-9$*cyiaI&L#_)b}{9OVQXmPh9PKk5ct&ES2~iApIGW#
zX9!V3xO@7!$kWASA9QuqxjEU$m(~y)#W}Mx;O^~vyc%tlh44F4L6;0v?x2$@HV?}^
zma^io-GZt3k|G{LU@hZlxP0yK+=}N7t?qCx6n>X2D`34ZMZEp!!wW5g<J^d#64jIC
z^c^(k^2;?}y#gx_c|xbqT65~2Vqf^05=8-3D;4@%l!kBFWCCZ=EqM{Xe{SN14Xd1u
z-utKUd#lhiO1vB91|9uaqvhR<l<&<bHoD*)S44GV^!eq574LJg9q7C3g<RoaLl`e#
z`9*@6jQjsftj_AI$F0elUHQQ(MKI`vm{HEx#%~K3v~Nh(4zzy<RX+t-R9cp!R`gbM
z4x%U?(<<aS^|@V(?|ba;-(KIzZjp&8&wGw4V|Ba81sS-HBYA^H8XGcrPHYG)uUIzt
zk^vl7cPJVeQvivSExAKG1>;3v_dex>N%td&$PV=~Em=}-MIidPZ@r$&v3OlhVXIJz
z1dSu;CM(Vm*?dw~LJTyiD>26qWjHhvhp|0BUFOmr{WF7atz>;i%JS{UiWvZHf{GJ(
zwU;cQ5qZ8E0XY99`<XG8ayUq@w=8OnDeL<N!h36KrKsXRT7tJpybigih@}UO9!3Qt
zi;+Ed6hOM`6YB5MeZ>QzVkTMmLSci0R#_7pFE?}O*r-f)P>`@jI9CLw-*70;Brs<t
zU)QNIT@F~z0|f(^;}S+x<_Gz%rPa_d-ym?we^;Uie_e^N|LcEcCw~JJzB={q)q&<6
zJdtkP|HF4%N@~FGwzLINLC8ov47wA*VAHqB%1@NR9q3A1E{YRuf4Xc&SfqpULzufy
zcjA#lnxJkr7=6rU{js614p&{djw**T>hz;CUMRGt$+C?Xwxy0H6DPi|aXG94!BC~l
zK(U9ZAF-=DgO<%igA;3xv%!2qL@i_AVn8G}BIb#DA(oMOT;O)8T$pBOIPFnjpq`9D
z>1tcgdfCO?fOMJh;0qY;&lkT`CHrxibY1MZa`lh51-o`QzUof+@UJQCvmQp><!g=U
z(b-<yM8FWBSSxyJ%(v~utCS2-c7I}GsdTWEQEfrNe!2t}>#~v(cxTg41ZJAW{2!*{
zk+&?SL~12XM^Gl%-wcY*0T{mZ$u$328$}LfjaP&h5rS{~5lwKH_IOb$GJY{V;bw96
znvpgw*8UC}0t4KHJnbK?JvsU;r~AEHqqD-dRRIaJL63xN!ejkx`>hl%N9~5Tg@e8`
z?h{PD87T(Ow7A}?Kc5|4HGz$?CS|7}W#Xqdc&Js?v1vYifXq=lyAKr1sD%B!itMA$
zAPMa`{o2%|s}32-P;b_}wewK%`1$w$I5b*a&CSRD0`}Q7*=`_D&FC0_25JdOSBpUR
zIYmB;w#tovgJdD>Le=ZqM5Pdp^Y6<4+_q23g^uv;jK&Jd2<7vb2yIcINUaP4MtTlY
zy=4@p`TJ<2&k!UaX@Q{Q=-aPW>F*}PiP2nPv<mc;vL1rBJJLq8z37k+)I<wz=G>)g
zLVSbh<t`Q?%ZzUB|57;qPqQP#4ykdvYou?Xx=gat-ghvj`w=YsB)x7E=S1J0fJvDM
zOn^2tiA~fqHWBPo_oY+MZ2#9mmI&d5+hdXq1Bk@P`~Dfva+%8YxVPrFAcw`C<&~4~
zvoBei6z_AalUX<%#t2InoOLb&%CFoy*sQXawg-PJTJuH7!fkEo(|WyL#*B%OS#=Qf
z&lQVAn`d)g`u&h&VbLrfEnXDnG$u4xKX2PNCXudF;r<j-Q#*{upIFn@($<4Ktk-Vi
zXWJ{kr=A`iJvhijT0<+9$u`y(Zo1JP?6co<Pr0JKta7r^i-o|e&;sK1*Uj!9ac}Pc
zm_8xzrI>Z~C(K`DA$#r<?Ud}Ebx^eh^*huSIICT3fJW%|m$a5)|DvY=sJu3>XS+Y_
zbANn`^VIz_r_1_@OLNIW`~2rc+jB|VfNL*Y6Wo*n0x)y>DGop4qdc6A6HQNM_}(nH
z`|2B6I*O9ZM7uDMr+c*-AKa2XTf{`%%1@OZdr8`gA3++m9)^l0R=x;A7vTLkC@~oR
z(h%K`ARr{GTuj#is=7Ck?-^ek>ie!4(bNSMEjTEg`=fJcZE5HQ9L0IvE;GSSdu;HW
z=)l#^R<5tdaKXiX4B!9YzMS!Rw%a%okdtnd*CgM09qx}axi-~bBfbO+rVXhW2GFVz
zz(9n=n8uj|UR*6`)9>Z?|E{>LExxV%XFy$Yd^*K$lH~K^1@{IXBu&zx3S^coD9(sN
z0+$(lpJJ}&qOod>W-Mn`mSEp#nrH4`(Dw}mZUy5eqj$!dng(j$xE(#3z_&|=Fh_z8
zzb^*bcX-1<edaW#9Dqut4mx@elSg(NyGlU~1E?>{Qda+V`sGdOSVqEa6HE^kRS^{e
z5Dt##iA(7m)hJ1%<Yti=rq6{=W=Zm}wJurNuxwW0BA0D8eX127_2s|T7x_DTNGrcW
zDPa$t*~}w2y2GB`E|Ge260(Q_PpoMEcV(N0cC4=cU~spQSEcPM^wdu`5h^zCh7=ow
z9NAS~3}e<aR5weP@Dna{KqDKQ2fiuJ(>es_YQ>Ao?d1R%eOvh96TK6okl+YWada2a
z!%V=YjS9`4p}j@%**!~{B+Y!do61*HSP8N($iDMF4O*~i+;(X4x^l9m;ly(qeUyYW
zH_`grH(Lb8<0GF=Yd_6(jv!~MVmEDD1oBnOkQ0)F?=?K8p64muP{#O5V2nAcMUS57
zVoGEShKg_D2|e&#dP^ihx?$Do^tq;U5{LLW@qQ5@*bWx3%TM2s>M3tN3(GQR6k*{>
zLWXwWi5QGQZ{Ck}6&nvj`%d3Y@q!M!nK@ZUxVa7udJSJLkysG&jg;rJ-;Z{%oM0C%
zOH4%TT1xLqSG`jtxTRxvMYwS<EHKX+{VEDqrQ-~foAr`UULP7n{+XX>AYMCB;;4x+
zXge{cnefnhrke8<_1)qvdI=YtxcbMTY_=_J!~Ch2QYnH@go78g5o)ak>qqJA&k8B5
zJl^?M<gwbV1M9;VCbhS3|I?|~UBt+4uv2I{@|463bg6_LK-F@_{AV8}3u%=70Y6Y`
zvLi2f1sK9`xU38rmcLJtPJ`#RwY6Htp935P%|4J4>WfnDP@+Hfw3`b$g!X(0Z8eHc
zrFL~y=BTa~jqO9L&R^UvSffyU9(&<GJ#(fT09oNf+2QRV4y27pOr0m3xP-o`>$Ma!
zAVS)0K021Z`)?<n{!9)9!rA2vnMAsL|F!fS2(q^2sl0$d4{M*p+L%v~A!XA+Bg-)^
zdw2IxgN>Kp!6k>pDZFCxr?ML}q}qpVNiUWUxJala%ENA(2b*<lM$n0_GNGmbxO@(~
zx%U&@R$jxc9tzKC{)QB7q>B$c1WN1LoQ?{ps(J7-Ras4UrazY!rBG^=B)ODysF^Vw
z{OEXHcgCUrthvO+^%;1@zOelC;V;{#<t^T1h)Z9HX@80fT{y}cKtdL?iNXW{;=vLt
zD1*j5cX-+jgl1XAd*(+zD#_=4W$C!2JAFKpq;qfmVBP(=`iUNyV)`h}i`l&lk{5aq
z5Lt4ItZ@BHG?M$oW;a3TQrfpi&oQ{2!zp5Jy?1h#oz{ZuDi3ovp4$Q(WNX2R@GZ#R
zcG}9$rX!K3`FagcD;6f%67S<ijtdjJ2LWbHmVqB-9;v03zYj*g$O-_<t<iEvpDALY
z64g!lgL2+ALBcJW1(9FRP3(nQtiwXSuC?Xhp-juglAYin!eGD)fKW@z>rC--FLj;m
zD9#Z9m4$I-yn?B|1Q`|_;SohBxv^-m{Cunv-a!H2Xz{O?V$pf9jk>tQ(B*2m1%Kn_
z*k|yJ$-U|kub^mh<EeB7W3udzk6ICWjvveL&Odi%3V#isMnCN!j0Rr-;SbKY2|1s<
zwwM?wZ|j}1lGV=@LfcI%8G=(5qF|Tf0EFrcY9>aW&!SS>#83ukW0rJBM84g<&q^{Y
z*Q50Y)ppMI+4?%PIjmDSi;v&N;y0`bh^WE;SvOsOjYe;a`tnfo*0782c;jLXm`Mvp
z8`HWLwan70#<qm|OMvsNVo&?P+wy31UOet51n8?q9y0<>r;H2OVaJQVj?@Kv_ypfi
zz?^Sp8c%xp<chS;+kPe41`eE*n51Hp91nsLA-t(MVs@ZeAu)(@BKa8daO<}{X5TXR
z!6_Kb>+79+l7;kDr(RgxV}xe9tt=?dc?hamwsOYf#U`_@w~fp;%L}&Ktu<>pF4<l8
z*v#$L+c3Ef3ZOi${oYy3bc(A{QT{wkx`$2{k;oX1x3Z{g=W7G)b{G(OwDfqo)vNN+
zwwi9jBPM#J4I%d2*x<Q<a!#Gxwe>e>LnV7Hyzvjo0j^mNHjR#-#hTlAV!A#h=&w_!
zT2qSz28=KqII_j#%ghJZ!Hu(o-%(6TiVNb}S~+8U(T0?0!z9toVOikvys`R|H8nf8
z<Sp`0y7OuFec?H`csI4~pbsI}<IbwDL3EB($qptm9VO<^FgPC3#P$SGPHf9vD}jL!
z!PO<63_Oxqfm+t|{2rP-uG&Emt2I?Q`%SSD<84<CFUyz|&Djzf^PlTf+U+FMPvAb>
z>bW^>fR!H;(Vvq;vznA#P0%eeFw793dGVswgOq6m6OG$qt+lQS9oi81HdV+!wRuqX
z?lAf#>%be=^O~dy+K?YcZ;YJn{*heDa3YDetyh~Bmv&H-)Y(IYg*i&zmf2}3W48&)
z5lIZLR;zKF$J1gqBf9aH<VnK-(Po~qF)1UoTQ9Rfago`YAz(9}zmMWm{7r%?cQ6s~
z)w*h4nj*O!ly4&}DJnlwSQEM8Q-AuzoX?Mp8;s)~-cj0I3Xqi*s!k7kM=E^szNOS6
zV9dO!s%})i;QdwnRXeo#*OrKPuW6!v8=E`!nF-TK{U6FVz2(h7<L5ANM9Ln+nz+DZ
zUKSRtdn>eKnm%DGVTCVdcjAw(b?g}w`^C<1*!%JMsIA>6eSiY(lRP>yvOfP_a&CZV
zd*&lBRgfasli_4pl_Wbvb?j1G+~D3xO%OmI_9M>O@b^5;-efOLfk=0>tSnmF1Pcc&
z#H*NHxvb|-`p_s-m-eAr>-KuV<z(>G!{pb}Kdv1kZ!XU?S~n|wen9mv<ot3P&8Mzm
zX6!4x$?lyd!zr=**R*{CkQM>xLt{YFl^0lu*P5=r>x_z(eGKiQH?-CXs_|*_n0Z{^
z8FE+QPOh9xvro$!uCJCDu()r&$+*+^DozQ57uHlfr5hRNKLtrZ$}*C8*i+Nzkpz24
z%61Lao|c}%o+7E&l`tP8$u<x{zl~o1@udh_^SwI7nz07aAcL|S?^HBemo;W1Peqai
zTed?@_d|JX%O=-r{mFGupT~=x^t1VPe?>q`v0kt7=ziFm=#jNTJz(#rdC@$d>|cMn
zNfkeo8V*In_FR@~-@9u+N8PY=FH`biw}wEJ7L}eea#D8*mHo}s{qztf!>=2?zgC!o
zK=LP184H(fPwjI?FC>G0w=AP$xkv2l)Q23(*aG~B^IJm*zoFsiN(F<b#qWZd5+IEZ
zlWN7$LRrq{zjJyWwE}ufRW55O^$|HEFmelDiU_Qx9TbJfl#UA07>x8k>8nv-ZtUxi
z__spU8XZNFrLaXI%exr3jyU&6p=KyLamRlJjyTpWdEW2f+<0f`&inf2QH^1eS8C98
z5{>`#eR2$j@KO6*jX4HpRjObCLQQL-0lj$`EIaZD#-b?@It$(u?~QDqVn!w3wA}q=
z@{S*8iD@Ncq%2nVm`Yn&-r{&`h77!$UCUL9&ITg76VqBW5J>IYs7$o1j9+Z1V^iCJ
zMFD+%Z=xZVn~c^-EgbG;>2pK0?E%p-KoU~QM)WPMqj1h$uOlOp3?r)9k9RnK>qfih
z?WJkvC)mwDLsa8OXIbpd=Az!;g77paI3P*d%<WBGY^4ZT#Bf}3@xzVu(^hLb#>#}o
zqEs12pav@ijyc{Wx+q45E-&l0+W9XTl%<z?%L@z3*K*o`dAFz+I1>vt3QJ4s6B1+0
zyMTOj3)qnuidr#x8zd9*we`=${kQDn<>oAe4^Wn-rm}a^=-15SH8uQ=_FjcmHObY=
zYgt8=wlrXzoiRYWsO3BLl2=6USSaAkXPFy(5+W+1Y)~jD0HWnyfs76H7xyYia~_f=
zdavUh8k|kE-&o90Zmysn=hAb=*4NS{0@RDXn{JdWq6f4ZJ;LGN=F4XxxXRNcY5Rft
z|E@d$5XW)iZ+gDHlJRI|KNz`4?K(SZ{y59IdfXHi2rju4@YHCi_1Y`S7wj03uJA4k
zgCsgLYGK9yCa9UR34U_=ozID5;k;J-nCI@Z_&5FAjkx(aMdP*v5>z&>0>7-t&Ik*2
zJwQKcktuLbaXDH}{ds<<*A9PNx#*U(lN*oVMG@#GwHqSz(m=;^$}htKOP`*%$PX%n
z-4Zd1sY8tz*&LNq&%cJs>K~(Np9rs!p@y4gR)_+lDf#D=hmo2&$J20!Af0ilf6~Qm
zpFGdZ3VyKBv)2`YGNN*$>Xh>>mn8C6`n49mw9UF^#<z+BU%0d?F5fSBtQQ)D@-}1t
zkj3;;A)+2Kal19^O<PDc<LjrRkNaoL+&DP!o%d_4fZpXsWpaWR$#68>I8Fi`Jx`*o
zBcdLmi`@~_-9o#iy#D?`?<N~caH($Ap}5(RYfm8D!d*25w4DBtLLHVE2d?`DX!*4^
z324ihX0gX`q8K{6IP*{OiWx2)z$}Xe8yej>gFCK`ttK<xo!nC@mVaZQ%j2SK&J@H@
zDP=?z?eGw~w(usn=by;do5aS4w{jwUl59>|huAQpRgC-B#?zat<U(#rm?wG4KhdSO
z$_s`d=8`8hrN*0<h`&3T6*U4cJKch*M3@@<p8H4u!T}PH!{!wb712)7hvSk5xQs2p
z;P1Q3`2)-h)DBA3Iu_~c+a|MN$-c)Q`#d?@et)yv!ddi!GolLGAB5lNNMnyADgyNp
z?&Um}Bom>30=v?+9KCH6tHbwN9x&#YjQ<L>MY)sdnR(-690*`!m+i+s=`h<EY0&%R
zG=avwL?J;kywb+_5y%sGn*2HI%A9R?R{$lRgp{t1%PxvTipf*@c^@jW-_5G5QMS{J
z>KGNScL-shXMrkmX1L@W%HQOI`G~3bo{b9t$|}0d*!fg;ci5j9Y88+0rnl!TiXCq*
zJy{GQ_6+9yerJk0H!qcTy|vrcY7++Xox_&PGot@ayoVXB3__cTJ-fsk<FxST^0&I~
z73MD@9YIrf%q)aV6W7eZD$|>D+9V2KEE0TMUKjhe5B+WW{hc{OdmIWtI>+rr-O(?(
z6dUS<xX;K-iSM3F?L*x~rlklfeZ6-(Go}f=;&{W>SG~tfGAg=a87ae#M(Av%j84of
ze!eptwDO3u^SPcmP%XrqEMiL)9TIjqxbEbGt+$@$P8-<)Z`v2-txeL=*qPSSs?|%Y
z`qtT|2_nzb*vQVUl_&jG;*8UfuPI)pF5eI<vfUbWM{BMnsuGEFh<S?AYbJlRtM$?q
ztoGx@-`fti@)vC+#O#JBE-lx`!tR4>7*BXg?V2f1fLj8n8x|?%>~W%*<-BO!7cLG>
zHQtX*oeeS=!|oI8-~_MFq4qs2nQfGqTk_@*8K0%JdISzzG_=*uYCfoV>!(=e4wtnY
zZhY8h`|UGTB<|T}cA#PUV5D8kpO*svX8e1RHfWrH6)1xEq~)+(u-$T=a<rL86~CV~
zksDrk^zXTWN8(~B*8OJg>0Pv>)Y0v7kC))imaBMld&Rr0xx&oaxpHadpbf)J=3r=d
zEQ}8Y$IlkN7nFj_-Z89Ia7}OO+!&v}j<*ibO1oM?H1IT7gwCgsM(v0SlrH5j=6n24
zl!>caM8R_pPL`QEL6vr8d6^qyJ77gcUY%<DBBLVnZW*H$c<$EFsPS0P9SfDcxO~Tt
zbO37k*MIgOSSGS(e!I6Ll?z4b$7)GIE`Z`B^b37mSxc+J`?#ft82D#vF%Yp@ziFs4
zpkvz%K9pi@(x1X>JcORM_9e1B&Q|nsShio%wqSUfPcywkiP1;VQoPi{@+gsdOXiNU
z)^QGxP@C6xHMGC?@q|`{fP}aWM3tQ#i^zjYp&W#<;BV>a7g&MB*ECx++<!7AJVOqc
zz1(xC*5~eaHk{gXe(V*z=gwIGQWXmcN~<%qVoRo3ca?E51I)*|Jp9jkj6tF;K=J<6
zMT0W9&x`Q1NOCh{j!bE(PEZo?8I`DkHki+_s@DT#3>C!DlxEyP6O)d?+*@;RF~HDh
z^(JbXM}pQGiZ_H^8{h0g3>!sln>I|5X??Z39DZs`2qbg|3Dq{&H4=uPqFeg6>*_xp
zA@|yd3%h9kzslMW7~p1Fh3b83?WD)?_rA1av2yO}jR(mGYpr;@oz*7+HpXpNt8e<}
zhZcG^x&3rV77drH$@52NKjmEp0L4F58}ot*D5Y8EG@+fm5ZVFqT4|0<>y)S_r3n!I
zbf6UFCFcPUlhS*}Ff_-90Aaa<sG5|0Gr#7H<%9pOusKZ%m#zg*1>L-uF>bS-vucz?
zsQB`{Ssx75sbv%26ahe^f-WWkf2^^S{!eBgYIv@&;n1^UIqJsu)%u^~e+P4Rb6#dR
zKg?%ln(31=v3r4jpQcU>7)M_w2JH;y>%SUa`OQP&e@*iLZ`WUrvM+HT)}+4uPKz%4
zxfynz{PV9I;@RXtbMb*w(o13OpXI`Hl6bQ-+5X-vp_k@a-U6u^|DM0Jej=u!dPuN1
z&G|{Rk#pcKz1KE!P>nDS`QEdlY{5K(%9Or24<$o9(P()CQz;Kpn!zwFY7e1T{Dkgd
zwj6c`C-_+;LH%mv$DQ`94SB3(HD{0M*D%lN9^9}!ej$;WN*GSlts#-Ms@&AxVKoy(
zo;Zx4jFSYySU1FM_l)!xUNPF3>|_{vjxcv2UU5GVK5S#9VdkC<N1One*3p`EU`uxK
zMg$AXMojrK?r<f28YPH4g~xbH3{u{?JrQ{)7RRh1Q&VdTIh2@<>sTdM2eW*I%9ZpJ
zr4lmvI*=LgRsS{FS6w(n!Lza4t}ln9Q}u&@nDGZEv?D-jq6!T=&@ZcA-12xpUZ{Gk
zv1E1Z(E2~Pd(Wq)6E=R=XII@t1*Ixg=`|psR~HB+K<Gt6lNLxIAYH1@BE6?jLY0z0
zs1hI$5M1e@3IwDhy@ON*)IIslJTvE<|KQAdl~;L_WHR^ty|2&pd8EBJybHip8i#Tx
z@K@w}j2`_5-#V9u<%e5jpc!>HI@i$fzymPh)2nYg6j~L7Qk!frVxve4+u`wbqtR^b
z{lee|8}V)|Ve<3Kfl<{oX;E0}1T3wwiR_qTWxvaV@JatACmVE_Y=6&YR*lmu^I$lB
z!9PpbYp0DoVX$ck#xXNjCcdv`H}{^EgV@e}+PW~Ey!k_{KsfN7Ud`qtlr7R#{!zo~
zXl<BpgD~MCC%tD_0WTe3h%RqhMsac$WhJ;}&-B`7eN$OHe15fTNzD(Si7abF#09*P
zc|y3q=wX0zTGhdl!JIz2gR|uj%ied_`tDk^-2&G&`CfjDaid`qJrFrZ959AtozH6~
zCtNCG`2&>%g>m`rwJBw1@f}qQ=044-n`a=3uhgo?x1pB84{SLCQI^8{vj^)jp{_vl
zW5Dp}nX$8#9kd=9a1LwJ$LFCW<QKIjYy5;zjEx92a&zjSy_np>1jb(kF8E9%(Zp?L
z^I77gZoe$zxdOWx+AHl2D}zV81q=byW&wc#!(#)TfwF~rkG<Z@f%dDbPF_iC9$@Zf
zjuQ^^n5c%W#bqw4s##m#K4m>T!adGx`@&fZD_uFq;pGf{*~<{YSe{Cfabh;TJ-RS?
zucmrLbTfg?IU?$tz<Y?wbXwIgq<P<}G3`cA<8Zc(j$3FHLrO@AY?SqF9fP=#1%0bE
z26Ps=;!iX}9@j)3@jBx`fSK>>rpK*@gt^V`=c~m~N2dW;@1XbN2C<WWDo);_--&XQ
zbu#eCJS)TzQ{~j~MEQ#9&%9kWo_5OssG2b<cBkeJMZut+qWtc;9led$s<L2!fW;rM
zq03thgbvYKhb6?tJq{21y01+Ni8EK_4%`o))^Olio>v$?TzVc{M+8{1k!>gB_u~|s
zDLvPXNse;F&Q|D@J;JyCFIkD2l^SYw`#0B~Rvewg57E)LW16<$0VSoq%@+-;DT@4F
zJEfSVzKV{;9nu?fVFkY>2YeQYTI@A?DuvkHk#d)BRge{}%o5Mtq33NTNCH~i)&2(h
zZ{HXi54g1wyeo}pJl<+qaI`olU%7+pL~i){LbZcPaZ7q4<n!rlPFX2g>P=*3mQ2+O
z7uFtS<^K~p73s!WF{RxwfPd~WV`CH{T+Qu!ecPBU*?uaSa*yV5uS{M4!6)q7Y{NxR
z<E%F23`v@84s4TdZ}i{|W<1wc;8qC_UKD&ZZ|iHCZljQunm5vV>|k^=_JHPe2)G-p
z=Z=7;i388OKHZ_gPxJf&D>-#L+$3WTbm|)I7<ctuT5|-Y9|y#Dv3U8DX%3%AXMd7c
z5#Y7wbyarTj%h#MPwesMgGQP8zW;i<F08yhdekw6gADj1jP(e_&0i3`__>u290OR%
z-1J%phZmG370cR#4Kf*8t8ekM5OBh01-<5wRNeV6$?luiUgYMxF0{LWdA-|a+@sW8
z!OW4WFvt5BYHN=<1}jN5xphPQ-#;Ih)pM^n$F(^!o&NG{kKVduD%QbIoV~igdadeO
zV`esO?xCU~T&E!&`Tg>qxReBSYfId_papv>4cv0{R;Wy?O#*AZMSWCzv5~uL-VG4j
z-RK)faMD8kQVBNwJPpqAowvW+6NiY)&)mMHw@C9jT%0~e{HQh~;a9`$1wKnRCUITM
z#qU;=ZrMWZ<ZLw($L&MH9kj7N&4At-s=IH&Gb0oZU7=d!rdSv989AGOJ4;_*H)Cl%
zw>>Dx&kgiby>H^jTuUo=!?OJdWeA;Vv|Euvw8(}-A%@H5mBhLdVw}DyGxG~ueP1CP
z=8Ib399T^2^*c1k`H~6vcLBnNV73};!>MWJ`TNZrul+0U`k2CSLn)p_8xmXAlVTk}
zzY(E7k0aoI$ka9}7=~IW<BG5@VR38jDUu7}ZG*00b+AkaXA6&jOvjGckGRSzT%lR5
zzbw~=&wp;I$yd}3epw;$FV#h*h@8sE>Zp9Dr!P-JynPB_)+dNF2Y-oE)130cff4bA
zp@J?;rn4G*xA)wGB?V@TYRvnVX+^t;Q<=XC75pej%A<*|c)Xl&tYP}T=RK-)iGg{}
zSVQ)bc60KJ2VV>2Dkkr_o=osSxxCKaNkwZ>(-eoq;Vq{5dV>W5;K%uTZ=RipoIEbH
z!zq3+k`q5C6{krnK65<_ov|zFD=_wCl+;cckq{IB0#60`|GUvvoBtxSx=~`@cB{j@
zgo7fhQ*>Pi%5v>`3ur0U0*Ew+8wuL1cVv@<IW{G&%}u6=1Wz~fvi)OQ>jcw}J_-+I
z+N%mfmbAfzUjsOLCYsfh*y8jPKbP)f<SeWQl0<uXH2wLbN|Z-7@L4A^(t8I|Km(k;
z#hSEg7E@68*<V^s33m3dH!ipJa#%iq5$0URn7$<3o=x@2gTU~xR98z9Pt>sa_I&}N
zY<_Mf4t++5Iws6WK_00ZWknRKGtk8Oz?C(EnlXi5OdnjJI7s@!+zYlw=M+T^c&Tdk
zhSoraFxkm|(B)!esv^K&&jAeb7)!E%<)#${*D_mQG(XQ{OwpU%TU3v}_~jlMGqp!m
z1PV0;+83?uWSY_wu?FChb$+;@R(Wb7S^i4!Jb!y(;TsRWA8;Nh=OTY9@Vw3nhOqdt
zWA33KAvYEfQ_f7@W5fxUE5<Q%ic1Kx;Ns!%jICBCz#Vn#o<Z1Hnyhb$-WnWsx4w+v
zUMe7G>8?+a9Eu`8lf_JX_Yq<2=gj`ftp#e<<4f+AOARUf1EURh{#kA0#FnfR?*t;J
zPp~At9{0IRW|2wxzIx5zYR<{p*8^uJPCA%z7<lT(blYkSKG@hGbwnq2%N$fuF5dE`
zb?$LsG7DZldng$!gcby<+yw~1^z7uMOU8f&$i3kHfK7lsO06S5wFFS&i`iEuf1cFl
zRsa&PaBYLJaR6SvLj2umQ#;d0EiQd{KPIMg+R~ps2_!hDCvad{()7T>QuMmeF=UI}
zW#2=uYVN}cyI#k1wQ7}{T#cn-uQ?hYR!df^qDD-(#|QglWzdP(+PuI3!Jj|V6cdxu
zEo4+F`R6tdZB28RH^<8jt@hIr%{LTRCy@NI;0d2kAbMPWPcnNmV&5LQ^?o6Dd{Zxk
zhirCwzXZ}YHxyKR2aqP>9GRNolAY~bMY&B{&s9{C<ftv_U9}tzyPTR3HpDHZo%&<H
zW==q7rNWfmJJNKwCCB`P_1^Brje1u4o;T#a$}V<d56691)Vbi0%5ngwvp9$|AhXKX
zaV%}#!W`7qbP>EskhUDmrtsOs+GKAt$L+TsA=pnP>`_Ps%(z3^e`4gn8gj%xxQ@rZ
z&CF8YOBOoX+G@R?gwqAA<uzUl;Ox8j482!Z&i*|-W$8Zo4r!nmeNEBMABxLIQ7fPc
zM+cfz#*-fJ##Xu$j>e<4--Vaoe;+qpg6|gY&1~VZGtgALhf~Kk>3P|`JQZYFEC&9x
zrbRw{Op83Rk?N63E+N)TTiY5SXAWhO@P?V|ad@~zsO@iXkvHZK74{LzNrYf+n25q4
z6%F@bg2Ya($jsPv>$0povvp&piMXpUE1x-QW8)OPrPVmaZ^yA<^)P}!W`B9PhZ!jx
zaw40D-s$U~NITO3eD0g3q%_$i1A9XD#H`R1XZ8pqIYwjxY|5KBr1zi58C%uAZm|51
z1^Pc5#Q$HQF<XU)O`76_&*Y%#=bLowOU;gJPoSYLy=!$sE2`gY@<cVgq!(2XiiNu{
z)u89FaDn*<zW-b0_F}OtDAeLKa!a_mya!Ov?wS5qT`%mf_KZ87b%8RPt6Bb>{pQPS
zm=upLB*f69XVqekt<0iRQiPCK%f8>Z`w9UA{)h;otJ$_AG(eMA4tY%MfrW0LfZRY~
zZ6XHNZRx>`Lvb66gPITBJ+@Il`lJMZAAI-IAfeWH9U7YM+#?ym73`jUA6ymsxFPOw
zvXcca*i!>%;GGBE78X;$z#4(;O8?a55(HcwzT*nt-nb+6zXkAK{D<b-g|m=>YP-K*
z;a>H5{{ClfH)>8;!is8;+>`yw(nD9tinJLav+j6yZvqs4kLTO%ChDe(H4e}AKAFO6
zmv!$sX?<qk<gCC&Lg8(Pz$s9s;6r4<wC?Pl^<>u6M(&03T#k&5Vbt0m3bE(1XO6ON
zd?9ql83B?22D~nqbL&jP`2e1CU=a#V_OWKOF1LPDWW>4S<cAwOd!f>9W4bZ+9^_Ar
zs42Tq4?ns@_@;jpyUZuxxpiEe_oQazFQ3vXic1r9T0<bgO{CPR%JrUU>_SC(Z@`I!
zlSgYG3ElkmGgaJc?qxR2{>i*EptWeZt<ZiVfBV$KeAidhwb#e8P+=g)ya?pggBMzQ
zIngLYM~S698+@}ke(3>KROK)^o>87%tE;IT`gwD(Ko@<{Tw#dHgwQu#;-~|Qw}(#-
zp;R8VU#G^&9&Us3W@OSwufKxvJ6YiSheu@x0tD0EQ>L3u^)3};k_+saH^gsl4j6ty
zznm~UP3-P2vf8p9o(tfG)}jbXP)s@IIC3ZX)e+b>bbuu>T^P%?s0B`^#fUNpuNU#r
z>$c#63-+@1A5v#JG{K7zEnS}kN4HP6CU(hL#~Td+^V#$J_6MgAJ_aotp37dUj)vJQ
zq2@=cTy&~)GCQmS7K5LzKV2>Itrhp+fk2qU#PwqI%VB!hJyqpHJ!qi5ZPrS*@>C&6
z?7Y4=UqJAuHE@unBG19I5Zr`kX+4pb8Jf_JjFS~7<TlG~QVFn-y0<rE9oX*jBD)di
zrS;nG&8}gL&4#tJQTNK};C}nZEXoi{y{Qk~RFQ<jC)^L1NjzG^kP10IUqiItPea$r
zjT7_!w)M0AYh9?S3u1Nq`fp4K@3|B(r*z=mt2}#=+GTlM`4lO*i;zbMB+S$5V2TP{
zb(4=a(rpT&Z5VQ<r#rCpmZNoGUToD4N5g`Dqk9rjGBd_v7HZbQscn1#7z%iNPpMf%
zCdY_~(7S~*(-|0lQN?{%(M3X|v_!bKbKaBBs2Ul`84MRiFAHdsFUibpTC=NlRaf5>
z$A~ox6qC@`uZ?^1cYsfxE+qN!gh8~829xKjJVq{qs68ii)Oh$+kX&P=l$@z|Eh$e;
zcgt*L9@rgtv~J@1e!cBtgFQ>LwP6HFyor~`7WKJ%Zn`T}J$3yR_7l<bnMiom{Z|Kj
zLR|w<dVSouBn8c;CrGA@bcL0xBNVBT5J*#_#Y9%+g?19pn5%O8;ivEH+~1JzM)2+O
zK33vXg;esjg~x1L_LqNNT%suaOJ$M*GnrV;32YNOQRl)tr`TerjvbF1P4Rd%IWsEm
zXe&J$xf}Mt3B@I6T+4{Ht5<g~GsI#n!O}tzdBy|jA1cCu&t+hHkZ0}VeMg@~eoa`;
ztjU$}Q)QWEyJN{q_T_UnG$9>JknfXE#_}<WH1wLoure-bYb&kjwfqt>&FG-0r9msH
zF>^f+iL<sFZAHYl^G4+wHN4ARW$-e(P0Q+&&tpI+5YO;JlksJytju}A)pM=}eg0BL
zEbrbr>G}sdel_ocsZ7m+b`A1qSpIH9E5v50;z&>Bw4vZ?so4lWyojV<Q$6UmN@4x_
z_291zv|DT1re1Gco5Uz_2Kf9a-N3)h*}{HIK0&B5F%zuBI)KiNRC-LCKJbr1{#_o%
zTZTS;Uv)Lf=dx|?Bgut&^aVIK7<fDfO?jIoH4nwKrGCO!cu4$8PciBIWe+KF*sa_D
zkM8g}?86@;{tk*`tOMnufV{kI^0?iLFZyW0l0QHl-<HFmmw5R2ZQQ~35qa(KOsd+<
ze>Y#qeiP~;D?{8-I3N^(@WK-E7*ir-#4R~7$=#<Wi<A<~e26X!iSsiPSyv5sF9!xn
z)hQ}r8d0VwN7dR`;d0&Vk0dlsHjcPtTB1vO<-a_!(3<K+5UDn;4JRO9K{=-%dhR;b
z6<EOI9btK#{w{M)@7id#Ap7I_OpLjjEQ<|jzEbW>*ZXe*3(-!~t?ZWz_XPgEadU{6
z+u9gXRCN;ce8W-G8>xH*Zqyl!QqLT!(q4f7>HJt%4`#nbkL{9YeJeh;b~lOds^bdc
z^FA)>sXYQbe3`y>2TR4bjM@`g4=4}c658~KP}Q!2EDb*l2ZIkdC>N<44E?gWG5wwm
zSr@amX$VBT1+XsKiN&in0s8W_p28-*ZBfMDmz^FQAF7KlPlr=RKEJoO-6c630VXdW
z_5Nhr*Or1G4K%~!*M<|XNqN3HcXX=F-%c?cDY48R^jrXCtxFHgV-{)9B^l1aJy)IH
z^3CSzLdNXTi>w$yhf4PxY(zLD{C-eQ;|OPYl6_+0+2#2+FUG&3C&4Gs8fVF#FRKkF
zf54^yv31<!YKJ#)N^&No6<33KEj$*eS;{T2V1CvDI!&(F!*5*uwdb??{8qez=5I%W
zR6ofE^i)tNJ6qa@h`O~t(I-h7!-x6h1;92##kxPgww0-V?J8Hb9%NGFsYuyyJ@5&d
z7wLh@H?>mRLnsLB+~h#^azNIT#6<E!HvAcICS%O|MR&wA_(7*A&g0uxdFrBk51?ea
zzrNQ2$37`OTm_~UP9*L%terpDhkY-Bd2a`pGaq!WKkZ3Ot~D(l35UTHVv;K7;-X@l
zR*v1=9!Md8_GGaQBgd*44CCh{y}3^xpEkXxA1b~DH_8AKf1U5cuC~(GTdZal$&#S+
zg<&_by7vKOwSCeLGM5E<mCJHZ$5GoTzErrDfu8aQbTds_msefTnmz1({Sl)$Pw7Nz
zW$<q<gf&BF<sM|uvBlPce2Hp!iQrN>83CmS`WL+&Ch^yLV!?MdyO=6JQ8GQ#ZQH*F
z=J+%E<_VNAU$=wYn_1@Mr8?(x1mrI{?`!<x^~>_s%S8wkSR=LixBc43=&i;@wfQn%
zPT-9~%B4!mO2W4ZX<pJ2XJiY=b22<-<1(J;?eu%X3tg!bapi*73F8uSfXUDhXlT`m
zO;eluT&RDk2NP$jo*pE7P~+t`p|bf>;bQ*Mri!4VKHI*Px18V-CM?a-+o6!H?;Ys;
z{HH1)4>Xf%=*)s8+{MJlEIv~;$UudIo^iR<=E8{0z!HwLuOzYQhYyP1>bCotfL_^H
zJi%goT3fLyi&Xc>5L2M3Fmm9;K1zfpa<Uz43~!iym*(KD>I7MK!I#_Cs&V?;<DV?U
zMU4GLzUL!Rcv!@f$e=x=V7_*N-o3-7apipnOY?x?2`9sl2MeHWIfo{rdw53Wincld
zpJ1u%7;SqO?#gLUEcE5qQw5U`6{BaK)*+N&K}hwN!Tql^Tlg+_*LnwFCVo<u?#()^
z++0g&M3@JsHOdp!^j^_C`X}-~p8S-Lc&Pj;njXrtO93IIDCV_p17fvJOFe$I&Hh@)
zT9w1!b5O;od!>w#dq{?<TIY_~AKn_;6-^B;NsM{CNoF)9Xq^jKBkhk*(ruX@ZI0OE
zJNI~nX&om2Fj+-C^M2&2nK$X?|H7b{6XLAgL%?&f_|&>5(wzz(w~zT>lNQ$J3^GE?
z2(DA6GOxu8Wl3DM8HfUnJMD!Tyc!3L8l$pSwr2HQ0fGbMyu{IGG;OO`Y@h|!W8m^7
zP)>i;W?{(T<quC|VZ^5D@cSda_{j;L2-a|^)ooy0?H0IKJwEMEk*N<Ao!89Fxc#TY
zLx$&S(t+kD%1{yiyZnRi?7gs!``+k{)Nm^5^V4O;BLDKo5Ijd;a{yQrIXoi#g3_a)
z0)^DEyxr0G&^1>rjX*Rcp6=ZN-Rv;wVL=J^f{k4j+PVtu<oDu1t09|p_QoqKyVsQH
zj4h~KRgeb+^N`)_V6~*DQB^I#-Y6DSYB*si02Bl+yZt=nE3uvAd}#5MOMYD$pRMG=
z$L;T2_byzrUY?MWAZTS<<VAG|;~0{g)ujl16KJ|G)k_$0dm%TgI&{nKtmY5CE?_~@
zAkN&yan45e(HGh?emd-bRT$O6QHq>iumdJQ{)9s8edYO6U8nMr2wXWht+)!g0QFE+
zYVHTuUEWkh%yX086fUEHxhR@yB$I6G8xN)vL#hZ^{!j)4TH3Di5VxKaeLx<`?ZLer
z!2PYd3sZ7Nb#S7q@{!Ea`N!OLs(yjs{!FyRoDsrO($J<%Krm&plQt9m_MiH9f%k?Q
z2uEVYRIy)NX>7?$cg3{}t%CbAPZ;1vX}G4<%+0~&^qw*aO{May60R}2jBEx`w$>U_
z2HpI?Wzq%A&1d+wMa|$Pvvhv7P{m{>sF1U%000<DVg3^!G68WdOxQ_R%h`EfVAj-f
zk5p|p()5OZ$X@&@hMnO>>HA%aF3TzN+9`fL*zC*sK)}}hJCpSvc7Abg*(?PW+j{PH
zL`qHvVSs%^q$Fo^ePdfl<!ts4Q9IwzoWuJ_*if5l4`@O$b8@2g^#!wbM|o3LZ{g%*
zZO0$KLzHsMC;M79dQt@233B#gDB7OyoAq-1?W{m~wDFMSesR3}b3P5DwDmU6sz*QL
zLgbk4&Eh!Rdut8XN%5KFRXyKPQ~h9;wA;ptXl;mE1@#Y4Qa`I-nFU;0O-Wy5p*eFe
zHyD}9kzFdj2NeaL*i4Fr!N6E&vAKzs`@!geVNYv$-H^1Lt+YMRs9&w5U+u7&oAvbP
zHgB9ZrL9Fmb=bqF%ducKO1PsDmL!q#Pag6!V|QdG7#V@%^btHevN`K``f}LzZts?b
zEPBSlrmxzVqm12ZMr04;Hh`3zZDvgj>NL%R=;`VAP<7<0CJQ}@p4_8D>;pb|-EtJg
zv)sZ?UB2KUD+}?0n6*23d%GU}82)d?+79Sak>N~V+`cYz>{@sh^CJ$D?T(4g%l(2O
zX)1DCpq)wRs_8lFFllg7<NLP7IEi6Y0=O~o$=j4&(o|oU{Ox4VR<*i~RdXu&2j5{m
z+nZ!}PA7eTKG4kB8KmDTw&%sC9Cu~Pec%uhZ$d^ZDC^O0?LuXOa}?YKw&!b@Z+~MC
ziOOhg1?r><^~Mh7_pKNxV0=y1PptGDMIi<r(zW79LwR(FTvDr_g&RWmcH896t+NSS
z+ECv?L)^?%v-gcbSEmeq2^D?j9?6t~2^>#i_V^`E{FcQOQhn+=^jw=sp~6$67Sa7;
zoFa4}!2dn~u8-l;8We8LQk}5RjKiBxtYQh%MM8Rp?4`*f<Ijrg17KAYF4hiwg8`+m
zPFC%~V43ygx~#vQo$5?-8`h2rldA!i>Fj34)_3Y@sgf<0l^E0$KJZNMaQeEyQ`fF^
z^Ns2W?a}ceS~Q|=gazk(Wu0V!1vX~g3I1aE8@&?mY*Bd1Zld{ja2fmu+5bnonK<d@
z2HK}2RBv}xw^Ecrs$_%i@R4q&2}^kVDG0Ulo*}d3`B%)sL~A%T@S8ciZ_?&B8*5$W
zZDIa%Z^isx3aS1KvwQowfh7&(&sKJFVvf2Cc@)-?M&7#8cx|%oX&nklyyqrgJtP%?
z7~DR|4`pxp&f(G-i*|V3){mifU}0V>;-m$t=m6H<2jr=#iPTT;q6Z-r=Zc-pC$$aI
zyk{^}`^YVlg?;goz|WP96onV9-Kv2_JGT~>%v07>UDAez+gI0Zo<Hr6#5f1VHVas$
zq)vJTUz$I_m=1EGn@}oL-M(dF+h^`a;{|W*f=1p4s@3<c7?H5q0l#@9JWrii2m@#i
z0a+@H{uat~M=y*8i~6aniKW5D+}b03VdCmFD~R72rO8Xbf6d4G!2s&?f{1*f)}gfb
z%Y%Y>issqZD3s$C9QGD*yI}9s;u!DRcy7U#+jMri(eK~q@SV369BsG;=(A|y(J#JL
z5BoHWJ8CnUlDCYQB3*a>EXIi8W_d>BEP`M2P0TM?FxiT<wN(qCWRnyxIK-0p-sdK_
zBzarL^-$?+cOIspG9&OZV=W(n{ecL%FCCv(dd)KoD6^Irsm|i>GtsspIC(U^qbua$
zU|g~FV-@7kYYDy5ewqXM2z)M~7{6c;%G%n1gX>82RaWR5Wj;=)cfNM;gtB@2i_qEh
zRT$z+w6-Eg7J^Bs^pU)XziVM=Doj87S;j{kucWW!G)wWJl<MxMkG1h0c!otUt+Nne
zX3j_D<{*&q!BuqeiqCF6;Df-}OCN1yFw71&ZZX^%TH?sp*PA<P92g*d58un&T05NL
zei-d>y>^O1Fx^U+v9;Qublei!3sto~uJOU8?)M(*_G0PN+x<X+Ss_nKW>;{&Y4Af)
z$_P@tsbT2iT+YOG)qh+%k|Qf^*l?2=wTEfv7F~u~WIbB4Rqh0pekpO!NZR}^QthyQ
zcXG#W{~iIIU0#FBVQBH5x?h!J&d*Y)ovxa;)WEG_9cUTrbpkF3R|Q1;a;kskU#K+G
zz82nS<QI`+u~5Y>+FMgwU?NDWc-zUEdElc`xr0tpQ;z!j3Bp`CR*n!nT`g8D-ut~R
zCDiRswJ~rzXlmLf>)9h%UGvk&sNd{Sd`4crt{XnSq!l4rmjP9+Xg>SWn30nf>D|N!
zu6v1aCTA!;6@ivVJGgo63QbP+hEIzMKh(4I>xFU{Sy-(xwqh%S1&cp$PpUcd!5e)n
zbqXdEKN02!2a%&)_jzzY`=HDigybk-(kh2plt>SI^U4VTrriPZF7s9=q4PT+YwJZe
z7(EPqd8dPe2v0X>n(pVM`8X}nzqh#$zb&c9e_>`x9XaQRLBjYwcaRqq*L~08lmtFV
zb*2A%<2Q%!nLd9>-tQ3n4;5a2G`=QD#4xQf#lJ8+;)-WzU?8x^QDoW(37}^WQp0yO
z)mS(*QxW-6Sr(MTZw!TD>_1mK43TCFE(Dx*xwwh%+WTR&Tp3ed$JxB=lr?>dV<ZPA
zthRRIy{A(b*5=*_o7+=blc!B4TuXAzQWNt+)b8im5b_q#B%npc0a}|{tN7Kr#Fi3F
zC|JA1im~l>V6?)IMTFvUesxWGS-h(XcyT$s10RIYA^h5PP?jg;n|b*~et)NEksv&$
zFO4CW)!D_jY442wRMx=CqxG|(M(TG!box@np>7CGQXSn-s&l-vW<o;bQy$gq>Jd?#
z9OxzNx-M{*oOeF3K38DwQ#LcuA&mYr0}0DbF5Af%RNu7`feF8L@@$$3VYbVjwKV{V
zqa~gwadDa9<<~Ebb=?zFCmdMTV*{QQptCrci>NBsl2r%~9o>#5F^L9ruGyf`w%59W
zIVV2*k~7c_ZAJeV8b(Ju>8ZE=U@MX_zthJBf#{@+ROBzeNi;NW5xm4^31xg682Io?
zcdKFD;PpdA`8f^;h&%IwKUGHGXXgQ=y#o{FDrcE?Xdu+m7;nng-yr7Vg(F?<UpQ`N
z1*vGNBn@YX2b?5$C@>;RMCKUd88^=F(eyxYFv>@N>vZ4AHQ#fN`+n6JPghad0B;J%
zCZCcLKSEC5mTArsS*I?_;fv|e#SA|bY9dTj<QryZ@pVHSULCeg9=@Afa37wBqV>u-
zv-^8~U2JTut2m2(@>%URuiJHV@f)c9FeV8koHWgo6F*gRq3nQG`U2eLtL0U?h7aZ@
z1}6-HI?cJoMI$A=s-h+&^2*%GTsN}<PUkh$eAP=yRh4goPOG%T@3`7e;E>{)4r%U{
zzIllgAW*rFCj|xhpEB)+`5HkRkB_IGmjH+p;6Mu&7#v(Y>aK_9e7Lm!x|8L9NYo&5
zVB-HXNR;RIP1};0Lu6R&8f98y)IQX!TGG&cS$_SS2r)hr&*P!&`{W9uu#Fe8=eQ2T
z6?%gkn1;=P6jD>^uk_uE@{N+|=R>@$j;4;2R@kN?G_RO@%e_ksTyGPmf8F(W(oVEK
zkuqJ<pM#}+>?JlM6n0kyaK3gOKsM;-c_CvZ>OC@^pJdK@yU`RVjFK5FDN}krZ7Ha?
z{gwEs2Ke4qVo+#Z|4-^?NeSDpRUEWt(P)(N^}94c%>b>`FtLMoFtE9IZDi@*A{1W*
zFM2$)Q$-o2!&7PQSwU<8lI!>%EA!jU?2<m{Q+FIok+0zGIR=SU12A6gG3vgrc<KeD
zsq4ggjT5F4kzoi@l<|pHQE`XJcgMF5Q)B~d$WZMOy?82Iiz}-ktmsG9-|k`^;{{Q|
z1*@0gyFr42HDb97zNx85iMsS=fpN#st7>yn{N#twS@$xLjHq$aZhW4zg_n(6_3Wmj
zscM(aeLLf!;Go^wG(J{~2j4`~sQ1OUlx*koGO^{UNy3!eT7@MUwysH&cH=ftJISW1
zp}XeZ!t1I&;ZifC!N~kAaSWfOFFF_MLEbY$x~~XLk_Nubybg+5l#O^8H6l9Nsc6YF
zbuJo-M4|jqA9?bRWIC@fq*srPvq26mt9oT}{q4GYe0eY~xNTrX_=gx138}S5;U0ND
zGsU;-BW`l>W<%7A09SYA1pT?u?4%So;7rhKpr>*#582z|W$L2waDZC&^B83<?IbZ<
zgUKa#pB0vYu?<a+igB3_HP)<7gg{odI^W*3Cj-mrlkrX<Z!Ny%tBg5r9Rra$Z8P*G
z8a<Qf!8M89BRunjj-prf{g|gYh$-J$)DQDx>p>JXznhaA-;(bBl8x*-svvWE5V&n!
z3O<M4{hVh$lCfycP3S}jNTY?QhEXiweN)Qm5hb$MD}N-5TwTTWcjES~y0;Txns`%<
zM+om?)pwwuEptdO?^<xIG{0)BiO8Zkk-@)(;f|a<iZg|+LwIs$0%nr)m#=YQAor7S
zyP?SP(C<5jcK%H0OEOrS;pUt%>Z6f9pQN2+wwgh+@cT7uuVP9H%fB}yYRbIX>cSb+
zBzEB1<D9J~TuBC2@J%AqOJOcB2=6brE`KjarX^$UMs?XH=kMWODXsUGjeQNTo}TD<
z4Jsg<cLRI{KQur#CmexMK4j0P1hn0j?&jA?MI=Xdig}{f%_tX~Y7tVR`8U<V#^~CI
z)&4VenzQ_~9uB_w^wiKjbj8Gk4apo;N!9-__D7eRy6(uy%@;>zqXT71B7j<NTSP%{
z8a0&2Um9OwlV}j!B@FlzNrEO)m~l+e-B5I`d2fT>p(_Pvy<7XUxmNoL+Os=;t>vy`
z%Gk-ezq<|wI^<rCzV~TXh!zbdtY+EiE=lSqxMUxUjC#FP?_`|vQP$vWnskhXC=a(V
z=;0|M!x;WfcZ@kRQK(c}n{qr{FlJxdl#Xe<0Ngp*0{eMw=q1Ll%#FASSmU%{KpSMA
zW!?L&P>)i}_-uoTSe7ihTKzGhx?KbIT+_v$<%p}L7btl@E<jT3bL_s!_aWK&y@FV^
zKGk{9^FF;e!N18_*@KJvLl#99RDYkVp?m(R6}%bvaS0JZ>BAu3-$q^2g+!@0x0Fhr
z`Vnb)VQ6*iT-dRS__Wc0q+Cs&4MZo$Mt|sQ3ip07Pb|C)^_$xE?vpZ1Iyzkj!Ze`S
z80%#b`o-W&c67C!O5RbZHlOfpW7ltyN8&~|kCquZbdF0F+m9@LFTb`p*M8pGK5wJP
z!KXG_GJm<h3WZgwx@54QH?u2pLyw%$i=1*<R3j2YWcE~wUr8@<)qm3N+<0-b%oZ>l
zNRcrAOX}+>w5#ifjn(Rq3FYz4ZyCuQV=F}&nmNJWJvW|>23=mB&QCrzOt63JcXOl;
zXt?kBN2uWFawVmyUU<3>L^+@^kD_T<a*`~{HQSh`+k`z{MhP2#-#l#{DGJrz<@jT^
z<k2R;x!9n;l2{7*&haMV+=_grZx*9$U~j6l^vGY#4|CgFn<~C2x~|ZAyw;OWGe}h&
zx>o{dnuiOO{3$SlM#~5Y2+SlV+|u!Q6e1owNW<;B(J=CZQBn4`>>a*eySBJfh{(J0
z`2of8l?K{>rj6tQh3J70M@-pEncb#0x2p#yc70dYf>HZP%Pryt$#aeyAC@-_mw%Ri
z4|WO>r+YH1|NE!-q+Iq%>(f2|LDAz1P6d;O=$%c^r$-g^A8u|ny=OvcM?%MQM{@kk
z2*oOg87hd~Q~?z@<gPEGeT!6fBV5mz9tVq1)earnKNj`q_m8<w?Aig;C_Lhi8G_V`
z!BK1VEv6L>CtDwKcw3fV1L7YhxpttD$LeH}-@R>fXoKaB3PWr-w)ZhQ3JBqcfiCyn
zpAO5rBUXn4z<w=khq~nM{C{thg#LSj8t|dYtovGKCt5Fv3t1f&VreNm6YhT}nZWJ{
zTnQ=}KnV5)6xttF8O1Hm3E^1101H69-4i@?H<3i!O<8;~^6s8wlSm<i`V`cMIi4MU
z-7!>TQC8|0>_G%8S`AK8n^{bt25oS2qPrnbKoD|~V)#@lg0r>f#W?Y5ICe=bXvR1?
zVp?PmG?c)9dDp(~aKd7l&^XIrXyhuu|F_#^K6_M_CezzNOOES5DfN2#d~Bnv5}djx
z>|*65f6zSs;Ju$mVP?q}F3vOV&ljNmdn1*D61&;V*ITHeVMeSaxBczAckiDHdci=|
z_7D=}pBwO6S27s?q|>oCKw6J}YjSgJ{`bc2Y-2;GTG?~%@8>28{3-oq=0+-0B;J92
zTUE)vI5I3L{*o$`@7tQLVWQ3kpU=qbZ{A~^;MMH)Pt}x9Q|eu7<e1>K+fZ4kx&<8C
z)h;s9OE)U`SPNEiZ7oGQ3+cJrBZKzqLk=#A7YC)PJ`2S5IYw}hyGHHNP62lVIda!c
zlwtTM`9jC$KXzt*{aVeR6MQNq+QgARUxa@#^URW!TJ}RQSAiD0c~W)16n$jgY4!a?
z2K!9+?wRS9uuYy^jb-GX;!i+zdD*18VFu^>j6idH{o6cuAC2Ps2>Qra{+7&gPCOWD
zVJIjF1U?g#y&qN*9`QPRc+@=`a%Z!r4BKB7FprpCKV$8!E0c96PkgT!8WE*%9<`Qv
zNT4di)5?PxXm<7E4y)hDHuqgaP9#?r03Y5kRB#8V^{v{kpG?0oB9wyj!iW;iGR>PJ
z7e@8wU+pLaH}1zZ|IB3Oz67egqn#CfCu8_O<ASAYyR?l{N1TeT>$7{C>shM?=d%w&
zm}GSAGoc%1Z_f^-^HPVmuBtUjf@msw)w5R}-20QraeaBz;8W3C=_R~4M*OewGt`)*
zngVx<^DE5aY{r-eCpy|tO?<Twv+YOTghh_Y$hGO!J!3nqrfpGaiBqVC0Me^684meo
zT12bggr&yJV&uk41y<?`4baMX7jk@Qr&o=L*NMpSkg4Duc@$^vw75@x(d$L@c7#T>
z`?C7ty`x}W{t{rmU9hmBIg!0*KL(yVFG;>%2KBGtV48FJezh{-;2JaAu4#<zNi^Ct
zFXP|h$Q=%txiUsGQ$)v405y;5WOQTKf^*Yl|Dae+_WH7k{j{b`crdJDPweut8koZ>
zhyT4XC;XR_fS_xmoZ9~z0lIPHCd72HG~qO0`5N>eDFH<E0o$|uZ2B9X-2a0i^6^o{
zxlZ#xkMCCRAHVLkx4ZG5QLF!<C;wk~`A_!tw}oQHUs`W|YTpXAKOdA%Z_)0F3?90^
zTWuiAle|#sM(K+7dF7qAnkI2(wohg;m=7j)2>=BwFs}a(aa6zKwcI)vPU16v_qnG)
zSyO9HMrfiWB;YMu`26kioLg$QcK(EhgwdW9><~9Z^B}iNAG2a~S@Vk<&eav7pJ8EV
zdp|8EJrSe#e^)RmR#Bv0lPv!Xd$2<o%wRSRYr?TW;l}z3C|`82mz<#BWoq0%uAEM&
ztqaw9+nm)3JHvTa#A4$>?f{`tb%Mvu6e`t5&K0wO^q}XBhU~cEc3doaX#SR@I`PER
z&zd5hUN?SA`QOL?`;EE-H!kF;Wk$yv6|NAaqN$Z_?HYqgpwK+qN8Myo{PuA$P|4Hn
z-y8C}!xU6@2BbFJGZQBLB3OlMsYU0c^ljE}M*ignsW1yWSBrU($H8U7!Q9ARaUSb|
zl%#_c_o%GX2<|K6ywZzw`I+#dO~{L^wr`wPcN;U*XHNXSSvbT~%Trq)iqaMR!@U`d
zpGLIG2O92p!)K0HzB8EzW35Nh_|NUe9M(;B{Fgl-tUeexDFTxe+#NKp^;K_|f48cD
zGo^>#1i3s$8x-lZ?$d_@_)_hD9~$tne#mBx3AKdw?>i*?XMoq_Y@WpOu_@;PM2gBo
zk!sCj0F~o@iba5S_zbIUc7dFGA=y$mj9qkkm)d}@TKVLTk?*@KK;MD|3prD-DL?HH
zy;-<7(PShNp&hJa49&O5_gV6_m0(@ezoU9*)GEjAJZo}Y533&I%vS9tD6kIF3!c{;
zyQ*BAI=B$crqM<VA4`H%00v>w<Z3mES*aWWudCO>3>VX@VdBloaZhquvRqTer(SC$
zb$E~bdMAg56Pz(S!t2k!JukO)r>3FYCiDE`6#E_W!&wJY_<8j%zBB>>87P(k^1~YG
zO&k3Lvvs+AI15rzU?dE{jAm)!GNge8<$wTMgfA>2>No@57vo_yhREqls?klUWY63y
zZAwk=`vn5}s>eGh37ZPFZf+in3prRg!B_1AY_iIyD9wC-SY~)OpP_t+YjRFmR?pP{
zNsRIn4{}l$U9uGMoMIy#+2E72sc+RuY#?Z{D#m#Dz~ROX*H&OkT2!3n97~yYR=V<@
zjWsoDo`eO_;D@D_<15?_QNpb~48A9u_ACz^OmUouH5^HESQQhBao%;~%4@ykNj>}^
zUR_}t`u)k8mSWkv`NIOa+=Pb=_l4aj%Vz=SVPX_<=!!0@T=AwA9SRbyYByZZ@bF(<
zgg5&bJ9VoS|F^3#1yuz)hotWv;6L+ANWzVb6xlpKeq)Q#7*0(bem|pxkji<2NomKz
zvyc$j%f+rr=fBYsfxC|3y#76d9{zUQ=*+<jDBBK8nz%+9NNP@N_LSovnE>OZqx-!=
z9@CeQ#h!?nuV$2yZk%{Om)AO=sWpq$TZkwGD;A_{_HvK6b3A#x4V%7ysb=oMjo|6c
z8eJEicNlgYLkpnb0LG@aru}kXJ!jQux0zILxi@v=Th8^{Hge~V?zL0)?FToA)9*uX
z1q?>j$=wz9<3ofF5@qy}=l#gTV#2CfGmDZo7-4AeJz!DcuG3WRzc>B~yX}@}-ts!d
zl90~hUD{y$>J$Lr^#JItmvcekgbiK)En59wh4Nn&_(38Onrl~+f3G|z<n1y6V*9Im
z{RgZDnh4a55tR7Mu>7Eve__1~0Ph|r_RCriGefqy&KbHn@xIZdNiXDgTS$UE^h03a
zv(_>D%4!S;vMEVusLDvf{BcN>*fX>p%OrUS>>Etxl~YRD+gd-pB%B*-JiKZza?Nel
z`F!PX76yZ4Dr9_`vR$tbxY^s<RlHY)C@n!YW#cmO(ft;k`s0R_2gj=#r91;i$EhaK
z9KkIdpIcsSbl-9{6(D&81%~O(QAtOPt?7B0Wg=rKNpfJm9k#0Ik=b)zLmAoa=Qhv$
zEejfQ$6bR@)+2wv#Zd3?a20=&p4Bp~bHc08@(7*7hS{l}P<YkgDERr&USF`G2p~-<
zr#aUh$9}-uJO8fi$tJK8DWINvT%Mn31Ob*p^T9P8f<~}9@lF_9zv$_F<In2wx?TT5
z1YgB^u1H|4+rf%##kj}C$V9tOb#zLDFaUR72*X`kSM{n-V|YRT|G;^!;C=0o*BMsT
z7HdZ3E%8_7l!xrYJ~QcA=v1`6z_XwLZAKpBPkZiYbDR&If5>iIRsE3d^o4Y`_qcnr
zyXPoxpxALqN8<N-)x?wM+rsxgW`Z!{H|t8OqbA@hTLW&o@>|d-?<qN?DF%9ueC7mb
zg0+?Xfn+1O0#EiEg>_r7^W$9T7T0O4!Z|u7lwSWOC||UR67{ZDA;?x@mFYasIKSJh
z^*l}fV%#s;xOo5+y3X&Xvn`YlNA|s>g2Q@6$Jephn`T$}gtjbV7-N*qnKA&T@`pgh
zz@48&5^o#$V;JuCybq5%Ij+_?U&EKOKQXn<S=4=Lnc(f#wk4xJ-0)st8m%_^Pk(ut
zNH&gb3L&uBq@{X_3|NxSvG#n@!D0jl8d{HDlzwjV+4>cM3dek(u5%cs73}>s{BpaA
z`S?zyEoz^Od=zzYGp9l^hsOt}uLUw=s}pKbFOZ@4MsWU=@lh_m@qB}maI*?=l!TFM
zbMI~e?Xc{X@n^O6#9w)dk*)$(>dUA-$B`MurLNI@#faW`3M|aTD1GI?1?Q{5`p^;u
zR56)p;S$W2ME*Lg{L?SL<EOY~6f*w{%qVmq&JCib;9*tYBXw2rJMJNG7h&b=?0<7!
zts9~fks7L02@eg0+T`stZn)A9$`uTR%_@CbdTLvpGu8319!1z$s$92Yato|b`Nesk
zlUn8dWRajQnGsv|;kIQ4IgXVuBw|932$Xoq`#2@xjf8!n%H2)(wE^;bG6SbS(iuI1
zu9LsZAA7%bo^d3oKOYK?%ux-uI8C-F62iF0k|(&dE%e(`zcHsvS+Yl@rA$V6-wv#r
zjfclOeHr~Uh_}`~)aObbm1_IufG+Pe0{Z7nT(QhnRGf-eC@pUR-k-T>Ppiua4#VL>
zu75z=3w(buo*7(N@MLhAzbg|at&NaZ^VZ|)Juu$0pkmOF|D%x6Y3oMI`GVbPh6=@C
z`7mqj^!`yk`oR5>g2lejuyJ&beK`$Q08JA*MaZN4`q7DG?bPa#y^sXj24*k6;AP#W
zM9o3*_Ybmld3bWnn`QSPhI@Gv<t4nq6>ewhSUoiAT^CTY!~CCSu8(c4)c#7}7c;%S
zMj7HPn^nJIKG`)DmBA0|g{Di9dWKqGPk|-?)ECOH^4-y<FS%F87qZto%Cv~2Mj`d2
zcX_^&Cd!ouCC&WjfSYhI0Lh9Fu-RKq@=nlY*Q3zg0De>`p>lT1QjaD*{%T1hXZ*$U
z-Zz%M_>HWY^JJ$wY-J7RT6`KME^Zu%&8B6YwIxF>BGb5;4}Oj>jXz&{3l8MyETS1#
zto(>4CXUz|AtZO|8?b}izB);Y4yeUk<Yz9Oc#^PqBulYCy`5JGUQ{s6(d3u(d&gR^
z-?IQ8oFAb(2J0Qp|J0Z}GO1T;;>dR7CYFo!qI)gYE1qcOu=Xi{`iSJ8s;@k7nj0V~
zL=EYJZneAn=-L~4h-vZDuT2X^$qHN+v!bp_?C^@az=h7p*@txpf<m;s+b4SqOsj=S
zK~}ldEfmn!@FGl*N!$RYnkyt(<4YdyC90wD0MT(<EAn@@wxcr3W6H%jr{GKRhO2mF
zp-M2xdtTRdqAoSw?Ak!-xw&F_36dofRwM+Acz|z6bFvKyq5T*G)(3Ey7fd-U&*=pX
zEX2okTl(`?4h1YG*7n0e`VFl)Y|cKe6-FhhS;SVU2p@7kXLWV~3nBS$g~Jd0#JeyZ
zRzu^aTJlIKbgf_O-J8G|$YO!BfB>DBCR0uaJ*@|_I}TvxQ#tmNO6+XU`?M0KTH95V
z#)V0}1=F*+e)<uF69*k5g(khZ=pf0IB;e9{?%t$qQwIN(qjWzin?oAs-Bj0*`IGzj
zj@+HFGxdZu;%1=`S`mq4#wou!0UwHmNhf%lJU{eCQPl;=drt=5?N!Yr7E4&!FhgW>
z7Ih8_V6>H*JWX|b8M06@FQouKjq$$uQ*J7E_^<AQVFd&zmKtA8gxFZ?J6b9X$b-cY
zAv#H*Amxa6vtrZmMIp2t*_WffJ!kt@aOruAgyge$qU2#XFCRS&j&sy>XbseoOuy#1
z_9I_E_;zQhKzHbg3p+cd8EJes(HzBofvDll=Y|c%u;moG#61?G-<gm(ta1Vh%mHdo
zPKN0{J&M1}x>*PONHMEDcDQR=GH<>*jjED4ggJ#OGz<6Th0%1=ja8OZr3T<en`=U_
zGDAA}A-{sQd@+ar@2;Ye+8s}hhMq?InQzmN8AefD!S;RK%p0tX<nBatRw>XX#y<5J
zN>^Tz=gxHHB1)@I1c?#)Ce4GppDung|C;iH(9K93Fr3N0o;GLFW~<;oOR3=X?arL{
zWvwzNiYf35kz|<(QA8Qipo8z8{N$fAdn%m@l0tn2anT_Fs&R<fDax6y@-u!mX(vWD
zN(37I)R+LhPG<a_rh2{qn!VU1ov(N`tRvgcSvY4|%}x@%-ai++CNeHR#}yqgR%22*
zot^3M00!f4YH6&i{k-;EQKRz2|IgH&I&szbLbk^BVU<&%USl`xb$Y*NX)M`D0RHF8
zZ$ZPKw^4kjCX5wh&yGVvYl+)+Z+GMIYv-Irb``mOYC4$~eJ%Bl(Ut;(&O;?F+{kI$
z-&C2mrRZyn)1ZKWpy0Z*R7(?+pd|rJdk==V%L+TTr0Z;6eoQCs7B5(ts_$y*mTMXc
zE5mKkrb$vGLcyBDT%w_6S?A{ux#aM<>xov()%1bCqnac-*Es<N6E8kHK6Y<~+sDIB
zhO>I;a+T7~nZKs!xNer?>kRnMQ5^xR_{G}HGwkHxe*+#)Xit+1pbpAEHDO4AhKW6M
zg-fA1$hO*pz8`%%g^JYBG_|U6hq6ZLT}_jS1UZMc1FNPfW}vQ`)3-;XgAQ3E%0wuq
zk(9dUHP2L=1qicFzguQ_1yB!O&T&2p*xNth&R>Y0R;|Dk-!iGzi9fL@)th+G=>5sI
zq>Y1q4n0Jdf4T^yN!hfu2=@uBWZ5=xHeOmQigUPQ&Hjr2Y4`bq6D>W#oMflGU*wev
z7PWDQ_`p0@dzw=0pM3sumFAqfhR^Atp7`YOm$y?werN3Poc1g4Nj%;N)Pc*hSiz;~
zk`n6eGQ*(ZuG}d<`m_ui*<B)hEJj4@f^k!Da?uJ3=#bafraLq;Mpm79`IfYX4CalJ
zdfy0L2tvmSH~aO%U}%#qi!pj={gGAmAsy}Yy#IUu%6eG)2S(uv$wyJrwGdq`U}^3i
z^66f(pryDxTG5>7U^MF&zo&Y7hu5tX-!(Tl4wmG5{}vM=Zau1Jh3(*-79}vN(R@C^
z;8w`2X^T+lo6WYtk~-&pVwn7f^ch#5?x`9mheno~1PDv9+Cyq~pFAl6h?S#fGt2QU
zR%7gnSzH-`V4LKZ=ejnhYGe^u9Vj+^^5IjGPufmiDD!hZx$M7sVD8LE5GryYyXPSn
zy3#Nmi;WJE;x{zfwF@^~X<*owu{x)Bu*tlo!O2gj0U7S-h8>%L04hUKX9Ay}0GIbj
z<1)?%lj;0AkY6`z_Q=xHe)G9`dved@Lc2osU~xgxiDUEOyEU6K3Y(h?;K}rc3v<V3
zr-7ggeF6USuBN*JJ?Amsl#0v3ErY*y+DV*fTK#Msc>jj|P{=?>A6lyLHp!kD41O#q
z4Fbroz;@@6OC9Z@0_Tq7tCXaTK%kLvRj2juQv?0dop;htQxw=Pt_$G2E8KWBQEZ%2
z16N8&>Sb7-rQ3ft;%kgJrw~H`P7>`P3YE^GIjt`s2WT|7noG|8{09?fTb%M$QN(-s
zq1auE7{fFXuql(yc-7o2P&0lDT3mK<{(<4k%L+*0eg2X>Ls3DH${*}ALjiL80Jx=u
z;S}Yiofx{*{LzS<RD@FBwV2(i&CKqOwCmPadhf&NyB~0IOiqJ{+Qz3~#7>^Gmbm1X
zj)~H>Q_kh0@q0tSj|%7y%7qZ?h-$N<dJ#mq8c^8H`8I)7bjqKcebOSVT((n21;xnd
zqpljgl12-2u4}7*0y`|LX(YsEgA(4(<d5HaJFV^1FW+qjNtTc1!e~l-NLgH}p?`1Q
zCy;ygbYxf<$9zr(U@Bi%5OVTUx$`Zl=j3|3nI-9JYaw&b50kGv)N{p<^<>_{DuL7P
zi1L^focR@|oZh;AdbXyT0gmY#_&U#dvSnR&0bMbKe>dp^D@amU(<-mZ8y7Ka4Hc7@
z{iu%nBk;2nj{e<>36sI&VWM41+CbRM)QQIjO%R0{y=(8^mnVI(%kBJswfEgoZDv`X
zR5=wk!DN#QkjMg)GZa_|BoINuU=YD3CxM9u6I^ARoQ#Mf7?TmnNPx&tHaQ5JoQ(ki
zCP$O8SKZY;(>=4hXLrt=vwLRhFX??(@1Cm{zxVFFzaJbzSx6JIq7#|H+DG51c6Mvm
zu_?#O;}x<aZt|`&;!%$&hnO}+_%BI727U^Ai~}fjJiXj|PR%Kfc01*%wNBjxaBTAi
zQ_s?(>3EVQ@l`*<KrTeTca=SY)fv5ZGj=2@b~rgDQE@N##yb>mUXbH-W&uY<^0b3#
zJ$_MN4DmQJJ^Yus*tJ`tel<QC_F!53`CTGDxY2_-6f)yV&K^xvVl(h#`*Bo-Cdpu?
z8&v8ox}I@<eR~t2opj9zL5y07E8-TpT9j%7$aixn_>fa%pFYq|oO^b9kyg6nAyx4h
zurlS(ozfS@p-(fU*s8$+aLP`UYWr<t739IE`r)HVcVH8NQ;WJ4#amD^C$~k@RpQE$
z3c7dYj<)`dm8uA~6xp(3m`teyf({4bNM!fm14l5gi9i=Cufq7Q(N_=NkKZtbR-Uw^
zpaQQ^0%FG7_vg0{ylN-RAc-tw3{A$Xh=s~~dK8+E+!_!#r7R-t>gGneZJ?=$Wq~bz
zPoGz;rSFY-yWdh>)rmF}!kE{2N^l0IvbX>EwGVC%d&qG7R(8Q+k2rUvz0s6Q?oFUm
zAuPAfh~EuU+=v&(B=b@Dx&|&HBV&A|z_^K!yA7Qc)&3IY{6@o_uI|_)lcdkm_1lbb
zbq|zi@|$ym4WqFuFc~Q8O2Li{d+fU1sil6jgzQ(;AXC5rnzIjukC&!)$<mWhjXUrq
zdU~(zQF2nkIjyEXAgtdL2F!idrAklZhSlPi2JB7QYO5S4^mptRR6s>p@$Fr+{_!%x
zpI^#5W|L4fC3#WDBLg)9`{E4{g58MkDpKx-*7B%MpVUth4?g7`vt;yFD)BJBc8L<N
z_p$-v3f^D}g--zeL(<ZGUSl-f65YP?=f+Yx>vtMUx?i_wxj$?Y6(yywoK4Hm1Qwow
zlb~X_FWV6N3ZiNqb*D7xmxe9&h?QkyW49Eko3*23>g4*};Y(3-Xi}y8@F!^jAbY0s
zfjT81W7UULDrfMa+SD+7YT>SsL+YK)zB?bKHhk6l`~0P<X69UQ(Yl~95>$;OA^^yY
z!1E-*rA%}xRTf#Iuu&=90)yiC3&yvggajo|QQuPMN^oqUKolIyqmsbdYrf|qi5mem
z4^Jg#1dk%H>gbq-%He9vbP?mem?=(-8eS2y=vHF!amb4j!<U*GRAzss?sP!!sK#)@
z%<{@X;Kk4aVI*oc!2x&`f=Z*naPE;;Gm~oCm>3{MgJW;QTbYp^c@>{qab0VPI|4a+
zQIhuP4?gpc;&GXh6}zo{D@cd*R{72=BX@eNQfCf~ssWmU50E%SB*s2?pq_Qz5PSKZ
zD&5h{s_161k;BrL_Q@c&(%y%Q@(MbSlVKiRX8thKQ2}>SPtQ|dh-JVWw9w;}51b@b
zPv_O6BJaSO@xr-eYtgk+(&y&p`}_HqhT)6MPk!$4uT4&Zgxx(XogCyKk-Y?reaBs3
z(I?jNPIGzXUnZv)9ee=mz)HHt8<|lkJsa1#-10MTF3bfnjVr0!7U{rpONQ)de-^^L
z3BjH6Hq3qFZ+jDRV^C-N$+O6}U)T*=;zVZXS))U`s}e{Q2Gq?jY?^vQhV@4br!6*@
z**|_!?-u+P#|sWMl%%<ENDg`Woyz1_DtVt@{+%O&S45*B`>)z{`V6<7{-T}QA}55x
z^Y(4|ByArcxsCwY;wVrs-WPhOjBH;;Sn-oR-{>R0+U?u5=WsY^xY(?xLIrBV)#yd5
zax-5nm)|$F$Kyqm_-bkIS4{N?Dub|s&|a7cPG6wJosn9PUq&)3bXR?7venNEWm2vq
zlIwc9wpX%hf#+<TZlW~+9!;U>8=cLWB+4;+@`b=!c7{z`w(FbUsUCa_$#iUdVQ7Ew
zc2$Gk7~*}TRW=&F2-ag9yyf}C$4{bWl|^yhD2`eKgt5&pJaa207#iR$iw((3DH(nk
zE3&tH;beQzf)KA5YrY&i!<?6W5<Ef<H|*YD+<^(&Hf?z_zB-*Lap%}gReggEV&(MP
zO27qmeb(%7{(|5`oaq?e0zDBIzauhQ`2HS=7rx}8Gtjyx+&^(-w7Bak;qINqbhjIb
zMC$aY(^WY#&SR|)3Wlv8d666Yh~|kRqF$l~%Z<T3KHJx(R!twel<S8|q}z|y-9D^b
zVyZLMPS&n=^qp9c4}VZ@82rj;M&To*Qf;adfI-mP?@m-(50;xctLvd&ED?#PEn`<j
zk69c-57!Km#I(+<JqJT{9SCMdz0?+*v&Y}5oFmH^Z8zYu;3@oaMp(jv*`2TOv+PGo
zocsBBDagyN_>w)I)P?3+;d-G$?hyfgjas!MNvVrYIW{hm#5N8;VFqH3d*|mfjdY6w
zN>2(+%X4WZV0}l!*f+HaBY5ncZa=~cgxtnYFW^@wX?zywkP9tys}H3z{;hV54-NhD
zqono)T*d2>DH)e34UE)I4J?_}>R9r$gI?Oi@@-TsE>NWtq3cJ-Fha@DV7_ulbF$q5
z7W-|}MUI{QcJqCcF*jGFyo_hx<nQ*=BLxjB`R3!K4!PU-u18hG*KW;oa%0A2-lk(m
zkB5WU(uz`YcG%foHLY!{ct%n961TP{-j6KE7HBAB6@HB!FJ#yeIiA-L;6MCiei}?h
zF<1zCx`{axa9RGpc2udRnyT4BpUFjs=W0-Hj#Tu*bZ6_}L>3X4mxOyhw4}E{(OIX6
z0Mn1P${vss4C+P+mv}ZBx|ZsQRIowZnw5>y8e7=X#@u3@)_9FM8TLV^{is73xqk1>
zb#4i+ujN+vB7T%b5w|kqI~mVzM#v%3kvL@U_N?i|^*Qz25~63XZSSi!VxUINRkU+V
zc$atOYfB4Ei3zcHLy%N_yR7Y?pwBAdlgW&;xgYKGq;CW)%q9E&kz^*ESm_t?MoP?b
zp<J$1?<ild4x6Ca<}agdE<MiAWf_Ss&r*0ADQF|1=K{j%*C$s%Q1o4#(@cz{9c)46
zo1VOCCm!EMPIfN~ebl(EBD}REJk6v{0HGf>D(?n8&=gU@Is|luJ66eEk1sOdIDEPp
zq*&d@)py^0ddZ;D>s-m0zm7RufdMEv1CkJ*(t^|S_DT8{v}FKu8(Mi&J`Zi*#jzyT
zth5H3o87GQxM#L~$Uw)DS7m_H7it2GuNu=_6f;hRx-qbrg+!4G%Z4f4v00_xrqP(!
zBUK-uI`J6=u8o}t(yO@JKf_1l_Dyxu+rl9G6H87qbi1>;^Y%=gB`YMQ++U~8@MQkj
z3Q>`kxmoQGUgo>|s?R*oy<r0RG8wCaXBSU({#;Qld?H`Eaw1PyJn$`DWz9^rxp2<&
zUwn`6;zhwV1@r13FRK@g7xR@RX27q8G3?76>O_%f2P<sJ4YeMx2lAgSWZC+eO4|94
z8~}C7QV+3!2HlYH8C17C%wlc{a5zmyCvK+t1&5<mD||L1JHLTa@U~M@bFc61As5@U
zG~Tz}@@>4Fxj24u`C<Rkpv|yw&4)MTD5lfqO>RwI=YCL=Ww_;u)ZQ242k<1xcZeY+
zdf;lNOY8HG&c>Nd9C26UgGX95Khs&7%ySwVl+)h8W+yJR(beuo{4Nw9d}U}Sd#U)-
znT=$B^LMK1vi@OS#~KxtlDOEFBa0x3GtF5CrY(H*1~Gpil2kqp>;k}0B>BZD6XD(`
zPP!?iPik8GCQhb~A4j*E;17p{zwCIOiKhvB?8j{;rx%A$=R}x(_|YHyQgtaf0B0YM
z2~;iw+9wMS2f50zj!lf+eJiq@XL9S#R)6%F`q;Q7ROFWA5r=-lcPgpgo{u2tdz_a`
z#lzyXDOSLxeZAi?s9hV~OR^m2M$G!<J>|E=?6Ye33}k8^rt08*ThkW}9&(_gJ}1ER
z)1>+oS#E`>Y_4_3hsQazz3y&*cG3AIqbOv!wo{5D)#x@7-yaod$rY|16m;_{1YTE?
z?nwPE{jK3LH!3j&kZhUs4Sgs?9$7w`jqH|SN>jp!skK;nPp+}57d<?_DrPHz6VHEA
zX$=YDT*)4|<R<dBj6tU-tBuX2r(vc=kM5Eq7@rFm7gEcyv#w~jcAhVR-kod7m4w}F
zOf!@$+4jVb^x}J_Wbpaj#Fvm>juC!N%$a3SKNqIpE29C!u7+AoY!P#&xb3G#rVuFO
z8(oJ25A9x8G#E2`5#u9$+T}8}qxI#mo30Z?A%bXCf^<GaPO3RP5$rWOsTpcx)wsXP
z`KYqY;fqw~jd#3CKowJ;x2*aW)8lc<qbKI^Sfr~ucz_GdnuYR8E2r)<4@A(uls5!{
z4&)j-Mdn20IEE=P^taEQ>e8F)=ib4_!mCD&dmQ9V_nh9N{o>i>7f}Jrd|jxO2u^j0
ze3As9e-#>=A(*o+brhUZ==QEi&MO9`g{AH!Ma=DR#yrLr&LyYC!84}qlWJa86K44j
z_~n?<sq{D>X|Xt+>|#%1^17cRl8Gm@@5WQY^RX-U&w*AR+i4%a?Er820sEBP-^!M3
zWZ%z6OyT{<3dSb2t+{61ZwNaH{7UZiF0jb+K}<-yeE_Y|)i0q0GP1lNE>NJzEGD@S
z0Jecz6h@k^jO^+)T{R)SpewboH}osAgQ-w6+I2gm;DRbf{6$CFZDr($P_pY}NlP+f
zy^1T^b<F~&Kf4Ni6^T}ixZTU0)KS2gDWer93Ivd@yO2}d9Z`46j$RGXEE#`gO{38F
zWrT9+`}cY(H_+B~O^bPm=3Y+`j_q&O^BM%B0Fxk+O6ozj6j)!=c`zO8%KUVvF!k$K
zq|*wE3B5Heg_S@{dg)A9$z;rmb#=*qOzNmWv**XJP;hMc)rOG`kb<>wx<zx6&!!Kr
zm#$uvc3~L<&BuIWAlN{-Id(Wt;Cv<Na*3-A>-?=%BQI+Btnbz}u56hE6Jn`lA%E!C
zu6d={520S5_YbpBkfF{4a<Tp_bkEr1{v>Vb*FO0mwC)K0&O3_&{Rz|QQLGNgKy`?9
z<*h7+W~`3sv`!-(eBWdpFFV3jW)ggq;h)<xGQHtSjda^ck$*2^1`_S!Ai;fy$@~Hq
zC=2f8F&TczUx@1V4o9V<aE;a`ACCM%{03(@bjiCFm`M-SlwPP=%Y+)2)GMa&q0;j5
zWM6loXwKf5PfT%}W2y_L1ST&mr~}SZzhF)D{dln~!@-#*@1Nx*6IyMAMrUK}#k{QB
zeRHI{=SNN}?Wi55L%;(&70EMur^)Q=^@^43m`n9s-4|aHGm;tu83V*(SK(Xsj-44r
zlDJ8tp%sQK<!$+B^BGSD+0Wwl7F$bS!mO!vV6T`#Z*+}FH#HomL%5wr)00LB`T8{C
zSF7KvYYGRwPIqy%+D?L?OuE{u!>?gNsVVGo1l@sCc6Vz#TKM&1azLH4DBEEWf6+6e
znW{_(`TS;z{Q89E%`09LAJZ3dJJq<`1*F$7{&FC}Ao`X3FDq6`=E^wXM{*V`d|{oo
zDg>+pg?eD7FNOcdI<;4NkKhEDF;kElaRpqFuUu)r(ybEESsg2>6iL1ik}T*Ekap2a
zxc@*7RKpSDn~19w{tIQ`JfHmC?GFe+^L6>^PkJ4e-7GQ!m3ptNo~pc+Ul--~7E0lE
zb1JoWHpZ|L_z_RkjyWS+WU|>1B{jcNiU0bqulfH~V2e<l_jFpxC!YH>yz93?OAF4&
zRcEbiC+)l&V`l|aKRBuW>tFuQ|MtT{;(7L8VPiiAlS5bk3L8t|zFhpr6PL(Skz=0s
z8VY5U-S>^vjVb&2q5Lliy~_(Zv4n)THtVmbt`9o@JJYT#3mwa}b(kH}Q&?^;2X^*Y
zE`Jb1?&QX}Xw0@TeglVH!nDip%l-p8tqMEuyWMZ)q51(nOZvrIVwVW2=hkcn%?<4M
zffg~=$!&74je+p>?ASU*z_FiP;AKN?e@H?|&vQC9L#q_Sf&76M%X8MKG;HXZ&n^P9
zureydW8!%Ki_kE-ri^4Aim97NVR4GJxs(aS3We#CU^0`DF+1s9HJLS^q)O_qt-K+#
z7%cAM+_BNlft@fU9zblb0w(ei%-E)r-$zCXb&$ZW>VmchWdTRVX=|y5Q49VIKU>a?
zYgn;b7FK||6fkJq+{YANKp_mF=PAdidjuN5JDrOz*OV`t)DPyVc;0_y$Kp2-tR6{f
z;s~*PZo-Utq)p+OM{{Ia48#q8PN)M#$(FiC9g88E2i#m5i!1Ai84C^Luu=14<gTs+
z1)PtOrZ5N9D5?jl-*B&o%hv!J)a}tk*qkHE9RS!+zhx7n*^ka@`i-N{{Few;h>Gp(
zDFS}e2AU3gSkM@3RQr^c-AgOw05E`)__7_8LWv%^ayRLonUKkbK_jOh;dT1#)odFd
z87~jnq59xDYx47bH6o~)Ob}NvmA-!0z5jC-Ov38rl*Z4c-#9Q^?q7E9`HS|qJOS7D
z9r>o}d^BfcGQ^4{N*cQ&k2rP;@7MTZIU6+FZt&|3nsF&IIw&u>f2Ydvf=f?lxzJ!Y
z*Jojfp;Pf;+qV%LSurh&!(5neU|4^)c8nR{q6a28Qp_@(y8DjH%Bcc-Cr7Jc<ti3v
zgT`aQc25OLCS{{(h~d_9PKh;L2Bc>5w{1K(&HNl=SSpn<BQdgs1N$jHT|?s=4Y=#~
z`r`P<Ex5&owp8AfwTtJBbgkK&L$R-5krCwg52sQ3g}1F_(5P(#v8c<XUt%U!x8XQ9
zvqoH)U4u!m=zE8lI(lMzpDnFwFD`awP=sjtYKaz9-(xXj4m1?G8qBgvF!Ur9l|LL~
z4|)K|6iKiG8Gl^5TUyxf!Pi<Tew>DNfkRfFxs4+fB&GM6)pUoq!2LeTS;cHGbmFH9
zOUdw_N8}Mo7Q1_of^~E~x=Q~+b*D$+H9lQ_1(QmEtw$5>sJjM|;I?TV>(R|a+Il!W
zCGp;8Z)HMpRCkYC&?wvz{1TU5fddqCEY?c;7_;9d`svn+)GL#Uj?6Q5@0j15t=CWc
zTo6x_+~toFmTO_hL8f&4j)qf2(0uI{P|-PH$I-dw7)b^HTl`dKuZ3cRiO%X+{SqC~
zK<80q{-9DXz@3rNp}(v>Iu;Wo+!OA3FVFld#b2W%@1Y*xp^%Ak++C^VTdKj3J4t?0
zT=vs~A9elTkv<8TxZQIxyqXc)9e=~oEy}bp#rzfd_DBqwnRuv}!Iv>6SgF=t39Uv(
zA)o*!J~)$o82e)f6>JC&;uqXotGcDYG9IEx5}54m-m&pwd6i^;3av<CpkSI9=jlO1
zYDA7$-UVAZCx^M)L+plrbtN+4_Tv4S<h$JEbX<`#JjI!;vZ<Ey(UXBkuV$8)S4R-_
z7v01q#gRGY-Zl36C;UZawqu)Kv!OtY45}<YP>f&ZlznZ9p&G$hNt;<@qaeV4Fj_Og
zkruW#E*4>E=?Bd#c=2FAADanT66dSspy^47UsJ2&S0nE8$&!$@EZS0dJE|Z2{=OhG
zV0k3t9OdYZ945CMmMvdEn{M_Ac-z&xNXuqqK8_Q@Q!bjVAzJ!Wfug0ZC2n>|<8g51
z+wdtF4si&gUz}(oZS*n`2(W3^uKN1xA4=&#75A;S+%w!7Cy6Wv7Dz_hJ_iZHxhp6+
zEEnv8&~J{7B}%PRF{FP2#V*u>j27=~S#jG57Rucua(bm}mK@9Ip%Vdh8ZwhF)BkSf
zAD=&E<TPp1uPnD6MgI8UA2(PYI>r-?dBgPxw_nxS%%&E<Q$-UAR9CV}{<;4D)6x~*
z4yjA0jy+hg)tyQKK<PuNTjhbwFa4gPF-l(BPDF|qezk5VJ@vBj8RH(ki+#|m;a|P;
zf7=g;0e|q^-C25kT-;H{#w669QHsSLpF3H8ry^y1o70F2h^Qf`^=NqHbTr?aHs>MB
zzG2F{tF&5o;#B0aKKX2RkNxe|$Vpmcke<Noi=(v*y$-d)#O-@9s-Zhv2QwEOj;|{s
zE<Z5*FLco|{Psbu?cJZM{%kARH-8R>KPS$=tTKNNhX4Iwc*Yv%>~&LfAt1a@Kwt()
z`LW)=S#qsLN~tG{uEg81y15|MMHk<N=$DL6XQ2ynDFg@t(lU~uo&?Wktqv+>6C^W|
zxvR&U5c_n$+;wkH?JH77L!U&Z`oZz%f48gAC+Ex#{*~`TJ^$~=oU0Xvt>K`5awnM#
zKWhjDUPRqGOOAQ4Y5(j-`x*XJYT-kibWY9NuX-s=rOFK&X5OM%c4GY%_G7L9W!a_P
zP75n06PPQ<vg%f}EnwR3r>FPA`ix6RpyGl&W6zD@OW4?h?qYLOWC^3UGD*8vVy{<@
zu#sE6>lVxM0-qgQza?J{6>NJxyjJftN``@mYUd2^N*_01#itt>=d6*wO;cffF2?d_
zlMYFG!3dN<tS?V@&#_$K7M?}m%H~q+!#WmXahihy$*4sg&c$iA^u(grQKVCSN%&EC
zoSSsuDC27d=H&W30nh+Sx+HV%!(h>XU3G#pg~0JnT#;8v1Iz3!%O6dRF_M6;sS;N}
z5t2P<Tro1SX-U=cm7A>JaB^X-->pQS^TnrI<xcriT+Ll;G>*m+dt!=Z`htw^2y4BU
z&hgF*9VCLcFVZ}*<V>}}`#_9r(5>k8X!kLS1pOc>vM!w6wf+Fhf5qm;?|wD1`<#k<
z94m!{dEN0HV@uYS*w|A_cz$xtgMt~gc-u|eSgSEPb7>wW4mIB=tOLo=IGGplw9Qm2
z$QSE#_k18wn>ZHjC0;Y8{V~w$D0iOR*kWvmt9#IYM_+m4W_5X(<zk)Xjcl)CIuo-7
zJ_Der23ETxG8ycs^W-ChfK#?hAUA}*nO#Qii>9+yD%o*dxyJ6PqcuJQjpD{E^y<{9
zyMCvtQ9l_^FfqFCaCg<dZem;s17|&E_0ZYz1f+lA6A?5=r}olb;(&Re0m_99HU=UR
zui3um8Vtiv%tb(Lcp8=GjYY;}`(4n2)ldeGSPTlw!1|pkAiQQop&2K`TEi~`H|nfn
zm&&te*jM06ovNQ2vt#v-;un}a73HKWyz#A*o&DmRy7}o@n@~|qh-p+wjFccTN&d=i
z4!?l(;Z(>^em5F;F&G_U_W}D)suQ}0)d(OYvqaf1j*Q_WqILYo@mM{F>p>X^4*&_^
zw2G%52;%DA<8ZED0qI@OD`kW;<Z3+<uj<n$L3FirDGB@7Q?@}z5L;_YG^u=rLVvjh
z>GZx>Y3FPrM3@!d{tP=&mXkp|nktzxY0y^I`dHWvOJ5vOlOu*$9m|~pYE|IQ_=+)8
z-+-zoubZm^u_=RskCM%B0pI#w*C{^}Bw7kMPfk&Ct9cz5tq_@KP8>f(Ibp@i!@IW6
zm{_;8Y|lz*!V_<9)yLzyn1Etv0|vmTi;N38W9W<cD2AUWhWl2>=6-kel>C!xN!jHn
z;qkS=yhQ4v+vuWO8bX~?%n`h>8QGGtPu#|3*h1(ae?8Xva6p>I4pqzHpKJVy)JS;3
z+j9`3iu`<kM0PIN8Li>Os#2~G@H4xcUAnG1orQolh)hu*>Tg!M$_EywJ>3!bxo^IY
z@8M*#eqNDyq;Y<cQbi`48Mokj#=<v!V%km7i00U1P-ox&C3T0okt`#p645w))>Yj+
zpv#W_^UPD!^$pmS-QhIM2(JKbT@<KDuOLY%ke%H}Zj)c6QuQn<!y!h}%FpduNnaV7
zpj3Ah5e=!S!1_Q27^55;)}F5sXN28zUXYHgTwvsU7%OD)c(%pE&ANCP+*>8xyInLL
zEEB6)+T8fYRxVlhi0~=?w1I(`>Eh<u(1TJTg7f@dg9!(wxcgI?H)3>xbY9KdH)u(^
z-02#GH+RK@mAe8nr6y4zh3@C6ZtKFy>&Z|=YCaTwtm9;9es*iRf1p^Xk=P^ndsSkh
zKIXkUHu0LS36M}^eh+lWJS764L>#)wVNS~eNN=;<*YE7P5eu^wIy@uxHNx~{lwUN6
z2PQ;>-V~<<GI4ho4xQXf*tF)RQ*A!+-sg3!eT&?&vr}XzAKyjaToQia76{eqC}VdY
zgWHPT1nY2k6^*Wj#4nx8+hbg|Rd11$S0{I3gHfV+eFWPk@rWgxuJ~rpuu#@DUzHE1
zueZ)~$jTvfX?jDSHDWf`qVbyd%(aurhpF|44F^l)y9HHcLOEH5mENC_1NHsce&yqN
z@<br;`g5JDn-t^ONAWK=S}UAP>T5(};~h1eA0!<S5o;yWSy+FUjCwd{Ngy55?ZB?U
zZj;xdfcob`48+ypGrQD=oHe3Qb_<JCR?nBusEU_6)jIsj+_J3Sg4opB_L*Zm1}0@o
zm6gRqj{%)C`T0Q{LTfAXX)9wbzt6>=eL@dfCO@~iuWAKLu7(Y}nx4gJ!~JOWMU?|0
zV}5K@@#3#asC7vlhHBlqe2Jj|&GuMFmI}>@S&m5II91f%mG0Lo0#jYInSeF+WX+<`
z&eT<ybHg?<9TC-8OrAY}>9<@9-Fq%G%RbOB@I&)(l=(gVCut%~w!I(jsW5z{(~!s&
zvJ+VDM#sMVa%;m3xxZ0ycX&RegE-?NSK+D_CBi>D@L}ina-8fIDC^!kIR%vu)9`ni
z-4nQg0y^4uxuxNohJI0_TJ%0pFcjAbgk8Q$QtP+n7Qos`9q2=L=+o?!udt=;i)E)=
za{-4N9k`<PT=Za=ltkfy*kOB}y2RL-P58&2m|*;XD4haFsNADy^Ui|k4#CaO1A5@r
zeP_?4`20Lbgc2jh&H8+wxl$BMxs#Laa0~L;GV051Dw%9$)BM5zBwXhDwknP&`lwiC
zK2%^|czd%bn!?=F3tlM41pgGL!vZgx4nr24XpbW!M;|yeWJRC#MOJN3%&jP280>oX
z1}q9RxrY}h*2s?(U^E%wkc#M`7-teh%^}IsV%eP4PytjPX6*R29e->Y@Rv;PA{7wu
zx`W7j)6P{qPe;CSS=XnR6O`n>=K~)I4LNLrUD=u*>kEP*uq7f~IyHILzGe{-@1ox1
zk<mMbA%PtTV`#NLIt^#e8T-+tWR5`Yi)p{kLe)mBnbjSmF>8!TM9|^`i`1#YF4`6>
zP^>Z@{HbpV(eah-u8tE)r4L=UI$1O?UirfH{8V61+?FdgtbUV0gjN}0l%km2IGlwR
zbrFTE!-yQJXsT|pjnW}xGWnIK=w>mB6+APP_K08qy)g_~uypeg^l=>U_Y6RB(fp4(
zSGRb@s?l0C2V5hfaWImo2p(7dfZ&y8eXwtjS7J){S_Oc8N71d*`cbM-?FR9*`WVy9
z;luUNI^Ex8O7(fv)P4~CB+{q98S(Q8k4)csk^`$KDFSivR^3WK{vu92EhjBWW@2rU
zsFNr~e*+#a7p7MchM6uM$-8iJ1Qw<}i5oUnPtADMAJ38Peq@fJc0^H^??9MJM&p*0
z<O>}JN7}42W+FksJmHlV^M0Z_o7V7(AgqXST#jTWI>s~g{+j@zdD37HaNeGQ-%8_0
z__8dNrs!Hz6-kKO6O(}~#LG{cz!j%Jph7VqgS(*5DFb`+Ta{_D`>a~@Yf#IXOt{ze
z&&N9lu?^fZL3?7wZHzBQgCdwD&?2qRl>4f~k7_y(K$?{uxz(Dp5?iZ76QJ0{w5@2c
zNvq>#201@DVEc(vfYK<UMX-U7s~`Qt99PGuan@SA=YwE*lHogT=GTVaGC(mG!Fe95
z&##u^7*Ek7<^??$v2BX27<`1ylQWtP;RFa`*#IK#p?%-YQx`G1RzQm1hpsEvCWVA%
zm^gF-z+gQy@53qH!p59TSJeLI2Sc}Yd<pTGxl^fsOa-+1kn~iN!U?D(R8V_2)NxHj
zbhaJ`&@)Z{`EIbpTdF*3HA8;nP!@quBL}rGX)T|6tLIw>Ls&w4Zvj$gFi?P_Q$yBC
zivqFMablE;D*2z@yZ<pKo%#_I^4K}|Vz%zv5LJMp-skUBAsVIJl~gBIHcm0$M5lYG
z=)B+jQ}zG0h5wYZ3Wam<<MOZnkv9CZ+x{c1Mn(01*lmd6Gz)`tTPQM8KvdTn;&5^E
zT3KcHZqGL_x>l%E=U?4v^&Z&aK!dmE6o=a7uNQuk-`IHvf8M}fNNZ%>8w&7|aa{@h
zJydz~8BN0K?Y~Kz*=v0?9%^v=YlQ0@ME*@?O*7q)Q^gzK#M>@#+VMA;<aM;=he`Tw
ztAvHbi$%IWWNa_wE1foPEd620jXz|!-esD}99`L)usgATrugCy*|pE4GVJ*eCx4iu
z`G@TJuH)Fizcp1e;7>#Ur!D$VGfe%D4&YxKPuWnT&IRY4G<dG)w0)-<{e_2zG3Ptg
z>iOEG(dI6#47-(C!r5QYJS-?^9!CGMLHb{<*1wRbQvGOJJbzDqHx1TezL=A1_w2DM
zaQLlhK=GFc^RraET;DMNP^PE$EgO3+a>lA~OhxtQ^Z)kkz@+$^KFm&jS%b5EO|+nX
z8jJeqHub1eKGZP@!3c3^L<9xTB!=!%9oj#eC|>h=_MJ*+&s1Y9Wt8g1Xxp{_pXSuF
H?^FK+jj=-)

literal 0
HcmV?d00001

diff --git a/docs/multitenant/images/KubectlGetSchema2.jpg b/docs/multitenant/images/KubectlGetSchema2.jpg
new file mode 100644
index 0000000000000000000000000000000000000000..9df197c85b9375e25caf2cfb387c4c94814f6961
GIT binary patch
literal 187365
zcmeFY1z1#3*C>33p{0gUkREDC0qK$$x?57Zb7&DIC8fJ1hDN%P?vfM<K}tyh0Tl%Q
z@qO?2>Gwar_x^S7bD#ft_dIjXK5Or@*V^l>*n920e=h!92Z)s96y*RA2mnB+AMkSn
zw5TW}^GHKWT~1L&_MZjA04kw#1Aw!OCqheJn(m>2AsyEGKi~LOW^U=>_UryH5~|&c
zg<q`$z%1v#sPo?g<5*dHSfVN%qyCHt6mk@?q^LZp?LYIdUwMmv=EZ*HeLUSfQFSza
z<q<ksGN`;2Di5>$BX99X-qH>6t9}fsj+nEP*DqYZ(l3hftX*`qQFm<Ap9=5*v;cWP
z`d9x^&#2^D002Vg0055v4YSAqfaWj&AYb|oW6TEt!cYKcn)(g<%@a3sg!w<3Lq}cF
zY-|AFv;+X~4FG`T4FKR8{i6(Z`4_a&p^B(bbh)B_wty304bTCKfD2#=aG`R%05`w`
z2>e_IWB@SQuk`B*MkRDi^j`@Z6B7dy2OAd`2O9?m7mpAR_ZGn|92|TIJ^>*S5rhaA
zkC=p*hy;}<`qc>N*PCE;Y}AWHw{UKup#L}1&u##MjTVev2L?d_GzbU`0sZU;s8Q?&
zgZ`2Jqq`WGSlH-bG!PD|*p>(YFhO7t7!w2k77ivDjSz$eM#sPeupq=F*rfDiccA*I
zbGI3Il4r?z1*J4~boCy3r!>qkvfSs>MtCLG*3ZKPq|I&J(~28$gtUBu5-gf}nV9)s
z7WBw_Ce_KnEv>9=JWz<JP`dC>I{t$U0EGzy9YqVOR2~ALflx%?VBJDT`&A7kC1?;Z
zIz0w48BfAA38|E(md?xBV?Ohs#M-(KP+op*3wMM^QsK<~`koVM83uT80Vd<mB>)c$
zLiHUC0UiK{FF0l<?kCNP6vf2m=^M9s;Ew2~>hX|J%VZEo##rL`Kp-a&S_oCc_uQFh
zdMR<!3Qs3(b=j?hnHGZQE!WNpKJLH5hlVRW-;cs05;2VrOz%*!BrKqReIvT1@9@I5
zYj>{GIW?<VlH)G>>Jj{?|KX@!23wSx27xRMmIf8oHc!C4738A#ngq?@5walhVc`+t
z^}{ZMwZoa_OeMr45#!I3j;6K^dGp1VXIixNarc+h_hxD@Sqa~b$LaACe>Zw9_KfLS
zX7Mccg0L@6YRViF9X0tN#A91Gh@o<&{e)EwS3m{VBCC|41wAWbLXl?r(;Ug$u>!YS
zJ@;(LXNG!kt%V;U)A=wkg>;Xu??*mSV><xEO@1JL7-+Tlo>5)%CriA3TL0c&;;%%E
zaWn)$E#51YXCyNS><RJQI!(vc<PLoHs!w>3__}gFcPds?b@6l60q5%Omx|!|#)3DB
z?RRYK^qn>B>X@JfkxI;}YOV7;9eCO#{e=%7vhFFQr6PiV0<WJoG-s)29I~9-KfERl
zKiC|<NV;sOd>SQl;gQSF{CVk?YNnz_#$H$Ifp*GpnO#PSJD%d!+dY+fiw{s_rmV_g
ztbQmlT9`=KdcYia1djc^E4}?EThaR|_Pw>o%w9$*mS~j-OgEk_R}tO`JZ2T0J&p$6
zP}b&^4#jR655$rn$98s^I*lu-HH~psiM;CrL!-&gFXBZvRqV6{@z>dYzXig>(ZqKl
zS})CL#IPoRVcTU+FJ%dBj9XHf;_fAXXri1Z5A!H4M=GMWEzq2VRPqS`Fo!p!j2yfU
zTaHI$DNQ7HK~GPpY<45#5%TT{S6_%oN>+1UbJLomosE{JV?|)=N4~cHppzr`?DG5N
z%zIawzkZ5IM5V*+*0s&eEsJyaahXro>~YN$polo#<mALy8q(`ec;Px_=~c5_!)&qd
zp)|s?Z2=Cq<}n+6FoWkfxDU1;qlreDcq+WYzj?oM@e`P3wfE6`Ji{#P2vgSWxVCp?
z_%UVwph9WrQ_%z4KPbp<``n<`B>1|uAl35On(WKjCp@1#$8`Ba<41=A&o0QMJeb9$
zzD?e8!CV2PzrMS?vguR>Utw14h3pcKt2OiSHWXzoj3@cT#>;XiawtklmLb!R2;sdi
zeIwF+=-%s#Eq>(dc#Lh}a<eMrcRA%(|A!`u{icWqUuaI;+Ku3)lOT@9+<-$J!C;zA
zb^buY4hgG>P4tr}`vh+*on9G)LC-hp`{W}L1UI7sO|4~;#+4#rrA_u&{EwT{iYiju
zW_Wm=$rK3Ka%$hmGG+@12bLu(+&XXr_TspN3HDVLAJDoPxcmgpzntfOvHTbE&?)-x
zeDTtY0@*x9;w@5Iyd9=zY7RSlfZ%`pb`<WGh-Mm*UiH0+F1^6CK$@8~6dgmnvWZ|<
zE9k{r%Gu}TCXD$uOctKsq<eK{BJa-`ar8W#_k*E%s#t5<N#okU4oqU4a#>!$IuLsd
zs%z)Rzeus}*d5H%FWe|LD<k6htXbO=>_RDDlv%XRxPoO#nor+?9e8*VDkEszv%=<c
zSKrvJICVmTZSiF+@oj~~L4|TK*Yoari$=$p&GUR}H0<PJ$QHw}Pt1XpU8!57U)P9A
ztzT28u@j4{AWM#Yv~#E4lT98uJ|$J;Rp~vaMsj<79JTy}+r9(*v08pS@h4z%bng|o
z_jf_aRcqsprS?xioS)=N7~!Q6N0XuAVvj`HH)~#u&Z_r<S;`bbukkIi)Gt$?lz#vF
z$L0Jsl{+5Cvp4fyX8+^9vY*D^`To=^^K4UvFKWN^;9bIU)WB0|6H?N(;BvZ^JyPWI
zP(*q@xOr(!__NkIg8?6cX6RA&`~Z{5D<$di_W^dpXM{vsiTKN+Y}Raak@3XBtV#Ps
zJNLk+!Z!;|KGybS(7G`LX_3QU_}{$$y9Qe4E?h<1oI=j=y>c6M6m6=81Usaq<wv?S
zOuoLp8E7@+)vT{C(lN}&OR^;ITvrl}M2tL{j~>jC)Zp;SI-D80UG-u=i+s6!S9VzF
zxzmWO3A2u9h)g`O>iudNGCH1dHL-EcMb7>oV}oM-_U%7`w^MKZCzgMkM)w_m#cM;o
z2eR~6!qhLDMxv{z54Khk9#txvAce_BrAZ5>i}rV_qNo5|Ivt2Y$7^l(m0l>6A=W!$
zevDI8k5=DkFKn=80yhM!mXppAe;eY@y?vEBT(m1oac`O}oWU~+(*P}fkO&+Y5uqn&
z&Dz3P9_i-@W6J59T1frk`S<T)R=P*?a%``tQSD1vTZ)bkHRU5nbg|ZSx>?c?r(YXJ
z4xV<8N~d!-`aThm&v5Fy9p-=Z67ER9@marYDNA0@GhM3I-AHx-VZkp=R92+FrJyT&
z8cyPlVa!Y|iI&3fe5H6*YiIruIRtqc{tuSe{+%Tmvkd1PZ6_|}qmG9&dbcYGakxV6
zXdc5Ek~*~{%ZqBKW1%_Rn33-52y#Jz9f1#x;JTeE2er~N4JVO2w>nmK1trrh`^+(g
zUa3ycC^@@Izn*9}<0u$GU@+Y_0~x*G147jST}qwaoYz6fx-febQ~W2R|IQS1p10S!
z#h;E!O!6E;JF6|&=5|VOwwoYDF2m9aG4TkCI)@b<Zm&@<V30UYeHzV0^wVt-ml{cp
zgO46dxZP!ihB1{^6~4ZqTf)dy(+YjS+t$f@!%bzI7%D4c4l6Y~A@{MX@;v$UC9!Tn
z<JngfDPzrl^{0sYQi%<m#phQTZ9f5i$AlU=-V|Lwfdk0x9fLMoUPZDjt6Q^R><AAq
z?NEO&rA=7I=qQh80Y}}ShC_!K$}_P2;STb`8bXw?qr$l|7XT$qqMyJ)vc$(Pi0wQ<
z+JX5S^R9XZUa^6~l+!T%8$XmU^KH;R5Lfu|KJMB$!*kR$Dj>X!Hf#DPP?5xyagpZw
zsqe_NFEaIMV#ibAtMO4U=GI5`d&OEJBiOyVWoAe+wtJKb7N8z)023`89q@+W-<X6x
zJqq~4FNily)#K}bd2D+g@#Dhikw{Frsv?hm(RPu4%Jc&wL6VgF<b^dy;F>^R!skz3
zYXqkpc^OwM#$JuyX>T0ezeQ;vYa>RQ`Dm_T$4c<;-0Q?Dw+TF$AglZu9<ZyIoVviu
zFBzs{%)X*jm#w6M78D!MjjI8ybOW?>HnK`{ucxOxZIn744E8&f${xPsYZMNRaq!vg
zZ&zi>@m5tc4UU4`0V06-UU3Zhph-#s+=F7{+XT5{h+Lo4y8jp$ef=vb9=NTmE|cy2
zCj8JBOVCk2B@x6}QCCmPg}O?CLIV8VXoK%CJes8|PLX*f;-!4V5hhJ^ndGQG{TKz0
zXGTLS+jF7eF~$i&Owf01x(RgRMTv!x&tKsPCUbJOHs3RhR7A+Hfm!=|_}|SmFSSY6
zBKdyLF3a4ZVx=^LrZrn4U%7)vIoqy$?5xIEToNrc@3A5`*AHAMxM}nCGcRRLFOiJ0
z`5fkuR*3Xok|$-KvV>HDi{oCy#=W;9(iuuM)sa!K<Sioh1mXxc9t9)za?c*ixESnN
z{hz?Ayvnbcpa0GYirK5}*x3rbhpiKa^Ne!LpN=@Q#hjVQ%v7dn(BNqa*eO7Epb8em
zR|fOLhUPLyCIf4QVa(EfebYTwv2Y$1SmwMgbUDPPc9-kJ?M{qgN%!}XS_-2SvIH5e
zFbsMDSg6uLLHX|H8>KM=slDdB>aUr1{z?hLVxuvoQ_g*Wv(Q$Lw9q)035$6n>J^9q
z7hULxl2m5{O*A|(F4lwItL^+@;gTM;Y;J&yoCp*8dUcA9W$u82_>(NIi}?IRRuL;*
zDxv_I8c@=r9*vQe^idT*BU36O)NA>d>CON9=q&w3h!(%L+DBWy)${A|tMqovJgx=%
z6%W2uc4~g%6_W;?h$8q?xk;de&02`e?PN<*!t)4zK+0q9i#*jc7$yGaNIZq`_q=21
zcR#n~wUD1lmf9aqUwX~YOJSvaS7wZ<U{*D57ZNZj^fW3WNYaHSs~ijohXy+*u_`fb
zF(mJsL>uQV?v$P^WzOJgtAE0Ca(&Mo?&8T@Y+QO4$`;wm7M!Jl{RJl~Ap*Jo4Mrv7
zFZY>(?Zf6985F0VtvxXK%>NVkD>Wa5MjTD6lq5~hn{ZEe1bCCQgPKaT^~4inObR-D
z0=$ExqQpOyljmE+4?F~r%ZPL_-l>weS7gn4P6@MywdJZm(mcHGj@}hXOsrwHNdrTe
zwxpTVC<D_8pvU3(ef@<^2CJ|N+0E&X^w#ZHzZg^h-s$G|NFdLdJTfXc{`G*gT%*}Y
z=L>Gdb}OYs_<R2N*Z~-TxdCOksfCQGS=T&XE)=o%c-^}vP_4CB$HfBij8<&Dh|$x8
z#M)?R6d6dTD=^dd#bYif%N!Cs<~7#pl#9+=bQL|{J9qEseZQb(Q0s|sy&3kX_ZqZ*
zq#I`)H)^ERSr>ch6rd-b`heA$?P64Pw|;Lbp5NF;_x$0-!ym;B70a;C$f0@5cb2EA
zGq0QqUuOaH?iu=j0%-qi3atCzX}bnrpCaW?WVL@{>HhyATEoIUmn;WI{d;H28Wnnj
z<H_j8RahLW--(2tuWM(Jq~k(qL<wWxS$C5Ua%1wufMP5GOY;Aj55l7)O3J0A`0RD}
zUmLI?&LjA)l7_Wvg=6&bwV=hqGy-nv&-?M4VAugG@m}x3l`899IhM+ZVvEMbW9%Vo
z&Iy&&)a{-kz0_#PRbD#F3@-wAmEx6^r;;$>G2g})TGQFRInt`9E76PJQeR{<lNm6$
z=|qwuxz+;%59m<SiRTZ0e0uv6KwG{}O1i}RmL)vNt!N(fl|q|wjnnmF_C-vlN0K`K
z^u`J7`9ZDm-M8KGbM0Syn%(i~b}ZuP=HWJm%`SS|7~|d>1#%+jY!0_93&+78F6Izw
zI=fnMDQr)Y>wqyKObnt4zSI8IgG)Aa#rO2%a3CPowET>)Irp9j$_{il{RFJGZbE20
z9e)Br&Nm|?*O&&Ahy`CgxvqPcEPI^;Ed#8hjKY!w+)lrUwox`dn34;!D<WwfV_da|
zmBeeNyc3MfmEaPemW&oe%{^raOw-Y<$>wzWnYZbZ(IuU8|7cq5j~+*iYW83yeEw__
zdad75GT?1fUhnWhI4kFM{~>%MQ}7wbVe86$YpUbe<wgZ<$*^@cr0L5^ZMJ;p5h)^A
zSgNJGBgx~ax7sG+NsNW+EN-&=B$%5kk&HUcuz1xC;v>Jurcij(vZcrQ_vu$R7|mBK
zENA3j3LpKr<$9r}{)yLkXYhGf033z8V)DXjrowrCVse*Q0KTfwlFG-?hQBHsGVrk0
za^Vv-{Yt;IP@tL|4YX}@b2wXUT0G^f93psfGO@;hdm+(7ssJC4a=Ocxp<7TrEyc@>
zmI0Ep<~0M?Vpu=bAO>+s{J{V}?FB=N85epjXB)9-IK;DEdVx{aDnVzIjEO)k92&nP
zYsMNXz+L2q|1Ea5*HA0P%FglYobtSX6w6$kj*<W`S!~gof&BgQMr4=E>LxU%!vUAg
zjXfo-v{EKrUjxtkBOH#^=d}Eg$M*I>hn0ubGM`-nkre4ze<V@^ExDMm0Tmbo-Becm
zohfz6AHPHz(EMn8s6Ou>2h9|JsMpkJHf42HzR*yOsX?k<N{E9BF{ofYU*&4EhNZcf
zi1(%4Q>HJ=B;AQAt&dtz9-W^RdvZMgmQ^PDzE5L{fzD--nZB7?!4S7o3%M9LKF~Q;
z{a*>5+LK+Wm!H=(ALt&jsrU=L#l@kw>Rff2Anz9oiF9R!M#^zkB#$O`l4TVne$+>5
z#osoN)q%OtnL!}5jIXTQs;c-EOMS8e`cY%BgbD5n&KEQx{W%$tQ6W~to_f0Ik9!dr
zvbd74vZkx|e@dd?e+meN7!$INkN;}#m*g{jw3?t|c*inNuC4WgG1={`{F6YOV*4N$
zsY%7zEYw(P1j8DenVY;sWraZdPTzxaZ=0xl9*J@Dlzq1tjKI;nO^h$@7QS^&HPgc)
zBQeNW3KFfwmSnR-&Hb=_j~Kju3nR}*xvp=w*ABAt-dKh;e7t-2`kdt4bOSnt!(v(p
z9~fI<Iylm<mnNU#E#p(|4dkur$7Qk$#&Oa(#!mt*ioxZF1hV@%FD|@O-4lq8^+JUB
z&P09!v_|n#yvXEWT$m-SfKEC{L7N;72b)cFi3-y+WIc5~wM;qS<a*0~i`}keOk{d`
zeOFn`{VKO7<AwT<vpMxi(g(Xv^=jkxx7Z)&Y@B8{aK?1sSl{7Hu?5bTl!_pSBqV4N
zMHYm}j8Xd6>rB+A->n6$aXq{GSmT|lI5++3>!J~E4>=y4b4=W#(D-X-ZKtMlJ0Z_5
zBQIaMo7G768|GV8kQ_vua+zd~(=<u^&~qt6k0SCuSyVD7y!K#oefPM?PSH2=s;alU
zq0$3pp`h6A<fBr!RC$Z>9R!NbLSx<<i^!2Vpqeyig>$|BL+}3l+zr-3d-PlWU*4Ld
z1nog)4syav1S-Pg$TuI*53jIK)q;pG8bh}UjInHCl?l<i1nX8q3>o$y9S`iw?NR}w
z=+ZmY@A(bQ$>+Y4^~vyy;6e)F*q(t=R6VVJ2<{_ut^u5XX<JE)Qi$Gsz1Z*mrC+&m
zyQ&`WvkOsG2bZnv0XdEnPqGB#3Lyw$SDyt;ReX;QTxkX(T8qHkFkk8W*laf-aKdSk
zQVV`di?gpdpWBR~q!Tq4Rb8f|Zt(@$?So15;2ww-9Y7bPwavNv6IeHTR)=^d75AsU
zQOs7PvEQY+R&paoNm!`}7UM$i<&??W0GW_y91|gm42?<<x5wTQXAx~Vd%~I+c$ASX
zI7(0`oyPb3b6+GsY_a%XUCnon)23<Gy|A}+p1RA+%B7D}F|6^KPQy*Q5<7T3o=T$L
z6)(-FvSIiuUgiU58>f!Ujrl}nJw^o|b~Je%Z50gsNjF6%_5Sua(n;6&0{Xq*(!uMi
znDFw|FB_0Me8~v++UR*EHP)wKz)-kJ&FGP=2~`>28o@Qg*usSPzM?0=CM0$O)qK`3
z|HNdP7$(-}x4Xb)pQ0W#VUnV^qq~WQ%+R_+X9bUfCCp%8o3Tok@aCdvr-umtp>UHg
zo*i>`y%T<rKRlTsLW7D-{?ffdlY=!ZGOgz6gS0E>w!5F&!(HE`k)Opx7tfKAxdq2$
z3JQ~wM34(Y&~R`W(GEAoji-0GYnzzs?-<GET<0WMnvRYOOHL}yg=$0=C1}d>DWLDO
zIrm7&@$?Uo#47wYIsers^$x$?{t5i@N?8^989I&-GNE~W%_4TplZnaJz)=c5Z8mF?
z2mnZzeAyBRxL$-X@xJ_PUq(eb6sPa}1WNPDzux}wz2%1M)ffEh44vPczJFX@(hW-(
zCThAK*96{|uzY>+6L=0AiB;@+dwCzlg1&-0^F8^UvuAr-V@MsofWnq*){>g1^Lmp;
zQnj*HdUOf!WHu%+=>RQp1U5D{VFb2ym&D-buo#K$1ECD_GHc2{!}^b(?~61Aq&swF
z%|57<-|FaaAmLFrU!|5V_}=y+nb!g^V;yCJfQX3J%#V+$s`vQf;v1RkMfP}2#u#4~
z8^Ma67=?F`Y1+uqt6&ptnDp?Yqf3IPseb(SUld;i&%Uj!<@iI^HUzWgM-SO4g%xf1
zgI#HepA1km+X$W8RW-EDSKRSe6)$(M8o9-mEUa<gTNzreKsB+*SP+>`1a%<&NMl6;
ze2e{l@xa=I>qVy5gA)7B*%GxR>sAMx##k49e6^OMEe&*)#HeG>Hn~00Enxz{0z0|D
zDDPis8utfh;qm|GOZsunaI5##Trz#w&GHhy1apzrs0tYX@!sVVvrcS*3DErX6jDuk
zC3s*UPI%$zXXLibZ?PQu14FWl)`HUT*Yon;rxh!3qci7$*l!}ypz>ziC*`%+y)D>Q
z1@nsDyBy{HTl(YK*yMPvKa`kO1dflVLSF~z9w<E2se8z>%~XlckQp;N+RQL~vst?g
zd!r36D?qgF?C+yvSjL3|Q0v^^a`K0Bvaa80#K(X74|{DA^5#44M5grP&MJK*UNLe?
z<dQT(1~%a}$w;QatR*&yo6#MJhVc*&VCWy94wXn*MXOrigiQ_^a`cgos&35%*nK8G
z)xLAo7TmTQUxwD#nr7Uc8I=R2kRcC+1;JT5{unF%p)ONd3^I>i7d)+CsdVGHDF2aS
zWAtjJIFoIpyV>|tIZmk*YiJaaWWPYKD0u-IDlBzGk^bOd+O$S~yt!@7<#zZ?&3kEA
z7Up*8))=Q-5JdFTqgALE$SOg<^rena2C)kiRI~Eruc#>?$(yBV37@C_F=8EZFvNFj
zXzGAF;tk}8vhSnogc#L>2jZ)jWyL=8NX~a*fFKGAm<IgIktzjaI4X#AAgfrQmFHo!
zmW0cdsEhG_hQ;d)*(hbC6ssgLVD+x;382IbBF1SJZsva84f$8zD`Qf7A;JJ<-Dxjv
z_d192G#Zc+S1g2<uC}?A59t)PF|~=J^7WZq)^XmtShOhW#AXaI#?V>yOO6l?5J$MC
z*dLAamD$7?3@ka%pB93SO{Emx5#!E6o{YOoEkz?=_WPCAwv|OW0+rQ61Ttx~e>xAE
zKRhbwM=HoYhDUkVzpQ1J@VlrSQM34Xy;&Q3Fn6{Cua{m_gBt6eiUPVzW?t*nFiSsx
zm!Z!}K!XVa5sknChy#op6&D>JPx!tt=MnPzSffZ!P)MeyF+irhQvq&evqb~2$;`Nc
zI1<t)(mj7QaYHx)rNeLDeny$Nv8R%|uHSn~pJhiro29Vw`9ouJC+JM%r?_T5&_d@s
zVon{KK9B3!6-0*m!~4542Ust5GR9snV<&r0nX0JA49y<!H?+RzN~0XFI#|(;QYtHd
zO-zvfJ;~-pjHN`;cgX*RSt(wH+7qua{TE-!f?00H1%Cp26Z*VWd?yQ?7J@4Q*y`7X
z#I!#F35OOi`5-XJ6UY-|hG$9szwCjx{NwfRIpI&>-fq`9C5=OCivEMo>ZQ-VKT}0{
zi^XGn{r?eJ)`lY&vTyQ!bo>1TM(f{|Z{d%I$<5gXzdgrI!?2BJ8*tOR&okWVf}4zv
zo6lUPVk(Kr4IH+(Jn&(q)$*~98!1uhd=Yy|^^X9_pMU_x)zk;fIcygKqMzLU5g_>k
z;C{~H{qRSoXT{>;=a>Hsko*A{n#)1OW$b5OSz5jh|3_TrPr$#?{^t6>nf#wJ<}vk7
zOGJW2o+Kv1Vl~F!QM^n*m6A~>!D*3Y?JQ9x3}7Xp7fLRM0i?yhw$pU;ul%3%6jQhO
zMr5RN@G6OD>nE^8UxOMv+EirdrTFe0HBufuw21r(G%!H^VFLaqN3;G#)Xc`!Wx6@_
z)>w{o<=*OK3M)PFD8+YkNTdOa^Ag9d-iAe&)s~V)#(o?zjt}_xx|obJ139Mdj;rP~
zc52;gO5L9T=1@kb?2k$>{WE9%AC&yYW)%8=0%&Z`@0`}oKbmfQbnG<m9%ya)C%`Xj
z?$PLw?lZahXFc`0gP@c@0k!`H&4m8H5&xUj<o@1wBPACe^Lt&i8gowT3Djdg9&`_7
z#nyC5lvCLfWyYTafmt_O`>~E}K4fP+K6HLJfsd#hA8}|9^MB0FZb`9adQRjyvgA;!
zKyrHs#$idN^ooFy#!SY2&3w7M(CY4(Jb#LXWk!9!!Uq!S`^@I_qnNNr)L1^Ymj)9c
z`i>5`5vu)<!p}Ck@1D&}D|p>}f5x?ceQhA9<oXlXwhq_vN>V*D6=Ad0J{aznQ&A*l
z!aCA^;HBC#D?ECO4Pb;9;G_#@E16v2f8jWAt~9iEn^n5Wov-GwKF~O}R~&7y9<iur
z2#aOHAcNsrYry3<`d5CS`yOrvdP@9Pn&O*9LoxH_ia+0OR_1>mWK$U$yvwiKli-p7
zAEiYmsCa;s&=~p)Yk;_6atsp14lg4k)vuhIMJOxPMgHL0p#0-KyFB{<%(Ml3$;hyI
zY(@RI`&o3=O)qpN=O0V!6{3IKh$q*kmt~5wEbA}km4`);7l7u3{#T7sFmQ64-fS7X
zq^C(Ko7GoLvAQFd$K^S%($lJ@4R(&vMD1N91c9cSbMHQTe}~YLS^O>Z%;P{-{>O66
zwXRqzX}H7>Y)j|U1Il$G319o4fUmK5O!`-2zYitXAKWf@EmslG^1Du1Zb~=*d0Qu<
z`TwHY$75^{@_tr4X6BVZaQ}m~K*{g_iP8Pz^SrNNeTyS;UL!ZCW$59&%fi_Ib`O;N
zP1(Qe{hKepB=mnLIS7(9LrrGaK|g_BA#|+YO82MIWDkO{evA0f?@BB@fl_~0gK;yW
zr+-&F4{|K9qo6gl$UN6_qe*}s+t4xhFtOZB_t|c&TG5g_yG4*_b+4>U@l>C4yng&q
zzOBn|6bKJ;blTte|0fdpzcCuioPxyJ*f%1ajxz?&1sZz&f@bYLC>alj*oH11E*v|)
z9?&U*04Kz!gv}Y@X5xZn-g<A&%s6-i+*=p*DMasnnk}9K^!tfjv_l>#l#%pp6YY4R
zV_Di7SOOtm`qZy_KO9&MwQWw}Klpqryf%quKPkPN?#J=$&2fuA1<z5-?>bvM+}IDq
z_<jN%Tr`6!{?%gtS*cYx295A{3vqu`Qu{AxK29uDOy>z0BrW<IJwGDhRVu1tHr~>B
zjvu2<YIs0L2So#)ZikR#VO;PWG{X;OtJ@OFW?~Kr-j#1F?D0Is9xpGn8we%S*mHT?
z^N5(fEAWS5-+4Kv_y21t{ohys{vYVvzkBm<ru}Qfc@&!QqE?2xMn?EE9^+EcN%;z%
zS^*mofs8vhC<Kv?WeyNsna5OqdbQ{h{=NRrWw~!R{U3v}ggIxK*qIkXb$e7<9<6GS
z`06B`pFpVhdH^~l$x)83N~Sg84|%-U>8V;W+Al8m&vm{`lo5H3F>Vv{espuD%2K|o
zbwEFF!Z;yxUe1<-E=gd<o5K)kd`yRZDj6(+LESyd=%uXZi7}bH>lG~Z;<@33cJsr7
zI^J-T-j}eEI&~4%sd<3G%%C?i*dLn=%B+PWFq%@*#ML@rpPTF;<#67jbp1Lz<$0fj
zk4Z{$WZY9X6{)g_5l!7pX>IaVFInls8Yd{4aH}J}cD+P(|KOsRmjcVl{5vd7XGYze
z+xAV~wO3iGHU?yos71&#QprIgp6KoY2!36c{hP_*#Ds%}i^+*ZRXeZbc=Cj%cE^=<
zZ4$RTkqOhXdOh7YS%EzAmM#pNfxh?dPQ3bJQut%oF3`TmGDLmJc+jwSbw5^Kckl4h
z3Uds_ani_0`M$U!=c$%ET$w?lf=+Km)DjnLXu0h%Gpd^!GlWE#@5B3tYb-p7B;m1C
z=cGJX-6M4xh3n>^Sb+j>=}HGn<)yX^$><ivh4h{}kyPYxMn6yT9enI)cViOLacjQ>
zX%Y`mh$W6UUi(ZL#Pdpgbi)rzi}$S}Uv8U;)u?HRrv{WWlNpe}L29M<T=egin_nJ)
zW7?S<1(3Td#SXa_cdPe;p3L703m}7Nx@WljsHSSg7^ggIgEA812%Q3pKRW4P_9C{v
zEwe`fRVB9T_Rm{pmj_4gF%hj^s&2<B@R+<ZAzLlS*e$|g6sJk!VuqX$5zVtvr-%w_
z92LzeRcAtS!kF@eRd<W1D_N_LRk-x%NgwvJg@e-z++gH5wSZ(k06Bj>l#}J4H8UHZ
z{QXos$EF=emda?y1UyIPVl%`xVDK&~|4hw-bP&WNhF+iv5TP}`vuwyM-^-~<Q8kDt
z6A;VId3%m2?2Eoqq!S+x4tisJN8>6TNk@*3Iy)yy$k}QmyCgj??08V?{&qy(gP7<d
z`p|3Dl!=L;OgqFHw#qyzC@CMocA!v^(`PQk6$uXjmMv1ME|mH8R(g}l$=d2m%PmzU
z(lTuARISbO-*6Wtc|ESigA-6qN|)!OWyesa_W~52O$y#d&2|-}l^2hr+8*8R@a21~
zjH_Bmq*+iFEloC~O!~41J_Fnn4>yDT+FfMbSiNBQl3#L0T-t+H1Nyk6Y-C<1Mz;Q?
z;cdPFpOLmb3bU>2`;CBb3mG?rM~Y{WK$sC(yMMdULEolgz~lvI)x2M)N@N_?7DAzb
zd0HY!M<-Ncj7pZYnTWN|Bkq#vyGRf++S_Q}up?^`=6i*XkvnP>Jo&O@g}QYof(m2b
z+UQjs?l)|54Ppd@#wa2du6ki|;Eh+-W+12*=KvX1X)TA}?LBPIb@45OdJkYR>8du<
zhsvZWpbH&?y1AS4E~56Vu5E((q8LRTF@iHM=9%S*>b}6(>V5WVFkfiLvL>sL8MGlW
z<{>I!yk=sdG6AM{8lJX0yw4xd;!8}^sbZT<BXp@_@M7;q$kIkOSp?f16H{=jtXs!w
zW6=X2zB;9fQy%z;Y82HcN58rs63(r+7rS|YE03Kc6Db<SmDQrMpT5UzMjE<9l8szJ
zU;cRdrP$=fM}5`9`6_#ivvSUCnc^D=b>s)j7Sh8k30@a$amYQA_*l4-nZP=D7%o{X
zlywMmy^@+Qsp(q4(dESN=<es3_@4Fs{urjp4tmfVW@2f;A|zK#$Q_0hCAc{npBt?r
zY`SBge)q{O1>Y~tNb#cy?R6;wo2g`7)z`bRmgMqB5!+3dSGB8o1{HO09k&(nRbQ3P
zXKS&p^hzjul*=wRiFz6%ZPA6tGe)C|gw@BzAz<ItqBBcH>qbRnLtAB=+SUZ=a;jow
z60*C_{&Zb;T2ZTD{nq%hmqI}E@prHp=iNwG8TE#ni2%feyxqdf_hY52Jd0ywZCE-A
z;LVx{60@JcQ+G$M)wYjnj!c5(XL}5TG&V`|51Y<sMcIZ#(@N>)%RlPMfRr?hHu1Eu
z309)$0H(?JshX9^M#I~8q3f|(r9laZbZRnSfQY!%<Qf`#g&k0{CiGcGlwrW08u_8j
zZ~_b2xK|h@-Ds;ZO-z_Gcnf^*J++W`M|xmU9_g@#0v0j@@FrS>OWsIdBps5Ji|AHp
zvJS$fCiN>o_bF|e481vnOLH(}XFZc1!>aY|jtMgRh2r7c4~RCHs9)7)$5yCbcoeAb
zb*3`AuT&wJ_OYBb5c={?g^V$1=ei3z`UohLMW+Mkg^J10oedBSh`6fM8S-6x)WEHn
zONh!&a`!yVLZ6|5E7rb6?82vE=PFuAOc)_&poB{9YzcLmsMu}+Vy>bH!#kY$Q|E%z
zb;qQo$}0jU)wZLR9Ns%omUZ^&w?1WA{Aj@d-%LNY*0Ys2J3`cOQmg7!)i6apE$}ZN
zuC_Kvc$(2Q4NeXP2fP8sUfJWD&PQP^E7{#uq}4H%*R-J><Y){N#FDKgvhnKCIwOT0
zQK7>NyXXk$7}wHG4{9?tUtPLvbP2>b_hwis6qq|4kU4z{)xgt6*0HQ1N+pSe@z5|~
zsD*p$fYj_yj8xm0MHs9lrK^_~r6bpoV;Sg5H54rDfgI~&!pvil=(>BP*`uH#ivvt>
z`E_}_`fga}Ibhex9{<H!F}8V<+^9>^N~EG(Ho>uNb9N;ZM3;@<-P8X#yIWcIko}cm
zLM1%|B^k)bx<pr8xfo79sn%+<@VLB+I%?T<W*1AN?07l;h-Ldzq`ZEk9YMImXS=k!
z&E+$s?fiOQK?H-@Z&(O)x3U|^ve_8fZ0M=!tj065alMqxRPZdEG^kol8}e!cs;7j@
z^=-}*lEPD8Fm46DQ=7&_yiiH!#e%E$KvYNk7^T0!s0M^c`b#$G%tSaVm$Hg7QxFVx
z4()pwT@95J{GX_0f7E1$yoYA)I*Aj(vvG!zV5;SGnF!49@0-fxiM%2sk)bO4Lp5%@
z&{8x;5@bdUU<Lv$yPYh`2rsb3EizM@yx{9qi!sp_kDSY|(_5W?a-U0ZFRvwMIQ&t+
zZ@4<bMGR>FC}|jRKP56kFBsiaD&%<?g*qB&PGtbZ{d}`&bF+p3)IVRnW;lieH}{{v
z8^HR-pDS(T5k2Kw{~0B^-ONxGqqe=$e9t*DTo>6z#o7q5eqkHdS6|w4?h!8WI_gpC
zj#+4{!?@JQwr{gDApH`{B?)TMx41os33j*%X{2f>BfRg~+zc)$7TvWPy!}=tG@)5x
z{+51&xRlpQ<CB%1lU+vLP!M0TV37+Bl0~q{jKp^<=9P8qP_m(T6+5+XwyY_FKl&C)
znGxj-v{1k?MX%VPchZMmTLT*q3-k?AfHDDGpoeNdf%3Ly)XpM`x!pvaDnpxS3N+Q-
zt?1`w^*$;wC+Jb-D=G9LMT{CUanLM8kl-4B?C=*40k!eF24=O&ohixjWrMB0=ldbm
zA9|6J1=ge*8_dF?^6uOb5wSL<n*L~f)2)MeA9t%fPe-^D>*}08V<}>(k3Nc4m_hf(
zTER7mieSS)I|59a@mhD^`LlT&&!&c!ELY6mHQvuRi7r!iPqo=KS11NtKJ14ChO5#o
zMrOqhK!ES^K${~$HA7*IN{QZV)?q(Q`%&Ob4q8z~Q2>~-w7`mpnB~*q*irh+i!ZsN
z%HB;2IozFUa`y8!NIRv4G`=~X;l(9U_AilJI!=X>yBu0bmkcHP;ll21fggdA;7Vxa
zo21$*Bt0Whyx9qF<-1v3g>rUg`WC8iSfq+3VZ5aGc#?smc*>f(MB>87^KZM#RX*zu
zeVmqj?nM?+>-t9{N!97t!R0uuNT8&+nX?HGY#sGf@nI7pl1M@R#jKlF+^B}IWH%VK
z!QOpowZ^MlRLdsn5-q0j_ML~ByNF0ed3d@;>}WjWRsmZEJ+F-hdQaabI36H*zO!c4
zE`Q-#ATBQAV^m7y`m(!<EcThLRmk%dB>-I`iVX`E=zQMu+Oo~y-7EQx#`l{(bBVev
zu8D849tUa5Hq@1PFTi&5qqxZIpwije56L$26Qq&W0pOq*`amlMN3Ie_Wc$UlId(Bl
z3z0%5yH0`1{2tjsMMi_64u_|gSP=RcclCH&GYyz8HX$8V^g+gws6JnwRKrdQCs^I<
zQRb|X*tw?OkXvCtwalr`_ER)7`XueNK$d>x^8#}s$izk-YO&20aalp>Qn2E=JF%*$
zAICr(+mT@T_2Wnm3-#(t>L@d|6d52s@_?C0U?mX!fuUgW+J%2(T70ElRykjG{WmNP
zu7|S5a*ERybH@m2l1`XsV6UsHG)M(1n!dbF<}7}gQ?9g7$$PiOSs+MP{9e$UT?XIm
zlVpFb;ZqeNUsH#2cMM-A>`R%kK!m{H-7&8BhSQ8Q14iL7MXzi73>}Y$m4sfY$nhW+
zG?V57cPtLJJTqoR=?SD=SXfc=;YPF@E}qdYE*|BMeWj+2=$Y3HW74_vcw0J?BH??Z
z>n@upuI*xX=@XZAG!_UjMdfPEHCgMLJ4!G2w0@W6WX6@cBQMdrJzRy@ggL6TU=q&~
zhXhgkMBWk<lE%ffNZ^EuhugVS{J^p(DweK(kvSlUw#3t?@J?_%gF7))O+RtMC~~FM
zfHzxvBaKMt(lmn9r*ZV6{}5{@v&z@GsQ>w%s*3E=M^hc7X>F{_8(f>INE)@Ijb?=Q
zDLC&N7c&?X?zA-VPQTu7|JLjja)8fplhg$aJ<x@pRAEmiMpP~A6%;rR>vZp?Be`9e
zNpNBq4CYK&53Ci-CAGaIv_vXMGpAmV5;vD5M2m=AOI(;9+lCqpQ(E~Ye-v^aay!98
zi!AG`@+u2UA@76<q$|rcPP>X6Z9QT>8}8WUu&7MZWGf<4l?L3%aM4u13dJpK(KMje
zJ#Lv5z_~kgZkKe#DK&zuQYttJxlav9x0EsqWFHB_crC=4B(?XCScqtWmG)r=ny`yU
zjowieB&ef{2t)m>+q#+a8Vjb|(AsD^FUs;&#yR>FJ1f5;G+jI_A|5yrf9PIYPBC@Z
z;al6}DmlH%g$YY*+Pg;`%8zRuhw}pgUe?9@U9M6j03?L*@JOQ0kCLPJ+tlpa<a>v=
z*uT#nn0}{ywjf6z7G_`TZ7+CzNGzl?0b)S23nG^2-y>c3NZW>CM<PaPT{smx_t|s@
z4ZX86jg~_$Baky)T(&2>bk@X-(cv3;ZoD=I+~5LDFcOy(KDgoBhC7rmLhCq(H0%<T
z!{8j(aj0d~@cmFz={*E)=G`qS({^J`FD5=$3TO$$3dGdO*nMlo*Vr>2Bht9V&o@Py
zX2?{PA<c0QPl{)ih9g$QB0tRoH#m;|ggf>|2y-H)sK+rjYRNjMd%-I>=^hJB)FgGC
zxtZMu?_EYwHZKxrumx$zc`qICsJY3{++W5HKmHMhk8#6|h9w0%;~9lP#=TWTMu4qF
zKRBcZ3WPIcSv>#H@*I?J$=2{fe`ZzXey{!OVqIsOSoDE)sqy9~oIz^FA~_^k;aphD
z0nHoEucgNHfI(jR)xm;Z^9iqWBy~rH&~&=nfc^-imjl?LYZI|>k(EzSG0hLB{<T$E
z2>tc_2N{R>`TX5x0@Uua-)d5<vXemmHdf*OcKH#^AGjQ_G#PMI`?psL`@L!LvXkaI
zg~IA;ktz-t&M$&BusJNUNAr`0B+VB)8CA@LztRF5;Fk5<D%NgZENaoN_~QJREw_{I
zq)Ww=(`XQ%Y<Kx=&n?FlchM#dF&Y>+CTeTxw(Nd;t93jeIio`4nXyub5ycGGQ@~0z
zLnQZ_N>T-)%LLTma9HaiD|Q{fdN`5q>FV~CkFp76$+D(?)Z$@81x`d0gTBIx7yWQ9
zfaReFd^yH5FO*GYO@!w5a>{HN*<zDIGo8K-llIbSQ$d77^Py+}L(>%j$mw6~IHJ&T
zt`N~XU9Zl)Ki5`pf!rZxN6#L!RA4r{M-LVRp97MwMRA_0Q=K*~9NzJFrIxU*m@7VH
zLKM=6Dh0eO0`&;)r1@ZoWRLYPr^SA#IiexQcuS#9Z8<~d&wp2>OdZRsLC1r4ZS2M4
zgwm29&{*XuPo+m^F#&-R@8Lt<i3f)~@1+?Y@oj%aIQhi-Hx@^AVs0&GmTZ)s(EH$z
zOMto}*6#}N=FdKCcyTTJKA&e^BqX!LuSd|sUX5QAa|gmISuO-V8-}vbIWZHG00A{q
za}w3NvQd>cUmnd}Cg-?t%0Ms8vuCZ-8#RhqV|4ZD2YAVWEeMz#%QE@tqS@^gn*fF-
zhWZ~e*xwDDJ!W@Qif2V?kBkj6n3H;mR@AIwttCm((uE?D;lLBDp$GRwWiOt@M#pBw
zzjYRKq~^lS6yI3zW|UfIe2R<9Lgri6eG}OdaUcP%S-(reo1a^|OFUaUZ`G)k?^pKx
zQ+sSI$EK#|2}bk?nWl0cKQ<x)M@55(+xPi**MFROx<7<}pU@)8Ui?vtEei!*Bo*J|
z2}ET`Xbfcve2y+s?biw@YSZi#31yXl8vS{&z%t$u7mx0nC*QGlVXNg4*unj}(&<Vv
z%ye{a+=0oGKFdJHpvIj;to#>d2@N6(muTFR#u=HsYz78o<*~RLJc(=tB_JVENqD|!
zAU44}apgJH2XhhU+YLwOrVX`D%{~U>9GQfPil%ff8L^Qu7=k3E-jFqO(3LMnI0eXc
z4woj6PwM*e5M=1EYZ`THToF3KkBaYgYqMDdy|~FgnaW-$vR`$67|Nl)v}M=?Cap#H
zXA8!R=RT|v1gDD>h($N!-?T^^fh-4omsR>Y68-Tebu&*P0}4}jnOjxr&2-SU$*{r0
zfvEE_?SZZ}hp*p}v6e3R<Jed#Wp=(ze`pP0#K@Gvi64JLhl7iPVz4AO&}bqEM*<(Z
zr(Cp!mwY~m+pTov|4MSA=(RS$#2oaVPq}Yamq?IrY=edwAS9Y%dZg!B{h9p6A+0P$
z@!Pio+_=?&@g~n`X#gj5H0OS#Hhz@(N-qt-a8Yy1l=r350w=><Ni0LdzRuq55>;Z1
zY<e7_`O^p_Lk-n7e1|yAecAnZjq@9re2Ow7-5cTb!DO^vS{h!SlO=nHRS%&PSdfpD
zqLD`fMKKeBmg8NUJ_P#nB-9HSZo8fAF4}HdOmLhFEuMCGW}+Rw>+XdU@6gZbbZcW1
zwWmuK*7y?0KSY_E^7}mJ%O;ntw>UZI@W>UE^56B<lDHEjI*{WbH$Qv|{PxZ4wwR3%
z{gP<?xXNtQ3bMm~S=iepcBBvM_H))&*&a1UUKWMXps0LQNJ|sHTgJJ0f&{Q+Bdao>
z5iN>djPfqiVR<wdzbEcUA@pu$B1&p;M<X&@MG|xj;l}Jc-41FD#@NEuOZ9NN6K3+#
zia0@a1aDpr$--N$E9r}CAq56?`<|SvIf2(=DrEMW(jGd#Iy}Ccq?Z&Ny}edUF)nCO
zXiDGORzb8O?L@;cEaP-8=YWChz|8fO<}+}^>)d@m=JApunZ}cr(|3%dtfA$3ZypqA
zLeB6%pbYuVuU!$=nyQ8~MJ^%8eFtZa)S2{9auQVm93q}!ESQf=fJy&z)<B_e$=wg=
z)^B%MbMV*8$t@M5^CMCPJX1ul!cMQ$ZgjCVd4@SJb0m3`(4bU400=UiN{#dv9BsqY
z49IVo-wYxBh;FpB2y<t}WfnSND-Z=KSz=%3gJ|Qq@!2UbN53j0dJznYY-8?DgvF2a
zLt~;?#G<*;(v1aSlwOH|Fjj^j*WkUl2=knsBzhBfS9A9e5A<<8_DHxDL=-Mdf};nn
z#9TMUWQ}qjnkJ4Q=p{$r;jPCiTXM9Gv*a|KV;irhknbZO7^AS+FWOyaww7&^r|%~y
zWtPbcf~)o;shdDl>Cw3%S)y|<Z60=sSr+m<)~m)YZ9-^(c-cU3Ul?E!k-Urz3h5gH
zzFN|8UIxj`?nFH3GRbFGHDRBY@{43NK$hoy!?jk?;OUy95q?y25%NYUCNAMHb4@br
z*^KItS3+H#Q?sIU(Ch;YQm{J@98YuE9JLPv5A7!q6YA<$)NYDXVH64-Gc=+;AhsWd
zS}HX|tu@B@0fGH^Yy_2xnk0s>d_X8~<tw|RDVS<5YV)-H5@NUQHcK4;%Lrli_y-`k
z7MUMf_BD;DYuEGT^}Ecx)SZ*LC**JOIo<Y)xexUqL#n58>_duZ1?8{^N^4R&x|Z~?
z6-i=kHv;D65m1?kmt%H(rS9kXk;sT#lN;gCassM`#cs{LA{m_7#a`6(R16LVYB&FO
zur%I#f0aRfGm_^?tJK0Gtdve(>l9WGA0-@?6hX4W`)a<Shyn@6RE_NEW%r6bkIU#<
zSQM!}IprlN)=*UBGIBrK<_XkWOYr{i`YL>Nsx57lmnBuzF&l!9_5m}om@kTs<Bn0B
zEYtP9DB;V<6V?k753c1Sa`Yo!oX*pj<EYY^kLayLseHIdHCYl6<ERUCxEJ%-4fB{Z
ze0HtRDLfSAdFu@^<BaC_bgE)Vb?L(`C8mAyQPY#M$LJb5D}mZLA<kp{KFj9aTrH!@
zIj++-riOPiI~8Tt-y}1)HDQLGnq^2AnSN=@BWVj~1?MiOchkZGZI@CiGiA!|rA5zH
z>6R>+@+)_6y}#{Vv8|=-cJDqJNxG6rKiD0=nFtT<LriSVJN8Cc_-#t#Gfxg9>7Z<h
zcu%>BX%G=WQkoy6L>Yk<aotfi>Ua~<Gcc$+v2TqlA!1if!?Rq$z!(2mXB<OAQ#cu|
z6oWgET#2D30$9JZV)NK#+9XeDLHwlgt-4f0Z8GEIK3nUacM)c+Jq%vn8cL{zC9W&%
zKmz|Gk=epb@9!O^`3@7jH785JZo6N`PGyP#1OkIemm?x0pxRh;_{|`~#z5nfc;z*_
zD&0(}`57EC#~ebA1VvIMyZ5z{!(Zb`o~ZLikat{cp`lTJoVY01J+m&Wx~+6>YH$5S
zL-e8b)*IE+ZR!hRI%W(!8t?`NZ4yxPPnp3EAiKhU^AixT_zCE$lTSaYSta~pbMIW|
zBv9tl$Hl0)@68mK<$iJA4W%QiT#wbsOf@3a`Qy`*Lv%K4wUg{=eDL9YKY>6!g)pIj
zI`VD_G~t>*-gE1IFbOX<z6hPQqZX}x!{LqTZFIZP#LCig&SrI)aV|05k;Y4Q^Z6Dm
zVeF<9piQUF$0qfST^NnQ`)KcPd3C~QG%%c-qHFHvvK|a=r`J<p+6=t4j(H!+r~-ci
z6l)*G`aHF5^QbykRnx){!v1cvX<o+L%Ktf%Sq(2cT`ALc{biF5x|pQky%p|tD*t!Q
zTJeR$gEbyiZAOZU=Xcaqyand`#GYz|DPXl_bqS(<Bc$$+dMr(QM0-ZU#%uTr9x*4B
z!ycc4NJ(|)CpB9hsg8;2h9~O`e5Om!*Y=#zSi#FDM|m#-qZ&+IFY_0v>dIW24FjZV
z-A7%}P{r8?BxE15U^;O87AJ8juD;iXb-c4Sp~VZ<M*_B;lQcLXk-}Kw_sgc8f^9Ul
zkLhq;)Z&^i=0ioD0EQ2N2;F^+1_|Xl+&6Ou5zLcpCuCb&g(E$8xFd<B(qYkc*q|)(
z64)s;TOJW{Ad0<hsdEs2@BNyWy!yd0Bst9|M_AN|Avy5)d9o{g``cb7O(<6a$$e<)
zOEMT`fyFtX1f_=0HpIq?R;U|GkDs^S?S-|ZN^MbIOf41F97H|0D#t)DX-G;wXOqU<
za1lKa^)EPotIEv&#akc|Q6$~snUrj|gC^Awt<B!7fH$CnyFa@{<*nf7d-%Gqh5~gE
z+mCpZrEG?EQq}-XddGIBPO1RbH<qKYBTG`JoEa#M#7SW|C|^mYpO}MiC)ZGynOSdp
z6{;}r9ja{%Xjd&&#t)aQd#&)h<9P@Ww!VjuWudnD<8EdVXKo?~@_Y6ii0jnZFVyl9
zlPxi?m(!#X<lAVCiX=j7QMM3}iU3;dm387vx2i{uF;$H?Rz(F?xR!#5bn<+2*8Xr<
zayKUZC?Xxn8i=P&IzR*h;emgAVb3^pnu#J4RAcqHNRrZXx?^J-t(j<J&V3|1!yT)O
z<w69oK2{&6lM=~e9{4UVzTmKXew6U)@#dpsr_nBUifvJJ_fd1*6RqO@&R7+6F;p-?
z7(3|obSy2`vx3ELp-tsRR^00LJ!<R0rd?-qVaiZgW|x_~Uj~sFy3_*%Z5I^dW3x&g
zQOO|bn#uXg#czYacvj=k^@5lG7aG@dCJ%!_&`{e{$qb)R)6$3XuY0FQ@0UE!qZ`v@
z@x&a-cl1d0$n?pwt1Yud_Ha@}0=44v0S)|q`(}SqOT{}&X(~+%duM*C4&nY-X6cR{
zbmdClXME3a7F=+lUZWOXxMjFr*dCx4uQ%Uk<hCzd7K&0X_12#D?uIp{@XMqyURs>b
zA@0p;V3l<#5F3YaM}Pv?&Cnv8%+WFyzmJ%_;h0o7FUr5?k?yhGvURCh53LK+G2u}k
zLaupXaKot8Rhh6#1HR+mYhbW-UoE8bVq?P4jh`J=&LU@y$IkJF$IA+S3X<s`6y-NQ
zzIPfJf7pWQrKVqc$2Ui={C<nHpmzvMi3#7Vw{(gIX{reG3a;h<!QNX&#kp+j!reFo
zcY-(CKnU(mH|~uG2<{M^1VYjfq;YEq8VF7!A-F_vhXi+bO&~xB1af<=bN9*GXYYN-
z{=Pfzk9)@b`;L;gs%Fiav*xVl!HrH8h)V2dJ$;&i`(uVq*fn>8NV<Nq{^D7`CGo`F
z?h2>m!CD@{Q&nLznh3*+W^LHFMEjUv5LCBkJhWR9m)Gc8N7uh(|F){*lZdS41B&lo
zvb+T{ufr+0QjNH-WB_j#89L=&vYQ_@QwID3D4oE4bYff$NU!>y7QaC&5lWM+WNy6*
zb+%uCWn4#C3HC1YM^em;qi*T9w~8c;KcyCE+v(y1x_Ms&cr~XLM3*!tC$anEak1*I
z=*^-%Br>9lMS$}2R=V1)XFr}+?B$wGjc)!3NamaLj6sRpw>3ba(;$3OM7}cWbsVZ3
z35XzD?11}HR~f_>rKa6HoT^f+&YeotuP8|m3V*B&6?PxVUgrcEy)=D7Vz@XZRXFsS
z8>o;^r~F)Qx$eHvyN)HEN%NwTn%PZW3Nc5vO}|-QD>GpfUTow?>b9ByFoH)xFdf{L
zK?_*2D0N-}X_W167M*1X+3_qB4Ly7@E@z;k=*<F}J-H#iFd~`K($LrR#zZQ&2Y#|!
z@}GE|E0I1G{e42uKSSB;>9%7N2Sck}3jv04H7Q#JK<hPuKFAT176O1MC;(6aa^#Uw
zLQny0wVcJ>v{UHnv~Ese8uo#KI|DtRUB(`%I7U(rH|;9G*Pu;x_8`kHICD}hUcFqr
zS-PBMz}zxR{(VGzp?@y-ivSrND55on?=2PuHe9ucQ!N0<=(F|a%1FtI@eaecRgpv2
z3BI^as<Tk+Fr_5!J>^EIQb9DdQ@X4S`Fiqxf>oh?;kI4YFhoxAfTo{p$mHH6Hn|xa
zl2AFRW7RgJ00V;w1A`Vv+TZj`o8oTj3?Jc`37MFYp=U{_U);S+MAC|%g6g9iVf^Gq
z9bD)0U`Tqblr!G-w;;frqN9}#A1UYKDFcB!aQ|j)3863+cnKiG^Z859RwAt;qM#vH
zx^_NGS(AS4YRCO3KWU}tMF3K>e^G<}SV4eRY~#aPS_c2Pl&oDHmqFZHwY1Yy+-RtY
z7x_K9%FA$yOw=Q4g{sjSN~|CUJ?&LFS}bi=Azargli7%`WfS2t^0)7n9dg6Z!T1{3
zQYj^kd+sgsGZ#8l)QR{Pj;t>(J0ebVnsHeqFnu0JtBx($EYe<tPPp(EjlQbAG%Y&A
z(2z)a^i{|nF9wPYA-;3RDtWLp(3G5<R?&tf%%ablc2{oV3Tl&_7Mp0bob^>5RaE|J
z%*m{n3BTcs3NAtQa5$tBj@$wd<47>%D0KS3Ln}7GQco%ks|+aa=Evt79CtrfB~Ozy
zEja*%G-q<W5>poqMB})!#z{XuYD%!I!STIq>07kFR@`Ibk(p$$h)D{l5&9;`Ga$Z)
zrxN<2AUhmOOFFWX$759*{$=emo&MxKlh=E80h&t=i((?lQ@koiY&jo&YS?vLbIQcD
zp;*zW<C2#r=t~vSMFC>@Mg<qoC@qV6ofWBZ(_=p!Ax_p8NVWT%%b7oC&*thmw*{|I
zFGDGSd+;Q2BDl{Rl+ZV?YEjNK&q)mw1;1<khPsgz3(qXy=tBJ_iYyl6y5#L7cM>tt
z%h?_7W9_C-XZ#>5{toiNAhIix!lLYwqrxI$Ty;M~ZrT{qj#Ump2o{!{9z*H;`H<!w
zwZUX%Ba~h(l%9K|lwmL6P;E_7yCt_-T^RJ4QW8=`HL4&0Kl%U+Vh!&GhllBt0?88x
znfDpCVmxXILM!9yzvw<{aO(me6b(g7026-!z7V+#C0wjc)HSpIe2``%q`(V;;Zw0{
zl(!SWJieT_X|dfe-^*SQD3vSNt)py9eIcejK5$OvUYM`-prkeW3If^3hy((`s$MG>
zpUlqoRgN29^=U~53d{}6@!Nx}xCgkPx@C?#L530K#u%3|N@Wak+D%{Eg|r!_jyRHM
zs(elzi>6*>(8PswRHE)MJP?gjOEAJn>I6X&FklEAGz5z@Nu>Qnh~9Xv_2(PEDbA}@
z17wqF{e?H4`L$&F(EErt>{H5|%K6IC6J~Y@{tv4dFgo`5pLkAw8-V_LOoOBkjVX_I
znlv8`zEv*|mC}$E76ijrWjC?ERsFzMMqJT*$<I96J!tL)jG9gnai&Z$O@8a|8WK+s
z4w5xPcBF&Dt=e0YUa`LbML$#KF<@t5Tg6dp+ktHWegS0sboJFs$ESRm&HdVRW3E-o
zS=a)V%SaSrhaQXF%+J_x-Pb+1eV6y(Hhti6vq}AsDQBL(KSsG-X49N?dPaVK4R-Og
z;Xs|cs{TRJ>T8&K3;Dwdb;B5TJ%v3_8)8&1aBwW(>NeX=yn}%8w!%we=yA}tV`UrQ
z^e08yRjJ=44eNKD0ouZ!LM)8JK(!h;Y2nMghOo27d>Z3I7vZmwGk)&Fbh_`n`sv=A
z?%j!*OWA7{4vRJu)XT0+Q5<-v`kd%`hZYy_r2)urOw_M2A=g1|_vTJbsa%J|6u!6x
z(tQAf`^A)0HrKR16bmK=6--#{+xB86`d&v}%<BJw&-B1EeQC;uvR`BLRigF~#@BVv
z^R^wCCMFKx`m0XZ)3(FAjP&|*D-QR_&{<=VYDUG0goQh~i=;to@@qkWtUg$@IRAP%
z#Y%?v*4xIWzdi~@?i-_@4$mHm!i=`p*m*qlJa<!+CN)}&wG7n_wU!(d)NFCCnM1om
z!t>?myxVE}vl^-~_J}E_Uf!I*Tl|Kp_88?8+}BhNXrkMRc2Ox2D;`k^s~`*vp;=72
z9NmL(1`ZQFkNEuyd_%vv{o$<zVP1pkeD)DsS5%^zU%xFC4K~@PZ4M*~1F4$G`_p%`
zXk&hW1(wF;oa_T^M_=+$qOk*4`fS=|(a+F`S&{KI#jcHuPTRIarAF`lTsZh*$Rha)
zMN^@0(3cN%b`)(GeG1fCWt6K3lxJDw){v@GyoQpzLDi(gd6TADT8Mf*+%T7|A>NMe
zYTYXH`YUdcGy`U9Vm=0w^eNG*=!*JqRWimxDwV5n9B-=n3sr`BHCZ!C^CFJ5mQW}I
zyPjTK5|(xgoWSFw_xx6IZByM|-5rT?DHGneVC>kGMx%Kwipn`IM=g3(t34*|Zn84B
z9=L^4BB9;ZGVjPsG<eEarT+Mb@uX|5;Hgs9@J5FuYJftJ*g%a(IU{O6V^LNl$*>O~
z5cVo5oM=xtL?^c_h*1dqwbKyKjv|RNh%f+cqj>!S7_a5V$6@C99UE06U6(5~4o2o1
zn1$IG?{Gh{|I8;Nbb?P%HEvj5U0aaV?S+cw;j*|6oj+v30W0%Ov>Ay#sLgX6A|2@&
zngkns?rw`ULTu4?m6EQO2YzNjaN^0B#YADkz0Qa|;B7lz8-ShT&jIGpPj!%`giv0p
zd!+m3+^~?lKHN+G7?x$+w%odq+ax@EI0Q@KsZYb3Cfm=!+LJ{uj6^QN?u>DK{xSmz
zikn_mjBW+PrQJ>n`;th6gE+(sFS^R#!o8~BSb!-!8>UeWF$B-%0*j1QvgY}E^j%zp
z>;0D)Rf}Lb>q^yrhCC61p+eDGT(go+KEk{y!U~C$JP8DuiZDtsOy);w$~O<b<hi2-
z8-oSdoEQo0ze_gnqyc^(>t=&lHf0tZ0@L~I{S|$Y<X<E`udQLg;<zPI1|#Uqvc*6f
ze*kF*VQn7ovq6t*g@z|N$JtOdMH7$iqznVu{#S}E*`i60t=-$gwW4zy><c3FdbXC0
zwhbs3qpF?nE|uJU&A!i>>_~@uPY>4`_SS2$`T>5AfY0m!r&6nOCgi<6WbaFj&k5nX
zRfcz6`VU=kqTI5bg!~^!tC@1`iZ&V3(Y<>*BT<*JKxt@LfRe+KM3fJ#>k)%6^p@+J
zi}|w*n~|80#h6*1-?RvQio?vihRT*tRyW)zJuu_(i&ds|!MnJ36sI`pmkl+9>=zlF
zlj~LZKm~wMMTyXGY*872VDQcKyLF!LvK3QEUZ1;Z1p@B-db(sw%5swI(8uWx<nYV^
z3kio4C;-;O=1t6$=x6UA*@o#J<!e>fRfmjwtjBZ2SYTwJ2WYomEcv=f2w;)t#sfql
ztQlrX=gSqw<IySqZv16N2QZzADe{auU+sCu@qs#v3ff#)lx%_=i2f20vY0(_$2bpm
zuB*Ry^^%K<Iq>ar=;4DWEZkD*_KruIOodj8tpi0^dsp;fs@mF@#2dL(ahQ=jo&`Cn
z+T4OA5PzPk;HJR`3zT_nX0=A|+WFUJqFB^BX6(T^%P~1A<cO26h>5+yo(Zk`sqO5K
zcAV=Kb5}b2yB8uF1s-wEz1Z$OgGFaStF@XLWCGCx6NZpG9}}P30d`*Xw<052Uz0p!
z^cY_Vdwbsejhd%2QAbIpSS?&U_-66ry>JahrmSb_zW{*<KQTeLFy@SA&wbs7Z>p6h
z3x1-W+?AF6v3pJfBAx_v)K4`h4SV=EY7Xg-B|q2!)}KvMi_dSlxF*CY$V^frHB!=N
z%Xua)&$Gny%;r=Ceaq^Q@GTaVHXxQ%jC<2`!YU?j;1tT8uXcW_^lqpzGV6n4huXc;
zI(NmcAKg#^VfzgoSegMh`-2~%<CyU17)1(10FwZrkBbnA+tstp`w7`|xSQ9{3?oMp
zY1<{f*BvA0DudiKC)-48Sx%4_0m>aJeVvTB7P)lexL<Te*Az_QFb0Kib(XF6u8*Xj
ztg;_o%ew~JN%bQ84;&nDiR$+$Q^Bg5qJ9_m3+CSH_%Fb76rwBIQB+FavyjqREZ?dV
zxVJ}?ey*i!Vz0SXv3D7a|Lpte3_-Vda(qexu7W?J*1DiuqF%_E`z_*iDh30Vh7KpU
z>VSod*4C11otua>qge7xbKh7hkCZm;lt%7Tgp6NSFR7M+aQ)1EJ>2L7Si;7KjYTs?
ze9O?PqCJA2(h{4?ZD!XgVvzDQ6Q1l8R0igjWc<3#56Dwhz$xsFVJ-x5si@GbG-rEN
zqWqy-UVWX>;HW<r5@&l#)aA9}wJ79^b_F}`mfC}YK2{hhKXi@pot%$*?Sk#j=9nSG
z$1-X}TX_djqN5&pEh-+S5oIK25xx9FKW)-6IV%mnc+bR<Sxu|AHC?#(X7O&VYgja=
zT_q2n5f<ctQxB^@|LOr6Mh5{*5u7{{deAr-?@fPWf4W`R5RHS4RIrHMTxroeYJJ+`
zACnQ<o$Z5>uug9e-4eoDaea@_n~z{_iW>L@m`kB+Y?>yL4-PTWrqy`=L~2e^alpL$
zomrtnD1Q^wDO~LV`x{+5ztPvaHBnKBNA$RF=Dn?3-sX#58jt#DF`xr*^>Z1MIha1D
zrfO{^<ptK<c#lJWKB4jWfwStvn1T^p7mFG#!iph(q-~t*pyeEjh26@-g3cw6!}+?i
zQe>zmap@Pci0jSY0WNJo5Ln*5&cB<1>`hlvA+PX81j;ynx1drx(lhc`Y(1tg3oT+(
zLlx_-eGHb!hSL(|K3AJ`eCg8W@HlM_5jgonNJU0RxedX`r6@XK#;WK5fJteRb__*#
zg~S;k@a%)KmLN{0Bn`$6F0{LNKg9KUX@{wNRxMcBA0HuJSQ|kln>o8N;28>AWB|r?
zz*g*1$xUU=6!+bb_3CLOA~PK^E<HDIl~ccrSG7OUAzw}-1)=iLI7CJTw}O-dDKi8{
zoOC!L{P0O}<-uE{$%+(zqp9#3r8H&k0HJc?V@Yls3O<62)fQuc=rmA|9t5%xajomz
z<?J(jPg(@SB}{?viR)<zQv1h3?f{w0W3eyxWQrV=m~<@M$O7q|YSntHWYtcSO8i-N
z_IdL(pEz}!e0vTWOO@;IVFW~^`i8@K6u|Z^?j&>qZzl#VHdj4tK3C)5;Uq^xN~v1C
zU}RFF?ec6lqpEtn5kv<Cy|2$f(8LY{P#U6PpcG)RcFY0yoIv-;!!BneD&BkZeanj(
z(j6|cM5(lLSY|UEj^{<TQ3J>GJ^?Tjj&C*`XxQ-zh)tMH26cYs#Pd;6X-f*YRKwuG
z@OZ%PKMX#UxxK&MEhbOaKQ}sIF8ttGDt-k+wzmun+>`T^DMeaE%Q6PO6zHk3sP7Dm
z;rRt1_Uo3Q_ace{><|UjkCs=%=EvxiUm+1=G+(u%B}R-D24z8~R?krc5^SLq0!eCl
z<S}p@WjhaaB()N+eEvdI2}lTYsp|s1utC4`J5pJe1UnsZ71v+uyTBq^u{sON#1)H)
z{nsop9Kc9ne^N)k8L+|@1)VT0W|F7mqkGHjGm&Scp5F$EZ4xD*gh^B^3Ke9m+{Y|l
z@*IGGjmCCq1W6=t@UAbI{N^}*&ww1uU`BT`)*>yERgmdBb-&&#um!&Y8g^m*sD{&f
zmSma>$ap$4*SLfa^sIL7eYL!wl?aQgYGqTG=wDSaZjJSA;?XWL)Y{hCF(ta_4=a)4
z6hu6ypfQa)Vk?|T7dFZ?EusisS?MXN=%=HOXOyvb(AdK{PFE<C&=*wn7)*&`j+I+D
zl-zl9QSkX%)YW)_?vY=PJ0I|fKkk-XF{U?)Cq(gS3^6IFnslQkEShpvCI$fF1dyV!
zS^cTzDbyWooJu46_XQhl3Lb5xW<>>4Zq+$R`lVAJk7?VHu4fJ^Q-<LRLW&oa-7mB2
z1Cq&0wzpmO6l@2L-qA;{;1<0rN<Hs}$NH+CNzZaWL)q%>1u6I-JTX52i#LSTZpW?!
z*()jRJ(Xg!8Ri>$iE{g-T~|3M)TpGPDMp~&+ILtb7?oHnnPQ7tmRt6sVd>*#4FlOx
z2KpnF(NomaBi*I!p~dRdJ|`xTTiRpcgw~5#MS{_v#uo213dKH|ZpF#{REwHT%d@hA
zX4MkSDI2qIQ&A7(6iJovQXhD6Gi>s2FLZaj5@&o}ADVfj_MxF{tOvwc`SaRIFk##>
zmIj}ooZCJjiJ_|<H<<v#hqy-)9jIv+ad)s>E*+zFl_p{jv{9FK&#_G<VuNx>@{9?8
z70PLUFK`B5pwz-41&0F^N=TC`7Y>@Rij1q(0&5`yl8DE$R1|yCp3m-Z?I9(-#iLjj
z3opXG@Z%ih?wg2Q`E+@gcYdP#If7Mow|$^OoS<^1GC56+z#u7TTM*A9=B41KKIh_#
z1XTn76`eO1Q)M*-X7r;?33PUKndL(e`c{l$O%zVh94JFFg8+a5lBTzwEtw_4r2|4+
zq5DKO4b^mQMdngQo$PD{lqf(!%b3_Ij8=?-(}sjONqLi*Ft431)HNckRQZU_^quRw
zR6Nw1_8+vfnPxD`II}^<1>efdH2M6P3Kjz(R;RwCfnGk_I^Bm&?CApvNc1CKp4gWd
zr;0fbR7Nyld}~8#{V@<0+8&Z>c{V%*@DFrGKq1_Rvu)UbzN+e^7XJB@Kd!bdol7kv
z5i(U=aqmH6BL6~6bej<swonjcpVJ$S<Vm1YDwI*C>6+GKP}ahCm5QxblPN$3@Jdy~
z)w0NblvJ$8RCrq_%heCeJ-eL&(%D6q%RQe+&w)-v5?!e>)p}fo*lYqg?lYmD;gFJT
zt$paKZv@^xRc#E^`2dkrq{5-sJ73qW<^Ynj3Uv0K5!hTuTE6ZU{~?yh{j_i+;P6YC
z&^YBlyl}PKtCvr_15GGxQO>CmX<T7HuA=dgG+n18y}tm|_j``k>3v7XdVx_FmMtz=
zCAo&q^*hO6(}T41s$v_BOm#L&A2N`H`n(dun4SrV8c9t~J16l&{@^xF<m<vP7Cqpl
zrPs;AFTjN)!)$FGy)b=w8u!9I&gGjT_hgNuiVN)t@U*54QFubKJSo}92@AbXRKfy0
zRO<-To8O>AV6{+Ac4nt&YCZ_nQqRvCCVvV^2NUeZ;H%k(N5QtFf*J5QB(<=IU!6Qo
znw0Ck8zIR#ND0N|pJU}BnB7$!F3Rq1XKrL2wxbeNeSS8IVVj|_1H>dzZ?FTK+ukZJ
zg#``Te-<ilFrv0Diw3BMDWs^ubCv-NBaPROqY#_#f(t)b&+W%8iU^0Rl{I-`W9w5;
z;)b>tu;36~For98F@}2)JIu@<7tA%R^aokrHZQABr)jenJ}Ikvr@rp^bn-n0zOhzW
zPA~ak`QTg3KEIK)3c0FX51+z0m;8Mh8BM&FbbgJrNTasEk;2dLG)JCR@UT92vKJPm
z1e}t3vF*#BuISIpBkH9otGPEpksVZ&4)<-M%0|PiL4d59&j$it9v@SEU?67Sj~S|)
zU&k_5rY2&GwzRa(WluXQwMTD3jxq=RgNkjB=Qux^MjNr5xc2ujy`fUeXq42#B4upD
zrNyKJ68T4GHJG|YgSOrkKWgP(6CKpU&Ti4tiVY7ZlrFI&^ZU-kHiE6}0Vj0%`3J;v
z)L$Z~@qZUu#ga=1L6rRhWP9hKN;4n2o*l%Po|)b|cM6a&SjuHQbTi#zC$6=@<d*(!
zIA~XGkkBXO01ofrhEuMv>}N?{fC_ItdY_?QX=@p=aBbz6a%A`~Pg{XmsoxlG9UoJ=
z*V*OSB7onaojtSdtb516W&oTan?@;!4}8b9F>8)vS39LSiwTg-&m<Xb)QxiOIDfzi
zW5lLN#D=MD18_Q7^o1N}l~N{jg5Qhln(ymGTR2g<y%zjhX`s}4G`4Ywy;7144<~co
zE&NE8*j2cPpOAN->9!X*LgR+D<a3fwc=TBu9PQfAvp>X2VTeq1O{q|pbmbC`9GO&u
zjOqY5Fnzdb39T^_`SzaL0UQJ8rTBGx>qg7abSP3u$w?*J4bEdIP9vu~+&#9*BK>+4
z4BG;5paK>I0uYAu0=wtm5P44VOwI2Z7c7|x*p&)Sg)5HuPnglsbbwR|?ga31EK_3P
zDbDt4+R?#)3hg)}%n*BKqa&%pGGWN%1HwCvpHUpvHHM6$IZtb?*F?>^?k*MZaED=2
zYQZ=^hjDr}u0I1=@9|kP6c^7|*iSI^*H6EdatN{-?-85ostr`nT$UX}a0!<Z^)I~R
zo)Wr@9%F@X&j|?7LNptl`DCBn(Olm+aMi7ZR~}82!fHls^JJd3rBMg08IQuWAwAGZ
z!&L@A8?D5ZwBw7v!GY5yU$kM8IOIOS_|iPVaWNZkavbB>k}S4ggne9fPqRVb%jb!>
z>BMIXD8JT`DVC(o?F{7BVgYLl1WWF7ByeCH*@EwA;=9+FF=s9EqaB9M9XFus!X=OL
z;6|n9Qul%lEwtME*$cvfxUzy^!u-qlkmFY>)I7tcxs;96i0b;T!BV_jmw6QfItk8b
z2_rG34DNeCB_69J3L9<$7VX>n(s{JF4A9S5!)_WDBBTD($sCW~N;?=Ef7lzy6fq(X
z_nwO7aWqAQ<$oP0vj4#Kjs;|R8Fe?CQKW@Jx4!uOVAds%{#W1l9Ei?XQRR*uXC;CW
z+d{y()h(<uibcCW46e9Oyh%l1^F_v*;koNX2sF{gs0jMn{%!44Ryb5{L9EiXjAycP
zO3OIlEX*#}-z353hLs{m6&1ryMn*dNL7n}x8loT*rY#hzrWDz(M}nsItEapA6Nyfk
z?a0jXRl{!K?%hG5sAO+ROCd)zNMegZQI@?w4J)BCGRPi`Boidm!@$eH%9pH0yUru3
z`Bpsc9-rStUW@aGD3zPX2PDGjXht_QYQf)l14eWfErf7Tz!de5WL!{1-3{D(H20(C
z(;ntexQuuNo@qZ48J?(84D~gJJWyqaj(gUm-;?7IF20*79BAi{&7s-<m{xu2al1r?
zCi|N#nC(RBzF5XmZiRZ$d|BivN61f<4wZ_5@W72|f2ab?tk7DJ#*~~jJZh7Jl$1E(
za7{CB;yqr$xCeJKzB58)WLX>p_i2PBtix$#2=TwPW69tqMnyVbwo7n5^m8)gYTz<h
zRxspZ=pompJ_(ycm9R}Wnl_#ogz2#ErL`<1cZM;WVm2QFBz^6Qo652&Mif(ZmbfgV
zr^S7uO0m2N5KTsUP<+Ss6l}jHC{(Q(Imn%ys;vkHXkg|>#bIJjTpREQ8@o!x+iuTQ
zzGEkZfpPumREBAMnJUY3ftIMnGH-w-6W30Mj?Dzc&ZpIp)bjbK&qxNIUtEV}aeW8n
z-Q+Xl&=$5mCyBotXOvfdu2ph>5QFYBZMy)|ppOshgZMW?7XB*Q3wSu-3P$&Wa=dYw
zy%Hrx5r(^xWqj7msy0UY<S$<)M%O(<qwHHt{h+@`Rv{9vE_^3DL*i2MaTL$w2J-1m
zMX{BNjDi%n<aH}=x~$_qePp{4fY27$5_uDcd3Ov_D&nN%SCHmXJ}Q-Ni9?#O&?EB2
zA=(I%ke@jaBh9(QB+JIT4v+zeFAB39QJB8(ca_~3@S^UKsp$lAJ0lQOjLHjIOLjSE
zz-b=GV|eDUEne8jGj0WlF%g0>Iu0}8URH?T1N580Zq{nYVEOW|(~-p4Zzc1!sk0G*
zZgOTbx?!G4eC9`p%rtN}B{91M1EJX<_}n;_*JQjIaqt3nSQN)&@hW<z!}&>u_@~_W
zyc7M5n4C}oBmMhYv7BWLgOqCMIK02r-<SrRL@!b*MbbXLW(}UmJjk_}+{4kUDp;pU
zIri-}Eg<lMlu#cq$^lXfff^YlrM+B3eZ_)sFOTIWq3u4;>ILU->GArE^yR9Z1AVGI
zU+pS8g?ex?)&$7w#2;gn5$kZUP_bP-lhJl<b(z|_Z6576pRvSO75-d}sv8lx(r^ff
zOI9oud7v)tW5|{&9KIAbz?Z48W!NiF1`E}k*4j@ZyeAZ>5+|WGT<64e{>gA-%5(A{
z7sHEe)r!-v`B)Fg^b90T<Km8qe0|n%W;9myBbV${j7qcsYE+CNt8+>kEAFNI)QL%9
zcmWx(Qp80nK12MYb;{hBY)X2exz+vW(}{3fC1aa;O{(y6jg<UQbJ{-2VQ!?Bk(2{}
zr_br8G@g|p+*jmoUHUzNBSxJGa6QJU`VgIIljmW$-_%g#f{4WBaZ=6}6RucC3q&D=
zY`9L(O^~pD$k1wU^yMtdk4tpFOS!8p#){RX4uTYD7UHhN5~v!J!Y|vDrP6L!RQ^hV
z8(^<pT@DNgvubd%S+TRorJ_<r`Td~d&?v`E#v-I=h+qbupd+s0gqTcYLTqMF%BNA)
zd7~ZrSVxRXidY0=L)BZ<&)amSWerMv{0Z?%F+&xh6p}BVS;W`Plwfo{jLX9t!26u)
z7~Adyg6AJK>A|0+3?!^)MXW@}ehh^xAK6C=5Q^7R-U0Kzr`EYqPib-);vC-_>Jf=F
zw-FjBBMOd<m@R-3uL+f?76GwFv81{M;E!orBAdp?QbYLi_hd`V3P(h27>oCWB7DjZ
zCLDxEtwDOsoDu*7k>JjP49YUv0<U!rrjA}<N6^~><4l(ul?I84Cv=*0V|iwk*`^VO
z(l6DfUk4|T399cMo>N6IHqF_ByCyIlBAMv$wXGYm%_D@|TFr;Y*7(YyJdQ_e22jLD
zwNLHuMG%gwTY~O(p$Yy7Yu2Vs#?oW~Dm8-E+My1C<G!3^1GCF>oo980N#R1Tk`fsQ
zlQE+M?nezYC#*X9pQOHVTYfFzi@tF^CIT&Ws->_Fo@`SeQED5YwuI;?iD9I;VWlh?
z#8xul0mF~##L|WuUq!n-OO%4i<19m$>E4w35RvCuT5C~@gjYoI)FZ|9O34|85;pY}
z09ujcxOR4cjs4M#`wtJllm`VDx4JgK^kOb7#rf|VQzeSLz|@j7qFi_n*4LilR9Vk7
zc<AHH`h;Dc{i$b;+$EVUAEoj+iht+e&d3y~ep#n>_E68yCW(@^)yT+_&aj8fqMRnC
z=utNi#%;}n_AvT}vrKknv!peuopBAbHgn>>wl`)uKCUeb`y5ZEK&tM=k|vD8$Wn*n
zEMQn0L_fwgHhjlZ(=Pu4?Og;|r2TmidX47qB^11^GrgBKD6>&JFB-rjXGTfOV+W>P
zHsH8+k%hNqViC@r+U9%eeQ_dVi~&*4H#n}XlwBz_aQ22*X&Q4Ljl(pdm1<o*sBQg0
zeu^NDT~tBO(=baAtsywB6ojS+9Buh8@UQ(tGIp7$$$DWfMqHBF>N$=;(!HF$jAHSq
zMKa(3`n-QRS5oM9X9;^@{(O`}ia)P4G>7jRQ_OQ7YK?%rJtVg8HzA7NES}!y<e~6y
ze{%ec<3Q`*V^PUi{P|AH$xY*h8CWHrI<-Js)IRGVO<2m5xvvadgu%ikkHN60*?a<y
z+60cI(&DmApv)t*r_weGQYV!@$xhL!2Sy57J-usCeFDwFi*7vT)FXIJzy#W*0&A{j
z0B|OZ5SevuTWGQoaq{yb4=Y)MG%rgQztBEIia^j2zXC(5WKR~0*H<#fkZ@l#PGtOU
zPPf)}g<J5hnMw*#taE}Vuc!qoiAsYm#kI7*fVDpg9Ao`Mp@)<)Tv#;Yjjnkci?*Wi
zg8^R9hF)GKYl6oz13Ok*nQx^Mz7FODt5*IgHxdxWNd)(;sO!MRBr&%Z^wQrGa^`1{
zrbM?tZE08e7M+pgU?|yl<H&%S-5{<NTP$p7sVtqnbPNqqak=l1#x7ZuhiPxUnN?V4
z+S>yrV@=Zv?I1l%L-YShZ(-<E1;%BRujGkNX1UR|Ewy&uF+RXaPm6Xuc?)yD)4;15
zp=LtvD?rCe9@B}zE<n8WF%C2FtOPVuOtAOr^@7ON=Sp5YdZ@QgZG_*2c6rWF(O%Ju
zbhWSqf<Wgcib^c*vnf4*hEhV$)qZb=D{-}jzeZ4fRVx#}oAv>O4>SyOogW6&*Cv2+
zP$*C<j~|jp1&c~+FE*bF(9zv8^SE8`i61*(Yg<7eUe>!IQ{);KwHLA76lAQu%`q&6
zU&HpN(kq<%n1?b5^t}3*_1)~6-deYz5rLaVG-WU`iCxysiI|cGONNID4jyUIXRLbb
z-gMd`pD)wmitWk0(CF`wud{OU#2{^oMJ_TLO*kH9vb2u-KosW`ss{HwotuTCznN|_
z)zB6%M9#6H-XG|-$xPd@oK5czZ09*+oxAF#811;z1oG{(X8Ubq6|~wL4YbA^3S<h=
z$@XVZ_EO*kZVM38J=gv)zhJSQZ@PbPin0L3|B2P3D(kMgeoQv+R6&-Qu%m;SAfzG#
zixfyjY!DOU16G&yLoNABd476Yp|EIecW5$ySHGGnOus%xUBKe~wq~m|L@UdF|7gIk
z`EXH-g?(1FRuJx!P<ml+>9U^#VW>)QHTLmzeP%ENN^wQaTYxmOab08mQlaEUg~sqq
z4J8`Cm_M$PE?u`8!E;(EFN4D4t!(X#7c}2cv4oD9)kwVuwJ6&G@Q@n$_}ZsvOmYks
z7Ri~+)tu0%T0uVh!ysMrv>_*W%Ig+I#{)7y-P=>16ep5%qyXUqy<M7E6Bh)&`BLL2
zecS0+(2`3=#<p9Dzc$O~9#`LYo~=;97#ITq0GCt?f@>{i^S<P)&cMjT{0-$*NSKdy
zKs@hiw)3~Lcav_j;SZ|0se}ML_PIr4c3!}BLt_A7MY@6(_pSwR*8G84@%gE^R?Iv9
zpli~xtVqAZIt@h;b<^+G%QAOqEAqWll6_$3L;d+MpmukG2aU@8xZT?CSsv+y&mOVd
z-pJgbqV>0F9P9jZqQ?#2P`Eq(Bz#CJ4tsRIgC6?&2u<|#l1TIPdE|NV9ro!X3L9Tr
zcA?Qt2gN{Mu)uJ_Tp;B7?HJg^UI_yQFROJq#v$FRxNxeit&z!mYr4wM_vPX%zDsg?
z$*_v3^^z=NUXbSg-J;~d#TbvbTA+eRuQHrIv4w2`!lpW|Sz9!?_Du1|eH~wePgs<M
zvW|ihrg&$Wf{=Yi5ptp!7`HFCH_7*$ZRYO@!C!Igm-6-X%g^Q)n|=Xa@X|DrIN;up
zv$Q#B;l2K_rq(t|DeyA_10M~mlHexMF8Rf>enofjKqb#r_M@8loL!0sFEif}L2}7U
zo<25jdtS~M9uzxwNe$(?K9B7q<h$Ccpz)c}>Z_M!TDyrkrpc2*(iwC@s%8HD0|JrS
z`|&#1i{yKOwfwe0ASDJAaW^S(RWESZyP;4ipj_mP5$tv+I{GDnhQ{!?W&Sb#$JDqC
z#+<!I&pLe}ml7fZ9I<0Uk1oWHrpzt($FD0L*_X^~a=K^FFF)*DeLIT7OurV~JCjB;
zwcc!J)~1y6686vt*BR0X+%KWQM8R0uQ`_g&t+_EG{S1JF4p?GjjHlANyJUKdaSfQd
zZg&k%iMP}Ejd^Tpsi1TBxUXAVwfR%tlc!xG5GO(^hO$DDtDFF)hF)OkL%#|Qu<WZ!
z0cRH>U8>x0-aw*^sr0l!R*><|F5i|2nZ6M<Hbk{L9}n4y!3kVo346ngsyqYcj1V~d
z6rsx%%W;sj447g!WCumVB^AdZOM-?P2GN7;g6$Frgp)Q}g2WA*s=)P|=T6#u-=>;l
za#Q&4g?STOf@ye6RteEYDtBf}TY&=)@uzM?sFp0GeU<I~Zd&2$=!@N_u4w~v6gnm>
z8$oY}p?<R@DTAeEV{qky#2&A0=_@DJfV0{!PbYX1ip4#r=i^Xi;yeRqbK0_rJOd~I
z0eg+8k$|NzPyt(1lJeOOVk@ms<?Rufbx*DKf|yoWK@0>VS%^{$tN~m_14ILWaEOL^
zERAazDn7`2cC_R~A=$Ox(6+A)8M(gaaiKQoJ10QOWDARmoE0rAZc9o28sw$*xKQJV
zDIH0w0>N8@<MoY@(Du`9{G;Y1tc6Q^v`lBU#-uWq9Qz&ug2OosnBE=fT}?4(b~V{1
zeoImGBe~tNxqUb7{pSVA|Kc*uUM#WSWSzFX+x2_|N3bfzd5S+yz16uy4}7P87@}$m
zN3-k6`}xjo&vzVT?R;~7?lm+mKyW|X4Y%4YZ{+n&m*hfYZ)?>YP6V!_H;Q^M(`657
zCK5-v*6(mPsYkl!#dne`{6oF#7``L~o+sVxlYx-NwtIUCWd*O^xH6}0FDaMf5;0R2
zZg4P-VV98d787JyXgN@++a>i%#@7G?0OUvoqV#er*?IKqwMw^!_h*m=c6-_u?Rt4C
zJwvz;t-RM`PYfnzZu>XC|4Cj7T<9Nyo!>a20sG;<njz`chGm}<w&R#JND#Ip9I7D;
z%IICk*|Y|p2yA@=6#Qtc3EFP?InTT(_%Fu^p6_mUu6}9OU@%c7&Jtgx%5$#dXM^C)
z!L(22jwOQcbF*u;UHV8k&Sa*)zj$5}kWkU5e@^zZ-^5(KnEgUbb|rv4Pb&(8rDc#&
zCy9171Yt`8q73{>1Rn@ya&@boGUuQvuWIm_?leV}GfOhW2;%UH4;=LuFD3jWRwh$A
z2Fd6EKp@QQN597@Xw`9(d-h%ZY?)WzxsaD>|KOoDg?GVMBip+AC(ri5#27w2G6|S(
zFAwF-=_WI<X+|1e%!q#4{(QTZC^k)EF(aR?d>v`^7Owwv!Bp1Q;?{%YnD(28_4$bJ
zk9zrLhXdMws|uao)cMn4mxye`BdG}=y!lC=H%KlO+OU>Edd_HwsXMN|BFJIohAq-V
zGV@>?K5?yTM5}j>qhy`ddx{v4PfYY*8sfyKTva*9!OY+o?vV&3)L)D^K_@`+_XWK=
zXt0Xz-GAU=(NObJ+lXz4Em?)7$MIaY3FEl$87?d0b>K?-H68-Kz4CkQhD~bnoIIq)
zgD{Dp1z1IHZBK>m9XHxm%X$K}C-w4oDJ1Y?nxY4#nG-tY5^g2`&rQw0p3R)DxsUaS
zy3Uq9lke%{r|-b*CSTF_6C-jY!)#KN@Fh%fn~$3LFl^yZ%gYqel$yRZRY|UM`x8_}
zoL1dnzK$+(H6ijBkzpuD7QQ6(r5oBAw`^DTA|c#(k9WwMpXKqUj^8D2r@*0p&DrTh
zNNq63LQ;JQs<y@@16M0>qmA*!Kz_g><wnW~5a<71bGzRn^0LyJ^5JhWk@-&%p$qB-
zLjSj_INf&^ce#A;a>Q0{nWtV!U82MDhEn6*CK-a6w`gH~nRp$|DUJ$_Q@B6FF4K5M
z$TlxjnU)g!gdse(?3|IMfIVO)%CaR+AD}PiASn4Vq$^pA9*$N6bX`dwFT9j?k8W``
z3ePUfzw5d5yniGp7@QQI!k+CvBVETpU*i|EE2Xu|>Eo>%4U?cb=$^$j`=<(^UpG9Y
z{6>4v<fmpbnvSurQ*QFM<gDVBqaV$PXif3Vqmrqm`ng!tcfu$CsXv4$)|g$N!-CNG
z_~e_<+uwdoY>+R1kB-7e`^c}FVy*n%yG*~UhhM7B=S?oBJ@0N|{>t~1?MQe3k;cb$
zi^NN6p!jd0?)zPtRgUbU^jy67;R(O$&pXU`*RZSX@i&(**>17n+W&VCM&8InWAcmS
zSgTuk>l2f3V^<s<?-$LyuxQ(8(`MV4aul?1{wo<BWq5(U+)rW*;94_<-0!LU%SxQb
zVZ{E^$-8gb&i&#4RryER{l9X?B)&BEw%wb<h{AU8F2DGZ>GA_<Ci;i{;eVI(Px}Ke
z#MTy@q@Dn6fZzubE}^ET_#4V9BAhI%z7%lI6|(dUdc3}@3@gG+>bQP!gzU)Z^GFzy
zdWd3KG4Utl*k0<De4|(sYjl#5=(zNxWHZ2r^Cc!7)WBj>Fu~UyV8w!AfOuriTiB3`
zlix6*VIS9)!Tp_>+8UXiQXSyJQ;s~|%OTL;BkdI@6=wqwciObe|F;o7Gwh%W?CqD5
zS|W=`NiMdT1nJ9(q=alL1AIciIG>DS31E~Bc|zAZlQc1~KR2UIr#m2Zno(=K*~7Y_
z>27R?%$)*qhGnyOmN1@{`^U`nH9ka*mkr}z7fTrSzWhFUe8rufb>F2bHQ#Zm8M~{~
zG3fF>I!mxRdyr9C+I5}i^-IrPD$F#<DC(e0Mj;GGynurns9gW`uU6_`wC#Jlf6w6i
z?^Ffc+Pf+O({#V8aGB0dQZ+723-Y@X=%Jb<!AklM<JFea@~0$&u>0_k)wMkOotSYU
zSSseq-mS8jBJ~Mv$4Y>X7L0WeV!`lwau1OAs#_2@Sws2~r`>)j(O+=IHJ2=Aa=W#~
z&5nlv{1@Z(bsHHI&L1Wk850lS4;$?-e#G#DnnzCYa^oQa;gjZq#Tk<Cj0+~S<7vVw
zsI1r($pQ=*ur>`leM1}NiNeLW-RUMD|69iBzqYvkO_LYP!RiCr6-1!=cxvNWGnx_=
z4l=NnIb$4HA?pADCn@)%nm_mz>A3!MtsIT!W5+)KIRBXBefQ%pKwXmO^V^&$U!Eh~
zwYk&dH>YIppZ@|lz9#tvn1H)B|0jd>VB5VQDO`QkA2<iEe*q2`QM!NDI{di1`_4eV
zUtOE^MqL&13$Qn0^7s5egKhVNq}XtxmPfbHRBvs?pe@;tKmX|PaA<eWye#C%qp<;<
z>a5Yl@@nN)=f84^2@GhykiB;V^vSH9;dkpXJuo_6KPJz+Cz8A<ZlzUCA($a%N-n5Y
zXfyj0qNuPC66Ns;O}=xk=`ypvjY5O`2b)|5$d!9Y{j`{Rc&Y1(PA>eDo#($p0c@+#
za-)0Nb}Y9g?=r$Q*W#Zo>o9IUXsiwb^W&Gzt*i4XQoe*Lkg)*Lln{9EtwNzH`fJcZ
z)2+2In&QQjVan_8$;lmz<*z69c5WXoe%u!wMlaAG_sDs=@~5|G9#8#h>$}x|Pu%ji
zOoqSlH90;k7mruBDHqiin{X5@Y{`9*mE*JRH7dcWLd>R*)sJ_H$gmG2V+LTMueIQ=
zw8N!8%h8F)CO`X_w{&j@KW<ClRK*Q`9L&2(dp_)aYlxPzid#Fh4F2<i&;Oy|?C*l|
zAOF^5Mcm;3Ea`jw*ETEup>uS}|Jk|kkKZN#(&%4*^B>!k*1dEdPRZ*Z?5Mg?cZ~c6
z_~uxV;V_>#FK)n#nsE1#^6V76PLK54N_jNtmE|I#txq}VjS>Cfemj<e{4`z5>Yvnk
zgPaY^TxVC26jP3Z$6L8Nii-6*3VpmjuT+dGhzr7WHEjc5%XO^F1hn6O{Cl|n<j?*x
zf&c3v{QoHU+^_HRw1<Q4F92nw(8_gp)BRrn71x&RJ#D6Qpl$PF1C9#5nKUe21?TfX
zCDCW?IxjT#vf&fj-jhW!0MU!?z^~(f3s>9y2Y!k0U5*WlqnAU6MA-3Ucv<!vkA=zw
zoWj;RK2di3K$2>X0f^BEOqg3|;@3}De=kn+?<x3aEB?=i_ID-!{T2VmlFx&AF9U)K
zN`J=b>)*Z}eu&1>aBa~V8<dI6cFDo!G>5kByp0d9rt!>7RU2g3mW0D?$ks8uxzQT|
zfQJTtviSP<8}L827g|4~sd~pycb>BvraZigAN@l;``}z_BPLyCqjW2AyiA8gV9kLg
zo?f70#ZDEqb!9v}%63>nCyO-kGA3NtPUwwrQ0x!W{WrVwZ!X1TM)vP-*`Yobx_(@p
z#i@wf32`Y$2VQo!z8Jg?HgHuQAjowz@Gf*3^G_8sbF4Bn4L78SX6+Fa1Q23NYS$$6
za$iP4{&>QNV>FjKHeOixGopGn>YR@py^YbzUWhXbQyQ-_%<%a0Rq}(_=e(=}rj6Qe
z2jcE+Gp=o3__>qj72Z@Y4cl?`7J!YwSpeqP-;t&L$$$8FU;d6d>`wy3f63DJ2k+v)
zWNEAUgLm;?v$VC#)`euXNt!t<oALz#OHON3?$C8Ly>YFi@mhlsZ%f56vI-8ft%E=y
z$@Qz$Hoj-tQbvdFfuA>qmkVx<r7Et(DsG98BmbW#6HX&vE?wKVIZ<rY+ZRGCS9CnY
zoT`%+OwV{GiP``Re)!7=iNAKdT@i=L^Vbg>`#Ohje~9dvynVZ(oK-DASn<~niGS_I
zwYgpB&0jzKZ*;qJP+Nd%K73y|R9!x4q(Ss_M{*csM{AcvMn?7nqADsg*v9pI$xh`L
z;Pm$WFMy6RdJX>zF({pJ{7teyI!rBq#tJ#DBt}zrI<L&pSbqEl%=-o4Y2U8+doEGo
z|8f?gnF);&Z_lpKw4E=%-@l6Y{l_l;)TaL#mL9Bp{=IbK)6b7B&nMk7QQJm#zX0#$
zUOnHs8M-aBK+E8Np+o#v>|ld!njr}V^4~C`e*s4HpP(C>e{krJMrzHV)V+0${r4Jj
zFc-go&OG|r?u2F?t&v1GQuy575{)r2jPv|w1!h+DzsaQvM9zqE8S$N8F0cpW852w!
z72GG|X@m}Xfx<B<2?4_jxHc!V5b<lf6!|-%Q70IsN5Y9dgC39cd9qvzD9ze@Uk->r
zVWeT0jk8@+ldv2tqbbQGb<K*&>8kk|!JH~LbdfwR0x}&+H~0R8w4aWE#!9`b$OL_W
zl35y3+NRn`LAKPS!U)(cV^|&~DX4C)g?t$0(RgIL7!s+M)_V}#P!lmv8CR4pmX+%A
zeD;AHwHwJgw(h(W(^g_cR@Y@H>>{(T#hx&-b#Kv73sN7J4#DxNHnd}M&1phTq946h
zpqy`ymQ%IDY&~C(g9G#hSL~3g8=~{{YSwle#X0k70iy=ob!GQys81o`@#6g_Hts38
zSaJ{JO+rH`9$&FFG;f{%0t_5JNaUhzId_w7%w4m;G^><HP|3UG1gHPyf0D%R1&^Co
ze$&{TY7P%Lp{|xf2zzZ+_~kOF&8hMmX!SRON`V-3c1gtY=4>gBQ$ax53Xsc9cA+hY
z*3NOorABVYgR~Ee;wPqC_vI^3R?-&|R2e>;E%!8g$L1N=Ex0U`-mM%mIak)KmU0d%
zHV|o?#m8d}qQ)hNwf0-wJ%1c1^lf8us}GHww-7ay{^s}eIC$30lW0^m;!I_@WGV#w
z*l51cc>kuq*7<zMMvn$sSBgi5i^~P|7|a}&=JY0NFOWQmKVmC5?MXL^@9tB&D|y&D
zN<w=g!XV_bx)l(U$-*`{!3gj5L_0S~Iens?_?1>&+eL|yPZefI^<VCobdK2kR4BjJ
z+E{%1wa)Z8DbKSBiSK-0^+jz<%l1)eF7Z_Y>KM)YLz4~#WctE*?qJk;EksY%ixC0(
z6SpDw_$oqYB2w@)(5!xaeo#X+(zQ04+b4G+^($16oboX+er<SxQVxcPo1n`0fh+sf
z!S{PzaTa@4yiSc1@0fqfY2WWZsTCTioOjW$Fh6dTmZVb}XS^dhqw4-Pv|tsI*cGkD
zsRyYhTPVR<)B(^ZtTIJq)s=c*&}vjHDBBlRdV4zB_S-U-Y^7kcrWsOgOaQ=!;6@5y
zcpCx`s>QO=w46QLL@emLKOO8L-8J)<F`ugKixqVQa>43d_qB5RYZLWVCJy+@rH8^l
zV*&|3!#yGt$bbTm0he3)Op`%k=Xg=1wZ<;BXwWOEepZ)M19Yw}cLBsqsnPj$GA1Jj
z0U)1p8FA^5sBg)BRZe`4QE9lSJ2S;<4B0Ki7D=@M2sr@+i8j_@06Y>noLKY23d^(~
zT7b?i7<<15)zzfUQzBFR0@8XW4v38GVq6%Nj#@N8^k|PtXmGn|zxdThdi#Wl{SNcN
zdgwZbaes>rmLA+T6i$Z#9Lh=Kq3uz3Uwz-7W)HXNuZ4xizPyzczrs%Zjy0NY^lrga
zgJ96G>PZWDG;?(zAkg2pp{b!3mVzX&NXIX4`sTpsXTBf&?4R#nLH{Am_{WUW_cFRf
zOg?BaFA@jmJ=^mSE`7T9-SebteAizp`*~q<!|1rVxT|#cdKGa$-&|Yr%@V;4LehN_
z!oV|Y0aEaTbc+eR{`82Xm2PAsaOue>+eNot{t)v|9;J`XZ~uAEI(Y{=x%<Jzw1!2S
z&^bB|cA}y+W@vQ<6xUWlT^v#5U_kbDpOg@d`SzT2h^ThXqG0CXgL}38z1@AB1d=}0
z>sUYmN;FCm1#Pcji~%yAQ!owy0I|>!Uq96q9ho_P5Z2Vv@E?LHllNOP2dgWDrf&4c
z4-&GN$_?Z1HDV~?Sw)0)7R)k=OUYU>4!^rRm-ODGKWbb%-O10*_scmq3B)vA0u984
zdGj_{G430%Kh39vc`Onmq^S~MNj+NR6tpFn0KCUL%hHx-uME!(GtrO${E3#moh5}v
z<5HvZ$ZfABr5yOZDK4#5c2hi0#Xe6fIvJnq@nGt;zfF_&Prhm9Zi2k}QQ4utY@|WI
zFD|)k)g>KWJB<+w11-{=33hv_x}VJkEKsu#!m8#Oay@GaDA8aIhd2Q8i~`{==dn8L
zOcQpTJJhiuWdynJpX7x5mQ-8vKw3*!$Bl$?F@XV#)EFeJ;AhPW*nRgaZvW6AJ^!IW
z@bCZDU3P1ZHMcB=HznT3W_LuZ>hIpZt{ESY4}WckoHZ+m&@t+Ah;CKzCphBleKetE
z0U`iTt|paP<)_MxWlfX_;|An-6pM~_jt04<q}8s1wP?27S<raFr|A3!=6ZMUp(EZ`
z7k?;^tA<w#I$x3hT(zgEF^y$eI`AB`PBoPEwDK>4Iji_x@Q$->bB1V{xIb4711BVK
z21!_nIW|E6Awx#biCoQRWJYFSg`fazB(%Qr&SkNM5Cvua8o3OV)$HD=0tK2P1AnL)
z{iN$l;8Znw@Ko#DXu9Oei}}E)R#p85&O0qqxrHVM_S;ZoP>fifnS=VW1t**q&oLa+
zod<xxf6<QHCo+`)F7m(AxW$clbbB}~s`_&!{^w@sFF<+Yi0G#ihvylO4o6Eg-<dCz
zf32+okK7Xa<mN6dp}AHok@U!k!Zb!o@V8?A0Eej&^(jr+XJP}4rBh)IY0k0T8db?Y
zIe4!DJ(vJtQsC^<05YQ6+0De?3bn4MaK$$0(b*m5WBk1A<EnALxidq{*H2!^X0xTy
zHpIY_(##CR_s$d89b-yZ)u(iQX#uh<C!^5Z+aDt3;tyLqrOXr;J)7Dd&|2DL)2Z`$
zh;okq0@Qr}7ZMoW=Tb%aLgU`VkZ**!7W9WlTd&@i+y?C^IgGW=-2%S_PTa*3syH1G
z=7$C1ppt9lJ&vH>23zCK%LIB%VaWg_+j(I&W)0AjS6-V!RE=^`i~<E*r+X&;Y)>}U
zdt*afuIi7|gYV;CHz~4q>gN9Ven1v^xnasZ4GcLvrufiKrOmrdpg%V0qNLvs?@j4P
zjT@)inMj0(%LF~%No0M=?h5`A46E3^8Q<{%l``LCJ3BGRpx|{&LN_UZR3J3=z0uX>
zx%T0M=(XcmG%m&;`bp!T54*qCO(z4)78I>98<r?C*6LZsos1plyovO5!V);tjavfI
z2IwZiks5MI9!aN+#q}D3g-)ZM`Swdw6D|2f8@bi~tdnN!YO8ozDq`D4_JjCGlVoIP
zAru}CPd~gj2&P{D+orqY^p~~0bPITsRN$-UYK=|Qho&k-YXdpITnKy;L&ktWZgi41
zn&3_P{;5}|XYkPk?#LL`v-&`CpN+K-3y~M%%so@LHXrMFzRWbYO1_Wvc3!ZgKQ;BJ
z|3c!x)aw=@Mm!q;pLDca__z!F5oT%F{!`MOp>eD68t3|HXd0K)ix7YNyogGe^|Dx4
zkP4UO;d~WRZ`(cQI+S4Uf3Ww~adB_io@n8O5VUX!PNBiwDO`fP1$VdL7ThV^9SU~~
z0TNt;J0!R#cm$GH=bXMBy62p^{pNG0-@N%;{wv|PcP-y*uk~GG0Du9)@oRAL2O@@|
z{1-<udsl%+JHvYUUk@wtb3lPJ%T{XNU$!)M=}zJlyVurQj_IsBw(_o?SeTcR2%XHW
zRrFj8GHIlE^E6nM|FSGP57b^#pL<B565rkC#*VEyMWtr40y`!((NY@?O_pdjY?gxs
zPBI7*(lLyTMb<XOkz2r3LlPP-7}Y^zt~XkW+<4SGOiwC@gqE3N`)oXj>nH<HAxfYt
zGN<4-r!b*Cc03?=q96O^Z<g*c!7rjejFp1w?B3+9RNHDE_qTLA$Hug$k|k%eVVAnk
zYhoLO-06iHMndJWl;*dGy8w}=d7S~xhjHITIv7-%%c&Mto+)4ylCUa&W<iwyfQTUm
z><>|eLpaA?edi~*du{hetP=R`w_xQhUCx;Hkrvb3SKCw>NsoMKcQq1(5HE3MmQake
z`|+2b)&z1|pM8GqdG+#1)h~MKe(Tvh5-?Ovd}FlxmK6<DnYrB{B_&QF@Jg|`k0WEd
zV^ZZa+^YZ3JC|X82ltss-n5Lbf+3IiOUp@1RxBJF26_TFJFs$Og)Q)LPQWvJF4!Q4
zj%Wn5?|#Wp*!EDoJ8Hc2e+#v_AH-6AzdRG;WS8_IiQbxjiREs(9X)Fa{FAIjnjBfg
zXzPm3IEZPsn}D1|QFJsRP__&BI>H2N^BM+bE|(#_XrYn~$&gscE;Us^GD=F<b!}yr
z-*(q6fJR-7yFxw`%G0t%$-ICA<o#|IoVN-7W)*${ewl?4f01^@mAm!@AG{p1C4QVC
zXtqqad(y3A^am6E6vY6kUY_j>h@Xsz3T|w5{e+cSVxm;jTMt~CFt>14G?GXkhc&F|
zGLfg0!>ZqXz4s#&0w<qH-t8#-$QTpWe!RXl^SRK5vHB(c)<RO}25Z_yT-XcH0M~48
zfS>kV*+SV@Ov8m!i_pe?EhfCBLtYO1+&Ap`vblx0R48I002(P(w#atOW)hdDPf0&N
zpc(#D(-ZAWAFJ!gy9P_I)zhuXb3O@o`J9-{mod`33f(hj>l+-9qE&~<n*9k^B^EhX
zyv;v%!)nzxY13V{60en_<!Ge&`@1~M?JiVzd?w&8bS=wVLre}zKtTy$WkFPo0JHB(
z)~{0?jTYi^zcCjqw<Y?dz}nC2(B|D-q+Gc);oCJivwO>xIDzjz!1Je*^tk5@w2#HE
z{o#$<9@s?2M&_0PNe#P|G;aAK%iy4l5M*OiQdDNlH5r!q{k3~?awYilEuqe?Gg43P
z<hV-6y);db=0-OGHe(XXNr~yY^lMwU^h|-c+_J2G1fUlv3V=>>LS4UKbnIVsc;&0h
zB)N#1bXnA387j@x?S9%9=@uf}<|qlR{6bgQUqTTH3}^cS1TzgerA|zFd{5i*_RVD)
zu>Z|n@BdPahlWIRuS?2C=m|q!VRw3_9^7#$VQ3n6C2yJIPK-OO0W{Ikg9P;0&loRS
zd>=MH=bbQqoM)lBX_m4M;kugXdC<spV$mc&@@X%kBC9xlIDQ!nhMTHa5`y3YLViy2
z<_bor|2P-oWBxg#RG!%wGU#qGQ$yNDnVay{B(U9WhCW1N%pmDUmx&kl;S#YUIIGCJ
zez^c(VNJ+TX|L`CxUXEX^y#l{RMq?z4~5oloUzu%G4epG!CnFJ9u(0h77$NStRh5q
zMfHNT)!QH}EbMR7pGRsWT7=6M25kknQO=aFQ-F!Oy#<-^A4jc$iq4e%1@Hx^C#s(@
zQ<#i@WZC6syFIOz*>BT>B`aDtbJ&cprI%;BHXJNmn_D1Nw0c7P`0r#qI#+g?AezZ4
z%@dQ+uEnq;IH=pzL6cSHR^{@6SUiYPrwl!pja%_$-(!A%50<UNx!j6ZPH6_if$!Nc
z^id;9NFV|4<0WN|ZnEW{8&oOQj89OPmxwEHSRs_@%rHk*XT}!>q0$~g2C+er1W`e&
zsHj$)3C03WrfXL3)&+hi$L#}sda&~7oRhUMd%79b4f}lD$kr;aPZQ0N>)U&+s>)fp
zx9H#7yj@{kT;~;Kt}uudSlV_cKFf}bL|dQrTdW=YDal=}ITMFVWQEYUI3mP*oeE0J
zj;{V&$2_Kj6MDMen^JB121m4Wx4)Te^*<Lkzh~dFRc7g?9UWpuf+l({%zeF=tdipm
zIu01y%fLh>(Bei}W*2fn0G1clln{B{;e3+7`NwLL4-Txk4Y3q02GL|=Y9KGv3P~*V
zkf;zwSE>R@7?Nb$GxT^tzf!k#kzJU)<<<Uv#1?*N4j&$}1#YXZ$avjj9&2Q82^d1_
zI<e0&X*A`arhwvCvh%d)(X_Y#v}icFp4HE!pOrj=W(Xg7ALx=K8`|)ktd}%-#*?<l
zp;&#G*T(ogUo!Yvaf~#`<=ZrAs^6Q}8o#GPvVH;<eoKb@mCzqYwrcNNS}~nJ|MuzF
zQPm2RAiH~Z%oyT`Y9tL{xRo=XfOTZ?!$z0F!+pzW78e_S*FP$9D3tGMsXB~DUEwj$
zNUzh^0Pu!Xmbg8dXpl64BkKp)4b}NH!IsY>Kb-$v=VShy3E~Sas|qZ$;z*CoHIAX7
z5lUKa#HUp<!v!XcqulO|VDV{GD$>}fNdQ96$aWs;<V+R|yK%jqt^p8rv|p~g1mB2d
z3!XhlJ^KxX6b{2W1x4l;Xb?ye)gB%eJvj3E{}!r}n(oj4c1(Cx_iGQjnn@N_7sSOz
za}7{UTrPCPek_hJVjsj!0=D=a>qPbsK3`Z9Bw+8(Z#r)`H20FdbN>EPtLMl;QZZYq
zqm?fOE<12%c!&B$o?M6PegSkV6U#Cg8b3nO(C>W$5MPsItXph7D7#_l@A55L^azJp
zhVOr&got!?HtTVWTkjVrobiWPmj?(sYb6;!R%&oUl-042@Nf||5%5$ff+K0Mc0c9|
zODs6>%?zxxbSYO)dqpyzM7G4cf0f{oNzfcEvCj%gM%*(}03j)Mh3}!~@%z_0`qr(r
zVGpvp*Wv#r12}=dyz)aagdeNxlv7Q2c*O5SN#MHNHOsi19if!f>g+=GxWhTxQVJ?h
zh=^J=M5$DNLftCcF~2Tk-FTW-@8|1_=Alj@9h0jrpUX9myhABVr*59g7|sunRf8Kh
zgOhb(J|Fu8i`*mrBN=%1Aas0?3{3s<#Cvv3DN1j`FKwt6E6EF3+<cfKqRdnVt%wQn
zI=5T*q^bmo^J*thoxoGK`oCXfVeufrWnP&<Ys*duWSk16hcEXqf7&^xDw5CTBaKDb
zC&mygj(D?2Vc;@$^b?TsE93Om>X#rqbU<1KzT$^*A!PS)1X_Gc*2C`<`5-wk;13RD
z3jnrCEqSXPtq?jq5@pz1l1M-h>iz<Ou{-o-g8@f_0Qenflu%zJ(r09vOz`Pisi4O+
zRS8uO1CSk#6M!1r3O7XZrtYh7%&!3HfjNB0i7w~GQ??>X6AzQ5EExFRtCFpT>q>qc
z=^Ub>E5(kiHWge&5<WR`6;BGdFn(8tAffm!nZr=J237-F55|--cbyw?i9F8T(KQ@A
z2y)Q4Hsa{x((@28il|lu)SwgXuFK!T>Ay3>;V+oMe>Ov`pvCpl-qmfoEGeF=9dANQ
zm)&|82psS-Vd-(f!hnZo74Y@zp^vvwTI2Oxr*|MwGRLQc!AXuIQw~$M6BfZBd=c7F
z%>_>{_&T~{oV8=J=RJPU$%_6G!GAR{6n=?N+Ov;b_`{X<CqU66uj<vsxt+I4bFP+9
zO!jz;-r%v5dmF@_`jIq4S<dn0R?jX^3-7Qszup{^`ig_SWpS}ez|JRKb~&URv_~0d
zq-DY2A$U@G03#rN;3?oM#~6gg?k9j_HNd$qaGu1<@|ItBN!i7_Wb?(y@C}bwY~c$t
z+bSYuhH4ijXf^0YATRLG;|J40zlFqZf3u}FG9%){`4_O`F;ma4pZk!{1F0luRq9;x
z-eqa2y909{7nDM++vzW=Y8kLF3PKd8H9jDLf}+9zqKnCOiyZ<mkV9wBTdCUP-;UhE
z`G5Y*29s0VQatE<z}Ah?iyfAd9eI`=DMw{hZcTwO*{G+Tyeg_1M<9*StQ=*tGqs?M
zGQi!+cd$(jqXa8!f7~<yr&yv)5*p2MqH9rPrfHER)p#!xyj+DDb&pC==2zfr89S!+
z>m!&V!3@gZl7xSrp0qHMZ1#);b2YtAYs-zY36G(<P&Ol{>B5yw;%s7=<`65$l&F3V
z4*?esmv7OsA;l>v7L`^q*r25W6`YJnXAcLWt@bPdZD6hap@`3Uq%U2`!o+ysuzpwM
zhpFS^2ge=gkpheHoWQXxf+k}uT*)2qlLj*e-VS?XoN<W07u#y(x{qJm)ys>eRhOp*
zTHS{lbJHKpP8`ucpnV=@u2%2Y6F$qnO|(5YgvWR#LbrpOvjtGcSOx5K`)XLHb)aTI
zul55xxRFy+i)>o-e**fT=ZCBXQ2^}yvG<H2>LejKVm?;e7+?MM_I}TgZT|Q@L3Z`$
z5zv%F*({uV&`axPIl8y(!GPmh*Njz169#!C&?DHS-T?;r-x8z%05%qSY0b)0h3Pt3
zU8#Xg>1m8UNQ${FE?SRCK@k&N4hNH}YlvxvE0Ts{WhAN(Y!Z&KQ}O`J-iE$5Sm^pa
z25b6r$1@7eEpCph%^0?0u3l@F5@5sTxKNuP;rjvBQAdnVRwhZ(jC9dtW0<9krgDP&
zOxC>;TC4Z646UBFMS+l>VSRLZ90p6F+E{LAl*|BsvdWmjSlD06XllYAHn4<}<dw(k
zU&Hwz=EnUCp=Gaaw7D!(cZ#FCFSK)xTq;cp#JJ85cR9L^&ng!;k1jyH<rO6u%5cAv
zCynWeRyS@gBGx7Jx{*QB6tkFj&QTc9<0SC&Z7>v|k_c627!Ogac0~;y74!~2<M*G>
zd628D|8rK1;d5k3Twf=cu04O^epC<hk`K>uR>}WrZjq%!W&Y`90Pkfo%8#;DT8qc?
z0fDA#KDCUyKHV^La*8G|Cm<-lbvVn-Y({h)F_hVrEB>al@%h^YhI%IwabarQ+8YP0
zQIH#tlz;Cl`vL%L2<r6)mFj2o`v)8pnisvCRTbq^`3Wd(95eE3srhkLLj(D&bODR>
zpBj2=3pTyV>Jq<;<XLU5a>RD{$kpI*B=_(aJxmar4qBBwGuF9b8Ojgu^!P31g!bvr
z6D(B=zS1^$9p`2r_je+TMg(=C39y_v)t8zMulS>;Fx2cM3fQc;sCYr3%+8a`k0>j4
zQucTq*=8jA&C~^yPb_?QQDsiFQ416`K2`EM2jd%JGl0bou|9~vnja|;{+3iEwftM8
z*7N5M+WTOoMs7}<1N*u>nI;ej*7Sa>Ms%Xyucn_bC+>JolX{q6Rsj59L`A~}I77(m
z+AGj@U%~uHR>)Ayh9qDmq=9>=UfO`}A`sOirJlsb@T4;wgoR>)4Tl8>i`oAOmN3Zo
z<<Ec5rQH98bBu<~zs#j;WYKe+v^300Cy?g~eq_4?v4Ut&2YjYV>~hSfLX+&!`1TI7
zNEO%HYUR1{RV_m(0}{P)7fn#l0WBHo{bevU?Es2=Ch|e98ckMV?`TGWQvaLu5|SyB
zHw&3lzcTxn-27>EbJg0F7xRqq;m0De2PHfxh-V==`p9G~-!m>Z+dcU0jX!#y9$b(-
zxJGQ$!?$D{z!>a9q6q!6%rhcnd591^Ylwt~OcloFR|>;HM>)gLVD|Y~rYT5yl+tvD
z<r7k);#uV4xL`dXLj?#X6I7z+wY5MT*m?{S$6}Y+!P>yP`LYg#h4g~HS&P4Wa@+@=
z{Gn@u&1drGmi{c@>du;HjD#-cs7HF3!j4u?#T4>ks)VIa9PkMckoFc~>cyr=3&#5_
z^_Q7e2u7Ky1ZvW*I+t(iWb2(M%=ys<Y`Y-1awE}*e33L}m^g$1V%Q_Fd9hUwRl4!d
zReCg5#zu)YE4F34&ELX$Fn;>oD*T1U*KkBruo~lN;@gjv{EUxCqumucL)77diV)r?
z@h#-C+7NG9Obiq$5-+Z-Xu6w%9wF)n^Q#zO4w<<DCjnyEeDNCzC5DqQ3%~Qgs{F+b
zNIoN7sd@`#(;^-}iaa^DX`9ddm0QNGL%b>6C|av~mK_$lBy4aS1zeC99M+hK=4PFX
zyBjRKtl2$%)cFpU-`4&M*BV1a{D-yTvn$v9?O<_XbN$wGad)ukef2hZ-*B3+#)=SU
zNkW&qHUivume~a>T-#GfG3;0~{{2DXjEnS}U}{N?<9W`y{)U_DKwN6v>EIxLgG*>p
z4Zb_oM(alFbwjL~unhCxip3t5A!4YsX)*ImU`<;et!Ab<;$+oyXx=H9FB*o>fM4=0
zYrrt|4BxqdB!Rr==o5zXwVL@M7}Zrr=Kk?aDtkHl4)fm{b`6I?)*kw;N#gMAt_k9n
zA4bR`*JP7|4$qJkm2#i|x++P#`_e^X^_ZLZscPB_gJQ=YYu$Tp7JcL3E_sKH3*rr3
z)EhMiosA3)ZDn2RTn#Dd1gaQvBRQrS*#Y)tc;k*}q39O~#2tLT!+pK_ENlV^8gosv
zs$$9Wj9*4LQ#9~&`s4ljqxht-K~Wmy1$1h+rD#$y{i`0W97ih|>O%?Qlg^ccx8A~v
zM%`8JzW6zc&#V`0?>JPe`Uk7`xU;thN(M&dJ1K~GO6)tWj6IZ9*fHS6`P<O5wQ%0+
zTIs2N<{5p7cm1m7buzh}ff+JQLQ;Sg{PzSe1Q*2-_l|3yJW`(X$(q6Egzlw6FWQ|0
z+~Ti}6}X?oeA8>a#lLM?bo2aZ2CR0qDc8x+T>Y_kw<`zF>Uq?vISjYRKPrU}?iB<X
z;ndevkKLH4OO6zKLhL<qSrdbj4Xt0Pi4#=FAed5(sN=?bbauU<_ri_9!Z3w(b6p3p
zeZo+#@gDNla-SR5Z+g8{`@X)mj<`nPkg#=-)AtpTtk!rt05~A-MBBs|j?IRG3o2}-
z`#=I0=I>u>EnevX9T1*V7&@OiIaNzWt|T0kDtvDc%}Av}4lsIg7~iXkMfO8+u_5y_
zB+rMQ7mYK5(st$2Ex}1Ve-<v$Z(q$ohj}oU06U2zZi}#9it{$P)j+_}7>{-aL>FK#
zF7_48jNn-FJ=0kUTR9BgfIYqX_3Qz^?P8jmV^jDjx6-jWDwwna+*z<iYmtQH$<RS0
z>9Wp=E9gtq)UA-DQis@~ObwM>w&7`~SG&mSkhc5$qzRx`4puXUcF>k+00|JJg%QD(
z6`8#}ieMnz`IFWorq%uu2Ipt*2~4vyN00gm9OBnq7)taaJ#hGC-KVy<B!NY$YlsDu
ztwxQ7P|>|Rr+pgCd!<$j8=JRW2ksYKZcaB(<3;9dY6D}K?%oAjTIvbk(3kxLh&BB9
zkXhF8gSqbV$$e&~_3ct#_C5U2_Yf;}7QgSJoyH$7&3^)l9eT*}yR0p;v}t+8A?Y)f
zhU^V;^4&e-<E6Aa143!+Q~A|b39mjwR1iv%d(&mobu<*wkl+*8Mv5p|7N78!%usXP
zY)ndorPj*77?1Pc#_{v>%LWs{2K1(MlbLnPi5*-%1NwncA~7Ad`Jo$eon}97^BgfJ
zUE3_Z$EbK$u0lcsvu$4?CaKk(X{J&tq3zO=pfT&hWwjv9sz~)#IA)dIPew*>Qp#wZ
zQX1#x&JH?OeLk}!sM9U5SCHlb5n0t_jPSa4+Caekm9vU_l%g~2Xe#Ge6VHis^%iX1
z=j7w?Fx+}{c3Gd>bXH=Pro9zYa{>(uQN4G>NlCW$PPd;tNg7lnBgE3&(g&&^5mtgs
zfnsQMQ+YPD8~0SH;UaA;Xs@r!rtE_RZy2ep+YqJFQ?%U00YHITB0N>aJ4ITR0XDd>
z0gQ=3J)SdBZmg5z>fPutmPuo=s~W2--GdHJTM6~&ML7*BwZ*HIT!$_k{o5UAY9Liy
zR5(v8vKuVYh*NB_g>|JlUx&sxu>^M|(Z~b`EiWdTk0INj7zk~;VYHNWr6GJsDE?bv
zaLfp;+^`ofdC#DHn@gIj!F_Qkv{czY>rETvl%#Z46v4^5l~(UXN=uw#8mFgn$$W$+
zl!=e&1vqp7DOmE+mm-D?JRDSq%wz$Fz`7&NfFYvinQE*PP&Hd+NG#-j^hs$x>!8@~
z>a@7@87bBnW|1KGlYYdG<uAip%g`v8<~r9hZ#&RF8a@R<3Wt}t6EB(G=@8Rv1(uH$
zVnmmJlA)mcLKR8fZcl?N#6~&<A3=$e&U&A3oi6a|hV)zH(d-KqYxJaAdD%ue;KyVv
zr(MEQ`E|q;sv@WokTMlcWrrf&1&Bch8;Gs-bzaU6Z4$yrT>Qgn@Q16|Pr%%&W!C<e
z#-4HB8%v7^+VFSj_i*K@{3beb*z@(t=J|>*^Z1y|oBpfK1ANgnTu|0K{kh6Gn^`#)
z0l!huiD|V>S87tQk!rTHcDu9UuH0KvpeTYfE<^oi-XezxyNv|@sKcK3%z^E6`j-)A
z%>7xgi+_|VX6Wu?kDJ|3oT=J%@j*sJQk1G4>%`g54F^k_{a=o~9g(l2@j@$WjHCl`
zACakNZ!3dGVN*1aEm)h!RBW7aSG>QhL|#~Q3zU)%60=rUEs=1AqHbXg3k7Hu&w#ZR
zOZY+uKlZ+*+w4cV2Mqd{y|mNgcbwq-9F@w!km(AHjuKN=%XVgHh2b%`ZRcp>f#0Y)
zrIJYc2uJlZ4;HQLl_xt8Hb!&mR)-xlc``s=w|82fa{zw=D1(s;48H~U*qd=SwRn0M
z?3R*l2WK9>>Cq}6TdyY8OYoaJde!hMvi_5yEDUlUF-MLK#Q`qMWV0&+Xilo30T@f{
ziU>;RQSahkvW~SNU0Btn7iv(i2PMZ+&KX)mAn8GduWiAU8hZ?%{ffXik&*C0h*%W+
z9%kIzu26S|K1P)ZE<Jw+&x;y~(@IZGl3ZFO-x|Kp^s=yO80;t8I;kdCV5NEx?Uff!
za1e@&%bnrx<x7Y8|8Y?*bYat3Y|Y5!-K>5hEPJ<+aBq<LSp6qJm>c)<73Md6=B(-G
z_1DywKBCvI<}A<euI8Rk0!0t)n;IZ~$z#)JO=Wj&41w482c(xZc&jGDiw>eT()IE}
z3;5_H3njYJ%pa3wIN{k<NINK{c!Ji!1HI9M6pu8n_(_~cj&9;N&pan2<Lj4jB8%JS
z!kdaoy^-X9Xm|3)=~9<{ISw&d8f&Fg>TA#Nkp}{w3?;~I^XCX97oAtR41bunoiuz;
z;L7c5kORCg*Iugb-dkw&7y!xNJ>^igd<qJAql#L{tGJ`d-FttVKn-vjdOw<Owa(M?
zzOGYZWJ1KE+yB(YCOsN7B7sk*KXS<JzV82S3rS248V0Lx1F_0D+)hpnDzq(1)os6K
z5;ij9IelX6Vl%Uk#ZtJC`bnM5&@zg`;uZKY^ZPMWNC6cs;;0)euw_uB{(z9PQx>Fm
zmF4fTz4Cl*bs<42JK!#9pEJ{aMP4bSRIz~SaqT>Ge4GIS-g-n|@5(Rct52ja_)>R>
z+m=p6&4VB5vtsic;k~PyR7bHv%6vh(5|ld%1?N${eBK@#IddP4;x3lzdpLwF6AD#X
zMWo%tV{J#aw5(S*idpG$X1v_qSw~v7;Tef>;+Nr;wlQhD=2sP&t|cC^@M*hj8LxxH
z`f_Vx+XydTb|ZO<@*_wl%j*^5e<fl#gwMr*Kl1^dCu5+C<3z`_3OpI0&XA{WlVZcd
z!by(|=W4tAFbA7U*>f1%=u6@L>s6CqcHEIj{)@Aw3&E)m3AYq}r}>t|b$eG+$Jk#@
zM^Bqh-f7-#WZs*KGVA84Ty#C}_N{2?Nj3~b__13!yy8^kll)2SxUucfsOZ|(0E)#O
zo;r~6+VOA<2HxmtL7;JlhdAyEEK$N*7sm!AkU_mF>^w_sE_H3!F+P#UNh;#jbg2$l
zY->-^5cmTt%9e``LdI@gWvXAW(U_t_0Y(9dR<7HObu0?}#rZI;>FW||$@~%+kj2qP
zRPoZBDph{OIar7*yUiR0QMG`F)3a}VS`mvKU27yL*TYYPte-izz-)_rK$~=2VqIDG
zF#cx4u^_sZra=2_j80oh90yd?&#s}0fQ6&Mqdx;Px3JRrl;-Non7xmZkY_wh$F<{=
z+m0#(3>`Kk9O4+owr1~!-^4jFhxEH&SJ7=f(d3}v55oX=xIBqeCkfJRDOWK&z4Y)Q
zZP8YNe?>PUi2l6{!rx{_k;u^Gol+JmnTyRo%*dx?nz&Ad#|{b^+@9te`&^Zs-&||9
z&o8CBn`xIixZ_LLqFHD~BGzdVi;>mk7Zz>P%0^l%(14){!{vu35|Pc}CF@1$7ica*
z2CzBRhyS3g-@hf2n^4ZckG0kkz2{mK<=GR}Ntkkk^_OKj^zfPV9K|&az`7R7I=;5C
zf9ntM^{BfWbNKoW=_f$LA=j>LdZFju7o$6UMpy7BApdN9u({}FGK#YTFXoBzjT}n4
zZY591D@H@lTKycc!<_h8dzLVCByv%rEkTq~3ZgjG=1V<WC+bgL>o^W<;iY{#nFiEU
zrHiijM>AwLbQMD2Q&nm<1&a*0&LK*vK7gVz0;a1OKXj9)S#Of_l}8i8du<+w<5{68
z`R2}nQh_>f;k7uZ@6PVC4w|$zb0cc?DQh|>;XaaB86}U#T0i{yGL%a1v2<b4KGph=
zu-sZ9#PJk?suFO4fuV{+2oOUoV+eiMkBG8EI@^#rIV;ePQ!Gh#iUjAI+hBv!>F0S`
zLhV>3pe4Q|F{8Ld#imvnU5g`UuGFhoiHm?%0#MbslW}IK)FQTvBWySfyQ|P;p~$W6
z<2Q$dSHJc%asL{ce2E;JVhB#!bDyQ~(FYJD#R_Kl7!$F#*wBvrxQ#&Dax1HrmwK)=
zU`(N7dupp>ji(mfpnX)kmK&JBmc@T%da7)SLWM1nIm!SLmvqs{qvB^7x$npoRlmAa
zW1Q4I;%U_~c^_mx5Hi|oq$+E^!e<{n5}cw)%qL|riOlCL>ysVj#pA`QU3-OATO`dB
z-BNGpo++p-UNm7;J2IwCg8-)~_0BCxBOZx=Y&ZfACuiU(0xCwD=Mk6Ei;rJ^0+1|_
z$BXjqoxqDMYB3FqjwU=dUtXDRG?$Ndn|{cXH4n-$Y_s<~gg_H_*>WX<y(6<to?NUd
z$D}tONrkGPU@K=)0v~JHo|03UD{J+uAZ<_518{CrXDQ_c?LjTz-On0cGm$EkXcCc;
zKmdXZ_S1XV%n;EINDWh^t4d?k;3-r3OG1=Rvyukl2y9Gtjr_RenpG<FY{srvx*)Co
z_+(Y8>(JMPQNcKdZw)DNQ54Zgde`$SYam_h%`;U(&=w{1{7MD33qgnhE!Q~@y#xq{
zA27<AsRyN!fNKvK@h^Sc<7VL!pRY;H+9>dfbYRS;!yQ*b9BkZ9?PVeXDN)tx4G5lR
zKvjb;5?4W00g)txJCM9pZXOzJter~ys(Ovz6G+`dDWkh`i;=;!+u5AM%j(y9c)NFS
z9Z>J}aV&m!w~gvk=1r*;bI~_#7SgkA@(uE%;<lMoSzJZY1hMzYFnr*(8bbhNlsQ?#
zjKUeC?i+POsQcgxBG70hfh{z4`>2w>Vqlhp=33xr3!nUxwI>H+m8@Wz_x!eugdECv
zHkC&b3>rEI5sBtqe{mlL7Nw)tW5LK86=Q7@o70&-<CgbAA$|BQ5pPfFPdE6~yV`Bt
zqnp%fwUGd-rr2x;XJ$aeB4M)F=~cR;#W)KMP^Ee@S2WJ{@;oF?WU;K3#4mPNt9nv!
zB<V=V@^qE2B!kcV<A}U@78bOK5iKT49fz4pl|M)!e<_-^V1|2Tz79=tV*Fk5(H?`&
zQ#v9^-URPKZcarRNXZeSYju*khQcs<FdlpmVF>cEz4>|gs{3NKvtI<u0q5;ClTfu(
z^mH|Is_@3rhtwvUZ+pQ4tQMP$A%zq=g?x#>`T7rk`1-92{2uxCck)N%g#xpgz@&xF
zJ8060N`k>z6|^LINUAC9&Ij2?GUgRRly}!oW(VQnzOfl~#6WXPJSG~c<0$Kh)5*>4
z^DTS54$FG3ph#~ld?^1%JuDqQ+s5(L4laEOP+=b@l^U4`Vz1zrAi}SKb1{l#C4DU|
z3(e5ASbybNy);9sL}g+*S*p-J!6K>wjnQ3+HpLIl<kWMxphs|Fyu9FTj8)><v^PBH
zQ~cwupVJg9qi^yWWi-lX$i$>I^{(97TULjKlmup_5wWZb#a%O{Rv8f$`w=2t$VC#7
zeLa>-#+ZJjJf~%<P(d#)+$RxAEuT-|*=>wYicrE+Lw*K$C93#?DiPx_eh?FjJYi6x
zwYWw|Ev((d4RNB|TUgS<iA6@OHjd`%qqSvpjl5rWB|-0(0NQ1=X<%lq7#ucUWQd<k
zqP;5m%9UE_Gx6z8T6}-k8hXPTX(?fq@*Q>7P>op?v4AC4&<Vf$Ao!Fs6$g#WgXkab
z_fnSs;bmTR=C111cT9);q>Uc<A3IM_KzfTmEL!hAhWrFTdB)CES{{0o@3$#>0R$)f
zUmqVTwCzc5fEU<fzv8~gK(Vn*9_T)dJ?2+f;{@%Np<Ni|>kEyw=4!oSG%**?u4hno
zl1VK6@ewnf_s-%Y^N2=unrq>(8U`I>ZeH_V1CvC@<JR={LmJf=8Yuw>=gid%?F3Wm
zj>&J=-_`_?l5r!Ju}>CYbp<7Mi9op%o1Pz3&(VOh!{cfTX%5~Fn35Hn^~om!oh2a{
zL2jB<m?~%#Zjj=JFa&OUi}f0pa#0&JVDGlS`N=t_d)|UD*m1=qrY&7%!ZayCAo#_z
zzTpzR3Z>T?OdbQD$dTAQ_`^TYU`?g0l(kk?VF=2WmdT+#X+fe%CjW9kH`ti;1j{{!
zXdMwfsk3Sr5dGl=979k(1*YXTYaNGt+;1Tqw_Z-Jwv%m4wuRno){kQ8x1BW8_NfY_
z3{xbC$hJE>YCPbB2#q062CPb|&ckRsLb1xvpA%1F6uPZvb!=<i@>ps<?zUt#X;Ll@
zi#N@0H4S+T7TQudD9c0>cbZ$>F=WT)1LRk@q^5S+3}%g}6jy>5QJ0qeInoj`DkpT7
zDvH%vN3kVw#9lE$5;pYDvG|}t5CR5Sp?<Zc0y9*gTNcjkVU}aXfS{X0eqES#v0ieM
z7%_*%R)lo{Yw&v@mZ}=oI#pTWG(#*spJM>Uivv;%Y8%+B6WHka%F$arts+Ak0fJK1
zEcdWxKYK}=V?o`0R;p#kiD+wz5i3Od_M{iiJNSs5rZ3JcHzSe1-h_wFwUK3Cou%7X
z%aczibZZsvz|kEuKW>T3aTN2DjJCj2;naw%ujwzW&rn2K>Lrtk?ZG%m<rYXC=TFyP
zT`D;J)-K(g&9#{m#|JBjECI`Z!VyZQW|l1IjDpC{iF)y}f$Eb)r~(ySBh3vbIcDW^
z6UlhP=Lp9ZQ9XC;7f3HOW2{To5rehmqv@s6;UU8rTU8!nSPY>Rq+&i@gj#bu=iwhd
zs>YhJalxRpeqA-Oe0}(e)=q$k`tUL4&{NyrE}CxkM~UKo9l;tGQ{{iv{#w+Du&#b<
zx>LJpI&w|8e(}}Qcr|E{Ju?qC^(sM{8}BT8q4d)wjZ(K1|6;vnGt(G{Pf8n&&r-Q(
zV^sxHg81kf8aN5=2m*f6;3kq?x90IwGLyZ|W?}$(m5Z2HEy5i4avSAYX`W1@65q`*
zYbL%kEhjgkq6A@1r<f{R_Pb7(yjR{f`|3mC7JX2a{Td_(p4J+j6B-Yn1}V|ndfV=h
zLjxhExg3hlx7qjynN<?G0LEjG8D2XoX<ui=8X%jsu*LNz*wS*Mv#K4|;vq+qgt)J=
zC-y-NQV8oIr2xQP?1mCS%5#~wj<_`VZ9kTJ9>+0(3#p5Y8Zttv7(b#YaI2I?XE=@&
zRSyhB44mx32SHXJ1z{L>r9wj)5Z!;IS~bpjcm`Vw;Nz`~X`7@4942<AYX;H_n><<E
zQAd%I$Tar}h&)#b5lpZ!<JOLl=iVmU^%k<#bT6G4*vp*HJp$@sw_2DI=jj$9!egUI
zWcq}`Ltx_LbtU!|?g9W4yzrwwduN|ui;S5sN|Mo?Z#+mr%}y9Ei6`pOvS=9N=Yh&G
zl$3zsoUNw63xgX`jsvIpu7rVYg(VYM0n?@|<s<%y*<-Nt_>>Rw0sJ;aR3D|fqfmbV
z-S(UBfcRBQhC%@k|ElLU?y0vQ{hF~K@sya`W$et*YME=eBWbD?1>*s=Evv$Yy^uu_
zU<G&4JKKwVV@#H54nk(H`84NtG<TmGT$Q&l1Myg|bRWxEmVCqxR7x|kL3|Dvsf5FJ
zU1k#~Go(dDjTpov>+M3t5Z7tWR?X1mX00MnNDX|f<D`>RL&UR%Ix5{#Pi`o?qb!Iu
zN+Yh@ptc!6BN<pXxj3k6MC$R3(2)_Awi|Yr_B=LgGukaR(96-(HcU>vTsrQLaL<g@
zRNRFxVR>&bLf=Wlu)q*2h%qD@xz`<Q$(iN`m5x$HHzQJ$C1d#s;N!-;OnUasjQPEr
z$js(tDD1kFALl2ajAH^tq>lb2vyf|(P{(fmo$gP7BdqPzS6OV3{U5tu*<($Ja+G6b
z#icmIqUXolJQcB&n%sj4XPsqV!9%)Y#IctELSV4l;$Cataq{M+_mukt3em^uHcc4Z
z#p3Iesb`xtH2b{x8!TOdLV<Ugw^^$wwF-d~+rqQtcJ|~QuubyD-YUL#Nhz-FhW$fr
z&Kv)P*`^<K{=XhL^y`1PNX=vneaPy(XVa$|zIg`rPrY7P5_Z-9;Y4(naj9=|J>vBB
zwN)o<)P?nNon*@=V%M)XqRLZW{(9XwGLHk#?rmjbk)gxop8#BuUr#Zca0p$b?b$oe
zJIumh|6_kPWBW_@f}&ei8xMB>^;rq#Q_y=lZi#8C^{R!buEs-|RBoWSDRTy)y1n}8
z1jna_Ag~bc1PP(8z)8dS%_mxm;}b*Et$cx|CMEv~>B_HDqa{al?zgK+VBVjA0Lume
zc1k4RBo31{%fvF9IM2ikqM1@36%bABj0I7~1aOXxJ;6!T(y}soE@NFKIp#jf8w0U;
zj9<yflVirLX>*yf@2mLz*Zvc@TQLn_QysGheao!*#@#&@3s-LQa{2wfKP|Vq`|EEG
z#&=!`8l9Iv%Qw3^f#I^{zpSbE*=f7m;9O__#h?ik!s$gLSc;Ns_wpnlH~*aT(}VSd
z{?4Jyf^A}f<M*e&ga4bjJo-)S{2~tCOoIi7Wu@ExdlxI@rMfB@pK2ud70-ak+AQmL
zLPW`Te$#mLs+{F-)}kqUzF%I)ZVZ01@KVx+YFunIzS{blRg+a>2QDV8wlSbet}0rx
zbotM@F=hNvNUidv*R}5ijV_mkdIFkLa@O>{TTf2TVf|zOAUD5=$tgal{5z>HI{z&a
zi;?y`5*4FiwI8KdO#gS8_-9VzY1VO7YMDaE@in!k(WgzLV^Gn;l{nzg=#~J8o`6jg
zz~(8kX8xi2tNqe_QxBXWbWUa2(=kh%Mh-)@qAUu^1xL4tf+$`LeW&*D)!pwzEu|}?
z3uw5S3aa}JquSYzbywdSGkQ!y)oS#-%d!?y=Kh*AW`F43)t@TgKM;}YcfpSPx5%~9
z48x<DSqOGsQicoL)l+`gFBKu-D%eU`07P|4SjBeAJ=yIVSjMl(?3smIeM6cbwag($
z+vsi8Kz2j6Zk-_|>LT%RtolL<BkvQDFWQ`BLJNz}kZ;(V!lNq5rT6xd2W5v4;15Ah
z86TZc07Rdy4^KVNDr>%h($TjI%5HJ`-^X+<V%Fmz_NH6gq<AkLscLpRvK%`c|Fsq}
z{6Ww+|C`kCFOB>^8C#qb!&xax<^#PF$IGVLY!1U{ngHonR5sP_@h%u443Y5%^cRsq
z$Un&WIXx=dI(xGo^{2D~SoH;|(+V=6SryDuDLB_?rkG`!UI;)jN#~I@%jqs%iHT(?
zzx3gk`;bpsX`f$r__eF^MA1|nRU|7I3B>-VM)BVxJpV?c_<$P>IG+hD1(r2t=RCsS
zv!{62A&#XGRXb@An4eJs#mdgQ;J}TKFP=oWz<Y<kdvpFzKo`UUr|)k*VX_)OmHFKn
zF#PfW|Hr%N|7t72;g}?=oR(7%dlmaGDx%=)So#1M$PpB69R#4tL<Jy%^AA3~*@BHU
z$R_e-%6%2v^pRLpF7=Iew-NJt?8=1CA*yuyqJe2%bH*@JjZ*gl;(KM9+<G|I<z><q
z!~u=@-(rXK3Uw@ht}$2@F+54Q^0qK;m;=>E7R7TN{T0I+GY9iSQ1k4b9q_O1=F30K
zVJ^$R#UB2PB0cGPT2~vo^ds9a$E$K-q|y%fR*7WLC5Cc*gcCSLfVq}`Ku1d%u&8R@
z?*$?e6y&FGjj&Lnn@4HLs;h`pn36?26{wyLnL&|?p;NB5fA2M;M2>RA98((Uma|6|
z_S!p2p5h;)5gz$neqRqCj(LMc1^t7}H0vJILmFztm^O_d_etZmd<saf=(nAOUk+TD
z_*seO{o~mMVhgp@Oy5Vqs!+B^+K7f)70^lu@-DxuDsY${C-KQ}uVIj)AhMCm|0Fj2
zuNJ(2IqdRFpFv50SmP2GS|>TqA6u<2yBCjUMN>53E21;BGTiKCdM))*k(2Dj#WLr5
z>g@S?B{yE*ur|0n&(&Qnd$U)paku^3k$_)3uvD2KFFiMEPJxtdf}gsLC9`aJ#6un?
z>k+ygljI>ZYy1vxwn&`v|1rv(B5m|vQ5qQ{xXtxQe+FgbjwzDU!g7pKHQib*()jDh
z{hyq~|58N${~6W)MJ4!m+Dn`!*%EpMWff^3=@<R)-uvy2Z55#riAiyZ0k9RrV1=j8
zue>&0U~>y5Vy&Q)lRT;_Aw@DG=ibfTD}r`bx&p4Wm8vEcsW?RigY4;S|ADyouT8{(
z&8Ga5!nr?#9{XSX8d0jwPr#?=<@sL&U14KZ7CAM?p|H+#AAg~rfU)oC_tG5?fh7N@
zix8!HrhO*^2ks%^{sd$dU22Y3HMcDtQNxg;K>2s`1po4b{#6o<;<wtaNyn(hxu#Qd
zUK=;X*vixm57f82cBoONyE@|(M7?}8SrFWw7>>mdVH$@<&|=S(mp69AUsSjORzIP9
z;^2=WqRXR5e1)T9PFxF)*~F$aXyXVT;Kb?<gyRrGN4}07s1~>vMJb=}dY5J4NoYUD
zT=ZzA79`1QKN~e?Z?PaC!^fw~rs#tx`yn&dG*=AXmAJ3Va73Y_JdR#rHrc|tZozWe
z@M_<U(`=&RlxMg?qD|YGas@?Y7kjCk4N`^!r;H+N#$Op>Po!(R`h6}SmHx9MTAgvL
z62FmeXc(~^g+)9V8+ng$ltO}35m~^34dBAFU2o0dhCiG)bDi~(l>>t*O)u;&`h5(q
z&HAc<=@BJYs+2?#1}{#x%W%2IE;iQE<9ZX~GS0kXvU;eNp{kv@BVN57wRtkM`CtWG
z&pd(XHYC>y+a!Ywe@IYMR!Sh8?E?H(B30>K;XeWWJ*?gQYZ1gSJ(*vwYD&#+N=sd4
z&Vr${&0NgE#@}tefz}(2wK3L%kE)^NvWi6!{IO<)Z($g1R8-ViGIP1hW*0Uyb!KL7
zBFIvD&KimXzXlrp1e8-|)xxFv%dMx0(&aMV@CY8bT+@5%+-12}EiHX2`~wm6!5c#l
zAH;27LZtohji+i}76~Ke^4)Rq-$>_Of-H<5zVUFC-{wF4_p<+I5qS)cUaHwmafcvn
zHjb`L^QnMLSM44SQWc)2LLy0-S&>9k%y21LnCBWGV8P)0e@MjrBdpxtQR6r`Ms#Wn
z3dyt_t`A0ry$0X~5|XX6)5aj^$N&L(0HhZggc*q$3AnFL`EQZ<OT8P#Z?;Abeb1!%
z-2xYUpxH6#btFe3*RQqQ<Qb*eI9O7EZJxp~ilVqr+4>ZAmrvFU<}7JqJY~5Nh=lc{
zqtX8aa7%so&tPi*$s5*e9wZUR7!qG~rB{D*T$SbW8IVXCqjy+f9A-_5RVPRSQp%VC
z2iP3dfdkl}UcTv!uaR_k$Eh<@HnuAk{B6O^O)r?UqQVb~K5`{0Q8-Gb(u&hWW`Yla
zO2ddB0%w)nibQQ=_CR{1JkFV#Qs&SZD_G+L>}kE>Z{cBo<nTn-m(xmjPaSTQ)z>dE
zxJ`Zn_F9Xf7x)@6#a)v<;rfyAH;&aU%GI*^sg0nyw{lGps#W2Gg4X+kiW&(ZXz-UJ
z7+!`AVHa~IE_|wSdLW*DV<}oioIi3J6KBzaZl6s3C#F_xChG|0H4eo!tY;L@`~@tZ
z*0SS1ciA7`Z+&@C_5-u^J3YhMmtXrhAGG(ev!#}>5UCT@(vJ;jStdhnWx`WE4Vjw^
z!@~1M#F9Ja#P6Nqr$sY23@Wie1qg`^$`sHep_4@UAy~B^hTwPQT7H|^6gEz;rnpX)
ziA4^lZgrfqEe=1%8-0v|K$J|L><7f4Zg}T16_FS1^x?Zxqif!$1YzK2-_54^uJ9(Q
z<xp8`VIfDpc77Gh&}d6>HB`&PvfvYb+2<oU;S979gErJgVNVN;kH(1NeL<tu&~9pG
z^I*xSpdbpvX41m1fBn0NaT%^(ersGaW`~IWT9Dj_p(ph8&B&<l8@`DIB?rmB{rZ?a
zj)?uD>@Om#CpqO^+f!1!pZ(jG`Ja0Y5j7mvR9GvP&+i|Nx%dsL++C>$qOAI-KyLjW
zP<5L}n7if4BgnVc_qvYHGDe^N=RbGgl1TCaGajrSyL7cM$3>@pba`#j{>BUx@N3gT
zzgBn2CeK<44;%G23aD-)7`MQDu<2i`$8(y^>Z`oZd|ov*pSJZi_P<H?|CVHsb=d_L
z&grX<IkpZRr7qRqe*);(y}y)GtGdl{1W6HW&q%t`xxi`k!)*y-hQIXt#i6k-rIuNv
z=}t<U8C~n|61HPpxI+SJ#SBd{hu<6))=16(Xutx8*WeIXL|wx74<aPe9n}(}c=qjS
z`HF{18&^ht#o@KpSllx3sH}J2R05Ayi@`^%jwTgOA)h1a$#7w-yR=J>$%>L><76m%
z#pHnQ6UR)0iv{lKD!B@>o$qki4BvaA)D%me1x11HB~cdlrT<%aA86bI)%kCI|7C6d
zFEf!=;b^u3BWQzt812=Aa-ELZAR3&g8Gf+=UR(gGBRoQV5a#-nr+rp3l)ovgy5u9b
zbiK{7k}K?%msa|(&NKna&WhnGt0yYhWcA$n)s~*CMpx&@=6Rf7WV<|uHPtj3`;#II
z(Mcc!Y?Spuu)lDBp)b<`x6Qsx^jAd5ZH?ZQEaj>@isb|{Ub%sf*Q^Q0e*&iB2tN7B
zG&Tl`Cx~zvcb}4vj@%>j`HCd3NWU5tRTb4d<3hI#+#ig&?Ji!{6)hObCw{hZlVD-~
zBa~D)U(SJ;0CW$&*KU8$o(ZdQ{rhL+e%3v{E5fNM-_V_J{Aru54T`UEuZ_0F2CaVl
z`sn3((fudu8?EOD?C+MZ(xwYt6Xu@J`^F&<<$wM4(SyY?t!DK9FWDF8KLwgQb-$<w
zBHpaT(k3={m-1wsJe>9QSJsqxVk<73)tGN`I&#ZFfiQrG$Fs@M4wD5exPKsU;C~bN
z|5pM@Q{_{x+A@LP1GLfDB<qZi&R+7e?;W8t1@1AVE5cBL!M$RLGBfB*cD&)P3_?kP
zO))tqbjbs+7efp>V?5bo=k{SK3uK$(d{aHEtH+pUkJ8c05B8VRGVkHveGjpC$KDkv
z{nYh_jJfG5b^Cm3!;ElJ^(Ua2W2F?Ms<;hoLPHM>o6qnX8I&oX7<)%I@--MZb~FA0
z0D#pj*t;p$4!XW3u$fTM$-<~khP(u}*mAsMy|*r#491UYj{D@01l~6QE35lFCfvOW
zD+5rO5>1`L>f`m9^)er=;Fsdcu%s$aMlY9<$RU(0-D+JNRWv#bOCgD=tf8qz&21U>
z!x}^gQNF3he)LVaFVG9;p~ao`=TsJlNcnUK-Ozk?ox$9h0L{e@ba|oA0*TSAD*!0Y
zB%~iG;Oa3}xmX+Rc#7@jp>gHx8iQQ-!u}YOFXi5QawK%EAUaoOrBcFE_fel16)K|e
z2dD)_29Y7f?$ppiPI1{+33P1J>?U5^tI;;YZAcMiU(%(>JXw#XHI?iHu2!2c`1bXe
zF&3#{G4PCt^k2*G5>MB)5JNb1G9tTWRPpWgaYJP3cWy$E7y{mV$HUF(jNdlXLG!^}
zS|6c@Qi#d(?E_>5?+0;GE!yDA)KR^IUuL`x6Y|{T5BF_NgH;_0<YQO1*fNKma_4F^
zm>J8RXH_4)kWA0&rBhW^VuQcav)FS1olws`!x9W7dMl8$^0b-uvazgAK{~ZX*%m@M
z`Zf$W&Tl~tbegInm64W%Ri|seXOCwD@}UNyk`|G<6&F`n&Mu{Ti0EO+J80ml7)Ul7
zcG7|SK`BYvn(EQnPQz=h*yjLr_~Y2!+WEPo4v*EQ)`Boxu?F&+F!qvff#l4=+4J(7
z=|3<EV;$Zc#OrcfX>kvfTkD;LA0pTaSY%dq*LNf~w0gFAa$u;-@}(lljiXe+y_+VR
z7)u-2G7&%_8YFOB6gZXbI-)e}Qz6sjdef&FkuJxzfiHJRtLBK7+3`x1f{0s-Ej>w?
z3i&MwM3I|muff)+-gYBP6xJ0`U)*Q6mD(OsP_)f#vHjjX3N~T}TT!;0Is;IkN{<tC
zx!Vr6nK21>qFJq%DrZ*O>BfYq>mt*$<fz&()~f1~W`ADQ<~R=RrJe!CHO#^TU&k~k
z(_OVk`19+K@M`v!6y;J8-r+u@&NkUJjabG0E*|91o-<vUTeEK_$bE#|JabjHu9sGx
z+RkHE!9B1YeK5+LggBrGWSFDC6Mr&lveZlDa&liK5bV=rYxr25`uI@k@M_!o$2p>A
z<osI<V!B;XDKo;mQM5;j4!uw6QGq>la7|`xZ>EVmpj-+!sWy9Qt<cBo;N;{4-GNsG
zXjDriO?bnuA&gjHFSxbho@ekui86_9S3`EECJSWTHrkbQHshr<%|8}J9aO)a`8H(3
zf_!1{_PFXAM&YO#WYmp8o&w>`TPhTvZPBqK<$|N|v|%w@<cxY~msZnqKoc)0_FGJ_
zmg%ylGE^3x3SoiG-zHW_O!5WX4v9nBj}^TxGRMY|MLTX>HO9dr)<cxx&I@SG2>@V<
zEdhN5H_P6J@CY_?C9Dj44RC5;MX~N{sms`TPaqzXQm(^P=VT8$TdogJCulh4$0?)N
zla*}uNYUt}vp1X?It>asRh)HP_gUsPt0O<wDe)su_9aj0jj{h+Cr(hQ;QmUaXpo+R
zoJ^eO1BGd|TKHR4w%`rENj6xG(yF@lwWm$K_srm@ZTmzVb!>(~Nd+#{eGoy#a(4OT
zEOM>S&KjIKA{q+lw=9T=bZ#@ZM|hZR+|kTv+33AY#0!vKapzjKS>$$YeVJ>g(r8bo
z+E+jfg)8JO@*09`Q1GhGB-mwTO3n7vgQu<H)71vXh{_k9Jx0Yy*^XF428aHd$#rbO
z)HSS1C=#Q-hfL79;_EO<yWBQzfeCpU4JF(9?$aM-<>jiM3>y;TqOepe1eoTt_?A~B
z5D{<-=nx*YV)49dg<EN#R9ZNj6__ust<ZD)#!*nSH8`p!uO?SQI-a9v-J*gPg=IaC
zahw%Y<QMw_r-Z@@_ssCN8@FfdC=H_Z?DCqoB~vbq*6>8KKR&B^5e}z9oT0Z2R$(Sj
z1)x#|-M@za^j~y6Lv;B+c1NN&2e?u_=!|q9HH!9+sC=3|{S#1?!kQVk`i<>-di{Y#
zeo5Wa_<&2oK~A$QSheAwB{`>3^0!7|*D#yQ`37J4|L7sluqeJvim?%0dQ*CjI`%zz
z2R!-4#vx$iEP<VuVnr@AEp~&M&1t+3dL}Q)t7O$1*`hdvq`rh+;hll7`+3Bl{yV{3
zPa#pDtHEx!Y0a9Et!E`?j9rCeYDQXZcT|v#j;7vykbbL8yI>-65002BJHwYQSpcda
zWP_Gh?GrsoOD=zUeVJ}_n#SwJWBN~=rFaXYXacc@ApR5MN6JQpDrn6GZNN4FUe|lx
zvwI5mXjSdXUUVUFuLu$HZ1YXBaJm;_=9!I1f;jJUH8+Vo$&P}6awKhz*ij92UMa(P
z7x)Cl@0dmWh<lSszWQ9eeN{ot$|cQ@N)$9w2tWIHMOLeM)k_u*!Td$#R2e+UqaZ)d
zTW-U8rb@kydk_OcYg&N>M}kg`GDDYhhT^3hwL@dXGfkFJ!+wFVHDQWPze88j@%d3h
z3XfHJ<|&5r&suZq9d8<4sErkCNCBOW!7mxj9K{ZzBm<?4kg*wp0N^sf{k!9E$do#r
z2O8tfyzRCBapWPv+vE~PR#i5v!*h1AA#!O7f=Emei;rW8PUAQ}3Leu-J^@A31<WZ;
zN0MEfI?YsbeD6AhIODUB;e(>YE}oMzx{)Hh(2*BGL{Bd~G>lQ+W?3<Y61#q3bk!Wa
z3-zdU+!!OJG4o-bbJi4xqA)ce67nIAN@j?6jFTzFsz965%A&^On<r!97W_q0tOq{Q
z&=RG|zX0Kn$cc-ZbZmk$D!>B-s7VsRk*Zky(TJbFo#a*<9BWezSL!BzIv5bq;vU_R
z5|epNUk?J$v5Q52W{XlZ?;l_oHAM}MHo?$rS-4ivIzFE#Q2Q3U)f!(gfX_I5gJoKt
zV#56YF!$C$ZE#z=c!EQb;7~k3(Be+<06~idD^T2_xU`f8PXa}Q1St?)ix+E4ad(%N
z;@(23()Ru3eE0kAd%l@_X3m}8ow@h#WRktt-h1u6)_T_S<dS+9sa~X)L#G3H>^O*~
zj?>1uNjXl{Ny3EVbBfna32FHCOt_6hSZ;;U36^VKbIN?$7OG889~Oc>@(!ivqWk_%
zIw-_dUr0FT*6S+skV_q^vyac?x{O~0xp6U_Xs_?XD1-|e)+=#1&0qoE%N+-|O|5`;
zuRP8fE0&0zGYf1NfeJc@sqhMXJAiRQ5CsaN4e}16z?sk<Kb(}~7-w_U>1m16bbjNm
zT%?=SB<cO5Eo4iI+{PT2S*bqW5rAUr<jJxa13R8njD$ed_qb@0&;4q`YQ>WD?R@+R
zCZAP;HT&Xp`ne}H%F^N56dDqICX&e$^K_Wu-Olg+nDPQx0wZ*-taIsH)kWI4QO`)6
zOC;JTl$+&MYS7w1x;8i5M9CXs&h3mD+N=YT1`^=;YI*p2bi6P|z1Q-n&0n3ScKS=V
z`A+(3J!>tpZDh$NVYU29C`7#$#ZwlI{bqzN-Ae82w)IfX-Rib2B~9(u&pYDD80}Sp
z)=m?!Vm7+3-ZtA-TNQ0r>XrQRc7(u&fD#`&Ca;uCzj^6rmy)4q_?co9wsbwbOU?8`
z9}IEGSV$xenhY6f5U{zBL7vh;!%~jr#-?DcvP)>fVN<g^RX<)9JP);Yjy~xOE#IjA
zAe+9b*A-DzhB)v;s;Kn!lL)2_m(?pheT=oFu7muzs>wFbn91bi8+vP|K&zp#j$-UV
z2qifk3;Oo^NHE2YFND0+_j@MrrO2wd{Y`Ye*<cD;`$~>IG4hkatcfwreGEO%kh(-c
zhCVUv*l!Nj{PRDY1(iqMw?i1PD&z{ut_086)KL-1uB$yZ42#x8{mvn8t%wLnww(j1
zwdIc3Y3Cw_rOhS(xBWPD@OM7<Q+Yg(ptV!x8a@42&zN7ExxbwfBcyV(e!6_*ZBM`3
z_#oHkcTN7ZWXd5UzNAgLpsPCAHgm+pwMj3=dT(x~`Hu8Y;-qgx6NxTie^ONU&y;LD
zjzvaxi+hL7LY?1Kwtxbc&rMu~M`p|C+gt6Zcf%gC(Q0M{fC<MO_~GjKi#tucfflfS
zj-BzGX|mt_$%-%B_Y|<t1B!B$mDg$|C3&lSa#+g?dMJJ1_OMpdf}|3sAR@zYS_^t}
zEaJRF*dZNJ$;tCvD0=Wo?xBs=h=Et6ojfAmxQkOGFI`+mCYjaIAAAc@hzq3#Lum2B
zE0wh3i9R`X_R(1+uX5(VmXZyrXzxbX=>VZ@iy8<Uh$zZ9h;;1huc*6$j_oTa<J$Zx
zV9UgU3}b!-g@?S&dV(S{FA%s9R2jG#MnjXk*C)vAFkwqoEj4v0x=56A*~;JoID63T
z2)E_m&b&q2Qj_gEPQYy@NCKb%Q1wa=c+RKJSaO7+npV9HB8Nzh^<^GqxU%t`rC_)#
zL#flV>#}ezeB5xN13~h;0J$kS<CO=AMTzxeuxwUk@?1V|0_>n2h0qs900<})kxul4
zhw9JrF6PE+ZROsZQc<-(*U`Y!C#64KcxtJ>V7;%#?AUMxPX*;N!#3+GH4Dpyk03Rs
z50HWZ)HPHcf4I2)4&+jge%~|U|8h3xmRM}lm79yX>dBd0G?GzZ^&kt?XhNBZqmv-p
zz}Fu-e&F1ntaF_KYl^W8YBeH=r=gn88Ey*`jP{R-h2{=UK03VgQTkr=c0vQH&MrnI
z!ES@dD_r9K&Ja!rI8&V5%Ii@*x`~*w4i9hg65XUK#b_zAC=F$Jd4BIO9IvjdOG>@B
za>9N<&v3B2Ky<6`9WwCR`(2@GX={@RFF39*xN^lZgF6GNT&^S}Ep1u$W?Tq;n)u;E
zQ|^U(;j8C$)$3jg!)q_{!@<+Cp1CD|S~g!P44H*!n@SH(AHOxu$kvkp$rD@>%X4vz
z6D^tFdo0%PrJb(|{B>)bF}}+0?&TKNhG_x=BS$fWb)S%j;cq;k`fewgucF67hplXd
zt!w^bvgl)5Ef>}xSa);vk6K3;;9ZU`8za;xpu{0cJqkd$H~GrIPGtvoVZ2ry3X88@
z{yH(R#nMdBKi(}O0W!77HW`#)U@+w+6CcTUrK>h)paA96g`_sZh1a7l@|mCzUo)|C
zlnwaKEEb)5Nm|XgKFAFT_mTd&Z%DwefEoF;NmXEX(#;iICy83|Fs0g|%h1~;E}qO6
z9aA-=B(IK(70!=00Sp7^*hyW;qT({{{i$qF>{_YsxK-rNG(lw}%C33!_4%zI?1$Wl
zK>MeugscQ<*4r+~^e2+nFGo-0_gA04@>{eK>{Mi82xoMksTU$>xINSIDC9x;3q}eP
zxN~_7qQZn&6BCiw$NJ^j;^Ad}%JN&;rwa{=Pn0X$<^9)e@>y!om1gRP+Rc>bKtnpo
zK|K2#5|B>n*Q?&F6{cJ{dHUrqfNi_xt6M7j*i}?*XXW{f9BvK`Lw3Ow_)21HKJyqY
z2|nx$qy<fk7iEV~*{egUBi|V2SRC{Z>w3YI4HL3<_@&d;Yh$^C5kI37M?ivwl>9&{
z{OwUgQL8I78bHW^FVCt+YXE1Kftg-^0bKvgbl>-V7+K~uPrHyZe#X|L{LNpRHYiX!
zF1=1T2y?i{Pmc)t&@8_LFj>A#A?T{kkG!|^$o2X2_aA=MJir>FR6O1>YSo$*RtW~f
zh7`jjDO6E$dpCKFUi+#QF0J={KK)*{-8m+0HCFDg`e*<~nHp{yI|<1dCWs9ZAkI4x
zX{pwi2&bab8%27DkNNj`<WhWU+qHkyVTb)W#NrYb0tQFRwkDDOq~J}OiF{`VWeilE
zkRPJV`!%$v(MtH<^;jNsaZMo=<-fL(v&B@0@2x>iXC_DunuJS^m*i18(Nph$6<_QE
z20d;Vzq++C@wKiy7xce<+tMIOIQ|-7e5W*iR8DS!)C2+HwEIE+OA*yURo}W**ycQb
zFnr;T(Z+NLQI@|Uoi-DR(`L(}Lgyna-tye&#i+mM`9b2P&?jZ}8`DN-{Ej&{B=m0m
z{o732$CIjhO-5knytJMgCL*N`j3Qgr@vo#k0-j<R=Y$fCP2}xAbV#b)q=2CXUdn=j
z>uh&%;;s%Q9La}$(&r?bR7=+{cZ`)fBq*OZtlih}GD~x-y_QHbz40(yRL^`!Imc&*
zh~3j}&So$n1R!Z(@js&E#>MKsN>{4QQE8VP4Qg2z+&Pf!4Hz>vRC~luYt3LJE!vd}
zmq|W8(<J2>*}HL?x9*edd_AgCv~v=KIq3GDW0FqGAAiG8tSo#GvGKjTMuGUz=yk7#
z1Z<B0fMlS+4?XCs;n~e6WB<&KV#Y}$v|ZK}e<<Wj=u#$+zFCh*0uy7_ednY~ElfYy
ziI!F}K6KNO75dVxh`gZ2>R3u9?zvojS+>)nvCY*z8|>T3(7_jEO^TeQDc~oIoLU_>
zXKbFb`t?-c?*1w(r%hZLEz#}LMWsSAPE`Q~REjbZiHe6p!)eES|0@id$*K};^{pEb
z*hUjcq1l``&?cL@j+Z|ORlC^S@tU9eZ+>e(y_iBo)rM8ye-)Ws*<DxR;%ZKuU%Q`q
zPKk5*Qbn}FLo=u~NMz8Az$4^A?75StMrRUBVl$!2+6hO}$*8K4R}tGVmsnWkm^AyQ
zK7rFJK-Uq--fk_{j&67KH=nQYq6BPe&sGMLj#NYEuk{HY!cIV{_o#k_UG_n)==={K
zG*0&SO>~AN_YlU(rqMOqLoKY!C5NO%H7UIEU|LAvq^ShM#>1w=<sqLJi(~AMiBPso
zw%WZ0k_^-Sb?wiF_<n;py2zr+nn*W5<I#;zzlR$>Rl)bERjKvK_~LOcs^Xl|sqVe;
zac#Ek-q;-bPz(Vi(+x<^KFmdc!DFp;`vB7CnBOipv<_-=dw&7o=70|F4?UH~J-*%E
zB{e|k5)Wcfkw~5pkc2=arTzdh=bJ1OoH3JWH0Bkl=U&CCj2cX&iM<hH3j$Jo`w=D0
z*nA4dlhu2?1g*P;$2Qq+YDgxy_d`s3lJt5b=RMOu5v$M&qY)QQf~2&Y>hj}H0vm!}
z5lUBuMG}W}-PUd>N^O!OXtie=?a?qbWM|}0jmc!3;OUrPb|M<2)IyK|XIpMhl+%i`
z=#QT?sALJ56`rwo7J26zk81!F%7fW~>VimokJqa1h=52={?M>QYbYDL-Cp3d>-dH2
zj=!lSTA8IJWKbVWc$N5vHE!e13;$O+7nw8bLr7dtPK{c!`e+NrFck*4Bw#n>*1r36
zUV#jsy^tWI4zUI>$N>N}UmQU>B1_=st(IRmQrN*SQuw{~Sc&el2GU^2C|HOFcDNva
z0mPp0iNVRR%kaqicFKxa?!9rvfxWDdJ$cZUOp2r8FZF13uJmBm6`@Wgs@G=cY>ygB
z-GlFI<E8oz?6(Ejz;$uBIAa0f1dBts85xKX$eD+gTqW|#&*d9<eUcsKL?_+7$yb-^
z?P~@2=!0ok%NG0ip(}<|uUm5PHPJOb*A(8TR8&~*if)`u%kVyieYvS?0XG}Fp9Tp1
z^ajwBL{oq^b)8oCxze?Ghd&zJk}ykrPyQ)>@Pz0dhVCQI_-<E-V(>;<>P^&hMa*$W
z`SF&IsjO0+%WEs#LAf|TQ^t(zoc095OiTfFJ+Fuu*$bdc>{CYK^#P+o9zA-&(r<N-
z-?c2?+pL59o3M27;EP;)U1|&MHGS2LOs3&`=$NAzImjRO04kf;r6vxy9UH_MzYO<k
z)ku(!;ha*10MLWL=GS}_#1hD2zYaVT;IEMr)#nCQMH|j9vR9gX0sSXNy*LUPb-cJs
zb+aL#*xMatqz8{mI5~g0NrtRhCEd~;_Ew2bFjk@dZLoxTrT@o)pjr>T>Hwivya9@R
zava0qW)SW>@CMxu6RzgRBso~_eoLeDn6(#R_@paRICmBf&0>u71@jZ*eOo69a52<K
zqx1pA-nCCJF|s}$vFGfX5k^M-ZHM%jWix!o@8yp$uCA;f#a{d$MDnGgLXBgBO|hAK
z-uY1!i&ccaw@4oa?)dW#hKny3^hGbnA*9EpGGZX0GVmfFC8C?8$oWeGNP@xQ!y7Sx
z6JWn%14;6zmAUhsmxb|M;5_r=s5?*U(B>FZ2h*QM=BCEK(mx4dBmf1Dw5xZ+fPJ!6
zSxtfSrl02NMeoB5C@LK1Jcz*4LsFkj=(yAP6>{h0K^$>|QPTYvUtnp?JSI;A<NTD4
z0HfLs+$fG(!Ygu9`e3=g04J0O_U;`j&EAxWH5PSJmI}}Ac+g#92Ja_&OY2tS9+ppn
zL&r<U%L85tQt+8aYrR<qc8uAUc-iJ0ZW}Fkxdi&O4ma?d2hB2MgOdqEh<D-W013WK
zZQ;KFEZ9+Ep6}K7s1S>5K8fft{Ze9%y6apsV=EC0)-p%W&?UR!9gFciq0td~G5`Z%
zAQxp<eaoGB<s^y>zD&WwLq$Y|kh(lAEmt}~^__c$tH6@D`?Xg8GZHmCer%6l>hj@V
z0GWd~WrcqMLVOA2*x)k#!~L3;ud2U9>X?#YC*yL=saEvz`GJxci#>%{H-I2AuO9#)
z{3aEq=?sBL+SJ(Sr0k~OtFL=`D_h1KFOtog>O>IpbeXp!s5#^!;<5Cr#SN8I+4Tk)
zqwBjau%j}W<8}u{S*V?GC`RgpR6_y?FpTLMyw%k!bKibfyPem_%z4FDgp5ddE{H<K
z^LOiBUZ=J*2ce=NCI2x+JOHGCQTvYOCIEPioro3Ru`xT!zUX~)r8Rgpgi*Hvg#%Wt
z_WMW!0Y9QwJ-Qm6cU)(nrJ9Bn_~r~F7WmGk<K{8FlY&T^VF2?yt=J7|+F0R1!>`t)
z>WvGrx@qBTKXrTguhzo{nh<CiWs`h5NHLX&hrJPM7-+IbOb;YH0}hL|dep)BkL1b6
zzK<$poi+@eDUVE(%~b{3C8Gs+Fm#xjYA4CDD<HZQdY4Fox^-B$&)V@$Al2c?XJ7tZ
zjw=SvrXcNED^z^tPAQSTUy3<ivXX#+%ZKluz{CG9<Tv+U2<PAXDqizcQ|ixNm(TRj
z%osk|P4Sgwf2KlQ4XYNJ;zn+NYk^qQy@MaHUtc?;qp^Or&(ZO5B2+2n9Xh{41jn#J
zZf;Gji2yL*w~VS`$SwVy@_q-%>kE}YdJgB-yhpKO*%D--n|#_D^0!ENKsIJrbuN$u
z86fe!;DMv3_2h?Qk7qooN<*o&wR2_h#^{WxeNKK(f2YC23pWeU340G_JmA1Nug`^y
zMg6Itvg$FLT$=NIZQ<oZqy+};puIjfR&E~i6V|4LixonRo3qM{n&s)UBf=;x?FI;;
z!yaB?QS+KZFNjW>+TvXj<^x2_D>z>HYrtw5!I1ou!kTj9mRKkffHmZH6l9^``6chM
zCEy^W;3a(8WjWdy4oj&YSUJJfpv__y;GwCdl$z-!d6+(-#9s<m9PdT)96dWHk7qp2
zg`?h<v9id2#5hgbs)ft_jwCr@-%P1}NZr&4#y>(VYJuM|75jrFz~4{sE#dm*=AL3D
z#ova>2;DPLQ*Vs*2!bT1-X2?$64U1$N={Pvm*hcre4`qjVsI|fHL5e+_k_38avHn+
zuaV$cF3H?SQ>z_%;BuXvZV^T;-aZ6DdLGPa&jpazkAL5n{Ios^SXOUrTsE@e_^^;@
zmb#8Tis>Tof25CLFDC%D2!A%jlc1Z>P)3!;JRLT<eWaQzQE(?w3b;VJ6&TWmow(~?
zF!XJcDJ0W7hC|SlV>}cc%n$|wfha$>oL!ciCUd~L`_D|_jHd7`8!KdsRW&xtRI3AA
zg36Jk4#GNdS97}n3I+qO5=qihrq{kcnU|w_uiIW**xW)E=jJ@Dw^oKk3TqqY8xEOj
z(6Jvw1cY4$g+^Rr5Ky8dk11Xq#YN#IH_o9RQ{H^VUs*3x7KEd|^JU%=cAbaeN>j)|
z758%K12-!`|GCBw%rCNp829vUZ(uDQ-$a6g=0CbB=>sFu&7~8Jg<{=48B%bQUx4v1
zAUv?v>g;!gIPZNOy}maYB)V|R#`jaNL%wv^2JW@^FIi7y*dsNwH4CZDFchW$s%HEY
zP$|>zzCN9=AvrUTB;_uv9whD&62J3?9MUITWR8_Dc^LstQmUe_rU1@#0^|Dtz+V|>
zHx+c=;A8KbMJ{;_2nyDUjavF)Vu(<Oa_}`<9V1E0jiZe5BIA@UWXb!%lvK>DSH5c`
zet0Qna3z{ZSTFqzkG{z&Ky4FPY}fp+#Jm3|TKhjs9AM|@DUe!0=3jt%i7{Uk>PANW
zkH5j6rh&Vx24lY^zh$hCa$1Q`wEtP0@?aSbM*nZt?L};}W$hbHJP!S4%fu<h&~>Vg
zWRN$JP{R3pmDMp+oe{oHfSa-$yJ=+|B(vs2hy()YWJiYlg<ubM$+xeomh&Ox+$wrH
z3WID(Rk6OM3ztHWj0Hl6VG6$rK>ZJBfS@sU1fEfN7*4RuH1*{f8nHP_M-F;ahgmX-
z7e)a|UD5%+2K$tO6fRHduUAER0Oe*bx9;%n+c4}RT-MRsD_CRy?i;d@Ichc*JdwPi
z$xQ@Nhna)k;+prK>-}26oB<)wzD}6f(W3g)tkM(9Er%!DJrrXF$aJ#1y+lw_AEF{8
zuYglYBAw0bBsM5+xItT|{-@sOt^R_ubS{6s_t83^#$|JiW&LN{tTC=^9G|Vp_gB2(
z`oiV;NzO!ysMq^K@kw~1&m>gG4^qIwWlCZ<o~f_({aossZaE+i<a~ha8_n%u#S9yU
z!9CB_F-Ca2+AMc%5QymM_Y{*G94oWV%cj>$ybW_H&t?3;*i<Md1EM9$ke{xQ%!N6C
zE^Rqa>vv>Qm`5@!O*j*78&ybYX2CR7Pob1%TFS={y^kdZ90EvngeZ=*gUI_doJqyo
z=$dF9Z(27y3T9f`p|4QF^~K4a%=*=LiwgDK_m3|hWuO5NBIr$}6L3}6moRdC>gqay
zK&7zt<X3&1fOvtVO_<82Mrp3SjJXn`wp;>ZVNrVN7)**h&+|4361yH($vT(Pqo@zv
zl6B*Cs=aWTkfx^k3y?yo@k7+?TNeKmRf>Q}Fc&hWV<y{-<zool&U}q+rXET7emR?V
zoXa<yjGtIsjA8Zf2o_pcM8!+)Rq`e>KSW5%WUpT|&-L{}zf9UQ-?Eqf4DZpfN>j;c
z<tHVAWO&ZQVt3=&boaQgTgJ&4bjuUyB(^gTpcTXd7~)78Bm!vdfhZ@%GaEvMw(c31
z(M4EVGU|A{$@}JbHiK=dwJ5y7&HANE)5P7H<`|so(8Eqe>lFna)zYCgm)hEOw^`>o
zk_;(ET`5sg4_%4st*gfZ?1%HTO0{GN3@ReRk?p|J@gdCEuAU)5<f{2a-PF3WQtC}7
z?z|_PotEE}AzQJ7*0XWD6y|vSgo}&%(XzGN)Oil8vXLr$Z=;~y)O+uPwQ!kxGxvc^
z5|jgg-?ClyK~O^y#cZCw%1@GEeAGLn4<HVz=xk|al_1tE(r3H50jumXfqbD^HWs7K
zJk9oCZef(Zzb0PGlLz6YFq6Dw$2}Fg-p(w7R~5?V4iKyj0D{DMK2ePf1m1KFf4HT>
zN*EgbF1^SfqNV36fbs3G{>syBrY%g6FUA;98nYV<x&SZ}&|@R<dcFbN97WkTU-~c<
znC!QMl!ZOkIVZ{?@d2gFVDj`4Q+47cLmaUXG>kBatBtVmjSmu<9~}JH3OA*(yx3^9
ze%G~!k%i;B`N2g^7UAVd&4MI_2S2TFtg~<FcmLb$My7j9^44X7UznRhZ-{Kx`gD|@
znMqJz&m9_t()-rHT#><8@CCmh%b;R!_#U_a*%stSK8+b6kev^%PeKF2D@#B8^M*a<
z)jKv*-c=P_I%69zMF#MCTiQ{mg}wdv?~OQDz_o55J&9X4%KOSce_6JLlfdWIY$3$M
z^dqm8^LbbuA5{@Id7~yv9|6uAfgm?@-{0Z=`p44RRc6BAdak|JsLTz!!TVt9wY^zo
z+7o+i%dqBDr_~CnlWJw;@21N>`CboYpCz}&ipJ6228e%u*?6qz@vV_2_^8fQY-56X
zY&?*}8(EYQ^L8*{Cp}4Ghg&w;RT)L4^`=R`idW!~Qg){1WLv7KMP3hBh@v(;7Nb8~
z`sI)w1=M^5obgv6wRQpP3<7=c+#Aj8hos7+VKl100oF|Jm54liX&t^tv~jAgd+yo+
z7!Ga+xAb`1qlJpZEY+;x3Ax%!s6qX)xT>nd1rt6)hs?3O9c&hlg**X*lr9iN(dCI6
z8&PyISP&Y`-#Hg<a4&Pv65Dt^S|zi2S}i1K!Z?`^sIK1z3@MP26>gh?2<wAdtL4jO
zt|&X0mwwpDY1{MJ-B#<lSgmCzqhM!(OVV9Qsz(ILr!AismhtFVmfj1SJ7+TLH6Qsx
z*XdrsTPaRmR5SNT8wfb43T4^@ypJwczk6#yX26pFy_Z~NnML(jQ(UB6^3O$~U5sa^
ztTx0waNe_2KO{zbE+mMLA0LiDDcA=9M=8%To3#e@1_ws(9^Wmr*QuvJF5Gf6hn}+c
zAjp_q=M`T{AR>G@!2pGvw)Q8HS(R&gpbzJwtYeG|LblM97e<$<2zj_?3oA1>x27V2
zpfd{@<UKN2Xkfr)LH}pKx|Uj4WkZNQv6fVB)Jb(+7oil(H#c=ApCJzd&H9j+f}iOM
z`&@jLk-)jGTRt7S=4(<<Aj#S0PX&khCDbb<Vy6pfi6-yHtAL~s5D-3tvq}^t{rro2
zmQ&uMO_eeFL!DI$@0eMJX68?~h%!*wOpoAJ$oN}Fs|AT#%@{Nv5MR#cu~PCreZTxf
zK)WELt=P=*eKS_`PH3h+8Cr&;XG~uxgXp`+6s-iAAVGDOUmD_}(L<`j2k(w|nlk;0
z+Ee*(_ZW|ES;1JgHI7jhi~#*7<J>{?d$d#oPHYf&D%V|yuUSz;g>i11BMVu2>q5fj
z99`2NvHGRz;oK-na{%=Q0`V&@KN>J2lYgE++!J&uR!dfbLstz_O(IO`Nd~r+6aNrC
zFMQS-vBIyedimg{)e)3$cGbmS^=W?Tw#gDt`F+My!MDC^)cL|c-PDYlr?HVSh#TO`
z>sQ>sO{ooRYSxAeYgkB~EiZkbY6{#Go4U?|IPV`XSuDYkgUXKUNrX@X0h}65XNtj1
zwgy0JHi?xgK6PN{H?psqJ@22H#Qz~9BAq=P{iBM~ce=4AdS~X}5~@&;E%TK^aO_P+
zbbW~7N{IK1EOu5#2D;BC+bvO}na_n7-X5JfQ4KsMMh`O1>#{rXm-m)|-zg9%RyW@H
zS-H{J(a%mRFdqCD0LQAc^h06seBFk+JkI%z!zMMIw=jmu6s-G-u(14nItCYn=N0RN
zi2Vf+bi5sn2TB(+zp&M5b<oimH_C5^O^CHr5@g7X6F?;6qW}N^6dHZ-qy^g`i+%h&
z-QL>-*ozq?{CbB1LJ+fTN{ET4<pSWf;~xI$C0x^6>~_b|&eaChc1d%?Cdxl#o-+!2
zV+=EkWJk5o9sr39bs$e?8ZAeX=nwQUA*<pO<Dyq|QuE`2pG0>JKA}+S3e1|98`*4?
z*ij7zw(KB2tuuZQ2ioP5-hJsm+WsyLG_|I2ago)-Gv>bg0?6zT#CHBM3w3_N`#niR
z05{L>^UeRt5#uSlq+SN~%2g@6kTRn)hA-t<jZx0J%n~vhU-ZPW@3f#WWEKU&yiKT=
z0DQt=KTDd*HS1YYyO(HuTb#R*dAFce<GxuX)-Xa(6GSu&0?@M$36gHm14xmHz^Z+>
zXUC+uE9+6OqTyK`zPI?Y+HX2L!VonJdwG>L7$BiP0R<@T!-q}}HSacCv-Pr?6x{Ju
zP}reFlMsB*cBFc{dFERHpM{kmxox04Ayx|o7{Zf0Zy-<SM*>M3n-?B}E8wZQjX!vp
z4R>=xGL6w^G(#?6tq=-+)oom%-cdm?$tv;d8sF4TsYib#nS~(3rq}w2E`3wR{7xkb
z76s%_aL6P-7Z3#61Vl-Xz+Ul$$(#TmWG9B(W3CLATU0hJh#$95s}C_SS|oB;?(+cm
zU*8}QetG<2<sV+-N_M309hUhKEk>>}FZc{KqAB{S>)sN4D`TKn5+<MDMzBDQxvS|P
zrf@LvD--!;S&103jLYOTzm^%ib(v;o!(K)?)J*jb5sRXRZxj+sv(q%Is}qq%5!#I!
zJnN9lAd(|@Wv|`jX!RKC(s%hBv@eI}6a`TsPB6M7(cH>_)V{l)4Xf7-=%o@d7LXGu
z(uE}2nZ@WKOM-(*ZikB(vg*M8LC}MO%+EsI@z+xwZ~5h|8%I6Q+Eg>VdY7ENtlD3H
z74s1TS)W$%#SEFpCWuE#sgo+9F~fpM$ZDP)fdBGDLQon=Iwz9zXrWeTZwH+$+)~AX
z%=dzr3)W1k@sOEHeE;q-oh};(U*jxbk(@m|;pj0<GewqzOXIf%g*7=O4<MXilONHB
zhcy&NF|WK^`lIP)twK(_Q_q7;MwOVeyhMk_`7!=DZV^EN;yJ=>T6!FZCOr~jxN!Y*
zz^(S!_Hz#MzHcX<>L=qF^_;G>z%$cNm9v(H{S@Trj8PZz-x7vB#q)%Yx1UQ>o$~|Y
zv+}$$`x+dd+#b8M(NeDNE=q~08R7w$fHt~cbURvXviF%0prcA(dlXeVX;}OGnmR}j
z{Gxp{rP=nORhFZa`h!%L^n7?MDakOk9%|Z&TR0C0xc8Ehux$1fcV+3FDr1qW274x%
zt7q>;wuZ{uU?IrpVq(K;mMZHKZk+3T7cze~vOih9a(H}UQ3E+7t~B{>3r*TAQzI=H
zRT&__NNgf$Sfj3fj3FIyVsEga-l4gFnj>#&RyX__5lKdEJtB67R5snvs)Tp*N#L{?
zsyJ)D8Y<B6G7mgOX9hOj=(nc%aIbk73O$TjC$BXZ+%*1zMJ)<a@9mk;QhnXLtM!k7
z<Uh{0s=r!t-9Lm>o=6|;e((N=)Pz$`+BDSizk%rt{#F`rTlg;!H|75XaS!_j|BFTu
z)~n!OHvge(a9S*&HkAFx=}qfDkb9DTf8*oY_s#YG41Ezl(s{6%dna<W>xWA52ZsUn
zuIq}!&v@ip_N`i_PJF2DYbu*;-wmI%#7W29iD<V-Bf`*Tx`!KxfGrakvU!*SN`gWl
zw8C!3ER<|Nuiu!p!<&wmY8R@heFO88T?-l&pM|qeaY3pPFyS@J5&ujNx)_)5?6v4v
z6=QYB4X5|DGM@SOCq(c9rb{Z7o}XU;-;O&P1(%?~7T+;)0!(`xN$D4m%MC{gZJO3+
z&dHK&!g8mES0*BA!6d`*u&rewt3;EDY7|I=M{$tJ0^ydR#Zb!v&<dPz*Hc<NJk&|L
zdz|FWp_x+J+-qzn8n&C7Gqzc=z9xdwDz|}*zJ$x{G8&cne~pPh1x^}w>6;jCsc$NJ
z|19}z6;h|=CYEWtBr70s96@B<W6ea$va68goBVtS?U&*PFtgt0VHAnGAYL_mm@{B_
z)@)oiJn+`|{<)Rlqcb-28PxZ3Ej-NE3R*3!PVy|B5jvV%39&G~3&o2`Blj}xi^~>k
z>R|bcb-kMkcbMw<_&8(~^RnaG3UT=!yg_-}0@_k}6BKB2Eq_N<MGEN(Rx#5?lE>z4
zC-xtWztHJOTiuylTjVPw;=7tPove7k$V6o7{t?^dHpI;v#{ziVO~F!Py73UU{ydi7
zJGfHz=FS@vcfWgQrlR~7X4<Vpz~*Itts)sTzGHA8BgsE%>My`hCi*yv{J@`HNF_u4
zAtkMw@EV@>l6(Pn6qgA|ht{EW!R``BjDD;`8V)QSs=s^ti7jUZOD$d_FYO`w=4l>f
zO{TU~rKtkGeAiD*H3%Sl+Qu3&RAp&tX5<L9m(^_02wJO%dG$=2qf!_m2}dd7)0Ss<
zQ>KXZHU0va#uG)`xA?zO;qplIQDM?8_x^+nL4S!o%LM>I*K>C97IB?4F=)b$fh#gs
zjuqH-s~Lyf<7%bQ`z;FYdF5L+)`RvObY%FjrP`DZUz~rNm3^`wT}HXwWtreY%P@-5
znZ$Bim_Tu0Cjw9jz+@8|MYvBpQM<ySZ7&$?-suxo2KW1hrP$oeQh24{{&pp+K#Om`
z5Su`+970pbo~Rszr555{P;yy%AE*|iWsX@!v24M0bz@Uo7BX*vuM{<VLEdfRTwC|1
ztM2VgqY*+BY%GSMY-f(bl~PX)h7lGoa;z*_S-TEk2IXVqN0nl9yh3g3!fqgu%pz$)
zfT;vVo3~Oxpd?UIolu2NiP=1><Ia;{0STtSY#+XLyE;B<R=yZwsb<}s@7bkD+`f{t
zIeAZiC4DemURQ<8+M}T|?t1(rR2KymS6a>VSI)vwN>v&6C^G}kvE{u5mM0~j$d{D+
zEJdnY+)ajvHglbs=V<F!dW^m84C(I}JWo&0adNFSUPXZ}SRwVRwQETjTgcE`GB`Vg
z447eUp%k~Y;RNZod+&TrP{A0XzlYiU*<fpUx2YKc@7H3PhR-qZCZW>li6aY{>>`TH
zA?Bi`XienD=Stt)^NHwpiw1slAu-mlp`m_QC+y7GR!xF+{?0gbyacliP-iqQMcz}7
zHA5y^$wloQYUPdGYwT{<Mz-rrSihSYr!s9T_ZiERv5wP|ej~!DEi(sp?BVpm)#}Le
zlEVTRX<mOgHMjkuN?Vbi$P`)C^4z9g5?z>&&}hrjxoTYY@2sAa$$}l;>*`cet^_#3
zIn@I$<!Tt$@>7?o!>9*T+}h~EXem~^awF0^Jy_BtwYy2R`M!UW9Q>^X%$7t{N>1`q
zz1}-JwR9i|lL}h!$j@m~apK+?yc{Ra)E=M*O{StUpvbCODMx1ne-pCMnDoGJt@Thq
ziRA9>^BNbbPizxk)r1o!ok?6pMkB+=H0-WEQt!?m{m@FgaNwZ6+Zz$|X{N<?rRH-(
zos4AbWHW|5S&P+X6vn^->(LQ9p)!%YEtrXdxGA58GOtMz#2N%{bMmjKRy`Vd+l0Oa
z&x7<2e0uRg*ZyU8RKxsHc=7h*mzPhG$Ja{s;<|}XY1Zaz<B2F;87pVVMI6F@-#or0
zAb4BP?LEt3RA@?zFu2O@kUo$24q}KqoxHC{+GAQL#PIjmD(|R^M6cI%&0Q%ns56tM
z&y#B-9j3k2FBH~Q`YxKOU6K5ZlO~4xjwj6X*HMqGq>^<#JXzO?T?|Vazvh=y+35JZ
z)Zw1AP|nU5OHLebEE}H48wQUu8jbTGxNsFqaKss>c=nJjr`YS^b8_9}<z*xMhD<@u
z7y#Uaj)$I*MJxRik3nbZ5MY%MR{5NtZ(&jU_3Js@xvyuY6%3MN1Jxd2aoaOB`dl9O
z{7{dOg+Vd;&OJJe)~x&{JKc?r*=7Y$xtz9voadcIyeJy{3wcJk$n>ilVINPL%h3TE
z+jMK@B@kY_TV&ZF?P=4sDL}*d;YTL-nH!LAGEneoeZ)ED4!eOVyG2>(?aLZ!4~ybB
z9V2V!kv4z4ghV<z=5~=xOdyXsw3r=-dr0Wd1@W3@D>?6O-~el9SSK1m7X?|W@Er-J
zz)v6$N5?p%*o)9l(O2R!cfvJ=f>K9L>bBlQsO_-)ryZ!Fg?{sQOo=9XT$o=RL9Jz6
zjaj1L<(&UK6#`G}-U_*pBB2OU5?a(GbQ4al{_tboh+z|}bBtRPGho>AFa2srG%Q3!
zgguTs7fp!8x)i19Af*^1`FP)p`gA*JY_~v7l5<ShzUR7pqC*1$Oe)1WIwaoRDqAv{
z_q6Af#_~c}R&|=wB5q;QOqHqA+k^1!;wIKf8nW^PF_FxtVYFfqt}+iMOhs8&L*?F!
z@Y73S&O!!?1qgFe$ui~yX{BUDoCJ*Egf3vG&0jC~h$YOj4)0iFhl<<oyjv)vlqJ>M
z73n*Asj$A6nfRP|1DNPnC!Jk8=v~8J(gl}%v}vy7RX15dk0H;o*FUH3z^Wl?jdd3C
zZTWW#$2)Z_cVMf-N4OvmtYD}h1`iuE0mL6+NKu3R>Vjm`FK31OWyqhYnGHDy6fSPB
zF=g5GL!vObkB!!t4Y$Pd0_+*4&Ct#!8%RX%+>GzLjC?n1uOM%gMx_bLDbG($tt7+|
z=Pi{yi+Ulci&KUKt_z?w03GTHtvIiL`HvxIYe9L1SK4KL51hzad_^Uv_6jl_0VeTq
z2?d55vLx>JPODIP;3fO?omV9g@8yDIo`q|6%Oms<(O}bLz=QJZa*66Ve?)9-I$OrL
zn_ibz5Gv)amL1yJb96YPD*E_1pF5vme-1Gr#xF=}ssRAd7x)dT1LSExQ4Vo<($^){
zKd3qnYMt~kPc3C2J4oI5rq{O4t+Bn0)2h|Xc1Dtc#>o4ilmd`Grkqel*$npe?hLDQ
z=Pu*5ZR=&935j~?#SYmddcjGoyjU*mFF-fFvRNf?3)&abMS+7z-ZkI3+j@gr9|-c6
zOwZN-In7faUT6PExUX%jP*EDgSH7&r$c9x*_9v4yWtgPMQ#TcgzzYUWOs099EG87O
z0sWXPQ)XK#{K+g&Uy?vD+yIJ!G1~hs-%(j7pZ1(27^sdt#;exeHJdlL6&bI1X8Ewm
z3OT1CqxT7$J@|g>lGyjVf%(k?MA}C+^A33Q13}`FlEYoC(>1cs1id@|1r(a~pYY8F
zu7>y4aHOAu9(+k;-5z(icbwLnx~zWH6>b0GYo(9EuymmXo+V7$i2a6cL9N94X@Fs;
zn<lR=-?lThA9`}$)g$=zxZO9M_qKmNRFI)!)0Ql?54Z#7{f4K&9v(T(!Bb$r37O%?
zG>D$<l9I+6WJSIoXJR(kx>&xvwJ0Q{S6in)*YT4$i}n6z7nd&+c)IEb-7Ztl(pK)^
ziKe5E^8;FsRHqKJkoMh+a<<`a|LS|GOixJHdIN90v`w5aK5KCiiT3r4?()O4X(xX(
zjBIZHxsNAl7T=QWpDDSKPvr?aHCgl8$}#-@%6(ls|MDaKiF`=LoJ9dLhzGA|)fs_T
zQX5NG{WpFhOX5=UlcZ<~?*28)h@4TGYggWuOqL)+!k!Z?2O7YJME>6Vvj6b!38l%&
zso8blnWu+tDiv(5x!f-Y#kRcJ?kKm6Wi(~4dVk=oqMYf;(KwkG)2a^s98l9G_!Oq=
zH*!wW$K^@L8@0OnJ80w2LuNd^_uuwPDAxG;kX`e9xwK`WN8oLpV~_`8i#x!XK=TFQ
zfDcGZfO>6@fa*T{lKLd*<=@LPQozR5c>n3t&hG_w(VsM}5j)KO?Nm8MYy6Il1GX-j
z;K<@fp49i1kH1jgd*<K84Bfz}KVhWf>3Hw7;RFPNSVbFt{B7EQ`rTWqacA!o5;hvN
z+^WKCqz6<;ncd?u8m47GO3qI)IbU+R3&4qCe2S3_>O-5ApiLqo`A?wH;(s#D-M{Dg
z!DIGG!3d})wA#1rVkT<KmSTv=dvb#F^0t5KQK+%ePhFw0V+QqiBs{wNmm4Eb*|W#r
z|2;9ze_F)<*h{<rxs^N`$L=9s64F`Q)*lNVdcD>Lgtd5LT_;Hl;f9F>qQsK=j=~7%
z7&HN}6R<aJ`Rnfi{VT(ZVsH2NP%(=ODGe3tUC(7G?>|bCw=grLH;h0cnVk`&IN+O&
z%^>-IYcr($Tc(xFe)De_ZA|FoOcsly^kDslx&6uqobf10fSD=>d{i8SB)c?~VsrY0
zztKUol$rmQ<^E3}LbreKc>J3d!E$E4edj+X{n1@Eb(S=x-DrSk&Wpu_;kF8#Ven}X
z^}&w%X7uX*?%%7B^&d_ly;0u1ZulPuNHp(Xnc;tUndkr0ef*yt`M<T66A-C?=LEYB
z|64ouU(WQu9hLt(3$9lbc3U+_e|WCgSjS%O`0oAcz>{o{0v|gxBG(bG+`vt8^ZjF!
zYtH|}6MfcV<<zkB<92&O@#Ewi?=pF0D0MNMk%C__5`_1BM0fx)SEnM|KY7l-9oK*N
z$p2T?(_?DnGW2QQ!!vxd>E8n*tYqQ=0+;VcAik5`!e8zq|KaWRJGZi4-2TVq`{k%=
z^-;!;S6n~4q>eM-wx9L0-G%Gly21TGQ%r)@O^9mO1#S?|4}r&3Q+)+c{h4)bbQl(6
z3QS(ky!%7{9dp5XdwcN|rhH{{!_$RjiU#z*5aIYoTdb<_)Bho={3LkqKV@hCkqgwh
zQ~npg`DgAmulR*QPH*ksJ+b>Ql$q58T7QYGy5y>2djGioJ_v&PJh5myCGPSL6hDll
zs(Hrt-040nA+#LqDQUXFt1Eb<ekkQ(cWc3?lf#*<)`7QGucH1F|9tWzt7OBvg5Qk;
zgo<23a{D)-_seaxGwm5x6yG-CL`}s9KMAG}1A(+as&`#JvnS{4L0R^%;HDi@<G1zA
zSX##ff9qCifLZ!i$0_1DGxZ+v3zEEj{SM4)JMW$34#|1h*oKRy_73B-&#*A*5Rr&@
z-i`C%*JETCrtCW*`%E-$GzcZVaIJQUyUV)joN80${kqDuEe!H$ZR@AxSx$!jB=)?c
zKeF=k{IQ&G?LAh|wB0vH7_PgL=O;TdfI9t>7LrzXarV<>#MBdBaK3Ds)|Y3qXQ$Yt
z=%C%RFwW63tg*I8Oh>#R_=s2$W)9j^03h9q%C4!$f{5=%XRdNLl4}nMQClW-y>QW2
zRdJ4?j`b4T4|)mP7lLuC3zBQ4AtOANyUflCZHGE2NXG2alL4Ly*;*TmQFRs@H8)ts
zO~LJxmqyZv7`g*92528X=|xgYjj8dFwb#*zM6GnfVk^uudM$1nY&n_N>a3pqF-vF6
z^gP#|586((BgZzj_>Buzcm1L$K{8MR3+}o5X_}kopAa`F3QW6f-Y4_iv#)o-W(5!E
zh-~#$awYHJYJ<3a0l{1Yf$Xy%4LwIvJ)9RwMQuiwxdfz=S6)1>rQC#=gV2RL&bf|w
z>O6Mn>)f%|Ypmr>N(PKnBC=)4Pz7Y$WcTw&7s9%)<wCh%g6z!-se_oKvEf2Q6a<_A
zwp7p3f;(>PbsSLY=C8?>o`skY`yzC59be2QAAdojOS8T|@6o8Lze~jL7KXRqpriw0
zZMW*(aSOX*>0_*NW+<!$Of0_(1W-)=B?5;--|=(N2|C`~|JX^i-f&+5#JEvjl7t{1
zC4Bkk#|_vOhRBBsQE>6-vjN=ZLmTwrCVPI--6!;HVU=r+`=Ur@BWvw0G+)$cyK~GC
zp^{{g%mLt<gUh|doKc;dIVgrS*u6@=-b!#Q+^w`)?ge(RuT*MW{Xl||EGYf=KC#(J
z%;cvL=x-jeK`9TVLfsxg^NAB;U3LCY658ofl?2Tdo~`*b=Yx=Q8d0icMiZWOf^yz%
zBXe>joZf`YiB=GhYF%_JR;(Iy`MDElx_g|nOk9-Q{&wW4zgadTSv6O_qZx>d9HU-H
z85Fn^98+B;+%5HE4p*x<T@$*<dqU;?^~7w{+4>9Ex&D~AQXAIVq8Ayq=UVtwCBvqR
z*S3?fFG2EWEg<i0C$Y|(I@=f4H3KIlu+<{i{TfS~6(QI}__CONDaZQ^WlLu#62~=1
zrdUl3B0%ndFm-r34_WO=_{1sVC&!skJFqJ|%Rw}&%G9z}ERWX8iCq}&DO^fK;WnOO
z93X+nQy+LUod!GmwEWSLpTm=R88X)8BXS$FR!r&a4?j_Wv0}|LG8jz&BRuqm)Q;5Z
zU{<@a;G7w|5jB{7yND4_LsRqD#~P1+a};KZAGr6{woqGSh)C<dR7?p_Pv+~aCySt!
z^k)OTPN#YGrOxE!pu@{2(jdggO8R=)i!uQ*PnR(|_R5A7R>AE??Z{~EjYWb384?c5
z@R4qhPO-_2jF4^H$ZX+Cm6LtjmCX0}9~D{JIH&?+#v<HJiLBDRW(Y)=j=-y@-3|WX
zP!;C=xZ*1f&&1nFbH1F9^yZ|kLfq!UoAf)l7Gbea3Rex8_{0-LMIX*VnM5=0ko7cg
zFm|^_b5f?P&YvO9WSF-niXW82^Z|aglF{3+xWD+Zxa(%*el895<A}p`)un37vc>E6
z!G><5GOyDDStAZdnUL~K$%nJPOR^8LHCg)6#*2!B)CAS7*Ii^tHqYC+?lUrg&S}jA
z`ZtlDqG}Y38?V2}eSB_t`lb8VZ_bwwihthi_%yShTC`S^nr9XJ$d=-E!R;3gbapvz
zylA)`@CSzw!wNV_st<<?JVDk?_WR#YHFh~<oyeQC$j$2f8c@3ld1$3Ao>sQ0X_+2Z
zV1wG<N8)Nq_KtAQl}&kc!s8SruCP48U<L}pA`KEu3n=4grb~M=-_J~BDMOrL(T)sI
zistgf`3(|YP`k_D;hE)g`p_6AfVSj0k=RdpmX-SQO^oNT!j2JY$$OvStu(pWr9|p4
zy&Yu|?|RlU_MzU#!D6oY<xq2}(;_#b3VfQPx&$@t7dJReE0KmoB0uKFdhM7QsXz@*
z%kPFZJd+(zTzHcKwbXXyejqkjK^;x;%81q%^;+~D8qM&I|I>AHXD%%C4xasDI)u+$
ztCwOpCW?}%2XID{z<C0>q)}(2f7t2QNo~9<j<Tazu3Y8we)Q0%9m+@XCNb^__hO<r
zx727!a5|Cdy92=p52@}~n{9GJlh+)t9Tvm$W%(n64A?WT$Zp$b<dZWAvTO@Nnv_i_
zGa*JQnc{T0PVA>c8G8M?8X-uWJ_9U>y@X#9DhC2_VThy){B8%9)Ey_*d0iw=X^MM<
z!^4S=Yw5)*H-~u_Oi*$pW7vVjBhU%;D0e!5W>kYCPP*-$tvE@$l+ON(m%pWN$wtqy
z-I7)vYY1F4yQICi>G({u<g6(iW85;17A|r5WmVp6XqKKJ7qzhb+s=%?Jd%e+K=|U2
z%g#?+0FFVqUl!yXm`t0yp6%OJ!S)r2UYRp&61p%Kmj*AKE6z^n6!$*97jLQG6RgK8
zRv$Zqu@9M*h~)!@`F9gT`&9S_5PUpcfU?~j!7Xl_j;#A^1OM|la*N7>Isv6W8bNmr
zV>P+zKe$wLo8_sKLFgiW`%An3(01;k$w}Wl^bcL*T^k)3pUrA9G0t{G&G~On*>OnK
zL#KnW5|V&eKKf!OT53&BMe=GZBYiFSX}(w0g$QN8!%Inp51SMGo0rP6tL6Ew!Uh%F
zP7(f^U@!o{^Lo=L`o+?A?bvI5;<QjcOdLvAV@dI6YOb2B#dUnx-b0Q!N18Su_D`8-
zR9NN7vqwvAKr?F29&sj|ksC*I<U9LL=OA(hUuU*TA-Mo8L^WG1!c+)h)Se&Nw$CGL
zoA<o#G~v`*hU9vun2ng8?zU19&W}}Q*{1)k;M7rgSS_t4qiV+OTL03~5<#$LjKPj0
zHnZ2^`p~4^`;x$#xWrMXWye0NjY)X~#evf+Y*+**2$S&0OG5W77$joCAe%|<9Y-XY
z_PYjDYUZ5Vp#2xvR#s9&I!l=nZk<}j7E~;XJ|jLsbz4I+z84A&lKN4R&q~jC2p7A&
z1+LlBAzXU<`GfzlMYa(WcaH_;Sd7TTe47H|jOiEn#Hll`U|=8RY@@GKvr7n{3=+pT
zG+BPAZlrAYD$>0Ni9yYgjZpKsnviv*F%nc$Q{)Q>c7cStJqQzrb~FU@)<YO^6nMH?
zP+HH}2R<66?@GD?+H+)DSTz`7&X7r5S2zt<ZUDR1Qi&s{(HoQ_nYc?dU64B?b@Zph
z9^Cuq!?Xmy%tH(Ydzfe6`wc=vyxU6i2W;Yw-*^`6XT(&U2a4`GJy<NVN#=Xy>>wFW
zfy(C1=&4E_Cs)BUO$?v%EKsGJJCm_g&an9}$h(W4U*5CPHJH?vdm#e4Uc&0%xLM?8
z+<oL&XEiKUsmHHxjvg!2FD2?@r!<{%7uN{s;K5+bVWdgP*{KdZ5ig}_>~t%~{JN3c
zbMTZnXBrSy1`ocujVg|+joILS{Ci8_?!Krm+pyjXeu*zv7i`?YMRe%8`e2N?RF$N$
zDIo)th)5yV+kK|+mD40#hWie5am(ppNI2aEoIEd6_~1_WvyH|F{PJ{p)z!E}SOgM)
zu~0*jA<lT(rki|pv16;c!5JgrcA2S}gc${araxP}Sex2?5#-}q6y?$-JKO{i9ytk;
zoAnwcFXM%!iY<7avfkw9_^q+7aK8Pki)FAItV*eoL2*z$UMTuOdg(Xm70<FIe{_F?
zN0QNx(-xGG4*7J@xA2<uJ#YyzXpb9Cv+Xyr`+5UGW}{s_=L4=8uOE4Lnp$EsqNP^K
zV`F+tr>q;V6&ewH!bdx`u5_X#L2HIa6XqBo0p$A50Qx!F6QYCiyS*C4MyhlQ)kfjT
zE;>@cJppq6<{^jVoLI4`tw~Lcx_-d@K#4P+E4O|cSjfpsLhE{sW#qh6{`I`Xv(XQJ
z`3jQEJZYW9!53Bri6iu+RsR@J^uv5Dy~V1Gj}0+*an1U)VUGP{{OtJ#AgF#dWGQ4+
zn3UHy5GVmS$3HS#stP@HIvITCf3|UyADc4v?8!v&o=n~}rv+2)zr8mb2r@_aa#m`?
zzwd@%wjDAItH~`+{6QaYG#!=~YdmfDO$SzCY|8oziLfR9BE=AGCBTOxSh>T&X7#ri
zHQ2V3B&`H$R6x+ZU9A#+OKR4CKOMuI-IA9vbKmfl_qh}v4GB8M)xa&1{?X2mD8UXh
zl^{#}armU%LjLPq&vRAn-kMGB^S&1Bqq)}hIf7XIPG59|#@lfs9`*6`fo2LWyr||d
zyiZ6M(}j=NDE^bQXf&_56-slk_vVyR>i$0?{AWnauAUk`*$ZnS&7QbAf7&i>Gb~xS
zQ^qn3_!qI>zx@d?J1pd~ZUc|wPByty{6{E>2hZU>WhK=(ttxv<^3A0;@c_PDuk=an
z*IMoNe~$D2?|=R;2mN2fOxQ1f(={d9swuK`Wc^M)c`%#urc2EBs^-7Ns%Lh;p3i)G
z;go9k)9mw)tZ&$fP!;j!6TefFjh?o_<~l9!1+RrRKFP%_n_WnAT_sV3NDQsvFxb(N
zh-k;bkrbeoprzwpXPJ9jo>V_-Tyq89Zp*%!kRDsB11%meS2CWo|EZ2UX`!nO1mY{R
zfa`GTG&N5uA^q)k*2tBkG5Ks`a&61F=mJ27Nx9_hZ@XYBZ5IO6nYvXvY8;=;Cc!7<
zzg1ZMcoDZ$K%dRU&Ym3d4%+K%h1k+C3iJ&p2c>G@1G)qr1(J7)zN;&wJ5_N?7K?#Q
zxuZ7z-S(zQ<?noQZvH>!-aD$Phuhx_p@&`tDTWq8k={Y1glfP95;{olL^^_sq4yGc
zF98CCCRLgWNN*~=i!=cN6~Th#J9+O~zdLtk&7JkGS$Eb<{!LDDPLe<N+55AfhsTe#
zBsRqZje%-3cO$crf@Y$WOUL3a_#zk!=Wi4lvtigqaaY~F3yZN;)0Nlon(ZIjmR!|G
z#SRoUVgR%zR24D+<?1)-_1JM_W?`Pu5$)7WfG=;^*shUs`R%b5;}YYR)dk-Zhq3r7
z!iaqj{gGVML^q!L>ii$T4#S7{A+>iKW#;7(pCG)C_*p4Ro(%p3PAVPnWaoruQb%TD
zL{<ezL%8_g2HvBz;$p0OA1#tO>%6IAy`S^)5Bpr+YEvxiJ`$W(h+Hztrmm5l-r#3u
z6sE`+yxStHai<4P1!c7UrMXoteW_}#ycZKl|ADtv$D5(`O-89<99;XHLNy(1&UFAc
zsH>pGspK3mw6Bx56j?i0^e=MCw-hg~a@A<W=13f#6CtcQ&skMr3HNZ*X4eSjfhwOF
zX5Q!7gv?QWXAe*Q2auypu_PZtE5LrN8VCiL({NK85$Ye&Bgt4#z+izFo~<GE2GKPj
zeiATf?xpDU^sI$=dwd=5Yo<N@Prcq`&zbic`&gtC)_^yD4xYQcyX$&0D`%yLZaU1r
z)LMvc>CZx1ug8HS;D}`^EB`GpeW15o>Q}-zr=(j}RlUu7-Q<Uc)%)tB#6fAf#p*vq
zIR^3Sz-etua|1C({fRaNoJyehHk*n$mdlumoF|b<@{MHI&(J>=K-K3%17$_5e$n!;
z*#aX|)WOx@HHC&tRmj_W8~8Ri#saBebC%Vi5r*i+rt3b&?MijlzR`0g6SgIW7N#6}
zt#;yKU=ImGVU{nNolJnzg_+)wS!#znbP|g0l{<UjoGwPF-dn4(Ad1Q@-pO$wzMe83
zW=Z7urQ|Ik6ExoVQc7p>m9lIdfeOkDONxTM+P3jC6Mw6Wj;S>lnSU4_Rk^-0qu=iG
z_96YHg;rK#AA%mDmhL*x%tkWd0BDn`0Q;rYuWS^S%+3iVvTY%v=JxK`f_8t4V^vtG
zUNK?MkOtc3dXbJ}XUhS=Mi>(AmxkFXbS<h~_0js67~qan{VVgl`$9houWA_$C90s}
z^afcGT10NPl4=%!O#Dv=Mzw}r;Oc20Z}g>bvtn`Isd8joGG$q@flQ7mzcL=hlch^E
z%w+=?6Zfg~LUpqTeu)E|*-Zg*S;VXm^~E*8DIV8q5jT8`v@$n8Wm+Huf2o1@MWPD}
zY`x;aww2ZpkCO7u?t+?Q<FglDB82PSgB%#afXf5n9Gvx6W%>xXDQPv#jhZ$Sg$X27
z;GD@4Bguzfbww6@e3ARIernUm4c+ewoOqT+-P*jS=1atC8_6qL3wH0-qBRSE&f-DR
zjJEOmuHmB(4^&a~hg_7OF|AQ|zBYOc`f=@qi}pX_IE%DC{CX62Px80N=Tgl`jc*rU
zkC=)6v~Q*6ISr3z_-y%3A0!nTe%A1DR*x)7V?W{@5qAw-$r6FV26$AZ`F@g_Ec|^O
z+_&xT@Pb8pZ!q)R;LZewgnWOpKh_(@pC9pw=O4gtsr+004^DT>$F4rr1Y8<EtUMvA
zrk0~&LfWZ5wV0B+0$#L$4IY=jS8ill0df@ktgNZdXi7TopaYff<}Qlt&(l}6r;g&1
zHq|8V?hDUZbF5VBH={mLI$I|81ZM4<G-wNAVRMM^Qds~w7;x(&^W}7otr0bjaVI}8
zi36F^F6_3>r5j+P4LgQFq{jty3;GhGVl@JDZ?_bg*rg@pKlZ+MQ`99*X2fviyBY89
zBn6v>ijs-8QIEC`rhcHBQM)_dp|IZz{FeHJxB7j1&SaZ}u)i!je6R<OWFq_5gQ+h+
z7Ue)s`ooW~FqJu&ceZ-)*hM>Z-~~PABxWR2_BbxSiJO2Hj)?at{s^hS9}7ijCI+(X
z@A*y2ne|ZEbPG(V3eHGMPj?L-(rF&kMulythDGsVsYx*~_0;E}%w_%g`(pD=5)vSD
zx=}ULTcmw$p=@DC!?0hrymxjBpSat`XOAEKG0VLh&Y2tk+}3x?l($+;Sa8-%*nn2;
zF2;-3g2|BSX~_WO;)UJP2S}BKe-@`$?X4}%o5U9Trh%~|JW0>3%!(}tC2i#ZSorz@
zfzN8!25Z+UJjBciyp8*KXpeQ(;TUo@IlAv6?@-M|ky7Z3G6$fa#5yqWO@QwwiFe3Y
zsn=Jji~R(3dU6JFB!vd#?Tj{)ivS0WDooB3;C*#blk@$&wajF|9F){=t)O!sfvuyN
zi`-H#31f}NU8>@L(lN7#iMPBq*N9(m?$}X(6#Qv(p*{NtS-2>eORJCC(nVtM=ak3K
zbe&djg^z#a<~>M^ifBS#UV)FwUvq@;^@_TR5aWeNW)2bF6g@ba-N*&_SO>?Ngr%p{
z{0C5R_TiovoTr$hOl|mNbFVr(<55^$w=W}_YKPIZNZ)QCQP^B!pnuk!OPP#}=bM}h
zRjD_u25rn+wI+TtM{RNQL?lFM%)x&dzV@;~#!2dZo2duoMxw~Po;(?Ew+sPi9EIJk
zHwFu<u)S^a3I4cBc}jDPp0(f~Uve)h4ed|G*DHoj=n2i9>a>#wZ&F9d&vBcx9~kmv
zyRhBoFX$1nnn$1As;G%a2I-@)Sq#M&(^PJ}Qk%b#3}YcC%cxsIQ3lS`RXalR4$on$
zz80V<s<ZhJJI=V^kVFLh&pyDaRF<43eT128gM4gnLnAPqgLr>bB&R;vK+@oDN6HeN
z4oAcEgf!jpSEUI{wk)frjiI^}aAbV}_97QvM;DV4!wlE0)`^<hMxK;-M3L%{l5l!Y
zQbGE*AxtDPFuPAmywEJ!D3J>;E;>ifOHl!!6Mb3$8?YT!tr3yjeV6JQ5|3UGman%!
zFdZ!UB4n*()F|!mlYVi!I95X?G8TRVQZ{HkeLz{<a2H$`Ml+*ZwS50`otnPp4C|Z|
z-Za^)5oRZdHbesmvRd2bSQ@fe<#$du@<shiwMMm&&A70uAJziJy?ReyJh?GA0Ya;#
z@evobR|qlzY!w00={ra=(!~Rx&@Om$jnkdZNt+(aDXS9B^4+*}N?q4738(>=oTy=X
zXY7vxO(YY2`H0r2p1~TpMzp3u@<xbj#pK58H%GkBneFhd&jkQtJ?w-VFay8-&<Q)T
z)Ozzymd-8bfLJ|@lggoT!)WTO^b?EpO>jkZuVGFD=og_9j+C7ffEjDReg9g8P<o$&
zbgp(%T>K4(y3xZnT5mG6*-ib`DnQM!SiBAh%V(;iEuA2+i$fb{8`M2>(U6g6Xp{+<
zKgmX=?X3xZVI=~n#n{2T6^^8<TG4$R`{Z5ONfy=r15n<7uNM0^pP_GP4@(mqy8qiI
zD)=A37pr>-q;Zs@-DIEQk2j+KQRqwG_$#51`Q&Fidf?xc&5iySp25F)%>P6<yws~m
zM8LP-o1%0sVri1>mZ5QY?vskm{zu7aMNg4^?NC?sp=!!GCZHrOZ6<)3FO?iQ=UJ@r
zB^Y0k%RkS45asjqwW*=8j;iA(<Tww>o~ef(*9w%N+cWv1F-aj73!?x~Bky&nFZdC`
zHsI?8aXsQ{?SD}Ke^w$_61#T!9VZMUyCAUEifJ0AEej2tSktUq521P-hQ6Y^iyfbM
zkwm+A(5-H5k$~htn`DAT*wu#&4Cy7J#xQm&KlZcI{5_)EDo0X1i!wwjron~U-XY0m
z@&*JjzrL0Dov}R1$uyoQo3Y3}jMOYXF;{@>lju$X4U}KwiqNiEo!7K}IlgG?8-i{!
zQ=*i*w0%?(n;l!)Ypq*zWA2l?pqsxAHd#wh)I5=f-9Y2My1ut!<PA#?zX+r~X4$Ba
zScT1aCUy8}lbrKYwjuVx1vaVh8kh<JgVjQ@%mW&2VU~Sbn)9kX#uxTtwE3x30ymU7
z_Vw_0B!pzF<_JL?lzMWRa1iZ4Een%D;-em`y0Pn78#QtCZ3ROkqN@p}<Fhy)Za(!k
zJ>zK|O>F4kZmexD2M5)Wnu)BxGm93gUzwa+3arsDPw-m$rtDcYJvw6g6oXDpGLmIJ
zPz*YuWKjX{#iHnXy2xa81E8nfzCuMAo*rLjO2@1{-7?x?>tOHmfO_NT({Uq98sU^-
z-r!_$0;QeF@C3n0&Hx<sh@n{1iz1I;=J(v)q)Dder-bNrLdM<LhYD|0G^F#m<@Rc&
zVGp_!A3;9<atx&Y2SD??Cv1MH>l<pN>)CSY@neNlro2yLDhHA7D-lUbzPb?_k)0I(
z05)zzS6cIp(`#&p5(IrNLA#=ug%z%qhcOA)<A-kcgIeL~B=lJ@{adq_R&27iF)oqE
z(2^r;(sLFSY`$cdP5&CHZr|F%X*8E96+4#9v%fL-_y(*Nxi6>xT+{g3{fRbjD00Uo
zGsUmn)V<65o)=*L7kt__B3VvmQJAZzZCp&!Vya6BCv&p+lz_Q##Yx*E*lLHPd10>(
z<1V)v-f&Gx1CAfoLbj|M1q$i(MuOD+%h9Yj8Bw9kiSyg23b8126l{PNDl(;Xv)@EQ
z+*@_DUZ=aJPLUY#<~vZM<rqGa`>U2d-AZn>uD>tG0sNtM&_E&&N%a9v<l3gq5M-tu
zU%dV|-CHramWf~@*faz2VQ-M+EjmA?-;$+HF$kmDcibKpvy{la9l|xNhDAypu+l`y
zKZ!d9vo0_B8>5gq?Khntqtgo|TT#K)F%IYE+!k5|Ad?()%5XM{L#E*9L1u*`Z*og$
zXY!L#%oy5Kyh(&fLY+=Hw%)$mz6uB&`*br(?z;<dBjSjiv4RV$5gW6uIFoQYmCoYP
zC{jSX|Cn8|%e@cPOJ;*yl|AExP`UOcjNl{|o!4@8L>Khf-^dB81i~K<kfBrpnZLiR
zS+AY(T`2JM+5Hhef3cjz>MpDQH4r-b-1^l>wm06W&dIQO5`{G<yB!3Oz6~>}X+1R!
zmB|zR-pk^AZ`krpo17D$j1fyj@?<ilugk?eg*``PkvBvm8HtJpaVf9AahPXZd1b}(
z`t541Upy``)sKTm%`){}J*35`GVua=m$dNPh=xr(x)+AfVtR_HRvmGhb{*8}iji4B
zdemtH)#By&5NVe0xeU@Q$IC3wO8HyDKi$4DR{8q=-P*tDkE`lKuf7~dWGm7=%t#8k
z6%;}AZ%tM$N;fvSVk{J|Ld_xeISk+IqsU}g!v@LyFJgN$7FFt&0hM>tf86_A;JpPu
z|M{qRiHhIsQzYW>)5foavC9bFmv7&{c<jqp<xzEEtZV6{uzKyxr}<sm)8XzCsy~Ak
zcc3X)lR$i}ooa2bGljHV34xy{5t#Wwu<bzhT10qV$fTR5lC$PV8#cuLYGFh*ON|5H
z`q*Rtga@?MPX&_<#jsF7K~$8MMC><y`-im*uGU`r_9eq?o|cC?ZAJ?&E=f4oRs@(2
zNRybD6Hf+Z+}%ce;jQsr>YDKS6Lr1Gp=fOcVim^r$vjBLY6tRG5mabyI8;>XAzlJU
z&8^h%7xwU$@f?Qu@Vbq*vtVKolLjVF?+d><kQ$YffS_pvZ+Jc^kT=xR>nODDTC_fR
zG<#mtlrp}~%gRyxmi0xt1BY9=R7-7ZR;VS+MDR!LVPS8~Ve#BWOk(OM0SxjuPelkl
z!YDSH$Ke=>?qY&FgjK@tyx1M<!=8Y7`<1yj+z!oZZd<K9&zX}L_VrQR><_ce*6s^t
z<6yVeRYcSXfb2<QD`o(R$HqIZP};HI`-#@y57|1bXA%6y`wUf-7;wE|f)edpYofr*
zoLo>BV~#B`q-440ob>$WvtRTlAr3&(8JW83A%UXTrM%<;;$qCE0qdtHX6Y^gk89b}
z9RJ=$9qKoLjRT+6ZTmo2L8_^Sh9E*^gwaJQvjql-)6=18L{L&YO&TXHw!LkVfj;dO
zj&o@f(Nkei_1~J_VXWi4;AxW!GLvMrF3R%F<%@DDudt+zhVTt28&>dO-P~8nnfNHO
zs^<&iBQU=#Dob=MGHCkTC<|S%%_GqHOd^i0Subt#%2C|6BHCpUplqydeMvBTDfst}
zvCmt%itG@4L5nZqsAc-qg308ttKcSV5+Fz+I70eblqVgN=fW5Jv`O;^bLkGNL(F-*
ztt6X%P|7WKEd-e!`tF<iZBdITd_G(D05$H}O2@Qm5~rCDXJnt+$jg*EICk)PY)ps?
zF2pYN!JAVK56++jc<IJAwN|u0YR_;4nwbC%klN6_eF}^d^NXzdeY?WQcIS>!J7zFd
ztt~+ue<n;5fWg6?e!{Siy9CnBX>!O5gPSZC+q~k6(nrqi@Fy8%9pP^s_dm8C$)jB-
zH#xW67z0!R6cxG|{0?MY@AnH9o^yJ3dRUe8;2wp2Zb2qxr6p!PqDVuW<_3#bZwf^V
zljB$5A<0N^rf%SsQ(o}QOf#Otr&PD-Qq)8${i4V|zWI%BKAl;S;te)yWU5b+9`{`w
zb=)Hdyoiio&vfXcMVb6Y9WE?nWtfMt`t8>3g}z_$y>6~S{y4MN&*B3)>Tx`6fmuet
zW8BI$!UEe0r3=?EC5=NlL4=iB$BLv#F%oZ1Tyj|Qd(FHxAl{J?d`hv)sXAFaPmK03
zQBa1j6J5xRd1zxRoD&B>8h9EX6oYp-1+Gl}XnK=jwhjD8p^4;UUc!|2!O66OmDzIf
z@MNetmlg%c@$+>R?VD~n)mv2#vyTbA&HCRm7UCQ|L%F)XJ)jAF{v)TJ)AyaRQh-dD
zhdRy|m5QNL{;_+*O_dqsk`eF8tn@MIvU#F5JH4`GSRu+u{d#CB2WB7azdr{taw!Y}
zH4m)dsl?c>-d_Z5ax@kNC}VE%%MFCoXupbg<=@$EvJBjyu*9TPK^T^-WyF3~7sacp
z+{mP6^K0;WTSz39{H$I>V+d%^Q)q}mNd1vLqyLi0+f}|7ORS>23}o+95vxP)$T#f7
z2t6?r03Ze<N1ptotNn6$$xTA1IoGQ0jn=(x5(T_ZZr+Tdr#kLIVJ#=4dXn-4a>@2z
z%5KOz;4;0~_>a+7_-qT$(xEY6Qa3?|MB-$pATcmM16U^QFa*70Vc5Khe3=CIj}9E-
z=<ag4VCV<}W{%XqlY&k!iZek742(dNU|J@_x&qqT_*qkZRf;W7bvZBJ>$!9~fxVvJ
zD%J)DK1+kP@dKxcho^~RXP;w%1>2#2v}BDnV6WcegzUncBf|T-O0Di8d5?qpbE<WF
zf8{O&uY8F!$*!>iIupl3NF56Jka<D8tg%>uQEdy+@~6~9>)Jl3=5cPCvHZh_Iraup
z`?v+J&%s0rcrzO!jx9n&rp^iasNzxo%rV-#+%oa$27ld#+ZBxxW+v+suUa5pr`Cw-
zkVP+7nYCoY(42-np5-$cZ?pHK>JJKmwtVVcqP1(jsecsDgAXtL{+x40<O;aRd-zNh
z>eH#FW7>R5Hs7@j22g^u&GX)Iq3M>?Zm|ha)+{D^8HLjt&{rX0_TzHMs$3EsDViu=
za?HH#00swf{Yt1-|5Q%hJ5OjNe*S(V)*y_}5rIsRpkj1Ti>TKc3ZC<h_OKfRLu%!K
zkCFy9uzie=8r9y_DtdlnozIeMS~ZkAPgIelh_3JQ`L-173<kf6+U;(c-+lV2>s807
zY`mhNso79G*_wWQ|HfIRTH$;HWtQKSjJDC^8_e&w<$R0cK6ycU^<-@_5S(f?vWen^
z!2DgMof{^m@m+==T^<TU3Ttmj4gIn=m`ttzRAShlaNJ??s<Kc#4wLN!`v|FW6!<1a
z?}Ej+WP7&z>_@Z{pQ<@`FvNYx!<S8j>!q@%R2xF;rt5Q}Q(SP)y!<q!X64C(g~pHL
zboP!uO}}oq8N7P!56ADsZzk^P0%e(JYToT)Xw2sks#-zEZR2{7=xq_Rt1VHo1g@?x
zBF09N^s^1M9X9v8Y=g&-cwB`&cv>Hm$;~#3!Z;6AB{ts)ClVIT(|=zjfa@2emub5u
z`Qt5WXBys^Nh$O+xeG>ANtNOiOK)DdxNeoY>lAy;mejfKEkWtBa{b{I&X*68CIf&M
z5)AJ1;p&BT^o<ZR$L4%z1g8{e)zUN5wB2<R<hY5R7lXT0>rw0jivtr_*7tRm{>U#Z
z`xVZ8*tmr}39qqEew)6ATh}RxRjcC*PDEo95V5z(WHQG{oHjwS?BeU&<Fom)<%i9M
zh~TrNh!C;rX(8kjmp0|l%}y(n{e@9=36M4{7|Fp4h8Fa*iNTTJ1m@kcTda=Zn3+%p
zr3B*4&`a(9Ulu3AA72ZyiShMCxYyk2#}~pK3g`Kfx|t~|FzQ$jT^GqpV?=^lN#CRU
zF3&y7imI+T6bQrVQ<T2_2ru%Dse)!9C$p1r{h8KR6v6I0;G}e2+Hh)AeL>YV+1k`G
z10VXD{Jb0wK1UobEj7F*FatlRNQN+}N;LHdE~33Oc_TaPP&TrjNT#c{&dqz>MKkW+
zox9?MqQ$$a7W$n6d+v@0+-#VV2$J2xHvbRo>J3w8*Osct{|?yyKP;f^P8#P&gztV5
zYRP=`AGrOV|G@3%{_6(aX{}*RDiZs5Tk%v;{}qRhAAj|FF639ycHiKSjyDDs6;Lx~
zbF~E7aj^LnB|=MAnfJi-&6RX;-|7dU`b<upw!XH+`_Rjrg$Sg+b$b=2VUH6^8a-r?
zGu!YEJjFul0o7zOtjFJm>S~F{ULUT%3pHLSRTxl;)$x7(dKg>p-1}&xPRid9bsY7b
z{6_77s#}U-OK+d=La9l7`|?NECW}*pB<KD9x!TZZC$7QZc?xwLsM1u5zCPWphk3G4
zhCElUWQp^-+9dzM*&^+OPW`8u*$VS(Up*M6uJ3=z2J*Sk;H3Zz!vr}!t9q_&2rEs}
zvtNT=#vDz$r7wmyef`!~?PF6*pM=Jz*&izCwLI9E8JS?1!(`ym1I5{q>WOERZ;!Sh
zGeKkE<g-a!97P^!_u$x9!`LMXE(}c{fB*}$G(vA=tH$59Rh)?&`)V`jlo6L+Vl3I>
z>;M}l-!Cb!<Eo`(w#Gy8U<VN>SuQz7P!P$)Up<|!-X6=wcdKNsre*0vr?u<VO`#3w
zm}hM7s4ZbtM@c-MQGY#T`e~Fg0LVp&nOQ3xAxn!Y!!Llh8(G*`WN*%y%_5SmgbiIP
z+FmbW%EJUeSv$=~H!|+LIS!QizR9x0RqEAfXgV4$-NYoh!+khnoMjTVY*>9;>1^CA
zdV*WgOok^4Mlod0PJ!n>@9;D+Ta;CGcChhEZJbKXuh(#I(=$_D2s7_%d{^WyEuE&q
zO9aNM!i+_B1j+sCEH=<iL$dos%<$e6w0BM(R2>E?*nK&k>{VT;I{-)`=wPWQx)T%G
z*GHeDF6KT*Jpbs~Jr7gF`HA(Wgyf>PyVP#6LLg8G1a@E^01%It#m0dP0@1(j9^0lU
zEGD<=`H0#k)sDYz;5u+j)2$e_|Ajd(+FtpfHp|lq-_sgE#RQNcC{)WG7d9#I$BS94
zul*FF@}pA=lJuxPGLyiw+5Xy*b+i<4=S=GOAplY}R%?sLK<ArZ)!+bs|C&QM3SE^I
zOPo@HP1cQ5BIRRfgaJ};w;b8DXJjm&!H&#bTXP?WuD?<w(-&^C$>rk{bI)?H?Crs%
zbPPT&R-!Ovq|XizuO%lY`Z|ii4mN-f<~hgD=5I<+caN(#o6J{>M01Cpl2Mr!t7pJ!
z^>hR+$;TUr5K0b&vNDzg$JAsiEvj$#k<@No<sLP9nx0mc?Azz>qZR{RWe%BPgCgG_
z@*>pi#sTIS0D#j+sX)N#<?<z8?u!VJ871+{fv~@VoE&|gbuUS>Vo4(oHs>ZrX6Y1R
zfqv;cKgbFYznoAlHn}|d?l$kj$_jE~QmMLP?WS@=Mf_c$=L+>vMHQ7cl49j`0bgK@
zW*{tC<MH%fjfe4BsG+j`nm**E;LoBBP-NDT5@L^}2+djNs!*q)VcY_%vLW6sp$c~m
zwYP4<;v}B6tXrh+ck3(ppX%1Nri?KA2PQ3|Moje53n~6a(G8dQg|4mh<XX5_LWxK6
zB^d$Nw-32M^=8)c5GQZ}1z>=RFIG$UNrwv6y_&1RI;FBsvk_RDoBK^2&DZRrC2W;~
z27IW2^i=)IjYUc`MmKm$W(8qS_D52n8oAwx|DVz{Vwa)3(H*6dC#<LBFUggC#bz3Z
z(dbDA8WGQ=JJXXf4sJ%8`eLb6GFv89UuO19l*#?d<8nds#=T57VS0=)?#G2@;%3d!
zNy&Io8JdE4saM;G8@#c#o^;9RTbD}8HkTy0$~Zr|p_7R-JDxG;K||+kX2pmc6pgm}
zJ#R;>9dpj9VWJ1NK3e*te^0+b`BXKfRyDJzNBb4GeplA>RO_lFS01jJE#XDeN=~s}
zeG;sr8U*!+mdfRPr-RhpbB6dRK+|r=X7|mGXch&JFNrXxxh__&6Y63HJ;k9e&{JTh
zdQaHKj-Zxw#(Rg?=#Y*-f7rj-(x~9d_2)XiFfL^ATj<S6nFX8W0(_~&)8;PJ_+){J
zTruNAniDfzv;!>@_4Rq*@*+MOq_Vava-AEhdLK>{23vqTIq~M)6by$INGM(#niIAG
zDtcV?q4A^FJfHkLY=6u9mfK}oo$*ZgEv}sob-BjuDnj%DL)?2qDtI!+AFw+N+s}RG
zvtH!X!eX{C#~<1@D=@82;R-WS3l|D=ug7T{QVLw#M?TFU=@}pu2?Po{zWe%Kx!m5t
zHIG_sveIlGqEmd9$g3qc>c)?`kutQib@UPHH!|<fXv=WHfi@%S@UnNmw9WilBrvP5
zkk>T=8?(}Jhf^xHHJj@|VbvTNa3y7=cMjGZr^)-X#F%P8TPBBMAE2}aChsN*BVV3=
z_{jBt-@Ya_!tbseSiSqvvRw7#lUL5aVl5;Mt&8#jDbf<wTl^2;p+e?C!+#Ky{?CBT
ze>*_)e;H=^&v%pmUz-*l%m2B4!R`5b&w1^?z<4JK|0Uw`wKeGc;q9U4@v1>bcU~Xd
z-Es$f(7AuSvfNDg`<xVL_`{&3UM2N17u4oM_|yaB)6C4YucrDKg4LE~y%>Hh+2Iu@
zYThxaZDWgSV5%##%+B`x{mD)gx_Qk<@<Z=;N0`}d$|ct5=Z>2)OuG5$2tIEDfz@vo
zFM40r=QKpGlYD#3A9Hhd#vsX{aJ=bNe^`1i{wWQV_A~SvLFmYB-az=0+-yOUIDX7F
znwdOvr`5+o=T>bnm7l$edtr{%1Rc%}o+#-=sf87K6+igGMz!<RkOpJNa1GpZsn_=7
z+Nncn0$wj4y-Iv=S!B(x&Y2#4vw>pXijZ+<XPSXj^+J=9Nz5#U%b!19elt0|bJxhT
z)F#8hPl(T69Jwb}m1Vydd?d^+Hxv`}MeHq{O>Cf6`6l+x)BEM_*GjeLvwSXJOw@Og
z92AmzS}DmmH?CykQ_!qIQG(}N4vKC3B!qk_5pth3DW=TS?#A&}u9wg{Jf7I%@)X`c
z$G$PUV-1<T`SJUqg51n_w5x0uxMz>T>X_!@RS@HDzu8T-7OrgT2Nx_$42+A`D@W@o
z*$c13in}a)$*x;di|K>s_$EPw<>%jn#9d0*tn?hP)FN6cfNKG3^)1pZE=%T!hD_$y
z$xn0Hod|i^hDQMmscszJE5;bRm_+8mr-1V>E2`PZOH2Dh%>Knydw|V^I+;%t=Y4+t
zcA-Mg@4hA78i6B5g2Lvd`W|o&c&rSE+2f~djIS%Maz3JfUzMz}xCB2p6D|=lQUjO2
z8vd|)>JUr&Og)#O=b3VC*DnCTh82yM5I(Ya6jIxsd(YN&*G-hv@y8|d^}3x?C?tSo
zduYxhX9iRL?$GL<k=Q2o7vFMTnbx-k*FED4Z8hQ+UO4kBIww<2`^|>Rf|WsT03nE9
z4>5v5`@P<AHqra-cgP=JPgaMc;LZ)KfpGw`m2mDNP)^L>DjJ&KeXg4k5t^^*mm(xH
z3>V+SjyOJ2u1W!b0!R2BntE#g8|3WNehGWbQ#HKDO>VZqW60R!4;~~v=CY55S_oR;
z{;5@G&O?!f^HgQS=*_pQ?Dbqk&?!Z|ueb<FW+3R#FK|n_>U-f$@B7Urdtf6mMxsnB
zZj2lxK2Spa95fZ&8y6}L4Pn~>>HzibKF+iH30r2sEO<A)_$pvqoaJ$?mVQO;Jjm0v
zq&-^(?}3T>8k0GOF&7vSj_`m-^qq-*hI$7Uy%pji)*XIEF4+WXyE+&^Eu$GM;&y-4
z|6DlwZT%KODWK~@n_l%el@c|2SFvDS`n=Ap;ZLdL+pv|&z*1DFCy#GhXJZlH-J9yv
zAWeI&{bVsRP%@+NMjiD>UN`_jiuI<-DE=Lv_cnM|ZG&o5XdYa4_epid8wVLpvFu{@
zqF)=kCZeV{%Z{S7^}-XeQHf+@9BG&ZkF_{zwQt@=Hh<E;h@#HL-e;NKYFEh5_TEJC
zld07{0F8uj!Y8>ZinC61t^^f}zLQM5NzrcgL36CE(~`MH>nwtNuY?ziIc#OlQ(!CI
z0-&ncL4ceDC;<`C=PSH&C%36QL)-gq=Cj(>^iS>yZDkvsnpAH4Uj4jI+aO}oVnlJp
zgX-c6H6td)65$PaK_F`s!<Sk%41d)(|L)1Ll@m<CT!n9o8(7%c2|rDII?gIKxWU1J
zVrNx}iR0}*=Bi5oSW%E^Lz9TL%l0<-VVf$q#`_-oRCQ}+ihI-7CAF&y-{mIbi#%~M
z_8E$A(Ly}9*lHC}!aM)V`lg6-nz<QWI*s|&yOK*>Bc>)=B#mQLxTTM>9m=!Fs5+>2
zV}p-x9v~y00akfXXa$0oTow7g2eJJ%s7lLt@42Gi1u-Azzsq%B@TX|~=Fi~1{Hw?7
zm`FZNP41J{!_e9U4_p5HrMY^Iw#|3On)%iX+3|3$!t-NE@P;9YB#Y{S;EbJX$7|SV
zavt;6#rJtzy?R7-{wHIyGKedx5OmIOe~z%!=zG<D(W{Br{gt1fn<355+b_3E8Q8OW
zk)=Q3u@u%Zk0iM7xI=7o+vKuD+(`*T)RBsj4#b7I<{-<JoLiUHP~@`|r%Mw}_>}d>
z1wY6lPwMpJD@{<WEnCs~8##L6cg;s7fdenmRo_y+YpD_OE>I2nEW6&Qw%FaC&NV)h
z8c>FPm5kj-#pdCTByIEfQ8mA};(9U(Yb-#(2i4cdgx+z5x@Eoz!}*gcnEsfYRkyH1
z!CV8BRyaF$Nf5hPNnb>;GX^`KLxFMY0f#2CUG-1qy-QEsYkX_c8De|hNc|F);=v)o
z_jjKLt^Wgn_w(8gG-lsndvle~B;?}~=zkuZv5R9z>d}4}mz6arPj1Y%;*q?cs$7kC
zSB`r0nDs<NicdW--?_h(n}hjmC#kla4j?ta6T@QL8`V!fPk~)OQ$G_*SYA`GZ%Sh|
zKBAbLf+lvm(Dx^cy$H?>+BgEc028D~>UYc%BdC7GMBnqAw9Tmy4USf<6jq<ijKjh1
z;rOr-(eLsRbWgG8yIn)v1WH-WXV>TNl<EhT{V}gz3RRqT9s@_{nYgAF#@=26I8F1a
zt9nyj-Q06;y0g4W=XX0mC&hslUBYeJ^G2-=l<PWAkug!_Bu>czP|`eReBZTL|CJTJ
zso1q5u<<?YOXl4zMcb&m^VUiqR2hZ`MEFt>e6bYNr}06AywLdeQT<ilP@bEF59If1
z3}#=P?*V1b#qLN!winwRS6k4OTGY`5L!+KY9LhCaK><y|4%`bwWiHX)Z@Ce$CF2p=
z;dR&IEJdZDPi($FO?Bw%dgEPPl*pu6#9ak{k*HeV_+Cw{P8LVZr|~v<ZB@ue8S69;
z_8Z^PHIn>t%@CgiqT@niqOw&}sW)ZFNp%14^c}LKcOjydMg5DE`@0T0lSAocVJZd1
zpmf{veiLzYRPU&uM#Rw<J(GFJZ;GmEEEP{vZO18*uzF&CD(P55gjhfL{$*liW@8Yj
ztCA}bYftB3Og4vc9f*fTgD^laf}CD#v@=ozq0;N<_3S#lH2xoeR;Pk>rOo1v+kq#^
z1p}3neH^yg1OO=`B8L^~&VT!E{|5c!-HNNHOAYrL6j~L~F`V;a>aI&OBJ_oJy%BE3
zy~pif@jW)f1MoA|Y;aO+I1@IZ^OLu7qd32PX7$MEEs@OJ?~v@LbPw_<%@kEBN_rz1
zQlXjSjmb|25`kmDK<1U*&Ly|J(&o__6%!o$qeW#ZiE9<7FAktgBT|%5@w+$3zc7+;
zr8gipxZ;6~Ts8`))fZ>$CT>Sl#@gIp|FEac2QN@Au}2&Ah1J*9W!#B8g9H{tVJUV1
ze&aj<rsm7a-du=}oe6rx$!e-`CL-W#y{Hf2eNpT7h@zQ^oM0f)yq3QpXDE=?H0TWZ
znfDDwE!*8G%)qqcZ{F;nf?><e7u>V~X}+tKx$Id0M4hAyv2whH^)v9KFm_Bj{_<m(
zC++p=iz}1ExN!TLo>UKyY=t`EKD{yyA*?cnmW!7|xI_>i?PkuGssY&HaaE+KGY<59
z`m)ZB>!XfM(!Kli-=xeKI@sIp-Vk4XrK9ZMJ8Tccae%rr!V&nw>AVeN@RJ<*+w;w{
zUloc|9dA3%T7Vca`rb+=J|z?RTC?ionRKj<oO+0g!=plk<|wpe1LTrO@kR0c{`;8j
zS_KN$7WrP*tm@i4RaN;KW)oPRghK+0p=m3d(s5L>CYXx;tK~2KmyZPpNAi-l_<O{Z
zU81}oMp6DxTbQe6@d@|eKsiKM9eW0}b-CzyA0+w)STJPd>LQ=(tsESgzq$B1H#GYq
zEpSW8aN;W!CcQ8@Yv>-|j{=g(?Wd;p^eaP!h~2vjwl|liiL@OhEu%2u_4lZpuhHV0
z9^TL(l}9=SG>(A|!eI6a@O>BsY&2p1Y$b#zYB>NJ%cBHo?C*NU)o`7)In#N8O|Jf>
zw&1m1)$LY#+NfOU7li7WHhr(bR!F3GoS5fVA4=vUtA#xQM1Z?mbRe%PS95IRG>y1U
zgq<N>=IBK@7UNqqYGMR37LR=_Z`=(17J5%xiaOqBQ~Z^wlj!wR%Uk>P)?sF9Xc3mX
z_=@;Z_GC8z^`6R~meiVS7W+a_P8WR?@)@FBywWAwZDQAzr*1+&;m`ag8H$}5!FYqU
z;#y*U5LplPchlyp_S>sNa+fYG1L{vTnq+ZzYaFeCw*}M8k?2KKYD}*<*o~f+P!vZ_
zW=sv>*SqRm%>S|$R#QV<Tqr1eDdTB1DwpjcW(GA#sX+z*FhlD4o5+%>2)mRVNaJ~9
zbu>+wN2?`Gle{^!(==ZL&illCqq18k3}qg?55>(s>Nq(o5l-GWLbD!0oq-<gCgU|S
zw8o+vw@LP@-U%XoiK6hZH`EA?O3{emEL0h7Jx>maNPiLtp~^Hg4xX5|GKT_nG$LgN
ztf@*XPVzXsaqOpxn6tp4JFIuF8_tHoT<l+|nKb0U>zPp~u{_mD-JGZw!z@s;VWS$a
z#kYA?ZzLk3t}j~5_~K05%(RhYY9iKxbrdoQ*rae@^#>R(W4S@9eO_zBhqYnj4OGQ8
z4Tb~by>-iF%fdysGp+I7!XLZ2NQ)lKq-vHM>#NIL;b{Ib<ypqJ$j$~#=N8qUYj$-F
z4sr2W(QGQMsz%54w*q)umk)E35~=QXmsFIaw0=(t2KovVjmrH@Yz~OkI?TP&9HFJU
zJbmQV+1JszS-empDVL6V5Jt?!CnjqZ0+PqYdI#!b_ed#zq)ht5i!r?>_NpVX>T*3O
zyP9ih=$$@d#brs4MnGb4II}8*Z^C|f!(a|F!Z+qu#SNmRRvMK}?Lm@!uK$%&bQ33g
z+dc8d%*2x=E{_<o@Y@8<b9HO-$^D<9FV_kice!Q*{&fh6Tl8-xyZ)P(P4>w@PAMTJ
zi8+S0?*BP46Dn$UvoF*Lt}yurkUa0L{P*jpF-1~1?|<N<{+o0CPY9`I&;KHm%1jx2
z5aOJB()#$$6-)kiktqkXLix!(v%j%!e<lK#OH<0TSO0RH$WE0TJ3Nt#{3=h`r-{nz
zEn4&XNNZIVpstoX*JCi@kuLzKc_4BW(u2*Z-3CSLRBG*LE2kS;T!g3TEbT--3u$jn
z3jMP{T+EW%c&q<lx1h0(4977wp~qN9Ku2j-Bz4~}<hwJ;srjZimW|n_NhbB?+w4%L
zT`7sqm{eFRa_Yjul~oKFcMQcRK$Q@+l%f2#Njh=WMfp#3d`#<?iW}!&%^VB;)W`6?
zM2&_qyPMb7P3Y1-LnW%Y7nPXw7^7_g)D=LsQua%J`lY4zO79|y(U%f|Pt@zW`hxD9
zy9=MVt_74XPQ<m{3_n>U?e)b3)8sSXCW98h@J{>XOIPHq5q4$eD<QxSPO%Y-efpjg
z8uu4c#HlHn)kBclij+FMNd@dyljXrv-5Ke>S8Gcv?QEtRF)o+>?bMy~9)6jUMKjS;
zmg-q&#RMEkH>sHG^e%7rHD}V4Oy>TMz}tL#xTT4@top+D7BYj@5aH75h8o@7veF*o
zMBWcKE|ydQaG}3>yV=}2#&~0+@&_+ohvb<u=jL=+Lk^OhecXbi!R?XfU#8p-Fww?9
zL!2NUHVdXOk$XTY2O%tlb7}lU&vkY75N$7V#kRXWPaCs4jRU)^ogvzKj3UzPhA2Y{
z=s9abf&c?n=JZ<Md`$=IuH6EIQ_eHldDW225RbUd-cMOKQ+3pRou9k5qOFD))w`K%
zH^vOG*o=6e$7Noe-fqkv?L<75bIKzcdv^Cf*iV*mivTK8fKo?#?8+u`IgA>y^mRnX
z6+D7A#e{%kB@%sG?SnJ!C<@Gb^v2Yp`-I}Xl1&zKQ}y1y1*h+rCC9NqX?~n=t2#7W
z9?Q)5<a%1jvcQvteJ8Rg^(c%5A<P0G015SAFrbO#oxRNHu$PDJRpC!gQ1;fsjPC^`
zH{|(}%>!=eYkv*m89U7+F!h2pxkD=KT@*RXxr5^kCrBQ@NxXLO;y9LU`rdmRA`$Wh
z`U9s+z4q?$fK*9PU1u(-A*g5krGi6ZKX)-+9}}L%dL*Y4A(j%GIO(U9TnGd0)xswM
z>~Ikl!=t2$LtZ!n@EVpLx3G7ba?fsJnzF>rW<n`ne1bgQ2&@fnME-ao;^_?SF(p+p
zn9udG8^Z)Cww7gk9T&{Px+HH64tUf+^Gp_&QOMbdP^s|HmnW1A@W)i0EP$NrD1c`O
z@R{$z!DaG3PxDEKBGuwol>&B%wIS~)u#(a2Mt=p-9-&&sby!|4vJwyfV4nEh4HQ9I
z2E;GqDrN^nkeMa-iv${D9$Pd)_^qr4#NP{~dWat;v%DG}r;YBPrIXSyt<M(ALyQQ(
z!d~+|Y&QYYewls$dt=yGQrLOty|A5dsO-%f1@uRp`+{x=V}Ae`REroEt<V;O>B_Fv
zEF&`N6dTs-?+7HhEF>kjS92C}2+mH3?62dp0)BtfbKgtz-nIm?j~&+mU8uG>uK#WF
ze(qe$M2r%04iUiASbNyj2;F>V)e{;U7707GPKxD@al_isg3QPU)(aTbc_hjif^QZ}
z1ywos$s^YWX9rh28oQ!RhXib|$$etIM!(B)0DY!)SY6IfrBYt!C`XWCA61R5e6~?q
z>OD1JI%;a;`_*iTx>1<ds!Ua@&9K|qnH%?34vJ&HqJq;SD7skKk_LXyy!?M3wa{A1
z??k$gpsUi4H>if7H!U2C>6nII#_@%2q0gV)soZ)Jb@p!LuTbrqqu}TK+&eiZuYu>l
zRx*}4OD>%y5kAwHyjsWiMq<h!Zu9<7OFs)Ev^JU@fv12nf7qztH5y~1ORu4mnM-f#
zHe=A`N<aOaqhn<oXF27dfBwuo-~2`7hfjPMI}KIRMvGBXgiTM??8VL)(QBDdGHX+5
zW91Gp!+gde({sR|1B0m1XQSHna3lxCf!vm0;j@y%Ao|sy;+Z~ep=Qsqn__ig6e4S|
zp6G{i6YiesIT>~%a^ot%u0t$MCZ0-9AzgdJ(D|J2!YZ-gkSh=2e@e3$8x*{zs8w#0
zC6)uyp}xXako^N71f1vlC=s*}E83eU(pCaBO&=_9*!D2<)Xb8m<wyI0b-=yr+-zU9
zh8$%VWOx&pSJYw*PulWtL2EWd*?>l-%T?87>~zDR-kEHq7T}iyF5#6lE#$MFaFJEs
zv@6^HEDgb-u8I4&!*X?9!fer+!@{I`ieq<KjS7IMZ!Ao7f+o_CVd>Q|K%PI9lduCU
z()XrS8_veOVy?MUI}oy6{i*c>#gEHa+LuV7YHIi%D=mFc;sY*S1zO!wl`(IKlUQ<e
zG|83+1|z@Ff8ZadnVvo>4O}|7VP3Q%BG#B^7P;viAj<~ccQsSZ*DI`E+#TPhW=hr?
z(3aIQ8o!g9E1pXyKG!MDdaLkbc50KSwe+&8M;LP~EiGlKqR~*~oj@s`;0T6!LEC~*
zrI9a8%sWnOOsftvxuP@q+*5i*HYO)A^`djLdA^LL#D254#k_1<N$g2ob^|(uLI5K|
z=6vHfF>@^&L;M!>_<me`1LsiOjt;Y#cF}27iBwIi1)a(fXbdSYG5wKem!U0z<qMO6
zu)Pn%oH*ni?QNF^*;b1tlZKgUw&s@)Vx#N~x+1jn6)C6p(LYpVBV4V*C{iB}C_^px
z0`ZYZKV3ar*i)Q``GSO7h_$t_>qf7$J83*5%D<W@GV;pJoP7k6#1#fEE-26%08-MS
zISXlPLuiWh{8KoUxLa+WeY{Z=5BLdpd4M5lh54}L0iOX(^dEfEnwr}VX>6Nv3l>Ga
zmseJX`S=Cg$Ba-OYl2cNdaDm#>5}4c!qXZlJ;@N62k8wh=khGfiuF{US{i9Qxn5P@
z%y5(4a;4#UhSfw6OYk5EQgzU*U>HR)EQ;r0JTJ1U*1c;EX^ue6Ej#=8r#xHnZf{!U
zmo@lIR65u%Os75+H-I)4U~dGm4<J-wqdSg!>ciH-z$TB@{*o}KRwXZ)25Pp<(+xa5
z0qrVs_90+GNE`?#a+49pJ64*DnNk7PHG1FQUj$7Rs64+})Nma$)GeDHpBL@_`HY=x
zuRXgldsv%uyymFR3BLQ1HU0n*dp&ozgYTOt(zlaXiVjyIwU8UP<nEj2;R2+pVp;s3
z>FqjlPG5O;i!xiWvlY;j&r6N6msqr!WiNOhA3nEs=~XSC#P&U_4Az{i-To<9ZARcv
z_$)}1ANVIM@k;ysvx)Qs^Hm|hirs{Y{`1?4&f1C#h9lPDrhm4~QEE;T;Pd2d9nwr1
z^^<FzC&$tD(qgc&%UIEG(ME}?d5&*q>P5Q$(fsU%L~>$&Ol)%Ai0+^^`3ZzcYfIgm
zz$^xP^<seM2h~q8y<MHA4v$5X>rR&G4qZDRJ<1xdOMY%@IG^l97hAXk^9klGK&j?o
zX@J~hog*~ye)p%cD@YL~zp5u%TFHmrBg7;{KS)9eky=cOwiGgEiPhEO!N8Ez%3%<H
z{?v;w+9tJl6Xu*#A(#91Hcul`iczj~oGG{~VR8FlR{PaFId9r5GV(8an$$NKwScNO
zyqBKen?L*&ERxowX)(h>%XI5{A62t$t1ABsb=_xH3D&x2x)4FMu|Ij#v!ndP9G_B-
zB;QpH1}Yx?#g?O|UXM)c?O4*ZDGFKxo%NwdDeUtU$&2#b1(|!>0Nz}&#b1xUzos*N
z{pD0Fx2Q1W`c@dKbKas)O^Dx`W{0J&lj6=`1(@iZl#ZmtAxx%WFc?Ur*$Q(-_?FVh
z(J9){BpIA{Ajdi*$jd=lEWv9j&>j#nqnHdqU?W?TfoA0ylkleT<pYIRtqNbe6HjlM
z_bqIiymYp~kB?1sorj4a?Af=-W_v3fME%8?ZhmL~ymr9;=%5Gv);RaprMte^M&)v&
zVm=19A%&*g$-=Pue|Z(P+q0-P{&fRyc2@a^uRF?@9c1TFg536$!SG4nuus>KB{t8R
zO9p3=;B5h7#z+|~)ea@#-6<6+1oY{l-=mhJ7o~Y*{jsSExl!{y)tuIhXK(fE$%7}e
zk`noJ`=m!{W7)(gU<oXMNj~!q`=!A6xrJ|149XHmKsBs0A-ST!kSjr^nujR#hEd?~
z)6_qJ3{f@NV8JZU!xDFy?}$r>!BC>vkq=r3h$(s~|KS`r%MX;`u-K!>)>EcQO2%~m
zt|gP^`>s5$`2AMJC8eKUc3dox_!k14ob5O*_Acqm-Ha~X;C(I}ttGk6!vERj0!7X>
z41<|!tLloz8pcu0CX5D=e|-KG5khU$crF}uA7zdb6%w+>M-K|(R`h2TjvMQ9*cT}E
zI5Gz6GtDmm@Bo(G`Jb|R{yF~=O0@oecb_WzC-JTFUkQescfV#ec^8AkPhNfFbG`rD
z+=BecCz;Pd|G(dh(rj7lP@?+dSU=!EthZ}q)fSLuwBE~!Y#8uP20Qt>QS9+Y(<HFw
zRJMlubtk4dbLOskAT~z^7pp&-f2tEV=Elof=t><!KlLU(KY%uiUn?N`Gv8h+#%RE5
z))LI;e(@8wIvM)<;CHTfC^adSs_W?T87Y>@`CRXHG>GnIVV`z}Pyw_|MGgS|<Uddf
z?%thV0agCNwbRu%Lu}ENGl|wT;?=H3zlpllCnN8wK~fC@;vURwTp&j#1OJi}&*kJY
z`VH~I&S#cwkN-ArHlk;7vXt7f!NW{E9`Nzu5#k%0Ms$weeQg2Vw=9TIMiChrt_sIL
zEj542JkvP6oH{hLQw0OQ-ccZlnu`gINX%ia=k|F2gWx&Ch6;pOYz312#}6!x2lt}g
z_`6^=Ac%F@?)ilBn~6jB))0$mgG`7zC*g2{Myk89emaR2{K#N5a8-!*IYW@mX{K79
zy-Cl}^e^s$ybHArtBJ17(E69>lgAhIBFtonI9dAOpJd5YP!g@!4UPBiaA5JEDiy~B
zDZZFd8<;sA|CZ?Go}Gc`YLTGBpnH8@c=p8Kl53n91Y8rJeGGs`O}jw&^H~9&3X{To
z3|S}Ovb)_zlh0jJN8)wtwUh>UI1C!Z1Ftz=%_UxY!uM=8bn#dsO)f5kxRxCjV}J4I
zDzU$z3%6yM>iRad4Pc&xws#@}mg++57ry|Yz6dZ?u)Q+EGa`+@qpRHB(RbQb^5#+y
zli<JBZa`G5Tt{33R6EY;L+U5s+xHdIB$9_`(F7)-mqk+v4d`?Zp*ujaM@E|5Jo<x^
z6V@^jWRGLYtYN^)Lzjw8doA~Nk#jbgQypmX!uP)uH@}-`DdTx_^PNRL|I*U^2cV(}
z?>jn)YcngpCJ>%}#?~P06!ESX_YD4f8o(#08fbO}My^~l-+$--6F9N>rb(tAu>eZP
z8XwaOmFheM#Wm~p)$or@AFc6Q@idB8=yp&V8VnQ>*qDis3g#g}1Q~Cu`kcMyqy60v
z{=llS`J0V&>eqZ?(*JJMh>NozZYvB_gPGZ&Q7T+}yTc#I1IN7BOKKl1T8SLkbd-1M
zYuBLCtrNwMJ@*C1SCx!uvBUBnJ02i^a$2ncmjJT;BFemXQtvtd2Fl%5Z1XxMPxZrh
zFn8a2xU$Fc=;ub(3a?50%CUe~&Qs1NJFBZ$Rh9)d5EW*EQSK=$h&NPMLtie`SIoW1
zgCrpR)}p5PCX~I5VDpd)n*9x0hlYJBSFmK;iA*Lc;Yle!ZuNcB)_}3v8|g-q?7$@p
zMX`2GuHlV_1^-NWxmqDX@d~nZ9Y_K10529MUtV9Ys#Lc~Oq%XA+rLI^Kc8!*aHfo$
zDN3H^J(rN4%Ix%?nf4ZoN~T~DbR-FxIEzuq9VUy8M++0dTU(?+{x^AK<I07@t6S(y
zVZ77=IcY>)C?gU3GYU2UbdJKRx&<xEs+I*2gRc@+D~%Tknz0AZ)j_AVxY}XS8OfrX
ztO5g#>G%e*H+piVrci87EIF4}<!<@prFy&hru5TrMh8acLg8l*iVAKO8UYI}w#zv<
zaLAxKb3xi_VPzDh6ea7I75T!g>fF)xu*ZZ?Z(6n5=RFTtlU|Kp7{>$}h8VHpUD-nH
zD#n|~10URQ)1uc&8lW;mo0--|^uerMd~;$OJJ9<FyFvs18+&gV)mFRr>n6b|PM~NT
zf(0lPr$C{&1_=b0;;zA33VnhHcL-M80<<_3X>pgL#oeuiLY+Q4YrSKfwZ5!z&b!av
z-`;%9n3?yylgxR`?|)qluN6z@s?M!bDePc*{?u%DNSTzKhW6X&!Q~PYy3YAWi0VL(
zFA8@O_FxFvZ&~5}pNp+JKN))c*!OyG@n(AFG~mbIfYNbqiUQ4p=;MnlF&lS5C%Wh#
z1g&nz6JxI8{_1QAwgTng?{hd_>4Dz^hxAOV7)%msg!zN;ovn3yQ1+qeboh$Mz?I&!
z?*ePTn`RDYFW#AbpWc=U`ThL-`0zX-uI1>2J+m&lTR+a%qg$hA<w0$Ni}B0_+x@ca
zAO>2{w|f1PA~}bzQ2Sx*{jj*%{K!Yor=sS`pExxcyLq$_Ytad@*U<HuELh`3^D<5)
zuGw!h?OrR(s4DSfb0yhl>T=Tq-&uZSZS$Jx&|!h(;z45-X|DK*CJliNpTc9jpW6m7
zMWu-+9T`Ob*?21;@lghOz!A%{98{n3NCp@<NTpE7@QQPNB2`P_QA!aJ{8_AWgTH6w
zZ{rk1$+;u4$>Y>FaWCxY8xj?_9HagBs|UoJx6fZl8=VL|nsFCm8sVLO$hWf8l=xcl
zp*ez9?3m#oOZAHU=L-g&C^!Fwhv6?%^LgY`yYH(=lU`j(?lbdQh6`HK?B%CAW!*in
zu(>8G3?S_3ykP6>N$MdO9=4e+hiPfHC%dzq&o^aQG^i4RQH^6D*NPOd%7I9v0=d4>
z4iw4?@Xo|C704u354ft@A&46s&^k<6a2_P*8*VO@8EDl5Rhi%9#2Vdpg+BD)=Ux!$
zZwrq;;ypUvF$o@cGMU1Nq*p9~AFO&czZ^!gPD?|vXTg10wl8Y@5ue7XI>=f6W0n5#
z(j6PuKZ<2x=h8)aIIv}R^5b_bi-TWaNTLn=CLK%Jb}P58@4($Z=m|XFtjLQ03zC7G
ze7elFk^YY7+q>`q5-RFB>HOcW19<@yoYN`K9K33KU0OunOTC<bwCsd`sA=_c^D=6x
zT1o`2r$~|5I6cntFpyBMuul(rbVWd2@wnmkX;%K+B1@%N()-obVYRdvF7;BO{qci}
zP|?z$lJIDe3_hf0!%Nt!=z~XKG%;Orqt%zZ*I{21qDpi|R&j%vR9EBR=S1Zcdxz0{
z`H=OoXqhAp6JlZT^Fn*<G5Sn_&uy=TdzWtPp~XvKDK#01ikbPhI&$uo_c?T=%}&3b
z$l>j;KGnUdjHgUHRWN?QeJm3N36%mwUiz@{D3o}UjMl2*-t2h-G*;-t`#bw{`bL^|
z57KZrbx6qxEpi0KZpb!3ht5#um$I_N3CflS9SLeAv4}0_5Tiuv$~E`qu=e@>hCanQ
zbDOma0D|OjwEkzwUTmk8vLBy*)rcEa<q8C1{jv5_DHkFeH5xRhIT~vL2_UzT8B3+!
z%Ds=OK1Nr(1Q2DzYWa3SV28`<SwnN$%BHJ^x#^+#{CrC@+q`$qzF3znv#=l6^G0`7
zMEiIEB1uKq1H31fJ;K}nB1QiUpOG99PE~_z#NIWEoLl62hKy7d_RkBzs6(s<0E~QJ
zfvbC;r=ufAM&K@i1>@T9d~Uw1lqqNHTH+iTtPGnphV>7HG1wttJdyGruS5Bhg7X36
zS~m;g;6xj5ujC+eK^~xV3|U)XN2G?aCXb^q&mQ&rVesH19>tSj(Bn&9CfuB<md<RY
z=E!fNl4${tl-qt@@1XnSLHF6-1Y4FAo0ktrgA4m$Y^|_oKb5zb@!(QLOX#GSW$4Co
z>h2J+VVVC|tC~z!A)O?EeB4Nt)z_tG7a$0PbMzaTzk`I*gVvh0x1J;J1U#On(HSP4
zY2ds&M&!fU@M>%q_>+RJQt<?~O7`>gD~u^ibLYpB<8Rg3ty00M{@#wSb2S}VBqB)~
z#~6B=Xpc+ueT>6R0Qw^H$m1(vFN413p~!Yy!!lcO6P=o|F$yI4p1bh!xD*06Dq}59
z<Kv}Wk<JYk^VjlwhNXvhe*bip^t|MnTFZ{ZVT<J>8*bKyh4%QB_GAB!*p?@fqo7lM
zN3ArqHH}m_;X_UjeFCbVRATU@FU*JXsCO-(vaPR<jIn#}ajI%A!6z}n9QsFq(4gW=
z>*V6$i{J00x7uChpx?Cgbk98YlC3$t_MG4c)(u2?*HIj*hHc0gBM}IOjLIJT5}zm7
z6#PC~!r=6z+FbOx2I(VQreoRF3~?aRa_O}n<+>Dfi><%Aa?xj>lN113Rt|T@Pu*xh
zXp#-yCgXzVoz)-CJ@U0FooX`?>Kb^M_j@ryLmh`Ke)1HsrXrkj?g<qAJ1lofRE*R7
zL;iuHNSV>Dlj#z(n*ScBT{JCj-I1hXL|6H`J+?i$ER`e$o!7sA$-YzQ%0PMB>~)x&
z>dhZSD(my0!n)bx++U$6?KLa3THgm1MyfAbCVZw8GXemjhID8d9KpF96`HHd8|iOe
zo4NeprKcop^y+P-HqlhcwoDA}1{EmPR*Hav)r7IDdG?N{OnsVelx?;4OrsF|-r4_#
z(u8Tk05kN<wXDa?`joPOm#(4i)dQ7WH6VEaJzoORdR5XY<{Uq>{yNP2l5AbhZ&lv?
z?nTa!ncE=lK)dPrwd4<w)C)7y6>E=E#<{*ZbN|0?as$OgzVrIuOndyO#Y;@K3g$k_
zH61j(JWj9h=%72>a4fF<r^LjmAYtNPpNajqL*UE)+{;}q?n3{xa8%lh-474av-~=p
zi<gDS|39t3&PiI41$wivjQ`WG;kq<2{I7E*|LX|x$!sO7yrJmEf67k&W9t&d96w|`
zUH(tw{-@^(mMfjqS8&RvMgCgB>%|76EiH>$W@Wj!Nh!Y3R)yz}T<r2Iq$;vSfO>J^
z_)-F46x+8D`i|hk){sTKT<5dy@#(AOFQ)JPhjJQ^w40uNShV_w+NLS%ud{axa={--
zHEW^<18G@832WMyu&r=~f<Kz$se$_e4Epe*a5-xtP^^}mRV1MXRPGoXN}!^w%|GcX
z6I#^@dnBp#07sE0k$7C;Xe5dwMY(bA_+ei@rTj{X28a&+$202=IXxk~c=h(YPy#Ok
z`nR_J*I!axBKx1hpt**e<X+jz*DstW?QZAp|LX|XJfX-=sYFW0f2wuF&z$W4b*kZi
z9l_!>UMw`Zt8Dg9NzJ4zGxqoYhi>_w#@){SPtX0gesj}fneHX7IeL#5dv_4*o&R{w
z{MSPxGqtwx&p#AdPQ?i|#~xjY5jt*7O;oD=$4r4<`L*1jxVQp3?9futKb%x&0N^*#
znF1Fbb5$MG4$9l)xs~8y(5v>=0tq7-3VUYz|CDJ7$^RR`X!0Za&&1Ee(dkRaf5<`l
z1@Gr4Sp2&Z7y0k$lt7`Edd}ZX>W76w`JVqC{WUQ)y+WX6&@QNE9q?0BXWuX!VN|qP
z(Zhx0qfqPqJ`#a2?J0Rd!>|WM;TM>Jg&j`a$3}nLw{DyU_SJ_;pzBhp51BHzr1T9f
zE!g{1I8)$T5L*phU|W*Y{3KmUtF;73_gK!|5%8*v`|;TO4_+Jcs%n#_u=V8(QTA;E
z&@o9EBVptSfRt(oSamF}^Xgd#LSHM{HO^0=Wy!gci<^V3-YY#o8y2Sl#qB|)8KSOu
zzQ1w=f%~8!0D;F36Z*nD7FIdG=Ee9GJGN=n<uW?E71|dN0S+LvziY5WU-WezLm#17
z#+V_E3WDJF`CpgBe*;|p%ycMn&_0y-9Qz9l$ti{W;CsYJOl9cO@SW?eMY}>gEHwcH
zK+z0to*zOHe8K2bO*^OoX1;ovw2t)^`o(>FoFGd+LAm`5NFwRp$(mJxkpaI2_47v=
zXh_ksFH0?VmG_~|_hy`YANqEzJ)K_~;KCay3IZn$%_I^QI*oPa)}CMBQQZ2^0N(YU
zDRn#xE@pjvAC5W$`r4GyzRs;$mG@cZ4LKG?;J)<vTPkxLq@VyQKWsT4IS4<#0)U{v
z!ra6m@=H1~i7!ts_K_oO$)%R{KDki<TD}jcT(^`!Vd^q{yvgga7-W9jE;yamvT4pO
zNNQBSZYI4kb=nPucx@#P5=xC~)T7a`Ea1>*q~jjh1OtF00|XZSJYJvVht@ef18n@*
z-1&>m%>$Vlyr~)1Sunu7YlO6x3G}R-fu0~%3k2n;Pl_|jBzKxY&iUp@Hut&j)#kh9
z%E{B7%_(eserM`1o|fNDyR*abIj{dbY~=oL&a3@RJ@eINL%Wqt>!4~pv{~Mwt86#t
zN1p8o*Kz~p(dEy1`o94_ze^oXj*M#gRaaU{bzF^|7VZe9m}|Zj@QWoM?W<}Ph*IUE
z*!Q0k)rl)Xb3tnDfC(U?HD#gYk=$FQ_R-ZANn*)+TiZj$_3_@IT0_n{rp5vSapapt
z!U^N8rOl2wUKtyxH{PDkJuaB_M)JK2pslS;PoOffVu@FLP#nB`i>@ZKm`Hu2msYoW
z<&hf)eumwHu6oSnG#Lg2sD5FP$RnV1nKRQK%k>!=#g`oi<bv!bdo8N==>izN@=_s?
zlF{^885Mn9eIPwplKox4y3gz?^7Q14yH4Vsdf9$ov>EPvwKm-m$V(2{Hek3*sHq65
za?nMkr~vv{51$ypOu#L~Eqdnnw$w9kHL;EF{kK!ciA@*oW~1<^s_XBtebg9a?Ko4J
z4Jfjw1e9heeL6F#)_~l;9xXF^TQ+Hz=@^l2ZB?8%1i5s%*jlS)V~XP6M^#>wGR5eV
zbFcL&((sr>W{XIt9?Dd7zRA^ejn1uCwZP<uK9A+*G7g#Szn4y*aiFuT*yq5&nqOVT
zWs0`DkG>Q>FRYOHRPKF(`etBe<jo9d^xO+Ob8k(`<1eByfKM80yq4x$(5nDo<MPM*
zv$pf6|F6T8;M?32cv9$8tcg`~Hw$Nh#^cjzjz&}|9^x)LC*!d#_cNCN1MMfi{7x^s
z9AO&DNM&2#v{kaH_}6OdsHO>>M;FG>luH#?mgC**C{bwZajT+OErbk^-{1cMMw;g_
za0=fSFn>~;#ryeNjOXizMrxFIeIByG-|=xU4`<FrV~Q8yr?m^pSa_-=0Wg6O`1w+v
zE4^Kgp*!m?f@yH^^pn8VhIU=Iu5Cn9S<k>DF{Ad^4hc^DMULdD@q?j1fa+M?7XnzE
zXO>*ZtXAz~@!xe_G0F8JkIRB5%-Tc98#pxVJB6j-J9#KjY;4ve2GK86YLr*s*ZYG!
zX9H*a7ZvRoROaD5cKP9~VQA$Z1%)6W#m*4RU(e@8Sjr0Gs{N#1l*lF%Gc581H&RbR
zN(Xk<Ge!C4RFP{8ocYfxKx+y}h%fC)H)oxep?FEQUjCzdTIAjAET4P46dY$fa^0x@
z26)fHzV8?F^2XA~X@iy%!v7DWj#%fbWnXDJzqT)Bd+$thf$*oNuNW;(<Da6q&p|4{
z78@3G?kBB$fpKvB^?RV<Z-C0<KYPnl-D%q&bZ$h=^Hj6z`Z+7=Sj;km@DB351GrO#
zSG6t*{aD&ip!Y5zeTE{6MC1qPHPV%?)X31ut=zd;H%oQ2fDAM8R^7wVP*qV?%9Vfg
z$~`4!hrhBOw^ZZ>^&I1DK&udnKR6)vZ8{0GGY&T|NZ>v8Lrifo-(#2|@?V*%I683g
z;~{(o3g?jyCN>NmdrH7`Cp8dOt!-J?H!4us8j}&UQcTY&!n6bYP$x)U5YY6pNJKQ$
znKbiKUu2eW0!qq87!KhcJDkNbPE;>GH+qk-vd-bXmv}X9p<rl6q8cr05I<l90}tq%
zC?bS<2pZ<-*t%luiJe1J^M+gJIzjrMFLp}9&uuT@1w0P(UNL{^)5A5qHRZVhR0KOZ
z?RYJKf`C<#e!1YA`M+YW$pk_)T_ru2L}HBf_mNfuVN`;%d<jorDb%e4B4f66Xuk(<
zjTt!9(u!M_xKD#+E9eaS+1^56p9N$u62?f7waabv{&NIafX<wrU04EuvvudbkkW@t
z+{5Z%OczX>un{-#%9P#z*Lw~J>*S!_W6!zO!Y9{ltNqgM2L7{0pES#t+|G$deOmZR
z5tkBpm_&O9BI5_mGn2s+s3Axof7p4_kSutB0|W9*P^>@EVc)&ge&6n1VXQ7i#vpJX
zR7<AZj_Bm&<4O^#W)BPYRFp#-izF!MM;-sPLqH7WzC0Uf3_rXKTUr_t^W*prY2g12
za3)2Y`n!Sa%_GJqYxIIY^k+Ub$VvSqO8!PT{xal&yqo+Rfm;sm@B5!b66_!N;d9de
zY0&oHd*=y{G`U^IFpR8=93;>A=j_(zzemZR&P(1o`5Pd-xm*bU(f&v1%@@jBERW30
z&Wv9D4d<8OCpRd^Ilf@NulLGcdaM6=4exMXwt8Pm{q_a5kl9bI%kPK(xFAXC|0DzW
zKf%?<4k_Ntrh4Hk)OYm{e@<sO$K&rzWPvnmrs3=JI=eSJ*@9o$zXAGLEFT9{-;Q>U
z;%z({v}O#4h5xYe+~X5P*h{KxgoSd=@pb9!9<zpCN@MRQs<eiH=6*?>j^6&-+LK-O
zI$byp_|-vTQaNq!yWj6+sqXo0=_UM);U|-p8gDQ2Qbe7xt;G-_&VA6-a-465a8Oky
zHYffin+EGoP!Z;WH6(Ast<GHOOZhi)q}Jq2s7+W(yhmvSQ#Gy8YJn)(K#?sdEQu8Z
zNLoE3xN<U4oZ%b$^J>-A)#Xq2Ec=uRHQ3}PN7Y2^5EM4YmyaH9qst)N@$5m~*Vwr4
z;kMRP{~)b``|?${tKUgN_l@-M(MJyEa>$9%Jm<lA(t@s%Y6=3WMWq2j+|&31_`K=a
z|JTaOam9JjxGn0ZD`Sm3m!C@JYfaj@Lt;3R&%6~ZGle$fOCnZ@fn~(7e}!S5J(PL+
z(CO^wp(c|cTYlUJ${nqM1RpmN4pPLLLb%sG%=yu$)(z&<1uY|7uyuid*>i3@k|r-E
zwjmQ$8u$ibRWg|Ysm*oE;Y9P3@b!w_x@0KZdy$VA@K$JBG{57oCJ731CQx3sCJZr{
zTyFOX(jADyvSxD4iK5>O@LOXuC?~ok4<Lx<kB6paC9G3wJlBc&VUbb6y@A@<v5_St
ziYQv-Fe*7Lj^OJbMT$|#wfs0cu<~qkROR&_;&0r6d0YGpRNmn_s&sB31T9DqqVQ0N
zHB&_R%v&X}3;R~iL6f_xTKA-!zthcIE9E(~w(q#8A;q5R^4Nl>F<OU#4HmAh(?I1v
zMI<@|p(c2ChFIPD8(=2BBf14v&mzcr+Ep~FAaIw&EuwskSg~U&4qFsA2E=e_s*?Np
z@zNzjKj|*WJ?L6_Gx1<P5^A$nK|yamkr?$wea|Z*6`^)gugT$c%fXSsN8W)ZV$g-$
z4<!5K{5<XC@j#WZvy^51@`_pZCll!`Vh5bk+7KYg3pBGFS87+4Gv)C09+5B;DM$j9
z&4G7z%+D^w3B>1SFsA9TYZtWz_z0F1)XsF=%2%qIIA~auy#W&VPZiy_rKYAC`;+57
zPgS934l(=qpy9-XE5kw6>f>IDPM?a$x~+6VlfzhCi4b8?SOPyO4HW?5GriA}S2ceJ
zx#kee&~`(%{H^IAq-lRP&COYfABL79gy;6$A-&W$<{6-&0&%asyx}kSljHZU!}<Qx
zl!)fh+|aZWEuo0!f*{7aUyYau`}7JP51vy{xD5f?KT>(f{Q(g)7-!yMkzHx}rg4#{
zN=flaa9#`*bVH3j4(7q5)2BOT1T={GND3~JjiH(D4fv(?lJZ?kdxMP2kjSq`!)4ED
zZkk%Btg3Q7F{MTb{(T~f#t=By4#dmi48&0=KC^CCICraBYGF2Coam7i@PzG3#&rS%
zJv!yWY1F1Ad{~EwDvk_F?tnN3<Snn|XF@evyK`DslFgEHbL!__-65tnLCp};q^Sh{
zl`KP6pgK?RXh}vD7J^V&1r!Pt$m1c6?(@I8y?(HC)j95*axKgzSXS)kp0i2$yjn{$
zA{tRO6b8o0G8I9IVbNO<PT7oZx$?33!-umdA(pDlis}6dRfPk3o|yC;$(@RQ0KpAQ
zmF(RVU%I4U7_`nRKf*-g4JTYS*J~4J^mbsfJN{{E(2~sAf~K{+Joo-Uh!k*1Ow}Ch
zUoDpK#`LH@E6exHVbc_$E24x8E3Gx4Jz>KO2Kh@J(`B~5X;onfLsSS+{b>q#XG#bc
zQ%i=;fykAW@zjjW9r~2)R4N2tgwK+)5A7vzQ=Z1BA+ufM=b3=lr~8ZxJUX-o_SZ8S
zXr;TUk#JdX5q=#aX#*;KF$5UNQ?=&Vrg^5Bu0i{DO7(et8mbq?6unlWx(drJWADGE
zC*E$SM(?$X)Y3|rml5$(c6&A5qu5<#R!)^KUJywto+yc9SH={m;%BS}(gSdNCVZey
z#qVc}IoV)&!GhD{3j5u)!B)S8M?P-bDo8VV*3b9UJ<t~r9x7G<nhfpeo2puc_neOs
z{AWzYzx!)OJz`^ji7Wi^(*9H5|Cm{O^j73s>dMGHlZWFif95BhnTGu066~3XElM}-
zg1xWr+`k~pkEvZ5beMg${)UquaXFaYVN|0}28S0lriwsn<Legu$(SmI^LoWcC(w>m
ztocO*@2y?FExpRS1r7fScd+`{^fkqeD=OUJP)Ap1p@O5Ct$OORSLQ6QR-i-y1Owz?
zsw20G0hPej+0T^kgic*qC9W0>Et0FoeNkhK*T>@<PTVifpH|(-E}T>?@-#O}xZem>
zEvTBmCNZk*AcGw%pS@dGii<wRc<2MD6#mNa(_vj?*PJa-Z>Mcmbv&n9U6HYSbxl>W
zVWRVE3Yt55CI?Z;CmX3CU|Yp1V~Bsu8_SR7-tla&{HuNjeibUQYjtN%TONk%r0gsi
z1J?kJjD%re@FS)^EBufTgZ>);{RR8_GG<=Pt%*_wkBl9ETX+{I?_aH^ICQJdPLJdB
zyS&HQ|6%Q!@3dBHJz}z=WmT_hzg?$ezTaP<^-r<eP*HE{Mj_ZWD_}oOW5WGv(2raV
zkKiw@#Ni9$13GwMnY2KTDScX6AmBqYHS&e}>8rvdT-m0MEyR=7%gQK^T(3aZp<Rej
z;XWx$Nl1|cNguA16K4Y>{*`>c&Z%;lzj#G>;UvMJE<l9V+(-?sW~BB&_m~JCpqry&
zDuF;oA*d9TSyRs2u~K<6p|WSI=JPK)yV>5P$&3>2%}5fa8Xa3SBSyH+MoYpgF7^n1
zBL?(g#9IK)?N-&&rc$4HQz5;39-4940>T^9h~S9Yg7{jekH@A0UGx=mIQ5G2&XzLZ
zxXC9u-aD^5(A63xDo0^j2o6#uOrGbLXJ>8@xeR}-LeSrUiv;g)MAKEX{`5_R43+x&
zk)b5i{FTOzlJ5*NygP7MxWf{U00T63K{&50RoRwS3jORw=VOGpZnd(z%?C9viv>>&
z4xR~$A3v*d=)rJoNqiI50<5s}nACtIIW|O8&=b7NlU^ENYWs~;T>^Jn%&<aj{AS+l
zR(5V(DDh35)4X&x1#3rrKvaYZtAuP+0;+^tI*A(sMuYBge*L;CU0rxv#L_EbR4Hk1
zP%GIo)m)enQsR?#H4zt2#=u;(4mQ2HOJBuBrJb)R`knedylnE&oWtgq{_Mw?IgL2a
zx3|!}TK~8}$9?FW-4C2P|Gwh5QYOB-m_NHrSCcIqbs>w6iO`m%ckQ|tH`lz2EMA_1
z8%;xw(nP2VhT<Kq-y#B1y>R3_4f<4$ytI--gkw;v-=IaWAsS2Qa9j44O2+=fw9jJk
zf2smAI^9g1MpxjqRvfJ3t`ZrqCmK^|G_QQ!VB37)IiKX`8sYcpthq#V0lu53el4sK
zXs;AmQ721M>#7O_i0tbn9U6ndulMonNEfWi${d}q)L2%Sx~Urol@5>CEb6SPQ%LGn
zUV7;x<B9j!W9F{kZTvXKEG9nmtsZxQhpf)7mNMPxSAWBJ9VO<_i+8aeBf}WbGS%o<
zr0@llV27YpGR?ReCTO(xB|FadFTPXhC0X|qf!l!8ik{=2-Y50ndP=*zHi*rh132Kw
zthBqM6%PzGC8&sxu)*P2vNp=`u0i#dtm28McFkkP<OJg>U+?(6sPuPxH@Rb{q1<ZK
zXjdOgwZ$$9pvUghihKop1}qhRb(@hERH8KS)!KHrJEB>&-4)+VYqbMKXa-pDRO=fl
z#gan&Dr~Qnhq<?#P2d76#ZPKK->6uu)t=Ma3-H{jwMB(H!pk4Rhry#;aTfSRJTG8-
zlFRu6zR2gYT2<5e`#M7B3pFNH-xf(af_v=B_~`>R26KDh&;;3NmmH__SDijeQqPPu
z5Z{M}U?@oTdB(EKtnLhZu>{^XXrS2*5*p>M_-yi>x6VvXR_$1RkGy1C#D_$>htw95
zvJZ-lc=^Ih##5lF&~fk8GPtNm{lSyY(<VyJ!}SNtVfpmm3>7?#26^1b7^qa?vDhM?
zRnLB*1xm&_8Mc12lX3@Uc}ELJgd*bEwzY_$)W!MtDnIZu)P1;uuIDW$75v;oWD=9$
zJT~R>!AkdB_Rf-Hbahamd8Vy_MD7P2%))67XPGlJFUlG_UZ9Sn3Fifs&xwSIJRE~?
zbbs|(Q19rj99!Dw-P(6x9&Jy2CW6qj2R4rS(nC7c!yQvhyCU#3U&_c5g8IWT>c*+)
z#p5qvCYJO?i64VAKKtQfv)nq|wE9T6#qXErfsbNa6%2vwZNMc_JGwXJa(Ut#!Agve
zZQMopx*Op_j+Wh~JIJ3&Y`BtWM8N!3;TROJg$2kfP?VRQoeShPcvFxiII<XRE1%co
z)+ePZiRD@7Jv9FO?6f1oJb`wft@Ma#U6me!&U~Wo_0(VMzPIqJnb69cWIdte;^svV
zj`otp{M6uHrGwKE``P+3y{rvk77W~{eBKZ-Be?^Gu&GzsICDPufLPQp0d<8msXP@&
zYS;zPBGD+;STvy&A3Bf*NZppHofUH&SOgzk5?o07^T)1nC;!Il=eAI-%t<(|btgB9
z?>SqMoDv$w>Ol<nJhrSmMZG_e!zXcN=7gJKoHmJROl>bRbE4b?DS0Vj`E&G!|7vR!
zY@5<+3T#_6KPa`-5=LeoU3V)-S9EAcl#I74DO8~!<aCr|i%-4&MJ6d71OSl{4xM7L
z6*LHVF*M~!G}$Z9coZel&XuE3CUihcy96NcrM=&oA5ku2Qj|5dXkOMm$VmTjh!I)$
z;aqph=q*-KmCJ&`QD&rUp(nMMiVquYSx!%ev7wbT?-$#b<}Z6cN<Y=hW4I>~VQ`aY
zDQ-6{O=)hcqi%$!p3=LOY#2WDbvu5WbVdcm-VjpQfPl|@0rxD?O7xAy-ELVqu98`E
zWw!iDxYi}v^th`kc0UcN=ir)be&&q>!im)3RE26ZlN|eG`*}g|T;scN;d#Oq#Y~|1
zgT(#CS9psy)mX0HA|%yu1T8Sbmq9=+3<9tzR0xx15I#n}9A3}&Uq49`Ul&)5$mGl)
zxS@nz`f@sh<WT9j>JBIQ9b)}XHf5XrdVtf^rQLRp9@CHC`waP~=HGh;o8PypRcj8s
z55kQeuSva_HD1Z4hs0VJjTUE`p7)aEC*h)DRb+WP5h=h(G>K%Nuupe;z)M%xxC9Fs
z%g8JG1(&5|`;P~lOtl+UMg}5DliMSEL}EN3!?5-$!)E}ejn`>k^*uf16T9o0nIpv)
z9;FX;SY6Hvs`A<q@nuR!Jyab|7Ll?f1OzPsP#u}P_2+8sUrf!khR0N;u#uW;r`nGb
zjv^z}xw(A7GVZm0%n~LXf$aU54C*7Wq_b&9*Ki^qy6ofcglK_3A3~Ax1*H!q^lIr|
z1{ya`ajU@{ti)X+YZ%s<PTN#;w|nP^acElh$h9%xO$n#3-^yk)K_YKlyYMX9Vf&6s
zBzv^0TYi6*XAT6z9~tM1=952qKu*(%Rj=TFB4iEBqrVvM&J)Nma|ya8G<ZXsPQ)Iz
zDTh4bW=!qH#qupM7$UePd<e=QMHjNMk$%I-54w})spSFtIA1z%egmS%YZhgd<*U+`
z>^ushF{UP*>A(?{9*ydEN@!BzWvbbWOa0)#0mB<wi4_$Sv*#<NrWx2em1E@s(JUoB
ztpc|@)lyaOE^2T~dqkwGjvA<n&;bArz?OF<oDAfs>1bHpnKZ3Zd|Dl6m<hdZkN3#5
zn#bp%q4DqG$2qG8-;6b{2f8KhZelN>`a*p&a?=fRpiebM*-b{KM&e^_O6FB7l)OoK
z(yBe3nko~D+L-GOZe$FtN$Oh+Qw0GNYVPIP>ax?E<W#5sYt`1YMioZdW-a<Ddo{BN
z5Fiuc7JeL&;-v^fe-<udQz7gm)+$&xz`c7M+B-D!kxnqH`INE5y(L~x{53yz>aCI%
zrR&WZ=xF*WVVvAyyn;%PN;_veN}mdZzn{0!Or74g+%OKm)|$6#zLm-p_a2`yR&Aze
zOkSnsCL++p{ieU*)?fteVK6WQsvUWPyz}HHuQ>Ay{K!m7T}PWx#xu?1=I)dQcF)U3
zl*qIiX3!2|0w^#LoVUKDUanD@tWsOxI<~sQl043jo7}T1SvM(Pbtad97OkCJ=-+dK
z!=bF0PrEs4vwhg%^fvFG+(RJ;1vx_nr{*lN+zyG_+Aa6mB^s8-muljK)s$x+z1)?K
z#D96cpSIh=MxJ<!hd39Ar{g37g!g|bTMC*>`M*2PigW`pnx7Et9kKd@8r(-}Ap{+o
zv5{jbMNlXa4L#Yj7)-R&#4oE&hS|Vbij1m>O(*Y$dC59tbb6FG&G9y=T|&INnpij)
zfPo$3OMtE%2wEekI$wBnXTkSI_ru7=&YlKYyGnc&e%aMVm<*{gC{0MAPeX?#B$T%-
zmOOh~OzHB4#a|q})~DBvx5rs)$oe0THv$zUCeDrEyHyGt3Kc{E?Y7dkByX~%@~hG@
zr(Jn9JJIgCfbwp#&OnA>vrn}xv8@>zU+yZ??2TnmP$6iZ7(r+df<1jjDGI+bHkf~(
zONgxuwGOM1YTrUd)l3k(&{r(%32CIVW(X84)$Uup$TFTMVg{t8&o8HuR*;-LkZp>N
z8!+19YiRbj7+8Ejx>AbZ90s7YxqPMBtKJw^b>t^N<qX*<w}^oN${M<l_a>~Wp}1>T
z>HCq19>?vC3S3ABCY(2KI~a_&yzy&6{1=2X<V2Z*?m@WOuP&RTQ5l@!A7hfGsf04T
z>3Y2v`8*$zM-nyZzRo(%nK#t@^3%vR$hVFy1|C;{V4!dsC7a@bu?^91=(H!(((YR<
z)}QD`eN8;)t8QV6o5&0#nxxehaOGwsscE$;w#cZ(dnx$Q{7ik0(ttAn5iQ%<tXcE8
zPNL<UdbWm3Ogtnqgw3IBS@laF4N!cn@R`1`&tK|ZN<1Plp#$n6Qx9|REIS36?K*wR
zn7{Ybi#$uSs&@Ml^L<8>3&0Dny!dUvk$R5=z!zh?V-LWnCTtUbDUGo3)mw_(*{DEl
z23F4x<xahKF6lF#^p`JbNp!J3d#^EnW5#@37#qBr(@Up`9O$vps{$U8#QH5)uD>}D
z3eI6xwp@8Q`||rF$*6fz-Z5oF_GeFEv8wV<d9DN2XWzd&_Ps4$R4=G@dZGH1)fjPM
z^fw@UAp<&Z=1lA+q}#AAD;k?p_B1w3m_KBUNTfgIyHm$Totewt8}pBLGd{{F{?R6Q
zCEvRvCITO}*r`!|*i~R!#wH(7vvS3~?auu5`QSuXKo+8DDVn^hIF>HlV@Bnuf>=1C
z$k9-ygb+YEPfN4uJ6%z+$oDg~(wM)lgfH@1IeJ*2!X3b$nyI3w1VlfX<&WfO{iUQo
z{?h0u*HL{=at?k>W6PEp=eQmYFWGnO__T&0KMiqB98SrQqdQYr?I9307?#ZjUGGVk
zs@yzU(f%9YoRz=2V(MQ1Nr^i`(u>!k12u1C^byFbSac^UgU)X&*Y<4!00d#hs15`U
ze`Mv!&{^XD8PaDL*z)50LqW(;%Y)Lu%kZVUSC|3pKnMtgN*N_<6Z+jo^LestJ+o6{
z{%EfL&b;Pbq?LcgtBS5)dn?1R`LPG;f)kEkZRhB#d__SifRJ|pR^u}9@di0>y;uQm
zH#7#f%JaJ`VI>!R+`v^f2-GmqQho=VmrmzH_oxz5HY7ke+Yjq>hjh9YR|6I<MJIDh
z-f$GSzpHbX>(ppg)^Dys@@uv>S=;Px$i=&Ig+H`{U60a)BdjEVc)%^21d{N8hVF~d
zYC^KxPpiE**XB-!rb3_7vpTy3CHoTPNB;2eIh~YTs%9wG^V`CA9L5_a?C}fNq)E$V
zE88zv)LhQJwa*vL!McTAGy#^XgT<1X?K1q~;hpMMs4BlqRlpE3j_fVp+nCwQwnr5%
z4kuu8&bBiyWNq!r0>Y^-%&`E|!jZ0dOd&u%g)wNSq0dJ`ZU8#%XVT;gN{PG?A^C;C
z+;z7f2~9?<Q}eQlUju68yzkh&PF-z38lJ6u+5E)>Gx%`9KZqNJG-06UBll|LWgj@$
z^aWB}%&l5jy8leJi&AS-HSZ*{4IYs$`h2fyuxu>^6*j`Sy(p|%hRRE(0qeb0PXPuN
z=+8`z$z;0bygyMH4{$s#cp@OnefbNdNLtze$GOPrNJfh)-}D)f#mQolejWB+q<@t(
zpJ#~qB*5uVAD2v@WU%rk^u>l%OE5nzt>45}z*4h5VR8NSS8A0Z0ywX;Y9Zt2gX=Fp
z`V$&Ti}UsIlRv>-v%HTv$3MMXr@g4%?D902?d5IKh!IeY*WV2<c;I6d0Dt@~tXF|n
zq&?4FJ~=RI(c+?HS$yMbUz27-W&-Ym(Xq_$T-_j5ADzxuUmbzX5x#urF@GX463A-5
zAJO7Ntxkb#3#+j{7C>%NM5)f>IA;fB4ee;eY+#w|-QzDb!lYFWLA2}xLF`xBTFvfF
zd*VMk3d(DjN8T^b+d8Bc`oZF@7H&U;14>S~Hh1Zl_TYEwvoSHz%VtwUNvZDma#jK1
zcauL0>TYhi7S5Fyth6g-<LmU6Ke!zjNdqn#NoD9#Dow|6cJ&0oT#Dj@N*P)P*#0ev
z=-bYg)RV?cjcD;$zM(I|I!t3V*4PBQPBY?9RJLML&YWmbXE$AbU}PM4x1MB-UG?VS
z(bMPcuf_F6gRa^IV~fjPG3U(*6(fyw&-kwmk;8m&ejcSlpUo`w;jc<(KUks9BVC0S
zUzVI%R-LbhYtD|rCgM^X5&|rlhPG7aVO~&HQosd~(BgJ2D=H)4M|KiQjHfDHdV{3(
zplg}KZ8FFBh_bTIgnV9<#Edt5l9*mN44Q%k+B~XFO&}6RUp@k$!6guzkH^M!@N?-R
zV-3`FOZob?r<XvoV^OA$T3@Y0nq6aJB=rK}qNW(V?IXPL%Z8R_O{^DZ6$_J8fz@Yd
z?Ky<7$(2C0`WDX8=a}a`LhNd3H0izk7!0^z85IOPoISd{hdZ*Z1+LwknmG8;%JZjc
zEVP&^2lEQQs>eyb(o^<T_G||t2~Zx9NcD?-PtON_hE1mFq*Kl5J&gzIuKBrh=PzqV
z-em{ZY3ncNwg-+slFl2RY$IY5M~Gros=r0Pm{s2ajvTcC*VH8@s@*CIgcoECJK~p#
zc8z2vH|kS84C2o2wVB4Z`MmnWhQT>VZh8O|LJ0jPiPMJ-#nb$IT6dq|kzEQ@5T4Zm
z1xeujZ_eLfrvHJ7^j{mS%wK$eTRlBs{Uvr>D0P2u;g9Y6Cc<I!$L9aGvFP|vRla{d
zdGhFQz`|%Y{Fgx6we7cuw)^8xG_9Yo-Qq9VX;}O}oaO%jc}ZHoqqHXZCUB76v}Lv2
za?p+Qk?6;GBaP3Rip)ID{*8^?E(lEnT4!<+UL{+)3hPvK@B25}Hv&c$R0ZaBGU$V0
z=BifBj$Q0W--($kHw<BTU8YCiF^?~d@k!WNRTby_9x-Jr`_EFf*z&H%?s%Vb!xg7w
zna^x&6@(vUNK3f&VwLTDy%d+8Q|)-Ow*t!ae?3}+HPJSfdNogTgPOhxdpMeSuG?ik
zbEN3Nq!QB6=PNpD5St=Jw2JXlakf^6^g7*_{w{t~*udg>*cdD8z<%Gb*P~;Pf-$SQ
zwDt@c)ijUz07G37<cj1c7be|$wt>@(a>B`Z%Kof3IBJO?t!7DsW9~Xb13#*4w908q
zn2m3eSghp8+Y4C5(vUt8caj0ELA(5xRpihQ5AmsS@JW})WAOgF1ys!I-uBl6YSZl5
zK~97ITH$2?mt`Ol9vf`usIohtQ;)_ZX>u?Bl+(&>j;+(`oa_&uacfjkoKwz;HI>yI
z<EubP@g;%$4fzu4tBNut4+wTsN@Wmf`z%}b)HgMVv^le59y~(%%1}-vx~{%az)VpV
zxKtZB7^2Flial$f!j(hri01bWD2jX*>A0)$G%{2FVmzR21u!)ac;OoUK)LVC;I}En
z*i-(2yuNT56lx!=Tn|vT`t`&_2!;B>XYS!c&2wLQoWIN<F;GiMLRV)!C5Z;vjev3G
z;A?H|ASu2;p<Ta96Yd&XH}#2)L(ljEzXv8we4;uiu$Dd{nz>C;9>7ftq$6t+X%mj_
zxf_@EEHhol=9y4#v2oE`kJ+A$p^~II26`skKz^|TAn=}=Q+PS#Z$MQa=!wv>l=Z9R
zrhbW6@tm^~&k!=I|Jd|I12DlZua)=}*GPH>fvdJZ2t}z*%Yx0Ssq*CJ*=6dM*~H)m
zUbVG$LP@cNL39~NSgeBju+8Y$4eC82+TF57sR0w`fZ%k3r|`p|2wGu$5eEQ&50nR9
zVfGi?lS*D^NH<wZbRuxAzb2x*yfpKz^TljVM<<KZP*d=}*n$p{DJo_5x9}Kn>T!X{
z$*1<hp5p2;ca;P$Txn^qx|!=JQR;KHVrx<f^Sj9xm4}9vm(HpR;3&!j9+||i!VHGY
zPs(={_)W$IYA6!czHo8RIz(O@-X){WSn*^K#W0NO=41e1SS@Jk9DVwSN7y3Zt626s
z)uXG7@7|_k?>ri7N%IskN+Y32QwYy7ExioU`Y?b%6^QUfu5TNXy^V!i&gOb_+s&jH
z<1eDn4a|1BT+QwNRd%4jaHKL?^U>FdS!<n|0R3l#Ck0yq4D)7UFuQOs?S?x?m__&X
zN(mtzvaIrH4GnGKMk8Ji6-*FCy0M3mNB@{0z1>zMe-b?*V5F9xUGe0+KHXNxyW#&X
z-AN!%9_3d&VgKJ{4}b7~JzbS`_-$Pz^kqHI6$feCW%^Z$Aj=pezO-FOWggGh1wjG@
zn8nDg`D(EkRvY1I)j+4xmWYCg`e`#y!h%SpRw2g?E+OV2&IyE9*o>z9V+!9V`aO<t
z8@>cTGG*7?izHsN#D*YBl~w_}rUC-FW@$$LQE(LvX)Gzib6v{-OaWjAt|6sk{Frpo
zN@aG~O5qf-at`y(=0v5_LxVh$0^5;kX_pOxYa{*^LtQW1Tij>C@O^zJGMaAAy8$G2
z7_>vM`N!%nbv5E5O%n|nWbw+(W+NJ4c8yLoz7tA)5f)flERUn?X~5lO5m30c@76u;
zc@9~LzCPCpo&w&gHeN2=2sgK7w&~@5N(@3AUssB$_)yK(1vV|Y!}SJYx`mISlGNT7
z@K-4)3@Ms>d`@dQ^xkZ%Z$yQaWm#P&1r3{yLreGrrhKK*21^tM_+;OmW~T{fm7zPY
zf3^fi)revmy55WtX+AgO_4(i`FYs2hTb3)z;DIWT`0?t4l8T4)KqLedx$1iy`u~a~
zF4M;Mzf43#_?xL^{^Q=>I&-4!4IZP7!MYwJueXajx|RtFPmo<kd<njMV?2^S6I9^-
z6xy&yfst-~(jA^GMS69b;4vZ&f?EZByoq4$AraRfgjst_7|YLJYVj=%C7M={Tr)@7
zyA-zBsj5;_X;d!?xF~G&_rJG1)<RG#Z2I_UpEGNtG6*kH)S9_so*U3K!s4$u>#6lE
zu1<h~H1{k6my~&Zvj<)iT9uz-R|dM`xn;aq>U|p3mq=pAaw1FXzf<)AuMU}qP6IoB
z6bA%Ecdt3F3RGeyMs)O$tiyCd0jezivo^jC;kvUT4E~%Q?%<+a`}uno)b3itoDZ3<
zxJQ$a)<vZO6p8?0@ID<TdW+*-|2NTW!BUCpPzF7vh4d^nN|^BnmB6&vpxL4@Ql<N;
z>ENGvJP2Cw_fPLjzc!{Plvig(rY+i;m*QB;%g?;QyfUc|As1}(qp)94nncD-orKz@
z27h#$W<!dZT_%yLJY}TLB4EoNOz8h^s;!e~R3MKzo}z43gKV}w;e`~V#@hhAAcjFI
z#0i-SR$)NsLvjcs_dt0`eZ*4de*>Jx&RPP4g^X{!o=e$<(%tUoIOgPPfD`@IA7FA`
zv;{z2af<h_90S2|r0Cd4)N<vD!%+Bvo9S20PVhpkze!qFwha6B%QTx@6_AuBmxdCU
z#0KhkDU7+`Ol2C?>MA_T+Eu=+mI?owRsNC@)TKF2iBp+rfM-2lr`c0GX~$1Yw~8uq
z=u~!~$SGS|K84cvk%Hq$ZwBIK(_Po`yRGhJV;{PErDp_;-DvYFt!z<(KiGu?L)6O*
z!*rp9^moH*+s+>+yl+kTMAztZrSBcC#cwRAGIAWBlrt+5yTCCg%*>7Cz!Xy{gLmJ)
zRHQ~9*YIl1S;Lok_6ujr?xwq4u3$iK?wXZmRo(^UszS0W&J{s;O*UcKY7b$lbAbUa
z+O}E_7hgeFS!Y^wg3(p!<$WSKvoOdLb<D0Br^1=gNF;VhOnkybY6sO{7Z!=*1&j(R
zoj+u){30TEPL8Wb6|*@+xtr@8Wb5pd!EtSgqDlfZ1qvc<$mpfY9YfFhwew(u#OMk4
zNbZesgKX3w?BfLo)yHps$fV*~9Rq1aJ9Nsp;J_XT#;!~v*aaeAUY>37`s>m0;Jex0
zmYfN{<v{pH53<KTBeaBIk*TmOYT~0Xj1eGu2g<!RL|bDxl+ft2|2Wko)Xr~3W?0pn
zs@<(D^d*a;@YO83gUjbaM+9X+z&?dTFGYzGBk3Vr2>xgW>gF<r<rDL_RlbtXrg=-P
z-}H}`b<oE@_Gn@-Ne5N0!{Z!1-d{M%<P+&S9s}}&ZPPzpZ#N~XsvGRqenA+3dP&>P
z&4cVE)7-*q_~YCe@DcCNvQYyRsdG|8q@>BwA1*tDon+z#t6sNAE_0Rbs@N9}%BnqV
zuN|eA5v3d;oxp|Bi!BTgG7#kX5MZ}h9cDG+Dhycz^ReD$0Zxs_Irj7~R8r^3SGaPC
zrXhp5uIwsozcm$czob1LYcIk;(Mx??G~@3I+(OnHC;1S~b05&Dj?~QZYju0Sj*T3y
zr!=r^s$4(aY0eo4QlvAaU>OH%f#FGKgF236oKJ&XTQr;ejDxfj1wOj4eW<_CGQh1D
zWzu0V;V!@JZtZ_-+3?U%Mt`GMh>33R=#)Txo-XLEN6Waeg{Me4)npn91HdHMoE5a~
zrtLpK>!fk~0RxXWlsL^=oH*6_J<m{)E+vh0Iwhv5r&l5#LdLX9#;77Pghn~vl>M14
zC?$|D0fH!#JbxU2D;ydeSu;E}s%Bw-d|Dq}sIw}u-iexlvNwHzlUF~I)7awSAbF`G
z1q9N}dm~+Hev2YRbvH$fN}C;+-rH0gqDE)c)+N$J;_R-dX=p^?hTtK-IQ-LTKzg>!
zv4+w;Ft0l;<eb;O76`eXB;6Zt42&-`q){ZC;kR5(p)jaG(1^6s(C*RA*PzXs2cp~E
zl8O!N_y^MGT(ScNj8X(fgzfF5SIS3gqDHo+kS@x;R2LA`br6g!vTLBoP;FJB^_yv6
z7oGW2c5Z1hE4hk+<?e(*#Tuc;(K0n$LDiki4B}I!GHDu^&(bhue<<UOc6{rIaaozA
zjE;G8yN(zkl|Fy`HxtVC>bL4BA5_s9n|jLKVH+Bj#gd~8#*(pW@w!)ofa5dGEr&^p
zZSe1M7W>%2#&u){9hz)@r^HG^d;ST1^mjMQ1m1fFlJ;gE-kvQhS-FTDQ)>I#Y8S<`
zjG0mkt|c5)DPza@v@o?}pJu6ahu~fB+XzFIF?J}kL$3s35if)_1sr%u`DgRjRqM2#
zz|7*&X#~J${aHKbNAni=An|~Uqk+EMy~l3>B?`d(*46K%-=hk-dB=?AQtX+=X+#qK
znPL6^nc&I#UG=X-j^lfI#`_ZYO)~$awEaeX%Xy_&*v#aXf#9F?|GeVESGjM*bvMMU
z-q7#M5ltkRQ1bYEr00p%`;|W4bCSbQl+Z_f1($z+N%h^(&k=<|LccLw7pnn3LZUY-
z>u&?MbMJ{+{tXb7ZhrJd(f@?1VfAh^ckJNUmO~Bio43n1sVkF<oY->Rq7IHJZp&&f
zIfy<X9RR@71I)R|4n*sa3e8-f-(8HgSV&AYeo=|hoNCVvZX_F`IbpAA7nvxcMd&NM
zgYdwJ`>&jT-bvU@SZL$6q+8Y#(WS~QeB#<Gmv&(uQzfzzPjE=HSe5PXLz5KX{9OLF
zwikadw>1iM3GzWw0R-Em2r7@zfTWq!pF^WB`+uqvXwB!qBtO&L1aFi-i852Wl33aW
z@A*yaKa}jBhey$)p8=A`2zLKO?s9L~?OSdjzXp?Tt@9biy?{QNU-0)cHu(^1%KW3$
z?Ru**r4wJA^-6sC{cx?*-U)dnFTHn<6fG?c<=5#q9^*-+h62F>(w+;j+~4sUA1`Vd
zu-cC^fV>5n;-QRmWL%Dfqxo>Ml6nB&JY`Sd=W{m4XMNjZYayX~pa0^Oto+fxVqqE(
zD-h~m_d1aBNkqzA)u>j-)uOZTZ^wnTv7AH2++N83lQ{lFFdYDmL3@Sv+qG}nS6Njx
zyCZH;t{Gy|-BN$imF0|-cqBh4Ia>ge;|BpH-WpoOApE*kk3927>}U|CIm=sS<&o6X
zUj=$CPp$5(Y$%cI=^KTmc~|S~mU1{e@TPV9(`;XnL$3x&n2K9RPVs)St0$wrSp$@C
zR=Om<?JjMm?4UOe$h~E+s$S*g+^OaY-tW@yO(g>2%Dj+2)p(V6;|^1pkbH82!?B(B
znKE}ok%$WLWlWM!?MguPpO-Ef!RBTXE7skbovT)E6Y#{u8@o2X$CpbZZC5YsC0+*N
zuo}nq`~ZE+9$sNzSkkKVwEB(Y*3YKu;WD@Vi%m=CQr?`btbG5i(|*ffZSus`2dIn@
zEGfuWBcjoXBamkL`aZMJb-D5G>w;I|44D#QlxK<BDe<!`QGfglguYhChZ?Z|MlbO)
z1c$q`H!#pcQg6ZUBk3^N13d<@14C>5d*_4hb;uVoD-IPcJO<e?({DHv_92}&OxqJ3
z9v@|$_7U{pVFISk>w!Qin$5k*Z_IIc|L<s@=#Tfj5^MzC3*0SHmChq4LhZ|#!E>QS
z3s&5I6n=#&!=7r;Mj(pRa{}j9m=fD2Og4!RYCjWr*K}&-r|JLddT7@+l(+V$WdV1!
z#*Gb>G1JJ4(t+F{8N9|WMMa2&0V5IA_W{$_-pq|%g9xXsck<p(Y<0=L6do43<h52E
z<0ZEIo)S;>vCF443r;_E=w=+}m6o>p2ww&{?$~wfBZ2${hF%7kyy5-HS2Mn^T{pd#
zMqlhT(j*E7Th6|x*`9`$T)}xVg`45OJor6uc0@l^D46Hl$2$95dGBexc)a2E)9f*8
zotrPE=nQUJ)|lF9;eyeb)WFlPtu4NWXZM>W`8kca1vewT7mnNihZ4CO?L)>v$}R$r
z80D7i=7F+bEjpp7ohyk|#3Am=aB8E2Sv>c3DUA~BY%C#2vrjVxfQv<Pd|m5<5d3*%
zFZ2dc&V~=!j%*c5|Iy%aty6M*##4AA*suRUG&CPmo7-4}+g~vt&QQ5}U?37lLYE;^
zeiS1F^`jwtsqpPYdqpBVqV8h>X_B#ku90)42Wgi-BCo8hgN`pi28KnGKS*=p&}&ei
zr2%gKb^j)U`K6rtmlq+YlLrDl&!_ljNv?w9D}rxn>1$-7<WwS3PYurnbY#6@eic3O
z9V*EL6%A=RBR;EpJ3J3Zpv;ACJUF*`Z|94NMqR-#iSA-IgLhkWDU0W2;^m25;tk$r
zXp)eZ5z`BWMs~vNJZwK-Ug((3=`X~E&o6j0#x*&s)A%2BZ4+9yD~uM171`IO6_H`7
z+b;o<`$9w1?EA;!-{s^g6=wt}ry^B@<+|*__=#Lx`2XVVJ%gHxzkl7(AruJ^ItZbM
z-n&vl3oV3%jzZ{FI*O?D5_*RKg47V2^sb2XDpjf?O=&6!C|G_s|1)<^nYm@|%$fT-
zd9(NI`IfcT^L)gjX~y5~IIq6w{@bz{ggpbF*G<*Wn@0Yr?pFHVj4hG)4*>b~XsKOD
z^T~U0`iKk>S~;)cCq}z9@j1ELgTikVKY*E_Iz`<yKeu%V<y^<H&J+HNc>@}$D^KUv
z3xbyGPxRDuq#Wy~I8HJu-{7wm8IA(fFlJxc($bc9kiZI3%3JiYeJz>IVnzye&7H3v
zuyC`oJSeO)I!cpbvnUTK{gYkQYRlf6mF`QwB#YL5wPgv6;)e5&YmjRhoO*!YH`%4n
zInsFis16Lk{;hDsSJLgcxw(+?xsW&+a<Rjrhkw&NomaZhQU=|=pyJ3YCA2kx36i3!
zL1p_d9vj@->tJspgw;358w;BL6=R=xJh>o^gU(8>pN{AQV!Vb$ad?&qup;@6c`l4B
z^QNvhXPtq@7JV3z7v45oPv-9bCawh6N+CBssACAJ@GJ|E+jIP#B|=<b^JEzKDCRDy
zIKG5;pX-hemCzpE{;VH$bf<l-+@BhCskDKC@k1QQRK#f{a!#s#kAp*jkKEHXx**Ag
zk2+-v4aJf&$)3^BTlM+GyTBQ<`W!=tdePr5t=yl;r5cMwP3RR+!8{pvAf5Z9!KMfq
z>KG?vaWLhx@@wN|NztaG4QlFRfi>2N_Y#3CVHG2=ahG1#W(&yeBKls;gC@Z0&~5(M
z{c-EUp5+nC_5d^7EKSm~ab&@pFnP6)_?BMiXJo^PjU#i!o}go!HWsK4@o?wQLo=(%
zSFjaw)i07V{H9!cqUKJ?WqtuPTdQNm8q0a@FO3#PTj+nC>^A1M;46g`PDJOCQoiXD
z2sANpNxF4&ncDiQIws@6$AkA7PGO4sXVL${j{Y?xE5tN&8zK(Hz-$Cj(-jH%ug_aQ
zK}u8+4}lVOgC*F)20j;&*D)~y!}7IK3oSp0y9lel&^&ibW_-JvcaQQ80j`9>a4Vm!
z!ujsr9GvE@VR@bgeRh0x*EBG%zT%qt2iSs?rD?LrYVZC<Ka=ps;4#^-vpkuaSL^u*
zp9122poVY{amw;R&co(GOIVxF9t`Ads1Xonad^NK9;ye45*D&CSWuQu-E)#PA?fzB
zQzQu-@UH3HeD3|^Yy*qF+=X6{_=?xEAOr+ipiutT%r!2eB!eHK!#2w;Y2reA{>>~;
z-K#b5Mps-v%-83%75lQjScl{Um&6!_EIKM^6OTK6g@dH!xpXcJA0Ql!`=`>N88~fb
z(pv9w+5W5SW2xQ=9s7GG-owel6SZMoN=dby;Z1_J6IIK4T;1B4ZH8G?dOFD}HTYaO
zCK+ae0ImI|_m)gwBks$POR3|Ks5=F^6LzQ;)qw4m&PqH&j)nu1Xr2uTrlILEp%Ckm
zNxxowACVh+Q*c+W&~Z{iBGA9WQFL_#I;=OOPfYA7q(jKC?C?P>=&v@Z_U2BZbv(K?
zgY!GAL2bYj7n>S_s;o)Nyf&mtmm5w&ELduR7y<M@SIPD!+WUtBy!6w49YB=)B{42M
zJvD9?@2J}0J9>7(NVm#5P*SOXvX#a8KBP*P2yw9P2ljOG#0IX0&FVOEO-@)S@Galu
zYPRMzp3|@EOp@$FINCBZ0wHVi(b@tHN#KPl>FB$$w}>+3{{YNea$EbqTg=p!E#lix
zew2DYD-HWMV|A+9e-%0Jy)+|*@!PQf{hoGCtH{%J<b9|u5;9I)_A?py3Tfh$>4%kg
zRh?wpKes&X`4V~`8470oemNjln8;Bu!5$y5J;zn%#Q!K6U{J>N^}mMw(>FdxxQL`p
z!gJ6z?-%bYm!#83SPW~HD_qqRG^-TM;2o~2b?ZkPd8PG1PY+(oCTa<}%mxqxS3jL$
z1a=ph64%G=iFRMpJ_imvx;XGo*yl%B{kJAK0=}vpJ_uVpFA4rfGQyIiBi_<wQck(L
z58~<D<pA~13$C!#rrz2ABD98HBA%&3_S<C@7c#W{fFX)a()JRToz}t`syv*4y#SY{
za8d+W7h0g4{34F(lqw^AYt_IpB#Rn+q3JV4`k`b~;;5RM?`hBEt&-;M2#sekVj1Uu
zqDwtQPz^ICFdMgR8;#s33pD0~M6_9(0HLs^yeg1>VmwBO=N01msY%{MNB`)GYGc^>
z?!j_;g@EhMG0_;Sk?{8a9y<76e!1g+H>Lj1+h^`i<PUa#^}e1~zH%x&Hc0tjnq1Xi
zYF8t&t_N=4^vE5SxrO~BKKqGAkH?|-*lt-rkrG@zAd(6HSDeHDhG<U@LH({}W3!j`
z`L#^{!ZX(k=X(yo?Mc>lI>NDFo>qmR^f-oK;n2YWrM~DD{@&^xbp@Q=9I2ydSM|g8
z$)4BiCo=L`=Q;lOyU@LQxwb;{rokm#K*$KwA9K=VIwwXDBjeU_{s2SMR;`%g#xk1A
zck@M6HGhgmcE(bKD-(aJWNJBH`%ti;0vYAYb-DvlY!t?aVZ3}Ij^QHP2elZzHLxBn
zrj083m>?X4%CZ<LpJph}kTI#+glRoJfG4QPzbQ=+-N%L1ABA!mU>?wyeyrr3@M3A0
zc)sB)f_tDTmE%5Hb(Tf9KNm)h6(?YBzZg#h9Nq#kdEUJGI#*2>${KI`YRirN4^8}Y
zy|=|=d3*K)8ZR~^TzN{hEchJd63Z=f<7MgJMo}ktt>4u;Dd4jlJCuw8Zs$56Gxt61
zaaRhJyDOrMUxc&2T8oFIBXeWONuzRAekCS6@yU~#7-_I~D)-Hspngf2WQ)=qFqrHx
z?JeucavVx$s1I3Gp$190@xzF*i<?^B<%jV6VDyrkwLY%as&*3kDZLi9A}p1sk9cYJ
z6|yrNlK!RcwMoWeL~xDXwJ?(Ln=%Pm64uEtw(=rDQ*`~sJiIMDhO7^<v+z;lQTWE0
zXb{Ep*@ubr59AbKBxJW3H(}4zCU~lms5Z)0Gx>yO#fatAyTKY&vi7~E2stY8_GQDv
z5*E_rFcpU19zPA17r}(%x~iYe@tH#xe+@p;I@ok~Z<`tY%zN)Jvf58oLj_>4KO>Pz
zI%Gc>pP6jo>-gUs4<fwmy*3!tv?WBY0Wj0zdHr*4jTr(XU*I=HTmuoSWKube-d2P}
z0iVnFh(e;yVTwx3Rjb!~NOIaj;6SgQg+Y{KKJ~CxhN}F_Z$;8V0tuimms-78QFQ>*
zqkr5dNw3`zIV(&-laHj5jl%2ZCVmrz7N8hB64XQvX~Ot(RF`%%*L0rWM?lp`#PKre
zp)@B@)*gnhxsTc8Yds%1`M)GYGrR-y-zN1gG||E1qI9W~wa9~pzZr#G|0u{P9Rz0F
zHtBpRapKs-p#D237mwG|`m;!y8Kq@XLB8#hlfhg<ug8I&FPKdOTg-+UH@&!x@UiYf
z=Ib(z)iHxT3?=2DdZpRMQ(XdryVob!nF-G2!6tICjAaD*DE%N*@vq%-#E98#G^zgZ
zk<J#pb+!ktZ~v+#=#={FpXBv6W@>rLDL^|DOBK<HF2fzB6f&%*tHpIpJNE9Ivnif_
zx&e3QTB?Taum~B%_ECRAS!$!H`7EVS*x=|m@*zr|e<2YD9tmBKNkoseUbQHhPTATl
z)lC0#VGe4x7}A=aEJ;lwL{X|z<D7y4K_rZm2gW6x5eKR_I;VAZUi5zP8ExydAHSUJ
zWj&Ku+(%~yRVCZv&^^;GG32&FBTl-5$teM=@fT4cKoZBFr{;@&`-EM`Mr$0*3^;c>
z+3-&R`}3uvyirUIib>X1_|;(39u=i1jqW_{t1`rI1)_>@>|M$GT4%@hbA?}V*VQ?C
z6)+WW))LxHjk?CNZiJC3Gm1DYuMzyiVZm&+H@Y?mp~&WCD{jdo+V}LI()!uX*LzAV
zHx7HuL2lDxAq%9L=+$y$6o8WDwn~u0DC)}GlItBoaqr`1L2~a0*A%*#MQB@TAZ4oM
z`-WBgwQim(OF*B_Nhk{iJiD5Inv%?q=eGBfxW!R~-Hz3k@O=B_46Y{qC8rwFh`sBJ
zk~gk-@&%o<o`^U14iyQ?_QoL&M&F@QANEA4K<&I^skv@?pW^Ib@7n`MTB`99roCL;
zY-*cJ<{pzTZg|I8#h29O!LOFZK1JC@;CFLlZCy(j^zo2!_H<Psygur#Ks5xnhd8id
zL78b<fFBi_P6dv-eCC)ce6xB_QQVTxI}pkGSStl6(4%+%t?45%bV;_hel&D@M3y87
zQXE7OeVDnk9d7a=iOR~0Cm;E_nx!vp$H_=+{URi1DEeWvwQZ}nDB!lwg3K>Bc?A9m
zj>e(h;A4q(`3s!Fxdi2pgJe^8Y-W^1Qb@jeKi><(GC^`P-Du+;gSU#EryK45Ir>S$
zSnABWDx4c>W*lG@h`0p+09FBV?^4WJt%6LQl04oUK0LPP^hpS=eFjNtz>aIZa!iJE
z{{ctfAZyH#wgX@mv3}!EhirjTnMd}yRe2>}3~Le}g40O<iv=fHy$#e{GTq^gBIaKN
zYy@zZj(R1VP^ZKkE7qCz__i$AihdR`)nSKY*qLOaq7sv+Z*9y9xOcY5pZwcJxZFEJ
zk&Bng`!?iU|4#m>l7+K5nJ!*Eqw;BbS1KDi{z#x(qL9={2*hxhr>{BeGI~Cwg&{^#
zjF<cY($K(e^>i`tk3Hjg>pMALdh#Y@frFFf=?hCYQJFw$14D3Hojl}CjGGuUg`?nW
zg(yHgKsA@_;ghiI(yHJd;~~_Z?7;opcCYh@*c$ML>AD?1E|)`Ct2B9VN|}QT&>r?i
zjKT`CO)I$BACZ#C+wxZ~H&W4mCVLUvw*=f=U1MkB3}sA@ZJkKXZLn9g<-^3x-qe$h
zSRfpAe0w+H8nE9{nXjYjuF&>|2W64sadsKPe~Z_A_?uEn&=0plOxE<=M#dX}APgV*
z)|0`9xpy2B4y$BvrnkwDe2j$FO<xuTuY}6v9<{+WZQ@A*_)9d}!a@vA0btHx{7&C0
zz*bTki7}~a^L*5C=kP&t>*5!bu5M>Rr_@E{3#nymQ=GDQqJ{PsL4rP7mwh6a46j9m
zmBM$2gIDSOmeaIytE~y1DCdu+gKM`Z#Ub-k!-nU=dTk&mKrb6)qz6U}3WFG>L1(L4
z8$284(1?WjVtZpMU}|vs)x?zYSN2}-E;2^5oP^J&sA0q4+=nH~VsTUfJZ<btei93X
zr>2XBst5iR$MoAm(0O_R9owG1<1V`NEcIQvXlAhm-@RI*#<gzFnJlVA$F-{EY#io=
zj|*LY_083p<)`@(C3Mnar%8%~w@p&Pqy81eh{{Et(>=*&DWW|4PBPRb{gyH;zim!%
z`*nefVaZCeFC~5Ql+hI`nCsXKF%>gI1Vs{*bOZtvTG>=K*>+}tP;6u#%Hu?87XO)o
zU+|3KgrXrh94C6uB0Bj_OWpJgDjsHhm3<dNx%={A`oA@L=nJ@rLe4K<V#u_tm7)5=
z$Z=5_!^s^g1`RdWo2{;mg^z)wzSlOh8M3~!j~Ac6E9hHZk*`JtRJ*%-!v#V5brQIi
zBqcTqqoW0HwjK#I!)BEnj1-IMAuAeAn2nqCwaP+lpBi)z8;rL_hKmodfQlll{_EK!
zUdkT*L?Hgm3abc>6A@j5K+x2L(lT(Q+AeQ^v+Jno1?ZG8c+{})D(>V$jgHemg$-LX
zsW$~HkdIYiVlgP^&N*cGCrnmQK)P_ezS!{Gsn92{2pUvdmYznv8fL-+q5tqIB-Ryd
zJF$5ir``l)k2kCljnJ6s;@|Q?KZHiwzNk-qTq)oG@Xy4hS<P{8P-Wg+&#=LQts8yk
zZz{<s;`$+Axd?^YJ<QMj!>b3ckf32T+(%jH#A2dIjHXAKzj6VhdxA&+JU{8r<sB7s
zN(gRY^xjKYKLK=#)IyKA&tesqs`sZ#^!m$8fn0cnR)|?ER?tZqkpMt_0O$e|rTCkc
zxIS#OIY_sDm)<JXQWF4ix54I3;9NCM=ukaflCEEa+oW6(6ysKQ;x#AUIjC0co<I&4
z%X%qk!L8nqUw;g><eKtOQzcq;nJ;>uQ-}h5NjmSzvaGanImEJ$I^c;|_W#-KAYL8D
z3(MMIw+{ARAJfU%|IgizIZEXDGm|HKVXahoQ|G78I^=CfWlMG{*+)t8zx;RV*zGlx
zQ}arshL~mB@^8DyVTInd*Go6ts#$49$g72hue~bMob(pll0Yt_<nc~M3IoUuldGfY
zTJ299e9Ac~<t6yU%Err$HtdGjAgObaubVMz)%KC}Fm*)Q(+RyG281dx{RhBJtE2^1
zrKp8HxlME#qo|%;7zo*V&+x)eUX>YWW`{~G2P+1I@IS|ouu;HR<)|WQXpsb(Bz8-%
z);~Tje?E@L37^`M&mNFZsV>m}d1i1>pwFiBvAkDvqrOGk(bkpJa~)0?c{8VGmN=7P
zZp6I|Fnl*8?Dlq)YN8C|{HKm)lM^<uXrPjOqm<s3A|FR=?uJUhDvY}#wz7s=il9Sz
zB#cXtRVmJ-0&N)CnyJmBRbC;_Qm0G8vgZ%pIN4lrFe?%`jZ|yvtoKmvZ}fT0E^tl2
zs46ry4YyWF54TD(U=Wk^m+vv`kSBMcZrJ92sf|_BJx#rbs+7kdrK1?*+&V(ENhmX7
zSZslhW)dpWqgxc7&Ja26VNkLVSmgTerGV?A@slzm5za0gK@mNbzXJWSm#a1L;yw9_
zYYVPh#6q*18%E~52MC~Vy)-Tgb*a@_y)T@_J*lr4(Sjr)WjPYGECiB5__zwgHeq4E
zA2BdM8*&$yOm^8Pvt?5!g%vMz%{>j%fQo^7$n13J(M)VPdGTFTdcOZSa`%u2#;$H%
zAhSwMWP=BF=2P-Kb-jEPBi(7h>sI3(jeWL_N@-r!nFFuOTXTF|<P#4fw$O`Ef}A{R
z5|u8>ZV+?C9;Kc{4M=)~-@-R^QYnV|ak_Cab38P2dMEy}mE-(C;}O_Grx$i=LF}R@
zU#ZgJN#d$`;@%W&OR5gUKQt_*Nu6~Gweo+g1qp5H(?c5lX>`lWQ#&_*r7&XK>r>k6
z6Y^IPs9Q+W1Ei9LlfBK~$HT80ny(q&1md-8?^-2Fa49WnL#$3ez~Rtjq~G{3Q&qN6
zuXn{%;fE-w5V4sX%WrGCoh9YP)g&)mw!E>AY-DWzR|2DNopFM{CIjDgW258cfziEo
zm@`>QG=)^9#B%*qO*^}jY&tGKW^u|`o&L1N@|iLFTC&$#@7@pzgqBHmFF4R<sOXK%
zHyXSdF=&i@?7vbH8TQ90)KDIc`ctXyq4<b0*NS^y;EO}avN!hoIq_CD3xC0OYHCuf
zqTnvr7V^wjJqd5#Oy9K{l$DZGA=K-m;NY&1KVW?KeX<`%dQxSLp|vE)=G<C9u^<FD
z!xR*1HySH{iPf^s!0wYUrSCZ8<SiFhyIAn~C~YZuP7Zh%+fnk`HhfnN3n%yQi{Wv9
zLK@@6qclm)UN4Hd(ZC`$b^fsYhUy0?O1SgroGP#xm%!vM_Sgs4^K<+ha?G6Sdx9#Z
zUL^LnlTU47TMeZM5TMw2at0q?66LcHu6A&lgDCAs0YZCl@~6yfH!#(s^WudbTizEO
z17bxL`reW8Jkw9orru({%AI(yY{0}uj+E)#gKK)rT-rB$d!Ib4R%lxFF?HDk3r2QN
zwAt3rJAjxPL@O|ON^d-eyf9Y;gw#pty3#!;C8biLG*Fj)`ZKzT4eol%VZ(-~Nh)pW
zjLGr-s)^<<tdAaM(F<zQsS!H-lVD`}^IG=-i%ZFu*boI@w>v-TQKqUn$*~<qnr3E?
zl%b=tE-YWQr-r%?Lwk*sjC2d(w8GA!lz$$vlVR9(g#6$2!aqD*u2m9AdTlVVy~h$C
z2`i%A$+aWPi{~x&Z<fm)uw-7?d_@F{THA`zhN*i!rd%B9-fW(|TM-{AbQ%l=ue`Qe
z)dnEw%2Eyj->XqHL`@97=?Io*`78Az9ht!|JgELGB)lE{0Kr{n_55j$v3bFXtf3NI
zb=}ljA~L1Q5a-V#T2YyP661}}VquPAAKOO$BL8kVGh05F=ILuQDfp^>bogGicYW&z
zr8Yaw?6;CjGWjYAs?oiUkj$YMxe$gWVpw}M>{W7abl3CS?F?D7I&hnHdy4)L4UDB(
z!86{&q(_=sGBt-X0Y!AJBHK>T<Y=rjeH1KGPDK^j&N2S(tYkxdeVPlmB~4e1)V7jf
z`PFetgz>tv9g!1(lcsP#4q1W58SaEcSxQgp1|llBJ~XLar1%NEJZdViPWA=%I6g<J
z=?#7NX{Q|La2s!7^LNWe0m;|otBA=2RD+eTY*%M2Z}D<)oGGSyBmm8)5LrJo88V)E
zrZkmFIjCmRk3ETf(zWp<R&y;YFx4HCK-f63i<d^f@cN<Zsn%ZUnS5Q4Q#yU9Y9W}9
zO0$mvhNoktm}IZ<Nz{e^6<oDn$tDR?)-@Z&1PoM`!Pj@jJIJ{fL{8;cR*R{PN#5HT
zm3Q-}R^G`B*(kO0XExPBjWV;uU|1N)vN%1~vm@4M?Qy+cvEE0@5sURgUiy~1kmBqv
zSc>R!puDR|%wPHFSPWj9v}|#+oa`xS<OdB%&zagSj-oG3<wptC?{}oaW;7bCoqQP^
zt9R#adj$%9+a1Rx*APUUHsdZB)C&o>U5JN~sPkKSUG4PxA|@$yp#nnAo=1LayLWt2
zSP!0h{2d-_oy^%mLbjdcVk{rBJd7TOlig#mUF)y<3`H#k7HP&>OLrvM9gCSNB_WUf
zixngkbdCA*GVD{_9C;=_q##R@@>p0we`kd^s{x|tBy*Am?JBnWUN5D@#xinVPS3vI
zw=eo7wpTmvim(zhAzvdB%n_6q%KVeg0G>(aH)eSpUshX+mVaBGAPQ6(l@`}sj3sgU
zs>72Luk+bgd<!coyh6ba_=Z5$B@|ExEdOA52ZE5=MZUgDe~BzL4|kNNQ3_G}t<JM`
zUlJ@N!013InNZ||I6WkI@evY8<b;@_m1GJxwYkKM5kZEVErsgoi_8)YD~iv(Hgplk
zN~2)5e99jcmF=7A+Sp`Oc>!fH?boU-)Gpv)ZcTxJRk?@)Ld1*5-R81Mi{3+M@5`*^
zM@z-UE-|m~>Sib=O}Fe6ew$Vj?Y`C3oxqd2Q2!qQnWnd5gNt~cy8V=3H9>QUbbh#r
zc(d)D<Tkmr_|>l@JjNe+a?gzJ`JgcU0%(6nNRp{eD1#$?KD7NbB-_}!BRz;$O-StX
z{P=S<$q5ny%_Og851OH3%vKkVq%NuE*R8uOr(pKjMR&C9KA|7*ewr~gdTo|4@#FpU
ziHx+?V5NJ^wjE*hNXe0`qy{#k+QmRcMq)xqGW8wVsBs~nimaJRoemAQ$yum3rH{i#
zRy2J3(DvwEdeHSY)?~?6u2b(NhaQ6nA0XON<!pbO%b!=>zhROc_u#=|@)sIt>8nQ#
zy5;v&L%E^2?V3r*ODQebFw3+h2xg}Km24Q!AMYVzFe{(c=px3}=)GvFl%o&X$Eb@y
z6~9fAnsE0B=$HHoFEG%P&m(YmN!vO@9_M~2h&sJ&J-Vc<b$Niy&yA>Ri$exUR_@%p
z%Q`L^2=P&ocg+=dO~sUu=*7kHQm#G$t@mU{#(jqDr%w5BuDqF9-!kjy^<0~xec^q1
zHNz!QpO}2jt9ds2f_C}|nT9p44<yIPy#Mk>|7s=l&V*P)n5I}+RVNlMEY!agiADb1
zo5MBihX6$kDiB&5U9z1A&&Vi$GZ?pJUuBh~v2pwe+V4|3>I>`jERUwEAc#7N8R{hL
zID@_e0QAE_$;?eR&hl3IeJ>RG7AV04bBEX2aZleccOmG+2vOaz(!InT4U-HRnPe?x
zX0`}?R~^&3-PAvM_U_{iqek&1+OSmfHkz3`8IFHajOhb!Fj<S99(-F?M@58*l0DKS
zuD~5i;^w=};kHbh*4y`@Z9N%vkDmsQJzuPnNC7)4s#I)RtLfl;1fLlKg~&oRc?Mzh
zoo}Bq*oaK(2PsIn-5GnB-8>IDZ9JYd?u|U+Af$1z5AWQ%r|e(xro~JH2|YmRK47Zh
zgWP8(uYP`NT~iNC%SSb2VDjKhGIT|AA9xA6CCOBbybvM7-JVYA%ALEy)`~eOGZ*ok
zm9ET{$pJrVis$^!=yjg~{$c82kk(}GC_pso2jezZ;VXfwe<ss4eJ12)<$cZB&tsM!
z){AqdroNkINzcg&-NIT{jaz~&T393J!K`4oklHJ985RR!rJ(!@?(7x+{|@NLkyJPC
zmcsHXpOd(*>ko}h){2Vo7RPfpoeFf3o~_aqD)J9MqE3>!59<Tqo{XJ^{+CpmSk`vi
zP5FQ9ZMgjZ+}n^`x_C8K*VU-&|8<dRw2{8vwASoh<`~k{BNaE=R0!H`BG;2=PmYda
zWKMn*#SQoersu#l+BtY`@`(Kqqjj`e_6)|b>HzCFn4Up157lME4@px9<M5(k@=?-4
zviVIlkpH_-LI1Z%1#r}~kxHqvG00wMuhqCD3e(0M8nHQSf(#~)=R*u?t8l#)6vqvY
zZukb?Z$h4YtH9k2W$7qPQl_rxe=yBzNIpe+uv6h-h=M}O5aj(oCuY(Do<bkWmnw2=
zSD&-mHx;0q50!EIuSPduwfvB^Wqa%`@g^46CBxk0H=(`Q!Y?&h<a)2c02mX`PvKJn
z+h1_Ym1U>=qS(VbjObA@HTU<?tXM6uIhMibC6H2@*}v!)kqL*%{nM<iEE+rFZj3d0
z5RiH?f@`V;hsnaJ5NTN<R$pRn<uc<#*i3bjqC`5kU2@-yiG)hu7w2^07XS&}f1dk<
z=Qal)wSn-a-r(IV>I){5DT$&-m(!&F7-Y1;Q=K~;Ags}jagLvpyJN*=hN%>%7qM_2
z@fsG%XpJ436Pyx`y^?)A&S+Tw(g<^A{!S$c7`I97m&!$*@V4@&-~+IpQ1%i|Z*#og
zqBk2&8i3IyG4#(Y=<i<BB8$oxjZBoTxb5Hlqdm<p&u_0cx7caMU{1DCy#Y(loTK;q
ztuQ@S(}2QPP(`9B8rdYs2)gJZ0lZ#3L9TdKj+<E2LR0cw1nJztt`!HO0BTXvnW4io
zo?)`!=q}N(2>Q5?bh$>j1{lcNz8<>pT7)w_dnv)O0?$2nYft}MuQ$m6<6c7_NIG$y
z^!D|ebGMJ?u9Dfgt39;S;Q^(#0<<fCm(qGY4x9jopsDPFdD8U3-ZH7*iQ}viZrPP}
zcAs>yj}5E#)kg_$q~(^Y{u1Qqp;bZC+SZl^Vhs8dtq2oJ{^GmLDwa{~a7r?+q+1g2
zBs#Cd{+5%f4h#)G$1(ZE$j>ncJxx*PtKwT%sJ~Pdp1;3Y(dx!fC>3G}S{oXn7d~4j
zt=4VrZ8jvr{yO}^#<P<x{#k1}!lxFdWNNax&|-GDFry)shUTyYXhAa7+6Bzk+->ws
zGVi?$7aJ3)qtZL-S2NA%831Q28)ID#Zy|~S=kz~j&>`;WW?1|l(A&(Epy*u@EQ#vT
zJ8JmT-k{AMeZS4UqK!%eJ9WM%=^!7>iFLw6lN%PYnB1YLS%x$+huWxx$~h``5%aAE
zQkQ&`G}&Ixp<QW2Q#t@cF8Biz;HNvp{5U{ixf6r!`@kpVP-ItJU7e13)!Js?<PVNZ
zdqGf!kR3?3+r8+Gwl!W$FJLbOTa=287n|nqe0aQ7jc0C7H=q;#w3Fv7AjYN)*^-mZ
z_Z%FwHddBpk&8kCq6fhccU4U}5-h2z!}yP1gC(D*gUOb%yI1_bwQt?9in2!daSvIj
zJp7Q1@Hb+pgP=@e{OfZ$z-tWVWG8r%BnuV52XUmbZ5L;)V&&xXi=oKNFM00X<ulP{
zLR6Z6!=8lGl)EjsR|*0KyJF%*Gm`1F)*yW*^IO`pvo?GU9YJq&1YB7cP8P)zvr>Y|
z9h4zZv8kdY!NWp$or#cGl7-BJOKH!^UPgJOyrQ@Xam$YjvAZ1eD^AUBx?L(K3w6pK
z(;949BF)`Gh{0;fl2y1csiE&j`6nI56s+^D?wTCWvP9oE7Y9GVv|l<-Rm{9q@pmgU
z%03oOiLG7mKC>EDmd`CELb)!?Zt}~FgaDd(sYO=9qZuB1p3{fPMTXxsd@$-yacL}v
z+#^uepw(<47;KPBRhs9T#B_o3^p>4u<hgL&+MjNFwl{ZU0kO_G3SC;<;Q@^I`)+*=
zJib)>D`Ot``BUdp^K~ggKRI0$_}-kdxO3Rwl!za~cvd6uYT;g_9+o)NT&A_h#IENU
zH>4$U$8D<!Jhe+wa-HtrPE@JDjT?=g#z%k-itc8lz%j~=9~jj?A<o1ycPva7PNv7>
z_yBdSIsjc77+LH8YjT`r{;8tA7ZsKI{g~Eu=8{;uNow6Tlc}~8gDB{yH>?(SG)w|S
z4EytBu>oRqLOdPp$)1N_@+~vJjvvOQglu&<l-UuWEOfewH$<<~e*jJQX2mo(Y$rOf
z0{1ogYke@YN<HKQUNG2Pl{L<mZCw2D1cd|FEuvo0+~@}s-soREVcZj#8sErutq!8@
z2+++A(!<%@FY=3h$NFT6ne<zC&^J<bz^&UnG2tB5K*p|TKct@BNWTB6KPywbXteiO
zxNU{2v6p9j>`<QFrnBYc0S09&y=g65+E5v<Hx&Q%Fp8SgRqBYEIrw3?nFoueZ~SsX
z0mN%MsD5HesALGsbQG?@E0LM3?YeAI&(+60f~dBPO2T?vXplviL2cyT<)l~QLeod?
z71JY@W>jAeDc3@OnlWp}4O8$h7e2s{b%%(EEkgE;C^%wjq46Z7(T}1Ef=+nyt7+wx
z337Wc->z#^V|>3~!EZF#y_o49hx}4B$CX<OqTpz%hAshyoq&(gQXN|sE$bJi^p^2>
z{W!w(a+oYb4a&4TBv%$C9U<<*{)CAgu6YZzN>1BdD8i@6OL0{=bd*+f4BT`r(N*;T
z-i_4Zo35|YjW%of#pc8u{fL_FSvS{dUaD1CXrxPjTTZp8WuNX$BV(Sd*ki%?pu(F-
zM2B%pM5REdH{B)=DgIEFtONEHzL{uK!<VpqPme5VkD(fFSsAixCK<4@Xt>1RWYLU%
z{zNo9xn>UE`Xuxo)P-h2Y)LGlRwa=q&V>Kay?@{;b)8_pSX{z{ZWE?ubvhT#OR5og
z$<D?cas~QMoMyk?&RQN2OH59AUa)jj%sw&mC;xJK(KYi)=f(w#>>%N^`-x}9B!_#x
zN}jnDCB-`BA6%F{b4REW2Gk>J>ejw7-a1*4y0?JUV2*KvZ3?0;1fm+JfsBSP3#m2Y
z-kdCPr5s(gTl1{?4d;aY7^kN(PwQ4s&B_QM{IPOWS$ZmLK>`N4>G^dFCtvZz`mQu{
z{s&Nn3-pVtarnmAV*c3@?K-kq>`J``VKf6uE+K08Zw<qBefeAf38t@Jy;XXphu|_E
z6c@g3o#U26x(V)qw5m6;HH*#`NcKS|W-3N$o<C2COz6fi?m9h?*1x>xed7Fi!MLYt
z&CfW_mnm7j{l4Lf|BP5HA5dFW#5NHq5!;{f!qCw(L{wp>T1}uWjNg?l&R=iO(z|Y5
zu>1tgMoOJoaW}y9rAO3zoROqn#q(WCd;W#ve0En5)u_4ObqsfJjAMWJZs*!LcFFYa
z^I~KNRYbGlG=vtIbt?GIc7g;<Ap}E;#l3l>Q<$)+$xN(lGj2$Nizltj`V-Z!Y}z(z
zPh}HwmJI9IyjSw<mgySj_u8{uZ_<7>R7K1n1r0Mt9p(87b7Pl8NepVIgcJx;=mOX6
zWvYVW$m$A9^MZ$cpRd?bqS34sFBovb2&9otpeSjT7>f8&5ap!?!Am|%`i1WrIFmKD
zc9YgOgU<aI+;vKWtFp)s$OjL^U_$_PKq1+)PL92-rJE|nNu45vFD|**X!!6~?X^X{
zY*U8bq(mW;fE_0}eb6SLoRqg<9f-$oulXLF8IGI;X5f28&@aWG_JluXp8W3c+0o`6
zw9=jOEZ~y>hqgFr$q@^I2Ve-)rRkCe$iT#%Tc$kwvlSb)U#3FW>#1n$T7(1%O`AH6
zlHA!b1|A^wxNE{G6FyKyw1_NFg<<#IOvhbQ-j%5!4}56eHp5G02?BCvdU`VHgq$Mk
z5BbI~zgO3P?^_aALR3MQTC5$sz3#@fNTV&NMYe}ViDLM#EU%W(M!_WMZ7F$cmD$L#
z-e#K&{Kz##cCRmg`$ZlZ+*mEkfqcWC#{(*gFL;(oK1A|5;mxP)>$J+|)^CJM^#-(*
z>ab?adWY@&j0&b<!^`re-jI;E3n-|p#*NNGEmBJhV1AyE<JQ06g_)L8rZ(iyvM!${
zew{ua(BChZkJwd<hc(Co&**xyYbfj@t3JpU)%$q`iajl^c;AluEK?d}+pkfz=myDg
zT642k4j$L`sOy%c&Z$auh6vwoB8`qy;_!no)m6KQXM~EFRr=DPsvazlwx#rlD^#-P
zX{9eY4D(NBSuh7PCxcA}5%j|>d_+s$vt3j8V!;(7zUB4G=4?_EA_a~n>jS~YAaCZ$
zf-mTB@ydx6f-($4WY`z_wz8SvzgjQs?e0E9_i34Qq^RaZ_D5z*F?(a8lJYDWhsYTL
zAV#H+e4o!d@F=e0T3@f9*gwbl<faCOqec~9PAAK$Gf_}?5Fa}LMjrO@0Ua7B_a@av
zFgi>2u6xq$nTcmB?5>^vv%CH|UG?6-!r$YkuD8Ss_SgRd@OE!Ybx|GBmrW&;{2z+?
zN#2IVj@Cu|ySY#GAt@9P>f}3q%#!Zm?4i}zKv@SBsKr-!3kblUB?5^O>rEhIuS=H3
z{ZGv%ixt)4Wfw%qD;?7B`?(UQFW6~RkS*RJr8Qw0R$#i8MY$0fAPs=jUGyQt?{8(y
z;Y}<D{{c`f?KeyRHy-E55;niZ<XDn(-?G`#VGtGn+2&kH#Ppu@hk5ec9jq^!FJw@a
zE%b@(ci!7lkB|$GcQ|*_zJmHS-5D2*H4E*OM*r&0Rk<g^l2x&CLhiWor^zD|D7j)j
z052sEJ|eNv`j=@yZqw*J9=_aATnEz-KYIu|9-Z^y+eb<`Y&@y`QENR`EOdd{cLVDK
z>~k+BYx4K#sIi9A(BF45ED-T^dWQL8s>*K<_P_X`V1LqPAv;)#Y<?Xb2j}v8p2%f5
zVj=1HoMXDd{sOlmn|hA>A47XVml>@CAM~Fx&4AP?*N!#Kku!Xjgf2D&RgV83#CP*w
z^C<VETyhmEA>Bff;h-_ocQe{?Ehzr#GV6pg?RHZ;$cN5=o~n<fXScJIjw@WF6}06h
zBqxXi=>)ONhs?p09)5i~M}1sr`E`meCh*TFm&)UmSk`?|0?o?&IUUuz)h#)R=-$fS
zVomzA9)PX`;VSN#bDLJpQIZu}Jo2PE=(PgVfHebet9T{5wbz0uUv@R-i=_<oMPl?L
zmKZ0xEAs@4%IZ6}zqOC5rj;q%3Ax+rgzB0gA2Zqd^ljMJ7>BY@?$Iclp&zU$n`hD(
zwgCRX{o=^UG6B@@U4P#_svzn~meqYtj6ctuy1MU+(1KAjB0`+|jC(Y<%y){Uik74W
zgx#nyBv;>a!q=e}X?GE!V0ys}MenGc(Rn?q)*|Hx%PDGmWP(WwvLuQo$#7x0C=C1P
z1p@^c*QNF8ZO_8O(&pL2c9iay8u@gt65s8xCNMT6Hk_|wQptqTP;Z?QT0yEFs?7f|
zQLTx?CDHjVe_5K!J7bjGdiD1gNAz|_<Sr@)bxdOdcRm#gZw*0#>1EL<%Rn1C1cT5m
zrZf5;F8G4yMmrCK@W7LdI3FQ~HTH8HMBCa^#YiworvXBsE|O>08WKARkWQ?5(2;e0
zkp7-td|9-rOwLWxBvrohPSuuG*wUChn$<r<kTW(kTx?O+tO$Fb>4XncsJtGswo!W%
zijKUVY~t>Y#}KBV#4@aECLb}}_1AyPcKwyKFByDzeo35DRHfyWO&xsaA#d|r=E!6V
z_so)UX|b!NdthuG^J!}9Po`uc*7Ties9s?|B+*q58(@SmVd&|n<4*N2nhk69(OXyV
zV0rSWszPtEQ_2P<%$4Fg{8pWhIClX)Iy*q{GhqrCm4>9FU>bm6A2zlASxin1STaI;
z?YvQ|wAJz8@X~<w@Uh9}+ea%WhT#)!4-fU23>|pn@Rp<=q=n^>`y>Ens`Q5!#%*an
z@b+IexJsn{$!X=m0&~lWA+6eR!;49(0I@vF0vF~0#%tqqhCx-FMX0rnFDIc*^s(P)
zB;!(Yp_rjHSTH9#Big?&Zn8x%Y36P^A4n1_l_xv%C0PSz{Ar&4-pXT_BpTPR%3SgW
zGak9^<Q;mfvH{ys5_Gd8haBbTX($Lnqn1weia0Z!ovkA}Mw>T2%OlfS^yk*DUN<VJ
zp)E~ADI1L*u%Vme5(KLhOE=y#<oU)J<_@jdTmXyA$Ym3EO@w%2T^@8t;&Il#i;bWs
z+9?UO#_(o&x&HvVU#nH61TCMmCGufwpu#e@!W^n@V^v6|I>$u)?_edGs*diu_2#8>
zt`v(e$K-)UO9+i1IsI%j&X^|GI1yl~M-C6**Ts}<swA=K-pN=l4OtpcX*-(X<kc4{
z7r#xzL24zr`N}_p7cBOESnNN5L`M*tVMS6|^z>8#^QD$tZf@~X%h<Ow<g$@;x9*ky
zYwh9ep#I6c`-RE<F9Kug#`*&HSOp~>tu`&y#|D+&X<-Y%mnsb+@t6#g51GXy=mpI{
z|A^T-g?g);uIhkRn_8y>;bqs=m@{U1!?evV-#rvR(ukR4x(N2^kj9cZP$C9bt8&$5
zji0|ve`<DbInu1@923;LmO2e|=5E`!uqaxu$g*NtPhy<x+VG%IW{%b}_^rD<V;GDN
zHPtL_BTo$MSvzKG*2|{hwWahWnL?vT8G*PcU=7tF3DAY{LlWSOo~ymGQ9aaUx1@QZ
zuB8$2<XJPU7`dSySK!`Lf?uf*%+c;Kqhu7NP53)+K+Y5hg49K84e`G`9rw07wpjk{
zdJ6tfYJK?4cIk6=i`1h&+8SU(9aoQTITA85NCM*~>5cLGDO!-2A@R<yH(Iy6YQ|@4
zowU0IyS-erUzO!<Eq*IWxR8MPahIrW@>kXV|Fo|a+J5%1{`UDrRh{lgU9V4_U4e5(
z(ml!)4hI)Z;!E-ya|dw+3rwpNg~B`55tBsKES89^z%_y5cOag&Yi6^Rk<gi~^L_g&
z_>i)#75KAYo4R<CXB!|`l|A)gO}Gz@E+H_0H;JfDVX65{;o5V=W9fKbb--4UlFfX%
zI5{oWN==T#M#$t7IrE_g>dSMjQUff}g)D1Gib<5)+xzpp%1ZH7H5FT3Q-hbSE3dSO
zjg=(MZ^vmoW{6?3)hjlJJ)NYL&ke1Lma8Gn?4!<s8$q4x=MFFOhB|)arKz2)1=eiT
zr*y+h46&T&v!ALsLnEtY!fCp-aYQ?(n5DS;*Z1Z@1bhjMoa8Q3>IrYL50DsDXdQfi
z5zj@Y_87M*=wScTxb@-ov2d&L9S6ILpqiq2F?bP^N-m*+&lv=mypwfYQ)BZjq=;i;
zLOGBVdv1%@Q;FB>V_(Q(^Dm+m(KBIj*w@R-30zW(UP4s>%AyU9tF6;~I9dMQJ9Jsn
zUQrZ<nzSahz}{57n;Xv{YvgsOCPDE#ie^zL6Q_I`${<wyp#DlPtG(r?(r-_oC6DNJ
zwZwXJOw#j=E&0Tarr{C>=kkG_B24~n9|~3Qq1bxXYHc}|x-7wQ5ix3j7J&4tpNDMI
zT-afqP|cC@W5w&`PBBX9+xnXVJN6Q56mN8D+FbM@FtoOAMN2p{_lTSh*>EJ4+ni!!
z@Rq4F+(|CJA*7FIlod3h<zg;xU*@7Q-=7oD)fpnnuJr}q>V<dhVf?(hU34YGHqZD`
zx+m+HU}iJtRdNxsw8$n9?955<6Ds9fd+Ub9<8d>K2#^iA;e9Z*Gkrf%0hMyM1TTay
z$*i)exzvxxFVKv1N=8t+rKX@Z@hwTGhlT6|WLUi;;d@6dFrsys4|D4lh;(N~O_B)0
zg?iX|=KXm8u6a(iQMoYUY-l)QLU6sRBEi3iS(Z(9oD>;7n<?x>=KthZ!U+DR)Vu!P
zQN$yYinf<V>uc}<$ecT+W}93qYk#~Ym?C5N@39k8<`5-mB2TKY5d2xYV@-#$w~n=m
zZ9Zob<6BIo*`TlmUt|$od8a`iK#DpTq%2T99!2UntwH8<2ZSjQ<_gcve;}QDi#$Kk
z+rrnc^2Pi5=S}%lwa+Y$3w-i*qf<p}%lW8*k<mmbr`dWq3Q0qIxpr3NnNSBad0)7}
zjZU$_e~<{z_ZQ&qvC>}qST885sHP9A;$zG<kX?c%Fw?*b*_^=ipO<*td(GFK*wM!+
zGWBvxS6~l$&lwJ7sRF~@50>gWH6&ZG!H^!{kPG*7u|Qs%dE(zY*t^vSLOo<U?N57q
zm@#&qvphTtOhGAv*tFELkuGvhQLG1r37=^0fE**-x9^j@cw*f6wW1KB(aaz$Z0UFD
zq^7=A$~0>FPo*1-Lf=(gUU<HU2<g1@E)Gcrr~~5>Z!X{FsW{RsHJVm*<#&#+V7Bs;
znJEA^m(~F}u@#@F%J<jIaF|T)(~V37U)^9u)8y?;fS09OnUnq@o*86tysYr5yZNa*
zf?o&j`z5x;xIs`hhnx$1tMNN1QUmL3q7=ih#KhR~GpL|c`P}8w`{Yz+n%#u#?H!}Z
zJ%9a4?(r(>CfcUW1i*n7g_hRAsusVxX`oGF@uaS8h`OC0cFWgaKZ{Gzsl~FU(hl^y
z))XNqKWvRkAxP%P#RM2WJTtk|4b%ubkjt?%ZMbzYXJyYfR8sxcszgOR-yIi{>uMQ1
zBEYRJkm>H`Ac|Cm#P-re$L%;yQjl=p?AJvMubBO7D0w{IQ&^l((&0nP;bIYn&6>sm
z2%;)-UcSXKw`-aOlgN4o2Qg7J?OY#fkHCrgp++Yr(HCFOY6K&^NXIz(d!am{L$9<z
z=&1m)1yo8o#06p*mAk*Hw4YyHQPX68wuaBh*<J9#1+1(NWr4WD(vqEJCR#X~Qc*F@
z_P&Jy{Mc4JpYt9<ERI5E2f|0{#GvasPAGnl4E6L9AzX5+XZZJy5mkBzCKb-B#M>w6
zT0_oSBWT69gKmN!zh14q<RgBBRP^G^TM6yINX-4H;(H_MtWEhfntV}PM^$WmwU&<u
z_ORq&(}c^f@j%u(cgfUzsXpaE4SU{ouVO7TN{6E)SkYKy!Fzcsk4LoE0M-9{yhaOl
z7$^o95@z;gYiqnM%e2SGr*I3g`?>zo`W*ab@uu_x{2T8+_&tZUNKoa-f@=jNQ?Q81
z@ocOCSZIby;--cOWUkw<y|>yuMtNUV_TUu^OuaM8ohN{Qr`|k0n?iQ78RP3iA_SpM
z0pv+~RG~1~za*k*$S0zOz~FimQF6260VYEI@P${jbdNFR6WO${eYb{ua!a=zLfILQ
zf)NwRXjQn*8Ob=0@bUo0#e9(q{2Ix<9*e5WMkZ3Vq}tbkg}1UC8OLc+NU==Wh-xON
zWg$5;?=#U`b@gx!YwY_!?_W;s{kmZLH_a)cT$y!t#>^>Soi|2T&ZV#3g5F05{6mLe
zvtUy-4-bBWwZ)b|;B-EJ{+2FgiYx7edSkD*_`{p4vguU^wE$d86Kjx7xCzCZ8<^^B
zb|N(9W9_t_KtbJ<6VqwYd)MRXj;kJer{~L!`fZbjD@Avojz&DsMPV4grULk|CK~ot
z*3}_QF0i+niQTlNpMkYeyVFOuJ=tqjP5tI?&g7o&A+f|*5V0cKeB<5ktM#ioUmkG`
z;wPhlZCi*<-=mzIH(E!c8YBM$_{=o#qf8o4wl;?#w9I$fy|r^iolvYjMk!j<j|oOO
z%{*+$xTh(?!%*QAU}3E>z6u1EXfdtA3`UR(lD;mt4VFA_W<n%SC9ZrV6Nr116}51C
zneCly2ClBq>Ev8P3YlEhTw>4|O<Z*rz1j1U)Jnt`yD7DQI$HtZR02+U%^e={bUB_Q
zAE9gd-ik(on;F`2QG^XA$e(Vmc^P8vE$3_ef;CV`E@;re1OCy!enw4P5P9Ajh$pz$
z7nVC_t3(O9#5ll3$b117qzP&3mYiWnW4oWBZIKbQz5~j(a{<vSDx!9FR;@Z}&1PDv
zr6HdCTpSZt{)AhT<KQD<K@d|>=jbteUm`%YzBlj1O_yhIxK1CxrQY*Kbdhx<yf<Kv
zpa;bnm-i(ILiMTmLLAtuO)Uk6Cvu0JH{q=H7h5}X4S{xdE&9}J72w@F6GEbIa;&A<
zc+ZPNxT+Yk(M-&Ns3Ueu*+kdD3diB#JIj8$%fI3;H7|WED6n?orY<U#&MBTDCmDKu
z1yUsMN)qIZIF$DI;hPhMHHd>fK7d1&{06EvG4a80d);KjR@mdE_X|Ivh<dbFZRc@=
zV_o?0(|y}}M>FkS>X}L`z%243eE@JP_(abD69kxR6xV7%YdV$oy`CQs!<`SbEbTr<
zo=-6arl7l{7?bI|qRh02FK@40BTkjl`oqx*p(Pa0*}8$?X}pg=B3F#;P?l}zBV_rn
z4+CS+Ny(1j33I`^Nf(JA>da~;U-iAFVsC}NwKjerCHi|yt{KdsPgq7N;#I+X(=&{s
zHMj+e6qTGOGvj(|CcM1--4DVV<?j(J=MH{7!v4XPDyF&x)x^(p7+aiXSU6@cI>N6l
zNdc8Sn;TSQXT%`W{@BV09p}|IyPbo)3IyNayvc#^#w$clow2n!joiw=;gj4*0&QoI
zwbBK5mxCIxWJ?yhN5=B!R*wnyQ*EyEb^f3p3&rd^-)}gf;Z{YGywoEq=v~9%ew>wI
z1{$`YHo8goBC*Dtj0B*`t4m?9<mIP$@>zfYZ7=Gc>hIQYmvj{=P|cIOk{^S>(!22}
z>LR-56PeW_FV0y^gy%-P?z=bIku|2dW@h6ZLKgUshwARN_L)>W2v95<(5Pu~;VT}C
zy{vfw=wFnfF#%ZKYTobCn``zE`KT))_C->eGrfE5<Kf6*zYw@1y%_R$<4fCYpSp;V
z)P&Utd1*MGh5RiPgL;KV7}L!&sYlH3emC67Lf4;}f4XgVoL}jHG98-i%m_LS|H{+t
zi-zN{f|=nRhDA5-jN95wk>$L91KU0v-=tKX;C=OtmKqu=fTN8P53kJNHp{c5`#Qqq
z-}wp(BayM=v@PLhz|-`L$A6Tvk9?7Bm!D^)#Rd(>_?5PkNU|NLJR0+j1oEhapr@(G
zl0DFBIsaH79bwj6<Kwp-Gw@T@4ELHt%6dCDNo0p}9iN|3l>**|IV*De6GKS+=dTGd
zsJmg53*w2US`Wr8O*T_{QgYHlK3jO&CGxv2wjXEDD~Wz7ye2=`<5mnBo`#1+yT%KG
zsQ|9&w^^KxU2+Y|YWVJd#rw36a7Mggwk>BJO@nsl5vE)AwTm`nQD3#?6h#cTKMm&P
z<XlX<rnJzW6&I3eP9B|NBTjZ|Yf$;}rxhFquM0Du$;s{;DMz_f6=O(&*rSW&C8iQ2
zAIUiPPY~%!XPWohzmYW8iel5hHP-8UmtEgS^yk`z(bTIMsL}S_?;B`*uBO_SP|rfm
zmlGp3{gp`-=r^34c|b}edqEwN7~}TH^veEbOC!`1@(;a0Axy|4ri!h%dE>i%DU8Nh
z)7w=nH@{hc!enK~L5*4~W6w~$6<_+?*h-5P`+4*FCYS|NHJAc2cPf&D$bz<pKJUah
z?}W0b#>;?Y=9F`mu>W2SSuQTUC!S$uTm@@)tW(^vG7?%;J<#kVVKm&O0gwcCV*vxv
zW{$o3>kD(sQ16qoS)G}^&kFA2_nu4pcwv0(>?GYt)Xu$tqiT)uEr9(<BDWDAh*B~S
zI6V8fuqjWUe)73a9NC!X@;a%}px+GSefo%&CGNzBtz}MqRTS7~B*azzvSy3lH(7--
zIjJB}X>EZ?`u`y9t)JTP!uHMJQY3+3#RG%{D+Gs@BEb_R5Zv91TT6>eptwu%0Kwf`
z+@Zz2g0w|jC{XWbd3WB~`R>gAw)qD#naP|v=Xvh?y6%^79jo;<ed>n<^@&c;V?(nw
zlkVKiDS8pzjH!teCOzznmZs<RLadqy694p6s*nOz{9GaHvrMGsO1#?@BBo?mBpwzW
z$#Dx3pPb0`32b1I9V&obW`GN;+YO+PHH^+bfIz|?D%l>@IBQMs&74q7g&~<Sny-O}
zm>dM2-n*|XLp$*)IB`{8Y2GB<t3)8?#3?T5;EoH^k-r#j0^3qnxa(T&K}tJ6H_ka$
zO+<`~X`xlUrJd&Xzs)*%Li?icCdXmfEvUHSc+e}TEmcE&VbNR=25PHNO~MhYWdlYG
zNm%S?zuaAXyL02%Ib9<mHvL=3vrgtqWz`NMu&Bzsz<7l$T^{^ZUKuIx_2`yqO&Phn
zt|0x%W=yr3?RE_-HbN|sT;XfpFNHDak34lq2dMde<p#dyEcSWdaBpZtr9dJ_ch<%j
zF=Y4r{nOg6qsa69Qr$#u2k+N@@4VvjL_cck+3Ra%qS>mMW6hm+E*{F*owb$%l4k4}
zIcw!$blaD=-$^$?ReyglSHKKoDg-UzJ2EcRDsIm7KKSUuJNAVX{0~g&kUoeAS6kV+
zou*McV*bQ_40s;X?p$GH;7qftP(aA)raXzMQ~&kC(v5b-;e*+V4iyzm^g^X2OpqyQ
zjC6QeE*nqV6n3W~cc$;nJwqKTChL?-L1L;ko-#XSYKWn@S2KtUVoRUr`*k6x{RCev
zz7p2E7Le&~>bX8Olb1n7jmubI6WNofj57&`Uu#{N<Q!KN7{ke+6Fc!&DR<54)(;*s
z-Q*Nm)tG#m|KBv%6nUcco!ZQ%l0oDu-^gSQ*9M?ORVydN;dJkQm>)vJiKsVLmbVMQ
zrRx6ue_75F9`UVfY0S8YggWk`#s2{HSz-mc|EEG$Y2xfJYsBnEnE&e~)3nKlVJVJm
zt@ErC;^hAyzFXJn*B8$JlPi1O^rZMd0JG`O_<wVV#h+8-9i^wXn18X(f2aM|bI^jn
zSyo<^vpw^->ip#J>EPyB++!O5PfK~FbEN|d?m^Xs`C;7(!6nKQ&3&uP>tEZy-wf@f
zEQe-C6;a>+JsEmZ1&bthC?z54i@NR&T&&$ySvD%wsk*w}?=f~cd?(dW&a>QiM^>-+
zJ_?MSiAlGjX@S_0#zynLelgnhB=3ywn%yIjIguRC>!Xv}@E;%tz(Gogho}Qxmo_Y8
z;wU5Q)=0jAfG8b~w%{~^%&tnQ_3G2;<@X50qYBlauqL`SZ25{h*2syHN}cX&#u5qj
zd%x{GIwkqQN-MV4Ve<|t{*#8QCxfOPu|$Cu<8&{pB(d`m+Ej9WkmFpoBI53cD#y`<
z35H~JhT_C_%0#z%=KazKMyKEWQd-QMr7js>ySnTNH8>>;xJ!Q5?QwKO@5f>=>T5@*
zJH<n!2Pl*x;1V<s?QL4yQ(Eb~MkLub4ITMwN;SlK=Y$Dh<s^LmD7cm2h(`N+F2qaI
zVR}49fN!sj23-f&I(}&yeAzOH)qR@9%_r`zM0d;CyYT1Pt&c=dW%NZ8rm~TE<EW_!
z-u->64e8{IB<W1aJO8ph;<gkPpM=#c)4nrnymmckoLG=n#j^HvQmq&bGL5+554Ia_
z8NCmHq&G&nzkT|Y7f0_Bo?988uYTYgm+R`*&$Pc7(os1kJ_!A?H-=QE6pD<@zMUIJ
z7RCv0iEYwy!*4z0sC}dUakCG?lSx02erW~*bgH)(ma;d-N9T@Fk(N=B(;PCu4Ndc!
zfqo^N!ur-Jzeu`>L&gAdq)iKFNx_ICbotncr|~dcjR61@>0eqbsHF+Q(4!>PwGx4s
z9#X}gTk#cSe#~y10-0YVwS!R59omj3MTpel4@cSi-$_YE#eO}u&Z{$WIB9RUF?l-8
z2MQV3<!*okuu_ERHue0Vq`<dMjvfLwh{sd<aC+4qTjjIi@5=Kmz5A{fn2S5=t<_wH
z+s!);vwUJfzsOy#7Sa*bi1G6sy*$!YuCja?{h^;uEk~UfxA%4Otv73hn_4{~-VUlf
z3(I6xS>SBm+X`45sZRaVOQ&Vt(OMWu=~YUSu4r9E6^Z_tq=fe|Y--dv-QnXbPgSd>
z*hVUHwB2N+pnowFIT)m@SIR)?$4FnnvL4>7>?kroQg>cl6z0+r?<C5?G<P-<VXT83
zDo#}socfE2#FL>783FuddG|MDE~FajYDa|cvIW`Kiu;MV*UP3h+wh-JTcAY>wv|#1
z!(`ES@hePBln3>*90U$SUStye1h;>-u=M$Ccby#6!cWi)Lv;5qCb(~Jq@$IiyTE*u
z9@>U&BQ^enjNDLH55uQ_0|3Y<0zMAk*-{p0Zg`(vTM_4CG4`vT6JhR9d!$W1cz{PV
zM2UloVD&6X&{`pTiKPo(<so?{n=?=Fe}I(TR6;S<LWj#Fm|2?&)9>4_K}weP){@xy
zd=lGpy#(V_mH>oNQ4D$ND*1aN5+g`gimKG{>N>C${^!Qt9P=r$OONgdh?^ch`Jh@N
zjU}~ULxLc7_mM<uY1-ldqN{;LYqk97{<#VFKiMSi-&ea18+wX;I_eWQzI*fq^M~Gn
z6$;l@cJ@I}q7tcq%AeD??#913sZRZTiRl-pY2*`eR~B@@*~R|kth!*#Ke}SJtWfs(
zAgzND(i4O$!~y011pkycqyF*h;U@-6YEjs#NRyE0`=VLmX;J>-wu~ye8>ggkUPB3k
zN$_6=e=aC+!&Qc3uU!)HIpWllatdCvbk0}V{0MKkTJjoFwV&wPGBc?lw8XQIOa0Z9
zXO^H?$;wE~*x198b|y+UI40Aud(d&c^DQdB<6&-tCc0{OAL(pUcGdz~T)UMNCKbpC
z^$P)fJT8tYqM9EX?^Rk6$0;d(cs62RA0|0_c=^bTHB5K#r&{H!fOBr{)zAL_0W{-(
z{^DAuJK#N;KUoRJZM!%L>{}zJ^>T{jt{v7s-<NnxEEI6hcnZWTWXraW(u|}$tuB>o
z_?fa(NLD9RYtg<^TlpxHI`blRb8-$pm(dQn`eI-_X=ohf5@$FwCP%>wM8z!0(G4&C
za>QVw@T&@t1>B*|0Xt<(ll6_UWj93C_uZuZhgbi4vtFHHT;Bv832{>1(qv6d+Fm;H
ziEHg6R0LEQW#D}t#0zsRLIsR;{NfdUOw{a;I#wI}^6t*5_kq;loHD}$S!((HtWymI
z#yp7;<$HFsD(Vk2O?=P}VWp-}&aI6N%XhBk;%<rf4hG6r=6ke9e;jHITZ^M&GM>d)
z#r<ge5fQ>GoJH0RcapvdyqHw0V)_P|>;Y~Af|TEH5Bh%vZJ08g^L;*RAw8GW0oPH5
zggD!yN*<$dm&Lz8O~yFq6|~aVuMFZ9`2}j=I1=teAA11pA5HOHl0{nMMb9}z07Far
z8@eOf_f;k8lWb8%gLd79ZB0a`x@<GaB$GQis4Chi>nQ`^b~*n+ftp5tUY4&hTdRtu
z7?aFzXaV)DpXgB!fG@v&@Y$<Lcd4%SX?GHt7ScHW6(Jq-hrtSvc>SuPs;HKnx)gQ5
zzo_;7mdI0iZI`u%4o@A3qo&YJ&vW6&)xjR4Q+Xim!L&#GmGLv38E9uy2C+!~x*WK2
zJWqZ-v>+1QLevGCi4Od$9agzzGyJyT75~e8T_o%uZOAE&BwWhD<rB6d&I-d2jf<Wp
z{)ilL`7l+rQ<)jCTj?E?d)fK3Q6f$C8#~-OO%EobAr(;NVjCjUlz4UbTEW@4o@mID
zC=$a>bU-Zo7qJpznq|gYQ~yG_4a={~eviY{?hI1=8QP~)(E~0qPR$$xil@gDk$`oG
zt>Oy5*4>kLaPqq9Hso_S`L4F8venv`B<ycesM#1^CmkG<Z6xF>G2GINI?0*JtEKv;
z5Q&u~&UckYNScbejmCxNiBhos;zA2HRK`<jlYe10C}s$(TxcWnDhGTt?T@ZuJi8tu
zdfDzju=*L~uDeyGx5+}MHQ(meg<Ve2yOnFJgF*0Ba~0zJP#|7rT>Pws@__Vh?@@Iy
zM99U)LL2-Mb9;Ur#yqWD$Rq}Qz}^LctQq*BFjx>JCLLv?${w$qf~nRB2z|3q0k=pq
zsQ%1R(NRD(ZNYKZaQOmd(@x<|2+i!4PYhZ|lgWvopSQi_@t&RaDqV4Wo4sZswFAxE
zggOX2r&IXTa;ZZL`j`EI1C;$^t6bznhrJ{RS7FZa<ITUcv4I+GH|;*5u_DCvTHp2F
z=t(#h*9|JvLIao80_Xei;^6X@d>wLFT7|9U)eQB@AOaH+Sk2b!w799udWO6!^i_ve
zC4^MV5XmHg!?1pWQ4In)htwb$IysQGbv0N(bz!V$Rz5K%@{H5N({t1N??ty(N)~CV
z%U*uz!1q*mK^XuFzk2@4;J$7qxKW@-MPYee*JRnNO0Qz4#(72PGgadFPdr&0o}nn<
znrQSMvOm8+FP$awV%cO3E%(U(2WeyEKT`^1+CyeBnnl?J6qwJbpY(Sxiv%eRWr4DR
z@^GuB@9SfWSE>OXL1;%_o*V5<T-kf`(FeY((o0%cMZds8)dVX_;s;zcMrVHSMyVwl
zJ@f+WYM-C68MW9-u^7OEwEq2-l(%|19OF~Ra3WR#g;UL|!0+@Vl79pOemfS##i-xw
znC)yDt$vOdSk9=^5ck>}Rtk$#pYgvn*-ELZ2V595rU+`$j}sZ|PCf0HiV#{46*ba%
zGB2E~wLGk)B_*y9m7$f)ziE%6Ga_svuF)-&-9(6L&LL$a#e+_7t41vYs5F<))FMo)
zmx|ORu*$M$Us{`j0tGUsP$!G>_akPNOW=$A3iBa~uavcjJ>-BnWZab{U>J<PcmWx{
zuumT|nT%xAaEyg?TC|Z8jm&})K|QP`z>R7m37l$Z{uAO61;;0G-F$)69_=)HLCg+e
zu=w*r;)T2SpMM5zJ-}+E!?3AkNyhTD<LW3bMWT+<hlM5<$7^w?V%r_wu(zN<tFZ^_
zd-v8qEGnPTCCc%x976?2pd68hz#US=yg~2!JwNiIhCyubbdPyOwKZYhR3$K#-%!BN
ztjdrtdw9<%o8o}83&;V}%t(L-uwozU1`*%R#~nyJ9J*gL?u^VxuQglxh-xd<x2P~7
z-zSKj`!W!vV$K0ZRQH4b9e*r(=bcw!yJdQwkleDg+@utjU@>sdtk}dHo8@;1G$ew=
zS;fj13Gq$$gu*zGeM;5G*oEf6x;M4iweCL^)y!p!4_$MTRr<Vszq+R_lZpypABZ0w
zE920doP6-Du$4^B-PW@%Uc@?jNL^*XN`W3q7PJIM5xmEl-xGFp?6}|K>;a(tR!tW#
zcb#LV+_q_>B-XnPQmh4w@d^+6_4L++>eJAOydXLQ;^Kc?Pyhh5qf8>sx<yN%w-sAU
z5|vz;JgxEeyY$QSm1RENQ*7lk<8kbBKxh@%2z6WLv-L&$gUbNE8@=@lC#l7z9An~H
z>3Ns2r*5+?Y2LOOf!8LH0wgfe4CPs%?#ew#ex$>fBY>Cum953qVrQ?A!VO=pxhbV2
z@SIM)O)n1xR&Q&HQi|3sj)&ut7O*trV&hyY1GCc0oJf(wsZgnZiI<E<otRxXB~G9N
zrO`0FQ6O0|YjWYuKzjp{P)^S91&9N_^hU}6L5=HD@qvZv1n>v9SdPObkDa6XA$c0!
zcRTXJni>cP2+5)$=s&>NZ7Tzy=GD(_F7-!j;p&Wyjm79<p{V`IZn5wuewT_PDB(d+
z7IGS*mVu$<_yi{nBmbQ~#A21h+Q#noX$DJu^H0wv>|fCn8Z_qv)v{Q>7ahj7eJHFr
zNA#{*dM%XveR?gw+_io$CDDHE=R>Wl2*K)=ov})e^SdvHW8#m#0<|4@l#K@xAx7bL
z-eb3jPQRUycVcGKDaLA9j;s@Awf{c>4o)(J&m)C3qP96QbymXM<TlLO$)Tzm)XG;?
zSVWKPW0&3(J9H4$WFBoSMe2u_sQ&}~z+!!OO5+%su~{i91JwxgQw1%Px6M`z&pNg~
zt&4IQ6NlEt9@Xsm%Iw_f+Pshr|DZYjkG^hJ$@Y;=@!&_T*TMevW+Dj8xoB|wMb=V-
z>n*~&$II-e<{5RAp|$lJrYS`!@2NVW0{SI7b<WAKgu?qv7Ju2oUJRI5V`9=VCQzp7
zf*5kTg<T{Wa!%vW-#g3PfEd;~MI7<toNQZoP^#PgreknbxL+8Y15q8N;AGxY_z%Fp
zDOV{c?BaAh3LN+Nz<A#%ATjBATeLlIB!y^$w9VHSy`t*fTr$1Xdny{@-qxnvoZ3}0
zuN&_0ieUTm;d9{Ky3AuD2D$TxFrSqp<Dd6KZzF}02kT(39}|*u9{&$mgD8Fe#&)^)
zdXIDPnVhD0ce@9PbEa>G{=1YO5toS{ue9q@jmNaF-!ZFv>QxTdwLblA+_-ISZfPbW
zW;Qylg&I|s^G&LBc=v!zW#%)uj(7x0AqJqXsNp4YjG{K+rt_lJThaOZF?dioq}W91
zb%O{MX%II7vMJNW{G59teP@vQlTW`96YvU2_Bwv2-35R0q71!3kVKq%4(q?NfD$ge
zwq>o_yuc2cpU@*GY=&qI!ECh`YMcnCj-_+m7=6(@vL<mWuuOBuWm~S;<}G@(KbPxv
z4|_Kgi(L$>p<g32`a*RV?QCMjAWJ7eTo4c?58ei_Jhg#{OAh9D{2HsO$V5m+BkJZr
z%8<{IP<NJ;w?h7rRZ8%NVIm&(j9|v7nKJq~`SUi<=<r7bg|?(R%JIb#i_J+5F43*z
z!AplGBcHbVn2MYSb4h@sXve8re)hou*}Yu)4rnzZzfJAkp<9Dts=cG6w$#3LMYQht
zL$?*MxrA@|0`~DQOGtjy&~zfvoDhH+ENXHaWoq-}GWNKRV2O>4@X5+)(>E{K-I8$@
ztLl3`M2DjyWKb8dS7a~}LGVPx*??QN6AhG6&wUq;eo)_8_eZp-rOOUeF(3ByRJd#>
z7S5<lvkQ(qgs}`wlE4(x_=-loIKHn+SE7P46Y6|HM)3qSl8$1zI;BMIDUo?+%)_jM
zUP5M4ZBmy}2JR7Z90&x`uIv1pxP2ggX8j-aSiu%t;Ib5Fhq4GyzRk&wy>XEc-Q-rk
zUDBebhL|i-gR!{=oow|gg-%DZRANc&3Si`Il|@}@MxQ&Gh=eM30<`%p-ACb1tgY9^
z=hq627Gq=6>Th;dChTG*CmCot<Rrhk3GS+(gCK9n0F`58zV8lcwk9OA!qPBx+C2nU
zPHFXWwWHtiF5(L|BE@4nv6p+F55;pv$LIR0?=j>#5T)`M+&0y`$22FEz$LOV<?g>D
z<Pw5^x=l>WA#uG1@m4x*3G&?%I+%0f@~*3=%Jg~iHK?NF@k(Qxd6T4CWwUw1(npfg
zf?iDZ$0`*^GZEvghn%$n21>A4@D`qo;mgW~jMOvNJ&)6Ep|iutW8u)Yj+PgTq7Gfj
zKYrTn`b&|E>YW7v4RARUAE{&k5LbHLbeGK5&^6mH4219&1wQRS_nS=d<S6$B7Ec;d
zevAZYkr9sk9{ibK^>!`V<$(JrL75LGongH#Ar9GZsBJS=`K|8Wx79mg-sVuynSPL?
zXISx><bWlJr~VKSkI>N4UNJi$E|CP(d@f2q=QCSo-KN9eXjOJtoJey&e4rL@`+@i#
zm}UB<BG{M$YLq8HySgz+LKz(ig?E!s(uJA(HHR-&=SH9$p#$h>^=*saa+F6|-73&l
ze@?b274O(Og+PM-vi4A31|#`fexP_<fHQRa$;*e+(%M3NIuBiDMiWD7U-fQtZoFNP
zX`^j4rPYOH#{{a7Vo{V)7TMKEGO<!Myny`BI7mEkWcbF~@cGletU=Q@iB3~I9vVMO
z7Xy(`_x&@&q|O1oprE1}XUwi3<<%j!Ri-q6tEL{WWKH!=WGTN|ArO}O(%-)Fa94D&
zo*N6l9mW1MP(?N|8!%Y*^N<+|j43l20LH{mX%)Mz3|EEXK=UvC{#Xh8+O<V%K3c_U
z&KabVZD&l6h4{is40$;9G<JDFAelV{%%bSiXX@NI4`H))!)0t@$XB4ZgMcU^R~9|=
zS6dz-!<WZijN%w>gH>=SE0+%=et>0nLO|8WO(}4K|LRX8kDQU#ug)Kw^1EaC?W*W?
z)QyB=Lb^QjCrH-~io<+2lta(i5AoZ<@zwnE?(s(F)PH?_(vj=$X7X!(6G)`6;H3Wm
z6Hf*H1K7CqeO^<QHIz!7XLD~wNY3Jbsrk~m*35L4oXOXyJ2Jdc(kManL&m7C_tsr=
zBH!BU>uq_%Fxet9Xhv_}w(@(fE4r~Ml3~pLV-2<as_MyIcr=pEhjw@vhs8h!CCrQ%
zvq^Qk<HPE=m^)n!KX!5{nl^pHjPlSQIP3^A)MFDdNf^%+Nv<oCqwHXavz6Sr{ks4T
z^b4Cp%Z}d`Hpe-;IXImRUi+BTWIxVlnO?<)#Z2vpAp1mzPT!;#@ZK@x#HNaP`VdK$
z{{_9pO-ys^@@!}CpK{xKqCsBgexv!h1~c7OwcX4$;$_j3zA$Q@0-YLCtVD_c(P6cK
zjwyB6z_ZLw?26gRgJJ@cr%*6Cv!YPremq)BuDS#wQkL`7PqO+h5r#~j73F&mt4@R{
z9_Im8c13)Uf>ZX&3v=LWc0V=f^R7m_OG7>sSdDiW9LmqE)XHcB#Y?181r=N+;voJY
zz_xe<OaHOr_S>SZ!)mXYJPh|jXBOXPxgSR>Wz0HNPQ91|O<chiWCw)-8lO<+>nZX6
z!cXsXXzF`|8})NvM81+;rpOxhjtI@_Xu+Deg9PbS+RM34>o~-4(V5zmtTlT^?5Ue!
z<_jGQlY4)ZmcW%w2^#MIvRW(VX18p%MP&NHd$fg$dBxbC=3Pr%bh1C__WxDrj5uL;
zz!O6aM(oAUIzP$3ZWn2+X5Y<ibkaGYEDV~G2iu8BYUHM~P$*U?Jk5&2-s+o>NkGss
zApLW`I=_4*d!^)SkHQ@Gx~jXLL^%;^Wttu$e4%-nONL^s553{s0(YIFW(D22Gd=Kk
zpcNXwof&EiW&|W6l|yDV93PZ>eif^^!cTn!MYqj8@@w3BrRcymLj}Y3rsER*;V1#I
z_rw52^8Wx(^}>eOPL^f&-xSP*@g)rh^l7IJ{8UF+2$s#6v(d?vV^)X9T$7sPd6$WS
z^4yCXI%KofH;+RCR_9e)ww-G>Oax1YYe92wWzGYVBz^L~`l|4*@oKdqNhzJwl|k^>
zgAL;4x^A?NW8F%L?DDv<H}PwBslTVOqfEQsm7QFaRnXu(&AKUT)(S)Ur<i=&&q?~~
zohR{)D<8i!al}0sgBIqJE@?45n6{pd>By37O8PyN^NLFYVdo$`I~3CrSsc`EQhE`-
z{`0Mg`M^u@dkoekCk!&#BK)1^o9(J|IYYecVml4ALaLE$_6LcLt$&cy*P;I6`P8?#
zp|6A+-$r8*(VDGoQHEL#w5~ZHZ&gW|3(X-v*w=Xn$f!*CGQM?`jh9cv6pxU7gvx!i
zhzVc0Gyh`XdyVZQ{lqnLrVb10J7HQgod!A~8n$)I3<a3tvP6Dj(!Hl;KeFyJK7M6<
z$2K)XG-6)$U0t5V2@<Gcm+5iP79ch}g2P1@EK3wN<X2JM4rJ86$tJ0u%M|1+TzUV`
z305n!R9E=Lbyk#$g=*fy)xmi^JrJEK5<9vl6r^Y4*h(o>KNe}fk(3>`1L&nkpN?DW
zWV+SQ9p-wdYP3xZIBGpW&Zu>%Ia9}|RTSLUY5~6|L=$eaAW5lqFb9(h$1s;wT8-GJ
zwZrb&Bt4;Pu2{W~|LhWDx|4+pPzJ_zejYoOm)X0gWjqjhvw$sGBO&Z+v8AKXW!qBV
z)Cp3;5$L<xcBd~eS?~0{9szHN5IQ6YN*>K1(pRo90L3=ifI{0W)8PK;r>`suot<<Z
z8~C){J45(pzIFx&E(&V*;LLEH;Be8zLX|!w36b`GOQM%OBmJ#Q!!>d8*JHPGy2>3x
zoAX0g8STrv_m?ns^$wj1t{>mbFAJ(jWdXDqsB{WKlQjLfp1$HXEL`wVFrmolUUT^#
zA;xElW*1qE{={aomyw#ZibY1!*ui56e!zP?z{9aVu`+X?5L(8yT48L`9JW$7@rSO2
zLGUrJERLB?_ADF5<VZ*dDDZHK)kUJx>3QLih|TuV!+>XLQA}yFDd@LprhdBh;tg^g
zvt}9(l#;k-a$2ow^XbcsNSq9H7sbYjNQZ)NC6tPZ3kMG*f_9DGmnfL4=UPY;aIo^&
z3HdlkVm|T-68R)#I^|N=23l`0cQKLDD)4jnSAS^7x^Zss>eY^w!&y{H-`R{R@Fd3=
zY!DA#LQCQVwe(cMv@bWyKeA{gM-VLPYGv33MwZ^Vt$qC3asg`hVUtwv6EW{&?D5H%
zDJr)*H)agN`5q<d*eFsSo}MJvF&v11tV=vVvL-hx4b0N{5`|$-X-y)BAe^JfDIxlN
znTP)l)tndyD`gO>0M$B&0V7HIq)yuAAL{2%PSyo<n;XSM+jLVL)`%h@tPL0@OgCTf
z=X5;>d_FY+eC%c2>jfp6Jzn!ncv|Igxo&y)GI!UcsCHVl5!$*>#hg_jGu4ewPtz6v
z34^i6>1E|9Sb5fQ@p#jY;P4Nom2OvC3Nb!;mYC0&g-?bBFM<Td_k*c=(3j-C0VTbW
zd;AP|2mAwvUpzd9uXW?9?=D=VO@2W%gbmmQ;<Mdp;<FKsl&MWSr!5(V?#Rh;v;de=
zTAPO#BcZpNd5857@&uq)9;rM5B9fV)_YZeFqgJV#4^lYIO8wJ+@Co&ksVb9+gVRon
zjsVq~W-QgJQg8vFs$pNcer5;X*WNz1_MaEVuHu&vSgr4Lc+oroXUBsaEWcimW%vE8
z7a6JE3*=x1AWu>R=U9RN3hVRW7fS;9JPj5mt$C2t^u}qS*+Jy(BcG3FcWH=RWhP~a
zTJTC4%y=PBk~9jh88LimD-pQn?e>gzv#l*Oh~dG~hNn<2Wa}k!a{NmZkphbtaWj(g
z-N?Ze1x~R9T|9(Cmh+N}zMUw4RfvXVl^yI|QNt%JBqN73&k19Bw9p)89r(8FP(mTj
z7&!z0kb^#qm0{vIyv|O^E8YHp@m1J2S+5jgx}*zQdNAIJmE;2%Yz)X$CL??^Ie|Dy
zPCSXmA^Ss5q}1C_0S~_Dd)#YWzPG7v({w#-KD%6^4Mk<z_Qg~_`dxMu&i^rD43)=w
z)y=V#o8<ZJ_Y)&Si;2GH;kIf6Z9v4#arI(n8&NwRzO|L&j}a@BGa$fr1BYt@4IeD)
zCWiPj;GD%NSy7ImJ`sh4kOWV;tZqw70a3ao@~O@G6`hjXFuWYT=mP>Ov%hLg6Nt)~
z!_pXn#D=(NmDT_Lw&m@p(3rPNXzHp{Y=xz8v?oq7(EZ*LoucsFIk3bhp&<Nl964f)
z(H{VqTQ;|~C~9n2LIvGj2R9`f>{kn`KN4@#Zu;72-7A?_m#y3!j`t~q3Jv*t8C}3w
zN94`meTF|CJsq)T;cckj#Md5w5_Wy|s8c>UzooNNv4JhPD(QZalO=!j1Tl{(1zho#
z=cH*i{S8Gs`C#>oKESwpded`jIK-J-Qm*6o@ee_U(CcC$fn&yujpPcv4-Y$&FYvbp
z&9GAg^GCszU03&jF4@9{<3LhHxgbGKVb-e0_!ejL$QJqW9)Ff|Qaa>J8O)c<hTS<$
z8_j3G#-8<)@UdC9Q06cHV%6y5is|)Do^+sA(gsZiU`%X}*uc#{jpygnl^(Q4;|G1&
zqVb^gTjNe$Yf6*x$#S}XZcP?5Q`MWI!pm5HA&!rfH@ov~4|XE$fyCE_SnK2#pO)0^
z#KfN%X^G$Q(K}RSh(c{{sp6v-mIX5%is1W&AKC>(D5vB}U_lE;wHY+MxbjfSC~AO;
z?7FR^lo%mS<C9U#ENU~sK&#J09*#Anc$8R)>HP4!L@E<itsKXzA~i$QQZzQ=NcT{u
z_5PCBEJF6VQe<<@L%z^Z96oeIE4jMFB4rHg>l9lfkIRe%_<?}$^|S9xK2*3C`S^SD
zq(hY3nAbA^)AyM2XK-4P1{FKUv08HOxskdvvt-aRlOB3ljna=KGOv{3SDnl^&$y5$
zH1*(mJvEc!H&Lw!0u8>=Mqd^cdU)#elb%C!XHEGtr4Xi_{20t=Fb+WQy_)e++ka8r
z0ja(F2!y}z|K^u8{7}z4wm)d;el$kFYPMjbz-b{92P5F}-v`dA1?h1Fb4E8dm)-%d
zK45#K{TR4lJ~r0N5G1szDY|$s(~2quhOf{t4vmZig9Q`Mp&O*+H4kK78`oRN)^#Z~
zD9GgAO#yoJs{rIGDqSDll|Mf&CR2qFo`*$+T)?s-#$;!zp;=AbU-r-#Z=(tFtdP_1
zBoV%q)4GkV6_>tnlLj4e-&Ih{Bvgo%A()ehm=bsXKxQZ^lEr{p02WDF-1U5-xBHJ|
zqvdIktk2y}NB&r$=eW1p{f?{#Xa}+A0n)Pa8EOc;Zfpm+4emDz3Nh=v+wIt^`KHih
z7+-9Z-ZRH+Pqt81z^wR|mc2w;i*}5Ps|7bHR7P$Pwft55pwe1nMfbd1%jD`v=M;qw
zR)DIiX!m@lD}E`tS7M;fqa7I4!vvw2$Y<L52>kGwvJmdB)1C0^2cy|aZdh6NccW%+
zxHhVzAjC^!FYD%nA6ux%$2@1O!V4Z#?3*vlk!F-*MXwkr>)a=O5zZCYSo0lj=}BwT
zKUFQyzlYHgQ<uwO?=#0x=}?%Z=$vY0gc7TtoT^r-{zxaS%yYlN&uZKhuArfb4lxqN
zgLe(*I*Oc8n}NV4)k}vrV+`3}XxM9c9K8yW5<lv$%N0I~9jTv5n|_eynW^@$(e5ev
zJECejbN)MHC!>xpS5Wm~&62fhZPJYdkb!Q*SIm6E^Pqd$R)xvpXvQm}<J;uJ_Lo1*
z9fH2*_%~7Zh8k6~jQ4`xPYpcfj~T7yx&KmpLUwx_HoEz;9kMiM88@=*mf6wj$gyXk
zVv^YJl`N3jua^+$gL78Ug*od404EuV!l)tvl9&whZMW}we4F39wIKmz?`la;U}PY;
zJbhHit$F3A?1Eq78GD2){>HptKSTd^g8<Q9TWg#efrF2=H>C6jZY7Ifyk}ZRzpHX+
z`KnuYads`t>zPf?S(w+GdoB-xGjS!W8%486k7=Yon^zz(O_s??{2FqNJ4CpRx(ptA
z@DO#OeTxr3F)4odVO222FSv9S=vVIFt+tE$(Oj2Nu9)$3w>E1&M*N$*;639p<r?wJ
z!<J&>pA^s)b5EHvcUiXxr8TWWuj39m_3SkN3D{8;0jE~5<fA~xWQ8$KP#WLZ6WH%z
zpBz<L*D`ZIpYDbRWQbH*)~JVnPEu4(2G;YBO=>H{Bb8~?vhnbj2I7GD5w^;O1@ueo
zsj)K__Sq98LM#R^wi8}Gf4;0%%Gv7+V~KdV_S-4wMUy9@g}^*34?1u+t|o2uiDGz3
z3_LtvP}X^%@$uNlfqVp_O822Vg(D~2|1~~c0=rH9CXKR+aajTR37!%Yg3hz%oZ?Xw
z!s$SGUye{y-hLt%%qLE%NB+?8vt_XvM|;l1o6&#<=vSF{#W{BZj{HbY(Y@!2XZarC
zvsnds+BadfIyS3)!t!?7^>w+ynw<y5RiH-#TlfO@L4)Y@25KNkIWz-<cZ3wAsIkh<
z2408z>us7Ar?oW9D6yHkraPz=Q~n{8IW5B@NvZGC@%SE)>~XQvr~03@UDQq=OQ-%>
zGnvDf2FcvTuadgNW+0vF6XPcxszM&*ng<?~$Wss(r08V;Xbd(gtFxU2FRiKPs~b6!
zOJ)Bz>c(@|v<A4MZE3N_l#}rI4mZ~pzuwcL5SZARdNC0)lqj1omJ$LW=7|ac0mPQi
z|5pOzuuALL$R!H?O^<mfTlpWr6l#sgt0=WU*8F(&?D$|7AMt$qm-z3zmdnG^s%Gxg
zr{7p7BpnO?pCLBj|AmTvomILw^B+L`-DauPPx*f$&EIJM<~vt@%Sd*Axbd?3FXim-
z%)@4(Lj9Y2b<b20{|<UR7sg*tpZ*7+zF|FlU48Fi!Nah8k`k&{^^P`uMZdle$;w_y
z1I|<W{uv8RHx<1+pbY$_suG;e-nd3YI;Oh}x@ud*gG=<5;biXKm<FYaFdIE|`?o>g
z;>tklhV~aHyHOymKP+ZC)YmbALl5X|<TWB+Z3tf99GT{=mZ+qvl5Z{C;&CBWG5I+b
zGyyE+=-Dq&0-S2q+)lh;$pubhNF-R{Rez-M>NtBP4$<n<f^SIaDpydRWy+-b{_8RY
zA4fVytxQ}XYj~R*C}PLKlM?o6NQ4YgU!|eRa~f&KLDkmIQLB_5#a84E75I}8Gmck*
zQ~S(oa#YLaI8t#cpu*12b0aG4q2b<3On6jdVFLc%=kHm|tlF)t-5Csi&7AUl)8uqZ
zfrU*V1^D;Ch04I8>Gb17qUWs%cJCfEoZM7ScdZs^eoG=@$w^AKdBNHUBJx^{N$^_W
z`~1h3vTAyYx_E%|;wOMarfydoQ&8q3ZQ{0jH0N#AcFd9p=ndG7JmdkF5%sPBVE{mA
zJ^*3jsqzWxZ0hscBBK^0WB&WTI@@*pq+`=mqpgMd@E$EY*uSW+_F$g$6Jj6_1o9qJ
zh!YzfLk83G5ajTy#_@jml`T1vaV9-P?bSj-J|3<lg>re01cOKbd3fGdo%;z9$x*$l
zXBN?KUO}y!{b}z7)&KF<nUw_5?2fi~`5%($5NL+`>heFjoB?4V#&bI^0npd^?^?F8
zIR@vmLET$`g%!YK_h=EdkyFecGaeIfB@rb9@hS+!F<h+$fRYSofnf0hAr_D2vDaOC
zGMJ~v7I4<6ZM-dynwCEadwQDS=??3wbDnIa&y+t7-|4%fq>hVNbdvqnJ;527XuXe{
z%{+|x?}l%yDB64WUm?!)-CcVSB};rQwpPqisztW7wz6X!IU&?42r~e1CS(+p)oDFE
z7LQDu?Lx2DRGxmFcdeMZdTs;O%dly&&U_Dma1{!t<I+QjzDg(uZ#-3@=`&m)tYN!R
zL9BXB!2#_yjlu1sHCPPuztv=O%{FU&*l1v)=q_i5P6n>5>5WeANQD)$0wPGX$G9B+
zFf4No|LfqbDrsi=apfI04qx$#2CAXQZyLIFYfT+05)74i_<8t^zi&FHWutx9&NK+y
zUl2^ay->e!-}#tkL78~%S$RonXz*ulIeD7kLj(s#6CXHP|8nmcaeNKDkwK!5keWuu
z>0HCltbX7h7s|8hX7jMGv_!9Tyo3pW0pBuJk7YN8uqdZ*=Fi*y0|><lz1m!wXNkbE
zz*lumqPnKGEvCy?E|*(;D-Rb_%_`D?wPkzgnaHQDV?$(gq>QYiB(|r|WvU*Bt5@rc
z>YQ>0yYx)x@YhHcw{ppxYl&Rpwc=3oo9FppuxWlGC2J&ypV{s2h^RFPXm+W}Y2Nt4
z5Tp-z!N$M8EvX$Q)3~bgo{<m|*<fnuG*^zJ>J=NiSHWlA99+E8lMl7Xd%(*pGBRyk
z(#pWQgFu_NV%zCq9q8m}AVCfVB!RTl22s>^ji6(DEjE8#F<1Shb<_>aG9Z|+317zx
zWoI8VRSZu`#QC?O`8k7V`o35<hz?D2j+CYG2zlV_jOYcB!Bec(pw;z4Q(l7(iE8nD
z`yi7q<dxb9`djkm=5bYei*I1_jL=f1aE>Wzs>q3l3>U=oC%R%5&GPP9%kX)XJoD4%
z*7EV~_fF;u8;19M`sn)G)KPT}D}R;|6b3b%kt2>UZvKE0quZmTu}}%|b#G)-cR*cZ
z@R1+$`T#2j4EJck*Z`F%CmDb{!rP&!oppzXo{|jwDFj^-!vEom<Wyt-17v*Ocl==?
z18PjlzNE;SV4r%aeH`-CTI}#&Y4CPwf__^3)9KBTLq=|^)^=Cj(so2vi`MLzPJwax
zx=4HWPJvW5DU)1?v!&!w{?sqK#KfzyA%RBneh;(JC*+rZ(`L#8SfdK4FS)EQ4NUL%
zkM>;kDH-hl&Pz~ByT`>bAbFbGdHm$WW1hzAn}{>9!<z{ce+DuNjMySBJjR$t1IJ&X
zU7+`CSN#U1T$Z^LN|EHy0?iV@o{k4MjI526b*hG2m)M8035bwl`9a~8SqggST9ANd
zp>D&0PWlCiByV3!U?=356J1T6W?d<6bt2s~){&%Q6hEQhy(pwEp0EWX27D4{vA*`W
zzGLDHatyQ0rp~-<)B8}i^u*NPIXqaKy2=bkOcT~+u8y*S64xq|QFZO#X7;=>{{ir;
zid*wKo4OqAQ~_nyH(Ixdyb9%alXjoF{}nvGzx5|GYXL7<el5nOu{Lq=;oyjS5(2Bh
zF}_ZBa7cT|WDaeSF?+}QNE<o#i1^1Zfejrih2TT6@h}C15by3dqrMU|z&cWv9MT;`
z5=w!mBI@1=+0mqL?r`h3yvv`nL{*(@2=bj^3j-THIpX=$yQDlpMrWIBG*%6~qWw-m
z`f@S58?LN(MCz%k6_Uey2a@;-q6oMqdnH!JVo!89=^ZPHqIP)fC7#moh5_3vF4vyp
z(#`@<+1QoV;+Gly9xVQmO|&}v>_ItVi%(1{h^RAyHMAi1z&iVqy21%p*ks5&LaS_q
z3L~O>Ri(sE5&y_vs5bU-^^z<jK54;lJ0g}E!uI+>&ZFEC<;u}*r)$+~kCrLy-6;iJ
zX@dYgjp;0Z!Pxv;0p`TwvZqK`26hzhC(9%QkIt$Ld{SL$Oo;17N{1ipSsL=s>g(+t
zo8a47Z>jxZ^5np_=>Gr}Ar;#MXJ&=^b6+ojZ89BSOX5+uzFND<f%m%ZZ2qX(d8XUT
z;4P73&Psj*k1Qu3TAkX6z+)Wy(Lf75SKb9zCJ_?fniQ~p<64;7s4}}Lb2IssF!o|3
zq`0_ns=;qqFd1S*tsFp=$%8i#vO|t0f=LCyYe#E2vz`Uvt2PjyBDoYPoPY4b34;N)
zK193u-NFV9DYyj6p-yKtG!6i6jNXw}$o%$#^oFqHwI;aA?k%b{x?m)*lIgQx=nQhZ
zmbMUEHBKcs$!Ew?5IfXTmD-El)=B70y|U*W{M=$zsecREZDvNMH&3e%W(LwQ@Wm~f
z3uO43>{UePmjN8u_=gQ-XG(!@OCPP0Z#9?C2Z;^x|AJ^R?6ZRfquLsRaWF=-Mf14J
z1X{LnMQdVz1v-MguVv&zRDI(8!lseYI(Ut5aH79cdGeJx)oNvlEDJ*;5IG&~R?NXz
zSiY(?iK;=-senil?K_VD@<MA<t`sHBAhp4FrKAo#v){Vyi^`_?pUyxX@B3sOj63UK
z*rTCewCO9L;$C+9@7d=zJCxR?whb6Pc^R;xKAy>v2poZf_`U&CUo=(f$Sq8JJNI||
zpC`esCmML0z}11rgzCH0bMBgOO@!0Ok#>q^ZkYXEG!>}uK%9u$nI-_H%u8ARyj2G}
z6JH+O(eUO`022kwbndym2_-stR!Ec|d7fBU+GEZd?P^!33k^st5&cP}JvSsU6_zm^
z_u@ixm~P>lh&0<(#)f2J)3l{gSM)+tfGFLxuetP(pQ1d>J}C991GW4y+8!dDk7D6r
zjnuBj^7N+AG0fzhQI+6fO)?~8wg#I1(%MzSN3;)8SZpO?N2cz}l@IXUk$p|rDhYl@
zXt#J|w7l_szP@pvOKV1{L{jyt1osjLXX>k{s3t|-M>&9>$jXP%ys0`cADy^O_*qu1
z;;7}V(XpXW)ua?fiX8w)ha;z3{9C+h$6b8+n_a8@<&>r=4Q-w2*Q32`&WqNjblJx-
zu2dn8O#DM1<$@9`Vp_oAmgj65_LYU5_wcgRoF$DK0y~WvkFAXGjABlVU(`ex;N8Az
z9m*;^5|jn0hT{38qhm^_ti{w7-|&7HM{D(}I|1lXVMSK6Z6StKjL$9aA~Rhb!P48a
zIpRV(G?N`{Ab+kxbMxl<<(c<VP-m_ss`A5oeG7{S9Iw4(LNc4w&#P?xzU-v*_v8$<
z6ml1PP+lamoNBm%?IGMB<htms+Nz_}YrfhfQIONU?y_b#zIT4N%aNJ?in{j=YNjC~
zTV^lg&YtR*&zGEx=sN$7PqIu^JJQBo?22{xvZy&9N?0a8Tz{&(^}E&x4|_slXxdgS
zdDq**B?s?z3u~^$`PMm0g)xs{UaaYzK@#@l(PT_cEmZlVy?%2KQKT#oAiJm5!BOQ*
ztT)m1qQH|wU@%VN4||wue#!N6S8e)KFT$CO5<aMoNy<WLK7|s~?UBB3rPY2P_FLI)
zWubb<o!P}$NOV5VeV~o*!&!5-SJc8u-_<HgYyJ&Y(i^4U=}J8^+<AhVM;+6r7LH2d
z*eUXrE(WyK*o3^o{MPlNHh-3zy^0tT2IYb9>)Qc0D)Vst{gzWN8)xVcP$XDFeZZ^W
zT^aw^Jv-yiJl>OMk$85>Cly@s_j2d4bylBrz|}_#Iw!iET4d(m$vZ;~98@IwC(TXW
zM2Lwd)97HS`?C>0e$dab9V{fid$IAcob5sLAKF$MNVC`r!Uwx-uX@RLGYe=UKfJgG
z8~s>BC|gUN#)ce7G{4U#MimFeVWAm(76Trf<;M*RaedZBH+D%WLLh!ei%y36US&Xd
zB8&$BrGpafkRpjsQk<$)*>AN#naa2CJp@$nbdls|@4a86G`asrxJ+_5d!TfgJB+g-
z>d^mBzwH@n%`e4O?tg4T&VBy}mCbau&?L^L30wOd)z!2#V{~1A(fCFGL$Oeuit-81
zW_?vSE(%o_9%(2CMp@tNAQmg%IfOsDy2E`=RUqhLd6SDd-%_rAd1w-orSW<5av~$$
zXVYIZCnbu^kvg7)7*IDfkg!O?N^;2YqrS}tC*3How14cstn(k>|BjVe@*nROzdinD
zEGTlZ(Cpr$s@*}d9TSJ-;4cW*(*}n?@(ilsC@c||G7rVOXB?ebS}^Cnnp*1COh2)h
z94=W3qepozo5RZpO><@s5z!0-Bl+3elKVEt@T)4ty}s7kU!s9)p%KiO6P>7MwDxgr
z3j>cKtM#AsGZb_+TV2%h!RF4Pyz{E(WJncp5TcCq@5J^j(^meQ)bkHM0g{Lh{lTCR
z!B{^V<<<#V^eOP^N9G}?6rNKgosdXg<T=|*r*EF7_3eIh3)rjM=CtE|{H<~6f8XJ3
z!pHYqsV@0LaO=Bqj|~_L;Um7=ZCz}bBuYo({+s|<D}bGSNL`fz6#|$A%OoA;Jl(6l
zg!TkF&-K@6CzbXZwujIm)n}%p6{4f52@s!(B)k!KMla<h=Z_`p_P*yw=J8XtZbknF
z5Xq0nDg-nPpC^%R!+3A{8dFa3;(w2$p1yVOa}6qvAOvZAc=F=e<A_IXk^^g|S>`5-
z=}AmKI*fYqN3vAGM;bXyQ>wV3mc#-*Ro=6b>}-#!qy33dCaJfu&*Oo8xK5>~u~l4O
zP2!wPa@^mV{CyL046AJY^twR41WWNo-0!e8G!j7Slp5!5+?JM;L11#6s(}<mv7`b}
z^u@Bi2fA%9qEgy5KEab)vk>+}+WRl5_$NXG`K+X|Xk`EMXo0^M1FErYgJ{YFp#KFw
zqjoQt^y$4s)&vRC10W1MgaMb6FYVr|$qHe3*l7#>u>8D_-=(Il59?&)c#k#4h`(=A
zuKNgd`Df?$vi3`ZF>tmMoBe8E%;wEOui>JY$Chq+OIPx2ZC#YNNHni~uy0nW{}EWr
zA2`dhzb3DxR!q80Nd%CmXNX_pl&D`O1a90IGx4JVhy1%O!ke;b;clFWz^U|pgHPH#
zJS;esvDn}0w3G7hv_(vWgF>v`QmT_=xh9y1;<T$<cgvOPyTqu=K^cJ=%vLmk$)A5Y
z^Nt<DUt;nC-aHPn*stnLSk<Ko?4#K$XblY3)9McKFADsXC_JW#ual+IE^=gf2BfKO
z5C9*)6Kp45bRW3$Pa@@8A<e=&gAQv4ZFj}1eU<U*%dSa7iX4Mx>n2m}2G=UO8Z&D3
zsniLcDDAO0x?4cOqGY1jTJO-=ZDOs18tgs^l<Kd-im$1P%=XA83h7E_@J_h`4nkjL
zOU&^rkN=&>Pl`#r*qWg8UR-|0tKE@WRACti5t_VL17<%%>ryW*F(7=OyDs_vXkIm*
z>6duJges?9VN6PDA$p<=C}VdWMK?Yu#m4#J6)d0DPD>`J56P!IZ{@#ssVh*U9>LF)
zs8UE4`HBCaJp1q=|2*9tn`hwags(o!pgoZmwQXByOY^4o%{1K7F98C+q`cQMjx`1`
zfQa*lTamvX4Y<0V3AJr>yv?gK@pMwz7os_Jjd^ZQ9mwe)=nCT=R8)*3av(za5rg<+
z@<{0Zs7dD(Gd(r^JvsRkR`qpg>*~8+hrTus-?`KYs>ov6kzG2~M)kKKFO7!I)y#HT
zQMZQ-{8l!HcL3j~A>%pqPIxC^yy&KrlAAX*)tZ>3%+mJ2{qWjC&O`kj>`1esMFhLZ
z)5nCOCYr${Qt9vzjY+<k`|b@~ZJJ;4X1lYiGxgJ2F~wfi)>CXZ#J!3Jq(01qOkiT%
zbM%#YPi#a<5qXG6(`}l+@owFbeq_Y#F2Lt3Y?|9kYGeQsA$`-4Lbfa(IF}%UG{h7+
zu%277A_u-x`i8xJ(6|2gSq2sbs%;?zV<V~=nhVV9zZ`jJXJT}wWXY^p+o%GEQjPOi
zh<jOhm>@ZNJsjm@WjrKZVV)KOWpuaA;~805Nf_itPp?sA<n4##?=}9;Sl__i7Ha{{
zB76YR3M0n^fRO`<)I=OTKuI?#bh~v;VV#dU8ciJ<1}CTribiHSSc9SjZ&Q?Y%E0h;
z<ca~4f-^#07IDFld$%#T(zw~UQN5^Bb?8lXC-nFqwc+oM%@#%Jd_OWHLlyX~tDb^_
zC-U@Z8Eb!3q^2HSVBn+D)|>wT(UO&O!9fn)oQ5%;Hc2*Um*;@@1qam}Q@vc8jP$Z}
z*@n*dQHlX_r|e)E0D$J3iMs_;c&|x?G-9h?7p}k7JkdS)Fy5C?O-9lX<I<FIEJTK=
zJ|?<lt4M@w`_4kv-96Fa(8UU8{I0`+sW|6lu4A_c3_PM%LRKUbh)tn@;{>iq{1d4n
z)x2gDG4DFs@`9JhM86Ala1_dFyv~(Mi3y&~yx-tNDa>jt&I%;cBRfz^WF6v$eR?s2
z2sms~=*-J97Lm+|$V)J@kZONhP9Gusv8iyq%4e2!_o^<hzd<X9<En2*Ii7cz>+z`_
z=bwP@=GDQ0&h>4_#$SZuj@+5>)#Yr*{83{IDFAAr0kiwy;5{-rsAeLO&TXR+K+SZ#
z$%I_X%T%y!NYt@BlSu>%Tz%{B^mV1x(`YpDwc-DwMeGf*y6(MFt7(l4d95~&TrAN&
zW2e$c>^0(DUw+J(SI>i>HOR?tfo%rrt@b}vuB}q-F+PD$?t^bpZc$+1x{UGKkv>;+
zC-z{?&A5-n72DjUxne5bd^(4^)g60%S_zgA3@<AfB2hLQvkO{5?fIdl=E@W8L7-dN
z(A|X1s{a6YHnGn3r!(Ifhc|y;m%ASpwgVr^c$O^3rS9Hq-W8p(B?8gYQ}d(0=-b>>
zuZBl3e=`xyRejFLF`X<Aeg8o__}rE5kOzf75U!p}Fz)x~VI|#u^b(^eR!?_+sCH>J
z=ZR<X77b(b^f9~ayrfE)R@Xr&BS)vFO}&L$<8C(^1bA;SP@;Oo*t@&#vGBimf5On`
z`MZSAmE^A*Egp(5Mab^(S<Tis*#z!bCiO^D2#d8QBFELdl2Bx@;t1e7sp3yBr&-Qq
zJ4%fppVt)*T57_wpBA~*k+ST~>!tIzFiFx)v+CHvyY}vD+J9a6zeszpu%^Oq-8Y1e
z^n?xqp@rVNQWFTFNCKe=NJkJ5Llsf!B^2o$ga83T5$R2(_ui`@0@4)(EU5p(I%n^-
z*Llw6xy;49$^4#gj`5Cn{NAXkyA4nB?={WRDTa;zuz2ke8k=%)jh@Y19f3qVK{h>t
z<S_kqC&dfBm@cMcC1u01V~qOhk0D%p(YXvBBF82C2dqzHA2!5AcER4Ihi+}bI9fMg
z1Fj|-IFIlQKI(BklK0zu9IT!V2t!n{h<+`zJx%EGy0p;!S5MfuPx=-XF-k`lYTbU^
z+v4mSD@>rO;p+_jtUaY)Gtbm4_Aap-Rcvn52mz^6{&`QT;ZCENQv@Ro16N8vyqn1>
z03;Sx34YGE4N={m&*(E%%r@jJeIp--Ayj9HT9UspsT&d15q>y%`l1s<^8^~uzpLg>
zvJ3+R7j%2YqUyvJn&nZ|Gaauzg<6<wszU^s(@)3s$2bJFT}IdM_3T%*1^mj?<~Lrr
z4Rlob>Q4Rc9_xq6^R!2q!6on3FXmv76ItbFUQYW4nvHV4eUU%5=D$an8jxQTk^Ur(
zqFNDE>2zaT&R(i#bH?J+a~~|xO^cFds)Ajc#=TPyh#OrcMJjr5m(?~iLLR=|R@fDx
z6CcNo^m)xV4%wAUj3L6ASDxnx4bZu|OuTz|j{D)H19J4Nvceu@%Ckij?o$t&tERJ1
zzTo&iU42V0n|O?oyH>aw{*FGKIKFH&s3}!S(faME)5hv_R}e{$oJMYylk&h#a&mgw
z4T9VyM!#sDjasU@d#c@<*tzS6xcyK;F%#c7hdFR6F2n5#<g$sAbgu1EnS!V|#_H7w
z{4g4EfcLg3?*v0*QJ#5Kf`z?BdPrH9fR%Of`QN!-=mvx;$e-LVuGPnkN0&)3Tn=p9
zjzs+ub^3Ked{@))duDqdpkuJ)X@W9E_*>}{K450`=%NVLUv0a6fA36tIq(9;i6SU3
z&l&d{a3`X1IbWpW$vv;MTLvm=eoPWUFoDt(3@E`}Yuc_da0eJp4vr<Dc#%X<numt%
zi~j(4%G%*rF2M=PhCd$O3fCa_I&fNUO@-!WS$UDl6TZ^25r&DLd9|3^t%zd27kmIy
zGbhTZlO-c{&3XR@WcBkb&Rq@Er*&jkO1s7@^~(jml)r~slZeh_k60!#Vh$}Dj0chf
z=p9=+O3S7&EX2b*UCplV=8S%tusV9c*UFf^2h8{`_E7LPs)BAu)qcWyu|^nJT8XPx
zQEH;&w5Iu2O*2bJT56L)`>&#3o3u3$CumE^&YpS+B~INy{=4dsGb617)ODkvzO1PE
z*sd+LpgkK`XrN!cbg<yY^1C{AtiSbMy6(FyKjC76;|^~JcO||;`c-LrKcJH&5C9li
zuk>IkYJEJ1T;Db6;Zo!-!%{QtJj1KNhK$1CG?aYtFeEky&-IgviXqPR!yRm$UtObX
zHAybK_ub0Ld*T3cO(NB|H5bFlQ7Y3c&fe5Mqj~zGRAI^JO;ikB{JgPo%l7Tt9Mxac
zXKK}6A{Ud4>pU|G%mW(cd>!@xX%6UG$=edvg2Oexf{Eq@OxSpX55`)m{kO)Ryi4<`
zwY227z6*cPnY%L4(y0EF<{#DXs1?kvMVv`@0On!C!8hwq&TvO#a&!JGwOv?+40n*s
zInUOGed>y2ItRJG+kk!1V_xvXSn<}jY8BbHgLLD|II&&FhjHIXm>Cfdv`Sm?TrS`r
zDCFey#Yt5v4=Q@`K6vN5Q$^#BK!%O^myjER>WwWhu#A6bT2mp;uD_G~k*?bj8>b2G
z>AM$$CMFdGc{(3@=O`kn@E3<vwA%qXm_-|l=B~_n8jIN51^`tL0@0<v?hQPX>H8`_
zY5P$|O<p_Yc(B)WhLfq<xW-3dyQd!3Jm1<vX8o2wT@;qY8q)DF15ceoj|L-2`^f;k
zq>nP@Bn7Jvsz;kDX;}=aE0|B&?tCZcEV$b8j3)f(wj!3E5xLhQqJihjN>V+!_nc}C
zbS5emIE#<$v#l4B33}}Hit}xT`YZ~JMjOY^4%geLak)eI*988{&a)A9F-}X@<A3y7
zOB~XC^-YD>&+KB|`98vH+ULn^SzLy7l?-~F!oXYT2#<8<Q*sS=l@S|MYpq{af^~C=
zRH0czb&`PZFD}LBHd@H2(JS;ii)?~0w;82d&Q~5^Uy=chiU+TG;y>`x{?dAw94QT-
z`|Z0{Fj~qTG<leoDEVkeGgLeRCq?veUWA<{iWc;ibQ_7#>uYQ~vttLERa)TCrOu<#
z#tvh7b8aCKpIA?~X>61NaBI<2Tep(TD0w}#J%hz0M<Rutp`Mc6GkP!=Su`iUi<@Aw
zEj93@yV9ZllU}wWckY*_0tOq6QX|bXRg>{A`PhkI!!3si71cS4KO$>gb=bYL@M)V^
z?P;0~G*w5bn}PtlP?nyskK4Cj=@-dcPsLJ@(EYk(%4L9=TrUvKsI(jnIN#Xc$adKi
zEAJXvnt91LP~#;K#2Uc)%R5hmv{h?3Vpk#!uG$X9Wui}?Fw%{yFVu3TmscK@Yg*Q1
zBaf2qJ~K&A4r?ep6o(0kY@)uBQSw1jSx|!A(M&Sb9W*IqFtYZ7M@{eeJ61Qigz1ca
zm@2IDXXW!xuNcVt-_E3%*<E{Ln!EtlHY!S0i!aau0Cei3)~r4-^tp_b4<|L#ymTGP
zTl{&j%vW^CH&UT+NN$L&E>s078$|`m3j2x*x0@RCWRd~4(2U(00M(ma{e}XIx^{1t
zYOm#wMUxz#^RDggg`~U@b|g``E%-(o#JxswfP;{>#_P*c=f>%ORa7?ur8``kuRo&0
zB3bXYWg3vtrb9_3{!rOXrjZ-7*)HA|+=kz3``YhgBUuI2Jz_b{df$BDkFxi?Q=(G~
z$^H)@m?zgHhpqU<Z!LP~R>sr8Uu1WJzBM+cC3#-@91Eygq84*^UB%f18yC-JjqSv_
zKX=@L+yd`;eE^EingW9Oe?oJACinI4@}}tCwWcF6i>Y~El!}AvNV=q*H=e0QIH)I|
zCOjV{y)2pYO7XhQ74~Xvin&7cZM4#ySW(qO*GS{0)j4rhs^%GGu|I+irAh}EBIu`(
zm5#6(0jX?-4RFQJ>AgE4os^|d8~XPNQ62%QhIh<UJ<-wF=G1`vk$V!m@~zAg)dK)F
zU;iGmuo#p!b4HYC5MY}l*<ez$E)e=mn#Un45~WV8g8mbA1qI@0YzGuOoL-l=5&W{_
z9uLzBF*5SRp2+-N_}uu#Lj_5DoY_mTdMcc$T#;&HKA9Yh&h4e!fI3(1%C*Ucm5yI?
zj|!8%1(aX8DV+to`^Xwg89ns8vV+b*LaFDjWu~AfB5%OeJomYKU#0reWytmBZ`oSj
zb5RT9&IAB|3$As`A7P_sXcj`M@mbKPR6lb?l2*G3Jx!@p3G-9)Fhjm&Wv>r%@jbdV
zaN0YuPu5rR9!-2Vs59%3d}L-m{TLabDxq)ot+98884OvcBz^CL&8-grl*xweF!I7+
z%8XO0HM23(cg5d5a4Vn<y?aS%I5EaW;HS}_oOZgLjRkB|db!2Q#jXvQ=rOMAi<JoD
z*Isf5fiM<nXW>n&O<aaPUz}=*B<m50&LhkscRFWtk07u3d@cs8$j@zCWm2ci@i*Bb
zWJZp>0qKZ`N}XKK{A=#dm#^W|9sPJE&cfQY<>TkzJ@>_OZOhEqx2bC=`TUf64(R{<
z2e8U(YGyLw65LWb-qRxdS}|u%ntzOl12y8H-%O}kK)z{a(@DS<6{t33+kx*KL>}Wg
zb-S*iEn$fVmPyEDkAo9aPbBCedBb;1F<%SR^r4zotUzJOsd-=u)m_a*5S^b0?C_77
z<u4I6#d!}Sk37|Y%;pwnu8(DqQ)3~wNlYQ6^cj$rgM$T80f~ok{E&--+?59p@rS`i
zGeW<0+{d%rHFEidkLJp03A~cc$V^>Z$me?kRJG1m7B8q|gl*~Of=9V{<C6PYoMb_Z
zo<BUq8^^$DXTKk|l;daInWn(n52ULfM2pL5GKcx}{|C^MQS2a^je=BCK*QW8>rVgK
zFZqwr{Xj^Z`OTeW^=JAwE@$Qoal=2;%*WxRO)9j(qZBIa(W+U&CBr%4ujX1Q#X^ro
z?Ou4>-|2Uk@-eFv@c&oN_-{&tm)*Z$-BLWa^hbHpM{{wkGAV$%pZRCmuw6PZHs(J7
zTZq7eS2xGN5u{F2MmnN&Wl<%Yey4xzK>1b+!bB8utHT;@#!p)^u9GqVWWV{sFeDpB
zA2vHk_R@cFgUAK&vto%qobyNO=$ET+fXPr6<8+k#F^chQIW&lNS8TB4rvKp4!PVGq
zTDg46)e;rOhIia;P{1@y4v3OZe+6jV3(j|HvpSjCG4DpnFoaQ{CqbD{2yenYRO)mc
zob}5BgT0ALN8xt0`VAb!Q_^w~jqjah{mj^)(jM1IyEyMjXKug^3eFS&$e5=g<jy}+
zpR!zEmGaF9V#2W;?TI{9`PGH3Ix{c(D%xotcM+u(C_DmsLSM8V39Zxg_AS23t2x-+
z#-0HRR9BYh_gwqCscI=8F8M0vU*rbl29?W)*YbVWgMWHt-;YM0t<an(n>6T6)YEX|
zDSUfo*!WolpL8GOAOvpiHd1h)tbVta+&Ov@^VsG}ECflY3a?g5f1|bdxlmGSqsB^j
zrrKSaRSd2|bP^1Q8Q1%neld!c4$B!5)lz1p{k3v{sZOh}w)#B2e|ca|_zbIKF~pxi
zxT8!%+@xiIMBnY_qv}7y;wWZH%wjqYF1WeR#l)tg<5Gcy;*^jRR_$4Vw&%qdvVPr@
zFskQW-#z^f$3zqwR;0}o8{3-|bQDsn*~29+(6)$yA!gn*N+|ar^o#@?e?YOuP$=QM
z=rI!S?I+GUaip@8W^5Y7=bV`zU?FPmD<~}x;mWkWjSkBR+;pHD>XSDJ33AWooSgX6
zw=8!k5Ge$WLVZcjoBXeiN+gnNk!%s8(2c~5rzY!U0B8ZGtG~p}V)9-`Hfq9kHR>uq
z=~0M9kn?9D&}J#2G3ybU(jx_ru?Ewg@9_AiEma$Wmp&h4*=Pd+9+Y0`7Ti1O@E5k>
zrGb)VDW)_iKI(Z=_R{@)Lw0v%eWN=eG!t_+>b7ZbJx3)e3ewF+lzh^gb2FWA2gN1H
z<_mJq&VlSBV(1)QNAM)cWohfm|E9zdE>+xGDSwounhKSb+Q8aO&6)UGy{e<p0O?^M
zMPSS4^W;xINQG=)vi;xuwt=~nMYWmj{|SW?4H3P%UH0O!{=Yh-4)^7a52Xz4&lsev
ze<RO+e)%e!=&Ypre<XKWXLi#6*57IWx9ctU^8a|@Vr(>3*;~^8CLBJPPW;d=WpiG2
zqgpuq&b|<kJ~hnhI=1~&H1+L`W3ugU^!H!sKXPq}GfrY4*7nLJ1{V8GDeH;>+g(|Z
zZOvLUu#6l^1tKiSF84a_2=iPq0;aN$8!HaQje<Y=3{G4!c|_wsD*MM{WXq6k;tL!6
zqQ9NC_6!|JpeG;rKqL*ri@&Qp7H?taw;xQNbD41}-|1~hr8z>trkzS#^pa82;gc?t
zZES=kU$uT^^Dce2bVKVc!*bS(H>|mq%GY)=6j%+k_t@28E21GmutT)YFVYcag?|vg
zh2l>H0wF-wN#mI}EO$6+onGTO&3uMJxR|&&d#h|rnyRTpnwJ<#@)f-fjq?eGD<(fH
zA&~YzG?nZh@1nzFeL>)l3+gJ(S;Vy1z=dbEE%mxXas7q@j24H&6TODQxWbJHeUv<n
zApfW{1B5!V@A>yM$H%Mbbj2rM#^kF^>D~REJTV69<mDdHQig&P9V1=IGHSkodPeU8
z$jI*JAWH%fFudTJy5arW8Rp+HtDHj`E36$sWG7?-E}33f6${s1PiQ<2>%XAp3iKld
z!vFvyz-<<Ew78C~tDW1;mD=zkhix>vtniXaRJndO>|^~(g2l-Ly_x`1Y#ODPf4DC7
zC`J`LAd9}&O-81VtgsZSX7bb@|M<l_q0mplvQbpd7z;+4l7(@!YHI+5m`IqZTV-2i
zV!F9&{XK{Qo}u_U_CtSTC#M5**IQ(#+fowxh*Mnt#qeL{3N@DpX|DYA-+dWX;s_MW
zYMKb=*(4$lxLP@wPraF5Qu6yy_VW+Sv3#~uJjXdFTUwS5j523*{d(U#+r(HhJreF(
z+6l}~ApBQOiw_ojhCk&wr3bh=Gx_@?1llt2B`_pVL!H9JvO4p3qP)$n4ND@-3=+>J
z=MsKXP{qYZQR#${=ssck#*m>e|IYb@&1gmyy5FhJ!e(JW+J-PxrX6z1Sl6FP30)sN
zyLJ(cJdI<Bv3tm7H36>}wBt{c^C}0)Ri@Y}V)+1mY(FiC#P}|xhM;NBRqLkjtqSf#
zNmm>HAr!jnAvyAwYk*^FevwO5hfzuq&gm0GF5ehWKmprD=j6i3LDVp`niDpJ5(Eaw
z&j^$RsH!_HEy?+jxN}%E7?+PWXnjgUFq(;jUr5K>u;Zl62tqRXU1E;PvZ4u5N0&>c
zIcv>IW0ayUS{<IflH(|WJ$N;k9?CJ3cu*ljS-gL(2+Sdp06H_M)bkZp-#NAG9d%05
zX*Y*X3X@Z3p>NU}Ds?krze2^b&FS4^)I@GXO8#`!`R%(aIz_oNb<k!ZW0!UNFmwDH
zYTLB@*O+R9*eq5Vnl^+p$7ly6%J)nT=<r59V(b-&=rZb>A&Wrqd>^tup3{m5^=o^n
zEX$lg&ED2#z(&oJXsEwOss?XI<eD=V0H}af^Rm?Yj7SvYcwkk)yucxy=hY#4*vaY=
z;#6}$PJkmC8w{QX?zj}Zyqjv>E@0Ef(j6`Pn+VA1X(QMBP;K+Zs;cj>7_nT4xL;*q
zy(Eel3tE)2E8*EpRkv_*q;ObqV2#kp2=i6iBTXJ0{nBT5%WbS+zwLA)<;k@C4B7mn
z(J8{Go2+@I(yN<zH}<#!GoJ;WVlt@>-P4lc03!&{IR}YixGxDv5`Ha8_^uZIFgp=;
zjETdTJ9E@hRV&hzIyasgP4mNW!nu*T^tZz()?owOp4G&(5H<mg(*s4vXJkqIUEluj
z*GGQBUcdigZYTUnH>Z|4#5MhABQ?k{=8qXb$x=+MSymSQZV3|bPTi{}t6IDNjmWJ#
z@We$8IMrmk6*v9emG&jJN<ODJ5?Ybvrzw4@h2+EXF277-e-|F{QuIP4EgbT1G4y_j
z<_Y|WId3&A`S>#YbaUXJK*jWd|GV29e>B~ZL`Fv06pQ>jg0)ZAew-Xj6cl?1WrsQ!
zo-N7^SK<o&3QQcpEu`QGEfL^JWb_a^I>$rbVqKJ?BvC)`Cz4-6vbTEojlk3URby3~
zntnf$TcvJuU!6@gJ+C&c)vr2u6o218UvF+n$um!_`{99spwnjY3eod}Sd?ruxUkYM
zj+-3iet>0SRQRHwbMqEfcRS@#h1xwmmS4Ow{kOIjYk}Xsg2cW$EpCam+8zm4Na^wM
z679t@230b4L0r%EAi`=CLK)oZI*N|m8%jy0B8z1>S71u`zhWrh<w1c<?^%^iE~yzV
zrE!(a3dJ)j_K)+?2(o4;jYfgml0r1@Rw{Tc6Q$c9%SPJacA=%#h&XP@z6&j17Xbkc
zOqNQ^iomz}X*wp-QCfg&`_$MzNosf(lQkhrqQ#l-wH^QGS}%_}j>*D5I7ovyKk!$e
z5Y+D*=I~*Hi}9J;g}Eu=OggsAuD?UK$_Jfh;a395<Jq!MxV7aVv`py`3jKjnjtc=)
z=0ETA?)F3CGhD_ps17=6GnjxxUB+Hssa~#NSI;UfcY`^V=Q1@WNcl&kv>#cbUiCxI
z1ZQAX!j<0<sGGZj<P3oj_?P^V<JUs=E9Z-boqvk6CxtC<hHEzb>2DBCG%MPo!wzRR
zD+y#|ceHe6xO}SZDicfVPz}`|Yy@<Kyt*fTA6CxH<0u^b7j46^@e>E!WNYD9s@=3)
z$rfnTqK)ihRAtXqa00GE6F=-J`QAtLVl|La{HqA#{#|NRx@o_BV0?&JI}-@J9!7J=
zpl^4C`h>b>5@~Rc8SA5g))}5%Om7+Tah4DLcqfrcl*!yA=O#EKEK}$8tZE_<1w6ys
zURGlcXnnqYWvtSuUz#UM^f)PCBl-255Z1XuIC1uEmuMk<q8XTOIC73Is+6)Wt?sc6
z>6`glqnNt!QB!{Vx`m_Q838{YM7Zz9=);<T#E1i2h16C_luCG*?rX-<Cx(`ZhC*UT
ziWYfv7Ty(e9l>44*MnEom<sOUHf+i}<KGFH-BP)@97a4mPB()r!juuPY`FjB@N4Pg
z$IZhwJMZgkrzO+}(?tAN*wgBM%~=|#c{Qx(<b;V5Bb>+)@hROv3ehku`jdago6U!c
zZpN#H<>g0LQ}k7|V#4ND#CA0&3IGX67@!{BrM%{NHeMueuZaA_%eY8bButur^UD%B
zLNxo9x|+K3Nus>s5pRujMO(gD4XS_~7>)jf-E!NmKl{vFt-Af-I7Ilg&po1@&GPi^
z93ztmPP@;=2~4gQLn^T~Qa1n_?kGT*aX<*%NOE8pRoJkB2SiHpmE^SYn6bBqUn|<R
z#wJO<D=#jkD&;U@AL>6f#}5KQToQ%&we)A`$`uH6{2{Z40jt)m`|s<u^hZ04-x`_6
z5l@CoMzv&ew2GbM090`&E!&z>j@X#gq7$Lugw(pjiSR_L9#YLnOO{fBQnjT1QJRTf
zcs*}w7_E1jnJ>w8C-scr5)>2c$8~{`lDhp_GtleP%xkM@myKCZZhR`uJPTR>&0!|F
z{kGjl;C)ZaNA-zzuZ_>H)}62fzINKYssiPkW4w&yzv|Ws9B-2RUG1=VUx>5iu$GI|
z(u4lYbyHu(|KLjq%K*%<rx$MMRI*hZeg&c|e$3OA${9%nDc{w#thIJW&mDBXlG8Bu
z?TW(jv(9XXVMuz+V7qJ(fKP6B&)eYixSY9yRF2xLLe1GvbA4qCF~v5!{JC;eKbJj(
z@+wy%076@6?l`6ZvT{B~f;EPgd~;|h^t#W(`vrr6=}gNjK?a(Sw2yY};8ar4ZFo^E
zhy+mZGx_@4+RNsvhWN6M_DTzNay_-H#SY14isI&8!TS9g-N96WM$%^A0I-V6Z8@qq
z33M4yP{sF*WW;AG>n~<LMDiu-Ycg?I?k!C4l6|=H3pH^=_l!Ab66}jDAV}?PQG*e}
zfW7BYebfV6@g6nSE)5<obb0A)2KG9}xqQhZ!R@TLls6o09z*zcS|<)!l_$$u{mksN
z4$N^>G4Q78(aw;13)}IDcc}aF;(j;nGenwqL@78D&w~<kHKGyr!a2d__<*j!?Bs6#
zQfKKr+?SgUK`=bg8Q{#`{l7@k|G$GU_wZM-M31K90)<TMkZ@9<Y|{cxPql;c5!FBd
z3&gPPPz+8Flw6d_1d92JxyfXZdLM`U56e|#VA9NnVdqD$hWbouk3NGXc72S!Ouo;k
zhUB@pR7sM|3fy3GEg}}KWi+BD)m?(jrFE2jFLuH{iVLZHZerv8;N)N~yK6Ew{U+!(
zx>2^==wtP`gq#C~EAyT)Sy2ZG69Akd8}?;gOLvCk7o~)1_-fVfl$!;Tw;mhV=f#G@
zeR(5%jXC9y&L#5C#0KTW3LfD1<Nd_!fEf|KMkWyM#?bz4e7eyW!pFCX&QPoW{^v;f
zU!7=IVDEXMD(efxI|e4A`L}755w!02c$kRvW<Mtq=P|N<Ima*KEvK2FfPIO_O&*5o
zqvo!&)EhXJLd#St1io~!|Jy}|76FuUm+y>`Aw%O7yO7YhSe>=R=Jm!BB)f4qtXZIC
zUu<6<nvOuUK5u*N%)z8>D)yk)>+AsxrZk4Rg;eB}T0?}Vm61}+KgvuSKVR9jDM**x
zOw+2u=eek~9Tq%*1caLpYq7qMf3;5)Qts-C9Qb*5B8ScvQ_5BwDl^)#?N?twMlh@h
zAGk}J7kFY)jq3}z3wA)~qG)giX<SS{cxuc?p!HP5;)3wBbICL$-z-%}vGRRLsR3b(
zsnJ0eCk_=-2?y=y#>y@$i$=aA8Bdx_T<L3k-#ELvz<7&i5xsYr?rVKh6^DMB@>k8+
z?Z*3?#D%z#K<Ni>D5#c&9<24<%f~Hht~z&k)F1n?_I}dC3BTP$4oIwRkG~K$-B<Q^
z0_HPT@M~*BxdvGZ^LItmYzOBY7b=%HofWIp5dYqU=<sw*8gCqv3&3gO$qrMvTMfE_
zVW!`t8JHMJn8Utijn-`TdUoAS@A&apT*l|Rbn3MsG56k3R?nEv{m1o>TZcI!4&G-T
zI-Ld-ct4y}Ho0UTDY)NBGoy2YK~D72aJX!bnj7>RrBH?^3IaoP_=KbyOL5D6CJx&t
z{v(|81-im#)y*NF@PBW*6B^evb=OR2nKMb-IWuqHEPtq6R%#*!^2ao%<ucpWnIry5
z1~rd2Vc-a6AJvY8dCAQPXTz}&l$(yv8#0p$DXq7oD<h-!5TH4jr_X`p!xs@7|N9Si
z6>0peonsj5I6cX1yUc-!I1fr$BhV?3dN^pdINri@TiXG#AKz+=grJlL7Dr{%pHAkF
z8aG$YJ9Qda3VOS~>A>Ir>}=7bUZGguVUSu{fNVwG@Vv+h3VQ%UuwDLnSTxhJGF_hr
z_~U%$GrzWs0@FHE+GCd#1=^@QiNuel<G7L~V_BbFGr|ihA~s^+UJBz{XugY2O5jbU
zQB>IZprmX*SMv153l7Sgk(P|MGW{a!X_^ZraY4}tmw$c`5xt{+CX*cOFW>k~%&ln1
z(8ghxA;fLc8Vq`=@#&mtdl%D6QJL%4>?2~-Ps#zw2xKDRWujd~4p<Ip77+cq=k9##
z=7n1yRX;RnmAS`fvqFNWn^WIekw|3)(Kx(-xXh~L?23-7Gj^Le*VEemco+ia{O(bl
zSk@u)5XPY|8%O9cu^S<pFV|~54XgZQj~4+fQ=z3&6S3iu{MU+|A9N0C#SNv^Bp=pF
zS`+o*o#`)r^YpP4D0!ucKpYkh$Eetm&S0Zd-8lMf6eG!-gO7>PY>obe*Ax5Oeqa1F
zp$DGZ()mpKk`&h3F8+&Z#knTw5P3N*F-8QHpcZ)C^t0`l!fNQBBg<DFis@EtD|a93
z00~JkBZMVrmGT_5){vzoJaxzAHdITMCai4dBnq#k8ntIz4izlUG3>|6n>0T&(#p)s
zM3(ado`L)4gVLhYBnPDoDo}m%1t~acq@%JtfFK6$^_5`&ku)l}5<-SQ%1O<Btah?1
zR5#^X5pU)g<78&uNnkIxYS(=a{RE5ptN%zM6^wNN@PW;x`9vKLn*SP`SiGsNQAi$w
zmUeCsL(p9j<9Wk+f}iT^;qsBYYh`|vS_Bn>ADbUl%8=Bc;!hRS=e03?n57y<ofO)7
z*ZNiIhG)}?T48*T_Zvg*MQbAT7R9Mi-YAPuVgRz39kHQ(LG}C{&()^JkzBJUU5GFu
z?T4gXFlM|l=VFZh(+tjxT3cw`<zq>IH^3KcLb2S_9u@>eb?Q`9GI*(BL)_A=YQ3ui
z{k`t3>uV%vMI(~zilG^|?`Z8=rtQdh*>eY7w9>04LJBJX?CxxcCFrR2R{u53oQpG-
zX*I|qU$elbSKd}gouKdZUk4k}bP1$~30IK?^F8M2R-PJNUF_Ak>P^*zwd(TA3fJ5*
z|GZb*t9m^@i?UC1f+w~=WnwYXtxTnQp%EViQ=SY^H+HS<C>nGsEHTtxNv-cgh*$PO
z2KY|t=CvkMnF(#3<|Z48oENm&h^JVP7eG~Pa}rZwKO+8OCSUteX7-qJRfmoa-&tjR
znw+O$oAh%^J@Xy4cwsFqxZvbt61kX9p~L9+J}+M-JBc0IAFh62aecSu|98OY1@)zN
zwfoV3jn~$?9(L5F8TV2^Dr8cOMjo@!<ec;eGIA4p0xR(o{m9ANjgOKZPS)%laR!ag
z7`Z!|0ze&Z<W_yHW!c58h--<IcrCj3Fy+_}_X5M_$#)fs##k(y=a(1mFS9%Y`_lw^
zjuxDf3x4G27A~>JQ~$BN+aD5TL>gLp;1mB5lARp%c$VBuuUspoR@33>;Hg>ja63}9
zBgPZ>7PnEA-%kKwv>6OuGE)qy)|9v>g|5H%zNVVY=ATh}`ZV*s-fatg<C+C<R29!#
zw}oWYLSgJVX~lY>3IIUYN*b@<uS9aTx{~wQ{p4<T)q3ssV}%hrg-S#Dq{qA%)MpHg
z7vc`t{b7J7wmzPR)TVFi#=R~X?j~)y&T@R1mMQRg)n2kWZdAC`6MV@WShUdW7?lXm
z@}^QYnG*BoZp1jq5U_ky+|_JOT+bJbbo(55o1cwu+8(u7S9-2DTTpwnW+uS=w^M7E
z;4B-(Hy1foYPKr#A&EH%z`X-KTT6MIpr(q7x5#0w#{7$g87unyct~@`Y79?Ts7aFq
z9HjJ%jsvR_+L5kk62@;NreT`4T=QG*O-_`i1Q+(hM4GHy+o^}YR1I1p0$@o9y}uiL
zjH+P=)bzY|V=2_3Wb#v*CfUu8^m04}@~UQ?AA}cuy?dg!XQO!ZK_tQ;j!73#)uSv3
z5)|QkqFnwKCp=J>`RsY0d2?N)NeSuOx2jdG=f8NA;3__+IOL^;=p+UPk~$QmO4Vio
zXlctV_th2%2qDj%TV69aq}vujeSS<lu0S8BG&Ko*DyzXZ%AO_krCCGnK8!3qqtw$<
zg$mM*oo4`^QkHT2oTKw1c;?-MP)pN~_OI$VrhOyJHg@m#88zr*#EQnU(7@H(xG9qd
z_Q-d<+vyFZ%T}Wb+Y8W~UUCmXmdx*NPi$IeLi7tdsh+46Z&@PnR8Po$;yl7Kw$(uz
zY60aPuXvoQhbBBq9@Tp0C3tnHHzY<XQvFI;5Tc0?f*?73h*2TyL!>EG=F`G^pfJX)
zz`&<DcW&G}T*H%@##oQReEqipE1!gkef=Va*v4iX8bnic+*(I^9*%w_r)Lq|k90a-
zag>SWMf$vYJO?LkPriN`k(*epU{Kv^Tz<ceqN=Q@Tf9*I3EvrC4lFn}>{XbX>EPXq
zmZ-zUH<Jx^O+_WTqln_jsD4~ioIzfdKA%%^ul7ErZ9n5WvBOF(V#pvs+N=_I@cwnV
zmG=9*K8w|Q-@k9uicpjWYRq7iYIhP`Au*oZf&V{%fT|I>F#1z^N%Xz!)(m&WD$bf$
zo_SB{lzw-~e6N@Jt{7LG=c<yH#46Z0tAu({LgNJHicfT;*BuKBi`Ou1S#KVEZ9PY6
z({2afIPIDcDu6Z{yS<4lj;9aEB&U7L%*+T<`d4&)3;+tWIA%+V&mUp)UOBtsou(y}
zh!Twm%X8TQG`!1s@Jp~b&JdbPNl1-!ym2Yqy4f%`tv8xiR9Q8yqt7|G^C7btvo<?m
z!Sx}Ll9r}PjaIualXj;z%!Ei`zLiF#0!FXpwtGuWPBG|9Z=Cff9`JC01f%-RR0GRQ
zE8qL%XN(pD*lDogVPpW9^74!QFV$kdowhv&C}>+a%QAhmI~7*n@bEQaED$4<^g3?U
z5-H(r=XA*eZzFx7rz8)j#LfK`ZDQQ(0y5*@Ojar$!U_FlhJ+fzt^lK#gcF-DnmfvN
zv@S1JMwsZy%>=>gaO1sOCvM5&n%wXnG3Dzy4RhHoYA1)|QNKY(JJw}Z-I!{NNwdJT
z!&KCkWV8;Apk=BFIU_VXw2L{QirFgzcLFla>f}f30s9ju=kAF=xl+uBFx_*_V?o*B
z-O1rTuB@jt6l!pzLD)_4!3U5H30lp2T`3{3118+BHkj0wc8NTnb1P;(Mv2l^<rj8F
z$5D!!8^MKW;Yvz>0!gV*M<Mr!bY+J&PQUZqE>{CfksB|-iIL8HmuW{Iup1o@!GE{7
z19%y6enwT{XjPma7BDO+JZtRq{N5br$p_>01yVzgG?Y7AL!zyyxZrN8O-dyxCR5Z@
zG=u;mI<dpd=(&9OI~yBHhg!e><oIIr(f_sOgTt<8qVxV~yEf4oiFy_qCLUHL@Kv#l
z7^89l%jz04_E=Ic|4{&d4?<c`oAk!QV<9BWHZ|B|FJV}Sae`e}_`veb{F9B*70E=h
z!+=)4b6KReXnVXCo<H;I9>J<IVBcmV+vrl~13!<o+rZHn%LuhqdixEQ@Sw@7AipSi
zkCd8>(WqD_K1e#8VoJzX;(d~8RL=4GItY#FC7PAGSe5w!G*yRx-DK0JLWUT{i+}dt
zfPvHt=z*#QrQ~Xom@oIogujRG)Vy!yC$UM+DxABYE}C2A8<|*B$f}<n^0h3W#R#!8
z5ezgS7FUXg1FBv>A)#x~G`W0iI69b%DPP#s;df2RN%Cg35LKe8sDWc{xBBMZYj7i{
zstkP~7av7N85iCtkDDuWkJoE`MpGMOAm(~9-X&yW-@kD&YHGrt;e@9MA@0H9xK9Du
z{N`8(vVJPDxMLC~gW5wg9n<DCO{AARO?&(Onuc$57`K@})`BE1DA?|cPAvP*a##h3
z3cDi+%8pN}prm<pvfE$hPxKeMwh-9={v<$8(U81uNM@sN@!L0pR{4k~Ed<6E8gvVS
z^T-$_n1Z0dn?ZE3BgtyJ--)PMX(y(u5V`ybS{akRs4r;^aXIoTpzcxR#aa<a=+p2{
z5RAzU1cX|vld6AQq)M_GLTcxD5%F~YPHkuHm<59XYeqE*Wwdo?M2_7pIF*l>pQtSs
zpr*Uc=R|IZY5H!tyR<-|SgX!<@Cc)r$eFB%Dgo8qr8vE>!lo5K<BAsZp~B|2o69EV
zj`ahyR;+aB<F7-n<FVQNCE}|#m5X1*t)81UD<#C%HxoM=3n?n%1@klRi$w@COSzMY
zUVnB1R=}#ho8B6`dpY6r#Jde?@#r@^Fo>5<sq5AeC0a1`Kt<oDq^<Cqnk;Eba3%@U
zW;dnmmkvYXn?g^Dbfvi;50_3>!|5C(-;SqC?HAnFdkZLLVU}>$!#WQVbuxxi!bC))
zt|?YTD>$EfRUMHRq5TXmwPCxbZ_2I5^ljJ50kn%-WSHP@>3pvpNU6hY*!w<hIReI1
ztoIfkRcLN}x&FaaC|0PP!je#CcQcRY;Jy*T7F_?}zFG2X5v4cox9=1UGBNx5=lJlU
zb|~mt08Fo^@{HGtT}>jW39eJ~<_J>~)hpn+(kAp69rO7rOk?jUhR%q!KDl7iKf=dn
z#<J!h+IwT{Jx{+&1Xa+G?01-$2@f=IL>O-AKON2d$04Tz3M@$E_WqrJQ~PqtJ1pAC
zo3uZBRof6GxL>(U0%p-}&__9ybwJxhGwA`QeBruJc*gCze2;WJ6rS;nEq=uCM&(Ot
zX$uUF-Jl<Qq95T51<|=K-9!lfk;qxpo^c}o`z=1UpjGQi&hQGgKj|Ga#5b3y^sM@C
zUpH<#Me}ntFI;DOi&|X9A@tsDN{x|JS*A^FY*nvfO|xZCg=PJSa+M#aTiM~?XNK;c
ziQYcWrT7|?+kAWWI<O?Jp$IyYdhR__l{j_;*_mu02ym*&_s3_o>|fLG<WmYxNJzVH
zmN(c#fnWq@Vk4JLwFZxd&-vzL;30R>p(U-7e?&QPn<($bkb70eO-hcv&8qQiX(>`=
zPT}9Nl|6w6#Q4tXR@2@98lj)lw;>Q8(od;1P1UB4LiqJulB{@*7o~K)?B5T3#uh47
zBh((W6%#8UK!2t{G@D;a<jgWHfKL@pC78eT<L`d}z?Io*rE8X}B-3X+9A51`I$b%I
zCEOqN;H;x}%zWvoGIar!-u<LbryBe}{JuNQbFygYs0ptHg+)D=szBatN=%c?41V6N
zf``)ri%<Euz+^#;<095gKTuxZm8}up66oi5jpnkNm39LE;`C~}L_g;IJxc4O5!gh_
zCN5hjE4>FeY<V>(S8eR))yg|)yjFW(-_)zqAC)GxB3$z{_Yzsf%`{sk(<)QFNTN^l
zaWf?=B4<jb2iHC?dVD*);Ha{5@zRaeK5*lfoSW%uirR<st6~SgNJo8GlH4u|Wn|b~
zDc@6*@PVi<qPjKi81Bveb+AOa?O4M-qT34;{4>h#^|DnYiIcC(1eU^axuD>n`!to6
z<RCs%Myby&pWdVU^a5@-uhNgyc{y2T`CM&Ll~Z-L^rrNy#wK_+Rh#J1CzLIDV!7#^
za$z9Ta;ZHL&F7Dec0>R4*%9-&2?a_nS9S{oTNn1TMwU^}a4Kp=Yh9u+wuJkVn@Ju-
z;3H}8mz!ku?>P^g`^t~Rs6k->Wu|YVU943eNhJj}N$x1(`3YZ`9ww0aWL>x$KnoGi
ziDfkGj^#CcT+7?0`iHVb^jn+u)O7Mk#rg!qKqw*gPuuzl&ba`9r|@owMe!u7|K{%N
z)>Zvfm;OkwC2P(97tO_7$dMlA+@hp58E^8}e(QVPwq}=p&PZ-voM4)ud?bhQyk$<f
zpNjS11JyZ{he0i3+VzdX@7f3G<|93~N2?J#6K1(No|%P^W{5;C6+p1spN+X-M5qnC
z#pleh1eP1Al{+>rF>5(6R(-RcD-)}5ltaA`R?97jd+wKE<aPuoD2K)?8#>CcJ&|6b
zK%wd;59N#I0=|ZSMrE|Nc#W_!SZW=X5x===;Z)?EE3^4|qJp_^21)9tB!Tmy>VmIa
z@B4`+sWrkT+KBI?knBnE&=Ys0f}AMM^_6<EL9Q;vAWszOtO_F_aA81H`rR|OL>j`X
zTe#};m<qIjWCLoFYUFcV40VeentcTNca{zXAYqOLR&Eu<?gBG<0RnIJULZX=*~dqu
zB}U@QY%|kku<guj^t3neI~qFNlYC}WU}YxYtJttFS?~KxE#q7v<9L_c=DoC$uRS_o
zJXhGCoA?XTA6i-(d+^QsZNBepP3PP!wvgQ$a4@#fe~>XOuX99Xkpu)S+R_qx2IZ?i
zRwrqs5#E2md3&U@%$BaG-7I)xW@DAbKV6=ngL45hvb>sSlA!`*;7RHkUX9fU?<(DE
zQq&OpSuXle9aw8K-dOvtzHEg*!Cm4&VR9oamPOmXq{oFc6)oo~H<B?V8tXM@ve7{-
z>!=hCU}6GKI)&v#@YkR5Hn#-_yNj<}aGvp3&OMQ=deoNm`n{e_dUKYYoRTYhdfZTQ
z9&{Q*PP;P+LBJ->O-vyrXHm-oTq}CaFQM_OlKOhh9q`WgBL}PA8)O;gx*X-1vbUz?
z=okHQuF&%x5mI?`BcLgO6y(U$5A^<DE}?E^A4`fra}fEY4#8EcWV|05mx0%WhEXT-
z@jgoVyRPz2>c8Msx#<=BWdWrF|C5M?zA!t!i}>^L)nD6O|Eaf~FZFn_SGR2&FET%$
zO?`A`AN2CO!Sj>+zx4nA=Lg5R-yiD-dtBG@N3TUR2QvRTerTj^dV!Vo{vU~vyJiOe
z1}>%d^&YHeOFmt0|8@8EC;L9`_KWf_-$lO4Yu4FZsC5Pwlr25Rn0q&3W70BWB+ikV
zsDl(lj7*DML<wbCnteQy<VI|bi(72UD_MyzuRW@TzK+Z*jAwJffF*I`w?*nIb4So{
zeVRxawTL@Ca_LW)NUn3Wst%sNGJ9+jv#~)CO0way$Tul0;ZH8ho8nMRvXc?$v8BSf
z$%04$d?L)>0V*Va#5m;@ZJOF<+SJVU(5xM`#Ob|$i6|DdoZvqU|7@Vs*I9BlOiHGF
z9CaeO3}tDXNuXHuz&#2dc6swTwU^Fi_)XD@#npv0DIi_{v$QwC7Efzn26Mog9G1TF
z^oL;tEz!1c8X>8^EshhS#WUei^l?Saeev|>FEF>L<5zt`g5iQGrY0*aw|Pb;aWIt}
zL=JZuiEIl4(`H(w1+&TiL}<y=>a{6Q39CxC$9?aaC-+55^9%Yjl<i(rjYCuAzHVHp
zuxs;gV!b*_2<g*#EKe4Wb~|`3B8hig<U|Mh@)R2b4OAfOSuETVt{Ll__QL!~Q$}FS
zwyM=6kqB)}R`A*{bV;7A60?r97UAf#%zNi~%-ddsX0P24uH+!iT=gvTpQIsyb#hZa
zZ@ex&Jisjk%+Ees>K%3rc~SZ`x=zB@)>lOEdi1Ey>DZohj`SvC<Y!n8?8)g&$Pgi$
zP9Y(8?%e~t29@}LqkEcby7o2uyB#V)%(CFy;EH{27`cuQnbII#l&<5<b(%5`pElxY
z3^{eNhi({%g{#Q&hm|QK3_sd>6_a%9f7Z~=o?&PurulVG5b(AOo-5s9bsIutcK{|@
zJRg2ct$-jfvRQtF=`R}7Wm35$kEWyY7bc24LRGY#a8uPH-r=N8|9R37{t@fIn`qZ2
zGR^OiJ7e#QhVKiBzQwZToPJVk&||B;uHy2a8t*2V704En#*_1e2WZ&+U`UZDw4<4$
z$)wY&+$XCm?p2)^sjsxzQSU$<+fEji?1p#r63NuH%%ei7iH@=~cux{qh!B8j4D?QD
z?#raTMi4;k&U3ld?#8!)Z7N?+M$z~Z7SiuVG&&?Ca&e&WWRp84zRD7TsRpA#Ntg(G
z*J^`na~DnwVmBwEj*yJzPD*zv&Y{&+dLisv0g%a{rBG(PZCz~beSUJSMdtS`I{dDJ
z;2N2Gk?_u6)<A89c9VzYA=ViGp&jlr$|GaDPY`H~#&LWR>nJr^g6lne%R&cuTqDh^
z`z~6kSXr*&(LkF2q1Xa^4k&gk5RJN7h~W!2YDbGsQZRz3*n@t}9PkuzZXA=9)&hU`
zuP95pI-~RDKP4KEzSE~Bl^4UxL5KkM9f(KxILR=XuIlf+^mNZ8o63SQj1(%QT2oS-
zQIF5^c%`zYXA08rr~Q^C?fM`-hrL*vS(qHe5bn{8sD^D=&=(qI8=ve^#6EUb<eYc~
zKbBvx1|lIRH?!$O)pTIny&SL+Kp4tSnq_&{50v{wZ4L2BT@#aQVss#J%te@>%2&0l
zv`P}DMR}Rwyc3Dlq8l>^+Tu(`=9DmJFVl6ui;N)m>df1pWM+MurOn?Wo>~kDuKKcg
zY%;++o<H%02e+!ZcrI%poP5EfzRPPlPd#R*uWXusBXjVqc}LHsJQy$D(sts#=%r~T
zIi$$QRcl5_Y)3N;$Emkm#-`#%G}7)y$X&VxxP`asDYwoFy4PF|>R2h$a@CoXkhDQ7
z*=;U{tHY0=KwY*M026ZePe@R1lBYl4e5caWV)8*O7+QEertSFCv~J@^Rcq*Z>x0^*
zFZ-7rH{SD^-PV|w68@(XM*h8BpxJ5D8__l7TiQ;eC^wq8#V~w;Ahd&3v&dOMugu~0
zZXoQsUt#xTc-RAqBX;lywZTx<nPic)XG1;qUv`ULX=DeSPYu4Lp8N87>hV2|RGJDv
zA@hl>OLEQ3!rPBaak&|<NC#U4S`R8`Oj5_u1bxYPh&jxNq%rMmGX*?;Iq}(dBJ_*S
zAqzvJws_{l>+iS=u)JOoJnUoWjA+danvpz}K5gVj6j&6r6Ba-0D;fm->DIE*8JINt
zaE5F~o0&x+-KZGN7{*0{B-sK0xBwKsW(o!-M6{i!;f470D}|9ip*Chr?|i<6Z_>oZ
z8^to?e6ro#VEh1b<1|JfJCctlz0^x&yD1`x?U7h{zWe>e$AUC}gVhAgN8d>P+muoI
z58!BQW%LcoU@*bjcTij7=~I)%fdX$Vb;xX7{A<J;g$C&q%emz$1#vS%RVe5p@ssRD
z(*AG$Vg2mXR_F+Fhskp*R&Xalq5gy18fCG>b)_)*rtj`YvOvJ?8>?ZasE+jyEUU?#
z^6As(0zZ=9Z)g<tjTQal4%~eHM`>KD9CMs5ZPwCMJUXzpZKrda)0N5))JYoUG)_Uk
z7tUnunu5?WzR4&v-SiP!C-si``p<RhKLB{gzx|cis|T~!?A;zMwQIGq(k$*3w8eO9
zcpp!;LH^Br4RT;sS5;8Sv%v=q6V}?$2KqdvG2{@^ndz}8k2ujP4~&|tXhHJdSN-W#
z{_<Vt3;O)jb$^#iRj^U~*oZs{d__ymRVHVPf)PL>d36g3#T<?gz!N#L6YFt(Qr46S
zA8cS41e2+))Ycb_-K?nD#iTl8In)b4lEd<1FY1BoJrOM%<YGvw{B1+7z<Vlp;$Z3h
z^2Jyk1{Cuxtd#H$fWnAgLx^cgF~RH~BXXTrsPY_ouzwh3<kd7s9bgKNQdzn$=9ADg
z4qPGUy+8(_Wl2BJEA#CLkA8tW8@*idTB_V+nIUps?&r-#iLiQ;9Y4@(vlxN|O;|AV
z$THty85jneVRW7xKG|}VS`U@Ky+rg$Ik>cVd(Z2$@!`qLBj}`rw{oi~1)ODESHe81
zAo&-GDo(7~v^)1bluS!$^<c%`+xkQ^-=DSWK1fh<uGZN_aHDe9m7VZy*9U-)5SAs8
zkp?l0+QpuH&G<OO1}M9Vn0xwUo~X!MW!9*Cp41~%Dx@61c$Yag#QUstC?(Y4x1i=t
z@g<~Bdq}mU7PDFY);A@@9UWOSshk^^6zMb(mEelR-{T^LQ|0x`k|CW6%1HrXaa0Up
z$-0vd?Te<??Cou%b2G-{lqnNnYp$hce$&$6j<{xQp8oa&2Ik}~f%m`knsNtA4wX{-
z*--Xx$mJ~y(^70Iq_*!C^vs<*2;x1Jt<1$jvs8zL%#FyIq;Hl&cCQMmYF(EI7nZGt
z37&sk=_twFdIv9av-~#cQ*Ff>#4^n)$)I6z`E#3oH=BRWX1&oKV`g^FmJvzy$kklg
zgHdC_6}GWUle<pJq!Il6`tiXLvA?J3ew=MOtT0%FhXpD96AI&dm-N$MB*$F!y07Ro
z;l(p{*sU|;8ENL@2fEK&nV9y1f>iOI+b4RLYWL3q_?w(P+YBV=URf}g&);u*JS%s1
z8Dneb3jz*&nx|`XizZzDut>64xJ7%?G28yA6~+P6uTVQ-l|)lnEtuG!=7r^zt1hX;
zgKwIHb{x5EqOfR16(wtP!-@V(t;$?HxvS{q_eS5q?g3fMb+*vMX@+qwCCDguZOU%_
zMJf>FD_y$9WhK@eEN1K@S8C<Fj(1!ojHJJ)nm>T(oQXc=h7B$Q?ifKdk49`=XAMyn
zYm2gpE-C*XT5Np$wSv|^AH#q3eL@ZYgC_LNRa)d?=%fB4zNfYyq?WGD6bqa=CdF=^
z=kR&;JpSOrw8YCcVatFIwt4%9zEI`5DouVx=m0*+%%3Vq$?%=e_*Zk8jF0gwf#F*D
zK7LRD5I`a8W%ECbFgZsb+@4Vo)H3VmF5LzwMP*LkePl0qJLo|7*@YR)O<T=Uz_`2O
ziqJA6xF*`WGE+xt2p<=J_q*gZ%c>sw%JEM1dVKDI=LApmd`D>MiqKy7Fq4yfOvpi}
zuH<&At*U_l-?|A&yS7;hjEr)JaV*A(^_{?n;lnPw_e9y0s^Tk2YjtK;k;?ZOZp(&?
zo~M$6B<ZQ9#r~sjCxN*pK%KA*Ql&q+m1T`4A>K#qgL2U^|J_Q+P@OJH7LBhyIznZ5
z{ce4pP>~XoN+Le^$_3e<CUiTybO7D9!4vzFkKS>dOd;6&(VRN@0Fv7{@yIYW$QVK4
zu&Xr5t;9qLE#5zfxJ66}?}#UqB$^2Ckn{%*)I85TJ(vHM^)P-}Y0COAB+CO>h-vEx
zyOSTZ9UJj-5Lc=IE9UQ3731!v7syiciSeWr!j;fT{O(ftO^5fKVZCgOo)G@?HSSM*
zs~t#?8c&^N;DcnrkfV$uyYqA87of|{=6_y(c$_n$dY;Y3Q`Ypf-iq~Z3~a(PCe6g-
z5c7+LqaGD&_D;AuqF9tg2dK{|BBf6c(UM`uYa(vXsOh^Z5TCHJeX(Gv&VGfmr`PW2
zH|{7-+ZFRHHsgWK%hLGA0kOFFQ`0@Wqsb=Z_|51jCa3I5uwf~vrPV0w5K1@9>{CG8
ztnqox$DHa!@-t(Nii(mCz*IMK^>P8WSK&?!T+Yd!%3mFx7&T!PtI9J$Dvt6GGv9ta
zAZI6EX|HEA%Gm#ZwRe_LaW(6nZ`{2hc%X3&t`VdgZJ-;vaR}}f91;i)jZ5R+xChrH
z1os5@gy2p{AWkxU?s@Nf-g9T&`7(EA?pkv`)!J*--c|MV-qlr4J<sotclI7h#uxp>
zjkooV<oEuh3>}frA>0KnZ(XVvjYQ3i>t3hB@pxm+=}gi`T(%0qpSQ4yr?IIx{W6n_
zqV|i)g?QFa^1wa<jEl#^8u-Lm{=TjiKXF``hxPg+n)S2&dsWONE-_|^7r=YUbrwpA
zj;xCy<6XxMN&NLLh%$WsgJ8Ue5KcVKQ0cZMXD64lsSb;OWa-dyQ}c%;yV7+ob_1}6
z;29AKcN#G=3aL!TYfH=sxtC1v;cEJGol^<+kQUcweaT!r(Sc{go{stZ1YaAsS~PPP
zrbbhp-p}FH8(f{@T6Jw%JAp@6$ry6By2%_je2z!#R-APQlEy#8j-i`*PYtLS<~y6a
zo{z5Cyr10snJSVKuk%L750cXdinW8pduhU;l-+&gtcmV!XqKQ~Oqw0-bh8!}ZV9IA
z?RoP~OPN7r>)*))WI80}LLD0xEhK8oxTK*K8r$Jffuf~xcwJ#(#IbovYw?p-K1PPK
zmGEZq?5KST++H%yVo}@CG$c@{Tz8Q@jxny-HgzJ5Q478TWpbFKe4Xinf0lkBt5+-6
zslDc~&oa|#qxwQ8e^iS<U1jSiQzeH^4mgZM`;{1wbJu4SV^QF0imVzKT4YX_b#%Wi
zlUkT!qhzvdVNVHD42RYh^fKm$#ZEj-^~aeuYaU4$x&O4Q_VqwTx-8P+pbeML^rQ{R
zT|BX5Vq(z5{bL7;%&+WTuk6&Dhn35R<)@bT088%5dzeNwxnPmlsi(J?qnLfJoxESQ
zx=YdWcx>*LW2!TGHxiWvHM#REYlXX$4skJ-xHgOuj;&`;O`UveEAx&iOw-?r)|uOr
zYihVEb~dsJuHvT&M7J~_(n}N&+ft3>Xeknoyz}}7mug(CG6j8)yhWj#m1*f<{~Pcq
z)K8OPuWr?mQkfo#fLgJic56HUdf{ceC&M;ewdFdI=0V@?KGv+yyGQrE_em`h!%#dQ
z7v5n~PhzxXQ+A4ZkLBHmXP@LA<)t2#BhtKVLl4AX@XZQz69yjN!vLFKF9~`c*|La>
zD9W1WC~+&>sNGHW5Mnft<7Im<O)@V|&XIEo!|>p2bZf<)ZiYspxc7oG1z(EO1*z;1
z7^L{`j0tNPe`>a<F(TYk2(b};4_9yxtAGu&=RU{E`d}$=+Z)$~`p$+8e4bkG?V5F8
zP3hE*Hxq30I;635d#sLCtCXkn;^j)92IpuidAH5>O{B*!*Xw>}*4O&ocQlQy`K-mW
zpY~8Uef1~(3llk{ebSv-WLX*Jy-m28ug>BfhQY4*sP7-vLt?qJs_(yC#^}_z7Y=B*
zn$I9ykzL~@8&!D3K!U;0!?Fkxxwte$e~C5qivO;(h+p;bO^bj0g>K!|m-=I$apUZ}
zo6++GhKQt%(l-J$Hd_D;C16uo<_B7Pa5T%7cvK-}#!_b<Z#V0?_Jd`VJ5zF8S*3=N
z2#xVaBQEJ|-@IvBZ$HzKNXhGXC8L!1JsjHPZS#!G#rz6eIESmuri|0XbC-Nmtn^j=
z2YLShe2?A;Hir=02xm5#31Y@New*)i<6#>rw+(!k_1i@UZ&UYCFi3Qb3{zQ=TorX0
zI$?(G%t@U~MB;NPeL(!zJv%MxvLzrz$B(>)4e=-Wy?Ya#8ktcZE%ib(nhyR()UytN
zeQ$BbOX&F$Z7gDY>mIeBJ+*+&%vH1yq^@{p1!AYS)b4G+U;eh*h}p-O@S3>NAZeF2
z>muYjGP9T$353${DfN?+dvN&O1yW&kET?|m>R{31&{z{ibE&F7ArE>SBP8#A-|Jky
znMNT_POnnQ<)ZQ|_xoM+9s2&D?_3$DS3eB7r6&%YTb7-V3`E-ZvE;hBks}k}x|BZn
zsA+SmAN9%TCAw0tq2&p_((zY9L#g>zWG(h@KNMBk=W0=Luc{Rij@+@4OqbMjoP$X4
z92Fd@OKBMJH@$y7PmPNf&P=b%&d;9ii+`Ou?|Xr8Gh|7eDR_63cp~GJGa_m4F=0EQ
zvutw&ndc0LLud$y%j`A0No1(NTDIYx6t~6B@ZO+w6gpQfKFf%wz24_q8Ej9se!wYX
zcxJ|C@KNz#PjCXOyh}<FPMQbSh~}r<r`hmfLDJtztL}4!syQk&c=Z_YIZgEUL`#9s
zlG=dzMvsoGcZba>IWR(*-t^*k^mZk*JYP<*1Rk!cEGbwd?~oC1mxx#8HoR^wa(b&d
zkhHD<B<Ju&m`E*1n8*2?dO?3Mk{!l*ra3}S!R=O$Jr&x)^SN?4iinJb-GdD8dRqo@
z-Cfo`q0nrz@(eq)d{jw`18tb+Xj+&IXOz(RiGS?S`t4EPuO>QuQpS^aK7?#rNGd|Z
zMqhLt;?U5chdC7vL<bK88SzWGutIS<$4O-Ha=HXJ(<|~xCWe}BxGl~4yqI_}5inr^
z`h3v_HARx6G{nvhA{egsHTzY5JkvHSbkJ1#u*k>MQ|x*tI_^4Mvt1KHzA3?LBWjz9
zUx8Q10qrN;_;E?$_MSxeA+MtIsSqDe-3Vb)wFTzH@8k(RX){O0YL)-k@fFH2+1H^u
z;s+BV?yy4WkuPG(;HoD^Uh8gDKH%(T_U$b4xsrE<Y0!5ak^2vy4RfsWA2>^!H-8jO
z137oWF!9NXEhM!VFiaO<dplfvi~dN2asjiluCCf-bk9OWQ}<WdvgopKEFPn7tCA8m
z@EdN7T&86c3Q$ga>!fu@W0pccF1Ja%L#~dY8Qy1nA-tg`?_D3+`qEGX=Hi=((oo{$
zPPVN^lJnALii!3MGSA4Ep!Y7fqYV9|5_rq|`8*0sr&LSMNoi~A&q_aT3u0yo$ZbFy
zV>lE`^ahakQx^SNh=jxZT9zk5Jr`wqC!TxT!l-94O+#G5)xAkR?73W&2EOJX$Q(y)
zc(^1mR)bub_7aC?MItNO#apqpqiW+Eek{>uX;bOA$0EofD9O2+E0Z|I+2s+5STDE2
zSwRTKP&KmF3>@lKxVY2zwRfnsGMu()<nZH;*7imfu-ziQM<hDoI}Z#y@Ysk5$Fj%h
z{b4`DaOn#R#Y5%Qe7i}U-!55gEFA^ft)-JTTU8BL2g$`wvtgq07iI&6WX&p@5g>KC
za@^cdeU|uW>bKXAmdnkY*<z8tJ$>3%$cfXBX>+2tA}vZ}lqN+XalJmm=_N4U@j?#l
zw|1X^?PIL{n=|JQA;0EsX0Y30#ISB&l9T#*p|n!!YZ?oE(drH?O5_#i&al|`Eo^95
z&V-J$%(Dmc_e|U(NxicvOue=mP4b-Q;AuLqfr*dsla+Hby-GDU;wcY#3F%M){6Kv7
zeEZn4?DMbN5C;#KeyC|wO75ZW;~!uP-*4XUr@}lGPg%}hte-NSPrNOV?hq>nt8JFq
z7(*r8)auIUIqH_yd0B~V>T8J^gMg&gI8eE`I6w|w>Z;_#A{&KaX>L4oooBNP@VQ}h
z)zn_e@mvyyZ{JckK(c%foNl5o?LjQ?R)N1uV{{+G0kReV58&nb+odkJ>z5o$XI=|1
zw<T$vD7+0;o$xG>31N6v5*eTr;apP6ir#fINTtNw)%Ee<rReAbTDXAg#?)0lCx-~R
zCV&>GJvEBk#tdxSIE9HUoOvU*Vk8p3E6;oQnRMw$;}|eP^-1Dja+F}_Vi(O5I}s0;
zqe_ap>dh0~`pgO@y~KDAtxa0tGUU*7ngrR^3?W5)DL&~_J?}88Z9JuG%KO1Dkxx0z
z*&ftv?lxYY!z~_VdIt#JwcynP3E*m`@w{UV?yrg3(+Ka60LfESJTLU~xZkeU<f51t
z3HDv8{!Yl6+O*Mk>w>ji$Qn!d>{Q37R1yI+qF@0Cu-+jyCQC*tRQ?yeWc{=r#E%Fe
zE&7tir^9*ArWemD+WiiD;16vS-&1z*f{rv?k#Lu<<k7}3><1$NfKQbAq~Upqi@1WF
zg?0^-5ShAx^D@&XbK_3QPY=#{39=Byv}w2SaL}~*{bfUxAQ*G80|j0F?AX_@s3fMj
ziJcf2MH$;l?Z?`#r-D5Y4UGN#U7wKn67(@~{3x|7^~yRb;s?hdvZC$%g73{^y?r-P
zHaQ*RWiokT#Y)_*8xZS(rfR0L=lnh>ZE|7n8HxYYZb?;4?Wf;>m(F&3d8#YY-am|^
z8(YxxPSK(rN3AM@V5t@+<Lj;t<m^V_VY|Q>3a)H@dt=*u0*0Hy!TNFGv1)XYVLtA5
zLEtw<@~N{>WOs2ykyZ!;gun*fuTwz1on7Lo>djh7jk8gz8Gd?DjWj-77qM=T5cJ1A
zeO}94y||OEB<9d(Jle#bksJ#bljE-|vU4LK(B&X;195HFI5TvJr<5H_g*fyue9n3-
zoi#`zD^Z6}XR23UtVu+%-m?#$;Kt3-Vx54Ah2szCALZID0l)4XEY<~?j;-8TE4GR1
z9(L|1nrAj~n-ibmHPrd}Y^2q0n4V6%x^@p@i<-e;-IF!>p?oy7;Q`E<SR|-l1p4@K
z&rzUeYw7ap%K7m(ry2pqh&{x<W(^J<-mrlt0YZ!<jUP?Y95u4dJ|67RTJ#>T-V4^&
z)?gRqXIT*Dqi{GoAtRYyzlpe=nJTmZ)d2BGx+g7(2T%fhjQoUDuRY%EpGW(vR3_Xr
zt&?an&Gdagj)+G}Wh)1eYakLSl@7bawel*}Q5gbJgI#DL;?=DRJt}{USvDufPTSC=
zkaUt`p8uN#h3V#K$X<BgVfC3T<r^D}E)=^bgn7<Da2bcqN2xS6WXOvuj*F@-&*`RY
zq}HBgnm)Jlv-IQLU)gGU{bpy{Mp8JiQt=Z-yeQt;IVal4qUc)s>iGm(aM9HHtmovG
zi^b*bZbPG<R(EFIU5aSja%F|IFx*b_A2jflf-uPwtv5pSdd7Sn7gwHI4t-5-esXUY
z`dWqxY!*E@@Ik7~R&=R=b$~oS6(^-~)}xl`K?~WS>yr(Ly+PT>ZiDu|7A@1VO(hXl
zt=;AH{CaF~_s#wN)zLs+tlYrv*7zx|)g~vqB}jkevIyZ~gDf;mOrOma(Oq7q?{BKG
z^;!kaMwuT;3ps~7Od&bZ=940CX(3983J%}^95*{w_{ycD<F03EXM^7Cx4?G-Z&vRI
ze=Ce3IAjF6y)h?4nz5-(miVB@a;jwB_itGVg!Rkknb$1`zq2P%K)3sT$Pn>7)g4!#
zDCu?N@$poi^cyUxnVzR@R1(+g|ABrrx=Zs?1anI$lg@<ef~pi#<>#C}yOn4VZ7G$g
zJzilKca6~Ds(0_7U<|hVAV!ThyL-QWg|Fb+Xcqe5Ri@pCPYgQdOWaqr^QzXMV*WbC
zFZFMIxe8tcf-<BTpbcqmgm6{V7=QyYb2liEa6LA8y-p&AH-G(VI~Z51%CpFo`tVk=
zg*s_vmq1HgJy|M^IDsT^2u_#$BkYnk&M{&KzRaR{Bllc33e(X%Z}+e_gdu3z(e8+6
zRdA&wqj8s%*ZMeo)K@)u;Gy2$Yf$iQzt}m!_E3SJTqhRZ3$F2~E-VQ7+@kSju#+Ob
z#sCgZr~F()_W(M;N(|CN<D!&#ES_F$nYOrRuP?PbSLSP$(ReqrWn?mc*~8(bG*2tj
zeWEy7hRK~+q%_N}f0lM{!c)87|NE+6aHK(VXN|VjJ$;h_0eObm%R9Fd?0|A<(gjQ{
zTJ$Yy;<^CLfC?3!+x@t+d>4;Ym-b5iMIl4xbi#!^Rjuf7`CBuT)CU@tp@&X9s$Z<!
zL0!HJgg>LDrpJ17y5*L2{TQOFy%}^Ab-P9AY?4task$D@gGR#8p(+gq4Si*p7oo=c
zOEqAJJUHmP4MF0hg6rtb6YLwgZoJe%>9KU|*D$X(V{AcY)YRd$YHxm5Z|w3S*^k)L
z_K<12Z*c{c8dfY4J16Cl_c=xtAx)~)fIIL^Ba7_0Qat-YT4g5TL@riD4pYv{Wm~O^
z1C%JSy@l!mFiMaVJLV$;OzZP5jM5WyUr9S^94H64ehFxA9aWd{TC@qrr}cuY77nO$
z>U5<^u=X3|$7Z2cm);w+Be@c_>VhlSmla*Cd8d&vmZ}rn!7!&Dl{ns9&3CcsSTLCG
zX-bJ+djN|d(zVK+7%T9om@Tr}iCk}=hu{<2)5BG9v{Znybi^rP0DuP<TB9&vo+PiW
zeUqeyFjcHUKX~san(H%hVNaN~4uW8S`-1xc&9+@oc$5}SS5EI#hsxFEV>4|!(>biq
zon$#f!%%$DO(c#;XiM(Vu26hw%i~zR<X>6ubKC+P?`fK5y4A7$gt*+>_DV2v9WyTH
zvo(I69Q5{;5^_zGf0H0u=7`Krvp)(7?nQM>l@dQF_?95^jZCD>MCi5efq^uU%I1)4
z8-lThOF?t3ZUG5bJ56lSkcTL{bg_;D!weV)`!VcsVPW>82vM2i^O)BzJn+CMUX0MB
zZfc7#(syAy;gR_fsdIhW4F^A(V&N(PhgxQx(oD0~Od8j*&Hny54GnEaIg?tgam9lF
zX0B1RAP+SXJf|=K;IO8F7I6*XS#5X(I3*cmoGv<6j?Wq2@6a%^RO+y{%my9S+nbS+
zG%N)hmMCp(Ou;v>r|kUIih#o%dhWiHc2G@6zNn1iP-ZCVmb<5=zQz0jY#QOTGQvk4
zeA(;AKoS3FJIzP}!xES&j&<+k@Cbi#c`j{?aBHcsdkn0FrG?qegnqczXWiA13%jHd
zRA-xR4!KS9O>))Jsh5~|L=^SP;dEA0<s7d$UI~X{u>XnbUH?bD5zk)Ykr3LAAn%9-
z!6tDcWW&E>)+_OPlS4!~LQtLeMnhUzSxTSiMO`=SO1Ctbso*%q86*AkE;JtDisQp1
zD#XJ`IqnY05$@lKyLp)*DbP5NLsu<&vRhTsZYel1QpP1ENx)UUYY||BK9T?qA>1Iv
zQV>YAK1#PKoScAWdQg7k)oRPEK($1SM<H}kb3MxM)dJ>5Po$0TSlp}Lg$F+>M%fYG
zfToKd+QzjyD$p_@IPH@8WkNe+n$%Fyuu}-mEGxpXTT>etov7mHW6zIfZ9L=Z#JyZ0
z&ynUF3L=gZeF*La<c0hZ74y3C$;Ka8objFNx&LNZoOHP}PD@9Z)bPjZ9i{Y4_U`&V
zcEH>`X?a;dEJPd&pym-sJi_%O0B|sF;c|XFIFDUZXbR3rikDWK$3=g9y{`NsQ@PVG
z6Pb$^Ji_?iLTGs5BjxC=pd*3~)Ho~N3`wiM#2;U;om7i`)E0bxF!@FYUFhZXiAE-g
zG_u(yZ*v1FSR*hr!MA|JsXl0vjPQM_<A)qOS~Q%mI(JRW^Rvru?oJN?O?wJpm-gkW
zyh9$fvA8HZ`GScE8@Br#@ONJAj^?@{Tq^G^&m8sg>e4s)RJ)f~?$tc+0S9R^@JhA0
zA~KNHs=Ymk3K(&V>b$YO*e9wsLh9=qgtWgnorFvt&p_8PGt=|P@j2oag$u4F1g+p0
zTW=;@W|SHaH~}2qki8S<c>hiB-Q!6LY3GNol?+ZMF~LUS2HDc_Z<cg!y*9GTrBM-k
ze%UVxHR2%Y`eN4=t~A7!FlgEH*-u4M`Lww$__Y4{TNfO3a7=o!$)^fsy40Ih>35<w
zpd75srb+?oT=6%ciBoH~HtSJ@uZ*HYsnL-E{bBAW!EiU%9*@XD64KS~{5F%dh~_D)
zEz1l)Fg_r(EnwxY&o{(^>E4`&3v*A+W;%_GVBvQ)=oxF~8lXodB1-HNWp11`TbPVI
zHW_g$z>Gth%d&>tI>(tOzW($5kP=qjcf-VW?3YBsw`)_|0=od^i)$m)V(5_#K-i-V
z-09U~=;@k0nP*CyxK4B7>Jo7(s2oPfR%bYcRr%%`^<}2sAhPDqQBsmP*7vRu6Ub|I
zop1}B$~X1R`c^&nsL6#nj(*6b#5YSDo71r<mhUAq`w`3KCW@^zNZFvKBJVvq^S7+f
zNobsz4l?<{od|jR$v5;FYRZajQ?zGii-SFH^fnb5&x(xqM2j9%is<tXtAU+1*3F4!
zT)^Tq(?7M;o0a>+P`wBPrI|!~(#jE9R1_^JLM7M{7p>%d+AvU_5_n<?qB~ESi+?nJ
ztUMdsM2Q7{dO~ck^|y1rt1j^N-;E6QUb-RgS$AKq^lICyFg<3Gp~#!A63+MKNO>bE
zTj?8~DUfx?f7`c<xB43YRZA$*Bu}hPQ_2q|nWdPvr3uJjuPZGLp?{7DcTRaJh3rp$
z5Yp^R25&AUo3aw?Z$P=7mZ_swPs094-ekc;CsK67dqEdi#*s{b=*Pa15W{hN+i}Av
z*f~?B7Yun!O=B*PCD_}7O0|55-HYQrowPFF1~F<JlF=dT)?WnRfzE0nt_led9O<by
zS~V$Ky!>H;;GsQsJG@(u$QzqWvkjReiD>upS_6--w{_oCl+TS9wjS=?%J7}7bytSN
zlC}DpCrXEDff}hlt-lDUe#4lu1XQgZPVWooa<Mp1J^tKSNg<jaRke6XlP@W)L@%Ct
z$DhAYx0L4V3}^FCz0?YYV?G()CXzMWDjsm>yZw@S`VQZKx@TF=f~%sRk^0K?9Uv#c
zYF1t3JZ^S2r`RQJ*g-)d=D50FPfHhB|Dk2^pq^{P$WlgW&ZX;#4SgDopb#6q!akN(
zM&OTw7d})#(P8&CskSp%re*Q%5n|fptmWx@Fl{R>O*}{UoMs&NqO!x053djZ)JBvR
zH!dSlYD!rVkCe={;L@aj()@C&>o<pI-vyhvWYRC#WE1>bvpE957TDmpf$MSoO>5k%
zxm|&<Q$ycxgl<7PKF4u&KUqku>P%wX+#V3zC%a<#W;C%W`qKXwOYd*Mt*^hT9#+j=
zbsy~BV2<nhl_r#tr=Pq#Zh5YBHc7aI+of5clGTTd>xA<(uPBu{qmV05Zd{*zi;q-d
zGFvfUO%?n&xLI<>DP$*Wf>g)2%s*18zX(V!eth)gspzL)jZJs7?~gnAopZK3T<}yi
z9u$xdm;P+GQE=zIVCE9MCUOr;PHxex_Jxi&BUfQ~K1M09yA(|GOwXj{J?0S(sa`(q
zUxh?U<;SG!OQIB|rh4Vt0&yEzY3%8ChDLFH6UGe~t8h~X;Op?XtmGn;y*%Y<a*jr)
z&N_1Zx)xKaG$i-5T8rbs_X9pUrFPy-GQ;3Zp!-K<eM|9mxo_yzbQwF#!ei2$W5HD6
zH?{J{v4C9=Noue<&WgfAsEZbs-C6}UnKiF5kF=)tn|v{m;J>S(%kuT~uIz8X@*N`H
zUvQJ^ig0^uq)Q`IvAy|O=Zl#Zt63TyCvF-WVM~_zufw`!w(@vHpx*$(Zn8`J58uyK
zjCjdB^v7IJk9Lw{HH7vdDPEi%faCC2oxyusT+bSLutcnNE3$<eJ|R#d*mm5JM?TFi
zA{i(E!0xDlP!5(j!XHGNQynR5G$LR^_?w=fdqk4=ELfx;wdWd6uTM(gfbsXdrqx44
z@9j}S#Dk*=0D)A=YmkbJT*09}AMWqTY+_#V;0?UAsob#AuCIjKoFDg{S1(kyu0{$G
z=#0eluXby-1MJGq0-X|Sj>Fv1{te&j`145o45*YTx!Li*DOIdBDbz;Q8qm&GnHEj#
zRKnI$Y#>Q)=>-OG`f?mF+<1lnmzRvS<`Z4bP{l?C9mxa$+v|{~)=WQFAHazrZDl&e
z08e_h%T2mtB1~DDG;iQA9#kyBpL2;Q;(=jqW7WMJ@}5=?u3j!>7A0N^#J9EbC88CV
zLf$@-X(b3|TNyTn<`i-(^~wn<vMEtf<A|w^!>>j5;%(vYoY#)fJ%vop&X$&%vBBv!
zXk7RY;HJkpa_q$kFcwid-sR>=o8ww2C`{&1n{Sw*t`9mI?<iTLX?_OZ>D1-X_{QfL
zcx|8D8jXO9pr$7Ht!dGu`sV}!S}*`rS%ZGH+Gg=A?=A`Lb%I=#z1IyQ&F#>RRo-J0
zsB3%f2QjR=LlFkX;&D^+tuUYAf|VsJMMd=d>CgLC&1v$qXjDLW+|L-p?1nU~1;U1D
zI8Z^rb>f)8%+NVz&cKBbNc6Ksu5^oht<$t6#5tW_Vk=@nN*TXWj5s#XA5#z}!(YOJ
z3ZOWUujWm~%s98gB9}vivs2=Of4!#%wCz;s*fLIy$+(;ymK>=K*rn6sBLrqrQF7-X
zgIiu$w~wOJLZL!gHNvCwcrQeix)zw8UM)q#8P#t9;J5lfBM?S(hEhML^uC!?zrG9s
zie`@}X)u}}<p-8k(3bP#eyZi|>Vtg02s_3Fl+FR8n^L$0L8a=bNbls5iDL8ohxVnk
zNDL5BN_uTj=|lgfS0aHMrz?M`M48TgC{$;3cT7KHAbdm!-7foL@cx1<^J6w_4({ob
zM@3^YTJ~HTt#Y}dxd=M|pP(bCuLr|{b4WNig@1q66jk+U-o>!w0(ry~rEIN#uRM=T
zo&!`;UL6k+%aP+Zpk9x~SkWdAusDQpxGpcUG1;qY)+ZRP^(!{jh^nV4#lo=>o&>KX
z?-G3H5#-yu4AJSA;q08ameo8*USHiDXGUPKI>6=!6^VIg-y(1A=P=X~hu_>Uk+VGv
zLnU+v;RLcI9w^L3In**&JT$0X3Oo^sZpeDp9@=-Uwx4OO5ZSQ@k*Th4N!GQ9U)Yt1
z$H@?nwV|#h4!dphWBZyiTxLL5pW)NP&<ScNt%vD&Ni7syv1?_#Cl+A_#8*#^d9{<{
zY$bhv)bNY|_eF|vY4(EDF8izMUn<<=Sh9kIRld&^J3lvUQWmBJR<N>&8s$%3{kagr
z+Ie5P;7zJ<dXj#rwo9a+1t^{>8<p*QG>GS+NKF}@0VcP?|7_+y1X#zq-%-=%`<I4&
z`WGU=r<$Du#w;Kn!32l~_n8Dqq<2`ZBqN^JB~=fTY)*h<6&3e2i^&1o0-}*=FIlcu
z9O-aepI08|JjNjDQ^;N&mO6kh-wznx2zV#U+Gpuqqlt~Tu@(NC(APiWcK)LBC1D1#
z37w{Xke~h=P%rkHQ2*moXvnUA3sL6e$FryHk|rbK1>0CWCQjDjmzARY8{E+!5%w<y
zng0@m<M}!|c3ORL?`gTnZvgA_eep#5<iLMw@BiY3<o?dro|jXypB?A#d;Fn_O_JOe
z*!Gtw{|U?Zkl32r`Ln+Pbs3_$pN%{Z2hS}BC$mD+`$Dl1LAH$3$xi=CpYQ8FO%VDy
z_|zf9XZPT1%imhE&Pth46Zt0wXzgDGvK4PV;A{OUv|^imAKmxM?q**+RlQ=cXhZv1
zUm*$b&G}ZG-hDz`izrzJj!r+iz?;B|$&lEPezB2kDmIs=-X0%)FLw3u4Ix1Xlg$FE
zvGGu}@pPJO$wN)42~WDf?`rR!=sMuPp8=2A1Lc4fICPBaRsgCF`6Opq=bjPF8$M~m
zSHK1fv~aozIDy|$4OxbMgN%HJ%S*W3qnj!Q00zeWO;1q$jzXtpo7vUGYlDh0DQiht
z#y%e-k7V!46+`|?`v6Yp-FO4WVTwK|0nUmn^>FrSoqM#}BALko#D2S;KCWx`?hCc?
z+SQ+CVUo1rCeo1m=K>@d@<Rl$Exjg+u(pi!r`&A_)1i4kJqwpLSDoi3`YykmZ)oC^
z+11)?4tJK$W4z;C1oH%OH4CCCwc|*g!#m|-*6kt-9WkSeIqUZ5e5*Ch6)}g!VSkA1
zc>#(%G+j6`Odb)Kx_?DWy{*c!%O9tYoLxU_eAyr@N@-=Yaa`auDyb_y_nOWMo^Wm>
z$OcZQC(1h5AZEwwc-5Jh8J}OrfX}~thkGG!y+%U2i}<C8yrJ|bzuek|_iuYk5#S$!
zL^y}6cyZZ76l3(M<(l6p0_Lh$<g}SP!Yz{G>I7JYSLA(bQDr|BVl;tM7_8`#y>6)%
zBDQ}UKJom4`G(HXNa`xzhE!tif?=}<1OEHlT{b>lN<cV%mR`C$S}cG2`*C2n&h<KR
z6vPwk$DFv0yN-L_&S$GhrXX=<+1TsPb9W(^Ti1VIP>WS7emufTmHN2~<+cs6BRUUK
z|4hNCY%Kui7Bu~#9$oY!?!CS6c@@#UblkK#aJfx&yu&*$*oOKUiG<Jt_6TP>)51k9
zr2oR(OpcEbljwP6TaFR7ow*Jjd-6O%IXHfDz76Y90jYhW5<B7LN?GT=fg%4a!&P;%
zU6F{Ck1QyzCEou`CZfBm?5!b$i+eri#?yFc<F4u;e{fpG8p^$UXwBu+>ZHY9OD@Gt
z`1JLxf4ox{y`hW0a|y9V+0ZdMY-<QW5B1=Xmu1sga0#t4sj3|_+;v?JGL&dhPkquG
z&^*CC+Y3>qrJ*O@s)W=!@H2tC3Pv}exHwreX+V_Bs7c#ft^Hs!A(Dk0q0ALDK|*>5
za*dm=ew9xpM;7TjVZeAqqb#pfxluag|3iFnS~1PqBE!{Q!*nfA^p^;P8Yu?vA@O5?
z>q2mph~bnLmaI??_{soIZXYG;Vc97x)zfl$B;Tx8+hX;(=D;BTo_cI>jVXUzIY}yU
zeMEjeX^t*<!jgcF_#i3P!8umHCzHwgnWTv2E3!Ly23+Fu1;d>=NbCX$R*5~4G-u*~
z5?fOeXFsB9Af71}mr9YZT=Xl}6;0YTUp_E`r6neCcgZLDz8Q6}5=)zaSV%DWQuO~s
zYLKhCap1}ymbkR@8LX2XYp>p_pW5Wp=rd(IF`R)Lgz_od&w*THV^g3bJ0B_6_a9aD
z2slQmS(^c+Olj+k=$qQod6rz93<dh}LwUXhwn3pP`4KkNvEyS(cl|`L$;cI07e~R*
zv#EVjnnars50C(9TnTuJn+CwHi1yzA_^<a%*z8`X@z7T{?=ViH|6rbBbDr$%lbcMt
zhD2~Y8b@>?U9|D_<$1h&JrQsm{#<E*mLf4A=KU6DdSL(EG`KiSyrHyYhgn^{6-wi_
zh~a?%4X9GfIh9CZR9!e7!I%G@QpL2F8J|#?<U=9LyrgpPSWS7-NFx(r1bx*U=go*;
z$sZdQ7Bg5>Z$*>Y)9#Q@i>6TNy+y<rmoqMr<dAPi%*!^Um1jjjF*@W=o-rau_-B0O
z{|>6{cD2!UQ57P#F1-%!O(RTgzr;cp;TP;2F8}D<w&RCq$4=)aYu3&8r?kiHb6sDA
z=b8&D($0_IvYlH2XDwf-oQ2G^pXa0VJr7O-Uw+GNx|si(4f~uq+HL#g=%;q|W38Qy
zR;>};xMv5CLkWW&?wP*+qBto1kLQKnJV5zTIh#MuayB0Mw_146(K?e~2Z0VRU+QgJ
zsID2Y@1?w}x)d!v6H4)(7Gj)bV7>6{ch0$XeXwyszWir1%|EVw@hse{cyw-3Vap5}
zEIj*4A<5q0_@nTB-mgDfc@SDW)Dzp*cyCgw-WF`^^ZX@FrR`$<Z-7sq<ikIk8U1q@
z4w;Eg36ueyTT)ZO?ZxK-F|L0$WBiX%%rz&`SkHX^Ntl~r*m^VbVfyKx&D{QT6nTc?
z7-9Lh@51KAkC&cyzh(MQj3ot$Rb2nT{4ZPm%U1t-ul_cb{OcS1FPX1Qe#%RisxU@s
zSG!qJv(^7?3het2Q=m|fAK-h9a-$*lOj_X(q}`@FO)OWEKM%qgh2g;E0AXctDBn3r
z3@18j(ZJ&47m|_NZv*O_*VmpL$-H~JX*?pHCH{{;(LY(3e@iKL9DjXj|1`(*^mXHt
zg5Lm!f0HnfnEf_3+*W-0Q2$qy{mr=da;DB-5{eIO4t763jebn-eK40@JXPE`gAlDg
z-np@81}};D9~p_8#?6qoZ!hZKrG=?!=57ktqfCMNh$xeR@bNb};F|1mD>2WLxf`uT
z!@(-UI^7ca<`EZ>bdRom=?x#LCwUkgjyiiYwjRv_ErOIS?^;3PYk8bV_t?<tS&Xx%
zaFfl3BI0vy*-Rf1kwCcgOawp5U>mklV3z97uG*D9>K-NlygwryFFfQ{z1|=>u2g?B
z#lnPK4=}E<WKtEya4X|S9Z;L-<7Cm3>sMRhP>hP?a-SF!7cw)BI<mhp{APo&zr&nh
zlW#4g<mc4FK5nMQ$(x)eWP8C_$}DpccM0z=&|DVKLQF4ED!;xkSa!E%V{h*5nx-Mk
z(Ck6y8)T*v06F>CT4-fyy|zI){NJhzl%V(6&AS7mFRN_xybM-m9i@4{$y3qbH+b+6
zB{TBuekQF1XMt=sG3Hag21g`|$1LHmpM|9e7x}GfL&B$87AJb>!Mxk)iGed+t9?Fx
zlnLqbZl5AFW6#k@-rf5@+^q3{uR0dtZKaO<h{*QWF041%Mi|a(8JCu5o&w(};}MBu
z*m_~aM0I+^QSC;YJ*ffJnAJ9b5I}>|dk8YDQm}p4vVKkIu<&b`b^r<CHWO1~VRP7(
zpVw$$!LZ6R`X5Za`)Tr}!RZQ&kF3Z)5x%-g8pCJ?p`=;9w8s<s66;6sSH@d`f3=aO
z5^jU;MuEL&5sl(ii>1f#_{KUpjn9|UGu>emx!eYV_H-yE0F(o^p#+fqp`14&+HTK+
zz<@;aN)1c8-RAn=j$o4K>FF42hYCuS0RHT14iOa`zX8<)xDP~EWi5+RS_h?z61e81
z1K|pg;8*_IVSu<`r$!Y)<qe|#VVrgAZ}<|FC*{E=HI(`H7T6RTR#_#X`X2T5HloQW
z`~X@sf*+-%K58{SaqayQ9^-0Wr_vl3ZwKdcfTjxagWxn`;lwZizX#|(&d0dDOxI*g
zBU--IT)G!t+wo&6+QUP$z_LKn>STPnG~Ig!I)EzdA)297W$T8<0@IEP#g8w#iu+4z
zCS1XZ9<^m<uhdPP#|hGcSW7L5rA=?8oL3zfR9!kklz`C`iM$F)pT+16m>yK@C<z)(
z3e}M(ZhYeAnX`+!GPp%TgI;r|mx!Yu*Ud!(_;a*CY4da$Z{%`HaEefDWHsaK3@^Gf
za>(Q++SA=dk?BO_=}Hl~#$}gJwB8KCy$i(!qBh?fkaVM<=5u*&&uwN?4Y7kLb^)@U
ztk&?jepVbRG#IOj(Uki<HD{?)=LZYKKQ7!7qF*qP<hP0N&~C;C0IwnzT=$D~PI?mv
z8Xl_(N?TN5c<N$w@-w>%ndo&lFyW-Osmis=Ju%{a_yH6j_imNY^Vba+aaSHJy3ASc
zMJM7m(lU;CH^!B+-i3zc2u*FZ><k^}O61yOr4-eld=q=4=Cs*xiz!LHLznZB<L+vp
z3I2|9#OVYwKK(ZBv~*Za=0pjcAc&aQhwd!3OnPUEB|+Twq_F{RBLZ((l5PDMiEtNS
z{^&r#z%d8Cm>7oZNNMDVj^-WKrX`IH=(7^2UUUU7EIrqYa&{<<E^<Dt%5o*Qsp2i6
zcITe$t83416qM58o|B(H_n=HZ3S*>KPi4KUQw#BTC~J=_jC}Um#2vpdN~J^8{w=pC
z(+JlT+#`He^Zs4(M-O2A_E0N<L?04W&u&G9#q6-c#Dccf{fc@jV-30HyWZFn60e~l
zNiK{X93*f>j!mz|#>(;0g@4NroGzAkJ7oOe+EI}x+wXa2<!9|J@i?Z`CeFQgJOn<I
zeTpgCWqXtlx&wXXK3=|`9K1j7YFRbYQU7M-wZsUFSA^W&k&^@F2RdV{s+Lw7a>8hF
z=b|qf79QFSk&=jvh6QGu|DRDOIK}pyX;wVq<VAyJsml~b*i-0ZxW1*K=7torUi>+<
zNq3wRkwBxQoFX&HUz0G@k0b_^%4`Hbgu2&0yjrVzY*J$;U>j*I>Pz-woGfM+p@BUz
zVa3WP&kN9Q=2p*?Y;Dzj>d@-(@^Uo{4-7zM1~j{R(VI2;Wf)|0QBy76q1Uoy)$&Fq
zy(puhW5c7Jpkym$ewOT!uU1WWq7RV>*HHQmfB^vyt|nh;K0q6Kh*+t;crlAPb8|{J
z(%{W90Ye5E?RViipUNYP4m9x?f%2gudbDWOH?kY7v_I7JH!5%x%V`=&INu_ogyTU!
z<4*Aw7=HGISws<Kvvp99Z`fZ7g?~dLQZ-H*OAT}+P%}Q1{rX`ZAg<4m^0qpP+LlbS
z(lTG3YP14IUW91Zif!eK-wW!OKW|Wo;yC9ajHcta$$8g9%GKq@G$$)K`M5&Oqv#y+
z37?M(tDbg*nouWBvzy9IPD?fbV#xw=#AqcVPn@asW1Tl6vF1YPO6iW*C;If7GS8A=
zb_MyjqBW@Af>9sg`o2mURUG2rgLk1Onl-W?wIRd8dhS0EBGAPJm*=85;d{sQS(5IX
z_tGRt1m6DmKouryWXnw+g@x%8;BUdV0KAOV?v@Mug?!~YrY_>N4D0!EU&mtV_g`<m
z73|ghAk=MaO4sWKF5vg(#fDaM;D86*BW4X}bK<Wu^K1+kZCamqj7Y>~m|7eDDC~uK
zk%Vh)0^^mbeM?xZF0mpEVmUfHdMdUtv2>82(DuHsa@VbgB!0SMP20MgVw$w&cI)&!
zr20Pm*YgNn(gI3e913(+^G6Mtn-WL+1UmDu`H_>&VyKpCFUn7P)^2Kc4^PhM1wCHQ
z5elJXuu3i7v%5=j>LD#ygxMfj{iJ&)F?+GAea9`?R<P$YWKE;(76Wj-1YpBmEzb!p
z)v8s4OXPxb@^dQJrTo`$%u|vRxOFPWM!ZEeubvram^AOQ$_El+fv!NMF~(W|S`Jr9
z|7v~<f6Jn5)89Q#rpQQYf=j<Kje4=FS_31J!rpRjUh*|16>iTeg@6h)=7IrzO0T+D
zsa`;Mb!>wD9+(xt?!eIgA3gw_{V|74^)ggk9mbn5D0919NsW=;&SW{LI4pba@<Uq2
zLa%m%N^0qw!_)nU7m<8)DG#9uv?Y|_ZE$`nHNpr%2i4`U)(9iy@S&l>{pA@fW}z0P
z+v>1T=l$$tG)u-h-ck=_AmG`Zxbx)>_e{tTxx+w8>^Rop*x{qOrfI(LTxG*8vxcZz
z##OLDt09~T3=^M9GZZ|m=Apf&w8Vh&A`IMkSIF95AT_@6Si6TlDXc+|sSDInoT2nH
z^FLP3sOTtz?8PLH+(cga5y#am;eDiG&q2#O&SpEwBor|vtiAI~dvxdCZHX02)BsPt
zCX#*=6@G6~Ad2bo4(&M=9owLL48#JjPUw+zxnn(nRr$8Rz0j~%N(Pm%3b4YTbMC|&
zhf}Yg9zR+Idm`TFvv~{S+tmPVInGr)K?!L~v;<E35&LVR4It8q=}(lj?BiCS@q?`K
zeCa+=#0Hj+jtk_8uO(9%xlOrNw}pE+ciB7IlCjvUz$bL(6?i1{i7QpU$g;>m`*WD|
zlP8Gojd5nV(=42HG%Rj=>aRV%Z602j#I+BitMvbr*7aSGYjaE`RS9ZSKre<;>WfpR
z0c6bIh_c;P&@px)Xw+xQ;7Cb|NjIrY%HhDZB;XtizXj9M$04=Pg!Nned=fC8M<9Af
z*ICS0PMtD4CCn=Eu{|4WrSVZEOaQ#CkH)x1j@pDht)tN&sF!6|dCEBA1pB8II`)Ez
zj_$Kl_|J{(8|xTtJE-0&hUk;`!|NEPtqDuLqm;hnC8dwup%zV_D_!MABnuG#@&5m0
z?f?I>+CMfM-w*zM3o<BjyCBi*ue2h>+|%X|?e8?%Uw9@h{Y69d9KRYp8x;)^2>Lnx
zw^NeW%9H;kV*?M}<Z(Qe<@pUTwoYIDi?stKvNOKhUU0Ri-feuC?Rry_HzS^SK>uIT
z=znw+{+;RcU-jrefl&9m|D6&gHmQEV#qd{?BHAht36=DqTophR*Bu<{U*KGqlhU8f
z59*ngd!&a?e*;KAGud}N=L;JAg*Eui&I2~z2U&dAk$)8T=+z}<%&}?gU;lm=;~zyW
zQ_KE?z}KS|RC}l!t3Qfi*mSn|kC9M?!>7V}Cxm|#f-!F0DQ_h&msP*nJT(^oqd-X7
zPla9<C->Z*r2GErk0QP_U)1(X;!nRfzl@8Q$p0vi<f}fn`y6)~V?Pf4dS?6g!lv3`
zGUtElF1_l%I{Uw{>|aGiivRx8jdl5;zrV)i7Gu0msr@zV;y2(Ex#S?a_&4C-Z(IdO
zj^VnE+LtHozZRxl8Ap8L|5?27pOg&$yIlN3M=|l=&Q0C-v$dX^EIv@_xJeAEm}@fh
z(|gnK5<9mfKPZpQvk<&?MBI?Be-{5sHCw=6DzZEK)-4tqTnTxujEE8a>xMs#`TvcT
zBpj;LD-7*l-FOs}0QbOCs3lwWcv2?uOIlPMjD}(YzP`JGcW%pc*!>$|`5<WcH{kmN
XOv7&gnP}ID<gwl>EZq<9_v-%uCnf^a

literal 0
HcmV?d00001

diff --git a/docs/multitenant/lrest-based/images/UsecaseSchema.jpg b/docs/multitenant/images/old_testcase_wf.jpg
similarity index 100%
rename from docs/multitenant/lrest-based/images/UsecaseSchema.jpg
rename to docs/multitenant/images/old_testcase_wf.jpg
diff --git a/docs/multitenant/images/plsqlmap.jpg b/docs/multitenant/images/plsqlmap.jpg
new file mode 100644
index 0000000000000000000000000000000000000000..cef79daaf49fabd4e7cd1dda7287ad74ea482606
GIT binary patch
literal 94000
zcmeFZ1yq~cwl5wirATRuJ1wrE#T|Ab1QM(XPH=ZhfZ|Yr;uhSCyStROxH}Z5xE3!`
zDE#T(cX#h|?>?{pd+r|Zy)oWd8Tm4o&G}nv%3ArdzFbXQeFEHrf+1i48X5qAcKrfe
zEuu|8q@?toz?HxddFkIOIsw-S;}HO0W9x{7%Sb-Z(A0Wx>(g&NzSkKTIXwOT`A^a{
z-{bM`+yQ_Q;6G{ezbeKyHgPbzZm@U#W<XvGzXnTmO%s{@MzegU4S%CWzthf+PaUt@
zJo!!|Rp3(BwDC2~V)iH6@K3bSQ{?yd!Pjj>ZLFQX%le+aBff27tEznciFN&^0yqHR
z02zSf_wirnuajLm03i4U0JstUN10(f08rx#0FX`nQO58F0J!S|08|hBQTE52JT*WX
z{K^jF`igF93IH7B004NJ007}20Dyz|weI@zPq00>uA;ieWq18D16Tu001p5VfGxlX
zz<Et^10Dgm0Q^_e04cx?^zZ5W^~QC=z{L2TurM)iVq#<A;9z56W8>Vudm9J$4lXt}
z9zNckyZ7$l-^000KuB<p@S48&oeA3ao;NVCt~=ht#m2oZ{conL_W*n>^b`!v8)$R@
zbbPcM_-I$H0P5@MzJc~@`hB=JF>hgE+(5_vUTt^}0Ki1M#*K}IhmCpT78*7H4gChj
zbrXC7LM$R$ViHm^IxdZ&;m0sFb*IRv7<z7g0YO#!XVK~96_wb^28Kqc%#j5K9x3?C
zY;wm4MqVMw7indD$gC<Rki)CJ{c9PN*KUA*jp29s*Pmz@=r=HL-ny<-#J?7Zj&Te7
zHrCCX*HFJ#qTj&BxJmn%fRKm_h8iL!fh!x>M?{Wb(sA?hORA`*l@0G1A{`uGL{)s?
zkt%OqxJA#GzHdYddUZ7gxP9YV82$}>fCS(&FE~~x!Xjo9eGgTatOG;n1|VU0bIPb>
zdmW!FQi})vK^61!U-`#hLzs8RJP$xhR{$oV&`s0Rdk@%7O8otold|JD9b?ql(iI-c
zk+h8G4RH;46j`Y%N0<gkSS;?TOPx-gA0?)g{-DZ`XbZM@h*p6&$K|;*jI2#K>)w=l
zUXc#tG(RZLUnpOx?c=SJtJo4m&EIsC2q}37soT2ygCeC(+H7)&8PZvppg|9e**#=E
z(6F_sbT$UPqTn@YI_x&dp+s~aAS9nC(pUBMfglqHHjmZnjKe7hB}eG_n0+#HUe@1l
z|2UsH^TqE66`Tm;tARho?WHH|b4X?%*@#tDAF;Nv({Pi=e)u>VJGZZmK9Ou%U@EFc
z0Y^Ds=`ObY(}d8QbCGqy1=h9=^rH%#!`xNPpO$T7%+NlnGAR!m^Hy?o7~CFyDTVbE
zl@9Mr;sm~K-LWlENnw18Syf1v-h-_$|3T;OlGX08ty{|vs@*Bi^8xbq4b`J7z|A1c
z?BN6luH@d&sOgX>B1O+f1={)nZ3G0{ExH$`ZxbJHyPrwTTuPU)el$JWC>%j!6Ud+K
zgj=>UB~`Y9TDf5g{TnE}xtmvjcPl8DATPC!W{urv#Zlw9ZrDBPt1_(4Ka}&Un#Qjc
z)>Ia~9#gMpY5F8it^Q+X)`KG8qKNO~Vog2TxN>9e$;7}47^+rFs+%XMEVI`i1%?76
z;XJZ#b~$z8X&PYdxQRB=9=~|WT9r-u@*D*WuZ4Je!;5t4nJ?NO^%p6{4H1fg%gxQ2
z_?Op8r<nJObpBQSzfn9}$<U7qLL&{<AD^(6ZmH|M&~?Ha%?5$WEV$+D6MY{f+mAR^
z)}Dir_iT1R<txmkDu<U5Ztt=zYuigU?2}$ScvG4lcUbk*xWm+wV=*oV-h=DemJSz5
zX2qUu%L3b^V%u79MAmiJO}?pl<6B5qBN8?3K|FZL*Yu5Pw@~y4Win2&kn760@=Pda
zTri2Jew3W7ksUGy=OAM{-d~x@+EGTv@zqvkJdaXjWQfM!i;uP5DKSo1$<eY=_C~~h
zDld+7LZ}*VohJ1c(DIYmr&U&KveO}$hK=o6qLvz4z-`_0WpAhI&4X@MAKY%@jfV9Y
zIDS{guPXSHGLko$iZ}0YMZEKS-|e^)KZ787;TfT4-20ZKUM1e{EsdzD@_6JJ!BUx?
zxB#`sAk>B-_O63ie!>U-qdl7^wFUAMeX@+w;Y#J{S`b9_20o$x=WQ6iE#iJXm$Snc
zE4UTfTTF;T@Jb9pbn15}vwH_=_|4sZrN}r!V<vk&n!z|OpXrM5^I)uq$=F(vv1b$c
zV~;MorWvyEYwGT!Q4D&}EX<W&h6`xkmzB?vXB>HKM(RJBTl*y)Vtlm4b_5n-iZRWA
zWZmMcd=tRn-VsrkG8_NU!O0EbZ}<468a_!cAMdYD{-5NN+Xh&v<*wY_i1i^C3<+{e
z^)F#IND%INq?gNEK|Ugvxt)h`E;H^Tl+`_Hj9L(X$ef1xaL232uuH$@O<(2203;(S
z`;<NH!pifj!n}sd52_B(^3-yU_ARESw%30|n*Su4^a0+70+-iEw~HmP<qv5)O!SE#
zu1usrp7!R?k;e1}1iA*`p@IT%p>JCrI$r_4B7(6kQqg&r-weVvr7|PMdIKQz(^r7n
zZYPNy^usFvoA;%xwmDBDZ9dy-a&PWnCCG#gTBu16LE$2~7q_{*-WUtx8Bv7bzV&<F
zq2J%NAVv)1OrTTLT=o_2zOAK=39?e{msU{)C3Hhrd-fx2&~D5hWABao9Yu-{I)8iV
z!I$=pVW3ik%37SjF@^szbTK)<0sGTEu`7UnDxSGFgy-`u?+NA>t^33B=Z{1DniV6$
z;k7xI#mz1lcmJsPgQt<fUSy^*Q8DXOL21fg3nQEGVAvqP$sYJDf1COFFDE}xQ2!wm
zlm9-pF!<ka{yjVYXsG|To&N)#MZnWb-9~^PKg0?Z^ABu`<dJay>@!6rl`9tlWS0zb
z%ww)2_kJ9laNO`gGr@3Z@%<&cYU6sY*K>fe<)5~w{~huMW5mfu(-|G}6(Evgu)_gT
zxZsw#BkkGVrZ8p&n~IZ#C)ym3x~G{+PnhatdT-SLXAvkO3Q@DdxXvPVU}xY*e#;t$
zF#?aA5@qM1l-B+tP2^P2j^qS-$$|vnR2BEUWAiTd>8<8my*Y^|2hOI&N3X4FEVhly
zPH_jb-rUq{_CnjsCp`%pr6JtA>-*$gqt~0+goa`A;@J$wu=l#YK=hEjdV7O}t`2Sv
zGX~37Os#7|!o?1IZrcvb8i>2x=NL<-OI9{5+j9OeRxB7x^~ACV^QZebY2Gg19{+$q
z5Iv?nmH@xznh7M}&WsKk%wnAj+jy6VcnISmJwSnlB8-mvy8IQQ7ONxiRuVnf#fzsI
z@5W4<v>Hb<_bfh6xOjAArIA}sF;o6ZlWT)ydvS0-h+Mt))uEz2*z*L&yv@(?R50D!
zBsL11nGodXMKE~rUty5%e7?c|q|fv-SEu0~X_|Zv+j^vOu0_Ai;r84j7!uzRL``V1
zI#A%N3p1j{uYNgG#rGf)r38V9TTLoac(m1RJUzNJ<fFmN)R<3~ubt>FJDC89Yw6l6
zRUc&H@28@XSDW-q950^R_Rs72T-;btdANH&SM+xvk|b~60E1*r8=m>3Nz1`0j#!_J
z;Bk%F@UJ|fhjWSCh82jAf0N&51!^QPLfs%W<LBwwC(!xnpn`1+rKyONrN=${mcdJe
z_08p&QJ;0bIVRNQUT-C{@7pNUg1i>?a?e3_e<ih{VC-p3c-J@6&x|bg5e&h)zC0&K
zgxp=FTcQ%MFM+B(oT?o~`N*44eIfxe*SkDI%aq00pmL`e)sAESV@dx+C5oDFj|VBc
zVpkGPCod2l(Odb6*xZKjB*A<??HQjk{A!}}K=5WPZJS^YX?>CyO1g~r{J&aOTFlO%
z7;Qq|6j+M%`CA-gA~8IBoUfaWR`g{hU1j-6bG8~|d{y*F`h5Cm#gA<zaBZ#d^w8+?
z%6bd2Gi*+b)F`#jazofP6E_tTHh?jV&!3D>wp0q5w}nb!ENgBLSa4Lf=60H}c}5C|
z5Lq!3*Pu6M)SfE67bljy-2eLOJD}|ErjD!kL=~ony0!y)TK@nJts_>sK1U<2E*n_X
zh$XSA!j}}@U?T>5mxIifQUf+bfc@(`aCP!l!HY<{fRFwGON@lCL1`I=g3IzEgjucn
z;#)(xTN!HQThk6C(?G_`JOn<;DuiClKggbPK?-oH{Hqh<klkvI`|gBoR`qY;a<Zls
z&*B;HuyG7s`+_9+xvH4_g=Fb#wSJSn<<4s1*2HxKfzOB}>eJH@%xp-7I34g<@6Jjy
zJ6Q)vOY}+Uboch+S#JeJ?Xyj%%z#5(Kf|MPm%>`BSVq{AQ)ubNK7R_seeC!W6MM@!
zqDOaqAANW1y|m{ZtiIotzT8GNy-Am2y*9+SB22pJAYI=FygZVR6tJ6F?Ssu|(kzGZ
z<b|h2a*4J-MA$9?8F4%>@kX<NAS-V8xUr@9$YBVT>IIAbeH?>dz5Mqvk_p!r%v5Me
z@l99uRm%23=t<M$e!+R?d;7+M{I8DidlyN8|A<3Eyk6)>tmbIyKcL<E(fU8yn0IAd
zyDB)>^S!S3%Jui`uDiZ6(kWren+A&USwyy-k<>NG_6h|~MG$&eYV;Zp4?cOZRoL?B
zMG}G}L2bNxhAX2Z*q7ymk7N_}xg0KC7aup1zsPpeSe6~e3Y)OWfVl<_qkva{bG#}h
zIZd^Q^a@ORO1uCOD*sv~O~uiq%>1N0(REhhWCP{*mN0s8!lVLGQlb1@e^gR5Q)E(3
zx5*{zEL9Uru9uD1pi7P;@-#i|tm<4!3+>}Fks@n-UTIoW_Z46y!>QynIJQkBBesqB
zZePjNU80>(Jt7qe{&(h9zmVS~47AO+rra+1CM=+J1@Q0kP_7s9fIYdG`u1jDaeZZ9
zTI$g1_;n>(I7~2mGyB88S^j%2|7}G7_MZO@VS{*xCnFGLAx4)z(PP`n5q1U8rA^)B
z^i6p=3K`o89Vg*s?;ud)KONAq-<<Xb-ltsW6}DQb>tWok+%cJMhQLrk*=_DHa$9if
z^0w$pgsrlI<gk|!y@9bYZ%4s;51wi;xQ?I=1X9tJmKw@;FD*vMzwTCL+)oqg4D-Y9
zcc&TCWD_b@m4jbwBomWB-OGYszXP`CBlDwK7PLPYHgn}xtFw-GS<Krxo7{^emywp4
zjTjmM*stMPvYCd1y$>?`SRY>cfb_m$76XUUIm|iyYtkP=Y4DsRZ4jDp7J1D~fwy_R
zAKAR#12C6*|2zBlA8pSXTe!893CN|23ajBHD7gH)%wSJ|WI7u}lA}mc<ZZ9}KC$x<
zZ1c_u*KVuoytGWN?DG-S`%lc0lw2hX4<XcZt74~t4ePmIZn?*uEVAvUXN)rZ!mUAt
zvHm#38{18G=SN48nT~h(>Yl_jX>@46a=2}EDmN_STo>j=SNxSt?C}p)*!OP7+(Hw+
zXQbDxi~4H}#-)PTgRdwq363IWcZ}x!3z`DMp8Q}X3A(}f;=Q5|*~h)u%+Os2nhR;2
zBNew-KZZl_fSltFy5ocPcRp_!oPQvv{=q5&(53&BFb$LMf^mbs;dkV3ez5ZK$CSJA
zJQ?f%l1WI>h;|Am%KA_oL=6Q-*>FdZ$2Pj(`vSl#G&0D>h0E&a7i;DM&?0{5{cj@B
zZlroP8+$Xzf9v+ydoj?oz%7Ad@>-G7)>~+Zmvg*J;rk_VSJH1tWDoh?3nKG5*Gh_U
zJ^55fUxFdyc$6<K{l#K<Q-Nov+uL#Pfsv-EhhJ*1f7^2S^f$r#SJ~VW9z81UE+@%^
zw!4X}#6DV*^CHNSjHk9?9oOdN2=WYWfO{e7r;Vm7)x)5^U=`UQ%T*NH>Z<gxJF$+G
zQnA*_;8fta9Jcl`7a<O^YR3}6*!O1r4H;>0Ox9NpGd<a`t-Itvxg(AKrilCFytdKz
zp_>f`8@rq}Lw8GFOi`}i#%-5_e<R^3$&~rx_eUqZ;fxI(b!*C=q9duTPtRU|y@9@u
z8hs}nytRS<&0vW!&nt-h<1qc#7RTJL>Z;S22V0)^zMfL2H9dddXk7Jh$Vm7r$Xmmu
z%Th1B-Ra2xvUHYBJbLWehsOGOka*KAbGtW>9{z!ghFdFky)4<2PNGl%8kXgxQ)>5b
zfdB8z;L2S5<Xpk}vS9r9eXfSvY8!qmyKLD4y%w=*zQ|1e^hp~Eloe##gGv^>!Skg2
z^oLcIX^y^C>HQ*gqv5?>J^PxD;woK6!r4%ib={iHXv`JB+83p!H;f|MII49F6p6>~
zw<^{qHCykkiw$2tN9D3s@!6wCE4{*D!0!62F-T&AAXff1fZar>%1|pC6Q%g_Y_4F_
zA-eXkf-?WT;|@A~UR=mtof(&hc4gznP6kwVyaI~HI5Ei*-LzEWN8{+-Q<022B78wW
z3Z|OU&SXUvGBI|pZ^2`{;Kz&GbaYVMuenO~ymsW&zdIzKD(`EUd9bmWkPf^1N6oH8
zZpM_6!7IQMHcM4cy<t{WV;1=rd|)UqMl&S8VD@r(Yyer1U7gOx*#6xkBmVG6`rkdW
zBdcD;>)Le%->!^*rTwxeBISwp!liTbcSrnFr{5a>gOC3e$7>(Is4t!nh()aXeSH5J
z?+Eke(hqSh?J~cI5C6aN@gGB_;THbg#}zkVXV*TS{Qnamy{l7`zo*BY!TDeGb^qWZ
zYV7oToVgBbvHv*;{iyuY*k{=!I18%rekRxOuY%BzVfqD!{vKKhf15$(p8^c|Eu8**
zB+0`W2iE~w<j-;Uf1wlbKg8Yt!H^C9W?Ojun~MJk<98ezH*^w=cn=@$e&sWL%KnBo
zXSvHu+c>R~G^zLG3h;T2XPa{6W{xvUf$bSp=sL($ojoY%RoqMUJLe?lcGc(irqN?D
z!&j{NG_#{rPST0k#n%dOQV8jXr~EtE(%E%8GKcV0MLL9`{&}g8-Rt8s`~T{i{MY@~
zbp5^E<-GeFQWtMKKKXO*Nyt)oUFx?SRdrV(rE{o6Jy*?hKoj!KU-S9fO3|Vnb1rBq
zN>H)q5Q>-^C)lAL5qD2m$?c%tAGU<gSiLJF^7JL1#;tYTy8<91q?<%{bLZVdiv>`n
zUi+j+pCaD_9#Z|iAgQ*7?(SOHoqcq;cpMt|=UgCuBa)Qo3Q)P3zst;e1+b7g0rT$x
zNc&a(w)yxcjJS)Vt^lvboetpFQt9FEy%x9zP_&mT^uP_JQ!z6=#)ro!K8{;Egj8pA
z_jlkdH66)cD0l70+7Hz3&e2^a5x4+uE=Bzl=Kospjbu04Z=bL4s0r_Q`*RIR{X<q#
zAXIYI`#4!uXL&{9Gt1?A`y2rMto!-B_$Cz>{`*dGOnLm4IWLb|TT~|YhR@P4jiV)K
z%`GzH&&I3p8EV95tEs--$njvEa`29A9ue+ww|01#)5h>iT6e}obJR1Y0oL`3!7l!d
zoCFJA3OJ~eLc!#?t(poe0&Xoy47-zrHlTSI;;}j+<@Aanb40MRE+x9b4E+FY8IL8M
zzm*WBoDNYDKzM3bT?-w@W=iKRDQzt2S1#5RPt{qs^^Vlddn?wrA0NC7lno*~;}0le
z#~Q|4=JmBN;^?*>PQmOw=6>uRpG84;?inEQ%)rM_>iObV&SW9X_>DQb_JWVYbF1na
z4)r0H&uYT$k1EvZ<Z|xZW}rmK#dbmnG$%2ObvGTH?tLu!`eeD<tq76jCY@endS}KU
zdU8~RRbag+IAKz;eloF9UeH{Vf^q@s(&y1K|2*6jxyhhbY{TEjXh0@w`wJH?O>{44
zgX;J>-%HiB&Wbci?L;b+n8%rHc(=~hlQi)uC<1G7K^?ebyP<~*ovv1*8M{3!Bgc^l
z<<5^`Ti<&08i}(kQ)a5-3S|4RilZDL7}D6Y$ut@*Fkqh!B{0?oTap23=orR0Q$NWM
zegrrW(In?N-w%qLG;b+2=T0(W=qk;F*4x-l(<S?gFToR-yeFcTAd3)G%0%Nzo%O>h
z+F`I){u<VYavOG0Mb%Jpo#fGn^+o+#s^v4v#)>F}4C82#ghl-c{XA0qLu785M&KHg
ztqPf})hE#ePm5?{jVSiu6Lh<Kjh=Sd3PKuH`mkZYnAgz*77V`o)louaq>;S~;-hi<
zW_2SP)YbQCbZ{8dj8FX2B1KaeoW<5OonSGUPg5zhT`RecyC#($oV$aQZmR2NBO%Yp
zz<FCFxid%JT~$huH!!0iw%J;KU=GKstQ!?+Uv{QUuyv%&I9`qd(_(M<D;sx_j^^ZJ
zEqFXG6b_QEF(5s<or<RssjFvzRU!TWz=!(R+~}`*k*oi8^ou$At5`{dSnB^8a#Fjw
z<jQ_)7vEbETNHr4-~CsN|K&2Y{<rrokFPhQ$<7k3Wb0|aW@GOs$6n{sC_88!B+eD{
ziw}^g$5GynMs@%+j}>Tk-i9r($j#F!YqB7cGW(r=9BNr0AZL0(OIvcVf}Rep<`ZuV
zmZ@$BgN+}FnXe-c%H%*Bb8@l9HRP`~gEW`LhHCw%qWlRGnREEdr9^8WKHmx~86s#I
zrY*SXDEy$kTdX7Ep>@aZK9kW-pBY6^Z=n1X-lz=<+35G1D!#4*We{!}G4YL?o`qUU
zF`K$E`d`$X#*~Whh;f=MfOe+hCJC1FSc7*}BvllV0T6q|J^Ta&)W5Bkojh2k%sRDt
zV1KC7uv`@tK#gB^i+7D>B(A<Hwbf3zG*N=R#@5C?M!?fjLft8Ld|SHubsZ=wi=%on
z$ER9C{0dO`E}ip6t}srAOz-X!2g)f~B)u3;KPVSCDJ6vsr8KFb2!35FWL!NEkO9kT
zizslQXDb#MennqAsDs-(a4RBCZ?m<tvddN>$|Y2Qc72#euD^EFnAc+VCF4`xNdgs1
zhWMNpdMh&WJsc_gv{E7F`75TAj43h*@u*!2DL!9l6Lu&QtfFGoG`lNv??H^^B=j-K
zk|+g~V|Zn`KXO83M0)g2hzpGaO5J2^Qc=zi@k=I$4ctDjw_PPLv#uAUdZ^{#6P^J}
zv)L0&;d@$GL!#Bk*lOvd)2AO`X6$^&u+08W@pfh%SsE8@$KX3wriDf;Cy=G`YcNPB
zamOsd(RNHsz2A-B0@G83%#OdYhsLBZ#=bj9bCfnuDKhfR!a95xt$NrMn8l{fgFIKB
zPZPTB%^kKAK16INrD_z*I~awUGCK1E_ezQMFRZ%qd&evIqVLd1-=}gLinW|94SH`~
zJ1IDv$&FIBfK`rkT94Hw-1R>>_+@?Q&Yg+^?WB(ip!jFoAT<#JsWE2ksn#xSpAT?C
zjMy$_Dm@F1q={p`xI;sSDg?YDsfIpdl*GcKjH<J2oU3iL-Hl-aHXVwb@m!M8WW^QG
zU7@t4tt8M|lu9gc#j$aVw2Dv#&R~j=IbA9n`Kitlr&8rGx2R-~))*W>fE|d^On%?U
z9?evazDiW^NX55h2wnd`RLwD6a}8qfl?=N9G?ydx`p96QNTFL`wL%7`O#8xAnrz$?
ztf@t42peyf5@jO;NP2SO;e@Hr0-3nIa;nOVR)c}UtLFC_mY~-v-35z{w$+;fKvc*f
zY&(k}fYLQw*IsR8E?fxgJU3LA<>X|NI6S4XG}HS+kz%=7*@EBXY1{b?TL(eZrcg&S
z*wQ+>9AqbhTO6*LBH@%r-WzDqS+Nsnz7c`!)-OHhp|PkAdzn^u`%OUl<NBKA_?XQV
z{CI|}(=XEM4bz8drUdGgG^vKc8<&i@gre6!doc=Hd3s*!0LS>Gt^_!n<cLb4li_(m
z?OT5D<>zVp!_g!PKb1!XRCEX3+Jc8?a-i;$@R{7O@=Y2;DR#I@RQ+^O^`iW+G4!#m
z%qn@x!@`r&BmM^dx(=94<fI9AnafyDsd)m@V)iXsWm5KHC8$|Yur66IEN0$P+rf+D
z3IKPLw<H$+q?JP*7R>Y7Y<I-;QG!zg)7q$XuBAuEw7op7Ih4ZFHp7=yD^S>_)@5|+
zsWn-#TfUj}@tXwM2_7Kkn{LPA1~8k$Oc+ty8x>;82n+WV%UC=hZ6^QXinPnH1yqD+
z9xXl(5r1rBms60apw(v*s$>-2sUI9`V(8x)LGQpruL-uumNVprJmpVmjX6(Q^*GN-
zrsX4f2OWyG#GulgPNYid=WbZ;q%$hb*I<b3ZB}l~D*AX&j!C(BxDWhFIY=pKJ8Sq^
z|8af!68dm9Fl}HYw?1?+XC{iVhIo!gFaWCI7<1Wm;LMvQ(+aM%2IqN@^~@FJi7UBC
zOIe_;<ky#Uu~{9krEq3h;ROtZKo)o`#)m6+bQiYMY0^~TYUKa&67XL-VyX_O?z#0h
zLG?Z}SZdszVG=q3Nz7!LyuIET-zwZ%&bk~1XFdPcY?R6%^{rc)<n*v9!*fTtb`JXC
zyj5@Hr4j(ph<yHE*#1un97;eEZ?oR5=?v^+3bXt<#{%B()E>AT$uDS3%K4Ucf0k_e
zJwQ(gUXo8?7PiHds%PP)%I^V9LQyQpdExroO5Ss)S%(i+MjVqSGwBVo=dRC&jM4L2
zVT~5H+%pqSq-k$UaQ=jxL``G#^gjx~*MSn#vOaD!m1)gn7<uo$ySO11yD|YrH8{W0
zb*5YB+4ic-OV-Rev+1b`Am61O&0}s*;%JaV&Lg?G={X-;WtGSV-liA^UDWO}^@oMg
z7NF-nAKt`K_>ye2n}(_Is0vuikz2RL6tE_LBIWg1C*wm10o6nvYqt(nQaf92ki~eM
z9>|&=ucK5{<I6+-`l1m;`$Mkr!j)gd3#&64n~mZth$|3GvEv!^2dDmx<-pEMTSvj+
zVPw6@GribxP1R+Ax*H@<tS3zsPjDAgZ;#4<9{ac)fsZekLX@D*NP2H|R<Ga5fqOk7
z=^;l?;TClV&s4%{VNAYiU$WNngmh1eKh%xqPGwCWl&P-*#yylLimOGO>lipD-yp}O
z&3?DND*vmOv~}C)Qe^-{_M(Shztpx!?wRD$``~Htl7|N{uPsZIg-)H|buU(T9`jUw
z-e6>kEu1L<ujK9^l^Oa-@C~_r`SVA`c_Y)9%+g4)3<U|(*JtzF6(M*8x}g~^eF`X8
zUG?M+;@PIhu|$f@iN7~bl~Sf@=4MkwUt!fKMWI%;x6B&%7Fnk+wM8d~iG$%=YBmQa
z{;0j}s7ec%;HFCmgp)9Nz)f*Y7&!;LakFnVN*<hn6=JV2V>$Zq`rAE?9zG<R@v?d|
zrh_2-$<$;M-i%tiX`Is?_K!^no3m85+-9jVYe!1L<oLesxSj*(DgSZAL*V|pL%eNy
zcRLraf~*tMP-EoeYr(<kT$_HltG}M@6`;NdyOj-DJBh0aTpAlYaX>;ZTqp7StBEtq
z-BTIMnF0>^*yN*8B%6uQ6gbK!o?*ln-rAYEu@#@MSgQ5jmy)n!K1{`0{UEztJ0Nx2
z$4Y-@CGvHaJ%9Ss(T#}0PL#A}%U7i}QZcsuUMP({_dHH_xpw0H&4Z0C{g$wq^=^bk
zV5WH8j$o|TCqzjWUR^Jz7GZS@m5M5aZ_fH#WQ_FzlerTod-|#E0}Y7Uv}VH`5$m9p
z>uzPS6|z?7^$8AcfOHQh4GjTs0Leukwz1+xpEGy2Otfh(tCCZ$P>a`|I<9#hRWoj}
z#$Bz{Z4cpOiqaN8JN6G&J?l3+YvJaDVm_wM+3FS->~&dpC#MgLRJH?FQ5I9ZIu~}$
z1Vdm1&PwLBfhF!ami<?N`4h%_9UPU|7jlrIGA)h~-acK+$)vz+j=a%5ljc%|hynZ4
zuyjHj2cp9uJ&czK=z^SCk7Sh5mvmu1{(6;}d10MVIrR$2nLJCia@sqNuCLWrVZ~I2
z%2bwew!*RoARqfQ#)%aC(&s%iUo5jD7+83|iZ8;EWRt4Tj3P$0+DmJa;vZ#7FY-=O
zirIvfKPrb3k0mT<3F?A7niuS8&bAeU*j`0Rw-)dO*Vo__jZ{BfwKh_E4$o}gvP*a)
z2-QD^Y9JtTT{d?j7^<Cv$1T?Zm>vG3QLW(@G9@pRNyJo@u?&frC_|_-Jqv7TF`_cx
zz47;d_x0`sU|9Bl5+DDuuZhlIMrttPFXKAQE=*)oU~Z`(WV!Huqx3gHhCKjo$M<Kz
z{=Rfe_(<w}3UTQ)a|O6(l<xQEtf7w`m2dC07YgS$bai`A!M+WJGy-lOMvJNwIo93g
zTwNyGD_nGlj~H8(k?K3tvghP&B94e9ppqnsJj{YXV%kB5<jD_5WcL~0hvm5Rz^v(<
zu&wFRg%J^?2}_NB1hSJhhcvDpx9VMzwW?>qW~St3vS<9g`jz_|yM-IGWxZvAYgy`0
z73Z&wK`uq2K1EDmQ1*Cb>JdwOr-MU;e|bEPcA7<h%11+6ebrMY5mNH&y<)eT<pk(v
zmP|d$zDu-%UVMa;W@yPywlX=t-jctvg+SU?=)uZ}lmdsLVbvilcQ$nX7A`v<dG6>-
z`k9l%P}eRVQZB9DAgs!6Bzi$mzE1NCZZ8YEyxe`okf0leHq8N(3Xg1SH|Sqzw{c9G
zN6GTgrjVqYo~e=h0o}q-pj2hducEDw-=h4K={Pmjv0p}&l+_*vy#5+_>_`w3TRWOO
zD%oScPi;%$bdp9WRhlvcB#Y3&NdZSJ*uF0YWv8|2U`X?j6S&kjBOcc@zjO}KHU?>X
z$h0-B@)So+S>-60hnhw3Jzw&#3J4?iaP7+1&*UM-mAQfC;1>YQF`UHkU@Wti!m988
zf|os&TQy3Mm+PnQO?bbmet?5jZ6(S5oGee=h-;Z`=-8<2miaD4ZI`9^Ej%di<~N|3
zx<JNQ*`ero_dAwY8Ic0j@%qE3oD5N*B$Q``UAL4;>yq&r8p=P+=KNOC6G?Zg1Uexz
z!NSYTGi7a6c|={<?0v~1qApAOi|o;I8Efcm*W04boO!UQOoC$z=&URq&-TPQhNyVZ
z+dJDl@q(USE&)P81j5^a)yUP4rhe1(;>bxx2Z#kd&m#9sjrh>8;QbkKkpp?9nM`kq
z%Hs~A)_Q#bh1YyH*rkgNYZ#u)J>le+3GQ~2F3;>Sl`^Y{nC8nft&u&QjB1uWc}&){
zvr*8|7C4&KDo?DbRWEP<XgPV4awatF8xhw<`f7r1VP{e2QnLsmuGn<L)XJXRJPK+2
zU|f+<*2-v=qZXdrAnSK7mnlY64rLe3q5i1JA5~eDSgrP`>gK~XpO^GJ%Kd3AQYK~O
zI~fnT0>vD-nJt**w_ma31n5QA?>we)G=1iZKVf&@JcAG^LbR#&5of?L!vrYZGFi7~
zF*LJC3U1uhKCt#CY1>*g7xgf`X+jk(zJh{x$?gQVArqmxynC4_ZBtMde(o`_YnB>W
zw-Ht+3gjk>^B@v7?Z}{ctvp!5Ry|6ULd-6o4c*RM*%2V-D6l2P8)FHFi1nD*)mUI<
zuKR%*4RJ<^w!{J!yTqbhG}kT%=oc3zmK}t=Z6=TBygq<OJyq7vi*!gW^9sIbwt(3#
zd5_Ma(EiPu$6QR{mSg-VZT3J#?((N$$ZfK3UI+!lMrOuQVGcem6Pbd3A?N7f(FUAX
z55hmgBPrU}cWtAdiW^Udl1|iiR!cZ8-go5NLfK}4q@{=7@#sb2;*j3FlWCPPAmcm)
zUZTizSwtGaEr^20z-q6fD0(xj-&JhC<hzgg&Btu@exg^{EY<$G`g%!~;bwI=5D{zF
z5}TM8J5_Amn-q6#WN-~g7AQx)7T0Lz{1$K_K9u%3yG#}4<`mzZ#Fz>*ezN5}Z2t5z
z@YdaIu4;rUkTOsm8{cLHH>Js7YeTB!%cO0Pan-To)`$Fr@}!Y-9`^fQ?Tcc8Pt1<H
zIf>$#XZeo_n{YlCN9IM~S5J%Kvffq^$Du^>5@uM184XR3O*@Ii^5*Ox_XzQ*Hds6c
z%K2-%cS2|(utX0KC|!apj9!>;$Plc%nkqAX7P<lyv@Q-IKV$pAiEnEmxV-i#y2f@!
zWLq%cqJ*V7`$Ls7`G*6M+PC-j<QZYx>|K$s?mVUqIF@-ZzNx+<1*Z_#BCWwj)yh@c
zOf<!sB%Bu}L?wx*653Ju6*y_~OnL;ciOBYKgy0{T5<<+c0CUWKJpyo$oZ1FgV!_vq
z00HIu4~x1}%hSkmtya^T1|2=uH=?JfmQI@rX0^4RG}?dGf8RGo2f76TM@oH8GtG{I
zLW4~3X*Re|Fs=XrJ8>Sg{a)p=U;Kr(I}0|xzzYpi*uRa9$n?;`tHZ|V>Dr)Sv^c<i
zsREbL$!g;iqB9S(W51zhAH~grcBo3tRODXpFa{?M)j|fDuUD#LWba-#0#}o7uq^j(
zr5evnR5_wJzVI~0toodxfggy{i*nS`Gf*n#*0r9qVbz*uBqe|sbupQ&(TNjVd+l`W
z-ccOY($RanaX0s=BZ9FcyHV6IcLu5Ko;U6i+d6H<4dbs6tA^!VN2iX4v}eqDwS|pM
zOlci%#EUuAU%IB$MUSR2@~ViODNEN5l5E)I+L{##JNslhR`8iKcV6b07)WYuiUDie
zn_tXnm8d#U3W!K@Y^x+Fz(_G2c$)*BZ)@>)71dBHqNDS2oISFhjz<lOaE+0V3(rz^
zT5`KTV@?#Z6d356imp1t@-qG~dQ<gd6(LhcLYal}GXkn~PitA3#t~^CoAJeLzWqR_
zxOZerQd!Z!QKh2S9jnUz4K1yNb&dyg(Ufev0o=+CDk|DV(O6qlLZ&<O)^OJgjO613
zSCK1#hO3d}KqO{gT|Dqc1vM<$sA#D1bp~^dp=(7<hR4Nh9zrktHS5j5$acmV_QSIp
zGd<(+X487?J>rc=PH3u5pFv$^tA$#c)INSJsR#o6UEU!%XuO1gWs<|eUBe6$oqZ;#
ztz}?Pba@)JksrtG^yfe&iRY0`b4twKTj(DQnfEEZakl4dPTY-|>am~P!%s8odSyD(
z8}ni^G`GKOe0@#|7CBueI@tqj^0FN*D(RFuWV-W)t@v$jJiq8zkQ{w!_zK~cp`_Sq
z0;`2G^Xg~iP_M@^N_UX$H4?)^LZ?E-BO+NAggQ5UFyKFdbC<(h^FV*HhKKRZGoyT-
zLZ^Cx@KNLAZ6$u>s9kDe6}#2Jy|xEsaF^BwUoUU|?XB&E3HgtY#nIpX9MQIlbwLwD
zmqH&5hOAbhFMPU^*x*?PS=%FUp6*)S{id(M0lK8OThK}DYudH;`S_UaZ!!$-u7!S$
z@wKm7%o4Zwrpz3R=&at9J`el}9D|h*Tyc3y{#E13JH1X|r_dVk0Yz}iY`|*2R><Mu
zvn(4gNwQ25HYKvyrzHccv&o*32<(J)=J)EEKQ&dcz>sL?)_B&sd^S$CZXc&mstRYj
zYF5!pbj5R5(d6r!vA8$=Q(J8=*ehIXW<Q4~tTX=d3)nZ62`|xsTkDpoaE5RPBEuCA
ztYq7IXa)qIoi)I#-_hRfjT3&JUw@o#JaMQ7<Opq+ic%^Hz&c4V&&ra&)}Er!8K$PF
zP!GlRW>pTf_Gz_2ekVFp!I9)1KJ;gRM9Y3|mP9YxAWH;0#Ag@N6(!|X20S_#r#MGH
z#dNC-R$hD>$tb`lE!{o&B($t0#`g1Z8*}P=$h;kM<hw5~^veiOL*Ds5v*SO1TTZBh
zk&A^jSh4(}!q!yom+cM}GmR}rJKEf?&l4%uE4lO6uBY~Knf5I5))QiN-BI~O8q2n<
zhzVI_z?U*wnnMMm%Dl+KXL%hG4|<sWgp3fW8|FzDR39yphbse$UpAw&{sfL+%+KSM
zVYo(~sG&~tJBh?+PR9z?Ojd7F(R6=~=$MUPb)LXDdo?$=4#9>$E{N=#ZJNkDJjE9I
zynNt%S;|2|=Z#;pSKPNc?_4cu^(Gn(je^7@j^C!Y%bYrHGkA;IHe{KPT&#hxFR6-h
zZS^yB>cU5YTYnQhe`_ir(x^|PvRnlF4otk7fqu>+Jtmsl%XUm~ZJFG7Z;ivs;Tw=J
z^;N=Wo_e(izCn#&q<;qIp#7&-c^i&P%p5FNtG;$<+uzhx<kRO!_=$b^r-*3Uz}*dt
z@=-Hm#H8#dlENK#G#hHBiBi1Lm^~X)6t4i|H($0YE%ILyPc}~P9Cs=>61;gp|I<+J
zw<=Hli>i)0jN96^fFwr7fVP`?yw%6Oj~70it<*P_Lv`_rBZX=u#MV12-C@r`C)*i1
z%v6tyg_ZR)JTw|Vx5~iBhMD^T&NvsBHj^JG`AXx9UwYhh`#GeE+(~s02r4llJ$=PG
zS4Lx@N8s7HVdTIkhTWRTuKBO;OEm&6!1K)w0*Rh;li0;CRWLAq9?LJfUghExlvpw;
zgz*^;cWyHXfxb?Jhq-14YN>RcHK;75hMWB7RTcE{u>l&<PvErl{M;(JWI0q)xHuQ|
zQu`W&&zY(T`39Aqmq31s$es9SD>?}-zJ&kusk-T*UBfgj-yrn)^PdOv`|&?r&Tp5y
zIK=SPUB(0qeCT@?Kg%wgu+HlF*Y_m2hO_xqKiLWWs<IunuHWL?K6Ce<!#uC2ux~1}
zq5&OPF05F2EJ87B6xJBCn1M<m@Vv#*|2V>?E=_*7?3m<Riu;2yi(+j<m)i@vYf8UO
z7`3*E&er3KE5Jn1*QauOILmRu{`L8*1}lO~Y6={o?NXHwYp*T4w^EtlSIefpcr~@`
zk-Iw;KK2#{Cy-BmoxgSmmWsV?5i#)TA-m5pe^>=_-fPHJzl;YY_aD<oAAP<0JeOJ`
z(Ik#y9*Z(!%}S(^j9;k|BAD>RfN(qIV4*S|@0e8h+ZbD@M^<;MydNW=Xm%?bPB2$d
z*?^>9;^3Q^1JGVP_?vFJ{C3Ah+v}P3f8&k|;0DLW{a{G%BP}-))|JW1W0PP`W0yXl
z+31iRF`TGe#)3a4z_iLW03(Bkj-D%$A{5CdnGknJzU$Fs6mdKWQF~P6#H;$O-T>-t
zTc>CpPuHQ+6AcAz9?5JOl{qVqo5w_r8@0vb=RD0Lq9e>Lk2ZUQ6p_r?i-UG=vU1Fq
z%i|PDG}US|Kins0WCX-^^9q(T!8aH!892Io%=;Xpbq+ZlsOaCmwjbsXTw)r!-EzNU
zD>c<fym2Cg+{Yd`mM~I=?|m6TY7wedKRh!XGiI~O$0W|*r}IrwjJg-I`P)>T&U_jF
zNBr7yGT{?qeAU&~=!gg5Lr-g`<hqBQ^zf?#QiqInK5MLM^0Fn!2AGcAjbsyz)eNr!
zp7KYiS>!~vR<Vu=XV`#Z8i+uaB)Ob3U$xnkiHS9qkqm{ZmgzZXgHjF0`M{L~KSY%{
zDzrYaEl9{c7i9X7Cy`pz1B+qbrq%uWxR|Zc`dsze_EcwsU3#c({P0o*@mhTgm7GPE
zVD_+=+BBn*u=khLquWyo90(h&f$2BRz|7V4u?sH+&qF>X!B&cKLwKDSTS8Q#{jj|<
zkljKK($EjVe~4T-GK#K~_lgkQu}tPkgbehSe42kpN>Yx5wb;koG$VBiLRsrzItW;@
zB!yiB<+EWcYZR!&;!B9u7xns=T}4e)x?Vgh3bGx0v6H1oOU^>=jQOsdxr6KC#T{x|
z)yoJN)jCdr8=TB0s*8cr^nhxm@})Q_gn1{Yui9_vX5M9x>%c(Am*5jX^IFGyW)-8a
zHmK1pJJ*^=#oSdNyf9ozIR(mf+zk8hCL9=^)^>;6A;V>+KE`e95bsSMk&g3QgOKS2
zx%$nC8vQo}C`0QywZ{6jvbr5tx}gdd_Qxa5<!}LeQ;@U|w7U>hXU<Wv(e_yw8!X||
z)aU!E9as4q$zf`0*cOqe@dl`mA6L9YQ&`C4-hOXLjzy}abv9O3WMSd>FhS%Zyw1X2
z7h(&FR5zUtnU<k5dgQoM&3XT|_F^>4GlMc^+m_%S0~yv4dpW5<xPMFqB4AdgUM&*n
z-x<WXG5Z*23tZp3Ey7iyfEdo^vkMgVbPHH~!HOMT9l)kM6x(hsilV2p8DqKph-@Y{
zQ?2LbGQU005+pH-)6vs%%+$g+Y#Vv+$X&_^@&3INJ?)3BOd_&a((1kCV$L3r+NUgq
zG@JtxlnpSCX@R9TxVP;U%jJ`NYbImM?RQ}AZVT=Le8<<>c^rB7R2CEE{jedNaKXXM
zohItw25DzDca4=Jw-0NUK@SDs?WN;RJL|*g={u{rJLD_`vnDrtLTD8e)HYQnSzDR=
zeOY=x*MGU*Dd&4~6mLC6Fxe+LFbt&}+Z<5dcHP(ysVQP`Nbk@ToQ6dA*t65Yqsx`N
zXok5fV#hd<g;3mwHRL24o)QzmSg}HG_YS7LS#(9DQ91av!v(d^f>=xy-WpH?KLbVW
zot?cj9h9d+##Y=D!!oV_-8WQ8AL`zE2tF`<NLgtcVy}bh#ww(u<6k_yYwVx`<s`DV
zr&%c@>*lk9RA`A5JzYP4wQ<KToF~Od@D6+647EspzND3gvTbLy=&*cEH@#%=2@hXP
ztMqiuE0*_F&zNdfBdi|HLK|Jam?qNY=6Dl1mL)ot`sb>g@q1wL_m#^9LI~R@^D^ye
zL8d%5oH<CBAReXD2v_k`wj(n#E<xQ^VC^kgZO<azrZEi-l1vjJzLkswj}e~jPpk=D
zc!Jv%`N1PVev5@k%h?vK;KXx>iIbtYjlr4t$!KFwqAu##oI*A=#crmK>vPmmKubi{
zI|BlQX3F&EW@FC`%y!-|waRnE-o<1HcTZ|Zag_jV=Pn{lj<Ky3*`!c!*ae4BW^o&7
z^2dy=I)sM=pU~n4Z<s-n4D;tjx+;Z->a<#NCVO$m#+~9vVujt2)&@?U7NOA~dv@-?
zsDv2P96=?Y0UzV9Ch#vQpx$xsI?~vU19yLLtCEl#p+UJt4K#$ySrhrquy5sEfbxVs
z@kt1iGAC54V2C4b3!9}&D=N~ymD!d+ZPhaoKW-goF3OG6EJ$b7qSv%Jr{g1WUdiNA
zb@ZkHL!PWbH6nr>H@qqjhfa!Bt7aMr?C~NUv-L}e&#6^Y8N(Fvj(!_yAkh81%>)$t
zQHOe3OJH#<7xhZq@^%hO#2RlFf;7CS#>%hIiBQIlrGia2qTVOrJl~xNk{UoyQJ?k6
z9vnYr99KkCqp1bYutrr`o9x^bt_?%444jgpeCZ!zNXOPiF$&J{<?G9GlV3<LW3b`*
zs&(XA+_JESbi#(_B|A3Sr<<bMHY_TnOc&GZ@bUYl6bT3{Cv9>n>^y2vwHv@RB4JQ_
z!{nwshW;=E6aBNIcGS*p;_G>qNh#9<H7GOy!i%3{#D|Yh9;)C@z5$7C`#|NZ8V(f>
z(Kj>|i7=@}W=uE>=FdU15v?KJFn&MP9%gO+(WVw2V5d(^(UI;LI75F5H*Co)w|8P{
zg~Bg!vR^K$@_-|ozjnKNy36K>J2T&?m^O?RtYH5PKR&0YOP?;C{cR1RGi7>*r&+mx
zPf72{Ou8XTD>Ah?Uv-)j@^adKS<Zg^9>~gLh`K5dk0CgC7Dj+O%XI_gSiSx&a5>CS
zO{lf&nf)RtWs%Lk2LbLD%?_B@aYzT-SIC8=639nSA<o-{a^zR6?j-BzYt`kwy?<Dk
z6PpR=ZE7yQNr}o5FhlP$^%WhCtOLh2BgD(fs@)^vw<VxrO3n4Mrtu!ZdKyQI)d#Qc
zeJXta$atA=hm)5va!{Q<uc(}5wFyQkis2!51&9_Q@VhgrniL7us)+H0`Q#XZ#;nmz
zb7hAzbsPKjXxP?>$W<fh)1|PO`m7A4LKp)uQY;1Q<TP^}uAeTNns}6Ku3EVh<4L0)
zBs?lY=o{G?w|v~EkgUXcS5rR$7zHQFFni$vih5cSz&>v{>&p@h&QN`*G^>2f{R`j*
z>|ftg{VfOfh?7t^B@YUr<DS!lCS}|z8eD@F3<HP=YOP6_YnU;2j-0nsgemb%x`I2Y
z%PVE`q?Dt?SginB)|rA?wzEKiv0eP?Sn`XK@G@K#Uu27~&?!4>kI(jSy~BX@nq#oC
z@N)pM{PVwQ-+0Gq-S4Eb=3=Yv@<E66pL1<kb3(ZBSAZ!eRp-d-Q_GbZ=NXhP0Ngb;
zu<<0{9m=qQ?(!h8Rek}PN&qs2XThTUFxAW=wH5?2H8lo-O}V!nvPe?r6#JKZ-Ro+1
z2viYMopKvUcy_gEl#?oNY@#Md07ghuRzi>=urq9SI6FIZH{;SsFJcAXzVjA-POJs6
zs#w&dhPH-MIrAkSvd{c6OJ|sId}^%_ft@T+v@AN;Rnkqx!dGm^N`N}DJFmLbpu!N>
zbjH7fk*jOfHDH0xshrRCoB*(8y_DIMx>&EVnm<ykbA(=Dn|zz=j+||_W}^ZyC)_$=
zDUSvgFX$5=&v<hMh~aROu#)Z4FQgi+H{16D=d)t=4W*Gj`HnhJmawOC<T!yWlqicL
zk&a<ILo7J>G=-$t99LK%d86PPQ|0>VyorJdAN-?<IMmgbPBglV(T+byKERp+dybhT
zU7e!A88THRm8BMAX?+{Uwjq);DoxGLv8)<BNt}T{#~dyjx`iY&$w^tkr|64D4ld*l
zTTb}Dr}h(2eq>G@*Ee$VneC1dH!qIR?aHOjxQo}LOAKJ2RP5{ja@l7$j+xCygja+<
z8WE2ZX3cR^&N*f93fEHG-n?a`t}9#@NoCPpJzSZvM9v+#b*q92qWP3$3pilNGbZX$
zf8WD<ab9?>959*3Wyygw8U1Q5rgQPSr9MV(waDX4`*qx^bq2T6L`HdXWVuK3@l0>O
zihhc?&fO-7eY<3b$-DPC{pRnV*7VnH2dJv{<85PNFRcuoFI@ph&OVBT?;ost?q30d
zJhoCgpW7LIgYj-VFLVX>zGiqc?UWNPCpl<rYyrD(5D^hiPWJxd4?Hw~hyYj%2lyIl
zmH794aQMnpWWk)5^^R)JDcZhzQQOAcJ}awzG&+rqkrrfZvPR&tjCH+&P$84Kg`*u<
z4MJ<U&cdFOCWfqy*Jw*@0iir6@&;ai@Fo>|v_Y9pF=W9R3;jY-!WfS(1dSS{;X`Wi
z5kR0k5PaL~O=#2FbWPlG5@XEmZOp7$(ksA<%%$Jfo%MIu|A;1WB%yKe{JC30`W4_J
z_X;rh&EQ81nkRt2t6Y_KL+u8x^70nFqmo!G)IV3uOEswu%fOe=!`#4+TA8a$JJTK+
z9!gKoGw(1r4q((S?tcRS{OjT3Z+WmI4gZ-Y?c@{Z+e=Y&WqQwC6YZ(Q^XUCzzuA_J
zz1vtMSZs&_7kVAud*(SEt{39CRT>A`R-O~y2;e8)jo{7Ey(qj6hWHWq;b)a{{Z1!`
zm!$XNM*)E1|Jfl5s=Wl^?X4^?lQ0vD2m^#>u-dyj+*!gt+*O6AAq>8xsdI<6rd}H%
z58s={c#vEHsF^Q5C{ojLSTh>IW%FZ-ePeuug>7Jx1@`ip?OucnW#6`WRY2~r&Pa_A
zRTb&#*2*S8+Uf1#ftT}3nOA@~nj5?opK4AwBv$ciVW+Hx@33VERqcm_vya>MZr=Sv
z$ooC=tkj$DIv`hoM~^c0lr_EZ1M+Lvla<{KPtpB8@yLneUI9WPFZEr%^S%Q7%AD+1
zj##Z@+K!5OZ_7M>d)~$VZ1Vc)mk^Qf%&+bB`v_h+Y7K7_oGaOwB47@4c1+a<Y+Fjq
z#<YhFF<qLZ1~^>Fl<dB9*=D-$WY&|V^>B*jz6cSpuLQr4IGz?A$};7j-i07%M}A?s
z#5n5sG;lh3fA!W2F|JddOMaQNm&Zh2I93mvk*5g-p#ft8)ja(vdM}RiFP^XM-V^UD
z%b4=cAPY5%*~rofQ1FEjkF{rp&`E`LNm(%FMuDtmp)<X~qh1T-$2fip3XeXNg$7PV
zd&|g-<$TCQ6pD=N>Y>*TO*dyHC=KjH1TlF_xuP7Oj%@b2ajaz>mN~nm$q39CU?VVd
zYGuR9Ftov@2z*jI{V~}98me1w@gGHSpaza5zg%mK)v1Ug_%u{Q$&G%j4-8?7kEXiR
zwN+jTS9))ARKwkSbS`Jl)(}ize4<#x&`z#3Sldh4Z9do%K*yK!e0Tu}nYid!eaJ8E
z;I}m5ScN@AWjaY-rP5WAuC`Pt#4&40uf)g|0ENP}71_NEQc=1{3Gr8t)3b2z^_N{l
zvLL5go+QOJATZO33?EBSWuUaI0z4Re@NMdYdrx>Io=S<N)s5tS$j-R_3tYPw9f<_D
ztIOug8b|i03^10U;l`#>)fqgDr1-hj4132TZpx~;%hCxw+*$oK!rhj$B-GRt%*fCF
z>q-t!Dasg%t>vD+VH0SwBAx(-u^P|`;loT)RIO1TF(YBwXRE0emuU24y}MQ$%M}K}
z8O02l_2%&K$|6?Di1(H86eQZZJ8jcK3C7><KXRX@KmeIuvF0-^iZ~nGrSf0aih`*1
zCi&8Ie?GUPW#?A1*k+<0#M*bvAsh+zW<gRF3U@QMQVQYYJQm`LRoTdEhgd8^M;A{Z
z9M%6HYu_E!#P;vYIaWkL5RfJcB=mrUUOiF*N$4E{C=g0Q@6zNP>C%%BIw%l22mwM9
zP^4Gs9i&U|9rfkj-+J$N?pnY5)_v>!=C7GqduC5&W@Wy6f7(ogzifcCi>m+KdZ%fk
z$6?e%(MZH&P;8q{P)!*J-K(WS&6Kt!sB6k&Nvr9a*I(U-rzWepSCkt8QEw`hQ}+l8
z(C)z-ja{nIW2%wCl(7+!)(QQ#;<eQ7)luSY0((IhTsoaG)TZ_?UdJtzAED(A!e933
zPaD5#wR`y`d4tm4rY*rOVJml^H{M>A){T$znkE<|)C2AbVCjIm`AUj_;i)InCGTTC
z(~($bNXtEvG+j$Z@sKQ%;T10@*VG}6su0S<L14>TdqscHe7e%dPP><$uOpYE>b;tB
zu;F)9ixV5_o9Gr8hOK?u<|k7bZdZl|v1^Bc@{o*U-Z1{{x1N+ez+)Z>4-W}Ej*t2>
zOm*28q69Q`Z$)?a0y7<l>t|Vzb?5g4?c8Is+pL<KjWrAfGmE1kMMbiW%9<Db$7Yi+
zrv-r=M-}yV=d}+55IkR_;p|ay6(*cbqSZP^l5b!yM5XUMFKisZVF5YYPy}<z`3K)v
zG6PTugi1!T_{4D5XM<PNBnp;F11Lc!FzBPa*H%|e-=bQ?^0nPE;58!xjT*((kUx5D
z1>cLtvgw&}kv5E1>c)&dA)R+V0M1C$mHi-Ls}%h$JI?pj{V?@3U-0PfFWkAde-{Wp
z;qA6T<|?RZVbCVdMA3QcZPxFbYHIv(DlKWb#lZxFI=o448V$H6T(7lck}iriIhsjI
z!&aQ`70A&<V4|#|b4^3X_U+qbxS0Cv3|7f<kq&%mevkLIGt!>cQa(lzaYCaehUI&k
zH<D+uDDJdex17Q(5Tas^cqv(LoxbYlL13!3!Qb3!&u{M%v89K*3+e`rVZzLy30ZWy
z@Wp9&odjNzXng1(s=$-+tF_I(KuNyY*!*+%q686v&6O7UX@qNCk+87G(m_vD*R)gk
zH0)^O;I(Lpu`{~iy3b(3WO?C^lGH3J^1d-jt2}t?+sqhrV#Gpo27<KZw;WC{q~?U#
z*Naa3+19T=`d!CAF_;=C^!7?T>_jl}5zwkcOdnDwyIj5QkT|BPi@`HVt)}BMMplVO
z?wEGviKoa0>ioyCn|U=|L>*En;}xIeJ=OXe0AQfTGGX1oz?|pcuML7Z$kF)z<fnpj
zokb!(6|xIbZNVjw>lIsnvY54fH_o!Ik3FOPO9R=a$~*o6yByq>4|+YKkJaW=9^*zA
zO!t0O>RHtGDcNk-8JItRrCe=ycqja{h&`9VFWWMk5Sb%?o^)mZaY2Al2SGb2n$Q(?
z&Tsij;^o9@E>`a2)|pylu)>?B&b-l;<TiTmWPSg9n`}iqRy;TL<&4&E3FPTn?;X|2
zU8?)}E84c51Fn$?3r$<E;s&It-&g7~166c&9dx{TJhnhrYZF4hTNV{($xC>0#E8UC
z-i$5jFEQ{@5LtKm7I{Yg*iZR>`!|hy{w<tIBlk%0E%U{D8rkmtL(b-CKuEs(2hZYF
z-g%>skSQ~}gC@mRPN5!vEI;)^x_gMBz|MfEGgtU1!1dr4Md_GK%?~+6Gvnxjl5h}<
z-I~m19X3lQ{{O$QVN!T}hD6h>CTi`{Oa2wS@QWf0^6n=}|L4BaD|&nOYd^`aLZRk|
z`d#Lnz`3{!4T}FGz5SQ+u>Y+V`)~AN>hrnI$)*mF2%8HdxHaSTUi>W`w0^cuRsSY5
z6$j-KorpN$Jj`sX^X*|S8v3wuJ-0X<ZuDWwv{#CDI_go`v4zn!H7Jm87A`6u5m6&5
z%1Wx)h&HDmipCn)>C2*6St7?RB8GFPW}k!jbbt_uvOjNc&6X&r26QSY!=tWYm&K6s
z)sK3^F=B`nUh;8d0<ILH<D3XoE{*<=rQvS$Z^wIqSJ@Wv^@wAQd3(9XLA*)1Liitg
zK2tQTrEW*`qrwEGli>DEv%nkT@OAAU@2-75J&5#ETz46j41D)rj&-i?_^PMhlt}aU
zL;s|?HQx<fry?}#&z^)*(WYJH`c{4~&mO%e>Ho-mqZ?aqzMCL5wIFv%-HEtk@|Z)b
z1A!7N)MPHaBhkf;);RrV*Y7jGZs5zTQ$);1J(b7viV{!~>*;P1qn#ya&q_C~2I76K
z5?sxk2X3hdiC-v)hu~5@obTd&JGlx)g;%JFUx+_ciKC_B#cg|a4=eJa{*O$T6}+_M
zM#7nFWHD*ts;&`ZRRZqdg=rf$1-_C-Dey_zRPH)e_DN-7#n^$0hz^S&sg7S4lgA!F
zX4uR*cF7^D>2Bj8i63m70tsUoYWXc?o<I8EuvA-X1c5iqPHZ(oa(wDB%TUbN_k{x~
zf)p+(J)s3+i$u#TN1qxyJ#C17!27*&i1kTXRV2#;{_?8Ar9Vf!FjLD|_4iaJe0-va
zbuah=r%9n~!nR7V;}F?yxhf>cz|VIA)lOLTlz&ncHt@LzW;Tv0dTWN_-H5<AL;)h9
zx<jF<uM8(2iriFPK3BCF2}nBsLkwU1I5EpJWKgEg1la7h#COpqV$pI=qu~4ubl{lw
zT%x6C`)(gvQ5S+{mpC-n@T*iPYW)7!2T3Qi{_nv7g(L%%Zf{QdYY#Jg8h85g9uG1>
z!mKLgN%ROhA*0xI%_VMh%)--R{E{kFKyz~x8QY!f+|GKHNDQDvgRS|vdj=#>h&w>w
zs7u|JjX-1;&)KvH3P=$3^W9kGH1U=m;(-}4i{=?gIWF08<amp2+MrRZWA<JI7OAhq
zOC*RJiJb+W3_AuHR|VxV=5IJxE*sC8dwpvwRw+vrP5kafi+t8&Ka_1kn<ADio@Duu
z29q<>N)j3JF?Xw1JKFUGk2&O<N-{2A!fy*f107891i`^iZ?<(3fVW|E%21eEM1=3Y
z++Z25z6SS_`SouFEL#3FR8mGdqc+!P%8T#^m@q@E&8UQbS~u{$MoFZ_I&XA!&BL(D
zUQj}bnP<f72GI@?#{DAuwLlXS<ka>7U75ROkLggsaTns|Oh*d94OHnxa3q~@Ez%~*
zgDOm8w6K4cO6?l{g?Ziv@NhRo)S6A2g%HLB?%k}h=I8=(ID61#FL)^j!=z#tu=WO;
z2GrtgSM&TXkCmmg2}2TB24B)6ihvS?LngiGf)h^NoYEY_ww(l~)0$k@g;hOpx8pER
zVGPP@v@sFDcbD_}WP}r`Ycz%Ek{>Bp-5xfl<nV14YD9NN;{4Pozig^%IYmgdo!n84
z8AEN|K9WkDuEKjC?9wNhx#o~A7+Ap8#c9hQ2OhJ=(7hT6)nri*T>@qBS2ENQ-|Pyh
z!_H}lO>{<ghNfb8Dt1&W61*S3Jg}-YFys*B%0O@;%8;j24S20met<$A^UI<6J8-0H
z2RYdwbG2-i#F<DcwOTE5k|WgO?Nr@G-#T{Upr#t!NLvVE>-Bz&rr`qj9b*{VX6#W+
zx2QtQ=@d5Nk!O;~m6gOfeTpEVt_B(#s=>Xqg+DXZjliHyb!%S5LjehVF9KA}4p`K!
zbzE|LntL58OcFJWGM^jFAdtA+DlKWStedG@atv#Fe~<yteLA2sV<jPDP8d@9EIiI+
zvBK6|)W{8v&;iT3BNWZNf4?6wcB5sI#fESXj5YO!MdBmA2HdEM@s1MtE$ZB1#Iapd
zC4ryDq;up7Vn>QVi$hRVm5*p6t5RoX@7O?1WEKSRunA+MPbBE;fx}8=Q{BTrrvZSy
zr#WQ!j433Il383{*E|@T7w9mUYtj)-sNkd3cUW3`fCdsnC0iFGqNibI$s>J%2?UUp
z{&@f!_yc#hp7@-3-ir~wB}w{t=d2fgA|SMa$8{XNyQp|^FODUo=!l9X=tgr(9@1yG
z5i=tiuT?MJ?(A2RV&+u|1WZ%LCUR&mIb!VoJohi;7v~+_A`LN^wRSA4jigt6Ok(9z
zi^NtLtd}Enz1PH+?C2Ny?f|NnkKLy+llX4X0KF$$H(tZ@d*xo%B8V6NL*S+4+i#QR
z3=A?HtJOnxoQ6vAd1cpVz@&Irtcc*pq2*F%-ZWUuZ4<F-y4IEUpkkE|RkaH8vDUlR
zL^rQ#b@fd`M<BnnqeRW^w1|B^CjtyW(j-v3rKAqGB)sgZ3U7k(8lR&L?Or^3JI-%g
zn4**WD2JL3Y6k=-``%pG%bL886RgE4BULM23yPT%d|r+I6vZQrKc-t1*J^NAxTP!C
zFCyT)1GqePQBDckm3Lp)&>x!ynY5iXWP*M}J+dqd{Db&l_eET-^bdu5zbKlv`!|1(
z1v%(n6h6y)KB_<FT^<T-54SB}Rb+T1V9=wPDW^A6A9~nyy(Q(o!1{1ct1YVcuYqv;
z%C4P})K!P!EARRMkTM#TUDX-)Q(#KGus~NfBnxA(LPT3NGe4cJ`fD^YKQ0pMW5dZx
zi3sSwHZcN)T@f+z?7=(|Wxb`9>ZybE2tJ8p15u0U+IV17Pf4j$NeUk~##yNg?%=DD
zi&utn!YKJZe_lxv^5xmlAke7QBdk)Zlk}~t3p=3EctBUxkAW_eEcq%`v8=mi_KKP;
zGft32cub2B0}ztvsOtQ6R;Twkh_R%9TkL{bQpwG1rXauwohYuw-nyvYrK*H-h)DXh
zCN@%qQJ;1kL8*sb%hf*G(E|<JrpUdO5|m{j(}%)jLOtLn0-;1FoXi4`GrdQ;&tLM9
z6Pn+c3=GpP^(TOAkuINdA|iBV@KuE?95*Uh`uJe#zbH7>n%^m_D%Siaf7MJTC&`~b
zn7r$U(y~gdKHS#DYz(gTn@MddaL&gpgAWpjKHy1$Gg4);X(eItVm$s?j^FdZJJ^PE
zLqgl1y%50?#M|INud=?tNjj#O77ScxR#YM<fzK8Lqf=epIF|<{{(x;35vLuU74eDm
z7o=>di`#J?Q2IOz2kS%j@1m#CVGi)YdScwQ_NQu7S*i8L%E<>JX-2ZCdPUIW;<p+k
z`!IZlVzSo=Z<f;+u<NDIL=V%ekL;In=e|L{H&PS})^+S+7OQ#tlVUo$+}ZM<hP1fL
zg}yaC)8XH?u*TIPySp3|sYTTm>_^tnBQ`{wp!!i(W#?w$R@I>vmzktpSa+|v{`62p
z7;Ef4c*_dm_)$~3-4?1F5bBz;4<LzF7<syP*cTSPT=Fe5F>rueyIIqn7t&f}wb=pP
zxy70Se3;#;Yl-ss!4y`f%q!@k^x@E*hdiA9=CjLnsJ6K_#;X*lS4WOaRjCUI2HAKu
zf>8jS`D=9@I#mz+SuCa@;~Vsu5trv>rw0aEw(+}u^b3P<`G@6jxt0jAMFHZsB9@)^
zI9VHNrx=m=^GMj)Xlw3Xu1Wr?bcklWm@%MJXQIPNq$i3gwxa?bh1;?#j?YPW<ObDX
zp*D@IbcT_0a{BD&ga0h0E{S<YSJmMWkQrtHghl(-yewkrZ)xQ2t^-5Qc6h2Lp6^#_
zl+-2?BjT)nQ3xGbd5sZ_HrzIEI#8R#!B&bNV*6C}Yy}fL%)%79ZfF(?=tF#T)5Y-}
zEx9|^%q<2)lO#?5P=WwU^ZK<U&xo#KZmr_Nmc4T~&bk*bT!;GME)Yq~W}#o9W^Fay
z^z6N^SdA?t%*PpMQc<eW$+2Qu5Th8~dz(q$9)C~rj-M?t8D_b5uXUFpoNf^_P8Uy*
zQ7&sOc9CC=yHnJ05S;`H=QLfl5mxcDdSt3W8u>zL!$t%oB(Ug0{8JlzrmeQ<d;OnZ
z#^L6W<18OikOf`Yd5`*>iWzRudGMmz(-gbq7}KFZq2g`Ei~(mM&aE2(lA5jX2PauO
z8hJr+p2HnNe5Gr3de6a*X1*n1*V%&jtwx=J9aFIpn31rrI)Dd6E&}wDQ=u~lHu@?1
z;Vf_8F%8#9sbc$K_jj+1-R!KQ&!K{Os*dwEqqU@ER>9f@0pxD4q6R-KBFYK(p_t`2
z&5ts}zc&qd2yB>)#^|?N1&rO^WU}v^lA!MarDi-Q+|-iq^YG;HdhC2C<4<^6PE`^N
zv_Ql!8=gPYm*uOWRuvaq;?N+Wl)X)znmG{6K!9qCDrq%GzwxW9`Jecoa#_nEDO6=9
zB$u%MVehBLCB2F9t2cD`AN0S+6P^||+=`@@bE?hLPBOM>1Kk$iBO#Sb`}hy6{4RVX
zq>f*!yp@E`qE1KjUhE{ujR?GLD}D>scgjhgE)nHBk_oug(%$`?B`$2Tkj2itP-AH$
zDc)SSyItskzqwFhyY>c<TP$K-{6SxBC;$tzYe7x)Vqmj!P(z2pi#vv?2=nZ-5vm4y
zv-wlaVV>6k-noi;l`^g8nta@$eB;yJa5bfSu1S(1=W3kbFst+t2QrOr_l!zZe^{{Z
zhw`WO%A`Ug{n@S8jf~(q$%mtiIZ`{keS8bLlPk6M)1Bg}K1MXOLqxVsLoUy-qE90A
zY<?CJI}+Qul_~C9b~T&PVl}$BFFszRMBey$5xy5s`(V!rT*fi%a#GvM5#7v|Awbf!
zB9u?@HVKgMFq!<sLL~);R>A5+`3hydL^kiKGS=#T{*pz$y00@{HTqw=Fkf<^ODJxb
z%U?)HHqbl9(c@{NfnZf)iek>VfRWef(?M@(BYZ_!b{*ZFOlJ}O!9=rLNV0PEd12o&
zR2T6)q0oV>aJ#LDi!8A-TSlf<+vNp*&I_HHbhj!ke7HQ@MH-UAiq`em$my_wIh9J~
z7S8R-Xi)JRUFR?>QBg{hO^@wti>^-2WxkY0V;IsS^n<5Kk620m9e%Qar2A!{KD4d|
zKY&G{Bj+n}b#yY3gu<Fi!fm+cit-!=ljyG3OnN1jR%3yHA&pL7J|`ExDokf20Q#KA
zs{T%%Lu2+3fsk5S_~0e_CcN;didLjocWOPi=R=LRI(|B&vCb?wY)IpJNNpLa-a&LC
z=1~KV{o(NM`9dX)SjIQmLoGFQKEjbEQOhyronB!lz_xgN8ngokbIX?KOo#4g-5EoH
zSv1&VM|EbFhtj%T2!kswaI7p#;^;#&t!@Bz=SkNa45TrxORxL6TQL&9QZv9dICpBF
zw?rsBANd|TmYvsJV*GSEQRge-$x>+;LR>0~XX}H9nF1Y`PC`Mf!B<0cVUE^7Ux=wT
zxG%70%THoMsNm(6Wj|u68p{?el*6NuOJ91|t+3y+4Hmf?-P<o)0>I@0xwBz0(64rA
zcBAOJ;BnjJ7<C7^4leUMQ^ob}*0lGvx#95E%>)y@FdLdb2R~)hrR_ha?pT4mS<<ce
zxb(P-$T}0ctr+5Uiq|t>PSLFB)VmG4BXGAWSdp<5r?Kz+TBq2G^T^o#GD+%(y!mS0
z${1r6<9b7B=OYbwo{oSNw~R<otGdmTDc@ygKCCDYz5i|nj=u%*;B@ekPa=^mJeOGL
z7I99wB(9wn1ZrrTN%47A%b?xeq>raO7k$7yrzN%IODS>oDyhX`i_0iWr(WOiCAE%W
zS8$YSbyfQScYNENHA{6!MZGSbv-6u9-JEG{*Y!+#X0AxMDxD8$^t+>@Ka(|U+cA$=
z0m6{vy)!{(U=DP92ZRIE;GM5!qouHJD=a<^k+O{B3N`32Prvp}hwmH<Db8AvY8~sb
zf7Oi&w@a@4Ar7=1p0y0uX=c$tnbL*68)>=$z#)N**S9rf)T;JW$IZg|d-?aBM2FAt
zTL>#J-zY=FB-jVb`*|`K_o^{mABmokc_Seh^`!O%K8=IU@rpa6-Zyj*sf`(x;Lkm`
zzAtL?(a32^xGmKm7MP?YG1sC417PCp%jDu^)mtZzvpV29ketPc{PSN<-2Hn97c<%7
z)~CtAl{+(Ut{n2sLt3<~GWW;Tq2(U}A_+35E6C7@|H)JxNHtT4e(l?VYeuS($F%e;
z7d;s|y`lHyUtanDaHlj$!6s&*@u^3lG%!gI4H3|vhAr2w(M6&~g*kX??3%<~sQpa#
z@~`e@9kkKVT!F=J9m4WY-?Dx>_zq<-y}HH8&01z~n3PDpS^o-mvn>bkO3Q=jCtq+<
z{VZe}&)T>`^Cc4>KqgyX<GCu|TO(xM3HsFai$d@Ph56^W77c^5ScgXjZXz;cC&2%<
z<x}fDtifxJ*rM9x3<rO@@Pz@m0)5b5*q_F)Jcb5BpMA>>!VCY&Byt8VYQEoLV5Y8F
z-59C#pPfDXOhzdMU(PaCt6qOUJZ<bf{xLkgt27JdSJ^#F70}01uWd7Bv6k*t@DG#1
zxc(lpWuZ>=#H5+fxv0#_#WS@H{<CW5)57lfEI}kCIb>{dHAcYA@P+#T=CV0#R^&|M
z=N;8^%Y{ny*AIf;B>Xh~NYNPlI3%@rpRGxzXwk~6bW0PlURZc0p*4umE#Tdi={+Bb
zLWR{=b}kvQ$V%bfKz$pBIdU2b%GSezzn!x(UF?{>1~Q<nB%h?{#wxNnlAU@|m=lTv
z<E)+qd|bShpY$!TsQHQXWh+gSNr=V9E!6<3#~lj|9E-coddnjr<)o!5$I@}SYCc&O
zZHP_9zPC4R@~E1r(i3^pO3xC^i?gEMMtzCG+_5Tqx8%|{AJpX}v-9o_osih?9h&^)
z4RpV!+f5AQ9r1^e)qv85na4kgGd3ONiZgNd=N%(mz$iUUx_G-~piM=RUHVUH>U^|@
zS6-}Y2N(B-riq4(LG+E<UVRPUTJ`!+z9lC}7ahLZ_r{d1N<~uYY25c6kjmTT+MHn!
zD6N+bw>{ExYp70l<WhO)RF@8y8%YG@VlbSXr>FN_Jbeoi9x|b3mHK4n*k?#+o@_IH
zsAbKhQ;sT~HAWw*goMs=zt*jdF;CMAV6m!ZbdVJl3fD?SPcwFbPRJ-DamOjatSxND
zR1j(@V))9HA<}U_85F}K&M={&qJm!FOpMw#>vVTSz`T^GnzP_9aLc1rCu04o(Fbf!
zlT=Peg>58fI*b$F^;|yLgxw1EX-)JkH5E%EUoqoXdSlg6O4{sQJh&rbZCB#d8yoEN
z!#>_gG?%U{jnz!+QRBTY=EL<Mi4O@VlUpoU7B92fxSY}sTuYz*D_j-d9i2j$=;HH)
z{l|8V3!Q#)i_+?At26URO@>@!5tn4;yfpMtc2K>36@hrr_|r%*I?jo-bxSe7y7<q=
zgKW)do;L+VmEL4s1B`8Y>3!5}S6lQ*u9BJFBU+YZ{@72(r5*<TR@rr3RQF1aq>)!_
zd_=n;>T+`n+Y>P+QkEJiCzoW4@1JeB`IQ6!Rn-!*Wv~q~67c6BGi2HD0*u4};u?1-
z`Jh9Te;SY9aV!SI`-um$&S3NgSJw&z3Iy$3kdbN5E%_SV#MQaIlZYj%-uYf@bL4%j
z#OEkfwT|5bZD60xb)4KHrJSulP&OB@rjuKXdB0cu)l4yoD-LgHVy0RZ7i1SS0Pk~N
z%qLfJw1#GliEO<XB=#WUD;Br|HuhYJ7`HTjTiKWDW0IpjuHZmF)NSY9m)#cnb~l5v
zR)9x?lgkjjVkEfw^X4_1H$}0S3UuvFL=nxVe!9$nSSapO<Q@3=HP=n;UKzeSZt}XK
zS_yQsZfc85N?|#ipi8;7Vmn``C6iOXg%^11GU482pf10U*Ut6bmMs4Ztr^fjm7Z9~
z^Oq?7)<)HW^W5*YN0Gut6Wwo@eQ6r&O2?(R-aA;VHLW&FKdePi!C!GcQ1MqhL0~_o
zO=4`ls!a;P?+z1NHB`K=LxwfZ<1=TY%1=S<Q=)u#-;{dp;eE&4iM@xJlM|7akdL_|
zN2%Rx#&<^Fv|0&KiM&FIe=&gM=oAYM9lGjK_N%zB-M@h0N@!=Qqb-Onh|~Lp{EH*Y
z>b+Kug)kUGF%tlEWKkc8NVktB&D2JmK9<ce=ym_WGt#pW0{gt{d3?!ucfwolXZe<z
z@_E8xikSNdA;Fs`Diq+K+uNDX_I)X=yQDtGE-*o(@?+Y~w#$6L)0welCHW<($*Lh!
zSVDb+udQ8c0OG`HWvCCBp$9FTz}vA~kJi~fmu{a=08ux~&__g9)#&Fw#t>M{wkBo$
zBRMAwKj+u!BrvwAz=4^Q{6&DFtsa5W{-(KSbyC`kx&`sW)T|TBs+NM&Qm-@|ELI$b
z&#*1dbZ5F~XlXU1tCDl*tz&i+o2Fho>_cgwcA|Iz@X6eY$IL1pcZe&8v-Fpm#Lq1V
zXC>O<-JhJMmFJ;Km!tQJ6cWA6Wi`_)3sT-PqulBnbM%;O+hx_Irs7*3IpOm0$noE6
zpoMCtoukurR`r3uC|co$K~D>U{N8UVX7bgV>?-(cwSo9K2S*u_;d}s$9<dEq7gH?S
z<-Fk~pe1r~{;}X8QE)nQ0CZ;!Sb%mTE`r5*Y!V)0Y?_l#g+BYyn+>oukVZ=7It3Oy
zUh1e-y8F+x@?erI3rPbZy|~gbqy?0H&SRoM<-3z-?xg*Xkvs~Dm;Zlsp?`ky|1DJu
z?L!;Pqr_XT{nCm845xM}HMCzgFjBrjW1Ei<KQlRm1nQL09lIj8>}Kn3oQ-QXP=;i-
z$uE^9V=XPtAHckJySu3FS1{8u)1)bXTze7pY{88(;}42E%YXj!I{)<=^Vqx9x>5y%
zQPjfzI(^;VET(#rV~O*d;WRBN`}EnnR+j+N?W?g{KPEFPF8dX(q}ICVn(agOzOmy{
z%_Xoh%8;BFZz9H_v`?Ap#fmcIm|RU%!)i%IMH&WriLlfEb8z`?lzDUNr(YBeqGN(j
zz@1AM`sP7<cD!<Wes})6R?KWcu&56|ufN;Z_%1NJ?@)7S{P@(?ucO<-piFzQ5j5ti
zr*yBdjZRP01At$vaXF%Tx^EG50Sy0XFh3y@VhZAjpIIiTR6HE`MRC2l+@Lc#?}$<E
z){~S(%Teij!Rj^Kp6*_)L@a=I$7TXz>+kKKXZ49MRr<8N<Jp1DB?Pn{m?&4f?t60+
z1;fA5aRc(tTZ0c19#d|g)66~c(qP`-*pM?WmXwY*Fy}8-(aXpaVOEP614gWTPdTFa
zZJpt7cmM9=zn62L_kK});nEHgD++q`{^K1nn%{m=nE#>}$v2wyi5_g)RsF&JC&j~9
z?SDM8zdJhrkNlkp2z{}oN24>pZ)y;S6K5RGRv1w#o@rhhZa@gGp!3XUVPe4PM0DDE
zn~CS=Bbi5g&H7FC>c=sX1dDgeQ+k6-G9!)>dOAB57hlrub(p{lfP_|WzB^lBuqfB5
zx55{$iFVbvrN`a0811oTZNKLz440{rtplGAtt%cU^Trga3<q;fsx-CRG}phR3Hn<X
z;eTHb-d&+P3LTm+a=v{2?ebi?k;AiQBdzHx`DTP`h6f0b3YTH!E&t2L-<!Qs_^BhT
zW)8Z@+pVGqS{QymPjw96%pEZP#9uF9?JcbdlsX6?NM#}l9=@{H@!zNvU@A4@?2|i|
zb2*sND;wi80}T1voAC6Ait_~h9oMzl_Jpo~icyJ7ttp-|Veldy2rnv(2;6v=-}I%V
zY2mravA1t1$Ee^mSiA&7aQ2TWPmG8P$$AFnP;-*|ZWp`kDXsZ_#rJqyQ#{sqIWeZg
z(8zvhj=yWj8dsCYubA-Y!-<z$PW-|a)`Yj_8^2iKjaF+bzewN}R=m2dO{B;%w(g*+
zIWK}7*5e0<w4^3Cc@#j~MAdQ39LTjPz}IZ~pOUI&X@hREj?9hrL!n>i8f=fFAG)Ea
zvtcEVeb3V&HFr<kx@eel<E(&N<ob@YMD%M9p;!e8A9H$!DSq3&zQvYwXG#gPD6uAz
zM^2^GC#0e0|AN@&0%0(941sprQBBkg(A1Ag0P_0%HON@Z@Toc@cY|7QULs?-!s`WD
zH<F;@m1GT?GhGtWP3(mdH=qGuv~Z!Ub`|dtVZvAGEFN@(yQ`_#Ow&oshy&Ire!{5S
ze!h#-rc1aWI;x*+d_2eT7&SPYH##49!>MFS4<wy_-O%Fwj0H5?QD0&S<v83s3H-Df
zTCWy;)}ZAMYD|s|Ke}k)zk`X(wY|M%<)*oBYA|8a+=^8Bd4brGt+8~>1Vznovdo>-
z5tVDw5}x^DLbY`2sb4<zC{fjPRUeQHf5sVwvc1|2$Zkh~Afcl}c|*fmRkn-cpi-Q}
zBp+-b)I5a$5o>vL4&07Mw`%OXW~W3flKDnQps0;$C5KaAK({QnCMhrC9Pyx`kat$K
z`^95yzU}NI8P^TwacP_bDXsPgyx5yQ*%SM&6FC-pi%tvTTO-Ao+4hb+J;}MqH4&=!
zTns;@rFJ(d=O?MVpgt<><$W%tUDwqSuqyy+T8~Yy>2j&4$a>(QaAV&ww;(=-q!dY6
zip9)1zqYVqpr1U<#2Ot{qRV(0VB4^zC5-LJDNDEKa$djU{p{BcfMhbtIjcC$6Zyrn
zvu6v568*lPX(Ru*Dh-^X;Pg|R16_$0)t!oQ0CQ2NyK}}a5PJ$-QpdVh>Y=M#p=|s@
z^xN-9Q>IS$03#?xC;+Wfa3UNqP&II&Rpk)z9Ub{6{^}P6M%Px7P<d?FV^VD>-tV9x
z%#z#16v<vwdvHfdqfUqNWN3IJId2-uy3%fjU3wv6)3XG~eg;4OAlF^uc`*%$dOmYc
zw=B(Chw-jaT8h4gMAD>kxZ%biS0vVmnLv8Q#;MuOHB&|MY`7Pb**Q{>;Fx343plP8
zaT6)P;PAeDh_6HI5U<v1BBg`lh%#>LHPmUft;$2QykP~Iyh2rxhXIIvmR5joDLS1}
zb__Cvo9XH3E)FH~3BJFc19eudxQhpftE8GGamSE)Bl#W-S<MXv=QQP6=$iDDm49g6
zMz$r<u83Xv=rFVa+sCj#AQa5?AB)iEw3VsGL_1SShZJ3fV>86vrW*_z%G92+>$KBE
zv|NF+6ahf?m4?2GhiJI#R<X=H-<O)ZOk6xNX%cY?Te<JIEx*iDyw<*2+T`h@ZSTfr
z57za8Mb|(Rl4_ApwvU1}cl{e@*#bs<#R{-nF@<qNha`H8I?Qp}R3rSWMond(t5g8#
zRENw(kcxKDVZ&z+%#sthbBp+*7o~Udt)~L<_-6+G++GsyUd1IJQCDxqS&Ge!cLOu-
zc1k)Loap)jdc*Ig;obm0;Bsl4?Fv}pa0@aBpT9P!B^k}fY~L1B#_0A*?e2Ny?g@dH
z%P(2^f_ZYJa&(RA@4bGWT6J=yq%qks8dGV2oTjSW>0aeL@N+bJmejq;pQ+`Q<AGBi
zr)_8!jC|~{9G5%$a5&`*X-0WrqE;9xTkkf~Rzk9sluXUn)KPaD!Vc&~nc{XuV<6Se
zcCG#^G2znPKPcZt@@1m?tI;=U6Ae+@RJ1m;lF?-+0qw5S{<gNAJe0YrXt^68xBH7j
z>uF`BEzezPALQ90yS$pUH=HZ#PUzJw&)TXr)K8HX)`tY1(k?d@PWnilG2Ccvx34lh
zzB`^!M_OM1voQROT0haED+0B$+7zX-Z05kNezwT9sl2$wDhx#(HF8v^*^2{5OK>PI
z9p;nJoww^vs#c>J1VE0SBP6<ZaNDLm9GJWz4xWi9mB9mmH|;89Lh-Yi&Yy3efuZ>W
z183YYeU#ls$qsfhL&>BR><0T7#D+1@((7~^Qrels)M?^cNz>hW3W$%1bn)srf5wyn
zuQtR#@MX>AE8Ku-p6Y||a;s8lKD^5$KfYWWGqd&TGJSw9&NJ&l8c;Sr>=%U{;mnET
z!m5K*sj&Sidbdsbei^s2vyxzGTh&Y$vlj>oqd&~U_)>AM3b;r|oOnJ{&slM_E!Bn!
zsNp}%LFR@`+O7Qiq^5^hqn!`#*U%k)w8cH7EgA7Iu7ZGB*5Fm{@T*9^tgj9vyB8i<
z(ZZ+i#-z1O+|d0Bo*tIHi2F0MR58*WY*AK;;zXPy7VS6|Gd$)0hxII%xTg2L#AU2o
zUWWV4YobDBsjH7X^j^?;fZTAm$Z$d)?f!eHSE6J)epcbSFSmqx5Tt6Cxz=FCT#TT$
zqGpNDGli$HaA_6b4!BeUM=O~H#PI8=+gzNShu$>e3L)#EkK~)4{T_=hF54J~a*L&<
z3~A5$VRG4wmp8jNO7;pm<2!zbS6YFh94q2I?a$Az)G!zsCt+<T`@z7>p7%i0s@_gl
z{%;=#$4OOgtU^soJ$(G2A+uIe7kkID_X#4rolR|zQ{*OB0Evr)Pt{xv;DtJ>)SYBm
z`sZv3NZVF|DJY)&>vH=4zW3i^t{dvZi?wK*donV`!_&yUGM23d^Wi^*HCe?R`?op~
z+Jgj^1r<5Bh)TqFJIo!tDppNfhZ2iYfx4<R!WXmF#X-ZZz_y6)x1H{Td9OXn8d9VW
z3;(Bs1q-*+g$@O^#7kwK5bA%fhf}KVciT<<qOhiZpDBE6<L8Fk0Icu&;K%S>p{VKE
z^%do=lsr9t&}Dy>Z82kNu?Iff-ybTMck+wkM9t<R7+=gf?#t2<xjy%N&N;$DcR}0f
z+k+bh2n~jOu9@;h{e2l*Re1meKcX@+J*!f&{o@9)Lu4~$l$1m-KAbl!SI9sFv?-Of
zc&Ul;wHs!OIzg~vDY>1!(LKF#_Mi4_3j{?Z_PPPO2r@}fK+mj81)twLa**K={?`}R
z-agxG1+qTIZIhVrhKw;`PPWR+zCSR~Cr+mGB^#kgZb=T?CzUm-KABeM%qktl?t*Po
zjGJzY(cMd3AsbNTp~Tk1bbH4$Jancf%HwJ^U#B!?y**I=igOz_%zMB-Tyn{ar5#Il
z8)Y_W%e4RIt{W*=Ew_04>W$&Dt*qarT2&5z(#_X8c}$6|MI=n`!~CIkGQK!`Qh<U#
zPo=Y1;IZO3?GfwHs2pj9c;wfPDJMU^e2>uYNY=TU-#ITZx|RHK+BXcUri>55i5TCh
z<p04;te2brW6v>*<u8|;Wj0DGjN(<*F#Hg0Lx6y<dD-?Sf5D%Vay*kwU;g;`i{c1Q
zb5-12Zav5-Xe?q9dQ((qsly2b?ok79Q~^jZT?{!Nio6`s$glmP$TkjIG5-<F9>`~R
zZzGkyh7wS!vMiNk<cDyurHmU}Z|D1CmFKrwWSG$G%W=-n&C+#`9E411$>;=>Pub?A
zOQB_`{wW&o6@fyUcumo!+v@Hv%i38da61T{svHXhzZNeTL593bAjSm_<xE8PhAV%o
z4HHhcZ)1Fx^!1P0ve&e3?a3|Xkjr8lvIqyAeM*mD_74M8<wHeg*@`k^7KZY<->O$@
zM7;nm`93uyPPU3w`vz2kfvyF;U67oavj*`I1{;wlI)zls2E~-bzPZ!F6b1%qZp;hR
z{P1PXj@#(9jWB~!q;0E;*9RO*gTY|i!y-z&1tM+Mdw|K&9=Ng+*BaE4`_B-$R&-W&
zrY|`}uHqxb`hlq`d*i(cS45q@U)f`m$5l^*m}2yf^ad2j`F89gEcxH_Gyfw;&V_;*
z#1&@|w#E7{8$P`tkQ)YExfst;Xlke}jlXZWJ=>i#>Uz=n<9+a1D>{kX<>7v#<q~bt
z>$kpZ<fyy$z2C69Qpew&KQ|<*7A+hnTq@n#4<8j)kvm*l^83=xrQb+@IFJ>y$@=N$
zKhAh_$AG;!d`xwlT5Xt2NKt59mra|m%sFwjYm6BO9~;C(iOkthn(Wo0w_%YM3lHt*
zF84;CMb2M_NfLQq1uY~LJWDlr_ECH8hF=razH_?DUdHDIVUEpHOJg1P+B;KRfbu8&
zoFxcaONoI+U}WmFXAw@}N?dEv=jTGqR`_d{{C%>moNN1u%HEAD_*vU8iVrRB{yC5%
zwLlSn-SGLa!Yi_S(TqrA{O%Y1pFBZ3Omm%06jm?Vg@3%JCFhhWhYvrj<_$bUXSMGB
z_`*6#{f~2hi`k0$b`y9-CQpnnu>P0RX$8&DHYSkuPMwvtrvB(r%?uxvMC4eHUgNk;
zCPUg<Yb*ofTE&UWs>oQ*f2Q6DJ(Cq8XW&4@cvf7o_dH~Sk9?`KKjaUN*KK$Z4WXQW
z5Z#a@$S;a@S!o8*X<4e~!1|1R)&D@qf4<wT(QD%UMe*Yo#p4lS3gLfT_k*Na7RhX-
z^{A=znqfVTen%Mrw7x)}+>ZLKLdK-kQ<Eezgs7U>19cNPxL>_mm#Ol`)8+FAk*Ibw
zu#{<871%_cPP;4HrId~`ar)9?SBGy`Sp_Q$p0BT*Jw|`%q<+1BO{8L7dXVSokl?eM
zwd)Vxj&|koLv=CP`WQ)$G&q7=g{T$r6}89(2Axi{7b)}BhLczm%?fRiHG9g!2J{!d
z8&=tm)CwXQ8yOB%r5P%ree55yz`)9C`Z|OOe8ik?tp4tzzFeIY0^d7oT1SgJWE`P(
zfG;=!Vm)B4!>t%$k4m@YZXmx#hw7W6K5Oe@@36kysXg$%s={iALW__0S)9|yZ1DD>
zOF6!9J>#qMo09L}tAlTpl`6<Dv^roq5>Mu>;mFK+pUNtw{M_9G?>s6mRNqn6d$0>%
z?TYa@-_3PE23S?VN*r?^wslae*K~P5@1kBHHREWktF*FW0_q$vrX|0o3fXB7{at`S
ziMYqeSzQoq_=}?Mx0iLU4?k*NXc=Y;7^0_X?;o1YWWHZ_4nvPwnp|rVU-jH-u<3-O
zx&5Xib;+ae^ZRQcDljOjs`;HddWX0+!p!&%_O8dupySixuv%Gx8N^&*3GZLmN=T^t
zGToyE7(!-~{e5W~!_~`z8An2+r#5zONu<Yzy=_vG>zuhg9V$nVKuwT9QO<o4zGmxA
zUm3<XfwG0E?lpxhN({05EE?JfRjd152d5~$2@+sSW#?Ma*%^OyBv2n(T2NFl3Z3lX
zc}<77&c0bhh#nuZPgZxxektN=Hde8ZAR`fK1sNMM?9RuJ!{*KbTF*z)iSv5G3D0x|
zM3Tjr)%kCVOuCx7Zkc%D$J;u7o@IDxJ{BAbxbb-^(K|WcKGq?jV+?UcyRNDG72bQ$
zRnpvr>fi2lhP}$B!$F)LI2EV*)AIQ{LX@#{PCLns*Oy<2CaR65-<U4=zEX`OQR=2?
zwwv*JPA_pz^pdzvRTt!+%G?4v)o17rFCq-7NKPtDHOecy9e}u`iGv#XnM>=LQxVKp
z>k>#abBcjWHG_v8u?K+BYOzPzc^M#hE9|>ehyd<NQQ2|vqGTvwcbw9-JS$|=5Ecum
zjT{zxd2G&UpYge5+OO;&uXmCd=~#FmY{BK!VPuua%zAUEE@U24#&xP!0dSr?F<mnC
z#hJaV6H-Wnk&qCyepe~ITBXi%nv39QODGVcj55J@gMoKne<1v#_+v^IYJ^M8&mTR}
ztJ&1!Y=>(#*X;y21Btpd3Uk8>gQwPcKF@2**Nh-zcNq#uaq^rVw;e+3G#h>%JLjfN
zqF?-?5GnRBYN(xtWGnwg`E^j|X`*2dP)xaUjo@U;FyJW$8_W0|zbZeGSJ8NpQ@&@m
zCd8PMoo!!%jB!k!u-UYI_s17dQSOQ%EtnB31B-Ou5qQb6Zr!g#m&IdMu-FCZG9f@h
z_I8Pp=3(-5TXtyMFo$TigCRyU<Md5(;hac`!v>nx@!PawQJkwl2a|o@v*?ov66cTB
zb?dLc-(X9(qRvHqMEmBqaW^KbDci+WRy#c~yQ9!@m{hCCrFo%qBs9F(ozt;S6RsAD
zF_%S0L|Cd<(-O*ufovFMWNw1!+9a@I`^)4sf+Lqd$Kr~+h#yqklfmHBkMG`$Kb0KU
z1GA|enaU_ek5_DAP2UoYJs@?ZX%8Ab(?SY)Ov^k+y?L>QtA8yW@OyFIWLre9V~jr3
zJUYoaDTg@@?PG176ViZnJCJo|Uu7l!zu^ruaCw1W6xa&|g&m&9I#rWJlJn|G4zxEY
zBbK^M4U_1*#6O{d@9zM~nbjd#=@I%D3L6SkMYA%;aPV+?-p%K5uA2l@U3~h|^HQ2p
z0qA8e(q<J*cA7Y3W;)^EBt0<R`W|qS#rTLbkxq>7TU~dd+)2qcriisaJMio%?H7fl
z$1jS#;}|JJu%JN0Ii3f9s+BO;F#KraDpROpjH@uCwl*p_JSwWU^n@&j6I^mgWMGNR
zIn_=6HyV8Xn*>V{qj7Uq)B_FfRQqKa-VZ3{-}-l$i*UCz9&qC}=gHv&9Om7C@d}>^
zaf!&TU1*(G0fsK4yK(44a!#PdJ}b&CtNWblel`26TD`2`t`={U`TvV4#a#yj;+<$a
zeYa_NU7#sHdimYVO5tmr0ul%V3HlM<@kJr^3P4UB;hJDIriOu@Yr)j*N6<<v6R|DW
z_tM=_Zz3}|NxoI=Bm6^DmgJWWT{MCl>`W?J{cJ9yuJ_NQY3^P)>|w9i;$Awv<Z=@T
zf`yMX)QHZSO44t8p56U#8nQ+rF7y=$v$g-C9XrDO<#3_62bV~Ko79%i{g7kT9xoR4
zhz4y*ZKkH|(z#Le(EI6M6m7G0d<dNcySLu;0XIZd6;7DeeyTUyxAjtZR^1U&QVvx~
z-(wjY5L=GGCKA)*SmewCj8t&tiAID!D5z}T{c|jN?berH6nA5uUkw%hSPa{H8t`nd
zbL4R!f7TqY%kMGQJ_U^j9rKNznlFjDGz|WtfRc$S|2r2@dOZ8_+|c}C+1gp~Bl^E@
z(R0087P2EJ4~`nlY3ltPira~H`bHs~Ubs?KRNU}p+kDi~WN&U^wFB2}j`C;bt;J-6
z<)b5d+z%6&{@gPl|4lNU)qH>T^HXoVCp__5HYC447&viYJ;XO=fwB!HRn-TRiLcvS
zT%2I=HWx>_r8&isHQ<ZAJKv;5UbY4SY4QPB(vRX0@X9S!#)vZ~IOj}zh)&Nwy#;&4
zPuBfJ1t5;(f?moopn}?(Ko{)K%B4FvzH<%c(|y<>85J@A5Paa8x+%eY718IGdC3#g
zM(ga)-qu`eePaImg(T~71zh*|_FSEli;?8~Q7m660Z`3{S)6SF6!ME|E-NEnTQe<G
zGwM~%;p}&;lp#WQ`r*LDNb#BkkU1qf<Keer_)pNj%h&xM|K-Q7PFn<<Km1<$L}w1&
z?qzOcpRLT~eoT4t0+*u$Ad{nry1gSv1R$=eGo<-%SjQXbG6Q9^cA8*1R@2jJokwVX
zLX=mk#_ngsq$|YY{QITLYt+L5)@<F*)~gRmuL7+_J*c*vm;$10KVV1;&qVO4Hpn3)
zuF{zwPzZBtWx3bF9m$=T-}85H#ELQhT<QWeIoaEs(_I<qeOF<b(!<KuMe5K+0-40@
z)|yg)!*T+j47g8Qb5wtD&@rtWX=7UBtfOn~_ji*+om6$`h^NkxV)th(H0>C(*c={`
zli5NHHB(!yeW5X9jQht{n%}){i>3NJFZN1jpc)vmk{0i`j#P}YD1k8$yc(ONqkHgu
z(cv28xfm}OW?AM@P?M2dkIj=VO~L3h8?qS&&o0C`iK^8SebcY+1JD~@;vf?UmWF$t
zEwcj3gczi9X8j$}Iy?T!ke~3M(O+}mq0|-ut-ik~E{8R2=;*?KQT$wlS6Fx)?nn?g
zVzc~GE~Kw5D6o|e>Y~Il*7K7KZ4937ic#g-K68K=oEXdTyak+BRo$*Z5k{+lj!gyk
z%J`fKQf5vVGq{5g88NoWMXxen)7Zay%+&rp5!>JGp1A_AMTfHqKqfYH2@f0}l&Jm*
z*UceKvPN7Q6kD10U3c9N!amGFUY8kRz4u3K_$2QRp`=KWvOOv=K3iBOfZ+Yu4)^*j
z^5aiU=LjYXv4V4MlSJ*M9XY6;N2Mg^7rmlwPOu5)p6Zw8=E)xv8%iu#eP!huESTr~
z{=3%Lqi{-wegrMus0C8O{Ql>4@LkF}lb=aTw@Go<mQ=|rPI_^2U%=^3iOnN1o!^7-
zIBbEF8DP<<f@d36UFe5GP`&VMEiZWkxi$XM;{E7XLjws1JtuH!@3OK_L?6EnGyAe~
z#t>A2OJ-K<z{B&EGm+n(*r%%DR+Xs2o05(}PJw5+V;?LmfaQCf`v)O|8NUtlvnQuU
z<}!{H_ll&NDQ5T6o7D~1FL(Q{q|RxXE&&9bu=Q#Ux0`bZZYnFkW-BqdR5u&dJoZS%
z*KJC?h_J0(Cch>_3)Z3)ord?BN=sA_4jCepZglgQHH5G8(+v$`1au_@Fy2v@peT;9
zsSOJ%Oo7O!7v`CcvH2xjA<1Zs$5eSFlwpmr`pG<OXu8|2$@D8`V`CARP#pdaEJvj#
z<UC<v9%eaQx@}cf7fdXByOrYhHI!vSON2ZBK8_{&D<Xk5bA_}t5d$9fKHw&v99^<#
zY*I;@R`KKSm@+yMDs?TsEpe?7cxU3abyZe5IqE8s$Fg6}b~!smp`vl`tS5fl5Qc3P
znacwMC>bYI%<6X9qr;LwKbytn#x($t#WP*pzJSL>M9mfl^!stq)L^E$mCv~{D{k1P
zdW>#Om1xeY^Rj+w$cej=HcPq(Zr9pF;J9N%OHl0wi?RQ3c(d?u{J741^^vNzk4CeH
zBVn9)RDj4_>+*t%*Gx|@r_l64etTnmI($&X#vex77=PVtLsyNrfzO($_IdFE>*^Z<
zauntU!=#HwRiGsaGJ@PHJOtGCV4T5#wS4(>Yzx_SPYN78EYamfr7E1e++QT$JM*(B
zq`a;Gm3-VD#k4$&JWZ%8EOc^}I{c{lWEz7(QRgFNM<hnYjYcu+!UCMe<61UugjRgF
zg{=~t3pVX`hYL1D7OY{((8xAB6`L@1jYg4Eg$#<|H>_@oi?}DHH|6r$^zkC}P&X6k
zimBn8IXMiG>a*5i5Ec9}{rmgAWQX%r$q-wnvg<Q<y?3Z{*&cr9UH!7699v7fTy&4M
z5}|I#=)@<SYHmXWmYKeyZAqlDwR7<*Fs8<8h8L!on_)*3miqDa8xx0bm4wuhgB;c1
zqt_mqB0Y=tbpl3ok=(H7Jbv=R!%A)N8}hR4S}d@0g2qh559Oq`wzkf1E4yve%`{n6
zfp)05tjWcQPg~_?eiq;<?GW8&<1g{LxGXxgoKy`Wr^1jB`<HFzrD^HzUlh}8C^`{y
ztNvqCtVGdpI`;r?d~&kGsY7)cIy_58&zX>kEc*_^Q-*khhN5u-KEoAN7|v&Sqr%ie
zBTIOa#SA>ZgDEE`#j{<aD2;n#P0dXeP-6P3UnxN!GR5NlAnja8z=oDKCT|+<+5I!K
zlD%=b#HzgrhcSq^8Bz6<<Al-zQk>MpYAR@HT@xIYm9|~-{epsgt^pfAyKM^i5uZOV
zPcr^8WQ8$k%_NI>3RwlJYSl>!gKr^W5fP;)0lz5z0)nUb9lGQN59^9X8qUfWt)(hg
zw8M%oinmKIJ+b`a?UIq#tN4)iZUW*mMDbK8rLvb$>8dVZK|2o_lO7dg(Jd0G!RAfr
zVxT0DW0?^toA4z2ivoDkt|b%rn0eoEY~tpvpadhE(^`#tG27C#MyBvmn|0R{(P!l!
zb5p0cMV|qBsyg}_rH03dz}0&%Uu_7d2bB~JiaXL*%lAl}hn><e7ykuQWxU)g=;^f*
zDKT630d@%=s7EWYjmpD1c7$enol16qUHMHl?;;-+O^O*7Ml67`|KjA}MxfznMaG$I
zor19deo^SIMf>p!bB4T03%Iqldx$LI5L|Q#x9aF~E2ZmTg@?4>GS^)ch#tu#hO%g2
zfFRpS&UJnb`A=?Xg_GQp!Ar-6V*#o%0W9stSb<10*lK+UCaL~o&Z6kdrD}Vzy4cuT
z`Bs>`T)RVZr*1ByhAvN*w*nTaoE;B+{-70EO^Z35!M#3@uK0S!=hX_;qE1upD&7x4
zn)LhgZy4knIzCp~Uxb94+RoEW$7+a$Vu8&Wr;jYUK;vt3b)}OemB+ueyLje<{```{
zuB!5aWssDb#ysJXOX{kRIfX}l^Gt{4_C$p$7`9vMNNJDW-Ats#MmV|O3wErtott)b
zJ+JlNn(iy#lYDE{J3O}3yJVnNlrPm`e&gvh?_R%j?$QBbI<(1zAjbwUlOroG?hnN&
zd(*uKgFluwsuc7ct*IARza|g3yx5N~5#hxfqn1yS;Z#U$m16AVyIHXv^^+WT9Tt*_
z4e?k{`}msH`*zX@{Zc?9e|gtdZpBUE8&#wkeXm34>iDM?C>tEkJ#`wNfyZ!iZQj~I
z6O5H>5>05=ztSyocDvyUC)Qmf(z(ZM>M50R`?Sn1Er|2~McsQqHMQ+~qu2#2NRhrF
z1PBn2-eF5mXeM+BC=db!0#cQ#Tcw0f2!Vtqz4u;3rMJ*)C`y;AfD}R9U(VU5>~r7u
z?z{KhGsgSg${5L7V`a^`=E|J^tTq3?@`^Ktu#woI&~z50&?TUm4No%dAcgPNUxFT_
z(88~iB&X{ar!hzrUtW60Di!FXvu3$-fBaO5VS$pM7<>bDE_AW_<Am%(dJNP!e8tl$
zZaEq>rZ)P5ceRubLW&JPyIMX)sVAB$6S_Xf*V+75A~z{u6QXU8m984mt6z?1Q_8jk
z>YB0cRso5*nr-Qv*)6UDg?(k8RT7E}VmcstPn6TGw(nU<jE=Qe#m)Hg2sHAw%-(vn
zBRAHs`}1`Bi;}PPhdbAH6AoSFg|Q*It{Ku0>0Qcj2%x?f4tJ=Gr|niZA=S_KR{Cq;
zSGNJ?ha?+kgW@1fe;;q+A;;;VNt?Qhn@?xQ1^4Ld39s<d=M{Q-5nAi4r0B~!qV2au
z9?6NASq00msP#vK5@qVPETC~1g=I1;t3bu@)@QklZ>C!j;AkyJCF!p4=}4IztVTQ;
zZ;{v~HqtLWdAch8K}FNcK}K%|d_Yfs$*w@0>?{eUV43RbAw-sGQ^$ISD5u1yZ#u^j
z35Gj9n@c;c&Gb`Tp>ubi+_vy|Gu}Sf<t)gj0FhLS>o>^d50G=LiU^<`E0}f-#KlWm
zro}E;_SZyPeuXcFO%BWvda2X<TP|_+^Sn|?x8x!F;gRkX@0So*r1DFEZYATgCpXB@
zD3Q<Z#c~G{xs?2Im2?c@rq2&<I}UXVpD-b$u~_Uf2+cE^yUA+bP>kx+2iK~zUIkFq
zA|mZ}RK~bVVKro~i5sf#JyIu8^5=ho$0iNcu}mA+Hg~#>5Y@P`@cXz_<$>WWDN-cn
z#5kplGe7xqnp$wPVMXAxyI5eG-w~*o_0?<{y(<)M3594^(z^vU)0+L4x@zb(dhv)K
zl1Er`F9K`nxA|PKX6{c-PMjB1#8ckD2W5rv6-Ua9^z9hpthm;qPp-w1*I1($nz!Cl
z88;7Vl|OZ!kKfSO($}~INblmjyc|W=BegUd$U(tJt4&KrZAePWHtnfxUR}KKFBThX
zlA_WAEMBa^d5Y2RsgOudcn+&{W4wEN-P!FQ<@(+mJ-h8T7h*tRDMq3-K6-4-lx%(>
zT-M_Bs7GAr_1Fpu6n2!OAuFTAU-BiW17d&)!LK&7dK9t-tEPeok!F>Bes|mKx;z@m
z=IuFA`;&ja`Krb^L415X7<wk!<?~OAOIcO2HB-N{<FXP`Y?i%v`mEWdqtrrIx=6;D
zj9uJne3!!nZrBOVyqA0Nh5AdMFE07Y`v8g07ua{t4A^^Wca1nbMA?xuCFzUHKsE-v
zd+T=)?*ViB_Tae}T77AQ%ZtWfWch1~?<!MCp65uVK!_pEFVu>jxvN~9{<^6m6Y!<$
zTj#(69C6`A-#FrZbJUdhxZfDBW^WZ#P-@`as{x~EI*PGYnxDpyvLU^A-3Ij$=F9F&
z(@o_ND3rm)5(|R3p&TpeZ-E{3O+<X!^GmSj!nlLsl&C&SwG6)rg@aHCFTirnax&L%
zJhxE0k(hjftZ`kL-YJviMHWO`sRh%mP^s-_AfM{{rL}@lSR`~Vs;A!*-1EI%eJ<Af
zfJZ*!atT^J{_AD}?^sLTxsE<D(588h9hm5`teFC?GXdpt-_ccJ`cj8p(q<b*LBXRw
zCFGWS6`(}6Mq*=;p3$lxmbtJXKEfnt^`16Y9@3YVepNy1SZWkgGs8!+!ty#BaJ39_
zMpR=fUvR0OoAXy<-h!E*(fZ1osL|3o&BEA>UqI+xkwLF`)}0pODE1F3nw5pySC=Qs
zQ<F`^Mmjw?9Ha1B%dViyuLOHt_QS)!=LW3FNC4O!#g_P<N(s<5jqOO3c2!;MwzEX)
z6UPAxZrvqljr@n`3&P6L`r7J+wgQ#RWI_ji8<)4at6tE`0JOhb_DqbuJmmTGij~H1
zH;y?{2VU`%PVnSkOR7rj!0}4%`@#eC4qNOQI`2h<?tK?yEqq<<47GZUUX*24V9cJ^
z(yzloSTmf{=krwdodom9*7!d2Tm7EAA4SzG<MNr9P+E2RT2?72q?XeGYf`eBhMu&4
z&Kl5`>`OXMXTDG%4_l$%%9*lDPJ3esRaBx!n%9-N-(oY2A}szz@@WSgS?}@i?W8iQ
zY!J-cmDOV6;Re<(+Ffn?DEOs{t_Kw3BI6gDSovrVj6ej`_2xn(9!lnIdzb5pa$)&D
z7>N4~PPOX?YV(bC`@oiRqHyh~9M;S#fCL|v6ERfbpZ@N##m$EAQ9>b8oJPf#Q<i=B
zT!jO7ITR{=%xa)&DR$mU2e#`B02gvG__gj_)xfWjg?c6C>`t#8Hjd^_BH75v%bt~G
z#dj%~>?9Y#1p!*lM;U4}x?#<!t?;_l`0Yxuk<TVR*~*QbVpZX?puBz;SKy#suQx{X
z#g+@ChV)e{a2*UL7A8TVjAa05EFS5kywI%wbvJ{@#>(h7`?zurS+cLk=Cqq-;~=QJ
z-VX%KV2`w%m|X>FIZ`|N>G-3&{Hj5!LYZv^E^ehywvJ%J7AWI46CHt5aGX_2aebfU
z&d%+VZSS*Lv+v)B;vjnK*@~2x$s57S1(t~gUSg|A<C4P7h4r@BbJf$4Bpe3kJ#T5$
z)N8;VsB3n?$&i-iZFbh&Z;?njD2Gwpy@9;JP$~xH%dhIMwtaP|qM8o%xVC3Sy#d+O
zgiBd=Au5HdJjCKA0FfM@-L30-4<`l$VL138Vo&RSr}^|tP5(uAgGzpn!<nMdfKlX(
zrFmf)jGO^neao|ZW8z(++)@LqgDS<J@5Q$(-NY-;*;gk3kpTZnBZd3tblV?m{}!;u
zE6o{Xn8W=!$(RQbok25en2yJ%IWb%h51YEF8L9km-H2TnTjkln{h4F8`@zy<Wo^`9
zWcYL|k8j$nRbw<QV82SOLqtnMOMPubOn&Oa&<R4#@d3^G#$W#9>Hc@Ny<GiEa8r3V
zy%%H?k8e!wS>`IN!`#fomC!SaBK>X)^F8SK_05cKmLG4}DU3>gnr*z$pLySfa%l4K
z##E7Cf2P4!lYgHy8<>rqty3>OHl0IO>`O`jsdz^)=pV=5JUBF5j{Lb0y>sp3wMI#)
zvg*3j$?egn_fC@^o>Tv<YW!2~?arr#;U^hI&o~|)eRX$wNF#xAwsyp@S3^FwZ`uZ4
zy4CW-=w#`4n)>X3`wPK^-yc(-!A5>$2GaBrbA8fk+{gkiZxx1oVO04`RbhXr>N<PY
zq+%L*Y}O3z!_qjA&tIoT+Eo|x5Xn#h?q*YcALm;-6vqGXlI~u2pgKznc0KRNZG)6K
z`VF2c<-^P-$3u4gQ@=Co^ZxqN7-Sh=_73+`zHBh}!yB-{$=vTW#}}VDDUObRj;4ak
zA8Q|le7v+xWeQr%8a(uMR=OLcC-!``m6Uws^^nR#%UeKm`@ELasa3t!C{j6O$flHT
zXNXnBzdFjZv9zCOeQZUSvZe4u-@IQGTIK->5-HWoZR0gW*F!SmkjQfJ_-`RE^9;c8
zsQJ6ncNjVfbFC1w#vJAkvg%xX){U2BpgM2QGLplihU|Dk%w70P=O4-KUh*1FF*6-h
zD(a5s6)6CN)@|7sUrNAAs15}VO@U`z9l@U_bh3-y1@H)w;fE&2h5iL)tT$`3;e}*3
zQT7oNwk{cGsnn5D4a8K|nem9n27wqF=Hd`2tgDn2pU{MjB&RN|ssgirJBn_2GrkGm
zC*Xx^zOQHn&`rV!ACroPU0A%jKf=}X>ci|EVdDCVH#*F;fSCsMO(Y3ePGVh`RXo=$
z_Syedax2s1&?U9QjVrQ7kyecColiQL&pyV`U3{X|I|(f}P8eaj_fdpJs0<9VMyp=C
zbcZfzr!KHmRDw2$yT(Os+>8s9ID-+{(q%3EQd$7PE%K}PNzC(M_VKygO{GJFN|g2j
zKeqkUDh$8Z6K4NkV9>FrCY}hvdc+U>es7H*L(h01KXeWk9a}x9ydZ12{0UU_5E`~~
zC3>>qln$LVntAr?Y2_~JyhbB9v6#;|J=h{IM8gV_{ls1SrA~K8X4dft6Z@<1aqSMI
z9;2pRui`{#i=dkqa&Dz0u*|4w!s{V%-OpP8t1F2E5ggiRAS%*Vd+(*RkScB6G8ES2
z)*4j$<p{*?Dnx?Ctw^2rV%Sa*4bvra%OdE^28r=e)cl?A2x71uT)#{Oe*Hw>8AfFN
zvIAcBDN}ht%KcgpJp6QSEB19>VUQ4a4G=vgJaRJ7SDd0W>1p-sT3J>5<tNVP@K5o9
z@q8zkutfp?QZ&``(N4&+0dC?+**$e5X@6SUpPm<FZy-N*eQ{GeVd+SWQU+ZHC2wrS
zf7AGIp--i3lnsMZZXlzVq~bwZY3;IP7f<DT<UCuyltdh;=}`A5`hL)a8QH$)Ne}b}
z`lIBIB|{ePyoO`N`^w$4Z$GVh`}jd4SLB+4N%z~U(5;(I&_xw3Bt}WU0Y&K<4TjdK
zv~O=S+*5FHVJguuEdHcfXvEw6_QJ?|n@6oHO1lb|4Vdof-;a+T7QC6Q?#<`DE?o<*
zm1mOwTF#?ZznjJ6VerxrtF5KLCSEYv{3d~;ScIka2m&j`6pZV_dTnoU!zA1<vuwBb
zel|LPQy0Sa;g|BB^tvdrS3fU)8x$jxG%JPEO-^KsuC{P>{$N+V<RySo;3>an@ut4d
z+|FTzO<RQ1Q@88AsdSHeU{Icx%RK)>OlKzrEvXvz&yJ$j9Pa&mqD9n3Q=<I!T3J&I
zX|cc1f!CFZf!hjG=j<MaiLZuC$9l~T)h`rL>HvtDR%f7Qm8GA<vugPrjorx*wu>fV
zTAdy3_Ol;s^<lPTCX<4VvhyYDqNnDvWp!P)`DUE#=u%f{{va@)T+MJE;(@LuP!peI
z&zHRHEDYB-D6Au-bJu!k1ke)`*$v;GV9`TsOt(H8bIB_Fy=Px-jR`AkOw#2zGe1zi
z+xM7lYe1{1PEu9}gD~t0Jn0pc$%gDwMf9{Qf7EpZ^4m{^M)c_0l}xC3Jxh3=uk9d|
z$e<)sY`JQpVM5B8^rTw(Ud32qkC#W?zt2<SWBa7k;w7&zQyXN%krDWtPExcya5@|V
z;h%J`!iXhnB}no@qx$VdKdAh)Rgh_f!S1L9Z<^33IX4toHz%KBY}2w~@!~yvrv_?(
zLa3Ux%<&Q*TU-sUZkj9vJ_c~TfBu($zgtTEY^Oi9AEt51TKI|2tSjKXtj#EOX+wRm
z?Ere;<O{=p{6}6Gy4=+|s%lk|#%0CP&9+vtiO^<ukpe5`4AetMbBKODqsX8fny)ms
zLJ~uQq>X21Q|=}n)>cjlx%Rqe5&-vJkqFB%BE5oC<v3Kf1TU}Ty}?@zS5vb^J03^)
z?sJTZX1^}-bHX%E67)1<Y76S2kZwkZqy!apbLPuc?9!xgJ!re?=%}hGM)DGHOWw;8
z1#nHDmCMIx-5027$yRRGF`)Z&rQ)LWq;tsf6RL8FCUMwg9zo=<Yr<q-hmuf%e0nvt
zxVfF}eVwy_OD_u{KV1&PnV2MBe!OtN+Qkn^yvbMa`RzHXUs2wI8li3cRVm0)=NLj_
zPNe7RLQ*|r<Gvn(RLQ}WSFgOg^5Kue74R8rZ_S@`({Kmp3VbV{{ACmVjP%2fCXgoR
z^sl@AR?WFD=Z^o_b@Pw!{WppTBk4w|$1`v=!lr`*B2dBxRKM+Gh7d5sHR{*`ce|FA
zdA%)>J2~py>HoEk!6sux&$uGu9zPy(QzOn}g=bLrlQLoSMDN5jVOuK0IUq+l2x@rn
zu;hL+Hx2z$f*E%Gunh5$Xw46?>EDc4X^Lb<Nrd4vs6gdWJkEjvhe|u<g#|3R|IvPE
zR#xx*f3)p3(bNq4v2tmET-BuKhaEM#DO^`4(xJZ3sO9W@c?k!#i0A4B4;-ny(=f64
z1^6GX(XT2rJUMF(#v)ZJmn0>-r+ahj2V<c-*|g~g0jztx^5w}n+gbrQ-)(We6uOBy
zo$h!?TGLA2difI&?q%Hg6ULgleG*^^%9xi1HFl^>ap9GeN*{Ys_*muRKY_>pmiyEH
z55dHL495TM`?-IWDg9RoQ?1`Vs&2hK#c!UK?U7{XKT+uq!!+mj`u-^C&r0Vp5r5u_
zpl|VHk)&EzY!-bM08#Va+Q(WlUuakcjY9^iMH~$)iQfngZWGpEE97=>Os-bwZ8YDW
z@T;hvdYD^)t0pCYo;50<yFc@|`zQFIEP!XM|BK4R!#Iu~OP8AUrN#^#HwJ|je9uMq
zB=F*{l`HKSU9*Zbx+)EVO6{Vkiz5Z~h%PoZN&R!|cdK>8k@`Q2;@u)HpR(qE6+_OL
zo{Q}&js5v;O&pil2jLq>!_6Jg(5pBUT4E90tQYpNNQ%~Iudl6L+^w3>?Q0^T`253}
zk$z2*Y3VmB01_-vMdlCKwr-A_thBA27FtP5+Ne}8?GRNj-te&Hb9$Uwf&d9go3LEE
zm*$$gP~YnNs@4_M`cLPBKN&YfqF`6Df3kb%YvLYFe~0*8%v&@g+I^q24(i0+rrJpg
zVQN`3Y{8IY!vQTj@;}q%za`jA3Dp)$>wOO`s4@RyTP0#DBz<67l$9k<k1UELBI`uT
zB|iMqAR^{T)<$P`&*Y{EvD8s+dcO3>wu_0SgXb#C0}S@k-7^wwjDem107gz?w`j=`
zX-w6sCHhXiC>1-Y?|iG?eRNSvKGG@Jaz3)*=tiWjzDZOBF>H=MWmVS}AzHs$hd>Bz
zFM&sc7n7%_dv828H8Q&VF8oMA*s^G{&qbKQFR$KUM?l%`hlD>!z@%2CZ3y9HKk-33
zA0<LqZRu^%iQ42`ZFm99gh<nS@byqJ<x#OU4kyo`<a1*N*lOV~U|(IouYKbZ1(U3t
zuX4K|n!`;CHsaiQ6?*eIEZD){v~*OMh<ssIwggUgpYuJNdm=(4mz*SHgW?-L;hX#u
zZLKWxF$6rawBHU!+z#*ynf)gw;2a%cy0k5{V5M4uEFv=|$XL`W%1^v8{2`NUTCSD_
zYG>vY`$Cr{J+2V3fMa~X-(#YC(tc0kOm`zLL$_BRx>cQ3wKNNVKxx!+<E!@*s4{sc
zo2r<{qBh50=p#MPXFH@@&Jp&op*0P8IwzGA)!TcyTFvlPEFp%uXMhX>4`3GPYThn=
zVE%E7d-}FTx@sornc9(l;-kCY(bH6<Yq~uv2$6%+*UANkn&!O5@}sgv8D?vG^eojL
z6}9RRr)Dx<Pibd&=4!g$y<w)@&!?ejVlo^~C_3QyQ93Vvs_5Y1l-$+?vDbLKrpS-6
zcsMhf)msL|;f1=cp}u-S#}ngSskpo@?Yh<U-VLkR&7F`S(@Q1yGS$o80aQ8r15d4`
z3hImeCg+Tbu=L|II%=@HqwOJW>udul7NlOza*KR_O)o2kg?d8|$1DTeM)A2_VcKPk
zGZ1LScD3L0FL;)&E4d~n-Wh#YiW0qRD<7#lp3h#@j_9*=W^bwGrh{u}HWG>3HeQmf
zZ86arRZcE}vf_PHe2J2o#}k2F>vxAfm3S)cNUZbb#ie!$OHk!6`z&+B(s)~0v*X<i
zNVt%D`#Qq}-+BI4`p<p)$AbRa{EFY&>#tCicCVxFT4*%LNb5JX3&NgoLgXf?3RqUV
zecM*fRyk0W`waff-N2l}#=`Dx{{8%g(zTD0{g#b=&ea}mOT1F~Ncs#sl>lF_@}6I^
zo0nI={%+5Dls)`w9XE9QB}dUD-HaP$Sku|WeRW+NRIj%o=&MLSALQ&X3Vi@|$jNsj
zk5MEjQOEo?yd9^d8a*gf)xE%UROXcEn);je^l>--sB98hdQet)+cm-2CAyUgpWx!%
ziMtpxe&GEu`^&d@hI?sjCU0bNrDGNGA7(Xb#x?_HAaymtZbx)MUlq;*Cj^PhhPUou
zzSOVeBjcL3=CJhMMT^rj*-uH|DtdNoJdQ}toR~71dB5n?nAyT5XHN#CYi_%j=f}C4
z+ia733$gJMa=Wvzec7+s+`cirJ=16M2Z<IpN}@HAn<m~19ot~^kUF;T1X_5EB5E%`
zJQY}hh6ZN+Sk*yIX-V}9jDP<=ms2**1bQ;z7ZmA{TxeA_+?HNR5nAB?**2nU!NS~8
zWpQu=x_z776Ayt@)f)~$7<l*m7(FYC3h$E3y*JHnq-V>Pi#nRyKX2gJx<<|M7b<d#
zLt({10|P@I{r>ZWO(l$D4~Q2f{d7CjevFIR)B=B6qvL^wwd57sYx*&F<%d%|YKf%V
zIy2xshM_VVbO=39Bcf2kgx|~HzE7HXDb8QDtH+&TK|kJXt<v?5_^2<x66J<h7SE^|
z18mB+uJ?6RgH<(D*N$mko(eOYLa@DbPoC&#ahH4(>#Qpvk^VKmklnbZQ_bnL+$?HF
zBH5kSLIFXJ#J0;uS5DE$*pFQ{mklh4@1w8^^K7xH%k<0iVK@fGxAvQbuk{+%?N!w=
zwhf1fjP}g};E*otH3=9g8oI-UVX$G*r=rQ^GP|Vhf>i7uvhAh#K;Ndh3vhWzI^-5!
zd$BwyBu`kWmg1p%92rHnj^ISnY-%xXe<SUCo?X=tSBWC($_{&?dk!X$^N6*pB|K{q
z68`n%E}em_K^$VIKkUg}SV0OrlB&@lJy3kBWL$}z|DEW3+=Q>bkx;tjav{h^q{jgx
zGK>cB!hnvIL{|5@m0;UnRQ7TXgT(-mk?v1y3qQ97v%B(ZiH{1k6`$*^Ifn6lSTgz1
zp;>AqUezepUh2n??1I$<*IDbr8IsRrLh_%$m&rLjLmop4DUiYvZ@#byB*h`l+@6We
z5raM(VWIM0)<9TJO@?d;es-sp{-yd{j?5-@&|txcL+G>0#xwiV51%+ke|8_f9ma$~
zI<s9<-wuv4@q7NPMKi}C8&gP-AdiSgEEbGxE*uNN`tFxSKE+vjFGM2Vd*Q=!N!Yd}
zXEf$j$=nj0Fd|kQ7S{A|`e*&=74Nr|Kit2vWzchkhZC_H^2fRW=hZ7vPScW_fo<N^
zI=}0F<6jdbX5Q|MaO8yM+o0d{a^%nIhU0J#!5Smd?-JCkphlY`PZI#P7U^XxjVSjZ
zd$TxH#bTHKK>l#YRkJ(E&Y`w!r_F;n`=s;p7#D!VeZe>g#Qkq=QOx}jyY=ifd88sC
zd!|NbG1bcKfFJDz{jMmJ0hX+wYc7b9P44Lf<}MLxETGQa7Emj~xY>hxdo7?8r8gUD
z)S=-o>P|2*byk5${(1;M6U=kx&9bAk*%(RaDNGxvjG_($5;VeQ@7FmDSu$^QLC0$n
zw5*aI9P6HOPf|hGyGci?r9WRv=hT`$RatN|P~&q5y6d{TQ+aL1Xum1tH2rf6NubzM
z-tU5|`sTLBJzsdTvzHu_<E4O771We)GLA|AkcJ48`JKkXyZg2cB+kreroD%=GTO+U
zzh%vn6oFxwi>Z-A2w4<F3jq!Y--TdYrSoFj&#Zo2_~SRYVLtf727AEkfQ(@$`?v@u
zWj_rNU2UXw(BGH{DFNvY@WJx}*QWX$FucOT{*(UtS!QMrr}a`LE%hd~V3f!Li%>O-
zRxiz>8AZ$!l|DU&!X7?pT8>n%8wtYBbxHlapfK{ju7g`mv3J9g$-<jII?>-Qd<DhG
zirC~nc0&KcQ=?_bh<|G*1erRRN187g%_T*An@M~1gm0J~#&~)+3(Y%C2(v=GJ*t&&
zb|dbAYbx8UBb1c?rMz+mUJX1B4rI{g|7zWTD9krl5GydSndrTW!5vsiqX^6iR*3`m
z0WqaL;dVKcC%&V2Ieckt`rHoILEtx28?{d`k0Qy#Yf@GHB{h=)eKm<VeamDxkDO~m
zKVrei@RzvQ>dcG#c&%D66h{2|JIx;*_~su2L`ETAn#5NfAmBLog8up)+2Wda-Ud~B
zEgwWIK2Vl-QL^O=x<1pxoN*)iK`)F#BaX<zFp*_oP7MWLwfGUppCWU{Tk~$`wJjSl
zUYNzpOwegB3L6>bpc4<{E1pdbU6ac#(shpeel)x^zUcM>Jg%S9ZThc0=><EN#i(xr
zfOd*B&E|)-lbWCqnxH+CaD-1(hGKn*ej~eqFm82EZiT>{C>DLyay$|DlveSV24{=!
z-`Re$Xs2n6mn4BYJ&tDx1I^d;njF-otrFeXmF<ijleMMM_u~~;3foK<97u*mXMYTy
zCx7e8u7QlY;JTR&2Kie#Hsy`6>tk!nei;0fz2GCH^rV;UVnu^Nzb+1`UF?v{`~GE2
zZk`5KchNO2@bb(1#JP_S-gjza_M+BJJpH38qxv`yHZQ7Xei~C8w5aALq?J8Me&M`E
zI)69`R$HB-FeTXFFYqrx<W8&`o$Qraa_@mSfZ*+a#uHX9YhvNLA#ILt83Ver$r+i3
zy6$4zjRuBz`Ht|x(%ML}jzv8WdVjcAp!CXrh)7u-T_UT$U;%{B)iWnY%A<x{@2c)b
zukTe!&sLfb)a3ORt(uP4ZI4Spta4txo|9@K5HxBC9ohSa@3jNc-{du}VM5l2cU|r^
z)1}5#abEVaPe{nU^91vYye%*kf65(|hU>nQGg~aF!p#Gm4EmQ&Jd5Y$tMCq<RnF4p
zb07{rbIwm>E9-)u$>n8kUaQLRb%Tk<a9p=-kYFwQoyN_!p5ysIl3hn!J^OvOB$2pW
zJ_1_r@JIC5!B^jadAbQ^^EI=$j7W!@<TK{x<oTpK2qSKX#9n@)A#IP8>ynj#TvCUN
z3h|FX^xGey;hZxqGKJ`PP^0tReuhgq$w;fGQg?H!s4xc|t<VbR>wb!*vQ6b?NX8mD
zM6T|2fY@W5*jxWH7KEwde)n8NHA9+<7^gcgp8C2{#ueDFZ5tI7M!ndzLqrfnvQ=`6
zV*oci35&VuOtMUq<h3KXVU|@JnrEGbEoK&XbCiO+0qBJ%^yxi~)%B}}U>XG{q!$2^
z5;KC+k@k{=zXi|l)?sXnF$QxQ4sTgbZ<I&A8b{Luy8dK?`R{RXv+e_!s``a1s_gWL
zbv5}+>+v0dK683^q|hDrkc`TMO?AxwOEU}OeoKo6!M6lxXL6q?SEr4N>uu7|m{94}
z|L>Rc@qSqpM;vlrQn<ucLe!xmd<eSb{(5p$WkLyLAz=4Cohor|zxr3>v}Z9?-?Ubm
z;Tm(gqN0xa_*<~rRj01n=$sA>G%v4hlMa^1FiS70_J_^dU%&lVm$g3}+{B)<irhT!
z&7=6n@>Ea%2}UsZAC_)co|8pRz&{lXzr8p)hkN%?K<&mtX%Ihua~)pw9LeI#!|$#c
z2N(Y2!$wVIJ$ig6^YUlY)`UCOvrz886d?AO0$yJJRGT{uJW8hw)Mc%=Ea<zonM|e|
z^r){vz_=<=Dy(z!KPIxW??VxM@AL*6Rj}hGhZD%%^}-=b^|kn4AdlyzNLp#fz1QCU
z!=&xEkA`}|*QpkA@jo9?#T5T~vK+0ulYc#rzi27u-IWoi=CH~?eLAf<k&5&Q^Y8Ef
zNYzq&YFrKZ_G46Bp!kz+8cPLZkrei#`%-RSR4YsB{`CHX(tZc-<XF$?fo2_NWq^0v
zn5C4u*l3g0-3oqWg+e4emmxauiKX6n7KAmuL%WhC^$6TQXwH<Ry_-syUPTGmmY!Pf
zm?*~0hj70sgscjIa`m|B<)CJ?nX0ait@F*%#u0#r=e}g}@-_mK-xxo+&lPPsQuy^G
zHhkJp8-ggR($uujcTKIy^lQI25ULg9BF)4l>}+HfC;xas*ic1bxrH$QLjN0BzKW!_
zuq2gpbU@s;3csFp&BDl1T;g{c-2-7urQo8`OW$vP>{ln3yzW+mVA$ZfIdkBIdb?<T
z=cPsQ<3Gy={n<)}Y2H+NK+D#`fx;P*qB%Moa66ze`X=ra+E#1Q7ZGD@-2S4%<Z*Rz
zg$ZYf-6Gl43+JC0v3cpCb}3NgMZ{WA9vC-nWzpdf(nspx&yhnSa_CFZnA|!o96(}G
zW$^v261hQ(L<f0?4ka<c40pftSh8}Z+nrDP3jGc`0>%M8K-|E1)ngpW2J)?r>+_!+
zX<q)x%_fsxDDO>j3lJZ#KyRfIlEK@nk2m<7J>o2^t8=5>OnFi$i=RVF(=-cM)rO**
z{h;oZ+_(nq?&7a4HIrc_WH_*x4Xq5XEFV`uCYRKUb*}=TISg2;Xft-fo^I#yxDE7p
z?*0aWJ!N>ywIoHPb4S45%S$A!DKDmRNr-5uqKod-tlX<PK-S^*lIRp=B$g#r-~LGz
zN{u%3)D_y7{@&iZapX#s&dz~No+giwm(z4CR_{(~8#pS~%V3uEI<5%a$Q4m1%Isz_
zo4>d6hTrAGJmB`pHCnzC2yMW+dH96u%)23ZnN9?sMQz_`Z|2E@Q8b$Al8Tsaq14Iu
ztG<|(N>A+N6^6%ifavjoaH3^2s+Nriq0c$f8yE_5l&$bm8oN%ZjG*S}Fg}|xcfX8|
zf8%(|_aQtH%(tZrn7`7IF14#kLCWv9YU|Cqj4vHp-}@?r>7)33ozl+N#o@;cK=sV}
zz;=t=YtXptSv$C1tUZ9|G{-A1M*pEbCi?5U;eID+4ozGB8xjxE+_Y?ogO(f;?sfpl
zC5h?q0k@ZCC0BJXF(F$>a8oDpNy(5x^={@wnsQ>~BCiIDE{kkp0^2+^6QZn|AQ(+*
z*`jqFq^WWYORO0$ubs;I`zd|0=ym4P*TjfW^2>$cRa@cu_QmiN3x)^KRR+lXz>y?C
z++mCjIPc8-*8XWJM^ArceM^XiH4lGS{6MjTNR2aWH?|JKaLXRzn!r12H&mrGl)FZq
zO7d@C4#*-T*D^jy5B723<&)WpCj79jO=ziA%4K_i_n;>caL3x~tT`JH_2_xDsO0G9
z`zhUJu2U+5J54`bS@;X$M)B^2%a|)GGU*Hw;C^!B(G*6nVs46e28f=?^K0@FQ!Waq
zq>7`lj24X8wlb!d+s^_`G`&nYzKl907>A`5;L_;;mf_e|AuZ`RZ{PBlB<H$^UYD;i
z-Od}4H3X$x>T&oqC#){e@1cVkRgbVV4EwD%gKC)J&8hM`%@VL!HQ8A8&4c|3yEIjI
z7kk90ck-y>)jRA0+0e+S(lr~`?|o{c)lgjUV*IwMrBVL3yr`|{g^I7qlRp&vr(|-X
z@83=~^E5t-Us$@&Q$JN5*0xUjg_YY*@%q4ke_ZlfyQ|1%hWy(LzvXpfgc2AOtzN{K
zSQvPchLmtYm){g*1S|9ZPD7?53cf4b8!)Dh0Y>TcLi5H{2E_X!{eiiUZ}zP=L^>ET
zYzeAdYQULEk%9!50828di#w1VUv_S^%n&j0SGvVbgEWFB`)#FT4&jZMH(b&WeayGq
z6-L<7)L566;c*%$YW9^+yY)Q_Tx!>~KjM?ct~{@)0%g9zwpfdK)sy}$TMl1hGhbS)
zmraKi*U~-C*F?fSroQ?69aVBNRTTl0xhhRXwCp0>ypziA4ABaGB1?OtG>{*%2B!Tm
zh}1yAPJ)Y<SxwWK^9<LPnZS+W#1Q|lzD%?p$VS#BKPMm8_&ZVMeF8W5t+;+<KHs5f
zd|p-zt2w+I@7OmaKH7D?UO2nPzJS%^i~FQp<1@_4kNS-2K~)*H#C&PFalOGQ)viVR
z12T}AqFH>SJq`_!+FyWUuYItewO2m6_s;jZ1x?^GBvwKZzN9j{t@5g2th4|hb~|eh
zpCH;!B`5%RzTSO)zQsQ}zp$tOrs<Pdrqgt}Rb$^MpLXvQfg7!cEZp=w5Sv-|HYzi0
zF4z$6y<H_Z{o8uO;zK>3PkTjYMcr0@li}l=w})8R@Gk(;^voN)%15k^6n_<Y^h@Ev
z05?x_MOT5Okg%eEf<#4mm|g#<9V<6&LMe|{-dTWBmgvI!{haY2rQUd_HQ99gx}I!F
zVa@wBw)-zDSu>P|sp32kvsuhh{^!frYR-3@ufJj>wKQ}$F~xNAvaA^A3pB`d+p=PX
z|Ar!!IRi{_o(->`>&Ntepr7`we8k$HFsAv8-nFCUbFfqh^wCT;{;?%VlOAG;U0P8<
zZ|}EuZ0xk910E?%5Nstj&%afD@P)2Gz}Y#~{>vip8_Ym2Qik0rJ(@}YUxtS_P*xQO
z49>C%t>6Yjcd2=k(Nl_lNoY4*+^N>AnaOy)43MSt<NI9LjX=?F{X2T?=P2i#X#fCl
z&)Fq|oB4L0<(_o3UI~^zsi%sa5@;F&Lx}vs3>KJ|(!14gYOsgI3r<3L0pO@bwz7e1
zkFJka+jyktHHk_rs0I%Rv-eV63Dzwh6|Y&g>#p+($#{Q&CQJYYqFr-qK_LvrDCebG
zGqh+1!jb|rUVr*^R!F1N_wh32-trgt%Nf*}GpsNRu&u%ijzU(<&3)oG|Mfx5thINx
zsk6XCTUN5jk<d6*Sx?<pe9jY~-?WT8=vABO#~}L%A;OrE$|K)+eKWLH+UzpCS|RnA
zBPF(N86-2ZbJvrdgX(G{i_2E?o%_qB?_r8T_dd|8eE!;jw3pN1OUn)~scw?pYb4MY
z1ExExVj4cH9IT8maLUrseUyYxRn<e;J*@orMQY{iSc5weB#|aUZ%W;~e`QYs#ZNND
zsVB|qaw4k&o;8U+-xJ&)^h%fmD}7(W>5|=)aZO)DS<~)kSY^cNmJgfDnr?ke|DEeC
zD}Cctx}gszB)OUqpRZ&#m34iV6cXAB2x`taZyhPpOKjXm5b#+>X>ZaY+)j_0e-)rH
z6FC$x*l@F7PLki1KTkn)ZDqepaB7Eh;i*=owl@kja^-TGC|Igrt}Z0rHEW@Z2WBKk
zBV214o1au4yDUXqQ?&J9nz|d@3eLXS>)iD_%>s`;P%EcUWrNkt=F_(+bSTNHt-7jk
zTo2_6HA(Pw@2-zoeoSzz1g-*6`a~kDYbiCseWB+3!1-zxqpzbFktiHj=Cas$Cq7wh
z2u)GQmIi9!bcG)$wIyAje8ETD4TNm(@N5(hJ$C6aIWlfcV|u0Q?DE?~UT~yny(pBS
zwv>QRWR+V4<{LX1tZ7h&Ft~tw97*TBFWI#ldk<#n@lL@!!l8-46FtVrr#mTCtWR(U
zkR=Nb@Xa655Yh4SUJ1bV9pfqE8773wKrn?V&AY=3pci_|ZM*VpAmlY!NNfXeyVMv`
zbb&&1{{QyL<lmBy{XY{g_@_2sQTVEUMnMGoB7Ud2ZJ!nP=S{m;?i?Wlztij}6gBtu
zJ)^*Wj6}E4Tslbn$MNkovkU{`E}`Pr$o!GW0j0JxfPt+LLfrwZ9}iwjv%Q!L*+OD<
zqOy!Iuj33{H<IX>8o~wr)^6D*^tC-gdBZ&g1=sotP@RcnTh4U&G|-E|h6*8$+==|a
zes@*FSc7=k0_!yY)%x0a39UG5_x^RttaMN##FEirp7y{Wp9rc}rNS;fCF;(Q@eF$5
zJv{|J3i?Ii?NyCEof5S2410IwIxN4J&Uu``NtiJ>C6?<NxMqnBnz~YCIjWT}1HYXP
z;N&#Sc+|+W^4*b}Ea<u`6s@V!${8sJ2}hRQS*r<QOPR3_>(HE?76=^(pcG3DRx_v*
zEJuT^o8O)Ox=b)m5=tpB3G4%zB?w_R#L_G@R(b?Ez*37~yf5ws2c7$N1WYjD@dQa3
zGQshTwy#M1dOb^J$A0=|PrgQxHki}Cpf}3kUOpn8W-_rC+LH$J6NJTQ241$RI6ul!
zEHBWfqcikX@+R?>^O+Ap1ks%+(bYEc>1f~fEhrxd^*HoM<)4j8pt=T;*Z^w!C>;D~
zNx`7fmbE5zO5jcAyIW#mNsqL{B}N@O9i&Gg8^Z7ppqsy(Hg^JBC7n_&e2_n)tzY_{
zd!cFU|5hhH)>gsDJ$8#xuWpUqYqof-DAge)vGj7iLp47%hn{aJ838d8l4f-cv~ojf
zX;wVHZgc2QhTx;7biRO+35JDJN8ZsI&p`bq_RJ7aZJ8e5`|w#5DnSwo=}@g=s*EQk
z)+aU|ys?RJoHig?bdV$O`I(E-Cj5$O)9aHc!g&G;2p%I$FH#p3-z6nZ;$K2XwNRTa
znH2R!h3mp{aADWXN>RQ#LPz-LIs=&lGyob`Q|t-Xi|Xk)yB>vc;2~RVBvrNX*^+L=
zIN&@j14oCh*no|!^C!&5ZZrx>z8UtpChHe{=cdSLyYu$_CjExM)m@73PAE1Ky~4?z
zkw5&k&rU?>KvpCHv}z31`y}>IRkmabcsx!)){N9F`BT{V8Y^?~&Yav_N>Ae{So+Wz
zTRgCigyF;UT(n|<YffuuSkd1;y=uN$EDv0G4@j)EmYAT(*e=X1njVWTQ_^Jb?FM2G
zt<e<5zV2!0Fa})Ei|ZeSpw+NB9(C1fNh=M7QL_ezT!W@pGVGt4lnJg1f1}H{Kfy<6
z4!Le4)Mjyxk7nA8`uLNE7R~5|j8bpPX=Fdtd7hZlXhsL2ibrN?%4$D8{HS0Xy|{&T
z5h{5R8coDm#2v5`i}Cran7YLGo$nAeKt2dB#8pG|*9+>2h@v7$@AfhgWu1=p6^{A1
zD>p`IkF|#MLXDBqmq;ggTpGs7=+$Yekt?X?j+3QfiE#L+M(Gg-@Gj5JLM5M?=9Q-Z
zo)0#Ovf#^`Y`m9n8Gs>@^vEEA+dq3uyR^`z3#RMOUK*L0f1P2fjptQ#0F;uguIJW5
zo)JR7m9f&ZO}(3ST2dYgp%oLqeHc9yQ>MpA{+%Y}s)oEH!-%y(aOBN*dCP<LhL0NF
z9NzgRJ`lA8&e1~>F`qUZI+fdMlPtYbL!(mFu3{aVBIiBwh(80eef|9xV%6F)uWg4v
z+0Q5|T!<ligt1#@YRNQqJRs-`He~SmHX!s^J#HqS6NY$}tdN4L?+S>?=QM>W5Vr2w
zs1nWRl@silKO3)9e}eIkDkJa>Ss3XaH-O8c>M!%&WK_FGwkuBk*d*USjUixWsisNK
z%wl5Q%NQnZOSAe0ad_ncyce+_V|Zr><Z{2sy1*+$7oe6j_KsDz8giMIT*G!h#iC;@
zUt$iJ7m!#?<acnOpYd1_e4LZF(c?zUMHvXDC0*;)+61z)#xoc@e4a{^7;^VvR<Vz+
z#G6kHbOM**nfAM*z^{c<qf3o%CNY?OPD5O^)3;X`K(7UN!tf)2pf58c?spoe_!}V)
zj!Q#_mpNu`9`ja-+(ahz9w+rV3(mVyc@wZNM+LaFA+JU7(Op|-{;ct@aZQsb^jv*@
ze7qJ)S-lEy2h-`Fb=|CVc{fX{$DxaP6t}qR%DzH*O3+x>qIpmCi7?UKW{{6$8s+@8
zY=SZuW59#z_|#ZBF(190bX{KK2LcaO2VoJ0td;j>J%yO}v@ocg9%+?Dxh&7_oN3c%
zQD{j_Z3M!|PMlaP%R8@ElEEeXxmO*#s~38!EWv=AZB8Q#LVpK|0~oaXpGzsc=?Q^d
zjB$3?uT?nCF0;y%xHn5@C1axe0K=Jb?r|xuSpb<?_Y~pNaVMJXL0LtcPQyU7Ft75@
z3aMgXRmVZIYXajq75N-t4G6h8xfuZ@P1x*nppEUzF!by`xsMAurf#K7%&L)V;x=yI
z!7I$(QTj1^G3H6i%gw{Cu!Tv>;l7GDTGl237R=6*TD27+bZr-N89O`Rwj8xSj>CyS
z$o-t;WvLA2$*97X-C5zWG^3Zf#}Ov#Pv}LQl4Kesm-683x&|O?$6}CT1wtbXpCw>a
z$%+fFqq)1Br1o$JLd%gCEjU4E4Sr|W)#k}Bseo{6%bk&;CN^X_JvlKhSW)HQ5*T>p
zFfynb)+WT8@PrN&Yh4&RWWnO8sVmZb3N>L&CCf7=Lf9?}WC23P6^bu&5XSTyn+J+O
zV5?Fas4+r&;<+T$DBh9pn??K!RD;b0nQSX*fNF-$nEuN3vF_g#v9;i}<d~W!DzyiG
zmEh32g0P}L+O|RfC@V22NoVfP8zg4o?B3`nQz<YAzMfOJvZ>L}X*KhPSaLA5ah3(G
zr%yAwUQBQy4?6%ND&{Ot2d8wu_A<d-TtQz_hqw*2+1mJW3<92x%q73?@^In1vj+7d
z>6eO@hlP2<Vgoq25BWdni#dZUTWYs_?>(J<WuA0r@9Vobd~4tMxbd&fwIKW*p^u2%
zOpPQ)#GCPK(W3nKkE8r|yMeFU3$`%3Or7?&Hya7a0p;WQ^#?eku($4bM~c9uF!-bw
zI&csrC!mbxid+45(>|d;Bubh;Z;bz4i4{=gJ<q4Z$*Z1dG9Bz$v-72Cho)XW2+%KV
zX-dELa<y<uvf1M28Oevm&i(f9v7$oUM9UV8biYTLO94g*bh9B_J@P(LrW$;b&^baQ
zoy*gM`_`yxhxC}6zdYeG-IL_-yl!ltZxxP+S~-dFG*Z1+US)f^4AtdGA7+ZOeuepx
z-Y1oFDxk5K(xQIRTJ-*vBHi7??;W)RYDclW3s&30-mFRZ{?cO1G5Cn8WX${Kxkk*V
z==au=SE;NQDTaUCp8bcFe^;*H|5-vPyjdh}yFfA2qmSOayjh9d5W{U8-`@YT-hA`J
z*F9PfJBh3+jvD8T)UC2LgTT#y0|n+!P5qzU(ynd>Ua*WWF;6#f4<oykCCR)^kxr(|
zjkQcRvLFrk#gD!O#ftRyY~kEX2yP&)(A4P$g;x$wujr%-OTUT7_Jf$roO*UErw2r(
zk^m6@R=rR%D5+PM<FJ}z#V1(OLr_u~uh|ihDZisF41Xr1mYBxhR{h-`mVzmPFQw2&
zkqaA{Hyw~Cdk=%59EP6AdqLi$$0w6ZKn9)g6ux*iU-sdwQJ2spqzuDWvFD2=EE{65
zl9w@j1gRZSrIBRc>r+z=tivO9jf5=(Jm>m7xj9^Hr255-k36<?E#NL_qo-dbySFXz
z1wzty+@;#41#F-vO#S?$*<S9y;OQ9vljskRAUv;W$Q#nL*AsI0e60AAO{5vN=Zo&+
zonr(uc3&(?QAnPO?zx=`_*@+$&3CnIPhc#pl#1<Twjr058GA`?zXs2_-#~@;GQxPJ
zUeU9We8PsqtW5i$b#PtpLLqQZ&(IZhFGne|t)#$nnn!>7?f&Ph*NbyiKOUw9;@?tq
z#w)lR^t@KWpEc_A`y2hdWii#O`y(e>_uSbls_Jdn89oBMw;rT*Hs|BflKApC{B8cl
zbeeNdSLyx>Brd9h2kA(3?{eOVyz+*uXf1=9QKMOt$pNE#@d5xND*5dpj~#RN5DT5x
z7e6@zvT);0>TZ0*U$|a{asTsH{<Va2gKuvCJWAqDOH%E)`ziC!Tbb<LJYK4221RB2
zo*75@XWsViH0J_WfBk#S^1sutj411e#ZBIC4PeodH7ZDI+=4F-#5E4$>+_40G$ryF
zUJ-r93*8P3cWzYOPnx;)`Z5!wnAA;hnIF7nl^<(td(x4-CxX%oqca*}k18B}LW(p7
zg^nk<KTlv&t1~0$r*9a1GKc$Kf6Em+7XnIttI@20FtDMIQ|Q}r@o)+BuliEe+$^t!
z)e}-cXxjG)R$eE<_JG+>uo{SqGrpIxtKWj36q;G&Nk#Gh)OX7mGp->uV}aI_O>>DU
zhJD5cF1H@L)oRNy*69pGcWjm|JA8hpVI6SYTD;%2FIXv-rI!*j14Sv=+eqH+PxffA
zF~ZIZ0bggRYt^{r>}sIkY>?tFhqwrSt5{nLu&=ViCG6p3U1_I7Vb9}wsX7X`)r#{0
zYiUiUjW@_y0=Da|6EP*CkukKZ#*09mOvY{=P~5Lw>=%Cg>87b;-2NKUY@v^oL=?fA
zme=Go(xzX^tmYp^qJhOV-;mN^<+f4}#hqVkD&v{Ds#;RZGJzol<FlOPmn<RVQ4QTS
z&BsTOf(Cto)-@#DZ_UFff1L9}U95zejIk3vPa8%!UIGyY9}|&E1c8>|lel>(6mCT|
zF47q&GG+UGIj@SOS(dW42Nsh6+U;$mg>XtlIBWRB4P!GVCi_xsH4J6;XMuuPsNuEH
zX!NIedL%*YXL$qU_SkbfqM=UVNM))jUt7)6>7vC=^CK~tH`=s~50Kiv>JsK=5=Iy=
zNY7xdkZz<a6`Wruwdd+nm62x6>{>L#^jXK@X5&q0iqXh;PJD`s48D#Gk(?%9gFgYx
zXj!ptddrIQ=L|Z&zH|XRZiNUiejG@D_xt$NDg$3dvxzw8biYRf9LeZSgzE0dX>vzR
zdd#_wB5~BKojk+&OJ&0hCiLE#aDopymB0m5SV@i@zgvkPe*$<tu&@pimUjhU!3DV7
zBo<mfHTaz*S=DWR^e-1g$8JCe_kU=U_w>4NL`QdKh8amzfqM0@d2`u>#MH!^S_$Za
zINO7n0-QFbmUTN77O`TYi<Q28?naX33gfuDerKhbC%f|K+*1f)+?a$9@Mzcy)gX+m
z!*U33>KD~wE7bTVe<hw9>Y3VZ{Bd_oqzusljpP}Eqca@sX5Vz>J10w^`tddFJ(elD
z9>zFmy0!~eS|mK`X=IMULkEUfcGTA8Zn1e{5ZBVtOucoUb5Wzm(w(UKNj6w&lEC|q
z(2RZgBJiAqD0oKkXRzN@;>bH8Hb`pEc#vY=fa9;|>od^}<I`k07YtFasqP_^5vi4P
zr?mXlK=?r2oK;s6Z><Sq+<!8)_4g?7pMC!S+Xm@BYuTUn{h3ejUu75k{qXa}Q6Jyz
zt~JKk&Kp#IaQTw4`90=l>BLfQbi+w(Y-CvEKwAB5{UBIfF{i&;a_ag^L(x@uZ?4@7
z&K<j~sb(%Cr40#IBSX3TIrUjjT8*5{w{^4jvmPlh6J|@*$M>Co{$|iF;(;oWM3o9Y
zz6#&kLmzFPHt&&wKo|kgPtQKJ6kDYnHg;qkJX#~y)#2%A>fM@dJ#kK1VU>+1#hT}n
z$~@(j9gFXUHny|^AA3+=d%~Ebx$jFEuu-!Mm1-g-!eSsNl&Lvl!e;tjuUbvWRV<v#
zp0GI&x#KthQJO{7&=+3J0?aN7=S+fNu{JBLTC7PAiXsxD!awR`IpKMxO^bC&)4F1%
z{K%{s{Zbtt#eD3g4yzq6dzEg1p`T@=3_6HI+4IV3-Pw~`^$NvovvOwA35^#|&6Ai`
znr2F~;eOG@uZC;(_{hSheUR;}-;_oAMfsL|XY#USF^<s=Zpc1k{}++0Iwsx)kkEF-
zL@A*s=iq6o$0`Zy(Ao##4WJ!&vPjEaP}x=XQ1|%NV?v^JM8pe1yb34!3E56r!CBrd
zvLtmtF-WA<HK(apCqbXd+46A)!vPvgdPc*jk<8htb;*N>Z=*#98s5tM-i6B6(;Gpx
za<8&1XP0yfB&BeXVLMud56Hz#9;_{CY?v3UPzRmpyUR6O&3;gIs3n<Ja;}%ZmX*bk
z{#$p+Mfu%ePo#r?d|p#-()!&=lW4T4u;HCMq@9pJ`RP>bAb8zYm448rpaO}HVZ8>2
z2twj<Po(L&ey3U4xo*6&a<L>Q?#av#6;ITI09HB9!QW{dey8zU^*C1ivF><FamS>6
z75!R5X9xn_b@SwV?qF_8Lg(HrL~L?F3Qlr!tWF+(B$vO$LS8M(-p)z6Jl0?N6jw%N
zi0sK^!T7?lTpmTw-<O+aW!XTkMNX{L>RV*<_eC6fmI9%#s-B0xF<_f&7MHo7AxX#(
zAO(Pey?E)x1#49<(@iM)hrv{ZFjI`h%_81YoL%GlczmkdzQy$DNN$yccfHgeE7zLZ
z$8)dV3SMW<&W^FZrRRZQn|iRfG5J&^%RjXJjW(SS(bz1jrQ=g1skJJM6}NBlZp+4-
z=$l_Z+!}54%lHWN^}v=<qDg-}QKD;#TW^~A3hI;(s+I{{JGq^d9F+$V-Th$Z8Z|ZB
zx^e*pqc`<B;$cv$&%dk0Df52gOT@R>0k<+$uxAFZ0J0^QZQc)w;{}2{!6*$44YYFe
zr8pY2iJ8dw{}F+aX)a4YfaU2+Bd65#uPI5ESRT+^@x0Kt2-%6x^mR$B-^=4FuSQn&
z-t2qX;K-556meEPFdM#j2;oqAyX6y8`a6x`?IdP^kT6fb7V+C)(=Kv-Fo)lVhDMnB
z1o+=ruAJoHMxB(8V6FkI@l@!M&7&&^<&aZ20%<LEz`QUqR@rr6w(n{e%i{KNPE!#-
zpd~k!z#Y5I>5{0_tASgV0L%^9u}(&yRjQ{y4GeVO7{}N*#8}D_%-4<@MP^xkxnJ)l
zl!(|t6!K{q;;<-3PLu{d{&OSOhhZH~W+}RIwoVVB9fe4?X1YpYw1IIWC|IhzYPVKL
zKz_)>Yko<$*wUo)f3f%8aZPS%yD*BPA|f5>0tr1Rp;wijgktCrigXBsUZh#+oe%<q
zra)++_pZ`A(mP6*suWSM?2|ovX7=9B-t*4;&7ALi@9#T*5qMTsxz~N)&tk20UDq1*
z4#EiOWv^LqlwiVW7;|vbdt5zRrnP|+@yhSAQi&&~DxgMKsJ{Ml)Pr_V_?fS#?Ntlr
z_R8Y7gxW=SEmFfPvYlsooBP&`fbV7==SQ>?lK9a3)tc^n<D)U>0?DAe>f3CN@`?&k
z<IMP{wh{@I&Xl!vqPn(L+nQ!o3^Hb^<mP=dt8&9q%`L~CkIh06F+O9^53(6IJynYf
z8m2v~H=mign)u1Sgb^=p4?=t2RC5UnE8Or6`l4cg@m+6@jBl*XeJm)>qz<0+QlQDG
z$^$07>2m|rb>bimW|e?F-ni@&b79u373y=AF<W}Qfh>vJ;PA`#rCMADzp?ZEt3!zW
zLV^um;3*kc<1+%veSj&Y0nH;q1F{@)k3u{J#@W%Q?$4aJ%=Lq<4N@j1m4vm#ZM+Yi
zf!(^G%3&jjI}L)DZu40a{ZAwVs>%p27r|)wl2nTVQ}mrJy>Tk;i7D0fk|7N{78r^<
z#?Hx*oCdu>6wo8m=*$W<);*hrmBw#BM`p55^y<m1yk^(PUsjLKr)^u3`0D+<1MkQM
z1SGZnMGxx{E2?0ICje`<YBa!(Ik`M>iXhS~kFOeaCc35epziKqiUKo<dh8VWMbB%*
zI~<n9Pole|i&}WaCrM{Q?Ijg@1qD5Jr8~Kwhhw$7k;&In^*YgP(GWN-xwl9$Rq0ts
z!5|>uB<$#h=(~uK_FEyblWQ`%Mqf=0&LX!`V-NRf28i^uk(HJmo~g?a4*ns4Yr}3s
z=J)hB*<Fvf<V-^;ZSxa0)cQ;bJ|oqGm^L$gk1JGz=f)yd4_@PW?dqk%2a-B&Q`(F<
zp2V7s=EIxH7hB%k>Ha8Ef7b?XCt%G&hz`w>(tw3FIIK8e@ca%i7&Og%j+pv-!|z(G
z$P3pbOwT448s058wW3thR<ceWPBLxqG|m`Axnq}VYd<MUJIvWI>o`vLgy}8Ic!u7?
zN&{>8HOFmjCySaIJd0)Co8a<Z&oos<!nu1;=i8n@10;zwx^#ht*`XmzCYi^T*7sYA
zom-Vkn~y$$oeW2}(qR#BP?$|&5+Gtj>aK%WPLvl~BkG=X)APw(8+_^}CjHIb8U$D6
z#8(-!v8dW41_P<DlMNmmTaLVb<rA#wJXfm4uoInoIA7sCCiBcA#A}eifXzldS=#Nw
zX0&#0F6YLAvQ2X-uP#$QL*6nTxeEtlsK4Zj-~M}^`L~u)VV3zbj3Lvf8A_Nb<>-&H
zV%VB70Yjk2HOEipiYY;079Pf?er|DzO(tp|#-_kCiKZn36zomeW5POjUR4f^HP#26
zKc6S5WX4`s)Eh_XDQ{+Gb*Hg12-PJn_7sL<=o5v55KOnX79;G19UnNNypv?HtHa9`
z`?&1<96dvp=!i@1E*=eKX_XAwikR#rwdusRSy<EqEIUF?Xr=_aE2LgoOw~6*AEBeq
zmTV5lI?L+K=dPJMQNc{a)_?}kWg@#ME*=_zLK?-4{8>N07@G!RRI;te4Ob6k#mJR-
z0_8b7E@fD7zoVnJT#g~_`x2P=G42Zunu{~wnk{?Xnz%okVdk7QvavNI`39pNX_W(7
zyXnCiQp$!)6r$^(K+7$mlcNZW@^;DjGItbS^{oB9i%WR{)vkLp{#p%=(QCuwd7-l?
zCwMU(UOyMt7eBNu^&L710nhbcPz?Ws$TKv%hhw=%Aqv`*H;Wjt)Zxh?kFv+rDJUB{
zR~c}P(%lb5yN?^w!gwPBC$Hq<vvned`O=o)j9XXLzXUdaxHxN{Us0O7MRv>5k4d+T
z9N-`ic~_zkw&0jNFxJV3PG*LF#z1D|1jO^e_t8WqqX0V1D;;FFJTtbw$b5r69$iTp
zJGx<gxh6A}F}8BqaB|wQo4WmyU5y0Pn3L53mTrd>W1^ZSqqM5jZPvO+hEhpcr}19=
ziG-{rgdJq6;RDKWRH@JimJ8_%s`Bm-5Oe|We{go>&2SCjpR;9--o|;4Uf><d=#p7a
zYb&%DFQ_cfhQHxo<9~-l2_T_R5n4VA(Fn@x3kq~uG&E%Z+lU7bGq@a3k8a9KOtIau
z&YAuAP~RPwZ;(>pe^vmb_vQG8ET^W#Sh%SHORU{;s-gyFiHUDKM{A*xA#00%5t3kI
zq-7DUl+)v0y95nNkw9kAzpEU551d>?2$enH;ZQ{9^;^4^kE^OuJ~`I%y)@85(&w+d
zRb?U_w;~;aRh|Id2&}MPfDoCodC$!Rxo}%UGS?kc=h=-jJ2J<nw{VFBrYic=AfC?t
z0cK&nrVHy;v9Dad?_%fdQ|T{7!?TE&pcXz#^yiM&Qx7Z|-drm;JyL=FL}DrW?6xOC
z9tf86)bg5~0+x2JnyigOvxJBGzKPSTaaP(yf&uvaS$?gwIeZfT#f3Wc<kcwsu7?Db
zvg&#T`B>}s)|Kwwa~c}k`0gM9X=jPLi)rEe{3tvWP^*QfbWg>NwZ$7<)%e=_N=$;}
z8gLlqY>=b7`c_a&cH)^$ygP(-J_)<WC}GIS?;Y8Gr)0Xv1E!8h?<lA@gI^zw<*u-n
z+296D5adPou80Y*_b1Y$)L-!IY1Srmq-G2u_?N?%5@^^QH?H>I!KufXo_|bDgG|=Y
zykbKJ#Lqq_Fx1S31f{P??dw}h)VVJ;knK*{FtwZa#G+VvMm0a+?S~}kN{$y;IP7b+
z)p@xm)GF=IrHOlp?fPw5DaN}hRA~!3Xg*6@Kq|Oe_19JHUUk2G=3OPN(!Dbw@}r@(
zbugYSO@dUwV4XV+nzlyzsZP;C0w?NO!=XVxG*Xi#QZl0JemsULL1+N2AmXpDTJh3m
z%}c7qMa7czW>{!XluCS!1nnr^Lz+@GtsiRcd^&e7M~7ue)Geu^Heg7bR_!{DW%^>V
zofcd;HSACT+1O;ud@|zXoSwyYz9W$JhEzK_9Cu&i6H1mTm64i}dd!<!_aIPPqSK8+
z?R;Fk@ml=ODiI`J@hXP??vO~9yrb;|EmAq;L|qXBQ>1-qQ>7zb6S;BkIZrGpZNLBR
zwQEUTn&hf!iV38bBDBG$RyQz-P+lf<pP)U<PM_0b`?WOX+z&f8cEoeQJ5#Lho76}z
zcN;~i7#7_B&Y`gB`MQC!<mB#<4lT7aGvuiYq-t<IF}O+;dNDkmg(mhR_Du#r^U7y3
z(U|RTYm+cTvTp5^$13iri}&`0bUlaS3zIgadRO9lAhg0<EsKk;GzQt)<cY^hG1Z%D
z^9xcr<D{<|GG;o#6j?>S+AfBk*LeL{1Iq+cTjv9T?HfymDI(Oo{DE^7%C8qmto`lF
z>Wo{T-8lPV?ARfLXZJHe+<oej)=Q5|Qi<BY7IfZD3S7`r0U(p8)vGw=GrsfrXfl*R
z<C~gUseVgPP-2TU*3B9cA4+L3FR%i0a<9?}%t+`e`I-?&AAH=vT!@UozP<Kss1+Jv
zm}q8T?NwNs(-$xmXYY%y(Lb|RJF2A-X6|0YqFKkCdJP@iTvI=D!mqWSLh-_|%+n=C
zeKMVtJ2_e->iT5vZ9VB7b%baV^}1$viiz31$)rMI3C$8^bvU!HSTve+Qn$s1$Mr2=
zsziZrQ|drRK-i>A9<M0hHk<v^sQ4|!s@n(lc~ivx`<dE#9x!4rO$tw1Ea1iJ!wq+I
z+(WGl_Zdgs!wfqLAG}r3RW0mu!~>BBxHldEcR?=<_?+5jKAv!|0t%c~L+emgQ*L2)
z-o2RwHcV05*XKl);GTDWI``TUax~M<Q~f6B6CunT{$(Kl@}w%Ib*hkHF9~=a0pH<;
zj_>RpbfT8;M^9}%YjeafeVD51me5J6V=8gwpNwEN1*E(KbLos*a|}1$+1B7=^yO6@
zx`}b@^C;?Z!&liMy?cu}$!eO|S{Zw53dx=N9AX^7CUG^g#%cjm=P%+oCvV?OD@`zt
zl~=Iib;Q>!9IMup1kW>ghzqk2*Jqe*8kycsAfWedmf}dS0<G4jPCsg8+uvBde5`?K
z?DIMQ6^%x(XL+WDH**v#o{V?d4x+=iq<W!dYYkN{Kw-CJCcLR~?=om{oL1@iquck4
zWg9ZN%@XB0J)xN)LQQFQ3(+dM*j#*<O|5b=!k8K)uteN{Scd91LX!$lbCRr#*F_#J
zOCcmDrS)L^)boihZq_P#TE+H5I>z40AzX^X5qvrk4vP0Fut+t@g)83mR4h!EON8_i
zEG>dxd{|%KgLqyY<=03jhwSqZzkQ7-*DEq3kBQz^LPayKdi)7NIosT1%ro7`1|6II
zlwx)rsw4o`ncU#^djAp%2H%)(jc20JC|zv0FBtTGWZiq(l%UiIjxQ873C%Nek>s_#
zo}S*v*i;AxjhiBvVe$5-k?*3NRbOZD0!G}HW)qbw=MOyqRdXqe)excbmPl6;>6sRf
zVGq!qv2{m2TuFQBNAh7t55Hm9fe@Swm~Ez%Fy8AyRd};LzFG#)FLYvhu9Y_VA>JlM
z%F3Ie8@5stXKpoRtR=ARE9W|0b5^7erjxd{3a9&W&gJ^+x}Napq{?t~P_pO8s_l1L
zk@4m9!iM68vS^r4U*rVN9=2Lbzg)p7lrQRWCfPBxWp+a*w3+n!*!^nZL_<~@rn>Fm
ze8T)At?Oewt~P~DQd>Zxh-etvafZ+2J#$Wmc%B|rr5_z%h6#aqVUpLcW8_tgfFgH#
zOTB&<c5>S;_e7RE25}<G(OjN6#jOw0)$5ICN}6nurX=t-5jy#F5lTs)2<$_LK)XEB
zZ4@TG@P^z9QX&nhCLsc>ZeE^u{))->)O;v1(G<9m!{Wb?Uw0tlSYg9F9{D}zUPnlU
z^xZc$3w~iVJKi8c9aHBtlkoU#u>_nd<jgkzVkND_Yx?vo-D_Qk#`O;a!V|{#nNkgn
zw$H^1EA_f2ym}en?(W+C!fwtjE8WH~Of&ix6;dwsqtt+nN~aUJ|Nf*gj4JQIPNGhx
z#ml=ISsqk7rxPPvsn#*8V~78c+e6Lq_8E@z^=*MGYYd-G_tt5(Me4_mY9-m1XZS2@
zSWhIbDvYbvk0*+8Rx6^Hi3|k%T><wY5IqUW1mu%ORTC?wKpc;Iw@Ap0zW!vb3r>pH
zBa!ojl2cHZaOb!d%`;L#%@Wo)%&PN+hsTiwU{`&>+1mIHZjQxboFz^N^Cs83+meLP
zIZ%ybZa7d?Wv=2ROuDKFR~7Ae+-zz`>tJtl-}Z|eKb(gB^>w;P{|1VhS%~|Q#L-$I
z%ov@#=B$}J8q9RX%I>6Ipl9)=$59EYzYs8YPhTeM)^&{&x{GCf#YCl@p;CSWA1Y_v
z2{=>U{8|R0>s4VQkbhKk0}wtHIHvJJYTQhITtGut#;0%ZiSGGmo5aoO*sqg7{kF<*
zPi_{_bAg{ooL1}6j(9hQRn6j0THWyUaa`F8`x{cJm5)Ab##$l@aqdw_p^HFv1#L~r
zg<3sjq(hdiup5Vch8%+9C?12w<SC9~5~xwrD&I&IvukW}v#3a@{)ZnavIktgNPiPB
zYockz%I93FoC;=zp}?awNR!DLCK?@ORXe)?YU<Qz{qITDbys`rVPfqv!zq>%A`3E+
zt;`eki8Bz5FgmnB_e=wze}Nl3J-k2KGyfvH?WmBJJ+><dd#A8+^+rgiVSdC^FYjJZ
z_T>Yn_cPN0`kI=yS4^Q$BMQaGXE16pOu;lPwz&+wQ1#{xWo5;uZ<yum6@z!^oQbDb
zgDA9C2O6g3S)2nenk_1Ms-53vG{P-dZX8@<B~ldA=26$`(J-wZ9yzXzEGinL7P;}y
zwHUd51>*GEx4Dl)ul}m5__K22H==T4uG+_#x1_*a_wCmUPyc^VkmHw8tNuFbV3#%c
zR(+7ogV(SAO#jlRI#%AFrTkwmm@!`@Z+NvhZuZ)(Xw||~{*5g4xb3Ugf__oVWSNwF
zM1f7{E>rTk^2Y`LF0J_=EBK#onyQ6jRaO*Y-~WI+!R#SVt-G^y9W7MylNkHrCezNt
zc(3>k^YDiOu(+ZAtYr!ZbvWmk<qDTzv5%MX+jq+H_PX!9hSm!URkCX-vTtWz&X(~}
z9S+@qnxcucRqPdqZ~wlZLP8?PSW^Ys0!$JaVsqn9A)x8oN|zH@KXEVLQAbTie<7ac
z!kz7BTD#<z%L*IDgT!Bf4jt)-rhUb84=k%I6?0pcN9RB^aTRh}pi9g0$8Un-EI}&z
z${KI;tb^E`_$n|~q91uhT1%|Cq7u7YItX_Q4vnj1fo?@|649@Bo{AE8T`L2qP$!*_
zzX3vLD=&#j=V>d+a`jLryZ|>GOU=gLO$|liDJyHSy)|rP4&Ic0c1Uh+fZK|+L5&ki
zKGT9h-$sf-Z${w?f+mlm7T@hnU>d9g)~?C2)!@t(KVNZ?NRkLtjj08)wjxG}RKFC(
zbuLpdtA?N$t(qv`^U;qc*sx1_lFlv_obU*3+61#Z*D+%cZ4~I;5}5lIg=Mjh&L<6w
zmeH@9MMpldl@#Pg#IB_Rfh`mSY4`Wf1(*gA*c<$t9o4dI?lF{&HdS|SLLkps&&AR(
zs53k1UIunmP6-S1Os~-C7H~I#Au=Au*d0kW?~ly)vG3`~YQbW;_2~!NULV$d7I=Bb
ztTkq5m#QadY0=PbdwJLRQgLzrRQvQ~j?5Io+96e5FCY&hht#>>baA5E+F;nix+WRT
zSx4W0F}fFVrOyS*BK{2H2rEf_-hurVrEL{ueM4%3mU%p_0Ro|KE`z1?ibB&*o4`Hp
zbI5v^DXF5W@VpHr_sIp_t2{8u1m2k3RQ}fU3C!V1v%>AbesNui7($t&D$^6C>L8qy
z;n1{pv);9m@|_5Z`k4=Eet~TgcZrv^djp*oG(S+6(gHWB?$;7tjuB+G^wi30qcr-O
z-rd_x_fR^w4B)BZ6Zf_<PE@U_57~plB^+j;CpEH7pWu!OeEce&8CNfhE)AMYpo{Zm
zJ+ncLG@Zf{L=d_U!vhtN+mV%*rnawMaxqhJMBL33Ekl{XJBoUM=9Pk|)mOX`mvoC}
zl;7X%M@>F(-|nn7Wax;xEHHCi>KjGr%)A#+k|o|?%Gw@a*B{=GHI<VCm^CFtDoBr#
za@O|>UZ1{K@+zlpz~w_h?WIOZ3%$NWoXvjsYHma_?U}_zdm00qOnTm(u=6oTv3<J-
zUwH-Va$S<OT}1}M04U8tjqdff@G)WV%5EWs)mPd{l4j0DN)-myse@2e8T$G%ROD3#
zSL<6fz<J7S(DxnJi;Bwpw`t};XcMbb0g<Ae8-CBnj)J-gH=RmE(~@l_r)zScc0lKD
ztK1?gm%`C4BI&BDOHu(QNv2LO(?mjHXpa3#KGlc9DMr^-UupV<{c_!1R1!z#iUwe`
zUpZx0Y?SH=f_R6ZXHW}7eBavfNyzhfK*>Ktd&Qp6!C+gbX~=6DtE|h3%(l6Fmo>sD
z!G2dO3D^2{XtbW2szQi5D}oB4+rcHK<&{NsFIQGZuTQjBJL4+13%#$xvZx(JSL@mw
z{cBck+@f_tslCk6p*`ZQlpt@IDI3r)udu79XZOb$l*Jq(V`tJr5o#Am%OpbZd~TQ|
z_v^i#E-DqrjE>|1W*iRN1owKQMc1T}z7AR$5HQ#<Tb7G05YGvFq{1Z|BP;{Sqj_RN
zSB($-+R`)d-fz!q@&YQXJ6SP;K2?61&t{l6f^FDu(oD~`kd?P9nH@zDROzGJL)0<K
znDL4ZY8DnoAtJ0soQmJ01O@X}Qv>KeWJOSSvnc0yJC_9N(2d6Ay`JrVG+F}!STg|h
zm0uBWfxlQ4igPX@&DY{EezG#tWqb#Iw&ApaqCJ7>Xu9%bU&e!$KP;Yj6R*aT3M14I
z#RcY`Zox8xbefux#QQ+~U?FoY5&e0dM5Fp4E;Dx!9%J99dzC4H<>J9>2hSRF3y0u-
zZ=NxMF*CrV=>^WJXOELit;rt{irTyz;!A8*6ldaHDr@lSsEGvrFqU0-Dy~**Y^Jte
zB<wzs&iq84<}1gYVxo*>D{W9fsr$*Tz2T%+uQm?q-V7)SU2FY@J&L-T<F7`^ZYwI3
zHwgAmnZ$w+Gdha#ZPztZLg$<_jMI2d@1y%o9Z;(htyjjA+;2pE@RujkLYbu^>{7*Z
zylQn&TSay)OzziVLCMA@bH-pDO~8B@8asKA1`!HJD`RMob!MOseL=cO`Fm<z{?!yX
zG9Y&vx_qK<y?+%*Sz&;}EkuU_szaIvpiv<cG<4X{u_sYBb;jnEb~QqMO4rtDIt09x
zU{_N6s^i-|+5DWu_R)ygBjxA(U~Wlsahh5+3PGzHo^7Gyz=HC)=cD91{_g=9EJ8gT
zd3_ei!geyJ*+nfhfDeZYDCJiWZo^Aims%aTO==-Ns0%SiUihwYZSex*>INZew#_@}
zop-ykWG#Y<bE}1+EMEk!RL*p|^PAh^jzPIzX<QSRL8jw!7CNgV9!`Sq@+XN@Bu-W>
zU@Z?*H6s(M)eu3#bJZH)IdhxmvP=Z69=OkhP@M>Lw!vUE?pU?h0zr*w>HoGohw7vz
z3VlS#A9L-z@d%UN@u4`nOxGu8Q86R_DZH`oKo*fUGjXi-rnw+`$V!7Acz50*ryKP|
zVm#xEi6IjcKG0EtT4)d5Uh(WH1a0RhzFqFRWE1o{^Xr51)s(W@ZB3ksEyeSUSqL)=
ziY;Aj8qXXj{j^9XiRBL0U=O&!9&5A(%47a^WD?p-&0Q5g5T2hBX_JdfU=YFQ7N;u+
zlUj&<t|w%2xW*>8<cv1~rt<kD^wSt*dgs`0Exxj#ZBZ*aI9>1Kk@7G7dJehfe!}e{
zAeavvXno&4v%}@!WndkhX&HAb4y)p=>RR8P;g5r>Vc+nt%C;q65ttEt`_>pW8&c3D
zIUk6+SwwK243kadGO=G7;cbhYWkB0HV4Yb)E5&fp{e+w_TWW@_`M4_QF5z4x={I(d
z`PuXRK1`J9v$JVv{WI9eQ#PBB;#r~?1~8u^60I0hsYcp`gaCmrZ!ovxjF#)!REw+*
z6XuKN$WLl3^x0~7f;7UY`WJ{oRph9vm|&bH5Aq(mWHg79z;Ikj4%*6+TOByGITehu
z4LbEz4I%`6Q+Z0$jo!BHQ#Kbiu4=Mxv+oKtHANgdD|5NZ$XZMK!Dg5%=d)QM(ri8^
zABBvm$IkQ{*>#hyLv0pkAkni1GqU{(6Eu)PtVvAs&J%XEI|$t{aZBBM4M3EgC&FfH
zG&Dvd6`U=8YrxaSIZ>GHbDRf<Z+OI70z(Is2q5F83qM}B$imPl$v@4mFL~%5k$POT
z$8Kql>t6P*TF#Iy^Gq`zJgzhwc^Cq$j0$NPFG=duNf=QgPc|u%_QRTg)YY5vqW_?!
zp@VFs&z1skW?oyxGsD8L`FhKVZ7L1e)qs0vRsBsO0U;OIMgkE`gD~003KPAn1bvT1
z?<#x0Z)zFS>Odb~=~xcIs))hQb=p_bz#W^11JLbDJ;u5<$*(y|u^9HgHJPW1F}xK!
z*+3VyJtpdiN7n@Biy{driNgCqT}B;l^X6qdJx;4{Cn*sI^VO?{_R`{$xssfpde<4+
zqXJ5LbcQkJh|t^*sZ^(muZ7GR5=|Xu!K@*(Fh@~aE~QZ>(;j3ZP)AQw2IZU$>(?1|
zrH$O3QO%wX#gPg*O@7w_gj&Zt=$U2}LTksPUl}-$4L-}T>w6~3HFPeSrj9u<fiCS%
z!gD}Uc_<eBrf+_rd!6C2u1?>R?;`1I<C;}w2;+O5fd##qRX5=;U-jsu=!RQdh{t#9
z^88Go3zS8YT$}3CrBQsG;Bds6&uewOA=aB!66Zv|Pj}fL{FcXA7o|}j!k>s9p_x@2
ztX+iJWy5jWF*bzHB%P+E$|`_?59wrW=s9@B<=NoAj)MSRmwUbIIUyZG4v7-Xuc0eI
z;Hu09!#qy}AD03^5V?HHV>yN_7PwJ0zqr)!dDNY*LD*TZfw|%;=j5EjY-}8eXK{YQ
zT`C*C&#wv*+kGplKCFTxCS4{cHV%<aBY}fMq24lK)0zn6E@s0jv45*#(Mrw}CL}Qf
z4({<o0MAwF3=-M2Qi%G|dvVn%LFA5ZU$=$v-nCmemq25Yn4`RNbczm`r1CsdDDDpP
z=n4{2M&yYd&1BO!XPuP`AriT;cYr}Rv*RK+cR{uT!d?vrd1hustYLW&^lI3ogBA1K
zLAp0|=3H<xBl%rrWrZ?J^o`2&hqrpIyai{kB`(!5v|9Ftz2eu{Pc3n-t;rlo`<Y^B
zyb^3^88uDm+UWndWem=u5~vc!YpDs+Pcxl>Iiqth3uMB;Y4t=A)0LbUGEY?e><f&o
zKBV{bDOQA#9*vz(xY)DY3Uv>uCyF~ieY>*8H)^U$@OA}pD~p_H&ene2PRi&qMx;V4
zSd@eO8Fkh;WhE=bN}mnW_$({%O6d4%Qx=fM{6w;kzE=~W6`02FThc^kcJ0crCtO&_
zHcN%VCoQK|-Yk7|P1EKCqLkBXXG=dG85Fyrk|9C^=XVs=78|Wf`I0W+uAId8SxN^9
z>B&+lQSga%0o@SlwHYajoMO!{_0e<Dq>v>WY&cKR`^2~)p^~bQJm4{~Edy<*R`6)&
zOIjhv{0?us`d&nEAu=0)muJ@3*Eg8ZH{KBJ3Qxd#B<Ob?*;95NJ{czL7N?g3O$eC7
zT^8ACZ%SXw>q#^7lTvb}L%fp93vvn*jxpzUMH@z&6S*6EoNnN%;=uaVt1oWO;8qB_
zj=sU+=n?sTr>Y($RI)4Oh74)8Q7mFmhfihX3w2!B()|(x#6vUQbLAe3m7Dq5veLa}
z;+zdM9K0zAN~uq#@%Svh=DI78w_whXA<t3**|-}<ylffwM&|m`Ks4;w_C!trjU*^s
zY_p~^;zkJ!(ws~`R~e&Harxz?t`^rdE_JvEh@!O5A43R&_a`|F3eEcm<p>*AagDa>
zMj)bF)gv{Z^}I$yr<Gt3*EJVA>x0E7)*tt#nxc^m#<A)CCR>-j4W!avKv7cj<s@z)
z$aP()rIuJK29r{6xPZ{HEN{ug4=^3^g}ls-xl{R7MfC+qkffD_Ezo509Q0Y=qr<%p
z-w-Ib37hf^i15@Cnr2@WJf3@!^KLxUTcgHo!D)~qMWdA3Kx#td&X&N#j0w4vbDxBg
zDrg#-7sBh@zG&>dyw)860NlBEzf?s9k(dd?^{3h=m>W%39`NuVZ*$dGDXUro55y!i
z%R@CGZ{JF4PB>@7-|OYS+t#LM>X6IP_oS$8f>UkyKAZF9&&%|KbGP$f)RWSX8H<Rc
z$M8NT-Z~a{!+m|8O9C+DD#9<T-p`EvoQosmfho2HTACYuDpq=VVUcN4k)>XXk9#DH
zP#9X_!p;O1wXS^Ab<ayk?gV?vs?iqNK5eaq4D7n0@C%zl?7<4>7Zx=Z6m~Jb8lQJ}
z&H;tNArv7XuyQaz0%&-h!YNrQfe8J?>M;l58?B@4w5P`Jy`RXQRQ8KiO|+z>&<9c^
z)CT451gl9B8J6_ki1W67VGjdA^g;>+xVh)5<4!MhkO})YNrOp9ME>VO*6)4eQaJTz
zI+=a{VT<MEt5fBmqa)G7nm0@1l8+UmR;W+LPVa6JhCfG^?JPfNzD;uWr0>yhwoCrW
z$A9N;3bERYLfe<|<8rEFmwRMh-LAbi<L*Ac);zKYRf;LA3vqx0A@Xt75T9!qbQzB0
zyhjAs0mU)U)eA7ut!5C@wj9wt?|wzHLlX}ZL(fA}IeBup<im$86RG=FRX5ISX{(z0
zbb&T}YDmQ@t9pbAQF#b?9&V3FP2FA}t~8z;&b*$Oi$EYKfr&RLLKV+EoPEsbr)`S}
zNL)Rp6`pe5#S_XpH5y{44e33jj5&j=6J5XvC7aMu%t1nfV4Xki<F@{Ew@|Mbb!LS<
zu&a<zva`?Pe@&FR8aHq66CtkrN#v={z@RWc57glc#UPN&q`$Cq$Vr>oK-d^D`{?+Z
z!B%m?{A&3E|6F=(;iO+^tJXkbkhROL8&SdaDurq=`$NDtynT6B+d&Ic3{ykPE|SbR
zPQAP?!R^Zj_V8Bm=6)0iFU}=fT+)KOlT3>=(GJ2OQm>X!$|h}gUa`BJU!O$LNNyCP
z9QqNf{Dp=A0&#It<di}yfWG$4Edr7)m5-1Oy=7i|eRdXhp1URk9tEy4+EUw&JTB{E
zp|g?{<C>g&P^!dRz)R4eSBFz}xk}YzX<J{?3cv}e22&+eyLh!YF4=9ccil?ulGq8y
zCDedoeZYO6`A?JeMow4y!7iy*PeTM>7=Gj#47=8n1!KVJ8IAgPNX*)9WI$^1Vj+d5
z+Ql)%OLNqIz>3t-5`Rg!@f(e1d!c^8u^WIGEJmtSg@?J?76ix?mfCW+$rXc0%$vMc
z#xv_A(dcCf=Q)}CMH_FO&y!|&TF-1oL($|=mEFABZ|)iRDUoelCRpvQ&DcvMYEP14
z)aD6j(6hvERj{e}39AX^k;u+E;X>k>o-%<U=(;?)4F36nSDJJD(UEg+Wt9oD=nAAb
zywwr<6N$!Tl2(k71opU5fQaQT3XiN(oy#V^Bs=P7?JmPpq@w_AwB7f7SyPi-N|$XX
z{n8%*YXf!dy%(LFW?Cm<jaS`rYvFEnjY$>zDobWeZaV?j3zLY)DZr{Cd}&oaA+I9n
z>0`214;^h)2q#9W+Bq1=vl3;Zqnrt9I;S8~f=dJ+S9)(>>#NvCskXeFjiTXxhnwY+
zl^0p#Uz5va%F=-vyb)@hp9cb3yCk4b2EHt{%C6~TFg0-0t59X|+q?lZd~+BNBrA1g
zyl}yuZ0<PX*~5ITqQYoAUVN*>Lk1dCtEI2Enn|0W4@$(YQQ~uEOJ4Dh$cR}w#4)8s
zzY%CMbMh7ucvGHCH(wfNp&+-OU5zS#qQh{cda1KfORoA^`22i$U%<r?QzeoFTj9{t
zx0zK1E~zfk{G~iN<=#>BiXC>WZAseZ#3caR<67lGJcb~B*H6EN)-TWJYIukjGge5b
z%9U)ey91V`;#5}I9*b{!P(e3`ppE%>eY6nbja^)4mXN&sfWu8?@U^oD{DYmy*U$}C
zd4(eXNc?Qw3VMiiuzaq#c+s&<7|><E6N6@hBz!25gD&o!rQsd}N6^_Fu`tHu)PIkD
zHQ;e^;xnP<y{-x8bYvFA+a9Hni!shDf;=ahIXf|e5tj}=W9)K1tbJqMADC+lnjQ~q
zVEdpyHEH2(|F&kqIv8IVaTUd~<FYR_sNBt8!_X^6T$<-R!bBe#XGd@vx<Uw?>s20G
zriVO*QBF1!of)kB@R74#<6?6*TLUxFmw-TQ{oJn`5-U;GhDLdncC~{lN}t!A2LwYj
zV7m#O)v@hv3$_m8?l{xf0ToUNH<v^vkl9y_zW$swTdH3~0;IhfsR}IcVUGP?vz}Z9
zTB)FEqfgZ9jRNLf+AB@u`@rljR~5e;{<=Cfb3RZRarMEK5L>-jE2A!zLW!`%Vbj#A
zz2!dTI^xBR(@ccB|B8!*Moo90qkvOznqpvZ7H){7f_3L75-^vlBW$D#T}DycCgg1h
zZVa>bD2^41h$=>EnicJ^mYdf1$6P7F7HXx1CPTW8x$az#M?$^?TDY6P<stWUPLd|~
zAnj|~;ir}@_Q~fcN{?w^Gju5mvPkY(^Jvbz>SgiBHuiyE1ZUd1za=>FPHA<V#*oJ5
zjH2ySUriP$C#Ysdt}4UfH11KliQjwqm%+yc@xjmezZioo+jhXklsVA-`+R%)Ng;uP
zL^0P{-LrYJ;eLCae3%-kP?<&uAO|Q1HRy$;G?4^HuIiZ^f9FzW+q;!8kIWQ|uR!0r
z%-p@blPpZ<M?gu4zFDo~NT1aX>6&%UEr>vzxJYDAkJV@0?^!fX*i+5<iR9oG$xZ$A
z#5>nX&i#|u;vYTw51n)Jv_v)EDXiAg_Sft$QI5y#>F*^4cCu`J3ZH{Te>dzg`Y%aw
zqNtPT<JWRDzHXTLf;~5MXk{Le(D(jPm;d@V(hHl^pT=Gf4^2G`ySqqsb(H&k{`0I1
zB8M#H^Ja27i)(R1S)*b4<_|mcAKKG?TqgNhCgh*g_uEImJ=5{J``h2{#;n9QWPQum
zH}sR%{sO(#C{p)`q}AiuZ@#UzN=G-N57=?#DzR#-9Fke?k38^I8WgJ4(Rji69e$n9
ze>2r|^Lyf|G3soJOCSRaPp-ln7Pw#R^BQ#%Utxe)Qd*v>4dVJI`A`iN&jea2g>o?q
z?dt{^hMq!pVgw^es883H*QP-7m2p{m<O8LCuhH4rJNPQY3zo^0T{aI1EzD!ZkJA{6
z9RWa}WYnr_Pn5lY5XP8G)IAZHJmW5WvsFpmbq9Kf`F?oM=ZRL|RGX8`Gis6?VI`0r
z-hp2C(~udBvM0LxpO0x+9G&i`pr|LExE0h`&MD{9b`J`_!XeEoo!I%!up^^L+4r&`
zGd7yyK5NeOEq3!lj%fxsKR_=Ss+_FX9y&_h$O1kvY)rI`&u$5r3OKp-Dzb=kd|LH#
z<Ywnt_dsv~p=g9hqq<yMYHwKG&sDCJmk#fzB~^oJ?QHF=a8~*{Sgv7zcXLD~Nd<Fc
zXDce6)RDzSyQA)Cs#!m`KN*IAb2KI~Hkw<5S)V6tv)8?>ONdh(-*{alEn%~Y*L$V2
zLF-fPT%8O{Y{TFQkV{{fIMv!_aM3-3hWv)cp=zOySY5xAzBDc}ytER37{LiM_{4f1
z8akhRafKNdn07BZiA|H5A1dG6p_0==&t5vzTt%zV)$W?j>=<Oru(*u2X%NZjh+JxL
zm3-pquICi13m;s<p$Z0-JubD+4}6**2wHbo&(I!_Jxx;F+SLc8F<#8?)lka=2iK10
zbJ2#db-xZK-ke0?M%7jOgz0u~_ZF7!_#5dIDd69XDO-~#-h9@9Y|&`MOsnvkh&~XF
zb(20;5QX;IR^Hc(^MxgGDT;$@rMCc5`}4Wjpe_D9nU3yD#}b)IsfQ61$+W7N<TL5P
zxajD_)|z(brtJp*OZ+lsBL`2f)}&!=+^I#c8yLo~Ql;DVArh|fAKH}ELBZo1JP?(5
zjlxma=%|QuHN3;9S6=(+YMg`MUT~uDlxV$XaB>8XY5h(&QqE!RMSbWjk@>K6C2TJ$
zoPv#h4_CB7q$3dj?}1W&6F<NG_@AOL_&-H;{QuD;#X9)k7k#$oB#h`YijY^z*aYTw
z#Yl*jud6wJe*aukW~>0n*}+$<qnEe?28(iYv!=p|PupXO0+!F_Z1>h^JSaH$n#>R%
zM~p2Syazd_^M*NdWgDX+C~2_SaDo?Ff{WoBhpg4+1!+l>*mYYTRov*1UUyEXqr-*<
zrUXr-Nnp*Hi(tu}s>s~3u#Ab#X$UVOq&bJTrB+TlmZp!cczl?3CS`dXH!PlBR4}0-
zPI;#|9ODAUpcxyeT^rcHP>JW^JO%}?jY*M7EGQe~-t6>8rtl3)a*`{(gPF?l!@^BQ
zE4gNr@zi^&)*E>q0BAd>yda#@Uii=!XjndLnU|ZY?pA+Eh^ba}az1hT(?Sk$qch|g
z(lb4>5UhTo`X>_71kM@lB{52clM=1^#z{>laZo-TQdDc*u6}<!;AFgCZ9~x~to8LE
zZJ#+(OFO4trD?!ZT1&e-TU|G>8+(|}Q#;TfF=gg<d|1+1@I}wg*NrO9!%oM>0Oi%L
zc>{;HI@A_PW7w~R=wzE|_$C@b0BHXT{tLa+@lS-W)Glc^D;*78)?3W(AFpF|pOdDm
zcsBzLujf`neKNPW(9{&^&iY^}@yc#(cS}6!m6<#e5{lcu4YYsb^Z!)T@R_Ga;a@i2
z*>5<#XfJU6eWaczzY(prp}nb8RCa4w;6+u$={^a`<qd&<(M-P;rIq3P?QeXl`#q+^
z-^Ypw&FT5y@Ei-*=3bImNZ<Wi#TOaeC}<?~_Ix?WpF07A$j0jUN^C{3F%fbCfr$e|
z9^qPXzwmHv5{$ma%ZP~ZWjAW`c~+}DFw(?3@~G-kE}iNEQCXo@dwR4aDm<}*y|Z=s
z7RQ+B1qvkm-hBi4=v(}FvHT)rPM4u05e#Aii|SJV#Z|f6osrTSy+}byjvtHWi6iZf
zub#U5(vFm@YQYKS$R%F<ZKB|lPTYb{^tTbBE}p)=-7^xBM}O<{f8?jF8Bx#eLh<%0
z{`;sZ{?WHK>nwoMw?0+GXx0aR;vH>^T>#SP>O7D1f%2{ST)1nT?3U!>3L$2-n4?+c
zn-t&!$>nZ7LyrjY9kb;tn%N!!qb_DhKybcCnHOQ5?~P%z>a3~#L91d1mvBEoR)BIT
z-6PmQaBo=Dg*$8l;CAp6Ny(&4-8VT!Q={mD;xG`i{f5kTLt>UpeCjv}NvZlj8RWHF
z>T#`^p$~kTzRHAtxcMM~BS@a&>#px-?<;TbW`FK@;Po9NQ*`*9i||D%tBi`|hxOt=
zsrlcdwfQF%|2vQVL;o`Tmy+54o7h(V?`-|IxpDqWR5B6TEN=ZN<!RO4{FARv`DVdw
z+E$tSQyP%+vcL$u%%?S*kZ_~u@aV9?Y;(`D7g-<bgNL4xocFl>PyF!r8^XWK)n`K(
zySNYYkDgB$X6@5k%yfLa|LAudrT?T_;v?y)Y>vgzmBY%7&rjLtq%Wu+#F&hl`gdQm
zP;(x7o7Gfap`0fT;#Bwh$j<^qE`KqLs}BDpU%SJO66U&-+ZKM(r!^4S%yu!~Y5p5I
z&{jvc0ORc<VsQq}dJJ|*ndvoO&+c;!+JHam_$rI6%Wm~P-2Y~|G^gJ}e^{0kx6QPd
z!~xxEvNZJbZVe9#q<lR`V)cNn1~FnGbMpCn`G?)2#mJMX;qH&2oA9GjLhY5c$y3gc
zA7quB&qRFonQ&DJ+}>C@ZEvq7_zP}W+~SyI!K;lnmQG71Bi@Bgz1+Q0PR9FdYgZ{}
zOWu`b1b%&J<notx?=70SW^-7OR!h9RmKBCFI5He+eQ>K-?$@q1>IDfF?LPg#-6P&*
z{lC`xz3)Z;;CsAY1z-Qb_ZUQf_VmA4ui|gMm#jZ`@kie?`qlTk{t_mQdJoJDomu)z
zj+D0F`h-rC(*7I|QA|I_L)g#W`pY*Yp>h3x;G))lkDy<^L5!diZ?p1@KaU_G`@cre
z+Jw)m=EgV53auB2C{dAHzfS!9pJVPX<L>yA2>NjpR=)pL_x>K>KX)(Y$L{@V<X^hS
z?NxAUs6R(`upLBo`kC!{Ey<6W<rjO?{;~CbY3v`Y7yMqhZscm&<5?n1So`N}@=Igv
ze@{gfe@!f^KeqeJRQ;M`{-oW1b=H2(d%v4C*B`p~OS1b*_kNk@1%X?_gj(7kXYCh<
z`^&8TB~$)&)-3<#RKYKx4_|G|obW%aPAI&0%PnQ2m+B`HkAy+yx-8@#-mz5aN$0zf
zv^)OmG%J#v-P|Rh0-|DU4~D2<TJhb&cR<GJV(eE9@DrgtR@-&ta_x!>U^JHx2VvHT
ztB#H<@9AokGw9Bf-bpWqgH&KsP)`3k!iv7x(97&m{rdZ#V-wB0r^}bP1l~%I;<7hh
zYd#`58e%P7qj8#U>R?V&Uj39i-#8Arq_t+gX*d9HExR96T|c}Q7!s~*hE?~`V{4aM
zyI5?vkZCuscC|=-Y3(NxM6tK)>HXmP3MRNQrHR<^koS})uYxzHXaUI?(|^W1_xrW#
z?+;|3tL%q=-TcPqt-tYA#qikumihJH(aHVuckKU*Pl@Y9WcPcK3-${Q=RZ$rHC+nM
z?37<AO-ZygKcR(szwhh4O!cpr*CbBPlz;fu>XNKj=|-(*qbh&KZ4&al+kZNgGoSr(
zTl=FyFsLcy+2Ca{zVLpRPDV$Lqh!Z3{QR?)X1_h({_e1y*W#pw+sd$G$)LNuiSzVm
zl7aEV2kUs%+;e#Jej*VXO-eo+Z|4ZeqA^gl3&PKRV@oQSG;z8hJb~~9t}@;DK4$vB
zSZw^_HrJ{esyczjN43x3yCKa0#=hbzSxK?wsH6My3WD^YU21MP_Fzz0p<*H5eY`QT
zVYV?%J?e_(TY^!EN2w?!_cB)vAnHl9p1vUzT7bsk?vq@-e{%Cr$N7Ki!8w%~n=sou
z^P;hLBRhj;)=?d9r@68079ShC4Tucz;jqYmfwNIaRasSOedLBT5mxcpRMB3SvG){O
z#VA<a?zN%eQGD!8+G4(NioKf>|7Px6Z*vuwZpd7tdXt30LQhW)5hnv1(Uv>;yjXE{
zghQws>8>V1U|O9R(oVK<RdPbtu;#>W@~<)X@}R|@jU0C&PNIUs)UT4q&Z-F0sC5yD
zti;?l8GJ>)6CF_8vwUR&&7<jh{42vofS#d%y|Kt3lB;+%91BPw-az^pl=Iid%J;)3
zZm7r|ZmjrswOe4Vk5hrI++^)(DCKd(9qt2cCKNz3n79lE5W;buyBY)a0Yo{AWR?S@
z8hgu?X}`1vJ^xY;V~*;Z53j}O9O(`#JdiAw`+Myb%@^Bx9nzoLTatG+kriSObra0h
zL?+D~<zV)hUVghx>g4GNo~rq9w4KeJL>;M*?_6FrC8-rHeN6bG#Qba5enwWc5Rp|`
zG26^tmoiqE6Jtb^Ee`>`#SfJ0g9~rkDEVFOieI&#L(ou#A#~Vn$C*HYfZT6`(MF^^
ze}Ka>kM!FZ?)n%;L=yQEkwmwM@S(>mRrLjU$K*W}=S!qA){>|Oi_dM~oJd58CBm`W
zCgT`9a2C%*M6!iys;^8vZz9{%XD5VBs_jx}|Ju8&zgofdEEkV)+;CsX&6HYJU%l6s
zGg?u7#vVESron0!Ovz{KlW6WZCyEMN5cyg&X2iMU%tLor{$@^*_rF&3TXT|k$regs
zb+I;5^2%vvn>rJi=A^0wY}?-=72hZcSJ%xd0wiiw;+0pRCRedRE%>G%M{h=itNp>~
zA5q}`06g_q+pvo;<KN|H27Yxl8ZGm-*4`&vHX$^9FA<2}BKHi^|9B9P&kw(Mj3<Mx
zD}-?OiZ0E0f5@*!JpHllpP_Pp(DvhlBw&hrW-2g{qI@>P9l^AN!LA1|Iv!KmjQ<`Z
z*8Zz0e(Sdx5nB(gq(h>vGBj_OX+A6KyQXd6*DBMSx1{pW`#HeWuD|upiR01%8iD;j
zBfWm*vQXG#je&P5y~WJB`}}4VwxX+Im_jJRebBTs7oEhE3h0U8d9d{3JX1<dF+1lY
zJc~ue>fY6*m*3xsW#Q3;CoS+Pms%OY_kF0P8y<cUZrIzAXxqG6q>Nxxk^2z-qAq5e
z<>eKst*N$vWw1bYlYC6AfrC8M)u$TS7Nz!F$AQ92>SEy)27t>))_U02{wd9#h*YXS
z3DFOv4}S5!t2cfJEc_$0!s7_c4+WM%q>Nv6*Dd<Gt~nL8n)<jeOM}*>VpxG~?OHdY
zhaY|R0WwF2|LA|B7Jux2BtK5cpY`+1kI{VL52KmoCE1VB#PP?`M8fn#i2N?&SbqFl
z@@)QxF1E>8e$*b(l{-~-HM-xvm6e_6cND%@(e&uYvHVHFI%!+e!Kd^$w4)<Nao)$=
z{NstGwKLDsP2jCtP|dDhRh0_nu@`g14RcXBe+dL5nQ7tW#$>wnJlUIXyg}uv*}QDt
z7bRw(F_)p5oxBkcu-3-(kAnf<`WeZnH>{ArGRc1PH2+;;W)PQTv2(eHhR>*HO;Ym5
z(RGo5^=>O&7nwJpcGM6ccc4F{O^khQIvcF8_zLi2g*W5=utJx&|6)ND*5ISqpv1?P
zTy;?M=FQpFRxG-XBD(h+61<?Q927D)ZM{kEEGPxval%&#0P^C$TrFRcnky*?AFbwV
zqDv$yXc2X^{voS8j8-T-6|m1zkNE|=`OApK2dYH7%fm%>!2CMQ%Dw6#O!cqdV84cq
z6Ip0cSgJaPQaTU<$Xfwa4GOlC2OntooR9K4EZfe}4oK>cJj#20a8jg$m>~;P>&Tl2
z9Q)wtR9d@!9H>ayzh@EW*j2CM)r1O09u!LW@}x%hT3KK8Sd7H-=h`I@_E4oFbEC6?
zI)Q!E@<-RdxF0rgOGV>wle)!n<!aG`$kdHdZvU>me~6JkDcG5~dX$3VKA}_*fj{fk
z)hu+d?Z)P_x`S$GSx^FqC`6PZO>piwo-aInpnJ8lD0V}CR!VoqZfP<lGMQjg`-vsk
z4(*P=o^C%7a7dHM0j~XrdHIRt4<|;_?H@|2{d)x^Oac?xdgALuzMO80)rQXNJnus-
z6Pd_qkqV^p5s+Q(Pq6B+yso~+%*)5v!<9QB^kgdsfJQ9N@%)AkHirxH5R&p^+;#;1
zVSsB_Ok6?ri+(e(KR-bM&0-kyo#Vd>E0oT|(0NP!M1mPfEz~T@N9XQ#sAjSeC0-zF
z{hMl!mk&KP>dd{qH)0!dTX=N#yD{oe3`DC}YYUFUpt-n2MZsL0qc0k+eYmM3Z+j)y
zpk~x~ka|}Quy#quL$5`Xe}VpPLs6c0LX(bf7ZDjvFFKs7N?d9D-S6oNQ%f5sR0v7&
zN7<v%fqN<ZH?8036_x4^rtUVVVe%G)7YAbi0a3Jf8}(jz7_G=(7whe}Rn$zlt*LrI
z$yxR&YYqLmK{a~`xZD21?n|^}d23AwQO&p`<HLkPp}jFn4dCk^+QTCGR&F3gLNwSH
z5(9{dhXB&VwQno($f&K0Rl2wn9(r1FsK570PDZ~7RoUdm->{)hTYsUmfYcYsbtVQD
zB+wBQ-K0^wdwsF(bdvE~6Ll+d{)Esrw@>cIucP}5BKw!9=CuAi)SsP<QQl<2yXqPy
zZU}caw&@wIb~8%NdnLb&wIHwm1YTN_Kc4RHtF(u(5H5PteFIkGytbK-=9HqCTZEf<
z$m2r52t`wIP@+PcTllE`Ug$C7WciET>6pI_miLbbYpD52{rvKQXs{Q4WWqXuZB@OV
zFXkgp`U=1e^xYmLu%e?|k@=+{YRLMPJI?D#@k?iME=C9nSe^SM>=KQoBC0F52kNU~
zH_t0Yw>2EXulgmmAj)MVU15!be)CFFE>Pc?HzecXcfbuVaVVnUXEWg6{Na2vut`i7
zA=v2K#W}#us7~{)=<(k2Y^kqyc4a*#X1bSjtntEoPjy2vc$KysZpP-P;O+{?kMvWO
zxvCxqaK+#yCBH7Z6C4Coe?Wz*#^b`{wfN=ir!xkk!=6G3g?j4mb2?({HT03aEd1HM
zfn!civl%^+Nu~;ww;XI9{Q55W&0BB|KVx{?AK*8(qUICu&4i21n@=ySo?!!2DY}4s
zi|Ta4ZnTAPq(u9xM*p%br2YG%{7+KUznse!$cAc1u1XtQGMiYpt{P(63*FNEYTQa{
z+){U{3!-CqXH^l`j(%KvQE>mEX<6$3VfFC8wP0L&Ec#?ZSFobT|K=8*%=D@YG``O$
zKF>sW;s!Q}x*)tsyKX=!fTXvOQH{8o2MRW(8nzbA2&*ULf7as4JsI)CgtUuN1l;N*
zcnayf5=Eknc~|6=9T#L%nV2|`dQfgi!f`@Eay?Jz)z`iJPLN`231w_bUnznp5`wv&
zORz}@2$>CfdY{F?JwrXGQn0FsE7RA@+gT>FHuv@QA_8a2po-~%N@ZZ>a32YYvE1GN
zC;w0XD;pU9{r#cBuiKAG;3^6XCG4mWn~-?>K4(lNY`qtl<1KO@op(AKuZoRnTT6_D
zCO4{&`sX>7Tsyu6m-xay-k(z6G8C=l%i!O(2+i%Qv2>w{;Mp4N7P<>V34jI<;7lB|
znX}qT7A>fTfEm=}Pb3hLrZ}GBeW}16@1Xe;HO((-0YhhpDm(PnX4b~d)OrNP8JnFY
z3>eLrXO3kXJW!A&M-5KpG*XknYEV9;4d%ih$Ui@6DD+fhJj`Eletde1jYra(MVt^7
zYiP2edylS<n=id9XOxR8XPPd!6smQn9$&i^U614OVZ)x??@M3GKOvKLFZKgH$U_FL
zJ$TRsSD@z+@?%YLZqUH~L^5MA=)nrpK_EEn^q!)Su)OSbz-!2jELCP!QmXMF?M`c3
zY(BQDcZW>?Cf6D`HB{jcUc1gJ4Q7A=nd4RXULzHR+3g+UH*b<y1u=q|X}ZDAq)m4N
z)}If0Y%+MWS+aSsfGb%pQD?Ykd>)-EZk!7@P9{fZgGD*s!{$z;CgX|Jb-Z=m(*|Zy
zT^W|Tz)3*OrMUuBFQBCChPAB=pr>v=y5IVZWliL|?-M;Fy&ic$p(vAG>sHZ6yo!lV
zPQqCyFmXW(fxEFpU&kmb+a<!ObC1EK*xW5!f4491?p6}g=4pI#B;nz!9-=2TR1>uI
zyS)#KEhJpjr9wo&GpLS2yE;D<HBLR4u2+FZMtFrOGiP-QYE3->P<${XVQ4j`p(ldD
z#|9jv>3OTeMCM#W5xe*f8qI|{c!^TO?K6WW8R(^(2O#N^9&x*&I5oSKNgd{%Y&&p{
zsHI&<2OmnkL1}eAp}awhJK|u2pSPj-HAIH2^5%|4lu->Y&CtR9O1BoS&Kvx;iuDhq
zVSf2#Y_>BtPqj@Ti2*Dw==f}JyIfrT|7!2MqngUve&dXzgNh0Y4po8BAxP-e5fBIg
zlwJZN5K5@hLI+2BhfqTuA)$9dLKBqU5ePLD=>`y`cfFbQe(Rf=_pWs>U%U68_xyL(
zI{WP3-sgFKd!J`NMMJI-0BHXR7nSUSW)?ScGz1y(gIcS?_XMHwp?bD^MyZh~qN`S_
zSm!8PGB4GvQYx)AjCIKYa8>LhF$GyEX0KINQ`)PSMX!<AUTE1YRn{89fKLe))q1u7
zu7(sr)iM>5LSBAlgix_}y&TZ&TSmC;iaKk%mX^Q6*_MHeXdRYekm7Ey+(bJyR<V6=
z>)uU+v3LlFIHSDLmU20{p*YT0Lmp*3qexGa6}g@P=0q_+#td-5t(rT1os?zkLPdVO
z-cEkGPQb`q3vCdC+W>j_JRBd6z#f;5C@JRwQ&yFpG@sIVzhY*}?0ZjRTJH3*0qqgL
zw0(Au$<uVoXH_ZiykR|aS<OYWYzcxc4JS6!6{)hbL)hfRhVzdzBBq1x(e*oko31tQ
z$Vd(}k!;GmF@*vknEHUXy-7;^Now_g{ep4kV}AI{0%yQgdH3IY$W@yp)x}lDAjb#`
zeFJev)1ENoxeiD?vTJ+<4zaS;aZGHV+IGQ2m~hrRfw@IsjnRsC<Y2^^9OlmZ9bmLO
zGQ2jR{xrg2%5^>IG(xmkr?-5$DSXi7Zjj3uFG2FD)7$QcYSD509W_)V*6h|C?7HEq
z2n1KAZumxQwR;SgwNeN=m8yW?cnErL2?&%*^^N_YW4T+p&whHh(IyYc_3dF~iOQRD
z|JG~Xod_P=zH*sPxN3N{u_>oiqy5KO8GQNr^Q^^b((t))M4H7fTe{lVz6J}^B-=05
zsYP7isfrk-T!i*r#|J}|<9<MEo67ZvfS-&?s1;1#Zu(|Ay{4CM_b4v!WZBr^R@I;1
z&MoG!wWL&}s}*Wo1r5&isRE>)=FWyfZwAD2bxHIJJ(V6#f)i9c+_=1DEP9J0ZsAi?
za^V9a*=qIh>_@<f_S{8AGiXVliF013kq6Y*UIQfc_+yUl;;>+Fu^W{U&UPopgip&s
z$@dGstGUgbZb0EZpBO)FYUo@~T03ufr$-mNAg_B&D#=@h5tTbh98o=$?F_K|{6NYW
ziQG&>15NmKg{;Uwh?pRmn~Itu)sx#o_uTZN9Hz@UWJ9TTLPHuf&%;XPmGDQ%CpUqc
zm(tR3C8p|xxG?VLJM<H%WKw?%v2ivtNl>3xOIo9_?wM<SaGt|Jn;UNC{)blpmxCX+
zw2CB*jiSwLj*FI3XlgIH0NdZ9f6yDyg{j8qLi`W(!%PhHU9KzU!?CEk=>AM2zPOAH
zjq})$7l(ItV20?_*M{{n$f31F;Z<u**fkK(umx_>(fUq|OSw$Acz334-1)~Z@qj@2
zeG$PS$5m?vH=k7Wc#qTFHFO*-zK`M*UKONJV@on8P~jXUHVdlm(Ql|7#n)mD7^ViX
zllGV+WJ8Eb%v>I*z=pLPH<<s9*F8!}(W7uLJiPGW@`(X2_k$U2l83U1#vPfPqkyX*
zL^(X|EmxU~l=rapZs}$P-9Yhxb;}Grqft8Bq!#~qIy($R4?_hlc_28zJN=!A;a&YX
z*+<tK^N9lUlG#~e4Fn?3RTr*a2gD5tmY2lPY~x4)EV?O_3K-;nP2xu80%xk{wbjfQ
z$&BW|S)O=4=7LAgxYkEbmiHU$pG+ezCuM{NW4X$ra6Le?55L}&Z4-N{eS5H2pR6}s
zHfO0m96zEQk<mY(J5T{u@Je8Z@rrgYtZXYeYD%<+9<VP>88G(=cJbpBM*8yb6{M9I
zmbXk&Vo6OS4iokd>e)DXJ0M!BuJvlpuAV7VOh1cBYTyxzpjyBc{$cC!K@xp;&T|jN
zByIM6RSdEKl$e-*H=u-hCVC|^6y^#^>|F02>qI~?K}KI4jGZh+B!Zp}jh^|$u1}<+
z)+Z!{^i@`n+x(eCBfdq@Kw{tI;UgaW=PbZgzP+#kUS6^6{2FZ!<<o0ePt7tL(J}oe
ze3v~zG<;yA1(=$1<~D5>SB92<Dz1+1ATMyl{zf%P?JG(B0GzkHD||w}r(V=-M38gI
z&<#!xJXX&XqeR!VeORS>ww2pO9D|@|Rf!c^Y$#)&`YxA)Iqeu(Srb1EVE7S!a;PR?
zr0Nwr)>2OgY&TPXkb)F@w(>5z+6blHpIk{$9bFX>i5~CTatJsYsuC|VA~R&t?RAf2
zd;WrPt=BTt;jz92t7f-qFM^6SXwvr2a;WL5L1<}Ot;-A*AZ;#WBe?oPcO3gVvz3BU
zs8!Rj<ooovlnq-gw&jE}HHc*L%fbQ3<ms<8?kCQX7RUoBQ$^>_9O3%V-98UZPTAw@
zs0Gy1n)7v{)j3O0#tR$qXQDRxY`SaU>g&BGY~=MmL=8hqLRN}~yi&Dd=o1)!#FZNJ
z#03Z=lH%`&{5fdQ<=X78Z9)(2Q<rOg`1baM40@uiy~F5nC4`Y0q79+gW~~zi&)WcQ
zAzO|CW8!Wf-N5+f&c%+-SPe`Dg7)4O#nG%M#gwo`%0Ejuymv<Jc6qs-7-zLUnYGYc
zS#>bOM7@G2=_YJtB^C{-`n`7rert40V44>@d(T+0(ZyT&EiwPuZdfNu!OJHYz%YA7
zDBpXI>6+M04I%C~A#gXg0hx(Xg7;;sDm52-SP@9<p50j07A2K~nL~BUt+t2#W~>=0
zGnQf=c=xg7!FT>jn_;(i9XrDpBd$|Ye4}7S4D@8JEzEJp5r9FnOw29|GGYX_RyMuo
zw?!Dc-I@q2VA1;xx7}nXnxTX;*2sO#9|197?Ga_E-p~+M58{nVn^N{ix=82nBD^6G
z4;xmOvJum;YK&A%OTBN~eDXrwf#apf%}9<R30gI-PFGn%ZVSsE4a&rERX2=Di#7>{
zeKMIRB#fr2yuuPQH=;f^^P2v5n}g(fb=bFxxM!Y-qtZt(N=4TcBCs$cB?R4oZNNw(
z3~0R)-YMy3-U9bxmXkuDDJ0UG_E>z1*<-%<6KUmKsN;?~zT`eihD>1?LRC$wtPaai
zf6zhv2w38~eyVH8vX!xFz@X_A!%WCxLywwdZra!QTuXV4Xft4&Gk0*Ig{V>g3^MkL
zi|mNCGOF=X4zwzm+Ppqk7F)TYwNX7~^dy+K9lMM94!|i>QY7R@_vbmlp;oej1#TSc
zl>oP9l?3x=xX);5$Kpfrv?WSqY`@%vrfiL%+7BreHTR8SQ6{ECDXEfoW3~0MG!knx
zx_IQ2%#p`sfhCTFh(Th8+Ik;72+nybjr_DKpTvwS&GOGp3ZqS>w$9^<&(%WHhH1X~
zF->Sg5B*7#=K$gn$oIrLuPxt60kryXqiVX3hWg5Sx(nAvaG&Z_#}=-%ZUj@&OF!$-
z^Ri5;YBYRgpR<=&OXv+apKB!!SFoYisadYZ5_pbfdINN7f`aAFaz*409{^lqn{1e)
z9C}S+)Elrltb!bq>UND`c{S!VE5PMuk_JzLkOxzQaer#BBaarN#G)i&%eAgPDI<Tk
zw2+vYt{ur&zQV`L+0;|W>x{DhxUz4MX-gu#>K^fRVY`x@(2tvnUVNWSS|JRKVwQ?E
z?s{~o^F~^2*-?+`a2-44LU`iWX)%}xC9CGc+gCxBjB#M=rllLhQ~hyF54tPt1?}@!
zc1nTR8=YzEwEGsMWdj;1hHLh}wHgs7;kjar0sahbDqrB_Q9XwJEvR$=KUmpzAf{y3
zCy%TfP`vnIJvy(>x`6gIggbqz$QnvnK6JumnQoW8d${hvjy@K8oEJ>|c?+VgyPiR*
zIGjGf3t_~AX2YXS0IbaSG=w#ztX74+hN{CRqZs@ql2$*(&I{&#K1^IYYzN(khS=SV
zJN$vw$Sq|F|0#nGi3HQTE(4bvQfaa2w=3A-`J>AzJqmu`+=c;{&OVK2iqO68QcW+Y
zCN5QF^p!X<sN-1@SUW8%xq5U}>TY$b&A4>1smb513yqrNXtDA{O5IYBwvX(0N@ZwY
zFn!{*UVQy2Em!N4QKi(9Z1+CYXw)gM8<RnNSyY&X2+p!06*DQ{Xg|hP4BywQa$Xs$
zOdE|pvJxRmnnDt2wz4wW<-P+}8J`S6oFeP#l+temX>CKLdt!FrifOTKw>ZA(y-^h{
zY`k9CjePq-H#rNG(oOUcRjD%n6_v+a*s`ezrK2_K{a_(nhAOr(^FgPo&fMW3Hlv7M
zP7k*pj*k1d*|mK!8!vVfR58KF*W#vivvNS}qCEZGjh-AcUI~eaE@gRC-Po1iZ3Nzx
z6%D7a|2%#Nl`ExLW3h10f<m;|T7G9?NBoj;9$9GEjG-{<ah#pL5DfNHwY8`!#!<BQ
zdVdlp?-b|xWw|+Ve`a}!!T^_m?rn*BlM~?cvQz51Pkuo1L;n7Zs~tWnHI4=Nr25h`
z5`T#vUKkN8*~qugiyz70xubCzfxvOzbSV3PnzsV>9~8Za*5fv;x*-^ettru)CV0CA
zoV*dF)l<XBW19#AGL$4$Fkl={_j&8*&+8RT^0D`sh>s*&;L4Nkai88e+8cP=6xNlN
zFzPjYb}!JjL$YT+#xLOWG|7vP)1Nv^T{+~>QHmOCdC{e~zzrEXVyz-4%Kah+Q#I{p
z;}#A8c`bQdfv)k&iaekH>=ihRRogud*PZMFNsAgD9*XbRkK~iF>)Rvn<R-~-ndj+8
z1@*`xT26sR8F6j@;fcRYgxA#G%cHqB#~r6^Z+q8<+4r3%g+ClYMqCCTYb23FL)P)Z
z@I5;B#54iWx9U40Hyu20*T4MOOs@Ftir-TOwQ&@vLppcnY^`Z}5AGDFQv1A1i<_uk
z)nc?F_mm~LVSN((;>ny8c(_bWZhVT@+Gd5};56UIIVMNtR?PbSOtWf!>70?Eyz}w&
z72KFli3+>JiPW|wIF+t3wp@B7IAsODYON$VHalc+BVWO-FhPrE;2R8Az!tTn`2P8^
zwA!jf9C67M@aA2K`Eveqa6~uA8KIH1AlFr&a11<cQqF3gs0@uO7l0#1)+OBpHs*Tt
z5|<piGW*49s6}GOC4MZ9EugQljjPqz^-5BLLm_CMW@+9q%c%kt4Uyka?LH=k#9GuS
z3wRDu!0d=Ay1dRrS?H;hRNgJ{G9|E*5~#UOZ+2CC?~5BGu%cF&v+Jpv@jJgjm*EH(
z2domQ7=nqpvZ!k-H$X`yA1B>Jv8Q9sDdC|->I+^}{oG45LigeZx~ak3OQY9%!Yol}
zhn0Psydrpzb~MU1eyc}}-?0zZPq_2zk9{I+T0$bSSQqBsu>vpAi%))oHMqshM)gQ$
z!BQaef&8Tm2lo<5Rep>0X_|F4<&C*TQ3{UfY#L$6lhwD)?S7p;jqon>5-Ya-?B(aq
zQcnRtX1Pb*?wGi$gFDEPYAEZwk86(Wey%4)uC$ar&h#!apCBUi`w&(S65Gp8_5D=d
zYR_xe_>mwYZ#4tfPw$%o`TVTZ4VpI8;_UiElkIj@pOOSJz4B1u1o`r6!5(Fmv6>}0
z@a43GwU(bIreKb}u_*)NcQNQY;oP(sMwCsx3nyeI$`w2lB8dxP`083FB89hmwHMpS
zWs&u`FA=!1PhfTNW9A~TE^6Z;_mbdBDAJ3Ejc3#6cNw(EDQ4jLpDcmc*b>4H1HZc0
zpjgu$`%uVXhHZ-02tlXQVK;kn_<aMna8skv!UBtp29~&5Wzv`uJ~-b01xsUoM}YT6
zxqE$WpSRL_&XjM1A6GDXD^Y}e8{q2X=3DG3E(-1c?8<E2BcQ<9Ru<oo#4EH+w|%#^
zhS5EVXHe$LgBZ;cCwX>YA<Bx{25r3&rD5uu&7O@eW{4(E&sbM~>e&!4U8%G)37vFb
zZ5kD52V1Q;G+XqKETGeU1pvP|yMlIObc=F(Yxp~tBwn@WfaIwA8$Nv*GD+strp?zS
zWgz)2<Om!fU=9_HHfV>;L;O^=S$p#vy|E9P5%-A^?~kYZ6>gF!2`@L}Z2u}Szc8!G
zLlVoGzFBm4Lr~meLntE2#ELM=ZqWZET3X^B^Y1E2p&FP56M@8aFek54as!5TtfQ@-
z{+;=>S(1%@L(!$E&GCG$Up)^7OtpIZR_b}D_dHNm`9;aUpv`%JT`sh@TLga=5vxE~
zu0H@=q4_ZJ#mM=X<Z%XxnR#(eE#qE3+1KxFHMGqo@tg8L%!;P}W>$Ph2?e=mq|V=L
zu@`Y;zetFQph`CA?%Kzlms#lsZX~H$j=O{Tw`3H>bZ$@*N8vbhUufwq*QDCW$Ig{v
zm8~rfR;63RdsLUeGsF1#(Mct<FFq{7-y~l?DjD=u^t`mR<p=z#*PTu?sB}h)WU)Tu
z9a8FQ3!>=`PkS0fHK?nEGM9o$2qe(ji@}JkG9Sos+iky{KX;qHxhHLT_VQz(LFPf|
z)}?rn&~r~mrY+2g*!`Wa&3AtOqL}}v>*m#c?;+d2G@_XAe;s7npT#*hBz__W_O%|V
zbG*GtNoK_?d4Ft8?)Sg6qMTd*DCs<b9By8Jny2+0Aas4<VeFrM2K}Yk8_L1{jfECd
zlJaShe2mIjlTh%#kp62<|0SpYzclL6zw3Tr*4kdz(c*jg3ZZF==g&VY|NW+Ke<;5p
z_t?tm<GDcfz*vDh>pSOfngC9||E&B0yC;@sE-!KnQa@kyKBrJv<<pYBgV3*+>No$c
z`|nSOC@j_S+W)y3j^%INuhsmWrLKPY11UY#zIVU}&z#ZwOHr3knp$j~0ZiHd#8UqO
zpi<4&v3qHisO72S=H#Au^0ws0<ZJ!foMt=u(fjv*VBwIbM+gzyeZruCx%k{#U_!1(
z+_ds3$G<UWy5G<4(MLv@79E=PTYq~x)8x54x8Zr7f5JIq+_9G#)qwnEX=Oiw5woK3
z{aZ-`Kar{AIX+m!PgFN(nRGzEe<f~Wc<^9K5k_Upd`b-v5q$*f-`e+hiN|d;omuc9
z-26on>EAk!xp6J@=&UZQq%yR+D8q`BmiRfezI5PEvri+w{D~!WKMa~6o~t-g)rv88
zbeQ64k7c!>k=kR|B;7mR!wP*NI7|2s`47G{%vX#_YX1)K;SO%;cb&)5LkClAg>5`s
zh6~aESSSAX(UOIT#6RYyEGnw2ed9i^@85^}o6>vf=kKCtB&DkghL@_d>8I_Pv~RyY
zi~#!5+^YDiNc_<7!MH@sm$J@e9cugkW3qw{|NOu*e+r1iE9xN|>XWT$iCM^=-J_KS
zKdxJU3gYj75s*26gj}Y?Mx*V#2lsH{cR*^$*R)4}_8RmTQC9Q<%pAO&FaMn9Ps~xy
z`}X`^>x=V0CGqB;l1%;aN4KfAfJS`G|1+Rr3+Io>zIMGEHXG%<ri^MD1gwE&!MO3`
z0|r8SF1!Am<qUo|VN0Ttrhe1p3k4b~Yhon5#*sBP>d@;^<F)cM#MsTG7h_(mlFlGb
zdpi#AT@IvTiB?&c33#^%N{QnAd;n@?vjg1wrL)yeI06X0y-L<CBu;+8j4+q`j+v~O
ztQXhlJ*U(b6%qa04(Wn7|0AB;&j3HvKe!-(|J-AWiwPC%dd=gCb_2m!Bf|#LfMaV~
zU)oNdsDH?ccx$@Dsq82D(cR2<rQ{_;k|=FLWKaAVM^gi=#4kEYht3MPf+4W)=scKH
z^OYw?;m+2q=@Aip>Pjb2B=s3neR;pdOg8|aPf6SN-+TSfI0yXSf=B-AV|Y+G^|Y@r
zelyci)Lx@3@5$YSwth8k`J^6_#dknJQsU`n(%`&@bNyg=sT0c#;~~0R;EuR<!Js$c
z4!$RPxxj#>xxJwFMiGWm%!Sp%zp6K85Bnr`-vKK&Af|rEH(fO3gknMi0MwUX{nx?%
z?F|O5;bU=g7B`0)U9WGKXCd!U$wm5hnF@2YzTM$U+L%v9(X$!#Y$BGH>--%<r1SgH
zHf+yW**9M=KIjo^w%Kx;PMP=)Sfe+$i;q=(S@7s5E2%$z7Bsy-XKp1#+E7Hj=>HVA
z^EWL2sT;Z|zIwwF35g@+hhx~XCOoz;bS0ugaRX{=JDw<7L}ez3JB?Ue5FDFS9OHP<
z5XYCx`(lDt$09hho@PGSVZ88QCVN#r>>hq?dW3oR{+_e+4}&_v5z!V>?!^tRNeKe3
zzzlwYWg~2;r1a0W6XS6+hWaugGhH!M&Ef(qNQSO-|7=C2)PWKC`J*ztX&7mBzCF77
z+;I8}UA`2U>&=#t4s+yO9d64E&Uv@FqHWq{dYixURF*XLidI(in~u|hY0lto#epis
zJ>J!o$(l>I)BdL>)NCX~8!oy>>x3I}?Ag(MZ5&OIJLYw7yk#j*Nh|MCQFgzsveff>
zeH`N*KL<nUO_4a!Q`yi6p$v?F%QnoR@fKmAsr!aYe^M19gN(>L6F9U@9>t+SsOk%W
zJHafA_p290k6-uZY`lxYbR#|iXA#+?#O0#PwG2+aJKAI<Yo~w4AfU&xO)s05@U=pH
zj&5q?crD#fDHTG^crtt%b*<}VW7_r`iO!Co@;1rcr#0QSsN)6|(suwIzOVAsk93rf
zVphUrx`^xIQX<Or@mVIoCg`*JHiL6h$Bul}PoHxl@7rYfKKwx?G^f{bhQH=`&f{AT
z6$o`xQ_-QlH*Mer0R^jq@TrGpzt$M1I5^6y#Y44H)>=40spgwDQ!QI!`+0}-bg>Jb
z!b=LyF;Q1dLtR#LY~qJGcirO%-}oI<%@2+V=u5Fus1!jFe?gI)knGR24ah{!5q+(T
zU<=gE44sNd7EXWf3?x{fbkWpumov&lNUna#4^r|3hXT}0L2Z;{J@0o60$z4C9pc~U
z$QiAT(q^)|(4SFcwmdWAM=s`uTld^pMY)b9D?KJ{SP=)_)U;+2s;7aA_$lOl=ZrvF
zaNoYAeUpCLa(8-Iy_LEvzt7@my?=a?_DRbvM2>xXdE4f$vo%2V>*%pYV+b-(X0T<7
zjdSF2Pq$+lT8E*Oeg}%=<%GnKet<NL$`QDGw5jaCGl$FAkxjYiQ;GA=W?aBxYt;;B
zRn}HxyXwV8<)G~7<_;sU*(u@RJD|g{dQ*O0eD{HH7g)O^-x-_l_O)g<*FbXw-k{cd
zA#m%7@g!kzzKEgVa>}N*S|VG)?};AyzD`e37+RuL{g)mncG8#Oz*+J~&Nym)ul)Je
zw<2B!Hqf<fggLD#P}F`yWlMmcrFF})GkBhf{$}Hir2+XNwp{2c`M&d+J_*$JdDnSS
z*(jjY(KB+C8GYy3p+HgW6K4}+PoZksNHc?l&my0_k|+JM9XH=mu`&ko5?+=Mt$9zJ
z0)Y*xQc~14cla#DUe7_CI)FuBMjt8(V;lVPG2dfBWmxuEQiEw&RgU#{K;1<MU=Dso
za#hU`H?W5r450VLsgbAEQz1qd0(Y)`F%DP*z^fLDhwhS&4Dy|?ZIb<V2L#xmn9vx1
z+w+bP%R1A3uMZhZ7Vjs_GrbF@mPH|cvmBql10qRQlm5+)XR3WdV=?91#+HffcC0JO
z!rf&XQJO0U3R=+hGr4^K3fjh7H3M(cE^)LyT@l}+n>za<{T%=gPK8|MX2V-psasdV
zdITpi$y|z0A9HP}AI#)%s&W?gxy_?ep_K<BoAZYkV}SlwUCcdDdUSINdZ={>8DS~|
zL6P}+E`qM5_+li`^zlZDteDYaM&Px*fd$hnp=@t#FokS~FT$ZM5e!x*Rkd^c>aK7N
z#hL1SDY~~Vh?(YYHC}(SFx*h>qJjB=H=zaq^g^8F&$c!`%33qqj7O0lEMJU3zb##a
z0ledXSwiz#j7p4*N*x((4f7Wuz^0s57s9p=xfls#UP5(+mdNTjFFZ##@z-E?heRtQ
zKq$rwQRp^@K#RV3V+SHuJ)+PzMYoHcP%bEwIz{zFsO0Mb`k+Z|Q+`PN;Kk)Q>PJbW
zIs=>Crj2tHMX{ML#-D*R7a{=gkIZhI0>;)S#x{?x%T05-f98T>O7kv)?OV~sIAHe`
z*zoI^O{C))|ENR=(!JSxHHC(AL{a%d6#5NlmAc+J;Z-KwlOT4>wKr{9f4`%^^^}bV
zyC1+hDnAin8aA~$*AGZoDA>vHytetxGb^xKf#Sz<LH<0w7y+#QY8ea1Mybz3)z=nm
z8kNekFg@<cNf!Y(KXx$+n0t8z%F0-}t<e(VWBs*!Fm*_Fq?N+8|Jp<SYY+9e{av8?
z%<C=L^nCV@_??6os=BF(?2Jt19NG}2!#ihc+7LClbZD^O6(xUc)2AC%U)N-H+$ye}
zHVO1(35^v0p?eCWzxJfz@mbzJ{e>t~h=GEIuy}YhCaxALM_h^&nN_I=;@Q~`S6^Kz
bOrYnlOs3tW#6WU-*18o><53YD->3c;8?mX4

literal 0
HcmV?d00001

diff --git a/docs/multitenant/images/usecaseschema.jpg b/docs/multitenant/images/usecaseschema.jpg
new file mode 100644
index 0000000000000000000000000000000000000000..0c9b81102f3b07c5f3b6f6d2ee460b2acb0cf0e7
GIT binary patch
literal 124714
zcmeFY2UJu|vnV<w36cdQONJpz&MFyZ0Aa{8fRf_?Lrx+hL2?{22*{9wq#3f3v*b7g
z$$|s{35v?&JO91s|Nrw&xNoid-n#3pQ?vHo)m`0HwR_j@-Cb34vvBhnKnYUUQU~DR
z0020*Kfuif&VrVT$}>I4Q*|wEwZ9Pt0k?qv5CDL?d3!=Ml-W$pplpPn|JLI#nw5>0
z$6wd~0B-qS%>Bh30GJl~58C`^)x@@TUN*N4zTF;Np0~npm8H4GX&nBB^ZkWe{|#68
z3-|N(@V;%M_ZRMI2vNDkZEtZthkwAW{{gr0@cgTN+-(~LxU0`!vi^d<G$yrkGcvfn
z65Srm051RppaD?+>;7-cx8Pm`0LYvJ0C-7%ud~hq05A~%0R7V6>$nO40E%z`06qTq
zy1$Q!hn1(*zp%r<J>%Nj0|2L`005a80B~;t03d<=3+?vwALzz*OJcs&%l-D}0B{A^
z0oVXq05^aQK=>9D13UzX0;F!R02Kfp?qBfN8SfVG@8JIhM0f5G+#x0+At5FrCMF@J
zASJm=ewUb-jEan$f|8Pol7y7{9yR5?Tb%MQCOCif#KR}L?MQi-`0j1(|3kR>2%sXu
zqrt<$!{GqnQsLlH;oS5BSZ{|L4}gbr3;*+W3GNWy%E84UA-<(MQvz-!-|CG|Oh$6|
z4nBYa2Nw??KyZhOn(!Vw4TmTZt(X$seR>&vKV;Jkr?|3_v5Bb_BE4~XmP<lP8sd|h
zmN6-5VD0Jc`zpDxu7O)6ECoG9>{V3HW7EYetER4L*v;@dJmTH0EaqDsaQ{-}e`<1T
z3%9~<^&z^YYEl7kZ;N<@!~_IHc()Dzg-V6bE=sMWPjFAn3Q;(DhlW-e@+!IR8;7`O
zN|%9Q{nR=kCzphEYQsrb(KKDRs?F=0B>*YjtsE*mD!^mF4Zv^@q(=ftBM_I`d`c+e
z;9))88zQ)#S-hux5y@$JJo&u!D=a1;T4h8F;>WF`Cow~{Uvb<zFl6&Becfai*>*lN
zp!ofl%GHOS5X9hDqXMy7pTv}bb)oLsaRI-t<wtd=roXtGjecyq{q}Kg{BQDq56gd>
z!~fB*fp`#aT5W1N*e@z^Gxz0s$K0MrfarQx1oBCUYLuZj7><qtr56PPaCjPHhTBme
zVk<TJ?-1VrDyn@dCT?dE+%yyb1$+X$omNbc45!!+;=M3r%1M{X10wW^kb;mGZ(?%c
z?zFd8#t_28u$#zEZKn%jp|4w7I9;7_@3gDIE?@u0aq6#N#W`qCfo2HH4}&KALtz1g
zi4+IZb^>%!oC*Kfxb<E^fg%~`G$Zu}kU_8(+rmR;GkT@?fGWN>mg{;)QHm8ZJ407^
zD8gf46=}j$)C79NuIi{5sJyxMOU=qofpEi}!SxqsN=y6WHdv8roov8DTl?MD2a+U?
zK@GoE<yfF$QX;y>ISH-B6gE@sM$$KcXlh|;fhzI`9<Qoip^xd2*&{saAa+SF&#S0L
zC~`5E6qS)_pn7@fXtX@760(t)R{OwTr>ipR{^?_$1H?|1OUmIAjV=fGBr7BJ0B}o=
z?S+vGERhS-B#);hkNlweYA?_v!;^wPUuMCRl#t+AYQ(Dmdq0vrFXy|tN?^o0wMcq)
zb*)h4nfE`A4s=)Y`R7ZY#;}?NYp<6;L<z6(9Nv1MJ+85Y?05=Jk)QjuOEVFXbj>+-
ze0P*z&30hFPdJt1&CZlD-+hQVxqD~8>#KGEsnQT!RD>!!CB6nd6A9U;uA5iGufl!A
z;zH9GjFKtOJMja4tP>_&<g&?hGmW#}dy$dDqY#=`)w~tCPH)@Ngn30o9^WVLN9F?v
z<U#H(6Ap96nz^SLt9@)6z^yiZBhw)GspT2ds49wwIjz&G`AtVWQ`$x*j^+-z<!>M3
zY}P*%+p-7aLvmlYRSr1oe$<aAS+o!A3Ok68B@DY~EXk_qI@rzo2_CMM#7vhl<q0sK
zzTCJ0(8;v9MJMm%KB(J}VyezpT*C6xS?4qyouxz+V(6*Ng#75VxHXg|rsrWS|I--%
z)iUi&cRSy{d3pcJ{gW(<a}&}g|7QsMuV?EYWVZfq7W}WB{xawPyioQl?DKg^k7ug}
zh~_}XUDH*NI;EJc46l$-N2ABETvC_Zb5bCcW@}0{g1-{$MS(`Ur?UK1lXtVam>WB_
z`Jh?zti<tJ?C3<Q{Zp{X%U8}Qqo9AKmBL3KEiHCx`|Z(uAA4YLvC28R+vj&hS7Bs=
z-gy9bUE`7e9^<>*b6B0TH4u{gRD1HmZe>H^zZw01Jw}G7>3@W)AJEhD{;6o1t2C=Y
z#IA{73%bzmToYuTxYOk<(K4<!R()`9*2o>!G8kr}Ik2CqD?t%Fp-G_;WWhYVcCr5<
zx>js3E%74D&p%Q8E$!N8Xt|LkHuFVOLvZHt6!7o1qbRPinBn*4O!ma$4?zXe=&&UU
z3zHs7_|1{`|1u-1;D@I|?-!d3a}coTE@^Dq9}b<-6Gzw8k{oX~bhftNYNW3yma@3*
zTqgm}+(83UU*5z&rQeKv@Uq)KM<f>AmTyAA+qvoqGl(W?y5r90b8nXFdmpuh_bZz4
z4@JZ-C1dw2+y2Y@@vp@@#of3h_;$g#PI|=JHFPS>xa?8Yak(|@^bP@?DZ}t3l<?<5
zK0=c|Ltyyq4MlJEfcFLoV@zG6gk&;ktA7xLZ6|C>IaRO0RHZXL$NZ!CrGcWHa0IS6
zB!|R1gCtjdn^KGQ<A1HmX7tNna&9_m#<E>+Oud>L&HUS&FM^AL^UWKvNB5n)=u=AG
zH3zu;7(!2%bbNg88(!**^f-0hV7VOPeWQRE`}$iYZp#+Db+$rSM9R7vxHil^KeJ^k
zgG91FIfSb`$?ueN@A&&u{rg)VXrI_1d`z|DwbAyALLopmKwwwFV(iKaxhN{kU^nrw
zQnDZG(O_S{-9&q7%OeAy`$3h*>%gtif$0rV1m-?H#UE^*^}HX~Io`AU0_#As&|9~V
z?oj-gbtpL2(^p%=lzc$94v!l>U$(5AtJ^KXJ8$t{sX;6#Ta_FK8tu0otFAorpjR8C
zLsfh97A%l^l1xN+Ub<imi}y-F-7<DtL6M98ZN01y5xiu*wV3NwXHRYGopi(RBd)gf
zAL0CviF{bJPgAWbElxAbQp%l?zZ?JGC(hEp&6}(aj|4t^?DKc;9tR3gAl0q<1#2FV
z-2rCyL^&s|bRH{?g!@kz@YXj+F2|(LY|NYm_hv|Fk}Me&+{x;p;7#N=*BBb$Jhkq`
zbT=&s)9*ZWdF>Y+&|Kr-)WYB<X5pka6^_o}2Gk?@!b|mN0!>Q)%juckA%!A!)$gO-
z4-Ch;38CnhKh}x3M!OU_l33&vjQKrs2z&xnpC$L4QI5XL`9z5;(6{2he8zW;{{7F#
zKaD~Y<R2J86gRo7k6oiZGF)FoPtkSvJj``+nv7z`=W8w8SYUMeTB(uFHw=;&kxD;2
zTGsT}DqfjWt4Krn=;(tWp^&r!u_~{%r@fD3e@X8$Cp1Ba>&9O^ru-xFZ7tVRZq|_i
z2*UYWI~o+<|7t-X8d6jQ_Q>Ea9t^mPK*xN9PJ|_)@UN0crpwRW9uU<)aXa!g;kiL6
ze<WsqDlEP)7!3PrJ~uOR3Ulf!=jJEi0}X$Ar+aKc2>oJD@5?byR<rQcv?-4+bHcX0
z7r)C<!|5ZkN=WE%3F*!aeN|KXj4^$rWQ$VBRWV*!yWF|?qf;-CDKxG{r$qVtOrT%}
zZEdAa;FZad!!L@?8-Nt(22flv)z7tO<h~fxntxWR-UKyt^76!B-GTBee2Z8$mo`O<
zrDYR0dN+1obYFvoC|F@6m=fPKg{^T@5Rg~EPND_!X1NpUy=R^wXmY<pGfM0verfly
zJ6o@>w$zHbSD75zkXXa;_4HGmZzgXW@@YNVPyYOVp&;GYzI}jev55}IfBYD8(QsXv
z)!-+81L${YJDFn%#d6$b%9R=QVzQLQWBhnxMkOqJFL=bf&81;<a1s?E^uD>ce2|}@
zcc1=inVi5U4Kjwxwa88P@j6Q9=>W^c_S)Kkmn^&OTN_uSBO?sV?Y;}Ym&BAA^0(Ay
z*^A@7i9O<nShoEim|Z!}iNrModGR=~pr!o-<e8g!IITg`1-cOv(o_X_<==4IP4eta
z%*XM2gqS7Py}<O0wG55^{w^oUE{Dc@G0tn;Dc5ms5#07Rp;E}owiR$F0ZZxYT<H4i
zWrL0Q@=t6wlSgKcOkA3wLQ`(8lEU78bvdH&{!B>N9Bol3kPwohs9t0WN4~6frITv7
zmUo+5oZYK#lWUY}^A(9(Jfc3Di}PK)<9$v$lFG;lmuFXlMI)R5RY+>x;&ZuqS`1mQ
z-~<ZmdR3iIs<j8qV3nZDc6-7W#tees_J=35e&=cTOIW^oG(g<k6z?Io620suo8W$6
zQ)l%RQ>6Xo9y9nkyC#&9I<wOQQPhNDEF7be@9(UcuIs<jj}my45viKj6TWtmwyvNo
zBr`UuhIqwfjYahGe9nyT6RO75&`Jo8a9c6hski}5E8-2zBafx?YI8m<1xtG@2NCB=
zQ^wo*F(t;BEj4NyUq0u!s};A=L}(;&uQ3mjIujVxrSWZ9SqGWxrVDiNon(P6hBgcF
zi#yNcK_+!4d?4+FRlg)>>UPp)r(74l_8DWhKMjlMEN<a)i8F8)%eIxgwqAu3*0g3H
zd>pNd&G8#3urv*zpTV%LfP8)rUc=e93oR5>+|V`I-}S0rB)sFz-w+8wtX@Mq{4dV;
zUzopNRz4%=Zas-v+*QRC^Keo>Z~Th*2mmY@rcg=%yr&CjFMaw>M%owVgVN<)^AN9!
z)`wE5Ff3M1@+mOrD?auoRD~>o^IGOA-IEEXr?a-A5pTIY@uac>1#FwffK<wXF6YV{
z5;GK<E-1eTLsgE0*zWc(QzG@%$L5QXKC5M8&5?7*k=X>T3n%mKz`7aExLPLYyWxwm
z?H3{PS8tmuGj<WN;4A|^`_nS*oY#&(plbZ<%sW#C1;(BDG02J#!Zc++DxcUI4c2w9
z-icT@E%qj$Qr4k5e7-wcbLJ2sFhfB=F=Vlgpt!3pYcpb$)K3?T93)+``%;}UFHx*U
zyjMGW_sz7PB703*oJG2-b#B0qrMb2*-+fkQd&=q{Max46WVQ!Z3Fb@pTOP8sN>bFE
z_rZImFd8}%cYPYKzE(td{MTb&-tf@ko?*q;c9rghJ|VM_7JS<U_sG?p;0@Z5BnKHR
zLhAecer!O2<O6%jskSMxAbjm~@&`OS(|$Q=veHCJpW0RuS>WuuggO$SVlj$m4K$0v
z1d~8eG}_Mpe8=u+&84-0LtR!-sZ}b^C+3G0rkl3xWLshCr^}>uWx$;vo0e~XhH^I*
zlwUbDKI2);eeLH-l{Sjz23zsj@o{r85POIr-#%%jEyNZg=~f~p15tJvBZ?)v+q?;y
zEzk|HFAuGs=-f3iLK`_69+5^Zsk;T#lJiHYvPRZjnY!_IZw^$IMr1~c$2>a>sIHiH
zZGj!=Q*O~u3DMzx)k&~?)g*Ljtp5cm1e!+7)vKqZ-vBBXDv^n1Q|%w}5e9O-buQ&O
zefEWzxb3sUDSORS=U2Y1J*r%q@XVDGvBKt`#y{0R!R#De9Sf?lZL)sMVr?()*L}6f
zU<(u^tho@-9${I$s(K7;IV=Pv&4`jgNFc0$b~~vhOE~<%c#8IsJ8vQLhN1|lyV*$|
zzlXMORFOgFEs@kg){n0$<h^g&Tus({76m0v!A{EQ?~3NaA_Vkj_W9%OH%Vr<R=R1e
z+LbV{QghdDo8Xr2Ja`1ILb^~HVj-bi4<$8SoQxLN=C%#H(_8$Sc_i?Kou}{A%(;)i
zsOcJWJ+|*UJj3O}iJ|OAr)Z*%7gPOUC{NZj6LjsxRSKgavgcU(UGj>StHd7E5J&P$
zT*aE)*97zGi;+gGZRw_v;7E9S+BImp@QKe|_0pd9)Xi__6`yimYo!zy*F-~2(nNJR
z2OB)V;nghzmxpsXaS|GXVl8(T&d}xY(1}KvanpM<C$$M53ihYeVPVx@?{rXfw;idZ
zc??hud47Fq)oD?s$7{ZEnl{g4P&a|mud~oEnkj5NXLJnachKsxNM-=i#h7F-Z_F7S
z*gWcx?qd^Y0%u5>_i8(;+Dv4(5FIYdve(RXB>R5on5UU;9~;ut(qu?A6DkpQY#Xgn
zxDasKcrn>zkA?p%C+=MjPiYdf3Ijn_{}|6w6+MAWsclB3b}W(?X*4^T(xzMV00$M`
zHXO7LF!C7r)Pp@Yc5S!XmzL3l%r0tv*ryLuM|fKUS&J}BeKH4hx*KUIz4!ma3-#}B
z+XYH)09SqwZU9fczH8Ag*W}y))|X%YRve$?GAg`myaCX>jHVKfYkM%1{u6>cOyK()
zHwI(b<I;@>eSetF5;UOI|LjX>{0HCHzc2M)-3U10-+o?h1ABucM>rySEg7Nj`iI2s
zGKuDW+#NDiYdsXkH8%+Rw!m%8=Mfr;W0~hYv)GXsp!@r>`PuJW^T%!`_fwyq`1oCY
z{B#32H=1gK#;4it+Rc8myz}fJXxQ(#qx%MMu(5vanLp588gjiX^5>KA1B`%PS#Zqn
z9Um<GK)TiE6#SlzHr`A-yf5U5@E7GUsR2ECAGze|-k9M@6MK;Pwv(%pz|MClx9|65
z<nZIVW8hln<=q=VLu}OHa1iTh-u1D^hijSUkmX8;8$j+$@f*Ok^seRf4Pf*7u><x7
zkP~uz;dJ#iYt7+B{mS4Oh26IJF3YbY2k~bWr`~&*ry711!Om^q*HW_4B9=^7ZkO)M
z{thFTk$((+1cxv!iMpULeB(?VT1e}RDC>JwQ`N5ANm;_O2+y5seJmt{#<3v256Es~
zMRI;W<w$ayA=YEP%`dG6VLv3sG9)^W`zT?+;c0c}H)8Nt7WpnbW%5cdiyl>%#WmOF
zvtK=n0Z#+k9OSb`=l9JI1L4zC*!gE9>o<V2#GRKn0Q+BGmtOvQ>2PrU^2~kZ&)8!Y
zBQvn`=!ncPif__05_UZBh=IHPa2vjrfMw9-|H+UkOqsTyPOTKfg|;niCz`2e#+xty
zqBJor{)cewWe)etDI*m-x_nMcSYvO~iqJy_H?>Zkp}E`_6nstW<d3jwin1=sBoZcX
z^a%^gbH}e9y!hjaya8w#MbTj287+Q)Hk7$dG+hef*LQbnZ?a%{Mp_SR*zj>O<;;a|
z(AJ8#1We}osy`G5(z~kDhhH1Klgn{;aRw*epTX`yy5O2%9hwLN0+wP%chdH9|KwDx
zYpvym8JD8(1?%ZD{dV`*u+AzdJ84=Q{K8EO>;wYwNCogi-r%TlnPl(q%uc?|HL2TQ
zGRdvY*UM_xig7bvcBg3&4;qAz+xmf-7w2}`NM}S@<%jJqrfJ=zO6f{hJfzP#s9%?3
zIT9osQmz{EHb$R@j=iI9_LZqi4YNR96bGaW9v-bS1uG}i*dlqYCup09ScSPV#M#mD
zr^v`3;wKF}n|RdA?Uo4UFmWlc;=~Ff(%fFcsea=0Em{sa_|jy7tPw@|-nTP;P-)tC
z+jN&u7bck5f$|1|jKCy6prDCjlp0qU4r}eeGo#aeNXZ;Bj~b%%7*GIB_D9z1WY9G%
z?pV-zhLF;6wu!2yvTHse7}MfySMSg|IVpFJ=!Re97_-=*P2E^pvD7OpnJE|ouSKvE
zk!AT89{_8f+{~=1w|c+mp*6qM@kPFG)7g4kgKt<GN~`8y-t?kVfouQeJ2m7>M;Z8S
zVuFv1S{b)mQ?9=_$`tdK!3lzvpM_B(`MzrvnXs*AMJ@2!`5vsQI<W>csfExuU^CAg
zw-g}ea5%RWMu|^}X{s8<7Ed%+Qjv-nu9v#%v*}uwg}aS&bUiwj&!HXQYDT|Jn09pf
zxUaV`dx~;X9$ErmYnrm<`&LD?*ZKW>Tr;8uUZv<X4GesK?2vZ$J}bvJk*d^AhPyzM
zJ8C3?2rO?><R^%$tELM<+xey_;(<<A?QSQjWnX86Eymvd%%S<2(0qWtC=+V0+$D;d
zv~1s6P@|`AYSRF_T1vM8(_<@(C;o0p`{E^EkE^Ui3FpJ})kV6Xc=ePl(n8%vWLn|O
zrMV{mgrK+HL_%aLijSMO9m&mWt36dW_p4mS-(kzwZ`~Z$vRUq$Nji)f4YAHme-n>h
zveEL8+SrmCv7)}qKRdGzAOVI)ZR-i`=dT*|R3(8fRK%v~@Od~c-i$qL3z8cWK#uT>
zEW<Pnzz~q``h=TU+1L@M8_zXp%r)0a{b}m+Z*VDaoQtuQ4btCDwfTUh(gj&%2c#y!
z`gA(H+}D+=?s3U3{yP5Zq^9rf8dF`*fXG}QC=r3gRqHFEp4llF)z$*Jr0>s3$!$I}
z2T61HrX4ZvndoZf6_1f4i33Nf(E`6;GpF|=hXz-ZdX3O&Y3$nXF=^)9PeLJKcS6sn
zKl)VYif$9f+Do@v_a$y#V%COEu)ca>8|&f=pU1#4wyoF{>aQ`(sE9XT{5h4%0k8E6
zd1{iS!JPUio91!k)4QJ7j?+ooK<$V{`25`pb7xiQHd}vPZi+N1?7q*t7Of>N_LTR2
zydET+8N8e1x;FsA5`+p(ANN84QM4R~m}$HmZ;yAukqQEJ?3h;NGzNq`jkT{H(~*}@
zpIUbG`gRbqn+82&m@Jm}X^=R3Xo6)W6JudAR|xIY*MF+B&Hcn1pClW_pW&Jef)v~y
zfB6aigZ;mW&JEz((c?e)yI)cSS}bluDLu_MfS*Bci!>`$j-CGS-2kXLEEs$rrwV;X
z31FH3H+voM_)new2-n;I=o!}jRJ0mbnwk8YZzqmE#^g9|yg}M2a^&P$cF9q!M`#JB
zuR|L0UAv@-q9AXV1zpWs+bsU5PK{mjlU>E6fVN~$SYA%Znrz5sQvP_!dYjJjZwZs*
z7v6g<68Tv^!J}8UxvR5{>E$1czO8kA$#>@(ih&@#{t8As*-3}_{G4Q^o!ZG1#CTyw
zz!ebnU9<G*YRu~18k9OQs$;s^bLZv9>*F)q+Ml2r(p4!%;c=F#e4FGVo;^22Q$dn;
z+K7|><OFMszf|f~^uB_|qkr^UO!uM2jDCr1ja{{PNu;`AJ%<+qvlS1IVO7mp;tGKN
zNIQAqoYXCYY@}~;i1nxIx^Q~G`$fKLL$2&;ttd}WO48Q^Zf-jzb|@8@!>L){p)cQD
zbijp;PpS)M=`bCZi+Nt6Qy3dG6vFphoEB}U@<vHN00Zh)HmdNsvwlB5SSlk!rwiLT
z=yr&!GO-N4XmNeN6`4uV+9O6cVRs1`+M!#5rcu*)Px5LyK7#yWY2I|-M$}>u1nGwf
zDDq7cb(E&t##JIgKSzyBh%#${5)n)jsx@D$V(EO|tcdM=02_;aa+UFs9wN%Uj%d!v
z>cWhlMR)ScC*93x()H2RG7M|3AS+jM0Su6)p`g5u#M2EFuTBolSe5+i5%&c!(9-~-
zRK$C+SkD5PM(jeURP|s?%B!K6p@~QGL%bi8EzSmXX^Tc|K72^?_0OXHLEnzUL7Hx9
zv<QacYnZ{T=9o#~&!Zsmtv=KGRk6W(J*=Z#&qsCg&p$DaK+<PRpzG@14<880iwe<?
zwG0EF3F#6z7Jok`vp#>6EERpv>T`{BtdNKeCTF%&qfT=nw)Xv*7VO|Q_sL8^p@TF%
zY=y`a=dqC<kd2FHK!i5XC}rGU*DS=!IAi@$OSPt}RxW2bztEt*5{XKiw>LMCpTs!g
zQ4N}+H}~nA(Z?dxA=@0{d`>fisSa6WS!8lFFkkr;MrB*6f)tf_+TwWfR;ud!a$c@K
zbH&Bg$#mQCeOm{%Vb|VZ*N?u$Xzm$bUXo?yAN%SneKV)Skm`^4)z8B;IV0~#9nc-e
zSMqd#&So&&>`yx*_*dzsn6}j?@ob#<R+FlGg<Ry4p4{$cS5mE8tCY@d(iL7VrmG?s
znL{^@IKVIJHy2~Hv{9!Q)grEwE9JVMQE+V8bPG?v`C!h_{g77nbojWEQJrvUooq+1
zNPaPV*;3OL#ZNN9?ZTwR7VZ4Q8zm%I<(!nFd8MAVWQ)quS)UWNN3Scsr5`>{J(%}}
zCA$V1e5@h0Q+Gn=Bvv}{Jpti`3Idf}%y?_Uv`k;`4+#3-u3rVC1?pvS`j%DGuk8jJ
zXi~Dk+lNrg#dmFxye<$HqhI=nN^Att<LY%XC=lhG>XvZ8_f->=Wu;SGh>!b(or^sD
z%0D}&EG{p(E?&pl8EAR^6g4&f@)>Kr&<IoP(83VG#h3KO(1Uxf;Iac<+UAI}nfSKY
z^6fMfER-19g`cEBN(x^PT4OTS2}JIeyMdJ7z92Db7b=z>jxV~?Kc(Nn4toQg^I;3+
zDL3$SF|BEf>O2BE_x0N)vyYfzkQVyfb#e}Nh^C~UKZ1<Lx6?YBh?g_y?!8aa2vmz7
zVi070^UN)tgGN@AtO)~Q9~7=e5#}jr=_5MzK}320xt)T2qBN9n-<uq}2(0VKa?{p*
zr?4|YkcwEoa!x27S<`SFu9Au^+MHcYBPfBzo1H^Z#xQ(+E)KkS8&-y^;~0G&cKLKK
zNIbqOn%wh3Aa8`v&-q@9upqA!TdX9|R}fMoQ=_~~FPJsT1<P$5ct74SMm_}PLSrng
zcIKw=oWZY+NepQko!a!<boep6LrYUf(jGk=h<guTKTifmqp>b`L!k`{GZ(vTeZp#x
zK?;c^%Aa}4dLZhwc!>|%qjgsdK5ciBIkehWtRKsXlXbu7^<)5&3k{@%VV~TmBox(J
zHpKN&<gXS_{3Z07?$E>c(ASd%`Mob$_>m$aM7}mlGkQ4gt1AuIG--no_`F#;8lQ|j
zi(}ueKBgmYOC?{|H+==Ye6XxBT77>3A}ofoEULjv6@IEqiaP%=9<%x6Fk#qW82&!I
z06!E!TeM-?kwetyx?m~Kq7AL0ySiu=0@~R%A4sKRwe<HjK~HARC3W9!lXb_w=)`(@
zp8F)lR+JP*TG`Aqc)|>olYt@wb`kQ-jmAmuPbm$`=4$6g@;cAq(f*C2&gKjU(mWE8
z$QBBT#t3#N&R&`%r7JSk<-?2Ugio8?QCn@1YF1^H!}VFDN{vNh&Q1dx;Y*9oHsYMs
z@o~7N&=7Hc(8><2EAuBiUxriH-q-s%h+)s5v;kpiH+QX+U(Yd?f!f4(XQa9z)c0Kz
za3M*!hM&)iOJQYLDGmEUmKJfxtfl)7xoxhKBT!igb-0k`F;1Im^Xm#9mf%1}uZ9iv
zQ4sBiSCohM<8=3&HiXTna^=L6*}9%!grcB6nj(at4dC=B8Hx+##72HJJy(JVp|;7)
zn;Y@N=(Nb3$B=E{+jef+3Ak-bM!O?JLqRE9_T3U}_()tDO^&(WQ(P`_V1xEQlal1s
zd3DPMfzlY?U0e`lP|uShlGeSNDBTs6-2CFQqS~C#56>K2r|$>1F7BG5T7<bqoEOOx
zY{(yOI%H#`fe;qsj+Kw$X-Vo$M)6xe5;Wq&pz~>4)I!XP@o?)|w}6LfOUq%Qk<Sq8
z^qS<9Y3^ilOSBl}c$AhLlCPAjDifhSE|^P?S%A+6d-AxX%Em9R>xA{i&vVeDcecvP
z?d4wMoEo$!;mn(ZsEd*$CMZ_9zWq51TIXnnN6~|!nbGdxd0DWdGz*H;gcy!Gww&?S
zoe6sy<D!g`+760G7NCHJg8#!qfYisFzzA9^spzh&GLrK&#HuLnx)zK!6744!dSL2M
zbb6?88NDKEZ~WKB`{~&;;nNe4v@))LZxQCbb^{>ayaDVTg+z0-A*Wydl25z=l(zij
zifMdw@pdEe<TfWI!{&$B8VJ%+*Y~$Y93KBarS(-+GG9)gP~4_oko_3otTz5nR(t<e
z1+iM5w;TJ%C$I8u0Q;4w+k}e%i5tLulb3O%$2R~Y3jw17TD;^BHufj6(!P;rr*GS2
zR;uAC)V=v#LLlgMkKrlx&tTeFr@afU{4#9iWxvB>PGgVVRqdF8pIY-11FAOhVbJ6%
zV`YB&z0WnVCQs{icuPBcj(;A^EOfW&?Cy_*j8|O#$;W5}aDyN<E-|;sjxKMc6^zFd
zIX1J<w66A>?%W{bnZ}d!39DI_kNAaCOVPYfsD0+UTbI>FL|r6fHtpKB&}Gt05v|JB
zs;Q#r{3OE&t~(P&H1$Rkjue(iyB709w4;cH@FmfNRln|Kv6hdJ#8L<?P!;f)LDF<o
zoLOy^$)cX8K1c3Q?D>#g^j_{{!q*6aC(7n4O`ug0Z$b<8e93q5!|`Cr7a2d#Zvc}s
z-Ac3ZGOb=IOD?>rZ~-nf^r=9{sj(S!H*0%yk$XPI>l^PO0zRz!LO>!>Ol{}RkGkN|
zvco1;u?L3v*15cXq9qfIpikT0go<4<;LMSMch7xIP0W370JwMXsE=7Uk+7P1d#<Hg
z{bw2c^yXPk)&itw#_9Lp+1as+o^y#TUXqSbHe#(;-Lfq5Svo!L2)5kIhG%r?e%5Q^
z<Ax@@Qx5d00jC?qF50R@`40(sJZq-pkmRv}3oFf#F_Ey<R)p@=zPWN46Eu9+<2P5T
zF^aBsHfYlk>21|{kw-o2j2S#Vdf5f5aonmh3IC<i09K1x3~XC=zwcA$iR9(X-j{VN
zr+S;f(LR{aQA76wNDe2<E51vRZ`Xa2i^*G`Gn<2H5A-gdoZA@>WiF$~8eHBO@TKf8
zrDfoI->1ZCvKOI*oD`3hhK5Bm{nAB;0%+@E8`B~haE9O|D&=xtAdB*8@)h4$-+j}s
zddCoWu_N|L&DHbUuwRS2HhMIT_enMQ$q}A1h5lzXja;otdH3VXlyAwO^ilF=S`PbF
zIbR$v6;jr`?tUJdT8}gnQ;5X74|XT7p3AISs5T=va?2aZU&;q9#EQ0va5rx&W)(-R
z&G31H0P;;tAMRN%Jv?|R5+c+t8JJ2Cm2!B>q@$|R>y^$WWL4S%+~GqtQNLeYtTsJd
zR2TPe1~)E=3E1vU(C7<GIKf*Fd<fv|y<90_G(>W*W}M88mq#euyE8l+wv7WO*|;jq
z-%MxwG=Ij`LTKp|G2#a9O)wT$z}wnh1daTth&TrM>O51t_oXIM=O|EdlGAPRH+moy
zCM4}3G;w&}lzb@BFV#10#7z?%&rOx%1SXd;i~?O2(}X4w&uY!D%U+AtNXv6ya0%$l
zwt$^SaMe~t96LluwBQ%X9}Eea%^kU)^U*~s5|tZ!3EqaUmQx;?{7d+XB|m!XukaNa
z%@^a_@Rf$a*9T+|M(c>?j6JnvE%GW=BV6qRcO^1E2|y&kD45nP|F=i)z8U#un9R2$
zBhvM~9fF!a^tE_<IypDEmxY;7<&l~mmeuzen|K&f$l54hQlOz&f3`uyi{C7y>>&N^
zukD;IHAQW4yGf<?N9%LNO8LuRuhWtt>pcdSSau9d*+!P0ubm`pruy19K1XX->yG+%
zmNlItLRdPkV*Czw7rXw0RN0c8BqDse85E$dkg%kKs0Nmxe;azF61wjivq<87&P~NJ
zn2vQD)Hj}BQhp=At%_5i7--<+^CD=_)PW1_^i(nfmZ<gJ8#Y%NB=AdN<TyZ=&Xe%{
zeb?71*z`fgrVRXkT82`}Vwx{ZOmpZkV`?SGvQVOO+Gq8J38qKoU0fBr2v1yL;}0?#
zYcAkE4&|AnBUpPVikgY5)@re)sLHUC7p?=EiU+0S(x$>uL5t789q`^*&+PzR-M&Kl
z&B`WOoJC=aYp@cTCio4Aldfrpy13kB_09wnTb^bO{r%uDuwUP3@7u^qZwv#5-GJd)
z9s^htYN@65GYK+-zGx|W<(eYFHZuzhdB<Sk`y0tg(`1>`#ns}U4c~xgnsY|65$3|h
zK>7UJEsIkaI^TOA(v&6nbvyR%3yhcvGJ)wgYoS{zDZg^cQl|82zY7&i6BGr+3Uj-a
z0ohOrDKttDpEQ)njG!u3*ssM)#MN9hqd?R>odMHXt|KGtn$Bbv0Mz0xV1~uRz0{m1
zjdKiBTmo=~e>hMaq|`1;=5G(HVkP!`>5g^k&s(-etoq6!Pz0a1I#3u0)CU(9h0@(`
zTrG#79K40RMB2>RR8NupMc_P^s9h_JeNp3PIcN=PuMABI)vaJBhP+|?Lj5$fYTGo5
z<}mkeeAiC1nQxvnMYCCcqKEaS8>!_&L|`nZcZh9THF=FZ7@_pN5w}Yd(nRto9c5v(
zh=#(NE91vGx0xBoMa&qzz?Y<+dv#(0H7Xt%_5)&XE*39(K@sq128u^nRqR321a2~s
z%RV@|jw;#CFSvV{)NTL|)@yjJhOa5|579D|M-~x{7^Ws^7Gl4&w9qt6yMQAAaJ#Y~
zX@I0w?4(())AP0E%VEAr$Brb21o$f-9<B+F3b4IqF!uMTIb&?=4^cJUi)|WU3gob>
zk1FA-ihARLDW5;N0q`6oTx{t1D>5!RxO29c7eb3Q!-~5TzF#vYHwm?tOjc6y`cZ0v
zAbN5@cFTU$vrnZJ0%M$?WZcLyH?kavQ6IWSUXR<z98?laoiSWnCTIHS++pB1OlwDH
z5kX`0B5>N8X|!ksx;iPJc?kCR1RD$X)rkq2fdfd>^K5IhOOL7EV!UDu4fjYH><HVL
zKxruk&0NP46>?JnFWgTA3zG8@>XWIpTwSN5?o1)qJ9p#yz|pKKq^(RLcMrKgK7&%;
z1^^cHNLGrXaiC77e;#xlY_ha?_<pWoY2i6bw9ed4IOq8iYu@&vjtXj;x|p}?J9zpE
zVdF&%6aF$`^2AV41EgLVQ~&d4vxm;|={!X<Q<kaa=xY0-r=KS{KJpspYh{XHIofhH
z<(mQjY<P)FjU$dy#$=MYvY~R5d<L<<U*fkl;wH1ItG>>0!H+S*FS637wxTudfUrcF
zx3#ima?M3W!9J2+C|+ZO8FdogOfOR9<J2GOwhj-v!rOA4=*`jfmciZu*$M#(9YVZ;
zJw16W<dW}zrd}cQzVE8l7p_El)$9Vyu{*SW7}#l?1{Y>cEn<X=N^G6O)`qfY8}8G0
zDzC3HomNECMBsT@CNM`+8PJ<juj=J=>niGY&0g=)Z0=Z#(3NQO)or=J3gypQxymy?
z+@L({znenPGGW+sq@w$^%xWfFh}YF#rQ4kkSc^%-3Z}o2nS16~-<16k)7gX2&Uh#3
z){J2hknhpo7=SxX#P3ZKFRLT>f9hLvVc5ssja`Wldj+Zcd9)062e0tfZwsxQlFu_(
z4$VqATVTj2*L}>>m7dN{B|M#5T8_B)O!U{=!p&Tnb)WJYsweHz4$l0i*E9%HMbETY
zSQY!_-2TK2s);?Q2^PLzW32_bS6f`JKR)Q?c$UEFm=nIFkSXJp8p&>p_6-n+m)N)~
zOxmzyP7fHC9fQmv5Oc;-Bi>ql%LEjEYCiVE9I6Pd1_Tva{W~5?+J9UMAN`}3l7HfQ
z>1E90-ZvTQ7KvLUFMyzn0h+%pY)SvkO1S=?bEEzx6AFp6&DGd=i_SZXQjqOJfY-7_
zuelHB-2<3&Opf=Y)eY0iGa;D6GfyG{;LnZLJV1dY)Y#}Caro`Aba(Bc@a8p1{@}0j
zKWD-Gf2NKezb_**Mk0eaPfM@IzExg>oBwo|)<5Qd*}g{dp|LITfFI8YWoP-19m@ZS
zSLm#hnaMwO_$OZfe-{34w;ENcLjjPCp1U!-_0wWT`3~GWi{8!QB8xiHo{;)9B)|ud
zR-8Pqv<_VXlm%^t_>8l9EfVIm+~;mtynS97N3z5RKi!xbSH`E+LN4cZb5ce1WSK6c
z-02(q9NixSuN&f*<`&rnwGOCfP_^xnPuWFEyDW_J-`ZvyPCpXZfm_}4VIBJ^Hp#o+
zDc{@y8M9ATyxo&H#~2!2a-%mVr+K_gc&ADO<lz@X;>#fP(J_a-3q(D?9<VQWPJ8Av
z3{UrCmlPIS=`$yfr$+~Ph6O)rhB_&|)qLUQUi(>2e<rMBHL~|%W=xDQrMvS*eE=4Q
zK>s29WO9%?7I#g%eK9Vhv~!FtwL28LcndCR&$rL-2$tK^{)ccQZO+P0^%ebC^mQ7n
zIC_HXA{@Hia=(ECLUZksgcWciG0^mp6Vm#gS~F4LZ1VTurt?N|9zXix+0f<5C6mI;
z-c->}N_&o(Bv0ojzcm(L_y@-mqq8`3b%!^X!gnNn(%!(gKMCFU9uC&kPLyTB<n*-t
z6y516715Ek7*}c2%M~5=M_Qw;5T}AA=k#mq9v4T{o_m)yGs`(q{Dx6)Gnxj6gIlMa
zV?xc?{0!?2?;Y$uTvqxTQ*&&c?(@mK$HNe%<k)UUzmn8xg0Xb4{~7t)&$BK2a8I8u
zf&5$SgL-pB4#i#3yYT#PX+@jvQ8qE7PSH<`Se^KYJ;-!lJ=wE-`8J}u;p5O)+v;w9
zt%>0Jwb7Yki^cK$vdaBVdtvj#xzTQ&{EZROBSuN?h(bqdCM)zaR}I7*mO!QG4UV{!
zp?!b|O>=Fgx<$WE!jLccp`GkoOZH5%T>IspFz3-FQfY&+q*9Xf#!9bB<Lp9t^j<sr
zy5ulz5f-r?!p+a~h^X=5?-VgCCQL~&kDF0)25)(~jP_a}JQtXUl+Dv!Pv_<2@{f=W
z@Eu|BN>{Ne0B<w*ynD_$_5I1yC{V2;>jRTRUaQQg6m=axKa6CG`RPb7BErVcr)#7Z
z+}wHg3BwI>tI~uWhxhxbPmk<`MLaAj$zGQJsWj4o%B(Au_kQzcnr<4AZ?H!cpi9XF
zqOFPH=fZ!rSvC#bW0s~AlIZGl{e>2)Y>-Iko|`-Tx<pIG>8?)R>%4H37ri%OB5>6&
z$+Lnx$;*nC$DKLwD^N36pBdHQOfrROa=JLXqPPjzXl@;PQ+0;f<w8Z1y8Htk<6&7t
zO%*P<&WncO{ldK2B`F0+K~4*h5=2SPktFndenc8<8$N7spT34j7+9`G!4*kIO#|tm
z@D4BMdR;j2`fF{3nd?Y9CRuoz*u>aI_?}lRkr)+=3utc8OQ(wjLRpmO%}vbZOn~Sg
zKwN3INRtn^TS-UF^K7IS6>`{&D8mdA0guXx!r8e&GifN!k0d2(4Ufk5N7+?dm>Sus
z1GBZwn7@0j34dWEtF)joDZ`euH8HxFCwz)p`Zbj`Ijz`Fca0b+kb`Lv3*%oMlKiDO
zG2Xm|q_t^9wG@`5E=M12mccOM%1PX*%B=wuof!#)yEZ~n!jh!mOx_bF@^kX?^M-4)
z&QZJe8?po~J965Qo7Gy-C32@`wsInUO*!iD6iM7H>RQjo6iL5aEx81?f715vImXR^
zd()rY1=$rAXMhrwQ)dL)aVDQ6NtWLWY#`DXRzD<C%`Zu%(@<o_jI`c)?L4nWyDzm@
zbEuv@BTV*s5uu>`=+QDb7^#&opT~t^Ail5hgUHFfV{;TTv4jJOi3UN4*+^21xnnA(
z;qNOMnwade5V`2?hdEoyhMuV`+L)5L5j7wm5YK)RqeGwyw{__2s8U^qIv-0^<p-s2
z&o&=3d^3=hYSMYG1LIH1?CU)<oHC?Fg}an%@@w+y;OMco{;=P3P09jUZ_;)V^hxp+
zZY6bhE611=9wi~UlDy?8U-*2h6w2~TKjmJs;@=;&>vls}-BISOc7iV64i7s>nZ}?d
zypSvYNsY|H(PQHKJnIXG2Rz??ZY@J*47s!e9Kp_r&xErydf{B<(3G@de;kA4+N_Jp
z*(|!NOS_dq9@6^3M6S-z>E)@krn<l{)!SOc6PGcO+4}-nUZ169D{WFuwFj`UF%5%g
z^5!KH<+-%4<si@mF`iP3+*Qn%TIxQFdgXreemJ-Rt8GBCTBegZ8E40iXn{L5F{7lG
zk{ih)h=CKYEHYft4o4^Tgoh7vTUD$U>Pm&e8A$8*lS*MK;cg(hl5BoWIX-ll&ys|#
zxGa4$c3U2pIsLAE>pmVN30n@yG*dQddd|AHR9vZ2IQis?O0R`ZNzmqft!ex?OMo~J
zY-%|tZt6{<TA+%P2YS;AmTLeq;R+P+KobK}AxQ_mVDH$twio%N4oAn)(u52N;legu
zjS|fMuPS4<(M!?-22I3ILvdT*k@ent{yL_Vwjq|gs{bLp=&nUNFs`vi)~ULUY8d7S
zk$UyMkXw$D-zd`V(S8d=p|Ebjxz#+G{1LZzHhYue&Zf)_!1>JrVh&P(Me!l5<fp3J
zq8VA6qCC{sd)>GP*L~%Czee=MD$Ylo32P=hj@3A2c?Gl>=hdTxiZx&&fQ=}hc^~rD
zlxpIYJ*Ne2t*pb^H^8=Kn^80j1syex<&h|P0CQoVC>iboEh(qyHTpaH;i~x^F4TxR
z7!oXrj+oOz3;D6PVNa|&ml_T2!?_7rIQ6t@p&VEG<aDdVa79`F$g^}5Gt2=gw2<L^
z3SQ^&{)6bXdsaL0(Y!^M;rBOLuH_@C5?;3{%WN6!r(ys={hS6rwOZ$c&G_nOHJ15f
z-lt_3##Za)wzS(npH%BrzvA-@qPEdYM-2yD;FW_$$OQr?iuOr-YBf1&`>=Ig{Y?Fb
zP7O=fyjB<<CTj`H;YML;V6_xy8amq`=*a?1NjHL1cP7ZFhHKGJCVio5G+)nd5T1q_
zA|PH$unwIKGMI3wd0kMxdw%)nb&jYd;oyhOtkkQglooBDhJ~dv+=<%X@rCR<xAnUz
zQ<g5qZG=4+F<JT<3+HC!3$OkdrXHQS<AtbdBdeFnbb6fx&g~s|OX%ffe{bqu9W0d4
zxOJbxTcD>`(}r2$<HIcR607D%kFAou^vvhs>HXF<kXKyy4VRS6W<he5mc_p$S3Yc9
z&6&_<%IeCywyP)nv~3*g=Jce*4&ih6qMnBq&=k<f#Xs#a-R2uM;pRcc8PIONq;eZt
zPghFrYFt88jkCT7C(GujOii4xe!lhX2xu3SX^|M<G|5d5nfWQdS3_7adu|*(g@3RY
z|7NOJmu6OLau;^w>s_5inYS=a?wY$<FAeCl5>yugG7;(PaauY=noGy~G(EHVcFpL#
zZ5^}BWZnz4L0wVhXn|ede^%eg0T~uhrvUIn<>r^&m_1HuH};ZxKAy}8WBSwkro4>N
z_c*-36V(*W_gZEumCE$lzDQQKrd@JK+4T;4#lEEyX4Ul)7p&!sraSlrezD5X-)8r|
z8!|H$E8wjKDFzrT@md=zz^XSY83rg01Nzyj*!RxhbOU#RP@!lm0&R4G3TNihR2oY;
zp(6>vo1^MH0iqN9QhCS}l2$?YA0$%zlWYAS_bdNfvntH~lN3jsimCrF&EsFS`#&k+
z0tY7^EBIc7LABCiyh-b=w`%Nb*i_BvRTK+O2cdqYqf;Pj#|_{$=xrG@LT0dStE9Jy
z-?_$7I@Isd?n3kW$;$Ls=GQBG^Xqe^l`Qgn+kJc3^N<F2#%=!c;otP$$hT^KK_bDf
zg9`oQyKP{~U*|iW7Q^^8FHe7nW&0ubc)#YzhCFuo989tLj|m#ThY?=_B+Dsz8RR)f
zqdk;u%7M`3xStQ;a%E11FfBq0xqCDIZ(Pn#cM<CsT2l5b{!Q((oe+I;*!!8Yo|K>=
z!A|tYeT{(U-xU=k=lZrmCD6WKZ(A6?^v%B0<p%@X^M}!M!#Wl#tBXhRwaC%P^=+jD
zC9$dyXVB>aW)>Dauw+bA#&N!LwDM`&6))rZ9kS&3{ruAkBQW`Cf3tn2!6I!2QNP=L
zf*=}gU!j1&5+$dvTi;bw%{-?``6bftz8YX8lTii*URE}EoFc@}TFjld*K(SNK2&V)
zkdG5}vgZWEFUscCree^nD<48WTn70Z8$LgE7_|84I+we5g3R>&1s&LFmiewZWQ3md
zuy=BEfd~sr{9N6-O+VRF#;ag&!Yv3s^$&8G9axPYm#o=#88B|upHFD@`Er$BnSo@h
zH+7w^$&}OSSGWEn6qrc8&zcCg7LTAl;tOs}xh8X-WGifP-kG9?IL|t7GLNj?^HgA5
zv1!OOeb=uz*b)qEzqiPgl#z{&B)_1sxcx@9rx-PdC*5g!1pFayy_lN*)fwTk<r+|B
zA0mHeGIq#qs;?5=yi_dr#TiB%Ktk3ii*r}KS}@NK$Kq=#napd?4Php)p_=4ceFU<|
zHmH%*^VU~C^l&9^!y;|#beA23a4Rp_Oz~sq?sKemTw$`S{jf~O*wE1W=@`Ybw5HIS
zUW;)2oI!KM{H*_8X2pD>YSXA)G$mOr`&mwbObSXI$R0V(a?$^>WU3SZd9$+ewP;Q<
z^4qcOdxtDbC7)DUztPA^)}@u7(~0UBY)XmBCu#Pp{oJ$DXKQR>D12U3I1U?<>7Da<
zji6Fp;bMBZ?-1p@+$9gb2B*c6lhYwt<A|r>Cc#$3AtY+%(xs47B_W9XnZwfn0SbNf
zqorpkmIog!tBt>#I~i%-^J0orK3uu>8J>5Da`$;FKAcGA_9@L6$$n8R$sL5N7x6Cr
zeG<6bc)c;^a|8I(SS)Ariq&%5z)owM0zq$hG!<t$48$}`oi@EB!)$rpyeN-O3r#Wt
z*H&iuJ14`X>YcpbeOSxh_zpWTuiTzN=~N5IaTSM!;28SlZ76#%zt|Z)x7D`{bK9f4
zQrH`7Y>a*)VHZii%gxV*+D`9z{iG;Gpv^ZYbD$M=Tn9IiMQ0p-5*2um(96zU4mNOB
z8A;koW5Z_`mVzmn>YExLQcGIAFwb1CkmdHNZq;8oo_;-f<eK`wko{?Nq5wUMGv!%e
z9AxwqciuKlT~OAk;V^}xGtE|mlv5go>}-oG{dMzJo{CldC>#*<{l0@p^$*`7u&8<D
ztfkgRMsrb&%D0d63N^(Cns;pKEcvKQX_?pX7gbvN+;cl@YqMC{KSZvc_JLwO$$p#3
z-{(0V;~9KI{{FDG4j01>>;+QeT{mfhs5fMTG`T-ktFKUy-gVRM@#`HQT1acDU-q3T
z#`c7`J#P#zM3L?0LpIDU&oFxL^X{x@W2-*uKq_k%&(t>3D`95E_Q#Vt?aRXbGbzgx
z)A3nWqCc`F$CWKKC!M#waF{N>1WmE6Ee}0kwt1FqKiVrRID)2E0;jUOIM#oA>02E+
z6_ujjc)atvY_SklWu8{n9?ScFLyxi5)=#QHHPF_S$Y;gdFj}NAlIaVDQR@cfW5$SJ
zESs%piREgmt>9Rqn5pmF@bk#{jsz7)A)t~*KDgXxY>W5ZD@H#b(Y<;H74k+XZJwI3
z3gt&>f$^*<rd&ou6Nor|bTU7XdgD&4iC{C0G<;$h^rOz#!(1Ge=Ek>p6+k_}@MZeo
zOoV#3MOLRq&deu0C32CBPtLG(x?Gsk5&tp~H1h2kzpqSvmFIYOn<a1HV69B$BG<K7
zi=(pZk<>3KB(?HF+}Rs5>NzC?Ew1<KljXn<%Lnt{PlkI^2kHh>?Jpz|O+&fZ(QvgF
zo}3B`P@4DaB&1ci;k7Cyt>jHiJvGEZIH|8RFLbcK!>v+8S>*2vpuH@@J15WkJii~v
zxgNWWeve$eFd8e{t^IuiP)>CIL9_5jFW3s%_3Lq*;I|<11KF4Z4hcyI>ep2q#~jT5
z5w_4bvjUlSLj!?IKmlGQAY${vDslUhshBW}8T6HV>*j@gakH5~V&^ip9t*Ge)V+>=
z;6yGLKP&(b!kuF}+B0~6#knZ+;I)Ut;-edYRY>3CL*c$smovdZ&qqz8Ki|sN!N1Qo
zWYxZOi&V#U1uIL_x-XlzLIp47SElPqNJ|gl{6=+x51|lfQnfMeIoBb!q}Au7d<m6r
z?tczDr+a&^x~oR$)5ZbNWJmBqCOy<J^LP4hEN}h$CawlKX?9%BkGz#u10<RdEqtH0
zWlwp@lCRG7<~*JytIIxRWS(<1o=Z-;Rn9oXlSKN*R5jUTPeJe2mw_LkGKnJ5S@t@%
zEw{mQ;ZJMXh%;9avC^cSAI@T|Vir$<K;<YQJ`z9G%TKAYf5?1>cQ-TIUvgNFc@OY>
z;4Za&BF>1wyp!vBBNWBN4wa)px=qlKK?*dhJoP+Bl#OQ_WU86%*N>E>hH!hln$67z
zg_3F?&eM%a&ZUw-4a+`t?wj$&Fq73fzR*c+jF+UnCj7ssd&{r3`flGF+R_3ol%g$G
zC<F*v+}(o*CxI5%1b4Y8?$F>`EVxU8Q!F?wP6$%GIK`{i!+oBy_p|RY_Os9ZVxM!y
z`3KfmFV<RfuKD}U&nIC;yltYrFFx3>Zk8Ilm*=qxL|G(LS&~B&4suDxG&I2ArvA*9
zN~W&{!X?<QygjV>M!(h0HAX)adrY0lKGY=1c<2s)9H;?G%Z5C#4>+;J<m2&7RuRZ6
z?maoTMO$jxP<J{nrMkg0I@6ozM{ZMHEX<TzPkzse^MxFM9{I}QY|U6Jl@;}UX(h91
zKHS&t_dIfr@#&S`tXp{*S{T{-%CO2nNDbylteB8ZQj)ifkbkVQ{UNHPF34iz>ceXz
zBKK~Y`Hj|o*xX|;<m<6r9<{hk8)Vaf?R;qwzB2)6nguK;^2BM1f5m4$8F_Y#Qm}gN
z#bWmdVo8TO@LGg-IC<3|e)b)Wb8qe{`=$q3;bL?GpXY3`(OQHAqT0FA(uBVHJ>Sa7
z2+v)%xMX<Na8OlaK<DdE4Ogd$78@N{np(rQt(M`alKWFVa^Oa>DTs>qbL2mdfV&7*
zR9NXf6lge@A#i_QFyXm!&+x;)@x->D2z%yK2Z_aF;8tILMWE0IX$nWbOG9zarpA2m
zxzxIRXYt`*nOf0oZ8lXS{OzY&!}UIo9!wbW@^12ym-J4xx7on+bXm^Fba*&5qFwna
zq|rh7@Dn%O(yQ~D5D4bvYC5yr1RzVjL_H1TKnvq$ehJ*2vlcO%(J<gWr~!yzONI}>
z7+rjEnEIyp&}uQTt2dBGW!PMUhH2XvaYzb`dI=I&rdueUt2mej%0llC>q;0+3A@dF
z<2@#RsIa+co5<@D$-53f<tI~3K{Kt}Q2hYrav_DeJ~x2!-NS-ERWAeLKQ%>u;7cEr
zOvTLYB<|6@e=c^kXz4<p@v{?i!Sf8Z5xlk^Umq9}o7UtnrHy*Q&$h=ij#g~2_%`7m
zVb-qQ7w;Kdo-aVZ#{n{X;zJ&m)+B<2gr(K?HG`JpKfSYeO@;~t3_JzEcl-<<=S8TX
zxt5N{v!yj`bpU!f+n%hVV+t$0Lg`G*oO-%=ISCjstRy??4Ds_NRorTGoZkJNJ}+=S
zx}(~&IVG(GLH>i-6ij@Bk_Sran6uVP@wQ95^h+n%OxNBd&_7Vl<XpBH4knIjs{^<I
z7Dnbccv!_mD({;Q=sFuE(QJ!(h|z`PmQwxEXII4Vogn6zV@hHBRH6q>=DY-LTO-UI
zpqclbh9nP5D{*|ae--{z`2+$ty!bD6&i_|spQ!$s8na-S6u5sI{q3))Ut8}#)7JhA
z8}a|MSQO`i<sQ0%(A^j1zOSWKfK}ARAu>ydxHJv($0Q9*G@K+}QspanEdzlrU+e5k
z<PE3v^^99rZ^|y!J8hkjsZKvKs@{#PH#YkX<#sCif7e;fgD;>)iL7+qW*~WjH>&)J
zf@O#gS}uRGUiddNUn}nM+5C-n{bqS>FnQbYYSlNu{Pfn(;K{fSMKK#ahpDGvpvxSZ
z*E(ZCx8fOM;E+o}G;}lL+!{T{CD+OzGb&Wc4v$}~JU#v!uhz6ZqDTk+>(Uq-xW`~M
zYm8m(b_85o;cS=FA?a2V`FEi@I>~L2b@sB&_gbV+{@6T2zn9ANY<Y5Q-CnN1OB)%F
zYn{LGY=74tsr^y;V7};!T>Bd@IuZi=$=5mT`y0CG7vL!RNi}5u#Gg00wrUlgF+Os*
zrGG?zDy|eL-92(%v`RKPImC+pN<Egr@@<$mKC&rajX^gcU^1-vNUvthxjnK<TX8g<
zcze)f@u`SVf$ND61EdoVKOoxQTzxjZLZ(QPb0}L99!V?WJCZgm*fM$n0Ub-GS4l>E
zO)M$bc}ZciKL;1Z2Hv_Ki}JUD+-r&tm2DY()*wX3Z>&{|&1!jUJsZ<jkb`iNp7|g&
zgx6QyJcE2s&I1Ck5kVUyCU#6OT02XmzgxY!q@wvSG@kiR8%}UOHGw*=zrL|(l{j<_
z9Ydd|u(GyR&Lxg{%FlLhLB;8Xn)9{<>wT}pUmWI4JECKN%<blpzsLCQw*_lT1%yfL
zpV8(|{EheSW_@?`&1JfYyDU7?`9#ZkK15bcbhiM$k6ndH4oR)#pqCSu)p@y`uI+ri
zH)X_Xrp2_X<4w3F=ewoGkxBZsz3wDYGvAn7MisF1slA3Gh2*8x1H-k)=m^bF&!6_R
zZGJV>bTNq{zRtD_h#xUTs&LK1aVI^<TYwtt!6Wkl&APpQ`cJPX+mK%ElSd{;+>>2l
zi>_Mlr*NKWYy7TB(X<)mK3TsekJC`2dJtar>>}_(7(3(G9a!rFN6RL5K8m4ga-don
zqxih5bd^eA-D`K$KZ{QVQtxAwc{TL9h0C94jjUGc((Nq0`HS5}$9touQQ_&Nzwvy!
z=qBL~S1`1A^QR2g#@qZTP0R<hv{wQP5HN+A2AQWXN2H6Obc+=-=!j@T)nsJJ#NJsZ
zX7t9di&aMS$|yc`p_B41mbz3~hLTotB3dOvmsX52J_`|;Ka$_M{x;Dwlx(pp8ExmQ
zBB1Fk-ek7R^%4Q6AxhnA`DI^*ffZT;&&#!UPy;~1xhMrhPPe4f=-E-fws5%W7%x#T
z(0TOOv(b0nHEGjjr2t2~KL#R>wGs>}upUx&2I(dtU!Q%0+(yS&0_-wky{tP|>uIXj
zuuW$_MIsBZyn_5mz>OCk%Ti@!TVF{r2^%VvPXXkstD97XW<)O^cFg_M^Y~`t9es-O
zUL9+7GUL%M6VR{tTJ|Ii$skM{tqLa17ZQ7!I+Q7~@$<0b8w+D5ul0(^@GPlT+2|_?
zea1E1j?Z2ec*WRNVTYW^gcljWjQXyz=#!Z#NIq)cUDX%jEgHR{s$^F?#jB|gP*;OS
zMH{889h-wYMDE3&)ffUf#-=A<Pz#jy%<6T|ejWDh)aFv{7R*tCb{pB5#0EE`eL(L5
z^fSth85|EQH15fPbxP(s>hI6i>)`UB?Msc%?0d{!jmR<7j*67OQ7o6Qgb}5Lt(ylK
z^pZ)NeL(Xaqf_sA28PqxviR6dCoArLImH-Npw17V*Tp@=dMwCDRVioVU7E0T=T>FY
zTGj<6`V|k~M~G9F?hO5|%A>={l-;>nY2uld+tPUvB9r#A{E}4H5{5s=Vm#E_Nr4eT
z+2d)dFylZQKSJQKrW#u8Vk&XfAC9~PbnAb1iu@XIbygRp?Ac|V-^}sB4_!isQt~lq
zt3-*l+j77_dK!IaAIM1aN<KfUH<vf9CK~4UXK$Q{DgLqjaQcbaiXiiKamtgjU^eo#
z-{zb@mOyAf+I@Tf^s*uHLwJ`p4PBaw3kCd~@@@J@?+hQLd&a>#7m0>$MW=&Oq<tS-
zv7V!dUB6+v+1$R%-HqFn_~foE@4KZ=y7P?ankmeFDXOSn4sYGzhL%{ofe-s9<<h4Q
zfnSEACYqvjPi{Z{_HUvm0;PVg<x)FHg>p`sXp38q-qmMinnfm&7^{Vi?5C}ip|*ni
zuQP5A_Kg?%4Ld*1qfASeHUGgo=tZq*V|Zc4%3{AB*~eDKG!x;IGSeevzanQRh&4h0
zKvM>C=ctFebJwRyW#a+X6X2DYmR@{Vm8GJZXZG`#^&*P7;Fe1+(ClWah5+wB{yleV
z1mnz_W|M3{@FUp9>u1hxQ;Ewfu=@qWrHfoSl-H-V$j6*tQ_c5juD5I&+*6%8#M;lc
zCnz8>NJSd~6awPCv8ouqcQ1mmilj}o(6MP~6l9>){K{!x;D&@cx5e5f;}y@SZpN&~
zs3p4neOiFjT2cfRd)cMf2g;n<ZJO(I-j`SbmEt`kFX%27$tK*hQg%}F2+-gUHZh|t
z%Q-};F;NOnNtA2#8$f7y$eW-ZB<H03qD-jaE^|8XuOc_Ls91rN&jdq4(~=A1gq*+!
zBq|+--bo^EP6l+fQ=-&oXv?KIf&~S>Z<KTQ%EcY`D#T07+E?ge=FO!744|h$u+-n`
z9U&hcc3mzK3RciFH+;L#MNy_boEQF(AZ#%~UFqv*`Z1mhTV4fnbV0_Z9>HU6430?k
zbp&~>GdEBf=XmxT1k!Q{2-zR{L%wt@()s%^PAstp8%QiN+EnkJW96ou+fE9!<lV1W
zbd+%7T*4)GEt@+I);?AP8>Cj~$~<^!Qvck>1fz7VcT_XHDZ`$$jZUaDV0U?*+FY)Z
z%*N1|hP;i7`B6f|H=J>uB(nVTM>@08Vx^ce@gZzOh6>)Zl+y$)-dfnTgV35~#PF2~
zT4KnNKxKJi0;Y71{2q2pF;bYYEGr=|KOW{?1U*Ir)Rj9nXu(A?R-;ck(lZ$GI8fbB
zz25@a9S@762P_oP6I;#ad>C%%0i|SXb}ZUNfoDe>M^EF|Z{vU{lQ|Uuy=@n?Dgu;p
zM`R$1(~b{XW4_@pmh#7;ht#Nj&#Ox@dHOddh!2+fE?Oe!x#G+`9ecsB$Ai^Y40;ks
zr8koc*Q(-kfiDj8QBq$Q+Gz+UHM25lXeCxb=KehUT}7-1h54g%?`GW=F`dG@za+k;
zEMJh4(<9iQtrjGBnAcsRVd(7F19AGmxOOFGy@A1K;(|Bxcn6!IGss&}r%jS_{)W+>
z(Fs=7uH~l8dPd)Lo@-jf<mPKMfWt3Ml}&Kw9(ibiwZq&AwxR@STfY!OkaprKRC5t0
zs&N(0+IN~_{btAPdE123(NHnhc^smRFG{1PiP9j+O>U*Al@m+^{Pz40V-K6cUE~dR
zgI(R-V4)m-Wx)f^?H*Jjl0s&umX69Fxpr3lsT%B?_z|=0%gs9I2;*82H(k17P+32B
z@uUpPEznPaxSTDVvy>_KL)@43t0kE6HJGS4F7KPGpVf=F{a}Bth|TND<sM&5`5yHn
zTjYcFjZd-9l-p5~QqEB{bEUf4bZNh$t(sfr!%Gq#@iNX6{_Rdr&BF{ukv)-F*O2Yw
zgMChGj8V-6>Ec4+RMnypj!;g9h>8~h25mXE2GZ>SLH*EwKRNjS<4FBq)5gDXH~F2j
z^fP2c>Y{dRbI)<TH?zZf?C8gd@q+iZW4*Rf4!c%y<o4_@bMrs11$%!RdR6yO{!UUZ
zP|Ug%EgqtAu7)$ufD+O^1q&ESj-6DV9Ynt&AdS6LeyQan`*}Gm1SXn~DrtwPyUxoH
z*<AF*6#Vzbl+v{XH+!rJb1SZ0r!!(@4Zp1p9b`BQ#U9-4t{Ox&LhJSGd~X*u>}?b8
zeTlig@!{|(dtwLWbqZjhhg8gYoj7iiXwC`8W7+dg{{-z^%Zjl~()k=>0|g~pXY0C7
z{z5KlNt+o=f@x5}0oT7xutOD9@pj9q#U~wHy~`V1#l48tTBE}$KGF?GCG?4}DvN@@
znmRut*|wPZgG6~A)TXd@v?}2lTl<CVm*AW4O~$_g;GaGnxH=!gjGv&LM$a~0p+!XG
zvuE#L?A<SYS4e=tsZ{M(hx)z$j}fQZxSw&W$+v-j-e-Wu!dsiR0)Mx|ulyiYKc{NB
z#?gP+-Cf*0#alPAY+C#^zHCbOoy4}-MoFjKmk=u{?Z4BW0R-NF5m*G0VMK?^Dl9U<
zmqzT9%^-~0U@sGQ{E4Z>k_J=v40auLl8}oWRLQ0)+~VnHR)49dUmJ#iuCzK32Q3eb
z;)L@%Ckxye2atZtTNn#|nW3;jLGA^ro5}X}*D#YV$$X45X5B4x9wj~WWY9nA(oT=G
zt<N^BoLuoECC7!<dG2PZs;yh`_A;|w4Rj*<<S2@ImM6Ym*l4>6!l9?tMj1`S#X<L@
z{vhqb^aQ<de)qv6O^-UeFFaMg%543jz?_BSqJYGD9GB0_YQ(A<V(S02q3A_fuD)4I
zy6DQ|mj=Y(ACB!tFZ%k9n!W{s?wBeD4HbE)J+{$!3qG=Ar*>K5$LF*WDe5VuOet%j
z6l*Nnp|^9b%C=y>_x$lKHCCLgtJsM1F9O{n?MzG=Gu|vkM&W}YX3<3-h|{Y3)Y<A<
zeaub+Giln=6yj3SDbo=6Oh2lxd&vxR5e@fRXy2VJ9;?4Q_%~)sMOWO8U#pyxRx-WM
z4YTK~hPFv{$FL}9FroMFDKZ2tOv9^`VT=%{#>u3|l@dHQ%)h@_A<l{;=}=x?iiSi=
zFI7OZD%>14&D;`4i17#>ysxh-b$aL7WkbA$45v;0E0uQg$ZpFs6(427k@167#j$B~
z4(ra$ypuv_CM*G8d6>S76Q#M`^B&CZ!ZlB{FJ-cj1E!AMFs~Gy=EZ*{JrFTNwQaKs
z1G!=@SI59M0D`ilGwo<0hcV|jWqOlJ*NI#s-;F8TzT`zOUoiCAX8K=ql_|oYc>z@K
z1?wskiE*4<$!s1E+@9g)aPK0DKwx3eqhe{U0hid7-e?n)$?ty3Jw787QG&6E$YRL@
z{|GUtBNx6rG3Pw992w!9vz~-Dk$Sg!!d!kl0~enCSR<R(GVvK|yDNjG`)vT_s2yOb
z*WK<uON(06*gcJzl7lUVqK0&iNQOdAh7TNn09!M4Mu)pZ@DAu=s!k}&<2~lAXIP*4
z7euh_LCzG!&ImWqK>-zBv8WVlz$rbD7rP%|q@L*hhIw2dgucc!7i}hR6yiN}jcY^B
zi}Dv}UmHZK5U8pA*{bv=P`YEUP(W9Nx3m_;MmDhUTWe|`KC)B6TGv)@fs8{RT)6J~
zp6IBYLq*TnbgRZZr>-O@V15Si<Hr~68M|swt&M+X<F9fmOk!t&fFt?V#dn;fEE`wy
zA=+`ho)4arD7;vgW8|6eU0G}7MC?A_#+l1!!33Y_ASGP>{BDXx-tyv7F^94~*usHX
z5`i|=BV|Ien{!f$tD7@zXQ(XdEv|SnjxiUnrkcPO{c5{n39Y;g)L^`Y2aypqWR$6M
zFP|OMgg-k^%gu=2nUZ}{|HPzlnb$YadlF-ZnoAorQG+cq#^6Y5zkqPtolG!=8yM65
z5;q*%*u@h&HuW?s)K9{8RVy2@>AI@CFSZN)AN?|DLG-j=!HCTef}CvqJVAc~0MBDX
zE{@S#oHyoTJVV5-?R4p=$^AC<B<etqiT9WTW7A59P#A!_aB+Gw%#)`Si)5LEfM<{v
zO%PTn!Ov>cIMwEFTf^*81cg6*?LxC{+&O@br*@uKk%@2|kq>%jR3tf;u;%zkC=rvM
zFurv)nM9{JRb(xqQF6LQ<&>306Pqm8isY$v^0DrJ<nWfYhy!d$V^F(r;}B*fv6#%M
z=`qB(M-1zsyO|}a%-R+crFbR$o%f@iqHQH}ZH2;`y9?5mbA|3PUb>6AUhXtWTW&Dd
zt6{MVk(=P7rZdc@887#`dE=Dwr<}`PVf806FRjzwzsypH*mC(Ag!fvts2`Z#t`2hb
zh(?<0_m3-z$}llkiZ}-}*`~EV?}wrdfosDh8X$1m1CdOHjK(TNiUIu`W?3Z8=y90)
zeaT+y5S<s&!|a(8lN(HLHlH^t>eHJelzOaCt?jMIU9g;^qe`S)X`;|t75k${c9f{d
z|INv8qyIQ3yrTpE$E1avQ_H`A&%79ZbUWR*M!UI~U>&n!GT;vRI3;Lmw;tFt6waP<
zt>X#NJ})pcZgkKE8<xeXKX4*3b^jZW^OSv`jKP!n{N0A8se%gzr)V14R*KQgq<CR}
zaBvC?ok@N}#Ta|3GNgN36Ef)%+-t+=zp&%(*>bu*zRJJj6YR@%C~+>dSk9$IQ8t};
z46Fa^D{LU=!r$E9?|Pqyp(c~^!XKid_j_(l^G$^79VANfZV*^kfvZpVO}!92np_Sl
z^aKAg-mUB`UYX$O(^NUSgS4v7W2*L$5w~2$^Rq{(jRw-^vJ!jA;z!|=EAfbxBi!}(
z@f-Sx>tIomW%%BHac|&Zxz?zT)AHH()F`jKwV72O&#N~C^^b~uTv^9tJ90<k&k{HO
z+6(Tzn!C~W=MQ<-#rNwJ{imaq*sxjnR44rQZ#>0`75VedjlZ70uDK8$Y+LO=THa?=
z^wp4&J=&zDK2pIZWp0Upktqk^9!AUHbhz1PA%K!Wed?P`_WM%hl&hKKooX#R^6641
zvR<y4>`tn|THH>!QCf;sqc88P5IJ4;d9Pe!#azkUUc9)PTBi|CTV|7n?Zm#e%3u-s
zWk4fZ>S^Zq7Eur;FR7iANf4BK%eVdA;o=SPnS)3<y_`~RSn5<hhu?1_g)6hDZXYKy
zB1te8m9Q}O!^HZ~ClUb0C^5(A$~x7^%rW@n<a-XF|1pi24rIGdfi@*9vPvqNr49d&
zMq(wG{4YnQc?j<iEWvI0!b+*SFJbNlFVeYd0vcAB&Zn%#n`w|AGFTHP+2J@-Crpz4
zH{Siz-bqC7K4)cOoL@i^_Ne!LZPcI<k^@8G2xLzU_;!3aSHco;tD$?+ke%oa>pYrU
z;dO$47w4S_=6?}Gx%KY&fIjA^ur$BiZj(4xufG4>`O8($J=iq2s0}KW5;<h!E8O$I
z>WM*gI#YXVB*{d%PXeNNNnVe=-tRmPb7bnh^`hPCg``^z+RKFX&3$(&d}AtHPC?B6
zJynN!&7Nh2xiQF^&j|xja_o+3!Wd>czz9EUxLu7})pDr-e$QSr+2^nK1lJjW=R?Gv
zZbp0k?;B1*-rA?!mD*Sy*l*G%%tE}Dfv+*jmFp0``b#53whzu=wa68`JM54*_|uBD
zC|09O%X>bS7r9R`-?q<Jxk$F0r{5Vjt_5e$NbIE{eRx)Pn9-d#HJIaZ`73?GM=tFL
zxScr4k|y5K#5Eh6X10#@S+^*pttcPsjdsYT#>z~-m(OLxh2)t8NIqz}DjF(=3iCV#
z6909e1EixYo6E@X50|gG8`yFrP_L(s46a4{8H_ABUD(!gi<t3KRPy)7f9UZE>v<Ek
z*4a{m1mB=+xXm?ODmx+e#^t0_wL~uVVNxOkU#8GY+!xtSJC1fkKphLV5$_T1A~o9r
z>w4f@W-b%?2SCaBBHEl|zKB~$hMoHjq?`ANqn@2A%%7kSWVtj(Y=dgL-UhIe9;m5*
zCb-8XVVv>kDWel#_P3zALr&YOPwsG5hi_zG19sf39_t#Ir$kKy(WT9kpfs|GYV*DR
z+8aiG5Q=l$`LD<qap#g-6lKlHB0IJEw6V`ziuOsxae*QqEBQZyEWn?H917xaq-nFA
zN?o?5Y<alue?y{b3HSff%3kvV)mLRN6`+ZDZHx&zvQFA&<3UE{qv|W;HXLMy_d=O~
za(@OkqFC<DdNd6xZ#=7~(CT+ey!I&YKcAsx?XuW?kR}wWOG)m<nyAj!E|{Fb72?hQ
zI6KB>QZ?H5on>ke&){p?HZ9BYl7_;U#|$TdYU`s*)P=+?hi_g76}SB*Go5QeXLl6U
z;5<_!kYiwzX+O3{cpMW8`ozzxzRExVQTJ|5#KTt+uY@QBU3Z^ONv=B^&urlqE1lcj
z4#_)~YQ^R%JSpIf=aTpJPQca~8cYw9u2(>5dabNf<npw)S9L?5h=xzF52T7Ao~fQ;
zpX_bF-T?WBx%^BOQgE@L8G|$gC85!0(n8{Lb1|%2>qG;VrY~s!@LF!=2HT7}&Qr6@
ziVWRK5^LX20tae9d?cCz4jx9eWYvqm66EWoS{iq6snwJK8{Hk+Mp9C->wWP-NO-Y&
zSB=q0oIV>`G-_G<AFsf-^<jUi`%j0D6W3ovQ(dyNWNhPN4A7Yq{+N`RI8cVaqO}7Z
zWI08i>7Kf@x7*)%R2JgaLsY~%x%_A*NtiQwWNoG>Eo(>Hbyu>bNFtiDu$%Pva=wc}
z+3e=qrdKPNnkkzjJFcYtj^WVbMs%P?(LKo|=AqKo&J1;ZHOVnwJi-U}<Tu_$Z(U<f
z69(dbP`n@afDLj&#&@N*)Et!o8h2UZ7LwXyHKr7N*6b?qktx-p-(PXPab^vfOrs)!
z%;+kLS3#khPuS@^ME1hIC&Bc2QoBLxMUPh~3j=5PbA@U$NTI)cwPtXnnuJq#uQie7
zRSOzyM!Zvz{(2z}3`#8`x_h3+z_~gxO|M{Ct%y$oH!|xlwq;YsDd5BgnNU)x=de(4
zI!9DAPX=b8U%!HL)+0?bz|S>?g|y|Z`a7<P3>JJ{(~E=xYdea>_LrV3Q_i_Yvo@z@
z=um~5d-Bc353pyjiM#QN^D{I3#HRGFFA5s*x(Z}O5^!)@+Ph74Ja3`pAm#UFA0j`c
z4*rxSE4C<U8horYu2jLRpdTOnRARi+jDeI@2#lhrtFZW@c2dy#O*Ep7@)y3;>wu}B
zep}9t3tOsfqm~ORP6{@t7B$#lS0rE?V5x4x^zLBayd67eV*0x}I<^^Fs@VatHGhI?
ze<ft}9O57~Q+_|9(v=xVsPIc&Qf{FKwxYdJy9O8wE{`#pSVGwaDvy4>aX1krs=Eo^
z0oaHXZ2qX0UzNqL{@qohishP>DrhqlAgEj4jqlQPfDW^agujOtjhXGFWpjoo3Xoq$
zO6Ve*4i*esoQ*rB3l@{jn3lNRUWCI@7$<tM8YTehIgFVQ#^eV8;^ChWPnw+Peff#N
zYJ67`%NV67!(qGC^Qk(WlT@4}<G?mFK4~@TE=)<Kkt7d8^9>&>#%Lr~06FoHatDMm
zjq1mB`Tf`xd%d6nKjkMfFEB5GA<Hl#jZDWnHYphoMh*V{{8tjXhYpaS+PtRs%`lIF
zFYLsHr4JiNN%>m4#kEH|CW7Zjyl?B<Hdox|flm4jRuw1ghkxD6pc1Btg9>~g-;sIx
z%srOBW|D}8J-c%l;+6xD<Jlqjx~vXr;r#5Y^U*m<mBvqpe9^TBv>C!W*>M7;{+?t}
z0*H-leNZFR)LjPyBT`%PiSTacjtviAO|#^Du_v`&JrZq8Idw1H;-Q8)CL^FZR+6^z
zARPeteGOuu_E}4{A0C(9Oj%8r#DF_?;V`}66Lx#q8p=HI#=$$N%wEk&v-B&HtoHQv
zOshoN@ic%bC1m(nTY$akak%8L=0t1+sCoFJgdP{qNsAoWU#%WtsQ}|YFn)=0C27CO
z>RB>blw?ph+~}25U4`Qvv&pSjGco4>mY5S2tsQOAo6LOMHsvu#-K3_|1w&}IC8_58
zQZ;jHL8X@@@H}2FTXpADmo%W1e^_L7rXQ`FBo?#K8E0+fZmHDLC)z$1(f^8FZOj1t
z&32J)8o(<S$!Ab{GS8HBS-^ePL=~A(Wl#Q1g}bSglZA%el|Pkg5!2C<3AzSaJGH7w
zT*?yoo@6gPvu;~Hx~ahoyM74LRj%W%4(E{;R|>sP2oB3<tz_wV3YMXb*ljX?X}hZk
z5fdNyDS6||voIdcy|$D|3+0oVG@wKS0=FMpWokSdo3Dz?Q6MeN56Fk1a6yvF9XwTQ
zpE$YM^cbRUs9az~L~3&g?NHLvLp|M#JkYWG9eny%(!5_6mR$4D;Bh$VxTT^w*;e2%
zk5b~p-z9Izxwh~pnZ7+Hf0v1aT@><5iI+O|HT(p@hD1v1Gg?b@OSz`O(OadcoUX8@
z&o$~_?AX0GBZp&eu4H92i<}J{tQ3zL#v2Sam)#dWe|1vVNP0xKi}Kgd-u_xraRj-g
z7~nD-I&4Kvx+U@)dX0nVoo=Mrgv513E+$p+k6BpT#+`JyEai1P;pLFuz$u*=ER<Ly
zh`uj-*f2p^`HzsXebw$|%y;3*>>1WHkMX1lrFVd}-PmdP-AUEM9Dszk&DrA!^1WqV
zowwg4m7{p7s2bJ0=Li!Z7JLdYBG5;CG^I|opF{eI+PxNH{k#v)n%XGGRUftaTJ=H&
zAhwa1J?MLWwC^Xx77rVw2rD0DwBaNwK8S>SfD;e!L34@Djcyx0&pd}+{F<-ZN#rny
z8JKj&2Akm7fD16<C}lR*FId@0{tm5COjTD_>s5ivK(mc}df(3>GP)ub9j}?_i1Bly
zCxa;nCQEDv-fzg3OF_4S$Z%uq9@I$6@-B(P!kKhZZL<i(|91S%zYqa25P@V`-%2MQ
zMFR?64cH*>D*=ZY+*OrOI7b3)v65*HHBR=AhPE7i;_6tIyA3~nDi%-z6v=Lb=!BhU
z_zQvt1b9VuYx(zt8spwBAU{-$jM-$Cipfwl;A%y%v)ZT9svCHhbv>e(mEEllt-8a3
zU)O@>7VtiR?gvl^Wu!E7>&ro8;maN39T{jJ@CYV@ll^%j&3UevX3iLR^v9)Fy1jL2
zH}NDL(sywb7(=~RZn6@LF6ywJ3g;=FsL=5{Uv;@<kO&h7MMVPS!i_)&`jxbe`r#e+
zd4rY*8=PZ_er=;p1;uGdX#c;B>HgjRbw@xhbSppd;6A4xF6yS{=ro78lOhak$^!Qh
zjcdl<I?)Caw;WzN#q3q0FGIe+x?gAW8XM1{m4$O~2upn-0M)cDIPV;LD^#*Lq*@&O
zOm)^g`Evd0FZV{8Ka5U)T70iG=GSot`-kL)|GoSmP(a|K#ogcQqzcuttE>^^I@q}P
z@~T5}l=E&14z1tP<$lH|t`slbH%eY+PIfif%JGa*EtcU<+bBd(Do{%#Z4~e$GOYS`
zHf#A*T*1XfYz1=?qqPd+oE|kth=Za^6U71VRzEvE)$(TRGuij@*t|Uc(QArMgv~>Y
zzYZYlRixKG{cz!=`~Q|}HRnYB<Nm-<!ryp2`e(iG!;;rjTb~C=6~Jaa8DH7cT$aIx
znY+G^zf`DerXqj&JDPNj!Gl>hDI4EqWcu^+0-f2NNWv=b+BMaf!h>7lu_>(j{s*rX
zNTVbRwJ0x`v2`NSF^_dbfR&f=*d~CvXR5T2$;r6w{Xv{@hT$IL$yUXe?Cs7)giN6K
zV4crTuOp)&$%z}g8ZzddAB9-fk%E;dE1@2cAy!=7KfRKtFrud+D$MJCum8EprtMHA
z_VJ5f2J1Fc?u4zin4t<e!>r{{-kALA>@lh1-0#p&jf=e&NTg2QL=v1mOYj40r9dGd
zPhdC>q?87+v*1C;CYSLnc#2lL?8^^~1UhTC;$!}ximDLALagzOmVMQK<Oe!cfc9UK
ziH~NOuK$cp&|Ox*mfrYkL)*w%AUHQ}M5|at5kh;tim?nmX5e`-_A_>OI^J4F2eX=O
zBYtAaZQ~nl3n@1>e6`R2OtS)2@hwm@#!)&?%EEEz(S0}%5bUMP#Hv@b26}NVZEwd7
zXJtF)Kjg{ZPlA4)F;o6A>*KUf){^xN2i|OF9$gudKuX=ieXg%t*8|6OE&94G#fG`F
zN9HMP+MYfcJ71$XYi9B2V?3oblJ)QIeMPL9N`d&P)9zw%L(bAh$ju`61z)vN;_`v5
zi#cpMv1y3BKVF?2lJqk!IJQqKYT3qPCQ_AfH*wghmE>zE(Tq>Js@^EzV>+Fk!bb}m
zNRR)NbUH5^By4oVf95V(kYt+L&SIUn=Af&x(ZCd@&g4C}NA^3(WG<%d^h4VAQyHd_
zzZ#30^l^a#C|9%4T@N&pSrvZV?bQgb4k>m~Zmao#l_Ye`ebc!1ao>MPVh={)AG3qx
zz>V{Gd`Bu(yXnf|g{f_Xc8#EeF7g67p_*ud)Rc?TyVW-OW_AyiVezidg^2@i<sTsA
za*({-#^#<eAwxVGR=g4(wse2xL!i-vl=rrRJ5w5xtXf?2M_1mr%hO$lshz4BX$zQe
z#7x#~?b4@;57WD8YSte6xXmc|P>%(woFfVD(S0T}EJXs{t=N`oY9_kl$EnklG#j|f
zxaxpIm~GKY1Z4{Oo@^eTyzUa6#0e`Q7qVQS_ictr`$Nens0Zt4E2u*$%{*XXwpPt{
zloSKT@lv51;i}-2)ConUH1Ah?Aa+Y@v5r=rWDZTAfZ9x|f%mbiOtCNp|B=ZaTO}{%
zMFb)$E@fuSH|+#hIQNx{s?YD~;7UpKHP!lCQ*K_9noZ%R$MGrAyrljIfRVB<%h~El
zA65u$A}(Ud87;zf!w+eV)E3-LgPk`G`=oV5(S5wUeLW?D(RLe`@p1LvN#@6G;?s(#
zcvh?$`sMtTIKh36{Tn=?4aE<0N43`ny7c_mpMJ|@7!TX4W^7hyec?>YDQ_7eJi(%0
zWHcER>}`ouIuNfGFfj0vx}gXSQf{{PiFtnfWBT3(9K+Bowe7FNKjrPK0^s5B=Amk#
z9(P4g5%G$keUYqjk>T6J1(}Plf^f9Doh#!x&wVZ=Hc>eNu=LBq5d_wIJ_5%YhV-k1
z?H97L%+6JFUMStsI%N2^N7Jlt4x!a8&W3-8hu(WCG>zAGzh*#7cN05t5pHYUR}zcp
z9$)@qgjAOnyN&LbVe9X^EqOTokj{s0wZk86J<TiN`bz1$p#K4a)<e=cj;g)C?YQlL
z$Za3}c6EQu;NrX+OTWDGR<KQWs5AElvK@=^OWyXUKnLb$;1Ez|RSl~}+Q+myN#h<2
zKz_w)7v|FX+?MKtxAo}$sb}9_Mow+6pc(_0^`o}LTEAl{)@?`NW;0*izkX<6TqbM!
zF_*@dqL4zVzNX+SVQB6s+}xHQ8JK1N=$6ZK!~FX=^2aKpSD=(+$!k|F8?@ua%e!V=
z%`9kX^NHVqE({Qq&RvU{0jHgOhTIWPbl&xA&<EzDT!;uf8TofrJS4wrAlA%8QC}X*
z1HsyHcvlBpN=T(D@dHqt88J9L;lK75{G;6N_x@oRzO&1${3ciS{b!+pL-4We(92CF
zjS}ABbK9OYWT182|68FS{ueW7v)X?Ein;zP_TL>X<gT!HVFzpKlo$CrY$jEdcC4Fc
z6E@GFrcc^EyZ{2MHBZe9ny|)k5X)nsHSf!Of0<pWS+}IilLKyg?T&V->OR7}?X@Xn
z(EUH3<GgPPh4+3HS8{w#pibPoT0fEQeJ|uV)@oL3q0V}@4z;{>jWQI4&C{;=2zYM<
z(O~S{S$M-eM|qD~J$HxERWJ;s9871~azLw^6sxZ2pf<0BhcpgkynZ|^MZ>tM$t9KL
z&;wcOfUp69$sSRex|Ct`Fwk-X;XE@){Y)|%bn-1kTl>>fKE1{#yl_3w4^&G$a<RNZ
zw!aODRbSU>B%)g-!c>lRDrl>}bKmXyIKNv$Q4P{l+wu7f9Z%OB+9`cSL==t_5?pc$
z*0C~GyWuNwb$HW0tIsv4yr5YRkuB@Fu!5E+__adv0*&U)A(ar;+KjO#4K9;Y?72n(
z-(N3+CkNvf*oAXN6t>iN&|b|wrALTT($GRN#+M`dIz`g+48d9!N>kDK(Nt8Ax&TYZ
zx19hP;<g&~<@aaRrr)A>J{#8^_HM7Liy4$%YC+b$f4nL%n~B0Ob{M5<1)_l33ty06
zqc1frYT&ebkRShlhQfIoH+-}(jJuZK%fE9=NNWH7)ji8-Y`^Hy(_GJ@72we_EdisT
zx*sWP{oX!hSDNH&qw?|rF2)N{0uWr+Oiw!RtO}ASTI^H&w?<8*@I$WF9<1WTXa;hn
z6J{!Pde`SMet((oIh=Pbzk8xQ3ipBi4BGjbq!1{R8+9z|c{%;2`)amqd%}QJ<#%E(
zhI@6H?$cPv(UwmuN=<`2@Ifok`IJO|L}UNV*s#1D3((iRt<UObJCM%3v@O<|5At;n
zK;}%o3b^Y==b89B^D~0CIO3gAKBljEW0Ku`t@M}Qyxyu2uQ>36!C3Sc+s_>JuO3@=
zj<=f&Jon%}j9P8ljH!{5zi0Kth<-OwZc$mR)QkNvM5ajCpgb@5bQfk#k*Jh|#wPvz
zQT>+%>dI^7zi810{;fre`bUe#=+ff;7{AHBE2#g}6eD||xx+@Y{oyR<?zp}!z@!@q
z)YrVD6cebK5HKBpiw=b2&Ms&gabkg7FUJ`N+DvIrqc(iACd7(Z7`mEYTmkn5-)X*u
z2E&^f^=(MVDt@$`ncQFVs^_Qu$vNtFA_33;ba5fmjXI7KCHn@oo3(ux`^6tBy0K-G
zYk<?w#3xtEy8HRV%nxd5$Nr7iHVsfz=ITzfxv_k2-j;dfbG-Z1+VyPs6ZGqv>(L*3
z{hvOb?Y~YXQZOgllM=3rofcPjIIzs-HRGH^*{QD6XpggTs7Q0?nh5N4ncsx^=H%EX
z*M-|Vp==UsmNOd%;}uyp59%PEp+v}=e53t9W_gyeIItqg6rXcOe&yV(+T)`cEV5u}
zZM>Ma_1H9O*5jpye$EmdC|X*zMY{Om$!UY5?l-OF!$a){7wU{^O&fyEAtJU=MQ7?^
zcT|lywQN9sik81)k6glh5=A{kH=?l|;Hak<d514p`H>Uzup(>df+sP?j%3~4C29C+
zZ1L=%c)vysaMWngHKFWBS%iI_nHhYR?J>lN&JDnB5N>gfR2YOiN4xF*_(bRK!<X7M
zksCQ_WxV#t%q?j+wKA3lrzx2vVGBo{Xz;LU`X~-}uW959d3LC?1{6%DZo(#7EK~SI
zhS^7(AD41`)@#jtD`Mu-HKGnAA&~ft$8l-qHRoMT#YKMr8&W>`@x@eSYMcAX`15vj
zPyoSB^!r2&50bg^H!I1g8Adaz*+G#*r~Uf7uw8YGpBeu+qghSV>*nn`IlEatWtWV0
z<SPyxt&j?+O3u4|60f_<GAcK}`tNa5Rp~QloBPK2L7pS4#eJC)a!Jl`v#xmx?H*6|
z=-_N?IluK>g&vk1VLFThRCM0PBKiilSC-)y9?@(Y<S!Nj8@FmprM~Q!#TrD(A6{D_
zftpb^TFqR;^@4mpKh5W}$@xdENTyp3YmCQ9ddO;3lYzULvlj7GkP$%~!>8zL&Ak_!
zl#jKFzl%(4({-jKl-V|NLWmUacHWpqG~T7v{2=&TOS(#OkPa+8;hyL?bwN#>XJYI%
z(3lX-Cjv*?s(Fr_P;X8fR-jfzqAtjw6d^Q6E=6Kb;_l4h`*4i!4^Cd(%dtCWKk4~r
zokkA3qnN3Q?eq4(@pNO5-8~8`u*t5E`O%>DGRtcsta+#Cds@{3nBJSn7uUN|%i>Qd
zGwC4eCa}*SGL_3}M>Q4&;mWF!Du8o!I@UhQYDeS{u19<QHy*>U`KMSoG-8)Ni})D-
zHIv5`m%|W1nMfVz@`!M{0nxI5q)l(Z_nqb`e^59V>U+nHXH$Q+M|49;Gsr!HX8~1E
z;xt$KH6W352xL%I#ahF{kUHj5@cJ9=rx<j=s9<jT#JamE@2K~)+HXONOy)0QGRgMr
zIbbQV>iTt3(P89c85D)U*H6ARC(u;r)~2-OM47(}YJ(KCL-Za7z`2Wq6U*i-plmo3
zl9g>dRF(sm5(8CP)wMb2Sc`to*pHiM4Yvg<Lv4!~x?R)Q<rAnphP%>7IzpK7n|KV|
zrf3huCNbwu;1oRD>HxCt={Iu&Xs9cMN>|^|T{ufu$4@j4wye~f{CXUTS!erP?Tx`X
zI8tc1v}~za3cSe3m<uhl0e)^3*;nW+eQG=hS5Go+I;5X)WsY7xp2h8`*=M0{%5}X~
z!YC!)eNh(w`bI1<)?I4WcS{@8DRmekJ7hZ+epGo&tvNKBG2+gy?6k<JQ7g{gpk_Hw
zMA|b(KIn$bAoe8?*)W*G$7t-rd_LOR{Q}t&-?0{-V)zz*I`b&Px{@};#46oqDtT(1
z34ylw6$gqjPvPJgu+U{NCxb~V>_dGh)_3lr{9aq+AS1Kg4Mf{F(+W}2Nxqv~z`Xac
zpv`O{*1@rqlPO|0p>-TQ(-U}l0mA9qu$#N~Xz5uid}$4%<TzGMW*9vdnpGoIbkJPv
z2d5>4;^E=>8KtvH091Xrs@ysJiDAlU%H@wNimi^!>azF`o^6t-Y__!~6Ay1%-L5EO
zP<<f809?)eDshZcPd}+r!;}*o%c;lufwtxV$c8}A0+h?Mc|hPsn*S+7;-5qubvyr*
zv8;XCU4C2gOD)#RcIl5MdM2&j#r+PW_m6z$KifZ@|G8KE9}19vmSX*rVB70q_1z_m
zcrZ|^+sqf(8ZL^=YKG0{(P_&jw%R?LWcjrdwnV2q4)Ppk6zkyow$i)(hAlI#?pbQq
zjuM8l`}w?}9f_{g7{mSD7H5r`f@+~z_3{pN>ESGw7Y`v1S7uRm*iSWPuvi(&T}a!5
z<c470w3f}`cNUi%`)ev4sY~rP?b~1BwR!#tBIM+nxwSuR?5P+STbVQH-CMc7aCrk6
z8|v>jZcEW`^ys+zT)1O&hej`|XKQCH(4$^|<7HghqFVpPYson@yM57r2*uQ~)0$6d
zdJ{Aq?{08@ElZQ44CfgZd4HBj;-9&F4FHWf+pqr>+55)-_^)3d-Xnh>Rdja;5bgar
z2tVGfxpG^vr)TY(PSa^Mw;V{DqIsLr8DU(`tf2L0*FY_+_9I72I#8P+MLdZT$iz&<
zdC35@NWC8x^)OTP$!!mN@=k$q_4xB7AE#+kK;Xd%&fh|-6KxwzuBQ$Ff>y-;GaDJ_
zzcgwC{7W$q)!Dl#+2>D`?XgnzekZ;&kV}m?|E}5+HcpX)-`}#Y?T%k#L%1#sR;S@)
zl!Nezb3}`8)PD$k0CaCgejOG_?KM3W_2AX;Y<9)%@vV4JU@uoh9Xmgi#r;05%NGSm
z3mkk;5YTpYTGlXFuex>pa;YPVuo(h^+Cw87v_=5t0@Qr35rb-(l)}y?Dv@6?T*Tnf
zxx*`4sr-NdiGbG1s;EX$#H+o(48L8kM0JKyIe-+r;e2*BKz2FOt}owDoxE7;a_|KW
z%FF%{N`+Klhj4iikr`<QiMvqh9in_l(eB@6ER{J?|FmB9VW%pD=A2*e=g4&lbL=4Z
z%xSuvF^A65#>Num70zBIVC`a&E<CZ%Nx!b;HkhO#Et^mdl;c*N(cCVXTBh!MUb@-C
z<vNUfQ`6Rx>3aQ>O;?YUJMG$8Gi}tv#o}U&chs?Mf2T*JXo&k@%;#$D5%F98?3E@Q
zTrW7B`p1FIT8(Db7#g}wxPRwq5F0B1wQIE?XuVsi(-J>kEua(qg)IG6#x*bA+hnTN
zu&qtj8WVBzHOWWB5+)K!zR=zU10+D1?K}CoD@M~6b^@iXP|{TJiWTBlgI`$bE67a&
z<K_{_p8c*;_=f|Ad9@TS^fSJayyIyC+zI_4*T{kPo-K1i3Fkk$re<P!UA7Z&O1kHm
zSnxJ-fG6QYBVF`cQ(__xP3Eq|BD3&0;$D+B$pq_Pa=tNVb}RE9-l7H>Q1@nfq62j0
zF*zC4s>sMs$yHJDx?_FRz2ohH{_&wrJ43d$O%H!`>)Of)#O`%_7%HBPBgKsKXeE4f
z=jtTj#<vRkwR^zM*+17(#vn*_^qa%Y_vfn#8jV}8J)TspGfEzKv1+(eXzER}-lqbl
z^;1$K378)s8uUBe(CodtOF=>X-w9&0Eb@I|RRVNo^zfxt3bNjI)q`<o>v%j?*7jyC
zU4tr&?DodHEn~X*sYQv)Oo1mx)BthL6s*D)#-<?_&*O)hK7<Szz$&yBL(2e{>Cd*O
zYuKV*iMoI%zxBX({F*G1S=vfjqGADf07TytX(J~GsedjX1eaEh7uIMRWFV8$|GPab
z&t2kE4XO?rAI&G3+yQ^>Ov#OHJnqN0#qwN_C))u50-58>E#1wkK1j*1bTqs~`yxY>
zCbbdq_;{M98GngwDN}DLkIVh>UL~C`js7?ggvKLp4I^TT%p?PWi{4tp`{1|BP0n-m
z(i$FjaLBLV+6@?Uj{%HKL<Etze`k<cXs&#Kzi7ntqj8*3_GtVS=qO3f-S-)w2kU+`
z#99Xa9%z(_ayXeQcLSr2=Ny_gA5(GucMDXg?<S4L<^$`#l&w}<0wXCqHMp_53dB;r
zU{l-jNN`Yh)!zA-#d5@nMm*7y8cX*p%yvQssS+Pr<vlTdR@5@Cl5CsCXeNBBu(YCW
zodfxR1CPN|*ZTo?TNwCXw!78;FYv6ys=K~;e?wo*;+kM2#YmB{aCFX1adOe#2=&m2
zcf36oiOM5Ik|e(2G}`9QFC^(W)a5!)>YH|g@A700Rp979yy9eODc|g2XS>JLk+K`6
zff%nTVoIY@4KyrerP5h(hel4lHWkcLLyJ2mTYj+5VL-H~!{A*5leMJ}=Q1DGP*wmP
zW_?P0atvi@zdTUgbbt116!ms$lVHC(R;$1>Dc;(BjD{xVu(tdlOfA52zPo6jmxNlP
z`ql0cs;8Oby8gYS<5r#U9rPEPOK^?z(#T|EgY2~Q1w8(o?YKwhg*w0iwA5@JcxoMW
zP3GbtZR@a}H!fL!q$6x;R8K|dd_d-wZ81)iMDb>1=((c^Uj#%COt)4njn_?@FB()(
zL)xz<UT2UykZL!T8?4dz06U(^z`v$Z(tHj^%(}2XT$Wd}>@FqqZnmQ5Z`kmCz9<Rp
z46hp+=2_~05KUH^)sS|cW4avbAJNl2JT1Yll+^J-BtxmT81j1T=vIW^W4wM!B8$51
zAms+ov=u+wM<{oItVp>-3L*#$PJ%20KHXcy-I`|=fA>%O<!ACEXr+CMIitN!wq0Q2
z?UHr@ADj~mCO43)wzG^gy~wlLiCNF}*5!Ra&#*ZjiGEfe_PKGMOC4Wb_l$|Qa#c*?
zYLlQsXEVd9b0<UpoY{us!h>BTI%h`=GdK7w-d4h|xeW-^)zy7iO%fkmUthc3dBQpQ
z-R$g-;qv-JY~qe!?Tt{McWx(t3E{g+EqQNV4xY=ddwO>WZt=jVDm;#|GVTz)=kwpP
zb;>D6z7&!1qB%J8m<4iEMX<nR?v@f3=RkT$0L{1@(o!xhlJd&r+<c>pEh`b89uQ5<
zqPLXH(9V-4gyV)}!<Z_Yitq90bs*F^y$<Ikt@vdD<AEkC@o?Yt)f0gNt3z@Y%@JF@
zTFuF}*lK?C>vSLp!k^~<Yc33{Am@@+&37X*QjTLiS~Ga=qX7%&qQdaqU}sNeYQk1s
z0#*T-9n~l{9?oF$2}9O~QV!r#4yVHK;w!bx_#J|9on&gI=ZnUZLwO;F?JW(V?bD}^
zIpQwlYJ9=E-#mS0BAPZnhZ5~zZW%0xn*g@(Z7j+1!Opdc!cpwWFaXO3F-2DbcmyJ%
z2Dq7!!28P1i||-7A2@!a!zVv?>Cy)G6RNGpP1rRbtCbJp=i_=fXvWM8Eq<BqpZR;m
z$Wc=whkG<{P6|G}F{8Miq>!FC&XXK~fA8Mq9(`RiZ3w)!M9~L3>QoW|m_fG>iz`KY
zIf6VHhv77b7(Ty<<KnAbt^}gyW8JlQR*X^_mBg<>RTF(ap_ZssaEu#CN92RGW+(_(
zV3jE)bMh<0a@B-?4QdPEMY4uhfe?jHbxefss+vfj$H?wZ!#Ol;)+gWB=cH0MKe@fN
z9iHgwUi!$?1VlNZqTS(n?}oCL>9}gZYTY3l2It~9Z`t^j+ucKgrW<32oH&FX(nMKf
z$i9Pf!Vc(lA^Uy+o|VnYH~NcJEyTb|m#1U0(Z9gsyw7=QWdF=K35}BNNF13y8PT*y
zj3;?yr@V1_L@!Si{G@Uap;z%BDY9f#CprUS-Z4vk@gA6Kqju+UReM{hmQ0IdAW#y(
z2T*4Xetl%vS%_E4wi@j=36+A@Tl?Ey+t%`^Q?K|0PDl2T=lkZCz+cHa5E0J<cg4Oc
zP%7vb;+a7w?+z(>I(I$Y0=c{Q=p|aVvCqSJ!J1Lq&$(+eD9cL47Pgt4%@Blg5>(Y%
zK~6gcCuCN}c`u_gYV4Vy0I2l~Qne#^?ZUnMl&wzP)*@nE{Exyw?G8WUwgn*0ajDD8
zm=eiZdS{LK&)Vt#vs3sqB);4xn`tKY96~J}H`<K3NT7>YTx*l_F<zjLi$D^=c3T!(
zDiG?IsvzWg8#>);_AR6-1bDVE&3mxNd7t7KuId54y6>!R{*i{XN^M%=ie;mkom@5{
zPyc(;)emJ<*9PVfxxKi^Un#4#?&tC8$$W!WTYQ+t(Wd5co^Bp(Hc*{r8wzV?TX-ji
z3q=*{7Sqk<bB)!^rjCAd_K<j<2h(KWBr7ehf4I6qByzpmng*HX`I)FHa~|32w&eni
zj#;9~hw^_H@o_o42p{pkY|13-KT!v#P}YK?LqT0$Go6iXi`iP6Pm*3hE^0{4&#Ah7
zU)1nBt!)bt2$4r;(Z~c)7XF|_K(OecyYG@!km`o-v-R9u>xCeqqxT6-7YXLY7OQQF
zpjX1KuMrnIkD!XkY3%>Q-Frth)v)cJRumAFNReIx1PBPyi%N&kL+C~6H9#n#DJs%C
zA@m|G^bQH3h)VChhaw%R0s<o9GkL!AojLDwrkr=y{PE42KeKjrU3=}l@B6;4-^J|1
z$OzJVZHms8Z?WLoiarjhw~g_5!yC}yPUJ$LyG3R?-AnFEzul>(;he!DfT7Cb`<3SP
znPgHMJvUJJN2qh+$1vZ#;#KpDUK5XM5b1(^@1b8De^(HbR;#hS3_z2%(%Ecx15>wF
z0;l7s8;5PXR=mp}&)d00I57G2P+<C-QFOP{`!DZqhxR4&X@x0j*7O5ljkH)DQV29b
zU61V=saVeU;pNoTrZ#t*7AuMCE+5xLglejX`XfqQoO+MO8Neqk5DRkn%i!VRw};X*
zUj2$oM_sI^g6F@;rx>N?B#wf(0$gYUf%nf!->_RX9>sIC$P;6V%uQEfW|8nE&qS8_
zwOECD6vhjk8A-8yod>~iy%PM}ruSf)_Bhjs*3U+ye=lrR!ZRL@=q-QkhA9+f*6Pfy
z)ULcsIs?T3IZJQU5aQ^%7=JKja@2YBi<P>qrX5I8PDvpztUaQ|W^7vr?7D;tTxF|<
z=E=moCKLeDKR%ZHOnvhOUmRoWhn+?Y9A8qLaa4`(+s%0pPHa4(-y?MUnc<Hupl_e6
zlRbwl8m{Tr{wXG&$uEb8f8zf>5&UH?S0Iz2)&54i&f_BWkn(CfxfnGTfz;NG`ZpKS
zyFbfoz1MtJd-0V^_@4G&@@(cO97V9(4KH3|Ae6a$s}gJ&a&|?%d}^O<=gMvkZZDCw
z@Rs*;tVm$9CPpL4*?!hdw^0>bXH&LH4#rguC=xsKnQElBXbgoSzw<=hn}6(=I>;r#
z$?!hftPtd7EpT6AokL^SHSdkt-nK?5BUEinMxpz&UUS>T&rc7U8~{^GJ(sXg2|v(F
z;+B;q^-YMi`{dRI><~If{ZZO?2ncRpxDS72%=~S_zWIRlZb^AOI%M}5fMG>$IqJ9M
zdz4ztV3@T!wiJUeHlLj!g;dEq`#UJ0Z=vLG`9+<K<F9w|P9rN%;QorEhj=Dgh)-LW
zcz4_&u24%qw$C%r4gI)5!!@*v&lp?|;|=>k;F&wQ_ac^dA%8J^(NjZd&stoL!`3Nb
ze4QsFrI>vD=0O7{H?LjYiQlk9Za6<q{PaWD&+q}s<h?gojSKQ-;xmMYM;lND@|d)R
zxMzV$rnlhW{YAX+7Nz~7^lnjxPu1O4$4}ay#G<~eo|CUze%NO!cQHJzf?iO98_ya9
zWk$f=SqeXxr^IW#L2TBEk`h_iE>Qc9$eg%|)VSB9<CTFrtg8YP4Z6O%#@FNpePGNh
zKU?&JsgnyG`y_Z)bb(_zRdB`5{vP4LCa`sfHkAI}C$O_s7wFcvax-a`g3oV#s1bGF
zo<$$sPeFhJKI}vPDD=f21@a7VYd2ai7_4A64QgLC4Vvx8sd@5YIbBMXJJHP0y!?ip
z`(F$zo;@BebkM7f$?*xZHAzXYAH~!5<l_l3ax~WfO_ZTrk$k5&%T!Ij_|b)J8OJFM
zHETcdtG6~JP`#sNJ~P0%)UZ%u2V&imsZ$ri9;Axxn+n0|o-?l(yLNwyB|Q7p=y%0O
z&^;vOSKn!D<KDc(YQ$&?<L8yc!~FGweRa_(h$!bFo}>e@3~2JW)aw5q^;2QBrf#_1
z>^~Omd+Rts-&^V-{VDkzBAg;~jyJro;R(@W(iG-Aof+w6f5dFxJGa_B%(pO0*`MEz
z^fcAZ=<-mC8+F~*fu<z1H8aynJLQR!VZ<CSmj~y&<;qHn-_$ctpBftOjQ_z_x5EA*
znnEY@i9Q<9%49D&TEi7v`cH+hH*h&)K&rXdZm2({p-F#GA^o#3K^_NTi~j>Hr+o4o
ztJD5Rh2fb$%cQ~m2Q}+kTcO=&@pd;xwocqPq*`jcnq>Dck*~d48j**V89rsnnf>}9
zQY6AMLJdno?u5#--kIX-T?Zwo{bu>GQrB+S%ga4x(#?j@+-vG=H=M%`$?@$~lI1ax
z&a+lo<#o|S+NRqHUFIe06YN>l3!bb%2hOCynWFu`<e8Q8TOv73{<7T`!z?-}TRSU5
zp8zKc8w3FSi*PU<r3lKV2aMa9gssI@I%_DZGO@E;I%HztesA<KSpIF7lps-$opU$k
zX|YXP#{(0V-ia-8&0ax&ECwy8DyXPttj5NCcM_wfdz)WfPQ#bQ&)v7Rzt)UvUBoh&
zQDoVLwz-T6x-MP>6ztzy2%DN)wzK0i*4+eh-Dbw39n1w+RS+GP3`#gF&wXDViSj!G
zY{QxN<Q}r7g=OMpX$OWySFXC-N6}yi$atHYI&nF^V-IzQ7N71F7*0PKVmo8SJ%W6P
zZWxNM&%E{MO*8n9hstSq+H09)Du-QLW&kQxLVM(?%nTJ)kmS9?anuUUS;rI3cL^h!
z##-{PUHfVmI5m8l%6P+Y*3IoNUJF%#z$pp2SfILg;R6|yJ52c3(QDH&`R9AtX>@ZI
zVJw3xdnZ@9%?ujaH4Apq?UO5{5DNv!NI|7_TJg=3S1%Z~s%5%71umNWQbY&b+nb*^
zF78dhs{rh({>3&D*kTr;hHYIv&}%{I&B~i{L0ClfeDy=@!gtvMftHRT4om7eys3=0
z223NLOJt$Z2$*7#U{lCr81)4jI55*zP^^6+Tir!bYNlxVCWc8iHWeG(+t$3eG9|tY
z*5wM*J)RZHmx({V0Qc&H1W9OXzG;W>D1d^G-iI@3L_1`@UoUAE4#EnayPFbWlK~7C
z_ewiHlFllIaOIf_F#G5znkesvy;A&;v$$V-r21+oXr$7A`2&r}V>f=`%EU+J5{#Q(
z(Hq<HY<XlZDQB3^P^cBrh9=y3KxHc)YJmue7Nultk0YpMeGxv?P_iUkyH-E?k-q1m
zz_1@9^l?0EQ7&^?7|TE3Q}WGV>fa42YZ*4L2KCK0a5DKIi`is=1D~86*-J?gq)OJ)
zt?jU6aNy_po3;;2X{v32M1qR|d7C`2Wp&e9r^BGxEQXL!8dE(SgDC_HaTQ*vft<|(
z&BvbO)EOSQRF$8>ga??XB)O8!4+Nhp_s?wIz1(;5BMNb{7YBS3sPh$VllNrACiU&2
zQ}|$Jsr>z(NbubrW{c8Z%0AD-dDFYj3g!xWkFeE`lYttR-^Jg~-P%$1_}sD%Fl!UE
z=lU&XhQSXtk)`$j-tIS57(a&SOa`Z58nHvv<hF@<Bq?;<r3N$Zb5LOogKw<>jnv4Z
zCGNS<c1h1`{@oK?rK?qD+1dOE2P>HiB~EDJ?oy&>D;D*op*BwXv`R@zsINH^45WIY
zFi-K=lqaoj)o>>mMW)}!u0+FQ5c)UFrfw@RRphLzgFfIU?S)ll;0}5sc(cz6n~FlC
zOs{w0r)NYBD`}jt>fDV99ET|$fBN{YI!q4C3$^OCQ?1;75QNNfG;vI($-rVjxRNz$
z6_rfg%)ooyDp0dzE3GM@?5g}}r+a$r`8BMi9`{vDEv42php7kBaN`a+Lq)L_ABDg^
zB=XvgTnQfY37(al7anV9dR=gdCAnX!d!Nt<GOU|`!8Yo)YuFy@`B=Jo@N!`|=80)|
zTHbh2I}6BTH`;_^4csTtIH24?hf|i2#M!k6z3!7BM~6>0l-YFgk(ijqeGc^^XjolO
z1{%$V4ZydoTeQz=TcP=$#&hN+6pi7QmEui#>!m$a$R3`CqJV?v@TPkY3MQ1@*&G9l
zEkB@EH{5K6Z97{{sa|T3YvL&hOy-R_GPqKJ(%Z06G3`<Tf$aN!&Z0eTb)6rBz)o;7
z)8R-pt`A)%&+bZ^rCUj)8%1Nz!1)8*Ap58EPDvc_=9`%)#fU`S!&_X`VYALMY+zGd
zL4NoabB$S?&67u{3f@ga7n`KP0k$BSz(Scv`J&Z}<cbdH%CF3XaSQV2K(W^m`>x9z
zg8P9C+7bzK$9n-Y$!ilb7G<ZT(INCqSc##y<D0S7&Yz(^kauIxsj77;)Mik%ad!|L
z^D&fSBiA>VDv_=9X><48B3{Re!NH6bVE@+Ta`yWL=hEhi9}85e0og8rYbju#p`WVB
z)`n^-w!4)d5$P{wQ=&tayqEG5axzZ2V8dB3lnw_c_q5|jBjtfbOgZ5ZAt^&^SkuVi
z$)lWKvrh25o;$0MY**HkF8>*huh=Du&DC*9WmcZgYxV#)D&a>}@=oCepKQX$ZN)nd
z#M>2kxSe=SAi>%CrRp;3sP3Qq9zDl@0Cpz6lwa){%LN&T?Yy4^kHtiWo%ik=LuPfb
zaC3-1z#GB1$nZnw)#Ql>_N=Xq)9Je$#fxZDGli7;d?+c;kpX|K->_EN_i|wO<BRB6
zU%UcX70RLk@o>8hzeAl2yxn<QqDh_2eKJ_Af{*p4ps;{pcT#&+%I-`16GSTK!;jBi
zzQkSP&eG$B!(Nu+!Q$Z$wtRTfn0(x?89K9Tix|0m=___&iLc$nZ)&*LSX6kirjqkC
z7JYL`NOLDyj42vjHN;R~8v`M30f)+@6G(F3E#a2-C43L4;7J(?`$a}p86hkc&ju7*
zu|aZixa!_K%b+hc<^zC_9`YBjnDBBk)L+uO4`<Rwh(jYUkltzm3R4ELMBuXEr@ZWZ
zI(}$(zVcL3NjtZdLx5x`H!C@tDMQ;Lk?|4qo`D?xk;Y>sPfrJItpH<n+CZ1q%>8Jj
z;fJIv@SVLeBGWn$BifNe@I-mu|C!Jp{U56Pe@Xxssxtq&wzBZ%N^WF~%OLN(;je4d
zZz8D#V_I1IQhq^`_v3i~+t%p+)rM|b`Ooof!{2R>|2h8mAE9T&crl_D5sD_U>Wp9G
zq5fm@F(?sUCB43?dXyCPMtJFy8g7Q!3wU0?|ANabIp~n$C+qLz+aL(jI}4X&+@gOY
zq`~5=O7;ye{#ZVN6x6OzT?4ujoA(@}4pqO+^+29&#vV<g-uc%xP#oR&R36+{Vgo?u
z(~y(fMICs4jtW7qDsWr2bi4o;yD;ghvWk71k4{LY@@7)$Vp;`A+5q+`4KBpbt3>ka
zpNiy!jZ^pPNX5C!$#jO4@=>52lbY0l*Y%8;?1|=ZX2f1!iCM*W1piQ-QjRl8pU@x<
zKQ8WqKTz_G%Y7j3sK#~ExNm(c4sk-)n@j8$WZKl43W+<>i5Ja7$7jSYoeBPT%_m#U
z)FOy;MDicVJkzO)XcLh`r`3maPuVRcJ^qOKHEK6}w%&|{#@H~pI+zo!ny85Z58ruX
z_D=BtmpqcfN+}%un^v8k3L>d`!v_mU|8A}0^o@$L*>TrNPycm*@7rD2x0HpVsh-IV
zy_(C=;Xc3ae3PsX041gTn|lKZJLq4`{*=_zt=Z&i9y^q|-ZPS4c}Pww#4n?j2fIyo
zYBF7af_0Jv`@x<XyJ~uI5fzbDcaWG3WHK?Jn<15Ex~P|!GF(^+F(CW9=~a5p=u7Qz
z<kl|fm9{!9cF%KvNTStEd6E~I#)u1ZP$pEBOjvl&S2K6O+wq9%HRQ;j%B5!z+=NPt
z(GatxvQd}lRn&*0!Syq#4W0A#6{9mJ#8r!qO%Cj@YeCvHZ|qZ93D~mn=9m2+<NWon
zE+h@EGR)t&&8UpUT&PP>b<W|BI?O`6_#i2JStPG8nB(Jtq1#126CMyS-J?qxxDa3+
zOc#cfe%Jn?wzt05izV!basIv!yi;0T50!pc1nKd&n0m^ryZbe7>}f>7x2m3BjJi5Q
zMJKpPUw$X>ui`HPIlg1m@&7!aF}%%Fs75N>pd+41ESepFE&)GzJ7NV`UT-GX&Rr&b
zeLa8oT?0A+m$2C^4y}yK^_19iT@toG7+ng|KX+inR@NyHS@1;K{0l$l9EBG;!OfL&
zPy6^X9J*e0Q%UIUEf;_RLFH>L(NhA`PXE*18~$;rOe^^|OG9mpQ_=i%F?j?bCQ0)j
zO>|09J_>jj&#`nllr;3+U)S6yv(R<bFAP}P@?QR9bt7|UZP}|eUgrUdZo8gl_Lj0q
z%6Rp?#L48i;$om?@zfMgam6e@vyAJ1&$eI=@`1l7piKGr=sfV*x7znd9A7qWj8Gn@
zdRg*(Z~GR{F(75+2==JkV)x7=p&M}mb6+;K7oBr)`4~3eXE>Tkh`%G-_WhNq?ZP3C
zrC9qUfh#d)eZNd|hJL-=*}6tY<Sugn*zsDnhPKhKK;5|y-=ALop5y<6DyRL=ii_;;
zip$5zI5c}V^jv&3$jGB@X~w^u*h93gf8vMg<mx%mbeN}9gm+@uT6Yim10zhnL)12Y
zbiG^_p^vdL-epo7s50E^9t*ZSgzBL*HCAC4!+EEomu{Hep<V?TIT%Fob_4-BblF%_
zba`{LXv>BmTFs=C-06BQ+*!-0JiV1j*x%n8eEeeM0Kc70dwY|>z<)5%$nFL~przNY
z;Zf9N(=ek_qiU8$tl;EEnL;6ZaY5PvDBUe@var|*<j*CU>=+>MAU7cRzG)@o)nZj&
z3@&bwzehqtbby32aR~R~XC^Wshfk?Hkt*ibPN^WF#r36iP1D1KFmx^~$3d8k`2Dx7
z^=f_taYvF#v<KcOvoX~}lSz*(kMl?NY$z+4p^<AU*&<}-0ZM6=lJqj?7~4{-u3#pM
zi|EY{Q`MbuUL|MB{KG%(lEhmsp4*EsJG%~ui+N*}Ala*88|W`A4iT%FZVMrgCIIFL
z2>)w!=p>egLe=6b6H}*P2a1j{x<yAlnIDc)Bqt>US%x<&z)<p|+w!N=pbq=4q^3EH
zckKT%6s`Le^{`f@zVSoD{z7hHgzS`P@~u)Uh8-vwige;R>`qmwwRV7!$^UAXGxQ%#
zLU>a-ks%y9`s&e~IdNtii#O%5F8NWXjNZhsR4pfa%6<N~|L?=&Fz<-xl^jsdvCOj9
z(!lj4#e`}-b(A461Db*pvY=@#WtV0-(w(qS_7Z$WvL)u~=|Y-z>Ed6qgJ7Rwlvgty
z&-MYSn_g#gl;C+mrExPSdB%Fp9lcj%qaAmWU`_#1bi+Wb>_{!A-Ub#sqbe!Gm2ZAk
zR#-Q=RU6m-(ON>*XMHf;UBlDu34}wA<{Jg3oe&%9hR_0;CvI1^&vM<+f*8>Wz$%vh
zp9F2a|DMFT3V%;`Hs=4kPAqRg7B9luC%D^&_5ax0Tr<?vt2;Peq?_=<Nu56`nJ#1U
zT5!WgEEp4b<?z*Dc(|tqWa;oGs?~1bC|WVW4fo3O)Oq!ZG3M(t$E|!dSuBs?Y)(Ui
zsIN2Oeltu}Id>-`?TzfJws6<(F;feH$EJg=M*y|b*0C|#RI3}jt~fkL5Asp>$juwN
zL`!fH!Nx)n1l3#+><@U;_ukFxc-!f;BZ~~e=t_^sITD$b1S<LFzh4NLu=~3DnGKz1
zp&HRE8JdC6;astocZ^In*_X)V4s`4kq%(7+hf9ddrceI>A=-hM+5WrP174~rm1aI5
zQ)*~~A@#zZMsmFBcrz`zceHZUqEqVQfgoxXn-;dxDKEp2Tgf{oane4V7Uqbq(?hVT
z0ju;nJ<p^3udn>F5ySh(2Js7v;f|V&f!|ppwqCwH7XLJF&g-t4T&5u522G*KyL(p=
zKKFRTW<s=DdI`VWO%9(MW+GIi1a=!v>+$tEe8GiuA;K#4+(5jM++RngAl$&)a@Ai_
z4FRg&ZjyGx=K-CrjWHRcQ)P$Z%PdMi!D>ojYijy0@$(kMbO&~&x4CL;H}&}3NX4m>
zdebp5KWv8P$|0qDQ*4`nKcKQUI87;;x+aynA&=iXF0Uc^wvZO(WO>O^#gY;2&jJ>v
z1$gKx%2NjUhMWSq2|lK}K5Z)>FVL&$HcA{QY7z;%vZ0`YCGCS%(S_tuPYq5a#{P+$
zNmpaEA2aGa5IY#{QE#Ey&>qgmec_sNUzDrg%&smKaMML$GMHL1d-b+{IFr??p-(EI
z;;_Fnzr9~LdgE+*0(n6R!L|TiIaWyUo3K3<eXaaCp^sl7fee|<XTUu*Gu?L6$&tvt
zWMo`reXzJveTSiTu&&W}Xsc@RDSTMAX-Fi*jAuZQoeafn8nwzU4c_pDRTXYKUq1vb
z3=P;*p$HYDtnWSFMSVhbDP6}sY>ae@%SJ6^%!eEB=G~3?75AC8@OE&fmxx<$Y(s!`
za{BjzhVEg>N(YPSZ-Sx%IU@ODPgj4p4HBl)guoPZDftAu8D?Dt@8^8FYAiHMt8p*T
z#%_{v!r`ABLJ<Rk)z7us4{7>@^YcoeK>i(Y^LUnN%hS;uYwz0-B8aT0XTI)N|N1h2
z>W)!*We)UWW99MTo>JGEX?pkf%gF)HbpJWeg;sOhP9Nc%`#_L_|6P5hhPt{M%FK7P
zPg#yqqv>N;_mS!EJEJ3T?lFp}w&8H&pj*jxA(iSGYt_leS^VlTUz|*N4C0Pj@_?m`
zPMKK#n>JDAL<K{8ozxTICi<s-lTye_yLu+Xx=5(Jc_{^NZ&OX^9z>q9bUG}O(;8j)
zZKlI7sq=u#K8vjnZbFeVVl`Mpe{t_pCZ)&Dd55*Z9b&18=BjorzNs;*aNVO+@PLss
z{gukR94Vx|_Njz@V@&MbCgGO`Ri~^VBmp4mn<TPSF1y}!HHnojY-L(3!{t>$&kA-j
z4(O`Lm!JHuzgA~&@`G?=-B!FrLM4A5e5k7Q)C+`wgWTFy0u^#^1e<-ATfzd0zE<@?
zbrjAay+2F4Dhh56ezi*3rkz>eII^yd25n{;?!HY6D+)iWaEIfM=}~~}GTwNe(ouNs
z#vkb1Rq*9&>j_uvP=lbLN+$K3`0#MtoRhymbEuP)ySjq;CcE>x3PT|^=y|ZcsGYzV
zr4vgA#^3N;7t>$YM81e@ij-&hNyutjRIN}VMfV8CAc>~wEx<Ow&|D$(V-Fd1ek=<q
z6lO+l*wJ-+AhPr6gZ^;uCY5~?^MO}Ik8)1*HdGCwHjfksG4hRXkuv=1rZ8xsGfGT4
zn}_Mc3s1a$TUgS+XmbDSl($6EDu0vq^%#3kE3LMkEL$^zf5|}y5!BGYK0b#4>Mh9Y
z0*i*DX2xjl@AC)0;RpWSYrf*HhE+iGAnwk3T4$Wd4<H-IFZ#u%5Pqe?ag$|W5V&nx
z?={9lXT$bWcIu15iFu=2e+)G)=6rr>S(X}{IJ30><oJ`)^JnQzh9!{hUzW=KkCmo~
zjLN_N$o|ds&HmN}X7&Gii#p<YdqTl1|DW36WSmrotSU{*#jo+MA^i{s4&Yp4WD-&Y
z%T9#VU6zwhX^E>}W7*y{%z#zMJ!&c8KjWz1ko8f+LmKA&#TrgtP(h&e3>*cB^FtJy
z^rj+3T3yIoEG{epB%B27>^3>%Z!NkBk$VLT;28rL{5xJP>eph2SND!I(vtem<F;M{
zKPlmhGyCU7tP9+#m+3#)yG>A}u6`2JTBKdM{+}>5Kj*3dV`8BKws_hnVsQUe{BYCS
za3I@>FUNYLjQCZX=T#58+y|`=WM<PZ$LghD-zGfuCj_h0I=D8^Dhsh%zpBIj+*dmB
z=hlRx%hSmIh#|4&?ovt`uQB*|f?!0f*m@q@fL~|aSMLNdF7Y+TDbsAmo1e*QU}91G
zKKO;hBSG3!4q;b3hbRv^^g1|+K9xK-G4Fa0lS=8N^BfD?<PbCmao$$>*ENfxX<^q%
z$n>S~GIpo(Du6JxeL(ZC2(u#RfAP*+b-zg|{rRG|L-mkzK5DR)judZu^u+0>Pn@>0
zyK6n*;PhkiP~05ZZE&0Z;PWvE!;L$Bzqt!6zW#NMl(k_&;QseUD$f~Y3eN(&VBe!!
zK{e^{Y}W#pxSNyU=h?4)Oj{A-V#P5J{fzbyZuR$>J@>cVrUCO?xpcCN1G8!-aZ;D(
z0dnHMb{KTfBzoe#Qv(lI_RDNPyu|(9*c6nynaHRJ09=@nBJlAvV5Y=8kecCI)sXas
z9a*~BrjL03i|XI3E8Iq8Gw^;tvxp@Q<9S%1d0;3?H0*0bWuBT9zdQxkF=3MDIg;lq
z4M$fae>4bJU@4$EKj#6&m()uq=S#{lk^_*z4=0dAV!Msn$%%u<k;9c~`^_6qLXqJI
zP(-?a1zy+Fmsu(B$=#Rd7M_fDeJ(;J?5L2&Qy}2jhlVHaLSf+J=G{iM4jbX<k>06j
zg1e>#diP*(?}m+Y0AJd3CroZBDb&K_aGvbBVeYp{TtHyNd}Jw;(IZ|n2PQ09Fu<)$
zJ!~l|Bl$MBI)jfl2*f_3p-cIZkB)QY4yo5|nvGV$PIqS!^E9pQJ_dCWCPhcYav9tC
zWSFVCQ6xp~!+e$Wjvzhy*X8&6>jsHguKPDxd)HR?JUtsNBbxY$x#U5x@Rto7-SYle
zI&r+(;^HkXzJX^^>CraSJ+8C%&%6eXBa#jrBbFea#Gc&XnAbqvTJMA|-0F`2-11Nl
zta=B8&6d(#sn16XD866dqNg@*^=PCz*<<UC^*-TpoBnKfo#K{UeE^aj1o4&|O(1y-
z`{C-#8WNr4v4=c+==a*w4dl!R;FfIwVkN)d+==2<0Kh8MAyC<C70vD}RbwLOdrn{I
zEy^g)Sb*ZI<!v(zA0Z)=MHw2hC^{x&#6D<$Mc$2>L04Vu#V3DbtXuobP4PWxhVcWi
zQ*RY-ljY?@+D11z5-Twl#f8v)2+SVjwtsLYMp29`_42WEr@~UhqdIF1OyM{h8}S0y
zdch|tvnmf?ML^=9Hl-;)=I0#$j@x#f7yp)9)n9?LTQciSbqXmj7fvN@>I$L18;8ZX
z*h&?B4F%oR({2X*oiJS!{RzFPPBwRA&8F+IKsu$d(1qwXam^!Wo*3oix~OCr*WK$v
zPpb&qyrSroAN;!|OO^GRO@#b~47<%lF#2iAl1k45>V)Ue*ARwNmI4Db&uxD|VNUq1
zfAhjs0sqa&Y*-~<s_pEzvH^RGjn+tH8l<_N-Xk;1SUw?Q*VGWFnBjI8nh;98o5!op
zsmmWHE)(Cb+=oZX1d_HsZIYnI(vUu6F$K(L`CUI%rY8C<42dKGmTRz35b`c&)wmp|
zW;~EKREi9Ain21BBCTf-jv+D)z?I?!=pw>@&p+m`+fNz1S`vSLRrD}b%~gh0bfe}y
zdx`~=de_k-wohSlLRtNeGVQ2#i%NDsbdUKFQU=(p+-=b|Lh|I?w=?s7OpgMc@Yi_;
zO4;XAU7iFuV{++yNb%?E7J6Z;q&4zg`cZRTsA-!=;$yd~2B^DDjhGsy7b7;n4Iswn
zv%0A4yEMXj{<Jz)ow;J(y$A5;5kGos9_%)6mjYfW-jf(*Dfj7Q3lbyaUV6`&Cqo+f
zL=Jm&TOu&VKV`tX+$3tuwj15C3%8Y~o-+oSsX-yM@f4I_)vAtbHBJ0}9f_?OVvHBy
znpLw_IBO6V07DIDlBshg7KLPl<Lw)H7xe1C9|Pl_j1|vqS^`HrJu}U{>vq9FiaG{e
z?^2y&sJY50=^;z9{+Ct^-YaEQd%aP;YIZ67x)Eujtuji%RHG~T(E$h@nIVI%?<HsN
z!rXGxCAoa!ydB*ovLorzfnFO&P`$OW?h>2)#61nxM5-=oFVf<Wd(d$3M^c9Khu_H#
zd8j(awryz9SB6in*hQa~GF@xGVpXp}hp<wI5L4#MJn<Lpvq%-8!)2ahTlK_yD$1yU
zE%80?gI6*X0_hYa6Zt6^TmriERsuCD5P87Shd%<v2xnS++?5+(k-A-XM7wSQ3me}B
zqf2viA@W<HKqsGocVESd2G65A8yDcym#w6<<qdaFtTdf8)neHT@e@NOj)h>dTOcmL
zT}}l)agv8&rWL|RW|o|G;dT)xo}2`m&rbM?X2O?sFa?mE_ymQR-=a|Xth*yt!syH3
z=j&^Jw(qMEf-zfbdg3B((*NWU{PX-`c)_z4UD`sfvS*K-8{UAVzpJe^-diQGEi$*5
z_u>Z=-Q%ff8H2az1w@N2?GS)33G?Ig)OE=?%BAynBn9>XCefXrChuk4xt-~SUn;Uf
z(jCzGeT(!+*>6gg6AsxQD^AgG>ZFJq<KyyG{mg$X7#KdB9N!+EpzOa_M&2kRqN~1N
zYo?)LR+%jdB7I#jb75V0NEdA>=a?DPX8wo>c<b>rZ_=q?$I-)q8m8!gTOq;fKX0qf
zE3NkqY~8OB$e|`6HA0L9#{{8cPhB2XR<tdo^TH|Ew*U<ZjW^-Aw^(NdUG)3h8%1o-
z-@CkLnR5;6R6{T*Qmxg@!i!9wlR_S#w*d*)u3gW)2`Ly@E2jK9oAzliIWT6hNn0_d
zGs|;*u+dymcB51{l}WB&<MpXreM({}AA^C>_2axQk*1VrpFi_gVaf-6af=1KzzbI(
zp&p{IxA^*ASeoo-2Do-9(?+>c?BaZ*gkB|cBBP$>>}Gp7BJ8Sdg(_XoPQ2)a)n+@v
z2TMU6%Jl=P#`PfJfiw3+uoW#MjGrc+qLxsJ`^H?yB$={lV*TV-(h$6%5J)}+k$HQk
zba%S2s!<Z>;#%G?*{e^*pg(-~C@bL`M5U0u2!+8{zXPf3$z9_vM?U5Mnod4yO{l8V
z=UWlG^wI+o?37TE0=4r@PScifL6O`(jkl8M0|-hbPkp)+GUup)JHaAXiYbNWsLk6i
zI)1yY1qJJtG^!(uSW>>oF9e69Q4RZSRCx?kC1pdIeZ)kq>DES$L5DBSNBlr%O@F;j
z0(d*_QNpo>KNc9VpW2QluvN+X1c>IG8_>KW{Lb}=?zV|uO)*Zr*xQ(<N-%SCHFhZD
zTLbGgDQm3nt3mC65Yq^a0JujU<VH&+Vk?xg?1VUi(sQEa9k+-0Zv#x7ra4>sUiS`z
zYa*Q#G2oIK^D$?ISFi+k=W>Dms}yaU1&Ng<AcKH_{*4}i+7%7h&mpsYR~1D7Y&@Ol
z{CB!8NQ*A&?+(dRmflvYlE7PZNC}x0s;x{v-X;3{<K0a6sU}O{B9(i2D7|tgg_b_j
zQLa-4hC;Co#`wOjdV!{B+07N}nIFcCurz&w{xBbxQUAIqN9nc`1Ovi)F|q?|)EPh1
zl^0V9o2i)4-9=q}*&QrOPwWkMP6gi+-HnD9b4d?4yGhgHvPt#Jp37pl1B=xVCE1JZ
z2-{#`SF6@o|7gFBN{Msp2>#{>cw|&8o*!j7;qUHo$G+M5`uHaia~;|tuygIE<W$)u
z+;n_3Z(*eo6x?tMiFUhzQZ4y5o=ev)$RZ|qNl#b^o9i|~T}=n<*Cn~faK3$^o?*7P
zgZNYj7o;f+y^#&AeCEpZa^*~egIdOJ6$%`|w>UWq5Nz?#hr;+G({x1fyu!Rm9C;t*
ztpinm>8RNBioL$((cfp;E2}3Xt|op{ZFY-k55S}M(p)8@tvLi0GGP{aP02ZvHTlVo
z3XIn%DC-jOfp6P;9qekpzj__LF@$*{y*X8j9zf4GEQDK<E;VGAPVy!o<AZa});^K5
zoJi01F8i0S`=M5Qo#()=?2+2EtId~r`4PSTFELnIUAnw^E%kZ7g0L5!gg7dPbdOY@
z26dR!?{cLM2L2VaT)(Fge?s!{0$d(Aq(*GCI-8cZt?i-cWLe2Rn&hpeW<BkDI^ni)
zCJCtAmtm0r-@dznD?}GKld6qUTxavH4zIaKsp%pBdZZOP`*SU}#oh@y4U2XjE9z2F
z*N#DNi}H@fk|a}fKjrCKp(Ga)Nwocd^l3DWrsYzrW8Q4rX=fznHfHN<9dH_v-DSQ;
z21O;a9XZguEzH;Xb4+<VGv~m5Du{L=ZM+ijV-L$KL|2wB-8ft4sk58$DPKw;$mUT?
ziCU>UB<=9j=p03OM+HK#v0<-i*m`NelZWT4e`g_R><>Z=L~@VcocE02D$b!8G5#o?
zIjjR-H~$=>8&donO>_l&Uo#M&=stL~RJ>66{n$XfMZ;GDBPVz-t+oUCjXB3N;c^I5
zeDl6zI2m<rHnD9&8rAnI_j?P;-6}R!?8cK^@)!+IGwmmyb{l1iu^2&;g*aN%vCoQ`
zNZz+0B^4p*vzf?xMm>|1%&I$XA2-i5SGN#ZCuzGn(eT#e5EU-zQ1K>3B`=LGOl4kq
z<_*J2s#3n{9!aYXRX2Sh!S5&Z7VT?;4}oQ4OdomDL|+I8N(gxzO%ki2iR?~-=BxLV
zHT3{b^Fa%L;X#7;Z0KD#{=)>{p83?ag40y=_}QWEWU+Izr{8{iua~=roo$t9MS#FX
zQno>}?#sqol(Y1KsRJmS&sg^ybozY>=oXa*Y!Ts?qGKiLV2|%O<Fwm5N7B%Koq6eE
z+YM_p*LUY}i({)&3PqRe!cM}woTmkS@6~>jkQFq)!_x5l3(-P4=h*m!If4)2u@sTL
zy+Ly;uT<z32Fos8ZE)LBbXR3f@Q(DD$f<kKg>c$K#`o+Ic;Yn7(We`AeBVy-_Hn3q
zLxto6UHKp7RU<U|h(V7_gQ#Vawb)H$lm5yQV@^YBDm}zd*M`=69@=moohNUG(iNSo
zd{#Ab-7oc*!BbYiKJ+-No{5V4%}-7era3e4i2-ofKj{?be={eRlR3&t`_S;mHY%}=
zKfKku!|z@6nhC$F#Xd{FEjKl-pkXPZe?9Hs*#Kn038cGGw?cWd2E9+l$IjgX!0w4B
z=8xBZdu1APIuX9x&8E^a`y{h<;8|8OaP~kIk*3du>7LW)$(g?-FIoI}Q<>dqlWY3D
z?&?}8s5ln`(pCFcnShaJvpey<Kt#s>IDe*;Xc)dU@muc?mr}FH-WzVSZxAD#BoX%a
zHzeqvDuI8PynV_>iE@A&{}2gaP5<E=ziIG)6f&%&3JTn<*7*P|87mMk&hg*)SAC}3
zHR?NJ{Cwxe7Xm?m1-{?MjX}*hyR5+YcC*kIIfjQbx(t>7m5ZOR=*+I0tV_i!1_<aO
zn{lhmTqS*)=MzAi)~cNklqEjjb+<n#LFJ~OYOsbhl6{h`T&^lvc+<buH?4HXyq8Fx
zR;Sg?6vmBCJHY?5>2oz&b(}`QdwQftTvPAIjLntA)r$pJBDNqr<5MN`74+2i>{oL@
z_lT|(<C(boqk3OQ_h+EX`q=sDId%c{J-{TUx>ZbvU8wkrg<;MI+YHs_o<5uJDJw=>
z$t|Z-j6TQsV;}q1=`A{FBU09=-%}FaX6e}tpoqov4WQ%IsF;zQ0M8c-+Nuw>=pW}*
zABlaJj2QlgrJ#z&y<gRDzU_MZX3G8FU2}sW&kJiWE{owmnQIh{6m++^M+?zA>z0Fk
z(72Fn|E{B@(d|20qTKei{H)2UNfUH3myOkYf)C{Y%3ml=6S9U0<-#pbKv08Iy_u}k
z<kbLPpHtF!pLkTy3b?&`gx`0!EMX$(Dln*W(si|RnBVmqOI$Y1^8TB$&GLVlE0={I
z)E*oE2I37aHr%d!RMy*IL7Fp~p1ZC%e`Swu^FEIc*0M;E-M~26)l3la)3O<YR=;+A
zGRe61!^Y0v?rtd2-JM_mtS@B>F=&e*)3)%Ix|M}7+F}9#@7nX_o!xv`dlskir&GhC
z!2T+5-f5xARp_mRdB6Y?yIfx+IHK0cu|hjD+wdqK+$_zi;o=Y6I9Uc>88)OOAbFgr
zN@vv4v#n_NGPr3x23--J^!us#rj~e-$U4UBN~Jim#!6{+Ro%M>AKp#{@UZ@*A|k;*
z617>kxfk8n&zfA<6Q(<ZoN?GeV=rfk@_Zjo#I{&9f1@F!N8cWl9MjVGYvWb@T;<O{
z0hzLCX(2HjTR>#h1OZ%~mw;`^ah3uAOs24?)rW(|`flD6Tg=A+skVc9h{SZ2K-zbS
z<-EALM-8Q^g!I{4+~dD7PiuD7R5mamr}|G$eC*PUKFe{f4|--B`#vF(?%?W?aX`XC
zdP1k2$Sfa-vcd2xB^$cLO}ju>wXE<fLL%&3ZLEkO`94-7USu^|$=A5$@hVFWuA?L>
z6le=tog=4+J5ndRsog**OKwC`q%9O$EeNdQz%~OfKXtZ3Tz{j!w+sjcQog22Gb==f
zWm_5DPR)cu6B3wQi(Az#b16fU`VLOR+j|Zq4dG5W+cVWeXA!2JsC{kK=02r#z09`@
zDU$>8(>A3aS%JW+Bg+k!Vt%<VddwFtLjvm7Vq@YGSrW7g3{4;>1*?*SF`?v2QVNy}
zKD7xbKT6vnyu%7$w}G^$_gv2uVe$-Ahg6YyrKG)0c6`BqKyt-VmEoc{4Ev>M&y761
zzSTQSlb|+aW)bHme@C#%G_+dP){>*cnU6^+&MmekP}UbV1A;6qt6tO7Qsn82+%`V&
zacbBCH%jpJaV&%D>`bGFObfd4(b2jZ>i)MkC)hnB*x}o$Kd!k>?s|D;aT8D-?FUk!
zC_zPpYYXN0)fcoT>Rq)z@rJ4JHJH4){UNyg2!H;$DWQr^@|EKk)^I0^vR7fplFn{y
zh|lBXWt5IfThwTZd1uTu>1;mO&cV*&cS_+USlu#@62gANx%sGSH-24c-nB7W^Nsi{
z-JSXtu~|Veap~+NcEq~yEE=$C&|-wW&8TJ=9zXZQ#cNvs)zI4FqfpxiRa!-pk6@P(
z;Gli-P2Ps=2ixoCVO8&2TBc3Af@<w((`NRZPjBqIrlIf?FZ&etWV6+#{=QS3?@qEl
zaQOs7uTKvwK%%A|)PS30D3%{S<FSTr4j>57BzKC7rr>cv7+NC7Un3F`IJ~IP?#<{U
z=VNlB7-ziyZE%hIh_sii#r)MIDmsb*w6CrqJM?JlTFqT(Q($*y!>%>P$SKJh+$(Wv
zyJw#HNi>s#O}Ycu)=9R2E`Cs`cK=|ComV4bW1lVc2A0uV_VK@Y08e0;uBctyt1&-J
z+4Qs%eajDhcM0-ZELWqb=$gH;W{`cX*JvtK)U?U`v&vO7%Z~_&a}i^SM>Cu0^}>`I
zBKu(vpzFP+^8&4`i{(}gdFyDn%th{wxT76NBbrLQm;RnpYGYM8`4gML6lQE)8he4e
zO~O1mL|1PMwPWGsPr6Oi&@E~PxTcSGRMLhz=out*KBnkD+4K(EBFTb7gKfM-9dbhO
z@A9Vx1aDIiyv3cNd&ap7dow?d`a6<(YI~FH&%_YezAVCEi1KSsqO{zUx@Lv!Ud4@&
zYQ>^vN^Fi<Yf4pLZBP9&K4o%hwlcbLExxDr%!?F)@5X!Ca<$d+sDACd&WV<SmoUTX
zY8(6e5WNz;lAQ~|1ePOj_)IQgF=d{sU-3B|^@P$P(Q{Bz_&|)|o8He)07>60jm(>5
zBZ!4yt%m)Kp{ni9MowmkHv(LO_JM?3NC(RqB*L-`mCdbBpV)ca0oz0CcHIHFDns0w
zO}%*Y)cDd~!A5aeLt28KjGDgP-FNq`(Z`oVB_+H9?`#{sM=ltihUj#P(B`*yB9^U3
zy0ULWjYO{PZQP~=PG1P!eB|42u1+pDa?|wTae?wix(I_yM$JUv^uv!1UpQX?UMt|&
z7WV5l`Ww6ODgiJWc9AsrWN9}MX_nCNzD!;HmP=9YuI`RjQeEPEW7#At8{>}y_v;sG
zd36^<7TfM^rv*G}suBT;ez#r&0j_6_kN2DUunVL@VK86jcHi(E?V+!}ymYkH(=`z$
z%suQ6_EWeBtDM-+nwE-Mz$udP*p@Gc539nf%4ERa)e<e@QZ7ladfmQPB4-^p)zifl
z9$BH^fZPN^3WG$PEu2yPzY=Sy4Lk%$h(XXc#<Z;DLQa?3?D1IJobk#${$|O6d!hs1
zUOY})Atu`BN*rvy!^0;B9e#SVuv^hBFl>N+j#cB%ze-**c+pd`6$kj<kl;#q&K9ex
ztE@pdcpx~+X#v+S7z!0btHpB5lp=~VOcfFuz+6N`bnsp22l6x>A{Vxeis>GBOSbN4
zcNx33A0h1ct>@kdrR}&V_1$9S`(dS69{xkHoeTZ`OqjWH+eOB?_o`U@oLpjGrLgo<
z(NzvUrlJRgSU!;=koo7L@vmN)MFm<R&U_e~<Cm=_X7zJD0ONoT03lMoNl9F;dcYvm
z2@y(ExH^u#-HlKc=2OgIgF{f-zm}a04T_Rew~eesnmRR=2Tw>_t?w-^-~_)h)o|tA
zwqlkab0kwYr74;!1Oe5dVe7jk1BiI;mN=%hQ~?LUn)xaozBgQU4}=jci_DFcV6&{4
z1(+IRfCw|C`;T~k{vCtn@q95Lja{A~sHL92OH$aky@!G#>2U<+Yg!qCzQ_QhO`fI2
zet@V+otVq!e!zy>dF~OM>_}lGHwfTT@|;49jPH>f;8x(>52lKVEjU1NcXk_OpdT<9
zZlwZ2ViI(dL!B{hjETwgBKj0i1^{iSbV^kBDLdC~UY^dkumqhoRtnF_lX{bd*od^s
znRotE17yR(Bd+BfZYCQ)EVhO%MRwAy@+bv7Iy6a3+2XoG-Swlk^U2f?VK{>?zvBf5
z5U#i&1M5)n&Ju0SOnA*FmKFX)&MX`QikrpUD136dqvRD_KZ6$}uRaCRM%wOi0^htl
zkCfcB>6qH0nh4+EYlT>gfO&==*e%#f0cURIAHloFFGs-Ol<Q;a>L#SS^a&SowkFy<
zNy1*MW_n(-VTXY4(~9tVS_T}x6S)QyP&V5&3Xrx?h|1wgomP1Z<b-2rOe)u`9(`Qy
zD`xhUY}~*-@(Zw0X`J7WQ*5)YTr{_e;4|WCf31zPuE+~i2l>c#PXg}BG|0-_dxZX7
z<bfx(?5mFcNPX=8Dt4@(c3=jve7S6~C<hk(R+^NWWRr5aaL+kN9v<u4jOqH^_z~Qo
zo{}=r)IOnf-~nVyhToB&oJ>|K7O!ZJGNq~FSZN!nm3s6ktL2Vk5~b?1q#;5tYT_4s
zA=}pzw_B~{vs)DQq4O!Zg_kDwci3Edt#h=ewsbVw2&|$JS2X7B87N!q-%H^|J}myR
z_k|WlMok853RCfnd)FnW>GmS&HE!1>(YkegM9w|aeF$DR+NnDc?ZBP`6mssL1Qh9)
zzufjsYEg2+RnWz;IMBOO9!Lf`WX~5_um*`n7)grLbU7vW_!MUd_P|of3!6vz=hv*B
zCnUr(jDZZdY|mrS_Hz#R@kyxVn!sJD12L*W71JsJqu~?wFXE6@^{5s3{l0aa89E=G
zV@0M0gxrA}2tCz2sYbX@OVM9C)($%G8sv+>S&iNc{<4InS_WnphKQF69TOl7(gL?Z
z%IpTs(5Q;(_f}6>2VZ>{*7wTvI#Yxrno^DFB*2Yk!rAT#Y18M{p0>5a?m590_jwGs
zfZdtW{P5S-ze$@`{LU%i#%FdEPdu)32q$t6HAU8PQLwl^CJY@LjWJSF6BU&Qyv!sY
zAzt;^DsfuOjgEJlxHf?oKSPP1%c#oK-Us{nvqPcNFYMB)AZB+O(p@0Qm$g<7s2jNA
z=W$r2LCI%1X88O2I<e+M^BWA_;<cHDcPqajyHh@BRA``z3wfXQ@iGpmlX)=bRZ{0m
zl<66ueD@A0LF;xGB;<l~{$H1*!q#-M-jKCO{*DCsht%JAC@wXcu7JXX(_#em*+@q7
z@(p47xih*LzPhC3Dv05KAOrsE@Vx)6ME~E70@suMc><>;C63<2zgp;W#{To?e<=L_
zM>(E%^lwDiTK{{_RNh}MwSU4UAD%e1?qiwz=QV;#ziaSh|4=$rT;@Ef@;k}tm0j#@
z0uK*;a?kpN=+$wU@K`K52+H6;Z)^5mNRN8gyIfoE*Ol3#=zpQJnB_K&>m#++d6|L%
zzg{WxCw={tY^UMJC0Ci#2bz;dN{g!XK`{;LzpCR7gkbe1g*rqbLPjAtY)p{g-D|Jb
zDrn;?69s(S#}(m7W$ca?<I#f6r;gsQ@(UQ8dcKxYF4laA8o-%P@G19iMn0LR%(F;7
z0?1g^J)Dxp5nRSB0)PFa(w~Aj4=nw$pB6DQc=++pps(4KiCMYE;f!C2>&Q>m*MD4-
z|GK7b@Z?_#(0^J<t^Le~t+Svbdr~Y<ULlbtiA0@*1%17G66v<}91Z#oFz<HSjuT>8
z6+D%DN~R_|jE}!BFt;$m)5d5u9XRq}xv#?Aiv1_OB`Jp}|BW?#ub=osN{01@F?Dio
z#SmZv>g!~w<tWDA$CQBgWtO-(WXPm15dO~E@3e;|CweL~>OlJ=pD2%#QS?M%KhoQ(
z7|GFzu9Sl@E|@_l8$c=_0>A!IcIewe_?ZgT)4%VO5VY)BowxAmK}Scv$Rd#5hH&$)
z2Lt5g85qvMyyXptRzn5t9+JXcCX(}b_=lHOoi;Kbhza8KDH68B8br&HsT(Q>p*K(U
zVXU|6mh;EfWd5|u!Z_8Mpr?puq_NRL;mlEgy4D2xHd_2Vm2q5wpScC-)|xq+S$`Eq
z0vNQ3iCE)wALS-2w~5r*92{qcxsJ%Hi4fIGdryb@4nn5BUntr{XoNiFiP*ZBo#zy3
zu^FroEk>fGYLZm0a~}Ca7q-HY6lQYbAEaa4{m`ZPi2irRjCcEVxuJS+TUT3u$@wh5
z4;=J3ze+<3NW`k6>IdMEr3A9wdFryVvoVhY9-E5ppE4XL9ShKJ&I3ngEvY?T{;oO!
zGcNvm+;UHK{U5FsR1327Q6y&%+(SzzS2`<9SIQ4u!q@k#H>bSy<3A()GSZ?SCp=iC
z>ev4hWg+{yuyGZdoH)jf0U2Y!#mH!&oi#0q?&R5FT+u*)%^-9kqT$nZc$t-=npgTG
z)@pIZOlZRoe#pdXl7)|b1rJm0dQOiBNAzw2qmr<T$6)w;)N_&aA88tar{3keR(y+J
zox32FGdH|A7CzyYw7Ui2M#_@E?>I!3M%0sDr(|csJln=h43cRC0YN6r0GF_TZ{PZ`
zqUTjD88yQo=K*c0L{Lj@W5{Ra$_{A>7eoVPAWM>Ym7_kP4Tlye&)4!Td_jmsed*RJ
z+g{!3NP4X0#*s{s&_AyZp9%M&6v`rd5Ktn%!t$;Z0^Oz(AB-$799R%FbsLLC8Amh%
z70k2-fMH9UDtg-|0n!g(IhmuYub|G22`>n}_&2tF4AI#pV_uo|=(Ooe&&=i;rj#!m
z>Q;`>440}owzs-7k~`TF<Wqe58p1Xb*@v-pZ%QR}CcaMdhkx&h_<2swaYS-#*Vk&g
zr(a7jKrK3Dx}}p)?^gJ7ePVZQvr|Vjs4A9fFojZMI&<ATcmu)=rQ)?e%J*^4!p8-t
zJEa#u2VDy5U5f8j0TUr^&vmcya>c&(;WVK!qDK9i=`0UjoLhevwJ~>}V)autX9V4&
zpQ%)Ho}7t#uS2B>!s~!vHYW=i$IwPvD5i2oH=&YD6slZi4?-)gW{*hqFb-zGO}K?v
zq;F2>F=#a*GVM*5?UaC5C3;JZ!RYbK85l3`2bFQmjIAqmka!^ItgbbX@+37&EOzk3
z{(vxhsbNuFzkle}BJs?A>FlZ{aNbbDze8xQ=Wa3KL-YqV?2}Fx&Yx@g_KP-)uZA<T
zTXLEhr_=538o433Rm$KE;#<DfFgYnm1s`4jzmUpY5PXXpK59c)t31Wh6pDmC{k80k
zVY_Cy7OG*|zzoZW=|I(`XHwl4q=Oc%*AB#-uv>AK?x<A0d2{5hv}j43LSvz1`;wpv
z;`=eP_Io1~BWNNefqzQ0Bvkc|ryUJv{~R_mYC4i=!dea-T3s>xJ#^N&q<nB9rMpnq
z?w?&A4s3Zp7BXXB?B!O%?xa91&KB~ECw$1_(dVOXci+fVvtY2EKA(3lUnqxuYvF;<
z><(AmYP<nkHZ)(gtb)35N2)M5HhV<$(|!y>kUiS;=i4}*zpl++!Y+Mj=0jK|gSNzf
zl&Zfi4x|%8(?czJd>@A%iq@}PbPbST=Q-@>PTQFl&K|v97F*h@=OD;P2P(>Jwe77j
zYmfmqn#Qzw*$UYi0!)+L0?T)I6<SCbU#;vHGp`+xCsbA(Xnmw553MZKT&&igb9Qik
zTSUd1*A;?mU|+>NI~6-V^+2Jg<s;<Ra-^ICz6tU?6g(X0p`J`jWsIG3Qmirqmm{1Q
zFCu&ZGy-q?G@3Ef1a^x%4Nm$D`}|@aD_#SVavvhkH|B+1gTLjJb<jn6rtL>)ZI1qk
z=BW*5R!8)#OFdRSc^`6H`d3>Cnu~fnWr9NdTaOXD$C78B{aAI%r6CJ<BFXo^u4Sd{
zP3CXS>rV8BGHcb*T8Nk++G!yQ;<+=`-}Fbe0$;z;8#>LAO!r&^h_rkx_}|!j%cwZl
zbz2Y;oFG9HBtXzYgS&g-9tuk!SfNFb-~@MfcbDJ}!QG{BcY?d7YpuQS*=yZ#`<#7G
z_n+=@|J5@_@qN5nkIZLI;>O*;(cF!s;Urd5UdBb;*qK2zt5Fg2D;oMi$|iA1Zya7P
zKC$WII*_II(lJRf)N<tF?$_vur8#IM`_4246W)U-d4Z%s=yK*mE@E8c@Lbxc72st-
zX4xBk(ofAxHrFJIBUVj%(BTG!Ao%<*@|t-%=@0;#?Sbr!#1+-_2(|t_OGVj>09?A^
zUuTwYE0C<P(^C&$SLt{wH&&-7-XRUx3EpI=E@>Zb<l*M~%z#>@fqy81C-Rc~QxTl_
zPet&+B3rXH^G<GZI(rH#umD)<$DocTW1JrVSoHaSMU+3~`N$vf8?K=7o+|iQOW`-%
z>9O#0`tDvd{rJOzXRvU0V1krh#MY2I0C?Sp2gBRKcz9oxklak2VQu_|!?^3CEYtj-
zDkFce>i+L31HYO*+UDF^{@gVDV^tvY*221RF_#zT3&8mcl0oPL7yv0CR?CtBsiOg9
z5U@pwW}t*atd<)+#B`nKI+~&;Decv|R$qw|@Q*@N2`gs@#Olh>WXEAZ20_t^H)l5V
zgXO7m16FUPiH)}6i5+@&q<Bp`*mxa>jC5+n2~i1ra*loR0+b(mT3ybg*7b|meBu+n
zX@oa__I&NKu;sw~{)|V8x*%3pTjq0g9>FCMB2}7`-{m_v6k)0pmp-Itma~(TMA$4;
z{LS?G$6Uc0L;si$b!(xg^FJyhpR4~-7nwk$Vf)gMI3&336#LU$x*|A2;{HAG-*Q$X
z@?o`$taQLv9B2KrrIXzHy?>|`%d1<>JZ%0UPW-v*pVGwS|EzwTU}%iVp`L0<mK4m>
z0JBb_?w|tBV_)7`Z|TPGnyl838Z>OtR_`}hPdN!I;KL$IK5L+h@yx}WFR3dtHStC5
z8mFrrd+9b*1HmxOD0qY3l->#FL3|_kJ{n$ovGRRo&9K2=QJt!saOMNA-W}(tx*Qe~
zpjB+D{lYonm2eeo?LW_2#vU2zp@M%e8$|l~leYtWUR9b5sj`d9h<D}W-v4OUBT6o=
ztC$Fo(+_oR&A6P?0$y2Pw5GckqzxWbrbP@dHk(}H9p>lgah}dL*OVx}E+RxVJLgn`
zI7yn$J*(V^THFD~a@GFzQ6o8S^il|G9){JX=}Vj4TxvlZt9;Bk_J*FTWylo#>thKg
zV9$-L>Ngxmi}e5b-v61G|FaMNe{?=73g>2aM{Q|!ZIsik(FebA4I{$D>1*nq-XGME
zsnd4NXad#yqCZ4NM~5_-U*;8$*idW~*G#z&{Zx%Dk1A)N9&X8`+!)<qUH|OFkkimQ
zIThA}5;>&r(58z^YT0RFS5E<um<!PvgohP3DD^=lpbGA-uMH++ug^zmmv3!wG-dtH
zu!y>HWG-?>vaXgAt7}4hLc!W<zusTg<VjYwhQb(H@ry-fZ}qx~!=2G?h{=0K`8|7?
zdq<q=QHv6%RQcI)BJ(qVYQtiQv7H?NSwu-{avv?w&@Jr_4|h22#w@y+p>*Gc(CAj)
zu#0*~$fOn5{IQHXG&T?5njh~4m8cssmw_k85c_|F@BVMUZ0BKBcNVovY?=*v+de^`
z<AdHRT&Y=VGZo_{IX*--%E&(hp@6u&+CjNva=rjQ9u$6{Dwi;=#JbtK1kEX9w5GU)
z^`VQ^VoSRIL+Ir)HR_}^9nv)~qYTIqF05E_94Rj9vjFH^psugKY+gb@YREYx$(T|1
z{n8w6E<MmDM!ceEhP^z34zQI|XvLiOLq>%5>)MtFF{@XPldnymD?u9HHYB)VTQ~bM
zX{??06S<X=8DtFy4wZ<?{)Jb?-M^nn`uB1~|KC!7Ea@CBl^2YYX+nwr7>^zUp&pGr
zCo<or=Wu#i461o~IABvG6nMCX>?md9*Hc*?GdT1sbUwGlh?|fZgN8kLIt*uDv(o|C
z^zuL$QDL&OaKz^LIe)8oJ%7r6Ve&eDE83-JzCP_jmS2Y<vR;1iRb^*@U90h|j+<Pt
zSXO_WV17z83L0W9K!njubiYE3A$~XBa8@UlpL3JCR-{2!Jytx3#>h&L8mKu=EEcFb
zpaKVnrIrVrglTfOkxlpJ1q`0WKRo3f*Ut|wUbP**R@_dk=H98)s?t$&Du`)q2Iq58
zGw}m!<s?oh!Lrj>a7x8dcEcctV<~oY>ROo=30a-%>wK<8CMxqH9g$<16WXG8m8a8X
z0CULk^4a|wSD{Y!iH*5^!=?QJ^hrXpf~ET;nx?DDm>|XHdMbA|d&GREmoF;kJ3Tdw
zbZ=$q=Occf^~h;+Yq{R}RKh&X;wQwnUn!S}Ac5<ECFgKzNxBI^#a#PCHT%4R9yj44
z=8u*~sMhrh`VUX3C(Uv;jVP(B=z8CsL2M82OT$VGkHyv|g5#`F$D5l!@dqj<-$nws
zc{-0~Kh9Hku~bRcj3`T(pXd@vn8u2dQ*@RUQ&CHcxZ!x9rQ|UQF|4<5UUdW3D^jT~
z9^`Vmaw_yQ_9@C6)5#1a2yLA8(pN$<PN;#YQ({^Hv%#_4_p+A`mjRs&(H`0%pz<?I
zLizX^%zb|I5HyM2#mMK}TuUnn04P#q{9WcB6Le;Pbs!f1?w<>AWmorP)0oXLZ^Fp(
z+=D3xzL;114aare`=GhpT)S=2uF!g9e|jjxYr<sT0_-bGVk*{~MWInApyAr`ha<<S
zn}n&Claq=ZNCGG0Gu|Dol9j^``c;Lrw&s=JOiYy+T(P~INirmy;MJ5bAG0MGTkU1s
zN&D570Cg<<b&0=kzL((z?Pgp>Z`97+a{SdcKtF{l$!1z<YYv%HhKsC!QJ3qL8&h;j
zxn9(y0;5V;f0F&$rMG}nJJU8f<yn&Any$H$gi^YSuJD}~RP{h!#iWC4$Bons&^&5F
zcCv)p0?y8eRM%719aGfhuAnScopnl!^ECYp9E&*Iw6@y~c?cECoJ6=&WeTwWAOG~Z
zT~{of=&n<<`6@moL0X?h`d9Y*!-Ne@+AOKoZGsTjddggyZ3Xi@S-$T%pMi+(>KW1o
zGH#q#EQ~#w`kR|-RXXYxEj509^{uQmvd&bIXhgJj-xta=-GgrFHDkf98BSLea#+US
zn&(%Kn4E;dLtI85Rq#Tq2^^ny=vL&wdPlJ*b_+>iNivG#WpbdCm*DSEr59M`@k`YN
zElWGvR&SY#9eP*tXmn+!h#mH}Vf?Rwvh<>8dk!xvfN^<D%z~@ayvlVdPE}X&&8yPV
zjo^kV0%*$T`u-Se0^PbH+YoC+HL?)F0-aDessy|^?C+Vh<!SJ@4Cg{Ne#4dRG2KJI
zBIY;gvL1Y#kmBCvVQ`|^GZ-p43!+{{_~-9S{A2rnvuGC6Y=TV@R9dU?c&%T$+KpK-
zs5D>7;0t*8zK#>3*OA);0Yzo&(a$LsDet+7-U94l=ZmzBbm1ytp6S#Y6+M7Pqa!~#
zGCDF-2Ne6FLl!wp5VMvW2y)Zvy7v>{oLOhkyB|^*$|+vCIhD|uV(ck(LUBx)l>^t0
zHWa=m(N-fipGTudg|DIWu2L5ne>weKx@s6CcvT9Lk^_S;@11I`b$h1(-Fu2fW@%ey
zaik)r$ZJI))yd7}CmGeOKbGKrNN+4Bd!_zNLfx{OAj!@1O;GegMvK%Rx62M!(I2;q
zn#jpNZx`rx1#=He^v=(!FV`u)B@jSjw{}_6mLVzvPi$c<sVJ%a0al0VbY4MU^L+q4
zfn!K(LTT;FJ)hu^6M>k{S2yMh%OsZ?<7?U3Ll^ZTyG>mpheX)zA{PP-R(|1<CbK^q
zIQpU964Tgf`&x3INVAVwwt>SiOUK)u`FIX<8$Q2{3QO;wyEHHL6gr4g3oWf#Y2s@g
zlkA9$zHnnkj24pPXQ`5^kyDm%^?@Qqz1_x^L9s6Z2Q5_manrlQ3WI#z!vOA<su3IT
z7N_r4(Gf=yrHDtqdM4q-pVvs28b^-W613|+vcSKoh1#O|DKCF}V#daK)%$(<TN5Vp
zrtTlhb~@?|sZXuZctK%xk6{`$c8e-#`nlK~$Q3{a#-12YMY_`XX%-8`%SHL#2NlKT
z1^?RB{BanWH3nESwx;36)1Vvypj-!Ws)p^+3~5CMt)ut!1ll3G6>N|pM>%kuqi=N4
zhc}4}TOZ)zVErOnu=29QJ1RHMGw?8kct16TM#Hp$*z{zb;H%=bf!txUx}yu)WzD71
zPq1NZ&22@%73N1*e#un^_q_7oa9aGw+B&XZs7O}Po3yvTa1FN&FwY<q0#kcB3MhYw
zAow-J;T4F8@<ojYyK;B-cp00rRNY0Ed}?&=C?9HeT;^@AvuJMK+?>qcms1M9wYhzQ
zP>*4_Wic2m=#d`&c{_ihdR#@X1-)NAPI8YXEq9zCunh50=<`%o=i<pjC{acw!W}1i
zXxe!b7Gw)*-R25$Id-R@QQt{sYb7f~q_eq<**o0F@>TEo$MuZ&1FGd)zk0;tR1#Nz
z=srtH^<{2JZp+P3Q`E}jjJ3_))iruiJ|X4ADRP2;nm^<KDQ(6LDfa-KqQ$umR++wF
zvAW0`fH?n#`wfSftF^pyPurI;bfyFqaF=q7id)o0sgM=J+ltWv-qoC>XlYIu=ZtxT
z!Nfkl>i*3~{Fk9`zcKVI(!YT?BLJ?oh5Q<}6WD3-h9d6o9$=h1mpCAr9te~*Wk{Qm
za#TppQXD01!>wX}^D(TnH58KjTxDP+UZdo4yIfl22Wz}<h>WYrKE)x6x>B}>s(-69
zLyn#~@h3EMlML!`MIyHBJmU5KypRyQxDbT%iOa%hOrT8}1v36H#-#~&T;rP|u2w&5
z-l5wU<m?vu3&M`A$oYOO=KZRrS3tLKpwx_wr`;EXJQnYVbN-)ZF(n>!oO$E_1-Dow
z3m}{m6Qlcwj5OhgCEkbPt-5Z89Tw&rnu8jo%hxGkd;m-C_Ja`pEleY0pydmVy4jc8
zveErjx*s0gSLqe;gOmsn^{UQ3ne1%0UU!iu)3Fgb1P-_{T@j{P$<DH=jF%F<EZAD?
zd1isIFgDbu?krKJeUWUm>8#tlfB#I1S;sr6ZL-blKZmM9L_I@SWHz0nfbY;Jc=;%P
z+ur2?=|AK@w;jx0;z{A_@jj!12)`zvHI^OFiV*j2wqK`+t;S$mmo^lLya2m*dU@wR
zumR(8g7CAA((gSe9u3ypdA9x`dG)Uqg(bJn>OOA=g`QfTy$o=pTQ83L+C|oHN9=9)
zaKR<DBh-jvI%M~fIe~fvxD44QuNwqW$e`L%c?%l&*Cw%tbxC8>YUiz9g7W!IgMWQ<
zi7U)v%7PNK;&}VU;X4HbYeY1=w@HATHc=~*yCg3|c%hi(*$4@rM{D(=??gUdPb+WW
zEqeKu(Ib$3e4pnQS3XM&MWPt$UI<+Np7Jb<HZo7<yrW?q;hNm7k!4*52B<OBWvwi(
zOu*AEL?R1EJGC15coN>;j0|g*Xlwn={5v%rJsEz)d|5>OFP|~KrE+G+w1+#_e1Y<@
z@@;oheW~QjZS!pV1sZx}G>^XbV-&+K#1n=gwKMhD`_xiE)3ziAQW)3At%G=lcK|HY
z7m?pgwr3?O%#|{_sIpX+TYr#&Q02TTp`<Q&F3h(Z!TZZ+WGN(i>DS`*-Ovq*@3lKO
z#)9?kes;U-VS&OxVj)S`12K1~c5@APM(opk?~#RNWIWY1Dp(b|LR1i$Ftt`*qNG#>
z%uhNqVD(j)cIDn1lE^5&J>IyI<4l&gf~idv|3^Lj5B&Ro)4+x<#vNdcb`U@<k5mel
z2;Z$8_q-ea8G7-3L|U|@(3~he?MXlerZUy`Ky{JkGwjyZvx|7Q>bUI6V&ZC@d<9MG
zzjWEJC;=rEOWk<t#Akp~IHxuE9P7fboiFnyVLj_lmN$Ro96$bT$NkIDH{6If>V0_i
zPGExvirEnLt?3Km#rG8^!88@}3&<WL=MZE7MTeLfC3<}!JXkfJlb&;bK^eaVmo+X0
z^sZ^BlTBXRN>&|$`PjuIV~dcdJMEta;m6#F1b&~P-(ORRZb*tF5|60q_D|I{eW^r^
zj!;t-TS_hBLJOWO!zvQFeXU#bUq}#_<^(gI?T^xIFxv)8MwPHxYIV49ck^xGQuWt4
z3LVnRr5<@(Pwn|$I2@>fT8&7we%|IqpH(CF-#W#xhe_8O&NIHfF+GxLs3WA&OS0_S
z2F&)Wc5B5GppJjYbf*xpGqiM;r44m7{T9JM=!)}ZWScqEp$LP6nMR|&`fJxAEQg_-
zG(@+D%<U9x(Hic$e;aV->HoMH1%+a*4wY$NrmAtDfA6&$3bqOdzWF7`j!nzvbtqm7
z07P!4)|{a5Wn$<l>DeRi{x$3W58dRy0yB`boX_Le^ZZZv`h@1YIR{{kdX$49U2ef@
z)V<TH*^48hYSuZ*_8`36LNiqv^67*ZY%MX|>+6GT{?=A9DW3iOILw*_OjVMVgh7Gz
zC*g-y4Xei-y;CkP`X_)h5;40<bVHu;oBd<xI4qN_wOtLa*wW~E5@DPL=oZ)`{qi!g
z*@QzoZxpW%#O(L=lh!tDr)^h8Ltl`dGle2|y;>zs4e=(~Z5+ixI9V1LwP9D?$xY9U
z6wPE<kzKh8$9Oc@T;*nk(M9V2&HVe>C|q)X*b2mKjO;RD%;GY#%F0HQ|1tn!jdvY9
z0eDSD7~sDPx|E0$->7`xth|1Tbl%m8>lvMD_hhl}i<`e%swh3|pVCh)<4{bIBvWwx
z4JR(3x<hr|y4koYYcs(N*g3BYO)Ok2x#=~XPpRoLzO5KhbCPTjQG4CYJ_wvxAu36a
z$6YHA(Ne0CkNdYUC$X19B|9Gmcw0-%nbbT=*4uq11Xg5YV1S;TKkGDVNsucZC_Z7w
zFIV6Ba#K%JvWV#Z3(ENXL=)mkgYdASG(KL2RZ^Ec3OzK%Ha_soZbNuoU&5%!<`9a=
z+EZ#AY+pUq+7((+JEA+)v%D5YIHrHh34We0sOSEt5#ljlGIZyjp&S_O@>!W)_H$J(
z*`uk%Z@Atjiy_*Ed0h*d9+#N+B8u&IFG>{Ma{L3zJcgg8x@~I<a)Al|_s>+SdiA~g
zK-;Uc4Zd~k_QrEt7wIS#07{9aiunFvwEcvklqJsGTH&EZz64(T(6ISvq+6+jKe(N4
zW3|rwuLiiES?gk7&kGi>@*zK76{NCwT9Z8cwLjGw$f;eEIR)8B&up}{_Sh_@1ZH?U
z;d`j`v|COsCIkljhFkvU1Hl8k=zFIv48P%UF@D3{A-bjH%L~;z1bdDJRXoPhYtc`6
zlpLQ?PF#JfsDS8Q?`+VnrS%xZLTnZ}{xmZFVQ`vRKSYtcYxFZ`JOiVC!(9+PSkSik
zy_+%*7CB{-<;%Fn!w_E8)GZP{bU3Cv<%~Z*FM<t4{5Rb3e>`q`gXMoboAawFTQJV6
zL;Jm^60`e6r{^R=VJ3OeCY@s$hVM-Eor*J-nt8Nql+zaAc;+xuGg*U{4n9u6<xJ=w
z!)yQRSpUPAEd$Q6CMm(z#q-a#hAnTwUyU+QERx#MP`AOq=K3#&g=WQwBz&B!-5KGj
z;zq?FPyJEy-;9|e5o4jH7Rg84hLZDerU#SszZ$iAlAL%*8vn`T^WbA2{<{wcE5H5k
zkL&-*i@DWR7h(lOXo|jB?eY$@qQBE!dcfn*KdLMTgqFCD#*2?o|MYHiaWZdKuqWCt
z_v!TVy8g>DbNtodbo$k}yEueApyd8OEkWSH`O_WXBv<*Z-%YTte%jX`z}mYHXPS&=
zgoynOoV)V6j`6QdQ!w^e_((~0<i;<LEjAG4|F$9-ZAN!_y}O^|uZ_M0Hd|f|nCC9)
z$;9Wp-MIrJDSd-m*Y}y76Dm&p*K3RLQ=2^{Pq{1x`0S&ds$9!#Y8g{jdml;b@gl7C
z-#?=+Y1~N@JXI_G)zI=7N_TJh;TC%{37G#nRv(WQoqjK=I}3RC*A4Ku-B7A6IK|V;
zsK#=lYiXC_y~=BuzjR^T?ac`<c~P@}IQ|T5q|k}RKMgZ`Rq>zg=a+!LPT=2Xvjip)
z>)!Y+<dznqwN0XPJtFv513aC{mhsn7{B1~}TDn&Se|_=zSwf%}*e&LtTe}u~XOLOZ
zZ-#{k^K(qxl00tQH162uFYmQ(w}CJ3eJc1Na)U%S0T9fKz=hkqpNC*3e;#!b|1&^I
ztlcI?<CWtgv0Ago)*~H2sOeJS+v;F7Rs&^V4)5@7YnK3Xcb_SNvYti(MNBOUEDLc&
zp+<r@-dY$4qwdT+CO<&x+8UyGSR#4gO-NdwCrPblBqU7j`O@%6R}7xA_J6aow%l$h
z(IEYEuPnV<n0AGBxuN-c34242G3yt3K<!Y3bqYp^@B1M+YdP6OU%t9o&9ZVURAt4Y
zX$L-I__)8s3=YM!8h`OSW=ljE@Xy27C843geP{AcVbE91yQGZ?SnRA6(|zqyVu|9}
zYLJWwfMrdAwk(s7*Q-dvW;;nMjoo&DuD2;x^)KQeO}B$S<3@?<)zTmzNUyb14={py
z(J~-IoNF6dM^5lN@v`!Et^oJz!c6j(nA7>C_e19-QtQ69*Q>aKzzcNJMT|z|_i_R6
zsH=zrG58R?(L>~;*VM|6W6QJ}MJnX~8Zl9wo7N8ab-$v;jq82Iz;5F&!0Ack8w#4B
zLy&TJOxLM4CQSRx0wB1KjhE^v<f-+IEy%C`%W%hu%KiZY_z$o3<;WW;^xj7~(t-T`
z&A1Tc>d+zj#`pL`#1XVrQVH%U6aggBMKVNui$_gq9aPAwG1Hnieo}2cJ!_oN+bVWC
z-^Ehx4he7!IRW&b*oEjx%^#82%4uTZP1aZY`hqETYe&^VT8ySaBt~mQm5WHG9z*%!
z3CR+Ka@*V6LV-VyA@5|w-(x!~yeJ^$>j_(uW-+@oh<U|t&x|_Pll>5;_gOaXYjRiO
zOb2e6it<yZcqg9L_zPVyH+waeSJV{-SAjw%R>t4Z4*xm$0Tb^jTryoe@sc~chtQ(L
znqm?d8aw9BrpZ5eTy%O6V1S4TbDOTDHcwWmL>z|wiCK+NtBI{JuvLv{<bp!0SG1hv
zkz!qL3on(j|HR;?JXaiZz5fl@HDWLu{#@kJ{NS!9XbAi_X^Yum&7vN+!w>9^iI(m7
zcg5Cw^(bhD+$PSlApS0muali__!Hp$Ygr{Fm&4Vo`NGa-h24W8kFnyL=k$7MXKJ8o
zxy2t`(k(f0jtRoI-$y?Cr@$zFx$5Jme7#!hi|)w=xp6r6D>^m=_4Gfsdftl{xG5~Q
zxuobmYv_EGWggp*nngd^ylR-kbqe=>4G7pMQBY!S+k4dUFZvA^=4iA;KA?De@z&N2
z@R4&=REST5C774}qj4}(M+wQ>Nz*0DMbJ^WzY$lxMyAf_k%|~nvPI27cGO`7{~L|g
z?5Sh^ksgMsJ%X4SdgODh<J#>-vN%TB`k9Uf+b6C?brUi>`5luMWxQc6GHpx$=*1xF
zR-6|%u+}0<1^f8Qv!|g=W%X3^6!ln1Iq1h5{=>@nsp9yC^~80V`>HFcBRp&wNEtlC
zi>f9bzf!Hfdpr&DoAl6WH;!pdT;#9_J+@L7(wa_mQ`+jTrh%wMy{}b8S8&?IZ$VD9
z284KCE*^aA4Uo|j{JWz{OgNy8&BrWmn(O!s%vxSng3J6ns;U9idTLpQX+Rn5njprn
z?`p-Ze@Anx7(3fC@aa6cbt_@++pw<WY`*Spv$gjHlzl$KQGhUaKpFBX<_F#f>@rS}
z0UDgu`v$8OwV@aS$^-$)@yik_hV;tgilX?fejT*ecvTD1AEcufTLtVtPKh=wCRa3(
z?u9#&C@CN6T10n!ifi%xzFF+&tU14JSW?=|S(Hv%7F3T=Wz0#xN!{_LVR1AkM}Y|l
zOfg4Cn^GVp+RrK@_SV(D9_zQ64dNlu0b0S!SzQ)^S*U;>d`dIKQcc$mbO1ziQc?2Y
zAeC-Oy&e|NOKNrBv=~mmm7{L(bofNkloXDx@DtzU!et+uj=Zn<ud-sXMTnfRIz%7=
zMbYP%1KgDmx&0N?nGROEghSq_=tbo&5o-SpM^JH(IZM}RtzzfGSzr#D-Pw-c(KiP^
zo*wG=Uzi?w;K0$Y6%Gf`R2k0BEZf8^26v*!&`%eE1z)H}%>ZdLWe{S<H9tEHUkEf5
zVdKH@j#}U0>0t>U-14GNWIipeSaYw{(`2T!qACMAXS$o!q#~kB=E~`P@9uAi7{dMR
zlIWK%axrAY&1dBJT)b$Cac<k`RY0t%^t)7coyk#xFh!(+E9^3Tr3anj*6MdP3!0m!
z>$x(XiuMV3y6ziDUJVBWpiwUes_BFW2Gx)G_jE@STOX-is@gw~9y@i<N8t{HgoAQp
zR?v18M1I5Nl}XXkY<~M{SG6RPb0^gI<>mA9{BO9e@|~J#O(Bm0Tq`>he3y3i%A@by
zg%D+o0@9{7EVqjl-)Lb%hlR+9UM|BT*#QWDPiqYYwW?8FQfM3*cH{)}<t-4d(B*N;
zKm)`RltZd0(=}pjZ(he(LNbu3o`QHlbx9$KzQu>9oV5{$g)P;FlxKmK5f0h~D)h58
z)FbuI?n-K#h#_U}ktq6xi5#b?+8<!ZgBtwe47=H5xwfyT)6;E3`*Girp_k^G?cJ)+
zAy;ILC(jiGhE_R~q$*Ks<XmT6Cpec+Hfg5xlt0)Q?wh6$_eWzBObwR;(3Lt-%8x8b
zU~;%5j8*ksP(xtNtv&vLF1x2QYzqu(J%+&pf1JJFj?!iw_FoPd{FNl3nb(OqY|Mbs
zNS2<qhMP6V7p4SCzi3msA+I<*(xCL+!o)u{%cyZYN!9?xUp{gm(59VxHX?c&fYY4@
zp11Iy+>29}GW=5lx<o{Y+mxkGMPXsa#X=!1PYOMw$*xilH9Njj9V0!24FrmOsET?^
zzksFgSBm3iKfQlYGOnuhz0`;L83ije#Az&4nP@Ym5q)_R*3&jvOoIPRb1Hmg0=;K&
zuys9T_DuHNR)0o=#ZKSI?yD`H@S9%j0=0HBzl~$RWh6#u9%X*oSle>8Jq~f1TTq9K
zqUw(HhPCE-O|EEqg%^^#n3-O^<5bw7QTV<w`jO>rbx$5UM7xfMJ6$&i|EzpE{kkkc
z86H`Ki5$be6iU8nqUXtA^x7+g1RsnrP!>R4N(OohweUn?pt=u6v~|`Q#8ljRGnmhp
z9d-#C*s3R0;;aZRkm8umn0MKqOprW1x+=Gxq!kaGcT|s`7a@w{$&5ta=9FuM4Ee=x
z0mPZZcx5zu-Y@wLe-wt7qmcT+Ti3lpg_=Y)pU?=e(|OE77#;UWXZfVi{)mddU{$vu
zBd(B#`VO8_gkeWF>*<GDXsRubYdM?au|BO>Ld;0XOvcaX^Qet4#}u}~C!g15Wu2>y
z(U^EKc1z3c3}iIJ+14D|C1vQzFDXQ6^*Bqe1^Wc(yCN3LoDSQ>ZIdu5<p<J_!bNox
zaJ=vid=w(l0;#+>h%QTelhHO<U}{_}PErInw<*HU!r}|=y?3S?s~8m#>^Mk9R!6Ex
zWxdWTa=X9bjw&QQJIex{3)EWcadI<WU}i#Njm3jlvxghXg#7FQ5O~<p`~f}6U15!*
z9u_ChFhwCkIcgjZmTEfMVo`@bJwg=@Z^fed4QDY2u2Sh6hso$P-SP`373mDzmF@$d
z3Q9VV+AZ*U8}8`QqHqJ_b3e@Q@0y{i=0x-!N^8^zzhRIWkIvG;Z`*uvh>_w~XT+8x
z<h7~9@gtXs3XDRTg@5%<ZaWo=adP*E1|C$iq!t`bYAL8IPzNqyuLeF&6Frq@`NBLf
z{PT8EgGlI%TgAB676<bA6D)!KoOw9dqS0~70^Y103*>gK)9V=C*-EV3*gX<}CbNjL
zE{a<*sfwSD*O(7(3;FBmcPeY5Xt)#?5{9F$J8PQlSfu8gsMf_V962^OXFcfU=GEku
z3n;vloS_34?}~?eSK-tYNO-+>OF9Z5UKgxDH417Nb+YauHtDfw{+J|ZR4E-g_!cZ9
zcS6-Ka~T^)MTbWkG<{eM6&w3pxmg*9PFD4^PFlxrh8>gbtysJWq9h$0ZstpaZXvXj
z|FR^3$ptEBzisaFTfbX|k_}Pmu*}Z&`x!;pS!qIb>-m}G9<TD4xTd1Aa%`z3RdFI?
zDiqoZAA#%C0YTxQa<&Ss2gHMJ{R^v|E?ZWbUhxi!og1@Uo`pNBIIaztP^svYx;Nag
zK>CNngqLiA=}J}A<}pl~Zl8pW{96q1P%h?-Aqy^Qc9f-MeIT{4thEDJQyEZe1%bZ&
z<8E6<AT0H6Gs;UUYkT7zFOT^|%aRaptZgm%o}xaaPTCGf-;e^Nng3SY%qm_vFAGhx
zw?kWu8@HBEYV$v>NL(OZ_$}FPJUw4|Xc1NNKNIe{`o4K{ld{|G|1%6Qcg#xH9X%Dj
zB(|VqjjWlkp35LL$pBtkRL-`&Ml46JRIdle@Xgj$y1Ha8zH#B`OLT~b<)3w!8WzSY
zi-;$y_+G1rct-8Qr@;CF9{g)v8&+7fbe4*$(jAxq^Hb^Zxn>K|X@xB3Q&W0{icM*<
zZKpZ@Jip<PPwRdNs5ddG9CP!YE!rMv<C?aAsKF{jQTO&eELw;?kewdK|KIVeg&4@H
zb;xYyk<%R-b#;&UZ_aPzo%J&G2Jc5(!Z`N_rzG}k<kkNz?;DnmbQB(6@b<9cPOHml
z)RDEB5kmcP(H59q=(^?MF!t{2JaS4SA$8+?{n16jF)!+`du!sF<*_MAj~l3BN(}42
z$=VX9z`oIDgpyKtZ8H%cB&>0^+;b3b!4Y%-%kiuKaXhzE#(u-)3fXioH}4kJ9)Qoc
z&pBeYf5X`~u#)ygk@;NL@W2{dMd+_=`MpS$vhsb@pq(|&K<1C;)H4@Sy{`*rLrfNR
zao0qfB<v6ead9?UxSG0P$L`}TUYtGU`J}*HG+r({1-dHc4Ar}HrJvG)oMVNz7Gp)U
zIs98jiM>3B6akh5Gj-8%2=tW3<axw6_EXd8d$-6+XjzbjFH6#|6cqwCG*jZmN=BNf
z^e3#X#k}(dP1r+ZR2NUqp&Pm){A!INXw#hdavMk%{1{Ce1ywxF8l!8EIw>Pvj$(<H
z63)FdS05a~2gHiGuUDqJeYDN%Yk~)71*$_K*;~!AvF}LNY)uwm6tOrAns1K!KVMZ%
zuDHt{kz4}2HS4h#=}})#hg%md(UdQ_3@p{Hl$&+424NH>q9#E+MpqV_EnI%B>~zEo
zIn!esS^_hKQj%>{fb@FDTz3*;DfrxODuv^Dy4p60DY%EA_eIT73`D~93KNF3EvlJ%
zd^wVJ3V{&rumseETdv!Q@e=p@c^t~FxA7m<-*S8O*Wx!Eg4N1;RrNKeE#VPAgT*=&
z7Z2q&EDD;o4R|*^->~BAZ_Pnct@lEhuI7HcHF~3}4`z3ikY~njlsQ4*dqd4fM_p^?
zhmU|^;5T`!tv5wk^Chv4dAa&sV)wUvybmfAGi(Vd&iqYQ^3vJ$g+wQEUS^TW1rVL!
z$8SB~LLqJ}SP_tFdg6Wd1aS18H83eOaEM;)k`CvK(<I;dWOd=3g8ZpZuz>R5S3K>n
zZtim^b^=h+&&>$_#6g1&sGouHn|bKF6p}w<>#ubjW@;_M%^URlYd{N?#lxK+hP;(S
z{3(rNV-ct+4qfF?Q4q*6)TYd+u)K&OgUo7w+VZ2#<M2(!kpuEoy>aram5H!kWUEVe
z%{IG)+2_|5Z{4O4h}>#*k=kfR^e`D*lIB#fO`<J3(8-*shI^@w$1O8o-+fpBZAw9u
zn4X%rM6Jx>sqUpUurS<R_NP8ZEF=fd?)B&cIkr6zH-9=5ADbur>?#|GzEA`vP`d@%
z&QGOKPjaFvw!*>TsN2K6Q1nvwmyQITxiU5%t)EYS3_H=Ejw_Q$!||m8tJl)`=8@yb
z!o5&1`T=UvE4MM82WU5rD9#$uc`rBdjt3s?7eX@`^mEI^r(?5FukgXe7Ny&tZ0&kR
z7vl>K$d|04tkK(cui18|e@wdcc|~)~{S<2D19WmTRCwD1zdSNr$Bo3Mrp+IktA)KO
z6xAk6{%*ir5kI*!rI(pTpV3WnZ%xVEXIee~5k`ky(Xxmd#~~5!%Ql#1TQnKxu#g7(
zttk?;hX=l`6W^BD&Zi2A6~G>YVM(|OQLPUqJS2AB>@uN?i2~mO&``g@$f?s_XvV!&
zwh^NRVK-TB3<wlaYgay^J=t`s3D3uU=dPcZsF(FuH>75?wu&o&sCVZwO-_CK-Y7fU
zmUtfDPYtTjGFuXo3#?nwtEuvOtSS(<k+HJA3>Npf;pI2Fm`+<>i^P-knD1WVth<{-
zhW~LEv7}-b{E(9Dd!7<OiUl<9-w)23fk&lNZ7L&HM;ZqUb@e<FzW0MbDri&nnq#L2
z8+215r&Q*nhfRzI92A*u%gXxN9qLr$xGN>%zH%IDJ8IN$>S-GkELpnoZ1{_&f4LzB
zpFPMC1lHX;A<_0W@!YRU<l@&}u?>nG=YeiU(>S2|$;MxJ#@?LGUw?F#tiT16rBz9>
zdZWrIo?ij1X7<wTWdyO^ILV2;`&;s@<F)72SU=zmMT9MXtl>B@ODZkU^WYab2(*y$
zsj;Z7ZP;}Z32zGK;X0T4HtTET4BWXY^Dr;dXfRG;2y76nX633~d|V@?@Pl<clBm9z
z1gd7o!B_zXfOUn|K*dbZA*{(B0AR>wqiZ(QqTYHF2u;pzyw1+_r?uFqIh?3}M!ZBj
zH7JsqJ#$Nk#)Cl33+eP$E?HJ({JQ4dX?P2hE_t%#-dNx9Q>H(r@T0Yoj82T|I(Vgw
zwB}mlBoSe{sPbJb%IvAlm?0w2`44iLX+m7t#y8I+Xp4hpa@(N8%MAWDC)}_C3-C8w
zR7HqGFaGQ+*RVF2e<5qdTyqFUWDxVu^cIkcyWzfp$;Cb9dG^oV?F{$%ZtCNoTHFOM
zU&t2Y7h}a9rI05%wRJY=f2xd=O~9mj3&GYhVmn5)=8N8#Dp@4;Ki<gXl@;S-LSJ=X
z=RVWwsMulf9HB3RfgPkP4VY0X@w!G=jQd&37-b+Ou~d0Fh`B>LUrI^4Yrm4daM;1Y
z$|{fh(#x|hv}qd@#lR6nx>qP!xtG9$8s24y=9Di&twb35a~(}8$1wTCyhSU=T*Rma
zC!oj8dXuZC`;AuPSw@JB3+JGE;TYFcClS9Ic<x85^WzAA?l&|0iqeEzav?URRUuX#
zM58;FQxUf>I&E%-UQqq}p^Tl3I}Ks)_U;wr=Tew(pQLp;mb>xTh0<ejT8FA&{;ATR
zVV6DPaHIe@sJom_v=ckTl0abFJ$_!@Oh$j)_lg7>2aTVj>=RS;rJ@UC$Ow8AHGNrK
z*D%pN)Y@YlVkv09!&~6olTm5@QY_CyB1}CucTHs>W;9A@oAs+TuI{c}d}VgJZ5Zd&
zFI6~rz^M!z7TVo!xP*70sdI2d%K8!gxi-^;uEAb-1&y6W?~t{#s8bs8^c`-+^-!-7
zz{z!ZAI*?|n^-&0nVHdFhsu8<8)d&ZLZJs_p;|l9Fyg}4Y=I%hlCK-bvGG$_S;oA_
z=JZw-_u#Um)gYx&oH%eBEd)0>CU&dZYUQpy0R7$mWEc_0I?B9G*pq3qlWF_6Jcit-
zoyB)21f7?eNmCzP)L!j5=qM0$1w*^C9NNjYHDf>1hmUKS&`eGrPZnaFE&5|gTI*=t
zp^Fb%F;VFl6Ov+5K(T8m6B=dcK5w?XNF&zLkLyq8Ic>G<k6e)_0Shba1>XCtYKTim
ziwTwGgxAFkEoXro&hW=Cx#{+YmCoB=5(>*L7~tFh!+(4s2u+_`-WXu1k#vv~Q4x#G
z%%y{g1**S@&dd}=c!5Gb9rkq>RW-(UCV56sC5~fe97cLuE^mDoxrRFf>DHAEKJ@#_
zgjphU&Uui>{Y<^=a!fh{c6wQ;`fXniQ*PVRl+uuZ7Lofci_d|D3#(R^(rb+1;Jr&B
zjMTY{A)XfPWe^ZgJMQh)kq5)i7x}45MdHfRf#iNvv5^X)*otx6JcQ_@3~m<8z4*Da
z(ZmUOB^Fw5)?x;}PUCS>*WPAH+~&yvTN#43u2Xw^aNk$S>~zP6b*W^hDDyGZ7W6Ox
zzXPNHIQLih_pSq23}((MehUUBr7kK@T58ARXS!Kl@kn{KArmop6(bH63)jd3T7yrB
z9^wWXe}-z~WJ55x3alDZ8h_YlWa7#pk@Au`R4ee!4)&zPC@4d6f<VuhK|Ku}*h2T~
zWy_nFc1}2H;Fhq+pX+Tpz1H+OT<7#g!MKd`Bn&VV%*P&ou_2ls3pcihsV^KC;dx3G
z;x)Nk`O#QTBFI^%@;i!p(PwD=mr_Kg7z1ysq#W{azHl{5HbFpFdw7JrX8ThTw9qo$
z623L#9Gt2R)s6L36er))1PG*$v0TS$JTyQ~;U&WtWIeNEc)F!L#3wm14pdsnOt#Xm
zt4iI%A&=a<B;o%PdnD|(Q)XWQ(4vm84u9T@R6*LdY%wT@@>a`Xbkyra_i@U|h&7hS
z4Sn&AjwBWzq@SUHh0*$+=Yh=&xe(zO9c&(m58!!bF1e?DP5&~k{VGa@0Gi1~oS4NG
z^BM}e6biJ3>}*|WF?e!RMa;8|K<9Kx!#dMjtMmaf&YsnwUyPl}hm-4F=6i*#yIE#H
z@gDY^LOjyu=yUsHM0$h2qCP6xNDMZ&l4eG4C<iu~I?Jb+%4%tzTn%UW<rqtmvi*7z
zAJTYBK&q;*Crp*?kvISPxBm;o2nPRP(xS#*xf7}#FVFC!_ioT!xn>-V+fd%di!F+4
z1U!r*E)BF#a)bIm-_U=Jjm8IEzjf?CX_)4((+*}JYLeXnEUNC*GeM$;l`WZOoBfP`
z_|cIU0aSy<;*mDDv>KR>8e_NLYGE{(2lmuy!<L+C<?AnhfdcEYfykwO(LjrB5zMBo
z=(H?Jh1Pa6xfF{DeMRmP(g&Y--rJ+32X(HM261(18!SC%yEmy1Z0KL#sp$I4jWpyh
zQNb`P<Wy#n$XWyZE0rDXA&;&*I}947C4V#j=$8Fw2k0NM4RJ)fTNFH$?TuwmEX}Z0
z4Tq>~Xc99G+nBT7_6H)B!;Ku6rek!Wo2IZyozQ9(mcXH1L*s(e$@X#Ld9zS++*O)0
zk;PP8e$bRz&VGgGo@uadce+-K6aPNbJ#~-3isnQN{=Zk+i2k>ty6E&I2e;n0wA{5;
z)WtS4ZrrCXv?&8@hOv3NKmP!XU2MIsNPxv=8y;g9GlQ+j`tJ1)zu{P5dAw`S^m28i
zL#_#{2Ct;+y-AVNojN?xN6@ruqI;6X4o46pgVIAIGeX28-_dV4KgG$~gU@CfPN}#z
zZz(l%`Pj_L8UrvEYTX*hJ*oU-g*U=HHw}<+(}n6?ppUmOR9Js-_2iE>g)U*O*4rda
z=BlgUtR5Ee@s{qX$3mEEaL%g?ZAf?!9PO|<y1sF{gXm)H5cM%w%HnXFkDPeiEEXuq
z8E6Jb6#GLSseTI2a<_pqG%iiZDmDf#2A32?gAD|o5)FQNx6eWsAaWT`+uIe7toFa*
zl1D%Q$$>=o{l|~6?*XAdb~R>(9w%;7tTM44CKbNE;+o6kmrpv`KOImNe&CvZqCeaE
z#qo9icK3q*Oe3RIvak17R4Nv`MZ}2AIA4v;$KP<>WlE1=aqEe3^E^9sE`uo6V8a{v
zu$_<<o8bD$K_%y1xMQx2^Z2r&m+Q)9iK>3o*EmuH+bTQ9CiAs3+9u{Zv5du2A!XFl
z-u6)tSOf0WcwYQ8mY%3iTOJ3)%^AE(;!)*;Mpj@o6)G;C`eR>jP8xL&;k&Qm<teGE
zaRnuM^s0?lwDk<>L&yOi!Sv{Q8|@e#(9R_>?7T8_peiS<p#*umm}=`+SdgrwzS4W4
zhj61t2@2~0ORmEfkso^zeDq|NjNcf*9YkS@0cTK+Z(Mjsos#oQLj8^B^YYF(8a8Gv
zhq8;c==#fpGIMG0d>A=v_-ZNJSRH$WmqryPth4w1vhKNn{(hAykpfk&`$ti7Gl%yz
zbZS|;FgdeTrX-aN8673IA2m$ED9U@%TV=nLXf|zCLeKE>@R^7ebjLgG3TV%Lx0Nt7
z*<<a@Ir?|bNHoe#S>DuACSROXSkm<F8W0IpFCP@Z^N$6$x<K_E;k|Viw{=fTUezGh
ztjS%^YI4`4g_VfK%m9va?*l|Li=HGI#D48rmLq~}(7qYiMKK%q`QNq_?3Oa?RA_IO
z+2Ns3$WbGd9>5<~C^H-rzT&a4PTD2*#9~dX8nC>WulW%ml&_lq&_Q$~XGXb3C;RS2
z>2y&urHKG$3xieLTt}Ft&pS$b7zxcH26asWi8g3fOoTYL79epOEi0(tXb$w2^e{K5
z$>i5%Zc6odphbvmg=sGx6S%t(6NS4$Zlm)MbM1*WRgnVAWUq&Y%QEd(qSHJuBtL7j
z#$gikA~qtbSt{jkbgFH%CSMT4pjPt`vfJ9S&SfE{Q3Q)n+UQ@-@>x6aF@>sl@Ccqi
zg7?;U>q&0jsl|O*>ai-^XMB`jBwFvog_JrG^lq5W4TTy;y$yKV2MHoh6ITg=tB_p-
zt2*$R&z5>vZtO0XQ`}WBT>I(lYmb^In`#L$uYZ#gPkdE?9dD^w<itGo%UaFtSPuBr
z<aovLuwKEQ&teU1-t0+8V#Vyr(T%j_Q&1TstW<8zs9o+%hR#mnGC)|fWF3$0OBd=#
zEdWgouc6>8^x{<YnvO(jwWu4FhKS3E{TSLQl0nY3@%asxCL*0;O33j{v_Y19?rEms
ztjjjGBW<|qIBJR6p(sv9?)<tEn(Pb)gQ@MJYZXAMXpy)@z#8PAGh_2iUB_&9&wH!o
z1ywo$OU4&Z6YY8;3VccwU&5OeRBmOtn3}!c=-y507;;!@E?tZ^WX5v&c3T!nWWd2u
zO>ZWV_9zrlzG?%jitH0#&4leJ>9Iaz+Wv;~y&=FS*cKW?6I@Q~kZhQEV<u~3Ckw3S
z1DT7f;sp>E_?g+|3nfsm9T+j#e@b~ye|l8|0Jh3Zg_o8ru~f6WK9+85ErwlppIcQf
zA-stcovDe<khHkpcyf)!kwsC=s38RyL^P_!mYlaS=d)v<0Ge-^yQ_qJq(W^kXL!uQ
z{dyi^*qO>YKJg4qst187^>uU$P=o~e*Iz!>u2Ny<H*q5@<1;T=9aA&X07J*^XXMWl
zGKnI#&&L$7lzc$Pk$7n8oCszXs*dyF$<{|MSI_ZW2aARTbt$zohtT_v#SFnMLO^OB
zJF{(8(pS9M1Wr7fDz&Y+SK^KIN?-LeBQ!KCv{^9NQl6SA>mh*K1auMy4qU7420as#
zJ}v;dd8d=3eu{|lLe{1#%Gykoz{ejs##%c`wSzcE0J+d8YyFaG?h?~)00*=C{O1!G
zD$w3aNa>qG`h|7>d$}gZ2e;pFJQwQs4w3t^JIEZ0ehk_>*c=lgR^v_<lb=^9*L6zJ
zs#UA&WLFNQznx5#EIW-PR|q6)-XGG{kthx1^H#H3_J0Xn>xR?~>KZp%Q`B!zK;wyI
zXWWa-Y3)?=5PrkO;x9>K-QvezSYm%QXJKUqwXDKN|1@EUXrW3U^&Xwcl6nhQl9*Nq
z5+zD*<lXuW=hM1V+txVBZ)(W?nnZP6-D^09oRn)17@Hk4rO-z7uC|ZZE1pgXlqWgJ
z(jW8r6({&xF<%^pf8;sNps1N2t;GRCDL@+Ra(Os=Is3Y`VdJ34x;2AXD56i=;xNl6
zF+KcsJye@EO#Ua2L14XAh^NDln`_Le*z7#S1e6MjA5@-%BVw>c6?-8<O0U1z9ZG-X
ztSE?d>$jv1RPCIHRH+kV;=RcI-arnM4=Q|DT&mkZ2<yPITjpnO<A3X<q3;8f5Q`mD
zQBkd7yh13`!_27wo)|q6_CS`BTH1&wp$_69pp~x)S0ee?1F}G6I5@6oE-z7fq9ba~
z-tMkw`d)`(t<>Vyg8V1wfWt~}x8Ao}d>Dt&hCvZfD~YQ|(YB9~N60WyHGTfeK)N{d
zF*yzAPp|mY>HSQ5xQVk9e|ysHWS{cdUL58R`raF}Ugu~|b=h&5_px!9Maq2G(#j&7
z%jY)n2j|FiQ@v^v{IZacnQsos4Z|D|dp%y)W+iRf^@`$x(;P-mwoaxS^B&UHAB8cU
zII2;AID#bra`|L#befy0=+#VTyZ-v2_-i1id2_EU=iC@PU4v}Tf#08HA<ioUhD-cA
z3=?`!mgzh?tOLxJp5AhrvsI)G(%G@l)8$fW#ANLRhCt0nhox-!`euF^h_%joS$(3K
zxfKSop7_Arq+*JQ%;nLyhcLo-96Gl#iTV&ZQ$mH~)yR3HjVh+sX-VPv-G$=<YXzS!
zBD)j3mm4EB(;gO#0U(h~&Il@!N^R(iU%X*m!8p~fSL^;XUs(EGST(8+8itd&PKO;A
z<v$IMeveMuUoH-!pFZMDbQbECaFf~u%r<zH_&!ueTdP)^sCMs1%Q5CQ`K#n8uvVgo
zDNibUDVHBN$Ce5G7j5A9VGx60M<K$q5~R4qAuy7#FyVlXop~+2Twr37qhXim?4nv&
zo>dY(9Rjs+ZrlqUsT8J99;z|})Z2+xEk8FxLnR#-hoJbj&vIuw?|0%l<X>Eb!fHmM
z^|U3QsnI~M8|hyHUr>5^DBoDKd};Ym8!}V@^z@G@pRb`>&<$O3-Lo5xpH$y8GM9DP
zi1cL;;|60+M|u1Om30uXRSnsYyjN#feLK~IxD(t*Yz?*{$kk!Qj+aB+p=6sJ)ce)|
zzsuih4EXxl3XN&z;y({Yki*`Dbv*-?*j{A>dPvl}-JcON^#2;_x2g*vH(V#c*!Utd
zpzZNhu|;_Zqb~b^uLx~QeNU<Qn=8FQ3)^f%BFQgiek+1EKSoU0nLEsD@hFJjH*5lA
zfnw3vRWH=j?D=w?St44j&lA_Db)PX30tVJS1Wmz5{G_c5XU1C_53~mrT$>@`<r=lB
zWSZMatkCRKYB{Pnt)d2L`VRg8P4k96oG+%=(DB32EjyY@z`#~hRW0EgAklG!9ak0r
zWxiUp9{8emEA8at+G@|U;Kf&b80zkC=ASYK|AOrQdlK{M{}$%`&+^ff=gd=Yx52G*
z$^FFY42zbhO-VtitU9LDQ&>tb<MIOW*r3O+O~=|g895wRgj#^b2?k6AXa7`7qX0%r
z<MQuGIRf@i^jx2tIp1iRw>)Xv%wOsMhMSt*JE1B9YK%Z&#ayintLNWvLom<!DPy-J
z&IPUI!RF@K;F<Q<Z#Y5SLM+jL!tm7DBi3o)pDSBozajNA;ylkdpU4i0S2>k3nJ)i~
z+FqXCYTEQ_>t0t5n^VOumG{R`pz<+9;iI`R7<kD@D0`4DxE#s|;m1PWPB8>InqYf&
z%<_hOJ-ZH=o4;rK4Y&I7P%x3p>eJ^@Lkhy~Lzp|4XE$czLDbJPnAm9T+%<};7{5XO
zg`1G9fn#zIxM)RA&Y*-B2hbD3i}0?!SpRtQ?!){AwKn_kd*`5(c@iNDF;#-1AQ`n_
zGjgBe=oiy`->i|l&G%a3(}>&(kU=`!swy^;G|3_EvL{Q<HjG8kk^y{tlq2n)0UL;_
zqAbL5$vn(9f~2xPpzGT$=Bo>>H+II{oI^^QlY<M2A(llzh=C^Q@uySHn8nKK&M`Xl
z4AdXZq2FE^R9=@eQtYJKF|gxo1jqV2d+iU&rNOeW^?4fa?<`Es><|~uy7GiQ>lU|v
z$^`<)yNaDHv1=(6q*7xFk;~gCXYAMXDU(fkfi0Q0HMPXk@%Thz#0i71H?ec$j^4rf
z6~QiM-<S;y*CIQ8?w0|jcbamBD&R$}g|y>jEoUa3A<FI8MkVy%?g_Uzf?_GzRg=XJ
zb>_`XHWnse#<gft$PEjx`wp0jit5K=VDOabtTG6wOLhb*Dg4GCK<K<<qSCJC=|{*U
ze135Wi#GN4^)-3GtePqYFQIb8K`AZ8!Xfk#pDNhu@QsHml%q&q_d}+E=Bqx=&h#)(
zZXKkwSsqfwF7HgCHKfL!SSYh2Uy~(k|1J;68Y{bil<qy7t(2pctVz^>hOY^!|6Cog
z?WRw<ta#`%T()q0y*Mo~T03klM^CS~MJ6drO%DtRR!1TCnZ_19Enl{0BjFf`ZSf&;
zCU}@r^fT3$=s1w@#geh#t6Win>A%D|oE_e?SP4v>rTW==@4mO^#w__f!Z~G7C5wPp
zXix5=`$`|}o0hv4?wp+s{nR$16;=H=l6mSG0s)s@7dy(TC?v`%ye>sNrg2|<ygcz@
z*(nie6)id*BvyjatD^XF$sm_9u*(S(bW-MJ)A=%U&QE)we}LNm#ob#*wbgd(!YQ<+
z(4qy3y9Ej@E$-4H!Gn8o4er{a#VtT_4IyZ8hZc7Y?(SZ!NWVP$-DmIT-QO8o&N#o$
zzpP|L?mH`4bI!}w6x7~KlLzPaiR@d|armGxJwG8eMv&?eBLnRFOJuwl8BU807y<$l
zz?db(7<`^q80C=mqm-cRiv@~Wothn^@WH<Bv&6Xs&Dx=|<SK9Y)HTuM$@we&Sd)G0
zHRC{(qE=Au5Tm83B-)-UO6iM1s>{i)e&Xts$)~#Y*TQb0_O-O^-5=OGd&?Msib$AZ
z^`4#<Iub^$a!M3~QY{Ck2Qu(Qn?;XAu-fT+bVKU+90=2_lkt1_<?GiLSl=KDt_Yw9
z4EHh0Odf(gLNQ_PFUHwBLSD^#lPs?JJR3O-$7>xVqfGRYRe2YlR5eCh+KBx-uxu?)
z!8ErOBg-c*G6C#r<}$x4Y*4OmaD^ybe63=4Ea9iO-(mgP)$(K0KxCpT#$K3JXQ(g!
z#gB5scGvqvv#59HRCmAjD^0s)K;+hkz`_k|U%nlOcU4QmY5_`0pRK;GJgDv0JDA^h
z3mu2L-|AO(|LRIMsUebqwlg<T*3MGGKpZ(hF_&^<P<ubOVxq`ZA_nfNHp--KX)JD@
zx|2aHhG&t7fDF2mE*7$G#bG<Mt0_@KZx_CVpM%(1xgwc*gHM=SaF8I!n>XnuyzdFG
zGmBij7z}$~)~$<}E0}bH7G^^*cS#!hWJhsw0Q-njhVezSD4Pbk#_kL^-E$Chk6{re
zW5!VIxLLU#4#_G1ETNjcBj8fF@ammCe<kZ#q|=QFm|D-Zv#CptV=n_|0}6yR&ORor
zpF;*tOBT|&o^jC6oTe|6{D60*Z+5VmuiY_|N<3#TcnPWBaY%fECK)zg!-@<ngU*Bx
z|6D8Xvu$Y7W;clVI8(=t&u-geG)E^NOt9+h*zf~332Kp#UlV`qt6<j%<MPTZ1n%dY
zqP5YlJLG9o^~~2B5)n&;C#@$pl*wYi^Jo>5V+C-+w5UWer`hcLtDdHqb{<XXX})ff
z8HB_v(ah6!MkBs{?QbWB(JH}MH8ug{R*LKf`KbwgclmE^HLh4kIL6{+%qOTGHyvEk
zJfiAGcH}+Pa<p=M9DNGHt6>yK1U$-xKS_*xLmrmk<jUwaF}YXmTkO1G`NqT{tD+``
zW7P*=TVta>VgV`34E7!e?|4cgb~L0?aRFQry?hp-n^<2Dj~K3&0x3C3eR;JZ!u?7C
z8f%o#oy);$vdjpENwWu$nI1wrA^MtCZP&RAOTU-y7}@P+j&xOw&vY0{Cj~Od9(myx
z+$*;fDl68&rv&P)iB@(e1E2<535HK~Nbc16f$b#;3QY*X#l4HkWA73EK|jeWxo>gS
zsO;la*7vryV88tN0ZALc#h468v%K6b59WxpgQQBMc=Vpy$ZlgfUf`FcmpP8z==(3A
zISdKKMi_=Y)1cKZ`~AK{?4`S<4IT!B)H_On`hqW`>|!otJ6_gamahATv7XKt;3Qsr
zbqVC8Z2m8O=J<zHYWXbYHTux=y651Q1byP`kF80m#hZw^ddU=4{f6ra!U0E9#Plek
znCBB%KF#j>5?FouhI^@SKL6P{vyQ1S=j$@U8liEVEDaU2P6%1n7c+hCU)G=oZc5a6
z*<s(GYT0d_NYg`g_{O28bz-?K>i1zi7+NCrm%Qy?FZDpsV}tr9PHM07=zG-1QieF)
zEYxj^KRf9IygolOeNca?8|7IZ3Vw+Ze*G(;GJ!*A-Y*ko2jPghuJ{8G`1P%Pl6rPY
zKx>(Kr$K1l<Bm#yN=TG#T&=>X_HJbEUnCqhd##!~Y-eOw7;hg?y^b<9k`fi?p(*m-
z#M1)L_S-Nv&o<S0=L-{H-GbHtdu#w?bf)66HyFN=gM1~l%t;QCAf(<eQp+<aEvI!{
z5B97hxK4|et1()5mKfQY@^qTVC*`2Ck1GAZW1e0PdS7Nu3JyGAEEq+H)sX@n8La@=
z5q;O2nxuNNgHGuXjhE2Pp@mOB^v7Rs){r)_moXLTX;MHKn(#Lvi)BFs0#kLU$zuZ3
z%NU1soR*cT*Ut$%ma3PDBNCgad-DyxKsRJYoXuq8C_}v^=3L{!`NexaxrE|#83F%Q
z-w<=!xR}vB_+99jv~zQdXV7)vb8@s~bB%rMub$Xx^KUc0-7~)OISn$Kd}~tipl%pi
zEmp6`;%7%H)aNm7SbkA@UD|&f)!x(|K~A6a%j0BYNZzH+$x7k-sp{ZU3Nb0<k)2#0
z4!yw%UOH0-)WQeS>PYHg^6g_IccO-FSAqHi;cOjw3_ncT?}LX@^Pp1)yT}ZyA*Zoa
z5Ma)_?{BIMB*wG5EZ-vMd5Scm%n`J{Xd`LLIHym$q70emV;Oo4Vb3VH1})TxVWl9o
z=@|C|`00qRDBi=HljU?Lf&YKrmq#*P<LT7=w>FomuJuUrg~9Rrr&m1e^^5G->#}av
zko`Id-=+T0OK!;Aj=jFVry_>5%kP9hJQ`gOh*bn6IO(H}3tTO-6r?_BS0-2N+D9HX
zTH3|_37dc*KPV{wag0cJtK&3D|ACfzTkw@&)AcgGQ%Mon#GE)Oy>Zq;(2Em~#0jiF
zlf~C=FbyWi9GNIm)s0EGh++SJvMRrI$!k099U>cVpjX!fM6g8;?k~*R^1#W!X(}&T
zr<&BngoV{Gr2h%K_|Kt?|4wN8OCt1OQIj}}*ezk~or;fhd-Gpi;`12aFUu!JpEVWv
z2;@xvl+5+Tm!8m%`Nfl+m8P%_DLm2`*S$~*&=xw*WiFz+q0VsbNxu}|I{MgW=LWg;
z*}RRG@D@o6IplTzHD=gyF;TEF_}}a>7**x3%fGcV?Fpy-GRsw(^l^9ef~5}8d7<Ep
z$-jUa&&%cGyS6)}*$1x%&Ftcl+CKpQe?vDu|04Q_ibwr#twOQy-@6F3<$wI;5XG5O
zF0m>u_zL+gSN#FJ2uo|bP0(3ADS?MUocN+*Kw@(#Zr%|bh4=AkUaV<Kn`1pOxBEn{
zUbagc(^cVNQ!uuZ>9-f#6bR1MZa2MT@cio>MZOwJH1N~>gd0}DXSJf-HbZ3xz?U5C
zhd~2jw92bCMJhSJG+HAJ#a!nS%6{17L95@qXXgu99MU&^#l)=O`n7jyP38eK!d`Wq
z&h1Sd-jtpYqTvdgiDBHN;$AfR^n3Pp&9z8jJF;1{VwPs(rCkDLm}8?{W!FJc-#dLb
zQxh5yR8}prb=x!+R6U<(x}QU~SWK6(G4N%X&NGd*(cs;4tT!)@9S^4Q@g3=VzomRR
zOe2vCvJu{7c0%SO*kh%ZTHyX_XJaZ$a#CkOt7<#v1?{bhaac=9aua0La(ZUKBN?mO
zCF}#&u9O!+wE-}K?*L(Isp)PCrqcw8PMV@$cJ9wwYJ&KU(kDJ<JYrQXw&cmc#1w=+
zQ<-zo1QqD|Bs%Eo6(j3!uutul*LVq>7Goefi_heMlZqs1NL&kXRS-CZp;+UW!1GMf
zc6r?=eiL;42b-)TwqD2|o=9ktzUQ0QP#6uvv63qbriAJu2pkJ2nr}7B>|PJK>cJsh
zPkDT2ej8i#V&K#Lc-?C2w;fI9tN~o86Lg!c?K?}cn3qdg{9P`e;>1CBoPScs04{KA
zxq1MiJU(X2hY(kY?vER`Jo5fD)`^-1OdDVQ$fVdv7797_t>Nb}m;K(lAMKt;_&rG?
zFZPj@uCm~wI*J@6p!Q;fNnT)6cs^qU*l*TX|DK6^w}(;s=~>5WP$`03n_RV$jfEmw
zWsJEjKS9*iH_!k>rLZW|-a3I&!MqlQ6tz#y%6~g#R#yxyE4C5eWf#_1E_VQuVGvr+
z0000k^z58Mgd+E+RmKE%iRzOJA{n7EaQy<ud(N;|LhSPL>358xHndjk&AU>il(LvW
zW_z&M==D_P(tX&Lmkzc+yOGL@er^TylLqEcd;LeyVr6{|%Tv<$L|`z%qq!g<DhLgF
zE~ye|x>P%a*-h=+)L_{N|Gvk#v5BJ9<Xf-6K};2vy+n`Q6+f(V!n{F^41Up)U-wG(
z{Tx~gL}b76Trblq-8E<Btafb{rOUSTZO`n_9V@8KeMa7$qWQT#;7nx9q5NqY{F)Z$
zM}BYXyZuHtNaCP!D7)`yZenQ=8`4UQ+L#V=-<;F0v7!yD<guqycK^tOh4Xb2ed$+p
zA|yE7NK?=@ZK&x@CFl#T!2~cOQ1RVxplXYeu4?u^@>+B6y)E}Vd5WMXB+<=0dBABc
z<&dP;ARF?RnNmJB_bL5qX|x-zU|#eIUtvqKqGqFxut9`^!6stcfaOG#uU#mmKCI)w
z>G!3&4RkR1Aju<%(eo#)H*1bKe%<bM?`VAsmlcL$Yf-b*nP+Q~b422N*o%d;7c=uI
zetLs$@5f%^;L#QicQ}G1bBq+72?+y0HA-*9b@CSm@M>q*O?fHGMu;c5#W~@^{Q1%z
zu`<sbP(DqVDmy+XFRs1aq_reYOwE$i3Hw)XmZa3C<_<+-rmp_YDM&RvVCk#YYxz`A
zdfB`jbDB=sWLwBt&W{J&s-Nk0n?~kGgUkGjRE@y;SZ_j>aK~q|)?B_vPHDe051S^J
zz%k|GH(fXc3-1^5@CR+R6TV$c5UO3qt^}mW`f+u~PwdRWn2mo)fL<+O(if=-s1Lg-
zMd@;!R@^2@+J?ELK8nJ;fz;8S$O3XIB@z*ju`#}KUq=>`IQ@2XF?Fjk5M!7R>K@Dn
zEGV(*KT!Gz2~4DiB=23tey^FEQ+BJJipj0<&F~`m*waTRe?(;5%<9ZnIT##0w_IB~
zP{1%a)bHpWRM^>=Y}^{_7C;I1!Bos`Eq{=@zF20mp|QTVOPFJ?ZGsGG9yoEYsjj^=
z%5NSR$tbB`x59LQ@?ipYo)I;P^_>>O=F~%GW9JzcR`$#!jCJiqx`P;wAq)rsf=5W4
ze9f-E?7S>f50jaz7w{ouLu%Tk0`wmD4lrqp+;Tak4|jyyG*{Ut-@X<s@|&5Tc^WE3
z9|?v(06WyyDddMe!r!1tSAEbKo4Mr~?xp=++uBfn&TBtCrntzpUsmH*=;4_}>rf@z
zn{DRi$x~>}633r1#39HEARu1RK*ka#An#+ZZNjv-UZhFb?+qSEOw~Z-Cmb!R5)g`C
zhUQ(7`0Hz2MUBY3k|bZV<{l#7Ogqii;TQuln@Pl0G`&OFQ+40wCTMJ0d)Yf^ScMGM
z#w(~6DC9Gnjb8Ny*{=yheIJwS1V>xW*RyIit}}CCcCSOVKo9v`b1uq)&j9E-!UO`7
z1*$;nRR`DNIgY`>3?>_bd1o);fnmf{yE@_t?Q@Vgh5}#$W`5K2%_)=FSm<s4eQbpA
zWMb=Y+n(0*XaO>tZ}HFAa}-JvawZ(PZ;tyOB)V?wH-+t_w$rVo)UEj$tJg_*ebc8J
zbuNdu8_yC3DD3H+z!8}XYPs1};b4C=+ZH2oUXNYKG<z)b>MT)DozCX$k#ja$wD)tX
zZ7mG=M{JPzg7gnpZf^B*))?j&n$LSii0U2LNe+kSYCR)!bsb4nWyGnKL10Xe*o1<k
zmZQ|EFQFzZgWqkaG$9Ry{LY_|$>g3bs)IoC_-7M}mn|;bJ3h4!J=07pJ7-xm8j03m
zJC662P%_!Qj8xB>c%dws8_lrI7wYmDz@JhMvRwrWdb(bQ+!p7wY~gB!-%T3c*(T+E
z?{^p2AAU@Wd99W=iaVg+H)=M|#PQ<txf1WRBoZj_OIhT*%fmgk^4kF^@-BZC_lg%o
zyz@c2XmoA1ksU@FXJ^U=-ZhM}G*2k;Fels=8?QB^&(M2GZ}j_JPwM+Xi2``e2s2M@
zu95^R{kq~Y3v(Br+|8a|B(NW<1_$eMHdVHyHBE;EmrZz98ycrv>ZWUtUD<N<xN<PC
zDY(VsO6E|qHEB;n-#mMrsdO_G7)HWArox`g2ET{fz6S?G*%vo!wLz-Ik7#8lTHx+y
zQ>RX=&G|eAHHtW~+%H-)^0N#*P_&8ATbuD4_xm`t4Mu75UUf<zVRa^GylO;*Y}f4U
zzRP42HZ`+Q0ir*lIHX5hqLioH!lU|^O{fVl5!q<K&chetyR}LD!X=}576(>+G@8LJ
z!kn|aKHfB7cA3vgKg3=a+Y&Ajs+L;lDPYtru<oY|-5`aMPfqz@zBB2z)-`ggT`h$2
zkS`?UA&?m;lg2^}L>cd;^L^&TS!)4P8;e?^0Eur#3p70~!HUr*Df$pTW9unBaKX<w
zo)a9N2&$`{sFY=^OKJ&DW#~;<=jC}(VA|th2iejfp6kxHPQ(eaeuf%jbDLX)sPGYO
zQku0x_$4E{Dg#XDfT_v(uwmsHLtBQ&nbskbRyzsP-F5rP*s$ukj2b1mIc!M|xRq#}
zB>a}^4*+6+<9Z*z)|}qi?vuc4hzllngs}9PPef=A6<gP^Z7f4GQ}VdO1K=9zwWbM;
zEeVZoV+#f2t?7^{eO=t@f((eRMld#((hr-hR#84sdOB0d*j^J(H+OlhB0fAOW0Csc
z0BnN<mUFLg#tDXdbYSR@d7J(L;DSln_aCl$ZuiH-u3auPcMT6J31VoNu7;%}H@h?0
zFX{iazx`dF_#5jkq&41gWb-!^_UK-GI>uub>)xo>BXhGjq8`#Z*xZ9RWEaP<mMmA=
z{&-8>()fkpg5A!x@V=Tqg0}LgkL(u~sCY&_%3SaH!1iYHU|MLiN|aFyR6f|bS*Pq8
z={?BHfv;m!U{*<7J2ip$pw(uYAN)4>aWI+;g@N3-VXKaF$=Yg?Zn--}@$2_+CZZ76
zZ(^QlX03RU^$B6IbC;5mp?;~M@nUo0g6iOF{f@wnG&7`P-}Z)kbNE)%(B2_uZK_^_
zwOP_5R6q`kRrPzyknzs~j1>rQm`bDaf8p?kf=^2Rv-pG0lU68V6iOWaZ#WC}_Ax;j
z-nC8g!s}$uOvR+TVQReOl!|!$^D84mRcy^b_QJE+G~-DUjs;b~k*5qcrPRjfgd+;H
zE1y1xTeCj^`Us;K0q>6&bRF*M<7jDMlrKWRDk^QU;F8TiM~s!m4#2Ycw%(#=m{PBj
zPl&boWX&v;zE$tdZ6&#F=Wz7h^wfE;qb+|en4qSRM~Pk5mbOJkj627{J`}X7gmYLg
zS*KC<rpwE;fj~Q)t`fcpa#PJoLW7c;afnpcE^XRMC}$|9juQO={0|iW|1ZTI{AB^f
z_Rq~=%ai{=b;HO;4SoLl+KWirP7(lr09u(hMZUUw=&w6<`{V4CTlCn$5LH1J?YDA1
zoqXD^@m!A2WuM@_wp2awA$)w#nsR_ab9-pkc0=P!mifa8w{=SQ4<H_6tnhipfAUz|
zNy%{(K4BVr9zBTHGyItH3L~Uc=oOJ^7Fd}91E+<{I=|)f2DNWV9qP-&%|oRrv^NDm
zj0p6&t|e*Ru|>Mm^;#AHo?D?(*pX65Ys{0v_&Ehqpu%`+>Vjs?Zeb1$4jhziGE=Mg
zi<!oNFF7s(R=W8k6PimPEnJnOr9^WGnyBdvoHhv)X}lSzH}UV|)NK`}4kvxiv9KzP
zkJGsDk@1No5R3LT>;tyzPPQMKkPUR*!rWU6=}H49LReNa^sl|1hH@)34tFR#FpBK;
z{{gHF_#YJ~n(96Mc_hT`v>vK|?meu@!QQx(=hVc`>ie^JT|sQxl4iHQ@Q#(cY`W;j
zM`>JgYT-@KeviHeUsE9HMrV8u1og)QSj%1jgw1PVj8AHqO`YSN+@vSjGKI@rJ`?XH
zkYXIjEL4hah_36$yroz0Sw%TF<)Qw79risx2Ep0CE$Q3*&LDBpw<>O;&jD@wO$&$=
znMr^!W_D{n`S<<-v^SR4C%<eE#Yx4_!T8HSDJO7~LPYQ=(}${{#)n-`RKe7D99p`r
zRj@Qc$BWNyCk>M1eJ)fjE8xm%wDnxr|COcx{ROwm^!B`>m1(qJ{bu7zHHu)EOo!q#
zEwD;8w*m7jI2NVbHZb`=<@vo{^W9pntXtHQgXEWfxCT7UpKJ=eyvkj1yQxgbkEn3l
z*+Ptdp>1D#bY~?In{~&XxlG#-EAu5pYC6T&=iQC$XfB!e_^ZN`BkRxp(CRzx!ezd=
zj`VjXZt}_8-)CV@3HBY$6|Iu_KR{vPtTcy=tbl8GrJri;J<RkN>>7$H`E}+xKsBlB
z)1T6+EoHBb<rMR+)0!Sz;{<sbKBH@GY2o9%n(PwMF!=*;g{0G+tB_0|YiA9kV9<Tm
zVw?5kr_gx(E<II4&HIv`m<Q`#p-i7Vh9&a;iEep#=p{a+rS}WuKoeyOHV2eI>ZN8J
zQI^!JW$Fk(4>gK3^2CI>L3!R@4kpLN;XWlj4|{*VjdoOyb<Si4;o)F3z04lhvDO`2
zT&Ja?fX~lW-N+sEs@&zRmVR|y4~SU8?~0WDSXCpYKO?A^y5qelfagE2*2?!W*da8^
zQL2YAEa~he_6_G0@%$+4;I&91^Ms5G7lBls&Aw)+&Z+1e2BTb}Csv77aX)eDmCd3v
ztdD#0g_`cz<|&J7d!*gHcawB-h<-|yY3!VfL<3*DK6Y(3dK7|zvR6|vlV(S{gvvUu
zhr_CBX>G*yM~Fm({mVUxkW`d#dPiyPX`Ap3b^oO2%cPU*e%0CPcpoxPuBj;QBJUXO
zel1qLoRAEx{@rrlE3PZ<hD^WKIj1It*x74D!h#bA^;!xpho+fXNXI$yj9k@cJ40eT
zb|U~QF<0#Q=r5vX6Dn|ha5oo;2E}s*YplH51@@?qa%LTr)2Y#4hHsf>G$v6ti{8KS
ztnc3h3-LD?Qub{ce>bS_bwxb)$&ZKY>e|Sq+7uiP@fKAh4`c+sz+7}!EHLNdH#&{p
z@<+d|-=ORQO2p^mK@)12Z6ai7&<Jv4#dZygJvIBW?yB>)d1f`OKC*NlYnrv33Ry6o
z5mU$WWReQ@Pdh=H*ol@lf9xu?&3S}&4A}YGM&7w)YFvV^rQb5t>wslt!7@l|ELjXO
zahgd2^C#an2bX47mo&QhMK-bPc`fuly_OG`XeW?)BCF&5gT>M<12@2B%;~GfYw4F^
zA?qjFp(N$b^4u#yq5Kir(+E~=WV|cmhYZCU>d$(!b<3|PFCOQ58)fG`a56w+F89hW
zcMa+Enj4-Ec=1J2Aa$b$C#n>hW@Ux4ipy@_w?%Bs>B0NPbG~Zo6q`=#*l;(WOOlFL
z7GtehP#QFC@{kZCy-^_7DXDycB*?W6s)quQ53Cqj3{mq%dKF~&^2Uww+9{phW?RSx
z;sd(FYwK^>!*(yK2*7hsP79{p0Eq|So3GD6VKln)D=}DjVKR!iwzJ&0JZH~M^K18r
zgKM8QGCtv`=ZOL=l>(5{+7AGSXt8+8j&ESt;Nj7m%pF6~R5)n7^fz2n1O7}FP<TYI
zjO}ZY=xJB}TJe3CR|7-53h2sB?)8#=Sl7m|bY9<E=-Z{LCP?l41kZV&rOzoAz1-V3
zCA9^S`DY7QWNi9P35C~UNdLylc{ny-aFS%Q<?572H@EG3^2XtCtx;Ajfl%dY><(1K
zQ5LpTYvt3NPPri0-Y~Q9?;ki@h8uTe#^?=06_jp2y4L$UTR+)!qy~c*kdGO%uy+~0
zJd7&cv29Q!Zhp8+JDXGeF~p)cmTJY<pvwkNoEY0nnc3u!&KaP{L>Q|MNTn%wPZJsu
zzZjqHh-hk67BUHR>n)po-WO`wP}|8jhU_=))%MJ;OUR8-A>>j9RqFsAm+HEqZ}LYL
z2zRT_m@7{>q^938+V(tERfg4&>5OK&6>hR$_TfA(3|z#b39riwSa=PBy_r$3zU-lN
zTq)=SMMO1^|Bw}U43&-LiOy2jo&ejFl%b!bsFXS4(ER+k0DLb}a<okVM~_fEoP)7C
zJYhjY`}%kv=4%ga(D5nN&FnHCmt~BXwT#zhaB2`t06OV&SiC4ngDmsRPu8_$34!Xk
zkoCz@@dWVpZ|?AXX|=3@g5zr+BKcwqJf<Gp_U|16xoF%5MXW#pK&<SkpzE|j%STmn
z`561Jce~NB0{U9Go=)@^AUasKd{9J(m7CwGsKdVI@KD>Zt@)BfV_kyd<MtPx5k3pe
zroGr;ZmWRF23Q~hSE$Seai`z;*8f!FRE-16<eg(P8S9Y>a;X2HMsJ(eN=DaCFh|ZB
zxFcuz%--;f_0|w3l(f;)dlx5($q^szTh6;Qf*n=5O%kTI*7Z-EIrkye8$VRV<ge`V
z4;BsU-&kAwD1pS^X;`Hie?fFa|A|-FKg_d~XYKT3RxWufDUv)Qu;ZcFcyJ2WE=q!V
zNIntYTFi$Wn!>C{s@z+{jAl+84Zagh*6*0vC^OS7UInc6nhhl60OJ@xd5y!8`kTS?
zxK;({<)YAvfk%?*+I8{2f3LXvWNicwkd)cE&qUizDJ<saruFGJ&$kY$!7OY9pMLCK
zm@E+5O5&6!LsngolFG;b3dLxzC3h{D7qD8~F1(|mN}TS#o=;zJm#ta!@XzeFDIS_(
zD0;c8)E*1Z=gGT<R-@nLsNKQtL<26-Gfk%=YBl{6nS}7}WYF~ced>~HUi6^+dsPrS
zpYv&HTm|-&wn%+fN1z;hm#X#^dZq5<3jGQN;>i?}O>-RhlQrG_qcDh$EXD_fj4}<S
zRBm&5)>)w5<$PV^66MnQtYK`<8}6-y7|N_y!`#!uALl1^sJ{L@Kk)uaybae{@U6>f
zG#L(L&mAmO@;F<xy`~fh;0A@D;?4s#Kxac)3=L~nr^yQoGA+i=+Eu0;T$#G=a)Nt`
zeXL?TSm<9??}E90zg$$AMo#WFut9|$5}f+w45`a763$}c^7^>*Sl`?>>}DKHrfF6-
zR_C!av2}xP3V<L@<?{ek$N0}-z5jW3@BfR5D}SBu+w=ZyXMX^vq82xMn+5^pBJ=ks
zedHfN*sbV@CM)`=+TT?}gs1~Qsyxs=%3#v*-EgxzjR}8vuxG26ZlDK<Kz%?<fRkCw
z3#S>Dk-wwE0Ao+x3oJyUVhP({2&R(~&j*?3cR|NfJd;tRbG)3~_-rpcae7b}RjtBL
zj?%R{O?@}?&WP7n=^U@-(G4UcH1eB2<Ej&A#5I8>E_c_gympSyq`2Rloco5Vvk?!|
z>TVPs+MU|FVZ{_SjyIIX4AdxPU8+wZQp{>iZ#6}x>xMP1R0N3OVg|N*cuIw@?Zofo
zxJ@ezXg7$z)_uidOi>8_Tox{V0wxp&$s+OhXu|i;)XfC+mVP-l=X3~oM0;AjNm(x2
zOr`NOUpsRJK))xf0Cv=Gl!{ONR8=aMIM-Teu;nblzwQEc(mgx1ONNENBkDOL(!@`n
zDK`4IH)Mj18A&>DDXHuiY@E~?fdVm(%dk%=J&BMk?4R}iX@b#DI5TyKJRk%XIYAv(
zoI0`jrDhB-YZe8txrutr&x-Z0=o__i9LA4=b#m%}JHrjNPDxER&XSm)7^2OiVJ$F|
zX56*uf!Ewp<tDY;g!UKM9%21-YrPW+1Siy{qKP-scWpE!W?8`f=3DOCU5nL5vj(1f
zYAP@O7OqgbeqW%fcqjB&Dm&w+l`NSDp15FTEJ7KJ@hu))XRQ0m4iGmf@O$sqrsfkc
zw@JcBRw?f6wO^)`Yz#eju(znD5bx-Y>&w%-!w#yDg$U>u8=uNh;%tIBF<G69W6D)Q
z!PYpWdf9%LJb1|7Z=3&B5GUmmYZ3Eg#5Le|7Fh8!t~On3B34B@;Y44i!bE&hU*{hH
z$8M(;_&Eq{tI;WGHR_G<lDLWCg}37&Kl**dN^za~W~C&wraW)O3WmA>aPm`gjI~`W
zi7K2q#yEN#^{MsSQKWp8x${)ZrIlq5p3fm)E?^b<`*zYsYfr}TDI>fzIPu%f8zY3;
zQ$}dL+|&;3iwN>F?OJfsTQ7?-&#psGxfhZ`+d4oLX#tTIMfwNhe6prqIvd+pOd6pa
zkPt{IUwr%^o+}p3HE_~><jWlSW3&WtlKH&htIEYgn2y##CcWY9?8TfkK}8S)EoXT)
zgC*em(2i(sp%2|X2F+T55eFJ0tXlh^G>(bBVzT_5=T0&~ytE-D*XcEzHK&S(bXu{7
zdciik_U(^ul1ogsJ@!8UtatVm)b>nMUuI|i00@>JRMa@0y8LAHFD2z2Nw6WSzcF7n
zGB`>yb?D2bHO#Dfd!E1uSR>C6VR3<Rf|Bd!r^*XM!5K2(FO;?>!XN+Fizp8FTqmLQ
zY2oKxBmFVVF|7CYbt|<NX0tPPstTeWzLcfWHtYgxgx~sQ<~D+`^N*=bp_z#eZKv%9
z+-dNa&GWC7wd!V97Rz5UE_pse18vZosv*jY4>%Lc)@H|KM+scAx&8jvd$_rYcA`3e
zs0K#hji%H9`@Y|5ScK42$(3B%C`=CMSVxD*oe%(G3N%g}Hk4&>k3PYvsa#F@Am8(<
z#<b$OI4_B9pDLu00viZ{nLUy0jGFT*#7f52GMVKi7RilS^%Cjy&9BvD#(tf&5c8QY
zNz^TxI@qxja%yO=&&yM9DGP`}&)Ja<_H&rNR_KbkXrX?m%PRMGZF;T>Soe*1&gZZ0
zY}oyFjDF6(!^109cCjz#QUuOSKMPo{N#)~wF|tB2+=tfJb*V}C-09iA4vWVy0(;qk
znv4veQzEH~BP&q`2!zE4Y8W#Ju{F1wg9Ve&Ssa>RU>%twBM#S^Vz|U##skWKQ7&!H
zj*~M%YG>XQ`znSD3QKPSmtV~`6<*#Y$7nU`zVo-TS<|*nNt|l`5zQkTKC?5QAMoYm
ziC5^Fzymw$E3~upN=NXMISs;2SI^wFi%N;9U4v*IuR><=BALB}auvhp5)=|?j*n!O
zX=Uk^#ZQTzgllo4T<wP9N9+PyCFTuHqRFwI>D0pXpEg?i;~{s)s~rq9oT6Vn0>=ol
zl_tJQs2sj(Y)y6G*$xdVVm6!7+C)w9C169oN<uBX>;|F<E9j?KYxD-GyVno6Js?de
zLI<W3U9z!|>AqykkR<aht_yzB><3w=b4)J1tRIL!KPt(Qfnc(#Frb%<qbv|?@<LB<
z%7Cjp%{{nQ^`jgI7-^26ErA%keEe)o9rZ#HdSz=K9}-QzXz}_Eb2SUGrHS6>64e4x
z;yYfSt(hO!&Otn)iiDG1ki;e9!zCS3*(=rZ(bQtgE<^9it~#b#Y=z1;S<Y<oM&#^v
znUkeP*ygVG8%j=2T<y*5k(rDj6&)lDD6I~Z2IuWFWW6*DvN?HRM_Gw%P;6}0F8L_r
z8W_H!YIp3LE(w!wv9FPGQXQ$!4W`X!KzxYBIRspD@9uL?bk<)+v#b)A^x&h`@P;$~
z)&_hNT~{s<AVg4INSK96sM7CWv~T?BhCTk0V4d&jrJ*f5*61EL23+FNAAp(k>ePUG
zF==gAm3S}#XY_oS9hr+|A_GDGK61}%&nxTYREv*LIcgcsIe#s~kRz(PrQEMdb0~Z7
zP+Rwc391GI+JK=j0@O;tvZttJ=-<63bru-RoqKN0Qw&P0*QXdg)cG>`^{2RG5j10u
zjKx+Q^m&T`32I*DS$#?U{o|p#cX&AcdjzJ0bpCn17ds7}T6u3Q78E7&I=RKD`^0yv
zVQIbHTJvga0PLdIz&hbwbb2}p;2r~F%Iw4$#N6_of#GZ>uUOZnuaw<2FJQl6#ryot
zRWWM7bHe30-`+|ZO8})PkuNy$_j}1+tbd}Zq5t16(G8RuVz?IQTLc>;FkY6GDY2eN
zF!S?PAq-K&&}zC2KQwHw_6oaqE9IT_!$U?|=`C8vc%4E8;~lK7S9n2(b|x%Jo;DJg
z5~G>FW66QXJOpLb9IF<FIB*61uI0rGd)E=84L6>|7xE{QmFmR0We01MOS1L-x}y8D
zQvRDn4(lJNNc$~5f7{NeM4ah_B!=Oq>OC8n&H$pxeTCRD(tltm9@mk5%n-hMX4}oM
z+RP;-{61tllKc8R%W<pxl}8<a9dr8Jdew3qsSPOIwX0lTh6etF*%CqiR6OZt9oJz>
zt@A!{nz2$af6~z-`U7e?7&~9Zie?LzfO}k7{w0Stho=B}u?3Y0c2H0P)4pE{X_vHg
zsf<}D1q5`BwFr_fVf%5T#Q(6LHoL$42Ow>y7p!h9awha1s`(Ie+xffJtxh|!WXE&H
zQAOFiT|as`qEdCGIJ`3hL5)?DMdGLb#OtW}rd^(r^uw+C6a~NhsvG9>`j1{tgbd3^
zW*@@B7tkVP!O#_L^lz&Y@o0GQ<>J%uGk<IWHJFC=yhfdItM4BGqW^5<6-X5p5ZDCw
zJ~cE?C-7mkwgzi@bLhU|s{nyp9<6;unJuuMDPEO0*rO7jscss=CvE=2vE{#O+W)Ff
z|2uI9AG*X=m1Z`yH~3>Dy<V%hHP)_CG8Fd7UrjKYG?(pV;S{=_DDPx_Q28}&a*tie
zyfxuDZ!MTuopi6dlB6WK6Sf!HD!r|Dx-A^**%arbn~~<X%<s1zn>kXj+N7{>&!u_n
z>$2PMo(Mgz&BXjPg4ZqN{4A@9Z?O~-Ptck9lO3dU+o5(w@Y{!I(hBA6t2QCRw)Hlw
zF~<C!)H311kaEEQVO}MZ2?J_!qjuoYKhO8ocUaF4+m>(qud}M|E}XK3pZuL%`man=
zBGTCP+VouHed-0FO!ze!9Gu7~wwH*a+^fYu!g`D+MuW^?d0A`OVOLSk_u|WQpd*-F
z&Vd)_*UMbR)^J8kE~_E0C%+_yQz760R@(V+K3^xllcPTX6HR9R1T}$zxtr5iX+)yS
z7XH{{dm4uNiXH72?}4H8vSv8ddm!TAd?2gr>0@eqZQuQ%s)JSglOtzrR6KX|3d~KZ
za;GC3==hUW$=xO@D4UT*Du0SaO3N#K^Uaru^G1(G5&MWM5ezdcJ4r^eVA{^OLV*Bm
z`3`oyLs>fz+W7uQc&rcig!RP3{YPWjCcSHL{tvglck>pqK!w~j<$jXM543O1jyR#1
zlrsa4j6fZi&7hFsz;Fw#``N1moBH5bv`tAzEITz5<P$_9;Cn({j{;6AT;G+i!8|Jq
z9A&M~vR5}V+CGtll^1j#F;<Gh#{8&WA%>SS!knhpoWa7V$NWR`M)d>^Z@;dLWHA^V
z%!39Jn-GW5JCFyRYzn^PVS$!OJ`2A!w~Ze-WD+n5svmPU$x;ES6vZosQB{;0>bTaW
z$(6FRfkF^q#q5}n*8TqTsx?<P6@}`Ph)^EB!cg0;yxJf=?WQN}JroWDrVy)1c57A@
zF#rRB7`hl&@yBi@)1dv|X!-d;Q7#L4E248=nu5_h{c_QzEFh^Ol)V>jNMS<^9%nIG
zn*Pzj*FylDB>Iu=nan5=V}1aNIetfm?JDr7)Yj<j1!s-A@ci;)qf!->;Hx7+$Q*<-
zzs~io31*}e=ZD;JPlSb9eAI87YG{63S?XtBb&%7}u)A<^+k10%OZP0&$qanQ*yx<o
z@(An<5av$JRgdd4@H)O@Uw!LrjCJ>>-1k;IRs0$letwQDvvz_jJFv9FIwjITh0J~_
z5mABA;`=avR3j?%ZD`UKiipr<hwA1*6YA8cDhatMw*^yku;d_xHU=XvzdFafmuBqw
zG4@j#9-N$R?3}c7oj8CUzu)OvdjP(Bp>E<_HLf;)Mff|8d@2blWO$JuZO{}LHgo9K
zOKgdM=vE)u6-rcH-SHxu7CRdo4U8cMC>sR;FoON2N(HP_E8m25sdXt?+p4qn+}Ulm
z4JIl5uG-sIGoR!c=o}0<Wf~El(R{8@`t?}aA~lh3AmMo!t+4o`sXJ-?MefmEXTALs
zE}Jj?WV<Mlj+Dar#$4sXTOWa=5xT>0?SfjunuCN#@RtoX94tHeaR_ZzQLHc#ZlzVV
zzUyJu`?8CuC9U|T!%J&rI-<S7h!Xg$1_J4x>WVedX_GS=z`A-+8dIHIzV|$vpMLc^
zU*aY#N=NIRE(9Lokfy|my@Qu%DG;>7g^@jKrB_E`L)|QdOlyf==HDXMRp4i0r3B+u
z)L6+XGd#fw!o^?Lw>Pu(&2RBn))!8!xQxHJ7k9zf?0DM2Q8^~E8#Ze$YZ*+tOMIEG
zLkJ)X1~LTZf<@`1e`>i?d2HI9dAm(^ERlVxom?u<QS6EAkc}Zt1d3yV(`>Q(!HrfE
z9o=>GiQh4<2~aQVy5i4Pe54w4^FgO-cZyl{DVrlzb(jKz#rH+AQ@qbJ!TuU58a!X)
z7SVX26zN1yS(OrKd}L~b+nkkYD|6~uIn>6<p8335SD}w-yd}Z2?MoiN`B`I!*~0q*
zr>4gPog1G0+fh6}HcP)R{cvZbWp$v<XnECUBTI&I_18X=S;vNl-SL?ZJw+ZiO3_m>
z!lv{*1T^NzFs+7u;L7m0lHp`e@f<^OaX5uMTWQwp7YyUm{8=d*<#`h>+|dGNbhAVF
zjjW%mNT5M=r@=~E%MX;N@60y&A*;k^5s$xpg>3(ri=Lvuf?!g$;K4B`I@Ipynyw!}
zN%ZlYB+X_d6B)cj#Ca7yhb*%;W;ViJ!#L>BNgVZ@;Py%AI`~$$rP$1s?Wk$e3h52+
z)KKrD!f*2Y*4*}7mGjsOXO_sqhL_<{_JZHf6#%C56aZB7h>@()hwZXev!5a(WK&+~
zdwo4ZLZ`fxTKkt5w}phY%VMffGMTlZ-v?6sr7#h)8}MqcVozSVm>WVg5>K2g7!6DI
zG1+=eB5~G|hLV-L!tj${3ofHEk4|v$S8T?#mtUNwU*z*Uo6Xdb^n#5SRttH7QPQ7P
z9<vLe3>5PT9swD!-y*&}_551LIsN)*`7o+Ku4KUW-9pf37y+ElTB96*mdf!8bFqeI
z*YMF<!Yx;ilW~TD;=^T{dtFJ*V%y@0umNroLZjNoH^rUOOH&bhY1T=#RQ%g~S&t_B
zrR&%f(Rz)g@CKXYN;bAT+vbIpS{^f2oK@+Nc1ATaaqTFkW5u6Q+Qh8OWU5O*kL~R&
zD@SW`lH$*@?U#$%e*i2lB6RsmU+xmgBN_6@QA(sy+IMKEc&~|i0VjXd<!kVk8dqK0
zci_;Fi8tN_=926l!2DdzOps?yOgRt}CL0e{{GwOzQ&|yS^mWv$7tyg=Y+QgC4TNTH
zl-+(!Uw`5$NMG9~ZXklu-pIGFnKm03WfDu(U=XRHv2RzOK?jo^6=dv0gEFfX7d|e8
z>7sodFRQ=8sItwVQv@AXc-y5#nj;q?BJ#=*40dL5qaLqhL0`uzAC=mN@D=cfpaNY*
zIBkpxRj`AL6Dhmp1~wU-iIZjB9RW6j;3Td`AL0yk&J1rkJB>?qlSDe-_-1Kep6K6)
zqEikygwA$sT^|WFbFaeM03rKjvgc8I4zgK}y54d@9z1idLbVBqxhSPDRO?c>Xmi$P
zbIfPU{hE<wG>3?!OPeuQsCk<;-YKEU7z#6IW!v-%XrnDJ`qxO1f2G%qL;vy+dhs8o
z=9T~KCiPbVqVdlO8`>KD$M7}kt_Sk-XlXI)>VKIiqNT*1IEUN_cg+v=kV?K{9xhj`
zll59=oOsY3OPZU07`G|4S+RIt>P%LjZspF;i6kDVLnV~vrYfI+U(`{|Nw;%x4`rBZ
zQ%2BKnapff&NI%Z^H1nGIUn&rnFQA9#Vc4D5}5x03UXV%oyr|@u-&^!@9k?Fu^`jZ
zt(d0n6U!PiLr9L)L#XgQdPro=Ua6N?xl_K0Z?x`C1`P@S`*U^=dcqB@91Zs?MKyJG
ziG)K>_zkS6=Q_^w<Y4BRgC4NUWTJ;A`U{s!ldd<__2n0{)Wro|N=A1WsnVC<?{>!b
z3D3&UKDT+kKl%NND9_<uTao|i&Y%yJ^L+yA3ubW%Q?B@cWG+tyhG3vbEVZc`DuaUx
z=nL!eFYCS6moQ%%tPlQb@LjK%q>FL(_{5-2!E`7VH41yeI(pW~f?h~pNP~}5HHLqG
zKp&#N)$(&OUB2VF%YL%}Svjoi!3C(p309W`O}a>$ds7<rGsd~N=nT38cwqUT#~zov
zd$<UGl`h{Op}=W(!eu^sHOr^;WyW!tYnBYG{0ni+`XQ9KvX0VK){IsT3{?^XkfDg$
z>gTgDgstOiZPTWHWoduy2-W{+Lw2>{e_P?-x4J@g#{bb)+<l3t09T`i)!%krzuAy)
zz<kT`)HZ&?(yYO)&;4m;AnjzVmfJflHR7OO!f<`*GwaH^facusgY`Je6*IweS6Ze7
zH?YDi)ACQIAruKpHkXx`+V6%Az0CCOYy^wKw|Ps;fCSQadh%wOXHET|xbmjEq){3W
zM&;`gzad-SHd89ksZB@c>f_~sMb1q(Uw5{BfitdYIGe)Df-&g{l-hfAgs>q@sNCbo
zeO&jKT)1a*X&w_R&))rM%BA_?+gU%hbG5}WJ3PWpyTP;gYWI+$ZCKDXTkhn<K?0-l
zRqx$?rqFgJF0T`ZoO6}^{Pvp#r<b$87I>|ivI@fQkIOQ68HL~N-9)}qw6~s<Q(G>&
zwqN<B#2atgg$hml7r5$wJih;ja0E5^7ojpso>zTSjj|)Al?97G_IXS;boPeXkHFO0
zYT8lba75ap&um`xNL<yP`W3)TRuSdgBhC$*-U?jFZjw^4T+v@9jT`Ra8%SZ|(`bp_
zD6C4k^Fnlc_M9bS?y!z+q555+Ui+xTuXNIu2YLFpm%jyeVR}Wl;s?k-0PdLIH3%Uh
ztQc#R!QNs;);?$i{PDJ_Jz_8>{Kk81dL8F^+)AYgc9B)~iD;x?se45X^Ai4={pG$N
zHJRR$W32hYf|F1D?vCD8FBnM#R}eqh)nR87W>wCk{KiIC22N<QSOY^pL-PSb0K)P)
z4T;=;Bf<SejVjbLS;cwZ?IU}jNrx(TFpLKvG)<&qE7kiCYr@9mH8<LY#;mK>-8H0q
z{T#ccgB=FJLJIsUCFQRY<WE!muU&LqBq-PN$Hx_$o;1*(?Jn=wObUtoI9(z)c6fVW
zOk(`vX}dU$y{o_J+DIu#Al|ws`x=;Cmdt{JT7XW~L_%hoEG6T87Dp8$8xN8j4{~XU
zpn}{b&5;YVHY?D2hRMmbng*XP=a$oesb{-l6P0S7fzdR$9Q`EUMRrGsRqdKA>ifAQ
z!A<j_w`~-E4$a|`%Y?l`qleA30{6a{i<9m17Xt%weU53aKc@sL&&S5~P48F?^8>HP
zKZ2QV1dYSR?fT+OlN{8W_EbAdMez=;+{Ld$Z`m{p0vfJcK|j{dx>O=>!R9)yd*eH@
z<(^Tv%(FuTWNU;ys(Xicq~Nxt&tFi3>A;`$k1s~BzYq9_sp8E~%?vz6&g0aILzwsM
zMdk*=u8DIHluA)vPjlV|^(s=D$`4PE5bvxmO@)j<JZMdSBR_hwzxHwwLtj7>=t<ct
z#~2*?W9C;h+ht^d_?hodQeAuf<>n<lTdUj3l{H<%o1ym=F#npT<sJ{5F~*|_knV$6
zcE^`H6*vN<Vxl-<05up}RnW#A(-YfOME7$9;~6(x1E%TO*E$h)&u?)?ZIDPA{+d5Z
zC;j>J=YbT#nC8l&s!GbId&ekGP_y-Y1oOpah6uV!J^cO5Bs`rO$L-l|#{n$)(I#Af
zD6cWt2dIQXw*u;3nAZH`XY{`}heRRHK+yjQd2<jRlCB`6*x<+(;`5=~*3O`WXMo~5
zc~JYd5Ew}3Jj6FXoAt_wX>CVY*`NteoYECt6=r78bq61Tb(fLHobx$y`46929mw^Y
z{?@bq5qgs@6fe5%#`UyVU;5~>u#TnHlb0__DLqs_g2<lnjYvrCIbqPt264f$`p+&4
z87@c-n*+gqncsRY9icbh(DNSL=?zdcs5RW5)W9+Z@zvosVS3$=6sF6&dA)t6x5a#w
z-{-Bi8xMc<JHCL)srllS!ps1HMF1LaYLSQcj)q(0%e%yLTP1>D7KG12R|g{%hc-#O
zdQ*lDX6zPI<hzc=ZAI-C<~G?r4ya5rlv+N<lPY>lwqTRfcTalx@YShK68oC^F7XN5
z<Fod5=I!f(mnIRBL#<MZW~95Pc^`FGIX?iyz!}dlq%L&8xn;Xck4{H#oT*m-0Pr~<
zNGl@s>w$g^^KX*nIUtKoiP5{<-_C@iE6w};mMN$7({4-2sUUJQ6ni@haRm!Sd`()L
z-B_S2;d`$UM<I9Cp0{aT(^X5AlX4$3d1)svVNw?9*Go_+y^ZhDjbbah>Uas!gB=yo
zjf|NP%Syq^Xx(>_Ht#!^Mj!-7?+@P*ED*AXHqjexvcPIHjUYYd5_({;`T`iasOV^c
z)_>OP!&|R?E$LnL>DlW1W#PB^8MF3-2VviBKqcL~J9q7b?*L>Erc@y-gZ=X&=Mi0B
zQ{7ZOrC(Hu2CGQ&!>Z7kp*rSzP?krSMNn6}TEY1INS_=FPW>9V2F3;s2>-0}nPCTp
z1Mj}c!r_Z}A63^Eh}I9YIOEH(YBcfm=FH@o(aOc^;SL62KqssuOmlj-Kk~r>YrOWg
z&3Fkj!leY2R2R9*&+7uNTgDH&bs^Kwex6B{PqlJw#=jwDF<Rz<Q*Fu0RS-TjSG0_0
zko>CKYZ3e@<sEb<xTYbTW%l;_Yc@Lh+pa(+vA#13KmDYAyUe}tTspPR)_P3`ILM9f
zGmHoN1TC(RZ_@mV*kydlyH)MmNuJ<4-9D=jJh;B2#fKbBvUsH*fU*#_gqd?a^NDZk
z@0-jrZ=Xa!F@<1t!zg({RJrjFuq)`xm>7P!GPZ|B-+q90Vh72<>sNO?J`8&GcE#Ll
zBfPi?HW5y(0fflVje(?{40bl0ecFN!Yq>DNgj{98+ChBcV+M+M(}50x%+;oRkSn~V
z%_*dDCGAjsf5<*%#icHoz`VRZucc-F^J#9;p*If1%6YN6{5*!UW>_!8p0o$ssg_;)
z6*MqeqZG_u{{G#njZ;s-#``fvn3Y6(nj%bxy#=dA!3*9yP0@E6joo0^``TTX;?+Cy
z&UCK{7m4{~`zn5R>#rSA<;}Ct1cKO##L?lwIz&7$8+;bq;)R9%JhKO0+pN9C?O(+Z
z_u{`F**L}AxX)9sNh`(v0SvYM)O-M@Mgc)v@&C>6XRkcRtK)bYfh|ewZ<Rr_QMDmo
zft(49o!#2UY|RDeAYmUhFXk~qUv3ogsDR3yzaq!?U)?I-m-bg{(Z6pk%dBAhZ>BAz
z>_s)U`I!5rG|BTAhTl!{y66Ty;UupT$}go{Eo#^`62aQ3ak*uH!&_XBe;*)?^b5`}
z%-Sp_z5f7|bn}|y{~Cv)>Yo3Tap+%@VIT;N<I2lv{NUMvZu+;2c8PD0XO1j$l5!65
zYCc@HC}be~YtOk{lI){_$QK~6j-6@!2Yz6zXWRx~M<$jqZ*{3CaV8bfQrl<yZ^I~h
z?i8-y*LyY2g)ps9tV*GrCcWbLQcb;79ixwc7KYqiPVs8=HJDZQo%!d6n|YdBsQ2%6
z(Pi!5`KQP8U-eXiO#FT{PtU5YHWd#q!co<c?WXN?Q=MC*d!28vT1?_%DbIzzZ-{~u
zWecZ@yDI{cfPM4cFr>o>Ypy2K#kox_zm|~uaWI3zrXTplEM@m6ty5`^D~f0e?RNgm
zc{D-$3gAXCyQGz%k%+LQvcP9ofVF{J+kL<Ay<^sKVS0jKz42(CQiJh3<U(<fpfx%;
zg*lB$(w0ZDh;p=!K=v9XDPm*n@%e6hb)!)e`Oe4N_hF4jC%;I}OmUZ0$enQCFF{wn
z0EwY2Mvn@-mtQA{Z#EvzkCm=$c9#4DxV5Z)QZ(t|<%4(&)71;PQ>(3ERAl@F^RA}J
z{{x7%R?Nvp6%S?0JE)WPHVcvZPyPu1et_Gts=~MYrb>P@MC?4M)KdY0ZeTU7Tn5v*
zjvLL8*@ekbqpKvL!8l(d<TQ_V(bYvLcLzl(Rz&+wl|qX?Ls1uE)~1f^A3q#_5^;ii
zYd&m#E#Vt@B$U5902%&`4-ZgZLKpLz3_=n=t7!<HN!nY`nS?~D!I_wJke*h1hDy>(
zHzv8wzAlgda(xb$o|>F4m{1`RWt(x0sJisiOrtwEn7`5Wl$|htcvuwTb)8V~LN@&Y
z=!yvJ_^=8RZQWATI3s_jA8=kJFUge=IZc#Z<TcjVtmXe=F5DGEbyWXi%KJ~8wMTbt
zsJlfA1^z|1@n1w&qRNba*LRrDUY(|e{{g&R`U8-uo#s|Fn|adore61`eDSDu*KNvF
z+H3}wwo=zq0cfSMQH&}s{AX3Dkesc@@0Rx?ABw7sPL*(AuZWM1n*vUF9Z7sdcoNB{
zR2(A|xS99+b(5b)vueJnd12o)Scf{5i{Sr$vouEL4<P4GGYqlQEPDL^@%GknQMUWO
zFrY{%T}mkeQUaoc3@JzrQbW%WBIN)B(k&__ARsY-bobCOzz|AGcMb#6F?6?Qp8c%7
zm+O4aIq%w^_q^|a6L7~h*L}seez*5~zAxlBU1)Y(H1znDJUcJ+{^v_Cr7Mbs2Bpm1
z-*^pzJ%Tqv;XPaOOxp+i*R=y11%JF;zketby2l#UdcE8HxPf%`-p4mS(!uYL3-l#F
zSg|hgUU3oLB?pgG-ql{z*XB^wS)^pWjKsrR*FO4RAFz;t8v=AdwWTS{;~1}>rg0`j
zbbRsCL1LH{2=18})Bfj6o%8>=NaaJ5`zL{CmcR7&lW)`XSs4i26Dg`uZr}dg2-Y8P
zZ5j~bM^vFQX$cPHOUR1Gq_$i}3AnKTn?rixo(in*EXTPZ#YM|y#qRTe8O2rpXsn$@
zACa2H_(O}-_l+~TVq|OlZfC?`CfHb2^%`}+5ogf(HSdp*_67xM*o)!`vOZj;oF8Uo
zr;HIu$(&=W;w*kk5(OJX5iU54k0hJ-K3(J#A`-djKLD615pYYnIP=bxEEy<S_O&)q
zOgvnMX1Yv2`Zwo_$XwL@HP{Oo(WHK~)(j#Wxsi6W!gKDWhK|&}3}7`<eAB;gCM<ep
z6McNvbHW^O>?=k#ZNIvn+3bzYQ|n5|XAZw$68mC^suD|!y_)LSvc(AvIgUweKohf!
zd0*p4ew7qyXjA}mzwMa{1*nbUBGP+arWKxUFC3|gB)-HwgLQ>}_4q&OuhJL)Q^p$p
z8crI7+wA{YEIt48J%y5G&zLu%eIr#bNd=y76>4imjNSYia@+3d{OBpC#i0!TFmtSv
zgEj~EXnt}A{czvZ+uEj^jl2)XV$p)+>NXq@lnpY4<!SN$LZHXh+xlVo*^u+u9sL%O
z#gFmR_Ils+^Y;YbMpC#7Q9pJz@CD<kcQ8W*>IM%d;Wl36S-?_pqQ-kB6g2cBd5;l3
zsrn;}sE7r7IPud9l``g-3X_Wmdb6epE5`_T*cG;Wb-lFID$#Wpt1{)AJ7*o{6GeSo
zJ3>sB5ym``&84Y4+X`cV>;iUV2iGV-JpJ;J66s%M264x_;wBdW>F6=HBO4!FFK<m4
zIPjm#Xx226sDU^bhzyUoe`K}eiJu7xp;{7UhK-N8#nHk!!GQ#lFG@_<6x(o_342fV
zocbb^x1LOxt4#%ioy`<WP&aI*nT*+O3xOKix%mJ+cuOk7;>q*V5ei44_(upQs>yx3
zl%E;)wblIU(&**5(HwXIWR$#c#`l5he|WlIy^OX=szez|4v$?RcV~f^Q~Z{soQ_s!
zTPh?P(`lj|rA_)wO>}{-mlrw;;{lVVI(kv%gF`>wjP`CCnz^^Bh~Cl-NeG45)01U<
z`jkzWL!?%3^L6oq555g+rKW$-rG)O4!DOwYYITl8STIlbO=HpRb*?HWlEG7l36oSQ
zUeUSM&4<g$s-15zwaEdk0eWjO@TK0TIXRddwfd!ij31+KHFF3=*o|?Gsd_{dSQ0nl
zUmaWJC3W9?=1?H=opZo2os`4w$X#$rC~yT1{`LqMT~-A@@owW`lQ%UWYSVF`OP8yj
zuVI4Kuxq_(?-t56w9LMlQS}H*%gJ*i9nXazbIV9-zJ2~%X<J&m-iQNZJ*P#TjxJw@
zjJ9fNHfk*m5$M%KRjO<BWM1*bYq!0}dkUvdEZDYRHTd(W&acD<Q`Rg#-*vU*oy;yE
z2Jis<3)KTb6v9J-gdt(j5%`G8(vg?I1S%x^#WkIA^AOu_yb~F15v2~Q&+{JW_zP`u
z?;);w(#v0%h1GXs9O>jbUzf5UP%1OYd2R3N<+?4$Ps8+nx_fE~+P--QOnhm}JVn7l
zyUpAIhN=s@?A->sNKu%?u0E)&zfBn8V5tq?9*@*5+=7f}V|X8}$Dr-@=jGxVHy2}m
zsw(nl8pRE(+}H?%R&!>Iy1vWH&HK)H6%&oloV(kZ67H%~Ktd`XK5Z#}_eN<BCx4u#
zcV1>3MR1FVc)P{aZIaK?AWb)DBWsxcB(kv$!ON2zH*<9~<49GK3E`Q^V}Qnf&VEbb
zregOrD}#lgYeH**JWVt?cf_l1hMzJ<iW*^~{PmmOI#o<&Y*nBrQZu$b8lo3!S0E)a
zAt&Pe)qaA4<ntG!WR_?(loYGVvDAQ~>TqmP;=-R}2GRVk$i2uMl{Y3!JRJRBy@%=m
z5oXxDDT@8;p3Vu7bxWpW#ZdUO=v-w6650I}h`;+2Y=Qo#>OJK(@^qJU&UM@{_3`^)
z&2G_c`<g{twVEd&qfcx+Tyd#E&)2$ea$EDE-6NeNeGixXp6}&j@<zH(igZB3nLizm
zf#NEIHP~hyM@A1G-vwbV1pXV`I>xd2s6v|37mRazWjX5H+CypM0@0}m0|Ii{LTQeK
z5AUQR{1UwKTE{>dS1@CjHD50sH-Va&PDGd`3_%+31DF(7pv)eZLTaM#IkfxuNIzsR
zofG=^^5O5esDIdLKm2EA)ZYk4cljStLpbrpzX<66EGYn2U67%gYPlC;R|5&0<3Jq{
zR!p)i2NMX-9uy7kCnzp$n*?lR=db}aiCDm88APD03dMd3BFKI4b00|uuI&*~v?oU#
z48;)xo2&;l)Oq#_PN0)Niy5JwbO~rpRH#*wY1OoRYTi?nGqT%eEnA8%HNhoffCaQ2
zJ1m4tEgBSCOdO%|>J~9Rdk&5kYn0dsDNbUdR%{>5hF<lL_gaIXnjR!`Gq&NFYM-?#
zJzlbAx*j4hzUa_ki_o_9udy!TG29`qP2qb`Cl$1!cRJpX`HVL@Xt7q8aq%uU$Il4e
z*+DuE{%V`t?wB#z9Gk(SI=MzkH4#uuy>(RQYukNaYsLD?F$Xm%M%zbebO*FKd_wvE
zvOxRCn}2J^MXmeqq#EJ&Wjj}Q_EZyMx=$ijeL0(7*5)O3Pd|P0@8y?1)ur%>?5|tw
z_kMtjV_QN>h+Z{0U3IcarKz>LCDon3EuB4IA92zi5hzV)<-ko&+0|<2r9syeFAqE)
zy#mD+CE#{d|Ly&l&Mg|difOz3hm-ccO;5Mu@7;Fy(ycyu1VAQ@Nl8TTyd7zSVaM|}
zh;FMtO_E=v0mE<iyA!NS{KoVBW`7(thaI|pdn!$ys3+Pqz3Gc;N~=Zt$0zn#<MNs=
z0IK?RyO8k-0$h-ig$Ut$I{ZcXd7bx9F#@8=bgNr1N$fyBvPJvVb0)`*xwsK^w%emH
z(AR1_gkpeyKJJOI7r&OcCI8hNaMf-8GRN`PQxk6eeZ7nsoN^pwBi=j0_4NhPtN=#T
zHX}d+mEY&guBW&*)AG1lWcu0-8@H^a(;AK~Byotwva5eoV<Gj!WE|=A;g5M;r8SQ~
zef$JhjpDPHV%ip|eY($bTTDFM6U&HM8TyU45qvn3bRDA?+Me?L^tzOn))Bvn4NY`g
zA+5ad$4{y3W@M*vy{~g~Gj4+@dcH>XvFO^T)9{W#?)yirxPM<UDp5SJi+iqBHy_v*
zdBZ+6IOH;8v^wvi&uRF>4)|ckY2`u_&bIc9W$p9GH*NCA=PhFHM(h)1g~bp24O5le
zJBGUvVzM)<OI$ByVfYg%8<LcO4<s5MYcvbWdqqm*mIL2{A<1<aZC!TaEN!(rBCo49
zl7>_-*fATWhFDp{zebXvFzL$`W2c&*$P9Wb{yo+ZZjNm?;Ea#tC)dG%oI8}lj1E%j
zSt^MEpOX`;#6-FsAAN@nwsD+@P@hFhyjT-EXGv>YAIUQwQ`tcIDV2`r_T5b8HNmi)
zA7%~V)L&O_A@#VzjJV>Le+)a9(sWE_EBl-Ws!PXHjLtgIZaV-da?@p(s3g&LJUjAZ
ze(}2pO5e&viIO>D%A+SI5?n{`)9e;~PtD3m=PbZowSUVU|KO=Rm5-ZXduO>|wDz)3
zd8v?^JL%CL_cpd9h1aQQMp9MzhtTNLIO=JbmfQ_0{d;BNDkJ8qJECbHNjIVfk7x;l
zaBh;0-*_)+CX6WpU4$z3%FwS;hx#_{cD9J+STJR_jojOu;M0IZqShSuY+o37ef0kQ
zE-eE?iv>OPfvGbS*cZs=8kiB?t)4{Pw5y(qZ!9}vQgw6e{|3(dHy%y8zhdTDH|H>c
zEhdRjs<Zg^uncVx%X)cNv!~!I<dm+6CYk6AsMz$mRBIx3KcPY>DSXwL{P{6eqH-5A
zl!O-&cM&Yr$tuhG709KsyC*a*Y1@CMxRkFrZ7LHSIN-eW(u{YkI3^{_;;?$ZS-YSw
zZ*+QiDUIrWmxpJoQz|Xkv9=#l2NjrIDhP9}pyUK`Hi6`3fRwbE1fOEnb4(s(G^EtR
z-!JOl$+ozck~*wXZ^W+*x0eq>dxrMpRP{#0SL?G4m3&kHuX%m7>1s;`owdDENbu00
zoa=bx7R04c*B&u5eqVM2><OogpLFD9Q<+KeVtIcTXOesOPM@xBa<+?X-*x{4=L41o
zJ;<bC$$g=|RDO?8#WI~zSXOI8#}#Wt*mpqRV{<k45YB00km{s1CsA{9xvkL5dC7vR
zF!XH~3>wa~(96@w)C<E!AWgO_6=?7md<oacWSS_n9Y0!99rpd!*~<yJ&L6j_HIT|t
z!A>WUdXhIq29oF$05QKbf9MCnvGrS?qRW+9UUiV>!}7}IddOW*jUDN+(?cFHzu$O6
zqxHwh$Qe*<sk+BMv5>z;+J8j4{d-AvQd+eaCtZ{*&TK)whH`ctX!)1430=_(=8sR{
zv)cGMtWCU9G;5*KiJN}8zwwGL!aq0f9_SxsH5ZzcT+iui7)1Y@`?Xg`N=BGQr08In
zjulJjX8XexB!y=_CS?K6o<C;vtHp=H6}XNiS!u+U`b}76kse!NaADcV!jtP%q>?8)
zFgVhuu5s1gipj&g4~-HNnzZf*+mA$5A0Umh)ZO_;)a%`AcAKMS@0E9=#6HZW#a;wf
zPour?qFY?`eQk8Uc4@eH32>i`j0{h&($`(yvkb_`l(K-<mAsl+o;T8TO)Y7FvP|m-
ztj<`6XGNUe^KHd5xWIn4JR==4ZqHE<4n<`R!Q`7#o8o5gp7bQmx~-TYgCsGiN@tcJ
zpXJ;waVAp<*J<HZr$%9Hp10jr5&F=Qo)Kn(eR-}myVYsJr&H->81t`2DhT@-%X|{E
zccll}*_lQy#2A50Cwa`J>pq^NawqmgDRUvxS4xV%c7*h?r_apzh|O2acd4U21-7zp
zGQ@17{Y&g0&~l&Py#OP<RDj-NOtz)JPOiL>aUO<6t1Q=5zQ*pCQl)yU>Fb(%JMm%-
zTfMCgcRW$<Rx1*B&U)0QokW}5uvO6hWiRN2`tdBozC^3&^AoFGCY%oST@4E2AWLna
zUbuq*M&IMvj#Ox8J@@j07%fc5_;Z@^irIGR)N9R_cB%`$+;{V&8O@*AuAFL8szQbv
zrG;Ktwqux_o_uMk(szVvXDpPg9YQpB@=9}%K~noGCn<Fau=z+a`^}k7vovuiN?mcH
zALAA-K2xd&Sf52p*c@NoQwU1ZuOE_*bw@c)gpNJN#96fS5?)5^_C-idHQc(q%$wma
z8AlJ^jH4+;VL{nJK<}&}N2R9J)VSHj6T{6p_Gw5*iAK9`#lm)Y-Cad9Fkfv|!Qh_0
zix+>s`^dyF`hU}0OK@J+f8!cku9ZBjI$1YoZ@ho6y-h!13tJ;lB^fh5DgeoIN)4^m
zX3c46sM;ojS9dLnITg1&HsXO2W2fuwYpLo3553@wSL5DdKab<~iemOm?P^h3_KH*q
zdZF9=ye^Wu7}hWwmcygNn%&MOquB%GGqMJul`TwC!sfG8elh6J=`(c6P@V*QJ<nJI
zZ4EP-%i=B@u{i;A4M&{V1NOi<Nfo^bh1XQlKO8HS{g{z;<PYuR>5X8x0XljHsd;`*
zGi0CBexp>gB;AAJd0w|*Xu`m~l1aY1@J^mjhZP5IIXN+o$ecb}Fu9_3IBk~aVJw2C
zibt7E)=P}AN$_D=;nE5K_3*-HZ6j!2MU!8}v0{E2Z_HclaMZn?$0TZ`)g1a}LxjxS
zWyIL_eQ?%t+9Ss%jd^x$8f#J%^_MK+vBVhtNZ=()aq%Xmhm1!zd5*8vT-q`mS|#F`
z;#+sy&MGx#3JpX_48Zx#_#VK_<TEuuQsBf{$pTAhI+cZ!UA_AUS23%1kGdV04Mt8$
zBCZ`J4#9<c50~4-HfvT&JyH^xIW6c-Y=?IEd~uGk={wNOJ1#dSUaXU+c%5q5kYM4_
z10Ks~<5TpeJTGAJiKN_`yARTCoNkCWNOR~k@W*?%iAcK6eCwB_^y^a1fhu3hLbVUm
z`Syf*HZ?Q=_1%o8%8?Ae@s^+>vzrXzD4+Avo~bB=d6^_)7u`36<_sh6ve!n}^Nt3w
z-+hS~&2<`8d5Y(NviAw71!a;Ft4!npW#T$XaJjF}ln(YUENkYdK|#d)Jg1vG+~fyL
zc-?ZSbrl|9_X~EpTR#Munz}W4`nQKZ0KT?TDQ5lJ5iY!NrU>M*6L+k`<nlz+mpF&#
zSYKv~f&$;m2^U{b?I-_mHu{8qQwiRlXD|dkY)@f(EW$D-j1AxTlt++^>E^{J0e#Yo
zPEYZ&JtP87SymY)X^SRV7`z3Aj^2CA?i3jU@QB$RT_L(;(KyEuAH$fEK)E;W>Kv6e
zt|+Vf<}p-aw?9};ltu_w=T)OJxT#{P{pc6Z-jWHx)ebu8rRRm_`nleR8J+fPL=F73
zUi1`|AxA&r;66ywQT>PmDzFh*aylcH9P}Fbr$Yo2nnN&TZUq*Oxk$axN%B$N%h=Ic
zmPSX$8;yLoSN#&Mq}_x4#cP$0i`uSCHZIL?;Ou(3_4Q5N4Xq+#Xcw<)y=|#aea0{8
z>IJWLmEuM8xlBlPFjTJ4e$F~@=Qs;~Wg@mwv;SYossA-k%1{I<EOuj94KXD#OObQT
zI~T3kBfq3$>BzzyijVm{1bT6tJHQ{$vRN<iv+|y-r?ayE(hm*R9v!5P#T8m<)qGBR
zmZ0#l@8Sf)&VoVJY>#ChZQVbayBw%EY;={hp&(SvZ+)!niTt_%8~QYS__E!RcR5cp
zR|^9*C8ZhSN?+q9nFhrY(T00k%jd~!C3q$4@mXmXI;!e6iEB9lEgq+WU1v7DOYR5a
zNCu^Fm7nKRm%(EQ#W&pii}XR=q@=LDVbGi7H^ML}ahVg-72il4sgdxH)!hF(56$0%
z7{1{SO|7fbPfms2vMHfOOZpl*mMRrc3~s}l(!sa<AT}Jc^c<f*KQ#cy7z6@aO#+03
zF}$JcNgm9u_8KKcL!O8M;gPOf+|T=-E1IKemi*#N9$QkYWr3yobOoQs`@z7NLO9D{
zwkWj<mtq<Twxlg_QEfxo`Zu0+_k#SlB6W9N=#Q;XRj1~ko}++0An}CpfaoUx_xf<7
zNUU}3I14W=-{Q!H!VhFhM6ZNJK@o_NKbTgVr8@S5v7HU#Rv{hLR!@LmC=O8(E}2s-
z6}?Q$&a?LxV7hkOmiAZeHqy0mEM=x$=1Pp7a)(ZDsE4JhfiD-Mk-&{5hC8*EZeebb
zNh`YxKay?%77QOpG2f1S8<CE4QmNqc`KsV^WW(fK<wyvDdPO>Z_D1ZNdKzarZs#IW
zb?+kg3}sf}=(VxAR_)e#o<f~Oq<y2^zGRjLyiOe{1rDgH06wkKCoC~UCgB1tU^SQp
zxYF@*i%h!(E?Gz4Axj$_Py8E?F6J6)+!StjHvNA1G*LRF^SZ?^&V=y)^tbA6X;n?^
zL(hNXO={qnmIhG%^-QhOX>r;CaO=><+iCv(LWN%+A9ARmf8;p6&5P^)1<AFc2Scdt
z{Xb8s@yGp$|8@4rmy5sg%w&253HE?l7k?b)&lb*;(3m!*T1)oZ<iZgnCOrSrEXw9H
zz_$Ic<^-67G1c=9Conk4D(SX2e*p<NI&WH5FVwY6mg6KCnCiwld<u_$WNyYFu9c`N
zdTgTl3(SKnnL_n%3Gak7pKBkB(|eMe56*_s8kZnygH?E+YD*n<8SL=Y=d~8H_|O9W
zle3n$Avvp>b(@Y@hH*CQoN~tWpZ_yt88=k?cfB>?RpuU7AE!#E9uLk-IDM^iW;Tn>
zabg9B#v*9}`OzBMXOet~&oiY+i1xk{pOYC-p~IQ1CT=u*2pzj{*I9wudyBIg`^()1
z?<Q$dzMb|IR}$;7ZqHWJyOf?Oq<YV^(dKNVnx|x=uh;3(c=?o~3jecB%+a10i;7+r
z0M6*t;0)V>@;^riwr<9VC@#q093!S!t+SGO{lqL>T|I@?(xd##iFd_8-#q?xI(0A9
zXJ7*F8EhzTS9(=R&yQq6ULMoqvS)5)NBhdsY-ElySH~|IIfuVai>i8pYMZ<}GY+Fr
zvs^1sMKUBtENTq~*2C9I#=AWOZhle$aM0<c=@#YPsde?Pf7Lkq1acD_*zQkn^o@Qc
z+4VS-fRsLm1J03tbIn(l0$<j%W2a5}hHAG|fQg5gbNKtumwK9m32`9nX2)+-RIOW*
z1o6co_7U0isot$N!_wrAOLHW{v+^x&h>;R{RCrg>o7Idy!!LUCs;`1Y*%R`~y+}yT
zKZ&i^0nPz3q^D4-T7<%P$Kxo%6$?dT<Wq5hip7$u1@A`MU=Hc3d{<Ie3s)_!Z`;hT
zso$VT74KQPN&F&$7}0m@Nn8=LmrfX8NBMOFKCTp5-)%@kh%tGUUsLr)y4D!M>4i;R
zL+{ka#|6!z8!}X+j@Te7>V-GtX!*?NPwvA!ul*e7FYT=6sdcO4Q{3c|VK9Or3vQM?
zoedKv^%OV0R`nWa@`HJcql~Tw$xagplvr-U{%rvdInQ@|bZKsN(dBafX$+{Q;TctV
zw+$?fu}1D|x3Ro~5FIg?dZqt0=?zV~9tSP#WQq?VzKHQ9#VH`|aOyW+4oYk30|}Qb
zAF6c~;>YktRe-a@LOGrdp1lFDS_-BQyn!X;y?Ni@;fD%c;QhT)SDbbO@f$C@rwFE#
z>Bq$2aO5_3{;Hk;t$V8Zm~7SEJJ#DjtfATVLvL-4ysg&P&FJp$BbqunO(dh|H_`{O
zuM01^gep@o)1j@OE|ZK1)m-2(9nfZ~oRV>UU<l(H{)PxwZo+D@x1Ul5GRPqbVSDHf
z9gb8jsvIwWox@{D_To>M8m^oXV@OAsqVTNB>yPhZDL8F4F?|3mDqpYZfy;z3K&N~+
zA5G;_&X<@MLSup7=XhJfJw=!Yhl}7H-N?Yostn_jD~#s5vx@LL>BuyDZjDe@nbj^#
zaxZhKgHz5kqw+qQdgFwUdI0|xIyMj2D9{9tLz0ivLe5XvNq3z&XffPZ&32+)c{`?n
zg`1=sH%rstXnXzOk9z<edk*mP_VltE+NqDs8LyPJw_^84GE@t9o~KCCdPR*Mi99-P
zsLcCroAY|rGm!%NR22hHwT3PqAnh0r#C`jwPq+TUjfB%V{sP5tT;%^1cs(}#ncc-{
zU%Ov|gI_kpHnG-uXHksq+N|+93RYsX=H#d7+nmXa7;Jq{^c#=!1+ZPR(D@aXtbLE|
zgXQfqwI<6~V2j?Dq8#~(Mk@B)oPrr|NoR(M0Up`5`5gD9-pp#x7}Wmieett4{+;5B
zsF`wI@NCuMc;_SfZM{b&)Mn+=alN9S^z^IG2)(uQ*(^S#bm?ljS@R0dz=w87_0O8&
zXL5Vm558ZfoG#jxSHrEJpa;I1m&HNI>*)D5-2!W-YpCPE6a_T{KA&Q}R1oYTvzp9?
zH8W3=RfA_<)*H_c%%kc)Jxz$aU{Y;-wZh3GnCmnZ(WXN{zhHP?0a{SZQV_^5YTrJ$
ztjqO&12>)D+TV)#^?Y2#&!3g9f9q|qsNLIvjAKLJaS)O+m@<bGN~(pgqIDDR#RIH~
zeeda5`yKsmvAzkPneva~G1HEx$`u{eGYdIW{G#x-I#DCFmdEh=m3-HmHL(R15Y6!l
zpbgK{PyzMMVyKDGd}ORXv(xs|n$iB@BEBiiBK<dusFk;a3vyprR8=FYr3D0ffk`-H
zuUgz_U~vu)2{1gVD=BR1gvOv_e+Cs^qubN>%jEuZ+3L=hVX9Htv0Rn4A6SO6Kg8b*
zzlhDqO{LS-Rhgo9nU>N5?y<6Wm~vzFqhPJwc^nH*pGx!=JL3wi+Bx0}A?qIxy19&~
z;_PH5zU>O-RW)89kX5f9@2&mV@wl|Bw40zW%90_V`gPf}M;Mp*6+wXVo0s}`@+%CH
z&ky)T<wWET<pYuRd^!&KtMDp}W1lov9n{3KZ)XP7;&J11R<Mzw!^0*cfkAVWs8QHs
zi2rUpi@G@VEDNmGHu`HUZB83^ED_1*nk{hOZsATU=WgO$l#$@b_Q6!V=$z=w3vJOe
zw$pw3=_J=UX2+DZX==UU8t(A#T*jFjP!!!esL?3jpVGB|6|&j<r;ttme-^U+|DoB(
ztv-7HAsYC%<2C=u7Y4QSBa3v)*O1sWhiFv5I<dPKygHbpc9DOhq_HD50QyUG4WQGf
z4>RzrFtpdRwNi7pMfSs`>bNQqYc{^a8-wF3p`-+(jW<FJ@xeB-j3E7KH36B7YL)gO
zxVQ>m?FLGByJW01vBtN6>rJ5;6|SVK5#To-II_>3G}T1L&G;h<;2bv1nE`>jsy;!1
zIu_hw6PCk;*`yeWWC7R$;cafP07cJyV|8)vI;))1lc8GS8ErNj`mXwVxo`aT63P!m
zY3B4oSTG3WX44L3zPA0$rmOAvki**AiNiuvu0CzT(8`k~=&OwJ6cxF_s!wo^(@zwi
z^RYQ`%kSdJU%jf|va{zQoZJI{&Rr&ZG1P+P(_|su=3yZ@T2tCg5^29!WU#8}DfU2c
zaJqG%L(L_<jzF<p9;{hI@5tBI7mJ{~XC82!*TeRihGJNI%+T02racpX_I?*~!x3^Z
z$V9?MxhyuF#r|uWgq(u{FSeGN=tD_m+~u{vXp&T>ms0Mcwq6VTwABVC`(Cd3cq{{V
z&LS+*bva%?^La`^HKI0?Pf1n;82!`RB;X{4U6(cSEy09UEqa^gQBRKm@{vV;L4I^n
zXk6x}Oc%SVZsrF!@_cOp_yt_rYI&{83-VbvlXPjiWFYUiBZ}T{lflI-m-<|ub50Fh
zYY*YnPaCcxtY0!WmZ#8+PnZMxtR$S`X4iZf!Ev!gCht>JZSPZPbm`j~f7)_D_67=y
zHO{0)N5|!KTTvT_0+q+gMqNaexlGRKMQ&&+0S923r3H(u3L)ajCMKrkw_oLMhrOYU
zn~n#(V`CF)<#;>E0_G~fmIR2-Ra`Wv*3*tab;J4uAxh0znRCsbEEYi(*7aP3^))W*
z{qLVDHb>ePmMCsD$i~s8iA*8BpOcI8cX7(BipH{E{qWl=qD>;4x?rM@tMs1nRO9Ax
z7o7^QXaF37beSuNwAN~3Ff2Z<SM>(=NaC+qFZ)XMIv;*uiK5E~I%y4(8IgB_U#w}2
z4o764SK-%O#bXxaGSsS442q|ZkpJjB<P#LS@33(uX?0cU1oOflSs&I@%6%mP55E9p
z*n%{E=p84*;)X|*iRGxNV?U<jdEjdy`9wNg`<YMcEXQZsEICl5&m47n)9DJx84MvG
zs4x=r{&~0>ybM;gCD)jFamz6(%9O%t&e}$}HIxxfuX?^AR}Z+A?lPhY(FpEo3sfXC
zO$Li$ZICXm-blx{@WNP`#W!2mCFtLHD&MrJ9#7nzsAJH_b<g}#jvV@lq)_%JDlD4W
zPvb)v@2j+v@2$`0fPUDd-3YBCu(X)q3yFFYP&39^+a)w?(KAH6Ec^kKrgzm@3W8Rh
z`ZWAkPm$PO+d$3<kR=l8&l@8&tlhntMB~u4ZPnkSFMkDWd&V0_$4&E&I1+2CQ<4li
zlczqagB{<l;?qI7B+s5mzYL$L+rJlZKfKU|xopNo*hNb5kgqf%E63e#{LHPEI2dpN
z*xt~|v{aKPag|N|5X1yyq`=QqS{%>Zk1>SI?~Zn70l)C_S3la<n}&=`_w!=;45u)&
zQ!E=G_}AfoAOL@_%Km~%%nN|#y(B=I;xjH3bLB*W*P4&Undx7y2<=}sd@K(-zhy@I
zxp%Ql^faFYkNe2<{pF>^=f@pD*Dv@dtbyS^EEf$Uscr{?X4uI{@Usu^uog%D#-smB
zm7qsjx_hQ#LKcbOlZ!4g0?~#9ft8oJ@_mk6{NlWdIwxceaO^m<!xfGh%MI?x5_&M$
z!H*yCB(9D4;>I1GxE4?7AZPW-*R+pZ`79J#AcrfvYaF5yJ-Q<F796LiO8^M{62*}M
z(EzQjt^RH1_*;bW|JC}d?%>i?ux{yCGLkOD8osi|K&(;uE_G95j$8q(6DZnRzdjX9
z{J={dq2L)G*6eiZxB9p=U9W?I4)`h7#?*vt+lUGk_FcCVl))<?{vyw_g<q<!k(1*P
zy5=+Mh`sf4#;W2rOVi3{hY+opr%ze$G*M><Q__=<1t84dVKZZ;tkNys`2|#LrCP#U
zHWje%*9tcy4B2^7%!L`hxY5GKazDVDQrbSmt^suYdmD@|;#+^?iCg*-q*^ZQ%rxCU
z>)~6Yt6snJY!SDOhkDW6MYdi|oAxU}PGPM@ua50&8i<&KMTNWcZ&`F!KS3k9qd$aD
z;Gj~rPE7*6GWW-Lw8|yfO%(5<eIw9c)aUKl9}ZYKs-qFxQ|to5oCOL%ZGKuiJ2<t9
z^3528fn-nnT%C{1L7e^|&x(n_RS(XgkzCRAQEUB<nCWu-hr>tDzQ|y5E>~TN<=?8p
z(m8qXIB|(FtQopflA`mYz2(LGRyQJKVxHjH94;3GYS`hYqaWlY2(#P@-7PSEy63)a
zN^!XiKP3I5t#!`j$xoVbXoeI?7-ar>OK_DvVg8tqiO*dkJivgl%T$RU-OXQ|>->2{
zt<Z-nLD650w1Mw<;KQ%lqwU2QgC|8~6?^WZGxn5Q#g&h&jo%k<P}8oOG%k3J27mKF
zod^bBJ9VEE{&{PE-_1wqfDXsti>l`2`Rav)#z<BNs)|K7ly69`?md)|0j!$pPLXk6
z5Qu<4Jx^ynWAsvFr0m@ZUi;(d@?uk>&duYHb}QW`!t#W@G(IN%#%vBwNU(f9AR-7?
z5#)c}j2g;j^}q2RHxU14J1%>cP`ryu)}5hCrC%UhbZD}auvUwH@@a8Z%}5)cxuVIx
zLA&&Y9usFoS2#G!pu9(tNw<bk+;P4oBIvFq09#F#ely!fWst)7&)fU+ms9AzYuSlI
zpVH*aSx@~?s%QO2E_TfwTQOIVhHE%1?~fL8D}SX8P;{l?>e@QKt7QhZ`Y!jtm^E%O
zLi$kmliZ>(^;dSjaTQ(`J_titj!9g*#4OesEPRsX9#aRXxm8(e{6j%5vpbs!6_8o+
zCCMH3INmV}mu79QtV2$F6`_zSpKvIa+0I~FWY0DX{1Q9h`&3V&d%IwFBiNLXJmm1@
zk>cXc9EYrHZxEA^B}pX{jEoXw{zx_COXaM-=c`+>UZ?qo8kyYZw&mAJ*QMK{4{^H5
zKGX4t>jE#-g|D&H8z8PG*Tg@D%l|H1q^nKQwVxdKa$W3>30cK(TV2^=<0=<(>_$R#
zu3YSoh=7dS#GoJKMHw3MC7Gjsbe8vOAbt*nP(vD<N(rZ*b5;DWGGImJxvKMUG8Oj3
z5w%ZcN=m?>*+knnya#+Rq(xH2oVk5cz>{h&?ngVcN%k8XV2-gJJ9NF#GY*!8#a#{z
zTVKVGl!vU1@FdP3U4g^2*|GJ=yU<)cVfBL9tkKIGU~)*iPoekZD|8wKW1wSLG-7g(
z%0m^=h_l4?k&wE_MSs#M1<|E59_<z=4=uKtQDs)3AJ-6Q25{h%jo<Mk`S=#)YHOa(
zGG7=QY&mabUh2AefsA-RMf7iYVutaR`0c~VQ*drSIor0*ZaZBs6lIm3*RiE@nt-Nu
z%v26-N@Fpi6w&OvGiLrSqytsB+2ghqkU8W|!I>?@>opTlrklIS8AqRumzrIWj=!d!
zvQc-2<xYwCUcXpV{C@tarW^*QkEEjF=HYS%QQfobN4bnuZIDO_53VG7MVcP#I|sSv
z?>-OaA`93h{$}H}xoL6E&rg9fK(UhWt)zIlPEx4X@9fJ6j&<r8c=d=@*r1zGfG<^!
zyRisfq4Dz`4eOlD%NfHQV@u24<NHqyHuulcno+uAlb4Z7ScrLD-=1ks&+dH^bf+iE
z6yZGWN%=Ul4eir4vSO^yvVzCusA?3*_L}2Hfh#MA%ZRq9?ZXA%v4XRi$Lh|lQMm0=
zl2&BqMWL(mY{oBDpYkdn0h-)`n_iFKv-jo$Q82Wd$$gr~<-+SN+lg)()BWetaa-dR
z3*RvD9pB#ml;BUJ5({HpX73lW;-MhC8PO1*C`bFL<fF2uY(#Ttk=`~BM!Ox-+cn8o
zVBH%9F|QbaO~g$`J;(q8KT$`!^XUW@sbv*buTL?0ki%nI{K8V#(8)@hac!?>Uw^^s
z%La@0Kj#0=?y5KY8k}tSfQ71ukpN-aj{7BHP?e4@K9o%SxK&;n&m;KrVg%N9%ca_n
zoP=qXt9_jz!o?`Fi-@Hb5VdkTFvH>~SR75j>`@jsn2GqnN%}6OGf%x{&DmM$aWsc|
znc+QD&P%1xKFoyq^OReG4hdZ#a#Z~-_%A?;m!(EoTdqE<Dz|IituZ#}7zfU)T>H-C
zGHG1GF?6&VXw&2BH91nq5gnURy~QgXH$1N_L!h)Q)%0??U_Uv9w@!r*10FzWOFg#Z
z#Zd*WbXnt&YGZ!Zi`5^Qy>*`HWn!Et!YKU;1anXkDw9{c_J~?S$WX!s;G_gnY!s1_
zOk)4(c==ug-FLcSffpr0vtzIDrTa4rlZT?AbAt<G#?3>(jp5>>&&y(N4h>2TXe&wj
z2JgyBM)8ff)-O3NyR1y3dRnFV4?JvKH}+Enhfb}HG1EP6%@ifKpbG^f7xu9xu<8Aw
z?e(`vhlMFIk44=shTGl-aimu(v!~-m6Uzyb5xb0RNT!+j5l3v93yaqVFU4N3{31uq
z19Rf!U>N1XPpFt46@PV3mpV*dDRZnE91G8TdD6hEpI4F}^;{@WZt>2xX!*^&hqd6u
z>gO5hilarKl~g3{*J%=&H`B656A_W{=ikJ|h2xfOS6j=53=ZKb&(|gpMRUVr_BBS@
zq7CjL*k;Sy6?L~T1P{O7zV&J%DRHCQ9d?K3!*JD*SKOS*ha1>IL&USE!Q1-8Cp~wF
z-+kkG!qHw^D3_gH@cMvBTWvoUhsV%GTz^zjQ<s;1tP&MBy2Pm#vB$e!6_Fu({+V6V
z7p&XtKO!j3(%3Mrd$nG3c0B%|)6z!o<K(a<o0Div6;E3MLK!b5#p^9m`jUx38qe%A
zJzEHP{Qb^`z1f~{Ib~ujJAEc%7zHh=K1R5edS4}RS)_zB!p}^r*Lvmtxo5{ge)Bkx
zk=WpksgQs_+5*}O<pwwa-qH+)OHza|(oBG(rEg_AHtAa>buB?xNx=I^C@Rr)!rgfK
zbbZ9w1!v#Efsis}a<AtP=f{P+US&7%54C>MahvquixVLiopU6eXy@7X&u76Y$dbjW
zf^I|*%RPwT*Ah4W`uy%xw|a8f&KQC4?%XWSG&D$$v-|u9QTSqmYd*h0oKKz4O7*kj
zZTiz6Do#%#%H*MIU=78AmXAZytc9^rN7c5ui7c)F9X*DwV@}J>6>;0X@|wHbh>n{5
znB4Z#hV1oUx})JFSXs4y$mRa8c#Qb+JQ~2|7e+;x{bj~Ehk)VK7+%$knnc+>P^=fe
z<}`4#ij6l~^ApOGquOp8R1qQxYcST)|M+ghxSQ>K=AvytM9IgGrz#HPllO}k`ry2}
zH12s{0z|jB=eb^0J8RP9)ud7E<h2&GBda#!^eepR*R8q%_%0A4;oCpQ1ZmjzJ00Kw
zZ&PXb7pSRLTH=&idX4+##lxA7Uy4|IH@8g7y(<~+3KS@lS82FH0X(-=hLpj|Y$}?h
zH{Z&N@EhOlQsYs;JPXr<18H0e+dEXIa*IcPjSPi?;E#m<1gQU0YW44kaB1iuihPbW
z{pOPxoCPzkoO8<QwVO`kfaf~7^m$#FL`<VPU;0{#7oIR(ggyua#JRK38RY;_4$meg
zFR_P{e_b@ylb_Xnh#shOThFI}MnF&^;oxrcNLSE65}GB-22g{T-dOoDBEN_&xi4g8
zV!dh7{~OQ!IMo4m05LU0=kdjt%&9h_I>*%NyaiEh@SvQFx7!%0-*~6?a~P*C;77Ls
zxPWEdN+m0VD$(-Uy#sISY6O=)9m*Io3wSFjrDHPye`wjh>db0R4fcF8b>MAY!LOt@
zhB7vq1iba}bwR)H+1_LCTc5r>d{48Or!?1s!Rdku=MpLfpB)QY`=Ks0#A?nErNvt#
z@SX{WoLS7`Mv1lE8E6HPYAdu{elJ&BC{3)!8$9gl2&o=xT+H=v{l~?|2j%!RMO=;G
z+Ain{bIkQWl{&3aEItE0GBR-&S`p&Riy^}uMdIP8D-3s(KL6a{&IuC_<Yc9wyTFUv
zQxmv^ADb|VMr0q%*S7zJt$P`Z9Nw|tJJPl{!Cn7tGS%ZDOg+v{x{GP9UoC)Y3QX<i
z^dcq4&3oQFdzEW0?O=CYoxQPuv@P=PR3i#53^&}*epTDBZQlDvRpSv8?t3?d{Ecbc
z_en%*6p<xK4pTTwmuI7dX=-GPkIUM{DWnu90D>IQTdurs-`qLzgRUIUiBun@)H~IA
zZ5^V}4Zga)TWP#TJ<ferk~QqY-B!<5jt6YP>Lq+`^~eU7K@YD2q@d-ANA&J!>B-Ps
zy?68O9IC19h?lTPS|=o)A*I*ziwbn9)w*vh;%7ArL~qO0`Sp6n-q8fb|LMobooU2D
zGxUt{TUjWV6I?_Y%Fnfjla~-Jty34bn%L`UrwEPh#T_(tyeh>AcTfk9_4M5%t^bFU
zj=(N({S6n;Y<n<tsu7WL-|x07PHk88{!MSgz+_{}_0E>$EPAD;sS>HKFKFBp@9iF0
zSeH_{toqH~v$!*^&Fb5$4xibnEnAhbcKZpvlZZqL3SH4<90o~k!U(@UmpIXIzh*jd
zpN#c)sliZU<9Y(1P_yMum$D5#CRZW_HZW@_Q3g?dajWo~3qHoG&fY1r2~3yu19ltQ
zKzZ(@sUIY3?=yNPOqu{k;}tJ{%!-)SZbh$5O3kX%z4cnCD*Sa}R{5A?Ei)l2s|!;=
z_?^00)mQ~#{h-Q1Pg0u|xvW1YX{4yYKlW-ce5-b*y-HX*Vth1Ui{%!ENR}`1bK6*H
zP~kEW6A$0EuaBR4C2E<7{nr`$?fatba>cnBT(qe(Okwu?rIi+##HO(=k0QF820QdE
zRBxKLBFH}pAAbo*_aQa_>B;QTef))&nZ3#_L1S4Ckm+E`>idm%c<k!eUwa_g|A>K{
zwm`Jtgm55!a_Y@Ji^s)J7u%u_!qYj};4!lk>3A$QIqcoHDMDcHw;qjnSn(Qr=12V8
z?0xvoM$W)htzaUWi5NVT?@^;HHHaYdS)eV_Q^}v%CEa<tWVRgh;Z;!spSKOmQtRv5
zwaW-`+@t92w_Ol%4{QeZ$e~L3Y*Jz%Kn_?8<8vH4PVimkKGHgJ-NnNn)KL_VLswWc
zzarj86NfVzXm14&ik<_b(kF}+hso35DwPx`2=0~NzA~<TA46W>@M)D5ly{HMcHas}
zb`ZkEY0j)x)q+~BNJyNH=uv3wn33ydhMJuv@{lsprcvcf-}E1hf=F3>o7f8xJc}c`
z@`P_*X26_$73-Vc&Xk_m6+EIhB+_YXcv&k<<oe8j+a;|7YwhqG?*L~N@Cgy`j%YWu
zQ;S><%j)@!x4wy!H`Hf1tMeO_L1Ob6Y}LkA<{=9GFB9@D)oKEXj@fOJRYSq3XCGiH
z%4<5=;mYf*&&?lWek~p#7!2ISqwnZHl$xp=GM=0shI0y1Z!bwsSDPnN(-j`Cxtz7V
z9Z#H|tQ)BO1!gdBFgjA$zq&|16iOF14~+b1Psf8(ypZ6Kxhis^j!1fRwBna;MrhHz
z9AyA5p+-JD9Z#2m@#o^w@v;&74>(QSMO3ntvXT(FXeOKh0*dyE1VyA0$q_Sb-@ZP;
ztzXmN=NvYN(yHQ~n^}UEmqX=2O;efUBydAEjI&+F1pT3>&^C;oqtm1l{OG2!i}X#_
z#2ne|H4!4<ES3)CM^-VnD(WX2X5!!Nw)g?&sOY1v^AoSboQ&fcV9H5Z>IYj+=ex-L
zxbQBn{Rb57rXf+u0JoA6^H7<N+x`RVxDtwA!~G6)-Psmdl2{vN>>SLIbsDlUtfUP0
zghDNW9!lJnjRTyr>pTdZvH<cdN5GAi0p>k%1~ZFDhdKdkYu~ZT;&+So6?v3cz8CIJ
zK)vB%WA>>0`??z<XXhD)2t-7s+`z}T$5Mc$7hU#O<p|f!sOcpo{T~hXpo!BTdLx&K
z^}B#hf@dIy%^9>&f#WMNHZs&VSkjjxw$=$_dJ_Z257N0VTqSTjw+o6#<v)J%uQ>{>
zmc>t#!+1$FM_pBTWZ)eB3nVNyBi~Oa_nF`V!qtVxOQ4w!5(%w)V)vE<$y0ejX+#Bw
zN-wa7CaN&WSEER8M8W7%mx^MA+M#nr<MoW|ulmy|2N5s`zB6R@=hERXZacgzp0=&Y
z%q11`fZV*xWxW^hR{NLq&C~)Gia?e7q+y-WRIINj|AJayFh!M)Q5Z}2T>i$Z*gG1e
zuEIqXym;O1>0ue}q|2sWh`C#9q53ipSO*<NtXxDC&4azTk66gmM{g0#@e!Aa^pI`V
zD60RsQ5LW^?d9gH!H%om@R!8xL)zc2vC7=~HJ9P~yOTZ!uuKi;DzV*x1aJ_EBdd3`
zeOnMdK<{j99&o4msM>`nV~>s{ETd)*4ZbI@411D5tg5AZ5AW7Ux+?FED6Sj*b@}*w
zf8Q+Ke)9{{uM=bcv9J^-+P}hme4W1jAC&j4|3m&881aWQw_&Tjx4LLt)e$ZpY&}_4
z_e$2^#x5KQ!J<fk)q7+NU>M^Dbv2-JjD+V<%~RT{*a*?#{<32sd=+Vb<ZN6^jKjUE
z*Sy~AOx);Z9LWp*!k(S#XMDYg_M{8W<2@3h)_2rXeQ%?N_O}rr*><k)ZyT=lwn?Kx
z&(T>u^YP^`I3oiZ($_+7=yKN3y4fkS7`@}MR#Ul=UixlZkf=7}bLRpDzCg<e$%%;#
zXGb61&sWbERk^`NpBE^DwHi4nvt4iK<h$s)NoEVFKU|fRa-g0+s-Jpizw8u&IcLTu
zZY>yR+iUL)o-?|n*Mrc&?fV6Y@4_5Zy8C>U)(I!1+i^ZSgzAs6o@(o-QJxWWJn>fb
zD;c+;jfhW~Oqw_O@%fnCVXQE-f&=obbyIBdoDZs7azDUE<o4TomLw@AS8#8W*_mB~
z`J;ROy$@&i1?(oDsd^KgNEE)y5ZWdtDs@lj{uBx72?JL1=Q-rr{`7e<hAS)=b-U#9
z%}x5_s|t{1EX6^U7cM7H&1)ZZt*)1x0nkvccJRFvobEH_=hm*dPYuuEbZ~3u$!Xs_
zh~Pc(=H+{r!(;Mw_tT$ysef>%I1K+U#lzp<{P&5}`@sl{DbDb_$09bL!|Lt%FL=^~
z96nG}TJYMOnM7>_0+{wTw0}w7s@B0ubA2`{=Q-x4o~cD!%xqKCFT{x<`L&H)2jLuK
zImqr7jn9*SXc0g{y|g2dn$5yQM@P4l2jHvPRJS;UpR;IYe7R}oW1_L0UK0ANzDv-z
zTNtkDj@uJ2CAuMys$Hp0Jz+pZ{prUX&sl0S@;d%y`Q&)cpH5m}0Vhzdk>jj$U^MgC
zS0o<D-&^i8BR0o$`>rU=l2?eb{rc&x0uWAGN>%z%<vcNRkyQ3l_wIq`W6Mt1<-=13
z&RGxv6ZAEo4SW`4#K!(Ib?<>~`UHs3XVxdC+rZGSg97ud)x}0(P2PM`R4Po>4fd@7
z#<RBB&R=5NFC3T1_<*xIKZC=@>jMc#Ou?h#Q(k(H0=mHz&9IwGF}pO6*zWI4`(aFl
z92>S*njm)<U<IQDxUdrdg&~lUmv`hBr%YVwq!o3?WAw0TLLHLF`{g&FI!1QlB^&#Y
zEXNukwLV%s7sVXh_5A0;VrUy5_ukmDxd@{+XgbQeI9@_UgK~+-_(q(E8RPkJGoM>p
zjF;amAGmPVGEkv=+UyW$#P{VvNe@2>DG%w06K%|pvfk*14CRAQ_^d_ncQKu2Tyhj*
z3wC2+$&8BPZmmK%j+Se?W>j)(9J5lOI+LEGa9;Y3(!1Hzz0gH!ht*#hR}PQJ5ULt1
zWee+fO4jXHfnW&<c|8^SOn8=&RkgZRY!9I6MQsh%lGR1#ryBy$(GN$BhpzWYzpksO
zH{*et`CV^#@~(*EH?W?YK(i$gU?}%=W;))xQYavO1Amkt+J%(ya&O<7XV9CJ`h<}g
zqfi^!vDah5`PQo4idvgoIwSjM>}DW`557GQaL_BLp0sHf%KM5LZsB5lWTSGbWEml|
zf|GJu%E|sX@a|HM?xDZi&9You)yzThfela-llPHV^HQ-2P55ap96VKprp&Gw&xW&f
zgJW?K=^CLS95K6zhpFoOdVIIR2FY^OV~A$Q%HSOC##|LWK6hYLlI4rn1So%U{8Hn_
z(5J4Ki8=CDK{bVWD+Z*3`&ypW>YEID=sWQ`v&U&~spVMI({aiDFK$w*98pu)#+B&`
zohkuS>tsI0Rk0{f-J=`9YcC};LVv?I(+_$4Dh?}HJ5uPGs=)(wBqe>JVQoFcUMO;u
z;&me+0bpt)_dr!{5?EtbtE{}j_kQ*B?ZF1m66(G43_dQmMw_*(Fu;eh-eQ$5Uy&8`
zQq6+Q%)A^f70&Fky5;kf{JK_nz$`Nl=<ACmt_Jb|8zX{-8%wh~*~hdTZx3AQah!j(
zTsb<S3Jn3Xcc`}!*5=XeM(1$Dxnl}AqE)19x_&ThGI6xLVI1*(DSKGQ;wDbzPI8s<
z0Gp>kH1OdN7eu#!e0RXtQ0%!iZZ{Ya2z#<4sv2^X_x>aQ<<0QUPB{v2tpQ8t)|uTU
zaLnB5ahP%H>_&D*)u$!bI!^v)`AnZ*KwIzu<Ypsne}&V>2;CL0pZt<sQQ5b4O{5=_
z-!F_+$s3y4a;RqUC@B&34pZX+9<?j{m%bcF2~f1+s8MEap%puATuh&`1gp0HUom|?
z6fJ3ZxS+TkjgR?g3b81`L{_4jpCgH}{z%UewMJ5xU9P|Ei63HcQ#3B1rlq?~(p77`
zWm>d0hx83-sYbh7J&;1MVdFhvQ6Wx`J{Fq3`+jH>&^g_Pi_J;OI(S(n8h^6i(eQol
zouDaY>URD5@Q38Tr~B&n^4Q@lN8Mnd9!Q9$rq12fcd-`OA}F?B%J?^)%w~hHD~{k8
zA6OD$2|e%)pY~t(6mX*#3;w1mK!}T{SsB5+I0XT23~Ex3{zqmKzA4`!-5Hth-${3}
zeuB7<DK^Oe9^owwR-4j3`!Sq4^oz6DRR3$~w81}S0{lf2cIqF_C<_KXmgn{$wBi{X
zoVH|0Dm#N;eN6&Uz+XkXdNn--v(AjwZr1M}45rMTkp<}x<LWI^`YKlKO+Gizuh%}2
zzJqlV<I{-R<89C#=_;D4b{R`uNd$#eRsz?H@>V82BNQT^%ox?TN^g8uUNU_gb*CmL
zOFhiU4G9?jIrudeK~w;&S`#-O5IBiFe#K7Kp!{{!MYZ9D7n)k;%$6cYP*7tj<7OI}
z_JS~UhOo_lTe)3e0w+()tgg0<4d|Hh0h&t(8z?q4hUb|YI|_Z5d@onk^K`R_+kAq4
zUL=>jbdSFl_9UL>8rTx;`=+5ey*w1cQ{>ou*zC9^CGztbE|-oot+JByH(sW<3~71f
zIp}A<hvjFn1d}WXq5|&HiD1z7_$g?E_h`ohW~OYGE>S3N&qiu84EoTcMxegc6k9_4
z<iYfOrF~878xG~4WEHJsL1@^GA3Q)8Jc<wcQeGw+-#hVD%_NXTlEDH_y=QOgQxJri
zbE$~w?j77yrDe#$1JpZf!*$(%`U(G6Z~nVHmkw3SCPDYsr)SO?t?wZt`jaIfbAXBK
zvgCq4;(0utc9<4!Iw(nmrWZ`>THfu^vCK0;+(*S2=Ec~GcuSADTi0*;*Uld&<&<z{
zzCsP(4WMQ+@}8O8DSElZ+?nJmATiSE1uxiem9pUzE}vdCapba6@g)~=UVcirU<Ar!
zZ)n<JG*IpL)yQ|&>RCC$W|oND{^}O_+(4YA$T~SvEE<BYtdu$G!vIClYwk#x^k-cq
z5u&<#^v`IRL_mfnQw^mEl>6SS6R-nTDd@OQWMQn$`&3R7tq)aGd|<n-B>xefy0?){
zGrvnF1MWcdnWp?4dbD9#pHc|ZhXO-y4W@3sS!Lsr1q9qE$!m+YgsR&!qDyD>`-^fa
zYqnr1rb@xqdI7qXj7YG(wm`WBM(=W&M?F_<S|<(!M6yBzYICO<Q$La@|Bv>*Ix4R2
z%aQ~VEJz3vJOsBQB)A3$Rs<^?3J4Zb1r+WYf)m_=yA&>kQ;^{95<IxOYr4Mv^_s~y
zt9xYinx5&k`p^5`Tlc(s-@A6sK6|6UwhpE22K3OX)<o-I!0C!wG-x~5V7<rjg|ArN
zN-5lmnji#6sezUdPZ5+dN4l!eY0T(89`Dp_Ee!D*nByn>YII&O$y_nHw$QINQ4bUJ
zNUDFaP2dDf<$B>jO;j%8^{m7;1=zvNm>yPW^_`z)#M)rpPB;Wc>He-Y&E)fN<wCBz
zMpGPNMrPJit!>}H8P6oJvs1Hd($el+-WBClrLz_K_GdQ~rDB8308$b@Af*7HS@yVi
z=6({5Jg@cyh$7w6wcblkxO~B11n6(oWaKdBN+SopZu_8ls&=LV=Y<GJ;;0?P7?RfO
zS2TC3d#NYYlM88lb4qeL8-b|6isn*3B%f$DTXme14Z}fHNWFx0pv@OGYDnKarPR%-
zL{_;P>Ny>(G=(@*)QWmp(1Vi;;(MKP5%alBtdw#GGWd^)9hl(~C>E}_bYv8@?~pB#
zyiD705C~K=-w3pOg{dqfG{=!~A*-H2OY6784z!fjbG+$F)vB(UFR3cpJlx$L4ys;0
z?-NO^%#v>us9#NZSJYI`q73rN3j~8u^1FK2X9Q?G5#`I1$!3Ks=1{9&Roqk2%d3lK
z-5$&%6SeVMwx#LaAURPFw~4fd@R^dK;=0@CgDm?L@SK>e2KI@avs)hZUkJH`ukF2i
ze|)~DK^+_g<z<xbZ+-+V`-TSGyy~5@(UNCeaG{7mL-LHf5U~MgNvR9b`7TEd^xo4$
zHJJ3Gsp*&0!r=-!w@_8yt95tHOvzbdLQsY)>y&yJk%y>M#wGhnzmsPpUMacKXjqfq
z79v&d@NlX$9S`VdydMSpmNcOjCSQ}>Y}Ismezxr_ShADPEsh!HWv}}ijUqy8n!wQC
zv1!C|vH!$Ff3`2Vo^{GrY1DD7Jv`}_<d`GgCo*>SC0gXn+b7H!5)<fcyUMDEZiSuC
zY6mQCp`zZVq6R$cwM+fVKUVam%n*?hHSb>d`{H76lR6p}?M6hj?Ua?hnQ6W9ohNfT
zM55l>h5~(Q8B@^<2fgaA8pLSj)RLwGxy27k^S|xh2zprr)_xoi#2$k+Y%ML7>5Ea^
zoro3}xz<Wg*(H=QibV&6h@nEQ;&=~c)~oNi#mcnL#*(HYcxkG(2(-c+rQ=6=MyClM
zR4ErQ=M70soQsuxnJ^6K`2+&umC^yD5ro=G{_H}<E-uf;Z^atWYX_|L1%s#bMLZqW
zt5*hO+qQ6aT(hS8*RPuS?v@7TVt1ODVS5fovtx!|ay_oXhiX4mw_#%g`Hr9Eji<gn
zJj5)Z#d|OdsLs63^7N`ubr~`3{HD#Z_ZOv|97v|Atu)gB=^?kNl;glV!)Kw&kZdU_
zuftHDPU2=zW>~gV+Q(5%ji~H{ND}b?K|E+4XgKK6D8hkD4>n|5`S<S?BgE2At_rz0
zq|G{YPz(YoHFF1<LN1J+zj!c9v<orOK~pGlyPfd5YCRJY&T06!Y8qWP`00g#IPRA}
z+3kjuRmDTHUfK1u70U>Q>+*FsH4kd)qAE<rO}%SyfgM0rCi7@9GPcS-9~R81CGWx}
zhPV=hpLniIbvw?_A$E|T_Dggx;iA~%;jtLi|JW$~`zUfzo0@+<Q&u&z9{oo1r+U_C
z;?&H#hSjCpJ0C@}X!EUi>;cznO2*op2Ynyl0BH0QP)_ptG(*fK!mh{jn@QbW1bez^
z1Yp)akxu1j$nv}%pjGNaBAx)+g9}kYYzD_IRnI{FoBh?_Xybe0lBEkKeAHb*+8#F^
zHD=N=5eE8Z=U`l`cGepsU^GgI13x1?ZmuMSi6YgERq6W3gG{F}tZU-ONLy=kxQ*2U
zp;fb;1>f>)4`XRi(5_(1qBHY-KIEE27~lG09_6@$&v^N(ddMut<F#6d=$(7I>Z6hj
zf@?eVY!+i{P2tsb@uRa?y1gN~2B|`kXxndjWjx?@c+3=03DQHLyBgk3&LYi{G18mk
z)yjnInzjd}mcA=MTnPvcjuJ|oVGQ!?u#fpxxqSp&@zssRyIT1Q7quB5xWB0vKND6S
zhX1tpZr)eEQyM#E>*o?v*CrM&!!xMr^SA2|2<q52tYm!8JzZM?3xeZwT9qJ`)j4r+
zSXfwvwj~r53`O!>Si`0{bRHc5qDYzKt@UT-V$4(EIKDnOYXYr0fb#D+@_+`v7Z0(8
z)Lru^x0T!7Ovqbl_tfqsPyVp$M74O(81oxV4RME)lcf-96V!kCS~rS90pgmFqz$5y
zL`mYP3lU0SJk`llUgQ0KE6nZwu-iUXwplh2XW`W0ZS1jL!mAt^Bc+<rWc*?dmKQ}f
zN<}Xih!}sB?`Zr+t2&~y8|2)~yq_0e<r4kl%jW<0ekd$~u54g)CGIr6ss4y3*G&=k
z5|iOw<a2P%Q{?4956csQ8_0wL1fL}5Ay6g|cox`u(6hm0)T1f(B2kgwJi!ZxG`MHI
zHH0@h50z<DWa+3TH}~r-FT4M65#+^i{V&ay0{$C6fQJ0NiU@VhOZu^spyDe2=b9h;
zdX4tA5@X7ps<}RnGbE@G#S!L`e2R_6Du`NB`~D@Q=#5|%yr$MsG0aHQbt^Ww*GM_j
zUz+1&G?ynjXL})JlSuvrS>jT2&aG@7cM9G8g!n2CO<VHag`M}dQ+lRa`8vuUK9_!-
zn!l+LZ+frhvK#))tV!)xzlE2>!ZULF{SgL5udy6;sXepK$yKui{?{sb-7+2ir`n^{
zRO~O$jRJn!Ep$zbTv&$M?%ocXGpCG#ryC_26=zVM3*`r(au=uFn9II)G3}1xnZO$d
z6vOBBAB}gir3}!)4H~xOf4{Kh{za(ACO$8((=ROI^({}PyxJ2!PqH}-B3ae3+`nf8
zSeU#*6pYOJAGjQNje-^T71t<!_6~-bVUpoQ?Ek7#U!8=q7V)ILABO-n;W__K*VA8z
zm7*&l9gQ(^K$ai~wpyeAwN_5cG-?7zStc$IdFC(-7h@;+P~d*6;Fn06us3i*g70SN
z$OK)<LFn1yj5Fe_Z?&k*ATWHKA4a`>4=R$`Xb1GQ{EYMKMsb9Cc{!VlC+2fGn@*W?
zAzNULjg1ZmQ$nTW1s=Hq6Dd_go^&4%e`zuB7qQQx1ORd`)KeWK-G3;E&OCIB(}%64
zMTW!JP32jGv}(?`9stD~-rn`{;)U_iqzqN!Y4s%lUNFYNo0K~9r9kR_lq;ERw(O%q
z^1DbPgrhEkv1%Aol<i@UN|kMVj($qBR9#PPzZ<Qw>(7DL>N^m2P8fhM`;1p$Ir{Mz
zjUpQrA+7J}N#qiklnAVKAR+jq(cf6mLZiO6YO6_b9&0{R+1*Xqu3@YG2&)T6lhK&q
z{NtqR#uN~JZGg(!*=#(M^TPLZ0=OTW<GhJ~Y?(k<UKOt|hYN96uyvrr9+4MUosv!~
z+$j(XmfHfG(>B;CnD8_`B2`~}6Gvd9YVd1gl4lOn!C^K(i0wd&XrKJMZYy`_>qx3-
zBE_}u3J~RSV%d+Inx&x>k)OxOMA(nWs8(a`QBO#KRgheO=-2|UP5KLd(3eg8lp!69
zR-e6O&hN+pa*bi;lv-Dhx>-peU%-7;>3G_u(Ej{#R@$CzUYk9T=u4sjF(`mYT{pNe
z6gmME;?66@4;jm#@sZfkmj++@J!ey5H0E-09w)Re^-K7Y^g3)lK_!lV0dzWnv+q~z
zyi+lIqBO3$Yd11|qx#l<aNm0OwnQq~T`c(uIgpH)U0f`)^I6poSkEbV(zzd<(;O+K
zDxBL^h&7Q;di$(Q>fHU-Vpj)7H@s2Vn5oQLi)&Ul3j~Gb(&|h>BV5kr%d$Yi)x*+5
zK}<rVO~Ceq(5K@$xI4LYYl7LEIJ*t8nbfOAZ#7G|6ikrdaIk$wZa{@Qo6qZW5`z>9
zzx(s43+}PRDenlbT~`F=tFHaeX<AhZJz5OB{cBS5jb8ialRWeJ&We0n+fztzK#wgT
z;jxY*Hb4ORxvo)CJryoH={WOcL0RANG$atXled(d0E%1TvsvU50QoPqX3RttZKGE?
zf=EWNr=-JkYTT<^VIGpZh1%`KqS;lPMpd59MjnD$dh^q~SezFj=i4OnGqPSj`%E47
za!U37)4F!N69uXJItM#vv^PVQV{J<7y|)^^n|h$f<}UJT)-O1CpV<K?3N?966!oab
zw|VHta78V`w4RIuS(JD`ao;Eu;8Qk!_Dta|f)Ss4J{;e0$kr!HJJgM^tBbN73WWfS
zYj}!li3@O7avs6o$;pW(6j%unQ)9k5r7NRAZ(P?46cOGn+$tAKa0R0}UXm}qxw>@J
zeRZeN+1J;-x;@2flU%`^r-@Y}mIur!HK!i85AZZm?4=&%na%gXMCv=vRsEXjbIFY?
zeyJm=;qLH=mHFZob7d;}7f@B^TAGjW3b@&3z+F<swn+9xw;7vuV}0E#y@`pv-D{HE
z!EM#j5M>uQX8l`xwk|t1P=KDJ9Gj~IU0nlOMHWabyEN=Ff6}YF*dfc(`9)5_+LReu
zp8TUaq$H*bHTj|aF4AO|PfHGb=|5dd1#FuUer3otRJyxIHGu2h$kZt4xp(8pw!e$s
z0`6Q&wvUZMWt>ZFjK(FmC5K8-RA!|OjQ|ZD<;VT-4?#mtKC7sX*HJ@_N=E4fO8m!J
zFdWbY<6tqQp1wiIYHSoobbIZDvn_q_T+Ly62yk3)TeG{ix8`Y~-*9m@<#bRvJ71av
z&{+>!H?Dar7u;gCH-;#>7)-C1X=+Ys!8f0_D>`xpym+jhcceg+`lJU0vJUr403n}C
zh$dudh5;usSwtU#skhO~lOGN9#1ERgfTCwv*g4<L<<jZG&1HBdOd3ia`?%3Dmw2*u
z*lF&)zNvJ!KOLz<E|_QLk9+UmcNtQ<-|Pe_4?HOeM9pG%aF%t~`GLFixWbg_>C*+O
zeLvW6KC+2s%?3A}u#ru(7}zoM#3??n<80LD%3hX`WZIEM!E?0?R;cBWOW*R=**|)j
z3Rlo<+y@o@;p`apW0t1h5!yr{h*9GKC<|N>xErq2B`;ZJsm!ZSDRB1<xxf^w$onOn
z0jX6cRCYsURSu$uV0Bt{Jg}2gw+1{^iMmONnr<LT3#CZY-o{NMhOML|5K(t>^hkg|
zRO9yf`Jra97fwcSiQyMe!7p&mOBL#DvpTZSY_<lBllTn|e#%e4C<OmmiBrzSk13~S
zhWth_q<n7FFK3<KkvP*Yjx-CZV6IV=O#%J2St9gc6N9FDTz@D?@^$=IV7uYd1zkP<
zDM^K;0ScM@o&w3_16DU^oU^2+@Y&D3t90m3?mk)bJ)rEX`MJgEE8Rdo6qj#;yFVoY
z`@ovH{;g+en>~m)>f8LNdcr6%MR1`)pgIe5FsVj}*}%`u$h<^Ok8`Ai?{czRk*@BD
zLW+|PFBcm~goc9kGtx`^LPH;aB$>6*{;(H#Buu2w(FKa;Dvb?PN7BC4G8@muI-t{q
zR?V|oIv4Hrg*y>dE^wNuQkQ+;&zIS2K~~@OJFGh{uJql|SUoVxeap0zOcwpuR5aoy
zq@L+wQ^1o0J@(n1A))ge&(|jv?odqIvq?sMW<izqV(@)`uAl4Ke9HaDU~AN3Y-HV}
zm6xeMk6Nm5F??{LQ@_MYyq8q#l87dGAy!zxhcCM1fX2_^Xnbj(V<s~1CAQNEG#pct
zlUUFAQeY$9dju~8Hv%8_Jt)yLSQyICP1%Q2B7lD_+`W<Ioo>`=PXsxS7mVL13Vf!s
z_Jgyag+srqrOM`HU?0(|y_Ngl0Ov{e*U|ZG=&<%3;PlcNkUdJas4UiTT<FbTdA(Bl
zdNvCq9<(XBDhARdRvR$zgF<QN#@fmn#MpkLS&(b(QA|MIni;I8QG1RYY29e|wtO1<
zzkGix-J?w8b7_-vwJ}(HX<f&oM#q1k4}}DZ+2G&V3W-l%s|*@u>~&0_G87%vR4}7M
zKK!nOIdhsJ0{=0@#KGUA3*+)xs=W=^9}kt@SBH~9dL76@&*wYhWx~p%<v0Dd-C&^Z
z$2B2KLoHwDw5|d!uBB`0i~a}6kS8q>9)K2GrRm_-a)sLRM$-2k>+(s<qolnrdp_k-
z5|(JypAzDKdFytG{$*Mu#^oYph3`g5I7NFIUcDSt-{FtiCrEel)^yHc<2iK?FiE{=
z_F3lpq#4OiOcS>oqPYt1RN7r*tt+B$2OeYgRff|X9{7{rOPkvD_zm@`pYAwZ1;^1P
zN7{BP=d#H(O|A+N*TgSJgMLoHU?Au~+SM!DDxvfc^Qq8vVJ@x+f58CLif=uD^Mco1
z;@=YG+=wV0$ICRx=s8&>=Fn7T;<QS(RQtcDIlZI7{VLP?D#iPWUqB2^n?<N4gp&;C
zAvuK8C(U>g*}wonLN(LanBj+I<a-J1=9C9b9G#W8oC9;UAuf5^MZl#2#kE{~S%D1J
zjJ7Dk*+(66QXzPodMX&(;=@q&!L%8<AZ4?;<8*?i$m6g4Az}KZWRzB8#I<HqPa5WS
zuJC^K7;RBa&>?0)h#yixYJ&{j6VjiUHGin`-n2z9S*8bQhGX^i9|+Xf*d&d`^G3r7
z8uHR$%MVd!B}62Gfl+$khUW}crZE~4tC?=7Nwu1|B+l%GXI^iPDUj&0RO-BbRi#o)
zA23bq*Wi<4htZW{G+rc$U|etyJ0ZfR$|-rV$y=f85$V!Gablmycl5QCbC$E(%z|KX
z-<h0)O|;>itVzOJO|9W@-H1Y{_V^>b5}(+qO1Mfv2cu_uL+S1b7oJFb)e{Rpu;fyn
ztY;PD?ie;=xxdG^R$qZYwrjSgY1?;Jf^|JpK`9l;GtO`!)A7Rs;QIA&rYF>vi28GA
zZZsw7cwwL5mg<68yvhtUn`?Y*ToE)_W)xHDsHlT&#5dd@JXcLJQu!N=vPSs~c5<yz
z(>U?BVzr>`ZR1|V5q(j&_xj?mqTgu512VC>_VR!8#goVk2vD~IUM@b3F{cu%T7Z?b
zzr*N{?c8|hz-b|+*W~0cwCr<6QnXYwfKug~D_K3b$m;rymLa~VY*!o8vJgsp?}Iw|
zK@l0R%l^C|+Pi=f^K#?xzDB=0D;)LdMgDQ&^n%@0_-?b}H`*q_#bgmmfBDY~V}DxF
zE%`6A|JBL={Ez*o_@!Q6&|mR*uGxBTo7`;a?)~c_u(;#uOayBeDN(GidKN0Grjzl~
z?g>9(pSyTvvF4ELZt@k4jqiB4<{rQ0I>X)+)N!oq(<K}2jJ=<sTa);zK+6pqg)>dX
z%bTbp1;q;hCrc)5+Bj3SmVhvkt0a#szsw|LYzq9|_JlUP#I9eKt>foeZ=EFMa`V>0
zj<PHl@f$6+GB!e|)ZyqGw$f;<-i61hs3?u{v2Pe74qJ}qCMz#MP_22=ZH=bV{STw8
zdxEW8NCVnqD#N=t$QLoZQA&PF%TC7jXrC3X@?W;KgdW6k%qkL>()N=xnbPZ7%~)#+
zarHpXPL1`X-)QPhKySnbR`Z#Qcekzgx!NB!vn>H#k+eo0Pielb(JnAwtu3qF<qJq(
z6t&$;g`z-fX=5obZzfO~opc?)(WbR<)CM+haDN5n3Cdms-@CfR{ziigKK0y234TPP
zSbTT$|1hJ`8hhd<)_O^|6|Q=>?44%7DE^1xzctAwS7afgycx^QB-Yy{eIp@Q`8;Kb
zY@v+c3ZLt~*Imgb^gt`{HV{SIX9i|f=Fi^c^8Gj7H>X$tA2+05zwLQzF<-C}pN`%k
zXK|OUVl=h{hzMH=E<e_$B8HQe3(N)rw%LDy@>y4kB*x&nR-$S#7VD_+soJ}L*|z<O
z1o)qaQ~$&V{!41X-)8#%vw}7O#qnmsP3kOdL-S^v?Z+9i?%f=?v+I5?4wOJ@!HU&3
z3&rSqKzi~?lqjR*x+(pQ*1qPFaG~ju%*kx6+m+JX6MgTQeo^t47GL@<gGbv6ZO+m>
z)AhR$$6UBdF2TziB|IfoYKWYf-)Nfs3|SXI)#w5Gr1PN3P=d-dZd;PCfZnjMEDZNn
z&Q}@!4pK_*aU|#LzdLLCS&Xorr8hx2lj#sQEWaYiL{LsL)^aTm{#nbwXPIgWj!FW{
z1gaDG4^tgkwLTYL8O`jH0Z8@Idycn$cGOJA%)pf9vvou^zvU)e&{^{+jaRq8)(TkZ
z^WZ3_)JF7Ut?0ET;b!?}u&PV#+g<=6_szDI;%w8Ig>^!2ybc6QCKqT+IU4K#_{Z3!
z$5c|=w+-ioMZ=4IA+7{lkKbr~#hJU)mN&}>-tA*C6TMdnrQ~LNOBV%Gl$IL0M?1*z
z>0{iNL97S^Ds3R`r|@l+l~7471V*vQSO$8db1wT|@VN-97~H&mV~lkadJbsjM|*<!
z_z(0P5;LZHL&!dxlitGpU}*tz1qsY|6X-4ix{CKGK@T*i1go5rRl`mip`f_Up(lUy
zSN{J|IH@J$W-6}d?Bv*(|7<+K$SsC9QO-A0R$_^bGxc3a7t(H#0UF&V(8ysQ;T>zz
z+0%Jcsu6u<6=qXA0D0dN%9ydDlyR9WFN#${qw+(RR(jM`R0}e*3eZZRU#{OV;9|CN
zROIz2BaPAOnHfR}s&lv3Y4QY7$wLHI&l`(k4^?V<#_o?2nd^u=oCH9KolMM8ait>@
zvXrzTKjdzM+cnQXs>Hb@QhFL)GfAlds$SxSmOZ?{a0onts>(cS*Kzv!Wygk#@OFp#
z^KJY%7;>2I!#eR`d$d{m*PxM|78l2I)&%jj<;r=KmD-mp#wqH^W!V+U$TFXh<A|t=
zZ9QQ@+lHeS=eqN>$YVF}MZui2Y2>>`J`LtW4R@yMH%;P12{Ef}1g@uG8vTLfdx*^k
zuMLP|ESo42<Ltn0T26kO+zP7c-@bpk_ip8Rsc?YKO!@M8Jm;`3D4yaI&GEP+XfnGn
zzM2Rao24#49u3t+$};^TeHh>895a4QqhdFdi&DzrRT47jY20Co2W~N-a-L0|&(G`u
zK@H4k|BvULe|;9iDK$#33I^}hn3`yX_V*<dnbyoVbyC%QQ)AVQH+0Qhp({sYxV%L%
zHCEW%jIGm-={6_pd;G~|Rb_P8Y?I5(SG*Tj2VhOE`>Mf#$HuDiH6?4-&K`Nbj@0S+
z6u+`FYrJ%k-!Gn5?a7xmOGbbcGrHp~+NwSQ{yeqxhH%|^$Bv&O#pmI-Q14SQWDS7U
z&7<wwLTe22hhfzkk$@jDvmLV(&3gO83Z>-?KcWL?0DP5!Pmvg5J-X^~c#b&om<4bg
zH$HJh!hK7xD3|gD)SDvxj-bpcG;ksP)qT>$>5RK2SnTvF@N}{)Z)$*b^XL7j;WbKr
z{C{cRkS9Oe<VN0m=Qexv^f#JQ{t+A{B7A-Rv(9ttgkY=0P%*!zqwPTXo3|qL+Dgls
zO6oiJZpeJ#;z^3vv{w^keFxl^{G>0jFhrIyu7Gnu9c%x~_)}SzKp*aJZ`!&}Qaqaq
z6{OECE$Yhw_<TgUae0DTukuj?Mbcq};Syb0R`xvlH`>&d{ArW8WBw89;4xhBM_b1J
z=;I8Mv=5to&pwyEsbFT()6e8nvo%##(}gY2@2?YYP3bp4^t-2-gkN91c^>RtEACqR
zdOSFOeT@&!on&vIJNJot6IfFOd4Zle)|wU`v4;XZl^sWIxp_B?U7|3^oANh*bfGup
zvYP8-nFVfkf)*V!QS7VTQnyTaEu~qfN;xh;o#bcF7QzP<XIrX&KSq@s+oV}5r+l3q
zu&~<W?6KuL)Nate4)-gN6#od@8r<q6ik`HBRy7R&6(T~H0~P7iK69~dlRNroOB*CG
z$=1F>Jg#N!{P9KRSq>EBdpt_~cKhvQ<789Ivu0s@(F7I*n7U5lB;}oS(pX^>fsOJf
zOGa6Dz1XNGXsY^S<R@%54Hy^ErM;kkuYdZA9XV`p;ax37LpdUE968HOM3V8fRQJ?<
zSePVp6WZE0AO|5R-=>1J`)7VqVf_o*CL8q9=O))Y{7U*t>`hb|zI*tb2<(1t#Zn)x
zBl48{4SGryRn@=(_2S%g-rhXVRIXFSzVM+qpht!*#5UnE(v(fDfHc`j8vlK3-VXr2
z6pUm$GL8gK2qV>D)Te0_ZhJZXBhltS3#$p-x)2(c@3?k;a6~+hfXx=iVe**5D4b7s
zM(ZkIs5%9~=jCayKTJQ|vn3O=v(h0J{K#RtNqmx7OHxr$FaaIL^Z0~2z}9HA%tcUH
z43#neYVLBjLK{S_9*V%tCZemPP};y*kPLZN?x>lcvF%Wn+(mS08@_ya;_)Tu`Fs^s
zU1mPr0+YV>N8;Fq)IHYP$&8uSu?2aIeQKF3pGpv%oS&+W*}tQDu-~Q4Pus-s`JQHN
zsVjzDLCTPF;j4VA2jk8$3rg8dVidbzm$p{nckT?0wZs)z?@b5z?xLp2x(Bk>N6%vc
z+@SBSY;&nNyqGp)?JA_#{|%1*AF;+hNH$;Wgt6bYx!=8<1y8i4dz06do!}juhFaNc
zNyS{h*}EfLg9T6?ieItOZqUX)c5a`Qv1s4PO$eDzt><eD0DX&kxyZmz9{as&+N=}n
z6FXGWAaXlMj?#BL4jRYGG!|t$`@(-s1OFXW6=Tipha>XmCHo{(^p2`gk8FAgGcDek
zb{W5kV11Mb5Xn!`*7ON;x*3eC>TjHXlQ_u!G2*1J$B=WGI{tP(X-`bu-D5K`JB8n$
z$Uf{xgMn^?f_lwH4G(_v0|_%6HY?8D4*V-&So1sA1ES-(Q3~s;v09aNw*1N>)7ucw
zQLuZLC?!}8zuhWXx3i4Tm~IruDK=N)k@+k!JdByrJR?q;ebsb9Q%esS+EWzF-}q?R
zvv3WaI)RDfCy^G76n-XUbdG>8aZJI{<BEGm=^g>zRvH@Hhq5I0!Sl6(9kBYaNylxe
zuhoxWUOU%Ga#Doj;0Nz>>5zQB_;EW)8f$p@b`_~{5okvB%_bcH4wJfNf&65da#IiR
z&<7H!rrxhB@p+tz-CtXIRn)8qNWY`iHo+-L#x=@Ptd>dod_;s1qDkxfX4XGnPc4Cy
zdKRnm*4Un0WVK5s(7YL%V`AX*XA)GiDr?eL#Z*TTZW0%J^sSsl!5nQwygP2!ry~z7
zda}d#ZxGCM6-g#q7JCQpa=#V4Vx+sE)~4X|xo*`c^<nXGC}NJq*9utiuse2Lp5H#R
z`W(V{cPrOTW6Kf{+k=QAbH5M5r*?umh!vi$vCYk{wAGc){PIpYSz17jhA(}@Ygz{!
z&G5bVOSbRax0Hv(ImPx|FMc2#J&~pnY0GbAmp*pw7r-?-?p-Do_c0%4E@CL3Niymx
z-B*gSt4Hj1^vXL<u)+lVFt&L|Sh3O2(8?gAnW|ODi+D#siIF}f*HI&iky!IUJXg;G
z`S+q>tao2CO81pW2po8Cb&u0>^jEB1izj9%O?A%}dx6a+d#2LU7XS=6mj1!tjo%lr
z-GOA_K_E`p<y42QafBVGpor1RX2Optyi3$O4+bkOGx_u$4Pkaq$GqN+eWxJ!@F1)&
z-SVe!SaaY!N@^)5CYzCEu{`M<$wF}Q`r_-Vhv<^YbZoL|!4z1yXO^Jr;81<$OF=DI
zyID5YKfj&SG>h2(y4AQ&)bT!i+53kc|A~k9H3SY-AxFQzDG(<kYPL77@Mbh%)iwBG
z^no8Hdf2-;9pPpsAesl5%OOTGLM>Uqn)y^%z=>*ZqAZ><SW>#lsLyd=jDez&xp;>S
zhcKYSCCV7FWcTtdvaR|h=LuO*U*za~&3fLr-rOd(Fs`LwGh48gE(sIgk#(HivFb9e
zmEK}H4nJv`ed&?5nNrEkdyo09Qmmhmz#l=gH_;E~Qro0T+#kncMhPso8&Dh(JVqML
zJ+3HYP3^$lD<i8P>}-4mJ0gCaU&>-E6<*Ue$ZHvX0|li33G;O&6Y7XVoM=6&jL#`)
z$iJ;c99lCi0o2@TSL}`pY#C=w^cY_!EXkzhtv>IW#|Ke-szo^s0=7X&$zjiFAbKlb
z8f!8D()K>nwF~=_C(*?~?J2?HULUE>ru6x1&?!>_A4Oy$T?Hp{kmGnxlw@n7D6GB|
z4}Z;Zh!bq^V{M`ACkBf>C)q5}Y~^b8@dRh*bTypo1UJ<73X8?8hXPY)VK#Mw{by_j
zeMOJ5Qdfz+sV=x$_~kSFQuMS~X;!p&<rN8G<yANZ$mc(BFDo*=X5U_PfXh{<DG|~B
z`Q^Ky1Q+Q0&PfCYt4+Kd7D%a~M$`>b25d$CoKw7!{_3p}b$t!0S1Z#@g>(`@^gk_P
zcv?ic@;?e*P2mKdny^~-@e?mD47p3qhqW&vw7br9Xv^{&DT7-+RYYu8iW>seT^HzQ
zy-6KJaeG=C+m2<wyI0gDpNBrbFQPv?y)d!m-y`L|)0ExW0{-K{|BTO_6}rB%jbL7$
zA_JexKAxf+(4N~@Hiopr)_eUMoz993OY#+Yj>LF!MV1jWU-M=f7A~{3sC&Lqi4j!;
fd5p+elm?`kN8Cq6A*i!WS69b>oHqsi_w+vjM7w$M

literal 0
HcmV?d00001

diff --git a/docs/multitenant/lrest-based/README.md b/docs/multitenant/lrest-based/README.md
deleted file mode 100644
index d9b72a9d..00000000
--- a/docs/multitenant/lrest-based/README.md
+++ /dev/null
@@ -1,501 +0,0 @@
-<span style="font-family:Liberation mono; font-size:0.9em; line-height: 1.1em">
-
-
-# LREST BASED MULTITENANT CONTROLLERS FOR PDB LIFE CYCLE MANAGEMENT 
-<!-- TOC -->
-
-- [LREST BASED MULTITENANT CONTROLLERS FOR PDB LIFE CYCLE MANAGEMENT](#lrest-based-multitenant-controllers-for-pdb-life-cycle-management)
-  - [STEP BY STEP CONFIGURATION](#step-by-step-configuration)
-    - [Multiple namespace setup](#multiple-namespace-setup)
-    - [Create the operator](#create-the-operator)
-    - [Container database setup](#container-database-setup)
-    - [Apply rolebinding](#apply-rolebinding)
-    - [Certificate and credentials](#certificate-and-credentials)
-      - [Private key 🔑](#private-key-)
-      - [Public Key 🔑](#public-key-)
-      - [Certificates](#certificates)
-    - [Create secrets for certificate and keys](#create-secrets-for-certificate-and-keys)
-    - [Create secrets with encrypted password](#create-secrets-with-encrypted-password)
-    - [Create lrest pod](#create-lrest-pod)
-    - [Create PDB](#create-pdb)
-      - [pdb config map ](#pdb-config-map)
-    - [Open PDB](#open-pdb)
-    - [Close PDB](#close-pdb)
-    - [Clone PDB](#clone-pdb)
-    - [Unplug PDB](#unplug-pdb)
-    - [Plug PDB](#plug-pdb)
-    - [Delete PDB](#delete-pdb)
-    - [Map PDB](#map-pdb)
-
-<!-- /TOC -->
-
-
-
-**Lrpdb** and **lrest** are two controllers for PDB lifecycle management (**PDBLCM**). They rely on a dedicated REST server (Lite Rest Server) Container image to run. The `lrest` controller is available on the Oracle Container Registry (OCR). The container database can be anywhere (on-premises or in the Cloud). 
-
-![generaleschema](./images/Generalschema2.jpg)
-
-## STEP BY STEP CONFIGURATION
-Complete each of these steps in the order given. 
-
-### Multiple namespace setup
-
-Before proceeding with controllers setup, ensure that the Oracle Database Operator (operator) is configured to work with multiple namespaces, as specified in the [README](../../../README.md).
-In this document, each controller is running in a dedicated namespace: lrest controller is running in **cdbnamespace** , lrpdb controller is running in **pdbnamespace**. The [usecase directory](./usecase/README.md) contains all the files reported in this document.
-
-Configure the **WACTH_NAMESPACE** list of the operator `yaml` file 
-
-```bash 
-sed -i 's/value: ""/value: "oracle-database-operator-system,pdbnamespace,cdbnamespace"/g' oracle-database-operator.yaml
-```
-
-### Create the operator
-Run the following command:
-
-```bash
-kubectl apply -f oracle-database-operator.yaml
-```
-Check the controller:
-```bash
-kubectl get pods -n oracle-database-operator-system
-NAME                                                           READY   STATUS    RESTARTS   AGE
-oracle-database-operator-controller-manager-796c9b87df-6xn7c   1/1     Running   0          22m
-oracle-database-operator-controller-manager-796c9b87df-sckf2   1/1     Running   0          22m
-oracle-database-operator-controller-manager-796c9b87df-t4qns   1/1     Running   0          22m
-```
-### Container database setup
-
-On the container database, use the following commands to configure the account for PDB administration: 
-
-```sql
-alter session set "_oracle_script"=true;
-create user <ADMINUSERNAME> identified by <PASSWORD>;
-grant create session to <ADMINUSERNAME> container=all;
-grant sysdba to <ADMINUSERNAME> container=all;
-```
-
-
-### Apply rolebinding 
-
-
-Apply the following files : [`pdbnamespace_binding.yaml`](./usecase/pdbnamespace_binding.yaml) [`cdbnamespace_binding.yaml`](./usecase/cdbnamespace_binding.yaml)
-```bash
-kubectl apply -f pdbnamespace_binding.yaml
-kubectl apply -f cdbnamespace_binding.yaml
-```
-
-### Certificate and credentials
-You must create the public key, private key, certificates and Kubernetes Secrets for the security configuration. 
-
-#### Private key 🔑
-> Note: Only private key **PCKS8**  format is supported by LREST controllers. Before you start configuration, ensure that you can use it. If you are using [`openssl3`](https://docs.openssl.org/master/) then `pcks8` is generated by default. If it is not already generated, then use the following command to create a `pcks8` private key
-
-```bash
-openssl genpkey -algorithm RSA  -pkeyopt rsa_keygen_bits:2048 -pkeyopt rsa_keygen_pubexp:65537 -out private.key
-```
-#### Public Key 🔑
-Create the public key. 
-
-```bash
-/usr/bin/openssl rsa -in private.key -outform PEM  -pubout -out public.pem
-```
-#### Certificates
-Create certificates. 
-```bash
-openssl req -new -x509 -days 365 -key private.key -subj "/C=CN/ST=GD/L=SZ/O=oracle, Inc./CN=oracle Root CA" -out ca.crt
-```
-```bash
-openssl req -newkey rsa:2048 -nodes -keyout tls.key -subj "/C=CN/ST=GD/L=SZ/O=oracle, Inc./CN=cdb-dev-lrest.cdbnamespace" -out server.csr
-```
-```bash
-/usr/bin/echo "subjectAltName=DNS:cdb-dev-lrest.cdbnamespace,DNS:www.example.com" > extfile.txt
-```
-```bash
-/usr/bin/openssl x509 -req -extfile extfile.txt -days 365 -in server.csr -CA ca.crt -CAkey private.key -CAcreateserial -out tls.crt
-```
-
-### Create secrets for certificate and keys
-Create the Kubernetes Secrets. 
-
-```bash 
-kubectl create secret tls db-tls --key="tls.key" --cert="tls.crt"  -n oracle-database-operator-system 
-kubectl create secret generic db-ca --from-file="ca.crt" -n oracle-database-operator-system 
-kubectl create secret tls db-tls --key="tls.key" --cert="tls.crt"  -n cdbnamespace 
-kubectl create secret generic db-ca --from-file="ca.crt" -n cdbnamespace 
-kubectl create secret tls db-tls --key="tls.key" --cert="tls.crt"  -n pdbnamespace 
-kubectl create secret generic db-ca --from-file="ca.crt" -n pdbnamespace 
-```
-
-```bash
-kubectl create secret tls prvkey --key="private.key" --cert=ca.crt  -n cdbnamespace 
-kubectl create secret generic pubkey --from-file=publicKey=public.pem -n cdbnamespace 
-kubectl create secret generic prvkey --from-file=privateKey="private.key" -n pdbnamespace
-```
-
-### Create secrets with encrypted password 
-
-In this example, we create the Secrets for each credential (username and password)
-
-| secret usr | secrets pwd | credential description                                    |
-| -----------|-------------|-----------------------------------------------------------|
-| **dbuser** |**dbpass**   | the administrative user created on the container database |
-| **wbuser** |**wbpass**   | the user for https authentication                         |
-| **pdbusr** |**pdbpwd**   | the administrative user of the pdbs                       |
-
-
-```bash
-echo "[ADMINUSERNAME]"           > dbuser.txt 
-echo "[ADMINUSERNAME PASSWORD]"  > dbpass.txt 
-echo "[WEBUSER]"                 > wbuser.txt 
-echo "[WEBUSER PASSWORD]"        > wbpass.txt 
-echo "[PDBUSERNAME]"             > pdbusr.txt 
-echo "[PDBUSERNAME PASSWORD]"    > pdbpwd.txt 
-
-## Encrypt the credentials
-openssl rsautl -encrypt -pubin -inkey public.pem -in dbuser.txt |base64 > e_dbuser.txt 
-openssl rsautl -encrypt -pubin -inkey public.pem -in dbpass.txt |base64 > e_dbpass.txt 
-openssl rsautl -encrypt -pubin -inkey public.pem -in wbuser.txt |base64 > e_wbuser.txt 
-openssl rsautl -encrypt -pubin -inkey public.pem -in wbpass.txt |base64 > e_wbpass.txt 
-openssl rsautl -encrypt -pubin -inkey public.pem -in pdbusr.txt |base64 > e_pdbusr.txt 
-openssl rsautl -encrypt -pubin -inkey public.pem -in pdbpwd.txt |base64 > e_pdbpwd.txt 
-
-kubectl create secret generic dbuser --from-file=e_dbuser.txt -n  cdbnamespace 
-kubectl create secret generic dbpass --from-file=e_dbpass.txt -n  cdbnamespace 
-kubectl create secret generic wbuser --from-file=e_wbuser.txt -n  cdbnamespace 
-kubectl create secret generic wbpass --from-file=e_wbpass.txt -n  cdbnamespace 
-kubectl create secret generic wbuser --from-file=e_wbuser.txt -n  pdbnamespace 
-kubectl create secret generic wbpass --from-file=e_wbpass.txt -n  pdbnamespace 
-kubectl create secret generic pdbusr --from-file=e_pdbusr.txt -n  pdbnamespace 
-kubectl create secret generic pdbpwd --from-file=e_pdbpwd.txt -n  pdbnamespace 
-
-rm  dbuser.txt dbpass.txt wbuser.txt wbpass.txt pdbusr.txt pdbpwd.txt \
-    e_dbuser.txt e_dbpass.txt e_wbuser.txt e_wbpass.txt e_pdbusr.txt e_pdbpwd.txt
-```
-
-### Create lrest pod
-
-To create the REST pod and monitor its processing, use the `yaml` file [`create_lrest_pod.yaml`](./usecase/create_lrest_pod.yaml) 
-
-Ensure that you update the **lrestImage** with the latest version available on the [Oracle Container Registry (OCR)](https://container-registry.oracle.com/ords/f?p=113:4:104288359787984:::4:P4_REPOSITORY,AI_REPOSITORY,AI_REPOSITORY_NAME,P4_REPOSITORY_NAME,P4_EULA_ID,P4_BUSINESS_AREA_ID:1283,1283,This%20image%20is%20part%20of%20and%20for%20use%20with%20the%20Oracle%20Database%20Operator%20for%20Kubernetes,This%20image%20is%20part%20of%20and%20for%20use%20with%20the%20Oracle%20Database%20Operator%20for%20Kubernetes,1,0&cs=3076h-hg1qX3eJANBcUHBNBCmYWjMvxLkZyTAhDn2e8VR8Gxb_a-I8jZLhf9j6gmnimHwlP_a0OQjX6vjBfSAqQ) 
-
-```bash
---> for amd64
-lrestImage: container-registry.oracle.com/database/operator:lrest-241210-amd64
-
---> for arm64
-lrestImage: container-registry.oracle.com/database/operator:lrest-241210-arm64
-```
-
-```bash 
-kubectl apply -f create_lrest_pod.yaml
-```
-
-monitor the file processing:
-
-```bash 
-kubectl get pods -n cdbnamespace --watch
-NAME                     READY   STATUS    RESTARTS   AGE
-cdb-dev-lrest-rs-9gvx2   0/1     Pending   0          0s
-cdb-dev-lrest-rs-9gvx2   0/1     Pending   0          0s
-cdb-dev-lrest-rs-9gvx2   0/1     ContainerCreating   0          0s
-cdb-dev-lrest-rs-9gvx2   1/1     Running             0          2s
-
-kubectl get lrest -n cdbnamespace
-NAME CDB NAME   DB SERVER   DB PORT   TNS STRING  REPLICAS   STATUS   MESSAGE
-cdb-dev   DB12                             (DESCRIPTION=(CONNECT_TIMEOUT=90)(RETRY_COUNT=30)(RETRY_DELAY=10)(TRANSPORT_CONNECT_TIMEOUT=70)(LOAD_BALLANCE=ON)(ADDRESS=(PROTOCOL=TCP)(HOST=scan12.testrac.com)(PORT=1521)(IP=V4_ONLY))(LOAD_BALLANCE=ON)(ADDRESS=(PROTOCOL=TCP)(HOST=scan34.testrac.com)(PORT=1521)(IP=V4_ONLY))(CONNECT_DATA=(SERVER=DEDICATED)(SERVICE_NAME=TESTORDS)))   1          Ready
-```
-
-Check the Pod logs: 
-
-```bash 
-/usr/local/go/bin/kubectl logs -f `/usr/local/go/bin/kubectl get pods -n cdbnamespace|grep lrest|cut -d ' ' -f 1` -n cdbnamespace
-```
-
-Output example:
-
-```text
-...
-...
-2024/09/05 12:44:09 wallet file /opt/oracle/lrest/walletfile exists completed
-2024/09/05 12:44:09 call: C.ReadWallet
-LENCHECK: 7 11 7 8
-2024/09/05 12:44:09 ===== DUMP INFO ====
-00000000  28 44 45 53 43 52 49 50  54 49 4f 4e 3d 28 43 4f  |(DESCRIPTION=(CO|
-00000010  4e 4e 45 43 54 5f 54 49  4d 45 4f 55 54 3d 39 30  |NNECT_TIMEOUT=90|
-00000020  29 28 52 45 54 52 59 5f  43 4f 55 4e 54 3d 33 30  |)(RETRY_COUNT=30|
-00000030  29 28 52 45 54 52 59 5f  44 45 4c 41 59 3d 31 30  |)(RETRY_DELAY=10|
-00000040  29 28 54 52 41 4e 53 50  4f 52 54 5f 43 4f 4e 4e  |)(TRANSPORT_CONN|
-00000050  45 43 54 5f 54 49 4d 45  4f 55 54 3d 37 30 29 28  |ECT_TIMEOUT=70)(|
-00000060  4c 4f 41 44 5f 42 41 4c  4c 41 4e 43 45 3d 4f 4e  |LOAD_BALLANCE=ON|
-00000070  29 28 41 44 44 52 45 53  53 3d 28 50 52 4f 54 4f  |)(ADDRESS=(PROTO|
-00000080  43 4f 4c 3d 54 43 50 29  28 48 4f 53 54 3d 73 63  |COL=TCP)(HOST=sc|
-00000090  61 6e 31 32 2e 74 65 73  74 72 61 63 2e 63 6f 6d  |an12.testrac.com|
-000000a0  29 28 50 4f 52 54 3d 31  35 32 31 29 28 49 50 3d  |)(PORT=1521)(IP=|
-000000b0  56 34 5f 4f 4e 4c 59 29  29 28 4c 4f 41 44 5f 42  |V4_ONLY))(LOAD_B|
-000000c0  41 4c 4c 41 4e 43 45 3d  4f 4e 29 28 41 44 44 52  |ALLANCE=ON)(ADDR|
-000000d0  45 53 53 3d 28 50 52 4f  54 4f 43 4f 4c 3d 54 43  |ESS=(PROTOCOL=TC|
-000000e0  50 29 28 48 4f 53 54 3d  73 63 61 6e 33 34 2e 74  |P)(HOST=scan34.t|
-000000f0  65 73 74 72 61 63 2e 63  6f 6d 29 28 50 4f 52 54  |estrac.com)(PORT|
-00000100  3d 31 35 32 31 29 28 49  50 3d 56 34 5f 4f 4e 4c  |=1521)(IP=V4_ONL|
-00000110  59 29 29 28 43 4f 4e 4e  45 43 54 5f 44 41 54 41  |Y))(CONNECT_DATA|
-00000120  3d 28 53 45 52 56 45 52  3d 44 45 44 49 43 41 54  |=(SERVER=DEDICAT|
-00000130  45 44 29 28 53 45 52 56  49 43 45 5f 4e 41 4d 45  |ED)(SERVICE_NAME|
-00000140  3d 54 45 53 54 4f 52 44  53 29 29 29              |=TESTORDS)))|
-00000000  2f 6f 70 74 2f 6f 72 61  63 6c 65 2f 6c 72 65 73  |/opt/oracle/lres|
-00000010  74 2f 77 61 6c 6c 65 74  66 69 6c 65              |t/walletfile|
-2024/09/05 12:44:09 Get credential from wallet
-7
-8
-2024/09/05 12:44:09 dbuser: restdba webuser :welcome
-2024/09/05 12:44:09 Connections Handle
-2024/09/05 12:44:09 Working Session Aarry dbhanlde=0x1944120
-2024/09/05 12:44:09 Monitor Session Array dbhanlde=0x1a4af70
-2024/09/05 12:44:09 Open cursors
-Parsing sqltext=select inst_id,con_id,open_mode,nvl(restricted,'NONE'),total_size from gv$pdbs where inst_id = SYS_CONTEXT('USERENV','INSTANCE') and name =upper(:b1)
-Parsing sqltext=select count(*) from pdb_plug_in_violations where name =:b1
-2024/09/05 12:44:11 Protocol=https
-2024/09/05 12:44:11 starting HTTPS/SSL server
-2024/09/05 12:44:11 ==== TLS CONFIGURATION ===
-2024/09/05 12:44:11 srv=0xc000106000
-2024/09/05 12:44:11 cfg=0xc0000a2058
-2024/09/05 12:44:11 mux=0xc0000a2050
-2024/09/05 12:44:11 tls.minversion=771
-2024/09/05 12:44:11 CipherSuites=[49200 49172 157 53]
-2024/09/05 12:44:11 cer=/opt/oracle/lrest/certificates/tls.crt
-2024/09/05 12:44:11 key=/opt/oracle/lrest/certificates/tls.key
-2024/09/05 12:44:11 ==========================
-2024/09/05 12:44:11 HTTPS: Listening port=8888
-2024/09/05 12:44:23 call BasicAuth Succeded
-2024/09/05 12:44:23 HTTP: [1:0] Invalid credential <-- This message can be ignored
-
-```
-
-**lrest Pod creation** - parameters list
-|  Name                   | Dcription                                                                     |
---------------------------|-------------------------------------------------------------------------------|
-|cdbName                  | Name of the container database (db)                                                   |
-|lrestImage (DO NOT EDIT) | **container-registry.oracle.com/database/lrest-dboper:latest** use the latest label availble on OCR               |
-|dbTnsurl                 | The string of the tns alias to connect to cdb. Attention: remove all white space from string  |
-|deletePdbCascade         | Delete all of the PDBs associated to a CDB resource when the CDB resource is dropped using [imperative approach](https://kubernetes.io/docs/tasks/manage-kubernetes-objects/imperative-command/)  |
-|cdbAdminUser             | Secret: the administrative (admin) user                                                     |
-|fileNameConversions      | Use file name conversion if you are not using ASM   | 
-|cdbAdminPwd              | Secret: the admin user password                                            |
-|webServerUser            | Secret: the HTTPS user                                                     |
-|webServerPwd             | Secret: the HTTPS user password                                            |
-|cdbTlsCrt                | Secret: the `tls.crt `                                                       |
-|cdbPubKey                | Secret: the public key                                                     |
-|cdbPrvKey                | Secret: the private key                                                    |
-
-
-
-
-### Create PDB  
-
-To create a pluggable database, apply the yaml file [`create_pdb1_resource.yaml`](./usecase/create_pdb1_resource.yaml)  
-
-```bash
-kubectl apply -f create_pdb1_resource.yaml
-```
-Check the status of the resource and the PDB existence on the container db: 
-
-```bash 
-kubectl get lrpdb -n pdbnamespace
-NAME CONNECT_STRING CDB NAME   LRPDB NAME   LRPDB STATE   LRPDB SIZE   STATUS   MESSAGE   LAST SQLCODE
-lrpdb1   (DESCRIPTION=(CONNECT_TIMEOUT=90)(RETRY_COUNT=30)(RETRY_DELAY=10)(TRANSPORT_CONNECT_TIMEOUT=70)(LOAD_BALLANCE=ON)(ADDRESS=(PROTOCOL=TCP)(HOST=scan12.testrac.com)(PORT=1521)(IP=V4_ONLY))(LOAD_BALLANCE=ON)(ADDRESS=(PROTOCOL=TCP)(HOST=scan34.testrac.com)(PORT=1521)(IP=V4_ONLY))(CONNECT_DATA=(SERVER=DEDICATED)(SERVICE_NAME=pdbdev))) DB12  pdbdev  MOUNTED  2G  Ready  Success 
-```
-
-```bash 
-SQL> show pdbs
-
-    CON_ID CON_NAME                       OPEN MODE  RESTRICTED
----------- ------------------------------ ---------- ----------
-         2 PDB$SEED                       READ ONLY  NO
-         3 PDBDEV                         MOUNTED
-SQL> 
-```
-``Note that after creation, the PDB is not open. You must explicitly open it using a dedicated `yaml` file.
-
-**pdb creation** - parameters list
-
-|  Name                   | Dcription                                                                     |
-|-------------------------|-------------------------------------------------------------------------------|
-|cdbResName               | REST server resource name                                                     |
-|cdbNamespace             | Namespace of the REST server                                                  |
-|cdbName                  | Name of the container database                                                |
-|pdbName                  | Name of the PDB that you want to create                                  |
-|assertiveLrpdbDeletion   | Boolean: Turn on the imperative approach on PDB resource deletion             |
-|adminpdbUser             | Secret: PDB admin user                                |
-|adminpdbPass             | Secret: password of PDB admin user                             |
-|lrpdbTlsKey              | Secret: `tls.key  `                                                             |
-|lrpdbTlsCrt              | Secret: `tls.crt`                                                              |
-|lrpdbTlsCat              | Secret: `ca.crt`                                                                |
-|webServerUser            | Secret: the HTTPS user                                                        |
-|webServerPwd             | Secret: the HTTPS user password                                               |
-|cdbPrvKey                | Secret: private key                                                           |
-|cdbPubKey                | Secret: public key                                                            |
-|pdbconfigmap             | kubernetes config map that contains the PDB initialization (init) parameters                        |
-
-> NOTE: **assertiveLrpdbDeletion** must be specified for the following PDB actions **CLONE** **CREATE** **PLUG** **MAP**.  
-
-🔥 **assertiveLrpdbDeletion** drops pluggable database using **INCLUDE DATAFILES** option
-
-All of the parameters **adminpdbUser** **adminpdbPass** **lrpdbTlsKey** **lrpdbTlsCrt** **lrpdbTlsCat** **webServerUser** **webServerPwd** **cdbPrvKey** **cdbPubKey** must be specified in all PDB lifecycle management `yaml` files. To simplify presentation of requirements, we will not include them in the subsequent tables.
-
-
-#### pdb config map 
-
-By using **pdbconfigmap** it is possible to specify a kubernetes `configmap` with init PDB parameters. The config map payload has the following format:
-
-
-```
-<parameter name1>;<parameter value1>;<scope:system|spfile|both>
-<parameter name2>;<parameter value2>;<scope:system|spfile|both>
-<parameter name3>;<parameter value3>;<scope:system|spfile|both>
-....
-....
-<parameter nameN>;<parameter valueN>;<scope:system|spfile|both>
-```
-
-Example of `configmap` creation:
-
-```bash
-cat <<EOF > parameters.txt
-session_cached_cursors;100;spfile      
-open_cursors;100;spfile                 
-db_file_multiblock_read_count;16;spfile  
-EOF
-
-kubectl create  configmap config-map-pdb -n pdbnamespace --from-file=./parameters.txt
-
-kubectl describe configmap config-map-pdb -n pdbnamespace
-Name:         config-map-pdb
-Namespace:    pdbnamespace
-Labels:       <none>
-Annotations:  <none>
-
-Data
-====
-parameters.txt:
-----
-session_cached_cursors;100;spfile
-open_cursors;100;spfile
-db_file_multiblock_read_count;16;spfile
-test_invalid_parameter;16;spfile
-```
-
-- If specified, the `configmap` is applied during PDB **cloning**, **opening** and **plugging**
-- The `configmap` is not monitored by the reconciliation loop; this feature will be available in future releases. This means that if someone decides to manually alter an init parameter, then the operator does not take any actions to syncronize PDB configuration with the `configmap`.
-- **Alter system parameter feature** will be available in future releases. 
-- An application error with the `configmap` (for whatever reason) does not stop processes from completing. A warning with the associated SQL code is reported in the log file.
-
-
-
-### Open PDB
-
-To open the PDB, use the file [`open_pdb1_resource.yaml`](./usecase/open_pdb1_resource.yaml):
-
-```bash
-kubectl apply -f open_pdb1_resource.yaml
-```
- 
- **pdb opening** - parameters list
- 
-|  Name                   | Description/Value                                                               |
-|-------------------------|-------------------------------------------------------------------------------|
-|cdbResName               | REST server resource name                                                     |
-|cdbNamespace             | Namespace of the REST server                                                  |
-|cdbName                  | Name of the container database (CDB)                                                |
-|pdbName                  | Name of the pluggable database (PDB) that you are creating                                  |
-|action                   | Use **Modify** to open the PDB                                                    |
-|pdbState                 | Use **OPEN**  to open the PDB                                                     |
-|modifyOption             | Use **READ WRITE** to open the PDB                                                |
-
-### Close PDB
-
-To close the PDB, use the file [`close_pdb1_resource.yaml`](./usecase/close_pdb1_resource.yaml): 
-
-```bash
-kubectl apply -f close_pdb1_resource.yaml
-```
-**pdb closing** - parameters list 
-|  Name                   | Description/Value                                                               |
-|-------------------------|-------------------------------------------------------------------------------|
-|cdbResName               | REST server resource name                                                     |
-|cdbNamespace             | Namespace of the REST server                                                  |
-|cdbName                  | Name of the container database (CDB)                                               |
-|pdbName                  | Name of the pluggable database (PDB) that you want to create                                |
-|action                   | Use **Modify** to close the PDB                                                   |
-|pdbState                 | Use **CLOSE**  to close the PDB                                                   |
-|modifyOption             | Use **IMMEDIATE** to close the PDB                                                |
-
-### Clone PDB ### 
-
-To clone the PDB, use the file [`clone_pdb1_resource.yaml`](./usecase/clone_pdb1_resource.yaml): 
-
-```bash
-kubeclt apply -f clone_pdb1_resource.yaml
-```
-**pdb cloning** - parameters list 
-|  Name                   | Description/Value                                                               |
-|-------------------------|-------------------------------------------------------------------------------|
-|cdbResName               | REST server resource name                                                     |
-|cdbNamespace             | Namespace of the REST server                                                  |
-|cdbName                  | Name of the container database (CDB)                                                |
-|pdbName                  | The name of the new pluggable database (PDB)                                                       |
-|srcPdbName               | The name of the source PDB                                                        |
-|fileNameConversions      | File name convert pattern  **("path1","path2")** or **NONE**                  | 
-|totalSize                | Set **unlimited** for cloning                                                 |
-|tempSize                 | Set **unlimited** for cloning                                                 |
-|pdbconfigmap             | kubernetes `configmap` which contains the PDB init parameters                        |
-|action                   | Use **clone** to clone  the PDB                                                   |
-
-### Unplug PDB
-
-To unplug the PDB, use the file [`unplug_pdb1_resource.yaml`](./usecase/unplug_pdb1_resource.yaml):
-
-**pdb unplugging** 
-|  Name                   | Description/Value                                                               |
-|-------------------------|-------------------------------------------------------------------------------|
-|cdbResName               | REST server resource name                                                     |
-|cdbNamespace             | Namespace of the REST server                                                  |
-|cdbName                  | Name of the container database (CDB)                                                |
-|pdbName                  | Name of the pluggable database (PDB)|
-### Plug PDB 
-
-To plug in the PDB, use the file [`plug_pdb1_resource.yaml`](./usecase/plug_pdb1_resource.yaml). In this example, we plug in the PDB that was unpluged in the previous step:
-
-**pdb plugging** 
-|  Name                   | Description/Value                                                               |
-|-------------------------|-------------------------------------------------------------------------------|
-|cdbResName               | REST server resource name                                                     |
-|cdbNamespace             | Namespace of the REST  server                                                  |
-|cdbName                  | Name of the container database (CDB)|                                              |
-|pdbName                  | Name of the pluggable database (PDB)                                                           |
-|**xmlFileName**          | Path of the XML file                                                          |
-|action                   | **plug**                                                                      |
-|fileNameConversions      | File name convert pattern  **("path1","path2")** or **NONE**                  | 
-|sourceFileNameConversion | See parameter [SOURCE_FILE_NAME_CONVERT](https://docs.oracle.com/en/database/oracle/oracle-database/23/sqlrf/CREATE-PLUGGABLE-DATABASE.html#GUID-F2DBA8DD-EEA8-4BB7-A07F-78DC04DB1FFC__CCHEJFID) documentation                          |
-|pdbconfigmap             | Kubernetes  `configmap` that contains the PDB init parameters                        |
-
-### Delete PDB
-
-To delete the PDB, use the file [`delete_pdb1_resource.yaml`](./usecase/delete_pdb1_resource.yaml)
-
-**pdb deletion** 
-
-|  Name                   | Dcription/Value                                                               |
-|-------------------------|-------------------------------------------------------------------------------|
-|cdbResName               | REST server resource name                                                     |
-|cdbNamespace             | Namespace of the REST server                                                  |
-|cdbName                  | Name of the container database (CDB)                                                |
-|action                   | **Delete**                                                                    |
-|dropAction               | **INCLUDING** - Including datafiles or **NONE**                               |
-
-
-### Map PDB
-
-If you need to create a CRD for an existing PDB, then you can use the map option by applying the file [`map_pdb1_resource.yaml`](./usecase/map_pdb1_resource.yaml)
-Map functionality can be used in a situation where you have a pdb which is not registered in the operator as a CRD. It's a temporary solution while waiting the autodiscovery to be available.
-
-
-</span>
diff --git a/docs/multitenant/lrest-based/usecase/README.md b/docs/multitenant/lrest-based/usecase/README.md
deleted file mode 100644
index 98897d7b..00000000
--- a/docs/multitenant/lrest-based/usecase/README.md
+++ /dev/null
@@ -1,139 +0,0 @@
-<span style="font-family:Liberation mono; font-size:0.9em; line-height: 1.1em">
-
-
-# Use case directory 
-
-The use case directory contains the `yaml` files to test the multitenant controller functionalities: create `lrest` pod, and create PDB operations  *create / open / close / unplug / plug / delete / clone /map / parameter session*  
-
-## Makefile helper
-
-Customizing `yaml` files (tns alias / credential / namespaces name, and so on) is a long procedure that is prone to human error. A simple [`makefile`](../usecase/makefile) is available to quickly and safely configure `yaml` files with your system environment information. Just edit the [parameter file](../usecase/parameters.txt)  before proceding. 
-
-```text 
-TNSALIAS...............:[Tnsalias do not use quotes and avoid space in the string --> (DESCRIPTION=(CONNECT_TIMEOUT=90)(RETRY_COUNT=30)(RETRY_DELA....]
-DBUSER.................:[CDB admin user]
-DBPASS.................:[CDB admin user password]
-WBUSER.................:[HTTPS user]
-WBPASS.................:[HTTPS user password]
-PDBUSR.................:[PDB admin user]
-PDBPWD.................:[PDB admin user password]
-PDBNAMESPACE...........:[pdb namespace]
-LRSNAMESPACE...........:[cdb namespace]
-COMPANY................:[your company name]
-APIVERSION.............:v4 --> do not edit 
-```
-
-⚠ **WARNING: The makefile is only intended to speed up the usecase directory configuration. Use of this file for production purposes is not supported. The editing and configuration of yaml files for production system is left up to the end user** 
-
-### Prerequisistes:  
-
-- Ensure that **kubectl** is properly configured.
-- Ensure that all requirements listed in the [operator installation page](../../../../docs/installation/OPERATOR_INSTALLATION_README.md) are implemented. (role binding,webcert,etc)
-- Ensure that the administrative user (admin) on the container database is configured as documented.
-
-```bash
-make operator
-```
-This command creates the `operator-database-operator.yaml` file in the local directory, and set up the `watchnamespace` list. Note that the `yaml` file is not applied.
-
-```bash
-make secrets
-```
-This command creates all of the Secrets with the encrypted credentials.  
-
-```bash
-make genyaml
-```
-*make genyaml* generates the required `yaml` files to work with multitenant controllers.
-
-
-![image](../images/UsecaseSchema.jpg)
-
-## Diag commands and troubleshooting
-
-### Connect to rest server pod
-
-```bash 
-/usr/bin/kubectl exec   <podname> -n <namespace> -it -- /bin/bash
-```
-
-
-```bash 
-## example ##
-
-kubectl get pods -n cdbnamespace
-NAME                     READY   STATUS    RESTARTS      AGE
-cdb-dev-lrest-rs-fnw99   1/1     Running   1 (17h ago)   18h
-
-kubectl exec  cdb-dev-lrest-rs-fnw99 -n cdbnamespace -it -- /bin/bash
-[oracle@cdb-dev-lrest-rs-fnw99 ~]$
-```
-
-### Monitor control plane
-
-```bash
-kubectl logs -f -l control-plane=controller-manager -n oracle-database-operator-system
-```
-```bash 
-## output example: ##
-2024-10-28T23:54:25Z    INFO    lrpdb-webhook   ValidateUpdate-Validating LRPDB spec for : lrpdb2
-2024-10-28T23:54:25Z    INFO    lrpdb-webhook   validateCommon  {"name": "lrpdb2"}
-2024-10-28T23:54:25Z    INFO    lrpdb-webhook   Valdiating LRPDB Resource Action : MODIFY
-2024-10-29T10:07:34Z    INFO    lrpdb-webhook   ValidateUpdate-Validating LRPDB spec for : lrpdb2
-2024-10-29T10:07:34Z    INFO    lrpdb-webhook   ValidateUpdate-Validating LRPDB spec for : lrpdb1
-2024-10-29T16:49:15Z    INFO    lrpdb-webhook   ValidateUpdate-Validating LRPDB spec for : lrpdb1
-2024-10-29T16:49:15Z    INFO    lrpdb-webhook   validateCommon  {"name": "lrpdb1"}
-2024-10-29T16:49:15Z    INFO    lrpdb-webhook   Valdiating LRPDB Resource Action : CREATE
-2024-10-29T10:07:20Z    INFO    controller-runtime.certwatcher  Updated current TLS certificate
-2024-10-29T10:07:20Z    INFO    controller-runtime.webhook      Serving webhook server  {"host": "", "port": 9443}
-2024-10-29T10:07:20Z    INFO    controller-runtime.certwatcher  Starting certificate watcher
-I1029 10:07:20.189724       1 leaderelection.go:250] attempting to acquire leader lease oracle-database-operator-system/a9d608ea.oracle.com...
-2024-10-29T16:49:15Z    INFO    lrpdb-webhook   Setting default values in LRPDB spec for : lrpdb1
-
-```
-
-### Error decrypting credential 
-
-The following is an example of a resource creation failure due to decription error: 
-
-```text 
-2024-10-30T10:09:08Z    INFO    controllers.LRPDB       getEncriptedSecret :pdbusr      {"getEncriptedSecret": {"name":"lrpdb1","namespace":"pdbnamespace"}}
-2024-10-30T10:09:08Z    ERROR   controllers.LRPDB       Failed to parse private key - x509: failed to parse private key (use ParsePKCS1PrivateKey instead for this key format)     {"DecryptWithPrivKey": {"name":"lrpdb1","namespace":"pdbnamespace"}, "error": "x509: failed to parse private key (use ParsePKCS1PrivateKey instead for this key format)"}
-```
-</span>
-
-**Solution**: Ensure you use **PCKS8** format during private key generation. If you are not using `openssl3`, then run this command:
-
-```bash
-openssl genpkey -algorithm RSA  -pkeyopt rsa_keygen_bits:2048 -pkeyopt rsa_keygen_pubexp:65537 > mykey
-```
-
-### Crd details 
-
-Use the **describe** option to obtain `crd` information
-
-```bash
-kubectl describe lrpdb lrpdb1 -n pdbnamespace
-[...]
-    Secret:
-      Key:          e_wbuser.txt
-      Secret Name:  wbuser
-Status:
-  Action:       CREATE
-  Bitstat:      25
-  Bitstatstr:   |MPAPPL|MPWARN|MPINIT|
-  Conn String:  (DESCRIPTION=(CONNECT_TIMEOUT=90)(RETRY_COUNT=30)(RETRY_DELAY=10)(TRANSPORT_CONNECT_TIMEOUT=70)(LOAD_BALLANCE=ON)(ADDRESS=(PROTOCOL=TCP)(HOST=scan12.testrac.com)(PORT=1521)(IP=V4_ONLY))(LOAD_BALLANCE=ON)(ADDRESS=(PROTOCOL=TCP)(HOST=scan34.testrac.com)(PORT=1521)(IP=V4_ONLY))(CONNECT_DATA=(SERVER=DEDICATED)(SERVICE_NAME=pdbdev)))
-  Msg:          Success
-  Open Mode:    MOUNTED
-  Phase:        Ready
-  Status:       true
-  Total Size:   2G
-Events:
-  Type     Reason     Age                   From   Message
-  ----     ------     ----                  ----   -------
-  Normal   Created    108s                  LRPDB  LRPDB 'pdbdev' created successfully
-  Normal   Created    108s                  LRPDB  PDB 'pdbdev' assertive pdb deletion turned on
-  Warning  LRESTINFO  95s                   LRPDB  pdb=pdbdev:test_invalid_parameter:16:spfile:2065
-  Warning  Done       15s (x12 over 2m25s)  LRPDB  cdb-dev
-
-```
diff --git a/docs/multitenant/lrest-based/usecase/config-map-pdb.yaml b/docs/multitenant/lrest-based/usecase/config-map-pdb.yaml
deleted file mode 100644
index 2769b498..00000000
--- a/docs/multitenant/lrest-based/usecase/config-map-pdb.yaml
+++ /dev/null
@@ -1,11 +0,0 @@
-apiVersion: v1
-kind: ConfigMap
-metadata:
-  name: config-map-pdb
-  namespace: pdbnamespace
-data:
-  rdbmsparameters.txt: |
-     session_cached_cursors;100;spfile
-     open_cursors;100;spfile
-     db_file_multiblock_read_count;16;spfile
-     test_invalid_parameter;16;spfile
diff --git a/docs/multitenant/lrest-based/usecase/makefile b/docs/multitenant/lrest-based/usecase/makefile
deleted file mode 100644
index 1de320ad..00000000
--- a/docs/multitenant/lrest-based/usecase/makefile
+++ /dev/null
@@ -1,911 +0,0 @@
-# Copyright (c) 2022, Oracle and/or its affiliates.
-# Licensed under the Universal Permissive License v 1.0 as shown at http://oss.oracle.com/licenses/upl.
-#   __  __       _         __ _ _
-#  |  \/  | __ _| | _____ / _(_) | ___
-#  | |\/| |/ _` | |/ / _ \ |_| | |/ _ \
-#  | |  | | (_| |   <  __/  _| | |  __/
-#  |_|  |_|\__,_|_|\_\___|_| |_|_|\___|
-#  | | | | ___| |_ __   ___ _ __
-#  | |_| |/ _ \ | '_ \ / _ \ '__|
-#  |  _  |  __/ | |_) |  __/ |
-#  |_| |_|\___|_| .__/ \___|_|
-#               |_|
-#
-#  WARNING: Using this makefile helps you to customize yaml  
-#           files. Edit parameters.txt with your enviroment 
-#           informartion and execute the following steps
-#
-#         1) make operator
-#            it configures the operator yaml files with the 
-#            watch namelist required by the multitenant controllers
-#      
-#         2) make secrets
-#            It configure the required secrets necessary to operate
-#            with pdbs multitenant controllers
-#
-#         3) make genyaml 
-#            It automatically creates all the yaml files based on the 
-#            information available in the parameters file 
-#            
-#            LIST OF GENERAED YAML FILE
-#
-#               -----------------------------       ----------------------------------
-# 		oracle-database-operator.yaml     : oracle database operator
-# 		lrestnamespace_binding.yaml       : role binding for lrestnamespace
-# 		pdbnamespace_binding.yaml         : role binding for pdbnamespace
-# 		create_lrest_secret.yaml          : create secrets for rest server pod
-# 		create_lrpdb_secret.yaml          : create secrets for pluggable database
-# 		create_lrest_pod.yaml             : create rest server pod
-# 		create_pdb1_resource.yaml         : create first pluggable database
-# 		create_pdb2_resource.yaml         : create second pluggable database
-# 		open_pdb1_resource.yaml           : open first pluggable database
-# 		open_pdb2_resource.yaml           : open second pluggable database
-# 		close_pdb1_resource.yaml          : close first pluggable database
-# 		close_pdb2_resource.yaml          : close second pluggable database
-# 		clone_lrpdb_resource.yaml         : clone thrid pluggable database
-# 		clone_pdb2_resource.yaml          : clone 4th pluggable database
-# 		delete_pdb1_resource.yaml         : delete first pluggable database
-# 		delete_pdb2_resource.yaml         : delete sencond pluggable database
-# 		delete_pdb3_resource.yaml         : delete thrid pluggable database
-# 		unplug_pdb1_resource.yaml         : unplug first pluggable database
-# 		plug_pdb1_resource.yaml           : plug first pluggable database
-# 		map_pdb1_resource.yaml            : map the first pluggable database
-# 		config_map.yam                    : pdb parameters array
-# 		altersystem_pdb1_resource.yaml    : chage cpu_count count parameter for the first pdb
-#
-DATE  := `date "+%y%m%d%H%M%S"`
-######################
-# PARAMETER SECTIONS #
-######################
-   
-export PARAMETERS=parameters.txt
-export TNSALIAS=$(shell cat $(PARAMETERS)  |grep -v ^\#|grep TNSALIAS|cut -d :  -f 2)
-export DBUSER=$(shell cat $(PARAMETERS)|grep -v ^\#|grep DBUSER|cut -d :  -f 2)
-export DBPASS=$(shell cat $(PARAMETERS)|grep -v ^\#|grep DBPASS|cut -d :  -f 2)
-export WBUSER=$(shell cat $(PARAMETERS)|grep -v ^\#|grep WBUSER|cut -d :  -f 2)
-export WBPASS=$(shell cat $(PARAMETERS)|grep -v ^\#|grep WBPASS|cut -d :  -f 2)
-export PDBUSR=$(shell cat $(PARAMETERS)|grep -v ^\#|grep PDBUSR|cut -d :  -f 2)
-export PDBPWD=$(shell cat $(PARAMETERS)|grep -v ^\#|grep PDBPWD|cut -d :  -f 2)
-export PDBNAMESPACE=$(shell cat $(PARAMETERS)|grep -v ^\#|grep PDBNAMESPACE|cut -d :  -f 2)
-export LRSNAMESPACE=$(shell cat $(PARAMETERS)|grep -v ^\#|grep LRSNAMESPACE|cut -d :  -f 2)
-export LRESTIMG=$(shell cat $(PARAMETERS)|grep -v ^\#|grep LRESTIMG|cut -d : -f 2,3)
-export COMPANY=$(shell cat $(PARAMETERS)|grep -v ^\#|grep COMPANY|cut -d : -f 2)
-export APIVERSION=$(shell cat $(PARAMETERS)|grep -v ^\#|grep APIVERSION|cut -d : -f 2)
-export OPRNAMESPACE=oracle-database-operator-system
-export ORACLE_OPERATOR_YAML=../../../../oracle-database-operator.yaml
-export TEST_EXEC_TIMEOUT=3m
-
-REST_SERVER=lrest
-SKEY=tls.key
-SCRT=tls.crt
-CART=ca.crt
-PRVKEY=ca.key
-PUBKEY=public.pem
-COMPANY=oracle
-DBUSERFILE=dbuser.txt
-DBPASSFILE=dbpass.txt
-WBUSERFILE=wbuser.txt
-WBPASSFILE=wbpass.txt
-PDBUSRFILE=pdbusr.txt
-PDBPWDFILE=pdbpwd.txt
-
-#################
-### FILE LIST ###
-#################
-
-export LREST_POD=create_lrest_pod.yaml
-
-export LRPDBCRE1=create_pdb1_resource.yaml
-export LRPDBCRE2=create_pdb2_resource.yaml
-
-export LRPDBCLOSE1=close_pdb1_resource.yaml
-export LRPDBCLOSE2=close_pdb2_resource.yaml
-export LRPDBCLOSE3=close_pdb3_resource.yaml
-
-export LRPDBOPEN1=open_pdb1_resource.yaml
-export LRPDBOPEN2=open_pdb2_resource.yaml
-export LRPDBOPEN3=open_pdb3_resource.yaml
-
-export LRPDBCLONE1=clone_pdb1_resource.yaml
-export LRPDBCLONE2=clone_pdb2_resource.yaml
-
-export LRPDBDELETE1=delete_pdb1_resource.yaml
-export LRPDBDELETE2=delete_pdb2_resource.yaml
-export LRPDBDELETE3=delete_pdb3_resource.yaml
-
-export LRPDBUNPLUG1=unplug_pdb1_resource.yaml
-export LRPDBPLUG1=plug_pdb1_resource.yaml
-
-export LRPDBMAP1=map_pdb1_resource.yaml
-export LRPDBMAP2=map_pdb2_resource.yaml
-export LRPDBMAP3=map_pdb3_resource.yaml
-
-export LRPDBMAP1=map_pdb1_resource.yaml
-export LRPDBMAP2=map_pdb2_resource.yaml
-export LRPDBMAP3=map_pdb3_resource.yaml
-
-export ALTERSYSTEMYAML=altersystem_pdb1_resource.yaml
-export CONFIG_MAP=config_map_pdb.yaml
-
-
-
-
-##BINARIES
-export KUBECTL=/usr/bin/kubectl
-OPENSSL=/usr/bin/openssl
-ECHO=/usr/bin/echo
-RM=/usr/bin/rm
-CP=/usr/bin/cp
-TAR=/usr/bin/tar
-MKDIR=/usr/bin/mkdir
-SED=/usr/bin/sed
-
-check:
-	@printf "TNSALIAS...............:%.60s....\n" $(TNSALIAS)
-	@printf "DBUSER.................:%s\n" $(DBUSER)
-	@printf "DBPASS.................:%s\n" $(DBPASS)
-	@printf "WBUSER.................:%s\n" $(WBUSER)
-	@printf "WBPASS.................:%s\n" $(WBPASS)
-	@printf "PDBUSR.................:%s\n" $(PDBUSR)
-	@printf "PDBPWD.................:%s\n" $(PDBPWD)
-	@printf "PDBNAMESPACE...........:%s\n" $(PDBNAMESPACE)
-	@printf "LRSNAMESPACE...........:%s\n" $(LRSNAMESPACE)
-	@printf "COMPANY................:%s\n" $(COMPANY)
-	@printf "APIVERSION.............:%s\n" $(APIVERSION)
-
-define msg
-@printf "\033[31;7m%s\033[0m\r" "......................................]"
-@printf "\033[31;7m[\xF0\x9F\x91\x89 %s\033[0m\n" $(1)
-endef
-
-tls:
-	$(call msg,"TLS GENERATION")
-	#$(OPENSSL) genrsa -out $(PRVKEY) 2048	
-	$(OPENSSL)  genpkey -algorithm RSA  -pkeyopt rsa_keygen_bits:2048 -pkeyopt rsa_keygen_pubexp:65537 > $(PRVKEY)
-	$(OPENSSL) req -new -x509 -days 365 -key $(PRVKEY) \
-    	       -subj "/C=CN/ST=GD/L=SZ/O=$(COMPANY), Inc./CN=$(COMPANY) Root CA" -out ca.crt
-	$(OPENSSL) req -newkey rsa:2048 -nodes -keyout $(SKEY) -subj \
-	       	"/C=CN/ST=GD/L=SZ/O=$(COMPANY), Inc./CN=cdb-dev-$(REST_SERVER).$(LRSNAMESPACE)" -out server.csr
-	$(ECHO) "subjectAltName=DNS:cdb-dev-$(REST_SERVER).$(LRSNAMESPACE)" > extfile.txt
-	$(OPENSSL) x509 -req -extfile extfile.txt -days 365 -in server.csr -CA ca.crt -CAkey $(PRVKEY) -CAcreateserial -out $(SCRT)
-	$(OPENSSL) rsa -in $(PRVKEY) -outform PEM  -pubout -out $(PUBKEY)
-
-secrets: tls delsecrets
-	$(call msg,"CREATING NEW TLS/PRVKEY/PUBKEY SECRETS")
-	$(KUBECTL) create secret tls db-tls --key="$(SKEY)" --cert="$(SCRT)"  -n $(LRSNAMESPACE)
-	$(KUBECTL) create secret generic db-ca --from-file="$(CART)" -n $(LRSNAMESPACE)
-	$(KUBECTL) create secret tls db-tls --key="$(SKEY)" --cert="$(SCRT)"  -n $(PDBNAMESPACE)
-	$(KUBECTL) create secret generic db-ca --from-file="$(CART)" -n $(PDBNAMESPACE)
-	#$(KUBECTL) create secret tls prvkey --key="$(PRVKEY)" --cert=ca.crt  -n $(LRSNAMESPACE)
-	$(KUBECTL) create secret generic pubkey --from-file=publicKey=$(PUBKEY) -n $(LRSNAMESPACE)
-	$(KUBECTL) create secret generic prvkey --from-file=privateKey=$(PRVKEY)  -n $(LRSNAMESPACE)
-	$(KUBECTL) create secret generic prvkey --from-file=privateKey="$(PRVKEY)" -n $(PDBNAMESPACE)
-	$(call msg,"CREATING NEW CREDENTIAL SECRETS")
-	@$(ECHO) $(DBUSER) > $(DBUSERFILE)
-	@$(ECHO) $(DBPASS) > $(DBPASSFILE)
-	@$(ECHO) $(WBUSER) > $(WBUSERFILE)
-	@$(ECHO) $(WBPASS) > $(WBPASSFILE)
-	@$(ECHO) $(PDBUSR) > $(PDBUSRFILE)
-	@$(ECHO) $(PDBPWD) > $(PDBPWDFILE)
-	$(OPENSSL) rsautl -encrypt -pubin -inkey $(PUBKEY) -in $(DBUSERFILE) |base64 > e_$(DBUSERFILE)
-	$(OPENSSL) rsautl -encrypt -pubin -inkey $(PUBKEY) -in $(DBPASSFILE) |base64 > e_$(DBPASSFILE)
-	$(OPENSSL) rsautl -encrypt -pubin -inkey $(PUBKEY) -in $(WBUSERFILE) |base64 > e_$(WBUSERFILE)
-	$(OPENSSL) rsautl -encrypt -pubin -inkey $(PUBKEY) -in $(WBPASSFILE) |base64 > e_$(WBPASSFILE)
-	$(OPENSSL) rsautl -encrypt -pubin -inkey $(PUBKEY) -in $(PDBUSRFILE) |base64 > e_$(PDBUSRFILE)
-	$(OPENSSL) rsautl -encrypt -pubin -inkey $(PUBKEY) -in $(PDBPWDFILE) |base64 > e_$(PDBPWDFILE)
-	$(KUBECTL) create secret generic dbuser --from-file=e_$(DBUSERFILE) -n  $(LRSNAMESPACE)
-	$(KUBECTL) create secret generic dbpass --from-file=e_$(DBPASSFILE) -n  $(LRSNAMESPACE)
-	$(KUBECTL) create secret generic wbuser --from-file=e_$(WBUSERFILE) -n  $(LRSNAMESPACE)
-	$(KUBECTL) create secret generic wbpass --from-file=e_$(WBPASSFILE) -n  $(LRSNAMESPACE)
-	$(KUBECTL) create secret generic wbuser --from-file=e_$(WBUSERFILE) -n  $(PDBNAMESPACE)
-	$(KUBECTL) create secret generic wbpass --from-file=e_$(WBPASSFILE) -n  $(PDBNAMESPACE)
-	$(KUBECTL) create secret generic pdbusr --from-file=e_$(PDBUSRFILE) -n  $(PDBNAMESPACE)
-	$(KUBECTL) create secret generic pdbpwd --from-file=e_$(PDBPWDFILE) -n  $(PDBNAMESPACE)
-	$(RM) $(SKEY) $(SCRT) $(CART) $(PRVKEY) $(PUBKEY) server.csr extfile.txt ca.srl \
-		$(DBUSERFILE) $(DBPASSFILE) $(WBUSERFILE) $(WBPASSFILE) $(PDBUSRFILE) $(PDBPWDFILE)\
-		e_$(DBUSERFILE) e_$(DBPASSFILE) e_$(WBUSERFILE) e_$(WBPASSFILE) e_$(PDBUSRFILE) e_$(PDBPWDFILE)
-	$(KUBECTL) get secrets -n  $(LRSNAMESPACE)
-	$(KUBECTL) get secrets -n  $(PDBNAMESPACE)
-
-delsecrets:
-	$(call msg,"CLEAN OLD SECRETS")
-	$(eval SECRETSP:=$(shell kubectl get secrets -n $(PDBNAMESPACE) -o custom-columns=":metadata.name" --no-headers) )	
-	$(eval SECRETSL:=$(shell kubectl get secrets -n $(LRSNAMESPACE) -o custom-columns=":metadata.name" --no-headers) )	
-	@[ "${SECRETSP}" ] && ( \
-	       	printf "Deleteing secrets in namespace -n $(PDBNAMESPACE)\n") &&\
-	        ($(KUBECTL) delete secret  $(SECRETSP) -n $(PDBNAMESPACE))\
-	        || ( echo "No screts in namespace $(PDBNAMESPACE)")
-	@[ "${SECRETSL}" ] && ( \
-	       	printf "Deleteing secrets in namespace -n $(LRSNAMESPACE)\n") &&\
-	        ($(KUBECTL) delete secret  $(SECRETSL) -n $(LRSNAMESPACE))\
-	        || ( echo "No screts in namespace $(PDBNAMESPACE)")
-
-cleanCert:
-	$(RM) $(SKEY) $(SCRT) $(CART) $(PRVKEY) $(PUBKEY) server.csr extfile.txt ca.srl \
-		$(DBUSERFILE) $(DBPASSFILE) $(WBUSERFILE) $(WBPASSFILE) $(PDBUSRFILE) $(PDBPWDFILE)\
-		e_$(DBUSERFILE) e_$(DBPASSFILE) e_$(WBUSERFILE) e_$(WBPASSFILE) e_$(PDBUSRFILE) e_$(PDBPWDFILE)
-
-### YAML FILE SECTION ###
-define _opr
-cp ${ORACLE_OPERATOR_YAML} .
-export OPBASENAME=`basename ${ORACLE_OPERATOR_YAML}`
-#export PDBNAMESPACE=$(cat ${PARAMETERS}|grep -v ^\#|grep PDBNAMESPACE|cut -d :  -f 2)
-
-cp ${OPBASENAME} ${OPBASENAME}.ORIGNINAL
-printf "\n\t\xF0\x9F\x91\x89 ${OPBASENAME}\n\n"
-printf "\n\t\xF0\x9F\x91\x89 ${PDBNAMESPACE}\n\n"
-sed -i  's/value: ""/value: ${OPRNAMESPACE},$PDBNAMESPACE,${LRSNAMESPACE}/g'   ${OPBASENAME} 
-endef
-
-export opr = $(value _opr)
-
-operator:
-#	@ eval "$$opr"	
-	$(CP) ${ORACLE_OPERATOR_YAML} .  
-	${CP} `basename ${ORACLE_OPERATOR_YAML}` `basename ${ORACLE_OPERATOR_YAML}`.ORG
-	$(SED) -i  's/value: ""/value: $(OPRNAMESPACE),$(PDBNAMESPACE),$(LRSNAMESPACE)/g'   `basename ${ORACLE_OPERATOR_YAML}` 
-
-
-define _script00
-cat <<EOF > authsection.yaml
-  adminpdbUser:
-    secret:
-      secretName: "pdbusr"
-      key: "e_pdbusr.txt"
-  adminpdbPass:
-    secret:
-      secretName: "pdbpwd"
-      key: "e_pdbpwd.txt"
-  lrpdbTlsKey:
-    secret:
-      secretName: "db-tls"
-      key: "tls.key"
-  lrpdbTlsCrt:
-    secret:
-      secretName: "db-tls"
-      key: "tls.crt"
-  lrpdbTlsCat:
-    secret:
-      secretName: "db-ca"
-      key: "ca.crt"
-  webServerUser:
-    secret:
-      secretName: "wbuser"
-      key: "e_wbuser.txt"
-  webServerPwd:
-    secret:
-      secretName: "wbpass"
-      key: "e_wbpass.txt"
-  cdbPrvKey:
-    secret:
-      secretName: "prvkey"
-      key: "privateKey"
-EOF
-
-
-cat <<EOF > ${PDBNAMESPACE}_binding.yaml
-apiVersion: rbac.authorization.k8s.io/v1
-kind: RoleBinding
-metadata:
-  name: oracle-database-operator-oracle-database-operator-manager-rolebinding1
-  namespace: ${PDBNAMESPACE}
-roleRef:
-  apiGroup: rbac.authorization.k8s.io
-  kind: ClusterRole
-  name: oracle-database-operator-manager-role
-subjects:
-- kind: ServiceAccount
-  name: default
-  namespace: oracle-database-operator-system
-EOF
-
-cat <<EOF > ${LRSNAMESPACE}_binding.yaml
-apiVersion: rbac.authorization.k8s.io/v1
-kind: RoleBinding
-metadata:
-  name: oracle-database-operator-oracle-database-operator-manager-rolebinding2
-  namespace: ${LRSNAMESPACE}
-roleRef:
-  apiGroup: rbac.authorization.k8s.io
-  kind: ClusterRole
-  name: oracle-database-operator-manager-role
-subjects:
-- kind: ServiceAccount
-  name: default
-  namespace: oracle-database-operator-system
-EOF
-
-endef
-export script00 = $(value _script00)
-secyaml:
-	@ eval "$$script00"
-
-
-#echo lrest pod creation
-define _script01
-cat <<EOF > ${LREST_POD}
-apiVersion: database.oracle.com/${APIVERSION}
-kind: LREST
-metadata: 
-  name: cdb-dev
-  namespace: ${LRSNAMESPACE}
-spec:
-  cdbName: "DB12"
-  lrestImage: ${LRESTIMG}
-  lrestImagePullPolicy: "Always"
-  dbTnsurl : ${TNSALIAS}
-  replicas: 1
-  deletePdbCascade: true
-  cdbAdminUser:
-    secret:
-      secretName: "dbuser"
-      key: "e_dbuser.txt"
-  cdbAdminPwd:
-    secret:
-      secretName: "dbpass"
-      key: "e_dbpass.txt"
-  webServerUser:
-    secret:
-      secretName: "wbuser"
-      key: "e_wbuser.txt"
-  webServerPwd:
-    secret:
-      secretName: "wbpass"
-      key: "e_wbpass.txt"
-  cdbTlsKey:
-    secret:
-      secretName: "db-tls"
-      key: "tls.key"
-  cdbTlsCrt:
-    secret:
-      secretName: "db-tls"
-      key: "tls.crt"
-  cdbPubKey:
-    secret:
-      secretName: "pubkey"
-      key: "publicKey"
-  cdbPrvKey:
-    secret:
-      secretName: "prvkey"
-      key: "privateKey"
-EOF
-
-endef
-export script01 = $(value _script01)
-
-
-define _script02
-
-cat <<EOF >${LRPDBCRE1}
-apiVersion: database.oracle.com/${APIVERSION}
-kind: LRPDB
-metadata:
-  name: pdb1
-  namespace: ${PDBNAMESPACE}
-  labels:
-    cdb: cdb-dev
-spec:
-  cdbResName: "cdb-dev"
-  cdbNamespace: "${LRSNAMESPACE}"
-  cdbName: "DB12"
-  pdbName: "pdbdev"
-  assertiveLrpdbDeletion: true
-  fileNameConversions: "NONE"
-  unlimitedStorage: false
-  pdbconfigmap: "config-map-pdb"
-  tdeImport: false
-  totalSize: "2G"
-  tempSize: "800M"
-  action: "Create"
-EOF
-
-cat <<EOF > ${LRPDBCRE2}
-apiVersion: database.oracle.com/${APIVERSION}
-kind: LRPDB
-metadata:
-  name: pdb2
-  namespace: ${PDBNAMESPACE}
-  labels:
-    cdb: cdb-dev
-spec:
-  cdbResName: "cdb-dev"
-  cdbNamespace: "${LRSNAMESPACE}"
-  cdbName: "DB12"
-  pdbName: "pdbprd"
-  assertiveLrpdbDeletion: true
-  fileNameConversions: "NONE"
-  unlimitedStorage: false
-  pdbconfigmap: "config-map-pdb"
-  tdeImport: false
-  totalSize: "2G"
-  tempSize: "800M"
-  action: "Create"
-EOF
-
-cat <<EOF >${LRPDBOPEN1}
-apiVersion: database.oracle.com/${APIVERSION}
-kind: LRPDB
-metadata:
-  name: pdb1
-  namespace: ${PDBNAMESPACE}
-  labels:
-    cdb: cdb-dev
-spec:
-  cdbResName: "cdb-dev"
-  cdbNamespace: "${LRSNAMESPACE}"
-  cdbName: "DB12"
-  pdbName: "pdbdev"
-  action: "Modify"
-  pdbState: "OPEN"
-  modifyOption: "READ WRITE"
-EOF
-
-cat <<EOF >${LRPDBOPEN2}
-apiVersion: database.oracle.com/${APIVERSION}
-kind: LRPDB
-metadata:
-  name: pdb2
-  namespace: ${PDBNAMESPACE}
-  labels:
-    cdb: cdb-dev
-spec:
-  cdbResName: "cdb-dev"
-  cdbNamespace: "${LRSNAMESPACE}"
-  cdbName: "DB12"
-  pdbName: "pdbprd"
-  action: "Modify"
-  pdbState: "OPEN"
-  modifyOption: "READ WRITE"
-EOF
-
-cat <<EOF >${LRPDBOPEN3}
-apiVersion: database.oracle.com/${APIVERSION}
-kind: LRPDB
-metadata:
-  name: pdb3
-  namespace: ${PDBNAMESPACE}
-  labels:
-    cdb: cdb-dev
-spec:
-  cdbResName: "cdb-dev"
-  cdbNamespace: "${LRSNAMESPACE}"
-  cdbName: "DB12"
-  pdbName: "new_clone"
-  action: "Modify"
-  pdbState: "OPEN"
-  modifyOption: "READ WRITE"
-EOF
-
-cat <<EOF >${LRPDBCLOSE1}
-apiVersion: database.oracle.com/${APIVERSION}
-kind: LRPDB
-metadata:
-  name: pdb1
-  namespace: ${PDBNAMESPACE}
-  labels:
-    cdb: cdb-dev
-spec:
-  cdbResName: "cdb-dev"
-  cdbNamespace: "${LRSNAMESPACE}"
-  cdbName: "DB12"
-  pdbName: "pdbdev"
-  pdbState: "CLOSE"
-  modifyOption: "IMMEDIATE"
-  action: "Modify"
-EOF
-
-cat <<EOF >${LRPDBCLOSE2}
-apiVersion: database.oracle.com/${APIVERSION}
-kind: LRPDB
-metadata:
-  name: pdb2
-  namespace: ${PDBNAMESPACE}
-  labels:
-    cdb: cdb-dev
-spec:
-  cdbResName: "cdb-dev"
-  cdbNamespace: "${LRSNAMESPACE}"
-  cdbName: "DB12"
-  pdbName: "pdbprd"
-  pdbState: "CLOSE"
-  modifyOption: "IMMEDIATE"
-  action: "Modify"
-EOF
-
-cat <<EOF >${LRPDBCLOSE3}
-apiVersion: database.oracle.com/${APIVERSION}
-kind: LRPDB
-metadata:
-  name: pdb3
-  namespace: ${PDBNAMESPACE}
-  labels:
-    cdb: cdb-dev
-spec:
-  cdbResName: "cdb-dev"
-  cdbNamespace: "${LRSNAMESPACE}"
-  cdbName: "DB12"
-  pdbName: "new_clone"
-  pdbState: "CLOSE"
-  modifyOption: "IMMEDIATE"
-  action: "Modify"
-EOF
-
-cat <<EOF  > ${LRPDBCLONE1}
-apiVersion: database.oracle.com/${APIVERSION}
-kind: LRPDB
-metadata:
-  name: pdb3
-  namespace: ${PDBNAMESPACE}
-  labels:
-    cdb: cdb-dev
-spec:
-  cdbResName: "cdb-dev"
-  cdbNamespace: "${LRSNAMESPACE}"
-  cdbName: "DB12"
-  pdbName: "new_clone"
-  srcPdbName: "pdbdev"
-  fileNameConversions: "NONE"
-  totalSize: "UNLIMITED"
-  tempSize: "UNLIMITED"
-  pdbconfigmap: "config-map-pdb"
-  assertiveLrpdbDeletion: true
-  action: "Clone"
-EOF
-
-cat <<EOF  > ${LRPDBCLONE2}
-apiVersion: database.oracle.com/${APIVERSION}
-kind: LRPDB
-metadata:
-  name: pdb4
-  namespace: ${PDBNAMESPACE}
-  labels:
-    cdb: cdb-dev
-spec:
-  cdbResName: "cdb-dev"
-  cdbNamespace: "${LRSNAMESPACE}"
-  cdbName: "DB12"
-  pdbName: "new_clone2"
-  srcPdbName: "pdbprd"
-  fileNameConversions: "NONE"
-  totalSize: "UNLIMITED"
-  tempSize: "UNLIMITED"
-  pdbconfigmap: "config-map-pdb"
-  assertiveLrpdbDeletion: true
-  action: "Clone"
-EOF
-
-cat <<EOF > ${LRPDBDELETE1}
-apiVersion: database.oracle.com/${APIVERSION}
-kind: LRPDB
-metadata:
-  name: pdb1
-  namespace: ${PDBNAMESPACE}
-  labels:
-    cdb: cdb-dev
-spec:
-  cdbResName: "cdb-dev"
-  cdbNamespace: "${LRSNAMESPACE}"
-  pdbName: "pdbdev"
-  action: "Delete"
-  dropAction: "INCLUDING"
-EOF
-
-cat <<EOF > ${LRPDBDELETE2}
-apiVersion: database.oracle.com/${APIVERSION}
-kind: LRPDB
-metadata:
-  name: pdb2
-  namespace: ${PDBNAMESPACE}
-  labels:
-    cdb: cdb-dev
-spec:
-  cdbResName: "cdb-dev"
-  cdbNamespace: "${LRSNAMESPACE}"
-  pdbName: "pdbprd"
-  action: "Delete"
-  dropAction: "INCLUDING"
-EOF
-
-cat <<EOF > ${LRPDBUNPLUG1}
-apiVersion: database.oracle.com/${APIVERSION}
-kind: LRPDB
-metadata:
-  name: pdb1
-  namespace: ${PDBNAMESPACE}
-  labels:
-    cdb: cdb-dev
-spec:
-  cdbResName: "cdb-dev"
-  cdbNamespace: "${LRSNAMESPACE}"
-  cdbName: "DB12"
-  pdbName: "pdbdev"
-  xmlFileName: "/var/tmp/pdb.$$.xml"
-  action: "Unplug"
-EOF
-
-cat <<EOF >${LRPDBPLUG1}
-apiVersion: database.oracle.com/${APIVERSION}
-kind: LRPDB
-metadata:
-  name: pdb1
-  namespace: ${PDBNAMESPACE}
-  labels:
-    cdb: cdb-dev
-spec:
-  cdbResName: "cdb-dev"
-  cdbNamespace: "${LRSNAMESPACE}"
-  cdbName: "DB12"
-  pdbName: "pdbdev"
-  xmlFileName: "/var/tmp/pdb.$$.xml"
-  action: "plug"
-  fileNameConversions: "NONE"
-  sourceFileNameConversions: "NONE"
-  copyAction: "MOVE"
-  totalSize: "1G"
-  tempSize: "100M"
-  assertiveLrpdbDeletion: true
-  pdbconfigmap: "config-map-pdb"
-  action: "Plug"
-EOF
-
-cat <<EOF >${LRPDBMAP1}
-apiVersion: database.oracle.com/${APIVERSION}
-kind: LRPDB
-metadata:
-  name: pdb1
-  namespace: ${PDBNAMESPACE}
-  labels:
-    cdb: cdb-dev
-spec:
-  cdbResName: "cdb-dev"
-  cdbNamespace: "${LRSNAMESPACE}"
-  cdbName: "DB12"
-  pdbName: "pdbdev"
-  assertiveLrpdbDeletion: true
-  fileNameConversions: "NONE"
-  totalSize: "1G"
-  tempSize: "100M"
-  action: "Map"
-EOF
-
-cat <<EOF >${LRPDBMAP2}
-apiVersion: database.oracle.com/${APIVERSION}
-kind: LRPDB
-metadata:
-  name: pdb2
-  namespace: ${PDBNAMESPACE}
-  labels:
-    cdb: cdb-dev
-spec:
-  cdbResName: "cdb-dev"
-  cdbNamespace: "${LRSNAMESPACE}"
-  cdbName: "DB12"
-  pdbName: "pdbprd"
-  assertiveLrpdbDeletion: true
-  fileNameConversions: "NONE"
-  totalSize: "1G"
-  tempSize: "100M"
-  action: "Map"
-EOF
-
-
-cat <<EOF >${LRPDBMAP3}
-apiVersion: database.oracle.com/${APIVERSION}
-kind: LRPDB
-metadata:
-  name: pdb3
-  namespace: ${PDBNAMESPACE}
-  labels:
-    cdb: cdb-dev
-spec:
-  cdbResName: "cdb-dev"
-  cdbNamespace: "${LRSNAMESPACE}"
-  cdbName: "DB12"
-  pdbName: "new_clone"
-  assertiveLrpdbDeletion: true
-  fileNameConversions: "NONE"
-  totalSize: "1G"
-  tempSize: "100M"
-  action: "Map"
-EOF
-
-cat <<EOF >${CONFIG_MAP}
-apiVersion: v1
-kind: ConfigMap
-metadata:
-  name: config-map-pdb
-  namespace: ${PDBNAMESPACE}
-data:
-  rdbmsparameters.txt: |
-     session_cached_cursors;100;spfile
-     open_cursors;100;spfile
-     db_file_multiblock_read_count;16;spfile
-     test_invalid_parameter;16;spfile
-EOF
-
-
-cat <<EOF > ${ALTERSYSTEMYAML}
-apiVersion: database.oracle.com/${APIVERSION}
-kind: LRPDB
-metadata:
-  name: pdb1
-  namespace: ${PDBNAMESPACE}
-  labels:
-    cdb: cdb-dev
-spec:
-  cdbResName: "cdb-dev"
-  cdbNamespace: "${LRSNAMESPACE}"
-  cdbName: "DB12"
-  pdbName: "pdbdev"
-  action: "Alter"
-  alterSystemParameter : "cpu_count"
-  alterSystemValue : "3"
-  parameterScope : "memory"
-
-
-EOF
-
-## Auth information
-for _file in ${LRPDBCRE1} ${LRPDBCRE2} ${LRPDBOPEN1} ${LRPDBOPEN2} ${LRPDBOPEN3} ${LRPDBCLOSE1} ${LRPDBCLOSE2} ${LRPDBCLOSE3} ${LRPDBCLONE1} ${LRPDBCLONE2} ${LRPDBDELETE1} ${LRPDBDELETE2} ${LRPDBUNPLUG1} ${LRPDBPLUG1} ${LRPDBMAP1} ${LRPDBMAP2} ${LRPDBMAP3} ${ALTERSYSTEMYAML}
-do 
-ls -ltr ${_file}
-     cat authsection.yaml >> ${_file}
-done
-rm authsection.yaml
-endef
-
-export script02 = $(value _script02)
-
-genyaml: secyaml
-	@ eval "$$script01"
-	@ eval "$$script02"
-
-cleanyaml:
-	- $(RM) $(LRPDBMAP3) $(LRPDBMAP2) $(LRPDBMAP1) $(LRPDBPLUG1) $(LRPDBUNPLUG1) $(LRPDBDELETE2) $(LRPDBDELETE1) $(LRPDBCLONE2) $(LRPDBCLONE1) $(LRPDBCLOSE3) $(LRPDBCLOSE2) $(LRPDBCLOSE1) $(LRPDBOPEN3) $(LRPDBOPEN2) $(LRPDBOPEN1) $(LRPDBCRE2) $(LRPDBCRE1) $(LREST_POD) ${ALTERSYSTEMYAML}
-	- $(RM) ${CONFIG_MAP} ${PDBNAMESPACE}_binding.yaml ${LRSNAMESPACE}_binding.yaml
-
-
-
-
-#################
-### PACKAGING ###
-#################
-
-pkg:
-	- $(RM) -rf /tmp/pkgtestplan
-	$(MKDIR) /tmp/pkgtestplan
-	$(CP) -R * /tmp/pkgtestplan
-	$(CP) ../../../../oracle-database-operator.yaml /tmp/pkgtestplan/
-	$(TAR) -C /tmp -cvf ~/pkgtestplan_$(DATE).tar pkgtestplan
-
-################
-###   diag   ###
-################
-
-login:
-	$(KUBECTL) exec   `$(KUBECTL) get pods -n $(LRSNAMESPACE)|grep rest|cut -d ' ' -f 1` -n $(LRSNAMESPACE) -it -- /bin/bash
-
-
-reloadop:
-	echo "RESTARTING OPERATOR"
-	$(eval OP1 := $(shell $(KUBECTL) get pods -n $(OPRNAMESPACE)|grep oracle-database-operator-controller|head -1|cut  -d ' ' -f 1 ))
-	$(eval OP2 := $(shell $(KUBECTL) get pods -n $(OPRNAMESPACE)|grep oracle-database-operator-controller|head -2|tail -1|cut  -d ' ' -f 1 ))
-	$(eval OP3 := $(shell $(KUBECTL) get pods -n $(OPRNAMESPACE)|grep oracle-database-operator-controller|tail -1|cut  -d ' ' -f 1 ))
-	$(KUBECTL) get pod $(OP1) -n $(OPRNAMESPACE) -o yaml | kubectl replace --force -f -
-	$(KUBECTL) get pod $(OP2) -n $(OPRNAMESPACE) -o yaml | kubectl replace --force -f -
-	$(KUBECTL) get pod $(OP3) -n $(OPRNAMESPACE) -o yaml | kubectl replace --force -f -
-
-
-dump:
-	@$(eval TMPSP := $(shell date "+%y%m%d%H%M%S" ))
-	@$(eval DIAGFILE := ./opdmp.$(TMPSP))
-	@>$(DIAGFILE)
-	@echo "OPERATOR DUMP"  >> $(DIAGFILE)
-	@echo "~~~~~~~~~~~~~"  >> $(DIAGFILE)
-	$(KUBECTL) logs   pod/`$(KUBECTL) get pods -n $(OPRNAMESPACE)|grep oracle-database-operator-controller|head -1|cut  -d ' ' -f 1` -n $(OPRNAMESPACE) >>$(DIAGFILE)
-	$(KUBECTL) logs   pod/`$(KUBECTL) get pods -n $(OPRNAMESPACE)|grep oracle-database-operator-controller|head -2|tail -1 | cut -d ' ' -f 1` -n $(OPRNAMESPACE) >>$(DIAGFILE)
-	$(KUBECTL) logs   pod/`$(KUBECTL) get pods -n $(OPRNAMESPACE)|grep oracle-database-operator-controller|tail -1|cut  -d ' ' -f 1` -n $(OPRNAMESPACE) >>$(DIAGFILE)
-
-#######################################################
-####                 TEST SECTION                  ####
-#######################################################
-
-run00:
-	@$(call msg,"lrest pod creation")
-	- $(KUBECTL) delete lrest cdb-dev -n $(LRSNAMESPACE)
-	$(KUBECTL) apply -f $(LREST_POD) 
-	$(KUBECTL) wait --for jsonpath='{.status.phase'}="Ready" lrest cdb-dev -n $(LRSNAMESPACE) --timeout=$(TEST_EXEC_TIMEOUT)
-	@$(call msg,"lrest pod completed")
-	$(KUBECTL) get lrest -n  $(LRSNAMESPACE)
-	$(KUBECTL) get pod -n  $(LRSNAMESPACE)
-
-run01.1:
-	@$(call msg,"lrpdb pdb1  creation")
-	$(KUBECTL) apply -f $(LRPDBCRE1)
-	$(KUBECTL) wait --for jsonpath='{.status.phase'}="Ready" lrpdb pdb1 -n $(PDBNAMESPACE) --timeout=$(TEST_EXEC_TIMEOUT)
-	@$(call msg, "lrpdb pdb1 creation completed")
-	$(KUBECTL) get lrpdb pdb1 -n $(PDBNAMESPACE) 
-
-run01.2:
-	@$(call msg, "lrpdb pdb2  creation")
-	$(KUBECTL) apply -f $(LRPDBCRE2)
-	$(KUBECTL) wait --for jsonpath='{.status.phase'}="Ready" lrpdb pdb2 -n $(PDBNAMESPACE) --timeout=$(TEST_EXEC_TIMEOUT)
-	@$(call msg, "lrpdb pdb2  creation completed")
-	$(KUBECTL) get lrpdb pdb2 -n $(PDBNAMESPACE) 
-
-run02.1:
-	@$(call msg, "lrpdb pdb1  open")
-	$(KUBECTL) apply -f $(LRPDBOPEN1)
-	$(KUBECTL) wait --for jsonpath='{.status.openMode'}="READ WRITE" lrpdb pdb1 -n $(PDBNAMESPACE) --timeout=$(TEST_EXEC_TIMEOUT)
-	@$(call msg, "lrpdb pdb1 open completed")
-	$(KUBECTL) get lrpdb pdb1 -n $(PDBNAMESPACE) 
-
-run02.2:
-	@$(call msg,"lrpdb pdb2  open")
-	$(KUBECTL) apply -f $(LRPDBOPEN2)
-	$(KUBECTL) wait --for jsonpath='{.status.openMode'}="READ WRITE" lrpdb pdb2 -n $(PDBNAMESPACE) --timeout=$(TEST_EXEC_TIMEOUT)
-	@$(call msg,"lrpdb pdb2 open completed")
-	$(KUBECTL) get lrpdb pdb2 -n $(PDBNAMESPACE) 
-
-
-run03.1:
-	@$(call msg,"clone pdb1-->pdb3")
-	$(KUBECTL) apply -f $(LRPDBCLONE1)
-	$(KUBECTL) wait --for jsonpath='{.status.phase'}="Ready" lrpdb pdb3 -n $(PDBNAMESPACE) --timeout=$(TEST_EXEC_TIMEOUT)
-	@$(call msg,"clone pdb1-->pdb3 completed")
-	$(KUBECTL) get lrpdb pdb3 -n $(PDBNAMESPACE) 
-
-
-run03.2:
-	@$(call msg,"clone pdb2-->pdb4")
-	$(KUBECTL) apply -f $(LRPDBCLONE2)
-	$(KUBECTL) wait --for jsonpath='{.status.phase'}="Ready" lrpdb pdb4 -n $(PDBNAMESPACE) --timeout=$(TEST_EXEC_TIMEOUT)
-	@$(call msg,"clone pdb2-->pdb4 completed")
-	$(KUBECTL) get lrpdb pdb3 -n $(PDBNAMESPACE) 
-
-
-run04.1:
-	@$(call msg,"lrpdb pdb1  close")
-	$(KUBECTL) apply -f $(LRPDBCLOSE1)
-	$(KUBECTL) wait --for jsonpath='{.status.openMode'}="MOUNTED" lrpdb pdb1 -n $(PDBNAMESPACE) --timeout=$(TEST_EXEC_TIMEOUT)
-	@$(call msg, "lrpdb pdb1 close completed")
-	$(KUBECTL) get lrpdb pdb1 -n $(PDBNAMESPACE)
-
-run04.2:
-	@$(call msg,"lrpdb pdb2  close")
-	$(KUBECTL) apply -f $(LRPDBCLOSE2)
-	$(KUBECTL) wait --for jsonpath='{.status.openMode'}="MOUNTED" lrpdb pdb2 -n $(PDBNAMESPACE) --timeout=$(TEST_EXEC_TIMEOUT)
-	@$(call msg,"lrpdb pdb2 close completed")
-	$(KUBECTL) get lrpdb pdb2 -n $(PDBNAMESPACE)
-
-run05.1:
-	@$(call msg,"lrpdb pdb1  unplug")
-	$(KUBECTL) apply -f $(LRPDBUNPLUG1)
-	$(KUBECTL) wait --for=delete lrpdb pdb1 -n $(PDBNAMESPACE) --timeout=$(TEST_EXEC_TIMEOUT)
-	@$(call msg,"lrpdb pdb1 unplug completed")
-
-run06.1:
-	@$(call msg, "lrpdb pdb1  plug")
-	$(KUBECTL) apply -f $(LRPDBPLUG1)
-	$(KUBECTL) wait --for jsonpath='{.status.phase'}="Ready" lrpdb pdb1 -n $(PDBNAMESPACE) --timeout=$(TEST_EXEC_TIMEOUT)
-	@$(call msg, "lrpdb pdb1 plug completed")
-	$(KUBECTL) get lrpdb pdb1 -n $(PDBNAMESPACE)
-
-run07.1:
-	@$(call msg,"lrpdb pdb1 delete ")
-	- $(KUBECTL) apply -f $(LRPDBCLOSE1)
-	$(KUBECTL) wait --for jsonpath='{.status.openMode'}="MOUNTED" lrpdb pdb1 -n $(PDBNAMESPACE) --timeout=$(TEST_EXEC_TIMEOUT)
-	$(KUBECTL) apply -f $(LRPDBDELETE1)
-	$(KUBECTL) wait --for=delete lrpdb pdb1 -n $(PDBNAMESPACE) --timeout=$(TEST_EXEC_TIMEOUT)
-	@$(call msg,"lrpdb pdb1 delete")
-	$(KUBECTL) get lrpdb -n $(PDBNAMESPACE)
-
-run99.1:
-	$(KUBECTL) delete lrest cdb-dev -n $(LRSNAMESPACE)
-	$(KUBECTL) wait --for=delete lrest cdb-dev -n $(LRSNAMESPACE) --timeout=$(TEST_EXEC_TIMEOUT)
-	$(KUBECTL) get lrest -n $(LRSNAMESPACE)
-	$(KUBECTL) get lrpdb -n $(PDBNAMESPACE)
-	
-runall01:  run00 run01.1 run01.2 run02.1 run02.2 run03.1 run03.2 run04.1 run04.2 run05.1 run06.1 run07.1
-
-
diff --git a/docs/multitenant/ords-based/NamespaceSeg.md b/docs/multitenant/ords-based/NamespaceSeg.md
deleted file mode 100644
index 6738fe56..00000000
--- a/docs/multitenant/ords-based/NamespaceSeg.md
+++ /dev/null
@@ -1,14 +0,0 @@
-<span style="font-family:Liberation mono; font-size:0.8em; line-height: 1.2em">
-
-# Namespace segregation
-
-With the namespace segregation pdb controller and cdb controller run in different namespaces. The new functionality introduces a new parameter (the cdb namespace) in pdb crd definition. In case you don't need the namespace segregation you have to sepcify the namespace name that you are using for yours crd and pods anyway. Refer to usercase01 and usecase02 to see single namespace configuration. Refer to usecase03 to see examples of namespace segregation. 
-
-# Secrets 
-
-In order to use multiple namespace we need to create approriate secrets in each namespace. Tls certificate secrets must be created in all namespaces (db-ca db-tls). 
-
-![general_schema](./images/K8S_NAMESPACE_SEG.png)
-
-
-</span>
diff --git a/docs/multitenant/ords-based/README.md b/docs/multitenant/ords-based/README.md
deleted file mode 100644
index edfd0208..00000000
--- a/docs/multitenant/ords-based/README.md
+++ /dev/null
@@ -1,411 +0,0 @@
-<span style="font-family:Liberation mono; font-size:0.8em; line-height: 1.2em">
-
-# Oracle Multitenant Database Controllers 
-
-The Oracle Database Operator for Kubernetes uses two controllers to manage the [Pluggable Database lifecycle][oradocpdb]
-
-- CDB controller
-- PDB controller
-
-By using CDB/PDB controllers, you can perform the following actions **CREATE**, **MODIFY(OPEN/COSE)**, **DELETE**, **CLONE**, **PLUG** and **UNPLUG** against pluggable database
-
-Examples are located under the following directories:
-
-- the directories [`Usecase`](./usecase/) and [`usecase01`](./usecase01/) contain a [configuration file](./usecase/parameters.txt)  where you can specify all the details of your environment. A [`makefile`](./usecase/makefile) takes this file as input to generate all of the `yaml` files. There is no need to edit `yaml` files one by one.
-- [Singlenamespace provisioning](./provisioning/singlenamespace/) This file contains base example files that you can use to manage the PDB and CDB within a single namespace. 
-- [Multinamespace provisioning](./provisioning/multinamespace/) This file contains base example files that you can use to manage the PDB and CDB in different namespaces.
-- [Usecase01](./usecase01/README.md) [Usecase02](./usecase02/README.md) This file contains other step-by-step examples; 
-
-Automatic `yaml` generation is not available for the directory `usecase02` and provisioning directories. 
-
-**NOTE** the CDB controller is not intended to manage the container database. The CDB controller is meant to provide a pod with a REST server connected to the container database that you can use to manage PDBs. 
-
-
-## Macro steps for setup
-
-- Deploy the Oracle Database Operator (operator, or `OraOperator`)
-- [Create Ords based image for CDB pod](./provisioning/ords_image.md)
-- [Container RDBMB user creation](#prepare-the-container-database-for-pdb-lifecycle-management-pdb-lm)
-- Create certificates for https connection 
-- Create secrets for credentials and certificates 
-- Create CDB pod using the Ords based image
-
-## Oracle DB Operator Multitenant Database Controller Deployment
-
-To deploy `OraOperator`, use this [Oracle Database Operator for Kubernetes](https://github.com/oracle/oracle-database-operator/blob/main/README.md) step-by-step procedure.
-
-After the **Oracle Database Operator** is deployed, you can see the Oracle Database (DB) Operator Pods running in the Kubernetes Cluster. The multitenant controllers are deployed as part of the `OraOperator` deployment. You can see the CRDs (Custom Resource Definition) for the CDB and PDBs in the list of CRDs. The following output is an example of such a deployment:
-
-```bash
-[root@test-server oracle-database-operator]# kubectl get ns
-NAME                              STATUS   AGE
-cert-manager                      Active   32h
-default                           Active   245d
-kube-node-lease                   Active   245d
-kube-public                       Active   245d
-kube-system                       Active   245d
-oracle-database-operator-system   Active   24h    <---- namespace to deploy the Oracle Database Operator
-
-[root@test-server oracle-database-operator]# kubectl get all -n  oracle-database-operator-system
-NAME                                                               READY   STATUS    RESTARTS   AGE
-pod/oracle-database-operator-controller-manager-665874bd57-dlhls   1/1     Running   0          28s
-pod/oracle-database-operator-controller-manager-665874bd57-g2cgw   1/1     Running   0          28s
-pod/oracle-database-operator-controller-manager-665874bd57-q42f8   1/1     Running   0          28s
-
-NAME                                                                  TYPE        CLUSTER-IP      EXTERNAL-IP   PORT(S)    AGE
-service/oracle-database-operator-controller-manager-metrics-service   ClusterIP   10.96.130.124   <none>        8443/TCP   29s
-service/oracle-database-operator-webhook-service                      ClusterIP   10.96.4.104     <none>        443/TCP    29s
-
-NAME                                                          READY   UP-TO-DATE   AVAILABLE   AGE
-deployment.apps/oracle-database-operator-controller-manager   3/3     3            3           29s
-
-NAME                                                                     DESIRED   CURRENT   READY   AGE
-replicaset.apps/oracle-database-operator-controller-manager-665874bd57   3         3         3       29s
-[root@docker-test-server oracle-database-operator]# 
-
-[root@test-server oracle-database-operator]# kubectl get crd
-NAME                                               CREATED AT
-autonomouscontainerdatabases.database.oracle.com   2022-06-22T01:21:36Z
-autonomousdatabasebackups.database.oracle.com      2022-06-22T01:21:36Z
-autonomousdatabaserestores.database.oracle.com     2022-06-22T01:21:37Z
-autonomousdatabases.database.oracle.com            2022-06-22T01:21:37Z
-cdbs.database.oracle.com                           2022-06-22T01:21:37Z <----
-certificaterequests.cert-manager.io                2022-06-21T17:03:46Z
-certificates.cert-manager.io                       2022-06-21T17:03:47Z
-challenges.acme.cert-manager.io                    2022-06-21T17:03:47Z
-clusterissuers.cert-manager.io                     2022-06-21T17:03:48Z
-dbcssystems.database.oracle.com                    2022-06-22T01:21:38Z
-issuers.cert-manager.io                            2022-06-21T17:03:49Z
-oraclerestdataservices.database.oracle.com         2022-06-22T01:21:38Z
-orders.acme.cert-manager.io                        2022-06-21T17:03:49Z 
-pdbs.database.oracle.com                           2022-06-22T01:21:39Z <---
-shardingdatabases.database.oracle.com              2022-06-22T01:21:39Z
-singleinstancedatabases.database.oracle.com        2022-06-22T01:21:40Z
-```
-
-
-## Prerequisites to manage PDB Life Cycle using Oracle DB Operator Multitenant Database Controller
-
-* [Prepare the container database (CDB) for PDB Lifecycle Management or PDB-LM](#prepare-cdb-for-pdb-lifecycle-management-pdb-lm)
-* [Oracle REST Data Service or ORDS Image](#oracle-rest-data-service-ords-image)
-* [Kubernetes Secrets](#kubernetes-secrets)
-* [Kubernetes CRD for CDB](#cdb-crd)
-* [Kubernetes CRD for PDB](#pdb-crd)
-
-## Prepare the container database for PDB Lifecycle Management (PDB-LM)
-
-Pluggable Database (PDB) management operations are performed in the Container Database (CDB). These operations include **create**, **clone**, **plug**, **unplug**, **delete**, **modify** and **map pdb**.
-
-To perform PDB lifecycle management operations, you must first use the following steps to define the default CDB administrator credentials on target CDBs:
-
-Create the CDB administrator user and grant the required privileges. In this example, the user is `C##DBAPI_CDB_ADMIN`. However, any suitable common username can be used.
-
-```SQL
-SQL> conn /as sysdba
- 
--- Create following users at the database level:
-
-ALTER SESSION SET "_oracle_script"=true;
-DROP USER  C##DBAPI_CDB_ADMIN cascade;
-CREATE USER C##DBAPI_CDB_ADMIN IDENTIFIED BY <Password> CONTAINER=ALL ACCOUNT UNLOCK;
-GRANT SYSOPER TO C##DBAPI_CDB_ADMIN CONTAINER = ALL;
-GRANT SYSDBA TO C##DBAPI_CDB_ADMIN CONTAINER = ALL;
-GRANT CREATE SESSION TO C##DBAPI_CDB_ADMIN CONTAINER = ALL;
-
-
--- Verify the account status of the following usernames. They should not be in locked status:
-
-col username        for a30
-col account_status  for a30
-select username, account_status from dba_users where username in ('ORDS_PUBLIC_USER','C##DBAPI_CDB_ADMIN','APEX_PUBLIC_USER','APEX_REST_PUBLIC_USER');
-```
-
-## OCI OKE (Kubernetes Cluster) 
-
-You can use an [OKE in Oracle Cloud Infrastructure][okelink] to configure the controllers for PDB lifecycle management. **Note that there is no restriction about container database location; it can be anywhere (on Cloud or on-premises).** 
-To quickly create an OKE cluster in your OCI cloud environment you can use the following [link](./provisioning/quickOKEcreation.md).
-In this setup example [provisioning example setup](./provisioning/example_setup_using_oci_oke_cluster.md), the Container Database is running on an OCI Exadata Database Cluster.
-
- 
-## Oracle REST Data Service (ORDS) Image
-
-The PDB Database controllers require a pod running a dedicated REST server image based on [ORDS][ordsdoc]. Read the following [document on ORDS images](./provisioning/ords_image.md) to build the ORDS images.
-  
-
-## Kubernetes Secrets
-
-  Multitenant Controllers use Kubernetes Secrets to store the required credential and HTTPS certificates.
-
-  **Note** <span style="color:red"> In multi-namespace environments you must create specific Secrets for each namespaces. </span>
-
-### Secrets for CERTIFICATES
-
-Create the certificates and key on your local host, and then use them to create the Kubernetes Secret.
-
-```bash 
-openssl genrsa -out ca.key 2048
-openssl req -new -x509 -days 365 -key ca.key -subj "/C=US/ST=California/L=SanFrancisco/O=oracle /CN=cdb-dev-ords /CN=localhost  Root CA " -out ca.crt
-openssl req -newkey rsa:2048 -nodes -keyout tls.key -subj "/C=US/ST=California/L=SanFrancisco/O=oracle /CN=cdb-dev-ords /CN=localhost" -out server.csr
-echo "subjectAltName=DNS:cdb-dev-ords,DNS:www.example.com" > extfile.txt
-openssl x509 -req -extfile extfile.txt -days 365 -in server.csr -CA ca.crt -CAkey ca.key -CAcreateserial -out tls.crt
-```
-
-```bash
-kubectl create secret tls db-tls --key="tls.key" --cert="tls.crt"  -n oracle-database-operator-system
-kubectl create secret generic db-ca --from-file=ca.crt -n oracle-database-operator-system
-```
-
-<img src="openssl_schema.jpg" alt="image_not_found" width="900"/>
-
-**Note:** <span style="color:red">  Remove temporary files after successfful Secret creation. </span> 
-
-### Secrets for CDB CRD
-
-  **Note:** <span style="color:red">  base64 encoded secrets are no longer supported; use OpenSSL secrets as documented in the following section.  After successful creation of the CDB Resource, the CDB and PDB Secrets can be deleted from the Kubernetes system. Don't leave plaintext files containing sensitive data on disk. After loading the Secret, remove the plaintext file or move it to secure storage. </span>
-
-  ```bash
-
-export PRVKEY=ca.key
-export PUBKEY=public.pem
-WBUSERFILE=wbuser.txt
-WBPASSFILE=wbpass.txt
-CDBUSRFILE=cdbusr.txt
-CDBPWDFILE=cdbpwd.txt
-SYSPWDFILE=syspwd.txt
-ORDPWDFILE=ordpwd.txt
-PDBUSRFILE=pdbusr.txt
-PDBPWDFILE=pdbpwd.txt
-
-# Webuser credential 
-echo [WBUSER] > ${WBUSERFILE}
-echo [WBPASS] > ${WBPASSFILE}
-
-# CDB admin user credentioan 
-echo [CDBPWD] > ${CDBPWDFILE}
-echo [CDBUSR] > ${CDBUSRFILE}
-
-# SYS Password
-echo [SYSPWD] > ${SYSPWDFILE}
-
-# Ords Password
-echo [ORDPWD] > ${ORDPWDFILE}
-
-## PDB admin credential 
-echo [PDBUSR] > ${PDBUSRFILE}
-echo [PDBPWD] > ${PDBPWDFILE}
-
-#Secrets creation for pub and priv keys
-openssl rsa -in ${PRVKEY} -outform PEM  -pubout -out ${PUBKEY}
-kubectl create secret generic pubkey --from-file=publicKey=${PUBKEY} -n ${CDBNAMESPACE}
-kubectl create secret generic prvkey --from-file=privateKey=${PRVKEY}  -n ${CDBNAMESPACE}
-kubectl create secret generic prvkey --from-file=privateKey="${PRVKEY}" -n ${PDBNAMESPACE}
-
-#Password encryption 
-openssl rsautl -encrypt -pubin -inkey ${PUBKEY} -in ${WBUSERFILE} |base64 > e_${WBUSERFILE}
-openssl rsautl -encrypt -pubin -inkey ${PUBKEY} -in ${WBPASSFILE} |base64 > e_${WBPASSFILE}
-openssl rsautl -encrypt -pubin -inkey ${PUBKEY} -in ${CDBPWDFILE} |base64 > e_${CDBPWDFILE}
-openssl rsautl -encrypt -pubin -inkey ${PUBKEY} -in ${CDBUSRFILE} |base64 > e_${CDBUSRFILE}
-openssl rsautl -encrypt -pubin -inkey ${PUBKEY} -in ${SYSPWDFILE} |base64 > e_${SYSPWDFILE}
-openssl rsautl -encrypt -pubin -inkey ${PUBKEY} -in ${ORDPWDFILE} |base64 > e_${ORDPWDFILE}
-openssl rsautl -encrypt -pubin -inkey ${PUBKEY} -in ${PDBUSRFILE} |base64 > e_${PDBUSRFILE}
-openssl rsautl -encrypt -pubin -inkey ${PUBKEY} -in ${PDBPWDFILE} |base64 > e_${PDBPWDFILE}
-
-#Ecrypted secrets creation 
-kubectl create secret generic wbuser --from-file=e_${WBUSERFILE} -n  ${CDBNAMESPACE}
-kubectl create secret generic wbpass --from-file=e_${WBPASSFILE} -n  ${CDBNAMESPACE}
-kubectl create secret generic wbuser --from-file=e_${WBUSERFILE} -n  ${PDBNAMESPACE}
-kubectl create secret generic wbpass --from-file=e_${WBPASSFILE} -n  ${PDBNAMESPACE}
-kubectl create secret generic cdbpwd --from-file=e_${CDBPWDFILE} -n  ${CDBNAMESPACE}
-kubectl create secret generic cdbusr --from-file=e_${CDBUSRFILE} -n  ${CDBNAMESPACE}
-kubectl create secret generic syspwd --from-file=e_${SYSPWDFILE} -n  ${CDBNAMESPACE}
-kubectl create secret generic ordpwd --from-file=e_${ORDPWDFILE} -n  ${CDBNAMESPACE}
-kubectl create secret generic pdbusr --from-file=e_${PDBUSRFILE} -n  ${PDBNAMESPACE}
-kubectl create secret generic pdbpwd --from-file=e_${PDBPWDFILE} -n  ${PDBNAMESPACE}
-
-#Get rid of the swap files
-rm  ${WBUSERFILE}  ${WBPASSFILE} ${CDBPWDFILE} ${CDBUSRFILE}  \
-     ${SYSPWDFILE}  ${ORDPWDFILE}  ${PDBUSRFILE} ${PDBPWDFILE}  \
-     e_${WBUSERFILE}  e_${WBPASSFILE} e_${CDBPWDFILE} e_${CDBUSRFILE} \
-     e_${SYSPWDFILE}  e_${ORDPWDFILE}  e_${PDBUSRFILE} e_${PDBPWDFILE}
-```
-
-Check Secrets details 
-
-```bash 
-kubectl describe secrets syspwd -n cdbnamespace
-Name:         syspwd
-Namespace:    cdbnamespace
-Labels:       <none>
-Annotations:  <none>
-
-Type:  Opaque
-
-Data
-====
-e_syspwd.txt:  349 bytes
-```
-Example of `yaml` file Secret section:
-
-```yaml 
-[...]
- sysAdminPwd:
-    secret:
-      secretName: "syspwd"
-      key: "e_syspwd.txt"
-  ordsPwd:
-    secret:
-      secretName: "ordpwd"
-      key: "e_ordpwd.txt"
-[...]
-```
-
-## CDB CRD
-
-The Oracle Database Operator Multitenant Controller creates the CDB as a custom resource object kind that models a target CDB as a native Kubernetes object. This object kind is used only to create Pods to connect to the target CDB to perform PDB-LM operations.  Each CDB resource follows the CDB CRD as defined here: [`config/crd/bases/database.oracle.com_cdbs.yaml`](../../../config/crd/bases/database.oracle.com_cdbs.yaml)
-
-To create a CDB CRD, use this example`.yaml` file: [`cdb_create.yaml`](../multitenant/provisioning/singlenamespace/cdb_create.yaml)
-
-**Note:** The password and username fields in this *cdb.yaml* Yaml are the Kubernetes Secrets created earlier in this procedure. For more information, see the section [Kubernetes Secrets](https://kubernetes.io/docs/concepts/configuration/secret/). To understand more about creating secrets for pulling images from a Docker private registry, see [Kubernetes Private Registry Documenation]( https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/).
-
-Create a CDB CRD Resource example
-
-```bash 
-kubectl apply -f cdb_create.yaml 
-```
-
-see [usecase01][uc01] and usecase02[uc02] for more information about file configuration
-
-## PDB CRD
-
-The Oracle Database Operator Multitenant Controller creates the PDB object kind as a custom resource that models a PDB as a native Kubernetes object. There is a one-to-one mapping between the actual PDB and the Kubernetes PDB Custom Resource. You cannot have more than one Kubernetes resource for a target PDB. This PDB resource can be used to perform PDB-LM operations by specifying the action attribute in the PDB Specs. Each PDB resource follows the PDB CRD as defined here: [config/crd/bases/database.oracle.com_pdbs.yaml](../../../config/crd/bases/database.oracle.com_pdbs.yaml)
-
-Yaml file [pdb_create.yaml](../multitenant/provisioning/singlenamespace/pdb_create.yaml) to create a pdb
-
-```bash 
-kubectl apply -f pdb_create.yaml 
-```
-
-## CRD TABLE PARAMETERS 
-
-| yaml file parameters  | value                         | description /ords parameter                                                   |   CRD     |
-|------------------     |---------------------------    |-------------------------------------------------------------------------------|-----------|
-| dbserver              | <db_host\> or <scan_name>     | [--db-hostname][1]                                                            | CDB       |
-| dbTnsurl              | <tns connect descriptor\>     | [--db-custom-url/db.customURL][dbtnsurl]                                      | CDB       |
-| port                  | <oracle_port\>                | [--db-port][2]                                                                | CDB       |
-| cdbName               | <dbname\>                     | Container Name                                                                | CDB       |
-| name                  | <cdb-dev\>                    | ORDS podname prefix in `cdb.yaml`                                               | CDB       |
-| name                  | <pdb\>                        | Pdb resource in `pdb.yaml`                                                      | PDB       |
-| ordsImage             | ords-dboper:latest            | ORDS pod public container registry                                            | CDB       |
-| pdbName               | <pdbname\>                    | Pluggable database (PDB) name                                                       | Container database (CDB)       |
-| servicename           | <service_name\>               | [--db-servicename][3]                                                         | CDB       |
-| sysadmin_user         | <SYS_SYSDBA\>                 | [--admin-user][adminuser]                                                     | CDB       |
-| sysadmin_pwd          | <sys_password\>               | [--password-stdin][pwdstdin]                                                  | CDB       |
-| cdbadmin_user         | <CDB_ADMIN_USER\>             | [db.cdb.adminUser][1]                                                         | CDB       |
-| cdbadmin_pwd          | <CDB_ADMIN_PASS\>             | [db.cdb.adminUser.password][cdbadminpwd]                                      | CDB       |
-| webserver_user        | <web_user\>                   | [https user][http] <span style="color:red"> NOT A DB USER </span>             | CDB PDB   |
-| webserver_pwd         | <web_user_passwoed\>          | [http user password][http]                                                    | CDB PDB   |
-| ords_pwd              | <ords_password\>              | [ORDS_PUBLIC_USER password][public_user]                                      | CDB       |
-| pdbTlsKey             | <keyfile\>                    | [standalone.https.cert.key][key]                                              | PDB       |
-| pdbTlsCrt             | <certfile\>                   | [standalone.https.cert][cr]                                                   | PDB       |
-| pdbTlsCat             | <certauth\>                   | certificate authority                                                         | PDB       |
-| cdbTlsKey             | <keyfile\>                    | [standalone.https.cert.key][key]                                              | CDB       |
-| cdbTlsCrt             | <certfile\>                   | [standalone.https.cert][cr]                                                   | CDB       |
-| cdbTlsCat             | <certauth\>                   | Certificate authority                                                         | CDB       |
-| cdbOrdsPrvKey         | <pvriv key secrets>           | Private key                                                                   | CDB       |
-| pdbOrdsPrvKey         | <pvriv key secrets>           | Private key                                                                   | PDB       |
-| xmlFileName           | <xml file path\>              | Path for the unplug and plug operation                                        | PDB       |
-| srcPdbName            | <source db\>                  | Name of the database that you want to be cloned                                             | PDB       |
-| action                | <action>                      | Create open close delete clone plug  unplug and map                           | PDB       |
-| deletePdbCascade      | boolean                       | Delete PDBs cascade during CDB deletion                                       | CDB       |
-| assertivePdbDeletion  | boolean                       | Deleting the PDB crd means deleting the PDB as well                                  | PDB       |
-| fileNameConversions   | <file name conversion\>       | Used for database cloning                                                     | PDB       |
-| totalSize             | <value>                       | `dbsize`                                                                    | PDB       |
-| pdbState              | <OPEN|CLOSE>                  | Change PDB state                                                              | PDB       |
-| modifyOption          | <READ WRITE|IMMEDIATE>        | To be used along with `pdbState`                                                | PDB       |
-| dropAction            | <INCLUDING>                   | Delete datafiles during PDB deletion                                          | PDB       |
-| sourceFileNameConversions | <string>                  | [sourceFileNameConversions(optional): string][4]                              | PDB       |
-| tdeKeystorePath       | <TDE keystore path is required if the tdeExport flag is set to true\>   |  [tdeKeystorePath][tdeKeystorePath] | N/A       |
-| tdeExport             | <BOOLEAN\>              | [tdeExport] | N/A ]
-| tdeSecret             | <TDE secret is required if the tdeExport flag is set to true\>  | [tdeSecret][tdeSecret] | N/A  |
-| tdePassword           | <TDE password for unplug operations only\>  | [tdeSecret][tdeSecret] | N/A |
-
-
-
-
-## Usecases files list 
-
-### Single Namespace
-
-1. [Create CDB](./provisioning/singlenamespace/cdb_create.yaml)
-2. [Create PDB](./provisioning/singlenamespace/pdb_create.yaml)
-3. [Clone PDB](./provisioning/singlenamespace/pdb_clone.yaml)
-4. [Open PDB](./provisioning/singlenamespace/pdb_open.yaml)
-4. [Close PDB](./provisioning/singlenamespace/pdb_close.yaml)
-5. [Delete PDB](./provisioning/singlenamespace/pdb_delete.yaml)
-6. [Unplug PDB](./provisioning/singlenamespace/pdb_unplug.yaml)
-7. [Plug PDB](./provisioning/singlenamespace/pdb_plug.yaml)
-
-### Multiple namespace (cdbnamespace,dbnamespace)
-
-1. [Create CDB](./provisioning/multinamespace/cdb_create.yaml)
-2. [Create PDB](./provisioning/multinamespace/pdb_create.yaml)
-3. [Clone PDB](./provisioning/multinamespace/pdb_clone.yaml)
-4. [Open PDB](./provisioning/multinamespace/pdb_open.yaml)
-4. [Close PDB](./provisioning/multinamespace/pdb_close.yaml)
-5. [Delete PDB](./provisioning/multinamespace/pdb_delete.yaml)
-6. [Unplug PDB](./provisioning/multinamespace/pdb_unplug.yaml)
-
-## Known issues
-
- - ORDS installation failure if pluaggable databases in the container db are not openedS
-
- - Version 1.1.0: encoded password for https authentication may include carriage return as consequence the https request fails with http 404 error. W/A generate encoded password using **printf** instead of **echo**.  
-
- - pdb controller authentication suddenly fails without any system change. Check the certificate expiration date **openssl .... -days 365**
-
- - Nothing happens after applying cdb yaml files: Make sure to have properly configured the WHATCH_NAMESPACE list in the operator yaml file 
-
- [okelink]:https://docs.oracle.com/en-us/iaas/Content/ContEng/Concepts/contengoverview.htm
-
- [ordsdoc]:https://docs.oracle.com/en/database/oracle/oracle-rest-data-services/23.1/index.html
-
- [uc01]:../multitenant/usecase01/README.md
-
- [uc02]:../multitenant/usecase02/README.md
-
- [oradocpdb]:https://docs.oracle.com/en/database/oracle/oracle-database/21/multi/introduction-to-the-multitenant-architecture.html#GUID-AB84D6C9-4BBE-4D36-992F-2BB85739329F
-
- [1]:https://docs.oracle.com/en/database/oracle/oracle-rest-data-services/22.2/ordig/installing-and-configuring-oracle-rest-data-services.html#GUID-E9625FAB-9BC8-468B-9FF9-443C88D76FA1:~:text=Table%202%2D2%20Command%20Options%20for%20Command%2DLine%20Interface%20Installation
-
- [2]:https://docs.oracle.com/en/database/oracle/oracle-rest-data-services/22.2/ordig/installing-and-configuring-oracle-rest-data-services.html#GUID-E9625FAB-9BC8-468B-9FF9-443C88D76FA1:~:text=Table%202%2D2%20Command%20Options%20for%20Command%2DLine%20Interface%20Installation
-
- [3]:https://docs.oracle.com/en/database/oracle/oracle-rest-data-services/22.2/ordig/installing-and-configuring-oracle-rest-data-services.html#GUID-DAA027FA-A4A6-43E1-B8DD-C92B330C2341:~:text=%2D%2Ddb%2Dservicename%20%3Cstring%3E
-
- [4]:https://docs.oracle.com/en/database/oracle/oracle-rest-data-services/22.3/orrst/op-database-pdbs-post.html
-
-[adminuser]:https://docs.oracle.com/en/database/oracle/oracle-rest-data-services/22.2/ordig/installing-and-configuring-oracle-rest-data-services.html#GUID-A9AED253-4EEC-4E13-A0C4-B7CE82EC1C22:~:text=Table%202%2D6%20Command%20Options%20for%20Uninstall%20CLI
-
-[public_user]:https://docs.oracle.com/en/database/oracle/oracle-rest-data-services/22.2/ordig/using-multitenant-architecture-oracle-rest-data-services.html#GUID-E64A141A-A71F-4979-8D33-C5F8496D3C19:~:text=Preinstallation%20Tasks%20for%20Oracle%20REST%20Data%20Services%20CDB%20Installation
-
-[key]:https://docs.oracle.com/en/database/oracle/oracle-rest-data-services/22.2/ordig/about-REST-configuration-files.html#GUID-006F916B-8594-4A78-B500-BB85F35C12A0:~:text=standalone.https.cert.key
-
-[cr]:https://docs.oracle.com/en/database/oracle/oracle-rest-data-services/22.2/ordig/about-REST-configuration-files.html#GUID-006F916B-8594-4A78-B500-BB85F35C12A0
-
-[cdbadminpwd]:https://docs.oracle.com/en/database/oracle/oracle-rest-data-services/22.2/ordig/about-REST-configuration-files.html#GUID-006F916B-8594-4A78-B500-BB85F35C12A0:~:text=Table%20C%2D1%20Oracle%20REST%20Data%20Services%20Configuration%20Settings
-
-
-[pwdstdin]:https://docs.oracle.com/en/database/oracle/oracle-rest-data-services/22.2/ordig/installing-and-configuring-oracle-rest-data-services.html#GUID-88479C84-CAC1-4133-A33E-7995A645EC05:~:text=default%20database%20pool.-,2.1.4.1%20Understanding%20Command%20Options%20for%20Command%2DLine%20Interface%20Installation,-Table%202%2D2
-
-[http]:https://docs.oracle.com/en/database/oracle/oracle-rest-data-services/22.2/ordig/installing-and-configuring-oracle-rest-data-services.html#GUID-BEECC057-A8F5-4EAB-B88E-9828C2809CD8:~:text=Example%3A%20delete%20%5B%2D%2Dglobal%5D-,user%20add,-Add%20a%20user
-
-[dbtnsurl]:https://docs.oracle.com/en/database/oracle/oracle-rest-data-services/22.2/ordig/installing-and-configuring-oracle-rest-data-services.html#GUID-A9AED253-4EEC-4E13-A0C4-B7CE82EC1C22
-
-[tdeKeystorePath]:https://docs.oracle.com/en/database/oracle/oracle-rest-data-services/21.4/orrst/op-database-pdbs-pdb_name-post.html
-
-[tdeSecret]:https://docs.oracle.com/en/database/oracle/oracle-database/19/sqlrf/ADMINISTER-KEY-MANAGEMENT.html#GUID-E5B2746F-19DC-4E94-83EC-A6A5C84A3EA9
-~
-
-
-
-
- </span>
diff --git a/docs/multitenant/ords-based/images/K8S_NAMESPACE_SEG.png b/docs/multitenant/ords-based/images/K8S_NAMESPACE_SEG.png
deleted file mode 100644
index 594471ed54a6c980c9e63ab2f538c40a32a5dcb8..0000000000000000000000000000000000000000
GIT binary patch
literal 0
HcmV?d00001

literal 269014
zcmeD^2_V$j|IS1k38^SuNUj;<Oh!3UIg1>n5aY-&%#2*)s$>(X<jU1aMI<S5jS3x(
zBt(vpD>qFT_x}wuqHJyZYj<n^)$I2DzVG|K_rC9QAMd@BI$COrSyr;p(9kU2xkF_S
z4GkTMhGxOFg$qE*E|08g@DD9!kD3xqQVDN64NYD;R@D$|=VEDtM9}cVl&7!wB_P%)
z43;0J!Y?7AibR-W(I|Ux3CitI7B-eP2#e`w5)cVVQ3zBNDy0X7@WZxAN>BYyOj;Vc
zZ@Rvj6~dm<kS5B_28lG|m)I^P1_4cNG=xI=VM^di!^Ymp1^nwGD{UezDFm*zIXEB@
z28cuIHdu0fn2Z=qn*56T4n0i`ehFo8jkK{vfPd5w=C&yED;8)oXE7TTs4f8&lMsV~
zB4ukd$_`Z84uwjHLByn_p;BV9GT_0-Z`v*)DF&*8GF>xEGqlaD-pGXrteMsHr|N4O
zY`1}-TrBsYwqcyj_S$T-1*0I>If6iAY{2|X%@(z9@&l}^17f<=0&&E~91KK)AEwF=
z*#@4Ge=ubW8#61knH{*XHv<EmYC#7~nJ5@Nxdj`_JnvOjfl0u0)TMMaR2|$5cZ#}N
z8GhOtwM{!0HME(7wI<2}fdoxhxJ)+-g^(+d8?|tqE|GzNsUR0vp{e~)x+NFr+PF~$
z1Ry(I&B?|BfuXcEU4%uUkXRdsxrOE^dwYN~b1Isl(J1G+)htm+%GXhPbpRhe=OuE1
zuDKcV^HKvF3#|2YU0Es0@W{1yAZ)CxsXap>lqYs()XJ0sjJ25s%6a<zsiN6XnVv`L
zY@$&p(B3Sd&3;U+WapxcK$0h$I**io05X01yEC(ao}rxor8!Gw9hj7sw##-Y2W@91
zO-ZPhxq+y(<TU(_m?51gvpZdY!MakX8;x?Zx0oVyGL<@8+h7s84rTz0VJgl5!9bZc
z)(#2o$d3X4Kq{k<C^WdYN7;i)N)~1q>zUW5TX!(~_)V101jK_yP*Idz>&tWfamLjU
zfV8n_S1{|8*QKb4O2Ka!6*HVaVv7W|j`b`|k(8uNuo(qIt!COLlgFQdBB(<_f-jGs
z%wa#lm3aXK`#O9uwg{{_nFs(QnGK4Wc_)`ofekYkY_nm-F9DN~m61{f^R9#eT;3Kz
zg(7%jIrRrTaX{JFW2fduN{L@e2_go8NC74c5t9bvREF?N0Xd;O^#DK>6oXltQz|!a
z=~NS+)|C5$hGnMO6qB23YF3Bj>QkN0DwB|%>hEJ+Fg}<P8PjY4H_<RVgh1+`FgDm}
zrhN#7#iHy$1v8|L6`6~h1G+;1M4owL8|48OMaFu-Jf_&XoeN;y4%T9}PKOX^djuAN
z5wiiT57cl#@0_|&aX?x86NnF!rr<9X@ntCYvk;$33v=)u%o7>Ge;l;`6Kv@h+LH<J
z7urimKw<wCv<Ip!nGWYjV`(JNJCrO@Kzo*eSWe4behFzuC$c`Gq>OSx+W;md0ntJ@
ze=G)9R^-Rv->KIRQ46%TX{ze#Y*SVRZ|JJ3?NL?RrnggDi&_teubHZ|%BFj#Hc1}h
zEd2n8ZE{z0r3OXz&lWM1A}V)9A}q<TQMoadx7yiQSdcXjC9<%xvA5Egs-`0Ov1AWL
zwIdgy!0VRCDHYBdyoi|Mx}ONCDH$L&BNnD5)71TxIB-CrvC1fWFnlv0+yL80m|?Ka
z2(s0qghpY_ux5v*G@%(O`p3%8Kf>dw$}EM)OHdj5EFKS~^8MLNo=PM?4wI)yoxc&=
zwfAgO)=(8y*`~KmX`8O9sJ4#ko^5*Cdqj1OboEp<XJPpF!Fr%8!C(;Z2jI?Z)SuF!
z5Yp!6p!^s9|4+(2jG`J)RUE1wKMVaOsA~L=js8G`{W7yRr`S;dO)1=d3Xi7nYgW<!
zE)<kilxE2VX)`;rdTW0OL;mOQpb_#H%ugeh62E8!pv9C;{AC03O9n6u2Gl|_Zhe7B
zW}G5FHjzN*vjpa-MDtP!V8g&_olQ9ZJC*3nrIIPV>bvPnfU+S7S%|Fc=aS<P1OY<;
zf9fyEK}PDoP8Cwp{~fBB&rtY8E&pX7|M2#)Ir<-Q3rWfTSL|abB~bBqnhX>Z;k)ZS
zU$=<=(BJsWCI$#R^&`8@KX>>;p)zDg*ldkw9;;ZEQsoC%c>aE?7$`FT0(SrM_fT+n
z8k0Z&|NOWu4I<WG$8EV80{FqP`>RIp|Loxe#_TWb{%O3KvVR7<spjmDjoVZQ>m23e
z6Q$e=1k)X+CDosaflELrITREhG<b7LmHX>P5D4<l5tNeTbQ<y?XZg=0sXn#Y^9_}w
zSmHm9|5)Nr1jqk!@&eh_CPn^BHpoHnWmY(x>|B7sK>6H|2Y5qz>JNDGIf&<v?oUB;
zDs$+2B|lKHkm~xO^e_v&(D~e>P-^J-#{n-z>V1ive%ZJ`yp4-Nn4=LObV=qhvsvEX
zP7kv%o@xxt=4X;WT+YKZYyVR8cV1VgrR5Yi`rZKn6J1s1J*s-T|BEj5P0W`X7n`wy
zKMSB)T28q~KjXSEX_y=gq!9j#T$jpHDO{I&I|~P)RPfG0LJD{OahUFO=;2F9_%ZVT
zF)H=(>YLr{AoPv}f%mBt2D0W3QAQ&`93N{#PWPl_F90w57c&sP3D5ooRz%55q+$gH
zN#y1c%|8i}0A^0+=d(n!H5TgtN&v5?0B^d+M`V%sIe|2zEd7L}{3jHsZvx7v4EbkN
zk0q#j?$56uOUxGp`g&;e@6Z>3NAZ`w0NCF=zxlm-64VT>pI>44YDngz4EU%fe7yQ*
zg+T}DWMwtw50QX;boCuV17%?<<?*BbKvf?;KBJcWM-+-rvFIn(C_ayR{AV<ZPoeZP
zs}%FO@5!3rM;iY&J#V&3G2e0_@){N$Gb~t!L0*snkOV?bkoosic&dI*VcSq@HsUPp
z5JsiK*@hlf>-cdDJ?Nisp8j&L{c^9(C^dhe$WZ;wvnb%_aJNbROy<#4Lg;sm6Hv1u
zD4a~1%Asb#aYj(h=44Q6aOlTjWni)Sr|yW)ybr%v*-y*LzCZ3u%}uC~{&{)WSB<ZK
zEM%afB&rPdGnn>2{FSumZ*oO_Em&Y~j*tTR-}8iMzYr|={)k3i#7tI?sZ5q?_0MLq
zRF!fzlcjo!e;^+Fxq(InHf3qzKZ$928b3~4>c>Pi87f-+e5fY%CydM=AdiMZ5LD8h
zM~2M140A@Q`f+F*23QoCOU(-Be5OBr6L+3%)&C=TG&3mk{WcMy!jl4D>g{ZDqH^ik
zocjk<k3p)^SHb&BJ^pFc<9QQlz9&J<LiwM=vZp%b=J2zBCouLO(2D<d{F*;Ig34TH
zVc$=ZLL)gJzx~(H@26Ll|0VpRdhvfg{G)pE=CHp{f;9iS{wzgSNyvlxX8oBegMJ|W
zc|I@9Clmf->(4VN^GkpJe2+xf59Rv!*_~|jvh%+I|ET%{g}+d5e?E3DNnw;<V&}ii
zxBr&;_C4ug7RFOW=WK_?kGBp&@~>_A@^|Dl0`u*^sXu>D1e@P}`-$~uY8>bbdm{h)
z`ZFcwO%-pFltIs;cBnMPkv^N;e?a%M)O_^*W2nzy^(|#_%JlBa(<aMTm$6AxG3fiL
z(-IU|{`~G}su236&w!0dr}oPJDYvwytm}j+{QxvFi|J9ZYc|jO@l+fsDub9UV*VW$
zp@FK>4sC69YB2w2$lUk=FpjG8P(&BiiA72Gn1zos@xVC<`NJ*yl>QS&=3jPU&6n8y
zxg@2M#P^e#R9--pnbiAP;Q3jOfgqo+Kvs#qBs70I_(*)ZFWt`ppu<pg7j+l?9jdYz
z?d^xutTder?M3I)VdpUPzr3#z8nEW6g-y0L_F$1a`OKhMTO55{+XN0lF|z=>l}}Zf
z?)u|H@DgZd&c?pe2Mv*%Gq*S-3JxZsih!@aML9-f`t%}7Pt-wD8~L`Ru;~v3;~)=e
zy7`ZpgmagEPxm*UnEE(wi~|Dfv^|rJ`0>F!(*QcvnmTfc@;Q{9mQ|FXfZjeXQ~MJW
zib7jpcG^vyT{O2Xq>a58%G?G$eJGXK$3K6y105$MIJg99V-7gm+^)7Eoy}Y^-`K9j
zAw7GH6PkQ((WmWgR8iGc-m_C@>Wl!G%0^}FsnJuR{Kc6?BOJgG$zdAu7y*0#6LW}h
z#cZ>%v$5B4o<{XQ@d{{n4qktHPgPXGAihIupSJ$#{d8~hVbo0b;9`oN0p>wPsoSGW
z5A74Qp4s*L9~ihT;xl9dz%U~N!^8nV<J)QB7YxBdwQu4ep!ye4`D@STfgzbG{RQ{|
z+?=Ary%_QVNZ*Haei0&dL;WuTc^)7FXiO8L6B!)ehEr5X{-VYofEs52`RyFl8F5G#
zfd<Fj{36MzLn;1c*$BV^Xc2(J<S)?V3@m>U<qtrVA3^!;R0#-L4~bEy=uY23P5V)V
zBrplF$Zs_yzNVji?fE>S4-7(#T>Q;K4}e7(4bJfTZ|N>S5?IW^^nMX6pOeEMl>obE
zJ}V!10>Ek0vo@EYYSZM(qLyZMHb}D3Vu!LvQJn@K#loEP??4CBjZK?g)6TS6n^w$w
zh8<YCvVHp>oK!^J`--{{@jtk`IeC)j+x7OJaNU058I+wTn?QoPig&hWUFKh1oj$K;
zaK3E@D0BeGXL`$`>5UKfsD9xrMzZ(!bA+9B^77nmF~7%Y6Z0MQ{L#rwKI3lce8lO~
zb43A&=G&R&`@8i;scvG5Umr@@6noAd*7G{{sf)P&mDJ&Rkz>A{3#O4{nje1i?pS}_
z3+w>gQ2-&Qj|-h~I+J~ZpLiuc`e>=n$GJz0QX8Rs!My8&$y?UWJ)diu62KrnHvhl4
zfae)El6>Ctv^VlkeC4NK{pmf>{H7h7;9`F7`8Rr@_aHFyxeY%y|53Dk9Y)|Sa%0m{
zkqV|y8u$`?EG?(x-fZzcN1h%6(?NA&&IhoW=Tv0)T*7}cnlHMNDW5Yv;h;&%yMMt+
z4-jm=Sq8<^5s+^g)s#<WrnT>YQ$LFGPX*cx6v@2d=Wtd31#5f?jQ<}j@t+5Z-)@M5
zZ~JA4&px#Ei#}#R;9q?H-3;+*u>3N_XU@|7;<W!ouzb}J|4fCWfW_>;=pQjR`=}ty
z2(mBfvtOI_uRWiKSj^4Dz8xqtUg7^29{wL*7=3gL{{@|52A03{il5xW5B9P_kac`;
zP6deeV1ToOlF;&z%V=q9seZfzS6{c!uoj4&b`B_tgBn=*NX*P>7hkl5uqdn<QrE@}
z@u@8YRr}T<AnY9GZ3qI<{Klrt%&}8WAmD2!iyDdz1vcU~!_NCv(-ZW$NjNoczns1>
zB?pv^Jr>}Z3RoXNULpWi3P8XqkWwnsO9p_ShI$W*$koxnQ)~Y{4*mN#oxW0J>>>L(
zDUQ8)y}mLt2L}G&e&4@yQ-Jw0sxj7P7AR+cGh{#Pv@_Vi#sX^%N?<c3v;6rpp^bmS
zpAVIun<+0RNtvEmx!Cij%KvyS+dr{89m3vX8yY<Y40EIz24e%VQ2|KI(Adw5XL<1F
z`qmLHHdsRdJScdVd~HMqEnouEcPiu+2xLf;AE}TDX6nWsi*_ZyG;=fSE%LLEuT9-i
z-y?6cjsO{#Q=QF0q(4Ls49W>@4x|uZNfPtAwkZHcSXfbNO+^C!!pW7hP=xCFpH2GI
zGBg5dhP62|yE6&Me4hS4GXydx0&@sXo7N$-VsJxQ@gW77%cG!>Pcd|QVkobXxfzgi
z{Qpy*($vih$lwCg4TVThf=blS1E^(%!2X3kVai~1vyRmM@;E8Al@UnfSH6fmb5qqM
zAU0&Y`XeNvhU>nxuHpMo(+p)ylMwlqOdC_w^##hHQsGC+o1!Qx;mu2he<L+b1A2Nw
z=if<#vQXp~+5OLCCq?Bf6ta_}2Bm*~s-p&FXD>e_v#MDE=8wXNOd|7zf@evt*&BX-
z58Z?u9^4MNCa@jJ!<xO|nmY9Fw@gg>6P7Lq`)PF(@|qR$gnctRodwH}fTyY#Qwqh5
z=J9p@2TpIKXdz-!5|U(AIm2zmAmGquO2HrKB2$%h5NI0^$|fhDPw6sqSn3}l#aDF_
zC<S}I&PFNf>Mu6>i;e!V^76eGWzNC!d3fsF6rb7YX`kDBe@G<2i}k(E8kdz8lbO52
zJrqJ+sX9w*mym>sQ8m`tnmg=Mfog?70is8PY)>*1`#R?R4f^PO*;?em{3w#~AGO+N
z4#uEpKu`!(U!MitpTum3&X;QSzd-hziFHP)`FDs_ifX9N08@s-zh(hbLQ-0cO2M;9
zRZ@bY6H#^FAAnTnbHse^dY>-&i`jIxPKOZYSPek`z`Q1NfvLmnL0UXSl$@B1LYtW*
z5u)T(*N4o210SY>azLQXuqd=BSUZVD*v%IU__v(j|I<WhZPNrH4#1MXoHy|Q?YW+j
z&i}`0QQ4+P3H5w2onf0An4C{35@bt~BlQ38QAyju%+U!%$NqB@0Zgp#{!P*r^CHsJ
z3Z?Jf*^kb|$U+Hi4~%2X^oA0DZWg9B>hH_G=K~AKe6U8LY(cgtd3B_yIj}bV1Va3^
zZvy(ucZa^Tg`D;0$o6^3v}!=!Gh<%WVCDsIF(-5SuVh_=^ym4Ktf!lr+dMFuX0mo?
z#(<^{;s+Juzr?7W1MrI3&z~hYuNa+yEfur?N4}h*{Z&f&&q^d<`F-`{!8CqRm-+O$
zv;`D051;r^w447dEdTS`#b1+z|CDr}VLLM-<?oP#WKYT8x;pHa9Q=~N`IOiF-S__m
zbMhC%{elMbDFV%BH&Ayr`0kSW)6PG=|4A4w81|GM@zuQfuTJ297F9va_NyQNDfGW~
zFEPKK2lBT+YTIA!^glb}e}~!um7Yhh24MOuss4{jfC)UGW&AJam0KVz&77vbVRm4b
z9K)3&{{`mXe|RgAe<T<U$dHVW)bN%xHGOMVcuSI+>N7jG1)~=Jow2Q{P&FEb0xRxR
z`61KZb1>kkA2kURZRTLDiLyY<O|G1JYGGq$g*LOJyi9q4yfkIHBzX0@<uo*FXm$cs
z%H?2JH1lh{CZ2-cL4}aPGfI~&Y~n?39oGw0dW+KZy>sv4hLALoOCq~>UA`=0!|s3X
z&Q-nhqPOn$j!r&kaLhsF*o4AhR+c4284aE2#z;*4kgHdzt7Q){rp-eu>5(5B--!zg
zfA^mC+q!+p6MmmqcF$KERJJmF{Nb0J!B_dNp<6fWw?btro#L^m8#m^(;LVVeM9aQp
z*6+z0x}~HQ%^I4jvl`sWu%XXs@tileE?_@{FI{7Gc+>1&)~)eLww*nctqc;sdoy@0
zkki#=pVi9}T4vk<dhjNc!|=8#ZAay;Qxb@0rrkAZq_$Wuol8oLSsz}izpKqiZFhcl
zUdX!cffNhZrsIJ;G8ep3L&Of$j7=Jtc=(PCbY4+8x%734Ig{t)xHGo1axtIBhuy51
zESwv?72F5C#T!;bOlc0fcS|8(-=-Ce#x7mJwmRUH*n@?k3R|GsF<WFONKKk1b(zkk
z9m3}ox`xWs`11Q2AEh{T>PI=(yDo<wV%W6z=5ckgj15;6&Jr{)NHUL)3_MECoj5F8
z=UBKZeW>2O*hcl#viy>0c?`Df4nkccdUHilDyku;V8QA~xk0>gOY{A?o||bmKJ?w4
z?dJ68_-`?89YVFv4IXOYQqDcblGZP1PAwBv3KKhU+o4fOFVT=)8$P_DCe4;RwA7zV
z__sFG?(X{y1yOPs2>1$KzVditYcb4=N9yo-v)h)%E2Eq$jV!gKY%7c28>Dv%E;aEG
zn*zPV2J$R(P0ey2_bZrH$>SUGF>c54x#NRx`rkhnkA!Zl*`Ibegul<Zy9S|xERWL+
zyx2N9x@c_Mu?1^U^;xYh6Ol^M4<}k9Q3ZDQ>ns^M@jmn^hbuOX^%wHBHe@xX6OJx=
zk!S?V8tus>HTv=OO^o(7-FYqs8$W)hEuY&&r7Gz_Ak8&V@vOe18U5i3?ngo|vRZ1(
zx;zgRePk0KePVmy%Eq`z`-cF8{Z9pB3CGyr5E%tdk{X}KUG{PPggw_-#B#^bF!-eB
zV6|0K5v){_?gB<Yz4OGeL1aTt-B_TEqSwT*V7*Jz;`Mz`-!%tomvju(*e0t!J;xuY
zGda}Y75HTGL%H_0{v6yeS})01ZbPi-{(FQ90~4v(^3%DK6Fj_;-7nR}r6woGhZ-Vz
zGIJ+Jp5qE4{cMvm7G$N!wnbrz(zk>b>b$@d#d?lBC7lv|HNZj4zrmpj5FP&rkcL7R
zPV)f6TYgh!982L~_Zyy+)#*n|_hOSOb!qk(>!#o7M{)WTu5ylICjrFSyiELHlro{W
zKAVSe(Xt{lf!N<1LOfcYg<Rj4cGHM4?)T<RlCkS_An-msz2)B6b>|Y^+^=^_kn<Bg
zuaIV2C4Ds5LkEiyQ=A}OG4hDhX(`?baeoNqm9ghd${9I~(M2}}%B(cgq%GlDa$3!&
zGz4jT?M<$Dz4eQUfzGPPrjeoEp!Y4$BQp%?8t(YrdruV49b4LfBL=dQvd*UWJzRtd
zmvMb>fw@BLd&JgsR&6yDz5-_Xn|(%0Xkw&~4lePuOR7?9)}@6=K&d$qrzWlL4uu#T
zgdV9#FenWu7UbviB&~fGB5XCr)iZK(Xl2DPnL!X#0b4ov;X$hi9V`272Ds{a)j>c3
ze&(m;1cX(s0I;^>_q^J@1|VJaLX0{ABNeL@l+exj{)$>q$=bdQx{_DC(*DNvoDfal
zLlMGt#@AX8-%s0PS8dKb=G0jk!NbaeWvO-;bck9hbvRs(L0VmhDOHg7nTh9c{)eY`
zHzW~=0>|m(43dnEFmInpm%Ahu$f1+&wgtdSAV(wCH5^7f50y%oY<@Zn@$gIN$L-1E
z!om43;@bilVpVSUw=<1D3>m1;c5iA5Qj|Vo*uG7JD0DE(#Sostf=j9|jaB3u9qfh?
zTVHdV;8Ie2J>&6gPUEuJh?_iQ?%Kx-D6urdm}41j+d{*m7i_pWBRIp1Q|_VrZsGdG
zb4U*tz7&jcq2qkY+01#zSk<y-@noc2jd3(v$T6?+fhwM|XSLYDM>!emN($ncjBTtu
z<rvqGW&on=A0w7VdXZjvx654WY7F)s8z%B>8yjwm_2VQ>@EH!OTz<;4ytNi16%*Jl
z&G|v&By;GoQl9Y6q|B1v(eP@5E=}BB!$6xIQL&S&8GB4z0Fjm5(2c(+N8&vtq*2)+
zSAP0+a)?Z6BwHNeIME=Hj!a83GOIO+X68AbO$C8v@!EWMZORKs!hkAH-hy*aaruQ>
zTj@*;PAvR=YY~HpPibI6ZS&KLcL0rr)d?~-FBwd{#-&2V4je{T3;D;owyyZ_uI$n8
zZY;a}HCQmK4dS(;dFi~yNc~U3#A8!}Zfw!mpHkyP&!iC>q%au%w82tQgEj^I;8xSd
zb3!LF)~zmCopi?_LBIHF%k5R0u?sUWZPJr=w+Mczf=gB6CLx-?A35mS5@Kq?NveH3
zN@@zSiY@`bH@=}b_}aXf1>RQJBs4M32uEFCjqBSMy!pc$RBlB4n$R8b;cdkXJO=Of
z-?gT-jiuFf(%RCmvOa5A(pzQ$C#jM2cvIi-Rc{P|1@8KiyZNacX3NObEZm^X0+7N|
zWZZ|)dij)MIsNZxMoLHQ#n^XPh>cE+k75Fz-3@3jkGEpR`NNZHU==5L_KX|!9c#%N
z>Z&gPFbrlo($kfQFV4<(8;}r!a0ZOYpajB057luxzz)m0r$>a`*ueQhqtnc3MSXxq
zq;&CzRqCv8Mmd=~5=^-}&aNvs*cu({@Q}Ingn%(C9HrqxpXxSnIQ3|$0^{9BCWK(N
zLPB})C1t<2Ntr#*mXh+&ebo&aZ85f|oBEMiLhoLutUvMFilw32iFC2|9DQSmcCT+=
z+R1*%jaAo4R$QIHbWl;BOTbUu$VreaZ(`P5<icsE8wGRvJYLerP149W-Lz2GdgHrv
zI?b|@SIccv1!az+eWPS(w}d7X%hWm?gP!I=(lh3GRjge7C~`sE5uI0i&ZF~Vg&;7?
zB8bdljlKO17M+TnCpiR9r1`~S_%roy?Tg#MZ;&bUID@_7nJb$m8)|`)RNUhJ?Z;%;
zjMJ>#mKyYDbd&_f<=uQ|SaCFQamro4NOXpuw~SDtp|WM=Vx~d?^-#u^P4M!wNB5Rp
zy4}XXYTt8>Ej;v*zl_M!r&xj3XMV&mr(;Wz!J@H{<2NrqiWJb7f6GCi;Lj?vDA+e-
zPd?WezEh1(5eiK>2n0aZwyksxJf4*zs%zFVj4{H?#nP3YV}E18RT^2<Fg=It*_i5x
zm@JX+l|%>&LDn;mZM~9lHcaVEq_v<%xT$ovgx5rjdr#iv#87VHgN{mp{gXr^A%Q4`
z+ILU)A}1b=jB#cqR+Ze8$m<}aq7v@mWYaaCHfBZ8msX6juG+lZu{3JZRF0&d?KQY_
z|C8TkR5;&d<q<ee;x}#9(0!{(Z_qM~U2nJw7xO%x52y6-nY3|nyh82uqFl^1g{6Eo
zoEik;0s6)c0?h7|kTPy%UZe!NrM1bSDu}^TNl8E2-+Q6UaiAlr@!qll*E0&B%P~+W
zGnQyHr|?(JU$aC-l3y6|=cr?AQVre=rLi}a)2C>|ZNlyQO0qyliD-W!8B<{vbl{jx
z*UjS*p0Cyi2_~YPczJwodGP(-tr8u=&Jch%xox>^yT<n5CA7)x*L71^vo`jzp~{^@
z_a_Y)=XV0WBwD{CdKD+>ihalV&GeFJR=VheJdDgZlnLijQvG1AWo#=@UdwBJR+#1h
z6HT_vM`#B@o~A5MY(w9w;}LNOb`s)mG+EqRc!q2y9@FDEgV#=Ds)gn-<j9Yi8m;x|
z74y3Ka3%AYo=#QxIs)0I^V@neGMsq_p)f$~iq?6&bC^7TUtLR(p5c0*SeA~Jx(vL)
zLhN0#!-)e%%RCldhIn;yDX9k?&ybTjc9z9<L!a)p1LpqT%3xfp=x*2_5?JHI2YV2(
zc{g3dfgW;uihIlg89X;#x7A>G0ET6b@|p_GB2e3Wd)RKlU4+c%(V)HeYMT<z;<Xu_
z0)>FKc?R#i@alt;5x@*BdMDAL!i;my&;{*H?C_OZO1g0|395=;3$#;KA3Yf;_{N|W
z2ewCV1Rv*2ZjbNAZGl9*NncZGdUl(s$jGn(ufdHi3x+c2!%S))zc%{txZrh$?fv22
zb81{_<Ee+=R;%@@rrj)z$hE7!x9Xa$WPaW;KS*bGqwHi?O=~Z1?XxS&2lM;NI8vNO
zS);1@L;_syux$zvKSj^Px~{=-pzQtFiSW&X!@OIp)$2~3#+@v<SYP)d_03|l>H{xt
z$ipu{nOxsDOA|>Zqm}P4Re?{U<(&=p2gxOH=_kK&P-(b-po&#ovHs22c#PT!LPVo^
z(H3|tWL>AB7d-zI*S26x$J>FmY&`mnBxL=A#R?<vV?kD)z6$O`m-CF`&0b$*a@Z5n
z)b~pLietl-($!|AwL<I5E)Lq5tr$yngxP0$t%)lcS*d!8b9<XsSkqZ|6nz8B;eInF
zH7;@g)XrBAiS#{%%!PcxO)y(;x?!SuDW6H(Z9!E1mJ{9G(MkC1`zB!sbqGB9v<Kh)
zTKP5Cvu(XdoQTt6Cu8Vi3!gX!r&#sEjbA20PbikXdEHvN=2iHmtr{a1%SIHW=yE3}
z!d5h$=6S=jpU-{JX$y&T%Eha>JUy|+we>?}Pfw6cf!FVRR#}0&xSk#VuruAZ`EgUw
z;`U_5Q=xB9!?iCCXAD5?Y9U+TU78<oU9QGn75pyd){1W$7?+Z0uZK=7sD&*zyuEzm
z0haXM?F6rG98(DDw?6rVt)3U%xCr%;-p_FjR_S--``URMyokgLg0!WBw1@XTpXhoz
z>iwpMzK)5G&yzJVJXFD@=`=p*x%a{QBNJvk(ADWf%!H#Oc&10*Yf*F_u}n!B3@#Za
z_Y@{{t!tKqf7p_{)hDKuraXsku#2%HX2BLBjl)AnIXlsVoYzejxpa75d<JdoZj3)d
zVn`J%;u7*f$s5B)@H%u}#r`;#?)sOOJsD_v{%5OI>h$Gz=MHEQ?-$CSFU(QMI3v?w
zb{;-Rv(hAkzJjL*8XL%?!;&ku(R3m*HcVlHMy&k~SIf<=(vhx*`|n-q$(QdhQ&%$^
z&N`YtT0CGBWs)5)S(#MiN8H?n&scRYGS_R=kzHfeZr;7x4X14Rs*fiNF3T_4o$ufl
zTxadk7AoRC7VY#f!rf7`LGyL?dYQP~gS@$7BHr|)=*IBFqYjOBZyd1s^m0g19TMd9
zjT|=ax(8hR&-s3{Wm6op+ItW;_I|e^Q60`H<hU>}>9tSlzMf}!g5e5{VjG#q0$64C
z2QL!pyWjiTmt*BYOO@7JtKRs$eOH=W_13Q)b;WXkBLJ`Xpn3Q94Y$UKr~nt+r5#b8
zEIGsPG+}-6!SR=rtzsAEB&!Q<=_f?D=9=J|4q&^-WlJ{SdcdA99>5zkVpaLLYse&x
zzfW8?o^_v;oS-ebO<H!*KuIF|kvpN@-Oi=ANTk$c$mA%0Yn-<XQzNoP^U2^Ud8kvR
zaZwbkp(teCV88{zD@ILjt+l!(*>unK$7ubFy|_yy*PRc<Jqr=?J?K2f)_}XeoHK36
zx&3(IWYZG=QYYsv$k&Uzs=0=VZOX|$;)G_7O--3L=64=<7gybddZpH+b&DzaqI1Mw
z=yX4{?ZL;#mNJ%J!;c^8adxqB5MTd66yDrFRI_+F+>P#V42~`*7A{?A<w|UZ)?t$B
zP#FS#3Wa?8*_+@b&QoEx9v7k%{7zknT6L~eTisy!e%4j+0Hy_7tXh>aUq7gI;E!>)
zi;9q0VQ^Dt8S3=plJ5QY@#$eqH7jAu=||q(73eOzUcVx}z2iCL$V)xk`|2tZA<*hY
zbJXVRdven<PL8-e>uilnIz0ZosJQDjH=nX>?D5R)o`zYq3&%_+F7)+VrB9YwofXtx
zjXbz{k)3@OQ)<pWZ((se0Uy4`gi|utwl!E}TJbsP%bV6I;x!Fu7KM?HPcVtoalaxm
zcf92H5#CSN1gFzS(FnkqB<1DzOR}{yBI{Uxb77Xv-VEt1?kX*TbA*pPJ4@#^zWrj2
zuW>d_$!0DR?mP;ZY-|dPnoH;tFEAQ=u=TajU9?L@`j~WVyoed?T49jXoY|h<VrKeQ
z@*>J$jTii4@1m_~&+uK)>cJ143lghovf#9`0}Q4mh9-)ax>6nqo>wr#tpme8I`E|M
zEW<>9e7ADQKKFiN6=TZ85H9`ZkY$uHDv14+?<qc|VvKWBp^@)x5A)T=<9z~AE|v8n
zWwken`d!r#Jh4HdC*JQJYKjw_EFS4f*Bxpc@!<(tLXyANT<~Ht1ZHN`|9CvT{f1Yd
z;Kn|ytldS&TRc#=9+9?P>nqeAcI=RIzr)~p>5yNM=CO)hq4L)Do9p@Z(WzT<D+PDn
zTdRGLkXn}SfW1ba-V%XyzhHd7uE?x0-gkFv`gpq2@2FaxLEhJ~i^Puz9qW#Ke{s-P
zKBcv4%y3*Cj>TDU+>FYp>SIP|r>m>eHLUmH?#axMc5unNu-;@;ixz8F#T2;a8e|+<
za^KpmqT4c`_|&gQf-Y3atKJV4-cxGpESz(&Z~fr7TxlYUiI;&%7BLU2r`YepE9*jY
z$|_K%u)@BYT~TyDZPKgv3oiBQKI(5eX9DTSnAm81-Sjcn7}JA;sF)2Z<s!71lgX$e
zj^n{R_a7<p+&3*Rja_S!leN|^t$@%WX5dP1@NCjBtze;Yy=h-uV;y@?lfU|f3*}?O
zU9U41<!f!`wiACq!(rn761Uo4d!QgJa&KotZUj<RYm5X#)@D^~aaum|%y9j3#T7(e
zu`Imc#qPUOos-+H!NeslN4|~JKKSev^2AEPSZ|c#iV*&{&XW^TEX$q*C7^l(9r-jK
zUFeN}8#=lmJf5%8YNE*~p*>WA^SWkISHQ%OQ-QLA{dQS+m*6Xo$ir<f6eCmY%i;;;
zM=@{ek7g|5Zj8-`^>u^~VIT{6VVrCwenhwK2tP-2ze<vG`LeA363)I8DMxPU-m&M+
z374ho)gG^{wGbH|JAfgwmk4H6n=LvL$nd`ZexS^~4{bFAlNSVyMU#6@m~RS|x@XO(
zIJS4y9)j0<{udMW7vH4e@vHF#qFdj{dy5&+ui7`v05@ok&t8x?w&=PCql2dcVVwJp
zD)B_J&(UEYOfvn1;o`A@h~8AxGTJvsXr99tEC_m%adfiM;-b3O#UqOenXx`xv2=)C
z!weI*Q}7SGe1iPw?H<sEJfpLUIw#sERHR7s@N2bB6KC4^gj;(7x`j@_YXP!`1&i#?
z+)XH7@Vt`8oxWF--ZO&by!hhdcM4f!bq0@*vI`w7#3kQ!joiAy$LmPuD(e~>dFiB*
zQ{0)MP~lhH4LKDH4U?WUK&;nGCp|qC_8<f*LsvEU<~;vf_w3A)L;^<D^ZCe@^r2e=
zt*N<TEstUjWR#7k4Ui5Qr|=4s6pKUxgi85*{RO)VYq*AAm^ZtnZr1XdEN))+Iz>)q
z^WxXPL&tYrdR+zx$~*0-NozWNdOve4WC(RP^61#<Mjj1AvFQCvGViw)tk86h;9-Q@
z-9|=}^q55=be{z5zuUYPIKRV&8T(7{=d54230`POUz~ZbrQo&Nu1gcw<Q;2<GZ&LT
zGxP0+zU);&Q65jY#^A?H9^=~%7KQ~M+}1Q=b*QRGVIx}UO5%qVEU$xa@}6=wape`B
zB)v(jG!QXapbqCl<#Y*0l`R#Fb=cAo<G3ltb69k2xZBTiAaiTWiR+H&y{YR~z3#gD
z&LN-d-7M7GXr+JtkrePlnWK8;7K#U5Fhwe~T-^ldXXH2jKEFWTAbXD($mQ{8`}wxU
z3yVQ*WRcCvj-;}8R#2-6wpOCmNL}FS`v*Bf*?cFjJ1ahvbJA9e7Z#V6Vbl;bOJ!Kk
zxF*)~c1v+2H|UDz$V7SW*aFeb*y5%2Thb3EXc>MWvIHMC?@v*|wJ|NYz<JXo=YsVf
z-Hm-=#WCJ=#ygv9{W-U{@8Q4G)fm+oy}O*`+AJRo^(2|5E?sq+ZIrpS*JE_(3ZdVM
zr%?ejrf!)v%CyB#(1aIZfBVTf8M#XZzcIcIYnV_9Bqpm|I?Cu!USanlse;i`D)!J>
zyP=ru>oxfM{*&WxTUxi<HJ{08O?7}XI|m*oax=nRSM5)U%2?p4Tr9W@N4LR;Z{n2P
zRlJwmhQ22d(^}Zp1WZuZV-o_ge6s;bg@`IoWt=!CgdaSB_q|VJ72DW(iq30P%d~yh
zMQtlW8<!lTXFQX)wk7@g5&Ehjh7*c(#vUo!1jV6c4jOWV=1q9gjT}K{+%v0d@1k5p
zAcHrM`-8-2IfZ_!t>ktYU4JpJJts#j8$a~Hr+Am(9R|4WiG#5Vaf)SO4>_K#md7bo
za}@CJ%VYD(c5Bhiq>B}<R<;L_?Rrz+t$s3v0dBOL&|4G3GnCcN(a%}zeEPNNOPBgC
z56ROC2)>%3Y9#zkrZBhkSO|BUNh&?hL{X$NA$Le+=h%oHt#PHtB7rSNOT+5Y7}LaF
z+c8XJ4V}8^(tb>U-?~4{w`j3y-a5Zj2G6G~Ob&aKi;a?mjk}h-=iVH^79;ATn#!_*
z=Wui`PX$lcw#F;05ltfdMSV)oU+RU628fAInD22>s)n^?Uk)G8hr;3yJ9*sLIT1+y
zoSvF<_@Q0RzA;uie7vfZwIlXw#MwmczH*^`ZEwneh88J`?cnpX$4W~#1{CDT(l}`;
za_Q%6!DMyD?54l9x!wj{nSs8Li$1pgeT68oYvCCFhQqbU_O-}kF?=TnCXo`8bys&E
zxNF}ydX|lol+CmlR`|Z1p7=iE4WG3zvFp~dU4&E<c=hWnWT+A1V49_ZzSq!6_P_}_
zQkUNi72SGXy4EJYw~wG1&W-hIC*Iy-jy3Jg@vvkZEgO}Ol#B<yw~(M4-ioc-&^U=(
z9hU@gm&3a&Pun>jPP-|PeX~w;$n42_=g3zp?^zl+L2cA<H}gI$QGcBL<~Dn`{E%c}
z;)MMsvC)RQR@kIv%Soo1M+%Fb>tE4o4|UrQ${cTcG;wq|(tXLU=$DV1AHoD<?C>wD
zin8KziR%*YazBs3LxoBrUYe%~u71EVOdPh?fJec3h6efkTZAViC%r6-gQ4vM@mo(I
zOLHe!dvJX_iF#JUT_>-jqk12(v;{j<?U41_O&}5z-rRl6(-a?mextv8{g$1Cw)EQ5
zq}Vfbxs#{xy2<o>i<wrA4vsZj`_Sc92jVXyazY#?d2umV4Oc?lrLBP+9<lxIzLVo`
z8gj<Qg;H^HBqmn6LK()A>pht(WP9i?YU&aOeBeHlUDhVMUW5zfNUrpEXCdjxk;DfW
zld@lh3B0n}*jFNmulLCDpk+I<pr_-!UFSpQ9BdR1uHU~!*TY7MtZ=pEdh9i-6>)!<
zu0p3cHqa5G4g9G!+&vPmLk*sK%fWvP-1QH*oc4EbRw4v-xk^^vDzeglIF9Li+J9Yw
zsjM+ibL0N%Fk%iy-TwToEWXI97O6uX)y5{Q6PJ$Rb*n<ud^rZMc=T$z+%b2Jdg&lj
zQ<s^)a4e&jds}fqW`9%B!;QMGis3Mmi#qr4ZN<mEnx4TiA0h-KJuILi6PNoFIRvP=
z0B4Mzw(0s3ld4arzUe8tllJ_!SHJ<z4@l!YE5j3atSZ9~g%j;}6D2R9i#^ng#VS|(
zngV%n56FY1u9w<Y>>=#G9Ll4Xv9IVZtG~W*@v+GRDaI>OjRxY}N19%?wyjKgTsawG
zpwUt6p1j3Oztc9#i%ZO=@=3Ei_f53)&Aqn*_^fj5PAg#F=~P-8$kXK>NDxTx@z*zk
z9d<lOA6)aOK#xT|tFAm_eT-Xr=CC`6b6J+NqckNGUiRW3qE~NKuE}G7ms_8Pr=83g
zcC{jzZW-*dZM{JgtDz%%j?KVI=%!FsMu+j;9cyulc8M7o3-b$C2Dbroz`!!Kz1Qm&
zR7h*gYmnGicRw8ZTGm;@^ond-Fh@fFiMQuk1EJ=FI7w6kW9_jQL#rDWY^{GKVwAHq
z({r@r_rSYd#O|;K7kD<DT4m58gsUcPIN`ogg!Z|uw>CXI3i_rfR%2binc^k=zD0ZG
zn1Fd!el_W~V+rr6QTd#xq3GdBQ}g$R!d!x<nvzXcmUT6xGntb1a};wdfZGsiU#I(<
zq<6@jXp2YXI;gy2ATlST?l}l;&KpB8kD1Z)K?2&t@}KMPAn<J)f1-GtlT;~C3Dq9a
z&#Go!MK|$ABX+&2Uo6xlR+yOUc|r6-gKI(9QsT=uco{`nlfZtvBiGJ&l8zAkd$wk_
z;=>w77$yuFXu0cHYRlN)p%**sbtd#W;ZZQ}s(K<b&i-_ZCY?+JdZ59CU?4*OVW?YM
zB2b1UE8}*}=>s`|_iCd?+g1`H`|*!T5vYZ&j$;!%axaEnt&3794ICWcIIX?G{U}L|
zuAxA+(?@w7GtP^lNVK<)V7dMby+NO!lh84bO!SpPo@!xIw>xTklCfWZv7hQ~H&@Tv
zv7%hdRN-=DN$!zM_Nw@pR30ypO{NSJvFh*5^<uA-5$;3_477C9@}~^MZb^53<t7r|
z!9l8}c}`5Hbsmp(#Vj1Ve2w*T^+1kh2C`_ht=P9>u)D;UYtbUp*6VLy-&xDHS#grh
zGRJ6(tuiF&xdGvJ#wEf{oUD6mPVbv$cSLD%>q(k7jmkNTpCX$%p2nDlg)!tX9Tj`X
zsmwCg9~^(hqwV1G*9i&L8#i~Kauv{iU9+(x*1V*tK3ZbEdaYD?^McfrSGin5#tV78
zVooj+>kSxI6e+mL$QK!SNh90E^6_#FclYp}dw<tcExf@yR=odSWK_>~J9`!zVT01@
zqbFtbuVlR2m&?~WDIibq5!;Si(6js9OIyf6H==^b_<M!g7uhB+pb-+1eHmv3;$wNX
zRlBg3UL#mYT`@%W35^NIxL&&P`l07Wy@+F8Zh^r8)`Q&r#;UEl;d}UT6`pkE&SM^6
zyjo=@#G`|jEzvS=XGynXb!4#dG0xYj-#zdw!=?%ny3|pRkE$w0Y8GWdQ<pQGUeUA9
zs^dj`YHMSf)oQwA)qCi)eT3uB3c~}_CI*db6WQUsQm@7W<=&6StY&{HSXsPRM2^%v
z^e7;u^`vIi<N<{J(zK&|!|FhFnMB5jmyU-D`^57RR`EEv@em#s;4vPji}DmZ(H9Zx
zO~=lxFFz=t#bo~uC`#S0s^LDR#={&JMi~Zt=;1!vc||;@@C92YRiAs%O?IZ_RFL*3
z(Z#rlf{=D7u_S7I+j^Ybcr>no-eo|6(36)lPA48nWFC`YqF3W$EZM@fvHeul?Lh}8
z_)@+Wf?5uZlZp-<Fpq^64_(v`uG^^JanZ==ehs@E>A-Ws<IV16mrBpdkrYdXerMJW
zVUVetcyRF|JE<tdYh(od#DoB0UHt^X0B3|HG%-lG4kwQ)#IloW$DUQVz*WP??aO%S
z6b(z{3lGJ3T?-y;3b4#!ky#YKOu7P<Zelv&ry79I9m^>esPmH>XFN6X()nR^suxNu
zmF;4QYNkV(-Tu5uuS*ysjJbm&cf)GN7J~4*Lu;4pAz;kkowT~2S8~7||LQC=pT~*Z
zs-(ip5lsP0hPZDxjNdIn#@JyRhh183Fa<gs@+5jphNxTkKj~}|h(vpHMn?DGmZxdS
zF^h^@Ti@)^vG7pz_zi^XkPJCqd%3i3Iz1=ewi{(l?cg<3jeq7Ca%Y$G2|Cl0uL|9c
zK)D<(y@=WDjT#2bR>F+X{gD0wJ=QoZWZ?RqVF}rQN0xka2FbY>#@tSC+H4{BZdm5F
zd+F-brKN!xd8FHt*7xhRmzOx#;nJRFTZxUG2#maq?qP~UTHL-VQl_``Z6H0d?5TIl
zPE^J{J45zf6SKmbmz4z)Yhjje1?B8z_nCM(S8kf<M0qU<4a&X9Dst*@oh+o-AE}l*
z1WmGWUt91S&zXT&_?p+9ig6*kmUV3=<Sb}?naZ%ypxbD#ACj-jlVf%E<PnU&)1yZ5
zKBLwU?GsAF$9eLV53H};LYMIFg$dEi@KEcaYX&Jn!uA;^fPdXL+yR2)5hDh)!UnW5
z2UtZW>kQH?KXBwclho&mwiWMhxsOqeIvRlxxy8AP#Vv^t<koQCEOaksBSEMymv=F?
zn=K&bxAUSc9Hhnaq?`Q#E|0B-Q3*KViJ|&;Z~AumlxBG*9B}s1^5HW~J286FzLUlw
zxckBYzT03F-5X(EDtSqjkMy26E>k@MTV$o(`(_=H*^(_*<G9Vfy!(!2ZiF*C=o)G)
zcz%C)^RjNjQ!$YXdzbH*Y0i@xmyVDK)%Ry*RCx4$wB0xFPGsT*Wm@er4`TV`h2p!l
zkM}iSSKdxw%T4(09;(RheNVOYt>RNQ$=qsJgq_0|Cv%dDI`7wH289)^?W0eq>|1M^
zt$yS}ao(GW;$v=MJ(A|oLeIj`Etch?#HrDh!lD$~oL-*}>lHCaCf1?3C&uNIZ**W<
z=p!{-Vodj9t%LSjO1`>wjSI)daNxMmiCf2V9m@8kt{o`k&)G~0QgmSoU-xKPx>7Oc
znFvgduTkFWEx#qh$8{<<N$RdUEY)qwAf>B+B4GKcwd)JQJ0P_hyDmN5;-+rOSX0y?
z30#P4tyhhiN)hQxhmwg0?_q^fxxJ6vNi;9CXY);yI`1Oi-gPhT_`93Fd{&E{hl_`r
zj%h0vo`|(1q;KZ7$`<s#A(|-g`21RZKV}&Lb;mnLwmdhyGx8!rDj^ab!x?v}gYd?c
zn<k;4)~&(Z$f?ih^f@7UWTSrjc=a%5prP;Z$?oKwarQv5%%`>QQj9HS;W(uwhZ$pS
z_A4;u(9~~$*qvxM$=aUowf43|;AFVIzu|S;7$LbVp;7aSeYy|tK0=80y`#Tx)$)#s
zgS0($JY(}!?ZlLaw+Ku%%3hAw4$>*!6DORZi>*s}uQ{|0U)4Z+Z5K_QJZ-c*X~CTi
z0<r3>RFiuhow3u|UKr4RH!<sHUP`y@Sge@JFj16|^K1(z$s~tS55;&F#hCT7p{g`b
z8NXAMHtqrTFozL=sWl5$H4&TaL42pc5KfHlwV_o%az{kKww}rUP8#Hng{7>!;r4P?
zKCk<RgU2017(9_xj&adkL3pbYdEGs`LKM9Vx}6DkiMZa^{iQ&QTqZwq@rKx=S3I7U
z%wr)9+>j8fjSnJnh+UcpO~wn-bsluFLgJ-k$x*Iu4wl3^c1BNAR=DoTbU|+}oXeHI
zs&iwqE)ecbdUb4}`4+{ac+GpEUia;aI4W1ecbewbo`3FXByrd5O?2ytqoRhaIluvE
zyMs=#d>x2@z0<r`1}k5&j<Ax>tt`aWxY0-%<iK@~@N!f|BI}%1?U)XmZKqS@dL<RN
zP!?pKHmp6<Az%rDY|tyuuXB)Nf?6O9H@u#!at9&)=z{`ITEB%L_Q<fO?y&~QQ?<md
zaJmd)g0({bUt)~kbF$X==|XRVDP?y!fj|1Fo~6+^11(3dl`XrSaJw*RTOl5yqsB=(
z+_Ua>S}%Q%#E!}hAzPCkjaX`Ja#$=dCu#WPhBZF1J05iGpOXuGjtruwc&Vt52_Yae
zWWzZSU|rXK6E!EDc!vat^KPK8av&!G&invJT}nE6H6e$bLOJtW^ArSfgMTxAbds7y
zKu$Q>x(>vX1<xgoESsG_?6ZMmhpkWP(h0YA&2!1i7Yov{FWe~Rbdr*yvh^@?`a!}Z
zNRHcRoDMmyIN_pv_}z<3q>;|#6!#(fyY_V}K{A@{vTc*jM}`-9jo10@;O%mJ4N`9H
zbA~O?i|$_r5>O>KJNE>DwB)POdk#pCyv;wgJJAqI&L9;Q%N^+u?yAe=4m;>}<L!Gz
zuXgt*Ob?k^1JpemU;-<G?$;fOd@Dh4U)wkIzS=65vFTiHm|e|XXoIbOd9P1)1ATl_
zgGRTXqw90g`xmk8FE{SJ$@u`=emNccv^UL`aRMZu1qQ)K7P=31<?)9ZALX%6&s(!U
z<q#uC+_ZXZa7oG6_~>p+i>0)lX5%2A%`ojSmo)OVw|(7%i1u+}siI3yM%#;YNAtVZ
zW$S|DknUpo#(SQ?#6a??8>R>3W}a2_@+9&nr{4|KW!k>Y+wm!n`osccZ92Pit)m*b
zZVbq&wXRGw;#9CKxny2=I=_(53+XBDddx1r1>}n!TJ~hu`Heo8RZm%#9GBv#T4HKE
z0kTC6@7u4cOg0Gu!&gu<jsf}8*7aE#wp|0~)+Vu&B4tnoG7Y$6i^Q{D^u^=fhPea_
zXl6CD6<6dlOpFhi{Kg|)wD7ljQ~3CYa<O}rE6O>;N*wgWPp&u3Zvo%EI|t{wg;)eT
z$y3CyfU3F6Ol&Ky>b<5uwib4J1D-JjBwm))p63H!5JSqwzHvH(_9^A^BWG1ES|);D
zVHM>AQtmPX&vvo<tY0W{-~nfR6xx4y6eI`-fz<Nlj%S4eg+Bx-PNbiFUaqaU3QWIs
zoQ5Xxi76fDuwX3iPQ=>eI&!w^mAB}I91j68kVL(I{Ger@Q<RNv)8*GE1!Jt^@+&+i
z^etcZUfVw&g7(pd6eWOx3TerAOWsGHJFsraIXw7y?^5_^(Uuc;S8H3+iN&q&@886j
zb7A3C9@?bU5@N$|&h2y@CMR{KC+<zqe~_Uv=uaatF!VAoN%JJW&A%;FbiYF$BX|1Q
zlgOn$*O?tuy8~tF@paA(fgD=0YdeT_4s_*jN$*S?+ZUjoED&7iz%@BgWm2dxR2zKH
zF$3h6Bj4Q9bZmdjcnNL{ATNh*esXsr8_W1);r0y&2r$24@bRjCtg9S~rK+ydudm)n
zx0}PX!zk}4;}y90Ucs!f_s=bLM?u2xNv-J3*Pi_rC``x9f5zVNX~T1nH+mW1iZz%X
zrRwV#_8nY4*i+B-9Q}{fUS+}A-&-zW@w<?dey-=ZwOvL3x--%Yt6iJfbwlr(<a#FE
zul85hzj?@ajTHM6J-UFxV@zyu`7!6n8P{V6?`WXNDUcQX7s3{L=Y}CYMhCeTGcj-2
zODMPZ%xHZYT$m?xU6|d0j~2eCw>mXmXhj5T#SvCsS??@Y;sds;B1>tRm?2{B109H%
zq-)B?9YZg-wIv8wkyj4*4QE^2K#1$*?FwCgZe8DSc#3UR($fpU1?;p{OP0&nN9|O@
zm^TTi<eXR0WXRg?-HS;d=}0&rXJ@Z;w?4aZ7d_(q!VSNBM>a`p)77%R&&*A#t;N23
zv6gs!x9Aq1-B-3poIee6^9hNmB@cgRU$2vDsj1s@3y^B71$>;a-(#5mMYj78Z|v|8
z-1@~Dj9O7xWLIrQIZp46#m?ZB`C$+BKxXS$U}W?#dR-D{@dc^pSt2I_TUzv!4|*KW
z!?|xDrrB@^>x%5V`{Y&nsx2-MkT3t9cd)NJM8wyrKcAatvQt&K=Oj)3HFsPi3M5*q
z7adyI!2Hlz^h0~OVCOBoz6ke59U8DO;O1}uw6GxTv?CiMkD^t}mBvSYk$e0Pw<~XT
zY=@ipj*eeT^H(1l)>t;YaDyHpcepjO6~SwqXRt`yw5K+MoG9<`a;IQ~40{e(yV2@Y
zn%G%ntigiQmuZY#+2ApBKv#VbWZ0`++ZA#LZd-A4Z{?b{826;7Z<@o{Ou9?%!{6Io
z$+Eew8-JR839>hfs8z{A^cbqMs^5v<?s(f{^hj!+ZEI0PD~`pLWkLOh+k1YKDR5BC
zzq&KH4`iaRj3miCuLRWb_PKbjB+4*ra$;0-+%oxIsp2HB39jE)82y`3x8Ghb&aj>b
zD_6)THkR<<>bDRxgB>?}j9@v20uY{p4lS-A6PYyHn@e7d5FWP5h%UB)C(Fj`-6g-G
zbv|5eJr{1cCz|Ckc@8}=OD;-C&N*Cv<5D`dbYPphh!0=a&=6Srpld9EKk#btSTPQ)
zh~RjU>HI+BI$m&lPWUm`y@wl_bvEX{e<s|@6!9>MTiQhI16Vb283^d@l8WSf|7%f~
zbKM3ywi`E~pNq=D7xDUD_SU9tEsnH;9~y5447`TqE8K;<CZ`G?HD4_)V?1)7i4V7g
zoEJUJj(l;^XZZJI)!e}v+d$KJhx>;$8{B)d<6a)iz10;woWvU@!*bBB2-;lEcBe5o
zOiw1~iNA36;hwb+#4}DH6Kl?&Huscmc(JSBv+96z<Acs5n9@<1*O=C#JkayuL!l32
z*HtVfWjgmt_ZLKx8azjf&nxU*r0K0K;|j}HT_kh$>?W}~=d^uvim!XcxgP=sJ{pi4
z2ADo<r8LqyXY$pd^=Fp&l=6k_xwb3c@~m3v+YSYTE|JFKy{Nc*kctzEZznFh);(})
zExsWFtGS}aMqD8*+PCP*VU3i=xSgKEeK%+f#xstV;`+e4n4>pn65l`cOh5btzHw9f
z($WyO1V#>$#^U9&4i}B0ttvteWFEN$vY-k6<KDFN8YY~noSTe2EH<-ava@p}^7mrm
zHbD!ex%yLFiI%}}*IKpc0tUz#{^TVnN{X+GAMp1LuV}cM<=C_xEW25&PM9PwdU?td
zOMpsOhwTH|`VJcVn-^ULlJG3n*#G&}^+AX6TYY*bN98Sx!g=XT99MAF+-8a&8G4x!
zaWyIa_(EJ9Mu*_oVpzPIwzX)FF|mI$k3l<$UK3gurx_{2u3c8dw{AlD(vuKDVZ{co
zs|{Y0b<G{4Z3H65-y;c+@hu&Bd+6k*!8}gB)~a&nMh1BA_2E!mxYj*1&J~u&<(U&A
z`(kxYV@RY`_@?H8&}VMB0qXF9GM+1Su3Y<MN+#UR#zY59gqj<G1VVBgGfo>S&1<vD
z+SyjFI9wBxth*x2n5Hq<FdGVP&Uu_4kbkOr7vEq4AJ}ayP_q6;!1Kq&n_Ly-#ef$q
z99DwmkQ!wGt1T>ETBje4m3OvJH9M_XqjAjU<<+O`mm`u*+MxQLo|#9wi_CEeY1U<Q
zzKa0D!;MqoUDDg*A~ie}F|E~LH3|y-5MZgotLwWTjXi>n8;l>lMcD6UewtSoMGB8>
zGRBsv#%Z(Q>d!-by@gac$K8r7C-?1md^T(C)#c6m6)I|XdZ&~G_Hzhosl2&o7kE}g
z2j5G7Z|mATL6pd7`jPG$5g$dcpe5L?kjo~nqO2|Jh5<&97GBomoc{J@^u(pT6Ol+!
z;ad$RadH5AJLQx2w_eA`%eJtr#l&wktmxt}WmzQi1gaS0YK7A)RU6c(Xe`+5Z|U#S
zS_B(E!Sik`7neAO$FqYtLj+%`UUYBHXh~ugCSSpUW3{dw>2<@iQdWV!!XQ2rx;rB7
z(S?^_nH8*EuBfmrQs)+SUC&zbx}O^_9^nXBx6}lWQdO@F!)T5TlV<*Umm|5tjQK4#
zg<p_oHgvSOmI@u{e$1gQ`8GPTi5}x2)E7}uSUZmA#R+d8j(!-TmiB}pz0GIQ>Hu~9
z$z9mgx9<yhP?AD>5BF>^Wgaul&GnI~ujRRtj;#zD%WjTQnRqn*`{6-m*-d@jYzgb>
znIV%gM<W&A>2s}`cp|d@UeWo>A4>Cv6sx@aa=o~s!8*9`rEU{+u@7^=q*^*fYa1>X
z$znGj;FV75!tkF|I%Xq<1YrXi{0pt5T3EEz!{f|xmzlbo8^-Kf)P)U4G!sa23MG+i
zN4D>!`*6UNop1shC$(pT&Ux_z4_=*5YT=L;4s}f}m0?Z2DpuZ?o)?<ZVWR3MOiIok
zyl~^ZMRzbe!kvM1zz}HR`PUSTV`Mi$m=qme>N^SNBi@QJ74XY-YThq{hT?-x8z=>N
zcHX*Q#I~rj6s8uFa6}`Ld5DpttAA}^v;Ssw;|2O<mzJAK@z|e0)Uc|jLY@2qgZzO^
zLfp(U>=j)o(C6Cq(07sMz)3!@v9jh-iEM9SUY~pKExltg12HX=uW$?--?}tC%4WtL
zzAQku0WWwUK$r#7W7HT(h<2{GAsCL@gx`52kv5iME+s4t+yyK+c#HWy-ef4CndM<c
zsjZ7TIKu`r5bw_(VSsbr;|x2Q$)cZVX!dqbZde)ghz0?MIxlXy`>+<4^+j1dKVGvU
zMA$%UBMm&n%y^TO;HB^i*9GjR{Ogu&++k7PivV_4uf~Qm0S(VJnp(s0Z3{{hk{&#}
z8g?C+Qt8LG7M@<EX}mx<^BwCVgzrL^AQ~_643nLX?FtRH1?$d;(4Ah0%X#;^Tx=q9
z0x$qgWAR{pj_>&BP~`bV@jOlEgbYPa-JE(r({wJMHa+ZVdjaRp9w(samRnSq#BmTd
z!DZqTB*GQ6<=6FPY&-ATq;DhRuH1QDg~P?GQ7a2#$D@yed+*{WUfzG|t+np{;rf%U
zt2HOJ6$Z`=IX!uQSxd(Ljxkt?Sj}^(bu}H(GDz#r^Mh58SA~|pNH$R{3`7{eUvQKs
zzGA8N*8WhJf~PBea>H<E`5Nl3EQ|17Pp9}EvU!~m!@XYk@!gmsgkrfjd6TS2&Jnv#
z&TaAARd*+zNzS>quVbNuR4-Xwephxy*XsCoEm_)p#6x!Z%`~x|jv>*$Y_DDhdA}7M
z$5|F0nmBlxS8k7^4bw6jW?baOT2I5P;&-=>3iTwT^fZ(j7*8WA*5wR&N19bgobrAv
z;W2(AT|==!sQzWCRoT9x^yX1#Jq|^QjC4kL0`2X)Z?cE#d0Zt|HOkV)H8|vZ{vUgP
z`4;sTwvWOvf|MYQNJ>fwN;gO=-8F!SfOI2DBZ7dGh)8$0bPp|3(hbAVJ@nAe;(Pz@
zeLQ==+JC@)>w)XDX05BQbDh^nV9HCq9Y*~3IM)L1xJi7p)&2Ca4<ye`V{*F2zN<+&
zCwQ-IK4)08hE>(mihs)fTyJfjg?MHUWtNFmq<07ys!ec-O*fH>mMuePDf68=wwIq0
z9skuZTK&-($0yG}x16qJ9sVyv=98J)cc1h+Wga9Sm8$b*aR;g6;Gwo-g52FAJ<Q&&
z1t;xs{q4&w(@Y4wXHGwfFM3Zz7Zv|feAIV*=<(LAW#y}LFHeF^C@WY*Z24UjjP*@l
zJhuXPuu4s3=)C#hbypHE^=Jh}_g!9y*x0uaaVa-<orCx-G=0o{N3__G|5FHZq_@{q
zPHEKU$6BPZQMsksOoGc~tEd*qYu^2!()w$XeTt3i`k-93%{XbiDmwmf6oRMCUu(*T
zLExB;YuPm)@l3)u!O4RG!9!Aqkt8z*k<@CdvoI+@N#iApV){;6D!kfY-N;0NOy>YR
zAw>WkeDx1|Yr-0cQeJ37nWTiy_Gn%dVg$2Pqp2Q-!}S7)&$qsV<(|e)hO<O~WH(t%
zKSQa!Sf6q|vTH8H{8uIaBvxxkA(1zJr~7L0w7ZHj{#RY5B(hMGi{)o(?m-t#aqYl0
zr_CNX7q`}^<Z>tQo-=o$1~Gz@SaC+A)O2uGHkrfh^t$V6%JQ{>qhPC_D&IAM$jcX}
z5<u~%yPhEvv`{;hLo;+53Ns9_fy%45;ki0xzaE|xlJjLsKn?NrWKb48eowEmtgl9P
z#_II>@;0VO3G0pqMGxj&hjQMm^wVlOCrsa{9Pb=^QPM2wBO(yKnrAKwq~VYFEb!z9
z7HCt@pF~dVr!zhpe-((+`3&j0`u7WXNX|N?yzjoaxr&cEt^IR;D&Oy#(~|3$BQayC
zdrEPsd%9cfG*)7WmL*bT;#HL#>(hkbdC^H0AG)*^XF?V~{Bg#i>HO?3=2KiGto!l#
z$wg`8pg*C)_J@B&-?o_AKoN)JfzZUBTD_mnKP@&y3E8Kc*-gt4&l{tqht&<O$D!sa
zv=c|y5szL#?jE+9Q!_D9%Oqqmc3HfwYpB-ivak^+VP9xBIB7r08E|}8KH;$;!f8~w
z81riL?h`NE5pK}#ce0O@No!%Ibxu!gCQDQ9YpKwYu$7n5wJc$OKF@LYS$+%OdYMU;
zM%yGT>bZbOs*M{DHVUDESJCT1MRw?6b0~JMl=ZDOTC(_pBh`G*@OMOM&qFRE-d&04
zgsQfFjuDHg8%l}n>oiE5NnIvK74S>)D)^aQ=pGRlsYeJ058U)s=5286KL0RBU$ZZ~
zG8@$B!fnYpP2<5>diYQRF(&`NSb*hjA6cx6c9+zGQE~81maUr`Qt(ZUI?u{5MW;oB
zH_I$j>YIiAn-9Htntjg9`fu&k#yBo7Xq4xxGwP~(OdyN2dD*n%y90io*E)vwO>ub1
zF9muo^g5Q}p_PxnsL=YJ;41hoec|z)p1EeZ_3i#{Y+&keGyb7pMK(HFZb2LQB0td;
z!=Z6k-~pY)Ts^^f>@o&vd?cg0Pe@qbSp8FNAgvB#_7-i6?5svrRG&^nH<+$BE;OMt
z%Vf2%GOauUa!&m>j(jv0;b?OFf*6=Ju;kV^=Z6zpEpd7KtqnsupEz0<{Nf~_CVu7A
zijgmFV_w&+Wq#JY%N)f%bmbf=H&0|CMp}Agx{T_my)K)vBzY34eXa?*m5kO|6Q$-L
zrctkx-H8Oz4wP8*@oEb~)(1@Md$K1{dW&ZD%0CBJ7!_~lWNw-_3pn!(2-|2~4VOb^
zR`{~?zWgdY6;e`a{=xwC@N`BUD$+Mv)Xc`U`%wbgbnvQ%#JZr3GqmPMt}oW^xt2ms
zFep;m)P+#<&zVa%HlEgBsAV|nZu_0Cj=EO2v2Nh~y7Fm^5|qL5Zb63CN7@V$IyJES
z2L<u^R(#R`Yx5d^(t_r8YpHe`asG7Or*ggB6}TptVP4&FR_)2DoT$&Mt;1|7bQjw0
zH`%vqzr_0>-yBHy7k3-4$ml5RU-id>{0Mwzq$odout`Z&F+cSQnn)X=lVLOmS4wj^
z$d?Y4;}?K*9Q+tPu>3$ijO%^3`u6{Ab+6p-lt1~XssvVMEp|)cm$8aJU{;1h*?X(J
z_ZsjlGq^b^gr0oE2~+xT$*M8I#zi70;N7a)lQeH2%Yi%*eIH+3*#i#f;0LU>hmB1^
z?$c;$5{5*8Q&!2mc3L)?^72b<GFbDV7PMhfFtkS5IpKY~!fD!9&q~qo_n0l<9KXAt
z3V{GD)fvxQ2eTY&W>BLztYhR&M&c|+i^;KBPf>xeyz?eCxOZ31=7m@U&mkEh+rlr0
zzq$q5wAy9ABnwCW#mHOjN#2@u2{$@6jqkr<D!dTW!9b9sK4~M8x9_Vg1Zud}<VC=&
zR9jChwy7~sRxr@Ja!5#he4cWpm~Wn>lE%lB`70ifPs!wUcfsOSh38RBOJ6o;+izH0
zm4TgAF}W6&1APa!?*zxAz|sl7hTiwstReGmAxJL6)C*7ZAJsu;VnUpSj(<js2>;xi
z0Q)?r4JUPM<9z+j{z{#D?)T2W{WphYM0v|R=e&x8U+;eIw$q?S2K$6QW1R|ov{c{D
zB~pLwc;!Ev^1=RYYY7hGY+SMX6<}-q3_txW3zZojFLHDwMLMapeh#IlYfuBr)laZG
zR@Gtp9x4y)#OPPvTr3Uxg)$X}MXuuOj^LbS7Wbbfx>k--{B-3^*#Ti1)4=hzl5+wy
zZ8}s?@J=LH&O|hTay|=ijM8e4LiF)J?M^XaR;+?q?J>I2k0Th<3(*b^l*XpR`eb8N
zqI}8Xdrx9hJn<|wG7pi$<cmrj4OdHvzF4tdDNlhUL>j@1*!{)-#YBevSnoM9|M=k7
z`+!B@0-xV%3>X7bF^G}@u3q5;EL``%k9jJz7DlUI_|b9*7l&=S$?^!jin3v$310#_
zx}VN47x8~C@|)4Fcf~8XXvYj*GdP=r--r>)$gM5~U=)&JW!gO4b#2ujwuvJ{y>Kta
zlODdE-IMusJ8NRv+mDS%<^2xR3u=r3PrQ_x+PS|kEO$uW|CXaECB}h@*&-rIu|X4c
zMHe<Elag+yYz3<?{VD|?iQN_!Js|Isj-NN^Jj~<(%9FD_cc+@JKkJL~{zo;})kTZG
z6qCbdj-d7Bqi=~&#gAc7MF&sZ$(b>(z?Zv9(=TLtWa<CMQ+()U`@h}lnm|C=V%v%-
zqiT=Ep;dG;5pWH?FGi`dkQ(%T&d-b*B@sch6KsJF1L0Y3dz;LnBIMym2TZ0rZ8|>`
zOFn(^&b=>jL^qCLP3JB~QL+?bby;NoX=pX=vN-f1Wn0(*fq3Xo?ta7ObN>XXJozr=
z$12(6ySPB@7>QK+*Ta;&pv=f!=hrhD-r@ps60PYwe5Gq2Y@noFxc4b$KrYeqnBObJ
zpt^QcXd;_-6-KSdZ-t%D?$1k2G9HfL(RepMUxwh}zrmq!jKT2DkErlq-<4$qX5m+&
z?dL3ZuHA~L|04{;)E2B~^R1GlnShI-h&15YcNiVNRU=rsGUm^g(Z{o4PhS3>J11IN
z=ayP9`AHi(bLI&gDHF0I2c^8FK?`+%IG#y_x}d4rSE5OH3;_xx&i?A#GKfqfUuxCJ
zjtlFJc~x`8ENi@b8ZgAIcB}Bq152~nv@u)LD;b0wSO0$@hlqZY9P#GB{gQ##131(X
zUfsWV=?dlk-qsF|?!R&K9UCrq0$Np%_iE%<`}k4cBi<+7%Fjs!IDWWiU;d&x;i;k8
zl;px@AsR99>9m4ZHiF0S?WPxqYff75z6s{$c-WhWWt-*AwX#?FKXm2N(n%sPq&l#!
z@x{{eQxT$xFG$mP%lQ?YjG@9?>JAe|dx0=8nFI0Ld9?V}PeFuxYTdiIH;$yb^M7nP
z$ucWQN$VOathy|=nu&KlL^HHn4@kcpwa+9&k)9Sm>Jfk6fBkUsSoGJ$b^tl}z}~O8
zBV7=or3k(fzaV)-=3gT-F}vWFg#BqwnXgjs?E>j9Y_HJ@H6OE__({_E&DApf5*=vw
z>%r-xyNF)-40w%Gv8Q(i;dK;ZtNo-yFuOna)qG#pr>=igv6`0p_wkDh(KgqWyDTow
zISs=>97n7)cMw+FS)o#!N(TNjc`Zy&2hA&eS)BdnfX_i>?-7=X4m(G4Pw35<f(z)b
z#da7tCr}S2@Pr|FB-Gd!5X*U$&3B1JnF4cf<D0kha}-5iW|T=e>c`UZ>XcI-lE(L%
zr|dC;5dJJ3@ys`PtBnc-hogUn4jdXHEDOP(;+LSJ-0wWB?3F~tEU?5}1;?TwPmxGt
zTbNsqeP^`d24$JOc^5$eHdh__uKur}Dvtn_wU)h$&)?x>@|Cc@l?!!X8W(yWt2ifc
zjtoa+d4@;o<<jiBK`kHC*-AL$T`6NOuYIiep*NecO>CJdFwXM8{!iq|mpJb=)u{YB
zx5W2bm%ynnU}bQsH`V`-&$Esy$7m5(Efo!O%%l<eh&N#;0sm!BrnDxv?=QF{GEpyr
zt0bj^&a({BfLaFAl^8tbn%`CHN@~20eYy>9;!pQ8qz)O3_B{<Vq?ZY#PAv8j%#c%X
zh`Y`s8lVw+Kmw#`TjSN0s`^6)I3I9sqq5^^*qtEtqm-060iDt}QNZ?ztBSnFAbt(|
zPjYeG<3-M}!Jpne$Im502cD#ah3-qme~#&EU=0CT03pWRnJ5|CFc3<D-1h3h_-AY(
z71(B-+l)l*F*w8zeX{RDu(Ns5fgn|$z4OW?R)<;^TJe{;v82~kt&8J$dnLPphQ<&7
zLI@LSnFvL|FR*Fz_S{%m`V8O+PLcoLFZ=)Q?9Pt<zm>*<u)Z^jy-vK*8nctNd-=fa
zH&j236sQjWv(FIy6Nr@crT}Hi5=L@lpK=#SH-@yIgDxLatdxkKnf;;<cGlVsEXlRz
z^DWKP)8jkWsu~fNsh=^|+gVs4OV0%f>#IX<z9Uk^4seU?3qr%GcJf342CrUfb#qYs
zqJBkBQv{JEJ`JeMu4`@4c!A@CDK$f=4$X}ydY2D0!5o^~F78|g0w5{&x!f0W^kM<B
z-OQtob#EoD+XmA)PGh{y|F=lPPlUt;>Zd1G@-a+m>n@=_$!9uI{ej6qs7O!b{K`zy
z?m~cZC&fm2esiX&E~rIIYCNh4=P8%*E-fW1gi?<F8D@*Xp~V<~elOZxVi7CNK-4br
zZ<F`}_nsio#I5^t5tBKS_AVk^ym3~b%waGt!mxU2!)TgolDY6JJ~lA9Gx=-ZImg-C
zsc$9l*4Xi<#|G|s3pkkH`Lnx;0;0ijO7Mj#VTLAQ1E=DUm=s%c=T!Ju^i5-eeBi<}
zf8yUq<=@H@I*n53vIqIlYvEp%4n%(cr`Fk(D`8Kf4qcPYsjKqY+<;*aJAqD?Q=;>S
zUBiH~2yf?0U7Bnn^jdAq4RPPtEaB6G27iu_du8loj)Eel7;ixW_8?NlnR0YBJC>RO
z{<F^Qy$H@Wi$lP^n~uNi$|ZZNpxI=UhzDDMKH__l6&tdoyQ(&f`Do?W(y4ezx!u4`
zc~58fyMeXOYjOs<+wRslZZ=TP1qb&Q?CfMvVO!;jMrVLi-bE34v~f(*Q&^ugq!)Q7
ztJhf{D?vRzeZ1Fl{Y-SR1>{-EU#M=ohdw5c2hxymd+Tm}G`pB6cG%K==C6^`*F9S@
zND=S@{M6hzOdcr=F&X+*fK)nfnR&jFuq|rOvIX|5AJoZqR`$28?-?Xb{+SPAs_G!;
z!2mT7HapY%3!WTYyz3%rwF%&iHwF9}Pk~J|FPVtJHKW6pqYB<JVG-dP#&}D#vSb$~
zz(pA~`EbZ2!D{ha)F&OhwMW5fGgsSiEYV#33~0W|6UhlXVgK<Y0{IAs8%M9m{JEnw
zdyDEN0h{k4PfYGU7#P;)S;msGPYMkF2wUUagc=ZxpE%ZxrkrDLsw^amClusbZ|kHf
zY|T#!fpR3ee7bSWvmh&`RPsn_xjx#;qEYyW8YUh+Pz7=yoCjPUf?bPlm{`#rDsSsp
z7^&6(o0M<St~Xq6NRTQlg1C7dnf60}i?Yb7*pjxV7rhQ(kc5V>cc+>+Ir(h<+8KSt
zK*#~Si>FIipMDu<3dO?!?H&uU8rGvZkknM^pjX9kC+v;un=ljFLnpQyA4Bb<YVJx~
zu?_J<&NIKOFI7xQuf{o6`VI_=8Pa?P{IWHx);2wfoXCK770o>{m!;3T)2=KZ?aT;o
zN*{4+7p^CSD$w6M7QlyR)+A?ofjXA~n=t8V^TM>JEaiYniIP8uj~(faeMo5(o3WLA
z8Lse%U#5UQ>sP5TpnzICX!zU^T83!tJ5i=>_{}$-k1b?OM*sK;(Juk3NvGTRdG)!Y
zO(-D53iBHE+y4HhUa1D;ph>MK4OQ>{Wh|K1@ox0hpxQYi3s@k%K-l|PO6rs+bn=`T
zh@3>Y7$f3K(|W*`3nnrmyf;53{MnNw`6?ehTfv-Iw{tQG8bG2m-N~M|782S7lG~HK
zDtV(we1ih936jt1IozM)mb2_r9+Ta3d^9FYZvfPIIvXTy4O@JwOc0Q2WFL&29D&2-
zBLO${{{5ytH<98hg>L0bTl3cm2W7vOZ{M=}wQ9g!S5qrY3$#s0xi@CN_AOhT7WxAf
zqg`54muAp!X^k%>8sI+%tH)rrfOHp_8U<wwXfDYmz-QR6DCH^1)Ud=#6&6CC=L9=b
zs${*F^qyLv%+v0-5}5rhYxzdS+xN8no4tOGrD^1#Cp7<i;@o?x0>dcrJ`gj=f(WAD
zGP~}Zck{;A6+%TFD2tWHU<7e3tk#H3it0SsHSrU1fFj0DH?xwti@SK@+KQ3Ixy!S?
zfr{DVc8<nu@Z1Mn)%*t8G!rD@6^JVx&on}Txm?4{HmHyFpRc3l`xrib{8&XP2ev=c
zB-Fq!$^O{Yy%@VL*dH;%UmE>{A^HI0I}5TphI_e;S>-taL{$&7oP!CnsAOh^TLAF3
z>sDdWiP%h^!QazbfEtFX$X`luzB#<Q^=0uOJ)F0pnfbFWvEIjUMp(}AXV=h9kn0}!
z-+8x+kTh#aZ+4hUoxM#6w=Jc87{P8hUrUPc#v`I~Q0KA^`M&?CE5}Dygh%4;#=Ix$
z&UV0xDFxPyX*91zy8AFR55AD?G?RLG6Yhm1pCD%mdVQ@Y(ob_3!meO1WORlrBA1g~
z4eDi7Fo;z^2S7#NIbown<$9JmI;^hBHYq7mDGVs8gkU|irY=T`y%5rQVG`y9Njo`C
zh_vEg>*IBlNF;xyc-&BhA;Ql^t`aYz`=42^;zp9izc79)!ge20@U`zzzw$X7u%e>>
zDe9{4Pjp(wH>_OdKHPFb0YiE2K!pS?xC{nefR5#pW=}M)5|pB_TCRUm9iFS@cgNcv
zFdNx0L^}X6+FW}v%>mg|y1T3OySvKS$7JXmjrC8dQx1Z$KEplDu|4f544{jA1D-4V
zgwct(Jq5IHiKzsCrHTNFWjJWEWxebDp08iQP^euHXfs|2ux+@MLbFr3K#(Gm2E$T-
z>G$y1^tIH)0IoCV(t_cV1O&8&XdXeb#W}VqbIKIqFso-*4LU~vdqndmmQ^j&IP1oq
zSjZDe@3A)*3OLuy?s!GF%Ua6;10*S%CdSG3q(YW_L_fZi2tT+oM^Fu`e7zPE*7t72
zV^SYv42t6-RWU=x1o8Z!bE*)nVE!??uIeJpf=n_FlBV;q&iMntI0-qyrT7%x?82~%
z^(!Dvv=p5B{+0uY834BRR6SiPtT@y`ABdO<$k~(U+<qWNR2CG!J-b`o64-7g=?f?Z
zTHco+<6PxDGh7<irQI5BoU1Le!-U7EFNZWd5YuPP*iIIH0P>>W<oN>7frbR*Q#JSk
zm+*&66Dn`Hvc^an?{KQ>UBe88_xzUr!v>c1jvSxfl%tQ+LH}7Y?I?Q#T&s&z(FbXC
zB&NWPJ#enV0t5F&SsouMlOTejx2L;~UTv&?HzoRQbHB#2sM)FGsJzbhx&ZVii&DO)
z;VYURfg}okFE(qj!d!vEz$2RtcqEoEB|XzZXR5rqZ&VrEA|R7dD8!A%4p0m0o%wSH
zXzP~aO?{nHmfuA?jyD1_*E@J)r1+_RvL_-m-=LBOASRYRip3y!2-V9qYua8z4;4}c
z@9Bo;Jg{V1$KZ&yUOn5Ju2eus5X1P+uRt^B#rZ|;qOaG?>RL~jzB46<a7sKU#N=Dw
zy9$+4p}P}}dOqsIxVSgp7`sanVHJy}=e!BHP6XecY>n&JyD<OcGzg4U6~O^GAqktY
ze6z~Deo;<M=>4RF{OQ>j@BjWRM~IU_77NP;;=CLlY4uS<(!38tr@ziNdwo#*>fL3r
z25n3bBPr{$$i3iMf~3LU8g!}Yq;l_$2WK2N&#_$qFcejPsyJ1SQoKNY%cgoRH`%yI
z;Ku~+0z_ZolzwZAW<j!!P0g+ZM((lxv#A#cCgMecH2tq<H8{JKMz7bkl<yc->i`}K
zYE_KjnPm=Bnlw(u;r|25e(KR|J7Pe=@(e?O0{rWsrTqkunZI}}!g`M^LL~%i^>t6%
z2YOVY_eCXt>Z_3IIV>cNWi=K2%u=Zi&D@FfO(2ivHkFuMUE$!0YLWo>r>_a`^q1o5
zl<)Uxe<K3s*|tjHaGE)1Ihm;(aJzn^5+txncD~QmxWmKR=uyR;_eEB$+j-P>_Q`hC
zlpB>=+Hh*0N;R*Sj#LcfU+&ENrJT)!x&2O_M2EuCth)Y>FW9(7`RWkQjhrd5nn=?U
z`2vPMf)F;Wd3SgT5Y2v>H1Wa*WT78Q{-{}0N4|-dE8Z`2+9FOGYZg;2jRrVQVJbQw
zF-pnnDvYFBlxE1-NQhJ~v7FP4HUGb@OeKw0llk)C%CH{L#eMMxhBi6Ys|Q_kOCSR;
zI}@TpV;6LwxoS_>%C(&nawEe>fD!&bG0E$Pn@$SY>MIYa1RemZ;O^59NkS4S!1XzT
z@==lMlto@tfL@&RtccumC#1PP;Cw7?&Lw^<z!^TGkk``}v(rD!(R0=4%)K@^@BhMF
zFUxXZrmpdF-YoBCuW>)q^8oQ4;7{Zk{sz@ii(B#m{AebEC!$Qf%i^&pH|{7X6jq3}
zkIA<@70Z^PVT8G*Jdp`b2Q<Of6$b*Tp*_U$ZQVyv<DNSeUZvFqKM}s`gR7o98vDA^
zzxz0iBe#$K5tFiOKP&!YHQf*Bd6xh{t^ZG<$R=(4sHJiTg=texopOA7rCA<g<bF1v
zI1@9(l<Ius*rpe)vi{&FnP`K@?pEP+U5=pw{f~Fuh1DM&Pm{}@?{wuocd)yscdppo
zsg~Zsf8;b<GT)KA?PP8WaC-j$!WV`0trDw?8Gvvb+_#6X_XflIgv!_iQ}<5l+_Kb?
z%h?<P=xnPA>{nddeYP0MAyAqoL>LEDhjp<aPCQ(p*qQR170=sozoUhF&3ird5ohob
zrO1e`W|5vQj9l+JT+>0WuL>8Z53O@f<Of1%KRsRL1vM2%4?Sq^m5cH(bd#vQpa2!;
z9-!u)J0JSwC7Nk?X}NP3>w*917|BsGt`6I;igudeC=MJ4jl#UffvusLrXGDeuaBZl
z{0$i{dnEFr?lin-waf0VFAkb<%px`xTP61Zy6s2a2pgAA(mZGZh9|uHRtz*^btNiB
zGhk>l_Y-5<LS({KIM+Dip@qKB#qmpkTUF1L4b@IE@BUx}<W^lD(-yw+OuzEn-@Kpw
zXMgxYiBh_CgtWXYH6S6S;A<pY^!BMRH_vDMK$P!y3do+#ZS=E#<!V*i=-hEjv+<ia
z1JJ-G=C95+viMg)DcKpI0ivpnsW>h#(IOVYJ*;s=8}P!s8~#H}wRb8^M77g`rwsR2
z{|8Ks<$NW|LP4=VMU-NW)UN|ykZBQy5t(17Ob>OZp+M*Ev4Fy%-Y#>H#ZZM`1yg_W
zYRwx^h01}}%A@DN5%Q=?>2D-|Rmz)x?saN+#09y{WARROLBd}m7j<J{9}=4yFDe<C
z>WBa?dr<*&w&yLplP8{XEo0=5lE}mQoD-hsv+YfhLDC+4Z;pxDM6&@9mGL&vPw&8|
zI^V#o)!lYF#H|NND5oLuvtJ_XONkgQv19X-@ib2=>}Lg#_=$6bX@7I;`g6<blvm?^
zp(>iG<3sb35{d4PKzCblO<v-btYa*FGQWTcMqw%rm|AnWTBs67IlNT6bF{qm6Wx&T
zHsI}}Fj}<KN6YC%r32O6Kb`Jao2bTvg~1uEp2YXxE!(@2++T6GELBo*gtzK!$<0VO
znj^9<5kQ%_8{3_L59VMYdxIg!Ia8l8@;Za6c|BRhBM3ubdpHX#_#xfi9PGt$Hdrxg
z>G!KXt-FFnO}TudDx8(L0u&R!J6xRX-bXjnPztf3IryXxku(WRaP}3!!RgAu@U@gR
zUIE2HM&8%8j9?EAg}BH&z$aiERzT5D$+x(<{@8I(^-scR8Lf2Hf?h0kzQ<g&R?9Q>
z+hk%&&MgAv$@~k~F#mXv`UN{|vx0Ow7nI5Mu;<q>rehyN5;&3br15~puD)enq%i(V
z5Mrc6FK6e_1yuFUn325Wm5F+?5C_1$oIhc9c3<p?Fp9I|d`t5U!VwmE4Kv6IkZ||^
z{l$OJ)nC{)V6NW(@Jql%&pp9Z#O3X9Uw{?Gc`5Ua-<Ni&$x(mu9{Hx0^0yqw{wNqC
zLh42gR!<giIfQ|`)=N9uN<n+%E=r$Va&x+JKD5B0idHI0iTX(L&w4G!!(9~rsRr7k
za{9V~G!xvFzTL``qH5T}XPC9Zy@$y-)OwtUVp(DgDM3NN_toQsDsh|&DGz%~m1Oz6
za8cIi%0cj~2!@Y3Q?Bai&rs8XGNx8FK_i60zKKzW<TXqMvbY&1F4&dBp^IEJMi;vg
zS8vW%n~O5V8RNuk`t-6Uy6!|9UgQq@t^&g!N5?f+Qa9DY7plR2?m}5^LHGQGINkH+
z-z2Nt1v4Fby$gEn1e&fLdiM=3)RoxjjB?uC<pHj{z)jL}Q04gVJQcF^w?y#KR{ywJ
z|MkcBm=7;8d{chIgjXx=MT;J&(?5Lvfd)2-FIJ144}I{4&aQ@le(8U)0D7s|51`n}
zMwo6Tn<SUqS1Y2H%C0@;&r>i!KK2Td=3H(j_}q-ysa*p$wHBt-W$|a97G(Vg+`{p0
zkHF9F75hd>jB+>(zO?Us7qBmX;jzs7gyRd16|6YlRc9yv3Wj8caU1#H0KSDIZw}NV
zbje8EQIKrvHw9{k2fl0S!+|3GXBCeXe1qL|f`{~Qg=Z6Iyl|YmSCtH@DtvHUwl3;0
zS0<q`80T%fdbr&ea8>VmN-{VR%HcXw`R3lgbG&p{{4^g@)MVO&ISr0Fd#s1|P8RPy
z{)v_9nC#QPsukc9;@?Yg?(kaTl4`2q;d^7|%ln-f;eY$U8?c~AkJypA2j4y~9C-^S
zYH^>4J8MGOxjsX8iBYF55GK&r8quIs1ovq=E<)U-IpqXVul7WeSu4F$hr5#b{F8pu
z?g&HuZ23Wkd)4z8&FaT}+N=90SE}c$Zx;(a^F216|63z@v&)r!{zB@=JiwLxUHC`a
zejJJm-TrCZ^^=?taDj$xesu)uNADL0x>pth+VBIyzJPbmhlQ|{@ycf$dO}9oA;c)3
z^?P*JILW?zP6r1t%sBt=n8d^<n@k{&!insY3K(L2rJR-InZa$*PmBWBl(SeHLxC6x
z<z56CUs54t$~e>sl6;})cc*!(qi$MIL)S{Gw8%0zoe&1!FSO@67M<q`nFOS$4)S}9
z@eoHo%$8eLQLHp8zz3YsAf-eljPkR?qP->1M@H@UN)<q0StkJ(tAXoqQx`Ghn_Xnh
z#X5YHb`NjEiTGbLdAXe{lKQH*#9NJEN*d>C_tHNj++Xbma!PZ&O9|HsP-PYMv1R~5
zHX5r3y-#@3I=re?mg?$*<%D^=SLTB24K!?I)4v~ib7!MIX}{HzdRM2$FP?<KV*qbt
z<I>_nTEnJE{Qq|O6!6<Y&GLjS@c=slJA>Y2D|DFzWo&bCc$Uy3;eh$CmCH%P!b@*P
zvN2%O?;iKficyYLqI%SAC!XHI(Tx?BAj;*NQ;i`cEy+K@h0p8R^IS^x64_IhS(YBO
zlE}WAl9wMBBVGvwIMOt4`|lTY9Z90wdR(NwMfQe#9_YIRRZ9bO@S3|w`O85*f$iQz
zgr@T*{4AQH0r1EK#`E{2W6UujQ%Z5^pAf+hsU+`_J3=H{FrFF{KB}gEbcFYO2f7$M
z0)sB@UItK>1XQ%H^nYBe!g~LrOHVFDno0X|$<(y)<t0hL;~Z~=lSHh36xFX$a?dxV
zj{Sh_1yKIs2UoND3u5f%p|9&;q>6}w<R|I#?LO_BPU5tb`0Lt()8;rBeBYm95cBa5
z*JCQC|8#ryBvR7gsI`7Af~#mF*^tNUsNpuEwpvggga8<DH>k)3=6dGfe;#5YgUp-4
z*ueTt*qv7hoKtbOHpacvb7{n~WI)LJr9ig;CstGAh+bG!(V{Lpn%?Gm=~>RI)0gDi
z{X4+y^wH#{06LG)>YA2}>8jr@nuzySpLy#Rlj&w}?axcynQM+Sl-{tJBPeIQke>dV
zM0~5#S~YLjWyP*p&Mp!c22o-EV$!xg`oQ70aVuWk1ylOFmx}{9j+PSdS7(3hyisBe
z0B-v`?4d`NEzX_n@W3y7K#vKzJ)mO@kZtpPRE>~!6@k8=V?=-61*C}-W+>E9rQr~v
z_`)sNdpOT@LWEP?k+zpEqt~|1@$4H#pVc&o^s&->%K6sL<GlG19rnLhD@eDvpB?0k
zJU>ZyFi5}L6t>;RLOh=C)cY*)qhta<L}z@xCjzFDc5c^D@d-)oeH$j6;eyoL#|XZ{
z_C9+Eqr%L^Jy`qf-b>?PLXINHa?5V~(QQ#@qZy_Inrz39<6*TF7r^icZRS5<g0lqd
ze<?&`BO|8tyw2VJG4cw|!9~&(m{v;Re1E2-u3sz<6nW<XGN#o3kC>p1d<CIXEG(+)
z#%aBdjq91{ZnsstE;1#kKhDYF0&n~mLTj`2FTZMJ61q=LY_!wkTEvKTCi*oSm-+pj
z)w*w#iG6C{jNpx%8llGMOD<`DnwaiRY9B;IiUDcawtOTZ2fw31YYst{Lg{+v&4aO`
zlD}a1=6=#W3cItAi~qF*iRR1hY0A?7=QuAJUWK#TvNh!Ln(2c8kOjp(Mg6}5b*0>_
zOv1}8h~u4yS)YW^<Uobi`;Jymx)BqHDdAkXMO41uJ#~S~_puvC0sugxb>{!W%V=?Y
zaX3zO6?mm6)H4za;5Vx3%C{hw+}!VgQ7Xc*4mJgkTDyKkNp>O9$j!GWo+YfG@TClE
zD8xw(jM^YZbf4X&ZFN>lECFRUG=^;7E(29#2}WKiKII~dw<gwgPAd4niV2Mc?Edp{
zU!6=mZT`5ToQH?%;3KC(C&l-L3WJW^(~UonWrw~rs<rDJS{&#oX4{7!8|EPvXg_pY
z)F)y1LP>C3ekUPDc!nIjZ7>%%i`tB@@2(&*`R)p~hS(q`kxF@w8cNcDtsWH)J3#x*
zK`$Ng(z(@aoA#>AtJSmrU;Qik=PvIhe~1^pfig(O0-KJ|gh=9`$H>cg8h|a2Zb+Z}
zDlh>ZEB9)Q8^2Tw!$Cam=HLYxd5gj_UI&wVUT)I0vyNfH#y$V}vftclC2%Wf{@O3~
z|KdUfPi58%FORzgPMkrIt}-ryFlh5DUqsU`aVK~zP%otAlj3}ocsZ?rvLDua^l!iI
z*V-Bo(c{0V|J~jT<5Ws7&Hoc)cHe&s>ujQqPuN<%b3d?7M&vAX0bM+ewjkL{P?#_9
zS${8`_s}i!Cdm1PK}s(~l7${eqSwK@rV-%+QluxZ>5S>y$O|stk)S>-o47SOaIv%q
zK0*9*_^OtN>D&1#502Jlft%iFr`VO#M~#RUCPv)`yfcJ_@B3^L>bl2rLX1m=C@L+L
zBdmo4v9WK*cR~HAhcC)axVJQV<ML03Q0)ON^iyxeCJ+C#bu8@1L%pTGY0Lw~#T%j_
zCmHX;Fx8qQ(s&~7=_+wh_^c_#v-P|?6&>^)+^=tB0c79^GDI4%&*uYTyjzw2=qEA^
zs&SWQ!BLOGoXx3Z#dNW<DFO&4`#bDwJ!-2RyYV55)(v;i-$F@NY)^5nls6mQ692ij
zAn>BRTZywm;1wKeeLJ`An=bqaWfd&(dA`xF%{*#CaR)PdAyz(pNJdFLU!8w${@TIF
z+%glU2c2<gCV0&N+8)GatRDd%?XABprev>Ps!WGP*c~>3ksCYgsw<oVF=NY~Vb<~c
zZ|{evmfxrGUA@--uX@34<p*ZCpw7IP#UHUDbDkdt2RcEoFEr2JaYiV1NXB53X;{X|
z1|#DhXpl0<-Lp>5mw1)iACu80Hgvl_?_S@!eb#uE>~$(^wd*?Jo0{r$Htn_hq3kUA
zY^U;chMzOsYwFKSI3D+xc$34fqL!d|lP9~5l98Aad3H3v1NX~#&xgI#F<SQG#8sP=
zEiols@Y~(j29snYZ=1qS_e6I>!e6Bk5dMi3rP3+T40UL%j>#!c-Y6Bq_Fl5sisf!{
zlfu0pkIPM|9EimtM2@1JdS8!6g!-9*t1L%^T2sy;@lE7?U7<|@c}a?DC?B4VL~61o
zwmB+!S_6V6*sWD5lWY%lUPKMwQ;6wr_g|ZSZ>znqod}8BmCn}m3<XHgmvV%U*7V`7
ze{tdOn58jVgjK0z1Inm;RGYqi8^DotUuN7rQ1Jg8{V(D>Qd2N<By|!SBPQO&d_%`C
z60>FRksRy24-E9OaM70wt+t<k2bNL2RBa*+DD(2@7&amN5`^TTZlPMyxE~Y$GKHH6
zb=zM|2a)VsbJsoy^?JX|%RSs;>nOHvo)avgAgs%!b!(ELRD|d4=v72eRU}8%a5&iT
zV{c01<Z`okdgIM_(R-zy^$oYvWNk|+ioearN*B)Ef^IC!UD_2LDL<BwPYhr9av8g=
zJs?XG3OpRR^&d$QdwE$_sMK1s|1z)AQqO+X2t`Ep(Tmf#X`Nd{Ggs_-=Egwe(<{oq
z4ZhXCt@Ms2s+v!h|91DKUQ3SeH?(AZ<!bojnu;L@SE?ZxGFA|I7m0@T<Vn-JJ*Ky*
z>vu<y`gubm<bN(aw*)SeER*f%m5+Drd^x|Kd-dBSiYP@`rnP!AALFEr{WkOZw$Nwq
zOeU^qbjc-dteVwzJ;(SNZMxmIuI7!J)o`h0$$PJ)NM}snrA?Cjsq7fH^qFxt9@Ce9
z&(1@tYWD`J3TCDL)_7n7uAY}7y4e`JtrsHf&mBcl{>FvqMy9?rsIe1bMShq&^3y&z
zXneXH;8XRfQ(GjaEM0*s>332(w)Z@TSF$G?2dYKA1EngAjkA<<;J|e6-#013j|G$r
z0t3S2C_8y+*<2j&H+t3M16Aw6vl~OfA2jzI$^Y%E?B~6Xs!o?7D@&K8;!~=4OB>FQ
zaWnkg;{9$P$<z5^MmLMT?f0f7pQ<V@;dPMK!>oa)9XHL#quFX3cHQBdhkFk>%x*_l
z&b7VUo&MhTURHVhkv$>SaQpj+oo5$+208a!B!OdJ*lRFXNlk9SORJd_z6vX2fGl#a
z?4E50rJZ`kawscE1qBK6K5aU_zn*@~(8OoOA_u?a)$<M7NZ;;DvnkRYj`~rO-fpQI
z^-Dfp@&s+SA*;mDtOxfdt(H&E>_v<VkKYrKB#CCjHc8zbV(`(TA3g&v?APt1$FnkO
zBm1?BvAM9@^OI@q=JV>UB3Q#smQF0;$rnr2%<9iQS_jTDY_k_SRd#E{WG=DWe&Gdn
zX{^|0FNwTPZ;J?4ubgpqn@{Cu=IqnU7HCNWxTi(D-5EENpFpUCf{@=c%)h>BVW4k1
zCi68)5hX_@|Aq(|gd&yTj0+M+gNxb^d<IvQtb3ZHG>2<VvQ*SsrF!tlRrv4Uu1`v)
zlY9xw{o2-3%;;t%Gn7$SqWHkKN)RshcKmCBTbH=tNQ-T0Uc?ZAh9t$u57cBSVu=%H
zUMe_O;kQ$-`tp1;eEV8H2^-(^%Tygj)>M_P;j`^%RGi&5F-;wcM8th&K=MmxCL%if
z{!Aq!wFD(bX#FsRuyN*};&8h&vhRM305Y=4A8c~6t`Fai)Ntc*VuiGG2biv;+-kOP
zuN6cmeAcm1?{03?5xY*zh}EH%&_!0De>lUhP5HbAi{sx^&h38<Py1u~wMHDplq2a8
z6c*(dr)o7QZENCVRI+9syGw_^&-6Mi^^hxB$%=bW)&{dx&R#_S;I*NkQ?U)nB-y9i
zXJkLMt|IiF&T>oMHV3A0(X3vW5ykD!zUn%m%Rl6{7~14C*mOECv?25BIO?$Wi?B^m
zPRg>CgXa;@v6_ewp+KJj2Mm=91v9~v0p~&<qiIZdvqHL507Sdd!yfd*$oSv?gZ)H*
zNeZl_5f^=&v9y%uCUJRxB3Z!gP!Nh4`J_n+e_zIG)GA$N-ZYcvy78Y}o>~FfvGQ!K
zVPsp+^VgBSFYUvOPiEZ6_F{F(Q(o`xr+;g_O(%2o$>rJk;a6DlH~MJw2j-SYRmEwJ
zVBA;k(}}0-R|}rZD{5=~B|GQM2hBD^QaK(28~O)I)+a@dMe*p8uYn(Vw_W$oOT=SG
z5j+Hb=Ds=d#i98`mt8aaD;*b$kBHQp^}!TA!2JK1=N&e9?HvwEX%6-L1Q1hCwx+6`
z^7}fZCXe|H2$bD9k-`?+&z&(%ElNHXmdt2}>tAr}wFIbI3>9>GFg>%dBToUMR)9L&
z;1rp9XY{TcqhSN}!tlibNrRi>5Fe(5?skPu6k!s{Ij(xk7gy_{liGi4T-Q2RKIf(O
z8=f)5Rr`evuXob=W21DRgb%Kru$c&PQ4U8P`Ux22tj+n1?h?#BKUV@0=U%qsjIiM0
zKoOn+3WQ8RXuz^h?ZV7~0jkAZe^bR9En<f59IRGDH1a!HPSqpErZEU(pFB05w`vxT
z2Ha|@Hl(n+!N6kZd^dnq`+mx(!S4d6gs&h`KuMh#R<)dcC4GTHL7a*`*)B@#S*5Yn
zn#54p*K88jOski60)QMCn$sa$>eacI1uv2wuI>5P)p(oTVZrflf<S!peJ>a@)uvD^
z!E>0;muSA2$4g;#I7cH3_agW>LSwkf+U^1>ps$K_OI|l{*GIEL;@EXE0qcbk?j%ko
zY+Z<>T`95>QKHhW<alseC<q)N{jT2ENIepoG2cK2B(qV^$A{pdnpXi}Ef}k@pG|MD
zf8TQghX0L#*@N%F97dcMaC+pI`1Zb_$jAP;?R{v<Z`oy>?(Pq>yn#4oMmr29INEl1
zkXb{a@i7$!t5yY?IU9LtzTba&&8xPhi+A4W7U@RR*iC=`_m}`8nGqwvfz53XVHp>H
zNx#!{jPZ_6#F-Q6-t$zX4OZw+7_g6FVKNy8Q}dA!Iv6R14gGvZl_Ku-Gd?Sne}>TC
zkygT6$jl3b8(>SLTx8zT^!-i8I4+ZoKsz3Gf|#eFtbXL>f3hmHPul<(8BKlU0Lh0?
ziBWANyKb=}7%!I#p7GCA&^gT2#iaV2PG<|C?a$Um9j^4sfObw6pnVaoVV=G(afOs2
zyAMWBik#%EfO$^YU>=z!=*^C=tx*fRsOKstJOxbx?Mzvmt>LVY*X{*bznGYU;y-=F
zX>A1K7B>;$+`288CV&O*$JSUumdGbC)~!IV%%tkWzDc5h{bPRX5!sMF=6U&>t8;6>
z(x45_2yX^Pn*nBA7R8T)NB+^E{rl5RG6wHU`~>~jfRb%<qF!GGZ2d=xj4pD(RVt4h
zOAfwmGQHfXB&mx8BgAAtH!@ek=i*<-L&@T|Efvlmz{}$x3T)O@@WeeGG*m^|0{kwH
ztuMgP#sWY(@Oq_A19@`qhO|sd5iJUg@q1}+>AO?WLu%sKd@>;%@Gu6vLFKvt<RqIl
zvkqEQWE{Hv6}>Dt-b*>Y0S{Y^TD*l*#6Es!QA<?@Z}_!Z;=sg7*OYm;QI)X_8LSD2
z<XcXGh&wit8H^Sr&%rZ!L2i<>_m=oQkhIZqIk;;gzM~ycz&`$<$ft_GYBU@u5*B53
zjuHLls2^Yim?qeKT(o|p$20MZjjSs39)fC{YjCQC(95U!pY=B#Th8T6s?6hv0%?op
zQGVdv`9^0b$?L03PW^KK=r4%=1l}ONK=8~^$FI8(rNrI*L%OOMTK^pk0DU;q;BFg6
z=3Tti5e#M>KCSpHk?MW;%6+%(GgjPGTLK#RNA1?7{ik3sou&u;ODUK*XafaQ99f{_
zVML4~G<*ukZE^we1a$g~_D}t`5ZF+PXzfMw`{B&L0xQ2i7`AgFQ{Jw3pO_r-9KNMI
z5dF3eCQdRVPXHfL6bBN_mwQ<|=Yl7G{7<Hkc0?2*hvwJQ2kA!Vdi(I<jSpyI9|MW&
zyvE-Jy;)V~hxXcFjN!BUvL*uMfl+08`Y-N3Ja9)pi`e-76V`K$6>^+0R-~uaj0P{#
zZz2wlLh`s*$-<2qNxs5vu~>12E7qRR*<juUk&#EKIWlm`lQFH=z&0&-QPgqj)>Q;X
z>ev?VmFZVVhvEe-tPCW@(=*XuQE)-?+pz&kLmEIQGN~M!G^+V6`yX9^E8x;^OA~g@
zy?E=da{v@-#3J5UzS3$a7fjG(`GQY4KzK3yM1+tSI{-}K)BEu!cq$my-G@bR5hzYb
zi>d`LmBSVQJ;(`hV4&|CL4p`*Y+@5GB+pv~#q>SEev}#XKs7Z2+Z&taD?yX`UDM_V
zvl4kvEm|xPBTa5@EfSRHM_D0NAak+g0IPt(-)>F#)?>GNlAQ~V_p)ixNkl;UAK*ty
zZ&7_>hwmW<_=WzGBM&8S&mTVNdvMhXW{}!^_5=(!L(_?gFooQw-U%=zVIem#vGZvX
zXq&P(xp`wfIpGoX*wM#-hS`V%1XfEIt%!rDK&1fNo0mo$<THX7$)1#yNjkn;gs9!w
z+B^V8DHyMx3e@@d^=<JVi$BpXufK)t^A3q+AwEAr9-RHb6`>u(*7yhyz(U}9Hwn?x
zQgFbZ;y>n7FWNerbB$sSxZTW4E2MZxO3i!==zR*tRi<zQh(fjGuOwx8f-rG|lskg)
zH^HRG+8y}<oM*=oHD-bs5<xh+{0Hs+6x5xR+fRXN(kw?fFzz&cJ8fL<i5dm`Gh^Xw
zCZz}N?3$W*!=bf-iv?P&C(L-<Q%~WCj;+_Z7`{!5>Stie>$>g^7XIUG^83ila7ch8
zph#(03Z@!##uvM{$iU1WaQlZbN*&lKok!Gvt<rpQ?SK$#K;wx`wk)A_v#!7=_^?;7
z(`zQV5TPuIUt;)f9d(Ds6XBH{YK6c+N3jui=%xNEyEa@eFhtTC49{Hm4J_~RL(S2t
zDZ&G*bdi2wpl`Kw$aBi#EAy_0khPY}JtZ?~Lk`q%(m5^#S8*qrz*&Zb$zuj?M(l^u
zj|Tt5FzPe{q8;tP?!n;Bu^<dx9wPPtZUP{B`W2ni7^rrCVYfR)>=^6=40fo$Ze3)0
zPbG9p4EetpO_QOJD#fLe2c0B^DZoeQ?79cQqRyyJJLz{UfkocR`3NT29`F0zCV@$_
z5w3t3wX8K4@J8jgF0WE}w*a!4Wn6D3qN|9eon>Z9)9Fl^Sk2`a<jCf{TxpcN6vmC@
z`>!y;*hepkPz{xkAY(;%tYo{JFK_~`kr8pVfZ(NwQ=oza_4QfL7QaLfD+ltx#cAaa
zQMCpcgw9M78{LH+3Eo|US1g27TO^c^Fnqxo>UjSiC+1*6@&uvGS32aAo$MY+n6Nmt
zKbL-(On#>whgWvno(HNbu-rAZ0-P(rj#K!&{*Mxi?r??a{U#Y~1Aw;rp|9}L^MN-d
zL~_9qMZ<x_&S~>OKf`W9Dd2gdyx;BPwEPUPMP*X36_mgkRq0F@88Revg&CWwf`2%e
z7;cX@8U9bcsjG*rmBa$-0K(jy1OTY^?2qsP55hqAyg){gUi&@+ZH9>c_~k}c)YxrB
zL!{cd{%(h*&ezYN6Iu`_9E3y9$s7Yy;JgAxv{)CL$Tmtxs`$70IM?sQNaSO?8Jg#B
zV3<jVJEibtTa0#m`a>d~&nkXXFe;)eRZIy)6p=4R6X6Kyt60kEcX%0YXY(J52s0G*
zqhlMtyaEwtuL4{_daYaylY!dHygZbK`o3WFeTt&B%d>qw?n#sg8amy+pq=*}ncBGD
zpP<j<UORpXBJNxDWZo!=md+B>*3{Cb!`IdC0g|Sr4noJ>QBHB{zwc@0&n+i_o!6E2
zK7hMP`I0LuDPDEYD!J?~ro|sD^j92MV;R`bv<m)~2dy6>i65Qn{E0_2)#@nN{BIRK
zk$-tVsbao;lRoA7TzT=GW`uCV`Jl(4LkO@56@#htus|ebap`ibm_(KgpDe<T1jifO
zw3s&2r-@LC>5V&4+96S1WS#NXeV5h08UUd%CU4ZF4-bdn{@zF@kS2XY(*EV`k-b95
z2HXO3`eV!0q0-40v?bwk!S9y51_4p{Ur;0d6tqpx(^c#;BL+V|^s4wB8c(sp(UWVM
z$J`IzPkJ~&_nEnuOW@0LqQ7|vA}t0Ib$nFXEl~igq-r08DcGi$?Izb|LRtLNycNIQ
zlF%0`fZ*l{6<JGe*CoE0I~*NXU^<ig-FjQFF&whkqlX?;y7U0A7^!fYNpJLU=Ds9R
z;O8<E&jMH<1eY8=dXmn|$LSNVtZyb?WsDez>rkn*!Rt8$rJ#U>)s@<OskK>HT`&=`
zE;zJ-ra$BKFu+mr_NzdNzVfx#ZF5Yo!xDIZ7EK0IdSW(7k=^nE`xg_4Sl6$mC&Ozg
zQUyGbZ>mRVr}K#Ct(q2_$|G#)+LcOqW1Eccgt!<@7gN^8>Dl$3*JI&N)F+QFJ}elr
zT@gK+swZ=Qe@1T%cu0$Wd*HDKI8L6*o&foNTcqQg$izfE@cGL334{d)Xa0z_X$$~N
zcAv~Mx9=gz@T~=7KF}uEmA45jIPU42TNatE<s|U_oU*x#dh&>iAPmp+O=v}uZ>Idd
z(Qb^1zHrg((8K6{xUGWeYLQ!-BFbW~5RECpY661b8M%8O&3=J0)`)n#d_MK>b+qNX
z=<wH-;#z@cYrR#B!LyKrc*}tw?jXbLd4m~qI~q2wU8bQ_sNbC1xngw2JZa0Y=6mv+
zxyosfuTZx-lhOI1xiF6RyaBqbV%=Wk$jk5Gyg=Bx&T7z7%)E&VhLT&FJm!(B8F2eA
zOLJ-nq<i^rNyK%{SDM4m<Q34LO8i17oB&eqvYPu>hg~ac_AwL9PZE1d&?7R6c17eA
z!y7xWw2b&)DPnWW!IS>-HhO?fdQ|Y_w3r7BS*JH(NaVc;eYW?65cEH2ZF+0%;?jO=
z{u1kEfwD;lPIBUKe;f!goxtY4mR@M~m4i2ilvMRoqpRMP5dXY>;@a?@cZdlT!AMPP
zT)o%uakvxI)QQ(X;Rw_+^o>ImA*}UG{@6~$sD`E0yJAA|;b;k&w_O7j-+RJcfHGWd
zqLcImtkvpL9LEJTZ{w7)gxv60x8(`uLhbJf*T-aefiyt7$<tZMxY)4zwY`Mwg2T#T
zcejjW*ehviK?xwCUlCG*$!dUW%~Tyk5d~^#5@We4R3)Qmt)}2u>PKx-_#!_qIiaXs
z3Zkzc|1TEcAWs*-MdbiXm5%UL2|2ZhAV`*_BX9ngx$2g=YjXEDxdl?K+tT29&%X#$
zh5cryPd<J!c^@l)9%P$MEA&Xo+bdW1bW(zpcIP9Zaq<x8Qqb(!-|0##9RY$yxp>$u
zpu*SyljBvj;LFF*<ZL6rq34QaVo*(%H;folB|_;Ejq0g+QquK-anO+fl$mijx%^y&
z`YBcg-ryFZKs6w0)W#X&W(c8!(43>3(SFVcK9GX5?Xj7V5}{1eckJmHkj-62pUi{M
zSnn!JgQCGy94LLv&fYQ@C1zgrT}T-;{#z?gwO|xl@uD7t&0Avz$>iZ=zNAeUZu<)<
zk#v%(Le0cQ9x*zu$z0)N3dyg-8F!s$ICQZNL{-ao{$<?rx!kS&@xomGj^*J(6nEsj
z1O%qlp(KK4_jE6#JE+=e-PMwXGIpd5%HN>t6l%Y^J_iHkHGSZ+b0Epf)o(NX{Vr4_
z!u9s%`t_qX4*)t>r41mYB~<s5`8M}mrJ@z6rLkE<x43}zF6A_WP^kpWhtDUmInZHu
zL2S>}yN>r(S^WK>!798gYve>E5lOZO^5YbvCAB`kigtoXE@+*4vzV0KGKOI?XVTY2
z)az3a6OVkO<Rw*WQ~LUe)QR#8GN<PR;j0UaC;kEEJU(4|X!1E^m;)trLe8pXZinJk
zjq%;giRVgBz`m;57i;)fa7o*fBYqcW)({x9ts`_Tr`lfqPjc7yRZxF5j|xJ^;ZL{^
zB2Be%;e+RcNrK$?bP~`Kazq>6FaZ&IKtMD)_C0LRulCezQGwego=cb~(*7X?x`zyz
zjY{!ccllEyfRJ8{`Ht)84L9z$C}EGna4m*X#pC{P8~n~Drk4vN&1mttEcEF4MwxY?
z%pr^Au6b#Q_9E(EDhMRlhtV`Xll|NHo(N0hwITpltJ3^!r9UBduWp&30T9sXcn0jf
z{SKor`NWER;@PG_tsG~F9)Fi}gCX|1?F~*#?dzV8hy2<kn~J$in)Gol6Zvh~7lUDH
zo%>*lc~Qr2FtnSj%XSVAwhD4L4w8LPgCX0CpTNBVY@h{l;pA+9csYSrXJZ&l50p}f
zqSZMg^fqW(OSIK|V1(g2^MQ80Y0M{Tc_bCs84LRIjzWL<yUHm99poiB>Lw%6V@UUW
zGZ@yhbq1nx8NdVTS9o7~jFB1+VrsPmQQgr+?<18&Nxznh4`R_3njze1UspqfdRlYT
z(o9Oa&6&9wkO%PYYWJ-%jY(<G<u;4}{QqKhVrggfa^iCkvk!v=lm^FpDv(TW>Rtsw
z8=%;02!hb%`M%}!+>|;8>@PpC4XWP9c<A9)!X^oFgYRFjSX7;({(rQ+WmuH!_cjbT
z=+FZQNViA`2uQb-qyo|mEg>xu(kUgNl(a~fh%^i^gn)D-NDK%_2o92x&o%7*`^R&<
zAKnk|`(f+e`#9#Fd#+e<u5+F1!}U1J%ZCoDAfyfRy$1IK;(I4IpDh37>k?^&?r%=2
znT`W(yn_P*92thTc2=k#`ev@{op06Gvf(c`3O0X#h5ChES}>{~{+fA0i%BUYTY$IL
zj(rGLW#}%>BF(NM%DD5P11{_zGn(neF9HduFshxnwhw5?T9b)Yr8nG0fwJPwHmg;V
z4^$*4D(yeL$`L;<BdL`#9rLY05P;_pwr(CyPqN!<pAKzoSC#3Kx_BTuxbih|81H4|
z#(En^bx8bHRobmwY?uP<tcvzb+qk`_VKh*|14VGX)y^DO+w0y#0H)2a+SIuC|M|)h
zod=W!H78d;oy1YCPY7ps@0o=mgNojuMg3-Ql$p^#c4_IZ|85`uY}3z`fu6*Yj5?E|
z4vw$9ek>62NEQ*vT5j7FN$LTlCZmw`-qm>5`0mP+)~AEr=j0BWOoq}UAJVR|BEdaU
zN+joFwW{vZ0vVH~EweW(_sX~YXmtStG37wmF_7adG<I%e|DwyJaDBQfqVYYM{B>9&
zqhb3iRL^DrTeZgDKdY0qRXGc872qCb`~`}-%Ka&K^T6L_Xu7Zq1JYxI)vnSNAf;OI
zor2G9m<<%M2$yVTBQ3`z4&NiqNMqtd5`+<s@+!&@>0?T~H&Hc|!+}*zBvo<8{x`cu
zLd#&syT`AaoS|oc5vwvEv+#23E<1YnK8_?saAk(m)sf!NiF$&~JkATn`Y(@A#eq$t
z4ZYqqVEKfB_Q~#FdiJ})@skSB7hUtLtx{x4p;XuW9A3fXHZ`EIu4Pt2bHJfhePk}k
zG<G4kVwJ}zf9+E`v^_@!#p-;#nrfz(=FVh?mM6>5U=_a3ShoF!5C7O9h^WheBHT5a
z7vuwZ3}GaC9HYElBz{m!1uwj6aNWC)3VW%9jv3+a0cxZNpsjTL=P?}UAAf&`;gL@i
z9%67BC+SM#`j1Ui@8iAC>R8as168E-e%%Yf07=XD{;P8LI-^yr-@UGLh!q_s?sq#Q
z`;d1!MBaL+fO_RJWYcxYgxSR*d?xv2d66Cm`ehWew+mudiGq>wYiLdiQkgqax#zlW
z*WAzkRIMmn=ti%Lfr0EXk+zE^Ij`j+U*ifHg>8%@b?-$mg+$m-^J)f5Ul3V`F`H{4
zwPeoog<DvXuxM@Htge+5Wo!Gh#@*tM{YEGW^8Y4)<xO%ieQa-g(EDJ8RT6J{>De^}
zvR@sgce<d$#DRduUn+%ogt$1_;yTp=f>udb(bj^aKI8nDqdq*0pf#JaJjbWImh)+e
z(j=6`Dv?`NGMEu;zDS|d_qynwW7QXXgCb>Azg1Goz0WjjLfSkww3DR>EJVJs#q;?e
zM@R7C_eO_563a9s#oIjvw(5x;aVx{}BKmXu$@$5F4y_aO@x7-vYoe;LkW^s{%)TiZ
z>>!jN*O&S3c@@JYQ25E1enqrm;=Yhfa1pXCl5^ltygkHyQOXQV^tXV2hVpLoVZ{^V
z8_c--j1m-vrkZvOQ=VWiy}mz2-~|Z*53+Pg&S61|4P{GbD5$J=YAdUCsL|g^UyMMH
zor%TL2Sd+LgC()OEI65vfLot&A`?EXzr(J4`ZfUu@52v3Zg@L;cl4tMYyP>OPq0Z5
z_DQ7dp&*jTi9O%_xYX4jnWgtP%D}Db4Qt^O)laZ*jn9jsfA^FWM5)65aw61)w*E9T
zLc_9B1I%|6bN;RWhSvRen1mnM`^$B?z%)4UcgvABK&>XaMLFB$v1l{gHt&3fuye_+
z6rlx1%lm%^Fu^?GC&7(W{?W)I9Gi_$cJS6=)?1>#SyX&p38er;-Eu?3QuhxOrC?!=
z*S?Vzg?}Re9~9c7&V-<Cud-6*-gQoNqcElGDQ50txfeQK-CyKn8)}z_qEbEe(T^E7
z*h%Qc^NByaAtQvi>S1a2(M$U^6kxldigqZxmI?|=QdJo+g*cdFe6u?bTB=UO*{fGd
z!nzlhETR|91S7$w)1D|$qoNUfN=WeDg8+{*H2Pl04uPnGw0oabw(G6fu9fGRlgGl$
zbySV*Ze~i-0cFb!71u#eV5Zy>dyk>p^lcE{9J|{~J;GrmfzVke-hZaYdmK%#PKs=Q
zASwmBLGE_vZ3XLrp=<*&vAq$(yGoo>JK7M6VyXhoM`fMS<zcG|@o}Nxj^pzUT4vsV
z27qW+ftHl39mLWM?R<=8S54yghj#^}l76dmqHQ_dX$D9nU#jn)A|Fu0XEOIH7-3w=
z*XIRQ|Kp}A7<^MncXp2^nCZ{hGs2e5VSr}eG~&1DfN&XpW?TB^!x<tg2?5PJ^2YVf
z1;S3V5VAX%dOo8H)pP$xS0%COc_ndIYRm&{di|bBgPF*q9~5hz4${b{OI>|Bp|BEk
zl<5{}(o@PltRtozXHw#q2NVJrT)-WAFB}&~ZiSt|+?2lqgQQcKgTAhbW-k{C<GZv@
zrs$L)p(vudZ)MnKU$Z1cVjge6XZA8uRotTZ9H8N|)wU#AqHZA|sqPo5+5xD4dSVT}
zs1#@mYm_E}ghZOvBw*>E?r$Wnoq<q&FM8NM*}4*-u`^q&hpuhXkr(9K1n!q3zLyAq
ztgVBXu@JoJV~{Zv`|PdhR#_?zXBRZ(q-Im^xG96<-E(;RmordFb+FOv@F0_?n8k+<
zx2I+wZhx<CXR;IFiM*HJ2qD>;EK>#_XOC*P{o$;1tHYvz-wvVfv>cwQG!p#!4JmwQ
zp(O)$e|J=w@i8zLB>;cPp1E}$zKJF13S!Dv<3(CUAWYdnD$hcha4;&|ly{9_#78LY
zkd%ra$Gbn0ICTndqN5W~%T6FDl|$Wloyvk9MEeiv;q!?NYpQ++#jrR->`&2VrMjH8
z?spVnkxJ%E9pN=L{girTN6rH<Wsu8ySrvwUzkP!_m)3Ntz*(U{s*)7S!q?J0Qg(s)
ze2%JX<TZH+D)OzsIJf@tBFS?5n<IwZCOH|QC{~b0?)`*v5QN?VwklIn-SOddZ~z3T
z>C_u;C*Uw5S%n=z8s<=-N8BpVPBC9gdc%0BpV$(&(RwI~p~`y8)$5|*#U2dB1U|m@
z_qD+<UT_Esnj`;CH(3S$_Nt5X9vRG*%9#3SszxGx{65m}(r@4>n|Y__HLdb$e`-<p
zYuZz1Er;vtpw`mcZ>@)3Wiw9MahSO?t~GEIUMM};q1J!X-0-pYS9hZt+EoM8vwD^1
zp|HOIzbk6qX;SNWA!PMT{yDTCAWU4QZeJ)IfmZCqT{c8!1`y_r{n)rh)0ZY_JLkNO
ze-=kCF$O9%YNkydxyCLn_t6$l;6rKp{>&!sKwwb_n1|9QWt1TFpL3t4)5F(TD|qrg
zJXP-vzNS>YPt;FdmOFFeDguOvi6y6Cs$(p?C2`OoSqKpCuieJ<a4QwsZ;vEwhv=F>
ztA;_uszRrodmS-CGM-xS_EH)SXoBdH8gpD;RafPQ1?5-|XU~7`{mF#Jd`l%M+(?n@
z-N77+eMs7V`XfE)s2Zdg=|HN{BSG>_SB;Z@op8axb|~{<;Q0a7WQDPQg=n9Jfw)Pe
zKCNh%!^T*_J}3q00C2U$u=;7P$=`$MRAjS7XM~W~&RkfW`4bh?ULZ(E@HkxxAOzU?
zh1;NO2Nc7ZmXM;*voNLEaufyM_B(b&O{gCKR#Us0--|EL<vdaXrGFTpG7d{1AC_YH
zTHk|S&oaq%kiX?xeu)M%1peMpOW|3Lz4-fKJDZs|o<T}g)YS^W&ow~inH}HlGlS;r
zkEEXqhbTHYik+|G(B_HC9MI6-d}a(_0QwJ1sm~vv21OQi%_c#~@9jtp6TV-W$wO#d
zH-3lOYjc{}BwEDE`c{Od*4WcmnkeOj*?Jeo3Q%SO^#|EVs!k5}NX1Ac&ZkU4v`~1T
zt18!6E=Z<Qxb#0}^6Q5ESXUpKvN%w320xxK258@NCYixSPYN|N(CoEFwGNv+(F)<A
zNRhPEDD>+yUPMi_uIpA~yIR?Bxb>sS!G3E;{v{faHCojXlLt}J;s)D6JQfLCRtlbc
zufUIToca7U#xrOGJ5bE;*tLVy9d@keFR^5PQG)rUvuv2hecIYsD{$Uv_=_Oi91y2G
zmcv!*W`}x51!aglsPD0u^du#79uA}4-l8OPj+-rYX|@mj?gV0ZrEjr^FZRYXb{b~t
zsH<%TRY{MhT;Cdn1eHPGWl|tF2lc|j%6P5Se>8=MWn2S4K+o;!0DU{~*c;n?&P=V_
ziR`y_jcVxzcK98I><#|02qtp@9QdElAY&H-n$lseQ3)#0$9K5aDamdJuYosSX8F$>
zuL9Iq9RMjr!gd47fDh9AH>I0S;+_`FJO&F`n*{SM-fWseV-;@)MCVXgDlv9azv%-|
zD)u1K&7q|X{=ElLISRpojbu>(GS4xEK17|2tfPMq&X%#*D4-f|3NSkc$luy!;NJ)E
zkt9#6RA7<uLC$hRZ&E*p@bO?_kiVq@=-H=F!UJI8=s>{qUkm5Vyi~BQcS;uQLQ!Hq
zP0rl@EFe4;vDV4=EG#vE`8T|c1wG%XXG96%VTDDMW3jODG(ULH4M4>(@N7mq0VN_$
zZ)!vuCU$#@3tbTU8VSJ$thp8T8^JkXjE4~h-8c}fQ-8-FJX>R*ci{tWlrET+!39S&
zNTKde4}nUgxSNEb#D|{Xa!N4Upg?57n^l85mCsD`u2Ib+4!`Cn;O92ogTV{qiqYEM
zB^l4g7~WU~Ge(TyxZRXP3PD8wysbvc_#X05aB7DE?dO8RCbu8m6QDV^)Udj6ssvPr
zgg{oj;GUt08?Y}5gmdLVrSt<J4MZdBC9l2Y#^>7xRpQk}@2@fSaE6G2`=rMfY4+3{
z&miEu?@k%JjDkM19GDp|P8(>5+@F0`ISO981mF}CAklRIGc+&;8G{{Qs@5$)KVKJ!
zK+}L>2Tlu!v`_Yb!5oKuFm>cHD9CRB#H-c(3BBb?<In88uZbMwVQ1u8lDV_W#=r{;
zVj%vBPZkeo_|1b(NE+nOla*#>la0sAF&l|m(z&2MUz{2QF8tA4twH-Grd*-c1FFx(
zU`mUS^PK2`_MgqN$}u26pX5&~;;hRO&>c%H^kP%@<;CBh!>_GCk@}||y6y797vNR&
z+w;x(uWeU)-{@AtrAW!{!5szo$jScX09&!dZX$P-S_@ol$!QU-q6pvor#BBW01DmX
zNKY3;K?}i_fC2}z_cm3}=_d;thJZqI&k};+EnsS}z+$nMJ3ml(z?O$828Vw(#|`}U
z$s#N@#4O-%IR4E$vRM*dg%4g4kAgx~wq-PP>8`9X&`PD3dYM!T_#wc}b3|?goS&48
zFhQRqR8R%W87{54zh<h-5^hCqfuKSM6!$iOrOUrgL^A?fZIi!YO81-(A_#SJ<#A6y
z<vQ63{6{XJyp97HCRz0Nd~-eiDkqq?gDKD_ftKR~GE%9ybyyY<i7%#t(P<xoD)yrs
zY5%0-)Z~t&^4iVsdW}2(n4X*PCT8@D=Nz*+^N!!ST-1xfEzaOqsd@}U#RYv8;VG+o
zPD+L`h)*ivri}`~_f2m4frAEWr;(n}=SjE(ly}?+<>*ZryiwTfo4Ytc?kFU-{EjR1
z0H8w&(ig{82fsmrRRAnSW_G}d{ef5czyrTL2KXIxM{r2$YaYYTBY^U<4yNbm%lm=n
zZ;Bwy0hpmY+5RF2&_cvc0e|UZw~*U%7hoL0Wzk=-%<$3dKi;bGJ~q3qfNJJOi!Hng
zOYKl2J*G?Bm;;rtp?gV`5bPdc04q9$f*D)B3V&`SsoL4qLo@qT;Zfmo{{hUeTuia}
zombeR`F#d?nI`k_b8wCeK#Wx!crhG!k*Bv;^)f!hH5-J6q+x%-7?%geb&g_QVsIFG
z6>CY@px{-@o6mul0Y=qNU!SN39l~hBLM~VWwVvTJZoj6vAFY`!St9?EzqR+$CUN`k
zj3BVQE~+M&+91)Fz4vHfd)rHMl%@%;@g=siA6_{RJuG^p3T;TxSE%<_wK5U+#Bhk-
z_RoQ|JQEx<EKm<GU0%o|2$Slt%YM1Zc`zI~J)C~OEP6Vg5=A1lpI~J8d!j@qdW(4q
z=&8SO#$_zqKmHs<amLqrERXjWxO!7m%4o<!G*VfV_%jqht?Dxb5^Bj@>^O_pI()$w
zc9Oy`&MkQmh)7~a>C6!)bh!JkZ&i3(hW@;4jw)PiuY;_D`4Zm=9lGZ-fe~czKVuGN
zpf$pBi?lxOiCcNP8DJR*fjFUQHN{w$P+H+0WVav{UK%EAZRM~J!C=x8ZGnLl9Pywu
zFIHa4YI55M6^L%X!Bq$ftuXXA{s>oU$I>s|3l9@-mjsa3ftf?Y#T4fN&n-R2iEQQr
zuKFZ8NTbQ%Af5xA*FzfB-V=jsdBOaP^n3j4=3^ofFTcAW$DXz;5f-o%6fR;xoEd}M
z9}rxY3y6&sP+PK(XJHUJmiH3eL8<Z`S1+$u17MM-?8|^MSGK%b^@bvZ-jbeK7={Fy
zr}pmVaZ(&n#V7^_ov60eVn;A9!;0e7$*OSZrU~gpAARX%RanDJ9-(~(bh%5H*O`%S
zQgAky8Oh^#ibEAjdPit?47M=-G${6eME1leSkr-V1Tv|LMF6(l2S87$6cly@y=)gH
zWnjX&JS$HhP%Eov0|pzEPVM86(}QYdCif~ZIO;v_Ap1n7Lwp=P#m`Uj5tzsV(00p?
z6{kD#rNjIkr!uW)-#*(f`th7xr>xa!@;aZ7{Uk^{pX7&_YI&ur&(B3EEe_U&3iZd~
z1|%R8s-QRl%;tZH2udhP_1+f0<6%p<$FYF-DXN>dEk{|lKEajTIMK(Rg6iK#i16*&
zz<iVE?pUA-i0A%$G5>L$bm9+Xd8hBP&4np?`!JaP(pahq#4?*&`C^=NM8J1o@wI>*
z6CLSc@uH&XLxRkJ8!afoS*#QzbZEmA@18S(;$3k~5kWBjo;Fp)+$`Xtt?J;_b5i(1
zg4=#%idEEEXeyv$Y;l7534q6U4dTYJSYw|Sb8|?A`V~R@4nl&iLp*G8Va&M}+WC0;
zFn&zgYq%M!9!9U9DcJQoA`MW_J+EFO=)Go2EO!HRopOcFXQtKP_vKPJ6^2CS#-Sai
z;Ceo{i7&0~xlD+azrA0Lshyo}1i}xU6j3*lQ{l_MY|KDTnA)vs79#tIbmT6Z=yF&l
z8j~hmx!s?latt%piYj!XuClAY86~|xDeDz1yhZ~Rl}h4ui=Q28B<+V_WYRGM_T70X
z&Mpl4ppKYsXCnV0`3pN81Pk|Z`&u*wbMUyYEvQjRz1&Ar5P}HD&y0Sgb0|EOA!Pfp
zKE_#<V=-88fCo5|qTi;9HXZ;fnO5W%fb<nBM3I5XMR!S$@ka5Tak=GjIBvLnuX_z*
z6!JSvn1h1~!{jNRQuBx|D&w{`B(85aS^Q8HlBAPkpo?FXNG^!#pUVwA8atSt7G+fD
z$cdAa+U)J{nu7VB)2tAeX_JsC$S$&H*F0_Y8kg(nN4G&AjzWfuS(DG#(doY*e#hB>
z@T&cZ5e3AN*&O6HWg>roV;lpNKUL6~ZerpH>(~P@?c+BrijEd{lK-+|F&67p&@e+d
z;2YoT`J@0Lr1doDE23tTs6(wx1-Cw%7EyCzqH_JoJVL$uI{8O%Ld2eK@nd@fR~4xw
zdo(zr2A{2J0VAy@zyLNbV64-LUH`?Oih%=KX2ZTpAo9hYuZ@6QdW>!c@cQfkRF6SQ
z7L{Fk>ML$-0jKzlyabReLiNy_Ah(&HbKCQwMo^#oDu8?QDEN&V9uAxZwKh1i?e?we
z9Q=X;;759h#{aG)Y8BfKXV(BBk9v*NLn)>AVAc-C;5m%EmrIvol`Jx-vh)BDqp#z9
z`25VS)8gwF=0WH&Y;Wv_2_ksYS9+1}#7K{9+7Rd&(_mrj7XwU;X7Tf>FJPl|td#+c
z6&>Im$1^K2scG(mS9XBT*gaHoE1N7BB)2i2ZHF~GUy*2$r%U-Bg0BpnSVNQ>R-X{(
zf<?TRjUFR5YA@ZQ<lB~{`o%&+37`GKUWX|J1H+>8Xyv6G(gOkx$2{#{Foa2~_jv#y
zVReO5voOx+CP-X@Nbx|5;k!o;x-+2b5EQ+%R%?_G^SzfD4l%sd&CIYujf@kEk6ZpP
zzp6EdlEP;d2j))T=&_yW?IuEhjdl!B{cL}-OsaSg7~j_HPcIW-5{_c3eTp#f8(`>o
zaa$u@A%=>t5ECgP$Q{;u2|y$T>Q#k$6-Hl(`rFYk-}t05=+f6D&cs~SIF~xpkKTA8
z=rOgL^X+~DxclLYz|o_RUZlqh7I&raaP0pv@*?_?B9X2VxZHbSW}SZ7o;C!VDF}?6
zac<&V62pUkun_>x_n~(hp+kG?Z9_N)P@1THrmv429aPhgwH_%3>vNwQ>zd;ih#XP?
zrwO+a50NS9BLLWz0v2$;ekN5#D^g_lEO1d{U}9E}17U}n-Z*o&cdV>|_r|^Q>=z)K
z@_kz3!3Krg!k(A!xLN#3JPdIZS(Qqr34!IsBaZ3X)}R2+T(V{_X%XyDtF|?Rw9f2t
zOx=J4e|m~5dl&~2^HJa_cv)naS{-d~!AQZBF#=Hgic*})H24lU!D<p0bV*Ge{pJJt
z;C02gW%&zLl$fF4l#y(3`4y088x;(K47A|9y^lhPC206kC1&QMsYJ^10@0)JROk0x
zPMZo$v51K%#-chpg0oKn9V<dnmN87Qn4l<xg8BuZNRelIa92AC<Ge|9;A`2}_PlrG
z%*u`MptZ1<F@$ss^jqKi5s(G-+Yw|t49CF+qz3hyWbf>(ci)LUzy0K+N!sRgCF2o)
z`6E%KpzBeSCm?1V0VNv@{80XRH6OPc{l~>REESu@a^O)|YI~M(56)tkBYk_8G_~O)
z*vQ>pjWzZ^Zh+aTUofhm@&H6vWNZB-(Tor`Is@u38O#JkE}}K3`uV5o*}hAwKJho<
z*JHB4iVWI1<N-SoO7bT55ey8e13Ta!GrWFx{o+4dfFty@S>PylB|?6_*{cYYLF~3@
zs{R6J{sC}!$3QpTq|zLi+*V5NL|U11*H~CJN4ll%BA?k7nknsXG)S%oanoL#sxY3s
zZZt4{f7;{$*qM90Qw!E`@r=QmN=kTBc)7&(%fWs?&n(sHd&5k0<R}u29-}E`L02rX
z)k3iKN%^IWl|!!+-3h!n69V(V^j$;DP3oPqqDO)B(+!Zxq%sMCk$<bIfn&w~5CQAn
z_Yl8qNuOfCaSgk5+Rxjp-ja}Jr2ezud&3nT;ByM!BfG)4%zg>z#~#jpG<TtV6>?i3
ztWTmq(y(c(!T1@mD}C^C{Q*-`JBp0m4rEem*Y2>wASSZNXYeL|h`lyUg*+H+Jjkjt
zbXDMBL?(nYhZGRbS9PL>1@Fug;FK_-Zt#KF^a1djxnNf32yi_ZghxOmB!~$X9>j=9
z!h=EPl(2GrFo8BeJ4eAVuwqcaclP4kHkOrzwBjb@M>C;>apb;ExgGv8tc@bG5CZ)Q
zd9N4)-fd1*Yzg~~wKAdbapaZ?xKS#3xymTuJw5=LqBkH}Q~-2~BJdBne8?Pclg~z7
zOF->!@EbwM&o@$FCdWjH4SJjc_Q<%!FsU~fTsUeKFO{+u1|T*idXFSMpZ!tgNoE6k
zibgp4`FJ48%iDf(HLwb?|2<F!BrPDl$GdCRY7$lbjpZ!yRO`bjpZ20O;0cHM8^9^%
zht(>79X2t7gZeDAKt_%!6530|9a+s~B|s0F={5xK9Nr)W|59ssUlTQavS>l`cLRI2
z_2?!=e`2usTxMeWMDJ6l8n74U(Xt7jaiGd+;%V<}XoHz{1w7FmI^TDgsQBfWdJz+N
zRR9`Q)C&q#9v;b8d}X)%Av8>;hZ1^Tc-f~^v1wgIXK4MiPV>f_x&Z|w0bGfdmG1ty
zR+obdDLOs1Dvvz-rNrV`1`~<{2ShCyIjUsyv6jK14KAh}ub}=iQmQ9UgM%^<HLSnF
z^LXauV$DN>^bs}Ozru^u=@bTF5Fr+%Hj4G^I``r4OIOiJic^Ij@lY`9qOY{WJ0FTO
zM+%@Dq!TkU-RjO`%N$~e`VX65@4}135wf$Wh#+UUJ8cfHF94RaX2e|uX%1$v*?+yD
z2-~T-^wK0fX~IhOG?A07XPW-nzm83yY?>BepTvn%h!(hS!8fd3sLB3ROi5ORkDj)x
z2D=BxtfyfPMpWe)H8OoqXDq@P>e^<3r#zqTW1lLBGv~7r{wdX#)0Tv&$f<C5tkUq$
z6I5XRuITIZwj6X|C4QLn=N%K%+ll(7sxl$6@{oq7xUjg}nc^idb4bG<0ZR8J`=G2x
z5uVuK`^SEl03vPTSA0~@;2lak=-HvjDp~ID`Wvd3ADI#e`SOTJ<C+BSj@k8+y7s9N
zcfhj?n7u5iTkk<Zcc!OI^1ioM{M0SqA{8seKvb4bmN4ry0ZuvWQ-8nRkMO+mLhV>Q
z7!E*}2tv_9vT@80NHI50Cpdnvx`9&>UtsR$V50PwPs9uo51x5t#v1o<5=$Ir>)o(X
zR6SB^EO|0dr<swwg&UlYS$!r$u=*M=@mD*rSdihVRU`OX*VY{c*!rRCYXz%uL}lv+
zsPA8=MjZwi_s<LWb`R+<veaxEqIi$#4_Mf1#Wn9Kc?Q49*_N3ecv2uZny*YC?xgpT
z3i4Ko$xtp^@0F)F^?Zb@&<1A`!L>*%P-d3rmLz&#{WXDy^?gQaiiB|a2diKgTLeY+
zY{~~9TTPNTh0yI7dX)c>={*HDuL#dl@sxdXH=%M60iTt{&1{+-1It!cu;gQ-?@b!M
z2?ob&_*V2}o2B&_d>TF2981$7B*+DYTeMDDB5S{*ZfozC8mmRl+18&mP6n;tJ${7@
zNReMwzISY>eVuReo&cNJ5IZcd>8Z{v9zG78H+4(_TIkLK`wtaL>^OwFCyz56_+aBf
z{GfzeVcl%TuHsH*;xl*|mU&u5Qr`Q7gJv&uYw79rUFsR5I_qQJP5g`vdIDF9mlN&t
zQTkHHgxPMZp1YDnAsoH8AlOG3BUll@wZXs3XY^^)PMfvVjFW(<Nsv!&rH5PdGyePd
zHx+vvHaRA2P}c`YF21~N$~gB7#VQUvC|hU00by8?+#Wu4JQHB<W#gTd<t%C%IMo~X
zQ4Om6_TtK1{#+}eRa(b%+)wrO-EzIPqV(*^N3DC!YY+Y9WC?HpgPDz$EiBKdP@4vv
zAn<DmiogjXzWv}KJ~oJp`=Hl&K@GFQdP{b;zp&GDCgR$M({s)6q3{*iZ(ccdry)Y=
z^De_02Eod~XczHcNBN)+*^BQj%UMrdyL&KG0vpa(=pS!W!zG*jgN{))4ozMHA)J6c
z0ZNl4`}gx2*KJ9`*VKHgaGL~onwvFlaOT-6%|w)R82&OtNxNkmj_h37q08_C6|X1(
z`%$?AmwDRNhqYyfmlBzq7RI7ze1BC^Fv}JBn>NLDVv9QULR}W=0`InDlf2*ltV^k$
z6xFR(-;?2ZnhibM89#(6)Xs;zJMQiCGje;?YZlL+rDt_1O4UbhxT?Z^VB^Se7HL|s
zxx$3tSNZ3$<yak$D{W0q1hKK(e5hmIpeG=eq_p!&L9~4H3@)Fy0Y0qv8D~z&&Q_aQ
zaFqJ_2a>{Q1|EpC-p(%0BOaIQeQAGxziudQd+$rimCn(L`z@axtrK&kMQPBe2}6@(
zb0cEwv_v<5IzC*qkVEqFS-FvBM|{z-&I}294gtZFLXIj-J5)o?6JOzUrh4jQ@gt$U
zS;v^0X;osoyWe~N-mu$_Bj==f&{CuAV43Ii!BJ|8ClP@4fl#((n;M&r$CqmlUlLQ{
zfJ+w>ixx6zWyzy}WU`=|kjf6~<sZLuifbi*Suzs6)#dQ!T4gy4`+>(*q)QKMz@%8>
zm|g-5otRoBimw&AVkkh#fw2MP#-e7x`*ZY7-CGa!cNj0rS}sDmT>j3SSXylS^^W@m
zE`Z9uk*?^8t9A9S3y0<D!IH%-6p&i*?qzW9^KSIL(|G`_aA@>rtKb~yE$i050f`3`
z9yLFUkjj!W@?pRafRyMbk(%h{s=AulZDte)SQxVG^c6A7vJ5C-0%ZK~n62BwX#<YU
z@%uX!)DIo@R(x}E=R}&_aidwH(b4k|3tzOm+#OQ1Aa{_fP!cakXkAcH4kGrxmbZgN
zN51ME7^+KcC<yG|?q?jPLwcO=&QTobHzaKvBYUr&5;>%a<o3pI%T(})zj-MtMn(Ms
zyi_5J`F-P8t`if~l+79n;4WJA+?KrWR`=zp9MTN4Ti!XU38iF~vsaJOVr&dz#ohfA
znNhDphIh8}+FhrtN$i&pCs-dnsKI#{C!NiGCrfoC>8HMagIi%m*j|Lx*-R)LoR9ct
zHN-`#LUG<Wj3piE#HXeOjSAxZM-mhtEK63J;`f6oF29YtxY00OsFk5y@6vr{SA+pU
za}Xz&<KrzA>kIOnzl#hqL&Sbj^>+Ah6glY33{0!@%!XGpNIDUY^v-ihShpaj>GT|&
zZ?DNPM1Ji;DMK!R8iO6^y$Kk8v!8Pv2UcbH**X`DUB-lT#US9<ZFINk%leKOkF3CV
zFB>wy9~0*~!Sz9#j~b%>v)Bx=FOTZ47NU+PUb|nos|)s5tPGRmN}7LCUHCD-w<M$|
zr(W}Q%0Z$yH5RGNdse1urVhw{wd2VX2e*Pjn^CFQY>Tgm(_(9uu=AV>0L(rBF8nBw
z$eb)_fBf_9!%FksRs=hpM!?WYUl;V<(Bn36s>{(rRh184uaNS;E;8{>lU!af*(gQ!
zz}^}%@9Usgxk-d~vO#Sh6Yvi5sPN6gkgxymlBI6G3aQg}^JGE}#_~H4meyp@;M{hb
z(1LFod`Yz}apgCJi0&nk^Cf<nj@iQ8N<(azX6RW<WO%*NSrcb6-`mHl$l<rUv1G^E
z16MV2p?^!U#o&9Nl5`gyL;<gt={j+{LEDrT$KppZJ-j=FM{;t_b1Xpv($TGxf&Nqh
zl3L@xx}QCJ9<u)-VUS3~i7e~4W})MuF!lT;m1Q~Z=<wp#`zWo9Zwa)fu4u}!IK@=D
zwDHl?EP}^xOg7d*Nk6P!pL31%6A<Q0|F<HI!7lc0Si3>=zzZa~POyB^){wxlSS~gN
zFK}0KawlNyy&|NeOD87bQ{`F|@&>+WCVno~D0}VARM?_7b!3wDnE7pasam15Hw~wt
z7b>bj3-aEgjZw@!43y6?WprEaKQC-?Rg_eq%0$n9VWssa=K)6|G1xJVCDv;3V5viA
z9wFpN!;=AwhVkGOcFb*m|Agy<GgSJBQ)V=)&+jUCO!Hzt>Y?IuusimE8KK)2;GeQ2
zj`1Dq-<NDWBsv~H_Y=2EabLLu0*0Ylw2<9`%aFGy8XU7hxy9@P5R10#sL*SNca}a%
zXlpfC*yl_ab=@ai612|G*Xwc4sXD0tE#}Ybs4P4wt~j2#wHxKOK9ai+S|F>xd-rdE
zV|Bl$DD)|(NSyn!%`X!It<bgewb&k)Z1*+xBEx+X6i4;r-n+<8C5Puj;ZN%5W^}hG
z`w+8Vp5_AJ`w=MO7*clwa-wTe^0Tm^Tbgu$p>CiI%Z`YnDZl=ULrZM$?Km5#rhm1@
zMHWsMJ_u|xAFoJ7n(J(b>?qzbzWr9C7LGIgz7q5)>VRZ1wlC3zs?Hj088A1z%i3lf
zIC87SI&e7pzEO68_`K%q=P21nJ`Uv9>n7<5&a7pUnPP~DbN`ef7EAa|;cVCZ|4vTt
zw<|M__vPr1U7Y_sx^Zliy8nzM7!0V^S>;MD8FeCBPcN(d?6C{7Q9IB9`Acv2F11UQ
z_Gd(_GhEbx)Ukw;3VUhY$J+xfK<UUUY5I9z;-$-)qfZLWOBq-;jkufJz@Y}Jv+&z%
zd3d`7dI&MGZ#GkWiA-JZ$<fnpQMy}Vd61sO?Im5Qo)93!{3&qJ*{H=4?{22x>(VC`
zDy9-%>fZ#k-%FqVs>Tp?`T&~OaRS%Hlx|ZKU~w<+owo0ETF1Gs+LZSk4~{=fTr8Y<
zE}ddq(yl8URn+8TkFNQ0f4&N-C2XwRRk{w|A_(lt_rMXgnrFXBU%uCI;cH5kmXtL=
z`?R3Tum4nyB@i?|V@h7a)Gs{n{y+ybeW;~OJ06o{im;i!>wY|hh<!ob=6&+jmcVYv
z)(qG(S-Q0$aCiwvCJJsvgS6@9Ej|%^Md8VS7Q1^ywD(e85@xMT_%&uz<6M)d|3JLW
zpnmIPD1R0x?P+HSI~l|V?ExRw*P)1G750#Bb)eti6*{!2+4Ed;J7@j&@EG#b-kGfE
z-UJ)`WP_%az>jbthRA<3!=YJvJW*A@LZjB%ah>CEteybscluYk#{P@t=3=w$+|--3
zEx<`GfVaGC1XZTnjR2*No6XT_WO)HmU%ul7?`GkVq?p=}4-(YU_)+jttm=E5Rd6LY
zH<tUN2z_1u$Mcjea1EC8XS)ZD#snX9s|~c+><^Sgigr*nNy=i>f1U{uZ`}fQ)xH?U
zt`9M(qu-#)q3fIr@tgy6FG5qR1n)>5EEI))vwG)4lk^ufl)MPwYA2n$Ci6`h<P~EP
zE~Apv#XZ}NB>@FI5H}!vO<n3Wes_O%zq00lnP^uYRYf^H+VPjM=RQ8IQ?tj0yj6GX
zk`3baGmk$4vusPng?RWrf)=aA#$ZP{mh5}+3hj?AR!eRl`?*9UgXyY7bk^b5DjtDa
zT~y7blW`+wdmpGWkAvFrxyZXnfZC%~Rn{R|qNU^-3r=YrkC#@%1K1>22k&N0xviEs
z!#BHPb&P?@7;>c74E_tyo)VzL%bDJ;y1g-8gm)Panj$pctoch#XJ|`Kco4V)#v4Pu
zYm$f;;`7kWxCoFG?eR(;MB^b&m-@i@Sdk+5Y7CMBj>Xyw?yB7mRrOk^-}$%a4sW(J
zzN&%N80imAq;c+9)Gpfs;dvGmWF0y#f04B!A0>&n`L<7@pnlDf5B(3Jt}UEjuJQ7K
z79P=0Me!Wh(>q2#p#?n0!i%y;g8Vs5d}#FGvoCG|j35RyINe|uVFx&NGsASo+tlK#
z{v2Piy{G#Wdf?6gfM3x2M{P1#wQ14j$s7RW0hTe;uYRtp+;g>1p(_f*^;(Xnnu<uy
zGx6cXStO_wsf_>hX9AI?IuAyv$)!D{?h%8iBRDsP@R3hcdes_W6wr5=Hv*LhkWhn!
z3*+O(Pci*gj`S=HA)AGV-Cqt0Z@S!U!WH8H+|X93OQHu(I-&p^jz*GP+xiv%hFc48
zOQZ#!nk)eZ2F=qENWj!VS&4kA9{#eR;peej{K@tDsrd0xH9nn7&(*9Koby$Ao5Mh2
zCol9#<%hfUIeFtV&%1L{s%=YpYeb5XJ%XI)ZytDj(tdGL+gS}HZQ7qtKUw!<w3%;6
z@mx5EZa18gYK~`)P<|9)=fe$<Pw*>cqN9jQuL)t)V`i450OsA^z{mcm3Xth}Eg7cb
zp=Y6!9}BI%s6ECA=cK8p*-sW9ty^dN0fmu)tW?ih@1V~W#w7uZljRgnF5~w;CgZNP
zDzo<>RFwOY^p{&v%D=~!`nkvX_z<}t`y0GOo;W=x7@ev1XfRPUlCXaJD$jEvISNMx
z>~aVfU0B|s_cMIu&W`@~l^}SUV31+0ZTurtj;N7{`KOOfj)Fwux1E~APGBrhxyZn%
zUDPcuW_!->29X^rtEJ@D@@c*IP>vr-zFV2+U%NTly%YN51Y7TCwd0H|_icaqBKMUK
zA6()KcrvC(Q-=H}Q-l2WWZr9co{j;jpgZ3qCilm?wAOWZ5T5@1^(Q7Ss&Jf+sMOIP
zlyUgVVwHqVgO5KV2xE{S43Z+j{DEkg#4uR=x$v62dmCIxo;bY_+^+B^cY1k(%Z`qx
zXbuyWJmRu3tIkwyLkpcBjwJ4%ZXb0WRBsMCjE=r7upj)ySu*uNqOt8VU07x&RkiJy
z&}n1tmFM)c-a)VN8f9nIw~9U7wy(<xmBK<@Cusgytlla5X@f|6Yg;0z)_KO_yv^I)
zmIC$betwgifmi&+Tc#nBiH4LZ85v1MLg@&%V)qxbBhQPC!j->PdrRAx?IoV<Md5^R
z9CaU!0Y#O^2Zi@H%vU#SoKb;%x6Z-;(W&*_Dnn<zmNLtAIGV_7nVu>doWCxh#8qH_
zJNgEQsvGd5-V@wdDz5zwf_5STzRtQ3KFRwT7$-zTwC8ZuqV@t}Drr4;O7+CapJ2Ph
zx0-Cupk3xo8_dZU{ZKXV7nFkWk}GQ{GkgkhBAlg>6Ra9Xqk=1)R)YAWGJ{{UmRvuP
zQ|TCRm!8iPuY%!XXpzBpjqq`k$7cMDK5t&XucUmNNMrnkogWDhrHK-_XpGTQ&(^ZN
zEa{vd)F34p72Tv<0e$OInoGs56Zy&Qz;HO?m}M7CWiOlL6#S1DjiB?`4brGdjs2z7
zR=b@K@%A8;Udvrsrz%DwHflC&Hym`FjS9|moH)0dlK1zH8$ATH0=R^plToBgg-;#P
zEBds(Qx3OPN1(>c;B-ZwkKa9NSV&s7ph^KLxUMM8(_oj5b8=yPt?;5uADWb(1>>jT
zn2KtXxBvdoC2Ikn{_?qFL~M=wKB0Irw^sE3tpp>UD5jR4vT7`vs!HS^7nj1Ne4})l
z#d=Z<-XL1RARNvm?M7mXI3<~#Ym9G_9*=X<wVdOw*&3>=IdAPTp{r;u)VO(U@f9DY
zyA;GD-tl;gP8itSB^v`hba>H}Sf3&4RdVX#)A-&inlMxGGInBg0&RZz+@Y(!xc0{n
z=|9&ckB{lg4h`mITx|x!0v@f0)|a5lIg^%90kr~`&rWSO907IaAo#nTR?Bz0=RaFZ
zU&jn(0@)<mkthVN?s`1lmz%q&+bRFqj-+Z=*Th7-3~s(o7WAs2!*D0~gM`ny7BmEE
z=BS3;W@r$L;XLfsc=&n!-Ex^ltzbFb>OLa&r|%ygB5pyQIEiveqP|}-NRmGFKG7j&
z^JR^PUV2y`<>kXdVUzh3XJD__xsN-VR$!<T9zY&k8CeQU1{R;w_*LYM3*w*Q;ow^D
zc7MclaoQw2@Iat{G96lA%nqQq$XTcD-MjLN;>yvs1Q@Gh5rzCIM0+vQaZtEYfIK2O
zKb9g;ZXAlO_e=x!A7q#%^?s;XTK(*Z<W$dd1xTxDSH83_1al0qsZs#*jqclc5BW8X
zB|8I*Bv^Jsi(8iKD#p%E2LqT#6F4}@Z&?@SQ$Jto{2_DFL?prJ`D_<rTRZxIvAG%S
za@_?{Cr~bVKx12f@{a%kP!mbXcsKcRE{QEB&X9pt`dMe+W6j}y1+$w#-zR<K-qySa
zL5uKtS=d2-NE$ROx#;Q8RJh*%!<xZ6!i!~*S6&=2{t)U!*dHaqn!O*w)GjeA_Ue68
zNsF5s@Wr&@fEXB+O7_8OII#24_p8sapgWP`r&cQ%zh4s{ORWz8+RO-0%^r6=wk5#0
zVw^>p{U1j>bgSZm3$r$0mATl$iWdF^KXduVfgg~Q9($4|p8O(3z0`@mVPXJUDqPLA
z7_|t6Fb5U1+4?RYcE9LIF0xoHFueibH;gC`7el&GTTC{!K(_npkS!Ho$uM2;`KjkP
zfhog#L&3t^H8nsGMac8lx3B~CawIU|$9T#b`?p(!Ujep{Pg*&~fWw_#9qtZDt_qQ8
zI%2Bb7+nX3mxnuA1!Yr(Mk2x<Az3E<u>aA9eWY$@deyRgn-v|Nhc`d{4c}tzjz0W0
zH@HjPWBj>G7HjtMu7o8p)!?@M=HK=!>uwWP>ue7S9}d(+BauTD#SfZqY=AsN)f*4A
z5le7m=`&j#u$zdckNCf?Fek%!K5N`o^n?M;ZJ|s-5F7|F--^(?5+d3HznNd3kAz+`
z@Ry7diN~hX`b5-B6*QJ{Dg%G5PaPx>H4x%|o0Bn8PaTidcpXjH$1(B7KX3SW<Zb($
zPbol^W$%4@3-;H3z!MU%(!Kw`x~ZS1tH;zaX}bQ8ZfYC1__a_T^xcl1KKGZ3e<qwR
z<bI_iDocQ6pJ>t!6Y)n~?M)H17J0+qxJ%S_hok1t&*YlGOX=q0hyFRFy~*4nPd;j=
z(acXFwGA|D8bRv}*ynE)#2t@w@CtK%6UD$wiW|1an{W?n6It(8;U#)sMRz2aR#Ckm
z>#k5!WPX4v48;Z{nEJqeT9L<XW^b6+Qwd?hJK|tQN3EpMFAtdPfNgLDFjl5?a-=sj
z+W4hl9MfWw=q`xTL@wyM;33^tcZyNr&|9SN{qBUs%G~xtNNe-4>Q*c%%0p)?iz28j
zAtBYZJIvfJeG%i{6j6d60io)D(lHJWHc|JluorCC{MpU}vzaXr6(e6@qT(cqvk{%U
z_E=|Yn469xV^5V#;ICqkn*pdX3gCy3^Mk&k!Rvv>XOtwP(C}4|Wv>nsXi}aGUWJj;
z9F-!&l$BRu?E&FGw<1^$iFrP%<1K|OB*1+A$5+{ZpT0=$MeN7{-@`;lTeAN|M=T7#
zGy@y9eEt829g#Nh$9;Vj)5;hic3%p~{V16}Zv3AiFx$KB>wgQcLg3J^jC@KIS4#@@
z<3orw_(NV7$)$1r69B(*f{4y1fqVkR#kRseSC<iSg42fCIS|g?AEYB$c$U4nR$zto
zPWYdOp*OMK3FAlaUKT1=tBd>dEhJp!4jxS*d~~%c*9#}rG3!+F07amcMmF-n@HPe|
zyDM*Pav!YKcqC{NNPR_Il%rQ(`0}-p_Lt53occR{nGvjY2D0Xtt@AZ6XUL31ZE2pA
z8NF%p+_76KZ7cI`*+dl}>j^`8D8lm?t_{7H04EC*+1kj`#cTX~PE(;3$X5-QR+slM
zS#k5bhyI2CxkZkKE6>R=?$TUY6x0mK27?U?-Gq1$9>6wAzL13$rn>*UGTf&B81C}u
z8-A*ESCR_iUwPr$Ib#1wee<7vY~{)=00&*(%1IB^)o(W*o+r#95H#6208XH~9tIo?
zf}Go`0GsjX=_GK!`z2ka-s>~XGRYr}G92c=@!#3I^W*r&|1v<45C7j9pvC;Zruzd4
zyJXK@A`@rtk-LTQdH8@iPVdsu0zhNn%42qHsx`O@<(|?Qx3gjLxUcwrOC?o8>UN^G
zU?*+l`3Woj*-48hk`v7vlrNo5^dmIW-ep09dyGt!34R7<78|`6nE@CP#^8*G?L70q
z)e$W{RZQdNOQbmN(6N=F#QF~xAkY5Yi1(Fu36s5L)DC{JkTdCV=F?6YV~nq4Cc}hG
z6Ebku&6$6Fi&#}?{M~=u#J?Bff4T{z?SH!osGru{LW5?*RkrZI?gRhU^A=8@C}9q`
zYGhohpo@|jh@kbsnH32Yfg4lnWxsq~ZG4UiT7k&`b7VCJ9Q2)46@Yvv&LYo+w}q2|
zSYI+o4_nYL_fDYPT7wxS6L%?t8I#hI+%g{^yE5MHlw+BMhatiU9tQ_q1;mPg7OC?f
z2$S6j6jy_?IS_tjT4pYGc5pGl#2!ky|0+m)-&^FLxC+Ps$)5ky(8aArOd7e(YSm3~
z6?#Pf{~daSFfsHUZYwkf7%13|7vz!S;*alSI2UDk)v&9k#<8?nyd8duco&z%rEDxA
zsiw@^!n1=gJ5lB9JN<$n*rekI;W>>|XmslV4TaBd4I>F}N%~fVYV^wu68iUKE(rO?
zi~4uG;%+AAtp}q;8{VUDJ^cr(F?m%swk%j<YANR>yG=L~od!LXW|77giccR7TKhom
z*VxlnJs}nmP=`5zC%R;8yPtmSDBqbTiMf&m1+ulX3#FZ6!EFasJ4qKKa$MpzLiC)b
z*;B-6x29h)4GFr;E2Mcj=bbSQ=bztq7;i7V{GcP|UP2Y=jdMAcJN!7iQo3NfVs?Cn
zkh%nDz=lzU-tR0t-l%swP04s`J?b_t#@Zn#nl9P*Pr~(qFB-7UHALGpwLVj1-_C3e
zqv+@x4@2J4mV-!FM@7#irL?r&+}hXO7=4<wi<CCHIQ$9pbM<SRE`P+jtgCm&lyoE>
z=@goNpLEev9m;9Vb8lhL;Un<2k4*B$Y13|AOWIk%JNbJ+@}7qCNF+xmBJ^}JrhR6A
zqrzj$ho0O;6;vl(Dahnr;!(xj*7^rWxbA~%=1n7sxvYPnyRBoGAijdtZW$Y=Y2{fc
z1`n{C?DZ-+4qH-1U7mH*sRr&tO&88BfY>Mg?6*A%HF!!alJEY$PhUNnRa`fhX8YrG
z!r^48a*_LL)kKb2vO376jscPLpWxljPY<fBv;4y=Qq#bj+9Q~6cx)xR`zoPIqZ2=?
z!~|zV_ac{bzZvHhqkVta1HIbf-U$&fV&-Pox{J5-E&7)H@{^+SjDTFfoIvlLqs3Vd
zU5oo~-o|>X1RgU{1U|pDdTPmF>hUKm`g}3qciz5lwO(eSbogD&wZS6j2LK`$9WIGF
zCYGkY4qia}G~V$a;AjZQ?lwm@n#hPN+$bYXMF>CoGH4~}2y|qVk&8hTr!l-ALKqPb
zW&;1F>5*i75N=sJKhbIOaE*UXc_F&ZEuP3;#v07nc*~5?{leuQM%q~5yfsuW-Y+#S
zg=brU=Ii}o44NZ^Nv0HnfeRbfxx#WHfN-W(Xy^E+KVv(DptA_bvp_T?6)e$$bmA&9
z8rfPl*F7GRhUVCg+UlMZ?1X952QG|BF3o*6Z69tp;^R6Q3fypQRNbF$qb)lm7|76M
zS8kKtI*rZ0raz_rt%#8V?18goCkBML8P}cjV#!X`?~HhK^a_b+0)ec(do~Z)2-hF(
zm@H>Q=V3xu=iw<so{3C=+Km2r@tE~a!)4V?Lyu1(IlspZlbp^SPHaZDJc`GX@%*{o
zcpv|ex%<RHGf7A6`FQqABD@So!HWY4jJ7h@VJikw>TH#&`ExMCML^QSBEtUl!;eBU
zrPj}Q%8ANiSE-r$zT&+*h8|%>9pj+xbP8Ie2G;n*r_W0OX`~Vu6Z#{m!avK(m)C;>
zS<K|v5rHo5IR%f|$c{%}Go4+x5bYh)IUCGPvRW1RFkZB7m-dH?U^w^Ble-5S%IxG{
zLa)rLLIS*FGUk)35NCA86%N=79L{+Dol@RqOzxr1z`US;wfHX}a*}9ID#7v}Af0%X
zeU-9c;G6Vz=K6}Ol)?sv+xlIaF5>XY)`p6w0!zzbt{~}}PIT$G1adHK)ak2$v+VFZ
z6Wea%X3SXw(nJ%+(yrUDxwSg`)S3f;R5Gunc8(Md=2!+1sOe#m693xx5fxnM3ZjK1
zivN$D5kP==;)!x<|H~2;+K%FZ{)2eYa>>c~e3`qTyZeUM#-!r^0w`nRTpo@8=Y>Lh
zf8>^!V1j=J`AvHa#rX=QlsurX%fcjg*VOBoes-zhjasNtED{P{rCw0K#bRWW6~<+&
zO(mj`q5x`@Tb$(sQVsOlth6gvOZ7ZUbm`7?+U^uDxDA+4>mY^1#P>%Z=01GPi9}*J
zAGYyW80`2eiVeHwd*W^R{>o3<;4YHai+m*i=K_l-U{X%*pvW7|<BS7W*xQFeOuqSJ
zbs%F@|6eyeh<ZJ(7m-{9|M5!?h@(pvX|cykpWGp$76>!fL1_OjG+wXWFl!7iso4_5
z(Q{S>oZ$jq)25Mk_pJQtrm}W`xYf(Bj>leW-)r<h()<w-d%(C<Vjt_?vjE^;dZ8AV
z`;TziK=!x~WK6WdK*Ap^GyjHCnCi`M(o_ahMNIs;FQ0nDZYs9K?NrQt1xj>_Kd3xE
z<oP5jkY@TShX6I3B@M(We-s98Der-5`8@9>*b?0X{=Ee`9xsiFAZNsZ&XqElnZ}WP
z=P?U!ij?nB(b$t`Iu*3Eplg4B1Dvyf3sNVes&^+xJJj{5fM<OrX#)h0+(&7)G`6lR
z^Xm}Ti6$*bZQ(;qx?<(8;Z37^Xvj!~3E~P~=nj-_V9@0q40#>QB-O2cI@s{^zqP=`
zqZ0pG#$1P7_jFdIpOsRXHt~NlH}yZ7)9uzLeaI~u0T(RmG<xIiyDkh2KUEY~R9HRG
zcn(l40K;cZ%Ho{?>6%fXb+f+U`&%Qjv;V=XamLg5(Q8>RIm)>y2L7w^v^m>oB_CR(
zo+eMhrTZR;(Xo|pDTaTt24x$tVt%Lmum7`Rf8Bct`WvoN9El@PJKvhBuwU+q@;rS}
zZ~+v2ioJd>aMg*ADjDCx`oAQ>ngzIbgrh~<C;L-II>g3{jV7a0x}=1^Syo>6V+Vb>
zJ2dM$TR<8|1_;0!OCMx=)^|Mi)LCwl>lodGJ%0)B&hTC;*{U(04n`-<Cy5FJc&rVh
zb_-^9=7QS4n6Q%aH6Xm8&0QVU;lTpBmTiaTwCq-gx$Q46{KeH1ge4W2^gqt&Hmce<
zco>I<S%{HV!?Hv9qySm-Xhhqk8HW#a5~jO$HrDH%&u6$!kW8F!>4?5$@O2*U_lAR8
z6fYRC&m(zo?S<DVs3`pg;zP+%`Ct~~j*&yv0caf^-QO550rCNql?e_O56r>PxQP#n
z1fYeEEG8Fptff93&aQYNBManP>`};I-9mM0N~>65dC@*+)o;{Y!5B%JLO|8GTV<~Y
zXmS))_UAlYiO@3?XDjcLPgJFa_A)Doynft%1lRz5K!u66yz0**(D`1fU&%n5(FJ3G
z@|ZLv05RVVhl2}DbJ^eHH<QZxhF~fw(9ewpGQ)Xg4=c8z%C#NT#oZ0AH$8(=0o`>x
zg3lXB13lIQU{%@iAD&6!^I(TwzU*ZmF`z<HfgqgdQXs<g%0dS)osvLuEX<@eO8cpM
zjhUnS4eb2xuIWNB?G)aU<jyJhbbx7&M>&q}>le1^ZCG3ran&1o*X4B#!ydG@QMUlK
zCMC;~PP?TN;+vt<5jm0+aHFFlS$sc2Mnf!09)tIK4&?NHHuStD_FOok-|)-2L07eH
zq8LXAyFwQbCsM`qeU+eZ+tdTU^9{$BR3y%_z!hlA>;na|>y*#AuaRdP$#F`)I9ucN
zj;ch1>q$hi{xEK$3V8`+4|FAOrjpC$xdoX5itG~+JJP=oU#ej7b`sgoHMn6~SslRN
zSV~FWP(YvOI6LYf;A8vv%Zg~JI36XqDb7O|ZlGjx37Wloq32zNP%Uz+n-Me?OZJb}
zK%lqy$>N$6XyJ0O;_eBd9S71;8y}l@-n!Dqk*|E#I8KUm6wo(uQ?%=nVlr)cdH>+o
zOybj_%ngB#p$w`x@t%<t%8stbzYKkM8h=79d<rRm4HPV#Uf|!=<#WHN1;Z*j_kqeq
ze75&8UejjjanY-j`|9QC>e-TMpzD#1*5y1M!g!)+BB9rh$}u6Xi4L~_T$%kzeX~Zg
z>`*ru(66D}^6~}aNd0ty>jVQ_u4FJd@AwZvjt8sb5F5PvBn{9A2dYJgc_m-$`Ph??
z3OYO^J?`a<o7>AI5GJs=zX#U;1DMP?23X%#8~i*&R%G9K6|i0z+%;`VYP~pl)|VqA
z17uNSCnIJJVt}Np0wB*60IT4Tqe%|(3cICZPb%}7_jq()xO`9cHzp(e=D!HRyW`Bf
zOTV*v*Y&(9IzK%sBIf`(BVt92V5oeI1)Y_K+MYaCi1xp>HC?IiGxCOmZUeHn+OG__
zKcu6-w>?BRiA0zptyanwTKy%QfU-7!+iG8O9<6gjutxT&cc>#q*xqSY_nc$Z1rnCm
zz6;S2i+<wixZJ$kO&cmmovzFxIZ0R?KbY2`lQ|OSx&?Y<P9jspOrKF4OL+czBo?4?
zN0bL!EUM}iR+WwK;jhP*q;b4o2qC;p>nsP_5rVf8h-?3gd?Zm%dQH^tn13)!BGvWy
zb%qVla@B2cwGe4`EpS>Y=Kl0@wm6Comk&d@c340(mKj*EXX-R9Sl{55)SwiTo=!vR
zpfP$2n+d9%Q?QZS=r^6T+{JX&8wR2B4tO~253p{8FlB>K8_}3dnihlQzQvmD4cc+n
z{ts909ZvNh{*Tvj%AqndDr6>ml$AX)GE<q^D;bf!o$O6^LW(3J6tY(cA(5R`R>na%
z_V0eZ-|x@o`?-GC)zu&MI<N5@_w&9V_v3!tBy!v|X!OY+m<N=2=&O8B$(u#-?X6_a
zB0`=vB9uQ%;9xks<tN9}IzwcquY+>PmYaMeBO@j^rV&bOuEK{E%LmU}fk7YKEQ4+U
z#XIcu7}OOOkUmgvyDBvHk;wPDlzA(LYKPl7O4fz)LYyNSsn9GN8+YlItj?%^Az4H*
zlXof1SA`sn#(p3_!IyBZ7+CPdEv&t&Lrf_os3#{p^<OETtA<rfAjteEH0R!wk44#E
zW=vX4qsOG5Qb!ip4_eN<Z{kOS$bsz}$cTet?ZTjGGAWkYvmLpe{LxBNz?IkP?fUjg
z=?*Aw#9WR`B>?Gmw$c7nMi~Xf{)>KiG--?@gQ2*Bkr{>(;Aad02hLZhBQ5|<pRrc$
zC*gh2%sPdXVGlBiLw$^FAR$Wcl&s@gewKG+n5=mS3`!qtapiPDtCzrzBD#qD5c5F3
z5tQC%<D}mb$a()=kcEXlU|n>b6_Xa-csbx;`VV^>P>m=_aIzA!ZbL>kf=T8zj4#e%
zp}r>(ilkq>ldL&6?L}lfBVC-|G)A8|Km#<#z)c4ysf46o<W4uITIhUr#N3w7yDbk3
zc>VcxOBNnVC*c{-;Ey+38Y#~&8L>AGICO(92x-Ag=++WT+8(lS+{TDa_Lk887!(S;
zCDBis&nw?eDh$G&D4UbOPX!@`^VQHJ_ldyO%Zk&_8h6aN`|}tZsZX|!S<Eu%ECOfn
z$q7<)qpJOQ3ylp2d}t#9ww=L8&F|iy@A;&pL1#ZUQ(_w|zfcej3Jl1$+RtOAa(~%=
ze_hZ=t6{Z1^BHL!p>ZXG=SiRq#(ttY8By1EuRVa0?E<Jb&zfeWCqg|ZYutPc`+eY(
zi;af$1=}cgR09O=55KQK6^c2lviS!_G6nQ|?{qO2Yv|yhOcus&L4l4|IMLe$Wk#Kg
z-xYhZXn8O=*+xoi+%&Vi3>0Gz<oBJuAc&Kd;YOI`Crax;lk4>UJ&a{_b3`?$s_9&C
zhi{WrJW<;!b$<22&)`(qZMh4E+^FzRN?H5xYDA(J$#H5^E!K26m#slvyXz*;DA0JO
z_aK3FQS32mGRGZ7BAeAyga^voB&+4D+hRB2R=U5Cn(n>rl|LWEhDvCR;dpaxJb^tv
zTnkvTqsmI9a4GSSlc2(XdktzL85czyi#)FPKVyVTpsofY+eJ+Fs5)1;pZ&L&A-2|0
zbqFh8F`70<a4@Z-3u=RICtgvfh`r4TOirf2WFO1>Nd$9$d!O^60ziQKFX*^`1F@Ec
z1SN)qdwz$ToIKvqjX-f5Bo6*!1xH}8{1PH^*<sFTGNzWLUP_Od(!Wz-um7q^4~lCH
zrdu~Rj*r%k-+=zUVw_Sm4SMQ(s*!v8iD^MpJ?5Yz&FOpRQ?@fmMLjR+oo6)YaoH0n
zbEt>@VEg?FXc(MG<}(2qO$mE9FgFi3-{Jb@`|`NnVFFW;?@w;LEb3&+=oyi$v7FfS
zG7Z!m6wp6POafNDMxZ3{tzPNNh!*}fYm-y{+_%CF>wi5}MM`7ZPFxKQy@a*N@(P7=
zzG9M6xvYIgY7E;i;#4v$V~-<$d+?osYgV1PI<;qLc<DN1>v!iema@LTH*1lJ)jUll
z0c)3gX@*VcO|Pm(d7I)?wy3jQrhkq7h@e~l9Ml9xlX^{E|7ITLf}ZQm))duYcv27Q
z9dBjvJlc(?Kbraiv4_bXFaMmiUONdoF1%?;cD@h}ZGe4qC`3VHa&ufa|HUS_PKirr
zP6?ABq(Wog^_yPC7Z++|g}uN8EqSGbx)s&Nh0uAn%3Vtq+$*epsre}o`@VPh9SlQ`
z#&PSIG03w)J9_J-Nmv+#!fIe5U71gi*MLyb9!MPw-fH<cWL)?x;P`OI7K9~kjUVk#
z9=`@hd|~-Vcm-~QKH~TkUjh?`Yae7sa}Wt{0i+tM-{GP_hV=!a1{9yOD3vEX;OqHX
zkQZQ`@ZJ3C3X0zuLj31`v`O*pZ~e)yH(+erjTK+jl4SJ1eCaq3gSr7Wy42&$c<abH
z@}rwssZ(s%4WZP`)t$>hUm-BBF|LAs_cl1iZ-b>AwJ;Gf`gPtPZxsY5Vx}de4{$+y
z9=Z4Th8m9Yj<}C`MTfV-AlkUiI(FJva9xG`lz(`#4@Urt6CP*wxeI*k!b@-}O$;`a
z7}e;Qg<h(~Y2s~C18fK5a1>|6^%lIgM{Gh;3&x`xyP&)>&VPSJ#O<frFRxD^u(dQ;
zNb@yKKpr}o$Yf}s_!5Ljrkx;C5#6Z`zC7bg#c{;kXgsxlChjjU1`HYy(;3x}@^)k2
zcxGBsnQ(oH^YFF*SaA%hnw$(I5^vjTk|AdVGw6+_Qf!GDo>+e~T!`h9y^3*r(wNHp
z&waoES78G&z9L%5!lzEkGXBL(Q3?sm&onGN31}B%Oo*|`A-r`0xs9w0Szjz%xe|XX
z=%42t)Lni6aS>A8mW*8hk$YllRzf@oWL$mpvlf*IcmC&vpw^2SXN0|XkqWuVlmrU=
z)q8T67cV`kSrLYf7>8znTmSQfMj<rN$xgq!&J8~`Q+fe`#&wXGHURG)O2|~-{e&|6
zqx%Nm-p{hkB8~w3&WZ3OIevAD^BpnjiA)FigUNbHhvE0KRy|E-d?2}c+w4Zi3znPz
z-X5-|gsUB2ayguVtFMwT441ON+o(tED}Mq>kO7VfQMY@D!|?BmUx62&P|zKv{`XP;
z4FVZj0u<=$+XGcSU>L~M(D5Xc?BYM5+&GOO={C{7b3hveBW3aW)>-7Ei!sZS4cVaG
zcnewCpogDam~Ng5k732ifI=Dv6xao;BW0|2$RP3CsTPrm98wfmAY*bm$0hFrFRt{%
z?Pv;cIew9Mr1D)xgitb-c}y0bw%;!POAX)jbB3o59xZc%T(8zsU=S)n16dN8h)~mt
zQxI?FL(y`<xed@l)6V$CSF>E^6vX^W1O>lSR7<4gfX^K#!z0><%CYBROfkGDm$~j7
zP>AcxlJps1?D|iT6XZ+?J^BR8WEdGy(q!MS1|cKDN3K`xT0q>j2n!fWdwaTy^Z4K%
zI5I5!wjZhkd$!Uz?p&z`A=w2uS^oABFWw@19|yy;pZ0|c89{S2H8jJ3IQe^p<HU_t
z<&M5n*eMn#L`WCJMqZqL24^PK+n{rmK=QqtudPasu3~0HW&i08H$ujV8Vh_ugs(e1
z${vagKLeU^4lzNXpz7PjQ~73a-z4DhUf$<-_X<<8VsoivWv;=*3K4LAMMjLDJWbq#
zcfx(lp^5H!^etE^yfUWXUEc*S4lFveA81)1q<ez~e@QBCy?7WE1*jsW9zdV0z=Sv2
zhzpsg!BjfQn!;ZA+e)d~2ld$tp_d$|%u|M$U}$-n1Ea;_BsMT`f*iks__?sJ7UG{U
zMA?_dC;9cMlag?sp`ceEkR5sQrs>~>Zv!PJ(rl|G^?OT!vD%?*|E@<eR@fbcw!&82
z@YyfuPv*9Er3t*sZ5@a$x_<TFOQxuiB`c>h`p;hbXIEj5ZPwHp-#s6dK6w7gvV)eb
zg?*FesX*s>PPvfNw<6@yZ|w?RFH|ni<-4e55_CR~nOV?A`KtU&>15^brS9WD#$Is~
z&f5q<ct^?y|L)Jy%bxxEKl(e~y+0eaifkk`<;ZCTEyF)LjQw~x@FqcPw%?Q@E)eZM
z^R+;c6~(Njfdbg53?kf1r8^H{-k7Jzp~f|2JxtG6h&<d1MS(As5HC|lD=;phMb%Wd
zqX8Zm&hlBkuyr(;g9(>erl6Jd{s59OHp2b~_+cUKl!(A|kSi4;J4sG<@-hnQ;y=I!
z(f9VQt_lx?k>o||6zQ2=_WPUg5xite1;*Dz%2Vxs|8|JN_5bhB)k`Od4$9X12jQKF
zlmicb{HlSTMb4;L4S9-xE>jkUcl#ndd$9!Gf*cEW;?s-}oN;BP7VVMI7<g9Ft*O#>
zhHH_g>d!?>2khLin7ilUrjg7g{x@aNoX;CUOl~~&Z(oi)*EsbB_;j+%X#98;xCP6g
z4irHeWM!pI5#OlUX*=`+exUHrA2~Lsg`BWaXq2?_=2a~57CB&S%(rAv(l0%?oWQQ@
zu>|hC1Asypwy54U^=){MR-%*r3t28bVih2G*BbFz@Y)DQd5V23+OC#4z7-^KrwC|V
zCPDhC24JVewBS%)6fzO<9cWe@rI)*qFx=J%GxbUOSG;@?R2ML_{PX`XE~@ZcvwR%_
zFq{95UHEzIY^-<>D6LzyUk>oit?qNV$!G}!#q{cX4BT{GCQxsrxmnH*!aIpHu1oM)
zGr=dsv7n6d5fK5_;7&>Zq5yYIw>Gq(!m_gPgV+<Of|oOG@YUj)SufRva=|#Mpfn}7
zlD=k3Pg-}Uk$-XgYfp}efJLP|?3xI(QACN~9(%L`V28WcYVVCdMS3E-+YvAj7mx>y
zG!b65FDNK*w*J(uej1rX{;rF!FsvNdUg_iU@WgxneGS%<nGu_<R{pLuQig(z7DPRu
zH4qn(;#;OjxD^Tu?U@W#Mn76KogZOD-Gs5)5`@8KJ&OgTXA(>nu+Dni4Cnt@)bPfj
z0p%fpf4+H}5~~L{zN}i#WC&9#cZDBh1r6VuVkvjt@?H>BoVW_R;xy`#u)UM5V8HJ0
zRKf8))tihP@Bo%xJxO?kLPR4dM!iFNP%NoWz(0fsjzq9$J%9#I@4st^tBWcyTEhgl
zci-(GgQ?TP#1n5mvnwY0tuyhzGp7P$%#?pGhyweI5izCuIyxzm(5mN)fN6~Oe@pEN
zBfKV>)rc8J+z|cv@#E!4uHyHArH(=si$#~HKHM$d6%8#~&J}_JM}LeVL97w7VZ}wt
z)L_G&z=FXaoesOqtB9;8t!cD|*zfa~gdQeEF5Sbcb({b@Q2+B3ykZs8d;ddkC?<NA
zmzVcB=Bwac`1v{!Xx2|`Pk5NrfSxu*!2644_sQZL<DzVzCcyo`Xn%wNv>Sx_tiW9=
z2}A}$rkl(Yq`^R^%!@Z8_8CkQY&gBNQ!qo!@LTq5-<eiFz#~>b8|yp|vS{<@LPY+D
z3xKR)><MHhz2Ro9r%sZ5cV8VB<F!vl9{A5UB*6c2J+0q^LlvWJ3Zh-^@VKa_$aZg)
zI4S3fG%ka%QL}rDlYlZCv2(qpidRw2DyAS5$4fN_(OePuh|XfCFYv(VNg!w21Be8L
z=qMjDYkfoR?tOZo0qm4ChH<H+X7xtKHJex=$8o)2WdAeH5!p}HPXM55evpdtg`fPN
z7rL5&ghDG2x4(zYuJrE@95HZSwD8vA<Z2dPM$NQYUwD=VPoZ=%7UCoiS4Dw_a@Y!V
z`*F6diH48*X9)C|VB)#1F^MZMejy^O*@LKS1n&9(HjRpgd<)Hgm-T_+4C~SGfb9?*
zAp`AD?$=5NkbqmvFL^JH92v_6ijJ<Xaxi8iNQgJlvG7v&(Pvnif0E%jZ=6spO0ge6
zN5K%xCg;B<kP-EpsSgC>bmP}R>x-k;!nFjG6b0k>3Abqd|Ex1UqY+#Odq8To`{YT9
zqA+)9VWNrUOJZ*_ej;*R9{vUnv(14noEtJ|ijYR|IvqJUICS786)rq&BM*Zin04y6
zEW@;lpKNv}K6AzaqVsjB^CNu!*){<s*dcST6;4OUm{a0G<?g=k5(vyw`n<T9iOe?q
zxl4vT6IJ4PlW_!dwcW4mYgHQ;>WivrM?8~alN1H!O@z!%Sal_srKLOQr_qg|t55`L
zvApe)dE<lsOlJa7?PiZSuhE>+Wxu43mVsgOH2BuDnz3q>SOrELJQkG3zAi%-u1WwA
zuQbPBKaC8+)nplPc#)ab+MCo?S$v|5Yz*{0$vbF;7vYVtJ!7i&!M}=(MBbD2-2d3B
zMC;m%5A4a|+IPG0LjSGl|5i3H?A+hY`59o6Z!ya-ENDvYwgR}tDT7=V{{c-*Ow27L
zBxKuOg4Lx%jxmdptecEXMBD}+I*O}ih%=zS0f2ylOzm%E!PbV$@T0dU0|GqywgHwV
znR{%+f-+-)btRnS9S{Gjp%H83yZ#wwU&L<oL&3khSDUg5)CP^7Vv$~E1!50y-`L?7
zesfE=(G<@b0egLD8K;GqXRIYVKj37u?^gnj_a`lta@Lj7Vc?Rmh2rGO3MgN%gn55R
zji|Ox+o~b&Pe$>N<!1_`qv)@zRzY{l%b*%0{=(u44=fxIeK>G6L)@b{({m<*8LZuZ
zBhrNIMo-j09j5gf7Lc*dt6yTPq&GTPX1%VK86hi+S#B!T#9u%#D#2Gq9sTkqEE$8`
z!8i=-RV+00YeF2J7q7m*N2dCPFZ$~C4jfBk5J-3JFi!BGtiZmSoYt!bV`s{aMWpAG
zZT~q#!ez+NIwi&qF_%Otz=WQ5{>V#?#laMlk}65wL_ZB}R2P}Bq@zPjgO!yP+t(@~
zEo50>l4Zb|vhUATaR;4?uszHKJIV^q8j~yctM$-NGi0DmpFIexZiB`es|Y5>82JYH
z^M4kd9!q>?CQpf9k$U7ZvW1bcHivQ8x&;df%^LV-@`G*SV3Gcv+<$*6$0&1f*q^8R
z4zxCypaqD+i)FaFt4GZvT&ACFxXda_bw#Jr(dd$tuV;U>ApsR~LnlhcWPY2}Bk*{`
z_P=>U*>@0}1jfYhUlc^~M-<Kh(A{MWBF394|GeP~I<#Ze^y$Jo`LWRWG>=a6+dF15
zWDQP<E^?A9-$LDatyT(MRd_kti)EvbwI@oXMe78D%kI#cDhxFJQZPx%GAI+i(EoJ+
z*|R)fzWH|_!{4nOa5vFR(R3bE0;9~w&)~r5Lkp94ck(q77UX)*|2q;V$;0{KIt;;&
z*_({Um|9q?8spLsqay9^+M-6vVEf6SXF?kR)+u`bz7JgZ*s4<f&^C7X75=%1J`akV
z2?rTm1AwYnHtZ!~=4H@NGaKPlum}6|&yl6@6c#e;;?f8+86g^JAtk=_=G9E2b~^Y4
z;6SOHLI*c@=o5L7BYaSS@hOZpi;8Y9HI|m0-?pFi(hb))bpVsOLs-&Y^-)mspEt^G
z1Q`_T`R6XNlzR`E$v9xEComVzN6JJ~dj3jKS_Y5E)$nuv^T)TM4Y@Y|omu$%2^;J_
zZVn@M6p^ASB%R$sZ-30Woj%o+<-5~=SAn?&UvlTb?(cuwh7om}^}W}ob<NV-LVGwM
zZ!h07Vndv1%M9ljkpdzu*;0Vye?X=$ckV^gKeKg{LKK=JIzT%KckttNb1y83W0AY!
zem#7^Jf%7XLR23I3w3MK_MxQC=)Wg(hBq2{Ojv<<XypX_MP-StR(FLDi;!x$n2kBO
z`2vnv#c{uf58pzW^*`pC5evpw9}+_E0RE$T5K^syc%~5&H5W6G|NrlgOh4F1&1#OJ
zz{C(4fB$;K$3XCBs<K-tDnp`(#~O)P^5sARl5nmJD|=tW_QrWVO=i}*f&xgwZ6-^O
z6EHQ7?{%>2kYNJn4W4MFudn~3^3i06$7_bCu`tQ~>Yq+OKZ}5Jj{v$2<+98JL;*2Y
zK4?$@|0VUx#BXbG_?iawXGtuc3eUmeOlm@aZ1V&eGqZ4!C1LV#0@R*=RFDd1L&Vru
zdy#8nX4d+@1D<Cwq5>!vzPHa9Og-A))Kt%hRd0d@Q7tPlmd8Z_$45k8Eh{<ib%P(^
z9h>Oy#KG};t@4-W8Ia_(u2~7~)};h<(*fF^T^${W)zJW}!<o_uZBb33Z;9YzE=X2?
zGLMOHTBE>|pDt?Gm4Nw;%qGxhL^&g|hz7fcb(D+>y13!UTYRl{vk0OiB2s0P^mM)+
zK~kgUTaPI?kt@J;V;f8p8ty<&BsxP$eHf}I$b!b`#>Jk4xhWMOz5V`)Ya3)sO8fvA
ze9O;p>gSif5VXHwcUfCnA9}7Q(@u%bIT%4Sa@zHMq4AW8(8L!pJ)(o$XFIBVbpwDn
zn}Z$Ic<XHUJ^}G-E);ve#VCZF2(v}f*BQ`BGZVa}+l$w9ZX`6uC8x*JlOxBJz=u-2
zskYS-SZv`3eJ}K`YYKn90ADGZ!Jp2BV!#d=`+U9Ox?l?F8pP@5S!{#_JCVdb8OVl9
zeAFXkPL833%lWYb778zzG0^)|a8b@hqK5)cwcb|H`vwBLI8H~mE2s!0+)1#$W1&Kf
zLNdFM6TQaKcJV<xe9AE~tJDdigVyX>a~9UYb$~le0j}2Xk1--3;e)&5HU_>cFup_s
z9B&6Gk+Yc?A-$`X!hYmdnCevf-q|npk169D`9zvMeHwAoEe>EhLRpm5|IhKKkZ{6y
zA35qH_8~FN6)D+ntqbEW##hD}4KvY#xhBQ11=NWVa77%UWu?0>EjO1%3as94jhM5P
z*Z_)-FJDT#yVY_8t`YgxohH(RubIxT$~_5X4&P3bGT0N+Imu|pngo%MA}{PTa7TgB
z9F1FGwMcp1A9!mjRZ&?w&Ijh&Svuq*_*DNJAv0o7P^0U9?;N{Y8d>Y$7q<ws|KqP7
z+Oaw)X^woOAZn}=av~Dml$1v|tC_aP(*JmSk4qfHnjD}w-OS(HTtWjSEiiZc6-EZ$
ziNhogIuQ?N1sr+(0oAYn-y1EXjs3RnAxpLSXk5YT1={~*cW&EsDzZ!K>B8t9hl@Wj
zgw$HD)eCGY0$=Rn7ahqlTqid!{~?eR&85IMIrralR)Yt{vX}V2Ht|{c_~V1^9lMb-
zt6hfNnnYy8`ZelKGuWX4wc*+^`w2bEYT(Q=|5}??uJo^~8Il24RYkOY-DL1t7C^!w
zFh1Ol_9;1~h-*<XC;tPYR3I``rR^6R)flAm8a+*t8wusXng|<L-ylJNjOpAjmgM2*
zP((bq%f2{S@dI4T3TP;AtNL`O3Bdjqu7S-Y|11HrD5C)U%GXc+xz5Mes~E@Nz}Ik4
zmY18W2diWy#n7>IVBqd0arYuF$E2*R)n<`m$hf~0{Bd9pC&8)>s6CVcI1g!+340J+
zB(asKE||fnJ-hw|c7>Mn=~n$-m{Vah!OH)22m&#pC>1^&2a%DMmMPeC(#2#<YGc4m
z1iL+)>cS8PgSmMR*jIax^sz6CIx{oFrAKh?>wZZJITOOq`{~!ym)R5Ef8K2a*J2dh
z0|#h6bT3><x%|Rm29g)F0|mst;u?VrY&c3&3ZdXeSiy;V=N6&=X{Kwx$`AN_<je_E
zWVA&eK^s+T@DQ#^Y`1<yT4%s6XJnygk{cZgic|81V*8Yg3_FOz`D_2&uYsQHpN<0n
zcv*fGC-wN=T&%=~a#v5!&)-M7#$KPdLPVs7-@aNFbX^+wa#7fR!TRYDjLVY$CrNBv
zczzw^S%m?|@PV#N$LrU$?Mk(1h3)koJPKZoyolZ1oF9u3`MJ=alj*%waQlzQ?Hf-U
zHIvc@L=O<~XDOAS{j$ODhU3FW+Ae)l@+|S^QQ3Ec!e^n?^f16nHD?N*O5gz4DdOV3
z?zLfANh{MgOVw^y@40SHLlLxKeX<X7j{7?e$8}MS0iZ<bfX7X5!|nL4VtbiqUq<mh
zescJ}g=D{7jhY6}eItCRje5DYrWdbA7B8{`zDfn0MZw#O3&n59rs`PGcHpPnjH-U)
z`dlUxEMA}G!>epyV>FjUW&ytaz*St;ECua1{u}4%Q&Iwdf@R5;w6!&y15jYXCo4fd
zLHsS|2-rd+AR}o9M(zCyNO-$XxD9>EE-m|6W~KVc90x+9x-@r=!Bed=!p^*_YMk$u
zfem<;6n95c^7pbuejuXQHap=c50Q|(4~whrT}=FBTF8jLO(s?H5k)B_(SgGAdoi{&
zU|Up<<sc>0Dz@?@=Crc6DN0L$5#DT?GbAKL7*^}NE#J=rB40W0)rMn#k6p;+&zn!~
zir1V#oJ65VKgSQx@*M)}qmvEi0w@SDVy=_uAN?^o=DatR$aM(ViZg>RHEkAQHvOsQ
zC(x;2=E%~@YVjToHW)mp?DuyHv0ktgw|K$D2v&wi9|3^5h!!(;ni=W1K0DUQiPOJ2
z)dXVfbw1rJaS}5mm7&i<+RH;;QvZ^E)Snx%pTE{{{1b9sHX_g_O?qZ|cjuGKeD(VI
zomH1LkXv3d#{u1Nfz0I01T_&V*a7L{$7}f1U>7VxYIaT**(^NX!uN?~7N(UK8%%>Y
zex_E|wG3guJ1Bl8sZR0Tuj>0e6?aLbhsb9mr92Qvg$It7i}>mLG|Lqi&zw^b*LT%R
zB2(>cQq}17Va`fh0rabypcWG_v+Z}vAKWBy)2{TB&3?2c2KHoAhX|gf>Vd?r!~C2*
z@8GQ4Bud)NqYRI4w4uR6*E0`LGp&GtZgk~gc@({x4~X&Je;NrZNFuGv?W+k|xkX)h
z6;hB)R}imCg#{-Tcx(Is<Th;p!ztTrq!jNxsVjFMV0jVtT3iR^_f<ZHFsF+Oc%U4u
zya*zB%zTia?Oz7+3shKAwkQ%a1-dl0SH#;>Uv|C*^`Zg~@U07p&hwpIC9a3Nb4{A6
zs^#*ek^}SyaOOCs8>5Zr^ijFuEL$959|xNuSd^Ba+e)InLdJyEWX3d$z2d;_I{p^d
zK{YI|jS;awpQ6@&UV4WTYf8lWp^=pONihVe;nJ}3)<tZ}s-n>c7+*Ts+=p$HCLq#V
zdFKE;+7SRS?mw6VB+uxINLk4go{2Kb!||+{W*Me-5fVYpry&p7X$53F1q_qQ38xzg
zX-_81OQs*pkk)h~t~|68c+(LScPCnEWW;)hHh+j*iEi4F9-4Zo63fae_JppxXiI*-
z^(WEpeJXtrFdB-YPf*T2e(o23fM}r#oX)+i5CR9zUH-yEOV&mWVjC`y?97gCiNmL{
z;aFnz=<i-XDUG^ZD&ezjPh;KU_y{5*BMhOC{+oAAJ*xngF3UYY`nm5s3U+63=@xKQ
zV2#Ct;Q#S-6MJjo-@fH5<%a6pVr5_GJ;t3YAcIaLcxz6$Cr1+3NZ^=1cIKOz?(=LD
zr>0Y@lL%}^^L9ySFTYsTnbiM<RGklKX0P?|d8My#dK<i)I0oPIh0*Q<dCkBh@LCb;
zKFrbwUf;YJ%eAKlmH;X#g%)OAlt-g5z7lwhr^M!SBBZgvGO$9*fb8&z+wS?9mOrZU
z@4u7nVbM~?KDEceMg15a`|+yM!a>;u4k89z+jnKQl|i5BHE!NF%~{W$Jp>K>0?OH}
z)U51%N<4NiIww7zgPF_&cGIk5r=?R7W#cu)y?y|1uK!SvvD=4#_TIDf<wstkc0SxQ
z@*?vT(KjS#493k!BZ;NoS+GwzM@=~<)v`I8Fx$n}^H}9DT5G;xTwX2=G8>{L5@s^j
zAGW-AnexJ!crUW0UVUOo`rN^SuyN-^u{8Gbn_g2gw(ml|mG95Iyn<>%JfP60#Sp27
zi@|CW5MdL%I*yh*kN3oJbSpnlSNWRVh^Vb+vS(SI#~h3~)_lz~Qk<f!i6hMR^t(vt
zCMFscK3V1bN_A6h$y#uzv_?j_(i9C7&=PYkE4y7T>e{)x?;sp7g#jj%R~ZVI;XwNz
ztSjy0EjWan(fb7kMk%Y*`;94ziP+ct$Cp*bIbM?Q8=qRS`kJ^qtmNw}pGRli=BK!Z
z5(}XH6N9%q0eB6+X68ifho=O;-Bw7TJpg2D6g-`A7ts@A&~wWpKE;Tj*#&dKoM~DJ
zEggm>e|z_lO&GR;aOrzZDj944&5dYFhur!rTfzk?5CYS}hx=dU&~)N2i7UpQFp+>f
zplj*-<K5l>G}|qhs#j=(iMw=IvQtvde?3Qai}a?OtuVc^fs`zoEDqPFB{43+!p3GK
z?T;myy-Vu0A4g$<OeiWFXDYotYync(wi>2ow2b#QAvZTM8S#qUHEbTJ4TA_Ik*e{`
zW(xlz;aeC#z1(AE8a3(MuiWo6SJk(<Z}2xpxB@s_6Z92A?z1O}e5I3;*hSNZl!jyi
z-{F8>_G!ib;{p=;FxYL~l|?fr5jH$geB}rc=1XNpvs3jOXr*-?ZCz%qlkgE-C#tKX
zdBKHV*wA^z91p0b&J>rX6RIvxKr{(@jI`t>&f?MyKEsMAp<P`PibOsfBfecTTH%lZ
zBce7bUMhW0z|2hUjPGxv*a#2q>F5{U7T{#sLt^sgAQPoyyfZ%|1UPA|>3UKyroU%X
zO+AhQdMwr!Abc~Z@Zvh+R3@`meOMgo?YcFE9QP0hR}<KSq2m0rQZ4mw#Be7rQXPH{
zF$C2Es^o7fJO(Akb;KX!jM@pXxm5U0N;=XK8~f2W<}9TGeE-CFWz7FZeIinq)eUZ!
z(IuQxQAeZ5l?|{Z5>0!bubw%%anr}@XV>HG;ur+>=_nmcv<MDFAMsKOxXh`grqDWf
z1$_AqJyVtg6Tz|M69?Xx(K9U}a%DI>xZs^d(~UPbV%z`<FJ?R|md$~BMSTed$ijlb
z@+KPAa2Pl4%Oz>RPYfYhUD(Ejz1*~OH!fBMMZ|@(cv=x1DULdChww8ptB!&0LFKW{
zUe@#<cECdRvN2z{U7(%Lf=jpf19WB@ft-gU<kcJUUcWYwmBmhf@Pq@|2+PSi{u5X!
z#Wi4)MteXIojnrJI6DA?T%cWbo-=99<fl)c+^4XF)y@8QKW<$NlPLjY6~S~e{r47S
z)tLwN#rRU6KAj<nGiNzfy8YAVk#0!p6Ft^$(WyX!<qnp(56jET%%uJx09^!4V=A1c
z<+?gMIp0P`RW$(6Y*cZ<{_B@7Dp#?j*B+K2Z5yt(RbLf@0brl6wHtu8t<aZg$Lck;
zAu>32QkLpyOz>44`L7I-M->SyN(Kf7&j56BLr`0BAk$`gW=nXLjU_AKAvHgG?`__a
zJtW%iH`PO$O-!IyZVE7bXSriIDn3A7d>E=7iU5UBtm+19K1Jf|y#hMSA3@o?`c#t&
zd*=D`WOP@#FCzUyD)kUtYMdD@PR(a*A3g#()f+iK|8r!GSaAhus#M0*RKub+J#?uP
z-Iddy+3PHsy>QU~%_2QLy}0A$GYlTW_!19!^esjl&@)F6Ic;G9Bti>iS9%>1CL@NH
zlB)u8W>4(TI-ju%HqXtVL5Q=lkKA1k@G5r7L3>@C&l6Z@nT_o7v<xn_OP&ib4vv}<
z>%o+pkdAy3Lo3ic5yqamkMN-&cENbnVtkh(J$n(X0({!T62m|V2*5P{mdoU<uYo!}
z2L+z{O6`%y^6<38_CXz_@NRBH<=<v+%~-V?2Ve~xd85$mW$aenYuTX81Jp-l$$5Bj
zcYEcL<&Tjc@>x$$m*rn?+xrv%JIq^L;RWqU2}#ctqAreJn$$)`B+9hhU0M{7c|nKD
zCc9wXYa3iU@Xm1PkRBVYM8_vN&3~{1{3oXwTI}(#McfE<BDO2kEpZRi+ZAaQeo2v|
zd77qVdeBCsQA91jXn+i#?Yj}NwK6s|(b;ScDVNnv8qF=pHR|1c^b3&p?D8RT%cu!a
zi(2=lQ#7<gWIeM&np5B~e>L_O<GH%Y%+}q)7OdZW_L6WnPY>t4x4#%J@ygQM^%6a7
zcD)?|i)_n0JdhL%(#};?y#TS_x^Mm*z9CvOzMD%Li^2HHJ;c>d0x?!&ijp`8$EQ9u
zJJ@ca=IbYV36;H6)DlMO5yy5Nb33*&t6on6Xs<sHqjB`qR9TJe<s$(9{A!!_!tK_u
zdw*)D#M@-LWlXpm>S(=guWlqAl4D}Xq8tcbWCq-V0B8qOP8236-wXH(=$+DhkN9qs
zA7aI%mCD{fM>8|xzP!>9=6~1(UCBGW7RBKVlcON;!hQe#eL}Kz>#}nz`KmD-R{C{{
zXQigEd(QqDD4-meBFBe&xf4PjzziBue}H_y0VE$MruEHn(B5u7Sn@bjX_68zYKhx$
z(eeZ)ov_F1{T=Sfxl2I}UM`U<HIK}++!vY2!#z+NQ|<d_JCEWq%g~gm0urL55DLta
zn0l?hVUko6xrYI}NZeGc@k)geg$no_NyU5ZT#hhZ(apP>>4Kl>KYT7+<5Pf`ce@lQ
zx?>Q<K7^R7X8)jdf6XUNIEniP#&>34Os@vGW~qIRT`yahOa;@wt;rJ7Tf)4&?fM|^
zxR3bj5k8#N^}rM8iCVKF9j$gN6qiu5sC=TBLf><N?8mDss4ocG(qt``B*)mq*!V|&
z?|OyvY~A#4rb`4dMQ40fo<Hv7SUsb`;}0H1d++@({bWR7V&s?K$vMhT1;Byn=$r#M
zC>e4DO<P=`)O^~==XbG#SoZa){%9mq>F6`swRwMUqMBI;xkaa1M{GE`G6lA`$-wWl
z(lSqEA>ls5#<@9eh5P4tJKL_jYmCd6W2~h_kU9Vke$unP3?y3Yg0np?{tPy0JFE0u
zr!dDc+m%dy>e?L$;^f~LNAf=AN{mXQRW}!1Z;da-Dym&M){!WewLMf?nzxJx9^-3O
zDkY1t3V^bCGwIgzn%ZI%JEbH=JmIaI%KMZ57X}SO@X))Dk8AmCL1vQ*<u#w_aethp
z;49fHOKO=H%o{DYF}b-z5wz;9YY4^$NW(iW<L0I-=p)FRE-o|aQ2KO~s`dN^!zp%2
z?Cc=4q}dss5sPivSqj}|B{3~M(WE%3ctef)D$uN59+3Vpx{V~w+<q<bkD{N-OetL|
z*o$&N1~Vf&7nD@BG3ZjLy>P36I+TfS7hE`jiY1mvi7Ec6F?;PuxT_#_pW~<B)Ve%m
z*j`kS;0RD0T%>1DoKGhv+W|m2S-e%j(HvdA<~Qx*ARj>S+4$<D#%%lraY{?m2S19^
zk))pE{fFza@YzyxDmp2U+VSteK})E$=R53~NtZWVTrFIYBR9@N8`M}i&`;(M5SRg6
zi6e`-t~;3EhoQPgZuh=j(^rnahjkyZN*&p3I51BhdRLzGHAB^J*5ISP{#|CeX#~v}
zGYg}i+n{0D){hpI)wwmM(_L=d|2s!2?0lN#ebb?nDY_b2_Uhf-T1G9(qj!Amb7Bjx
zzmC{*0dOEwKc+Aoc{#qIVDpXz&cBM4Dg~$hhYRr45RX%xO4VBA`$3G2zY=}d8Zd0P
zYjOPS^cRkGvg8<pcgYf0h5ECm-SVfKvT^g-6_YccW$PU3<vgKBM}_-}0sB9l$!KmV
zoJkGj>2*<VpUWh@+Uw$*(>m(%<k@?46#(KVuiTc$AcxW~5!Q=x>wAB=^o_Gd5;a%f
zhn)HDfSXdgB)~kj^kXnq_6;RXjMtgL3eOr%R0A4&*)Bxp&9YLrcmPi7&dX<H^b-5i
zSJB%2s^V~}i$6T{wiB_{)>`}9ec@VU=gUW<AHL+}u#W$Jo#DvYnMh|RCwhAYj4;I%
zGtmJ$P2rp@N?LAB=6di;v_GDm@8Tx4f1$-@1O=WAbD+nCZZ4Fkeg;5Q4fl=K&v*Rd
zXVh}2Q5-97K!|$P^|G8m^B~=(`qbxin=D)K1s_*xWJ^r|S}|`v3|*;y&unpUtO}9L
zL#!CrvznA7Bg>zs|1vvD<_mHFShGrC$t3Yq32d>JXP5nt0UTJpmaU~utorSJ*s|66
zGUoD8pnEUYw_Mfu?9m0i(atGR*K|IQU~c_xcO=-c?y`D8+Q0Vq+*~zEf0^26Qodde
zWJ7gh;>S%5ChPUL=Q3>F=QG8G-R(mQea9LCV(H!Wu!l!Jkz0$2w%Gw$)-?CyZ3=bs
zk6MBzbL5M843ZoNhN^ex?$_XFBn->141)V*DKe2{x7LvTFxxN1IzKz>k>9?xp~15e
z=mawy&y>Esm~X3-cPq!p$Dvs0QP%uk&ENh`Sh-#mp3c=1u6JV9v$M>6mTy0pZC`WR
z*;q?tw;7I;em#6!iAt};ctodsu7}&X+&XWpJN-h1m1-m;SWS&;=Bg(`*6LM1Ryc6!
zX9$0C<OXKw%wD7MGie|E1)_!5>Rn*ZG%HO4gv3`qp#FSgY2O}qvB}0R6NNUQ{rQug
z)La3Z<K*d@3>ncPB;hcao?v8#_^T!1+|GZ!dc@{MZy!SkG_h|QZGx>*(k;{S%%LAX
zT(2xw?GJ}ebi<I@bpYnKFf<9CfBzE2bCXbvl=^BA-E<zrMWq53ZKCXyLZ+A|%LLg?
zs>oML4IfoMPsnU;HWH+7LytfAZ#TW%=hAnDEtON~eYm6I>4hKOef>2n)3I_Q#bRWH
zL)c6%l>V`D6ED+^cDg&JLnhgF7HyWJuhlt(ZAh3tazJ7=+5Y(O%tYN<ZK5?_t&Fl}
zMW&lh{nnpUE9kUmO)8b<;4=Sutjx+**zSjW;r)>!mBda+1QZ`m9_NilQWXIIKGtn5
z%SuzCv}I%St7CP+Q$za?j+r(sVKz5TN;!_lGLugh8x{Yt=+8ZC)7u&$K5qWPs;jeN
ze>DWM$70(XU5gd2w$EZNCOfz-;VTLE%?Muoc;~WGHA`&Y7|2~{B0ahH_lx@(hJbDK
zzBm&kObhx;5*zt46N({M7cL8yS3s0QkfRpe$%K2A$wp%KHP#XIu*P?}CPN$B?bfV}
zS&RgXcc2_tv_x{gb2#C(8}Oc>a$=d97%SLO2mNWb0dgD;CubS=8yOi{m5QW&x-EJ)
zNA!W#>&-^ZY~Taw@_q1G{qp#U&-#pm`)o`yWckng%%!gs_s)Iwh_sxfJ@{GYQe@U5
zks)?%g29XRJA?PtF-bx!@XNe@)cM4|Ge~|2omR?<ja-(O3OASIq_v;(w_k&fm(`Mg
zwO+?CWIB9&NF|DuHkGMJpjv<$<O$}fjV`XSj)alz?Xd!33&l|N%<2}e1@cAcEor4G
zUDrZP+&%iS@E0}5U&DM2?7iaJ?_Kp~EgFD2&(-fgUj9>ZC&r0IVsBXxUmj+!;4zVG
z#if%w(i}1t&Ek{o|7?j`eEIDA+38*eYPpBskW94E&n1vy)@a<}mgUzEXm*r21<kb^
zo-`JYEs$RgYm9SG5mnd&j!vdhmV3)Nk@HlF3R8*Wfp@#EQwSVP9v^0(DQKdMvk8C<
zFt26U@zaOtN!>8O)1^oX;(oP7$?eJDi4)DPom@B*KevoCSTFpv8cpnzH%e2Non&&<
z)84nZ>1&^rYTo~qxViE>^*dxzx!GT=FR|brRWS|W-jo<+JRCC8{c^*j=c8Tm7dJvz
zqVnC{`Sa}E>)kGTI}5Koh!1k)%U9}l`k#mS_PwwN=1bZBF0`Wl^cj=oe{qN6V(ZJ9
z=xZAeO9N*!gn1?^9Mwy^)ye^hU1_`I5{333s}Mh~2hR}7Ek+>KQht2E-d-XZ?zwDz
zlHX^$=Vt7qO=_j1<%pkrvEEM*b{zqExC^X6XDO_p3HpFMJg_lNF{KIuvT-QjGP^4=
z2`=IN@SfXB^!Jj8VuQ)AFXf`k*tJf7Lh>5-?yx7`S9w<pp+x$_LE?A1C7A-dS%eVJ
zc|;nvUeEdq`2AqeWT7q))D9{MkEg@RR~iXCym6`&cwOUkyO@hB)*tQW$8gglJwcjp
z)cH}+o#xI;LB8Pg%7BK$qwV;$a?PAlrYA8UphMV4jyr;pashY`34GRz`FVQr)xT3N
zp^e#+m;=X&GW*}1*8x?|u(C|6+tPVvm`2v3*`dwo^EZkC;T(SZ{qCm%Ba&)riM>mD
z9y`oPb`pEJfZN$~R*cRE5;xWHm&}*NP9T{aF|6jy>6zcQo;wjO`Sq%dJ}9gBeaK80
z-I#|McNAb$Gk`@NKRE`HpsU}wyJ5=j-_B(2AJ1Ld4jY7~es9FKYWrx6(`>euR-&8c
zaZAIc;`i@M66)5tGDTa>n|;41<Q~&BZ%{h}wydh<Z7ZmpxV$yNP8R8B2|3;$@!E~(
zy)2&6QqfvAUmb#q!URC}0Qz%15Ad&t2Gu>8fsg7{KAN?ZIqYuSy(G%t6@sSs_r&t(
z#jm<Ezqe_R%|vAr)Jgix4L@ZQx4`M&b@~aTq-*qX^Tc{zPP(JW3-=WiO`J)kBX&&x
z#iM|2vd&!Ue+P;FdtF}Lx?+Og?$)375AOt5AHmppUs7O{B~k!akyCXXoK9OvlvYs=
z(iPS1Efq#-v$Nn-G7c8=vqv?h4}S@kL2Umu<QKYZ9vtYc4B6NV`H?qjPKNs}RgD82
zUqkmg&-kpFtmkgf*O#+I2ZoMcKB^@4XYSN#X4CBtHMm=UTb%H*p{B2$v}|XpwHp1f
z0;kp@<ilQ1c-zHx-49AV*dB8!k`3}Ttn6uMWLF3yc>g^=e@tpWZNf#fB8E1>_RmoM
zC`;V3)02_x#`af7ONF+=&gP*G!|_WqIB~a5H|L$;-S>K)(3sL<Xu6T$Op)LIeY;`)
zhN}wm{i>VGU3_;|!Y+6GNVJJg&-FN3PQPwDUwpdeBppR4A)%)}tLOUR(XvY4WM3LX
z3ff;yQ`0pjDp;!siis2%O6fJFY!}ba7|cyIrAV3w{~mgGX`+eE=}|&jrDtOv?SW?+
z+lU@7prHqkw=Q5a$niGMokNWte_<o{^!B{GNOUk{JZ4=`Fzx4FB=J?;vdim4bLap?
zBKV=^J$A~kB7?P(8cA(AJ6-Rv&b?DReYfv3Fb2@Z6N+&%C?elU`G#)<dfQnN*fshx
zo_$L5V-n3NpD=riNppQ#Vgz2}M3-&4txq&dtQ~Ad{mcm*(IY;?V=;PN6%yaC`foPb
z=Id+3G3ZpyXQgcHuceIS$L0AQefn+Wgv~29J|rdehqEcA{y~EHYPQej*A$QS&neZ`
zG541GnjSx@{-Qk@FxfA)-@TzJJyEv5Eu?)R_uy}$70Cs2+id@bA@|<ut$rLbFy5Ri
zZs<%ke(05IWW5+gW7wlEqTlv+QKzb%p~B+8(}V9gOTeov?*RXbiq0*`YG=tRM98kX
z^mXqus|(j`3_4SIbhOG}|8`$la;MR5*ze)|=wSEBVYI3=*LN%V4}p*E(XzAj*~a#*
z3yoP?{t;|A`JC523XCL37QpW*0H3k<=@o&1M(j(48rfC6eeXTc)>p~y)|K}V-<ryA
zz`wMT!Ug`WaCA7;PH&@6aGF+Nf5dN3Z|=?Q6e*vI-{bBXd6qVYZNWr3P901&!3*c<
zT%vy)2h>@`Ua;T*fNxvOg&T00qJH?=>7)G`pYK1t+WSpBo5~1DD-Ozg%8L9CxmUJ^
zc=nqJdHh!Is~T2xSHRc(A}k!wjrd*h(5m2gCm^NTJmmM^KQ{UkHDj^tSx&ocoD;5z
zhW5WcIy$7cgo&T5w-~Q#xanKtUK|&#lK5Ow{ECKa6t<Jc&|rGC#;|9?!*H*Q&v3Lq
zFGccU((j>y*&&8y($=t3ane3=hxDn9q{+`$DS;Ul&xn$4<LHtgS5`);@Zb{b$duPb
zZs_HtK~^HA!aT&mu&VEkYr@`QzDD=#Zt*~IW}f|+^;ou7n`Hgt%{dL${kEz3zpD;j
z=PnuSb*HE7cCe%z_Q~t$)m2mCy;4ma#U^SDm)_pfDR8mrS{xnRD6SvXR@T?jTaegX
z+?+R@lPA^RUihY?RhUAFA0arcH`;#LaLFe7(@hy@CSJLmz{0b&Qpsb{c6Lm_?d@hC
zOMm%l!=$^!;fF4!(7Iilti?T^H+R~Jk8e$7l$iy=Gii)0#UL42U=rXEd};cdO=?rN
z<Su)rB^GZPP5);Ie1@Fs0h@}`G?De)S(0N&FhcUIG)*<>HCd)Yx=Kt7&}V$>=u{LL
z2mZcR3FUY*edS}L=C&MT4)MXQA)|Tp>h?(a@%mGyqBEqTjqYk`Q~o;UXOB7(QUW%<
zq<~YHGT6{S+2^@Mj{hVwZu)6uRDWsoqoVYuOmV|ip`j{*YToX-`D~9XJ70S}!racp
zN_pouUcNEV|I?>81Z_on(K0zh*iBl~XZ>^Lw9IGDNAKTsNY9?_O1m-GpRZn?^v*Em
z7UL(F=+zjJXY4o^qVLmd86t+it-o@Ys8Du6ZsTBdmRjs2-jd|v`M#_d{&ocS71n7L
z4xzdzx`-NZy&8v!>Orgbc!;fw%Gz^k=|49ff-A~TB*;_-$0SRau4WvPGn&qT#wV(L
zZr7nea-MU=$a^vG<e5hw9(-#?NGLu)pfvKIfL@bb_(~$mE5nfMI{zLQy7u9-98<j3
zDSse$rc^x6b1;102rFp&hoOci<*QW*e8ADCI|nr9MK!&rfj+d<v^LnaaZ%)GEa({5
zqT@M*Jvw!itUKx$b5Y-aWi&<77q3BjgqxNnIv608{t%s?HM+Pm`KaL~6V21O?tBX6
zC0!H!wj_>#up?7(hJyyQq;$zZ>8u8+e;A4XitH5OjC_Z-j8Er!jrz~U-S=O*uXEn;
zj%ffyWK&1FNjn>OMzdDm-u*8s5gG#qcUbGnBQ`_xo<lEOVjdZ$gj@hWWaN>Fz@0re
z_LpCZaP={b{q@@9b^(gO3hx`EvCp$K1MmJw%(o7@I0;p%(!8R;ggKviI4~@9`uNSO
z=eiO>v<KP#j|K1rkQ~*WnisOOPQE1KZtOp^d96Lx%}h49^SzeSw5Y!Xo|||0W(Uw*
zy6R?#=e;x!=Pq?I2zP6z@>LdL35=Arnx?}H_nw?uo#NltB5M6SrCVSwCh23a_s@|(
zA|$%4*RcJ|*e!XpZ+}*P@@SbUsX!uzZUEFHDuEZ#g6YkfE}ho|#>6s2-5zXHlzA%9
z4M^=Foj(G%0XN#P2Bc#q=1&xGJOa6y7mU(S!sVDBx7J=J+<ap9?967^T4JQ@Ro`R3
z$gZ`c_RAcrq=V+yu65mDHoEM9$_~)LmfR{HdwcK9%I<un(pYftk|x6eg#`YK0VY>A
zTk0mChp-vXk%26B)7=G=!YxdvbrVh5uv)h8ceU<Xlt$teUU8CXp0O|0o8vAiV)kjj
z$Gr>T^beDs-yY*>kR?zxs^m2dCm}S2Y6=lftmULjoK-BXS;3#7u~;Pr=YP-stnH=3
z6anX#d5**Huieqe*Wg{v;=fFN#<rw(#+{y+M56EUSY_ow=(#94*A3pf0qur^er;f8
z<B!J;9R)bC_;Q>5TooO?ch5|u7`N;+X{8K0A{COAn_ciP^Gdlsr%Kc)Ci&-+w{1cL
zf=eNmc==PEo_3Jd7q%#?>_!r;#?ru^%Y~tQbekM+oPGBxQhO3Y>}$XHjiu|SpUBsA
zx50Z}#V3*t>?vu5IKNx>YIrDSxoX$PFw}j&okx8UIka=8Bgc)_?_yXVpEsZXa#H}m
zGWyBo<oXZAn2T1>YO!>D{Jt*d5p3!)D-5I{+@EA`tOh?j$6gbkjuh<(`|Y`k1KIdF
zZVigbx=D;s($@Kkp&?N+XtY1%pJEs!M}PY7J8*Gxe}F7d$pdU0AtK}8KKNkQUKFaj
zo{RWHs@$DrCTo4Ry{0#rfK;OIXfykG7#a*WbUgrf9`aP>P)0Wbl(C7A5HnOvD3qZ(
zUmp!RiTXm3H7{D2?p#i|>0g5=YA^Tc5HI&}=Tp<3wOQnfC^0eX*>;=JB7O1ClJE4(
zC2BS`cse_S^brDnv*)Ar_#A#IgE(TW%({F9lf=vBNBR}^>0Qs{ZSicXDa+c;6WPv4
zsrA0O(m^?aOw~n)UmXc;n`DQ<d(d|GZF4(2)@1q)BLTBI0(>JxGGIY@IC8VIw;NPC
zIs_4tx<`4VrBFxTlrDc{i4|==eU{b~$VYDCCm<nH`hW6LP%@{s55)@O=|Yn_PaD}2
zX=bvn*>UsZC2}T%NN&7Y(Ai`AfH7?ThWQTi4`q`|r)HS|)4E=>Qc)B*w;=X=z8v75
zbF{b}a|E++=!mx$-%#dh>)fmX4nBjoS*<QgI-0))_eOyXZwiet!i-$M-CR|@<jnA}
zr92cjPilhCyy5mZ?xiVR4T13+Qp3$}4<WQ+hSqb@FqKlq`%pwa=E!=1A4yIb0#EN9
zG>X-jY5*v=r$y5Tpk*YPyFGb)G-T|*YlX0C?15FiYSX&oa(UYS!i5Vr!*5aGp`Ghf
zNK<~rUsx>o-tQjTqfpIbl4Tu4XoI-;b$6z=ILwUw%@~SL^|5E?LdrtiV$Bxtk};0_
zUrKvh%J_NJDfWZ&c7e=fVkpl&v7|8EeAE~v9tx7(#|}LA$&WEuClR6pC(6N1^H}7~
zv+$6?gKWVcC?Od<Ol{c_Mg5ywI@6Wo2X2Qjh_TRAgtZ?*Zs|P`Q42AYBh|y_aOb|S
z(*(uQ1WY%FRG77#_TUZg#q7no?k^SI&5)L!_))B0`lvzuqe;L7$2J?zLTReRB-@;T
z&{{v}^sf64{au~%*AhF^_`3fgiYl1WpzJ4D_Q;PR*T-?gN$Hk;#c%S%U^LnBrH6_C
z_)AfjP~>Fz;DIT>hB%aeK>@@xm10dRM7|^oq>#p9+Sr<E0OG%F9+r0{o`)%D`2eb3
z`gyCSo>Zk1U$`iSYMtWhx{cqxH5Ha!kaZPxn~lu=)XbZUzw@uP2GPt0%*KdNhn$<9
z-l;tdKL%QO^21`Ze?hpbY%L{3=cGxeN28kBxq9Ueu!Iawg!YdBi${Xf6@+EBzS%mz
z=~MgQ8#9gj>=?|XM4bGm+&^rmvp=7j`KkL4f$Q_4G;m<orR>T~(B^;v_^YV}MU!Fs
zh*}dHcSLTHob<_&`nAEnNg5M>dChbU@~*#XkBs5l4>P}II?FLCU;{u5M4V4DfNWr(
zSrp1$j2@25*uEh8B3qTXb^4#&0Zs92$Zu|w`f>Wko6BpT=CgYCd)L4p_P2%J<xW~+
z&$E-0f6r`W!1)I&R)o{O+(l-Bs^`RWU^uQCPm*Oi*?fygypWR4OeO#>2)TSAVU&z3
zhV@A!U&H_;m%(#3;oHEw4ENeuZi-HSnqS5*eqVtsE)<Hry-8T%O^$s)fw?`U^j%?#
z4RS>pXbOX=#K&h!PBNU@SgC+Ab1UK(<OF)<*6N1k)-ju$Qxl9Ksq?ozmkRR7w^>%8
zZMVB^v*0l?MTUSys3dp^yz*Zlfj|5B<Qi})Z(dU?GDqs!ew<v(8h(D%@a~p=d7C!S
zhqe6=2erYH+Q{bL3dnvK=eD0XSU&)y##{4Qe?m>FAT?K~SHG|DYvZfPB;qSsnpE1^
zWPf~M)+@0Yed&tvO*taW)-<W}=Wn8|so~K=uW1oZItwM!H3h~a43Njzw|<GuKc7{Q
z96V4yyt#bYJUjakPH^6g6C5>HtDT|H!~og`->1^5VB)B{op*~0*vyq(WOA#INa)wE
zt<Ks&F`=7bY`AX;5UPWYfcN=1rm=my2pq?iywq|2jcV6Yy3cZL2ajCmj6C%Bs+@az
z4)(TqOi#_ET~;4C%gykzrOCM27cc+jB*)<cZcI4aoCoc6ubCW_W1oS^au!e*)JB^p
z$N-U~cBhp>J7yE;qhle!6f2Q5_PgliU(hoIG#>WRk&PXH#qsG}h+N*xpCEIN;6DA}
zJTX&SsW!^9hCC9ZSn_+qxBT}<d)rg_Sr?<$93PK;un4o-UUgWsXg`uP$-JT8V<Pr8
z@ubFk0X%n=Ux>80{RhYe4-FS=N*r;o0{7=Nk^vlW?Vu$Ohawdo9LJpOIB)X)1Cenj
z`Gg%3EMOo;H6Z>o-uqf3bBP2s9l_pp;!|Lq93#e)<otROa-=4YI0DB<;;V~R1;y(-
zyTOzP#+RbQL|0-&xC?K;3Orl{!=5N*5o%=|;72~+yfnzOpKen$)k+!k?2kg#RXyz5
zqauu-#9?^A%;AXhE2Jvf&)Ty&n*a;tnM~knbD?W)P(e9gd>?Ak<H^;I7LEW3cks62
z&U_Pt+8(4hVpXu&@j)x@@w3Z(l7zdFl}z%XdXPzpT(uxy2cAt;fNF3`g=K`5`>H+1
zpP^$5QHr_WG;`AiC-UmIQtnmbnqP`_W{LD}^h!&U8#ldZ*D}Vgm9WV9NK9)E8kf9f
zKjYi%SF4o`r#GQPA@6x?Jd9gdu(}8o>ZP%LXl%dqPcAJdjA7}P3#HCA{{zp|C#2X0
zV1rz`W*zNAid&_GeBBY?edS6FUacX&5bkKtE2VL%ux-S%sHB}D6~LcIH?_psOxhvT
zQ8OtZe?}J4`t}|TP;qhlZCI-6f9%xOeOH#09pEngv@wnzn_cGq&dP21!7fCQyXw#M
zni7<*Ow8-&qU)vO>E^cN{K$5nf6XB$UbwgN`H$v8_A^Xyh|JkD2S^^;FV0)s#8>*U
z;|fw<*wxpy7q2`bf67EVbkDy%bx_!d4@D)*m~%?1v=V`{_BU?6NW7Fr%5?FvTI<Mc
z!K<>LNVW=~V6M(;S=&{p4EjWS1O+MjAPo`K>AZ;zU0{#uf#YbQY|V38LPDIOeBo|u
zSH4u2ETi}sH<wev`eO-6UdNaUP&xe#=os$?-UMKtp4&1O?eQ~GaD4063@E%%g9Q-O
z#)iFoozp0d6|qx<&*afZ2;Ib&sSqhjzl_x*#~*b}-^U5=G42_DcreYorS0XNBV~NM
z1fOwIpUxRY#fT%w!?tC7z1)+VkP~~izn;NY&RB)%YwRwfvjv8CmpA-Pup!v2mp7gG
z514H=RSsv#Skq4zc#?`vov36{YU1w=TH_0G2Q{$!OAaqj)+#3OwfW{~idyko{19R$
zBSC-xIQ{=Wy52G@sxNH&mSK=VKp2qjl5QjfhAt@urKL-yk&+>XknWNWK@6lNq#L9J
z6+vnUX=Dgtkb2kr@B4X<<Nfe_^8?7<Ywx|*73cZ8j@XlerLDK<fDvhegM1sZ$U@W&
zX}ixd>GxtLa9ZgIoLV8>_&-wf6w?WUizL2+8ERfm<K#^sQ0&l_9}e8%$87)juukzP
zxf)VDY-<hTN}(Lp_dg4Ke?3t%-ME)KuQ_XIa1}=*?7Q?SVk6bG3fScT%#lJA?%!|?
z?w1ENM(?Dun`9@5lR0mq6o;z%=E-q8V7a)oVw0_rx>KtOOhV)+e=6){e{VCBJ{AY{
z!};MpYY%Px4mdNtR$5-Z-KR+nc|eUtO)65pxHr8un8LvX&d`vKw+qA}+~+>%PL%JY
z7I$-@9}w)9y}f;Y=erU7IN3g&fJByD!ob;mrnZmhT#>ha|6B^#zqmG~fyr+^h!c(Z
zm_o@%2yB(b<UpOqazg;;s3(_&Qs|=3IApCmLrZ9{aLynuqN4phSa7cbUDtPt<o{hN
zKxC)^YWJ^ge)S;!#Q6*T_R%X{x8D(b1Y96r;CamYP;J4v+YDm#T_6$jYN!>T0BZP?
ztB7A74VB;({j;}ozXFs+|GT#4%s#Ro+gg8=Y;-EuO~GCR$L%#?pZ@{3B99cx9**Tg
z;mAt)QWM(iLwG7x`+JseleinckeZXdrTyRK=>XlOv2X=ofE@@+zEwMV`f|fVfmn~8
z`5YLu7V>?FKdDU?EQVaobD@hKRa(qk6z`vf6Bc3v=<UE*MumJ3uqfv~n?Y^QHddK)
zR_Ed|P$2(*wrAC%IcTaW`Yb$3!wa;F)rt||e`{+w0xA~q?%>w@EH}yC_u-*<h|fWc
zffI#x8{q`>P!VNc;K68tf!vMZ7Z4CXxD~E1AWP`gHudS5@ybrFambr`y6Ad&uD=~X
z<VF)dz6bAS&fV|k0AI@2<AT0oGwP|G_W^Mcll|{NtC<s58Vq}1zzZIiCpg8rID)r7
zHpV|M@TY~J0Yp_z3*Gn?SaUPZ^PoNxjQ&sfRjk?n(E?<^ImjJQ<I<2a)Y>&(Q&;J0
z!M`(%={HMHWj|`A-FCwZRlEf0l*M__zJO1${X|TuJlCi>a5&d^S0hioWH*Y!<L^zC
zPX77vA*)3W_nsp_j*=_!B(){+3<xVrz{L?NEi``Zs~bmbw{vRMnYQk8eL>OR{K*J(
z)tQBb?jW=;XuJHkt#m|jp*`*8aOMddctVz`&#f(Q?lHKxPPAi}iGkG5i}2-OG@7Y^
zeT;&PFzNzGuIzobzI)z*BI~$3gw5-b(`Qq#Q22?r^JX+hqQ@O*t4NsQv1(!Bi+CTf
zEWZoc#E_V%afx1eI#p+Xz5Ow;5A{-gcytYQgB(jGa?c01fOz01l@tZzI@iC#OA2;d
zO=z&CtQ-!D-`^QN9s%f`ryUZ|VBj_0iJ;W021#7gjn0R>ay!*Md5YyP_C7W)Y&D3)
z+?fMMdA`ZOnUXI-gOtoG)dG8c^oq<XD`htP>Cehtx!CE>Lub&;w#|92m5P(e&PAm4
z6fOqZo)c~F8(gKV<SlwebY%VJ_A=TSx{a#J!Z|Hfae7bQUepP_Xe@a-If2YG8FI?E
zUkR9z4UNq&1t2&pSDadJV1i$c4nFWwB*gjkwd`(p4QNXuu^!y9Gt2hFWWtg%;k<qw
zKr%lKfC`U4ix%`yZ%`RqEWMes@+5U%kU8)1m1UQkZt(hjkGry&a3Z0Tdo-)6vz&)0
zK~TH()SemmC(h%AF8~PW7r?a5;R*EjKu`+pkV02IRV3Kr=Ea*6nZju-{ktyYljXY-
zwSIEp>~R|-J~lQs6G~mcBhxaj6A=PZyttbdi2Yv5N-^nfP&y+^O0*gJ3Oa!}10)Zy
z6DQY0Sjd2aH1{z*|NHMLQ}020M(Cq)kunXCpw9qT$Xm+wQj!m5pWYuja$w*sz4H$y
z68VC`rQl033VlY05nJSO@D51Vj4MgYt%Ld$zM?-_HsJ=LDAU`fmnTLZf{}Nykedx3
zAGb`&7xv*@{l1@U>^Xjj4upgN!J1GwWDZGi31aq-fP0Ly@6tTlI{H^0npD*(>_$Uk
zB2d#*Oi;@`ExP%66@<E0HQsF?-YJ=v@!e}>yo^`_j^3a#Y3lQZt_4tasJ10d99ZDO
ztawh@*TH(BxZ(&<8u0S5_UND|#s>#IJb$BZJO*k!HIQjIOQHNrx%KikmjA%9y>+!F
zibq~w`;F0c$wf)Pyta;~5>Lq-{vRXR^>}AS51r<K29|8^<E3V@hZe8p+~GEo)2c5-
z8s=+;`AZBf&~<~>@%Hx>(LJapi}uz1U!?RBgM!bI=B%hIV39Tf$Ln033CRRx#<0M1
zYoV7DgzmYAu`3bD^7M3?AlBkxSuT93(mlLnb?(g}sqsk3NDFOD?(f47+1F=%LVzfE
zv8*HSxhb20y9XC=a#7M`s;Im@?CXmO055;aT3kZ-yY#i=n=|de!#$?0ulW_IWAonj
z$0c;`O}vge3-N{WoQ!rEEn`iur5jmrP*mA?qV#D=2_1=^fyC7COKwjMEaZ~Bf8`Ev
zTY<IpiDT%$C(sTeCuJZqy7iRGZydnAaR%tIYX}DTB{KM+d5MaOy?#P=T07cq5@hYA
zAp}ssrQrf^Rw17^K&!Z?be5J%xB~4Uk;w)Gl_Ztx?`@{VjD#X=5cVaklKB*iy;F71
z6f5{d-{ZJSae-v&=qzw`--pPaTX~|!#~>~yO}CP|)@AY-LWzje6d{G4b*y0zfR~uv
z=5s+dCpfq$?MjBGRGK&vBw`B&3Xk$5E+;gfqlvD1X?>DkgY=yuT?lw;c=T|~D0&16
zyLE9?eYuGqYDZR}h%#olTlF=PCS1SL+;*1*7?=GzkAa18rY}6nuVDRwAQ_nyp*0v{
zY73agjX>bC-u1@$I-7i104AKbQprV5bVq=`dqNHs@`bm&Np7Zh@`Wrj_(bMm)S^dc
zI1gG+&m|PG|1a+jtHgkIGu=(|zwxW!@fS`X>hV1m{wqX8h&isKMRyc%pv3iIA?~PT
z4^?neZujo6!lS8iuW@f8rACqlUCI}fN!4dd-1iw$yY8V7mLurY?E?xpRga+v%4qU8
zFc{liu&SH{#rh+>=HKn#uuT>8G@_KB`x`y!yQ4f*Lb<`Ef;OZ|YeE{>)n2;`!k>A;
z_5h4&Me;xai7NQ~edq#AdcT^?`A2$7mn$BVj!|NTAWeyaFN7VX%!J$j#o)xl`wCGG
zOn76oi(i>;@Gk8;5oU7Y?}$ypqE<bsXeb^|1>3H@AUb~qN*e5tePEabBgu8scL2U&
zIs>OGfF<E@9A?i4S;iHZLn0K$7$y&2fRt&$gE_>Vjr<Ub4?|K*MBFvFlX*1uUGT|t
zbuk0QQh6R2$Br*qs(AYw{3e50QT?!V*)*MvsG7P|tW;|E%(IBRTH@ic`Wr=k=M0?q
zX*d`Pg?>8#Qtjh3as^JpcN@HqhqTAFe0Fj1NhG#<<sKV?o*3e51ix&5)cD%YhPMq$
zj(upT04!2@Z_A@uWhW!@*pE+VKo+p!Yd+&pwg6j7;Y7gFeY3?KBC5QsfRlADk-ug9
zzm)l}g|xzL6bq$$45*n<0GZ-;A5O)i4OYxk##PitVkyH?35WD;c5(7Qho64uE{2yx
z)8vL6$}K*SLWFh>1nR$a2J#*Y+A?<)^vb7!5BeN^qIBcZgw#B{VovX1&kp!<C@b&%
zvvrV&{WtPK1;lD#=lA0Hjt@`)e7J&*+I{^Ugp8FBE~r&9(9OF~BX{LLWCb+lCwrwT
z3n5n*`Jsva#H^Ti^W8JIQyITX|5Qtb(L)NwA6RldpA<BdVbn*0wJmkL?VV!mD!061
zNC?9D|FyNhs0L~<PH<-$sg(u0@XojdzYc)-{Zoi}nZ{}Z&L%xYkOh4EvuJt^y{iC>
z6g`B(gDMS$prNDvUC~8;ofs_d?Gp+Oa$gmWS#$7r;y-{owc1HdH2RwO)f=34*9v^l
zE6>{PKmG?E03tuWhn#q|5p3t63Zmn5oi{D!ars^8Vo?tDc#o^ZD5j+jAj`;@pSuQO
zahH4aZOHZ|Id{d&8(l}?o$Kdaz&2n}h!blJ$g+Sn{A6xIf{CI<KFuXB2?yC`gamv|
zMO~&3ofUM?Ckm#DqXo%m8HPss>n)Ngh9s?q(nK{QbB%vD<T-Bm!Zq)LXQ?Ii+f&q9
z?u>C2SNzFu0|vDyZGw2~{&2l$l7!d=*wylra6dZxYp8J><ELq>zkfG}e*$F2PyEuF
zDrn;mMx!%I)NIsjxcu?1HaWPeC?_qSk<)NWeYpvT#eI2Xg}`0Ueflq&a1o+&Rx5}Y
z5r)mIHA4*@ctSC*wX=#N(b(^O2AHfOX<R3ga$hyHLLT<#wr-Ae-Me4fc?wZxp5zY#
zBN}Y`Zg8IinfYiK$pr5h9x9}t&WY9s@*TV_scE<tcP&}+R@}5&L?A9$5F<>M&F)xX
zvYGu0Y8&30gJ7rs-O6Q8U!*vNN63i2X;#Cv9e|lh48m!io{F|I_o@N8+_S9455QuJ
zp`?Qk-Wh4&v!q2}hkonCbDNizD%zc;uNQ!E5N^*hU&{AB3<iF(%32}94}(c_<@ziq
z-hXUnGf8fg#@U%?;oDkrw5KAby>M-bw8KWl*NOl8>4<%%#k;xhw$M5Q$V}_O-AXfk
zaWt|i3Yfa_of3ts=T~}0h1O)p?3h!z6S;q306~|Ggr*vyDRVXdSl4p09s|j}J-CSS
ze4rm!TcCoT0JZd=T0YiVt&Dy`;hLykGxnT!=zD#t`slPEYrwz}x_JPC@&;g3rDifY
zu&i2!T!AFjFD?#PXU#zJ_1F{MDh%`fXEPy!i^fH4!aUI*!1gH#kfO!}egIwaCz*!I
zKBmW>_|@5ID0hc9$aO6kZ^x1NGMK=sUt#Fg?gJ9_My0}LX<F)@lp;r>Ic}Sf^$}~m
z1(9}(-do%)O{?g)f)tA60&o3f(4Q6i1KX<^I-Yh00aTSSj*$lTRiHJ>YXV5vhCt%M
z_)z~pKs0wI8&*hm-;3l-vh}xrC!m0RE;%EgEa=og))5RB0vBv!uT%vmYFyd&zp!Q{
zU`Zv<M7Ne5{Yj%W&@&nE4g6$D<OuimT)6iyBq9)^S;$VqCzwbYOP;$seR}vODZ6YO
z94hV|u--dh^JywT(6Nx9Y}xKU{K%ED4jLt{z=dBP2(b*xdx&(3XOOCN9(c8fw>baH
z`tvs&H!4O2T=``mjn$5_2hY0hYdNU}c!X#|Jbtex4tSh3bNeVVTw^p>%I|6n#VN-F
z{1|iB$q<BZH3eVNuJ=qgW^iJNelG##1&N3Gr@0>SA*&GxL?3Zc4NU4XO?^gxfW3eI
z6VQQYY=_N90#8?qC%T5)BKm!T<r&C3=iNdPSjzP*X;Te$RAGg9q3X&_vFnB8EZw?6
z9aWk?vqAmYw`k@!h%nycH~MTF(cF9wHm2lh+$%+Mf~LIL)4-E)DThirY4^9dTeB6t
z0*tsV+spy0a1{xf@e&oy@h}47cozc80{gv3d>=ZwORw+AIt;?G4<B<jP@ojNRyAjV
zzckMGmZp1ulsu%+g%DVuy!QV-Wlwg-#WSwzcM3wtVPI?zhX$6L`HEP$_3PvAY<@=N
zJQfwK0vM8@)>s?<u|Desp&F|vjPqls#w*H@MCbn3O4spkPAun>abjqMEH+wKT_V|c
zh&Gp)p$L`&e>5+3*m^{d;dvX7<=tnxX;JgKGwRNhVHn$Ikjm$Wa{IE7bvTikH^7hw
z65eESp}3aU{P5qrI~aNrnAFy6qx%E4tlogOJE^L-K>#yY_n}4x^7|I{k|(t?dk=ps
zzUJE*X#2Hb^eFD2=hrK!6Xxw0H6{442TYrhezltDmhgGZfdm*%Y00jdL2x}N%_zN>
zqGlSa=Q>kcb^%=RUQP?JNYZ+d_us3F%aEsKWiAUATOJJ;J`3z$Bma0;rBhd~BWqrK
zlEv5D#a~EDHIvvS`q>l~p!XzxWoaGcZ!u4}3kt|&T9@rp*`6i*giY`cg#*YvUI$2~
zPi$~S{Lioa5LoBlkwcq4abUXJY29V)E~|-Vr3~}4&I$qWjh`gK+C}6{lW#oV#@=UG
z79hG<!cPuwfcbSlH_;(?>mC1DWwl2wB(c-`A!(Z1kunfT_Kh!2PwqVDi+YEZKxAYX
z2P8(DRT;8K^D1jAdyjSOIo$HD>n{mEqUPfn!T#Ctu{-NuH1~COX;L40jHl@%Hrt6+
zTw&+9LZaNo&OKl;8fbpmx!#fmrP@g+d}_*c*W}kow$c)jy1%;N{gA7WD`QR!?+XxY
ze3$4SQ3JPa=Xkx_1?G7U`uDHnCV=S{JRq`Q_VLR8HJl62)4E1G!Kt8rJYpkxKOy}q
z%0M31vllvJ_=!GemnCcYhGRyu=N($XkiH38KXfXC$KpL-CLB6(#-KZe#{_*F<((+5
zaGZ-qk)j6=Xt?Q*SusTXzXRj0PN=Xb1Jx5SU&6T&HShALN3Yv;lO+(Q|9hrycYi@>
zFOR7KIy;TW-AhA;fLs9<u<&Op23q_$7O~Bm+2E1>gv=jrAKXvsIL>(%ulxkFFQ~H?
z=xqvZ?~s@&U20$Z^-TNI=1)QMSSX^E3!|+@ZAkN9;XZwyR@sF|Wh_dDg~xuSd8c;x
zOPi~iul93rj^p4f&jUU*-e3iSb?%5;HroE&>y6|q_Wm4sx9`7q0zKXA$5wLRBVKt)
zp8!L>58GYNH;U-A8Pahepl-{bc5r&d^i<h!XwDa>|I87>dD)1qY@8VIlF(}Pl#;RX
z{+IAxq+iY9ZkgY)@^eU8bibtUr+2jRD#XRQj&cTihGf?R2OWP_n2KllhtZ4d7-3(2
zvp#uJo^SLJpZgVEzj{9syA;*3XX)M;zGwT78K5og2K+UhQQrjr4zPUGJ^3S4pP6%a
zI#wf3oO~x9qeIP!OsYFe+7-AP%YDk@W>wTol72gvDTpG{n&Cp6+aqif2NU@G1Q2kE
zb8Q!hCN^j4oJ9Pe>yqFKAjLzlAGZ+oShdpqF7>s7`uh6&EahjatU{oEG|(q8G<ZM`
znqr1mP|v-{sO1T6U*@F1qKD%!WVd=7_5>WB14J(-H93y_Z!dT#KY}+EWL*M7l&=jx
zOfN!?E{HrX+N3>=yn9^!Bu}<Vefh=>%}GG<SrTi5|La)}WlsR<Fi&h3Svq^p`p<WU
z1M+E+_${y<R`i8>>5F65S5JC}S3Cy_4kTP0Q#!quZjjO2X?zbX7KnEA74lsS^7BI^
zky|hSZ6*ued5^t;^o6$8&k1~`m6arXidw6!mzas5s_TJp`@Y~gk3pa0NJ;vJPEXhb
ze_zH$bjZ=H3XpwZ!N1!rBO|!MJ0V<f{a2RZe>d3rhx2g}u95sFo@NG(l*g8aU9RQ2
z=S7!$I@7?%yUeTDB4!@6gKEc|0-M>sMcuVd72QE{OPf5yJeJq$!(b<0XM8CA(Zn8l
z53ajtIZ7*BR-fgV!xS;OLv+%D&tc$N_u)Znjfah>M9AfN2@4x$|1uEBcA4`CN>g5i
z*9Gj{{c2(_DkVXEhxtU&+te(_h1%<Ad^rKbJ9ZrKH>i75ef$H?sZQ1NxD5a^({YMV
z8N99I>HobGdNMIwhVALOd1)Ze!7gL69Z(z>h-o8dYHjfkhF|#)2OxqBR8yM%DJGQO
zikS3JSY}buxh{QKNI<}B7r{-y_+<4^qk>u=&ZLRv2n+wjZ6VwR9FX?*GYq1(5rLe{
z=X>pEW0Cw_>i`ENbbwx&aR+!p^ErP=;Za!x)<2HzQrnq|bm6?XhH~YHC`=-&tZc}U
z21P)yWOCHQULqG&*3(y0Qm_)(!1k(VjLN~u^j}7&FtOlc9FbQX9C>z*eD<29{~3l|
zBSw>TN%ik8*g=I&pF+xB9NS`Im^60a_f&Fpl-0lkBB7bkrG<%}MZc(2s`t81GA>IO
z0Lw3i$d1bbJjDDsynQ;dXdN__A~vj9X3){)+!h36a%@sK{72k_lY>+5T|jzqc=%V1
zJWZyuiLh|}dhI~2P*XMWSAhBP8fUcwe-gNl9ALryqqdPA4E-7;h=vE9seKeA@}MMf
zeZ)C};z8OvNbX6Tjlp+#TUT=CR9dzZ5?6;mGzad+^H}BlT6|ye;BCMqM1zEhaQvQe
zKQD^BV-Z76xqJY^B$*^>Q%5;C1J4ifJC@{=bNc<cAi8bwV7gfcU^;SyN^#^)ONuWX
z<-VL}^|P4?uSVdP-f~gZVfWP%9>p_mJpeU^GuR?qCDU14d9-7VDDc_PbR-(*-RFcN
z#yO~2ier=283}6#0vY~G{B_xTqwjN4voJC`mWMIH=y^XZsmRIhW1|Br9hQ20{Qm)=
zj7pYoE&&NK)82V#2SQtW_Az)B#cqp|<$bi?&lu5#C{Q~obP}>I5a^YqO~y4LZYTz9
zR!7HhAd*S&vn;$~hAHm1wt=}oZf9Rk&{}Hj(dqKQr5%*w$DO{PB1M;^T0woA$U%q7
zhb-z1HkG}BLZ7TArSAi;ak^{GR24M1Vl;Y(NEXl*f~R+*_X%GR2FlE7Gs+N}KZ$5d
z?kQBeX6acwtNIxyLw`U6Wat{7W#tucU9ujiSVa;M22b;x)!Z^#A4&;XjPpEnDbggA
zc?J|n51W36hwnC+ICuRDk1DN~)?D28Fo|{5Z<TOxJ&GiZ%4>T#`-q<fuS!|WeAdN>
z1JkBM`#aEUd0r4z=<od=P6h1XR+YvO4Q5#iSV$hyk|U6$yHLUZ3onGOGBa9P)WXH~
zR3=8+oro#C0~B@}FEnBtY)8qlt1te#auFdLxMwWwpQZH(fZkh!2sjh$fLFir?e$sL
zXpx4Md(UnWb*X3v+ur=*QQdbqcAZa$VvyN|^X%F_vRB*dZIoP#rNg|UWJ*DN#dZJq
zA;(V14?j23>P?X%wI)SL%W)i)4q2;UP?g}lKqGqm3po+MJP>Eukx1D}^xFmvcFG0{
zu*+|M(!@DT;n}vf7pHD2=adD?D<hDAL(hk7=PILTfB0`Hn6%G15VJFP0H!~jE{>U=
z8T|ax6751c6nl;HB{?eT?OKNhlTUiwJijhFP=Wg|O;jL~01=fOjkk)?0RoG;ZoECI
z*$@<cfm@{wY64Kq8a1tdhR(GKutTVB6WNm~a3m%>k$d$LQbxVH7dL<SDTAyDFq8af
zz-L7$%g}qB{aA)km7v2=Po`|ch+4`es<t{AMmqj%^sLV|NrsD>3N_9q@F@g1(tet!
zV8Ek)E!o#w7q}2CoTQL%$Vr^?C-NV89rN4M8-0xn$Zx=gA(w@?6-6)e?}sgJ-xL_r
z4kc5J5E4BG*bY_UNCa@~@ZJywdD{ssl#b;FY)LWU;G4g_7RMS@@p8I?aw7g6)Qz<C
z+Zgy_Uc*VOeY#H$5YO~|t4QI`B2%or>7P)uLPX@)SX3d&wf%R8q=vRMIo9}~O<>7r
zs26-P*^aVW1AIVdMyW4JKR!F|C$A?@@3gE*xfS`Z8dgL_6U$iO;1~M%EcoJ|j7FZ>
z4(_yWlM&@#C$ui2MTRh+13=eE!10rZ>#s$kPy9lnF%Z_$Hd`u-C=vBJz<DVXVz_1_
zdFveW^ImP#Gop1&Enb9}8W+*|@^SSyMK~Ea$@E)K7;PQ7RRCvJ7u3Rj_5QH>PLzIl
zCb)Hc`$3d_ixM_)c~M(ziT@T0z&KIum59(L^mHKC4<GC6LOxC7WG1rS`;A<`!KRkk
zDLfRePl9+ij7!FAr>lwYxA?kBNiKGCE?DCe0bNJ2qd8GOD5u&1s)>R+hic42>vrY~
z6QsPo;W7?OHrM=P@RI%h*j}TxbZTXahmqINO6Y-)_346sjt<|4+T6eq(SauMrxAs%
zplj9jJWb*!_C}wqTgQA*)_At~K#<jBZEfvbvm|36fVc9BXWau0@yskI*-YWa5xsnY
zpsk0qKvU`1S3>#a91U$_%NGB}b;LGnz3@{Lc8;sRAsZP7xxRNlv(IG{7U`Jw?~(bD
z<dmn(ihIz;=(D<kKsPN2%eb6O9IvMGG4pcQj3?_)k($%eDb6?5Kt{x6yQYI@MZe(t
zW={>ZQ>^cMeXvdEPWQ6leVbIpp#B{BvQaIOJ-1pb4piZeyCOxrLO&D{Sx){};5sKp
zJNOE8J>uf1n_ZkE8eb&bXuHM2k*3cR#{q^0Tr6;VJAMWw-}Hprh(d+lEy{BJOeUki
zbGG(GG7+PB%YT|ivjEpP)7SIBAo?a(Nz5mXo_NqcnkEd(qLSy{lCd8amig~Gj#;aT
zCWuzMgog?M0jzzHL4S&R8NVjOmS#u5<7--QjLhl|gqSkc`>S;5u#sKStB^kq11J*p
zzFY-_1tG&fThznJMAf2hPQWg@69^IInH?}bumn3|t9PLU2iXHO;g>J{dIF0ox4M=w
z+>0O!dclm0W$`2}yufwJyc_OY-ylO2I8XAe(5}di05slu;m9*&A?6}fCA#&{GKHT)
z2>_HPWSabME^=G43DiabEY+Ycf5x*@x1)AhA}2OO2GYRk&9&2o#AA>)xZ97cwB$S=
zwKTH{ImYBEBC!Fif!KheJxVK7i1nwZLO&#ry9pMgzk39yRCf<=W!3t8aG3MSDigGD
z&dhll0Ce_l9l=6S8K5>3sCz7{9k?ey+_J@|eSuM_o11$qhm}!@GVAX|;WWL!b+T;<
zxbv(x0qr1L{)NeLI`1DRUWH5Nfcej+Zb{6E4qLSjnE}89@$ZMRk;k-6rufrzs=T0v
zveEo!*+600^{(7(OLou1tq_svIWC{M`1#Xs5*D}2LU+20GxL9G`et8PLQEFQvdqS&
zYXCWQtsocSTj3B7Od<*w_5?sp@+X|k?6P^?>|X>?X21YbrnqgySu>!l%AD^AKL*~$
z0=j7ZC&!%s^S)>u5)`9i6~k~J*w>gJ)t9$HluMSL;R>dVx%p*}crk9Rd+?M@Q(`0R
zYG21ovxr!S&X%cp0E5;C<X0ua<~rMl1AnQoKy&BER(@-P<B;)@spogJ4tt*%0rw0Z
zYwLQv_?XDQu9tuv@$GMvIBd@smnq3de5`$CjZz|!9pWtrSfc~7r<dA%D9tze1zJy?
zebr_j9WT#c%;3){A|W#?x+D#0c8l5#OJ`pkFCM`&`$pi~Q>HlX%bHxQTMDYGv?4eg
z@TtMr74xws&&-2)zf4i<P|CRgsX4T&KTw>#jMkrNpBMZ0w=V2;;x9GyI<WVg0&9uU
z`k3C_p8wxR+F)GWaO;IHzx1KbaNCLHFo4+_7*|y9E(SS82L5@Hkt8>H<78&QOFgNf
zg2Ao2JDy~Ae}5oT(!Ia|j02c4EH_(oZ8YubxN;?+v9R7$iTZV%z#wRM<UG9bW7z8@
zNljRqenZ97M?ks`9Nt}AH0Z!~^W`IJf7kYWD~)j=p||H<3~`qQ8B-*M=$Len&*J~l
z0)$cO*Uz;F3BGpH*PgHLYN#@`iv$n;C-e06Wy(S3Ke}rp&nd9~#BfNi|6BSLz$wL1
zwY6*_T5Z}qoC&Y~0V2~aoEI$c<6AzNK6YFavr-9NXE%CNn4OVrmmf1jV9ouCX%Q%L
zzQ<U_>ab&m7{vjHjk|v)yR25Az@_zr07UaUj)3Mg4w!fIb?~cbd*4`7WF8RO2<82F
z2C_a&)9SC>aa6!t2=&NU2y9XyFH}5Eci4)x+LroYWmCM{uo#>fvX-4GAJT5Bgen8F
zU@GS4$&@`ATT?y-2fJ3tC1%rRBSHQOGanjM$HjKl{9jXJE7vE&t=6-_|Av55#T#^=
z5tauea_hj2BfIcoSP(Kz$20O}d9@1Y<=V=|bAH>NHnV_VKHC%AUXGjZE-rF=JpA<M
zScB{Q(+qlv>h!<cu4ht<(t#$SrK1I|vp*|8egE+xzwI=EzPV3J>EfRe*7(uVQF&p*
z$XNb7`%9+SBMs)7k(RxNoo4UHESEbrG#spjb>qj+$d0+Z9q$sIADs7ZS%R4T1}@^W
z+4$jEkIPB$9UNZ2mvwrVBjx@_9o3l69uH6-6(0VhPhdU<N`P3<risS2JA|4c%Q<-%
zOGcT#Jj^8JuY2(_p6hZ9DBOUQldBzA@<WKb<VDRj#f@*}+zasThnWsGN*u(b7ik~g
z0M6VWL~vqf`3=Fin^kvQroRHJ#hS9s`Ap9z6gJ&azp0$r#=O~4clg=Nq}L^VojXeg
znd}JIVyArt%-1fPC$pU{IaHly_d0UR%1qZjHktuLvzusggL4Wc7O;>S!e0CpxTqPh
z*dSd9>UI|c!)@xb#RVe+4-e+LyNS*tiSs)b8v^Pc-951wcAuLTgw<BIO<lBl?fx3$
zchBJ8lMt8sDZo7-$Orp2L@PNm8AaBZ4gdll9u9fAw~R)ff^1Mt=Q3cuxxMc0^Xj|-
zmc~}2kLSO_gYZrn16>pYyXCF+kK~BX{c{9o_`pmL057%@R_Ue$bq8>iyo{nJL$C=*
zQ1Fqn`~g7Chd{iu7HpJC$bw4xc@7Hp4L}h=zaE3BU!mewT?29kzx|8eQ$h~R%!9X<
zZJ%2d?yuz0H&DD+3A+JB46%?O_+w%|Xfzo<d#Or(xl^2^hz$G0?XqX7)TKxEm(I!L
z7&v5VHudFfA_1{Yzv&R|KL2zUl-grFxUpo?*2ZL@z+t{r9A#!SoS7*Z(oVUqcmE8I
z-GSNPaotjW;uUz}yAaTd>4Kf#15Ttbjf=k$X{_c5l-Q_#ew(z2M+p8+(-*KCBzGD=
z{_#Q3b#pSG`J9MSph}lPn?<}|?COwZy=xs2a_n)Njg_VK3aC|PRr?mhLHEmj%)SO7
z#f|U3slG3u%Ib-8-GEonyvd_DuIr>W4xKRYdXFJopWfbf_npBQo_Va;3pN1ZX+4a#
zk5x?33B#`{y<eaJE*TxMjt&@TvCJVX+$R4MvFbsa;pG2>)6}{ZP;1pdetLJ{P!6S!
zy_vm$nG-gt?(ExGIVH0v6V_%$pmz2x>lICBlmqC*WuI3cITiXuJu;MZ_l+`>3C;QW
z>BFH5a57~r=X6{+()C1{cfmDw=))J^BplW|fqu(rdBM{eVj61DTU+hYKRtCC{=CIE
z+_JCkXXThBl!>$A?edy8K#$OM*um9mP_#Gl_`;isa84#Bvpr#R9b+8cnx5$UOT*}w
zCmX%(duytqrk=*?Ib^X9z35lSV7Eo4&{XKzIaMgncuv~O9dwQb<ESjqAL+j-TuyDi
zpS=IJl>RdhXIACi<_I^QtQ#S!4>Uzb2c=WY^F>0w+g!fPwuLootBG+KM)Q>42khew
zJ{6x-xAk*{#qtH${P~$@RYCI4b}w2B$4~QyEw>-<{cGFaxd<#gIXN$gUWsuM65C|t
z!e&e4z7UR8q-HCEp9|#dxU~I{CTh>+XIMQ4-ZiR^vYY@>c>J<Nw`oD~+;e;h$-b&O
zm9mZIT<65<5JoU|C#Xhk%?`S=PI3NbUtFSh-kss~NZa^ILy<=(?l|a!qlN*%vS15|
zX3#WIk?q|F{{UQLP@0#b54%A#FHh7Uv3h3!SWLJ5O~{*;RwS9vXg@b^^d7!de*Ynn
z-oa}j*gVhM*D9oK=I?;Q<yMLJjKl5ql_b)k`V8RYe`waR;9~Xp`$HCq!Bqf~pUEzC
zf1k+2|KL1dU%~aBS-l4rmTUJ{_SV&*!fnFlF)i-we7`xi(t>=vRS7o=rhbhB0a@r^
z-0|}ro-ye%L9^)Z<-a~Q=Hz8rie*T;OLFPv<~(j(czR4iOP;#nVMQKdXvVj)c83#@
z(jUIq!GKsUp?o5@ucLlF|20&hYv?&OQOp$8!hS2>U2{1^(?sRUZ=VHpb#J|qeQUNQ
z(8w;&Y?s*>$2iFkJuu>bG9GtC&qCfRGph<j>Nzo)bwD5VKsd$@FUE{h@9*X}4GX4j
zhN(BIj?>hY8`rM`kd_3{AeX9kbPF1uvi7;9Ytju&tFOkrrP6X&Esb`5WPj+LLe7Py
zI<?>U^es#=52_$&_W>QJh`GW<DQF&4N?vi0Pol?jxEiv9pP3C!xr=xEPaa*@j0kh>
z!B7)-HLlm@!+86@HJ0RXVUsm0hQPouHup@`$1Zo~o$WY8p8}7~85}vrzjp_QDCnP)
zMGQN0v#nZhJlF7OsWi6{yWzDYqXT_gG7H>Tk!ZU+QUGl|@$N1IF#|HECc|!tW<gJO
zS7PRUrE}QcIy>7v4F5mgpWEe(D2br<vU7xi2Obxe_u8Gv$1k~O-e3$oeLg}Jgr*IU
z26^tG<QB1B$=PI{dq7L*|98>@5A8R|L*ENJWO3s{6HblnY<b#~@ECOg80$wDwwIJ+
z9$_pW$zhcc0s?~6@2VXpX*Q44?c`KVX#~wUXFoQPkne(;R=<q@u`N~K@$Itym?>GJ
zcCHlFB$?}vSHPAn<m-5gtN1}vT>I``ie_v6t}}FznULtZ@r~f6)y}r_(Cal%A2knP
zY>j`zk$)oR3D**A`Ig|whLnAG#}*ngM-jC2cB9UO_^gM6briayZY)(njlY#@bMtb3
zFPNMDQOO}WveJDPoRqx`+1n+;zY9vhZ@12TQsjS@J3q?$F20Y{eD&E>Map{i%FO5M
zlsCRqkLoHh(62Aq=q^e6TF(`jD$o!;2rFDZG1_fkhDRSBeq1Ij_y_0d(wFZaY7L_}
zw=dcJSXGg+!J5SSt>C>sxhi{Qve^6KiDVN+NJ?bA+q~KP`4YV6{1n{*x9U548bKca
zGB)(#G{?PdmnEoz85=o_*5GEWeNkb=h;sjglz}Nw4!<+tgwo)xvL>6r?uwD+L7R-J
z=~Ta%!jd^3F?U7va^!Zg$UKG?-V1h?OW9P6IAtO+uC(Bdp!OP*n_i>tYRn+bhq5#i
zw?H@4X5Muwg{e_+vUnwQh!cy^`-|?~>My#-K}tul0wFW^nI7(-9#Fw}riZ%N%{wxf
zf0-VtIYT{S;=GHL;+6|b3XvFh1d+T$-gIwGGQR9sq3VP5`4+BI5>ml&u@-T;Iyr{c
z{z|-r_sIg%%r7?BPUm;C|Ni%tSQe<t-~I~Y=_31n^oZT29-LO}6GeNUFJIKeeqVEk
z@&RqEN!aAQ?Vnk;*4bZcGtp7A_DV;r<C#z;?7K`2iP@RC*a#2CRR)TFV=#T@OOW~(
z4y;?GB5P@~AHN-{x28u?A=xkbLq>q&n&zu8>yonqKre|Ngg5_|V{cbInn0^SHnaL*
zDbGtTlFuJfBCB7@Ex%9<qe}6j=7=YyxlSKP1v}v_&!dp);`Y)lc{QKE^jTnv6@%Pc
z?C3D*_8ceQ!%2|_LrN0nAqNZ<LFT&KbT07%7JAZ4&}{KPDeD4AIISMW6fNo`XDrZZ
z@@g{q5^bnk%1mLE-_6ypc~sB`C)V|i#(Y@2q$Tst1>E;B#F>lC)c;wd7)05N_C5Ih
zu)Q<h8!Xm;5682VAJxzIMCIn6EV48O4mRM;KJA)2DVVdUvpe324`qEu6zpG2Joptz
zMz~g^aN}WaG)KT>a?Ml76T@}jUEFtdv|I<J)#UR&%7yK%i7EDG!XzlDVf2eBsfu4&
z{f@{Ul%=%B6o5&<w))TM38AwX*_Q&fJRY}a*nhAZ1OW}mVDUS4tmF_i9Z@PAqf|cj
z%2P4)Xtuv5Ij~%SX9|XxatA|xGkAOgNa?6oUwQ2&ySB?Zhzwl{YXnEgML9)mAmSLj
z;N6rNJwyoEJDhOC?jWFMsl^ZHjEjU?epTJge&(|6uilyFgeOCt5XqmxK2)Vh-B)Mh
z$J;7bH`LEYcfs4Ge?9hBR26Pzwl{g*JsvR!J$w&{vuB^TOQWg!%IZ%^@F1RG9wO-z
z=k}L3sf>$soK3YcJseoo%9zmQ-`e45$~Ll}p)FKIo(OW)sF*|*bn;he^9m@77U_iF
zP8+McsvTP!IntgPduz6KW$*!O3i<Prmh@f6k)@AvF^Pw?r7Qr_Zaesha27{-=6W3N
zUeyf9rx)y4XH1NX;px`~6C#9Gk3hXkL|#6*FEN&Zw07hV5k(f5yd0DMrqzDS{-Ulf
zl&!E^{U|_>mU5g(mb4*~61l3e8lNoOWt)8Jfa=t{HjekeKROTyK<&9>`xxSkv@rqH
zG{Tkwnf|wmdEK+Rce8b;F1YJhxUfU2hGz#{kb9UQ89}#j<u``k`sl{ABcz=!k%nzf
z`ac7I22%`_e>oh_eR?x3Zc;sABr(g9qU!R$mEo;GwbM`Pgt0%k&)zTjf*}SCmIfuA
zx&eEq%7^k3?%=+M`Pe8ddqef9XN!`uY6&NlSzZbrTym)TG$vl<TFjc)&A4kNt9irw
z8+EVYNKEkrODaoiJloumUaik1W$~k^A}>;3!{|RM2KhH-YbcPZ@uo+ZzDfcw#%O_*
zpjlR|#cNPqJJYK5S2vNXL8ElIf0^Xfc+@`P+)Qfb^rTN^jzQOTsyM0=`L5-x$F9e%
zXXO!>8V?R&LLK2<7kBe>OjKD>Pr*npi`g|w{~$-ow!MdWRZs=0w@(Y(m03xli<{7a
zK*B$kzTC4h1VYZx>&bNo1wCWjd*)OQe;Hj1lHVT4^sjRiav_Bdn)Ox=3r_SA<uiEe
zbp!3(2bW*|8$Ds4m39&orU0FES+Q7XT*4n4=N4H$f8Blx#_sTm5nh}h2KPj~TJ#tZ
zb?B!IPNqQm#pu*x-ko<5zUfD(kgiz|#M3#BBdApB*ZE;pPJ&%g7{zGTHq}11%%+5C
z>i?E~$%2BJZQ@8Pomx4nqPzWF(S8F_%lR%4)h3v2x&wL8a#+~+m%U~s<I+XR&cvP?
zZ+aNU06d7T3W#}(qFEAbZzszSB4V=Rqoit`p@qFx7LHAXrK}RGOagqGSWeR{CbECU
zR`m9Hp6V|WV6~ry1ojH?-@(>Z?grSYeQ;ZR?wN;LJs=2<kCSp)OBP<`N1|`h&_r=+
zS*uP^rMlJRsg89+5(!cdb+db)h;YWb?fpm;wxr2F_><J`-=CM_lgObT7Mr9xPbW@l
znt7pU!|Wl#t~^f2H-3BE1R(p7>z0EKigx;VwA7k73xph{Cd%a_zO2+-xi{{O{(G4F
ziUO%Ho|q`e3&X~v4;RJ*$?+&UD3K)8gAV{+%&GTL;y7_`96^^xZFDpKfrc+;$clr8
zIBd*`q)-7migjTvOdKagTm`uIA!y%K1YJ2)iteK2b52YV{7(9>tZ%+Jb@1L|i+c5C
zIE&%^z$7a+1Pogr@lQuz#VX$QyUq8}j4Q+M<Y@QV@zEbaf^M;Q4uW0drCQGyi0!F`
z{U!eWYGqRl6IG?n*1IkB2X4DJCl5Qg;Oing*x8(xXCvqC;to|iq8GaXA2`lBXTQ9f
zuPBH?9|jMKLOVQ8Y)?|H@h3LH9{mGQnWb!ZwaNSGy0{OL;>iu-)03GzA@?U-in_Y4
z(_yoj^aekX>R=lE`39D)2~DG#%yX?RemQ5NXBlN%w#WW7q@le9678gCYR-n8peH@2
zNExuL&I|Clw9^d0<Jm%0ycv?pos`J#At188v~}aJ*iZ9~kx3x-3%*G~k4Hh#KocN7
zAWG0o^ut+;eTte1k6ldFQ4?7<rSwM9i!s@Jf62k;RH?(53#(M9#1!%ny3C1HeKpjl
zyf9SBeQ=L66e-kXDzAcxaje@WmeIH|D8v)N5Jm>@nQ8O3zTWxJ!cM$qJ!yZqv+Y3U
zd6l!|S6oHef{Z;eesYSNO@B<XKSEHXWy+EPaoW0ABaN1&&@o@+%tNQWmH=Rum=Reb
z#KGhK@CW#X@G*70oHRi2BnJBa6cr6{Yd-@gS8kz9$nS@-5St<7sY%NOe<q~kw-tZN
zIoeDP5*1+Q)6B*ue_3TB<5WUUqbck^iUx_|5#3ZK3J$xrwRx$*su!l;PP)4AMI~m#
zP>%d@bM6muD9a3w`ZWpm$<>3RmMAm_mwnB(O$UvyS{PGJ57O0lI8kb{=c*_<Qi{Qu
z8n3B|ExVYFzsx<_mz^}5)J}O!i#5vA^Qzt>Y@9tjP?deirwhdd<$Sw(hb_v!cqIeP
zVOUm45>!K5(wxAZa`xSu3Z)4`p`T7F@cU3mOen><qF(OJyVSU~UXuJeru`YLu**B;
zM1iR54;oLkGSQSNj#A0_c3z)dQU!fGIP2Mo*cXWmbgl8i_8jp?l_Q@0YUPO*33$9T
z)m76;y*up@mK6Uo!qm4rACBA#O|Br`Umu>LE56c%BL!+r=c><8)K<Cd_aA_(sNz}u
z`#Cn0J((OFCX`|N`ZpmEPl|I724{-%C!9+y|MRe4OO<EPbb+-w>?$U4z3V#yG(0p}
zLQg%d7vrdeKl=$o!B7%`Fd2o%g5Xigkw_Z#JEytq`ilr%qjb{EJ%AxjM#Et7Z<(uf
z;cqpe>1bole=l6s6yebfAPezSDd)aUfRZLc<QxNHKnyg+`ED=OWRmLm=+?|r4DZY6
zDKK?;Kh-*}bsT&;clAS>>flRn^a$_Rd+@6;--8AM=RW&p40YGKG=mJcOcp}(y04ko
z>jaISu@W}AQHpb*oSGQ{=)qJcPk$A?m3VX=Ll^tY?d6C4SQlb$?8aZuO{E;W`NdRG
zqg@qvG!3|@vt+y6<YnbnJoN)e!&K^TRDxqo$>qEK&)hTAOm=*Yck)k0@6<qLfpz`&
zXrWX<`8M7_tzevb9dM|4z5n|_oj7KfwrYvX<x}Fc>Psnh{*hrYen3_BUJ2Di##p|r
zb|qepKD~L*cLua>W<X~b-e~E!Z?DLhOSCt3_dWX!z9o)YW_f38%l<qr(A445N`N{B
zviz1ObTPJ@kpTmV#e@wd5`^hfgb`moWR*FF>!Lb>#E@^ALmI|nSZz)n%{h^C{givT
z_dbsqh7}5x{=G}}5@e}`C&CK@(L5>!TG5~SF6Sx=_Cp5bqYl}=<7y4o6FZz(bXOq%
zseJ2tMrLL#Cqc>hnb4k+^f&8Sor90Ls!{FLf4GJ+wkb~ERF`}sVP&RaYLp2_+nJ6!
z!S~VxLOu3sP8@<Trz1tau$!u@jVZ7ZNQC3Z^3&|`$Bc2)OrAmzf6^ypg?_(op`LRT
zK|@%UEn)56Uj8cGPK@$)Y7z_g^DWn$X?dM9gu=)~qtGk$xXHycZ+s+S3W>y$rg1;9
zp{(}~03QDlLazGZ3VsBSp@dcNpj<)Ut^8$^oslu=6%smpH_{Q7nET{@l|z{l4``eu
zu5U{%G{x|VhBVmh^`D;4ORoES_?pz%MmFtYihqB9v`na5_86hq!$9PSM9UPyE54gB
z?&I~dM`|+oK8>eCQvA(c!+%MZ)|I%0bi+0!l(QFXn^eAoDp1!SO)Ij4Gk|QhZL5e1
zPmT2*%pRQd)72UMe$Rc#@0OfMhOrD0PnTGMbZtaQj15Wd=JJI#vH`+3;l%zyHIZ$-
z>3UwkTJ|JY2EMHC4(+c@dlyxb={KAZl`?}tQS&zdoldQ-QS!Z^PaCr$xC-rZjLU=}
zpe$m0F65pSKc*p{Mk$ajFw;i2{N%?Ci2aAR!;&7G`a>fQo2g5u)lH?dBDkNYS?h5Y
z^1u_Cdx^p}kWJ;HhY9m^#1sq{N$Qwg|7l-0Fx4viX(Nc$7?XG^lsTi-mH1n;0}3!%
zzK7X~$A#mWa!uci0XRfCss&d&`txI4m#DqaNn;@M7WkgI3DkF0;e+Z>kh)RMN3z;3
z670V$Rh|;)N?Ik@QOCsG<LF_%5r;@p<%|~oaU>8E^-5*y-3yKHnHzWP7ZcFlLaMZr
z{r+Gq&f_=qLRACWn3Q9WJqrcu82Et7=aklJCLlr_e|Z_wNhyEZywU}w&W=5A12YDd
zM^fH5!I8e)(-4Q;?8xLg7wHzFyg&eo-#JlWWbP_2x)EbHQsrt%goqPr@MfE6=(~rB
zsTN-pIClw08$t>qEjSCG*vrcqFD3L!wEP`gz7{7#jT&2fnKbL)IrIO#N%QPpzz`Nb
zOiXMAQ>oc-k64<%tK4he+`Ww}O6fUU)u6Jo>Ryac9n53vb$}p!S5zt6X7$}an5a9J
zVJv$p`peY+p2Osrhy6)s)hTG;UeD9UsF}Og?|?>%Jz&gRYJN5xNV=S`jrqg8%hB-~
z9*I=0oCx$n4C($3XqA;upj!v&D*Ke%D*rTf0@`k|Kk=sQZ2^)zZyJ8^w>XMz@a!4J
z*$;;k!*a);*Eh2pBw40k=8clFH11>DFj*Am&iWDU%>Llv5eDD*d;JzFRvBcJh@n*b
zF-p`MrQUa5P8`^j)=&`Ov)46jd<R}yelyQAStw<|4bxKz_QlL}bq=fmBdc3Oy{{T2
zvXL;;8PP(w6!Qj@Xja8G7H2X%;?S~HQ56JY!->}kjCoqSD>ePgl*T;OF>J@2J1;f<
z&BNLsdsMSpi-!GKoU!G?3cN6>V3n#(h~!db*rbLkq=GA#ioujR2DUOF+*a7uyZ)aK
zL?x3=)hH7Zz+v-^;#||RGlm?wj^6-A1vev7;m=p4sfvW1mXyM;u^-kL*^nbkPEzbC
zHxtp^;pjAr*g1kI8a@*6PBl>#nMc89`_IwMBVj}#w!XJ^!XOY`F@ZRK%f^C!@_<qi
ze{or#%L#Vu@88gA&)$0&)14Y(r5~#FGUNg}9&WZy-Qe^rd?HMduL)fwW$|KWPZ;10
zKUm3q4Wit!*hJoU;MCRU%lnnho~(=8D!3u>*IE2BfrE9>PxF&uxK#m-2RoF-OG|=^
zj$i_5&!vd~6O)7+VkCAxYeM_X;_VD|F`%ANYid1hk5;|HV@>cUe!b@_=>%nQx7YLs
z293z)EzKLDRGhS?#6$h*EZk9$O_EY-DUOoEsgPIp_7p~*n?(Ax4vlEg8xiJ6(E<_d
zKK;DhID;2k{{SOK?(?ZmU^Zp_$&O|uO}uB%fUDeb4zSo4jBpv$dGLRC9w!?Yk2A>S
zMz@klxj$=s_6w1Y4h-NsdZoybd_7FRL|(QM%Fk}98g3)zg8U{!Bi+2;eD7M!$t;-i
zMhkJMk*vZ-oWyNjmpz20Q@C2XyrXP;Sx^{&TaEGq<_Hf!gQt)I242;a`PNWMHmqts
zTjBJbRA(9BeJ4jnVc4aVhV@Wzdf)h|U{M1o%aef;wYXA!O);+aCs@iA9m<b=+a)Vg
zRl2pG2())<^jMG;+$k-J*G!#F!}fH({FYmlNcOw;#*SBOF?j@xh0yF4z4-d|+^%Ej
zLZncDzJjd1j*o491r;wPx-bUNSSg1xFQ3)DR#A4BnAHo^|E-3}c52DB-qkU!-dB5_
zE^|-~hJVKX<&L{a9pHxeHnEoS^VDO_6sBM6^FNDcJ$!X9;M2_#c?BaQqXohbxs9J@
z@9Z}H-&I44hZVj}aKF0_5hoxKs^;&1PaCFxUvO%TFpOn1^X?Rgd+YE~6<pXE(KagY
ztYk9^SzeyVALR{4tk!<PCUeb0v6JFC->uY$g11Dc_#cXZ7!C;`dFb%C*{f`aT-j}i
zj3Zh}B%0}dtn~xyq@UANpWx@3)DuwFITz#%k;BjD0KIi^8P1F6V~}i{YOFeT3w6i0
zY;zq<?z=H0l=6P8K;FFbwqkf+t#_kHfwD0Wk!J5C+iHzmcoj-#P8gubE^28(^_$@~
z!CYDbIviiNcqfNqkfTXWap-z}vQsU;E{A^7e9*QY&1mN5utI~jR()JS=UWWXzv{2a
zc4?ae&#8_AZ**f%Szkl!IUCDZ=fZ!A@^ziWrZdx+;6h_fmAC1nU404hOcEtOr`oe0
zKee3w^epS)lfF08;ESi8AV1fXY)22@<T7Xl;40#GWu43sne$I76CS=~x)uxf-TJNt
z6R@)$NSil}mX@vEu@`4{dF8rd5-svcvsKbw0|;qD_i!z94pK8djEzR-nNv-7por`{
zffoW@PV29J2?&Vs<P8dm$Kg?n(Yht$Z!oeDQ$QSiTT@)#wJjG9IIw^iy3T#<o9}>X
zydLnkC6nBCr5Rf$29U%@2!ZHVk>)jy^aA%V;;!m{gO62MLHy1c&G}blZOASRqpavE
zPiEPZJpyiqFz(Ki|Dy$<o-k6@bfe`w2bhrLlM^8QAF7@q=-kSB4B^c9pS)x>ot8uq
zGc*K%VF{X)Y&`-H58gWaOf%*qQeOR1wibIG)nPD9mv^Omq>EzBekHsjxrmxVpWerO
zdLk5U7(ouvM-P9wU$fRf7yj5S8bQo{Fqs@>%d`L8P+!YNEhksdhn;q_IXeO5DkB9}
zZL(^tcHrq1));<}a)fJ!qE#3_9@45Z#K0cd9c_FMsqyV1zb}w4*p*}t-yMM~TLQt<
zIgd7GeI%RX!HXNmN}6mxj!3%(NKl1<>%{!-Nbj$I<v<hbKZ|c)3|ZGSEnNBzAIg!a
zV$u@GYB@CTo@n+^B@mFF=ynVGv&Gbs#+v|3rjigP@wJ1uBD9?|BSN<fJg<H^`LY&4
z6=c^;_YB~J(%@ionoHjzjpRta)}@hZJO3fM^J_Fcr6_lpd)lREj*^r+Q7~tmGYH)p
z_tngk0%@lDqyvigG=w%H(RHuCg7MlHa~%e!B8s@nxD8dsh~6(kaZHEdL78Jndzr!$
z4(MeUX!WZpLvyXbC?o?S)NwumZgW52G%iqBd}#UkVY@FGi`zZMzA&$~aj74H$Ishr
zwcILC9js~}l;VFXY#TC(9lwN?9-e9)bm)!D^L8cCiOI7$!#EW&Z1YWnU!$2{_v`_y
zR`H}XJ<{bV+p+3O%!ce8>~B-mmKiKXvHE4WH+@dXsthrWQ2J+Pa4Inp!qrn%yefUH
z>Zm8;7e@`G3V0*Y+zf@la~88h6eUT0-$Xxc)#VOWpweUW^%Q9;&)RhZcRwK$iTy~o
zD=_Af&yWdG5cu8u7D$4K5cuS$eB*L<UXCLo8Aeq?-)0kM>P8FZ=Dsebzv357I%+CQ
zd&RviQ&AsKH<W$%$BxW8qagqtg<WaY6jnkNd`FJrL)mZ-;AbK=v)@OM_~hbhqL&Pt
zBxdgQe@w){tZK`|uD|`G?7v3)Y1So5dC7xzVodLQkk%jX+-lN#{wf8$)>=ml7vRkw
zExS$1In&^8@qEsaKCI9M*~DBaHPuIw#rh|1@rj97U0}E0FRm;LgE#&hsZ5-Yn)XC!
zK&GJzURD<Fupci;#mUP&4EA;^u?2xTzaPAY=wg00K6MBVnbcYqWqHRHC-PJQ&-~ix
zE1UOw-k+_@pPo2mm1XSkcO@N;YU>l<gb<M<^PaloC!yy&UZ~&bGDc2@f3hrF1{I0D
z&IM|&12Lu_FK=cH2KoPgY`t|@lxrJ3N(?Ya4MU043=AM4E!|y;l!zdrq*4lsbPU}C
zh=3v}5@LZM3Q~@=5@OMUf`o#!fP}yM-QWJcbDiHg|Lnc5eeLbM@x0G--)pUVEeVxh
z%9-EQ)gznhzvbAO_kMo7sTME(aO20PY+bVmpZ50l_~d7Gyrk|W!{xmY7S$&o1u^rH
z6vZtP($e28!-cmhZl7Hor$bi4<%gHwIEGzPYUZXwon2Y!y)vh56|4Oj8<reQDzzv*
z_UO^OHcRtjyGkdjt0k{_yw4S9s{PRVE8ALjOkV5b6Q7H}f4KQeHNIO=*&KVPa2u36
z#llxOc?Buy1<qZ`@YcyPb{U1aG=qf1T23j{*4J+q=DN&JsJ6Nhn!gH7zRCDdZuEY-
z8l(nogUhyvRa<ND8EIRc)*|Wkn?sV-;cpf1VRza0=xFO40v#WyuO@cqtJI7&M9n44
z-X*LB=1hvR9b0^xi+md0&)_fgk47r`F<qyL8PZ3XsUaJ*;8X%%*fLqSWZ>{ijxVn|
zl8bq)%a0#Tc<kVDV5T>Ft%@Pw`6{|OoX<hV=^CKPiT5vcdIfFjP7cgvnpoJXWfkIv
z=R~*FOw8wahM92rbQ8{5w~YH#AQj6X-~!L4%U;m!Pn1pSDUz|q5mv+{n#T+3hR?R-
z-Sfn)%MWGs-1g~wcEOFaxm(|uK0<EbV{=#%w8|5?o5e9!DE8=Qf}~nhQ7k7~G4t{p
z1GQTYUzyPRyW4BM5avlJ$6PKyVXRD<o-^qpOIu$~6i7?dG|)TTqw}$F!sq$kQsm#z
z;S0(ziPuga^`KN4cV+G!{)%~Zp&+36x^ilNE*ow%5tv1Z$=F@}cOL?%qY*&JJe%2y
zby<iCc#Nc2J<>qF+ILBPp+SfO|K&II?$Nm2_1E@6)Wju86w#4xlfqT9k5hsyYL)SE
z1`Jn*mQ-{!_1SNqCoIS;??D*Lfkg^u`Hqd;BMu_%YPcQt115%m2{5wPRI+6CZ=dxa
zX%pe0fy*(p*;(U*Gb~(5SQTf0JB)VKAeSr0<vex{PO{Kwn@$i)mpN+pXvmM>r&NU?
zt#D<f%O&xfsP3{DF*=aH8<Y0>phAfrnE4iU1^PBDD&n`gqKymvO~aHqQ)I8~8edIZ
z6}|T#KF3HLzL}x}HnkRK@pn)Yb|3D>SfYrraPQ$LfjybexqZK<Br5YRdK8^0Tc(9(
z*W$J0=}q8Vl9r^~b+Py@n?nR?3T#GL;y!MV6jY*yC>sbU>;0SG4uUz|QIJv`6^Pin
zyFGU=qh$IhQ~#L*DF85)R%Y^L;vOB^#qEXuI5iH}P}y(PfmE%3A^jo`9Fw~HDs$so
zPXo`{3!Z3>9S^@Oj(I()H!PT1?kLA!Fo;NQw7DgC2VFu7`{UoO1eM7+t~aEe_tY#3
zHI+@D)%QQy?QndFnv_2M%oyucVU-X!4Pka}%&K#^Rxg{U_wWzD`aJ`mN>fWF@x6gd
z13G6}hRdq?=xg;Sy6Nt;DM_i4t~t1e0rGG4o5$f8*316XB|fZ=7(<^I7;u&9Z*sF3
z$R+NMa%QA3Go(U1+JyV&ukq^86Oj2@PsgbU+np=!)p2gC!XP(w)8%Yg2826X#*=4j
zGPJG1H0^sps-nC3)tajhWqA~B6n}oUU1glNwOf=6tFIL;ynk`a-)kh}8{7Q0@#i&b
z$HvWi2m$}NwsvNK&ix4a#j6CPUn@^1R(97|H5&0Np5sZ+ysY6H*<!svP+x-y6W8q2
zTg{p5%xEg)#vo-IltJ0k@nFen_~=H3<Y-gqwfYN0MN}MGgfC?7Zka&}C$<ew)N+1B
zaXF~9K8=FylN*ncuXj~W$vNS)0G_?6A@_&9zkk?%@E)DHJ>;;CpNXMeO!TDg4f-+I
zFAqsu?N?v__#FP_nfLY+<!>qylY&=ERVCGi-rl(SDUQgH+%5Pzf25y5+D0}*-Ktl?
z&*{8>z-AuX@gbLyT8Whn9+Q)7yZ+sK4u1Joxl}foFs#=iPhq8p9bGwki#__{J)>LV
zk^42N>3?4Y88>6YijF^FmIy|-nJkMQyGhXJuMimsOjL=-F03|#J+I(kTirPbU$gR~
z*;GXDBcsqNP6t&;XFHzAeY%AIb39m7%GW|;!zR%@gV(;5o%3Y+b~Ap<h<`gHQSn{s
zY~2*U;!@*>v0A@B6}CUQhtG(5^eS=+>cul=_WuN#O(p6qeMCJvXqfU%f2F&7{}Zd3
zu;T5e&?Q+er@FTa-g7No5pX|;ZmZ_MDGC>16Up2;JY6_-eX?_x|B2{fsvSIzeo-SN
z&(z_0tnt1yJG|<T@~2IgHS|j9XgLrBR?Y$)0f*H0zN9bNMYb&w;cG2_cUp9N=$H->
zDl@I)OFm-5IO!NT!+e3+>U!jG?PkU44b!#h>}`Cv*euu@78k#9Z%b4U*jco@C3WVe
zNeiUNJy{>GI;R%{2BIA>!Xc`LGB7Z}Gd160Qa}~0RE=sor=j;iLW{Gq?AiruaoroA
z7IbBvy!a9#LEt;^<Jr%;y#(!G)P%~Lz{THr<d|zb%{!%TN6ALij^UHqE}#)*tKWQE
zGOx@YZLW<gm=^jFJss*}y4)mK+DXHS+?8dh@$!u$4up#>V04f)qPMVAH^m&VyVA*E
zS*G(cX-IDw!b%Q&Xxf?R`B^zA2NCslgJ)`Hyk_cWk4t3_avWb)VfJ{@vin_HaQ<$l
zQHK;|iv!VOpWF7^u<WbFG=c*#18B|g^8~VnvkZB{_<cKNMkqn4SMg8z;S%dIwxRmL
z=pAOtD_cbor-#`&XY#h!0($;zxVc@Rp-}_$?CR%lVboXBDT|jx-kSUfs+9+59F3>w
zHcIgu{q?oAw{K@@GZqL&3z>NcUB>nGD?PZ)!mE5@efDD*xhEQ}*~X=zI#JoUYN|u)
z<(7CkS4w~K+O4dt({7lDR^NHn-kW{O(p`1{)v{E>g52dep=uWLwVLQapvX5o`U{V2
z-UD17jlymFHQTp0ZaSsUtuPz_zu0s7jqWFnmcx&-sU9@InX%pnw7cwPYcY$)KGcBs
zJr9#J4rKCUuKYt24P}1QF3HR}->UBRhW$f{3ELVBN17`9g%LK6^O1|S*LYkE^EZBG
zNX39jgtwy7ms1~h7yZJ8&;PpOo}xsITputpvov&^G`<rz*)Xi#z#8VQ_%yvx`EoI0
zU`ZIHcx}-f?c=$eDL4-Kb~9l6h5qy5&eWzD)n}DAeyU+0X9{u-T0@3q-5xGOOlfLR
z-0By?c)Wb%epv85ce77si1Bip9Gisv^9x`bE3*FwRA3waA^9#rY=&ywPL2{Y>FX$i
zJG>~;o9{gZVwF|5o`)}v+*gLe{D1eUJT_^~B4(tz2KZk}j+_Dag{=Xw>lZC^YMSba
z+z+T6t`Dd@SriD74!zx?(u%eZ`=o@D?y_h`dSX0EWR=&)fCnt|8hlbnPzB9_URMlm
z_8)3#?1!Mql{%$g(Xs=gpGHkEzOa$ZITc8$@~H(fB6n(sI<KouA7OqeSnVM8m@Y=q
z1$?K|gRCB*B7c5<><%HKWx)a0j3`5O(EAhnzm<~4NSBU!^zjDEmsE8lz8s70zxhg0
zS|WAplLuL~MeL^L?j4(7=}gh@Oz|nh?jF?n+!~XBNZD@iTpc;|d#S}CY(8dsgYRwA
zkEhAn27*!XTDSi?KusbhnNw6G&9UpLk9*Se`?Q$z)d2&pBnz4SR|?f@CI`<uWS+Mm
z&42~Q8!zwRbZ+^Mk5A4xM3f&oGMenIm31&SC(kD?E)L%`3HF#``nLuv98;K|f<KJ=
z-k%LDeK1%9yYYG+=9ai=TEMCdbg9RSD5AsAZHP@jo~XVV=RnM!9F@KEmhd3smp@of
zXL-BvY$gdGl0xZg9-iC)6GomZ*{RWUP4dKkP8nac{;6kTR7rwSqRlVo2+75TMUaLV
zJsHErj33(D?xrN%o3Zp0`N{g~!o}&XAFz9!DYL5_zd#lOICM0Z6k5HC-<aFN4G{LV
zPvPI_f4e~1hGE4s3w4KAqYE=0A9th}I#62eJsX}xT;BnYC6h>Ry>AC!2}X6?m<DlP
zZ$){b_#To+?yuQ)vrVY40VK6dqj><P%VlW%&a1-=(dKvb51K3w*cE5!Gq-(<iK7=L
zuk0Vmm;~-|TW%kQ9Bu)HWpA23b^g_FksPn!G}#X<oL-Q~d~f&m{w4cM*szXHFPo2_
z%Frb|lxdUYJeQlCMp%v6$QC={^E4dMlDbh{dnEi(UE4yxrmG&OjU!HC!Va9yH_hq!
z^>@4Iolu<P_hFBsoLFA3VYjop{gL}Zr!~7&N3I%Q_4R#1au8gYqs2Gysa_ef_@Qf4
z;L2a30*{~x6Ir6F-<H(nvS?7G%u{gnvpt^3k~tHC342BaN43mpp{_s$Vus@TEN`?{
zx8Z^~?8SpqM>*LED#vcC+7|C)!m>!pg}>qVK7awpaZaIoMj6ZoTlHLlY&J1P21}-z
zEw;j2nngH1r*BCAz^k{Y!+PHth1&vb{oAM^yFhW#n;RUc7WZ3<9ln2;@)VDhEXAFe
zIvn+k#-5R54>zGuylLlnIZg$f>)U)8RgQt-?R0G%1J?l)CvbpQ0aumS1vW}Zl@ib|
z)VuQcMa$k}-d0^ICiP6;KLz#DnWPBZmZV(bWcGc1*TU6rXI@@mwP)PZgnHhRzPYAa
zDsvmu=5LDI@?Fj3*t3L^(<YUdVV3Y<R-paZrN73PhMKgcVm(%1#{!O|j^)slOQY$s
z_4d;J@J=FByQkj0ccK0-2Yi|pZFEOHE3%bItv8CYBKxPSI=Mezw$-L(>pc18`YY<*
z-&cSB4qbhh&qj{#vR=tBv|j>)n_JMmnQ>@{&&4Sj%bpG_QN?%&PGA511oA_9lh-|V
zelO~-i>;+eO&Bh#aQU6*<gOrqrb{twp(~s}Y+0w9FRHNy7u8d<Ly;s(?4NinM2Y2F
zwj@^iIY#Jc(>I@W*X_)d130Ce@$}*;<eYdd@vY42N%jh=C8WPl1T;taoo9lB-3K+r
z4&2-T(J{I^KGCI<rv3#=;C#e<Y3@ysU7G4(%&s7l!zP6WR(kh>y1<f86eVEa53trj
zaop>lp1)uW<w^h;l)mL^31AXjBl!i=iW4Ut#{Yt4u()buAaj)^HJv|&@kfK0{_t}y
z9oGnI$B7vka>0yq8?|Co^M<fFzGNNzS;`kp!0aXnJaJD>Irio|Ma657{2pDkH=%Lz
zN!Av@$@sf6S)Z!2J3@TO%yH?KlC;U6$8HK_qZ={mozEBF-iUKleK$Pi7*phT;X;M}
z5B%K8;#L*RAe5>m0R1p9(KAFQFa}7bpd2rFdM^0XYKQjP*SMSL{sbo=slq0kaiQp3
z7yKs4HR4+K+~moa0$Q%y-@bi2alzLyoHPQEhM>VRw*YG}r$8N@B@SiPe@#-M`{*kJ
z55T>vJ<qY~Yf>@@j(#){o&TFLa*h$!eFmkZhC&{iV7y%M49H)nj8HU6U+}hKxbK~{
zdM_=z@$^s#gLa#BppTFdILEiKkB)tN)ykGe=^m_6-I>CGK3TQGNX;@2rXw1D+Rsa_
znT!4;Bdos+RZgzdQQN{`L+o^G(+afejFo|t*HBp8md#*WJ+++9&ylMc-Tf1+8|mZT
zceo@^;ePoZRKSesz6|NYCm0u@V$gpcIW?VL{Umem74yw_1BH4|W39~iZ)5Rfnp$Vi
zJQIv#G3$xfkErY=+6p!4iJu<WnmLIor52|>KgXyelkB2mbW0F}LK)Zb$riut?j3hA
zOgBHan3O8A)%PP$O(3*qp?N{Bf2|p8qD_(wn$J(XQZIT$Cr*{D{Tgk<qcLJL?7`Ns
z*1Xg6EBtxwa~A-u^d9kT@kOK1nos!R;#B+-m=0aPDP|p!bf^hxp7`rR4yC4Q?VQ8W
z?jWtabV!8bqb2#yR|u%&sG%*X%2PTaK&zx;E^&(eMBI%t=K{$|@2sO(LoXWdLYPAP
zE~SY?8s8;Obf(}|L4Pr2_5tCoh{!uv!;Yh@&TNUp^TtGl_lor={Z7Q!eC?(3GCn4r
z7JsAp3DPhw_&j9d5xJfFg1Q`~b+pc_Qd1WMDSu~f+4jWJw;0yoH=PukeHGv7cV!k>
zvBVqlbFl^;5E8r^x4Tx8Q!glL@T+^t*kN0;J@)lXjs5k^$5yR0gQ|zDP6qb-Fy(<{
z+Nh>f&k_|Dr`>^tM#iM7G)M8m`RCGSe@RSUm4Wv?nXVng+}l6;JV!-`zFAX;J42fn
zrPX-9@1OoJ*eBEbPSTJ?p}NX-YQspN1hNlna1MO*A)7pDH00x)R;~Lm{9x&~a$oC6
zemg~4m*(>i#vz_iX!jNHm!q!(Don5WA}Qj<YGZKLsfO9HfUCa{M%)?w(R+Nv=Fe{j
z?v4M#hkT#~9&-J0$;AlAO#Iu%X3KQ;+38x--V|xW+?nf2RUkll_G@lBsV+f@@K}Gj
zV&}ZjR^0@yovb*5-Ce!1>bbyk^dez4cMy7;{h>MTWD2ya0(nsEB=n-rLMMFYPMB1e
z#{FE*nWPK#y}HhiNsO7?{B=hD`YE1=ozHJEtt0J#Ng#;qtt2y(=P?mkZWm5z-y<)9
z#W1;)nMu=%M`6nsWG&P`x^dn3mlm?dJx2~}nuP8wzA%u3h`D{+KjdS5^$g1}ywP1e
z1uj)KOw9>KrYzn32=d(T`17_nRkWV=mpiL#Zex9_oVx&rUiwf$oeq5#TJx8R{_^E{
z?N9-;6j$nFgu-~u!q`(?nsSF8l|C*j43S|`Uyk}1hacw1KJX~V?Q*k4F<bXMt;7!)
z^)NQLiVdo$Ki_-gx$n5R?YLN9Vk%t%pF?GQ^Ctt*8{D5=YUlx*;FcLZjV4fwSo+;{
zM2%s6awdQ3Wv`&ybe84$*_w0=a10pd=wHIJUzlJCYet-ShDpp2HA=X_i7Mz`6|S$J
z$qjcJK18-)*bT`{Mz&Ui{wSxjti}>l3(dWSXWG5TFZS^Gd0Whlm@ZF6SujMmQQj;p
zMz=+4m-gNgw!Ht$_sq6`$X73v7PI!ob!R|%v`(#+-m^tv^?}B_38h|B`+P^n1U|0n
z8#HS!`p4mqK<Dwpmx6}N7o$4au)zXg)Sf(-D%JqUgjV0Zbad@oitV(iM(8ia;9#|>
z<_A!;-u<A9lcg$4kf0Jns^jFSPriFGQP{A*J#p#!tj5$-o=bErPw;jR&NL|C^V6}r
z$|C0fy;uS_{E`W+O~V>O-RvoestOw5+R@5xs?e92Hw3P9Uy;k2w4QwMV{Sl>rqpNj
zCTOvXvgY6E;>4nD)ofAf2zbS29&&<&@FDLOfCubzyxh)F1~{qPAM(8xr>2k@SRpwr
zQ%}!AjzYjETRY(^O*Xg9_oAbz>23<ajHzSf-iAol`2Eoh0Ibeca5yg-&o8aMmCg;J
z$vkwU1ZKE1L+GBrzx3djY|fs4B~tW30F7Dx+Y_#77kdy>!Bdqpv$MCr#I?--aN(c8
zH&@O-)?aMYHpGT0%`#ccz2q&4)5aQ{=(j^<!IRmYp1j|*b&!$;)lyfNB_{sB6+uE)
z(g=Q@PUGL}zLD^Hv5h%K%VHfH5bQ9{8#r{XS#*n?HKxSMIW_e4j@D-wUzunOt_g;&
z2LZ_>b614On}2w55BXtMSaRky{XRs$i=+OsL~g~XEH$phP6~uBJbkKrYkg`WtR^{M
z=I+h)w|}qd=y-2PE=0i>tb7!fs^P2kO9nUtq|9Tj8hIRvS=L^j?eB;DUz=Q6(VN$E
zyV3yd`m2cGi(*nzH%y=D_aRn~^Zrob%z$;S0-#&+Dk>^vpvagZGDxA%{DNU{CD84^
z{JORQK%ipe?vwx&o>xmQ`cyhKG4@@Z>da6AeT^cLK3@-k^WVp47&!C5leuSMr1q_X
z=R57b8k%a{Yq0;i9wBb`#9Q_14|dgz`x}S^*EVo_n42su7JY)lc!JdR0pbcBuZ>^z
z*GT*Z?oICd8<mkJ>$f}+M!pwjT==i5^DaYbj@_@@ZyKKJCs%MniaD1Vs%VEw0=kAK
zk-F7C;NOPZvUE=MeAdL$rPAK|%A>D9#Z7Pv0a5I0FXoWdOF&;{rJq_)9gv)J)Mw-)
zJ11v{{_?P}vn1l^<=hi=Ty>tnEp3}*uk1ZkMSkWzY&8?(;wf2o__|@7YoHx13qNm2
zgos6<WQy#A!)uU;H*p|c2@(OvMEg4de3@4H34{~7DKeg&50ing;h5)lz67a_f6=pY
zz%S7IwS!JxQcdet_$?@_%%&%BVzX9{d?#Psd~YX+wBaWC%pe9jfqIYdg;#{044SD?
z@uM}Hhr<T2!+jR(UvTv#KVuD6XX90$7vmzaD^UK|3_rV&jXB3jLHYqkgl1jp4c}}!
zzvn?#0{wQ}DZS4Zx~y^Y#*z@WbR?GfHFI?Ab=Lg&SGwZJfKdwL=%3$<5|z0iQPkE=
zFADvovew3C5la9l)%b8p(Sb(9awZ?V7ZHNAe)%;+X^1o`n}%X@2&^UXy_j~-sci^X
zh`kdN^O$0R=308f<lo;fT8<)KoWbBW{rwqybb5jxz;!@If1A4>{Pmrk!Z&R7p5SJ6
zJ|{T_@VZ<vy>j0W5%@B!6e{@@>QukKt4F7@2}aP_D(7Us9wqiurN*(OG=N=+!KHCX
zG|!iFOWp>Pq*&vcEeh)@kHVzl8q!n&xGEw9S$@8}#{m@&e%zRG*01IrUuzIXeP|93
z4R}p2ng>Rx-LIqD@l&q&fd{q{!7~uC%`5LcBoqAk;NP?Rt6af|`*r+-o&^4o`;(h*
zBr3a#qdZbQutYzuM5h_yoX+(hwYifoJS{J-u3bY9WYhw_!6B>R1n(>i=!dYg<}u8I
zIp`qV*7o+N5*g;jc%HzUl+=Oc{`#yt@u#wL<I^?N4;+Yo`Td4Ntn&b_U%~hjG~Lp!
zi`8$XvRiZ>;8*mWFJK0N?OQ6(NLXjB4F_|y={f*1(D~tDiEsYtK`58HFX}IBFioUT
z!BqqhB(luMuG{yjbPh-}aH01h(WM90+eO54-afX9O(!<L-Qd|uo0_ctOw#?Ds&n2)
zy?zNt`ZaHtNopRXV-4a|$pG$2GD~x7k{bU9JZ9O#@LkR`AYfj`Z=H?YtCdv8eF=O)
z+{f>JXWa#G;wFH8jvW;ChMM{=Ty({KVbL1;W9b}NW^Nc)_aI#C*G;DB0=s!2?;O6r
zRA-UIoWc>Mvj_wmNvfnbdcTrZ)p%yZpzyA~rQ;IuC3u!k9x~FlZx_Lq*XJ*+y09xV
z;rzDd?J0YbyD1PZV)7N6chRngschHQ^sYSzrf<ClyUTd{Qq$wJtgzV`r9V1%fI;Fd
z_yhS84yd(d8y{&)Gc*YtWBsodpky0Va5swZT^RRi6@^5Ofd~R8CeoFI)Vq4f@+>DB
z%!1sU;(K%-CH)vNjJ<ikGVL{Jw0JYjsmG7HxLkhSN8x(?utx07rPS=u=t(xFeb^Lx
zk~t*w8+s>BRcROAOB1zBZS8-7Dl%Xm@aCBpNoFD^jE&5xwF&eTpdvvdsJoE#2LUCj
zjjPl|9VM{j7m>3Ei)RAK9ZQ&?z=OC&j7L{XTDm-^*_M6V)59*&o!7cF359c^LDYVn
zg2rB?A!VLwu|WC<b`uiTE?iNw3@X?Z{Z)>kBjOe@MGM=@4v}yWD+;Od0|a_FCJM71
zzBubMs;ebI9;6eVVnt)f*ZOEqhoZTsxlK?gz9R~9xy!UGszCJ#`<uDkjXHU|WdOH@
zS-RA#+Q#(S_?fCz3dqgM7kH77gW}Fv)dhWRWqda#jG#j5gMo?r5zkf#JHfRm0q@ZD
zIZG({&K#(U)vnp{$L<ztgx+jyR39d5SGTF-eV!h{lCL$eB&wyIp}ew&2%_pXtJq$x
zMWx<{QNFuUL7H8ZulN$%X+Z~MzkscpirIaG4V!6`I^;vwn!ut2AYFFE?X)utGZyp_
zw$>Hb!;^8({l8FH&lj`lCtm4E)<&ubf$8B7Peo&+=!g@KM=9@`_1xMF(9JcQb`@;t
zk~Hp#Ezv75iHhr4;p3)p%|c7Cp3Snu?|KdoOs>Vz3eeLMGP|02$P?9WDHy9PsZ4)T
z0X<pd>qkX}72`07Mia5T$TKWjoVp&*OF@vtSPGIcVIAnN<$iw%rWOK{oMVDpL*9lw
zEQi9-l3A?N5=n|?h}i5M8B>rsBk9z5iqjTzo**w7OS-E}522d1!sjz+1y)&1M3g9W
zdwF%=Ab#`q3o=S`KgLJE9N4Q$gvMc&ri=9sO9%A@*n}Xcn9wB`n5eOKZ2k5u%@NHY
zdHzI|ex?)|C1OT;p+}TQ1~1c<zv=;sEBSF;+dK=Hr)a^Ke%TRh?GsD0UZ{yB`I0GX
zR5dSDZua{Wu4{{QiIXjV_jkUzQ$-tfGM;<x&(I|};;H^=AX}&(zk0ED6{1)lP1izm
z?qpo}>6KCP<k~51O?)jW9BY{LTrJxUpG(s3XcLTbxp17=Uq3g82RybT(Hk|-!hk8B
zkfeC`Qtyh8$(2NXBOZ%JDb>t<8qfm`P~?joHzO2;QF59%_Z8D+_3XKXcITdnx?6wt
z<&}y$HvGWT!mS>@-&uXM<k=8kCSrOcy?^>H{cNE`Wux45yq*m|Hy7)*D_e>!L{0pT
zaa!~4s#yRStR(T$&2#pGCboza($V2qtt@0Y_;PJom4Tw8jVgg~-a{}@q@~G~K&}MQ
z#oZx}$53foS4%$?%@&pW5(?FDiy&8uMU{pbRJl9T!CDsd&DS2ScQNYWv{72EB$l?t
zSg&PjSx-LK5lojcu}E<}ECgRkgFD#FNtKi_>4hh)YwVgXe@Lix>h?em0mASIr=JdQ
z(ReL$rx4W18dN!@2|(jcwRzz&o39Dx28|ARnFpfZl^=<(4qQAvT;{sN+*`~^MQ@0Q
z5$OwI+3(G^8KB;rI7|I`po9(H+`PV8(4ZBus6z#=cU~G*?cRInvInk$_6+{C`jtZ0
z4QpdPhUl#pOd@tyq1j}<bT<yprO4idbVEQjsoL9f%q<6;EcQog(=L1ot5ma;JVqZO
z=_wrah?B}B5|2?2HmMd|Nq7@>y>*6xjykIpx|_cY(NJ10rx{tWNWopis9jU_H^5P%
z4lo4tbY+G%?Tyw-$gXrP0Uskn`Lyssoc8;(=-5OJ#nbFxJRwykU##^3bPjM)Xg{mx
zi-+Vz)@%MucK%^5>7-+Zdy2j#$5$mtVubcD=DhX<MJ>iyZl9)jQ|BC$dhX>eazxrU
z9z-`6v~vEj0qQJ6G^*x(5q5X3zlERm5{l~2Hs_^}SGSV2<3Ja$<&69XCGb;j9hG(8
z4h&3!Gkg0CP$@b3U%*cDi=<=S35Mu{F2vJlefo&FNZNS{t2FH>v?kUjnJ4q-bi(h9
z$lX?T;A>`}T+4oKc2HunVk!6YLp$j;P<6#6`x)?Xskm%yv5^j3yeB8MzlAgs^Iw`8
zy8HVlDs?ZPSUNI1b&@C`L#+JIgD{Fc5S}e+q4?P#;k+<A8CoEtu23tu2zaQ!jgo)Q
zs=<wSY6v5&`@&dO0?pmnN$Vq@q>r2=wtzQs4J0dmXbcW$86%coUf#B<_jgmdLBWG6
z(sf5-XE3`i85*ChwT1&p*j+TLNYKvKDC5TL-Df@yHEa7jHH*XVc5G2{{P3K)wc0~s
z;P3E6;_81sX^3?efEL9{WdmsejI9Iw{mo&7vLr+@$3pt$oL~hn17-Q*(9_oS#ZkKl
zo&Hj3U4E99nFob}e2isf?Iw9gwLYD`V51P{_yhomi1PE|1L0ks&sI)6&P{&w46M?-
zq%Qe*A5WEqsIjatY4O?WTe4tSdcxq#>({z#<yw0t>G$3*AcZ??nB(}+-hJ!xbeoLQ
zKhp0lJ1CE*<|NlRx6AgSHGMBZ6QKZsHCaEZ9CLRbK$BvVSI0awG^QX!CmoRy%fgX-
z!T4+i$xIEBSW16*gG=7@wFmUp90wWtAy?p3hdMy&?}9O5RY-1!+aoBxQ&c~Dt83G1
z);RU?IQQ*tmjNETYJPos=H}Vo8i~VOq&W=<s{CXq!_9BoH&tSw439YX^~>C0rWa|+
z7f%)kfSD=7SD}kvUS9R$W^TI-MbmjRM@L8RC-pOj>?wG|*9Uav@MREm7sJaC903`u
zh~|a;B}c)#`$F>IBia9gE_n8(B=go6h>!~SZ12&%4JPE(P||e=(y?I?+IMgTDT`?X
zXjfmHy59&_jySR?L5im$A`Kw<qm@xSCQ`v?G4_W_uFbu>I|IuzXD4(rnr<4x9Tp^U
z!Y_d@p~(h%C~j<GfvM&drIskUQ=7<J12&yjoO+V3;4ddiBYE$r5^*V>#S~Sd+v5P9
z+^(#8?ELhSX$Fib+`nGTYVx}aZKdY6^H;8bSdv9$n&he1`(`j_QhpIso2y?3Z=Hk%
z{8OH^g6w(YFZnRUb6*;ZBp9)1P4I+o48~rLpBtsU+W<wcIbdVoEl5^}2rQ%Li<?QN
zi8z9ylG0#7`0ru*afUX&RYypLtO=MsKHp%PBmRE2KqY|i{&=*0mze9g;)@l`xt1Rf
z9!@){UYWxr_l*W5g$Z1G^<_Ix_38utPf*dickd8)v$<X=A7n{kGF$d*TrsSVL`QU{
z^TB+SkGT`f)4u^-e(`kRSL$e|=CJw&aeXgeL~o8(Poei8^+a5VC4)}s50Jjf#1o0c
zz4%wh^$;|Bhn!shw1H}%<CagQ1lgk_XVPOdpmOse8Vy_GhE7)yipp@g`x^0;4%O|E
zi|aF(vt}ju5dCVum-8a|y2YCq!;3kLz&uY&9KHC_cz#{?erBfjYkUKcj|>;u$2($F
zsI%Cn4fB+=e*=W2Jxs6NO#L<PneGn=Fm?^TJx=!r9)<f{AwsI0imgK9<RZZdI8W-#
z%e<41Pj?4Tv*-(Lb=^J1K2T;+<a<Nv%%MNyOxjAs{@~2zb6?3v7j)xyX7<a?^96H-
zs{41VQ|=v!KqV)O-y#y5s>?Z#nD!*Hs=54<6bfIqEoNH_xC5#OK;h^kCd<s}cqOPP
zg|;vnu44KDvWiuN+h|QoH^C3zYoWbsh2mxinY(aoBE2Yi7!GB<oFXTua>KjE)C9DG
zl!oN#OY`_2$G%XYxW-jtbDQx$y0R~ERf9!`K{Hj-lf%S}nZgwpWgVB!SlNWZ6#7oO
zZfi)!)_s3(Ik-9)8{sc$I#@IP;^$%V=4k3%5Id#89man;ftIB=ZyEL;q0S0iPc_0h
zqb5dN(}4@aTKL5BGim5&&Pj)a5>$<YB)=Nvrk!kp9(D#=It8e`B;;$mG~e~yleI9^
ztNC(AhZ;Yuf9LYam@x;Uzy)>XwJ@O6X-$}z8oq-o?{Tzd1GD}n{uLO-aBj0~>Pb;G
z9P<1)Fo|$2`a3G+#b`~{J#q})E$C6(?>zL#jCq7cKB&#E*HH#gJwHLIaW0_W!SOgn
zf9$vbXp3U*l{<YD9bz-T8*{#vb?u>rjNi8~W!CPy6<n9R`=kG@-QiTAE#l{MMZpSt
zdWBcPlZ5ebJc;Yc7C9yd;1=uP!D$twJO=R<Q!n#$_&~9NU?lyZTjx~ql;Yyt!nV4I
zEaz%(A7wCwBKP%xw>&H^vrC8;iubMHSFq$hN+%FjwGC{%-qH#o{o4?Az0sc-VZwX9
z5;L$boLZ}Y^*U~1oS-_UR^(GRN4nz(y>$K2K!*Em{FVBhB5$)WJ;dbZjtl|mKJ9_!
zbLlW#hgS{pRx`@r=QF)wOI#{a;)N=vfT4voY=i!I|8xRd*alTP(>39(r(a8rJTO$0
zf?G+&$BRYU3en91Hzzu#=*+J$k`XlW(Ck~2<xiqRe>KTXp_@0_q#X~uJAut4=MMQE
z!`}5*R7eQRbTqt9cVr&nxc2+JTSw5Eedr%F3wr|pPu*sQ-iL@VVfviSlUhR}e|*%R
zYJMVY2nvW-ekH_~7(2`ekup&&?`L}B&)YqF|MKdwZcVQz$%V%^=$Q*GE`c_=jVWr;
z?$N|0)gb6v+6*Xq1sw*w<+IH{1O71}Q_W#UiPd~`iOo5M^SvK^a|mVU@1pxCEyc$5
zIYwO^16ou6`sOEy!qGhE)#KXJIMI=v8v0(dnk_n&uoZFJbc6njgN}@`CYk+P)tBBd
z3QJP#N;ZKux|5GeLZLBpJKr?kQzS`u7>&e%I~f*LIK6thmmp5gV3O8QjX_{Oqx9WR
z$E)v5<}$tvZsLH>&lm*<e9|4Rsd@}NbLJZsG6a56)FE4zr&u98!|lU4oGY?U4S|pA
zf4%%kIG21Nl5p}Ihmly|p@9m&mOVvwa>mNj?mw-tyX^^)nkZmHA7)7ZQV+VlIs}ML
z>!(AV4JXD-v865!Lf$Bk_z<z3J2T`>mQW{oFz-#8abQ)#J?8`ay~@HE@{8{Cr;_j1
zzrfyB(DdiNECwZrY+4B03ZgdW|G3U;fLlhhbJ@um801WAUK~^`3tr30TQZ@K=pnU7
z66L#3h7<Re*ci!LQ>pSjAS-WEWSns3y&SQ2Yr?pV|2=bXxq{mBbG#XYvY%K7CLLbz
zW_2dcf#!HA(uh7HtZv?(J4*WyI->5aox;bei)~R+g2$ZL&R4<_T>}=vPj9rT@v($`
z(R*k+>QM2)E9L4Vr=3qz?369|6Q}ZkO?xEO3Q>1$Z9*-8L3G$(#ljQ)-C|KCykH|R
zt;b}<x0`ywa}B>o+S>RzXr@r)spZyzObcjbdym5Tow<Hunx@6o=c&-ETi1OWI#TKP
z9>qO5-)Ys4K1iiW*kX@A4F}ML;c7Q-flwt^{8nS+%*@Oo-iy91dx0MyM=@agdv2!!
z7!bJ-%~+UaU>C@5RA{99^PPL;mUJa7riEbQq;)hace>(V1Wu0(C>Ao6qq-c?Z24-w
zF!Yx!xbm?2Z9{INs!eImYtu~cFnSxrfG|sfcDpQ(HRl+9TH!%W1XLMTxF3juosBH|
zAmf<Ktf1Wj&^g@7m+lmRiPo+rSR1Z&@c4E8TnIc~p!}5a61&+0Foa7b_xk5$?{D`<
z-URINEhaJPsu8ZcrgU74$^<z&I9bD5wpWqQZr?6=g+6|AO{bNv;QxKG*sup3y3;Fa
zq9e?*2`7XygMlX!8rgCR`Wk07z+oMQz{*4-RkspxPOUp2*tR3MWns9cd~4Wms7lAN
zy-s8{j%^oFm57(iX%a}Jum|H-k2&aBI4)%xtv1~HF5_vPi4?f(^3(vZM(jUpIDlN*
z4a~onR`G|$hFB!-n*E{jzW_fXd~1U_BKCsMpt=+bvjH`q9nV>`W(sxkx@9Ws2a2&*
zfCGDjH1!VVL?(RYJoC&*{`JvQC?V@B*szkc;NajgKz_4c#L9CsP!b+VN><?v`(k*8
z;br`|sIoAX|KY9}6+QAvQIX5LY(EX$qZxbu+y@b?S)e^N>;X~SO+d()-lX)y-H2=w
z)OT-Qcn=F&?r=z)G$s_3oKixrso@3^>Q)eQR3<X!iU5egL0u8h$(F>d*t!s<n(YlH
z>%!BK%add|MOWpnB-pL}4k>uz)F^g+W_t2hm1=p9ugaH>(@?>_!HSOfw-%O5`iICG
zuA!E_t7;7U%5pkf%+jg(OiF`S)MRPNN4zgp#uPnm#tkRFRG!r``D3K2hZ2CX`l(x{
zFec*N>OoANgjzCddKA(RZ$Z{f3LAHy>qQmbce5uGZX=5sIP+c11-fMI69{<oG5^Em
zP(%2$mp(5>ow&9(vnQz~boXxYZ`n>>7pLIw9AdAO{*}ks@k}J+whnUlK$bHjkD~dH
zBpk!*A&TyFuD9oYkg71w3A#tO3X3E)-pv9hVn<wBGqOo2N0%VIW<~4C(BJgPlozk>
za)r^!n7%#OTNRO0k-VMC+1)XiHu-^$f##5uDhz&bBoy8PWuK&UYru`y!m2=BlY)S@
zx34jW9>Q(*E{xr}Z!Lc<luY<!&?(ygfLW*l&CX$~NJA6)Q~#N#<$1%@A?|>`-19L-
z$CJ|S&VB&|(EhoJPi*vKtLK)FD?=pZXE$y>U9adAr_w=|<vVxtP9Ay0NFcBB9#mk-
z+8xN3J$3!Y4WMlV8-s;MZ%j^cYG-90a~90<AG_Qc%-jB@wb4nw?D&SW!K-q#O>aL-
znzx;k)0_velecB~POc(?adpXBQ3KptWO#t(YsY&p*mZQr1|*#Vhu!4%PNlBwAiB5i
zZ)clAYE?EqT9;xgzznIcw2ST+jU<{`d6HtdnQ*zwWO-$~^jMyZjw5wYS_=eD-0zt(
z8o)HCYy2L%->&)2fs=zHiJGWrfXl{U1Y0Wi8hvg-3w6`6iR&8DBd`^t4^v%6rUDS%
z&<*c!xh?z<sLpfF<B;S4ZIjG&;ED2(#8hzo8aYv@b{ejtb)Vt3P(&*T-)10zmF;aM
z*dlz|1XBPJ)ow&XbPAz!zqfdOypN|bge38cnvl8&mt$;G9K@DFi%3_H4=vl>dP!IW
z>9tY0{Ey&5TK>6^Zz<B8x<21!*{5F}XJm0Y6x#xk$1@KeJ`rDQ#E2Pb`Q2MA*n~B5
z)4{jiAYISSqT9C_`ld~<>B~j50!hr7;ays4RG0wljb-i*`Mfxq6viiS`w9F84P~0|
z;HME#BHP1msh0zm-=8Stofe?~FA(be^Tmke^|=8(g0d0s<=Dn}qh+8_+>nD{o9_Z6
zN=-@WMNhr2fvz%1JY0WSjGg$2tF&%qi^-x|1A<$7fO#z8Rbq$*fb6~c`a8WDkfa?2
zrR34UGuLhhLowT4iyJvQRS>Fij1`TPlhm@uRJ&}Da~LuHN!C7zgF<NHZBLxha#G2?
z%Fdf_v0=q?Ks!i&xIOrq$2cVMv-KnD{A0mbK9A0>%e0IKaVb<`;VaZmFgzbb71~sm
zyYtzFJ^BvvpgrZwrj8wgmU+J`^QdmF#NjRB3%S3|j1ZGJXWnQjA4E{WhfHN6yo0d|
zGVw6bWNpgR&FJ<NCYv3;rv2UDY_am^@hE^Now6j;5(=}d3opQ#`QTt<@S5wns7e_I
zR_S)l#NU;GJ!D-56;nPk17UviSW|8uQW?4Y=r^J>@-Jf$_y)ORe)}sKk<dU4jLn}Q
zM#BuyF1RqKJP+Sq{hp<6X0ntb_42TSm+_T1DU<g;WY`d5vx_4BTtF;+=d+9XgpAVJ
zxe7d4cXxNgGB>q9LOPN3K-iNHrDj|f?V6xBI{5dJ>YE{C8&h)+F^tEZphOjUZjaRm
z&}fTKWIc4hJ;4bApkNmOF|c&XfqC5~_wX=JfF4vahjDy$(8PT|>fd+2BxQkPQ`NO1
z@ATx!+1;_}StPG6^`NZo#SZO-`Rwtl3#AvJ_{Rnu7=8B6HeUT_2#*`)u+$UR<mBI{
zYg`(K8iP%G&|t!o!7Zkt14oEBQVnuYH8_1_L6_uDA~Etaps~BIUR_YYt7qWodhg(I
z?KjduNybp~eeVD0V*kuDvmSaLRK>a0_@p(ScAl2K-wwkZh)(wyw5q*`58yFoYX(jl
z<xYDKRl)V?o99*-lLXWPAEDZZn#zt9X`TU%4?z_)K40r+3mG`F)>}W$AB0&l%wfqM
zSs|m7xl+)8{figMQHMN1W<q!=zm#~79(6aL^Eh%P$A4~viX%<?CcS1ur~a4AaX;VP
zjZtnMHdNrVQ|iHag4qKJy^Ht-_}g`9Y1M=tlK@tGZF>)r)@414!k>#BJ}iTDc`@QD
z?s>-%S;6Wx@4NQSlj5^+lXmOu^BWw|$l@2U`LIiymz?xb6H(g)B3naxej%$2N_=w7
z2dq)Ds0~@WvX85pbnQpe@gHUlO;!d*O9>?y?4my(x%HJUJ2%$@&ZZoHO2d(4N4hC`
ziOr{U{`^;+7tRyAGzazGgX5-i|3hY_3;!HMMb8pU)T~g%cvz`-dh^ni+)?6DAjr*9
zil3*p;#(*jc$t0HuuY@UXROXra0?R2=?#`Ix9BA6NrBhp0@a<z*Ax|ggAg-o?XA}U
zK~>h}0h|$(+MqSW?oz0isp=cxjv_JurY9p0Gcd;TWF(WgG@gND?83){?OzQ`v6B#<
zZjj{)j@F*(sy`0P-j7<&mNdJkOgOX)E~?4rP=~@w6g`*6(VA+sk_6H;X1quxpsd2C
zBCD=z;7i1g&%mHHV^#zN+gZDFQ8--S<dbgRD!#ZJzCQQk1Qt2MP(+K&hY#)<F}(ao
z_HmIfe<-`mLxM_EA1;$c)F9!yBkH~R^1vIH+SGRWk>CRVstggVg`R+guB58~H<Q%m
zlh*yZfMW5JXecd19=y&jFbfdcYD_11cBFEDQ#7Jlnj5&M_e*`~ln|S^xHy)Zg;@>Q
zUzV?rq*S}Zr=KZBBKsN@2tZ+$bP2Arf}k|GD;N4)%U#mo9-=@&6f#F)7Yx_XP_1*t
zO-4_0asE1XvGnWnyT{<GA!fk)VHDj0X~ovxk`THI<hFiPeJTtm{)b$uJgx-w$wGGY
zPZ>ZXaICO!>@eg(U0jm-b6C$LUicTHbViHqo$xX?SElFQu}6QzpRlnRW@leGX6!dm
z+?IOqsr*ceTM0{qxUeex(2R$<#R-%ZqHMkX>cQ<lh!82_CKF$ZAm%W#E|t&xPw1h8
zdN4Da5HggL%k{?|{Fz=M{!H*}|IQj4-G|v5_&+b3rvfEGt)OARn#e|pU)>o2=^Aj=
zY(^SKqTrfXCQIf?9F+e&sOVsLB=k|`<>FNQu!AkJ9@datLrR9=fCtw~&?U%~$WlFy
z(>{+fXR!kj5<CpV6N+pA|DYS7<U6Ju(9U6(2Y~PO`2;~n7=n?9SmMgv+k&TUAK1u3
zN}#RopxLKx_JcgoP^bX1-V3?+es3P4c^5}O5m3cWU9&+u_m6Ui=$d)xDBTT7dqJAs
z`#PA99Zgn^kIizW+<c?O-vD+fkAUqTPj>b9D<R_kA3nd7enBsd_~5cP6z6<?>}5Lg
z{MbnB1w5%lr-Dz6su1pEiC#qGFdN)k%fzFQ+Kibtyk0yySR!N6+Gi7{3>#G72o1AX
zuD~*yloDk&^)FYRa*#wt!qn_cw`h?9g3CH~WS}N~255hoj-sS?mE}6V3{|%!ek*dT
zRiFovD5L%kxn!hqoSxt>f`jyh=g(Kj%5X<s9b<kWNeqETg^WI<$9;6j(j0-a$N|?2
zQIQ_WDJjQFO>+qT5kQ^433~1~;frXCYrudbJ3HG2;-EdG>L!WrPC@Ayy!Pj3B@dOS
zkwEyf?J0r3p5Sr{j+VnN5F_eVRmQIs(P;nQ0`8@h4+MbEJniI{N1*cu4F%UgciQEJ
z`3jMnrdl@N7lELkQ!oCE6dXtZuzuBT*4?Zuto4Z#xNtqee>BD8R|idsFzp|XtM%?e
zbYRw;(!eqRDz`xMsqrI78R)~k%CViI{q^!Z!S<G&@ueP+^GSlyEW;zu%BJ5pC*S;(
zZd@i#8qu699{8<^o3){%h5cmadeS6_P3ql2(@J~o)t9DFvmECc=AH_}G03yAK6UCK
z8`&c_>gn#*R0dIY3elRoHUd2HT#{GOd&v3pb8oRVvaAB9qmAxA8155Bes$&bUGqY9
zdrlWN(c{-E;Xgiksd2vS*0g4@CgNMXz&`X}Er4*pJq(DHV*Ozw?LnqdA;I>|uEqM&
z#Mxijzt=xlFpygy@wpdih*2#dQ0Dlpb$x+Bf^4B!JW>Rw6#=Q_OyaE7z{G$b-F()U
zE{kD1{v#V@JYgbm)JON=-`!cQTL3uIv$|7KR5T-0OOH_K9t?zOsgwa)s~ds;OuBk#
zmEBksn*t{a!`+xFJsjRmzYJeRdINIlZo$^)upPho362?f5@`xlOnvG=Zs3!cr}?l4
z<|pa{%Il}I%s~ChW)8r14-CwC8m9A#{r`(|^k4<3TkwHJZRF1A#7*cyN7TU<$p04<
z+W5?Q#9X9!H+42aAVQ|H`OgC~W9%C4r~VU_bXiqlRXYBlJN4T$x8j2OZz=WT?C0Sy
zE(nFrqq_h}StWZ=cDzn#A4fcO>U<$=#5`ZFJq!j>bW7~RqQr*e`}GIxyDs;EvqUdI
zI6Xc2@^J<7EEr#c2?*I=R5-kNa$%ymN#$!Sn>nDqu3uk$BVDd0d4773qaFY$(dpcZ
z-g)X?seh#-w^JIwJoj-3fP~vyz^2$NhknnobG3XW-yu&=e!-yMpFK52oin);<bTBz
zN=)ZeY*_e#YR+g1*098*9c*($t@rL=?jvP9nv-eOJjP}m!kTqIBa>a*JSB&)7N{Gv
zmlwzC*CPG|84FmBf(pnuee|hI0%;gV>fYKsK5e@{W4MfrjxyAX3ZAvGVTXqBxN*^^
zf&kvV>Pyj+7B>~T!+;u^Ns(?Q8KBiz_4Di<^@05Em(2_o{2}Rm&;c69(uWZ6Va+L!
z8Uv(50k~!BbDBWs9*x-ph#GXzt}+4GFu^U%E@GU^$&c}CaM1aS*<VHPLq*vOB&L*0
zl%$YA@zWG)OONJP{DQun2j~-0k<e0Xtp~oH$`$qncMwhZpDCo{L`!1GTqanoIA^r}
zcl@UQ_U*KQ=D+))!@YN8wLox_p064Ha<{J^0th|ov3!9Md45&jhut1Y8t=VJPLaqj
zE^czEI5V0z(`$B~{{}Rs_z!Hz-gX-)G(<;2j-16~a730Bf)&H%d#o2UVPSpuK+DB)
z2QxFBH+UwHMAIf<PvctCX!tRgM%UNZH$N9&gYhbU`JDBx$Pcf3RRd_vPN5Il*LsIe
z6;#Pna0{EV+?`RIns$O&l^Cr*b3!#RdpO{`ro<^pn)RGA`Ca1%o>aWW!;0^Zv4e+V
zeeJ-tM6Em(`u#gPF|k8z8xTLg=9cMv?f5}20@3eppR9iGA~9_Ozq}x$J%aBeMe^`@
zNZwekNp!L7pvqVxg&V66Y%bG&k<=%B#y!2P=xV)ywW)MEv)>~{(a+^i;7pp9sB*9=
zq}3W;%k0_zm-b$&IHTt3^7Ji2dj}XklSaT-RjNjl;pcDfmVeZ>Gf6nDw$6h<+{fqM
zjp%jZ`i%u~bDnoI>tmG?2ci9y%5*ryK=bU!ZW=8)At<5Ymi8DfRsW$-ttXfmz3C$Z
z@F5fu_N4VVDwZva5u7-v=TpHD><5S`ss*IYmdVcnX#Z}wJX}g)hE_<C79}qMFxLI{
zZ8jex!K{bvJ?E$(YuJmOsJahB9NJ2MK~0+!%A!W8&eD|##z+D`h_f-g6l2k+ysPG%
zGux#o)ik>*L7;Jbp?DxrCT#0cjqkYX{NV6Vt@Az<I7f3#hs)9D8RmGLF?T=9N>D`r
zPTySQuGg7`MNzG98%}fO(<J4St|ZFSSCLejh3-X}W6ueHGg}pp6*!`HD6IM2q!2lZ
zfE~UjwB_*Jn^o8Jy|5K?mOOrlP%siN!k=XE!grit>LawHe?9XHi8?BlM$nXSkl23^
zzq@{{NPm7lrk&`361dgtIi(ZB5^W$y3=<x3r`H6@jp{+7{QCkJ>3LgxKsVJjJ`N+t
zE=opXoAnn!g|m<Eo~G5lpRZ@U4LE~f3f~OvnI?x&5X3TlE^#(%rcj|;CkNpcQ&%8?
zhlH~4V1DY+oYcJ5c&DAtuY+24w*DL|eE9<dYmCbanfIc96?ycDXx1zXM#k_7a_Z=B
z`n>lm-YQ=W0|y`9C=e!X%Xm&CYd=T2;Zb*W28f?7@<R+g>+-cH2W0i~9*<E~Cn_GY
zxVk>w6_D6?`mwsDJ60li5e_`AERUlws=1}kM6xhG;#w4IS-jXcZQCVG$drAGo;(HC
zo&i#-Azdn{B3VHmoj<Kqv2#ic6wiKP#*MLjf&&8`Y?Ud;OGGDN-k6DW;oCF)*WFys
znW!1b5M1||*7Mx3VVZ+CcK|p^R%6BT{Y>f~J10Hw4KDAqpK)_tw{WvvMVEfnufCDc
z^HtXWo_U$|vQdKHn#3Gib;idzP%SIa@m(QxT_*VsjDbBReT9d2k8p}S_UdCbmdY9m
zXLHF*#vrsgzq4`10O?C&i;f*ZtxCi`-9nAlJi{2j&Tt-sA%+YdRSnt0XjI}P9nE|5
zLmqXsTG_vjj4pu_(|<dNw`-Oo&mRv5|J}3ScocMmg7Prbz?z7xLVW+MDSbqHe{?#C
z&S4vpeMSD|L?2N#+wZe(x-5j*E!bW=wo#}-(~vdhxb}8oxH;$m2w6hUVMWBg9O*HR
zgLoKDJ$v9mysfLl6WlF9Q_=vEnXt2skLPh#Nl@mWJ#|V&foe?gnH!>|m%sJ|1|m}b
z(fDvtK~0cWCr`48d4f5@uWC{KN37&-oHo$`QIyO?)Xm>s)cY66#5h8u@aUZwfIhTH
zSMon~N?{|xK66XYP4msUwYV6{ZY#L8x;SkZfOu7&_l2kizqvtgiK@m%!(4dTojW(j
zLQ^<}VZ`#b>=Y?eb1Nce&J*-TTvYh;8EKqxN{5tu9cKhk59N-auw%M7;0z*K2HF1C
zY1*+aGr=Dz;VBMpAS9~1inj2r^0ae{;Yu20-<dZCJ^d_*JlNec^OYAPBIeEw|Jz-J
z>?f>?b0i`H8MTi=MM81wdiNekd~!G&x_ETOO?2tN+hZ*X4|X&GGsOGtdrs+ECHIOJ
z*+pEm={!?=(e}PCW&6{ruEwc!HFI!VI2IAHA7SujS7G0rKLrFzeNX<QI(n0O7Mk>8
za?94YlwL#vpVSBv(?)xUW8tKd?bvF<B>s;REnm?vleQ(pYtIO!(uBD<`UTvFSa0ys
zD4Wg&GmnXvS04^nor|#v+^`0V(y$KQ<qEe;ATp&VYyBQ_*;AN)#Ety+@!J3Vc3JNK
zSDy1>X%l&dAGSnFb62?#X#D@u%$%A>G&2j1v(wYY!q&-VmIvp-@hj`K73R_ij1!bx
zlx#0m&NZ~DyMNz!wX9Jw@M3q<HxSIU7kIL(6N9k9WtJzB<}{b$20HX)r4J|$+*G(A
zs3R!;`aKk@!u}@?cs>1(Scd!r#4;5kX7?~0ZFy+TGM0r1sN0R;7kN`}yZxh+A=>;$
zC*#hFi0ywoV$b;Ya*Qj-@m?)bST7^Pb&60UX6f2Fvh>smBzvgvY%SB+(^*jIAv)(C
zo&a|VmKrZ+^6V*bdig@Q00W-%=0YmyUCJqJ7OkKo&H^f8clum~1`T601$Gw%`)3}I
zut)vIU)EAEUx?NJcKW2Fqa=s*zsi?a|5Lt{Q5~^8=F@tZ^45h1-61}tYfs+($16<1
z<M!1X1;>xtIf=gUrsgHhK^D==^n{BKr+x8Du6I}8n@O9Ljv}r{0K}OXtDty^z3Cd&
zCyb@iOzUlYOOvHHH(yb+bZwJd0y#<8acHH8CgsO(>&{?)N7zqB6=hFmpN&UtKm&KZ
z9n;nT<0MuSBBx#O0}vFI{}2qdEjd}&_ux!4x$3|vwQ%T!PaVj^K|7)8j$}tX&W)qV
ztFAf-#V0AkY?+&lLG@Q|aQvize;0lr{$6D{1;XL}UwtR#m61{e&7y_{Gp}u5`PB>&
zh2R^YlVqz#54>Qirla(3SgJW_Wg0{A?V=*2)Z@pY9pl9Qn`*ESTZa0^9E=R0!Z3XK
z`WcvfnGb+T2JD6Mhy&B?)xNhzgA%LGUj1b2FAYP*XoK0sdi_zzQmXV3bIrT|r&no0
zvid}qRxo91%u3Zz73we0cGq_jCa*0FL00I8j_L2;xr@I-$;BGfupI3ueYV-LEBF}{
zAYr2_^^gVWc9*=B4`P_LKtTN7YOKktu}kLR78GCqg`?>$6&V|5tktgg(DtE71Iy&u
z3ae7jRzQTJU}R>OeX`^XGF?amr(O#&YVhqz_5WhPQ<8_bN?&)R_MlV<)68PY*4NU$
z@P6}5QXr6we;-pCCrk;4WH_QEreL%uIV|q}WpSR^o4S^yOI=c#o?X|Tt&kdEWJ4j7
zCv%kMDKZf5CQ7l*%<79iQo`@w^K(J-Qii-oALBR{^w+d07*0z4e#9RQ0cbyf&|f8E
zHyVm674{Utk@fix!hd`tueD}`#<wZ?jMy-{D8(4q!X!*@j-8X3+Tm1|3qP+8o)O*l
zB5YU7xAvj15{ITl2Eh#3rZ4|D9}jG!F0E!6$h@2ag6;Q4{rtWg11H8(E?IXO|B|GY
zC=_h*e<(Zas4ClT-OFMDi|(#Pi-4qbH-ey|2o?wn0i{8a5b2Ue=?1|-UrInlTDn0&
zKv{%@pwb;@K7RW<XODfx9%rBbzA@g9;j^B&?|IL8UB4^2kp58Mr4jCZ?G`+NRH#hI
z;X%dJ3f%Yw?dX)UveJgl&^cRW?P9mZTLUoP{eYUK#42ctsKJm+Ym&xt)}V&`D@Ju5
z>9pl<F&eCZ0O5PTCdDpIg3qjOyBmwRl9c}ab|EXCmfF$>e1OmnASSl|{S;rk6uIfo
zDX{asY>*Gynz<<GfLIdbE(sh4syATj-ga=vIcM_U8N;Zs`Lv%dr{CDpSC3yYZ;HFk
z{#tPW7lAaXJMktPEIrC>>o^&iB^dM2B%Yh)oFQueD6j*eLehQEfWXBM_q*DFzzlkd
z6-(-#+@xJF=+ilBKBQT_eT9%&PG4pOD`ird<8dkxZ^Nu|XZU1-LEgBXa{X?P3%@nB
zLwGIUJL|Tf2(|5oHzaI+OUZDnA1eY(>4DUvUj=^+R%0Sgyx|`ZQGhty=-cgpn1CW%
z2%f-DWYx{CD;QX!k}@N8*{A)cBZbZm{y?k`i2{Z#XNbLfSEiZ;0*7SV_W^MkVib0_
zYQ}BAEkh3@rbNZxs#*6{0ZZL*)>FQ^c2(m3(Gdhzc9x0KIe*+VL(Z2e19|jQtxt*F
z<2Fb>=ocz!*IVFo+ro{s5_i9y%WwWT69^O`(oPr=KD}mB9iSN#sqcwhUOv??PAA-I
zpp`+b8y#0mn7^yNpFo|U*3dUWZO~!WHciP<DL@_A)Wjj}j=Q&5dgB8fecXXDssGv>
z-yM^$<{177KDkr+!m8?z-3wXp44!?6aDb!3=IX*JBCES8N1BKd`2yaxC~)-JqF(-?
zfKMIB02U5Ia!j<dvlwymV}FOnbNuQq0seeD9Z0faVXcujgaU|lPSwlF{=)|pFGgXN
z)1?^n!nzo3G_>zd8a%h(KD2tVP`%m`C1&ukJ-qX-JSmTG5I#w~zs7CG{KLr1PylQI
zC+H8b45+eD1MKe_?C7ZgN5(ZJwx-pYwhYKO>Pi;5=IJQ+p0Tl1r`VhZ|FYprVM?bT
zzs7~ksC+KRR~N4bmmI?|KZ45@yrZ^9KOW2=5`uRJYh7<o>al%~J~d4T1q$lk$J<wF
z+fhN(w4Wl0GFr7?OD0Lm`Lmly{eDpkwA5m<ud^FVB0+yb3okt9SrmgG3Yh2+P3$Es
z{{@WoxmL9f4Svd7`#Q~x1jQ#3V@}@I%%@9l0S52*TTCkqBt&#HPogz#)m~C+HWi$4
ztUoz)E`($R^>VfhkA3l&pGRL+(S(Vc-z)EsKQLkvE=|TWc=tWsfmLrttRgXT&|zx6
zv6u(_1sWm(OIp7~-6r;H8jg$!_l)`OWNeuAvSW4Lyo}}gxSfu;9t}EcO+1%r4ssb#
zJiG8ZiA%;<Gx3j%-U+7hU#=|u>|SNBBXKf7Gt#l{dCmM=4H)w$VQ_81DN<jLv>%q9
zA+$Vr;AW4Pr^`IK`&vh#HlL#es6-@p>pUynkb;t`e}h2>yMx(@!iP5-RB{FB=qjV3
z8}&B%?5T|(wFGnBkT$lxESw_T(Q~H0J3DLGuyx!bo-FWu6B{X2ISbo(vLzU@o(B-q
zdgkw3;_yVSr@b3+2KjNHsIIC<`Dovz@r#PuSQ;^*`gA+GZsmt9NdStcJ=FD#6>Zbx
z$x}^}mH+i7DbpM@HGTY)W?$oEk1($Ae0W1JDFr!dOrP`#Y-QUQzE-EOSPJzt$uk=L
z2k0DdkZhV~fc-@KkMOHsjyE4$VHbIR_M+kwzYnmX>ml-lM}eAg(|$qrtAka7x;4W^
z$wD2-*Qy>_)&5Xd_gf7Xf_)cbPi=#LD+u~^=6m)PItcrJL$4y2mu7{rG5k6*x%M+f
zHZLEi{0f?}CshHo$dk!yAnGWw|GFwuH<x}F#~fx~!`|p65~Q){%=GBNLgI<XDKLQ)
z*a4D0yZVQ{pRa5a20)%uw$~)YQh#ej;AP+M6H0<tpYT09e#kiXj_!ag)KWZ~3O%U4
zl4Wd%z=c>X@6C&?u{QYLf56w@JQB?+jT>P$*;M*d>rwyho4#wp6`ck<;IX)40$E=+
zSwA_E(qDwZ@u5H%bxx!4`+U6)`H|ZFRtl{_zZC<=!ZlVjP5wP_Jp7Vl$!{`nfpWuN
z9Ie@O%4hFKSBl}9=pc(-woW0&zmk^)`nZ*8D!x@4aA-OA^_v2ezy+#I+AGvb%M$D0
z@-)0axpB-tGDyvzt$zs0hC-9G5NZD9+<o@^7@?n`n<plDL4Z(gT0m&Xgi__**-A$8
z)-D?so8;X5eS>b|13rj+8u-s$wE964a<Ix<oV=q317+TLnIOw-5+C{e#k1v`uZYzK
zghYqPU23L4;W7Lo3CJua`4T^O3AA$IykXz+VQmeuDp8MW|FyOo0~g#ZH6SA6sU)r6
zM2~zJ-WUd-{A_<HMn6H&mUV&R&zF~9p$YHbB&BO)cSPr)t{|+h>mNaaDG>6Ml5Caa
z<uu)*P`TRuWph%h3$~xDGMwKVsPgqHE{X2ae`rM)V@`y28QA1dsA$n*;3UAe^F%E6
zOUWne${A}P6?NK!)ZZe@_*~}it{=QgM8Aqf4C|-r?0sUF`TlXNoc#aHRQld5_Wk}4
zlZ4kRXS{7U)YHil6gQi|QCtwKc$WVOve{{_u?q5W1s#JknfzVxeNxB?PR2j~QhKYI
zrqL3PpbR(4y>DJ$0v}*X8O^{ypyrGiE+B4rPT*DDktEb5y#@t*)GFcj`2t<aU3Mu`
zCQAGOpyihRlQ(`>Pz4s!9`us{hARW<8>_J=l4Y8db{Sc8p@MS6Lggm1X}{+}QLtR!
zKEf%|xV^ctfWH{2jzZTfU%S;_0rz)y2QqWcK>nQjl}k!FV6LQb7@y|ZvHuB{3yY2(
zzMsZo^y3lu^*uP(AiZV^A|@xkHLAGMt#&ls*N&<S$47_z8PFwekh%M%yEI}4W)uP>
zh6w79CFxR7-%E~+7JvhXlz!q(dNimJO#F=ak0^HM1%a{eWpoe%ZM5o6ij^Wlh@E_2
z$v#-HYOSQ4zHzFYgH6E%9KcB}Bic|0X*P7EfQdD0xh3&cI1W>8EW>4rzCIvvzVu=@
zSj|}D?oILS#kr9@reZVrxO`%Wd4BC1n?|9PY^9+N_B@6^2CoKZRLyCg4ab}WY;!XE
zfZePB14lX6oPo~sOu2@$8FK7VHwMlweK{lGG%mQA2%K>!<*AWUzWM4uv(gCKBf&BB
zTS+j`8LcCth7uVYz4D_BPztD29?w7DRTyIQt{ua%ussN+s`1w2K0BT+<))9rJNjm8
zf*!<`+2R>^10}v2pqgRJ8Os|_hfdU8F@Y4cgdd26ngg_3d5!sje3D^KRj^U=9}6ni
z5(pmWj};&nLXKRB=GA{@l+en4buk?8uDBS3vO=eh&mkHovV5Bp$h068FI<=rX3!53
z8*m$+PFU#Y*1`C0Eeo^xEvN8oPoZ<}x}Li}S893_4%Ut3X(!c;A2NuCG$?tL!P2{9
z(I0ZfEc_A81DqZzHvb%LyC8Cf26r?j?XDad(+J<!N#sAOF>vAfeuDmE(Ulx4-z;WJ
zzY7Or-lj;J2j9&)K&jHbuo`JLY+lL=DL|$cT~mpUxN6m3r2H0Tmw#@iXP+)45k?6k
zLqxL1&u<Q6)H8EjoU59gzcl*YpUMtiqBJPe?&E2L%IcoL&LxF;kL=cY<$K02&0gQ>
zRXg?zR-z)3NWiPtxDDNfv4J`NwaC~ZlAQH{2}^L0Plp97W8xmRYV$P1IWJ}RfY)KP
zGs66de8&5Qo&D7>1J9V?d-3~zLjQpVJ@faI@r~>x#}fuFZgm8$QnBWwN0f3C*iV|S
zk64u-xDJBIJ%*B9wml;=B^eBE8CA|PK52|9f{5LrEh?2OM-tPryPJHjs%g|G@xfyw
z;IY7<@85#f`~McSx`;WT>%n|}`}f4VIhcG>d-qGR`G@apFRUIfXOTW(`0=()jU`-z
zNr?7SM7!YQn&^`eQQg>@05*LF=2?3>ULoBl1NxcT5`sazt13i#Gn&~KP^Z1$)C9FS
z5%Xgfu-fPK7z$3Jql2X*;^k`BKdjt~%KPx@{fGA-UhaSQkZ<r5vpjrNw0HashMiu|
z55~9k*NF7_gp!ZIC2&ed5l42iKd`W9n!eUyNKhKiq^olRzQ$qSiN$$0;#v?xeyaS+
zZk5wG|Azq>zgU>r?k1!Yu^C>dR-Z!|O15^$_EM<Q7sDjCAL603qEc9t{F@;-6?4?a
z{YZ3Pz^3V5(wSS=(L4CtD{x$hnjx6U^(JkUH-Bg))#m;ayp`S1xG&U*q^wMO`}VE1
zOHm%C5E+DD>K}Tj6{DUw>9RYm*m?*3CBtuijk7QhGfRd#bB3s>wpRZ%Y(uRP2d5L3
z)?@GmAH~JQ7^R{foi?-;?b0~HK4a*6uxOs%j<+4>w+zq^lXdy-_<XP}`|%HTeHr?M
zOMXEK^~#4EL(}WzJVgd1J(?J0pGR92IUSE9I;h->;PS8cK0>%k{)m4I#$z=y_nP8Z
ze&tbOq{W?uAVu;RWJL@LH20`rK=jIC<W1It<M*_Fv7gMboA>VBvyKUq9hBw1Ro*0P
zbizFJ-D)elt>f0!ntv9!eYby$y+50L%}L_EAWijzyJ1uHC9m`7Ow3ARd6~^%VSD}C
zfv2iM3UPmbzWNH1O*wf5uywLBHG}8T?xcb0w0;3Un5iH_>@=jq&4C20MX>@tz{N(@
z4rc7--FRQ6MXXKCZJNF#_@Qp7+*A?=s!#)=EYC#!d;O@ygkzZKp3+Y3CVWMljMsXS
z#u32n|7V9lT2&AOX5Pyf@ULvzpL7#;<=esiNsGUb8WLA3of_RATZ^kEq)o!0@=YWz
zOpT>8oq0AdxO9Or@FR@a|1r_&<%^%)zScXF&-@%SD~}4~+p%a=f=f#C;TMF4)56VW
z<1a#~j0DMK1BCZ~ja`lkw#NtBiGOvh+^sn=8i2Q1(jm@42}rGbQgHwl!zcnfO0BXH
zFVd*@$D}nZRmtnk4)OXUjH;|1Zj-cpxj553>VSikI*F}y3$~uF`5o#Uw^r6Q7k+tp
z`q40c{ebqZaU)Wv)--hKodU3tBi)&=>Non*E}#<+{JR!dHgSj`O$imqyQ6;=8uN?3
z{JW@@S2?2FU>g+E;%zpzT1_i4k!WE}>#E!T&CW9%Zy(|Rm`O}K#YK7t*IP!xcQ@zs
z-wnQtjKG~A#co=;aZu~vb*pmANXlID1Yx_<PH7^I7#41%g;W1|bUCu^Ip)5Z?>>n#
z@UOS^jP{X2M7EsBQ&qn6jn`B*P3GOHlIQVL%c8=P<6d^9Su@SfbTJBSs!`WF-e~Q0
zSP3nG2A?_mcr@s%dS{Ssyv=&}@ywy&?QBLgnbVNYii3>qlxPxFrdR)>=|b0A`pS)>
ztz3{cCiWClo%p5v_2E$w52+LnnODMsD`)ZwP$LByM@znbCakv8QUjd_BJaqLSlr43
z^-CRMpP&7Z`1Bs74%U(e!_a6647m0iCpWt7wY>?LE?vpUztxOmiFx+y_IRzgFJ&Z!
zV#_uVGMKKUav$JH@}CMNu9D8N*e@?mEN!HM4SrrnR@!6Eh)}nLN<H-}lRGu--0>>E
z;xHN?*r$-nZ(%YG^=jIco8CI23I#xSWQy`eAox0!Dn1)DZ3M5Xi*0zsjeAXQiHT5D
z1!6+D$ICz#-Hyh1Q$3`5Zi=120J0FbQH>QhDMG7>yZHLwsD!4z={mQEpwg3pe`^5<
zCuE!GZoYoHn{E9A7+~hVOJawp(I}X@N5o&j;B@&6f^r5Ve|Eqjq5)B`?o++slCVd_
z9JaQvc?;gW97|tgjNfQnOK%{cdQo&Eub5rs)rVo+Kw9!;tBii@PpK_bz1}i)+D#5l
zDHaMv-^mw+wz}GN9<4sM)PKz!DC7D4w>HNseClQF-Oy1Fqr~%oYD{)AP*ym{6Q4P~
z(pt3)uk0)eS|0BnpIz~oviNfMJem%n3N^(qQr*(RHlrVb)NSw`Qvrs8>G_o6Y`j*B
zB<01}eU2Mr34Z0MkAA!Ei_bLs_2%Fa%JS((OCT0E`8Pb|pQP9oL`7zYYbAwqd%LcR
zB<1PJp6z4MKR`CY-}m*elA1N7VOu)!6>3SuMyH<O!+#NsthQ?AR#m-wQ8IDn)~|tr
zfoSe}m0P8L>y1Leak?Ks@-9gt32w^}l7;udbbePNJPCEM%&;!xJodW$j{`MY%4o%*
zQh$z<M6RyO?P7&S7)Qq<wB&y14aX(~<^VQj)LQFkxB6FjQ09}vT{S6_pX2eLwibu%
z;tX*=xE;hdt<e|F1X-#`qS+fqgmj@dozI6CY4jpw?aBI+ho1D(-wXg80L{rv#WPZw
zob*DvM-b1f?`6=I$b|gk@4}GTd*-C8*%CM$;tzp6Y$CO_J^AQSA#t=5I~yCnp-YDD
zG(WT0^SfGa)`4xUJ*#?ODVn47epM2w)P5$l0d*ckR+}Vq$xzdPhJC1nR4Cbe05tH&
zJYacJEAjymo;n7TFv)q1oehra3*Q&c4@RpqVf<&koR-WyK$07I$*w7c)cT)j<LqeP
zp;3UE;8qs*t)>4DsLNi_TV@Lyyzz$xp)jjZv+>!<)M>a9^p8%J!hYsLs4&U`5v6^}
z9ig{l52T>?^Z6`lQQi_?!si;g4-%HpzdFAtoLzV7Eh;$aEv8aU6`LnFpx7u?V?B>|
z+SIgz<A#YT{gs3Iq6p|o`4t$}2Px<}{<-IQt<)-TVX5rSoP14(g3~+Z)7MWX#RAyJ
z=*-Sn|C^f!ftn3+K_&w|&?B`2n9bmG=9)X7PYGwPs>lTYQ7ZIN*TEtwebj^B`pa+(
z$hB3jZJhRo_9Z`koGI1h5^kDwW0j#rb1Pw>fB(~+pJ|v0P|Zm3<c>c5F2yiUw~A5C
z;Uo0{d<^B*XV=K6sHg~~K5%%5N#%`=T}@cUmuiW#vj5Ca8W6f@!o-XA<J%c{!+J5!
zIWBDzMBzq7GCMs#e^T_kiOBl&si>@wU%Q%rHSZ2ze2e6eN)y6yTA2{xe9?!&rQ-LM
zeN-}`yvETIOp^MWUaW^{nEn}6#tjFDOH)%ssXBh9if?662BfOr6!Z{L9G~1paXvRF
z!Rw!<R7Z1Em%Cq^p6^#d1Q9~CD>3+)8+WBQW$NUAJTaX;24MA*-6`rvsj4f=wI>c$
z-^rp@*)OPM^U@&ceS4m>VknCp|E_B#n@x;?99qbIy+HB4X7XT8uBftdxc~F-el2Ro
z8(Ct>2ITiy{R!YVR8HuqJm;lBPyl<b@b|1o@b{U>-v{uVx18)A{vw-n;jM!WOxt2e
z<ND=-CM)br*5OnV@r{wyH|p-f^_074OZGtigXl%7DD|_*^c4AV-N++b|29-60!QKV
zrlwY%U5|0cst?)DNv$bOVpM}4Aif-(w}?rdVtF>nL>4ih+pomQPe&Ar%g)7GJb=ri
zId&=Fx<DHddO}>7T}kj<)WJ3O8;jCO>lobBzSz9vXYxyE%>Z>grjEV>p;W^=@Rlac
zeV}9bWAmUPdmxU?NhOZA6zTA8Mz(vyf?MqQ7;(_97jPf8d;T1Dh?~I=Ouo6HBn{($
zT?MXvmLO=R2tHeXcGqr?`Z}0~iV#l*KnDb`HcRxz+?|3}HGft9!C{x>(I6tBGN4?7
zu7@0=zkBwN#*mdVw7;GzEaV3Ba)y7*3@N(psn+UBWU!6kYe<DM@wOwi<AVL@NpHE8
z-XD$4mLuEkE9B?d19$vMkd@{las$a^zX=;*a69{A6#WnGrOaGi=psx5t%gJEnY&*^
zd0uD;?a0su<A<!G?*awv>W;yR!Oe?$tU#*x4XPWx^z6e$lSgX@qhKLY(OgM;fJnYE
z{#W<-ytyv8%26;h7VmS=aokQlSMdJ*m;`%eg{>t|&%dt1XM4jcN_`Ny3O2=WlA?dF
zg3(;{Xvbz9m|x$AM@9^Vu1d`pXWdWdSOYVQB(y?5c!TocoQ6i=@M0Fo@DhdwB)0)5
zEa_Lz<-apE2aLYA4&zm?JzuMUq=>Tj9xRy^NJ<_nSWsmqd6~p-Izl0@T4B>h<<R-b
zzh=k6J?>KKOn>DP(4(T4^?++~Hs!|AFaDjFn1w8nAEQQsK+keKU4P)NFo*EUsRBXT
z<WtyMYSR{LeR^7!OBLyk{1{uT&Cs7qcWwkB7@a>+BZ){5g;J#H>;Q=M<zVBNm;?bb
ze=s1iN67pU-LdegQ&OP!lK~A?;gVBWP4lApXDc;D5;gEZ_%1U)#s~Kxc%{*S)M!bt
zBd0<ijOHK*<axKjY@xaG!E<q1G23qfdmf!*Y0q`__HATu6c!dvAPM^NS+vVFNm^ha
zujBG9ols?ZCBw7bTb?BxvorL?BPAF#!rCKv&#L%j153jjMBNeUr}cB`=g$y+ASP{U
zZXK_LtEK)+1Be0*Ae8>0-4&;dy{=a|z|?dFQ-i`~sZ*g05I?&SgeFj;Ihv0Cd30!~
zKb__ET^OCXyt($H%Qo>=@UnD{UKjp&qgd^!K^t)IthpZG10%Fag7yH)O}1D}_(zBN
z2G05258$c9awuGUzun}Pdcrlvm7^Od)6O#*Ur-t(B;y35UBS&;GzZW+N{1MQbU4nK
z-$xev(S%^mq|C0<AB?1?0oYpQd1QOBk)=#*JKb&mNTO9+dIwC#%*xbY0x~r<wK0Q}
zND|L9GFa{4+J0hpBFIGuchj}K*a>C0lGd?~y-IyxM1K(U^Ny(uDEG+!qbA(lxW4fA
z6v`W^d~0iZb{{4HQsLaWb&PI}6HWyCW%ya1jZ6B|(0&a?g9F-lJ5-_`G28Y>5Yn0Z
z6Tb*+sdjw#Dv)`N;red+&zXU|0*X|StvTw=r8{ndhV$I5TX_efT#Y%vDvS4(T7z>W
zZBXAVitg-Inw3&)R|`?lBgjk9Z#_T+zebwokyx9a*(N9Dj_>SdvR5nZdFa_&tHAis
znTI!{ndOEZa_tyUVx28*bbf;LOw_S~UrCRv_uD{wh0Y-zu&~P#c=X)El{krJ<;T?r
zW-KK1>M_Xqhg$H$%>Y=vMs#S~AHw=If27j8FS4P&($#sN_Co&4J9ocegC8Vv3KAN}
ztAw4WqrqXM*Emr5dR523G-Hxdbj7P{&B<NG&RYekKjO5DFAFzkW@gs&H)6_K{?J1P
zWqOsKtmc=DGRepQY!a=IA&BK%T07pVBLl*l6}S#Mz-_Qy5M7ZL6g85cXr0;a$*aSs
z+Qde-XQh@(+=N;7HpmG1il3D}b&6kit%t74LA#w%Wu|d>2c6#?_I7;m08cmvFMT1*
z%y%CyDm+pa*n!gXh-U;=Z)+ItTIR%L>S48EO%(4R<Le4l24&NcW<TUQFnm6hF{T`m
z`_xTcdEn)`G>maponKlM_j>{c0)l24ozdLW9i0U4JvVkT!=GZz2;-SGRuX3WONL_b
zNuRyg<0kt=MtX5`LTbB_9O+Hwf?~<|3Qa@}&~a~+LiO10UWk!m5-U4wMmZ(cqxz8W
zd}tBsJr&B_4YH9t;AouLel~xwdgpFNMrS9JdzOliO#13fwUA#=-7dbOTT}8Zv@3NU
zwTY%Y6Nyq?iFpJ{Rq3L}5eomNzQEtPm=MGynD@a}5wA^)p>5QAqbYf3zBfxiiNdYu
z1e2KTqvQ3Q<0rf(WLg~$nwi^K3T*X)`?zIxs=wXOfDzz}Rm@Sc*frd=y2i=hQb+)4
z&^e8lln6trv$L}sCZv364<p3WZ10@F=GH8pS0`_*4t>s%VUzf5p2di1+IEGf4Zhgm
zxXd}P`u!}VTTlOxZEGxh+CpaMOBTW}coJPFuydW-!oM`k5kMeAyfdqGxQ&FtQnH2`
zi@>R4*?h*YQj!_a$YptXK64)w4jso&@xB@p$4-D4bZ+jtl<=C)uUaWDM+7yck?Z<%
zxZTRjD3fKk8YzslI2{s!-SanvWx^S|!heA6#?_Hx)W$Xu+o>R{cQ50W>$C%%eC&;H
zL;JAL<L|r*jC<NRUt{hnEg1lw2*L5+qBlP|g>?|wSkpCBg(TrC#5?rc6+%)aHJuZV
zBnWN^1d^Tzt-@{E7<ih$aD^}Gv|?E{*H1?5P-Y5a1a!M^3SO+CxNzmfJ8n4td(Xtk
z@jvc6MV7=S-gt__!ms?mez6ffp9jrx!;b{1`2{3iC?S3`V)M7R@;~kNk9wF4lMRti
zAGyr1H_j7yJO;$rJEz2*`IkUJmu}<Q{et1=GOrPfr)+czU}mms7G+<zr4eyGi6;+a
zPCwK<yBLOZuzSOpLRLqSNgLA2uQ}`0_9cuMs98R`8<iI7@aC(LFDwWno*^n!9dImG
z;ju(;gnv!XdbjRTdpAv?$Tm%v^yp^w752auXY@34qh6S<WXdl(7VV%vn+hOu66YV+
z6?`t-NUdo@2bCOWay9JWedE{uVFrq8RDcVbn^&FOmVIHhKXA$;>WZk2$nNQZ0bT4W
zd(z4>|A!FPSG1V6%AWIIz=_sXIda`2W;kp#OfcTV?}@_`O@c(};J6Axv3k(Ci&R<S
zmM#2S8Br>{KBl$)kP2Bshd<FcC}fzuAPBMtk$S})Hfgs}kW4LtepK{rIc1;{!QLg$
zJkhl28AtXG{PzYaDW6M6_`-l~$vuNNNzXh)C(KW^mF4H>YbKjIXtvFcv&xIOW@*!~
zB|#msdFG$}a3<t4`gl(fz@+1t9T36r*}t*p(4Z%l%3$a|KZ-b4Bb^_I(bVZZVYaGx
zuc%caVr}PE<}mT=<I?^+dgWYMREHm5JR(lR$<o-D564@2X2(0Wi*2LJjpx!SWU0`A
zFt4ML!$f#pzWj8D%2dDi>}RB3bN|kQ@<%#9vkDgK8(auHrHp<YPFSN|9}(6WOW;%1
zn@tC&C53OV8R_Y5X>7Nni9Vj1v6Bjzmtk@`h|Ocy2{#~M{yunJZcM+mLmM@M@hmJU
z9bgD8l8)xSA)GT~8k5YxeuftlV*twEo&13w4-)vX?>xje&%$ws56|8xl;Pb>DTncH
z;7*S9ILHf1M<rLDkzQFrbxRaUniR*VOHE=zoI4pTG+cRRagDo#1YyI2(Ui<Y?Gk9#
z{0W(0>c(T(+Y1SKTE?ry=5@7pfLU|B0GtB?eJC7jj8fw%D($RRu^K4}s&UT{NzGPP
zX$#+j!n6Ra(?0aTe$);VN@%F_Y8Nn?@go6Bi^K+IT<#{xldQ{HQ;bw(=ugh=izRAO
z$E}}v(zS*D{uGiQltnY`@+hvl$<8jXGa<aEM5=B5B78KVF@+IC-gAs{cFCoBxnH=9
zFNWJID5Iradik2a&xuBA3zuhc`R8ca43`)AMe=uVzj`T$B=mxjKKV9{uUS3<+Dup+
zW%{{_sS`MI)cP`U-+A_!<^h7Xv!>XscKX2jSl|FChgDNI8zw=KU0YH2=_buNozw{I
zYd2Z(DG#&L<^l~>(N>HnrkxMtSCd-Bc!05tUo{>t0yzlrYcBZ(Ovu8%*uwdr5I^Ln
z1&8Ih7>0C99L8KyBRTWiqT`Z-r3TgF-`ahTp+%X6&At5$mBQ#h36Yi%_Q@)Ri)goL
z$J-2qF|wi4OWq~nsli+Bmr%x`wI2JFZIFq*OloKK4b`-<1e51F<OVWy(1;L3r=&C1
z7C2$k@`wZ2m<8F56#M^FoDC=p+aoYsvCyda#`o)Jbl@R0yxgzbmEH*~0ky~NY#o)y
z2tuCc(BE)J@g51>;ZefCy}jE-RaI#RCFj^}-g`}cVy7duB&{2dl)j8xl8tqI_~u{l
zjkPJir2T+i44Z(@eKPNarrd(!1_ng)%y@EHG7DV~HD_X(UNH4;IR8uqMc!>4;)}65
zqAls^^q!lm)4(*7HcuMFJp*^}pkIiM#6Uo$bfndqMxf|9BkY#Gb9>#8Jh7PSD_k^*
zb?iX|V-Sqz87a)9;&-qaHrCDPAW}*V5?xWLv}kHh#Y^S;RSR<0>P33j?+~kDyfoV4
z8PS^BD+#%4#x|cMFo6?^mn{k-Yh5JGa$7ryiwH|@^FDQC<9E0J9deMccT$b_#*T!U
zS>OlYD;i+mjDL;qj4NA`l!{Y7cP>y^eDdwj@5LrI7m*XFzsy&4Q~i?^8!DO`s9{}f
znhUyVomjHXw)Opjdh0+<l7U`atSE6}bavLX>(QujwEgeJ(YBWie-+LtEI<>4w9U>L
zA~fe~mD$Xoo0-1$($3#p+dJ1oHCwYJ2Q?BpNC>{>KvC&Qa`4-$Uc{Y)!z}`S{8GrU
zv~2qO{^Tsp8%w>-^F}9F=;=A4B6g+7&LYkF=Bb^6m^VT0;hr20T3GE#mqp&v4r{|3
zbRyOIybe3)Mj-=h!nHmn39!m!*k@f$;w0aHM$TQwhu!geRMynxdz}xsZBh8PAo{fc
z3ak@tKC{)BL_eVj$~yvTW#!t%-TNIpd;T7D<`gHMF9lj95eeN25@8t}1}ug}UW;FF
zNE_lnyQfRz8sx*LFSn+%B@nO4o7BS6co+MLKdni1Ylq(fL&wI?vHjJK+k(^fS#o56
zv^A}tXt+TO4N#pEFI#PSJ@%ZU@8cbFGTQTYrNwYGwykre5nLo;H>b&dFdZosY-|{^
zK$M!iG!hI|JVHiO{<ym9`4z6L0(~F&66NpPy;Kv`QTYH`5=<bn?&&&vlK#Y<O)OsD
zwscVd+t<!y@wzgQfp(qh=Rqy;p`pBZ65&y6C(^EpTkhRWxF(p`XvfItL2Ra-_FVaB
zXXawP?G=le7_l2W0m5shvlrm7$Vf;M1Nv@YMhyp|t`(9mWRUthByeF9@XXy`F<o*y
zS{ta1U+J6bi2nzG16uLx$f`hzBLDi#5;Le9QAg=HEmPOR5K#KYn&zS7<F2kQ9kz};
zY9VhcD?P<40<{0Uy~or1)DbpDcSor$*+dxjO0`9^@{I&NDTC2`cKFlNehW)MbJ<Ha
z&syG>dUK^Zv*;ro<Fpr#=9MNT7rL_&Ig;@^w$H3We<)1yb&|&mUI}Gnbbpy8AaHyC
zb@iVARh3+%<-`oT#@A1lec1$PO&GJz-70E4b#y_GlaV0esb9N<g-ej;5sb?XF2-Yh
z<5*E2&-N$HG^8+%sI-Y0hT$ue<|sCd1N*FWPkb%r$-kz)(i{>uzPT{J2;*)z&g!1}
z>~f!><!e_l0TY}2?exDJt;W5#!fdie#-Giv-l^)znBRAR9tNaY+<=pc9rGg<Ut+{M
zfA`Lj=}g$TZWRheKJY0vmC-kvQq%w%yk>_Gk{F?=Jkj#qXGsh!#jjE-M)cpm5wZw!
zX$$5d2z_sK6|d?{E9*D$Mo-N|9GR$${+8skOMC5b-lzijjc&xND*x)DpQptTLYt@A
zHN`Vpm<KGlDNhge1TS8Gd*<2Dv+|0H2nG==G83mTAbEYOToexSWR9ew<1*YyNRH-G
z8T0%-VR8Laf2$IquZ_$mKiMH!Y-nYuWWIz|XrqHT>+5zVJ1&l{QbxgezDMB4@}=?H
zOD_%5aG{@H9gK{#OkHpb3Rcg>sMcr7P^3et{J<NDQ^g#DJMGgp`@Z1IzK3x%v<IGF
zaRQHDWSEqW%#>$#cBMQ!t32X%zLaa}W*n`PQu4jOMn6Jo<^G{tFJHat0U?E0-!1dt
zAc<vZ;qywMH=qn%63TSdG#3|o4NS-!vj>}a4RvfGI_LB^nc3#V9l%`EJIUYk5iu)?
zf9jVQD1#Rf6^+iNm_mGw?Uw0h#y{iRbfr!!I#*LiQd;;$YmB|UE0jdyC@lma@);{$
z&E)T$E{;w-<F_tHGq7gNfY-3MKe|86iDPs)?)&cHA30U$k(W8))PZATb4BIlp%k@x
zak|p}2U{WHO>*3RY-D+F=l>LGJX0Q%)~|;Sx|)OjH@~2dT=FN;IVp3X$}X(9o7&_c
zU|2*JWFq~FmQNSc=yk`U+4IIC*DHilUeea5h~nYhd0`zYP1%x7QP=t%b5eEh5<gPL
z=FpFP{%nxMMdoC&W^LAOlw~=p{j!JteFVTNbNA6nZW@*~o{JY(Pqp4$MiAJ{5^0p>
zEcOCvl~b0{US&P_k>TNXS>zm*W99hCzFWIrg@#>Rwe8E}J&JwD(ww*EpB_d=60-V9
zsp8bes+>f6p4q?DoxgIBv}!8Y6?B(y2FGqkoMSr()9Le3@69hv*T&!Gw{>pxE_GcR
zEh})0%3>S4c+{t$KqbPArYv4aw3jxiu<J`EzKUiQb(~pt7mKB}zv!S$R2Q9A!r16f
z1H;{yEb|M4&mNDT_t;x+dSS{pQf)Kc(q8`*KfmEL@|ZACnP&%*7@uff`~J_(D~{`n
z1Q-0)7M=IKUPBDxaoE#_1Wo;wW<0%-AQH@*pB7RJ^qC);`QcQYcMwd(p61O~8oLNJ
zi`zgDzQ+4BuYxO4Y~m@l#%K@wgT@sj8+wTWr-38Y7r(Ka$}k=5H||s&*(WhyOvoeF
zW}#}U6Y-raGhA{smzHc0E7Yhb74jWv06!@bHZn?mz{~3K7<RR*^zABX_s2<@{HRoS
ztkUrAhelKj&RzV(ek-R0Q(Gj`rhLMGohGjCHH}W`V9dG2L(<r{Ew0S7_QB?^7EE@k
zNv^2%aiZ4(@O%%avSMPkSnV<sl(u_|MK1XHp`@s(fqW1wr*cEJrsJlja*mb0-0b&G
zEo|0;z$&dSHR+<Zjlp@lz}Nx0gOQuQJ(tYPI_=s6%s<~^59+S&8SP7x)+_%B|K;^A
z^aVo?3a*7LPhabP87Q#Ba7N=LsFMbTd#(L&wZJK`a39AKp?W$|u~g2qark-wWtP)v
zFl$JZZ@DBlNT)Sy#hAmeQbxBdiB`}gy3u-;gM?ntajtzUm@&Kc+~#xVncla3@bJbs
zKQFCDt8>x#^_ee(A<H5SEKu}8B5z}wXM+ukvh(euV$+F<a&h0?^myCr&imdXRsBua
z?j8aAf<eL=ItD=o4*Di?htT0|P)lwV81fiaR#I0JG=^&@HQLcxJ+2|4V6g(Pw!pr^
z_~W)tywYQT=q=o3$w}eG!!wbTno_^r%pdAx(P8D@)DrA58c8v7E{}<xGpJitJNq&v
zB{G8iU{iQ)_9R@H$42W<TS#xx!wQl5|K}srHx=<i*H$&HR6o~*r1&32s~7@SAy;yB
zYfa)wCat{BdUDRBs&tIAXF{ZdO}_YkDY4LW9mvvpP-bkSHkLX>^!4^i$4x%VKy5pq
zp}d<PTjme{Vbkh(W_QckgVIVTm?_i6d<uZ0TG~Ft8!zyCq@G)Bzv2Aq)uvzFegSEE
zEyR58x`-Z(3-|}kO)gsgY@q<D@YwD~of4L6;UyQV`UAt2g?)u2Wh=#pu7_Ksx>{6=
zt#i@5SIU>-{q;{<+=Xt(YG_|OlG$zleV|}yCmMBa<0(VWAQ279NJDmw$uG`=Rz10C
z72JJ^9o<R4>~b7w{XF-~>$3gUI`UtIxA2Js;XNLj7fO=yXi*zSXQ*B0qbKB7c%V^n
zsxgYl!e5ir-@0BM9&oc^buZ7qCpy<%ZEdG}_&>hSy+9wLf*WFyz8yW)2iPHzKg)Z2
zJ{FCiF8AF%Z~5s1qmYd9N?G<sC-Y8kDc$*h=7)a4u|pl1;oSBB9gOBM46Z^bG$z_N
zE)rxLa3AD;ukqZ&@BN}TBIb;dH&&<_itnid4>$Vi#wx<xe?iHg{W};}<}IvsFpyHA
zrt=(E?)??%{dw+j1kX=rdh{mPp&iJR<2m9!6J$CApz%{Pf6#GT(t_)+2Y6}Yy6f`H
zjdvP>0aP9?{)m^3^O~rkhJ>Xe$753RUUg*V*YY*I=~lM4L<46VQx~tnG&wa#>93OK
z&m$PRPBoe=%Uyz7@?i0c0>V(w`T5yLU}sAif%f32{tVh{OanCTN{|W3HCzk}nN@DX
zHkC+gS^Cx0y0`ZXYAs(d+XUt20aeMD7f!(Q%t@At5iAzI{!`dp1|7`<2c3`phd#%v
zeGTOO#~MOj+MA8%sN}whOu&0Xy?r<|P#l0LUHrCr#aeh%`O#*r^8N_{`k&@fMGV65
zZ551Rqc->xUf5Blg0PBSMZ-i{8D*Spz-%YThgxi7aCC1?aDO`X#tW&g+W?V^wju4L
z)ia}MeRkra6^@^8SoL!2>e61k{`Pt0_21)_i_rrLIMU`mU6%W|7NC3!cTt#w-{Y}1
zi9-_rl*I0bjf(QxuBasX5$vhP%5a~DSCuF=|K@mF>0*K#SvvHZ>xG631dz0j!n`5Q
z=2+w>q+<FvsMD}imc#p2XRe!>C0F*8g-Wpoarc?AB*qR8q|3^Dv^6I-tq4s*!jePv
zMxS2n=EQT9nbD_C<Z_*$HoJ9(A+Qwt?;%{x!#$aF+^iQ|ZTa?2jC61jEA1d<<=DZr
z)V^+g+hF>igjw?bZMVYJfS<t`x~`l3fqDTcPhvQ!d`+D^8F#J~6B;oF^4CvdD{;SG
zUlwP(m-*pM&2-cg$Jlq7IE+8&KwH~q`I1Rg=>rhfjpxz1W(YzgtN;BE21g#)KzjhZ
zfU9ggQ<1T!seD@iOOU?1KA!>cCeX3^l9WGx8SPF3rL4jO)6K*!Z7fkxpO^R=18NBM
zGfbjR|I6Gcl_+aaUtO7FsKvKpkKOhJzJl)$&A8jA^@cVeoWL^mx(?PA5WMz1_zygV
z(3Ok|xB`oaug=+Oaxs)J4U#6H8%^t~!{;h(_+?K1a*)fm%N>#EXHv#aRl8U^4kM0}
zU!DzcqjQ!Y%20l!JLp&as_4p$)Z_z`ABc2R>+}-E)hFBXNG^dEJsRZ9Y6Y%K9p!<@
z)6(~h?*wmPmeifX3Ys5aKN58E$RulwvlEHl6r{o-nL!J)2^%mp`7+_Z|I57-*69w^
zq3OZ{V`+`+!=<)Wfy6nnOY-kHA*knTO|Xx#4ptcXr?ak<davKEu<c?hBWfX0eogy>
zNI&USQxuuPuiiwuio-A0h7{2%HON5#VRNUoUGGc1g}#X0LEN>Tbm8cNTlJtuFO)xH
zkumcC4OHF9xEj2Ax#YJ7RuT~$8}IwCWc6U4xY!)NMETGop3Z{%0NF!sT{(b3!dXel
zUZr8y(eun%6l(wYC{EHKCpxYqOCw-fgjUy@n>(-njLeWwglPrQ=g&p<qY?_2Y#d&E
zm36t<6n^h_{BskDn=3fu_N#b729eU^J?MIKtm=8O^WXd<`c@Uxp3WJa^MF?l8;xAe
z|MBTNIISGaFDGi-S^7npDExSm8hSpPxR6~KB;z0-*OS;h->40q*neI)aIq>mv!hx4
z*o>#Gi;)FmN((u#u*!r=nNzGmjQ7HfJr(*LE-afVky|~8I<lxhJSJ};<R^1u+aKm7
zX*MBmQjBU>mJCnxK8p~cAjZfX!ft;2ph<9oejGZ*Ig<e19=j7b6`lJ?I7nCL(fa9s
zUXHOr)$qk>dwKb0NcIiTjX*Tkc{KM$6QRNS!(T3gF}<ywPeq<d5?R=!U)kX@pgRDZ
zbn67D9BxBs)S%G}98*(bUzR8q4q|YyUQZJToOXq<@x;993#O)gM8@a`8kM`5D86LY
z)jb`#4#QnYFHLlQQ-kf_nL)gvZsqXp_T3@qF)CFrSS7J3cEfzTl7*g(odS``lM>aD
z*hed1`KM={gbA$(EBEy{^D%Aujx}cpT*6U|rYgMdKKPxzv|o`&((Qn3vKzlXKSs1{
zdmJZG-jV7~P9CNfUp3!+{C9otw$ekAgJM2#<cU2OeCNT&J^OXPIDXP2mF)?e=Zsis
z%Cb){$?0Nx=7WgHDO%D5d7$V#hV!SuuXiv8HE@{F5j-eurjj--GNOHr#iccnMW3!4
z4H~RLkTXT5#l~x_W|j~3q^7)qTto4jfPuu#-!I^6TyMQmy!p)^%F&IwPEM~yKPr-{
z&JbLiRkuIw@aG$h?j3&9f>txK5FgQsh1gp99^R^=3AJ>!RaToh`Gu1Xr<?i|xJLf)
z??lJ-AydssmsecpX<ZQ+8oTD6_X4ecB0l`+{U!<#UDzV>4_qBjXw|n$4;;>C*SpA3
z>ZAS2>SFkW)&!~4p8e+p7Rj4rAusBL?CDUXRp^|j5uKf9ccU4}`6V2+)Hhyy(Mt~&
zU_FD;zt<j-^j8(hChTebxq;3vLMDk2qiXmHLF7bJm;cgTu?Q{YXK$+a*}PN60gw)|
zS3A+`DtikBx51++<sFFk$oi5`A<TG4o*I4W(j{%FgX`q4NXya_3J>^y5-<d^U>J<E
z*miMkEs+V2VC~ZroJX`#>(%Ds=V|qsQDB!xIMN`f|8wRGB2;=g5v;w^F<fAROtiPz
zT*_nA&1u!M*TMRl3TqNsg6?)NI>1P7>;S~pr`=UCN6pk~qO5*`>bN-zS{4|ev|Fd1
z@6T<4JH9PcVG^JA2y`2>$GyDQ1g$(}GhquWQ9jSEF>somqfkZP^?8Q+Y3-3IIOU}(
z{jSk^6Kv%deFefn{TVlF$`GWZQkAUCNw{!<M~E6mZTsp!muOd536MtRXpr^_(w4MX
zf>GSnuybKqqrg{5az<;0Wp=CfC}7y`mr9)&0Qyzv!kQB?x26gtFLjI+LnJZpc+ocT
zJ8ISD(NxXvX*B9{77qhjk{ajdcj)N#J^TNFz{|ID)1w}4)*rcipW1%J`Xp0*mgFS{
zO-TUq6rw8Uz&Q{$Ukr{5%MKa^<nqn(FSrq&Lz+=UqAs(uumRexS?Q<?S!{kXe}E<g
ztayi#z>v_}oDX)U_wN$+sEDw0WT+h+BNY8^<=G6)abP06+IIn!`NDyPLhcmi!FfXU
zywhxcQb)*fy*^<X+S@w_Dx9|mB)NkSv~l3c^Qw(f8H)2B;Lr(9J}oJ^3&6(!FXS!F
zEPwg3v*cR!=|QfHoC}qaDuRWwVz4cYmb~fhUyd5JxbDbSuv3?$AvAupHSY3QsfXHs
zCAhsN$pPIY**|*xL;TU#=8^30C)#iKFG!O%>5vq&SA|Z1CGnARB-I&$b_aQq(9Tbv
zKDj%=2$=50Ips*>5(?G*qy)P)4FKz|&yl{EcM+9wTW{2{gAY&2;ntZTACwuV<MYSH
zSF`O^?CD`yS>j8m#>`4I+UamFKEEb<wNl@#?kQ}{&tPNzTiUf<rS;X5**Vapqq)L?
zE4>;bUlcm)`+(r*xht@}t{~fM?Y6OAHt)YC3D<OuFIv14`$W&yk!&ihw{jTs<n#SP
zOCS!^e7M!W^6}3@6SiyC`Wo>Ryo*|i|A5sCFyfNdB<HMX&xx@OniS@xn&IE*Rp_Cl
zN##)*nxqwExYsnkv7{;XA3rdKk4dD<jy13Z;TXot<HBG!T}I?-2(GZ}B3ta~E#_?c
z{#4Q{EKwF6n)_T_Hv{T&OsSv4uEUDx=UQ{W&=XMxQaq}EedB|f**D3klP6EojJ(yN
zQqVSY;rUV1H}EX$_Tv(D#3$_odD8|%dPKp*>DR5lSUoFgzvY%xFc)J$@YcD6YzUnc
zf=&GD`{(18e<>*EsQ+&TCCM*>FRM6u<c+0FT}g~9YHR(Skb=rGe;7wmf8rr`JuGzR
z(bI4bExF@sb+FA)ph$Prn!2>!sjZk%V0Gs&2H#Z5xCSRP>jSet^?N@>c#aR)2aT~p
zwvUcXve-ATwOhY-3;tN#Znik3$<2up7NMsYCv1(u&;P2(W6mDJ43Ef3zkU0G-_dD|
zW$2@?P1DE{d!rp`+z+|rKk3A5F1JTOxK2vle=i)a=tf%sJM#Yi16BGqqp^y4DouOS
zHha|<`TCDw{VjrzLvza^M8EauX#Y>#Z~y_HAOmjEX-GeFHlOI8Q~Nyx;~X*3=B$UJ
zxofAChOOw^jo+Yww%<m>PxC{~+@hj}Cn?MwQ+pc@G9B%I;41+emt-wV{{SV2yo7tq
z!b})7_vufW-A51OL~BnxtSA24J8jYaTj3@N>Kwg}d9#t%;f*feISivE%34hLiO+BK
zQkeXMo5*NI;P1gElgt^7dgYH9NXG3AR|*zq2Sy<-Lt`tB2~jl&kB~<PK`Zd6DU_U&
zKWCbq?Nr&U?f_-Fs(<5d<}~Xh-(x5q|IzvT(qtnG5bLRL5+#VvDyDZCF#M99W<vj2
zbZNE-qD!70y8lLUsk8`HS_>ADT%IJbCyx9;Rm9l>JFqsvN}Jlzh1lSXOtHNm9yLTs
zR3)!32XlWRxzYBG0nvpMw~3#sTVeQ^+X1s1M2mI4&|XliTB2FJq4K&`6v^crJOjb-
zH!UO-`}}uVPETIsA}L=h-}Bti<^k<xFJfy?dw_bVOjH*C5GS+YUzYA8h(e?bMi}ha
zMqHkJN`&6ZE{8!sa^U6sER26PA9ZFa_dazRO%E%gyqxizHD%7y<~sRJRuqGd#oH0p
zz-uDy9rKeu)1Y$m`Yq(E8vPAu%Ufu7(8Jvl^(4{3#=&0E*Au&jD*Tt0iVV?G-Oo{a
z{nEsh>o9ro88I?04*YmVQKBCHuYZ^meK>Tmm*Ay~(^w&Y`Rd%j@7Py=bwt03+59JN
z0EV4VM<t9mUJ+JW)3)<*G_GjyoTjJWsCt5SW@m%m4UIoi1P0<?nYivea@!ztM=GUv
zZrq!vrV-v_%G0+|9Jw#=ylQ#@Yk>mdZWg8SGk&4ksIW3#kV4}Fe;t0r^pgmo-cM5U
z9A2kwH$eYeRpRu&RV7)VDiQL#U4K7f4P{iU-KO9O*R~}1(~Tjp1=-o<Z@<@Tho8h<
z&R*0Eb~i+QivAP2hZe%5I>V?xLVarZMFQV)s=VZy3zFUX>H`TkT&eK40`Mz#94zRm
zNx^_-Y)1aUhRux1e~2Cdu@wjBFQc>bh9kWj+%*u)cn;V}-C))>stmi8nc>`wK*2|&
z*0zC~W{6}u@}Ci9OF9BYU~(Ptx!_f+P~&>OaktSf1N%F=+cN-vuC~4h=;cdDPU3^F
zm#YmB=m}|1k!m9;swe{@VtKLJ{$7qw_VA;4v)}thz>lgQ=~=tO-4hEgw-@mp5D9l1
z!drUi64^Y1Oz0(HiEFJ9tUWFW%|YkP*?{xI9^8QMCL!(5!6zBhSPvCT2wr-XMbbKi
z<^b%Hr?l(ir`RBw*7ch>=WE`0FL?faAFjP&c0`mo2!Emn#9O|mmX_jK_8ply0J3)%
znDkqZc?Tly9wai2jEt-sqEodze!rX7{VmPuk>fqbs)hQ6<mS{vs^~c&NItv!3#5(?
zrA0-NbI>~|^cL)?jzF^DVLj_Z{7dQXWjRjqM6^fnS3l%sekp=zly5(wF}!xrHsz5L
zslSa)!HbfTCpOY)EXof`5d-@VKj!PMfpF?E?S{(3`SiP4I)~oRWj1;cRB+IGPuXz=
z!3(?{@|H{JKJzUIDUw+I-jJ7Iq?Tm_kznL=Fm5^raTDE8`h(yC;5u)ECPDgU4?U#r
zmPq=Z1U;_By?r9L;sS|RY|DD{c;t4*9l{K+^c~0=h?LlpB#F~gXrXn@6og2WCSXc(
z72^*^%ImO(^Z(_yxDI_pN@gwOzS8vjq~m%1r@}=(-)Bmv#{tQGwOxFcrra1y5?F{p
zNQ%JLMvS7mbqtbG0sd7$3p1b$wtRr9EY(pOSR2w;V7u~YZz!j;a0Y&XBob_+olmIo
z5C{vQ8$*HHa4wPp^V4I6=?FfE661U3`v>83(Vuv;3T_3ad}_CQ?9}B<7)AL}s)n0f
zid6tI`8D=Anp5eEG6WZvkHf;*4f$7sqmmu(V1U5S=PaP;XgF^v$QZo}=dZQQzY<1!
zI?i6s$9QUP)$1$D_y9tqbLV0#VCHWW76Jd<MM2*Q(`*7vT~@qzqeis>MPMfXe^HQ2
zUh=$)$RH?Sy&?1v@x-R-f(nS+I%XBExK(6ff#EEyz-@a;&ZY&-CItQlLgG6R`TVep
zzoYL5*}6ZD+f5-|w(#S|>O%iOBrs-fRPlM7tMWO5<f+oq^Zrb6coXoZx2v%3j*X3B
z8tvQ(NCozdN;%tXr%{ddKu_Yg0m1U|4MCm~?fA0W?o+baIBxF$qFn5+)QU%fdb^Gx
z{8pHr8|0Wq=F0M|(3<D@e`yytu<=P~HI?&=7Z6z!JMxMU|Mclq|GQYG{NZiVw*666
zLdiZI$(2DNud&6VX`mj@)7|cYiQxKrgmj477a9TyDbptH12cn3H60ulxww=5EnYPK
zzr>3Qf&aaDaUgO1|5v<d{;V`Xw6VA<kV2J(6A(R88UPMYnM`@pwhn8%A2k*dIiaDi
zf@})ZzA7HcNN1ozx#@Ya-rcw@wzXRLh{!c^WE=*$(1X7tk|?$NJLR$2_MdlIp?&{A
z?sJK$y`sx^<%EqEGC2@6;(naCq3Gk++k6)NilF^5c1Pd6?)dP}2Rgs<J?EL#{hMyT
zjBfj{CFQi|2}j!wT9c}Z@B?N$@p^a<e*KY|UVEW*T3H#$nLAGDzC=&{?mN{DL1<Q7
z0F?!h4M)BBjktLNSb@3JfpG{A#20xWTw6YKqI~ep#$6A!9tJj&;eD2ABLdN@jz>rH
zYRAGl*$iQct3?l<MoV734;8vb@FQe2q)n2@7WdZ=B1pv$GJU!NPOm(p425Ir^l>f4
zB_-XC-)j{TzlQH5S`-nVKt*Lx5mnOoU5n@}QxLT9iEYI3+$839UzX*P*=cw1-~KR}
z249@)kMPI;Kbk~`m9*4zX;M1NdcwUAL8&@>e0Jp{wr*Z_bF;_D>DTGqiy5-5;G#}l
z(SR-vMH)ykPomNgo3P-(7Y`z`K$ymY!98-E63unvOh{U{9Kn>{hdLlbcJTA{y_=2_
z;l1jO<EyD!VMQ}ubUL#FVjT`INI8)DZ$*g+L+}3~N;LQ%iV~$b|A(SPUuTd|Bi@SH
z@P~W&<tH@={bjmle)z8}@q16RQ=lWpnXtBIh4c2;RPkW*KrI4GOl|)%^F<bJn*St9
ztSxk0PL&Z}bAc9btI)Z&Od4bcOL`;48A&#9gW7{yc@H(Q!~>$iGH@&Ctds>7q;}mW
zrQk&p$B_W-L?=G_VK6AYlZ>SEI}GdgMsI*e!=>yd;4&!T-Q(fg8N=}V+t4}Nl^dp(
zu?4ysjZ@gd!Li)Px97}=z81}RKiWMuPAcZ&Np<(zD{l95e{92e`qS3qXqB$M8qHii
zZI`GK7hW)vqByYTd$<nzZ@9_2hd;bHENuj-*kv6hRD8FdJTt4}aTQX}i8}p6z|=3(
ziH~)H-CS2Uu9G{HVMSF}t>a#~XKX0D;SYH;=&7{3-??}1t?0NSp&ikiB#irC{p6?A
zb>suty;cIAQ>Yp@DL||8{I6bW7Kw~VqeQ2Ro|$FN65?lf?@|dYNqQ$3977nGgf9?p
zp+rsJxO`cluK93(TMqgHMGDZ+`D9F)RSeS(A>CH3l(r-jRg2{oSzzUCxg!`yd0i{p
zuoQ`N=Iu>MI>iNi`?<cjprD&iSEX4SJlGz~RwgXy4&1uf5LzuW5+j@FCY8`|2E{2n
zW}cqk?-{mQAo9b*@8v+Eb%8GWUw7Xc?!M;6Ve<O6CUk<@v8eRMxP->yzvc2o)PE>P
zZm(3es6PFd;BM@$DUPTyG(L%Fo*K<^(a=uqIs>+u1{dKzM4^g44yIO(rwXBQ8L!Gz
zqMVA;T|po(72wnIX2EvZPmr3qVSmavH$Dw?8!h6Crj_bV?HHR8>OrGPf)MCzuc68b
zdNjYL%+*^u)49P^iO%sjV8`Nivl>+yZcgQ@pI_br&8zl7!mivKDj?BoI2+}o)oA`X
z!>O%^)V;=@o1;<cR`5T$gYnG&vWL#Lo=HwlcUqq#nid2nQ@0$7$Hs&y{mXYCc~8tJ
z1Pp6BJ8f}N-zt;_W#=>27Oux{J$e=NaEeu-KFUEZk!s`dXR5Q<ch%6@tLkG3yXr?y
z<Ib(tq-uj~2dQr2co)b^{;p^$FCJFJYXm4)`HYlON)hG~I;(5CrDP}Es{Pw{3}%vP
zV(=u>%tEbLc=dOGFO2$W{6}9}f$={b9m1pWO56%g=)^Qjb(z`tyBzMNmVET}5E~_p
zYo|$Qi*IbprxcOF$XIv?HF5(bZim-KA#9FQ<V>NMthMdR%ni<#EGyB4ImADg$YX|L
zaj~_1_CRm^e=&C6@l^l+-?!peIYzRwM<RQLILH>25<=ow6%xrFhmd)Yy(*$1A;}(D
zN7*Wb9FY;38A)8vcc1b5-hRK|?Ygf2`lsWJ_xt^Nj>qHvz{qIPH$kC}EpIL$|E>0n
zLhtHho>B^)pK;&0UA8*nm)3jL)25WeF3=Wt!C^IH@&4seGHQW;dX`FX5WFc`xkhF7
z7&u+WsPFJnJS!7)HLq@6&#e&?#49}3=O1Y{xH?EYnXskuET16q@`&E)C;4wSWj>kf
zGXYlNbb~;ZThZmf%8rs*6GZJ!Wc_-8?LA$?Ul&&N>BQFi+C1`C@6C;fPHWSI#pjZl
zqNJ19Ysl;p<^{LG+?g1Ak|ThiF36tefRY!J!QWJk;`=D)qH&Q&(gv`QVe+Dvl>*rR
zZ|Xws{{Nva{IN8CNm#*%H@y$-W!uW1jQjFHE7HJwg7vrX*44LNHkr-6bUl8l;>di-
zWhL==((siw7CXA;*&|oU*AiG{{;2EXvXi)tm{gRl`{txcJm9i-d2;|X{Q6{3%LhO=
zcIMLP*m<+1tKuK?b@SQPgZ$qdPDxhV)(}D-bn9`L?YNNiDH(ffFW#xT;m(45U0qgk
z{h0%IzY7Il7txX1s+$vy*M4Y!a<%guAXDj3Y6Yq`n7;l`>r93B56^OcioK-BRlbIe
zB~;1k*nBopLlO4C+xkd_2wHyY#3^EwR;$3al}JHuS^xVxm5VIjEN^qGIgvG`rxVYd
zGE$J31NqI|ZM}{(88SYh?e|oCzrsN6Hyar3LLxQ<gqEbH`_(MVE$clhCfF$S4YCvb
z1z8_XZwi@<Ivh%=5q;5YaD3Tvv#ewGi1A88%j1xxmx3mG(^8B#bi{Ec!Z}-V{ZC9q
z^qI;UFRlD;xwT@A3u8b1YSEuZMB($VVy+P8PVVeUsgRK2mpsqt13J(F?pI1Mt)6&K
z&g7unQRD&p{nxXLMW}G@&_A-5(!XUdk$WGJMj5S%Q}<c1)mOv2I=10MoZUZF=$p}d
zEb*UxLlIK)6n%prCSgM{opIrG61#%=lh*qoZsj(h-|C?~G2?zc5<o>i2us;{ABIoK
zYztaE9_PRE=G0e6Cp_$1boxyzC+9#9JjzEAZ`}3RW|G5l%6&Nc8EQ6-QoC63<W^cH
z13Lh0*mZCn4`V1SHh#&k3h19F%P^Tm@-ft?kfDGxML1zO{y9B8l<|SDy>2w{qh)Xm
zBW=d%DJCEdlo@Q?`S7B^F{-qX9B*aS{r25Ehp#M}v{#NFKR*5}_2^lv=lZ0D2S#7J
zr`ac$y-uWScKVRor84x!plE36YgKw2DAOR6N?r3)#$2iT)SDXiCy!G?6zV_1$S1IW
z%#+K^pjcn)q0jtgHPVoc)fV|_M`Mg(#Gqc}R%Bzuj|z_^3Phe#F+Mqn2m!0l6$s-k
z%0E-wQVXM`PtpmX81cXQh+vy9($P)FZm28(dsUyu<8Lh4s~KMz-~)FawZ?$sFv@~_
z<4iw}8g=u?)$)g(fnPw#W>?U0P!YP9mcV_lAJLc|gj|T6^|pYB19g5)RSMtT2TPqv
zUNYOx9}rXL<BK$9feX)H7bH+=?;DGK@jA%`_8=ARZz)ILI}G4lH0zoQ)9KVcwwif|
z$sRn%Rr`jdIpJ#v$bPI%G~9R;|C=VIUOavD^|=?ujD*urgU`+cet5PPf*~M0!dB5(
zql)gn{0F*)nyj4lCz*~2s-~_891kUdFg*(+Dn#YCB`deV@^0r47p)7eeJfM)A<Ck9
zYz6<NY+ot4rdzR1ao>SSIvz%}_wS;i{MgYmbtOH7lBZj}TyR?7`DZ_IlrBgdmvD{4
zyNB3b$s*z}y0}3rcG6f0raCyDo=Xq%0q6MRn!flyT7XbzxZH<k`Q86)5Z~<!IDq3l
zRsM0d+P2(k{$;9o2XK>RJGXcQS(Mq`nd?rR?aRwAEtQh7L2ZF;PkV0wP+BKT1lSKB
zQRKxB<J&sQ3ax9sWqg|~V&i9G!|tLi{KOhVyO^&>CbMVwSoM|EE-81mj+O>$XC~be
zCNt+=R|IT&((#^K0^7v9EGQ8^VSX0rJil*G+|nNB&7OdtQg)jp{5fOPMdv=lB<slo
z;qB-cxrMT&4YvMDt=B)HAsFETqhRhqQ)_G2rG{T_on928+1pYQ4aKE|R>sh@AAeh1
z(FJ@|SH<CuxTWGHm4R$&d#7&<_)3(Ip#5dGkzv~3bGE*9Mx4&dI7g^Yed&F4Ksgsw
zaQL1Qjp#y(yswTh?|D{g6h>5`9l*(L^2P$l8NGyy=MzIsQ#b488|!d>Zx{+UHd~6!
zJ<mu$ll@irm!yb)68}^8XFwhtoyD4p5~QGUhL#o>koFHeGSps<43<)Bz?z%aU^9~J
z9&dghH4J0QOa?PpQ2lkJm2siKxl6@mpgx674ZfS5lLy3DMAQeiUk|JWk1FBVKzXHq
zc=0c3Akv~4&R*mw=##qRaQ^xTo5-k=?Dib5I#7f?T<`m`%-%UO*!kf&0txf*CLs@q
zc1e2kbDK$XpTJZh>m1g@L+}$17)H`>G*?Dg$3>^gP8*K3-%H37Ywqo+Eg2F=O_Mh3
z?z~a)2M4m~CHrrt`Tq@8qmvwql>C%=l!hxUeW-A8kN{>qI!dz!62LUtyWGlNj~_sN
zLf3ysNo$wyRVvZ+%$@TQJ*BXOm7e(7bNiI69v^c-cG?LF&LRq~!@SiL#<VQ_4|)sw
zsr|G$?%oKpj73ag4-*PbyuB-u>#W3JUmB{$=z>os3a~$vx*Ngor5)~*|GMDO>r22<
z@?%#~K3$S$Z+c3bl(ht1%yD0!?KqC?DP(k{!z!k&HPTZ?Son;U<Q+3~K(}RE1LuD<
z9$z;p7G@vl@-m=;=9Uv};5wm1#-`#eq|FS50%%0?XQ0bl0QuB+?(;?BKhbR>;SVI2
zaQmOGz0hwtNXCvnUNsWIJL;AdhKcBWij2Kx05Hz7W^#q8&5-3t*;QL=wUPsJnxVw}
ziyeWXtBLf$j>i&RsZJ5(#c1)KuR+t_;OfaLV`L=929yfn!}uRy_tIZy-s`5(Rt-=R
zN#?J6C|W_raD5<?HKjW4w7Q}W90mtYAQ3;=jctCR(HJ@8P2-7?j~G!I3;RFw_8BjR
z7HW7L&Da7v_C+=RXQvlj4Ocqd1m5w11IMA%sD(YW2gj96rx?z9j^Tu(`X_vTa{!DS
z`HRAc0<(N!y@Da@rTkL1O(cVm8b7iO3AHzcwtF64-VJ95sh=%MO^|y*fvj6~oO1PQ
zAv)IVTdX_MR=sI{N+ou9b*2AeMld{nwipagp2Hv|bRTDa3&`nW;60<6c1z{R*r7bb
zR?my;VcMw|oBBGFn_s(8IdAmeyM$|W?&nV&LIaZNG!lH`umrBq{<p~^9h@1z`>HPA
zXg-igr<U;@;=S}gs%23Gf2wdvyg)ath5c5hpcUWZW09y)u62_186zS7%VhHBi<&`4
ztf_;7#+U2rEQPjxeMdJQBJn3M-aTDHBX(?>dc@+KUFEM~E`gMe9t$kz4;^0YL%#8C
zHq&VX?;`^yl)oSnh9$20R@kJh%#Ja=TIOvIpD{=_KW7_LcjuwSrvQN~Po6!KZQO2?
z6jU*8=j^2Eh&*L~MBg#@y816HxNz8ITCF_0<p<I!#?_`C6o$l}Oy&?)yl~+{xu!;Y
z-nFPmlViOJOSS((17t8Oh<r~neBXbNcfL6fHnC=(M>aM#%5j%0Ex-NTJahRDHaSx`
z(`xc~um4BGm7FU=_iZYNTv<Y;ki9Zxv*hCv1?`rI&Xd>0kIO@TC2i|(I#U6(%-r0Z
z$J^$dh$a6ttDAR;QEIte3g<ZWRFe+Ltk&J*+jAZp;c?$Rctn}-uA!<*>EYlkTQLdI
zfV{d$?{KYNyzVAv5$BKXfK{oxL<DwY#J1AplpRogLjv~!2dEndhRb`Wgp|?V-^i3C
z;+12QF<A`rP60~4@ZD6*(^{)5)U9FZ0%6cz{h?4O09_ezP!sm5Tm?C7s2ff$0scZT
zqor2P5?`g!FrPwf-1vCuoJpI?A@Tzax6P$D2VSKvvwv$#=XE|xR*mH4;Td<&^Qb|a
za}0O)yNM2W5jR$eqZwJ^tSsG)CpaN%mGW}4#ALGzt|`F+FA9QaVr<9WmC6)Gpvc3{
zUyncGEdyS~gP|hxT1dM2b=;G-FSBe)_*Onp>QP>gelm(%k+i8ZH}mzlZ@+O5!=%5N
zTikg18#2PB<55$^Q86DVj??FIk=4k{JAKm166qdw5kkfGui8^*U$~z9{DYu$03mk@
zD!!-n0*v)U@<M-r2Gn$tQr|Riv6v(Z9%j<ay(>&-Ah`(3K~-8_US8lDf83}O9dPvt
z@0O7a?{`_pF7)UXvk<=d_m?aNDQCYo-6N|ODRC%{EoX>#u6oRvu3~G?bxl6BlYYQp
z1+xRto$v$yO6FhxBdLkZMcRdwIl+M2-pls^O{OjJ>Nh|tA}-f#fxO=>d}G@}7Zh+N
zAGs~~LUoS#e-<mL;up%Yk58d%?yx28ke*gCmz13^ZDz{|I5Y7<j_}F8|N8S3{km)r
z(F~yaX`6d@eh-o!C9^<AU#!hTridI)h3t-Lk&ePAX%D;U34@jKvccn;@faG4M%cgd
zoA5~;zwd}jdx3?|oCKeFQz#~Zlyrb2N#wl^AG_vF@+&+iZcf`M#_Sy{*2F(?y0q5-
z3{!z*(${oBgyn{Vml^etj4#pVA{F>!m>R}^WgaGqM891kFP;oZ7IA82BfTg`ruY*6
zj;YYLcQ76MV@724)Fw@D=#c&C`nraoDjO^QyKZno42PQ=dUtK@W(L>r^+u*$qUuxS
zBqCDh`fQ!jEr1EtL3rpcOyOUn3NR}kTQ$(q98iun>7O(m%Pj8pI7Y#9<o8y?*2(@)
zT137@y#JnUJ+((8Koqn^5<bkpkf|HsQW8tb2>8K^x+904UOh9=Y8)j@tCZfqn$0a+
zm2>6Yb#i*OBSRiHRlr5Pz9~IG+iL=URm5ik<V|pIAI@5ex5;%S=n<z3Nzvn$VXQ2w
zt8aio6ohp?{Zc@K^JTn<I&wMYZCStg#Fk9ftPYrvf@CGZ^qGJk>%6qN@J>~6Fgae<
zwYtGOqOGm{B{uAk3_W8a)fHy?Nu7%cuVf|^V<UawXn%xf9m;|^zHz~+fZ!7IGR;L9
zkIo0Bth%y`38EF>$7^3NzVkqaH2oV>by_*0^tbx^Cmsgq{5Ng4xajJ4?hZ)9GlDXQ
zvJ=y{nv(VrddzN9laoS{wWq=k^C{Q`QI0U%Jk1c?p07HnF5Pc`0HMt^H>fMu$nnE(
zsSXRRM^lxESYld)?1cWxxSNo+3ewj<QgOof&oI0Thc%MIy0;>MKOZC90AtsroEJ}?
zFiKuYrBk`}P4Hc?IPDh}jG}t2_}em3JxyBbC&DqIdmd2AI8Fp^r7V?xtckJT1ExvR
zBfV5%Q3=g3C9k<NqH1>f$qz+w;wW|h=|o*4*m=Qy;o6yW!zk4O7FAb~BF*~ZI7m__
z?BY3Tc`{E=-fR+#l&FL#BUz*Y5;j*z-!A1cBo~$X05S=<o-XGl)cpx0mUL$iEh@j6
zwaa-)FJPko86vyE1o7k3D0rCmU@xV2mf^Gvp#%by&y^pkco&33zi8|G+=sQPW%-)9
zfBy#-oXNU?nmQ7vdQa4p{~VWGf)Ph?++o9LZ|bCu7_$j+zVhqTt4{1m5;*)AxGeQG
z-Xnfvb*BSOj-wfPIXSuX=x7>W19tM9OBP4WA^x|kto%4LjW7c~;73Au8XfYvUVGk@
z5N3i*ycF^LPYb1uc8k4&5!BI4kSw|?c=H3u(KQTTcZ(v=UFV@^&==;C)w3az(zPU_
zmQVjLjcmSr=V`={wjTth(mO2qmn*p6z>Z1QE78H9AaA|-cu54dxsCcWNAj-Vo(6es
zgH`q3{*)z#m76T#S`%!{_zUuSo!@9Ua(AoskZ`?r(TZnK+r|_(JI`n^3vagU#eScP
zOIe?Q>Zg3bw&PkJ6FeyXy!CSwcV?K4K%IOZxh;<2YJ#2ri19Z4ZV{nP;Qd!z^64LO
z31M2OS$9u!l7an3rhD<_Mw>bxz837vlQEGN_pEF9&_Ycfeum~*S?mdlnqRQ-*2hZr
zU~b#MIF>y~n94kG5*t#`PFavEu4qigqBeP87qpU50gqjzMr>oPYrGQ6v^FhnMJbxa
zHy@**H^#G_2s180dqmaIS2pJ~DKOssdI=KCvBpNJ28M>rLA+qKy)O!_(?$m25<CiK
zzds+M?RBTPdX>h=*EcbwugE07Y_0axnNGk}V+bClLl2Jun;J=rBc)nP-``u_R{$uN
zRK9M)XIev)8WVG!KeZEOFvvj9eTO{INZm~VEe5`hZ?tzAO62=#oFIwykzvtUYKz;b
zy`sFJV^e}(;yy41>_vE~wA9cl_3A2Wc<q}lxW9J)hP=@p?M-g_$DnICM)n_NcFM8x
znqVSQ2X0>~AU{tr00@<UGpB*!sla9Z%lh`XP=>e63X7n|8(4;){#kvzJrIh~@O$gk
zABa;6{;+E`<P$wmNpL)>s?Dj6?D(5Vsq_l>FE;L^VE0B+UHh67V5k!9EZW{Sl$JuK
zh->ti(wX0l^dhj5dH!5&hwahJH%+f{0oy0TjnzX~m<cC0)8}TVezMl)0J%f<f#yt0
z_4%;8_={RWT&7Sij?LCJyamnqO=_6g{4z4)oNIap96MV0?oD~O@i(ko@n6qy87ky0
z`I1x8;b*Ddm`F>w$v})}8rcvS>dxqiW_kx1>*N@z-#j9-r9|Mp%O@5uNF`%TnK#1^
zGU=$}!OVxPz0MY-0IS={e_9pkMZcV%J%%YRYZurKsDw#vqG%a^h!;UYb5d4u;)~C$
zm%uhq!z5ok{$W$ZwEN@BGhGG}vJ*xt^`Asu+V$K9<pGImf^v8)a!wt<<(1VIh@1mS
zTLn@S9xwd{;bK5>QyaO-q02aonNo0CcmpIPafzGnZ}n%eJ~?_<GOJ0m;jX;Q#ub8`
z>&c7aoX%XcQRbEJK&^K7xO}{K>yg`IeCIB3W=hcvkUz6uMUcLK)zP;v87v{3NB8;<
zl3g20$fybp*C*Aq&YaXhBqoA-4~{$sZ4P^satolHrp^^bh;fvk`!;}2Eq@x<whkkQ
zN6F%$;rBi%2<BCFUZHh;RJ?lq{`mDY>3g;~v{=}S%6IeryFUmcNNGohyL`slHQL+1
zK@l0q*K(RUESt?|z~Z;b9scUCxX0X*HxS05ynMGnOS`K;3Z}$hCg)Qb=u&mFr<H_9
zysj4{-eMx0>1?v+(pc9fsP9+SU;ehR03tM=Udm71-Xq{3xLIHGf**YzUJ<z7-(EhM
zf))l+<aaByibV*2idPGZXN05Ao>msB+8MDtE_*mB5PuaPc>Q7L@B}DF&$&C2=hKw`
z@N()<V`q+bX8iNYka+s`^?3%g=3lQnY5z>ijA9ol2i29noh3s+dkxy;0@P#E_-{t(
zQqA{o<te)7vT4iFTYV-F2QRk4qN?$Mz%K;kIV9B6?F}y&l4o+n@)P>;b62-xVwVW3
z{y&`MraIhBwyjRghrM9R3C|-R*I+~)fvZ>R_B*epyZrboIFrkVcdCiQI(;ce(&Yb8
zUkXAe0Y=t!CGv={+f8(kUlCf)_*9t5%TrdveZ>5)9sJ6<hS^!)WyU8w;`4v0b~Hcl
z8KFDpn#LUX*y|Tk(FQe)xzvM!px}>8nEhw`U1ouOGaSzV=hK$Wc(@GIEPq1m@rOFd
zS53OxAv#;LP?Bt<s?o?&Q?Ip|`2Aj5T9#Vi4$yokoJl$-ekdX-UXVj{<7H^PQ|&IW
zhhvN$S5}(I{r0jd`c(@x#_FEZeCkg`xyn^F0Yh*qw}&>GM*lS>-LUB7L9mJIROa>P
zw0XCXrx4M<I1WP=;OXW39~w%ylr?Gvl)1He<)C#n`C{fGfEUCJTC;=-B4>r*jhai_
z$ba7Re|!-v57hrdW6`SU^NKOb{mi#e7E%+W`=v;ByB7oh=xwWgI#htdQXv0j{**Ci
zXaTeJ$x8lGWSqJ21RmsYR<5n3GWr0p;_LDAev@$f{6WYi`|wvV>M`A)mx#tBA@7Pw
zY5e#ua$!$4>eZ8hphJ%ec_3jfz-yA^E<Hv0K-Jx#d*AEj7;>L1jhoi<Lv``jsLEA#
zr2H@I(2vqI#}#JE&g!tg$bc4%dTj9dskI7KfJ_W8Sd*+c?v?zrKOqPUnyQKp59c=@
z{$<vkt^l$j4>Tm{_j=Mwa$KamfnJp9HeQqAG1Z=d$dm@I-FMkt-rsxib1pxjz?~#`
ze=V(1&O~+fR80ivu)T!coSmf*)54?6&417E@cq)$Z#w@z$E*zU)Z&EMf9Alu3}Aw<
z02eYp6OD=fPqy%d=%#N=%@7;BXR}3k7AU7;;|G*bIpB=ceDBGWf5+w3rx7Z$?L{3y
z9Mnj^_OSY51qzfXe`&U=|4XyA-FS_Z^8r(UTT}xH`KI}|8!Vw+$n#QGX~CjA3KP{Z
z@t-KVESN~>&+JwV8Z)mn{G8$R1npB6#DEU5u&|`_?5#x300J+L<X2kbZX1${9zpR5
zf)d?=elJ|k0swX9{;$S;S*Kjz!sg7KnJjmOe+t8;n$|CEF@N%Oy%&f1tZ$DjgF^mZ
zFYg<KSI8AvQYVt@V~16j*+vqtPHYpy==Z%HS2#I4Q_bF%Wf(zz?64I~;BI!&N>nvv
z-+U{IfVvftF5ee^t<xRxN4njE);Wh(OPe8NTy$vf^8UtUYKK<{$2I+IzK%X+-U6A}
zmx=wo*IwM<6Z-#DbYVOjmueOyUV;U>nhFYp8bri2-O%0=N#2`#@)ByVH+aue*6)Wi
z-!@b`9w&?3{#@88#D(Q>erTTH?ijt4r+%3Ge*)-e{x<-ffIlMJb;v?8XMf%?*ZN33
zEsFo~tfb~GvVKDehyT93zmtY0KrqE13}wgh^@tDMNai{)eAV&)yPC^4_>Y<kTG4SU
zuYT>B)JtyCh+%^L#LWUxNl8Tnsb@q|)eeQgr6{$6kFI}+i)gPKbAv?*v$N^n;j`6x
z%LCj&9tne9thH?>TZb@ZYHy>Pypz~>&re0Vb|mmfCeyTUgEl`y9bkzivqH3uV6VzR
zOI@+Wkss8GJebmXT0B5$1vd4f%*sogTkL?Pvn~<&NY4-75`a@1fp+;BSsuE(2ku$<
zM4{ALIi{$+7EjAo;!o;1buQ(~0d$T`kFo|{Yz7ETsd->DUOj$kseJ!b?#%&xk?)TZ
zbR+k6*L$-dyyBfV`fT}!_1Rv<J9qA^z4W072BNFxQYT^P<3}BoS~4x_>NB(F(`?r}
zJTj_)%~myaurnRT&%tT>C^1Ih%{CfIjI}2(hP``BndvXA5bKI`PFfFcN2(%D&D8zg
z>=UNKYN<roj8dN)kV>hfwdcN-AkQs)4DT=Yd@|eCAV(7hoZQUxl~?Li8M0&ab9L<C
zqk>}A<>m$RvwY5fR}}Kn*js<ZYltm@JUGTH<Ox5b`=b_AF^Wjz^{0Cv$V)&wPM=7n
zNcs+n@@IEq4{|B>A;XztmU<`CdGDpBF0Gzm_m8^e;o&hoi|y}}7>zAMsxCnxv_*US
zGzHE`CtLhvcxEHJ$Phdv;B@Lv5;E+9Y1ApFo?f8NO#<cXX@b_^?<bN<GwJsHH${ZS
zV~3am+E2oYhv3FiUrv9Mdua&3oIF2c@3KB)p~&#Vo+YGb>Zk_nHZ%mN<udKEQ8eDK
z`NTrcDcq~`w^L0`UBvG@EYOgjRmA<7%{^vP28zbQLSHPym;w&%{JlR|D;Ht=^36ed
zNHkh+md&I51Q3!>4I2Lkpzd3%=7ae<-}O@i%-}~2Li|?$4|&(;8~@6?`nzRa$^em*
z1S(klk`~96pX$#9up@j63gF>T@9bkHgjQWf0=swferep0oSK~4+W5M@dXMP2m0w2!
zw)6EDcWnF{kZ0!QB`@yFML?-Gt28vwJb%Hpo5P%Nq3<fP2Gdh+%^({lKd6NHOY2q6
zfDq_R>kQi2kZjex`^}BtD@Q?GsUN4i0$naYb0jE)qiVZA2Y1KT6n~Zc2{lt*dAUsg
zz0oeU*2DAk@+1jrJCFbW7<8r$7g>5AHoxwHyguJY*dNE6XZ;9kVH=2MEjMV#C2_Ut
zz!ol(TKI$!osvXB-i277?W!Xe)wiJD1L)l6yi~SJGg&4#RGW^re{s;4X8NRYy_0Zk
z6}W3hZ7pGg7Eos1?f6zvh?a_IDQd?FvvY1IhVr5^kY%eL^?TceT(N&9+qWP;)k-V9
zGk_T#RIyMe#urQQMBJ=VX51qL=vYPaG|upS*bL+l3+werJAO%+nVg`;?p*%8=gWmL
z$8;+xVPVqihG5+J^)Np&TPuoP;O3zMbt8<qzAYK%!SQg#)Kig*m7_jMxBBmH^qqat
zM1z`jIPe9;$7y$2B(&Zi!Yug~A%m!-HW9Jjg7)Lvd-);h7pSeg(#M7mrTT22p?E&Y
zK=$fY_i2Z(B{o$5D#eM}KY*Y>*RVs;u}QrdL!4p?{Wz$=Nd2!IYt5nSu(m0V2Ww&v
zwM66ct;kYDpUb1*e5)=RQ-UmP!)}`g;--GFdWt1=-)LQ<o=N{G<_nvHq_%3XindA)
z@BGy4DYIzNWe<D^*8a)EM@XS}y@sr_%D4nnwENj4NX2ylsUdi;*(oK2O!`Lxi*(uU
z$ZPk@zD#8&?Y}@K4doyJgF9P?HAOgHmIic}OIx#*`My*eWVxN_U{{@~&SH5bPABou
zkiH{*B$bQ{OT~rr=c5k3tf{dqSMIsL61^aZBf3~A-MWhPQ4uzd-36*T<z*Ycr;ErH
zu2QvN0i<JC$OlonKir{k`Yf^y=R)!$Z4lC2B}l$&`cK5$0Ru?gD3@%rLoYvldaO)n
zVWJTp`rV3;NT^>QNDZxbTyc5-#>bh=6Wl&A`)gqKXbb!TKG`&!O!mPQuJ-&4aa9Yi
zRQ-|2M~=cr#hqk>gvreZCW%tMYgh|2#|+j$k&m8Mil?z`BFxm$Z_OPY=ec^Zs!!O}
z-}MB<#~m^3t`bLUtjMwcV|(i*su-H2I6&v&^pkRK{?K1;r?4&KK%DF{^De-e?@}`3
zX!%5Fdw5V%1*z>kfOw1GBcQ()vIn5{sCWW+=?!>4S3cuQI2f+Z(Tu<+yCKJDdLAd9
z?;&E|7W#N<A+{vZ!`#HK9mVd{h5cTZWltspiqLhaN8b7N$IAfLEu2ACjH$x1$b!zo
zmvGV|$f=Z}#)zgERZ)s$O|`1U1)KgjbowDP1#%^^2k6f~!66mC?Ks1cIJl9Jx4+`}
z#N@_IAg*&b`A*?F&+)b#(kFMuJ}s)S+Uq%GQ}A?<N1Z%Khs3WFysk&K`A|$S1y}N2
zbK|UC2}Y?-g;ofxhwhHX2gkNC1r^8-zdF0p_J`Vb+{)92wxR2f{Hi`~BqD{@jN18v
z@gMn>x65#M{{;~0^b%j_c9{bF@Qrn!H1+_L&K9B8CQlK}Jxn9BK73%$v}RO^i8(#B
zwB)N%a|OI58MUDiTsPyi4ldDQzd#m-O9UM|{~DXjwvrO@9!aS1wI#vrmI!+0OHy3a
zeRWe6Ar);p#dJY+&%&yhV-Jk)g1JXqrqzICs;!>n+6hiQ$H$~>5QAu>knVMV!YPGB
zpMHZpl_=0y*6pykS9KwvwqPapA1%PY?6#LUrrj>p7(Z5R-Yf7W{-aW@Mc)s4ej_i?
z=w(h+U<(^~%rvUSH>i8+Or+Wh_3Zi{PEEz+=4jd!NC7lb>JC~U<ADom)7BU_QFxlO
zb2z^_a#t&<>`K^~m;B_S9S`a3;v!{hc6?T0Ny=WVziPYm>D4nIW=}d{4!pN8qmkNC
zeA^V8UBYz4qDsSn^J*F1UKQ;*ty_!+aZ#~tX;Nq_6{qaqQY!NYR}%F#q>s>bE{#5%
z;N4wvru+xf_BX<u?l~aL%_2JW|5s+4=;KgovS-iq6tgJr3YqyK6py>yC2=1vLk<Kt
z*@+Bj?2li}BX<3wSQp21d1RDHDC0fkmaqf;`2sPag85Dzn@Q@GXK6Ek0qDBp3|Gvl
z4!<w!LJ{=^vM>f(^C8vHy~c2&2vJYfpe+&g6w6qWhf}Pa`IR*d%qFC}xB<ZQ<oft>
z(8Xybr7viJ!w(^m(>`j0uM+<okgfcn0l*~Q=Ja`Bxu6hGpR$kkcypgI;9HV;wKmgT
z9#x7wLH#oipTtQgGk)&uN2yJaqXQc9&D*|OKYxJwFQ*UWb0B=P;x{iudW8`s78}W#
zA@b&SijZ*X5?eh}S{fScourv_f~qiBR(&Fi3t@iGsc|z=vRpEhg(*X@9c4o<D%{Be
zN-Pn5Eh%o)1_&7(=#ctePqGYCx!E}^ruAl?Y(dT}>h>Naw!J$ctznyT?}M4YwV;KP
z4X})TcUL<eQO0yq(LdEICC2I~TA5w5I58v32~(Z=FAqlV(Efu9q^tQ07bx`ov>;rQ
zxKy`iuwG$@&Mv5(Z-|-lKq#6i044n_2HWlGWU9AZcslD8Ym~gC*aIVyxu-Owx|z7s
zz*QA4*ESP#<<)KtjRjR!*q%^!S|@4n;6)046W$N4N})T)gjvu&X4evrmVb%)E%oY>
zSM=A}?6i`~)h{6aPdY?qcBixArA(K{<5jyaA;l3NECh3Zh=k5D2k3-Q<!QeohH)~P
z3Z6j_ZpoB!V>*91|CVLip$q626lgTX<&E}6+2rtp^~y(oWO&l~?W4F7&ERVrWMgO)
zdvix|NDv?14n$gV(}+mxzY*N@`_-|Pe+X_QijOmc+^h*Vgu)(sUYD6}o$JrPGsbi4
z{n@o(nH{v7n#jAJ{Y$T|3gtbRD7qM(a<-j=>egAj-!;>&pNXnTaUyuS$uXV!lv@U#
z++y6#MYm}){Yyg2v`5v?26+9lg=0AH7c(IGN_j+%z`K=z2SMaQ(7bapaA7ChomV=8
zwD8j6rPCSDB6zjZ6KByZYYZH6dNL!R-ReTmUBG?hs<l&gEfOQV9~>Y3$akVQY=o3O
zn2v+@{cbnpR3*zF;rxBx*~|wBqNk21+&Tw_kG2HXRa8*TjlL;L1R7_s686jM8{wb)
zS(1gxmkA)HQp;&96Nuooziz9q%pSn?&aTty2D3jR;X2DxV$)+IFkeMYux4XmrXh2Z
zCo{AYK1T4CvJWA?tidcZ0=DKdV=P^9MHHRd3|)@O?bIpEO8;cXQvsOX#H$?nY<~>8
zD4x$n7j+Ta8r&X;*DwtEyNHB~hRr3qyDz!AFiWAF4H9L&{v^sSQjE}H*)B>~%=KVo
z6AE+fEY!aMI6gI#L{D|?uo;^7H{Pc`YLG2C2?9h7ABamR7`p~Q*zeER907jGnC*Vz
zrTRL6$$Y|3hOqkunW+NUH=*`OkNtnNIk#^)>E9h$8Z_j~PPiKn(V_q9%Wm?b&*2iZ
z=;(j)_91Gmxpq-CYp6BRSEo<N5ntXZw34Pce3+v^qH^Uue`0KmaosG+RrTa)^W#n0
zRBJ(<LTLnv*u*lH!-wBdgx8R91s<(<rQK52uH}A+pnj*dYOd74R^>4Oxw#?;Uu4fZ
zgDEqXFEd;(SbYsK8%m>s{>JU);@St!y>$Ithf!tJSf@7D6+mYmyOQXbb@Tw)HW&LT
z<)w@156<FvW@?M<w-ENuWz#{`n@1s<hJ$dCcN4n;8<zmMp@9x?FNkWOA0?Pf(dd$o
zzt=QeFI%JkBT0jL)@Q(@5qC4EGggZ_Napdp+5=6{aY>4ee%(YG3HlFTN1ENns?K6%
zoVUP*)pW)t?4Tv%3KAp1C%moUM)Agw^|zp5anJp3#o#{O9vD7|H=|N*S5N9lqJY}*
zgfT~Gr_DG=`K~-$&PD3c3#>Qe+gIR(lAk+7y*O~=a#J1~r<BdMSxl$22M^}3ehW*g
zw98&7=NoW!Ifz!lbl@h}kC<J${Yg-8b#RG|p2M_Bi^e~k*9T9Y!`<QI<`0x6!<h@V
zqitPM)<^fJ`a<$#Nh!rYSk}sMJif2rrjIkOWVtsY`O0VN?od^mYhCp=ByC#NJ@Y&5
z&x@y`*axR$Ox?4NIL=v1!c&t-e!L_K!Y~w5QjSmG{CA)`;5k60KF5@EUy%$M>~zDR
zL!f}=xRA2`7`jL8*LB2vGq0nU$mB)>K|HLNq{RD=p2HEfY<^}t^8BO0!jfU2JGRQE
z=o8WW#P{6nSCq&a0O1|x6siEd&et&fNZR8*Z}j&YCyBFFM}`*_n3EzRC{4?1mvGYO
zFJ6qvYKBN+yZDq<sRy=P_}weD4%Rk+mPP#;@}FzDWk;(!r0JE7By|}X9Tm=R5n$#l
zVHg)(I}QoG*T#}o+=C7-LN)zoSQ~&a*cJp3yUaW?LiW26=XYMuij5-_<KuB6L`f^)
z*T#ZV`+qGA2Q|4S?Cii9qv<%pee*XW#Uf=6Ee`Mc1?sG?`*N7j*7ZnDeonN{Zh{M|
z9kl{`j-h1zd6_8|$H^N_9$Cub5L8I@MOEtdl9kK(H$fGePQQHYzmBn-DuZp|!iEP}
zh#R-R&^E`kOMs&yLC$D$cy6w_&+^HYjtJc!0PA<)Kjf~u%JJIg$ZfXQVn|TW;y*z>
zvA0bTD+_{MGgL$(w)c^?A<RU}oFf$PP}oP!6x}wov$60fMR7X0OI5)RyX{(}9woBZ
zf%b*in8aq`za&~O%MW9fj3{rg*p_RhH37&z1EOPGn&XgV;@;C|B{D_1eowvl3zB(*
zI?cX)sk>#Qz-A9SXzU_B(Co;UxD=quV~*KhWUEs<=*DzpjHSxaOeOt3X0tge_T*ll
zlH9QE2C0fXR=G32W1*_0DhK^@yzJEj4eB5^_lNN(P9WuBWY*Fn_*HbE*Wn>U1;Hoa
z?Wl&d)bMagtExVt`!0+-VpJ((N<lCb^}fIbvy#|0>^**3cH7%u_yGQvo>VyxM;z}e
zU-I~S{<uK#W)X7kZq98`lQHFC|LhYvT<$Ts7pD@}6<-~=OTo-`6=J8^_-gqWj){rI
zIIjqVd;OC)6xrDY!aDI+w8i45Xh$i8`d0;IHcMS$!F>I;QO5!&8N2Ydn=tj<*O7?n
zm=v4xH=Gs3+K}5vCqxwL6pCp+y_)l33B@9leDRz5i?bD-bbbQp@=0teUl9ngG+RY^
z?}R7k%*<A@Z9&E|^SPc`voI4KB%ne82@hcz=FbXk&F{=paLq(AJHP;zyUT+!DWzBT
z(UX0KntSge^Tr^Qv$^BWBw!$!=kdoWX3|&NGijP<cc^JXU5Ia<lBS1}CUck_H4o(7
zK8GD3ZJsE1h|$Y|IXa&_4IzwomxZoKCRdQVqi+$cC<q+nn<5!0|8{ZvIrlrEB=Tnj
z#mv73etS~1x$<(0Mgu$oGWsin9!G4X-vhbL2Q@9&>~40^$=O?b5e}j_A)!zonrzVH
z$6*SMbB>iL5N`I}OYV+LXJC`Ul!mXE#u~PuqqRG21*Cl!%R0g<);w*>u{)jKm-M4=
zO=vhl)RDy@8ZYVs47T!T7Uo4lYAyunT_=C=89?hwGD;Uo?c(GQY0_VreHVYtmS5`(
ziBStn`6W5gD`YLVzTER1zctjE#;?&$c20z#CZ=p_yFeos*0}Wowv?E<1~2pohL;+b
zCjm0}muo#Dt9InF;lRmy>o1`v;SBM8%OVX^!|`lNH|`5YEN<zDrzvIHot149jGX>}
zxSm}OFW=@g3b=70=GCX{xDLJEj6CEE=>2f%NgU?pM$flfZLk4pP~-89LCzza&oX2t
z4qp}cCg*Qx2=s^DlA%cRJ6cnxe53<6jhoR~$@BR_&9_yI7C7vnof6K}$)PwaZ)RI&
zD*WJ-(`aG6=`fF&6VvJb=>p$h;tO}2xJc=a(QJ)$$c=U?o3gdE&`QOoeemjn1(fIQ
zL~;60zs*CfMZ}mnGLR>l<Bg9mDbS&U4HE<NxJ}3%iJHdOh?7|e)$8GAkUwq_*MuQ+
z5rm3LZ{&uj&99N(AmP*wrAIDD$ux8@vfCOBDzzPjaTv`T$zD+|$Y$r${SV|+M?wWr
zL2wy}TTPQc>3$dyo#L<<6gG|91kV9yl+vlsl*TT4M=b(*310?@=ylZ9qQ{eV+Hbmj
z=|veVb_WIq?yH|vZa@qC6T2klJlLMTG|tJ~!132I2$7%&BliqKMhMk}->Y|fa1s~c
zLGtQ6q_6l;@bBESmAV017|OQ?=(VW6z0OwNMgmV{HY=y9>rqBb&foNSSj98OvxkuA
zz<F#5BxBNsW@eI^+Smw2E<@?e+h`~U&zk6TH(+#-v1|V)7emI6^9L5L6MbCX!NYPi
zCi7@xk7GH6{-1*rVS6IZL-1MKX~^T<XY+y^s>-iiN9H2Zp&0dqcbqd+Rh17OH16#z
z+!<T%==SZ7BMMypd&wVnIde>@h$&#nK1s4^%!lH~F_zF>BrS07^RK$<HQ4$OOyYE0
znItY_+Y+a3^^GWbs5tnYC7i`BmauS|aP>OhM@hf7Z(F6hSo@-3=dBdG60Ee_y1Q8E
zJ3MVX|19Yh8*^Oh&%j`Sce{E3MUf>{epsO;q)kYItkT1j-$Y{ELi8$s7Lw*j10_s`
zre$xkJVlb=wgu;lTysFE{Mn{9p@PymLd|g|iX*V_;M|QZqib2<R^K`W=tq9%`N|+z
z^iN0%ZYYH!@7~ru?w}E)9wH;PM+anD9WpzQ+WZsxbIE;tO3hgSultDc5X^CcI1MV|
zq!HWt9MjL(yh-0hx>VtxVb9s(vOhyUk;Tqpe}1I+h_dW9%drn1KfX;W0YwL*cPk>l
zaMJNULW6ib`XKBqg$y#4`LD6|)`PN&_t&!&-4pyD#$hsbg|@vW7JxJBWfeDc^bSsl
zCMx~tcK{SDw(<Tp#s$N^fW7!_x|}l{{K!B}`OF7<N}7KL-~@<XN3K6)>6$0lJfy?x
z$bg%8dO?g_xMDOS-PGp?LK{J;1~tO`5XL5ZzhSWv6UUYrm^GPq!n3g1-$H(SGWbdO
zJPkBB^KSFz$$wRp*AAWVy71v+fpNZyD7=0te4M{tf1hu=lJHTPpN?JT6hZlOyArzZ
zJHu^?>q8($;r0Z*RTe^-fa!m{G;9$|c6IuavJOT<FSCIoZ1lq>YeS`YXtqtr7#=$!
z(U>K^zua1tc-n=(a|S14y7YMh6z?89`qf_m@5~V}JIKtyqZ-snl%?iH_Gp8BeNZh-
zUREFHJA{1SxZEX98Vb2Ep6Jnnu=5nSD9mT3-2iurFFGqzlUn}na@*J+e4Brbv~$=4
z)P4nT_K;gW{dTn_OBjt2Z^ij(94J8H3?z^7k4Mw&h&3~vJtKFN4RiLagk2D?RqSz%
zGyPFy3QvVuF{F>I3NE(sJVFUq9Q_^qS$ormtuRe?wyStURkbO{vuAPryQfn_{pRb2
zJGX?}syL!CGN^lmUWV+3#^C)XU<ZqYJ<VO9g?F6=2Gh^G-`#_gbL{D1M;&z}G#k(*
zpHYGw%?aVXz+Y@NPPV(G%r+nx?mgkW?F#g!#l~<yEEd-G`-*!nof4P=0&Q<ng^CMr
z%cUPXSD^R4dKZ4(N7boJyN}PzlSVh4MNNx?y#>VO6uXF;C>TlLrbl5zh{?zIA>3`+
zacym_D}<Ds%<Qe_Oc$d7<=9~9`MoKg{i8Qe<1CLesUYUvM+PZO_7PBUbzVzXssj#&
z-FvBk?Hf<lcUpM%Y(cRi@}hC`(>2GP;PEAix)n`NxMcO2b)rrVsoo%l{J6%a6VD~;
z=B`lTd7UFyr5<aB)OuotXWca!2{!OeI4zHT%hA?oa=<kLJ9Hgp@LAIK?df)H(HYdt
z!s)ORYmsvsGuQjstvGRACyvA6>G>yi&Nr%HfhY@l!)ofqq$lGKIh6}(8)5U-JzQq*
zkaio|jhT;^+*5?3#c4|I)V${KqLvkp`Lq&z$xoW{u98z7WEuS`VO>MGH35Ss3*PW|
zL{GIC$}a9=mvFU<AT6*pGGp51SMg?pA!X#dG{wko@B6EvR3*)WHPl2Ab5V;iH)$I6
z9{4(h){ReI0O2AX>stjvp?z{}Er*7umdpyGM!x0%s+oui=GxoKsp~)YB^!6`Al}>+
z5GF?BHMbJp92lgu8mj?|r@HP=CmDIxj5#W3jd$S?OX%V$UNPz*Z{w8DDg5{>WCz^s
zJ5;M6%$n6@Q*UtK{;{LmLN3D%yK9E)up`fe`BGMlM2#L{56(47_FoW;odtR!s?X%f
z2g-kdmrW7zJ;Q#C=I7pfSH2++Z{ycgH@V{ueYXSb@N#5<E_Kkr;FH4yWac@$GQIFz
zj4TMT)bTj#ccimY*b#_DUjw@nZA8s^1wQyfZ$NK(+iMLw7G@9Y`K0E3;HUtgd(0jG
z<(`D~Cv#k{1g12WGA^(!`q0<iGmNJnCYSsgS~x})gtWL5PG>rRJBs+5UIyScHs1&k
zWt#IK^EU%jJP7K<!Dy-@K@s@cEVxF`S!2<p-#|OL-g9!x>LtJc_;y*|F+mV`n)3=A
zEmzlr_qT!{HtSvuqf}>VcIpVZLy?qS?(i-XvV&r3jbW|-wFV*O%q`59^xQhgt;%+E
z=j#S&o!>nqUvT_DT#z)a<Sq5T&G^#$J7e0Da)-Dl=f0j9dkvAYZiKqqxE%_AcVn+p
zPmr48Tj_hTpLFoct6BQ`r4?JgGLTtS`f3|&B%F)kG0_mm^01$V)goD@A1fJ*s*?|p
zp32%g3VD}_D76;?)JUz29SR})3^zFCm@fn)3&}iqb!{j*mMSs_YIjws#BUF$UOHJu
zax#<MxzlF!!ba%paLp}-j8oIM;mE=%%TmEi-|@!K?G0A40KJi6bz2N^;?vyQOX~&s
z`s8F1%)4@9p*H8>o@auePwl<~k^D>`j@id@gGHOS4Xz^->HB^smih3Z%ZkgP_XW;T
z++={mm7RAR2Jrrk&VC)A5qXT_thR0nqP{9Z8`a<AC-NY7Y6yUqN`r$myb4AT8t!85
z<@(yL#WP|{aKqq{9LGq$Z3r~(fBmAXZ&LYISA$co{`_@#zXp@<V?@cQ5y>6j@DD+C
zzWeL}>fNdF7Z~-};TmW`@7h5QaFXjNO<!cDqGF>_Uam}E&f#-;#EPb;hc8grX~I`;
zBsH%Qq{B;zyKL@L;3*zD8i9zLw-J!i6_lF#L8s?wixohEDo1_$8I8G$99bM(8^^ej
z|1$Bg&7Dk9%5x@IH9&TW;X6=cWDq@qudlCe{R!^h0Ej8~g$RMKvp$Q5C2hu#tkNY0
znTXp3`xt<Ccb}New)guncSTd4F2*|pk%GJ+xu*Me!>xY9Z2lrzqEyftSa&~EN^>Ie
z>k|%Np0%0(-dCWXoFAc^EMFt74%&3P`pmpMcMgT?b9XPnTO-B2P;1Wh*}R30Zc5bN
zootB)tw%llKI)Ec_OB9VS`jiM;nGpS@t45a)s_vWz}!CxlLZ5|vHp-S`8g_*xIA3e
zf|x9fvX#z$ZjYf*|2P{`)5+;xcb3(&nPMM$&%?NV*jQzN`ojPPJB~aa$qJVfLEk?;
zEWA%ts`mcyG_osj>wC<v!19k&>elSLRg52*5f;gD<Wiw6_B$)dM-;&AgAhLxtlF8N
z-Tad@`P}jqlN?Azon+xGcnRslrp4yc;NKZahin3g5V<3sAnps)B6|)X^qGX<-F(rD
zCD~rjU15CIoawhhY<7gZV<yQ^B5~$YYxW7xE`)=$xjZ3xx>{-Zb>r{nb(D-Y5JqVg
zS!f-{Ay1R7`*ElEWlxes?e1tsv$|JQq2_^`u6olBY1WQN=}|3wY8CS1<nsbIGq8=F
z5x|7Xm;vE-oHF;p?fIg->Cf|ZoF;|oZq10Gm`-i$fLSZRq{OP$c0g+<wB2tTd%dEb
zfpDU`rD+!EnySabg1@F*%tY|8#Dl{Pf&MQ1?PH-Qy5AnV@Dxi!OFPBCy~re$8VsT(
zob*)n+`|}botKc~WGS$KO`luJXE4O`ncwI?8h5aBu>^q%ht4`d9A!CMevC{o$P!hW
zS3{||@xP{jrb9A?s#ABSe6o%U9JVq**ODRUsyFq?<8-UiSW5PRAk1(goT}q9@T6zO
zL5`7wWFVQKd}^`K_9G5?8SON2#v7Z)d2R<4+;dsZ_?5$LQI&vM1x{GM#mlZqgOsjj
zkTyL~zC{MMqUF7SIhC5&kOVNO9bTh<B0^559|YY=xYQo7C#B)!WajT8BRTgQcw(pw
z-A#krR`H^yg|Ya{QSuOGnM<axYX>&~J)ala8zoo}+a*WAdafEyV+-tX6$nedZk&Pg
zS#WwA$zVkIWtfNLzLDXYJM&HcgQpcU__QL@K{JvGV@CZg8}M?FER}&6M>CTzy1#uL
z{?jD@LA`%|NpU9f?iAlP__`{q!8p<l7d783{HF^tgFxb!$NpsRg&`v{+q0J<pHw9%
zXIzW7k2St~a6IbQk9mPse~1aB>@<Lbd3p@0ly}*s=~41wy=1X>7-DK+KSEOi8M5+l
zB9~j#`@KTDu=3c_Y<9_7c(LBh_9Qlu4%XgwmxW%5Z?=m(oKt_`zDAf4Ag@kCC4IWy
zZ^H-<HiyZkFL;k~ywY;r`g8`8G%^3VzE<^G?Eam@Hu#~1_fG_@Gk}xK((FD^pkIEJ
z$Uc=3P8>a8*OfdqN&YgG$a8zhx^R2p1?`Vt5eMa|mg<LE2JdT`!bI#0>fYkm2uqgg
zPr~wQjASPH>#>J`i%c2QXwv-$NktStO7RVpbF4UROfI$F2iaa#0qpnG{XI7=&@^Ff
zsiUq<wZ|p&cWCVpKE;FhJASnG_6z(7{3z*6LI#9he#TwcR-ZwDRB#4S0_lKxz)60V
ztK*ghsF`%*xm;L}TVf&UP&fwd%}<beSrw&_dy2<OW*z(9VpysY7GCcj!B;69!_cll
znX8Rh_r+ogAhT67Y7bIqMYlEa&0YE{okXpbp<)XGT860C<IjmZ=)E%(`=H^HHcXR9
zk;bGZGB7TF!Mx9qERBpBEz^9%HwAc-8tiuqy)qJZSm2Jlx|UWa*-K7K!5T%35u~O*
z6oV;W!~2)-_7Jmqf_Kk)%c5pxAyQD`&&Vk+SRGnTJ|X4BU8xD%cQ4<WTi_iHvB#Sw
z_ZDByR7LWn`YNxe@7r(I|2S9KmGK#-$g-$=B^HA$Bc&QkTWKde<-+o0WnU;BLv2S9
zwNyLbYmT90x{=KGV6DG#ScgV}1X<C+*hBd4Ga4V$4rs35xAq}G09SDdz07-Tpew5a
zNAs)?mSe7joim2no02ylJI{wKf2t3Ix||4{){GRfi_zX$d1bbts=A<@%DW0#V$=BU
z$_%&iVRQiDd3S@>F7ovS1C5EgOk@E`#C^-(yp%2V5lHHL+4h9Y(F2_OkxegKNL(U8
zI_Bz~U1t8Kmp@*comO=(Vo~c$X9E?L&r7t1Wms!FJE3q`=%_{cG-JbUVu<QxLZZ3g
zxfe}tXOGecJ)Ld2HuTOCw_Ne|JZ||_hjB+f>Xa^t9Ygc$)x4Ab@yhx_%Kg&s1p?yX
zxzWJvQn87aA;>17P|B9hSczuRRpqHzSwT<3(leN6J-sN9-Km(rJm?W7mGu1JVc5Y=
z-^&RDe)nDOysaxDWN)Z}_Ak&G>ZJod-;Mk@kq;*MLff{Za4F&01H46>n8>=nywhKS
zXVJBttz}6SHoeqz5kRiIVcgZ*BJ~g%J_Nob|IO<j%U47~W=Yx4-k~`}mPY(}pAy0Y
zSUJU&&9P;MP4NtCVn9b@u63?BJO`nNBNZ;mRzvKImQuk6D~9R(kt0Pb_NTT<PBq4C
zau;g1E&Zbf_zk^0R2H<Mc02*L2Hx}hVFy3-YEm~e&Y0?EkpS#`8yl2paVDKwKT^q*
zgf?T!9m|5(mnp^uh}zs)`6nz?Pm1?0c2j_H7xrv4e2?asM5)>`(AQ~<UGLx3{WADa
zo3`^DsI=G}3KZXy@LmaxN&*?KtPV<jXeJXoUriZvM~^+=x<Y;&6}=h-YbR<g1>3?D
zAh(V7lA>@bIDr^`v=4=|b<)xDVUHT)E>~W+_(x~(gg)eqY$SdS5dQD%BCCPfBC7WL
zhbb^yhR;c2;z)*URq@{K!{rW!qIiczwEs-jqDn8VWx$FfhzxQ$S+78~s_d6bntSr9
zT;K2Yu8}uRtTyl6OSM}0qZS*E@0?~0evy~=iap>3`HLy!aYaC#dX|3{_rm1NM*%c>
z^YVv<D6^cS(4yGm1EA{o;z$;%+d+4w@+K{T|C6)ohyG-NUcU9Kuhy^`qQ%p%K#z;j
z%l*(432j(D-bC*>HV=39kD7}hB$y~&h9a83(O)@n_{hm=E?h5LVjS=9E2Ns6SqDfg
zZ%4T)-94Bw=RBqVURz|Wz!KN{kW}V$ZmN;e2AOzLQ?@pPV8$;*px{j!F|!BcM%LT>
zg32G6^Qv2H2H4R7pC!*>`Vtj2dJ@$q#|Ggh58*s$;fuAxj`dHD?$DG_kLX^l0H%`X
zm%Ad-TvYR{jCYBid3e9}cB^uw{4+x}>nqB%B<-zak^FW}eBSLrSFC(Mks}eZ`1N(4
z4sT<Rv8r10rZ~87bBk&T@ka{1+M+{a_Ui(EN~?H4s9{*W%?B-1D`w@SoaK?|cPNT$
zE7n2&fhq~Ggr1mUzDHQGb0ukpq+>n1KauWh*!G}<Yc*4Q&kmeCUt9UpVQI|X80-To
zxqbyEFb7&5yzA*S4F1vP6U@uye|I&yd4F{^dahckfS=*6NK!T93_ay$L{@j#?MlQo
ziZ}AEviCqntx+jD(xCMcs9JTSsMdMhp`IBt>YyYZJ--^n7O?#L#9JaNh3JIdm213p
z<%;y+vmr*O`!%;*8dw_<<UyuLr?0Oo#g`xfJWM!j#@LTO)wmeN%8(;+;kVoXd>@}(
zK}bsVFkvh3v8FG4O+h~MmmDaO@m{m_#05rz6!ZfbBs_s6kTbu<8A|LlOgwZ)-D@WQ
zh(hoUsr%*z;2D0+7{#<p7fe1sTEs)j6WI8Ohb|BRw6~FxpQKqt%xActt);s|n=`Zu
zA~<7DDp<;WRsx}ULZ(~s+X}|0V9rp;u~{E9oDdU0I&0M8PGK~r5I!G|2pkeS3zVms
z;$Cbru;F2fs>8d~WMWURn&v@h4vL%M1Q;-*q)qWF0`ZyvI@o*16t~>7jBhZcL}qXr
zD;v)bg?1s0&OzL=*H_*!lTrWIoVG51K1`ou9YB2_HZQ}x&lhfsNBG;j+p7o+;k^!T
zJ6ody*;!m(wIolVQyO{&Vu^7Eo&r~M>d=T*xC_qKYo7zRtX=BD%gAzfIw@+K!4OC*
zch+FW(r>9BRbbz+8|z_!3JPivJzMAF?OjfvJ9aLPBjcfADj{M1M(yn#uZy!_xkkPd
z>O!pvkW9qg>VIHCeOju5kzld5`wOfYOaT|w8-8@lgktC@8cR!^ZLtvCeXLGr1-c+H
zmDlgDoP<_Jb7ej?)2K>+WvZ+;ej|6gSkm&x(5%qM^?_U2o~rZdFTCPL;}#0Ti45H0
z-P6%rGcIfPtt+I??$73iE@z#K<D^=W$^M<obEQvOjI25WT1l&{Rj#@TwuTAIitW=R
z=^3*7$<p|2iahZxW)oFDieCt>z2^xelq>3)#vBrJEUBL1nCCW}9Yh%L${m_bckBJP
zGC`waS<`V-Vzm)01diW7y|Rl%LpWlqRjB9U#{9>(y>C;GUz^+eMpyo8_W`rSfU$BD
z(_tH*2VNIWE>%qx<URvRr}7l|cHc~Y{mOo|dall37|Y}pZCn?)^F#W=)ANZ#Qn$AU
z^Y*Zn?h|eXX%eo$UHFU{vM$k&yjU}j8w6j6WY~shmV&EMk#SBzm_%(~D@>)_f3gn@
zm>QoDS~NeA+S6dgtkR8)#P5k+?5X=XlXaG_)w%>w4WY)ZT|&$5D$Ijr=_M5uY;>@L
zk`gLDz5$M`N6E+E-a$sIYnBD8;aM*phjkB--y_PFNe7T9&t4ADSYIbs*L>>v*f>W#
z@YIh=7Sd&bkbw9cdDgMjaHd_Kz5)BdyBN9&cN>B2G;8k+v|ag({MGm9VZIMY#qaWN
zX}tCic-MmD{0kdvlu|hR8$%2i(!|NywMI4Fn+(_CL2CC_)i{L4TPGPqzE@)QJQIO3
zc0m<s+pxEDjqefQ%97}uo}7DR1VLvAsu;_-25yhes<-z<?I{m(IYSV6K%$T43OntK
zLDR3W=aGZxJlvS12XtEot{34T$MTW5v=wF$b75-bZjLRssy-LBj5KMqRHc(j*`K$6
z>WkzEsyxGvvj2i*m=VGnRE{N$aaz$hgmx?DdWXY#VAkMMiOqH-H7A@}8G`ua7>=dn
zwol>I%w51qy~3gBCQh3S6{-cRxA^s{#sjphY^=fk?aXcscDXC!DmVV=kDoog@PBxF
z?|7>J|9?0fdylNFbF7q2_MS(C(x8w{A!KvN-s7NQ%ZQX@lu@FCjIzl{*`Y{gPElQt
zSD)|q`}<zE+jZS;*I(D)?|07YJYUcAd_Erc$9*v79BfQ;?DH<?Gipex2v0ww#`^1}
zw>ju{<@+xb%BX8I_h3*-VVjX+QxB3qGShlG`PRO$79$LnP-=S#%advd5}95>$b2pc
zUwgH7J+-9an6<Z9Y3r3wVHE!&Tz|$TaG^6%M+1GYKTlB+E+Esdl@S8<$Fv%7@YQa9
z1I-KV{O8~3fs{26EGQsG-iM*EoH|KU%J&13vo&wE;;qu+t&s@C^85F-Y;`Z{EdPFR
z&o=X~?<_v(Pd@12Be!(tR0B6WG{E%m2w?+87k-(da;9GF8~4`gqUY#R(0oC2Bs)lq
zI8iyBmnkh>{$jOuKbI<fKuawtcjBDaOpDc~gT^s=Hv!e73PZ!u#Wwkox8QB}ff&vS
zee{~z{PM|hnKhqo4Bi*TPnF~`X*aaUG1V-mCEm02FCHP3N+9RtRKpYd;WIpsY^K)>
zWOS)pLoM!qU-C!c3^p?!3YbL(W$rbQ^hQ%<ZVBVPtZ()T>sV9Q?K54Mon*3?ZF71*
z%IuVb&=ZB&4xFynBaJ`0$f@H1YDBJZV{3F_H~*~`gd^}2I0AP;Y+eYcNyK{W8=B-u
zsJM+T<}J)1zG_SQKvb;2UiZ-Y3b$0aFG%;_k(NPQ>GE}~lB6<uXNC|bbFtdms*7QY
zvIy(=85e+l{b578Gs#sxk%8hUHf-{nT_ougrQmXENaHrc$(sTEU1_{0WefDWS=XBO
zno1GNDMpm3`kz*gtG93DApS~o45WmmKi;;5$d#Slt6mCje5$?=zGrG9UmqPj$(;2q
zZq+K&G=Rs*1mFPODC%09Chy|Pt8J}KA!rLDSAlNAH%b-_r11TV6tgW-nT1J5PbQ5C
zDG3mJ93aL~M2g&X^V^m<O_L}>EXbe66Y;&0=gN9yCZ3~;=#(-G=I)zwQq!VtL1##U
z!~D}Jr%k9QkkdV<MD*%(<iY02>=LBhIMr4p_j2KUXM5_KKFz;B%_?o|A~{ZY(CfD>
z8m-jh`zHphq6W)Ke!n@vYRHSsFuW-v9eaLnbsH~h%v|OaCT{fIL$1Y5E<&S1j?;6o
z7tgpt{MMj1D|N~ro)*l|Zg-^C)Nf+?diu@@qc|1Ia-9I)DC1g>6Hy*YInF&|nV1A6
z@-n=4-RR**_C?b|H7l(0(<}5ETwf3yFi>+@(s*R_Yb^{fA!bPBPQ95f?;l;*zD1=$
zkXfBW_pf8_TijYLj(4gM;3mwz@PCYS=h%1;wDd%Z{J0a9#=coieS3?Hs2v4``1Q$R
zyZy-5H*@tVQMcf-!}ymFg#MdyASzdQzAsqPR<HsRP*^uk9jo;t4!pP~xcuYr!Q$`9
z7tX3|hN!3%x~pm+aP`kCDw4WEF~w4e*`I@A>q;TbtMnQw;_W$$mLy~P4JoH6^roO;
zntU>c6#FaX?R+@Ik|d`omI|UwdIG%fsxosFV9kyeJ?^<?sdQgVG>=gR;Df~cF3#g!
z!n$W_k8^nliFmdBZopp*ABc)J(VV(*(x`Srb@lh~AB!t?4^Cqvdpvd&BW?L5)FFe%
zmo6p*3WaT(`A*S~mRaaArhug6W=eKh)VA2i)NIY=Byzg_L<>`xzLZI4-*+LYWOXXy
z<(00XRe-3j1FH(utbWTYgU!)-)in|Di!Pe8iyGu$Ko#{d<nXm7<X^tX!9Ve=<xV}v
zn|YMnet;d+w6gmDg&P)$d$>)YtDTZhA($cp5sRkV_gykCnp@wZHZVI~Uj<&3iBd9r
z1K=+i(Ysxv|AkJL!()0uLkrDvtLFy3*MW8vf(nmlZ%)NIzvGTd-;li$74_lV`^U$?
z#NOpQam(l3&3q*&;_g=Hd>0fam0>!xeHAWYAaR`d=AIo!Tbm(Dyep*qVA}vE?H0mV
zBgi6Iv*zTg)A1K7zjWF7Nn-J6`XzpzuXT5k7=ZvHs@~=;2Mf6Y)6Ew`CEAE*2Oih(
z;HR{H^4p94u#m#X1}Ts06-vp<=gY@}CWx15K({-=OBSU$-MWeYvZ;FXF|SM0)w9CH
zKYvL_R1>10lA8U_Su(%8!<ZUUH=Z5dtpmf4G8U+LnTOa^`@2%#bTQs5_&unW#U}PI
z%isqQmG!*QwwEa2XlQ_Dxq43Nxb!RlfCX%~eRy7k<UYUu?HO123)+$9Ar@S9<Svyc
zxnH51fNry7*|zTMrxWL*zE9+g`gEsgF)$rw*A9_^8bil!e**(Gkzks!JasiP-w1q)
z(j;{X^5e)mb<!Kf)lIfP<IZq6_!mndI}@=9s69N!;$QdVvKpCEH`=^Yvb#;9_=1Wf
ziBDX^<BpM?(W;4F^pA>qq8&{^P8HrVczYtvRVLrVMPoelTonJwb0PU&NXIZ;IU0GA
zv{%5~(z0*&>xFZYXB#)rSqVt9aGUOr4+PCQWQp?ovT^;6K1}RzU`23o!~450&7=nu
zpJ_CD_V~~XOu85pnfbE%Jy4Pc^ZpK#JcTp)T;7tH==4%lWQFWqCxz&uK1!YPf!MJf
z)pP65C(7Dlt`rnQpK`rxFU$rZxwxCJK~9-13=%Zz=i4a-tPWYieq}>#%p>=AOTPCe
z`_v<|nzpbgG;#9rytB#B118>ZKw{|%2a&XcSqJ%_PJ0<HGJoYQ2pSuAF4;1Bs<XSZ
zef@<{CQd4ZHi)VCmKU482`D8`4hk2|{Hb*zs)#Nmq*{u}d;Xw5QCFTres`NE`oaRW
zXubgNIl#yq2DKAgm<NNW<&y?4dx&{1mIqO!ph@p$`?-Vf$wzq7R%6tx>G9NBqQ!1o
z9k0iq@R?^~%Rd8Ha1cMyXeNy+Di?fqqJkL<XZeFB_N#VvdqiHrZf#w&HUAe!77k2?
z_zI*>CwT#w7Sg-Eb4wF7cq{P`M@C@eIDlc`0VN&w;2WU)s-3?matvPUqKXDpT896E
ztw`dEvW>A}3a331npb+b?iedxpwJCAb+i}CO}Og8b-_pZAITyJNET{tUur9nr+o)c
z%d=G8dG!zG?<bB2^?coT8Ac1IZNHoEEHB^tGAgLSv5qlkWfI#}*_a=#2oD>5cvevN
z-Hv(2lO1w`W_9Sk<BgwiKTgfoS11RqJ$XbhdoS8zYsid^n44y(T4z&<<~5imf3M)Q
z;Lm+FBT;nvOh7A?>@WJy@q;K{^ks^l`)`;->f5>nN+@$Iq@2&_q&S5YQh;h*GLimz
zx<|BNH4-(OtjbwV>UZ<O%WMBtsdqZ3<cg3^+lO~mFN;;=W6~TgsVUR%{2kRxbk96b
zsJU<5d^1zphXuzX)`>^!mWd=y5UrGO-YTUTfa4@D{g$zqgc0vquEX<+Gb5BX%v1(2
zu!;kZn{<aq2{Qxxvx*g<6=yk=rYfUZv8>+ljiy-6aOp4W5P$O0H*v1Cw%aO63Gm~w
z`#jf&F~SOUTZgtjRW6&0`X=f7yrk4jI4p7E>Me=qTI+115)J1o&t;|{(iSTa?)q^*
zP^6sl1VHoyOth&8h7LVz2=^kJ#8QkQQxEF{RhkLNRFRq@c5?dlcw^YXk7Zzl9$iS6
z&sbNajrW{xFnYx@<r_Z0aKzs-e=sU$hTkt)n3IgfFo5#mSsHL&an>d*kYuI{#n0sy
zQ~g1jGIjl+?^xnc;?X?EuGq(1=ZrUfPW!#4GL&bh2i}7U(u)g%;c?gYN}=4XTusOh
zqomSM6?WS6&6p$8OuiqK^lo%(z5<*?AAa>$kNwwgZeGevou-K4aJQv8(aDjjM*oAT
zSf`DZ+17F2qAh-qEZ(hK4R^hT1$cl-4}Ht;Q&o74YG}jp_XCyrPkQAMs~{@1bDbc0
zJg)UC_*<Il2EI=%H*7t+xw`-Bm3+XU9sj$|&4IG|-6<c@MIut(sobg`1rwa7V13;7
zv)>Dq1^$A)3$eUWSR%f_u-;4V@T00K!z04}n3usgqlhp{Q*-wAaodk<$|(W^>C7FJ
z_xZhyyAf0N4CW!aRt>aOI?`-OTs{;z($Samms$1$Of-5UEWYo+a0z>hp+|aZ6WTgs
zien4Lc%$x5^oT*uDa0Trln#x5r9}1uhLtA0oApXs?NP%=GTD#ee;s^pn?>~NF3=Wa
z?isRr3Cj(v)lS-_I8Ab?Iu+T(|EEyxsS}jBY2ck9LCej4O#WC(9OLiPl1+1@|Hy{I
z88o#ufHLg0c^1AP+-8C#I%i5V>eh<#i<G7C_`~qt`03GMpZ2MQv^JYvmz0oj%%;E$
z&+dL&N~t9or-u-W=5_;g{f^*PEtt#&uGlTheRG3(ii5YMuFgRBsP4^I#-(HX_@YDx
z5mLScog6icH*2XI1{4MqE7GY<Pca>)9#ed)l!$eNqO`42f=Yk0L*h7QzN4Ci3%8N{
zx{H%Kg9SJHSK;SZit%cR>ohcJSu&TNg!Ft2oNaCDeyTzA(JdE6BC9yyalgk}4at-p
zjYLsvOnGC)mTsG<as_>j6_|&>?FUHZI1-V5W2)uGDI%giNAx-JYo)K*r|8~PyDjeQ
z?3{s~Q)ra&i}221El)H9-^tT;OKgh^)*YtW@=<1kOwTr)K6s*~n+&+!;gV<3U|TN%
zk^vc=7`sR*<QKMdMa4K+)9b$mMGj&AYu{=UQtDs;#@Zw44MDL8{WHQ5C}Hc)?C-|Z
z8D)u(a>W!mSeJ>*FP6T(Q+2A7{fw$+{OimwhSj>uf943$m_#&fx={C9+tuIN0_2#3
z{#jJ(PQz%ReAM7pPjCaselt1Qc@)}HPeI-+HGdb)#W9f@Z=_AIM3>Gt7E7vF{mr{~
zRPiB7GwvFs5gS}bMJ2xm1!7t=hTQaUp6n>&Jj`+5#k=fqzMRXvrY(BSKMpr%Z`Bp=
z`S9BS=M5vqvnU*RXX0kfif6z%6TZW+<m0D^Z`=<=p&F;0c4uzd*q*s7fG<|3nDp;e
znjjW55sITM6Vj!^^(3IeA*(U?K4-A_04(!#vz|0QqAFuYI8K^>59?Q%uB8#i7mr@D
zMssU5P+Z$)t{&DeGY|k@y9T`}1*a>w?WS2JFpITZxTNso*BwsQUmGot6h&JLGOc;_
z{ivc}?>R2L5S~~R{>!N0?9}BqKhEkhZz8@!zhx~{24WB>PTDV|1cP5gI8cUp*lu-?
zrXkjIe$g&WW>;Hq9j9I-j8O@3MQQph=%M%7gwfqUfng%Ps7>ZZt?{7?MrotF>r--@
zACbjdBjIZWH>kUdVz_qNoY2=%DX&?x^*bN{F(gIPr~2>B)!(6r``Sz)Kd%i9a`KTf
z?Xe_j-N4}MQT)l$J?gw)sbqf<V@KQs&y^;-rD`=@gyd%Vy&!hMS$kxXNUN5?gtK);
z>+EY?4x5HYi-~QgSNte&*L5<zHsO9{!gGOl{f4&RRjwd^T|%yMpP3zUCPBq+n0ZQ1
zn;=C~4ik&xq)}P}EI8Rcww6NwajR}Mnhb86&Jijh=BPmdfjLXR`AaFzT$$+Uw|O3i
zknH^?DJ2fm<B@<okf9LPI@$N<v3F9imA@lf`GD>#u@nPnetHPKIzl45$%4E;A_;J#
zUyoJWToK`uQ1JoFghW1d>(XRws@6K|?c;>T702E;lWxDyaA;K|4?r#>x_}(9yxYR0
zjZ?+EA<g}rA!wL8^D6Y6WaMa+xM)$xt1nduweg}!>5QHbv<L_{&NkCWXhxnb(pvk!
z>(+o;sQ)b<ye)3>Qg@}+ka*eXIqkw1yu_?)?3rt&^$VuC5>~t3sgjseq%d9@wOj%N
zk}Lx>)}51MNh5o1hfkg#86*bn835e91?11v^N%l{Syw5Dr1%Tg?FEwo<6z{vL5Vdp
z{|{-?1pV~;8aJtx$tGk9@mSO)s>rqMLrUV0u`kDhk3_b&JCt8~nkkzJ^c-QKws%%w
zJ$*)7JJRZzTL#v$8i+~0Aj_i3hIgQM9mSG32fUyU;NoY<K%i`cX0_xe!kc>_tZ>E%
zKd0676H?d>5b6*MZv~^q3M3$1po#YBNQAwxU+R`!rP+P<*%}>~`Mmb3V?d*kRtl9@
zxFm`KC)D1%NETw$Ia}Mpb&-3*v2G~<IHd(c{6{}rGQwzmb&i*xP$Eq0$Gs+Nv`u)h
zBG0eCKW%$bT>N%gW44;PZrnWC9s-zVO>`&|wAY(O1_GSl-p+8GN-Zz%>q5GJBwnls
zqjk_u{4zgYYk<_zt4?!dLtg2^{MC+KDH)6gpcegK+mqy8+w3?XZ!ep1SM7GC?b}hl
zkWrKk`fXaV?tF)_hi6BA-~A&^%Px-ZWYZ4gcy5p24?jUUMwiMzl_OHwc|)06UZ_@_
z2H&3ftfWgkla*)UK@r`o{k$wOf3PHyp$U%IKr!Sap_BPq-**Ewo(C~%vS8?9G`6^R
zME|uEvX9@Hd{JUGK=_5=CDPk6`mh!{7R<M2+Hp8Q(Ofzcn70M3KlQvG%$Cs&DEv>-
zV$EpZ&qIDL@$E|i{lISvW#h@npL0MHsU07So*?Ce>JDUD3F#|ffT8#9)|B%-E^cce
zqE8`is~)*$Ufsh}HJNO3k@?&7DBqL1dPDNXDh7Rkpi@rkUn<YF;(oq1-(Q~+v<jKF
zh~s{4u3bXiJOC~~WH<Rkt>s0V+_-RIH`yXR5Goe@MO^h>AzNfNd{cf_lMs9nbI%b%
zqxabggT}xz6|nWYue}D2P<}o+v}u4Jo~9@Ymr#gKKcGLC4<mYGn`0==+ol@1tobZB
zP0iOTKlI>yge4nxH5|0~za8`r0>s!@Lm?T6*X!;4*z8NMe#zTbuq&P43rR)!hl`vO
zGQPJ577P<rU~fsK`KGQD@uuU((Vdh|)rwBP%TFIJ6vf|9&5%X4yN9r2KC5IqOqN`o
z2?Rgwy4BZ5bWag``&tXvgkcAtB<zpuJajyZvIcH;>tpY=JZDnmSW9Ma`?};haA<a}
zRPW^9KDohcz~+oZ_$u-d-)E6R1oI>~aMz`KP*x~Du5?9fP5AwZb8}Qb<0A><xt$Op
zQ6=%>3~D6rQ~o!wl8Yt{ry(V~tlZk{$8pknm!ooI6g;)P9^>oxdk1Ha?PHCXR`OWh
zB<Eq`w_J9SVa00qbdoEgRp5KJJL!Qa6dL-<W(+M+4#aR{VZua?IgmlU1f)GL`*iS^
z*t{g$7M<xq(zzqwc5cBxV|}<5`U_FLhv$g#y0#+&zUk*DJ%6k#k8IuiI#zUMs_swU
zd*PIfLL{dYjoetTql;6uSdN@AJBvD(0vm~q?9sg)zW*Q^r@0<?NFASa|2nR|`s!ea
z8Ccm7Yp}c1S#NrxSVZkYnlN|~SkVe<%U4y%AnbcV^H9cdQVoQ(n9mBjhy|1h<0aGx
zvP0!b9^czzK>qNb-^RI9^~t^22Yb`^@E0dk6{`f#!aVmpGQlDdf}tbn{V!tRDuq0s
zgVx^78C_u0X}XwDcknO79b?D_Y<%T^KaUwHJWnPnDC7|aF9i2-7RuagUjzB5^F-%R
zek$H#xTiW1k834n7_Iq`mdBqYy#}XAcy7e|cOjJU_WzWh(KlHcc<`Y2LcI%RU#eo4
zSH()fG1G5YKy$@LpSxemx_2*dEcRNvKOA~_P|#ftH)VYS^?cs+jh7P7$*{xk-K58x
zeO)0~W+j_XJtStGis#!C;0_D-zt$kmk?G#dT>BKV_GAPvZaw5{x3%zQWGICX6;8i#
zXW8>it~|?zU($bb0hGV8ua>m94)P&xMMhq+VBtAhW3Ssbvn;a+Q`eRA5OSkLGTL!8
zQXW~eGq1lozlug6AJu4oSE1SuhH|<8!{lrH^uL&VV7gT{qMaQIrdut{jD*=*$9OK)
zfT|oNpOThT4(jl#K@$Hgr1%zJj-vhpc`;I`zn}_}MNUa3AbM+R+PbNSwy@v^O%X|h
zISK=x4^F97hQJW|JMGnW3RqRApet3-Ph!jH3x*ERDGA&}|DPFq(qRbU7B1dabmYZX
zA^tlc92iChR6J@yL(kkN2JFtLL+nRAScmw6W)>T0;{ajU%i#Jg59s^7>X-TZ)3bjr
z+D217g#kvj?xh)6Zt?*^_pos**BroWZDc10=>7nO&;+hX>tigzaA@X)ZZsQKQ=e_w
z9WnkFr99<TH;)*91w-6&X<9s4_^&Ub&HIQKl#g@LKdUR~aIq9c2jIf>DRB0vb@1;e
zjWaBVs{$qpA7&_*S^!Co8bnk#=PCX|bdfwVsv_{#K*KvCoZU?3`-1t>qw~FN?Cf3o
zn^VGe;(vclw4ofke24WpdV@57tqNKxc}&&4K?;NAXh$k`Yd;-Z5EK938GHvwrTG8C
z;gf@pI`uy+J_<Ueua59Lxq&|rLPB%UM6f|?Y=)U%>>T)8C@=D#9MlNS2f8sHG=tI0
zyQ8e%-2pOQw5TM5^CeObsrIO@hon74=E3nxI<4qErwDX!y4rREQ&-#JXDJt$bLqrb
z9npI9Pn@;WV_Ouup{!hPk|V1VjvmMRlLpfW@h0j6hcaeJdlHSu%gT;2Sz<qfL#$JV
z{o>chPw!6XI&Z>%SVZ{qNGvl+BEu3d3(c3=Mz5mgFXefC0C^zb!5Nro0wMWTj9uN4
zIX+dtRe>_D5>8LGzYtm&dp}wi810VXY|4C5w?K58hq#NifQ8P@4Y=2Y<!qi`zo2`!
zXv+f}#9CkmLm|gB5Df`k%Sv6Vw^w;?9d4CFVxmq9gc@GMSIN5#X$`>X-Oxv!oM<UW
z6n||=tZ8!p@T_tUgl!jh0K~}yH92jD%N9ww9U!OruIO%MN(LTjm;)<-cPabL0X40r
zzgy|Ivf;MR0V;eR2ukySjhX`!leg`WZ_tZQXdl40dgUe{!xKW11B1so|AN<%z|)CJ
z(5L#17%ktnFl9azIg=}tOj;;YXhhX&BhaO$ET)0X2bX_L8~0v#cU##5^g#Dw@+QOx
zW?M_EpP~DE%?l^-%jo)l(+_xWmZjeey7}_SW3|*F&r+v`sz;8bGGsZ&HKyv*&36*p
za@bQsg>>R1KAs<&wq$+<Vfn45A)LL(Cv<<~sI01E7o9~(C-bFZEb1?TlArCSnE?=Z
zpOZu}eu>$&>R0aev0;~FIz-B9aB<FoM2B8XOaYZ_pSWa6s_3w2VxJn9Kf6N86TdGb
zH!Go&>RpKT!AH7g>_GhHTg(@r-ZGW^1#T%#E0dEn1m4RMnGPXgrl*~3!87n=lSYgt
z8vzlF^g%V@Oow+~(nY;gV)9?6T}LkjRN=jQfWp`&X%)(TPFxG>J6D9({{7v~Ytl$^
z3=w0bqw@xXuTono6mOGLT7e?y_9wcipFfePR|wJ;{kt-ouK6bjo5-N5*{3+Uy)Ju^
zy(}l?Y-yUDSDTG>+)%?elF_zX3)Pm8hN7JHYX)JPBQz1#I8(D-T7-_pWG4HZNioXA
z7izW7vrJA@a@#zl4*CuJiR6&4LhdAY9>3=tIRx%srM7W>I#s=2KM3fa8J}>m2P?!h
z!}7?D+}c_td)Fhfr|<IV^v|Ybg+|V0(HDXm0Z9;bYy8PY%iiPrY^&^7Z9S?;pJB=)
z?~6z>Js}=()9K{z%SZidA(%qz{!G}0J`rbGAE0)mH{AR-s2o?-Y*VuZembgj_<#ht
zrCFD5u4Lgu@deA<wXYYEIJ3g_Q11vuTIRA-SdaWjk0hHYC@bHlPm$04)Jf~aWQ33h
zB<oz;v{2`-Y~mx|VH;qLru=@YKTmWf=Q4Hp2^YPm#ZW>Z-chsuJ$v+@4B!HorKZ0e
zO2xIrWrRZUO32IJn~Ml4@af{pY!<dWe*eOXD+<NGz`K5f^#40YFFpPLUyfclhG_ck
z%98SE`S1KOL5Lg@BknrEn6ZZq-o0FGOY2j2grAx9Q{P3~UPOo&3CVOyYs)yRCDL1y
zx%D9EXnXoyUV4pNLvw<J2%*d=paOu&npn*365}!+Hdmb*F{S5`B7BKvFz^&I_LMtt
zx}7m&P8JbEjyWyD2|P12@KW3}AFObTvtyh$Yo}6>bWA2oA;F$Yne@h+!*jYr1g89q
zWpV2!bM^~N4nlI`G5BJLwgKI}uwyy}|2Cshxxx{hejc5-D}zN+$-K)HHeqGN-BC08
z@iIH(S4U2fT1P|79hW0uCl9plg6uEHtM0p+l-m{|Z%eB$_=aVSK8Cou8cY%N<KeK@
z{-B&IZIM;b*){?LbFx6)LBpz|)uBZg-~hr9YmU8G*l`MKz>qjxz$@z=YL{e|i6gCQ
z#5_h;cXIacW5tb2?~)k*%*{m?GWzaDdtB+}p4xbK>?A`i58$xuw|6<O3gS_O3QI;&
zhQ<XbF*p=iHCTsbbhDp)B&|zO;5PH$UFz}eX}SDF&B}%5Wbn5rT1ot%^W#XydxVu%
zfg=3n9u4wRr|E(>kMYJ>jH3hd>)M#CIbTVY5RG~?F@<@GYJ{I%z^TpZ$bJ9#)wrxx
zd}10<if#Pb`-_E%;@kqGtG&H37E-S<)O}XFTA9taTGxn<9CmISpi*`B5!FF**>Y6Z
zg$qasE59-1DBfV!C7z$G1L|=3&^FEE@2ni)Q&d%OSFRFHp%1XBh*5wkc&cVB3Vgy~
zm~k7d=LRRUjoDrQ#j@GDlDy8ggjlw9@y>v?eZdb0O7;6Zs^N!&M#`&DT*oz;T}^+_
ze|P%bsiL{_K)y`HCB$HecJC-f`Ng-G4n6iipZWasHp}7plFEr~Aq1ySXn!ZganHoA
zE&RabWxxmG+brL_C~b20O$%?MS9)<wSpOdo;_;5PQiG5YmYkEOC&x37i|YM|PqoiW
zyMC)dcKFf<It`VxG_Q&Go$`im3>t*W3v4*$Pu~5k)}SILdDB2CYVhLmH<sd^J?CU7
z{NiFRg$0++XCzL*w2Ra~%<K{}E=lLIXy1%Ke&t6^@Y<73&mY#WE``-MK@rcd=v1gq
z_)?gawEl_(cdz1dSk$L|YJ+!%k&M%EZr_g!w961!aQS?bG<vKF3d~RJs<;AA>`XDF
zDMqKW4}C>l!_)zEp%t0K5f*Io=Tzd)Z@1^V>F)5YUP7@55MKszF!O)w&r4VG`RLt2
z0#d-lE8l(|ePPYn2y&rZ=a0TF{U=;*w8)%#dE*fwaO<aek==e+)bKM4%UFYqpf3;Z
zl}&cD;Dk<(D{}o7B{w>py&S9`qQ)XjT;;13Tx8@u$e-80YRhp;e<9?gFwuwbfbxJj
z5=EuaNNvO^J(u7qu(kcJt?5zszTlXOi@v}#(g-c2z+~@0gMhf1vw2Q6tg`veyL(V;
z{OM{yQ>2sH{7|A$X59I_`%(Yv;<I4m+jFCtd2|}Fx@_L_N?Odf4RA=C#VDozA)ZPI
zyV*Pn^1Gb&_L7^U&tCGYUw)vXfg|<nNz!VE|ILi^#gggyqPeBb<UNlnLeHE<ubDZg
zv45K|v58`ciLA{!kI+ajJJgf)tufM=EI0HRgtCTey#KAlZ#Qb7sF_McT6})nkY|kG
z=Q~&bDgC_bV4>hSUhd@~B|}{VgF{SbBnRrjRj*5wlfKozq8W@hg-gAtH5%NUer`F%
zd5mswbD4>28x)y_t&`d%8WF_*HZnizxr<pqVz6I)J(~}soxfo7L%U$e565bF-!5Gd
z8h-aHrqK^n_Gey7Isclm6Uw;15SI3)gd?iDTF8%R;(CuQnp|8li~4#Q2m;tQEzOoM
zL#7S=vxn+Vm-5Yzxdpn~P`4%rfkF({8d4uvWm7d}3TW0Qo=T-^LG2~_=|Er~nyZY4
z8K<plbUHg(mQgmGbwsD1!y~%H+I}8+H@sDiU1X5d;!ES@B2LZlmS+Q9Vw7GEGmK9(
zXZqRxT<=8k^oW}yrC|w>2UDclu)))x%Par;;5(~pfnUr7)gQnt`X8Px?fjH72rQuf
z+nLmgFrW;WsGVVb*@gSwbd-R)>UsZ@&YzwGV1ROXg(<>?f@Ova#R64k+x3#FEMm^r
z*Xz{<HP4(-+QO{4tj{7pNeJar{Cg${`%p+9sz;G(=P__u{PJt<>AfW?R6firTxD~O
zeI&J)IqI-km6l|IvL8p4x^0VGOb_X<IJ&pkJv9s{(o`y)5~6!*6Eq*Y@T_Y?9L2vP
zm#OI2-2d)fR`oM^7YxQqz#=r(>2}%+p@7LV4QHC0L^eF-r%6RK4J<WBgYRrK%TLyQ
zx-=!R?AmZq{G%loW3OO!;`G3!t6|P>@0=9P9CFhJ84_as;1rnKT>O*MCVq;!TjT?m
zU0<5K>cVdBJY%8+cWy>s9T)C-q=5)7->=fYl)8ZB(9P^cYc&)Rg$UpzTA@#Q=QQe^
z-lm0enfF8;ioaPfCc7#adWa=&>>gM&>s8l=?%(*5{gyQ1)43ir!WA6)cAMdu->K)?
zikE-&44qLJzi*-Z{oO)D+v5w5UBJ7OrdHQLgF5jOAh3R;&aTg)ImO&@V%F)t(xtyY
z9!W;|mcbpYSz_ko*ljE1#JAtFnks2;+)HqZ>{DON@4`5KetU<aS5hxKmTdAP^zP+Q
zWN!PuSoq+f>R5533ap2=`BLo1tE{3JA4PaOezs(16Xz5738T$BJC2|oH@ni{!Tiw@
zU%P3)Pe#pd<ADAt{=xEot)&CW2=L$ui3brq76%H@<7UWPMHRhM7@C|I=}Tf5T`xJx
zwthyn7k)5n6|sC3$SNVz?uv3<$}9$iy5&QjhiK_(I7__9qKrOS00y~a_z(K>!b;_M
z%J#F0nzC(EH$wt<vn9JIE0a?IS<hX;_e&qLg|vc#Z}ps9d;vl7!aIF!6(%{Dvh0HB
zYMYmDrv<-v?xifEAHtNQQtbF~`~;pPBe>E3%Dgxpy$PZMg<a=b)Jwy3z7eCszLrx#
zb1xJgdwmasPVL-E?DVn46}14Z*P<hq%KS!j|A>4Gy*&8mjhx=MER~SlkL}j6$F=u6
zG8n{_)5v*~rP<9DItHsrR9WuMtvsTCmi2L3*}GITmgUg0C`jED4j(nJGQgRgiDwYu
zr6NLx<ymc2hAqGGqr(zBtfX}Wlpf<xiq1O%p^QdC(e%tB^=B@s^F|($Upgf_=hd<m
z_Y<^AF-<ygy>X-c`E;6#P>BjCM)v4#2Gd(H)Pg(q4$yqbouuIVWpE6iXFhQL&(QN~
zRgP5zQ1DMD$Z>7W9XZxz2?{uvc=7{(?T&j5Ey;L5Jo=&<nkcSjiDep-@%CDm#234+
zM6DlQt0)lh?H*iRA0WLp-yXZILRg5(l{emW4EyV$Qe9J%%_X~}6#e*4YWVLTIRW3!
zjrN^jxd@`<FGeGwXHhq);ILJepK1<yEXj<MP4R0zW58izz=26I=9&T$r6DC&Wy(iL
zW<UcoAQn5RLnosRfiM|Ny?zuoc|L|u`edtzHek&ZJU<A1PcEwfNjsw8({Q0;!a2zx
z>fnheIpU8PJ6flYqj=(wUM)7`YGR@K3|zps@=ZN{_){rl3R3-nmWqt1$NgBCc*y%S
zlnKRe#0sgy^SU*muhm8xouTI`2i(I2bj~GPhSP(@-nn!h<#TD2C-YNo-uX`{(9Lxt
zBXkBbJ5)6FcRwHvlmY@4(qDd6bBW12aW2a~U*Q`TeWUTl0qe~VKI~JO??qTW<#t!c
zeWU~zQ)c+AC|UT7iNn6S4^LirB*gXAE{A5ypGxvgT_siB{OSjE5jIJnf>$+wjpfhh
zdsp8Mddf)VT>D4Y`vZ#nH+NFS704TyX5H9(V8n`eGi72f)8NIdoe^$cyh-5q8JjZQ
z1}07(OzJ7Ce@H!-AYp^-`*f9+T&4DXiioWmX@|3&I*C7BGxWA($w%Bar@q`bSLC2>
ztsmy$yesBwX<fByIDZk2b=qrT{K&D6WWZR^RM_?<Q-Pc<`qj4Bk@ffPZAxLCtfo<B
zTPO6=7mTgl1U8-gLGmje;=81b1eKFsI))Eik3~-ttTyzl{V=KOnwnRIM8$ao>YR3J
zExKfL?C6|IYL!Kd&qSV#xwCN2N%SzEoH8dI>jCn>&n;N?9&99DatjD}v#0G!kp6N&
zcmAZ)RH9i^tq4fGOa!zY?8lpY9L1_1ghzO&??>{)|Dq7OAaVH_{-+RL-JZIilrdhY
ztNX97gm-njO#H(u`*=X9^M=}$xjw?!C)zfDC8S?e>9QbGcw}#bofSKeN3%oGoA@Ii
zI?wC9*tD<0QGpqSa^^MaM*7^O&>{CGxHxh9HRFMAnMfs>aL)+3aku3G=|3oiv&G(b
z+H;Hbw_ZjG{^-K>muaFQyy{ZHDEzAY^)YOItUQZhgz1R*?J2Hzda$_6dw$H5dR}Pw
z@CLE1c6$BI;6d|(%dEV#D-URkUT(aA#GD3~CiX)B$xK|bL#hpt8Z0Am$i9q`goCP;
zS1kvZ>rnhAkV21t%2XwpG~>Q`Rib#DNwdK(rq>@bc{98tHwp_<fy|mDZq(5RRaKzR
z#v$0lU~8InLK7r7=*1^*ln!-s%~SmWLcHRZtcV**=d9^**9g1S(O5=$-Jy$_g!s9|
z+N$|mu*nZ@G3+sv2+Uy!u0m|nt-k|&uBAM89ek>HYjf_^wNVDaS*?Kfjq5<n`=$1P
zf<zXK7t`Nl&N2qP@b2<?Y;{3a?h#6pYj;6y0_vD`&*6j^hl(IsBGfe;XE4)GEK88o
zIvVexP5orQ`HuLbsG=x=q}U;<>;IJLe~NTpk$ExWRJjxS#wu~)_oQD2aLIXo7(81+
zvk=|kC~K;Ac2<wk9A&K&v63?zeab!QtwZ2^d&x-I+qh#IKYC}t3d)H&Wf4bJ#m^ln
zq`N6*S#pi)%o%QZH>ORNH1cx4dEK)d<Bn`pXV>-Z@o|5l$p8LVc}#Uvgb<iUbB>kv
zn%D3`f)}po{!q>RxqAuSc&-Q26}F=Cq)F+4h5Tjii`|A-i7wl6V9Aoas%!Uq2$_oy
zHd_XsRW^I)mFukaW6Lm&J-kEo!*6g<KumN(w%$JuJwkF%SS4{rCiw^r&7JI%GK>ZS
z)9e8s&0d92f<87L{4F-DY(=(TR-!bS$5_<5&0xs<Mo&n^)UAf4)SRPo0MhF@kDh9q
zXWfh2jd+H*yFc0d`sP)H77MEA(`k(kT3TBA*gJkE{tEc^cli_s1isISN@Wr@F9vs4
zYi9tP?qC1l?;(2ez6s^<;!MqK=XR!uIc^XJi@Ne7;UB3VUfwfvAQ+t!KOgkDwMy<2
zA=<w`f%$#uVY#@xoGYKQ3jo;d)HMfXqcUO4s~bR%4<Bv(&ir_Ivv!En_tM;FM9Dtn
ziZ0yh+~%pXlQ^#A;6t6$-O+mac}Jn>E@4s(IvCxL@Vz3)uR4@T$b)lCRvgcOWN2}c
zhtD!%WfAm)h0T08c+hC`3r|A2WMTWj+5=X8jtZ;Ux5)VGCF)u0nPn!Z^cUG-z@~&g
z4?|bwWxmZv@ow`wd^}q!W!k5={JKfv_d7ROuI@tc#D2H@lha4DQ~3Y>0*L>Ub@1mq
z%fLgB<y5N)T|det!t0q4*Ts#sR;IiaCS|DP`T~fC?Q~#GnwwpVwYTqWyCxD>q@kBz
zNIJGu+vH?_5tvlTx!6I*!Lwi@eg?wbblXczgNuvUq0RWi{<D&qsz#s|O{O>T3Iw}W
zRGJMrhoqx;R5~tP=E-4~Lj7D5jOKbNr{Sh`fhynCROL(AkrCXM_a{5eUw#XV3-W7M
zkPu4Ty@>I~ULI0v7F@y@2)94WeaH;WWw4LzaaA~TSKum?ceGQ^@;u;wXDm7jW+m@j
zRaHsxA)vq00C{zppu~uYC_z+v7jVd2gdotP=|Z`FoGCvLy2d2jovmTJuP`W-&xUg;
znC)-*wQ&&4izcGEC2O<2U%Wh1q+ydQnUV4f=F6Q7EIe)x_4hC5+f(I#dUWaOjl1Gj
z4mGQt5ro#Oh;B!lV_!=;AiT?za%$Ooaefk<1*sFAJ%Gh<XYO58G!Z=i-_V5YZ+wa(
ziFpoRf1BG#CfDn%)Hs-qltTIlBmdp~d>O|$9^?J1`SVSNnNEI5&Kj$jcR1eynxiLr
zYVA}Y?W5zAQY%2-h7zl*t+cfw^DecCpY0h}OehJrRtf^?T#kW8=#dzxjw1dgd@dvU
zW~r9Vs21{;1%$nan`6o-EOJ9#E!c)0eEVa_FHRT*28Xcmn`yR+@#lk&sO}?<U2bH_
zZ!CgPi8Xk@F<qT~yL!CZ=46?IWl0C2m`WptZd>E}*l~0slLCu6{vwq|CUvH=&<%kd
z)2Q?mitS!g$pSmHlSPH;9U-PAE(bcaD~YzjJqlx{Fsy8jEf!6C2a5NkXJnV;TRxzl
z3*|?V=_CuwqB7StgtB8vjE-X!_vyE~8Mvv%Yy!WGy(J};`UBT2wmc_W{#vH?fV@K|
z)eiVl#Pc$C>)a;rWX?8tUQwQP*$g&QA?kb$grJxGUY+)-JM1Q3@N2hMH)o_??PiKs
zP38zF$5~O9-K+h*_w*JLEOMtjOK1Yy<?|i2Kd_I9De|ekZ_n%;{f4$%R)J^7A=P`p
zj|u1T5J{ldV&u&uP#)XZgMk`N3;j+9rWV=>=A!>u&0p&w+e*l4UWV1wXt>4;7|*lz
z#~k~lq<jE32foPD_4_9|gMVh^l0zr!L_fmtGY+rY1wkgCNU1c`FHqI(<2@5ZQAOmh
zfg;)mTO($()>2?6Wr<?pbVD98!e+XNRa&&88+bvg>Wt&B;k5T)3L-5EO9&h-KNCAt
zXMUdqL$Lhv@dLO|0125p<3XKP2_xM~#^<h5{!H#0YS!`kl(d{Zq280ROp?B1v@uDb
zs|T|Sb{(%o<z&81a(*g}zx=XJ3D#+UcmAxKGp&z#n;k|HD^9d4k7{ocQa`asJ6DSn
zT+v;emc%JL4gAE|)2o^bI~~5An0~Q92cIq;man%tLR>DCWIYnqNSzoq5Xc~0z>N?$
zgNYEKs;;K2@@!0C4jsk#Gv@qVslV<rLZDvncA7vFnXY4%GdUAP&+*81;7tcUHTzcJ
zpCOX>7E~}JioZR{B(^AP{<Eu7dB$W-UPMcbR#961A{38zQxx`W*4a^%6U7m%?e5W^
z$a~a3Sw$aH&NynA>8RRRcR!*`rxQ^Dl^t!So}g3Yn~6WLtL?a<?QOo>*ObxEWXJk(
z@+2EUG;bEF$KEd1$CsYoEyzq{6@B}=_ITYkrmL5@{&%=Zw~laEpH%gD&%=?UcjxM}
zi{)hYdp78}am$%M>s19)B4b%Qi+GE%gJ#d@!e4B3f1kJz^?jdfZ0jVcGGZOhQ$VzS
z;mOF1yIwKWl=X&zK}hB9{j*K9m8IrvUuaQ9CbCmEsXl?zk6x>eg9wzlOuoEzTLeOo
zz?e9jhqsz6r;`!^yfRd+Hetr32O!t4jJH~wR(g{*q}c0CTVSFz3-iLj&WhW=6m~b=
z)(ZBn)jDm~7Q1Y9z)qcIAa&^9pa}{5%06-w3ff`0%#-Z$eMf0o*duyUsdoR0FEvpH
z1Yp!PVN{YQBTP)3FLy=U+~Sa7{yg<iqnReMo1JDe&I_a}?SJ$YKFK(5Xa=0d2%Yg9
z6WI}FDvfh|JwD*|5;Ii%I6h_N^Jo3OISbJUTBiSFu#}bud`q7$GMTc7$*=q9mG$Fz
zbr)?yt<$Ss+xmxgiUOA@_!G_Gu+&c@vugb1*W=%`r6))fXR&lT|LD9?SNJ=L#vaKS
zi3G5TLh*mnq~%JG(aX-Ik)07Q1i+R`{^c<&PKj}m_76Om+h#Mvr<Jw$kMHg7tP2sv
zm+<ae9|gXbEJx~d?7TLm@qK$>!N&9LCoo(m#{iF`Q&cyG##I)fQ_z`3w1)j+#*z`@
z-7K0CCHV|FPBz2+c}Y)|Zvai7NW&e}qg+N`NtYAS<0Y*fy{hfj%=h$Q?(D7q<^q^O
zr6=3u^celICr}{2$FOH3K5Nxm&B~SLMlfT71Pi0=UliDx#J8aboZk3!qwy8yel)|*
z>pd>wXVVQfmH8jL1_&P431DwG;7<2XpuR(he<*mhggtU?p4(AayC>qfgMqPWLxDb3
zn!mUR)$%fMg>T=|?QG`2hCZWf^*_{R*N>FkarR$RNG?oBHf^Gu1ywu+%U}sjB17c)
zgb-SGbN{bn%)P9%`EG-ZsG<*4uKCai)M3Y{kSKJ{LWY$`DnyRA!77Ys{>udIv-G!!
z_yvx9#tRqw=GAO;>A%2K{mvc5nKm4@n4k()%?_NeGBE5fCD=!)L-3e6GNhok%k)d=
zMF2yyjnq94=(ILfq0@5ACRkFpzG5TS@Hl&JljX$ZNT;yC#i%y#c^#`Sb$9dwqN=E@
zsOwmZNt31XeC(Y28aQcDKpD$}{-EegedRt2qKNrrhxi#r{bOyCb^qYF66<ln*5}R9
zlICd6`dEtKu7>0;cDQnns!C#2xp0S0$`te%Zk@U<B>Kya23V*}K2&P4>Zl7l9y>C8
z;b|vHrqfZ~KqRPe2zxU*tXL-}{a-u=F<DGUx}o$G%<KY=vD=h9=~}s*sPF>289X}5
z7I_<Cb2yuSjctLSI_~K}N}4hArW&cT@#fa!2dmM2N=pR`9M2+<K;63&=a)<QJGN;S
z(r@&$;Ak9&(C6IrhH1`mRY+XKp!mZuOMJ=F@<D8}GJM<yS|dKZ0&Dyyj?1^7I?`{4
zfNHok4&xoBF7_LW=wSnn!drFz5mw0isw#4Lr44IB_kY%;fwZ}iT-0f|H*<6{s)RQw
z=%J+O&{K;ejzE6)o$hhi_}F}Ib$+Z#RA*D{e(++dVrNE#%+xYZi)LZV`Hz&L%O8|o
zNrs^L9R5jZC?8b>ehU?1{}m)qp+$+mfxrUC>|eEF@XwK#AZn3b6?=Mb?seQ(nDtOO
z^;MR@SRpF?H%A?h!<Uf<%iyGydHU9|L?+yTaI&W72l<R~bDO~dlANFb4mYn<SC5BU
zZ*|!<Z<k-C4j=!sv3!^c(%7Gd0tY1U+JF021wN!IgPcI%mDZ08G{bdDDskD5^ok^R
zFrLu;B1!A9SvSHSe+kA}*)4Y;(Y5-916RP1>sYF`+n4@O`y%IQGeH7j`mTrO_$4M>
z-9G&>1+`@vH~`9Ld0u&RA!pr|*bqq>LeTwUVEGh$=OmEVI6UMv-O#VL-6N<|c<nLW
z7efkNc9<5bge9my%@_{6zIkmhRim)|B8^Ar?kaN-mZf*j_tmJWDkS?c1$B`(uP~11
z5hq4Wk0qM~@Bz`$D~^$0@;g`JT)pLMFAjbOTypKIA3Lhz#jyVPpYqkzU<P=A!aNpU
z^G67_Z<Zsg-zNYp(XR=mH1Dm&#;9?DcI$I=t?5<Pr`|X6t?i9ClclcT?Yf+Od1y0<
z;_`4*m#xrm{O*YI-DPV~Sd=sMfc{cSg5N~x^PFBsyntsFwMtC}x}uU&s1;~(6eTHg
z^qu_sJOdTS?>4;e@vkzbUx~*M{YL5~m2l=GWu*O@HpEG>`(oWd1%6O}OyOROXxR+=
zyOFOs<74ac)__xw=ym>@GsF;6;@84~YgMwgLiPd%5|JxsZ2V;R9#?$N6Ng`ZmcIGm
zz8a|!6E2`I<9>P4+?6WCGic9!KIPa*YUMG7A)FK@F$`jGbl(P*ep&=+@`+?J@Z7?W
zOpGQ1WBJf8>d^$^1HOx}%YSpOsXB2Ybbd(>CKD4utcbR}CxuETy?mhi%c5<sOrxe6
z$XN9u5zt{igxs&Ina&_nf903=Ip{_1f-ER|R}x!pzv%)PTqrSiPd?2@s77GDWd(%F
zOX}ChtHib~UNpP3Q{;-PIR<_(_GPqmt$%6i;0^7d?8ZCEmnPSjq6C5P09C&5ltC2Z
zfqS3a!zY5$KkW>|0pZC^D1GUnG|@t*nepp~27&~qix|g00$8{Wdf2N)aaD!_+EI*>
z7e~1A3F%H`XTrF)--F8l0rIB1=y;UOtv}(PegMgXm5CioB<{A&0uWRZpRv(iS7`wT
zQmG4!f*sW9Bb_I>T${juDch>vC6Si*$LQE?nGGZ%Za`4ho{YCT;2StX$n{*CI^$Zw
zf6|>DC4M@eIcYAMME$zJo@&54K9=;Hb&p1q0M{}n`;m{TN<)+9beXYiunQA06)Q*~
zV1WEM&Jy?fKWPcjqcmZKDOgwgdnH+W&Li2=D0yyzXf&g?@Q%sv4-klW4bXK*XnQ0y
zMcuug(iT^A)7?C~RKpZ<GULHdA=(rGMBiP3g;jwj&fTn`;1l@*&{b|5WGS$E$<XL;
z_Ra`?d&5+E^YdFnb#-xvhg**=D$)QuL)mjE-%z{$i*E{<@2uxpyb{zG5Jj#9*3tZF
z#T<$#{$2`hPj!W%yRR`ug#1WbDX<jE3B#WF;7@fzmgDO%enD$f3MjT2g-kuM4^>O=
zrueRYyrEiU@zmheF;!AM5s&*F%(x_1tMyHlZOotWxk$>iFK1bk=IW)77zU6~y?8r4
zqae=m`s0r_`z_suB6kq1CnAW%*`-}IgmQ2kwz(WlTWj+%s<OyA!@5Y3m+3yJRDlkC
zr9@NtsH;#SY2D@HVv0Pl_NFN6)1*b^y%~t1_fv{8W9OS<9^t0aFyP#+qQ0TS^`wXW
ziF*05F+RKgGZaNCv38Z|$I`P~4S!(FG5;+p>YK^p7ffW-(wwPIvx5314Lnn?7RA8M
zO8l;vq$3s}Olx9)lFQ)_vM@JO4;ZYj)A$aLmomq9e!$*F#QIYy+^0@U>i*zfFkR;R
zq?yU%q{@b>@6al){w7pJeQebmgsW-b$V83qK9l~5T1b!J&j8Kf%cE>d7ojS1(ijsk
z4>T{<A^&--LZjM@Sw8s~P0*c9*WX@2m%Ys8h}U8-Ng)HHF9>z>1^)e72n85zYgjqZ
zoXWU^I1Vh3MrWN7I_9>KSG~@U+l*X&gZ=>AxI10xyD?veileon{o?5qG>GH1qEH}u
zY8K3*>p&I6?%Dc0G8~GsK49@3pQyg{v`}eZ>qnx=q*lBj5m8L@)V_(sS*X6A6nhrC
zx#LCJ=h?<Zb0<Tz7GF%oMLJlL_(wiq9yQMo!IbmAc0X$u>V}bC`~U}L2{NE%Q)VoP
zKgGq*<D~IVT>wvC-RH+J>&k+fHGWu3@B;YAE^_Wc?H5a+Un8vKc-Qf%A;A&pUb;hY
z#szR~zIm+p0U!K~D!b1=U6n!ACCn*$Ol}^pOz*~z&mSkXLUu8#{I-X3fqi02i<($k
zE$^CJL}X#w2_kZTSd&i92!#{pDRr4g0p&CSvy4v3cOTr3va_F#RsW#DZCmrku%7YJ
zTB3Kqp}-I8EKf~bGIhhRd<APig7f3Mjs^6_EKUCE`plbjur1Z)j;i4OkZQ%I=d1tG
z$SNchDBq&xzsz)#6{YW9WEC-C;^oWL!76W%v9T1};6Rwr2MoZnP~Kr6zD<?1e0}t|
z)0Q^<O0G*j)Jh{ur2KP;X<kXh+mOe;DdV`9yYu2q?M8k|Mfx28Lj}U{eV~zV!v@NQ
z(7+phPGUL&##G@+LqqS7T7?IeI-N|M;SF^}pX$sjdTx0tBKZzC*ESdlW+TkD3$>#d
zGBes6)^q}Y52xALhie&J$^Mwx(_g&e*I4S^%Qc*v4o!m3ObK5#6_FGcyER*c*GU$6
zg%s-QmzaC5!6%DK|F%q=mya+edB24Z%Z<d>Rvhph{h{E^Ct%zbb`VheI#>SMxt_qz
zsU!cxuD5%(EC~Hjwx0T%efVqpzuCUh>mej*`IudQ_^DGx!`l<$qxb0Cq%(M=`|kR)
zjnN7-#s4w7?WXBNvZb|?EME9stCftNiy!GVbk~3|f<&V+i!fj|<7Q0@7}PGJG6jh1
zA{Kc^*N6GOJz@2C?zo)wOFp1HqgKIdMs4$=b=LP<Q1M?ZtH56VIpFs}3kl>MIzlUU
ztvvd2(?Ef09#rmzxjy8#q@IG!?BVw>Vs<b8$S%jyawK^k-wPmqawJdk(jc6gqy64`
zQ2j9!ybs=xo`)lz19rutUI3JWE;B8`%YP2O-;;xE)qfoRwi>`WZ)2>&34>s!yY(h^
z(?Z;MGctmrh|&6kUn#-xT{>c-n?8<P0$4GVQ9swwyC9m9k?%RJH26+f`L+E1G5v^;
z?%TTO{T)uo*_Xbhg2v3q<=-RJy1xZrwapZ<73KhIX&53-bG*{RF!xdh=VCUL1T={a
zweAy=^<a@%dG(#&rcM7Ok*{qrO;sq^aP#-C_m{5bfJ?pY*HvP8BkC5+vlcuDqwd29
zcNwm_tT=mbl*y?%hOw1bV9|6=ijq(<bqADYlCTrH6U8qFbKBHJiL$2uvoa83HR~(V
zyjsVE4|7s|R@d-<{CICD0Ab>(lk7UBVH2Ik(|C7{c6XdKhV}BxfG4=gA)zJUmNI_K
zd9m85+#Av)g-kD!uZ?JnL~BK%W)+G~*tRsur?h{jcQCSROF4OL&kjYOC-4y$sORhK
zcxf(GaRy%y36DEH)Y+RuSPm(s3Wu?Fnf*9eLLUF#d~H;Oi(@vA=?}QU7_nFY>Zy7n
z+H5<i^A3HAxTV?<^WB7{%iU{$Q2{kJ*IkGZd&aejpf2r#a59l%$Mj9{fXE7VNSRt=
z`!b8Co%<qiFYnT6ygWpVsoKpZY?V-`zkm;>`eQ@#F-%B)_F|j~Xqwnaq~IEvrLDj3
zh&_pbf?YAEWP2aX(P^B^Mq*9Z^E2Xa@|b!vUBu)sv6dzv)=F3p5Jz@?LwH_HUn=Ev
zm~repPOUyk(Qea{PX~6e=EF=U^Yti0uLY3yMAfhH_CHT^mvf;~nV?sAnjr7R!$@#t
z_60QaZHb7|<!5d_0LnZbWI%0~nQwueH)xd~b<V=RmAho^qkoy7|5eZpqylVQx%%Cf
zc~b%&JxtYKWz!OA+7Wx3*dg5p>I6kAXF7z-Wh*#+L+%HN-?L0`MH*oxEI7Y?p#I*q
zAuD@~#|0FaLDtag<_ySJ*8D53FnV|m=)?J}z0U_Kzoj3&zT&e!R{w55QvG|s&T(#d
z&S+o0ee%ePnKZizxUxAnUp#4E{IFi*_P;K<6L7X&MvA73L3<0fNYTVk`T;N|U%0T|
z@>bivy6jXA!~PWPCi)@UFh*D6Tv<ZTRY}nLqn`~>-5~_Fnl2;b#3dyx&O;AFG}HK5
zCZFQR{=neollp$)QRP?y*CEh3-d9=GcS&Dl*AZu#RObW$uM!|=mG}}Ul68<Glb;Uh
zx`mPTQT9|>4Pt`zVH}uqT!<L>bp2C@kzWtC4MO2Fzs2W|2LA@eZOZA*O2Y$S-0IVM
zMeEoG&@~yzN2UKM@KEQvxu(^voMFAT5UDim7)`C=!tS;!Q(rS&X(1{HoibF5QB^C#
zNQgn%+-TNO(6(B@xjD$T{j0Sa0RbxTtU0}8jA{ax{mM=q^53L4GK@DXKA9$o#d<fP
z+neh$WL#w;;&{3_W%n$#DFV&mK?QvxS3wSB!L5n0u=hym7W)oZh-;wz>j)Cr8JIKt
zJU&_4JnkdC-yc?-{PfaO+tU>i*>e^`DL0Bt_r^|`%N_Y4ZUQEq=T`R|WRN<|;Qp>O
zvLx)VB(F~KtK`ZHAdki@Nd64#AkdA!?jc7lyLC~JVe3sWeVtj1uk)hH#k6P?1tn*X
z`imf{D&aNaoUer6CJ#6ODk4eUKKD8x(T>7qt~OT^+;7D>j~~Vg_*Q$e^>Wt!S~_JN
z;Q^IGhuYql#r7<=+P|d`4EmdLoQkz2NbC!?iHfSs75O)luzqn2yeF3az+{50Zjj&F
zPo9mW5jN0wg$2G)O^xFq&A$#N{At`=X*4*ongZjRFk|f@&&E&7wW><8`EIF3AW+ho
zcX`cm^p@uCkS@u$Yb}cGl^Jx4=ukgMx#4?G&-+cCSXX)=b2Z<xpyWbo_l(4cz4|Zy
z!o(^0ybvig(rcb9K_>pw$ZKo=*}amDd1x7h5$JI`9+f^TWyOYlG(jES)FnjVEX$lT
zbQg-Il%1|OEx7hfnQ)yxYOp=Jj}i436esBcmrYx%A%wX?z3~Pxk8kuh&OE{3bx^1O
zM?7U88%_t_eRb-+KX|9{Oy069@{O1wF$R8(k2O!;2Jn#^$?w)^E2<@>KJ0T<Wn*-p
zDVQABn@D&`@<z>r-WCj>7Lv3;ElJvZ^`H6k!h`?FNTLS=B*Qxnr;Rp!ERF*e#(ihf
zI$+8<vP;l!`z5GH9whTCcs!GGeav!o-feMyPw)R??>)ns+Pbz;N`O#=P=wHXQE34c
zq=eoCDHa3~sRAkrNL2z7iuA4m(os<nk)oi|J1BynQbZsWrHBxkRN)(I`#kTv&-rtH
zoqylHysjNGvsPB-nrqB4?lH!FSDkJ?B9Sl5X!8k*dsAdi-;cFAq^Pjreke>(rhUkA
zVXXdE-m8Fzc9Dkh&ht0M(fC1gds;us$jjAAePT4Bi8iR+KFkhORc$XRDgJVT9%jF&
zwS5ZlA&GTk3j6NXL9B=7iw|)j+Y&^C-XwV#s_Pw3nlcc$q1%D4dxKD_{X?Q0AIzp;
z7JFqimM_dDxrC6UV~8j6p;8hGS%XASd`$wzAQG4NQCSSyRUq6<)1!+w01+?tq!~?f
z*!~VZ%<UiX5pH3KONin))mxi(bX1z+bvr0Yp?f1=YoEKJftDFs1@f|vf_D8P-c)n>
z+s`Nme~s1Ktrj@9Kqf*$V#dtc9M=XhvE+}qz}NZ;5IFtzAsJPqH#KR`db+7Ul|;H5
z)PLM@r3hWT{XH|bp7uZ>lvW-HJ1IAH2J!BEU3|{RgiIrgc7j98d8u6wS{d#}eAH4w
z_>D!&?_Eq%Q~0?5kmX@SETx9_>Ft)ZgJ+KKCaOL1nrv&InRL2@G{1g2f`PsTfk^6S
zjjmpl^sn}rDJMuPGXfc|rGs-9qT&1x$FP;okKX5rz*XFKLLz&`EjXp5P0a19a7Vu|
z)il~hTAw!8mT7x;KH=rHk#oC(MP)|h2PsmGu3DcVN3zL2&(tV_A{@}2w07Vtd-wc2
z;g0$el=G<L_NheqAa){qX6_ZZ$VmTY>?g(p`iUoKv;K;szs0!NTxIDM9ZvjU>FJb0
z5*D4d|4+w2%p+DqU;^mpA3|Guw6#qDfhD4Zu1fPCHeXX}NSi7mx;HY%G@KfnLa7Tp
zY}v5V1FlL!w$_*D7~LLU`)(?2g?;gXq<D>xd)0jK9j@a>`U~Lq7AEsB%J>~{7Xt%*
zRVa)_-{+1q(FY)mHydIu?KXgwCEWO29Tfs@Wsn*|ETDz>z3B7hkMmy{?CraOpM97b
zo;SJvQ!MGXdMIxyB6zODOpg%o4qg?%r!NFIye0Kt<h!Bss>>pf<jYFnSJf8>`dv_8
zm1PsH3SD<x3OU28<sco)U`!qoZj?>fF6Acd_AH<?d^i=4CLp|B=VB#~lYgxZMr5e?
z7To}m=6zSkj!YolGa+EM7mpMVvPhnYEJg?XEmNhweiv!+x*w+5C)^F0=mNL0&CHSz
zjvFVj$J;U|&Y(5U`5oTa(F)UWACym?u`-+RL}|c9yG<l-e0=EyRis1{m6o(Fg(DOg
z^KU*<c@d;x?bDp%KtYittv+C1hB*+H*b?b2Wv&kCi|^;r8Z_lcPmZLAPgoz`=+FKE
ze0F!^>cls`u~-L}-gd9wUa0P)khq72G+_=el*C4GKku@BY4N!l_+2;aq0kMZu?56s
zOHPHZ8%&6Blo;=rPaYW@)6Qw>TrWe}p+8fq&D@{ugw<b;+0J4Oqz9&|nG<(`n#I=d
z^Q`v!?h3^X_aA}ri<m<O-+lc8Hch7j?=Qwfw>zE6d>=Y)QK_WIU&%<`IsNmwWb^~e
z=g^IF(lyeUXKcit<9&eR8##4-R!_vQZk;AFhrS*mH-?nlw{uq*Lxl_e+JYWO@zglA
z$nIN~nca~L`;G?e3uSm(DX0PlY#_cLjdB&><cg#3`ydkP$wuI0Fg!0bjRBGAH+q+w
zBeAOV(i9uy32K=v-N@{i{}ARLKKX(o<44dC@d@xpNI&%CE-0b6KK9UveFb{^IwB8O
zOO^TYGYuHJe9Y52=|NFQ$VlFl^wf5A4YB3rJX#~j6NumV!l1Zo2l=c2owvihW2Z%k
z5AQ50`1wP9+La_>?F8X!)6H>2FXfot32TYwh5nR}K%dpZ-ROVYwpeI-s^V+#fc9q`
zp2Ft7NAgS2WBSwQ@IN<At5mDSW|8(|PzLZIH4vBogeB9)($-zUoh4-%PIii!ZjJ6D
z4|M&snZXOdtic8F_M7vbZes`93U|WQ6iOjTn`?WqJt);k`GBK`*byMM*3DSy!$Vh6
z*bx?ZD5m5Lqbkv{chqFr-+^1x$2dhvPpc|!C}&%rqVLw>G}4Y9xhC?>>X%Lk$NrNi
z;?sf_tpqUTi*W-$z@?Ss=0wy^iPZoh^DB^tD6l%uF80f?PHW>0Gb8O45hBMO+pB&j
z2cJv)G<$55AepRtoo;?!*5LJ0%XPV%aUvK*-D>MR!e=6fnA!K2K54Zh;YMy1`m8AG
zfOue+>7f)eh4+{b(Eh0V^4KnfbdT;u^B?z1Pkv>8Kg5B;`UYR;;3M%&TWHS<d7ruB
zmmN>5)2J!P^)TP?#-LaHVaq^#yOrv602+V24@rbB$gKBOd5k&T*7X}TB3~Wj;5>k0
zq;$^39zlBcZu2v6svj-2bFpYBpm{1asZ+25je;=;Xsb#0NbL$a0RsH$mT;*rdO{GQ
zY$S10mvxliM-4&8oYXX3MqKif<+S^}^kbd9O@cVOJ)FNKbBVlf^zC9Jf$oNp2jb+l
zK&z$R&Df-fX)E4jG+yD%)*Uh(n~5&Z6*c+WD)-h!V@)dzr|x{#r7@6iG%)QnrSbKe
zcT)py_fXL`CgmyNPx)N&BNm#W&GkcXNTb6qFNs#~PYU$(f(N-Rbzc4F<{QLq{dV7@
z)<#e03IZq|IrUVDjhT2DLoi{Jrzm}Uy?pUAy_UIXhS<j}+@NLpsHAgA*?vD-{=TQ)
zp`^Y+InL0;A&Lao&v%BR4qGY-+&AamIaKmmTl&Ez6NFyDxGjgN?v;IE09P}uvl&NU
zxs5ihU}#ThNN(~M5ZL-*ff|e7?p^PY0joXTPxv`<kjfeX7>YBF*Rpca<3E7ZQmdAX
zGL#8EelE}Ls?awxm|SRXJ~!VQD$D=OA?g~q=|j{!H!ss=aqk&A`A+83OKf~&&j|Ju
z`nadFFguvgMVHcJiY6*DmrEYrzycY>QyroAJrgk|b&6q&ZGUD0rx2&u`%2x~HQ4!(
zM)rP_N27*3=wM}DyJ9}!B8)|ry{BvQmwjAWZYV*nBUybN-%=mt$UB5O?+&pFIk5;E
z6lnL#oV%$K<?SvOT7Prx@&T1c5<;&l{2!Kmy`o*5ylfR8cu=s=KC~WjoG(z<1H{`2
zyHPa<#viS|t__3@6PgC`)Uqn~NW)9eC;8oE_LVk3R$%3*7|S49-o|>^b47Z7wn@f~
zhsC_Rg@00H`TXYR-)>@p7o`<@oeRECQR6>pQDQkC5;kb*ob;4#{HM3O<yU3WY~ZJL
z7Eq)i1SymY5XHn)#@z{xOa^JdjG$?F>F&WZ4;wgcn7|gEeBf=M;Sq<x0<s5Mqi)%X
zUnf|&*3btX<DL98PtSl&mv$Qw8Ceu`7Xv{K@z{O5(rg<y;8!}a`}WeW&zF9*@72-#
z`1}KI%-b+oXzrWj5%jO&DlXM4oQ5r+KL5yU-!lJvu{Dzyur?I$omiXNcM!@K&;5r#
z`5FzuN-GXDa>mM8KNuW4Eh@=1e&?6nc4JH`72`d~ervd(@%TMub#g@BziStfRO^w-
z!3%x2Xr{RlrcE*)ZmDgSsAMCszGs{s&?)T<ec;+M7hB9oqo#}@(U?SNR64m={pCfD
zsh9omNIA{^%AKNJ(ltWzH5NIiO4ei0pFkxnaz9a_JsfEG`@BvHK_ue*zAq!2Ua1hF
z0$-qhc9=)IjNiS=zcVCBOPH6%)H!S>WVpmuRrq&SBs*252TIQbN;>Y{^5(O7>`WHk
zm{C8ngAfPp_2iEd;eOB}E{i&X+Od=fzqm|~-zOubCNkV*DMs1rVw0#Zau|~z6-h&3
zdq$X)bauy&zC%&$%hAsySDy!fGkHA9bT8J@zr7y8x8e_sB}~keN1HaKh6i+5ch-Im
z#Gaz4ydr)2qg&r>CAgXvkrC?WfOWX#VhD4ny}aMN)shY^Z)G4*Zp(~NFWI;}8{l-d
zm}wCaI!!BRBD~S@p!7!bn$|x=kn4MVbNo_`1Fi_qO&{`vu9A4}k#zjZ+TTJ4G?VTa
zZN{ay;a<12|62>N{RNP%U}x2Bt?QQxiF>j(4>0G@hpy2e{Job~krID0RiV1lfb4~u
zfRiXeB^rgrZ^j@-LS^aROS=WNTrtn66PWJ3toW$)taI<`A&+kiZV>`}U<arB?8ARr
zy?{8Tcc2!T%*CGM1bHKrnpm&VvgxW1+<#AQu(+~RrnI?!{ci0~w;l)P?RzMZWL-Xr
zqEYi<Z1GPQ3N+K%r!Y9vd0<tmEv4H~EUYKM6Q38w_y$_tZN;3&I1fhfE<$|s$o>jw
zlL)goP&#JwYIg>KCWw#Y!+~x-SYe8hwRIK7aQFP_-GX@agtjqK$+;fKIpnUz@ZI*^
z!Vy*}(T$NaCv6kOZXX@H_b|25;MoPJR7$D{(V^TA)qn#^5Ph*_9Dgfn5$e$%p+g<<
zR{EUhY&6GUQF7yB(Yz0&$+$3%_62!RAs>#sYyiRKh*{Wr$qUq2pm%}jaU2zXE7*7`
z`zO*>Eo1~Df4O2IOIZuj<*ih4CNDpHe2{NYsLjb+tIozRrgo1kDnq1z27e>z_Rxz5
z0rjcTI%QVoUL=y0SY8_}wGZE|hIr}#qt){r4c-a36fz;UF;0l}s@4iKqr{bqO&Pgu
z_L7E~f+26S?Q=gagtz@<7N4<$M^S0t&)3MkSjP?c`*0JPFgu3#n!l;{8O;kP$2mUF
z=*$at@5xa=85j{H8UGNH)lxbW+jkb_*&Gpv;0-M1);q!@jq8J;vV3Qus`uw1Dht>^
z1@{+x<|m15Ahg*MLK{<k9Mn{aEAPS2)ALABqq{W%IxQ&LhR81f*6Z#%{u2Hb8~u7l
zx4Oa;{|**YidQK{*x2K{Qqql3uabYn$R20=-9M};%<dtY<$+_QR14qClvXbnv&rI(
zCxuC#6v_%uQn6_1qN~&YjRZu2)0T_#^=QxpG$`kDIsN(CbD(uG;m#T}%Scybv%wJN
zRdJyEWixwdj8a<D)1vt$<%?UxQHMTTWmmqB9%USh6q}flK_ohPU`b}=5S2%B-H*1w
zt_a91LQvAPCMiU>prI9N#@+<|XMIWW)2h_#@~%x`&P=B6VyT{&b(W31i>#z0y^c?A
zDL*`>xRK<BUWE$Lhz+Dkh3Kxbd}@^Lipx~G@_h$RhwtfK&LT!d&}DrBy$jVUGA%#~
ztG*1<AuY!~9MktpyHpa<t0y*mv8~A$32j)g^vax!V%b*TfP@Hizn?yGO3U6B3ot8R
z7t4H?CMTys?avd;I)D6BARWHL)W|+UA+Ce?_?$=Y-wIuya*yUn5ka)ux?-)&{rTD%
z&=xz0xDpH;Ydksnkm~KZCa+p-DB4+>+FF>vsJ*W@2zaTds>ADqlT15`p8t$_ltcgY
zJ#f?WY{*U!ZpM8ypwX_rHliZjDlKNEtocK@a`kM!MC`~<h!PlYR3=A#Q7mMd4?fj=
z`yqR1&${TkGQe=N{k#W7hGZ+kDDi`*!g?Br)ECc&&`?WoTPfKbkh&INb;{;|Of265
zFH>09lJHe3Q4{e7-ikQ$BNuamC44>WVBfD}DU4w;TK%qmbJg%G&nLR7XF8|<AIfTQ
zkM^;l5NfLH>&}at0#D8JLk*=M*22!5OV~;7dU=Fk7*4WDMY$(DXXhI`i&=zOXK0KR
zo1`$%yw7{&vRJrMM#I&FRvIzx8%!Bqe$q4hn?os&U3n7aT-_BKNt^PzpLJ!rC+(a(
zr)~`wBZG4uicyMFwNls#dRjw610P#<Eu0Hsi51EE0m(TZK&v(QpUfRWFvnlW9`cu{
z6sFv)Um&d#kyXhTbJ~G@!q_kK+#{C{_h}xAHddvh8(A)ToBY~8RR>j}PzMwIeGJ8X
z6=So#ce*+5jN&2=s;raJ5}d2!dTD6c?zL2G<afuJ&iR-}&ge`v-mS;ID^<VL1Z92A
zNk6l$zdJx&D(z^9)4tMrQhocTI+EcD;zU>;(%_obzrUQ#o7949O7sbjTRJjuUbMs!
zX*y%V|1HJjSIKUqSLj0k{hc_NzQ}i^2PdZ0Au%<f(l{NQ)Kt3i;Tp{ns5TnY3TX3p
zz9gQb=+^oq$cMf7k&n%r360+;W&IFxVR3ZPEUJ8swA@Q-%r}cgFf3r8C$)?d&j7IB
zg8=)Ar}C+dxDa69SrqdHa=S(=nuotT=dCO+Kh(Ulw?Y?xtox$#)6RMJGAm}fE97H|
zOh*_Q(2H|lp6S&!6@;1uNCSVVje2Ud<ZC%G1w`@yco|;%#6sVE=kBNa2orV7_XxGd
z$?hPp6Y_dDTV&}M)H(Vcf0@{SKuV2{d&ybflGZDm5lfmX{n+#?GCKr>!a6to9t+tf
zCS6eS2ZNVe?ft?ZQhJEBsLR3g6Qq%*TH*AK&rW7cxIYkOw7kX29J}eOFpN3tEOPjQ
z58DUNd(F<d)*L%vtSH6Ll)d_Of;qPUWq}KgK}(6mSQn&xkP?Y<OfbY~vF>N>qFg+~
z(Gng)si((epO8*L*{Ex-+m+1s!>;Fd&TgjP+rYxdu7%sHHdo5*)7gu1ioCn4{eKmm
zaNy$ii_zK;$)ewMNW)HSFIlqp^f-R9PfHI)@0|AQH40Di!<hAi+O!;vJwN>F%JgHg
zVZV&QAkG=K0R&gr24T+N()c4+AO4aqzSutrmBq^um4UxrrP=YyX<VVOif!PbuB<MU
zwyXR0vw4ie#ace<v~J#Ov>}O$%i8uVN;l7n9$p{1V5`QCekes&%%3X?Lq}=OvL!Xh
z+3vorhSxDDF=$kM{HZ)L1Qq;y_3q_^RNVTSR2t1Hx?fl+S*5U)^gE$meHPXx@Mf&4
z*%>ZkpSTdw?(L4RKP!gF0blSKZTk2k3w&;V_RyEpNM$4{__l9UktmgjxjYry2F>Kd
z2j%JTCZ~T+ku23CV@;}hpUs~OB0^LL;7ZI`vrOL$z~_cOoh^Ebc1FID=_lrl0bIX5
zTpeSZk-<eAyeYk)cE%QUJPpn?yF4(Wr-?c#CPd5?QO>@n4xg)d{NnT}MD2xbgS%h2
zC;@(4BQh0nsR{2K;Z5srH;Ue(@5mAvMD?vAmcKtYxd8voT8g(;|D;KWvq(@4oq!)%
zy>0eNj)F31jDf-^GAaZ;WuPfQh-ZW!Ta0|&-I2oMT({vG9NcED;7utwH4iiV7HcCo
z_)ztUyRuAhu}vTQ%HT~HqlW(tnZnp`p!u5Fad>e+gkOkCBuRtv2Kk7Bt|qEH1x{z_
zmwC_@3kO8xKXQWKHq|(Q#Za<#_`zF4qhUq2PQnW#)>#Tx400ST9H*@dC)3S-S~z8<
zNo6OhgVGh!qhjbaf(d1ZTW1RgJbG{EFGmS4#3`(+Fhoz7Zx+}3qBA0xoA74-qT>;B
zDmy35e~x6^I1u{j5?t;7+#zvIxK${jpPV8XQ~3D!{MlE>QQGij8mqR&w8u$Tm|%V$
z8p7Xto+>Bce)+(1NRz!aQj3C_Por=i(MB~P(~|Y4$TC`U21X<6V!vq86XGfVwRoaK
z;I_b=^?iR)okjsK*g}eJqBNC}k5|}zImn7uhc`d^m+?puU*M3b6M?@u8fOo~N&dSU
z*V%+%SyCnWGP0s2Vc7HcvvcB9`I16J!7W)!YVp5Q_TLpF0c-OuEE?mq`h^Qr$P0?{
zYr<6HaEArEgU>wE6<UQib;epR=b`G_LjHMB4g!1i{&#6r3Lx=$<G_UnK4ynb75Xf`
zsE&o}7a&RpUA-$HKXU9DdS?6HnUP2DVl>-WLB3F$bA#L9)P6Sj#sBk<*e97(E3nh&
z`j`i1@PGfo5lIa_uVpPF;P(FSKOtY3{ihY5GT`R?@4qB3xJ1Pg<I}?bIx{7!VK%I$
zxp|+$f1Ni3?aT*r68DqsjN!k|3r`TtPp*n;_JMz$R|qNIq|%sttNZ`D=+DT*-fij{
z^M5b-|IYHi)*SKwE{y-3jsHI%Kj-HSa;FMS=AQTe#}XVnAtWa!_jve48`z-mOifG1
z9RN>mSNnff`R9s=FWEOhxk@9o!A#ZC)*Q@y7#L<(bJr&a|JspOFy{3e+&_^G?0?Mu
z-yw0>@$18hKmFiOaoE4=Tatg?{yX#tY<m6S*`K4xkQTfallm#}cZgdDOo!83?fr=J
zAOU8p6=j*W{~yEGVFG_<49OMU1#`Lu*YP;<QHj_;h9`*zOj$)<>S;Z&=ptYP<=F7q
z(tn4pB16yHPusyz6XLl@<M`$N4t+s}-fo}10Yg+67@`p47x`xhgE$o9v&OG<;Wyuc
z*F4;RukV;1T;JojHu3w3S;%&tI#Qw!a~Gw#0H^L5sXO~#Pv|UM+w^g>XW4%bf!}UN
ztp(?qhp%fMZN8lQk7aFefj^H3ft7ATcK3Pp;@_~5fh{-uyDv_0fW^(4yLQC#uf+u?
z0;Yjj$_`s_Aj`9$zb9Y*|M)QaQA0f`l(87Zy!-%X*<ZA$pD1t@DSw30#uD@C{Zk}_
zSz5M!=lV0d`dybuv-^iTK{yC%X1b(0F82AE)NDQcMJw);4@7Q5uLdq$VNqW-rys#p
zU#oy3ude`UxC5KygIbVCZ#}sQqRgY9=p;Jq5Xql%LF4Z377)74r#mH-fvl~<?3(vx
z2y~Eq8wI)yV1=weN&;1X7FWbPmw`Kd+meeDJQfU0w*|jN7S&#o4s#g@dC5DWf@`*%
zn_hRle_x?+@g2vLe~=V)fZg-iH$X6<99r2pqqNGy5H&hzgSOKL2YKsI8cncPZUoRY
zy@%Mw5o@j|LsRQ&vB<s%={?#ZXuFgp+MN&awS`&D62jahCK}X1VaIQ%wi-57{pI{P
z=VlTAjj3cmDDw%VTd4-(rp+GoPSsfOaIHar*ixkiQ0G;CI6AyhrZh&VP=`wC-9;#m
z9z3Bm;tUY)a;_Z^Eb^)al>UKJT0S=Ahk*3XEzbi{vv0ho&#ldUc@82DexEH2hM*Pl
zXT9;4Ff)Ecg(L9K+Q3ziL|ZxvG+rO$(eDr?YG5aM1<Eu--KvZ3kXbZqX}<pi->Ltn
z)S-DEIv$prK?RQ`H)!zkv*$4_u0SDtJ1^oppb=N=|NPGUkfGQ<yap(f4G{GQxjZ6l
zF8cu^;xK4wOt0$<+Ci1Ws2x;2t?a>U-Um_F3%iTDz9;&-1L_z1pJ&2d4VJwJ8Sx+M
zH=$6OL9FfRFvOKkfMXu18Qt6Lxplt7{A-oRq6h)h1Ajxv^tIo{<0>FqD`UOC0blyO
zyR%~E`eE?Wx7THR*Pz4<ueb_in1jG0@e8_VfBPBm8ZM!N3vek>EEgPI+F!SWpqjJ)
zi0|2!upW1<#nD<@x8-dBEWQGBRtwb{SI#gHtA5x{<yL-u?alXlw;MD-F0UAfN4g&a
z@q`~J(^$i|r!G6}$h&Y#TiK%rAWt>uJ7CK-o;s6Z+9G6Ox4c6awESm%Y#5Z(Cw=q8
zczSq`x|6+@V1hT6a&PUv={b*Dj0qqhqFn)tH?Cd&QuKX&d`JUiWp~Ex2ul$flAj}7
z-8abNyUYb2({|MC8z=;wkeu`gXlr+?SZ9EWcJBKMV+|ZL%(bA#dIL4f>iQ{j6~FnJ
z#dB?vL5<QsK`MCs55=K2)(F=SKg%cPjoTSZpr$q7;XAR$wdj$<JsR0%y1WkTd-G78
zwyM796sxw;dGl;N*FUa(KIaC);C!nCQwvfI_3LL8h&_?4#E1~>C*(%mjuowX(8Akk
zZfuWB9Mq!YcZLXh2@?ev$yZ>NBuzV@;`omB=>-YBoP&%gbg`cNs<r{~v|m`*meBIK
zs%uw)xn+ecg73p}eM@AK6}*rznU&Y_%&dS?{njo)_1DW!?x1NcTgf^JtJ&M@90wll
z8%`zi9qxWS_C#s3n|Aug5@>}ONrdOf;JouGd3nr%GGUeIxpQ|S?=9&B&0L9lMa`_-
z0C$gBX@l)96m4uk)2Rc8khx&sJdW!J2TJkR43x&`o~IEYgwF%YWGf|FHySXxPv^Wv
zNzL-{$*<=<;LGvMn9HCbka${BgJ_q8V|$?<CliNmk^B=Hpc}_l5N58MHwLR+c1zWF
z&iQ?soWEuCR;(*J?7k~4(ZmL^X<P&}VfTY~6j^UW^k!Jn16_i=`>|YC3Tkv6HV&H@
z-6p+A#5uL?Fj6}0Z$4^aH({v!{m!YHI?o^6J3ycJ9O=7lS9JG6eFFl`-EIb#>ugK;
zDN!5n{t%$2O3xJa_tC2BL+ikUWPgz!x^)NX6={9~xp4tC=r?>-blv247D<_88)DHk
z_((&xdR`$DAM}>jFHV(#3B7+C9;#wkg7~9A8fL|{rmU+x4LR4unnO5LK(~{Q4;!qP
zIZ!eG3Ti$iCuXliTz5drrZ6$LSZOT~**93x&l?N^@Z0khvVNE?Eh7mst7*W|18C=P
zS5nzjb9_~FsCn~>$-J8OK8v0|QiMAh3M^{FJ9ckr@S!X()_`$!CkJ8rg(h}?+1H^-
z`<sNN&>HwAf*as*Gka+<4G3Z9H^s<OS5D_xnaU_ny}ZJAblq6yfFP&Zt7w66I+2J_
zIyEwrBwO4+3m|=onp#(eMu)}WONDDscv?0P4JRf)J@t6YD`1IL3@y#1AHD_an~yuN
zm+QgajFPTGC_`Br6CKS`6y}jBhgwU(rKJ#B@qg}kid`5|!9ENCt!=tRZXQ3ep`9_l
zp?&+fmaa%C_bs^HV@q8Pp`i_W4{`4sH&<`T2cLa@?t8`Movr|*mPl>|7aI9E`)~)I
zJGxFsEnFpj8s|`t(l@5J&S<yz&3tU!x2QY086}$F8OH6Z?H=78IXOX3aLITr`G@mm
z_LlvOP&oCynib5Khyy?&T9p`>GxDo)SoZqC#d_L(JR93d^_S#mnQxsUkAC88Q>#yu
zLG0bGHmP}`w3*qvnVp(8tk8S9TXqY1!Xsuc@gIUXH6EpXh|D?{@FFL8>(cs5I`NDK
z118pcI$9>Uk=TLQrx$~{qR!zRqqu4;0}f^Aw^d+YJhUNAjx@zWs}$Fk%-;6c-djyw
zl4uOMR75CDJAf`<pi#TyGzve^l$T$7p0Nk(SP%7VdJ|#oEY#xldU<G_bh?S~BvCvm
z>gaJbmf(W75`pF!tkIkT;bP-YAB*v5M3-caVH<7UrGJH@z?wf%7i;RuXp&>14AewB
zpdDv2=NiKWhZ5HCt*Nt-JE-7tTvL}erj2&HLD2+@Z5x5Dg!j$<it|{$IGLK?;SCts
zCMJ|qig&0N*Nb{`iJ}X=Z*z!Fl87$19h#u6hS|{?9}1(4jbvXM4+s~}SI;ubd?M&;
zylTSrNRD+wO%kik(ROImxn`@g%^Qj+YzgegIc(XM#$N|eA%gB+X2(WX@_c@M{nDx~
zjWw>3OurcIXNYQ_AfdIx<tZdg(lKwCV{^Q&V|F{RE^#ZSV9Mjp?iLC<bW1bQh^_*o
zT4I;>_^(Ja^9lML-9Hfxt}da|99liw>3hvj3Tn&rs5FLb%>QeT_isd*;-#bqZ-VSQ
z;c|LtRkSBVxGK%!Zm)qLe{`cOk21Ms()x#vE}x{pFwoS0(V=xTE;e9UN_?UvM(e;i
z%enEH+RI>DDqsiwMU$kl)WW_X!`!62%=_>u!w%^j;bF!H&7CC&IR-%#K8s#7M#kiq
z=rw90|Ms>nmBt0zRP~qG+X0bbO;!wQ6L7>JF0@n|`^gn6k0vl^OTCq6C#DG`o1Ry3
zVtpWs*$5AZ7H~#}ru5Jy%$<L3R%n@)AqP$42dfA2lbTT$q{epk*mX`~bX5DZ_f|r8
zZeKBHsd?Io!i)R?4rww@Q~F2~TQ4`7(DEHv45oTck$iu+YM*6WigxK_;u6W+Vx_v{
z)+NEv+jvMootJ$$4Gqci1e&>oDxMxf`BGfNv{l@b8QAsP_qT;5I&?D$O(<bDR$akG
z*jsZWXE~8irgIl~I5M`;Ie6F50igc9zAb%XtBZ-G*B+KT*0jl@vGcLnS6(+1$7@EC
zoRg#9arQX!=K{Ff1L$x|65X)##B7_Qp1YDbrX`9Vg=%8;;)Y~hX1M=-tgS9XK82Q)
zX{l$zPu77Ry4V#A58?G@y0GU4)|*-IRi2RcU^lCWKtY1C)A6EMcUCM~RV^Z5dg+1}
z3u+fc%;we_t+Xg6&U_DO;z;=-*-IVL7>1Q3gf?kU!01<v`Ol(f@X;u|Hlu^S4gDV>
zUAhO-n4NHK47C|{zaveV)}C0=6$^po(=@@Dm4ry1=0t8T?I$y$$JK~ESO&Ep*i+LW
zn^nQAHiz|#y5^Y9S_eS>TIox-M7Ln7dLbt<4O6TJ^y@B{#kt;@W{{J);HRr5Fb9O?
zZCni#n-}-dC@MDoE?wG+<)&$)oEACC8j;ofm7(NBz`ni0Mb^~fV|hKPOAazjWfQBs
zx0R@JZ;F!H<A-#e#H{T^$V(!MvP;+5i<+BGGQD-4JeJd7))M)4S+<!ha+)FR4oz|6
z4+>?KfV8EOriyqS>Ibo&Pn@YV1n8KIvc#|o;ZDNytV6_xX*Cpnon*_we;pM#`lid%
zUbB=o#8+Gk%S9{QhN|$vdSV-}g3(*XRP|CGN3y}}Vf3l;xi$iXt&49{G<hcqeRt|H
zpiWeyG2^{WQNW0cJIiK4Ow07l7WzyhY>Z{DH|UtOWeQgj6jbvdSZ$h*Tf2N!kwSam
z7otw1*l;^=2|C=;+EaVvRaVjLCuE1h?tnV0)ku=wYOg87!1ROTPf&sc&MCIs`^EU^
zh3Jr}$@l6{<@7PCEHpV)r#HpeHUe0zrP>$tzX?*)PfA-EYwn3`k=;Zk&|X@aV$ZG=
zv3M6z<!%fAzzNYShVmEeTgosbi9TVKdnt#BnimNVafuU7idxhca`+}Mv5}$8q#yt^
z7EbrPG_}6r9^7@0YjJA1F`uNZie-_uZ}rTVQDbj(Jb@C=$4B9H@gg!8ZVBHH8}SP$
zv~q25=e>=(D&EiAh}LNnpcRaLm%1c;_&bzB`{&<@xNz>jwE!Ju&<4JQV^i~pZgU5>
z`U%)d>AGp|A3-5iYUwzWqdAjc%?P1a*oV8dZ!&2OI(##iSD2C1J(hm}82+8aM)7Be
zJ-*|H9n2L6Ys@x}sqnEm$)dfOMqf30Yt}2s9!neC65@*+oBT5E`n78w<8V(4eXeFV
zrNL}1zHkKzYL5%uq0%VMzWc;BfRTP0?fA(%nfO(jDnpZknAq5=y?0)=t5iO<GvQQ*
zB}Z89CG~<W1Psmu@bPW*y^m{TLxr`3^-ON+n#_Q*f+_>){Gyqo5c67~FdJQ2x;>=t
zJVGwCQO{j}hg(;f90FvZU$iI@0`a#9%9!a!e<2aWqAg;@*zg(uX`pwQ;-38(pF`jX
z?Xh<F5_<}1i+%0+wM%~=_(U6t3NBoWnuB~p(lv-ZXC<J~?Vm{8`7i={E(n}41#_|w
z!u3xS7HNM`*pC0rI7De)hM`lFg%y7h*YZ2?8}9jK70CcdY)=ItsylB-WxPA9fg=Y)
zU|5B^LsCrkFVqlK>Q&JPii+jx;(_lfJd`7@N(^zP2DJ_KWCo2rVB9vXcwQKTMor3U
zuuT~Vd4YH)zpJ|!H%EDNN`1(m(V@)j=NdzG$wA9Q?~?v}nzT*pDn4%}u7(QrXEORS
zNQ`_g6DA`cW?6n$ZunZtv#?)&2Wr|2)^k}BzW-_MujQz;zQ|~N-Kv!QO6+*B@Ata-
z-+IFVJ>_RL)|_p60<H?L>%8@+OKp&gX3YzP8*@j3XwE=rQ8n`4m?@(;Vo9oKrcqTT
z3){Z+dAhjogcd24c(1m4h?1JP2GQb{AifSuJHJ*eLKTfJ9n3gSDdxiP4qUnU?HbXS
zgNj+TQ$u^1xOeqKTv@dfL%dm2u2BNlaq_`9D<fxJD!IF4HuNY?Srk)`_F~IR9y%f=
zrmpiX^{0JDl5l3DeOFoO5yMc<KgKD^Wu*PdW^Auhq?YE6OW4Mp8-4WoZi~&luh|9a
zxczKDe1Q<a>X{VLt~kKg3vND>5au{B(G^(M3j3=(>?WPq4w0AUQ#Ym|y7Ec1B+=`U
zQk^4LjwN=z5F=}yHzK(<xP3@DI3-DbsuKNJo^Pp0z^jEdM|$pIs_Al26E#uraI#64
zbLd4rW0I>;J6GBLvPG;57wdOyB!>%|(dG8n4uRhWhnjV%a^1__AHDCk5!-$S<%X<R
zGB;KOeDyx2iY2L_=$9dinp7-;2pnd-|3YsoByg@rYf91JMPg3>c1|IH`h*huM!@){
zx}a%FZ_*_N@=Fo2(QHDg<fQo1&!Bf9NZ*@Gr;#QQ|9P0ljKqFlbAhU61sZ==mm(wa
z8nBy)$6imBI05T)F{W5W(UK%*UETts<MY-5om3{b?G-js^wPRY&^Oh_wW1}-o#*4G
zbBgO~Ceew)lU`o;0(>w24oTwude1JIu3kA%ZvX*mAU(pd(eh%#cY4xL*)&l=T?Drg
zb+E9E{)4bsXp8wyCX1AyMq&IWh47C}?6}cBM{@Lm_)%8@Giln87&NdsO9EAhSI;@-
ziDg#BJ8r~!zhCEg)o;F>R!Rq^vL(fwZiwaet~FwJAQw%e?u>Gz!B@l$U#-fHME66h
z%fJ=+6&*KIsOJ3>q^B0FK)f~LJ1_(!WWN>_n{K7ErmOf~F6)auI{-bN0fVghmv=I)
z`$=ya-ZUvTzLo>_)rY~@!&s?VX~=m=p0G8Bhn$@rd<M~wDAkMOBDgicT-Nj|A!znW
z#O4G|WFvqCOT-LN`hrXS8oxu<NsN%VbV7*yy|Jf7IO~S*aWV4BO1Z*ls9q&HGwAnF
zdprfxXZz&mj%39bxu0wwSP|>pdPPKE-d_KLcn{;p6kWT09#cETt+N|FN}(q-)p(vO
zZOB|Q*bvTF!0v0cuq?J>ttu&&5t6<N4DR}sHZJDdKxqcD?Cbs&Y8$P+qHiHjqbbXV
ze$~*v@&)SP5*HELV!8X`s}A5qv6}5bGCgQ%5-2Z4sd8CnpuKkoOTTlTARW{H<1{MR
zohjIyntrEXP48$n{~_{FV{8(iF0MiaGRDNC7lHNZ+Rpf|AAj^adjg#Ee^b)&k)~-b
zcy&7+RTz9DF%rl2<*stzXrr_&%N#`C9xQr*6#JXa+yq1Y#zg2dRc?YfUnGmz(gviw
z77ny3a?WQpzgz=Cs09a=`5&55%mSwwMC_<E(gYJff0ZTX@>HGIIE2{{)sG{SwfuS<
z0>7LxJ=V&<U&f|#wRKlZ_<ZC(s!;i~9Ta}L9wa*iXgN8w8CiGd&!6HGx3;x*PjHHm
zKb$3lKzH?z#mTV`lzdLWV}D*8;Ju#6eJtv@9t7X$?KWl8YGiK<?gQ3_NVyVtE*9VZ
zEcxK5^M*FIHRei@>RGyrl~vWsDE#)M0hhKcqAuxf@Mz0`RkMa}5nH)=u_}vE_H_di
za@vu59IbaXq}-W3_x`MJU$X~KdKVy|>58=QR#XJPJ9&=1Fm>ViS;muRo8sLDfc1e8
zL~p}canBx_o_}Nb{k}LX-7rtLXeAlBS}+BxT$(!v^Os>L<U^&wF8s{&FVdTVAmiR!
z+D8y%9NB$Zo6ns64>E2Je{z4t72Sii@D)ME_dSyR4>FEyTNU|frww2l3J{E&K^^h2
zkSwS#GF0;Zv;z!jBgnXzJiqMUp%G-LdhaxX98AIMRK-5lzn38_0x8ad?$f7Wvs;Et
z{tKe;-$PEp$GnTGzgU6LJk>E_G6Z^o+cOUm2`raViueHk$@z9%57l=fq;|Hmq7=x(
zdg?W=MF4qq;r7wD7ozBszOR8&ZWSOvx(Wj>Hr_)ldr<jW4h0{BsWi|wQCkUk^N-=U
znRRcYSEs1z9~%C|!zDceK)(KE$IrTaQ8M(j1zaxxm${oAL{cl@@jdF?k@WG^nSIAK
zDC3%tHpY&_+t5W25c*7}a!}-t(m~=Ofx!7PzYgI@tG(SnzoI2`$QoiiT`wU0tQk4O
z314u`034Y;5cMgKm3`Y$A)L~fJfGAnumi#^L(q_V4N<`cilfeo!8R9$4<2GbbMQ{l
z07~E90UF~1B8|W2V>!x?j{?S132?XQ$^^6~+S^=vbFq8hlk?ZeoszlkP?uN*+>YHi
zHIR*$?FW!XF;msQ#CLIYq;?BJ$(%oc_2{<^!;$i{8_@zipe;~Qy;wJl0AbH;sut>9
z9>Vop1k#6?E_2)iGR*syI<&WrXWR#N+&k|_?vz~>l(!EF+Wem8_u<Gufc}8{{tbkr
zB=IKz`_{lBve&BGyZz>&ih;mRipcYAWY6b>Js%O983d47jb`h$*W`SPv1}P&{%ULm
z%?3VOtFy9mn@J)aZ+&J{N?9)4oE7J~l4WqypDF4@=FvADd%&V+J19Ic_xb6h$ihb*
zmRG<6bJwzduI`a$h*vwd@ySE^ZnUvILHa_?;C&^J1;<RUW4?2z1^vM;ny3U9w6B2O
zdJat5NQ3(D#WY(sh8@_thd`!tyiK~z1@@fzyfEf+kea(g#XnLmkHX{)9VFi{fO(0p
zgs$pg1m~ROkbDPPN8izGwYiMVPo&z9lei*sy5ZUBphes>0tW)9Zv)ZW`Gyy^)&0Q8
z@+PC9y*UB%fb0(fhVfXOh{G*}C4B+c`d;5bg`a2#+Ch7pV8deq<~`ng=d>wzj&65+
zHpNT?$bG~$7X3aSqf-kQHCXNUOfMw#1s!v}-av`nGiaODZE5Azh?@pjNVnVR8*KXT
zfAr+$o+dekv+WV!1_cJ8_w2Jk{7=+hMcmlt{s*dD&n%>Y8yfMP5WKfX8TY_QZ5JMm
zbn>6`Cr8AIb|)YD3c|D6CxTHSA_P}<y4&D~>8FcCfos9OM5=Nh>eJBVXhAfaufoqw
z+*2cLc-mp~9rB06>DhP2T26ry$xyfQWZbQ_FM!JjwUHnVuu>|dYmIEM&4nqdC~`lG
zfZ8DXOFpR)md+n_KG()jntsqKQrZbU`9Oc)HsGM~*r|X?$<Y9PY4H`(sYGClQ(|k6
z*NU-Nf+aj{`q=rBafLN$veET-3ik<y$!nQcE0=PSUe55v>6AHH`hP9HkMsn!M<z6M
z0tB@O$gVGUj?u3dTBa|xunPt(!{pyw46EPU9kwhvKf5Pkc`T|7lw4Ov!ZbWd4IN$q
z52B`XfzWZpvw5EYL*o*b9$??J2D#@Jw#V1S+kyvd{o}i6)i<Y7@v>HXT739%`v5W^
zNI#v50kU1_b+))xv&8P9=B<v}1uD@WWow8ISQSs=EMPgma2w%;7J?Bmcl$!5ny$hx
zf>}G;4@8lPjjqLXRDz;hu7(Bc-mFRc=T6h_Xpi?bf+?{^OnR<oCLnJAq|(3<d}ZTN
z`=#~)x<C_PJITVFCQ}wsgM^n*Y$`cl2U4ZIlNt2hPb{C`kCnuq516HIZM@Pddl1VR
zuod0uI{y6l0!FArKqsl5b+Nb=!J`Saw3CS&{*E)zy|*^TBZK;*XsV*y%;p1Jgq0>U
zxDTLq^R&YF<Y}q&zr$v3k9`Ipn-{tVA)O<PbN~VFjH1a`k)tc^&PN#uGYZD<l&5dl
zXR|G8yCkI4<{B5dLa9s4%LSx1>l{j3l1v$mcCFT)$coOEl)X>R$o3x{8jJ|X2KfnV
zVOWn6-I_k#DK0gSvpVV5+sOOgcc_h7PTDb{Nn{wPB-+)VVY!K}M}}UlZF^!G@|^wo
z`h(^BH!`wyF&pjt{#m@)0rRY15wS$MniEHZLzlXkPhju0^g3aM$n<ieRn(Ih4|N)y
zQ1y-jpCfSZO*mr(aE9Cu4rUmTfY1B7XxuUwXddD799uWxbX_$Jl22F_3&XXRl>`Fg
ztVgRmM|;G-82)?7fxYVseYzc^sYZn+{H8S^bG*V-Br0(bUqD{iJOH-Y2-iYI*!s$2
zA;|MvOS_!;2m(^~#LlMS0#5Lw*gkK*LDIPc1|eVNsK$}<p<TQsqhbhroEAu>gsApJ
zVbjcq{TG9jW;rZ6yfXVI!E3JwfAU~pnK&Rv{T8s?{u@t1mKdqlx*h|kF!inC`MY}y
zvHYzo8l;~JZ*a8`>AW2pMDFy-e0PB)cFp1E`<>ra8t|O|0;~30hGi%?HK_f}_1Fe@
z9;Y*|7@3|)PwC#+Y5Jx#ROWm=82peF{(Jpnd*Eo-#k(e@%ifKxpxcIg*>uK}18Oha
zaXjw)JV7VQSyBmcSEUq%n-?L;IhFD9sRtwsMQoM|oAM9$2xltQbiS?uMwuI#_StsP
z!5V3&v&H|lUZ5CHYZvx}DllSd4pfIy?2`=v_QBZeTz4x(6H@5QdV(z&wtpyH>T9V;
zzUM6b=|BMnXI19dsy((f<eK{mdMbv1v`S<;g~=V3MbBB1_ea<Ue+~s3+mKQTi8oQv
zoi~5a&%R+qXw0;|rGBvwvfUF41@hi1sCsYOGs#i226sVKe;rAnaU%gt0Dq@IOowo$
z2>sIn^$kcRRe*^c!8jwjt!!3M4k7FCSajY<A>4Hzt62u5M<u<YWjE;wCtuomHqzYo
zPf<y>y>s(vc&z5j1_S5R)_YU<uC11vvrFcRzXy*h8isy(V8Fr)+97A2o)k|(F>3Sa
zOjLrGgUxB@^{DA(e{O;O2|^xKl+?6?z(Y2tXb7HDwbye*!w%W@%-+6o?qnM-bqG_3
z6z}c!JKBCfK(z3twsJ~Ca$J;k$s^;mx9i(*Pz6-jZkF-+gQ)FBJ^Pnw;3WQyGKjl@
z1(mhd+F2T$GKn%4=+!&%dpq7QjLif3OWyq8@nBq&+?Fd)e{0W|q|8K2^wQRnpKN>q
zmDb*^<QyQzb(wBu-@wwBiaV{{v$;0Am<)l<<3ZYAT^WkMz!f;`f<1urFU0<#XP4j@
zR*#)*>ayn#AQ7+erA*0Girv)UG6-6(E>znP*E_e4IIl9uv=hEX?&JNjov>17kWLp$
zEY3yWnf>&*`iX&*uqH;N^Brvbw&vft3fQwUa~mK5TrGJ_`|}<o(xJ&dZL_^vs6f&>
zdv&`@7$ZaGz7=;2rTQn!gd})#CSN~*b|Ss2BK$B);9{FpMsjD;4)|CB{mvz4L8XC(
z?kjNI%#*@c{D^gsp?NDLuDCMO`(Wht2E3<c5?b7i>@~@_{W>Ajs28|`{Yx>uyaCoY
zO<*5#1-hqQE|TtAKJ(}JpTe(~NMNX|%#GeS>Kv7Kzkl@V9Cs1!Nhd{Ie&|NLtXi6L
zF>`q%Z9T#c$}7DYG2>~XMojDtn<>Prt*_GcTr;{0nj(z}$`k0HK<Q&Nq9C(AJ`%(F
zZoV1uTY?hV#XWDs1U`O5Me{le6-+5Ki-AqPSOPYAvw6u2r@{|Y2_)J<k`}-LU>SUQ
z=tWJRYC`?e;RJA5E*TUaBrlD!FE`WzHG9%3UPVZi9z`YCvk6vuR^WO~+Z|`vjc9e1
z91egKXZh92p|)FX58eleo2sQ>6ge6QU`sz}w0D$!I}~+{WkwhTAHxmI<$2OOc@$kt
z#6HKBD!zm0(zb)v7eaZQ6x$b9Xxsrmw`x<G>cY1jwbz|Dl`KhSS<1ZvL8}&-(4n2n
zqxR`DO^?b&xMoNeDT?a4R*m=#&vQOyAfOI9C}7WG^~J3*9gs|T$!m+fK6D!Efh~%w
zfbOKxg}Uu)O6TZn9SPz$!Lq3S+p@q;#3g%v=G3>AM!E?3Fz9pC<s2$UC$eC^!<sDv
zU*T(QE=S=Mt2PJf)aq&g;I*X@usPt_xJ*p0R$Uu8{;bD$%uyty0qC}p&%C%WQajn}
zMe0Na1L=W!oP^YQCm=8S4M%KApYnOlKua-M3Dpm>?l}7un?Xo32KGpEMl8iv-Or`>
za=1tI4hzLKE`2+c)366V5qp2+l_hDMw^pE4S2q*4A_I*~8I_<@bSaOnqj~z%JQ-qo
zyH1xob$i>r(=>R+AndMm&NTjfW=8mg>^F9=#HBOPjWbba`}IX4UG7JzHn|9HaVE=P
zX6>Yj+T2eUGL*UQG{_z3dyBxImsru+4eig`PkTb{#yeqMX7Fwph9BS8B7KU=3{RC6
zinRm%z`g2|kB(Qa_1hS1Nt_`Hj=X{Hy8OtWn9D>%3wjnx6uv2E!@EVPNg>Kc^88~6
zq>}ZX1t{W{L$QQ7BgY=rCL&#KE_XfD5c&1E1`FE~8(eGJZ{B35C)5-Nv_6PWn#qAB
zks)k+I(OzuLzpi*yo1&9^v9I0FtbeDSNf45$5<J{)%S=C;!(HhQkU}^QXuAb+VO~d
zI@bntY#nq{JgKq(8D&2QvwGe7z>{yS4rH%F-@7$XSp*d;=1>!RyeZ%7g4bA7jtVwP
z?hk@Z@_4M~3<^JfG{7QSUEdi|)LnSm62{}68oeGh=){oE`d{bj7xhH&5(isiYzN6{
zf3=NiFhEzlOz6TwoKRFoFtiSc#PX+(TG2Vv5NEIil)9o(+<wO-)_f?zInrVVDVJ}h
z&f|XIhPVpf&Pt+f5%c=d$axo9?T#{iLJF!P@Ubrq;(5N0AAptZLOb~McIz{=pSC|_
zfBMbSSv8}2ndglEEH#~E`x5CIJ?J|ZTdG4^;nQa%K<-u`_vYMF!Zx6+bU$gLUP!jY
zW2AKDeIJ)nq&Ioz*g5>7Y*WeC30HC8(B;+HY$Z8$H1O&~$sY<20z(;lh6E))!vf5@
zb`5Hoj1>=ykEwuL93+Ew$~?mKkIUooZ<hzWY|V0PqOHLoe|VxQ<1U5{%~Df{zKS|3
za{D71ze7VWya8o0wjsDLajzXM#F`>lu(%427PL0n<4``P#Yj|FUK#M_?b2qmgWKe^
zexcqVMtvc_Op_)z&~6=P+{eule(N7Uo7wvF2`O3!@i<Ax+9k50Wz;Ll;EeR^4DIqR
z=o?x>Wo}2%IO8)Ux}HuXz^nc)B()?!SG__G>`y42xu<+HTyjF)I!N9g<BPsD_wFWT
zPU?(p5qXAvPKR*A938>v@+tj|kWZ9rgliR~(z_!*9?iMLB%vKgisH&uQ50qKxN^?r
zL%?Xj(ToqGI}!W=>9+aIYH3|}Pz5)4cQ!2{rhB2ZRv>_-*&%$?qTBB-|Im|zmd00y
zKuhx=DI?nbP!|PGf0I`yxm4yq&ZFtSXY#+!<KNr?9&!g=i=tnkYBJ9au#wm{GgqWi
z5NfHpVMzL?{28Rh;v)<(#+yjO`^b<Y47o3;f3bxjA!JC~sQvFyIMOuW_V(mH*g~TK
z3$oLJf_<d&{xMQ+c-sG2nMhJ9g29vze{n;qH#?95{x`$xm*1eL7~r%|auQB3aj2u&
z{**|CT?9*AcLcDHXAjdTqWuPQ?x?>uE@-)yYW*>=&E<{E%#GF{zRs%9+Kt%l3yo_-
z9`&Z#D#<NAPrs$94|e7l|2eR#VdIeF+i$)1mhTP4V4pX5*sDQbjjK!dAD~}*B4;yS
z&M#%N>|!IFNKrFX=L21U%k!kt?iae#>O!Bc0y`GLW)h?aHdcm#?@vP}d(j?#Ij=?0
z3ov31ki#)1Z3lnfyl5mdZy%#x_qrtW$%Wo^F>bcbhu2S#9*3!JH>KX?5`8Mh*g1)b
zh-w5NiF2zT`nHRwbECRHs=9p?8e2z@?|sY0K4)flACIHvOiEC{cO)Gy0Bk^Dxe<5Q
z{gCrdiD-KOe$=h8w>q9CnUL&m&OXYC$ilafuMU)CuY-2T8X#d;F;D6ctm!z!Z+n1a
ztc4%m;lBfNzk!@KY$Hk7C|xb2q*9VB%>5p!jJTFC$tTzrxrfA{7|{bV)TNRoO@S?u
zx977E!1u-HmT2~?uuVcaq?Dcaha;5$eD|2gPVckO5*}jg4657P4eWW+X|VI;LBjHw
zULd(sHfA7UYsJCXvf~@KGxZ3FCVX4r65B=^{?(f$qlt!S-2!f`xnZfU>XY{XLHvqN
zfVkhuQ{)nc{;uJ?&JB?EorjocxkZ;FML2osPG5l@<BLNBL*Q0cZG%7HRp_j#{v+M#
zn|E4qQU^UgOQ+wQO(2;jRr|+Sz@NJ_Iq1L=BRi3Mp?Gci{b!?plSIoqCyrkitVt@n
zaI;MpG%7?g+!Iw7l(~FBw%ec9x%?_<i=DmeUL|%-^eKCeK}rz~{Zn$OVh$}6);>zK
zO?k-e4JWtV^oPu8rxbhym!jS(yZ9*98uCej_1s+0TfOYWZ7g>CxTWA$?5-Wi@bM;y
zt!n3SwuFS!Wf}UkTA|ynlusX;F^i*47iPwpO8wbd^QLC;kUxI|@6wY~JA{E9h`RAZ
zMJQMHLmMc2GV|Iec+2ngS^1R))hVdBj8*e!^_x6wm%h%Ik%42r(cZ?{CLKMDWmlW_
z{2pX{>ywAr4aPRSQwbnWyV8<@bX<kp%OtMb_Yx4~2y)bb9AThH?pKButE%(k^RGSg
zT_<*+oY9?3YLtD+O6gqq-D#^sG;t6Cg9S0+Oc|cMka2lB%c>k@6&z_E2s$A<qCIQ8
zhuuhy9OJD9Q7f3FD8=y4;Koge(3$lkm5EgJjS;UUZCoHQ5v3CBjl-%yovAvzTY1yw
zOM0iUL@8~4xwAk^Q#(SC3VXXuDemM-($d)xVYsvnnB^Q*b`u>}b5!CixWMy!{y@-m
zGZ0E~uPZrr5Z=AQs6`nn1S&i-9nX0g%~XQa5XRmObw;<D=gBxP>u!i#z%}?mQYHM)
z-T54>T2yo&ndC$eKFK=oc|w9r-OS;&14WIm9XP_{8mRGc!fo<Hsc$Yo-XTa@(GR!|
z?3E_um8lmR(<8)b4_Ie+PQ^6dbC3JTg3Z9%m5EyfJ)!n>>O$OT$GqgA$~<uu=P++J
zb-Uhyhq?5>0?3VYO4Z<t)e?%i`k^|cYeg>zYp~i5IH2W67miuwIF%grg@IRB21IP1
zJv7Tf%H{Hr;wx9L!o@|XD7>Xa+aujW$4oKWO!P`@aQ$%`*Ah@@kCso>sa(=sBsEo9
zP}P^V_|$;OsYLuH$=my19HH6?p=S2<z(gEyR9lEL#|uS4MUy{j5PXkcf|we=zeRKM
zg8sqnJuUA~ZDg2JmGt<s&VV4v+SoYmxphThtej)a8%f+#q7oxDYCNo6flOleH&Ne6
z+W(LM97PM_I)j3Mh_fcDPSZLZ2!CQu?h-wT@g+!Kq6=kZ;T3#46Dl7FPRKmmwZlz^
z<$2sB9U~KEv{}o{8uJ{E+5-@{yTWR~H%?2duc`GOw8Te3Ld@P=|GslL-9giyPpo|T
zIQxHV0p?yfuS?4i6Q_5ev~|@hd>}o=grq1Cwrl<B^4%VuB}H5(#15;<OCe?u%)5iv
zj~`~|dtXb{<I#|Vi%ISrd~AQ1bl_r_1h4243h$(15rplDb8unB=5F5bOpTAXBIeF)
zGE98R$hgv9oWWX90l4Q?zgTc(sqU_$dl+t8812sy9zBMwK~IKaJH^jbg?@`%x}E<{
zSrtmS|L{ljz6%V;eJJL1P>!1>*>ZOc%ConsjssrkPt84fd!2W{aFtosuoj8~|69GE
zbQJ-gmQJoDw^x{0Q3+EABw@6pZnRL3OA^Tq*oIV&fT;8mN$JSY^@K#}3+sb47orRj
zTB#$_oxbKKTA7m{E(f+8{PYn7bk0oq6JBE0ALj<Y1?LM*_7ln4^!I6OKsTMocmhpr
z)DDlshuWo&BEL7#3Qmom@d65Qad|=<$C%}~1&-Fd-jq40>!x)1bH~rv#-=~yZ>Pv}
zp9+NtbY?h#ZIX)gwH8kY36V;n!<Xb}eiL1>i9XV~Gv4fLT<zj-T`!>tgN>+WF%@RD
zjE2R*vImI+d7kl59nRxm6VUab`3&}bSBiWBrgBxWKniBEBpHgS{<#bJ=c4DDYjJrQ
zZ}QYvj|r<pus$uL(&$~;A9W*K-YLe($+(D0P)>z*{=HoNygv1SOJRxFJHVm|zhk`Q
zFMocL^7`V}g~siOb?jtXQy^8?-P{{2!h?w8*zqS_TwFH^*S$z@AbOgue@D<UE7<UG
z4x`NtXiH@Kv;-UBkUj!rCZdH!0ls|2XzOR+Fd3yRA#wkJy_#{rx)Y-yrbU{TipFex
zZNSb0@$j1xjf*2$ds_`+KT<V?II3?%ErCc6LXL5s#NMZ4MJeF9U=|b>N-V$r{rFz8
zInUSqHp;Y<6ytH|#;~?H?UxO4_(&G{Um~9+>O&j7o9HE9bJYV;QnIad`f*8jiGDPF
z32{)uIhrNFz3~(sBZK08unWI$i8_<QT;<5-iWLouI58-aotFG(+P`Y=9Gl>E;BI+7
z8UL_842f<WVxx3-6!FpO257nqH-cR_BRp{%Q(Wx=Xo6Zn_`GhKZm84{7LwyQ3idCO
zTf4>ohrPFsiYjd1Mx_Tt7)n4o1VL#9>5vcuOa$o=R6syNkS+mf5d>)rknZkAN>mzQ
z=!T&izI*HYuJ8Muv)1|Ztn<fN%f$kRVfM`4`+4sBy01{h#2AmD|FtzNM=nCjf+<c3
zPHGz)g{iz)?|mZ|s^*pgNUhKG5`}a)AxZzFGZWo5=LAFOI0heBlNDMH_q9k&ilcX>
zXmdFqaAPqd)$=0F+6Ilve%pDX1TDDTZ}HtkgK>KwLNQoK?4yRE3h|otvs}emQ>k>T
z#PH}FMF!-lII^y5c?3L4d}ad8JzBvYYd5)N_L08(zVPZ@boZ@80h>Lar)Xv>$LfHb
zna7SIdrzs%)Jdhs33>u8V#I5;L$RiJ4N|<;Jnytb+^lOyPFV%2ZZS}B=Gb4TUKl!-
z+jn3#-A9h~qbHTAl&2$?65_-*Px3WikhddD*i$r;ysM2a@fS4uOd)dEQ8n+acocaH
z^NUcb!bg&ogn~9tZ^cf=173|{lTKnJ)`3+4CJKup93A-vC<-nrluNyqKbzSlb}pfP
zFFs!4d3NU5LC)rLu5#`oZue+*+nP}#xG13^dDm~U-MFx8pu#!g0{7W}qj&v(KlN01
zq)@({D<@S<ZbaagKN~2dVA#i7Q$K_kWNbQ*vai43FZyO(+a!<;&x(|-KGV?;fAyVR
zNX(phPb%GXhr-X2Ad1}<k>7zC%=4xEtGK2!n(B?tk$IiBSj^u=Pa8>7O?q9C+hmx;
z@eG~xwrMbOGgTWn<*CKt2xHbyW_D))kkMg70GXC?oEE&>PfyiHH3hij?&VIN;qHon
z8{&&&hE?e}Vd!m@XpT2)ylZvxVQl5Zp4Yc+<Zl@>qSw8XjJHoEUz2ZS6HdF9d-?`i
zfT@C9W~**M4*xvw?|5^{39s2$=X)&%k60!q1ANW6sqxRTbQsJ=0(xWq%b~bD@DBkI
zp4S~tI*L!XG|`Jh?*f(;E$am9+S|uaLTBeF{BEiK)^A&B3&Qb=(PF~K4g7L?Qk8${
zCaVLBOOQYi``L3wD2f+NnXozwa*?Xk-$-N08+8QL=_WVf1)*u`5W^!pHUSjp*(@W$
zdvHSHVxI<K50LS96PL)f#$=Ash+ZN*!n=N9U$Zl5J)8w48}>G@r0~5a47ekR&*vL+
zIzha$CX;x6q^!WUZFSEmD#)fY=(^P8GH8M9IH<4TSP3P(bSO1)@Rcx_6M<Xk0^JxS
zs%*W!FR)No;hji)bTQit=etPY-8yHV<5?%;zDvU-Avnz!+>I|#7Aq~e3a+3Ul7lN7
z=8WSwq-ZNSgtqBf>Ry=Cc@3MuE-!e`U+q6?YYR@`|0D)8B}@Ek#oi-Y>v!Xs;AaRL
zT=@Q{agOAF9>Rqm?|EcvgIx9f1^Aw_DJ%9LFYLW2@|!C-fArzTEQMZ$R?JWrzDK&T
zPtc8-J$RKS49jE_qJO4KT6hQF!@n3%uFKjUC|?0}^>sw>zG?mYA@U>`C-^{f7iIT8
z9fY)D!tl`ho_WQ85<Ck;W)@ua6**$+|1BIxv|yQt`gTh<jS!BWlMTiSZ2#12VgF+m
zPq`~Txcs~jX)mV`ne@oAbCC}IOJ8`!?9IZVf6`qHbdFcha3ud1F`5O4`StM>;EnxH
z^_s_jWX)=b;P~5$1|m6!Xa7faj*^7e$=%5v;{MAG`0uRZ|Kq=mOuLb*8oY9z((2mX
zP2RWKoa@<!#E1bHeUsSh$&<-!bciei2wehJLRJpD;DM6~jvmEe)`(!df9!tUCMeSh
z4~5m3UBA>vAQ#v^728AR%iz7hJ1$8(w#-Y$_;mW@KwtZ)Q_R%;#PZ=e(ZVe}qM`ka
z9RBLqh41WP*N`4Qt)TY-MeAK?;O{c&|8FH67N|0%N8srFwB~UAW&m)Vw|F{d*#rc-
zzr$E0iB}4Mo^9|{zKNmrk0JxfIE<aDn?0et9U%76!%T*^h#bSw|KH_pW9$E?ybZ~Y
zVR79I4_t%DgMs2fQwG^>K;nv3SX_Uf{DIDqcJhDd+X6Qw>=y<g<vde0g6mkaaT6F)
zS-?kt!K}FCLfWS#pl|%Ku%OYv+;0Ib+kl??kv%fauRL>_mfw!UYkeY6U<e{#EP>Wg
z478qM@Xj=rT*|%XxkzP&A!iWnNO--#bFu|+g&}<0MOno|>DOJ9K~E0_>&qyZX_Y|X
zVkK(U#c0(JlW9wcb=ZoDgtB-Trbd?F_MI?BZs^{2{)3}CtSg--Rxm^^2E(2`7?WJ-
zC8~fzqIk^hU=SK0D;NQ9I7?$|@idAp20wqev@;Q?VK{f^VufR#<@1q&zCSj8mPSDq
zLnbstq`5DtxHLzBX7DxsRq=WRm*q^|m~}I~#&$t>W`|kgU~_`BC6kEslkb|5Ob)rh
zDojr_KD~)_pQ0EpJXk5-&TF}3l^Wk6YLWZ)=s>%yE#iooAymA%?`T%mbo#s2G#***
z?Sm!bX^3h$97=S1{$#eRsOVSf@K@>W-1SgtQyS%vLg6tN<Jga)MMXQK=1vu>E0&jb
zhRih#u?81`&=B<~BPy$AigMU`-1oSGw_@da?Dn7jb%#H_-_@fH7|10%`lJtYr!Di8
z>i2i;C)b2-Y9@Zh*n6NFfhp7<1|Skj((}&gLj-<rx}5R~_)R<2w?H}6gd{;;c`-5o
z;VYKVtG{FmwXOuMna&+xLqzq##7lB6$vYFmB)2!ZWwn7vwhV6b*bPBk<q*dC6d9~y
zf0lMX5JtWfI$^oh6P5^xwzL43E_(522xv1i<4TB-j)8W>D$#X254`)^LqU1QnW656
z=MGSv!_c$TL6|@3T5vSOjb{c!7y(KapMC6j!!kl5f~xe2(d9a_PxEj_cN`G*j9Ujs
zsMG{|te58+sMC(xy%W>2m7LP(Wq<osH)~2_Jn)u6Bv-7x1@7_`JPm(1XeB#5kREAS
zI>(;zqoyWOtL&$SfX>tDuWCg%{!|RVVV1UlD^X*uawD@N(ftJ%cH{Z)T>DplrWHy?
z3c81e%o6f~Er%aRmfLs2XyuGIq1NchQR2g;;eJt_mjPJ};y=HKGMUpHZ02oosC>-Q
zHK)lgYwnZTO|o1X>g8pz3)70^<=?-kV;`C2x~`frP*IY_a=BHM>81a}7lS`V?UtW2
z>~9yng?S-i{l|X21C_@9Ec4jy;clR4SWE*0>U$`|Y)!+dw4X_yk$Y<@+U`v>ri=aB
zzT*u?rCZnDaAvBr%RDjbR?|#O*-Y)~yp3RmgR9RWVvExA2Z@W%ED%o2!G!-C+om`4
zix3XgR5eD8FI-QBqbemUa;mZCz924E3Ro%)a9aw|ZjFR`iS5In<*j4!UX6)Yc`oxI
zRQTonuc4uI>(0n7|6YBtB1u~>-%2um5y8%e;g(&kuYnBmWB0a&h_P!}AmI*p5;4!!
zCuoK7VZR^eQ2Ua{2{HPo&NeXU3O<N-H8|_@64*<nJ$73s6FrkaVYlb|j@Py8i6cTp
zO<D!K4K1)dqtYv`&nhY3aqA4CFP_JE|2fc|$;h#oq)^dRYFu^Q8C-DMxRmokH^UBY
z)s?lDlj*va13iZ>#tfHMw&LTTH!VScTQSfz{QRP}h;#8+&4TD~DMjA)T1%%!cA>C&
zpQawHZKi8R8Ts8Z{FVLsPG3$R-u7cMWdLb&aNtAP<EN4EohUOf7)WW9gV)U`It6w*
zMBF+)Y86=AKib!TweM1n>Fr@b>m*Byp8ECTF`1v+yd4Qs(`Dmccket&jlX0SDs9oZ
zn8S^nCpzMQh5PT1f0vaZW+-9@x>;vEb=c95JwxwsM;!p0(m~xBO7ufm2>TmeUT{p;
z3X*`yu_SO?g2xC_&Qhqio=H9jmfNYF3DU#Yu1rKC=LZ+z*R5-LpFW{Iw+0C+{W8b9
z#<aVLoL5Q;@vaJAID}z6^9-fWJluJe4hBDd=w&NuqW>cq6LH<Q6T4$TuPu1XpeqQ+
zH|&#fh<Njhie=Fgkc!N{T3h(Igkz@s8N}A%4Jg(6`|7Hf-6(ZG+=*HLq%ypqE?ZQI
zjQ)Py0CJ7t<qWsoI*UNQ%!%m_+IuI5W*bVyAkyB?$j%qOsG%A8$D!a1<oPawkr|8C
z>xMVQ+wRSbUguUNn2+;WT&I{1^WiQmw&B3C2ijBYGK5O~6un~g0&c&8haj;{aX0?J
zuQ5}xnkkk1)HAQ>8I?v#mg@q~@IZEar1SiF@}s(^thb&T`;iq#DRn)}IEO21<;OG<
zmi%Dwl|FfAoulf5L`4_g1Y5QGea=O7kQW(2)n|SSN-Cdtxu*m&DH{m84Uv@t{$z&K
zuGNkAZ(Sv*kN0|Y0%W|9Mhw+kD#wYnOZx6dTgYZw-r@iZB!m!mWPa-wj7X(-{{l#C
z#{qsSoP>FUZTR+v1TtG`x)sGGp$fY{0N~d7D+tqL35s((ujTsgjEm7E$iW;Tg{Yp$
zliaM{->4n#F>~YQpa9g;z!*2>Ze3m;$hbvGubE1E)oZ51Q2!)4y*9^sqm!AvU}pM*
z<*#JFa_;IS=heYxD)mB=e*KeBBKH-Y_KZi}Rnv~0pI-G0S}%MnhS{r>M)i6f(eVE9
zktK-Ei3!}MMJ+QSvZwgXoxDW%;_p7ahgM<<Ky-J|D4plhK9~qB{-zd>@~gBgvB$$F
zmv;XSk;c<4p(P|xzAQEe<(>IcQBhlx|HN|ZaPMRt!<`OS`qG8>xiW1M4{B&V5ig^2
zlu$Msa>JF*0wcWCSf!*!hx@qlE)8eI24HvBy~@t-tyJvehKV=z<UTE-Wx(Jw!TMC+
zX_}^n+2+XSt@S7jl1)%|6`Z$6ovmVl4VJh8w~KN!c^=kc)_;edtxI8K?w+P+sE5k#
z#Fu8t?#Fm5p0y{?0$0h<UCbmls1s~~!eE&o8+INRZz3Ti8+12E>-r(mCD*1he_L1O
z#A;E=&rw)D5#nQ$pnKw}5|6!LgdzU)xWF{na-_89fcvg);QAfF1lrx!d>@XwyANNt
za88ub82^4zT7!vA=S4H=PKwoBUuV^LWOU@-!D^>5wq)pgUoi8LI_dFyp5mD=AEX+&
zfO#(rPWJjk=O(702wHc<gi3tRx&KYKqLkSsh)nF1np96;qHA&BZvMvX@MDD^$H&8G
ze1ofA55573y>A(fK;@4<nf)|NDG(6vK8X_886=e2p~<dTIbon7UbsKw$1<_bQ}Oif
z$UZvZGdr#?;?t#RB!Ot@hEY&H76?WV6z>4l!+C|`v;XCK8Eor))Oa15wSz$D*5RR9
zqU(&!g3ls;GCxYI-g;MBAp!edE{(%F2V~j@P(nzJGIg)NxSLFevTEdIF9Ihv<_2{`
z+Os}92bjsdR6P{Ju;UunoM2o)7#q7UL{Xznfwaz&JUT2nGLk<ro~H6EU@URA%(QZ!
zvz*7ClhfZhzm}TAKi;pnsla?jL6!zl+l>q35t3s61eeMZQZ{SlMtK}7fjLM_Q}-o*
z84y$+4S==5mi+C97+YB%aj%l4cjr%*QbZgwTS^c3C6*i-_$6+~?yr6yvklGSQe%<-
zQ~0fA<b(5$?nOw2E*>AT<#3*WTWcxo{@O%fXJ6);<57O1%Y@`|CX@6K?}&r8j%T;q
z!F0mw@3gH^y5+xL&1ktV7ZvBZI=5&XdlDTU3b#icQ3blgZFT(7{CKc;)}2klXa0Sx
zXs7XEzw~a>^uvr9$?e9B?&b)!x7|bz#0wG6^%p8f;Cv)jxaLF!%4MU$*P}bKEAR!k
zp2gWH!o2yiRyj+4S6qJVtC60*TZwx6k$2B1vXbEtyPQD~3dA*}`zN!hxmq6`=E$@;
z2}b(WS!R%dTTrN!?m&lX<j+5IE%x^tEcA2a`ibdEaO1@yPnw{pdm-*aoOd?qNqZDC
zJJphCL{sOz-hzLIY<gr5b#Z0=B(!hScrqf#_lYUT6zQMkvJpR&-h@XLO02Jt0i~LL
z#+QF>u<~2KlMN}JzYa2J4Y<n<m$iyOe1UY&`p8XB_xGm%9~?MQgfxc(OmiU3!Q91!
z?}`3)IETt>hle+S4iJp50gX!O$t_{d?NT%ST_7SU?w3LnkZ^echGAPL#w<?T_TW&m
zY6+v6gaMxNTtDf9nG8;@Q?rm|c(lm6OQ_|p+DJpaU3LQXqviTk+o%d+UlCM`0Gz8%
z>PGpXMfs-w(gah5tv{VG>>-p3o7W&BwkPi9eU#0}CdZ7wt`+993{=*g6Y{Qha;iNV
zub+_J((O<MZD9B6ossjS2Yv_d0=@aH+EVKVYJi_CJ*Zb%oO|U(Sn8+JMW(NdH!*(S
z#Cp%d89PMz+{18;z8WwjqK#Y<q`HWOox@%|`T->1X~U4L#rPh27uu&yiz3c%5>sK<
zmO%KjC5v*A>EOI~Pc`@yaX#9NbBct7Pz!WFQU?NU<*oHMQv@jet~~uwt3*csvchiO
z2x)dWp8(Y@A8NI9^?QqNG9^#j+&ugAT|A#=ZY@7pLa5)P<+T4K-|*(lhDEQxOFmu8
z*=8o~ws(yD<$}l82Z{|F2q95nb_t~M7aU~PMrDKcfHgJ*+UsXP0=Fl^TV*Ew<535N
zxc<^syDtM=3km`m!I1ufufT&{%iQo>8ZOC!9%4ZsxJfdDPsdy~Ztv_Od72cS>ZXso
zW-H;H{Q&~^742%5vPP402@#<G_;5aB1;(H=^`zHGdVr|-YLDp?fsE|rygN8eECI*=
zLE`6R_55+lya|W4cjpoDzz{@vF}J03bfX-LL(Xg4FAo)onLn2DJZYp-FAb9c{#O=w
zyqte`fq(RXXwv&upCgt>il{ITE)mMzXUu8vg)qGxARrS)L=0ECiZD|V7aD%lC+WZ9
ztkG%^Pd231BQ!MsT3Hx6>JF4V`_;S+{PIO`vEWn$c700lm?JJrHlpGAK_ZpsGmAEj
zOss7&4^***wv=*LX)z>ITvB%RN`a)mQ^NAz#%#sxF?gS>Yn1{k46C2850UJR)^vEB
z!7w=t)A!b@ncxi=mF-~0)Xg$cYfsgwTZIBR`5`qMZ0f?CkdGOfq*=Wkpmj6+8V9#k
z|3(bQ!rlPY#|Aqw7RTe;QUVhm=s2)W=x?yWUV!XCL3V6FXs{ZmJ@A6dagy!{;=<&|
zY%)Am{|zbqM7{Kd9%h%uelTg7!d(H?#pdL1ZUW=PPL*ly7sQDiw-yJCLyHhWL&Gaa
zJuUMMpp_2){&ru?{G}Ui;#C(Qu|Pi$XZ6Sedh=p9Eu&R?O%Exn+);NYUF$!dGDXLH
zlk?9fBp^g6(op#*r}qKu;0#VYff?z^5c%VlR`Dnpa5TY!A0&t1qS8}U=YkIS#v);t
zCXm1UD>d{8?!%Qq{TjEbmi7FwEZ~Dscy_l?3kchcgKtTM)b6v_4=9OUUU+iTBx}^T
z9d+Wn<+c_BgR&2FOk%j2*5B+Yo-IU^*4%<a7OKC*L?1`o(r`g`wQ?g!=*?BrcwqNj
zVdrZHvE8B!Sig|Z8`|)-EJ6L{0E4@;4B?8aEPYW}W+Sde2r6BBy(Y3M?1cR_d>#a*
z)88_XtB4s|YnQWWFsJBx)nT~Ll*2ME?zn>cPqO6~l4snaj4z|-eD;q`5Wd?!p=CO*
ztfmQrHWdJeTerFNc{E1cKrK+s8mnssI<fH+E(fMhp$bb9B9cJ1c&y;r?PaM@<@Lu=
za5tdAEZNoOJ*yNqtUxwh>>FTYvb#*N+rb6bNsSl?Te}}TqK2vVC0wwSNou~>Qv9KD
zGNLT(*$W@}TwAhV`^b3AZ=TV0vxhmQfuEmRu^Ks~O!%TX^D{C9Dqvc5>4a@q30fd^
z_yv4QA<m`V3Ueb+6%=dj-pC|k3GZBDV&nJmybJY|SPlQG53q`4m;JSVC(a!;Wa1SB
z0dZibM(b1usW-mcP=!K_#jntRM<s~p!RwBD8XXI+QuTCAR3_z;JAYCRc9|tP+s_4C
z@e-vYvG+zmL@*gaYwmGp+5)v-?W07K2eh;|pLm%?3!bYlL@!R=NW1stZA+JkWXn(x
zSc77ERRpbydNq#6@^BMh;p82F3CU<?SLU)oj_XUl&lR~<W+^-51;I;PO%k|4XB0va
zPZoVFODAi&-qMAps2W~h4pwrvamRU}+juT<zziVKRX6F}f8b+IfI#1U&T@t`{hkoM
z|CyBS{LlID{W<vY-nASC_|5ld_?{9sYZzJy_-BIrX2%>+FCeZ-yRdK4vS{mS{o5Py
zpye<#NKLx|+v782uhobvk4B#4FZUJMsW+ML9l<907A!(*((vu8|2?FE0JP~V_nshr
zr>tSWa8E!sk_&j9<Jk_F({@5=0b{py`w3A%u2IZ8rVqD1nA9x+7Dv)5GD*En3DfuT
zU`FwLMcziyFP!Uadx($Fl-6}vom(i&N?yD>!bdc4h>6z{lz7`C)Fz3e(1#Y}8zPmW
z>?_Vb36Lcmj)BAR-XraSt`A3tuoSPfu3n!|su*Mz-9HjBZYBkuOk!Pt^kEs%u<Jd{
z7PxLWzmtu0hY!G<^KX*{U^Nbb480Y_7KkG9+@nSAVhU2-mt>CC2n7dU56V_>;vYjt
zkOcr_f^H#f{SHkukLU)kt6qRgmVnKADX--<*TV79fiv!f<J=Ff#gRZys0FzTX#=LI
zcID@nz|}JKVWXRcwcMvy;9_4`R@syV5Rk(21nA)O-6GBt5rvBoVps&o*LN<pxC@>v
zW*%@th9f@h!)c|CLe#nwd4PDWEDr+*))HWkaK)>f+UzlB68NRQ`*&)R9|OR#L@zA9
zgIMu)6odJAe%0Z6`(Fz%SRPNG$NtwbEN}=`qQUbYbc`UUIeDiSC>utcwc|qoyS~Kp
zni8cJUKK9z5DS?cDz;oqkfb!Pf{YYIiL<kE8<3h(BCV^C+{_{S!AIPG%%+?0zg&PF
zn8h|z&0yB1cIq;fHsz3Zbs6qMfu#Z1i%~SB?3MoS5sEnQdd<KXy95z*nBAQVe5B{p
zgwT=_RmEXfI~o9ktU<v3mIwXTUcSShgB^5p%<!o$FyfWp+%d(w{-SXW@G*M|9~?Z}
z?{LZtp~iT77*u->7HD8eb}h<j{AO|(NUpW~>3LqoL&yev#rEm^#R@cD7V!+lJ60o-
ztctmmz+-#1W|3821F4Ns*oT8<Cru`p!A7m7-;o9T3RC9}#3mQzCBP|m%n@lp!j~No
z1Z<dqmdB}kP3I7<BvEUOoFo9_fqh|@WVLZ++a>Sx0{j0uLgq@m6@Ke3$H+?MhMF_b
zO_s}M6AEHP%!UxTm;z2udkYyktHM<c%+Au_ucpf<-706-f@Xusr(y51gsbFrGQJyN
z*3y$)?1|+;3}XE3trQtnRa;TFqXp}l_;#keJCF8ceO`d;TGefou9O=c6Jwx34lqR2
zs}PQ-%yP$j**CYL3d;gEu^T@j{;2DaCpQ|Wr_9z2hNQ8l-vR;qG2*LF7WIH!u7kBp
zNX<(jo}!oTmi3oW6N+QlS>we=zXLaY*aHVor}ftdIstz>Q~cKFH^vO54Cq*W5EURh
zOJ2lvj4in-b+kN2@Av6R4hHG^Z`-P(@nQhtkOwxP&wpBk<!vG+)hVGM3#-H4;Y5B2
z_3|;P9!P_ZT@*uSVVl}_<ci~yQ1sgtK7E!CYlDkb^H#khm}KZHRJYNz(N(YxCt!Ho
zk7cDBP3EfumVRYJ8_!Enpo#;MsgEO&%tw9&rjm4vo%EO581I;}k)b0{E|nFH1<fQb
zUrP|h=+6EmO~Ygm>MQzOSYmCWh*?O>Dv>X}2h;%jp(9jmYOcFaZ7oUeFFNKxm?plM
z;svOqUX6SCx8NNCy`?l75iU3n64Ru({+H99x(C$or`i^IN>ihBl#T~L4zmQ!rym0;
zNR~_BqS6B9Se3NnZnWx!05p>Vr9V+fHSGxT`J`YJy74yp>yL7K^TZ}OlwmF#c3zTX
zS*fxiY=6?e<v=~T+Ylz*lV^ObFl#<M{nvJhT%#m&JUXm+x*6ZBL<<=&!7%1k-A#Xz
zHx_Pri!meY&C(*?KHV4}xlEA;|Kx7R8CSulKayG<XS9G&<<yUk9RpUpyVzP+L$X{e
z*-6XB7VyU_B0TE5uhKXYO+63)-%S<52gvpki*>Y;ap)mfrD3U-8xW2R&JCp5J(OiO
z`uc0F*j6u>^>RWj`LS#%3!9whT=V@~OG{uzrW?kpLlNy#84#~jNmNg%ewqE0faK`Y
zN*DQPRXgpgWS?+Ck3XwMh?<+_YDS0B5v)qHZ-dETJ^-v`VNW!YKZB)<;f#k2F$r_?
z+GGo;Hmq~6qpdgydP2>pu94;(K|yYY7!T$M$o)3_!MYUlOdPTzg9#emBegs@@`XLX
zOtzWiT|V?uNHj+A-s0ZSb92OM$w`0;vDLA;blMExMwCWsH|SBb7((G++rjNtcAJbb
zlZ~l08?j~VK7!ftl8E6|8a>yoUVkFl*WrBKGTqwz0_Bml-Ct9c?SZ6s-4|hl>#c}d
z4h=kfq&uA;sCYS<7Ny#FibX~yyD^UvFQi3E12f4sb9G`RprnOE0|X+oh>wt$`Xy=i
zs7qQCDN)vVmEn#nptjp*6wtYYKJeFTJb+bm_SgI&%l#F{G~!-jd^gx8kI$dN25p3M
zcS$`yH7?#bcj1|*`USFaWydo-bg~_stT$jpon?KV(Nh71V|dz8jJUm4uGahJ0Ip@y
z7<$6z7%L`nmU=&y&RA-f?g`z!M$7wxq;s!U+Nz>0>*yY|x!`uBQRFM@8%-JJvSWp2
z=wt^UM0c{^5)`~avAc9h3H8`*lD<JCrgoM|$&oB2KHsQ`Br%VZFi|jWK-Z2FTNJ1!
zDlL+p0oB5DggX_pZF-j{naSrHdfzjtfurjL2&{E0Lf7yq)9ZfQXV!AZ5!m>vkP1lD
ze{3qd`GJ2+kY1|RajJ~DSrK}*iJ!9^?U^_VjNUjo95$<{TMmTtJ)ivCqqXn@U$Jxx
zvwIk$u3<if)_xiF*OBrl<O#1;ImHnbvpvfgL~^`}Xt`jB_uW^RO{6ioz?*2)M(Uu0
zlUhaI8oj9Io-0Tv-({pZBroq_u*7-~jiEF47YkxB)kF!^qrE9+e-hE53Qu=)C*1Hs
zuO0ex??*K?qUamh0^bSI%~@rKQq*2*D}44#2iW9t?ik{SZMSfPoE2s?86{qCK25~A
z*yTIkq~tk>s_)*7on>n9rRNRW8(4FJ#&JLUDwtc1izA*&xz`j<3E4S)b#lk={vfp*
zyORcn3s>s@`i0&?7$4-Cjh6y%28g#b__Z(!i2I&glbamm=8DtRM314Aj+Hk-I9&fq
zvo27b@uJO={J>3%mT^OsN-kcPr&=fw<O-9YX7ic*Xr8@BE@ebz>`5-8=T?6oTRr)V
zJ98Sb*LwCU<Qn6Bb+-@KG52ZfZK7#vFBl5(>$yrz$S14m#17&#%IKs_?*5XN8$9n%
zP$0;fNl3w*sU(Lfc#6ge5j4xfm1Me$7V9{LDdV1cOHlNi#)e2%D)|yK*T^Xj|3TvH
z+sQ{uqYeDxs0;fvlObMrYrEJ{Y^0|g)D&)gGvUH<kgwOAw(3h0<njv3?#Q$`d@MvJ
zbT2w`QrBlqwGL}4B_bLS+T!HleX1d9hcX03(tOGMo?xp}PHuF9Zjm*<U_;AQ<t349
zo^{Mgg#hrVm%rV0g*uevCP?aQa?y4!^OSNPtatp|1#TFc`u=%^>#6_Vd|n62X)M4;
z<W^(pPoUU6L57jnFWBSGe=p?m)L+p3M&d800sq<k_Qk#P@b}&#JPQ=o?)hsd7*qW|
zWg}wE|3(KuNt};({%>!`KmU)r0mAH{PMW8N*U1DsgT%jX>woKS>PYy_yTl7F@X#%U
zT`@2HdH)~j<1_NmW19sdI3oJ%tlaoA!$SG};;P{TDesQH7#EC~8jSg*-{AaH4kexR
zH*)9Af?v18n65rJ^U(Nh@Tr5Uh#CxFt?N=WgO9K0x16nlns>*d^DvfA-}rQ3vuZhQ
z1-V;sv1G&opJ$?KRdPAhz0^c-q!UT$<}Z{zs<u_ro0yN6n!1lSIOAY)`a$sq{yR!m
z7X0DFcLKO|H_7}!(vQ&4S6xHvw5wj*cX!L>i@&Q-#c(r`Jd=dUk>v$@Hh5#C=Ya%s
z0#i^YLd{AelbXg!+T}X48hc^McZy$O2$3LP1je+g75=v}9mfC>LBv`cCRY$7EK$Yu
z_PZ`jr1?N@a$p!=$%yd$72EMsQsJC&UgEx-#+x|AZPyhZg4gZNN<`yZMQKhNj&Bsc
zK_ykrJH=o$;N*@h*9plVaLp+r!@ooip2{b)l~Q$^V`%&h9E(HE<5d9cf}v1kkD-qV
z{e~A15j}plO$wJ2ZY>V_bKNZNW*N0LyAy%Z^0cd|1NDwv-u8kCs!1velF(hta-IJ_
zTUiiy1|lj$Ekg=N6URe91UT3v97Ed}1Jk${jl+0l?)GCWxh6ShEs-|RbF}bT#A#K<
zCr}Ppg4&B;gCfbqd>QP7O}89)dbtFP1q;0tX0#Ny?y4|N$A}U?Wc3z^c}gMbXwjx{
zYg^l=8`0G%pChCf!QDhC`lfW`bcCp6ummn`<v!#NubpKMqS$}$d{-bSv@L@B10~y^
z;w1cNobRTdWBE^Rim4?yuZSN&H4X*xi(|by$6)4elcFb5R9#%2`agQ^Vkbcl(se@x
z+6@zKD5(xXv{ff<0#uN|KslNBz%(3zV#JXAXTt_!TM#ZIbGNQQqvVAyZ5%cJdE6SX
z4?W%h6p?0aU<^D;i$PXOo5(xEMvMp^Th0;rYA%@PRP_Z5;>%2Mq3%EZQ(mMCYD<0}
zQHuc#ZVdpSZoGzPe4gcI<2IbhksNg=8Fe*11=K*P`i@eBdg3+;ZNt%P)Cp8;>FvVN
za>b`znvaTyUzj6KM1vedA||cqS0sW7HfYjwmoEq>#4Lkh*onvcT6Nj`x_1HpEkHq4
zBLJ?)v_1LJA{St%$w#z&QoD{lUTAb9;$E;kYVsYK^8=@3%N;&}aZ$s1{F5C(VhtdF
z$06^Wwm*gGU-JT6bw*`E_J=Gp?$_CL3>3lX2Gv6kLfpXD_{U(vG9vhib$`ubqPNAo
zo3tIkC{sYVix9t&Ib$DJm?OJ>ovPgE+SqtebL60%YaoBmGjv?Z-Efy+8f34VVa&es
zCVi)Qi$w?du}(XJdh}z|qp~0n-8SQ>S?jR)G|Dm05&>wBS^7ofjGaY_V5w5bUjb9&
zP&200HE4?{D0TrP4R)NsQ<pjY=fcwOJcR!G>dTEtcA;&+#j2gLL}ZL~;$)!$3igP&
z5++}c(L_Rfbi_X4a}9^x1}%>DcZ@9Y3Gn>GxEfCzUPT=uLgxlZUeVY*ZS(@nLmcpM
zyn_bmDia%5I2wtM##igSi4L3`Wnd8bh;|o-g?TU;Zee!8%AYVTUP2wPnFKl`X4az6
zvUj{b_b~P|e!ebdlJzRI!yL*yxGZM)Y)|)s%}CX&RNj#VDzLzq=&6YW;&9%MoIa`-
zztZk<ke|#A6=nQY;ANf9<QU+JAb+0geVW-sK?O|~KoTfCcr*=+dN{-BWpkX0exU-)
zhDIBSPBZjkm#~{02E=%Gg|zdGd|S#3?&L!&$=|9~BBx14;Mq+|%+A=Oo`?xBoALcY
zUkV!O5i^aeJ8<8;s)ns@@3T5up>cyF0qiZu&<<O`GH~`M-+}2IxH5R$2>>;R)?{<A
zYt*T_Zc>jMrc|vCp54w~SdnAX;vBG748J0mHyIOiy$_{|Np-(<1CyHgE&Bohsai<c
zR2PUbE+H|}35YkNI6p3elKR?AOn^iUjkJegjdvL8W#7@@U#OVO4J2dH%dTiTtL?bt
zkXvwCsBj6_7Fa7~;Wp5*a#dKU9Uddne60w$=$tgqursa!&-knwCBq4b<99Eq)}FCx
zAU&1f{E{{|$pNIY{Oc6geI$RBTpE%Fpt?$+RMb`7pWO9UV(ucv=`1i`6!NN5o<o$0
zOE6vDmU#$^CY=#tANh#%TF4e14etZ&>{$+(VUjo8fwfwzo+`4@N+xgKu5}EIK((F)
zmtpm<M`+<_%jJ%#{Tmpwm#b+nV5^%)9MclX1k07%C~Cb!>y%3G-z5>@@fl~u{^c&R
z0&CJG_`fqIaHcntKS1wh>ersuf6wlzPyJfr5&lag9B5^;=rJ#D84_Ug$XUjF2zEL7
z_~dkdIWlA?_f*rMQetfZh--HD)SV54O$Y{_@YCbaj4JjpXM_}&)7@+ISJ?IprbOa@
zj-FSdrto2djGHsPa_=8T1{p3ndH>Je3Sm^ZiAQ~^rqrC}?4G2~>9oa{9v8Om6n6`F
z(j3?o^h+M(7VPY6Xj?uUX!qN96#n_{)?1%PzC4Jh)R!TB-!gT>kS`~yi1f{jW~Pvx
z<>uEh#Nymm{PR7!#3d&6pT$XGSFW}SGP-u&V(13M-iup&a*th{Ui?C<S$Oa?wADLP
zuY=fLUcp+ulxRHb;L9$bNU8g!=EMKFd4bc!9C`kycR@UN-#pGAdB^hz*WETZh85fP
zGA=QUw-JrKMs((!34k5W0jCdPNPvJ&X0QibvWN^WjxY!^u{0t0ij1lIAUe6hI{1;W
zp;QFZ$EDxu(p&GjMJk}HlA_vzb&#YpxlsMD_`QrqSp#%NSy1jf00jo5{{UewGQk()
zEJ*~%BtzyNQtyBq86H>`p(fE*<qCrUO5VIx2`zST)}Bg9h01~0`P5&sU1|TBo@;Ck
zGXSO(4La=+r$8?J00FHIM(gpnUvTlSY<>Si$%mZ}1<U6l7(UDnN*R~5WonmX2a0Vs
zfxT;5O{-jc$Ehz+I5_;eEv5y_q6N&M5_ooCr$s_qhYJRnZ99Y#XzXCWK6W<|a)XhK
zWz$<4(dWM}NKW{397^cB?R_y*m^q=q{p)MlZV6cbNG(SMFa1NIDS!f)=D#~`jeCGa
z+yLw<mcUdihEHa{^ipe3Gt$MvQn9h-EhaYP9eRBg232f~ZOtRVZ|kOG)TXOJO#$Gz
zm-EjfzHLf7Lxb<62HY9ScZ2w21cAvM<BD2PJ}G?O`@MkOOxsXLXruOkrx^Q!ZDTvu
zs`?ocoe&xfXRXy+pEUlGr#|T&dsQgWAc7fu3Lm`$=Oz9*v@*&TUk{z)Ef)<Er@;LN
zGRY3~9mk*VB4I@E`sy`9>0JcLfQq9}NqV%koxh?Z`m4I1n7CHF$n*}-8G!Pj;{k>k
z87p<4IjMHn_D|z2zP*@jZG5IKsPuf$7XU5YbenN@Y9}jTNLrDrj8C;)YXfk6$)`}6
zA%xzwO0LN1D`bPv?m(1goanM15brn<;HCyzucI9hNxrmUWJrm~l#yJmEa;3A|8<7E
zxd%pmtH#Mm(;$f}o(z$EA>s+nJaR1egKjs<Y?T9JGYizz;qB~<&t#V^Ak2H}1PZ&;
z0EET!=~Z5RL9<S^`$alIsC8V-X?@Bor9FD`ak0fSCJ8(1$!!3acd9Gbzh6Akl{-O4
zZ6Ij^0D}E7coN5}$bIyO+cVMaYk3NEyQYY+>jY4#k!x?}<ZCyQIX|;K#=wm0hip3a
zF_()WWF@FNg9<)$hk323DuqDfC&Qb$Q}{BAv{*_A$@^8@!tAX0_`@ws%c4MKQe1lw
zir|x{8>xaAwiWWKM}s})yfj<zIy9378@#ObKn3UuG|A>8H-IBsGu8ehsd7_e2P<|N
z!MVYLR0eXNA?jlAlnhW|5it$&%f16{CC^zl#73;IO#wG5v=~6Cy(J|()rXi5Gmg#C
z4YetupIYu1YDM*}L9knnWyNx_sLg~Tl!@`7>dj}BIYayrL?5O3;{#nIlpL#kFe4J_
zrGaHs_^%?KJy<CQu|`1q{I{G!^(0~b905GK3{~e^B5^Xx2R-@&nVe@wq}QInxs&dS
zLI-0S;ujR!I?l-u<eZssfW=`&o;z;pr05kFMl@>iq^5II#1{Z8`7d?9RU3GG->1ZI
zJ^1`t{tM%m3nVlFgc8(W(l~E?e2}8(O&D^Gs`K&%6~E46zmu)9_*X|C{*0P08!lUB
zy>eY$d}-;Nvn8{-;j%ibyXZXDz2me3=Tn70L<M_#oz{mo;5NK?6`$~?$x>U8u?|$_
zH8q)Ca#*cDhEGm;&$0JT?0^x<Yr@3dgj&FRrZzsq$nQASOBgQqYX|tOnbfSZU|SJ%
z#cH(j2kVRq7TT{>x?Jv4*Pi>B_(xt0DpT1`pt)!rQanL<$aE#KF6-6mD1RFX?nedh
z51dveYQk?YduDohUhBa0a>BOA5bL#Q1{ikvW4K41*mnb39`KRiu!ZTMd_uqrRf(3x
z1ltxD!ROn7Psw!sVbXmv;XO3g1C0=ZPC}z3Kl-2jfKjP9L=+HZWIxG;o#u_uhd_xL
ztaRGY8J2nW^K<Ku9f*zKPLhWRQC$a{cg#<bPl8@OTZuL?QT{7d07t*DiG9~(tL?4r
z<D2r7>0T(e%42-j)~>E%SkA82aTn-mUc5z^NJGgf9@pWuM#Y0VK&?NvAwCX??w<P@
zuE^GI$p0lhFEj}VYZR2^b=>rIItB#(-51nO*SAht4dlw>*HFjtdFhiRrK_^B;=d#D
z{6XO|B^p=i$><Yw@iV2g%x8YqU6<sSBt*^gG-0e!-zVwM4a%Lg&xrXy9{u%l{nw>}
zL$y<$cK%Cdkh^OE)ZOeRHQLjccM<0Z-8HZ%Tk%xG;Q3$Gva?$<5o4>ysS{|`Z@nBg
zo21oDj#xF`V`lVx%;=@={v)TLti-H4L2a{)D8|O_n2v#s`1tBeN*?lysJRW}Ex%gN
z?XT*IE3vlp`XKNw=Ge86GNt0mxKo(ezs|86CTGI9#AeWNDMKw&E}WRFl>jlmQxg5D
zT+(Kfjo;APkGRyuIud86@X^nROisi&O$2bexO}s~&tIy*aN8EaC^}qPZi$#JBJ?+@
zk-EY6=kJ7f19nPLZWBTe0~O>@oV2*f9J{scw492>!52+}e%)wgENG)xNA<ihxMqD-
zl_2Gf9cMx~u{1J4p+4Kn%v~%u+H;kN{vL{rGeE$~gmSK!EeoH~M5By6rhFo<fhEVi
z?eO&`j|5sx^f`Mk&P6PndB8E9!nLTVUwSCQiM_xM?hKsF-`3=<=w*YZ^Sjr%usx7P
zGkG9#^$S;+T@QbT;4Zm-fkb11mmE7)hHM8dr+x>H7p|M12NB_3s;<9NZZhp29Vgn`
z<JzH9@F{$8dK`|6L~)c&2~_(5%FM=i{1@*y?XW6#Q;nV;1=FI<DjfWZHqpev-yyOo
zkAC6GQkw}hgt)1NJ@XXez8>B~u0b&<=_%#cEuisr;Gm9J!D&ZrY3|r>{Fr^$5S!A>
ziti(L312}KJN*)_Cm#<q8isSMUO8oK@W22Cx{kcU?~2U7hX%-SC|qu%;D`DU50u-0
zbmkf{&fkYn)icO5pZUUnKQ7buron|zABFP-dxZ%8BuWw&UTi0~nfu=he8-rRq2Sik
zK>1@*BP*_G{`>QH2=#5@S)REZtX?b*<mN7a{{~wU>Hq)7|6ll6&^NrsQq@@?={rCd
z5Fw@YvE8-FW$>TNh21vudOyufCs<Dvx*txm^Z_umJX#HSw&d3D`$&c60JaB+M&y3<
z%#FhYul@TIZ`w;eVG$by){r4|@Q(CjWt%S`a3|7ofAg)Vv%?$9ArpsDr(P&7v-&dn
z`+in@dwdr6nGak*=ft(I(cnIV7TxXr<jn{S3lx;1P;k_s4>8+_v;@$Y><(mUU22_W
z6BFx)i1J5i{GdK)NpRiPqBvAY{vrk!<|(-9J`%x2<iq6ogUUsC-J}^|Y$1Up%PE2U
z`AE6UUp7U#!<U1UPREk?CjfO7!CxN&UCorqA$X7G0^ZUz2GfO|q5JC6(<fE{!9=X_
zK1|<T1vXj%RE&eF`w(390vh5Xi1FDs51WVn@oy*;G<dn-Ml}pFhx|Vyyu5X(q5V3x
z!BtRaAx@YFbcju&JpSKwCh!2fBqH()lt}{MND#N2*TU?(qApM64nym0fXNQpi5RUt
zZUZYB+Vh9(F5nt$DlRS_G7a06h5O-}A6S5y$z&rIWk{oN@cjnV+*uHwg^*`zSQ?LE
zP;T$uo2m8d<Zql7NT`-hLVNosWCjpWqv&Z*{aFD$3kcBi9z(+3HL6|qqHlM7eAolk
zO}?(X>sRRmi}S;kgG&n;B3YKh7VT|943fq9Rr}8ghTTtehVA<qAth^BWH(;o$>2io
zv}JGlONWJTgWzo%qfBZy^sG1YVTOhAZcgRBo^zrdd4>(en%;zEQSp`zCr6RXStY!h
zFR};MTFkUhj$@P`2~?M+Gg-@pRPE>yd|DQ$xn!m9t~<)?VjZ|#W){*Juie9?o^2v~
zqSJLwtSc|pYG$=eruqC$-hpf65A#>6FIqwR?vN9}h+XjoheaY?X)~*1mL)pS_q^=`
zrO_W7m9Gyo&Q{3k0K1mJc`E$I_Am8mNalLE^oBvWDpWJ`n7aQ%Iln6`fa>~V=2Hr+
zx@gpuI)p$Lf9u-oP%sGFc_!sW&VxAhEg@8MX6e_OP<F?)USmZ3N4bAr0sTp~Zp9E_
zlTU#DPz0>yPOwyc0p#1a`YLEaaQo!mk}t45GyPvK09QGb8*mBaoWJBP3mgpct8?AJ
z5JQlFK7b=X&?2#A%sSRJaMDMZ9WglWEdBUrb7c3VPl1zW$qL9|kP6>~LAV+r*YTvr
z-D7uQT|i_82zd`$u(azx@E!1Pg93WZCQH9&bW8-o+qehmaGIe_*!V!|mRTJ&HEw$R
zgT>``?siGdQRhm{i5vN@(O|p4qe2P}UP(jXM`VdQSe%D@u(C5Q#*oG3&ghGZthe@a
zVNY5ZBbHZ(OY=q?DC0j~v0eTeD;z(^uX(3VIb_60g*j%~=cB>+yPNrto20`aU7jER
zN-s*+{^8dutb!85mGpdF`(BOqj?1xv$?wiES2lUSWtL7qm&fy&<({-r<5>oY!hBtq
zH4Vu_EaT#ziu5AO*eA3)Vbh+(IQ6AAu^gPoN!~BP54U(oa`izjt$yZQ4#g?E6`f8H
zF2&VEMLq$yzR1H9>DLy)gNZEem(2c@KP-siD}e6$QpJgzSJF#S*Vk`c*Od06k9Y!P
z?JdDH+bc1_tv}6IPJ#{n*o%D41=hJ`@TC^<cQaT+9cOA4NF4-&dN=`nee*E$RMMvw
z6mF|j4NyO}frNMU+pHVi;2e0Mio6?~v06jf-xb*f=fj=MEyM|ArxM)mmH=F`V`sds
z5td^>PfrifY=!t*j!s$r38YM{JEIVZj(Kl-B$cy<eEOptW+!b`ERGp2(dMShnlghY
zNd|eQmjU8WNOaqqh<tnOH2ZGe{^NH<aeH`#nT!VbuMtiQbai~D1t$G|<T)02geF7Z
zQcVX7x-|-kSTZekMk|^M=0wai3R4ria>2r}i0xYX0E5+o0VtcF_+cWRtqvBX1CK<b
zV*PuT8Wwa2MX3ox%GJXqV{NMI*m3Pk91WL53gUXx!p&um9(3_n=6=+DJ+E;>RA)7G
zx#i=P_HE2WQNQTm^oK`9RBEl;9^)})yiTzuz-Gz8tU9f?b%OFw976qiGc~ew;85EE
z{waRFRs3W-k6$<4N$`}A*^`v}sn698TSCVe3uM)$AGYBI`!Nq$_%THpkGboQR-aVI
zU9n17mRHC;e&3i_E-H=Oxau|LzZF>H(I~z;zqC)&3F5Y2&4%y-Rj{z2OMjR)Fi9T_
z+Rt%6Y6qTz)MSyzZ-t5Q5!PNhXi8jx*vQ{|p>={{A%*e~Y2Y87$u3{ut(m??E^Tr%
z>XMDu3AhuMOMQ9qr#yVcVj#Ef2|o;|^xR3#5#gMf{K97<A9e&S;CoaexJSJ9z>RVW
zuEp=r5~>YjjJIi~M-uV&RtYFv^e(35tT9__D3VFcCAAKRafW|uG3rdzTqeYK-<;!9
zt7XHY_q44#?Yu&RW_llq4XR1TP`TrJ%-t?F>2uy5dA`^eSy0fGJ|mA?hl}q%=4u<{
zkQc&~K|g3Oe0Wjg{SN7I$yn5@{3`nlCDBC%tQOAIsW3){tGRDGV@uljs|wSZUg;Dc
z?VF1`Z}q;_$Qml9uvw1cGu;^}XbO?w9X>0NjrqyqMQEasDUmCDr)WXctEQd5Ozn5c
z_`}XG3itwf``4ViW%YZ$s&(eRIdkG(E633AhE1QhRCev~TfeUys1>kRxc`-b$>(>&
zx)4|d@f?EwBR}3i%`|~WSq;agrF8{pPV*FJWbVbWQmLEn!DucY@F~Y;2Sjnm@S=2F
zz}5)(xCwRcFlswi@qej9POeH?IEdU=#4<-|`Zd*|<kw^h!Mllj7u*|nj?q)pCTsgt
zRui9s&92~0oEaA&mO;B%D=WY6N36gRFA?-oWljtGZk_YS_Lb2A6sguSDyZziw|ies
zDEhp1tQ((;vF_p#nGUsa&nDI-it<6KBS(M1v`ObD;$xmvlR>@`lc7iYkvmHVO0<?m
z7qbVV>ID2TJM;H@tM|Uf-Ht6D?8{NXy<c<(Khfq^%soi*{A0AWVEL=o7{IyLrxe~K
zxSRLAxBYWMrT!q_KnLw|{Y0eu@QOD}hU^GAaStB3#dait25%JKMJuS74gwVN_NlrP
zU+bc#07}reRrp&k!`j5c7@_(#_IA?KiaZZ=D2%z`v*hLu32Qfq;QL9Q|H}eva*dn8
z0*{BxXB$Xwo7+FOIB3Spp&;sIO}Xw&Cb=Ytka>?jLeH)|L;lz?#Fq1bl){YTMIlWj
z<{E~r+T>eXS3$prvm6$jreCd+*O55m4hVJ}K*po)-0_sy8nGkmB)Iu)ei-~K#*wT`
zWoc^SK3iv|j{lRR`Mc?3P6_-c^2$t3)aM*c9>j`S6)!DW?5HDKPBQ;9LY6Z!uQ&Zz
zvQ27^%Wr#w@$Iy9;ApjL6qBo6@gHX^8d+wMj~I>yHser2mUUT&B~w6Fxw-0Umh#j2
z?dh*PFIXI#?aY{?cN{9)9^xf1#o`6aOzn4wlt={V7rk{TZgVSl$a>BsX*#UR{lux(
zrdvAFa_$FTU-^~&z30`qwa@Wl4pdmOsEK)vwq|$6+O>989=h639&Qv^jFjGJ9z#*P
z9olH$iO_eiRpP>bi<GB#DSjRJdZ4dgfedx*V00VdFe1nn*+JjCelDL}c%6=t85hTd
zKg@7*1F6h(Q$uvP!^-7M!pE@^ip)+o<bJc2;t`P*o*d4~X20StsDv6pX$G&6A)iE5
z8WaRN4WTw9ryJkfV#AMq2>9;<+Z=7nZ*#^KDDI(0ml;s2Fy3>Gqg#&XomD(1{KKO4
z2=e8aOJwt2++YdEw^0|3ro^{dzXNo&!~BT}sz40Khceilj_f#A)IAif&n}&>twFnq
zUM|>+In#rTCTheq^aBr)qTXXTiVPe0=&>@c!dbc%mZ@_=^aab*@p$ANTT~{d9cfQR
zOieVEmBqP#KVA92pJg!S7O2R5@g<jACaKKN#Bh#_6_wEYXBEGE;>5j(M`)4v?fylY
z>sWCs_t8p{Y*+n)ua%3~LAqO5&(4J4_g~)~t=|;ypC~A=y<)P07oc{uUsh~wNYKAa
z&K&pbWXHXXUx_zO79)pIkVD6%c)J8R8|Urc*U?`n--P=>*3~s9{IsW?JnMUWS=~5V
zX|?<Ti%Vw;=jZ+9g+s-22xVgq9>1%W$Fl8^%aq>s7NEjygJHg#@M|SkN?ZljaA-ui
zDLaKN0zZil8q00R(s+|GN$ln&0N2xyep{i0_Y&^BBKDKm;Mub*RqCks=b^QD5>UKy
z9^a=nL{1LhT_q_Y$@%4DGGVrD+&JrcV*YSqwOG|3e7|qOl(bGA9rj!q#d!*c;t<~>
zjSJSo>(60Tj2Mz$h=aBnS`^N6@R%Y;`Zn^IDDqe*$3p18$KLb8t9>EKIY$eJN{swD
zT<)~f|C-}F4shrnnEJ{i;CCen5j5!SIU9>fK+danDf=LPWYXmTpx!R`*-X2T+Npt7
zfcBNcWDy4NEhpYSBSw+7ylAKgp@yy=>~;+m4Jn<{ysc${U%Ll_k-hfV+7F-Pc}SYY
zk34NiL6GJKC%(g)<*sV9mm%Wk!y)ud`_7jeG<%%4xkeG2G?heQB5){sBsm*rTgj~O
z@W$+M_f@XQ$rs;xtU<f5ukXFM?j11s2oGU^R?&?Do$_$E|7Wq6jC-ko%GOKvvn|WQ
zJ7C5|k<)bdhvrrBi{(c4&vv9QEeB%!nj+5m!5bxDgKm}FX$*FfxCi+-R|M)(jd*9j
z-H+b{GTRlIB_WiINraI`oS}P%P|E-y)2k-{iV4|vm1jDltlea$f;RT?I9Sbx3ct}3
zO<r<;Yj>B(qa61E?whGQav4Cl*oF$*@r*YZXLs)JtO_Jjcc0;TMKcw}Zu46K+^>Bh
zD9~Q7fjw=n)&r4WG%d02QH!^mcSx#zOmR>w6go+p4U3F?0{r!2;9yt(UgMeD@Dm3b
zff%C9$#mM7Nie_^_{oXY8mvt;eHpE>EA>RVNjPd5Q{&DD%UvLriLtL{1?~20Nzlig
zC}7)`?q@y+Z~uffgxJlFpIHA;r`!I4TRi0QJgTIr6WH^9$5NO2@U6$)@UupQU18Zo
z%#O8Ibhoj4@wZOEilXv)uFJibiJuitJGCt%h*ac9#GC(m_!T$5THAc;rlp1coSHvB
zNZ66B^A$Vj3RHlyvi1FQh@yO=EItc$Ifr-X8lzxy6rc8647Xzne4)E@1t1-{pUCM@
z-#&uWfK&uZQ$u|c*)<t=inkbpIhZRCk`@$-K7^nJ@jR>H;w;3A8XPTZ{1sK`58ri;
zd7)%V!Dcp`KZ}(rP>MS(B=!R)qUijmJ!p3VF&{dZcx>(62F*2Iv2I8WL#MOTaRkXB
z(;3ze1iNCt!FGFJ%*(*zBPAj-6xH0i$QQV^*RX&??;_*9{t*ztEq|1o(b@xZ<UV7;
zP3GK1AbYbvNXD$OcqNQCpy>FVAmIF2{L-rpg6@-^4F$3=jE+qc4Sx&UrxD;?qUuyw
z7+kv!A?;TBR2U7JCmiyli0~GHlF`>0R6DgP#4=MEFr-t%AZF*Q5$Ys<uDmrDWnTum
zkj3=Hm?b;|d7u3rS@%U}OCT{CA<4cYq%smNQ{uo}s6^Utr1g&lcCFdQ&2}T#W7fNq
z8$QxFnXLKua44RTlhDCHZ4i;Q%|8YjvL$#)e(CMKQ*zOZ<@wHYYj|hTT2G0Oft5Zn
zXi$yr`AvTAa;w-Nzz_XtxHnDR;W^pUPdK!}JedPOQQ&@l>s&oT=zfBw+DvO?-yQL~
z#jBVFZtlYrhXxTy%5c?V0r^u5{O5aA!;Ifm#vGz#Y<(U|kW{j@a9mjZQ&A$+!rHR5
zkp?%5iOJp*Y)|<ZBz*AC8`|=%4nl#jjHG#AQG|DrTjJBrrjg&5r9FEz@k*xseVuyd
zO+_qKVCrKkSkU&6zS_(i3arE>?wQ;}wLWquvX}~1s>JZ{ac(;hVhh3LKU6RuvIC3s
zi=Tkf6UAC=Y%Ai++ElB~M6JIYhIjo_%*1w~6Xp{~Cr|r{_XP_VGnedEN2R&y%o;@R
z<zOx|<GR`HS`-SLIXxv#;Cd|BJ!m2WG?f}@{KQ^-io-_dYxuHj(dkM6MZP=jd56j+
ziR)rZ-iNt0TU%S#7zQJBTwFu`G4TH<gyVmy%l<hp5jWu_zpjL(5;KG^eorKdsBdH0
zs!SHz3PTyhx)1`pHex_oig!(7XVv}0S#s~jD5(r*Y_B9Ie`{?n*l9EjPm7F$O7HsB
zMvH||xMtJwGJ;^y{d{7ACwP&ReV6!^ulw<aD=U0XfMU@Aigk!Ne0q7*qRXeSKwLnu
z%TN}ogu^Kk(f(%k-MA%66Jqbho;Ky1IQ0^DDTT6svhJ>{vP(sbSmJjJ3ZFB19A^Lg
z`~&b?DcZ>F$`j)d^g5NlkDftX>Jv98U1U!GSaF9UaQI9@6;oW1dX}#uLyL3s{-I$}
z_^;0cDss7=n{!`dU#y=w>7i5H38eaRb^VdXW!S9(-+UP5gOy+bSeRakuletULRkbG
zThb-y!vt;?+6%zv>VOaXm?W<KpZfp}BR|t2Ka;-xqX|W<u!0<ZO^`>QC2WB3L{@QR
zpCgk^qlI_=o*CHy{jvZcgr88JoWLNIC5}(w2aqoe+<dWAB&p~Aenu!y6BT%DQ2O&R
zJaz{-2oQFVlnomv^1S!(8nRzTzI4G{=ng6VPcO_W^xNBz9x{j+*-)2=&wq|MTyoYL
zWUCeWLcN~6JAe?&9$tqWa!m)OAMy8?aY!^_Hr#RbToK&RJdz1Wy$ABDmB>PYQVi~i
zJ2*Zb3p0moOiP`>UU~IN%g0P6+B$WO?lgTk1WpoUmuLItK%xjF7Pou=3}4&#Ac0zt
znSS=uIUWLE69rag+y@>=iXUVUbrY|`>T@p&;|^K~2WWfF;jBWlY604fb&;KK`SJaV
z*vZbIi5h+{eU~M>FYwWQ^Mvi=7~mXZSR;$fnl5-;YZj33u0aqXL?nUOxWt29i{8{*
zc8N8MrGY%<Z3Mza5GDrTVnJltuz)ix*~<VuY-H+yRyEG&H}Hq_BA%^DC{BYQ!?q(2
z=^L<hpzpEFsoKs5*z`}q0Vr9%g4bp<Ke(A9=1Vm@NCX1lVvbvehpH4wfV=kV<1Ioo
z5FL$z)|vlR+na|&+5hq4jKNr9#*&>GOOt&oTN?YCvI~`UB+}z46dBuClEk1wmXSP#
zlr?R#lw^x2q0Lmbij1X<66byQe1F&PT;Fr9^Vd23HC-di?e6}(-mmRlb{DrmhXvEW
zxOBclI&m#_O-l59@&o~B!7UB_{SFHp?#^Bxa+KsyZdazqzk<?llCbVD!oPtmx`)%P
zEP*t&b9xzU<f4UxZZF@r#5C%#{?SshV(wvg+o=q9qsyOjsW}=rRG$wx^HcM;NB<;F
zb7pC~OJSQ+-s#?#u0y#F-f9YOj6n!*%lcA4F>~b<gUu6w`RifFS$~fTdIiZ&!u(07
zDt>s?NEm$p?VSWVS^U20H+RCr;XuE>N3>FY9eN$bJJT|cfmw0BODa54-sEt<xZp6R
z+Y{G*%I&veG+rwagVgERk(TJ5XnL%c4O4lw+!rn9rhidMA63Klk4}flhZJFBgTmdh
z%?Ld=V6sWsJV=N>UpffO@fO!Ii}wnZbPn3V^D3}<D>8X#pv`TV2^(v{gES<>V~6*>
z0A$ZQpl<wU_K1E8{_C$>P$jB%Ex5Y|_{eS^BG;7^#zNDJeH*_ZFeK44mJR#nVU?N`
zk**VA_XuY0FW#TppSw)Ja!c710L=PH4p)GGMBE;RxZd906I9=u-aFewyf}2W{BXzK
z&50uZ%FcNg%!!xnAS(1{^c5RMtl!Vf<PR782)*_}_tehfY@?`yE#c40lHe0P+n+5y
zh_GLF?9;kDRM@d$Ijwu+5a_jZ+JA|*z=93y4>c6()*+j{Ahx)*hmmK+r--L50y28t
z*fR#ElaOrVrS#3syPvWe0onfC9E9}TSLp4`8)-?iE)Y!ys1>s<3(t{TtvP+n*6d(A
zW=p)EZDc8B$&UCPyN;xTIdu7l9S?(5!YkIp6DBJ`Ro~VYb=bzp)b4BrMZeW$7$MRB
zg6gqm=*GE=rnmDY;8>hU&^mv`_FCRSIj5M|yf0|_pzO5jvec*LU{J<4!Y1|UUdLX}
z*nXU;_%B70{5NFX7`9yWexvbEnyoB(b0&<#vOS&Lg%rK}{>3lrkAJe>On_{eyyP!r
zg~T7)FuNr?Q_~XJ)z^$uu)f>Rv6p0q(h-W&4lkNRJEHC9&bMO{X*<k(Xdg_O*Fkta
zfzE8_Z8M!lhI>IQ+=%B1zs{bNlh0Z?Lk9@h=xZ~*4B+?_)dWsL<gnUXYCP^6Nat*j
zQ#|nYE0Qk(--FWVi^}(%R`?Mf5)T#3$5vDq45<gBcx3HaFv>A5tFvUQReUlgK8Nsv
z6P|Gu;)v$jeN4b`5}TiZpcYuJG&Sx`mg&$gq+H=5-ldsY8=;P;2Zi-cuH*xN>Vx%O
zpDTpV3i!5?Q--G7AkHuAN&9@JU7jPS5QfiJx4(s5Fb1Wmgw`0&?j^w05uAz^68QX-
zNdD**V`jv0%SJY)qPFJmc?i<T_<FE)Q$7l(V^7C-3!~-Mwlv&8T6mO5Z}XouVJTF$
z3L(G?4Kff2Z?$Lp5X@<M=`E(hsADDqwI*TWH4kv`5LwXa{aU}hVr&YWEha=b-?OW{
zMc`DrhsDTraQk57uDh2Vx7szh&3;lBYka9IhuTj!nP{BDn(S*c+rSOt%ZjreD;rT3
zhyQ|G;m`w_;yG&CC0D=urxw1MS%Z`H)6Sx;a1;Oh+8Vk9v&P*TE+K&!K@3TXIMlT{
zW3svEp3A1+y+xIc{H^Lxd)jM21)X*zG|xSb)}R;PkbPIJWydJlo!oMtg!k<ZxEh6x
z)V9Hl(KaBp`1Bj7CaYCyYgjz?0aSps1foyOJ*{-B$~C!zUaUHdE)7Ekw{c7S_7lw!
zRhia}h(HLo=3{Su+W97twMM!M`+tjeI38Z83`fo^RFad>x+U9Hy<P!!9TxgvcZq#K
zO$GjO5~J_WS^dAr#jbu7EaitLEmiaESw=p3_aRmEFgF~0D~q?SRnWr_16q&#P7ykP
z0Bv%%_{uFz(hiuQO|}%*5O|YzAjkJJVq%&m8kvOk;Q)W}?2}|I*46}hIXEL({|6r2
zMEKpKt4EpUcy$CR@aZ3=A!j^00gFe}YyAINy*Bm6QU(rOFK~96%|PiCSNXUdfa+!X
zF}g2gQ9e)CoEq?-nfng7Nc8raQyV>_NhGhF;qE+#$c7((-q^mX+#9=S@}v<GdJW|V
zJwC3wd|m}vVA)&XiS{%x_^E4?x>hw8w`khcHxA8f>)?fo&e1K^%*b<2rk>tfbtD^F
zU&KZO1)OgrZMwc7)E-w6;r!_~tFq{`wZqZ)TBtLil}Q8<VK&N)RGt(BxL5wutA6o>
z74r_ao&<*Ep0%vtVpV|Jc!ew}0{^1#G&%uR1~x;)-y8Ce=UxW|&WVU$^^|f?LUypd
zfK51|=v$m#I{m@b7Oo{fk$7gnVT7%-e;MAgXq|I>Y)B09M%+GcGw?@|4glCLFb-qx
z)JTyP69{tPJI>txrikzz2+KmxoJ88U$+uwWDV;wzz;Jas8!=iX6a$7d!_QStSIiv*
zP3Hg`cn{t;JFTS>25#n#H;3}&2;MM0fB*dA>5Zo0>xh{AzBaPq2sPUT*;QBs=idJ1
z{#b{@kR>l}Ij%vHfB-@{N?n!16DAnM7*!A2tEY#@rTx8!;DH7Ix%zI5l>(pcBN_>t
z{WkQg#gP^dq`zNk*U1_gkVfARK-~ZHMcUdfO9l)jS#I|pen^utZoitVBI?dFNdiMz
zx+>on!SI5eM=!mDWdWD+@&e(oWX5<Eh@J=Q;A@~6rkBrz{T0b2mm3f2s#IrAXg`=w
zzGrmAoL}QJ1FH4<?|;Cr{;K=EYtJ2+b2sil^OWIQW;3~9(D-@{2_5&?1YF?d`>pov
z4D_jAYM*iS`P7)&`-X3;8j$8vKi`i13tt#y+`0>!`(DJk<c3MfW#nCy)*+`08>Qnq
zrKw`Jk$4QasG?jpSKBt<;ho6CAID*J!Jz@Cm;4*h=XV6zh?jS|AxHmRWL~`kJw5D1
z3yIkGmAwOLP%24mg#|OE9i1O>>(q6t#3-mvimv1GPkSpL_!;okojzlRESZ9co5WW%
zKeAxU0!(F1$hcDqHt<z$MWMibFjc)n5Z*7KAm`sk41Paa?Q!!<tuIJp`?8kpBR_r*
zMj#=aD-#@o(?jq`j?)l%g(xfta{(qGL;y2<@-}7eMeWd4n*+$YvS;Sf5+<LFp`cJc
zVH2t+=MaM;6w--}rLJQ(vPuWhlMH?E#XmC7-?6X@AW{vWZ`rrE03yX10&v?@Yd7gW
z@g8bQ-ZTWA<F4s<wTl#5ApLJ)lG$lIlj1BNlD>_#_wtTKP4`TCw;22iwvOt8Ux&Ov
z@O`U#+3(3i|Md549l@I@ua8Ll81~{|B@P)=eQ9mo)D!Be^5SM3@%$B1<Vi=vDG@<b
z`Id%#Tm|>2^^Z`;eV{fG!NGSY;Fj3xH4*}p2V%RA->XKIt2Oa^4m6OUEbX<(2)LkT
zhlmaZjA2n^MFDBXCQ}?262Hz``~er9^~I`5G@r51z2=~0lbD))b;ilL{;l&uICQ!r
zl`$|q94;&@B$*T*K<6mRgQ9dQKasOl5f9IhmOF5A{m+NinTmR4VHt{_Ef#i}HUjie
zlN8#LIrk0n8^;hw?L-a?Qt4r{aDFJvi{vwq8!W0sUFbaH+=IJPN_j_rinQv}-T<&0
zEK?vt#ns8lkJ0Ehe1chY&X^mlXL=)V;n-E$Z_pJ50Qgtm7k(J5WjwgF(luPv<9%VA
z31)iD^Mt{qL2`sl>0E-!_GGvkO^$4j?Ae#DLjQ#)I4bzI1jM7k5d1TXJr<=^VQrh{
zdGAp{EP27J9yN1BRik6Vd0FBul5@|k!IvrTh_+j@o>mORlqO7zs%{5HhsK>Sm&b_8
zyeK}M38<@tNTo+RjFiKn(F5623`xQ>a?uQcm*Kcew*!7C$&J%!3ZEy)E{GWdsU6sZ
zdsojMInEQ`)CXP&i~O(n-}t<I4XzG3h`2+rdGPi;3`80Had2cFM@f>&r^bWCh@X?V
z;7a5yPI^Z!u1S!2H-(s12h^yJ9`qW6>$gP|uc)MhSJm<P84x^*bb>O#jPf=0_9HUW
zi(r=fxJOOgB!^m;jsIdl{eX>4?1G)8nOiOLn@?ZM)R3_gX^@_Fsh0eOLCzz>B9@Yi
z>*w@HWMzJA!e=^cz`YAoZpS!`$ZXY@5tLGepcI?G9-o!!HtW7?t}^t=;tPs8D5i4#
zZ@*$6cAkJL<I*cRTUOe_;*%?<cB>Ojp6T>0ps}`Ry5pOHih|{*3*K{)^`^-akP06a
z1yy2R7IM3Z>3LQ*PxqY^{wRfo2S};|M~uMbpmnX7B{FfU16TQkz*^z{ZB!H+3nZ8&
zJ(eb6Gm~A9%VlIM5ObF5sEH&Kj|7bLk#Ja3+iIA<_<eRLa2Iv3D^SnBf!FF+jJgR`
zkjJvCLl&ji-|(fASESI7da%x?>4-B~;aFsm^o+e$Cgmm^Os!}087i-H{YknSrG-ek
z=4pPfHNLNvFJ5Q=o7+dl#yL7mu{vwE&+tFc*J`#YC)1;|&oPLyuD7=XE;xaZ6oL?~
zHox%vu6dWi&6IxaB56W4_83MFeJ0NhA8Kp!QKIlUVrO^sPntU(z&9y#K7vL_#hT}`
zmaMlW{UtSQ-)?sJ;xAg2>VV<;;?Mm4S{r&f#|QG&Z7wo(D7l79v)P0l<PgL8R6l%a
zTQ{XavfX~mY9jxTfX6{<HW?)s2U{mvO_E(hQFdbU4ZO*l%$+wZ=9DptI`uyvQ_Pm0
zNaMFNPGO?`XbG=V3%I3D=VY6qv@r&q^ihl{Ef1&FaH3t=dCu?({m7)Y9-{$u@syzX
zit&esj6?MSRufXDbwH98?ww~ToZhL<v^f4lXKr=|UAR>|f-3R{`8^cwj$o|^1Z6yw
zE5=_qwa}UMEkXR7CRL70Gn5~oRHr!{^S&DYQYXNdV1a|VECp|*$N+$=i}n2UAI4=K
z@YiSx!r9D$7IEg?V@Wy!(M;hl|95SEA$ysICus_zwRb=Any4%TIlQV;xLy*-v8+1)
zV^%-1X4)unme#PG{E1chQ&PlIWj?6|O!o1m#=);6c1)UVt~o+Z(m!OvWBv?3d-acI
zaEsqycYQ2Bk{P(y@KOF{9_bkSMU7C2$zT}J%0?H`N!;|WMNofhvuT~M@m!X3qVkUE
zRKOQ`v`zZ-O_7q&f{WG(Ksa!?-$n=r9dJ(i+ENkb68PlcfksDbDm^dHwQ_mAFcD6h
zdffqos}2~_cP?Zzp%rEO_O5$#kcSAW81vNGjs3D`NgiZ_sh#YI>*MNnHx(huK+EQr
z8?~8@zm*wQC7D3bt_`+q-OE(2z7zS`1u1FCiw`wHqv?`Z<3Tr@Ygy=>`gfl~)Vc*o
zg0_JW-1=nPz=$pZj}}Ts9)IqJRj2Lr&QUGl`Bk`||DRknC{dM*wQ|-uM7}^MiqT~O
zda4z}g~GI+fJ4H3)}qc0X=K4F18)(kV~#qnp;;)>U6p!vdwZ($%UJ~VHuucpOr1Up
zUF{Z9<s*NJmYYoLmvOgIerc7X(GUx(<Ce^QL=KcQaMmM-8kT8Srk@qX)=T>cdZ?FQ
z7lbxcO`qZdiHnY^SW)I_Sd#qPU8NR)T5B_9?Sv+&OU2$P=Ohr)t+_%Xm&#q#HV~*T
zCMabbT_+~?7}K=<Ws_eA%6ALv&BVs^#USFo;#tLXHm?497_1+uPI0w0mP4ZhUNg;F
z4)5h=bV*4Q<(6|;!1Q2@hD#2^wLf!a9yV5=C{qrD-HNJUa#4*VE#JfT2a`@!7Ch74
zm}?w7y>qHH?$^&5b`uWj<|95$R>m0694&jR87|w;$$Po&O=Bz@K8;ue_f;(Wj&Jz`
z+o<$`_oHK}rl;}nta1E4WFcVK3C_K#iY?`RVhkAR1Hkvwl2B-VdadCql~_BY!~)nJ
zq4R8FEjQKJHR_^fFEX{ZT{vgXl-e0OX~wOX@MCV==Yt-8k~V_G167O7|GG!~J+-mE
zrF@T)`=xh;`v@yomb_{{23YwhTuAzUy{SE4seBrBN_#Fvi;fPI?D};ZjU}(%BNm!s
zEI|u+Xs?zM0Nqp>*sS4#A8v%y0$efLn!YH=E_`=5T;+j_%+~%M5725RVD+*!k>r-H
z6rEJjC~rFAL9t;nA=hSv3q>rEl<s|M)WO}J&e1@!t^2H;V<fNP_w4&qMf3o|!S8~}
zRjwBqHdoKRO<Q{!%tIF(S}v?^?hl>}8xoSa6)dWDnUTy%4?&wI;Y^ncZASho)hs<#
zDk_ABEoQ|g7K$RnBQXDsEKA<O+R7oM7nE5X@V%9$W&V+n0W54&@XDIYTQF)W)aE?1
z8oZp(Xly~&eS76=95Pn5?vfD7%t`9YW;D7a#+zt)ux+=>KJJ)qP^jD56e1NEQZn})
ziP3<+{YRS&NKq$Y6xwx`$ng+1cN3S9ZgsU?E`&?V`e4F<neW`!+5NW;h5$s(ep_Tp
z4VwTqHxzMba`PkgKygbwL@>z)$_Yx4JcN49lM%<teOZH_K8&mjiQ49-czrYLW?;iw
zGtAP2ytvSG2gR;v!h)aeX3zb+-(ZDFb~mOv>WNU2Gl>PmvYjSOub&ijMVD=18@k$9
zj`rS-$f}XX`ROJkx96|*&zP0<1e2C)x)fNHS6H<sWVLva=e&ZSX~W}*=+?sn#h>j^
znG<#@ObOa8xHoT=j^0f*{fS3BZH3c(C!lw)^usq;=_-tFWuXH4T=Y6MG&^P%$muzK
zv}44tqG1^IbOv{V;57lEvc$-|D9c?BPJa&_BwHLL6i{M>Gfm%f1lVnpT-tM~By0tm
z_!Sy*XG3~^VI;d}k-*NIXJdYiTD}3|<FU4LP(L1yn9_v3JVbjl7!h(F0?!%T)@j<$
zoh=N;6m6Sv$txD|nBnf%f-*)gzxPh{<*$zLpd{0As_KXpx!zw~YWL};o1XRZ8Xd&E
zp2HzbK7M+my+Yx>r8pMh`bS^dm3_cCHrlp7Qc<u=_p?ZdUoKR%GzJoKCeC=((ReYX
zHYLX`8l0Q*5)_Y0mUL(IkC^w=iM+v2|4b<0)`y>Zo`Mt1?<q7oQwQ^>zzBUP+3~P}
zQL<o+<<ktV;!Hmus$*J#rfuZv?0iqU`%UkW-R{_q>?!M}m30dex@t<K6oNa^)3SR>
zeKX__sN^||(}V>uJS|N{Zgl1Dk_fFZV(+kNrscEIBxd%=x>#CkY5fqvMqb$2VUv;k
zHob;m&3tT+sz6H!1aj_Amr6@Xe3ovDd#);s$Ge+1w~I5SETumSnt0W>cT>u>w<S9|
zS>sbr$|-2IFTBl*t$+RKJ*U@_LOY4C)PnjKzuai0^J98=X^ESTM+I%5et{!k-*ZV%
zxGwFwvK`z~R5{yS)-IpG#~QVTq*L5d6lTSIHkC=)_AkZbZ-s9{w?P4QskZe*hGnXz
zS%rFcRCk31DkroqvINxHL&?&)IE8Zp^@k%gmgLAf<iwut#+ciX-tBtGtJ6yM+L@Rx
ztfdBodej0ItdYhq?w_3h;@claReIofSi+8P;X?&~>k8rSid62oW?92MYE(h?G_|V>
zGm=!^jUO-*o_>Wb&m?on7!_srWaW(qD_z;a|0wB|_&8Q7nJ^ia79=f>PVwW;MX?j{
z3c`-e$Gm(S3Rn(>TTi&rm`pyoys8w;m6_md&ekAZZA-3uqD8qp;!OQ{3#^w?47B!@
zVCwA?P4EXBCT;K+by*75nM~9CL50%QBYnH*jz*sqC&IDW4241e3ET~KTQ(l(Az53;
zlxhYs@6bo(Sv{M@H_ia)xxk<FT!_+CdE|KyV`<a>aoU=gicutH$CCJt4`gn_1lB6v
z{AaW#v4-}<=4nROZra1i)FS>}lRGahTAe#waGu(2K8B5jhj(lOz6i|+!~XY7p(T-q
z1@h~h+ol-LlQVI&z@I%w>oKG_v#iI}Y-T(~$DynpCzweZ(!0Syi~IZRtHt~<@891;
z_wfWgRujkHNJ`<3#o<|V*@=l3{W<%O597G*`Ew@r?~W&1sK=#FCd(~J>j^68<1qnI
z)Mo82$3&av3nSQd`@hfNME-8TSf;Zj=H=mC|6Cd#Qj&6n@#$J_9!`(%n3lr9{=F-U
zih{OS?AX#hOL>$+L69RayCGe*2J?6I*0XFLtb(Vsxar%N_>E;Rw8<Jh;=2>DTe*m#
zcCc%Y?R~X1Tq485>G@QCr>B>{Ym_N-&+w&NkRZXs7C6S4(L0ibfG6J|E>1zc@!p}H
zY}0byMbLuVYDX*xG=BIXVzSsvZooM9&_B68Y`OoK7$UTpcT^xT02&^cLt%8qWgL7;
zSjH>U;pkm4q75I8FpRwLX5OPMUsB*}{DXLcl&Lqa{VQIAG!4umiC$>~zgNYr@EJQl
zR=xVed79&U5CZZ9cU3I%I~Rxdge)q#{`1~N<liZUSJlFMBHYORFyK5>=`c`|6(mA8
z0v4pDH^e_vcdV+(e(~C{v3{#ooN`Yr?>R@iZ@4&h_o&6Eh-Jm<u0d}D+(2hTedbf7
z*)yIwPi7i%ix6X>m~9T0{5gy}yRMwSFNl=)oeV5%<*@n&!LRQ3lRbGip%%(I>R2e*
zsdBH!3HS;3WL@z_5c)kFT*d2>D!y4~<ynBH*tUo|BN5MEYcuq`EQafL)$pi(>NQ{g
zMZ3<Ge+ss`M<@?l)vNP5n7JXDVapx0dgfW}_oKeHxTrpPv;DB%iAh`fF1N&eJFj+&
zrheUCW6j=tgz9MJt)k`#g=?zAuvp}~4>N-f($4p$|8il_M*k}*5xditzrpT_cRbP{
zu(7`E_<%v>gGY30G*q)GCusUMxLv#njgkBPQ!ltAU9!)yBCu3FYM2@KDEBPdd&s9?
ztNKDmzL75jDP3`|@f-r-Xlg`_L*d0LRKC9k!lVYiq+a}b^x$kzP*9B0SSp{`&z+!z
z-3w+>kLPM%f4=|l;cLP?)g9j;f$=^}jba~|ae}m4GzezkW8tMLk3?>JL+9=4F^Dyv
za;S9KqqMJ@OLyDc|EF|X1=JzHv;<Vajn`m#kQoIFD=U;u!tuSMsN>(L7jT00PxMVd
zSH{Ecg?gs)7XFuq7jb2mRWH)2OwTV$mqHT7N7Qg+E=71>U9x~tH+UL?;da<O37jiZ
zk}(HvlC{1%JPYaZ+#j*cbUUb3CSToBFNq?9S$W_!Rph=_M>1W<&45QW?#tIt9$eB7
zdf$UGZy`LO`6?P+NG3ku$K7<kng*S_BU6fyPk1+QgJLL>%5crtfai0hi=*BWNc|^<
z1^lf}vQ?#~BV^l@iR(3odZ<r{-t^Kg00kAYD1As&wy&q>_)<oWC^6k%%|`loN?Vth
zi4K>~r=LhtVTwPKX9??R#=6k8^3O!(#dtKb+Qsl2+P65_k!Gc3HSt+jGz3Y1CW%_c
z_ZMjYQRG8l2|<TMl9XjSBdI-6bSp~7_K$Abrp3CzB@n8sjWNxf0Je61IwHVZ<AKMl
z$zXgW*Cq)1jfk~^LkxA26f3SeNJ7&)Q9PK*DB3R|@+6b0Yi8kzAts}H2uZkw5@>K?
zmHw`fH=DizfUHzIjbUL)C?e-+D;h$w{nt5>vPv{vO;?qZ7S(WShzoaSR_KUd4HjJ(
zO2wrcD2gR_ntwd?I)u3S8wk;CTc7eb5a@=NZxA7L5G?(r^Jm5&=`+6RaS2WD2ZH`v
z=;Jej*^$B~(AX){`h{(p_MMG`Vvc=z#e&<nDv=?4!5_VYCesxGQ2J-JB}22}7kbYk
zCf=WEck`)1-03}Ky}Z&(#T)_#_#p05xeh>n{jDIHk@V6jFhuOW8#Ivjn^@mIV?i52
zB-q}7I)z;t)Ha2o(TDJ4+s=m`&SF5K>3vt)!)<#n8?=Vi1zlA~)9Kv?)Mt&f5R8)4
zL^*IVj#~?-BKWJGfyY!KAOH9seCuJ*d$FOPex$BSti1R4T`mh3j?WL_0W?<}F#x9X
zUDg#mF+{X43n;)w;AxJn3VF>FEYb`NF-T2-h8GXnD9DaU&=?;dm-XaKvz!5%Gtxz{
z<4hfA(KZPa7Hx!h)Fg7&X)vt8s2<vIl3!|Nfx$keY^&{M>ulNi8#;fkgYvmEj;q@x
zQQeWuokB)Utg0~1Ag0%cSk{L#aYq)~He2_Mcs}dB(Ge_%z2Wsb@<59h%;m;!BjLe}
zs!BF}4IZaPV&6M)v@nYI$|SMqHJHoO3S|4U8R6p%Pn7h;CG;kh*2clXF?*r}>7S9@
zaRfW=cBV<O_7Jo$mWC`$w6(QamYHsqJ&|d~^b$1y<4E&^NZ_^hQK^aYZSfbBK%@+S
z0ISB0_HJ|e5^8axFq%$MuxqC&YisCD%AOqa|0b3$Af7DoIu1ip)mXRulDI`&t34jP
z)kId98#w_bbyK@S0IO8tl-fazlKrqUtNcq1X}ry!(jvON1MV1@$R$(#F%EPGvFyX7
z2Aof)528)#qpNqq;g&0i96XV4lh7#&Gh^Ln2~W+wbu{RsnNVN2+OGp9uu-@O_xE=b
z$h*7yxxcAaTb|i_1v1i37Q;iMgCJ)HZ3{~Y5+<aGDDw)*=)Evw4UIMs*{Ymi7B87?
zsK%06U>2kuRMeVNX4slFFlbylZ<9n*977zOnKSWW;-r5iTM4}}2TVusZ4^kh#94V^
z-&&vDPcc1@a%^Nj-w(VMWR=R6B+5qNCe=8V&4eRS7fOXd_l@TU$*QYC7Mke){D*Ih
z#?+mDtowM{h1#a&8IPu;*{^fr3YOP}o@1Xk=v%=L?gLI6wbIbNh<IiJh*eIWJ0|Vz
z;y*k*od}^a%9Ow2@479e&|%R^?9gPb#d=T0l|rH`rf{2qAICx3mNfh;P){e?jtrIG
zow;Yx#G^OMrz5O0X!g7g^!U*+3rj;~?wH<moPxY}jIHMH4?8_%#wsOk)8RU-oLdx<
zHqDw<En23!^Z96E=);%GyH&-BQka|((?^5_aWwsW|B+9IA?c!gD^JB)jVQJucHIgm
z@(#ip+LvqqdzXX5URyPH@Nyqhh%*29IPKv2Qy$B(gXC~?f2Oj!^vl17aP7gyy2Y}h
z$7<5*?<ic%9MMxeOxaqepVnTomc0XutS_c)<Y5>U_(^gY3$8{@K4{nfztK(|;7sMn
zRVp@-QCE($&CWO{LdHl4pnbO?SZF&2;=Rwdz`gUIcyBT4Q!*pMh}VmiTY!nTd;a3K
zIX(`-Hgdj4D<BbvK%o7D#G$)Z%)D-iFBw={4n(AF?~yFW+D0HRDX1eX0700fNDI()
z-x=Rp<V{*ZUjC-s!tt@gml{Tl&rK)WxHQqjDCFheja)#bAto?(gmFZC&i~IDM^k&@
z^`@l@T&n+mVIB*-zP`Tyu_^+5gDIvB1m-4N8tgUK`oUSo27m0V_F3LC_oMy~dan<9

diff --git a/docs/multitenant/ords-based/images/K8S_SECURE1.png b/docs/multitenant/ords-based/images/K8S_SECURE1.png
deleted file mode 100644
index 292c9335d1ebace9276875171c30c70566174673..0000000000000000000000000000000000000000
GIT binary patch
literal 0
HcmV?d00001

literal 129940
zcmd?RhgVbIwg!r5KtV*MNk_3DRS`iznkXnudM{E!54}UE3Mx%SdIt%;cS8N4bO^l#
z2t7a`bOMCH+njsOy?4BK)j!}lMj&Ko@3q!kvwq)Peo|JFr66M<BO)TAc=P(DDiIN>
zI}s7_&Setdlg?Q~c_JdRX)9@I<u}sOY|2jd=2o^~BBIxyqGL(b)h1{qH@#OWh_BrE
za?^|I2bHAUO1eC$%9S^4=|AJHtJ~&WjhNL|zHtF8N&1qSiTMIOxk-!QW$hBmj<mF}
zAP^(xuK(M(_@>h{Olm<Ce5|uJdurcq)RRa#u=eH~5(N;OTGGAnEu2Z)uLqAD-(H~2
z0iHxG!29;TaYzX1#h0+Lrf#?>QG&L;uF}tA9O^7TX9vX3LZp1>pH3foKB_s*mqt5x
z2f2xqWpBV+%D6i(p<cxCz9M_+;Si{neYkt+!CU?WkyR?1x$u(PL>~OHT#6un+wk%D
ziF)<B*MymjZ5|ulm3c;I?4I(aTlQ8b`LdZgZ~UzBd&L`mSBR)Z{wY{&`l&$BJ289Z
z!z-lGq6SqYn~}X6W#*uDk}A8~bnl6@cyjA4l`>_9>j4E<7f-M-zALIF&x8eR6JDLX
zIeSCfbulA5{=u$NoVobegV&`(>;fJMYA=16UL|oW4GWN)HGUo9Hn^GI5q)Rh{OuDh
zktnScmckNp5Ywv@CS&z=0gF(R7uh;7Ec5~k3xy@}OE*3rgG~I2<LiAt&pZM9t!n*L
zS?|3m1LE*P_YL!1FSju1ny0SZ28lO55g#D)dlM6TC-yG8{v2P&mex3U;_K%IosL%F
zav^=kV5_O-Eh`f7X1Yu4toJXIRyAK4C$jKYPrRp{@^l~!ce9f$mqR1&ml?Z|QuE?R
zPfh2zs?n+{B84ebuIzm8bf@=~$6HSXPi2VKdv35hw#6JU5@owxOmlK=GyistXoT5+
z)FVYdK@2SY*2kFW#*tClMT)eGSN$KByj*j>RMbqB`|SGr0FLXFv=>;e2P&|Ex|=ym
zt}O<=D4|#<&PpR*CnasU;c!(TKy8+(=2B6Bk^|#&qK0=w^+fEm%(sHrE|aRTG5ol&
z`a<Rl$c(&{&Ao$;Eci~E2gen;4?n*!>4G5sWa)QusPo=ir?aL<^$V|%4TGkGj?-?h
zJl(q@(_$8P&8D?&OFs@&KF9Wq%<yvdKk{=-&nRbzW1BU$jB9R)lNtrtw>E5%dr*Uv
z?^0jP3MqS8syvhPNS&AybnjK66iwP^6^$G(b@DuBSE`Xv1{vr}(*XeiD#$0dSEOl~
z1JCzV_ZarfT^=5@)!l$zfKp9|ut@p+Qhua+i#&`xIOtRB50e<<oyWi8tb4BXyy}7U
z5G^y)hJxQImMD!A**+JffZv4E!|9OzkY8@b_|nX0OiC9m0-Rev%+=Iz>x<h_Vjp3-
zix`Fc@%|6yT(_${Bz%Ys!;B*N+F1WdZE;^noom0W9(beW!*!WiD$VOvH?LjSy)1P3
z;`_%LWCQP4WWw&iZj9ZK|G57%^k>LVp}RNVq%JBXyuJC=>CL?#nLoOJh!4t^aZV(y
zD=OXX?$qmex~RD$w!=vF!9-#E$6e(z4n2;_@4MgIzf;Ny+~c|zans1EP&HmPQ?+_f
z9voQqm0!>Et5bwi>5k(PV^^y>@krd7;*#o^a(B*yT(MylnuO2ca&dC7F7s$<PAzp3
z4adB;yv97Ak>?|XJhTShiX-7dZ(>^}B#k-E;0Hy2sSA}zNQw;K57u<|e%WF5k@XRi
z;h6mB++<A*IPF&3)obiQrO}RIjv?DtF$dfS+${x)<!ctM2(Mysy=gUrG{dx+G+#YJ
z6p31^7Q2BdTqdfGU9kdIyX?~oPQVNBSzklI5N^r6i3X4G<Lh|cl9*b}_oH%!1l_Sp
znM&6RLgl?l?+SzsCFYUKbJsx^x3#1J`oXN#I?QJm_qCJ}XrH=iSv-Bu&1KN?$CMaD
z{}laV)naLT1=LFkUB3q3pi}mX85g?Qe!a_<N^JR<US#}nj<Z#y6)$s%J?3k_Wwi=?
zz}u8+L3<&*O|dQL{@Q(}D5fZps1O*n8s$(HOaoTkQ)13t?o!@hp1fRA8&un0-*XZS
zvYoTMT{dnr@RamPyJv)l(nu1EeAzuDKeDW^4Ds2R#<p@MuXAllzqR&?b2S2ziXWM5
z5ota4-@nMHktmtCFUTWU4C#e<R)MRk*E!sL-E1}zHVh~9#>v-l6DZd-;rGvMT`Zjs
z=T{avTnpTpocLYjoH*Urj0be)3VI8=`)*nAp)32clO*b%)tS{YIUlu-3_hLS|ALu)
z9_1P6NxHlbUxhnPb546r$7A1MQE;5sil>8E-t!a>29F)Fe6iHh-f^q-*7aD!QA5>Y
zD#OhNgL*CR>f<z@6DXOFh>r#|6Dkj7#joPCjz^Bd4@D1)_v|T}FI@uJQm)KdI(sDP
z_PtJ1n_X)rms(8gNE=Lh(6ZbzI2&{Q+1*EGvK_6;naYlqYPT*gyx+L&O>K9xQQ!o9
zG=4O<+r2CiUh+wsW`N~Qs6LY?$Bw~wt>Mue(gE1O&Pvs-rMRDQlX19G@zPhN4UWzW
zn(YRmV_|f^gdWV^G`X2aB|~?}J6`#YZQ%A}iS51@Q6IYL40V3ga+nUR{^|;?4UK$Y
z{LLil+CAuUuw#BrW@pmk&f<*}A$y@s5GtxEO5&~q74?;rtePz9tgEoPEbMFMn_ibg
zKeXPlSIJ$`(3RAEHHqIV*-O~l4jT^(R`4-bU4B!V_sqb@_*37vCHcC$wBLN*Y^ug)
z!DAv`2mKh~e_f?Kn)FJRBn#uDb|kdZXp37fTc_+ciD5P>D$}n&IVRhsNz{Daz1@9e
ze9!BiJs8Q^pn=icFElSM(!W^v#&D==^c`eoGC==qDhTrtGdM;loAH7U99J`%2vsav
zp_i8T{T9v?4H{J&1)3}}F>Rmi2T-3IH^$AXtq`zc&`DtahtUteKBNlm3K|jmmf_zv
z+p2%qu8yzOxS|Bt1-Gk2kz!S>+^P?|9<HHolw~?TaJFdatA^8V)~VVW>6a$f=rzKt
z@7DbAjGRk>c#Fr9$=k<zMnC;-6K&7w*A&}S?VXBlJSN-t{LkmNsL;kHy;Y+LZLq#Z
zJu6(o`)ugqW70{#cLZg<LLCEbLY9pFkoTkc*$=welatcAAyuO-t~+(<t)D_fBM+IZ
zimD5WZQlt{vw&omWK+-L_7;*&rP?PW$|J_k%=Xldu1tOkl*w^?weUKsB)3|)u@+-C
z+gU|B7DFYWN6>ec+f<*hsvOcoTt_S>(@P{eyH#imiumyE>-!<+t4PrceW<!eXD`}+
zrG>`w9T|wA`s^gUCpLC+xp=jd48aDFx@C{T?Yh=|s-|ZrP8qGGncKlb;mb<szL+9U
z1B*JbI>hu|t>-E&dbARmUJb{-MAagr#)rIP{oJ<<+ZwcR<(rXW9ng=S+FKuwa}G;K
z7xIjHeIYBZ>tfUBA$P)?#VArj{V82jr!W5b7u@%qio<wp`J@!GMNQgQIvGLtoYmvD
z=VQU7GkDkL5}%^c>0St$bxd|%hQ#oVQFznLiOhmxuO7Y{k~x<di2^q=dK+y?Ewr{o
z7DR5Onn;K->K)MIY8OK%Vq=P>j94QqA|mB$RI!U3{x7JN-dvb<rQm06zbJ{h<X`j7
zx-o^?axMAYw`RZjTzVf>rVBaSm)J;JKI#*7JutuiGWv$zvka9KqN;MWm8O?5CKjSJ
zp~LUP?*Cd?u>W#&!-AwaHf4Le6t=z1H}bj^_f>d#dRSlL_Hb)Qq5_NPKerEWCyOT=
z-Bx>YX5@8(CcDpBLVBiucFCoJZt#8WPz;doYJ#=jm@6t0aRToz6I}?gBDw^;y8yfx
zfEN+b#c#nxq`>c+!0Tli@qez8x~E<I&wJvX^Dj!NNxyjm{8lq{0)y?GE$v;nKG!Y-
zj~cU5*LKlXR1h(>hwvJk*_(iQJs=L}w-7z|5CPsoz%IsY9uQkQXAuvvJOBEI2=M;=
zW4=3V|N4rHjo2M+MP)W=dnYiPAnzmIM|Z@@*x1;fJDHh_sJ@i>_wB%6Vs|WETpUFB
z_}tyydEKAz+B;eBJr))g=6l4?$Is6Le1pf?)6T`%gU8O9{l6aapXa;;JDWOLIk;Ha
z+p(QL*Vx3~)kW;io%4bI``>@f6YOF2KO@;W|9e@$0{PCb@IB^z#P{FN25x<R{;7zv
zl?T{X=cN?{5DzehxX@F9=l}Zt|L4m8jQGFq)c&749}7Qz{J(GgUzh&hw`w?pouus{
zz?d%L|Fbp!zWIM&{P&H|`OcUAzeMq0a{kw+fS|?6p7Z_priqimXY`kdh$M;Lyp&S+
zxUfD=>Y@JYxP6=Ma>M%!^@pl7)E5{J3`-qoM72xCY>x6h8mhPscwhY@9xn+XR;3~5
z0A%x8afNyH>3hl3-9(Rh^9hQ?FYmu^9&*FIyOQD&@y<Re_4vMrG2gy@v!=duU6Sa+
zAAbb+@F+hws*Y&8?N3B}neC51JT3&nuU`7&<IV?5Bf5NjiihaIr~7yQ__*`IF1gcR
z{L83p{*o82v(@MkDcw|j`IpsPxO5rIPxALg6SGM=R1+orC=hUz-?5X|jxy_ntCp8B
zBJX^G1U%JqpG<1{X6xOBwH<4T`1AC<={^eAB-RLa&a))g63+Bf(?`w4mdE2h=<#!t
zpY1H>ELA<B3k-LRRHTsjPN=iYXT}-+!_w{S)sn{}%7Y!qg*9th)~-Z>4!ZdAc~p@V
z(}(x;AS+4X>2R}E=L#<^yBVtojj5K=Mv35TpR)cgF|ppdaD4Yza@2jsZ*DqMPlj-o
zyKt(pLvcRcCU$6YpQnE8!&Ou!w4;0bMj^!!#B%}bY}=Oi<7Bkp>W0cATz%xSUT-zk
zMiPQn_g8kdUhx$he%q)aqZjQ?n#EbT2Zfd8$9>4mH|eg}(w$AvKwHjQ7#^V>iV>MM
zqH`?nDa-cLFCAmm`Z;*e@3xvEI694V%6q>3lWH_ep3Zx3Kz7K;$Y=YNl16Hw*FVU;
zf5`d9`I=73#_Cu+W&;}RT1kE{P-@zM8gADg>W*-eEq;8y%By@;!2<*MX<ZwONG&Xy
zTZLObq`R-J&?dIhH+HnUuSjPyTjs+zx4o974NN@a#&Ra*7Tyk7iv-yTO(5w;N_P`A
z!?aO9vyiqe$7Z5UIzB)5Cv@W0zPUuMiXrSIGCmWWOihhG1a61aiz9W%I4yoTrA`l%
za2fW9P-vTEp4mwkKsy0B+9V#}+~DMr^ZR-WV{yTnT^B>ViXL`XBL}9<ky#-cRn|);
zO%i6mMD~vR`YNeEJ+0`ogml`5rA!uNK>ZBZoAQ0l9FOQiZGSCijqYaD4dj(;PqIw%
z`axe6@?f}B4L-P|pw%O}Y7a1?=s}h_h;D;dWy9W}{Ad|iK3_dom6ti%`o?c<nM0fS
zu?6<nPUB;FNJN3PI~2}s!bjRO{*D6PTgqVHQ-$_3T&fmc3VK-%ffqO;Y6ZPrzcJ(O
z0tx%>RTwpif|4`e>M8r|)%Ve!c{|bF*EGd|jV?)SG_*~0|DlNUdea0t7z*SWT~4kQ
ze>N}VcE%ySH(5-pliF#+W4v+A+jq~pX>E;<PG=J}rb`uTz=YdTz~I_NntWnIlf<6;
z#A|rC##H)x7v(Zf3gs^?Yibm3R#2?MDdHOjBJ%Y5thKnoT6JvMUF4Zs@%p?j^bKP;
zBU>DyqHE>^noRKSP)+@Wn=SF<mPo1V^NM)eT{R+3+9=*VZ<u5ZNuJp0?ObiYa`wpj
z)Lbw5n{{N8DmzqT!5VCPxF24i&>8l1x)Q0Xz}xjmeRO}THt|Hfi!5xE7X0A2ss>sY
zE?=%Fq1+L2jb|PbBpNxujT01?>6u=6A{E4mAUHHqB*ZV{yZ<RXXhvz``Nc==-<Fb#
zr);(dwOJ|qIrM0w*!P!OA7Tp18H+g?5Da*-GJB^5oT`wUEAP_j@_2>w$$`Didg*2?
ze!F0afpwCPBUMQc-EO%u-r&8ZI^@eaq-lqX&l%FX3wB7vz?K^4cR%<hzMYN}S?Qgi
z#SLDCA0_@0&s0YrfBo7$)Yj7d#D|&DK*mk8Tf|~DIC<4eRppV>>^_A-n#6|pU3Lgv
zq2kxJ)OFrdmjG0D067!sSoPYqh8VkBCF3%1Z)s&0qfbwz#dFl~Yb+`nW692|vt?ha
zPoXS9-f^(hzJlQb?ZIOMO@vpt-a_HinZcrJdbd1A%H6SzEnHB4Rla!m#bk@{8~d+d
z=^JDb@oEb~IedfoA8(?3lr`eZB~A}B_cu`}`_b&Ttnvy96+$x}t+afGwnH$*@>nC^
ziHhkQmCO@CWVL-Y4&{fcbK6*peVdvRvvh{vY(hFC#4O%Q5GwXJkYnGXGEs;?L5*U=
z={)sZ6GlPX5)e7<c$!pDpax7Z*ka#$ih@;qiWOZsW>_Bo#Nv1(mPgOLxaqXcK5DYj
zT4VAoagb}_;_rhR=rx;7i@{jw14Irum2bv`ooX;JP|E1cApnMKGO}uNwX@u{v$vL}
z5<=1qjUm58Q1o_1mpl{_EQ688l#1|5KEGpJj@rnKPh3x?w^E}%TO|Jew7Y%6ESBKD
zlm-^uSv!t#F>+3I^}^3qNUpx7`|0H}EQj&*WfslQ)G?C%7RsBv0ShiPs{LVrf+av4
zThb&>uQi7m#hYd7H(SKmAmX|)df5T;1aUsNRa7>ivUPOI`6ESLS)<qn@#Ahm@KwR}
z$;xh$YfP4K_suH%Cc@~qZwFV`IHVox$-h7B$lCczzBe;imv{EubVBf~(LuV*K-{+0
z)lTD=p-6R%nD=~uTR#5eM7R<nt@^oFdlw<l)@?9~8dMZjgsL8(;_@l0zK7^)?_QKc
zhD43wkM9tkxE=|@Gkj~sG?Q2P3nKHP9FH`Nc&h4X7Pya2r6H0b$8Ig?P#+?GT|EKl
zdSRc>4n?>vvLQr!zAj8Dos<Ww`o762pfFM2?<vI9@)Ou6Y2w*Tqh9?;Dmj5@*4urZ
zPv5*k?kpZts8czJe=a@~Uotu`A6xSM%*IZl&e<=Pv3w4^K3)p*?@tnT=Dw`-!H%ks
zPYd3&`q=K|z*T~}#<c&YXsw~J+84sF0j@&Z&iR<dh}tcfjN94A3RVGbM^kL=CrrT^
zcpm~U*9hK+N)NT=L{z_PRYK0jghWh-D2en}dVa{Ic(AW$8JVQsdaYQat<kxCB=Ui}
zcw*Jewfq!w*Nu-f2R7M3kcB47$`6e0llgY*82u&z^GY!n6IbMN(c=#$G;!DXq(iP%
z7V1?`t_)<dll;V5di(P@m{#rWK3UJ>qn#wh$`U;g%CRK<&bNxBTlG!Di0UTZF(7}4
zJ!a(hj%rH13JCgmA3Aq?o4zQ^bo$xmDvU(yjbp$7`axki)tc7jP1T>9>9{Z@LhSf=
z41?~@MV<nu)p_10e$v6-+EEv~UKX&s7$?hRO^NaKE!Q^tKA<a+$ny1!ou2w9Ie%@m
zZqtX{9`0MRGsTL55T--Mt4I@&vDlESYMQohH*GAZg&+F{9XFnxdNV$HCwXkMI+#^u
z)_D^!#JFjvZXUNY0uEWAQ$C0w>@0Odetx{+w*89^&si}Ish&2+&3G3#X~GoZP3qjb
zzCScQBW(I@)M1KtU9A>;3C9zK)iZ0cHVwqBU%RGioe6chYT1)xMt+cJF0HDdYa$)g
z0;ibb3f5PaO^S(v6K&!2+10F1%)<(G7R*0+tlain2Xcx*`zIb-??g`z7YL=1Vh7qo
zZhuI4$?_y)g5X(G!(FDlHt*1W4R@tu(ur$(^=A*Dbn2_vlzrW9=;=5}l&dB;NrSV_
zKOwPltjOuYfW1LgPKt(JI|xb{$_MsR!YEg-=e5oko`vln^s8t<mAU&iw$^nj*UMMW
z%-Y4>oLp`6s_S!^Kg%T#iVmE*To}$q6fkcyO${ALs)@CaaBXIY=fdu`iu>7>$QmdY
zDCj@V*Q>3VUJ5Ln%X<0grnrrQj!ihDP!*;4A)60XD4*IteRiq?jgA+rCGPFk_m0kO
ziDBwc`xql0PGkV@iiTiOO|%<i%)27P4dT1*px5y9mxZVAA~8zuTc(9(oos4?yx~kH
zM}R7U;xm7epF==dHX?5W@hX%7T(CPA4Vf(n3pjq~-9VXCIlyA4_G_(f_wH_y#qd>w
zhITZJ_i(?7Di5jXM>-fpVM5P(kEt`<&gW_>e8Si5LUDV9XtPX>Re^@M;`sbk9MmUi
zI4uy0y^1|@%OzLeED?4Wph$>2^<7C1Nl1}kU}d$Zy07pWL3CB{<0xHt`DT&bJE3a^
zc7AnNce49lGe(^`o9@!1VYWkb-!&Qusm@0wj2Kcao{em7ze&gt9^pr<iDRiokB@i|
zGN1;cgJMxQJE0;a`#9R>_4&Sm2fRaCS+V&GUO4uk3s~L3ons9-Jx_P$wGdkOS`iJU
zXElM9P7+`Gg~gB~rT>7eTIGSbv@z|Ddg|$OvfW+<?v{uzoz$dXyW%cbPA?=>rIw7z
zF7nebJQ?~v&CttHF8F~}f&fp%o<M|tZKsb6`SzzTCCrQM>DIM@2mF@W!i%H{TZ^h=
z4-8Uuc(Mia-qF>vKCc&cs}x%aL@^sQ%;8Gn)?DZe-w3e;!)<IDL{SNyl0%yI)8FR(
z6mCo&s3lFWi6%^}d`O%=)V6xV7zM3z|FN+6^N?b#&;VZb)UuzApwZ~#iC>76SYOGE
zJTPrC>-^@{^)UNVA|Cgo?^&z;89LQZ_t$5djcSzdE`7yufxm5QFa@M7j9&avz9a^U
zn?~b?w2!x1DG8JyC9!>V(Y2gR{$WNRm0;}pL^-rXJHQa+7D^ZCTYU9k2p-r?#&otf
z^!BuT@&}t!xp}XTOmUf4G{sc9bV&d7Vc2i0M#+GiA2*7ZjSW=O_70>MHf{@5Ix2rN
zn63EM?UJus_1-UeE>O0*wpqhtpxnGkw`AmPv5#Bpj$08qEG(h=SEFNhAB4dk=?<&o
zmZhs9z`ygX0<<1Su4I;6YaTBbF9)x`)8^xmg0k+<J{B)@M-59jJ@__9Kg1Rm6*_u<
z!drfR3u3tTY?dgsmv$pQQmCrPgtboLjp7CGl<x1*QXW<-fi|Vzli`D~MU7GGUqZ{{
z9X}OE)8yWG&z6W?Y)ju~UJk5C<>|WRF?5U%;i+Wtd%Ih(+4-3WzWi{7`uk4SXW?DH
z!0?uxG#=3;joPbdQ^Y9<e`%8vPIN*|H>LjQ2}fx}B$vK}&lmE&$b_a}eUO{>AsW2k
zE|wxSSPf;wCg$*23s{A>u{yre#oQjwdPm(wZO-m;;x`Y%@xHjJH(DuH7z2B+@r9$p
zY&3R*x5kq9nM5y0{%Kb6XV|jcCUJ1$lw*<oLeZx$k255FmA_BhOrCAtv|6_wfiYu!
zYB9ExYkp;o_Rq@_8U!GjsRz|C{Ou2c%?b0hKDmA*b%FRdeyJEsSJL)TIRDcToGWIu
zwqV|bmM(T%xbAID?)zw-sUGkm%B$zXX>IwKKxFky)R>MyX3r$G*ZRAYBQS5K#O0D;
zJF4T_j3*l_*f$C0c<ES>Hxh+txi)=22EkqoF|)5JIBuHSTjH6KuZV3ogOZ^x3Gr0P
zvsN+KeKwDtP07Kfpoh!yj1lZC<qn}5oAI-O^P=mAUNjrpxP@rTdk@;|mECujdkcX$
zu*#<xko4`F$+59~g=(esq?iFRn%7{mD~1PS6wdIJAN-5OXRGDB4$ardkD)vf-|cxK
zjyYIPw67xPt!cIh#H|dpzQr-E-a;oiM;Q1XExG-o(K-x!r$}D7zP*(ZPxDV`krv23
zNU#!u93@SBE4m>tv^`=-(9YH>Hk^a+F#i@z2_R-K!M!&4USz2|XUKceX$Cb!mWmCm
zu+b0JMQ7$s@bLDR&w$ECLG+(_efQm`1}(0q08m9LVV_U5Td~#KZ9#5yNGzxd9Ifg*
zO<$CP<$Yagu$oh}=ZffoV2FS5RxO6gkK?mz__UZ+Mo8RpEZnad*~tr@P^}+ZWQs``
z%ts8ggVNLmvYc>VdS>6*fZX+}?I2`VnSiQ$wA8fyoklRuEkwP_NZ)NWv8k{!(I8Do
zRYk^HdCzeS^>yu#-%)S|B&DIBG)Ypst{%NDU!`Ls<m#jqYwVq#Z!|Pw4Xto89Fnus
zaP-D*qM2+&6|W#6Z8DhkKwl}9gJmh+oTDQYeTr9#l~C-GCrp%dU^1hpzk2GZUwwcR
zn*B1BMdX>%6}smvYp|BaHZfMgbL&uJ_+EXRw{`o0g_nAA*=S#KK3xC4t!(U3L0R#F
zv`j17wklD7%ic0OSp2%Egl(Rc80B7sD0b_Dq9PBlyy-N?Q!!m5>gN)bs5^{aR$_2O
zC2lz&lyD%XU$WinY=bwA(QK<CuOmULRkdiJ4MVbfdU`(hVHDZ5#xvlFI)U9=!@FNJ
zz7vo=;D036V785|Vsv^-mvHQ1lm`9=L)7_Gb1)&+^`Z&wP~ZOkT4xJ2wv9f~&Aou~
ze&`qk1vzt0X?f!QwBYH!^R(POo&=Q&!B>oaryjQ@WG;*Ou2lY5a<8?@K*iOJ%D`8V
zZ(VU=1+-#Fc%^qrwK<7Ln}Ij9FCWr6Mfuj}N^J;Ob5qq_>2!a|1T*hDn>InlP~)8p
z%N!Fc4eI`O_Oq8kxzaYt*Yv9|>#bSh!AO=H_Bgo0oar@Ai>BJyEo{@~jk)%&Puq-!
z7Av^>iV24WS|EE@%3*=-^m`o{BW?+tIv3OxJqr-XD##PX{es-2%9A!m`@Mj98ZOO4
z^q!#Qthvv#GavX$MyP^Ltv450+gkh6gg~7O$dUY^6kMU(L%2{qhp6_3n)lw|W4UO~
zXmLy+b}7M5B*rvktk?bb$ly+>WSe?DcZFQQKXbevU9qB9e2aJWM>k&MlBW5K`zmC3
zJsiJuS24n7<GCzq{WYS;%qInKQ=`jIyC$F7iA*py=~&B-@?tJps%hDl<M>26?2&!o
z1H(<&V&UN$x9Ipt=@1C!TeJMGiFZ;WZ`TpWjqIM@H8XOPif^D16RK%Nlk;Gsbu@>-
zS%z4CyKXM&XFoVz_XFrk(+`b&&D%EozUs?MG`yx;&U7zDH;-lLwPX%Q+r$|6P*~yO
z1n~nNp%Gi2Se;xq0f+dI_PXYLIb_|E?Pv0v%m<_TsIwvcX7nq%3a@66-yIr|8kL=;
zC7n-I2Mc3UTS9GEi?ChZ+FRb7g^SDS_^XamV^POE71{a@V#dy&#awMQSbJ279;xc_
zIv@laekPBRVe8j?nC4Qv8Re~X$_vES%kqqFMaLY)MQ=N1k#DU{w64VxBMeCR%8QG0
z(3J4vg#~G$tnG9tdIHnu98O+ls0~kIR(Z1EtWGJsc-@a%@d{(^OH6kwdyI}KAo21<
z^|C0+B1@W?I4i=bwuL*~s_8AJx?i`hU^m##3-e6K@Tp?49AU@qcvA>HE`{})T=DIH
z)F;L&q&pxiGM2m$so$@HaAjWU1Mj9dPdnRnC#HbBBk{(+3Q^pphIH9Ft`795*3-uO
z`S9)OQL&KfsKg@S6VHi(2)ZzDu!jsMqL$S|e>J62@Aw0~+YfKvy-iHih8)h62*m#s
z;`9R_P}as?`DS01!S8DXBR6?N%nZZ`Az|coI%?q7KDWIpL2{*vV#d!YfKXF36jZEP
zVC#s_mA-gpFwumDAJ`PIF8SK>cY^Yo;CFlZPgr6M1MpuAv*C2=PHIx_jxGCVqNTwo
zGk^Ttr=se~B5W^~^k#9gW-Ic2RYMd$pldaiyX5w6Ro&xFY%G>#yMmDwQHNLeSe=F4
zM~!VW4o?7O-Bq1B9^HzP{Nl#Rn^aUA6BemY6}t;;j5j7LSg&8guNtViV&aFpdU&*o
zk~DIZTS%Rw_fG-eF<#@iVA~$Sd>V3tY|Yx*dnC8V2;6GqxfGo~@`_N<v;8ZS4xgJ5
z9gVEC(K=(l2qp=ME$<WQ_QGKye2s@0Mp=&etjm^UmX&V;Oqlg9n3Meh;?PKo>+bKm
z`#=CQJvdw}I%Q)&l!Gla2bBqYuvxNwF63<Q`qo7!J$hQ8iNc^NllWuof!=KDJ;q}N
zM8n9}D9l*h!*|iWbY>6o?Z%)(dp#r5&R&&1nceRrmgqCO+6<~8*(1(FJ9R~`c)GMB
z+~Ys2`B{D%rY+Q3F6t{Jeur1xX+2a{U9`5yf7ryXn8|E&RyIhNO!ubyZH$TES_qBi
z00>7@fr|TXLR#aT%=oHZ?Y?F0Wwr0<pWDOL(TP!oFmDq38Vi9;OUP%zQxk~AiA}k!
z3|hwR3wee`^-2gG<J3`(PP#g5Oj&cyXtSuA6Uz{(`F+1(b@OrBcJ0J8{vVzosI&D6
z$^M5%u4nnNFfC1$FPibl2gxp~E9R@ImAr8o!rD1Kx?-t1Eyf_TpbV?1=(&9VLfBEC
z(g1ZY*?o(urob){w=dv=h4q;RWc3?-@LRr=WVaH^-^(2@&(<CU$LF)_2xD=(g2-B4
z=fmyMXo5hQynf7z``CsUMv$xho!+H``&%pS*!U{m8syUV3T{LL1aZ7VOf^L*_<cjS
z6D;ZHq(fL?EW59EK{4RmS;v)C(MW2zVHJg@&9=9<<FV~>zxTS=I~W7*&`;59IK^5$
z>jb@za8XOM{;Wqv?8#GNt5z26aG@f>jseouc%@*feh5}Hj)iR(Svnd|tl%}B2atM*
zB%sS6g>q%Ir~zk%4NbW&Ci7eV<=xp8>WNwGDLcC3_xS$5=_Scg(80!qJRJ!Z?>`ex
z|GH`>?LTWL*gp>XZSM7-3mrB9LFLKQxBYhl$QGcedPx}Ie;?nIN76y4_?Ixt?|1v(
z3;sd@3_l@hO818y`7a2ctr&C}yIlFKUHZ53{Lh85+raRQmg|APt+W1fVX=~^WxAdg
z?eTZ{3j#Em`NeR9zssqfmaQgnY@UhoKQjI;2hkA>3~!rOO8$2_jRCaZu5Qx8-zmol
zfcQ(K5O9<Fk2roi;~iZ<OAJGupZ{I>jKJ{a0d2g0my;nmpd~hr5h4GP@o&}T|L;nA
zJvJPAZlRy!nu94AZCe6CRVKg4@>R1wGrROlX#%M_lg4<ZO{_%QV3s`OJo??DU=Sz)
zfJ5|(;~fo{Z*P+DkX$S;WFIqDE#kVSy*+<&aPJ#U_is1+x+LIou1`(-9Wc=ca9>e~
zd(;Blw-}U?DHHy=ZWB}7WM|*79}~@^H#*~shu8o~?{U?YD_72miNq%s5tM0yw&VT9
zO(#3ug#hZdiUhGz_iqejhEUM+|D^Vz;Nj7$s_;9*qud7HJov!dw}T!YR>!ZGBi0Ex
zR5cKzEykPlYn|NoN3@Utm}w1oWBO6o_3?rGN=b3XIu(4IjrgKupPf#6P5a4;PJrmJ
zHf;+lt+W|4*Ul!|1kf2fI)Eo-;RWED#@<9B#Ekc5g95(MX-Q6W>ARXw0~r%(<8+;C
zId&Ru@yu|AZeJ~6w;UmkEP`W2xYS?@$7}Dd{^09aY@G{XwKIb5Yy9MK+nj;K8o0%;
zo-_g6;f-qJ+kY^|MG3%N9c?D{-?@}Q#&JEbS-)aur<+f&*s!7C#RoE&|MFK^miWe1
zV19OQpKrfMHR)Db)6&sd0BF)~@hJh1Y-jaLy8WdFz=Yw;2{yL92~S6B98E<R!k!eU
zX2}V9?wBzO*(CvWd#_#H>V3a@wvX|?CEPyB4k`hvpvQdmTQ6)TD{>#I9RfpC{rvf|
z$qqn@4+dmej|4+Bc__g*LP&k3s|PGR-^WOtoeYt}M%wc<@{b!I-bzSHvQ^7gss!p<
z-B@0O6ZoW7fp+QMv}@07bmOBgQV3nHrRP#tG&I=Z@ECwK;wOcm$1aS|JxVD1gGoFp
z?K{8SYfw9EOh?hwglh&<vSKl)M7;`vPQ)K99WUz-1UN@@&gI3LW^%sz*>WQqfs@%F
z%Jq`gYw{9p8LvXubF))+q`Jloy?ZAsZO~)AagSR8NJ5G=N26*JK;B{-5t)(VYZu{N
zNzk3n2Sc%#*1lxXLJLHScs?$Gl%-@KQ#P^8wp<q|-xh<at#`9ieb<6Iq?josPD*(6
zYx;{C4s`K=0z$7J0d??Y&Fm(W>zILC=e^h;ekf!JP|6&o?H_C)p^uJg(JAG?Hh{+!
zTNV@T8z)F87|aqFblW>tohGfa<NI`eWGJ8jGnrZLOU9HJZ#Lj&t|p$dZH=eLn5*3;
zM;W&B0T)Rp8SU$DbT8Wm{XsHE3jQH-%jHxroUeC8G(SN+U$_V-WpeOGG*eKl=QVCG
zwCl;qeKv4t0j&lY@YoMze3*7<r8u^fAnZl?jY*Kra0Y4IQ<c<+&rJBHL*I}vqa6>M
zc-TZZNJMQUIrnv5AE#JTeYX$j<F-+>Vj|U2uMkQA<OYz4_Qmx(T`U0x%$dM0uMW}p
z0aEo=c#}-E(NPew+?$95q<|6n<hr)nvxZ-aHByN0Oi0j$j%ug<)|CVOCM{HK&egNY
zPjtg1>-=FW(Bsu?sARQyZ^Ef(-B;LxqMY0go@3!jJ(E+%ZC@43=C_En5plpJ;EK1P
zfty|=C1q~awi7qGy9V)qha(&$+!4_go_kMqQqeildG%Vc^XbWv;Jap`vlFB@w)TOK
zYw%`vidP=9bI)Vn&z9hR7O$0b`cd=&9mr&#dme(U+SpB}-qU&~!I5wvQjQiRMQ;B|
zQIF)=yk6e(tBe{2))MDW4EG8yBK8Lav>#y5Aj_FRtUb{H_@Zq!z7P_%pj9ZqxbE#4
z&~Ox~WCmN2EdbUy^LACg(dTGyza=EUsIF_T%T9RyBl~(cU(+5UM&rN^aHhB%ImFS(
z_W@y*`wDTh<qrEN@5J(j$}`aGYr;SA`IelJ=-2mkAW_7J3BDp6&dWWwYZ%{c{eIe#
z7jAMmwM>hvVasUrmTA(|)DIJN^Ix#T8(ne#paz)M=Kx2zQQFS38=#_rU&}8(CbF-P
z9?sW7VC#34&XV*MTc=7*Wrv2l&ixag;zEH1GMH8jy)SWg6zPX82>gfaI#*~FU?K4=
zTon-w(9z-6gaeP!0-e*tgljtV<+7~M3O{p)cz*DK<_AQ9L8-~B;SF`!Xikk2FR@mw
zEUO{dsaVr#R9xIj_JpSY(RVeaiOhJo+eTT>aRKwS=UbBG6!V)ZSIGYmveKHbQ0LBK
z!!+0-$9YMfb`}AmLq|0&HdRIZ$%(X2`}*1odn6Rq-f1DyHQEXT{kmqMt68z@t&|cy
zE@WUacCD7)+tR_>TLpUia`d%c*9rpz(w7G1`6|1jxz6!0+vT2kUlCJ9s{&QH8$@*V
zN7Q;3SMeTVgJPPGD-|dytL=^ad`85;UDRi)%w*!#Rzq!l;&@w3e|iuQDFsbNy0}NV
zbcF%j6soL;dCF5Rmn`CXf<Ha6*jelZfYsQmiv8;233<nn5~q(8)29L6`C~ksORFgC
z)*eNnZGV~+twJqxT@vCC$(6DL=(D<myY>r2pf`-nv)k3~GPcd_TXbn|vmL-MoT$T-
zMcoAzg{CrPDdBi5oL#fbYUuuXXVE#yC~ld<tq-!JQ5b0?OL5zn9HG8U!IRLaUHtz2
zB}P%V0>z|f1Eef8{wF892!cGqNyDKQ2=D3ewiBHV4}jy@0Nm`B6dLeJiNvX799)+R
zwGb&{8{tATTY$SNu6Y$o8?RJ4RR-?fGYCYJZBErbflizrr&+}Y<;JpCO6d#&Nb~24
zF4DSvg_$0?4`ej_dc7il$T~UviC^8X!7l{5PrLMllFvTmWKbNf1#py&*~Czp5L{_&
z0>csDe4l_D#R+>u;yL+5IVp&|hvBW=Nc*OZi|}@4_ar}GNUhV-pwJP3Wv{1)umDQR
z>A_gXJD&3<>OO1?hyiH2-V`z9F>ceI6}tBoir=UfS1ushXru;T$J92pl=}f5$pi?a
z<*u7E(|~8RsGfF9%q>hX5vg!l8}8(-UHsPnN=0I<*a!vS;&iFZjINnqXcA7f;|BrH
zhH%>w`B8V3l}12IQna4ipl;Y=og}`etKwR!VXgH@o_MB+k5ME0@B95E=V&<$Yv8e?
za79r~WXDfj=nE}!7gpB@mm-dM@|B~~gf8s>gJ|bI;dWm5I=>p*&MAHqhe)F+o&#dw
zPUtDF>1^XhJp|R*K$*jt_%yCa2jRmEq!)#T%tt<!bw*%fE~M5gH6k0Yl>%x-sRC0D
zc>v#DwgL?F#HGLMokj^Rgw^+Bg;h^?U~>uoSJQ{pQ%<3&Zn^>MX_tni?U7YH+SJ=(
z+Qk;9oX?mHT}~N<?CRU)5lq;T{8+$i^wM%`&jt<5;r~Da0QoPhIps#ki<L+GrHS`8
z<#^wVap@Zj3J=z1nDM6dOtLlKvdxvmw2-pe=4%#CE(jNq@pEeDL%-KD<T3$H-*-FJ
z?{pOv9iGoU4R~dN!R6I%YM&98o`eI>i8AnNx9L$D8iev#2nQg2S+z7FT@`rHYKBE`
z0u7`*E{4@}@vATVv1!}*w|nyZ)3Pl)fYUmHM2H=X??C|Geno<7D?vx6-lNp0(7)_B
zAzHQ0#flteFf%4@u~cIl`lk@Dm)1|}PFIj>xe#-;6J-%Fnnk{%znY{{c0bL3ldHIX
zK6_KcEuY^zD8u!s^>E1svKl{YU-Enp3dFioo2{_1S>ej_?jR5%mttD{u;5);U>bls
zR{%*RDAd$Ti>Mr!YvU<f`LoFguQq_-3Z9A0@O@~RC+LoeIikEGu(a0}&RA$ST}K}{
zFXiBVxHZ?9V!3eys0ksjSzyv_AciYn3k*2_0YPKoKjgjCj{{z?PBEwSH+)PU3`809
z=^XUU8HX_ct7QRo^o!1@0_Y}!X;GV{obyNCmu&X0PTpXbiGxvI<JXH6UcSXTtUkKJ
z9{Jn^aJh=bT!&wPY!t|51JCj-jyQvW{x-lP@54{f5@)4XsP4a<GEfsD4H%445_vc;
zsH2mUn;-oqAB|g!uU?b&pa;4s8i0h$S5y(qtSb;+2@8t}PkNf{>Y*}=1F*#%JSpPg
zHI%tMiV}!0O`UbFn1iZ^nBVsTN~V3h{F7$cS4sak`d(3@VH{kW0}peCIlJ#kF_VGM
zoXXXNrd^_}x{Sp{wE(8~QFLv-RU*xEjef_zBw@Ev9Sa>FpZfE}l@HnAU5%2VZ{#F1
zY$O~YPjwnEl3o)4Z>2yFCSVVP7v|?}fu4{9fIgov@*^yz(lfFUg;z!b5n~5(>(M*^
z)D)eTrO`q?z5TTjf;uAVzT(b?CO*Yu{))|L!32xOIU6T_v=}886T<uD)%9C;GxfFm
z>k~sPzK6!=xq3LW=qR8bV8Cu`{E9Y*bJY~vHEMyGY`mvZx?I?0Jyrw(;!us)UcdAx
z+})n>srC0{kNHn-{Zgby+(<y%*a;KA){GJbA^hvC7`o(((Y4NKY-wo92c}DHIPD`G
zF<8}ovoBIF<EVt`w+Kf-AcwML5FD<iX8Uqp6ttbxZ~h?7+1)JpK(k&uojIe{DJ7JS
z&yKHQ@0)?kz^f{UxfiV0M{t}PdE-EZHx~pY`*E-~!bLbtSUUtPze4S;*i&e{xMgih
z10E>)j=0sq8No3?1Wyd?6hirw7fZMpXo_<sY6ob6^!?5V?q_7vMmj&e1UId+lWFUo
z5z14N;niq#kx`R4)EoK?sJGUEJiZD@A-jNvoB4|sWP>EHhF)>`=bOrMcFl}Di7@g#
z0<(5d_z5}!o8z;EtKaPlt?*XpUM#-4Fi~!S_xG`Ur#JD>P`1TsD~%Xw{GZUK5Atbo
z-YMqRb8D))_QCh+tx*Vk%_FzMj=j|$8Rm`p`#8Gz(`60W{rU-TcgzG3Y6!#KKo&KL
zNss#W&8Mm;Fo%qdi>pE^h(r@;>}$X>Vn}jxb75iXU{JA6d7A)FX_;~Kuf)Vx?FN9S
zx_AFRpaUa5{hB(xrL-WG5%YNKrsI7KUXbgN{2y^4C)G4%5_c{8cniK0Cmkgbl`-F&
z9)~~q3cWta;8$0e1oMf34y|xcIz{)SXg2E}n({xD%WTT8L1arw)$C|jt{>U?E3WeB
zvV|MPbPW-7{VcfEp$E$`tUx(%$=!6+MEVcufMjz)KN#D0f+6)j!<{Wm(cTGQjP#jE
zVD<32y>`Rkk1M(^$p%ot<&E;EGp37EEJyHw3f^wwq#^F8(m(V$0;!nfZE6nnmg&dj
z-pFsg<YaSJoRdIQ8mZ0tLltx$43xiv$P^viZFWQ$#Wx!=e0a%SQLc8b5fA^6-ks+F
z)EWUVsHT{|j`x0Zv*XJ{m-gfI(3<GDKk3!^G*xIgs9UCgF~TN`LrG~zoVCr43!Mv`
z75^fYG!8QA&$HN%Ke4a2r)WCGor^*jt+I#yJV~XrW>R-QqtozS!zb}kIxjD|6uI{O
zbzx5fh=Je{zon!iYVoSEDQWkP#3kT3$8VhnkP`fm47i4kQ1BTVwKdYX`&M5CThUkB
zC-xUSJ0Rn(^1C3oO%+esjZe_eKn78Kn^*+LaPbd4ZvU!0K7W=BpuqaZ_BZ4tu^-dF
z@_&3C6#VPYviP8yCQ0IsE~1A-X@+rrfAC)E7jN3*v{K2x3jQ*6$1Ha1C(En3ss8p`
zmu`_iW-Gn&hv*Aza{6@+hZf*00n{v1@GdoQG_!P*n1P&u>Te4pgG&aGVefBDnX#iA
z^u`fa2;CX}ZSUJi{wB$PxRuia;eg?m^K|Nw?H;AsPh9Vh>mUCU2JkQKj{}h@IJmFE
zBsS0=2;{r9Y4&)ww9@p)Fa9Q$5;E$zS!_qGnK|vKRGb>YBy92f-Tgls+oEg$@r@~h
z>5_6{skw>oUZ&#FYf00WrXT)hG{)2%*ITCNu85Imib1<T7uw`_(^T*Mc@G+|ci>v4
zS(o=KM)YFQ<lGEj&p-m20_Gfl)|1QBf&o6vQwB}YT8g*p2ID=eZ+Xcrdo0(L|4{Uv
z8wZC1@sUW4sFR@(GP*ARk>^nCb6^Vw#?${S6E@|zOFIw;_nA6JLF3hr|ClKn?I=r{
z%9?)st59xqRR2pTWTB4<<8O(>(g~Lk#(zkgfLS`dVlyIfZ|7UJ*d0UkL|;?08o1Ga
zYfwAmZ<D-rX~)1p$aBn%@#~hIaY+{Ck))*Q8`IB!o1_$7hkMKP=1o+EVkaY69oGip
z0WpI-gW6v$p-!@q3|lnC-|nlu<tZhUML1HBG?g<A{p*0V9a`s7nI<c{2SKzGhZXwx
zIAsW&1M*egIJ+h{bYC)Xa_lBpo)!&ju7V()%DvWPhytG994|2r;?XW?cCr6W%#duM
z=@4p}rq7p|+|w{6FS^Tv7$auTV=x6(78o_nBmhie;c~G7eDplyv)zCfixRfmSq05|
z;<&Yj$}Qf)0mK^e&-*KaK#L>%a6S~WHQVAgqM<bb^dy?**#pS%D3H9xRrPj;mtm&!
zG`LV<K!YQ4uS@PL0zh8**YCjf>>Hl8mKFG@Nc2gZ`QSJG&TLYBk8{t@(dbNwA(7Zn
z=@qFUuNSd2KM`a<ffg^fVntSQpPF+p(tDbBkYu7kiG3t`1YGNya>szm8VMX#SO+q;
zz20Gh@!D|iX*pK7h4S@_SbX%v$pcYbU_X>!6sKdAxmF9n6dM30bpVwBV7_yltjE0A
z1j(~^nmDrk6hQjm3lX9R&y+2by$epfrB*z{swleuPi5p-AwIfaBg&m_Ayxf@aHOA>
z7FjwxJZyV~>(R;nn307I3Oa2C^l}RNo*V*#Yx48M3}r`BT2nAR>re4Lw!)7!oi1Gr
zBW3k*P}pZaFDaYi1p8XT4@N}cXkk+LY`&`UDbP4trDX&i0Wj*=jb>vvWV8`e8S*q~
zicd3CyPDiy&#ic9%d2eHV9d)fw)qV%TKbysPu5cax|XBF2J@m~tH5Z(>y2;wN4MO}
zvciFywH7GldV;SpTLVNybZ+rEU+^$Ws9J7?ASAlLrP?Ho2^+=s@7{ti#{8ckfpR}+
z=amDl9ke<5nJ1LI?%oChP0V1*U;}F47+MDwUM<Vw`Lj<9r=L1k0q&+nR#-(5@Tjw@
z-9AyoB!B};oNNX07&T7uogX?;N)|aP0y1ZuIMo5b*c@DdH=Q1L3v6sByU$nwKzGVH
z6zw(vj-5E~JwG5LIzgQgQj-Dj!R=@%7H_Lt*uOnY0(PGP+T71u-kYFXkrBIC_~s;#
zpPQbSdXVY55#VoeMt-x8t}Fd5_M-q;g)*#M0(83C0Pc2l3h)vCoYNku4Wa-M;=Nwl
z?(^jk82@qMkQ={pze;=L_xJ*ZQJ~4YnN?Pb0=&~Huj38ibCe13r{XrF+;D6iX1$=i
zZ->6POzq9<*ChZBKTy3}g|sXG6*`2~Sc4zmr;5kinw$B0{M>2r^=7`C1YlV)6BX?u
z_FesI65uc2zb_&MAd>>;?2M0Is@K{>ztfY?C4R$*5EieF>P-MkI)G@=8UfZ%IJztd
z;O$67`XH&JBXsHpfUs8p3|1fMFijdOz?89|m50o^)UX+$ygNE0WS6-(oC*75iGk{z
z=Pa8mCPr|n@t9LS`t?G8amQk+!&?J#0GgLOW<mMl3xRskVimQ2Ta~d=AFUTGLRlv$
zU;yzL7^iGIq|wqh21vM2)ZNLaw;KH_cIgT?2inrsMm)w`Z+bz3S@{lGtZc0feu#${
zWl!=By2k6IW>$*op1FpladhPD00IYEs>0p(pXkCo1mKoq@5>xDV*AR?FUAR2sXAEt
z`StG?*hr&wpIo$LT4}tYj~*x*vuu-En!^$EM7r^H+Oiggx?qC@W$HFb_d%NgWwnP>
zm=@BYzDtqJED2-KIzDRy&L*+0FK>>->N|aE!ja<QEywf^E9s~FTH9l>yXk02Trki^
zb$LzwBK!1EE5g)E_VE9N!X$4~jc>M0{}%-2cN(YN;j^kFPSvkH6vx#82D)5F0f3hE
z<FNWKGMLqxiDJ19(Cf|m-W$+Ls6R}zP*=Pp&sGa06BQLzC?CsvFlkd9A4m(7*SmO5
zBG{_j!omV!ubr%j!!kRAO$J~>PgsX&IEMF9$l^H0$Lm~en)IbqKq1oI08eENuvCSV
z3g@(=Zz{k$A;(Kip@{%{xe`R$HKo?9rDkW{1qNXN%552$&&{nUTgaAE_L_!U)nBcf
zMp>0Mft&i}=`KP-nsPG;Ce^H@M$Xld<L@6fJl3BfLQ^xMo|Z6k(7_%l0D3~rr13?E
zpzNR)U=J#zxvQc#9CCgL1UT-6E`Q(JutYs+QF#<^k+KaPu2mCEZj|M;9umV%Ed&ja
z>1qO$lp%1S6vbDm1``R9WpaFPFaJYiSR7<KY+q?0H3eW@x&S6?3xLDEbU;%SPdw?;
zPpY?jQee>D2nooSMxAmq^0<gC4yG~^2l$Lri+ru(16RT^rns?=)$e40)M@|KMlMig
z4m;jrl9=>9+;-)8uOwT@%2}XW$=QniI++8ZexxQTFW5z<<?y)v`SD8TjKQhM+jCZK
z)4syyk;|DSnh(%l$kjY0P#0!6cLAZZQc3Ss-;em(1{;-Kb3Sxs*r*E|MO$t}jGpzo
ztvNeP7wOjyHXhECr#>ulpB@^H?7!KoB*E~}O_AfWh~KG?gv|azG+;eE4RSnVjrR51
z!A&?TD9{;BIM7X**k|Z{mh=3?@XJKQ-AQp>mW?S=NTdsja*cfE-0p@d9Rbn`k8d(}
zdIq%j7dS0-30m|qVP+cOfVOm#j<ts~qBjH9;AIDuN)jdmPj>+pS+~N5_hj;WDz<5E
zAs@iOSJhr%#Pje?rxG{iudEGMeZ{WMp&!SHOpyFv<qiOol%Rs(>{M`_oub7+OW8#7
zH2=1QHhn3+<JNi@l|~vi&NO1%uf~1|7XENy2k<gDoeD3dyuc7}*Z0z!_vEwzh`Rtd
z><UXm0x*|PRX%^t9;q`8B>P?Lfr`UhDG|c90g{Vd&UK}x>!<1?Z7ESgx>39#Sr;eK
zGy9o(m&ux%XIut#7514k8q~AO%?d3hBU#OflW9a@fgxR|oO)FSD9w$Le2?vU-}net
z>Pjj4w8?|!i<Em8>Hu;Nl#la}I2bpDlH~LI(0tTPds4xHDFy&X*oF%e$c3h0*a<YE
zB)ml3RC}Q2{XHN%Bkfbwn6q^BjeJS(oa(A88|D1Q(O0t5>JHRq)h|rGe$^h+6gamt
z;HfgJgD3{bkpN0JoA|(LYwsT!j~!38YX&Hq{_}qUwBw=CwFR?rf$3c@G`1A(2}FtH
zNJECS2M)>l3`%$_B*;9tw2O$~lQ5!E{x%wab-|Rtw&NB_fOLmymh&4`@|FY2`(V<0
zWjhl>Rrg$%F;W!!?Cc^5;iFW_ap?=oD}fsB)2^`+Xy9nk0eu()j`M3#OFtnqxyce5
zDM+G`T@<us^JGu^t9VGHqCxrBV<z8Z891+N*lTFSDAtk?IXwC<zK9RRv@Zhi-RER~
z3+EY2FK@Zc3$#4q&Zw(SmK@EQbokZiI=-Ee${(c#7*P&yxFI_|DL${U-#g$rKRnj5
zX$x9mYmXKmgc{*L&`z_{Jlb4<)r}q0p_4q9<HZm25a+xxr7y;}fYoS4cT`Lh7XxG|
zczgkIc9(5m!OJ?q*7mUvbcQRNR%EA`8Q7U0&|7)C+?u^8)a7lY8w<N;^NarzeIYAp
zmhk&EMVYK!;+qk!$8RRV6faE+z7Q@P-VmrCNc8`(_nl!)b=|g#AOb2XP3h{3bdV}V
znkXv0h8hr%PUsy1f(QZv7J5hNgbtyEjuhz~LPvV<HI%#Ze&;*qyU%^qd;ed5@bE}>
zcCz+bYtA*s9AlcA(uJL-T+PN7PMfTnQ!3->Nd^_xhNWh#vYqzms@%Y5c>F$nj!=VT
zI9aS4|Cv|V5N{_7z_p~kn7^n>M7Ia}cpYD=Y~83iUw?~7M8UCJr(~4Wq(%Di`f`t`
zxk7i^3rEu!O*ze+GuG~J^v_KR@)TBzWlxDq2c6l~3G@~y{7y+mOxDuhC@8+pePfZb
zAY-nLSA=6|G%C7Td#O4x*)bz`b3@{Ey6x=@bJEwTs=_VL<0VEhn0<cN#DpZ~8xqt&
za8(7z>_cWYXTK=yFF1pATGZv6_y_I>WGzF)_}o<fnu4B(NWvDsNK;tlgd9yyZEjN!
zC@NXu5tBR^a3Q3_Y=77rdoJwNb4&~NGPzH=9o<N&V`?+Y^_;FO#-bH&<@lZvnw;}b
zBb01Jba{2#Qz9|(ooa{GbqAY{pN?<z)1Bpt;_jJ3ZBB8AEFdd{le&{{w@5u#r!W(p
zaJB<@u)Wc-`DJ{$`+1sII|XL0_U*Jg!kIE?#!Pr6eR2))%q2&&Eo4UhBD*a(b|-FB
zLpPyAqnTC^{L?E>?`+kPp4J^}OddEXgqF}E|FL>5iJowE2tX3P>v%mM_$hF_>jn0C
zQ!}{l@A<omaH?rWg1EVde${$GP025|u#C5)@T@ksHjDfCE7|E?U9@qGmWC0aT10o$
zE)pAEXPr^H^RBf?^>S1puVfH+&yyA6j=(;;gYe9B=1{QxZ&o20igodL!#-txtzJTB
zCU<?fHV&y{q>-#MG-_Qws!LWWGS?P)Yj?c6Bzj3}GQ1;;*>WHkOE8EjXsAT7&}Ut6
zEB-2qKQZ#4xQoy(Yg|J7c^#RNq<P}zSHtYJ*8DF8I6Q9G3nRJ!B5zV}PA8X08N)@R
z73z~IWWv(Q4{36`<lL#sD^J=VCS#g3me)R;xOv93nYX``N_UNkJ|&VnlMn6$2zz)_
zMw-unMsEcoq@jD>msanNS6y*CrAeJ?ck*c4V`Zv6L)>ussmujJfASKQ1;N`Utt{&N
z-<E??pZ?c;XtG0Slm-kgbg%Gc4;d9ZJzw!cz=DgRyr}kEg42%@L(zdgg)!GflnMB*
z44TZjUE3#s6IW4W1Q(3SJUJl9VI5g8Jvi-N+iQo)LFvXKXOqnG_uk$-S}d=MQ4$}@
z_q>s^=BU^0LcHHo^+XK!$7&2w6~AOComKV+6S>ShOtjArP4;MzV1<ScRG?}9ISA2j
zDhTP)mOB0H&1172-+e5~;x9=rCvK=<xViXNh?Me{(e!e3*73LUv%?&d0e;v>KmM&f
ze0QT&b2q(HrE}~d&Z~H+KizF!-?$HE9%CY6q1vU}Pj|eh*|(47oAIT|ZmUWSfts(F
zyAA63geRtAMwrXqsTXv*y!yHE21rR2-T4}ee7xOR-Kz6&N(dEMcs4-V94N$BFp_>D
z3+D$RN7lJpf|aS#M@b1iIdufHG}*AqId5<_Qtg7`=wf;Jb_?6>EECw}iRnA_5>nYC
zUn|Hy_V0w=Co_^@RZ)+2GXEmo{XoQ8`65it8PP7f$Ew`3BRQ9H^_9``GP+jcL6VQ4
zTbgl-NrzMxYcIEm*I_kgeaHJQo|?SS(qHH8%CPJ=HLDJ~CGslH7SdK^cp>+KCFP>y
z!+U`q!iys;H8<%?n*4Rno{<duB(7}cLbCiJV%qwk&XP{=1imc$yri&^T;}ux$k%u=
zId`g@jZaNe6Cq#1_j-=0-QtlJLmWRHGwEJDW$DR{2Z2NNIiii5>QPTFfryN@p=#e}
z){HwRWp_`a+&YmSyQ}D=*Z)0L7MrjAJy(vvsqIO2(4pW6T+G3+Lo3N7omE@?RIl2j
zoH&amDw|Gp@%bI0jbq!8rgTs0l(`sw%{E6d%i;WFGif8T@pEp}{FBg}uH>1O0LFxe
zBF^e!ygfWsj@Iv0cO@Cd6@0$78;qZ;a--7y6PjNfyiF3F_~*lT3r^!$m|Ldnxc7J_
z^Zshr0{S?m#1(ED;xAqy9?m_mDwck==x5{ps5N!(=w}r=(#meSj&RNFO#b_1c%*z)
znP>0w#1Pi#LWVRGS{9Uy*DGSqo(O+yiX{|IQR{nE`WG;DMIkNJ{k1&g3h`+Vchi#t
zr8k-q>T)!cFn4suwND8bGZ&h(;supR{~EI8P2HLZ)amcqgq7&*PosN3EvrE6ZK~hy
z5$-#!kD(QUDcRcAQO94C3VhBAB345hUhLs_?FW-H^@@TVb|-1&nIGYs=d7)-`=eT<
z&wVQH#n-eSC!lX%T^@@(&^V5ZU*QIyWzS1*BrzIlJmi~ucbtN(xZV6m>mH@dxS%U%
z&sP6N)%Zb4{CdgpCm&<$D>Yr0`#Aj1ZJvpZeR5sg?ayM3u#g{p#(FFfQW&r|^JX<d
zV|@vo6MOoP_+U#H4u%1M9n)$U&xz(E^gATkO>Z75$KsusF}<g5GLLS)Ah|8%km0qS
z&s~N+8)J)$KQiLPoayrLGQCG+Cj0`g|LExbn0P&Rg1bxiaIO$h8YXh1g~8ij;iNZ9
z-84+5M1>vaNP(V<tH)%^ECv+BgLhTO0i@)XN->@Dm@T^1w=3Jpj`|-HiR~is1bk<)
zvl-pkLIVd+{$$uQ*(ArDFF9B?s6e+5`j1!r`}=$QJWzbhN%eRqkM7FqJcB@U;7f5a
zP~D#L2aNG!BHlJH08p($Pb?)y1M@E!7F|j7sQ7g~6_$m$;r*CsJw$VOG{RC>QC!2+
zSc#;2xc~Mq5Iij8{r9Q$qaNP&Uu7sh*Z6CR2fChoNzf}U7lW08)qbNi`TNo%C3*z_
zwBJH$_I9ov6`U6ncsu;xUdT~ORpQd1igDbk9TSzU&ZyBSFn|>4z=WBq%hen=jAS5%
zcBw4dKYpgdp0|?ANTV%BRgfc1DQZXq`>*Vil`T%|(w!8r^qXcll-bV*s)v`=tnhx%
zL|ni*lBOR5N0wWth3xAK4u-7}Y$iDt@m4VN(jvF5=Ng%1+gx<__#8`f(8!kg6TYT2
z#BJl9p^ie;gURX$Zd;?(@5hl%s&eMb98`SgMNvq07Amv$2@le~_Y~nfa$^6usr(mN
z<n41$k&S`DX!2Wtk{brIZN1uOb{<rSe8rioR2>pOw8|ljXo@CRuT%|jF#giENK-Rw
zPholb-RSs%5vnuGC<{Gfa&n{Z4CS;@jPFN7)`xs%_AOgm)av=5m0nndtlsZ#ei3)O
zTs&74kl6LYN0k^&>jZ8`PBYIu5sy}S3$>LKYNFLFhVa(@{G!+~!*dbG_cZEx@noD4
z+3Acc@tjZGNt+6^edXz(&wfXI5vGdgJ|lkqpxVp=na84PTEfbo|6Km8NnZ5uGKEV=
z)twyH2+`VHffG&C&T#3Ny?YxOOM_4EonUCN{vT)BGkSF&lv~K^`|qMhsiA_sA(Gck
zjSi^K3%YVUJ`oybq$rgjow{t{2)k$&F3XMwg6v6LhyvL^5I6K<S7xPc4p6@9N6FTL
zgMLzK+QS{ql_o|%S>`q33m~f520WO9ty9F4%t|pQ1dOeHlnhy*6V*iq|HowX-@^l_
zs}TJE=GS<w=EjR#;<akb83Mz{tl?S8$cWgqqk>bXldm4Hf{lXB{`B=R+E{&21Bv_U
zhUnblR-VvLFDtFt7<8_^`m(%?<N2C}VCB5vAacDNqje2qBAJvQykvPJ|M%JqanT#^
z+kWtWfSwevk9_?2MQwek0xTj+{{aD38JGqN77(mG)@7VWYeD6ND9HJtjc_UW2`O-3
z$X3nDQe)Qx23l4N%OX5&=voTe<M(n}$5p8*X|FToEGw;XDElZ!n}=4)tjP)<{d=GJ
zM~LhK4u<}tVcmF2e5~bDgFLvY^x5d%p<86*SVn*U`2JjC=x7<kq?WmPlk7M&6J;sc
z>vpbHX_g=d<!WN7Fj-6(PI?>PH#-p(s#N{jNEqR!9b2&+8FirF5O=eC*h*#P9;-^B
za;NGG_CHWvua)SV(~M{Z^I~DPnpy8s!$MdMVdi?ID$Y)*sWnEG^DZOj>l63$sd9We
ze#F9t$0qnq2km?K1IkV^D%S3EnCPz)np#?XQ2F=P|4;cU_`hL29Kl;-(26AmjH~|n
z>43kEpw+mv96~j~j%z>!lh?y<c9ao?yf(S$f0T$0-I*ZJqu#?L4=9u<+opcYHF>s9
zVEVxV@yFZHVQ)htSh{J%3t?Aho!|MC?_}9NDm7yB)WBM0-<mD;X~Abm&hEtm%U1q!
zdd1t#ZX6Gl{=g%0Tv@fZIS37xgf+zkly?`OY8%aQ^BG#zRyuw$oZ#>Ed&xWsLpKfc
zJeg^OgsNU^+Xl=S)G*;sM3pWPcwc9iCta0R_6gLS)$QI~bm`{k;UbT3YB6O_9>r?z
zY<XetkZT1zMEjaa`5{Mezhs=>M_wJW_oI;`UQt89Zv$G*sWv+bFI^wIZ9ht>CeoUg
zdz)lu{}X>)rAL%|gq3C2;rPd57G*NFw)+=@U4u{isK!4%e?I&050fU!NVp8;iLs-K
zIFv}{8;jaiZ--l`q*nz)cf)gr3;&vj*FVxJH1lRZ+L_yI^yo^*p~U1^l$Np>SuFIC
z_p<%|8`MAexCUrt*Kted<@NgcPZNo9nk^yhdWD7K&Oa&kp$5bl*XhWJxWfBYw4$W)
z7lYx@OX}47ItdOoGie?ChMgXx#YQp-)Oi`SDa!8%2fu1c2IZ-8-IGufC5}d?$VZuv
zZk#2io_xB|lf%UJLHKJx_}YFMnQ)q#(jo`^m*$IrUTstc|BBpJU00eky9k_(9ZPXa
z;L&A;gL{ZX_FR`Gwi01Mqii`{uHiHeIx7N;baZY%RC7d(kv~@}Ek?w%iI_{R#Nt5S
z{nfA%7pzUnop8)nme@jduS`UJcJp%q$$7pIA8~QaK=zzXhbje2zTKXdHgcO&_-yh1
z6N+>%j@E^{Jh8B5UFDQZsJaVEZ-AZMC7-;?e<Yj!mE_ETN*a}!O<!6xI!Ao%OIYFf
zna&<OVpNAEx3VP1J$2m4lFog9wP*0Cg<{S3m_mDRyQENuLU`88yRw2jtU%_~ql4zR
zA9&hA{&n-OaRpRDEVfq$rg(m}!HHX4dF`q-za?{wKH1~3|Hgil+o?z4X`EwT(&mJc
zZdS{W;OpArR4cq|mdcPzV?kiigc|xwJF=L6)Un9$>_&G<lEqipc=q=5x2AZ%y2;;Z
zoOm)>i}HU{(#efiHZ<xh%m9b3?$j<pQ?G8c;ttm7T82>MVI&LK+6#a`Z)}IQ*pK-$
zzMesn)sBdjvx%2OPh&^ca#RBfF(_tgx?k*H|H@~QZV<g@F2g{7#v++rCGXA;7g<~~
zuCxr!E-A?}A|A1y6XnQ+<R&aR%8s{r$Ymq{8YvEMfSvsGMmk}Z;fVP09cgiJ;0Si=
zpzX|-{6*^h@14~99@C8-9%pr{XhSi!!^)PMOK8-1v#tdwmTBFq9?Iw*?lkv^JU!U`
z<kVasg3z67D)*GV{*ec#g5M$dPo)Yi?A}q>*jh0Mq1uL5x$#?-+76BQIFjt7<TN6p
z_(Z0jqBeZ<5Qf=|2!qT(S38~Sh1NLFjwsQO1owX}kj16~@1N1nPg${rlg-2UAHeb-
zHI2WnVjS1^g2g8?Le)O1cP&<(f9FIvHC}eLlfABNg9o?|7`FPc>UcTZ-Qj19MQ#Cr
zAl3@v@X8rC2h{a6+alOu6P2z?#GqcCTo{zA-p@S;jMy5G%KXS*?^6&f!FmGKXaOq_
zpm_d#?g5lSuZKCrJTrHvcOb4kp%B*}T@a&%_TsK}_eR>#ISu<ZF_*VX;ql7L8S{{N
z1QLx7hyQ!r|IZoF!h;>G1^#m3F3Rvk;@##fy|tr6;o&!T6h<OuOI&;V!Ok{X#kgBU
zJ`mdZWybd7D#5J3MT*DK_CAm?jpjm8y~138?a&59*RiwcY;f(Hi<edl+c<ctOd!fC
zD&KOi>p5dJc39iMY}=V8Ea!F9<t{AMe`$6)P;SVn;M$%-ksN#H&hr72D*nkMhmaBj
z4CYiWZ#ArJup?(Sv)R~0egD^qAAJ|D!S(e)M0dNq*kRyf3k^@vZm>D=yG;)b?lteM
z?U;oQBL>7YTGwZFV0M|e=2k2Ct+jFp9qso7R1-ulLa8dG_MMplxj<w4{U*QFSlMox
z$4<v1r#d`}6fgCu13>x~T&EE_oHCrOhRaEO2gXSwsEz8_>haC#hBaX1gak4QtnBV&
ze+cRvkL9J7Mseu?5d9i{yjuV$=RR!B>}aKH5h&y~9IS@BqX6v<1GTrFDg&8s7O-%5
zk#ec^<a#74ea@-@Y!WyJ0K_j=FIUJ1UXo<L&{-{Fz60ROSAcF#!m_da?)#RgrL<TN
zr){Y7xDhJ^v58^Lhp*(6j?|p(ak?*Orn50K|KRLe^SX8Gmd6_?JaPpn)%u79ZKlMn
zZGh3+=tAQ84)so07-^zo&YU{bG5i#iVlQD<*WOlEI4u3_D%y_>2n3MPkJLzA^G9Pg
zZ^dff;uG&LXt$N*=q4|~t(#ky_8Mo}v{Q8zG*9}i5xtMbbDmaFp4}kBh+3yA2-N?4
zUTvKkVx}Kn?J{mM2RW;%QKKB|lcpIT`&omjW$B_cpQBq|Jz$2P{YX<UP__ke_rS66
z@W&;#vq%NR>z%i!{I(s-+9#XNIos`bAxEX0i2g11oZWX;HU8Emw}x~L$P#PBayUw5
zF=nxL=haP|GjzWW!26}*?R8MTT?D8cPE`&+aE{&S*!rUU*>dc2@_y%c%&ORAyeXV<
z680sMxHu(DuDn+Y&&67(B0Zd4lS6$uy?2#hF{ZoZlU^WB3L$+KQ(1cL5>ThbPCUjt
zBNaFSeq3un1yY11-TkiKG04#>*{+kqvsVLhJPWao9Z*WF56X=9FE%VBxOajQY|TE>
z?qs8xreJL8bGA--A@MxR$E;&gjrHMzZ{t{2cZV_2qZglQK-B1t#j-x0v7XB`p8MI+
zLXOw@83b?z=TKoL0hD2L$gU(-e(MF<+{ad007`eVQ)q<^tG$8Wa0Z&5!8AE4_xWfO
z5BdXuB=S^+p@Bc`-g^~Dx_ZJ}I)}%2`9RHJ4k)1=bV-)yNU_;IK*Y2U*2m@g`28>E
zI*O8W=qz^Cf%+UH!l-7gVrwvUPhHiMAl}+!cnfMKHJ+!k3-Wcdd=`Vlz)|p|>|^O*
zFs;Z)1iLo*%CwyWiqKlbh}n>Fv<b4tzSL0-u@zU)^9pE)(O7zJRkU{Q+Nf;YQF`lK
zXw->a%a|&pvfpw*i**R|Y}9UC61ns}8_|EiRJ*_~HOFOb8B#guZQK~784%P}-0w&Q
zoB0$u+<EanV)dKzp<A1?``BkOT2rc+(xQ~e$r5hj34<REUL~`S+_YOw-oo0xj3ZtL
z`9bz;oYC_^R;9t|j)i4B^7-87LhR2maz?*S4_`m0m#G_9W@sG|l(XvWv?V+h{lP43
z*&5ihKONS*CU#$;V92Yg-LKOXeQWS!xzO#LKz@z&X^Gw5>PcGZng!o#;#-`G2M(~=
zNIM{f!c2{)$;Da%D@;-GY;ki%(p9wx3&5YUiHc5OMWS?5SiiUdAdka(FcJ=8$!3#_
zp|`o}@eM$o2uTeT6jiSRX$@hPj8~p^X>Oj(#ST!&gWi3tX*3L$`p{r5)PjhdE#ELi
zu!$DFt3<~H=~l1Pl;c6HDy`{#eM&$_4WT-K006g7Ubtf@8$MvY<^^g(FydRgOMUQ&
z4d6#Qe+ifvg;ERJSr4r59M8_aR&hcUX3VLk%g66#M$g&xJfqMA)I9=t*oo59P%Ewg
z3HNKj25(8&8F4pjS(VR`qt=k4m8tFFf;soJ2Q;%(nX@&E(&C+UN5WcwR{T+kN_0=_
z8^}YAwe}Td#A^ap+qxy=Eiw-$%du&>4s+^PwsO73OfTGWN*NSl%rb>l*c=-k$Q<8W
zJ4uyIgfUNkD2BET4X>9_b)0D}_@Ioq`Mumf!#0Fl+B@8;b}$8I5_+YLO*>Y|uuPtu
zRlYUEt{R0_LExOuDT<Ac86C*5;jkf`ql)2y9c1xA()!*(_UErxpD9PCp^YA2nfy)U
z)b=hz(B{IRkD!a&clo{GT9=`a15U!x4f$~x(WCagyiWminmPpn!ey<=gI}9|tUE@~
zXo$kxx>vQR-4*evxEI(X@5b?`!kkw0Yv2^78mZ+=F)a$IfZcZL6kGrWdkvO9zXy0q
zPjv4ylRz{RB$RG&w}hw-=HVpCM6hjntHZuAzhhO+cm-;=c2TCW<m_6wsPr2AIte*W
z#4XFbu2zH^y(Sv@g;9YYPlxQI>XcIRU_}zsjZ8y7F>A=mTZ94pdPq8Rz<_`ES0h5*
ztlT6TH)8JhlBFF>U4#)V7ieGK$@Vl_W#Qq^zZ!C9#41PS)gz|l#J5I06F_t_mG3hf
z<D;!v$C9OTabxrAtD3@~=1{r~z1BDge?i)AXWy;JL1h0mvpQ26_hv7>g7K9;W3l0?
zsYJ`42411ryZa2MJKv&T7&hwIJW>ug-*%LN7EKtfgdl0)_!>*7ym7-KgY&Klc<oEI
z1TU%@=6g){==pJ}8Yd*!3X<>bPc&*6Dsm|qvT+S&6f{m~uU6>;6VVCx=g$yHyI(8a
zMO?ei{EdWpP&~pzU%Dz(<Xt-t;_kZ7JFhPk=N)={h*iAFbe^ZDa*i>Or4uwPIhN%)
z^1&fwN_z8;Kji4UlUm0SVsA0jA4PVZMR3#P63OXKcOheY6L_}0B-)Lc3YN+@I}>R2
zLR`Pm+IKyEi9*^pEsLCQ&}Q){OtZ={C?XQ^o{0L58Xb;bymYy}wkJ=oMpd&l$k#wM
zT3JbE^wryIKbO)IuV*;|g-_ouWuJ;sMF;<A3Y`ynOp#kobt{qW>0e>5nGCYtMEe^l
z2eff#+|~tRKNUv~3D#+z6=S$&tp_NNOG^&VEN1Y1{lb(|@}<ea;+!k8njun$8~7-!
z@s2&rv)7vh`3GkN)CujdF#$B<X`YHXtyMNe<F}WiFlWkSv8S(U9}cNf6y@M{@vasj
zTUoMkN9Ehrz2mCXhpds&7viUAOyaK8qn)po%YFMSoc+EjK8YswTZj<L+P6m&reihF
z9rtpO2k8oNw`!`kbWirTC^B1}w#P%8EJrO#`@ComYS1ixWL+kPi}R4TgCTnRVs{^m
zZ<!V+)EHb@2%KRn3G8~(C=pI8@4nq=I^dcc<#Gzo)XSOAEz3`qN%wGSG-Ce6b0TEw
zX7awQzFrui3snzQbGIbr^xRYY2GLsQf%BZL9L~?I{G1L<)P+U{$VDF7vrX)IO>4nn
z5qdT@kI&FKd+}pSg!Hv0Z@Qjv@%yM{=@VSdob7-CIi?;pQ0EnZ8asS7B*^OmEU&!s
zGoRNjSB>6Z?780|MejbW@82jdycV|Zk7}Z{NSWeyj#i_i1EqszG;E>t_Tb6LlNGb(
z6e|;I-NA{`Pb3f{c$_)UaAh5MY7jC2v%+G4DmqUH%Jl(RE`1#MHSl4s^o(xB7;y1R
zK!GB?EWPql&e8L9u~TLkRbHP<)yH7>#akJ9pxBTH;g=jmpyYp@CMGMQbi!?=IOi&3
zJReK6t#Qqb^}?z>*ws>x?>C>Pz?(jHxhQqCRU23Np5ku%R;j{B^6f)k4?cUg18l$z
z&QH&s6-JJ8dGz|^hBp?Yc4BzGo|bLhEGiB9ab78K?MqzV+yaNmvG0$q(Nl%*W1QpU
zIa24;HKGSv#adQBOiKp?xpMBkwsKyT;8OQT8?GkG2cR$K(#Gr62&bJ32z~w9dk`5<
z`~w;mN~S1&5s&nrewdPb2Y%v6R|{k1s|-#M;FdqzAg{ae9jQrTN|s~LFo9}pf)i(6
z=`z0h(_CwNF<|ohR_L|d{k7b+g#g1rFT}_}R`ubEwaQF4{;?Vyz2JDIICog#d5*~A
z3Wr7A=CC7IOkHzgz}{fXhNr=zfzRae_4Bq}+_##ImT=?;_Zs7ddnSD(f7yxYu6M*z
zJwDe`N`2YLEGfRg???WCzO%~OW*vhzWKoN*S$4opooNnDG%H7YsCkK<t+sKwRPkk3
z$0aOSh~<mmuJ}%>QNbI_VWWOf_lC1%BX6PbuCa~VUViz;H8(Gi9C9Fs&;9&N#JWR4
z)K*`UD(SK)JW4&a8<3y;NTCf3)lc^ApVf}y<~R<?bHP^+N$-`$6v1T^6}f!v`OXzu
zM7#}=NV1Ld$s65{j(L44rOPqj4}LSU#o`UUZ{r4Tn8U{0^U5~9wb|>kpZXIyFOz9=
zz+I~NXUlJves8-^mpN2iBF9^GPwmCQJdDTv>aqv|`I2=q7Io?&QEOVJ`?5EMSYSVv
zWthF+PmO|Y5Si;I-&L4(8C5A2r2|cpJ=EYEHgfa3GoPL-rKkgbr+w179HBk5O?V`F
zfHR+70U764eFPmCvO7>fTKX8UID?bY&LJpjRX&WzL$&M4a>$Xb7LM1P?$)>;Z@U~H
zE^l<iPQ+?)vGI!W|MRrLPNl%7Nj=jXr*y*>=PqWmr(5HPpPm&87EN5M@73LDcM0u{
zi8$Wl+?Zz=>xek-_E&E-7jga|U(^*@r8=`Qm^1QytjIZ_=Zh!8mU5EmL#>CslR~qn
ze#E*mSxe%D1D@)ifvi8l(tIh&qy7ltcs4ly`5$NSzh-q(H_jf_rLqX!tLuG_56lp$
zGDW+C!<l3U>IjpSxP`l}Uh!uZ9;Z8_dphnZt>bPAtG=!zre@6^6R&g>l?ZKWrX2@0
z(?>956h{7QVgDGI{uQzMnI5)HuM-kk-fDAL(VHQZUJEYx;+1*(ukx5!PDs&R87B<1
zeK2i(+8{f+q$$!f;RG7Ip$4B>c)3UXHM?_Vr-{G@Vc$Obo9}{MtET4On%A9|Hj}FN
zPzshR);flR&H3$yj9z+qnxiH0JdmYoiK?`mji);fi<)^a8Rbs}L7ar-nZ+}C;jk}h
zbR`DLDF15F|2<@;gx;0DC=nrcsui{hn96SH%fYSAQsN<Zkx>qN%iYytm#XwUSiSt3
zQ1e$PBop?z^`M&STyxHljyL#1vp}<(eX%@^a8t%cWsP0(8dp<A8l)4G%pZ$n-OUU@
zAasY45l*F4+5a5m33-FWM?G>J74!7BT3h@L#=>lmv|bmnFU;j_1PxG3l<2M`=E(UE
zI}gbGM5H@^0MjIE=<$GDKT>UU*sA;+i=V5N-uNg_)&5|{dHZe*C#igrAu6PfYeEMW
z%|IUNEPBX0ff-h;`G|S5Nxl-JCAi@~Vks2oEGtXx^hDNu=3C67*2xMkN?`cc4}vL0
zJR4}O2R1Gj?JYJIfy%kj$y0TaG`97ZTF<ftjHfR3q&E2MtuJO2&^4`DC*B5GigDG#
zj|Z#0o(aR*ljt7%^|_+R<r8=>30334%yTti=uqGsP0^X*K(+c_<0OlpQ}uj_m^xfA
zugmN9fsqH_{!S%FQ6>d)t=IoMCDF!Uf3_q1mzmPP{-8=Y%Qt3}xgc6&=)sk?n_W7%
zQDSddJ$o};aSy&Z&}H2`lc+<R7wpDe=4B1b!RQ2iFWku^vEW3SI9LvqAYYoeYy@%T
zHEMRPay3|#D^T8ApYK%9Xjbs@lpEXcjDDx(Q5T7Nu^?*OZT^VDLnQaNvr19idjxlz
zpUocmxvq-%y^Jo0C4(t4_sN;(NnfmCBOZT9LcF?Zx4Bz;mE~2<qt#*0k>Nwz`uB%s
z_3B)1KZm%Cdou#>MhdI?mO%|V1L>U$I8Iqu-l86vqGcaf-FsMl8t=vHB5Gn<d7-&j
z?iWGrzXF~2Jb8;dD2Esw>9MZco0+qwg{{M4Q}<LH-5XY(Hziw4lEJh~Ej9~BO5<6{
zmy2bO%{JRh+BZ)kA2q$_q8s9VXFaF##xUA&B<&Zo_`h;kaeJa-j;HwitM;$%l8?@|
zofw}Ck*O6nH|_?WlSyKZBb^NnF$)xu>aA(S>~k6%u{863EWb>vz#rH(lIW+cN(IRS
zg55TH?hPkU+3M+>k0g^Fbj1%MMt3@f4`zHQ_Jadd7<nzkTFvID8>riUvsM2+#{(t6
zn{rU`XB<fM<TRW#<_8yz`A0q%rBtsxX^uKx`L3x8F(lt?j2imsvv3eVpwjfn*lEGc
z_d+vAbN-)(+TbRWMj7a^v0S8AV7b6{FcZI_8>o^n%sX*=ua=E7yP7C!d&ReGWt?PY
z)#TuVtxD6NGk<#9TX7j7r=8mAd%s?Ve}@|Jq@?L}mhsX+22_p?ZftZS#|iIJbJ=qE
z{h##|PN8{TuEJtOImXO=p0U)NUhwB9I{_Ut0bN!>OMO8z2{i)_CC{qAbF~#%sQiBR
zCPm?nkXP_f?TJ2|IM>g6l9%=}@_d@u`umc?8s+$c)?de*#b$`&?uef9QyegSN`_(|
z7HTR5b&r?NZf{gMnxKmch^C@Sew{S`{n!;PadH4E0og3<7M>6hO}Jz0TmW;QIPPQ7
zYV;wKu<k04d{1l7Ndk6fnw|FY7Y?SQ%*Gado_>2L{HH@v0x(P2m}8j}0sW^QT=RRk
zx#n{YJ$6xCPOY3gvMXQGC^YP+*$rb;Lt)2cD5+mZ@V^Ir`G)Cd8|Ra-#GkY2{CQV+
z83%jfBMzKmAuxjw^!$7NoY5v<GZKT=;vekR_qAKdOA>P=sY?b$xJ*#F?5~5yuKxD@
zy(9io>~>!_R`fM`>%R6yggtw*2BNwg63@-wBufd)*PeAxFzkO-+T#3q{I}1hRU_$T
zJ=9}J%b{ygaLB+&b}fyf=tA>@=8Qj1O)}F$8;Um)aAGD1K1OXGhc?#8^FrCt@Ag%3
zf-AgcWvJcCONOa<LmU^$Q5y0%ph0Zx9~YTs(#r-Y{pCGMNIUI*&Q-j}587<fQ9piv
zGeTb1GGV=D-2#ccap{k(9Hmb$hCB;-8T*?&1iSS#a&*s5bI^m?%2ZLDm_7_!)gz*q
zx;?8={HOUxh|_Uv9ceXyyr(*vN9wU^NJRdBe;rO=O|w%EYQ-+~)oVKKqzlco%}IZH
z2+B82kv0@bb@1zKWQ-VeJ?`Uut>NpA_P<;A-rP4#2W_wsz;G`iHsWGYtcENOwLP`_
zpB{qr%OuSPXwv09T5@1A%*w!n(W=LxwxG8E<Arib=!S8SqpIITu0hSM_Di4Q2@DF%
zTmJ6xf!GihBVOc>dXrN+TwU<0`JGHh=UGJ5h34DMF@GEvQl>x~in3tLs$QVyez`C1
z<0ffS6SUgz7gaQF;Da%!@tH)y*oj4Zzl5G5Jsl3UHnrg&zo1%@X+87;{=pqcR>(f8
z1@AF3&;uVW^84Ef;RUjcL6c@~aoH5mtgIH3Fm>O!7{VOF{-+6=%GPZTQ0~4UvrB0w
zLR|8$c72CNtx*Qc5pZTDZ)|G$X=RLJZN!18hy75m)SsA6xA(MkhmbzMkzD&q@^7MU
z5q-B4`8<0I!q<js5B<mrzOd`VHu)|h@<Ow6CO!&H%X7Q!uM=n>j&71-pnHcX>#xEs
zX{@-?wYIov#Gw6xMrB(sTE&aCo9SZ6-4KR9eLHrEB&G)FEBph&B!<I^YaL8eT>T#o
zbG3e(mC$eCJfm9QU#@UNj2M2aw9Y4DBfc0y6LR;DcYBs(+5mlnzeh<9(<(7z9<+K+
zLSWNwv-+D1_FswqOPpsk>rPAEB9{Se!r+Qxm!q%cYA7)L?S4zDn8ZLp>R3j!TdRv{
z_OPeyFG+cu`*F0spq}fGSEdq>!pn#br$qf6+1F}W`}bWCq|$?Pzs-3Fc}vAd=hwyI
zgEjRyvERAJ*F&5=T{1<#2+Ktivi0S7*&x6-O)?^sjT7Jk4oB*1O+cB<4=6O{HTUX_
zU(OYAnVU=jHWaH8aDO#l6snZex%Arw9P0bX3OoSmMY;e6(h!KI3%=iy`Tm56UG+fL
zHQ^@^CVwcOk6{&ZUVkhjL(66GR7>75SyyzB%d9u$5C~eo0!t&VW@`KX>^vYngB4p(
ziq0pvue-@jl9J3dd}Th?91_xXTS|2~oc8Z~y&4PJHl>|*5dk>Rni?3rI<nXQ20CCe
z^X3Qd-ENzjj~8#8$oW74bGQ2TjxMvqkSKpatx%8^)hWeDZotrpLpBEZYAW9l&bFuo
zEYu7z|ALR%Hq+Pw46KQ7NQVR{FC>9DR;UN46E&e8RSSARhH3yr76l{b*^PiQzipBT
zcVa`W7IJ}BAA|09aNXO*T(@WY&$D>ubH6RSmv?biEPg!%jcxjl?e!M60O>_HYK4Ni
z<$+EgYLf{|N5B$_9K4asV_?cwfR!2Vda6_@I>s(rD7Bo;&D_>~{pp#(RIT??I?(%a
zIjs&009jz)4nSr}3o#tpzg#WeUvDr)w?d0SEG5tT;K9@+m+7g|`SnH#i5y3F0kqk{
zlJ_W3#_}C#l=L2$OmXv%*)$viFRAD!JwPw{2-v??ECQD{OC;J@4*5)7$M#uP@#}Z@
zpND(^E}w$$I>Ce2n>hZ63K=1nW>^I6H>ri!%M4*(2972`b3Dp}ac4bHT`#%?-m<)N
ziAYdl0G5^a>@G%i(TGQfXY>@572rwo=2a|b6#(2eW#9~Od0U4wq0LykSC%Zy!3G_0
zm{Yn+`&d9Kl$PfFsLRWsKSOCr#K-2z>))*QMkYn>aMV-@z=Db`#`z~O(?<ry#R?sN
z<!eq}GT6$^=I<McH7+^IaQkbxV%m?&;O#a3_n^0*@HLuBfSIHv!zh5gl7`1tqY59^
zuJ5*QHNfjNvQj#(Ra|KSj7J>lm7+>OHVX+kEZ*?-&jTzN0=R<`%!aG$24Df}K@G!T
z)ke2A_R^<7@;qbhh0#8iyVC3-cDk#g1LWX!`E^&lWcN1J)S=-K5?-dN`w6y9cX|M^
ze#cMfK|X4;p2+YW86*Q~cK{r|<W`b??gJG_AfUh4bHR;V07Gg3NdFIb<Qnwv#<2dj
zAMWrxcn4Q~H_z_}PaARlBF9e<AsNneS`9wV+qu34QTXxq!>ySaFub9l1L&hgieTy2
z^J1Wm;|sAQArCHp1Ad<dxunRXL!X@OTFKA@3tEy}MQkVT2kSII5h@kuww$>&X5W?S
z3QRlCc+Z75DoFsR=cdJvNd^A6%wd0(<yFX)leeFMN1kSG<^%UAIz0pyXDN<73L)ND
z!vrX9Ev9H>+xF_h{xnzw3KW+SV24;T$_mfC3|zhT3=>@EUp6yc<ixCi!UP43k7457
zA~c5|<HBL(ln>EYi=kXI(fQ`r<BmhYKut57+u8i<tb+8N_{!JCXP1Nu=I==weCmW#
zKJ@>Be0?zlFN8pQ9LM)#5Ia&s$L<HiR<qa{*SkRAS7=Y|*ssJqY(S76XD1!!b#}zO
zdvD6H0-x4}p4|hOz;QV&cGK&mRBVCj0|m9L%A<Z2h1465<TSSEd`f|Vq6pqwuxaRy
zIgP^1bk`-@s+<U92^d}D-i3>}?Y;+|qUrgcM2&-86M=Eq<w+_5ZG5sez&UE$ghKo@
z<`c?5rG~o)uo5tf28+g>@PfVMs^z$vSCO38>587p8`PLxTk4yz+Bj*YEH5+MAlx$C
zL2b)|XO!EnGr^DKCHPkuP16e4Ruh2}G`&u9z>Uu~vHFEu$&<LlxKV&1byB_hEpZ-e
zg<%MaKZ3yu6+!~=-C^UW*vT|8bM5OIwehrepJ=o-aEdi~h}Z)CFMF#E@8I^cMS5~o
z^44)TyjEGm){La@k?(k2IdTRpLjQ(Qgyw^HWtPOvhhWQ(Lq@yH@`N1#ZIf;}^VOAL
zJbkfdzVIPUaXrCL#J^5enQnQ1ri>8ep&G-yDVv>}r`hLS395-ze`8n&5xa=<!lwlo
z)Cti7TB9}T<1#dh*CZB(RF!BwwSF{W`mI=zMJuzGAufgcv%Vz(#?&`<tTd9arGoMz
z6<G}%V<|guoLu5#(FZOb7}9poGtep1+V>l7wQn2P$6UX$f+oh_14zCBxgImG5mg3+
zp&OVjyvV9&hysRlaC;PF#xN_PNI#N5B=gAw+)0bPs?Rf87CGVd+a&S=ch%;V+1o3y
z9uLD{?R>fK%^tkD3-(Uw(IyLEp8Zm-)wf~y2!s&n@N(6QDsw?1-VA-%0-j7l6o`QZ
z{mL?_7vhusRz@DwyR(E5Y@6X$`o{P!uBuRyYg?5YWi8KZ=nor&d@-={-5HZP2A}yQ
z*_5hyUq)`4c^nZzVbe2QRn5LDKLpP<XI%_ij6-C8zc<>2qv-e7kWRbWHm3%=#R_sv
zwOq9Yud)+sf$yElyXCw7)St5+Wg;2aQa<mde36$vxZmN2`ygp{0XUR==n}=ST_cm_
zvm!q$kn*c!sC_LkRYBRnu1>REmgagz{EkrMRMd2QW^rm^aY1mPtdB5`G}0_P2Pr*}
zh3gq?hWkcyhPKW(e}K;i@<h`IN_lzg(mp63%ZaO8-mJmhMCW&?3icIFXWr3`l1gPB
z{qBa2R6PPlebY--6=#yqSTH;&3idt~!47_`v2}QniCPQp8SrtHSL+J5CZB%0dJh-5
z!s&G+ll8bWL<Ywp>vK8)3efgAc9abdRm|X<b@=J|v4*=K*&y)iM*jMsr}zPf;m$fv
zxqjlMpq@TazT`K};tlzk!>PxgF}1x{_HHLcW+~|2|NhOk3*w{ZdAmMRF$@!W>+>9B
z$&OepOYY8k)CHbLv$G{*O($2$bP}cB&G}JTX_R}em&njjjV@Azw*co&2g3C$&Y4fD
zf!`_>s>QA2x#^3C@uM#Cc(#KXO)%LR+NLq<NJ4EE|03zBiiiOqS1<O=(kzl%{81HJ
zzG0b(1cnOfhGEGmXel2@zwrm{^JlH9k5s&6quP*mY~3!Mr@;is@}xIi_;s!WGo`A~
z)zV)bipASVn9w$*qtrp)rK%20UERO4XGLDXBpB90ye?)v&HUcJp4@t>b>~*p#|X^F
zTOX7d+`wL(+HEmbW^0x){Y61kFvqtxJlQ?k6NG77kVZ9vwG#1!E6XMG0_dF?s^Zcl
zqPsGh0ZCQrk$%SzoE%NCc-uJgArjdnRIXsTPJB^!Fhjt2SRY4m9oBZE3&DfRV+lnk
zWJy@^dl`CJ7yfv#Bw7I|XB9#sI^Z~?%GJJ7G$Iv39gX9N^lw7;Wh|!-Amy$G2eYd6
zjD<$&m)V+>Ei1!B-1o0~mN9bavrn_D_4!Vz%7Tr0Vkx0<j5At4vwVR=3bzh$ntzAp
ztx&I%`yryoiw-w0N%H)LWnhx>{#?0Wby*O=fm^LZ#NUZYOb{V$69>+1q>F?4XRjtl
zDIbWtw85?K__+GhIKALeQIZ+{v043i9`2XHfJo(PXP4ycyL}wl?Er$&i{xQYkLZ*C
zLF(ZlHU~0}g+;8xq~Elhny&QSUXI43V!N7~jRPY=IsF}wXNNseA5_-{d-Z}(;+RxM
zBwv;%=yQBt2HFg$G;-+EN$l~DT7G$O*HUD!Uq$6Y+_*nqtTV*Z9=-6G=-*xdoZ31B
z%>*<ABnQKWp$;44nwlItRv;#261sx=8U+lFv)_ATxGM7yQckwvVbhpJ#GBaZ#LU5Y
z(W1QS<7I?X&X4&813XXDVOo%rXBNg0>ahICZ0%sNDPQ0@c=@1x&Yxuhp<J$4<5{rX
z%8K9jaF=iAcVi0ihLB0x$#V{N4y5bleW+x$a@p~kR)MEE$MjMR8yy)Mgs+#V+ee&1
zI?M1H{D~Ekmp|n3uix>e4bM`Y2VDt7vQP(Xk|Vc5Zr+B#+M5-t(GNSzH%QLx@>J@P
ze*At44>az37>(mbg0eDcweV|Dh+|*TiKWKuswWcdFlG@2%i8GfL3`{Sbrfb68<pv?
zr0)!9a10DxJ&zk#kLZq2jDrmEPuEqMMAPm(DfOUjxVFYh!Tyk!hisX8R29LK!q*)6
zYs|u1`4-a=I7_wZPB2cKCp)loN-tetMpkp6VROT!lXH!OIX(yJf^Q3ataZZ4##|TT
zmpoAlpmiqYJ)!J-x!lnTGO|g6q53Q?f(cj9<x$>&yU)(gKMpc9nL7WHNp00hnx1of
zb_J=laf!8lyecr?#EE$lXVpTxjXcTCdHNkihzv)0ik-`1L{*~|G#O7I?RMbkuOWN!
zOrqlVHqO(XtW7aQ)_1x-l%e_${7>_qy@9t^BTFnVt`D_^{(20s=apAd-h(`%?Bga>
zScu7FMX`eFRhI?XtI5Jp*sqhizuAJYZ1Erh=LO3lzRL$A={g67L6cVd?3m$Sf8M`O
zw&LZ4#ZfkqG-ZQd-KDz9$ytZsXoJ#Ncx&|^vF1)3c9t=t=hv6r#RWII$jjH(`^d|+
z$C-YQ`CKL}E(4Z+uJ}#TM7iVQml-)B7xx)3{eS$NMBute8ljA#e7ng!c4N$VB)hSC
z#ogZzOA%A|y@v54q5Z&XZfpEOyqyzcIIEKTslR^=0L#Cp1=?o7++=(YVaLS+M?ZoM
zcT?!Jf6kX2!j=IGCtx0r|J5-Y$?mDWQsfO*Twd2}`ES3(3b21ryoZC$OW(SW7<}P*
zQU?eaibqv&ySGYl$wzp@&X-X<>;6q1wI(_~UBAu<|0XRYk_z6z+3hsuE&X>l3ZT2|
z6*~L<lMMH2MGYs>zrU7Laq1jb%b~2z`1-p2)Hy6CRQgFR9C8cwL;epSN`ZI~u`|U=
zuNY*b+>E5CqN0f~KX2INPrx8)lu}ZoKgx1FX`<mPG}ej7s=O;u{tf(lb>Xj5jDKNj
zwe2`YH`kqF;MIZMHXG5U6Y7D|{|^@yqF30F)@;MJ)6sYysZ6-Tk5=#hCIkG}JW}OU
z<e%n<t+7o!%~szWFs87X<i&90U;6zld&bd?Y{5hht+Vr-CuvxnO>cFSDQs8hQ1Dye
z5IL=qty2B*#{F!HkZF#q?g$6Z4$A7^&m`>dkY<W&UTf1y!PHv)X&m3+I1=7oAAC8B
z`}=PJ{wlshbbFouTr?m5&o7O~@k2S@67>F6+VtOxq5A~9vZIE0_0KO=On)<N75`NJ
zSD@;D@uJ|Zd27HccQ!7$|M{i;%&*F{89$Ny&&9v`t%LJb+2{$TmiAXK_@7bv|3mu!
zhcpSC45A*p+IaxDcMBjL1EBd*(}w_%0%i@Gna7oXn2h2!lJ)?AAD8XV?_ZT(iJb$H
zL7ivmf2>$VX`GX57yt-;2d7M#%+Y<d{|&cfiUQL-!AuOZTBKnR!0;1`0Lh$T!3uCs
zVxPjXeSjhg=7OYi_f}n-&<cXY>$oq`jxhjx1m~#Stlu4}^}aL%ls<{mr(=x3cF+`2
zGN`o$?8+h49-y(sci^xXsk=}GP}A?giH-(10m{V8zrP=nu_`$yOGcd4*<5*Y<MN2K
z_7uRi0)cd<DUdbyHn`psi|yG0*stAY42uyLfTLP-R(38Wwew0Y$_nezX4atRzE-jb
zj3cn-QcFkNZERl>b|^!mH$WRsHi2H?Fh?T1nlEVyum@X!3aakI0BFc^SYe@E2U@Pg
zSy};0L;=u5rPss^K+9aPkzxUGV6uoUq2Jirr~~Sq8Q`-N5^Gh#EdO}xdy;j@yJNhi
z_e5&{L&hh0<A8$<l~tMk?#fW!_DPv{5X<3goC?;m9#4;$)wI=-@5klxTmPA~nC62)
zfBVBcaT=IC2E{v#WOCcYm?XINzQi^iP!^m4RhB<%&QGl^u_vz*FfKyx@^MYRJrB)|
z<2bl@@ut{72|xn{bpd*(0T7TG;DHjQ|9SFs-FXWOjwJ$UoFC9vD(KRYh-hIwelO4f
z#Y6+CAT9Iev<e^zDTcn2xWyKT0x2EflW9BQx{w;2{L>*4>J$LntwgcMFf1T_XKkb;
z=<RhOCaj}t>$T31XP%s8Q$BT#gaD$p_&_7fe;vT|r1TK^xCMOb6)aM%1JGMrfXOt1
zR!j*jMv+?PnWVb&u8w=UW1x7C1X$=R+a%*%JO&g53GN&gx6_g`hHT)?>(>KE(}z%v
z`gha-`FlkTiei`U1p`F-F|myE&HvdK2}z}rmdo2fGuC(x*||p)tmN7=l_|^RF3HEk
zVJj^C{AD`-In+^n-pC?;l>GvsB7-xQTL91!4Ho?)bcz5phiXU5it3%-1c2RX=)WT~
z03#vSmH8NpB^m-9je=U}wH(nDZfhWsDd?4EZNz#4v2geKWS{uIDg~-5W<>UOghHG6
z8%`>0?es9f`;;&Icwh~n`+@<8c541EvDcxbj^ltDmwvr3>ArG~+<jg!EA3|h5*rG%
zacM(#=RBaQu@QiqiMj@8Ra`yLVPGjL%`JR+4+}t+7xk}f0k6(DKmG~BP?6r<zaep5
zIzDsN?jfKq626TSEp3lunl*pKc6z$u6^dmP_Lx!h`Yj*tZUKi}VYS>uP$Jj^TKn_^
z*G2zpR1wJNN#7>x>LX(;y3G7={vJL@89g=hl{cRG+9RuCgj<5>8hGm-<l6ZukIZoE
zwlKik!Ttl+dNA5hLySnr;%9*9{L7@e`0m3*;Hs)J$2)*jWy|jv(y^B#T((%bfpvGZ
zXSVD*emH7bl)9O4H^yurCzeQA*Jb*h>a;?V7?9CvSQa$)))@Mp=|mL*ygdEr4&D?%
z@B+az5)nBN`;Uh{E16VbPtnO!_Hi404!P{96W<`ENpMWtb>>~T0*q5_k5Mr}nn$D2
zb2b-Q7npTE{9uxdb568tWyX?SDMa)`01AJFn*h23H4kcALtU-x!ShYGcR!oQwsiQL
zDi8{t1h`{g#xp>*$Wq8}JBvw5*;m)QUh1>!Vf@B$^C@Rx%RSrLi})!)7SaAU-wPZh
z+1?cR=BSif3DleEM3zUGL`R^EVZ`=VbD0ZQ?=^ju9`B^3CBI%#mVfeDhU4WV-_(~;
zQLx4E`Vi}W7=C(QzSb#rwiW8&&ABqob)SC=jze*3r(1v2Zl0YJ!Etp?*ca@4obim)
z4UKirX&hCB6lN+{z}EEvEC3Pc)%Fa9_O^EoF1NbvMH`6o>}@#)I)JV$kiB$_JD$~6
zwCP>_2Z1Ixfzt2uA9y-nU|a!y`;wy5&Z<SQ9n8SQPEK`Aqi~1LX3_twyig3mfvnHl
z=BZq3?k>j7z~x2T6vU}2hs(TU$2M1bv9S|1wE_s5zsZ{_sX1#&DsK+P=T{T4UArI&
ztA%l)qQ^|}Ww#1%Qra8DzH2YZVT=v^qU$N3UmT7Uhe*V{Lt0*A9DKYW3i17>8e@mk
z_0oOtiZg*lwx{ODszgletB;)5Z`a2XI?7icJxS#X=DY(WPa~~?jv@9Oum0xrY~=-7
z7d{Xg9?O=s@^>HJyMJ(2=rP@Z?5zPC=>xfj1-|Tzg*FNwiwFtD4vMQ-600}z5f-Vr
z+9u7TzC(wjSp8;tr~c!LYUR#50zKNELvCM3YNuiS%+>@)lG<BLB=>fN^e#X_+h(&^
zVW-uoYBqh{eWJR@!D}Yvj(pW8iy)x31FDioww2<6j)QVv1;MAIQbLky7oY@v+jruD
z?yYh^c-<bUz<ajVisY=C^7@anQ_EX%#{~}G_qe$yRh^TCxJmb=KD@X;Z_`;nxrv+X
zn+VuW$QWn?WTwh~_Ta($zlQ(1FfZaG)k)zZYjcR@PR3aR?uHTw5SSAPAGt?qbKESn
z`@|GH%E0AzqwRioidbCeCiDV@1ULHv&RC2Yh{UoKI=9vf5xP}wsheLscS?D`t^7>{
zSzC3+E}9^(b5zbnC{%WpUn)(@tl;3No+TGz<1Dr1Xj+tsGt3u>yL96^5c~<p6WNTC
zbKF{}Gz0YA3op#hfv7%j&C!|9+G{bJWR7*6{+EjF@6zI8ZRP8osc;K4dIY=-X{(2(
z;@%TM1VigKL1d7}_zsmXhVR+0OWXiWz(R}RI;+y+o!n?n4`OU8vnz6WWmYHXNT5_0
zaI^N0(ErIeg@uFYN$dPbpJN)I(I;-vX1g)q%H3<z*YZrfDb$;K%j}{Q-<#{!->z4e
zPgx!nP%@y+y<qIJ0CJ$mYTU*<_V;AMA0`i{#ahJ-Dx?}h*<(XpkM3SA#Li5mk&3+!
zbeL7ajh%)7ZZXXn-`K2P1UH|1RoW!F@?^g4V%Br2zC)ddvpk9Te(n#-<_PUrULH*g
z%*$LnZlWOHGxJz4<kZSINu_**S>2@7%V*QFO@*JIoqoBf)}gs)4Q*@wR4YhicBI3-
z%NJh3o4d%E-}H{tEaL(_ZhD{#5O2%&Z3@o8t9hrF9dmsdN#_F{j@yvilp6yBWy%R~
zb?8jh$Y96gvAz!vV>q)8>;1hf7OC<~&ZW4X@^}3whBK>@lx9!C@nqINh^_|Mt*Z|F
zXzU;J^sUhr6l<ZR5Z^iQ09~eQrOB8j?x|I3&hW8#W?IfYfz>O6%2&lX5APkfGbctw
z2W1|K#;u3Mw;$3AP)vP&-Wgxiv}RrgB|81-qb0TS^;US(6(P3BnmpG;dm0>#`d-UX
zK@<A+4i4mOW$JRpBI8BJflm$s`1*olF#$o(H5H8QTkiUQ2f_Yhy?LklqOeyVi62QV
zw}@z*|Eo85C+!~|-<W=Mk)L9Bo91$OUz|E1$FG^8qC7$Hmha<MzC+PkNTa%{EYflC
z*KPZ0SEo>eYWG)9nYDoQy009+Ixfh@*2;-CkOmW?6fhj=TmPQ`LaW-Vrm%D!vhDnF
zUoKop9ftOo*DqdGk2hvy!%|X0N`@~~aIz5FA)7%Lf?QofKQd+?<|vewxrMt%B__Tj
z*J6S)$hb((;C^w(Y&ZP)t6{*HQMZI$%vp54BWE806P;w$^=3<A9BZd+CTON<*fUnQ
z<>7@`(YL+i(Yt5!&IuaKDROA1-xK&IjCF;8_h@{$>7k)cv>aWTfHx<DKwVeJ^Xe<f
z*5wD6a;>0fioaA_fPy24vpUKLGH-Onp!)k1&Q;MG(0VIT|E5}E*QRkNNws+LlPGD;
z>i!?ql|L%Eaz`}iq{`W;27@^z4nO-#LperXo#)3tUXTf`pp;)F_Ozo?pW1n*3R^Kg
zwq!D)?Q>2`zo|&FtX$Q$f@uB^kW5?@FH6{Y`sYhOjt8slQcHJjQnnuPdezu*ISv-?
z+~~YxiryKkv3C{GzI>O_3sZDeYHJ$jxfJH^Fv6{l(JRs3N?FBF6Fqr^r~y50X*-);
z5^J&vl7Uw0Z2iGhiqZWoRp;pkEBa_Ozwv3E{~k%)cEgc~q*kB6qp#c1b4o`tGt>dy
z`#XWjxp(B4h%(DHM0WIrI?19VgOoF8jb`t0Xe<a{;%H%b-$BC?4V(5qn@vzJXt$(;
zthpOE9@}ZJuRQLY?}~5w-}a6m>~UwG_b$77EUnkcR=C*JwJ^Mr6-1FdVU<g#Vj-`e
z;{59m7<c0x+c{SC6}xatXfR2R<?R$pPe0DDH#O8?aqn$Ew+6)LoZyy4k~V}xL9L9L
zDSH<5X!}j}M7dqem(A5jjAy>(Iwk*$z4wf2YF)dAw+I%npi%@Buu}t41*FLa3(^Ta
z^w2{ONEcMFp;+iuklq6Xl2AoKdaof=0U;1Nq4VB3XP<q1_j7c=&lumIZ;bQD0Rk&)
z-RmybHLrQi*%Ahe^L6`V44Y793P#9)6sxPi!l<LQP;G+NJ1;A5FhlMN=f|Z<Duv(N
zz)?6QT{&uMV@)+Y$K!dcpU-!S?r6|p&T_byjdqjU71_|y2zXcjiCbF1bQ2fpD$k8K
z9f3R_mF6)&YJ=fPs0%Yk($w32dcMDS<rK5qH~$ZhX&6gIMJq3x_oE%6Eb_wAPX`LP
zZU_a_$(~h;F^%M?bRVN#pL>xU6VXKU_4-tivC;XYO(s-8?yUU7FdP~w%x{JiGtud2
zCK}nQm0YhaIkh_Y<M~x8*W<<<yg51aq)JUffOF?caXFA1=*$oYRc_dpR9w{p+u+$#
zPcKAlZbv*f$kNPwaHV`Qq4;t6OH?@i#_Ki&^?Reo4TAM+h}G~FmR9DBSCc_5t?yhF
z+GiueaS)~Mv2(9hc82P_j?44<S-W3QQXHppXC09hj1$2tF$zoz#9dnSJH%Msto&7Z
z<cL>hT?-^)a%d5xLU(F4g<a1w7lTS8hC8k<tUYpp%cfZYDpHy}o@~&nY(qVGbE+g*
zgy(gUT;y}p^>;sjwSlgTHimg@32pOJ-yS<hUU=@xR?`i5NxJ%8^+$QGDGiN;D7E9(
zdJU&r-v+ac|6YPMvjTx`n|tT`7CF;qXo>a_>(DdpbN*G2P2-&5&{uIsT;TlIEcGXT
zf9d0Ig#d*+m1~xm75IWn8wb@@LtENK8tUzs?Heu&msHV5-C1VsL0_+J3To_2#^RJ^
zVqN&`kcBNM6{udDn)wp9Pk+aCpF2-%dSl#J)mK7(g6hzxrmRrGNT12m&8|<xukHFq
ze`<#fSVSm3ZMfc0U`Aa~4E#htX18u$477+5pg(kyJ&tF(Xl)K;o|*UJC&C4U&W`ih
z`$8~hgW6aUnR)bCf<l#S?pA$2$YgXXAy+)MDs6=CHDYpD&EasM&`KBZvSi%xl~5dQ
zjnvX}Hp$~FpL`L{=bM)Qxb>KT?nvF!1HLYwDl#`bg9K8~x`z7Q%|;MbLj$_L)0res
zo>)^7Od!<eRQkC{{*a~3@~U@X=t|`pf)^*xealFBb#EGHWYa+3U=-H)CH=VV%in8-
zjw(oaPAzyk-gO0VM?I^3&YL~7b<B`ibT%X)B~<KQfTvrP9wZ}I&BF4clJvL}vbCb@
zNcc(~)_{aPJ6ncz^Mri;76c=$#QK?3OCGVpY=p~6;ckE!WVl-T1*U+>rxkI-^V`iQ
zNwJl#*ZCNm?kk5ig>^k9m0g!kp>r`4Aa6|?g+7N>#*QXyrol&CAhj5pu07ydnQyOU
z{UFgzG@?m@Z#r-qbbcLM*#7<BC`+L0X&dNL$l8A00)Kk0han@^^#eS*Mb8&}-Q(Yx
z1&>}V%k}Q@Li+}<O#Uv-c7o5RA~PV-`O{JEup9%4`wtqSM16XL5|e>N6YV9jVwajj
z_%`UO?|~Xc`WJktI~7a{Hm%IE)VSmN;yqgf&hu*q8V9d7Zhc<YJ|Fz*i#AMLcdsh|
zLO*tIFKahBD>CbGP7L+{%tiBu@n^kUjiC$VpN2p~7UA-7ee^p}vZo`0cdI;EGMrBK
zs3j)Mg;HyNALGE@+cdIf#MSsD0x25IYb6QsM%<Ywe^OO{)RKsw#X(x_`|})ZrUxSu
z@h7Jyj0B}lehqeM&E>ITRpJ~kalkrk=Dedv&tk4Nf%^QU<x2N@ENA58sUx}swUU-;
zpC3{_2ArHl5eKj53%|BOSsGeSIp;nQDH=q^5kMjI8STc^F&^CsH@JlEH(i90gt6g-
za(J+R;amRK0&qJvRf$;0c1t9y(bDjHM55pNU0rftaVucT+=SljTlH7T*Yb)Jt-NWm
z8kn=ho^n$CP0JlBBR{ni+J_d6Kc0b=G#gSyv(ip(eKi>pMT19zvxBp9N-va(WX&XZ
zVYlielzWhUqH2D9U%XWOf?&Oo;HjIAJ7gPjbg6e3!LnyA>QW8r+xE<->+2`1{7?Z=
z&jKk{#B4&*2>eQWf42BNmS<zwvs4ZMb#q#bJij^Q$fM0tSB4c3S;i!o8!**)tC&!`
z2wV?Zh^hR_oi<+}@WW7bUzVHXo<67jR!8@gQI~J!@G2Fk!u!2Hex0x??Hu~UZvyb7
zaNu<~?#TcL1OS0n8V|Ekz$Ic{->5OC&G;2LI?WE3R_BNQkvIMx`x~>cn8(LN&5?CY
zVt@iqhB5*_m;VDSA9~7$5EUJF``>f^XI~}R(j4=Q?Zy9H?GJ$Np{E6h5Dc-xKVX?Z
zf#Owo0jgd+ocF^v{*%wQc@K{Nl>WH8Kl%9|{a4_pHU<Z332AE{KStF58MK#6p+4rx
z_GRk+55xSE-|PZq60zLUzw6}z;3Df4@JL)@*1ztAq}*<dPPKEXZ3XOa3qYXj9Xyg!
zp~Sl%-rRq_=k{VyP*EYy4>EAk1~$CARu80UP64(d|MR{6qcqR&ngZE*f0^gDA^prh
z>>@t|2cVhm9{8|(v>aUR%QQg5KK-nuyG>5n`13-*`&0sIFynx>+Dr@v%&>VEFz3Y|
zM1u^~Xca`Zy_=-6iC20+8N@udq&I7401zXrVx|F4^aX$b?9=+}y~hB$`w~FTRcWPc
zJ6rF$wakH)RQL+T#l3Jc!mxF*2rxFGl_rFPR2yg1ZeAA~uzV*nqHt1LTVeo+Au$3x
z*VdtYsgB~HQ4au{E*}am2}}=8*b*oRHpN+bX6?<T+iAP1i9o97G>7k^{3OcGr`r9T
z0A?QG(|7z>MQqfK0CI$Jg39;<_MmltFHkqgT9#(lE*%;=ng{%d`psYPcdo~SC<Nn_
zS|4)G^-ehehJ-6x=?<TFR|m90e&KR5aB8Xpm=`OBDLCm;Yi*huu9M}v2jHDAK+cIC
zsQh>ukQ4WJruE!fL?-}|DauS=M&sZ3^IyJ7lAswBn{I>wvXMyqZwE#})Om)2vTjuX
zz8eL;WTnuin*r^z5Xi1fr3wQ?B)}IyVYcUw>zgvE_lmYH_>*z03SS(I(V?cr7ji3!
z`G{!nH1@Pj9Dog`y&0{7`+D)kXTZ6QmJS8vNhzgJR_JCq_VD8j3b+q~A?YQM;~z2;
z4E#m`vYUn5?r-M-u(S~98l~Cx0?z3T0FXS|1c>_?pjoCF2LMEu=Iiy;V?6SLW^)Hm
z-V95#knQOPMTcw#yUw=Z3LjlnB^&<{Kk^sAB8=FQH?069@YJwk*W~AiDL5wmo@;rB
zLFwKI@^?{wah28m{T1MfPCZ7Vu!s?ObSRM3y7Xj^y6f>G(8n^p2>>|moR;`}nb!dF
z9(Vw>usS~iDJ545oO2zBjIYM+wmqS`VRnZN5a?;Wfhkaf9>9UR?Du}Y#|2I?6u6d3
ztbw6d;aUXtG#?uksl>A+Gmlh&>|5&ydA@X{4q)K#sEm0SJpn|1W4^dcbMjivD3+KP
z8<bzq?!&hh)xMM;uxp>?ZREGsqt(L;ech~}c%|lw*>%PoU}WQx75s59BI^#%Wn1ku
zb^wtV0vV@|Ja`}}1*vEaIC3?!HOGlf*58+w?<hOqc)3c7-_KoejUoY)p8IBYVkg7%
zK*7V%2>66>FMhljHTw4XKvpjBzAgj~YW0bGtLae)^Z?I@V^^9Acx^XlrU3wd>>R}g
zp^=>JBbU^KjrIhRKA}L6?8ZM(POyS3D%N^mP#Dp`rHg~YMBf2q{^LPil#0)3Wxh9`
zw9`JAN7YGEXrQZ6^k)+XKg~%@MP1SX$RoqK^yt0)0B4!ehX;emz{#7H!VkJ2;8av~
z<drR$Z)UTHx4nVLO*oS%KN%o6IY!L&bn@$9lAQ;$#@g8zj_)Y4Zqtr_=~9WO6DSXR
z)xZ~KwHdX-5)D+)Rw^VT)Bmg!|MmC)J9o}Mj~I1tD($(>BY@s#gQUR1>Du^85aTa(
z+~%M;zzIzb*laS<T)TK+0f6goZw-M(DGm)i{m~fIUS=vQ07C1e&e))iZ3Cus^h{cc
z_rkfuBg@HP7^GFyQn{OwpRWS6=^pVruu6^tk)3{Nr_d3hZ2Q%P_gbo%zAumzeGr<s
z$05Mr*DmWp%dKyXM~Ryco!^W~*e{f?sCwTqRVmn_VENLZRM27pMBEZSpu%aPb2j=V
zcHVDSIMDAFBiqsF2wdoD;9~q}1ZU(uV$M>OX&gD@d+I4At#B2=dnsGu_F(?GWudP;
z&C5JBg!%`;9G=SCr75a1aqB>Y+T<cAuf-TolwEwBcAZZcTKTw8dt9hknE6<D@eruK
z35fNZJ`xcyL-qoHx_3NCjLpM3!SUi-$HMO?vZP_`QiKM62%i2j?sA1k&XSm#5(+qI
z8T1}rcw`GzsGqCM8JNXH^446;=Kw4_?jw|1W(tMZF7i?G-K@?n=&kxl6Mu=8d!hoh
zeI7HNS6Y<mzb<~Je*O3%p9Q5@6F3GK$}z#clY1EIS`iX+lXH~_32&$c=ia3hbUNL4
zLf~B)^t<?xy@;%PN15n406VX!aqX0zR&Jb>gA0s!c_Tp*X}7vCQk8eNYx}I=%_Yzu
zaUO*6##xrRtxp8S?X`EttJT{v&<xP9ac4~6fWHd4u_Z#IZvm7*_~rvhea&JnP6k1w
zoI<su=9%S_{#E+)!=RAq@Rr5@46SvI^ZKEl@}ZDuJ12+;m;1!Z8)8)MNhkj-e@7H~
zH}@~Y^zU!wv}kYexoO$qAT%)=oNSF^xM?ofg$JqFcRcu<>)nvhEJM~nW`$#C1~pyo
zwbvCi9E;y>xR&^F5m4h>0*)Bj0$I<O6q-2yqYKZEO1OpKTKtAU$%$pS2__Prb&NZH
zm#?_})(j%z?xdq1TkSpT-E4?pOT@b;<2S9(e$%%FI{CM0C5c7HKIwhZ=ed{pwuMSH
zn0F5d5b-eAgf-2v4FbPFR*LWqZ8K)tS?BzHs93F#aI>J<b)8V#b5h!3XU;hlcPQC%
z!AVWA_{H&rDr#IYAmkqoA9!58h8Q}$1=g_&bP^L@z80OhnCLSJ+9-0S_OK<Qx3*>>
zw5A&fp5|XfU<{8yICp)HW;;pl%n|34y{QofJP=?8xdAK^!?P?io8!e01`b6nV&T$X
zc^HmrfG}q1tdxfX?Q#V0%N98&K=$?nEghYL)xdM?^DzbLBKoOoz8@t$LG9*5kO5Uy
zE_#qBW5_bfm`av(vPt9^^1kU;^%ngJ<MJVV$pwC*XOGvBEj|AprO~@LR45HiJO|re
zotH}U>0FkCHt7G>yrPeA;DzR4a?|!sIl7J*2D@A>Xl7+B1g7Q>CfhqGhfxd(c+aUR
zXi_TK!pACFd>@m+rt7;y$t;igdR3$$SB#ONSth|ttvp7VLsoa-tgl&K#R3Q<kSBC|
z()HMNcMlcB>i3Qr<CgNa-KUftLOZv4sjpq>NNd=bHna=$oJ9twwtiZQiHJNd;RnJk
zUDaERB7t6xP}j*=nSTepfBh<nh5B3shNT^rO4V{fZo}&fqptSwc0_gfy}sHLQha9}
zqY8@bqyTuPDR?KGFZ{Ja@Ugql=*KnIaV|=<PDfuJMHJa-l6tl%ttpMhw<LofTumwm
zwR=hr&3%PK!qPQDfukV%2#-*KIx(F%z18d9M#%EZAxbE)p7A{$0cOKCe8b%62o<GS
zX>}b$f)T;-X>Z?+g%m9cc@EdzoZ2fq22)vcaLmpOI4QlVK5IzYbsac#YrW>t;dGzz
z)4yBXV_c(<6VUJWtV6fQgnk$5sTx|jVXu9+NY>84Qw-KK^0>A(`1lKo$W?VT?P&8F
zpirF5a*$9$aYk2a=r{X?x$zcdLn1F=KvC<vDVG&GcF*;`RVeKgh(*MF42VvzRDvcc
zB}=HmYYthNUJzkw!;SDSwI$rf4kjMXiXB+cW^+5Bpi+Cc4}Ejw=go^r^i;V#S?g)c
z<~0zl12oIm1VQ_Y`|B=WewXEM4Yqfzcx;M3_}CkY)$rFIm{wI*zuV)~mj|<s2_Jm`
z8Ue#UoULU)vwZ!gQ;!Y-m8~kw+m=ZS*CT+PsI~a)mg2+PqOK(LbxRSY$LUWTOV;wy
z$S&EJL{`T#G+e}kK%I811cn#v*CxA;OgVi0KDeckK|bqIetqmF{`Oh58!#<JP-CBS
z{W;xLfs$K}IeMMraD+dj6InlKJRTb#Nz!7x2X#isTN>+he|;iiy&vO72>s^zBP{=a
zWex{u3?5T5{}8z2DcndXNF`#Zx5x`7U51KF-frvp5`8d+4Ubzt&ENu0pRs|N@0Q^H
zb8hoP5Fn=y^0A0XN6(a>KGPp}medV$JY~e|0h6EQJO8>JE@hDSpoZohi~lamdLIKe
zugv-D+dos9`7?=xQ}|^OI6|n-UxNL=ejBKHMsSF~MA|CgZy$&c<l#-OrMQm28zpr+
zkPD`w>;JEW|3CiG`&95i`XmqWU-uD%o4%(4a@OwksNElUG=F`Te++0KiUB-O6M>}k
z(>CZoMoBL7D0r8H>_t`o@!tL%OF)y201pJm;0ZQ=`z}SnyVS&6tn2>k?f!Lx{MSu4
zYJvyi^Te_J{51dLTu;3U-ld&S^WG0w&<|7chtvPRlk>lm^A|Ie>%Wup|7GWFNAr~q
zhUz3y(*y&JhM)>`)35i3&C@obfCV_SX%N-)bCl&@>z;w@<-=Mb=DMELzgx}^sk|5k
zhgx{k>3)9x|Ldx>m%tuzRyQ*1-@Cz2zWN5Ob{5Z%gWUhS4T^H3V~%D<u&lp3mbk)n
z!LC>CiWU6D<ooA7m?Q{x(kCv+%wG>F_^F&RIBr%NXFmPqr2n7a27aPsiT@qY|9B?+
zdlvk6K>s^K|89N$Z<c%@+6xu~wx+<KqvZgtyl(k5%$q*|Ga2y$NM__3ccDK&ivav^
zR`G1mwbTJ<ZKg34rZ#YKFq|k}^O^vV_*05X0)-FU51LPBg<o|25Oe*{+5Bg9r~M{X
zSGwBk0jpU4t@U|B`@>8iNjDgAnsFNcz4mDSkQj2ddjrr4&4Ky%5`Zy317mYmLqrLb
zbosb<GZvM2sO9_TUu{5g2f^OMc4X=s&}pd#xiPcnu$Q%)XUgT?0AO-(`!&0?)hzFU
zg`?Nv=qc#fIe>axcOI<<?7pu1UBA+M2BGAAs^hePGD;?}Yz+gQlJCICm|kq@A1!h3
zgMRBNr!bj^yotFK^6vux!<z%|i_~`H_RmFM9#X;i)EAt|eI@~+6ecgFzx`ewKu-CA
zE<cWQb+?vdk3KsGb#KxKB<_LZryl^kasogyuRs}(e+u|-e;=s|z=kXUj_5g{HQ>Di
z8f)(}+fj5XS^*_j&ng;jjz^TLBrZ_6)x%&w%D%l-<`JI-SZC-y03Bv_DLf~BCyF=+
zaPY2jWo5q~E5=Xhf?Zt!?g6&}N*gpI4p21h>l7DnmbB^NPXOEX0UYXU@=y4gU*`aJ
zxb63EK(E6s*w%XT=&oh|6eu&u(v<VrcYeG(vxgyIkuN}29+38BLImWv8-xY_$Ss*J
zYN+uBXg!z!VCi!pP|QnF9|3mgF94I8zZZ1=^JpniN)_Q<d!Rsbz3t}8=X<=l3>1Pt
z_V(g^;f-I2bJM<$m#e6SS$eO}u>g#E;{F}&N+7pk>{5GN{P&(DtF&i+@}QVz^srzZ
zTw9F@-!LPc+6LtRH0KD;6+q5@P0?MZ$pl^sp#Z^vP)bVQfvd+H0Pn8@J^SzN9~5E&
z08nkqWf2^lW*$I+I1UIjaqduxRu*p*neKL-Ze@3_KClEz1HXgTKg~N0s9`|xY()Np
zh{O)GPc-5HQF}&Wj8}dU=+Z=O-5XV|I+C{1QFh~r&qAlbE#1Ly4ez=n`$@B(2mnF4
zQ6UTH);%mF8NfhUimckXQn|mk&G|lUgqjHI8v1kKt+;&u5TfIFsB4*ZY?%U@QyTWW
zmL>P|mK73zEb{(!v8oSK2}d-Gb_TVZ1Jvif{9V$;N}z1bdF;b%sa=X>*u#+7n?Y$=
zp?0!7vl$*ui2KSnv`el_6C3;z>#5uHDK&_4@cWsAH+=ZX;_?i&MV+Ntq3}X}Z2?WF
zwN?^_`bKLNfRqgaHf~zZQ@T!SNK|xu^rb_t%H^OKF*6O;ylM?Mw4_HgYx$@Z1-iQd
zhHe5N)c4+jci}aYQ1!S<`{0=&&5kXA_lf$UDU~|vY7r{S;dI&!uuafr`E9DGD=Si}
zKv6Q&_nW3kpw#q?0?<ubcL~dm@g~B8HCk`iE`p|sP~be1dg|~I`;~!$OXsFW7^sN4
zCVrwo8zq{-29yUoxv8tBV(fWzy&AdGKbn%k)HuNtnVDAS0U&EN$Ue9Sp7ga}b)db^
zmwUwHNi;XlfDV3rb7=xpK#$!zcI#ch{`ScA2aBU3@3|LN*vDuCPmV!){Iv_=wHVD*
zF|hCHQ54)cmnl6w|ImmS&|3#9`CV`rTwnjvG2pbJoCUG!*Cu5GWX~jROpWDMxbx%Z
zWmh8fE>hU`3@=Y9X|UW$84QyPmO1sQfIW+JBu{^zhS`Xo(g8Ba9-IN!2eqWzF@5`7
z?eD2lltQ0VG=+Pi%Pe|8sikXr4iwYwcNv4$jv3*GGdzx9VAeRb&w-L|Ns~AD&@S(d
z@@22&>+XVy)-tyN|Jo|cdlET30!ocRW>51$*_Xjw=%X;Sv=|f(B{Jw+2SM$V8K7>;
z7X%WKTcC!Nc&MistR}U@S_gwY*p1nYl<~)BRHJ6hUpvIa_$PV{+6rrLp>_ajdj+O<
z%cK;XN)$0B`<RN3e2dyImml{~8ipoaGb$%XaNu>{kU0Ig>l!-V?^8kVz;4rKX-GiI
z+4V{+odFN??7?50oLp=aabfM$Q$vE~+>CjYVkxaTC~PHig2Q3u2H0RVIYj`IFWpY!
z){C6u=WYl>OI_4PD8)PeY0%a5b@&yiT3t{DibIsXA|8|M`I>;el|)njPghx2PK%tn
z0}mCP42pk1`!6j3AT$&TN}hrgl@*3_XNoODd0;%GBk`cFIkmApvY!wH8@`tFVRnJi
z9tGfgtD+6Vz^kWBAAAGb7p@nnv3oCNF#N^2BU+gLWINF1u-0iE*`|k_2j%SSV;)|K
zbQ~G9!(hO99}$K&H{wo_ge-+$V>p8XPEsTX+?VQf3=!cx9?>BehTTHE(qFH}%0*R&
zzqp3_@RU*=)kenQ^0sdJ1N{#BxR>o`Z{O<n73YaydF}<8Vubl))?C|QJZYK9#-Pc?
z0-SG|$<ax>018*_`Ml%P_~n|>ocS+P9(o(~vZk;vkBjv$ecJ@paC6YBm3>U}C~wC5
zmLP(IK`?V_Ojva==d(uGCpuPg<mJ^58i9tQpRe4YOm3}kr=H2Q=&T)U(2$~Rc2q!X
zNh#IXv7m`~Of;5Y{m#r}9~^*-uJB9RjZ^}k&horu@s_lAaO>Tl69syC3{*zy)$L!`
zY=^WW>XraglYL-_LtLuYEq%;w0LVfOMRra<WX_OD4Jx&p7(Zcv9%j_hyRZ(>UWN^d
zbX1KRaCPdmer*~~CxvP|)l+qBzq#uAF^-m#3gY>wMjr0VR%gElpGa(0@AUO|V^b*6
z3cvr|w_W})O;5!@l`N)9bp5(QgWFjBzQqFMw{O74`DK;MNEuG*Ld{)g&m)c@>@~2H
z6^|C2Z<HyVARi2}e`p#=efP-cGe@qElOQI$_FBpdAFVxfif~@EVwVs-RnfLS#N1x*
zD@_GDp6xue<-BFt##C0#QD$I5z8gv45zLuy0d#}e1;3o__+L6o1{%?LN_mpzgk4h{
zX1%q^E!s)91Mx@CT-|_#Bh}h%Gz4`C4LqYRJ4^N3Bqc`onSrA8la4mSJhY2kqwn>)
z6^p1E8c9u=Tn`wYV|`VQsXsBJjmx;7aC6{r_NVPJjlf8+m8k&`c8%iR>J;3S9|wJK
z++uV>_v<fFeNp73KGhVdwx^|ATJ4ewwr0cf3Wouq{RFI>?xJ{JhR=FC0fRlOv%Ub@
zdn|zT(lb9$hZ3{v=Hj@lqvQ+BihM`KsRd3-%?VaXtFP|@O(ov~Etb43twWW2?-6m1
z8lzbKA}hm}dGlai0e>tk86khj^AQFOpEZ|+cHH0@+^YaBNtM%7qGB3-OO0=P6NB2Z
z0r}X%v|so*SEKpEZjQf8dm+@^y}JYgpovE~T88srWy?qjxG-I){y3Vk$0T4p_edPf
z^4K<KWk%Bu--)0~GnQ=K{1a+LLI>7@(=<#apc*>P#mZBHdBa-FWwh#<K2|;QHAJu_
z)QvpSg$aj{oN7gGUQ~~xzSXX+|G`Bu8g2KPUUwYzEu1mmHO>C33pk`ct1xXR2#u{#
z3ig{0-h@(vf%@4XeL`UsIA8U<dh$(1RDr_9e)?7@Fb#6AGDQwhbOpD8LI43}6*hGS
z8J#nl=ig<ZTGofiY6uUH)zXmDtwA8zdN?l=l98Gos6Fj&LB-?N?roO(nM5o2rsmJx
zaO6z!jQv82Vy~HKt+<|MkxYO?(CmUmrjLGbRr}<35YE_O6LX&n?Yr*}g64pB&-xrP
zD3>#{z1#(-n(v{!h$5>N*3g*T4E(pU<Q(aqYk80J5RApg*Ivr3FN};F_60^Ka9Ir1
zm&O7hlD4w5`+NAaJMu|4=zzrGu(*f1_~%)k8->SMgf63%r#>%zB07&4@4lLNPL<jy
z*t44hWq4l!q*DAMYt4LjgHK9+=kys3JiKEFdcjs-gJw$%hi>S#TN>3+0!5mzw(`Xk
zpiOL=I-E^Nyp3S%exQIqw<edA{4ghi1^Y@Zt_rOn!MLWHG)%?Brx#X|s~o3<zbV08
zAOmk?s2ZjnS9-x3PoZIWfOfKt(k^`uckhIsTUkDon>oW(FzT3kFWfiG5(FILG`0+n
zpE1FwX4p%yAy!6WhDu7o954b(W`Ad;<1S*VIl5BW8abA=y}%Qe{m_AnHkm?d8iS*6
z)4a9o&A}*!P4f1w*@ClvrwpWXXi$md#Je{#9UBNVFfI$RIeYiOIhr7@BMjCD;5F<Z
zCraD4;8oCh{UL+s4sV%G`!0itmqacTE@u<J*=Vc-M#Atc&g2A4jJSv1LOeNix?@QJ
z?f3Oiuh{Psplp^RgA<p`o6Y6SVb!ydQdd{Rp9!bm&{?1wRLay1v<cIn@CCv*V!(P%
zx}^{_(zd<6WI|YxGU)DE22GDvw06AJIg`iF3RWNfbOu+{=l<ckaxrf6`_6-3*`woM
z$!!K1Knd1b2h@=jS$SFuWfLb7zhrOnswXGqk_0lV@0U6feCh9y+o0%$sOuKKS99v-
zyV75`#o$2f>bD+C^2(l}BvHrL^^vqXGf0YspCDmElf0y&1F76F_W{whuWn}6G~hYq
z02&k%mEf$>76?62fb>=G{#unrkD<KB4*~^MY0ZFqHKa>6M7JctAWi5r_YsDY>LH9<
zk-tDgMDF(F9_Y7SdK7+P3utmhV{Z+Ew9=1U32dASL82Ywf3h(__t8uD=Rw&(hUs0K
zao>U+=wwE*OM6FQd3&W@!>?3<lB^}6RtLz*8R}LE5bQm{7PAt1v3qh6khF-*ULZZ&
zzKxW~;e+)+tM0-ntE<ntdNu)PP&XFBL1MH2sMY6Qcl5Z3yQ~wuG3z@!zHv4()`6j!
zUCJY80X7PF*~{d*7Te)0Tux7T@odgEHBngOPzfqw@&V|r-k6W}rlWA0=0NM{iX*ED
zo>ergL;Cre1ov<3q*Do9D3)KntW@2kmrYOc+IrdPNjX7hFYt<E&(VO8q9`bXHmZ)W
zpee5n?|pJ?@cU}xx31O3#^d@y9b+zSCHGsj<eA{BSDB6{O8cNsKDctC%Rcut>T&oI
zThJ|+i6wTbCl`{El7b%2Fo<eyfJ!t<33`a)!$*AdgtmHCJZ0OMw@6!FiN=#LuE*05
zM#GyiP-Lyf5!DiN_ge$Vx8{N0$U4hPV+ORt>0V$*69mU+_?riyLwkV4e-qA&6K4>m
z?%2g{ug|j$FCQ=p-3HmB;n%qyIT|lYuPzQqTcQYBQud!7Uz=spSFC};>#y>H#4Yrs
z5bs$wtZknwQWim25L>0^Wac;2M_b1uBVeE{d#_}QjWsxf4o>j7$&gC~GGDepaWaUT
zljAwIvDcLhy6G1qOkSb9!pCwT9~3miim-5<-V#&+_s>1*I13PT40g_*_%!(ZDXs)6
zY*h|QQQ^^Zz>VyFe>b~%aM2hms(XnJ{we!SFiK^DRpqf)rjI%NOFj(OdzeR|^t;)E
zRgD8W$of26hJNTldj1ry7gz-yP9yz2JNmbY$x0UtJagT?(@Hw}+nFXWF^uLKS74oN
zlDDaT8EhOlN<TE|^H7ePSv?{HE23j%XP)E?v>!b>?_SdfHST#po`X!D&SC$RC$2h*
zrZHk}R?CN){_9=2f#O-$%{n$G5kjqjBH=jEIB)irz9KpNSLZiy)@5)yAmsUiJgqQK
z|FyIln6A!&eUn^cL^y~us|`k5Hk|JAdjLGuMnhmAH`+8lA^cB!+<zIt|MdjqGCB~1
zdqQj)I>p6A1=9ZI8Uol+2Ehhx!NS7Qn+4@1f*q#>*mdZ2zq$8|*aF<!M<&j)*ujtw
zzj(j@bX=D!q#sSdeHph%I{o**YX@#H)9>u_f7lBD>K_I=@SFd==>NxK8n`^uYhE4s
zsOx<A5`DiF&57Z3vKWq(bK_T2{h{0#?R$N|qfYw-qjtOfv&r}GsrfbkH-gZ#ZrIGJ
zfB)Zq{wnYyJ!hFA^;bTs|7iyNm%jiPts(5t3Q7O+Rw+|TotkR$g((Z=n#<e;mNP<Z
z+r-O;C<iZ@>CfMOJw*+*lB_~!ds7wIvZFOF_4R-yU@vr4F6lcBLqDRYJX6%Zv*0^(
z>*-%V80~%2t!4?COsCTGKHt0(+?(S5xCq7OyYxFj|KhKnLA{;o`R2EhQk@_i&91GW
z?9V-9|5*M>^wdX4OjJBYKebf<b0}#I9*#Q7zYzNW!$p&P<=etGFFdU7J+<LD>q^}2
z6^WJh`_h~Fn{tarl17o;y3Pm_+OTPsyB=0<nHkC|-Vp&YNpLMsJ{zS`fkiG1wc7PG
z-@%lPYfrytY?-chmtMx4z54U{%c%nfhmX$bqWUuRkvXRQw)=seeyT-z-`}E8v~yw^
zhD}%xn{dkYZ#dPMbJz@9^cizA>&DH-p^`VxMdjU=VXpnf{Q6AW&hPfe<-hjxvn1+E
zCcYE$AmT<HUAVGtOR{|alG*xXCL-^)S#O}%Pvdh392GT)w%QUzfBq!@T%v)eFUvWX
zQv2y?GydJ`Lc_prizivP#r*Vh|2Qq=j-Cc9Hb{mq>u>jPd>&Y_7dPg_5klL3HM9L!
z`1LDlrgHU|rCy5vdI5on9muIJbF*Q=VspE`U$-8OlF7}Q^wgn|*=@*IE8I(ojDilG
zYw~zKjchCk;23Uh4CjC6?uC<HizNieoxxYY_j+eSJ6_C@pV-fjo`{`$*q3I>zfhe9
zov%@d>3_2yYd*4H;@7)<Q$DGkW>yy!+J~^7u9W_gz;aVyW;_@+(Bt82mOQW{I#8c!
z)S3pvw;1eL{EjB8^=IZudm8Z?mbv<&$+5dWanaky9YWvgrHAGfegUCyQI)R<!9inL
z5>{dY(u!@_#0t@@_z9tDa0Y|MhU{>GL_gtS5cC0$Wmoh}!2Yf$01#qC?Yh4L%-fK1
zKIa;iwobLi+k@&?i<qNX6%fbgZ~)HC`Y$r|3X?@0hx%hgY~QZ2tNr!(|8tqs%W)cW
z`e<|d$DQ8KdokG$J1m0ACfj`PgO6pc^%66mq4&$K^p@J^ek7*9#P38LhrD%f(RFip
zOgCI9>G~#qBsXmrvCy2Pff0h|m}7)`KX@o^JAXPYm1EJe19>%b>W=d0I&5~}(nw1Q
zou_S>P+4sG%p-l2*}*#8NKX-j)9B?rv?OL^=+SM_QXjINWnZ~4zb$`>KTW~WJCgfB
zXVq~Y2qMS{42lMey&m;u>k7zL2H|MwnUT)AbPK~3IB32xq0gcx3o7Qj;hb$!RSC^d
zuc@k+{l)f8FQ7hJL%5)&+rJG_mq0d1`uNSd;?w=%J`<mHbh_YM#}hG)TYiEBe|>bX
z<E(ytWfbaDr3@~fAZ_!iB;T+hVHf`9d^;99--pJ=Z|}LYp)GUc2eX2uy)A{aH7j#q
z`who%0nM6KSH;OW@KO@Kp9v#3KjWlYbf8GrkU$Hczsvkt8l}AaF!ySnR%-eAag<Aa
zo1ulhxC5%fh;tU_CM;}yt=SOac_PNX?L7WsY`>ue6TZi!xsVZ}=ksN~WPYoHHLYas
zwLi=bC!RIlw;wr>J@*hT>JVh;SoCsPC*Qz|bE5n_abTn>LB&}-_J#nhN;N!tKh+v$
zKZBaTZPec|E1qq&l9s>t!hSe8MmpekVe)Q{4Tp-}EE~sTZ?1#ugVL<}lgseAXtR}C
z{EVy)uaf|K*C%hWOgja_GE?rLsqTqrYdloI$)_~Ku7t3Fa#^GG*xL^1KXY5GlwhD;
zI>MY=m@*PGTjYNdU-@dcc6TZpJF-a*;43W}c3!~A&F{Z*f=jdN7Bbq44?+`Li{(kB
zF{rYUoscU2B4yY^!^xwiev(e3d_^?T0}Y9=_Kp(|d~dDmi{zMdU>-Ub#W2ptayQK-
zd+rGuR&_W^f6R<;&qbf4k|lTf;_{;`H+h`5fh^C!@?=x)y>K3#JR^y0gOV(hYZW7f
z7Pr|z`p8`%Y5w^L5oji_uknA<%}Nvs1uhKpk8l+KX<#uC6V!2>Rit35B^D3L8Hl}|
zO|-|nfg#!<x+hbsUPwsD0mxa&(3OGpr&H<(OANhf+j&{GQYgl-#12mTkXT_*Vz)U{
zZ0DW36yB1PW7VRCwCT$uFzL4`-l<9c`J())kyQN%_d++n)Tb)iz7{fP)3$~%3#k-o
zFy8R`5MN{g!w=AC9FFg;^FSW>Xn3f#xTZ>g%ovAykW1K@pdv0{xrSS4ykex6aL1)F
z;fMt)F>%ZiWZyYBews>|jLQqxg>?+*<c?TMVIc4J$AhHvLk%26dBcm=bUh0T-E;<O
z@>N2QllFwHODg7rWY}QUrYPd`H9uy(y{Y0u=$Z<4Ned`b_j6>dL;uhmx&HiE5Q_O&
z93rI+VGrebU!-6XXNj2AF20)=I}jHk?K^dks9l<zxKD<Z?S3$HJjwiZ??I!hkMoF<
zM}y;9uEp;2^~uk0NYohWLO2A#WArrZ^O{{Wy1FsBL#AyfOiaZwoYQbxk`9mkNPJK0
z3D=Q@>+d25T%@`|sYiTK)OM08ci$cMzSPIEd|-KP-DV`>u6;jY*Kxrkuw8wM&(Qj$
z?{)mJi+p#Rk>}U+s+$eo=#~PrY0u)r0S2bWvm!hP=0fK=65CK!0aAU3?PZ;h|K92b
zi(2TuP#c`sGwh9#TWx|oH6&JcSULJEg&FR>fe<SdTWHblEr*D%r9LAxrT{lDnP)vS
zgm|w}vp%EKWX;y+*@Ux<-12C#7WQMrVd|KtsOmn<eG4KCJZBTzdWr6>@9`<zmL74I
zv+!xBsb28F=bXXyp&{hZ>uv`YoLY%CWDEkP;UQb$I(d&H?${c1%Kiltzr)VPl1`D8
z3ULTil&e?x>98~7H|?W=_h}yV<QAc9USRo*%lmtC^d}CM(GF$VTfvuk&PoG-4^*e-
zedWBHqpr*JXN|4`!+Sn=32BFZL5}YP(D10TqA93XW03ngs2`M~QyQ$keSMSW!tfay
zfeQLGd)k1Y!Mn(N4fEB!BUv$Rl2XS}Y^hoP`6Rw$NSVY2u1=AD+0{9Xfru<TAM?;=
zFO9ILjk*MJucU8&;45j%JCEb`zR?VpSEi1}zB29`RV8VB`&t$MTEKIpjIiAsf=>aC
zBc<uR6lPyrDp}$9_S8$U-fH;fd`A|R@J$Fo#J(Keh1D%QrjxR45#IWCjkzFqoJx?V
z3Y+B6#WT6H+Trq6I)K1mmC^+9^^T$&D(mc*4zT@Zj>}VfbS_f*6HWMQV%z{>dEQ67
zSlY0!;287ov9m&_@iI4tTRjdGZ^a5fV9qg$3~!0eft0_N^QVCjN-9;{$?b%$-C>5a
zyUGI0pOFJ#-~P?Byvc||*f!eaGg~cF|H5Ib;lpdI5Ejr$fkMKRDjT0b1ie2`EtCXY
zT5h|=EV4HUUkpLntQ|@;!v$=|c&xfrZCAbuNGR(LMzk{ZKFDfIfjlyaF1w9s-mdA2
zz<(i;lRFE7@%J%^dS=I%HrV2NK%UP^(;>|EDE8RKI*A<ch&Z*Q8aX3XEgIIpCJWg(
zr^Sjze9<^B6cEA^-n4apYe93!NgNp7<Xyk#6*=!~u+3^kQiF*m7Q@ct##2}zFEBaM
z#Gu{<4BxbL!fwmq%9JjqbvJlA&m&O=8hOTY?dl?6ypdOUhlN8V7wna1uMjmR>>doD
z0uG^z4lymCp>Yq-%$_rn)@_F(HG1=?DvGSFho|*w?BH`^4*l(ivlZ40+1C<!<pc4@
z*~B*1jLV!qoV2kw_BJ8rlHJuz;KW8Hc_V%`#ineHl;GW^kfzTbiqSQ+v>}rl;+uzm
z8lDE4UsmU;A=tg)D=WyG-75>C3%ksVu+v?Bq?12l8r~F+gk6hV$zR(jqnpbzoc^Ng
zQK$xM_k2jyT#Ex;vf|byCBu0>leUqb#jooGO6p;YB@4JN#NK3lZUmdGLF<e$FEIh<
zUA2;O#-Tc2d9Gb`V8IR7+9O<;gN*(}`!!f{embbH#i-6yvdMTxC{P^BGCPbTu<5L?
zbnF<~`N4p5*SKgeCXnti&h+;$%LBwXy_3e5!ki9}D+mM{-hJo5mI?6ya=5<FkVgq3
zqUkHFM0KQB_C;kC4<oGhX)5o<+S7I0ZnQ-#c~Wby{Tm#Pyjk=Af{G^RL%qH4M;8kg
zDO=*pL-j_n4kspOUt5>)O|12jG0%E?L|@%#q|r-XCE9pmOcy6e`7^r~^S?9OR93^u
zvJ+T8M<U8s<-p_}mN6km0bO!yY!iQ8<il;F-kqN7<RK`hxIq@~H<Ddn!R79|uOkCQ
z2m&cB6)6alNSN>A?d|*~o#DxuXJP}$+a}tIf$D^8F$0Eb?PrI;VURN6m^<AFIRUO>
z>H&oRz@{Y3;R~%68}iYGaoeAVp6-*M$m9xR<L_7!c{P<!e*Ym`E<flC?RxO(h}1qx
zcx&Ksw)N7_li)9RlfG)AJsfp<DiaGkt#fEcpM8MP37(#ISu!&5uruh<$tR4W9@r0h
zN%a+}k`gK|4eh#zcle|>y(bb;#}jX0G4WGaz1=z*4bqPHtK(4x&8>vY1V49gwh`$p
zta5ASs;%aiJ!k!=w3m4=Js5u8{POe3s}5dOt$r}2MPKH22|SWNSCadT%LkwMRusN3
z&!)=hgi(p#gCLdR9p7@SzsHI#H2rOCpSK%h1MSX~wrB9AFx^1=p@nZ(`jCrPoK#!3
zaGNX99&d;-UW**O&7ODXDvNlK1gFAm;;i1}nZ74m+|owqiK#iVe}#}R$8NRzo(s7a
zS~_#MY`ZJ#yG)go5?0ojBd8K$vr|O(`IWmqW`EnPvaM5k0O>ckrB>QTsBo??dpR87
zFVqFub;h3W&I^W(qkLX3yf@3=y)mNdz2~W=@DiJcUx{l}?^E=4WB#tAKkgs0-Q5(I
z<`&DU(?XM+GU*d(W>kyZ-K*+&;TP}kf+S9QU;REsO57bCYnh`X?=d>56zxH3O~}i`
zgNlLo;ki6dGg1D#-W=U8vm=G9OFcAx(;?%ay*b#oI)35d_zaCp`$qX)+-4QiEwR(L
zb=7qbeUP#P`^TxAW+VRF6QH&Nx7Tl6?%B9t6W1!l@{6^f%*6G+nNSw4&fJ)Pu4`ye
zMxsN=Xz`mn(q$GauFAJ&#Qa47lY^~$y)%ow)q1S5+{MU^gSuiqdq8L3WFqGo-D8N0
zeA2#D(wkg&`IJ^j#!CJNI)_Rh|KHzb^`>Y{ejadK!ag%xe+{Wl`Iyh^k?$1Ban>o`
z=%IC6T69g$cj}Nbl94PDR;lA}np2XiIUED!b>hIup|CowwgZQ;YrX@>ONOoRgO#17
zn38~TaiVc{a;U5R+l9pbP9!6&SE<zi;n$e~ETC`R=Io;);fC8pRr|XLTH*#<xP|E=
zKf`D!uk|$ces2Ra(v@Y>-j8YF+mmQ=;-1IQ>Fs2{;9YMO@mOLdu8RMwudHO^;*M$L
zshhjK>|?0`4(l8Fz1uwvVxN)Oz9aG~4yf4uzITy>eB{{qD8&6DKchb4NMh$;ME-zH
zxRK!Ilz>$<rjEe`LrT6@Hp$ymn!0^Fez8uQZ65XbHpXY!c(ga$`-`iXLmjQ5AhFHI
z=328Paq>N!m>WrFOuSl7K9*p=tLA`6SvRmfV>Ief*ZH{a0&g$=3M6WWm>TcLyb{x3
zoUgV-?nU6#F0pyQb(uMhouGu>G6C1X>14iH^9@iLYC?YnRiq7{udmp|TRp{d?i<qx
zo>8V$8g+=kC#AS&K^Pn}1Seg27?NAs{kwXie0I(t1cu!ppC)pUv7lQwZ7t!tMes=`
z-lS~DNGL;lkF-b0OLbt<H43`jbX6O<blM|>eu^y1xiE4~ppu_oMk*78s-!#$&o7`B
zyA=zmM0EXxnueuHkU62J8zaiL1Fw4Im-oX5a`6S%i83WIdK0b4=u)VWvm)WzbSfV*
z@Z)ome`2_}_0_r-1(;aAOF+-1Xg>*lL!!ZEO`+HbO>=iiv5zgb)Um8BFT#z4@0z2I
zeCC@(m!Lua^vv1CNmD6@ed&oq@Cx0jtPlEaD{G%=Zie5@dpOIaSap&tb)D?ffEcJn
z#_xoZrg50;=?jtWC;|t2B>y8>{LLOwAM^9wlek&*5PUF%KXR7HY7~Wi-l|ZsBUGXq
zQ;M&=%y00jX_R1ouIF|aj?)<n@7k40J-1dH_{gEun4tOUU28Rx*voiFymsU`NBjgi
zKWR2+?K#mvGJfs&1Q%ZS0RA&1ws!IJ?a=&f=5)i(r8}O+FGGGdt_29%@7S%H?bX(`
z#`FMDuq(I91X87w17t^rJ;-(QM)}DVlUU74w-Kd*+t152l@R8px{riM+-lz6=_orc
zZoR2A+}hLS9`uQENb<XYfvW*p$b(}f`;9aS8(QJm7Q7dc+)+*PWq!X$K%P`F70+s1
z$>m8(vNcy1)xLv}U+!nO)Q#l!$!>D@a~d+o7eSBvxUDA39xOK7>!>f2<a(H0WuxH-
z6LYD2ZeKjssi)O;tLYitUR_0`x2mF;h_~#(MMIkdd|XunMVO=ASy;^Zs^4_p=>NP#
z5_T={A{{BqL!lMnG@@cSW-c5%S69KdEoYrz2m5qY(kBFa7gq>fB=<}hye|+<#vb`*
zJUSd$G&ijABDWNmzEJy!;HLqLY-ac+z8kno^IW8iI3CrDgO{w@>)xx=_HYXEHXL5j
z%+|#dY9oWH#V!e2hadL{_?rt2(S4ggRDv-%q4o2J`e#80yyR~R01A~^jAHm{WcIHg
zaPa`-Q1MEOD?OKGpi&FE0@6koU94`E*gE|lps+251!d|$pD8+vJxfhB^+u0GI(EwX
z0hWDJ|4`S(KR@rUw-k2&AzS6ucVm9k_oAu|{S5U+O4A1BW_a)EwUoxs@)TsZai@1y
zxJj{zIwq^cNlK?{(D{`Gq5qd3G3qG9GJHGf@zJ?n6t)GMtb8<Ev?ugT22{9qy}v|v
zD9L==_->9{;g^r*KgXRepGq>Ex-3{8`m?q1=R-1Fqm;B}x{@G2zuF%IA$K~k_z`Y0
z|9pZa)BnSjIo12AY!7?V;Vw3F{OiU100#c0V#A36xa>EvWAcCb|Nr^z^HA`c<|`WN
zr+zs}DIfX2xv1Qxxz-sTut{^%$eg>uHR*il=QDvadhZ><z@=`lz~}G1sW#hQ(4Xs7
zIxs!1mv4SJT;Yjx^MR)|M>xZ-RIgurk$fj%6n43pk2;X=fWMnQ1HgCh&}_^za(e~}
zyll&_z8if3Tu<--`q7oSgDF_>XDV{|f^r5dy!8cZ*I%dMpRexEA1LwxNd0Mz{<)tA
zuYbJUFlKPmUK&mHB4?O$(6UVV&*E!4McL*f^|Ku&()w%4pZ(p0!57E{65L96j?2a(
z`h|EfdkMyd@t%v_jOe~gXHb1923|PtK5vgcc@<Pu;^J(xc=~{{0(1Ws&im@IhTWza
z<z9pI!}a)sA)+O`huiSxhn&v!etzX+hFX)&Ejiy+(#urqb@1<|3mO(kMMv`fWWYF|
z2AgFtY>|l<ntRD!g4i4k^=R>2nXhcK#_!GB_3t6<Kjy8Z@jvR#y!Mo1>-))--G^sz
zJt%p|=($F5HywOXG;gkL=yUY#`eQh+cB3HNfsosOH?0<_Xjq338Yw{p^hiW>!EEqG
zxA=a+g(BSneVF|qhjO1Gc`JOblQ66A6q)JWqKcfas^UW(G|(xDCEHp?`U=(>$Cfq6
z066pHLf_X{bDB+c&HC{4irtV<*Fg1b%~sMtMI~$?Jus7ZqG&kAZb8+^QKxQh6(Txc
zcq!I!a+#!fYv6+mqm+FJc8?GWG4<(@>OzoE$o1Z+FCG}WRex_yUSf9=ia>5T=d&@b
zxK4a>zNp3Q5m8|CRlXH|zLt5D>@)+#_mmd$yVZ=l&pIz;D568?E{nUXI+ejQbC3hA
zP>yr<;^*4Gdf4gosJgCIeGj!2gLkmnLve38LIQpc#r(0t1F4RaRNW5rZ|$>2rh2C}
z-KrpmrFj_b+pc%L3|}AWXhD3WTa=NqtPGzwZla)r!s+?NyhhdQg3PP)gyfj>D^=WL
z4{BI_)}E&I1~i{0Ztq-X^MYIB9IEfLi8_^pVv{N=zEjoo`HR-S@(5I?u^K@J_LBi7
z*aS-=fAdVo`{!okZKX?_IoYR3*4y3fn=)?X*#%hXS0wLdGXb#dwO=z5#kR0&hN#vm
zo!@R4kUUsQN&~LfvrD6*TTC!Dj+-{YJ)Q)qeCHZM+-#DISPRVJ{2=^yYg<o0X?(N9
z5Z1|J-#>ehad+ZIX&$v_k;c;B6pRBA21#;{a5|ZB@$@s}WiOh7pjNYLRRX1MMiC@i
zy!9a?4rg*fXv7(GJ|h3zNGDUCfzvh2{o#4S&EOV2IMOIM53@1bbctC%768)OaOJr&
z@x20zLEX}^X`u0s<k6?=V=Qhw1<AnYYXLQm#}OXRA#(@13vz0-box!<dwGMVXzxey
z--UvSy4m!HrZ+a)#^_p%dgnhX+6&j`8nh-j2Trni_mT6pddymvk^Zn4>z%tYZUY9}
zA#_Y5e$HojO~iz|%Dj}U{OUjvA;kS_;k}ptb3^*eQG$P3o%p7XO3#eOfI}i#A1#sV
z31a~vbR1)LUMRn?yqJAC334O{)d?@na&TrTVl*-;O`uB{b~e3)C%{+PyDQVqkCCFc
z_cl^J`cBf#<pmba+xH=sj}q(+W1DyeVj+*nBPo&n0RX`+W$*0wjGVJ(+ME_*Hmw|i
zpUyr}UnTa%*iC*)*)!J(E=C?LuY<Q|H3J%LT8{C;>~tEGpzZiwYlKxdKTPL*mJSy&
zU4J5o@WFSPDAXsgq9j!Z=L|vJ^;5=;$A5~w`RikW^I^4^fO=95!IrdF60mQsBi5b0
zB~lE-_Z8?G1%nmKI6plAar5}H<uKu(YEWVYk?LdBMrA^>*DaZg;{mJ=+nI5YD)c#z
zpB{Jy(&0NJQY9tl2R{U#Cl6hYog*nrjh0^Vn0~4#w!L%0Bef|B;ahLB?f0SSt%^n?
zh9+T@Dr*5Fxm#&kvS6T}BD>#oi$l+USDe{BlsmmN+f3kuq0M$lOTiXo(RX-Tcy1_x
zREaxiJ*5|-1exgLi7b+h*ujtz)jY^YJ)*IVawp(fIN8E`O)V@9V}9(XzUEesUr|P^
zZahO<MsFufs@wHuI1(gFiVQ@-UgZ`Q2M)bo%?CwJFg7r^ntuFY%abI~9+ObvWv+}H
zA|$SF7Anubgs`kTR@_Vb&E9Bp>Ae_wh4-BUZktfy0~1`eV=kEQEkMB*P?oPBAY!1E
z@W)lR=Sd|0%G;iq@D<&hqT5Dwj+dCb*SO1&JcCFdOOJQw#P=7Cx4okWK2>2yNuoX?
zD7(<?{;o&U16|<nd`h#dOfbm1d}Q|Set$QZ(8B&kzE$3ypHcgkc3;nGbE<t;mV#j^
zyT#D%V+Ai{r>lK9{pVf8$|5XQ_jt<EQ@I4{KPec3^)u;haT5n?{5)pDC(69en*s0|
z{b0!)m{b-*^WrwQn~3F6C;oA?1&&`WXjr=`?6dA*Smj?KYTNm_F&sbCqwJE+wf08@
z6v!7SYTvuDTe?nQ<oOtY&&y$1r2hB87?{f$HlXW#fbYR>yfk80x&pnSRX4jk(z;eN
zbRB|QkAjr682#oZ75M>QL!&3!g7n#A@ty7Y_&m1?o83~Lip#|yq;SNftCb!h?isfB
zj&oM;@@LH5h6?1Ti;HF%n+&oC!yU#Z;}OAZVryFvbgK#;BOmTy-;INdR-HpOoNGLx
zlD$QC#OFVQx~=HDDq6>SxQQFOxp}fZP%@Og595~gbf7Z~@U*JVPQb}7lsaPQ_J(Vj
za8>!Oj@FD#;dir77?4VE-9?EoxxSHrz6#?2gl_BumwNRp`y0()zw|aD6$s_Mi38;W
zN~1JXwzOOp;_=maR_RNf4T~yn9Ro^+7}r!vBNTe#mDC{M96EtUxJS~9)d%$_ZUTKh
zG1KaYIeiTYfUJCyLRB09g|&B~<0Dl|b!@o`A)Q{ev#Rlu`gk;AH!*<&_#UhSUyRh%
zuePS$vQ-{{Y`vV=0XVVucCFvM<E=f_KM1(Gl;+4vR!W0UFFFO7qN71iBA!B@XA`rm
zI{pRt<rLL*q0<0x?avOV#f@vTA8{?MYcIvsl6D(Fmrp`p1D!AS*_msDA41se{I*sL
z0TC1LO(r1#h5v4#z%^Onmn4Pa#G614ZVo(KLl<Al_N(v5PFE>xv0ovPQzll<1(qMV
zx!!LvfQAC^_ZOf+1ukaY8du)js`jp|rEx(lEoqt=R`_{D-wcs`Ccb39eLc4ffln5@
zDPR-`SiJ&xCxN)g??(A$5kS_iy-&ZY;WNs4>=rQZNklFT6F_f=2@$k1NH2fA^ekm^
zL$XK6HSPiL%L2O|9y}=CR4CtY(h?mG*!SBX20efLRnt!l%}VqxgWxkPMQ;3hH?WSe
z22R$`cL8ruLe-G|(nlP^4>(270d20;7jaUac_U)`fb7ftlt=I+H9Z%ciY68lOKqLs
z+cTe`n?9IbRhDDuxj=|Fsv|=ESTD0kt;`=H8Ka*m4pg@EAl>fUo)z|Qw&5PJ)4b$A
z{OnARJIfcBE9sJP!$q&w*aW+bcf3BpD(Vvt%nRl>(Dn77?SrluTBDCTfd%`F`N3+(
z?Rnt*QM$ifwJ!|Q+XJd{M70>?1y$xMV32)O3Ox2arF#dHC)wYrc=h}PxaCKZjKP4`
z6KFRI^jM6jN^D!alBnZ>@@yPpH4uQyP>iqB?%TkOaG*c#AEXHRxc7`NSkA7=0tZxz
z`tCCp-ip%qg-j6Y*;^L=(~-lPEOZB`$Ek}ej^IBnJ^)&4SXI@=4FpP+2{_9jt|dGe
zXL@HZl~i|WWx5S?q|!mkst+A!wS+gNja(HJ$ItQegiW!TRdk-KP``}>nwl!thTEjc
zap3|c!;Zi=0|&fV=Rvy^DhvAJwiDm7T}Sd0icWhP9S(Hzy@dg#t+W@cz{;G|FN|Gy
z`snz`1<^%HBipWj03b~Z?`qJ0&6nGlC(q;iV#J*sLDOdmAjnsPepCcdVJw8^L=8*8
zirJsxbAU_J!se_kWzyx^KVbK_eo~Tqq7?{T=E(-1Y{Gz!0+pJ?aTJ1%{U%doHBj}O
z_c3P`bBL0K{2$8xIxOmK?H|VlK}iJxk;WnglxCz;k?tBoK)PgxZb?a%knT=thLn`<
z98!?(4uS8Qea=4T{GQKq_I`fXHGhnv%zIYc>t6T$3KW0s@+uv$2>cp%(RF<q=Co+6
zgsuROP%DNNx(S%JC!rA(;GeG8=c5<BOYM<ciRg|tp8Y6;hLKp+7FB{DNYU;J&Ku#^
z_a}f8j(hqv8OOT`piQ_^{LRlF;#Z@)ru$eKN++MRc_I&jX*nSLPTzLIEwk>SK*NyE
z68?nYcy~i%SZ#J>Cac<YiQ55fggk1fkynFVbJ3#k+1#k-#(klIdgPGt!{Xm2^2zuK
zuqU@@6`C>L^(CxXOoOtrC)yd%5kEj{1+#NnkPoU?XTl#?pQ9Mj$6#S0Z_7ue<~Oy-
z^2``P=3M~Y`qFKL{r54_rfPjOA1QQwCLjOYzz4oLF$m;d?+bZEN@<$m&;|57!Gxl;
z6o=aY_PSvb@H&5fATiG^T!X(*C|rPju6^5v1E4DLGeDSqtb8q5^BQN$+!-;DX`Pjx
zsaB|U4EUTR()v8lq(~`P5vz}`mC#6y6>|J)*bk$h*`3fjevb$GVA_CMeCcFvP#nTu
zI0rDf=8)&VyY;T#0`;=?`&awaytXO*C2DG8r+bT+ZFPYDH+<;KI4nP@i?Gd0sTV}L
z9IZQ}%)2^?rxlz55#TrGO)~#87QKe)Z6LUcvcjo5Ae5q9*vPhi)6cg;X))JOf1LpT
zmIFBFf;TmiUtpqP;K=;}t4C%7fzlSB)yhG^_uk0TR=v^QicOVHHg1W{p)a1N|LVA^
z@eJ4NeCry}qmRLFo&r|&8vz?UMNKpKJk$E90l$y5ylnqsbu&vgez~fmi(riV7jPW<
z2B?Jtx3d?QQG6R8F~$_W&I|z2Xg~`qMUII1u|7ZnyBm`&1<EgnPv0vysp5Y%DlV7;
zN}2;U$f(!pcodk%6;xo06<;>ILAr;g-x9RDfMD(u1#dQ+<Tv%GszZO>d^>eTpPznw
zdulxIb{IGv+O;Yz%?901P%PEz2aUy8-HMmxJ9;Jh-ZX61H17dpEPI-iVNv?RZEIzu
z>9v5z>f5@~%p>TShr)rn8sgXyfQ*o7a&?O57_et3)!1{AVH>efH9#bJtlYE)XwAU_
za=#CU<+lI~i~EQ>t*InTXjGqdkM{r&O!ttFjg#nK$_<`8n^_!N{hcKf`*R~pzdUR_
zk}qecbUkD45XE;0uQ=2~T8+LadV*BT*R?}xa|s7otB+`~8*TY5S{Sp^-REk@>jSPl
zyYS%`Nr;qdV7jvqo_$mYnz0_*MO$K}M+4l79b@LFxtBg+x$wF(5b!T%pA5}JKOOrt
zF7Y@ec!=q|Fn2Jfq3Rs3Vs7kM^Wr(z@d)3?_R(YAix7Z%Iq%o(z@DO6eIPVx!-=4S
z(DZCM$_#H@WXzRYV`kV#R__DqQ(V|fm~~EjDO1-(BZ^Akg7)fId$hVU`qSob4(sHC
zGt1C4`<Gk~#`XfjUPQjm@;B@J=u>Ccfd%Opsmbms53L3=x|b`(?S>GKkr)1bu`M+&
zKWj`&f9(l^GYeFyAhX!xqp;arLjh>_FgHup_-GpP)mByWSzuUHS_c%8JbYAb8!FQs
zf|Od1%OJ-t(ygCLu3{|7->`w)R{Ah)bU~L$WL5`wI%7P%(W#aF=H;>?H@t_K6^s<s
zFu6zZ4=Twg@byynSuZp^?IdivgM5U|?hT*?vN~-vNzjku^e`#p;6fl@m2BljRG@eR
ze$>z>F9CUW6ELHbWs?PG^k~PuV|)miAR;4v&oLR`@=uJV)^11_!wnd<V1!z?dEz8V
z!$u1afbhifO+p}sTeRj=&WdhPgHR~I-9rQx$`Baqt-W<$#d!+R8<o24fwSy?553lo
zw5^#J^HKu<isoiAeV##fmFfI^(s2SeQshaQVMB$uZjIMhwR(=w=Of=!vtA#@RQU)n
z;Z&}sD0{=<?s+Hhh+MDA(!mi?y+S11h6$RX*d&~s`mwYG?n9H9EJ$z6&&-=DBjVnN
z@XBVlp5~=_uJEo3!8t0Dt0fPpaw+<lBluB1MhjIj&$N|E-$mKw(f$B&X0Zy6gIKT1
zvr6+on)41ddV0<=fABakpH59lm!l=Bnw-*og1lu~Ti8REm|;!{wM0pFTyir^{>D|y
z)L(WO(=<85jRP9f5jL=N_pg-YHm@qE*;Vr`Nian!3RQ)r>cv-U(BsTU(w)t;DJs(u
zDMdF*b?K4gZH2KuyXTgT0Q5K)@p>^wyH^E1awVKxIJOocc4zM*dbQ!DH6PBc{L~Q;
zAm%w7NyLZ!!i+8m-0yzg!fo~=WRbey8P(&)S-#ruX1huY@{vab76cz5Udc`#V;mxt
z6`Nko9aJxhV^S5@ZbLjN^9&zY*$@+lA>XY593y>{(OfSqT)P4v??BmB8OeWHbQr%4
zus1^7Lwnk%Gl0T6+@MY|Dv#VyxT_cYL#VTIw6n6x;L4yjt!Hj^uVS4{z4=(QBivj#
zNAeTo{`j{9_AGcpuAw<q;~MYFXY|$r<#!di8?8xGf<s-X(R*qpquWNmoK%JhgLL<|
zNs+tn$1tk$P_-7UO9$drBv?*vP3m)`P+s|C3R(V`?ruk!P)8DiJE3VK^UsQMteH|5
ze3J4Bi~FeHVUg=qapq)gm#zi&FJp7;LR|Wl7Ngl3PDS&R%b&cIRA?_IH(BLSzsZI9
zk;^90lj*d0$Gh*~OJXn`l=dblD0x339uSlcqK5dZbZ)`962o(|MKOcmf@uZXTt>JZ
zVhh!8I^qW{j5?1$nNMUJvL{OAvEoo$xaLW^<Q~gHc!r#$tq1L*`%=q=GC)qScK_8Z
ze=)3>#{x8nB%Y*r70Eq-muAy?qx+k;xdXlOiyj>KK`!n%1WkR=PZL_L3O1iM6ie;K
z3msdf6UHvsfOqH}2bjn!(yuUY^<jzNJLa4+w-uPk^$ze)%tpNXW?2tZNi$$}Z|G~g
zjFjG33aHzvkPa+<ywgKGuR5<G(SM|?7&CyQqt^9NHP|VZfkMn1-MD1+XUcRGJUe&;
zM`uH{_A2cPVi$fNe;BiwoXh+aPXM#l_;fK`=v=5*nUs=5W6aM3zLlFcHo0&xWHBoC
z-QIX8ha~kQC|QhrR+R9DLSGH~NzX`WT!BUlgN8Rypy};bXtcr<6}=_*Q)%Q>!jlPS
zJ<lM-W07gyPlVLAVoOn2xe?BFsxXNCjoh2zvD8k!X?)@RuFgudDLTgLTz4OzR+mB|
zsFh=RabSF7rDIzmL$FGyayfJuQ`VTv!t-&*?}7mGr5ttK#F34+-mLBBFZ0F`1gV$V
zmFeJM<cgGjhM0G0#-=~5f)i?!;=%0HlI@r*psy6}M;>=D4Y~(-K3<@~%sX@+Fv%>U
z8Ewkjk9pttrxt+2*3^|NQPthSw!2Z)?%u3Qs~W<jvXQEpE=)ODj||;Ok1kcBBlr)=
zRxgMf$~?rc7?02woL+_F)U{I4=XnQL8sI3bzbxMR;$e7xx$2skc5(=neP%Z&%Vqv%
zrJ4&OM3v4MtQd+7Csb%Ogc6T9Jfcj_lf#kQ(2$FzfY2#D4r#qtRXBD|kDT>4oGO71
z{*Fvc`)payCDSq7<)w1>4o*aXc5co?KUQJ$#1Yvt>95I29fbjXn2~k`R#_i)Hx86u
zJ4{nou^bTX%6}tNXwks5I+__fkzWyCClr;qfV(HFHrJ#yoY*xgCU&ol38XIldYR>3
z;&B_&KkS^yYR#O^`Hi7PP2!@=6noBKOZoGq8rQW^H^cUvVWP>}1JUGQ^n)pNrZ4Kq
zbfc$}b|HA9)zbLF<%L6g$>hJ8nkYOrx}@JYu*O+B*M);xK5>OGug!oUEjZI6pQmZh
zt=36P;GZ-LN*1SgK&PZ6-b@QBt?)w}M$W>El+8WKr1KVEJsrr&Il<#<9ji9)$vLR5
zn=XCw><g%hGt8n-h8qPtLUXA=yFwVvcrvH0lHHL+Wkh1!c7f3j4!fo?CS-U}P!vJp
z7Q$>!R*-hKN-M$Q6UCB6D_(BOPo-i;dC5qSio4jwKZN-Lx-`_e5?iDiUrJamQ^Btm
zp?F&XL6CC8rt}_qoi=kxe(*A4b*2j%G4dMm5j|H+JyD}uT*RKrGA|7BLq*c>4lCT7
zBReg`0#iffFvpo$p`i*lkok-FjH92Ib)NGY$3UAf^Z}m4ftms@G1O8OyL-5l0UY=x
z=u-{uzsS9FC`663#67<ZK4sKT-79xj$ttewPGx9Hu`2%P(Q?iba4$*96G<LzPLX20
zuPVxeSpOs<BE|A}=InyZvdt4kU<2|Hv3K7w-N?TTmg}mphIsdz3BZ~Q@3AsSsY^iV
z@)+V@FZ#LabV<!32tHZrktWJJ6}jT9myJrOyWcHuRPM|T)3V0e^mop5QE5RdtYsZx
z=6DqvP~O;OMsu%<4U2SE>;`Y#WTuP7HT~_aixE>10ddo0vB^q|!$dX3n`J5;K{#(2
zK8PZPxX=e)r1}W)MOE*-Lv$1lItT37P3W$><}Wh3$A~FD#*DI+Ar9MX-raprRVY_c
zk3a0UCGC_roQ}S*a8h7sZ%k>yw;n1LDluaEWZPrPZX*>K(G9#$ZycSr?0%oe(GsjC
zEaG7m5EWF|E`S0}35+T1$|u|B&6$3c1NMPHt3Gun)<c^Kk`>52MUyAaR=)9D9-pdQ
z{_fmx^_+R0G4aaIx5}qexAGF!`aDPVr5k@0PuqQO_QSoru)EHHNGd332#A^q6-&;T
zuV(2NlfPfPPsHRbKpL8lyYmp#6fs#+ZkbOxY&>A64F9!^i0eCRt|?g0y7cce6MGGx
zCaDU?8*UTGn&R=>TMW}|c}`6zoN@?Ql`QVbj26Da-|i_edt%CwOsKXO%2C7Lk|A!6
z`rW7q8S{H+thDM=!HQTjvIVef&5g7@6=F+;2qpSW2-&E>C2ThX7dwbFX%t89VBj^P
z6c6@E^R|4~Gv#@;nV*ci1;OSJ#?hc0Rwc&Z*HCjt(}ELa5=^IHc0+X$3{2w@s_gBm
zoH4hqsUb|xSSB&)jl7in($_Hk>`ko19~*)#=50kcM<d86j^rzn48CqxWTliMWJldy
z(@D{rO)~6M`W0aM`Cr_j7^5o%{nEDw&fQRJ7>3?8FyME#`r2rEh(uw)X<bz4o3C*E
z?6{2vG}OGd$STt(4&potGjL6@s+9W-ZbjvZqx+F-d9!FEaJ?V9ueq*UU95V?*B|L!
zux-_r10@WO!zZa*@AHln#3(T}N9QG>59p)k3%7Cr1^g_(14A>P$Cpt#>-4N+YvbNZ
z=J=E&SjJcEZjvrSs#IM37>7qXPiNc%+K1Z=N!+EBw#0tFdT|W{^`sMWl%qp8Med*m
zLtfRf**cK4zqx)Xa*>(PuxQ{y{if2(#c%L38r~=apPTC9a!@W&Ym5Rpl5w+nwFg^Q
z!f2t`$kSY(+J%!8tLU)IAx1#?mt4s<lo=Hhpk38?O|~~Bxn7%q1c6&_<twwLdU@S+
zK^3_(!v}HF7e_CL?aJ8WMmc1#mX^!!bWNymXP~#9%SzRLh!Q~{OB147cGE}{j%yJ-
zV`oVX%I2@gKeCrajpicfa)LeK;|ZHQaZao;F*{%TE?{9f{yFENPmg7Y*E6@<NajbK
z%$rj7U~-vFg)To{9cjx}g#7$1pw^^%@sk6puU;iLFb6KD^W&NwB%L3}7$^6Vj`z-c
zMt@a;hx?*lZ(;h95Ya6U2hlqAAJIC?>-Y_#DC>adDQxxhb^ZRYUkI%U$-Hk7$8dyP
zc2TTY5VfP<NwXn{+AW-+VHGerGFi7*6*f2rON3|`l`P)-$g%a(O0Ymi&><R1w5lw{
zsxWVjlL;kT1qtt0a4AP1`E`DglFQ5t@5l_sK<F0*TQfm4N7}SQvzzh}xg&lLW%G-Y
zh^z5f@-H#AX;{=nWQ@51QYE?-F_EG+i4bl8;$P<<=%A}=DeB=kBYE2V&<A5^N!wA1
z2_LuHa%6}`WoM?=-ukkd=JNvw@P^D9xeWMsd9-_>>9hsYk!|_W9*B}GYb}+uE1b9$
z6{D=}3Sef#?`g*lBg(lcj|m?k31L;C^SHmBCtEnL%Hw|f*kQ7<%QhY4be$vvZ4gZI
zqns~tRySeabe|%6)rxUI>Vos$6q)II%w(Ff70k|GUN6se{WBx$GI;xOE^bC@zO&WM
zQCA;UhmA+J?DSi%<=g9(8p!v(%$nH#U7tUNv-X)cX5Da}ZeX2s`#IZR2#3w3vQmRx
zJgq`Jpm>tkdHm2L<16s4b?L*zBd$|+Oh&90;j$xEQ{53hYh96Qi%&7*V5$D4R#?6}
zNvy4mrul{<m;NI}Z>H_i!dQ-|MjY3^bx<FOjCx$2pWR{vRWld{oIk$L&Z69ej4IjB
zDv9-0UIQd+sBT0fomP56?FqHLpW*r{`@M1Pj=<cH9*s;0lM+_l^)WgDm&08VcB>N@
z|JS_L=3E~^oDgO)$z<)-Xue51*SxbA1*cd!-#>v<>pI2Vl_51>+TG;va&U(eT(I|k
zKV+MG!J;?3<|OWk^Rt~~ODxI#Skp847!(|vZ~Im>4!YNj4u6p@oy!Yz{>+lj>lsec
zqdK_vq0d#dd~U=g?_o)0fZfy47e3^<jQYh*-};D1Qep~$q^xL8281+JoBEGP?Z-l3
zO_Wak6vmo)@XhumniWw?MLw)3pYesnipzST!uT4@BWp3Sda<bW=p$0foRTYH@Z0Cl
z@*@$DNR^IH=Fd>KXDj)X5R2HalQAZDHgvD17AgVKfG?y?ALJo;-e`JvDqD`{IMmCo
zZ0A#SWWONyRAZ-Q(hK}BaqpiJ)wdEk!ntz2lJEEuyQy&Ju{Yl1@Qd8b-&W$R_g|}6
zCaX8SA5iXg_TKYzF43{+V7d8ZVX*t4v6<Vb`c5`tfI3m#BWb1mMdGj3=D2M;veFlv
zp<~LLBRE>j3<NBS*Q*zuNdeBC0)0}+pV;4}b>BT0GRZdxN|yKoK%8-(VRcJlJu{O>
zrP29v4PCGNiFFy*vr%qgq!HKp>t~(I$-KG-b$x|Zm1SMcZ+b#hXFeAOw2$lktmK<K
z|DiyC9E6-Ox<D8m1i1=nQZ2UkZZ$mad7SP3>H!<SIiERR1}+<7_cxFvJDvAJT#xt}
zk-)d|HoIZ?Ep^V%JkV<{do#5@7<B|e#zu}MPdI|9zqDJGDfQ~Lytki@<7KmAQwgXx
z%x$$h*oTZBb3+>I3LL-c*4Ho$zp%TY@uwGD7o0TL&kfGOxshiOTzS!DbSIOx(%3+k
zKZ`9Qc`k`P7`8#h)vDN}f*-Fk;w6H#HtuLoEPHwpDru33+|l@|c7c&NmucUZI`@tI
zx_zsbtI?=&RHd6?eaFs2uu(sH*w8wR@ZJi^@ul5LTF~M?IcRJB2o@Hxxoz(Xl?@$N
z8JgTNtxGumG-bWc&)`y!w<h|!(gvr+S^S3g=cg%F6DUj{Jo8KT?IjmA8IT$PXf|L-
zbGt87T8uq8Xn^LfXYFx%7~F>jj_K(rmaq}ekTPnHTL;mvx+E&=s~@OZ)K%Xj6~|hn
zkEgR1Y}=}@#<j#j_jR>-GRCu>%=>H`p66`#+vs*OdApw@qXGc~6#cxn<8m8R9<(-8
zkX}Z}C8Gnju#e`%kp)k*??P8c^bk*D4MaApK7(?ab<K>Uuk%v*UF=0aDHf?%iFHZ!
zD%AmrJI4G0O-1d>izP;^27>(7uIQa%MDT*xiOYQ0&q__c++WMpTz0y-m83z7%fH}=
z#vm{;Ir5xh9Cb14-$2n#uvS;#hpBc7o}BS}$u}aF-DwAl&I`CX>JMi;r0Q?^HCe-Q
zJ3WFsXT#;<QS-p<a^144TPk%KCPrs5&D-gbpBt@6-q=yYC;1B2v(+GE=c0?E)=IEM
zAUDj{Zo!GhA5S(YAZ4u_zeE{bWEm|UfC^cp918Yjv=!aQcEdu|1rq@`H%af1FDEpl
zU#k9$vuW;z^C#{|VHyKfZJsMk-|onDl_FKkGPKjSS^pqxMl`T<0<N`{Ys1+WJ<&#?
zF49PsnByZwc^oE$Fck};qX@B@`6tfI0qywHq=1v(4RmLsS1+sMt0p-}(6KC8ytTME
z3i?@LnGF@cHCg}pp~MMZr76;ebSmGmU(jPn`+K2#<(58q)2^k^og@5Kfd@~y80SwE
z;)Ify`%*Mr-G>|KHKZwI#@oGL{|2%FRwl!H6qr!15B=}y!PB?|)4la%{|7Lm1S^1S
z{pi%B{d4I4YtuZ!6?}XRk0H+A!IFeieqaL1Js%(L-&5}2vkBYsoV=6q{yVrA7BLE!
z_lVxa`>*@@s4mPlW><k;qlfY~J?dc@q)}0twX5yhv%h?DZ_)d_PRX-1x}s+~^4~GA
zXiHQv?jSw;3rltG|23N%T;yo(P)25x4YAlKO?<`rcXRx|ykpQp&E!V!(BH$C_`$`Y
zmxzK0b@BM?Z!W<MX414?ll*V~9q5jtpq9>W4IlmGc%Ys=#S}G@g*<P>{$Kdx|9JL&
zK&R)Cx0LbyyXV9rE(9}~cJ$8dufGp!CX;}6!*Wn)(Es?X|M!pHX(SAK<-vyFcPgl$
z2gf|C7+j>E`fS{7uVd6pK3b@q?Vy(bPBLtf9sMtdNBF%rQ1j`(%MY5bU&13h9%48i
zV09Q_5j&z`I%sp*nD@qU_I%45HtE~*o)@e=?6T956b8y>GN3jNnu(?)Oeze0qZ!u!
zKVPkh`(X)SGyXxu9bY||E^_n8>fI`R@Gms#kK!iK-`_;ZI+c+LxRk@Urnnl*dbkB<
z*i9Az<RDW@n5=dU!=a*`oGlS=u5J}LC3aYY;;`ix(Eh$W24c)cuHmF>*da7Rv*$+}
zF<ko}NticnJTKy@fLO4H2};zozyQ^8r2@u*9utjMN5usvi%F)_z-x~kNn7y@0+e_Q
zY~~t(L~gM$zAKOb+d>tZ4=zD}+>C<9x`#aabP1G_tAGF--^LcOqC{$%BpL(5q(;x*
zAfT4|`_c1E+kVIuwEG2G(|uYfWkxHYveQLw1>{8?)-q$XCQFSk4|B)dfi`a?7-bXL
zZXyin^d?{%X1+C5QHGLMwm1Uj0M?*!mE~F3vAUydljkiC<eaR4(AtS75R)r|dR`uJ
z1GtKiEaJKjXzXUqxr)S8Lr4$Vzta3UvkF?6`|sTtg6k-eEE*+EcYw81Er43cu9!or
z_!mPsECDUc0c9>HOSznWFzfS-kBXFZq!hMg2>OtiTrZbFSpH)IpNgk|rtnyey~%a<
z3MLe6g>r@iu^Zl&=r|21O+sx9g3{2|U`kA4+Zu2iaZ`|Fi59B?T@N?rRe8a)*6o@V
z>OWfX;F|*`;B!~dcijSwByLP`ptwtM0Sc@wMw;P3#qNX9WCH+?Sb}lT++m(S0BzGr
z;FoEDqJ4OxkP3_sP^MPr^SR3xK&~0-g?6(v3s-*DWrO8nL+^T>4SiKyFcQ@(l;itF
zOaU6ER4%Kjf~Lg&Yl`sS+qFBTqfhaYA@IBz(3L(0+FNnx{SdOdP;JwM;)e6Ck*~sV
z`HF4GH#L0?Z#x|HOif|@7jlAUM#F|WLEK@1cZz`uL*r@|t_=|X^=o{PY4zH=3n;R_
z1MY;~y-&<S;|u!CWP4uyx$K*`StG_5TfhVWF8L3j8B6bZ#ruBgRlZW@$0HySSP4X`
zQP$nVS5KPV-kX;s9OD^EKI<{;SxNRxnzs(&v-wB7Q<%bpxm#^ce7lnG$3=h=imBo<
zsG@6QF>Ji?9Go|Jum;q*kH`|b_yvH_AkNbV1ktLWX+}dw!(MKi0?})^%25SdHI|g_
zNJc}dmkx)XLRY8hj2x;WBXL|7aSqf#bv0f#j*}5t?xF~KPe|~U-281|^Ptzg#^KB5
z{;Ml$3#{V`6sP^!Oh^b`zH)Y0vJC*#lp6Q@J9FC1PRsG{wOY=|qWH(CLfmaiTQ8a|
zFtJrAg<R$zc?LK*`LlKsXzQRcJYFs{3c6`>rJ%<Ru~32L46xg4IYNn1T5YQczBgg?
znTjY!S3xn+$%C$PR68t5tqgRxuN+A|@=-NDccA?$n68J<1B7g^Pq#WyU2O`V)#eG%
zT-INg5U%Goo$PE^_Jc*Z0xjPQ;~bG6J+U0_0`^lp&!C7A)|#bzb0566wfBLZ_=?%(
zzt5@(HH>{1x35l?+3k%u$9dyVj;b>b*r@u!UItgBQlNZye!!XNh%$C{00yBG@NuXK
z7zTE#H|B1b{Hm}pC*ag}o|FjF%|AezD&CxZPQx`I>!6eCUpu%svdVv`(@}s}PJztA
zhGjhjgBDxs$7<F<qjH&ojs_?mX9<@{BaQ~nYR42;a@R+ffo3`<70*V(DG-@11$(fK
zCHmx_Q9mUTi(xPI`DdC|G25z0x7Ql@7$3`ofh>kq0F}coy~?1=y7)3!;m1&pwG4TB
zKFHZ%(7mU%UOu_&T^cOO>6s!QZfQb`x@74?aKadNb6Ja3VC=ae8t}3>jS=Jg<$P<6
zbP4bIWRLSs7`p3(LBLs2a(5K735#~+;dlMSgmnzv?vdB;-zo}l>0yS8<pRpC%{NMf
zqw4)#0HttuCm~SUu!2u!3d402mrKxVQ&(pZF7guI2BVokT8wcVN=m-;4M@cMP3{H?
z=MpOz-iE#!wo!mKnNq}CE2?iGR<neRw*?P+IIhqmOJ_$@M7_0*2RGg(c_^<}LMQj9
z`f?urkRXK`t@mjPVCUeT7%i@y6iW(_>ycuOdPyL?VaNDdLR>n7E^9vNtP_g=J}f`u
zE*+gd-<z-oo{?7?3f?+1QgR(OQZ(-6HkR3jFORM=sH1=~z0Mp<nTwaAaD_>KQUg!k
zukIKmF!ptmAUPc6%XLW`vS(qQ^4kNRr=PfJxU^&(bYh(n$W;{<O}OM#!r!jLr3C~+
zDR@{R(nBja+!nLuC8wU(C!SZQ4uA@4HoiD_eN|;+TexVJ_$J?C4W)DM;SPV6PhAMg
ziGL(H3c!$l#A*gnam^fZgYEmw&{@4fApwH}IwCwzE(_K_p&%LZz@Rsds~d3ws&P29
zOoqXqlbV1iw<W;fW#9eCG%;0eXUMGA;5OC@AycJQBeR3V%2loUYI~md5W_UfO+N{x
zs_tqOkLGE0E2pRdLgu;UD3iAL3JT+Lm}m+>O4mJlP79bcZgTKz@9Lt`=1Y$`r$u~a
zI@|ImMYUs6P-%-AVhrgrFPGN?HtNth#&lJrCbZ{G6~k&?f%awY#Zlw$Uu+&P)7D6w
zMt7=!@$J>muiG(MxXN9d>Wh@n=lLqRpZi19{p%~GT-dDnw{Di>qxRILgD{d2(|mZ6
z=Wu<r+p(?a!eirx=1DjxI{lefwc;+Vpk@)c&fV1GT2{TOo7fFs8)`dg&Ok0R1gouh
zkT9zqcKELQNq6`ecSj#}WT*O@C!hdh=j|TkdicI5Z(t$a2lNn{(Z`c^neE}!+5T%s
zIcIq<(#W4OZD@q14%bVBhZ(~u^Ic%;Bb_E!dEX4d?nLD8m4?MsTtT+$0g%Dn_Ozg^
zZy$d;9sY~&&!ab@s41Dy3zn_V53)zvyXcU$T3`e1W-%Qhf_T>(XG!lESLj3NlKeTz
zi+u(KBB3GJ8A$!Wqb8aE(dP-`qzLiJ9GodG9Mk;KrI)~5R{mO=z7&G3dOz8x2GvJT
zM47g>5UUJc+7C0L@`U~yDi$li$@1cvzA=puKyqDGAaw7r#6}ht+@DWnaLRDK8&InM
z9X%gfTe-ueHR%V=c-#+f$Dty5K=n9Q%PpTlzfgY&q%hm^V`X&9*yvAngz;IyRyF}9
z_kCJK@O;Y4OC$V1=d@sj)cm?teN6WXs{vaQt9*DWYorl!2kgJA1p{3JY8SRd_YXd`
zT`2=?T=12vaL?Z@jbjb||K?jpKxrF00w!19HSFm-?fBrb?yeX^JU5Y5#dnYW4RWdB
zJ=tC+<#wfEJVfDl(+^&O@M)LUkvnJxlPl;kfPX8vxLjwONwZ%ty@YM%LzXhBwX*tp
zRg)iz`Jdj3T<??-(f#uZ94UzQl#@YGTH-&?&DWSCrRprsa3OU#S>22SauQ^nGBXG3
z)P-H^s=Epz($X&IDD>VAoitQ;janL_i1LVZtDFTQ`R?kukcXl7G2Pb3i)|iaQBvJc
z%D-Svw50|KrJxgesXmF5B3+7>rbPqTV+o@c@WleJLUjJlkK3Pei8L@XNi0>finiBs
zdyo-+`FLW9OTdI<c5*r2Y=lYY#6~UO3XYbqHnIN50UUFkkTtc-pJPz(p9Cdpmyv7v
zUw(@x8^Koq;q9XrJ5f>fPn<b?-JCL3VUSD+%|SnJRFQr3a6G5VSHEFAwoyaw<D0hS
zBVD=|xsW=SM-DZO&)D8SbRDzd&vtJC>YZzB^SPvGmun5iQ!%DVe_qN#=YJC&)6VTd
z*cRuC?VZd6F|L78zN}g0s!lrrR^wvXWoAsf(UuVMjkQX?^=-|SkLGm=1y5cUjhv#6
zxI>7L3h5ByR_gisBMaV>kTB8{osI#>j*8(s+5Dcj@QQ+s`<-DQh&EDtpe*vk8+Fi?
zU4&ndOY`6!2y(p6pu_gZl?#SNEUCcrgJ2r}9)S1@f5MsuI9AOQQ`NCd#HGqf10p7G
zJJ|(HQ-)=(_LHb*BDjj(rf{OnFQS;-OSxZ+z}pL~HIJCo)hj6+A02?OY_KqbSHu;V
ze)SPUm}JYDlGF{>!IbjmgSXQQE|BZus+v{Z(JW<PU?!7KvvB%0jG%MgC<LK(8F7lD
zqOB0I@#=cB7d6~-`uQA+p$uVI&G)kXLMIC(c*m7JQ!}(qOx2RL^fwx$Kv4YRRe2L9
zWE&(7lWK1ojp1n7{uG$1F!}QQB1D%XeYWeTwJOi7?ml(JcZJ)jg>&yp_eNfcAs<`C
z5KpVN5Wve4`Wi%_XiVCAXckb0jj4)!6fBV~{y)e*SHui~i!H0)W|Hl>J-2fYIJj_%
zG|RGtY*f+>x$ekiPlIIZ%1IGT88aM?n@GSL7B2__9lOUD5-L(X06#@tPR?$Wgi$2B
ztTTFs#97AeHn79tMVBCNIKLGHvEBlhMw<*uM@mZdyIe|RHRTB3JN+ahYBp*R&+I?T
zLwiK8s=jIE#cgmCm=9#`qtFr?lez8vTP5t<Z>O`S<yud{b+jD)W&@>Vz*h34gf-&L
zzskhJg;Iz`#=vZS>Zdm7Q<@Ap`T7<j_h+hJ(T^kal*(5#R8OqBe*6e*NIbU3{E+TF
zR!$Fl%rsG89I%!RV07|D_8fQHC2n~85GmNIlHm-p#w{)<S=L2#rbto*JsoWjxjltT
z%6iy6>fZC`!3vHLZ7JcZy1}zp@`3fQ@}bA??X3~8wIQ8EZMv65GL^^XItBLcp!NeV
zGP2}XP89`|L&>?icpzin%*%t{u`pL14RAtY#?DF*pX7S>M{WNMHpGR(A{g%%%?p-r
zsovzQI*H=<+zSqiA&%h#1(l!=@7-jVt;57aK;MKoM>8EEo6Oe{$JJSPZJt*#;6(0e
zaUZ?*Y*>D!m6PqwtFg9HA6`Dp_ev~m81IxrzgT`Py*wn9W*)EL04UAMB;mY^Gzp6+
zOMd9cN8C;GDV2*`R5v!#9)KVIGt<%Ez{y#OQus`D;J08GUSq|XfHYRgQFypft<(`w
zBj73LAQOjlF`YSZWu;o_K;d>#M{C4O?`E7;NsCndZE(+AoJ0L`uXVz!_ruTShVM;B
zp<{Y0F$@$czoZcGNDF=N@?l2>sNgRCuUfi2y6#7+5B|(oiLsaHbK>L8#8OZfbs258
z9wC|dVP6bK`+IMB(VwcMsP*D)l)Wjwr{$XWzwl%&1-y+kxwVTWpOO9ZEABrcK+oor
zjo)@Ui<OuAj#LOpXn$NCKb+lU`{x+^w{i`GBKkv(xPl=*{BXILzG^;9V{puH6}7+N
zN|?7k{Ic+`gZy9V#=jGfKi)-Zc$*S%SwH=Z-|yBaGyP<{zIUese>RdYD7cf3QTvt!
zM@$q9-BU=n_ZjPtH?}<395#O|n%GJB>VEYoc`JT5^#J@6viCc(+OA%7-)ZyyD^2f7
zS>x%_mibNZ*^-0;yB5=U8ZLgj2j6Efp6LD^0ZO>@9+vk|t5!!njZY!-xK-)if!dUR
z!Mw%t$U_kx>#5c=`i48-Cww)v_;`lpj`B4|aSXOS<;bFmvM%jky;Fdk3x1!;xzqo5
z_0|*>EZ-C}jo5;e?ekEF1y|3BH$u-!v}E%%ez9xc(rMwuJgS~zaog)rb(ms>Zw)?<
zueF@*37K6@Q=K!V<*}Z`a9mVzy8EvM{9h(d+E@53fqImj8ykkhDDe8YzB0dEUSN%D
zvtw3~AIV$_*C{vuaJe;1=5cn{p--n^JxbY&hy0L5+o-}=<j<S=pIPMpm{w40L&JG;
z%Z_WK^~6no923q{b6s?8<i9nY^HIP-CHN8kW}Yt26N?(HtKr6|lOx3vKIYwmPdcv)
zJP!qYYLf#0BRK#2!ttN)Qp&N7FdcZL6m}>Ynu<1tZS#w=qOZ3LdhSHK)AG<Y#TWPh
zDOef*6GDb}sB)@GkGVMfKYzjh92M_E<`U!R{EZbS`$2ar4h}<}#_RyU(E_P2c?OX>
zLaflT@A6+18Fyy*E`Alm_^NSuYXxH~?jXjumt#Dx7V2AZ?oG=QFL0r^smzyLo;=Iq
zO4s_UQ4$`+wIrLkEPJ!q8-$33(&U>jgvxvNsY=XI*8k8w@eJ;r7O*cP8Se#jK=Vm&
zD~`>C#C2ne$m8H%LMTlS{L`wb7mpn^dBD7N8cy-wuBle+C%0VT;ZQy9+YUql*;?QG
zJ@w2l8X=R$=S3CnIyX*|ZpLdAXQ^5Vk^V@mvkjHiDsT7i*DzxX(X}kTn`pV>0cp9F
zG%|Hpo@;LPIn4l^tX7i{dcvuqxoC_ZE+cNs<MUnlZ^OkEdM<i}U^E4K=BFm>JhL>5
z-&OKi$i(EnQu3mUWkMc@(lI!b#O;f57kTeli(|{B4|Om3pSK@-!h8}NO~hO`bM8;J
z%O5`)k%F=_H{~n9-k$UX4I}yz{z@7BAF&5C*}?8DxivUGxMJW`+Cik7xOB6Yyuor=
z`r`MAai`?b4%>Su*Um{?_wI}iH4SHn9PHqSY|t3nxz52WH=qE?QyLQdU)TFTf6%5z
z%WR>}HJwlqe>P&=ZoQq!r}=A#iW7N$7aC!;s|OwLk;hL=K1xCusX6vA;cQkqTh_76
z{)U7cBH{x|J?)wD<SXZ`a^{zl;uf>AwU>EG{+Y=A&-ME6?d^S!EoI*9)IO1#9!i60
zS?qoiKCytadxgYwlA?RJH<r7)(@DYe2>}-@(x&oEo~>S3s5iA8ckHLU^~Cu}bv%ZD
z)!#0kQ(W<z8F_`e0ovPFniuSoWk%PO^T~;O+ngI?mHx8u$?EkmzHgQ=8-8ac3&%z%
z=>Xh#zq#T#0{1k`Av{Q8(QHD~I_WX%W+X4~Mny5e4pA^R%r;zkHqcOo&s$>zXaCh+
zK@F|~JEmK4dwe<qC(yq!VN6o9HXW+A-Guv6tC()I;8*%$8Kx6Sfq-MS%cRNh*l*YM
zQq9=<R9`z1jM?i!>;~KwUD<s9@2_c8#|zTDiZAqRp0;{~x^BN?-1`Un(EHkCN9IOh
z+${H1v^3}A!2;1C;n+-X26lOphsr<ZB6^f1BAr>;jjq!0Qe~b#QfA2IlrH1!Pe1Ro
znW>e#NN{aO*24o<3hn!;$Fy9x=4MwC>c`4v9fQ2E0{`MAtV>Vu&^Jp#Q(TGuP)k@C
ze~IFSVWy_vJqOXPQZ<7rsHNHuWTnh6JdxuCjyz)$hnvoX?yo;!4lCU^zLQkK83B3!
z;)#$6&cG)mQQ_-pS#hZgabb-A%WEIs8|J4cw|Ru!y_I+Vt7Rpy$yH=)NG_p1b5d|&
zYwx~JTtvi6!!`fFCy{4+A)|yyC1{W%HBNT|lSn3!x0|H?*~chugMFCxH>R@~$r|>|
zLXR1UT7!-$agfa4Kf(SB@17q$geDO`>>Wj4Mb`7uZhy8r{0%4cu@N_Tp|;KICcnXB
z=O;ij;iwU%bllwf%bVp>ux=B}JrY+wwM%!opxPwgS&0-cLg9%*&BBkWg*uFDvAv0n
z1K8hX!z~jy3-1LAv!jFheheU;Fl(}Jk)jb!1YwL7K~V~jrCm|X+Iv6S9N)^qObH3l
z{(O1Y3C{y=Kv|9bidNf463{95(tkVV3w*Z3;Dak2i&l9KFcD_t%+?`fR(p2I+O5yW
zrzsTm6#WtHAFqfLY$tEdMJi2B4h(z!J}6J3)uT4pq-1asDac-J0+UR5(89D_Bg=ms
z+!xQ#pM`28UcA+gj#8-q%_qLuP3$(=!SUHsU1J$bT8q%zN9;!UjEXO`?<*|V>GWNI
z9H?b%p)3o3oKF~rPulkjkbaY8&L#ZH?_3H6mKqDKKv?zLY`rV;HGQHHimT`jC^-x6
z-~B+Lx&;MCdb!|BgmN}4`_)|*Myyq86ojhvWSWf^C87$~8sbi8AMOg4pzdx|2Y|}?
z@pLd&&>bOgw)90Z9RVtMV+gp#OOzJ~;3?s*c!EYs%NdQ^uE-*#5f}nKF|Yn}VBEB*
zixPeH$EWZg2NX`TU{bcqH*EDIQ<YX0pu%2H1s_pFky8Ec&el2GzXU{9XcFK=O#qIM
z8PILEaB95&lgP^k_|R<j^2~+2YK1p}Hq?qP;me9g=#L_}y+KJz1DHq5aI~WsXt?*q
zx#Px*^>&g3oZfw`1k#(2e{!4y`!!9_Fq$rtpKEYW|6&0}tw|gVZ=?QzcpjTd-FlZv
zz%nxdw2U%WK~!M^?;GixqqB%(qeFWIrW<P%yc-2&n<%m&sE14d>lbqx_rp(vbeDi+
zsm$1%i5>mreHNu0FQ9)=aG9%AzWG%LZqYg~frs1{is7o%2YMqWJhM)Q(Ocy$+U2H%
zvw|jllp7<tUn(pohfsh5!yA?V+9|YRyRz*IRn8WVzeG;AU1=c%-)s9+7;kW!OxC(V
z+wE1Osb278sL2P_zF06z#|jjdBh-J=3EU)20g16U_Ytl!Ur5R}P_(v4S+HB#0$rUd
zVCluHcmfKU<-o4ADYWwV!g+<9cJ<K`9*y91o=Wapz>~Fo9;7Y#1h~&tqP(K8e=G%6
z0{g5<;86PZ<}Ey1{B6)i>#e_lVO4D*t9T%9)Qfb?Km)D}MFvClqqKqe<lqmtpF#9G
z=`^2C0TVHVz{8!-1#Gq-)M&n~JB`<~^{WIZ;%3VR;3~r2vi#fu^&jX8S+ZDzcAZ!E
zNgImYvp?`%(uDfLxD$K#avZb=zEasO`4@uG(Z9f^-K2Iu9NZ>L2Xi*o=y@F|>fCNX
zpnW+14fL}{K*8uXvigN#IcNX#WZ)OJ_l(PQfcC_)nL8F0d5JmEgOcu^AZ>(P0Yerg
zKzs}sn6*1Cpz}CM;EO8D20R*FX#u6pnw=5Y*&fwzz=^BfaX7zYI{e6*oq<0wP~rRg
zp+Yga%w%4>w2Q({Ip@RJfv{yqRPW7U2XqZ>su`w+itF}20=Y%jx=_qk=UdQX%`&>W
zOVBEFc=W=`HR+PfiG}DNQO3JjjP^+w-JsOs(cnliv^}kD@?6!SYVBe8tcq37?}{;Y
zrt*X0gE5WRuD!?Ut@-k&U$@;J$xHvV{u*{4tl{^;O`!N{UFT+^waW`c+TglIPDu{i
z)06M|lc=T(f61Wxwm~*aS`rk9eD}fr;eBB+4t0d5v55Ap4yJ#2Z3*i2tgR%EzhTeV
zf(~M>zpHrK0FLpuyDzU!7iV5swN9s?JlCw}0BzCm>6>VnDC^ntW|M~mg9}~oi~>N+
zZX<{^AIVt|H-Tt@N{<C-xCBHosdh2YuZ63ZpljU+bI*--OL<;3oTmsy2(1l!+#r?~
zs^BD!k@BU>)ml7z(B&4|DFI(9U<HSf^!yPz<h{J#9xV5kf$cT7JMi@0cK|UZ5G0sY
z;!maoUFQX>XAyS^Pe7Fu%O;!XH;O@qE6`<+opch(h#FY$X7L-TyI^1(e(D9?OSScW
zxab;*Rx>!4xfy)o7RcK(KM(pPlYXSStG<#A$z<Xm6oLi7US&Ne8q6S|arQufA~Y1k
zAJ_o(IPVN4wOV}r&MPjkH%P{?(!<eT4%nxfC)+bn<S<Fx8NJ3Gs|lw|yud8bmdm6#
zrQ9;+2NqZAQtR><OzR7`)v}eSSA1#v=3n2E<Cq|$JA@~AoUd6EaE(edg>p@h7we?K
zqL|hDpf~HjcE_;o^bx3uiyL|=mlN{kgY8VHTu3`blpFATT#C}p*JCa%)$EVxC7z-{
z^lF3@YF7o_>=>Y|osIV6w_Yi_?!OhP`IbZMV2_St2rsT=`c6*7p3bjf<z)lkcXIkc
z>m<zatuq=b<+2#!v{KlVV7?@s<jL(t(jUHlyp7_L0y<N(-#|;Z%p=hVrFQnjFis=v
z7;;X@eYL!DD_!I0SSb$E+zf9%gFCT$ofO8HQaELaa12eG@0>a<pszfL{Ue0ZdL-x5
z8-J4*p_jlr81gA*K*5Rl9`(n?p@}Gv11$-niAGX`CbH(8R<95c%>$|yNrX+SUKqAN
zNFB!BYZu1XbVCRBqfv&hZcme$BoL0f@_1lRJqGa}#~Yl;NL2OyWb+3tdlIADsc{{A
ztvvjW`s<ry5544EZq+y&4p8)~iL+M&s=ChY^G{OLYmOWL2>F<3Sy3tY4=iuL|0xa=
z^*xH-JhKJ7TDZ^Cq)PF~=J-gFCOm$+eWKYWta7JicH_IcdA>T5;>)gy{4yl(L5CCx
z%6}^uual(KIP?*;b-~!l{rZqwn*?Tbrr+PA5DwLscz6V9f`NtnWtgFrtf>)Z-FK)U
zoYO_JBQ}K3!bLn1MN=cNnS0C8#Nh_Q99v5$hvsRTW<G9kcsQ9>$*dZ+ZrS(obzql)
zmXpaT8Rg)EZ`>2d^hEs|zpq~WcxejYv9=#J_Iw()Dv=?jsQvPfS0}cPLZeS8UQk&e
zqR#v%o-$5|=kdpPi|X06RzcEcocah&hB@51D+{(z&CSnBeLn{3>LU}s(An|Oo8>(N
zyQUiB>tcw1!j9MD1rVyOL2ne^jJDC!`_Zc@M?=#bBTekiXJ!}eLx@?L6#6&ndKNX!
zpdmbJ{s}*iM>LXJ<g2h!_G?0XZOGjRjJ^D#fwjP<E?m3+M`|N@z?#=y---7c?)o6t
zbXqvP<erG@K_-lXum=b=YTg^KeERN4b&xqo$N={54^4Dnl*lbgKWr8nKty%OZ}=8q
zI*Mn2$M&*7|L;%ON3UN=KMHDP_r-#oI!k_6mZ3upfnU&#ey{H<P4hLktLR+?jdpv0
zLih62fp}uG)BU$D)V^<TF&@<UKIjytymfs~#GC(tv(tjvdbiz6QBPALc6zpctxdzJ
zWc??%hA_JyX28-sZrvi~s0Jlb_A7z~M_<+bpQ$0^EX|gs9=LkCemEo{ro3&zq>ejS
z)xL;#B~LyT?&7sS(CFMt51r%HJ&d>Q^R1EWc~^1>TAZbUgBcPd$BiEbf7#s;UlPse
zs8#>tp;1#8Q6bMC*U5)flFH{mLsmg6I`Ne15!+jvXg+7LiwU)by`V}a;?I-FsGBAb
z@0ikOoXRoG$eoY_>iiu6IVI-%HUX8v;94OpcQ0i@Jewk2a!tPl>+U**!Iefq88n(4
zjXVNa%wf~N<Ab=V6>$2x;E>}BO>nG_2Y94C+rJg+-gCXto1OYi+Au+J=)ppMQT?$N
zDO23@K;O6Rz-rK*^yf$0j}P7ohU$nmcA*ZPm>UnJ$b1Q{oaj~Z)q4E~3~Ao79%yta
zJ@z{JQEj(~7fu4%ecph(C!P9O34F^4dyGJ%<`a?yx)=Obgjl;*ZyW4{a^3>nb?XS6
zH1s6h9-hvTdmiU^yB7Qunj9YwOGU)oIYLp~b^KI6qYmyRJ9Ip^?}kz1zz&V7h^3#i
zd@;%6+^mY_Wq*Lvl1u7IjGl*G>Q_SJyL?LoCpa|EI??C)BY)u+>u0&`8((Z)31|x4
z{AtDi_(=tiuU1!=wR2!?V42hNmV5pM9rvR6=vF3xma?PMRHqabJTf?o1DIc|6!wfT
z0gI6LA3iyGtnh^7Kn34ozI|@C`+k`((o_?xvo5gp!wFYoD*M0g3#S-NzRm1&gO)ZM
zmlCfcLJhF$WJMoYpAGQWZHXNmyuB%=TQdth5^>RsjiX;r@|o>V_r8u}dILi7Lo~_k
zA!q+=%&`&!F`k&mp?G-3y8L{1dFO9b6$y1>Kfk+EV$h-^ilIs#X4xVZKA_I&yYSjD
z@hrRqmH1>D#LCGvLk+%{V!2CveJ80o{OXBiw7l4<B3si%DHfl^;vmK24~)eCVQXLz
z<Ibr;Rw#S<yvVtP=)2Vj4cPlS4~4OmByaq5UI^XMgM|FnG4-gORi^jSms`TFOT5f~
z6T^zrn*b5bB=(NP-rWq${_N?n6pL<v?j61IX8Gk(1xS4;l-=i}x=n~b#cc5h|1^-G
z=ShMF-k;^b?`IJBlHtY}semD#;sub#i1PUEN^pUYd;Y83R2}7J$y#m)$qqUxvRV0b
zmrch85b|wPBVs=X?YvKWdb*>ROgH=T?enC92Ft0hz9Zo#o#$ltWO+m{#;V}hy*-CY
zYmv8adg}7qbCd+;sLCk%NwGERedl)CrF2p=Nx3IUhVsRwf(?jRo1<Z9dvu&yrMu5D
z5?{sg1;#dxUmrgtFAG`4e>``U9qxDLnSR^)c6g!jzh>16!`iH}I4U=RFvtiw7LrMd
z+%ajKg_Ts~t4=lGV%OJcP`jBWRy*%vWc4I)J8v&@Dn`+RRUdJ~;P5wPJ}2uc7Ck@P
zLG>eHL2$dVlbWY{RvobokVolokf^=L{4Uu-82*yq_9c+g_0=Kw47o?gVt+WGu`}1$
z_!tQM+~`Ow>GZWntmow?(2CrQICC~VeRPjQ>h8hy^YCpTII{_nSi{mUf3922ITWk@
zgW|EDS<hWE_Ewws_*!)nUmb&-zXD9a&*c}*>5{1Jc!6=sPjoB%tO+Z&?*#3@cke7L
zEG^=qg7JZr@G}}t(+J$V5BSr8OH8dPNlzjjDkAftyM^x+I02V<-hO1}n;5NRL3f=1
zzMEL}dx`BFIMf;<Y)>CWDBRjf6s1}eCo@PAeH8cnMrfboKk{yFbS$6p;WI&_rXJvv
zpmRtlJ_-wApeuik4VQoQJB5(^6y({C3p-}?>^skzpXg?GhO976MS$zIojWGpv_apr
zQ>DNq-cn}oN8yh@-n`^X+$S(3<1Ghz*z{q;4a=IJxOrD(B3XRZ&jlG?n)W=MtFTaa
zbPIC_iXDhbM};Q=Z14m7om=%@LG8ahanGzWguGsnI-Rhe@NfO&5m9v+;rHlH6CPCe
z?BWj-Eh`0EM1pj%YSk%|2rKr_n2=M+4Xuk7F%{&g{ND$9uxcB15skmf$5}g`-NP{{
z9i`FP0kPcqOOwfCDQ%=0*@ClD;ljW|`cT&w>vNTjPv!`H-g%V+h8b>jUz10cDu?{`
zNTsh7YYAO}P=5H@5+3)X55G!e48JI7aMC%`^K*orsf4z(p1D;os~j*Uf~V^v&=2Ei
za6Fr)J1<!28C3cBM`YwjdlVur&+#cSeb+rOTeWUCX_8Ud8CCS56}m?|z2}38n_&Aj
z2O2wLk1RL)5^oZN#*G&tw);#qPo=AE(4#e->j8vMa~XC{Mqqr#qQ84r@llRRd8RV8
zGoSpeM~W*d{ZXshc;ZvD7B`rujsu5XX2TmkYk@l*D3mZTV4M~nEyv7cJ&HZp@K>AY
zv*?Z<czMk}{$`G2uu{;Wx<BbxqBE?%$+hG4#ngwwMft6H4mRzRIc{%KgQ_=B3rd`Y
zgdZPa6o$+$Bk(PysjT13TAYV5zXq5O=@$iHc?EARV^*wh;a-w>qf4de#13&gUWw*w
z)hG?wKc-r9%xW{|-Re1CsxrJSwb`Ek5?`F$q4QZ3Cy36^$rIPGYL`;&;^op4_(72N
zPIxT5qLfD^!{?|H^#qkM@JZ3q`$EmrcbXGw>6l)FA@d|^I^cM)MVsC4U((tzBOhRd
zm}{IQe0jMy#7D~8+D&TXTDQ;FKkxQ^ZwRw$MMaznV+IyZRS*y@@sCPdN(qs0<Yhkc
z`<Q7HY~ymPQBJddzog!>QGortHT|qd2k~9^xAC_^t;+9yrdI;Qd3?H4t96r_G1c)@
z=3S4`&%A^|&TQGdw03-v!T8!Dxa5t?AA9KkEgTYaqXSH*J$0GiRvo+nl}P;Y+QX*p
zE5gIB16iJ>x`$xDi>KgRSAh837p9$e6&w<?WDgZjg3mTAoqr6EGewq=_UBOFnWJo6
z+M0W8=XgPuhe7z`3r1HAvjwVhM!%6I{l8Z&g>@g!uYBueK2j7wEw(>i`*+Zmr+#r6
z54wQDWt8l>V`8u7w?WmCpWAJl-iF7OMCLKyZZbzt8$?A{*S08Z2><J$|N6~Y=#8IS
zVZ^pXdyH|W*~kC;1O0D>)g^rNdyWU~a0QlsJ>%cJ0S9qVE%u&i_Fq<N|Kqd%|Nn^U
zO|$AhwE$=zdcVa!G5<e*8u24^X0@U)UgUe@H?>EwDk<X6V$Am(?XfaG68@`h`Im2g
zTw^p`oK@|<<`noju)Du`c0I9Kb1>s_lowSfG6{*jsGM>X3dhg3K;~&W@nw?|NAqO|
z<?;V{8vf<)1`**0COSxJFmsrcFy4P?0`c#Cx<(Y^KbPiT%<|dCCUD@~JnGe$MN|Z8
zt~Mf9xUH~R0>-K=xg2VK6>5u~b=}@yZj=bBJ==-PZTE{5wnprdDrG>d{_fGd-Cof$
zY@ZuvpZK@UM5ItmHCf>PWCby5D?jLUfAz0#Qmrz|wUVlfBvv4uuX1uu8@Ap-w9afj
z&H4QoPyC-h!t`(2u8j(DW?i!m*ZkpNJ(5t1#8#O6XH58Wd;GVhw@>H&NWvD_Ho$Sm
znN)<-`*;0MardV~`z2lf+kg2Ve~&}v%{Y90CwWiMb;s;iSG3*6_bp4_5;@r__qHz8
z<Nn4s)9jwVk9Ykkbt0<cKRj2B{J$-4;VZi5mphXSM8eZYm39a3;sqQVv<r1BO6N9b
zKRCZvo>m3b=}oQw<I-bzg`tG+Tvyh|mw4W3?`Q&jN~Qky%>mR`rR^tVP_KkdL)wra
z0#Eyt)`<PI=KjtY|9|}&v|f&zV0|g)Sq?uY?~oZ!u}=JojQzr+oAi|oonm-z>S=s4
z`|Wu%#sA~;B;R|LHj~AivCQq4aTH`H2)5uwUXI(}EyaKA9&a5w0x@j3RLGQWL15uz
z_0yP*&(%(jzta?tN>|}}l1mPL#>YB`tmv2_P5UIwR^TwGd^@_HVWL(fW0p^Y^HiZh
zXEMVq>hIPS7`c6N?~syivI-oRR)4V<CgvGO`CHav^lViJ6x-j1<-8YTSYjBTD;GaP
zuFKBM)EJGiI<Z=Qu8zl+1a6!IShSmC1!`@1YDJNUBg=hy{~vj89Tnxe_KzbX4g%8B
zNQj_FBRO=bD5#)-(v8v}4AKpPlyrxPDBUr1DIL<CLwD!*e$>6se$P4kefRJ0-&!me
zBIC?c_kCTTx)wYqKgl))(j^w6G2*+SxdD8>^;O>&lED;du)QK>w7`B;Y}8E;Ml9x&
zuxr3`o+<49_1+k)#Q=<jXe=-tJj+z+h5{?8-|m3HMWu#4DboJKpygAOHOSLhv{S`w
z9ZF_O^7wP9U$H@#hdttmG<!@Xy->OP?MnYzZ<(!0d(ZPU6F+K=b9*pKe8w&-f1En@
zNFPb4+?eQ7$Hg@Nv64R69BVQ!_FZl(Rwx?@-o#3c(QskL81S|br~-L7Cz#=mqAxaP
zyo>&UNue0%$Zp3W0Fc>VVQ2m`o+?aHJ}*f0j33Efx&fdXD1^_DDbB(j1Y*7^c0Amg
zG%G=ZdC|)~Y5sD(+3G^EJjPEWcuYVxC*I2J2L;<^M^J;(-%J7p^WRY?k-GpI_TCl+
zuW1ta2CkZwH(KH@l)qR>!DFNa&JRvbXPiLqHFgb?NR77{MW!SD*<fJ3(9-ABm8_ES
zE7y@gZ)yw1RaU?ObCbuCgY0nzHk%D+)&?fD3Bfl@gFt;u9^$*~y1P8kSxImEN*X*<
zBN%4LO&Kt_&xHT{<Zye8yT^|y!H84?k-XXF$@unW830|ztgm$5MmnFL+C?&jqi#k%
zcKP`@UdO+;=U8gLZLr+;HIf?Sh1zbn^HregE7r<e@g4G%67h@`WJE8gx%*VP6?6!;
z0>G1rl1tAw{_Rr6UbpOZa?>8s^AqlHdbJoWfm?<xQ=VYVX2FwG8B^tqZd2zg9xQ4`
z`@Q3PdjJ3)0h8umpX>qSQs47Tl_}fW_VeORkkMIEv6``W{a|aC?f33-7>!16q(?hr
zYFJ-oy%bsUk|L}K3?|5zty0wz?a<KGou5DRpRs@kwr<8gKkD==A9+<``dwh#dx@g8
z=Q<|oS7Otj;4wc2*`;j|9#`)D4X|DmOyRst3^lM<6gIh|;I66vJ^^Aup+rNXHw2~~
zAo9<{8jy<h#-*6Ba^Dr-RaictQgZ1sF>ymmLDWxwiMb{e6R4Izz#xP10pJV;D*%z?
z418JTXkRfKDyLR|9KhXSv50RrQetin8L6_=%6b4_W?((vW?9Fz3l!(6!kZ05d!W@*
z`5wv$a$T>=A4o?<fQQ3G^f#|UBE_U0&85HMO=)Ja>_{5tv^Qi%`we(`MvK9ud!ghK
zv$1mTD7hHm4rm7`yrInwE){>*(axf-2PW?DSqsSq;lbIA5X4sH1yTzc2)rCT>JC@6
zedPf<j}{CB<{?Pp8!LFQQ6STNx048(QSWdjcA{^giZl!bS%X7>P8j3<!B(*{9jI`_
zLn$%#X?8B*J5VUq$lnZJI1K)>nc0jM4csZi55kzWmj`l6AaLI)k?Vl(H{)Wfvr!=s
zu80z_-k7W{1|PIc+!qhN;Ytl+Yi%0{Wck^rm0D;Y<;E#(&)PuwvV!X<ApA~Kw?Xor
zvsa(!m?Jm6H#7bCwjsSfpt+JPaT2!evqeG9teQh&v275IFf{DXEa~pWyPWWpJf$N%
zHHp*T3zQqW9IfJ7yW{e>j`?d1T{}t+TQA|gR>BeDr3ybo^7`@ORaU}#<#!*rv>R!g
z$x*7^rXhSC`+T@hL?AuCXfUVH>1-Fr`gS3UheYZXY=f(J<VJC8x>CT|Tf<K(cu%U4
z#&gYs_sx<L%3jcX9R3w(O2+_}{Jiq*t`;Gy4-EgBKjvD3!x}j!;Q@GBEp_U$E7o3t
zCe1SS%i?Ffu!0g0{8@^x9MI5Ygu_+NH_VL9c@1J|R;!NJtaZ$QoU-md6zW!D4#HS1
zNARt_`;^KZ+<~6}``uN(>6n==)s{DDI22!b2LB*xhy<8@I?zFTA+|<z0756@FUPLW
zPWd`c>;WUy!BszA!65txWH5J>H>qe!ukjewb>|tfQmfiaq-4|%m#;hKc0t%2x*OO7
z%207$*rYOHfz4z(7|_7`ip5W{quiJtDmua+HYx#CC;+B-hC4u}pX}{e<{Q4q?+LN=
zSF=f=J@Z>S2H2eq&8ts~IX@4S^pSh|-#gf!a4{74is<z5t;b>h)GoV&k-!eDSn{YR
zM<5q~|H&o@T77fT!#*1hr1|O}(*bqZf9;Nn7G!2}=>NF-Zh!-wvGW<cq$fcyx>gWC
z%EeH8;Vvac`n57Z@YK)2ffHseI<mI4`xFP<K=}@5b7i=j{LE6^pF=M6Lf$!t^wUS`
zM*hvqC9nutA<`UmOr9CK*0K<nmato9THF$MLJIkV03I?7mSKuoK8@JK3C0BW!}dC@
zW~F;4W&~b7;xS~V2c(*g-K^FR6U`v5;bOs1$b)k?7O|geDOBAg;#-WDaUMrVp0;0T
zyxXnifYE;~xvOpG$ua5CD}+D;eLtPM({Nr3JK=2)Lx#QXK<OI&p=y4arhFH}iQ>5p
zMhkV+3Dzo36sTdej6e-TYX|E(sAC9dQtL9h*W+7%yzS3kWufiC2K*To2kBbFbyWdm
z4`dmqo_g#7sGlN%X<WsCradVw)EkqRE-nfpc0%}!G99!dR{^ghStq`k>S<>ITv=+*
z;r_-ey$e#arbGE@%VCuZDgL8HHw(i6JxjZfg+I;u9OIIpGf?th&qf>Hv!Q=a&fSDn
z0mKr)xs;!X9Ndg9bKFR|;Gw=T{*wy2dLh9JaZ{(}WtaC=YKpywDIN*y#ZsL&Y#g_p
znrkHLxVMM&hu<kB#JV^4<^Kdc4ACF5h*NS5UY&LHUGT(TWF6Y3L#OXf1~=gxh75fT
z?G3JtsBa3Mcrr<hgd|T$U|$s$w50T^Itdt~Z+q5S;&90z=Ip~nE`Gv(3s_)v&s$Qe
znESs79J0q$If)nYB99=7Zp}ed1#{vYUf&%t$Jco7ePapS1Yn9DA4J>xzi2{ZfSbyN
z-<~@Xq;Wafv~Yo;1_AgznLK8N<Q2X6Ws$q~AfEp1rQY1Gs(B=5gI-{>Z2-!d-inhI
z=5hCw=g!f4Ys8N1&w?`vAAiygZc?jX(w&heZ=&CqhU@z!)8{;IMFUvnszEiPplcRP
zern;vBiJzC9v`VHFGIt=g87vwJ9uQ__IxDQ5}8J;N-)Zd7(WXvy0cd=AO)glILVwN
z?b~7311wxQNpZGkId1PId0e#`*<s>zQ`zp5G56O<Z<zc>Urkf_ezn`4D2*=c8m_+i
zM}1;`?Ud4N9+O4*0Wju{#UXrY6@+)gUgC|Did2t-w#F&~&4WKhw3o`Q^EUhS?Drja
zMRE|5_$~2=l|MNhUs4_o_FUZre&>B)F(_#uF9MZ5;2SeR5UsF3NA-=V=*q^oH??PZ
z67-$Bu+iDa^<h`KWt@M(g;MBn%BHs>vuZ;LOWSnu3GjXV#Y=cfm{%FzjRT>J8FhCg
ziV+i!eu?YA4w$v33>mjJrV&+Cow0ii)>~jQ@sMd9cjV_M;@h2SVYTLBNN3C~j?yS`
ziM#;gz!PFw1bw3Ye6;P>ccyeTnkRG!?|JGAr0nV`lat!5H4Fi@vO}EnH|9&Om>Zmr
zNDIK$;dWfX!?FvDAf=L$ti$?Nrm;D<uw3SA>enxAm(t<CJHcR5*v3Oblj_D7LD`1<
z!qcXo?Cy+wTV`5ieae%s)?#s-irw1QDWd#5>DFTL6N827k^mcW{WA3vtSBKFC35GI
z26Y7q2t+J<;A(%}*cUQqOm%;x<TZiu&7ag7hvfk-$L$KqZ8B|GWnSBfkhp(%laI~T
zA}r^UgA6)DxlWk$cv4=F1>v|Og#=Acut6A)4C=P_XBbI4QpEFf9mM7E?FZq--kV93
z$!<{hk#&)xRmS=OhA+1pUUR}n65$KLl6|IFYvU^Nf50Y%p*YieU9YmGzmPe(x-fi^
zotW3zmfhkTO}ojnGr}M6ZFvsbJY_l1B|u<v0sN)3DBo%nch8fbwc<Y3k4)8G={q&4
z*1(r@^?I-&#jqu0J|2mPM@ho1j2U#=C|m8gr@VfWH&#MV4?ONs1@yZrb0h~j4RuT3
zST@|4HnkDyKQ!I&7L!vQV#Tv0RnUb;X=6$DFH+tg*f{Z`ODKiSjRS-C8ZrjUZ54H>
zFUDlOLBFEoI}MMe-)dT-gq>YGvih@DyyPKvkE9)^eMPFL>%Ki5pQI!%Rt79R`t6sI
z$g&k_jjcoYA_twQlPQj1{pj{({o^gkIRjWlGOpPWqqWPZZD8w*0|kR7)9(+pqc3t4
zG6Ph-0)vdY)u;y)&7IVrwd=jjG$dqVbUd#f0pqcnWP@o};zx|A%ilUb$e|c<WsAF$
z7<Nc-wJB_Q`qKf^)xr=!WXvI@`kTXPG<scU32dQlUhP}PFwvz;2+eDBN$%SxB0znW
zjRfKsFE912US`8W-rf4r`C565k|)r1V&#RlExRSQgqohFbv*C6)o{;Qbq|JL<ob;W
zY^N><eQ9!}UIraB@^gf4CPZ3nl7byrev4k}SN!)M)@?5Ut1rF?P3L2v*t&NxN-Upw
z3EG{RX)zu|vaKQ&9rjihF%;$fZRbGkwk|=LZXIJIb!1C(h#X*VmExl#=9=<ayiA*-
z_=P6bw-%>rQ@^)~O2FzyV^g8tDNgN#?*h8f#1SCHqoXx$$8Tv(cKRExfla?3vWAj|
zk_TxdRC<_hEX*{&@EHS%+^g^T#(nW^qXYfyy|Btwywnq~gY;<L?QO1VczjDOuS@QE
z4XU@|HwZv{1O0?e7b*0f$9l+IRzQE~bVm5#iv1FO17^vl36WY*3DrZNnwLc{p4D&j
z$-NDv5;XYaPC2d+pJCoqWx8&H7X!ER;3>QVuH`bu+nt4}I$BFwnfE>99iv~{X5OKF
zhYN4YOwPZZ+nTx{XuD$MsYYM;14swe|3%--&xntv6?`ac3z1_8<nSb;`!FRxs3#!+
z3G(EF#q`qaKX|j#b27LADWWo85Sw-eEbWmjTB_@2U0O&7Qeu2VWyS}}5ODtRx@)?z
z2`SfBAE3-G`n2uR4Ty$uLU&96DieKO5e`AO0}-tR4v`6wF!i;86fNotd5&F4;xdSu
zq^U#M!YhKkkTRf5!S$+1o#Qz0e@=N!IZ6BOAUbbIvCy`_l2P_FwM0wP{_M6>JTt<4
zUf2Wf(1|3bMMwPTkvAVlmi2+>78KZXDM7SfKIuwvCO>MSng<p9TdC*s>y;obd=*H}
zELNrF;~DiVZ_~ZA&rZP|`t*o$K)GiB?zBF9Bmu0uJqBqC=pm7|R)TY!mBiy6pz^ny
z=3jlCKw|7+-GTT{FMrI7Kw87hP<8<m{KHe@3l}F#u-zhUt4o0Jj0-*(yeGQ43xK(b
zTi6>?fdej++rP9N;BMbyxZq6WF<un1Oc%}5>%g}&L;j*8*#5ppNGGdL-^2k15=I4o
z4rV`<(b-2#xFqD{f)=yvGsT%o)g3*x;zLI^OM|hvx>&kx1GA3L1uwBqZvif6`s-@R
zB9M#F1`!;X%o;&J=!+r>K}V$*_C1dhpX)!pM}>1aPQr@OkG|%f8pUhI2VuU$1*YL4
z9X!RxaW}c(Z?HtksEn!O6TI1yb78j{g{Gp7+tOe0*nUUV-%XEEScD!_Z#3(;&B|63
zZ?~baVc@5yKiA52LY2z5ZxGH6TC9prW>@CB|0sDpg)~60IwjgKB1bPlEkQhb$w&T)
zAlzwTQmN(RsjspLhmBRf<KhlCZ43Pp;RW{zOi}eG8)S=NvLYSUi#=)C9gA_VH=>5r
zy-B)Db&Adv7e&9VS%xe8M!ak>-HdAQmagrnr7wGX{&+k$h}t)QIeru0XRlmw!&n82
zts?%`37rmO@442)oElmVDfK&&ZSDBBqLhd6@jp(Ya=*29*V9{wb-u@Ul{B6$!@eI4
zBNjuSYY8hZ+a`U{*AgC@K)racnw#}`y|H0GQ#G|vxV^*1uzz2!zX-^~qP?+QXLOLx
zuoCKnX)pNRYU?Kw5{MQrCsgin3-u}|^yeu;!SMZVM5G;!60_tKL-3H8^Nq)uDx7?L
zYG!@$KS>*uUU_HA5J4P7+A#eaX*1Vki)qpHdL+HaC7ANf)9BxOcWx?dgL37PDwQ??
z;*@usbMJUA;I01c3~{?b*V34fo4eIg1A4b53#Z>+?z1L8-Q@a`+pZhAihN39d+Xt}
z+0uZ-EooX!g3p>Ifsdl#W6p^@jK-A&w)fc~MBzWb-0EbKz+@Ey>tfR4?SVt6P5yZ#
zHzz%xpi(H;??~huGs6oMnuV_2+K~BDF2cI#zQ`SKJ`~p{A$?G|0xvRc;t?aqBKW`^
z;cnc<HNS;>r9z%S-hy^ZZnRx1qniHlBrJ?wxj%+xsI(?NQvTk5$2F}&#nK*pPfeJc
z-BgPBy^MlpkWdV5Y`(J9Y5@^F{dI(9c%9msL3(`Q?V-{L(j`^#V3%IHB&~h0_)!<`
zTp+%4J-Ruw+{awXTlhY`haP%Wa-;9jQ=a{|<Nhya;zXR5dH#sva>>-)*n5+V3OXTt
zsY>j{Z>OTNoL|bko1C~O&KK3+$I6}28dOKgwY13kyv#WkluGxZQt6+3U2=CNdcrNq
zYY0Qqk%Z&7AFK-24wP-@lWBkV)L_q-(R)`w_;7iN=mDzojk<7LE~UU_3l4=$9mch$
zloZo{@($p44#Atq>$X)=j;=}f=8~F+eQWiT!LA%}*jhV?_Ch=v$f%J2u{&Nq61cQX
z<}^BK>sQfj1LEud(SIMD1LLQ=>sQl?b-2;oP0xO;_Dw(075Bo(&00)e12%(KMXI)*
zm(=%i3Gv_f6Z^H15L<X$k~WVlrTm!sr;g!2&;4J2;^ugtHUzwZbVp>xDskn_6$!@U
z_9w5*IC2!GCsHq|uuqqtUJxHh$Ez~@PB}>aI<a94jh6NIjr;5N{rf*>HPJUQG&;Wd
zr*%u178YcWT#rfQGa{%nx47IIB429eA^O~=$8<TFFclAJYB=gdXm>Ffs;U0T^$o7Z
zx<QB#C`kHD!MY=}-bv$kPkRtdYtEjywk-Ta(61uT*Z7~(1XYZamwHsDO*cL|3RbhK
zzD;Bc-(Sf8Fn6D^vSCb*xJVOY3+9$wFFO|!^O@rR{&d0Bu-T7BvAu=~?>;XF-Lf3`
z&{Y9RnM_~aZJoKRv<t0g|N9s1I?*?5iS=B92^mix`S6&AF{S&E7U1ts^}qf}tcnSL
zCu}T4!hEB2$cx#MuVOarkH!A~dRtARd(SK$-9S%&AtUb!=l~+(XWswtUELUS87_@V
z;rrhl&T#s_&(R;3*xtjnVGL<Wt%Uv0){P4U_wI>Jn@PZj{{gx9>tp=?<}C)bF(TO1
zUxBeoB|wC}maF^8Itj?LI)TD;A^&kRu-~VB5RT(jkw>IL8uH&?wAYCMHyFg8@a6AU
zB|n%Wl+yE^G1Bt`6bJ_8I8{Ih(6T3yd@j)MmYzb!h`wy~k*dS_Sc|vU0A#PdyVO?z
zjL*HM)gYG%%KplOxQ!SdV;vBRR1C5j90=@BT0moO2+SCJUvE{q0CYb)5LBAL&n+@G
zTxhHtBy#jw7=WG7Se#Evn11eaALDL`*8w)<d*3Akr{ldx!CY1YKuQekDDnj$LQHlI
zmQ{;eoC{46%K}Hd2j;en0DdX|<0Jigz~h*38+O>-Ki*w7MCR-MCLhW&0e%|$X6eT*
zp+>#$)*zo}2%z=!#iC%`+8*F?WK2c~SU@|T3nGNzS(54&wU>Cc>pbt+7yCTfpqUhz
zY&5*h{&GXaU%3-V<$rQ6<6}wU9vk_;PjhjQSl()D_UQleSlCCq?supo5qavCjU-T-
z)-aUA^aTz^vM&Sp;XRG;aF#OQ&aeX8WBKqBdqBvV4zMfW<|vK>jl32_4~^`B<5Ou4
zq>krM1r~e@!D|{0t9K#SMV3n5j|w^gnmLdf(~lJo{4C|rm@IFVLZEb)3QII%RFO}y
z$ykv@rXoSRID!8fpgu|v&6H_5({#T8Afokv^RgPr*OzN6Y^Ju0tK6u=HoHCm+jInz
z0BwQirQu<s(F{;yE@t-uj>ZreMHIq#rmCQ6aHD0`S-?*s?<nKS>N_t=DReyQzF*Uk
zEqA*aZ`^RRhaI%LP8tVhHIPgWalh!7%$@cTdWPt;G}YWtNaOl9U$fNc5cp5@urgP!
z9sltrp?c-pqOZ)y_<I}utjgJOBi@En(S`}eEXvt7%iS&;-=H|IIK$fs(c}1U2=0y)
zy+*;gK`fK;GDwUO1_RA(!5s)jSDomZysWUzdY1K~&mIME_6lAg3_S)`4;+Od0C&Ft
z2c0G5NBI1U(k&)6`b_y4p6}3{J78U~9&ZwM*ee9>;jttoO?}u*W$5NRMq!!^SRdqi
zqWcWSoG5tnaihF*TkNO9{h6r?fg@%RWEP1+67#XIU~HfKEbb@2qJaI^fb?0dxri4~
zB-C15xi{R}NA!e5#&-xYG40lV$Y50vv<*b@$L}|WXBPn<2L*Y_e>A*~nyG)m5NKTm
z>;5=oS~9j$d-=M}n>ua^ThE10ju`sc<T~7k1RpyEm+v@$;cS@>`)g*JcLJd?Xdw);
z<;!09ftUHm`@3~qB8UQqEdYuq(0u}6ZY$KJ^cgS-$&3ocT|~8=*4jTY=VuU<nNY-0
z@qJUh0_eK61%xN}w`9PMVwEA-p|M-T)OekmgKGA3;RJ>k92zzNhc-4gU;*T{F%^kr
z8ov7(WcyU(TOgx3r4o!&lV{e~!lc>rq=Zs;#)@WWv?(=KO;9v4Q9fAk!-rO<p8=FK
zzKk^96cGWe>Db-rf=hhsoE@iiw84mhLYMP1g8d;tXsib|9&-75d`2??%;d6~FdK41
zV&?7BL_k7}^o2Ma0pnT$z4W`%BMmTNu%ljd+$rV?dm6+D0Sk$kb~JWxUw_%(6*<H&
z&^<4Sfc)=*I8mK0piEvZW+<jTm`-~~cSc78HP2bcqKJrmJUTKueD=zPd;mI<GvPBl
z?ECzr{*!$Cl4r|Hv$94Ax0Yh_90&BE3Ro#kLH94uEa@xVCW$Y&KWZKSS=Pw7K?_3#
zZn()Svmg~Ffs_!#rf{d68wGi19jON(kIn++d+%NDeQIF(S(RFW$cEcWpS6J9EEVua
z-~Ehh^HpSEW_@46i8yk~<|&vkXzXW0y1&!+6WoW;1ZA^^z#A+-+>RcLHgMFD&FuQZ
zhEiqmn2baK>j<S8jsOU2P2zyCj)KN_JB~8Bgg^ugm(gVEqPJn_XV4)$BHyI+pd3hi
zji%^X5yATMMfzhh11XyWx~k*HotymGFN#|H{Aa<+85P?ay&RowsQ}GQln;QY@i@eN
z@>&NUhY)M&8*?ffOTe{8lsa_HNrACkv(%hi1uaoe?WBxW!`j@+lwTw#X$(La@)j~k
z&&&JR-cb~ty|LSp_<QUP%5~91^wc>=vNZM$mQ&W>E5(L<b6n02)3J%(C%xzQ_ic4W
zcd4AbuWFLc2FpUa0JoET7c^;YED1;CE6yh}5NrsI%rWB-N4}<TO58kzKoj-oQJ)~;
zy{OfS^(yaX!9;5jO){D@vg8<Y8}WEDi#o$l2QN2_%{9fypYR*lO6xFY%P3`%e*$O!
zrSk)5S}6v;f{qua0cA>d31sx}`wA2HxQxf!pNeY<(<XgAn43&gks^6>X6`{5!gJcm
ze=51zv68HgP@};2K4NLw?HwuIxC=r%v>LHFZALj#IYsA7_E1F+hc2@0vB$MLKC8ZZ
zFs&cD;9%^mQO>)4${iz-`JW?8jOa$pQPg=$5Zyez09b0RN3p!PYk?|Fa)f!DD*L_|
zSkLkIv|KHG2iP^D$pY|oq9aMz<>6*ilQ{&)Z=}?iv8KMYWN+q2IUD#rrRyFskWI5b
z&}a~BnI4NJrPQ_b#7@Y9lC<OkH{R#QQP)?*I{4M1BVvyn`X_`CFK3cloa+4@aNO{x
zg!+ZU7o4YP<ih<$Nu?~-YgfH`07W&p>P=t*9F(&SPkFg$wShUUqqjej;52Y!O_X#+
za<mz+gebU%08Ida6oCxEo3cGM_6AM3?<pGYlDpB;`;F0!S&_QdalE>k3W^J)=C*4r
zqUL)bPi_jql}q1$cX!{rx)a}l98qhBUdNZvsz!wTD!}#zk7A#krreQT3vs}(#zjjv
z?nKd+^Sg24wqILf`>z)g`k|YI7#ingI;LTKOZ-ISl)is1pMDE5)4^0NxhbsLlWiX4
z!}2jj$)x)g$s=Ci1l_Nzrtct-kM1hSph)=G?M^T<O|G3z@W#WPiJq{IZho1VU36sA
zy8)Y!7ZN|~SfmI@LGW<LDj@%Drn%{PwZpLR;@UQTFy7!w&bDV){1kxA_=w*)n`D}5
zn|g*5_cBr##BMHmHeyN-Ye^s<XyRfuuZRM3n@2_d9i|!IsK_?{%N^`SkhlP~P}0cK
ztjUy3xtn%J1F<%pMYW#rz@}QyM~*{bLnP(Qw<0QsavdQ`v?UN?c@@!itPH$;YE}}m
z#}4rq@L}CR4^cwoUP;y_Oo%K=4I&yP&8)cIbwR=Nxuzkqx~wx7F+h*NLH3$g9U3t4
z%v@SqrhG`GHjl8_ZsI&K<Wv!@*8JVYt76?7ZEul!DU~FKuTrIx=Ct2y&TDh<`6GKz
zh{m5znLoM(sDOHGfn@{2o9w?4?Dfaud9+aFi`Nqo*W%D|j@c`E%+b=?cghtztZPUa
zz;UA$!#QeT&ueXJxl$s5W(5Uz#=?D1@FgO+aT8~A!S&)*m``WpNQgy;NM?Qx(IEj0
z%Z}32Gptd!Zy@Ax$+%*uz69-M+;vSj9f)8x+pl{`h9`|=CnBHYP`GWJLHb6@NcP8!
z7g->}8^z%LO^#m!>03F~7xRwpEu>Uodw4g6p5_xUIKEL$&7q|HVEJ$^%9HWt4m(W-
zSsmLOU(#%Tl~2|3h<Dbw<oIYGzy#Y)Tq$2Wg*1oi8`Ba_?kOVL*+5uCn0+&aalBQ{
zWl83<p@iW~v|N-aChVi`_)I(;VZu%8jz7miyTi55un$XU^+l?Q&S%Lte+w#MO|)MM
z;A6KoW8!v6tVO#(DIVnz{#vfG)W<PKOO-09ERl1mHGjVj?^EwDz|ju9&8LHf50D$y
z9$#9B-QZ$cK!o<Z;04J~>Gg0Mu-4z3*!k9UzxTEq>;}UIsA(8YGjFm;9z*0{LJbfk
zsTtzX75~ef1}>S`2Q+K{Juq(7&j;oS<Ah1HO;DIZ&U6r&<;0e0u~TK!AB`7j@fERu
z2{)%6j5#2q(<N{PT=Kev7{l|M+(;@cyMQRAJRRx%xK?<%U%;VgbTgoW>MjvAMGN9T
z;5C9xKsk-4z)euw-hYcn;noz?Q>=Lk!f#{w2RtE_z|yqomY#y=Hnt8>)-ltxhzChm
z<5_;-Xq~Nf2*t0U!mDQ>y+9RouYqg+ENv8;H3mh(l{~zs)}!V7vF-33M`By)<rjrU
zQ}g}Oj#A&6U&iJ(!@_)r+LYzUUYT$5PY=bt8v_@8Zy`0P+`(N}r)_3g@>2R!OpV;Q
z>pC|EuFo9x_WOZLYYi@KT^^Z|>$i82Z1ij%H{EH55Km{?<pmt8O1%-CSIIbP#vGih
zbXy)Y%kxiRFfB36G8}RFuy4<94bdxcCvvZG&&MPP*_pLS^S$nG!=<QUpf0wU9lv^&
z%$MyBBGHl^{2o$Zd>-dxl00Icfx`M61Eo1{jd6XeHhAaEIY=b1A6zXd+G;|rr7P#h
z-)T9j3aoqHc~*&Wd+W~WW&AWI$znP3S``+V_T9<i+8lhuq)@)7n1!=l%JE<ms8z5G
z?N{=e)pWgm1XSN*KvQTb#ymCZ$gmE(B=LqIZ?~kI#RE8%EG0vLaTq(ui6zT>!2Ee3
zSPVGQEC>9&sjRc00Xk{#+58E@PmlNQ-kVcg;|Vs>(g_et+uR4KRw|IyWX843tF)ho
zkV7W8Cn<STo*~p*-Qva<xsRgYz8bn&<7+BY*K6#>X?Ja+0+i`F*e>49XvtF>Tv|J{
z?>Ce+>>J-aJ@nvua15@BE%iN{&<%m~UjGiPI{ofwDao<U<+*JL^8eKgCutGZ6a?~8
zCo2(L29#Iyma9CRlpq^%7Cgs_4pS<eGdf?rllsU%{f-Xd8&v?<ztE_gZEoeF?$k+m
zbAP>3tXJ3$E|bC1*)$%dOY-Es;le0a$A{pe+PA&gpW=h=#l+h?IjNUndOFLv&hp3k
zo1>0-y4OcqLte{{m7vb*mp?dompjPW{CfP+neHI29|#`Uc|K}5isO;cwZ`j7uRm18
z3#>l@aFQC|k$Nd#3MyItIiBb9h6O1UaZbP_%AM=;We*ZU@;B+C%>AxDQip{<v7fDr
z7ph33OQ>|w0uv44<!cLErY~qHD+Lzcc7MDT_Ve(IJ<#xCJiq#p^cV@fW3^EwxAaqK
zxhFFLqH|Jk8C*op4s@Zg=`pxacPe)oCa{yoQ;yv)Wt}(G{%BgbyEZlw<>JR7s;vGd
zyp<^4yMxN}WrM0zG8Dm0Ux<MVlTqik3TtWvZnhQBl37xVdq$)v`VvfmJpznw-Ud;3
z<%h8;L8))R?z+lQgQC%$l&y9?9kpwmto0a!IW~+<GCRwZ_byWK)D2$}qGQHWK$EDM
zsulBLyC}18FXT_jD6u2DXLzGzXfgV@7aaSe4*Z<kx6McM5o1u#3O_phvRP1W1kqjT
z!P<-c*nW$?g;a?ri}T_z+$$d!6E4RWbWf9}7@7Hm&qa0b8pJP`3fHlrG?OK~HsZ3V
znl*!@Oo}5J2Fx7RMVH8lZ8OYM9Bz*tGZK*UOHW+xM!K7RS#TOsm*v>?*cEVDlP%`7
zNa&i~DeKzP<!~-<a*A7tn+_*GQL_-eNo0G=NB92Vds(Fs@HB1-feYlfRO3Gv$Lm)i
z@JMM69FHDd&BdGSGHcQ!fU6%n;b4ll35C34?V^P7GRx$6NY8woj`$=eAi`wZAxgC)
zFvY^V3m8l-!dOmSZ->t}ZHVyBKwFUK1XQ5}#wy8o_Ot;;fTW!Bi=yO_87&Cn5Q4ih
z%!cCW?l7m|F@#6UdgmJ%fl%FE`$IZG?gtS~xT*PvPg1GaB`yU)kg{7Gool4%R5t9T
zPj|E%Dce-}iQ&30;5;Q7F;GepD~u~I;jg=r+>TEOABp|BeLvp7;z(rNw%oc?TX0eP
z#RqZ?T`3&;2fhz6t_WVJ8~#M^d(GymV0FACT1ec514q$qbz!5fBnwIl)Q@|zBtPM5
zS2U+tq*eWmwRy~Ekgot=+_g*uKuLrN{!Qz8JA3+(>IRW&R({y~_xZIO<ODD1g<#-I
z0_hpa)w#)iE`?xH)4?XL<RbTo2NY2ZD+gt-993s=DVAaR<NOH<lHd9v3;SIoERr!W
z`8pD(Q>X4CDB%YDkbsOY1ai)@GGBhSx++NRWCx?IlIc`$ths_|aL~atzKB-yl9T~i
zem#mHlVpN*MG_{%b5lyyW~g=tib42QLo)OKq?R$4xq@avQ$9b>@W|E{&b|>qV3KpA
zHT4v#Y`}`fAjWKpNe*Ql46%rn{aTl-!q8IKF5a-8^R8jB<dbEOyaLE2U)f2h0i25V
z(9i%NKt*g$hP3}RHp*!>cl2>2q~gG$H0>Tq8MwbLyyvLVpIVZ~E@+;@<9SM_6wB9B
z1rRw~Ft>gfpl>Mn8z`U!N->bL>y{=R0{F*FzY|R*0A6PAT)=$Xa5O4|m!iF<c0DG#
z(<-yfhP=jYA6I(}tGNvoyKeHQO-XEuR;*M$<p6()d+4MLXCsbF|6ROg6S>#Lz>cSX
zEV4h>8e3X79ia^sL10G^qq|u{#SE~(9Ll+Nsz-xB02>hEC9WI43J!wfyfu_juFg+2
zkS2|s1=o58<9#5-AiHK29BzjVDb?DR3FCSP(zSO8tkVt-t)fT|fEE8ua!NGmU?=xB
zNF;v=lqsvA>9lL4$AOfuAj>{%Qu`;_FNv}ABV%SB&V*A?0x%dAC@97e>HHEXD%B2b
z1+_u(%#CVX7Pfbafl~0jy7!l%NR!{!lL~|E$6bKVkvjR@QbBNvMIPFGefISlQ5}#-
zn1h(iLP(7b0weTswr-T;X;lB|7XJA^FfU+yQO;RQa1&67upXW*i|v(qmH<wM8oDQm
zjM&DwHV}W?ObIU%*K8~`e%J<us_#p0TPZ><nsFd8DSHq5(&p02i`;TPJ2Yh2xeLdN
zhno)bM6UHJh`upa5f5W*yM67Bzu!1kuUdtzDd}4fcbYfF1ELk4skrXzSAwlFyP%oz
z%Bl7Z(K!G<u-sY6HwP$QA%Jo{CC#nd!Sygtd<50#0uNog_JI(-bXhIU2#J8wO_za%
zmGd)$5n_4Vs+E=PhZSI%Ju0Ac`m0WV?285E3$2xnmoOO>K&ob34E-3)iRUo-rSZxN
zVSw$}g3zFf3_GI_APo9elvL~QSN?u|5*F>!ymu~k;Wv#+^!HDgAXhCZj6?ZDqAp3!
zV+lvXgh+ce0$QwnzssNR+(n1+#0%NkK3vqIyJH1pwQ-lte6CXCY=#Ghf#dA-6KJ#Z
zf{lVf%XUB(jmf{}`RJz2-ZN!&eIP0gBpQlV!0vn@H4OpPKs*nrGiY1`e#o9=05ijO
zo&NZ2tXcUjHDmbsyKAhkB)xI4%pLZI3|B!=b$)lMEaf(ba>mof_QRnP^9c(IR)AE3
zXQpn99fbFLNoBq$`oao|pN;uSfJ5a|!SLQzv6xlv_TM=!6#wIiNZKG|)<Bl-f&m;x
znjD6}RN;@a8L@{JVh>)!2BD7hXuvkXiIf-e;!T(z$7SdSiVZO;^c`gmSI^H{BIqh{
zABX=q`}Q$tA=_6$sE@L2Ts#nHho|nc<^!8RmcWY?XyN!~iJthL$`o)>a$iRQr<E4Y
zG`3^>?50;ktwqhP8_J=~=$?YQQcfV?K4s73Wn=6>Q0_$W-DSemb*zy9e#%Z*e5K`#
z48thzx~JhdDBx!pJM*1D0ybMB#cS0rBM;c@l?!lN;A%qEWw)~MDdT^A{Kqr1fl+KS
zG@Ww9ac`i6WKgD5AM;(y7MmML&o6W9!>QAEWxKY7XLHd5OtUW^BS{x-DZGv|`>4-%
zt3gapRA1rCVQ8AavKc^G$HWXVS@3HO0Mr2q+yyYdw*-__13JJghHj5rE2g%myW7%N
z4FaY;(?#i7Jw~Fdm~&nrt-r4xanU*goq4voHkcV==6c&h!JqgR;eOY3my^7{9L)(_
zxL@o&q2Cpu78CwtNx%fN37DW@3*gn}%uD4DV<VcIMk9?<;dVsb-690vnlW0!Z<$)7
z*bBdevoH!{_k=hbQdpO@<SU?s+>M^{q7?Qq%Y<iq6u&p`MaK*Y9n$r_hpsi||B}vj
z(Yd3t!MDF^P%(^rIW+M|<LB;8YUNTop>w9_I6JAr_o7xnG0UiYyOp!2Xl3^P99dqA
zJ~YF6zCjIB#N}`<QU>F8gLp&#ipmCmm=pNBA%Wek{nDAh0$}W*6Y?3nWltC{XZFnZ
zR;(}m9uUe8LLnKRh);VGVJKlxj*;`oD_!_wDW7FT_bn6oq7T=$b68@rv~yUvl>?jA
zM&DiT&%^qVKC=Gd(~T^~I<`gq|MB4ddVGU#yA2n;PLEMqwB@>hkq=VThJj{$@>8o{
z_Eq{JXn6!HZ9Z73#-J7}^2WF={3*0Dk%ss!+93&8-`#SCj3<1h!T96AVPUQ4wX-tR
z3$nrV?!NkAk&LyO@SZntAHe8BmO-_CZDVa(8_PM>;}m>mD@#EK`@n!R>~@(Z%Brk(
zhSp}r_ykDLhtE$Z&Q(EL7%tvCh(@b0;)7zSB>1goE5Q_(4#oJl?a|!LkNj)^+Fdpc
zs3W}nz|V3#`C#K80y${Wp<M^y^9})Nnz{|^rzhfw=6X^y#5tFdyKxkL%B^iMZ^nwC
zIEL4B2~!!YkQssZK|a<hcx4`dt4Fd#!RQ~hOio2!C}?dXdwn1$F*e`NA{clbvcLzq
zvu58YMCxhMu#ukdwgs2M@Gaw7IHg%>tvXAK{&2d=KoEW_v;q^EU9fE;H!Lj|Kt#Jh
zo|p*c56g1QcAq}zXz}wp9og{h?}M4MV@_x+ORgpS`^5Xyian5;2Ku69Czy=BT>?Za
zW+BhY=yN|{{nm*fm<A+#{@mC8ig*nUVQe5}kVwGw#FsWJ!N)gZ9Ot7A;|y5{V!(`r
zb5#He#oZ%+Eff+vC<3C7Q0-#?KGqD2^&r0xYB2^h@A2x^?RVuJksz=i8bxF^P1{^C
z>5d&>Bd*($_|m+x4?plVfWaH&;TrgYK6uy7plS;we+>gnaG{Qt0X_Yx*#=pyz69gh
zMm=7!*_dF(N`7k`0<4kPsCNHv_sNz4T2Q);0QIeUzoNWABV^2hCaMrU8iHZNA8x)2
zB*DU-BC8#toW7}Z6J-fdQ6YjzWNx!HNgnAYxh2SK2Q-CM3U4nR-7tMV{cvc+Q4Pk`
zT*-i&<=1x0c6#KfTcI#CC}a(mnk&^6Xs5B+;dM_8v1a{<;0Zx&bT*ddKETO&J=YKe
zLCYN{qu|n8+XM5}EG9k%1NKiB3+R<8PJ-ZD_k^Z>8K^F<-Tm}N0`3d~(^eo|HZuBh
zoW%yn^()}+g!e){e~|JYBA3U^uzRDd#F45@f5&$}j>4J@d6(;bnKdD793N{lTS}=B
ze@WzYN0CXZX;@wWFkZI&ahy6EperAPSNS@F`X(PDP{X|*3jolvUXg^8D5MNXOXW+g
zvCv)c8G))@7S(+O4Fv-3i0LJ1LOB2F3DUQY>N0z$QVT8>y-tX|&#eIma)vuPzL9N0
z%P0neF$KoHB=L(N<1R#ZhS2A1Qvcn7pJ8TV(D3>UHQgy-f3eIZ&=N#ls;0;TJ_pcg
zoPm`<KKB$nopDUJM+l@hiT8TxE>$XG$*v4+>SU|r=^Vt+HUPq@AM4AC<c+4%1SlP(
zb+dzIysXe{Y<P~bjR)0GW<`S#D_|eropBb2&BGmiU#;)1+$KEo;JfR-3WCp8vTvmv
zLs=Q{LIF~ER2dWE37E=&Ny6d7HNf#UTURq1lC?t*NKz6Z^NYs{4^e*xIsRJC{`zO`
zdo-Qtm7#)qI;$a%4Q~!Vm2cQN_u*1Arm{-AQ&!&<$kcK2h_~l9oO>Vfse-a79zjYx
z=|~evx80eq-x?>&gsuS%0BRsoz*%qldUu$gCPgdXDs}sC7Z9!F$&CV?3rD#fws#QO
zBIbhY;Q7igHXZTSL`ds;e%;#xntUN`YoL4wvq@{oJno{%T2o4zbv*e@fd#B?z;hX7
zYx$H<_Xx8i-3Uerer#qpGLUj6nEDoPW?vt;&UwvTFDlWd=RU9P%Al{Jj_CN1Z)YxW
zg+)R@oP5~4poQ64l{-^H%OAxma~sBuwQKWVbFBaC0s$5aW*!WD46JA>9HM~7&2ed-
zlubgmV9{nXu}E3<9F*p7fF1hNT_fZrRe01=8%xxw*uY;$Ml?^B>bNev#H)8EexSRi
zB5_LSehB<1wo^VH#_p}K+>9{Fwt6nQ_mJfd&;nsa<`d&lCAQFxEw8>u#7n_GeDNy3
zYhM_S`O}t1&F<58lEVq=2sAfk7?pVDEOB9v-V?M8aX;MUpG}8nUuO5TW~XXqVHhu~
zsQ~4IjPEPYvD6@uVN0n@15M<z4;dhy@r3ed%wMkg8(BsQ5&|PpJ!Nw0{*d8yJ16`~
zf@1+62%EL{IJQCTLQzORZ<t(y$13x6wvB%YVfeT0&?^E>`)w!4+*}3&Idr=~))3Rt
zl<NHh?PoE!qW{POkeCM{dj;~uQaBF_;|swa2P=@`Sp(Aoi0}zqq7|=ozK~d>AD&Kb
zq54t_7vWC!C)mMPBUp(dvIBLDS%OyL%_HG(D<_)yFVa#{qYb)tKn~1?<N$Nj&Yk(L
zv+7KP{&2bBn;!jV_DH+=0LB0gl+R>bHUWLv>w#=GCGIz3DxdDu-6i@$CQf{TB#)Om
z=;c9uyuC4j>1OWxMiG?>DU^h8x!t-M<ose;?-V_^v1a%n+PxdgZ5W76_nwq<AW`sA
z7Kja#Q4I@1v}#>MeuvrwJB8_t*2#+!3c7eA2T2a*qosMVsOVGAE0MpU8Zm9U$2W-U
z^j>QVsK%$mW|jY_Oj~pMlq-KfmcP#RAAfG~U#O#E_$K2YvswHh!l`>v;8BA>-Ga=>
z)?90R(z`CQ){W<kNcI#?<L5aVt963S4=6_?GDo$BrCP&gPy>&`*!cFQ;#&mjiHh&c
zNaHkrdG@t@qYbf7e?TvvuG>~EXEc*kVj*~__$YSaXezw*v@WiGGl1g<?8MV5Fd@<o
zbdzh&VziJ26VfDziPLe|95BD`-5M-ZkWHvCW>CcZTOAX#3dTk*ZinV_C)@ZQA>#wG
z9F=QwgN*82Q-xqWP%$dO!P{SIR<1ELJoW+k$L|?dPlYu&s1v@7!<8FM;dYzIc(8cV
z^?YJkd1`Ry!uWL-rU@eTY9%RE_*dX@qbYdcJC+efz+J%mhphAh1FdC=tNP>kz`qqx
z_==q|)gX%@4DJ+gqHK3KtqEIy-`~(VpUz(UqvQQ+W$@?s-#jp)4EMlnvQCe?is660
z(Ds^JiqLY6VD{g?@xLiL#FoHH^Qq&(t^a!2|NM{t^^I0KL2zkBZ`X3ozddt*``2JW
z5b=>w@btmoUZFn^>(@7f#^5up@$3lZ{?o(wC=ax0OPOK+6YcodhyLR>{_`ic6yP%n
z;Z|P#qka3^Pyfd@lmV%=1X<FE|JUpCuOo4bmq{9w7s`j;A@~}kVoVFy@cSoc`N}o$
z*)A==T{5}C;Z~d#Lo!*=oAD>g`gf8XU$H5=VD)qnFMT%nzHf)p&!zG|j{DCO@cWy8
zB0~Egr{*yNs*B(QFAQ)00XzJ0hW^Lz{rSV-Ac$!MtkJW-+sgiR&VE5OaA@yKc%8-l
z3xWK%fBw(Ef<_R)lQaJ5U;Y=x(qB&-F%3wm!R{>TkN!KU$zOjPd_SuT#oBB(D)#-8
z>jzHl6+CbWy-+WfAO6D^fJAPc!_u`c<zQ_?M{iZmEQH#<ch9~OeQX(g2E|YSrF%HL
zGOzIq#{WD6|M?SNg-Ni{S_uK)*Uo`oewpm=_>S2(=&*{rU!UbcEpyh==ph)XGx{g5
zNS|xp`aHJG#$#0@<@2*!FX^B3I93N)#}}D+^nK3#O2YC&FFip)d%8+doHWTJ2b74{
zSYPOYFxBE|U>Hf_?#=k?iPQ6`0erQgHL9Zsj4&MrnF|T=^!f3IpiW<l{<-uT_ugcA
z`q7t!CBivUKR3=qS%%!&vj%J_!0W1?U6}`hq37>K-<JA)FK-dKLAo{&PznTk+I1L0
zK#F8tcmz_>Q~94o!GI_YvGR$2<*9B@+VoUxe8KC#37$B0R@0L<qtPWgQzh-#7@PRI
z`uR+8RB%02a#>u`gi#?RVTMa%40xjK42I)KDAn`n@lMQiQ8~B<dH$DAO)F(ON;*Gf
z=h6!|4Nu>Vtvk*^xJ0OP9jtGZYm#vpN0Y2?`@|owO+4St^Rw+L_+a{dxZT;Vc)|k}
zxhgTOr$#K8Ltk=6XlTCDPI)%+Dqb{7ztQ2;Ed6BS;r>;kVwC4D73TyZ?NwQ$@Yvgr
zFEo1|Y37eZkzF3=Dik5Bu7+oYPq>w(P5d?Ntyc(R^NpN#=2tb?tx!25>M|P4lb~hI
z{r?bVp<MZ2!Yqoka<LNi*jQ^yfG%!tKGs}@%I)9NEIuhDngO5jw@?>=LV>}c=|i*M
zKa5oY@#heTsL;-OQIxN!AlwJU5nu1v|AO7FaQ$Bq;1)o8r<&mLbn3xG4K$S&N)p5c
z*?LaOGjly4?&BDAFaMbU{=+u1W&QaMH=|b-Ku{ro-MjT1+;D2?mcV;IR-}t&SO~?L
zLUL9a6QFAiS_L(IiPXNgxnkE%{)HruI@5QM0+V?gYM4sMJ4B96l=-f@*Ep{h4U{iK
zE@V4V2)-p~9{8C92X1s?Omqm%s7^i!%#Z7hIO8ad%XVu4P#<#_256aIU3Wf6e*JTJ
z>!l+#yN2((XT~AwRyNYhq;Fl;0+v*-l3U$;Z(6aY^RnXl^j?<Ad7?T2AyXnvWfzS=
zT8t{Q!U9)gA@Aj|0yzq$T(;|-d3GZM`BS~h!>u2b2V2Z`8G1gPw*_|zoDF+q){0b=
zZM~@G9a}rKa&CJoqbHx=^RZ=(cLN!7|EX#78b69Ar{T3vTe1CD-l3xkilOWZV#}1Z
zA@g&6Wheet4PnFM<@;}*?q2M8w5A^Tg$z%;!vxRXE|E_!kTpxO<Mv9iT#NqMgy-CI
zk+8FxcZ`Z1icy60HvnF=zZSOmkp;+N#w_Y_&EnT}1vP%ot>w^i9f79%GVK5j(ZE6}
zT{}R{3;^cMEqH`^mCDHJXeSQ<kR&$)h6I%bvjlAxv>;p<0Op)><hhO5(tyRvJ;gY1
zhI%U#(0i#~aR7-cxaP?Kt0;AHoFGV^Y-O*u@pwiy$p!i<6MIj6fhb;R0TL6Tg%U89
zwln!$&K!?{H~|ukHql0dduKuegpPyo7`YaZWNJ)*()jl315ZCxTdl|C5g^;0!=w`d
z>SK_A;WGpYfswvMbGU2R5k#X^43V2%wZ~-;C?Ntx)4zi93RXdlPoNLxvNmhj&jGPU
z(U+0HU<V*U5h6f9u@D#e2rSDC#AnFElne7%hbqMrrs{nvW~x9}Ge!UTx+#vcBBzv2
zwgaed<G;0XuS3GWJ&-B$-ESWv9mCl*$4z@dUg)o#5eEYR%lao*=Oeyb^Ob!2q6UaT
zjtdl2NM5tH4PxAN80*7$!M?jNMAtgdF4OUR(;*_O*2*%yva2Zaqx{`2bp_8zLdx8O
zH67Fs7IV$^4#6*c{UM10Mdi3huZt@Aw4>w6wpvcVI6Y!1cs<+MEQ5T`XO@Q>%Psh{
zn_WY&ASPZ>G<CDsWXz>sWR_KJHUz7GB`sr5`CBZR&~_F%?^aH@tx@&&e&HJ!`!Gai
zm9Uwg@X@M7Y&oJ*_+VF*?bLj`|HTJXx=P6SOjcuSubPUUZ39ap*KN2+_d7VxIKI|^
z=Mq`x2BK=Upp1MMCrwnlhDQ>HN0Cs)ex5(5AzI>1WIN<jb9^Llcco||Vz{m^HnWrO
zod3D$M3lC|`?G<YY-*(0+v5rk^K&Fo{!_S4&lgVocgW3)63%*M+P)30*&3X=9XczV
z8qY4rf2S=K<txLBF04anZ<bn{A^b`4)RmEy172p2k8sV%d7IzC;kA|S13W5rEb47$
zLM95!TTfOx9W(RGMCv8RXVabdN5&6K{ix6Ch-YH7s8Ai9sPehK<YmV;f5ow_>vZh<
zsmBVqV;5aiwv|5#<Y?PstXC$YOo%S?daca`u6Gn(sAjW0#O_H1D0uh#kIj?=FToR%
z1@yGnSd=J|H}KsTKW-&ZiX@IRVAWj4gCU7jyrX}@*DyF_OePW#%!H3W1?u-gU?t{o
zw4nF_1~*uFu=pCdS`aKp^Tdf`LuJ`xUl{%vT6Z?cfL%KdQA9cHfaoFL1Ge3J)56#3
zuWEv9C7^%fsQ`%M*d%2`H8k-Wm+i(m(CfY~JXQe67^LzT<L>QK)-=Vwb|)7~YR7Vw
z3aEWewi*1HX{G*WP`k|&GSIKCN$^!rN4vPswZ+_JF%zu^Pw5KgF@EjMVeSa=_di08
z7@j`GTgRfznV?sJlG@LJP+A2V`U?=6KrB=n+yMfdik!fl@c_4bc_veJUh=fn0KTNR
z-FCb$RS2Ld?-K6d#T0+Gd@%dD{B=K|j+xqgh*oMYN$Fr1q!>JAUuwnH?P6ZV{R3Dh
zmO(e7E=#kM+Up>dDHk*Z4~`m>1%L+ygE%N2{CgNX15dCy21f6zp-l5{FH2tD!}+RI
zUP?{9W#A-w`=hCZ3|%8`UI3}K<NAp~vU=1lWa#=?4k;N;#@TL1rl}68#G0?|-PO?n
z0~OTUxlH}6eATN(uk+~l8W#IjHi9?aJ@)@rY_V$~RAnnOjD5Mi@Y-Fuk^YxUBk}FG
zhv+VTs^IcwS24G{dft3gob`$tZ>;{Ucf;d#r<0vd|JA6aG?PAWR$dWeZ_=sU`}g7;
zKKE4>9~NWU);XuGgzj^D)*|LK`HdppR}==G+P#)!Ar%b5yUEu2)UI0l@Th%n<Fl9T
zh-J9RX*;fk(N(Nsxf8Sfz{jO14aO{;jA??A{n5&(XIJe*1J4b!fMLJhVXdpoR(ipa
z%{V{(4UU&d)y<u%-9Ya>DgOuky0a3I`zOJV$C+p6kca)4do3ByGN1Xf*QJz9Na~#3
z)nv;}%=xVAqW*HgTmGf-dO#44Zd~jrDtpvuTOtQBI;0`0gsL+AI@A=q{IbugakV_y
zXP<q$e=ybMPRaYRtHmUIKMG1D(K(ZAbyYiwz7Ez5y<XW4)}ky#=z}SmLodA6GVCPx
z<&I?>RKkPBP7Z(IJUQ9*W65+`@OqDfHFq3#d%oesn=WL(V`i^7E7@VbrR(mHC{L-Y
zz&nq9jno!$>vyJu$h$Vw65HX*%-WH>Lo6z3=y?wf<uYMcplQl|Io0iy*K^S7;sZgh
z3Jn;xLb_)Yss407n+-p=2aZ*Ttiw0Qm{+WIfa1l2g)k1xQf8t!lErl?<5y}e!dFlN
z1%QlZyP<!)w;G?`9he};rJ}$JH7a5n^fiTqZF#LMMn&h<l@+d$DX*^cJBu}-=Y>2L
zBe+OZ@fhn;9ya#Nyo(i1t7~hH=e7)=ncwM<^4ik6`?_nTY$Z-?#xIZR?~hkDW=#Nd
zb%l_SwZXhlYh}T9+jd+dX^{A!%?o>!4^X!HU66C0&;XBl9(o&is3~OvsmQ@h8sr8@
z_Gv(4eO3vj!LTqtwu+|R0<8V@NbS$~O({aanW5XyhDufArk$AsKgR=Pm_9N(5REz9
zAfI&vkG#e!o7)k{U@RSA#h-L1(@q@$!MsTo*n$rf)`5JNHj!Xd>d;x~_n=rmGIT9~
zkhy(f8`Wwk3Ix<X2WFru>G2@&OxYAM2I=(>mfrjv_j1)MiL?F-K$^?-&L9xh?c(L8
zZQBTK;gj~(fzKM^GB!t&Xyso_0X1kjHu~e+UPxKH9WHt=vU$R|h3`XqdoH`d>hou#
zb0m+&E?ioQMH3$bHEd&I3~b{?L|K&+{iw#Jr3^IPrVV}1JGq4bmA@T9{GeG**O8~`
z`&72dtL~9A650iu_GO~_XR&t(X&#`5sn5TrVS9UcoLm2H`&>v-we!;>yb7kFz`{$R
zp~dH_hRM0@TiX$L@~lP#>ZZ3lo^KtcnV(blM*1Z_eCTd{pL}e;y7T%+-2}-2GwQt;
zZ)*7sZr2v|g^I1z=ut<SmK%|UVjT3V7fRpXTMYY{xp{fwv>@<9|7+_0hvTVPQ5g4R
z9nTb>4%>HZY<)D=&brEquDjNwaq#MuitX8uL{7&!MnKR+k}1DYR<({;;p1~k8?brZ
zZ;@UPF=^%;BV{WITNm^%!eKdO?;0@NjL<eA9L;<v<XC237twk)b39zb_#tUMXUbdo
zL%@WcGmhxVnKBOB)$6B<2*=0{?TAm0>W=Q$oHWlw1a<cAj)k|4Fk)$FoG*!9nCJbz
zJtA{TcEm2KDJbWdd2633lyJ0AVvYS~Ged?wIgNsQ$H|TF!&BZj4jgNn?nmd|@ThPJ
z&8Qp-we~@Mm^_mBj*E3jq1wq%vP{-5pZ_IY?|~EP((zH2py&K|F6*{op0*hHT2vTL
z_5SJoWQE8w$qE5OEPr0(YXxPOgA(G9d<sd4X{cCMlky!=@>!uA9v3o>l@YPvgox7>
zf_6=mcTgQl^qf3lOxMpb_T_rI<;=qupLi;`jWdcrJvuK#1z}sM`O-54TK1NS>9f3a
z)nZfa($mvw=C?c<iv?X&i$<3n$>SsmbTI7Yy&Iad!d&qOdBIy6Qa8EzG*frr>jd}<
zz3B=nM#)}V?ejdBh#x0C!Ll%mT0g<Z_(ba9e2*h^o5l<_ix~q<a?ME#VBaOvB-)vC
z^rN(aErl-18K3T``RN~MI~j{Ey3ulck3wQ_8-qx#A)M%nA!lZShl|sW1LP_R4_`EC
zcMcSfzg-T^Z`Py#z&Z+q4=Kl~6jxDQaKai!xyV??0Ttc%{G(XQvrR3It6;{{d)>iM
zzgSa9LQN+8*5*!0Th$z|`-~n%5E$xCfr`*KI0H;;Bd1lbKKZyS4(bb!`*-6airc#Q
zai|09R5bnKGE3Jak-2EB&=2J8m&{_(uP`UMqF+%8a;+U(vMeOM^#9s>>!>R8?`@b=
zK`=lX1Vu`^B?K&#MiHbtq>hAiqku{&AaH1d5Rf=1Eh(J>3Wr7nMCpTcy!&=$obP;p
zGr#%gUF%uvS<n2zFyrx@`+RcmYhTy3PjFuKcVsU6>I%+IP5eCVU^iJE=Z#jPnNgza
zwNEEr@Dgtsu)|7MicF7%4Z`|rx=8mVJx<k-EdYBfipA_%v16Ra#ga1&=j<=Zq(sSt
z*J1)9!$}qy-`v%fC8;y`(R07RsM9@nk-ZkP9UV3v?fHhBfggKzk1>kKi$-E{-of&Q
ze1e#frT)j9?c&2YHf-LThG>8L!6W(>0S;FwYV>(YPBT~cRM%RKX7(*qw)mP4b@}aR
z-Z&{?v|sP4cUn4;C^Yq2V5AZon|GHACOA?#urf$D^vrE-Ei>tfhYIN1iuhJVZXA0n
zR<w!cH2kSV>5D3j_YJ(O{F?5~JK{K=sYG2V_n`PH&C*gSGrzeQWjAmpDn9oSp2eUq
zdhOQjC)nz-==OoKXuHX~)t+ntRv5FQ*J2}nN~m-3IanUHp(a<uL?TzN?ekO3Q>J1I
zkI&?|uAA$RJn`Z?PWS_Bua-(#GbYPL>3jJ`tAu^fmg<-q^ER)j+SmQB@dfi%8g=ra
zC5JkqLNC<Ipeasn?aZ8MuDr&xIdXO;zF5t0f313D0^4<xYck|@mE5`6vc<ZO3b8v?
zIdPqa*ZOr*nWfwo82R6PSs<j*qt-Ehq8%8q-W;3eo$&e`KISScw%2lvt->wZE+Rtm
z&59EjU#j2}XRG-uvtj~z=JYZ5IYs@zDe(PrV@uxicaYQ+db3?1PH`qY#m2fhAv%><
zg0)QiHYDJ6138Lc;RRe4(%NhpU9FQKr;CGHsP%ABYZ5cXU1e^zN@(U%ctThwnLDr4
z^p%{M$K4%NX8xPw@h>ZV2i+vk`|vDEUXrx5m-JhE64htTDyL-hbUt#Nuio`>Z5Uf{
z<@DgSDtSvGzf53Bmqo3F!=+@zh>OLk?2W3Rh1d?LNcfG}<h(Y;+BB|Dg$R1maZ4CE
z#5sGRiq#kbwzChoaTz5?lqIgUv5L=89^*(;6DWZ&T#x}>Jz*{~bOO0cPTb}pID_v{
zL>WHwaiq2Ck->;<ku3b*K7wJUA*h}soo%ihTv+&`s-`IYfs?LvB*UQm?!)}u86$km
z-NkRcV#Ad#O;M@yQSI+-4be-B%A!kQ%NivLtp`(kU#Mt{k=V(6sMZ+R|B$cL*sgM`
zOpc;bdK0}I;26-m_T$T$@1i8*o#I!Ey180{=P~1UCdL#3Lt-t`@6NX<T1fIzj*;y~
z->B&KJ0~$5MdZHT%oSRpNa5|vN5|kY7vqPqUUYXhJ?GslE*L6ov|q$dSIB*a?RmfM
z8;f(cFV-fCU&bt&DU9cz4fkJ2QNZ);->%}J!^PidtsG_J+Ei+>8|2yF{;nwJc{%Ee
z=XNoZS?rGzjlD3lo*UoFb)vX-zlKDA-Z46po-}0eH0&^g(JoG{>&&IiZS&mE=WiLX
zl<&re?Y9loVYLz$a^9v2@9b=+n&iB!6mN2A`La><)ZAM(+1#Ev!CSsqRVc3I4bx-u
zewqC#S!_SnzDq{7<j%H3$HD0OCI$Z_t*kqv^<VSP98*f<CJA0wl+m+d$H$E(>jjZh
z7I7OU(#9&ap2dxR3vH(|RBXMRX(p}l%~N@$?2K>{+zQL4O=l?gCeB2=SAVe#&Sw{`
zOjP~^?y_HS;^$-Eh2piq^~WS;r`@7`d-g7KC=H8nK+W;Vv~*ehn?)kd%fX$m<O&JQ
z)t?YIlm_oO1SDPMV{!IHtIiOJU-A*yEo?d&O7l_YAU-}O6@wpU+CT3NXQtex6Hscp
z(ynUJK5|#usS*7SKru7x$wza-*b3~a*q&UYt+aBI^v7Hb?JjtHcd1)xI}JE$jWKS$
zRS1MD;JvXlj8!y@b4z}fJ0TxTMt8%hNFp8mYD@jep1`&B(6f|8Hf87sr?Q*BP7Nnw
z!eWv-?UOW|G${PqN?k7o3u2pMY%+L6dpCy~e^9i_3TN=+GA9Y5C-i9cssxn@EE0Mr
z8`h8J;RM+8VTZ$N4`^hUQ!imBs5qBUHZ&lkvXD>kmdBx$EAu@+mtA8eu9JcP{!v;1
zmXxo~B}*Vd)mu6;tUJ1@t9L%&Re#kco89Q!yX@Z$6{x=k@9#?6CB?ja{mK;^Iu`Uw
zA$Ioo_dVQ|u(?szPr3qju`!aqUi;}6DP+U#Ct{0&y`s|wNENuI*``q`?^_b?AB~>-
zlzD)Mdd$yZ=!i+Ox!%y33mvZ%8fUJYr{;V5HUTAz&KYvGIX;@aaaEg#D>Ko4KFT*=
zh2YIR-!98tMNE9l=XX-Gak2S+LifZCbFakjR=U+?D;VXgZm~+g?U2P;ZNL7C;}$a#
zVO(9hWwItLACw+NHgeQ&gLe*1B!o^G8b~!%P#BlsbLZ!IV%HVSG)=n5hToVOh4&RV
z<VI?HCL)w$^4net(F5kuH$Ja0?dEc_d&^%0Y%#k^?Gm=P<A}OL76!}u&f4_)1f1#K
z9sA<W6T=vp9yNKP!mr}UGc!}4l_f`$fWu>l?W1@`TNDng=rHVRTzuWvXk~cpfzN4)
zSO#`{l<u=CkI2Hrl534Os(dH?2*#w?#3klZ!rmz_rG|3diP)7Ge$yb^6llCN(jsUi
zO?TLHR;#1_paOcniDKO@Sj5M2Na*#<q0BRMqhSwsdSrr%MvB_{;%4-lO{EnZ318UJ
zo4E?A4nSW<@k>-eTNt&s?~?U%%b`4K>QOUStWF<kLj{nQjw_}M0-{F*M9xKYYJkgy
ziXZ9W6+e~{t|$<*c!n_4@er8E*0|Rbv&n(PnMpXQ$HV6)oSyU*co!~JWeUsNG@Xf#
z3scRGJa+T-wHJ>_@UJ#v(%(B2|CqxHGkP!8P5?_TEIp3SEjH1G^eJa2Uz-P&+4_we
zsdfga;Zy4RS(;Olgl(9`+>kH>j5>D@bG_1&`JJIV)eYn4%sxBiUBip@F?4ESBdoQ~
z^XYagzOKMwAEwq;=CyF{?FPm^sR?%}m`B_}NM2}Bu=tLBN&OKi9xXdo0hMXKF>x(D
z`?v9$`a?t0TR-!M6Y*#Q?|t)O5Bf_Q0%5mYirHI6+In+}E^XhC3;0GuE9q_iwLixz
zNb;n#-Q}RzS6_Fi2IEg#PA_y0^YdNdndWg(_P^gM7`@-(uK)6*okGFu)dNxBNSh(;
zJnI(f)gYMx!8Xr+V#Q@>$g2_<D!aF4rCoXj7iD~R!Re`o%G%dk3N`K@Jfe(U>8JR*
zk6R?opx^0`-B#P&U8L1lwqLP#E@lwAN3s`7^*C3>4O79v(PWl#=5eBZbd>U>wcoBm
zwztdLu4xL*w~BZR=b23zi33F8_WOq%0$Uah`06Z*&aPfZW+xl38rQS@p5dEJxe;<=
zX%c0jkd}UpX(rE>+j4sL-&ps4K3CzrICDUPAcd-|S;10Jrx4rIGG(uJB~SQR44Z?Z
z7LQrwOohz#Cwl{8YdD~8Js8q|;=_BV8nb9+P}FO?Eiooes~8~YZfi4U>&0wP{aZX~
zL84xG7i$q0UZievkKx^l=w~4xF>R?aJquM~=Mv?UV>i?GNZ;6CPlwS-$-KEUR6d++
zEHj<o5xW?wVUJQX&|UAy_hWWd!x-9=atb&TkIG<d6-Z{#71Ieu3^dx6%{OqJc^4o6
ziSVCEaGB9AWh3QO7bngNe%x{L^}_3yJdRrx@sFga&eObBu8}Y>y0S(ba<Ppn!7$5j
zO<2m%;n`-k(E0DWPkpn!bgJ*%EXmsCLZaY4as0rtqvu!EhvzN^jAYM6qboE&IO`Bw
zM#)(SxpAoMaaC?laG0#bV4BL!X%5ZtRot8rP|Hc+UX+T?(hvVVmi`$~|Mo-uRKW6N
zQ`3#+!#o9YL9x!3$U%&p#%X5>EElw{bXic{_9q~+>DPIuM>s6(rttHm{>zUn8T`hA
zw?7{bdCwnL(yV>3>LnU~dC_lg`tzNC{kYvuaKMcL_rY!Kw`Ko#ulfC9Mi0>rzZMT^
zCD;7*xBvdt0gXJy4kd!jKI;bm_W9q!A*1kg&Kg$#<2(P;d;cGQP`M({qI6UiLAbv0
zQo-?X{hE<m|MaZLu+W#lH*56S8QJzc)17~7-Sf>`RQCUzdt^cVz7*t61+=pN(1|U3
zoYnhplOY!%c?QN9X!qh*{%wp;a3U{#9QOa-^naT#B=-6LYfNva5kQgX5-nK%$IJM5
zCJ)y`2M6vQApAHE4Ky10?Y_M+gr3j5!BqPAkJ(pmA|hM(R7m)F`aceaKNp9(0RbX~
z0Cx>r1vhZ=bo~k@_Ot@VayzqNJMRuG+sSRDv#_@Jazi};eR@K&YM>HjjMcG3I}AHE
zHOxZ8y_?$LbyKfv`<hA%s#XObwe*4j-Ouk6nhk~I>+}xDcV^q3pG<{Bsx-W0)YEnY
z%y=$>EVK^(gc&?N>Kq`uqWO4G*kYT@^O=xkC3sU#78|=xJ-rnxXf<1cXs`>wk31N0
z=3ixK;T|q%aDqbW5eEA=*GmyAaJWn?<4fX65N_@U0E?5kpkLG+&lH*m#}iV({~v@_
z0YluRWW+T`SzMT>sP$~leZ(@nZ&kSS9IHNjz4VNZFd8Vod1-^$C-<9ds5uK(!uJs7
z(V%)UXXW38FT0bP-Nw5u!Tlzgl0%gYOh~+1hT3>b^jn-$e~#`=l{B4?)Na;)f97Ph
z5m>t}KvkF-=`-p8-2M<4DqhqI=pyTZI!K9ts7Cyy<AH+XrI0E=o$CS41^qN6pi%v+
zZq27c?gPK`yei`MQU_owBVja@%Q?}J93{g}N&}z(yHsS^U=(cbvpSY<R89MJ*siFf
z4*wwIu|w1yLTx<hTm0Xz6sKaQxu?$ux~;lFt@U8w+eABz0>C_?7eRp0YOpix+(jPE
zu0je-3s7Q%ICR9JL$v?>`Z;-`E)M1RW2(~2?<;X}qRYU=4Qt8<6w3rAhu`*-&=|DH
zUayN6G`k3`b<LL0cy^cUX7|GfM@#0c(uzyc<9}GmS_MrbmK~G(G``~9fPU9rERy_r
zmZt?0G^A>37MNN6{oxl-&WbqLH27Q74_LGvN{eCxVs>BYv&yT+k#-}1h&Nc9Q=<wS
zs3)M3`Y7Ld{}k(;i6EK?^ec1AjPNwR3mtpA+fD85(79X$+9@BIfKIt2O^nXUwBjgz
z<3U&n6oVyqn2VeN+gcE?8z@+UDIylKXo_TJ1~~wIg7}@2(2X{aw)9NF7JyPA&=rFl
z0jdRuHe~lV)ou?J+n0ZnYZTahsncTKAS6roiYOcClH+o6NN4FI=E6mHh_tY37$*`%
zt0ACXG9H1TR$wN{xiPgfS*nTUj%$i{SBq~l^nIv@XG1T}(`E1$)DSpIkz|`*7D$}a
z6Dq*^1rAp>?WF=YB4A~Z#~G}=LZD3o%Yj*s$X$gtT}nnPKa$JBU5w7{$2-9rzf{Fs
z-t6i_)D}ltyCCa8`wG!ZSSf7|FsnhJX^^Oj>skhCHCcVg(a5GyxpQ>m=6W*+wyg#x
zl1QLfahEJ%45D{O<{p-PlMp7YZ$<So1zp}U1N_AdR)G;^saz=S=5-G=n6yj|wj7#a
z4*^r|OyxL{wsjB&Km5*$qe%qWL`9#Wv6_H)U)J?y=kTG^p*$3_U5xyJ>kT3@&gN~f
zR-}gAC&LBRTf^zh2Q*OLu-w9$BDxOsHrrT9rkW7o;>TO|6(X32ym}Nk8tim2krl4<
z^pVH+OB|Gh8#gN*D6c&;^MunNb}Q+}*AJ|Dp}SM;N3sb7=7E#{Xb8IGND)VH4B^K1
z_ry`Gsj~pA1cM0W{rm`Y6EF?-d)8$wXxRAz?n@DN{5B!+j2H7&Xa77QfBhz+i{DC+
z|E5P#cuux9Er?o|Q<Y=jVoe;6CVj1J;8i9m*RcFvzh<7P^8~d-1T8&n^V^s<zEFHq
z0u3g~yNAG6?K;^_#JI-<mTBk(K7x0MIhQur8Ps1odj15V1(7Mq^zmbZmWlSJ>XAJ?
zME6K)q9l}x1p`zAZxH1lO0!_V7vG{2xvk#LDFf1$Ng0YWYy~Z1-f&0@KJWowognCK
zBhCo?hG)Q;5sZ(W51k<j^!o9QiZCAbs1X@a9&l&Mik^C^JYI!9BM)|CJzpfz*bxrZ
zuN^0Q5hkb;NpwmLbd|K-mEZ|i2lnMOh%>%+T^z+H_hU&`W1R0)#&O`J6N;}(Fhca5
z#Pr4%dR&}bJVLe!PlLdX!LH!K054a)@-Zgaz(wm<GZ!N?GL#?IUWtV+)lHwZI~ltk
ziOFa{b9F^B`4q6u5p-8z#&#V^y|VU{h3k9Wcd$!~sJ)#r<(tvERk>6))kxso>a4IH
zG%lK|5<&ibhGQr~c5j2$f!+P#!BiUh+P;hE(K%-PiPeyC?x}XJC#qVzFa$IP8-6WT
z0aYYbz997~R2IRv4=f^bEPKXs-q5{=rWZ?1@LC$NMiNZh?@{7!NEF(rZtXY$$DNfs
zoEe`xh=L-l7iPlt$BH_{^yZ?wCWvYDkAaIFWwZ9ozQlg@ZS##@&X4UXG<KBYNlSiF
zU8Ld^C$^FriFdCeF;m**n)VS2(%-Ix|Gss*9f%L5eBmZ<7YQu49s)en%;BkAH*6CI
z_vE2NM~)Aq^FogY!GWiGLTH{_TWqW`b9(f2o?-n;tOb`p@zkCXa%quc3w=B%ixJTA
z{iI_R-W#7HCPYMXK!X}B&k|RtUIcZtUXrNecxF<u+NKZBxgugxrXru&(0N5Y6pK`H
zCu?msY<uYgSB>D>E9jK`Za&8MBZ)^LFdS>oFM5fN|InO?-1y^MBaDzW?ePZ|`dXNC
zEu{^o&da+O>Z9oFGLDmF6n4x>g&Q*lTxnII6gZ<7V?pxi15Kp0(!KCaM#ob{E>LWb
zD5Bh8FVIKJyNai>p{QAgM0VRVQkgKXThynV>yM@i65J=M!ukB1YdY>vY$G&*<JJe<
z=s8C~1pax5)}*42l>5Cg7iHP03HS=(=wfT;vPh!Q-hG<Ns}8AaAQo#3yY(qV5dS*C
z3nCYZH8@qO&5vb@-!9-KQt6fVKuK>hKCwt0y??<~6ki{M-PBK?wCoZe^ZpRcz`erM
zyIS<bxAV}N(<E^<<st9rvUb5!6$w8u^Vr6jFfs#Q{_f@_j?y-Ak|3E(?37O)5>X!u
zL|6Ed{+>qtHSD`h1Q5odFJHt0&k?2e$j9;qyaQcnlRq<EQdxKne|qSq1jrN2YDC;p
zyz{x#lvvH8R`Q8vI5U-Jv8D{@mu2{@8B{hg$?RE)<n9!gPdi*wDtXntqRhb%#dFOL
zI{i@ItF;I}wFUQQlTXFQ=TNv~S;Q=2xQ^-@vTDRdHOG`s7lM^wVT{PsO9?Ha8QR78
zFl)x<wP6s2w9SbzyzJ<_rZwB4Fdn~NGH8=Crzb4U-}S`U&?DT(cpozl!x^z1ugcx0
z=9zR3WykNcd}*2w+ZrUJVc}zVb~4I<eOtnGn`EJ<$A0q3oRy+X+{b}~LesseNXZAw
z#gy#(sSH0*ZWVkAjssL85Z`retth!7WzGwV4tKuRM9bNhcbNO(BwkQSQe#~nC;K8u
zznrkn`0SeHOpA<_PicC%%gcS5qM^8|#TQ5bTN4IJq?L%{BLeb^#ywwB>!6p$@dHO0
zt}h(L30D6GEdFPfLZ4TI#6`kiIK2{!-;kX(Yqn%SrxCRuI-_-WxX(_O=y6ZGQbs2B
z9TB=k#9Udk6_2u@wKHy>b$t`!BT8XkE^?I@H+k7Y4~qs~1*n~iD^;nObt<VB(>g0w
zD2;!yb!1vhu{EkN0mYh*>Qz=q(IAi*YTjd`Tmk>g2eRgeqn}+{v(O3mrR8|)f#oZH
zA}4j>yzil4N@-Ty6Zyw+PL<}zGsAN~nbKeA0w9bp_7!{9wcy#++1|<LWliA^rzEJ0
zR9h)Dw&KEW(gzq6KT|LJY?nIgcv>ULteG4?9#L73K2ZNEtofl!Nr%r)O)N_d{r%}J
z!!mPW65XhG?aNj}oIjLj?S!1UiaN*%sI09UrP>}Bc90*B;cW8nY4bk08TPnL`ElH2
zQ|U)4YaX>?-u)S@CB}o!xuP=Gw^M+{Uqvpy>ugi({Ab~q&gl8jAA)Pb;qy}-2|=mJ
zT{8%h<3nRCeb?9KIb@XVH|I41Bw3agLQ?NXguXdEKUB=;X4@FX#2oLJ{ITMxRK76h
zV^VL>Sx@<Lsm%Pij!$f3G!E^N9@3a`7FuZh+CjII2*P+hA>MBsKZSphK#=G@ZMA5L
zedTiFM4yIQxJ8ijSWdHTV}1JYS*#CM{?h~m-wd2|N_e*soQExqL@Tzx+3Dr5VC_pd
ztOZhLgd$Kn;mfjgO>xR*t;8CQX#2DnyW-;;GSE$_4wiaKGNY?fBUk#)9Gt;4gf8Yc
zZ&0Hfi`5m~Yy9!q+KiQA?+hLai+YySp{+c|TB?Ayh&|;MMNyF(DKF25?;v!VBvx>Z
ze-~9gn_-gwZtYPQ*TXhxk-(Q>n~KI&m5o-$pk$0R`%d9~=CN9_m_;OsIz_u>rEaTw
z=Ih6-=#GXrPzz>Hg3xJMxK`3SY%(#HlrQ5b#uzIb_=M4qzA1H45_TTdW@XG&U3uv%
ze->_?a=62+PbWT6VHd^Dt=8}JN1VbIiI3dX*qKY8Wa_<jMYk*EyqS8coXiCyAR{E{
z@7=kcjo!EN?xeN#Y>yYb;x_WmYu&vUk8XD0bF-C{SG^p{3fo1OdIerMnq=pUdTE^4
zyufk0eTGA7PiQ}K$wYz-ExTJelh@S$bK<Ftzdl-B<PZ;7ma34{i~d6MRkp-T(<*;0
z-Jjs&Sy0e4BZvg)4~0h56$H9$K#@(BI>doKGDREHjNGEt?G8d#+^YUkC%YtOl8`dQ
zMvy;7A&F>4Y{3;N*-g@zscvnq)WucXO`^=I()K~o6;N@D>+n;(lUbEN95cC$R=~CP
zi@V+CO49~UWri9Qk^55c-0Yk=q-kE?4ohxW90Bgx`xPs5GIjb09>Rr_Uz9eW5d|&(
zjdZ;ZgF)N8GRsQ;_g5%<;~YMOhEm3~eKw^q>g#oU*E8jf0Lw_m9?T_Y$uu_0nXc%t
zgv9qB#66?Ru8lv!9n~A5V3BKBzf#rqQERe-1C4>6aIvp6GPO9B;-^|Lxz{WOXUf}C
zEd#Xfj<wKQ=t+pHGMMF3+?-@A&!FE{Xc?Syr93fHasEP2YuNWh6gTY3E+Q74quWtl
zyr+`IeR8u|n<DJ<TW2D3)ntV2yarphlr>jzH)0Q~zL}e083|r}Qo~-m_02A(aay?9
zg>fx)-uQf2wUU3*r2I5rYWT2YR@=}Kg4aYZ+6FT(`k3z<bsrq6?I5)fEly@}sbV<U
zs@u7ae8nx6n#C)PyqS)Ks*;`V3&oUivqiOoWzlUu_Bzu}50e1k%syT7kbTN#<*7)v
zVs*H^PN4Ac1P&~n?gNpYFCsJAi-w&>7oq*Qb8zA(f?uUsFy<&@<h>)3oTIY}v%HNC
z6L~|!TBBPV&ud0LS|z(^8Mm`55`uq+z*_Q9Tt1b$@$}&(zvM>pQ%Jf_wge`e@0O2v
z2UcJ!Hp+UFL-VlmIu&zQ4sEeg`cpWV3piYeOT1kA*!1^<BOsVxPDe-RjKm^G#bf6H
zI8{whr<L0Bsf)sJ?b7(2ggF%2IT5^U1(y!k(O=8G_Bi%Ok@uCjQ^yj>A8Xx}Ej^dW
zuydMIx7Wf#$7;b9moTaQw1#h67I?$4Vc1sBp2_R6Dw<3Zu9~|$g~`|&z9GF&R@u)}
z<1qRTt-Fk0JT0m<rmAjX`-zl$8CJ1=GLg!xtO-3|%qMUokqmp>gBy%-C2B!i?R(YZ
zIBi4YIA86!fRT&ORd2!Q^TFt6OD@&pzM&4d<>>Y8olrMEfUhdBInnuU80oRtuxuhW
z>`-6OCA0m0`Kr^*vdba()sAQRy+JvVITxX*)0gHOBE#fkFRn&v6NE&Y1?Ka_*&`;n
z(zO|3ltu(#i5j=mF5G2q^{}f=m)Y$h#qdOg`SgpU^xvmD)dSnbh)-lO5cKOitMIs8
z!AjE82shWI>))csGqivEks#d^V|MoVT>6~evtmdZ8^%O|e{S+jC+TM#1X&UJHUDKE
zy2xl}l1?VhUR}e<3VhALEDBSNv}cFaKNZLO-@fGLuy1qKpG87^6Ss{X`v`8RYS*d>
zKXp=<Y5jyqh-ht-Qxk3<aI?MmQ3i@YF?eP^xs@xeY-S%`-f>z-j31A?LSm!65G@46
z!7?kdV;Q)OjYzynd<(U94^@)ac4j9V#T3B2gLmlBY{+I?LS#=a9CAlugiq7PMBJ%&
z+WgdV7das!@M`;q3v){K9w*B7gsMq9;rrVe&|CDk;C&q^H1kg0t6yXsWj&_c9Zz9V
z=97ur%K9BZC081U7NQTuzY9ftfmvZ{V&%PaRKjSSk#+lgMx}+f(a(_Ii6EwDn*API
zoIb{hsWb)&UgX}A9_yPrpx|qBy2jR_ME7W1GFKX4v5<9&#aeY*dLT@(i2gT#bu~2{
zTA)y8N$l6s^_R0jwI#<|PFT#eC3CEc;;4%lap`S0Mnj_Pcy7&Mc<yM(1)%xm8kMW|
zGnKo<8aq{#gmHe-W7_4z0~glF(}%g5yusPIU7eb5C=)7cKM%At6B6~jXq)pfTReAm
z^n+vQfW0#S@C5^Ppcj(){(%%T9TO<kJ9s28F-^|wm@!!lLQNW-+65MQqro2N$O+x3
zEgACBC~n@GbNqmT@t~V=cf+3EJ)Q47V^U_<)_-*J%a>wr+y_}VIze_)Howx+`ekr;
zy3z7ESJo|=?atO^d}7OTxtY#nD_YzRyzi0Wo6&oGmM?&>e@v;^`MB%X?q?>^Dq?68
zJvWemH~_r%J{9rn7I6K&k_-@d6`r^Y;v>79!53^f(KrHlinKrq>X|E~!XbrbO~H^)
zNj;w52Fg+pq?wuBbFk%p1&V1GNO;P>K3`5k<1ABdxe1r*jXYn=^d}%D_C#{!L)NYX
zAm(6h^U9zhZvMsu0MS?A_t(nMe`m<a#VEQXx$MF|yu>kAFXKA(56Gp$dOZ+7=s2RL
z5HdQ7c=^fBO{lzF)l=ky{JF`|)Ab}lNsN9vmF^fIcuZUCi_9}E$&s}aT)mYL$j4PK
zQo>#|z*ihIf(&$dUsmrT^&+e#3fEDO8TWhguHTzKod@p;vsY7yKx%BI?Dr`XF%1Ah
z3@_5{j&1DJM&}yjNezjTMPpYnm%&-w2^z!V>Pa|~j)ja)NR5J1NNjQg62tv5<s!H7
z1ItB^4-miBxfkm^1G#G_iGWrwfCIE8p=4@`-e6+L5<#WZ{lqENJa|y?@UaKbw9)4|
z6U`0I(8_k9w)<d1CLQ7S12hpKR9f1nR_BMrEx#O(w+1{6G!IOsR}p-e(aaebXe8i@
zVM8`2utpW|8MGT>oz5VxZzy!lFa7*z!*^kewj^loJ4iU5+A+G#AB8(&w599H$%WR;
zH^mU@e+$N&S^#)<TbrT~3}T?atM4Im+{wG$7liG`8yW5}`pGVB*Jb?i&0Z1!LT7sp
z1lf~rha1VD-|Iyd_cpg9RgsJ^B@=J^4VA1SBM<YH8n@V1RWC7t8b;}w_j6bUM5Xez
zZ;7*mI?k^T6Hhx~ej92RBmY(p=q_wC+<nW)N3>nEU;ktI2bHKO@7|oZSEXQ6+Wc9(
z-D3Jn@iybl9Ta-vG_~#BB4wZsIm~#2_08c0DT~+ppd6Cpn!6ajEY@2wf4HN5b#Cix
zG^Pz0wrG>%3j>*z&b=Ab_v7)KNJ#te@r7Kg!Igi*>r?Kqq=Vcr(Qi2Ow`Vn=uV>;u
z=opRi9PJWm<#q1Oe7!&lQ11EVMw{TVadu<+OLraWmjKkeIYmC>WrkqyU?UN_5NhWj
zR9-TKs(2p9W!ZRfHxJ<X<!MWlmhppA!L%k>$H~qP6@&Gk17OaL4P^=m45_nHLs|N+
z5Yxq$j}`*KKLjXxvQm1<o`$!LY&=;3N?maPB)HM`2>djxyzn%!7wM_&@Dai0wc%1C
z6i*rWErZTdBG}=bymKNvI{~`sbX0h}x7e~Pa2;K5P0-#7dyy;QqXrZIR4yl$w=TYL
z^3rzk>$VZpwAtRE-2vCoUVd)l#5K94xKs>1_H9F0c%lI_{*-qB7>FnvS=dJ|!g1R{
z>TuzHyTKnsLr!%ae1dY2?fAWFpt}^Ns9apmTNCc<eek978ia`2tPE|EX9v#~DGPpY
z?&t4Cl}*Lcwoh5kz+MtUtgr&cS!zGEzM1p<>IIfWNvBGcsv#6Yl>#(;wrJHg#1IdU
z7prjj!p%pzIvKe>uU?Ux#`86<Ar2vR2r5gsOg4W-J*DYl_~f<V{MwO=7k@jLvUq<l
z{p$NXt3hcNcZ{PnSM{|5BzX$vZY0-NF#A%-zmqK=eto8(Z3ph{zt%?|Q6c4-(BzMs
zHah-zSb*T`kVbIGwM|zX%z_1x1rxMRpcWglD=Gl5ng$P26%N)Ppu&sLe1X}$e(KSL
zr+hd))g8W<_tz1CHiUGu%Wscz6p8@d0GDbfJf6c2H*WF0TkWA8o}9kih?=%sx_4CO
z+}-b=cu}&o)!=s`EO7VOrN<|F@3@{PDsK_-g|^&vh+9t(LWi&vNOk$7Q#h#76v1T1
zk|ekSM^SP7t4>$M(9kjKCDb`2T>+TEHCzoWzsdT2tlF;>4#rSYkt%3=FaflI2&%UO
z2MHF<H$Ka+@r$bnNK*#f-a?vLn7z$~x8@kV`>usO@p3eP?J`I|S(9f$)Q|GPvY}G@
zQ~a}}HP|6?uDjqCMg?RiijJe_#{Ih?Pzc=Cylr&IoRX{>Iyryt7(w{xJGqQb&8L>N
zKk#2VKPBZGqg@57+-#h>00GTVdhfT#WTDk~MAycSqc_)7=dl}57xPNmgM!HW!fK>o
zAbU`|klZ{JhyLu`^jPHg>G~FhH*-_;BNXFea(B<Fw-MmpBuM2Jd6wvolHSVy<JkIj
zG{5DQn-;BYOLiUPI<QWw#bIx*f_U5u7Ck+y4w%33Z7@M1yD^=pdW9oHBP!l*0Zen)
z=FdjdD&s{tAs3?e0F?7gmzE)1C$r5hlqWlasX|Ix0!GDxC%Ug+WuiL7$X`5QDmb9f
zcsQUF+~|VH#Rgc&PD-EC2VQ?bPc2bE=&X1}#GJDtTNO;k1b76K1CV=_>?AZV-x5rW
zW8ttsI&KV=G9yJj{ktHOJOXAwE?=Qj1X+U6@xwyOEsr{HeSFl@PgL0}?+|UwzFi0f
zmPQu7HdD3fv$ckST|{mqX?}nY2xfH%C=l6`U?|>L7#1I-WGrB%Rr$zUYz6%P$XLYX
z-W|YP!hq{MB)4e>^Dk~+WMhdCZHi$zTWcA7|8(g#2oHz|MuH-ko06BypfP-5X*(=3
z>N_mWTGYB0Pc`eHpu@BT{!}09fwoCazL5)0ekWjj`3jA}iC9C=*{>bv#$)awCvrWt
zp51Xz#5nf%C{XSN#6?4#M~b9g{f~(v<?N0pZobA=AfLgFj<IIFcFmRTf+l@{q|kX1
zW0)UVAOLA9NSFoIB4w7z4T@DglOU?PAN@wm+o#nfz~xge<7};RV0)Oe(vncg@fdG_
zPEF;%gP!3S2ngSn`cAXn6J|<{OB48hs;wyA*SSBs%5vCbOQk4`gs10_A%(PR6YI2#
zWK18J_|dRKjn4jadyA|&nqnsja$Uv77ph~EPvo{9ap!3ZJ;YmraF-BWOZ3#5h`%YE
zfrhXcI&a9gU$&6Ea9t><*CYyqeHFv1Y82g22@<JTMoNN0IMJ2JvQ|!BFr{z8y~<2^
z)OC3N)-xaM?HA#nF)?V%)N`?O2kE*iZ++cZ_BeH{-S;J1c5m)X=_z;$4a$P^;Fa`Q
zknQUz5X|GBbyPjBZMO<!E{^Qt5T_Cd7HSf3%bk2<#Qa;RdOM3ih2dL78NwO*o3UQX
z$E$r0{^;2+FY_%Pb7vJ$D0s|_VQ)FcE0UaMqstdJ#q~moRa;SMd%_XKA<w`|Q_ww*
zye7TvJ@MXp7f6|Dg(XSG-`Wp}tuBmIe6h#qIx~D{<<vH;E^ABAA43Sr){bk!ZeH#k
zcXeHjdM&tD2FhK&cSAuniW&3VIwnVT2pY8<BTNK$P3QK@Y{ts<2|n%pPMI^prxS|-
ze`RaBKUv<R$lb7Tw%o{^kkWx8P1Ti`u8e3BE#F<-y*#-=8OD|txrqc>qY#7NsCd6^
zZbj+c_zfb+qd#LLMQ6r=l2zv*4s`49rw4rz!us%D9dY~b!yifI<yqzA9!Ircg=&eu
z(H6xx)tfh|LZA^#&Sxvh=1RiY!?_8Aat*65Bsv>nrz)gI()ff}8Er<tn~8nlShv4-
zYN=_UFlH;A2#27zZAYyDkLAGAQ?ABZxT`8mA~$>(t>9@p*zEz1wn(M-Tn68whFAj6
zAfG|`5++MtjB8ixrNzCX7%lc=s!LDpZYo~sWd>}cPef57Gq@oyWNJ2Yvi4{IPQ*b!
zEArxY;Q9?EUMkM(D#mU|!7qX+$0NUcnU&TX?u|y{^Vni<KBs#XcB~e0n|3e5dp^K+
zaFCWEdPlNWbQC0skFevj-sV3Bf4d29+Y!WCpzN*=@BSTy==K|enAs7iX4L~wN=FWg
z!jt!W&9!d$#z&PwryCD4QVKF2TS**}dc2QHTZYi`B;f-hKRS)rc3s5<iZ^VRo(kS9
zYI}KDqdeaKB>pV|*RY33vAfYRu-C(h8BR%q;6fXc(-gyJ%+{e=|8OeEV;}k$g-(8;
zP~HLAxTyf9lI8Xwe`FY)5}nCfq`&hO2DYf9Qga2`*=T!~0%fBZ+l-q?9V3g#mOIKZ
zRCXauNvS)QYzUy!d0tzife55tdv|_NbZs5fjqeMe=v3uSuEQbHMA2h@+<6C^VF$MO
zx6=5xINaMh4wy$90by}jSRsQ?oLSv7!4>S@8k;}@)!>-ok$Pj|k5v^a7ya^n%W5O0
zXd#o}ho<q@r6<pf@)v%%;6_mYW1(eD62wTbvm`R~@rWdQc<{UVx<-#PTHJLWdZ`d?
zD)&^*tV+K4?351)y>J)!9GmGtoNJl+wEvFlC?=&>O|lB5gZud2%RCd)<!;*MjCtT_
zH&*4t)1~ank8c#%OJxlxmi44vvBQ;Ee)ua9%sOS>hP2M5>MzJd@qHB~W+K|8K;^yR
z!6Ik(8vvB{>=4;WvD2$q<9X7>2y_J%yYsIs@6UV>exr}YqbtTP+xEWW7D4O@0#dzs
zjf~?qTMs88I@NaA%WMV|U$`^iX$5@*)LedO%xz(CPhKSy_dOjKLsyuOMleZ<9eeru
zwsD*cj(EJ+MRUeXrzt-^jR*ZPl&}2usLJU917&6p8rSE)B@E=sHRC8kskDWNU+MK<
z&a*y0{KmJ4#GxKy6v{RVVfMmb1r34H?^b_#{{IO0vhERt2@e70BUx&Jiu(P%`(ovK
z2Xza-|K0NcYpi&J(-59(S*!E!ZnD3gxP1w5=IFj~Yxw)4_&;7Ow+wZf&=M!r|FLHN
z>%-O4J|T1@`ghz~|MdNS{f$R7fJIb3b^g0r{9o^ex9q?}`}EbI@b5?ZKVGa}318{+
z>!g3@FJ_4bSiUW`yp`)uKt(}|q;u15zxb1X`|JV1Z15N+Ols>H_=i`&e|(3(m|XEI
zAN`Mq_%(1MCx0jAEqlukYy8{TWi`Pde_yV3{#U+T+A=UI?WLOr&;Q$c2=GK0l_!~{
z#s8I2Nsnl>8l7`T{;zt_j&IAw6|+F!4X%0FA{*o;yK_c4Md)o<*`7y^W*fB$HeE8r
zL$||Vp|bPWwEf*wa;j^O!@Uu42UU!<46@4pB6Yxxn`Fk6w9f^fpn{3Unr5)X-e4gk
z0vN{!0ujP(8BX#Z!K)fTQ>Y=_EL=^G{O@fRL$LwbOkI+5CtapRYFxsr2Q->G#Sa#e
ze=#$&v;x4Mgx?N&^%ZtOl~){Yh_|}iB|Oe=od(eaE?51-MobAR>;!RCAk9F((*p>;
z&N?$$%jN?hA1wMn+e^>bd~O#2xQbK~q){gI<l<xucPbs-zdX6R!UxV3NAFkpY&UL#
z9cPjN9KLkZKiOx+LnsCakm-&{eoYgw?s-W!&2`5o)q6z&$=d4QKcuV&jui9uH^}4M
zfo5j)wT%SESc(AQSRmQK21MCPV&jl<AA&?s&%0w1YJxf|C)J>15GBG|DEOpn+mMRT
z;~;GoG#M^+OrPdnB(8oT1Blj&WzN#}W^q|va_O%lwfh?JS!drvniie&8+iknYN-wY
zyoDh2NFc$9nE>U9oFAHp4ZtXc$`Dw~0z|6+q3wjQna4~+!|L^RY5naDzy(6lA3c6Q
zY}4?O{xpI-kn}ExfIy3ELF*?|TaF7qFchJ7k>TIJA-wrqKL81j972v7W#<Er(gB=Z
z-?J#Y)&dYBlmuURA|nw+8sk0QW}~}xDmilUf*fLPdjwpI4#R96hB7c}%eBSK<2z!B
zP!Bl?Ghrv#rn<X-dzD#N6F_J-#+JMRu&Irv|9&Qf441|QjoRFB2XPQL=`TNLpczd8
z_|IMN8~DgK_g|^C2D1h84KSu5tun%jliE95Y&%Q*ak!)jlH6R|DG-`*1y1B41kWl(
zs6HTeV499Mi*P`UmZ@&(3nqE5v|K65+;wnvRC${q-Gn&5!ol4aP-OJmTYW3Q>+ipI
z|MP#2Obr=<xz92VAi?&fQNWr`xPpK!-ntyh7Jb(QjDw$kswY887-T)|07VG0Q~=2_
z2zu4U4n`xz@Kqph@c<dr1k%CC+FP-0#UND@X_x$-YXV>|Ik=dRfNQLhJH#@WqW3cv
zukQdSX98lNqew~5SY|7&5Vg?E-VDJ(z#tVOP~F*g2eX&P#ETn#dgxE!$GzdVjqpK{
z(EZ$($Cv65eq}LmAqMtgr=1kTnn(YnnSy8UDXqh$koHe5a%77+Tq3QeS?Oq6a|o0&
zuJJF8K;Y#thzC%X9)1ik_?hm)Bp=CWOYSo$+x@wVgNV<1`Nn&pnk1NO4N<g+M+>25
z^10L(LMLV{AcwKpNx3Gl2DQ;c&_>SU9Do*tR4>oPnfnr?h-6<Qrx)Q|1xI(wH3R}l
zclBS)wwAq_arUku+ABpjJNgUp%=091OgKl9!^Jrcgj3=Md|Zc*nztIh=^$A+OSdw&
ztJE5xfTfW)%bsU<0L^sL!x@Y*>X8T+JktBUb6gUBzcWRS;Zrc%oZiGgd9Q-}%cajK
zPW3qAPmq8XKs&!C{+rnOFQM&7Jw{1*IX!Y5&&YS<xj8rQ65!cEpI+}X$)aZ{*_Am(
zDRIXJRQ|IbW7ZINT~S;uMOuOfn5}F%%_W^t;ywVh3aj|%lJULlfXOJ_IlO--)P84d
z`Z<HF`NAmh0hjlsr@oXvyT_oEMN!ir%{PkR{S$ER97g!ch)Mzw972MrBtR9Lwb`q>
zy&*Tz8_zg7Jwq^YHYb;&=-i{tp_)C%e%9><;;VcE*gs<^(!;O^1lETa5F)}%AdwT@
z)d-$p-r|ANqjpVYBY+Jv(56@;RecNeE4)i`F6mFTND=$pcu5x<IN<m{2UDzC&^|%1
z?*sliw~FrzinGC9={0?ZYaPb*<<>#Z0E#=RFP{$pd}gLu2&V;$lv3>sQQ~YO1NEzv
zhD|`UeDzjc^#Rg(28Nr<-sP7<js*1dAl0~GqfU!g8Gn!?kWw@VE;3b@Gua6$K~ph3
z)A;TN;Pi}uaTH4900-B`*uRhuCxu>}M}gVkn<Vex2K;Oib2}^m_I54yWxXp;qgs(_
zlFx6|q@QKhJeyc<SDn}ruC$u=<7tWnH2Iu9SLL~@t;*tW*|C0A{KP98HmTw&gFPTZ
zkPnR=P16{qXqssG!w+lV+J)6BB|@xk(xzR+qap&+6fFmty#q*9#Uxzx(}U{mmSHw^
zz4ozSB<08^v`X=?tR#$Dp8Sv9u}Pfm^mBL6HwUr}A&K(@lxxV_c#4#bZ!-rIpAL;(
z`~f{uBWLbI3CBvB-wt-Ww5&?W<HYh*;7zy}G2=AqJT{gl0ycYM=R@W>@9wqiU~zqS
zJx<QXB_1#1dXj5)wgH?^MLI1c#w?^_b!}e7Z?<(rG@uS{t2Xd-#$ow8y&}(jen88Z
z5lGiB_v_*0EQt2bn`O86@FBIa6I?ZMRX+=1;fbRUw-G`5mebW+M6B^p1`~i<aWI(3
z#VUW1sEx6kbXkywBJAeYgzD$v*gG;?GkmO7X?(!r6}(-){5(c$P}^@ovUeSL1_5YR
zIclE$t8|%(H(W(p&qmS-v&--=GVeudoQ-70kT<uEo6?6X8;@o#S0vz}21$4K_(aCw
zQn}G{Yw%z%EN(f6II>5Oe!oBb5aGec3t1=*hW|$tK^Ksn!faXoNUh96z#buhmO}Ah
za`W^hw-ZC>W?07+@I>v0&Eppjd|utXIP<hJ^}L$O%*-+@|HDAFHrP1bLTy=T<on2;
z$fangsf>R}9X)TH9OKSTxQR%y#MMWkfn@{g5$<<+klcAnmS+JbbQ=>MF5>qpKJwc5
z!KJV6FXhE`<u2R=4IT)Nht&9kz^Yraiao~-?)7C;pITM=S%w&HAEdB0O1U$RGRfG5
z0HHAV#GR!Cifr!>FR!0|YAq5dJ=qi)SsbH}_^nN@&PfxYxat+T-^gJ0d&sJWH)*A!
zg*wbvVWX$55j88H1D>}c=1xlu+lB{RYd1Y!V9+PP;N7!*E?tAK?#Yyr*u}vfitV6j
z*7`}<k9=H$UD{RV3)Hxh34r<!hY448hz-4uYBwj%^i%5jvHeFyn3QuVQqCobIb+6k
z^;&myqnk!&OIAh?AVf=0B8{U<3O~HN$c&;rbFJM?kA5lzVt|?bcZvJYx;@yOt-3Ud
zlr&m`6R7}X?RQUUA^!B{tfp&~ch@GW!_AU@ThUVRlB%Y;RP(R}<i>l)_1SB@`mSFM
z0(Cprm`(B@2?hCO|1^{ek?X|f`daCMz$p|IoJXk7O~q)Kl5iA9k*Nh9Av{3#z^sAd
zt~Au$t(w1N4|$0=7f0|1gc)7l%mJPN*8!13VFF^uC)W_Y1%Q%T4<_~UQe(<cAT34+
z?MMOd^MREHM_4?OZU+%V{ADG!$;lPsXu&79heg{3p>oIldAsbp9-s|oYd@e@^5>nM
zOJ(zj$BNJ`qG`Gi&fVumLeXkKZpa`xHvT08opRnQR+nRP@diPJV_SBPAp0P48@07u
ze-gkm2q+D&tD5CJa2%PN*tkWQu{ArW({gPCBj$TfCI#`;<U4#{+>YYg`bN3{7_ubQ
z`p0;{O4Ch~>^xdD<BA<6>0a4&h9dGqvo@i;g|8o85So3Y?nPo)_o{1eX#<<Qt9ia}
zn?J)T3i%!u?fe<dEy20oh$k=;4luV*TK)<>x_sEb*=>r1lKnmI6EIT6kZ5qx!=Y+^
zym1x@ile$`odXBMM%sQH`=h=jqKqFLVC;T~zW$Pc@+Cyv*-$$B5&O&sN>M)!lQGE%
zA&KEdrlTjto?mRcd3TT0UirAN#-MmfyTkEN(Q+M5DMh*a%b}#A3w)N!Y>Fl{Hr|fx
z*YpiZrv5ApKGPF=z_qCV6*Wso?GOmGbz1zuoSm_**xQ{Y&Oy^k!gQrvY$Z>BlmytB
zC=M2mev`S-Ida5^`&R;Uf_i+L1w0^3+9jC9=bsen+D%r>LY!bQH|NOIkmQ%aq?#zk
z8&T9Ida&~pw$ZecISwL}B_R5|fA-+qt&Z5+8H*QZN@hKA=PB@}y~HeD?(QY2HCz7{
z`iPL>NAZ_(g~@BGpak0bAG9IxjQ5?V5*_U$LLS~40bAVN*%qM!mUA23RrcSV+yXb_
ztHlxnMn12$kq%^>KenUN)TEp_CF3N1*CW6nwk0pp->IsG4@cEYgF`m=1j$RYrPvbC
zl1x6=f<M?rzUtv%{S!sMbc&>Xd2(yp#?PFqFvSI@0}QraeU+rGV?Ce$g%J~9gL3ui
zwJ7R6Tg1du51h-96X=SQe+-Y@E+tF+HZ;F$Am=|Z@VeEIZus@1l(w_#A;hr;+0O3k
z^=frl>sR9{o)WpD$NpS>zXq4{SY5K)DA&C|un2YQ060c+d)i`4(rQOm?t2>rc%B8>
zW?8*tj$2Nq-lFB76Z0#xe9NIusU!BbL_AODcR-6iO0GBfjqpO~AMg9;2maS@-Ri_-
z3u1k&-+liaj$d#5XLJg`$=#!XvPRmGOsW6ifc(m+{_?iunt&QzI*(b1`?t>*;lzgs
z@|#1s@LxXbZ{GI*_=5&mlH1%FrX!{=s2Mk5rC%B?v;E(nd5VN~m{+ZNohpl!VAs<n
zpH=U(<=+qOA7A(8l{AckPpn1Wqw=<Y2eO0}YQ`6o16@V`_s2k{P7`pnp9<bzc-f!v
z?O%QiK!Zxtjr~Fe{U15t-=bH@G6PvKP|=>xVE*;vYm{N-NJXa^{Eh1PFY5-5Whz(?
zKXuH1d91&|X^q)oc#{>n^W^{L5C8hmS&smW%KloG`){j}Qy>}!s`Je4TmQPmgNTs~
zO#rADb;5mxZUdhn`@EZhdRjYzZk=yMsB(VLR%!!yKlK12+!7aSe*Mp5Z_G}roFKyG
z4b8VFK=GIQ(AGuMf&`K3Or*ydk|I!vPLbx27gAb#x^1cl6pQ&KAko|^%Quw*+%q=@
z$EALh=p;0d>xQyf!9*}aFoeMz%D~(RevPD@mw@bB5AGlgNY>h2?YCdUT!<M&N}fnj
z31i8%F$#(N@jVbj1}*~SW1zrf0=TqY>#@E6JP}!M@M?#lBLj;e!;IuAy>0IC1<=C{
zj6FEcT6f_f)6Lnc!@Q+HE1>esx!4OS%r=rP$8NQd-#<bpbOvEa6pleO91M8EyNlnm
zUZY9oC|C>-i4zEI4Eih)sp>Pg#nCGriBi2#DWP+PoOKCEOH)-;M$DjGy3%lEK&x0{
zWUn$=6L%ScNHQBY(!N+cbSV%}3`^nD>VOQ!h-8Qx@gpY#-$A=@^HSgq*Zb{nk1fIE
zgn*`0_Lx6!&eUOwI8nc~cW`y3*VP)t=C?`~eP92BIrTT&_EilW+;m7ULPYiC0Jv3%
z)Iuq1lKba}Yzpe4j`mwndQrY*l->mCozO6h^70JO{ttnFY*;|UuxhW*27J9qndvH{
zenUT~R<i|+Ak_Tfju(<p(>45wG-#*4876kJL?pZ$FyDkt7EtiwgQi;#5l{hgS=N9b
zCwd1geJ!>8`^Qm&R~tM|WE~`c09GI3n5){r532{6)XCC&Gr+{+eLL0Xo7pa>o1Y?U
zyz>ECfZR%ol)4!qv-PzbFtDFw4<l5%<TXRY-qYm!>yjgh_Qg7-5br6C`hv&S&r<ic
zB>dr|WGOBv*BEn;>&`N)*d{rr1i^L#brB)27Lie?^w!1dq38^ud>-YCWbglQM98_2
zICLbW8PJ#NS)wgWFWwy7N5qc8Ug87B_X?o)9}HCK#u9kG7X<)!HMOFFp`}Ll<@jYp
z^h0prCVg$c5?|RFnHgPaTyN<SHGl_)Oa;(3=$ivy%H0RA4W8C6gEXe;Odja^cztrd
zI0E<?N}`A4i02?Ltw+lFpw={8@m(XqSH?UB!PsO0ytbjFdBtMnCf<4Y?|Ps{Q0GrA
z!U~?q&dDPMzv<8+Wi~a8?n8+JwKwqfWf76+vZTzeV@I_lJ+>U-zLMRbp&YPCelK<o
zW!?{}sa#@l)-l0tKswEqs8gXOU3<YC!k#gs2QpLg#5)Z8<9AX;NY36SNl}$4cb>v{
zN1vd=+IFP;2btNo6{S6B>lIpEurbxfOxG%u3*tOSL0>fVrr;%Gk`&nsoT2e7UOv2r
zs0c3@ETB9=oJPQQaw8p@1<o`XtqgYv`R;7UHS*z#Z9bkwM3lhQIU=YRPiD3dTn6A(
zJy&KD#mqZ6JL(Xa`6TSGbNqA-|ARmD=XsE==btuppM<gw5k*8ue#?r-mVe962?k*&
zN8UFiGeo#2upu~1gB0@g_F)B^M4n%JFcpDTwKk7RymtG!<TSvj%yAalmxGyJz60<m
zz?f$qHrB&PI4<l<fi6`Cek_bo6|HhtN%H>=|7H-rj<h`Aka>9Bf>`ZUr$P_4qyNR%
z(A<6kqEhlu-eT=iXrX7y66e%6hXejBb=-M`*e6q<hF~7x40!}`xJU}I-9Y*sl5Ju3
ziJ}lvTl})}u`NIqc;9?`o=G{tHY7?OMqObH9hxTh%xZAnue${&&rx=<SULih+Frn!
zO1w2ys`Vy)yH@7O<2d#~%{Qql(_Pg~Q@m5#aFfjt^#~otl20C0LQSfk*y|<(j-qAz
zN;8w3dDlvaRcj2Fpt}-FoRl^+ZR(BU+aT`ZcisD{{s}FsOyt%w%{B@4lf@<x64MVZ
z80^V8tsisiMtFqFG(3I+?yA^Bu`lwW{C_qtPBzS(5uq-zP2$Jo4siU#UV}||^IlEh
zVLsY>vF0D5tQ9;gF?V~7zajLNCT~y<zUQRKL3myFQW02am>{sCs9i{jML6bB43SyO
zA$IJ;Gd!4!Bn!)iC^H>`upI$v{s7Coch2EH2zjc%rR4x$Uo#JTL4qYQO+utCPCwsD
zs!Xd(=J9Lg9%_<Xm0d2L^yv?=e1jlZrfVv+knK@6!94B<BLGC)-t;XAG_hnimvR+z
z?2JnWT&N{2&4nf}sK+;bLs|RBZ78Y`yOS?ytzQSzGaCheSt9d^jPMyE#iDQ{-Qmr8
z{#+nv96S)3=_^f`jXN07$iKX51)L5xH}2(=gdLPgDq}N|!vG{xF6y@KQJhh4mzypN
zw+_R9%-4nCe*NY~rB_f5YH;J8*`G3_|Gu!(%88+O-6L%U3;=9}JABwga~s63+fj2f
zPt6&cwMgcpRSyVYt8TtLLtEKMZ+jm}!&UVlcefhYnR~mms*;xs&AWMgbf#JHu`rp!
zNF##wO{Xz)Ju5hBqrT(JcM;LAqZmOAw$ZyR+*nBKJwfNW$uMn<q+5!qQS=8%kCiXy
zq-xg^Zd))FC1@KJs|D^@mwioW9u+N3{J2&|@I%}9sixLLx`Lg$=gWsvtg-S1agI(`
zBTpI#p@ohq&%|}W?aEX-8QeoUeEmI>lCm0uUp#GGoS+*zgvZDiA0gNZdWkc=7)KZ;
z2n{LJaa}FpLi@_jMKc}W(n}9yiHIKd;!m~6S=!<Mk<0$g4f&B*E|~X1>#C<%|4ZNw
z-Le^|A9mq`7-j-4ufyO!;o=?I8pqR{t`tYRYGCs!-BgS>z<?nCjOJV0epIl(1FCw~
zHZR#(C6$GL$QhVjnRhytuEj3FSt?w=>P=ZHle)mMEf;kQK<ddK9)Uwx?F&^?MZHI$
z+OiSF!mnV?U$tSnHcxt<Lsf1(apO`#t=_XEkK)U6&9vTsewq>#PeNDmUS^=l&Qw2L
zszaxsbO_IhdL<qB|K|e`dh(G#Rh>f%1J5oC-AlA$uz1`BpIl?S7~_^Uhe!A>ld#gc
zgdAJBgPDjtbg#i`k^1ydoWC7}T&D8;Y;>IUHPWnCBf@%hV(IsgYgAtp-|~P}W;@|7
z6A%VX;GBBE#=OxWZ?FwGkgRIv9HC$7A%Wk${{DOEApva`Dga?eGWx832(X<cI)|`(
z<NagU&rIntliVP?(_9b|!<}(ccoLftAQhF)sWA-W=sv#<)XPH%B3qTWqWXeo6+kWe
z{PgJKh<+*rI=_BNjw4OBcxvCt_rA2^jGaB)kdEF)LM{rUibWP(U<@!fXCX7QwF~Gz
zRsJmHz_hNPCO!V>$@8A?$NBIL>Dj__a-O=iXWO2~`d-U0GuqHUwtub2tq6Cs3CFIm
z**E*~!xJCKK{`nOKs2(b9+xG?%JRLzL%%^lx;wa#2NiCZaHF*tRldF+OxrAT-d&kb
zN@JU?iZ5|X*L-|iCBMXaB6zyK7=wBz-;DD=XD8X0{CTt*E7-bQ9PT%W3Hi~n7fLc*
zxX?IjL3=5$Ke|k*aUM!v+Q~T&eV!OMymb#&&%JGy=nLll@s2~49=Jz*h7NloUU7nt
zbA)RW^9tA_bOznFHh>k|P{W69ZaCn2@F>G^gm^r7<wK<90=3Fi7-`>8{J@OOZxdD}
zDPaZ+16+Nrq;nXu+J0~R0aHKp%z>cZ`K+(B__Izj|D4vT9|y8A70I^@pIdGq{%Ki~
zh8o*vhll#rnO_7og>9c7m(Ei*j<Y{y!rig;y3?LDONq5v$%)n?FQ@3^d%-r8kp)2o
zc8YszcpP=5A?c^m<ga<qe=e#38w%rV4S>v^i?syU-GvsM0z`l4`;{vYR>r)^P~<e5
z{uB}$Ynpeh5v94_1`K0j1H=D4(+W6yNZ=D{eW8K8OFQUe-|Q8VrKpBsh%zMKC1b-`
z1=P5#13!q0Hlkd8q{T}Uxj)<f^DO=rWW>)B{9rQ^4?2~WXvvh>YqM2ot&(4}_q$Bx
zpT8Vv(fEL=@GW@lztYRU`Om&mNDk>aT#5hr-u(S+llurziPlK>$v-2YfA}qco@T@E
Z&B+Jld>=kvz=MAjuBcwlyJ#Hv{{cF13`_t3

diff --git a/docs/multitenant/ords-based/images/K8S_SECURE2.png b/docs/multitenant/ords-based/images/K8S_SECURE2.png
deleted file mode 100644
index b9713d7cbbaa2cb1d7dc6634e8fef304aba79a99..0000000000000000000000000000000000000000
GIT binary patch
literal 0
HcmV?d00001

literal 130742
zcmd?Rhd*53w+4)uNG3&sL_|%b=n}mSB8V_Z^fCw;eTd$B5{a6I=$+^cMj17NsH2x*
z5WS4vjp03h_xHW`zVH1d`2*g3KEuiEv(G+z?S0mI*7L06y_$-`CGbr!2?@z1#V3!S
zlaNrjk&uuboI4AA^PFo3L_z|_S<1?)Day*Ss5#h~S=zu!NS?fpjHb{~AGt2Q=DB!@
z?EKXaR36mn)Y4BEQj{p3omXT@`SJCNhRwH&;gdRQS4rX06pv{b7)j|am^28T(<!3-
znVcLN2%_iM@>Bg9Q+Ir_oRs$&J=9v6HMV0r=uV;*P)VhDRvE;i9)CA%eb1!1>HY(I
zRnqI<fGd#+@TlH<5fnsm=5gjwT{~KwBv!{xPvytq-o#1nw@nZq6N%dG@2y^Rywtz6
z9vf}m>E$9(Q@Dz5KytN`Pdxg{BL{x$_9{R<Yk!OUzA9g=*dq0{UtvYJNZk0MIiVmw
zo3P=Sk!p=Qmqi&~SU)tnBQHYx!Zq<jyTXmu3v(~ccw#1ByoO%&Jx@X-_C0T=?uRl_
z|LCQh7mu)JgSs~qJg#u(^UGJ-M@b4>b$9t?AqkB)o*~t4Uh&VnICHd`$$S2Jk%*{(
zO|0CJ;)&w*wlk?&G55DrzM4UX?msCOW)*OYRe$WmAQ#W2(l2n~W$nj4E*MqH&&b<5
zW~%(!VxP4WnevM+fEeVC7+z@L1<XTC9%bo9G0_Q3Pv;jY&0Y;Y1ey32##H+RkMqNQ
z7qx#p!*^22gV;RgyZU*rl$e{eP0^HXfFQN}kRGtFVpR0)=sT<izj%MHYY)RmJ_gt5
z{%jO25jL=YYdKcGZh00`PfO0qeD53us{Z^iiMgLf++CeS!Jg1Ps#b6|o95T1m#o4n
z^)v6>wH&{q22m&y<*|uug{e+ltLOQL>-<8;@+A0<tE~3TQM>dcSuSUi9h{rZK3ygm
zVDuYwOEid;gv+XWy&$=IV3d63Qu3LLe(Xh$mmJ9p>Z!9uuDteVyFz)Ll<7)<G7G4^
zo}=jUOyHxUOL(%3WHLMjMZ?us7X|#)CmAZp3;b1H(Myoj7?V_!uud}G2xK`&@r>nW
zI_csg`46C%7m8V2f6{{A-cEL7JOA{}j}HubAcP+{<@Pt4oYz(<%qgF{MHj&RAY9;K
z@~s8I?ep>tFTY;4ZfssR_zEid#UcVWJeT!d=@)|t<v3Y%z2^FhimMO`qd>dHn)M5A
zG$6G*G-on`kdKSi#=kw#AmaetmCKj8mK^*{^P7jpg&am_>Vc4(^4^b4djtfi5$|2(
zD3a59B(|S#-`qBHVn1Z5y6R2pO^pj;lJRX)d!TpYLg<CJf$tmBO`=|GK5Y7G)p5Q<
zt^?6QGRJs51a1s1QW++(kr29srb5%9X-EAKO)f78#c3i8Dre079UI^Ls;J;HfY?&5
zK3L@{pcnQd_}%~Iyn%9)@**<~HHzSEX8xYk;5wc3tL2<Vz}1E~SL7$DwXUG3E??0*
zCw%VA>xZe}p4SWVp|>-y4qa7xxAP<9N6-)9J5-8EGs>~5R39A_@201vx2HpT6_6Yw
z@p!1po%UA!pMo=5o06OK;5R198|in{kZk&FWnZ?ww0xm_DsY$cZa9^ZW&ZP+=V{N&
zdzIh;$d7#b?jIe(9f~*YXX)D-HOL0OE<tCX52>|(yPqxD|Lj_9aM;tYPcz%hB4s(W
zHO^|<=QQWk=6DTA3=nhXH3^n%v80`G&1r~a#$;IfrS4)UYO$b1dERv96xVKrevJYA
zfJuK;Ze(_X)-pW#M)SqXtbxUm_M!Gc8<tVKT)SKidC-z2b7zc4Aw(ai4ofyn9#8hs
zCw@Mw-l)wAGeygPZf1p+W>(I5b;4r_0=!n2F_{>bgw8nF1Hv$#pjQ-Csr7pBX+BYJ
zs7$`hxs+IT7wcJyv8G&p;3VPP>*TT&-$U1%u~@Yn?Bu$XIN;r-VTz2Q>!6wg&Am&E
zGW1I{D12ThYo|Q%SW3^g#wYNY^-L;hJ4=&smP}m3yOe?#?|yMKiZv4C$yuX5c3YG`
zL-%-^Qcvqlhc!c+1Me-}WBAPQS?qIACXG5}Uq+^8W_d@E8CQu@NsU>;Tv26UWp{PQ
z(OZzsFN<5qVe1}23jP-Na5t5KcqS#}-BG?#WET<>{NkET*?3Ot(yT#a<$1?)3?hjz
zfNc<KJoMW+L$4Vp9k(OIEmVl;M7X2isB%1;i;s)-O6-c^i2m>e{NBifbF%1b5gR89
z$Ni~=88+uUR|W?@r>71au1ha^bbsY_=Cya-Fz1~w>&l9ksuHPsS;^pd&^XX5h}-$F
zJSp+nJ;0q}ZU?=Hw#RYcJa93qimMaoJ&y(VSCTmriEcODHYIZ<lZrcsE%A-`Xv0Cn
z=Y`aUYc;THZO`(<WUnJ{u$P#ZrgxgRk~cG9k&tmXa1gdHzF)X)cd4G79Arbe@XNx{
zEnctdNwWInQvC&)ndG0zy~+0*<{Ek@qppbDdGJ!<XQNu0n!SbkjdRnlSI&9T*izLB
z9L*mLAN<;CpOXqJdarY>he<KSfWe(@6ZS>BfAAYcPiD{N0_w)>*B@W8U-yb3#d5_p
z_Kwq9EwGTGP}(Np`;$~AR5{f0wEH~6WyUN$w;oDubUpg~rk&PMH@%Y0v}duYEu=Ce
z;{J<ICZ8|g^`3icpIedE8b7l+b2U-ePIwJ8@wx7^)SXw<H0KjDDl%v?E@oC`tUh6+
z@;Ddrrt!Ajv+M;;J!w5TEMdE7J9c{`bU5^_vX|NOImO}}5t!GD_g$Z6m8$Ms|Kz2(
z_B=WR9Tom0FnxgU2}*4+UQXd`#<GL@f$(On%^n_!r))QgVl*m18dM)0g14^4X-Twi
zv>&{<>v7i(KFU#}xvaI5Z&p}fa3){Tun#q8j2OrI8=Q;<F27su9U>yfJ-mAk%jr#o
zOJ^+SXXkc&r%#};+UK<bb>?Zy&B1m(6T!7B!!OG%F`0#+qk!BugKwJNBnfW`84<hY
z(4W?t%hPQZhnFgxCxq}q8z}KnNfa~JbM`j&rHQM^H2eFG<_%rt=<91$&uxqhisLHu
zYtiL*D$?B}ekCG2A<<wZyJ+`F!7tX4b{xKS(RJmXN%OUb;FaL-!KxD>wRQT7Mk6|K
z1I=n?w3O#b-<gLLSYKnJntr}6Oox~uZ_wxYU~2M>UKSQBs~3bCY;fMJN@;u_Bp$KP
zU|CR}S7>7_K*I!5m{mwR`MN!wU@Fss4KE2FI(fOResCW9K0yAPz1;MZ&qdkgqP3OF
zFDF}3*N390rSypgj!)M#Ml8$v^f6a3GYNE3agHvfn!RFPJUa%yqf;n~`RT5Sss|^J
zTAGqWqInNsViR4qQl29#o7tQ^+A4-{7@}&<Eq|k`afiB2<j5hlu{dqxZC}`&%6wN;
zfji8+O0o)r+pct9ygolzHkwk7UVS`KIr@3H&okQBb=|PJMtiShEkg3A_d9o;^>>Hg
z_KOFnbBsED5DU(DN!)y&D^YRgGX=5wn6|FfhamA`@5^TCe#~kKR%Wz8UDii70YfXn
z>~_ojp-}t@x@~Qi7ix689W>88q%b9a)=<$XtZw{Bej3`TPbf#E{Ys0NfY;J{8m-Gr
zH#S7%MXV&5NJ-M`@6zp6&V-CaM-|E#F^8LnM<`W1U!7s|dqkt6NIL0!iI2JEjPx?O
zUxl$%Z6b}uQiAcPdf%yRI<Mypq~A8kS<W`RGazZZZ+7Kz<W+r<)Mtq#s1o&sy2nu_
z=Hk~v`d^3MYnq<6`*3j8{A_)6;>JdC=Eer^z?0&=kD_z9egmmn{f$54l$pf8-`c;G
z07)>qrOtn1<Z(0)zQ<8Sabj>n?o>+K`?|6(3c$Nsa2-W6D3pW)I6g;08e~aA4jhpJ
zpPRskgyhVpw<Hw6Zz|yPIGOC9RtmS|Gyfcu9h{yhqb{qc2>ezzb%4Wd9WCsfzF;Y3
zflCcpYUnuWK$XQz?GQXKUfP+!dE5}MPP>puxQPLW2)NS=7B_^At)rNm<n4c*AqE_u
ze$9KE<zJ^bSxes5fvT~{+Bv{kgm@nCJh%-3v#_v8IJ`6yd;VDd-`#=#N#3?_a(X4k
z%j@du%Hzt<W9MMb`%qL=l=lH2FCQN_a0a)dyRFj;H*Q-;*8jT5Ki7E-cQkddeC1?m
zXUlSW-4`Zy&Q6lIZ=VkI-~ayWKH+Yb|1*-U<G-f`Opy1qh4&%P1K$6>Hqce#^jk4C
zOE<WU?qf>?U>;x$h_KK@iGQ8{e_H-$#Q)V(=YM)W6n)6|zq|ggrvGnOO-HzctQ`Uv
z(+ToFOY`r}|GV+u9VK{Ar~bc8@n3fS*SCP7Az%sK|6Vi*m{5AuOhO_}qWD-w!;KV=
zqj1xZ8*Sd8I9C(+Jmbk#(hJ6o<DAzGo5C-7dUGcQ7s85N**UHknVgZ!;JB`)_E_da
zY`5pyl}CPds}0n`?Y77f8lhI->L{EfysKlaL)1_^(R=R86IIoT7c}Hoq)ABs_{0A-
zEnCbwce?*M7C#cQKmRcFBjG(m`seEbt!#J5$lWfqzE6$$^W{!kNe!F-HtIPRwI}4~
z)~|n}mgB$rx9O0QRfqod2BnifoVzl~edj*MpqcHHQQKC|=iG?Va2?kd;^Yo@i%h1q
z;%X%ZgtF`~nv(d?Ki=Pm8tD$w@h_3tQBIho!IQOt7%N1NV^vse$*n%*I&Va%&P)BR
zTa#b6Ctt72j_^7PV}IG*T|-I~(sJR720pDO8G~)#M3qRzBY2OhJ8qXjM~Py-X_pdf
zg`A=pyu-EDKJDnQd@EPa!z!t-3{%eQylJ_wxA(B!8|Q9`yyqNuSMs4{v{2mv0X#8Z
znOpucuTNBUNenXWSxN~Kg`}3<>WLCweu%rr3x$@N!L1_5s<P^&+Lx*mO|pC>S~#R2
ztsW7ukCt)O$5dibjvm}KlC~KMN2?vMSQ@=~9?lcpD~QmXuJjXVQM&EtBj=CX-!(js
zf|^E->u*P)f>26(r9G?TQQEV=f|yYSFf^99H<7e)xZS6^m2+6Jbl$FyA0uHZb#mm0
za>h9i!A5Kw&;EW>(A@P;XK>C`Rz$Bazd==7!gCEFyD&5n`F&M1Gdz+<^R_}zi1{>X
zr%k_Z>t=I_b@*;JEW4Bu=_*GsY12dRevmw>jYHYGHjFy&9**p+gnDx*<gM+2;%s)8
z1jN(i2Hq`C>sB=0U1q|XXX4z9oe2j^X0>3@%$~P<Y+1g3!_yflboM1J<ZGCaac$U9
z)}`Xz43-v!JOmauir^(bKU_$x`Yuq~yJodm+02Wz335s@n_toHw9<M<JpMqv+`TNG
zXw6P#ZIRG}{WNexvOo?_SPjnf(I$3J1*pzrr*<yn4UJq%)if_Il`MrF9|r5`cWL8a
zT^sjU&ey8*A;z!8t9rgJw;VyjcgGwtBcv1z#+o@AtyyW$xqtt3zENeFyJ$F3_EgaY
zBO{29vb!#iU-WCW&Qsi5)FMP$?ry6p5rtZ6KbxQ|;{=xl8#B3;${NR&QL`s6YaoY2
z6VJ&}IUjK-ciu&fNDM5hXi3rI1roN^B%xmipYJc6-;F~^b&VUZjDP)g=8li)UId>U
z?}=Bz4$(2=ZsC}TYJ|a@Hf(dmV0o+Msr4!{^mAg83GrBOHrmdyr^GXer}QbWN*SsU
z^Po(YFjs0Yn)$Xy+#cF&8<?427D%sA<Pq6EEXUKGz1i_I<6d-$f!SIlaejnRil<Eb
zL<fGtSXysBgOi*wYNx!Hhcv8P?Wh`ncmmJpr^E!Cm4uPh9ZR~F^Cu5X20iqnY8zL@
zQ7+9nW`gY_-JEfHmAx@(XinjbID;>i-|)*R{DTMHUl?!XbGJR;M%WXam`nPErloH&
zi<K2vS&zAgn#JJuZwQ&@W6oX5kyxqG-5vOnP%DKQv2Z1tM#gOvdpK4l95irAF$t&y
z9tN5=A2Mb0u7w%FVPkHZJ#K@;+R5Gt^mX%<#kr2`d)f+X5-o)%sP9ZiwjY@>dIcLP
z#DLA7ADTX)Z^Lo=b%w@RRru7WP6(@W?^M6CE&mt|j@E~-#ct~(y}D<OSm&q2IGZ6K
zQH*)ilEH+qS5KGy`q4|H7QN`0gg#`OZq*C(szeQ%4-9T_YFhlnf#j!;sF1<TC)27f
z^Iig@Ykk9@h`?oi=O9BR?Mq+HS#dSD*s2PD#IiH@XL~zGd`nsGs&sPDZKXdEjcAZm
zR)1!$xun5^Aa>bV)U@QS58kvBFD!3$iKnM5(L!wO1$LuyAz^0{%)_qk$YrLifWu?7
zr-i@q_7W=Wr@f3d=}M)J)&qCeCMN6#%k7Mm6cvlL4c(jOI^)c#@2ix~C;5(-;@(|l
zJrar&wnLRq_>5LLFV97*#+LGro<v9;7iA@Sv@!V}*?aEcT)DZq4~bkB>iK$Qc^*4U
zD6`I+agv@W@0|hd1`c)l#u87#)wh=!mm;=$m3T+Ku&W>KUZCYEjW+TbDOW@oRXNR{
z#PM-VpZUXcqs(GXYB*G>pps{u)G=z@_}TUB*}&uD*#M}pPx%j@<=!7=;}sE?RCMi<
zRP+#mV!{t|)!LekaQ(X@CGi8UGE*;Fmx;D(s=DTO%HyK2jR>A6x>+Wlh>J)P-b1UD
zOLgfVGsb(`%#+6Vce;!hU(x=o^8G=z>@4psUS#WTq>vNxAYm%=JwhYD6gE<jiFiet
zQg?j*`%%@M0r`q#jK)ynGg<*;`&piKg2Y;;T4IG)NPY#vh_I9@zguyknadzrbg~FB
zDnu{xDj6|Ri>p1DqgR6B1dGy?n~Y#Z%Kki&d$6LtDwN>SeCq|_gFR8}UVOl<kUXWh
zrQI=0=ats9-O^>;e3ojyx%Klt#AdK>mVn_5^5lBnsMXSEB#8nHS)MV`ht*qoHaJdj
zEGy*gm7>0mKwhBN9EJ}l^7I`}9>zo)9UVwmtBJPuuG(0h5feo6OT{b)e(1rbX1^?S
zo%1yu=oiA(7G~tN;b}a&Kk;bpJJOC-HScJv>jXvVG`A>r=3vXWgbp23m`T0n!-?7L
zAG8*w;ALgsbcKedr^AXl^Q}gnM;-g-<0)KM?d(m3szaG1u{1QX5br7wX-+pHb!V0;
zT1K)hY{C^60kS=`s%7je3SjR(#{aylRqLdv<lGYP2vtWr4tFsNcDS0ZW>0AAo@~*N
zn3?A)FN>dDV@MMl#|!Es!t|NMT-HQAREOr8GKCm$cHuZzC&Xx-tterTQClim?Z9oy
zYP4`rCAU3@8)d{ZIy!h<p3$j`9x!w=HJU%HeAbRnOtTuf=NiV&kUQz*MknD`gcz&n
zkq>8}d&uUZPLQ-g(U-uJ5^ZRG#ahPgrN~7x?ct+oCYBSmPxj8hCVH?mi+WF7hbEFO
zmyd`qf4&LhD_ASp&5vEw6YB`uGPI3-73oCF;O#NSA&z{OvCboR#N>gg$UE_(_m!ho
zLg$uga_aZO7YbXQD6MN1D&IN3=E*b42u07|9Z{wotLp%*L?ASJ;G*R&^Epvv-mXz^
z%3)G^?n{LOsKY^TL?0|4&%bB-b|XaCd|R+|wfaV#jQ521Uc#jt4_Kzlj2p<}q<m{H
z(eeE#K(C6Sx4Og;Oa0k&^FBSPazZx455(u=9lfq$SKrdx7LD4~;fy$^TOx#E;<Ig$
zB@|3<^#v7EV54ZE)uF;9m@je1r*e=}gdw}*>%+#vxCbu+yf>O?wes}@N39EMl>Mh?
z+g*<zJR;=lmv;>obOMy#w`XZKO<-aDACi0froOu)=00(Sb;sCnk*RaO_{PiP9i@z*
z-vU7Y?_3|IN$lu^J2$^=(T~y@bzr_Az8TwIpsn^E1!;LynAZ(DCrP~`#XPmuGmmWJ
z`8H>^UKRpV+oq2e%rPGtboHMg=0rV|EO#!_ciHgK%s-hKaKSVPdKq)IuB^|rI<HJC
zo|v^l+?2VkCz4aM8H1G>NAEWsyU6snsOHdaNQ@2osH#f_3Fj@`mJ(NPed~Q<Xu5~4
z*QrdW8cf#HMK^&A8kMr2XL#*?MGnOZTAQs^Z>j9x(<(Dy7te5q6M8|}#O)6LA^j|(
zYyPszP~k~wfthDjz4k%+C#}IU*ji68w(Piph!|;hN?JLnz2IZ_BqZ_0BGVfyp7-w2
zsgIxT2(z_09gl<BnWQQcrD*f5qf2-Q+9m$#{1nT9D?5-^OM2*Xn6vd{*XIs&g3f)X
z9iF5;d(xto@I3g?5w$X<&^x%-7l%9A=#7U?%^rkSPz{rW7bX2%W~tTzn|mOC2XSAd
z%Kk3l2i@3iCmC(txJjQK_P&KlvuAr0Hx$DPxbvJaMsXol>IcItdPV|WwKeI*FiE$M
z#1+0)W=Z?`uU;Kto%iG8kSa;fTn^@ZF|#$cd26t=yrkMA`*LVf-N_|AoX>uNsrK|v
zU-%_F%U<ZXKCVJ6rL~L2Oxraa;zU=+Q3GStu42A<@zv0$DB&E#L5`|rH7Qg@(?GVv
z%y?v87~$jVu0{5O@FpHLdP86vF?()x3PYKgz1IB^!|Qf$^H7?Z9-E!qHk)Ogc#-+T
zkIP0o<|jh%N_qaa9O$nW%>HU7#1{v39YYRwF*{pSW_nWAMDaL}Y$u`Z(}1xcqL>}U
zA#;^>dno6~$f^QmVYs20E1Ja3T-$D6k}FdT_eL8V7L>9I_|~p+Gl6cJL3-hI0<*?z
z6j8^#9G`hz$f3(a7!swkgcV5IVO$h(f9MnFu{@A#9!4+R<))dZ({p^d%qu?gLH1~v
z7gklu=!q|Gm^&u^pjO=;JpquoR;2@+uu?wZbuS;n$u^p<NF68Pj->4381`skbloQk
zM2&l{NuHScPlt<lU54yWD({>%`jRb<zzQ%w&??eyz<s)#Ho+N4+%6y~322cz-cLKp
z6Jq}`mMV84X(ShK2nV??^|Lz(Ls);CJE|>^n-JRFb;@bDYKq~S=oY9W!xsTsiTo+P
zajP%9vqtx;NO~{vxLq^c#*bjk?Y7mqlX}xr6XwV`Sj}vUcyY+S-E6D4^3_)(;XG~x
zRdypR$kM?0dBfAldx8co25JUZW_M++^#r3C51NM)Mm!sGCTmjlX$^&{Q1{@}gdV3P
zun@kug$a_&jpb)4wAIIrJJNlQy}aub{g5+oz4r%b*o0lbd?h|ndn7l~D8{x?eNcCL
zDPyI8=yK_1&|rDeg?=9iVaIjo@)`rO-s6~mwxl+T9gL67s#jOzh+_ZMadJuIY<nQe
z#$M|hUqS?oK#QlYo>&f8pN9FVlXfQm5QFeIk!}_m6#4$hyX2y`m4h-W<ICilI-Gra
zNaAkW((;if&S89o8&6`sTSa*I2rkUM8e6pZUc1n6g}=Pq)|sx<)<Xvr{76a5djwAw
zI!Crm4XfAaBji}bu7>kiRCF=Ux4Epwo}*(0&r!(f)@Bk<*grNGXyuPibw#7Q?(q<W
z352CUE36~+&>_3uas{(G+m*b<M9!!K*JRH6q(e+)xR&cHn;K42b#J3GtH^d9o)?OW
zF-f_EqBt!b-9~N$v*Vqh)n7@no|d^egYy{8>z!=5LT{MFZ}|GewBsoQ@=``$`xM}n
z#nGOhGRJ%{@W%0VjAOBE`TN<e_4YU{ClA`EGOn$9N1uK7=v%z%d>lUWr;Ftetx@Pu
z9@QB2&iHbFl@=@h;78h=O_5&BCz!EU2xCtXl5x(bo+^K)Y5&ra?Lbasne`CQbjIR`
zzP>)Fl<j*htNvkk)gc#ndsNxxY&$`_FB1wKDfV2eDR*AM4lE7kF9+7CN^HEw)Yj}`
ztyenuG23*%Bt3Vx)uj}~nzOSKt!NEi`NQ0Py@BxSs6XZmk*KzK`({0LS(9`;8M-oB
zzDGJg9U(RD<W;6EHN1#JyY3fwDg2gHNme`mk~u%5ml67KY!v>e>&QI#7qvmM%bRwM
zWrtT#bQj1|3vE1@!=m2PRCN3vcBuTF+F)+-a~)UtXWW<SEP-5;nlXM$%5R3vh2lK}
zeT|?TAx`drNLL)c(<s`wIE43LifZqed$qlZVz9_R;U>0ImUiSw@Z@auG0tL0b-v1U
z+gXO~8nkeX^^UB_upa3+3NacRaK>}BGRt{&OjIXwv8J(h0B;@*KU}ioT+yS&hiQC?
zxk=+awyRoNWmS2HFaUa_X^@Alb<oY>sOy?|iNFc8;S4fYbPIf-u-u)Vwnc)5eeP4N
z`iaDz&Zwow@apFwJzCoR3&BW{JqQ0z)#KLf{w*jPZG-tdCi-shI{aPjTvt$Ln3lV%
z*LHSl;Pe*<(wPR^r+6jYmPsJh^1cYlUXFf-kI~mDlVXV1j&ZEAstNwX#f7e$qmq%C
z@1~e{4Q!gsFOb)IDzLcZduGDmmW*B1;yvd6eu0upHwDgB{hCPIkt5xnKI|-Om=`P+
zH}EWE6v5a{^nn<RB=Zxc%yi+l=z8l{5IBA4PQ;i?TX#p!LbV~kS8-=e*_*p)WmQRL
zT{+!)ZUgxvqV3^a+?XR$Gu%n)hZ_boA_y;TgWBe772*Wxt$QMFRyi%2fHQGkTb&TM
z>s4zxouexc=jkK@wHx*Nq=mmd$EMQBS*w?B%tz2}2EOi|29hs5pO84d!^jD3>=WTg
zg8gdZ$G%i^?{a6%-rz-2)e7svwZ$EqcZ7}iytnp>@|IweU9G;5ICB^-f<eGq#?-a2
zuYbGhzKg@iCUe!u8LKa<y=z>2t7py_s2v`k$;Bq{nC^Gia17h=NLLe+JRk2DZ<-vv
z9ils|ao?JQ5Hv{*aAyQ(9W2fxEz1%zp;}io`<R!vGNEzGeGqFsbMCssrCjeKw~eW$
z<I0*adUOnPmq=q5gkYoYV(TJDs!Obw?|aB;fwmdxn)l6xwQXMFZKKj6^fT2sh4R7M
zUUt+bdsb#9hR+WFa^7P6J^p%3^)vocbYK*_jz~WUsp82xvgTaXUdy<eh}K_iVjt`W
zJ=k^7b(N)&cAR}lTbgs+OB1({IE~G5aYy$<xjlEHFW{3sX1%W<zE44ScSk%A5aJaV
zCpdB2)saT=R-R}vRMlkvUi9k9kQ_n588QP%KmMMz_${6XpJ6?Yuf@IjT0R+mwQ@Fa
zSpxBFp;GzY$Oe;vC>UP(8TA6@_#hY~#c^iqQMBm(`wQs_KJdN{PF64L`NV67Mtfu0
z(7S}#I2Tkwdy$6tP4vYdjRxzQ8Qy_lp>a^~t|#K{+Q|mb!dBh|1Kcc`^v7VboK|hY
zVt%PaYs%xQ?|Ky-4U4weB}z=*THss?;i7~8P#U4LSOMlI>F!-6>7jFpx%>H*2ha7p
zoG@aNLkUAqSF4x27#0!(>6Jv2Rou}-aBV4m6Z5k#RhnDmcz))ZU(GcFLtKd-Dc<%k
zWPOLn!Xx&^wwt*p5-fSeG1qvyJ+x}TF2)HR7)_k(gg3ERK+-0iDxY`nvc3i5n4_zz
zCBQO|pplv$@ZcSSbtG;nlSHa^f<e3<o+NCq4!d8uk;Cq(c~jF#-M>x@x9c#}r?;2(
z_Tj2~WlwNdkL4;u-5ObhN7u5nE06w8?5{*m{hn=`;nA@O&Vmz%+8u~_mgfEF1Id{r
zYh)Dt#0t*Qo!3!aI7muL9J>)<U#N_EGRwZl8WA#9;@S@3AGz#+d4Fu`91ENAxsq(0
znW+XmfNHyL=|b7ZPo{Z$?E~Q{L%nf~^oR3M47Q@v7F%c4O!+7P5xB<;dnJ`Unm(Bu
z$!65+gYO^q)xN$?S3tbEOo3*O4|Qx<vcupk>3k^LztwyH{MLuNkW*oqg03PVoG@yR
z+VRyB_a6`GOKR_V?6JO&4li6mJR0?hA$)8*&)kKQ;TNuYxV9R-%Cu2I&#YQS&~RIv
z$z;c@03iuKUgMc*gB#4(AH5rGV8YJMzB}_-H8#^?u&l^owu|{HIbjjj=dw&U(AJ%=
zmJ)Ev<xx0A5|5kd?S{WTG_?UR@o~#lFy1QGb0GVoF}%shsYfnlK#rJqaT9oU4=mFn
z6Grp(g->M9z|RFme^!Nz9Bwa~Vju({sk6^zp0^OQC{t`OVbqr~1OI{P&`o~b-rsgx
zSYRI3Cs3q6#))RvEXmbv;DXNUafi=am}&2=@rakk#%-3rZ}-r+vQh0*LM(yHCT+yP
z7~Ly<GU6_4>3YjVA(vcm!q5SOcFA(>_MxiK1)W6poV+p3IFz2Ouw3D?UVm!GYz|MO
z8j+IwBQ|xXZE~Pe^9q;n-K)((pID<s^`R$>mQPo72+^Nw7pkA=`5<WsX%oDtHlF&z
zdLp*pX|yq6`G`#{k?#@b<F5r0yy023+`36-&SU)Ujgo2q<ydL0#dB)~2JX39T6tDV
zdsNFw)#^-lDI`3FBdgy!JU_8=t<iKHaw|>6uQ{KDl7?Y+R>x^=>F{y?BCEDxq<S?1
z1IS>qvbIUc;X<0MaQl9qbAwZ7!z1|cl6xok3MU&q4KyWB*$9LXoOP9u>l5TmjvqJ%
zb1e_cpo+swya_H7_g3g318x#4#>~GLSX{EC6DizW&CN|DcU}31MlE>)_ft><M_-Uz
zFw{c1_RA!1dTXLhkTe(Bp6_y^{W4iKECLs^Le~zlq1H9dBlNsQ8s=6gFHmCaXxv$&
z%s7)5KNz{sUQ^#i1$=Akt(l9p&a)cG8Ch-r1Fz1a_JFL3ubvYt$20vZ{sNeBCR296
zshox!tY`eIN`P}Vz`}X#3--&{c`n_$fqPuz_{{AB8^ss8i<P;R`z!h8YM6M@J__gM
zfp(uZ!qol85x>`AhHJ>0gzC|rBcfuz-;Mv406sYSk4dTt&bOFS{@#TDC|Ld?pmXcZ
z=UZ%luOIwd!IGA_0H`|__TfQ)lx|K_mLKfWe!?muF0#J`bpJGf_54WeWI`Mz{(7e@
zDu4)O|Gk+0uk%;yJ{8LJ;-_!@Hhuc1!5(~NGK@ML_m4GxA7TTpv()Q%Pccyb_LP4b
z-l+pqihqTF`&Tp3l#-B+2V9?b`@8MqfhkSDHWmJ>nUa%%^}Jpx((-rPPtmZ{)8A)6
z|J_U=ZfU>r<R($3zuNvv7BD4|U&ELFvBqzeMK%jyJwe=E8-KU`|IfGRou*1=V3DLB
zQt6bKg>@!Mj$Y?Av>C|NE(db2_L~A0AF{|sQHZS;og!m@#0av9In92$S*zHjNkUR3
zy{*5HT|H9=P`>h?rO5+gm^Y{Hr-{19NE5n0tR~(NSRM3GQX1=(lKSCd(-mYp&z3*t
zDy#fs+}dok5o*ZLv$HLl*A8F_tIF&qAf}@;GcT7%%L}1N5FEv`I04J4A){9fAgvsY
z?9i0}O7PMyex&d0rJFCo^>3rjTo$Q6CQO`QdlZ-%t3+CoT=By%n0=3mYlyp}LU!ZT
z$^`9iY7IP<GgN4RjmZamam*l)XN~v(1dMWfs<%5pE3JGr4R0;=z*RW|I6;_R(CSOR
zK_y?G7|7kOdPDw{Fm<sPoet%<nd^wz9n`mjkL=x5iW&w;i{)j_b&>Uz@f!5bLJw=-
z#-qA#N#MjJhc<SXrfb?dl@7CfS`?-%rZU%=cPD&(2}fHPe#Aq!bz{O}R+0_C%hryY
zb;ce%96-X`l}9&z&y13iQ)vU<U@DPb?`=H~8ThU3M6Gx9Y(v1QWaF{7iiqUU<O2y(
ziY+7?M|y9z-rrqsq$Cin2lFfy6%~bE{=9OsG*MUQz1~0(6Yzd(9#gKwThp(Vr}F|#
zp6E99UMu72HNqA~3IPzkLiSUS(Lmrj+6a&~Yi@8@|5Z7kxYh6+#D@`E<{C9m@>Zs6
z1V7G9Pv3V2xa0D@3Ezow(NZgSwm1=qefp{}NIPrk5x{RjMDihn-<~z@K}mZ`O9f8p
z<1j!MsB&3Zni#01y8HAczQFWsVd$G@5DWAZx%OPm+&TU?jYEZcWo`Ynil6U|3>o>Z
z1eT`A7_R77Ia#jJ)Y>h$g4P04Ll@9%wWFuv5-q!59!cq;m~lM`8d&lbfYv@IH2?b)
z2QZ`#U`VnghS;~#D&&dob970d-1=YQYt^Oz7iZMG>Nww3roimoPr+g2v3Pg6J0;La
z*nRUQ^S*kKmTsNvn7u+X1ekIi<tj(u?nectR-FP${c_tf!y1nR{5X2GsvXc0EZb0>
zmUP0l@syJ}oy^|bA1UupIFA9ehmd&}1NvyQeFad{*8OMVY^&IH5;lC=xyy$EE5~g}
zqA8W4d3OAlJL7~2ew*s5l5lw2m)6oavNqsJ$v+j>GA&b`L#ugOn0>1k<K;No_G>oV
zI1$aEbdU@Bq{H3MbG5h$Qz5*MXyFICx})G#;4v5*qE#-;Cqa^pv>n<G6(lfvETrfT
zHa`7B6c{FwNxXE}OFE<HCtUyn_Q-kWF`Q|Hq}M%Li&xr_Cx^?0QHhDR=85iR@~^bp
z0Sh3sVa|~dEHJT!iJb_tindja_cR)sXR|ZSwaf}L#k86&C1wFlaSNT`v6LMXfR=%Q
z3&w%O=QtN>wUt^8<hYrWwk_d|D{p8GhwoP8nwBC)2ftM2ZUWT{t9+7WMjs<iO05Rk
zRK!;Vd|&HirGyVMBq+h1IWOq;At)MPh{8}ysBeDWItyA@Pm=5RED(wRk1H(oaX04u
zwOFo1`(-YB0}Lb{$id3QoR{_|3o=D6^JZsf`+Ve+YHY71tS-~ClQ7Uoe%2y<;nMA`
z3z+@2=5enm({{Y*h3tOL*IHh^(w}x&i>YamtPv8u%xNww*dC$x?gx3gB}ZR=crdLZ
z%5hP%J^-m3kFgkV8f;7FUZ9fTcLT_<O0iPDsG&k5I}bA?+1#($qQ=WxAwZ^ky*7C5
z57GRC9}vf>*VDW2keggpd!>!(A1HB*jLcT<>z*%oJD9TQrzszHbC%y-b_k?SOnmkI
zJYC2&E-h)zm;_ZRVkw|_Jv4<a1cmU{4y&#(RM{;Y;vvj#lm0%`&}(^I(@*3u#DVP|
zU=t(g#9i_*&6?|4nAOf4wrNe&gx6MBnav1aE_4f?kU5|Q2xHy_OWMhX&g7)i>upiI
zMys^!AD}Y-AhZ7)mi>RwzDpE}-bX~_zVU9EFbNUv2(>nHX=C=Uij2iZB0OhQXXQ$@
zK!yO@FGIkWV7w@eyf&JY)z{v-qF*$=bpd=fVSdi)>0DQWcwD9~6W_~szLrnTC6|Rt
z7b*)+fOv4^XmRa^)(4%DQUtcNbyFwB`Q@H&-xbaWlFmySzFyF<yvgNTK@3w#w+spl
zD)Bi*g4Tn>Q%xahwpn61+J&n_%Q3YaACd9IVDf|eckec-R_3#80S+Inlnd~6QShX)
z#zfCm%eK%#0qk1M-Z+ml`GvEW85X3@HtZUU{&D5Lk~MMEi@PtriYpbcOPr4RnpN@&
zW!2Q2k?Gi1wafmd<P2!c3go(Dpa&o4Ao-?jD9NiOBLU53$X|%51i!j`Q{ZQS`GnPI
z@HNiZM5SCmV+&D0gv!$^vl^`NbdBSK2Pa|O>itN4J_Dls2oM($v@oZSzTtKYKB5PC
zcmpVJ{&eo@#&ioIdP$9>3Wj!ZX=BgQ$x=zk^E%kPnydA;*s!Nf@qWV0nNht$_E^oO
zp~AHZ*Lf-5<AW@Kv=vmR{({K0%mq9EZ=Vy^`*8dH*9P><)=%&JC%W5e50^MEWKLX$
zF&$PaL@@34sY=Ck&1Xa#-mD77{Aoic|H~|QDzyU=&&Fmr%K8bT?2~OYL9Y6x7B5sK
zcfL3;_BILZyuu_(t^hGOOs5qnO~4-$*2;k$aZsOvw7*uZDXmH1@WTQ@T>XJS>B2#k
z$KCt)M;Ch1Rse^+*PsBpC3P@EeImBi!SC&-izy4s`o>5px&7g^^a-+_mmPcUNJCB6
z-=YSv9K5g^P}}d>?myHkw@sLJYWLW+Q45&AXoss3)F~Yu7X&#zxa62F&!%5x*_ZiI
z>%iExls!6-kwY_w#%pXAri+P?*nD@1Nn)5{cfxHt>>KGe%*BlKPf$tA--LRS_+mHC
z)@sfjeJw6ffwsG{M^wyb%{tBQN9;vX=;tF~>M?xA0K&0n9@e~~fzcb-ZvHj9Gi0>a
zfNP|b8k54H9=!q6#d#gfM!R4n_rCIZU8}zYqqXU;c6aPs4(2RaKXor=M8e*`0=HC}
z(7E2Tqb*wn$|jQS!fuIcZ!gh%xnv`i&AZ|)g~wh6X6MJ+ij^9;jKE!1E9c+x1Op;^
zn*1&R76@D;-{{}ub!+@=`>JK;R85Niu*B!BF=-&PvW^6V=%h;emjayAdg|OkQ8xvx
z_B)ok;l)0KrDGA2yI%o_)l1Ql<USYk`lm&B8IWZEHqDW?r+o)WvcCFBw;UdGN!1;F
zZs(hYi`@K^`QT4weu?*UEyJ#jX^QUjtFHh6OBlp@D$1THW7lu`9BnAnJ@KzuCpnEP
z-fEh<`3?P@9%u2V)XoU<=e(@?2?wi=ZXHMLWgT_7`E(006GqvQs*k~ZYT`}{lUcS}
z_j1W<Cwx!5)1jt@*U5t-KQbs)u2wA{(e#7ODDHmc@Bo~6L+ZP=1`o+IBE9`1V!j>_
z+kGVr%PJ0CK9Hx|XNE~!In#TU@<ZbrD+~|_=FS}4<cxqEeoGn@znYob^+J1?;kQYS
zzX`V*7g=?qdX+vFRchj$dO>#HIozp$P4@zuG(9<8Aon#J8~`g2i@h0Wi6KpYNsvuh
z1fLFTWE8jlVUzC(vE27$F3!#iwF+Pw8q2LvIJlmpL{nXw*P!BosXG_*_R(Z+VJ%k7
zb=3yEE6-`=`oMX+KU+NwalLOd@UqxXJ7KGSHlU=yCyKy!P7HvCb)7GQ7^8|2pYK7B
z%t1ya99wgpTe;UXw2T~|w?%PVH_&ucu9Sr5PVPr)8(PW+UEWc*<qX*a5J~tAw=PBT
zk?X&mEh#zJF!?8in|a|euDOF*V;#xxkcTvZGlBnU7dg$g_pdj!M;f(l4w`T6)JhA0
zD2sC6GGivW92HcHi4|=3y_9%xQ=)t~h}oxTva&2?lp^Vxnifl`!)%*Yxh>AvUU>~{
zvRZ<H)E=`mieSS%<_d!|-*-Wu)zOG(#-Uv?hb`o>J{~LBvcY7TKxO|8mik=d?4|cw
z00a=P<9HB;f|bs;;Wc}<931rxy*A`d5v`@z@@WcVPBD*C+5Hpbz_F^$oT--m?1^X6
z4Zm4VGS3C60uU?4wvOmhw*}mlwR)y<>o>Na(%w_=@4K8IUWzGge0zx>dY9p41rq?+
zAVt~u9>OXbBV;@F^_lkiEpG14?IW#glB2?j=KYDT<L*8uC&V>hAs4*PiRckCbee%&
z3D{^0>jR?41(tb{&vNGvmgp*$6x^P@U2f;C!<YA!4yMSd>scRKjQrG9*AJov`JNVo
z*7>fFO|2u4gxdK;&qF9s?-7a1)GbI7cP-di9>UxdwzZ*@SeK3(MN<7?EvbxH*f-*C
z_+IceTCdE=i>2`e;VbpYow}S>FOTH**^2tSfGh|O8JNcU=wNy^i?n5w;p<jlbCB9K
zw|Jm(D8Xy9RjbTO^HdZ!LIIRsT^OIYCQZE;ac78F;!Sax!J=(Oa`ub5a^EE&Mvnx5
zF5rQRma^IQXoC6Aw-hp_f*SJK*atvrAf;JC)`1vBl>t%mz%r>NjDCJJe^>Hoy>T#A
zE(DgdI#QD5z5go+%|!`g31JZ#%hBWnl>F$^M{5^wuBS019~viwIyoi~vO^;mbEb2~
z0H^LU^HJfg7JO%Epd^UN<0s%BnU?#qBEoJw{2ng0#CBRF<Aqu=@+C%YaGCBD0<kt`
zH)1EG%fBs@j^AZO4kLd#U>cowWbV(G<GH=?qVD)G7bBpB+Tbo9qe3_`kFE7)DE05;
z{g(WYK83PuNYe2Y@m_>Z8~ytfWljgKWJgyuVz?Ia@kho~QK9$npig&|u#Ol>b0Bv^
zb;j_wP{{3^#<*P|3qABp3dpYU-0S+L(#HhU5#e0M>|5YmeH7e7C2kWQ%iKv}IidaC
z&w-jBb?F1Fb>YrVP(gdEIs6*ueopc-5Q%;nr4TsdbTCVj$NST=wB}xez`JXniK|Nk
zx%{Z1AZk^Kp4$DX3!d9O3W%fq4ak#RX@r`9b7??@m`i#pm!ag={=t0GUc=bB`85Cu
zPf+*)5Ow<rx}{Y4xJ@8Y2oX!!7Id~eQc%M3`Jj|xkK;$pfEA=82dv6TdBueFPdQ8t
z+1;@%L0A0vy%|hT(49JqiOwSyUyiInva2H5mgeF$2MHjDyeX$Ea0ecPitfQeqqVFT
z1<x~{qHwBE=#DNLOvUjo53dG2(9cwkvDpiA4rCN}`O2pr$yjaD1n#40Y75pBvh%sl
z=sI5Q9`)(dR1!3|J|7up$_-A>>Es*m3A-t{iO_l#74X~W1~kl+Nq@Y!&NKR;FY(~u
zs2Y`8i(`4U_AE&^|0&e9@uTQV39>*6%5ZmKsCWElX{(NFCAa>7BUsd4gMw#{${WpH
zc)w@mxj94Ukz4+}w1q0PQ{%fUqr!88Ye4!;?q)h@BKrsHNgHQLe{7#jKpuH|5+Y8f
zkFMYH&!zMj*IRLabam+}><<Y4)GM$+{6B51L{)fRO6uXar&nm7qMD3vZfaKf0}2G_
zR5`WeCm=V4&PCI$Aq-DIR<@g~;=IQEpAE?32Vev?KGN|p%Uqj<j`Co_0T+@uR5>7;
z`Ipxw)Z#(G%6_goPhFL8Rh1%1?YD8R3Hk}9f6!|Fb^lGe$xq1L=JR8W>pJLl;xVSh
z3+S%mF2O%hI6x-kKgFST2Z-m-J!pouwDE_Xl{_w4@t1#JpL0quzdlEENV3KpQd?@t
zd3<q^ia7-7*HzXf`q#18)E3TEH-4UA3!l%|*^6;B%u|(0_(O~$B@Zr>PPx2(S=D_&
z%f?VIPu18SU)@#NCHdE(?x|Uvspb^wEPKK39Wr{5T6c18Va)oX+W*b|{$CM;O@-`@
zP(1<R5HaPHxL{3A+AK{@bN$amGL5DGBf80iVw3bReTmd3NjJozYy6u1n#ulpleg8_
zfC#MaaXorVR;uKxG1tp8Kdk=r1d#aOzN@xCR$bTOJuz3H$n*TZf7cJ*<l^LqGJo0q
z$s*@ya!Bl!2Azex=Hi-uRd=^AoU>52u=%S+mdM@!`JtDY>*xnm%C{uy!)RI3u=8P;
z{<b6KV9DL&ZnSxXQJ>g8fQO_!q|Nece%pNRZ)Qp5QnLWIr1^&w-7gd-hTCBeKhXyF
z`~S&dv3&SR_U3jyVdztXkbBeGd;F78Drsrc$EI)o=;wgP^w~8w8q)EU)|%iPDPo%`
zY4cO2z~_vA@@9V0kIvum^4lZC)YyzP%bkBCZ%U;tZ7OH__OD~nJXs)FTj~t4v3Q!4
zx}cJ@`AphW-Zbd1{isj-t;gVimyQr}o$<#rC4SAJ&6odb$a^1(NXKJxn}>%%jlr?P
zM0OU^FvhT3e_c66mKXm*hS%?!A0p|=Z^)ua6J&4yqb>bMe>syY{phTlZ^8t|EI;v6
zA!F8NDsS?`^y0^V+n3+Y-7)YJMvR)#M;)0x+sI%>>q?s{ng;*XC|90TkgS!n7h<bQ
z1?3u|Ab0%ynm;wu{M9HdAJj<4@6u<E?v+TfgA2BA`I8G|3ZU5j<Fx+AThqAszXq>g
zhOQb8OIrE{fFGc!wtu|r$>Y{X4Ff@pc>R=f-QM2jLYZm$oVUT2ve)Hg8Uk;(N&BC2
zIrxzh=$_VZEKg(W|N8v8ilNxpJ#I!=g`lPPcd&(xW$3j*q{ohx^+1lML8norL&hm2
zv|ouEO*k#&1atw7@Z3cJ6(#^s`xImomU0X6@s3@^rxngTwfiP<LI^$OoiJvpai9c=
zst@H}`K)>zAfPrn-2luAEsUo*=tvM3?&Cq8iV^(W?X9#sfUeM0bXs@~0CiTN3T)m1
z={Yt!*L-U`Sw=FY9XxFgn#PvfB_aBPE;CvI6ssm`R1V8BzAW$@CJKu(nrH77OhKI@
z&ed9i?SwLp`JVFENvY*T>Z5meoGOjz=A|~qE<D<6T^gHD56hVc2!t{vp2{D4#GkAY
zr9hnmSC?TEN`HYUoHcC?&_*tOP~jDa<Zdxn-2+TO_tp&rebj#pPii#eRQKw|0mkOp
zdOGEKF16v7;c!Orsb0-j`v9-_&U#{ORRAE)2>^a}G=QEQ6Z7pRY9U2}uO_8Ek2YFX
zq)rYZDEU?a_Uz%n5E8CbXQWI&|4Y7dCwxz0{spa<Cb)yy;peSgAam3M=00_qsd=>E
zvHiPpqI;!L-t}Tz+HsUyVc)vP)IouDO|sHtI-%{9tfd4%`kFbpn{4!aCIXoI_r3Gj
zo8#f}r5iwXMlm2e3{N%$t^oXn@XijvEDOQ6=d{n)oHX;--rf-}?Xp<8EE&;*dLjBB
zosygk%Pq2MsScmM>vmtYX(Se9$u3xgTIOBbO${wMeYIs3y#^6qDed#h>;sq-8$eXr
zoj5rjQjsD$Ee{u`c>}r=%A)6X9T&hV@}Tj26FY0Qgf8<RiGXMXu_*UCaOk7?DLmm-
zQnNFt?=lx-js?K69lu$}`Y7kQb>EXcUzerqEG&rDV6w!j>`{w4{g+vHfWR6#I@lua
zHb{we#o5(b8u=V#NCGq$%6?iN4U`YtbSKLUW~<+?(*^i5Z_k0K({u%3GUo^-ZW|`2
zYLD0TwIttTOG?OoG9^vjMl*e;Ggjp+SYm1aBj1<Ep2IHjwf$+fqLfgGJG-YHkn_v%
z^N$0hp_R6Q{hQNN4YH-_!qM8=>H<g<1eftwjh6u7q02M!u%Nc}@tl}^g=;#5k{L2a
z$iba5V{kzbvMY{nr(cyWJu~xA2pTWa!&9^Ud}8oad`Xh3yNzew*#bz`jTJOd8R|V6
z**R3{XzmLM=sZ>B)aQ)Vd=3}ydjg}a09oITj5BC4=pr4mU9_JD+xAr);Elaq$^yQF
zI}F@sBQvEV+kj-u42NEe_c8L0%y^n^zo7kcL$xBS08ks;Zka~d)gClMfD9&d?eI!=
zm|npaw`>9hj6SwXsM-QgVS4oa0&gi`p%FW(m75nQq_77egL@XHYCBfd%VOtigc>7g
zy&?pJ%6Oh9H5RHPXcwzGaxgtu#{3g8c{Lgfjf2TRO0Ud{X7nK)x2Z%dtkn9EZe@<r
zylx3uD7`R`NNJtag2!N4ieo+<nZRYIiE{;87DLto)5)9bp8in^=;)Va5rcAKdouK_
zxV^x`fIXnn_RuqPHI4)P<!u)gi+UI*(RUiCCco^mwYLN$dqWe1K!S3qHO~?D;%eQm
zX{Eh`ZpUO#*}M`7a_1cXkE@Hn<{zf9di}@TGWi@Bze}=K#ocb>)>h}M#ud=)#11&_
zL4i52qi&r~O$|UqKyGAPhFnwY6KIZgC^2aYhFsYL_%{Lz6xj6MuQYWF!Qq)18M;FS
zuoZv+<^%EE6tY>^)4Zar9t}_m1FCQGNJ7Y5IlwOk5ZL|`8Cb(3=uUR>d$MpKQ{QR7
zc0<!oq?7>=+*|-IlQ200%x!g#PShd&R75OaJf(C=$>Hnl3%QHJf<z>l3*h&+S2Ts9
zGBdSUG)B_FH`sq>&w@GF>7m!bcTNlLQ-b#V`&cZpEZ<(U&`^_>U$VA%mH-~N(o=&v
zdv?oE#E{(tf8glO^I@yco-7X-0e|_%y(9~~_K61ykvB)a{~C7yuasbqfC~P7$kG^l
zuF3@KwX#LjsO=W1C5Q(I9B{y)=B-6z+0_#o&rnKqm*0KPXq6Nov{a5QkhTR#x_p4O
zI(-eNE(DuC8PyT!(Em)~pdJ};XcZVx2hI!HQ}EViQC82f>X6(WHbntCi_s8o-O*Go
z0dQ4b544T?69FpqF=J4}Mp{h}v(eC_h5r7-;_m=Yz`w$j9fp;c;RltyOvAqd-DqqF
z=DdcRE!=VfG>XGxdGuM?y$F}%R9Ik7bMlf#QMC{8@HqaBVO&bf1tNo`jg@ygB*-YM
zr=Z=!JA81}f=G$Tf=~>t0Q3PKAo6$Uraguvp~Q3CJ^1ZLe~Y2lWGN+Potvf_QpN|s
z>hR_CJFF1eI1BeZlLi6W@TXnjtS+puCp56FaSf!4Q%YS)o9*fH?%sW}M@+7rB&LS&
z@WJTs$G-}wJF%7z3Z#S#=V<1d^<}A+GXeFMYvVQEe%^p0ea!T&mebQ{d0X~6j31av
zq8xhedm;2-@t7V`drHqglq_9Mt2$XeVJ-fWtb(9lOl0z5GR^*s_>buaTOJu&vR+&w
z1D%0T;>`0YMSnPNk!RTf_;9H%YpZ9V<;#-WY9}oO7bq{>{-3`Eu!4=@<4y88v;<Q8
z`AiN!odN?<PR*Pznm~O)+ZT3Ia5eDeOq+QP$LFWM0@^(;U^h!<&_2z#KIX}?8oo4*
zpzz#KF3{_16@AQv$c>EpyZ}Fb^RA9$=+mc2K>j}zT7t>RTn2U0JkWxHYqKwbzq9#$
z<0?9>nnw&6);x{kT8v)Ymw872<$MleZ_H7ZIo%p~r>n>#dhhhTDsv=9pLT-<NL)4q
zc>>gO7-Lmho~db*DsgKYuMC?;?8I41l_|uyae(73JS7!0Vv512AP?)fZU`r<7M(pf
z&sqwkdM!On!^!4=lZA&lffkgsBhlU*Mo;i7k7D=BMJaIHq*h?Ce?6g1*8%>(&XQxJ
z0qWLx#Gex=)-M!xEv#^I47B`+kd|CdHU~!LBEVFfjs`MM;Ir(n@|Z6HoN|k~Fy|Sq
zW#rAE2K&^SASNlS(Er2UTfarwu2I8+ASHrGNs2yzv~-6e7?gCkG(&fXVjy79LyB}W
zbR!Z{Gtw}04c(pJHP7Dr+57zt<NX8PU*?ztX6C-{E6;14YppZ2Gp%e3P!$d&O%Oyk
z=d$V9Uqs(Bas}z|L+6P+ZQkVXS&oGyOH^0K|5<Qdmql<J1f(O#mYffV`}wJ};nPD_
zr7J3JulrG!YvF?zk0FH7OUEh*<w7*P3OEke^R_pBtd>+Wxzz94n&`&>#>;`^V7prO
z$!$Y@IjYX;`rwb_dsN?rhBfzIP7us}7^r)A@^T~1Y$WmI@qzCeg^o*v8ltukx^IA7
zNpkLe!hCcoPhtZtTDeqkQtTIyYNLIiHLeQ)FVqGMKZ&(jIG1E;^eVlfMWSnTL*^3B
zrRs{M3q!!s=*Ss;y>ffJFD<d{HCYky|8W-n_d*=_fOB)hkjGv6k@>%1@KWmVE{0HW
z1W9N$Fy_2Z%vVa(5u}o#4))+PUUz=RY|NrmnGvH74Yla#bBDsE*TE!o?R`$z9Auja
z`laB{l3g}WEx@&Np4Uby=QPS|$Y4mFT{oCVGY~L>g`F1;FJ<#61H|en&YmTG8MCG8
z7ZJYsyo^GP3$j(^lsly_hB94sGR|M=uGB>5z9`%wXg<eVgYBy#nD6pvBKUiEn9A}o
zbpne^>^7=bI49u<5jD-jgOu~l`KB#WHRVf&+MZ}_Qu0^fVdk0x#Cg_Q6q{y`Wm-n#
zfRNZitm)|y0M+t{rtVUvbv?n}*_#c_Yc*C3r?1ZsDw$@~p)Pdkd(2ju>$nT3yT?}%
z2w(oBuWj{Wrs4-bdJIeJA5jNetA4TJEzSQR@rVjKvZuZG+*MyThgYX2ZBJ4~H`r`?
zmS2mm_7SYF3V%}YkglFng+A!Gd2--Y3SB-yLGqMWx0U`ha>e^z($@%DANcxMo73cw
zkY;P4xf3FCJHC4gEckrllX^q1Fp*8Zvb>CoA{s>krFGTir4SFix`hWDgwsguN!L1B
zl({>C=zio)dif#xyof#V8gH+>y`rC=Z(ph#Rb26S#dL5t&kig>1f(s+nM*QJ4B3)B
zD@WNK^?HDX1;<xq%6iK)9@(946}|V!4O=s6gd%@2Vyi=>kFS{(=&5&a7U6r{4c3Z_
z=wMgV$lz&;%)hA<`GH)=-_kANys_||xPpHzh=?ta(FiZH{%7VHZ;vx9vO^@K1zdEo
zQ(UfMzmMY1Md7_t?8|}d$#($S&5^vNuck(B228yMpq?MMe2f(=a#FH_7Js}wrt$cD
z$v|Yg;oPUi)`}#{_Wc?fo?p(^r`U?$vsl%xBLQOm<m<V<d{Nex3oe%8_*u&d*>_j8
z;*eqE!m2-nl#Nt5Q=6O`ctZWZo}^7RjAq9838kdGH|WS3R2xMrdg9XJ$u&%$tT>5W
zlZM{#@-aKdR^_uv!0vnS%8qO2F{Gb}L@g*KGl`c*r(ZD<Wt6~Dqo*B~!xc@kb}F;t
zUCK?_S!^=Sq?0UN*q2}s^LG$dT+ZL?_V*&NYkEcBf)&5Z+IsgfWB)C!<WDR7!_2$l
zy9Ox&txjBc<IJT6mdR=32htToydL~vz7B>TgEPJjM##>kp$@IhG4z{{mEV^S`QD!u
zAAWRze@6LNt_|nz=v8sQ%6y(={<`{g3;esN(&w&9M3NecE9TxmMVRnI8yl=VvBzd6
zDSYf$a+%0Bm4#_AMX~wz`K}O+<f?vPP!=diD$bEiSRtD7a$A!)S)C1jbDUPk<IX=&
zcwXfHoiXN6a?FNGP5d%<Znhx*JS<5($AWt~;_Nt&#is`7_Jh;$ud%{b08<AZxx}W0
z?O&Q);uk!na;X4y-#QM{2LEbSUHrN>M$_usq=Q_e{GiAV1Uha`Q&i2{XL+4tRD$_#
zxgn{LT8DJ;*_5U#g-x{z_Cdd-!cq=|469$jD?DAS1poE&2sF^$Bg5hSNKSc{9X8{h
z*xX~85k$wZdTZk77n0H^@MN`Tx~lYS%}Qr))po^{g;{QB-K_D_aCm<`D<C|n_~z0G
z?8EZgQhE5DdT>_pad;dUl@=i}D%q@tWL@MEP1MZq<C}<2(v@jSdp!HB&jR&@#-S18
zT<@-~eju|#8jZo{GG&yMsYag}n`I%r_zQ|eo5aiF-fAd=K$bH7J|zpy&xw)>fz<gM
zA6kvv+P;53w)DMLrwB5<#9P(<5r5r|vK&$@J%5yQXV6SL3<?69r2KsD9F`8U;j4aA
z#D4PP?z$3Q<dA1hPIXsKUev#uAlSY9N^6}l^~499WPu#ulxD4-zPi|)3jynoD$6}b
zGlFn5$Pfb&^t;Vh6W!0G9?hys68Aa**7|%ky?|BkH@>=(x9k4e`p&6sgDAw-9@qt;
zNzJ+R(8ZgR)q)RMkBdL9Gv8MZDPH$y)gJGYhMRslx&Ms*=iCy2mXO$a)zM;)zX6$`
zweQJ_6$9C91jh&(qQI+x%k$Qw7vZ!fAdD-Y6n<XHSSWEfAXPGfty!bbPL>s))jCJ@
zjKR=fZxRri<l$0k(J|-kbOxU}h$cCE-LWmAZe|<3A1!EfDRp}^Y6uykKS?tSf4QD^
z3x-)3FUvQ&U!qKXTl|I!{FA!q&gZ+&3T7?6W>??p^}{zIWqSM5+I=6ERo$E&>Vx<2
z58VKdL+KM0d+33_ukw^u;Dwf4?d(03vnH5d8g^)@(ieecu|=;BsX<de-ttiKGdcA(
zq!c_xapl%q@LvfQao(YmOP;ObOe+&rxp3|~&-;60CtRw}YBW=nQ!E(LTJGueeiNSQ
zXW>3M<W@bj{0cw5h2d0!TE2<qe3tCY<IzH@s(NmLR)H`CETxZxJ6H#aux2=l$NFaT
zp=Uph7$3U?j+0E$emwo`E4UN<up-sBMQZ9xM&jD;f;)L|Qm+iwIT<Bz67auP%u^-m
zwtBdMFM$TJkM5>qZ}O`KV}6g{kNX9}wuMLP5#T-&61U$4N3{*<>_50gkF_qo%$uv8
zZ6(n!ABFo@hSbxiZ{Z7lkw6nbER~Xi1%jICOdH_k(LCGnnk&oAiRPzk42gb9<K<fV
zQ`ed>LouEo`j&>=B$m1dlq)_{oh?~yE@VH8KmPe!N)dh}dwYnI_PKb|cn}s!iyLnd
z2Zsv!C)X-)RVk2mu-KJ%AsW?`$EJj~?0)Nm{PYh0-P$Sd@kq4--1`$G1pLodAGAt4
zhlU2UX0+b@6T0}2{O<cp8?B}40xk=>Z&sy{#G9sSrcu9W>i<BFQlIfjAO9!mBdknl
zNr7n~^?&!hzvkVW7ygy?iJg4)<n^&!<XvM|)_z!BPI(E{dY#V_t469kKbw9@9^}cS
zQTEab#Q9iO7h2s<UZ_+ovw|8OgjnJIaHA?#l``F%@<M4fTSIRB0kpj}jkOI9EbQrz
zzPgHVQLELvVB6>(VA*IE2J`26r9?f+p>*C8b+fG?gD#Bj&ZpU)&M*kr45%Te&pRP3
zF={>G)-DF}1FOTu-LhTBLK%?IPFX705M5W~Ov}7apVDu;<{lo}tPJk^ko#%Gh1PDm
zFW*-2T^oXfnNhM8<PwKn@tJk<^Cyg*b5AS=tGXr(QT{WS1@zVLCi^Q_@{|iQ#9d|%
zxYrsWCmJ<2?M>Ve-2{Q^xqw$dCrBHr8neXqQ<&|ao?;+wAF==mDZeyg;<>yx9mC=k
z18Z&@#fI9@YKu8-2hIE}m4fob-cteZsml9q9?jQ4+Pgj}DZ#Zi7NSquX2&i1(uLxm
zG5r%#;@yv!N96ZulD2d5higk8rw-(f4X=wX$cdV7<mzqmUzk@E=(!QqI9xEVEi@ZA
z!?*IEeYr{?XTj&jAHwpV`}{?+<gbrXAkVs|Hv+O^H?otf>^kecON)`=hm95^3)Ll*
zY?eB(x^XuT!(5F5uXo->+6MTRS8do;f4T_$7pQqm8t8+!=?5LVqkJ60yk@DBR;KU0
zsH?%5?Ud9X^XcibhMn<+_~&GGR@KcmK)DHBE|-C@Qw;1pZ1~+T2hQAnkHVO^$tF8m
z*>dOYJ3|>knQb$OVW|q^(~WWobuPmpg^|-KJ5fJJiK5n$R=z*ZPU7~ROB;yDq&J8{
zF`MQV9EpXD#|1aseUWaqWwh%JW6@_T3D#@W3DHRFVaaQOp9L~zZy8biZa7{F#Jc{t
zqtoqO(m`Oi{-=Z(_4UDODh(U+lK~0gM-Z(ltNO6GA$SG{HN>VouPDrlI`8?Lj~Z3B
zWVtFCAp==j@X^7Qsbz7NHti;hvRZg6$6-&e`xjJ}f^C8*MwnID+8rvl9(|eBuwQiP
ze?&~2*xT%l&}!F2Lb;{H&V|1Q*B|kTNiJMj8!jG~I5}aU=Dnas7T<AhT`#9a+A1tt
zU&L3~WhiKgb+Fc0EYl5Ceo7oY-H(k>E_UHZ7HW7yi*`}52gc2{*Ac^Zng_OQn$=Gy
z)E;yEVT65ScyFP~N0dA=E>LMZ@L8pUDGKJc*At#CiqyY!(2RG1DiLd#V63Fh58AU@
zfwaGq*dOT6{0t#+JZd5ok=5(@dP;^E9;D3tZ|3Ev?}|jRxBqIaF&dxT?@KtZfzf;V
ztzJ=&*NsylGs$ru-Tok8_v3YJIpO5ui8eiwh<6g#kY>-jQ>RTk?n{aC5bX8^7GEp>
z;GZVUDrcY=-sZJr<y{_X8?`Lz9pNVi!XgWhI}joE^avILp=gzyhgP}TZV_4nW>6pE
zyKha!>0`5gM?(Tkgk&ry+Nm>}??%wtnFAl|iS^uaohlJ-dY^?HNz(~|-jM7iC}etc
zm{&SCx{xfJDw+)BwyImj{xrVF8Q!me@jYiylQw?j*OfEB|L%yAzoRW_jXJ+KGO9sV
zx2$uURoD{ADGIwagel|Ng`x_<|J@YCz}nWo#Ul9V(9fJpx7<<LF6Z&Eub`biwKFn)
zP-vKmosMj0|AWA(^AF+!+wtL~qZ%ext1qlt8d8{4J5(pke0A9Y;qAu1zXb6x3$c5E
z``&_#z+dx;w^u3!Ts^ydZ8RIw!jev^I415%F8F>GOlYtx@4h%W+HCPrdWI2pR=y{q
zv$wrRQu>mQ;CJh(RLWiaZ?sdi60jP`WO3cy_(O^O&im1}ExiM);b{_O_Nrc^O3o6n
z(p?Uj!I$A{q=?}meurs4B{JOaqpmBE?OpA1yXFu~VFO3;$5BtC@?1lKzs}S7*H|q_
zV$aQBrmI*;pB2;Sb4{m*6*EQmmKqlTK~Gv^1|iUrTC;ooSNCQli2t|i=7+vnxE_D2
zS6H2JW(`@+S|?*vg&p$+dJ9{~8n;@aUW2z7B45Zzb9l}_M3$TChVR2e!)zjRt%wp2
zedX05$oheGDkledWXX>LOhMYwKF~8hLu8({&v!Tcwa-MnbrN;>cPh<u2*|WbY|}aP
zO2)#4<{A+#H<LqmJli|W`;1ZKD^qs&q)6xTH<1BTY(J0b|DK0)p;F&HtZC!Nc$3EQ
z2PD8iUE4^XoUiOQ`^c(ua)n}q@YP-!v(il~{cB!>;kGW}136lPZLY=AGX$jlWhq_y
zK{ZE`bk7siqg@;&h_pvYQC;H*<u}q<SCW4z65W=&)uzgKA<~fCts~CZF#74)-Z>A-
z)JC;JdJMt}Rr`J|%Q?qC`y+q09J|@PrJTW5u6GzrJ)3Q|07`p9T52e$;LScEr{cRS
zKk$FQmfz-hpLWT9w7gq@{iypkA<1afocayOY7l%4Q77_}GaNXYIk~P*9ixt8ShcIH
zlDhSdpxt`nJ?88e;~F<M!;o(7>sdCR_3OelGSrU7N3Mqde%XF@70Zcq>P%o>T{osY
zgR<xp*@E#Yxx$<usT;QKeO7ZXLSi5ff!Gx(Z91xNO{Z3|o%xu$zfv1m?zB@PCW1dO
zR}oNvr%z3*GX|Y}_1W+DPiMkOyu<4eV;gHX2|xcb?6{;|D=uqj2Us%Q2lYb*{auQ7
zZlU51Uma?eijoG4bYMP`OgQb-82Z%JvVTgC&t;;GO;f**@4#sB^ed90kiK2>0^S1~
z*u6a@8ejKEX7AR_w!`zCp|A3t;ySRM^sapr4V>`_n^O$0`(@Any>6J0y%uhyws|Sz
zT2q#7vl_)cq?PO_II<lE!~X)s-(8NYbEn(O24PaARQUJ%_=SxCy|xAEl?n<&AIBI)
zJ+Gzo!Bpv2`q8jk7g!R2PAWPTa2c(gQzj}gZoVSA^ySm-f(ww&SOwYIP5|6TNR*&S
zf(@hP5F3#EE4}amX>jvV&g%_oo*P!V0tYy`0vF7=^{yQ~@OAI`B%%dvXSNC7s3kHb
z7H0=GHg~5J4>z;l$h`5@ZY^Beu<EwwK!h+ZH=XMohl-!6GE?6>x(-M-B~tO)bw1)X
zXYGE2)q@P!PGZ+clBI6z-63PsC`Bh{(Ta~BZ?s|NBY-T*Q@@jHgmvXAr4f+c)h~(X
zmYBAMXXQ2z={tRA6fpUQdtp787gx92D|hbf*7n*f08_7ceY>DM<HuHc!QRq&)^Xm@
zF_az-)3EicX#kJ##2VT0l-^xStfqwM*Re1*E3tDxg<?9n+t&#Sa?4qgJtGiA!9F<G
z7uiWB7$?iu!ZSEeCVDF}=WU!jBXf*2OT7n{HLTwkwxw<#V!1#TsYb@rfxyFUDiCKB
z(BFCDw}Jd}G|nO^ZcD#uQgFhf8Hk_eF24s)T)^^P2#6HXmRr2#)FLifXx$*1fx7}Y
z?UUy~L{J10%#5bcspd+@**uWe-v?BPQJ_DtT^TB@z@hg+h`6m<qO;f>T1AcaIU;1c
zVk>ztAGc*-HF@TQogQVDw+0|8bHJF`?o@wNR7mauV1bH9kaLi`UjsSxa)3?`qlF4X
zdd^{RmHPQ;U0Yy(;^&WD0oWE^Cvg9BQ#6S_9psMZkIs~woJxpFayOhn>d~f^0dRvC
z344T5G$(VP{F7~xl9JY8g=MFJNl*@u=sTv#s}k+GHbVvHVmAJ9S&Mor2?>DH;WnVI
zd9;J(E1c})&yQ*pB6gC-i?_XezvqzUKizngzx;wLzavIGPpx_MoH%OIceI1fGew>D
zygW*{v`qbI*DN_vcP-*vV}8XzW8uAq#val=Z?wNjV=IZ%FS*2m#?&k7?x(qmLWedp
zjXgMq#vY0&-zB&1OyCIzmG(fYy-pcRaNekWvQFHcYegj%RcGsU6HoR13e^3MdlFr%
z%tn=vYKI%?em5_E8l(M97<!M3$&KSNF#HKRZm!;;CilXP`60DRpDLv5v}wO}!+rRo
zUc6)CY)9k7`G=I8f?*8Tn(F(5cxf-~qh7M@bU)TGC8?no1z`_a@ISJ?&iZ^QIVdwT
z(M?BohxAl+a}%&NU=<Tyo%Lt?y3{~1TxQkRibF$&P(K2Vdm0G`39@V;U4-KhCVMTj
zcmpM>Lf`#Y(I8o^lPuwjRw+rO<QnBHt2$Hxp`{y;T%L5(d(K^_cThWtgydPhCQI-I
zq=!|&OfEk^JJEeZ!g%VwmU3wg=oxsf@tbv!UT9;Cp@|kfLbF#zkLEt1)j)fJV}<p{
z9iwG77HBgmqJ;^^Hrk9B9zBqfC38Gpe%G<H862K@%MH+R^JGHFB|0?*lmOwt!2is3
z<wx2pD|{4Us;s9iLD>0J*ki41NdEqgR_H$98s$lD;19BT<bJ+Xx4a5G5tqhTQqa_2
zsEBJ0J;nB5^@lr;M!&u!FcsHJveR5Dd&J?pn_OP5@JP;gPd`^IC8n^U->*A=)mLzM
z;iArHN!3C-`y#;vxxiV<kCSLo?vkz!9BCkxGjzJ{{Vf^`_0;(fUzTW;7;vy@yDPyy
zGUoLQGmnI;+d$Ut1MC2!Iq&pL@W_kJ&A+`@g3{7P$F-;*HCgK9ZfId8?O$A~d8~EZ
zW{3=VRIR%-sE~JhxnlSjW?x#?W@!F|na*nd+}S5-AKLNj0P(fvtw$IWJn0?C?C!#_
z11%Y^1`w$U_-#G*wm+5LZ<uZy?QBS}56+ad|IX&;I8t|UCCe%F8SH_ysA)2_lP=*2
zD)sL@@{P(h;W=XZM!?fbL}%=AtjOdE-(uExxczOk0tf({4W~}@bNQNuN&L3Mh}H;t
zd;DQe?UHX6mx-tax^PSZz9rqD-yP4t2DGkMb2>fj5h;O%a`(HzAp5@Sqir_Y18gZZ
z3iPaC7VvUuBJuw9h6_J>c8w`b3>^jGJa&~e!yGjh`db>*Fg7ppwXHV#jg^7=<%<0V
zpqK@IO1)p6NFWc;lGG+!?C@7a^hx?<RR+n?(dHc=)dk8DfbuPwTLGqrc3R5SuPKk>
z)E~u3558<YZWg0&4jeOg0-enG+I0SQ+MEudu1)WXx}SercR)Ks{${RfW_Ti)xJw@Z
zbL_cwCeN2By!?QoQEf!}!zC4s<*plDIU3vAB~MN^Of|fT<gDwRGlKeKj<rTBS;|dq
zs@Jq&Jt~spp69*H3b0+SSIBZ1HrtbqGV@N&s!R4&UEPxj*3ikbj;`*2y1kkoqL&-&
zLd!A@ZI*6iXdTIkYK?@#OGu*FDvv8h!u$EyK9mpC*_ZLqDwV9s0cCn;Ps#R>+xA|J
zuzjZfLh$CVeHH?PC?0n#F(3sUR9|sYJ%?#*bbaYuI&U#PSraWsCh+r~+IV!FM62EY
zzF#oWt1~3gTBlep&bFSw%4ZPTyubWBIHO^K=cT)%J+-~~YK(Uv(|~SV!JCJyKto>&
z^vweySC9Pn*DovPEU(TUN?*T!9iupP_%8XXNrXOzcbL9uSTVC(STUn@KczQ?_l5~t
zZb{Ah`F4sL#`O5)RvpxMBr(wp+10Z#2U}kqb6Y={VDv`$Cp*)>)->>BB!okelB_1#
z`(0G`pKCD6?Qt<I0$F+DSIq@uk7+<yYqf=SN0S>T)%%{9hidx4F&~6bWti>k#N+FJ
zeV$_n#2b6JTo@z&@_CMw@1!#R3z>I(s-0mm&{Eq|-nRK|RoZS=98-QUYA<+0o6&K-
zmhddTF_Ks;SHS#CZC!-{s%?(!S`+NUb%#Zth<F!fY^ZIL5Z{R8r4bxx;v0Ojs9$#d
zP}K~*H)U|KW@WRQdu%X4ApRT3e&q(7UfYu)Q}{cUJO1?8#vK$FxvX}37btbJ3#QYJ
z*0|-Ks4QHMTpQS=mzzATM9F9CgQdg0Wl@ub%kGJG<r-^jev+;4a&e>lH-^4s8ir>}
zXXfi9+c8W&lfu9z{pm}}8?0ruCg`4((Z(4p#*a(NXuJRW*7w)$GX+GPuRkS^-B$E=
zN_!iy|L)MMUl*HQ{EU5Vw1+Bp|8SC5Ju|u4J^pEmmOlmVF{M{bst4$Rc`Kpgy_FbN
zdCyNq@2pi>ZLC%b8~nsTn(6+)I&fJ^m@xIrQK%TT&fS#}f>O(8#Ic@#!hVDG>8hMO
z|Gmy4MOG(moTz4CSKyM<%V^6OV2-rqB8Wqe0=_ODvI?vZSBVr%wU$=n>P{0N_Qfsa
zp+HhDNGRTQB8EDs-RTJh#!o!ro$i1mr*M{H9c3{q;AT2(nsiy-)pq|ShO~jISyw%Y
zL|+kn6rU}RcvY0co5@KazkFkrmqBD&v`6TAi1R9?A5>PxUE^k$sIjO(8;!HPh^&1b
zzv%_tz+i<>UuJkRrRv1-tqh-I^_=pvz4bPejQlI#`jgvE>$O^lX9-6rTdUMB_-A9z
z6yM^xi;?G}3MhN3X2j(3XWUa~zC7h(mfUkHT^7@Q*Kl6nU#J1o92-NVt4h1IxU!@K
zVB+8X*~`6VOxJ=bGdb~^0xGs{$y)~J3#m6J9E7<J$A|4_Ym^E@AF<Yh%po;3*YS|n
zmz50+-BeCFxahs4!<oSc7Vh=3#8d78lP^tdU*xK_kWi`ofFgm@YO)ZpT$+vWKQ(;@
zLDsl$w1-?aA2v@)lq*{T?5<?;JCSJJ6xu973Erj;DH~AnfY$Wn6oP>5u#|A{Q7rH=
z@XmNT3L-Ynm-$z5x``23DKC=L_DHU{FZD8Ff67eu^U|5WCc6550kCN`i4i@*7BaUq
z)3<E(lVF|i;UI*QQ!f%*i8+%zoC@x%-;xMBpoVS9>p$2l15&&A?tARK_m{!h0h$w2
zG3L}+T6mQsk)Ji*aiNlUv!vmrK!}0Fa#mU|x9OopZPxO<7EB-0|A8l_VNM0!h^ILZ
z@^gvj*B5xjlYR}7Y2^rrK)=uIzOaCK-Gbx~zpmleambd!i+Ul#xUpv|aD8~cV?%4?
zN%Ff9!zvD)uv1|_@98khvVM~vc420wPBMtG^}}G3@@u?pi@{1^afAB&A`PDI@@H1h
zAIh|BaEa1<tYI}|`&s|}{WpXyCRv(+V!>VA9B*o2Kg)#eUGpY~Z{^2$rEfKg?-wST
zHcPxx!?NrPapceUoIBi@`PPP`AzEc~B0N*MM_1^kGa%>><zczzn_@UnaaKhhI7rsE
z6w8nEDCXL@O&rXaN%HWUb8(L~p?3mhYwTtPA~hf`+2LMp0>^W>2f3}lLni@A<J)l5
zymnpH^o~8*K)hNK4~>hRX{_;snK2YDN)c|LTHLX%j=IARXd0_7E8Wq#$7gR)hGBs#
zc?NrHyUx<IIQy?05--(SrxglSKy)ik?1dys+0`;J<5BdpaECz}!3RbUCSOvV`^I{N
zUp`wLt8yN&Q#)~15NIeh%o#me**0Gpu?S<4)O=B^fY5PYBUODAp>W?RR~y;Z??~1x
zthsaXLhO!^xwS6$nSb;Bp}{)E8xz?O^2}d1>@%*wYDQdP=<VUrq9HoRN#+<-t?n@w
z#bQ6NfZ<GgklWl#hKg^w()1jb6F$5O`H#taVP42Cnlo?OSo^^aD_BJ`8}3cQVYVmn
zyVxi{)t5D4Wu^l!LyyYUhmN#02OMG!a3gaGqVR6zhSYSy-#7aV4C01@_w3RL?Qt&~
zT|-kv)JUU``cMw?)$&5_vBCP*_dx|MdF+i0s2vqh+Uesr!W?4eL%*kIf7Rdj?syGK
zb9Am`o96m!*vAWGo4mHHxBdCdM~@uR4~<uGYFC@9#ScO?Lni1Y-_hzktWj$yAdcNn
zFdems9xQFO_xEhLk2zs`M&#>bme*@qv&grjH=@h$XFr~!&?Vs<Ln%C+NriHJFpJy8
zZ*$<XF4!}wpNmPz+_)2lLr6sm7Fh$TjH+se0%|*(f+xS)Gr(pN{~)DkD`02$xzWag
zr=4jM=YUP`;uA8sE_;!y-PE+FKlE7F=VYe_+fG~s+rEic)HE2cwA8u2$w*IG8GrM1
zx@=G<cN9fIVfJb*@)zqJ`l;v0vfLYMy2PkuChgc3#vijN(44JskzHoe+_~3k?PgMJ
z=l?oxv|qx-mOpgxa1h>b{%p21=Z0U>GY?9AS8e|!Zj2t+9#80RE`eTayBVHs1jHyF
zY^V-9n?g--R;m?3Ea}cxBCt6I3)b?A9~|rv#8)8V78Vg{DcWsH$HGiXiF%0Io_+^R
zjwL;NA+n(_zgo8cHSN_f2}w44Cau0}*`($}bKqh1i3j!mU#1|o;|GU}Kde3kq2Pk1
znQn=ushn(c&~&F!BGZN}pS948>r*r+J^S#%Y|}Q%{b0DRovrt~;)3j`9mjTyKDW3D
z{tr<DCnAvp({2`IKi%S`0?lt&BA@B5Pwq5&Ko+IB&1Ygmbj)D+r~&(pP<4vo?36Wl
ze}?pGT`!~KAPm{kj&}!NC!;!UwA`8+$?huO@*cjH3l#(6*sI<i)dxOlTUa9HE0hVd
z-2=y*)sJfrexSCRGOwJ3d0xeJ_~+K9YiCVP1DRXqDkQSs6tpxbRfYyD{BlSIwvt=&
zdv4Etr4!PXQc9wC(jPlN_a}&jRa#h)<<C^Q(!b`UUErupYnJt=sc1NXA3pzv#OC_c
zJ)C|<Q~am_me#f^XJJ2Zd^X37^DV;kmAa_m(Az!Qiiz0)#oXhC$hXExg`Ts8>XUYe
z<W~_#BK0@V%z_JG*_!2hB(J_%6ReK)LtVXpJ^%jRlI8CpQZTq|Bo12EW^$F&4O_|#
z;It-vE#dK3a^KU}A03T*%)mNl!;F=%;XB<!)$np7cHsk^;)Sm@kJ{Yyce+KoOABS|
zu3Ly#Ao(`t&!5Ev2)b9bdY!Gt41I%aB#vn1+VAdh4p+I;ly-E7)zb?8J$ioqA_c)D
z6nN-do*G!UA0cM|8GDPc)eSp3djq!*H$#ow^KvoBP=v<$?=zal%)`Sa73pXt!>CE_
zwEEt-)8<c|#&k88(yvNd<~@?pJRjGYV!gNU^Mgw7#KG<^RkjDS$jKAU#2Dwmn-o(C
z<-d+h{=UCwS1}3cHusmx&3B>hbsl>)ZEuY)%qxl1CMPx*emE}1yUQR4*FdSGeTYTq
zk;tBcp{s!q9Fxn>*YxVmJ*y<)g#P!K37rXj0>21V{}aQ$y`SQ0>S7W+fy38o4fRQ!
z1i6aOI{PnTb+#HzEGN&m4X&PVo|-H^9obDyPv|srZX8qo-A|^xB;b46h=fFAn@Saq
z>tKx&NUw*kObV6GcvgRcy872spBd|I_D*p7^;Vj%Jraf_ILA7VWc+r%r$`m!f*<Yd
z+1qe^=CX3ny?E84?s#h%(Po0k^?&oEA*^u7%iLueJs2ozD>dIih1_H{r=46$r^e=K
z{@B#=m|^6bC7;f`H&o?MbPDTh51QE=mp@Ur={D144S6k>Y<`<;ZPDMj;O+7AJD}us
zbkQewo$$gh{o-7aM9Nw4+k1cZ5HpNwvjE{6s+EV_mMN{-Tj_X>C)pBJNJ~ahUuxrX
z(pj^otDTh2taQY0aJC<Qc<>3@`pIyNTs4!tjW=M&rAkI&CSiW8>`x=c7862UBYoM6
zmYDw9WLmLc-<OpOk3(I@R$ft=gAwv~WGJLiG}L})am+8t>%e$;F=Do*&^}zVzDlz7
zIB(p`yJrz!$O7_*NlTh0mHYh@v!IvfBJD;pC7iIThVr1{{&7F6PD?GBv3<k{Mc9$W
z2KA1+&h3R**QP~8xoTH`#u*<nmS?YmQqt2!K6Y2`l+W(55C3vECC_r=q0`(6x7Q3;
zU)Kte0$0&7CbUgMj%IR~+AZ`?_i_vI7skf$n>#a+76SRW{B0D7^k{xLs0PF&I?nu!
zKt8gy^82jG%$%X_;I;CUIx9)lS3>4t-X?=?`nm{%Dz@MMKF5<3<>V&l{p+!Wt5ur&
zrrN$2`JYYPcfbAMw*LCKdHlBIc0yW6jf~&>)ui8TiO&`=6-YKsYFi)FJc<}0=XADn
zZ_vUP5(F9d-`@Z}DNO1UcI~a*4VXW-?r;SU`Q{k=Z16_GuLC!*crgBj_=2%P;#@%8
z*<E9fw>3QAL_C!+H&*(m0kn##K(!h4qX8AzVrO#EA>Zg+(siw}Cii#aJF-aX6HcwO
z>*~#wgR!a?-&eilNT&4W68?BGd`tzp%^;qXq5D6;o|8UhO0QdV33Utg`PaMJ-`icF
z%5}@=fC|^#a<ZmTiFA|alDb*{_ur#PAVW<udAaK6s3ojg5Zss=o2B{Vtv<!<Cf^L=
zD>}ePe{N=|`#u0=Kp+yk{`R+hE{oYswaGbV)}mF`)@t@`t$;lE5{d?u^vB1$VL2E;
zk#}Bq?VTHBG%6l?#-WVS!`~zPr>HCaE@BnKJ~IxLgFCj*E+cxP7lfH$li>WP4dAJA
z%E)B{#GtmvMr_3_X8NK<vfSeU=XcKCe_E8Y@kwPG2_{174%pPCPxNnNCYdrirL1QB
zu3b{3!Z2lSZ0;x4__OmLSo6E}<Kg!|3UCf}?)uZ^SO`cJ8VP0^Cvc)m(tWv1FyQ&O
zC4}65-=HZ*fuHd`P)n7Tc{Q7E*zOZI$?iT3aDMCD`KQZe6O_h_d2aWcjJ|o(5Eh}D
zJSyZDCzKOgZD#mXEk(7a$8lHZK&D23_Nfbz-^M;rMaorQxEWwz2_S8G8Geor{k`d?
zBw<2Us(gaE6o~~>4kjE|ye;?+tM!eK@Eka!yegrz{LRJkUpLb4PATB0d-Siue$}2*
z-1wve#ND8dfVkUhnQHbAXTaal9Q565=kI@dI=Sn2I|3-i0_zU!Sz6a0@#1-0<G)c0
zRsT;|@YDOZ<O}>v=;7_A&#w{hFO{}d$!0f#nIM`V{iiXe^HJ)@mD*be8=gj`Rs$J~
zo;6$ww;F|;t4vjYd%<TZ>3F2BjmUKA1Il5WgJ|>hbH0*GsH>>(-}kyyU^LUSehjYR
zmHjcUh4_J@g7id>urk2eP2m0Gy?&PZfm548v<fjAB2lVu9cG3{wLWuA{QXkhavM>u
zCGxS5zOxIayu0S+UMqMS<pUGW@4`NI)8!V@1cy-s4>o}5=}lYTWxJt3x|SMvuw=W%
z+q3>MB1L?}dU|^byVgJXG8^WEzV64mlio(mggfP<*nU9P=K)|O)0uB?iWfhJwt|8U
znkNqk#o7QqOAG53&~;fKt1_?w_I{6blw6w(q-{+BZnFi_j1PgGlS#C;IZIX{+MBBs
z_{N$i`|bxV*uRaV`udsWSQ{w-pvNc=;Lp=*O9KU>hV)rDwKG7PXj~BY%ksZ2{kkzC
zYo(xohQ9tnWjIuk7f#loNJnQFcAP?5Z9@;$GRl8h9u5MLj5igdF3^+3v<MYS-ARrK
z;GDCSDS5`SUO5|Hc`)HU8*fwaX1e)Rn~qIB8M>y@#xj9{U!v>an{3t0R@U4+610h1
zg75xF@!Utb);w5`&ZY?Nfz~;Ac!jgVYNK_59L3JFBcPFc3zxhQgGe6u8Z;cvgcbu`
zaHbU~k&-9kS)EJ-k|aXg?RRDYa2H1FHf&tIq_8JD;LF<onfqjj7_}Khz)87MPy=eN
z0UahN%O(;IgoV31K&3YpJMKRI>t-Mgllrc<d3z9Srdy+kS0-KGmR~KhQ>lyge!-+g
zy2_(uKiQRH2?8^!N;G0<8cZng+8=l?vQUZxb=qw8N<k=)7q&1#ZF`@4^IIZP)EvKG
z0Xl9fkQR2vPeOtAxw0a?F0h>+`4)jqu5}B@C~JIR10q04=obp)rCdPvTX?u)c%id$
z8YV3L?`P^CUNK)Z-#-B=XS@&_1FQ5Xlb2)~kD-Y?W>3YozTMaYnZt~ZWim}YZV8Yb
zq!e;6dPgJ7L+5umO(|fj6)#Jv_}=!{b2dc_`)NiHMPoU{JlqXLUpUQ%>>5fZ16MJj
zyCah1OVuj8wpB|4Bg6v{FLZ%Do^&4YY$^u&=?vo+G5T&Jd|hh~2slVX*-IYh<kSHf
zb@0>y$U7;Kl~oy2FpLPJ5<WdJ9<2CABKHuqMbM?KFu{q}AQ3N-S_>Z6al#YTVx5~G
zouh4EH6OhQ43kfRqnFYo-i(&rx7XJlN6ccdrEz&ldDOoFY~4%;=PXru`Xu?{lo?bV
z;O#DId*KGu%*O1nE}j96O#?v1u%cF*s0UTx9FLbW+d!*a2d02}UBK>^8!oo<CFKMt
zbKe3#zx2k4WyDx3F+xq;zVwG|lUEjb`XtDSTNL>nj{y{z63~kifKl)k$j{@PeOCU^
zwT-rZ-8S|x4rw;OYfQCbGK@mI*%kmV>F3=xK_-JQ{R<81X7Vd0-u5Yqau|RTKBcRm
zW@=)zKfsk{fbGHKm4!+dP@oF?(~AT31D2tnmq1^Aq{gpM8DZ~6gRXf}%5nT%*kL8V
zB7+(u)?jjw80BC`Uk~haU7Q;M;~;4w!#XZ!6HEv$AR`NR2`AZhsx1H=;=(R;a8m+$
zW|HO911I3DyjAVC79VZuDL-i7y=Dm<`_>nH@_!i=O8vks<%~}v9sV#tF~&%~I#$zI
zm6)GS;K1piIBZRE>$M(umf4SToNpRV=ebz4PJu#y7F_?yG`Wosa3P!pIJr_21q1z#
z_-5l}t9i6{6IdPuaVfK%&{8bbGS(Yt<3rN9jGJud(ue3Qc&5W9kiWhLQ-Fh`)7i>%
zpEH#OgRv0S=yZOBiU3}MnT;PL%)`u*fzn<?l1&JCC8`s2qVr~#Mu_gh%_`tKY;$@z
z8)20QD*8I(V>kz|+9K5(U`jx-`4HbRM#nmv^dm{UD)&>edtnYAh+`05V1<=ymb9;&
z4q@psKY7v3H~8`l<m1S&R)wxVByr$<E+DZBC59630At*+w+wrICBT+Tb+xolaSKe*
z)@WV3xFoYvl;nl*%UGI<oRdiHqI+!+P#BabL}-1o!C%BJFZg}@UN2WjJd>VzyKPQA
zu#W969XB~Ax_<#CJM?(G!hVu;u0%3n7G&?OM=g?syNf1r3#zT>3+{arB*!{W7*aE`
zVDO!num3rcg^s6FUSmDAe!b8IF)BQp{iq3b$L-JK^0PO<=)u-C#(eSq#RpA8Uso}(
zL`4}hsMo65^zik`XMc=DO<w~Q6Z0cGG*}(+?q<J#{#X}Nk_v+vzLic=QZCyrJI}T9
z9TLh>uH_Z+c3AR!D}p5fX%2;`OyWMq^Tmr59CzuvS&;R`A9!F#aOzionTqrU>7{4(
zU>SHaQ27D|yyM*MhOB)Q_M8Q<c$=69+OeiV3Ajg2dZuCgDn@=lN1BeWpA#}N2sRr^
zYWrG8r@u<mucu4^H&Uxf4|}jJX6wWS#7ZQ)4r*sVh_N=x@hxU9eO{jyF2bsA>b^3_
zK@NOzNk8+hIzUby1}LTT7)yk`k1_gmE7A06vk74DC=HA!uw6Co@>J;x3rMn%^9Q|?
zO_K1`l1hD0Ey9`i{$S;Y0Bakn`@$&tqy+n`lU<%xzh4^*f+*T0#s}Z|?G$L{W$fp^
z!4kp|qOg65Cm+wpqMkzs3_G&le#+6slxBUZ1Qy_3pI%!JqX$px>3lYu!0yG>ThydB
zZ;o+G_xYjj1No3E1^L{&P6N{sHaa21k;X1~5jU6P-s-Z-Ta+rtJ@I(-_`3uI<n*$w
zqY(D8R18Lg9_IJ%+q#AoMHxjq#DrkLUz~y2#%56{LVAzEN8knTKu@V{mNiJ>Dm!*a
z6zhjG4%9!Q^L!q!f%MOkpZ73_XPEi1W{qT`h5Algc~o(T20%o~KCW^yxnAFH_t2;T
zWTuML0uvHrUM#9HD<z3lm7reC@r69km^rrhKhedn6@Ih<a$H72kl!3=T3DZb#Ndjh
z-jztvQdrZx0ix4>!uSsToO_;}>|sU`sb1OVbK*f_RB#7Iz4_2-A3Rx4I+pv|c4eG!
zwe;o4)CfFo=U~N&P6#`^sOcpiD~I5)QE<oF&Z_>gP+FLu@`qDkjGVC<9uQ+a2lhfw
zSxs$(6V|I2eN|z}*?;v=saNs#dSr0JC)0bQ@n`aGSC+e$*^P@pl5+<0uKR4WKTnd@
z&4J9de^{b1)3VzC;E>2riC5}5!K2=zcKgO+Nnrv3pWlLK+Y98FTH^-JwCBK1g_{0q
z#V<qoPSU$00ToDgg4O_onzF968G`}V#$psr5gDgc*<G@@5ngpqKepz}H~P2rRK9ZO
z$P|J#i_|CVCNC4As1L9p{t`x9&GU|H2arG56@{i>0Dnb6m3y-MTv3f^**!kOW5Fgh
zEJvLxDql^fmog*neK><V-t!&)^6$>3&JDO*C9?C}(!@7{w)1pDyv?B_&KjQG=W2we
zuz8E!6Ip6VWKym-aJNZs+)RB%_cW@x)^Jk5Wf4J|1C!+2Pn31#;+T}+mKP{cd$i+Y
z5;E7Cn3^kBhBo#;oVnS8)h++V|36*;<ye(!N;h7p3fG}?ofeckr_V#O7H-y3UcX}B
zaJG-$rdt}$_X>r8heKc3)vJAfh&Z-y*4{L~Fu-ZCnUo-IZd1}_j8Qo7?j&6tG+v(?
zMlLf+1#~()+zj_bLMjvpRJG-%zCUZIH5X|fAQ|qZ+>SPmwYqv)-l2NL9GY%qJ0GQa
z4U?B@dJ3>AuS0E1o_GziFx-Y`a(v-l<%KJW13G4JIamoMNrm7b7-R7;^FA6S;Ho9|
znHLDE%Tqq9ne;np0YOO;t2^E)ZZ0}G&qolrVwIT~{a|XfDsQA@@2Cd`ab&#3?D5yL
zF<@%j3-efk8AOkRGU=-P+u$`O9DDsLMfZM|Mo)!OSM&Q;G4JU2(A1Rd(S<4)n!)E=
zGx)sIxf#=t&lX*^K+RZ@k&|p*4P_oxDRwy?#dKqFTZZ3Wqj;>)ut5tP6@on}uR!O2
z12+MrDfjKPa3;Akj?D_vMtb8d^~AY&Kn}zpv*KzXZHxq`#$r-K4$N$I>0;kxbE=6&
z>uge#_x$a%h_~vjE+EFC8xRkTo`&GH;}YfyM4M_&+CD~&Enzi^okTX~7lfro;tk;%
zjR;Je0S_HjS2O(~_3_g@N$T6e-t`axdN`eVGCr-Wh;G6AjXdaE-H`M2pz2hrm2`aY
z*f3NV$r#DIK5Hbim<Kt>j_Jg3J_CHZdOwPq0*vIRu00Uep_>!&JHI*9OJ(Cl`ZN+8
zniZ~-(O=_A?0~6=K6#tn5bCNcvA^!_$?cl`<hVCsTI<uQQIG68pg!!Lj)NeLiI5^u
z{RXOQrjvx!vd200sX-5Okei)l3XgB<1^q-d7Ry@6FK2ZeL4RFW0dCWkU6GXAQ{!p4
z-sUk>Isv8-n-NU4EzY7wOh+I@R=Y+vUUD#8XJd=e!xA$88@w7pf~E7Yu|^7IX1a$h
z5P=FA8z%{WbMh?sQd{ibKPuJ`!}XhW6`WTZcQNxb{d4&yZz5J2Ede0fyINaUpdMh_
z$^DxP|0^fagUP`(l~|@fL^<qS=p+%%;Wa5-PGkD}3kG1$vm;C}4X({l5v<XPo9k94
zL|BB5xrei~4gLwGs3IuM3Wy0FX@H;4`^oE$oqK~92G>_VMJN6Va?GElv|!iDbyeB1
z3vR^owojY1Ff|s>#g6{|YoyO^eFop7=|2}I+8r(@#)vQ@5PrWN@~htcI|7yp#w~3R
za4!fKH$6)d6~ukdW+j0U&d}ETher#*Z1^|66#bgpY<W&-KAX^V?nScB%zD|O?{cqS
zxR7~1&SwB~a`+h%j5IX`<52KGcYaD``3F9TeBB5_ECFe8Nb%Cmrl|mflWz(eNj%c`
zIQwfcX+)dHts<J<oqtrSA@^7LE$(7z7kEs1P}a^654&74bBcUeSRiL6d0h7pOURr?
z^iTbbFVBYfeA&Rw)o9~##<;0Js~1Lu_7D2oqFKK@G@$>1kjLbZn9{H8d|PZC5e9uT
z)IA7>WeYd#54bgYNP{n$#he_7+#4;k5<HtYQB=lrcqgRsC#;7w%OHgva{}NL>ep%3
zwd(>l$iptRy*4%bbr|=rb_-m_?zlZ=HZ=5a)O3LD&<;l6U@Ij1=Sym**kT&s3ar){
zc9SStX<$Ssz_x1~f0t8}3M9F1seAj(_PyP|fzzo&yDkgD5(&-Tdzd?Jt2b$=|JW&W
z6nAq2DBg}oi%K@UR{ceC`@b3Gz}sYZa~a}8cPWQCetU0!pCWEyT%HJuP52$j;a`)_
z(hq!cLGsG}Z^z%?Q~B=W#(;`jOcuW%s_2i#8-h<BMFfifvjqHdrsI>`o8ox=J?@tu
z_|HEA7bxycLC#H$i2n1J|F+Hl?_FRJ)>RJz6DOuWx6={!RS)O|<?!V{fAs$~>Hlj|
zQcG=20La*&P20IaB_k?#+x{%&t!}}|xx~!Ymz_SCZg*tg-DRzLbA!2cbGmsJfPZW|
zX|wD9O%O(YyfnmV=)0#5j+ohz)eyt~W9A3Sl7UffG{IGWc$-|`<wqrO*6fS-2WXcT
zK)-?;nJdor3jM=CjRTQ7nfCHQ9h;UW9Qp)NxdfNqCyt<^K*qtKzWewgu;0jxOFC%=
zM*}LGyy8~A>26y0vFmaiWoll@R&0f}POIS1w*_qTzsN+0EN68{%oXG=JF$0C1g7Md
zV&l@H18OZ$CBqaLH-@4SJ)l2Hu<C&VpE^kafE8!~s4{5B4u}iF+vvR6*ABsn|2n#Q
z3IJ?)&&B{0vdg=%6+e#-+^#%2-tALT^{4h~0cA*@+SaU<b305mPPs1v(NVz=)1j{<
zkkiZnd^GHS@Rb%2m}?w)I|B_?8?d!BEZl>)e@%N75e{xv3|$?q6(9;R=lY)DY0aOj
zbEf@w6O;Oc2h^*!MNL<JfH=EjWtM5>VIcKP{4!_;R)_WD?!ic8j-isi&i^hLRH|UH
z3UsvxcQx#HvNj8lpeHs-rs2Z9F994bp;MKPcZ2C0FpQ(6hLkFMZ2)Lm;XeEHNc)F7
zY^Y9OZrA1hsazm&+XICuS^<o96Acvb!A_@%{9mKvRp0BJKvt4bVt+IkSEE<%6G11Q
zp<N*v8GWhEyRdHmDGGNI&q`AlQdT(?L@)!IOHOnLBn7^qVH7|@HKhS4%hrbfg(%R2
zP~gzIJo5px)+o`0#897P0BHtOle>*tW!{n(L*wTANc+Nsih3?4r6d}Q1V`C-w4&wp
zx$)+ng9jB2XB_88aQ`dQHmIIN)nV~&dDqkF3GWSsro%uSI!aJy!ei6>TLYeU=U7QH
z^@%952IvaXKw0=ELRuQ;@Oc3GQ2?QonW_E6-hapQ-FwoQr?gP-H79UenNZcEiT6WP
zy!}<y<khPsof$Rch34f~Jabtp25!;1G5#+=kGKm65@z{k)hZzpj8jzrBR54Qx?f{u
zh|w~6qc+ffg0zJxeDnnVpeAu<(Qm-`<2{q7tOfXJ8ya}cp+5jda3Xlu=){DM4>st5
z%bMO8IIHn%h>)z4m|Pzo=}?;b{&w>M4fuh?1habX?V|5Y&~N0rwjXj7E&$e-dCy_2
z(vf8|-5OdB(400fC7_s11^P7^2Tm8fK&#aP21Lw+$++4TbfMg(1T+R8oTHKR$fC3u
z^3@c`pk!sl$kx@$RE5VtB4ilU66rl^Xulo$%?$~mK&M1DF^JVm)i?}+oQ@j|@(lIO
z9lM&f=$z5)%FKLNk4ScJ)R5ZM8>fC?!f|)9!@d+j-v*9Sxm8KuDy&}4;ReidP0oGb
ze3&VP_6}Ui2w!E20Nu{)d+Xb#^R7QY6%?cP(e*1<L5{-e$flr*X`KCQ1Ir7T$Ma52
zyOa)s2c97%Y51ZxV=iCo;Q%dM%3m%=yQ$(topzl7xly`nUeQ;4D{-F`+4%$D3z`t^
z4-!o#f!O4a?@&BPZr1!yz`b`pYkl<P%2nC%X?trb{~ONI%K#Xp03>IE0t<mLhh~>P
zzUh1F4SBDiT2+eE_TIA8Gu0>ks!9s}D0<*>v?LPHU{!_T0y-<Nwp{q)bf>RO{EiVv
zDdNG_LBoZ(ejAz!zeM$X5s_+DN>@;L1U*3~90b*Qxb9$cTa);Ua)EhL3~=X6YFq7)
z>n|!9B3r|z-i^wX@eExXd)~=UfLt7}arXfz^cGlA(v_QlS?z9V(ip_iS$Ig;XD~p?
zZZ>`)QdRMZ!ReXeg(nuERqhqKD13GE=x$f=Noovh@Ud&!>p~~BfKtb&`hEgb`eq_7
zy&bUxz~xOq(T6R-C%>cb?6}sb@a5h4w~{fjcgzgpLykUM=PeY52{{S6W!7Y97z?cl
zZR)Nad(qKuYWvDY&h~sK`QnS8ec6D<lFm9<Fcc%8o?9&xeS3^UOh7E^A`(({vTE}`
z!AQrGM*N8@VxvF^_OKdp=ixZecd)XVRTX^^5u`qkLWC^wedWT81cgU<>tb}*G%bg4
zU8|&SfAa)86dRX^_Bn6~enL@*1;J|58#BM}T)$`0={Vg<K@nEoOAZL>M7`IZH*rWh
zICjIaLa%ZuTDFH>(yO!x3y5hfU&gsIvOBhc73Aa5=rEy{<BZYsij{ZN0F>?Hs}*jb
zuL`qPV;wvq4uIaFBuR9Ln)*n@gsyNbv|7~M3rD9skBOP7c?fYZO+wh=A@Sz1E`AY*
z&tAHLiZB_I*<isD@~!-;zx|Rg#4BSaQ3^`U1^!FKR?-S<Uc5uE^SmL~r@gsWO%ZLJ
zycE01ORqBBj`P$f_N$FV?PoK36SI~4B~f~ltw5ClS(yz0$5Ze_phrg)LFX6qT>ek!
zb83NSV$%?SROx~1sFMz(osWn5xIm6wA1I~sPr!RuEv4FqBIw}*O*_s+AxD#AQQ!9W
z43401NIFyn4<An&Ppaw-$bH$%r`b62-ZlPfnu+0FA1-y(l^OnN2LGMy;lDy8ndbfi
zR#-vzqHPF+H0W9$%rdFc1%5ro<zFHidN$_Kp^(|t$&WEa1K!Rm<9cXoqEVMiPaBSC
z0s=gN>#x!s0>|-(k}$|U5+cDgp2S;+z$`e<PWN5yw^<i0L%Ug>cZewEm&5cys+cAP
zmn)4Urvz&Zw1J$bZ*o^p_xj_VL^#*5QuyT|fyzm+K`z0r*on=Lz6pqh3*ed-f8NTX
zik@~Rq<hlhN-B8Mw7rbB?ZpA8NY_;ATfmGPT-9oHQF&!XC&JZ9?~o?wUYyO1^6wTm
zcA+a;vYsXXbKrZ{gL$Qv&|^3I8>kcNT}?S>@``|zQx*thV?(UxZ*vpWRZ2&<(tcC>
zsyra-bGYd;{k26cH7t~o(+$^}ayf2Ul69k`wS|4)tJ;AIS^K_orp1o>SrSKEiI3xT
zOEySgUP-Czik1HwEIF=+f}+#MEG*P6<QlUS#}~8C?L;D6^IgwEwJMcBAg!nhBeK;(
zC7<tR_A9M(!h4iLLKiO6Nr+9i;;+kQZZ+Z4V<8S3Zyzw>1gSpI?D1UR&D3`tP`64v
z_1pHAZ`64_>mDciU0ZTxHkd$Sb*jgOs^QfsQcC?E2Aj0bj%e-7Teb{q?QrZ1fzA6j
z{CpliWZVV;OVavhl=NRzf=2i9%Ug?c?X)Z>W^*$j7Ax}^*I7vxxtbMtC8Kb6-^@x$
z9tvjqp6rj@_S5`lusutez~tAjap>bS9E<Jf{`9V^dGbuVjK$yIA`F^xGyiVQKGXB`
z_{e)7s2O0b-fHJ6(;eNTSQ%quPqReOInEUfyXwD+x~Vp9=%`qAhNYd-Dw*9I>d~GR
z2|2%h?xe~gn4$9FDK$tA>u~w+@Fqebc*c10Fkj{|MzMur9=?L3T)R*|r?vNC$Dhpe
z4v7TKOX%qOTtI=>FE*iFA<(B)4AG78)CNnUX=K;yNxt$(O6XlS4q!-j2H-LS_SB2v
zvHngAO0{Rs;;zkvf?pJPFVG`(!R#9k-OFY_2N;KXzaD{cS2t>euu@NuyM#1fDOuwF
z)H|-UM~;^r-Duy^wiN(NWR`o(l>ZBGfq~V>BtFls4EME&&9c3#%IShDRe8c!V>#l|
zr_k3z1)pGiKl3$2_LA(~79M$B+u{~hHh+R868GYgtDQSCmfyxpw6mIJn3^lMTd*0Y
zRo%9t?9Zw?i*4-&Eb8YIG-@%maXZH6v}eVpYfURBR_*M*wvRoFCa{orJf*lcN(CkZ
zM)L!*=8ulA#HVjfT6}SQB_t@miGf9bg_vh25lVV^>o0<g+ybakED@el@=bX}XBhEm
zl9PoP{S@MGGsJbf>8do(&NO})k$)vDp`KS>mm%z4)a0Y%*7q$h(twQIq569;k*(!O
zQG3-&Gn9y>q*cs^vbi|*IEKg&*W;)tm`J)(G+B!OMDQ=&g6fS^x}7G?fmR$2HBA&!
zpmT0NX6QwAtOMs(Di!>^=fQ5y|Hs~2$3?lVZ{vbs5H=zLf?GvN5g59Zjclc3Kw=1y
z9=bae+$yD%%#b2A3=K1Mh%`eF-6=VA$Ghh26Q1)u>hJgG`+2|r_(7O?Vm<eBueGlG
zy02?+#pJu0!uW4#>?qFUD<i2Q%G&HzFkhC)4iaJEk2dPP*+06|-&XAH&TEZ1mvw(f
z1nJ2A;rzo}Ne&mSwm?ll+j6f}KKNi*Pt_2%@uqGoV~~Gv+}bN;9n1fakEZ+pCx2_|
z^Ml_m1}y}kf|hcY;Y|5+J2{?N?{+3ie8w})bS#ueaC>PdQj~Y)Z1#<6b9#r`qsj3@
zIdQw(Ougqhnu9WQvL6KU3DmAdlL%yAs<X2<?dhYf_@=lFGz57?0-*bGnnnu^6|)s>
z3-Dcd$>{e9TEO=>nPM6<OI=n;RygE{picifU)-LEiW1SKTYl5@i0jj}w-I$0GIc^%
z1KZKciS=$STMCvz?>LuN?x1hVrP%s5_<sXEcYMPWI)S!{O|`L^2V^dF95tN46gPQJ
z^d|Sz!OgT=Q&W#(MAC&!ig#wMY+LF46u7F2O-=q-MFpMLy7ncS5^iNW*6L(+JHhs@
z*iB3R7aAB21J3GOOgC0YPF7M<6}P;;&~LF^)K;GBGb_7Vc2|6C>?Dn!i8xu}u}4Rd
zdyI+r>V8A$3$+Xr=SKUNC#Bx68j$Zdy{0=@woMgw4loHie<v+qHh@|jKGy2tm2GZu
zz_q^L3?rybb?&qWWDm`*sKd_he;MAOlES@~_b7UFhnwlzYOH5M<<RX%XWAarphD{&
zq=;!=G|z@z6zmcVpjvIY;6zprCPmjdN&^UWh(DX3`*nfz6~Z~^%`TbmAu4KCrOg5V
z$|qpaw)d)%aMtH6mvzZpii7Iy-r|GdSTVa~F3)j-C7Z#ndsNc^@Qe_GR;+Ccwxvy%
zAPwH0b<3|CJt_`bICX@Xxp>!~f3Hd0HnVDrF8Jd@;t+E|iQ}}@JEe#PrmTp(r$&+E
zkCn45cHjxX8+h*eoeY=h>whLDy9RR#bmbif^4HB?P$SJ}cz8b^X0!BFsYCRB)RLW8
zt)0%KEp;vAs-7q+z~ZLg=%Sndf+#AfSbZwMfYc!CxCk==A>fm3hx4>+8)RRV>bz5u
z{=QI^5CgCt`mt~JzK;^VuDjXM(>?=Q-H*Vc>g)J#5jWqtjGPa8SB%2@QVD&nWov6p
zA1F#|%1pb(H$%!w=^P#Zu6=R0k}CbFQiT5tGMgcTW@*iyRzMEA#%HRuWk}&$bgvo4
zg>3L=BnivpBj35;XNZ$OBTD&((#lWDPbcoIY;(Z%TM5%ORM(kathC$_S4-y_Guq(_
z*q#`gI+*BJ80wb1g`TEUgVMKIPP3efn{Il2NoR-Gfv3jBC|gs*2`k)u*~_@iZCdKh
ztzg051ij~&n0Raw6}fS=HOL1#*PIi1gQj<w|2%ID8n{ck8QG%Gy6&F1YoV63b^!Cj
z?ubp)T=il~Ye>y5gl2R)lNzEv(IGqm4QFmU?x?#vt!nn<l>nI}wy5(edE&M$XP^%z
zAeG)!5L{@NKVRg{f>cGd#fc{;6rZ)cmf6MN_WHSMUf5^Z!1GLac~wq~b1^ZjT7ORi
z^bNR@HaFmJ(qvq-Ye)TsIzfkEmsyo2IuzbSo#tpp7J&}a4|80_3Wl%{_kLZYl?RM1
zqQz2t8n9y@l9MW?jq8TR>6p;ETjAFZ|D0{ITdGy6({aZ4*kNmfO7O5!-nH|+(xN3S
z`(-|sHj{S+K3|%DUPoO5k6$=xbz&Mp;w~OGHt-(#l5Qrt!mjInyao4t1FjlHUbkyj
zEp52uz*k>`Fs~}qmhI%FH+k3X7K`3Qg~qwMPAR~yKZGnyUylSUC(QRHx^QAmP9n?V
zzC63h&25<PZx@)mCnt&$uhV{gg?yEyQ>D>+%_{ocCfqb<e#R_odq>}ot$%UZY5Cb~
zz#9*PTTB}loYbAye|Ow}81caO9+Ssd)#>ZIJ@KXI0^ZbpJg;8VRUY~{r`g7&Uz{dS
z4mOi0v3S}ORl<a~MA9qotg!4$-gEwg4<q}mb-i#6dbc;(yY)LRxTGW4hc}O|>6EH%
zV<EkeSKbH1x>0rVkwf9~_hhHpyld96c0GMuiCh8}>WBM6$h+Gj-p#yv%kurjT^4Tg
z7r<(ycreRsWbyD3wifqoQDZqMzh4;T)wXoH*>)*Z>}tT0EiTkO^NZ+Edy{*=N561C
z%R@NcLcXWby?CK9vT-|>J8JVHg@%~IZlpcpyIo@~ms0#<s+ERhEtkPD;J7f8d=W;~
zt`{!4%I|`KGNWoF8obsI(A1n$z0(qEyesZta3&j2XV{3OIlt1D*S~8{*1Q_HUh~DM
zCJxVUEhRTAbv?i{J6+k+9S~3Od_shMBHS^(fvTysml1E<pHcAm0$ct{%<qPP!ji62
zNBbT2z!wfcIB2{tveb$VzA$*^b;c<)9Lp6V@cdN_of+8|C>A#8MlpP~_YeP9rSSV$
zCXOij0d=g{OrvMFyj46MF0Dkp!4c}%Y(#)M$K;v)+X8Qh3_Zq)y|sK4`B~C)dE#Cp
zBUeI~=%_i^(h^}Q2La~_>5oyR6RrW_ncO6(+dB#A^RI=->ZzJ>HXTqx!+kieHTgSG
zYn@Wbx5=jZKwcYWWV62Ae&YoxktQnqxc}Ru{{4SDbvOBZ*x|Ek?RlBeBX*?}QnEmQ
z@yjLcyG`MF1H)N!#noyju4s`fExq+r{TBoV;y8h{Fsp`@_93=8kJ2&yGnXv0^S>~%
z1P*eP_l~iqN>SH$L-^k-Uy`<z*H*4>ujV@c`lHD{B-VHQ@BbRkpSTKY1k00#gkOL3
zDX3;VrO^BD7x%9*^&ze0)UVPWs;?jUZg2C?y4}BjJp$}_BCh;|v-OX~{abB-Bo>8)
zl>e$)MMBO7<|1}hkHqgU>A#NH6)YGfTP7y=)L(v7jpEvhy2{R@e?8eB{B+L>jM9X-
z_?Ck2<BK~$AZQZc$!`Ix7}B%{OD9d{;I<kP^p<$Kdt$)(y9MU=qYt{uuB~8JPA)F9
zhO%=%|N3VikSQ<(M3EqB{yt_Pkw8l%ZZ30ddU*mMrXB#uy0e=xz_`65RWZJ-c^C-V
z<aVpb)&g)^dAAV9KPZQ7AtJ~C>#TPm^lsFF6$Tynrk;G*!oktkH<t~^s(d4wJpp|%
zcXtM<xLyc$_8JP=%j7o?fb&vYpJ`H1ryX#=R+@$bZ3GQ?*=k)b&@ic^Gl{vVnyMh*
zMI=!70aUIF13uMG^yuu`2X?;l^|9hhdCgp_z*-!d#Xd?oGwG3@Wy=B7UP9+tpcT#l
zM^Uur3S^QHKRVj3tOqmGbAW8TyBp{7$!=tbHioiT7m#F}u9&+3%avMA?9hkO5*Kh6
z&w<R)TQDftwX$(%eL#QBIM^i`NfAlZ#0}HlR&V7IL>*KD0A-OrMKem`-=psPXlNfI
zwM3Slw9*5mwZ}deYyfQh7FZiGdji5-?IeKkf`H+!$P74a9{@n<Ki>i<y*DwXn$bII
z8eCQB!L%?Pt-LM*wDh&sx{8azJ;^jBhaL+DfcdDRe*~<vK2x;AM}P|xcUIBF+r|1K
zA{g73V-O*svHcvFEfEU^U%^`EGSClkym037Q-zP*H(N#5TO1aF)iML{-*iWq5Gw_h
zhfCJgcEEr&7~oDq#F~L1ppZ`x>7)kSRz#Q*5i+T!x(}c)m7FIM?wj+FVfe-@;BN<l
zC*oaVR<^p<d_PtEA}OKr_$Xps2kh4$bjk770y^n6BGHCI6^t0(bkJ$wnB5IT!^;b$
zz{%E3Gje>V8=qrWbA0?9FgOB<!26*CpkaLlc-d88NT$CRy=k9+B2g%y;HFf-=NxCE
zv<9)RQ9kSaePI9NUH<ELrdA~EF39~eMV{n{KgJsG#>>$JzA965R-tnPsGSUO0h`<>
zRE7YNF)sfyH4Y+Mp2$p2rBM1(4b&Y({Plp2gv&f<_2fkvhW98YV0eaCJAAr%tGNtB
zF>Bdv?vxLkptK<W@CFpCCZodoB<ay6;Jt=`26A@j;1MX}%y}M332JIPnohUS+^-8}
zL_TUJvdK5Y##8NUs)k%G+&zI6ZK@;$8S=K5RW;=+u{!cdk?rM!Bs<LC+}}8Izh1Hh
zl4q&RyhsHlA)xp1IU7*WSZ#<EgZxIk*WKTZ202RGA5qqlQgU1XY$;2kph<44@WNN{
zh%W;ZgODZ6AXgl4sA3L>f%nL;Lz*_ICsRAsHO(zK7e{21&Osh>i|>*yX&Oi0QGaIO
zf8|E1zul44pSab;FA%J4*_jYC;1?`EO9ibfw(QX~2?A9rh|Q-<rQo-73^y;Zq@@5g
zD>fk7b_LXW6zY9fq7I`k)(lzpZtVe5_tV+il}ws7F{AH+#G8<NGvWK!<KOc(Uuji=
zkt%M4Q3U)x=#JzxS5N}Pf=mO1m)G8V)F2T&C*t_bWS_M*a%#@WLct>i;%lZ9c0}x1
zP3-AMH;~AZXLpEZZVw%A*DM3W-*>FsDTr|Mu3@J^PWk<MiKF*3cN+|0YGES)oiL*Z
z0QkEw1!2|&b*<9|#*RTpv2OF}5n+8S5uabhkcAN?$50+Pzo{lVN{@%k@;fnwpsC`1
z`R9p9n+P_w0iuS2wpH;oA59k7`@Rkr7|c-OtWW-Y_x#Lw`H<)5^JFWpu#0zTdNn5@
z<APmji^&)NP>q$}QAnZ?v><jMp!1s8SYO~qGWKG9A`e{v$DEB_H{TUlkaarPOIk5~
ztaFvVAfGfJl?|Ap9H2TBGcqahs<ePuNZfoguNmC0V~?XDYS|#R0N$ROgJ?4JbGKqC
z0=)o!=F?~z^N%>ahHcQF!A;$-<EV@NnU+Hsn6e%)Qty9~yhWkp`XuAJsBxPaj$a;s
zXZ$w;u?oOS<pHXDs?a;tH=zi%;!EgDqC8)@f|!F7;iV39A0mzJ83nMhc-)RLWF$7Z
zP*BswMa^cb)IJfEo7~OC4m)YP;p{yuP~6ES_MkNMWPLTBW2ZTe@KnEn*M&aGGOv*(
zV(?abia8K_2(%dBAK(7`B<wkWxX@;iW+U}uL@d|$o9k>Wty-1(>=)a{>k*Zrvyldg
z_8H2+O*@KI|IxufKv8QCbW@}rc_MOlZB2A==y4y+G)eg5{4lUy;};8w(ifzBeRd%o
zF@5Uf^|r}7YHe%*3+B&E<97}l99tr5klCn8fqsX|?@DF=9;o-)yGij;A0dwShd{e3
zU&#rn(_MKcp=*eh2sTBOWquFP0o(X6uYEm{woUR*QSw^&SkO&3R~8N$#4a1dSr}M0
zHw*7=Eg^fVZEDG4i={?qDp(Gh4}~(Pj*q3L@72hf=mFNW9^#AeS!YU1st2)~*(L3K
z+KN{L*LkIW>rGvi(_-_cG$YF+D^QD62||*`foa4&@Y;h<b~IF#ExC!Hx5h9R1kC65
z7?TSo&@XBxyub5Gox6O^5OQmY*f9WvF;gs8sI=KUGU!nyDUPaQa!{`E9ike}7VEah
z3!%XMjXBlgx1e=~{IE^SGGORLRldDFeT~L?*|0}YLPZJv$vz1--1obz|Ck1^yaUmc
z%W!r-QSuh$%1{p|u!vrJ4r)b*)~LwjM^QH&h=k6jOp}PWWa-346}PMN#7TNCIV$)r
zd)#DmzFs^qqU5{1qAbG*!P!)!UrnE7PVa;P7N%-4%gs4Z4!p=H?C>WL<KZlECd9?j
zHj7fZx8yWX0XeWZTq)6QM&jy**n%@Y`t1HQZ~SA^KP2Uetx{}KZ9s7=#iV;p9N(yU
zrloDua&ZAPa){&1&F4pn#l*Om%{E_OMQYw!`Mf7Y|9B77>gCoCiH!{|=BVfPug8sr
zNDlz7^#Q=JC7=NnWqMthXmyz3N6WbUme66*cSX*Gk%$^D)#2v+m~{xMk^t(%e3Y|{
z%T#Tmc2f--i^eP$#%9hb;zGO0zG!B&awF@U{cHlxr<Nf2jaxqQF*sZeO%=%4Jx?=R
z0Os&AJ2rg#s~N|1g)E)E?>9vMG3b0Be5CjUE}=7^34LT|B#G)N{rNU$Vd*YJwWODc
zukAB#=T{J!{HzS0wIV4RK(Ejpe>bu(U@7LU;v;J+XM==BtS$C{q$>{H0rHB2tms>x
z%RuYabI=qdUvrvQVw@+D`QgolloA2TGiSXl+)i2dU>{YkmuY-aB<&i)5UI!&V~?)6
z0RC@EBe6N;x*y_gE3h{dBo8fa#(i5L_W2l~(?8)XA)5pu2im}OdELJMwBMHR$<rw&
zQ<okaK80+8(rNrw*pZ24a)kO*e3=@F{ZRg6N51+b0NI1eL+gb>O?ojm2Vw6#lhqrp
zQ}1&@hEKM?jZB?)_8WhBPWT>3%aI9>qGy*cJtkUI*n+iP9T-Xmk>w)86}WD|iPSYD
zl1h+Z3Za{^dTk%}78bWH3*n}z0cpZ%WpUOc$lS!rYi!$>&BV_H6;b@gcOCy@G9pk`
zC_trsLTGWs<}y*-Q!1|ljjXC;(8KPMO4-f3HN2`%kkpe%YtC0#D(V=K`)xzX6!}2=
zvy1boi>U3y*CzeIo1t`1i-1mH7fyS)Bo&!{!&-^4=|ZWf0LDB?@0E+%o!Mpj8X3di
zeFpkC^^Vspkw*qPgY7lDJr9xwTd}Q=QZ9C{i5dhfWu+^-Hg6yT=CjO-hqi_4&zdg`
zobjK#HSQ`OG42RUUH@@r3uOlz{(2t)jm}<*E9sJ+UXAY@q7Z0pBK-q(E~|On6^XW|
zp*L?mg3Mx&oqd)+-i0Z_NjDq47(NyE1*aS;OZuLod1hNnL+{{8U7k0ysAq3gn#c%?
z{|;>UkCnmnZ|x;IPThxU|Gu*OSNZRsKRtzk?OS(9!r^z-n*aJG-@J=pLyDAI3jT4Y
z=wGQ`G97G_BKIy99RJ5v{g3}D@q=Bak$u|mPsKclmvhe%?A}x){I<Yu;KwUh;$1a8
z1~&vhS15w|)!s3g3+#sHW!jH^{7C<PL;YvK4dD`<WWK}a|2cx+Urs_d*y73_o*D4|
z#Z_LpM-Of&PpEr2?Z;2?uki{m0dqk*)5HDjU)_+=EpS8puLl@^-axG+>8k>0g`AtW
zOpkwgLvX+<Y@SgnP5K`X??2{srFrlylfB56Dt~!HLEwh^8O)v4e)TN>H#q+{IKO|r
z{v$CZ{BLmnf61J_nB<C+TYA2B7lFT(P4OaXKmDhfMCs+<#B~%i4G`A9N{!$^SKfnV
z6KzLz&M$;)Kmw5z2T9LESmD=D;oCnz7XR~H08IHmp85a$@7mdGD>GfT-$U>JJy!t{
zq*G<m4%~}B)lB(YS_@UI@)3v+?)pja{dFO}zY(e2pI#bh{Q9FF;Pkr=F+W}g{o|>C
z5hby{$VgTC=^wxOkCp1b{yTM<dkmL4$@i=2hS*|D<?`;Eejm**Kgt{rPA|@w`s3xv
zKT^N+Z7|{de!3>>Ul;VFpLW6N*XIO(p_oCO>3;(;@|*BAC+T0!4p$oP>Q^BZ>&^cA
z<Nn7*665Y7h>@%R8>0Vp&GOwF<@^75hz`skzkyfj-VI-%PA>$A;8A|U1w_Oiv`4D9
zmvP#rNYla!>W0mM{D1>tMC_vp&;Shr;>3A%u9VT-Kp;c#aHDGyK+AyuMMw&jj*<CU
z5PviPp-z`#|BxJ^t3ThJPQ-krfyDlrmB)MOtBoS%$%<d!1YFiFwgf8YM85sk(3?^d
z0J9Gwsxe^tp1&K?oZmoL8tFM|wMYMKDd$UffqN{LgpXD^L5LinTUkXwP6C-vc_)7f
z!1IDLK(t|QPqu+rR;&f*VIXn@(4e5+0r<UhGwakp%Nby^Jbz`S0w4xm8<o%u^$uVZ
zz-%*7NPN|S`5(&dyx^Em5g;%d0^0E^00X`P;9G|Rh7I}2dkfUc$WNDnK3r`Efb`}9
zEf@6<^3gnZfCR{E=AA=8C}m(r=RBI`1640c+p}c=t6T-m)Bxiuy9k6cWYGZ8pNp;t
z5ncO(2s*DuRUX_KMn5p`P7?&mCP~2V;%^!(qXbaW_-zCbo{NBj3!C#iFob>w#EpgJ
z<E<-pJNJ43^#2h6DeSZ3wNs5@lYlb*haM3tF0kn3`sf`d&;KMMKT{hUXY3URA+m4l
zP2xSTstwqkYy>sj*Z}1?fEJ`iW5p%f6$5OD$hK-ja|w&w$I!UcLGZmkP(?}67E>U~
zOGp6nd^({Er!*Zz1gfn75yb^i!=HoxZej)XnNbAvc@U&0jmP9Gh)zu*0+5tpuy1)F
z!vPeOa{*SJVsc6m>tp?+3{1>}niN+URz7tBu(=NqvQu7uBDD$;+xnB<s^}&v0Mdn9
zqz4^vQ>0`VB5pjuC3SJVr7tzkjg7qERWz}@0ywVcSmhW2bf5zYPPrYA>7{`{$lt0y
zp!wr5kVENQ16m4-HP?CN_#*Z}kXci>YMv%p0d)a-AmX8qi1Kj)C}_ytcn_X|0<$o`
zr#&Dttf5xxz@HhtK`hox03DsD5|^tko$?08tm)aWDmLEPl-#^7kha31yC=Q!l<4l!
z#otGmCmm6gIOLO$x5V_DQ@iK^MGqngcY^3N;AgfcU*rW|;96k1d-?SZH`8e=?)!v`
z+yK~H>;S$MeD?|K1U9{mpKDafX$uRyyg^3W%vB1fkhRlT1;EN_-!u41C_U8gm8ja>
zMSiHI+M%+h3|`yHP?z)*DrmP~Vc9|Vvbc#Q@M>HIHYh2m$;I*^!YgGe{L@hse@|_N
zQtcm(vGTq%m&Qbo!3Wm7R`){-0SqnfUkVuNia-yWa}~TJpR<WTwSTHwuX=A<>)jaG
zi}%tKKqtmT2UH`>Fko=+i=F&<;v-7`i#D5fh~UJZ8>NNdO37|=2VIDsQ#&aEj`k3L
zfAp+HdJ9p<ri&o7zUJ->3RJ(>2Qzl<<?m|7oroNT1*lp5888kyP_6=1s3*71U+Ck1
zQ4{R*(OdOQCQ&=z1$g<Wq?H4~o6pP#AbF$@O{J&CA-)W&DhS<4(@#NNA0!qwiVpxl
znHkgj6Nv4e(g>*|YAiG8t$~IaC`1N<mUZqkJZBWL0PUZs^K-o?d`|9`{>_b>W6AR&
z<`}rC1`4<f&|M;m$5TjG06`hSsZc2uDE&eO0LwaU^3d!SWWNCot0&Mps>CK<e$c73
zz;}hMCjC;V5*?PPNd>+d{^bEFD;t@a8snv=_Pc)9FjAXRzsFeqLkoa$95Pr58d07D
zin{E6jZGoi0^sek&3jDb2o-%$63hiXN7KW%D^C)&ME1l=0ZF#AjOdlL7dv&D&6-%@
zVtzIR3ZEIUUhvQmm>L3mr6OOz#hLBs(IjGb5VUelylWdI1^quJK)+8ibJ%!ndPOp4
z<-yv+WSgEyAnqavlx9@hn+d|6L_Lg`r~#s6%xDc<_Xs8kIQSEv!xRw90U_`>L<L9?
zb6si&c}GMKpJAOxdRQPEKvXKQ(DDcvtq-7odIsIAZC&29spQ{W=?va)1H0Q)sfvpt
z^{;Mb<<Ca1Tc1CE{D92MQJ_#QtNW)<Or0omtP=a!rA8@Ltt1XKm9PeyjaGPm83IM1
zNl^TgO>A%BZHqz8oZ-sDESD^#unEMi?gP9xb(6udTe*Mgnz)BcjBOpAEwGZ&sE8ue
zf=(X>4#lzG4K=^8JW5AjOd}dj*;bL9{t9}J5MK<xM52{5Wv3ad0g^w;aJ*A5p;FZB
zKuV7~ejIr1A}F5WuCA7n%KuiS)CgKXj7Kb$$z_w~Bj_2=s1=WYGS@bVb?hW?RT|<8
z!I{c<hKz&-Bo3I|ok{M>yx+1tc(Y$OJbd=7f?uhWjmXgOc)N(p`PU-Lp*4p-W7nCV
zF+aRSYO67^%w>IOp(;!GY~rMz-+#ask83H|c23z$Pu1$LCi(}c+Xx89VR*@1@E-Xi
z87i-~PJ?WY$*v-TrF$)~pro0RB>4&py22p}3ifX(iYtkl6F_8UXL0gdS*PnL=ob6@
zlGTPohFpcR<et4Ij)%xh*Ot>-$Md>G2xY?O!Ape)#e0GHezg8RXm*&)e_JR4CBFi7
zN&K;S5O5HB$gDx43(-SMTHd4B07d)};Ik8m)<=<EZTd)EJ<N?pT!*SB`teh+u)fqF
zp`sD9R`F$`F`8gGWk(}w1+1^yw&Y{7m{`Xvfn(2}&l_R(b$L4Xj<KwgjQ;+WA$bUi
zJ5ZoXvsYKvXC*7Y5~`e%i%2{ty}%GD;V?<#`{{yGGASf1Mxle(7`ove!tQ2_iHoB5
zTIet+fMLMIInZc*dOm?e&1j9~Ds)BZ?D|qqCK6^-O)mazzg_Bl^pO_UY6&Ywt^qB+
z1(#_eRab2vs83@xJ4~mWjddDmJpC4b+rbK{qMqM5;FTne!?25J`p$y>zRvJz`Ynl$
z@wGi&TvNu{>mGK^ltM&+y7CH)M7QuNw_zO>aq>7kQmZytvUVEvbUx;IA$A<&_cNo=
zKfq{?fRe{v%h0`8#7(?CAI+ljiWA806|P2NxA?TKv_re{DBOtBS`~B3<hr1qvV4*O
zfqCmEN+EpbDx?>!pO<%F$40^I|7k|=@=LYEc)z=BVRsd`NHW^R%Gh>ztVcwNmTDgP
zofLwsN@XC2e>Ij0Sap$3C_3{>@_Bz=qktpiB7??tet41etWk61u9f*Y7|B@Cr<4Jy
zu32-dXPQ;@jLtDcrpOiu`99Ev>6!2>dX-bFV5NHWLY3&mpSKQ<BsF&q_qVr66pc#e
z6{C0dRC{boq^lQL<Pq=(MO$~-KsQ$WoMsU@-5B-EKva71oSJk^n(6U2&<oqYN~Jdb
zJFbCUTg#i`_XXDq^G?K1N9}gV-e<EUIbMjr2dI7Qp2+r-Ci=p)b;`#4eujrt5>;9I
zj&}b<D~R!F-eDDTO}^oxD(jE+^Z1OKL3E&`W4j;)S1Mc6xnTY_h5)Dl<aGvf1j4+B
z=bq0Yn1uID)=<$i?N_X>z1ARm8zy-shE0So>)xa~4c)|39ZXr?B(&8jLP$Ymsi3Ii
zc`55HU2i~$i*7^p+M^@<(K8?MeEY;i4bcTf>?P2sx$Ui00SbGFI41PWAW_PS=^zkT
zN1gq=`xtkZy(+^}YyE6ng*>Dr&)%MmVxFxk(=&<9|Fd?1LX%2Q{9Crvw6(yvL=JYy
zBpR+q@naLXGw@MT?UbgO4k;39auxiQ#qM;~Lwn9mc=HM^g6R;DGvwN^P~}qzaVErS
z+g?gE-V$75E=fP2zYUvAn2THVpgR)!-y)QP*_%eX*1krxw`7uH4TO@iK_}|!!+22A
z!-Zt&=khFZm90EF_E0vut#aXBD=BC{*rd79eLELHt-x{e^tnLGI3e4j6(P}jjX_%-
z<s7x>6t{}Px1{;t0GZZaf>ha-JE2nNa)I>HS7#7;AH5GjneQM6C3*3!UzRy)2dtIX
zagc1S!lu(Nq>c~D%tsR_7zSq3?vT=u8$sII13e}-3YnVH(;`R<ujlAj`=LEy6M_S?
zjZdmK0cT@pQ=M5rOKo)u@Bs2a&8fjz!DOUk)ivZNFXJ86geuZ98aA~R-w%M9({&|H
znVCf^JTcW|WIh^Ut7%C`N9Sb&>DcR(y)P|O7|m<4HxrAG$%w1Z(9iPAOS~7lHfUYx
zAJVT&BZty0-@ED?X$|8|qrT3!QnR(#-z9#uGYOw$wcvhn*4%46`jY`Ox$PCIPs~a&
z<l)rrU(VkB7#Ec(r&%8G$+$a0EFSr3cE;&jd$m9`+BiH(S~CaGEK;rC3h|AiXNS!P
zDI#uvs(Fpx52ZnS{u$s28o)dvtsS0mVo7sRFA@(WAJQx-sy$lK&ZIJBO70>5<ZDb#
z6l&9~^g7(&ueSqylU;+U3=<!jcL<ml(T2^}k~|tx30#i$^j)5JZC$^wX8ML-j4Ad8
z;U{*G`umseX)9%9%v!OXK^Z^82hM|$o6L8Gc#_LrDZ;O_(8SDjCcisRHs@N>w8to9
z_qpv)d``LB=32i!k;>KP*TriCIRY~=dPKZbfrQ<28Q856QcZN{iz^zNK*U-d@AX!C
z<fm)30y>>$p*fy|%%J=82B@oB0P>U1Ty!i&-aVg;SzQ!y<$BZ~Z@#RK%QhE-C>pVV
z&@}f2>v3bt`;9Z1v$ID)jBd3&f^`q9hY<+r5%1$ePt{7<NRC{vYKq33HtNVwc`PhV
z(gS4na3;AHr2}Bcg$9Mcl$3XyEjmWc1R!pw*;atZpiGv`_dD~QLBs5My$6qQ=e+?P
z$SV?TXHeeI^_r$0e4aT{Ez){vpwN>A9ao*<$^a^%6<;0;HzQiP6F&sR5i$ccX~gWc
z`w#8Hf=CCF9tW*uQW3XYN1DY#^4iT@77+GKqaOR0o3Z!8wEElZ%D_JL;7Bg>6mhk)
z1(ed<1gNt;gV-9sMc3}dT_HQ)M%89EvLW+dEX@Dz4DS1ZQ>n?Q&XNrcRnu4Z4GfK?
zj}0L$HOFZBs*%f2#(AepqIeb`u~<5I7;Tt&7|jO2t4)uKwh^f*>5}hw+%Lb|13h+w
zr^_$x&*k^X^nYnOp!Q8H8vhm`X>jHqcbcTWurv(~QGOBqFyhHRXocMKN%YGZFy3H*
z8+~MJPdkxKTCiuC(XUU=59E}VU*>CGep41L>Y6tUHp$}ly3vJf11VP+%I8rTdE^E%
zAvY`mvoJIso97{=Y;-}a5`1YSG3@+=c^_aGH9QK)c4KRI2m81|uzm?!q8rq_#Zsnx
zxsi<`hfS7Wvly@dJrXoY`rBWW&ScD5EbL+vlTQ?zjx=G!W@GFZ0o`IX9x|*X^gE7q
zL31k66b3{W>D&RyPyXSqQa2nk16X+b0SaE?P4m!{e8lT>(waE)Pn!L`O?4?hT_gEl
zAM*#E@^9mP;si3#9ZKmFU~?{D)Xi4I?;z`(4()hEw~9(jM0XXvy=<Umj(XO=3JT7f
z)lKccyM1HwgoZ-p^DP+2ouOxcU%%J%Ddjy4l?JAg&3`I2?fIWQumuK$e=stRE!tF&
z+%-czbDkafO{n_H&&+0-&s-RzzEt*`(j)S4PSi|LL?YrE2LsQGKV$8hSbK`?O+e4_
z_S3Wz8U8;>kY~afd^_)$K%ZSEyYS~_CG|{%UIo}-%eNJ%D|gknVKNY^>K*nezwq#`
z)$^emnK)+5eRXC^R=+>b$O#bt_I<MA-oProJhk&)yqPO5BYNi@5}A`8xR>vLl7B$3
zzkTd;!n#9{mzE5JssfIn9zNUPx#bJl&pdnlIH1t9<BQwoyb(~?9Y8hLwfy{8owUqV
z$O;;%-~MKm`Llntp*|)nR!}eF;GYfH-=gI6eMuhyPxgS{fBa_t-IE%FIzcj$+0^!n
zs|4nZz8mCcR#L2MLw{la&g@gAPQzSP3f+ws`pLTCuV@af0H@!`y!LaqbmCp~p-9PG
zuxt{%Kgl+Kzo-9SLwbUsK5a7d%X^aC1E=r8KL6uqA^*40*3X~_mv>(FtfUKFPM~^S
z<-~6D%?p^RIGWV{JQ67M61oBDT7c#V{_*55N6tsmi`?{+P^Dks&lVVe-Pe`(V3dFJ
zGv@#GZF+%+Jfji1`twUAhQn`Q8vcFV030*)yzd>^sQxtDFnD9$^zKKBq@M>f+|qX*
zkJ3tY%0#<8E)?aYAQ=(OeQ=3Xnmu96>Rn1u=98p7X%WMjfS<;>QUYn0N$ctxPxr+k
zPQ|X|H#7e@2+?6&+M;#n$Bv@l^1obAYPl<siMce!8EEZq_VX(y2CF}_q!0FjQuOU#
zJ{qNKAXX@)BL1&9s1c>%C%MZYr|FK>r#EMAmv+IoHfW?J>}NhkO1@-)E)I|2;2|?m
z)pM0DjVkowZhoAw3ejmB=?>l`bLhfAZV)~#?!BE;ty#1xm#MgW%EJ4$es19(57HA5
zVJyjsr%4ARPgD<29DB0vWD(4IAh9Z3Xur};^WL1+C9Tg4S@+ypwR8GTBew_2Wt#eF
zQjHXf6LuG)vt-0gYQFtAkZ;o@yqWpTw;`!Nc!}BGd2pwqb2l!$Si6_p<(*WA-RH0;
zIx&&O+{2xl_gakf2Yz^<K`eM@miG5emVWgr=+j>U>5ke{lY{NYcm3CSz-9>~F#;jJ
z@K;&P*YXda69oPZqujI~UgF>XkmE^tVT{v{;N8WN|Atb%zSXR8o|@mfwxrL?;nx$u
zCsLy%rnU8o#hP17gOl3Nvadqdc%vWDZFgf+p2c63ZE3O&HYx3;6nW8C83KQ9^fc<J
zaGO{hqxE^F?uIRRT&1I%``6!)MK+m?16E;-8#CePUB;oJJTbRtw?y{5RTon!2aFwO
zsY(60l(2r5WoD;Ej>}oM4t!jnm<a3)v|`qqFSpEOH;T*E^6)R!arG<`r1Bjl%%TRi
zCeCug$D20$O9XbeO?k1@@SqPxa`Z6&ch+~g@+&=rhvCX=MkUKWr@U;Lj?A}uo-H!W
z3YoMr&<j|_L~tTK1%SALbH=mW=a|*I3NfZolv?g7>g#=g|Ev$T19^@MJ^jG;FVl9i
zu0Mct@w~+GLB8cs(E|(q>E<YG05!c9SRv<?te*P&wDRB5$p^|8Ayl`StdPr-6GBd-
z52+XT%IEhtpB0&xZ@M`7F$%i9*<9ASHCMvA&R=Qt@*T_Y$`S+pJZX_NmG%o-=X5LY
zVF6wnwG=g0cD<DF!VJw3ak|p4!KQj*mHCDqWSy6a+_A!2J0bQ<ox}6VR4XjmNBWUy
zz0n6&rEb;a{_m6<F>+Q&_l=J!TVvwXivioIcVJI5^+*;;KPXf(yLF>AyGj5VyXP~%
z<wzpXjjcJK4WNs!(u`yHmQtrBb5P&fY|b^uv(bZv89r0Hw<&^swse*0CxLvM_TI_~
zLRC8Z;w@TqOv#Jba)@K`k_Pruxu+dv#xl=Q0NA$BdWsHv>0x@T7Id2{;_|*!h+u<;
zN4<j!Ghx-bJD%?uyYo<t?Ioz#;|>S<vKN`LBcBjrwhosw)G!6Z2fM(;ZAzt*AM2cL
z;JiHAezjPCDViXcUy-k&y=0fXL`T~oR-(F=koh<ZnvQ0i$+N3((KfUYfaiJYaL?DT
z^YWV3w`yB%Z^c{OzcI>z94Ng-JGiOWmP^B>?~V(GEX{b%r$Pvd^_+!b^lEDh$NP&=
zC#3~*{vI6m$z#n7)jPZ&ZO2<37p+HeELBMPnDhQDV|hKto#hyav*xzc{Uv=zq*|_P
zm&Q&%#8SOhR~YqX-!l@cSkJXdbK#5Ky~|s5<=3Cp<|QxgR<BFVZs=u%7it7s7!T7!
zF%PZ0-l<#WSe$OnXGBF7dLp41gjFg0Sz!$9po3{^qeI>@#29Kh@d@IzSgPu|MYt%^
zlUG@4S&=u`>b+-J9J`KLSoSMC7RmK@w0PF2jvhAc^?cB^S853{vK>6QI~mm<!PStt
zRxl_5>$8sR_iN#pzJK4$`m`8?fB*KpMxG)}sp!e(+SXyXkyHP^_s7gpQ|B8!eG2m`
zU8nu@4je1Q)a3F!Y04NSyvjKBDu&pgs24ycEf<8wzN5<a*3#f$nsSm{H6Gwg0NEVQ
z%eKDg)w#wx>9RSG7q2SSuO=m0k+U+xvUSBQ1`5(SVI|!&ZSmG%!%+ypK25MN=D2mM
z1}vOs@_m8IjuEJ^ZfQ1#vB<C0u;&*8GxQYZq7r<Xa!p7ow9AA#8*OYPV1dvI;I|xr
zzdzJ@b)|*khwr3s0U3p8RjJFSoBPUsG5=2I*4A@^vC~dQ*y8l))d5$LUJMMzTzE{E
z33sOby(DQ=j-K1LSg(QgUGG3<B}a~UR`G<GPC{y9*JaE0bWXSoZ9y@P+IjOX@8Tm`
z9k)J6e%U-C7-N3OGFS_VKcJ;uakbxho}rr<m|0m77KF%eI_GI`4)@vK7Rp!>quuHM
z=65O#mXBsC9$VWs>CUHKUQeLQ$jebj559OgYwWGNtVH{<{PQTB-qy<^LoF+i@u=yx
z1vH~f-cG)ChL3QQS3~Rd!1UpUw;jo{;*dvavHq5cYUE(jzCaH9R+`1qLL}Cjg~OhN
zI*KN};2{O6|GgaV)OoI|l1}*aDR+Yg(o!6`aJGsM_L15CY7D>ApZlI6F=Z_Zed!n&
zK0i+H!&R=nz4N^~uE_fOkDPkeiW^pO4rfbCmbScTsi=)w^BlJtdh?e&Y5zFvgamoa
zScIY77pUkxY~9^AddbzZ?KGqCBke~=c#i$S^Y)%qTZS4>rXKai>~byfz#D`tGhb6a
zuACt)hTOPrFtbH_Y_~2kU^FU_q1zgn)vq7B>^uy+u$8K+J+S<MWaJdxG`x}v;?ZLZ
z6R2c&%CHdd5bC=BoK}ORMyFjc9HvtxqHTNlI0ir9Ry?h{h?&(sXKor&0!rvs@s4)A
zh@QE`_r_e`4iEj8mTqFR*_%?*G_rK&PKFz}Mvx4mHF@cIjRT?Cy2C*0#*|$hz4B0p
zTp0R@TlJwXWEBk`_{8;&_C5w;(X+#x<%cy-(WEP<_(L(8rxw_loMsBY0nnuLMQoB{
z7Cju4IK}ffMEg#=I}h2)bQN5=pkAfEkR-X)Dnfwg(E)tX>>9aUL?*f_2k~0HtDEAe
z=?PcfvjWriW?lfrRaLg<miX~r!tRdJ7>O>fJhk}?)JA=JOdV<&Nx5<`Mv4%@XMEfg
z9Yk(f>2G@q^qx;T&T^EeWtt`BAC<FvsONn0Xnj@oFn%Jo?Y!QL^Ec+>+P?A3C@k^f
zgUvN?6%rW{c>8`Y_rf%DY;oY=02l9$WYn(6R;QC@S7601p4^hXm^rXXkoKdcPC6*H
z2+QSdTNm$Qoizj6sGX|mHLjOzXP?uC3v8mICd*!zRIQz5<VEUMxR35(oSV%f$4Sjp
zVaCrFWa|5hx&Bmlwr3&uMJ(jyxrK334qt4@u8Jt_Ej+s%UE*H4BwyW8xnbk069pNp
zA-AnBqS|^N7P+fgCg$QRFDkfRoMz(GWK-!KRk*;j4&`#J?nvT4&hmWS;7th|+YyOs
zWNP|^r}s!%^0mwu%)PI$v2^2@-yofOBnE;WFA!BMlJhc}x-rSKa#~K?DynozI@t??
zMcVBLXAcYN6`xo>)={0+*mQ2Ib&OuI9NzMNXR&sm8?`#v3;ob{D8Y4tQFXr5v-ZIf
z54I-oZL;U%!w}ZEO8VH}X*F&pqnq8tlPn>;+o{G##s0)d*!mn*6i#PA*T#3@JPfn0
zdp~fyn((d2|4>&G)%1c|+E<C3n`UEis5n1^Tczo=!a{fY<x`Dr_?&sYl8yN4C3Kws
z!Q+Q8qeV7Z4FZh|KJT8pM)gR4K5x7`+NY4md7(F(aI)tnrDpbgilfqsQ%wN1S2-=0
z&bOBXh{zI)a=d)o4zwo=ex(6_pvG5ejz{$~c^3u3HNtPAt86}o5E{IHyo|iU>-*^J
ziu#)uHU67W)rM)E(A%13(0o5aq1)l9jAtnY7LSVqkI}uUIyM^eqW3E>VV>ipm7cJ5
z)T}38O@%~i;iiK;r($VIxu>vky4W;nPPxQKtM%+<Q^?Rthn;Tkb<MUh=ytGTU}42%
zWZyVrp2W6Otaj_yydEPe_Ivb^b0=u4tR{F)cSUbMjk;LYA+OXnv7}Y`DLy!5RA*s<
zRHN%^c5d*d4)+lG?WQPPMa!G!Y7??G&M_~ndx_696IYSz#LQ>~4_vV?F$HHAU7XP~
z*SlxZLC{Dp%V5ZLkp8Uq#l}0>fWHQkc{E3ej<}gu5_LazS5!MWy*~U2B`;D2gWLa;
zJZpDGDeD*>(9ExEU9K0S9}6RYW2h7A*d)EQBu;z5tLYHp<q{sd=!c6c;y9j#U2e~W
zVX|4%7+9rXGfQ~$c~|@5n!>9qq0MoX;y`<!V&<_dl=drZi7o1tQRf0aUSWIPbaU*?
z;HVKD)AZ5NLSCe^yOp23lYAE~RGC|?Ei33M`2*-D-@$MD-*U7U%JTwicwJ~>7zJ$-
zAZDFkPwUeZP`6D$^P99}BECAd+prPO;2=nyG?#(oaim#<Ry`vbRr*r4QB0g?*Uufg
zO8*c6N+>#eMRUF<OP*~|kym}M1$t9dtikBy<L6>rDGSY9LF|L`h4ec7){dn%y}~`!
zVl~cb?iE=)?%9rX_T{ji@veIQLS7yFjL}lbrt(o-ZiQh~|88k_u3{T}8u=93)hHC9
z8^qSn#6_=M{le%}oA&$Y=$+L*&iK*d%4VuKf}ikgiE&DyT+<&q-^5dS2^dK8;8$FA
zMo&mkVIy)hM47kUN|@6eYSX1<ZS^qEuTqFp<nUrcMisS{h$|j)%cE9AHUG%!*gOR`
zgD|_XQctmtyIeYoerk#3baKMo$naQ3s7hoao85+D$i0<ATB!aQ<&8ZaTDQf&+IzU{
zTFB<MOlW<d659K^Dw~qwc*ZZcM#pLS*ei~Z@2KdAV=l#XFR^dKhu(ALZ!^WW6|hT0
zTfHtwH`XZP7`+U(L&(Y&tg0@;6cwmE2=R?mrJF*?TF?6pv&jxQ73syc*a~A%#!ww@
zVJ$Da=sLU(@5(WKZr}Ybf>pm;(N&6)qFFNuw-=Z92OKMBhRu5FjrJD$N3=`teN113
zlJh`&vh@fjk+#jrR0El?E3feD))8VE#>s_cO|6#g3BKOhZFAu{BkMD`^_T29>@VB-
z3jIo&sMG_pW|GEfUi6ef?i=l!?_3a6Fo~mj`9mb7s^`MJaH^3a8fE*YY^L6BEeYOg
z9-R}@auDZvgs=jKBhb&xE?F!I2nn&r{bq7Xe?&Yn{rszu%_Vroep^RR1G!XGk!1TZ
zV|SH$NtLn;ZQt%}0y+O^xdcktXrU+J`NRwC&QJqxpO$t?d94@X-cuM55}13At0CWc
zvc*T;;Z==JSC(GUj2^o<Pm`7gn}s|oys%A&TNB4I%SU)Q>{c;@2<M#4Bh@1ecMph*
zjg<7<v#x<*rey94IO85iVGQ!swX^vmg-YbgWSDzNm$6>&GZJ#J?sZlL8@82gv~F1L
z43)Z8XS&R=`wL?{&Aof@kw!}1c$veRZ+EsF2dU_trD%~0UZs<?FPuUY?v_b(8=X?D
z%-7!eriT=Tw7OM1=s#7$63Ha|`MtbT*Rj=_3UV6LzttbWH`oTLIqEXwwA@7msaKPS
zTOYecMrSCkW?Bflp^=q&p2$+mZ=bQL181T*MTf+awl86Iq0Ldb)x7F`ewyCmsv-uR
znoOx2+SXz^C$!H`d+Jx|EZE!0(pR)SrC;#F@<y_#UC_)O$+97tw$*Ujz~L-@+b@IE
zN?2ewy{O?Ug|V<umvX36+iXP(dHlP)wBm6fSNZ_-fjchD#IuUHZJ3U3<nXxBe3j!M
z78(09iEJWu?`3qJ!{z~u+zDT{k?`=P2TNw2g^1()ROuZq@1faqjKUv#-0K4A#P!h$
zSqOb~WhITaA-w1#v)-&&LP|nbOt>bx>OT38m*5i|py(q*^MoP_VS1$B{amEOXfnO{
zIk{QZzDJ~|i(B(EraO_Gwr!{7;pVQn%@}R0fnkrm1tc#Zc7ex+z4*jCgi5Qd=DgpN
z>EU$=cB@vUKx6>IT6gjY^_b_t4uS0{oJdN7S5P9-qs_KEHqgT>LonRz!FEdj6Rumk
z`m~Zs%opyqZzD;ZzWTb?Z#K=V&zC&ZB&=`Nk&8trXC=&El^%ROsL*10znIg#*f_kh
zcimG!U|)3Q?K#Y>VN$-)nh7!mVWy~a3UZufq`l0uToWhTyub$ghzM$}vD<YukL9z(
zdOy+PV~T1lt>xCb5kw%Zo{N+}PxxThuDG{}1(d=kLUO`ly_wn?%<|`s1z-FgTv_R-
zWt^#@!`n57w!ZdQvyx(fg@2S`?{0;;i&&fB@P}ZTlCI~1KUx*~E~!dx<IfLgo5ZP$
zABqgPA`aqjvAXQ7D6TJwZKH>R9h(MAvoxpOx2;!ZPn;!$Ya*`=;hCd{btLbo@WBsp
z{T1(9i`|e4`b9C?rw^rN71q^fmR0xpa#D3J=LsyqMkSu}T_1`ikak^$sdkV#C!xwl
zQKS?xET`0KNYlmtxUukRahb=M;6Rtn6s!w($EFz*0-tS|g!0Qt>|MuFQB2I=*D5IE
z$`I76g$~)wq0{ds?tUfrnJh_;Q+dA`B(8^PFxEQ3+hl#!(#o$;YiQ`4-ieHc+y4z%
z`RjKL`I7I+T?${FY_qnIP|zNq;6*O>c+&6bo5V$V&|hC2iZ#D$*{M!4CZJ%7q0Xd!
z_f~R*?8c%%^9_cIKDQE+19AQ;vAcLko7}@6&V$51G{j22Kji}B=yK!F{!n^{gG7qG
z84HW$jQ354X3WLS$v)ICz4$S|=~R)#&$tlGKH&6gTU7&PxOcffzN^32MoGxlZh|rm
zlS|;+AExJj{NYM6KqEhO8|$9A@(G}_gL><;{tcR@VG6VEO=(*A8O~=qrp=+qvlc=H
zqCyc91ua6H7G8U)3-9Ayxw(D}=A@IkoPe`2?%m9xK3g_e8olY|jKIZJJg3*1U$Ri9
z8NzRetIh$4mzqhennf-)t}DTRM9){7Q&AyVkkekF84-Up=Qd?>Bk<inF7$sCDJ9uR
zNXyb4zP+yEznvqqj^bZHC=9k=%1>(~GgoWNDR&~gM+58e3QjKj+*dCWe>`dp4}Dk=
z_9s3G{P=eMzQk41Av?2jHOks=`ky2H!^7HL_(P;hd#moIklfpmA1{&rd0YOhp-w(n
zZdyOHTR*GS{dJ@%4)A<UZUy}MGT!=w=lgsWl5^pg*C5#nFl2lF=VyMDC;pk26P}$3
z=e#Og{RqTmFlqe8Li{8*)z7b5DG#9Yk&A?=LiUHGG7Lq|x!UyPvF|4BXhhN&uAZr9
z@c9;Wf>e`q@qXUDw^P(3(qCHSE;L-yM>c;Nqb8MRtHNk}9wHa#t*9iuYvgx^IVb3B
z4%1Lw1@~1@oX$II$`slA=rYbV!cg?rSN|utl&cQ}^QC_J>JrCxjSY-*ww)`3^%p<<
zR{aDd*YG|pzr!oOu!-O5?UKCAuTIw2N=~szS7v0ri-XrhzHi(FUN!SyPo`w$c-~+_
zdJ2Ih$%1pX;WlIEJ@@TbiYAr3I9<kqs-Dqau|&mX2?f2p9$``8x*I~Da$zF+BUdlG
z?Em@L=}U81W*Z&nQc)`e^G)&eFE65koPwijfzBcvJLr@Fg-g3THss`&;0vZL1O})j
zTCuMy5SFJg>BgrqS&?qh0+w_|3Sy5uM(=_Zt9#5)a=@nZ!&#+@`22yZEjngF84=j>
z0h7L^!`Vw?)PiNdDsV|gg0^fIB$VC6nK8%cF&c4O{4iDmJ_e9ch1vP7`p(UsLM!r8
zyAa`?E+h0vj;!TAf$(lIVJ2c}>+pIX4O3f=z+H}f7HIQ;;c32{BoTbhdwcbMI>Mnr
z4UD^+Eh6{y78>AuC=>IZofzlTfzy{Gkr6y1`KpfYYu{4Ta{;eN$;td#V{3mphEUQ$
zZkg@wU4nyQT1Oa*`?8#>NA4?_88FU63tm^m8-^TW8tPyJ;)7TCi!fn?T_?=2*o*fB
zFPRX8l`H)K4=uNX2_2XO8n*1Jr}kRsECudI6ml&TuO%fdM!vk>#|3shtX8}C-Q5xL
zngw-Q-RQB`<3GV;{+>T1Ny)E|#m@NUI35cL%WlD=g7(G?f|g#1cP;kPu`kscA_ur>
zr#ubDJlKZ|12VNL8;uq8%zBFwmM(Iw4CZUnh%9@n!mIosTXo7onQaYsdiIl_@GlMo
zJ3&XI`8`I=>Ajw4yVsJxv_5bOW?b+~q-ga5Lg`GgqXUtp`h;{QIqXR-^+Mhf>*yz<
zePW|q{SVhYPZ2gHidjBbXspnc5lVJVg#fhpEy{D?gX2-YUsZ=)Wiz^be?e&LYll4i
zsEOLCK9v`pWijvSPq{KvKy}@?YX|~%fsY+NIE^~z<6>%J_XReFwYxb8dNQSscdC#<
zZ_ocCDZ#gi<5EarwD|cC`}$ZNel(AocWlv6t9^fo$>K*k2hXo!UHn=K1Gy>XUeE2d
zL3Jc{g2&C-q3fEcVFcbTx@6`#I-6SiMJ6f=YaPXzdwJxjCfGt79}qKIr-eu9<8<=d
z*<^~VmZcd{gY|bISgApy^Pd7-sXyj@Id$)(3;t9-o__H~l#mYgX>q$qeXlo_rs+(c
z^<7Raq!4_XXRCmcYqT>z>o~@oZiYi|wl~?VE`EwPDzmV%)MxeZHGf`SGB0m1()a~e
z+ecT6#T+Lgu1hEXne=~f`&CZ2SAd7W33aXNp862;50+0CVEMpDnct)y6>Zoo7mmB0
zl|f0Cfp*Z$Vx!lYfeX<NW=@i(VHt+1wj83%Ul(Lr$rPJ>^Wrm3AKqRkEzKT<@3%q{
zJyZaYIgg^)3T~b{-2U^<)+k|iAoew6L;mjm8|kCcCh}+|C%Rg#fXkyX&#g-&*NLE-
z3R2r%cap~pI>UZ~K~+85xp}q@pO-$=nUMuSYjI^7rRii9Fqs5Vy1ZW7Ei%dqnhA1>
zY5x73QP@DVQ>}=9@GmpO2~vdw$&+PWL+kM4txYsMr*{)&U5d>#&MuYfbt-Hgw9bc}
zT6(+LAJ89DW-hN2nT5~LSA{t(rE}Sc7_DlR9=z*!vg_5tj8a}kzoq=(<>DqQQU-&F
zjMqNl?-xtO5O(f35!$8s_a~g3GMhhJy0o1^7PT8Sr`$6dqEfVb2-dzl@;W&K0{Q4_
zy*<yw^IVmX5prF_rf5r4Kl@AC0g_A**_7gXI~`Oam8I_ItSh61xTH=-?OM<@_c6&H
z>1=1Sl+K<i4TKr}_L>JTmi;Vwccx{kJywIvjy;E1-hN>0$Ei8vWg-+#WGF<PvqV4M
z+*#aac%1t4We4cUykhFpt0TF!T+x5BjCM(-enhCa7`7CrvEP}N?4+JbwV$9st{Mu-
z0uuJ@gPWUAFf}#HniX8kZsn8%PU(6bR!;qSGUY-zwvh+j68TPw+a9BaAc^j>_w-M4
z*<*bv7x&bLw5FF*%6X7-!AP%fJs1V!o)tmbv2ug#Q|ieEcigS2MBQ7(Mx95mLKn5M
zTyLhUrLGUS^op+gDhBb|H;*=xXDK@46xwu3_%n@6mwF68yI0uUvzF7c;=Dv!JSng}
zT5dMYeJ%UU)Dy|-;j8lW+F_43?HRoHT7<-}4Ow7s2%SUrl3eA~dO<|Vi51e?x6y-o
zx~a7;f4w4C1bpSQ$PxYdCWC;<k_p6J)Kgk!SoGcw`sIoK{VfW;lVgm#?tRdcTdGsM
z!89HLAsPAZP0NWO;~Avp@`=u_#Fl1yC)8i{Zqo7Gd0i}?Akt~nf1@`&C7Sa2@)(cf
zU@>z>U9lNK;-r$;b!gsZuQMjv*`W~Pyrd5%>W2Hn21}?xgm!7)6uodiLvQx6t0mfe
zx3lMyF}b#jqYQF<Prkf3EYp6{39Z38czqMDTiYgs<9(f{I@we)2s_P}$7Urgn>A<J
zWkq;yVMQ=MY&BonPuHBL4Y4*}Ahc1r;ceR%4y$p_)uSc-&$qXiiY?I|(JE$~FK65*
ztsEBxXuCJtCLQB@NBjC&bVkHEK6rb2^*y&3M|`%@nruUlz)!A_`0|m57b6vHG{U-U
z=3eZj2ra;0X6h7o63NbkK;3Go>g4$XVwV6>*9L8H!*fG<VGwKGGyB5Y>uA@+{afN|
zIN-ZBo?0EYF5grKHMSSxRVAPosi(xz;y861m@U652V!%qVs`U%n{C;{XwCcsXFi}i
zbm<s2HTBe+41@96x(GTX{qzEf3WOG;9VznkgZ6D=OThRdpPD{T;=^;`rJz}3rq=~%
zdlErF{czUJv2)mD*6j;YrhRn^w9B+Cd?Obhd3E;kBH$fjb<5rQ!Iv$7C42#B>np38
z4U0efIOL|V!VTbczXb^Rvt}PU3}qZh-&Ec_489by-!bkQBB@Ij2fU==`zRpag99y8
zY)D=c1znce`X@ss)6Pt)?OpG(o=rHZKii-G-GuS~F!t7QQFUwou%I9*Al;x6(vs4k
zfYLd1OG$T1mw<rMojP<#GYlcANOzag-3{-W`y9`CexLU_=YIY}(V4y1UTf`ZUEdO|
z@@2NYtjWjT#nb@#p%1>-YzJ>X)Y~K+2i)S!Gt)8NWKAMAT?=A8=T9!%Q==z9@V7bF
z*dPo@(P4qhXZ)i=jualuSmglzo(5i)jk0yN!^ZD`5nt0Z=!&p3j|b}*RVUGb^Tx+q
zu_gWy;D}`iOyE+05t1E$ln(CQ&kc46XUuJ2XSZLOCg@f=&vy&>zE9sv8j_*WC?TU@
z@CNds4~Vc9O+B-dtLF1@o2=c@f;ZIljBk35%5plJt$OZE)`UrFHOr5FaFQ#a=6cs-
z_*9UmkVtg9{ZnB>&r)5?FlX9iV}jm@8?^CY`bC3JnP}jYk#;O`>DN!ClPhlhwuA!v
z;Vr!Edq8nG0dl2HZ%=)1&0+Od^S3wS2G2Lm(ro=ec*?LVxUp&Au$1Dc=hFIxTwdV3
z`}^zJxT=bLjH3LIQ^3YdbUZ+)E+F|zd-2>=`rUpaAURx~bP)E<6@&y#bVia_BJ)2b
zW&vhdw?JZ03&w%nEdNO0sT1oA)<|#Xl>&QXJtqM&T06RhFWyP;;xPy&a*0fjJGeB_
z<EXKo98v(DeXLUBK4OHg0U*3vyDrOC-wtwr?7qn68L)HkU2d@w(eyqrY8;|~E8TAZ
zN>_Q}c@U$O6VIwM22!XL8h~JKd)&acx;sANRT0a9B~bSu%nYHa4M5~jI12)Lq2%Nx
z+RHmLT%KF+1F@TFAqSoy;Off37brtHu9b1Wmx)cBc%AOp0L#g0utQA(eWf)B{3-`h
z%AW2-#oZJ(7)97+F~SA&+|mJ>l}D^MwkKk39$a1apbrR1n?yr#4(oxbu{=`NQiUBR
z6`ZK41sH{G>X?uTxtEKwBZO<$`?&ze4i-H`&It6G*QVYUWvg322Cz>oaM;vodgOS0
zaeVmB2GSCt#TYxx^Si<{IhsxtS9}~q*lyijx){U;$GC|E6j$JbYVgbrbmLAIL#Z#k
ztg|Z=j7l|Nr{Aks5R#j&JfJX{1{vwgf$-pZYdLbHdo{q+8hwvyunATIFDa6D=<l&v
z3&<a3`s^EMKmBFa@kji2!$p~1&DPg?S*OHE_yP5-x4Qk1|C)abFFl9Tid=I$LO{Ux
zX&1K1MlDgSQI^r)1c3f@9NsnhLm*bMy9Fky-gh9$Fbt6yAn1a|mTKsGbSS>!X$S0O
z+am4i!s}nux8+~obZK9nY;S`Qti85Z9&zbVKgaJ%DhtPeNzOZKk1!Oo0gkXDhS_A(
zWCncqAj}HHFaXMy16A1sAoahAB)?6*E^8@S$xGF<bQI7Aa%Us(l&rJwxwXA>Zd(MF
zuZPrx&dT(`mMP4tc0V4T$~h9Zka8IMA*d`kc_}B|EW;O(<a~Y3j%PqJ-2vP%i&?Lh
zXUhykGvAhM6+e5^c}DID{Me$_FI74-E1H}S)%?A@Ye5{?K2gI~Ma0vV?1M7j>!0)7
zAB~dc4wipz1HpF{(8Y}jQUfiZ&-qBuI@qMm5n`12N?Q`ZDe5&x-V_96ZLx3Y2yVU4
zZ50rpOah7XTL9WcVDDK9j^C)50tNg{$SU09a0`5VQ8RkJ%`I>lE$5qaZ_{^QM4303
zt_yGjLg)yD(VWg!WpyOO^nJNh-rilS_@~9*-Gmyt0FZuHj-%8i->hDujS{LNrWzyt
zMJE0o9ffIq!555KZv6(=lHCkz;i}u=JxA36NPLn>+13=0kB;n4#{&ijIf_{|^$k$$
zUVW9l^v2GW5pn1eKsm&Z*lKkvTIc~Dq^p6(Q@0E{Qj|E(#SmEv#8%E@H#d{hwFBH(
zX&iWOH1Sq)mxsUlehWbHsjGYQJ&YkE=|D59hne!wB~6u%q53MD{GdB!%ucIIT;5=E
zU0@DUpkf+fn)C7p{y=>@*dMkv<fcQIO5Xv;RcO}m+5WFL{rJsiOPB}~VY!kh#^=R{
zijWjpp?*YM-}TLF(zPFbsz-vdr*IyDMuhAJ#ENRKT6NQm*lB^9@dB6?9Ia|!6kpdQ
zJS%-NtzlKabW&Rw^l-K;zt!aX9OmkHx1k(M;YZRmpzhvClwWnXjJg5IYz?BBW0zFI
zo@d_mCpbUGUS3M1>l7X2MPUl$jh(N6LHn%}|JuzUq3**wHZr8yB=x}>Xt=?}?1tco
zgU+QnWt-Zf>Nq2r`lS~o7gQmAquD&2Va+|u>B?l<!dc!~IB9x5sdIc+db)}V^Rrc4
z-2o7wB=re8+vH<ZGIh^10~dn|?YpmQN-QT#4qv-ole)=`IoC)HR;M#zZ(hAzCFy2V
zU9K{b^q;G9x~KPMV@lO*>Xj}~Gv8clpm3&(Zcw}&?^)Cq-q+@yyjnw0#0hHr`rKN*
zdGy>ibQMnzsuX{2dsnZCsC1Rs3+Fg}S@TFNU3C^^n|VAe^egHUjG-Vrph%<aWZVX0
zXX7Td)L-o>-{e>6aS5^=Fa=NJqfGO!E17InamBJsFbT9iL%zxL{D3#2y0!J^7yo=Q
zW}vHV&aaHiD2*(DJ}7UO4qrpo`KE<}>7x3IK@DT?>BmBHWY}abxoKXSWB4@~@yhk#
zyvx+z0_Q4XFC>Y>V5Cr*FBzXcvph|gSg*8YlZ>#H*u3}Z*V@Y06n7t>ob~2d0tUhy
zvvFgQhP@hm5iVT%d=>F{IV>!*<v6`L5_v_-gFiBnVc9_owlk4mIpoBf$4d34`MiOW
zMBye*Ir~mQz>>iJFgB*1`zHN7@T0y4;@)fpTpop-W;o%VvT}<gLk31^5viKXco;Nb
zs#``?-h0$>yt2?aS4#Y@cPLYL=a{6Av*$%d+<EbxU{2Iy;Z6FC?zO>O?*TE=Im<aU
z256zAwD=wW079i$HH^4m8+NTRsBIq;*j7FQGvvA5O#*iy<?+s`v4K#5`;WFu7oUbR
zxijwNM|^Mht~nw8ae_2u#~dg{Tu3IxM}bJZYQ~Y_y$*mpO)5wSMyfZ^71~gWCFZ#`
z68ig;<SHehau7isKrq<0A{<e+!t*T4f-;?0XitrYT<6;sGQThG{}JWlU<DO}H%(Lf
zoPE<U8{)7u<{IVPaL?LR-*g6fcjs?pk0vPjs8NC-S{pzBbpoL4&+BHdD&D;Jx&I>y
zWpU;GO75@J1Or}-wHr{p-E@W_E5SY$lb^tp<tK0MRc#kAT6~`OnDNL#j^>+njupij
z<^OQPhk@0#U3o-4Rv#-<F>eN2Et$F>vi`KCz&oRc*=Cqh(Di6lO28L$`Wh6Qt2(uV
z2XB2T6WZA2em9$3ZkSw7b6l4jD5KgRU1|R$)o8tWu^L?{kstm^fOxz<jWf?Bqrk~B
zy?I?ou!q4`*cnS%y_t$Ki#*DcI-sY1GO>e|VYVhp46w?s+)CdBh4)cbMXN8P*$85s
zY=b&iWUXjE!Zw3pS_;2x`QU(D6-6H<_+<wpL?D7$n>Sv`LwpzVNn<<;CM8o{0!?}4
za7(#4r9fXuldE2(_H7x+xyCjaSby~4#hn*nkX`gaq~*UE%j=A17T(F4_b)w+)r+7{
zrxgZ`BmYMP1J7iBPzi*p{n!S}F}k4R1xmP!aL$$v#0+!w<sw{mHFeO-<VVz}!kIiL
zPQ6!_S_EQaH)@2(DwL_tHlG*c7IF?*^j@yJzXnq)hW#TvMgNC^+ZZljZHtMC>*;ZC
z1St9=qhLc)FF}!TLYlr>i1)_}fXMPdm9NYNuQVsM66R5KClk3AMp{f`T(|xisus7O
z6-%DJw+8)a%ehWp))_&RK9QfPkfX*8hmvPZ=f|dd>!B9g%B-U%vbo0(ekPmrEW1-+
zo6|*@p7!*6(Zbj8xgs6qL?v=v_3kK0uX{2h^UH6@rWI?b*)#FpdE{Fd`kQ7AH#s*j
z_h_QyVfj`-OgWbmMuD520r$-_QF&E9N<!VSULT&rf*kFs#mgac)==cN?tEpN7le^T
zrmB%rgeYz<T#|gu$GS%6h`q-U1*pHVM8$2UF+zgm(%S3ukw4t15lldqNo;;GSw@QU
zIaKc|E2&Pyn7s4Xax@9W<C1fCn5N8&ppF&Zekalx_8UoAVqZlzjWsSQDVdj`W!HKR
z%-!@56vFLsXI0h7UV*vq&qOz~W%w;;Ul5<bjIziprlL10ZKc-E3a%|?zAD6jc^F{}
z%K&MuO_jDLn^1q-fek?g(~?y5?vSB<O*+r5J<5kSs^v1x_q{bNQB~rLL7lqp%jeLA
zJ9|etOps_zD!32D`Ip2bL|Xx6OwFWtKF24sn<yr<>F#w#tKAsRcV9Yvnlzks$hXA0
zLkWoEpopBf%=JpO?+`C^`&BbDq06ux&)4>AUdUJ0^uw{WBj+fnwG@PLBvQ<#3-&Dk
zTH?9rD3B$WIPsg>ucf^veD+Xwrb&A<)7qE3?`@lp<gjW&xJ<>dx@fv0GrkHdKjUjE
zs-m230vLLMi%M)SlaZ$<buAT)NNMHkNix$#@vbc0q=(l`Q%`h@Z-<mv{2Ri$Q9GSx
zQ9b+uQ#3-#@nbJ_^znd;*)E%0Si<m|cQ1bYw3F*Hw7C!K8+J*zwP&v6{>nJ4F4<LS
zf!=IHsTyNbl;Tt2L2x?%wY1XtLH4fXHxEkY_`#xU<%*asA*ql;!!I&4QyS}6it#>#
zzp<xb6~i%LNu^TH0zSTf4iVZowgBqylctmysUs2!J&l6=1O4ZnYfeXS*{*zxFhQw}
zlvk@!u$w_|8A|q-(k@g5Psj+XbF#Z9$kYkRTqqM0yAp#u4gmDlVL)>^X}xctp8ytA
z%`+s^>HL)%PIp4hk;rlT!>10ABOw}7d`6mLvrmM6AD9bii*wf3BqVtP<9VQB5>*z@
z(>33cTt6krPW{y_HYERSc5Mh{ZL-ugwc;VS;;5K<mNJ7fj5LeJuHs<;T!*=?h<p{c
zKifJRHxdjB4=B*q(9``X;qR1gZ%OKsQ_zEvZn!~jt{|B_j!}`n1{qc_e`i2Updl5O
za)2Q|t2R93mPH-_<0lD+mbBP2!WIi3uH<<r|Ftrzd@si!_mpFUx|PCgV+Z-4T4XO)
z`Koo6o&3yZ{GR1q7G7gy^D{f>bkIiUT4nq0h)I)-g^C6%7kK@6d=~T;^)ES_Pvdvm
zDl95JK$1r>a(OoxTt6mHyw6_}$_9h9$}g`K=ATOtn)1A@+v|}%|E|OLIEHdFXBd6=
z_=C82Eo{GV-apEXiJvuhg*>3aNV`BE;vu$KntI%gtAg@~vdmE+q@5D8wf7YFUX+>p
z+j^I)*uW_7!n&-4N6tOj)&|HI@<sVET7`!aD4cQ9+1Hs&$ZKgzNLgtzGj?3FV4_#G
z?LOaPKW-R3kMsGNou3mR^PB-=)jiwSJ#tzjZ)!edztxBCT_0FDd*#BLGrGxLDbd=?
z%E5RLiZHJx*BMU>uLr0pcFsDzy-h56rcmEO;1E=HUCvnn`SuEMr*c-wFz#%4DO5*>
z>>s5h&L>6TU8KLARvF}%)E(ScqVufO8}}{T%6j8@mfmSoRIs9)=G!%uXhEItSkrI=
z`SR4}=RE8%AQ+SQV#ne3i@+--LrvC~>(9%=XA8HWeq~Hf>kjx#9*sniIz%v90LG!P
zX31DixouK#rbREWG^LcDw^kP?$ai7u4Tr>Rz?pYQNIN6E<Xx;W+Pcy!LwrD+R_q4>
zO^Xg^v&I;PzwzU&sT+(8rn;gY9X+v)B~EVa!c?R}+LF|l-T4FZR<rKID2rF;hm~V5
z+X@&Lvc$fyO}U5{nqRHoli|aEXeUy{n+DCsbTK7gld4q6iZg;Pl%#xD-P7V5b2ciB
zP@c_K;f+lhS6R@URV766h~RY6@V|#*Ho~2k(VVaC-90xX&z;PqDzjPGQdA-1?3l-b
zuGh0!-&WXL8aw)tmi$<;IwLzXqY>Itk)kx}^e&h0ZmZj8qpGy*wcqN*S1`Q7U9I_e
zg`DGSB`}58?!^^krydSs{-~>G&d*vLN%JvA|HkVw&RcBus@h<@NyT4Yuf-BxE;=Bh
zL)?w1mHI7xy4@knNS2-KCKsPme3l$-diyQe47%7U8>%u@X}GEwv#%WskCjX*P_!ZI
zQoW=M2@56H`5FF2>qX1=w2B}>h*QLR7v<)|yf6I%t{V-b`<(AyZDd%Ij*8wpKGvt3
zeG?iojBP@AEu}*F@=EO4Eux!LOSRwcdoxU4u%yYTZA&>k0t@Q9KY|eyCCh)^*>(oE
zokq5#l<GGaJLDRTv%=I^lt<FBVRl#z>wXXMwPEkh8hs-%B2<73H}V<~kzG|;k8|$V
z$sHc%hbFvarCrmNPTrq-wNaZk{jj!7VKt3;OM|<4rnr{LlQC9;kFz>`9j=w!Ye`Fg
z&&f&qzNsw}vx>N}&F~=9$n@h5nAzt8%@!zeC}q$nm&UyLIHuT;94s4Cw+-dzmOBRW
zeE%wYhFvmC@gSs-X-#8HNu&Cak-7jlnL<1XcUoxy0URPrT2M2pcF5S*{02qOg+*i<
z#qF2`<$4xaI{Bo#=zl7<NRLV1T_-8q)$O$_$_eH49PJJ{!Ovd5QX9|tu_EmTK+h}=
z6ldKbQ1~=IEqJ-AXqnE=emdGJqCyzrTs-V8z%xuCa|CC0#w>H_dVM_nTwr{N$CUe=
zcJ%90xmXR*1i87_ZR=aqL-yEDOc`S>Ncx-FXp8!wys@y8EYb@?l*gmovypsrYnc&H
zvyu_+L|cM2XuU1GU@btI&z>hOpv<yDg)fx5G{swGk8`B_<Z<0Cw*d-g{9+bOsU^W?
zNT8+pCjB`$1@9=PIalg@({E(bETTVfcG6_<@N|`OVDjY6<y5G$wp>!+d*ZCBvutpC
zkyz$X8u51aNcE#c8zU|=pXp&?XQpjw!4IPN{AT1;e!}E}f)d~bH87urC6BuCTh*VE
z2QxP{K5RZX#YWY}oi)|x?j?-H&=dwXZo_H90c=4O^5a5G#qGP!ZTfVue)UZZFu5_D
zE#|+NpE22IT}N;VS2Zj0TrYiw{))(8E=c{HJ?XK1cQib})_qgTo|A#nt7^xxRrAtO
zo>>b$q&wkLG$=~ypfnycU)d&|mtd=70-jq+PSN0$XA2BJ@(V^yx^P96dVDdM8i7Os
zW1(POan^lYo^<wX;F%thi>X`@a%_M+OzY*O$h}rOMZRCaT%kUzhPL|qL${24C)sP%
zV;xV>Y4tWd&WT_<h*x=ds<n=`@s1bNBNmuk0-~6gLbJFd2ODWJ!z#g%0gOflpWOQh
z`wDUoU+dbXKZY_*`9O}ajAmO#-YCETVePKz)b9E_4#;4yDvA#Qg$DFPQ|*9+Q^nzl
z+HkJHKAzH-#}KyBeetdnr5Ba)7rkqzx!c^6yeaP2AHhDoQnv3bk|T=Z_$xe$mL0wq
z;A?vcLRq#0TLtFU_-8HmrRgSX3Y{`c{xO-IA<j2hoBD*5eAO9+SjE>yy3#IDS>cu#
zQ_Swgn-VDNrbX8k$aqWzrINo^UhyHOaXCus<2NG}L8V`ug^8$Gv%HP#+~WJZdFb-i
zv=vK;Hbl}(`<<Kc-R9!!^ubid&h6$B&`?1RXHpG~*$`48M5xruy)oh(c?h_sk9&-+
zf6hH`9}^vT9GZ<FRRq)iA*`)h4k5@IMGlUFa3XrXUyNQxpucis%)Y;**Q>y^mKRHl
zLK7cfh*jSHf!6e<aGfBs%;%!`t(09_2Q5OeV_>n7BdpC`YU#ciV&JS#rvI~Or@*%6
zRbG7NX}yD-xd^NtYOWtrj1`%Ctj1f7JdS}SAv+>EB|Le_!CK#Sz9y)$BIkT#q<vvK
z%D&%#hM*Dqk07HoHoq3GJ-V<=9nZ8qkd$2#`KyYkQdIBAXpgbJ2x}wkT%GZ>5-qZZ
zw_|Cs>Qo#L>|Myt@G<C6lWr`DI8di<X(n0=ILyYfzL_bn7j_ML``Z}{y)9Uy_Z4A)
z^PwbPCL)`Nnnp=A3zl4*W2PS;oLp*@#9P*(NK-qlTgda;6-+((ZM&m)m23QOXGEAs
zk4D+~R!hQ$hi+c{#C2nfe{QWW0_p&%yu`%g2fvCS#HK>@JGU=y+ckvwbmCcD9z(>%
zAhv@(2Bf{&1no^MauMT4C<m3>PupHcFDiqVggm5PS~8xbYF9nMdWJ`*!iF0*Qhyy8
z?BF6daI7aVPB9e)L3+M3QL;`qt*+XeoA29oetr|6rBGJS|LS#``ty@6P^UilX%6NL
z4LcY#>K<_FgBYqxuh!)*ItoZxHWzGWt<@KHV$w~1eR{M?2&zt2r0uo`2xcFVfJcg0
z27T9SfFJ1IE7T~m1S03J^pTvIzv3<Hxzj?}dva0-FCv&R&VqARpU_#Yu<k$7%XGrn
zv4j=I6KgCXqZ^%>{A!oat8<BH_yH9Yb0>PWbRcz&f7#)!z{852xphzNy6&6}1p}E*
zR&4s+jB93H|Cl!5V?3E=U`X|GP*dy3GNGIFTr<nN8Djl`g}GE0Z%z6ufwi_PiX$>D
ziq@!Zukf6)?X~>I1|BACFuP|JcV^VSkS3vrPA+tOTajkcBd3oCKQ$m;0X!gv>Y21!
zdIjdun@0{4@OKJsso#HkhAxMhS%%ma=zATlEmm%g#(X$I>He)IWnP7NBm%;7#7%zM
z#6!96Bc4iVJ5sAD);e-y!UDFozHf|X)(&xB)|!+}MZJ`=n&J5I*ZV1~`PWR^<0k?u
zCli^^MKb?!MEDN+UCwtK!Ztr`Y35%;Pa1y6RJ>8GSX>9)F**&J?K|v~4RoikT2kWW
z{Mjg{Cf+~8w_eNt%3qol&_I^)FFPmzY61tV9=`qjRi_QDq2Ty^&6%;(W$~=f=oXjP
zz@^jr;%Hr@jZUj0Bc^7K&f9w=Cm`Hb<yAyRebI{NA8U$_dVX(ATyaEb0Y?yJ=)vBK
zH_?Z%JIFdOv!sr(Hmk{d3+=GIR>0r<1(TvMXIbaRB;i5IW#q8^m)Nst3=6G)EH$ID
z80Cl=8}c1#Y-0Rz-<VMGd-FSi-Wl`;;OI)}oOZS!{;Q?NUtlXiJ;D-z!93(Ya2x*3
z=L3{RU<uG0`Sm|?=>Gh|{}J%A(E0tl2b`n+{M~=}>3b^pdU*XaqJP}(f4K-HVBhH;
zk(NgKcLb(8$R7B>N`sHD^Tpp1#=>=hfybv<u9tszonkb0$X@^xzxk<ME+@EHf_Slc
zJ5++v;v}5^dgWqxXcRDmexcqk))}3~PwwF|I{H6;Fw^jT^#|5}*OO!DFU0y>9||d_
zSoCpGKK}c=mShIL1Qw0S<p1@85YO|YIiO;CK;KCG?OkVCAh>rWd`|xd?j3^T*zf$|
z{l90-fB1=@1i@iFHnaUNPx~M2M6nF;^()Cyc>jH<z#Q|>0ahbARdYQExa_~vEWcNR
zuNNAA_ULcNNvR6iG{V&t@tNT=hWjyJc#V7R=~P&IL{%2+mlV3J4|D?R>URfC)c^jC
zui5qxm|X@iigP~jKNt+XV<)mlLg>H5@^7CDezujPWT$r=b>p_ejuZ(<2xqh5JjGf-
zpU|myTn;}puCV@p#;e7Zw%l=9rbxHG!eD&ua;Eg1PiOBooP_Gn005EQ_fL<vL0aE_
zEa@}jAeWsP{^r;j<98_*a{)mQ(BiO=On0F8Gow?Mb<UjLhmVGfG}s#eL!dJ90$}&k
zzoJDmO30~)@JWDFQqOr%QtNJ+=GWF6;E6Q_z^^SFlDnu_-#1QydD_&cS5)hl2>0Ti
z4XRVAHW6UZI_X&uGKkKQW(e{FYe1?QSJ6B$?lcXhbWO_K0U>iZ({&DS)SKJ+091|0
zf3(v|XHd+r2JT2vl<o`uH^%@5`@TUuhj5LBE{8D#lOX*uIOv`GOjo^C9Wx~7wJt|k
zBg!PQZFebF@8HwRm3yDg@>%K5(I`DcnREYzZ8Z#yj09PaR>#0;)fo6`)d2C@+DSoF
z;gi7{8yy6-;d&nAD_ergtLz2#Qqi$HzSQ1FpWb@0uRW~oK@rA*hW?qvacchXH0th0
z?5nPrL@ebmafC-~0ncK%I;E7gUtp7k9B8xjK!W32{Lu9^SS^jL!fFQ!5Buz;Ca@L~
zmycTiC%2`A_t8L(B<AMC*WBCT%T~re4k2O*e#rKSoJ1n=pkgHV*aW`-HiU5@PEY=d
zBO}6$sto%Y#41kT#St>(o3RgM)v4)0#i6nWF+Aao0ELETtpO`zyG-vBEfUtvV*pT}
z5YGTp=;#u?2Hv8E01<$g77GIcz{!kL|M@uZCQCuC0A^PCI9Zl3Kn#dI-k#>Og72*W
ztF~(3Y1}f8Hqh~oF;U;M0MJg}g3V7<5JV<<FEAbr7bSpPIp3Zdmh4;L^Y<4P3L-+k
z5xg5i@vvBV(T1>$hGL*-pQvq?Mp&VQ5>n*RD8-<tk^UM{Rpe>xjJH4uv$zF<@-uQf
z*!c<YuDm2ynM(W(MdVxpb$8XwhnTVQ9|`;=pGeXEOlUyPJ@E8NN_1+txxSocYuH*U
zqYlL;H;ZS2RET(AOaOS<0vOeqPt8jtDJaAz3}+bj_yv1JodeT6yoJbTdHDZW@pO7(
zr{hwQWXrclO&q{;rd7!_1#F7)Vv`0J5vaIrcYbw79ww)Ci#6`GVq((K;I34&HWx}4
zffUn8AnJu%7iHfmv3!xp1nHitwcEV~*<-}2A%(~VqeU8glwtt%$4TXWt5V}|ob9?j
zRRe6b&*kPV`oX1jnPXU8g%dJQ0mRmj$8uzE5(bR@)Qi+vMQ4E{g~`tx>|qNalurlj
zm&ue2O}P8l-ej(>2Lfv}q7wj8wE)w@OFav6O+Yf{*hPp^fbgy!7OIv*Kxts|yJ-b(
zm<6vS55qP)TR>Q<I9H#RBm8L?@|&)x<K&0kIU1cE;DmKhm4fhlnAV$6F9YNngr%*w
zSu>N}6~d$LGCDU(pj!iVu=g*A#E}#~ZMy+@EOs8sP}mM2xU8>c%g}O}_Z|IA9{y?s
z7)P!kitjAp-VsGCU|ujOZX!z7e{A0^CyzdkAGWnS2}16uw`i0w6fD!}`L4g)0VExc
z^h7`|_->H54%-A)?d8B>t`As))02z5t6SGqX=7e1$gye%sas>Ud!IM8_2#7_nD#@~
z^J8o)4rL&7kr{bXdD*7|=A***S$_c=`<1-d=W;XVdZ~ys$R@`FFhA`uc#A$aP{4e~
z1vUgACDUL~8K8$|diVxzvo19NfvB4t`t!PwdG8lPjqw=i(cVAI%KXH#(T{*}BAECL
zzRHB@VQgj~9$t4|E|%@eIXf4VMvq0g0+TVT&@2*iS3nzZFA_(u3TK=L^Y4TOWLn<H
zND{|&e}Kdmg-Q0-TEZ-2c(e(yZooX3C;p0HV%ed><dQkZ;2uuYxML`VY)d?fdW;N2
zta;F)JC2N_g^)v@#FwgN-Kc;;Rc!zeDYXclUbm;3lp1m3#S6BKo@1r30)UB|z6Iv<
z-7e$3s2-pI6*1xjK5LIq)E340hO4j(`AN3l46|Cg>haAT<zdZ%En#jxNadt~3Bu@J
zWbHXSFwFafekPu$?D_*!pf1P-fI`zpbNo`A6nWEXd?8zddobyI8I~!W&ra3@7X=65
zW3qgdF2hm(Dv4=6>e7_0hK8-Wa+&q)tp;GMY}7jn_zHqG;2kWOK3zb_SY7N4+*>c{
zQ$`<t2q>Iwa62tgL7YvYa>+}?YW@a#v4xUMjpOi~UeaCQrmi)t+|gmO8XvY=po{|X
zQ%8}kW`U07jVuiVbTv2diFcV_CA35)0zqzC?YA@UO^H8oyt<sfJ&7-M5h<~H%foez
zAUu_o^_h-V5dIOT$w2*(8^Dfv<Qq)*n+`NheFcjNkvkN``XQqz@foz_-2>S#OAt1X
z{VyPX8sZYBw#q~Jb-+(>8*mej{gqL4!3)O%sA+r2w1_`rbTV-%5Ra@A={avI&L<<Y
zM-Z_d5LaW+Y*t!oSovU#Z8!-?&X-u4GoK;0!c-sp-V~n0`EvkvZQUIx$asZ2ZmsTq
zvkOc+ZMxB-5<t%DMZU+|-oyYgX(A;n^eNX-tPD<_>daB>M&}6RvhJqQ%oO9>p9VKe
zr;o`DzG>Jr1DE|1zVAm@+_PyaA<ax{Yf!CV48nIIaL(;&QI*=dMQ5x55ks&ioL(Yr
z=MfakuTBi)zQUPjX~?)+8fzk~_&=T^F8jyKzt(B5c>Fs^wnn_W3+s4+D#JWkELC={
zwYJ`6JiEbMCVn9gQ#x@1o8DArW(b`c%Ise-^4aiS;gc)CVmMoD<rrMI;EzeyusmDy
zup}`kODSb~QfQo05e=agnC&`V(^X&nsvQM{g=biX5O+B@{;HkAmf}OxlIA`yL?AFV
zjR+_J-qD?|RUG`gkcn)`RQ8+s&`}OH7BMyy=S4R_Pdn4Dr;T+6!#c^f$1RQWWF$Q%
z!;f=L<oZaJn!pYy6#3N6io%iUJc-Ic)GJs~p7=9DaTPZwb6$40(!`Z8TnH~934~HO
zzE1}Lp4K&i=HQ|8@KZ#Y(0@;@WVKYU;lkR`lvZ@V9si~>#pnS~N?dhu%0f1y-)D2Y
z&<bF0QlwQ0wd2*+3IWtY<u$^F9SpVJRK9+-Lmf$RE0nkl&yA<P-!gbO?QkbLQPkFR
z6w(EFLA-V`k23zx!EJ`3S3Tsj?=gB;B)ypTio63aiYyFDQeCp2O#3pBEA->z3}Xx{
z)jCIEW9%`-zTle}sRHx-#_d+Ci|pU(Gci~Hs|;$h%#?GCpzLXo*|Aji)A@R$!Of0(
z5BplBaU)Gpyx#)FG~JFqgIX%@(-vH%O`=~l_t#pACTY8+tycf-r~yoJymfGSxV|ib
zmi=e8$HtWIPcHifF@rD_)|96Mvi}s#`NuG1eMY5|Em-q5B0z=*XLobsiP5Nw@w|iN
zYV^B74!;R*l?O&r@DGism1Rs8Zt0`o66SyY%&-TDUKjMaBUkYm1)n22K#kdNzKu=J
z+ryVy7%^m_JdkHQ3nN1QHt4h1n9@2Vxr(SK@8;8ztA8Uly;oRM4K3Q0L(=wEkL|;l
zV)`Ciyq25{dk-<xM$$0d+91vBZo!_c>*gK_z5!&@R2vxCtLnC6A@k8Wb*J*e$dVOf
zw`rT&VoW<$gBcjJCPl!QwutG~#tYFwhRKRyN`D(kF;a|iU8hL9hwLnswl9v?hZ*L3
zW38sKB&XAB-c&!x!t!d=F#V`hWuPR@n+7_tC521DC(@Pziqn-f`)N_w{X&Nyn#1zO
z?j7Z=Car7cyjA)4A*2G6p#9wFdF^mq8&6y*4n$gGJZS?;ANNaJzq^S$Ig{W!M3$?t
zJnz+7{<^syb0M-506xJ(dWCpMn-@yG(wkI42^xIbZPn(^b#<o#p<^z2Ox#wwrX)p^
zrn9xLU8&OQD7qI$ueh5^r(Lkix{~uHDbjBrE=0!W{qrzL_cE&-xj`HpJU%XfHdDC7
z0w{aCJ<W<L*hlZ>r(BFyLXL$-5nL|Q$k|6)-)$`D0dz#4>ui+25F+G~T}+>Qq)RJ&
z%Sj-NBklhYq>&8r#TJ`s#1bB>`n~So8<8wQex8!RCP(Nu=oEhp*U>9xx&%CSQ`e1x
zyo-o=H6%~H@=d;S+gXA6po9Q!CXBt%967yNih&~FpbiC*A$-kP7*|Y;Gx^Go=N0?U
zM+_JX#)MO5^HL@}A3Q|yk9m@H?H7=HpTb_OW^|~gcx6G&BR4BN;}hUTj-Nx9kE}Uu
zF3lTQya`PwHj<~NctODuPBumTw)yj&GN#b{AIo4FSrRE}U1Df&nrW@}rI&bLp7_jN
z{j0vG*~=3XPotLV-@Zw!IJZ*N%PcUq2S!HMF1bupMFI8#%Yg85x*CCz!sJ)nwH~zK
zFmv{!k2(H4wRjDF24XF$faH4czQ4=d8F&+4IE|S63fk$O7_B}5{r?4Kx(#@>Y$97z
zj^m7n{fuLNPDSaLQ6XpdvX&a{>Y-!7KQF5AOfeYYm<nq>6?(Re9utUBh-l7Cw>*O%
zF)!PGx9R@*{sR#4Oa2ixC-*Kx1;>HVxPSC{J*CL(@@u!}C<g=sxxeMb?qi|2656wV
z&sil|N7m_A3@6g7+u&CK73W~z+hz^1=VaFMUJ`s+$bBhpB);8oPj8R~`GyTOL6hP+
z5{hPg0j^CczwO445KL0+!n#kIDwO2T6^-_bFGLN5$3OhL1}JyAcXUP$#_M58-?^Ft
zJKs1I+-dJ<wQ0p+w~195MkmZ{O!$8KOUo<gKI+jIqX-xGjyLH=QmIyBaK{D;vRC6n
zFe>%fp|HuO4aGm3O%5UBdqdlqhs;PXS06G7WGc~Bw&xtub(kXhqsC=bBC+36iSX~z
zmT#l0m8p+H`_taYlbMP{^Nf;NJjZV4!TdIRwVvnXkdny%#L8C7KP@eQzhH$ppt2xD
zdQ4Hv_X6`vu+>U3xDOpgno*~r9NBp5=d%;xm^+p;YF()5_cl98{yY@`&TL}jqa-NB
zq#p*~IF!|wJWreUh-21Z+k~sEeynfwQE*jAnO+`%t)6NN^hN(^ZG05;Z^hV<N_>Gd
z3rh8QH}K(wp$U(#mZ6TiNjO07@QoRnPA*F}lo!!jAQ!N-j<SL-l!oN}vx5F}`26dS
zNr<cyj(`3}4E^DEMMFNmUm=FuAUP?$MnB1igfATreGi)3&Vgnfh|E)Hu30wgX&orr
z_vnAor~)~<R!#4i9@EMn8`*k7v~R;{ow9CqS8@z_cWgC7(n5wgaTj{mQ?o?>u32KO
zicD*mVx8@@K~2e?Zsdf~1Ku^3n%Iej%?S~A?2e`vh5z;=Dv<}pEN5h%Y-Ub2s?9K#
zPOt1ZH1e57EiF|@cPAiC_ju4zeiO~qz?UUj1A4Tel)gVFjsIty{>RvrZ=*fIoU_DU
zx-iArfURw>+_9Z0*QfQ6bH)5zys!mTv7O6yJ2A9NQXDHcD(@}ZpdOFDV~0#Y{dWx~
zU@D3BZK(ZA)Fu^jDf75Z#j`{8sgUA3)+-aV%6zsn?duFa50EB<q_s);1|PUEYb`q(
zZTLo!uHbiGS1Otr3Vanrn#;%iZ~o?gH7~Oy(1KdtY9<%A>|8{;u7~<g6p6BzlSMLV
zb*Si|>a{&bIfhO3zT5ACxOUoBZ-?ck!iwj5dgj)OtKnhaX6nxI7a~=&|F$J)jgK7W
zugmIeT#Gvc;p&;a73_OpsXt0IH#=*o&ZKIxS!Xeddbvr=b#+C(oy4!hs-Yl0*WO~c
z{z%8zEa*Rt{=X!~1X*InG#arATPuMLY~>9<t{ct|No%YEWlnxS>ka3wD_U0J&^jEw
z$|N@!V~<Ae)B0wP{aa?~fWh@~%VzQ!&Yupze`>SIq=>28yEzdYXVYSCLG_PoH!Ll0
zsC&AtEhg_fy$OI95PhUiQC%Ov@i%_5C*6G0VewY;PuKi^{Y=A6OzY(BjVYly-J`VW
z9<0gU*`tc`a2G2zeyo_y@h?`qXAYc9zZ>70i{8ew;b@4PkBd}}iTBUVUJWXWI!EY;
zA;TS*oL^><U{E+L%yrloXoBAF|N2#bJ!ZpAG;7kC>q?Jbz32_ey);()FGAUUevY;_
zaT$MVT)rhr1@b^M=F%U_v9OWyKppc5kA{&SW6aw)sktzbtj(OkK^nUy?iT}zckFVo
z5U|I89WujI{MT4#8_5k#)(>{*PZX;I4CHk!?*oGq)2q_zYhBz^|3GrB=+5}<JH$Qd
zaQjGk?W)d@9?iGx(VEtF*eTYlzR%h&(uaml6?tYYnsLi}!#7|-zskRpu@(6`KRL|+
zYY6Rc*HD%_=4Xtt3wK+z1gU_Ag3hqgZ9vDjJ@t9^v#=hT7CJZeO?#{mcY9m3C^evw
zZ)>*YzNed~$!E&5cFhL&-3!FzsQ@_EOHC@C{$iT4*1<4&9)_qQ2i;$N|MltqW5}n$
zb~jXxI@mvWn(bRL9y^!xJFsD+*?L9h(sHT7B=BM<LbtN_K75_in=di%qW^2`EVrX-
z&QD_RvbRrs)cKI%Dp~(ytNGVt|DS&c<TxMW8;f`*(;8FH$4tN5+J5Dqlo6TmtvM#G
zqS4vK)aB~!e~^+nD&Nah^wtb;9Cd{GJBe;Zy;hNEB)?V<BBS8HN57kuWsIuU6P~1`
z)^pMB$1mc&k|z0VHSL(xmk@u&4?UBgnUM*VKs=5GgJdC7RTihQt!Hbif|<N8cyhh8
zw6IiUmTP#_U{+^%JXQ|JY@-FU?oqDr^1YeQ{-zHaQ6k85>S@UMUW*|={OEV@2@MkZ
zfBexU`3|z>LH9i|Hh0GNH4G=0w7aenb5@*>b{XpD;Fvs-PDd-u67N^_1Xu`Gw|i@a
zrDZYU&(xeMvcESV+u=R8jrp4|KwN<(pMTYB8Cfkw=tBD7fz)!Nsk!xg*~_C#5ogUB
z50aGqZaQwKQu*E|GZoWA$>(ldIkufml!veCm>yp|=z*`2oln#lK>MO`be_36xeC|B
zp1Y|MO;b*bJ{IQ7M7G07iul|6eE3mp_6hD|3PlZ9JjqxM$yb4=J1rmFY;W7t(b9E#
ziKp~M>(ahQ7<w&eN5qwxP2vut&3_2BGnUo|obz#Cyf%I}TVcD3`UOFoUa}m!6;Wya
z3%i~r3b>XE+kYI~|8Z5->0<oPs)9Nn#YuhT`z$e{R!`iVf!i7&-)8o+kD4gWJc@(+
zm&-I9lFaC}e<It*vIFgYbQN=7cJ&L}#yg9JB(<G`2vT%U7@D3)V-63>TsT_2-rqmo
zhxz#Tn3!)ImE5o?h##z%i=CX|dYo$3Xc1T_uEE@S8wXzW#Ns(MQ*nLKCE9qmv>CQM
zB%}A#l_JD~Ek5V`iBcEZ2XawbEDE6~A8xCc*rSMgQ-dEc*Wh4Qeg8l|_+O_M7;;K_
z4q+Lm`p1kb-vl`x_w1xUbboqwu_wJOG4B|^ti^9y65NIz*cnQ$Iz47BY*6=hpiWKZ
zyhEbhCJsN8-{5kXj?jIWTQ@;W_>o`TwC#_vZ26)NCZR&3wpUWm>V68OGxu1bqN_<P
zq}ny1|759@lboDkLqhM7LPqpe&j8{51&B0w0hr=uZ)9hx|GgB%Y-sjC{T6D}77`4i
zqe47ZOWb|xHmncho~kYhzXko`Hjp%#ocyL#ImxN7TeL!MTs3{WlI_nzvJ~}~c*5%S
ziY%Qfil67cUD{ktlBK{&^hZHOHm3usc)?v;Jc^$z+-@YNzur6YCx!BTIM3Ccl4DMG
zrR!3%opv5fw3&HKxBL5<gcH9?>FcZ;+!m)=0*A!M^af8enjqQ3Ut|;QL7H6xvnR*~
z4BjklDAi42{(^@HMn>eyRV3#rq>};VSwMLQkxo!a?VNxRXlqQ`tOp~a2Cp^^ZZT4A
zYP3Ms-s9Ff2d-!mGGJVUNF6lJ$Po4l0nh=9o}}wJs5G&4Y^otMs~|8`Z70+m=s_33
z*$2zH7%1r|K|&N&4bW`vffJC~Ptmi5z{vy9bo5yu;YNR*<%zbZg^1nzRRr46*{XR8
zlgB_n#ruJbhiR*J-X|M`ZY%=T4i>n2+q%;^uS&sri`>XoZL1Q(pT%E0$riH$A7CH=
zAlC-WVDy$+aDZFP@Y;Er7<TA4Yu|>w53$W<2Gi&ZIxwshL1?b_seVnoiN<~`6}S6b
zF++%d&da_(&I&ZkW$OFaz#x#-0CdTH*9j<!R?XZH3q-7uMrrVR5nLuA0Q2#AXYAYT
zLCQzhWg8-zl;+I%%N+GkW=|sy6ADc~s_TqH*B*ebLVd0;f<am%y%3O;`ircCd)AjB
ze5MG?h{1$7bpnuu5sQQ)tGn8928hXICqN`&D}Zr0RE2>Dwf*ypwOn(VJnAM;-kT5m
zf+Wy#MEHk1@8pv$&=K_)pGf&L6-{&OBq>DB_D>JARx%#H<1%wRuX<$lhT)oLc+4TT
zd#A{3>LXuvm8*)HKOegoJ{^t!#-o<^F<n$%EbqYQjzUZWi$gz+0IbGn>+_;V;>6=<
zp@*msC`f{5b!_YD(f~%`Fyc~??$(Et!)B~-dvpDAbF8GTgV-Rg?_nZdILMlsL^N}x
z@RB*}d7ak=?0?WD1_|!eJ$8j59`{+s@0ajd(2hsOkz<fc!p#7Ae)hdQ<3U_~&mVuF
z;O86|goBJh<1Xs#Gcf*43^(-0XJ84cMcy%90$l|>10e!Ipy9391nD&q0j$V-pkqow
zowd&oJjw7J&YKYVu5U=GD)z;qx3xR&o!v|W*yB*-LoT;95Bh7vF?5=p(%L!CeX2Lh
z@fr^RuIE%QQ{QDoqqB3T!aT!+9ub<l7%kc@CGUiD_&Zh+b?3{)$u{|}{Oe)F?li)O
z+_8fLAg^`%^)HDbK;Rq-6peH~)J@=fk(AFsq*FMfOrt1;psV$jLJ5m#Qy>sWmY&V_
zRo=a*LQBKKDw8wGcNUJfdFirD&26D{RZ<}1EyR^g-Mc#lhJ|R}7c|4IAxB@p%s=6H
zJM`I_3={1L3x2a*J72L55?Vb8!q=yrcKa8s<o~f>57?ub+#AB+9(vJlA;2;%^c$m!
zQoEl##6-wTw%RT9mWuZW`r*}0baU`Z3C63}Pe(GgM1Jk}yi>w}YrR0cY<MIWz>PkD
z$K1DEzeeC|gQ-|JBS1m*{2fRvUGHU6WDo-_$#Gq-aGtk}h=?!(0z{N9<IJN@IIxLZ
zXITUym#D>3l27s^p^c|=g06EvO}mSgh^Nct`DVGJCZq=BrvXw!RLk0Qwqyjhp(tav
zWsVnbX&>$n#2>!a11s^Bn40BujSWGD$ArM`)nRBbkv3xwcs%}|Ojk&<d@ZJ6f9SqP
zqU7%;tY06-T0Nq&zlb+aTQ8+4^yuzh7SsO1_ugNgq)2DD;)@`fF{0QIDlLXQs_6I4
zSoG%X%>>XW-pznXJbAv6pIaf=Y88GNOQ^0%o7#!IjOz%JlA^5za9VExK;6#qc_wke
zUojoAru;!L%GW*6GmJns9EK(j_>=zfiW9G|pZ{Xb?Ckqqtmn=m0@K<8qF!a|-<Qe$
z-0!O=5RtFBVt5b?q?pS*00VPN8Bc&Tr(9z8YiW2W>BpBxu}@^~9)rE}K{m*5S_HAL
z;okk4>qnyNo@;GHo_&7y7p<7=?ce(A=Q<Gpp7rBxhKGdPuTeD;Rj9jy82j$Xpek}L
zkkSinBGPP^#4J-H-ly8N@XXaqY+4THNDAF|=VC8!LEc9*k~HB)<zFVls{%nY5Zfuj
zAg@O!xPJ+qPfl5hQ#SvqDF(983A~7A9W(e_b&~nr@X1s6;gr1Ry91}QgNxHWS8zg7
zkBbKs#0duFTTM(q6w|F9LhIiXT4`h(W59#ICm|Lnxj#1V1P$&+>;t{2HMyZr)1Xh@
zde|>Y-L}4H1O50Bs#enz_)4HMNI{<bu_v*Pb*Ioz7Opb0DVZO4onBCJ&Z`)Y#8W+!
z6WDxT5%%TK9<eqL86R;4xQ{|KA}9Aapl!`yXOPNH<WP1eddL)hJ+wFqo=^&dSl!Sl
z;0Qn|pE2eFJA+AQ_+7Na6Ts6&ZOzBuiTp;UZG_C;c%)+T{be0kMNL`6c8g>)kC4#g
zUMzq#9!$`FvxmEx(2$-INHdzjT|MkG$zd@HoW^%>Hb~bJNbb(p)jrDk)_i-tdxq<s
z?lLCLdkOCNb(T1;VL1AQ-?|UYeFYPSpow-Sn5eFC7+sD<SQqQ3FMCX;G#r7^VRwQx
zI3BT5!Q|!xYnc`k@nX*P^RR|PiYvOA7So*i!g8LR<_d8cZqUF#pnvK26F}X@b)dId
z_axFX`4rGkO7cX)3s<+^T$bEhul3PzqBrQ6R$NaR_p=TiKO3-{m(w(PA;%SbXHbu1
zL{9Yl;3s>(2+ksjpxaK`oQp2~2TtTu07_GIOakpUj~7mq{RhL;olDjCmo7fHBx~t4
z2rGvN<z3_#AZ8U~<O^6ef6WP{Xa2$hEF}7UXjNzp@Pv9Jdoz*Q3X7EVTfrw#!XndA
z!H}SjPu+&CL_>AvDG4i8`hO;Syenvc$@|yB!n8B*J^7e;$0=hlS(d8x(>maaJOHSD
z*b>ra&uIAjmNm^1ZshvK`%mLj6B-mUX7I#|SE0*AMVc8PvY0W%KZim}UtnFx!c^pm
zK&_CNVLSIB2JPMrFcWZSEDrJo@2!+4Eq>uI=I^gNQ<X2$wgf&2GN7t>+kw8vQI5#s
z<_g>uSW*0CltmBbCc8ffX+~{jJX|1CWS|;yiVjQnSV>+4J_uN0_q8j`TYVm8#JqoW
zj`b`c^lBz|;TdA@cxdtZUfq4U`TNjl;dK4MYudXOD*)b}$Yi)6=xoGQJ*FYzQcAw0
zyC;qMi{nnxYmB&WjBS|F!=E$iXb(eg9y=X5mUZw#@5sC|p)r6_waOBE^|jo2gL=jd
zQZFYZPbeMYE8LlWc}G0g8FY&H+=N1`%YjRn2O!3MO1#AKajc{#t%OvqB!SG6zNP!*
zT@kDF6kN1rcvYkv*Wi8I^W=3bv60|8Wlu@;8yZgH7sC2Y|0)BxMDhDgE4Ut6oAu4g
zqJCgx*onc(CjRCI<@e;8eyy{2Aig**=f2YZ0Cqdgc%Y*3y=RJWQ-PPrz5jHpQEV(p
z$oy-hZ7ev7De2u?6WU*h9LyCmX+tASac+;fE?0o5lOYLw0%6*HW@h|+aq3M%LEbXt
z>7o-{7kub<CH3NfEl3j1^RG{EDAfgie@N&=Gj##gMOXP?ki-)fE(E`%!(Jmuy&d;x
zeeEHtI`}5bggc9`NZ)_5a(~KF|2yVc8r3webMm+fbL1WUCxCLJ+~O1*>P|8r?4GyB
zp#uIxVe}n5`Lm`+M^8e!SRWzj8}^81U=^Q%H`$UHVGxQ?Q<87YTl$y+vHVbCW2E^=
zIXZDIszNuwN4NlOZNwC}<VQknUa0T30(pbIH3?p17Y<+>agi(PzNXEn51Y6Iz-~u*
z4_akWNsab9Q#bW*$n*Up@g#HK<Zk0e(mylo5(=A(wXm85<tbo&O@I|@QzNq@vu5;^
z2hnbx2brGycn0VlJUbaa2cQHX&)qoMofq|F<?8JQNG93+Cl0rLb|ixhG2aQ%T7Q3=
zPQFyiF{7nFeDnxMf8r{{^3Q3HfWF+2UgGen9x*ntP$r(~A<3g%GE!PM{~kEJ!E|M_
zW2fJJm0rK8UJ}=%?MMKz0&(Ux=q<fLu_})IL1h_<jEYzjl=n+BQO?{PaIgI}UBF2B
z1@mR1Z-K)>dGFlwK3`__6SvSYTA-vkNrv-8G7h>InC!+>2_6H|Ys@Tq#75<4lRXwz
z0^vaeG6%Tf+<1$zFf>ug`<&0D&{PdFMZ7DP*rwO2I4x68jM5H|0)vv)sKFK~g@zjy
z_sP%Q@JZ(>J5FRw{a}pqyexyCg~B}yct-5FQ7ENZ(#jBCiYhW4{=yty^q1drpS&>I
z(IvEZ*pqKRjstQRani}%U0sn}w8qa)?BRKYII#V_7j>_NM)p1)WPJXuY9s}|C<E7G
ztXL~;x(3AXDRVEEuW0~+SLCxE2h#`m>~o(pU-82o@V!8q+Z#<2sQFSuT0Z)ZQ@fbF
z0l@$csuJnhqi5)42H%-H`;@FV@Gfel4H7we<#-^;7lt1xh)-v**dBQj4nr0vf9`6)
za56+tcScEzgOs}fK2NEx{r1cA-a9$0&2O%12Ak*k@G(;O!;<^?&bMDaHzQpnmy*8C
zG-v6#pC;%o*l3qX_s<4OlK4VUscg_nN%y0ep4Y58Fw@#EZI@l84?Wq2S+3Y0pBxyU
zXJ1bdvjo24a2X3)|E7blR-%ghkny$ON6#N=Ma~@VBntWZD=v~j@Ux`|%&2x&&9`^w
z27or-9wa`#f;vyF2`zbqGVFkNAytR2fZqoqdUmIi0i$M6<UX!OROOBgL7ds?5BPt7
zWRw{|H)*00Xh!SknQVI})>G6ls;<*<KUWCLaD-#7&Uqx+obj0y)^PUjc$q;Afnc?J
z<ue@oLrxIvA<$<PWF852+7Tfnk^Z3eH$EJ#d57LDaHDrkPPtD<-dSyQQQ`Igix2Xb
zDA4G9a1?xIiQ-i77EIA&yalfhULA<jj^{!YDHpvih_m0%<_|=}|0NjdMIiKbXii4r
zQTBtm(_SG8hAFf|qKA_~;ub=F<A{Qsn;ZFkz|ruzh{-??U}(G{co;O=O)@CA7W?od
zWAE(kW4S$m6_dVP99A@;(r%ZA%QAEB6s^6qtzS;q*Fp+(OL|%RvA5d^wR^~1@`>cy
zmrUK{3tSUYA#RU@-;5uJn^*Kdi9GL;t72`}$naKjn@ZBT0gTD8OY?aUqwBfll^5)I
zHdJH6Hdn>Rp<Ev`|H6mdgG#I&6aFqaBIBk349Z{q9I=jjdsW_akAIgsTrc3#C-Og4
z#&9@osRop*xd~6HTdo3!VbfI{8!po!qZB;1`FXo~CH%RDty*RJsvlLKk(y-1kgH=`
zD%qQ<Je`>_M^!B`GdD!DR7{ytn@3#ZQrIcU>P9$MQpNq0<bytTr@ProMd7{@O5}7T
zj@F}ch6={4dul@4q%~Ot;^6p&$q&2>q(T!NrPo$eekLm-Kg_2>?(yh6Wy_p4&OF|j
zOsz&-b-oX>1lf;t#~dcF#Y^1iq8HgBMJjowe;tG*k%L62o*7FJ;6xlV7kOHPbBlSJ
zTcS8GR?N$zG`psAnbN46#~CH-9NmP3r9DolL0UeTBzGjL(58~D;tQfHC>R1iSvVDR
z$q=xiKJMM%_apT7x@Wn2>eT=FA62Q60otBUs%8a6ESY?!9be@OfwBTsuHCEDrn#*T
z;zm=ZR&*Wap62?q62FB_Bj{SsXE7BIKN3(0uJ4jQVqe-ZVh-s`w(sjG9(33Z**7mE
zx%_e@e?DI4u)_W`Sz|?U(rZOYtHaoHMGt50eVgdReBXQ8+;&7E*wmy`Roca^fsd)r
z&GVKwg?jr=MykE@UhNQB3Z_d4xDjeS^}vnwFme`Re!Qa+^1#+qU?mPTulzS2x7>xQ
zP;)}&^-H7?&4OdR{09z+V`qAr-mC2?;9tPx@8AqLj|6Urki8&axb~rvQ9rq?WePB_
zXzr%Kq`-)0j?>TgiQ*FWwa<RHezXx@9GI^&>76&dSn-b|epWWVSkm=M9i+9;4GWzZ
ze&VF2furs8sr=}LX@9%Z`8z=~nY!gh<;C%@s>XFI(OgEUn9IGaI-@QqbA>ULY2dBr
zk7&5vy^n)V?Rz2_%qlrU*Nm8@UZ`|W|9AoX|2n;7Wd5MdBh^0{;yOcB_NUtrj7~G4
z@cli!wn>nQ;%Fv%F<><$6os>Om#Aa~{ig!4XLBD~LqAR?L8qyZPa9}XvQD$dV=wF0
zt!zx@wCD&^lt?01N3|fcuHfj6t?O=1nFjuEEkH4wM<08vbW*2GbpHH0pYmRkSK>Hv
zv)luApKGhLtySs8(0$+b&gwL`KKr?gh>+d{8!B}R{!`H@LzFpRf?7dDIrGn*_dj;A
zH$c4PjIVY(YiFLrKP#ZW`!C?3PQ4WKuRTe_)B$ITzi-}VF(RSN<+#r<{-6Hw39iyY
ziSTM`!ry-|cxa3=hJ86Yv;Vh`M#3WzH8QTxwRz@SS*JgF<QT8^D;)X%W9}`(s@l50
zVL_y8(?~Z;gY>3bN(2!ELAo1h1e8vtkroL-X~_*DDUE;<BHg(u0jXy$kLQm6UFZGw
zeiJWZ?X~8bbBtdNC&AY0n}6kFI1(Svh|`%9<n&IKSfzZRyU;#<GLEck)=AgRT{zn+
zbV?_?I2s6>@RMkG+|NDM{*>XR-P7X7xBq2r{hOy!go5gW{CY*FBvD$O(5v_|@MY0g
zu|Lnv|M2vrGZ}e7i=pG&n_Q@FM<Tl%Fh!P7V3{nip<Q@QsAI`STVRPyIq6+`6gJ}V
zK4M}WT{)-V`w12OT>||-TAu&#sDs3m>A8@sy;}SI*a%83;e-~uo2WdO1!Z9===Z$Z
z)9uSWrs2Ic4#Zwd4*)bQo6BGCU1Ihys8)>qLD>IZbIf;mF#E&@r@Z6xD%ZR@-h|4p
z%)Ubp*Jbz%>tj?BHRk%<SA)~Zd!-6#KRP^;RXGu_Fq}+;9AEr}<$j$ah$qx9MPj~#
z{Gmv7>IZK_&BBCo*;5Zb|FdA@HchFx*xoah;VP^zh@2LKe(84_|Mf=walu86XrX>b
z{x!Rph=}vuG2^*YleUHRyABUnx_2cW78G1FlDm~6w-fnS?o2kO4(r+OrpR_rjV8hL
zgiG>N;a~YN4lM9t^gnu#PU^BZJyNJDmkIJDo7LC(D_4JxhK$b?a(JMEw^iw}f;bT?
z9hY<xb2}irnNTZzv!Zgkkwj454Lj#AaYQsMcY>Z6kn+7}RnZyGLhZ_HF-WlLX!sv1
z8G3R-0fEveg0~i54^FV3{pcDE$dL%~gdNR@6h5rq>LVNMCkO9Sm9yb<>2pS2$FpEw
zXXJC<i?Ik&TD_>{e%UZJy`XCk`ixDC1pddy5j3fo!-?jmUoxCkF;U((@^~0ub$}}C
zI-GlR(k6Gp19LOrf^0;=a`KC{Vxx^OJbCS%DxK;u*i?gqcZiCBdC~J5*MwNL&3nBN
zB_aFcPweQP`fLGeC)gak&(Q9oHG^8SypO;4^<Be6&~s4*%>-OZ0NE^0E@;zpLAU$<
zop+7W-=EAZ9qa$0QZkR|zMuXRkwQslIUs7aM5kY{aiT=flKCfQ!TSwMp0E1TRD(?r
zNySn7V=`QcY)UdA>oLyitPg8a(-(AXXRxCHwT*6<nd-95dx#rr3%v4fF1n6M(wQuQ
zD~>njxiOTR@522{Q1gI9X$~~1T=x$^dK}K!L(hlxx9;C&;`Kt#I)7paGZ)az6caRb
z{&>wKimL__SXUl<fkF3xam2}f^3&#c?861A&^P-k=XRJ<Fqj;fFWj~CIZr994PTsd
zc?|@gLMkxJ9=X=MILYfZleQ&wgHhZKMN_X2<U(<=0H|z{V+O>~J43)8Q@&O6EfnBs
zLIz_1mQCe?Fk*~Y8K?^myOMnfRO3?3U``o@*yHuYhnIkFXajTiTEX0Ma-V}$SS)<+
zQ~7qoMkq*b6mHy)5t?Lw`~K^LioWZ1Z(+bXkb?xmHLKdjJE>RvKwu~xz-O~u(?kfy
z@r0)cjhBQPz_F&2)&i&<8cE>qus;E)cbD&LAn1idz-N#z>)UaOZUBu??r7KDpF0G~
z`Y!(bDdCRj3uqI%gMq2z9&ik@7(;*wBN+TrUh06e-Q5c$7+8;k*{t{GDC~gEZRgqT
zk8M>!G@es@2;la~HU99#1Taomz~$qWqxlmUTT<>S^d*!QF3Nt%*abHY8@P*7^B=gK
zp6Q_9uN&Ga{E#^g%ooH!rJmB_G{e_LP23qrM<@J|>%?K<9N+@6Yx$B=%IinJdCog2
zSoFaI)T4Eq;o~)KVb@x*Xh8j4dd6wEw;qoCdh{X0GwjP*)OoqokKT($&L5s69{Uxs
z8ck_6WR*PxVH`RMYfy{6NBHPgpIMv)nK%>F5M)uaCdmfA7<FHNR1df#izsmOnM^=<
zq1L!U-2_MgyqW>*NeTUJqSB)Z)=JJwiA|t)yE<<>N%)IAaRyXV7~mIfBzuEqbws}v
zG&OBNv`aL;gNnmR_+!E<d;DY?JX$l!_HTem<C^l>cxTcYj5P<y0eq=5q#Q|#%@|M`
z!k`J|Nbs>k!7~!y1Q@o~nL@@_u(Rm11*RT%QaQCpdfgcV!Gg}CT1p*{n{j}Zp-_Zk
z5x8W+ZNN+FPvU#u(4`|VM>PxFR)M#Oy`G>je+ZAR1GX2rnPz{hCYM75dh_M6hVN_;
zhHRNplcm^$@d73Nfy9q!peJWWoq7fbPOn`fmUI1uIl&`h5c#EzxRkzP8K|G@8xNR9
zPKZF*rL~O}T@F8GeI@heNS#IStJ*Jk1|`V!DC}08uLOEG_}d)0HX{WldyCyB;8l#7
zDa5_PeR$!#IbKnboqFNOy@aeE^aByMt&CBeL>P=&fT%J7yb>;;9Xt+Lx%2V&UT@rZ
zul9I_3Xm=bPq!!E+vS&VkFEp&+gK|wG||+JwU>B<FYr0umdie(n_6)*2HMKrt_w+j
zC<RO$GKaX73qBL%gXdM;&7y1nV|9a?VblP1gk@&U$;ts?Jzlhhn2ROo3hSMwqPggU
zH{LL}kejizcS!6J<5GIYwP7;wDc#669%kRjDRke<bw$@?AwNB2#ppy#o<;1dOulGR
zKF$g!2Xgs}%e`L>7~FXw#PbGCXSF}X%v?PLwklk}ec?b<ke=<E{9%2=0YZ9tvdpOv
za-+Jb@L7Oi31VZr^$Xs&{@(DI`eA?DZAEc5$U@cSd_VeA=PDt8kMLL#jttp1_Yw6r
z(UlD1Yu{@ezFAf^1CyA`H^AP}ju5)t2y0Pg=YpSWh%P0H?7cikwj}P~rg7I>gK~P$
zOmaiWB4sfSkuA~?c$d`z_CHdIiFgc&%@;f00DUfsq=~nKOUrVa@M6+ZM_h?dA3P*H
zK~i<iCQ1AlXF@tVCEe47#enVMDq6CkYqwXn07x2keZL?YN*@HmF}bKguH!E4vmnls
zZI$C`JHTojgO9La2WYogf|dxyr$Yvx{k7{e8=;~*CzdD`II8LZEsA>8H=$YVstXMJ
z1CWuY#TE~pGobQ4i(K1>DFmJNLLj(LGV}sz=^?=9U6_5e%`pb9o?>?mm>LN{zANVG
z&W8ZR*z29hBVI<9qkB`e!`bF(DB{Fy8n{&U<uZPb&$BEShvW$Qzk<6w*6wSB&buOM
zRR=cd`E#Bl2h2}4d@qAya9=`MgbU*5PLs06h#|KqcmD&o-D!(E0$G*RR7)VbGD@V5
zk}o;@0d-d@pIIxgZ|TK4<w{C@P@OW~OAq-NYxCmxJL7eNtAcz#ks#qy)zC6qrI{sJ
zj}d>sQtrkef$6nh8!WU0VW^)~g?Fl!`u3L-*B{uoNHA`6rt$W}^E8aC-%c#yM)@@=
zON|WN56DxanWCzQdBVxa-P;}IpUB0wW1n7;A#rW@vuFT6m0KTSzo@if5;$41uh8(q
z+g6A2V+NRML=n<Jz;Hq#y9%sXpF*GBUU69M#e4;S%j|AD3F4(!0x@oz{-$%}*wURf
z`f3v?9%~6Xyk(o`UR#4_$jQp>wgsmkL15JNsCg5$u<Tei*&Wt&dm_5NZNQlA8WLOH
z{<V~@%uVkp+?}1%1hJcycr6=Q7%EU$EQu$GJT>e1&Y5|JBQFui@B)tl`INj20-bPC
zwnOUJOot36fuZ8f+b|-6wG&4U56#v#r{*0BL**h%$woC3tsZ}EpAXysM<FWeMN2h(
zD*32^?$a*e1Qs8EMdUUC3>HE39uz9_FJ36~hDYE^vZ9jY2E%M3loi~s$!-!WQZS_L
zxCN^e;F$zcUyXqo*V8Sfp=e_~^jXX28zyPxyy_P&l2GF=fqRqtAOq!N$`AY6?;g9p
zQV%g^E~nZ)rz{DxoZ#K~F~#_B282kH{{XuVMN_nlqSw>_;JSA8yMVqV%b&KD&jT27
zn>OkUiv|aCY_rlHooT>2p5D-3HFle#c*=juM6=MG{mD=b)*9Gvew!>{fsyv|SCJ=u
zmA+-i>+5hYAK%RaEoTeCWp%8Qw^o-G)W(adMk)`QkC-*Xul9T4*G?9fgwTbZi!^0b
z@<-IAJ8IO(@bL+8>ff|8^Kj^VN{bNCt78UtmL3HmmbTAF6Pe;YfXNc=704%yyT8mU
z=8>PI8)<WKLxX<i?0vmW{l;i2tw|!Fa9(5?)acQ++J4s8h(<)Cvze2uBn@y85Q3=M
z5D_I>*-!WGKO`L+8B@4B?Fn96A1vPIOh*F!w8wAvZp+s02F46>7{P)cTQ&2%6G5Rx
zpT~<i!r4p}j-6=&giWEBOf6_1zucY$r%>DxW1p}}(Q^CV_XOUj*9of3XK@&Lj4Z>k
z>lM8rYFyf%xuwaZ`BW}8>EP}Tfj6?-p8#fzl(#_gwypy2BWw)zq~6%{3PUUR)xZE?
z!rE*ivhb?-@H#74_*`ju)d5(7)LP|IR<&$Yx9f|Z%>>F0QnI%J1_ygdpa6cmK)jX7
z8@QD*A-zlYA&lm!uk|#{W%nz~b^NRvT*+37Kpj%ESkosZNL!63jYSx{nWq})+H5a;
z@FkCDMMN@A@9K@rSQaPyt%w;vxHoA<`5P&8pl^{-X}C;wlBms`IK!+PX);&Iv*(X+
z%IjR($d9d)sI6REnjqV_{g}n<`eVxrHr?d1x21IvQa7SbKfPgkFUpQAu&Lt&kB<Un
zIq0>3>#z!&g;J768b8aoTvZRXu4s2az5xU8BYI{N@Y2$0PVOzKw2HHwV7|ZRtBA&g
zFdbExsIG_^B8p(~#tcxldii;nf<O;TMPb}}`Gmoc^cR6s9~e&<3BQt)SJFbYd#r>i
zcsmCOZd{&JO=ZsJ2M)=INZ^)XEzf?r%@j!94V>*HNJEotvFIIHgtiyO8&I-e;-bh#
zTmZ*Xtd=aYN4>R&yn&4Y&E{to*5D)g;O*~?gYHgAzB31d)GvI06_WdC;M68(BA=b8
zUwsv2>G??l@4OBaU1A0ImM#bf4S$AH?0?$(u2wV$kZZ2y`B0(@dXmCCp;;O=ipAI4
zQ#S#;{~WWfeo1eomVr<H!FsW+KPJM9dZ8Ovm7;Q>>P63W+7{k+Ch`h+1#l26?O3*&
zu<c*)7bS>#!#w$dUAEO>KKl|>%9muUhd&_-7}`td(D-{+4|w~v*!!t<7?+dRiYWO=
zcikHbuGgv?YXlqhuvpw|3*Lj<naxs??MM}gzmd{*N~=p(3Gd}II3pgJ;IW&K8o?R(
zM3#d4Ipb>kJ@8&EWAffk*2;&(KT|3YbpsEH7U{rb0{o{`$AGdLQZocCm7G0II0Yls
zomM4JTZw{Gtj&FUwLIYP%l!&TS+N%wa;Yo_q{*dGyn4|MthdI-E6mI=-!T*9Digyb
z-$XgzS@RA6&hQ?+-{j5GTB^XmkT<;9%)<HIQ-+(tJI1uQe6Ng4uA{snCk&bgjZuFy
zh`Hx&yLBJ0FrWF31!|wer#81%GuC<TB+>@9xhDsR{ej-?INzdJ8ga5FryffW8R)H)
zU>E{}1y=JXL2twU(pB$(!wIq5NwHkVAJ*OW2@o~)?WZXguQCY9((bguG3YC`-(=-s
zw&J#^tQW*V?6$UpQOT;P+)rV~TGW3fYRZ~^JQ%k~d1&fo3HPl((m49)c9iWz<B{#R
zr&0$Bg5HQmwf=T^Td=W4`}f!Iw+TTLePg|T`*1ytqmz+Af_PU5X@~01bz+n!DSXp;
z8e;yUDoPR-q8AGi=RIDVjGYA|b+syG<PS7f<Q5&O%+mugkZLCrZkE|2_og;ICe?g<
zYx=#|B*qSA`&s52K#7xwHXwPrNkJ5m$?KDdG2hqGgD4Gu-uF%0n%OZ%=xwa-G~jHc
zk6BvP)KhsGJZN_jZN#3ynHjggPmkPdNkH_asVc=j52lz)nA5<tXcePz{luV^C~dux
z%a&;zY^sO`^oge~Mh|6mV7lpHDADMhR4K7y`?xHjE7zqgL4v$$ylEkslhCq>sgWhZ
z_axWUksj=kMc$}>Sx${xH7#e4;F$BLf!=M$erzUNw#}r6b_AHq;C;pm##W=E4U~U3
z8}#xIf``_WcyAxHZoS*MJe;lh&`WEJ@>vm6ZtxtFRtxl)p1AMySDSAb)Z_fRjW86r
z-CChj^=HN0hm9U4t3$bb*jTN$7SYzM2P$bJXTWH7^M2xqUmWO^kjv>#olh9|hlrZ%
z5}iAy?tc!0;vE*MP@BtOyf_nY;Z`}E{<>Kz^asP5rE30af+1u3i`@x%(i)d9eHDJr
zQVUF1VvefNA%^%~kDSmf2**D0GKF8At;Knf@+81?<876OM+?Jwz|W05#hAzu^4S-L
zt0ywQ4kPHPOFv|8aWb9ktvT~iyqUS(k$$q<$C;wiwD^&oJf#ZT*#tF$Fk||@<F<Vh
zWkm8!z;;<V%2o9C)$85O@eR*iRaARA`bNHy-J9lr<LTq7pT2N=S(7sb%OU=jgbLJm
z7FnQW`JWsP<r$3Ke!u?a;_A(N1(hcpUs8$q3&HrA=ifO+(I{T1hP?y5j;Mj<TmJbp
zd|{eV)6g#NT+9)sQn&q)2^LPWxqL4+9RZr3cVqB*mg0x{^OFUD-r|k~TIzoE&O^!C
z4#|x#Rl;_^HcekFwG0tHabwelr2J{&{9fo_P|o2dra#yXhcV65x0s&y6w@;8FS`=-
zR7=4rmU69#6zdYj)}-cX((&^Qwd#A|R??{o<19pIAMm<I71sQ93M6}6GR!)oBOFTm
zDhiJDzgXzOk~oYnKP0YT-1}a(^c&HwdL~`E`qBtY+8Xr`Ftsgku~)4b)XQQZva0En
zQ{F3&H;ScFJ(gR%U4Yt}Y8w>v2(wWyEysX$Tk>@8vXzYLT{fxDgzr?AzH;?6rG?&2
zfxXp_=|jkesE5(g0OV>dpJS3s*NwX8WxmLCxmoR(SvWC~)ljo@cX{`tFOTsG_mQ4z
z_p{VKoV<NwN|zLV_a2TBzQSm*jCJTxXnD^^2-1qn4!?pzM>*#wCgBU_>?EI=#Im=5
zmISXqV-RSK1O`a&Ydf&XyA1EF1esgxD3maYv7MIm@qNs_Q!l#~vc4iRvX4RDbDww(
zcb;>!mS^ciM!mZGPptZq1m(#yVlAPnRDEt@brmzJWFv07`}#lK{c8>HPTXF)AhJlX
z!F%Jhl%yLQlHi{rXcD@@y#_KJ4EZ##%{vZ*n3CTpo7mfNNk}&BcQ!#zN=rG<eFEf+
ze{59$h@TG)VS-eGswwJiyscviqu&+9Lsr6$&#T1-tL*%dHmo{s@jQ`5X>XSlrq#0E
z_J2~nD|YG5Hf2BHildd9$xUJ<WIvK;e><lV9^PxAs^V{9XW@2Qd6Y_<4jbzcS~*Ei
zyg%E2wTl^R6ay8fI#tSDztGKJgd`5y-v0%39;FECAS)61sUNd775OLbS>%Blo+E(p
z(jVAl-0vw^5ES<>TMC(;Dqya^YvER<X6!WTr8r&rn(~!nfx9ldr2*sca5($QtBcC#
z)5%rT!UY$g#CcTrS7?q=8dUu`p)ZT>4@Nbk!Vx4K+y}|`GBB$mywq&tb(5LSYY|21
z161FHB<wh|Nj<F+2k$$HsRwzYbEN#^ef>|=fR8ji_M4G5;gkpjB}<ZXf8D_Rt=^hM
zVJFv5q!CRvxq>&eS0yrqYuFNC5-CgLvFzIesdTA6!xnmjR@jJ>qEv`^``5?#&wp+d
z3sno=FF@`jCIQo^Vn}xjHp0J^cdA>`ajsd$2lL2lr3(38#A8)6Fm5;8Ii<K*0Pq7M
z*T1Ca*G7Al`XK02FUnkh)Dm`+g$?DBU^k&#|FM8vXy%J#PW3UngfE-Ex}z*1No$l7
z3VDi4s!Ne|Dl8|%q+Y~ge;$_q^<F(rmgakr^6aKmz;<+-n)@7ukf_RlmivfB0%!NB
z8l(M#M)imWm5YN@H4AMj90%=Lbs1N!f47+a&z%BH19k+0T8lAtIr4qIMx%?bW%G1(
z5^=x?m7WGpgNwn5_hYxJly_FPecxSfnpHSpBW~Q`{woC3<8<hXnN*_+>rI`ue-yu9
z=fP)t{Q4;U^^$KHJMf4|+WwM={p))F=Su{ioH2fx*m(paX;F3fW>5Aa$C5<tc4SZD
zOXHwg#(2jRX)Xq&&LztG*DOME|KlT%a-n{?F{OL-BIV{L>*>8&b>(C3pa&W`O0}i$
z5g|f=#Q(3CGx`Mez09Wn&yKO4kjPS8;Q8no;{O|!`(J+cP9fH73Cl~B3gM<1eUzdW
zagGB{j=!>O^-=R9OFM#R?`{-vD`O+RC=C1j*LCv8H3a#n%x06hM9J72+UI@y3qJsD
z-~V4}Qb5?U(+dBUr9f09fkxtGH&|cJ@?Y-J-(T2BqC2x(kzFx=>6>i{02e&z#%&+*
z7icZ|pjY5ZqUK%l{?a%9FIGAzAh-p>oq*Z8t=eYf;>Gzr4>q7v_5^7^Ql@;9B0zlJ
zqYK+F+<0^M8rk1{S?`|*qB?QGZwNsOhkx1c!TSFqGYiN7tkcaZ&6;9O$rEP#_g{2P
zKw%zP)-Uvp69KAlms9XJXp<qc07wV3+^^z&a&}w}K;AG2pDV})Oo|EkAsnD9f1+m=
zBiO1TzC}X&<ao~2B0dS&Ke*2T7T9g8vICX-_6rX^zmtLlFCxgT@k^HvOabt-qYsx{
zZ}9o^H*VD5c@Ygn|918`eWhTqIiqN=(@VIw>o^!m)HeI^S+CQlw;%Cp%BLPZ!;?MQ
z{@w;sf+;S}_6O7UlH;LiS;3GE#j<HGlnS-1cpU0w(QzpVqn-ejmC20%(YxD%0!jJ+
z3v2^meQ$m?z@8z`3unp?&9@-LhXrC=k|w{<`fkF2l|n>2P2VK38NCkQYd5X9Ke>4T
z`@P%2>SxHR((Skn`ZSM;YrhVK)W@i913si*|Gv2X&)YDniyD!#4RJj|7_=0nAmpnY
zK$>04&^WHS*=Gd!P-Kds6Np(Lp%I?6&fA=WgYY900M`wcYR_mX(U1bJ=tJrcKpljF
z93cglO8qL!2|vy$z*Ectpbyh+K>w$i@(-nR37>;-(-m;P$RUm)@X@U<YPZCa597BR
zvP@5IPlN_4`GfjhS-SkYWx7KvBzF|^+%`1X1<6e!(Nx0RYJe+qnufTaDF8aVP_1C1
zoP$Y6SXLP>iqmHuM8*Ig@+wURzKZg1j*X<f58R>2YOUoaZL(vf5A&|XU>eYIo!Iwn
zo2eRKt!m`T-<0ytB<+#%*c?Cho@+#bh5%t(2>x;86-(zFh?m^dafJP+vo*(q5NZbV
ztY3yVR%63RojwDBaHnD=o(n<QcQCfF{T3Y86U;l|1<Xoa)+xpy0w`|bK1K7nX%wy8
zt(JpX5_w_EKy^;z0iM4zP^gC_XiAEnf&M(G8X`Es3&rZQ25_EdxdE3KbHEgV<JA`n
z{4KW}r$lZ!Ox}XL4O$3!Lns!s6-a*xp8yxp>f<Sh@hiSpVm^j4XtJ(?NZ5^Kk;-}#
z{zZw_+gw`57r<0kjrysn=5KaIcyhP8PXZvj7MXo{#?}W&n%ytW{-^8*1^bHzoj4wV
z$NNQQH1`YSb5(v~tjNSH;gucg#39$TkEP2^cc8um)DRWsd-XJkm;=lD7WSe2f>%7@
z80I21kLfJ{xmjg7gVoX{G{=A^-uhTu>J|SA?#Hyf@L?bxGy^Go7_ItNnWVK#3qamW
z7Yd%JXckYqGyLOj!vN`-mDp@XaDs-|4eS-*)^dV}%CAZ-r<(OV6sNx0)pz*O<+Gy*
z6MWf78~4E{&n8X;vejkBD^y^}B<LC$dk@R*4}aj%nZH0@3GJ7`pwZc8e-uZ50kMl4
z*B!w;ICDgns4?boKE)Wd(LSIYyz2mOn5Wk>iwobvl4zdx+30ZV5|q6@z4h7+k7=L{
z%nW1|4X8c>LkOdd-g_~W0RjFl_3p$|gL%<`!&d3%vMUFm|K#?}bZA&Ba51Llxhfit
zFFgrUqK18|SjqB5A7I<62UxTzReb?S(VG|oZ{GMcm~$rO^OL+mLv_xA7Fuw4F@X#(
zsU|6py#B0r|9P9d&Ws|925cki0yN@Jhd?Cu^%0mMq5rOK2jLaia|q%ZOOWzPt;FM_
z;3ITunrbMkUw+9>#H8`w;hPZT&(V4dp9>~#<?rPr4&iQ}CO7uu;{=8nh%(jUl#5mv
zk|UV}5Xh@?rBoX<6L~$j^{$xWrhKYwi>$mV)hnt)h+Fwwb)2ZJ5z!TX2UK%Z%>X}O
zH=hB$w#mn9<hWohxa-+hbiB#|0Fp)fEJ)u`fbGwKY$1}XW8jHT*)M&C-G-0@J*Rp+
z(ziqClX9no?U**vM@+JdfTN^Q=;tV{W84Hg!5mm*QFDG+R(J$xKCv;pQ{mZwKyo9o
zfi=Q5Vf<KEW3I%0jM*O)4ZJb`9U=sN^aq<ODu>ab`Vsx8C+q@NJ3;K|L|-uXYhh|2
zW3cD?*eJyFUh4*YIXiah=!<5LIx<mRkXv@G40t(sv4>wT8EJQvl9w8wleZKya(7qI
zKXP+$bsU!}g9c>UXt^u41Y?ZhgyuZ>w2;0aN1|bbSspCJW+*m&m}2Ovve>#3Zx_@6
zdjzg?pMw9o7F7@#LyF9`?vtl%k6&mQ5E^(x418YE<yQlzjvz`uUCKKyz$z667z!qQ
zc6N6Sw=x0A8Hj>=o3Md|<O8al74j`^nS-L)Jh++x(dGTPh#YlXu{nY6_pOhf%8uD^
zLUL))2(T+j6HL2`82$(Oj`TTmU|>9t8m|pzW5gCf*t8xg;Q9dG6Lq6LR64jW3Jj#X
zfo)Vjm$2)RZv>ayZS6pgnq3&-x?t_-qp`p}cI7+L33;Rud^cuZt0bf<`j~oQGhz}m
zQp)vNIF455Z!pm0;=-amI0510!u=g$qJ7Tql5gGSyx*rW?5$J|?KpYTKf#L<3a0P9
z7EUqfG$8uO_x*<}W#n7>?T=S>33rSU0(=w<o&1^{(-~gVtqh_{$XAAr%J##A!F-c_
z6=s;O;Zea^inrSB5-Tx1Mmu~>BW6?Mm<*B54{h?3Og-A2+LwwcjHV4$aVc6hZq-{R
z*kP2}!SB^Odbz|f5HUVkX)K6*$YW@h@2V1ejRC&9sL?(Q8P6O;VfObQKK{a<8viLL
z7@U4$K2xlZ7n_-y*|KqJ7?5T_pB0%^wn@+#{wh2VvoXVWfE<-KtG$~ZZ}O@0ON!iv
zx$eiowf_8sS9$E@4H1*|rSaa?<PWTKKP7x5JsGfZbzmN&e9H5T=U7Aftn*o#+tU=m
z)BG))1+g~ml$~qf*`gVtvye1sj4VA&{-xvL2TC>{mVa&w{#G~Tpb$zA$@Fy#22-OI
zwIgd3rcMF<`f4?d&8n2)f~Yff3}T8DMyB8=U$O2*&55e8>!FFsauA2s=(OeCx_^uD
z-E-K}>n6fnK8(x^w5BTQ*hy?OWy%N!ld7d;14Ws-@r+l-{)hMAH6RL=AA1OMB3Or2
z$5{aYN^>u;eEWU(m;251Y-Cm4N(om}FDV9XL}m}Y!FnQlC&V>cATa;%=S;L$-w*KG
z+-R~XSc(*3T)k%ww(pc0knP4mYZk9tl(h(VnYQM6yxaPWylhE!Os8Ta|EA%v#qbzx
zOKG+vzGgR;{MKA{6lGW7ir=0sAf@{>DApDqSP`O`9(d09lXuL@6E0s@G5%J6s^X+t
zD?vGmqS^lSb-x#wbz>4Tpx{I2^#&*!cD3v~so*wFVwyf_=O4NFe!TD_8`)B=`DMnE
zMm@n|M=r0J7Nf1hgIpHaf-jrSWgzJww(%m<FM;d-X|tuzSs<zW>J25#srLBiMSVBY
zh2XNVenMgn@i^NCTKU)QR}&7}d&zSt<K&k0SeSWV-4iozh@Aq5l98y-1rh6YCVQ^A
zC>%=EVE{{K<K;(<G390^5caC1v&ShbuYNORLU3l4s8C_~rhBPXs);OC&s~dFS_IV=
zt+5y0!kch%OTIkXWpx&wtyeMOTbRBG!gkmYGO(S{2dh6y*u~VVHrW(28>(?}^<&Dz
z3)etdVfuM$U(r;7T6KbrArk9qwAIbfI#nv{5N?gJv<x<Qr)U^1c3?M1G^N2{B55eN
z>DxrIAnQBaD#=hb21;pr0T}nL>GIi#P^%=dA{D_ySw{io9R6glW^MFA2XqC(Qfl;I
zlVzX9>mQ#{=BDg-!M`T)^(;K@waOA&_|i)~MXK+b`SA*jN-Nba$xXGfE;Js#)-X=z
zCSz8eveZr`l{pBkn$oC`Gq3FD?HAt=katsm@!kll&k_}q9B(Dt)BF-wC*x8{@<0FZ
z&z}1?<!ukNXdF`@_PGTJe<<ia5jv{=gK*b66)n~7;O9nJ94aFtgDLJS!u|T?Nw5pk
z3;?i>!c@f5z~XBfUCL02*GWF!P8*C#5v{e05%uxv5JTuQ#qzhGkRHqjd{6K8CUY(L
zbMLQ{34m!5M#k`1EE+Xst4V3SiE4%?*?>i!1IM~1TbRGVelk&{M_!Cjq$y2SQm}HT
zHI7Nh(WG6OJ>~fPRyxHzdsdIlV23#sDjP$}jc4R6a~>0Pp;p|CB3UmmE&HyiHGz88
zK?K=yb%B4*rTZB}B0mP_yq`j+U^#Gech!5q=wbW2ldNd`j4V%u_Q#0g#VTZ}cb&OA
zpb@xGGt+7J)ZeskBRv=os8|ptqLOGT15%wQg=N~SFN^yQ??&UCnm$62<(O{3tjEnz
z_O)Elin%X-h&-96o>%Y%L5S^kz)6$ZaMKJj@RR(2?Zcj=jih+Ho!G-_(grEVDBUy(
zsD$1w7B_lqUB|$mO~W@3adjxfz+2P>%}E^@_`Y@OGB<SXAy&j0EVlm1@IK$Z=u?8F
zN6HtAK7-%me#!OMZ=w`bC_j;+#O(C+cx;f@mts9p{&u}|;wO+C*)kzFd&|OTzc=U>
zOTs-lv;pd^>VUi7!24h~S^!XA^_!KwreUE}V((nhKxQ$u_;j#ID+SCOShGT)s?viD
z^IbchYboDwYU~N<T2YzqW8oxG(OQGXX&3%E&1^fVYCw!*x&K|%izHB5yKM%J)aN9~
zvk{vy-=t{))gm+GE2((aVknnkCx%VIq_Q?T6jaEhvcfIFC}_DC2k>(X)aWToc{o8S
z@AB}xuV(~Ha(M0#lA2zPdKx{N@ih}vYj<JX>(-!r*929UVajm!Ik$mlJhXQR#iB57
zyMImaZvH!g#C%5zYt}?5JGQ(SGZ?7&xV`VN(ME^gp9-*kA9aP1)L-;xKvnPR$UI+E
zj=TY@Muy%ECzGB92YpHcv+c*-*<R0de~j-^=f9hxV(ZK(!L*x_8%uP_2rg3xd7*;m
ze!;`Vef#OvNp8{<*7C|f+A5gO&zLp0Pv5#OPJRBNUw?tTSbUkg6+zng$1Z@%#_3PP
z?4Udi6NYV;j9@183w{!yiOu#Xr(0f7U|vD&PKDSpc^a)pP6mxf(m&ix#s2c*!tf5p
z)}t0#zPv3sL67iiuAXQuB)2TWK|3}wr*(^#5$Q%O)H^7pOt>cCxhAMSa5B8hE%57G
z7*QOBupTDxAhbwJ?4Nf~ct<?y3GaMOjDi_VrFcaG<V(yY8#qSnZ!g9UFH%#xw8LBy
z*>Y=ByFy^K^&X%OMO!vwTpR>bEQxv-m*;};=ebb1T8BV3@*VCzv`kDzV}YlM_?>_g
zr6~m^@-c5XuQr^*)chEX1SXb4BEbA)7s<k@^EyD)_FYGjJfe6e<ybctdi-z~sCPPE
z9AhHZKA%N<t$ehb#B@n{LMY?!g+_>vuZd2(&TkzYcH?h;%ERm{43@izugd~c7>-c$
zDUL32nN?*glJ9oHFR4+suUaV>mc%AAZqH(+hessAY$v3aI1JGFZgIuy{t)q!PUi?@
zi2mvxuKy$Lo8wo}xGKhN*E5KK_rSmZBOxQs)ZQ|QX~j{uOlmTX%+toH!mhY-OqGw@
zxu*%=)jR)Gr~X@UL#*{n-0_v;dRi4TB;2IOds%iS4&@|CuoTR(d2=UoZSdNdnZi8x
zVL4C7cUgILu!*jVp)`|6Y_~)$z2v<%{W8Zk6EIw&s8i;9rf9~cke<w?IhCtsoRQiO
z`O!r(ehOZi^8JA5Yow^x@DG5?bn@Pbo>!=2(HR9eOx6HVGtlaJnW<B-IbMK%ZU+f4
zj>O(J?8g;&kdkb{S`+PiHQ!#AL-5obD>Yw=D@C3%><L9hAA)~W!Kw<7f1ke*%%y#<
zba$r6>?fc)WR}(Ok%9y{U*xVh1;`r1TJaZx(5LHyw{J`OLc%?Ido`a}7Bpko7Sc+<
zB6kk*Xk7zAA%7g?>ryDowdPMWwpr>t>CNpFLXRk3JPRj#rIOQ3OyBNs<CV4l%It1G
zEh^>`ZtKcv+Ri#?jxA3Es|ppifwT_vWb`cpu110u*a$&|uRg$1%!#sm0ijKmZX?W8
z6dg^VCkg{?9$V-Ib2Tq2D*<Zt9vY#1<KvBFyp8Af7SlQMbqp~Ut@iov65+f`Q!2})
zD(kQ8C-syP)uYdWa$=?dXrH?@xJ>e(nlu%Uz)beqJD|$cTK#UGpe_qQgoP>jO>!4w
zNcR+a1=W7rP#3rKk+b67l}Jxo)Y<n@Fk1=Aj2DiiGhFs^xQZgIhWd`**Uo-vn4q5W
zP5@>GxImW{?)}@)kV%&(!;!JEr`NXmhR>5Cd+L6}A&P<Jleo9^OhQPDb%XMMVMsX-
zu;@4WmE-TLM<4()>(ldA4fG!JvrtQz`*LL32-I6H86RvGVuWKm2)$sW$aP4_p=4jW
zRIpT<AhkQC+Eba8-dQtM*|A568eZ-Y@d8>Ccu?n92gJr;@-v8Rp@MWjsZOAR!3F{H
z+J>4vzrs9tP|&p&Pp6jgUz>1$XI2x)Uh;F>;19pbLoJISehHkDGZTM%_3)lu$rX=S
zmKz_8TpqD_z5=>k7!;Wviqe$_1m%B2#9E}(9t{L|1#AP4f^`mBD)AE3=jS!0Rbi#`
zTikvWY%;0G_7K>K_diC{N{FSWElquXd9ufQUt`is@9HT~Xj`nf=5qHG#CRJGyPdIm
zQ-rin-RM3O?IVVgQGj>3k2s@Gd><$uLVz|U3}B9ex=|wTP~Qi|<up+NV`q>p;}BS7
zA{b%}X~f{Pm}vzY9OcT2`tW3p1C?C;K0PGhjhRM7C^^Mj4N4qEGaM#7p7|3eu%<wx
z7zfy$W(PZ5t*bRkrlGH_aWP(XIm8(}h|m{IN}<p2#n{h40TdLJC4chq^!`5-M?mq!
zRz7-HwZr#OYyx=YCA@z7ZM?AvO(|duyF_5Byf*G(_cIjS9V56HI9E>)OX?YESN8Wn
zD)NZS)mJz7=i);>r=j*5^BJCID?217;hPZ{gcI+VKjl^ZbPrg86Fv}EdIOPljENq=
z0^97fpeB){mF=+vfV*~sH2V@y+QOf#Z-D6(x>FY4K$HdbGzej_r*IrN0cgidl6{B?
zw?qy82nlQ#uId(drXK-aAa;|_AvW%&GL=yyTZXeNZsQaXiX5>1%`a=+f(FHoco}CO
zu&q`>N(p>)i=NQeWzQAezv^3sfYIBxGC-b;%XQkH%mCeU5{v5nTc-sbSz~B~9(K2<
zt{I-N`5s=+$6x~zDRk7n?}>f&k)G^xl2~7QAzeoBMLV$$SSXDBV2TBG+TQaJ!fwz#
zxgNBC2Or}qDkp(9RBf`a@?Mh4B7qE^+S3`7S@PS#cUYr;K&KTgK*rds1wN3`)?juN
zX8G89fmO1AXz)ViH>E=<g7OKdQoIx6fD+a|Z}*Blh-hC0rdpvbP*>vpLe_u^{OWIO
zEs78L!fL+`pujpjC}7hEaY&&`_9F%AVD5%mOUY3<Q*5e@lGpJ5Ll<B`7^v<C+Uq~I
z$m`retm-d=Ay8!K!z26(@W5H<XNT$NWd}jR5E*!1n_L4Q)YzvzEX<ar8?5)LQZ@wp
z3O3=a_qAur;rPk&s2tC~nE&zXq~Ebhqcs62o1+F6RtR>svdM4XRzZ*bQg`e9gIus1
zz5Bbk;mZjiwUTaXPn;#$s$r##<OZpJa!jU14VEx7_Xn5mR@0}~Q6fxfBgOQ1nMHAq
zxRo-f<~dC96jc3~!PCo`clsg7BzIFFAIfD)u4)q^zD~@1hY1Zibq*jvGfa;rH#@Y7
zq~8?Ix<t?$?ZVDgN!(HOpV+TqK4~9cJ=kIys&$$Xse2hzhdbQCKX`Rvb{3kGolK<>
zka$CyqR*fhwiWU5Q}=;HesT%Bajp*pl8cO|q2S0@>H~*xE7W~c>gZVIZULyvAj36$
z3-_gEi@ReYHDhX~ODE;To9CZ;uXq;l7r)b8)w6AA!o>~%&GUR!h|Dwe4w+(HX@}7w
zt&b0(i11vHP2z%7`Kadj8xHJ4M?Fj4r3%5L7U6}$K)eltxT}^}sTRNMYQ3UGkiuLW
z(bn06polaOP!=lmj;sWU`AO+w!lrMl_+I7}S#ahFJ8ow*ob)8dWALSshZY$^G6yiV
z#M7_hEhxbRH3P#Ky^w#45>U=5Mk9Qj=E~yG_fA!w^_>UtqjI`)8CgrPpKb{b>;2Hu
zFS(s|_s5Geqv34;F0rrjAD;kOIi~z8S$cWrcaix=a^FG3a*G-&&mmMv&4Ik5;vQ~G
z)il$tyV`iBKUrTzNC42xB+Gj_!W2H@$I!QL^hqQRmzu31@Hf?6q>e`Dp0Ju6(*9lF
zp$v8BEm1WB&GyFsaiz-tcBTHYkpJA}*^^oTnr2|DyWek#8gAYeiiZQTv#c}3*lI;F
zEg*sLF^HUL`^8hhku9nDcf_*ZfZUb<GjrC0d6noQEw!V42th^(4c<3$?Pgi1W&o8r
zJ~R`>8pIFbYKN0MlvaFzM1|OXxOdFCt<Zz%ycb{Ox~&XUoMQ$;VP()kdb?D(iLTud
z9&7Bo^&S}jh7HUCS2&gzzcDZb@vW<aR_YbSK!!JfH#`sY3Liqoj11Z}5U~>Zg{yi<
zc9+H^rN~^u_XjTI^ieTgfPw^|$rKb8Q8(@p&g>q9P#Lx0W<0vh+HSq>2iic>*Y5z{
z){gQOc#71`hrw$9W$pkmYqv^`!6)Hs=Nl2G@fbHj;W?#ptYgrak+=TTMj!=u2X28`
z7g8~@c6+qllG28o_|#U#ETu_cipR|?j&%#{BEOY5=U#9cc#}Ax)Bp^<t46_V<PyqA
z<JMwZNh#k}<La1owg*veF5F0P2z72;(XB=SlPzzQiWe0AncDY0;>wYZpbe;|RK^-u
zc&V^BhfFVqEHVeGDz0rm_*bqlXj1wLfjwFuDAonA{nUCBD5euY#=81}Gt1qPfQ$X?
zAux%AU1wR9?J4mZWIH)n2O_$vgyQ*(KCnq|UjR6o`~o~%C6v8jVhv0v6^;aRVg{nw
zKBWj1T#AC1?&|z51e0IWgc}ozpC0Yd2~C(MAi)V60>zny$}3`W=T9F<4)+GD`vJ9n
z8^A<cfg6hMT07tXMSKn!-HC>M+QVVHBA})z)pOr?SBno$M>lI=e<9IO3BHz9;H9(@
z6&~Uhy_!jZ%J!7C%LQxziVP{0<z3H6Ka!(d4<d)119l>!RY;qOVT!SuaVkFLM++K$
zx!iNs9<r?oz%4TNg3Tcm3Spy<Z6(rb9D*JfBkJ78K~V)|1!v23R<vnADzedgkc$Om
zcrI^%Q?Ae~4V*^8_>9U*6b~To5uM7OaQ4H1*hVmr(~I-ZJ}`@9LtBJU__x)=w_gbF
zKPA3?0Twnk$l#Y7x3B6aLj0-TxQ+{GXmqz?i93Iu9DlxWzqYEN(A!rAb=n2tHoHY?
zxVeNps=@bgE1+2~5sa42?&}laFsaOqfdzx}Wl5xrr*#HW`Ges{U-igMm!N_Tsi!a`
zZ*Angl$7U1F7Wz-Uac84XP>JM!Cl6L1~=K0>mwJ{mNyhAETz1BlkYm&k}r{^g{Ars
zJDIgB;G!gWTPK`EfW*(FbwH3pNsNr?siONBPTFX9;N}S@ZxS33Oa*1YM>oMNKMM?M
z81P_NG9OwW@Z#NwtfBKm${Z-O(3p_K&6(T2u1>j`8<FrBk!AqSJ_)w)iVq;(k>uV)
z=$&X6Nn<dhsm^e<4x2_5aKUE!vKnq`)Er$wY`4B)XG)clw?B$y!n&X7CDj#beldG5
z#@ZLk|8t8(HUrhMf~G_4HBHM>ETihUjf9|UeQ)|i`!Y{O-i!gcJG7Tc`?C(!Nz!F>
z{YT+XB24<u8CZi=bFL~1esUS|yo(`6%vrBOhGDu1L-mPluen1XMY0?sp8(D?)UyAj
z0tydTD~p9`&{{xeEDe=}IBfU9ds|W=ke{__i7;@BIcLDt)p2sHH$R7LbHS7=B5vQ>
z#MbnF>LpYrc^d<sM>dXDqLK%Z$0vKA4Q!sZ;Yyi#e`WzFxa@;UK8p5DcqheM(N4eQ
z^sG3T(R*l)MHcbE2Iv!MOG-9f=18MgV~b)_xU%Xo_g*thk%5&OfToX#H))0vC4rQ=
ze2SrhhQ|TTS`V6^0FtjnwNjVi&i37p!Rwj)Th1me$ClIbZK&)@obkVI8IaOLhESS>
z+0RwXoY$1bEtSZJf@cC^h(ZaulQrrdw#!8$KTtenU~u0Ze@%-J+m%*$&h(m(A&zfd
z6QOL@dLR`Z(8r=WZrsWj00g#tBrX6=ri9fb`ixlUu_AVV#T^1}AG!%G@S11nc#&?K
zm6?RYUL)L~T78>r?v-@c$%2z>h{%$Xj~a!nOs7>*n{FkL_X~wdCUI!~cG%u%*U4;%
zS5|me$U3__C(_8JgY@cLG0YQk8GV9%eCZG}K=%|02xaPPz6i&9Zr5u@lggNur7`W8
zOpqC{YyTNCW_FN|v*}>?GY7mo%oB3CK&!_(91ZvL6yab)7bN2R=c5sNQ-|oW2rG}k
z*x~zipjBVk^#t)l*a2R8M3Je;`Y|J42NHA`T2y{Qt;4q({aDN{P_-J8z+i!CW@H2g
ztvifU^KW`Gir4s60QSbT&d|U($)~gp66{D;@HF-on^W#O-3_g`gAu_*cBi(0RTNjS
z?+2(hga<UEa-f4(Nv4vK;ntfJ&*kSVuX($|Rt@!;4EG=>W}DCmdb`Csqq~4f6ifl8
z1+(W^@Wu(K6VT*p<;to#887^1u&HO=1+mGx`W8ugGvK79UAbN0SFwKtPO*09VJ~90
z3mff8a43)!Mg4?1Q#uFUKY{EdWh!tF%0Ouf+f5+Zh}+2&_l(__tja8(``tt4Fu<%6
zv8?#tG0>EE-3)3_o}EZBCIG1f@1oRe`~R^+_+6NdqM!!D6%+eOg>do{QXJ|}M0Eh^
zvc5c7=d$psC~`b?5cz;*l&6)?8-R8ca`2Vjbd8dtY4>T<-qD1<S_4jFb^A8eB(qR9
zd;QLIidZQ4EcfN^p2C4bPH8kB9gj)uh*4Y84P)DB(-ndp!&35PdT#UJ*NTg5Z{4=x
zO`txG8oSC^@n^xrgO;@}MQ>l<jebvzTEeR&xL@|)Ts5>FiljiwjQXHeI<<c8L4kTY
zy3q+|cAaW-Wcx^G3{@B?<wOivWQ}j=YBlAL%4Dq<7ml9i@6T1d)N3UTq9QPYJBJa_
z(GuEnaBSbTl7vZ4+<)9mE*_ANS>>h211M(i^x)Ztw`sg_(tm3&i^6~;X=6_1@cBQT
z82_+3LF7rGx8n{Vfsugt=p^ju(}GIV-yZ;z9qB{!Z&vbe$x9KiIe2=Es0+Uf;i^*k
z^F#M(pvG9O41BNsd-wkjK)}EJGf@Mmz1($|{}C<tmv8#>8h8x=jWnQpwr%+5CH}h?
z?N3FH^cwj1s#X>n|LvRp_P45%0#SGDJ9Y;C?Dv1Kw?F^(pTG5wANc>#Ww&HhJ>G%t
z2zy$K_Blpk##r>9&*I--JNVzj1RxVThnLablVFDQ?mk{RwDJGrfmwT@S$0$m687Wm
z`0R%Ng}W3ab{jm~*esEBu76l^|LLE%;HcOLyqyf+_WybH;Gm{q0ht#{ni>7Sc-;T=
zJAZ%v>$ISP3iTY2F#QWF0k~B`s7oH(faPzi$$xrxe*ICrIB+A|#8+r5{>R;eR?{6N
zuzbIMCbp{jD|atc3EaK8Ot(0_zp&Vg^3ayw=55tXfO~TdturQ@5FMYEsPj^+;%Np$
zwe>WoyIzIAUQWju>9XLn|8=R-Ca93Hf2s~x*hvR&;TVv3S)pVpu-r)p0lhT_m5;4Q
zY%8$SMStf>6uO0Y_tOWNqFuZc<ANfNQfqA%hI}pxIx4@OI8bj4RcOn8yS9SuCgga_
zAg++XCHq~@#^(W`W;}udf`fJ6JqQ6v$Y>tZ{+)lg*~PN6ATAmoY9qnuH(U_m>vXTU
z$TjVTc0s%EFtlR=1&F{c+fnwu-*FRfT+KN3xWK2UB8O_NQz}U0@qX0iw>C7WLH^ND
zj*JO_{^HbWMVue$StQ*nZaN9IF7<e=%N{f-b7k=R-S&qMRDXp`xSBs~aK{45BFFky
zAURnd0#1AK>+fC<qMH86a!c&uJ1??OWdil`)X`M$XqjhTY^TiX>qzMA?KH(Eshhr;
zhbH6aK~8N13zy*&*E5e?j-8Kp))-B8nrA{Jc?bvwpNLA{5<6|<U9Xj@`bOYqZauz|
zyHmN*E&E}xGnAG5$#oBJWaH3srHo0w9Y)ya50^>yrF*_VkBbdef}Vabk1hEeu|qok
zQp&q$W~B9F96p}<Pe1CKiw{l<;%dre_#5Z*$d(eFk{jDe4oYvfSZ1DoPLRu6n8qXU
z7b`HVSSmY#;~xJQbG51GIPwz_^V{uRoLba3a&liktuj<{D4GS-4IZTN^n1KH&gTxK
zD~(Xjai~_FVhHF%c>uY`L=C!c6EMRG50a48tWh~sYw6j&dvBU1_*IXI+I>g{Ftr;P
z>6<cNhfx0>U*S9ZYX+*EU(&Z#kTe6RJt$QJ1W50yErBVr)KCaHl;lz8F#K9&4xrvx
zK$d_5wbovs*S5TA_7tq(pr2|vuTI;5VwB?mRIK(8-~q(3aYtc=nH~?MksVObGf+mV
z9m(W7FHN+7<OB-HSw2)|{NeavOsy(F_}f4o^KYWQA0^u@d2$?O#oq=piaF<l&q`Js
zmrz4XN9|PE&AL0q7cMZS0V3Fu;6G~(_lPy&Fnp2Oz&o3h%0EdCu%OIA`|NoTZHF~l
z55hw%PI1Mzs<rK@#AVDOP<G)2z=#X;hX+6fn*8kp#~&MBP^fecpka1}6KAxN?OJb2
zQJ1nlFo9U1CKf0=2?=tLJ2WOiNpIv7x1TLmjx&A1vRP%+>nyi?-msPO(x#TOaQIAU
zjM`*Uzof%qf$fq8zYjC<{s&2Z!^*>W2J;?s4Q-=ut|w$B*|9jGZCS?*@VamOxtGte
z=4w7Jv;{ASCH88b(D0kCu!WV8h;d75zAZb=lxt1n!5#cI;2OfAr=NF-n7asgUqU~|
zY0vGv8Da}Z%pA>i8DHWiXc`Fi2`c5WZ*IHK2+uw53Jty7hHq@W7R~>8b&UC_?W==6
zrp)1MD+J>5%T5??fqzu_EZi;8aODz=D<J!{Xq>w=#gby9ObH{N0qKxlpWsDy(+F=U
z6M9~3rVH*j0m3xeKm-YF<d-1s2b7@^6ehe_54MIjKzC7ljeA0XKZK|rfC`ww<n3_9
z-mEQXB?t)MNa@utC1YxjTgaS9fV&RJcm1TGxyW;%e@cH-329+x1#ba`R$a`FI3p?0
zJL0&sU_Ud2QdMqxhxS(s5JQ_2C_h2QxQ*nIPg@uP0q|(v1|wf>9_91_r`&Zg0=2*y
zC{vUC0>W!q=Z%|Bb4*j~{#*2gu22)#Lrt;sY{O1%44zdmwNTf)7R;kl^MU{mp!mCA
z8VhN8rohV0RZkb<qv1P((o$rh9Cum_C&oqBf#FUG_A*1JcdzW8@t>a_#ho?*8D!<X
zA<3T<X9cF19T}igZdA%m@tp>n8Mh;VX$D^fet`PEYh-%#1t-7reTE1ze`R{le0+He
zuoLm6kHG=>;z}mIQNWqjGT+P2J<!;9YM=<80*=>N+J0z{_}ILCXKt{sswb+U7Jn>2
zq@ag3j|)WGZzA?k=kj-~XuqdB4UXAY>8zgiw<D1)6(;-9p4+O8?{WH9ZeH&1Voa9=
zsNrc}-1JS240YMSR}IY+PkcPvsqs^MGkN#AqkDJD(BW5}Het##Q~NOA5BNL*0t|1T
zw9Pu}D&k6tFV*|ZDCM=~m&M>3$G)T<2v{miy?jO&Kwvj@tYGc_k<Db`TXQ5s{KTE2
zC+m73S2y>wLN=QG_zb@Tr@5D8_Q7U(rHAF7lSkKm6h63v*V*)s=_2PbZil?OULpDE
zMh{1-?XyQ}6r#I>&T}PF3c3>87h;BoKL<^QKB-Iy@%VID%_a5intCbhq>5fBl0P9z
zuK&4@oFB7Tb6Gf$;x+zRJa~19J9U7*sfo4z=+xeCHiUG3pkhvNn%T{0_h(jOy|lN7
zbL)syup&7@blHKZdacB*bb*ZO<<`0KuKj@J{V)9|-eL>)nzzhm!WyM0XudYAMYV{2
z93Ol$h!@pMEU@BzZqOXvn{A2sKGt~B+b4*$8DITT_Uee2YItl~T&j-{^P<nNw~6*l
zXlnPONUvG)+#A4T^Wi=SS7HN@P|^xfBzqz1Oq{f)yadHW1hKC(c9yVOFf=g{BzmD~
zpv@Vj4ubS)lF9>kd~su=fMcW41u*O8z?#kui0F0+yrzXm$OD}ImN*a(qMU;Qqwhg!
zeYi8-v~a`}HgL2`df!lMyYZIH-PH@ipkqLZU_!FDanPMET%ks5VaxX8$LD>024%Ca
z9y!%aSk3{hcHEH~h?};i05O)o652797by^7Fv5r@twPa0080&{i1`)IZj!MOx)v~e
zh)W}Oi^ONZ8K46lC{ps3-G|RD9x*w*KF3U|X4(zs%9o7A(mI2NV2~R+%cSy}$eOqE
z3G7URSD(Vb7u*$ebf%>$0HG?r@B{1*du`gODq|iE$iJU(M;F)vR|k1ycQf8KtQTu#
z3|byzkP}A2(ju~C8m)PFqJ#1dgn#qj(sIm!U$qi^lup<V@LrTdfWWB8uLyRZ(9ilH
zj9Ep@6>?yB0imjyh(s$I3r&!_QHorh<idMjLq$S^xB3a?Mx7;xFEW7akkUd&7)`(^
z_(0<D%L|jiwRw)E0e=hm76CzT310Wm*^tyz(?JiD6!8!E7-dt8_LY5S0$aAFqEsOq
zH3s}|lVHX$JJ_V6#u<lwgT4N=#OV_%A;&RJHSt_Ik@p*>Chx^V+r@syrBZ8bU24}g
zE2R(F9frv6MAN_YVlX}*C@R0WyB}g)sD_tqF1yD_TlxaF%DrAAf4uQJ)}$(b1?Log
zmldC^IAE|@u1)FmJwZVB_>JmM)LnVcItNC7Fq=#*erWBusu-FeWXP!|*~}E%Px;xy
zy;8K9iHsZZ>9W?79C<f!<7$^NtU_8xhneI~`xTtVJ1~;=uN)NPnfEsx`|Lbd&cDS(
zxGGfOsP&aFKBY*cIa@h$T@kUGkg(Dm+d22cZxk2bAL#Q;cC%bbTk&4O#u*e>db8%R
zY(qQAMwxHMdPX9t+PU=IalEelex+1n=`ibNMxxWSly`>9CiYw_-ejn@qFQvXV>Vjv
zeYMKWOA*@>=Qc|k+3fa|S<^{HHk9-8?4M$Y%KKx;wV>W$6FPM~&)6FehwE6scd4Iq
z`6Zo^xLWzdnWvXgl<OUDh12GmZHTshR4F*JGd`yn2=H}1-a>Ah^yK!21hC1N_5`ok
z75>;F+&-S~Ldp|W_t(h!XAc+puO|2v0D%S1GhIVocjc$;ntmbzyia-?wOa+d2^{2!
zIE~$>m-%u&$P%qeI5sJ?MlT9fdAh14-*)7E)HlCr<<#**po`-4Fpjd@MY)s5I7eaJ
zKPjX#eUv@R?IVjZO9(^}9<1(q>Pk+aBue@N1{w0jm|=}hSn){qHfTM%=gh`_63L*C
z6<sDvR;G?}%~mmRM%@rzU~XN*7lU&&F`R@L^j;=X<%IQW<6pnUZb|*+$9Vk2)<Hcg
zHv64yGz!zFe4Z!WH6Ry@AKi4sW+{`d#%_!oo$JIO&@p43w|T)l8hZ*sTOE-d#C|K-
zT8N%i>m2z2pw^7#S`QDgvLnD)3`0%iDAKoql|5>rF(b~kKd>(afLKx>^on#hRP1Sv
zPDXc)y_7jBdBXq_cs)9{7-nC_Mx^`z=jKeio5)RhTq+^XX^Qs!%2EUK(*;E-M|M+@
zKnA%`wBknR1lX7uG*5>DZuxN23{-+6Uy|YRTB^vGEv}AV$Wgm+D~3VpQv3-Nxdvsy
zcuf!RzYY7~eRBOC=cj0m08H8Y@6})4x>1@=MKvMGUw2X}<NWgISX}*vRb>MuYUk$n
z;>bn>xFI>xa>VrI-@t^QV{L62Bh_2N)tVvSO8y^rZy8qQw!IG%3nWEBNd=UW?vPfu
zK`RP^w3J9UNTY~~G%P?`1q>t>N=OPym!O0!LMf3B38{BX_jd1derKPvKmM=l{o;kN
zSUl^Q^BHrDd)(u`m5C3UQZZFUMNwmmL3plV>EzV9&HaS>(&PBUYW6n<hKVp~dH&nw
zPUBW#A$wxkElWrYZc&=-NX-;zCs$kZP4~}>*UqW*aM)))u9$r~Eks*vU=|d^rE8<)
zspk@OT+O(8<@>Ptme}Ixd<=n+w)R@3<MN(wiIeHmFR6WA6gwR{6;CkmO-00G*y3=4
zLzS180Qu6360epRfe$t+cSqN%lgc7udmLGMREHkDh{LFy^_P<5U6$AK@?M%Zo7EH~
zHecv6UcY+d>wByA&YbDijKxKkVwyeq+tyU~=)VQj<-Mr2QknXy5Hl;2-TQDH``yU%
zuCCemF3IK(!G6B`T0|-FHle~w0e!C<)Q5XljbzEUb`IqQNH%TxZH6vv=LggijNU1{
zSVvdxMqMPGENB;nX$z2X2w9gm8cuDh7>ps9aL;e25-U+l8<zbMD&iDE(yjl+T%$}W
zDQ-0Tpi6-0aaNV>7I?P2CU{gn?d|0u{2E~YAdX5+tZWZA(}011f{B+Rd4X^YJ}xRh
zdRzYbX1iG`XZejQ*)yJ*Rrv$i7q3MNh_4-Lt3A{-8lkeW;4_qb=!bi<uv?<_YQef)
zo4M{<LE*)iwF#P)qM2aV+ieM{Nh(##&Gxk;pH21<eSbM)9eHQxb#DNp;^t!H!VIh0
z_yC?%DLmP_D<-QyRi&j^(pGA@N=c~MS@d43O#Ow)qwz272#H=>oQh2fIy_px=;;Vk
zLP9<#hIN#KD9F{*6%|N{*A?OiG-anAdmTxl8uSepTd6pEJ_E_|MW3c`l1}bEa9%lx
zo2#bGtZMnxzC`1hjU$9A?LMWvQOVc9vz?as5l@=eRbP#fgk>&=t|J9%^}?2`-L72N
z&!OM5wjb{a9^o`!q3wK(bd!oK7OXZi4Mi;PFB@5#dW&6WN>DHv0PtN+l|43Ey~ha*
zhQj6|pUI@0T0XZg!OqAb(GV)`(N3P+*ku0YSEz{>VWW1&p|}z<bTgy|w<5NQ9UzN}
zb(V+Ot!pU;50f_J+`jH>Xw^utd_pXi`n-$mSdNbElc*DcX`>x&L~;0u2|}XHxa-{K
zHE&BWl-a`r6^O!&9}%h7^Ny~x1LrfS2<wB!Y6p-4V)aWAC|Gx{EQJUe#R*%fm&DVT
zuBCFi7U_g7bd^?%+nQ*Iu~Ax{!5YhY$78HbREWYuK4lM1&?v;_j=WS@egAUBhAMG(
z^K0qC>YJ9^)G^BVcwr5S&B^;6KQw7Y%7vS#6rXx-7EE=$812YZsqrinZ@87IqGIzY
zILTQz|J(2pfkcbSF06WRv5nldk0G_QD*If&b4K}YH3#g;@J`2-Q*v%b+biv?TB|%A
z^WCNywtu={M=RnlMy@Or8@H?=-NdRWM!rIST`;!BOh0@vq*_h&%td;c<ae8cS^>8f
zRj`W`DyBcuEbjMlF>Lwx_6<q<9s0!8|JZ>0O*?Tc)l7H#E_c&CjfZ!eo{?#1&*lv8
zQVEK0uGz*Mku!;LPno-%&bh9RwJZLZwJF@Bv1eH-z0zW{uiZ9gM2M><=Wv;CYqOs~
zQ{JEgleOoEG_`l8ejWqelbA)CbE>!5qT}2(4Kk~`*SZ@BTUyyj6~%<MM!RjyVz~@%
zPc)HaerD66r14)hr@dw@fZcUSbyb(+&JWly;a!AB;lpBGkKVDA6}<H4XPgH9)sm{#
zqK~KT8Y3a63TH5ISqq{R0<BIxfwK)h78>VO+jLV1^f?_Xzw5HQjw?0wxl4$hZPfgH
z^)Vbt&$I&XbKruz1dMPY$K(P)#PjW9Llf>{I4IO(ahwG;t`0{Z`*JE(WXCPTe!c9+
zVx@&bG4Vn6#B&pTO8qP*GC4<<mtxd}?)vB^EuSKaw0U<6dN6`mOYU-4(9hyKXeSUE
zF+95xFBKdc_epD0Gbbl<+{pS|LxIL*hoW|xtUbnN>N#$E|A-|SjaX9Q+o)bcmZsju
z^AqzQAg{fw-Ruk;+56@rE>%s#<)9eyu7-DV9$^>)W^G>8TOwA%<~);>3oZ^F)N3{z
zUM3$2gtKzHMZLQHy~ncsg1=zClYfPIR1qt#W$Bbwt7LSR1QKbS4*ZS4!Rz5-1^1Qy
z%Q)Ms;j2&KySjnp7IN<24$Q%v&9xe%H2k7U84vULsj}&pU}CiRYIjRexp*#h`%`Fg
z@vPxekzY)v*LVKdowTQ<X`*T0JXCl;yWS|FREQawh$Sw+Ma;T^v!EJui>KrwY>nL&
z7ZuTT`c#z?V^Ph00#7pO!1|g~zi^N~O?)O9)3y_Bkuij|$Pr7$-gUkmq|!e)t(Zvb
zpc!1@GZxoqBuTEUlyE;@*8fv$?x%s_Eulj@eV0X(#Z7iyIg<+cxyK*&8dvDZ*v3YD
z?s=R$|43yapD#RPE=^_Mjb0xmVJ6}vTyw<`7w@jxhTW%`-OXv$^EWJFG;Rzi$u`(c
z=jUwiZ+Mb5<G##k{v(=(yJ2HDInI5~$x=+y&R23dJv>Hz+%dK=Y|YR<^Xuv<F;)?C
zYHI_d*ZD)vX$zzI0k`a9w1*G%X2p(f>c(trtH)GscZ`YS>|@@j*Uye{wybV+SX-G{
zmndv*;dc(#eVo@KXX85IawW6Mo92;Htf_$g5GVT(&xRefM(~7RdGTHr9;<}vRU<t`
z-ojQNTLCFYFJ4}z)QAoB{%Pl?$rvi<E2~8fVTWVyuZPCm|FRv+!d#VzUw4quhn*hN
zF??SSTuL~17dAcD7d~^DKg#O%6EF^>A_+cwKMcF$WY#9u_Krn1hv*$el*(zT1EYtQ
z>Q1|`mfdOHu#`;=!&7a(SwW+s#(LI=F(i$_&7`9Dj7pYyVdsQj$gpg|imJuK7F%p$
z@>~TPz&*<deq4veqE)DYYEi({O+KEu)7iH~dI?MW^pCm9c&1`*HGR?8R2;o8UJH6O
zF4p|sMnmqmakp8$p}no@Ad{mm{*jHZi;Z;3|AKw6si5=$QNx2tl_@?KA4V^Amxa5k
zI;ekfWa`yyl;EaJ!nMUcv62lKC^bIGd#!%ma>p&jRLpO>Zdm%ZdWMDTjf(Z1H}0(U
zUtgi?r8w640Yf&^bIFN8P24N_6HoKDPDTU?QoLM09nz*}8btEt-NKujdm3W>=9m@N
z@UE0YcMTenjjf;a$bA2FSt&%YJfZ#CAb%6-;QDZSh(_$vOUaKyev8Q>3QbZ9S1XfD
z>Km67uFi(k(W~^2itZ7hi($NO7gqd$10Rd2*Hv#86P7dy<J6ThSZ8l?@w>4=ySTk)
z=RI$3vYl-?XTfoWrmc#CwTD@_%iXg)H@~wPUAgU9wJ9hN9oN%VyjP{Vm-ED@y$Ka;
zuQ~f$EtZGkSJYa1m6&Rih2D#`x(^MQy?UH~nP-<iZOCC_tKXmh$JUY{1I-?#mD7pS
zt?$i}I4`c<oDU%P;eMl@Jt?)CqovL2H5X9Hf>kZH9@SjF?HS8H+O4v0W#fcV?Ss3c
zF-<b%@N|9&m73Rk_M3Q8r<Sh-S8KH0uJ&^4ep${FD-E8rSFRs)pQ<`fJG0~IB2TXp
z(ID2em@!!5m(zK?P|^GCt%6RH`P&{UQuA?~bQ`%ER@jUDuNIRSFy`s%5##kLQOUYb
z9EZ#WCSSx9#^(>XSuObFjGYM`j4ezoBMhYEbBx#(#g~3;H9w)elQ)(qoOGYM(r%jm
z^Y-Jh)kk-Iq%J;CEV3^HHQ$Rd>W=m2{B6=}_2>I7nVVgOtV9*LMsHp?87^AEC_Muf
zamiT^PM+$|c|D{lq=$%|g_le{435Q~{df;KUdr`PLJn{ma;5&(oQbyNhU7g{*krQq
zGp89<y<_gaE4{Vnu-o~HsbCkRdKaFgIaQ&^hoYxZV9k-?ZYJ?pt}*Y`tax<Jk>%<>
zzR-3ngTs74+d*bP3Mht1Kl&CL+r^q$9lGMs$9pMHrd(iB=l-~ww;#@<%sbT7Ia4=&
zno6Lhs)$w0v+2x>a{*MqQeOu8A}#UQ{pgmmqbKxMy#cG<i+NJEdSbZ$%<0sZqQ-)g
zb7iAFUs{TtSvzQwaQL@PiA@y^de!cOAl6o(R~9}Z!BpWptOr$@xreinWAgN6WkM22
zaimDrcba5YByK-7J(vH@p@_><wByN~=BySRg_lPb_dlu)RIKFtFa?@R{4do{Pv&>l
z9}pGy^q%nd=DjLv{nVO>Q#T@6Onlk7u*a2~u%wIS9O*ZrB<;4WVZphB(}}Co>4gWJ
z=4dy5>>ei<*;!~|GkcE}R3+*vYtfmI)PHQkd1Cb4q!!U9o5$tKXXD(`0`ewApD4`s
zR$mPiebrRb*6+}`kDI_y_dHH$uxTkR=1}BDtf@n>hNf6V!0vLsc2;iDJi~Iu`Qdj0
z$#NYfO`_~hcFDXoD%{ncW&0A^@;cAL=e(9nwAHTGz~Gp>`PCnV0G<6A&2K=O`Y>^5
zNWFNz>Mmje9r8?=-^O#E?JPRVAloFuEhlAgrVL7;Mt4%8B8*m3gk|fRZ!Zr7rGa{X
zf53yCllgJ^<Fl7nw{vYhZWt*|Zj#pViEuk=%=#G3Kl*ix1qk^PR-vQOelm;NVYRvU
zPRq)GQ>w3Hyj&aAkjvea6G69mJ74RxfSmi=&O*Nd7tg?r#A+dfDq$`6GKKFpgVL2d
z_Mo)w55Y@$mg4?#oR7-!$xlYEZTaD00>;;#dRzCxNBVxY#<lH-s{o#s<iL}3qD!Y6
zt)g|;bhRJKY#XVMr`}5o)8+n}l9zvUGx${IIE9Ar2c^xV!%C%{zB);1?k`l8K33)q
zOFuLCumg!cAqn#X0>VLnV?`W1GDjSA)|#k>o>9E6AbQ1qK8b3m>0<V6PsMc^^(2^8
zO0ZLWGsxQFM!j5;SEgP4s%DJu=Ue>SKS30fNRSMB+W1;#2wz1m<?rb>TzLFJk((tr
z7oi+w4tjPyz`7M!7Fl20{*jNv3x0j2{E>vQyC?hCHzYWNtf+0w2X$c||J=;~^`8u0
zO2!fU=Ci|ozwi40`a<O(QZCcLk`sr8q;=8b@!wxaNb&#|NH~=3yE5qc4=+4$?L3qe
zEFV6*m>>L~?+B0M|MLrNWBJhYx{yM`EC{&AQlBe5d;j+}?-Qw+o`l<WR3t+ypA?tn
zkp1U!{aU9#7aHZs`b0V^Gey6->f@?%{_X|;_Pq}rgv1r!znYfv{@Mcn_T&Ha#-v^?
zU5g6;v>4|zSjibjUYy-ir*YwbE$`38Z>ANgF~CO5|DHAc%U1l4>-c`IhQLulmeJwf
z|NQ*u_s(Ns<KWzUA;kXg9d_W!S=cz!@839G{D&7pWsbv8Enu@oeg64QDWDG(x%YPR
z!~ggc|M!>U(9<Arc=+Pq-KmWI6v!ynY-@edto}aJcb9pjowERp=6CkyEJ!Iq)!w=|
zUDbW$<gfQtRyY8En}+6I^5ehz+sf`_@~eI3Na<a0>UwLUC=yXITNrt>XbqFN6v%?s
zcQ-SXl>(`Nc)>`G+QeiNI7HMUw>ap+mdb2Dc@#mx|Kg>#9sq)Me9v=f0rF3F0;(zY
z3b&s#jJ}0}Ei8wh{)bU0r5H*UVNM79khXr#VaNc3y$)%zpk~{{AEw!MN~eV{)!#=R
z5P14l)D#q(5ZLZPhcRMVf(#H_oIi(m2urbE9*m)y#cD{A!^oG;It&q8CzT|UBOzDh
z_wXeb(Y;4<#Aab+h=Sv6#QiX2>TCu=(a+VTiv)_kJ$rr|^wldqtia5TxFIwTv$8+d
zharYzE|6OfUitX5$qf2D`q-!UF06{zOa`*;XnmZ-Zl@gl)DB%aAv~0$T#j&UOI#g(
zKbQ8rd(ec=d@bwWZ=Q@QipTn|VFJLu4`%LaK{$k77kVe9Wr!AmS_lY7^{s?vWkbd&
zOdgrw<dD=)BC_~0?jD9^U`8T1GPBUR|H+M}(k!;?$5|+*;ek?Z218C%ZOIG)Oflcz
z?*<YQUoCJ&ei?gMy-e9nCE)!NzE$Tk^!qnI$WL4&8+i|JHON5L=K$;VQ@|fM@&cZV
zh-Ih_gCI!v$$QcWDw$fOzB4?^xL-LPl;355>%H7=((@LkZTMK915^GMOkl)I+9u6c
z!YGg#OxR>z&Nmh%(AZZjTD-D*#%SJPRs4MKfOhMTqV%GZ%ex@{zPL+S&2kO(aWnN(
z^L{>}<UwCLa{1nuh5c)c`D@E6Z|^GwBC~m?1oa$F2Xmo`K2_202L9X-N9oxf2XMw7
zl@OyUf&RP*bbZ%l*Vx3C>7gT>n5lZ(>J!-vZQmi_h_rTAz>HTdBxw7Dz#rMERkYz2
zIUP498)mY!GQkR6RBa7fzZ5^a!Jq}eZtn5r?cGd}YRWtvMsGIcJsJK+E%-U2QOkh9
zX)PE494v~^QuzJ>&7!$|3~Dv|p;8nJX^X$uMRHv>(2fnt_=J438?RdpljY&kEhcFb
z+lyiQiy}hB&*2RvgqZ{l&B$-0#gfPYFFzzJ!B}>9ph(>S&h0NAw0iIE1WM_bT3jvK
z#k}^8+=ltSZsM$B{Rx=oCPQ?6st?Poo3YqZZsqnJ+WS^%$c6&-&m8EOy815UCGU{)
zxwewY6v>~MLi2M!HK$PDd4AmWClw#5lP(@*)Z~`Y?=2(T)%TFGu0;qO@g%g<eej_Y
zodKv1{$r+qW=1@nW;JZKKB>lh&iY<5{gR(Cbj;~`HLYZ%Wm|#6WBK}Vf7R|rN5GdK
zjRf^paI1t~G4#>xV*?ZWEyK~`zN=yHI>Z~o2>eCEI}YhDBjH<VywfQvtcxpY(rO&5
z2~bYH6po75O5g^P+N~2u<hi|;0%ArRR?*z0=yR;V7<9lJ%-`+`;=5X%6@~F++Fuim
z0jtbXw1x?ji0P{VWzjdk5va?-kld)p40IiWMw?c*ko@&PqxBCMN}(xglQO^$A$tU?
z9}GWI=tsxpAz&(Bq$~K%^`hLDx%|I5Qj}v4Wc-FEapha8==NQ)h(7(rjYtUN*QA@Z
zpMW#)Lz(O3y6ko+)x{wWMs<-WyGnc&cp-N&a&pUjL^C8H+f;8ljw}+fdROl<em&Z^
z3A-*7$z93Am5S<}5y1wsp2!4q10mAYW8xahiR=PQFD(w!&2WmGCJ1A{QoP^oQ93j|
z-nM=L8x*NIjv(#eWV<><`zP*4q+?V^*DAr??}UB_<N21=cdo&2{C=$5J<$sBQHhio
z=~CePRV%sAqfxg8f3?aB?Ucnqvu2xQcP?}#&YUHR&Pj1mrMix$NfEb-MoWJ2H-SmD
z<F@i-okfmupSjmJP)~+k@Qnk}Dn^W#Sc4$tHcLagc_8nba-=#ogN?J`j*4I-Tz@&^
zdZYn?Wds~83O~L+a<;RMus+R_{uClJ7b#~4(vhfn964hh+HrJKH6zabvpXCx4S^Ef
zE=m_I{fyV~F0O=%<7JOGPZA_|a5vokz8q^0rX0RhvUD|XZ+1|I2VT#-@3<P7;q>Da
z0k&%*PK~F02ZpJ_gtn^3ij;>jrXUcutta*%LyGVUQ5pVH6sxfORM?aq<r`gAkg0BB
z{15<j-Is8tEtB!v_uw?+KunRv+rcLrB-UK(cjw^}#aEjq7ZB0=8pxxuyQc0=ZtXsd
zp3-_`CoXMVpn-R*-BnTK$E%<J>dMTp!iExzAZ;S61?-oFkiXeQfZbdSBv7pqd!x=#
zkX#H#^irgH<fMZTc7uA$!U^`jG5SQopSzFPxNJPO$s@}|>{L^2R`k<`^-76gHH!|~
z^GD4S)Gy)4n}|4BV#g<87D^_3%7)`&RG<h~j19(>iA8b%w=I&Y%ydGe*!*c0_MZ8a
zB3Q$SPA63L<-HsyE$W_<r!Dvd2e^6Q3hX{AG|sa+tKHFr<s3;IT-6qjTMQmyCB@J*
z?QqG(-roO4uil0$Ikwf{P?z~FhL&;cTPtQlGv<NTs&2Bz{f3WMBu<>dozcez9`;*I
zES4Ba?AXsBW(X|1ei^wpj=?SQHWuE?`d@An;xxNE?0)ngnSP+IqbR+#z{GLx+=AS&
z^|Ra#%JjmkMqPeK_N7_5<h<#E-{q<b-(L(fHCL$;#iEmG(Zp7wbMk8R=D7uh?SMBv
zm~|T@Zq@2*>BmTSfJ;WzG{L-M@hE{hxAToy(t(pB683T5>SH_h_peTcGg|1=z2$nI
z+My#Gu^LP%#HdhKc63-&Ly2W-@_wMOw8?^8(1<is>mfQ^uD<X<n!Rs(<A?DzqHy&9
zq6&N*tnCA%A%H0$9~CEQ9r+&nw~47T-9Gk=QzASi`x}oC#7p7q$>+ik%Sn-LH;%R1
zV*+^1TRR{Ku-?orTORY#czT67DK;*cOZlvgWpgL}K;yACYG%<FAYm>UG-%fut4#am
z)Ros7Ay{i!{b-9*SG$4h#<)+&R{cE;;vJhCfO)h7#GM!%?^E@sBTLLo<#A`TXCxzE
zTzPfRGK*KRt?;OF!+L{-=BRSdBoK}+Tb1-H+k2eBsX3|!H&j%EK%~X+gK=-~2+T^e
z?F{i|f;|isS>hYqu4MXmjlOj@_n8V~6Z2}iBD9jkH@&RQlrSUK-?4u{D=-1;z!GV3
z;^IzOZoOjE@$?-x5PfOaWSUwjYS-9@d9(|mw%*i<dEbP1%(mTR9?zyRG#-*=7dZPK
zIEd?y__kjQi8$?X*y1T0C{c*^sY`jiuI%^5b?CD>*q9%l+I=^(nl-=q1fBj-CXnU(
zGvx4fj*xI`B{8Q3Y=nydSJfpTF>>Qq2kEcX==37-fMYt5_bfU7Wfs>3ri)SojbvQc
z&WIE~9DQQ7dE`!<m8qCQ+Y(o&di@deTy5IK3>}XuJGQcp1ZZ(3Zm1<)W45&AH8Fg$
zU-?_l3j-BiBOEL5YzkISv*hkLIj!~&sgeuE*w&A3EWAF+R_aSBE{*+X=tY>K(IoZO
z5!*!d(>Rfq>nnAoPg`3&3d1o2<THz>lv4<pnW7|!D&r=&l4a~IO6a@Ed=buBXdxMN
zT1>;bHE};fn}UP7Ku2MsyY|CGu^Nl)F0wfsb%-j1^`?3x9n<KcQw|h0kHIW$(dyR8
z^r!dyjhkJ}d~iX2s>VoQk1JVaBu2n0LTTVkzjgDq*i5x1dk5Ml=hVc9^>4S@JKW1K
zJWd*CHnH4jeT&M9sPd3fePP}?b8no(hEj)A?8g>H{P?RC*V}|A?1F23b&nU@F{Ed@
zrP-O}Miyq+*a>%Z+ilJGDx!Lx`8C1lqveYi+i2S)xooQ`J`~o-vH2d774A9WW;a}n
z7i5z5ziPVU-uqR5uA)6dnGX#lU^m}Mr1qW#sKh4->Iy#Ns7yQ-`agf<${98kB0Y#)
zw4eA6hMc^9-+`<0z4+p(?Bv_snsS0z#&*B_qxnp130==EHY{2CLm^Xl&+rvEk-@5P
z<E=|4Mxe#kLQeZfVqh1VgYR%<x?GZ5@0D?XTCH9*>n871tJHa2sR1&7Hc!0sXGm^4
zH20QsjbgR$dB9N^`9@ZZpEp|F+~63$Jg`+`EDN{>r0p?hn=Z9m31!dkA9*|`))IAE
zrOc@3EQfdkyG&9vrj?O0(H|smmJ8tUeK#4`V9ClHq+K7#C1YYdDqir0l;v%q2e~qB
zE01k5Z6k)4{F=DGAlK7w-NtCD$*Z5xv`#z3u=OO<REhfU8ZD#@-Fx~AX4nW-B9y{M
zJ3Ld-D*K{UHp1&EXT;kX!67CS-PX$e=s~W>kI%ad4N(H0fNCr1zuL7JIraRgJ(5of
z@(bR;_%n4UIJ<6CpYFHXNnbo}J_9Va`h$b+U>)`)oY*4UJd7iKc1DA^EY(uU+Ls<)
z_|z5GUX~PWf3zjNMl?Nr#;bKpsWx<6#A0V<Ijx-4gdd(VYMnqcfv)OwJX!tx48ks}
zf3qIK>I^Cjq!UqGO0F5@I1@tXcSGlil9(qy4!}!c4|B%ekn)3&M!bzVz4JXk;GM8U
zN@xE)x{>w<m`mfi&nS8n@WETOJhf%v<*Z16aeX|IE}*Jrfkb4WbUIOZ3OS^W2<fW+
zHjbs>bM(VIH#1Zs4Nz8tDgrTM%KWKr0I1w~YElRA`#VDTnayn$eM%syE<C`TL>zaQ
zV<51cY~!eZ9kujZN}VZP*OJvMwl59}A9c>WHOytW{)LDntEe>NZNhiAlzg}2Y=59H
z8O{_@W(}UQ&Ch7r<v}STtg1hj>P+zElz_f(2?Qtjs)Uz}^75F66`B&cGTs(LL%;H5
zf31L4vE^y8`^S4NcO+O|KHSutI5yB+=KP7#HNJ*<vQzS7pH_3PRY`J<%<wFEoUT>M
zu$uuql|kHOO*i@y@V4Yr6;tLqhmU*M`RFJHSOhF3nGJO7_E<lAn4W+$bb4s1v}a1{
zaU@2XyzjF0BXz0t6M3TryLNk~&E$=P#|}x0d2QH@MW`7KdF->}VmInhJot@cb2nJA
zZ?A*ivFC-em}kp_E9ZM$enLSK7(#zxv54d0$xdC)4X!1rrRvqxy-lfxA8gem7~YMk
z19GBIs42y36q{dh!E)2?Ud#TB&zk9>Z2mHaQ0+VWrsB&*%lcd(;=YqRN&X4!MOcdB
z0!O@%%*|qiR<o06Hl^qAMDbEjLjuVhP7#VGB6FDw+}EJ?4ELK{9k+#W;77QV-(AW(
z2C4P^6GJ|8WjsT7wF0Gmq?J4?Tt7<=9CJ>n+;<|t0&{+EggU9vH<w3b3>WSG0603=
zNsfuCWphq$TQIo@omb}&X$`lq;qAGKbx!+4HzHra_vY2NKJ8#Ri`wirZ|`BQ>npWf
zc4G?8>}R(*y>^rGWf`Fe(IZKtt62952kHFd5jx~^xLrzt0_7&gyj&gyR?GfNAEV7L
zf9zlzNP^O{($X)R?}s;U3rP;X<3!%&RXLqGpLjowPKipD^zF&zMhUS;ycad46o<D<
zr>Y-@cQ|`*UV73ovrDNMIZom^73$7}7v%ir1_=3AqAlacuZfl9^Y2;(mT+I1y+}x+
zO70ZXMB}+IUJO8nNCZO>+|i%PI1y)K<RbG=Aqd92jAyQg>zJAfh@zf}fA~3XeW=o>
z!9^y8oi5O_%x)7(yDutIT&e3v3tEKAZ|!bPD)sAsS;qA=3_iqom5L{Ae7#x!y6jY(
zauI~zZ=p4)zE?B3P#aNCLXC6g9gHUpg39*0a)06sqZ-DSm+<lvK>#@xJ=>5V)HV7X
z6bewi#6fH7t5!cbW*F?cN3|H+yY8U;iv3wg-+^m0L~*5p+{Zrk9mZF`-p_u%J$z@&
zf5P)S^8f3a4|Fd&ou`9BKLKIA@nlZ+1Hz#PF|SNW4jkKWIuog*tDj|I_h5y3?#mDq
zI<<(6trno|;)P^fPSm=wvRPAzD4t&(OPP%8ZU(EB+}M|*G~KutiT;Vzxf{p2KY<v9
zvJD5($tf>sfdt1?^%B7G2g&vYwjFM{S58_+$XQA7j)Q@)@l)1?;8gX%_Efos-YKQ6
z_Rk8zZ!i(Om$3t$viXs}wpb|!H7dR8gho|a{Z`&P`*tm@MlF-Hi{ggOn+@vMent#F
z9%X%d2MImk+VJ-Vsr|$+FFhv+GIEF+%gGL|0E)}^sQx4(iUYJVfVi1Iov<tJ{rdjV
z=(+~7x-+~_Abf%Zcf&r5ge-fa7;j@EW$aOf_jWN6cNA?AHF+(N<$tWB-sPQ8%aYX3
zhephLX<NziMzJW?;YxPW?&wB+&-lb%oYS#sO`8dT1pTnI&i#shKhYIfuW+@%uGCAj
znKRbjqf=rPtuWkO2T)vp={`KmuQM2q_HTCqD!t*tj;A7FE+;U5m;y!jqQg9b@aE=#
zj>BA9Co<sG=4N0+SnsznS3a-Gy(E9wl`FMz8t<(qG_dr&uJm}B;IQvX$KaX!(I+?9
zgch7CxV6#@aWc~#M%GQqiWiiFt}uN4^lDnbJYyH8Jc3wkyN2J{T>|%|s~a9dZxwge
zN6nx@PqsAh1fxtRAOSX{BYg!CETS;}%omue38Xy+0i0W`7rJfpd14S~hyo&24w)WE
zA$oDNAry&}Mt$D|#ljFcXL34cH2<X&k#T`s005xHl%!>=wBFyuYYga~A?}4Y$&ZyO
zx|?J+*gjN*srh9ykT%Yx0=xJt<bp%v$xClx4pvegs@dof@P)i*J}eea`xF2=tCaR>
z>oo6dPURgK?I6j1UwYFYu%q|br4}~7l?y3psi7l+<CkqhdOQK#3<)CMQ}69EX<p-{
zDkWSt7Q;2a`5WAP-9WK*#An{x?Z8I0`G7BJXsYMX@uA1jgR(de<lCd?Q3jp={u19`
z>#Ct=3K}_7NZz~2ldP&p1N6U#`jWO4W4L6YW~u`_S2j(V&$nc#XoeTju=R|<&m8Vo
z+I4|)U*C(TBSKDXEU(h!phNIoGq5mOYRGG})X3t7_M9t#!Ok;!M3HejoTonMUI{d9
z1#t+v+0w+5cgH~aR0vLXI_ItD(ArbT1-upk$fDwrBkG&0v*5rxvrkSI4Sgggm(SqT
zWM*G>Uv&yCEFhyd0mQ~R4J9uTl|FzHH>|n#HpmEBn9(qaJ+>Gv^$9>{gy)KDW@z~`
zZ;|~)<)9x&l&3b4Ks@#=@XyTGVRWBZzY=27f&fb?B#QOJG+R{#e|8R@)*Nze-QNyZ
zyFM5!`WB|r4v>v3rQV$9Kp=t_&{w<qM@J!9G+cTxFYMdkDlkM#n+{=(kTCCplYP)L
zGuU}1L1ihqzel@mhK%5$>(5`%ORqr0qy`$C<15D%I~DILrjJ9<5A$UxzoL*=yn2bT
zGv{*1k3&+v79rTDU$+i^N<3<n-RkJj^!X^gtxJ)5vXr3H9=|YpL5ev!t~}(2r>sA7
zGJH{*;l-!31Oy_RD!-k$)LlMD*;cnQ^W$qQZ7b-CBwOyE!{>Z(EwZA&ok-F^PVs@5
zP|UOX$G7L}K0Pz|8&1l2%pZ?NMh&FK2l>gIA359@>X1+sb{)-mu|t6exOZ{l`t2_x
zXH1#v+?~1?;2hT*r=IjNulC=rg~R0DTv)D?SUG@xn-3Fst?Ey1BMtvWQfmi2)6yfi
zS<L$OQ}GRuQZpZbiKmEC8EIA5WpO`imV>QmeoDJn4k4~iuxysr&o6gS&Z=oRjv<g6
z*&KVdeTLW{F8$Qy<_}QB&~^HVka~!JXGbRJ{@_D>R|%}P+zNkq!Klb*ZO&Ud^7njX
z)7YC%E!{m%x@4X|L;2?ZYlF`$8KJ=V+E-;?Hqh$ZYLd`4;^6$llEl87m5gBdqAo{E
zablrM(KN@C6yegA8~3K3=gy)&)f0U}p?gtpZ2xSo@bN33FM&y%EP88oQ9iN$ZzTlM
zn~R5|V)_v#8Ez*q{p8y7R<U=v946K3<)Fl5uAIP<hEz)n05u^cx`i?1@5W7M&V#gy
zE0#cbI}gkcKEqU3UMt@>izM7?R<_igBjt?Kn@v3FRDkh#Qq_yMG6Z?EQc6Z}Bvp}m
zQIa1wLNP5P4@349sn|Pz4+$>U8I&Tf&^hSlP4exja-`+!pPk?P{*HEK2Irg-{<H2q
zz+V8sHoe^Q<&T8~CvcGJhk&)Jk{t+x6xmS+;gA>&Qo8tQpbeSZ<&>OGH?fP3&~?#M
z;2U6zf5`aS8VP)oo@(|M29VadFADiXRKO@;=EWS%LiHp1FU!Ke8zK3dng;57_s3hQ
zKZhQ2IrkO(wekK$fgrg=O~vuniSyk`vJuT22eF8B$mD+4>nW()8<x~+o$9Wed!rj*
zQbsE4)(VhlkhIDzGD4ukA*rdak0K)m1%buA7+oWz(**7fj6$!!K71G)j&!7u{#I`8
zJH>szJlzb^xWF>!;LHbPXSyemUfOf37v*!W7we~y=f#8Ef?A5tXj(5!0C&#U52dEG
z4OG)^HH3RGxEbWbhi30iFB8+qi>!S6_<Y3w;3tOQe#~28I1s#UuAvH4i60HC$m_1O
z6liTku#IDd5xu;E#I8lK<o*Et;?7zJa!D6g3^-)c{8~Ka15jlT=74T;gR{T_@;B%p
z)U_klAN9>%$BW8`|9)r%{ot%QuA>19EBVxRnBqfb&DM)a%IUoKMSDwXbpA-Geny(#
z!;RlQcH(4$3FOB?>`PS`D~01hcyi)rRmmqvn+}04q<qU7IXJp*UM+RqHQt<*7>|Pu
z7TjbiQ*$s3sW<}^3sC}?>O6Z}ve!_YluUmZ^|TU&2N>zUqP86-G66x+3!KX#rjy8>
z<Ti@~<85jddSq~+%w$IN2Ce4V)#H|QNULQ5IQyXpG$-9B-Di3;@uONsY)lWT!|{=b
zA1nmhDfu>nG(ibTl2kM44oOnB#o5W{4yT#yf`@E4YE+bCxBDQ1Uu93QEabTvA1F+C
zji>_i9<?+W`>Yx{iApe6$nj#r12@U{_U(_#{y{%b1YM=GEzqiy2c0S6ppj!(%qz;-
z%b9+eNB1>6Fjr-d4-~IEwSNRz7!bXgJJ}F9+U_-o#HtLfpxYNFz2AbL3XS=grMmZ!
zujd!mGn>JrL?o$i4~Xa_C=+bJ5kLi*vfYZ6p_6J|0E~#5J%3S5fd*ikryu<e;%b}$
z94hwshq)(z1L`VYJjgB{Kf=tEZ*eI*T=|GT7Ncu}nQmO?yp!Z8yAAP9iYqIeoGcQG
z-H2(m5yy82FH@l&=S-OCIGkj}OwTbA<Pzd@f`qO3Gp0+>0J@j-Lbzh#Bs!(O{78ya
zZ+ELOCaTK~wd=V0qs>U`#{=g(Q_^ix+@<F@0#yi(A5Kr~ohs0VR+BHXXMTBCoM$)6
zUX{QN_P-!gx~yO1+2ASErETI2t{H8Jq_H5Q)63pplLDy?)hE;$73GMZ!klSh)C^T`
zwtA}lK*mo)Y8f4lF6w0UJJ6{RebVfMxo2~z1M(hOMd6nwA*+_qe!bhG?ef6yiyn^6
z;^eY%=4iuYh^feCH1@e>QTpg@&fO>-jm}k=61&q7SK|XDbMtJe&6C{X>E!->ii+uY
zy_&@4Lv{GV$ZmhXOFw(w8KRUDwykoLRev7jf8^o67acX~ghcmXHv$x6m`&@;A)`_g
z#fIZ)Iv^;KT66u1Y{EG2Q#B4#Rkh8}&Y+`}iFlHM3DmV&EpJKSxrI|_pST?PmsgI%
zifFEM%pPap$}-I%qGw!P){>P!40EZ<NzSX{o<5M}Uhy#Lw&Y*xgLaCDX-!}Z8}5-!
zT%P6tz(;I1lOZWKZ#~C#O}*}cUu&;R&ZPL!=fxm7$klLb^fg%QG|ch6HnAX~bK`lU
zi4{yL!;B@J87b~u99^f2;(8Lf0nYG;hM)tdUH*2{!iFxe{u}D(p^0ZIb=O0EB`dBW
zJWMT+?IRA$gV%`svP15)`*-w^2e$}LoM`5;RwJd$HK)3$N)yW^2V=&1Crfju;s&_9
z&OO=^2D1z<x2C?wY&h8_WiIx!QX*WDHY@2?(e>oJo1r6Y=1tnG2`;TaMcjD5%*gjo
zV$8y(q|2!~cpZJ=R1bk^y4%p}C8;ljRKjzVvAjZy+y-X@GOhJ351I9|Rt%!C)ScQ^
zNv1M{dN^%f7L9;I#Lbtwk4>jA)0eYibCe?XC}BFfN1QViDP}2$S_F#JGYlo)45B$E
zS=xe$N_cn!7a&_;Azrl@Tq<j%UciONnNAc%OEsSphT~vyecw9wNQa`^R2P?3NX~Nf
z;2&ps1}}x)!!ll0_ci@L5yhXo>Gv(ALUA6q#<shD77|qcFFR}BKJt_9G!{HQAUf_U
z42dZtBPY9FkK4p7$adc42pUDz2I+os0`YnQrsB9^E+@5YKJ#Z*2`UWP_eD=A1m|I9
z89CO#M(FM+Y0mPPB7L{xYbx_z+H;&WDid?4$W^0W-a+#74LMvH>!@QEXyF~y`O<`y
z=@d4mc82Z5<UOfoE;g8aEVL6JP<BeHIyR`@e>M0a<^p-2F6T0R0G=raTO*iMyfITW
zV9--la2O^lUA{u8KQj-_yhwAdB47Q6d3fUQk3VkWo>(u^=<mtVN>?^n(IQA-+1tp6
ze9uR%W9}O{C}&Vf+JhbFVxe_Mnls*dD95h!k3%V&Q^Y{K-Qvu}PiAX6LAQ@Btlzm{
zrkrj}?c6<R_505Iqf$V3@)`kAoILljWR^YwiBxZIVNZXLc!I-R?ydu14QhTq-qgJ6
zOb=g{Klvf?4jAM&zdPx>Y?Tw=>*z6rOY7E>9dgiL{`l6%;wi4f>uQTD?yfUR<OM#e
zV}(zc5PdjkbH70?Y1FRA=`>atekFpfzs%Q|@n-4yN1T!;{F`MbBf90l4RhU_{hZzJ
zNnA!D8Pc~${65v$2&RhotFA}><Fe87!yHMFRNTL4*R8-WQ3>7rpmbkB6Ue2SDbu8E
zdjvr5Kl`y7k>9(QOFsm&X(pcL`QI}#@lX`g?Z&>Q9pS#2K!u00au3m~gVb|f)>Z7j
zuk*h73QVsbq)X(gy8)G2N4W~7B5aCdzE<;(K(?O(IB>W2d^FPjYb*ZCS3$Q0Yh+5`
zh%)ek8o>PS)%s(_f5tpA#*y!?zel{ka)Mu9eK<u}pE^5O?x}zmlUDg-!++Dx&^OA%
zyZ=Wf@$0w#B32v_29l8%|K#u2`7f9BAJ5LWOK|L^E|t6d?LGaMopC<H3z%c?436jg
z&H4E6S8zTDajfEo<Nx_e-vNtIaH#qC--Wz?{o~3(vIl|Yl(Us*_#YqP-(CklJ!T9a
zX;HTw%Kd*kSpM_BAD${N%NmvQUseu!NOGH+O@F1L{by6^zpcx$P8kxa1*!JYZ^n`*
zg8&GZtgUoO_`er`cH^(_1!eP`kAJHOlZ2HWVLrbXn*Vtrf36%gS`K0bCx_yHx^@W#
zSPqT(#PWuJ_>jjsmC-eK5>HzF(|Ra((}~m!tVERk|LQ_Byom=Lqzwp3n)fHlTVD5?
zyct;+XVcx1Bz~*s#g*H?vuxAy@!qK?{#v)c`6{EJ1_`(g<FAGZQgmDj@uXVNCG0qT
z@JR;|##8QBYpm@MRIXH{`Q>LiTqfN~Nwk9y2VS7?E$x)ruhzq#`{Nkb0_e7cfIAqE
zW{aY*<i-8M&v1782j#+kE&ur!M8HII=tJH7beO=^L<hvHRV`~Q=-_C}UCQt$iz+iv
zcS?9+S#?#+kH5$ob^B!?-BuI)ksq+lZwNVXR`$k2yC5XKlH%T@Zw3O`dy^er+jxN(
z_p*=^QsDrP_J$24#Vi8RSAPPTqtz+xEJhZ*Kf@AolSWYn7-Qa8?`DHxfL0En!fgQ#
z!4TrTGVH68P9rr7Ab{M~l|Tn|t^)>v2c55Mdl!IX6mM4p5YT>vORYa>fL>bBm_iz|
zu|qanW{~_wD1ngX4H+;qs|Bi-YTM-@O8>K<#BM#_ru%tq+1@oo&iT*9$hb>!X<}>N
zv*wh6MWaF(q(mYzG{B3r?sF)g{fQ$ZVoL!490&a{UH*u`_!H?^Y7YyWdX(s0x(e)|
zfCJ*sm;ZR=0OJ0NFLTxN=(ilD>9BpsH1dL6XY-PB5G^6mec-Rv2%NYT!{n<SSA)oO
zrQM;zJ&1@S1B456cJA^8D8pFWLB<rRijy`gErdu45=XZ;EV4iGL6Zp}pBcLMu<R{F
zy7Ma^E3Ehq`a4EuAZ#T16;ai0qg;CibQucgV>Eq%V(89Sv)c{Yvqu&Z^T*2xZ*5Ef
zKIrv1Jj@a4j8w3@!^%ufKOA|9*m+R0F^~-B&#;6Pm*KX{Qhsfk&NvL8kH21$YdOm3
zKuc2)Id+%<`_l|L*&!ueJ#dGr1<b-w!sio>G-L0j=S{Aypsm_Z;HYs}W>e?q7R_L#
zbn*+gIOgwVOxFfKc=8E?e;h6QW>`Ah;TIp=jFFzZ8M0Sr%0c|ba16#u--bA40SKD)
z%55M_$#fHkREZGr@u`A0{PmL{G*O3~+K>P_<F9^3Ekg1D%B>WEp}P>o4uPh|Zc{sL
zdcvzJ<N{a$DvV|?UiDD4o@JBhX-n<LJOFaQ`4S=^^@Z=UAwpU`%c=DMgQOmuWy^ZN
zCSrx6{9R_H^Hd$uqC~9KzFh=YNx|PJ0IVkzu1ryv8cKi4FY`Rlq@6BOR5L8KHLN<t
z$RR<a2m~=B?Oq2f?*Nu;%~WQ`W0}tgM-!c5@BYH6VZ#?FTXxX6cFf95a*VWS)S>e}
z<2Bu+>!mwiDrNvk3?HT=Z$$JKGbDM7RQ)qz4ot?hYIVk*k$ehtuUp_5_?BuIWP{5-
z>|HRDoDHSW32End?YOAs9#b)57`J?;coB4Y?`)5?$IgF8C4L^j9D1j1;i;m=B-^}m
zXn<6eX)XHt<x3?@Qg(Xsj&m>zF9TvYbx>EQIKI;S0}%^4b5wchlm@5rV|h}qi{ucH
zGU_p)_?}wO%=i4Quugycf~6J6Y22}Vu>R$2V4$$FuRboGejPl@P7V|YMCP<EtHg50
zKe+2nHV5+liCFu0D|K6zZ4HHAD0wYYa$sng9-hD$oiT%7od7y^xtn1&NVqY}6xPRX
zbXSUDX#L2|HNYb7>`w9uHfS8i8=ibcAoSIla2}o|D&#Nf1tV*<5O^5(!ZWCBGYKmw
zhP^K=F^rhPrG=pzW#>wP;ahJPadk(kAOOGJ=<obKI?UsbVhWDmpjx7M1*KMnl1+f?
zzLc@QF|3d0VDW^)|DH77*}=0-vKMpvI>^LVUcGC@_h#QEBhb{XLxy|VTIsAih~h%c
zwa^lE6fxweh>G&;j+;BEYi@q7e|K^+zHIWTehA{Z4P~6OEQFXMugl;Ak+i7jfUjmv
zQdOBvG~bn!VSk_=oOW!0dY}19iNoQJ95nZNOdKgWG;EI>VxL|4b-~wCh%g@IZd0@Y
z*ZCT4152F!J@EV_-%@J|8(3M?Bm;mM%{3r(W94gSp?Skk>VXZ$%No?S6F(Y=#cDky
zAWXnx<pfRipQ4^pxAo7S(hRb1na{H-yP9C>4Iu1?2!fBarGclJ<i!j&6k13sud)PP
z#yM`789L%tnq)Kf`ywkD;;jBM<@$9S!;}XQT1Tm6)gN^c#1lQ??5yx!4qjfAHifuD
zW1ClIwKb?kD*WaXECE=hi|ev6%DP>vpo>`?`_;XLL~4WNnTvm-k3$1<<87{KR6ZlC
z8gf9|3{4Z+Zj&8N#?F5iyz=tS<ShuQTJpknJ-PbwN*X0mEamC&_r2=amM^w@gK~7x
zMi+KAboQ9rPSaNZ@&`9>)~N&*+A`7T8FRk+g79||?Uu)fE#<KKR!ND3t<;h49QJH#
zjtjIW^b5E9M9O@*!^oZ;!_=$%=fx>olI$qjKC`0{LW2_rj?^$zBah9Y_~fDJO$ZLy
zAHip(F`S7G{DK8FM3lGSB+j!q+Cl!rf+gQ|(yYv`rI*I@z+|!S@_QvumPIc2%n<r}
zK`aprman?%f4KH0RZRlA1UJ3EV2jNX@6i0|{joxM2Yl&zMMc26l4ifWf1@ls9+cN5
z#Dcxk>*ucrm)h{JY?gQWB99Lh6B{;l{s~87LSr#rB-Sd-?Es2qW<bcbk^VU%_j~GR
zfq8brKXHmrah$aF<t$)=NK5|SWEj=x1-sFd$PAtnA6_~?GOJ3y)4fKSdU?rzRbDbR
zy#Y;7+f{F`ey&#O5gFZGx@ZT4#X-e(zy90JKsb1e7f)(L)QpO|O8{gDcw9{RHD1A-
zNT5PZ^}goc4$KN7{AV@&hhT&tT~%F6!G8;m8ENFPxhUCRNyn{zhhb*fqw^Mz_G`f3
z*usf0%B8l6Hb~7~K=d6;MRp3GiIh#8nk93%a>v`dbdLnb6O^D0C!-)o^Tt3G*G2In
zQlLg6R@hUqzU#4tc#<FLlFAW^9YEuFF#?8S&g6l}97AX5iQSoZ%(l7v#eJvZD4i`f
zW8$NVU*i2UHyT$E&a6`AUBAk8vm_C?5O9>6;ujGk7i-OJF0*YAlQ#?urav<Hpd_M?
z&i;vM1MfM4w3vrAj`KWv)(ph^TIiq{SOrQ6tyBk;+C(Xf4%^$r`2!M{y1VAE6AIy>
zHB~{YO-SQ3i-R5>4*XGXZU+7CZ<qQvmJ}w-C5Mx2X84)vsg!i0XW4Hid@q#WJR6wA
zK96jK!M8Wd_qqFnKhAOq$V18{58^|<&JT<+lP8vELIcm>r@72{N}sBj0=YaDtGrCa
zVYQJ((0WScdi30X{=%%?VG|5f#~p1w!1lvWPzQ6|*Lf?W2<_b)dLYR%>XpF4$(0Y1
z-AvF)M;JwDX^^k?A&G0}E7aDJii?Q=lW+peghu~1I%gK~2DHRjhdYdhkr!T3K`8h`
zPfoI_IwC=-!m)#Iyz9ACt7j5g$LL^5Bng94@G?b^IL2S$8C}%g8{ypg?78TfPly_+
z)^Z^!$nFzJ1`2v;-JXSHjIDu}UxH2l&6dN_b1iy976h)&1+X$(LSvpZCv5#A-RFlC
z7UY`$98o)V{z`^yJ5AA~NB<Cc*V48tV6S23ZDQ@n?wQ!Um%baNv0hc@J~9$D`c?}}
zZ(3w7tBM6sO16j593P89Qf&3?B9q|=p3TTdyh{A7M$d6L*4{1m0M+akkOd|cXxd8-
z<K+jd19tUTW&JcwlM8*zSg-y%MeBKMqV`c8JYoKX?6%#LIVl5|6AowGJ+B8qN>WJ_
z8OeB%bY)5>Q!^B5%1lc>*?<tK>^n)k%gF{VrFY&vzzf8&a~-SoIupX|$s}G+YgtGs
zStU<*OejCa#lvq!g?z$e_ETGzVA9*T8$xcqD*}`<P?|7@6A<d|%v-leP7aivT+U*m
z#wW%MH2)Y-?hzTE)pOKH;hb~`%m1sCUZPy^i<(c56Q4+lWLax86f9mGbgSB!;P+T9
zjkwyb)V&v}ddkcR^&XN5wO|Q59)OC4I-nLD4(0k{C~1(FR7IIOoITyPc5Ywde1BZr
z>ZYsWk(}Q#j7}NMxtfuB5$2DQWlaJm975fWb?!@*I&%`@UM*ZMq$JGQ%G0`nb)}1R
zry5r6TLuXy%y(Yfk$Q%83-ez~UR5TLIV>!mirs89dJn`IeeQC_;O33s^481hCau=c
z4X)>jifA$zN;~)<lF|TvuyVO)m{f?_#jN#THbV(f|NPC6_KoIGwf8WdQ#lW(O=Tii
zDq>t4uLhU*&uS#JX+CfDD4>$&!Frlo%-!&P@kjMdtrZwJhY}3wit|n-&wMNcOP&P_
z<tr;3{935qyU@OeE%g0-xS%H``J7nwU)kQDrQ3P-TTon_BK;LCGP;Ni><Uk3B?wxb
z0G#C5@kk=-^QJpJ%OSv$>?bI}Yv}&<yT88rrkjzCv;XFiZ&?28d8ZGu3b#Cqr}_21
zzh3$)CjC_l6`~2unX`S{e|9_n<2Aqka?lwLfP>y2QuPE1!hd<qA3tC&2N1g6|JI<=
zKfLh3H3>9<*_P>c_J6-4B*_2IFSL!NEv=M;Lc-<e1m=>0+uHxW=4OCF4AP?J`Oj-%
z(1Wa1{I>01L7o4+i%;$;>(Firyf-}Po$!0@^k3HvesKK)pge+C%lZE4CZEsXgS-6v
z;Uw;#K%NX`K>#CPoVL51^*`XH-{0lZY54OxD~A6#k9*+BX#kmC-I;y%zwa0PH0T)s
znlJ99wV=uU|9!Eqj=^rEFEon(hu1+YJqUkZ=e?``Ki?;Mz_@yj7C--cB=)Zb3)&(=
z{Y*4YxLmDIlY@H!b0R7)9Fqu#uJCw<P<*JYfuxg35#|<=AJvEL`cjhr{&7CwY5*6n
zgEX8TW%^f)i=OjyB0qv#$jHkV`o$quPkW|NG8eyTZqRU_iOx7+`#ay7PV`<tkA7?M
zKKNvk2#t7s9j*@O10mHqIK1erpi*z4SAuld3=L_5n~5EA8L6!aA|?)KY`%^hl#t|T
z%Y&>DALKRzD2Nh8Rr-85!W&R;W7yzV#rM}o|MM#dRTwvfZFt$IOn0I@z7#;Cs{t@X
zNrluxvo?iZj(`uZ$=4SY8f=gh^g$0xZF`LL6dSmmBVt6oe>F61k#?ibwZra`;%|(C
zAA>NX7lKj3KHUd!KoIrbo_M=je*);E4wbA>KR?*i_1*3W*eQBaN;c3el{1iDQpB8i
zEwF_2{H%7+>wWATYcSnIiOh$*!1|>YAxCUQ11D?N8aX1VkfY7|TJ`Q>V>qQcL6Tp2
zUvVy0_`G4yR{xp<oNE+&y!5O1rd#udf1l*|+jV<P1oZH;iT1_)wMYpV2yRtQfT@JS
ze+oJGKjY5RP=YS>)VJp=UeLt71vnY+PKr}4c_tJtqNRxgHm{+>xNr*JfM1&)n1-dR
z<}59T;yJF|`x0*@nmz=0f$n)cwp_WL3N>O8|6!yQiM3`8jf)oo;UX0AYYWn@!i0^M
zJ*hYK0==t6%Gn@N_65k`LIB?jMOH+u(9#c*^G*XSOxr+H&`Wji<L}cO9QAB@2rk$t
zy*Lh(ioM%EzEdK;#}>)uXE(>*0jJ|25@aqwg0Zkrd1JF@S-m;!UVYRp%txH+yqj{S
zjeEJ(615p%BVMNB&Pl4nQ=jIjOSnI(A=S@`7$u(pv=E%?<@wwD_Y*g}lt9p%OODTa
zQ;rB?+^4g)5zkMw&J#G;RB$&<5@B}JcN%sg72IE++>A1y@4Yo;4f=qfoqgxB_6H(+
zj#1aVcj8Ln(+e*VS%ft1=>wH4jl8g&@VA0QP$QOEs*lM6lG$CN$_k{pH;FGL0R+2+
z41SPm@XKrOAC7I$&;=)2aQy7)Lu2)xWAtpx>!%o`PZ$b!p3AreN|^0B@R?>J1v8S8
zq<d)=CA6-l>DSPZCnUayzqtGU7<~}nE`jq<0(uVP6Cv)>7TLS@PWVP#s(Hk53WqaQ
z=BqG~TTdXQcykX;nq@!ST!DIt*Pio=Ek2eS>|rHRH-Y}yBFkKrqfAU|DsL2AZeu%8
zJS$*6vlO-iXlPjV%XN}gHfB|cTwo_Si~47-LA@*wJjlfa`RWfv;U+i;7&cThE(zW6
z(e@o%s}WvB0*X5iC-bmCI3X4DOe%4o?)eO$30bPF`#t?S3uf2Lt!T6waaU#LQO6ot
z4=#XAb-j0!z+auF|5(QJgG3l19$?EMYKPN@3uoU^^&*fEjdwchAdhUBuNgOMVY@K#
zYq$*l0E}}lJosk?{94_bIb%nD)27oAL#27Cz$s2K%#m5RyW|)P8{mC-_##KeI>0QM
z5J-%s#OrOpV2p;LHcE`X0o=`ZYbp_Z{DG?RnzSW%h!0!`>Ki4JZ3mtTS1r<%y;&BQ
zZIuq3%J-!+2#r|_@<T>Ni~wutp?O((!@6qtg{vb8+dPRC$YZP3n&^EA-bF1_he08A
zL`Xm1#_44rNwTCZ{Tdr_+N5nr1XDwj7pZ6%LYlFsHv~F`8(uvW9Hd#j`?x})Kkwo8
z0r7yHN+BziNuaLY;EKW;HaZ*#Fmz$@e7w+Lg=mUNMe;5@`}ALKEhb6XU!fYIZ5`Ld
zYAJ3!eoX1#wA_-aBp>HB5lKgAjJwfPVGoX0i9n7rH%(BA!JmGcDuJkkTU;${)M*z_
z29JN8hQ@Kk^mrskQo~Oo`Z@s@|LWcUejI*eFF-TnHC+8KEey4vCD{#1WV{AuV1uY>
z6BXC-dt=X#DkZ^J<Xcq|NH7oRD{JGvEHN%ZeX*M=UPt$b&73Fltw<Qq!?JTI-EUJX
zNV1(bG&eybuI?_lU`k1``{a4q{cl1hMnB2-PWNl(eJrA}5R5H7-F0x@H8t%_($(Uy
z;*~D7250;JND1>qyD{X9WeDNEP!;?`Qi<c`pLg-G-~~NW;chdvdF^AID12?eJjPX}
z9ecu<xZ<PV*o;<?EbT}nVSlO3=<zpQcB2doo&<|(U>t88L^$@8r-OZZ>q5q2nEW=A
zn8mp!BejZ#k!8%a?zN3mfT<3=D^I{xlabSlmwG#xGn*4VZYi2UI^y$JkCY}$?R@R~
z?>Wj7hahO9%j?F?bY-atyi=p+VM<1auAxrVbhjZ(M{2umb}YGik8nIMIT@Nz`HToU
z-3X7?ms0W(l=q9ZodlOAEfeg<x$_<fh6a-Z0oN+Lbbk*V*hOPM<ol~3&|0K~vpW@w
znmBM|+&@?th=d2Q`R%DWeZ3aNnn_|@?V2@}+*kA)a=CjFW@D8DuE@U5#(7aMSiSSh
zQzoX@bN{Gg&Mi>=^4eC6HB199SmN=3_F>htIWgTEAw}TqO*&VR*-GR|?>tG{-CfVd
zQ$J-%Wjt|YAi<;-v42{>Xfz1O{GkB$<tm;e&Wg4OB8(oEZSKIANW!2mZc*N1(M+~A
zf7MX`H(^tDr;M^u%MhzfYm=OU>G?QjB2mv&{@j9-UV!x1LB7E>{E&#d#cjGrkkmf`
zp=~;9P6;FYcXbZSx+QWQOBrzd@xXS{u$!l|Wfj36QwBxyF@hCf$<QvQFpSCT$k}XC
zjQaW!So~goX#}29x>1fBGcQl=J<eIh*{OE4A99IAzw(nEcj@+RaqmP~E$KeFdDKd1
zI`LqkSC;h=tCJH#g*2<8$%igaX)X)s;b#fF>D^)gY7-6udY|at`<i#j=J1(@V#I0I
zEL_nYveUUW1PgIDGBAWUt8;Evx%N`)S8mmQrXeS8w4P@^I-QVV2OQa}R>I><$C_&7
zADs!m*R79zu!BlEL&+0Xq;@%D#M_5&e9c76v3uie>*HrqH&OdbGY5kSs2~#?_@CPk
zh|&UwAfyG^PGOECQg7m|IBu?S12z?HD)+{HcjAPy?Zih1vfs$jW*^hX!<f6*>?Y)>
zG)MrnD)0Z>C%?rmUx1~T)cU29CHH_XrUR}3eL8o#*WA>p1?TjRSnN^B&E5HQTH&5}
zqcYD2UYpZ^vre<-?mhE7X8(QQ2=^n?+NRqvuh)AipSZod{Jq2j)f3)}_Y{_H{nQs(
zx>o%*KWFJ1?)lu0<TJ(c%jUhRvWpJ#Ds?L@O|u6!!j0hr8X?b9J}g^0fm_$X?JaPK
z?(ywEhL7~-0W-2)>J;v+TUd&J9oL@Q|MgP&J|W?kHa0=)=L_-gOqB<Xr%yl2Hg)sq
zpSWl58(#@1%%1u&pR>%!BynRePePl|nsaUm6AG&(FHLy;HRZ#k%H5CqtizsXCB>^m
z7V6G>D58Dq#xmfgBX()`wgH<0i@L?<*q?m_Y%{##`Ls-XO=t47Z*%SHfJ4=WJG{e+
zHXghSy85$Ddfnu*z=iI{71~Fhp5eMu&&ag==c~u*+vl8#eRoIm$|<gQn|K&+)HvQq
zs$ck=t?lyL6)$EmzAQo-ZiP?QLo3z*LB^(CqMUD*)rOZBOs_ln#RfQ;`RGDt%>Lzn
z46hnzFA{WE2b`eIRm{{r`)}>JT;&bk$``zwBvjY0-hB0l;px2iRNzp>Q|-@p81hrE
z#JIuR=~%mvjadQ-6-R-~S2d<(<^k{7lmM2MreAJt*yYi@XUg_vQ5wlF%vz>ROI_#j
zEU)y<bjEwH0=5tuOwiIiaAWu0DpB*0WYzG%_u|SYyv>S%yER_@-L_2HqhQ{qODs#W
zi_Y9FseQSa@m|Ow#0V)4x2`a5Y@4)mHk05L-_8A(Gq--cvBoUykrnPN0`Fa~(gSu5
zU$uQhFO)Dll~=leLlsepWvUqM8+5(EL#}|Gt-BX+oZ5mE%#Bfkz@ESMnRNsQN<>zG
zmg}vOzSWGo+J>bMZD1chyY=Q&jR4a|(29e?$Le8gg{NZ~4?+r{6~&B6c1P;8Zm0bQ
zcJ9(bfJepy$HZ<4&M+#Cs(63cAGCxaJH2(CD~>3Dgy;e{77pO}UT)`ws(oQoU)^WO
zUwR|P1FsfPZ~(XLd7E6{w=<jY0wOKYc}77wdRR{%LW#92`wskPo-<Lw&rwt0KLZeW
My85}Sb4q9e0PJO0T>t<8

diff --git a/docs/multitenant/ords-based/images/K8S_SECURE3.png b/docs/multitenant/ords-based/images/K8S_SECURE3.png
deleted file mode 100644
index b70123c12a2035af0533c17eaff662d2f11acb01..0000000000000000000000000000000000000000
GIT binary patch
literal 0
HcmV?d00001

literal 130498
zcmeFZXH-*Nw>AuDL_q`<M2doin+^&J(m@17dJ8r5&;!zIs47ZVq_-fw_Zq4QBE5GA
zNQXdZA&^kM&2!Fk&Kci(ZtwB_e;FfWv-e(W?KRijvs~9)d{R}GqadRvBO)TAkbnJ3
zors9km57Ms=;{^Vj9o+#6%i5HthKbXs=Tx`v#OJWg|!`&i0JjFm^e~RjmbNb81Hoo
zl501kZh76#ye;`=EnR_B?V3Du`j2=jO}pId5%W5#H;JK=q_3zM?-A3Ho3;vE)hVUy
zL?FU~KnxuF{wnba&1dJEX@$|q@n3a0Gg$jEPa@U8x?A#B6hX`y$t>YJIMa@H)+dfC
z#CLLmo=BeYsQhIT987xYRrYvuH&TQsQO7|~`3D|{IxooG1M%G_QhoUSmk%B9?FH~F
zqrJyNTtupJH<7L7T)!@(UdHptkiGJF8>o?Uw11gZg)dQf{Wi@)c<BQo5571~C6K>e
z_(Z~FgXZHKLX0N1PmLbSzMwU6PmSu9yZeiL#oU4?Vcz7O(oMf>MAX9H3zwRID4yz{
zn9KO^2x_%zz?I16<Q_+xztuiTliP1*;g=RqX}hadu1Zf8P<VamWILPpntJIAp=Wl9
zGAHuq@^`u}ealH;-B*sc5FclKT_*VGnMb0=D_=&LWG>~AXXNHhpNF|1x6(Uf9%3z2
z__c+jwNvjGm6C%PWlk7PG||s2Lrq`i=*Hfsd$zb(RI0FiGXxJZ^(#qe@C}*chx)B+
z|4>8s-jW5ed9C)1@KRM+ns)uBuG$5OH}Q)PlKIKU#yyOC{K#N|w{u5(0y_CQq*1rC
zO{hZ9!106iOv{e-74a6@%a54;x=LEza&3ah(qA))MJM(7U>NS!FS0x~t@w8HM}o>N
zOCLSK&hgb_)zw6bGpIbd-@UWHystgo;TJfQB|`VyeB{^>d&oeP<8}$*<l15J<p$B{
zJ^wL}RD(n@sI-cY3DM1CBg7>N#HH*0?4_?ZoG%x*+|GMJ^)7&oit-NeeX2l3W>9wv
zN9m2FpqHf-Xp$@h37V9&_2%2_&jK{&8EY>W2PnT~5G86fCTbvhG=J}I5c5@1HD>xu
z;`NuZQ6O{jGG_NqTCxuh5gu&U-n{=2#i$2@`IDtT%%#qMXOqs99z7tmMm7SP4Z<TH
ztUW)tCfjNrf5Wz|W5*yKRI$MPg3R!0&Ub|c#ut=xBylZTJ0`U^#Yv5V9NHRp$UUe*
zs*kBJWd)bNDpQ@yeWFRi0b-FUlA=L`sA=VTX_DvPbG<zpN-qn4Wj6Ti*=^V-HyKhy
z#-Qkd`T_lcg$p~Lx&9`c7=C*;_`Z~1yXq6YyX0ZyAA&x$WtzsC>^*Idx9PdoBhv%x
zAzHb2ClqR|RH{5dWG5;>fxLyJL()$B!`j_U2xS>B7?m$s1~|99U#P9+G7z_?+<vmn
zRm>phPw;15aNVu;knkZf3^R)4?O^(z*6O~Pw(#?+X5h`%_f)d;x4~4^w{B4BT@}1~
z>D|+BWP|V4WWye2-yFZG@DckX^hfXy!N<4c)0PwyRc?KDl4r@x$n4G(ACfEQm`p}1
zDL?N1rQi8{3A`t^$3XVpRB<=+v1&P+K3mn-{jWd2Qoeb{!pRbG%gDM&JwZJ~y=F)O
z8d(0BPv7&iQ-o95p5rn@SDPluX#9rKvii7ccP?w5*oYcUVo3O#_&3>I7BSKs+L~9i
z9P>N!oAP}|MMqEbSG5S%Y>C9ZNgWw5#61KglVYIE<+gBesw{6NQ@Z<r+=%8Vden3z
zwjd@i1-uDG-0ir2<55sqjANK%@UC_2A=e>SYoSubhNWx2SBbd(tOf*Oh?qn8>Yqkm
z(P-0t1TjO(Mt3|?s?4ri@#%#o5}xte-008lcT4F_f;=Hipb2`Vv31~gV{eL1^~S4Y
zt6VEjt5~MIEBkFJH=nqOx(>OxZ6puU4P~v@Z-%(IZ={aG`!vnU6X<$wt$<cOrp6lj
zry7)~mq<G(qFzbp`8E0mojtnrjkue+-8e@osr6%evB}2;jyB;og6!o-v7ZO5YSfT}
z-e$KKbr!=rlsba`+W3nxnlV~9IyjqJgK{`4TPwS!r__S0!lk0oB4wqtE~svxq37fS
z$Zo;vLHUI3;B!*`pPmsO%A?8m70Owr`KHVJ%KJl1XzZ%y@_%hC8?@D3bFS%!r4dG_
zT7}#2{@6<lT1k>gSOIQ<5?C+Hvl?1mgJyH{b+g?{+%lZhpCCu$CQ+^kp?5FrT&$dr
zey=UDxfZ%JI`O%@apG{_Fd5WcDC{ll?z?NryIR$klPppHqTalY(fPP-bm;jkHfnQT
zG}<%JlXL}(Tt_<2a?E<oCTz=ZqmVeSHP5$V`J$;F^d5U+1!8Gsy%W~xHguffn4x;f
zZ9_~Wq(R%e29NMLfs^?N`)I*4;0kai!a5-fKYAQ~Byv=8;6TxG`7+3ka&5uN*&|u6
z?=?bWexrq4Y6;Pa7(%eNuCxx#$5Op`{KQ<YvrRQa)zM1h?$yP2TUWiQ?Qb<bJ6S!R
zI9}NAUXchd{iH)Pcwau$fYFm}5As!eWGt6-Fne%st@`eA{EzslcwCuynM_%uqw^y8
zCnR({jJ92nb^ey=t^C`vv`0J>RmRMN51vZw_PvaL-%V?%n_0(ZHn`s26<QY>$!hY&
zH2MY$eC2~<L2bsb<fXl(o2h~hf*24gx;a|n@!Q+f*HW`;v#7JKXV+(KzrJ_N>uTux
zwucUCd23pFl6o>zgoDz9#Dm?iiLeifJ{IaL@@4riAU-Ca`o1hH)IYxS#YY~a9+!oT
zjd&fDIm-9CT6HX0M(#@1rjy38;9ip*4qc9>>^6<PXH;Bn&~Sn$+owqai+1mJADggv
zu{c1dIU2P#!Pp{;l465PMe>Hj)nmr6xv2ny^O>N{kDEi|r{!~A@IibHgQ;NUlJ)BH
z3f6D&TnW;o-t?^5GGntN#9<H>(zG>UUSr*#T>?4@EO<ZmzWsfg;J$#-Y2OO+3#Owc
z({6oYqt+EAfEL)T7MT{SX5vz3?_%FT-7L>=WOcS|?W;lF!PKkU85xu%)#^7PYaZ8T
zdPXj!!o0=f$P^snJY$}JwT*G$@N151uJKM=ZNigng?tZDL4`Io>#rM4>Oc*&8kmq0
z-si)Yo{~=a8K0`^7wJNDPP1eUhP|Kso`0{GGc_fx7hFBo>bh5--u5Y2B=U&Sy11sW
z#LoB`^?i`svRvAE{J~<1nbgmzh>D2ubMpg@<7-o&0%da@WfosYm*&+7HPvmJ&;P2v
zGah?eLjTmj`3**M(z<F`zn`jqDTPiV$=R(^Ye?9K2W#Lr{kxiUb+Hds|K$AT&vry;
z9Pcqi7}aMl;XS#vm&eJYt!xN|!0J~#igxSUu(z9EoH%`JE6dpZFdV+3yxJFA><O`~
z7pw1|J*e|szq2}4HJx6A+<t|sn~t6s_Kx#&-!bfH)W%g{BE>r4A3b$;KH_ta%ElJ+
zje31yYp!Uq+0|k9Q~9N6($j`B+U8%r1kotm*S*T4gzbtcsp(b?X<zA-ep*o`j|ZMl
z1(MH^U6^HFC8M*0;8mt^x!<x^4CRf&o99ks7nOST2{o{cg^WlPw28snXh&+Xtu?YR
zax2YLLX1KGkPcV36gn9fTOwt|6k!<=sZguFy~O7Kl3H1wc;1zQkLl+n$<53DwZ=A0
zsnk{*DaKz~{C?-r`KU7z=k8u+zS8>9fT)Yrg6dVwP5l?&)KZD6D>T-cU&WeQiqM3P
zybJrQeR0tt>iDMRm6o{F-QBY6-Cf?%*JZfRLMyW)1`-cO+B%aI?~8nYaP%NWJjLjN
z2LHK{*U2i`UmT^R=LYAOT`FmZ-qj7q0`V>wsv~cqq(sC49A70O4z?z`3>*;yA9~<J
zM0DxP2O?77`xfwdg&_I&RZ>^PrGFoj99`Tfr6DaZ4}5EwIYFWJ&Q=aCfonv-72<Jg
zO&u2<B}HK~2N;iuxq~T`#{>5Eq6v|xhcIvmgSwb7d%*1MorOKb9{%eNVc_`UH19*^
zf8F9@EA~)FNtIdJ!3oMN!1ILX$wP56W@ctlCvyv7^;fe0*&O&w?4gy5%UfYyUUzqQ
z9(R5o2PaG3r$RzPyifRe`S`ejJGh-a?OjYfxb2-E{YNMN?&lTM+04oMt&6pTJ@ZAs
zCZ-OqE@BTKUJUeKKmYNZP!H?>9?9PMKc@vukoV#W?^B*9y#LiV&{Xu|tgx!J2h>jY
zl{E|y4={$fpuiK+f8GCoT>0-2|3^!m|8DtI=!ww(Z2CVg{r{V4IYXVK9bmwiF5>^a
zH2>N7e_s60hN8R|Q~w{L_zyY%>ntE>aWYZf|5`M0vQul}uS7(WMDnksG(CvXv!ot0
z?f9R&v{xI0)U$%v*hmBlCm8Nfqm8A?jO${XL&j}?&Sg!2I0aNC^G%6CG+)2@M-7M!
z*<K|++h>^YaC*Ti#QONbvIy>z&}2$V$}t)}x4IyPvHLtSGLj-IMMQj=O7f4tI-^Ns
z_RUMys7bCe`xE`~mp?6YZuhG{cXx4huarn?R@BFFjsB0_T?{6v8YlD*qXM@rnGgro
zdmjBBc>Yhbk@QFKIRA0J|9bq+Hj>M(`#bHw-i!-mqf39p{E97yTY_(_-o5<$j!vC*
zQtt`tWOe5DM}p3cKhL+*fO!RBKa_8-P>Z8v*cnfBDH7Nc8}8_vj<?r8Vu}niG@W*0
z?u_4=U)s@_?B5rheCoiuT_%PU<U-Z<-nt)eM`ratc3&dVmiMIc`$Mb})>pUo*N0vM
zTCdjzX&F^WyEXxlvy{gL2Se9w34@}X`$w9aLT5}UH@Cz>r8)a+DkpVvX{f}~p-9iO
z#3E~gOYiM^l{W;Dso<Gpra^qvc(vg6^Wki6l|I|qH{(no$Nn?ph*1x*UwtR$sWE;h
zD&G4wG3y)VIHq)Gp*ipMlurfd1DpkBFl#^nH&N#;T`80=aQjST@|M@hIwtfTt;NJ5
zinsSbfu`(0tkTFUJKVXy8qGl|aZ>7vnVY@uF&|Kw)-O)rLMHaBi!8vsRuU}HIcdIK
zl|@KQlgO~J=HCmHxtaX&kLUikWVVJLgl?tDE*CkiPf%{{?!Q6ee$ay(bUxQA$HjCN
z*~C<z-P^EO9;l7TGc2yXH;E{O3&B%d#hfJk&?_(zgBG{OMqgi;$ZE^p&FQ34tBPJo
zwCU=zqPvcMV1aEH`8qjl3QUj*Jn36sT;}jn>L|$YY+7%W%S^^8b#{c5Q}2f`rGb^1
z8}7ka+0x3%$0`*<{al1kl-21JFQ<|QCw4nXY&?@iAKjVirynfMp*zY~Cc*T(>_%gA
zg%hugDFuvQ&xkKEgY`ML1Ilo=lPRB9+hA|fN59_WGghcsxpIXowki0q8)c-XAL{p0
zd3+vLGiy<0J05X9&nWz`L4^}sSh||(-KSS+WkSQD*_mE3#P#<t)3G%3iXucJ+3A`a
zW<d)*RzfSsINM@vTV&Fo06vXr-dbmhBM8G#N_^7|v-G$Gs9(wJ>I~GIN<TNt8gcxr
zIsql9;3LM(P^hR8!)qW=IwkL6k_b6pCYdgE9WO7Y#irRx^vqfnq2iZ=9yXN|BKcmH
z;7yyb1hW{H;wc-INZkc@$nLSvCV{|V`@8(p?bI~;)11P?=^Et6N%*5X`gOFHItAmF
z3HWrgMQ(^bxD1zFtR!N$hT24b6owXpk8impklW{r@>|sXS{99K_3rftxvf%mZ;hg~
zr~N+g>?OG4uAh(Zwf!n6>gPq4+q(9g@%ER#v&_+Du&g$helz9yT_P;Cq7|IET}hY*
zt4xp9+ORV?Dm~)V5{18VA6?Om4&@_@fr^=qdHIEv6J=m!CO<auZpWuCx=&`Ouq{dd
zT%my#AtMI4_>-6(Sr+Xlq)A0vHcI@wqJml`3^ypb;p__<6PRqPGpFj9`gZrF_Mcfv
zys#{6eiXiZDqm0(npDD(*q=xsD=u;0uL(***2g;exy}^Zp5RM3w^|+Ij*bhr5}AZ~
z*qBrxTdP)UGmWs$hr^B>8ga1Qgd9H}CFNCtZtiCIdd|L2O5|*^@cd{q_d=cZ7`6Z;
z9;7*rKT}h1>kV4XITjeJyN>qgwy|8#PFeR=SEF(ocuoQF_Zvrj4%6h-OMBQWF$vk(
zHSkk}(>}Se?ND{kix(pDHXz)w{{v#J?v|~r&p>v>DF3&RZIRWXK`4{M6#QP0WqfQx
zU+xH-(G1?mV0@0Tc}U;3X{#QUJt=Q5-lN+%Dna>@P<;4|(k11&+_O6g9}YQRSi1G1
z5RI>!S(TI5g7Uh)o}Ljfuoi#fCcS3gQ!aM)UxuE`H2S5+0ZJ*tqp5ypo*IpV8FB<+
z{c5{1_c_m>UI%LnHRs2x#f4`mzw_BtuMKwZlii<NjkvjruV2^tD-bH9`C1iSF`Uy=
zRkpD0nK}WFoq6N9yvPOJhD7&AvSB-`p6gk0cKCz!rnBGep<BywMu%{9R2(k~d#+?1
zzDxYK9x%X%naW6YoMP>>hV4`ixxiHJ4@hf^ahQgI|N4qU+++!aehQsLS!p8AfUb}j
zpBPZ4=<TAekRN|uehJ45t%4YPnE$@wH$gf)KFu)f#w~LaM6Ni-mSpT#YuDU;g|}Kw
zd!%AXB<YxII4KxS78T*tT0knxTOqzWQr%_~dkA}s%pIb$zc%3&6Egk0s9;K#_Htsm
z$j)AOxjDlYi5S0uUx%T3zc8iVQl#e`ccdsbt*CnMFvxBPibXrp`s+4`!=p?Hhg$+x
z1I*K9X2I}N?09T)gXI%Bx=+ouL<xcV989%D7>c6&qyFJL4u{RFMM`A~A9%}nxH+et
zEk`R^BT*=Om$WqTir6A0<tl5=b4anrr|v!dO5Y@F#jZmJZ<$L9jWu=8r%N&$&wtXR
z3^UIa4a+BainJ{vAvtwn8;@*qP`<~s<b}$|mlf(ZjTt7&Qd0=)K1?2AW3=42y)*dF
z7pG*ak0XM(tX;iw2BPn{vbP%5`j27l8}w3zD}V4wDBBtgHtClBG9m|^HM_2!^*~=1
zT#s++NCb1&jqfjpqrkfDU)s5_=ZTZJ?J3m8ik%0YpnWns)idW6Me;!Pbk}d;%Vcrv
zVq?81+zjpIdJ01;)-i4~vSJAli-Z^+!;vquLaPu|=Qe%aX6SYD*<^2<?=}o?9mS@9
z+r_BCS4$zznyX1jx1=K1Y3bGNMpiTi-!L)~d>h|iK~TxH4<6%!qH6ay6mD~*DMHMG
zHK(Djqn%lY&Z}3dw<SoY8(gQ+GJ-hQqBI8N_ieGJM3@^c{$(lI>)<$(whxopN=bG-
z@lS7FGMSx1TRP7sa~~f(L!MN49u||IrRg*`Y-v~5VvI6Z1GX_%@DLZ?%zA<YU>HyL
z&5yFML))1B8~O3uhQd?5`{MT3-o|LsQo+4`+lUk!*6loyIT1NX81!s;ndIUstx$)o
z)8fz_f&MO0!d<s5H_H16duLw=Nq^_P!ZKk;JAgrxU}2jvu9H2zvsL*PMRQ4J3-EDT
zt<=Qwj<FfHC|DCR0lwYT^2B;QwzBL)b;`YcK`YF(LvvNYCDQCuF1^amJ3IzfZNZc^
z4ED9H+x43~Nl(pWr>cy~%|C@R3Jvkp&Xb_tZOpn1E4lr==YHf39m<r?_Ri7FQ$K7z
zKkYAW!rP!?IdB+2?;3Vxn;`@mst8Ss-o#~`QmW`=)5)Gffo9&9dv9BavyFEp&e3?j
zcM<x{zKuotalUkfGP9pkT`~4rAH6Zy)w7fRet60Q=?@cSKksk$!w&}Kk~Y--KHBYc
zAaNvhRj6h8`qR(=)pzV<QeXHI^fsy9e@lcXeyF>#yDFP-l1}av>#QJ9@YOxwS&eWB
zWSb=22#Hp046UvvKfJGA_HJFQux+Ngn=;SpQg%_9cVzDGAd_p`{;Vn`)@dil4g%;P
zR&a%YYgZyZ-AZ%1N&Ya7JXzdVuju1pP0b`~r0=O~cfD1=vWB`zbMx5LC7!!rj`WYC
zd74A^u2N$=>V-N_(^#^(syf0Mrh#~g!LXepmczpG8M}i~T?-Iyc^+Qb^jJ%U%`SJi
zn(V)+ZYFn&QD(DYfuOJ=dTPxAq8_<L6JIwfgeBe*W5U@7`PpX+lzLe>F=}6*<n3OO
zq3cD}5lt@UjPH$q^Teu;Ef2gAu#&|S!Bvf#NqcoHaaF~3t~0J*JR>!1-)+w=?g#L!
zVJ93%(fC>71H?<N{fziWb$z{&H!B1tB6$X|^G^wruWJmdx_*9QNLiTckG#DRSD}*9
zx@E-cM7&WXP%#}KMLX=v<g?S7jSB@A>J0i4wrVQFnh`H6%dAr2&N6VM{lqOoH#AJb
zYol1`I6f&!<%J+LPCSEakNe!Pn=oVGpqiCwlz8H(or5ttzmmWG!lJ*f;25t<5O%Be
zUfqV-8>S4s)t)a$B4wHCdJJO(Aq?ZSytLO{a9^s&3k-(3>ItewrM06~c}@mFPGdvx
zr!U73u8()9(<W2!lHT_~G-Ai}|B3`c*Z~3i6T#bH*O<?#9ts*sV^w7-O9m2div=fW
zqink|D_J@$`^ky59}?PY<gP%+WB?nd6{>_N)CJEeXxA4W^UgF3!gG0(UEZ1vozgi7
z<*5mYpx}cGqmG>D`?Lq!OH&knAKFK<k-H(t<0s!|^=)UcV_hJ<RIlL<&2yHJfu<T)
zH_rO!RZsT?YLCl$zKmxbp|@YJ{)#wesMIe2a~Bvj`%bA$mP27(U)kN3KFi_jj2b)~
zZKtbYs<Y?f*bxo*Y4aJryDN^@0r)QHj~}%JnKB62Sq*0^?Gx*QbTAG3%6`c!Lj+7S
zrkVNekUZ<;O*zKT#k2F2(516e97_CkAyElQy-cXAANb18^_svgvb*OyZIovf_{@1n
zpd0v=l5&rjQ^4c=9B4ZV``esRvWe>BmQi=xhi^pdy`<We-m|wlq~slmhsk&<ir%c7
zo~>%qKCAx)D*PTg$3keIQSzl*=BJOXsxY8}9-zYyW2W840%%~})hRp$gCINixS@84
zaR=xT4MNjerybe~Y6mHAzsS$ma?*`*IH~4T;GLj3;n_TVAE#7YaxLM9cjea{lIwuB
zrS%(z9xDIb)YGcQK`b(3y~L)W9bL=~&s?Ocbh@gykg;=Gu{Our7E`&ISa7qGBa#p$
zcBwsm>)!9cinJaTrnkdq$Pc{bbI3U7F%)~qN&Pna1ohW)mXH_wenDZahX`K%6s-i8
zakKti(9g@w80P?-JWp;OvxTZ@3R7G?;>ehGo=MCyBV{!6+dcKXckKGLZh7Ct*_vwh
z7hl9ZubYp^9{ZlqxZUKhI>+sa6tG)gcy2p(bbSjpZIE54kJoBVANVq;Q(cSrR);vz
zq<uU()X1S1h-@UME_Pq7%dSGQzFhf8awMfDP_lkB%Q7@GT8!17#X8|8M`+G1JdNBv
zw7l&%gqs^2C~zP$kYCkT=gC{=$}S*mw7b!!6^wLs%mHd)gD%i6ant=F!}Z|7skal8
zo5B@Nk=nfOmge2u(-UuKi5++le^xg2jSf1JGvG|R-|yf|cOqr{yi$2>b+4~7+WRkS
zp)DL_Y*Pt|a=xd>8rz>yY-3(h%Z2xw;al!SDVMMQ>}b|>_@;k0l|`=aT0>p&W=C-Z
zBW^iX$zg(FxG&<6p|u&k7Pz3lHBrC3WrfR%v0@QfaTsu`u;?vx-5j%)(A#+N{Q2m?
z`&g^2H!+ZYmr+jL^2`_>$kh2Wn~~11plO8ErOmlU<Y=MpFsV<P$M0)t(CI2$Z4umz
zGknDzGuL=p-uJoB5lBm?SmF#!;|#s>`iaK&`n&E>^6JSyXjt>rQWad&ND_egL>(_h
zs|chRosP!2%=zs1?noaq{Czkn${XeRj;D*N(q|`$XVLL+dpStOv2`+r=TTAjO|7jf
zwDY=)Bsv8_VXtUwrtXy-&;{kxUT<afJNv2Z-o2GNSR06S#KgnY>fWK;^KEnD$dzGg
z_&iQbo%`=<M`BZ2jlFi3wNw2WrZ^^W`xVzh+nO*PQ}XdMh9!K>P-+^F)9TtPi3*3F
zaGmz+zuv0qOU;6d^b$x&fH%F_bz_8mB4*ni8N@NE!jp6`YNV~JO*<d1`89x^8a~q`
z@)A;}8F>0TFpYyp92Nu-$nWAM7u4shdF4bIr{<k%Yt%ht<5%f)7(g>q{OxdL8+W%L
zHP&}a2$tgN*xH0()88ke?KyFAm(7{eo*IU_rmhrARW`BRK6vgfR{6NH%RBlT@1=Xm
zIq~H5l+N7{qxHFS`mZ{xa?^MyEVtY0q&4Bb8nUv=d3*yLcRckADqMixI*A(mn81Mc
zqCH?3t4pVB>AR+{u7@F@$BL3D&26qt3cGGxZrf?j2$zxCkH+`cnB3c#N-1uJkaF)}
zy^+j|1(u_Gt6X{4VYGG>#W{9Cb!TM-If^}DA;p{6jM%A@=|sJ6-D@L+2(7PM(<9I(
ziTPNI?Ugz2BBx}+UOR!Ow0QZWR(&0`C%D#IVC)+&pUe7CJGCToIac4Nh3jBqRNrmF
ztdHL#r#QPR)}vS>y;g=lWGu&Ozdwz4N#SbxDrI9_<tey^@qqI-c=B$IB0+vT;ikhN
z5~*K@bG2phXPs#r$Ds8DX5b4y;-V~dWVd*n#+SbL)9Se6+OHHTtD?j<E71+9pYB1x
zCvx^N{v27i4`xFuS6d`$Kl;v>hPcIbUl-r-=Q}JQC&NsfhFz7=cI!dy2uPpX4`qJp
zchVXF_e*l;FzN*s>W&V7=_E_Gu{MLxHF#E7%Ug0!7H*A0+*2s2cp>#8&A~Ok@S5*!
zLaP(Ut7#5h-+K$$t`_i)TIE4OHrj;~SaAoe!eqmO%w)?(8a{(5CF9knTh;|!Yr4hI
zEHfc@kLi=}zjXyIO?O_WdC|%_P%|?w1ZrD0eqM_do`z0FIAI34vA<nxmjdsQ)}red
z$P(+E>d7^=e68!1Trp4>xUmwl9vj}cT_EG;Q8Xm}R={)J!h7}PlFzIgPc)9c=D_|K
zfEF%|cL>l%;kUc4_!?E7=k^BAAZ>UZF`@7|kQpDR7w_AjDyzER$@vREbiZu;0iB4|
zl70JH?JYtk^p3AWcPzK`Vdi<RVz&b1!+Z{phuh)v@F7gtj<zjsyZ^ivS8J0nF+TI9
z{5j;WEW8>DN`HTgq?iM?@wH5z=Y>nBZN<rvid#UcC8Tu2p7!9ACiN?&hU)Yb!Y?21
zow%5>5$M%E7X@`c7kd~J8>N^<E_rq8fM2TEM&QOL2KBAMjDjQPSQ5X_c&B1-_jQ@=
z`dH_2t?|VtIKye3H=*=dTjFstr#)+sgoxdq$Zi8;ZOomqTI#pk;^t*=Piu(ZRAUMg
z2ALH~>FZG4h!)kZpWpDT>Y6ZlKGe*LMFid0TOArI`TVA`Y(~(jtjZZPD3&1)5-F4N
z<ivHkY)U|@W>;cy;&tbuwhQGw4E4~$+cQ3+P7NH`u6k&bQHnKbEx|g4@UYDTcQ$P$
zGrq><9xm~=RkpFlH3}Kqi|=v5lyTd7jc;yklhX+LRt?NG7{_VJ#Vv^W;KX!$docpr
zV#t))@}31uTZCJa@f>Fczq)4^yljyV$20q-U$LTX);rD5DB3ixj+dCtKX3W-BQeUa
zEcf$NY$S$GLS5#J_178?z=Zm<(?MqeSdD!!Sdnn+wW{FJX%P7u>%kHK(QwFD9vcal
zLd-e18Y5JEp13Jj%bTF+LcHO?GX<qPyRKl{0)K5gEJn^z%aVpfBJk(;jApgz)|%da
zBNWBjdIu3qe<-kO;{?*-7<5y-Q<t1GYz?hs--ley@|G3dUilflEkt7|T+h;pb33~N
zJ48?NL%{a?E4^DGoW-S?nUB5qez7Wb^KKgIRN0Kvk_Ijw=qosFrVMxe;MT|vi{aGn
zBXx{fKI>p`m^j*9gl&!$osr)pTd}$3U6rS31Z_5Qn}nwK%A6J|?t;kg9I>Rwyr0gH
zqXaNGC`oYKu!_Vi{&33{09Ff8S)K*FOICT7Sb1X86#W1w*&mQWCB(<>&Ms!sXJ-pm
zpT>)}Su2*+`E7NHxwuF5*vT>NJ%wA>c*rZi==as6ciU^umr9@4ok7adG3cJcaP&-b
z7dJK^-N?+K3qvj>#hMha%(WG4Z5pgNb78J(9d2#(P8SyI`;Jp^+o*kTl8KYg-3^X?
z4IlJ{Zfs0(>{JP|@b*x$NEN@W)|(O;a+)lQ;7u)CtADNMTTV^LKyg>?@#K~mpVlvF
zPWMALli7sR_$0bt>4b=i^yQRsPe++PpAm6u6U(5J+0>{!rnQyeY<kv~?P_gKT08Fv
z4sCi{HU^2LUw&imLD@chM(^IN<%aX9{KkdBB3J!aR<GdD<TckLdW(VZnHH}vrF&{c
z2c-d7#^k}jUt@g-Rv;9@Th)77WuZeGr`=>^oKy_d+>wQ0h9H}&WOr~#tSOjEC}WXE
zajY(=&@{#JXT-fG6=4A%y4}KqAhSQ@ny>&n%8ivnqH?Du2TO<23WMw&=^~EfWmDSv
z!U2ckKGALg&eh*{FMqoxx)bhgSwz0!=78iZ;MWtYw&dAKB7FN$uFqK;wi?M(9Cu7S
z@{tXZ6=4KGX&SNBBspCjjc54HBGdMeo0}Ck|27~YzU(B2P`%<RgZu%#qwErZXq#2f
z(d&v0l(Z-3GE6gVH<&N{pwE+3?oQGzU{~==p{91ZzFYsL&f)P~mBCTOm`Ijof9lqy
zx+)uJQ!;$vw&{<*r-+uCB-1H2R>YrMzWPV{<u~mFk~Xu$Pdwu9seu3L<fF7d!k$q_
zQ|7<U{9Pj_ec(>}P-pRfB#D@B0DO|8u^P=EWcMG7+X(~itmE!G{`<B5&&LUParx>-
zM}UmhKaXAmy1KDa{bE)6AE)%2iaD2o^p4ieznk;FA1h$y4s&kO^zUTKf1J|)6X^dF
z=s&0v^Z$*8zW$iO11KmWimVWV99!v2u~mrUsk%VyiAfoafyCn%IDBimhTwbwA6DDX
zZuF})`@%T^2B12XRo#q!{9t{!$o$tAaEYN<0R&l1!`<a>_)xcu;t!haWCXnG+eyx{
zm&+gT0QjWtYF`Sx)cIg-P;J`dcsXvXYTU45C`(~_v!vM`HdQHKkQ5(pb&AJUB=B3}
zTddnYP@JAA@YMYXq2Y`L^By52?SaG)wl<KSjj*+{9{l$HbXDTK?6&fY2QJPtY3|!I
z)@eR_pBnf3M5>Kj16_W`v1@b`*Zw9$?shO-7~=KAi;4cF7$0S?Unw!?waG2A`{VZT
zmLY&$V%G-SIwJ1b7J!T1)Tji^COI@s0zhe?m_eV=Dr1tEcXi|G;WS+Y9DsGks$u%5
zVv>#khyGNtBJC2x^*&mBa7Uj1F`Z?yiMA2EDuzRg1LppObV$H_XJJ5^vWmCq=wT7i
zzX-abU%bL`u|ro~{fkzvYHQ*%>)-u@wT_FGUOs<V@PGzZNmW4%<hIv4NljvqBu#QC
z_=2hN-tQGGGN^OPmRwl~W=aKPff%GJn8|m7$*9UkOX2nF(uKBQLK^X<D-*!kcpm@S
zw+k<kdtIEc<*t})1S&5lb>mWi-^p%pIFrO&wsMNixRGC@gb`JPqKGadQ>yp25EHZ3
z&R)ZQU&SR#(SfgYCyS91`1y>$oan!l$|=Q<T5v*@)}Cy(FGS}V^yJc(Z|VVVkC!QG
z>@ENj|NfcHZ1v_%$OUdpDvor=Z2J}X$%IhLix{k4_Z<?DJw|wa4yo48*ZgI9IT&Nq
z=v9^H=XZ9TLqW&)gVaL$5>mL@WB2zQ`^m&WGfgSw8z-moW-t%}T++4B$X0v`>F$>}
zpGgJqgUx|-Y1I_e-}^r1sGorCUnwJh=}y&|-@@N7x>y0B;qt-Fx^G2E-;lSpIXgK%
zT+4{W&o3$PHkxluRqYc1TEGH;BqAvXIFPtL5sae9N&xBo9byQyOMI{Mk@Ymz1OWBM
za#Wbo+P#6ErsJQQDe6}3#(uiZiuW(Z11uR6Vcv0|1CE=u1me(&g5vrv-}6&<CeiJ&
zBK=a4EnHE}oDD6+MQsX|0M}{qsiOotOqREkeog~eHcqu~uj<>VUu{oS6;Rw4ov6HA
z+4p&N`2z2NRJ@i+XdE|i4)0BT-fgLma{PI3JzuK;+za6I-7eF7cxl}MvNaA{{e&4Z
zbI!NLyX=U9%?sL2AG<NiZ}S2E2T_$qUiPqF5)WLhylS4~PvT5AvsHug6<-v1hA7wv
zy625eOtb-*Z+ksS?dc>z2m5hD?;`Oj0Gpln+ms-i;xN-<QD@dl_@?KjOV^;+p_7oM
z%YK1$N}zlA`xR*iD5lgUu>cE+^Rt<pN3)eQ;q%!M(@k)1?}hiYhga7&7>o3(_@Ha~
zJ^*3h%_X+wzBKQb_}tdQGQ~AkLb^~v(Q+gOH|O1NY0`Z3J5(G|P*0Z0X<U5WuCYx=
z7fJmG_uiRwQB|_yny!8I$74j62a`AYsm4IDY&bp8%W`O2Xe>%g?SrL<&>AA><S!6B
z=$m`b#$E2wf;1}`%#oJr+r^IX!F=;t_^&T4zRj_L5#R`s?H7I#=+1{J{FV_Ej4uY7
zQHO`q4v}tenol#MmCG|Cgu5y=tN1LOk(V(<KwiIZn4*U{)B+ci9FgIJ<A8bLmGmr<
z0{=EMCnE9GVD_r~%i%E2@PU7eJu%1y8)48$UZb2MES~Y~KrBC9Rc}KZik>JFHxqO*
zDh<Q1=Ollr)+IItsbSCNfXa?30oc^nYTko3fO@sps}?$#7&uLUi=#{1d}ta)z>_~d
zzj;qab0YLr3t1zhK;?jHnx!rs^@j3uctsZ50c&R~ax@>rpP%@MP-$Kr6010u^bL2-
zmN8P|?C5?kTNG1m_q%_ZfS17>8e@pdM`h~6);lJ>XKzrLr%CoYg`*R}jpZe+F9*H^
z76B#&0Y5ul^{vzcYX{6)W!cZxyLEHd9O33|>Xv~CC&a4W7x$?>A9U)~3lXeb6DvMH
z#rU0iYtvi@8|&y+aO+q1>=>lO%nx-HuG@Mp((zjy?b}Y8foLN|_g<eX&#Py>fsVcF
ze+j8~u^#cV$#7ck@@<|QEV#v<G>PeabT0qq&0e=PXX#8eY+B4KtHnjuY>fB<pJTtI
zCk25rlF9@aK*9YfBIC`sg`PegY;G3JIKIu;?eGV!n-C;<&ygzvJ7yy|dmc8#Iin1U
z13kxLl46sJmG(C*se6bm_H(HRM!hX!ObQTbd~VpYaU9A|qAlwS_J#rIdGL*UHmyjz
z(W-K2cj6p>0kg5y`apV+AI1joK`?+=_nkE5h7_s;^n=L4yW8mUZl3*a{D=Fr{g%)L
zn{}%cBbZ9!vtQ@A6rdFS8he;!vf~F=^u*wsIG%fD*3es<ta?IQmBT(y^a)ib<!=D%
zcZz`@Gc~qVd*im(>k%v^RgbY>*)>koC*g#{@c6s}mY7E%Z)pYwQIArPf^D$9_R20$
z5Rg>8{+*onpp{Tb@kf6q%Bq?hSl@P=uvAAb8SHj#ZHj6n945dftwB5sSluZN6)`BV
zKu@_jXOQj=$gS$>hXUokr(WLk0i<?Iou9>Zato*5#BdxF<ws}@RLVu(&nB|68YDPj
zGwk{R|2p~Z+HIc}wSb>05~m~Q$==&_;<*NeI%NaWW@m-Iq6Y)gZh*Ze7+1tz0=H-c
zn1j-=!+;t0UXIZof+k;K9YC7$>%FN1uqUa}%B-9k*mP_)%m_ZP*VTHf`!gO<xCU4Z
znW^PVGp!=-kHBvkV$vD%tmf9>-)+YV%b5I52K%!BO+4zs?6ml1E>3><!^>UAt7;Wk
zkLrhab0Zs=aqor96iMm@>Sb94*XT7)zZ=RcFgF9iN4BDNBd1oY0Z1Hsro|0mG&J-(
zb!8e5TZuP2Ay{{RWse3g7nC&ZB_wq%X$=Ut7^&vTNB@<b2ArF6zyk_=QS))wO3HNP
z-ghNn65$K><uud5tWeDL7qA4<xS&T1;(AlXrtRz3|I#q3`s!k}K2ui#aT%0JPx|It
ztX-0NdN8aa&LCiu6?IQ<MJHhpkWN+Ml_Kdx1)N%|6R5nc`<qOtB3-@IN;zLaRhW}i
zo_baYdyp`v42JZ^+|9x;2j~`uw|2rnzv#XqIC1IjAKsWwlYnnRGrp--zNcd}0vzip
zqJy-;HzAVaug62al=;t57O;fU3}^}M_waB14&@a9F=GIx`#fTD=Z^2u0%`L)KsZl7
zvbu08Os};LZA!T+=GKLMPdxO?9`0cW%A2}QwA@NUV)3JV1H07R&kLQ|I0e<!vaOMB
zTRv|!=nBa8d;tyloZr#Fef28m{)<?rHVVO`<t&<(8*fUlAFT8y1p&LqNC{YFBhdS{
z&|)LNG2o5{Mc$))_LU0ss`C9XMS%lCTGU*?^8}yr%?YbCj6cc2%OL;Yd7})C`(I1r
zPeH#+)a1puq26x-?kY&#e^>mun1;oS7&>$%pdFD-Qb<AntaQ0M4zrsI2GP=Fjy~<u
z4A%_o>Aj#8G2oT#awotpFTNffu4Z4$zYgZcGyq{#<yM)`0KvZmxh=dok{8Y1!cdfp
zYAqk&x9Ir@=FZ*%BE;GfK{vFHe(hV64?o#ni@R=U8m$5`k#fOwsfqNtCs5jBJ^c`_
z1Jnwk3MI=s=vCMOVh7aCiP?&e87#_5j#*~R(**cq-e0FcWEMX+s_=*ERv@TVoe!#a
z9#<^gB@bQ^^Yo%tlN^6D9(F6upQMquVJFZiTYIvwYl$M{P^-jn_FzsE1b-AG<h*j!
z+bUuZgc|@tDV#MXJ=`UEN@J(O=XehcP*AV6zS(Qc@3mZ_JlG;l_%X<_d9R5>kHpI%
zq$A5X51%}_*RH4MHCyir&QVTrY29JY6#+mKlyc>n55PnEY8%rR8CGs}{npY&y1^<r
zp2AANMTzXj1@1I*95zODlU-rOY8kSb9Cm+z1_Iz*7gKw5%X`brRGF!SXq?Ni41%Q;
zTB1TOMu?m+U0{StY2so<>CD3ipIB2T9=$Gry30i{TI>DwqSIV#BR9k6iH7bsFU$sD
z4u_`5#4~}P#vm=sMsJshrHISgd=dfUcWw(<2K@n-dX(Nbp{r4;Z@*t#KZGt*a;p{f
z=t7G(QmX0YJm>&-*$9MfO{uYkH@NkR^@vp`J9WFk!L%SBAbcYC^Vzxodq+6owDJ55
zs0{@8#lAwD4+Lxk6e>bV|E%*u$}X-N8XBj2-Fj}v6K0X&A{j3rW+wrEFls`7MMar$
zuLgWz<-&je0zOY5^?FJB`{uy&;VO|m|A<{iSqSS}pcX1A_Rbj6k!D_NUOk~+FI87c
z1H@q2muwBhEcMotv)04e$1o8$^p5M-!GdpyWgu7FMvWF2Blz6<Uo2i9R{!orxd~Vu
zG?1|E(jmIoC@6jKvZhBW7s)2ml^cv}aVB8ZIv_Ci6*A^t7j^vo3gv)R!T16R=lcDk
z!|mB=ar|0_Saq;{lnfP>{a9fFc76EgHWDMwz-Rt3oI$WpuiDN!_`X-Jp95y;SM;f;
z>q)O53LVFD0|q3EdWS%IHwidCTfi+=0cCU3K*;Yv%J|m5KR<;J`eq9G>3I_n>IdJy
zzi$b-6r)>VvE>-XXB*^ybYH~XL3PEY#IVulN)^c@*_v(MCXl=KTfQ#Qt>_@#uTrcm
zCS*j4(-*N<Kl=On>lX1lY`^)c+_o3Rmpa$o(TY{9exlQ3k4w5fA6h@N1aZXW+nmEh
zW<u_;51>RolB-GSf|hN@i?@Ob2XBmds{!w+50i1jd>}cxZZ&mZs|q3|4pNOtr=#Y!
z_URYHO~|vRP}{vB6wMdS{mL&K-U%B6{H`v5vKHBn7lZ4ZmMhJEpCYoNXzaj<=TDzH
zMz+N~FLcMG`t1E$Km7Gj&&{DeWIJ*-&2KL0o&C6oD@|weGwUy~iP8ryag<&hZws8|
zILYSnA)o=kihd4kvP^@!9q}}yD`I_{cD|Dj^QGW&mjrs!Bv7P7RSrAzt>TD#Jpr$=
zZ8htszsMR$Wm+wvcY>S9YXPoH{KZU>z97>C#m3&>lfXdnd#q#t#l{U4pTVY-Q<J%&
zY(d9s$z!?EDYHw(wGrt~D<ov!cnljRNcpf$6J#_T=3c5m=Got;#awAM_)VNp;d_eD
zMi{%%a1$3^*93jhE;g{%^VOLw@nW@8zLTOonJ+Id4+b)D+W|yCzi9+Exr+^)2F*uX
zf;2`gxp$LkLrEs+ONx=@5f$ZjZibAs@Rxs!Ga{JDsXGzdA>kEU328h$o#RCVVOvd$
z5;Zo<^fZaPE4Y9g3<6v$4;bBN934R_X7=$RfABE=lEk;!qHL!l5@##?A=%$W7$M!t
z!HotU#CwyS1ned)knIYuF$dN^wN?8QY)w`n8PGkFa@OyD*oQgSjxVteU?8{#OE~l%
zN@TT!hY~;ddzHN~8&si^gE}0`Il>th*glontdgf!-zu3&e)|JY0?bM>fQC&~YPM`2
zKlPo$nH=5DQFv+i`Dj(vKWvLoy$d2!RCU+rvSD~i*!u24LEawk3Udu-|C6ME$D|er
zAh|tqFJWZ(OAU<OZoFh5OnV$W9{;CQ=i)I<ZnIHI&4O%Mr~ApT&{W%MuXPmI7TPNP
z!5dy6X^1D+s6QgMJ2MU6uP4%MlsOfVW0x&={`8QN>C~M#saaH<4^S|ElA&tY@co4q
z#1`WGXF(E?yq94{k-EyUG^yzn(=5(#w>-Dx__GwL{|fNAH*zoLAirp)yx|Fiw`1e7
zORwwJKML_mfDgk6q|UP`TyaDDZt+dCFlK~piIC(!NdrN?G>zC6{M1N>uQKsTxcY>Y
zkJwc3?}@a3DF{_(oYbr?=g)~BSsCO%K*m(Mv;&L-28ch;jafAcv<Fpnf2EEI^ijI2
z&q&hq{zYkS$R9l1RpuyO&>ln;w|dMpaZ>f^_*Rm#WwZZE;L2stA7D{{4G0M2h$;!J
z|1~`}ojd73Gh*9XTh4|MO0SdpCy6kVEfpZPb0@`MW?dbD9{27J8(y_iwz60KH^=Zd
z1G9Z3IsPjbX?1FJxY$4p+NFPzZAUdQGr*YsPhuIkyr-n<KElQKlzeKbdwchZT)F<&
z!#@wV7bw|ubwgQKpeMU1If}MnP5S<w0meate;h38@}3N^2Bv9&=6yO&s{VCff@+`r
zeZ|7X;*_df-t$q#At&K>?b$4Z%fZnr62!eUy>$Pi{~#G=6;ju6J6+R9U+{ORZ96_I
zkR<Xaiu?&Yx<F{j0wq&#YyjqSxEeEKNR><{%|m9@XSMy0OK_FMQy^Ew8|y)U4R!_^
z_uM@U@L!2oq53CfIpK-2{8uQs>aLG(js(R^6OKsUdi^1H0yNC-W@oh2tkIpr8X?<k
z%Wfj;%pEeT8`eC3sJ;Cc{M^}3;>nYnR1OafSM=eONE*V4K1S4K3d#I~W->REE!6?<
zs(i^5{%h6oXteL@Q{rBhUiN=lhGQ*e6_9HjEZG{>d-|+dZwMpGfe^~7`^Nz#$d>XD
z+aG_V9uG!|uU;Zv0gKnZHi694yB2Isl(jj`R>P9Ava>&o&iBtyO*D8q+b4f;22Aq}
z@_$nxUe)UVyB;&2Ut3B*Y*#L4p!=5>_tKcf`e;cK^%KpGs|tb83;^t6v$jk0s=6*h
zN3MIw8d9YMzIFiKXK?3-;}6Pi+!LN~Xg;+FBBiV*=c#S^aGlOH&d9g!6sX*MS|w;b
z^mr5CJrrFlD%8P^0LQY9+{JH}B>Dbk-%F72^R1UQcV7$_%$~l}&qV)IXf@gFoPat<
z1HgMV0J`#|wpAFoJ21Xfp|8AM&n@8#CMs4+5=d}^|M+;*4Iou4^mx_Z7tZB;o(gf-
zSBB)g#=XM}cpX?FfyO?9Sf6-N&+_v^OXZ#R&jVY&mUqshV=SfCp3*@G9{5~0d*qe?
z@^=X5$wVZ8YZ8F^?TQ!q6F11=XB{HVKs;>)Bu>+duhL=LWzM({1Dkh?ZcP8L%x7l_
ziRWLrBBEs~zRxpJ$FG>1`^!>9+%4qwh!=R9PxusmZf{8em8um+zQ-)v7FVv{H3qn!
z{nkRMpevKWT<vKMJ<=(;F7{1iAKnl@GWIi2jHxIan)9;63R^Bx`Dl=JFnKP0J_NFV
zJs@c>XMECQ)4UfV4JM?e{A{<mY1_Ed1jUL|IIwd1Z5sA(-FmTJ=QJQidOYm6(@JVB
zH9N57JzP^LO8!0a8lHYG(gT0Ao|C5c`Js&6M5)PPJFQWC2Og-YP2zKR&VMKFSHai(
zFkGav*Xr~}W5nP_>AnBW)&`t#M6vz{m=kMn5M@NM?k;|FfN|KM8zYkd1?F8o>vw+Y
zHl}NN9F`4a7gKob=9a|yabyboaB>U)D+oa9VRwNo>jMmt>-Nkf<tf0OVG~L&5If3|
z)BS#l?B#HWy5&3GK(@Ly<J?~r%G)$?QJ%lK$#iy(IX~;~1K<_p(ia7v!$P+;pN*h$
zA&1(9D?nDCUcz)Dx9YiBRD%Xkp>oSq&kg_=HU~EO<WSrb9uam!uN7c{lnAE{_gqU4
zwgdL9_=;XIg+SUhXSsO><Ti)%L6rFU9R`O6lc^jpKGjmS)yS`(3VTM~QSk9Jxz_8@
z?OzJIUVv6#t4}!e?g*oE!;WfC1Crh5H-P4R0VuwUdN$0elHja4`5m+u*cwfrq-b93
z{LWjBem_?&qoD+U+W9C_N4A?`v!4Bt%HmfkAo#`%kK}1=b#ay)z%O<YoMQJyzMo|{
z&Us@RoBSY1H!NIx%n(TEPq0_>0R*Nu`+6(l<Y+PSaHF7PN)Y9<cxj!ihmuL$C(<@|
zxh#gx9l)3gTsELUny|W+L|esH_85T0==D0Bsj6)1;82Kpy+45IoR?Tgtp^lw;eF+!
zCIAE{0Nl&a*;w#v_=p?Cfo?;1ZEm2vazVyfB7X6rNc93CYkE`Z{p94xYMgg!BBNKT
zs^GYo@c3Zvx`fe=duCl8{BsARZ(6=#CV?;GsobV}<?be<l-gUh<u*!*1G<Go483J#
z&yJPb;Py2rDxVu-2|ZUye)050m7n;U?^t8HZBY!-Gs=URtK0ilINN87h}|8_fNDAK
zSaX-KLz((RDW*qaxS+#86i~gi->)bps71|40ilr0PSnPqhXYH^`l3gofVY0_;W?Tz
zm49%%ZpWM7<LpB}uh^<|NkA$^S@8;0W!?>0uk2u>pOpbS|Lf+g0FsBL{XzAcHN~ZB
z^5<udOo<(#cRe*Fot2z<B;qI-1SWumS-ljc_eDqQ8Mj*D@-v`<Z!^dN$Tk}&dqytm
zel=re^ZhT_!HX@ahF<F|8l~R=u>VX4)Ktl3-5x@7%J-8jpG_y{+q_JMZ1{=9H%`f1
zs3;AaT2$FZK93AcCnF1vjaC-^Rb0Qp!4%bSfvh|=>j*0Y0N`VBrT8bUq!eHCawJP)
z$3}*_$cD6v^hR+&O|71rUaJZ;oa1$7OLjG9RAwQ+E}O>*z<j<>og-BUl1z!E0>4!Y
zAfmG_OqYRi7#FZeRE2E;1gkxnDH~h<e0fJY0K(0Y8FRk))?{`4lz^+rN%iWo1O<C{
zv%B<c?B7-qUHF-6n}ZfQy_c7(0+44&%9orvx<z`=y$>fXPise15;o}XyG@uh@qV6C
zJ*UnctQ~a+IfT;k+K(1!*L;2?hnF5<1y!2g{|cDGInrpFPHiUY9jzx~KBDx<KqEaK
zE$3|j;jEzH1RquVo*i4FW&pYXbEy_DeF~tiZ$>=tCQD3VcJ?<7uR`4Pj8p+`(X+no
z5mwEWnoWaQL7<C7TlHy!=uXR}ImlVPG5~d^F*yK=d+;yC6}t<&k*@^m1Ty@s65X{%
zI<KaI{?9AfhjR4JM{xSBrZ9mOtJ4U9vjN`?=eH;xfO8Qip!w72icwzK){N;ai78E7
zR9mU4JI;N{LcS3j3Y-@ll3w&wvDrn5)H!<i%nQ45jGsy!Jf-h_VI_K^8#P$*c<SlY
z{jDidc;vwh<rKN^MZI0N_u^L#<=uY2qM5fpZp!HZ73Fp-Jqcq4+PoL+H(V8da<qF!
zms`fEU_>}rrkUl(G@m!gAXmR*l#bVr8N{0t1szhW4=PeKyv{by<xJV7lJXhW6Yl%o
zGqa8s{$F#eCDs7=eIU~r8CL%h?)v`U{|lfxXNi>`pBM>xHvVjN&wEg!({@r7v=$+}
z!FEo0SfpPg0M!u(On|s87$c=MPzvm*0yfh;<-DjZWK;W2ZKn?q-2L`i9beDV4P>y?
zOG8h|HrQX}__=7qp^|wNDcT9zWF(wAIezon7IA@PWG4U~FA^^B;6dw~Sgv(KE{cQ9
zj!iY2xok?kMG3AtFC!%l^}eX9AJ_83YE)XOH7l)BhTsulDx()}25wvo;AgGdV!lj(
z%@jA&qH83R<ZPkS`?{>1qkK<8EJZHB0K{GeX{`jfF8qeD@~K)!N=P6}ehDs+;}V$o
zP}O1d+Pw-sqnP7t<N64V7R`Xk*D|ZI&4KfKgRW{Vx|p0oqvj?`C)=dJ>J9JAZ$ggf
zvY&Xfn7l$nd?2DrSZhF$<(advl{9?VVDN;j7*fjXB1-1M`MS8J9-rM(%J+lDL-Q~t
zupR$RGMxVZWAClsqWs$KVMS00MF~ODLXeaONkKuSVQ7Yw9=aq3L=co#q#LBW1{g{}
zLOP^NsiB9iA>KWo=f3afeviX={($c<dK|;VbzS@1d!Ku)bFGut<3=eLw45Ui1TW(l
zx_4VTmlP?YMIS1-KzY`T2X}p(c=S=i4F3(JV#+PIegW*Cdp84P_nAMeH}uY?LF>(o
zLisKYW~}>wC2dFNgQ$Ox++^uL>#bBZhf~NiqmUuA*=*?dVg0yu4m_$|hql}PBcKY#
z2YTwlQysL959O$})Yvx$#SteIJpH`Or(uQb3|+>P(~rNcdIrCwp~>BoNW$A{ThvUQ
zZ4B*0bQZurqv}Ek+1#X<6{mXG%nOg)7UG@9%taS-da$Y%Vz(97JPzoh?hv<HPo!44
z#UUyWC!_skch(ame-moh6_tQWGAB4%8O=C5V+J^qRF~8Q1&GeIM^doY!M~19NpG*S
zU3+>*&-GY*KF^=Ma9b03&1gIx6wm&a13petijg8BoGS-gTQZ%JJ1<4<c!jO~NLekl
zq<ANESIa_x>1TtGm3p%B<Etl49*R4mn_2~$=@M@V%*EPiR3F|?OHEEX{Ry21E6V=k
zH?G?Yhsjx7@<wa~PcE%3QtmP?s(j`vi_eS97&;*Tp=5iv%(o&FK9;fRuf1YprH((1
z;`cjYbnJX2@12<3rsF;I3>^xA;uYf<84pi^N(j&R6sxTKje4KGrix1_m0M3AyBklR
zfK1ENb>T;Jr>B32G@L`P&O?j7ye5C)CqTy+3(+8-Uhv@~_`)QqeBJ|Ya0|pp&tcOF
z^EGPS)ZI<0iYH|_$XICw(ZkO@J47OC+Yda}JGh4|>DP{)QoEN4W{EyU@=Ic<mK;7;
z#f(M|%1iAVf96Zu6&gFZyUROrLsZXatpRQ3j8yyCdeO@t9mwOCe6lf3CD|LYhqtd_
zTi-IS_6mMN+nKrHaLLQmdCkam-7=A-RGo#-tm;+1mhEzOX6%%D0Y<W6^@m^@`E^Hn
z7IEq^y-DpHYF!C*Rj;Y!tJ)tnlQxW1sx&+E#KvDP$!uQ27@Z`Ha*GT(XZimMXb|@#
z8OeM+dHsFuRyaAFO&kZ$ZryxI(O6=cer{J3Vywvys<lkL9?Ysdy=m1x)=$!Y<nM$B
ziD;n6U!?yL0nK3WRlUKXyUGnEUsTK};-ZOooV6-r?D2qwyNqd@wd|yqRp2D8j%&ND
zY%|55F4kO6VqEo><jrVis<^3Osw4T4UL?VzB^m-M7H%~_;X&W1I_-vh6FWN|Fcn_0
zF)p;o*4niM<g+=Na7a0wz?a#UF5j%vyJFclM6*F|SLpH_Q&#G#G%cyFqxCNIrW2Q%
zxD;A&Xb+3(cdFB-87oV2f0i6qx~4iT`*gIqy|(~e5EHQQ{!NTM{*^FH!p&nw4`G6X
zT(6_PC_J*u{h?f$<+9FL)sJ6Rq{pC6f88sTftia$Pa#pg{-JSKss1-q?-5t%cWF5O
zV}{F)%e4(DPfxx(U0sMNX^W`M+B1C6SD;r`EFI@l9M3ZJsIP^_Evdy_PYRocwT=xx
z+f5xcc2rm-BtrH;$btq-P#<1oJuVVU#PAB--*H(i6^94SYm&IhnrZimO1rQ74*@*8
z{0V$R=c7+#^$^9=xwQQ)3%v7_O-FaamRG8h59w&qOyAa>``9N!;b!BPC^n&Xvs>$t
zUJp0khgr6pA_Gl5<Tm5qrGEwf-r^uUj`NJ_sEsdLB$UxQF=bDR7`R;|BkrK!u+etm
z(G5xx<H_ZO?4wruleCJdr&wzI=v?Y)itbIMR*U*sv{y5^`hi#8FiECcrh!z4g@vGL
ztqcUM_FZgar8E)+L=FDLVa&I(hzdY9&k2<()F<EQvuj_!g7e~h<rF&0iXh_wW%8-T
z15>>7+$?Thg*asdvdpAta3%~z;uaree#ypZBVe{TcGI&qQ?iw8&}Ea!OMgb*J8)2@
zle^5kk@?7tBVCw_;LS2L*4yQklx<i;PF<E2-kn{~*=J8Rd)hlyO%jeilk7Z4heK{@
zcTll}E6fH!c03gYAIz%9RJrW~JE+WCAyY9om!Ku!JX<D*rl<oP30(YH!zWPq*H9l0
zaUx%gN+`(PGk<T*R-2#tTIsWER(kR512(O)jbRDRB?3P4_j4O0`Ju>*v87rB+TOtA
z3<$`yR;U)CsmMJ7scf{C)}vCAwIg%aaj=2#T;di|5XPhh3+{+o4HrPaVwClQ-a%3)
zh5B0Pvx7A%jCpKQCrRDZ5er$7^y&|}50oVj1b6AI4i_g&9=}I<UJ1cJp*>>ljiNGi
zjr674{>GT(%SW;4P=@j}GtO5|c1dFqQlG`Dv57O7-{o=$FLqEO*N>D#7BcI|KCfxf
zX^!s-gCl5)`O-^rkuxqNN}?yfCuMsDB%pk?>gswA`-G}@VecS2cnl&6Z&GCqMb02x
zAY0dMeb(cXEaLe~vM7umFQ77g+j+sc^}jiyH5E{b-H-dfB+;npwAHf}8E3d+uf&-~
zfvgr=_RVajuq<QQ-O&A`OS@ptZP}5RG<H~`A8L{*Tl=|t=Oq7i9@j1MbIQ}?L12S@
z)|!hxx^!xG(=er#sVGlBH}Z0@njYV><YyP*<&&aiQ)e=~Rwp_(XuRf!z?Pf3>f^@r
ziL|uYBF3DThJ{87Z`nk#Lyt+a8W4G>LmFhPYDHp09|v72vrm3Z*7o5%d30Zy-ig++
zzD>~^ZT2)KFqU*Ph{KGff49SI^=4N?a#!skZAWyeJ$6=q-bBltahG%~CiaSaMy0-q
z*o=I&KCCg;-EI25JJZf|Z$e!}#Bz5YH-G5bY5bK)^{Z!%0d+-pw|kAV2Gv;i<CmYZ
z9Nh^i@!w5<ofoN*xTI+nH~UM_s4Wl&a}U5Bn@=&$d;YF{KBDAY-UC!lC8co_s%=tT
zwuIGRiVT{L-QPwOPu9UPjol3g*Tru|;g)sQs=ZX)(2#kg^2;w4zvb+$L%dutA~2qK
zxHL23{!9+nUgO8V2%z~5O*1<0n!912KFyWxmBq7R(Zn`3Z=hv4N*@7<Q#7k_9ZF41
zkocFdxvSExVIL&Dd{xtZHrj9swndfO<YubdPgWd9I^H_&5dDcnyC#0CkdUma>#F=2
zN(cv8h2LFeNYWcc#KZqLLSPP5P+b8K>Yxw@RWBoMP}R44f2e)M-cT-1)s648LWPBF
z6A$?dAN3YWuqRh#3%>XpDp`m>_u@aaPYs{*k&pPJ^Ib|^s(*teU7z1le}lXm?xwYc
zU~@H}*unD_!R3+WRsZX~F?jpNuXnyF4_`y!`Pd)vxTc=mc^aS*%vHYnI-n~r00Tw7
z!edcM{YcKC)sM)qE}Q#)1;OAHo-d<oEyI6r^y8IntMR>0!hJ4}iosgH`%a5OWAX*t
z?Z4fs!sWSFiY_me3xzp*<CmW-%^2sYcB$k!<vXiY%owQMNr81{j#WAM=T8Vvo1AhF
zfdRL6Q0pm5Sod<*e!=jmWOl{rU3N@@P{sJ7VA5AeMG>Swe$5TH<1IzxN|(SdF}{C|
zns*Jm;yqqoCv@67C8<Nq$HLXw?9iv9arOM_9NOdE)^549$|pQBOj>ueFP2UjZ=9BF
zs8GB-X*1rtZ(7yGoSri#ndwO}usQAmE3NjYzpgUb2w4iaK|K1ie2gOFHn-ZJv2J1J
zurxF{tsO|w(K-)Rr*}>S#!edSm(#-7EEB`6&O>*zB(j&CrNYP8ycn;P8!aPBQ=i)J
zY`vsSxkjUT4P|}15=QhVuJamG7>?i#UYdU~U*ai)%zD%7Vw)^N#SP``KVltN)T216
zlAvyj;m#d>g;o1okq;F84viniR>wB|jZfGs7Z1U8+D#n!@cd+Nccf(Z_|n>NzqQz&
zWRhH5{uR?+jkFxA)jgvl&2;4m?yTm5c#>Y4A)SoB5I02}c=q?QFmi^4aKQ|im`fUS
zSN@8Ujdr&0*65V8$(142>F=iwFfSJMJNrEen$rYLr*HV82%C6~f_{1E_}9;gKPGM4
zOJ2{5FoMnW_u;i<=V_l-I^<I1YkZi&z+@w2h8;UN#VUKc^`aH>s`3Q?#(3)M;lFhM
zhjxSWM$!nP=lw+%BE<?m%p)q$6DC5FXL|@5tyx)16;xiWmEUaXEydmi#~YUgaDN59
z{^vD)dV+f|QB|#M2fYi0a-H4x_szAPSa=bVIZ1Tt^lDbRX0sGK74_;trRCb{V;P@<
z)ykeJvFMe&QDstU&iRyYoNrO?u$FkkWe@FoY1)RA0&bZtq%ylq8nG`g?x5v>89^rO
z72FPy`c>ZczpvdQ#2LNuU2Y07C3U|x<}Lf&q-03GyIp6(IGBg<(_u+)cpFAIm>zXb
ztbu7aHphEv+Hf=q<g*$q=&29x9w#BrCgDPcqSB)?5vySqR<NzDBtucZfYH0jRg=ht
zL$#b&Z&%I3)PB8j{O3a6Dcu^6)T86A&a`sW%*IRqB+F!+Z<#<pVC!6&ye1uf)?@5&
z6?`XkzW0>})UboRI=)veDt$RmCOn@c>|L)Y<ut|Pso-t>>)MA9N8mb9<eznT#`E8*
zz$B)ja#d2^M=+_~&u}<C>7k6PeCa6b)WibkN0DMY_o#oyrJcfU%fs`YNPNq}jDB#y
ziJgsI`P+=KSGlGA2AO6;UPIKvY;4iuK}(_@99U)jIpA*iQEUm^=s|M;Sw#-ReqcJY
zlf8KIt?peK{nY1wUPNGIBP+@4pNyMeW9|5(Bk47LkaT5U!}Ye+L9eem{L0O9-`Nna
zpsP2N$z{|7zY~qyKNfd@IwbzB62KaN)#)Efb7I-DATiT0`@~38FQUKLbXUrf$9#~Z
z&v~u5R)PjTKC92SS}y)LVcY$R<b^*?!E-o*cfyMJ^F8^iL-R+<UfRUAm9|=sA=nq{
zcysK1<#ZqMEgXGdJ}rJ(>8@@KLvKLiYJ`<ZVI2(TyIi|YRH&Rf(z)%a{`@!^S;OX&
z*JIgaV6XbC@rJCSTVkA{`A%zleAcHF2*=sR=urH^O4}11?StX%pK*smp#)~@6*+@b
z%uxjq((cbH{v4770pgK9U<miiXoXzJ$oxfGibX?UBPGo&qY15ECe!zJ5%egy^@D8f
zeY4OjcwisY+y9d8FC4*gLA%1!M=nmVb;xESngzv@$C#~H5YKBf*2}EMME@cAp`L#b
z%=wgW6fv<Eoi6`8Xi<%l?>^1Y*BAR9Z2>fcB@c<BIPd(fHf63v{2x=!%|wU2<;@{f
zh4zdHtKJ|-gyNW6{An5k8QV?udKG2<QF<BwkvWFDtagLIKghvdr`1$?{@)v!ipqaB
zGAQ%fgWk2QsiCZPPWSb;1-9Ayvc+S(dlgiJIVKJrJQU1Dux4iMnpJwCy|yL^{!BP~
z=kV>jab41SkgN;H23#fmiq66dK4OQzXTil0_+(u#WI(N<>3orgldS#n4UFYsh24JD
z6A4YQaB@{IEqd<F-89PU_}MdNx658+VQkqldE?R?+<O8^@hL?{oF9eq3F2<|`=1|g
zj8CC{#A0`O@CWxVlSUAn;?4wLK}jJ8A!a<Dcc8SC*cFkVgn}EgSt2^@&tBaBRC<HA
zdq>RTrPUUfj23S<iTde`=l!weIaN*TxC`5Uuh;P=Nv)Q368RrJ;rL6a#Ea`Zp8T|?
z4SPAGjd%6-*lQAXh4Seea06-DUQVruN`yMIYEwuS{KHwFcP<}C(P*w``Kaanu{^K)
zBUEo{>|7Tj+L4S}!xlCS0TJCS&{X<A&n~=Yw+jBlWaF6~#1I?*C`0Aj4f3g_@0^cO
z4=I%z<Z_Y|lOC)Zp|A2V`X~qGYxLB7*rsNsdEL|!GOdn-WOTGCvvixTTgE~CSrg0j
z1&6a<#bvZ5W^Zyrf$-texs;_zWNi!7n1#P5ROdEzg&N23h`fzQ?g{#n($L!Clv;)I
zEDV;AVXrK{@3(&aZ;9+E+cgL5`qQ&2>QZN}fUa8;JY|lnc9SUBsd`6Vd|_W`YF&7p
zaOL}!0gGO$M?rj4_-cZ<L7nuTd`Q}#lD_k}TqN%Vv*MKQzBQOe&Xw=AAFSk~zgqA0
zWC&Jqy~K0by*gDLa@J`PQJBPnn!9(Xt`9gJXFw~C0m8Df^;SX6)(gNdOwx^yhB@Hq
zd2GHdH|uLO=}DyBy+_S&T{a*u#5QvZ!2GH8`m<9<jOgiskq|IXI#B?1m#e;{@*7Ej
z#Y%PD-I}2%pYj@G?mC-dW;^a<wu!4-DaBNKpf8o?R~w_NhIYaulxN<Vs4egCX$pS&
zlO){EJK6_n%3H<ODilsH|IqlbXKyEz*6K%@G|Z?yM`y`?zQ24mWcEmV+d_Jw{ZQcf
z5bjo^h%y4Ei2;%yE5MhU`$Pj75SwPny)_%rxsWekyf6GypMKJvwK`G7y}Z5wSJ$z7
z8%!qx%y6tHMzF-!nP92I6OqU4>l$9FF524Ym)g_EFfTRuP>-KBT@OMR=4$$SiIIgN
zMU|Vyv%l~Eau2-iyyYrXI<d2~?Zk{Dbq>|RG5hJe2d6X`$K?|~qh^;#<Xr~oYTZ<g
zo7KqOT(wf21R4?IU{g74P<?<yfiA?#pVm1V$O1+4S@ht$5eYy;VeZB90|VR<G(hzy
zycetY;Kn2Nzd~(dQ@g9CReSxe6jo+v2I_T-0OdL`Tz|Bjy9O#h<#S0rq6O?ycUOjc
zbm6<I?w}&x3g|nrWU>}`Xls$$*2O?gaF}DE;@$mE5p0Szkiprg-_jcWnllYN7RG@e
z%5(wW8>8|RKuFh#EpG$D*%T|zg9B5CJpfgY?+)vsOFv*QMH}guEv9>Z4d7aR>@^z_
z?tn376BHb^=~+6vcmMv;7i0_ju+=ysJ;A;=`SBE}ePu5KLXmxu`Rwd$(GIO~K-Ak~
zK()p|$hTFW8YB=d7M6xYy$>iTFL(~5IIClpg}cKpZDF@h-7Kq@ml=1Erp^VcQ+j2F
znz<VbX=-*`>S{l8b=C5$oxB3J&>~h0p+cR^A#SZNXa*;kJ@!g^8uNEB=W-u@4vi2f
ziBUaXfadZTMMu<D1d3(M2{Oid27G$9vD+~*I?8;?*~@&o^MTxE=*#ePGp!!xkXIed
za`YAvo+q6zXvP~~B%(s9(NZkVgHP2?m#Ur1=MhT+gAcZoSWfs(eSU>2|MS|HI_&h#
zy_z_6;GC<N+F!S9nJ8pqZ&4DgC(t<+ZJT+rA2+*JD`s6P7D-ex_kCBeUmef6P^=^r
z*frjl9?R^@!w0ZR?FaP$oHPQO9Hy+y*GrnF2@yjgc*kT9JwVa;8juYlZ0ZhM{D681
zs9|;<OX1n6VhsfA<F`SXuL<D|)(!7QEO!d3g`W>7_oNtu@{*wn8$GPUAn^?I>zq9@
z#dRQ7m<0O9x}&?H!ZSWW%Sj~x<zI_%N`Q<cNCfb0eEMI`u_%9jccy)biK!YmP?f2G
z+WJW^wcb4-cSAUI3%1IOoj77uL>?Q?pn`Y^>163X^PbV;99GrIbHWr}4yc*yQ5o`<
z!qj4m9t1k-*~-nad{)b)=7Y!B!UGUn6}q)<F_ETMuV}2eb;j}c==op^2FRE~%NIvJ
zGRPdQ6r9V)K`;}v=XRZ*VB!iA-n6l(7nEW3XRfzx)~LBng4lFx1cnBTEo<!yMJ%#s
zPm7$`#<jO{(VB<ea1TuLRdYiIbp1EP@jjkR0%vOg^p&4gQvJvf-BbhYkeOv*UvvD`
zZY|>Upd<h53BUFSE{1%wd<(U*g;SHKff~hx@}&v6!=uP1juNX2(ppQGkcZA4dme4d
zqBJip<H}3tP}3#K`xE*P?s_6VsUK-AGfKi{?~3HV+V)dB@~Rl~+qOYCF}fgpRYFUZ
zDH7xJXEQi|pC!&*f5(!govL9j1l(3%jdAcesVG;BeNH!8J$X(%>Lp!X9_3Xx;@9Od
z1vdZHl2>O}UaYY_13Twh`~{n_aT5ViYCHh7PqnekgKCeR$JJnQ7zaXV4}G=s-;<fz
za`T3`jN3K9p0SpbTd?Il2}Vd0M28jDt@73y(7|~Oq1!&(g`e94Me<v_IcoV9V#gbj
zy*guPU^;bxAZx?QZ{^T|s#0s9YzqcFYWZB&b%cPlV)Y*tuOXg0`KLkq#`YV7o8V`*
z9~<m)mZrLNU@O<_ptQMmD+iVZRV|m^ogHs0Bn@If5zNs!#G7VNjL@DpT052W@uOk8
zpXyLqJSeA6K;V|@bc0&@T-{nEIfw4VrBokM3q2r1$OkmAs6avIyhg_r{t12lNyqSt
zPgPv$sxNc-WIiz&@LGH?D(#sn-?6K8+m$_m+%MxwB*#?~bEqbJpxYUc;2xmaY!75t
zKYK59<)BUR<(%`Mg&iyF$;1duI$O(>Cs+<^Z<$sX=q)FCX)mj%!7v{q5JrQKO1;#o
zldZFNCZ|8bw5O<H3u+Zpdux@@23>Wd$x$eq)0QI(+*pXk_0U!Av&YThQ|IxRc*Cd4
zh^p!FyeF6eSnF1VTF$ns8q!jF+VlO@>ec=v-}>JtYi+dNzONJpGD5U(IDS)%D>YGX
z(Wz;r@H-N6UN3UBG(AjGdQPt)@d4LT@lfAV_vFdG19DBzd6+9%vs~clbqJs1f+hRi
zSHu0~npXa^d%DR6^ClVYcQ_(|ykjiJG|?PuX^KyJ{~+B(5|i1fZtQgNX+!HRYBkL|
z0uOeb%HB&ls?su-qJWDJa8^VUD<uGp)+PTlG57uRjH*t1cE>62lHa|47odOPJCie+
z%xVCrQ4z_av}EN(JPD>ULa&wY`-$vLHBYfHJ3r2DBtV~rRK*#L5R_JPm)3{(l&Dw>
z?z^L-Yq#rrs#NPs6~hdC%|~~HGd@P1i&-86x_{owTKISHX*BuK#=+-4IxS2qMDCX|
z8`7Ds7%dtgZdYtlr7(1~A2p!!3<X@qB*gCDV>sx}3D6WJM?xA+B1a!NV7lCKk(wRw
z_*%6A8)hf`xA?6$E#jE<sXFd0cH8(KLr4Mnw!P&4!aT?SCbIgu_V_f0&-gp~HqXlG
zZZx;yR@=0+Q1tQAS&qN<$$n+d^0e<6lvQQ2m?R>_+R189yF1{4SWsSGH=N6}c6l$_
zwT*p1b|?ovk2314Y`=B5?<wcD)f~-bxV*e$ZnA}kN2Vx#{+ItyDJ4ISKx&Fz+?^D2
zUqriIhR9~WBldFRUia8P7FgQsn)%+!pG9P>5XvD{s~cLCneZ7pu4$C6dsZ#IT&8mH
zLIs~}#njt2)WGSci3?CBs@UzIr^Qr1Zrw4UR85EU_JbO^gjYvPnLf)CVBS2eZP|fD
zSQj_nSn?O=;}4Q0RXq)V>+k!4NKkf=W4lO}*+%msc_Z+Pc$w3}pwHlFGMUFg7>Nd&
z79L-&h;rXhq7zx8w#8Mt8sVOyipA8x7Hyl_2tV=#r}c4=+MuL>8FqiI>#&w({&(UW
zm8xMYBYr=gg}OROgNYdB!+74ouP_#G?kku)wu%Y+2E;&#JB=xNa5v8Cz5t_b>rF-+
z+dW!I%Ym$kZsue=M*Y?WtZ)vqxI3JQu9tS&%}4BK1|?C3>v{3t_u6sI$vN3AkT%R<
z8wz|N7J3LrwEt`(9HmUH8vHUi6LlgVgkK>>l8?%v$*I~BkjdXFRdiKM_a|4Vq0E2O
zb7Qu!ntwNUa5aL0$8ibLR#3_M%R%~Q^r-Ij{&)e6oT^@VQ7qB3JJZZT59@7@KXCCb
zZ1p79^K!Hjh8zx5ugnzxymP5p0_sIPxNKQAC+ss*tYDLko|7NGjN@_ffR)VXu44L8
zL~>aB<OBj;hiOrgrX>f@&`D8syuxO>&F{$gnaTQF8C7#2NgjaV7K2pq6|7>?dC9Ya
zrLe}H0Ok-Cb9PWU8zQr!?}{4@9=d5xG}I)<Sour4Vh<5ocJX=d^Ii7ywt)XprgR-M
z&rE-64fJj1v7+!J+?3UL2Q@!i*I@T~`)M6N2dsfYj`RFfE$l4m>=;#MRU<#U+X9=o
z8+8jF%sUiq!An#n3z~Xt{D7p_94^FVS{aWl<|$PLabw;pMy=)B7-`Ide1dC@+t0Zr
za2dMCyTUNX_>OTd{Y9L9g8QvfcIIeC+30JSwSA0;=}L9CgdD&1w2|RZ?iu-7Yfx}>
z74-P1C$QhP?X8yQx_w3vhWGyT{;ST@{`@|Rxt`5&ho;m)l0d0y)u@nwcH62+yGt!F
zT9c4IFHr^)Ez9)9<1r}beCvnn5fQcZFt2CpsUCT+aR``_fAx=eH~}QYOjAiS@%sj!
z{qZ}2!*6nLQv9sA@AoomH6!890lO5UpSgJA9=*;r|8}?4i<VLNQPx;RH6rP52o%$2
zG2P*{S@A7=rWb=j)vs<p!qrk=&rDONrh-1&$ueqhtU38&)bll#g~C~k^9iT74c!0G
z*bS#4PXZyT-BJrJ{TW)ignzASntgw&>q@*=ZeIK6#!o4U4%CvDNr_NX6axDvtDF(p
zK&3@{ercrGC{xp#Pwy1nng|!Xm|ykcv}4INW$(hcWU~BX!t^3bx79e`YAp30F&klj
zw&Q|l%K<lp7Zdy=D%qt0&x;->@kCtgk;{7gbg)Iz@XKu(3`0&r-E9s;B77+N*ul7H
z95>%-Sf0~(XM~KdBDNeZdsAHy;=p^R&?e$#l!1sqpV?%gkjP>4#yBUr8O(2<DtOX7
z8p#IPkGp5^ONY><(i51U#)5^Br%i{Cc0=SSgi>{>w<b2?X6LUH4_l6n-H%m{x&PT6
zjffGvxOY=|{Ie>$YpTxu8Y@+f`Ujq+3n3>N1dh~}O*w>QmfGr)nWiAGV=ugZN1fsx
z>7#{9NZB6S#^djUm)~t)fG*sg$g{3;Vk_jFM(NfcLxyw4{gyL2yx3gMUUuBSm7$C+
z0S_sxKYjFeN;A3RxOuK0;>|uTa+o=d9_^TYV3b?GZ|!EIJipO%Jo4LBn#|0^d+Dmv
z(!N&heqa=+ESe6c?dyzFsvIQ!xR+?O>>f5$wo~Zont3b58gYC{tddJ@wcN@vw#t1^
zIk;ZC!h*E4XM#aW{-C(U+#}5n7uhp*mlhLT>KK(H{u8%SZxiI#bf7fHnd(gy@@Fn#
z1z*(XU&ZggUJGVWtS|Po)Wjs$bve+tXd!tdZGsaau4iA}5Z!omZu=Dv>YLTY>Q#Hn
zrE|XL?|+roc<5~}v_N=q_Dz8DYYaYc3RxbU3aw-kf@S{xrWN(6yl-B0ii&mj(Wn{U
z8epx2=uw`ma76grR(Eh{w%{}Cv-S##8T&563gayuI_U4I_f(&CKeRa(PB}gAcv>Tx
zBziu?Da1AIck}UI_an#fuqlO|mKFe^>lel$)Vz0B3=Zb|>OJ)epO#q)S+WirCAi6H
zPrqMS?9J5;4@uf_0NZ5NaG5+rz}x=O5Mk!b$3NT#*m|i{lEKjQ$e$SQ;vrz2o_tFs
z)2DkWZiO}-&7pz12{&@~cgp2PvY{xA<PQ6CIpy6c7bCHJw^g5v>pv(_8a5$A*+#7g
z3qt6miIF`@BdChyH%tm&971L{|9#%m+5*YIu}SN^-`r>KXB;cSa)fuS|5ui~bU~b?
ztz;G-x)AYE^+<lTSesV2e6I{XT0=BBdkA;Z6d#C_Y~5`LztXsxl~FE3NC8cE72L^2
zVS6lY`q(sf*dt{V_Yq=+l4iDR@P^*YlvkJ&g_+4vqHSsi`fFo`|Gu`XC_3s{|9DFB
zLN5(c=xDusa-fggud@*F@Vr~DnW-u%Db-WA4H>QVT&?G`c1KO`Mwe7Fnv>_xjFhj3
zvePbPyGYmHJb65^H#9xllr)vKFFfiC9qYO7z9Yus)>Zd%PdTAp!Of%gz;l&<P=2`F
z-nF&h#H<`WUoTK)e;JkQPy6Z2{&CXT!-c>D`yEp}sEG;(tfTqr`v}x{cDDM;(VvHr
z?A;qb<g3K(W5niRR)67;R`vc~@n)(t-@&!REmXx!aVSTi!L;!8iKGg|kP+fAZCWR{
z)q-%Hj&|HB->N@*3ghv;NMJi=GQ*8+|GA{Z<isJ>%H}{4l(wP{E@i}4*B2$^g{rgr
z5x~!T<fh~OoALbj-ZF?!20NIC{q#9nrKhN$sEkM&MN)0=8zoJU$@J8E?kv|peAEUU
z_B@NXOH7-G$kS$9?V4sY?etpOHuajb@TVbH^CwccYSu_f)h<>NIxp#I;!mVK?l75o
z5b=1^%H}MsVOy|ihtO7b{4dYNjNSW<Ka$Wzn+-H_aIQJtz1vkTho{M*iWshUhR`6#
z68aEM)fYKR;p3x*Q}ThCNf&!`I*59_>?Dckca_*w4%BYr2}BBJSp9yD|7T0(i4tFF
z(bz=7iOqtV`3|}2=`gCss;irv>04gSy>&<PYm`S*uFbs>HwOIe1tYaPuR2JQ|1SB(
zh8-7~*(b${an|itH@GtkVFAi-ntJ$(P}$aLC3zQ8L@(5nqua{>O(|xsQ@WSNkRNXp
zZ8Vzkhs6=xfVcwz&x@>%i&s`1^c`0osykR~Hw>L@y_25ViaH|;_oUV<GUj{vI4P9s
z21*RjmvI7!+oghQM3-$>?TP;SsI9%F2%ScYyy5#+>uW3{N7JY4=>qecS7vu@);UJF
zR<wG*PPa5CppQkm-JJI+x$PXG;TX^Jc<oCgY_|dfm49;*_@5CryXY--#VKl~Sd(?k
zYSd&TuSIiSfz&gIMNg26{gpw~!E#gul_^7nOn&sSWzF&6+GbBHe@LrXEpLYGgAn&4
zzOjoGqi+OF1fBmjl4L&O<1Oo7-QZW>?R$=-6{`<??l}A5KRmmW=^R8?+C|^dQ*FS?
zjn3$+I+@^}@VAljx(4D!rDkUy&N<|c>Mla<u)j7M`rB9(UoOkZ$}-#G>K&gJyq$Q{
zQ@t4G(17U!372rhd7HvfiuZ}79CRW=Y&RS_A9*>NjXyB481T&5l}p^x4l1OiCB1(_
zA{IhTmlW#8<`?S5ElPbTAC!2|0U0>@yo9F~V>2*fSUel+*<7IX+tux#KX_B&#@++v
zFPoVHhuOg_KAoGqj%glx)&n_mom>N~eHl*Ul<J)9_tlQI>ZrA6w1+%1uG;P7xU}Z2
zAtMhWN8rCd9AG2ap2Y0C`?86m?@J#ybcBeNQa#A;I%!4h9D`yX_KR1v?F+YNd0T%#
z->U|0V85SdW#ZoV@ty3TPTrGg!!SaGxFLTP8Lj}IpwwT7G)_GHEfRL{<?TKPVy!}q
z;NJOAIbz&DU$!B+S-+x7vEXok@q%W)2HUDSA^DH!xskF5|6b;PeW{8;IC50WI1h{V
z!wemZ6xcMr7?t3mJ@}!28U&{E-uH=}s$EuTS9Yedam`i@Wv>0un2Y}FkLBUW(JkW?
z>n2@DlfeiE41V=2zji+4amdrZ<rdAXy{swLD{59OO=a-F(dN4HbN~0xvES<0pI|<6
zgr-JYt!m#Sv|Y6$8vDyq%;fBCLg?gu^ZWj5!~J3}W9A>l>KQ^qU4NYS?TX2ol9PDV
ztn@6qV?{)olb;Q5{D__%DgE0Z5a4uyLEtIs2{RkcfIiR|ZRG+FbT<00A7sYqqFZ(b
z8LDv`!ZiEUXb%a+|NV0~<qL1zTZL&+Eaco6%~Tv3BN|J-KZe<Pycf@tnIxcJhS1e|
z52{9oNys)RSsD^dqW-iyoX1NwlbCEqQBlftmX}mN@s_&&V`PT%uQz9b^OSTMhd&D)
zro3HR&v55QvFaV6c5CK8Mzri*MM%o}1TDq;@*5M*vGPZ6aJcV$;cPB8R{7(St(Z)P
zr=<#k$UevjQ8>2ph~N6^x7qPksrfq_MmZHHVazEcO|71Ptb9o^ReQs|0uUcs{U;UM
z1h<O5-H*GR@`trx;C8R`qXqNtnwO`CR;pblw)U2Sk#rPOT(|;}FGPB~_C9%Q-2aJI
zCfjKARi3ci)BN4sOV+>*usE0}GH%u#Z<T=F=tw-$_Ff|SK{=yQ^0yFc$9Z~l8Rt<J
z`ZRsjVmeU#i&55P=Qq$lZ0g`DqJi(!6(@HW=mWLIswpCyWJ0qT92y}S$-jmPG}%lN
zs()#Zj>Jl<{DG4ZX8J1*4L6O@-#*y>I5|sllAYG=YqDr{luzk+ukZi;bI{kr%e8ur
zNrSHoXs#kMMlObshur+z(lUQXaVLen*XM|;KceIO@W}Yj;{K6FcD>&X!aq@zoQ*fe
zw@Z*|3YY1seat$wR`3erAC+P1j55EC6X>EXDxd}<U{XxPnQaXX1u8s9wH;vCg4v-+
z2qux^_YthPjKgq!`Hisc&)X3x>+I?4R%g^ouZ_N{ReS*~9ElBRK_v_Hk2f@5euxI@
z#g)YDFDf3J%@myDu+pahUN<%S27qCOj%@Z$mamV1yX&=S_&(HeWrz(ROObB7yFfl0
zytg*q3anRk3zy;yQzbNbo{Ft#wE~+@GGdV(#n>P?w|W2PvNKl$VD=gWd`^oBo*vZw
zey3x2(7OO!kVNXp+@{PI);BGii9uTLB9l_RSNtANO;5i=!*eP>_Eo-I1riXGVt7T|
z$d>ALB#ZN;({LrQa+?Lls_%gU_Yu|_Oas0<m<9xm+{gpBo_e4~Z2>-ehM;yo2zVjh
z>VCA6w>Vs=*9rdL)xGFVw|xe*;@M}1+zSPF&uS-7K%Hs;2n$B@ld8h)1JD*C6yTFw
zwZp(|^|&I_75fXVpn1@Bz;8Oj0Gc*XGY#RGvr&PwQI&eV74QS}?5T!jetEwF5K$Wf
zcV4?r&eqSU3m1vZI@haVzh4|<Rg+&bJ1J3tisTxunFdPk;-jDZajN|h{Bh!~&a?x?
zeK1<459FcL{Omv>m!;t{=`;(FI#UA49-wKj+#9n@^Ex{%?vtYC9gWoSJe<!i`A8l@
z$$1AD&}ESEVY|TS!`q<JR)pzW4t0kMfuQ{+0`YCx0}b?)fk0l$55A&M0Qht+$JcQ(
zwoPXoY4MmOQMr#2b#yv=0f*rR#ZH#IA_-Q2*P54yGb)6%(z&x@HT#gqSU;>*08mo;
zT)Ywh<d!X7r`t&f3vo96?zlgETmLX;1D<1V`?2M?$%5H1(y9j2wB7vDOfObbKke;)
z=v!n#Z)dI9#2`g#`v>tAFjS#VLz;|g+E(Q}Pd55xI1>Ddp!(i;hAD4vycjIypRkp@
zwuil>Y<oWbA9pB)Fsr31*E+XuXv2zu)3M|=Dy+FrB-D8ncN2)8zXCX$8Vjc8Xw?Et
zGtH<qWOKOwl=tMmhf!UU=g|Z9+MRy=SNeW}8CnP6{jwd&Vm!>QXS;=7&A^vYcrdI5
z6zJ*LK4vZdt~{u=tZV;`!JHN{0v>Oi9ROTG)ahKuy7K{_R$)%Su4md}-csnk1BPem
zVWG^u6D=Fv5PqAYhKmjMSp@0Rz;Z~s$m3`N;J=hY&aimkKeh=NRos(QCD+blAX%5%
zGFa62Lz+Yb3d8Uj3M(`z0D9|}T}F)tk#D_{MBy`lS`7tukGx<`RPms79J(SFynu9W
z7D%ZTI!x*vL06o&A8_{$$3Iy%bOPTrSWd|O-d6tcP!PDTS`;U9l$D^_i}FDahI@>_
zjtI5)6L>7kP~hg3v@<Um=Y(gU>bkF$8-)liJZoiYV8^T=R|;e>Z;X;sibvV~Zlex_
z0i}`#DpAZu7g}Ee==dGb#LpFUxBfbP#BRkrx#BA(P>f@qN5r8^$f3}FLWp2OIt`w{
z4T1YGC&Fu@SnFszut>Ego$h3k-N&}Uvja5<nc{&A@%HTx?512%=|zG1p-b4(ma>f$
zN&l7~4L&}KA1qpc0RV?;`qlz?BoU3{JO=Y(xYhtf*CxOP>)K=`=z=y-GhrI(zC`kg
z<i(Z%;RE-*)te%2JI`+4g?CbIgDRQXD|P!eh^x$>T)>F_pvxml?-a3d88wbN0G7K0
zTtM}|Kz2Ou2bkh*uTnX$!wx-V+v=|*GN1K7CC9fb=D^Ky18^&F2jgHR&#A^-fk~Uf
zdA=1!{fuJPRnV*H{VhoA`;8BZaX*VTQ>Jl;aig#$7m%w_Ned@{a5Vxw1%m)i$IJ(0
z_>ML+z}J8gFKV^o*s7g1I_3lc?(b3)1u>1l!!@DE#}B*gmnfQ^kuq`9@C{BD*6wL(
z*>IjoR@Qg%jeqt8w%IceYK+|lT7XH!d|B6oWbEx~buIJs965snYu3w$f(6-S-ER(a
z-h2E$LlWmE{PcaJBW5sJ6w}(w!H?d^(9}DgtihonL>%E?6DASYbsALN1o}gDJYUF)
za)jW3EO&Z<(z;DG@CZ+TtK9ISnJwjBL>Q5}Oq=xG?{jrE5aFT0%R^Zk#)4H=eNQRm
z3Y89#U|=%Et#k7cFW`5{7#0~IQ?F)&Gpp@Co?>fgkd8|q8<i2>%aAuU2`*EDs*@yb
z>!5z73YxpgsoFid(e9f7p(XW115x)kyFpcTx!Z?8_!!M>mwnX)DzsW839J0+_w7S+
zq?DN(D#0bgYPKAhOlRc0lrT8*0DZDDUg+d_W-m7<CVyNC5#DNpI86dU@<9{*Y1kVF
zKe7VLxXWwV&+dQ8yuM0eLXudjV6FiJ>uh#FoYC8#?*-)ps;;*?6fR-`XH^fCP1&^A
zSY|u+TWwSn#EPnNcWF=uP2sb_DKUcVe>lvMg^PbvU4BzxTQQglTGdd5r@_rHo)0-6
zf~S3gdtWa06SFd~Kn#QAKX+ogeLEtJF~Lz8Ic>(b!_jb0j97R>+yn4^=FjwVY)X4W
zdAZ8i8W@^RhXyIt1ij2=V;628ynLsFW8`O-Q4;y0f5{4>Pcm{{wnQ$@3Za=J&#)Mm
zD76vAyMA8wKnr?TpCO2$H{IZih^`pu5SH_8+y9W^Rga%(MovuR70IrLjXcaUqxXk8
z>OSY}zq=dq3{ZK*<XNjdtGcDK3h6xKJ0O<TyAoAtNq2y?yr8O}dab4}aY-QYNI}z8
zAy!o?(^iHCLDe>La&lD>M#@ai39g92OY|PL1XY4kfF4`d&w~9S5o^Au_%Vh3^~#<|
zax~4F4EN<%L_9<Z1kfC|svef$hoJ_qvbW}V8-=L$Uot4p`=_|!OIFo0{nW5lW#506
zj{Ia0jL+`SB&XY9)!7sFW!D@6DF7LU>IzC1xnt)>eUiF`bu*ForcGg2Z3Q(413T;`
zy4%-pkUT^2C8}`7^XAxOX4-`su4l?TWs7LkoVS5?Sb*{hEwRB|&AY2}Q!Nwf2*@}n
zuo&QM59@>7^?uZ3NoweD_A)0XTj2gzV{O43X2Ph`X52BIXJ1f0Uxd#N*i<Pn`M*0A
zD2n1RP%k^j8J}tt_E^uCGERKFh+l*jya?N+NM`=j-myxTJrNp_;)QQo)x+dXshR@H
zYpe*WfrCi6ADJi^!+{r<wQi<HE!Bg~N&qZ#M!=@!0a2PoRKRqo=n>OflZmGCy5MC9
z6?q;6(ogv&MnB}IBff#9WnMVu%fjik3FBY_BR`7!2Xj;9MDv}GN--H*(QDs`^-B*k
z_xCSS!@}0X-Lb|yVZa}TUY5MEMl{U|nCd)uX6kMR6AEVjy618I-(CQ^T2|v<uZ>hH
z<8__*-L$55@k?hP1f~RqKm6UVlJ=8~DKp3&$i3YGyIRcp^Ujm7o1U@m%Z5+R)l52%
zH>XGGQk@;Nip@kDg*>O=c!*p22Y}m<gy|c=XI@{x&`=h7IC&jE^jx;6T!ni@Wr|l^
zb-=?+4Lv+Bp}lU|q1XYEV!7BD0xb!7zs-40G&dRBZMNW_u$zW4E!XOO)3HlBK@;%W
zx#s(l2d4p>5Alter8%ON-$<_WYbUjYbx#oQzP@nv*$SQTD_epXu+&VEAxi4T#vFP?
zD30g&8f)^D=BuYYG0nzN&`4%S{KLyx6(fd$JovX)KsSNdH`A-4xuZ4QTXF7#GcTCr
zN1nZ_9Jj7ccVFplvyX8BPTsPrt(Jwg&SMmn++;i}Y0Om!D?=(jmId7s+;O69Stq{z
z4<I8}H!ZW2;}fHJup!yB2fSQmBjz9z%7XIb)@pVgA_-N*T({Z9AZsQO-+=u_D7Y5B
zXusP9G1I?C^~8(u%W`Pk99|SV<=j4THU64lcS2q7FMlPb$6Q8T-=85gc;4;1ZmlL#
zTOHm54!g09-<PMYMsjgoAsNc=L8GV8to5l9BB%_Llw$OBbm(pO(x0&o(~LXwx*5K(
zD^^6|vdL15?MQr9;F+C}!$ghDTh1^&9NlOgJ+UZVs*HL#4w=54T6(y=9cQef*-=yn
zc|nm=tdo;}b3w4$hSh-0Kp?-ss?o>2gG*!~c#^=Ch`+2*C-2L(PRM5mm`X}_?;wrd
zA5zm7kCW#lp<x_w*TPq5|NiWUEN?HQX<#bNDvXWLr%~jV`&9XQT{qwHj!6v`{SaEO
zygR9|4+iap<YQCSCSKX~4u(6u@vRTZt7#N`S9HFL;~n9g(ISyg4puXMcN!8Wq%eCW
z2)+I$e;D<;UC|}<&T0&lx$GQfOl=AWveFIeK(UFC`jrdNDecuEUc|XpGD+({VAV{j
z-X)ivP%AZ#d0f*Oo1GigFPy|iK!Hh7=;$zF>&6eynm-Yq*weiyg&CCn+RE-tk~Pz1
zMfSK^=Q;c$o6$dI_5WaFTCw7zzQ|I<3KalC2mAN*0!MZC*f1l%kEwqaJ8>COrZ~kY
z+KOeIYU#q!8!&TB(P~8$yuGgcFAzm930^z%cjHS}bzYrCR?>I4#Z6`!*Sb#%{QlI1
z1#BPTwzGeS!n(^1V_em8jY{Fw5ZsZdRh2(%H~-|aY^uqt5>V&4FH@3Q%crc>YtDL+
zlk84De+CArm=q&ZtoK7|jS{AWc*7dM1<JjKx7Ga(`Rx7pFK|iv^*0sfnK{Ox&<~`Z
ztgT%v7^~%e&kzB(T}+x&F2cAze|Pi?$bg4TxiXdh2v{*)_m<-u{X8YYHvTo}p>3@w
zrX|=WLC1!Ok(KWJUV``fcTC!C`qgaIPR#GZ^?wG86Q8FnxscUguiLq8OQa$|6dKi*
zcvSracf@p6=x<Mv;K?Vatd6U6-}le$JG{rQ?0Et6ABFyT#H7fXFp4e>>>aHyYWZN0
zCltB@=l94loqvg}*EscrpWs;?CRbOv?~Rq4qeMZ&=Dq8f_P>7ajMVIUigjj8wYuM1
z_fwl(IOG$~>fODF-)}Sj0)I{!d+$g<`CPj2_Cs7Bb??`+?JFsP*)t;jhlS^V0w`K5
zx!D&9+dG2q$GNS*)p&5$<5EY-ouB*}S8Br@yP@etRW20R!}~BY+S1HJWMNhc8cJvr
z{Y9A8{Sv0-uXj5@P?n__)irGuvz?*3LH@_Fz+O!9GdwMDBzTG>UXA=?q+r8EG3|AV
zbudrepYYEAIV$qhgLiJDFS!5yF!Jy0=sS~smiFCXn_rjv{QF(lzjkrxXN@0YzR>;s
zt-J)3%R|p*segZP{nvMhZxd23^PPznUHbc5gK_+jy!{7$e|=89$Kah^^~9@xW1s)u
zBmIAm6dR?V3crBkCKXWrJe5rpu4)OU;kAHx0Nk!zUS+mZZl?uQgU6c54HlY!#x|Qk
zjUoN?>C;_Oo~B$<M)@Fm&x708HuWYN)wz)W-8PboaN?^yfVm$hfOH$#N7DcQTQI|Y
zFz<fQ?t!yW%bh@065vG$)!GUbJEg={j$R9!NBCTQ#0320a&|}>#(;Mq9TpgLV0;fO
z-8iwR&dwMp5G6;0qdNqR5)}lEM2x^`J%PEc3gEg%?-?SW6>d+xK7YXwSf>YJtu4FU
zKnHlW-P<mjhufSSV!p2t{Wq{jGee+5DBkIpX$2rAZ3lZbEFK^wDzyCA-tVxQ&6eUu
z0v6oXNh-^{>)6IMV;crdepn2T28*h>0bnFB6IIh<w1Dj=5Q}RLt|%nIc`SSRRkz*)
z_#{B5`#V63toH!N<K`QE8NM?H;O<Xiu0DyRGeCkfXa_niwSc<XFwtCqvKVT$fCeG-
zpr4eSPo(<0_n@B&Z4}g5^B5S9hJb9HZ+8hGk1StPq5r)O$gzjHua~SNSESBPPjb6M
z<7&8_^1>W)z$v&WB%5H{S*0NNp@{Q?|6XJina)d2N<2Sx5d<Dyme}%8JK*A$sSdiB
zgg9;;Vo{iU^G09%P2jZHf<2Szx&urA)C*tcwV!LtS+b|U_F_{7iUC0PENCDX2%OlP
zfkmF^;61P7S^8OQHY<h&3Cn=TP>xMG8@Edx>=Y<B<jP@5pCZp;+yTb)qV;k;zKOc7
z>%0Jf{$_!PrX2P5q|0>kRiV|e90jav#sO$8cN28M2?T7wLoBA2bEP}vsb>#(oDEM2
zK<aFCjg`*s>vg+vs|r=QaY|yTAj%Ip@2bwFsAS3y7R(TP9Y`L7zC;S>>(0uxZs6GS
zxz40eUC2m87aN>dyx(rbz@H&b>|{ydv0iMhee{VfXg(ta5Yab*yd(6hrC5X;nCg|f
z!9Ill*V?ZrjB|)$2aT}QkhdbHgW(07A_TyCa)}2uGf*0T)H(2JB}c(4Uh2O$-B|f#
ztAYHS<KeHinE=#Pm~a|~X1@swXl=fs&8o_=bp-I~h-;va+ItO)>~urGg2?vZzXq^*
zM>J4CC`TBnK{fP>u_z^wvl#(e<#`G@dGsJJ&SZCjP-a*Gavz>wgLnCO+HEC&1n9DS
z+O5Z=sIADbzzi1IF9sv>SwBqwV_4KOjOyni!2iP=8w#M+8N>ExOH;M(s{qnpVu<Y8
zl*VIe-NAMofaI!(JQ7(0qaxS9<;@Dm9tp8VfX~Opi>g-&sxvGc8f6gPKf~~Iz~O(9
z=LvOEe*MXs%>&!?l1L8!ET(R{(tH3#>VT<4-3RRL$Ye?7hX-3i>684@GurEbN(gjo
z2ps{WLJoV4{yTx8$MpEMARNcdrt9FqK$L%}{<=<09{|xHf}LDgoOT49GW#uJLYZ+-
z#~<J7@RBYe6t`HW@D^(7Q&LUfWoJrJ;O^p4amz+JabGdusn_#5*)0nK*fcvE3V`UB
z{p`C#E*xzFygTzGF28B|zorF`pSTl>J>JxoZX0N(GE}!JxF}NUz>2bDW7%yw1ir~J
zg@>Y8d9uU4(l%n7>@?CCa=W`)Ff-aXQga5J*Wd9D>u}S#Ev7iK7Xx@iJz+c^kY!5~
zi607XXy|(%tmvJ^cF*4AeCI%LI%LYj!v1F7W>cCT&I8r|Ru)9`b@3T)FR+&NS_SvH
zl&ZBbY7%E<2=r~{)RhNueN|a6bj{Nv-Vj=XxEs=^#kPRLLcCxGMerOAn`b6OMuu0j
zvom44u?@IfIh?+L?c8PuXemYxDYMkG30)NZ*?}~&C~9{j`g-hvsCOXzaOw@3S53#R
z*)j2}%jLlYOFPl8u0vq$xCSPf12XxOQet$J!*gN5{h5gXdfj?Zvaig`P0@;_hl&A;
zoH;&X`<VG|P%&LMTk#=aK_ZT7K|Fu{kb!-N;|F$%VSCSSf*qhtJz~$mh{lUu<$vdd
zw;_3va>Z-+1%S88FuLGo5^cw-uGn)uCub)w=fR<w%CwV^h%Onk$W0&4+OaZAI|>WG
zgF`D(xOy*Y-UD!IOTH1d!9~%eW2`y_RwAPw@vB=+?^E;3@Gd_y*L>D$B%kFffB9SQ
zPh6MyO41;cV8y5~zB8FOt0xoFzCIoXU!thNnZCb^;=#Z`bP|UNFgX5E32thD;yi9}
z9+vwE1;fa(8@P6dXF(=P2wlTXdxo2ai-3{p-P&NlZ{TTokVIP7X)vB`Juh=vG+fx^
z-NF%1-CQzrOwUEVhc$rTDh9g73=aM1q}{D5pp0r7h`Q-<ivJ8hG5Zb5scx<cxIDi}
zrs1e#z4K{-Q%|<9gd?jzT<i2FA#)vTyA5O=5IHrx1##jrXZJVW5)ZZzb;*6{>X9I1
zBMZ9oC5n^BFRH+r_HbpV>c3J$Zf3>FDnhS{ZGJI|Pg@nd4XBNuO|yV3m7_={xk~by
z#0^U|E%80@O$=I<Joh~L+aVtM`a}DxUyV)^Q8otF@4xo8;Kt#W`NrcGO=!Kh<rPx@
zfp`{#`*rIw*Ag*G5w{lbx$xM?zJf|TQVJJ)88QiI<RBnB$=v#F>Mq@a=o&|;_6riD
z<aWYa9tnv39Fnh5IOq^mIz`rj_BM{WG?7u`0#Sx@blpNDbdAaq2HnJ!uRaw;1vUv1
zYk=@pzATsZ;&PWwx89<p97@aM(qpDhSF-c0YCP7GO~M|94Qm-$%nOZ%M1rO>L%cPo
z0Gs-}>mVv|Zlct*rwp!h(B3A=8h+Bae+{=SzO+cbyMB=$Wgk!a-{m)E<{$&ao0#>j
zgsj@(wBcW6gvP&iTpi)W6Rb(ZgX-YR+|{{5l<F2`@kCxtz&pog7Wcht<xJE$zgvFo
z)p>R}GO7<%YpAU&4Ya)0F{6%$^`(c=QS|c1uyi)@%I9e%JQc=0u1WOrVTa$S7{?%y
zLoQ}NVY;5%>0frHh9d~c4*GpI!bR<sB!()0S^4MTN@OC3Ko;LZY3qu|^`@u?nzP)}
zXNN=^H|HI`MG<;%Hbvd>XlSIs$ITl($tZQTJQ4vwV>*ZafwGx*JIm%FO`_X!w)u#~
z!cT{1Z`t+MH=@r)7a@R9w;0UYjOKoNgnti*-Z{Gn3}ceV$ASP9;T<Xp^$lHUF#OZo
z!m5ESDly)Cq3UzK$#Dc1gz*zb>7+=K>#+pi5&EJYWw972E%?u&iU%Pshho=Z>LR8{
z+j3#1V6f+8NJDQ_@EaHmRc^#=`>syJ)nl@$7{upN+wwN4$m<{__TGCy?D3J^Y+l$1
zh<)Ty#PN*R`b~m|@tN@>FA-6Ob<1U)TbK~EoQU*0?c-qoY<%x7vx0e0YLhEI>OxJ=
z(-ho7-_N56(nb5a#-{~5-G|%5&2KAk2S&5R%p2RiDxZbV+Y;XIcF<5T!Mcim1?g0h
zgoX9Drm7ov@vc{r)NqN2>ey-xRNbK1+M>M}(I0QA1NH~=LD_oX%bu~#)y)W;zw5|k
z9qJ8o(hn1Hjk?!L+^=m<UP$BWy8#@i$+%`anhSM$;}ZN0TkDK`(^qNOyXM6H>$#NO
z^3EPexKZ}=?G&W(1MEOq-ukjxWjl|M(kP&!2Jor&`_tP)!*5chQ2Zp`-k|eVQ2VK!
zBx+yIy!}v23^H%03cImkYxu1<|Jat~+qI{o`07?2Jqe+%4!J^>aXtG1>bD3Nsw{*p
zX&7l-i2CB7<xnLhPStBNKfXm>g47QU9+dcSkl)B6dQ|l>F*$5{V4$)Qgw?Wzj=<yS
zINqb42#n_4tk1-woSjjZJv6^iFnSnlM%5oPzzrIrL}dZ`97XP1?4jh{WgXE(Gb>|!
zE_kim2BvVjB8+nKqn-^Umw+Bg(N~Qn-i|9hQ=8-9*cVJvulwF^<MCdi+|g>qBoX#*
zVU=@WV1%#HNkX?Sd8Xsmf1^3UZ2v4yUffSOZ!@YQ%2tJ6*XQD6DwDY_M_r#e%YP6t
zMNUMr`Phcn*K7V$5kSVyMMXgYOvDFSTp}HRnpk;Jm*%b7cn#@IA~lIoMm0Utv%Wo$
zbrY{ZQdoaw@~4)!@rS{?MXNCC()~??6Wokr+q$sHH~vLY+YFJdZ{v8njVd4RmA3zX
z?7e3|Q`^=BiU@)fL8^!p<)}yrN>{oF7NiJ-9uSdU1w!v476fecF498pB%w<02!s{_
zDpCVMq(u5#IrqEw_?>&y_vih3-@in*JA1Fa_FQX@ImVc$3y?XIwAuDoMn026Rd3#V
zVgu2glQ|5ze>SK`F8iMG_jH9(EBZADo>`(?S!Y&Hz+7GLw8K6C{RRK?9`N@wQP9C@
z%VR;s1hozf5puT8sk4RBEcwsBhoo35i!jHyFsVK=ljPAyxxyj(EyEb;#?COA&ROfY
zGbfvdW~JUkG&C-!msQ9fBCxh-b;g>w-aJ_tXI}k%ASiDFsh#k8Wl8G%ZfJFA3SCdj
zO{w#X7>PO)bFbO5-YbIiBCV`Tr*^~(<K_ewcU5PWK$;L^I;%!WxZJXuv=f*1`qN|N
zndDYVy0I3Tg+~YbP3*@)^SjkD>Or>U<<qU;H+FTyR`1g7gA-QIMR=*@wzQwna(_Sb
zNM4s{c@y(~e<x_c;JT#n-rIY3foFDKYWd=2Gm1N0-CF(Pg#p&wb@}N=smt%K#?p#W
zk8U{-@gqfc`{Ue<6oal+iRrl2=>VOIg2b)TiwSKeNmuzbEqGk&P4|r}z`~e4vU~l9
ztw1YVyMpJZ_m;gd>FmsVulr+*zX6Yf+f`;rKrqocp*D~0Z@r<n%hg-lq}#9k=++~_
zx#JUVF`u4tKn1HFaHnFa&mk3GuRY(E-0s|>m}AssaZ8t;yNUc{4e#oNv1j-_IM(JJ
z;55DBMXtA9N2(LA(L-djSN9G#sg^nFE;B*I5GSUrwN|@oLec95S#H8%saEeU_GVP~
z(9da~VA^!$R-WE{E@0EER&DTxF|HNK9OYebI^x!}Q2UH*<lg-sXntv#M{oN-wNt}x
zlRJu>KO2go+eyGy4{QP_e9iNobd8-)FMMJquB0FT>I4>IWZAn<q0&lcUAmk>?Ag&}
zg;TVcsHmy93`?(e6Xw)jv^>?*OK(5QsKl18KP-J{T0Yg#*djt=;Hd$@Z_IaM@Nsd6
zUIMw_YD3+uygHpi_f1J9h_Vmp-u#E7uH^F*thl5vgVmzRzWNUsj5XTVI6wVCjQxBq
zWjfqfVl|T@;^GTlvHIhmx!t-iEyx#`eCX+rH+!qKl^|zj=ojFTmmhLgcUHcht}%M*
zd(vtqZBw`ySE_`-G>5B@{e*S6NbvW8$0GMfO(9Mn!)eJKu4+~$!<p`{fV6NdAG2=?
zXbA&yDb>^u`*@TtH7?Nz=4(x}U)G)YM#++X#Z0jTH(?=&4oT&W9vRj2>#f#jSsBT`
z#9%gi@&3tZq)Crvs>|K2-JwdSVKx4~OO5jFgxuS#hxrZ_M{zv+k;t#8Lp|h9crSOa
zEZyfa)n&lt8Qg*dR*ABRvcGlxV5@vmdAIcTRjuA+5*<Tay9efpi{6LKu2^J!TEQor
zoTH+Mo?wWfwZ#ug2Y!0*OknOpvNs94O+xj%VC>2#^*sr_?FvbAE<969JLJQSDrs~j
zw_ikX@P(HI^m108zcj}*x|U2a7ny|C^(<5g>gpc|U9P?)$DZJ-Btralb}92}?8-Um
zk$Xm)Tp4`FLAy*)C^j0&(%6un;}eQ?GpNH#lZZY(Q|EtNODKZ%q64)wZI5y;N(yLo
zl2iB@KJq+W`SA7Ku<<j+Gw*6qty-N)Y1T~vP$_kby4F}SlS{p^Y@rc;4;t8|LZdJh
z4%8(}ogN|6!0ko4`kAbKXzaxF70(=T#Aol`*uz2(+bD)MY^6V6yOAh!$^f=j+Ph7c
zXENf7@J*F3nfiX_yr)c=?b=9>$~nKMul>hf*K_$@R=Jx@-xwp@_P<i6M`VFhOhc}O
zR|>i!__>;}29ZF68Pv9_gaG>!re^K*D^}fc>r(ELJovNiGp1FTJy^1O?4Hv+@|q;i
zoZN0i@6^hM;|7eKJ*^Bj#@JgStWd?%-F8{UqxV%{VT)^A*qtZR2c216F@0Aq*LNz6
z+>ft`NiMS-9N9=Di=8=6F}IS9n%(%3WB<%BEqzQAdvEf@4uGyB_!M16z~0b^T|=uw
z(@i1-DqxRHND|N^P$tpiO<=&yLVt2PoC{%dRM5>BZf5l*;LuC-^NB529=E_T&@o(q
zn5i0gJM#hDzfaE(xK?BdOf7l)2Lig+0`#@^<z%eEIpw4WE9R$=r70gtT!!}K?jOlZ
z;s~-ih_3JOP|myL530OLJc!cCunAO-{2UWz<Mmp~E?i#<Mz9A%VD9cXcO2Q(y-c-+
zfu}T!>t56!seVz3QoSg{SAg0R=j(Da{Q+FRrQUE0r;WAPtWu#7U$={JRr)NiF)<x|
z8dWXjupd1s;dov@-c3S*m|cN^1TmYPnF+jf4ZaR&cX463ln)|ib}PXvKQKf4*U5Dg
zTvHk^tHN0u)Tj7H3|^BFIjwjsGiWj5$wfb`d|Gzo^gRLjL&6nu4uPyTO5}cxrQM=k
z;$Gp%&I!e;00+AB`mkv=W<s|8kHPU2WsdkvO{3l}Iel&%WWS)~@efn}cD>?;)L_#7
z%;oGK5}F?l_-h9Wlsbnf!P5I=;q9+$XQXP~Re-g#84b<+Zy@rY&P&O1aY&dq>o-ap
zQiYR77{Hh|cVd63$N2MlS+p9os)FJmxBgo2e)5UG98@pTRbVN<y?by4$~f|SDE=Sj
z!at8gT0cm19<jl_|LJ!B*T4OLJD_R06aj$8_8su>EP#JV=78l+uHx&X&p~_7zU!}T
z(Pw^kC&Am)pr&%Y!<L1gIhaJSJi@?z3LvTO`G9Tnp+4{cK*F>%C^(6sX9Bua(3{Qz
z-VhJ1NR3Ou8V=yoC4gAh3=B++Hp(!1#_D2yzy$bSl-y?A>_&nq(89~y1DxEvh2<ml
z@((^YpAfgv!uX{EGaM2*OJ|RSk3v`Ui9sI$mU!Un0Em~ibtHJzu9O4`NKUvk8GtO}
zPrTrQPS!gj00J{d0d_Nh0?g)q5*>ID&!_tQ#!j;Qa?M)rDqsNW3+Gi*-ELdehFO@M
za&142sfBKg13*v;Q}Pw$)-4MAt5HJ=+kGBG!{0_$0THwr&|<mq`DGfrGa`XU-;eBi
z0H^U*&;(T$(?x=&m%weT4jVf|xupD##28w|Bj&(J*#g9Yp#<bMt>+RQn5ekiwMc}_
z2P8IOg;45`@6wOeE*k#+Q{;|`7MX<rtVu8p`sfVs+GhY#l-k<|TsB64Nvb6QM(rg4
zRkr}wD8m;T03!5X9kWi&gp1z~HoRy!BKs#2450FSxM*dBV)^NUI((61d}vJQ7ZTkY
zvEH4P9Js$V{Y<d1J*5>a$E<*<sE%1%<R)R2t6d`X&ET9|q`CwnIrBA*xQnNIrKg{l
zuK-2*DX>rSO|SxOwjv)g$V<l+IZxF+7`S=91zZ3Zpwl><0-ZK4khLy@fz})>Nwu>B
zH2_N*u?1@Y>}JJ3-!}n}*$1#1*iKGAVmI@<wDDBS16U;$C4@1?ekHMmo{}hdl7KvD
z0FKN6OcLneeTHu%N<m#7CV;2-Cn>i-x=rFy@0hD=AlUYbkaF+!0bnzJs;o!Sm=0{d
z<g5?eg2|LFhn0V7dYm2P2{?)oB#KP!?2q~4-=2Z^<Dh6%PdecWE70<_@dV031(=q!
zTW(U$tFXgZ4pSX_4usy4j~pn_y5|VRO~*)l;mli_A>|Uo27HvJ0EM+#yll=F{YtmH
zuzcWFZfCT>^;vH)QrdSrN^=bMfE|YR2H&7I<;|Sy8B7~s(u8C5&E%jMQlISw`2Oh^
z`FS+ucAq<`0IOMDX$F*761O}02au=j2<31&dEncl{UkyCx+Na8;hhFm6Lm>lG7Hs5
z4gvPS+DE8z^xi4}?Jrv;*k&QBu;sSQU{`s4dkegdhuiofrQa^@Epjv3l{(G-$-gEM
z%1IDr3Rp!A+<GK*ipPK}_oxTfaT<&yUC8L6!$+D)6(RrtYYb|gzHO0A^1AT3{XJaM
z@${xpSvL~^^-XA=58l3fz-Uqym~+3!aY=;S!U%ZA4_;E1aB{LR4fzOwXT1#`v8#9A
zFXTh3B1t@IJ7b|y!r538Q7+{%S+Q*rzxqbk^x8{_?ycwDvTNOAYWsSB)wBNgDb0`~
zf5?%|Lm#0yNUN0&aH5`*<`~dLBsN7GwgX<&RuZY5B2f1csk>0F(aXC;U>mRTNf;WV
z`<*F`6do4pYCvhhQ;V{rxPsLDm*#2i$xMVhh%{;|06-5^8)Tj=5kjZ}<wa|GB<RT0
zLL#EV1%)4ym7!D*G%nA)K~x!>S32Ez&io6B@+DwW_O;sXy^lO^=sB0(aS%h2xwQ?|
z(zXK+h=B{2p;>g4NyZ(w;+}Cuv|%JFNeNbEWehrEJ-Abk+_>^}=VJb9oMI9&=VRva
zt7TEt6SlfLR?At5PR{@v{Svi~y<KRjLmO~kGKG#MsQY%DjeSQ;?z+?9drF_8Q2h4y
zEs)$~ynTD7wpC$CFp?(>l|>WN??WnLq{}J`SQnt+K-Itpa>!Komt?Fcx=dNQCO>O@
z`@tUQ9+vqjZq2Oi7laB$H(K4)E8?C-CiUbrEG9vV*Np;3+x_*+e2c!xW1<0@+6u8v
z+LmbteFuo?HPC}h+u(-8IZXaU)tg1F_pp-~G@TAMQ!Q5aX2-=2T?Hm-(c2fhcpIko
z3&8}mlieJ(SlF+ocpsWU=bI=&=-L7GC`--kZFPkhBfDG#PmDUJLV({cpzue4N{Oa~
z|LIhR@(-%E#s=q4OJX|cZ7C*SpHqJZoEYj%%kHSF&4@#bLD+R7DMm1QqfDQzB52G)
z+>>1MG&t(wPUjx=%FRhhQLWwuB*%9yl7Ru6r<+VihI6!LrN{1t3u~u!)jmhY1zn8u
zogA<;rdk1H;7oCL@-I^|vBd1E)vb1TcTAIf4q@YegAsqh5`TW`X8|j}div587Jl+W
zVU$^xM3$LL!Gf41U5u45tx9fb=5d=#Z!Ve(vu5dj72Smpy)v1~DsQQV=$(Y73t0fl
zm}VDm9N$DY*RUk<0g$F-`G^RAsXx#<-P!+PtPiYZiIe8>x{JeAm;Bs^>&L^+^uBkA
z=_;-l8>ns*Vy)Y-4J{5W)qSB250`NS&prw)Nx62%=?c2*(&fIj^Ob;n_lVNvLr!}1
zw_Q5FcF~>pYoeEWcemW`5WSZR`1x$D6u66~k$`s|Czw$xOv7U9QcxrvXOHuC64uU$
zigoA|+CdQ7s4J@jPnx1G%O&r1H1TWLbF;VCWn<u!bV#^4DlgFa3%0a)HrQ~vEux($
z6SRVMinVWc^j9A26YHnJS{iZqm^3eal-kVw;nG{C?*|{T8S$%vqAY0LXNr1!fjC35
zW1I%AST~#YxIq_09eT=c(YVz9mv$4RKu>LRR8<N<v?K{h&9_d$MlICDLA33Ofw+dq
z)A41kwH`p1bg*Pw8(_WHn;I7sH8Up_qH)!B9Ke=ltnMBFipIIcjF4FOh>x*zV&kL3
zP(4FSM9a`nJ+RX|j~j{k`YKJ-9&j%;0ehYC1BtwyKmh++Q(4oD6i(?&di+8+&nLND
zT>^RwsFFz0NV(HwUg4!sNoXBiTTksH;QPplUMf{fctc}M=rJ+o^U5}gZ*3vh-Sb$P
zlv9m76;EjC#!D1Dq%n)6eeZM<pYctm{&;|nTnh9~6o=S3=y~gOul@BgH-Ro&r1BM=
zjob6LSxbLTa0;Gf`I>_2$z4IQ+FU(!wGXWGvVb#88=Ds0ISiWb$)3=Qdm&bTiB2q-
z7h0lw#g#!fME2^(z&*U#h4Qof=kj|H*OBaaATCK1@SXyQs{4U)NC#;f2I%)G;@3n6
znfaN!j~^>_KzIRju;QvL-^E#CN#Wc?V06Rl7vfdRpoE?)Qq4$4Dw{1VgKGT+dJ*-R
zS>QeyceQO|D~q@a+8++|H|ciGRwir{fjMSYkSsBv+M(%{8iWHVm2MGh&IYx<K`eku
zk%;5@y}oe(YP>*r<Zhl7>NyGhuoRUr43gUe8L4Y$m*&2A5DI)j%d~fk#*r@*#+9hJ
z-n`#-$Z@QEWD)*x9n{;Of(^(6M4F^0SN`K=QxdMzawN27OfJ-Iq^;zpCB$4T8bex(
z*IY#A#!o_fOujbE1>0G@w+f?~druju|0A~gzc%xLwRE8$@%HV#TW%f=aKSW19J%u2
zV+EV?S@1r?Jr-SW(RESQvN6V5jONx(9z`YHPNIx(y3tIa!dsxj8SK7wR~BrB5f`6-
zir_dGx05zowHTAE(DPh2o94|YH!22h*`9mz?2TNQHYB#SzyHMX1WAv)f<S=x?VFp7
z6u++!w(uE&VMXz4+(egi1}Q0@^2ekoD#mKx*c<b-Nq=%s=IlBjdj4WjE_qFQm%Go;
zcK?ScT`5l{?44MgUEDGVKErA=PldiAm0^h507|Y*fsbJm&Q%v=#*_B!d*M=<CHS99
zrPD?!z=@=HT}zggb~1v<DOnA`yG4ttxhj%>d1oXE4=K;+`XN>Q`?8-zX%xHGiu^@1
z`JdgKVlGHGW45`=5B~N<{_CsOFo@8<XPbg-ksl87J?*K7o4;0wf@|(H0@-H1XA$Rb
z6Vprx$Y2+J`}cpy>i@Qc{OhZtA?b!T2=M8DPBH%)sk9-GldJhNj0gVwdH(Ah{Py66
zN+)Zbl75%#zCnQ)ox7s6Q}n;Hl>fd|OHxWcj2?;j`BVJYr3P!WgEW6b&gS6P3UWYG
z%m+8r<wHb0_^*fex8DaM+AvgR9n~_}qx@}K|F^GiD!>gHu9!+``~(L0k39Mo3_Qyr
zV%nbmUqk$lpMp!-zzyMX_}1S+9RD{t|8H{s>OK0u$@%{(a`smaNj2;X_G?oBW94ye
zNzC#O1jv7QMca>)9I`H*okKGGF64m!{p?1=r`T{C>(SrysCmsAw4}_M=YA7&09<<f
zC;&k}^cD;L{?IxQpz5CV{q{<O&oF_o^ETOB|91<6Vz3{G_kPDyf49~Ik*oXxqWCqL
zroz94&42j11w!uD8TsEu$3F*DtLlkI80^>T22$Yt1_J(?ieKTcUXnjAh2<p}rQ^$V
z=(oQ;^b1%&foqw`@8UfR{~0h!XT~`^RDOGCJ6OVc*jImK{`~WU)w%{oNu^wD>DliV
zCjJ+I=$<I@+3k0Ww^rH{Q1<@63HrA!z<+=J|Mvv7NjwMvK_pF@(iGT*i~@)Zk3pV|
zF*xH?yD<z*86%m6OWV&#IO&0QqHh7;xl#Nf6+<MT6Jw+u{U@sdO<)?dpa=)Z;TeF?
zL~VC}7XRld{;z>od<Z5bXY))mjd)Q5$-pBk-s%~E_Ns>?h06P{R@9jhoIhV{I$AU#
z35e<6zjcXNeE<51q&jZ{7}`k^Q<m@ty-zo)H1$Z&eDg1VN)AK`{Lz{FG%VqYL;?;J
z5eWP-1Qxgg1oXq0A1j*^_y1#5Znc?tngpVe*wMp)v_3zSJ19Q574oYWQHze8o(4Vz
z1}k@a0s+mNAFr@y6kYvO0rw_^41=aR<)R2^!NQlECaS#vZfgOYn=||2J2}4yL&92V
zlj#Hi9<yENg6l2;=oosN<i-II7znj55#VwLPRJR=<Qfo;u*5b18Y&OTtb`62Uyv+Z
zNQu&*oDUBmw|W6I`Lkx=whl_sVkqa%1Ay^0e-0PnHg-Z<Zu=>K=LE>U&dn|CW+oMP
zNTmr`ARAuT1Ggh3><pNzPl5GBp4~}qU0vN~peINT0Cu8zHUO}_xCiLUZv^feS2@XH
z)+c1XS7M#Q0Z&CbCuipEOA^3M|5BDz0+CpLE}Nc8*SAZ84)4ZVf+q8)aXeMv|CInu
zta_PO5?GQ?k_r$yQ`zynE01^rcP}{sB-INriY>mhza-U+3?8(wl2ijdiK3qYoRF8W
z2~1dkKSdlLse1Bf`9>}%JHC<q7Ykcj3-yr9kjgv#BGVGk*FfW;aweABcj-9jV(<Tj
zN__D45-q5ud?61l2NGUWBatRLH-^#kDPCtDl~Tlk2WLj|g1Ml`CFkRA0_-tL8jo;Z
z10{-kB=-hjET9VXuLHZl%12X~O^iaEb$hK_Oq0gL@JRX!U>Y-%sKN;`e^xG{NTq`D
za@*JMZ^mo@zZ3m}H4+u+TlLrXw9}w^1eoNoqd^MaKRz7N4>8?V;e|bERk<)>92;=F
za)4BnD?e6=Mrjd&iT|yYK1r+tJPZZ26DFqseoYd6P??MGoztoZN(l>KfDxh0AXjcD
z78f%@9Su52Y|c+0-4bF(wpIib);oTs6BE|CyU2uG5a-P|02sKA;w$tMQaOWKDd$^{
zv+iN0C9R0-4R5A$2pJ)fi<J|t<)K%%A{Goa2|KbRP#ahpPZv~8-omtu*(2+Zrkx0j
zuA7mHX{ppIxWSsN9z4tRQJQ4TW54%l?L`IPr$Z=FKr!t(0hr{gB(NZrRLG~y(*2+}
zlJoxj3z$v%qtB$09;qH=TM7=9!VSju$1a+Y8w(g5e2cAr*EbB{<Wm&&;vp83*^4Bd
zE)BwWOI;B#tp3z(%-!yqBLGvQ$Ve`ktQqS;F@<!&R9KiA<XY3$Asx*K;KB6n_z`Mb
z+Oc9jmf89X6qrBZX7C^{w3|AVv}k`Paq9I8zL8k<!30wMNLN5dE@ByiUV3G+4+@U@
z>iEOISdDGG$?1VhZ}{WWP+L%Ad_oJU=A{;)R@+}W*cUlMfAUS3(2V~ipYG}T(?gl4
zC`5(Bs2*Y<jDd%nq_v^BDi6dL(qCREYj2$F0)7eTL9G%YLHkf%7|Q)7rkO6PQ%;P;
zCl~L&pq$C{OzTip`<d`&P+5IJe(5T|z#&^*cBbb3^Y7V*m7}?WCGaF?d<!6<(7-ln
zl?&OE>KSX>QRM0uzJgL^Gm!F_;sv(ogg}T~aPt60H}7mo?St0izZ_+)6f7v$W;}O{
zTef=Kl4K2JE9YmrCHvvTnYcc&)C{p+X+9|O+m#g(wW!ghDb_5&`<k42$G^P*Xhb+r
z@dC!<rCktCT?%VQpaObwS~={UOKjg2|2-gN30WNDmh*YnXD%sx0Fwp`q3LF3&7|2g
zQ4R?S0jZ!}ybg4;beE(Sf@xhfs{*WZX`qL(OYldTwS|S>pw0zW2+N2WEyu3F6_Oa>
z%MCJ()KQPkqfPqO#Pf6Ya=TK`J}u{=Uu4>)%l{{V|L^D#T*}UWBS($(WH5bGoc0GF
zV6mS`mIc`SM_ov6(?B#NNvT9)-y<UV^4m#Dr)b1jwe<>kHxpvqfR4$^xs5?#moYmv
zz$eLl;3l*Pv-wfsU`z9&!fECR@1t?lZ%b9508gRV=0jAc7{Q?~G|!J3l&V4@tRA5~
zz=lF+msDX2hO96TXw47@H5F7q^er>oEl_+-eUa{)U0#769+l&fc?Z|oLLZuAa{uMj
zFt7w#ADa==gUNuBavnKsaxR1l5d=;)h)|UBl$W;#EVrI+3rOh4dMc8r2xVgd3ZZJO
zsO}~$0<sA?czs))@pgZw3iH^DroHVAHE1gmkLa7G;`T~w?Vt{S@Q19hd&brH)3H>?
zPD%H?H54HZWnN7{EU@YsoCaPAF9hO_jsh>PkGgW*fttwq&~TF<>B#?+8Z;b~d9u5>
zve@#pr7~7UpwY}sNfe%sKQbQk^psvdHrezkQs#?`0&n#ZYBuT^#wSWwWt(xZ$?cJ>
zn8}-cOAa0$W#}!ad}92<!b0JGZ@K)2?tdCN8&@gTg`gG_3>wF@SSC1RJn}b|u~O%Q
z5WJ5>EtD0dp65ATi<Zk#j3B?!IRx#$szQv?ExxY8QT4RZnDTj|lry2shdCRs@aC%-
z=$+;F;@ZRLPg&hHHj4U9m`sQ2s4SFcE!ahfOK0=Pv5>=P-t%V|z-~W&Yk6#gp~>r7
z8b8I*3q=@jwvKzB0qfr6^fN+m!Om3Jl#lzVg4ktjRn)O>_~0Y_SX~bEQ<aD-y6^n}
zA>U~($t{v$eG-)Cv+9AR(s#J#A*jSWHU4F(Kc=Uw^3vitqrk<t-ax}gY&3@xlct<r
zVJypsrvR^Isq?B{@fL`i5|(RW%bM;rJ^qD|Y0O9Eu4thQBb<C5|Hs0#LLbUFNyh}x
z07x^y7ZFrkDFw<2;q_G|1Z$07bjuAc(C0N%!f7O5*`k}^k42rp_+MiEc&EXmJMK~)
z{yuI^%!s8KT2(^hehS!I)fwNRH1=7a|Mc)=Lgh1Z85;4kZ19$RveMG6Zvr$YAH6Mv
zF(20XBu9B$_nb!3{6k%HFE8B&%ig5R9-#fq4kUy1zP5`OX;tm<p-Y`U9{l+XW60x~
z&a-A1%$~D}?NH8#a}Q&M3_m~4&2yvlpMHiiXTT-o37T8(a04pACMaKHfro+x2(Vup
z%`F?M9L5Hy{FM8@^(!-MU=Lejfs;}{)#d092nEXtyyjTT0vlyM*wUgp=EqZVNJ6hH
zU#yjA4rh0Tu#Wyf?z7fAA2wHj$Y@iJHRt71)DwNZ@_iP+;XQ8*OoG%r`e&V(D>Z_@
zyi5_7dvhntDYEYhUWjK18Z-~sW?#p=p1!6IK1->xQRVXKDo;6*)MrW67}4-7i<5nc
ze$4>sYU!2mdMo?T_H**i+-Idh88DH@4<v5GZ~_-Io#LQWlm+$s+xCG`FnHrB6p}vm
z6BwpH7(+5U$s+_i^P$s^s+nS0i-f$Q2VsXJUu()=CRmg-z1b?P4~L-It^4qR11_nj
z-?iwm2ey9QTPC29&JtMFRs#`JfNpb}cvx>_2?T8<gI6m?*qYo{{?14{&7xiMu;2Sy
z2OWPC!)k9<N>|pQ;mSMoN&~`1=Pdc~nkw|#Lw8k)*J7ekHhOv@zZ@I+V0E2)QiF<0
zbd;Ky9uh%e&tCvu)cKVi#YQs4QYYp??_{MCG<QHzXWJ=O!l5TYqC{yFg!~rk2|Ic4
zRu1GKpP{Zt3U&_Y_<z1N|6Z?gT&r*10(2$uOPd3JG2eLfgA6#}pt4(7Z<Zs<aDke|
zI@n`*d`tD%qLTrP{Co^)KU0aHX<mJgcQG?9XnUY?NZazwVgN>frj=B3s<Z!ev2OSi
zP&D>)dwo2lU;`46{Z+65U7JRHxW-RYj^O<KnA@k_v!&)<3k^>w{R;b+JJ=%<<NcD?
z<&Nd>Gv;}RK|V8Q7cFa<s?;9O@eJ}_o1JmMGbv;^rX;awrHb3WGIOGI&QOU^2OQHY
z*uaCmy^rp*Tzj&8zvv{GwoZLtD95<uo(j*YF(Ajg-N->{_Esg{3-!2w@RB38HYPfH
z=DI#HkF+aX&ye)rcAtWmq3kewfF%g!m1LpR3;>eKuc9Lv<TpSwrO`jCzh&Y-mjk_Q
zzywf!j*+Aoc(=}DbYnpYX4ThiPTUOUqzvK*<9Eoi7VMczvUbb_`ShaFbHd#%JLa<I
z<*T`5Jl1ii^TNN_+^Ga5*U3e+;W3yPe!s$~>T1)I`R}LE^7jwyINv_t@&0l=wTF{S
ze?#vplwPo$t6lfQ=C!jFHJHSp$~%iHyeCbDrAh7c=ucc!)Lat+oADH$>vgDX&+;6#
z86dzLV(HeqYq*A=s;_4VI`3gz)b~hL=!4Tt#^ChjpLO2^{oCFI1iQu?UBg}13D$&{
zARyW+)zimPEAkcu72n=1An@b{-3AM*|JUopHmJu6C@cES=Cv;4&{ch}&_Gt`Uztd-
z&Fdp66n(JPA1>U;9Fg<gTwht>jzMWUm%4)bH@1F%LuBeK0&sfXQ;?ckJ!%L?g$Dph
z-!fn+UBW%o31+2qg!8CH13KK$RF@8H3}Fuy&YsPsyGBE<B770}(j{%29jk#WOo09@
z3j2<hq5B|IXF;Ms%EvPmu>$%!IRFuK)`rs9H@hb<HSTC_fPD4a*rHL<CJ?FOCu`BU
z#`kcC^$k}^ny+3tyNbfaNu*J|y9f@jwlGp*S|jg)Tsks!1}H|q@L(#6OI@M*1+P12
z3v{w0`@Ar6aET~j*3~UFa3i~L;W_h3tN8$2=X2->x$<b>1UJV2WRKL;Ymx#urrii!
z!PaCIpt_7;s(HOAhT=MA%iDrohLM1B7Cx1d>lp<2LF3?U!Q;g1DkbbrWcV`TeYHQz
zOdOUi@?Mkw)x(kx7KI#kQZ^Tk2`Qm54HcT0_hadX#&*-B2xy)3R8XVTjK0Y(YL$_y
zKbs<7BsB4Y^@P6y0Xds%D^UHGZnF6;(YiNj;V|s!%0flVb;HKauk?*+)vG7M6wRsm
zPvm?wyP^`oEDsjKq&v}<0J(>_&6`eMWMu7bW^egQpgJe5Fr;+bF;DF-rI;^R$_|%a
zW_~Ig4;nJ!KzbstY|2qCV3f_mSi4l(<w|J^+!v)ta)8~M=pN2zCxhk#Cj7V8k3RJK
zs5f0lob+WA_1?$|LARZ9dkzDcERqnPyw(_cesSMGMG0!zbWRX(^CB1^g4CQSixEF~
zy#uaKa-Eu&y~o(F0*KecU@nc6`xRN7Cqr}c?&FMQS%mRGU2hJ!NHrH2d7hz~hy93v
z-gU9P@A??J(?)NkFP-1l5GNwoWn?(=tLD(7S14&Da?tQsr9;##&WCUcdSmJ7r&~@x
zK6S4%33|@)L=1r`=fNY<DU7u8SmuL>v+v7?=u1jJf*gAJ@SF6VwXXr|cY>jCbYUNV
zT3#4W!u30BaNm5g>e6it<2zoJ2&M8RquKr$w~6(k;%n0vij515B&Hg!5%)5G(T%-f
zSXfcZ6TiQ2xLu&AXqdi;GKkN4dgwinQ;!2?l?_ODN=VyQ!T!6)e-S3hf?u64R`19Y
zl~5%M-lgXE)q@F=SO{6Zx_LRq=D0j4>}=kA-G^TdkRn;|=L?EiPOH17IjrOy%m$_R
zpOUDM@=x-7O{8r48`y-6?xXsgw!Y2m`I6K?t+Q>RKiv`h`3F%!MJ=hal-u;d_b!07
z_6X0=9!RwuhVu<U*tP^sAIkx0$rwLe5N?^A%kqnt1T+<{BvXO~9Q}27UQ+YnOKcxg
zP%YoP((QhGEa{BD>8Aa!GxFvbKd(Q92>WTj%zyuZacD;BXYHf^nguKtheG~;c!~V6
zPPpyBOZ>Py91Ot)dLPqjeH|;hdPDw`$^7F3V~JFZudp9+;!nCM2L1UC^xqRPIE1Eu
z&sB+XOZJ!3iS)p<o{&?(X^+R={PhKpo*N}Am;zc#@=^bO(0@J5zkOnPtBAasB>5V=
zhjd4UjB1(#_WVPHjY`Fpb?%G);|>1j1jbj>R5$E~k^c61FQIbFW6VS9iO-H7A9W?C
znXhyhZcdPNDxMK&O!`$EI7C4sbP>KSl-gZ|KZYAjVZ(`JtG7I%cDQ`Va-OLl=epm`
z@r!*tWBZ$+d-7Y$$<b*}S?lq~em{oPq%k}cee<VX)BkgO@l3oqi5G5W{k-e!zXz8k
zgiHx{RnhX*ug8n@Ze~$XFIwGtweX)``RRXo#H*-P#i$kk$8YcH#Raf^N?;sRA`2E4
z{EGXMIXu^MLDFrpRM`0VY>IB0`5<D`Ds{HfKHTnR+XqfscHzq7^$}$)YOz_TiufnH
z5qdo+xShR({r$`&*aL)H=QFmiJ??Te(wy><|Gvflx?V*HhzUq(uVBRvR^Bw@-Fg|y
zi4D1)>bGv4odRjb^&0B<fjZ01)n}i3F0Zj|ldTcZ>$fkXKkLrDVHN(ExZuO$BI$SP
zr;j$+gxtM8Df}Tj^&68zqV8&~p0T~ecXT)(NRIKTXNxa2T3x`EnxiuDcjDl8$A3DC
z#;M@Z6s*WtKmGMAWK>L}ILbIAtYpRp{dJRbu<R6Q2Bi^(iOFTnKmFbR`GZync-}E-
zBH@VN&9{c(^Wb??*R9cWcDME!bI4??2#$;;S=!&5vf%yg6wrd`P|Of`EX}wF2YjmX
z6LN1_Ib1nkE7`FfVRB#3+=31(mx8_2weN4BBZyXyf44Ta(NW@Yupi-A#YSnIHF6zN
zyt<~3Ra%xB-7nJUjGsEBju?GNB~{6{FV#_}kPYi~N#WI+C*Kel-^N!~luaev*JMa|
z?e3vmxO7iOR-xB{fS8!p6|mPST(;{ukQW;HI_;Tn(Z`J)m=!TgwD%eeJg}M_4i>({
zgfE|zDE;ob%e2$=Sf_{WkD@{7j^sL~_Mj}@`0coNuNzoxH$j$TjC4gxO#?6J;#<)I
zGuyl0SEmc?Fo@w|b7c}WJRex9S6cO)OqBDjl&~H6W2E}g-e*7;F9w}==eo15KB5`U
zxx;5aQT?FzV#<Hb-oK``qEqn1hoFg-=mdR8n1$!^RDa=QZLnF^mf)~a-}$z&fO_Fl
zd6?Zfn1<yjTY0|Q@ptxhNtR6}{hQIBXqR>iC6<bOEvdpgV=h>*cE*%!RtStzS+I?z
zbJ?-Dd-!n&ms2=RAq(YpaSmvgx$O%NQ5}i0ac6yt4s5DS<)+CSTXMc2UK`JG%a+FD
z(ALW6+2sp2?Q>_k8qV=9tc$Ix78q6JlkB|J?V4KYjX*QXz3()O0vAn&lwdtIpi-j;
zc5P-+tb%%@fE`-^GDN*PKW~NS2mfAQ{^1Sdtx{}#h?>$cwOT=v&3sX@U#jR(b6oL>
zUfN(bGNO+ilXBmtky+Wx-RydW@z9AH-`sj<xrvE)TqXpU<-?MnZFY;$IvnU>9Ht~O
zOH0J8@fRw2%Wq;Z%P;v7jAmT1qZ>S$Wjoh}H`QF+q7ppt@(~WfwEZdDtt@y2w@l21
z`UtsCAywDiHMnyykL~p#)>P;v><2f!u|+tigC={>HeqS$_Shviz47G3*4VN(@xHSg
zvpJ7EHs;D4;%Ns=OJKt2fW9NPJv&WP>{usy!JU}{%UK$1y*iw8dKN35mxL)u;A)We
ze2m(xDzai4>N(pRewEo}Y$0&rPMcBn(zZFfN4bxB-gr`O*X~k+M3G$|*W}Qiyx{0#
z3$`6qs&wv7FTg4e)5|sC@bzh*xG25XhL~A;l#ys0)e3bePMiv1#V>U_&y7}MI>$_V
z@(hHlOeGO|lf8i}48FThtSar->?8vk1!NY13b>2dzifw{!d)?IDVUo&C>iSY!qIyk
z8b9C~89+%P9J=(1s`BLHoetwr38mHW{f8xLOWN$CdfpR`sl8kmn;c9%B)?^|yBF{A
zaK83sq8GqEhA>W)t5WXx3^1YRmle8)3#*J7obI)G7R)@X@7ot2Aqbu`tfd(R#gyR~
z2+S^8P`?uNm^O+QfbNRgdVzA-5-6=nQ0kJ}-Q&=neYG_z-*0W`Sgm$O3;Jt$PS$u!
zdVjmG!-xVUWbi(U8P|A~^d!rS=oOhds>KMEfJ&;do?eW4yl9K{UZoRmd~qmux-1H`
z82#9$f5fdTMp!-AnLf|3EbAbNO}$8>t~55fCEpft40O@J{n3S_z7WUy^PqN<Qj~iL
zR_$7V+u3m7bTy~)t<-dr`O<Q9bGL78IiG8BR0HC5rP$dX+d>)X#BmXKB*JV_P}263
z9eTCRd$<p-Qj<qZ5cl`1p_k9ibetoXkV39P4(=u-<H>Ik(U3R#CLcQV@^N=%P=zlK
zK8MH_MH<*h2*gxW=zCV0Sr-&PG)+FmIkaave9O0s(svlG*m!MZX3-atwhN!yuI#Pl
zmUUD))?X^Y>CnD3L9FMR4Jl!#i?ikHbFzr;imgyKjk{Z5uU~w$P-d)VR?dCf6>pFo
zlDbcX<m?3}I(xD=?Ar`z`?{otd2|$R<SW<GY_?RNg*^FG$`j3fLn)1sa&y6?i4q!{
zC~RikN0)3Zh5R^cNwcUo(OM^yQNT4HFqLr*Qesh6WD&c8Sg{`%pfou6ggWEA^VOy-
z(|-A-yzr~x;zVQT6^}#xT2{h_77Tv!gOeVOgPO3aw(L6bMxXMI($jOE#Z-X_)*E?m
z+{W+`ODm~8#r6JTSSs5oPkQBEI4pW)RK6=L<wLIzifmmC;$^&6_tMJAcU45{fX^hx
zf9>Rq<0=9^yyYY{L1|jAkQ=?s#608}2c6s`7!6vpkGQR&@6Y*o^kfhEv!YR|?6c%8
z=}Yq=6Ub-2&R=XD^Q-cRSF7ZwiUaw4`zh;IJh1u9C`@TDF+$WWm{8QWe3yuHgx&EF
ztMvow;Wu;}&@B74*&aurf6>cOrN<BDz6KdtH<c6XgznKpw<$d^{$-_B;V2={JsU*D
znZs2yqX=3nOM(Ek99ST*Kn>;3>jNt7^6iMU_2(R7LhizH_uCnHKH{9v%eM!$84Z+-
zgrh=6fI<Dk4l95sW<6l3f$EipG%ju%;xq(53Z6%{-)jt^%-V7U^=6fx#@(Ms*>)Y?
zX%M1IV!JA#ih46a!x)D!+C{(VkT~o}(HpnGar~x@ji<i^HY($w&>hFbvm7FBcH1S`
z)bqpMbV>ML>b)e*D1*C1?k|L@dC_T&MX9l4&Stne`GN|Jr=dT(D&I;9**$&*a@b2D
z_LI!)`_0RP&*ir|DD4E%4dI<DkQ3N<u7(F&^U@tD^|P~6jh4*v63vtjCbnNv>ZSeC
zVI$~(lr`?zkd8KwPJ-UnX6?yQ?gE5y3~h?K2gegf?o*D|s0PE@2oCgGOi@S2q`Dq^
z7@w9_u$pJC_4I_CE71j?Nd7i(VIianB2$@7I}zy-znF1OXtm7Czg?CyP;t{=LvuN4
zCg1=fGh+EM&t#tb?PKR%*v_Gs2eatAtNIWNg*TLfBU{hM_r@{B87W*VJL3D^6Zbev
zFUc58=gLP_Klits<X#Y6rcyVwV@GeOWGca{;$5+keK>1*Hzn)=(y3d7bDrRa7oEf+
zHx7=BByS}{%Bt$^Pn2{8n)F}J5_iEq<HK4PJvNN4T#a9w%B)Uxa%Y0U_};ie&`4+W
zq7^|CCYoC9=!pK@WDBwP=Jai)%$tH6_MjEShN)^YQiYf1I#r>qcKkE}0yepd)}WiS
z3ExXmc>|*=C)~wby&0{T9jwEewW7>i&((mpiiM(X(GhubG?fTQ=KwUwbGCbF=Y-&m
z0y-S1A%EwEw@VIZgxPYi6vL{VlFbNPYjZn_m06jejGX8P<$R-)1vx35B@|eDihMQ}
zH`{n1YvZhz<bo$o%}!H&<N0~SY*9?p3PC~n44ut6Fg*{v*-zZmGa5n6PZ=RSlA!|V
z2>cmjeqcdcn~9=6PD-Svw9Nl=NbMeMB-grDs;5pqBVxl9$FGU3dFU_gQzADTQs_S!
zZ|5ema$f@X{e!DsRl;TB5az2!)bo=4dXZA)E3<V`%O~~wnoGwmj|ehyE|wS38cD%9
zLKeDxkzKp6m2)}1cn^DE5paFbIeiA+h`2zjZ<xIeAtQt^vUbiCy4{oWick!uoLKRY
zVt=>WL@6GH{f^Z?w_Ji9F6Dq6_G~%1XLKO6y@$|sp+CbW5?&K~aWXaaV&W`H{orft
z(h<hXO@a=u{R53MGuqx9T`NP&S4Lo;co*8wY8CF=By<Uw+WV()S;I^+p76o$!Uw#$
zmLTjD0o{8N$OC<uM#?x5m$6+<G$9#Voo}kcds#aSNr&yiM69*ChT~a3%Ez7!gm=pU
zP(C8Y4&s6ykl;TGADEuu(b!nC@n5-tZL?(NA?)wtOJ92i*d?jE<9gYlcgS>!ZzI?!
zA<(yt<MV6t)y9j+(x*+}EH3~|?OXs{9OdT`ijLJ)g{a%ZqKH2r4_kHakVzT6owhxt
zZr1eXWgb~kNHfj1Fs9ke5wP>?jQ8|Pz5a6$;n_pQmzg%pL*>u>6&#U$T9^<8`BBR~
zmCrJeNPJf$*u!^X@Fv4f^fI2=sNoN|*Pd}`vqDj?BKP<Q{w5xurmsts)fEb2ieO*A
z^cGne9$Zpe0!;zOA7@u?;?fYtUutfxv_>y8#KLpPN=1X_gt~ea{Q|qQh|?2omSlbK
z;3P2^`vBs#D8n3jWT6`kE1;1KuxLQ^C|fvuZk@}(w3H=kbd9s(%7+v3ZfG<}6`=sO
zoG9oLVXSHD4x=#p*7_x>K2agji5&@vquML!_8Vy;Nabm_6@<e~Vp|1x(1in<1VSmN
zlodL4L`-JzLw$U2AR(Y?k=sAe^T3c5*XH^7hE$uqa`6adc%a9j(N7RsVxU6zh9UAi
z5)uhhSlEn5k1X@YHts}4Wn(jWZdV+}>Q$+kNUl8KDqF(v%#A<oi;$9N$eBh-_2tod
zz|y7M4mm}uILS?*oi?qnR1`WvVPsc~>O47GFfjI&15RZB$O5~5RZ8LckV3-#C<FKK
zki2J8k(b-E4L6QGls+*ALUUI@4ce#{4RE0CyH+N(Z!VxS!^w+KsRgC?K~;D$PiP{H
zo^yN7Ct2fYmz;I)DFsvrQj{93F)#Ay?pl7flRs$|Y}sSHrma`h%Fy`PeYQjT=cy)3
zv|{@G#a5^(>}<WCyO{l2vvilM(rX<|bS}PCx?~6rJ6=CuI)74b7mfcWEi?aZ8_3zd
zu2qUy8`TExTSdUg++Wh}?@sO0J0fY>;I55HfyYv;-EeD7ocbjMdcm_A9<N6ta5aJM
z!CYs(VI{_L_UjEc_<3>}U-6D(_f!;Iit&{j%p(={nN$H4lF?m;gJ84F$F8Wy-s#=5
zLspd}f+XDQLM_$D?ueIpL`79NNeGTo$Fgos9u+o;?Z=LO<q$0JJPD5+emY0}#kgT_
zxX&$uY14(+9T5{iAa31Gjj@7ujgLXx;Gb2vU`Mv>QY&O01Z?hQ)^9n!^q+)u1=MHd
z^?20dK#SkU*Rz>Zc)o}RWlxUF)vQOU^X%Y!YDGWP!ExuOJnvd0&SxE9np-5B3d*=#
zBWx?H@b~t1UK@`MK=B1{Y0pgUZqbR2Jo&6PBD{V=D$sJH(gokYTBKR|5+djoik>4-
zIw28IetYFC;WBTr{hI3@@87wZY8aIc`=HV)oJxKB(#D2YLiHr?_034OQaWS{YuK=q
zIuyV@hqTw5jdysSEqc1NHU3B7%7mn^RQYLrj|ah@D)d@#&O2w=T_Bxr3q$JxeaNJ2
z2~>>guP=c*=q#F5Z?=#;_G#w5mS^(e8-TDf{+aj^Dp^R#&bwQPiUi#)iu>ZAY>uFV
z++K0>c3UlBv?Rk8nXR5U`>>hj3&PhDRD|ISupYiQpn2SmIn9^On;gwFo7z9$zwkSe
zTbi)xzI<nwyEEe%0JCXB=F7lU@*BFLJblHUnzpR=Zz)Pu2mz^2ar`3ghH(4gf<7ce
zfqec0YxHewCnV>s(<`ZLA&*1vXb1r*(UMkYTGf?dVnwcjm^1Ny-aW=$MhlH*j)k;u
za%pXe1MVvmE<CWFxuvSC(N)OWcQSVI3|_|b{RiPn9`gad&9%{D`Q6ZmZYk{ZPifr+
z+)RRp)SnGARHeijn|(9(@Pz#lSg^C<v^21VRl73o#IP45XrVA7j-m9u$2C-eUaTCl
z9DXbuyNEw&6o(3(eD1U5Z5J=@Sml4yNSr6O1l=JGtXEe;>K9_@i7RogLkvgg%3;19
z>X$XHI2Rh0o#VqD4U}@fpHg3c8)MkTI`YW<N*8DA9giaNil;EK$3$ixi8_L2lGDvL
zKAi0(?w>8y4Z|1G@QYN-IKkydng;?N<FB9d+&MJ3Q=e+@jP#xIKo~bpy2H**AvK%6
zzr<--_MbcAF5$X)k^S0JmI&-!3q9xiE_Eqc%yf{I7^T1uuSRO3(|1Nw=$9{z$SuKr
z#lKe3MI3RTL)~5X8le|Igv$}=tI7!q$$Z*4q;<OD&{($zFS@#W)EH)kN7oCN%Ngla
zNvT4<i(TZ*;_-i;_mI45JDd$OV#&asQ{8$J;wZ84hj?mrn)5{Qkd8p9X9h7`xHR7C
zt}10uOpj)e9;RpIJBPuwbHRTBDu4T=SV!?pC@0Uz-`7KC$Ej14{q@*gDFUXQN_q{7
zWxDb$9y@Y#999rgS9A(n6AIzLsPg&;`%-lm`(76+HzlOhGSIsc<=`+8ouAKD63gQo
z8~;FBVYr!55gT-^5PE@Ad8}p`@8qMYCTu0_8D&aCZXD5&&nnrzcjwn98eku-;q1>+
z@Nc~aPW$U)8To?%yh#3W_0I1OR7@+Tq+VpJyf}CrF#b<U;<izeB4@^*_nu2$xsYch
zktpVDt~!TCGV93crq<j7*rq95xP1q}r1!b~*nWB)!PgEs%_s1`x2L$3(~#(&V4NzI
zJ=&eyb!(pK&Ay#rTHeZqqJaV(W6o8qG^doeooNQ!_72T3Lf$(XAh9)zMlXni8~p9E
z--UiQVadp!0>qqI1?<+2vW`}$NF+W`nPW2YMR2j^81i*_Ol4ZTYn23=GT}{@?&SUg
zspO=b4~S1C|M~Cy8!~-P8mMWJ$B5IvtxVZc!Mk8GEW*DXeX`&)Y&T?bjGH&^dHj4K
z{SQp25tIf|IQ-kQrk$V#ka4ToF{tuyrwaArH_o52k^Y)w&q@@L_e`WnmAm7?AOt<H
z`F!D*Bi1l{2GnEix3Ua-nM7PbpkzT?YNa8ihx102X6~FmwMO>Yk%F=P_+8(Z%6I<I
z{0d>RvI<d*B*U8=qts;N*FH2{duFEhd-wN!QH@TD<BDmaM~k_H%*{?<RLB4ZKOQ!d
z4a!pi<tKoZ?_ZbskDvJOfr@|%UGLIA{`JRu2Nhq&p`IwcBduIg&Y629F3_bnY(+-S
z_1y;Mc&X;P9>w4N)+i07sD~!bRchCv(rM7<%eb$P(}Q89*Rf+M3{f4hD6s!nge{K4
zs3d#kWItgRoNt$~Q}vZqcy8SAI)5ON4KZ@$;yLBWaB94{@RYdq>!URRHWo6QTTh3J
zoCRf2YCY<c)_)6R|NYg$pPYks(Fc{lx|Ee{&u-i@33im_gbIg+#SM=hPq*c|KCAHn
z$2@F+BO<$SElm9(CRc&+fWQZ~r_M?J6<PG|!LwR*DHQ{=>Sj*r2>oK5%>A*R!`940
z^wP4wDHs$-)7}@)!PfYAqaCNz#mq3cuNRzm&8K=z%&pyX%>#u@?Qx6Hay8Ea`&tvL
zMG2YVl7s!yhE3-?El!i@blA6jabNfZlf6+vl3cm7vdmjIbxsNUM;rcl2F_39X?n<f
zT$!;Py42HOC$`19=JMDiN7YdN^Re7y`_YW+;$^pHCc;BY{WCf}S~ual{TmQ1Ukp~q
zar2eLCJCxV(tZtay{CpZsDFhcZV36#&rxpfJmPXyH&4d1Z$*k&k1s2;fB#gqo<FmQ
zZI7wueQ*U{?b%F@#ZkWCl+GT()#&P>mu3YR_U)vWrusb`j9N6@H|pm%E=bxo3fLRw
zz2$lQD~$Wk_wg>CwcSR`^BHZ;@Xnm`<%Dc>{-7@jC*4fEr=V`^)W?nK4nsE(#HM;H
z98s8ZR(q+@_1vyy8ulEyAxd9gfD2zgaDGLfP}OOAx#sBxXGQzAtW;x|*;oezuYgnS
zHnin~*jS5HlYOl)>n+VNA=5oH=4nE<SzCr3)n@-Fw~(A$>6~XbT-BDv(WE@FXP0_P
zcEozobgve_U#+2%n!A&g7`0g9(Bor9ybwP8eS~ILwF?J%xVhP9J;rxkyaL%ZGA7KU
zQRY*~IcEvUNz~^O?+qKv%lF6T&;PMpSY(xO`LQw4_RHg{d}yP>{%j1WgF*yM{}agm
zIo1_JX~5jEXYCqaeOdTi2A!{O`F3ACAUAoY)OE)xmdnP!0hb|Z6ggEGQ|o6!n^=FZ
zAbDQYv&wDogs9^qj0XpD_A^3+-VA`8y2T=~LZudF2ThSq`aNMOxM5%!WYYtS?Gt#6
zzDw}tvLD@Pt15mtK6flB%$q);y!*(7LC=;eWzqO0irCX8MRr?XJyN0$PF$Jlwj9$i
zD8Ax5Az-=ufL*IDU0?3t3Y5!A7&aZ7X*itvWiU3svL4O5ildUKbj9AcW|QjbEbN=V
zoVWCG(_8Q9@!!Rrv^TW79Om5(Ap#BCUq7k4soNIdOARbrT7?YY<_=>=OD<2t-5SlJ
zXCR4C%jB*X!YiMVa9IC(*x{4oPLPMh1`mlP7f;OzqN+$GIv~#4lRnPY3`uwywW8N$
zWTy9F(uD(kz>RF*2dFiA<D+Vw@qLAo_P|(V!?!(%n*m&!fVsJepoN&B)Z_%qO0s96
z5DPua!jQU4mNQ2B3PeMU`b^m5M*f|OZ?>59TU(C1)_O=@Pkx?*y5^1gn#o8Hj<$3M
zEuMiwuk4F2egO;oYamALC`C^WC4UAy&8j}@FYjv*o`<oSFu3oSWqD<hPGdmIf~aL|
zL61al>mN}2#nJ}_0V;`0r8b(bjpH|I^|39f-Q@s~t*lMuu!h3!uH$r!#!fHiVN3cn
zik}kd%J$kIr819&i{t02ssv%J4jD44<KMR+f|4p1@K#<mwD0Qhi{b&3x27JIss<8b
zx8&1y#|_vWA}(ZC7C4E}#XIj*c9i-+KKc=S2bY$(33aH$S#ySu!yru~0?`!;Y<tM1
zRCRaaA&+=ur}Qz)QuIObt?&qrc5~?{>M#0tKfP^{bX}J=E^prJ{l+hW&@U_G!W#9Q
zTs0(k`z2NVy4*{1hc`nB=B6}?-I+VKm{Mf{^PLW5^FX2xmfY$gm4jET$7JAw3FLVX
zX4+mGV>LuHiyc=yiL-E}{ybP(rTxQO9<^Q1<aRL^^cG^w_qof_$ej&t3^J<+R@ut!
z!GWTOT^z}t7%sd!vYdkBa-CRjD)xYvl|2mfRKnSNINLxup_SQ3dP=e<_I!wThL}3{
zu2%*Gx#E`*V5_@A99^+0+^>ZdZ?lYKuCKS`4I-2|t4?K1?1d<MTfWz}k7ummLa*+@
z5}-#jR-ZIj9pz8MmKrkKk5?<Dq^4f+k6|DK?O3f-rkx1Xv}{7fk7(JAGE^h-wKJDC
zoZYfp=KeKBK$6F4qA4b3-CGWz3Zv=PhysVP2pF2B>X|mr|E$67#|<j%qNf7wr(kt{
z+f{R&@no7mylMPbgO}uk#V$5gcy1O~5Z5QZXmTKkfuM}=;5yP_JVRy#p!r>nFjXgC
zb_0xcA$GbiO{cFl+Hn~JbJ!NfIba;Iq;-0;LZ;fE-WYD7pXjA-oj5be>7{3!r)SPd
ziuFD9HLum(R@Ce2$_gH&F6-927M@+iyhWr&p-hii?wo_}7GpOZ9iTXOHrR)btceMX
z9&V!NNYZd?eKzEEs$3SbpjJkvA3A~yByvhkc?aU1XmL}q)|C}BmR;|lR6WG;Wc+v^
z<OP1E2ya?cTNxgKu2#-@73k;l{i^)}D$z-At#1iu!uORtSe)`rdZLD+{_8=nh5PGS
zm+>YU!e(_7y@1b)HGj-SQlgasM*1XRB?l)x;P(5f1n97Vz4-f@pnEwLiHhj3`njb;
zb+w7q4c>mL&VBL)3K-K2XQ^`@WX}Q4at^5*_650bK4ObzT4)Y2tM4l|plp%3k8baZ
zCLSLhARkvf1(?2dCrQ$k-pUM6R09$}^cdigTH=Ri>Tu1V7VOqKSeXS(>jO>#wtYMC
z^E-4;FELaqKyl|a=*A3pQ%G6uivX69$1Z<i!~-rZP$QaxmY*U!z<^9lJ~ia_MHIt_
z09Rn=R|Wc+_?DgHz<FLf|KdC6zzY9^dLFLSIckT<29lV@-ne3|R|X5LnykvKdd8DF
zw)*~XDx*O~bgZwxrH!dhVI8i#^1*P2!Ex#two=%xY3)5Lsj-S%f$yi9YjZv=6@H*c
zX<e_;dFHO&tu>OhV;OL28w34fEJ*c#P}P@yP%dkhop3#cXOf&R-=O3@xL=tSre3UW
z1mJM?F>nF|gmt~fg;t2IjFh&0W4R$4HV!I2%RsPH39R=o_w`xb3w5t50EUDplA1Ii
z2KW|kVrNNg-uN8yK|t%!KJ#MiHtr98-%5nl^*Yfp)2$ZEF_bT!FfVFSv<Oq^7#(|v
zNBd&Vu~`x&b=Z3@Wh!-lzm$=AYN*<0x13o)x5<*RExKmW#V%^x!}MTb^F63mF5(X8
z?mxCwPpa=!MMC1IWNYCkn)%4jntptFotxB3rkkWN>vLDysz2B(QZO8*l!mPb0JX(3
zP$LwR`Zvv#F7m3e$GSH}M@OR)Z7kJT_3o$<0LfBt<_pQE@c&`#tHYvR^S((X1f)ws
zK|pB)k)c6Qx|<;cq)R#lB&4OgrAr!y5CK6#LWb^;?rz_Ee9zfE&p!L?+5fmM$6ww3
z{Zz3g=ONCMYTX`3q4ke3vPlC#a`c^NZ2aPQ)4`AT5i`l*Yxpl9AgBNyg#52dj&3~?
zXVpc5qj&nrvo|+zk)U97V48X0*9I&g(#{>zl4JL$jMM0AEk=6epDp;y36*X8P=xmZ
z^tXH%q^<kn0F6fN1jBW$&-uh_TV-GF+x|bL9gf7Pwt-}jH_c8M#Qdn2>GCxKbMS2-
z4Xy)bW!*)pkEol=zZC<Lz4Ll*LNePLBJ{}_bh>1=*VQ&@pN$6ATIg_}UIoHGZ6X8$
zm)8hZ^wA5^%uE!+ncd<1NFK}4J|MBw@Bm%X8i-F%hF;KU1z@eG4NGiB)qlU3n!8cY
zOgG^YY&L_oAAb7X>z)Bs<-`q{P~R%ZkLO1B3hAw7b=}iELjg{AdAn}rAQa}Ne!d_l
z;@~neo>hnBrtgWs?dz5rfl2RFU=23f;9v^$q+^~-O8~yHI%!Y~EY@O*8RlD#emGHg
zPi0<Y)!P1{73$)w5g9n9DMq6M`5WULnG2ARo`3{|3rnjkUwK0|4cOQ>)dZkKy|`8h
zr{LKFIW332Gi@c5!+>@d{ZNr!bVi&X{^=*LQ<c;Xb$z(*e6{=6BX+EKmVS7Rn)+_f
zXJ<KxGIoMf(-n=N=ZWo)C|6Wp0tODC9?)MxRFbi~fI=_@@7`#+{+y{+sa93zZ8As0
zbMOeYZ+~6R37Hjz>7w5QQ8Em}zN0{OIG>*rKM#g=BZzML4lGjNjwf;&l>l2SXW#>Q
zwx1)=Bc^hf&-lTkad)6bNMYjwrlQ|Zz_fNj8=(Dq^ALtnFlq~FfYw?iIc-ml>;S&L
z<&Wh7mbd7ZJi^d<WtSgA%2luBJOIHS`(Y;KN>1n<QmA9p+d`30E(UnEF1cGMNrOjN
zW9Iiv(RU?)wc;&MQ=oAxDSj7Nx$#ony#eN|6~prU)`V}}@W?n?O;wq(EdlU*^I(?J
zw#o3KC3Yfziw(-5_DOHf8U#Hze+9B}Gc1dOE07IzK#FBdmRIMvuG|PFhizbucGM5%
zkoxir7^5K2J(oZmoo_rwC9-#B8ZX22y}AI)_*-f#7?1093Sfe6^a3GWPd(4}#xu)C
z9jw{a7yzw-{Y`(;ldhYKvCkLSZ?#W<oh{*c0Da~ba7)|YwWQK$-3g?$`2=Qnn;7fb
z(S747A7Ej7W?jnVS0mT394)g2a*g&x*X!4Tl7ZiWi99)4_OV9U7Ue8cikzVGn%Mrv
zNb&Waac|Z(NRCKBDYdAl_b?d(Q5gZ=Q)PYRCU7RQ;_W>ReXpOV(8(RkdpujgQ)7>O
zGBk}zTXfKkLCD)<8jRr+VJ)f};lUPlK^p<UpdZbazzzkS0C=@^Oq_X1Bt~xJd;My1
zJG^qWzx)71a%?|aM99@AS1pC}1LZar#7P(8s7mK5Pu?ZBR1VgBF4nHuU~qaRvQ9Wy
z(E-FI3#77}ffU7v$e=utVIU(miX;Sq<b)n;SwXVRp-i+TOA0)(G6MaG;JfRSmq{z#
z5h_RgGN<)CkY=eEhI7~>jM60@KxL>aftaTW0r~t@MZBJ6V=1IF&UngVgxSWUIFNB@
zJA^_ikfqtqvsCtLN48|*7dMcO-C_gjRM9v@^ylmS>h#mCiDBE`8n2hN_a+%O#<g*T
zYV-#=Ya)0vJa+izJf6d*Dmx$tFf%kqPHhQbP4BVpQoO5pX>FZRgQr5Lkd|YnYrR`D
zkSO3*`77NiHS^jxVn3!dXXxS3xq<gvql+eQ1?_yNUYfL=jyMo1*XB5#<si-zt)>)s
z1DrggVvaMcpd<C&D^XilPi!(u)~$lG9r$^OM)!jvIAi(pZkcz7_%+&hVL-az4f%c5
z;q^eB53F$|jUe7|&cObp_6GOG2D8d@P6P>($qJcj*MHLjvJ0<BFZ*ep5<j<TF=YMm
zL}$VCd6)Fi5?k89y1Q<@WS(2+Hl354ayY6+neO_)6w%<wF>e}b;eDG*ubBQ|?pe;R
zdrOoQy^2$&JfnGlaJo*&RJm4!lDuK#W{I;Fm?6)XU|sULKKsj?Y+A)+G{^ZY>=}r`
zkW>vyCDz>yu?XC3BDl()Dk-v~?+el{d4c`sAT{sC6a>K?lXg0_=F<9y$lq~7mi3jI
zIea;x2(kNN2~`XsfqIULh709jcW$(t10&pH<o6)4tIP4eHtAa)eJJfHx+}CveI=-}
z)G<oP(TyOjY$FF%2;E*B6M3dS)X*?hR(P~frOU;#a6Sb0ES4`TvjAlQGCnMUm1ecs
zHVe3a*Oi-MS-4ooNzdQ9F@MX+rVYh?O01|snom*oP6oX)&MS}P+~Rwghr;?|7z+9Y
zu3D^9DdFYX(UIVzb}dm%lUo}eqXGPJz}MjWZLHYt(lQw*j-t_M#LzGCfu$(hv6Ogp
zS3YqPRVUBG^7aH$es7(8gW^#&Yr-0v;x8`|(lz!w+N&c4;$I}wo-x=|)il4X#Tj(g
zN#cU=jXZ;Wa|Jr1OKZi-byM|+PgMAq!k%0O^da<VytP9@vbdAHAGL9liim4N{4yp-
zAAiWvyMLtXE6cMoR9#()Go=K5sWGov9<#l<7%%(9#j6g?xZ$>~AMN2@uZtiSZ!^Im
z(-CZwF1=(N=cssT(0xZlHh?4cX%Y-8eI4aRrPq7!+ubMV3x4lca;{T0*eTKN-=6;@
zeOvKdlo2X0D&Y=I%>xxH?Ne1ErXRZkJI|E9bOLFAKTXgEndB5D`n#oCtqYvZajAzB
zwohi3)U8q5kBH##rwW^Kqw5HLsSzF3=YZoIAl*M`9xw2o)C+Py>v?`7Q(G!u+l(`e
zH$`l6AsJb&Hc(GcOA7H;Z5QPUgjdu@{EWR{x+F`bvUw)gHDM@Z-<#$2zVg&b2MKBn
zKfJ5iKTyk3mVRf73q>yF>G52{3I1b<^Wal$oCnoAOs#c5B6uNE?#&J}NVlSr6G)g!
zolB(Heth>Hg?M3>mafu_s@OYpL5(G78vn+<M<cLg3+k`eE+r29Nd-z_?!C%6@j!~B
z8=6r~&o8MMSWaQG#;?)NjsBj;I_>S_wemUN{==BGP=>VowuqvM1XHG0EP;UIox*4^
z03kFg1O8aJo1V|LYAsqxB7)lN6C!wX#=b>w(~V>*bQwb;RiQ-OqbI82hsxV2jy50n
zW8v9LENSBAZ(jm7_K!y&n)vkAb@k%0kkLXkMSOMBm^SDYz5vVn5sOP;s(qS7w9&6Z
zTH>?_pvOv>L2+ifUkwbYq}8x~@S}}#>_jFi1=aGJ*atS2^|mr0QdUUfkO#z0dFU+J
zrXDW`*Y4y^QW@-SZm2e-TWuv;TW_<$FB@h@t>Gw=*II_s`PjY8Py#AeY^(JMTb*^@
zBzp@R9V50PJJj!uMtmAu5wk%l_SQw{#iqZY_E9?99YF7!!SesP@TV7m>GGp*tnI+{
zW9XN8GHkHGr;=^27+Zn3rW1EAL9dt^E1B6rvh<eP5hz`-lB$8p2%QL;3HS2*sQ_NT
z59?@qYD__KvlfN+{t|;do5fMKFfqEr2(9F1eTX}BFhIxJgXkL^Ru)M87=o|9gl95u
zRv%J3VG)&TMVV<G?Uy{s$n>ma4Dw~f`Nd^O{ko-x#&k%f<Oq|*6c6;9DoND|?;DnH
zZwl^5xK|8zH?a|{Jt(QoaWBQbJNedvpQ5f@1+}mv8@m*^dNk3LgpR=!GeavcB2=_C
zQT!^?tA*8rclfV-{C^Q;{@4|ri-WnUwijvFSe(zvO$$9I6;xe3L5DrdGD3#3D3Qc%
z6dELlgdOX^cU81R4+dQ_=Ty$VU*MmY!?FFB?h8JiCvZtE2xOfMe8f>W*Ho*Z-Bo?F
z=8~Ijcu~p_Uq6>eQI+d3O_7!!F%(-<An6Y~%Rkm6MXgE0=*lmO@%sUZSIG;E2!@|M
zsOYdRuDR;2ty@TZYNf#~Xp&PvuVd4kzhrJAP}Fq`y|bNF1@0q8N?jwn5ux=^R$*W%
zUVIg$hhy}qibVObS0O#WP2^PkIo_Ur1-{}tO?1oSsnK19)#n??ViK25*Xe3)4Vm7j
z_L~L$KOIBU6`!v1=6QV@MNL~>Z;~gii4#rMj8!VmzSgStpZj$3sC!gRPIy8f<Z@SY
zRSOb0c$)3gbQ0GyJ#xaNCFOjNPMoJmxgF2C*zqbqumx)?&<Uz#*4-}=^F49_lpjTu
zu>B8jZKED|K;?oTz`lm}7puYz*td+1Anwz-UaHj{U_I;4F?x~qYYmcnl92Tg5}~>n
z7UJHkh-wvHEExugoJ!S+@pn6TkA(77h4vKRYQKc8MhwZ9fF-kpqGnJ%ugotPHcr9z
z>>*qH&TdW#GME~FR`^BOOR)N?aZ^#H7NCEsY$x)3PZFO0?ooJ-FgmTHsBV%Z>~3DD
z4rE<mrskE(iSJ5bd?yy$MynJl64AJvx|o5B47#IJg)V8M4h%aA!l$8xq}E$RXpzLE
zS@uqLMCo=yPv)R#E}PYgTC8DdYe)z+k2U(Y(>K0$CJ_ZGWp}^H@vwT`2K!`ezbvy!
ztXo0Zp(T$Ey^~3S^qPw~b9*YGY(EG_smdVjm=@MA<%<=bzn#P7Q3J)5@I|-wP^-qZ
zgyKFFh%B3OXCHYgGP6+Zzw>4U^_^dM@(bATDdD)^FQB>xQM+4QG##q*YL}#GVU`n)
zi|J!;)}HG;)O{Jj76Ox0RXU08#6JBL8`<Q9{9vMm4U)E}dwK`%QXE=(L1p$fKU#x|
zXYTGG&am`x!7Ws6XK1Dd!v_i+^S5zhLi9HJciHNLT5Y*wWR6E~6mTa`3oHEG{Rf4D
zDxEObcuTVbO$s9jiJKHV{cGQ1-E1Z*iURC%8nJwgu2r}1KC@y!ZXDT<_3q6ou=kUG
z#(>r3x^TTmR#z%t(~OgWJr%bHDSv_9+I~@D<X}Q(DYW7BBK$dAlYYm00xT29d}L-V
zLry%xQ<Y5{eU}o<ne#2R?LAHEIn?NG;=$CGOl$eOd?OGFq5Q7z=i%lwS#wFFti)6*
z9mLysYT2aYPB;0ta3}MF=FF#muM6icCDy^UzK`=85A}Isf55JC`PmYM-?q?DpXwJG
zp`pJUL5)2*wCF3nWrKB4gq&dWFsrg*HQV0F5OKQuV2;cqJ6x;N^<lx4MR;t)v7fZx
zM2&Zw*HNBQx@f7a-plw*ciO1PONC5$Cy}SAiw-E8sR1UIyV__hb(bj~#bTt~rw|3!
z^JzpXN1jQ%E(3;?89xZ4{n&>IEg1d!Gz|?T(DIrlai@p)-NBOIcn)REf|+LECOabE
z-}kH1ZZ@X?9Z}tvjcqeiD#;koTQB+1Q=K^F7;_-VBVQkxuoiBzpoj7Zs3{rLF+Fi4
z7Et7noUz&P4zXy?XJLgtiz(#Ft}el<eeCi4wqsA=AZF7JU5WZ8L<A@4lhQBMUh>)D
zW;l_o`e^}--S!AY<Sc?aVuL&c*UTxpJT&7X{TRC5sx^lPx^RfR2st^7mPXJmETs_z
zlR^RdlQI6T!LVIv`-ZaWl#?|xaUWc&SctUt_T=l$<!2L5MW(dAD<qX};D|tv0>aW&
zhZRc3;yp{t_G*6pXpx!XLuVHsz@KEx*T&^(RkBmVv4*SJzrviIjMzx8O>S|2`Ju*L
zI1z~QGrXr;*zC34OTF@2bhg>sT|O=pZWNq~)9MeX{g`nv6M%B7582X>2z5jf9qI#?
zrYAc-qR7)6MG+d1?QWTor$_H7kU2|Tt>3fBOD!~D)J>wu&H>A)+zBeQ(bj=U+F<>#
zfClr+tF9E!j$LHSYRx=&4vl<VKskEby2_CyPF@Oeo)M%nDx%)l7wMAj@fmxn{Q2iq
ze7&_3q)XSZG5h?dX~RgpI5{26weVQB>wAxZx&p_2pOi5!CUKRCNUS@SX%WtskKZ}g
znYeuqIt^79nb_Ir)LiwrkSjzsXX@!tC&{;Q$SJ!TVRfi<;@;P_aqu>R><;r~Q)F6D
z$!rBP!DVLNGk+@HhueuRt*1&O>m0w2vVh9*L@r+Ot7ocRE)GLQH0oXs&H;C&`2?*l
z;_i_6M-%($C;J!uBQ>=YE=&#@&E{tO_^_`EPHf3m>33d$vKf|&$mK(*#_)Lx0iWa5
zN4>MBt1#_x$)czaCr&W=e6~a|>RbX07dUNb3Qv#7sVvu1xsvxjSj-XSb%Wk+MTPRS
zHsY)CBYY798O$|WDP+}}YW1N2!x?cIQBh)a+L7&PP-WcQb;x5YhHuBS;jW1_u+<i>
z(JPT!^Q5DcZA2)O`X6aIt$*|}F_YRBp1&FPByLh=0JIbfzLL;876GN$O9)>SVa*@t
zHt4R$1xTf^&%@}3RO9P<WM2!{^g?@BlxE;wX>4L^VzoWLRsWT`jDxVj{MPrKN_%QH
zJ(Fs^LQq8&7na9LZ_#@XA9JbjYXA13U?PX1!jbd+_%;qCNSO#fV>@-{sqYr0c%ynW
zSm~Qo1KvpHGS=FIG?XxRcz0ecGVEnJ!OZJo(g5QrBy`^D?H__}#4Lj+6692qv-!#1
z_R7OI5~soNfT6+Mrdr<(R#DOhr+wa}m=i&5XD5Xc>xR6z5;Sp>uisvfn$+m47zo(t
zCs;x3+Yc?NW?TxGyHq87p90<%Jlq0o?r9#a2%|@*JNcrZZ^KLT*=je%!q}Y6GRkOS
zTsb3VQpgO@%q-9V3w8O}c37hunu?nr-1R^&hF9czzq?=+1V&9liSDy*tLK4C!BZuU
zXifqt{q~mCjO0`q0oLhkC`B!hydTx@mvn>=t(XZS8`?OX9I1nQON}~IB{s`Lb}&mq
z<6!|(z@yL0PIgL=3NP<5%%I315@oUH{m>~1Okdu4I^Dv(Ny8HjKKK$xy5{X*i(u^F
z!(8tt7uRNja<vf*>B3h1wz7v~tBwNM!sxb3At(0-1P;SK<6Qz@za7*slXGh=QyUZD
z2m&iIN;f`a>i=wnZm;Hem3gQ~yv<vaYJpU;ZKx~d6qea(js<5nC^>wNzG70mUFnDS
zxUgShX{Cz;z!rdO)3$8@f9Kzy>nKEG1GbW{>Yd~Iop>I8T+>x(CftCe^$$2U5xPvr
z)$7_{z6{T~^#r1>{3Dn`F(`WDnR58YM;Nr9jxl2GS@EkbxB85d0LuhEIy?L%vci=T
z3={FpU!?E02Cq-PjeQg*<KWQG=-xdmlJyqKVF>^g&U3=14nk+AM};C8xIRRVswah9
z%>+;0#V!=vC>^;q=Z_`7K6<5f@5hf^nd|Ocd3cUQhMJ5GbUCzNW~sP^B7FnJ!%-XE
zEuE&zaU}=a0v2TQt!2=(I<+TR{gd_=AG6?#7eS03)Oin2pV4@|==l)bFDxrFS2`<m
z#nyHShyx-PzOuIL$^)#;E;ap|3Zy655A9P*PnE4vtL4;<(mSH9E`pbcJ2$V~E%}Q}
z8are)M_4D`n0a15v`L9!jlAO|mQf!rS6eRgG_8K2dxMPE#`~1Ykiu<Syv=n%=}?J|
z7HT(yz6wleCT^p{zvr{j78hV^nCRqLlI49j+9&+B3rVoRjHY7T&{UbCoGE8<m!+ut
zF3scBoRG0J+F@?)kp=0Xl6e@>$XBjnZJRSZmHHDmLt~e<$4Ykk2EnCsqOsyBfqzv&
zzkz2;OnI5G1w{v2YbBCIu45A!&!{j&*;M4*dWIESBpMS!!Dcp9YBgT(P;0ztRy}%t
z9Ud@Xk&$`W=-AI!O<g=>JKdr)EK^&S2OJQ7MPMIXqgORiA3B76cvkvpH<F)J?q0$e
z*r>LyU>LjeCxT<2MRi_uzxRu!pEZ$iXO&gaAtN;}wpioKygi{vP~@#dtH$9s+toAI
zfVe?KCSweqgZfPb3Ic&F95&S&?wmONDXsP*Jbxd%Y7M3OW--LiGi$BoMK{b&Mu2l{
zvk3*3T&6wuHLiYMluUTSbTLn5I`Au0bNK5oJKOM%3(0H3xloTZ3vCMF3DNx7CBH@@
zCX84%<kCa?O|QkLIx=Y%lpm~8Qmrn&Dk+8gM#q7oA$ID8Odb7`z7B6@EvluB_&Ki^
ziIRGkA2{?};hwQlA9vn3U7|s!6$2eG)+_{guw+&U^4gb189!`2Q|d|%o@tV1v`L9e
z(DshdA<U1n@Q8Z0v(hB*k~R(+<~aDZaiC!#HLyTguUa253adr$8CP9-U2XhIha`=9
z09#+A8Dsq^|HeZmG{+nVxmq>`O6qGXP(xd&8oHzmH0-9Xp$_UBske_VEiPP9qIlbN
z&L{cOv2V9Uc>l0T60AER+O(g?Mt<O|FtC9_MpkXg<PHOK_laD0r|C1WiDL7ueg`vN
zk1u0S&wX@_0_Cr*iOT7k_@v*p-0%r&&B7DwPmYx0G#aoCeK6;hvr|{-Ax^6P+Q?qV
zX5*cRIpN^NB>)U2;Dst)3^J9S0=d==GM5Jht7yc~#0ZiZaSiDHpLAH-I;6{Q)6`Ai
zka30ikqZ8O&X^nw``T)e?-W|29;PtaxgT?=hlmvuAfdi~*i4&++^>a*bpszEx(Csj
zOdPRRWqjbIG%aT$r7AoW<xjt*r^E&{4TYHEcSUHukdx)|Y`-S{dy2+isBa=s2$tEK
zH?P3~=x=`fksbI~crpJM%*7C0pG=#mm?z?Y$FxE`s2^-yhm+y&ZceMX448tUsj1|D
zLtO&zwhmrNZZ3rLKcn=BkNbcWI2kN2_uc(l{@F|Y%s!w?<ozfNF?!(B8h>}~*Vjx|
zPMwwD|M=Y$U!we`<337|@sO2#4m9+S5j;Apq4OsW|MBDa_F;H(7#OrLJU{I{Uwmc!
zAAgK^`b;wfv$2%d;qTdk2M<9*>g$Gu{l`Z~bP}Rcz(CDDer@wNT?3rNTYwgQB{VeZ
z?>~Ar!akyUwh!lTKl-->aC=XCPOiW29o2~5F`Clw_q5J)g!2MBn<Qdt_zTtGuN1;R
z{vkv?Q+KF80$fu>36n*)dR#Js+B7tt<-0@tKN%rfZV|m0|M~NDqtAMsLVvB`zql9W
z`O&jQT#+}!AS^;e3SUvA&ZLTAwA%iiK(PQYs-QvIX?7S8=rTb=3#n=avq`DwyIVkW
zeZHtGxA8v>SFDIpdK1{|9;+3dnS=`s?6#3ESDmMkF8#y41D%+R$0C*rBp!Kl(Y=VM
zW`n|r9HVazf%5^rB!i#GKA~cu4FnlFqPvtEGt|f@GtuZ`i*USh@Hzt3!#V^oKE|Q<
zk&(mw$P8rn9KMm%1Bl!;NY|<XkxQ++^Z>PtJ)8xhwPrz7&WUe#Gk#r}_V3j*Qk(*_
zo^QwT+5}X9NHChOK;r@IQyl<WRx`E*T-{EFue*eA3_%R_fE)XMH;Ci10gj{&{qq3B
zoFq3*H3U9~8Ne7gQuxXPq(gl&is0+S6~5X_{an9}2!-Z5M0lXeWnh~Ca1H_ZP697n
zBRAH|diy0S5Q2zB^Aq1!`OzLgWi_X2t*y7lEBJbO9oH230cv$^DJVInfTP;}9yr2H
z0Bz>VF9fXGcyqC7z0#L-^JM)7;Cj1Bqo=Y7^$=5cYFWHL`w3GiN{WLgQ|NcTT3{5J
zPUSc#>I}?4llw;;ZQMY_-vq!sErCC=_hg451hV_xxO=nynabghnn=KZd2R7V_VyoF
zl724&M9jc>Oa4Y-;ECFwrX3<BK7KYpl5xV|`))jnJW*A|Hy&hX_TDyvi}A&RS01Qy
zzX1dagsWJEWm!XKJd4&V@xVJ3q<XGjKwjNL71|?U(p3v^dnQko)qT){dyEsnnK1}R
z_aUbBD1r(?=N|>ZB~F0r?RnQkm1&CKCt%l^iI;2vn|u4K`FM9uc-3K{JH@ue9N|eR
zd_IQh$pkK+mF9WS{nVfpi66ModVYGjix6i6*X!4S@!;N{;a4@p1ti_S5mA6ya)P=6
z0X6K?peu0g%PqwB-AK2Xa1tx^`Gm4ageG0(Lt%jMM9u4}C$J{M_xcQ+7j9mqu+@73
zIQZs4Z0*DIM~DnE{qn=ZB*#uU^;Jiq-hW7xT1VMFHFO1~I9T!8&5KOgcTruRFYPU~
zm%jPg0}yIqz*X7a0=Zyvm&F*v-NjjNCJDpHD>x!K5zw6<jC19V*zb{_S&hARF$tc3
z<JXaZ%EMFQLs_}F-_|Mk$R=*<>=fL0Y=41)AY`PHl!r)(%R)nLYmz?5ffY{zD$Z6(
zRew(n8CFlxSBE4n69l|{vkOYW+$PzNT>%{mXIS274C+#YNyxB#QKARNa@WbMhi%3X
zrPpCN@9ZA=mkZBa>A0;lm)VMB9?Of8>5>wbVrXM+hE01Qj)O^WpgA|-Bp^r<x--%U
z+41Y|$tJ+M;xo-Q2!yOc_#xib=n5lW(qVmMCg8H8TdY~}Dp9pR2W1#=BqGhzi-r-N
zS-??Gt^X1xlI6Bivjrm?th3dJne|64NtqK3LUL~bTM3QVU%>-Bwd5Qb7u$qtYOsT<
zAA$zqb?bB9FEFONY=vV@%5TxaXir*E@e<u}6xnf-T`Kog?^8`90yVv<EikwcWPyRE
z6P!>|_FCXs+;K{lc^T~q(&SQVJUub~96{sSXirbiIQGZoyF5V=EP?*`!^cB*s)20)
zjOQ&?etCEM@{l{t#S0+&&PPKprhq4>DIgeeP{~+$qC?aiBU}M0evzK)s8@VAWv0|V
z!$HN<C+DnNc&l+}3BJaCq}x>jTgimXIu6TuLxPt&nn(GL0gGsZlD^pV5qhH9kJ6z2
zxtcJDf*Si%8qYo7-6ZMN4h^VNT&ZTo1Do1Ae=MGWt&{nj;o79qPGLsYf(u9h-V?8l
z6ekR%!-Hex$Hj&)`#?80?;%jrsE3`E$55Mi1A@oXu+AJp#k*=y66Q|?^7QB`pS`{2
zYAm`UsIG%^<%x)ihNPUBAi=8fWtHxPp|IB@a{zjDsG(Lzst1lDEi$js6=2TW8#<bG
zW<zbaeVvqxT8le}y6s;ng<8d#IqM&9j9d%A!;4X>u;$Bj8-9#w%t&vx`2?=he+FJ1
zDR7OXwhLV*m`hn;A(Lha;U<Gz@|l4x8KeD#ldotyFbW*tz>36(l}6@yGl<U3Gp(q>
z4$E`~=z3mF$;O55W>yHU02p`XZ++#pb}U|INiy^#k4XrWs%)e~MVEk|-_*cvb|~Ay
zRBlcLq(}dm%+qw(l8O<vbxQSj#a*PHNmp>K=pD*76ti=<fkbaEtSA8m`Z4F9gy9Zs
ztDSwr#fmhWFF8w}Ez6rnooC%l=i(}DCUP?KDSj2!<%49{J{ro6XL88UWBOd`1o&mF
zyLvJx&6R(gMfe;F*QzSWBA7zEI7PY*TfK3h>v;4#!ZkT3>~kp|zlc=HL9sY0aWA}G
zaqzP@B|-^!^wq5~No6p9E4lRprk<sfTySY7_o6G)zUxcyG2p&M37^9E9f2VBs>#Ww
z>~IoHAm2|7ayz5`^oL{eLV@Lt7O63RHh{gJ0|bXK7WyO@xuNj`P`6EJMHImlyos8y
zO#qKzwAx&SW^jZft&b_O_ztVII|@jStC#`4`YqTdKqmKtOx}kFJ<b0yQt_R7gwr*z
z67MMDsGcFONo)oEWZ)|tHG=!Hd?ZBsP{l{ReE89Y4KZ9Ja2q&tTV2SRndU7(&PSwL
zc6g6KTIofMmD4o^t3C8pz~xTS)N7L)Ntwk;%Oto{^@@yWCO3A023l$3#-coV$z=b=
z13j2TIBTp)v9MFsO~U7^ueL9a+;}>NE~WrGa1QCkskn-rTGCaPQUrzPnqLyvMvb7d
zcv}5_HQwM;g9NDa{uHuxek^8me@m9>Kzd#u4pbE`TDgPw;-416?@5`y{chlu%)n*~
z$CAKCgjb={&h&&MHuVhk3#}?hmkO!@6=9KRW(2mA2NhLDV76q#Z#a56e}ClLF4#`&
zEd|(T4=V{qQ)yUSt=U_gHBs|G(X)vC)#58CMDsnEsi}H5o~a)zid*nJP~Cer<8C%F
zQXC(VP;&*@X$DLPFT0DdC;fY4BH2zq|6vXKApt1~=7zZs>?e(%i!gd1%qnej8$oNI
zo0n<VJRXxuy9Mym_DAcO1z;$O5@UeC;$~j;Tg4%MbQbufJJ~>$pEire8<D%!B6u?1
z{`m)HiM-HAkGAME0*H?gzBx-hC6XPwwjX{3xRbD5Z@11cav@5MFS;g_%#_dII)}qv
z@o;zkD|K#b^l(Sp1;v%`DXTjCpwxQloen4s3#H>G8g>@I5xIq5JG?-o#_y$tM46lN
zT_#o(3p1rU8z?2;8{_^5k9vh+H_J`<htEkf#1dSG>WH^SYDIU8&2&n!9kb}CycsDK
zPH*E4V+{{}ay-ESmOe&eq$7^V`@lxO@olLW&Yvena8j%j5sk!iQ26ed^MylpqNYb|
z<UEJVnRr<)e=SkLx8E$sn97!cnnp4|ZmV8-={Xo)8AE&(FkN+x9>@S(A11LHJan->
zuHiJE>TZ?};nnbh`)J`XjyNQN(!w7bY%qYNjTQZ3rSmEsd04reazy}u`v6~2M$c)k
z__C(Rs&TvasRf*A?q``EbEt->I65O}1p%;(<*|%_@W*Z!(GtSv=mv3Vyq;%v9t#1a
zPchdX59aKIs1Q3j5ObLjbE}OO!|X<aE47~$tJQ?GJV7@()}GP+>7+nAgQ@~$2r_U)
z*v6c0sjg(~uz$=ZbdxIv^woyE;sGYtVnQ=wC!JhF7|^j_V=+#3$3thV3OzK^1~(PH
z&<GL?9;aSugrLO++W{~9W#g&GOX}gAfB>m6p9>GDQ>>mXtnd%vT0hpE%1~@`elX$M
zvo`1~9nPu>XHBQb`B-J^3NmkHPbbvNkvAswwP-h5()|8$^!ijN!VrPiUXhkZ-Jb=g
z1-So)phVq8BEL(SFxzzXtrT3PJ$1pJf~fSKYV+X|&?i$O$jGBXW8{FwprhGe?Sze$
z!{kTp^Vk5?osqrtRdB2!zn@>Nx}=AG7UZg5pPN=L&3Cvn0e;i)YK<q><6>rWC;e-X
z7}51T-tdpJi=s3dQQvoC5e*jOjreGq+o8VTd@|@|)F!AolC1INmeW$PM-S7u3$Pac
zXqBX+9A8ziQ5ZkCfh+yxE;{#eVT_T}?c7T=D!{hoQyXe#CPo_S&Vh-j_s$zj>^@@p
z=<#ObxjK~BQX4|9c316GYV_LD$?xJDUF3N5Lz%6QG4cnDO@)337QrQRK0BWakv^e3
zdAvcO1(o^?LI!Tce7Jm_Y#+}2dMc|?t`^jMGTD3EkCNABYi_ui`<PU^$RzUh{v(VM
z$y;E58RJunYQYlY`c|v7cVj~i=P8$(<J%gLD$(OYnSZ%$F(W)<vQ*3za{>}jjy7Lc
z?!yDpYhO&VjTCDPoWe7){nocAt7(*+TTn(|B6*UuR1n9#!xiCwoECkB(YfqB$pmXJ
z9eP#<1f9G={zi}%pk7|NEdi#ZXU_bZYj-+`;F!5_-3R=pI@`hG!?wE|5tp)+OVT`d
z<kcN@JrTziKvP~t{S2{DHPV-3F3;}MO|#ro7qxg_uryi*ZA_+M?4r8eH6o4^<wRXv
zmeKBjUNzzo*FOj9$G<B$idSfhHmHen+8fSz(jCf5C@};nTuMFlp>~v9ocHs9Y&PIe
ziSq<>A&)-+X#V=fOb__IVaG3B1kiWk&1@!zXw@-_92%mdvLxtwPRga1_a#E*)t&V7
zN=i!B=BqQ9G4A1f3dAdtF^1lGX*F|ib}YxQFWKd+31&Vjg|I=d4fF9U(l*V3a(0c-
zPq^N9xW6<1bfiV}_W0rI!0F+LR}a%akH<QaBCGZgVU>0*s>Ai#d*^(-BipVA4mL?!
z^;{D_ij^w*lbpVbc73?;gmguM(_Ixlo#a_(Cqx~mSv=r;xsLiGwLjNMs6_9Ra@uL2
z+uom5s{rN?!ALf`IB||yMwrA@3I&E*uZH%c7r7ACm;KU@<=t>O>2^wtSSw$Ok>UyX
zdR2+}($-~ho;C$2rPdkW&(z_#c9eg~Yl;gYk7UN0T_$b~zSJcnL8)ADa#an~)03F+
zy1)+bvH38M@5@T}VWY)#h~goo0%_GE3hctF$m<=hrxRz`U&gfwdiJV)cf`5!2!}8-
zRF3iU;b1AG%|18c{-MXsJ)xBPJLjcALi&Ra>m86iia&P92keTPzSCxML>*pW+j5;*
z?^8CbDA=YC!&$`Gkc@MS5P3wfHd#>`eowGJ@EXD}kgF`BvGi}%%YDGeoS5v73P&ap
zCJ}vNO2$AS(l(+DQLC5eeP&gOM*x>&XtzU?uK)kV$JO+Qo{tLtjX|^G5lVNZMMw)n
zAO0UtiuK?wN}ih>-ON4~S6Y)_Z5D2KCtX2Gg3#_iDiHr{_W$vhNH770=nvz#{>|&P
z)gR=%S{zSh86n}SOBPM_r<fbJq^SR{hLrgn`}w<kd+g|~>#YToMWMw&>wDCvCxKg$
z^_o`EmF6Fwdgw_B&+pb12TQzbM01MS<0AX>2=Z_0Jiot@bc9HyPiZ{uPV=;{E@{OK
zS#>z&7&CojyNzEg;fEQ;&hPw9Y5c8}D=|-O$gG!gX7P6M;c~4D5C5(<70cp#msYOC
zX?pLjF|_6NyYTd?>CvBP&?;dnf;US-DbKDu#_nUJa7Zz4GE7$JnG`Dv$zBgA1fKg3
z+?>lhb7;3?Zb+)R{@-Sqe=H@rVzg*7?QP3w4r66?*mKwIdRK<&BUZW-j~g=04HM#Q
zR<QHSKeh0WRlJBWTd8!Zdg7W>rS7$a(pW?(I@5L&nD}qn{V$bbL^&{7<kg<~6X|;-
zD6oxJ4P9^F)?MqUR-M<Ke$tNXCDCpsU~Dq@3c1{59KO1u*^0d`+lbRJ(CDp{TkLQR
z|HqQ|KQH>v(?KknZ^wM;M(VS^+m28Umv@&g*ImO_`GIlULv$&m<{}!$%1By=BUc#|
zI{jlWL|0OMswCe$thk|&RMf!wbFcA#weMXfClo&9neeFL%fSAsO?Te$?B2rj&rj$Y
z#Z72h!!frQ)IaPb{Fb6~5}z5gw!YGSQWWr?p4p1rSFTDM`nHoYbVny84YScck$Od=
zW+%MZU+Lhw-gN}>E2$(TWzM=P<JX%6k7ALkO%JW!OpkRN&-HwozyK@)I1Yip1I0dc
z+!@=*S9;<_LI3G?L}{&g$TPx?Y_o}pDKlRyiimD`9yqi-KI{C3ev<r4$82RMIHkCL
zCpL0ddl=U&#>8}6lXpzV{PQ?j_pzuhsc*zB=bT~M0?Lv3f9#3>&z5-U+d*5tleO8~
z>0`5aSx9nFwI6EzS%U%AH#<^Whdn*(AY!yR@iAn36Q!PTwY(A&TYX~Cym$LN3VXZe
z3*q*bLf(WAq0afKiX87nI^Htu&P?jdG7pNPlKnTcE(4ew(*FOPD*unCcqmD$<}=!5
zC+@>dFerDNwC4Bgc&X5NmGMalY%|YoJe;ajZ98PB?%EPZ#pg6xkm6!~=L9dT@|v35
zXmxj}m0GaUt!zK08RJ-KtQTwRF<RO<j>B2WW=YcD-WvGAf<cQTbJvT?i+Wb!#Py1q
z&{ITXmp!RvT8Q#9{X~KH8Oqqh!<KSb*lhUE3g4<NG~V#5ShMTw0iN)^<V+jy=j4AY
zY7Z$Dk&iF4sOOa7y)5kYpBblgsO*{Jx63=G6ks2lTCHbG1d?7}(?pn_dR^~h;Ct-t
zSj{?p1_?V#P6@2^I(%HDfH8StFOJT8^6lQWzzq8fp8sN=kQ5Oe-dlz6%ENTA;Ch$+
zG!?tdpDt}l$Eng2Yjhg@KCjwL2f@7#E1;H_mwTPfG=UQDU@ep@dy;K*qBCfB_5K$E
zg9!AYMp7oyp=4DIqh)xG84^OS$jSUlOo?-o5Ot+wAaz)U$e~{=V_$<a>s5#UKq@g2
zu|zDbGzmK0uT*XKHS*WarU_63mw|wZbwxF(6U;QP_%p1Io)#JNr3eba2OqTGe`cQC
zeTkg|Pd+x5o>?z7`>;vO@AX1=vV7n)Yvw?%Z7}SV)iB|3JEJdf>O}MDlMEZlZ{Np1
zRJ`@K<PzKU>GNobitxH^+;g@3E$-08bj(OFNrBg-Vz%ODxGqLsi5I<F;(y%kFL(aS
zpP9}C-^?;h`s;_=DChzYioWgrp!%@iw(YVkon;h?-p<8~+k@|nZ;q#Dx<CCY9?zaK
zD`|gOjzuc;Z0ctxyHUYP1S{!FXHu_$LPjy$6=5|6Zv9m_Ye+xUKi=~%cl(z=TT>-z
zUm&q&y?LLbG>;R2KAX^zMAr7;(4RG4pNWO*m#(2%XJf5YDA)ayA5=O6Olx@&!Q(O%
zENStTOovg(Mk<94q)(z9fPJS1Gh;=z4KA+6zkcL@xg+A!`%X${R{F7TH<`Ac*=aTg
zRLMz>&sd&!D#Z#m97a!Ue<gX99OiTReSFR#T5&~XPPS)4eM8!t|ITOK$9%(5neq5!
z!iKNNILz!4_hi26lgOoT<8G_lP?Fdrlk;Rt{hK@frQLnCWoi3mQZ#-Y2sqs~?ilw{
z$!61<Bje<IvG$$WCU9hUOp9fj+fJ;Wuf}vc9y?IyR)m6eH&oVt>Xua4PxD6X5q%}z
zgfvTnf+uKq9jB^o$hB+C^bAu1!^w!z=jAt@N;pa}=@s#P5uq?FpejK8(BU&0JqIP`
z6|hxX0QG!aR_$sGu)R+X=h+|pOCvd;_<sI%!;eT`1f^OQmQNyI51Z9Y(?FQZsjI>y
z@c7>Y|NHeynC0D-^u~iomf@eOrq?Voe{^VHz6_BEVe!p$LGsu&0@gw^Oe+Ml^&gZe
zR7`KeF6ovBJbLdncC8HLq<m!GYnjeI4A^gfv9e{TH^XrfnQHx{#CRjF`o8HLcUFSe
zG#$A&Ur+=yK><J7-XN>QVD8tC%wKcr9y>yuHi-HGypmd?p=&QuzYs|IrnW(u!WRHb
z0U+>$CFKkV7%_o<N@*NKiXo(rl!&74R?ATvNDU;p0dP+MYwh@hdmv)T@al~G#jSAi
zCk*!hti&k?*gEat4b#~kG+qH*BFGvj_oxq}W!SpUE64?0?GUOI)U@?<L61Oio(TjB
zFCl@`X@`j`MBLfaUm)|7%<LTlGNvjXvd|`_O}(LKjqRL}<Jur1H0Ij}06eYPwIbj4
z2YSr_00J?Tfb63MP?8^@_KcBxiit>>?5hHSodM#weDnyJ=fpJ|5hK!Et@TtOfJ@jJ
z@mG->*Yi>qnN9PV2|kGAV#<OL%6o6G_V=lmK=dL8-HR3H_<Y$Uf?dIS)1EpIvL?9t
z#2xIsgFuoEWcG3zq(+=~LleLtP-MhVb$ojUoNWVuqAUQE@Sh<tjQyKEklc9ZeUoP4
zY0wel;qE(W<Zo5JpsLRYl&1Vy3K>F%pt^w#kQd`jg$oe66s!DPHij*KS#~6K4?tYF
z*O#Z|ZwjkDfW{6Ru+L-=Mby_!tAI{`1G2ED?@X-+*}~TICbj_rCO!`OR{QG|YZ6dd
z&uDG6l>4(Uab?v#z@@?c#md|5=@4MsCEq=x-alF2{r3AOm#gK<%OY}TqG?5ML1HIt
zF^3%RI#4t+(F2gJ=MT`L0$4~%!cUG@7a$=tg6fID76HKRy4rk@QL__0rmX7%5P5|W
zW%4J7{d^+dBwE+U%Jt1ADoyG^)a0<#BG=*`P-4;m1S*&5UJT<LBG(g8hb!#>{_!>9
z1i(;ab1{w>wcw&J=I^g}1QWJ{<UB$Ud<3%t?-8VwBZ&@409AOktt~oSfPYQ#`PnK*
z?1B~>!JwsW0fOcIukU`#RU2pX<WiV^Jh*5%=waT^BF_+S(IHrf-wg#-VE&bbFBEwD
z<K=3yKD(a<Pp7NqQJ=kOSC8>Qd!3Htw{wfq>h3P5I@D>z4g?jg5cLS+z8gEZ9WDs!
zObejBvEE)OJ%uEDB!c1{#EyLg1hcu?wmn6BVi72v;_USTBDIhW)FU`vb-dpL*&Us`
z?cfN{ON%xKa$fNzKo0;S_t3e*xSw4vd*A^GKTo+ii)4@}#eA8M3r31#%dd1QC_6&E
zjT`ovN9|FhDZ^3DIkXW-<rXhNj%zGyNXrrEIphoq>8UfFDA@w<N<r+<*w#r^KZH4?
z{b;-4)U>q*3>d_sSRjnXm2GwoGaEAH-j25=IFOidW+laV_k_ABchZB-8$0D^fZdJ3
zS$URJ=wg)OW6#$_Q!1lO5;MvJ{_9{)e@ysnyLuR<eEGgMEED8iK6VdZFbB!8L4muU
ze+e~D{WM3zcw2KaY5BsJ0p}-RR)#)k16`W(t2SC9@2o3b8a+^L@^Z!!)0JZmA+(8|
zxE}J^eOM+HcvIkCmcCg%pRR5Ou&VtWm=VZ<t9lF5d^8@NEJ@p4JZ-+nSdfnDfbRd%
zBwmXl<hy_YBImOWzzY;4x^`bg_=s=Ja+&8VK~FV7xs%-*O1(SP5f8f9S?l}V51w?(
zRQO1)&*EGymh<hK!;n1R$J&7+o1{9&FnF~M##W??h4!GJ8J9W1`6!uXUqoJ`2W?YM
zy|9*fZd~P*CN0h4ww}j!+)RHvD2iUradt4BK6IT_$wPeIOd)&`TF-gk+u3Wp0|H5(
ze8`tPVtwn+=W@50o!`D^>dTx5xFKW<Xr7e}mM@dOJi(|QKOWPk$q~dC#2Sja%x}jN
z7Le3^w%3Z9Q^$5K)#Oj^FCH61Pl5V#3q&PnfzsmwkN^jJ4QQ@a3$MRfYbWvO_t8X*
zzfR<VbG@$slr<=!J7!!YI(~UeH9?u$S`5Q<kRCOUeEAMxx)UN9*nW?DM53OR`x^zj
zZuT1<>q+i()TVfV)h>*SY2qV?`^ue5ek=hH!?J9lpQeH_b(>Z>7;!f(KgAuOzo(52
z9^Zp>3Eq^qWqZ!Aac4R@O$4lh<j(nzylrL4qLXav9?;3{A}_UvgvQQjJY0X|U@gXx
zVDxi@IZaN9SFYUzd?-l_tLh<1UygLg#UGNlqx+{oy%F&U0c4Ny%DKM2<Ib%#p?><q
z_aTeLBw52$)A^BGjMnS)zUsK>TPyxgjBh@6Ffj{qC2p6{buh%sxAP$qlXL9)UM>Kg
zpCChfOrrb^fbs8rg^GzRh`uCaijZN{00Y`09VzQ2=s(}daXUo90FrM~w}dW&Q3s%V
z_PY<#6m9Md4u%lA0--3KICT>OFqLR_3Qd@&2G2}{0!njGO_1xl*i84Xt3Ll_8_QB!
zZ~Mj7r&z}@M7J84uk9e)>TD*C!j5>h`2K9(69i$)IA5|M`i9<JgA0rcpLK6q97aFF
zMax&jGc;^9aAl=}j;eSJW!FfqvjpU>=k9Hnq=qC4x_K*KnBxX}-gkMH#{@kRRoAhu
zu>(9=iTlx)O6lYrtaoQS{JTx>QlUD%XNjqG<OBGJ>(J_*J9n~$-j_^Q<%YMg-H%-F
z1<s1RQ{}9?4H7VcTc_I@m~OIXW_h=1L$Fbk)*1CdX5GZ<{pt!}^{_79Wg<pTXR!<0
zEK~X*2$X`Ar}OW>zOP<y5l*VtUp<ZdGGopUmf@vL_oj3O!DG0HR`UPfUyGm+6OI?p
zJXnYeV+u{|wQNYaWwO%68k#(@{~0Lw4y3iN%f8$<KA1VUP*^xQmF)T$dno-{Pp_v8
zR|Q^*8xnsXtmQ9#`1;mbAL7k^+XF$l{=h6-;){>dik`$X1ELaj3g4?izvZ5}_|Njm
zS5d+xtG3Ll>Tc%LU_U{&80<-AzMgn!7k3`M24Wk1qK5hi{R<HE-Ol66dpB{Q-J_A-
zF@<>1e5^ZE#8E(^roMl2U?9hwfrN*oQ*DMX$Z=L?B*aaPWC7;vV*<eFSEhZ=g;%_9
zw)jQhG;#dx&0&UJ&!c?*j$sx)uKR+Rf>O&L!~&7Nyz|;o+Peeh4rEL?Bg!;t-Y)8}
zwSsN=+RX>iCx{5=tpP$4tR=no=B{_&lc)Aw6Fi_twIe%{=|DR$SY8M)HCL9Ojyf0r
z6~*V$F!qXO`0^ti`v*2CZdOjOM}KSPt6Rt1z$TpU`3aS1T$3yPl1V77&X7as$0i99
zE&99Hd0-9Pr&@^rFnTANKAJeal??SUpLfeXWmo7bLv@nf==<?I(Kld~HN6X_^Tf0(
z+?9kEl<!*uo<;JO|FIx^Xbl_aI853K*-K6mKdro>b3lXsxWDt@pr2#a<~7X}Ny8h1
zvxkK4d==u<_Xq-@Jy=QP4X-A;`ycEEq&KfJrt!ahw~5%^TKFMRF;LfXO2^)|Br_C=
z>DPE8J33JoC+QP`sBc#WYxU#Bs4?N(Px~Pmgm)5lASWiEMB+BwDYSA5&N<?Yaq`b{
zvN_vSshr?Sob=oaxR?!Lf*^AkEEa}@oX<TWb^fj+V4hBXC}O5`OMjVi7Nb<BE+Xq-
zJm`I|K%BNY+8)U{*ifQUKNhHOKV$2_4!HdR^if4GwD-Dgr^JR2IRz~7Z|$AD652QB
z_zKo*ire|L4D%CTJ)>psN68+F@-^MXII}TM#yB{jZ3aA>5e-9`Xt0ap2qH9S#ilN5
zir0J<Y-Qb$pGD&WSV^7MY7N32sJ!^DfCY0+_J*9(Ih<$oefidx$C~q(NtFcc*olQ{
z(UmdV-5wGH<aez@$+Pka#WQnDisFL`LYYFlxL6Fox!>nZGWyX8WHw#x!wPy}={7n_
z1sMktyT*BnU@FpIq@~}PJIA4u)*#42!B6CN<#C{qc4R>_)_XqtWh!}2@gLi{MKqFb
ze|@3mLxP2DQZ6woWbtt*Gu<p(YLcl-WZzZe_&aj;>5dd$VeB@WM0ExejiB{H9V#ML
zaTEfkV5A%+H?u%f^ihzT_Dq8=4f_teo&Yb{{(r6C$q2#Z7}!B<zX%_E{9$NJN$uue
zpN)D)0kYm_>yOw9apLp}Ow*ST$Fqgr)$liZt;&-o-e&aB9OFqc#;%l>e|+|EA{m|U
zqjHc1rzM);<)})YCU?!z?{={uI=x2odr`P+5sUxURhz!^lpQZ5x}iUMyCp#$DJ%6Q
zp(`(AIbEc{kGp-jblkaU(hRN5bm>yv&2*<k7z7wq)B0Q)_sbD!!W_A`_3Aw(@m(hR
zo0+K91g1M<uqz(yKW``O@raIA2*7+u>kARfv|sA9FPj7>49Tq6*F)t^V6SL|vDCv&
zXgl*U<AqR@4WS1>T3&rK%F|nHOkKn1KDCX`8|Qz(kzOn{am0z4rr-D2y<c&*`oWQH
z447&YlO&6{etw}fCq13M!}LI!SVd{!OYg1*3@_aV^>pKoVjI&E*rH(;msCopiXmmi
z&vANBt<CLbU>^3}YwsIKxjMN|QWZ9ilk@S{z!Q>{)9*B&(u8Vz|2#IzGTOaa%@vCw
zF^PJSXUnPsvyL=rzs*=e0%IS0cEwJ&ckt>w3U!j?`@2<k6ZHhps!)2?7r$F|;UJn%
zbzOB2DV3wCZ#ZPn6}%V;mA%dn<PEKCu+IB~z;|x0+#Jaud^~;u8!*EUFwOs1H&W#=
zPkI+5e*w0*6jC#QQWM3$5QRDA2tX@|`+gBLhr5Fd68B!?Qm>pErcWcza6)%}A|vIz
z+lS>k^f!qHb8;ohdxFIKXt@fy&@qa`$D9Li0GhfaAmKV_1}56?g!6~8_53TB54a(7
zxBE~#SNVl4#J-Q^+1x{pY64L@oOcXh62KQDeCSakr5sqkiz1QcjHa1^f6<qrVQ0Y4
zTR@yV@OsFfC6WO>UCz9H+==vqMGTX@mbWXu&y*w*gFav|+!0vHYW%%FYrz-6_?Xdu
zdLPvUaoETSr_EFEe6KB*5&Pl9zeR!azE33IN+Q`xy7z;_o(C@%CA6dL^(AQDfPH_&
z02bM&_SE{XR<F~ad`J*tZev<xyI$^z4Z`U4$pW?-&y`Ydcuqr(zL-Bzs=2G{b|N}q
zZd3+lBVi%x45RXfmE?-uG?K0bnVIMYr(wO%&*!AQvCplS-H@VK_f|}7+%9(ivYfW&
zoQ#CIHjakB6H8QHNqo+RHuG-mQK+(;L+|?az{ig737~Eh(;b8RB`ovu3o^6+#=(!D
znmAmBGI<QQkHJ1I@d>8DX%A(VPC_MzK<?-#+s`*~Jt`ANxuZF7$MsL2b5}TL98vrY
z9|)-42)r3q@qbp?5Q`6UT{*COGUFzj(9V@6E2cLTyqw0-=eQ`t18G>6Y2!*r9&kh~
zk#`MnpR~A~Psg8Xm8a)ug&>MO8;l~)qpsHJi{22m;O&<@Ch4qtY?2K6;0F<FdJ)Z~
zD7qJtUp_T?o2X5lfYX1cn<Keqd+Rg*esogZPs@vI!i!&$aiesVR(b?XMZ$j8`G^WX
z56DbES5G?lCc{te^E^$)nt7;}%!j*b6-oVQ8$Y*sZa_GuOa@U05`o@twY7fL{bm|&
zFnQIGL|l7#v6|7x|0}PQSIEO4(fun#>V$kYiIErISz*qi(9UpdQRNwZQkUF~2kcX5
zrpIzmmJx%hgWKqQ$7!3tgGR))@<ra2<v7P-!p}bD!~8A5VO8~GIBR6yCB0%OCb#vE
zXLl$$A6HupHMOaKh&ZYm#&Sx0ZR%w)RWVHG7&?*`ai0ntk7KzpzBO?`QsVF(yT$Ws
zxzg+p5MBQme?CjO5HG%Hw;-M#u{*rLPz}nIvA$v}X>oWZ1%9#3;FE6(fq`&|z`b^<
z&l$I4<F0Q?L%t>5E9bKI6|eC8T1(2D;heXM$`;So+zflLM!T$jGQRF!&+^APZx`*Z
z(Pu&Xnok$dckL48zlexO#7Ff6SQ^bHp6q)HiFe*m+jzWnJTsZz<s>>}O#0CG^~cI;
zX&)@x#>6a19i`^INMqboAo9CgK?*{@D%-T_)}r;mApGBjzvFNbP}0c>vhuR5+XlO>
z-@nLwhWvaYnB4FbZ1{r2(`l&L+`XS`KBGIa8F_W{>5AL_G$kzYvh97hp=W0mFAJAK
zy>(Y^m0@ydg6^?k2u#h?R35W$2#v%BrnpwE*Tn~mP?!IG{1A9wzxJmWz`s08pAAa4
zKuuL6HMRclpMqY=7m4JsesFQH`e-57)*Cb97dPJ($3mp$&}-~IDz<UE;7?yc30V63
zO7VUV^Tz12S9t$YJpQ*;Mz}i4``Rk8de%sV_5){_!XJ10|6l&kvh)A?pRd`GC1xgi
z=W>2`*?;#X|D5g-2X&?dpKO~3*Xc)pbJgG9z~F>H5uVn3B?$XB?eo{G{(d;$H<*3U
z9X%K6|MiIf@<D$W3|^oy$fm{)Pv&9sL~O>*q^o?BEo0i~rx&UEZ{EWxsP)(EHOEw<
z{AO7a^v1g*a^cdDZt>zrskZ+Kc1>EXt;N|~BaO+h)8-GpMqMa&pne%!bUfXE^VXTS
zFxConP!(B~QFuf%!4$`%RATZsFXgK(VE}@m3NPYW71AbY{ri5^v)f!SR;6nFGPN+!
z&`rNkV3=zwY^pI;QmQ*iWwz8Fz=Zo3dkem>IDGgY`$j<k+K+6T%6m?;B?T$?Z=O)P
zUcW2o{cOIu@Y9#L*0m~plr{17xrsKq-Z_YY%TZ)e@SZFxW8P4YOFjQL-~C^^kuT(h
zf$#Y$^LSp54ZG$`VqQqT4e^(xKlgtB>3bzsVRD=KT<)YoUu=+WYRU6}iR^Yn<9~D0
z3yJyOFLNf8P0IwK0iXv2Z?11!X%<?i)O)pc=(j}*hX?mwN!6P2s<!+6KjPjpuBxqF
zA4Wt3L}1ZKNh2Lfm!wFmbhjwooeNl$fOK~#2#83DbVx{x(%l`>@s8<^v!C<d`|Ri2
z`wjWYiaEy|<G!!Dv#lS9RiOPhT!=Le@%iM@Xwcm?`oj(Yjcx}=Ad2LwUPN2I+FliU
zK(%(qoBw7Nz+V6DApsjdwX(|d`O(RdCu;=-TN@&Be?I&F=M^zVyRTblH&BZ|u5Rfu
z;LlVep;Gm_Q66g5|Lvg|W<z#u0pT+rb052CRT(!qZmL^r+X^~t5q3Z2ka%HyPp_7i
z_uL*MIqbjr{H%1!erDQleFciN^bNh9Y^n^WshYRV|Ldm!|KWk;-8|nVGAf(1iQCPk
zKIbtpMrx(4^SnJp>R<GgUZ_@1?sTJLPtz%PpoM2}aAFeQ=aWA+eG<s}axB;Gc>+2~
zne9*@ll)8MfBDWF1u({2r8;Uw6*nz;7WVFct<YV+AwK<ZzGaJ?FwII~=J?iwG<ue&
zrKm&e3X{g#`QO+q!m_t41$8MjkRQk)J*-k#kIzyKTOy!%{sW<+g0xkkH%q)rKxlxB
zo{Q!QaC5_&#dtX@I~7p3459r${K?Q;bFaUwRWr{2#h)}He>hkHl!`|kgB8%y9)rev
z{(4W%a>+SOw<G_Difa_|e;fy+igz(G7klDT5ZTZ0{f=UP5~5FLkQ4H}7~-qYd7iGR
zcQuQ5h3F8iUyOCNTvI<}YG4Y|XUmB6pi_Q{K9i*#nkjc(Ry|b4M%BP^ZTMa)812lj
zSz0|8YTI&~cfryj?>=$>>TL{QY|-G^1@s9XaQ<bNeN)p8w5poq5&Aj&bku7#5F{+J
zK%sCL+LrI7_<#wz1t_|QKF#leHn|x@zL5+$Zchn&0$T%ju3-x(At@?H%~D)@fI^<u
z+~@@8-Ghrt>jnCgwtyF71^CN;0Q{`Qp-(u0bsflidzTt^nr~gV>W8W_sz!4!@Y%vk
z0Tcvg><O5B55^?Hm5!t!$Kspu?FS9CZ4YM$9KevG6QGG54X`Qiq&G}+8VPX&6v;c=
zFI2&B04v`8G#xmHG6Q@u<F)_?Tcn*6GT@zbeCoNl;V1=AWiCG`xy=)(??=yp^d52a
zNZY!`^oPgx=j%uE8g56lS0{Zwb6yxnOm!kB3o(fWv1j>-{i4tl^5U9b=oa=B2x{yv
zQZFsrZ6^(mQ53j0MVaollyohci23Jb)TPO#m-0PVSDrG!jsyeEE5pI+5Q8NkKV|`1
zgn1y_0FoP@gd!{k7h_Z3B;!G0m03Plm)xo^yfZSIXE2CPFAl2kJdP$^T7c1m@OV=Y
z_*q)u=y-E%)pQM3bs50TW9RXv5Bv3=7sT5@h>jVu$^z>k(&6Tq^{lP^S)h1PktlY;
zXCAJ)i;L3P&xQ}K=J?1W=k3oGzh1pEvd(%dy*w$eJEV4EXtO%O1|5!tzDPNG=|IQ%
z<C><!*9XjxHn)sWh&dHxu;Q7E%fxv`0l-X%ib;&qrqh}XvLzoh)`0NC(fg^_;X18O
zlFslSa_pb)-!06)Z3lsp*Z@E`hJG+kPtbF}mqv?8E^uGRdDPTzo~>@D*${9bVdPtY
z{o%})D4PVY-3+)h3VOv<V(3!t0CZXMVUqjBZU^P;+oBQ-z#TXy+SH#k17i@$4Sf^~
zaF!&xA)_I{@61>b!43+^_tAl{-co1z6C~sgxh}Q^(820WU?+)0-i82H96MPDa7}|%
z)pZ~2_-;4dq{IZmb-R_xPe(oKC9e`1k0_@tu!RqlR|axAFy95TrlCS_!jC)=0O@ph
z_2@1%=lvcW;Q<0wuI@_gz*JfDy~k@Ha1MsZf+-0Q8mjaDi6k52&w7g`EkkQ)tNQRt
z%<U+6*xy4KwY?5-g@)kUp+C)+M~5{1=OU*4HosFU7p(^_4)@+Ii0p%h3LSz-$vj<~
zZV<r%Eg@J8Q0;-2)v;WU0IfDG^exSLrqOR;yvAX<H;%1VBLlFp)7StQwwckx+g=2!
zOy1&(!N-2awi$h17op50#Ajy*AAziOVrR7=qy5?lW`FCBZ~J36ZydZ+sOtfXNZA}+
zKJ2s5=4Prw0$K{o2eIn)9Q4`HqYk(zcb|2r=BRDest0NAYsIe~6HiB4Qqy@p4>Rst
z7Czl~YZ>}fiI&1P&L?!W#!K>jRz6fi+L<bi&RkQ4_hv9S8O0QEW~fNn>mIGr=5K=C
zAT&L{B^VpqYODg?Jk3c>1F&jCvO2vuch3pP$J+?CS<Dx<fpdaT3Jy#KycL$CT(7d1
zuF>Tr<3W>ajTo7w^^6^nNxr7o#0H{;SpoKJ7SJ|f)LUHLEHMhF;OXq}0{f52M3AqX
zh@@__$?Sj&h@|X*jgSQg=ccN6WyU;~@yZG$#0X=neU8t|7#xfOVQ>2=keGPoeZ0`b
zEW&eo%6<KvA7EnUvtY>R*Tr^*A4x`@JC+2037+OdE#3e(#_y(k(Ywmz=V0@?bGN_N
zY27u0`^9i!>fkPp1iZ1<aTOObH@QXvZcO}$)^i)8Fo4#VefQ%=d3Ss8lqC7XiFYgY
z_m*c$phL7U4+ZdIWKi;Pqrp^eY4417YZDZS8Kg$=NmLTw>@KI5NH(3Vk6Sy5xg_==
zuq<+ih5)|Siwvj7YY}4qXapfd(h$VE&H^V>_)+qK?k=u$;zE7snc8U#3-=@Q!CYCx
zoCu!KzT1OO5o91!dDI@FDP8-zGZ)X7F@cv(rtWI7{`LSLs~C4;wBMl3=bvhx1y>5X
zD`7+)*3oQ{-fVicm?rHs@s-h6ARILOdNRx)BvneV{S`T>BL8A6S$*5-`8k`NPp1tb
zs$jm*oJ&}tAZBmtO3O4z6t+t;reBTMdhv$uZVGvxkSOBD@gGZ24o%W#!oM$`yD#PG
z<Cks$8!$EAuW*AU5~n?JgRgAn8u$W|r%BFPd!!~^GgAn!17n!ArlKBMjwL^^*c>cw
z+(Sh6p2UnMakj9_U|vT50@Ksjgc?^`^CGZl(|GHI^&#ShVkI*Gt1HOualyOoZbYU~
zCN1D@yuk|bEs!;0;Z`ymdn_x_k*uuHlMzd78qI4}%;3*9K4ifc4ELJrK(m>Fm>aV;
zz}$$WDYQ<0<r!xY37-U7g1H)ccr1W#hJ~()*ARpzHeSzwh#O{K7h&v3V7dIvxB@a{
z^D$~Q1p<i>)<_c6#2jC4*yw_NrjP`A;+CCKt5{XVPe6pMhqMN`)sJ_5Vwm;gop!-w
zq{ZaU(9JJkT&%z6rIP?v_h8SLr+i4sF^QckENLt5D_@*_CIOeoe#i<oC>0Ibxm(E8
z*I$JkNG2M<HK~<gQhqxpa5QP5r86?l*Y_S0<9Ey$p{Q@kxS2Iph=D8$w{XTl;_gfe
z>h4@tU99UNVZ!EO3wa`7ny1A1lu|;|k?4`_f$52YthYoLv<|ibwT=n4SD)}F?Tyqz
zFM(sJ>9}|vY_&Zi*jW+eg3j`k0&GO<``l5<=Jdo3PbG^CY6(uiSCC3bF1cEERBtmN
z6Ak%rJmOBWZkw(KmCSD&5jNV6VEV@c`w3#zLB{g(J45-c&qh96X}n?|q$@Si&N`x1
zKm>HVVpX-Ty@b!U1Sv5WuqaWl<QK)fQ=TAZj%SJcW;d3cUaQH%1{I#NNZSfaw(`NF
zrc+$aC^W<dJwKa;_`>~lP2*JOc&=iVGW$I%PR94X-{Ta1&8XQo-F|ppx0pv|LP);Q
z`l!3mrum_r-YVc~W`MFG++m8!8*p+D?1a5^X-}Zz_iX}F0PmjY5Sd>eQz<PADfYMH
zy15InFV0KbgIx@b*Tw46ckTVi_ZxRV@dAP%A!Fb(*bzVC9)t64?laoH3~mtrd$2o%
z$F|3?kZkyuh4GSzi`Pf%L->U<5xT972B2sv%RdjFNl-Z3PfM5(2`Q3rgcG|1VL^ve
ztKL=u@qI*McjmOd&&30eQb`IuGWL56vkDMV12IOtvmtV^g%xy1I<ZYQV(*tR7Yvm-
z0|GEehDhk1lFYi*ft=t#fQjZW>>-ewgzs;oRk<$W{zQ$`LM1cA6nGoTxy;d^>dMa0
zpc@-7)9b}>y)XtL1aj7&li~Dw-78+T;l3@G<)HgqTXoGGu#Zqr(wHjd>+#z0>RrFP
zxA2Emm{oyWOL;^cCyPD3L_ko@;uGnK4E-M!=Nn<Bd9|<YNKMTy8PwuSii@kmMDK-l
zd|{RVTD31gtCqQh#!*T`9t9%T9|*c1fOO+N=egH3LnOwZ0MYh~S+eHfj8D>MunHWc
z%}ROg2p{klrtyJkb9PbNjQx=LfoOewAI_6|{cGX#@Zh)b6l&W0`-eE87#^Txou3eq
zb(IvjaI_|HqM^6~WG{M!)i_VDdb|%#9SnyTEiQPLyeYNzuXIh1RPe4Yf(Qfq?gR8k
z1|v9k<yU~*9G2rZ<COvrXLnW-cO5to#-nINy9w~%wAm@9t9px(iZ408c6c{raO#D?
zFm`5ij6&$jZ!V+<c|(~_q*bbmmpIrurwHQx=DkUI;@Jly8Z`BDuW&E#Vin|Y&)kql
z%;#>LQv)bJ3Q>7-qOn{>#R=E!di%l+QR_-L{~lA0xV-m6bl08qdXCn8LO-GR5HG`S
zCa%k{f6NsX!|x1p<ZQLwQh>SK5+;3gMM%GR`g;pmNQ%PsVx<D7M}_R`eI}S~cg0Y+
zZ>WKQf=t9&J}bi<+sSL8I74yo^pBiBFvE^0W7A?Y?p4Y6f3-w(b84RBRXOO4l>6kH
z_E>VA+qW(Ng2X@#$KXCojtnJ`RJm4zQohygCW&S!jCuw5hr`LEs+&X!a1GKkOel0H
zv>=X#oL^jL;99<f48sNRcfVSMm4w_UHexY+SLUb*uQqagU|7{2K}yu}7na8Tao;@T
zy6@NnvtHu}96OcFQwK(evFB3@C@ESaer^A7q<sl{n&h63Z4Zwx7Y%V}jy}GH-F<v5
znjR92ZL9-x&V3YzZ??&D$g1>>I)OqQ3<svvD^E1ud*E)#uvgFcZ|qhFznHG~syR{^
zZG|=z+(H_ZJG|CppH)Dh3rXOUWT}QdP?fx*3TGaYrx2sR5Za^Dt7pOc3Xkf5!<P7w
zV5yIP;z*&G^(#E#@#<06a|<-Or3EOq!3NmLjs6CO(^|NJ*_}6Cu{Q&9btfEv0Bqe5
zGz(!_3A;0kQ-YH>`$WC7oPI!|+Oyyc`3iGPat?6|K!2BtRx9hR!4U91$tU4t-Yqe8
zYri0alJ>;&kEVbQ`JBzTPR7b{%)XqwEq3uZ^5}qhJ}C?-WvczNg8Szm_5$S1)<q-l
zvJ18`SNZLi5{F{PEk}owPUAOIE_<Ejl_t5cAWqs0<_9`9-XOs_+i=`PDn5rIE+yt>
zn*AMoQai!0w;DxQLpd^$V$bQsA1S2raXJ(4mbJ_~gMu@BfAj9zUQ|p)kDuIfglzzE
zR`jf*tBE)dIWQEdAjEW*A2N{ZwHiuadIN2nUAj)Q5{xV5CQ|rm+j@L2|2`^RQ1Bg5
z1FzEqS)R66U?x*fQL9k5>+arstB&YzCEKykG%(2foz%M?w;WyD_uV~F6d(EK$+|WI
z!|C)m+9F50p2#C~flzFcxDTDPZpcE_^r_3h+?*s#Jf#K~haOo+<m^x!qx3VFP{tup
z)DZK003ysvTcTgR6&12;|De*eNsNMc3XfGYm<?fE0c#!ZB36-GiQ$qt0d;juOx%eZ
zM9Ay_TYeiv$>1he$11l@s1F2BfHHFa19E*Sj5TbuN67pxyO&zJ?A@(Fr4o5Jd740%
z{n&d?vl$hyl0BqOXDUcaH6&MavGs~?uWp{d+9j0{72-_4wlf}BCf6YP9%MtX3x0{Z
z6utO4kR#La27O0}?eP3==k}-Hp==)98D7p!g_KX}(J}>Y>t^0U+});oY!)1QZHvWg
z+NomHm-&%#83NkY((#K&8E4GJp!MVom9{U=Wm(V$xdcXY7EWPZ)=71ORt}nJq$bVr
zwBI5G&jHBU<A##%u^7?+PHy?JYVjW|P25{~^pGJ#AGt@?uZ57q>+)iFKqlG3W>S6E
z7c+rT$H(2=LJsKMi4>Y?8R=MTRHbO-ZGwi0tE~wy9PK+3;HGR3G9a-Q=>EyfJh%61
zShqju3Cn!IhfWd)Ha`%1Zn`Wg|Gj+pEZ>phkID!BfCBhL$&S_a8p_{Vfo){#VbWl5
zaF)=Dyf{k26Z#98I)fpq*UVk&Nz0gs_lO!v&zUN!q<BWJ@UB=HkuiQi$!RQiRXp(O
zdCS%kx}qI;dIgHn!Zo|E48P%OiR37Ifg=a*!*)68DKKU3IAi^CpVK`@L%t8ZJXEqR
zkKOsVSZ1+dOi4>Ojqlt*^`TlaGNrao$~>E3zPhDtRc@#@vACkSTgBqW6q#NN3-W<Z
z^Zy`YmZJZIjFC%9xXJ!moV@nDGX6E{wIm|x;07*#Hn$aodOo)z1+;iYkcFNle*<Jp
z>ERz_431lFRGj<tGse>KU#nFb89b^ksb}x<*A$OubEo?Py1J&q)TEv(zEV%(Y0A>5
zHyRI%QxY87zeXgdjyFzHtyyfN-?bl*Tp05QAZ<o)%{u^(im*c+K50U_O?(!!SnjUy
zRC&m{?4HU;7KK%xko?Zrz~`++CFL)A63I%7F@}U4M|+E?A0~(cN%Sc{M;^)x0zYTw
zs@vC5Z)0V6UYZ8}l<ued{D+X^Kfuy8Qa><CV7aGLZ+gte<9FoxW0DxYWR9Hmdo`1V
zL3!dOTJmj;lCqSdC3*|l1Vz!Wqw!z4wek_Ptb$eRYCMxln&OfR<#~?DI9*F?3b$%i
z(An(oN=<SFUB-!}(Lm^-c)?GBks9aGyMG5EDyN|&^Oo{;X*yB#mHz?Y6>1`%WLpk<
z7KD@xgb{83uu%O%;Ih9Smz%t`nUX=RY141(K2~lu6gVNjMb^a2ykS<pfKgl1Y|ArQ
z5x}@cU-1V#^Q$KMkFWg4TR@l+fnNn8<(bgu+w7xzaNWIF_O1B1WJIwFak_J+$#})L
zVeOKr?pL%{#p4yRcBEa_?YK5m<%^!tKX$rduYLaVO8@kuU#-O5(1Iax?gaEtBtK)7
zdyZG7vv_N_%M*<W(Cb3@QexhGc`RU6tVFLnmqxk{yD>Sz?>*!;*tYg2C4UwO6#q{y
z;TL*PgeKWk(Ku1Nx*4L8{B!Ipo{NQTeWTz9oVncsg4c)|m2VM7)^lls7lpFq`;pzw
zQj?xcztN%pbXk6X(~qHI_{z*U&KAnJOMLnhruvxgQfUn&y7J{p-$V=%7FbkpZ+yY1
z*)XJ|TjF^hl~N@1FkvIKRv7?_|B8?MX(?n1872fR_67@neiK4SCPB@Rvj1$taf()U
zPbA=O%E-&7;?}Q4E<_}zhI<c0q$cr+iT-b51-cl(Odyw;SSA;S8+~6t^Q%j5#2NSg
zc0Q}jj>5J9KkHn(SIz#y5(B$-Uu>e!%(Lcmuh80id~E+h2L1XrA5+BKn%P+8ZsngK
z+gx70js8LakKr2ZP^ctuXOC4>slvHe^)F_F-(Dvk=<*41t%f2V57Lb@J<iBwUKDQF
z2;GZK&{L_RcHc^9Bol{NDu+i3#X<kF019<c-aajUw-ukjuteYSWLV+RF`FNMs#q0U
z+VajFE#bd=-u`lPIF|7e@ldAB_1uLSFde0a@tv5d7rg)FkD$NL?8SNH(cb&mkJoFW
ztNGdRI~LBN|BB}G7keZA(rwP>jcE@ihty<Jmbu=4^>%oP1kF}%IHd7aLtg&{Ujmi_
zhX*>KAN4LNev_mA%bFCcLBV(GZkt#9FFp-`76IwHwXwK8@L#ORYv{3ZVk%WSLR+!_
z^1S`}UjKi7Y>sa9aB@MOaAHns`7{Bic*;+)*DnFSIU6Z@iI9CWzt9;Y*U2N1?8wi(
z;TZ7e(kzq$*Y4#&XZhQIxHE;AegL82*#HSvqbyJc%nx8PXa+N~@bn>S!*%=f(cC3N
zh9?&bkiXA@maIG9+^`vrZum`A{kD0ko%Dn^B&&qlGE3kwF?{!N1ml;P0q_V8d$i2F
z6Sfk^pm%xw?e!Gs#D8jZcx=@$U{VP2SpsS8EI|FRLG5pP47AwVPe^DVCp@*!x5tG5
z$M<X;p8%84Et~Y|WmoJyC>snLFf(0~(V79ImWDM0(xicqxdh0|`Om?~3hrE1(-zPW
z69fTvBnAos@>5sc_}yp`sR>LJEoC6qNj)!-WUm<H2pF#PXYr3i&5SK*mzFJ42$&%T
zN&{f8OiqR1KQLnwa~K2(aknsf-L@s)nd5%IpnWR9tk%bA+zy9aCZ9feogI#v{wjwb
zWxhaJD$(L`_{V+bqo3GZ1ZdV*Y(Y&Q3@(WXgkQg31Fvx#f(?M<gm=yzj5^EiukNHz
zF-bW*7*YxjB-CR3r051=_<-!WK354bPheyb4aRF|%v!$jEEvRtb(7ptIniTlkW#{4
zsB3%Voi;w73s8C44y(xAkjw_kCFX+jJvG3rB$UK@A)I56ei%pIkR02r9A|^9HCaGC
zOkmakOdSx7)dG6JryQFgBZ15suzJ;z4)EuffRPIZK|r4jPWO1A8C$zLtl%~qMhYJ?
zvRl-gp<<B{gNadu0xnx*Qs(gQwa+`vjh(Aly>9nx)yCSNA2_M8T!56ex#hrZ)C~|%
z#TY-l`5UlB?Kilc|CpuU<R4ZjKuu(3K!+D0ZUI_Q3HZ}GaR!BCeC8ez6yZ7t(0bgd
znw71F&>D~;*Z%Wd)OCgxj7A#3BT(vT#c_af13L$WFeiwI8!H28UO^x~jXo7{MYEvi
z#<T>hYFfNV?OitS79dy1K)46d6d=)j%{KtSFAf5^T7>p{@E~UbqXu=MH$X>bfmHzm
z0QHemZNeUhn7|_T2#b6NCqK3I774q?;Jja`m>1yVP~a61$u;v?ejMkS1%qBSV!+}I
zaC9vVR~Or5jmWoJ)d3ZkQ=Ovt^f`&mcOYM6huDcg=e{y4F!Ckxr=)x!jGAYv(p6{3
zyVdG&0J;UDIMOLXpWT0AfT!LSe|c2K<Mqxr#9Rf@wdDJdSh*UohQ?_-@F4Q6>U)$_
zNe)3@<h|i5kSR&%pkLyb_23M{?tCRDvYENG4!4g8nU7-HRed?^oclhXO$(U9a;I$%
zpqHYRRInrPCda8SgL(SRO0dVIKF@~#Nc2(QRL<)ES^mQ)tSx8$TJKB{@N!k_u!X2^
z0|w(xWN-nyB^dn|m8#ZA0XvUT5()YKU;@PFke8bG5@mbcYkv^zavra3O|k{33C1X{
zyVoP#n?r5NnoxHq>>|o;vpZKh+@|@`f|Bk@&+jvQBzkqCbdcUQ?)veYTG%q8k8lDP
z+pdHN)dyd&0L-d;+3QpZu3U%lfF7z1&JABH0IfI{cYxJG&X+N~?01s_;k1zKy;ZX;
z4z>;>FKnTm#+3p64FT4`1Pkcc8NP`O)GFBKqdb3KXAFBF!>@D!vS~i!i&oK!E7!V-
zU_txrnrDRYMo2@T)p{qTknCtMQaBPqUC(<IIG=R!gJ8Mwnr2Bm01%h*+XJ%#vB3N@
z9sDXBSA9V0l!50gSj6j8(hu_*Aq<=9IRtAMQBdW={9t;!v2CA-{qQ(31~6t>tkA4t
z9h%V@B(diphgv1f4*y|{fG6O!RO;%%!`n<9#)1n*lvVeGY%0d=ylx|sYt_JFqEan1
zhoH$uss>!mB15;P4B2PE?Hbka3o>bBVGReLQu)J5h}mUYJ0Sc5BMEX~{Q&$}3s^&x
z5<hX@-l0J3RYc&7qos>p96ZH0gH^*;VeII;;VThM5&M1ozW4kmf0@zx;M&qc!Iaq^
zxPvvs9Uz*HE;Mw(V=2jePUmZCU)P=Q!+_BvmHGnl-l6fa(e=*Ngci(mj2-^p0d7nt
z^}KRX|LLMGyG|7*qpy;b&g;s%S`JqB)_fwR6={I+RCz940l)eERuDp~=R?XN6$%5p
zq<V8a9tJu4DVS2hVn6H9`B7{XQKIj;D}{M8A}WG0%(Yw0f5EdUru>JZE{=wq4@eEl
zj=BPt&W<KxPc;(BU64c>#5?WDjYZAqthiswEiw%#X&aW9^&LP8qRFv-eAXzD*2ka0
zjv4749@T?cnW>0*f0n!RV>6P!(RYg;Nb3v`FEsZxci2DlFqsrMV)yUiBPUuRYC<+4
zL&h^HB=?1A8RT^kln&1fa{^w+P@R*k=-n52IznQ*m2Ep;j79V?AEL8sO415B?DDm}
z#IX^rW9ys-8&P${X2>iIfhK=!jCn1gMsX;fEqD`QjHW+q97v#saG0+L{Mo>#gz`dl
zqZ4H3@-!F8w-AXOnhnuZD<Ff=-KCdHFB%cPTDwfkXnx}%HY!?>>&aYTNE6z%csKRk
zvDOwstWJJ^qLaNA-4C~6#5uhc<bXF(rY*iNPBoRaAeEcLGKD86*)C2t>(8*xR8))`
zL*q)rsNS}-w4`Meg*27d`5;9{&{cgty3460>?NilPSdCU2dYy)n;)n#CFHUqrb9ZM
zsiVMoRd2@|Ztw~4zB19V5tx$404U5hw|XLdDd_L9S7Sh#EyClrx3DtXwQCTL6M8o^
zvAbs3lj?MiGZnKZlMRs<0t+Hd*O77k#t^{1lP_J}=8?9}ltkn)AVm}*M53&+l1l$w
z+CGhHk88$%8wJHiD2|`O^{Io-S~^b&w~+mbUgOS+%&_TQ@%QWZ)24x)NeuaCl5cwL
z&y$UD=fABo{oEyxU^lNZOyk(#q~W#{5kB08I6iSoij<R}899WJ9z(jT5&q--A$%<c
zOxB=aT0=e9B3g<(V)V)Fz5&lHgjHMk&LE=3A`5R9tqDhN?HP;c_^x;BI*do#=Cc#N
zUv~-(l;Qcx3c4;iE8(sR)h5kI>L#vBxTlFxBXzvMMG_QFZ+U+iL*>;;_-<6t^{F)A
zuyn0y%WoTX6t8=9l>!SNZ2(V2uFKal9hi({U1&H@e|^OTkPW<#=&Uqaq+Jf#m-f0B
zMwDLb%0Tofzw49U+h)2n1}}0IA4y%7H>BIHf_P&!LOHixzc7@7V8iwWI6|?+3035-
zm=6#Ms30jy8k9sId`$C6J*an_jPWDeku*?P3$Nn+PNKG<lN;&Bdn(J2hJVAXu0G~8
ze<(MBpJD=cp19MTQ@6pS0T?@>>OT!s=#GSJvYCp%?BU1Lf|Nn^7pLmS)a0vxJ%E^!
z|0u`T*!+OXT{4odd7M5TE@=AdN5$+(h;opx#;BXh(BfS(y7YKUr8+lQ!Y+$R@3ZC$
z>SuXFdEH<1^_;$`<^;1-WpauS0^~7~>dreL^cm%-aplFW<VVj)9S%813xI$8$}8S6
zmz6vm9aR}(PTLI^P$ZqIcNIx@8qwShbm5=~an+7Dk8Keu%+1pqhWU|mMiNo;Ws{`8
zBA#P2blJV5h{-<k1oQnqINl>?3t@P>jG#n+(Ua^m^+N;J@#K~4v7z|+oL?x_%9CIt
z!;m3U`epP!+g_^c*9^)b%KI8xTgjU)J@!SrED;ON4BL^H?>?$kCL`ipnH?_QkW!_g
zM@KNQ%~p^QE0f3xO>_nX^IWGwlft?#&f*|!A2IVLyt@0uSZ}S1_++<aky|Nkcgj?8
zGnA#K*TB~{0;lI=S52Otj)ZKoqb6BoO&aG~xBZ+`hT<}WVfc+H`kwT<sTPoU*9cf>
z#iK0UMTWpBE3GQbcUt#L%hXz=!!dHVfr1xfC>a>VV8>u9W!}hDdlqyCtQczy9AKv9
zF;0-O7C@f=Xkf)IXd5T8Ah8SnZ5S%d0LMQu<H2<0r1LoBfot1oIyqzd(Cb+RS8YpS
zw{j(UMaIvCbBA!Y0FXnR!`#%SQbFo8h7qu65Kv0E?U2M!C1mWaw6xmxA+f9x{xTm6
z9<D&@e*`jvVIs#f0S8NEK4uh8ntQB)^hqVNCE)c=2eA{C$qr~_V!mG2u5-tez-go5
z-^@zfkQk;-<#OAJr;TOnXxV9$I&Qy?8y#Nbb<YLrFm6(M+Un3Buv&1msw_E5MU{T3
zM&+4w9O83f%cemVnHq)jN+(LTnu%yND=?^q)1>$0{jexVBZS<+t_rsD;co6RQH^=A
ze&3llCEyF^#;HE10?^&n0e5#+1Cw4%r;V9tH@*qi0^3rkU{|kzOhi9bqRtd@?YVB!
z?UOuJGqnt3twb1!Ad48WI~;Ifvt_V~bM5ob3mCJl8ny(*={PR;rp+5%6Y4j-B~!9_
zAm(@8JougDJ9P$YbK<;iFA~NYoLAI{^ShF}x2cHC4izP)Y=+MENrxTOZ;M&cHR2O=
zZZiZl9QT%By^K1UV<GicCC}3Yh=wxF|A5(X5y94`d(U{h-ozQE6H3#igQ2&hEKr!h
zMyoAef$FP9FlE)qJOxLNn1+%al-yA6aw`_HVNCVCUS4VZAreYKXG;S(6II5Z#8o&5
z4@hSau<gmS@8w@^tvE5|^xp%tKt!6g0KQ}RiiS}*U*3?*sA)nVkooXAV<ZY992Az3
zj9VGWNdz_>DOUUQWYXIuAp+~Iyf17l+;iEGpnXEaa~m>Ya`uo=Aj5rIihKwB9qU18
zb?>n)6F*~4IqwgHfa4iNFpX!g+mAL0^k$=7oDeK`E*tgNeJ+1&Hf!|PgjQFEU|a+$
zWgy{_4tt^XDXb|J%$Dw@_T`Y$e|0&%!F5{U+D=Wak^rE0)h_15b5~Wh_LxKu-9ZMu
zj5sSnitOPykNMU_2?EXtkCkMuG1=#1j-OZ6hx%m5-gVV|meu9I33rutUEr&rTU}<b
z*qb(wr&)eg+t>3mIDz3iCYaq)_wsG|cR4qm8F*f4KrU9Npg%pem(v}pvKmyke2KF+
zH#-cyb>Visq<y;8JbTMYC504d#fbjJk8d<cR{L(4Dr2MGi!~okTYeabDiE8{_Y01B
zas667QBne#@r(jjq^tMjfNABFWzP9msqdtOlk-^6CHN-hODf+yh>xNB>~`Dt6l!9_
zkVjo#+H&W`=3y_1SNB0^bRdY!WbMs~5xo=RU<-Qtj)7G8HzPel>5-*zDI#6`MEww3
z5lA%I6O$1X%!gKqC`UY`^gcFJL_-(A3NJUyWlReN<B{ogTqd1%ui;STx)Qgd?LcjG
z(04cR<jtSU|F%GZw9Iph6V-D9bnv^M=78=igk}roG?a5lGTPfRQUR-HyV&vDBR)|o
z<P{=xjp`PIQDg#3#&1W)uop5svW@0-J@OQM;#RED#1*$I3;GAG#}q?70>~3Ld&4u;
z$R9}cH_bnQ;V{$m+I#M)^I#)C*CKvrDd@_W!tPELG~#%y@hVB*W`sYIn`UM365`VZ
z8JIg{du7}#&A?5wHY*ifOCof9W8?PynQ3XlUUlQWD}gV|aa&Ipw~N*U#4WfUWgI#P
zmq%RNhu>XJy5%K`I;%cX{fha;)Aw9M8MjJ0LQ!<PW;HNs+Yq(jp)A})Io6{Mz0MwA
z)Q#^{6qdUP?urz;t#M~qwEM{+=p))r^ee|+6xjlse*1~k-cYrkbB^2>rln!oaYz#;
zA;hUg^gf<L8JhksAPZGgb6@XMC0EZ*gP?*I(3>U41QB!@QT}R|RMHUD7RJEzhgQ%M
z!Hdjx!XX_-eaOL;<YvSehGhnN>TGpNBkmld)nN{d6iV(c+17#sJDqs&<OL(?UBEw5
z3z4@=VAffqcgJ}ijsV%C*rUXQR9QqF+=ba}bG#}tLqGfGU++nedZ%Z~gq-cR7~e=J
zCOaoJ3XDK9MogDM?0D=6yuY@$>F_HBGGZRHZuu-}du{5ohxwWBhXQE|)nCQH-9~PE
zy>Awwwclii01x5kkCNDJ44|g2-Ul(XMiqyk(IW<@QUmcwOj#2m-tqFI4l*KBx7M*U
z$nw!47q&9>NLhrb`18DXvG+M-`em20Wg#7eh73X>d>%L)zt%3sYq!5*p~?cIkbfp(
zDj78+y{p^nQkj^v{P0yAcw^>uB*=&!Lh6$jK}gvzFDIU178;02@AZec2wb`@8^KkS
zP)%}Qwz=Fo!|{cMp-aW<I}3dN)BQJ0jtnJ<ljU{`MHi&Izeu&I$R4q4XcU&NZFr(W
zar6tI1)&!>Tq#XAnBP@A`G&!f@as5z#(b?+2UU9St)ij2N|lyUOdvp*+R##gFpCq@
zVXSB!YO?n^t$=`vlQf%69C_*!q|5O9T6J!9vYx9Xbnv<kn5~WVy{GmDai)T!EJLCX
zL6izM$QaRqQem>qx1y*dn!%<^JhTZQ9tal+Uzeqrh7NbS#>NowjPdg(?w*JgpgH@X
z^Snd{)q2KC;@G*FZU1CRQ2P%<QKmP}T^0rv542Uyf%9t24M@?~0-93|(U~8Q|JZ1u
z0-*;PaB=>|uD^T+cCTWfF=}?tcpW$lA^gpN)^JS29LQL%ExC|zo5}NVc7t5nTX}|C
zDHXfEsE6|%k$t^i#WfccNcSsqmp2p!ImQq*%CAps6OWF-$n{XFtfV8}B$*`u31Wk4
z;x;5HWg&dH0x4U;CT4ZY0SSA*NoHD&SK28$G_x`sg1S2h%6;jrO0m>7OENV|bf%~m
z0Y1usm%O_Z3WHGI1E-F6`PT1rGH4e9kOFE>4>w73HaWgwu%j+<>07Ulyt^e{4d93t
z(6KdB1(V@=1EFu@jAHi5%wo}Baly<IJV@O+FU+xNQd0}`1Z&h5{NQ8`L_wnrw~cZQ
zfV#t=-33FWAR_kk6y}m@qd?Q7%y6Xr4UzpGZo3;)aVJ)zK}1tfbB$(qTS=T2K&#(5
zC&BF_9V+uDmg7@p(Iv#I#(U)kK0+jwnkbN{TP6cJ8$WX$gQ+mULU*Z@<YP}-zIb)5
zgZNXme$#2AFjhiHjc19l>OH}gV~IA|hqfj&WO#K02wj<%Pz`N=d6fLJ1YOwu01b2L
z5$RM7K!)ux-%J2x?||(W2@O^6g&inM0CIBG&p2RM`2a~Du#ijzf^tivq`~l{WjN@Z
zgi=9mZ5K*@N()Kl1Va9NP=5XW5DJb%(bN7LYFk5f0ug=f;MzGLUt2PIyrkTAD^@uj
zK5Lq;2A64epWA&CCyivd)GvV@A@5cuemoD!nB6A;;FErBAnqpPa+-@CzFlG;#_kbR
zYuu~`vx%u)nrZN;&p?vKElAgl|2>KQmXcQMEO##-4U{DW^cF&w#7U7WL)lVcD^A^Y
zUl>wt#VZG0PajzR;DA)?pEiM*78~eH9U#yad7q^Uh;e&Y-M~N0hN{65f5v{Tc`TAb
zSRhEm^4nWgVo(P)dK>}NEqzwZwP#<~4q)azWqr5*Jhk+ZLCh2eB)rb_X-YK!2&{ux
zMV_b_Z8~slbJqdfn%@_c!tuHV8RC?EHBKKM>3{<-6lccm#&sD4a=hd@)9c}{zrCCv
ze=<_^-iW4onubhjDg<4=cw-X)VBVK6KE|3*fpr!EbKQ#L6$eZdv#R&B_XTrYLHR1P
zY7#DPLCa-))C8>?3YtYb+9?2F7;O3uRO?(~U_XbddaGNXdo**?bP;lkn_K}6I%hG@
zHr!C}#hbiPx(vfJAlNYS7PR2bv<pCa0Y{>!g;3JjZ$F#g!CDEKe&Zbr_fY_bnnBza
z+*Bj0?`H*9HS;axS;hr=a~Cq@uQS@HOGZh{es*HeQ2GZ$1O=j92Nakytlto8tw;+d
zFVdgvtHzdS)TCIJ%aYCX+`U0PQe4)IF$+|e;h0QJAAVedgl-x|hE{LX$J~zuMDJil
zclClUVB@|_uBo!%5dPOUYQ?M%boEjFMfbkY?2a}!`dy!Ie1@9F^SnQEB`X6&VD$r9
zfo~@FIkgM48o_loyME2P`#7Q*()mL<9{wN25=PxWL||+&SEwjWia(p6_Y)Ayw1{ap
z1n!t$KAFlO$J~sxcAa-x-_St-L~e7B>*P{jv^L|@dlooRZiZ-`kfD?t<e#?@b^j*W
zamDd3DES{Hz}v@2R0*rk2HSONB=rWDERivHazr2TZGdI>L7J(Xlj)^u=hH4ujJWPf
zunh=?R%5z)1K{{NtN`Z*OtZ*nbzb@K;Z5@U0fllkq&9VS)!>MGYmXRxT~Jp!{46jr
zIi%2#y>3T55jbFSkoxfT5W96m+`TjbZ6VZ|zwcH{w8)5RS^RDze{0pXqC#zg7faD%
ztatmZ7b^`LGn-~(`WlMMD$#0lzyI0!{n@$a;c9^WPfp=Q?WjDGp(U{O%z`BoIW)JR
ze$#FP6ew8Wjm-f|LEa3uX0jOk@mDw3phO;GzYq&&Tp9uVrzc?c2!ow6RaPw+b3k5z
zvI@*H$LITfEkMx@8oD{w6dSVbv6rP0*%Se|NhwJWXFA9n<X3*YH!c><o`zD!)U+(}
zUUw@{-t;5wn*)+?;q&RM3w=J|9Jx->4P~E&TMt3OQoh_br@$spDm?V&JIE-*DG(6=
zP9I}CND1#L(?fTv0Y#pHI!yO<<8iOxHXJxF?n@6D)#9VL2)WM&Rj~)qC0e6jOXdO?
z=pwO75s03!Q~n8r-9$-HteFrPKw}s}7mrv6E(}df{hncY845R(#+1wa6zkBZ+_1x4
zaCTv&3A(V2l^9t)Y?MZ6SW135XJD7FGN;9V_``U<CR-=pg~{;}Ezc9o!jNtvGyuS_
zaj`a>ce4+2!Qh(Od!vu`R;Xa2b)aHXkS!llJb3Y}4$DA_d<Sbed9K!YjRc5gpgNg@
z0XCEVwpKx<sy0L`9c2jz`4+D(qoY>oJlPY{B9P_s`?~-0rZ#R+`xZRNUW9;kDdGGH
zSxoj$u#>X6m*YmSPG4QRK%rpx47aQpp5Tpx@fuAlpS{2yOfS{O9}lBI@4f(}2RoTv
zD@?^v2zZBD!1hTg_3%~IcRi0AgLx5eydZ(RuR$FM0g{Tw!zM!M1uD%zNI?!}ee+I$
z%g8ywIcIZkF+Va|kDhi8KxPDxCjblJ`HXiU@%VrTkzI`KH!$xge6t#qT1F#~U26k0
z)mh-2S79-wVcB79yH%^az>H!H-)hBq0OPdi09GrCHtoG;3MExZJxOy(UHCo}1{gXj
z?*Z2cs}9wW(^|WZ$JdAjOMb33yzF}&3&8>`Sa%>pkndd#IrxUrCesKZ_0`OqK7J`7
zDHAg-dP$&^1JPi%M1nr4E=$wi01P)u2TZLf7TF^iTrDsQsYRO93V)^nfb)SMl!2FP
zM$7n=UUDAflrt5VcQHlt?t9`LLV`~$!Oe=NfNEjIt*if?!e6@&9LNG*?pCS)1GfD6
z$U!$(yzx50!`qRXLJW8kWUVQ<oCFe?9zYYFW2^aGa1o$QY@=muh{n>oy~n8qMDJ|?
z_lXV2Uk{dBexP7$z;w;0Hlk)LtzCPoQWl2(#0Q6F8ghR$oq{Je2ndZuN5W`bE$R2S
zsZkxs>ICHO@j4+=rIrZtCt8b$AHpOmO!P)g>J3L??&XYC*-%1^*%x~H-t(p+`~f_r
zA13vyCY0M~D=&-ROFQE=ZzEtd$mxxUPU7rEKsONwj)A9-!#%y6oD;uq#$+s~f|toK
zIL4_iJ_Ve9!VG9-z#*lL|70|nFWgQ9VpFPhignw@2Em}E#01;Hijc}dETQyK^^J48
z&v%iAUeV$^%`K8Kzdi{#x-Y&7VUvCLjLyK=C_LeEi(3@kI(T)3l;0Tw&=YBr91=wn
z?4FeThEm@3tCh|))O{JX2>^#bAB6w-(Tvs?aSZOPxy0;i<fhvXaigP%^j^Ed3CCY0
zCd1q4L}%?eC7-a|1EVJu`Kaz&Pw<60Tg<X{;&IELaa&JRuQY|&eg`#18Q7W4T;|)7
zZOE`W%d+kF_vzLtea`Lf!ud9PO0m~1I|i*3_SBX>gCU?<U?&_U((5NSe1iw&$7N@p
zfQ2I6_Y`h~Ia2XHYSD(h6>WPIOn@=zLtl0R=Bw~F)k<C0E9wfG+<Aqtn{3oV<2WzF
z(nNbjsad8vIHsZSM?jm!4$&UYM?|b(7C|Y8fDmC19Z0=77O$he)5@*+dyzjZgB)7>
zbGLZh?El#!pey6&E`vlB)&FJHwh_&-NA|IXVV$85C_srRs_Qo4gHjx=Xq#bFxVRKV
zeezvR9(YPmB{vahFaF2^;A<wp>m|-PZ`HnUop^Y&DYC{8eO0b-5qN#rf=Cn#WZ7xz
z;-6RxV0XjWyg^Q(_|@e_3x&r9EHS|uIKS+Abq?_;?v#!asOv<3dyToR()BJpPfAmq
zk;a#%cFybZqvu`oWH|nJXiOZM%ZBHpGWPf=>u`GTnyNKO+QyK#<J9%|aYFArbP2f4
zgCK*wfmRU}GPKB4ayvf7uT$#}=e>ffFO5A4#~FZ}RKTV)i8!w?1fW&K)U>QXo$K%L
zwU`%`!SUj$eZEz}->x08&kSOGQ$82#`m=y$4`+dB^EMHod+6Nq&nLkB6bbc1_%2#8
zY(my8(@+ghDB^AwXCQ&!csG}>g3XAP;!RI<a&L?Yy(FhNg*dY~xx<tQsAudbW@tem
z#=S*)x5O~QT^toW>`Bl}cW^XsfSPiD-tz+j@r%-<V#XDXv3E09)M&mjBm!URx|0<J
z@x37aP2eu$Q$oWebXmZ?*oHpRCc)M|Zb@@9hrQe_WNj7Eo!%Q07Y22FY8e0|+V&td
z0N)YkNw=U66jX^x5b>R3IYS`t9Uvn8${8sK;vb^AM(P6&bvL<{JK^C?cw#%`bv&K|
zp=ErL+-K<MCBK&&YXW|#Ny>Cj*WGEXGEiO!`Yr3Z(KxOT)>QJgoc@i5i6a>IZYrm^
zWqqQirJ%)VLPq)$RTqqnce*{2k}~iaO1pTF3zMNIEKHUglwid5HOgZLm7!e<1*|qn
z_ODMIx`ER3Y)3lp>kgc?+x2$Kdtlw<#N?i;L;H*vjN@GTP6xLe6RhSskyFr~I%&C;
zupY=C7)COi4?9F3O%>hV0>s+<PhXDWKR!Q(AK)>9-|>zYE-Zmu11=`Kzo(TSWm@Al
z=I{uMS`Bs?jYF#I#-b<!Tt`{;XagudwhV0greTs3%xz3eRlwi)RCh7fz0OfU=qa9D
zHT8@6H(>>v(9St$X?jDqi-oq1q2q1u(O$3qJtLO%Vc<A*Y+|CaPk18T)MNd-v}qUy
z9$lve$uZ2oeRLt=*cOh#)EI=wd4ltT^PIy0>*a491>ni`p$GqHV%+|p{@MVGzEP+g
zh;dHHbR>%YC}SIosrzl!$iMtoZg|j{ECOMeT6z-y-*348>$g2z;6r`D{CE=z`1*r+
z_{SfW-N65jGdKH%c>eLd{&%7C=U;ya2P74X#HQcBzcAGArGuo8#iS&V!Ufe=|MzEU
zWTD9{6zo>^_*=>C|MRzT44H-6Ze~mW{=(p$Il9q$gu7oYfRF8$MBQJdf0fi_^Y@$e
zU#dL6F<Bskb57@dsf&#cJ#Q41WAuOXy#4jF`PIr~miKxB^@PWFU)KNT4y@rorHdn%
z6%;n~mv{f$AC-^L7}rKVJG=<{_x}s>z$C%v$4Zk=q5j(!`_Fe97KWaL?bI>qe_G3b
zVIVWHV9LYqBp8PB|8c4O<(4}|f^{${SWx-szgP%`5<r``-rreq?=P?LPd|!Hf<>c!
z)cfYYywrX*>&n`e;7UhPb9gtmav1c_aLgvizIhi&l)_^{Hui3Uhh@Sss~LUb_s0C6
zmzOfGA0z<G9|x`4<H!1ssX>w~W0ExT$0#I!>y!~zi6X+U%*7XFu$*k935(CK2=X8J
zp>)ygd<WBBqTV+I-&nFB)?&M_<R<&_LS#(9abnvrNowh~1Ft2A_W09`>OQr8r<EC~
zt~&<EfJ7J}t9Xud#F}z9^zr|=bz-V$=b+Rw1Z`xN<_9xFzZ-;wk7264`v5=c@E8Qz
zvmkK5ao>O5f44{2Wsy=dzx$27X^#dg3Un4gCaE)0NagV{)&d|P&@<{cCTRew219^@
zhO1I=7>H?Def;(|?-Z<P!f--rD0hgWHV>_KIMp%F^*}8z4sf~{Aoj{zaRdNz)Ds{t
zf`44+UPPmU%@x_5)B`=@o%sdJperxld&NHM33h2myj<%R5+-y?0qK+ppL<UjH%|Ja
zc3R+~M&+nPp12}+cC`iMepDT~WPN9*X?D<8K)c<0!5Dt|vv1=vfRgmip~u3f4fpc?
z<$b%XfwqjmNs3FhidrKBjm6W4hCMbubf1dO)2;R6ZryvmyDb0dPU@a_^yfg{tIMNd
z+m(3<i5$HQxYd=-BhO&;@uC*@`uo&7Oy6FFdYG=Oyzr9cb?u4mhoZ7*G9tcqR?a!;
z!!ISgJ4fRi?5Aann-fHpI;Vw()^GP78{~H<;$a+beCTTqBDE&g2lzfVn2hwL1e=75
zHXMLlWFV^>s!L}RjbEXI>czVn;8h<~A!|^xz<M#>e(}c<t=T9EEObgwW!@hqq?!`9
zc0gBVRShaT`&W%_jZg=7+%>uiZa7H&4Y-Mol>&Z+c>*PLSAzb717I`NHhT-5vp^Gx
z4RC#Q5KgTN<tUhcnMZ{lW2YoBsiR<kf~tdYjp{!DF4qDT``g&Sb<^YfB`nU}htI4h
zkz_02@od+B#&qv~x>FhtoEE|C^~c$<)J8x<OK1Le2@aLuE7J{E@(EqrYL~)vfg%7z
zodt=q-SJmYKP$pA1;~N98sizW`ZW8ld$Zt|HoZ##-e)2M6JoRKUec^S?Pt&cj@ojs
zP@v#sQC_<9vN(E^8|uQ|Ta%#}UO<5LGGrMJ|2_othp7&p>c21fpMGM1hncfsY{+3z
zPf+##q3uLIY7f=e525s<S)idrkbeN#3Lo?;YUoMb1_VWeFL<64T6fh=m(34ylQGQ;
zY5iDAW0n^-kEph3j%{dZB2n2J<CPBVuCyW-r&n6KPf+nr-SW=i%Z5jMdv7S4TRd2Z
zPH(3ZZxP?8k{5cftLVPB9Sh?V6@C%d@7;M~?54X-L3X)6hw%T|)2Y+cr3F%_u`i1h
zZoDxwa)}0MX1j$V)4{V1=Op>5HSUQnC8#PrlZ$>fErv>%x34ChmeysR9{)UhC%Yw6
zGF?pUzc!k_yL73ZLD~GHQlW)<zfaXZ>5A9DQ-d$YJI`!CF10{}PErgCn>LPd<NKZ~
z8)FNq{&uJONVl1CAb$%2`dMb{GeBnKG=2gI^-YQ&QA>~<7Ie}tX0A;KV2cp5f%3E;
zC_qo)?;l$&8h(R<GAKaUbw6<Ck#za8>M;QDjbk6>*t>S&wOn&4NOzVn1koH8je;v6
zA3x;mxSoc(2_i>szTqfa1S3V?zP|Yb^QHr&vG&sv%d9(-c-!}R3RGjwkOC5P`{|7{
ziBSGDlxRE)tduM#mpG;JC=KFA4;KyR{;wp9y1G@bRr|ql^F=NSepf-4t%;hhV8FVY
zw?Kf0nucLuDi??*2(|^Vb`Z$dZQDevE=Y6M!uLtgvG3$Fz}t;?i09dQ=(b2Y&Q#0u
zWvEoY!FA#$h3j2y6fh07$%ZM2ug7g0#LeKl)GR|ocjxQDm`0({LjY>3YJd=cd7i7^
z&$+ehejwJ5V@FV9GQYsu3Gbs2@UNmGJKlG_*p*2#e=g7j09pb;<cS$da5=B}J!F=j
z8H#QQ1i2Ut?5ks36UPHTm^^}b(rik~*5BR=PH4!m!?($z(XW~u%sQ%yY0kOc9>~hA
zSIxdXKz~1p_h@+@yYAW5F~j+#`snp%j$z|2FUXy()JH5xc~7>>WZDI*n@q2ZFON51
zOq<mOzfaq`qOaTAY%N<-2x#Ufxpq7e8@zU%G7>$ZL4?Wkf&1g?oo|%Jr`W+)gd?>l
z-TgD!N-g;=p5!f*A96HKV&8v>yDkwRCvqFDw83mmqi4rf<Y$ec>Cc|r>A8~9>&UKS
zI~$+pF9v4QC*wo>+0JmBw@00lY>$GCTMA`;g2MFAILp_Zw|QridA%{N%P91YxP=sn
zV3(SWh0R{nIpkm5X1l!4;<8BuLhHIJJJN<O8$Cx~)}t+adVVM1;4*n(YIz^sk4P<C
z(5gkSPGzZXZc>=v!Edi_X2IMW?KT@Zj{d4ca)}2R@XP14+14DbM0nXl#FVnXFW>Ir
zdB#wWedNtYU+mDG;OF3Pm&%<^NtnQ3+PfcA<wcMn+U@$$#&%sj>E+Cavd%Pp8FoYG
z+|ti3K8b7?=Sem39zsI26F-|)5*yeqesS+#-0E!bv_YfW0%e6_1WJOKbz~0g0$imC
z+KlZQl$n5z>r-efE%Ffm`Kl4%pyZSk%fXQyf-gYK$SsJlJe+aN1@O=nU!niX4K%{Q
zE!htw5Jy3)9EpbW73qBm&{gc7Md$Aey94XMqGtmAqtHo8Y7EE=Jqux7fO&Eua|~EH
z0$Y5?!@vc|@q7K^5*k4Pkwv@dt3bzw4FEn&u%Hd_FA+Ea2^`r}DvCdXReBW#H}P}W
zK(abNr=-IK=cZC^D#*YMGU_AQ0vk5pmte$$lk_r7v)ot1ly<M(Y12#dVr5crn!z5w
zYYSw9kak=e<Sn}$K*J0)#sQZs%z^YK3a~Ov81n$LQ}4CjVh{0k2B}2mRouQ78D59z
zko<Sq5&&qC{+>KdEIMLj(i-%SQGaIF*KweR4Nm`Iw)z>3q$T6DPF|z5xK5)w4&oh$
z`TQby#u(jw2Od5qC4VGf0|XFI1_zN*p^!Kd9q-j@1zWJKal7DAYdG3Son21Z!*-9K
z@9X+ME^>7-S|Lp8(7t=LzszZ#8bVRuOS@Y8;(PPOp8N9^$LL$vj`Fswnyp=Y@UV10
zTKurA2{hvyu5;i;Q{U_tD2{>Yz@EdtODmi*Th@DOj(zsPMo+1<Aj?mmU`rjSanqPD
zX?h>-O;Z5pKD{8e-WXvz&~O;&=ce(epKAYJFDPJHec(TvFnxudVb;7!O<WQOTVz`;
ze|Ee+d}tVEN`!ePtVWMU$n3K{CDGDxv*NZ-#vm2Q8=K$tn>Q=;C^tNhZD`KBkO_Rs
zYfX`#I!tkMDO_2Qew2I~hDN0AS>JEjB+Wlgq;0U(Pd(3nx*FLKNR{N~?6NM%LY8XL
z=lznE(A`9wn=;xh!`(gD_FMkfmYUM=P&b!8w1pz`y5uW?Jg;hpPw`oDLG1oUMj0lO
z=QMg`BvZoGR>y~haT3#|3_-ynUvI1H#7qP$oYP?T)rH!bdwh~lv)LFCIJbN9ssF7-
zj;&*R&e_FmLr}LUDdi=f-A9huAF3_aNemNlW&(?s<5{m7KA$1QB)=f#@DyuBHIfNM
z_SYygvMEGh7}*#!mHfDMxMki1(DG@UZAPZh>>p)W*+%RL>g>B3IB}wVyWPp;VDM38
zW4X|BZG2KEEkkFTA#V)twnwwB{snHjJo3j;wZiS8+K-r%ult6DJD2m0LT|y<WDSlx
zBQMc|rg@CStJzMnZYv@$g!K+FqVB3c^8dt8T=gh1+0*P$;Z^7BPK6uc4^uBT-u>9i
z;B2A4;(x%8)#<vh&x_?zQm*VAv)1OoR=!Y_SO!f|S&Tp9Jxgan>Pp4}BW(`AEckfd
zG^@(F4{z3QsD%hV<X6Y+6fvm7FL$!SU{n@FKDVCp=Uf!~5MiNH+!vp>;ML2W0AjT@
z+{>ZN-w)5-BMFiw6*HJKeUY7HeP?NiB@!|$UxK&*%=-KxCP7ilfov(vXM1OdfCq>q
z&`$?M5C>pMY{7vP3@8CsRI@j84{T=|H8}kSyHFyb2$gC~34e}}2@upo@xhUwaxwWD
z2^;wR!|JuSMRN*{C?aoIVys5JzZ|nVrp*ErB4k`5>H+yY+vYN85F(dtpZNnbk60ZE
zVwpg<>dRrrSFZ_4$v0PkX1MXT+SVBMT>#2?BjzyE-7p5~x}k6J!ms(|8j}s|t(}Pc
z+b}Z*fyBQ2M7z?G1fu=>#x;X}?(nkf=V;v^>0ib6TVAUKa8|pM12@gMOg_)_1GGo`
z6g~y_hU5=<T0SM_Y3tf0sEb{@fuA^vg0@uo@;lq*u!+I<y>9MthNewb19}1jdE$C_
z)X%s|Fu$T>@ZqZK^KhSbKE8<?a_`*68<0^_O1zA9s@?b7np<QI%IA?ITG~o4ah$a*
zntaUPu8hXMG3=xL6kVzOr1nsBoej5A-|(`WPR)W}{kiBBnQ5v1$>B7oN78X;H7#R8
zY`51{@Ocye62E8Kl3~U-!dJ%GxX-kO(HjpHM(j=q!-5%JH%_^S@!sp^NlT1nznnSq
z8L{g+{o10{=>bMKG_FMT`6xc->m%1A7o{tn%$GHg*Bz77SHS3I<&#+%navQ}4I!<>
z3@*M<$AlBE`Ltjuv@FSLu6%yI$yd^y9T&f$>k^W0xOjErxVFmXjx@u=uWu`85;E8=
zKTL?$mmcXdp&wonT9d__9M_*cJ+|A^=PcxNUFe(boD_hM-r+$brS;nble4Krl)k&T
zaM^UwK6h&=^FjXq*n9JEs@FDtG?Iu0ROYA*$vk8pmXyp1iIACOp2<v6nKI8)WvC<;
znM0XpMY2MskW85gIrn4lcJFV$`+eVk&UKyZI_LbeueCROS?l|KzRz>tpZhbkaz;*;
z9NuADzHaE}6uYjaGk2Lev)JP9fWAuDCAEG&@dSdT4f)8z+EDqfjkoQQ4hHfKE-#t*
zJz6s-4sx?duUw3zC0jg)O%9st6U>b=xpKKJdYP+d?O=Z~acGq3MB;11cnS9b5w?Tg
zLz`nVYhg=)nvR{vkK1;gF|$2PC34c;whANF%E5D~&nUr%ufbK%{Y{s7SBc-SIOitr
z^n>cTP=>pmJ{$bv)gL1_1YNVz8V>SXh`gWac)|={Yisg`6jz-+-UCwMhKrMLqhA=|
z`InkVMEUvAkJT)=+UAu_JadyCx{C3OBmjv2=-xeBsV&yo$qovYZb~dRRkHWpKc7C*
z_1a@Czv)!)m!x)!1834}IGAh746Bx8j>O-X**GaJ*Wpo0_K?<`MJfJBKn7xPcq-?|
zEiv1)os3sB<7Qs&c4Uqn30leAezM=+m&tgJyzYq}Of|brzL{-i9OYqtu%u^h;Lc}G
zZ7!h?jGEb&7TPFxB^Ns&JUo~S|0a|yvm`eho2zRRi9CVE@>z1DXwNRaLJY#ND~c1=
z#V~30KxSM8xqO?k{X`F<w6~yOzBo3p*xEMq?CNu2LYs1qTB?WdbW>!Hh`dmdVJ7uo
zr1P;klAbImM0%txo0R{JJzqvyzO_1fq*O6}--xMtUZkcevZrGr@I$7X>WjfUPtf~{
zVL@{gYn<18#fp(us&4D?eRDqC&0SWXge&>J4Uv8_ln*q{AZ=PyWPKUwJ7XztSD@OT
zJLZ|;7`dHP%qp20FBvM0tqKo6Fn<E8)W=9%rMKPEXNT!<dp^%BjolwfI;>t^Oq#^`
zf#WA#EP*?v*mO#l6dR?o4kN$Kw{sHL@9vA7(Yy|R(@Dhv*YwT|BoJ_2yX@b{nzv=!
zm9WP4RLlp<fLm>4@QI0$?)bQqE)h%G$tpdX9hpA%UjFIlrAUsE$5F#J8NE!z$2EJX
zxZQNs4kbob<E#eltAA3<vf}F4ncjTejO5kt=l(wL_EOJwgQ-XkD_f#~pS+(rq1U`}
z-79iC@xqa)t7P#?{V&yj9#H1n6cTB^lOoj2rLy*1hun^ZR<Pgf$>w}>DB+So;tQ+I
zzK-cgU#{`jtS4T3wpDqZYJN1xPc7v7^|NBb9xs>v?n#2V!%8iF3^CDGDmoce-D};A
zsfwMHw<QG6&V0w!<y&mBWL$9|yV=D`QCpj~6G;$98Jzh#X`HURw|RPK=NgMRJP8-K
z?wvb+AiMIrS1C*LgCU>LMcjcYQS*sL<cdSWQMOrgF&25=#U_qPU{9ZkGGkZqwTgg2
zrP#xaMP0t*^r56=Sk=-!7U~$kL<+{jdoyVQv~jtN3M~xa^ky$^k9~R*SimYA>he5(
zlLNwX7INNh$_W!7_p6!^Y)eIpCPBk@&nfC>TPC(HBguiJtw>Nbr+u~KFtK1(3>k`X
z&~ixN=!nt0{#4hufKSxBr2E<@A~`i#sadg<R7p*jl#}#Pf+<p)a#K@9Wbv6VpRHa}
zjT;eZ(rO@=x#4Kdq<@+sp;{f0EVL6E_8r$^46|t6VDXtpevSc|$<?+H5LO_5ZftF_
zmZ~!3ZZdaHYng-)E<4oM%Q>Jt`l(7|kMibt1nmm(9f~H_d;MUp8Sm9LWXBf|=P(?u
z2inf!4{UWRs|cii)Of!B%~|<Hy*K)17kn!W`-?0n=73T6_03@N08XBbl_pcVtfB~{
zo(r#bw%9S6bAy9AfjY&OI;(}ok@wwZEsb|lo*qx-mHf6UpD^qQ?uD()c<tG@Uy<yW
zTy@69mrk9fRPc|@mK0*)nX~;=mHN=6jK!~i-^8t>pO|qk=_ylBFDv7liZLZ*xiV?z
zC}o?DCT3hyQ(Fr>%z8&Bs%Gwn$hhq_W&aLtCgZfQ)b-1&Gby&AB$p%?l-oYFecYLm
zC!Bd8&-V2dr7caz=OX7)2{zoO8~OL=DyJV-xRSel-u}tm+8~f+!uQfuQDIY!CP}b=
z=Vv+jy%Uipp`Qz6`s1%|&(=we#TP~w*+iSjO0ABp3-3_MH&19@V;!q%xVE!ZcqKAo
zONQ_G!sq9lM+dzX8rDo_hOLq!=AM_Nif!?2fc8?YA!)2!!@+Y%g|9MA8C!JtvgGN0
z=7biL-c@<5h5puJn$`47v3XkB$H&g4s{zC#V@y0M>^(yBhRfH;eKXsm2;NjMr@i<o
zpYAz!sQoR=eO%1TaFSNm@hErO(E17DmrUd7-Mq<c77}MSbR&sXTD@1@3LGOhe#%9P
zcw!tVYOjq=54AHxV8M;WjU<}Z{)@g}7`%55(Fo*N<rX@Xhu4!lypO55XW#Ljfh$Yf
zzsyZ$QX^dpk1wm~w$Z?O?^2$Q)0AN%)k@iphDj$S;(_WC-WWWU8-Uq^Q^D0-ESPqY
zge@~&@&L-EF?-CHWh44oc&zCLY}EyK?AbPzifvrZWD2y#N#>ZHZ#Hh(>qzfQl6;r%
zj^ju9Bk@*)Me~S~h7{bc#n_KAdgeJdwIV?M^k{~~QGrK&JR|xikK9`DGjf8PW%uu8
z<TMSB4<s!HN5^(pC#yT~ll!!mx}2Bg#Wh5mWNis_Z}c~;khh5Qn{h8?kNu2%r$hO(
zikA+5JidFZe(iAH63;}Q@*jJ=wz98*jWVIr0>8Se=H}6|>H}>CexUp1^cFGXp8&AN
z4X+YX_ZA4!DgruzCFSor&@rr>X84?yapi{)Fg!(LI&}wGn|};^sZI-Ok9=SF>I0Y0
z#wHJ2^I3^ouYIa~BicQBK9K}*MnyKv)0H~Ojb;^aesWs1(<dj@;bkkU{8AYjwXPNL
z-7vEKhf*5z=;q<sE|%ORE6ZS}coDYd@0F#~kH)bY-LtIf&Ot89Z#~9-5-Bp7Iu^dT
z`hMP7-k|t{DZ?EX`CdNliZ!O~_lql+S-zVo3J^P{?$~H?PFeP?OTFdq-{JQu9#Tuw
zFZ(b$^6*mC0msyH;v6X^U%c1H<_+hWe4CdC8h$z{D(rMPkKD^Q!Ac|*C9sCb;Rkmz
z`E^oyl#p1mgw00TJF>F+ja(|esh79KN8NeZTl{2Os?|=UW9NzM%zjIL6|QGW9#BtJ
zsge)>v~>_aE+5wTzIh>CBHuWvORzxF`MaxOMzHLi<MO?8cbLZ3XOwr?Vl-{W__>K{
zBxC4Wl_P5eU#JdMHukmYuo^QD<>RFA=Jg_zXjhdQG+DlOUW_i0-66O6{3Fd+`pD1J
zFYzUp8*bmo(jNORt){ZMP$!W@rksW=wpuECYauTyWPG9;t3NWcI>X1`>d0ll`<ZFX
z>&l5x-ZHBFGmzI9pLOeP8}>5)ZLu;rXRst_;Pb^<XAqqDzy{R5!Wk22H8AJ)5sjMh
zC)1p}b<~#XiH;4O5^aqBnQr-pV`HQ!Z)8E1M8V6Za-o6uF<Z*VOYjUBXi_q2HLW={
zV62l&<|5z7zasO0nkn!s_Q*|>-0KR&=KYAMb4X&j3&k8ZlDCGiw<?R?RUk8u8?Ss&
z;LetE*@a7J<_IHK&ojpqKU17*uS_79c6R1+BafO10P&miyk|P%OOn~i-AvQsz}yp~
znrO+eoMNrfAx}Hj=`fcnc8Igeigt2g>mgZdXi|t@n@7l?*yDa=oyT58_K-zAZk`rk
z#oKMCQs4DY{5Yn%+d`z`d+wO%y3@$0^5|YuE+T9mY*Dv-bb1qZ{!bKC!frRe;$A4q
zvqSExoP2AvsE<6YdR^N<d&1`3%zO38nPJ2aF(S9#N>PUepG!JTjExz>@F`DrMjLYN
z*x0|+YOHJaspqRMQ~WZ$Q^J(9-aYRVcri(Ui{$(y*R`0BCc)k@1P>_FxQUIj-_7FF
zU&(W?5}~cftiu1+m~M0{$~LKR@FB5MSIHyHmk=k`B#-kB;uDJar8q&!W{%Xwk3-`v
z8s<aX6Yd#R!P<hZsSJ_EnEbxg@I9=tTc5{Abp(UYGoT%+>cDp~ZhG#@s=3FTnQ+)?
zT=Km|2*Utt(&NWz(kex_FDLLZhdpjx^R@{&-KE`9ugrJ9*}pwjF3-wCp{xVL6YI;S
zogXriI{)JW+jfEV%p_tMm6Sz$y|Ajr&YSBMcAGCdR@w5H;2Y2M_EvR%^>W(&<6PBX
z!rXlitQ@Y6^A``=d~f-9uhnVDF2&P!JjE=_=EiZ>vph>A0+yecLTDsdifnL|?^6sV
zC(<G~hbXhC%OspF21_azWcv7<9bU1e*DN1%oBXO`nwgkApJ?f0t*f;#sxT{7LAdW|
zju?KbWp9e{NbH$(%;3@VAJT$4MOh`0i?vhpMrUWDZ*yIb!8n#zsjcn{I^TLM@kWl%
zD!<qXyNr!z{1VgGQ@n58)~>egDazSq+bsvI@CocebTd+lyNh3b701f&{QS`b-vK3a
zzh@@j!qUDwy3N;KetYNsv2fGoydzzDHdBWTtIS?qYj72fDicMO^zK&s*FVzF_<`9)
zU1TE(XOZfaC9x>{Kd#RiRSJBwZ@qUOd7V)`OhD9?S0OujJD+vV|JTpar`fGg&Zv6e
zhg`Azvrfm`_pKaLTVCa7llJT9zkl;@uXxx=sCrUj!mBp({(7^&{mQR@b-q!PZj&N)
z!6yBGy=z+wKB2Su_~ZF11Wx?<5&!WOCWVqGM`!YI1Z~cL|3zQ?LaeX!p!UYsiuwQc
zhUi^XC-;$l>)nv~LU{Hc|LE_(RFlhLpz5kA`D3o)zkW>kKYHB#WSzZ91~L1N-b2#O
zE9d{Ze}B83yZ>r%{3uV37|97ISNDmduu-(Om5tcE`mcWkBjTqPwZT!X8`eqrzrG@@
zV{*7~C1F82kAHui|L`iB0)92D_Wys=|FIhWZ@Z>FK7Igs^P;IO*a*E+nVSJqo@1y+
zEVZ^81MaJ4=4{)ldgdWrxnGMY=QKPr(@lPM{QtH+p!Jkv;RnUvshO(HIn%)^7_nzu
z3O|9;j~C3rPx}Bks07a=rhNwZ+>F3{pF1gym4Zcy2%0S`Z~><nUEU3N2I~_;$m2VN
z;???q?^_GQetnyS<$56HQU3(a_p<4gaMVc+G$0%S5yLaU#&X1;go_CAxDmVk!MA_}
z?Do;us{8mq!*t$Who=J2!L#v&TRKQtgow0nK{2oOGxW<bn?9qm4$<j5%0hzz2&FIt
zi=pl|owhqbg%m)!4fefo?uvd_k68s_S<p$Dz`Bb-)^E>;Ij%-#l0~dGXv=FsP@`@0
z1C$oWxIq8v(4Ey740uBjq(!`Va&;C&s3QP%B$*|AqcWA+>v?E>WJg2K2G^;bF-s?8
zqYIM>v6jy_09t8H-MoOVcls^-&}YT*io3h{AN%LOtc;pA#)oEOKVb}Fh{g{{iL2$c
z@?k9NFcl9Ya&SVHMhh!%Nx13uhN3w<E)T>I#)hD{=JZhZLF&vtF#H%RLIh<*jpk*<
z!B7>u;fC_j0^y^I3Ea}yGL`GSv;)>QA$T3&nazi0*?x@gVAQRdxAWkJ$>!6WRYspr
z-@N1lZYmf?xe8D`1;HGe-wDQ*@9R<J&Evhb{vC!vFs1~PClY{ktv$nyFLZgLz&Ef%
z=@9d|NC9S3Q*OC1i=@20HmCP4_gIw>q$~4)QG8dXVjPtd%lGRHIzN1jW#@HP`FS3f
zWX7+UOPSxD*Z~Z9bcfPgs0+<;&lig7?Or)KztPUD2Qyu`e_W-i>2t&bz+>iBO(b-}
zoyX5MxvP>Wz-GfUPu6u>tOOV(_B081kP`#qpo~oq_%zk%IK8`Q%yKp%-r{t;B2OWt
z9`aHw!Q`F<v9eJDb}cxpQo_2gs3}4w(?vFeqGn^C;R+jerAv>18NgwahA@yl3xI40
zv40^iT%6ZH9<u^#`!Kj}xgeRQk;?)KC+)(TwmN<ABQ^XXU-+=u-_)B=l~@%`R{b!a
z&|JCchS?BN4mQnXggm697#Xe5K}~B2B>ONaAY<HnGdLr@ks38CI+^Skm>GNh>`;HV
zk`5#*kGha6)!$<j#1)(97VZ#~xQA~`K{PDBX_58>3NS~3!=xQcCpM#EU$UI(_(|?-
zmWm9c&=kOiBB87A%7dhz#7vHDM0|zfeqT{a-~d>~jDRLMbbj2?6IRaK;Wq(e3#ay|
zGzj57lu7@za1l0tThMrdHeehqkjw{y1WJAC$Sy^1&g37S;ZHlf8a&&OU|>9F{($z_
zqSp<iP%3rdt0@DJa%19o7jyeJBpw+3(X?D|21zBHC6s*>1Pqd%Zd<xz#qbo@ck(v|
zr+e{+cGBS%cBL&4^={-FP0QDmlbyQ`nJ34>>C?!vBI-MwBx?!2@V<%KiK3G#UW-;&
zxsNL}p>>7emlLOd+K$AU-CJ@WnFv4MxD1a2`<lo!tVdnS&DM5W4LpNSNW)iR42lh6
zy356rh~6<EE7=Vx-lPX<1n%`$z{0K%`FTFA+o&@660E}bV+0)4;_P&$Ygf>k{M+ek
z5KEc9g)%q9L-$IjBT=ymYt#AkxLgeyX(@kMAjE{e?DlD58kfMYA=uO0(mJ~dZAZAD
zA-)>Qgn&Wm6;jm`FfQE{lDy%>uLN$3l9uN}eJ!%C+G|2!Ks-uD^a+-^F;6)8djdb=
z%1Aav7hXIS|0@J9h>}fd{RDrY2=_KdN!aqoB+2QR)0+i7VS>r)<^=-6AXxiSDEuG;
znC86qVrPRV34AM@r;qQA+fQeQA>ET#&_GjG7~`RAw~Tnp+p!*xBPp%+_SdeG5j@uA
z)ea+IxC~DRRZ}I9f@?wiNtFsawbrvZwGVDbqRofS6e!mq##XqWHvRy?6!8tU(S&rN
zgF<0ajeFGbU1)7e4f{@mhxT_mDgQYO`N{KP6s#&C(idYrVD37m)lS!`Mw|9@cSLj&
z1$R&tJqe#N59&O%sbClFJmQR;1sDao9i-HcdEHnaaFD^1j46AvdA=*Llch0mWhu%U
z*|d-fP!!b#bdrQJ-pXjRSq;b7{gCO3!H!3tXAMS2O*q$9^_N1-5P_Z)cuQy<O2i0C
zYx|cB$UQv4Ej|@IWkrIgc>)Q=sG590iZj|ywWUAK@&K_>Dq&k#VDUfSD6r<(urm+V
z$ER1DC&87A8ySTWndB_(B=6`8@cpoeHkmLZDZWpuye`#jewUW$fS1ac|Igi$=}248
zip;<4`@f5)8V*KG7n44*K^9q?az9cR1w140MUFZ((*v@q_k6jmkspwB-oX1NlUMJ#
zslh4reN&UM_zfC7W~>SEsfYx{1~%;glg$X{=0#A8dL%b27e$cC9f@CT6u>VHaZZFG
zTD*!~NDXCw0T5yu3hd#i!Nm_M>RVm=<gmAI%IO5L8W80)dC&ZS)ft2YESoN6lO`9*
zP1<Zc%Bat}Nn;N0#Sb*uh`cLbdv6cNSYG5S`9RJ?Q@n43#~oVr_(K_aLaoh)EC@!3
z&Zuc7Vou^RI20d-Rk<nY(3rGM-XlrKZRIFbN>1?=!W(}kfGykLu#eh<%bYS7+@5);
zr!0Fmjn;cTgp7)5IAxyy>buFiomvH4Q&mT{RQQX#_e`O5prHn$evkq163Qnug%TlO
z!?s-I%_c9V;nbhi!xH{KilC9?G%LkQh7jK&Kf)Z}S}^HGw#;lS{F*nw`lME(V2j;Y
z^W?qUAIlRY*r&t;k*_-@&(c$R0PpZ#>VRs*e0)|~=(3~i!#G;5^%P7^l9Fi{F|H>!
z&bm`j(%j_BqKBWXtdz8#&4n||BJEuBj<6pXXddSQ=;}Yz^gs*790}T^VsqL}ri;zm
z<O6vZEtolzE=Lq3^b@VCJ&I3*{9Hal1;@$ewM4!m0X`<SB?Z+mY;$xxXK{o`BJCNY
z>lw1{7XD>84C|ZI_<==ENe4JPov;kex9hT?SmGtpeMgmnXl(-}$dHRLh4_X#R{~#6
z%sD<sHZLW4%M-{>Pf=D~Fwyv;YS=<Z^TP(enGQIvs^8iazQN6em_&SzBnWZ$0s38g
z)w%Yi7CPe5tG#{uSGoJEfUi*+K2>yn`$^;dv4++6lu{<&B2#p~qFa=CmJ4T!O*>tj
zmd?dFD0rgTC9BBsVyG9RjO4ZjC}fjU$lpzwr_eGGVSGTu$h#+*&~GEeM5@1Ry16QD
zaCKSskT`LER=-lQP#XXB4C4sB{kX4}=$$o4d7@TQY;0XpXB>NjbU@Mn!-u!RYid(+
zx53(CH&9*ECrM*deM!)8d0nJ({aX?U7f;6g<Y8Fq|F<1F{pW$*vgmZ!VzGr{YYLyN
zRdK|IJP5Cio{l{-+dOF(ZFZecqJ4t7RLSh5ahBR#9OkM^l@&u-Cma&E_z^|on>5T8
zY|6ShWCGtnhNzvOi=}1jPmaB;QgVNsm{hG-u;hwpEa?X)S~iO$Gug#twMLw5F?T{Z
zYl@TF)=9DWkPBE&_FK!f!Z~fNE(M_keZ&(BGDnirsT0Bk{41gdnJtB_O$v^86S-8u
zu2MjE?#%^0g>01+8p?JF8>QT~f_P^&?|AZRll1pQU$F=8wvd}|Duq)djL^y05Y#*Y
zLHq*Yo%3l=)ugzOmE}v|3?#>MuW6gcVB49r<cs+l)2tsq;b+D+*JZ+}jWGKCds5ff
zlQK!PC(m3A!()!!5MQJ|sh%**)fjI7RMCRtvJ2<VB+d-$O08ajjrH!}VYE|bjPE?#
z7&|-4AKei(8@$3>%pW>C?w;tJmeM&1-D6D~SB=}`R*y;HmV@%GPjUFpa>K6=OA%XB
zS{}PzVs&FmGZa7-o}F?_r#z<{=BkXx5cTxzHeX`L^kW!#xcPy`faS)WjOf@ufMImh
z8uT7DnCU_aI>Lj*q~yLQkJPQ_mRT3J3z9%c_-zh`<joswFRABavCmAFOlh?P5ss8D
zz~PsMP@dS^EOOe~r=Le)8wetf-*6joOKlY{J9e&N%_R8-UoabqQkhw?Ut|GJwq_I1
zNFrpi;o{JDnmQ<&uMid5q+Jox@*Bo9{pXv9!PzgGGk{b3wZ&;h1z86{8D6jObe8dG
z?LaGeg(<8g4Rt9&RkJUXTti>gas|w|?!X4iDw(~^xzt4z#+Sv8x6wkA=66uAk1;Go
zu`6PaBn}r1BNzE2NeegGgi?ynhnetEcEjOXY6nSJb)5v$Pk2>qualR?OE%p$-61;f
zuw_B#Q#F0`hf>U<`_rbo&i4FxZ?0k;h(9|NUJ%@y)MkPGI2E*`PbY&lg=;ynj#F&p
z&w8o$3BjEK8wB5pSNUYQ$A%Yuf+O3uq{bW@wB7?F`)v6%mtJ{Y(!M54<MB(9{W#iv
z4q~m|9qSzMi+mF%agKZU^<NN_dSfIhg<FW(@VRri)v#%6YEr^gqDm8rAu~<9z#O?9
zZ-*ty>O#v$=j6QYe>!enRbDn@0BD3AfA9Xo2PG<;*`C_+IVoyq^=t$WQZ-nN<kf-2
zMVVCu2{$wr_eYpIG?VwZ3Ima|%<%j0n}y&#;}OCe?bZW>Zjf<Z&s~>1vy^$4+Y8q)
zSntV;Wa@iepR4_3D<M@iogV8@s~SjwqkExmF*AJOnwxT(Ak=O4_yZa3Df7Cyk9Y--
zSMTP-v?fQK#1IQ(50vUW<Q_snd6mL3Hs@STUjmtV;Vl{ErFFfx^;}#Es>g$a<vgV?
zH_j@=E&ZzdzGd%8aPrK4Y;som4f40RI5aGubqbHYL(0lo(YNO45akA!&|{h*iRKXI
zdv(Q1i2_fb<Ql}XKF3BY8Fe@(NVWgqa2{$tVyYt|q(W<)L#{MNS6)oBDR1#<#)X1(
zvO?m`yJsQ&NjB__zT}+*C$tZ5MtX3bOcC<R%{$!~X8p2bGMwYGB)^r%r?apOe!w!=
z$9jF$@u7{(4>?Q}qnEOvg258?7tuqToi6z&8a^`fbl9I(kL#436Yh?&-jAp0-*s$O
zJwp<^!~Hd2c9`Yv1DbvnJJF%gL&rELJ$4^s#+vzy4b0j0W6GjoZga&HaZ^<zqGeGe
zRmEEl(lkQ=MkgK_CWyicY$#BExUf^Gz(8PH`gro)C5D5$;auFTYk7)X`6z*Lq2n_C
zIkXf7#_5Gm1kpLjRTf5(>x8^}t5;n10=u%X&#&SsIN#3H#4APb`PN@zJ0n)Yt<MhF
zD&_EwXeh08Ue%9pRDG|3P(Dh(M&MlNI_qdIMyXR6y6B7xKD^wRvJ-v#w6Pya*#O<!
zeMgi2gu8lt@LC!p$(r4zaCeePj&>6fIxcBlH+vOtnr!}q*zSZ@itlx0D>giOz8l?p
zjM(02_jWF3a>?uwprzt;mMT4yM7w;7>U#gUv9|e~%TnSP{65zv657RuHn-e<KXxTT
z*_mF%<-_(?K?=^7t6%4x`Lmu*#fx0R<KBlHUSo%zIt)GkW{ICU6}mAam3ApB0#BLP
z0Xw%b*BJUUQ&6%o2Hk_g9qx5;&Es8}485k9l7~6n$5ai>D2LZhU8P$eaaTSUP=1ct
zLJA%sRbL84?^1Q{5@-@G*>A-u3*wj%E@1B&G2re={}$PMDvH=&<MPvLkvK>%T10oy
zwc2&|)4AC4ktgx#?5(E#uv^kx&Sm>p*Sv%3DD;%ga4fiAoF2<l^%ouRYx7)|HXa-x
zR<Ofm0lQ0P7|HKVU!1voY3vlCc1iTO!rp2$ut;Z8a%p4ouZ(tO?}>$Wb-iK&niLL!
zVEFL6eNp-eVxAk!W7ZB_Z_4(LYq48;3Z<Vta#h;uK#wb4%g5ssL@(wK%?*W+F$#CI
zZ*O@|xUL|9{`+}fezRcR=jaCR!4JvoxU4J)-~XwF{(&<OulW{;Yof!f!0dfOsg4JD
z{vLqZ*n?wQUIZaAVuXa<?w(thd>6d2tY5^lH8hKP4;#ll33ZQ;wXR>T-8$BOiMTgZ
z=(DhD@jXUWQSXDT<2tO}Fl^^BCLk)G2ve>f^cz@?xZyM!!Tr-@^8J~Y9rQbYHg4-F
zwH^e%#K+YiaFonD-C+3jJ-vyM+wcO5Uc-HHq~mvc95Z`zk|f#Kq`Fa~IAneoh}KZ{
zjl>P;=J%*6UVX7QPHh)iyMpImHbB*US((t~;J4ndhFJc6N6#?XK`YeA*M`f@LqxHK
zctJ2YE2Waw!zVVG|I|Wq1k-L^*8M)WV#X8v^sCH18^sz|Icc}7tKJSBf1npTj=s(I
zzNUxGYdg_XxQ4z`3u3dM;ghuNakQdM#Th1Irg6wV&7!5+baT1v*Mq{1*W#d-5)_#l
z6B^#y#fxaTh%>%@-p=-4%BXlh1g|qzJ=ZkQBsU0&QdbdS{`_GZg~jWoiMu-ttGu-u
zJBN5URE?(K8e>Y~o*I@Bsq)2nPMjmodgF&7UGhMzt>ll%yi*P08AXRForQ0J;}5q^
z^2%gh;f!(`)DKRS0CUv}7$@#P1LBut@qVb@N&^a4BMTR<szY?bJXWxgbX!exRm_mv
z0RFV@2)?U?4HGbm+3ln-+myp*dB`*4b6fopj)DA5XnXfJv~u<Uy(*Ch9J=#i8zIDc
zK#eeK2S~*6#KEb5fxUa!{lL3cJeA+^bK6qlEkb8Yh4;X^NLTZ-87!}_kxo2V{PqBQ
z9bf8H{T{4aHQ+;CKn+ybO#EP`g+N1;2J5;BTVSX$jxTgE8(Fj_cT58yRLpVaCul(k
zvfh=dd$+~&zKea|g39&e)RZ7!&djS8cY9r-?Y#pE?Rs~IN#icp7Tyxup{f}#bX`J@
zrPpmEFSebXLS~a$L}WGuJ7VypF)0a~835^mXsm_}1Rbt&?ou<+CeFdZ1C|+g0GKMA
z5hEDFA-TRAzxnE>T<ljscn%_prSQ~~sL>;0o{jy$slpbn>;A?z{BCn%cuH9ImK&UV
z_R(lA8HN!ecnwCMK>0K367f!+trM!Dx&i}YLABl}B~=}FJbWHRbuJpiKQJDSYUb|%
z2R1C^eg?r#{^$etKrs5OBNfNz<J2i8ML65cR}dB5H@-Pn+;4-#KjC=v4aKK0p6IA|
zw}Bfi96N^~;-OAGhB53z>p_q_U_-~awyV50fj(VUTC2An-Brv6V~Hc_x!cIwLy@5v
zkh(3vy!~bdWe$m$Bpw_<LZ12k-uivN7PFs*0q8Cc1Dd9?W%DN90BAD@39L6d-mFDX
zTo&i8gl1=IX2BjP+gu*)Ym`-EBE>e;_b<aT@ZIzAOldL3IUiCwOKNmgP~`*vd5%Pt
z%@(;>(~5!@3J*XxJx#JgatiaxFCtQB0R6qCY%n~WkzroK#k?YA(Dg7fmd*KRq+r&)
z1h$bR9hK61^=4(-h&fcMUS&Vlux~A8@dL2eFQtER&S-E;oEluYJ7IX+#cNsKef&7*
zb)`Zg*RSdgWri{&7^Q$Qf_>k7_fVGugsr?KVR_t!UYOD5&uJZhMh)=x>Dl+$JKEg-
z+$qp<*0C`A#oU1bVB{|Z-U`GGPw3Og*xNn+4%oQH?7>M7V`PQ`fltA6!85jer4WwU
z_$ZFetl|829<cTovdnDM49=VkBsY{JBYpM>;9dIN)LCJnOOCbtUgoqhEh-Qp?C??S
zxSrFy?~ur8V*XsclVmF<8-LFpp8fI{q%~$0t!=+R2Tz8;4Yzi~x_e{`4H`BIwg9cZ
zxr*$pP~tSnfSu7Fqs4SC;_oFP)mH?b-E;wTZ+?Pow;XXFY85KjN|3D*NrvN!KNC}!
zrTjMMo$>kU*mm|o?+N3d)Hu?w$FudXqzlgarE^OiJBPIhrrs2+ki>7^z%S3uj;}iV
z>BJDQ%sw3(K2MZT4&~yX2iP-w0tZA*b_nK|rHYBOa@O&s-C92+Co%)#wWpebvCh$-
zo?(@Er<*=<ccYDns&1TR5)N2VG%WE;XO!-JRy1?_D_rKaRF)jYYQ*^|UHxSF9Q%M8
zt8{TwO^3G5PB&z58~HCHOqOt%`fad*c=%nK#)yy`0p)k^B=62fc^(rGjY@*4m;K7_
z+!s#7t5+PU_nG1QjmOR%`Mmi(if3y(BF2UjPj8~+@52SvT+HU`Y;ekl4YT|`eg#(^
z%iaYSR33OF1iP&cz9~S4`ARTqw}K0f1`qd_jwY%QeuLQn`SS~=n~zT&tz9H#kQD!{
zA@_6+arO=oFQ)Bmu_D*14CN%j0)mq`Y+2|EJng2uIgQHqL)zPvhf(Cg*MTy}0dIfr
z?aj5rq-1rfr|XxK^bX_M@C73=#CM;aHJ_1tr^D`1w<5GW*QOh?tEu*wlU5>mhFMmj
z9>DI-bmUWzW)M2a38wlB5e8fz8X@>@cOLTyKjdZAk6UgqhA`U4x$5UDM*X@pVz#xN
zoV51Bo<vE6Y-!P3!d4P0q=Tx@cP4<I5kaPbmX=Ax#nEY~m!x93&6=|I9v0_$sO$qk
zX%HHAB{Cp=ANU*WTYKJBb)<%c$a^X?t|6%$*`};(i_GNLjut%94|HmA-8z%$3Hp+H
zUrqybUJexBTdVd#%-ghujj?q#Y)ZzX36QM_ZzCH&V~=nc7kD4aH==DiG|68-8J1yg
z^~cH6!;IJQ^j0}_&kKtyo9gLdL~S3fKIhNTq)a#UmQw%A>Ga3c2v$T>5zEaon6lNS
zpQxRD63WqxY}d@NYAaLVe}3r2^;ZwxG<$YG9j<dyI2`rb>yt%xrd~a7EU~y+>?WLV
zq`Qc(=q}!jTtuX$drM%tw|}BlFmMZSO=En#G3HpUQ-mVTb|-5@K%kiqW`coudkODA
zM=Ys&Dt_3OciZe^gqMnZ9WtInq40)Kkv)*EMZK-rJo&&A-4&=#Y1hVJa}N%-frxZN
zU__Ga&NI|ljHG4Rw7WK*X<Zpj#JGMUx<y`RBDD%z6;-9F_Dr(|bCY6MLOPe<5{kqi
zETlek-+=SYRsUCQt*Zw9dtC@Jo?`1)XTS;W9n=Zcq{!=yk?{eu-^}^Vt2gy?wrUF|
z;>pFCo7%cA6FBRG#s}kD(X}vE%Kvi}9no<p+Iuu~FHYe+(i5Uw5d5FWwg%1I9^<9G
zf=?oGL;%@e?D|o?rk+f~&ZFbH52Edm$4~U)k3YBrnAgW)&i(T6OR?<VSnlsv7$TE&
za@Es?F>TF7WOPhPkp^c&_s}P#5O6IiXQzRWQE{#nuQUu<_BYz!CSFAz)^Mq9?s<`=
z(*Z)r$RESV^2W5GfcYi>g|bzkgyaoa$&9;k0Mv}Pb)}X7Kn$x^<cVK-_(5B#x@=lr
zpFfXhJ4?Hs;HU)wCoxU-*uf=HdcIpAr#%ekT&SS^#1{sv0`ct*s0&QTl(Xj-<o0-F
z#%P{Rx-jet;Uj)Z2L8<g{;@Ee(If4F2PcVlDSC=PrkPYFNT$W?v6_ppmvZkSpx(MJ
zN<=kqR=(tY*y2GDWI@-7JYXfci}dfVnszG-g|@1xBzlc%VHr%smu_T?HBR2$!?PI?
z`$(lQc`T4==b?mh`YIC1HbxtG0KeQwR&eut178}kcb}wW+JI6GRWn`fKtV{ix0l8r
z=WG?RK(4LWm!JPOJ>9+DHAVOYWYyrXj#VpdldcK%Ws*Mc-4w}mx~R*^|EYzxZfv$L
zS12PJ=WI|TvY-NzeO<bq;P+TA3d;2%DP*0}Hq2!A5vFx0=05JV@^MQWV=sce?9)Q7
zWy>qDG0~qn+2K85bNFR~O6#0uxfNS@dy>#$n5S}Vo+L?>)&5pA2*nO>`UWh@x;AzE
zdVySAqbH~9ZOPMEb0}l4yC@0gK{$uQOkU6Ssm(Zyn4c5YqPd2ds8hiI)!i_L#xzC_
zKhHKHoJkbQRgCFp{>)07l+LdSm)1-ejK++4631$)GSk?_o0XvQL0_DQ{Q!_@j)j+R
z=KfxHf4zcmp(8|31RRR#c<@9Um@;#DaQSHPGVaHosKTa)A1I)(`JRYe?L=Ig(vOoK
zQA+Cmb|%|u9r3a|7R5J{zgPPZt@8?UFnh7R+Jdd4j;|Kyj_o9_Jl<{VLY=B!z7GDZ
zL^6S-#2`#K6rv~wb6#OHu6gwniMhBida*@pj_m50?b!ENX>Elw6nj{|Dy*_GXH10~
zV~B6jFej<k8hxx?Ty9(#4)S%U;o<7Jl;QQp19sd)(T`ZtD?q_?@sfW}<+ZQtWCW7X
zyBIx8ow+VaSthMl9I@EqDfnLY{#U4r1x_&d4-#zPf*^dlerDcD66^MxMjfl4dNr(Q
z^XXsL<oEoAr<FuC%oV2RL?|bt=<EATMbgy>dHDoGg|Qp<^~ZRr<c{P&nriC@BRM{G
z|9WKXMoLG%4DJJb7HlsR^J7Ca8syr!qPUdq8{xYXTqo|~otT9gDrF;{%4D+_N7j%N
zb;BcOH#yZP(m|*Ogks4iwviiUn2_R;1vD;`ZffyQv#1v5W8oP0$4TM0X9_BuWB@<4
z0w(@`3?`xKOskT-5q<`N3i12cNW);Mxezh*cRzuX%j}Dr`h8(2DcA`Lqt!Jq+p8-G
z*RFarwgw~WMzwb)2OYO?Syo_Qs*}$BgY{;sGNDO0ay?q$mp9`QqE|Ia?5+0MS??=z
zoD>e@pI0XzfLaQU9E=y`&4<xv6Rr=rzTZ{{Na9cGVQX6ztxffxo#XH4u;&V13pK^P
z_Jd}}6FVv^<HV#YE~$n&l$BX;tuOFCRPg21KP?u+S49w<fa2H-JRPgt3%k!w3yIlY
z?3`kymnwO*aSPM{S8(Ry1>+*xwZf>5k2PdTio<YAPpQ$2O{={XPNLUsS*-8SdAD$y
zB(9Uh_yFat=p>f>%gqx5_O1vhmpV)k_~(7^q4dKG2)r{#o2R}!7ynd8Acp@Rd0DDb
z`<imv!!9SynPyBu?9!pFFP2aowq4V%DFQ=wLx5p9rXz=M@V>x$2TujK-+Gp2^f4|a
zysf7wGmqd^a}RU33)(h^t)AlP{b-|fyZrHLRQNIaY9s#w6E(0M7<CuA&*;kQ^+m7m
z{-5VP1zte;$`?#I?Z2JvyDL-Ghk&YN6+mDj=v8evq}t+Ze^sXO&OkEjC~y2Mu`4+H
z`xqMIC(2PHjD<<Si&~wpS$|f8HOu5Tg<orax&5mF`rYLH+badcj4Mx2{C#Wx)2nXf
zn)ErR$1WHD`AhtM#?moUfE*|aITHUWuXlIzfBJ_(IcR-SY<lwkVkrIFH~jU9&*%X!
zaLSA;;~$>tfBD<+Qzap|+})v{j{Utj{y%>Wea}pwC2|h7G5^mC<u}FBb+i0MGrT9}
z6#*eBjoOQGJ*{7#?H@n1!35&wIi3(IxqW<>o5xZ5aSr=$Ptw0!Zq*$E1?34CrEG7K
zmR|Z_msvHO0QiTG1E%u+<t_gGE5h4gwh=XNC+w-mlmB(`R^;F+ONhqLJ@{`Q6#bPR
zDYU5P<IDeF^+9PqJod7`c2t$|G&t>aj-Xi<1&d0HQu|Jkb~lS*S*F;Xjl}jOAHwW^
z++6;;{70F;gIh%1Mll#iJeuG(V+km)KO+*3&!4deZ?HJ{)qxi}f-jw>FNL0<*jqE5
z_pa={dy2H5#xRWWNfbE>F8p|pNbUc}Bhx~>1+~{MOQ;*$+1jpA7yOMw=fYaYqhB|*
zC#MEkSAeVSu}x2CM9;$(dFzQ!EB8mD$0=u2*9e-rI9bwLWBK)Ysb62kwW4`{vV8;f
z`0>{;f2;-QMcXEk`|R;`IHqcG=4teTP?qH5%#!XRBHcVbq8ELIOy=bI0msgR;EI}J
zR<%n%1N&t|L=Z$^Kb4gCmcWuman)tX4JL51U^WD7a0GCH5U-VQAJ|bN*}XhY0D~G{
ze25RY2Kb-MI^Z|0g2U}XL!=%v1(!VA$AG<cb@jw$*-)BevG6AO&`CF@fmMM79RL&~
z03)yq>6>z|)2{&BcTG^Id495gB2vu$uLsiL__3UpjguNzMM}mhj1a^D9xGI+c+KBl
z?GHkh9*Evy2=QCoKZu@eC)>RxzR0cK77~*}N!fjgcgb#c4BRw0%rqyj{BaljZZma3
z%bMTD*ILH_5-t859regn;CQ(2BRVSyfo$CbhZZ|#>iqE$m2NofM3oYBv@0XIg&hyx
z#LeIXZf+_J(}Y_1mUL%kYvOu}>SRP28UrwM89^s#2oKU6z5eRfG4P|UT%N@?w)}w(
zBELV3Bee9jP`*<jwelv{bR8=cfinBneab;Gv+u;xD^DRWo*|TN$6ajyW)|*TC}jo;
zW%JZKn!KAl2(9z8;mxaFkGlk~y^@Oii@|Ni?Ds5{L34b-rs?5HLqN1hkZm<;vfl!c
z^4J{U?D_8%*zZEc@#^Mk5rfUyyce2DlkpJO_FQ`Klc?S5^WDXVp+7$SgN9gj>w9HZ
zqV!;5WD&6b&z!-;Qc3}=)hMv!2}2A+l$M^5i7>+#1bA86Q%b^!L>m4k0a0rRjQ~a6
zM$&Ny57cekL3xm<(rW{ELf)?}4!Bhy3kJfMlgNcXpCKJUh%)3!;7xU1V%IAlttbPo
z0g@2f-Q3EyOAG?N?eu*Fal45BKG`rj>K&;Qz=v8eJMwc#GxHoMrhXz+xTKc5dW-y!
z*i8O+z#i@*tJzhb`eWDbz>N~ODyTocYwP#{4{6HRH}9W4IB@Un{9Vtb0*U0lRWK0G
zGltgbAXw0ZC28Y^0ztbZ^7+E~75oO~kp}W#!ztK=4bi2ZNbR@pxCBI#yYs*p#T;Yp
zn9L!lcgKNG;ON=~|NP4mD;j+$wG&b9a;WOdn3gEMKDl!4nSQl*2G}z3My<h9z*(}_
z^P2Kz2Km*DrIvxE9)}brZehyt$_Q(5z;}(LU|8Vs8XEi{M0?e2{RGn=d_1%31^ope
z)@}59^6c1EE98IOnFOgmV|D<kqZvBq(5;j|ia}rel?%Rif)Z73!?|%;l5Q>#-&xxr
z#krRlQF^yd#SE%c)yzPEXaNC*{wmRd@0mf|a>a}I&_#RQ{Jb@^5aBKf>EjOkyod1y
zi+B%rV_(F3$5%hv5Z3f0&b+V$7RPT<Ls|U5bDG1W8!hKSf~L2__@96ROx0TXeW$pu
zVaJ-QctIv>4p_ZMcRJMt!)QfHGwwXwqgyxjXb>J?dK<7A`wkHM9pC{A?=oAl?XXcf
zaqQQ>S%n&UJO0B<j)rz%Q4*?6Tfb#(uv6L^u|0bJH08HHkr;Gx-re`?ws*XT%^KYA
zI!9?BPElOyorPwM-WEGHfWS@?(%K@xCF&MiH9Su~EQg*v2+T=XVbIG4ggr`o8JMx_
zHUa2Ey|+4-UFTVRQbf0Rsdhn^yXl<!ElrfP8Z5-DCT#^4Wd#rV0FZl_k~!??-?rQy
z`aq*~6rm~AoVUeL?od~*cA=Z(AhaJC;weZ25uD?m#A<Y6|Ey&&+eaDW`{B`8SC8`3
zg9CVJY4ir0>LfuJ_<d>xZlJkbKXM%if({@EVKXYHbHw_s3it69S&i=_!hR_pu-H(L
z9q)+ROq2}P4%>KdI*(9U%5$y9DmYq!M`Q4VNcEUsux51W>42D_Lfty{Vlpe{)>wvy
zDHhta8GIVNkMLDRR9#YnjY5JN_B{p2fctZFt-#p>s${+o@Q}@lFoVzD;}GMQ55Ct8
zL)#|b$kRC|Y-PZV!8pe6=k{i!*a>Qej$exnrhWS9qLV>olP<Y_x!16kh`9u7wm2Wm
zwFm>h8?G~8%{FcfK{A1xiZDbuG%mdblemVZZYPqm1O#w}2yO66WhU+itL%7gV7>K)
zou5o=OOv>)95)%^T}B*{MApog#Yft&r8K4+yQEia3>{}!Le;<*tr?g6d5xw~&xGyK
z%H7NfX~VOz_6O_!`f$;wzRxG9u_=nYgpx@0(H{L(WN_`aW_^2d7Ls~fy`DZ+^gp6h
z5<`jH*K6TJwy-QFGb$7>h`OGLZ7ufPwwtuGX%%AFcDzQWuS9wMW(HO6h}#uDcI#Xz
z*OVy_pf}YllQB-m>^u&sRc;og8IQUI=U&>i)x$fDZ1)=v<Mx>t+L49IPH@k6uj?rf
z3tHdx_MuFihYgc+nte9F0@gNTj$*@w#xVM^eRYTiuLMC2vkkv%2)_`FbLU}xz546{
zf%xLRhlClCqt$|E#7WTy*2zm`UzzL@1#P(6T*vHwcxNmreC|xm&RSYphXXSRg%5g0
znC$0I<(8@!1V-BI*g%|hPK!&vih@X#{T2Xh4YaHXb2SpG-}tj?F<_x!jPM(w{6B}<
zPxrVksyTcGF<tml9$5XOQ2;Uw3VYc+x((BT(ThJ6#FFaG(mAFOY`2z}zTb5}|199_
z55^z61$>NF7$;!~Rm)L&Og4Z5MT#<u79rw<F57(aq=91D)$1865wme-GvghNeeu!8
zECHQx8~IgymF}Dl6Mn?e9~+|Mp9*`R?JJ?PNg_aiwX9RRAv!)vtNq%9;Rz>arv6Py
zK2hM<r(o3<Lp~^G+3@<%qB%&7@F+Z^UL3EL%<O)YFzHo?|1QsWh<fTa3~$?93MUY=
z@Dv(P4*AB0(qxf??p<kIY1hur5m{;fTF;WqE4}V8#oHdL*kCx2a*fY*Rs39qK#XOn
zygelHg-<5vYAHWgHJxl-OP=rbG|wt{X+q9lq`}rNoy9e6?7kYF&gVCXBo+{7!@i+8
zE%0ZJn8S)s;AqL0PSRRkQu~2|$yEl#S;aLd%S`cHL5ztLxz*S1?8|f{u?A!C-Gr1U
zGzULFo+@<q+%Wb$)uOu%L|NX4(wI91K~!;*Ff%7YF(q`>4gpV+ougQk&$q^M)*@Rb
zp@-Zdfcu2G?nR9Mg;u7qp~d=0-te0P%x%1-@S(;w%cgZ8L&B)ox!QYsbZbjSdlpUa
z95e~OP@A9G_SYATg25W}eMkDfm?eO5QqF)VwSJtMZHS_#dMIyanD}ComSETcQj_*M
zI0Fkj_$)4qFVqRoX=Q9Q{Tz3t@Y8OXVCjw{@rOk}?0T}=gGgh^BNvKMzo9F?x@MrO
zEaIQD_l}n+X<bz@h@DRZ7a4atu~>V@OHc<;1sBJ=z%007>Eg56BLWkfrWc1;Nm8yw
zj_Bmr-|&Q3ra%O86MBo-RsuMS?{&4escpPLriwkBUQ95xgsWu00XfmTcLpq3?-x>9
zg9ztXZ<REPHZ!Xmc|pJCj_KY9cn0>?V!EgZ{YR*70Y{4Kt@4ZeVKZ=dZe9LsK={G{
zNQ}&!>fg4Qt(D05)!z!0B-@b%w>uQ7-iXE!jZqxCHK5!UFCSgW)wBLq$*vTu){I+u
z$2uOPQ*@J8xx|DNCWBpr@47jLp{mXi!Y8=8QJuzFpKLpMpgqov%Z^{c=J{9Ky|_2g
zdB(5LIU6Nccmvz!SJR-uRkJ2t<)ij2-ciz~_q5Ebz6RHBH16!fjfp-G*-;Wp<}+2G
zyA)@6C|L#@TAwV1j;RqifJ0>t+2<v4)+-I&?Xc}$nebrx-nwSha&dE8B<*4MANxQK
z13r_U9Y0m**~9^@*q46{@-{xVh_x#XR&uCl7)(&!>@AX~I(J*?<{;KRQ>@mrP3m+K
z-r(pm`+=S;i6hI(jUay?mvmTjG{w`4ZO#kFI8^y^EgkEoTmpGW`cL8~#xt75pd}eI
z(u5yuUtKQoBe|<fTKK#BZ`1OdS$lJS(({<LAsc`;Y|iwgA0kq(IULef!U$Eop2FfR
zuHp{Gjs(`V*aWueg}?lh?_n@O!FX>IG&+q3xsP_eXt@C+n+J)lXLu-xI7*y?zJCr%
zyE8H$p6g^u{FSfzH-qta-^O?cnB<C}4*jE-OK-u~u_-f+iQ_CvmmWONr*h4Jg);sn
zuF`PuoM`74kCBPrH|DRdzFR+?rSMkPPH%<mujf4+|KRkPO4;S#o6vuFh4CVT5>7wt
z$>#sWO;*&P^?xm%I~V;wTYpN_`j5+%1J&=Zb@Y#~RJoBxvbFY`%I~}JkG}}`<Nwni
zl;%V0YlrNkIYCHw`83F5oa?`TW(^ht)e^pwL)Tz{w>;CE8D@1q>AzoORr)`rm-N<g
zSAVaO|M2RTHrx-+z5TEM*X=l?N)Pwr!#hXqU(4)2ydyj=vFLvA<q!VDGW*-T{DAHU
zy~O_~Kd1)Rckq@8WK+-5kTj-G2(X4h%;oIXUcf53+VU>=l{0^b+UqX#jeID;+u5>q
zfaX76`>cSP^@XuoAWoftoD*^S-ifmh$kx9-fB6>0wgY)0%E;{HsyGUDdbMewGX$IO
zcTnVLRJ?2vg?o_jaGsrqf><2nD@cxM7^N&o4527C@uJS(1ax+QPaTN-2kD^EHUxXs
z!zfaIYvEbWEF7OBU;+8;W~~3bp8I&r2m&<Ly{m)})_~4gPg{|H+Oz&xJ$`3Nj?_tf
zO%E7-WuGVW5-1BJKp?!oeGrU-=^UC)UIi+YKa9ORGfET^KZ7f4KF|fCH=7UoN-oq<
z7@~S+JB(I{3-~1T%rA^(+m$eJHD5=Axlf=t^+$qG-~A*)g0Cw}6CFiRlLet<`z@$M
z%53XDqA=tu_GHB|)+!}Zw&v#q-lf|dl>QWo&wt&wtsl+u2SC6%0)djmP<Wbow%Jfh
ze@3h*6iK;j-s=Vf{#w*d5>;yUEba?pPn6pH4431&gKFIP^TLjqA71}ii;g*K2X)$A
zxKMYHT{a}s>>UAQh7=iWX)mf<>n3?amGJ(<wdsXt&+`sIJ)pQH0<HIX2p}@X@RoEt
zF+hEkT^e3C|MAsF2+@(&#<<2@)qLu-lp}i^<)R{(L6iA~lV38mZ1@R!B)F)tPXLKs
z>+4o?BZMe~Oa8cNAW<(+oRIeE&<srv=fq8601*9ZfIEGp++~&q5pH;Z)I>Pf=MGe_
zR%?-0gKVr1dmm38ru4}z2dUTOSXeX+z6G7;KTE(mkz9zoUUn#w67r6m`k=ph8>?eO
zZ3DT1*b)Z7-SSs@bsDQwBvyJ#56wB9B#E~&XwgDO-MqfZW<-u3DMFQiKo9Kc?tDn|
zxr5ScSEecc^SZyK;A`1SF#X<l5QLVr6dCV-qWqBf<_g3ufVY)G4RqBCaER}M{EJ_+
zWdJnGMtj1CcU3<`sqcx(5$|n5<l|^UT7$FOCwL}L1T<+hK6%9QvA$atdtAEZMe(Pz
zEVd~CVovFphLdpQW0ZOlf#)iN;zXb^q@w|C?yC1Hv7aIqwa8=nh(%G-^v!foV+-m^
zirV?=of9v|8Nl{>1RlvlNGsc~G_Hcxx-XJ{xd?=>QZq%}Dhr~L+xG3%EHt<>6og8u
zLP^nOno=hyY-7@mBFXj%ogU)dga{&|uH$LIlT#|3K@oh$G+;EIIPv-c%flBs{itC-
zMvph7Zooor;HisWZejVkazns)VzG4_qzLz_bJjCk87N!0bD=Y_=k>l1rokelK!W^f
zG)d`Ryb!#CG=y(-=gi=;#NlVst($ry)qwuoz-vA*#Kr`2EeTrof){+ZG9v5nf&|5A
z&b#dEqu{rw7npnv=vXb#Z;m4zOqiRx?svib7jpXR?6`H^*I*oEFT43pVSv!ZH<v?3
z$X(R!=Y2zhSQM}9_U&o5(M9<@ot<Bd5Yx~E6=IXfL^+d3G!w{cInH!lCXn*UYk+Y5
z7&&H9;TVn-8>K*|tYwbVB}c|qZpz7+X&9GM@?S<<&AKG<m1FyqpEk&2kK6m6e{nJR
z_z2*cyU=(kJSxU};;`K_OQ=VTlYmEHR5Jha3!RcfdkIO2kiA86kmWk;K>DPs*d2n0
zh|?B7qV#<Os4474-yUUCbTL<)J9zJSg#k#~$9@{uEP1}@;vEyF=wvjr2j#j-;hD63
zKgLUAKfT{JNRz8mq?l2d&F<RTSS#upP`L(EH};3I>P<F`KB^A1uBqSmX901OS0?t-
z-1<qKSSjIMp`#9d=|I6EV3x7YZ@68cscsBhY~PYTm7}=IMO}<IkswvSMmn(=6j5=v
z)YvT5ed2z#)`rX*#}=7<Ixh(n4*7aZnyJ<e9&YaEYx>1TzzqFWw*UQ=>Rx=<7wkwi
zBhM+CF`LFWw<rhXAo4a{cMPd2`6Ia;8W7!*-nPkqLugMz^sNJ8ll+ua&#IE&Vcr|h
z#2Wds37<Kq(W5NXl$c|&R;z*_zHGJQ+$xf`-e6_jEKxlj74Lg1ai8u@$-H*Q*Qv8#
zu1joUT=<%=GhJVh{5WM1&1hC}Q<3wP23>aSwj6&zv*-<!kA--D&+P#@7gQ}M6n*gw
zZ_wzY_Sg7`vXK363{F^<XZq=lvY(^xJC~!=eW~^5(RgY6Ej-3)L2GeVOrrG`c2tGI
z`-=0_duARY@s$zkGbvI80^aV~QrkaP*ek^DuTf!A)2)6;`V1g%dAB&V)i?$`Bf>MC
z)=G~Xe9FaJ^PpE=usH?~+t}gI|8m?V9!LGF@puzr6!2A;SVksn0J*B+>Uf1@`>Tb4
zsY)|Z>S~iUHNQy4?+~0xeFKhEVQZiQCYdc2etg?4ROa#-!a|o#?}if?eFWih7wGX1
zOtyMOS*JkH-jdfDHSU4ZmT^Q|X0%J=g8offWF*4VxrIg+-v-<tcqtQ3128%|Lx8h<
zeATJ#ma!L3l6WrLG{cfl=VQ8!CT{XTTOB^)FSWUiQyvS|pHXTR^sfvF5Oes_1j<1V
z1JP;|bhy^g3r4FBA38OsYIOV4dO%%iMaa`uag&wBU{@giJiwJtQ4t`136;1TP!cP=
z-iH{*PEu00F4odZ!?hPqK6LbQ1F!M^UybaqE#Y4VQaKiQe7A^IvOX4;v24R59Ygz>
z$2EmLH~%~puh9hr8;$8`l$#^~Bc#D#{=FhMeW5w=S8_Y%1h9nE>?ZJc+*H<goK3d;
zLEwr*!UR??%fw4qe>imqEwUz)YF0L!q;UHqD+B?ccJoS2cM;TlXuB~}By(6opo*zf
zaj_3-k7TckCzEx=L~ay5a{Mle-_q|Tu#1{q<hU`eeJ|l*hT=?sR~t*+)w1p#PA%QO
z>T*kacj%Cv{g9gUkd4a5{<*G<qkI9e=CtEsyNVRXxoG?J$~}8av-g%bx*o(;Y(<WQ
z?+>UkpFeb}A`W8(gCt`@?o7%vB{kwQL5D)SwPR_vQAekH&d-!kFFSefHoZ%qp&_t8
z!!qgD@5&DTKy*Wu?8?19`9vK5u2TH#(t`B{Kvbvb;2id|oFWjchJ7~PEt=)jxDLbp
zE2PFv-vgtWvzYkDK4jsEMLs!mY2c}Pw%hC`_~H|xs-!A!QRVU05}G5ta^my-2tF3b
zexY(nEu!$zVjJ!*)wQ?_FVJxrHl%3AC9h-QVg+YpVd1s)<mojq-nv|wbs3Xnx&6U{
zz@-AJi-2+h7mH}Fyr-Ht-sewOOg2y65Azyvl-@es-rL@xo-%nblJBYd^KQS^v+0;w
z5>h&G0n`QM9E*6G6f442v?rm^xFO`e?b7~x70%dD{l#cGuAcXcEmI7+PLjQfLmMrZ
zo-BQr+xBV^`V#9DFJPgjD@ZHX!8M80wSQff|MS(Y^S-%P8w#0gn)3td1^K+F4;8S`
zzQHt%n3kT;`xy09F>n^DG~KA@_q`&t>R-79Dsa3iP=;gQxGmor#*j~gDU+qzdrd>e
z5=m#W*mFaTV^>ooy^&@<U2)aE0B`V53Q3g9m8r)G<uT+U0r>oJd)~bFT$wBMkPhT>
z{d)A)v3*Y3f$5f2HI@a{b&dgVrd*;$2{Gl#{{jjAt(Q6weG0=^5^Z4f$yIs3(^OnY
z2e^fB9SUw*@lc>uXD$?^ksf<S;DkF){^~u)P~rf9tRN6&x_hOgoJGf)u5f1cDsy_0
zURB>Dp>uGI1M>X)4_9dS2e-6*Gbk9`zeH&Hm!X(Bm>r#~3@jhgqv^|ZI(Jo?n!?rW
zrbY9(8lThia(zPQ=VvD!{{D&ocE0rZ?lGQnnNl0z2|4$FZNo0Bo2-qoo2CIzr3_Zz
zu7BT6aKiEw6UP^`<ebgRYuQSRU2E3js;6KT*yY%Sw38Qn6FHtNi#+yn%dM)Mh-lf{
zpdogc3LGqlufQ&B*!>G~_`?7w+ZY8}_K>}$4BIj}R9iygfqm_-yl)*bnnCEctS|-k
zwYR!uAIIT5gulsgsKZ%K=t*SDo>^^C#~aU$l1dI|+Hd%4u005vbKE+Gbxt@V>$3d^
zTIQ>_eYgLm<1@n|^Vj-2rubJXT$uq}k&tSwCphcu?JY0tcwdS6KJ6jsIpAKs4Szm;
iF)!~WsMO&i(|`Up<tZYnhpU(wfWXt$&t;ucLK6U!6dhUs

diff --git a/docs/multitenant/ords-based/images/K8S_SECURE4.png b/docs/multitenant/ords-based/images/K8S_SECURE4.png
deleted file mode 100644
index 860144e7f6bd71d97b3302d22b4e2118aee397bc..0000000000000000000000000000000000000000
GIT binary patch
literal 0
HcmV?d00001

literal 132342
zcma&O2Uru|y7rA|L_q|VA|iqv0YRzK!2%-EdkH~$3%&QE@|UVorS~3sLJ1HNDbfN0
z2_ZD;Eri}e;2rk6_c`bK-lKkAS76M{nwiy~`**L!2UTTxTIy@m6ciM+3NN3lQ&3QO
zQ&3Qn&z%Ln>3M0%OF=<BX8r7$s=~8p9IDO^7S?v=6cjH%#3fK^YT%e;h(3$7l;<yf
zyzG4?=Zeg$g-k^%wet!bncoxXHSG#6L`~|dUOHtiL-m~DI@>808k1(>bGqep9T^!B
zAs|++%|MmJFQ}vA<@AymB=$#L{^+(n#*0EVxbCvT+1DTrjg-5QYr7_Gt@j@}shnae
z0PaL7$g6ViO=u|9>F0S^R2Nd5B1zXlU-|pN?!<9%!3K!`28HUaZ$Erl_^$lYeh%5V
z^OJ`{RsIsPxsvC{nTe-~yf3JqdpZVd<nL{sxv#>XB(`{k@mFN|O$tx`1a2izpk3tf
z7hHqpor|K^-`GBe+>v|2{Kg~gW0(BZA2f4j7QA03-@H}26mXt`LF`+}4C?!9vcaL*
z3twIlt!52BCF*hcJ27UCI)~}<o2a`2&!kdYuBuh4UZW2xxiE9Mn#Xruz5I!&pk307
zLxp1nrq0t@`CsmDDkoY<Veh}J5V<YrnWXXD|N4s*9_2wn8ndQP13ci%nH_Prwk=cy
zbi`tG(r&=YX+YOs9A1B;xguy8Zt^r=Fa8FL;Pf=CTygeN*a65SpzKS7f7rNydBCF1
zceRzC%W@!2@A=+AKKd$4lg=py_&P|cNkFQfIzS;l;a0+(+lIgRI@WZC&2gW?8udC_
zM5{y$o!(oIeqFOZEA^H6%x(62=co{0&ks{r25KhX)lC!XkJ!EZgSwDYE3wt=wutiA
znSZ>rT@n!(1cKuA=tQCXRL|HCpYxB`1cZ;|C|0^J-F9k=-(jW5cR!us?AB)S`69&-
zTOh_W%`i#Q{F#dH8;VQ&kc`u`8K*A<J}7^_<Z`C;>y^SM^lyVW>FJnG-JlPC%>nBA
z%2j@GCgf>3?FwaX2IUGBRr4js3xYu!lh<p{lm;m~vPw`i8dEe-+@55+8p3goN{!=M
z&Z)(xavwovG!+~k9n944Z)JFLo`3c3`^W40AZQ?U=B)yTqPI4g?3porq6^f6ps|pH
zjGGHWTj%AP%@Qx#wzRDoCW5MdaXg_mI+y=V@z?bybmNo>U$xfW)LxRJf`mA<G_KKj
zGJsU?Fr3Z}t$bdgI$rQdladQ`_XSLrF(XV(tH4{6rijh$%24<<Ilt$o{eps5pdZ{{
zP-SHIOKhocUE8v7eQ>~0f64EZ-<7e@8?phds*m)q(nQd_5BboNV-o*n<8f=EP51fk
z7v0cqia9o>aC2j&a^+zPI|*T0<Ygoak{KTeZFPS`s>ptFUHP<SkW0(EU$wP7hEn!)
ztB+QBN?An$NrCr&xve8SrF|)lA|TOxZS3FDn?0t}f3=^}48GL-j$Ur^iZ(ss@<n?6
zb0X(XzkQrV-T!t$F5*_+CF~`|f40Aee-HgGa_6!_`poMjmCK);74GI_=XB*r{gkid
z!lkSzDc|Y(VbCEoqrD-y!Akwk<n?;a9o0%s15SACW^8*b-7CSn+;^icL#$!yU(~bJ
zYkn%42UmXLH}Lx89OYcG;WW$I*`i4~l(?ictBzIeD!5-LIjF{%6c+g^@l{@@Mcgwk
z9nG^^PDO1+O+~&#5<}#oc`cGPXVR&j<hE>R23rO=hqkZ6^@><%njBvad!|R9{GjI0
z%8<!md~sZ1s`j#Z#?`h97jK7D#5qMcg|1u2@9^yKG?yq<Em^vuz00Hw#x%egMj7K7
z{s!cjvl=Zrx51`JxtO-wO4WIFbG|+1NhCo&n~Uf?w0mk#GWZc`c!i{29$%;Z7V`>5
z*2lu-;BM7q_}vkoYP2og@*`IXx1X-=ODX*<KXVuBm&05=mePj&dNoZezp!*)o&(MO
zlNN6jm}Xd}UiQr4^~7^&{eVXQkfYnDvrct!v>NBjCO7|+S^DOmUtBF>EhM=!x8pzc
zS=Fc^`+ZEWOzTcZwkfrR+*`VLJ?46hSWIXhg9hC|Zk|?NO?SBkPnBy`qebdmd0j|d
zUqkoddyw5PtDBX>w*5j>0_|Q=p2|ZhHxw)H;`#BFy_M*&H;i`h@uD9~vxY5o=Ur;h
z&~(z!NV8bWLE!djR;^^2<Za=H!e!7Ns29Q<QM1D7?(c3(NFo^F42Ee|c5xGK8KQ5W
z*tuG{>`g7qaJrRvTzBSoedWyMvGk^2?^j7rNmuVxOTKw{Z+?n&{gZmLy6Z0cEki$r
z#<o8$PfEmi1$$A=Z6g<vPGekS-eX@@6;>yZyWR_4j*>+ZX`a_SHzbQC(<^$0tyfxB
z5{xiL>Sb4qh>hR|9iN(m4BtaPYF{y5Ex&9(ML%}ZA}RM^Xg_jKe6MWFf%fZ}Gax&<
zg<n=Ko+<jhFEcbIm%h@-&SZ3C{LHxDJlFhlGM@g)okwQ!9WAQas!moKSI<qqC7knN
zu)o|ScsRd5y#H&nYfd_{{DUrI{|$w3!|Pt08{k--K}-Qve_sE_0^;gy;`hXn#N7(1
ziWe1)PA=2h?ci{11aqs%{mIKFmy52*G4JsX!;LxmZ$6e@?|mBcu8Y}7FQ<;vw12U+
zGrTT5`u>~GCNUT9`pvy}Dz44`kutL}b16;4L4*jJh(X0j-*LRca6T=!HkTpyLSB9D
z>PxoE-si&KwcK)0D_qdhm(hPQLfR_dO4?eF7>;=V+SfvTPNAac3E20|hu+V#iuHGx
zKKm*V)e~}&@lh{Ba)$U{B2+OcFXYeWE<0=Ni)=L6?XFa=&~=%_vq4HL4I2&*s5cpt
zwI#aNyY}DQ^}g$1j^}FBTGrl%S(KF;o`xwH4InVa(D9KV!{gDA<$socV#$@`-hTZD
zHLNBg)ic)fvvb=4)5l8SCiNyklx6mETbM)tL|7AH*sR7HomU1r3@(0$dDr?bU1U=j
zLhhYIekQin<k&3^FV(tD2(JjQBgFBN2zDOz2b~X=CN5QGJKcA&Z0@Z=G7;<5?I4B~
z$+ZSe$eKH~IbPAf(x5(43Dk-X30`qRv9@szTmh&ARE<yieA59nA?#b2%0ze*%3u+K
z(=|8LYG6l7`y3CPeoQqIU`$pufa!sC$+>cd13r(YCg17jkBmIi4@F>_-8SkoTRwz}
zNAF#?F0CmkvojWCxB-%%l}|rT+?q}`m2Dr1s*1uMn{8?ApC9=UELY(4V)|uFd0~xc
zQ{A%J<PQWBHvWpV0ol;y6;Tss4IeN-)1zlnS)`L)+^e;Iiuv+x8wTK~5LENiy%Y71
zj-R%-W`rm3?SsW8dhMlsaD<IQZeAT_BXcmce$ErNUf;5P1@+|6Ijf~2d;R@D<ec(+
zZ+xj2*s@--9zC{I=e5W*kAdSeYmlqYC+hGq!vj7E0Um2cZH+p+Rm5n?4!?iAbl3hl
zDA=pOOcz0V{GkhOE0SaL10H0BnHVZ^!x1y;hd)W;<8JIm_1>4&su5Xyv&J+3XQ^mr
z33kt$UXO)Sj**?jSw1Dm(N^d@J63*5?yQjlBoZ}#C^xOtV?e5bX8+2Lo-l7>^?|I(
zPPa5imqZiNO{67R4R%;|>t@1n3GrpJ5cVj`sA$Dn_0<{9z^4q#3a2LBX!+UOPs=Qy
z39L1?X-Z?TT1qwk{54>zki}R1`l*8TGaP4||1qTKyl+AOJnoXglPt9~3PhF00_u6Z
ziKRGW_~6@!d#%&c4j=a~S)ToxkhZ>Fk+;6iH}tY%_mk+{*r1{G&B2zA<kvUEzunxs
znJSeExv3#=4Dmjkr@qHkPIYW}e8#n!`RCiZfp{R^)i&2vuuxK>-~x`%QJf03rZ@u}
zodQ1BfDZ-5>Cf*esDR&>fzR^{%Kx0D^3FK@pJPh$$%V2S&lD7Z-x{XQ=H~V;Rt~Ox
zU7^5zPGPMzbzOCpUW=JJKzZMoIhdI9dO{sfl2Ax^iUEgEbJsT<o=`h`7co!CTmQO3
z3^+ddn(r3Jzb<jLmAs{^q{{Kk!P%TcnD-Iyqgztc92^`H&Sn;3>d)o=ogDa|<Si>#
zS4S~EJ`WEMUJn6Y2WLyZ$D*R5e2@6~`1v0KS3Gp_vUh#s`Ox0w_W!-ff9~_#+{M({
z+R@e8!JgyfzHdw%+*~DZ-8y;DfBpNv?`iI7{ohZrclmd=fDH1ToZ)-S`-tzq?hPcB
zIQdpg)!NhCPVc!j6eu3x8B!v`LK6SF{{K1i-%tD>DRuul<zvyug8wt=|2XykO{(Q$
z?)=OF3Ov(Q>c6Yz---X{$$ux5;5*6s|0s(8Th9Ob7AR;bY6-sosx&F;2-!*_3JMtt
zh3B%Go~KsEs5~`a;M>+iKlX{gjJuV=$w?`^(rEHaYsHvIfctVS*|v}87U+I0<s7yS
z12HhD(dXRTirTvNv{PjF>xX1>5uB#_(KKVF&rXV{07_uq6YRC~<v~JHQqmiSGxRbP
zr~ddO=<;oP9TWXm&o2G#%2Q_=D1wa6Qc|Ad2&DMa57po^opIcjXS@~rK-q<VyE;(D
z+gmKi=>4fb-SS@#RQ-IWW8tBKPB`M$pI-ntD}E-i{!8XxFFP0e=oDq+-Id_k!O_SE
zi}AJmIQ5_W&LeT?OPusUamff=cfe<;qK$XZp#0rG=LAPHW3x1uqxFL+0GlqnM-<Yt
zfev`&MSiJy+=W;Zp^MZv!BgK{yBctuv!;RL+Z4fNI^0>UZp;wjnW*iVA|{(rJHLw;
zm`JxplN-L>f-8~8^^P&Lsdc<t9}OF$w276p_?3S|VoESH1B8X$dA&IK`vyd(<Gp&C
zpJq_!q*iHR^L$~{5$V;${Jt&1!avXU#)ON>9Lb6=%-Q$3?K3C*cs=@ca=k=dtq`}O
z55utJ_LwMUZRn2pezuo3x&Hws;INa2#ITjzSCNAES?oDqyz;%qk~o;tC+2bB*#6$i
zRMV|(Lj1>+kJ9??i$j+ILO*-_+}?|D-H{t3ypjWL^_B**aa8QSecn4O*1KaKkU4aQ
zYzTGHfyB_2@x1&r?@s@t{rT(5_0v(}&ZD7hzi*tJP|C%{MW*y(WvzdzHc|R^$JIsl
zaPD@0t1^i82v}aI`t8Q7vs-<`%4mg?IcY7$!b?<8r(Lih-k6G@HYAmd=q;5hNRxKo
zM7T142RoFd;l3;5i@m=e_(Q63bEOIu10#bGdtOGu7PT{DAynOn<=rx<Gz2%Illk><
zoUgY$DzZqo?wh3uym_iqFZw18bSp~u`$$68b@mE`wGJ`Ci1KnJWZx~<+A4RvB6>cl
z)-0TD(C2+>mBYhggS$KP&+JQ{5s3|>il20!Ek|JDSK1aHLyPbp35bo*B^u^=+9U@>
z5uQqaOW{cE)YhLneeU}tZX0ObF-MD*=Vp(HLCifR=K#l>Y?sFK7`e5F1<(?v1bj`+
zH6a^@pL&H%zwOmQpC70;`FeGY4fYI85lT-l4J$$TqK2n$YGC!d#sy%_iUKP?(&I^f
zQU2UN>|B!It0G+%B`*=rj8v)v+|8P$4$11Ii5kU2|0HK!mO`%d`jR(8SB^(DkxNw|
z#GB=v2XD|vj-})$9@%c*(0IDoz0@)3&g+dc1N*{jXs!5Kn_@{(?{~)wSt@h*Kxu7U
z8t?LxBb@clFGw+YN09ji(r3@4c<0b{d2fkFL)_KQzH5kWX&4`awYag<6XE7=Jivvi
z^#&oof+V!kt~HL%IKS`OYP4IUL=xI(cQ)9I38)F44Hj>YizMtuqe3xkq6}Z<=+<q|
zr(Cm_pRaFei7<QiYR>B$BqFJ*Sv$vKSW;f3<FLSO?3M6grMC8io3^nYLvxxj;rw)Q
zk&?a`?|_I(P&WL9UU<{P)x_~>1l}TzbLK^jyATwHjOyocxyF9m0=CJLB^#IDAkf~F
zf*9MK_ex%gV$<GdVYfx(j4Tp+)~98s1q-B~SeBq}Z_lQFC?-&g7-<Qn3GFaCLWpfd
zQTvr8{Z8_11-@*(7zL{)p$w+ls}Q!n3$+=(kG$aQ*_o!hb7f3lqBOoV*oC82Q!52U
z!|^;KZoB*J=uMLEWZU2>AG&<cGH+xkop0?+UOi?v!m!fsx`g-;wxZYEW*$-E9&bPV
zW%WKI=pL%JB$wvEA%OkIOVSHljhyxS$SSGC<!I|)!5z(HSp73%ZdWKzdH*Voo<UN_
zq$h=LX|TduZm{2P-mt!oXI4qP)O78_0K*V2?)}h}l@^y|y<;ctMtB>3hXgHRn{I1K
z88RSma#RzFRHkLHdZy3)K3Q8KgI$;g_h^^Gw|u_6JumgOC}M=&f3Nv0-HjCw)+de`
zckkZCDe^U%(J=9p|A@JduR=@NjyMb!sQITqG(Zd|J2Y80dT(#w^IzlA$j9yM0mD~R
zB;G_z9TYT@ckuC_FO$8Pstf(e2iiz?r~%R)){`oZZ93fOn!K&S+EV2wwECWoeHFd=
zjfQWy+IrydD4dxO!3^>3uTg+PntVye$^6{Ypx;k4cU3taK75!EWQ6?@8s%Wd&Npmz
z`$`Sfxe)*3*<fXCKuxzlGAp;I$)Arksk-^BlAh^=tAn+6Zi7-oWgG!+aMyM!xb^mB
zk-e7jRK&PZa=qWRX?AdV<(nZ-(ttV0Xl>Sn)l1Dqu?Yr4%QYSq6J!TI@n*P96qsX(
z)%Oqq*_};MX3W-NKa|+<4cftAOkpY1H7FD1e#X=v9B-FxxMo>zi%#53GKl75+BZ#e
z)8JM)vMh!*m^+X*g6DP$XgYa}(uLMIQuvzozQyhwZet+^&Ktd_ZkY2PEd^Updloh<
z2RC6|OQs<z;0D}rT8(gPFDv4E>4GXgO*HqDr2lt&cbE@(=0_wH>RhA*-Y06dD;f$<
zW^LnN`>AVBCWh~n4<bkO@ZOAsRB7zq!7Z|Y^$!bilviA;lvuO55&Q6+<sBMnu(48c
zyFn*`H2l%Nhp-hrPck;EMp%X6Y*Y8s6KX1ZYF42N#Z_YO(gb^RF9s|H8|u^@+1M=i
zUGCa@lIf;Ia&NvD@NmmKkT_aLRTp6$*F1pHO|EC$l$0`JMRnR}^Eeb9V=?}Y*rR(Q
z7A;-F6{bqfnO_7f_2~<!$L{Mxc%4~>Oh@<p@P5{l@A;TV)Ov~%DOXjZjV$7>O!44S
zUB<OwD?69)sL}Gi$h!Of5NHS*YHyGN<1ceyt@n#q@^!)5SHbOl7KR&_JH`x?6Ou+8
zXF@ku(r&X3`$ux&YE~N#ZoTW2kHHQ%ZPyrp`ArJRKTYWjb|?Jo#_ORw4XmVk3_3#Z
zjR%|BgfP<Q^&34<VM|wE<}>I(o|3Tl*1|u{6|7>|syh2_ZC~di@Dr=F#@Qx%N6qjh
z?J}ES2T0C*&??ai8s^HEQ%@o$vn-Q0&4%}T1c*d|ozgF}Mq=M1H~sAo9OE>Z@Ax@?
zvk`Cbg0Jzu@MS;fUU=-8snk%Nn>*UyYoit6!a}mGl4#i}(RpCPmdTntSTLF9wJwYY
z?fcYDlKXp#>r3X{SM`T#q8!i_Yl!78Zk0oL8)mej2HKPj^P6fKeB`tk-`(^c1E!xA
zDIg+=O;tCay*E4J(XZ}c;x)8tc~4tqTUys<k0QG#OZj=v!6B7qA0n?l{?;qD%maD1
zgIuj&UcneRZ0~k{|8PZVS2_1p+)BVPDIM&+nA^llIQ$jLJ_5%YE!Ql&fIi%g)2p)B
zN8eLQGE4W{`7%_b)#X0n=b=HdpB{h+kbT+?gP_JSur4vsQQ~7$yV+MFKHtF}`z`?+
zKkoadmo*)9UKC$>6tMd2qUiT(cF-T@O5TsfLf#?0+KvN!(V{i)Qg?9QcyOWAO9&^~
zQ4w%pZnOa_;*$?KjmB5oWk9l6)1z5Pq^b<O5S$G`@~Fe0`0t>=U6@{Tb?LHd4dI)g
z?Z{-I?MmtC<vj|$2Jy-DE37zqjia8V#^ZtmOr5oshB!l}n77PlG9kDyI<4=Cl}Y?W
zjq7-iCOWgHsQ#Sl`v?1ulM}WCDQ1ph21subrpQX9?yIe*T76aJkJuhey_>DiGOXsC
zM@3RxCtkrvy9Ny|A5p<e_=LFO9p>xpJ;(<tNPR>yO`uj(bX8a>;eZWR0A^jCKx^B*
z+Qy|5>pAw?Vi#Bv><cwr6nexN?`jvJWYy+2cX_RL7CuCh;a1p;&)^EkLz0O%Cd02B
z<sb0aFLi9J5FzA-RhVmxa=3c1u3Wb398@lUvCKh-aIT0-{5!u?r}$^?vAwHOwjt!1
zV8|}JK3cA}uvAOx<><nNO=+npJGCAu_p>#=jU6CZ%}6)v4s}xEz7J5nk6}9cRTfID
z(*C{{7RKezs++7*{Cw1Ckj@L2NqF;kY2U-0$NT@VCP#~km}g4m+HF2OHtIr-=}u%T
zzmSIQXWOTr3OHtMsNe2OZ7*$G&L~wPP}IC9_ShS;VV!**Rple)h{y}ZaYv<5U8Bqw
z-`Dym;FGbXR$60z1$^MqnI%n8-)I|5v!C8m?A9Hfc6H`*T0S2FJfZREVEJD3?zj(H
z*#1z&RGY-*BDvlsEWEvhagT5zf88$I83;(OG|FZ%$L6hVS~huTWTBSwWXJQ5cKAH3
zka<CLjS0N&xb5_Mr)-ic<f&-;w!*HZeb-}H5$?-s7ad<T_>D)sjHic=!=3<7p4eDq
z!em>EqlW{`32Pv5-O6TJiB*Hl%>5MaUtMM3^o*5N(jkPEy^F^S9EPThc1;Vuijr-N
zWEDX$J=8Zl(uC;`0k6y_zK{`eIIQyWWqEeAl-TgtvDDGtH2Emtm|UY(W;EtcB8a5x
z6=SJ;5q7wrdCI9vA=T9N<L-Fq(UZtrk8!W|0PD#_)2NEmbP|sg8=G0pS9=p5w@^hf
zZfSiK;pIK3;(wxyVzknx-v_4Xt+Jtepjdph^|XLr9HE%!m;G4%yBlq`zgL~Fa%9pd
z8<z@$^RPsXfmP=LcB;FrAT`_C3$<c#U8MABFvp@8^LJ`K{p6j2y5vKK?)&f(oBZ0Z
zodq~nf=dk{w$WxJ9?HT?>IXS_#CD$N)t#n{rPeR1E}5>J4W0^qP;<i&Yg1?U1KZ|+
zo}-bX_SbPsf0v+C3R@Tb9w<m#5PWfaX=qc=z8~{XL!~Lyr`=rDCTUm$d=_@$o1!AK
zRd}wQB3=qwR;gEv5*(1b2diO%Us;Lr^SF2;6jM`1Gwd%YZA-75J|SiIX?yH3WA%7G
z=e3ojd<sp~B5lt3?qgbsv-l8%otw5+rD1d`iTV1K!zMgv`hLAkK4r4(2RGjoBIPWk
zKI6DRl$8)GX*<#c=Sr*$OV$kA4B9x1if#eB&juUdb$u*%ib(2D-9*5vBjwiN*b=>I
zfw~%~3k%$SL>CnCRMFiJH$@paN4XsXp41#TDzZ9QE#>vB9Z#LFR9;Ox$8wu`iRy(O
zDsS2&_NA!~J8WX9Gy#deSGFg@df0h-X+$6fyI&Z@TF<A&$x&jRQLMe^k-^=U-Y~5%
zUo8Hl#-BSx!w=Hv4et`>wOn7<!;bm&DT$QuObPR99FK%7@4MOX*&7U;J**qaI_U&`
zE>zQK2bV8LvgJaq>3!ItRBMmj*FQB!iM1=k%kCw~Z1pNUW%5QpJB^%iJIA#Tdhv~)
z%+OIk$bzU3_DgmN+IF;~g1ubL0%|By>S)K(TNp&bVqC6xg0COcQ8V(UrwD&@HJqpa
zm2AXB#wr4e*Uwi@<qz0ujUOD;97r(CiW74~NDsgvtznEX=h@Dqe63>bJUg7^&Tz|#
zDvi7*v>`j$e#58Ra@xpmd&vD@F`sl{y~&Ss@F4Sc>hw&E3SzTY9NjB@?3@0eq%b>9
z>xPlw^i$7%a*>QfUtVvjIO*$VMf(j~G1N#g-|7}|Li$j3{Pu52gX+{7L2jpBH6-WQ
z&%qWl*kWddO@oeoo)W<go*QAL!oY0}`z#}AY+x7pnZZ1^@)rgynQqMUpJzXwWf$*P
z8uC$JzJ@`=^zcpYpkv&6X_^$TG5m#fQE3AKGfY?sZsYBp30IsU)zpeGuR_|J7BJoR
z*PFgGm6Ao)wu#E(C^3AhX$Fm4q1DK&)J>L_=5gvR_m$y(hC9R1nz0g}-PLA!J%0}z
zGM>CrsSG)S#(@dJO`pQ}wL-EIti`i1LfozRGG30NDHF_2ZkN8+zS}R0<%K+*)meTA
zwBxqzD+9k9u#|co+Fi92$qG}j86n@=)JFwusZ&c~tQtF1hoo`zZ@9gwv7El+j!VB^
zYfBG%*m>2j6-=jeAGWdceL>?T)%*h@<&S4$nmA_UwpqyK<-I5MFSJN)=2Axsuj%a6
zarL#fZZTaS39I~BS{ve0W`e$RXOW#C%FrFF#gIyuZ+Y36gG`Z8#}GPun*&^)Qu5ic
zHB|QYi=Zu2sT7B2Xlsj_x*a2OD<vub!tCk0AKP}6!Wj31Kv~|r9SePgk#;0KFcm;%
zEqf1j<O(0p3CAz+OT+yu!zzREwHNkDqt(44wQki~7d;>yp6wvKP+UbPtv&Tt*{CF|
zZGQr5Y3&rXhAN?r)nQAvy3bU{L7_%I#j;$k>^(d$)L#E~a~2CA!>ZTk(aamIZ~Hbw
z#}!BXW0GGT<WA_|tVCK#k5|8Z!e_z1iq~(WgiODhu8y;M+L*G=HNBlu>=58VdNbGA
zZltR)>8k9SQ}vkieUn@kG;d7%FlM-ONU|3W5{sKAhlqGyyx`QlNZKj0u0dXy3h^j2
zLDk7P9Yk3^->aiGIed?0Iq*kI?r!1Asb`j03JMdSDSiYOlLb>NgA0?G^vXmW#_f_W
z>JLcTlHzoX7DL(;6L`0m4-i(rEP|g91jRSI1(b00qKqJm?H8;{10|D$Fh)F<N(ULc
z&1w`YRI*bjdC)J)rCIP%lr<!6HtDliyh|vy$LIHxL0EF&(Y-XG7ktbQHTxWEX{=H=
z^s}UwG!r7lf5N&97Wb_&ogjX94?WKohL<k0&zT#F$lnB$S1?{sd`2aBB`>9MWAlZ(
z%yg$zqOkR%h0kX97`X{-*hVzB9~oaltJFvuvf&LsE|J1_*V12*<lUquF-?+am^7(`
zrf){Gy4SHLdR`BpS+LA5ZArBGl(yEK<I79Rq#Xh|{vw;$Ti?&yx%~WSk1uc8k%1$H
z3GmK?H*Y;sNA<Ig-Il-EgyD2XU8^Gv+j2+xznR~;F%?|Sm71(w@qyR4n#f({dmQc7
zoSqM+SiZ=7E=-d_SE->PH}$CB7kP}0!?c-S?sXl|Lj`zWVV9tjoMUAUl-y|X+9{{0
zzHk2$9!gg@ecFKftej2PqW#0csxdd%TxoG>`;mR>sO~G$`#6Gq0+c*hKw$Y)$HLBB
zYg~rm(nc}7UELotA*~!*998eLu@h^pqj$Z05RD5GI`x6eERn^-N3>O?$a)~KA-PzO
z48Odq4_UoYF<f8k=A|-H^_~qb?^e9?Q;@V)HsoHFeC=?UZeGtPA#(huQV<)ltvGK(
z%i3s2>C(~0Yy8-l%JOIeYg^s6Yc?Y|TVqtn9}D7uUtD2c)khFSx?tf3L)Gpp4_6hL
zu>MVb2kG#!qU5eK?1<^K5@MT&WsSW9ok*_B-oZ$JFLQ*CxxXBjN-dv{;Us1bwl}CL
z{uOqc+@8dM{Ob2uMpj7)c74$+!*1gxRGs{(4U)5Y7XOr(i$w}=E~}w&u@)jLIs%*F
zH=CQ9iR|Ey(oNXdNmyL*bxUb?+g}sh+<Ssp|H$prW6Ub|YBRQLEFEet1iUxbo-{JU
zET(~kMqT?Q!5QS^D62^imZ_$<StM9Ru}=u8@;gnt@S1QYl=!Qu#CeqDLP*9Xk0yGc
z6?Y>%2P31~$6UA?TwMkd<~<J2y6vovi7W2dBi#urS>e2uIXQQH4%ge2G(?t-bm2Cn
zg!94ETLuGOwzRh9E82zXtwmbJbElD=?*j;Mtlem>6T)p-`}pp8kf#v2aY<9IymE%G
zb~3ncDXU3aZa)}AbLjfB6GIp(PB{J+#Q(mf>%;vttJ7yMl;@}Wj|Aj674t1xC0W50
zWKB~Ink}gRz&gM(AG~J`=d^|Evg(Lgd7)!V{?17@LitIIgFgk!;2Y(=7RqkNtCcTo
z>k0!6>Umy*uAuiFOCdhOuC#qAOPn2OojPlixLIbihsE|-zX68c?Xmi%k)~erm+h5v
z1(mKk4&xR*ql1m5wrb)0Uu^3mo^4B4Keq{&(vd4Gg$2Laf6)5Ims8LAUDZ(a<fpum
zD0o2KVt8qI&g^}~3TXgC7Ozs0sVB=6mEqp2`pk0u`>{9m?|u`U135`;LvimJY!@&q
zw7U@&3^1ksHb@DfWdECMviA#a{1|9(Q-AAj1bo$7utfVN-iK3UyUc0V0O}Df&)s<z
zf-=2e<!kSVZgT9J91gyQlJ(0(F%}F(=NW6OebqkBezMVV`<X|VFAN=Qoe~n+Sv%z2
zOU=Ojgq1-FR?-atIS4U&8inOKX&Z|orx}egbs;OJsqzCl1xjMVzSJ8H)gh+8XWPR=
zlm`Z0K~&xzZuusn#~xK8!w-0~_kyC}hniJ1;GKn<gt?SRR>iTE5SbFnUB6|_SGS<?
zG<gT~QN;F>9lV}#18L)ZrLk>o_rfk3+O&Dm?t_BNz#Y`qPsKbtdotZqJ){oUEpDhp
zPatm^cmB8P_tcp%xs2|!-mS>*<{Zk7&6%f11q+kTCIri<(Eu39WET7gmYHmm{8>84
zoE3q~$u$_&oEUm2#iJ-0Ae7LU4VT+q!BzP=);LY4<bUJydAfD=x6cX!^Qq>YZbYV~
zGyTOq0wSq8=Dv-veFI0K-T9ewzn?n(Q^Y~O=kDCOL%+}y${zZ6XXpj5jGV)#7?-Di
zy)j1sB?}9S+16b2$LznlV?kMr|3pXM?=z^LNum91G5qI5NBX~9ukpi6&Vs-1qW?CW
zRI4e^c!y(>t8V@_%KXoXeWsT$UvgxNOoVCv=d0hlRt%XkHa1*A<F~fvG=G29zpG28
z2{bh|b#80U;1l(K3jRO2`G1_lpj!;ak>j_%|NptK>^U<tvyc4-^dAR<{%9+nWQZY7
zW`AS${1y|V@Vx9_oXt~bsGkN#j0dacT>NWQXZ!=23fuEdx%k^G{nrT&cFNh#IMby$
z-#sVJzt`Q&iID|VpJD2izqieOdZ6yuJ+FuTwIEiwPGJ_tv^G+h|LetmR~#ML6hY$>
z-<+=g^<~Ss0oT+^r@%$|uLTB_0+25`IR_~UQHH<10;f&T#%$M>g@-n-y`g{2+l)Lw
z;d`bwHBPnP3Y5Xo>;4<`$Mb@1;I>%An8(Cek}y<1BNcmEVP3b|>JxOVekeWrML3f-
z+-8VUQYEKzu*`ZOPwzwodTq{OaulwFhns#2d8uvp?03Z^LjjCY8A9IYw^k39WoYRC
zQ7}H-TgPO})3H;q3E5~4ni~18zwnuj(<uRT<<3%Znf`ols=%(&>(|vmr>RD|zX<p}
zf}3~6A8nop$k-`%BL+{vu`BZf+`K#)J1gsnrbhBE>KJ}IT7uuzr4(XmW;QI(?q}xE
zw4e7-x16JEU8_j5BAmCrqqK2HzZgKE@#uOFqCM*P$R{4!Ki&Ya9rr;sdGmcw^1(Ky
zSci{Qz#;;s59jK#q~0+KAaA>4^ehQ8&Lh_OIACNZM2d`eAc$S@532wUG=eSWaGt~?
zJsg$?@>SwD-!-X8Gd`DI%!yg~smKR^6~|@ne?20on-<qF?0_P#45&!=SkP7Z5F4>=
zQEayCzH323_M=bme*5%)sPC|7ps`K4JhVDb`S?61XHhFWJI*rQ4|A|fbO11}07!)H
z$z)(RSo&zs)Mu@kioEW&jDhd%d9n)IB_6X#c$PN;VX0nl7!5OTbvR$suy(1THO!y}
zF&!;EZZlZ$Cg5m49{^sx_f*pCPG&i22z_6-gdVSv1fWf%tcn8XSS(ZCoY1=mA$vef
zbP|9a;{fJN0GiD<^de0EMknt@I?B-1Z0yFlhbK&oPQ5tVZE0}bPs3R7?%h^^I?sfp
zOZx0=p@yU+c|x*W&Pq2UtWa=BP8I=ZUmIUqex;WgHI586J<!M-)`9rVhQKqMjo6Yu
zew<AG7ES9{#^LWi+r@|KzHla#YQ0K43jK!>(-=#`Y4lu<Sc<w>O%X(S$#bbN-&ebY
z@*juB?RWw}+P`e~rb|!U@ZWpGUhezr9dikw$&RWDHS$MNJ;oP95S^4w1O%Qxx{laH
z^8Kj80;iMQQk`>e97aHsx0kVKOVYSgI~!m)SZVA)?YrKdzv9cG1J%|pr0kTfBdsE#
z;|*T!Kkg<Bvj-ghI^79~=x1wAbHrr(`X9Ygq?PVn(MH`S-#R*D2V7+<ReZYV)cIo7
z%%|}!47yDROT|jfs!HrI7Y0|+onccYERVX{*){V7utk+c&xRhZX58C0eryR_<^Ygh
zy?AJySC!e1%hESu&0l{M5piA#|LtfXvrgZ4IhN<Co<u1KCc^=tjF#L<q}u?RJ=${a
z{aG)q^)l3vO<`f-3Bs{F>jiHFBi-HiXA_ol$$Qh$M>R)k96DcMT%UrAJ2{7{d#Jl@
zsLjkX=5h~r@D4}iF)C7`iXTM^6lF0!t99+DA%+%^nvws$xyHvDTWsmhs0*6FFf$}7
z=DuRpIiuxuOx_KbxH^J>8i>!vY8>vHrlyS$ueV4ayhnpQ#%A+vq*iOEO`ZgU|4`K#
zwdXlMh08cNA-Srlf(*}DU7L`<;q`sop9HlXF3+Ufuvwa3`<#-pBJ$vhV8aT~6Z~T+
zn`Qfx;9_k7tl#}^-_h?+YEJs;HQg53@BYIb$*-s-80lK=y!R`V<RWO*$1%eD*dblO
zGK!Xk|9e@2PuIg5GoR7N?bl6#RT<^hNw($~Cb#n#2B5}Wg3|PH<4OJoL3W^(2Y;CU
zRX5HE+FEX%Q~t3`_fRh5^?A;YVj&MW!X9w3{N}8y-SmW%$~yrY#@E7uQ}YqX(aJqP
zxQ)7mi?sRUetNZ1vhcebpZ5;{OIA>6|GKx`T<GJ5VW8WQjr7B{_1Zs$VL%wsSij^6
ze*Z(y^weUGQp`?IsTJ4==TF|oBG6JKvl`n>-@HYHmYBz?q472vV9|nZHF;SVDGx!~
zqKtotiex@fKUc}-{%OH5_T#K_!;g6T6tL_4nb)G!f<>54-sR!@?d0KKkW(OIBI?+m
z1i-(;w)ymcaVnqVvD?eV7ClKgU<_Tr4h?Dcj3GUCaVdb&B|x?+vV^^3)vx9~siI|U
zp;n-7vxzy@eWC9r-sK(U(}1m#N=f0Te3kT7blHO##<!9HkoQgI(khD8U_`hR^bP7=
ztp~}P@`MpMd0u~0=dL=Y>Nq3uFeWy3CVxu1e19Q3dc068De5LtYB_Ms9sf`<Zwmu6
zP+ES#ZRH0D#Z}Gwtbb}~X6IuIWr%~bx1pUI!FuymX5hK0v5~ms_~cS0<k|a-#P>`w
zm<JujZnkkBie)nReS~O<;>3pOeElfQYgl2i%)H2iuW9p0?MRKyP*I+nE#uV-59d={
zqE4(h@7>iC3v*NBhV6)HTw5e7{*(L-Yi2{oAjrJPR_$nmHlj2y6|=9k3k<vD=%v2u
zZ>eH#l`+a<KkD6<E#kO!qIBW>QQKEwDURQORRS=ykXzL&V7<#B5xgIrr?QHxvW&lH
zRd1(cNyb6~zU1L<JTjK~9x)C~t}iZ7glg~1CO|BHjA+Si0eX046D_@~p%c2=^#{v=
zo>Pxf|8v!Akay_a9d13Hf(vkM?0XppJ7&W#DbyPX>w&g3U|d5^g>k>uxV%fiW9^&v
z=l+Q+0er?)BvFd>vB_IH4lZ#WSwoPvTM1<$uuOp;^x|1KW@1Ri#3U<{O&sHYO!i=Z
ztNCaHn5uT9fvKmSPSBQjuYmzR9Yl3w4VOnPV@qubl4Uf+_>i}Nf!WA=@h-~3eou4+
zZks?5>;{4bw8S0VP)|Gp`UUSkM5EMm{Wbb}A#G=xJy7mB(Y}4+x-BA87wt`fX^3C?
zCtO1Y95id?X0h5$^M{CybBFR(BDX-$IQv}FYMz~u>I&a0J!nR0WNCkek0Dt5yz`KQ
zQu-mlE))4p*!{ND*eA6fX)f2<j7+a>0CCO%2Qf4B#u63@Q_p=h$J@Equw06K&4Qwy
zdGF7(QazvMljP6axTTI#ux-3}Lt=Q`Zx@Vu52Y`m-9dLbm^0bJCX5>=fJu8qMVf5p
zcd%6fR50ER3!bl16QXsqTI|mbP4(NsWhQ4e*^f8Wkq<Y4bs@q_$~W1q!pzK7+gn>1
zJ()@<7m{9yHk>%lmK$eTdON>HMWYW2N;UGM(A5{Eg@2NONCF2;@=&T9o*7_wocSmB
zH>`h%d4Z*Wt&gT&=_YRuj&2+140q&+Y`XGLF{TEVekx_W>vIYwQoQmS<fWx7wQnZA
zJL;k&vPGzwSjCpmmi;<0zLIZv&3sCwtOMqq?Pe|Wy0aQ$wvoe5(`~pg#!qGK<32=!
zz}q-bNtSi6&^uTAu)GJrK-b7x$axzMOyT~oEX^~y)=1>t3HcGBIjHPMU6#&@*b^6B
zMG2PSt{VIx2f(q{?ZSX<3Wm04xK*zkxsvs3>>CH7F`TOtDAW+l06W*4x_o-zSNq%?
znY*mPq$`1McfgqLnjojZ6$2JrQm5YRav5p|@1nmeA~J6d`BN*AIMr(I9wo&vzVEKr
zb34Y{;FW$SuekL6C?y%}OKjNZ#z21i5M$Hw{5<n<(`ZRw89v`J9nf{g+M&mtR*{-J
zI7@caJ}{2%pcwZwc2<EIhu(U(8%q7%rqe=+w$XEas+&;J(0A}n$H*(!jW|BWuobC2
zxN7`rad9AD9{(_pKy}?QaKfQG@iD^j*EhRpwMpNNnIHb?fQx^}Wg`Be!2y=~n}tp=
zM^SLslCAwKAi95;m?VnwGXeyH^tNqTqs8t-KtO!@q&I5q8;!qD$*Hx`t#^KZ(C!(N
zAVF5ELb|P9@Fp_SU{9%eS<N)_+=BjMlA81Vj7g#kT5>*rPYYAb?;nzdz9wj8Y=E#^
z51KUgSs;qK%<a`QAHbUH5z>ciA)w`v_p9s;+Ia<(SwqD-HFA;HK*^>DFylERAHwW1
z9e-3dTY*rJmY|=jf7n4TMbXG8(qjk0)mJ^3v{QQ`S14y>Gd%Xzel?|85%z&$=TJV#
zx|*B?)j^cKqA!R<K$P)}uLA%%ar@}H?^^TG+WmCjp8-u1{-jw=w)Ee7P=PX!>DLrh
zm_pncY_7b&zw==5ps-;QRBPcS0Q46>!pXV}Drxf8fG~8Vx;rd5Vh}LM?DD_DFePlj
zz-Jxyi(^{rlnm%eoRT--9t;Ea3jZ>-QBF?Iu!f4{?1T*gV!ktnNO9>EJ^J`B!4S>P
zzV4_*ynaS0T4JN)AJU9Pc3zG4dl=>(=33p7yeA6~?KkdCh5Jh@d9djV4#D%{;v-Xp
zX5Bp1==T8SvE5F!d@Yn1Ge80+zaC<x_x4hXd(VywsC|}cG2f`s`$!kIT!I#Q_~iGC
zI{>_e3Z!gYZ$*9aa`;6ImxAXEX>1ssl3%@i3M>FdhPV?EioKA}D&9j{I$!ecV)T*J
z2V9AT5k^Xc5}6{(j{=sx)xi3*ej7}QwMM@3Hh$|-pH%0emKw+AkPc+q_Sk>Dl{v3_
z{A6Miq^-!KJdvV)Btp#&TKafT$f6}Av*Oy$LVrumn~sk+{eiJRNgRkKftY-EKvpI3
zQFDy};Y0($fEY<!Yplir;sZpP9wRsEWtn6@)<W?JOc_KP354i`;<Bd73e$G|(2H!Z
zaV7dxo<DOG@-~YMPc$D8{Do?ppDY3Z2EMPrIvZZrN5+AG(b*aGWa=E=Z+FaZhX4s6
z$JJpf4zPf3;Aw9^ki*KDV@mYI*|Oj<AsqY4?5o2W7nY^`_OcWO*%7~QN~)hhmoHy_
z<&YsFd3#9iPNVkcGL<j($kMS>O7;4Nb?RjBTS`=$latd<w*Y$hi)EVi=3LKavs$B0
z-W;$N*mqJzcIb#qvP?5zNe5OM<g>YSKmLN>dWwf@6ImS^epPA2WnR+<Vh(d^9thyi
z?suNiimwPRr*1l0Z)ZQcza`Phi`i;9X`c&o-B^8Fk^F6Uz!s0GLm6EUI9vxtp>$je
zowVJR`^sC*`XIZItOvP_-L!ea7ZFsbxS?X9PbWfzeUKK?RjUwlPm10b&|7CiXAWu(
z<GdtH+b*!D(9t?`hkJI$uAshWxyAf3HWmX_Z&`@$s>oTdjF*3(Cm?aexVF-`FH)&}
zMab0pd4hQ!>cx;6Oa<w=Zh|j=6Ox`*2aF4%X=0+HILmdej3VR8$`=OJR&N-&G&|OZ
zbv-&dIv$x9aT$05kSVV)JnnAs%J?@PF(MG@@H}|%V+jLWK3&`C9tG#jC=%|{Y!`AE
zAFa`o)&B$OKgXeZl``yEY^Mw{EV7DFn2vsUL12l;BnTP3_kBsnR_nXvtg9E}RWVnq
z?ogXoGoxoTO-mEm{xED(1gZ08JV&UD@~w8@8Ws0*xy8o@;44kX;pX`*cN_9gQ(cUx
zqXI?(k)ZKJ`0%Aa00a6x9hsnU^@M(LLOPMqBYi}iFxn{kPGjixwF={2GyTd}df~Sk
z@!uyvH!}*8r>V2DrZn3-^!&m#T&xsNopV&8q4>o0hbS2!L9ZeM`MnjjGCaB)P9Ypy
zM%7({7CPKdfi=Jee=N`w7HP-KDHJrW^q?5Jw<1zonyV>;)y5_U|M_KQ^q4udG(@6b
zE<u0b5wY90`ZlC8+hW_-f1#NfB{Vtt`3X^l$;>6GW+<M$tP%)XeIfvC3by^*o0{uo
z44Q34y<F0WFEjnJB#y0r4Yn8iz4AWE0sV`N?`8d@_RnZ&Tc>okYjjU85C-UDQ~sJi
zCeHPs@lPMh;%1k1?vZ+h_+k=Lm482=oRs7WJ?A=5Ca=A5+V*<ApogZE^>g(*f7`s$
znFTQP`nchU@wnu9{69HC=IizSmiIGk%K)qJ_muCXEoPLQkL80j&7Ac{DXnN=N}0*D
zSBx*b4O;vCvig4|dwnh^H#e?ZhFB7p4gL00&3x)s|BnUAYp1W#{Pk@=%X|Q5dw8l(
zRJx`v*a}ldyt8xMJNKuaA(Np=9or#8<lCHp@7rEcoCRfS0M>|ZUt-2zJQP*!Gd~9g
z6fuK6KkyiQ2d*q3ZuyzCDMMdk-|%14GMxcH|10ebkC~Nm#A9<)y;|X|$IO)1u3TgN
zYbJwb^!4?BoZsTrKdvDQIymap@@_q*qrAp??e^c&zCxa$eMM#9xjg*Bilo49hvTca
z_ZeqA{}8kS(Dw5!dY#MH4zQJ(!fvy~yP1X6PR!I+5mqItfA0G9oCM0dxBA2-Dj?RV
zi(6%ZXRdOC&L{}|0fhi<wN;x#NC>{CGImH_@kf{pd^QPx*%Foz*cR4y;ZLCm@Ge0=
zxjugUsM>J4(H6l|@k`<Kt72&~*PT<5ERk$~>%zHe01}6JQhCewu0pL@taJO*q!_aT
z+alU7{`IMxA3uFk^F7^Ir4wDX9xfLv=W(EUhVq*DwP$~=l4KcQU*C1wt&1uv1|toN
zDwk*;y$`#ZGVllF0(57F4?xHCUcaz)RKNBtxynNS6NlsHpWGRbb1I(ytz!zFXXuh~
zcs0Vr`f1PG+BuI8sVZZtU>f$fVaNIsV0>}<voucJYqVR|z{E3|9#n*b1mgwsIR9Lu
z=VF<H1_uYH7#F|@r#wID-RYlGiqc^p0^4HSnEqP09Q4f0It`SKEmwRJ&gvYfUI1M+
zXkE*i>B|A2b<$jd4i2EOi^&gSvzUhg=+>VeD*$*JK{O>`BnHrKw%!Q!|Gk-J%+N3Z
zOOx|?*{wC=qaW@UZDr_ETiIDh#0^$j^jxzA7(rSR%4Ue`Bxc-nwezPt0F<5`AfD<<
z^B^dH_g>NY;l1@~0>GiGt9r${09MP51Y{AkErR9okciXN^Ap-(GE&3g(OK*P1eU%6
zz=Alf0Tuf&-#K)8`Yb&T3}AFU#Oz$;fzyelaD22YO_~g$TLHqlA3eXk#zmwrX5Ob=
zIzOg;8N$tpt#g^bo-F0N=ZFM$WVnp-{k-VasB(KK4iA0jmU?UKiVeO%EqkR`oVe99
zxcLT%V2|KwqRj~kPishYn|mroX`sw@GY^8xfZUJ^Aad|8n87n7e;~ZY13Kq(yHTsV
z?!u->&9p5LO}n?yimbS1{d;Fx-||)HZ=zOJ{WJXh{9!6`#PaX{xvg>j3>rb7rP^Fu
z=5je-9s<$g>};PeyMWu0CJERq;Q~faHitkbzXnNt-EL)u3<JiA&G9}uz_;89;LraQ
zHUXTXot=507gVd^-?-_WN>fhL#06TQ6I<Z$0XDb60A=rW@zxw1+}e7xjKJ41Z36$t
z4Yh`t-Ik&)yU#~-D`R#$pR#3$1EM4H;sg+#cgr{|>>O4<<U<FqnFb@?*W4C?9s&d#
zW?1Je?7E;z+8R(%^78|Pf)Y#9JFTbbC@&Vsrvo;9%WC&fqjoD&Iotm>iv<0=1?&Uc
zpSrX_ezUraaGehRIrU09tT3=Gu}xoruT#bcP%nfupVbNtWzkkkDd=czKcF`pj>*IT
z!k~r<ycCQa0ra$kVm!|}{`2S0CGycXnwEh#PDOu|1Z*SUwbk^1qjinj6Q0wNI{-Zz
zUd&Io2WU`fPm)j<vCR1EF?r$`2S8xE`BaZIbmb70So%mt3Hk(a0GkFDcIl4#y#U+F
zjRXK6LScSdB_M=wz@kKp3E#~~fadfNF@PwVFoMql0Ij^bT5uvgS21BkO9wn#<$Zj(
zse(K{BKdvY1NIFF_~nt!GAMF-*&mqdv6P;8C(_ZB*E`o@5-RtBWzLrc1vYoL76%9?
zUe}4Jv;5YneE0F={?dkxR};Me(CTI489pjepBNJP(qTA%ZZ~Rh{?l!FZwQ<Oz^}@c
zJUNV;#$4LLgOHgSvx&Tu-Ah3GSiv8xwa}54=cUh)<jE&o%$HQ!bYL^#ZoYehI3Ur+
zyFj-bk5#xDo9=(`<HTSf0se!ZBe?nCP0M?NE3MGOxBLse5}U8np|HtvO2GuM`<DmC
zxf`9_WxB+1eEzHs#Jupb_4Na~%KiJJ8oS>BB$43t9RQ=y6IM6p)A-Mz92C19pII8R
zN~>heY9zQ5^7v$<B_5EWD;^)*>E5%m6AoT1`&2(J@D>_(OMg3_{A-?OT>e_}0grlm
z3sHl>yx7!TitZm_gB^>>t1>uhdJ!9UedlW1kOwReLnM;G)jm)4>WdVydR1p$CqBCQ
z1Rfx@;E!p{w1u&p7QDDMdTw>oYS&h9I%8waG6*5>6L01bAr<aQ2oaX^UZvUwp|CK6
z`SdT|_C=h=*TifCUkjCP9Y+F?S>Q>xbTI(=?T%OI(ggZf>(+b(JdfT-^GVJ>D+@}a
zt>`_VA1pj8=baY{Y446&qx@gnx;j?|s=b}C)C8NT|0Z{jObTrUkKO2n)Pn>uf^)B&
zae(wX*+M48S-2SCcH7q5RH;=DZllHi(FahBe&u;;*>X}HMLfD71r2re5=(U24q#X$
zQeFj`@@6~N)w~BvwwRK|{FmApFHT7?f&}&9HnYd&r5Txd6k2P~gW99m#19D6AGuVo
z>qm*sT}94(R`mV2aROG_BW_5J01oOhev3pzkz|7T4;T)Is#B8U^@5N94?o!95?9pF
z=H@6`Q3pjatPHw?5@J*D(STxs#!c)SAW_)RHw<jGP(R^%!f|_BsJcKI<Rk<x$once
z8F>125H08xqocMo!-6Kgp)3^idXQ=R7a)ME@27cwv!o04>3UF&w%G)L-5jaFHlIhl
zF<Nsl&%nN}l`4<%E5Ns#BmwZ#1hL6~?M8co&nDtux)u0Qj~7hXASvt5pFfYukUf3E
zzonl;)julE$%;<>bK5siuh|bSD{BlIZXsniadYGqY75N)JoJ)5g~_|J<phZT`VblD
z8d3$tA~q@j{?CePnLO<G4^4;cK3#|%I{5hwSP@Wl{YGKrh<vjEsKzYY&Ixp_r3)Ak
z=f`HtmR*7U!=xiQB-OL%Xm@hfSV(_c#*$`V1EATDlHQFcXU^03v02+KZNBuoh*HTO
zOXxqi4jbz~U>{L#yts-7tODE#Z#Y}$zx*Z7|82aL`vIja(27s>pJ2PkMSPVfKHwKE
z8)TH<Vs64=l}b85TStjy1l(9ze?&-UOF9TAshGu<P3SN6>)UyWCTBEF?t+*Njq63C
z#8;mjA7U@iouK9uOT?l##rgzn189RJL#lO}J`_;((-B5V4KVAwq8oq(0ZfE68kERv
z{=CE9o(;AXJXhWC9ksN7^lO0dpT7lAb{zd(Jy;CxkYnk+=N6Hxyz{?COBp#dD;qMz
zj-2uM&++O%*{lQ3U+U8xNaS985s-t8&88k<JAs4IdqAo4o0~}O&%{U}wU>*yKI#^#
z-_<zqkK@uRdHRkzk79IbsMwFGgui&J-Gz~m|1}{>Ekos$IQga#iCg29+d@NUpSrQ`
zDG72vgvFS;kL&6apPiN0BY<09tXq-gknLa0Ih;B9g|fX!QT7R3w)raPavY;}owGTr
zY@|57w)P21X`U`@B%@oEfW+G)_l?2H!qDJoj|0Dso1uH%+U7@GoUjZ_D>Y$bz)w;l
zE&d<IzB(-GZQol)Pyq!cRX|WST>>(6senpKHz?iRCAbl#r8`8Lp&4Lkl<pcj1j(Vh
zdDnRE+2_2^HSRw=JPa_uS-n2>6~I|%w9a0`DWve&?elb^$lRyrloi7uS}Sl6k7USA
zamy;-$6hPp(2u;Id8sN`;igi<*fX)ks5;2pcAvw`o9ZYnxN%?O)!H&?Z_P46`MwyQ
z)xs~QMeWAQDN^1q4Kf)+GYH~dQ4FTSP4bN0v4&X>nM;LnJejQXb*siQbc;CJhyxX)
zk|3?e+aiGK^MIFdyxvoDoO{S4TRNS(7y_4F+Bdck*zJ9C7JX;e_lnC(0B$PHHO)!;
z0qOI&a?8mvBdF;_?o-774BI`yvD=D?2>iy4u3kGaR|+AhLy!21-J!?bwc0`62YbBg
zRcU*|@)~a~5OqZEgFUq;>t;+U`PYTE>(WLIoMe|=P1asdMg!H$zRp;ye6}04&ZOks
z4n*DCuz|C?Z9F{6d%i-r-#<>4JZ<r%OtawCI(gRPK|!j%8>qPHo)V9zbApPsYs98I
z6v@*b2Gsf0#ytTfDZ4!z>Q1haB;b+H?36_n4Frr-9!$o6n?nV1c5n7P0+4wR^z0%R
zta77DWLqWAdUlP6*<WLsKmFOgI)&)kl9m6(xtJZPz43b7w8ccDm19FJuYnp#Z_L05
zQya~-cklK^)n2w&kAcnWEUr2(N6~wv_tWY_12#r8Nw50hM@^#G_)8{LKG8VtOCfur
zeUwY(7UK)k$gG!Nd?*cK7)8RhUQ)?<1*#kYcFlc87ckgDaygxYssTO&qJn(lYuIB%
z*?7`oxhAk7FDwtD&1)>*_Ley<6fVBN_O!>98ijYrzMO-x6RfaFN6(?Msf01R`N@NL
z1jjwn*R6%Z>Cp2XGIg$T`l^Gk6@GW-j6dY4z5fJYj%S124eY#UcxxeJ0C(Q&gqoUa
z27O5j=4;oP-kNJU5efF;X#cDzr=#<r)slQ+;q==HBM+JOr?M>$?wV4c>bnvl!sit|
z*KP<Z&oQ{Kc5oui{@IP8VhHXh<9C-GJ{QF*BrC}}9vFP)ODp47zo0JT8X*zVe!JGN
zVeE)d{?>A3<BM>>pkK=Q=Jd)Fxey`T_2e1PE(@)1Cn%4HNsT=e)ji8&E!z{rJStZT
z4IO(Gcj6{zz$ua&=9Pc)1Y>=MH!YUXo|4I!Y)pGnV~o4{?<u>~o_CvPJ_m^DV4D)b
zCEWY%5%?Kf_(CCjPBJ~as;F1OKfQUsD1JlW?r4(Y<or50Y*k`hvQWf?+%3*g@lN<L
zbq!KQ3A*q}EWkY~hU1A+#8Jj7t8`tSFr2A1=c;JwC*gJ`T<HP)TxRX+5u>k+hpB<H
zB&>w;vG3aZ6%AvGxt|2oN)xDi8N(CKdkd}$Ne5J;*^QB?URUA?xr_||<BT%pC&Mu}
zCRM!Y6Q6kN8}ypieCu7-C@VnbC2$z{_XHx{3@T0IG|J4zN=;%>_-1hmSQ5liA<Bb`
z^%^IC@2g?RmhoR(r|<p5{G5VN+upKFE7plaIaC})Yj!f2t>E!4FSw5=H#K%Jb&tL<
z$1LL$v%Z0Cx%IG=*xXYLnaaPfbe;K)o)S(`dSHvJ4TRK+q|AhRM!bSC!1<llS2>?^
zY2`JC33aUTT(^)}I*P=;Ej5{ELn1{=fvD@GE_<mXC5P>ktnSBCnw5y?Zs1XXR~C~i
z=`hob?FAqYjP)Ky*)<_#ONIQVGAnD?evAb@3$xE>pMER{k~a`NibN?x5z8N6WQlIN
zSgsGx#Pm+5_CU(mql}&}v8OtSxlycDQX=Y*OGCT+4R+7*;utk_?tKhF9t}xdM)>W`
zQ>_&&`ZT*)2PP38%Rh5G&|Ipy<9cqbVer^&%tNq;NVVIdZ9Vp$XZ{4T>-?v8=ZL>B
z&IDJdAJsgtJo+DA#s4rb0nd94a@Xzd+pB9+u)$DzeigIA75t^+ClyHeBp~P9<z9MK
ztI!r?TtZSFvLTipTwHaR4$0vnD2WeKP!Kh<kcSOr2_K`%GWOB(cKkTTXIWAO;18ja
z3kABwnEf{G5Ii3#j0$AHAQWqah)NEq7D^#+d5K|H^HN|wk?kXBe@dE+PToF4OioHM
zBxt1$Iemi#$C>_89zzgUP_~czN^*wlP%X|CQy^Jl2w8=ssmF6};`NZ@acB*Z48dkT
zBPD|sBPd|kwGC#nr5Q!zONG*X#^VUo?s%=JeEzg2KL5E>*I?6><r~!#Id2MB!yOZg
zv1blqV;Ot?R#j_I%D?(A<bnmZpVc*I?<;NUI3n_or3T#0#w>}kK0XL~BAuHU-(TzD
z=EV|GlYc29Lj{kmZ!F6!g+14#l(>30nzAt<zbxMyNjp@g^5%ubaOog#r17w<!kjqD
z?K6AKfQ#*p%a6gKg|PqNth3TV@bN{d8y#3MhHjzYtIg8jh+}4D7HGO+i^Zd{did$d
zA#WLLxqGRyg`BNj-IbQV&+$A+mICmK1SB7apmipXa{~_f#_WXcjk*j|%8-#wx#w(Z
z#b2+g5|0c;Q|)5i&~oy4DKV#@L)7mG)bDGq_t37<M{C9YNnWFqcBzX<RPWXvfCb`^
z%R|vJrB^DFZhZ8wE&aUsTrR>UZ!!6WW6v(Qpf9`J9Bi@r`HB)C!pprj)ou5V#CD^f
zQ+{nLS*DDuEf?oVN-;#l-g_)^WvoU5zof#pYV`!Kk1V=HmZ-ItvNzHucbSKp7>kq(
zE9X3=K)BdyqJlkxiy(3@T^Q~cZ9M+vAYfNpRNdeOBmHMMlL!TD@?)^d_@2atajbr7
z3;jsmrMwK%Ab6em;JasL;-)ofWhGSpkOjVw48iW~R<X0|(<<Wzlu2R~*+K^VSBC))
z?>)_wU(qO=eAm1KWwj@Uq3?k~g$x_Ext)Ek%Q9muN=-qS9fZI`=;&wZI+uRBE)n!$
zVwWw8sei8{e`7SLA*K8DG&sG-r4l{0<u7&y&R189tLW_Umn*X_8Cpt$39Y)q+G_Nn
zJJWM<cVgJn6}f_o8#i?Sl$T7Zi~O91#N&g+LaKslZocX|?;0s=se`wj14)Xtt^V32
zW3kLK_@@Hbl+V{z!$bfC@-K>th<Z%TA4|q~Xi{c!XJ3Be3F2LSH{^*Q-X4mGsiX?%
z-}pD`Nzg#~P0UAPwT6~*B5DJo3O`4xs5T%kJQ=}>^nb{uF1K7>0&fUO#mRfwJkK&^
zEKR1N`*QAB077tgOwMRbM}ya5G=;YFFNA~8m+QF9>qnnV>3%NgPWkJaF}&^p{%-BT
zFbrz5yc9O`gskJeNQ=0H+QFF)Gj&aR{7)CDe;{%iEs+kzW?}=njI$j<(Wy_Ei<<1%
zO95B!#{Uuj`~he8T>+@;iUxtEvECgbUGu1h0Ga6Da$^LHKt>$Eoc3>0iQt7;iDcEA
z=8R_gKjDe9taAGQa7zAFSJ#;4Aa~R5=KkqP{Y%i0Yu^u+2Td#y8R3q-dqequ`%6vD
zgeFqQ%l{^p3S||TS5*A%zc2<_9K>0`f={$~Q{O3N%XJXUGL9h!gQ5};4e-yF#SU#9
z7R&Gc(kOmaYauDgKw^=3YaHv5GQPQc6j$yL2Ek9~`hUide>$2h_y#cTzxEiS64|oE
zm1MGBQ;<;@CEj%^GUPfa$JtWS%jct}o>aC>vf{kBqemExSHhc{sqyZFtu9^OoreF@
z5ih$^_{WciX$$T|1GNSQbU~xJ`1(0p#kMuebiWb*P|5XUwnwvB&C4q&>`<x&_U{Ns
zxm!|7dH&U&N#kbsHb;7O5XwDTdqbx1umT6GKX#9G;9%I7vZ@|+!g`s9x5ojQtvGy-
z=lmolSXOe{(CIq=!wip(ei_m-uX;S=i85w~*xKI<{v&Q;bUh+hiLs!FJyd_CTqn7r
zd}U+Q!m6w)<h-Bn5g)AHr+P&y=*5lI&w^G(7Zf`|6k~Y-O_5B49VL>dFWR3=&W*4z
z?3WV$3=#R~XH-Vsj|2V+{uj5FWQY5r_g+wLd7)eI@kH?0oGt0!EY<Ttxhi=^iyH?O
zlg_P7mWk7hG|#ejA1Udn=>3t-v>~)Efs)FI7a$WUK0Yd}*yGk&8?Dm5S~XvI;EuGY
zWo&P1fUP*fHSj2m%NU2cn_jM}%R%mbx!du_AssIA`0?X!m_I1GgyYx^cxlc6NcB3r
z0fI3Eryb_uKH@{;BVPC?y*Wzs$99WwSh~$cKQu~mj_Z@`@0J7+HNt0-l1zvH(0J+1
z#X0eOl@cwBF!##8wUC)(kz|$G2^-S}i)<ZqNL6G^#y_jc&;PNUCK_eN5dw5lww2AY
zj(6!?;~Axm0v&g!otDX+apo^)(bL5`U&3K_0}9(3H(C}&Q%ZxD1#Vhj``sV~!W{zO
zDk?wpG4C0{+88}8`+%i3&kD;`gCXHoZwc*&-YLbCj#Xe$js+6yS*#%=;S2_8O_2d5
zE5v51K{yV1GDFSCA{$bb4eZKp0wKL*H}l3%8_ZnPTq+i?7f-Q`rOeDJk$G<CjI+jn
zn65Y?RDyyvGmsiIrTG5yIaY7ptU}YPuI`{p_B(f$_uHoNM=E@E;^otyNUDp+!KAh4
zyh!qrEyAOMi&iYVCaKl!OTrJTx$K9{byTFY3{H?6=HXEn32UD2s+*9z<B4|@O(F?Q
ziQMN0-~WL_XT>C13hHP&A6@6Ob+j5^Dprw{%)YJD#>XYZnX&%4N@V>c{Jh7&!?R2w
zlv^E(OddK?sCId^V_Ej;IL++-<#@-Sio_sarj#NWyUb59mj7IHbyaYIxr|6E#i{SO
zZY|U0t&@Wn&hDwS*{TU~yUK^`?mHKOaBNBOrc$dzndzRRR?nC-^}~g%je~5jK&AHu
zxA*LX=mju>Y=RvAMDkV1qq#+0NDZ}7WUW*SpVHkXcMAfQpdgp&XZ*p>?&`MV1gA%^
zMe8~+Ap;Cl_8Bm}`+1PK-X9o$w;cf+)JrN>R@Mvesk*2eW!X$#Y+nu6<8sWDOmFXe
zFe*6bT=1Y?i%CE<krV_7DwG<|AAihwrE%+;ah_S{FSh)DnrB1_f>kWOvH8`rD(B4C
zbt*2>F`)9CFH*1PJV@E3KSw9cqjX^ZZl&?K%+-?n(~xwB&PB3!e=v~wKc%9k{xZ8`
zm$6}VP(mCZ^*z)7wcBcj1?sh>MlRpgvCrvxucw6jgS}YqEFh<XETm`3+B&F}8sHBI
zdSix1g!6}Ph}nzFy#4(!s;`60cSQHNr8sp((LkA(VP0lT1_el(3qrdPKCWd`y+tom
zNp9A_qnJ$!()?sI+zU^rJLg6KU{E|;nzdk#^UY1AzK?MKS!(}jmH+a?rIg})XG%j;
z=}}1^wbd=mJy?qkb7=>Q$AfR{Pt)#|B`<iqX2{l%gyB+*v!)akxXqk;B-0awIiR>l
z24n5a&zgh8Y-@{M!|o2{s8vB(V1_{}x3Jr{9a_6-^-lj9x80$RI#zl8w7j^G-Sa{a
zX1j4UZ=!*s{jt+B^{<u|AP1yJ=YxJ6ckI*_>^=^vV=woM%sOLgQh{sJo$GJe5Zeu{
zM+{2uFZLIh_lJE0p?<~b2A}6w4t+){WzrG*^;^>|ic0Fo&?>zVZ}zng8GhUeYik`d
zrN!PvVfq;sJ+F(7xJMIRcaa4e^;`;CS@p%lx#nBNUaN&~_wgqaju6Z`eyiqCN?XTR
zyzMKOpEgV}*4@CK+9vyDYkEH>q*uvLXqr#o|MtOS$5!<NA1$v#z*)^{m1cS6V|OLg
z#4e<2J=A;u@Oj#r|K%k3m-u9Zy<BL!gBH2mDVG0=wj3>+=u{&mK1VmJ*}op3-ImsB
zDeLQf#ka#hU)aG>)t4bODJkiM%hgNkFttmK6ZUXi$$aJ9U`hg+`Z8LeJoB|Xm)Z2D
z{zcjgBrRLXXC*xroB4uuBOjQIcH|<0x6t|8l6J3PU*)oIQ<`Y$PYH~FK6T0<E`1ue
z5O<B#^YPcz1Ufxk_i0?GzYc|4oPLsBo0+U4ekN?HWNLgB$~%6M)d*JqkyWL-(N!)&
zbEI(H_+3aH)~x1W<WkboU`4JHy-sD8Y}e6$&RjqHu02a6AMy`x&X99oA-N3cz^{?m
zUPbC$hf+2%Jm#%fuB=_3Ckr><F8;QU@?kR{iXz7H6k=p1$CxBUa3e}9tE^>2V83j`
zf4%TG_Sb6hjp88AwUbIpKML*RX;avgkRDqR5b%(?8j&fQS<u02+s>UPo>hGdtwrW3
zqaF*>(b3<=m?T3;{E5dWg1^bI4CX~EI-FjWXO18X%Iw`js=hAdpVvGaQ|)da)!qv(
z9LKvDL^wJ3=BQ+8|Ft;(*AXFo$HBAn?>u+^>4TrmV=8X6-?8YbtDS<4$%K>Ewz`|i
zgc4M@5op{qc*Xj~u-wZsHr6Dr7dH=S5Vi60K5rvd1yl$SjC<|_dUIp&1KQ1ouwO17
zaD);i)dPQkDG>aZ11Y?OU>h(|to=<W^ZxJ%U-(oPXw7A#dV~&VF7u;<n`8mIwAM-;
zvReRnvQ_32;udbMDVKiJu8Rg!meV#<t9bZXnVU|{#u*lJBF9PF^0-Yh+gev6*Z%cl
zHF-PxuX}~460Nz>!{1FRUhEQ^s-Jaktc$vMEqgxL^-jv86`GO97)FcCpBS+eJbhxO
za*^_Ymy)h6Uc{zCB1ai!ispjT)6)$cUw0?)!u8w2IuEMp?|Oq|xRJ`mB(vj0t+v+I
z_s2GeMx<KyAJK}`i&6lQYde3#y5P&Sdnzb;%d_x2EC~)jDuUNeW}oM|!jf-r3#seE
zMz$Ap2V}KhxVONgtUK?!@J9T`QBQA+(d6?w2~qi~4C**>Z;{l6I$#cafTQ1hx4I{9
z7(a8gC48f3nW?sXa5v(yg{kkh(rUj9n?{<cH13{&ViNa{@#W}{tyx*T2HciV%ZZB4
z40k}G{_vL74hLO~nH8u3c;B6B8}uj?iwNi?Oo9K*b;0wCAAUJHA}r!~y3Wh1?jk)}
z+qCX<TXI3DApo0@cBJ0>@*41~z|pz5Q1cO8z_Haitc?v>R&R*|;pfL`B?rbsm*zW0
zhvq{d1oLnWM}`TddUCKb)B&}cS}o57rEx4OfK<cXZEyj|>!;SMcVtcgaAOXH9F9P`
ze3Unj_UZw5>`I7A=m~hzvWwG2;eEiqY1rBpPiv1{{6$N9tXp-=It(<$21(msByL_Y
zN_2?wINhp4C1qx09Gjb4pf&Sr0IO~lpv@%RUKuUPtn22}re#DR5wvLQkCx}r{Q0rx
z-jK?<t6A0lknEB}&$1@gnTuvuj&j<?7iGKtMdi62A>~@N%U=E~R>CI4_|wy-!R`Z$
z<P+Vd*IoOJP{?Dw!lA>QWF?*~*wE=dOD>m3mQoE0$4jbdAeiGUBKPLTL4mCXe(urY
z&D^7%lc-)t{5o0p_yuLVLzJ@F7`HO2TvYj6;lA?Lb*G8RVf7=)ZupAqRBa7wxpa$3
zGUG+fh}9hBuaC0+0V4UxC8ac3bB}<bEV<l@Qm^Q8YF@6<W)^bOf-}$f$&<BP`}@h<
z<H?e>h2IDFeEXqTZUuZ<$>4G-Prs*NGKFa`yEH}5D%K#6MW{ryq;PXDLP4g@Jjv$`
z&VyRO^!<=RfN5{`L&dPv+i>+B@rcsVYDv$jV(;54H;S=vNe*Ye{YW+i%z#PUQg5;4
zBp+I|jiwT>Iua`?dEjt30r`Ms&7N}I$rF6R@0UYNlZ!*R1dDu1Wd-*l1OcfBb>7q+
zc>8=qi70Cl;gIVE^8&j31s$f)li2_^pw~$>1QhV6N%x&Dp_CIa0?|oXt01{*M|2X9
zab3G<fy2jpD2W6lU&%JaJ#~j6Mk`Z>!fYTTs0X367fvS&2iDf1<K1PwxG~;G?_nr*
zt0@7m8`>`O#0r}N$WMAq%6Ur#RX%W>*&KSg0zTk@crs9?pz8vZ%TSMFdtuh^AmudV
zo&^YD4c@cILg<vK+=CAmd5t0Pv{;Vj%VEc%p0(%OC+jA}8<pMgiIaqMnPk2B3%juN
zE**0-e4ZBbBgR~g8Iy76Wi9ymdt6wf;IKv|BQZ<9jYoi4X}p>yFOwG%JF3Vv5yn4b
zJ`UCYTd8*AijLLL6uxS^o6g7>T#NZ=bQsp3IIP;fslz;<juCa-rvl$for>zsPggph
zmWF@pL|IH02{NA_eu4FS1+(;eD%|<i!RZp@=vJ#kO8MiXcE{}`mBqz`^!<^DK{PI9
z>}E83*>R&aZLLYCyDXJ6x$J9XU4{9y*JY(6tSpW6*hKiS!x8M=9Il+m!Qbmav+{UA
zGDO*`QRi8Mc8^^(BUZfO52<VS1THIokliuBTKS!TauvvOinz>>owPCu#yAtK8t_h|
zt05p)^QytL*M&!&4(R$dU`D#0({VakYNDVM?Gq229N{KsY6er?K!>9YQ#Y_%>@ItY
zFEoO7vQa)#zNG4{E-jXqCr?pu^gR+Q7rLNWs=Nk91`0J)v{D{iw_4oc-U|fq3_>Rd
zU?A^^S_p262b0GtlpUQ50Ecu0SMI7QFPBOGUv|fal?g5jv1pBe<g;g+4a+lsAESjr
zAlZh7@}bH*yS({0v-~2ozDA>6^Ue@su~H(Cx);8?K{l41X_*YI1pfRCM@BvM*gl-=
zxrt(0?KBbP+nJO`$|Z3<aY55oY$aFrm_2*eI7$Didsr_|D^(I`ksVd!SVMz9=6NQc
z*;zQ)BcVPP78zA*nm8()tCdnNk6f^N4rj6QGFdQep4y)rS;NpRZ$T&&zz3fX<ZU-;
z<<0sUsaCFB^h{~hkG@RAr}R<=u7<}1KE5fp{^G$_Cl8xhmoFu<2q0o;8hh+5Un++a
zAuO+{P^!8aF|#gXP4GS}ulj_)x};__&uD&qa{60I<w0=LPU7f1Q1T>jIt}f2q}d(^
z(#NrvtT-6jPdbKY9d5@j!H1Rm&gv-!Kpg63_+%dcRyYKQKIP3%zpPP<%xaq`IMpnC
zQquAduH&Cd-c&HuQW)O2-l3wX{MC<eT1NQ7<sgopg)xZcgqiFKsb;~7(LhXHi>%gr
z=<w?x4F2XxD=qm*-cyD0@~+8XR99uayhjwSC*5{75h-a)>qqK2U{VVLj<s}4H#?NX
zJLb`3wfj`D23=t{q#o`9i}Z6*)u`0*Z%Kk~&A?wDuKX%C^@*Qhu1cMu_hSTAhJMFR
zQlN%UyZ$#JAjcBjjGXyP^x1w_b>7Vg{ba6|Oasp-i_Q~sFMACsGF#k%Yx>2oynEG#
zu}zg7@Le}ZCgzutRXw;YE!&-vSOa*^gezwVm6fvXw9&wdD@|Io2s?%yVwqMWrV)zm
zIn0cC-o|&2-_iW|{@XZaJ;a&ifc&w-BqQB9QH<fVaFVl(qSRrw%HRI@=g|h5yB9sV
zE636o)0ZEWB{IDvUV_0o-F94F9(Dbl!#ve8+mdS;P>DC~25<65D4lsqC8-l@o@Z-w
zQo7MHw)Dg`35~yykrTndBKql<lp9#@uX4EtPEEK5-E}u!mzd_Jl2cYA*>FF2F|pM=
zJu9mR58`Yw*Cx&q<QIxPl)r3-6sj^a2~jocy9laOKarQQ!1Z=N)1sP@h_1Hpt7^V$
z*7=y-e55eKru`{IUq3m_L~>L=TzVG7J6$VwE+2Uv@F-}$O$Z&{Ie;%ZHgU;7J!>VI
zIpx`#uyy}7JVOfj^LMP{RN>A|#41v1RhU}XPfM)!qp{*Q5UBjYGmbkIn13xp;~qN=
zjK<Wuckh>Xa&&wJwxT%1Uxs{hmvo%J`4$1$W@eEm_n2{-B7U*z9scq%+{yc#G7m?K
zNAa)N`${9(EoiPuHwZE1!r<z?jxV5ww$Or9l`*M@iBtmJJhzAzNBUT}eXnmYE8KPR
zSsy{$dzWtmXXwuPJub!a;{_F&_*=wmHMfX2JR^#&ysCFnmx|9?vrav?WpkAr1gFA$
z*AoN8^GJosZPlgf)>7%U3v=QZb9R^`bEbWB!WnB=+;(H>R|I9HPKGD5wZ(Rn1;6)Z
zsz@p~Sup%!8sX4Clz?2H9{nDuz0Xs)p<Z<S=Hpgp=0VR(EIw3wvg{GFkk`SObIOX5
z?sRHVQ-57>`tdoDu~}Z5KW>P>giu9gQ9zX@)3r_h`i;jzBtCf{zChsnhu{g@UeT*f
zKp#NKzgDUc>cQ{4In#>3&fqs{M$(+v*T2Cq;qobIA-9uS1sz~=IsrtA{8%=2<!U=;
zKoXg-->`qpbR8Tv8A==@m6V^0svtgOm>EM-F@@W<Y3L__d7LOk0F_tLPwO;pQC`{!
z)J#4iYo|LZSPP~^%~J;C+6bTZ;R2m@e*<RSv5Q=tGsd!@WulC7!&jYJJ}5Ht!UpE5
z)G9+r4mf#Qw;N7bR;|fvEZg!i>GRBW+T8DzbR*MP3OlNp3zlpNv`pQ4&=IZI<%xYt
zm_WBF3FU5ZY*sYX(dUy*781nc{hrBgPFB?urEa+*N+%wYdqFTsEBhfP*X;Cgu`V+|
zLc{c=ay&cXSWj_+lXii^Ns>tVP^dlG^S-~bDlH<v$~Hm?E1@dM{b}cbM}Ew1F6XBX
zaWk<E(v84&E4rtO2A3`h$3IraZ`b^EE&Q=at}%){)>N{JF;Fs*l4c{!2nrdX9Oqlg
z7~wF2h`l6=#~b5>lG*AjQCT2UG_^F69<J^1?0tJ#*1bM%QOjd8=Vz9vV)xpmsgq}A
z>J=B=NhOB&Y|fm0qib54?7{gB=24E44Y%)YBi3tCf-?42Qa3A#v@lBqL>rmI;p{AW
zc_VqK@8&K({(;jSs<oA(#z_MA2_r2(+2Ky&6Eb&G81XoH?k8PWMix|(iw=NfkWTod
zc}-kFh`^qC;Fxt{T=>9Z6dzux9~Hm%W}Gi#R#SbfbkUkeD1x~{M*Ptn^_(pCFgdqR
z1EyEB=62@#953Er8aM=U<-SBMBFsIP;E!P)+y<|=ss%sIp5*9Skwwhb)_k(<k06p`
zUFl<C%v5&R(d@XuzVn0!5ux05p~KyGL#beRSLLqy*P~x<GdP_^mu%i-h!NO2K7V6Y
zB6`v^xuKcFSvFUvl{Z{JVpyq1HWZpET+5I|aiN<Q1+z+R&$;&GZb!L({%!W9&0`W6
zC_`3`<)fSCy>A)@_4rabtt>i)G*z__Z9d)~8k`?h?xJEFxW+t8qDgyGjkC35+g_|w
z_K9zb4fr`~(=Q*s1}&{YCiILnoDM3Rnmw`T7)pq8b1$|ad_<e(1eO|qpko!lYAgZ2
zz8Eg4f#qW2)Z`=_gwc7@&QKOIAHUF*x55`k8Sv|&<3iuND#B(lYCLnF-SSj$YbavN
zWu$aL=|lZ;{gENXKxsaU$Nm=-3&Bzs-0Naor8zEOouFnxohn{&(ah%M^G<%1<d}zN
z<9yLJ;;3uPy=h*22O35wOC|3pLfz9jKnXtp9^bM-4?7Djo$`sPiLhTk3r=a|B|%4M
zK5!|UJ~FjF2}G&NMlKj5KgTM~u|tb@Ex%d1bue|zm2Bu(e4nB=*oC^jA~k3Ce$2n9
zalQG*eEOw1LU8juE(^9wh$e>1|GH=Cds8meq;}h+IHmhSLsHM)aaWWC7uSEL^vYU!
zRvFcB*UY4z<IIyp>&4x5d3cl(Dq;65L}!S%U?FfLlUs;h%T7y}TlS3|$jblp^E1l7
z-&@2DJ0d!|$0a4YJ>+(Og^j^@ZmRSsn-;h1@fJ!P)?ZdCk%#mO7iSqC@m)aG8mEyY
zLU&H+bD7Nsi&+P4A-?wc<q7^8^1s|~(JvTFdbhW?M`7>cEtR?F)qTaYP&-hb95&Mt
z>Rnpfc)0srwRBiMNV~Qc%gtepLULCPRx6gX=)pDrcIBYfgbbtGrh9LnzQ%Pwkge8M
zU;znlxs5`+FcQMs8;!_+RKZ#-!=>dX<4|Fd_lwT!&4&QA<K>t<*KPLAO=ru~Gj^Be
z?@?p=RThh*J?p_`B;#o>Pd4QH1@Sb``gsmMXuWRS-MCu@w)#kt$mU?C1i2w%`|>fv
z9_U&m+d1d>Bf8Qgk)C|Pw|3Pv?Y-&I{=-wQ!c)$}m%PmGU4~Su4lD8P*ktu&ocPi;
zm41;8D2|@W4#=O$B>djg@arBC(YU6lsQC1ynwr|&mCqJWgOZL9$13*r>Y%UNPPISN
z`_Fz3S`QMMB(<~`tBcunoH$;goK4)&w%p|#_3=P-k)GV(XCp~;YBHC9Ti|t<lcP3i
zTMX8*2OFDuPA060s*WRM%0YP59{cJHCro@wu8Tc=?#{RTg=ErD!^+%mJ~*(9bi4%S
zggXEE+3BB7j*(7jx?HpR&8Mj9s{|pxr}A*~Wv2jG6t5+;^c}7H@mcOxt6Ovnu8zRn
zzyl4PW#OLLqEjDKi>u^1nPAmE%&Jdq!Q;`EFV8`nhhc2gNh*W))Wn`T>Wq+5o1(nh
zQO3-ocBs6{d85JRYaBQH*mJ`B7d`v$vqR7=dIkoQ%KZ2eir~BU#+t|GD8u)LC#GG)
z5>s{T%G$;ys-*`nq{q76xI~B4C=0SVGR6~4%bfAl#vhwV#q6s|C7g>Xm3L0&LJ%IG
zB$VWw+JwI3aJ)O=HW_EuR3jFs-76D@x(KQm*IrsI75mlc@?S0F?S3n3rL1!Pa?O)t
z80i<1DW0UW(^Pj8qmmU-=(+>jJxU3flSBlGlf^a^5!p=`uzNSoGp^cJkSXx&`|+Xk
zY}Fp~x4bB#8O?<R_^)mm|1*O_*&t0#O)n?zMvmHVzJe8vLZ=rN6@+rzlLToPbI&{c
zwny;`nwGfP+Wm6u<M@c$D<@3wVs0q?)0aOvCG&Y-(%Xf<NGYG52xw^)Jt4yUHb6N|
zapC$cD`(5GW2{UtS=N>Fe1H0~-dJb$ntDigsa^N0ZiC;f<3FDE=r1`nwNX$q>@M%?
z-dlYICq74mQ-;Iyqg(h*#69O6hEcL+`_KjbrV!fNn_gsYB2tO$1~Sk&g!IjsiFxur
zHiZ=gl&OJ{E~OVyU!jb!vaodY&^|HMOkg(*a9$2@i?0dF$mdCOH=Wozrkt(L+z)Ew
zq~&sOh)%xj{g}^b@lAsg@lRUgKXYMQE=7sc)nvo;tUSoz7#8OzZKWMq8-H%0c{E{T
zv*mRV+~et7=0axjRo#GCxVa>GlEmv?iBjOvOw^2s+L+86yC}QiUr+xZE44^1P6XVs
zNgR)ldFs@#4ml+qZ+Wq1rR`rrIZb`sQ{sGGM?XN-;G@MSr*hwg3OpStSN>*CTfM-O
z-K3aV)oQ!d(TN+@-Rl2&>Yskss^b0W(<gdHCML5z`@V5)VXmap!)|wnm^oJ^_U1+<
z(P^<oExs$A{Ex2es<SSjik$7))`+!UAi9dr{M)x<l%Wh6J*W3;6OV1&A8j>(G0U{|
z?eAf|{y<7YH6*?TTVeO>@vr+Gi4*($jv@cvZGN#AJ(7QO&wKo@UVejSC!6Cr4J9n@
zOs-;6-xAg5U<aQxSf^)T4azo9&=VgG@g1mum_09Not*pI;etXCvCmQ%HA?=A%ijM?
zN5DT>23)ztL&mlF20o%RwU$=R_|~aE@HxB9G3MK97bkl|*v-W((J3|Q)6c(n#(z!2
z&}4`O!BYA%inYj!nXf18C|eiCS958Rb}{QuYeFzpuc5d0L-FgprPML1Ei&{om801B
z2x;Zt&crN{moHzI0?BUW5x2h*iFUzTTeY>v#4`!sCrbaYGW6cUWMpI<gZARKzxVcY
z!X!hDe83c-<L_&LXaBB4L@=&JL`0N&q&RseUDgZtb|blzEKQGz(Jj{f{7*BSLM)}a
zx_a$$%}gM<{nOoLsE&k9aS|3|J#TBJ@yp+RQX;t&YV6XZ+ckG&Y+jluy;)0HO)J1D
z4Y;&OwfO0eZTnZRrMGtIJNyy$D|=e0)Glhn5Q3SBIr2ZYQQwa?%0w+(Hyxb$Qe0lk
z*qZ@Ka<gb(>;CDy`DcAlmrJRrsPMR4Be{R)o*4^53>Vra&CpwTX_0&}>5tD#FQ=_N
zRqL(YD}J3%01;)s_TCd&c^St#-=<sb_wP%zl!ad9)+m?OxP~E0-sNZfIjMW=x{w63
z1Ur)7&I1fAzG4v@Aw|zGH28tOZmd!GN=0~B%=Ns@m4<)nn>5_-Vkx9wyRK07_p!jd
zl5m}a=Z`RoU4J)_-avu~=)nSW0e0m$JT2>|d4)4$qY^sA#xF6tS-RQ(IGD6jfG6{a
za0$x}^bJ2Ed#^_UqX#A+_)uB$w;OOu8)SZd{s{Pjvljb{`ogLnRo>4}5%GW|C?sh7
zsf}<%Q;Lf@{Bw@2@;ft|JL!{2j06y3rw{dB3n_IV?B%?*wcJ{^P}3Azk_e|>l2gUC
zzBCD^B@hgab#ufO1@rx9i2U!4^d`AU&&nFyPckACVCnN_qP5{_b5}v)<fm~5y+nmK
zcG+oHT}r5pLYc!i%cyY<3m;1em?G7F^;xNOu)qZ0&P5O2E-|No^ke2|k6k5iLu_k2
z8`eLKBl^F*t8eW32$*iB`s!O~jEUCUWl{7_rvLV!C6bG4zuZqF40gez`dYK5mCNFA
zJ|BL1DU5E4?)!i0P+wX(W#y<kZ|y>f>jDBV{9oX7P41T#Us}Ar82qOx^Oy*<T=#~E
zRr30o-e8IcZr>EN?9>18Pg_y!uAG}eSMCwu?mje*b~#k9yR?Y282HCGCC<vr>)Z&O
zy6!osd)X=0w_p#~Ie&0tPV=`D%{!P)PF|iMog(!P6HBSf^))A>>iw>YU^y++hz#V(
z$qoE&V$fDZ8TFvl-D{APRR+xm9$7%xD4+!B82^2y{a<rS&KRP<>-b)TZIk*Pxi<0A
zWL0ml_nL_)M)xhrFAy|~Qw@MXcD?36RZyEt@1q!riE}!M_AG#dKLDto4#fWnN@xIL
zI%L4n6nC@it5Ak)@;wmNqXa_j*cO1JSbS&?xXuGXA)qE;eH+i3AAg-1RcIXG3M~x*
zU~?0wD-=pHH_{2})lzuTb_!pd+I+nw@u(Dgk?Ge@{SZP!muTP5K#|IYzL|S6pU?`$
z9g0h2<vW<`dGAG!+<(VbtVgy{w&r*Me3$7ds|o8{z-%6v4A@W`0HHO3oK9juX*mE!
zjJpVA=}NqO*_U8h+lR8M`1Y<LoEG?!4Xc4k)Mm<Mv1z-5jZzR~rtU(oZ5N#bS~O-w
z$F6C@V=y85<S0y%^#kB>h1Z0g_%;ALPsYDm_#}?odZs?E#OTDmlfC6Dpi{_X1-729
z!pAL3x~y`sxyFH637MxOneYYhug>PBed5cRKxxfx(*K!f>nq{FA{SCMjVpHp{_Epo
zD-*^n9|dh1Y2~fU_#unU)0E*xgHsMh+RN&(P{O6rG9y0jF>^l(dkK(N6$G48LQvpL
zJKRaWNPv6>0ga-X0Hr{q%p<lPEaQ0wDw;N8?e+S8b1fkuAbp7)D}_{5*PA5w$-2<W
zIQ^YZ0W5G;KnAhyu^?xvx3{+|Ko-^9o6C6bbuNyFZ?I0s;SQQB=&`7m$iQkW5cV09
zz~gMv8?*yL1Mi_R;xP*`F)<JTM!f~7rwl37w=aGzAZC&<O+3gSaN}RS&UcbQ3K(0z
zfX^&u1k3*#s{f3J?<JQGYWbza*+SE4?8Js=`<>_Fi;h-JC&yHEJMQ~6%X_F;&DFry
z*3}=7g;5QIY(dg^^Wx`uAbvL6?Hed%!t3Bw^_4*KtGpyjWU)CKKcTvG3K;Ut>*EtC
zqz%O&L{b>bZ*&T@3n@tY#D{!ftKNK^hgiwMUI1E#09>}}he&|&L`=F4NOOzzBni$r
z)tzX$(onUy0vUvsCdeBU9d5M$*f~H4^6d=9uI#0TZk<HeozlF!euqQSsr3}23Vc+(
z^ho6#uCxQni$jUAtFaXYz<!?KfK=P+@jB;Ba^G%K1wg!BsxQe4j17>tP{(dF`<3XB
zTH{f9FV`crUQi*^rI4anBKrWy5bl{L^WonU;K`7RB>=^BP0{(#qBZpT^d;xKiwWWG
zOO7#?#mlc_8sSTL$M482--7{8tG1K$hJC!zt2ae-3wYt1K$gQD5X)$<?$m%qDut@s
zA2YK7mgr0iJ53O}772;K+%khR4EsbTyRKwMh)IW1POtKK?)FKT=nRJ2%`C)Q$>3u?
z^pcST<GRw}5H#t)69|B<W#XhrIMrsssIut<Ht%I}nvssJ<KepV$Y88Rp-IyLR>Z@_
z)6?<ka}tk}eQ8vY5G{bLMIXMe`So(@?M_UUA)inXnVYMPVy;zTo^rF+DoLDb!{j05
zp<}**doxtiwvA>Ee6Ap!^X+Jc`a_Ve*n&-$5bC38{tb8=--C2*daU|u`$ZEVx-}ju
z1j;b-9L~IbD?+Unf|lL1Ya1+pd6NV|m^9>gU2B{KdojbaLy&Ipm8E<l3~4Z--n>BL
z{30dnKyAhrp!|JxUKd2ppM%w2O@bx!kqh%Tb4q=V4KQXJV)E_3blygQpa&;+5M^r;
zZ`Z}8f^%izN@<D5uzR|6-PxLz!b2xtV&!KI@;;0Dp<%>Q_gkMmjGoy83s@q;cgnn^
zOI|MijL<%#kYyFP{rgluG4=)%VmyaT+NTHM@6pCcKSXEI1?A-L4<LY3&H_#FZ-G>c
zCQ!{Sx|#31iOut)Pb_(PoJBjcYU~^wWJF)lq67r;0}6h)Xkpx%JR2f~wpB`HOy9c>
zj8Bugqf>m03y>_$JLI<1o63+P>BiFnBGX0(4Vyn_RBe<Y)pHRH_Gdv@-d^2i9K|KN
z9(#{#e|_+y!pGuM9PWyp&Jy)&PVa$R4QHuoxm)O9bYn@*VO|p_h^Su4$(?PuN|}du
zH*839-!Ph0OWu%SZa$ctm%}1LN`=D?TQQ9Nxk@?aIXx!doyF+R)^|7!P!8`=8A~<8
zScCpY9QsZ`??Ci<9OPUpOkRs1IHl>W9#Yoe;{OtM3^FBHz@8Wm$tv|`R`ziNE1*hy
zH_bD*8SkqL%CPPO{U=6RoP?KX_+#H30(LE$d>CvLL_ET4r33QKtZH9Z&43j>gatnG
zfR~^;{pPb8P`z4yJO&Cj$cP%Llo-Bb5FpK<7rm-m>{UeP+-3{hq?+yBXl{nNYPFal
zM#kyujj|6SLa`l~dkmOv*wzGci!t(rBZl!7@^J1&94#`tr0;h3<$6X2K%j<8`*k|b
zxW`DY(eDC^p~Uy-sZQb^*C*`Y%XV`k92Tm7a~TQUfKafek@ns{Lk7IUwMy6k0fLcO
zJXd*0nS%&pc<l_^H3h+9te{M%R)LAv_V8>V`8=YTtqXC3R<*4MIPXb8%Dd=_ObqiR
z^Uc<K%Ougdv|3lV6_<ok49i;`U{4-KtUF*o7{GdTr$RpgS{|DH{AP$Qjl~!kYziby
z4Rs4dKHh4tq+UUa%ZPpQF^#de<sa&Hj-Vw^u3K?hn1q2n2uIqJ*f57z(xhLBIOI$S
zPv%v_&fLJT&2YJK_9TO`g_Eo*YQ8NiLmDJdXz#74IdU{yOx3t$nlG)yx*XEFQF%L}
z-Qf(>y!>p~8R0NZWo2b8JD+(XgemRi6YjbrX&iUE;PaE|3p~W=Z@`|=9tcG-IP}^N
zH24`<d8~bgBwd!~-_+j@i)^bXB7(Tvf0KmL4_sS%d3!FBib>dhNAgX?)(h;IdBY8k
z1xB?j`wvnNIk{)rN+%kR?dc|B9xu#i#9OM@cr`Di2Y0ay23(&90-Og}Ti15O65Z#5
zxS>wrLFyrw9*C|?G#YUPlst~Iw8PQ6$0@`XTdq%JbVv4e%%^{60W{vQ$OQ)awPfbu
zyqlK{^7Nat*Rl*iQRQXw^eU6FXQ7GtmDuK-_c+yh^l1r4(qRd>L_(bRI7BV)vCbU4
zrE=}sDNjSFTK(#T>D@>?bI;kYb7?+wH{NaQHm`AVqaYtVPa7jxaPdw07DPWJEHyT$
zvi&gMo=mDf%0?19?4zJ7h@Q^4H1fSIT*2upP%yfVVK=BC4h)V!x#0&gyz>!Y^CFdh
z6S%6)@fICzL-b5fYNVN@Sd~E^5$5td^~BJ}!M;gS7hc;abVmhx;HRst-1;=b?6ps7
zpsyr%?<yymU*th)rlA~Eqpq?5z1!V&IsjYOGw&}TJVV%kfYU>!1Ed-$SSRkw8T0#^
z>%8!=_;g~f*%oDZ`Wms)oX85}H&wIm6MIY9{E*gKk}BHV6f!H&R|>*3GTDRg=)~sd
z-bo{+_GttaY0c2P_EwAVIlGL&*4JH;%ahz1|NFZ2?~7Bb5k}Z5-*<p5th^VM_-dCt
zNj5DN&t=9MzhU+YXBSngYrV=MO-L2m!Bc5JfX;l#j69+inF(io<I>}fD59~JOl8tU
z7-jSdKExP=l~3_uwIWsZf~c&;?>{>P`p&OW8kVumk7;6B56glW?5}nm=J-)Ks*W9i
z#W4ZW6Tn>j45z-h?zkNUq*9!ICxN)D-6uN?eS-G^oVEoFwh0cYjnN?|nPS(flfX%x
z;dVmMcpQwMt{~7OfXUky5{gN30QQDQ${Pvh(GE@{ulynstGAlTGWERqC!duF7e}Ma
z2s?U**!2boRx<*Oi!1I#?;kBDClBP5jUEeB)Z=4~QwQ@rFh~fGm3+rLicm9T)qBdB
z&*81**}C4v5#x7*j3hT7VOn^7Qm>@;cN;mWE>HKT97}$totjU3LmQP_PG23^E{NXe
zSn)0r2iLDNB@yNB6$p2fSgW5XNCFjEA|#KckJZObzc8$59PGJS7J2H38X7tA%|gRh
zf{2qYgll)AELBX=OYCZ{vfd^RQ7EKnHJ)k#=r0xE1`6d$<J;!KC_Y}Y3#dl0@VnCN
zqDe_36xTweMYy+QbiKY}x#FuTeS-lpdng_Yh9=~D#JjP-uj&mI3oO92)VIkkO|@L!
zc(2E|X)aFCh9_DU@YXT^`oL<h=#59YgmqqQg#VtqZkZ?6m|{=A&Ciu>z-oxcdSw1c
zE)oiR;&!ENtTa`LzY6r)z+pAGWjL>h^L4OVqFgKLqKJ)q>|#2#yXhe70wW?B#{?I3
z<ESW$bPa`HLSQKtn9pWSUB|S>2Vu|M?(i-Z=7?-~N~^c{@@HIX8IvD@=<l(@M_${2
z$P;C!`&uI`a0eJmJ+GM4<ZloS9I-d|G;tsFR;g}8>LoV8KhO!+mdFJMt!0V5(d#UN
z6TvUdoows<`VfGA-YhKub@BL{B@b<71e4o4+oSqx=9DJxa=&<^*TMdqh5E-Opm!9j
zy`uw{u6I1mZ2C4pV7on~aN%d<8o@=s9%esgu6H*pxJJwKcx&S=AS74G0=i4|jfC^D
zhCPEBT9ALh(ceIXv5BOHyGAi6*uVF#!V0h+%&@bBUN+(U^*Vt@Zq%hxfK#fYtL|l9
z@un-wmGAGyRNm;dv4hms-y*{)^|BBH0|Vb72RlbyG`!)4GP_E;sp`0S*?8~Q_rf1<
zsfot9eD5r2r7YHu=+7jv;4NGkSAL_{TJ)PE!@nM<{sI%UZdw*2tbE%m9A{BW%s?&S
ze94gg)p5D+K$gs4n9$@x03ouD+dtq1|I1vI<;qfD8Y*e|50E(?T_HHia#wW|6BEBI
zeEA6SH}zEtBJOHe*Aj2dqBBe$$15&Id&%KC`)cLi>3+3W{i_@IiDE#Fv;O}6##IC_
zKmC`htGC}C=ZAXimc6}Z-O1zloALXvzKYQT)u3ia=}3_gFW=%b<y~>`K{|KxHHgAL
z{CXav`>Ts&iO743=Hz-v8Oh|Q(P#N1a0oe5aO@uj9tM^v=~92X<Ts<;{@q(|@j~)x
zw9HhjO{cC|2l6QY@o}>>Qu6Zh>@Z#3y2?b9F4<flXcEFnA>`D-k$-&S6%qh*t&@9e
zUxR9H*Q-`6zIHI<$<)H)fs#}I30}h)Wb0*UUh1M5G2gsjN$HU+0l611z;|2u_wPzo
zfCXrvv_}PIBaM+{h?)1QuNwNcj=mqLJ9k)G%3zYL^FHK({_#^AtEPZhaXT#6`=dsY
z0e7Qpuzx!$&_jbt7OQoMrF#IO#`4GC74hc7yuORXnA88`uToKB`TP5KE_JnB)=T{T
zYzMD;BhVB8_}9L3_WzfEjsCxBum2DK_X;L?S~&)l(XWxQf3GM<w7MzW)4}iee!mW*
z*NT-}g{TEr>xA^*FGk?i?`a|c!injN50Pl*`?bdI-_PKHCVg%%!M-%N{eDh?S4FgO
zfM|qlsjGupFa6IA%!h6WyxVmDhlXGT4WSbfxc7TK$&ZG(nU$3V+JetKA@9#^kuG9m
zQ{+8WEx@7t;>V)&yDwQ!0EsmrVnqR!`7Js3<CAa8gJJ(w#7g_#9i~5b${@9zW{-f;
zpSuI+d+Hld`%Qpe`T6f272Og<S(0GA>CBHuHQFG4i{7K#DKrEE0!Y|<<3q0gpN0im
z9z?bT!);l{Au6s1=bYQg?%U6SOl5Gi^8+DWGq_8rZ*Vx|uLj0&7`#BEC8ERFNAf&V
zz(XNzefr<Xpgkr=Z50}TVz*o9M1$d3|6j+I#)=piq<c?AA<sc3$!l=V3HCZe>6i?l
z(UCmhqY>?8E<Xi8R4_QGGD<%<EC#4qOM&NJ?u6KE>3~cC0B3om$Bom1X1lnj6AV1p
z{Xo_eBNAW&RIbU9z&XL9toq9LQKE}kUXl1J5O8jRw7t(_AQG-(g-;)~sct8TocF6w
zN!P=52f%?1$n9(aS&rmrBn*uw+5lTokL{0QZbbm2XhLJ92~KG23mq$#{SA#f0>tny
zkl&iH>jEH{WzGTT9#^2lcZ<J&w(eAyd#+_xk_auNhE$=^Y&7C!0~#!Idd?`xg%*a!
zj+(fJH3#ZR)IFhIq~PpKfxfCuSbw>(<tKc4A8jgmd&nZYM)IEnh59q9gE0euYzBc)
zN+li2@?KVTb52c#Nl>VX1zvLu9gI53DY)1D-zQJ+eNuWB7Ovj$e!p+v=JElw5SJxl
zIiqy>Xd#|WD-`(G-VRm833<2*fXZM+;D?zeXha;RmEdXo!&i^@Y%8tax9=!u9D$s}
zIS{592uvzMz|_Rq@j&=wv}YEGYh{Ij+eHzqDT>3eT8oAJXjt9Sr-1Ha3t@X^jNk)|
ztK^~Gx3sa5pkUtER(ahS3v2ae<6uld?J=VxxPV4{a0LSDW;6q^1d8mC1DatADBhL0
zdH6|Pw7_Nc?Nw6nY#}j^OytP{2*L1PwZ@vM23<+*_3B6wngdZDd$I$SOaxoOEbv^(
zSk|4+vkiP91o*ne)D;a~mOST?zy0{}00F=QJUIhz$w0x2XSn8*(*JeR>n(<G6=(r2
zqIx%!u|S|O#%dmb>hWvp)nzLqQ75J_Xoc2)ZyLsTFbJMYY8Wb5Vqp|7fQk<J72r0h
z2TE^T=b(-T*^LqNt-BOX6YQdb$4hBN{V$lBfW<Ibh>&RNl^?}xG>|(Q3hGek#7&KO
zwGM*t#;1A3?Tj{n_sEp$8bi{wf--;`L>0LfwF5XBZ~QKS;NKx0P@~G{x^+9~$~$0`
zTWH!e5pM<PoIU^vsqIu$&u5~UE!)9klc9M8caX~4S8g@^h~*#|i$s+Q2!ul)eXs~;
zkb*KT?k1n_W>V#z6?mPQtuqF>UTk<>@H<dQU*VVs<j`}BC3JsmfzHmDCcc-`ilbJ-
zR(EQP104`#$5`a-=Aj0Kk<xF2l24}q0LQ<l%mcV4y|N)?Nqm9c8{`9R_2^Q`{TnDX
zqr^y0iB@wuR1)hf9L#UslZ(R^;o`}mBR){bB!Z!Xas)(~F9Ba3FkcA`;hPr9a(K3c
zP$v6)2f&=9JqpQE3oy^!gSUQyzzRjGVO8U>y&#S!x_eL1^>e2wTvGfph9&$-Z*6U(
zEgB@>o>{(!bGekTx8;NUc&*E``MQfUs}+nlR2Kje(E~N~q`Z2Z>3!D>7q5At(3S|k
zi~Y}uhavy9o(2(Rt&RDjuIKAjkfd09G``Jt4_Q3n9OjI-fUCJW$8EH_8yWHobhbO-
zOsgz=yhmB)6QVh_-J9P54ssh`U{mC-t3lNoJhv8J3Fbn7nV{fnmZGl&qE?SJTPU4p
zytBEfYkLMz#Q4p&U7Ki%<0_MyBPcALO-kd_kEWi;U6)dqMKzG4E{lnC;1^^qX1uLk
zw;s5;z{-#~_u%tx!Y8){oUPpf53mL5;H7IfR>-{KuRNJ`T>{X$^ugWDHWn~NELZxj
zvboxRI=|kvg9cFqS35kNWo2b1WM?pR*EOtl^t!l)rSSc1@xKB3M`k$Sy7ZT~jdTgt
zkFC4DI1G+k)lr}kao76DsT9>{v*!ZXNIMF^AE0@U%siue{*wS9eGR6u^p}av-iLx8
zizxG1ijF#T&clK^hhJ&pPl4d!<uPAB)5_ZKuE8k2;MD&*qk4BUhtA$iypxhXF5^f(
zIZPl$^DNw8&({07?%$mn?P&OaVJ9ho2=WpIE7y(_7q?cxZO~$kSbBW`AdiCDO#?7r
zcVrOnX=cPP#Rg0;&uC727VlMDTJQ^ykZd6V@69cLxp;=0vZ8f?vq1tuL8sf&BtW{U
z2Bh^f@P(ka=AP?J4WgD0tiQbNbYT5jS=pb^=(uzoBdkc|$z4&@c;hXop2MXzqHvM7
zc_LOHH!aK&TDevK1t0T0HlCfr-;Fo$Ew2<=WNZNIz;fiYq-FKZiSJHfWE2Sp0u>E0
zy0JR&I)rv5!(&6vI_`;3XV6^=Zz9MTh!T$CtpNx58Lls?up&b%IIygK0_L1i+;oXi
zkNss|2VNme6a%{C9RfQ-XmAI=VFE-OHUWnZXNUa6({G|g5O~=dnUhrI^QNw>>C**n
z6A#OJ=CVO~QCUoKTpUqrOWpq#1{h;|uU0v&m*HZF`4kA~w>zo&q=I6SHVO9q&zHX`
zLf&DDVgFqV5{;KnguLZyaqTQbLc?_*?p))uz46tpwqyVo{|iGO3rB;D4_p&}Q!vKw
zF?IzQ^Oe~q*R$<GNyp5!TN9s!G@sb8>6TAAN_O-!kqEAA%F*F#*|Idkui%l#KvD<e
z&G1~u!J6RE?_`l5pGD{Ev3ZmA%VYNBHxKa}krTrpF*)(x6$7_QUo-an4;AnfLH7eX
zIRWF|6#E<Xp{xQAyUY4$<ITfrcXkAm>mL<prpa9mzKp*%>j?n;&u%va%-aR8<y%#}
zdq5vR?EA`8)z6IkUfg`DQohc^?}+zi4>JblZk{a0y-j(DztArP+24Kq70S!18FEW;
zLFmfK_qzdm6?g(Ct0i{vt8V|b-1DVhdal)!SUe9KG=@~^Z`izS6~iZG)Qq^9b^pzm
zUFO3k!V;n+dRoa~W*rEJX1(>xp^-*0Le$Na2b+&Cy_5QyXZ=#rI`GXfiH7;d{bYV&
zjr;{O_&wD26Oq>bA}nYBxW`c@mTf|u$&{>dc9*j>-NOyWM)Lhi99-tbF}R^|3M6X!
zABhCMf5Wm23w3yLDI)%=z*_Coq3~@k+&fhQcVy~gud-dMAo%*777JfVe^S=&i*G#p
z1W#&*9lXQHvbqot6}DX6`xrNUb(mSNa^c+cL`o!*3_9`jQ}Ai<4<wQ-cK(PWy~=FA
z#cf|gw;Fg#ih%#<v-I|fKc(#Sjy=C@`wpg{Y+etTbIZ;TgIsP9`xL1aRxcEH=2}fN
z_o)6q%Dy@v%58gFa8N=;K}1Cnl<sa2K}Bh$yFp^;8d6YHBo*lv1*LO{p#-Hnh8VhG
z7`pS@bI!f@c<=8V@%wLp;eFq|-?jH%>silw)-z*!B|U50PD-~sNtKZ5-PpSGbc;XZ
zZ-p<#b^6#u-ZT&si?8W?uu`D>X#9+%GKWOGg^*ZsJzfm4Mb|Iw%y{oXzI#Cp50_7)
z>vVGGYf3i;(J5)$a5PRfx^ZDThK5;|-t}=VEQlBRs88LP&;b)i=63a?S5LrmUQx<-
z$<pJ4uP|%ziMt}_q&Xt0&5_R8DkT>hDNCkes%9!(uSV)`0tX`=!&lMOeF<f-Lq|zv
zayPmaG)TM#G|5#7wYlSn`(Aj=(&Ni;L`<)a@0~t<uC%?g!hQQPK7CZHWa&^XRZ0xn
z9~4ZoVIrqN=H$4LrSF`Gqm1y?s;Eqhr7-;#$+>~3x*_+ZG{&Y-YRN9%vz6K}Y;_`a
zUK`fur9|Eiro}P*ImnOK!8-QhHZt)Lh_UPK$h6m`W7PPy-CqWNG^=Vs!`TL}#zqEK
zu^>Xkuim?bG@$fJU?DBxbejCCiZt-_!Vg~Eu!=CR|3PPjvtH{*J4|6hZm<cx>mrJ5
z^?YAexfvH(g{zU9kk(vK1FM16E8QCC9zHN=INxTE(|R5+VaWQ6?dg{k=Vg@f1Yi>h
z)-A43>v6+`*qcLE<M;3g6-K+ySYKZ0z^yuMJp44@?vwdxzt}Sa#0onOK&aozpk;q(
z&+hcgnq|&mMl-+I>p`qTLu2Da)>dP11(o8~{xBW!Z=XyJym`~ibgJ!)UQ*mOULm<U
zBXB8qhMQmFI@8dN@sgD=EqpHrhxAI%0*`F6S%PMzXB78bajS+pnijickAI4n^)Emy
z5YFSme8e6kJ2VuL?>!Y}5!|C%Fnmttfo%`muOAj2mbSH0%}`Whjl8E&J0NWzh8rw$
zN;;Gq(WVb09BoGLA2q}Cm$w(I;GPAyvg@PTx2<ryL^xtRN9p<>H@eMy#f-~s)xrz-
zQpwVfzP&y)>yywPHLKmec#7^$3}&^O&d-tzx8#<p)9Y5rT#f3OvwhsRA|{0boM0T`
z=k&@VXU3hDuC1J6zBe$m^ue6yZcp0Gri$}9OQdLlp?4`QV5AgmIz+DiTuBu#_uLY<
zeh!+PB3~VmrdW_2(a%CI0)fJCBdn9=p1uuWtgHKUk!GAK6cb5S7G@|M*xIc){xN{+
zszM`)a;k0eBjnBDb|j1T2fJ@g4-!7F6L4%@9_HX~W0@tmC((8*;T8R}COkm}Rfjfv
z(&uUQf@X7?0Rir8BaLsfG)l%L`r5Rgt?QpwC|eiD@uNpKDz}%dH6dvwqv%&k{i}n{
zc#$_`PMhA}O7O%ceS<W9<XZ(ukn0Y}U7)lWb9pn$UUs$3n#7jW=PVVz0P!s`5z$R=
z5CNVwvgS?YkS804cNTFwHQ_b}X+(}<nM<G8y1r5%jc=}8e5m6`A?0|szF%9Uw2gEl
zv$pl-R(ma#0%++-=-mA<;mAyIhF3XP{~WXR_m$$;6k0c!-L8(=oc9?k+mhpmvN}~3
zVJ1px`t5@RALl)2@Upxx=0oc4&kh|cwc`4qN#2huGJTBNi7OloKKi~<*e1$*x=l`O
zK1#UX<X8bs&6H)-sj+Yv=pQT5vG{1$<xcO54wI9vv=WZ4I}nX_!Y+nohf-*LVeZr2
z=&wDRPmNmMF2(5_goh*8eKP|6WypIqX1LHRI`K)&+h^wdU&{`&oQ~Khb`)&o#T}?9
zyo=zY;*Q$H-?49fP#wwkX`a{ruxpwdZFj!f2|^sU&JCJp_k{D}=x1}5!Y747tjx2?
zV2?haFJ&K>h)sxg$2@I#G?KPJt?64nbecM&|0iHv+>Ct89pN)_MS!S85jZ#c48^v|
zPECwy%4QRGdD8kX1Md@(JMo@YaD4Fn0rTWs4~w?;>L(jjd~3Vp4|uTXwja;<#5jf@
zbjLeH1j*RGrnfE?Xl?>Z>Y-)uRxz90Z)fJ`hlV!uVcKKw<etq(;SL2RQ5aD^)X$`0
zD<@bY=@11>9i^0fwg&tjd!-jO=g-#}Ps~U|eRO@_2de!jZQT9QuOKocPW?>gVxB2A
zLv!u9Kul9Bf%PelE0;BL2i)Ng4)Zy^3)1Ea)ZmSBm#hVhqsvP7laC-S17{TCNn5ga
zH@ueCN|$$sZ)Zfa7+MGNm>g*Mc0*F;>jFpRa7P{6<yT6w!OpVdQ2Uljgg=ub*?pcR
zv^nTH<qc}}mSq88fMhyGM52VY+<u%{Ur6~)=MsX9q`%sX_5@Wyd;BOYHHvN3Nn~et
zjEsNUZIV7i7RsCrS_U#>^|J5D3yi;XtY~&oDtj_Bu1t9!Dow55$VXsnkC9D^)U|Z&
zcK~6Jd>;c#7|O|^72|NedK+37IXymDcR8DP?!5o<oHn8(jJQwdeE5*3U62y0NVrc*
zq`bMLdf*Uui!*h>N7=U$;=(z3PiL!r6IYZ9$PVy{K57;v$i7)Bmb`Da(Db6jn5%$=
z_)9k{FY(Ak-I~ZF*~q5A^Rg?Evbsxhwug23H-xhdN>cSTDAS?R<1sHV_MY_>=W&OA
z#&v}dr&b$3rn3)($KR~kVg{sy6sZt-@<vt_1-8KX)Bq~$*0jz7&yHSpa*Rf#!N5lF
zmb5T_0$<uis+ot7dv?~>r=8u0JGMC5w&GE(>XK;AE2_vMcgbcxCo#;}88V!;LEjPH
zZ8=kj(`@o3E*cADK&%ENuONFkM)Ovr8Wzj?1JF`TqQ<FIBQ2i>5rT;2m269VT;$dv
zd?vp%u~Bn++{(8=q(uO>Hl+cM=qe8v)5W2^GV?ZgW6|m6X|cHY){N!w=M1B@mhP@a
z*_+o9?ACi7*_r#ZW$^lqA-7!0KHq_D?=7iRacekdbH|-a-TBk`m;wddeBK=10lIGc
z;;<~GQRaI(a4Fl88M|~F(b=EyIxr~?*Z0S-gQmtFcbkw3KB^a~T&1>LJ!vW0zgC(E
z)s)YiftgciWFCYXprUHj%gFUS?2N8J^GsZyR#oaBVEJ8TNtO#2u!=wnDkaIz(kjak
z4MD(J@y+gj#;&lj?kJ|P!#(`-GL|8<#k@ylD6~SmnLFaH_<rX-owZoZSW9VAvC31#
z26<(<gh+<+IO`2<n9GJn9!?`)Y}&slF2aPEG&p8wZ7dEHz#AFWwa|eN<ufq?y!I;O
zKjA@1RCq0OtPQmmDTGh-<r5be?uWsxNTYMHLDWKe3F|g$WdHV^Qh2On^jV#|>&8Fx
zynKS`s?T3?Tc)lpgv*WxBNHUDmq81O=-?;F^G?*oz3{)L&XLV0;>}@HC#tmVnpOr#
z&RiU;BcAMZhCfx~b2QtWv#KB6`VaTjkEQx_kQ~OeG*oo06e`!4**5E}&i`-wz~<>R
zpQB?YB1XQTej3SN7WChro{9RreM@+{BC8%9@fURV56HDo1UW}a@wD9V$De}#zsJNo
z7I2-1hZeps{rBzuG~)mM-7^iG(-o}fdE`Ib^*^>R?xRWuaBbCTr^&y+>Aw+sED+yJ
z1d!O5*D6?-7k<J7|KS!ss-&Puj<W-0QD&|F*ZuzC(=$AuwKaP%XJZR=C(oHGscqnh
zYKl|s$<K_&zd8rKsaBl+U+C{opxb{2SQrCR7=AkZ#WC3ws#GC(UI(l7I{?cwoN0-M
zY0G4!itppg#tZe1hHNFf<ox5EgRs<bz7EtQW^$z@DhTM*fWR^bji$rZg5~&!d4QtH
z73?YvfMfgV1_4S&c_T_>`h$`oXjiqFjV<E;LCBnW5qS32o9);RA}Ap&*1HIh-2%BB
z%Ni`B^Ysn;M>++uBA(bLUEsuC*c<@}ES4!|x;p?^tr@d@Td(vFZXK<>?gupHZZ{Ah
zcyAiI4B1Ip0T(21z%=#;V0hdN4-YpV0c}VOLFXm;eX)fvDHDJ{qtJ~7zk-FGfJRis
z1Yn?~kEnXus0XiqhS%f?0A`qFESVF=1_<Y`B1R9{faJ?HEF^{{@D^oz17V3z&RFIk
z5T<!wC~I^+L}21g$$V<8>A(_@D7p;rQ>pU3g^b?W^HrxaGV`T3XNkpjs6Zd}*nThw
zrC~3C!`BO;GfA-oI~LU1i+^4jyHudGh4S;R;w3bAk6G;E94lDbG5?6`oeDO9-C?23
zdH`RM6S0-(gBBkbSfBa>yntQ|cnXCfsa70Bs(giQ?Ot023uAgZ&0T!HpX3;WhP^#e
zQz1+~>!585mB~xfW;Ou-{lUE5zY3bsnt6bZSiOms?vlCduWxz1@jl)kT?JYV5FZ2I
zu<kU45YXS4{w4yD(dxn5kBt}r5YQx+aF#m)nubj(c<(92c^~cCbv>s4@dxL$27)EA
zjTGLf|C+r9nq#G&qTjs1^Q^-v;7KCr*3EV1+*J;g2whK6)$xASaR8f6*>@}n50txm
z5T=8Tz2J%FUez(#rB78@-ZcPbA46%yD`#RX>)tYF_Z!#7glhp!u1PFT9tPmajVO=+
zn7{&hiGoKWJmM=iB%6RVP@HdNGfROiHuqp2bNqKJ<j>!Q5@Sn(OgCm~eR3}l7W!33
zaT+~+c;}mLzG&m+L%^q_G?oLmi(CcpSeicjwLrvjr8}0p%y{QR((oAyt59Ekpk8O2
z&V<u2dbCx{NMR4~MCpNCW6AtBfICL{MnQrbt-uIfl*B_=wDV~j<35Gvxve$Q*Mr`5
ziTO5Fz<PM%z44zS!&x;e6x(8fio&NcS{w<$8k32qP;b>J{8kJ`<UyEeO7tE_=I(Z%
zt~->_>pf%Owdg`#qSJ}&#Y6V1SSbuVo`T(jym*_+-L7`9z$gSLfq4!rYU&ZB=G!23
z4E<>h!FmY*$0tjI>x6$lNRD7x*Ke^k3&6lgK(jaXi*Y(eLA=-$(uFch{cHL9jEfFw
z@y^oA1o%J>Umw`pY%s{+u;RVzmKHp|*fO&dx*DS;pbL4&=!D4uB1m~a7w)XQv8fAY
zkT?ELJLvJXSt$?!Fo$P~uPZ(G>#)?M>SDoHrJI&>hgfTKlwaF_N7k}?Ga68}^B-6K
z=OFt(yHY4W?y*ctQ!JClB~TfE9)}CY2+=N(IEDTgz$SgGvBnc@OA~;_OW^Bc972iZ
zOJ=;&Uj`yjQMhF;!%k{VbhKaG223J9+j#*<xtdDr{gNvvWQfJBHwHm(8JL$(FaT~Z
zcdr>I<+J9?U`r$lL%a_6egI*y2o+}NizHL1-(I|3-L>9=e){Oo5MhD~e?UE?d_)Xt
z?EMY=kW>N*vuS``%Gfkk(>6$}GMQk-95A3DA|g-?H?#kVtDaVJJj9nk8>wcGdUO;2
zJL&h&@y7aQe%p}7XsJ|oziOU=LC83xF`n5pU|`E$%ZF&8nIP)s^)l=g%JDd{totF}
z2X{niLbcA$*y&yhP3<YV>s$T-o7rQP<YTS3^1-|EMviZQruB|dY|RUTLZ8fOK$jMk
zYd$j1G=O^;>4N-XYfrdCt4Sl>FDOVL-Fe1sef5hvJ)Y*h=d!ZWt*4Cnf-T`PbzZa$
z4I8x=gjw+LK#T3oInel>km`NWV<a<<DsHG_g$#9bB%Ad<;2$Gt^`*$`Ak+lNydbcG
z?&1;8!y{KU8W(6D$r^ZQl%YR!wAtufOY6aw2uL@t5~EU$C#y&VKJAYp89>g*Wb+8$
zD(r{0R$rYHCYEZaC7Rm^^on<4<!W|3mkkOUE?=zx3VtsF`v<l07ft<S_3OTUM$8Q@
zf~F>Esp1^p4y=YyR`GR}_Slvx7#?f($>EtRz9XfdD-YkX%JMCPoMBiUnpQjx&%Xf5
z0`~a%8!60ILs!`&yOe9K+|O44+eAmPhVb9z^|s01{e^LMP-00;z^9>HSyJ-Zx|k$m
zAkFuXahagz{pRB>sOlV3qy!(E-x&F1I!QGxX}GLj*^&vM36Hq5<N0>`79B{ggiCBO
zps*dO2hR*&C0%L3knnGd-m4yJFO8)O`(T|`koe$=22HDJECdErY}|x0^q}9mt%Nn6
z$F)0#i_lL4Ba?})4jMS)^AxwpIOhGpTVWGW))NHM7TIp3j$ti%$=GzO9T4&PJSJ##
z*-WF>*s|M+Tjvs~KwY}vG`55QboWW~<fvo4R#oI=pwoBMK$mK13Q|WHxR!;|((a@9
z9a&Xgp9Rn*FqJL-8nXcN`D<%br;N}uSIUY^MMm}rarOr(FD7{!C;W<4N{=(aR<z9;
zqfk`HM##`{8#i#E4Ak75(OEv)%<+~RC@@}J`(6)vmFZQ4usFPXz5q&C$inF4q;ZPL
z)U-LB(wh5ov2ex$(+-gGiTzArz*n;ex!pLZ<J7C7G(-2T3v^WED|1<<1o=bljpfn1
zLG;aBj<03)LzdzSYWgbzy9YnK??ucAK@R)9S|vE%i}OxneS-^LTZ;qSK?co^`QZin
z9Er1q9Y_{#UX-fNCSuH&s0*-Mm1I}Am_eT`nSl<C?Jlsf>uD~5c8BuAs$sOTC{cd&
zrG~qkJxY_aK&Z@VC2}4ZF06>GY}E9IY1x`-=ES!bXVW-cG$O3@>fEqvH~*VW)!|m*
zx!Idbjwlg>nwLCqZtezwRN++?L<A;ZR@H*LWoA`cJkI(@BRo|$K}67rG#;<1`@7~*
zV_9G&C|k>zeScGKrQ8&5zlr;cs)VF?$eW6OCkNqigcjbQ=5z5mFqfAG)JqR=s7`N1
z83hxR(a^1E6vSbv{m-PfSgyUp)(sFYUAlUN%|GFmLP7|}Of^yiF?*m_=I6js5UvP1
zotDd81D@R*KXP3GC+3zlNHoF3B@Sbh@jlQ?!>x7->eMO-KJRHNqVAgnk#}eYiSNV(
zU!r^8u--uH2o@ab>oIoi^0c)M<#ahrtxOcKGh7&n$s8Pds&<G~i@MCyesej3@1pH3
zUJK>xl95R~sm5xf;2*!n_uOR;gv#{w8{;_)6-dB&>Qk~k&6;~XKBF<2E2mD)D)6Z;
zW2@4zsm~Shdpi4f#63XS-FM);UN&aoW@EoMkJSye!)DC6+eN~BI|GLioewEKpW+{=
zAIQsS=Exw;iHkK};iBZY)^B_f3*0br3%HcVEH`@1P~&^uYH*t=39D$SJr|erGa&Fk
zfyCP5=OfYq>G|nQ>tCNDLB`IM{Hmy%<MkZJEy31U2|k8lzA%kgr)90t2>gjI6WgWy
zz(yHW)6q&#Gp%r{HNX!@KW%)FmmDw-j-yt%6%>^KO%{w2hcoCbQ-aQS1yDb?OD%U~
z1dE}L%t4oYdXQ|Jy*ZVhN_PV(7T%XsLU~+9H=zZb>-ha#BOJrhJu3JeUDE(|nanO_
zZCjmzEDZ2F(Y(=BOLcAa-2KP8S#h6K{1)@Y*ZX~E++uGp<r5Z$RmUCW7b_L58y17c
zYBB>g4kR2_t*;8r4hJ1Zv&<KMRoLf(jcS2GR^Bo}r#;7YpyBY?SrOE%DpIp<-z%D}
z)I#-Q{+aot*no>=SZX(%FNFRdSK&W_(7#+i@nixHk&iwj62j?lsecID{u6r=YW|r#
zxOdBd0zB8RFOEmAsI6_4R6G`(e*Prxm5=Wg5bODhmGjA;_zX`#Ep=Dmh=fQk{6roT
zq1vBJs&PtPt<;kq*pET~p$#>q3hLK-4PXZG*cG)`SPOlAJptga;y47C$;bwr9B^(b
z#Quc7{QaZEizj{jSR-yjFVM#K<ivS+R2?{iD-^}|Q<nSh|3@g~xzUDmf)P~aq?kKN
z9PlBpH24%=J85Jcf{?|sQimI6T3`QuEPq`9k4EvylS`%>S2}Qt82|e9-+xlv!G;}Y
z+=z}jP!c~uGyk(|{P`m&H~#}p@N*Q0{+#3b+e=@r1ha7Eh!gJjw}1XA5>nI${vFZc
z^TA*9nZaZ;cwjLggf-hitrgLUlN$<o8xU}Q<4PA!(a#jNpYHtE;so;m<OY6!9^Stv
zIbHEv^Wb>FXQHiB_T=|QcsUr*1#1K&;P?ODuKs!_LO$Xe8qqrZF20jiq$ke9a|jSV
zH%uyi9-Jok6aM|**w(-H93OdX>~Eb^OnSpC_P@D(e=~2u)HF2AfB(vwniju*<tI-J
ze*4P$*vlH9{J?&+9iL^$x!s7+p@Y{?G<QcIpdtZYvsWlI@r2En@N&eT^wb)mPw<B)
zy+1;oYECzzLwuCjiO(Q_m0e?CEm0ky!Xs4H-<a#f8{~@pHA}VQvJYtY#gKmeOL0CU
zbLl@Rs{LjCN#gs2my4H|h7l(X6Kt_cc;`0wR9dD_vO94f=gSOCOaQXQxSkp+I`PUK
z%6|g9at|C}CryiDk|@Btp$eYcSto6Wggi>s*|D(%vlb`qLrFkL55Su2ux)^BpYUZK
zN$f>^W|&U+9+)q8!awm{3=A?<eA0CpI_`sa2lf^@9tXRVXF&&Bmveptj=p3&d-9Wz
z;sFx3zdl>`iNh-_23ygV819nZNv3@H*~dQtUjELOAHQJ|WPjqg*;3W<|Ljry+cM=Y
zGqAJsccAWblmC=i`rC~Q2X9d2Pu~MUiQ{te2zexvO0J<x-k$hElEj4xfmKL(xcr8x
zsr<>}j(t0`cJk|RCj>eyKg4a^DNp^58LRxsXjkgg);;;9D1dE48mv6nso$|VWuLCD
zr@-cZbLIU}YXP6du^l~mkpCaM#T8Jm6L75p<8f~2XZpn7-=l-(&&^qm#KGX?brO&F
zhbsVI=d|7a`|JJN<iKCW!ys2viVGiGmgM3R7RFYCaEufif2M3z)etgcl?b}Nm=M_|
zgI*J5ZKmNLKHNV(I(%Vr0Z^{h0Yr<|hI4Xf1FpLO5Mr1B{N^A~Uzo$0Q4;toTLU`D
zAZ>8QZT3+|IN38J953^0+V0rg#S-l6=ZJI{ujKac{=THTr6wS8vI^krIsnDq01&@E
zRslW_;CeG`U7xlWnfJ}R-m?9&oPtN``FB2Uw^)C$B^E|j;}Wr4#PZwSF_n^-ZNL_G
z2f(;KT!?g06eKh!0Q48ABrizI2ZX5sz}9EgEO_r%_SYbV^S&eI@|-7N#haM}m6s<Q
z7!*Ig$m$<5rl5Wx--8(NwM#%^!f2uAD=2`q`F`Cpv-48A_03=HA3ii4bK*8I80?1k
z!D=3W<kh-48<qhFpA7Qc8&IXcTV!OZinjBE@(4X#qx#?=Z2326cH$QWPy{SiXWlZ3
z%{=IWJj2d3yLU9@U=)b&wQaxQaXQX*fO6cMUCY~dLPSWgd}wVzg6<6hRNdDTAZnLc
zCkG_G!U`;yc?JB(f{Ck=s_GR0nc3`NTT6TdN;2QpurOiMCssDL1QS@@?MhGzFbVPx
zL|itoP~#Wp`5p~3Z_jlaMVQP^o!<OpISX_-xbfTvkQ?*e-L8nkz0Cm03xdY*)=3^9
zi?K7%?iH~hhQj5g^8j3OyV~>o-vLZPLP{t51{4YW0J8qqu(_-t+B?{+%Yq3&C-$QN
z;BE-yto^Y95<!e2D8gTesEhl^GmDd0r<|@}U@e>bnAgmPXgTxn;SfM4$w7)pr{~;Y
z3p|$;Xu7rH;ScG8qHgml$0xEv$0;FVF}Ot#UaZPSKR~yhDmrz2dTa;i5p_V1gc9`F
zcq_Wqf5)^X>Jrd$Q9vsI2?!?_+3n7QOB&#HDCI^%FXChKD25>6qtHz9MHE1RMlDgC
z_w-f|_qP>LVCo~&w_yuk(^TF6sILG}e`-6#kbn@tQ>d@m5bv+#_ZA`;M84FhSM&s&
zVwna@L3TfBxCjrc1~bg#4WMvyj*k6}ZiV_zsarPzHtcjUDRl%gzz*OSEY*JEOG<FM
z^_ga_An|ojD^39zfbz{;@l_cIiu53|>AyDd>EBuaf8+N4YX^CL$}U(#X+CCN;uJOy
zDSt0)NX`SKXzuC1v>J=?%e?0+YK*z$n6A-)OVb_9QZiJN4~e(95@B|?bRDK}QHWV7
zRn{LEFs})<S+~6&fpn)Ivr~pf{}m{8#yczF09*`hH4N0NB=+ssE=#In0m;u)%MwJa
zm-&Ysl>#aF*$%Y<%E<Ue8V-f}S$X;v%CHtGAB+=wzri9}tj<6VAeGaX01`$kdofbB
z51SU6cLB-AEkfUKmwg*s=!JJc_KG<FIgIw1OzP5RpI)L@yGFz)0;|X4wzU`yPh@T1
zgBb1(f6kbWV7Q9SFmM9SMh_{D4=RGC{}RKD4dFNRY@)XqRy^nOkgj#<^i%NzP*jsW
zGJVY~?wxNrw)iEqQ#OJZj#Xl@-$m;kYgT01{1wZ9Pd>->BO1>eRg9rKG~9MB)CAPo
zFChxP2*m3L<Ss7i`s9%&<hz|o0SE}bd<PZhBdVpPgy=>+JzCzO`Jtux)#xeFcJA(B
zwe*F`;bLnQPbbh;5clHqQxK|CIQZh&kK#U}ZtIe%wwd|!-DxP0FEu9Np-DP-L!e^|
zz^1pBl=q7iBm%zQBB)ry{ota7zss~-)EGvO0$IQLAMYNA(GAc>YEM)Qeb@pN*~!`#
zrYwDuhu3+Yja3AbX{uP-%13kkc>PEvN`-)S?E`wKw7~QDa9fuqjDt4hUUd0I+O{vU
zB*q^?%2#O&nUAr(i1xNH=o~2nt8gSpaW1w`--1YoRfD7gG*ZX;arEaUACQjR*<S>I
z+^81=8Q`OYp0mRTpvo!bu|Af?Y}9>S$ni_N)ON-aeRK^G+6(FF2oPph8+B;k5l|=?
zzMQ@Tnis72rq+lxQ>Y=+6mEsh+U9~*5`(~?mhtq4(M)I{<#4!23Oig7JD2J<j_nkJ
z)qHs2e``F-I0u`Or6ksGwbm$i%}X@?m`@3tdgnas)JH2^(SiE$kW_|78;fX`&Nnct
zZDKnk%nC|hR*QDT?8#r=)6C)O6-`gMeEqJqy^Qt8a-W}G#{d1OA4a2?)Y00A->4;b
zJ6IyAX?+ubv)dnKHy3&j8PDEy3>^k3Lfspn?N!Y7$FS#@tN_}*t!txsdIyYka~``4
z42oOhh5JCc4%<EeyrU7Uy|E!;dkv12FX^M(!slr0n4(^WOWpG90hK@^6e6y<<nL(9
zAYt3tBC9mwRU2J0&fvguf2X!jJJdj7dvvgi%r&UBCCs_VK!!`0{D+`Ki;Qj_7wnrw
z&5M^Ra^;T-hn-QaqlmKliAA7S)=ma1(hH-SV)baCem(WJymQ?#@$sCBx>-fv6n^hn
zP!yG(*kA_^6gLIk_!N$nPQ?|blqOa?^@$9+r!Q@P0J*c3k%rFlF4$c_ivRTbvG^4!
zg7hEIHDlG18E}rczxWiMgPaSeFDlO{Mp+A^z>HU<72Mwj$=!bUYZ+p__b<zNeEW~d
z|KC~uV<Fu3!6m35v}F0l7X?YYdwkFh(%_-Y>Cz>kXQ3BiwRwd1nAj!#`ANd3I+>{@
zQ#ToCPc=?O$1==G-?s+MiMEgAWcw07tk?i?vXvTtzGhN+N{=V+)KFx>e3{K(J92^M
zR|el~3?!Ax>v7b(*}NL1v)#O}*Iq-*C6ajXpV|A=(5D$`zEDjab&oTbgJz{sc%eIu
z9QB+RdKk+ZN6!vY<tW3p=wj&H8YC(!+&1&Ec~ISh3UJ`dd4ra1+uI5ERpr+3x8Iff
zlHJyH3Y3sVD~!j3+gh?;Wma~)C&|J*RJb(yg)t6M9!@K+2hMl8oKeN&`ytGW?tZa-
zG#7Q$xY{lK0wW&3jO@sm!|6_yD*(!AjeTh({wkwbI)hi1aaKt1|L!6GGoe1>N!7`*
z2xrWKsFNhFn~LkxtOCYPsoP5+aqrP@l0|);mjFR1$h<lU&YCsq$F$WOOT#Flo6=fz
zc~TQf9~lD+?wi04r_D&-`!cdveN-pgdVK$#TolJQA~ged*KmApv$h+;pu)_v#GF8Z
zBoLHdpwyQeY$<_7vO|26qN1Zc<X=mit=9;+!phfQ4mx90$r*IfLh7R>N?wP~r5jI?
zc>u3w0FWu3ffKMO2=px?s$2VDgMw#~`@9H+RpXr9*%Q~@)$`i@OfELPn|>EIgI3UO
zn2))?2pShbZA%tN2LLa|T9dh0z;C2l+bOz6F^%iy9i_u<aMJI+ITPdhab;~S0htIf
z&)UvV?7RBcj{85e_2)i(5ocbwu{V+DTI0Gb^?L<j3=jJTQzy1Lk~@Z$?$UQUg3o(e
zCAP`r_MnuJZh1FC+UiM}9j<MI5$I|)4$Xd@#5Z@tzvZj!NKI#M>$o~pDN5U4g>XER
z>rulIICTzUDhNk!NKCzQaP<?1-M$D>h6U6`i`eoeQ@2f&&rY+l3lGRGU@O`t<pYN4
zh+&8Ez&RXg)<tVKGiw;ckmVl&r>0pn2kiLHH3alKcf)P^a}82A{m77qAh*AE`<eED
zJ?W$Mpc*Ebxn9vMkD9@fukw+_)?RdWY7)f@59KaA?sJq|(?ll9hAH#-KeS{C2(J-t
z-Y0+Yw-fT$8D*b6+~EWd)uyp}q^R<yA3VUW6MNB?$qtdhWAB~uv)y~eTrh}51qv*L
z_SaTOIA}}tov;98o-?*vRKzk=v$~RDvdQ6-vLhZ$3UPib#U!?pf+;yb;_fZEcLGqh
z@-Dk?1RKF}2D}cRz!(fKGPFa4oEPWl#Tb<Hz+eY~LrO{k7hEk_5zJiA*cWJ{iD_C_
zM(Z`xbm)RIS1}el0p0Btz>F~hyHU<4kH?Pf@g6v#c8qx6-H!UM=Eva$RJ}Z|&XO^!
zx*G5;vNvTcoROPSj8AERaQPQBaledIkk#8%^h$lJ@&q!|8XKwAN1Ko$q!34wuMj8D
zsaFgc{$h^X1Ox-kLA(_?8Ye%}xeg=#*BSoz6Ifj*BVJ~eM^FK}x2^j=26-wu-ylfz
zmqsH6%L$9tRsr_nGAHz2Em_$n2%3TuEC7{g+aQr_Mg_eo-4iZAA?w=&9DWk98Cdui
z<s99L^N`4P9oHW4c>6~Cn`kp^sa?YQ)Pt+#XTtT=9e8fga7ul=c*bW<R(vE+iW2t8
zToejxTi}hV$!LzPq)K&iLO9M(NHQ{)+xJY7xq~{jy^F2XnFYw&-U>20nfoEcx;x)w
z)Scc0dxFEDyw7GsJzUE-lTPakB?Ft1=WU|fB_A(*34U7W^JOg42vDSmu!q&ij3uBK
zrQUt$QS{KY=W_7w`0HDI1VbdT;iI56O*uot)ivE&KY!NF(2dRw*Au2JRZ2YAGWv(p
zfM%qU;g^~Mrt$@la$cx#53jsWN>HL1^7OV`2&HH_)u&D8&wL@EbEJF2LjTd>zPn8s
z2y%Y7|1b~Ij`s%L56z3W;bFF)+dcO-R`(0(Qjv#prhxR8fF&$#jVr6Pfh@jOypR*i
z8%{#rLm*m;0-=eyX19`Iz)S6{07h&o`(QAM@I^*$W|{mnqr!u8xS!?pLF&77TPDA}
zsB#GqbM&gT5>l{j)flzcKq=#r<SBN|!UjMjl<GdD%5jrxdsI(Ts0(;CBN;l|y?{St
z2+j>IKOSUE*;>LVkPvj}EAOpHFLHJAHiwRY%H2+dP(}3#aAY)_!G`SWch&r8Bet`f
z(%qlxR)Id5YYBOpDQd7ApqkTb;-Qd<+-wwwh9ug%8Jt?YrPCO8Yr{JR`ygaqe{vR-
z-d?PVu=X;~STxMC?Pe-Kk|AAgw_Cs@118V&4~?O@A6x>_^z-w;)pY1yO}FIHcxZVY
z?f(8MCGv7RyUmv5|9GnZZRNSEq@f*Jjj*OH)~_<*;>`E%xS}7fzpKu$Z6i^pO-SeP
zr@N;@>GG|BuS}29OGs~|?3+7B+1;gzHRTu*?Wy_LXM=YgW@OpDXqURpbVABsPZQjL
zd@PylKjZVBipodPS6?WVfCyVHxRkt>Spg!-a$5#Y)$KrJV?_N|h!jBuiNz*LRltBC
z4unWsx1rXz-|>SOG#Bs;M%=rayH!)&rEkxJjC+(+;31HE#DEvH1#3q0N74B`^IQhS
z`65<phS|ZMz$#c=4=mCkqd>!|221@Dv9z5{h+27=9A-kIIn5i}!Up1Qb^)2F^T|WN
z(-}qXl~CJ1FJZ8OjV9PPF*<_+%l&p~ep!+yQ6^a`l(Kz$09zRV;EWN;><h*?_!{s{
zb!zDnL&`m-cQbQ4zfDbNcC@b5MY!;t`Q;XJ3UXgu=)ON;h5oBkkfvKWSyIgGT^yx`
zz=h|B^*2rOS;-Xl#Mn|3!{quy$t{K;Z$l#_t~P6V0q<0|@LY0t?a^GucU3>DK0y)~
z@3s4|52=jC`S<N$$Cmbwp2(8kcf^#<Tx1hs6P4rZv?Fl`U;&0c{@G1~bN?Nr{P(K|
zq04=O4<%AIJlrF|NK7QfM^XsgSwed6cdmel3vLu5iUhn8Ya7tXbl`HRHub+_o&R&0
zKO&%05W@T7PaZRq&z-vfhRJjT2R6XOvJMDhmYVCDsj+&NRZK1UvS>x4{|cP`?qXyw
zp5IO;DJwPfQ2RiF>qnOhTn}M@b(QC4@D>0`HdEk`aAl#iK1-8TErZf{cE`Oq{1e^)
zm0}qLe^|S$yzxA)$wP4>`{ox|$2M1^z*GY?S<C{hQ<0#-E0{W+=<tBRlLsq*D!F*9
zMd0)aQ~YOi7){d9)@B+s!gYA2;l^+M2M)nASX&dG$m`k@ALS2^Jn0<4Sf|#jmB#D8
zb$J8)OdZ6Pkdd0_lQ;g1VE^t#{Pd<w9#C;}lO`8uj)k$G;Dr6*bNJL;Y-nt}H^+KT
zpzYVO*}wKDMODZ}x8}DZyAr?Lu>NI)AXChwk`6}v$T{w$#rNm@$l@EDm{4y-5Wu+n
zP8jPS!&ZER8_uluaE_Hm7_^%IjUg-2K?)z*n3f3=?^!)6du@LM!l!||zl5|2t8ivJ
z@uep@V&4dosdT5+QifjG{<r4rl+Q<!FUns@l4Ao1->v_ap?sjjfo-U=wVrDv`W-_#
z1$m1#^tp47aen9P;$JT*&dszuZ4L^gIt5y~s~5WZA8ysVY84urCwGtCKgra5^63?G
z<e_Nf*ZAHHt+Wom#y@O`M^yf$I3r1D0}8%ricB{tc-j)4c|srxo;<d?XTG5P#b_{U
zgUPXLZI0H_A$isAHbgq)xd`kMOeTb1@T3^*{cWn&G=YyLw>Khs`0tnfv>^WZqx73o
z5;g=rv>GRk_Kz)#_TKZ3R@!^vJiqt)sC?q$ZXoAa?^V*AKWWRuu9c*I0%K!is*Nkc
zDkLv|%Zz;?`2_`+++;%8AOG5S`1ewD#??&WFX&gIy$5b5i|-+9{`Kb3o^h<8lScHE
zLh3H*vyt?O3NKd*l->FuBe8DDv%H`k&rDX`GM;I>&v^ybm_cNL<=G6q9P6gVCZ%Yl
zD}`@_yQiOgw-UJdE29g259V1~Wbvi=kK4~1w2rFS{a5x9OtpttO$=z)_@K(8WiA%6
zYb9O%f@UKU>_W?hl8GM%!qd3YSe{*SNo`JfGhi$9tA$NPi=Au<{xq8J^7zVBxUOre
zf$Yrj%a0Sv<>ETDC}pP~)fbeAgqPBker`^oX%-*+XQKeip(&jC&c+(|Um@8qzODEU
z-`LFT&W7qI_Q3q#+7TNX8pP+O%}zR`|J)2eUizZlNhk~ZEt|7i06VkHIC-vf)<6l2
z*~me&kP9`#qD6`b3Hrql{(2G;0<iUJm`>Eyc(s+Aeem?UuZ13ks~Utc<gEw0!#-AU
z*}v21-7JH<i>Aov?6>=5v8334{<OQavy<rDuFIOWJo5mNswTyjYqze3s*Fbt>axqV
zwAw7US`2#b7ZtuZ=I^ZBcdsA9l>3PLlRkUeYM(vSCGTzYQB=@azH9N7Zr3mzW|}!L
zqyh{1nqUx?GiLy`ri?J#??mzC`$)lycAE><tZX(DM_Y$P6|Y37r{3USomjV%S+rSJ
z;MEE(myKNN93tONP%w>nkhk9IfXvj`0yzP7Q_~TPa?r(56$At#vmq4xZ5F-hCatmj
z#Xy68aBq9r#uAyCH&9@P0yRDnv;FUnR)7zyB`+^;&8L!~T6Bd~Q@uHY)uDLx%&#o{
zlur*NUHR)%4+)!v%qHiYZl}eqiWroMFz-5Ebk*(VJrObF)`91{n<EuoT{VrQ#a|*Y
z%AcF>CYsd7fqvmDc+RRJZqBXQXvn8P>F`X8hqUOPr1T1Y(|0#JN_C$UOnTsddN3A&
zp+LPDZG$_&ZDO9z$%&n>VHv2rmon_R`GNFx^Sf!rFvRSV@Ta2TA{ht7L2Kh<nXhQ(
zS4>pqdq470?!7pJ1cji5?==yX66o%<kh{7PIo~I`uDFH6fSi7oGiI>z252ds3pB6?
zVtC9A-53mhZ9G#7RKmiD9lsG9I@SW0xMzaqo!8xAT~AS2kDc5%qu{FTuv14Oo__JW
z09|)#v_NFLNbWmMaP3d@TyU<BEXXuUvDoU#A+pM0wLno~EK&2zvPH=Oswe^|x?l2a
zasKt_a7;RJ+JI=vm3?MJrHd!RZu<(n+8<6|$v1GORogr$T^U{<m*j3+JT;LeZ>@f(
zd&@z$EM+z`zjweAN=`5B>AoivGRWzmItbNkgZoGoHcGB+J|V*7E0_&%(GTgCtDHty
zM4FmUA0FKb$g)|#ezfNuUs|(ep;up5;-S^sT3A<v^uKOq)!l!z`a|~Rh{*R{MMFp&
z`TnRIe|~E``BAPznR=LNkyTrdi5LP2wHW9=TV!9=p1ySy^~3A71jB0)qn!S)r7G>2
z#tIkWDfrTkHJQ5;L^Fdntu?y69CumO-$5fixa;AW@#YBlSM&2jo&z79$%N7Ij9YWx
zvY_>RMbIH%73Vp0SULX+juvlW?69a__wekfoQ6eO`2t+HbIV(*s7RO9qCdY^(0N{}
z8zbYAlgi`LUbQ_-f~fW%&X>|TbgUb@X1b1qv3h$ro1xI}IALMWRBK0ECTug@R4^I-
zGK)j}X;CKA{XzRsQ>pD|V|e2}cUy}P&Hmdt_lK}3aRi%=1+PU<ZeZZK42^=+Dmv&g
z$Z~*moDJPOCjgNlGt_d*`?TIBDvQCWa<ogkh$_}+S_=S-75#EPRW4Q&jm(0sPW<3=
zS<=?3a4TZf$p3zw&+3^I8i`G`xG#?Z3)BFeDas?)uxW|aHAicJQ$9Y|2M5|v`|FP8
zdzq8d(=0Y-pTBZ}bgjW@o4Kd=@2UREMtuqip4||&X=yK1kn<X=3D<D$Q!9YZ3C2Um
z#-Ucnvvnx$s+QtzxVbS(@ZM%K4#w&%J>4*eYuWj0#Xa;qcH<U^t=F)vw?szeDWo2n
zqC#z6BH3Bc>F=@VAv^L4{?<0z+ufpU2WxKw5QA?si{M#A83+9I2jx75$-Nm71{#r0
z1*4`}xt@A4mzg(?ge*T-j6;%cxO9?gmmpo@8V-7&r$%7Jjs>6(mhf1$3Xreb+7Jm#
z9P}LtqOPeyA{7<AU)~$+-xVGi<ju60)L|GrSUZC4*`vF@q$?Z?(>qqpu3@I{V~FY4
ziuRpttY??|zYFnywMY!onRt1AmX?uU;v6pRBmHgb&A5)TAuAYMbaPz<(MFI!E<Kl}
zI#4P4`2}XuYcz$9CGSqLwK4gY<$_EX(m(sy-k?QTL}1X$JVMlQXXdd?fA?^)i@+0}
z{!CiS#SsOw!B~04!+t+mvDMvGB*IgN!cEl-v781&7MiB6+uIoMdvnzut!`Se4^^V+
z0^-JN;%q?P_RvFG3O#v$el|Wy>v-v%X?EpKar3eMY|v<`E}2$26RK=@94^ecg_wlr
z-ZXqUGUJrdZ!Nmu&OSxQR<&MiV;JczGEAQLI`)l$yvPN37HQ>r6pDZC(-v|x+&vkQ
zm@|^$H$3}&MOZuDNw)nA60`KgRQ}*-A+XK4I0G%seSdRpy17E}S`%|fKOc0kABgB?
z0p%rRk)@gz+$x&ff!4Lj_X}g5T5{sFj@BUDc3eWM$RZs4euBxPK*WPq7K>8ChwNq8
z<*}d`Q4UGESxb}wHOpp4vSh^^0+gdgcfIFe8CUJQbI%<}igD&$6Z0sUze-THrW+v+
zFbP5p)=TPf-yg7CVNus_vH{vxY|tB1XMg1>GH~DsijW~XGM;WY=$4Y0o46NeK)K^O
z){98_imf$8T`Ew_F4oq?-khjgDc+GKp>?kX$7c#w<qw=ruiiQ;?LU6J?P32N7h$Pa
z?3J>fB)k;<*jX`6Xsh=zCiCn15$Y=xifDt4@!2QTxC<$aan3q6$#L(^(9@3~Z4Cn#
ziRnA6Rqxa$-V&u7*pJjXijVIbCzXtUGnwh<emu0|=WKGEx;rD<LeL`RtV8~OH$o?N
zpiQeMuS{Msc1nZ{HOfCI?_{VMwwX||9+A_yxhAK21umKN1;W;!>>uQ0xwN#n#P9#f
z8$AipnSFq&_b*L}m)ifbD&uh_=R&;M<d$x+^@9KKLfL55`h-)$UcN)zBe#yd(W23d
zyZoaB4SE9YNBTsnrta-1QDJ0(<k{f$)llzii2hgE+qaQ+Ozo0w1$vZauLVL5sKX)$
zVM|``crzx`8P!}o7TR{d6O<l1P<OB&bY;b&MJ9#I_Kz*d2@m;ZaYP#ABKpUx<lhA6
znPz7TeCjUS&$Zrc8mT=(T}H1z44WILOEnf^pToI{jw-$D=OE_X{K|QCzdO#w!Nk3Z
zpx;J#c{V;_uRCC@(?Mphg2@gBKNCj9M6EPow!Jhw{QaG@t~eA3!wJxAtJGU~Pd9n{
z50whb>;!$+fvs4;-;KyTSJ9YiW$tvDX>mf|mMMv#w<$1fEw{Z{{(dtZT6V_2gis+F
zop9H?lDs%P0*)>#lCwP39H3VJs6)kzYg#Q${$?!K57;x|u=-rcL}<up!`)v+JmP{h
zNu0|hm)tBLluy<;G2gc*qmQ5|a6X^DtHWH7pXK(@gj`p!)*FewBR{1wH|rPaSP&9-
zN~FP0M-&rpzSYZ!$x0;pCbIjnZR=?6$JQHCLt<~s^wx?m8NDv`QkcSoO^3d@-mPrn
zpuBtDEcu6sDIIc`AZD|VS<aN-Nz5dpw`?VxnP(qI$&WP0zqSpQQMBCLvQiyROWEM>
z+Z4jFT&qz*7JViC5zq02m)j<qwE3GE{^jWB`@>sKHPe^r?J0|nirGU@cZ#j_x#QB7
z-tz7h9hvMMHl>$6CJBgqutj@gyYHH5w|2wkwzm#H<82rB-X=5>5sq>T3`(qGv&zrP
zxieFm+xCrZUq5DDtS!IxY;e(%^~dkj@>cP#re=s?g4&Rhs@A35)?mAj>jQ1*<HzLJ
z%PQ87c>S9%QOt<gu|LJ1+jM>rKxtdNo?69X8l>xA_9O%IeJI@e{bPnOU3NF`^!Ait
zojXvMStpOs{r$VMKgthDjiA0n8hV;^Pn0cD59P=ZEKFk$N2NkoGq%@+E?90ze>w!|
zwoKrV>b?ngr9cA32@{<ZmeuQyak3w+dp_3BU;Uf|T^kCYV;)zpvB?dM6te;4wWYAv
zhvmPFO`7iD%;S8XX)4mmh}jx0oE`~N;h;S1gq?lJb1MzwhH@^5f!jO5*O#))%&hwQ
z%Sw2?UYBmVOwYUfgMDNOMlI&{%#vcPCf92k5{{~jGI>$QlGj}fwOUT>Z+oq%@@V=X
z)4TaP-wznQv~on+N}LH=glzO?!T4SRLRewERDMXX*Dp~udMa69)Ki{*Irw}!Xq9|h
zb^mN#|I5u~DQ1yEnKWpv1zQ%2170JU&pNa4KDDAcZX{xVN|0Q4=b(>n`bg)v(NVb1
z&xVrABziaZ#}YrY<<!!TCAJ&+i<0D~hda7$MD`VG2hpBL*!{iu`2z>^EK}j0uC=IE
zG!k!wj^wr=Gk&$a_|Xsl{Mz{9rQ^y(bcIWZ!}vR$K&SohS@FV6u)QO6?Y#3hcO_`z
z1*b)i*-dxl$g-_2Vh2orT75K~36Fhp=X${{ovWKj`Hcux`|WY-puYI-BAuHV)A#4U
zc+QH1pi5R(jwwnzBIniA;9_is_lS!}wmi?m^A(1-0`wBCas=AFvkrBTbWfB<GD&z$
zK>KLju|VcX5sT(QnmP+lZCE$cP+=3Z%`i4GwY?V??1xU^HVeM1jhl1zWoR#n%QPcP
zh|YA%BrPAa%{1+@-pyN(DaW;`tG`_H8ka)vDEYf?)aiuQuvFQqTUs9Xt7o8Jejp_~
z)9WWLUs%T$xa!b`%Kq`fyTrB;{W3}|#0rDg87r1(F1K_%tSR)w@g3>Qqf#{ottH5(
zZ27U$<9ZlhU&Y-oCUWTBayP?#3J>e~wWDwTqV{JHB{rm%cFWJu6W<f!`L*b+9w_v;
z`*|ET`1xgdE!!X~AEp+ihnwFLc%m^Lx!&w<;}YMFP%OCCCbQyKtEE*hbqqF<j6wWa
z(cL!AScGj?ICLj49C<g0ORD+1JO1UU=lfZS^K?v$i^#E{LFT3H-JWr1tA$Dbd|Rzk
zO{q>?+OEa&u&}{V*=Bmxk>@+l!MyB4I~Z{+#tY%yrd2E&Bkx+3vwk_j%_wK3vkLAu
zMU38_fb7@#=~lWYM(}<6eEj3(55C&rg820t=I~ge_M_odt^O_*LDg1*=00zs+7`LY
zogu#ul#^?b+siXcltO#GkNLV_#38npI|-QV4Cmf+6hhGG*4Wj)7!<+dS+BSfn&v$L
zYOR2+5y1Vcuy47-XBaunSLa{SeT823vIbxa3LET(5S8t5Y)BhNM$+#UxuTYlL)e(v
z|A&TZch;z9Hfgd<_vKeRK+>}{%mkz`4`K=c9S}kMIP;n)2{&n$W|74RY7;QAnAV-l
zr;9Q+VYDkuiyJ@)dQQ}GGjsu&6+0TCepJ$qRh8D+1`Q3%ZCUKplA}#XT#D#&*6@*E
zmFTPFCb9(@yVY?yehKI@EJLOkR2mPN$v`^<YcF)MpYw<HHl?dZ{=AW10<|Mz1_A2w
z_B>isNMgBj-^x2+qgjn@jXHg*^yvP9wmZeINHs4TmU6)R{iRig_mX=1+*#^AC+D_h
z4C!Is)a!Y{(3%;e+p(=q6VWvah>+AG*V?l3rr8aCI#g$yB+Q2XlflI|cR1z>sGX}5
zgzGU)!>aRLw;V>v=YvS^P8+b<Ii2o49A6@J*p|5mr6<?jWzITAh~3!WpLNNrBtA%}
zFSx4^LpYkCe#XyFZ6HF3_(0L&Yq|BBA7h*&b<^~E4=*EBt%`<sdQ!xlU*O?%=dS!k
z`99=G0klbSl;Yqs*b=0gjJgI&O<Q9O2_76^+V89%9+Ig=JL%Ysr*)T(*alKslh}~f
z3cWt`&k@o^-%PWdUwOpO8vF|s+ea?!d0p@JaF$*&yROmLe25jfP^=TZ^!<uiMCsNm
zEtz7=$@Hx<qGAu!QfpW$lLG4gJGHYpsF|1HZ|3_=(G}izVu?2RZu*qGMVvW&z*<#4
z-MHVt){41AuDR6|AG=HYDCPFDHoanq1NEm%uoPvOUMhqpiH<NcSv-dPX+tTsumJHO
zMf}-CR26$+JPMiD_mFKzCiDEfl-^_$6{ni_6D3%Dq}{s~xiQ<Ntgm5;Vs;X?L+~EP
z@WGL}y@JmX=A6dL$~l9+Z{SSU_d?iT$<Pq|a$|aj-(a5J^HMi_Beq+3usAGIFy1sv
z2VqIX?sjFKkg1_D&3c%@{EHUBH+IT_R9|g^A1}qn35IxGUk&pbCT}`ep1RBNJu79Q
zhVSHj79M>r((fjlN^+lh4AN#@6OY{-@2;e7Rs40El832m89rL;<S(k}B=wPm6ca}r
zzj|&gg6mU5+ClQlPpbpI0<)+46@d9yCgrlva}l>oZULu4m3|BJ`+$e@awI=VKH(w*
z4sNR!)Xkt%=9G~?V7hH97dt~^xor&mBWdH$DPIVuzssy((w39?U?7n#<m1%0(qD$m
z2l&eNmi77KR$d?aiG2tq#x`qF{o^?b@Mxt-l~58Jw;vxGGL{+dq6dmzU{T_rcply=
zNg0nSi1z>You;Oys5WNK`X65W!T@m|Du=h0lxRI*WSf?~m*iDZ2JgP$`Siw<BWIQG
zT#<L*e!%|~1Q$vP@+Kr@f}*N7@O~9d{Ttm)8oDSx$I7pVhxc2VoKQ-iLcfs~W-od6
z2f@C-gVUe#A-N+yH$x&RQ}e3{|If2ZzY>?12hLu^InAfPmjL5}aB*<~<o68g*I#;h
z|4zg(T*Dn07{ITfeG#Gjdq#E+C#y47gX?h^6NE}}2r@!(U}8uA*zLsekc9%|AMc=x
zVJ%f=?7655n+rMnYN<#>#*j}_nz(Jt*^3D3Q$E_bJ>;bf($nY5W$?J8#i=4sZELd;
zj)*5I6WA_?Gc6gm2QKIIzk5#wZvG8lkytgCJ#Yey6o&uh0`uGHsi}))r3|M8$$w=Q
z{|33m%}Kv#mvTwim`l?CG79?7t9?Kn8Xq6jp>_GWpP<WPc{rcRczVAQc}`QFo>^vY
zTu~lk;KZCZ_U_f-C9xEg2pH=g254-(A~Zq9d%k53kVxY;?&3mCf8&I;=Y*R_VmkV*
zN7GD3Fa(M6UeJ8e?Mad5vI>`)1YhsCvS&q3r8b4b?$xHwjiG`RG%E`@te6Hfx_;)<
z@Z8$6zES<V6#st9|2FWy_LhI8|FK_qBMyjClxBzN&cj>hn^^~rbQT65S6uJ!0?^@Z
zu>)pF!E`X;=0bl02K|X`eegWqVh{cIWzV_&Qm=YW(FIhbyvK#D-pp`5n>~9}ro0O3
ztAh^Ws2La)&V`&4&En$o>NAkHDsxb!w70{B^{*)N2~|95ER_~xqnQ^!ENxmfO|YN`
zKE>$d8X2KyMbz0x;qMMdu?TUi<=`fQw|IRt-jqE^$1uynZ1A)@Pw@*xZ}F1?)&A%F
zsr~r$Z#9F?Aqs3r5ud!3lu9O*bQ6tjf^;lY8yCM@Z!V6%(9+tJ-KPEqw|-J9KT!5=
zG-mQUN@g_9q98IeuTP4#Fd%MjzcUY-CDXm&yscKS=%aU~|JJNyTbKkq;Hw9EmKzh1
zNWO#N-!LC*Le)eFj0?nb4e=WKV5aU*n+A7hu(1zV%;M>+SB@?&0Q4W8WdYpFgV{=<
z0XjBy6DWo9di@IVZy769Xn43vIb}sy{8iM{(WvB}bN;$~g=JOiVuKnTN})RfRV}H7
zvZdb=+ica&7%HgDYS6UoPGc($h<9~=PWpVm=&Q-=Lz|E1ql=q#MV@iHoAlfkKA2zS
zJ9wY%Jf1YqXV@l9VdpI6j`Xil^AKyk;Pmm!{lVfmhW)mA4D>6hXNbFHIwtP{l%m63
zvV9`i`Vdv`9fuZmW8ZJ{leboGb>FC5T6-cGk=3|rl34yM=$M65z`{j90i`7tZ$f-?
zsA-0+9ZoTlXey_TKW8F8*P3%q$P}}vg8V8u{OrB+J~?;mjn@<|Hsi&`P{rP=qor)J
zWPV~Mv7b!!A3p|*hcl_XRhuiaxaRCgbIzWB_9k;kZ(<#5QFq+-((^2&f6jIpuT6^c
zhU)o6zZAaWUFQ5n_1SSmxQx+UAsMm*wiMH?nRu(RdayUcB9UFgSgKO!#|5-H%1f-`
zMUka?>tKm(Xa0-0YIoB}x2>hlSdh|Md;66-hnh5U;35o?)4-<{4XqbYn4l|4e>uEc
zd4!(bHEpACIq>a82WLeagb2OcUGS1Sm{m53Dsl{}ia<IY+kZ@`G%gxmd^st+1vQTj
z?}JelXCtyju-S@3p=m9e3%^{r|C$XxPV5%`gLy;R(Q_q96~<v&YFnRAhORInJL*RY
zw#`uXbraO&Pq(2}A}}K683IAYd8AKsMi8Z&P6?I!j+tg>OL?6~uT}J0AA2PXi@BzH
zj!Q7#8ZPiDLgdC&%!s%jbK8S8r&fTeJJj3>Z4%3Cs3MB*_Xt_%P`wuHX8y5a3NlON
z{LC;MDFxG=7O^yO0EFZICKfd@m+U4wM430K<r9RorpXtL&-r)F!bvM%c<$7bkRt@^
zFE}JLenT=H6>_&TT1}Dt&O)em!?gquTBN%<r+)Mz5^-3c#=Z8*(frsHE?F<M<-6{I
z>G_g=$kh$&VQX%3XmK-BwVW<@&NAnXohpZhIN&aQ_shVPhx|Xr-a4wvZEYVGM5M(9
z2vUlq($d`_-JQ}c-5@PWcXxMpgHj68-QC^w&2`S}e$P9`cYb^Sr(-N&J@c7y&-*IF
zX?iZaX-nzgYBeb;_Zweo^9L#W-5#$M3vcyqhu^8+c58Hz&DT|vcOe_9Gt1-Q%$6-D
zDU!M`X*x5L>#l1kM*yzserZ5(e_DFd+;e-JD)l+I9D`%D+$dn6mTP*VnoP=<dnMV#
z!Nsap>R@r}Dki=D1g>WLC9}bh_QZWJTy06&$zrsTP1y%aF1@Ms9j@q32Q4BQ8CYa&
z>YDJ(?&%EDeaD#4u|oM77rQN;vz_m*og237;F$cYK=}XP;Kjmu4Gj&Ckeb(hr_|xs
zuv`XbYs#A)ey%%&s}G)UExefdFt<Ie9$XmTHO_jobm>qthrD9Z?>ej2DuvVhGZ5T)
z6>AHVE_V57C2O`>P)^LI&+T^}2&ao%ereYHAhb(q`jy<aqiKt$R88rqhAqZMb5~ZZ
zw_>l=<;j|Uah#l>Ui^Y-H;~A77qRyKpv1y#YGYpwvRC4+HknFeev%S;tGnK}uz)y8
zUiWEq1iMtK5M^)9KFDV0*;7~RTRF4D*PHkC9uH{6X8xUkw4IJ1x@s}w!eBO5q1v(`
zoy^_;t>dotAo8Hxk4vZB`w6ruZ#I<Sr&!vue@|(ymh?Zpa|$asMjsm>jf{zoHlS9o
zsR{}@Bhu+p=X?9?PX%5N2T1K}sS7R+X6_9ChkAz<2x_m8;&0>{DA@xI#kB@=Q${{K
z&K2_~0K(V}vC*mxus73L@A^rdykSXBUbCG<>3A>xWqYK;-#~MGE@$EQh|*kD_FRj!
zxOT%G`&gyo#CaKFtYf9B<w9((ec7}krTPr~nEAbsrbWUG%T|G9&5z`nYLj42<xz0o
z;C|(2fd-f}Om{Vj=f)=08tmU__Dv&84|EGl4orNcO%E>K&K|cBPpga*>~xj>u;f}O
z)oeMrAL@V6&^jo+r=!U5E?W_P&Gq|v@E$h#{`Hy5+(r>)!_4Ffd%&Bk3Gx8isu~&v
zz=HO4zFKGd{0v<*5-@B=o;yb;g@|{bu>2}I!LM<<vf)?>VlW4=MLE~S>_`nzR5Svj
zw{0jikjES(me;37Hbc{bpd8Pd@87V=Il8Q%iRH!exxuzxJ3z6da&x|SmpcFIQya`V
zFcr*Q4PO|bc*v+oq}TI*2oVm(tse5kzOpvpf$K~7y!{1;Er+pJRwJbciaFTrHg!N0
zc{ONa%vJe|jCug!+w6+Mgx$gXTrT~`t}mOqCe6~d15%XbaXzP<Y)4%fdgoEUa?16(
zr@?o!0?NT!U~D-C&_bhE9+$dPm}DPHhK#<XL_(?L%|LDXAw;T~?RxhMVf-cD@Bzh9
z{VT4N3v>z;FCdU$mDa2VVCD=UvKoUX`#TAn`=l=R!aREk>s;*SvaXw=tnF>V0T+)v
z4@xV0^(fQ>@t8JXY8bvTk9-F?JL@ZiDs)<YHjraj0O^p!dc2VufYmL4OsN()R?a}J
z|D04>Qsvje4|)wgwSC2+GzWHk#~S>tlHZ*GH}<v$kZ^~-PSaBP^uG~@UNNsAqUHh?
z^=mN>z%g|OP}Cz1>c3m_0y2AHX^SavNQ@h_0X*pz%X=W%RmT^4jf%jlLrnTQy;enl
zg?y!||3&p)7&iITw^nv5jasFHngNXS;d{wQg8f<+d$R?ygr?8xlufolOyAhJ*UO?3
z)y4y*IgYYi21Zy1jww3>oAIXOeR5_h0YuvGa4kNIW+EBa+9zE9X`nQ9md1P;3l=M-
z4XUIASz>{AC#esNsP7*Z9_~^Pc+F&_9xnm$RUQE_go1{i=QJrXH8Cz`39HOC<O@jj
z7ZzkmFtjWH2hXV9R}Pc9U|}9fkN>vsCB6nOY7EYzW@&psQpKXU&iDI+YFS*e>^%ss
z@rIfg(u-u*en>Ibm67oY5t5{B)?h<|1r49H>o=o*OK0E%w(ZjIuGm!xx<O`mM+n<`
z9IBKuS6U#6?Z&{_#VN37wSekf6ibrsZ`-^_r|>Xe|3Y1A80KseeAWoE&?S-&y&gYJ
z;9s8w-_Bu32zv^6d+IZp#e`B&FOTI&;z23v5<X2pY?q`7LYi`5LLByx#?OPeIhNb}
z7sAL~xj^#JeSIs)DNg{+0?cUMx(lc=r`cQsbc$J>gVi(L6HdGb=0sV6;>ga3P=C0J
z(cQ|c2MRg3gk>pOwedslStC+K<);InXV+lW8Q=y?Um=m`3R>GWZ9Wqb<ez{x_8LJ_
zAOP)b&l|jhQ68S@8VmJffMKFtyYILtc;4O}c-8_t%_-o7yGu^O0(dUJ-3vd`7zUE$
za<4{^?!-_=#-(|vC;73zwtO`MJzNy@VS!6-a%vif#WbTU5FOv)sK-^wM@&TT<HYy9
z*X@9Na4S$QO@W4(Ywc3^R)jNyn^`#`#XHG-gyyGqB}V<FJ0=)&2@TXqaca40*N^?M
z@T}*D`)?fAn7EEDgWRTPoyln*l&ua(@uz;OBPbZdLd6(sR`X5uuOwQ4mu*wrWR;2h
zL2$L<FI-x7<FYGY=T-)_Mbi?E-Y60L0{H0zqn9p#3GU9GK=08{U8}M;UA?FMa2*@`
zlHmut<GwlY{`cYGMiQSlg~a%DN5D;14zTw#9zsLyW`MwD#Si({;`kLV&L|a|y;Cf;
zx*^crl>wjKG3J@wQsYOEPtmFH&6r==P0w~Fpl+v4f`ap5q40zQz`pN6cKI78CF6+(
z|3QY3<u4oZRS*@|1=upnp(8(CofEdMfwJhCJn@m0=S^ZVh~L3G#6AEnd#;0K&St@c
zT+`2XK~kDo&Ve}L=VREB*9CBH?zO>qEay};a}Mf}zlm-xS|9eFKI@{(s<qpaYXpzG
z3#7OgNzd3fUu$#wF+&CUML^qr?>gQl3mUymMrAE};3%Wuh6UcmUrJLQrcKCifXu=I
z=-tctOZRQZVk>|I<Hl={&31hfcucN5eQbXq4b-YY1~23arqQj(+zRBVq~+T5224(t
zyh{5}^1{bt(kZ(;YR+hdQfy#0TL2&3bAEe`Yg9aDDsGDJQ4w*Yd9t0-Kf)&x-zXa&
zIsqcQhik=-%w6uvcS)dUWC(0-vKVCBz}K$r?-Wj9ffy@3^8{+|`>AXf?QY`=>DfxD
z43CUJ%}YztVW`wz3t#>&wJ6Aia8tFg2Ok(JW?2B|;ur1?3&3VLaO%=Xs7GXNq|$S~
z$@#vn&ZtLLgdqA@^|dq=*U4GZh(5Ux>`+@%Q{I{SxUI}qzq;mNBj|Zs$dECcyTOgd
zOoCr>=eITg8!iSoHZPEH-vJG5`Cb=PA4=%72qTXP3G6cUG(Fb%$Z-OWfWxzJ&f&;v
z`BM(@+BsZFtL3i17IR3>m{z1nx<~)J$o;LyAPlXx`c(C-rVq!cciS|YvZQ59Kgzf{
zBQUZ(k+!OIZ79w-A?_vXGd$*>v62>?e)+B72y%B-I{<E^D?2u0&w5J)>@%jv6W|Iq
zyr)M^t+?+_N4Wb08|+m-zP!?4hhyZW9%;@&)VZG9<`}hAKdVg9O}NbG{u-j_UTX9s
z>qF%2MUjJd%2U%7@<x$N<&1kBK2JS%?N;)+5j7f7_b67N5+0P;LpwudvQ{FKz6Wf2
zRu*>N3RlH$vVLOK2ZsIlBD=nh(b|z!-D;lEA7KIUWcj2Fh%MF@aA)*m7nlrV&w&^@
z{^6b}Tw+h8nts#>&Hb#a#kk^j5)D+PX<3MQ%@{w%Mh_I!rS+T(Mv&M`UKA6b%_7}B
zua3^xqdD7PB*gyF6J<2ZAg33RKv!q8CbnP|*;9DLa^}Uz#xhm;!Tk+^BQQa{?Ct)T
zcdZIyZ@>|@LY{W7lK-{@!iH7gERW^fIrw(OnRJJCph`7~4#8XkZWL!|u@;wp+gLm+
z+BmPBfT@V&^n=V;+h=%pMjeOU^6qI6VaAilZeQ?<N|{)q!&f3%2=(iSqET}!XUTl}
z?7@Q3j2svfCOf+j_;9T2D`4YsoY4ig00Z2l@y}()V`=5^YfNd>&%(V1D8(PME;-Hp
z@dCIY(hy_Rj1~#zMQm*M?!jZ>eG&3@e*zRXS7C7wjZuWC06$;3z!lR+ri=UppHR=i
z;vUd$gnu?BGs+ft`(3>wRHEY>ZW?3?3)tR`Ek@N*(=z><ohWiFHpqs-3w(NwW^g>9
zWW<w@(n9XcFP<0nG`+<Lb-mZ);m(nkuxCYGS9*+htVj&H=Cxpv6iM5uW?g%mSeZmA
zr4<n0XuF?9m+p|XZEGne=eep!ifTEpVZAEmyJ#YF5&f)S^uByR$vwOXO{SST6xUwG
zJ_w!=WIl0fKP44!b;`$-HqA}4`TA;h)+p8e77m}Qvx{%gUtxkMC!v@+@^wLj(sD?K
z$Yyhwq~xKjT7j7WS3$ddVDEL(t}3>p0b~`3z`-u-Ar~1UyZKAOVDyA{p}52Zcs862
z#%xw{(7ZzIOkh0w$uQ^?s)cBZdn$U4GIa2Is`52T1jQ?^1qF}t@Uj~qEV_olM3lvq
z8E<QbFDjP|{k+c=-$i^kureJ8c@5-@Vhd=Bc*1AFaLaY<;;p*X$@;w>iCZ=5ickGd
zN$d&+M%=Sq8-P%x#Ukrmz3w2@X&Ld=p75HyJ3-$PGR9SGQHhk&g8!*N^PA8`;~TZL
zph_9-yt}+!--OrsHFeWA$5~1o@)oAm3!?*QS6!L`DMZJ|6A`euPNO%knX$8IzEP6T
z^!f7w#pSJIiIJ~_#nZ8&1d?=Dk&FePJzM^+eW%6vC1saTa<?CAoh2u*2@=o=_g0eo
z8$-0@3o`o6X0p?QgFJ4z0#_zQ!nHfcqL$=1<BXsTQ<IE-aNZa6OPlsiBOJqx3!=Jj
zBovVishAW#<Oe>wCdf-oEuu|e6mWpH11N-GU4(nL1S~{V`MSqOU&+G>ApY16?ZH!y
zoaT3>sA?RY4+;q<brm*^NS)T-7Ac^DL@1`3c4!qCMP3WDONG#w8s$IB-XH>So;fZY
zrWfrMFgWpnQAUJ8h@yiDY~1E7SRrrcT~0T2gj$@=ukd4q!<Ub}j5P^U@~MMdlPsFb
zsC@j0<0kh7%b7PXJkviEK7esDt6eJ@n~CXDm2~ji_z>j=T}=@t7YBR7a@?e0-dOgQ
z<4?mV7R|9T1?{J-^2CxKO9l1g=grhj)Z++fl#XM@B%JBPWBmmmJJ%Se$;_?==XyB=
zPU6~4Xh*fOAIXkzqrL!WWH(5%ynN9K3jOwnx00ybV*2B0tsS0yjAk5e+Sf%kqN1?@
z!G_p<b|rl|FGJo3HsLA^rDcy3yzu<@%6SZra)`J+A437*w1wCX3F6%Kk{p^w1npbL
zXD}GkDcgs3NzUyg+!D!es9^A~=4bA`ADc?3PXbFPnIv6)5DxLjb&*u*HUSsq^02bI
z^1Q@+c0yi;i=<EDvBUU@F#b0if`p_@W9;okvqj#=l?5Vasy+}Gj{?GA*Kw0!g$$F!
zGZ2Dsp2(C|-2NDKbelu!yP6NuametA3OMyHQ4t?V)V40t4#bv-n5GH<d-vWE;{s)f
z_Y2j&Y8ni3^%KU=Z>%Vz<zW*gg3i=O59H?smeUV-TXPQ+&z>GzWs;*$3%EohU`$Aj
z>SK@TLMYD?mG81#B`!iel;2y7STPMPdn6_-#z-|XC8SInA6t%g@uMPabB{kt-wyoE
ztr$<DP)JQ4idG%SNJKoeyltxKS#ix=Wg^g=ak^UlM%-a;I`_PalNf7?@1wJdrBLKM
zMx1;zISM0HQR#z~5&?G@=Qo7|QCpQQw5k;jt{R%_(u>;lL}?!?AfL`=#t)?3-w1sT
z+o~^FsH8f5a@H8yC^8m1a?IV1bb>d+pmO1L?Yuo<lBS-L6G%3w9-m?)i`=TqB_A<Y
zD8{4uuT|p_GmU<&MKZjj`u3Ujm`E>`Du*x%(~wvspMrA!U2bnH#I>`T#;RK1eMtYR
z9I8|RAOON0JlA7zP?2psrw+~Zh?a=F>|hX1&D^8m%FK9i5u}hRVj*(o$tab-VNj;9
zC(1U`gQ+MGSz%v9#$519InF?mKLyIE0TQ?$^CvZ?l*09INkJ9th0t>&%uv5JMCm2_
zxJ(!Q-O>9ht*|C!5)?{}3f~^qks#gpVObv`2ER2SGQKya>{6&y1erX65L}X2kqG#1
z#>MQA&0foz#3szBTtgD^PYQZsKClqiNL6&#ezDcDM-A|8GY#z@>?aKhChd#2^}hwe
z*)ee{3Nx{;nWX#Yz;m21IDZs358qNW5ocT&3tTy-ll@ZqdOt@@e8CGIo=Fr(!bJQv
zT8@{pYLB!tpmy^fL1gaE>l4v4Wc-d*0_P)#l1Q{RS;s<;A1O8COMLX%){5WPo$GJ!
zxY=wjcF*5_<To7aC)4<K^fio}b5>%DbQ;RTuLP!kkon6`Yc3Wvb|OSzr<urpa-|u-
zzED9|hu@6prx?}S|DoHDiT=At6B9)^I4C5^n<j95uPvD#6)t$CI9A;D<+=Iv;0=qN
z6?}kea6p~z*AvAEJZ<VbcnP_nLhw1{LkV$l%b#_*5A;cKPiRZ)dG4~VllTJWF2^9j
zJf<L-f=?g?tKfl=h}VK2k?%@%){0@y!HjY5kOS>3+oRT0daD*+0^@~#x+Lbbldh*z
zaABeRSnX1iOsVhSRkIl8vx~~<^<zOL?ytj{fy4>CklK5PS^G^7G?XZ-Q!Q#y%^2<Y
zDeVS0lFLHEn1C9xYtc*87Zzrs2%{HC+k~haTh(-}^jyTJ93#!7@`-N-PC285p3aRu
zjAT9K8tFV>+}Dzf7ID5OD5Q}kpx~G~^JH=syExt`(WLXdcWdR^*Dhf8hWjY=b=X!5
zqlsxtvZIvD-sB~cs_spOwSg`k6i{9!OY1c)XdLrL*(>)BD$F0mzOHzen1Z)G0xv$c
z|J7C4|72N9o-48A$l7AOEL0g<MUkdC5b_`VxVf`2K&QZlW4zIRQy{42yj(z>-$(9?
zGM4t)P{J%sl<);^)A*w#c7Jd^{?!amKpuJcx?L{W(O#k&J`Gn6S3wltcYK#MI~}dD
z=^5i<k$)8D0Lk(@yA(lV)Ute^0;zoXqSd*qGIdB;HCOb9U1~{bEkq=UF=mDQ4ufe-
zYEwO999hnB(r~rd=jhl#T<7BinOv<Mh?zqpZgIOFb05!`y}!F!q9kl3f1zpe!e$!p
zWr$r+-%E*L4f|WB*98Zv3(>eE*B$_NPdi2Eu@&$+9YQnE*oR=-C3WnQtD(<TX<n3d
zgcoQjYrgf8Cs0ks-hMnbwM_?ZF$#n4c%0kbnSSoLc`}%)utgqINCj-VTT--L9P(2l
z(_X%j$kURtCrF4QZdZ)7!dzz^g0&jUR3ld2qKxoXp%m-r3dC@~wjONgsybC2lya|i
z(eghKoso~0z456ly{NEDC196&-247cSdL5JmXH1cm?mvyewYP;D=Fb*VNc}i&m`ol
z5UZbJV(|}V-+HVpxoJ@{!w7vFy8fxAEl;F1(-3F{v9vGks>WC&D!gmZUX?9e6T+-f
z;J2!KrC^j#9UYQAV;P*2%be4f-h*ID*(<MQpXJg2q`IzwJ(*cKPdQ4PuS6Y#dsQ_9
zMsm)`l%;<}^|_vRUg82%Po%t71mv5&w1~iuuYBNM;c->gYKPcEsYMhvwlHEP7AfY_
ztEWDnqV`6l{}Dx&ZG|giIjwTsLfp0cHnFK(!G3wy7ol_wBtDvQ<!+PrJ|Xg{VsA>`
z7-cmm%dg3%cy>dy&#1Vk0-Myd_&kA+RduUjHDyG6$y-%d=|Ly=4W#~J#8=0MileAw
z7(`hf1>owyIrXor0}0}0eU>%T*~02<`gvr=8J3|2^=NnkYnD;+k1fm=HkGP5tQx<G
zI-{)fE&S^0(cB<*zAP7JKSpN&jWbKanuZ!!Cd3XX0s&mM5HBiuU_nAS^@vXS_-cd<
zMI=Rjn7y)wwVyVN<WdP{h4^E5T+WF{NfHDisH@wofn`Vr`FwAZ3qQ#~=sSbVJiTvn
z-AIl5R`@=a7~+^M@>NzdskDGliA(q>_-4}UZN-dY{tc5bm0+&oV%Zc4GnT%`LI(1i
z9H<h;pVZGm^KE93S2<VB#}guM7X+tj9qCwV_{cO&GF?Mo_8#*4gn?cjp#%hLcRo|_
zm+?0B6<d_8!$DOe^T0;h$eB8Nm+0}hk-b#Mxdpl_e<w}z;s^|JQGBXk{~3PYV2E9P
z=taaB41`m`(Ii+K5ureP^(y_ETk(1=Fd>Cj%~8%Ln+U&on^#EjcUvvIZ>05brN~6d
z?;i#I(Ms=;QP#MKxpDKxY$ZQB&sNf?vRls}_px8^%HZ@UkR3^qS&I;<ME-l~lF*>q
zEqnQL`oWDoYJxXne3W6-;A`(JWA-LekQ{YdClTK3aAqVe2~MN>iT$&;{NfrMvKHcZ
z@Mr2SAdbAb%?0#4uY2DH+AFccjipHD&fx~LW}d6&oiNhn9T!MuS20>=vQmv=1zME+
z&Iwr$cbYRL&UruA`o5UH$V-CSbGT5MmNqVbUfz{1+5}w@HcZgQd0^8OIXyA5dPY9G
zy9FfbMuswi^vb7PGd_NwVy=H}US!@dPH`nndQ$wflDOL8tQI*X=VKW-MS+^f-8Sq)
zdyv=xXH7%w^Isp4iaV4R{EDOsJ-+3LDWjCX;k(m{Pf2W$l0;H+$1%#EMo1_lJJNbn
zaUBTR`L1+U0f(px=B$Q?Ih2_tGYr=u_x>wmdP~%`o^CJ9SfK9iyJTx7w*0)(Tnc~O
zT=@ryz2rIv<z@TtT*UT4WJ7tyBqErS1!yq^1o?p@z#6A)3lb);Ny?&Ut=Tl_1{eWH
zl>liVPtBYJQqd?lFTPaN^2g`1^}HWiSuXowljVP}D8_jw5nK5?pR8X=X@4ZwTB0Dm
z&zB`3lG7?UMi4)JEtj1g_Kscq=2X>0`04NE*VLK~qmHa&&Y=kdV?kD^w?ZewNAF5&
za&hfKa}=X4o-D;lapUTbB*e9g3v6t%uW3@lsKfG&X541ZL^eM&33SDO<t}oZ6}bLt
zc-XPfJ#ay2a*z`4byxzg^#pdlt+-X`zVn?)8Lercea(4x!D9t-GjHh(QgNQ6x`;~+
znfU^vwdB}M`oap*Ml^!b)~*J&sk1NX>{o&I<`qVo6?V%t<dk}|<xkuld>M~j{e4$D
z3Xg}nUZZvxqhCWCFZ^EozNRv&IftdkeG;*{qKOm7B57$C8U>W1<5CLh@@K*0Jl|?Q
ztZWx4Y?*2EO&156<hRJYT%MK-?0&IsTX4;spru>FkyJ`Sd;D3V=%MqzOS!nPxHkq@
zCK@O215Lrj+7f;d>vl!hi_$F&ioRy@P-5!A%nxi3X{O!}IlU+ajcZJJ6Gq|=p~B*t
zzZX<kl?UO@4u-dEH@U|J7we2_flpXzPG4q~XSdMRJ#6Kz7V@yLs01bF&B}E~VE6G$
zXq~Bxfa%Dk^4pq8Qa>{LWOm5<ii=p$s^Ar-Md5anPA@<fc>r4i$YRsj%@^jbvGRZS
z&cT0;q9TX-JV>T#B~LTkUsIWl+03zP=l5l<*tva3fX_a|HiF!Hn-FB{FD(GSh3ll$
zo<ch&aoT}pIKNMB6}HR6Z>?sQ;b%w?e5=_Z{djAsb+r4o1yy!#75;hW^a!*_IB?7~
zunik4`!`+e>dMIlXrfBw<l?QIa-(qR`Z2rgjGOtbcGNFBmz^w0DfKj_kgj(TOja*Y
z5WD@9*N8)j{ier;k#P^h$nDUb?UTs9lCD68m+VJ~!-|sgY79SqQ5gy>tUS(C3Ue^~
zsFuI|txFI2gl*0>gKmPL594eWWk#;~d~2lJb&j$kXdBkqp|6v{^t)`V(8!8=FNRDN
z5%o}}F+bmG@Or|omP8GgizVo2EzNGa1nR0+D9?4bcQWnA>0g)@a5Dc`u;!aa2*gLe
z-j(J|9fVR(#1eVIJ$M+)38R#Fs#4}GXL}Aj(^S;1Qw<naJQkQSQWNB6rxVLr9{3W=
z72@BS;!p9|T#8U{EF@a6$-|Yq|CcG4*7Th9V%FAuQ>1tyzdA>}?{P(wCd-;v+Ye#h
ziv!@_rz4*$bw)_rOLl2)KG9sR9r}i<hp`Qlskpb0uH`QmEN8^Spr8Fd(%@YWAsCy4
z0}5G&!S^ZfUqDCFE-g7*Ncpsr{VVzQ54KC;0ec)Wjl-4oH5KzMf0`Rc7*1TDYlT~E
z%JBE+qL@yd^j~W}|Ix&k5y7N{<Gt5K2Ah);I1(9}D-Lg2G5!g#&KnP9zhUg^BmE7$
z{I4&Tb_fK<$b%sae~U&#KOV&n!_N}SZu9=1$=MlU+1S{MhSV8-lm3}t-tOOm`4}1-
zoBs!6_J5yChVkFDHz9!@F!F!#yZ-w>#bO@;8Xk?+Km7Ijun-qY5V%xKZ6ihkeSQk)
zM*eo_^us?el|bBWRBz=ss&m*=>!&)Mg4(1+z4L+|0tzR@41dcsjUYOlU!?sO^$FOc
zsb<!S!m&a3pTB)Z-nSUQ?*w>f7_966KecCnepQ<2zqy9r1j8c#*(8AR>N5x<SN%uC
z#Lv9X5r6{%3}Nm+`Z$FJEKo=ITGCi-{=b!Te|>ujs5;vl%H>N!{@;o5->DU8Rfzvm
z_s1~X9sjdAh6xKAjzXK%NW268jJ!Dw_nv`)y0VIa6wncYxd@d;)ueC;q1m?>s$VRf
zF7~GCp)>?VfCYO+*bno!ue2Aj2|$Y;8|_bDCEcdI+5fjK#~T5u0N#4i*WtAmJHLt)
z`wg#RthY~9wJ`Tv-BaB{*B&868Nq^$44`cZ@h{T5|Lj74jhi_lm3GUl>3Go=@^g3X
z-*Q-Mv)=39kN)~PK*R@H-v&_VN!oC=Cwv@uL}ie@bZzmS?<;qm1e0083HEqZQe<_^
zZ@bQp(-Zk|w&%mW1HkQ8+0Ig2_shXnN;k;Noh1SdHh`k$>x50_Q|}vrJFqzvbb1y-
zB;dcg4-Na<ZF~Ie^ah&3G`nYQWw#6bk7A5s4e<$}wxpl}odKzIQH=*{vD!6YECzFL
zN<HuTPw74wVr$xk-vKnazL8uaP6yiI-UB9o_x62JZ#`1SAs|MRcsI=lt?%xe_(d?w
ze9x~NfI8A8V@n_pLd_$U>TL}A52m|A2+SJy8_Zavl@ZLN;Gpo?&hK;|D3Vk^aRE@e
z8K{vf&kmD|r)egcxZUpL5Y*%K0U**GP+Zv@a8vG+>>ip=1~_tVn(L@betu7Wy7gx>
zf8-S$&8s^d@KH9dX0FNk#2gqIR|Biw@lj>@h2yM9sS4oj{9^#*cUC<Qup2#~mg+Cn
z)X;D?*(Ii=EUb$lCit^iyhHG+v6xW<MoEB)5gXOJgqU8NwHZMJ_j(ag^ouKq?qos7
zXp^Udg=ky0-Z{|zHYT$z17VUggCX}Iy>buOqgDaXcs7Pg^&<e7s{s};4z&-AWW5IA
zeN*6#p-c6<-vQ2rd-n~<TCE15dmEOqmnTqnH{cCzD$RN1>zT~uTJs^U8DRfSVFh*|
zL6ZZI(O72RdFdBu@LNLD7VkcPW<P5m03aa;Kus+U7u#!qg|#cphZ_Jsnpc}m)IhC~
zFQmOKM#&@-^ntxwEEh;KBYUn!aDsl%-|Y?vA~}Ii-nkZ-DU++eDHpUsfyHBhk?dpL
zuUnBQwSJLI@qA9ZP>Gu7Q7&H{0P#nkN#xVK{o)Sj6!$GOJ#1U}iA6uRlKScYn$J4&
z<T8`zy1LU2P>O&Bh?;A8U<EFRg|eCc&BuL|H9+7y1*S;cx$^VjUaMo9X~ZA+DiIbx
zLE9cToyDIm@qd;O9tTWtDHQC#mp%~hV;oO*#B9#8d7}v$Gm&Jkt?2HA{JI{k0{zWl
zO7gKN7ogpU3F06)E3PX0HB195iruOaseap+5K|_G2Dxmp@p@aMhYR4P7RRYXng^uz
zgQu^jth)&;ZZD6V2gU-xBAl{p+*{}J%;eB^-D5g{`Zp?<T3R)q#f+6|FSs6z7pqSI
zx&7vd1wc><OQ*wxfgXPkB(3#gM0{N8@MAU`r<wuN?N(QWz&`2@aCfvm5il4ArOuHM
zIq%Qb1A<0%n8JQx*Y=#_!dz5tpB)ru1A)8YjoLmh`WRZxCLXnahIx!|kR%?$f=3K9
zC!e5CRO;faQv}=sWMcCXaT*Rfnq7b+^)#4kJ6w0s_fTg)ZO<M&?MQw`Q3tTv6Ect~
z5`2!O9FmZ-;17U%@#e|z)i7Y#d}FhIVXgvfh?7CUD|f}`akeW!8bY#nPlEevJ7>m%
z^|N?IR<k#{9(h=3EcP`k>pphc7UYfw<ZGU<gz{W_BwTC0az70x0E80<;MYC<<vFp0
z#Rme~Bl#TeWvIV1F?YUp;l0HuV?0Y%W^Y69baX-&o<*+k$ZywbRi^c{_fV5T?&L1L
zW$r@hJFr-8KJ<O%B^^?Yv1A+doM0+QEih&Q50Vn9lg)hua79z#sPUyg#^TQmGbe#t
zoy}^EU}O_Fh|!17f>u1daDcM3(M&Z~FGo%j$Ig_S;!@C?sGw^{ijYT4@@yz5DCiST
zX~<_^ML&+1NeFu^><HjUyo#w7kELm;%pb_~h1gg5<m<h)(sF(vOXz6WwgReRXTz7`
zm?dh}1<y99__9G7st4IQ5RvZt>Dnuh{@BK`kHe5;s5OwKZDY6JzU0J&Rr**gI0qcH
zu8-f5RKp`zNfJB&vuH~hEoaP~CLOhJ$}{?qu(7Fm^U7aMkMKi2G&!KM8_z()TG5uU
zVDU&{B;9_eC6L)tNCd%8p|LK0t}0Q~9kGAaH;Us9GG_16k_{0|ZT!emdK$GJyEf!v
zPHXZ*Q+fAKIG~kwvmG$Qyl$`3?|vJVN_LrNDVLm10eid;JQ$xwaN~76*}P^96q?Ac
zc$eS>zyBW^951K;dGA$jq0^qwwvPos9Jx^{V{XFH3lP1&BAxXRhhEmCPn$rTv8=_y
z<1w?vp2v|%C2b<-y8~aCV+(O1b9MlhyN~Am{Au4A&9PS{Z^@p}7FVR1-`hXrU>fzA
zjK5IhD`U=Yf78r+u<;EEM6|>n7JV4OE&Odmfy7m8HwqtY_LMv(Q|Q}^mV^9rJ79wE
zHou)%sO>r;$#NyCoIn@&XQwYadj30Z`h~jr60L;Zxy5wV+wgDt!Sj%Iu?%oA!1n^|
zu4%_FB%4q0n9bv=O~?AaHBINBg}`Y!+vsjRX9a=oyWmVYS&AjyFCc!&{#}fZKt8Yn
zxQ+v}eV4$7OyJb9{V*CB{iso=9d@C9OyEN*(~R2HhpMp+JBfv2Uk~SHEs&L(v*1hk
zX}Schoc&&{brZPWTo73K1qZ8Xuojnvl=5@;3$U67PL!C*O`5EI<I~Y2OWQ<jaKs{%
zPAMrcVk(O*F@g1OvOdd2-}AhgS#aaZIAP)wxv+u~0JHFmOUc?52_JMbLdd*~(IrzZ
z3PKs3$@f{g9xFVB8Z5UE%5af}hTEl}0^?A6XD8z{SyZE9mViHF1WL0m3<|Lux^jzL
ze8wqdjBuv-i+H1ya=>Vck2x3`W<M@b1hLEBV`QTweAUQn78&Ozbdsacjq9$9hoCgj
zGu8b(o`(h>LsDc-bi8Er2)svD?NTx2jw)YOXJWIDb`AZPdDMjtMSbbLV+kr0d~9<z
zo6}hC;(G>~t<%j=<^y(-G}{^`4?KjL^5CzkmzNLG_$Pkoytmwn6R6x|;6`DZmi+N<
z&F4X;@HHdYD5G;TbAz`pO*mo*Vf<`k=-yd3fg&rVoKw>PBEe{@mYy?RZ5FHLy%QRN
zy$DX*U7mdTLbQBCJ@LsoaM<nwTyS8H+)HR@FGr6&)ve;$9H-t7l!IzYFJ-OXV_dW~
zB@eaQ50y=wRzfD?qQh$6+kqr_!$?SccZ@v)n8X@RV!7@?ia@=wA~3bh8#n=pVVu!$
z{)j%Qf?#|s1i}$5K&@6En`QiH=!V=;<R>1gsNW}-p*hHBMHb^$3HxgJJ#W&&)<}Zf
zvmXL#M5q?x8&j{-l~b^AjYra!f3YlpGDp?tKi<_Usm$oP?)>OaX%du~RX<8A#j{sy
zQ<O_A1oDZ40l0P_P3fvxFlGXDQ?(+iDXVFxrN%aNwlOF*Dm&;3Q$f!`@~&%B(6riJ
z(Z3@~z`4Mx<k(oQl1%<xM?9SNAEvHXaOmeGyj4b0O0d&q7oUq6H2=%&JPID>*QMg7
zcJafz8Jm7;3&2d`)+pufpHb$|fD@<Uf_?lHjnTQ%68L9xyOpyCLk!lwvw%b06|l%y
z(49%|DMqc|$$u$Yl%*t6oG(XuC>W?T<TpF7mRN}QRdZJoExH}Y8BRz*s>O%f29;I9
z_@n56v~kLaeB070V8EF|u9-~Cr<`mW&#z^YI1a1WQ}!E18gK%KvVWItukJ{DhiN@`
z=90R%5QJMT{{&c28!l^o49XacfSeKiMmrmR#e1t|1P&?Q@Y#0rcB)Q#3NTIN<WZ0Y
zD@=mujFFEt*{Bm#yM}7D>O)Ves6ICdVO|sb$Gv1SjMuvAnZS%xegJnA*;c+}4h5we
znLaqSTQuu*5t(P-@F|BIF<MIl(-THKI-NHEr@}QPX3E=P#vDvGUk~ui_H_I-0qNm!
z3DJ9n)4IBgZP$W@w<FbkD^9?n<os?>e{ZqNrYBSRYRgSC)z{E3U1@U%ly)>U>NS6+
zL0LF@Setspn^L-^p~moAl{ypz1rk`b0J5U30@YT?YfM-bvr*AUP#=ByfyH9c2{l}U
zu^<z_hzQ;{;R2jvx=Ivpi#e)5IP%&H0W)1OOxXarrAQ_p)_9Xt-#5ia`2)or+?3Sz
zGNeVOa|Xo$g;G0E@~L<XRXJc<4mf(tBc3Ic7cG1qKZ&BCDi_ZA)Q2Q+*MUrX*$(53
zVpdEBoaTqejG}cxw#nJ@C*bOJ$6fp@zf~u{gll_`Tvr9-*}vFD3eSvTC6`^Q8)C7@
zq#{|r_E%}mfRlV%V8G-~Ywm`eqtrc~(-LH8sCinEaY!v)D7?zoG9Ate4BbrQ>i|2N
zOGwW*?d59tUySrw0950)y8kmoU{|{pN@JZ47^<1mew%pUTHxsbjyE-M2)VUdg8&qd
zj8CU^`UeMfD`*Q^w}YPdE96%N+Bkx%b+!@JluW9u@%fr=?N6{Lf%ovvcb#fHCKwfy
zHKXH2MQ!zd6cd|_>0-cUq?1$$F?-q_Ef5(w7OFV8d8h?jo1u~a@Ry;z%soOEHId41
zIn#UuHlyCvQ4*uvhzc=F9ZQQ3q*A~{k@pB4=X464Lub%l*KS1esJUJH#b%N>VX7tD
zFqf2f3jfJRKjO5f0dQJ~rQb~;dSgT5*J85rPnC8!$BNZi8rb$OApV&dW~{PHQB1sH
ztjO%U6NSD;YXk$zUySUl0Lv@Q96{80j0+ES1z$Nrzx&CvfI4`q0wW*Xxs#2-i!0N)
z|0L*x59htgy^kjwDfpF3%7rw{GA76UWJ{gQOqs0FMUqh|RaFnoRABqoZaS39^}Omi
zvG65gk7=Plg&a|;cZ|SBK5g-RS%yLO_Ju#E)1Ui!nm!_CKpvhlKikJVY9e`8{>Wbt
z$vx7o_rMdB)>?TwHTs7(vTl|;?o%k<@5S59UTpzx&*KGa4QFcd(W>2BmlceH^BF_Z
zxshsd_@jKG42Yo7&2GKnXTg_+n%Y^&d3DU-46{v(^Tz6RJ0%?83>DaqW{`>jOVqk$
zL9OJ(?Wr{XBKV&FtY#`m(f7JZ%}%o4>GBC`Wy}BOtokWptXzPq`upCNmE{N*NewMo
zd$h&w<I78w|0#ZX+YzIp>hP!oedhqfb;Rl`hI6&R8Unb7V*Xg=_4=)jW0UmQ3yC*P
zBo>X?=2Qjmd?wCKobvy4JpYee(2%y}@(s?PcEIEp1Wcht>YjSODz3{#pOGBw;b$8;
zt{EXBo073Fy7|()pZ~j=*&_XflIi=O@%=x)(Lnlj{DtIHY!Kv+u1f|TmQV24L6Ti4
zr5O7aVtqQw6#+K&V}7eB`2Rg@|9dCP3rYGlLT)b&N$cIv$uJu;j~8=-aDkq^M#0^X
z4biEv$syrC=!E5!!DV=x&I*ytv|74WoY_oRh0ZiPXwpcfN`Aycs@*vjbMe-0RSwLC
zxK%$(XF;@K{wJ23SOL86pDQb)*V2~O?I_Hi@mtQ8r|{cYI6M}uf3r6&MsrZcQM!qD
z+{?v`UvsZ`6S>z9wNaH^{4Vn668~rH|FmNMV=%#RBV?F-EMKX4x@3QqP|fTzVADT<
z^>HGZ0N-(CKvII|$QIoYBcci=);N}osmL%o>{{E%->swGb5E6ArrTl=>O>jrz0CDT
z81v_L^5@n3M`Nta8XW=Fv@Suzi-od#z}fXH*To%Y;X;MKqN8q@__R{PPi!e|-N!Xn
z`atzJ?R-^oavE${e0<O2x&iZA(fZ*iU6s#V<q;MZ2lMXN$+B9NH|JWA;5ik&-DW|(
zgCXPlcRxgf2*l~mOY-t2VJOGo#jXyF_6?mIcjxyB9BrParqbNZH^n=ja9dej{Bqm4
zNR-R4%&(D5VwFv=#l#sQc@2Xo$_on#`waKr{^=FNm!|SNd+fW(hgDL}lY)unSInA4
z?l{il1-dCyGq<MLY}>hkORFLQ-%lP4>JvtWOT<1}y@kQyt2-+lw~;3K+rI!lkoFuA
z6S+Y_GwFrUd{P?++r>g)C<?L}4WnzF;f;`|VtA|r(K}nM0nd@A7J9DeDJO3j<872?
z@8wL8nx98M{LLf$>l-k<@oMT(FU--p-Tv~4zw}A&PPWbcy>?Zw#g`0A#PV9X$K;?*
zvbio6#!2I~&cEmd^Egpl-aO#H4$Qxw%lHLc&bi00@BAf9<L$*qamA7=7OP3RYXi1f
zRA(NqI6OX5F-#PpKD)vne9)sge7|f<1IIA&IlywyvWO=;+Dr#D60ltQ+vzo7e+9RV
zySuQ|l1&l*%}b%1Ly(|8mO^yZ*lAP8AdG*J<13<FsO<W{W~@-h(IOlWrmk1pW|JQ0
zxJB<cY2I7k0b}-4`%~U_vYI^$QX`upJLUO{iEu1Wa;c=e-|8qm?tk+Kq0=O7?K#B@
z57kH(wc;Lix26(Gx7*J0^ugp;8=Rj#(eT!~W|3KT@Le3@iOnN0?0E>;xZM~{-JI+v
zLzim!GCSvJ-SN@f>{M{dc9xHvG|vn}*ZgL(_Sf;l<Rg1yc~Ynq8s~sK#BUy=ArbN4
zr{ljz9n9ARdank-nY<mcAx7fkaYZuMd~%-mj7b-p*y#c^T_<?CRCq5^9mjW<>ZEZq
z4qmy^Vm?_IqjBdrt-o$QY@A2-H>=UEdhJ=CJWANXywdlLN)x}MzRq0f_SX~7@&C3M
z{`%|C4^(NueqfYT4x1aa%w1WVcdS3jq&T*@ZCv8<@8-EJ(HM{8euq8a9NB1-(pv4X
z*H+5Eph0j}ZhliSGb-DZTCAMTBHn57Pe%Sbq{sEd=1KK@6H_8v=+w06z#7edhL^U#
z2W>C~tD6js+et93d!jV4IRjB5z2H1)$xD3UiTzv&$Bpea%DRZ56j&k_rm`RHwFAo_
zeSpr+Hrbbx;{QC%|Nj!IQh`Ot--<>K(l}>Fw+cOYaPD3C(yYANHP7;`*>xkCv}8%W
z06jg`ai88wW1@ESC@KcaMGs-aF0I2AMEhX6P|_Wj{mlx3?mfSQ5cR*yCG>izWjKme
zsskCO6dQW&`PPH#X1RXAp~--FY}l{w%x_~qb(VbF7~l96*vNL{v^uzSoOH=SaiL|t
zx-#ie&%VHFH?`b(bvG#mKB8joX#Nm&Dt85X6?wlCm)3zL%inHyzxffndb+ETXqSy$
z6dUlHoS&{W*+0c^kl37Z9w?g}^Fi*?@|}4+5!YIlKq??XT*N@w+AF68x5Ta7irvY1
zvHM<xUE@5tW*zm2<$~vf5c?-?<SWfgme5YrfAXU1F(}Z53XQ3}O)%XBge87Oxq>xD
z^pin+QXed0&dOTE)b*xM9Cjtojc8{*!t;gZB~;;bj&-J*Mun0uP;ldWHS6LdGt9nk
zcASd2YKYI&SYWwOdL7sOlShA#Fscl<USNsG$c{g(w}1QO&G~+d{td<Gefb6d)u|00
zy|mQm-KW({Z>mw}hkym_EX79oEp}*kd2`)VH$fVfI=F3<UavE)U7#cG;GL(J-R^Jh
zQ<WOmxJErohd{EwnQ&@!UelYuo+!)2iX5aR@isaNZ)Pttbb7u+_e6e2S#CRwd*Wv{
zPl!?S3tzptKWV9<R>VjSi6t^_rhtOmHvb$u28A!ZHtx#}B+d)r^|6C`miXqhbNg3i
zCc8^zS<L-vrNOVxzg~NZ!Eu9FsIo4IxI*8$HKM2vI|Q2J*9pz<0TL*D&|Y96P+!g`
z{omP=@YpL5gWNw|Ai!TLnca_VJ+H|_L$AgeG?0(ttAGjXQmnQ|Z!zD*JAb001Gb8@
z(b}S`KR<6g1s9>Bb`m0}hL^*JJ<s~J@rWx{CDw&~dqbuvgvRWgP_>E1s;K#tNBk#;
zIu6(FH*cS!5j^30jWFghsS?dCT%?e(udVniFW)xjat7_x3tMF@HNqLvK^?n^k8P$_
z3xAx{5`A$w+s1+-9NrnR8a5y50BC|VJewcVw%G2|Nfdw|G59km8C)M}&1<F%b%A;k
z35a<-?^PUDKzI#^hTOC2Bug}hpz+)u(z%?DGJFvZ!g-Dc!X@K!trl9AK=4ejQuxCC
zMC&~k@bK(+8bGG0OIv(u3_@0yD*9=V?aBsOSAxobOeX-OS~7EjSk0?r#|3xCmRo=q
z;TaLEJ!>F>L6pFNxgQ6Y$hk{3Aph$Wqb!bEcmUW(C%BY>%G#>63<Q4$fRK|nML_Je
z1hAx@R9g`LiC|V#E=*N9ZCdE(gT_wL1n`8b70W2{M++c!I{^G#^J|O?7%1|!T)3FV
z0SV)6Mhtq%K!)#rI&}1M1@!6>wcTVVy$D$>HQde@<MSt_*tfF0TZizhn&{1e-`~;H
z28h6-8Q5<Di^c1uH*fYvCn5%!Z{;92M-j-0S_0C_Z-W5<02AZA{9fSBoyDVii?4vn
z`vV?y!~+h&UD+38`~+CkOp)D!{2sK^570DC(}FL~6=w>XdEpE#_t!hRi)~)0CDA+c
zKvUHT9u5a2?v><kUxCcMmm%!idHKUz0akTO{#U1iJP(|^pxLjR8O)3XM7YX2?`!@n
zA>QCi^}x=;P7kV|@6{6zhkC62Ozd}quT44>L_{7GPBfUtydn_Csu{4>RHf2ch7L7h
zA;u8cpL9?yat9O_BRLzSihf^t4e~`olbJY=BIZE8q%Ke?%Puy9eq0CJMiPdRZthBx
z?K5=8=k_4w4!yx{3j)~69p*80!8%Q=5#s(p-^cm2H|lK-fQJ}0K*Z@12z(4ohNj9g
zwdA^ese>YZI*S0zD_;WGDhg;X3$X$asuO$wYxC1Rh>;C^{0QL(cvLqpgrw~w=-0%7
z5&RDNc+4$0_#BI$A0OX<{E}}S)cl8$(%dhf4qtMtHj)O`yJ^pYWTJ8u9}ARSYmGvQ
z&j+m_;H`Ky4L@7A@B=UGh}5HS$7K8Qz(E{<#<|sjp+|nV_A&s`Lc+g)8niwz0e)J4
zcrwUTndj_(1)2pIPBGgPrP^-HM8GW!j)X4rdEU+ywBPg$;561a+-^=zfEBlVu>_Q0
zIOqYT;Mu-pOmB3`W(t2l7`;AT;kX2i<!=jnK?J{Zg*NrQod8GQU?<-S50~-*%ufPO
zGhDe>dSs`WSDKALthszMq3xMm`nBa0v;^@zuD5dCaPd&~-^1JhL3K~=!<Mw?S8sZE
z*Oa?>-(v7Y&?4QC5SA^y%3DdzGAO4zf`GqVW+t;AUsrTsq*l$<<T6w@Gvjcu6y=7<
zZc~H%qgeg<>fp=L+*6_F&xO)ir2D`bl$MW><g^^<rHrf6pRxh^)}iwTPFaLNXuJd_
zdOx8<W6Y!UN+qC#qL|iCzXgKI;Es->$^qOb8iJsM>`azO>ITqadXyIoRfq>=K(*a1
z<;IsYi)L?)G6N*PD=3z}b46T0jCV8%jamh0Tn)vx92#-gi;vHJN@qp3O+jEFuZ9{}
zav6_)rR`|g{=!-Zn+x4Wk}dpp{-r>S#pfBYdVLV-%3-Zso9rT?@w(RNfd^q9&A@pU
zgxU64@pzMBV8sI!<`P|Y37QaHq>}?iC|LUQ2fa>zRAi7+E8b=si|_>Gi|OABI>{cn
zRs4M4zdACRhVQ)(1jH%QM!dJrJTC=Mr2A|U39m-;p#vNjkMJ7z9terQ@GnwTuJR+T
z2OY?gZM^V|wJDlCA>yaU@Z$kD__A(7SHYq110%B0*V7-BwVVxtkc6V%`iiEcdR#Ov
zeD6WIIcW7f-OlC-WTD5f{o)^y!7MXq<#CeuJ6AgO)3izM_ZFj~s`FHHu2bFqV20Oe
z+~<>e))2e$iz6@)FK0w=0wshvhDmlzw^tI-yW>TBNleMOJAKPTfP$MwDle!0OMNz(
z)=IJXX-NnH#}C)fjwiFWg9N4MN`hi~74qfJWzB%Tno1?)2}~*iH_B~E{d&TE3zmSb
z_P=M5DXe|4kYhr#q!V{7nN@`>oAhk@3K_JTM0m9^eo(Bxy2WB_r{a>5uu%||%C1cA
zW=o)?+_+8gf}D-=bX=%M54@mEbQJ)Q!V>XrO&SDCkrFhxpHGo<f|Hg0C*iyi5|XMI
z(+mpla6W04>3G}{kbTRK>l!B7vs5Zc62@U5g`dSm$SOO)({Jq(50Le*FA;*w!W>x%
zL*b)7%2NEwC2NUp&nbi0U~k%`%tJ;JU(Ai{73j*Al>SVYQ&`fltw8?KMi}I*9d9`y
zqu=j=E+dk!GC2x<By-g<Tnd=vJz?#2Ab+u?NZINNm-7t_qJqF8*hCNkhOh1BpwItu
z5c91dgH{vDB6dJkR%H-H+h;C}`3QQL5F^Sr__y~Lt)V_!X2sP??7NN7Ga=slk+}5l
zr$5gh*MEA$Mbtx9c<NRM_I;5f$TN*Ml1m1CzB*(?7|)Stb-UC!9aP7k9w>IaC#E=Q
zmU<b3p{nbL)d7~!%kLjjL|!uJd?0EHK`bBaVkbL5_aZZ!a#;u20TnAK5-&2i5K1{K
z4T4)}mLj(LxewbOUwK$)uDqDKjytTiqS1Jto~x?%*_c+sGAGpyggvi!3)KApXrrMt
zK`mlw(C_9EDGs6VbEq){j}P%{;#tF+d(36$<OLowH={j}>Kux(cND_C<ck4oZ}R8v
zuRvDj8tU8;$(H`YD|P}hfih5BtB#>rxv}8iRn=gsdKE)NwA!b6aXPW|Beo@2HGiXb
zmc4a!4pTT)IlcC6k6JF+GqGUC1vBMi;a7SNK`yy(iDsklb1(OC8zBjunj$3vujMk|
zsCQD7^W@S;C`9MqM#Mk{9&{fj_YcUx7uI6mL8+_If+TCeL*n>;H3%Ry10sRJZ0Xyj
zRxsh@Avzz0>JNO(*&katq0puIKKiMXsKf#T|AYfnZCp&3C3@~m@K2b)CTET42GYm8
z4*O7aR<62qxCY}UQ-Kct6W}fctcJ%7NU+LuC_!|yqKL%kCI=ai2=x>G^@0N*4St^5
zXxpte8lmKR^*-DXfE=NB&Ka`0oXF+A&obySVw|=3<MidwFuVebcwYv+Z#v|aJnMQ~
z@43lS;ZHlLhOcLmX6_4rY_LPLYo`g`CZl17bO0K`@Y~~qFGW$`ZC_ex2u_QwyvT0>
zY0%{8q`8`n4o3v^v7aU-l1P@Z2s?2isn|TrkMO#`S!0yM%S<B7NF;dxR6GZg)BCM0
z+2iTAofX_KqkcM}6QzIZfwob-<?j*>{6W8pdtHaxXpsc9j)^Yc+)7pZTkYeRoM>D-
zT+(3Iuubtfdf<Q8+D57$Yx+31r4xT4r*~jbu^u@jKfQi2`>(5*FWjae{iAMkIrtem
z{x3Obs_aZRS!QF;(-_!*jfk6J%{Kw_=sp3~yrLmQU#?0oc_)hP4D)f;A1>{^a)j(9
zc0c2}f}byM1Dx{PQWj#gXr1A1xCmjOZW%)Tmm>ke07p=Je!aOThCyT`fa!>MPn0=%
zsHUPHF7z>uD}-pbVn17n0H#R{in4wtNA_{XS@3fzq@#dt(ZM305y;)NpGQDCA7ht4
zDy17Im&Tx)cRTsTs{6zX<{901uKrbEl_0{|AwT0{V>l@pMgO7;Q2OJRwvR(QQEBlQ
zIuMkUqNW!rI$myO&N=C?E<i=gl*6=og)Tiua@}%!+)uB;0K50Dun3}k6{$G6coW|c
zu|)l|LMDGdDrKG$Y}l(Y3>`}30#(^1{^J3^zsY<vVxZFP@p$VMZ)+0_NL(Sgxv5RS
zsi2#J11KfGX#J#WJqE;&?|~mUTTk$W8A~yHVRhp;op?_0#W1M_4YUL|+bI(lWF-Hm
z6X$gdx8Cb#$(?@zyVN9NyKIgqu&YT;zB!PrUh6n9>(Vlr%w{#WdZw-cSI#mz{$Wm1
z_e-bCDf1K6ov6=nVi2A2caKe+baW_-tK@VD1laL$=3AVcXqr!ltrtAsVd%`wLy2RC
zf*RQvA8=D#eY-Q{QKZ@Ti(-ADS@QJHW>B0U5aj-GAtx$+Hinx7G~)DXIYRy@GJ5VY
zA(eOR5xsHr67HZ#bI@8{!%0>)v>xFOa!nzS`4afA*NO<!5p{eRAR_#}#q%Ynm|1SN
z-9jPxXD2B^q^7iyo!<h_nA~j75PrS&DnLBk{qj`a#bGrbHXOD*W<z{jWVL!!PW(yC
z<97AfR#`ahVdod$Prkxfakik-MRem5%5z65xKsWF?TeqU;ihY?UQM(>89*6MeFj6N
z&{5aBT)EaD(`wF76=7?#jpPFKD0+?e{me(2QkZ_HcZtVQt|B-;I+?~KUqzPPtQ8Hj
zK7M1$mg$*z-Qa6wh*)qv`qalxlhc-=_lvO-m7ZTNZL9Vaw^I!PXCZ?LVrB@omJ<<G
z?W~RU6-<}9NB5;gre~`ajUc1hi^_Sc>pcNpLp&IK;rxd|9ORuR*wV`bDKmd{d2-M%
z^$z?50tT3#i{)gEo6mu6*iy8f5`ufI@vHk-40q>p_d$=j{+M=wIQGQh(@hJphH+|e
zYZCe_<7y(Q#Ey&d6{928Ui&#QEhxn+7;JM3e)^Veq`3M6KNQyY*(bu}5NS?MTSwqU
zLa{ykT>qTTS#=~J<OZbEzuKAu2yZw?dNksd9Z1<0wDul&y>s;&QJBt9^3^!<$GJJ`
z+S&JLVecv0s6IB?Zk1J{$-Xy4A1OarX!R8PnylV5qmmnFp9m6KAro93Bf_9iPDpv=
zIq2J`cSqMzaN^$9@bT6iTSVFTdi*Dj5ijcjsHjnh;+iu+jms&V%@y+Uj~76>PB9ah
z@5Y?4ZlOm-P@al#=xjK#h(F*0@}Q+K#M8Z8FyYKxjE_Fkdh;I9{;<W$GAwD6xX4U2
z3xh0^9=-HmCEFCjYqVkMjhnDu1`tAR5+vr`ruK@s0nuHqV+n(q$ISN`Hy|i}{Ni>U
zSS0^VG_cl$bfx|)_bMQeJnu$|>*~a9Tr*eu@sdJ36{{SxJ=Vj<eOn;T05Vi(y^<j#
z^^jon|IzlAaaFAA|F9q;DBazHDBU2PA|;@7cc;JtNm+!Xigcrh(jg@&-Jo<xHwcT8
zhW|b8?cV47p0m&K&GU{A;;dOS_so4=-@0T@X7#wgRN@$uo@Q+2m;5;UB1cWx-(Rh%
z?>0Pk*mq+Yk!^2XFrDwgq5A2oBW*)u#C05`t3`$*xjC1G&^bbH)rW~!(kfM!P`(Wp
zQc*Njky+k)K)Xv-C9A~KZCj(b=J$?_-@v7?SgTNx&zqZW`|c?#VNzFeyes#Y{KssI
zfMdj&xkVGOEI&KPl#Z@@_yK)R-To#u2}iMk`Fe80g!`jpc5<$&39jX2Nq-z=c-$R>
zc!vj3IF{m?+%d%12B^YilwEcrc7r<%dPI~8)97=G?e#iu78I%pzE)4TEQ9+<7IMWl
zYp1Sz#$MlVBhr=6_9cYN9ifB@tJM<7NcA-x(o!zC(2A3*<(U6OKc$i3(iijL>{+2&
znhm9yqd!2O)#B!vXxD5e*aE^!Qp(oXSH<Snk}!+(J~;Wbk>Xe#vl`Lie4)3pEE&!b
z?Q%&~e2~>UY;ae#I^i`>!QmB+{qMNBKGW>=F<T1Ib!&`}^q-k9v%Uv{0`;T$E2V_M
zU}=}_GtHWri=oQqMTL?3tvOzn-@Y;YNc%Y6G&j}T&3^gfM)ZmGJV6QZ%fkV4seZkL
zl~4J@CG0_*IqbUhV{{YC7q;Jo4%sKGHMi1}4yUq9!&~>0dXI{z>PSf(9vI2e4U|Zo
zasb3A({|<BT?3-y4l$8}M@%+e6*<|d_wL11>P@b(eC^CL8(x%nv>fyWsUW&Tfm8^L
zN6t`(o(Hn%D_50<vG{nWwF~6Imk?jTwZeEAKXRl$20Ls?0%c^J(v|1|I|6uHJ((nN
zj;~l?%)$AEeJCQaPcz*%K&skh>1+3JznjG<F<U%)^0d}VcN~w6r(1USrsBXY0iaaR
zCJK&~n2>u=@h+=Wlc$Ow<>Qe+jdU><QODi{7-xF4Tog8c?V0_N!_W~)+i|3xz>14!
zc(-!5Xg~Rlx<Sc-Qar0R6fc%Z5ezb6hT5IJr-ZuCI~06>Z9o5p)AiV)03j~9h_z+K
z#t*MwnAUBTE1B+g%A0jN*^bQ;fU8*%;S%mi#rNmm5Pqsvs)0D?U_yuro#k){tsqe>
zC*GPWKF>PF>0h#Sn4-T?7uh{H!7yNl*7MD|aKN@8t@oV>pY)%b-@ko2j~ue~x5?!(
zzR6!aQse%u#);b6=~D|m*je*-(>=pW0#WKcSGz|!f)l~6Bl<LUrDh?;iaF!&6r>2f
za&Ee--1)ad{sYpDf{a!@sL;dO9x~8d&`rq$pa|%}{Tl=P&p#$n2Y?|>%=>%|lP2N+
z`A`1OZ(lPF{Ny=yVNgr*pU>uBf17cPn;_tvCF!_V!&-6wcg{-O6FL9OWW||r^uHeG
z&o|Nk_X{OdqeYOO`h33Tk&@>#RpjU;aVxU+&A?=bc!Bb7d>nu`FAnGPj&H7(FXtYA
z?+^AP6(tuE-eR99chzz(+$wKp47sd3(h;2j?AA(UvW@B2xAMUb4tJ_X?*7*IXGZ(z
z@NHtCR|#oE=+*!M3Ke+mG3S;m|Bq`okcFn0CM-BOo%FpkMmOlisTfr_czsM(pUcNw
z4VnM3C|~X3YS~pW)eE5AJNp$=la}3<e8>&K$(KECLmRRG_2vUItm8(V^*x&g&rE)%
ztz|rzlH}@A!^AnFWs;B`_U2%OCDF38^%JT=>j>zA9u_J(Pq$4t4!(<&bTs|^@qZC~
z&`ru%!cQ>$G5)|n+GkKf<7?>i0`d~Jyx*b5peO62O;EC9nYHp-@ZtpVr1pu`_)vv;
zH0&Q2!N0EcMn&1#I@<KbB3S0N<(rf%>o|vHYYZ%db-Iew+&^j%OQZDje3x(cy(RJO
z6cac;gIm)$eCOAz;a`vRf39Hw(F3Cnrt~G<sDb3om6WQJ@qsyKk1vI(>Mq{>amT!H
zgOO`|Ph3B<I?4UU!b^CG#>2p}TjY6;X*~m+<_D|iypFF{e&-4$@dre?ma|Vby0mv?
z#}`<UVS}Zjo#{bFs-yQCpKP^^f=H5~C}{I47%wxcAdLTRz?I7D-5txUO%pSQ<7g08
zX+JqK&`TQS@ZdMDIBTr<HOk7&EF1N?_hV^7g_hs}xlyO&W}2`08z*yAj`mtzCj9GU
z#SO7D;k8klN1b~udzEZ9nzyG_WE67f_bZgNz2gCR$b$T)JpwZj6&u~O{<MBR$PJ=r
zI)ca(Y8Lbe_mU+3$A|IoBlBh^+Ump}yzULLEgV*O%EBcFGeWEucR$!uu2h&kb9Kun
zOt#j{WB&f``;Lx{ZhT#wUEpN7ZO%aQwfPDZ3kKxS+HXW_c%R%2is#KSDK8!q1U)Ty
zEVS(1dZULX03!exj)C~B1uv0+A1ZfbX92>DG2^|bv^rJoIvem10%rewfhAO<E2ao=
zVo(b4JXs%N?%`~wXt)yr!rIy`zXG{_2tW>QVcC>U>-n(is`zv#{Q-Ub+<s}ovfT3P
zk_jK+`a~PrrVSisW*XNye3y!^wm2SU_Z=HcUpS85;$lln{xMv;?(pD;P=_Fh?~~#m
zjqG`YXH|`YSS*lTT)NSz8M)#pWwpOPd^g2yMEjZyd-dWgCje;>zO7cL3;@Y>AyQa^
z4C#pj7$Bn3U<_!#n>2Lo2_X~CS;=M_$jl=21?t~mCBAV63g4qSW8mT$Z+3p#5{f$q
znxsfiXy=8Pf)Bed5WtUf*AC=a?xYawIZ1q;KadK>KnFTo?TkQBTv@`Q3fm5NF6QP!
zsQX6UKy>CxcRIjU0&EAsw{D|toH+qh1G(Yd!YUIj>+IOwQ)q7e5ujX}eNVp=gS^rW
zClDqE2P4hzO#yerag1Z}XH?@z-jPsqaMtBc0}|JR0NQ!WZz^&ZWp)zuxlSPEkl1Wq
z)M!-CRmq!>;t6<ctvCYSL<!x28nNTu<`C@Y{`<)epR55&D}vmwsHNY};CHc?zTkSJ
z|4!{R0F1TXC9S+m_~HlM*N<0_W7DunDTINXycuYbsR2P!b>t1}V$MN<8|F`}NS(yA
z_Dc-U8rvC#P`aam7D#dxv?gN!Wo~M?Jl_^i-v@nm!Mm^oCS8@`ATq%PV3(mn#i9^U
zDknNT{(w>FlsTi~cW)fR@ZG_cZFHQ0%K5ekQhe;stmhRwzVpwS+V*YQvDMD&e-@$s
zC^}q7C||yQj&hAEt2VuNkZ|wJxwTqyw0jzz`1~*&ab_t7j}PWM58rbV?dv{%$|}HF
zkwdVtx|nQhtKTMFeWDVbmnRzybpp5P8aES8w`$nkA83H?A?wYShJt_M@RKd0YS8j7
zh5yaL$TW^y=cFR101`c^zga|lO2$bJCYMqN(8jBDwj($Zfa2?PIvCarVM>G1#d!i?
zt4zBI^3kvXw7k(1G=y8l{i3HW%Fqp_-lLs|c&0f3%3*-~LriSZBcmfg{k-W=tbvkZ
z5%CRYw?IzhC3;yepY9mo@3PP$?nA5t;89d}K<Z~CA*azO;6I%fU&^)l)ZcUmOGJQq
z5#oESfmU3bzy~bFasOh4G_b09SsKoEon>bsG`kOszZ@tsY_N8m!Z5fx<L908&23cQ
z7|Q=#w=vcg-f+oPWCV2zAvywM7cBZ#%h=5svcNH66+Pe<**U&SoABIXDNUY8&*?J)
zgrBuoz6UzomOZ?=jER+ZVVJyu5OQZBnNheRmDEv26=R;}wf=#lo23lyywDZ|PU@C#
zIu~x$pG=Lf$&Z?9G8AFUX^_cf48D3aJ|5Jp6rZf;g@AxZZZBd@_3IF0r~9sCuMU`y
zzT5>W<>`aMPkQN>z#WGLnXj()C&2^(CO2)IXdZ{261d`>wh?dOwKg`BQ{)4foDjez
zb1Q$c_{!LJg+rtFNTO#|?2mFXfHY3LU|;vteIocK9Fr)Serk6j!Kt&GzKOlMB-urS
z`<g@77mdXHnDCEdNmR?PYsU-R1?MV8pOpn)ZVn0BRl!aX9qQD<@9(z@z5n>W)NT%M
zvha&8a+o~SYTz5qMiNiIdqPq61NbcDqKAx|gM)zRKS=C+O~n|bvG!Ux-;?tn(0<~+
zlI&RjjI;?nG=6W2IX3dkf<XXr%lHU}4%eyRIG~_NnvFQ6$lsWD<j<JAVS{ViEkyET
zLHc+CcVb<;67LbP+JvZdtulj5$g<d$aJ<k<f>vhanNkTXO<bu^m8*+}B-&&9PJa<R
zw_y*lK{708D)&)<A?|o}JPy@cfPSVD&|p5Z_uh_?+?V7rRzstrlt*LkTk#F`K8iHO
z>jrEM70IG50MDf%#1JV!hDe)1bj2I2{cGh5^1&Pd2Wx{&6s|p-JEVc=tl4SuN7EZ)
zC8kH<KhE0%`Y!tFoHUaJqF{gOk&}zZ&)3XDWU=#o^`myN3*3a+<db#94jGO!0GGe}
zl<U$Tg4U|Y_O4&<(X}*okfgb|YV8FG1GxZ*mWYUfdlu?hrn;G+yay2{EZ*Sw#sF!K
z?oZm+-(i%^U#t#W(Kv~*<91#FBoH=`e;ZKncd&`=*36u<8TJ!u>fxq)CU)ov_c;M)
zOY4eZ+9b}avMe5aibUaaz~QudoXmU-s)toOhuit=yY4KTyKrAE)FWR4CbT+%PEyr4
zG+n)R5P#bY6bpupm3ryvGq=*%k9(Vp+Fj(&9B@-Z(344gj>sLVXdPVpUONKESX9hM
z!G~ZC<~RO)$%1E%6)wI%!75mhLhji2zQ|3fR?hAl2XTEO=lZ^+ZLi~s)@vadcg31V
z=LIfq2)h=}lakPCyBy+`_v6aj6v?Hj4cDAkQ~X@6hezxRdkiVA-4R+Xgr34S25~tI
z6;2^{?KkT3Ay`ENa@0ON!9+q3jZ2$V>S_7I9<GYYivA&~91M^antk~y!hYmij}EWr
zsvZ9FbBGZlHZN=Q#q*T!2ZRtFR~R)(Z7|q#mb3_>O@%I=h~s+mPguPX5U&|Ec-s0@
z>4+JEki3xL0e1<t10*u2M7$Qs{fR}dK47ogS0nHQX|_@_)557=$)zRyX<uR`96i&7
zKyw~Uq_iLyqsgxB2na9@sBOm!Jn*g@K2U6;5t#8%<YItx`_-`6tM<C8|EP6<_5rI-
z6fLi3qDB?e9S1mT=&D@W*(*{l(pj>spj=V4W1!&4qKkR)98D$^a6fd9aP0#IPT|C|
z50_6V0$wdiC){p_n@Vf_LHuMwS)#IOk{RY%*tk}uaRnirtxEtO@wM)EpR^}#I4pBR
zocD86_-Om8e|5b7llh4f`7u@u$on=c3q`)Bs~*7k8DUBZ-Z|F3!f@M7FoXNYkaG=K
z4xPghiAHD2xWmt~byf{szmZ(6O^JRIvEobTR`LW5pMOw|^`cEi7{Y16O5jF9@@?OX
z`xf<FRWP#YZVjiStdY6cCH3TvO#S`?>+EUuG#sWBPOQqVt~|K0RLJm%x;o?Y+VSN@
zasqtQ=C2w`<a<wp$OSA&K2^VX{uI1}@NpZvV|Z!HXuY(rN8&VxqLJ9P7Z+lcnaAro
zR3|Kpx#4F>Y1*|~x1KKc_X#{WZMA+&9A9u3d#+-Yhl!rOtQq}Qt50@Jw|En%7>Gs(
zq;RSMB){PM!}Vp?DI2(TY)Fhx2riXeQ7<$+vtKx1eB3z<i$|H8*2Y%MOTH5L3?{dL
zdG+2%?1G0QU~h_QGUPxhDSHb6JdACYxFc^E;I5@={R}<t+ZI@q{3SM9H!z$t$8P@t
zC*q<b?6lU8U)bKN1JwqqxaXE}25$c&MqK(A(6-`Cjg+u*3k*F(aN!<7G`-ke)nMWk
zg#(7^eQNFIN?=&vM32_bk~e1+aaFzEfCO&q?Ph6HMvPdlILQayG;^6}$unn+P#yPp
zRPG~MTBfI5PwUh8RRP#E7dpBrotjhxZ^UsyQ@7x`yDB!FaDS>|uJX&LSfWR>0`e&<
zYFdLc7U=P6ho2tlNKIIh{?P-AyV5jr%U4`#*fdn79-pCAmm8G5Rpn#doy>JJt{cLQ
zCf3x@O*1ViRMg~pr)s%%X~uhOvmO?5#ALcdA>(F-)vh#=JD{uB3Ur_u@@U1%45_d1
zl?7<Ux}N}r({Yr(5Hlsu*Yb5Vu>T4NJPhg_v#3kUkL`+S63zC8&ps33hT|G>{$zn<
zJD!^{V;keHJ>q^!W||TE@G(5bf|905%Q#wi_rBiU+d&#;H2zpcl8!A4Vt7_+$iQ|N
zy^&6sj#6|D1-og}7^Ye*TlB94knN<gH}QNyQ^s5H;GPMgpmCl6b&aSj=4S=|pk($#
zMM<l#o80(mO`+&uOFMqluhH7C)X+!hNd#RSC6x@_N(atYNNH&|S&GFk;KG9g(We`R
zmt=!vyWXKWY(CNvZWhN5j3_%l8J`_-!b=(w%QphEtctM3M;^|Ev2CQUUg+vY`S_B*
zq8(Awl-iJ5ZM{m`Z=u!n!lzAk-4=$@jDxK&y=Mk-J=1;gPUQ_`?&=ucr?{S+C@yJA
zxZVnpm}Y)A)$4v$lolAsf<Yhoyj=+tU5R6*zmbXXGUd``jo9SvXnl9b^Jb3k8VW&Q
zBDFO|CL>B0dw*{@J+D%BvG-QX_XO4p{6RtXr^kLaH<ddzip^J-ktw#IFDmb^UDm^O
z4he}=%Dz6h+v<jq7!ZbQunKV5h}2gJvtoqk#SRa3G~)vlg<ih>QcW*Rlxia6`D6+b
zHE2<1rga3;4*cSMER69>ZGjhz^P@(WROnZRwwzCB__6xLM?mToevk^de$SWjyH5rZ
zTa`{ZwmjX%X&FzV!QRe*qUHE1WbmUqG1J^>JQAJ7ku4^@IL}o&HK;{89?cA)vN>7~
zp8NP3g-p@E9Gg^nhM$;^`+4mnjjcrZ$`{u@K_)-Zv`h^>=T@Qg<lV$?5T3vhh+{QV
z@3XJ-pO~J&SAglMUc~I-Q&mBWS41;uLkiu0RKUdC#DVXu_HCaNB<#!QvRZ>1S=xZx
zN;uG<<fGrjUxxD7XFX8j6I)s}U=G%bfi$kYxEFS^yP5hukT|_zNOTh-77;)KQzyP?
z-pM#Z%gEx2=c(?gm4iN!ztZiskHKMidN#fj_^8k0j|Z_aLfU`EJmT<u{D?!&lShv#
z7W`^04F$0cq{r>Z`uWDsT_(r9L+kX3*T@iPX?Mgd`%=p^dV8sJdOub!kG=Nzsz7?Y
zzsf4p#seP2PP7zoUYw8cn2h+CuP)>dcYP`feVM<Z?qJ~%!<&0evldkOs7+kBzBWK$
zRf7MVi7KrcG=RE#4c9Z{15|cP-?32&NfMgC9|uF6&*2}O5Ax^K&niNn(b{@&e1VO7
z{!<OSkZy`E5V;4d?Or_Ay$zgO%`uVG<v`1p^LDJdwI<RnNvo37(a<+k>mHbV@dx9>
z|Luvo(K!by{7BSDpYx(#y{hJ&V{3#PDtyoP{N$P>ngwRGc$OANF(k|Zl8w)Hk^yNh
zUChTZbFnfc2QK{#(wsCWXme|xRG+16Kq(zX%ik@+zjW6_3cwJJ7}8f%bWhgE?TRH<
zK{tN{L<^>m@K8ohNWLho#*{7}gBC^O;p+q6XpldFfC?vHx{V>ck*Xw)Het;#AyX#d
ztn*q(GoxsUzv!J<PIMH*lg@(=(YM|so<TA|g03~gz5M&sDYk7-i84W&LbtvYU+N5}
z@4{*blPQM(3|ouA$$969j%~qNi`2>G{wT0UPgdn4QFSe~VXJupO6KP#%KGw3!*lJT
z$)@uZGo6j$<kOuV`_cRLi=S^3SMEJ<@<f)$=}XHK@Ti|odDOiv)~`9%7;x3}W8{;<
zN5rq#tUu`W=uK9<|1omEzPyvyKI&ezpBgD+VtH4PuzdWBsGpl2H!`-^vEtY#m2I!`
zbzn`{c>J#Zcw;!>4wt1As^-gYEHWqwnF{UpaoQHlLR{wYqytZC*WQnq!w`5`9QUr)
z2#BQ`G@0YNhj~Z}43-p)tRAVc1wARONICuk8%VP9-rn`l9i8!7Na@vqiew%`<Qcz9
zA77DHySsTl4qb81y5Po$D=>=RUxfTk%BcByhT{XaX8QVR653dyNNT8J>aaPR^|zND
z;ud_hF4-;zq?Y0tGPAe1P#Q3;<=<=yuB%foRrLXquZ?eXMW<}VZj~=T^y}l?OG8ke
zO7+_c{`nN`(>!FUw>W%LLC!m!@;=FyqW$X*^Q3yq{L~j1Iy3gY@$azWFuzc<PCN+`
z1r82ci~!<1Tx(nD>5%j@!!f%+x4mcVmeK95<nnu|YQY6$3X<$kz4k{Wca)I1$pWG%
zCqgot8*b>|W7pdG+97wbW}PjhI#?#c`h99Re=m^V@Po3!PPs<Rb=5@THX3msX@jl-
z!6KFGsa#O^0z)COIw`-NOjdO8hooQ!4JY&M>&K^4k8<;W%4u}ypa_w+^2Maw?{GHd
zb6-@(jZ>BhoE^c`BGFNl5SJwYI_9Ns^c1q|u^Fnr<xVWqo2gIQ34CW2<Mt<D=*x<H
zhRWnjR6<a~pS=_1ENnmeF^{oMV}<p8?)Zn92I+5R)l%!azST>nb5H7%7!`LGZ>4IM
z(>XdT5O{?@uVN1%g^Nd<*Mvv}hQRr!J&WcEX?I^4{tJNiH%`k<9stbOMEN_SW%>=H
ze}eL$;LW;Erti_MFQY8k8|0*X3~Rs9YG5{EroQ{?Rj=X3>trsX`jy=Ko`S`_BfJXN
zhRr0k3dg&a(K9W+&*XQI56=lHKhiRYo+it^xEnzFqH&6H<wo7ey5LoV#Q0xq&fj<*
zI32R+#%DJ*qJl?YmSv28ECukkNxEXPN>F4_;cA&rXkzNM1uNLnVK^eHWLZj@C)7)!
z|6XY$a?4R^g20(y^OHDAUwC;nT@amPrdCRSyt3MUpR<Tpct+LlPz@h3khP8Z%LS5y
z`R(;h*v)T<c&oDpZOg-y=(yz6b&UI9X1O3I!cNydAR%}nnR_CUWl8C@mN-W#iAO$@
z|7OQuH2*J<^6zW>7nuZL{m^GN_F5}sCHy(>@!ClJrf*-!@*DEq%zw42%Th%|z&6pj
z9QnPIQpKRQgi>{pRgYUh_uczX&%OcN<Muugj`Qz;<5sFDS)n>61=Dt3cn|lc>tvp>
z6YH^@DBp#{E+!tlY9x=HzKvjHpJujHvIo53hy9-<2vMNRFP!whQ8QNBC|U1yBsQ1A
z)It|cKF6C{V;WY3+lNu;dcSQ`@Bnb^bj=RQyo2nl{cx^(PK6OOXS|eKc8#nftMJT!
zxi-JB@_;yn47QT^ygPb^9$jvXJ_5n&%AGP@4i$D?ucmYGOv}g|WT%vl%eK{Hdnxjt
zC}#3s?N<7=VE)VTGnVjfGyQOpkr!YkvX6;({Im`eu1s?rxgkBfiBwV6<RGk3wdLUa
zBk5c(vX!aNEPsP!{11Br20H+x|Jx<`d8Y%2l%exh=ni||n&r5&6P$UQ;JG^G_};sZ
zYTLt$&<GnzM`jqbCH}P@{^>{7cyT-h1@!9iya&f>I@xE;hP>OYZkl)0)6ejklpn1Y
zpbRbGS+V_O!>V~&-9ZWX-;NnTB$L5;ZK|yvae`L6HU)AsR9BTayyL}PnTp-gr+e$3
zSE&5g1ArajDRQsGz7Jw2=ceR+eiWU_V1m+!zwr3~u+)E@Q9#^%nhl9l+pzlaJw8<a
zpy{>@E6V?NvVUG^@o@Tw1xGsZG<x=wk?599aCAT$DrSt_`kyxfaO5zQcOeP7#I5e%
zCxS-Y%n=E{bEe=+vLpYzy!Hl_EhGQqn*MPb?~|`&zCBniNPY<#&EGgPp1a8QlNDf$
zr-nyM+wXmXxY18Wh>*ln>wny%pT`p~qsthW%y$Thgftxg^PC<giUXK=f3+Z@lj1k-
z3V0=B2LNNl?R~!VNn?e7I6h(nheXiD43f<!2z%}pxi)#FnS((vb1Uh7QQ1}tz%lTs
zpUkGza>M%JHKM;cyWZF0KOK?DYjq{s|8O=57RcBl`wz!}0B!f678p*9K_VIkWRdW;
zFYRQU14`hqb_m!E0jWe>kcPc?#nKc61Q;JL#bbj^5En%;APQ@S8om+WL@9<$C6pdh
zoM&JR7t8G!cOWj#^{<ro*#rSQQTDY!b=~xWR;mfo46)T8%{u|jZ7^h*d8`>*kh3o7
zW>&k?MsBKW<PJc|(U)b20U#b~0%ibmRBS3e7)|AM{;?*Px`UCMph5Ml0?bG=m`BF-
z7|d9Ls2~J@^4jwu3T1W}=P4Kg(hQY{Umz0&<p03@V3ErOQf<7TBKYQ42&{Gjx@f|;
z=VbR5+M}@{Ure2HIiMB5UXQBu*g}WIT<oeh7Ho%qIED38@a||IaP-5013|<O)=H?^
z<5&Z1IAEbfO8N78P4X!}9{EQd0+3&H+8%=cig}$1W>f_{H_b`5g`~+RAWRMp3C@J~
zdbph%Kt7AA_moi}=5G8h(AhHe03iL?XZ;?SboG;48U)-@0VGnBeOU^I)E#@<LFSD)
z|EpMN_LCZ77@f!O{Qy)Nm9+xlUs(4xi~XI3-YF$NJK31%98uS-w~3-%RGk5MJ2{R+
z<+w$1F}Q{yK=G`>;tK%I;4g3FuA`bNj6;-BA@F6uLZ8B4TmV80uC5|d{^*C$Aec2*
z0xKdi^xi23Q=vu@D+>c1L3$gB&=adwfItvr;hI`XEBKKQo=%je2dsUIv*}AePl@do
zvl)7SblBu^)g5?wV!LfXjy+Txzqrz1IxJ?)i(nx7j};ZPaNmgqK$MiKuo4|RtE6J<
z(|v#lM`JFM&`}%IQr>fqu!d1wEb}*@141V9wDofKL*;<vO_}J&!hA8b2s)=9-zWLK
z>@E(9{4k-Wt_q-F%^=i^1X8GqPk`_<l27j6$?DtzD7XbeN&FEYqwl(~RRbV0#I>5V
zEfR0_fTg0^B5mda*vBToA`%B<k`vXvfNWX=)vhZ~*8Q0{4;UQHYt1{ObM9mv;L1_p
z;*1)==7Rj=xkrOLy4>aq!o^d|!I%)*vpH-(Gyt;8dAn^-i`=Lm7tXHO2}=cLrzWm$
z7WH++BWobs^Rr_@z8is4vD4McoxCB3SSA_u8_~ABCh4TU48|#8U7n0KWEu5y7BU6Z
z%idn`!p-jF23%hV;9~eI(4(!#aNCkkaO0~j(fVJ@rA!-#P&R?*lTaCCO2P68+5zax
zDh#sAc6@2W7D%Ir-AfQ+!`Fy!r8qUAtBOM-<K}r8K3{?aAhx4TCrmx=bnL=#_hwS0
z(j)HH#UQoxc<{1dPoq?EW)$uLLmJ&&<fj`{L=GMaQ&W8|7F^8;yith!18u>vc1QM1
zui5^k4AJv+%PnF_U*0xLEcO#6{%<@}025H<F@J@cb_i!M1XRF$-2%5H+4R=iJyO}X
zA?U)#$%_|Xro}Fg`@w+8qD4XtE!t`Ni;CGe;m+e)4%)X<B6W}%Nz@V;&zyycN4w!z
zS=U}b5sdB7^d+i*Q~9SCJJEhEe7lK&6AqCAlX6U+0<YfX>apRLs}3gn9`u$^AVo)z
z4|rMBIu&XE!=}JZjwE@#2)xVG_4%3xkZ-c!4B{H#`0W_9;vkbsZ-TyhO679axr<ZU
zSX!d?Fl?iKKJ0FmR>b}CF_Z8h@QGq!aeikD)XjJbEV$R$rDq_&7YpDQGeHWaDv#7_
znK3Df39zu<G|C-W!;M?Cgl%>tW%s2sBs(M(yUFIs4<KIV%is|RU<?}#H45vHCl>|x
z`?l4LQ!}P<n&&b)$jf`A1!5xK6vq{W+e^=h`kY8}?txdf55cuj(0I?=T{}g42cZr5
zm9yeOloR4lt*DzwGNX2arC$gGo6(!9V~D)m1h~}PPno$dx+^9&+^aAWF%_C&=y&c$
zV2fLayM@bxjva{;^*QpiU&No8Zd#Vyp5RAskd5ra5Nb*98`t%t7JyliI7qe&O6hR^
zZn<UY6WKom5ye5B!0JeIBXQ{E`6fbpQ3qF1khm7&HE%1%Xq+YHZtOL!#L1%~KD6A@
zzbVO=uC#@@vJzXat}J*ftRF2AF}wGSHa~9f%E}2&$ly)dxECvM)%MAYtZ=q4y`!4N
zGVyO{CEzJ`z_=Az75OkcqkHk$lZIJ&{kMZe(wfsCbMMRTE%0f3&d*T&@)Yx{08-Tq
z%v$73M6YXdTGP2N>cKJ`(PBz(R$!}UU;(;d5TJC?cYNA}IBQ2+=|RDmXj#O+U_8#}
z_>eKR!b7xA{j*q32=k|^Q>W$pC*cP-BNF_z+FYQ#)T~kk<SEG{R9ywcGWsSlxg;(f
zdj&ulW#(>52-w0J)Y#LqU`r;jt&)27;0`!HYZD$-E$rRAeyAqRbmD7Akf*6gFG89Y
zh}H~OZo_fYzQ+qJFZbm*q%hu4DzKJ6(z87TZ?{l`#vz%SSA^jc%&8vmJmB6Dy^#&L
zV!c%mlljBxGv9O!TJ(4YvDtgm>o2iULqlO#7Yd$#MpKP*)7#l<!6(LAqxu}~(wbQ+
zFGbR3#XTBD+e6ER_lj%>hh43UZc3GSyYm%7D~w(b0n>M=UNUi)c9LEWCNY@tj!O{m
zC$>51dDo9+Fa|5!t)6SO#3;eRtsSz=E$qLUUSd=I)>Z;XCGDF$4@A^27?XU4auB1M
zn4c>uAAvZ-H`g6<-yBimik|B`VPsODg6biQiDe~_bN)6RGcx;O+G!9@gr##*zJxB$
z!x-Eq@-*)#M7;_=7vhs_PiuE-|6?7?r$CetDV%7gx}Nr~U-l%0_KXWXa2rM1NjRyR
z38wFAFp<V9Y6;ugt@EEdjvnY<guA2<+Id#~EIl(`fEyYlJoOKIQX_`^731rwIb%3a
zaI#*_`Gj`>``)(94t9T^i4+QBEoTv+T=>FrT0I|p$8REPj(LSsg60O-V-&V84-T;|
zfl2EK((~{lJ8GOsKa`YiQA_TMWuj!4ucbFGYbDZ^Hm)k<m4m=!m_4LR0h=nA-Jys!
z_aOK>yKxM9Nbl1SEJ~9qYe{9-BAj(CYEl&&f!S*(fEq3AvnhLK&qqJ~&aeA<2gMAK
zpOl5Xn<#9-H7<JPjHzchA_~?&ERwlEPh?HhdB%#}ZKvrCG5fMh`iD=V?3i<}SYys9
zzWBloSjr<kYO~O9>c=}{!oKEc#<S_0xHl=}^b5t%;$(|~&ExhBCgX(u`#;L`z0)>J
z>?Q{nv0!wc-tjFE_N`#t^<XbuX|z3uyuMl7({mr{#)Zf2`>t1-rO=<VT1>|OgyX>b
zcL^P#UpSzf7A?mxkcA#W#m#rN9i-WO^(v}{_si%r$WHWsdjW2?0I=t9d-dUx@oV3R
z?Mf=sZk8h0!B8!!-^jPvFuua&Y4$3u))zNrN8AikL-HEEf%%^K#_eeX-{Yk>OdNA>
zIGe@+#F;|NzzVD!$2c`G3A|mwAOmIlEMXH`TIcY{;xbt2J3c%te$R)cN(qbkZrwq|
zZBn}`ekbbQb21StbOwoTqzA=?cRa0$?WLc{%`OCSM7;=>V+fvA=rE`akD2?f6G`h2
z%~Iri&5KN*mIL>10SRZ;u>!AhUg3U9Ks3T~O+srwX6oHvu=80Hos;MjF>|@12vt@B
z%$ZY`x%KJspQ;AZ@*7odZ-Ts6))_?<#oDCm%a4&x1Mtx{)A)x|ibU_DZ>hk#W;=Tq
z(V7yP{SiIhRL2psUm|9^&rMS|PDqw^nwA{X_!gGB$-c$1`1Be1CqxSLSjIk8s5!#O
z79Rg3Ky52y`Z50dVrqKtN(H#s0ddOy2ZNrx**iXy70fC|-vEfbPtRe6crjrAlI^FK
zo6lqwQG|T_v|zZ*#DM#L1|B3gdvDTSu0}}(<Z)!_jm5^z^NkqBRRDeet9MO|xnld$
zz~^9C^}aNV^lJ$Ule$rpNt?WapI$yGY+~xXe$kB;yjO%p4f%7CN3Fz$C{0~-s0XWG
z=!2ijR^^+)#PIM)jX!`Qc}Fnb&0~XW<fi#IL*W<b%!=<VC&a79^J$*}ilTEa76cSB
zhWNN{B;jSb1Iv487G+u-cw1WCoC`jjur2Z?9h*N-#&}84zm(5pDik~*f7_yK_OU#P
zL0`z+hj5ap9EK)R+iU9EQ0svujA*P<8q?b~LVK5w8-Cxg^9aKZ7|Wem4dC~seQK-F
zBO|n)7x$i2z;l%~qUfpmhsU7u5^8Xc5@%CLHZI;dH4P61c(9CyaCDxxS6%MAb@{wo
z-}C$sesjg-8Pc=6(=}+H6f-)!Y!-|o<L@0H4qHW9@_s;?p!B+rqFipn?R?{AF}D%)
z>-1O3mf1JfcPnKCEHC<wQcCy^1~R39ixWs|oRN{z){BGa)4y*n2F!PrrgMvipV{Lg
zQ?fr{d_2Hddx87n_{?n7c6l33^mQQZ@!(3`k?>E4fYk>St!cV*UoP5+?ag-_X_z`o
z^@_Idta)2W^VI=oPw+QtJ{-j4=+iaC?^hma{EgUx9b$8j>7by5%`t>g&TupolVEy1
z1))g7?ao#;`wRi}AZ^N5Y2#rJ+4wA|1|_ILJ8Q&vcP=Ze88woGlWv+x$SuFu1+w$j
zwz_c+?t<<kn$lT_^hw;2#OH*>2XY9o!`}e?uJ7jUVj|qbB&@4#J!(SyPZrl6e(mh;
zdl;E`_ERv2WZ}Xsm4?I;QC@L0tq;m?(@-8^bTsOaL!`1BYcGKQvDdlrPU`FNNg&fv
z2E)Y~;SH{+jU?}B-V$9^crr04Wb`3r`&YBvlYoM#dZQv&^%&j+#^$_P?@Wd9(3$L<
zW%9Bkhd$n4TD??af1?t99c<C|&^+>uB@so>TK0_v=bkdQ;}{PspCU>XwTZ4WXRZ-5
z8KVW#Pah&S81n5azU}9&t<Wd%nNiLTX>1|QW#ZBcVvoK$Ic8SbIsNFeIQ`{^_3_yp
zW|w7f1ykMz_v4v<1%16)xVhN%514C|FY)K<IU^C{-l(L5b0^l<SB&cnT3ois7udY{
z!bS@Uhp?nI;cK4?Kj=}8H{4v$pj6a*-)(hoK_Z(`Z0K<x@Eijz9x_rrvGxjuDVMTN
zd~MbDRW4n-j|R>zbw6}R?^Y&4yWmjF73@^_M`pqw@6#Ul4vi;1f9}+U(LR)T1q~UC
z`x(@6gW{7PSXII-?Om{;ybFPim=}8adrcTqCig%<Eb;~~?v2$KQdrN;!}d6e14Dts
zPkbMQLlD8!Gq^w7*;%~)`UQsge7zac^IQ)?6KlPK%iRhZ${!?2D<IK4dP9UTy&aJ0
zMiXcVk7!QxMbI@rpCJTEy(%e*(F4h;-}*6Ns77V7t2LYcC<k-2;t2x6<Rnw(yJ&%T
z{@OdZMUf=?=LO{rk&2|!uH|y3T_!$^ll-Wm-X`2Yg_L$RN5;%HB93l%mNZ$q^#rXV
zC4KjRHSl&4p~A*fN{k_*o5pBwl_<U9T!|`^eYO@phSus`f`&cDa3OZ@?Wrnpvh`9&
zUGhjj_4l5z+K-im{f~Ua*xj51)OS`g5;QAR9((6!o`&XF&x?-sue{`8{DNPf!byDM
ztJqUiv?EyfL}_Wg=RzOhna{ARhP|S;$SODV1n`#G__I%6T4C3YIXqDR<zJIV7Pi|p
zku@x-10m(kB8k0xlPnY<bildp)x7Z5sPGxyRv52W>5rMq3;y5`6AgA`HrltKKS;ET
zLjXN%+jYC9dtcDUK-tv{TKdN?LMYegNh$#9(mtM!R-<joDB6zJ+T1JvglHTVv2<5B
z0~6gW--jz(f+5~nht$YCWtMBJ9J<NW0_*b69{mu8G(C}0SGN5mO>if$OpUH?>q&ZL
zH`GB2KpbVp8dUry_RP7i@vysvB$vL=xiWr1wj4lXcdjt9y{P@n^15WT23KuoD1-Dq
z4q%qR;Eov$`l!BDirV@$sVkpTI*+`?_Vm92@uN4j)5*t<vY*_}6%-QsmEqTIdm)mJ
z>Ub3n==W*xjO<@Pdu4;W5(rz^0;vpQpj#H@WVlTmg3CpUGjIc)CIXCpVWQrmr8L*i
zWSD)?#y3}43OVWNci)!VtLeY)B|8l*>l85TlF}N5`c!uZbS5Ztz1<E*fiG$G(@DP#
zH9e4~c$96vHWVsS26#|#Ou|P$nY_9d!}C>~U>gH<wly60nTXQYj*75tqA1!M^fdTw
z`BhtXzJJu1Q0wXZlbLp&XWLLt1Fg67`PT=U?R&`mB;ywkvbmtm6l}=BxHMCI_*j6E
zObmW(#QbwhwR(h%R;w7dIQ-g#J?b&=0eNlYD*|1t+$_`~(x#M68$!Le-i$SPLL*vn
zyl{yTyTiHkjl`ZMggJ!UF=C#(*`=GrInMc2cKV)Zn9>53W{Y*8@oxentqCFAZuRpi
zz|%rNMgz+-6v^HMl6goE)kz`$T-&WivoJNk%2s?EEnEH|$7RRrp@|yB<;J@q1KV)B
z<?ZBcyI&@#fW*Knv?9;9qyz>YY<%Y$-vj8=O@M@*_aL?B0hjGx^<Co=n#M6;3Ue}0
zVFtJ}97T(J3B-xGrkwXCDUTiPEL`QrDr*y6({V%5Vz&U&?&BUi;{Iut*pTukrEM9Q
zn;>00)o>%|)9qy5k$}!Zq?BEbyU)uXe?1Y(r}qZQGObQu^XXGYvcaGRxh4=oPUQ}6
zrWUK1w8ylk<rt_$N^>A?){5b$md5riey-p+w%8d?1?b|dd>tPEv1Y4Ds0XSUz;WhQ
zza<NMtET}q8GZ1C%IPmf3Im5Lj?uGGFqa$W&2F*cO?JkO(u*y+a27SZCLjnWuLr2o
zPXRdSQ`tD?V&03vuG;?Eael%PU(g|BV23ne!>r~5h9#DWS8`b40a)?sxHS75CX%~k
zx<GVpg7y#<jic6Q2LX*O&$(kOX^osec{&@2-4+;{mmjY{W{3dnvI&hapD=pS83>JO
z@rJP8o@Oj$)=aGuJAD>BmD?*2t{ZIW^Syj@*Aq&5s3l2X{{#@wg+`U0*QX(*7egLE
z`?Vrt5CuR$ZwL_X3RziBV=rz*{*VB6N^yF88sQ7@YqIM)AIP?+fkZ}l6QmRcpi^l#
zhaX1!ota{^PXSVNllJdb{~Wysq$}-IiyknomPJzD<5Rw2&KxqN*+C}+=E^sL!jIx&
zKS!)}$#XRZ0&d4yekuol5hF&yjQ)+2uj$wkTCWP6;Eutv>#g9e(i?Ea_Fgux_72f4
zjN7!{+J}UkuU=%pf^CLz#q$M0GexhCs*9Fd3s66~{wa`g!%EY__1*={`j9maIViz_
z1104N>=_W(-Ev|2$Te4vEx7o?2?Q+3d`>;6L{!Oe01azQ^WCCaywPv1+%HJa&?Hjt
zc|=WD=a+c{*Tf=uq#P7ND0O*pzGn@knSdon*#v}M_*#|KAS8b$WEE_EeJjpDm|>-d
z3~#vvigMGj7GP@%22?(3tv6U~h!4teOOY8ufDoNMYFGU0J1^fF0DtEMbk^5Ti1Rsr
zfZKrr*E_i?y(zf#TD=KecfBj`L1ldGbHcp8qnF1Y-GT|W5DcWYy9tVtABzb{^A$B>
z{^V79ldj+%jA)rgj>%G_FQ>TnF<P@rI_3c`Leb&XM8P9)emwtD@f|k$2OQi{pE*0Q
zQ6x+(qYcdKaEPNrhD({gJ7+2DQF~(6#b!`%y?p+9=tE^ftcsN-e8NQ*_8r7<2;#g-
z21*IYV!c$V5-aL3Ri)JzHTlR&@r8H{PGgM6Sg|oDPtEivrDtOg{yaNwVaN&CY9*#P
zrsQ+&D_UpITh)SNyj9?UPBH5RUG#=Y^-iOJ{1JG)r!NN&Qkz@jFdk^wO8c3px#*1K
zOt{4E#^!lIb$?7+VwJdAa(0}~9SQ(kzm&)p>ZY6lviSuyX$s3-9{il}H_JF*Hiy(z
zdf8t}8!&z<Yf*JAcNzUU^xfR$2y~hF?L^bS)ghoA`}{qIQG6MIp2dK<gkD*aIldii
z(olQTxKGpQNZOz}mLU<?bmMOR!&1^e%BfD%VFs?{963kcw>|U$ME5gHLw*>8-br$_
z@1};G2;_*3EH^9<#us-gFoUfS6;<ozD)M^b#CjTsb|2t+GILMbm9-L2Li@`;3JJyM
zH=2JV5}3FAtGd-#v`xS3)A3mMCSSSgzkeM)+XrZ@`Q=Ro<$MZg&2t6iK6uI3fFQ6p
z#oY|6(7PNb@kS=jTsdu=2(}xwQzMc(dfiYBz)?d0oL@+rlfY)a{weOA4NkWZuKp&l
zbYO!0^C`iS_QlPBv_qFRA2VdZFQ|X^b>gmc{>8~z`f>Q4<ZtSP-`w5jLzUlnA<oS(
zU^>2KJTOZ;7wIvbHzov9H2&=+_j6eX*r2ljpU<!b@5~cMe=WWzs{=p1Icy))rzlX$
zz?Q=Yo>g{Z0NUS#Sd$(#HcFLYh%Vw(!&lg6pbsPHzETHD7w0TmV^GYRy{t;<Ahk@v
zg^WJM;GNxy2!ah0k+1wzDF%r$-YFg7#&3p%P6K6@{bRoHMhGqkE12u?XtD@)7C%)7
zVAGx)HC&!HIPHItyDppzrqb7vT+0E<M^yq#r8<a*_!5}v4$XXV9)Al-J2m)0q1)zx
zVvzOv01yp&U{87cJPI<@z`&g_9b%2sk$|`F5j()HaR)rhPQuClum|CDFDs##IVK%P
zU=(@T3DVmLfSczMevL?rX3G#HfN}0~b_-E@t!5$>o!S;wGqP<+cXU8f`F#-6w&@mI
zLnLhv-vQ6P#+B!)zp?;?m1!)|8Ab0xaZR<FL)~8=W^Yj&Cjbri*W2^RcEDv6Z6A)X
zxg_PbP@KwA-eL!8UzafX`7yxC&Fjp8u&T#r6pdkgvod{_Vf~cdBUXQGO##c&{+7A#
z_|gaoypoej4-|}qa3Ql>=BSQH&fvI6!QZ?1UmJRF(3NQ_v_$aO$q}4r6*7@dzlLJV
z_F=bN2B|L)Ap_Y8@wc_&9x!F$uR$B|{w{=;s6Te@wP?97>2(PPn%;!2_ZysJ;4k2W
zLhMv;FM5Oh;3<vah!)W*$hyN0?NDGTktPt`flKUDa2Sb?S-pvDf;L|V(4mvuA(f~~
z@+w>DaKKmI0lU&o$gMEucX|Hi1^8!jS$0Dd6-j+R;62z80&{CBw4Oj|e$d>F)#<vY
z1P|rm*V1xe3h`ktf<hyXQZX{|jbk>BzHR#wU(@euqKejl8^W#N1}*!L-R{N|OCsDq
zd^XHq!C>MlzCa_EangI;kCvdB31<NxJm>_NuWQn3T67NaHH9vtl5iT~lj<C_T(o|c
zHTb|ONB}^U-gY^RKJD|GhI~aVWuQiA>qHq3m4aBypCM6a5R_jGviW3Dy+^c8&}om^
z{f-s1002wpID*M!b_R__0s&bwaL5WbckrkAnnNAe2sv4DThXn%PU~+>=3judfW((q
z(sD!XU?cO!i5Q=8iWE>ZFurU7m1&rX#fK;B(3qb++GyNh2w<t&Vn?2Z!lfJlU#mr&
zwFKG;VuX>*n6%SRh%J<u+w4Lj!y7y$Z*n#ugdO_z7+dM=c;d*O49&7I%uhqzahc#+
za=yA^UFRvuOI)cAv($-?zMQAl)gM4N$O(FN{+CKUDW})B)!`3?EvoBHq#hZX$3EWe
z4E+r3aM&;mdJa>xL@3yZz!9w6;nmCsLdeWiE!LfH^GEN{h7XEP_ofQDb<N;QkAvNm
zGc1onileP69WZ{dDK-!Nr9yM?8PVqGGQGUc1$x)hzEIrtxIC(*x#3F59O1Sb9EI6=
z-b}+g{~dgH;%#Q+GXThtid0q;)y5tvBC>qEMH7u0le(vx=gVLIizXQrSzXMh2Sf8a
z?>~4}jTq_ui;sX8Y^izG<v7$S^fg*YE#h5^>qk8yWZN4b6g(xro1o=r<%S%ZMhP;0
zbOhMFr#2^B?DK2j(dD&yw7)OivjL2pV;~fNFJ#A^m9LMuPRk`TDke6UpYpCR2>cnn
zI@ey^H}A3;6J=ghUKM5Y1DG8@Ly?dxhA;(F_(x@T;G2<oxd+7ep;Wn{?IiitZE6}R
z20-XsK`Hd4V+Ma~BR8**EH7`{ZSGdYQB+mbC~Mj$w7s{qvvD<kQ+{ym+SkVQfI|)f
zY+}LeD}ks{K1rVZKEO*kK}A(S(rIIPc0Zx;j?rH+!0%}@1~!=fktRVxYLRHVV=0AB
zKT*=gO#6H%=^U7kOswWUeMN5$4-Lg7B9Rhc_{c_;G87okMD+p96)wa`z$JU$na9I8
zbP<Twp;HFG%BZ*pqzQOZ1eSYdmAIyPANX~H?VG3|;|~-X2@PJr%y&Hn#aBBoOi<a%
zx)w}9@v?T$<EmBsP$?QmXoKDmaXShpJpRty+YixC#gA+vocf;|m#<_BA2^G_XtS7b
ztMw?C3a?Ffv(?zqMDWsWgL)QUkWSAvf9hO{q#l?H-#A4Rv!#cdWXAL1B_;ODay2Qi
ze;kn9xuEf<KXb(dY#3}GPvsc#WBAYhhx;xPW4%)1E?=1%;?tj%(7*Nt(3Z&&gG2Lr
z+Yt=9fgFqNcfn5JL2zZK3P^yB-HJex=WQH1jFDL7X+R>ds9+%-Ly>+abdnsl1M{5<
zS_UY3!kXHyyt<5pfTNhFn!h_wX}b#f_nh_TUgsRuC3&fnj#S7zlwNI#sWfcx<wW6Z
z?+0J4%9pii9=OXWgE}8Pv&xP47)iJ_#4#Fjq-RJUu?zV=n*|3^r7hO!-g3`H;L72u
z<2r0CJiqBzRTjmH%$8P}J!UznJ6b*v1;{Vf{Nkn?CG~(K<S)!tJpQyb1CTwcX2k{l
zp7R_f?Tx`4l?=9ZxeoJrB!gwpb9$aB&VTNfMrl$v1;Pgh?`>ew(IZY;fa8z;x^(17
zY4$oxL(`qylR;1G@T{y+sC;)5AvqRn!Fa`g@O}pnNnVM@X&E;ODAN=26x2vb@0NK_
zKjcsnNhKl_mKPe8jlr%Vd4--P26CT8XQnGG^}c(Y%b#3XXumGMu`?1|#2htO-o@LD
zUtzbPkI@cl^ERA5*g4$=-J{WVt)h5DyEgm$$?GCMNBu)=M}1NDd{w<Zw8xQSDpf1<
zZr)5PX%u4Ep{;*HR7SG22vB4jhewXsB9;)R@8ui=ceEe=6CI6;B<xtWvHC9WPP{1a
zXQCKn=fCbysDD6b1Nx6<@aBv!!uwoAmiNe!*X>14$@+&M-s9e|Vnzi$+)q2Jt@Iv8
zh&iOs74>xNZgF@EgVkhvb%m#zk>cT+UjfppQ!0-(Gd!ePTKxRa-JkTezvMQCmuVf#
zf80C3Hj-hEZ$vo-Nn>ikD~9t4r!C3f1s@G=DE{u(sK0>Kzc_)v_n!f8v|_gJz*Rft
zO=k9&6v~PZMT;-ft;{+S^S1<8Gy!2KAS#=V3$n8Qeei$yF<@E7|KR(<s=dMC?<&+{
z8sX^p1YR2qixU5IC4TW8KR>=V;!hFQxJZfM|9zVO<7urk%#zi)&F^IV-Zzjl+Fk4f
zfo1=HhNd*WskGm-jbjDcvIn>@qsB(H&i^gE1n>=kmt|A()~!lKWZlEHZ(QUKdH?WQ
z`};!NKvT>M1hWzgFuv)D4^jT!HBM=KD<1>u(qoZQ&)>SnH_%qU==wMR-r-pT#W&)<
zDCz=8>OZX8zfb+o1^3)v(vc2?O8?IKBNA^M=w+Q{9GCvBLu(_)Fe=^f+P8RK1%k}}
z_sM{WKC7QODclWmeE&<6`txw&NKiWWo!^y4gGP_3k*v->*^}Hp4Ya7@{}zj3f=PMr
zBeqD~cdF$r0nOH0i(gpAzda%Udc$t3%mUcjL%0fnGqL?Vk#YoHIk*|Ew+2$s|0RXI
zmqO?)@Ai#DojgnEpyK){jEYGVqF_uy52wP$fO(<zde_8!v~xjv6d5&9vgOD?g<Ia5
zmk2lh;o1!^RH0)?@l_A>OOSL60#!&?yJ`vkzMcWWI5e9xfK-#pQBG|Fx|=UA?vUwO
z{98gfx^rWx{ke~N=>bm_Cy^Zi@*BBmtT(ceVds(BmZ{~c>mTv{IH0%!9Rd^@A&~xp
z&l99V1N*gx)vINdB%V%?_98j*;MM>J+H9w8WQT(KA2AqgU}C1h97qbjbK9%)Ry-VV
zd$}~dsq1KZduRNa!_MqM5{4JA*%1vY_1LzCmj+WS=ZRCkBRB@kgX<Bawgx$MMD8^k
z3y9-{bkhorm0DZ_@(a_7`(rgTOmmw|At50%)c8877dl5jLJW7?v1<<pi~B{=7Y_$z
zFFj;~+*cY1-Rn<d1`b|THoItIVbS}hyuji=5_#%_S@>4*v!l!C@cL1FHw9~|u<!h$
z6QV&B^Lw8!z1@Kyb-PExi)j+~wuR=aMK%Q=szxg*hb!W}rDP*+7DV|lPwkC#JTp-+
z+;Jc|+VQw%-FmOGfsd~Cu(xV{(R$j^ZTIe=o}BCZStvyvfDsPf1y%E5#@VqNUE6*j
zmSGN3Pl68Ca12Nun<0tah{4nEPVJN)i^=t$QOV)FBU<!v+V<tcO%m5B2>|}qW)#!V
z!8qaXc)0bg8QcK_C)BO0?!CODEt;PtfPp;#6`zF5?EV;Fv2yN+0cffi2vmbX+DN-8
z)F=w9y^WDf7xii4o3z7+z|jv~3DEOyB+K}4?br#ZsOKOl9tg(pg+{&3@69piq~PKB
zme{0Y%SDiI4!b_&)gvYUi2~kauf;hz+@@~G+wonStaOBdRFS+7bjv`L>6R(mcLXTU
zkbtY#m0b(Y90<kK)z%={o70f0+|tG+cqWLizkux8u<e8%Z94!BdLK>BTxh(2vROl}
zVhPX;9gN@ixp9I5<hy$HD$c+KhPti?^-4a$kQ}!nGKQvt8icFwTu_33d}r?o_;})!
znLpovjXmO!w{wU8^^9soa#zA_&C4}srC~BCy2;``atxCS7WjL^&HMsD3ve&;UL+B_
zP2Ze>`;4p+6n54bmY-*-rwXl@=}cJI<1?mLJP_uym}+q{QhtB7!EG26UZKMP*GrtT
zzhkY-@{Mz|Y+iV7;8YCTWBZdd35S_ol{F%P<Hs1)wPWVX<doIpW#jH3LgFNmk;>x&
zsit&la)Z*;Ye9E6^GD31oK_rb9(V9!hIH#attP|XxYQ>3@r~VhiurDc_T<Mf<n5@-
zquUfNGdXjP_mrOAvsNy@_^i}<K2UxyR%$?CO|WQt=EtRQ#O5?-5BJmL+>NsaFi~Zy
z`mFm&Qo%YGx4P^fk?96pSKUDqga+X#Q!A$l5(xzr6L&yZKP%^V(9VWuZ3C4YIY|p`
zKUl0}ai9ln%$WJtkd8!j)4;-5q<jcwp86Hjk&87ppPB`r>Op1y?Hou72crG4)gQY9
z=`Ct)Xu@#Bj*r~pGYF+q)-x{c1_&6@1Ye`NU2aSwwD2;n;eaId7t4G3U~V7+0YJ+j
zNS(@IYynh4=%B697XYcFdA_18Pw{b!hg=`(C&2n3Z(|ckD4}LzNCTcwW6(HY13bxM
zpRF*@?uS-In%zlJb>s?`!55H2<AAWH29Oiv0}KM7X>LXo6rK+$H8a6naZXCr!xns%
zh-U~WketbxZq=o~w2k|AkqLdlSIa;y$hNz34#1k7%kST=)e<b7H15QgUQtz56_+e2
zso@ZpDLJ@<YT}`XUsL4seXG{5hEtVgQ(6^iA@~0K+vfO}$8}SJecJB*<LW6Vb?N=a
zhdq6@+<U3!{hPvj!jAI9cGNSRN68Q9je49RF5k2<-gO#^Qm_93W?r|5Ux4%)BEaj^
z3-tOCJQPQ|Mqq`3%&J>~aYmWH*4FE(Wb1Y7N0C4B4a8Dly4Yn(qC^rQDW{3_nM<Sm
zCDL^Y95kV^-J2Mcd$vb+t1Ub~FH<)0ZeKoH!}!YQ%6s!38^0lJE?Il~M{niw-O6=>
ztxJ~&FvLQ7^E>&9t(!hI@DbOzi@hDD@q9mJY(K?RPt{nhHl;~cBKJ+vz3{322Bn)m
zF)Z_p#6A>WQ#^FuiDsmO6*Z^f97o;q#<8|yH*=UI=D4{M^DmE$ysM64osC<f8$w(S
zDacp+wrdQVZALM%mHNoZ_&#}>v849g3_8h)K4vE+O48%t!HGD(HQpu}skn-y5}j0?
z+Ic48NJ)woW=T%k$ltJMT4kEk$Jx<si}G}Pti-kIye_?|irFt{&yb9~;AHAprpmkH
z(0HtB=0Sz$oProSJL9PWy@J=N8F(PYcvyT}bLNiOEtI3#FSe<BY78!{jjH!9EMNH4
zF@B>yH#3<H(dbC^p%1T>anb8UzGU?bbitgfVrsxtVmlMKFpIW!pOng5Hf~(EZ>Ei2
zx)e(<a*XPak&inbiT1|d@^<vrS~!^tFqJeFVG`lKBbxq-V#Upo0yo|7wOK=vYjfzL
z2tsuX5%-caIf1xzyRNeS{N6)^=B~l?LVZzF!S)47yyN{#$U3lt^|bWK;0TZiLCOTU
z_tFsBGaQ2DXOEM<ykuK3wMO#ph@i0zSV<Tsc$l$_0;UF+!XyMM_l30|x%U1)#=bhP
zs;q4r4hJL!K{}O|JhXI-L8AytH;6PyHwdVtG}0oaNT)PNr+|cXgLF51YvVZ2JoC&u
z^Znz`I3D(1d#|<bb=_C+K7ImPX|k%_F)ILTWSMv>5ryJIa?~v?OSJh4hRM|X5}xHE
zj<f-^`$5T}tAfdC5Nwd$(---^_vnWA49LY64x+ftwF-FTTX!j7-XMVdx2msU^AK~m
z?%*8I?1B91HhmH|<?~(%JxE3Y41ZqLi{EMslb54;^NgwLZdx+rOs{Gp0PsQs=f%T@
zi}SYq9bh>dAUQ;8391&SS==ZKTW;fu`ZpGaCm2r(DNX&&5oZO8@D`{mX$`P%KhQn7
zL$Duba|F4=l$Su9->HoEZWbVp8S$iM)Uq<lC2mLdRyw8qzytdJitKD~)K7&PRI#6m
z`(zOJb+{VM-6ZQ`b-BOs46~QUP?Pb8ZM!#SfSJRTB5rV<X7EA(R)}%eThb+qAS?C*
zHSZC&e4tEdl0($+7?JDTI+7f!^}N^wyJIt#Yb35rEuP`xo-_Ioomy23op*u5C-oQh
z;eZWg+ddI(8u{BKdcu}e_GE-M8L`8K4qo(pw}*`!jWX|9#lcD~iVoa9c`{vgczK_r
z0lA|DgPcQjgZ1OvBIgL}WxhZ^-f$XL2@RO#Y=#_8JS)O(VtnJ`mia)sO013Mf%U^s
z2fcX>u~2txvK?0e)81ig`Q#A2P!%F{69(_EJS<1A%RI1G9G;OfTp&cS<z@Epf74{c
z7|`l9`^srwhnZ?J6rFk@#qImT?|Aa;Jg@PJt0Pu_hz_DydVh9WPpqeKZTSU8ts)L_
zjW9d*aEjL9*)ZY#=L$Y$v;8r%v=WV_Slxs~&qm%2?3V8E;I2hr_oo_o;^@%N?yvJ$
zKN{v3Nk0Erg5yeOl!&W9Ws*>?U;aGJVLGUOcBW8>QDP@5e04FqB@fSX<b%{w)FHm1
z+-QKb?#0w%^NX_m6`~s9=W(3YbMLJ;di&Bt%=+91-itLlwkh6l%y3jJJ$fq|=qDDs
zMkQEkdhMzrSMB7{dW`kfJ%Wbh7FKEostV0RMSRu_H>Vnhg$&9Dk;zm1Bx#?r5!I{>
zZkH0=>hOaB_qLPt4H>K#SEch0<F0X|%sFDmlUUyOc<LLGa&(g|zNPN`wRGLVdmN&x
z+~EhE=WPfzu8OZ-h~T1)>ZtEM6uzsW+1%l?VL?`+7ZiFM--tRbANo3V`^C6L5dt|w
zVsG`yq}s6|mJ<FRsL!rK_zr7uyL8&8e57<;1f8t+*5lS6CCn+}UFe%5U+x&nyfP;5
zFZW7jGi_T*Fo76$1?EP;&%gk!Z<WfGt1?maF<AD0gd<5Qax!p;jg*3HqAy<Nf}g5(
z8t)Km@t|=WRY4si1EW|lcbTzCx#%v_R=_U)x?cT*I~2E3PzW=M!(al&gM93b);EK+
z9Kn?~nQM37t1uR4=!Ck{Pz;2V0cE|?tzJWoQfe+=EG?5uo1}d_C;666*%OEjHhY_b
zkQO+mkyzo)II9h@6`t8NQu7lb<mw>6ENj1^>#pWXIY@ue$BVNs2nA*Sv(Mkd?{S%9
z=o9F6e}YLN#ic$55lWA_JVBUsqxTgmlAcjD|GiCq4xO|QsBwMExb;gPN+C^2Zag`~
zh$z?Rqg;uww?l_Q@~=z^t4PV3%_ly*uB^J8weAEob-+My=uo-8UR#!bsLU~7^rN^4
zp>7aqO>7utbSdaPb4F9jv^+Kt=578qZK?KbX!M+j2Fd=ca<;KVgN=wv-X}_yjq_gl
zZWnc9E=$>&Yer$x887W>qM<||kzD&kQpI_LUMArphnjxLzFh$QLUPgE0e|zU2pT7W
z7<DrINBG0a<kMI&-4@{s%{;APt6;wwl8^B3gK|EFR~S~xZC4bgv+0J*Br;X$)v_ZZ
z`dX4b#Ox?DEr!{1BC76c+{TEmIsNwj{ppVIbQgxFpS@5SX3$qz*R^=&RM*klQhAo#
zzAcPaW1<u_>%}A#Yy%g~<LUvQ!o&Mc=tgZML+`Y+9aNsrd}_RPfpxs6{mz~w5iZEm
zAEKsLlka{ISF=G;{v03aoNesXAsplMYtMA1SVoih?9_Bb1GlRKR@YlT408JVon%FI
zgs9?>qZQZ2Lus0wj4~6ncw+ga$)o8Wy%<8``zEhKdFRi~A7;d>ww~?HInmi88o8yB
z-X_z%5*kZ@zq_b5dMLx%wmL!IHZ@_q?A-WKI>mi@ZsCPnu=&yrAxDfA`jNp1?)f^b
zJ@@{riH#I(Ty|wo$<*mWE9s4zs1FS#m#PP<QX7T4Br_Sh45AO}rU@d37O-}UR$+Gj
zpJEc@)M{F8SxD7N7{HKS)%UCK8G4?@-+Phg5l5!|-K5PeUSlKEhCp7uou`u9^frI<
zZi<afNZ>=mc0{)z@ketbEWBZQp|^54t0a#@YFz<3>^OpT`~imf=)P`yBr}4kZt;;N
z=#ll$pc-*G?C`et?~v7dgML|nAF;N;q`87Jn1W<cNQ?eQ-MA9EE(MDLaE99((+lF3
z8F2zO`q-BSKwFNmx&#iJqN~W-Twctz$w@2)*kU;xYm6dzaAwlRm^y|v&|pfSPvalO
zHG08pm9Qa*(h;H8QNDKc9hezDc}NzAZB+QO477RQoutWJUF;Rc@1%E)A!h{Lh&2H^
z%#}HY4!1S%(U%4j;i>T!kVhjVqGWCBteNM7%^T8$0_F+XVzj04`Bh56F9`d7BT|@m
z=i&z*ScfSg`7L9-ti?mSex&sBidSApV)O|Zu@Q)_Cd+teK7p<9QLUHv#1H<Gd#Kl2
zY3l^uXnKK2Yw^?V23Bxdz1K!u`TSZ<3SwMUeX2e*Lauwz?gjtdvqaMq@N%g!DHrbc
zwOL7r?SG=1dXi;PG2o{6jZRj;LNPcYK{VLA2ql?<P*l)uB>w?^Smk~&bwmB_*)op=
zcsG>{m!IP3d-q}6WxlP&R=Ul~;aY!xyNHMV#i(4f`PyZ70`kSfQDrr5VoYSL<$oi_
zc4VyY<c;v!Zu@vj`EtR&eXBcp^<L@O_F{23e*4ieb@5R6bUK~&sX6{jO$O#2SG{m~
zH%<IawgGi|<S&I}v$&y(GSbTI0`cF3&WEz~o`>64>Eow((2z<wyh1&v5_5<c6~zr?
z7)c*xkm!+$2wE-DITLLQmw)%V?E|`M#@bMAhM#KO*$Hi1Y$AV~q{6|+$M`Q8%=kv1
z^`9NgE%-)v#YdS_k2*`?&!zJm&dsX6RQs$*KT_(-IJ<du#IcQ}xX04<I6?RPhBWh*
zL4<9ODa(N4vCHwWN!(EbyJ8UL#i6b3u-hxuRA*bgr@f02jcGb(;qV0FK%@H6Ig0*}
zwvF10yf02*BHTK9V8%wG;5vU|traff*{hyjMAm0NxYz=m{h9*VD^BYCVxZPZboMN7
zArn)9F^hs%PB`er(uB2b>vNS-2Fu|Ws+2RCDvNvnAfQ2c#hS`v7PESz{VO#%R@=DQ
z7Un*c3b-0f&yK;lnGlb`%+iKit32bJndtDL2B(M-6;z!`n0SxqBBGL4aX1tD!(KT9
zA?X*9kDW(1kXws=8UWpZpo2GJtpX4ZV=x7y@3oi+xu*xy(9<9G*Yqzh8#oV<_8~0$
zkBUMgKPiycs~>+b_k_EUe)sJ(W<|_7<_6E18M5v;{s0tsX6CK(IvCa$gzfFgxsCC;
zwg>~HsGS2!hv6I1rN+X#9whxS1yMVwF1O1Tn@@_beaU;45`#aqOj2!HD{Q+XT5scX
z0(Wo(9J$!^&Pi*oM2nv<J`WKxKCFD}RrAi<X9?s{?sqCP2F+_heawVfZdMAMyP$}&
zppzc0<S}F!QYJE^I~7>=+3C@*YfpM6VTKzMqm}OE7A@@bVnU3hfkU->jg#Ep>bRRV
z#+jKBZuJa-{_E0VJ0n`3{iTu)OAUj@pGRRacz5>eP!N;c6R?<6kSo-S&|Qbw@#AVm
zu#Th?z2&Beh4-AlF?>G}W%!XRG5VFgzgD<y6~8+lVk`;ndeFw4Sm}cQ(u1B<)_!*`
zPOa3jR!o#)XTT9r$*pt27A`ju70%TM%0SBQ(JF&-Zsvm%LwtCS3~hO(6@JkA#nceJ
z0iCjC+~k2=J4{(MesI;(Qwu|(Ho-7vVlR{(apKZBmu-Ws(XPj@$d#3RXfBy>Q7c`s
zcy)+jwzYZE_`ILHP4gT<I_fmZOB7@&#yE@0O=MI0E#u@Z<swGyDS~%3ED~w4oIR0Z
z5;t6KlQ`Ub-IHPC4P``-F_-lTy;@nGhX^-|Q03alBC+LHgyzNa7fvpW=zh$-E;AB&
zS)an<XldQ5$J-Nv{1{1A-#^I@vmz>w6SwsI-tThdeJXj<v3d8Qj36b!TifBZ@B@0%
z+2U2#P#p(Zt~qL1t{_|mOY=ix$;QfQL%^E4KjF!(-)srLe?GnA2p~&(gUs}PcUEn$
zAXK0GLGjV&*4|y)T}|YInXo3zFts}l*Jo+A8=GvYDq=g2j06({$FZ+8?1C07m$t46
zr5iE>%PsOwCWrCvOt5P5{N}CtNxdmYrFludg~LSiJ3#u_qs4MtMI*k&Q~EP^p=IEH
zNK#^t>ub=wGWE_RRc>a?9-oBaBmde7AgW>bUcv27{4{s4oy#4`OV<W*m~Cfo&&Ow@
zJ$Q4@dH*2r2LaroqTr=oPV4UcSbSe_WO}zng0ihIzGp|dgX982tu4|n<2i5t(P;A?
zzRYjjXq-Elv*-~=8pP){h)7s^LjP>j0dDRNr+=P2KoFF~y_*@ty~-GTtDI~@^zK?2
zxSCYdVh$A6K}@6C{CrYKty{%30m#WteLY%VK&Xjcy^x)mbHACz9z1*EXniPuZ9AP?
z^FX#xivOhNv0le}a|`(r7M%-GIq5>h&~e>`7_LH(P%X#QeEEl0otJKOyr7FF8@>5S
z<HeP5q!AhEiUs<`MA}zzyco&!YI!{e8p1W_tzv=!dl42|JQ&sr(p(Z8<A!e@j^r%w
zM|?dF&HdESGJAm?$Vl&4^hv6314lZ)w2?5`KUdm;d!+h+{;Y3%PqBG3I<O4WPHXqU
z6WZmKH4IPxMaQ?dJxeEFi`Ke~Dok&-)L_`1tu*G#g;$)6DAoqJN2D<H+mWC2voMnj
zAJhi;(MPO}<k)p^vSRRwCc~w4)<$`A5(U`b1T~)A!)Ns{UkOQ<;g29a>ui0MdZ+MA
zw!8o4^ZP!_iU%92&j?GFYjp8<&lPQji4;OwxZ1W-M2Z0%PhTMFzB!yfMc>%)PTFDP
z3mx}SRhLP$8cWGmoDO=sXgoznSGX?!C#A`%<|jR)^adQ0#q*sshwE)PxUP%_ymqum
z#Hth2XR_t?m2oXTb*Jua2%VdxLM|hGb}tko9*!w8tdDe>9(R_`fA6B~zRy)lDs>c$
zf@xB35|ho*Q<2ql7!^c)*Oa&UP+zkkLP5|p`UmEoQSviap$cnz0JpZ_`;1tmx>2dH
zLh|ud!(^5eaY9t|Rb%edxBOOARyW^kSTe|w6Y4W<NgET*5>Y{@>jGB$3n-KgvBR7=
z1nLE)lmaX~@i|vPgAWeUTyAZ<?{8rs55DI45Rd0(xT?{PXQI)QByx#yYXdIFlcYGC
zXB9S?N~E)^g$a)lgB(T&Z8P%>R6fmq>MFV1`K*94)H+8mRC4nS0Vh=J1<DLp>_~2Z
z_Qlt5gONo*&lSYWTKIm&-GrRbp|9DgG@)`a#4M0wwAoo$%&^;*o6+Fb4w(V+kb}^V
ztTcUkexCuu-EDUR0F?)gG?!Fc<m&vK3M0&Q2a3(vnFu#jDfe%`%`SXkXw&NAe)i7p
z<Po$bI=KLuSmxtUOnU+A-VQ?bjCVVapBlW5jjI&3tNn7lAhu`#fsD^~Pd*_IqvA>Y
z?T9*!WgI$M`*S&r#lAeE1M-#F)0W~VHw7GDxt(1^!^u3)-Jd;q|BZs)dwFdB){c-`
z`XpWbtilex_ZrWPRtl|*NDu$x9g?x6)0SP5r*anC7IvlNT>cpF7{Y`cdB?&UMurxH
z8oI1_3xaU$x!MeQ4wV_f6Bk4e)}B^pVa3jAECmXzwKNWvV7^_^fm&f+>L&_;98!c+
z+#HmiRjKP~C+SeJcgO3)6@%uWSIA!^XA>W%UjVK!OGrn@frn)@?V;KmtRzE<2)1~(
zJk5#yM{|NG$m%{>h8<iCZZ#_egv+5824bGT&A7aaaAatEpXJ15kXNX>G<nC}cbbT#
zs4Qc@y7b`d9t%`fGATtPMafk<Zcv$|Zlm$L&zpTQa<Qt?u8Dd5w)yA{Y4x24w<BPC
ziYf9ds(J%UHmL?D4)d16I|xsUQa7D<&+J@(^nJE+J!r{y49778g~|vE=WhADY`bvJ
z1n<!4_wwNx)R?!94mjW^Il_g9a)eqM*dB;`e`XesdSR|=YHvkvgxcSue{1W}u4XY;
z{o-?X!VzK$Ot!~QT~g0SdR7k`{1!g8@8+1P9A~c^oz*-Tf42{<>`Y3NaP(Cu5!j{(
z3)T6fL9&1&BCSl2ZcWOYj3`U)?#7E(5e+TL?o<p4?5^f=e2Fwx2S%U$j=m3QVoZ@S
z6uLsI?d5y+$1f=lVYAJ_f%D-Ic}a$CL-J<@0v?bN{KMO?9fDoJY^AD$NeLH@{yn#L
z@WY<2?D%hg^F8};lAXby02a8^0e)l|e*RBZ<ZJu4F30?zehF6d(xbrM<y&y{I?09Z
z^PfJvr=a^|AREnPW&DAiFX3Nr=dXA70E@@s`+&Grn#Yy$oqzsfFuWUZinOu`N-q8<
ze~iyxzVO!{$tvqWVsGb?#i|wT;OEr+hyU^;M!d+l3ww7kPikTC-^N4SfS5C_te_TU
z%=3ST`Pa|?`5d!iU|lQos+C_cc_h8PeYGuLxURAPe8>N<A)LeHG3}!xS?W>&4Z<H;
z;>p?~KbE2^)c$#F2(M*5^O@XT?x##EyE)bU@!uX2=0GVDX|=qWE3IbjzdTRygT<TR
z*t@Eo9TorfIK{oyi8*^URs!m9{^h}gae7Uh|J-g%wLAOYFBZdlxj$3ru2rG{zU7O5
zy<VmFKc6O%>Ad+r4;yrEiFmPm7H_>L1a0WX(Esg$Dy7^<Zdqc(ZwKi4e?RK~`J?ye
zo4P4wxfB>>QvdMg{rnoHhq}kR%h8tXegDT7Kjpl%87C2Oc^-=}xSKe}*qm?z%C6bc
zf?&X|)krVp9#u>iw7&7{22w&We@-k)5kAZ4za26aA}EAd5@<DKk4b@f4ZsoDBx^m+
zW)z{F7qprwbv%KINCV{90sQFG!;hS~Y-YaXgC3wCC<~YsE{%^M4(xx7kHEo780bvW
zqoqA7fXt_HAX~X#C(y+WG6&_G03_0BaM8G+&2|+ELWZEf2FQK$5p`$eTIP~pd+b(5
zyyfdrpAjIQQ*KU3*Et3XhsHq-D@w@gqmP5GcG{mU8nQwk2Hmel&{iY{#Qi+A1vcXb
zV9HDdX^R9_AeGT!wj3k{f@C2S#O|OS+yFokl{iadHDjp%2bp<fFGC(O4Ms6qs?WZ!
z9?k<+#APzLpK1x{5cokP*=VB=`jPIqo1#+z7s~b(Mw2FfrFMV^F`Zkve#_YzFd3Mf
z*9o9O_x^Eh%D;5sTYpsb-!G5iTG#IvIY4dv{7H`!KLB>#$^js%jq()$kX{v-^5QgX
z4Ldx6`ij1xz;j)%EmwH!3xOVJXRsY5o`(o;w_Zjhn*tM$2T%ltepsQ(M^*ZrtvNui
zzy*pWtEUrHhaF)#q30*N%LKkjKsg}~wL?+7(?F*p>PKykPT^T3uMQ&bT5DQu0F?_9
zUimnrJ_mYmN+?9ambe!1HX8xK3pP)<Q-Z@cOrr^kuPyqJYu>vM%9;QvosBu{z5_^%
zI8+4~aYzB^xg()0hd2QE0o@HIBXrqax`y%<Za}Utdto)OUt=_hQc}&<lp}T`%EEI2
zdZ`o_wVNa2u0Vi>+4bZ3<<QAsT5CT#B~_(=Jfr{j6ISU21`*`3lQJZ<OJC~V8c9>m
zkb6bmY6d@Qov{EZ&<S^&ry;{9V6k`Iv*#>8t{U?8H_iz!h~tA*!38eQ@C6Xm@B+91
z@oEAxHpr}1K!*}6<e)%9sg@8*gTZx>vQCVKLv|e!P>7?g0rM@G5ym1&eD5tZ>LB?-
z*Ln>4tS^9T3WpmY1R$`EKr0M;ZM01BF=Z=VMlz2^oVnTpqjFTrr2`UrZZ%-pc(a=9
z2h*^eNSCrB|1duR!4C~U7DWUY!bykypESxyHoLkbHg2mG{A$4MR10?$qY`U!S~4Q5
z29<lss<Ow8tcoF9X&YRCAdXdW49jTX$7I(4`fU^_`&G^7@6+=zB8zI_>2W6O;Lr_q
z5ylv}G78dy_|FJ57h<nD89V#*gE{S94tzQqftv`GPRHUQz~}=Yvd8QlrG!rF!hAcF
zi=tKQ?ia`?XkU<yLHr5j!3~^4YS1K0pAcF_Iq5v{J=3qWVL*yINt#*kbK8iyG$)N<
z?#96dL~@-tcGLY0$mV9~-d#>Uz#H|<uC7a}gY3;oCWp$|fQ)eKtaIyTn2y}6$UUMn
zFxklfaX*@bXPyCvYol#S9Wp^Gm=$T@DIAaMc8#SGVQ|{^44-Y;PjdKfis*>WnFGTo
zN=18aH63jnzT+|NA12wd>rZaUv?n@h7$HCNd05ACDMcNr9};7iQ$kvaDW^gaz$NjV
z;oDAvveBggiEL(n9k3V>JGH$h#Uvby55Qth_EEgQ`Sa|0+25{~!O~uR^&fKz+gU5+
zbe}>|2>lpUc&GHPQFm#=#2*50keQ8TF~fvyG6_8&AH$9LeRr_vHR~cIK6EDv1pwQ$
zFDdg7iypGKAlbaRbOIO&0SbwNeo(LhS{Hgd{xGdTF<=KbAyLm~Vqg;l(WgbT8u}!`
zv(OE%$#wAgSnb*YNluI0EP<jhVx1OQ*(brg5oi(#P`>j|I2pu(R%atbnt>QyBu_f_
zo9uiVs$KS8*LOnpYG{`pNMj>1X9{(@fFclb7VVOnpfikC8n8yoc{kgj@CL^HB%5YZ
zM7c9$N(Z<cw;@Zmf=&*j+$|cVo|*?q@ia@o%8A;y1YV6XM$r3Sn8(|i%#y-01UUn~
z#RnpI@*h9^5a%W60iWr&?e(L8IKC*stOt<)K|%8EBtna-Ovt~DB(`eG2TPwOLbPy$
zaw2e*1zCB}ZwRQ}sZsjnI@}eb_B^KDJLJ(0BNxNhvAoSE;wi`ndlX9(f${=zC`Utp
zJHf#N`{>72HzMZKxQy%lL?%i3Zld`~Ap2*g&zl$F2QYVnm!OlSXuxdhGYWr(v1Dr}
z;Zn8vo+G1(4X)+v1|*#Z))&G26EFFnZhA(Mvw&%nv<Vi%CUPuH%Kotf(u-O!!@7qV
zHyWXo7AWup$FOkcBH==ZhwH*L(ry6_yYyAO;-OfZt6w}OX0_t1&v_bD%7i_x3!126
zRe1Dw1wx7*2HyR)$D*;OaHsxKAU19mXOTz++Af++S4&!@-@;-_fpJ!I9WnB>IqgZ5
zN85FJmYBN>RI?|2=v;5)Wp!U+YjY{LvD2}Ht;$7PeSLQ)p?SCX&F%ZTv3+ekKA(dU
z-&%}##46MU>5_~Vfc>?(zyWYJ{9;k%bj%-rxApzL{G19y(*j6+5K6}o=L)QSVkfrQ
zi-wB$PMwyn*`)1<el*l*@M~>o3>p#s*Cf=MZRjf_<TNSz3|<g-%tyBylX>frjds@b
zqjz32d{4()FI9M7ExL}<eJi$<XEV0v8ZnnPl;9&EBw_8-8D(ndzN0<Uj9jSHe_(z*
zaRV#9Q)Pnxbd!qq$$dQGN!JfK2Ur^g`dWSNH)xWK9Wo{QA#0nOplhX2<}h{w*PD0(
z(B=$`^^V_vb8;U~^vtu~41R11)jgdrjNC~GDCqCYc*Pj>Y~93@Gq!OlLK~Gt;<bp}
zY>qg%Hgd3xLu#l+&`IBsc%UNKy$^YpiBz=RoJ7b^k}sbG)p79aZN`b?B?K9VV5kk{
z#8~w3O_&(2Z&!%Z?j(zI@H1X_Nj8o-sDPG*x=GmSI3n%93OAYg?<)9ST>ymO4YXOn
zpQHbl9=xjI;|Aqc)r)Zn*^x`=wv+Dw6SI~tQ>N>}M;@6k*n;I`WWL~MrOk28n+94K
z#x9_R#;RsL07k`De23EFuV`+vjb})9a3``#7t$6i1F-`(b`0;r5=d>CtpP)9gus&*
zkAK(^iN~Jzre1c$uw8Fw__O`W6U(>Z{S+)P`=C%c2HvZN-c*2ZVdM~xGi+=^H@aI&
z_p);ZSR+d9r>iB!EZ*16t7;a__Z-;=E$C)<xlF<zj3NpY{G~B9hd0t<SQjKWvI{3T
zqHNmOBiyMA&NQtv(?^?W)xJjhv41SUHSEh215~k>MatTO?s<0HaEav$5O|MZN<i~>
z4mF${typQRi5}nIUAQWY@i}8uPE}xoTRqj_jn);l6+rbe#}<sBOtQ3cNLsZU4AA)g
z<leC-qSAeNMfCD0cAaR-txMcWk6PzJiZ+&9tN?S>@q(+~R7y<8nV#rE+5bEU@kYYS
z`e=b7-KIY}TE?hz#GF<ta*9-<>2*la+qD4Qhi~7s?eeU|cyW`y462vO*7bQja#ZL(
zC#nPacrkF!r<q0;rRUhB-lZ`Gu>CFO0$CzD`sDt;j%B_A;d)7#nFYS~?(nv^mbCNM
z{n%jfVYofoipe0g9jUDFO3d(DM8$noW3^xplE+cbBkZMb0?Xlthc`GCXo7?8lOgNK
z?1yV5@D*wWn!?3(oadvSw7*57jmzXV?tB@zK*i4xz4)Y4kXcL4S(i)26z)9YFG(L<
z<et&;3fmTV+h5V`18r<4Wy#coM|UPUj4JX)Mv%nP^B;p`weT)FFKJcomSl@G3ZD6r
zw&C>a{QOvt-lxZHvPv=V^WRfyra)=u-tm|dk-W=|tP?^#tNHkSfv{TnX|hRt+qO~A
z`nLM9Xrq@dU%lSMM+%M7zyl>g#Zr#JmM33%N@EsH9XuRF0p#Ze+tc#e>OabEYhKJr
zk2iZbTtk?3$2(N)MEJQ{j?~g{jaG#Q;@NI_-RVkR$+L<bL0?#Q9T2mqtrHJC*QO>^
zO4&yRG@(i-J%27uzF+4SfHgDMJ$Vl~m}1l6v(hn1S-;%Uwi|_XXWc-D^Tb8qpyc&w
z_hCh(A^i%+XzN`HAmmKRVI^jU0HcoI2+CRW-kjZ+HiXGyu@x%`_ZW?hgBG42*E$Dj
zYvlEe0q#-p3h+Lld-O>&`au#Lq1&rbL1r?qzT@zZaiXoY7QcVa6>O0@W)03lGST(X
ztCPjo=;-Zk$G64S+)asi*vTrTN^j((Mjb4t<uh$4gD+r^qkB9KQF5X1yJTg)80V*O
zIa1na8h7X5gF474qh*F3Pg*IN)l!C*Acro$>##KPgM!A5dt6C@ri=;JlI381n|1ZE
z?;|<jXJgcqqc&_Q^aMTQbDj{fNqfxd%v;+Y%pHFAHonNnj|&~ac7}3?PdOgjtZ-~O
z;6jH&s_>Z=FoivwkZrk_k@vb75UrY##3bBdbwNiR<)2R{-z9Kg^f)CW`1Z0Mq`hAM
z42&YS&|qBO3Yy*=IP5QYk98Mra8Cq+55fi2mc|~{^S#+qM2b65bf_{ur=D)KCE@Zs
z_UO?Ht-XBoDqhoUeYMGBc+Dmb@;sKYrr~a}-Bt1*83uKe0ZzjPQ^cjhKi>WEAho7-
z?o%rlVPfrYu-+K)y0-A%fU+#n5pZRstR1%2Hv#=cp&J~)B#F~$bLw#3t4}5YZ;@}^
zrwXW3XJQO%kT&o5bNGxjYqh$mU4Xh3=2-Gj@K)IiCFhmdtB-0n6G26{HN1T%Y)kVn
zQ55v&lw4tBZC#Yxnsx6GgG9-dpd@(8`sOYJ^89S8=v1y`P1qzLv2OXOeEv38T@Bu;
zFM-mUoYO@wuyi%EQr;60M<4bjg`h;UFQ)xo2=d4wbFCjL+^bN5`9Yy&U-{j`zuw0S
z+`-it$ESJHba1Dp<D2SiB_nAuJbE~qSvlholWXjJTTRaWX2jy>&Sc{N)#sCKbVeGt
z`4z|w3h{MkDL!YAok**Vt~wCVELMsj_qPY3Bv`Vvcy0H>Y1ME~!d=;JB=WoGe4uR!
zvB+yb2@M>rG8x`4j@nE5uym5nN}TX?<Uryx&N8ip0_@=12vc&GYuJjws@Q0~3rSv#
z?(LS~AnghAidof|GD^4>hFnaEqTg}rd2I@AsV_Nk`!jPP<P|r5vB;8yJZSyglkn=f
z(|kMAhFd|9-Fdx~AZEFG%cUYB@I0~Sfh<39*L)BdSyE(h>^F_bTYX@3Y?jl3mo?p;
z4EcDDf$T+_)5Nh#?usQ_P$)GC{f0471r8cTk^WOoP#WddRi$=2!~&M%>_X}GU`q_z
z`e#wd9mzoWf#?!201k3r+@IgTWa2zQJ*-ujT?m7u?`W>nAW+N6MAUm?b^L4$xd(OF
zJZ)EN-v@s7=7xBj02g_Ac?S-y=A(k&w*c`*;*?$1xQK*<2>aFwaYQf@f<H2yUOiB)
z+1WT5Y0+B+qfn(K+SVq#bC@UV$r~@W6_caa>{3cR<gA~TJgigs`0?&~6=%ry6n2lT
zEjWf4sQ6T^0=K{(9j<1U73t7>YJ4j8bHgfoXDtrKzE$Q{Y8%<FYjoOe>zNPS!&ais
z6rxVljXW8h-cIE7obPxTlEw8!axe-dZ+MKI>U?cJDX((BHDI!Tfx6MM?Nhbe_!)bf
z2;crQz+)YeMTxWb>u`I_KG+aMcu&0TE73u{&U9_cFoJr0sl$TyZqUowHuKUEW610H
z<!sbk_w2@vs@*=>0_^LK8~6$7j|PB*UFNHG%qc^>Iey2S^*cG5==s7ma2|WfI2!3P
zgH;a<H%YZY(A+BPmb2Q*?D_+k$XIr#+pdJc_!vT_ZUn%?_EJ-zDh#DBV6wP3+kiGw
z5xFblTMyBtQxfDHuo+;rk^U?Ls!#O%4%K#mfS2%X)AH|U_FgYI$wl~<(CwJ1G4F@D
z^Sm|WN+K_R+~7kc`;3%s6^IeS_x#F1o&y{`)~-=3xyMZv7}1{HIJ^2pNMla@5?jR6
zHFxlM2FxQqNo$>`ihJWDH={v%2ASquX`QLub&wUrxVtea77b6oz6Ev<a$mn?VbSjE
zx~D0t(t<tAMN!C3!edBC{6f;dNj$RXY<$9GYCx4?q=7i&^i<n<P-71yzc{DYZg571
z1T@+n4YoZ8WR`&tB=6y|g52`JFmj1LtOvrj2rpJ`vh<NQ?4`bR*;A3TfF25MS|&N9
zI4<J~_spH+tlu$99NDQL?(UcT>s;$|UdSjjhw1ZcHx{uH3=C^qBFlpEF0tN63SPFO
zW7hfLSv}50iFpW}3$j#^VO3+SZHn?}uGuNNcdbgO1cgAWLJ|f-IQ3bl6S~fi0W*H~
zP=VZ{_<?4SI7dBdp_@fID*A_o(lJw02W^L%F=ty(lL`H3gPP}RGDr_fgXdpsMbCpJ
z5X_?1_iYCkk;@~^Pby81jL$<C$z5aOg<IQG$AswPA)9A4nHHmy-OHjD+zSsYvW&~a
zrU2WN`QWmSd~Qfx4lpo_MoDX{KOvo2Qm~*r%apRKlz9Aiy!~10VwnN4L%r%G9+&z%
zpch>$pXD4qOk6JQg9Tx6dz>DIzY<n#F_dQ9c3l@{jj=d7*3(QJi?$LyUR<YbR!U{X
zBX$wc2A(TSY6*LbxkYn#l0l7aP7HE-Mp+HsUjXk5Z*ud#9(}$KfK*YCBSdU?nXd#4
zuDS|8L1+7NkfJl&0|I*qNLGe^bvJNyyvVE8fyt7SFL7g;HNgh(KPM#dEK>r0-YX4D
zU(*@^@Il=QJBI*5fU_t)b;$e^D&Ly|7qtIzy(jLr)q=A;ufHmyS3~*pJ^<B=(4l}{
zG=jdI0!W}AjU>;37q%wkusWO%LRY&A%?*+-!#|<UKi4UkM>gh~84m>a0Eijde{=@e
zVN4j2VqgdKHsx8*q6WD^#p$d&P%*!|Dh#(_?vP<AhH4@X$b#4=Y3zvPNz%h^$lsxD
zMHF<Xz7wVhp98}p{ELesdcy<AQa~?MWd9|<nPFK7>jXGXvPT<Oe*2)ZPk&jWLHIT;
zQ7jNWGy=Rxd7IK_!yJGgulb#fYeNlRDFBU+HL!jNfH>J#dm0_9AlA1~V9%d${-?b#
zxRV)ID;AZCKs^7`JB|u~U7CPoAO!5XjcqDhPv2udg+SxsLO2aGhD>wTr(z_DI7pH6
z-R6NG@FoO$947#E%^W^~e2Jm7;7jv+?mhHANY=j!vSbU=0Cp=H(gu#;uKq>cf-Gpx
zBrJg`Tc9ArTdV+T+S%bM@CfbQL>%3Nb|h8z0ew`f&}OX5bISWlv(Rb9RO9$@<YXye
z$&TZt(47P1mZXCLJQc(#fB?K%Cjn087L5amS7sMcl8OJQHfacT$MOIoE#^_C8&m)x
zoOrGCLRTj5DFCCR&2FKM_eCu&enje7bB;B&o0L5TF0%LC-g&`L;pKPhOHe<&>;h~h
z)CJqZpOu2Wj@N4!$U}duw`|fwsMvg@@Gjrm_aO|@BQ>PFeU*u~Qp8Izghib0FZF-C
z=XXplur!a!ru_AYr5JIiQ|@ST?BSO?tb<F&al+2FQz6H<7h=<<YLt(U0c?sL*}*<Q
zlFVI=Rog2p*OMD6%G_18^e(Ww5Z!TG8TR(!HE>s1uCRn%0AV_A*$tYHe|B^myZN)Q
z{^5%>0!uisYqWHk=;4v!vO~%Gw2nCjmftM~GykP2e_gUhC+nTfm)B@NR86~Ct%8##
zBn<oN{)S#5;{c3=<}O!L=aZ~Ss7Rhz>I}xhmiod;hkegS!bk&Pz>Sbm5b>hFsijZG
zhI!h%k?hPQ^&c)R!1fED3g~H8&Fz0Ur@Ch^2Uq?0@bS{0B=0shIUnmpPJ8eV5PHL0
z{sSr{o&!gCYl7Fm^G-g~)lG7p-~F0Z3I#VVjtkFlRr70eY?w94&21Pi7lrCa+fsqs
zCWcw4mtm&e4aK4yEn{(XjSD?8D<Yj^Q>e|EviOeTt?SYL%y68DJKEC09UilT>a3=S
zaE~exsR1hnFH4;?HEH!9??g%=4DL8uYN7GWrkNs5GUAgZmUTb%Br<clJ9w7|TAK?)
zUYEABDt8KQ?{ySIdT%s`imfBaTjlKJ02hvlQKgz;G$b_%=J5urxAyTk2s3B^D2q;<
z%0N4p(VDEh1)h{Mg6I$ckmL(sOD2glIpl!t3KKn}xX0y*vrB|;3n~IIbuBRPhJj=E
zz1bg^-Q-aLYOoSfhVQ3}Q(j-Hkt^HWGD!}=6(iMNAG|ha<nfD^`A7eu2@?uHZ|eTx
zR>CTtZw?~(pg`}d;F`}^HKgjGsfPvd{l}M?*U;Hzk(nn^?i*P6*;FIi_wUU!`R^V<
zyHK!y<dHV8ew(qr2^GMH0MC<L>`pW|k}P~?N4`=CAS?ZpP;x@jl{oTCccFankek;S
z@tgpxhUQPK9~-WJ+?5-U!cW=?Od4c<`U?SVUsLA-gr%$2FN1v+`!#pQ1SBEj9v;aB
z*T{D@lLv$m439&Q4K>E*!*p{<<pudcKagmFVv(W5cGd6t)aVTnM}g#O^<(1ocna|J
z<sGonzEmk51YI5{lzk{CT^<Sn+yv6C7Z64F+ykmo`&zIsbL_s@oaBOq4^ore*^$B(
z;Q{VeX;U7A--+385|DuS>5kdp3Ft)XmPY}M^R}LR<!F?c7xDn!AD7&9;(XA<;<MEF
zaxy6f0$+l9oGxtKm=C%+l_5Ys0a(B!w-hwA1d|g_UU^c0WB6t#X~w-JpZE7y4si7s
z9~GsME+ta7=Sq32<HhE6Rq36TsDAR}t(5uWVEn6zm?aA{G$d#p1Jm3fB{bEs?=Bwz
znzc!}wX?6<1Er-OMCJ7|s#$*IqAzF^*tRV?8^qn0I}_Ulr)6F~1O99NmvHdSP!Na?
zg<rIY-&h$1cL3WlB5y>c1RW}Gnr&dkLxqxT*nqc7!ShsU7!>$Wl1L)}Oi7qH<iyKk
zJ&IOZMKcp-pip%1>Xcn3gp1EWhutDK45x=bT!6aAMhvJzL&}$+(>s*%-3z)M;z&{c
zsBxKwvWp)b?l_zKOq$a6O6x|P34q81eeoEh0>-qcIu7rruxfZeH1;G@#!U3Ea=0dQ
ze0P;OE`xyXJ>9p@G|hW}-#8^3Afc>mw$g^eecnI8A7d}p@!R*ql%OyRVMbPg^<b0V
zNjU(@226N07NuB-(5y4$+HDheDQ=Pr`y@~d`h@{tgW;H}1<`zdkYy*?ruGTguTi|`
zWI3vNSb;w3YrIV(GpU&ETx&iMGx~wEbw<@sXo{&f3(h(|mUXpE=<izYy-!eEAJMno
zMPnt6Hl@|Q57LHI$s~lh#4(H);uXXo08YBi0M-Z?eIc{w_(+=2<_HWoub<p}dK>5)
z#nD*2<zd}HfwDB*W!F;NKx(#r#tNi~gxXW(9t*TZ+>|{rNQjjiCq=Oyc0&>8-2zR!
z@y65yhVQSn(uF02=yYx@TPw5V<V%A12kLk73Ac{|R+ZTcOTpe`c=}_PmkQ$pWSc@C
zfsPgmoIk=4a$a$FY3x7>B*N(g3~>{-N(KQ9y{`bJ40C*mOxw(^V_`h8`qR{K14*TQ
z;D{1jucA$>D>v%|*{W|jr=Hy^=76$kG@~C5tP-?@pV4r?9m1p(o8W-^jf55l*}ui1
z<fl6dU^Vk8gTO!G4EPkpVUMlostFtEboHSw4LxAwC*fS+YT<M=pDWe@SP@h*KV5>2
zoqj7$-FSa;Nw)c4{PhMJQ7!1Vg>!w5#d|?}UwSHxx{$ezf{iB;$xQuW%sg|6EUmSS
z?8)>Ni1oPoNxkH?ca=FOyA}icX00cbT_3wF&6x*MW%R%)fz3J2d}yrs7#%Nq$ZFko
zd4t+*QzGS5;3Te6<h1*_x`R%?5zF>4=(Y4_Dkg_h7p9v=7AuSbS3(Nk1n}a@b}G?3
z$u+)p?;NttT;#slQEI<3NZ;~e_H+BKk6+erebzC=AaG+WR~TfA`wU-*yNguTyES`A
z5KCVkdIZThC&2Ffu=2}_p#{Oq<{uFA6Ew$Ev6bv7hRb%{{TN9*f9+Z5TWCxu)infv
zs?`5OM|cW{!LKlXOkksz>kUCDFiXn~u0lj;)9JztW&aqOo56*3Jg|VsL3-Z^kJfEE
z+Ne5;k@`r<jIW+=Rmd1mH>iEQf_P<b>$dY;0MsU!{&mrgVKPAwTgK!nmoVebJTS<@
z1Q|rOOF-1En=lGu;+qgo&WU|}hC}Qn0}oHtAJKM1da(2rdaJi{5L{=(la0PL|9&~t
zK>X+#*?f|6qyA9i_HN78Q~-?&*>CIv_fp;KUE_?RF(L~XS}OrS^V>bxP?hS^;k8R!
zA%m$TR?P|G3UBSwH+`K|{C#(wm!V!S6*X)Mem)Wa`OvU#Jr^x>|3%g|29ynp&U=&Y
zkTUA8V+3quBex;N?lnl#R6Z%<vilNQoQs|Lft=bn)TBp4$H0!}O>`D=T-Thrhjavb
z!LRCngVhH~$TqVXIb%$PSG31|95L$iW44mB4xM7D7i#Wx2ZiZOdBd`BMJSk$?2W^v
z@aq`Q!`oah`IBF&JV5`cWy=hM)dTzmf>TXfoM$cOUUO{v0O!fQ&5C!yT<uVr3F~4f
zAD&?bhm4?dckC2X{UcZzVcVA`YRBdRdN0`p3(yPRk1pXbZ-E-RkOq5rGBeqOtmUEc
zQDMj=s6oj)<RY{>w@l&-KLJYx@0z7#adv*HFe7kqh-o>XBdr>HDenC2J1AbrsUHId
zfB-vBp0dK&&w~`uIX(@KydC$I#Bt1BHAVD~%GLe5VVTPR4CRkENa<l1-3w>}Sn?*?
z+8v3>S`13}vd72x^cr4}Xwomm=Dlf>!O(@Zc5)lFM?N{eJy|tkI=>g6SeCQ68xhi?
zG3ds-MW*&~l{;y8J7HCy0vxPJWCbGjWH)2P?eCDy?mavgh`*!xW<C)7m)U!z>>I?*
zOzZ<pD)RZswmlWIhuyIV+8SzfqS2pE`6&|&<w`XL#2rj`4A?>Cc46sS^!XjF`0wR|
z2OF8os%UmR!&T+!F>t)NcGxzwjp`hiS4Hy-&<mtMK`8r~ZtAfdOWvgZv2N0jADP2@
zMvJt*ycXFk-j-Z0ZLO4moI|6l@s)<deF3XEbLB&KOCiunBCB)d3fcdNbc`qu(~_fh
zCU$uD^R$5T$SXbvu<Ck!S1kXhhjEE7h@TPaQjCE^D~lVb0t=oa3`l;zGr%`_<n@da
z%|#jK_to(~6aM$#c?;6jl^4gG7fMrpzsY~+_s8|)bzQM(zhwXCLWE_&&+GWx@%X)l
z6hDGtTL2o98{^{t{DA*`0fK-WNYIXH4DWwt*<b&2iU7puivOxX5oP!H_x?M;a(Qv~
zQYohW8GusQoNCST*9rXBuNL>7frGp+<CHRiTZ@-i%l~}h&sYA#|99$Nu++5bAC>d}
zIVMe5JZv7Si+|hO{qNN!3kz`n8t#@uEYq60Ith*#u?V|={sBBr-axmFhEk1l&ROY;
zb0<YHj|#`=@fhwujc3XOtVg`{d3OSdLcWe>O-ig^svZA4e1E-}0U>WNoB(5Uyw`=J
z`rlXmKV#*6myOe)85^ZK_?U94`%fszf6t#^?@KiSAR$$FPq;V^jOqT<Wnb>-12AB9
z#@`Dr8~Oj|vXN1$_twKI>i>E}e;w7{VN~_vr;t*?lc4<K-#)EW3(rtUe3nw?LCIC7
z`sa7!?_M>sN^!6r;Oz44^Lw8_P6~hh;r}%*d$L{#m-wMPc?UDl@Ot8nLBI%jWhcUN
z3Bu`PcfJ=}5`O0BXX_j?p0HiCNBhU|@@{|usOO2BO}s@Zv#>IuP8`C(-+ST~+2?YY
zy{Z?DRZNrMi;%U^sLEh)5Dt`>-WyUc8FNmQ@P0G}NO0JY-`?@Z(7#@9B>o{dn>GTb
z2SKJ$a?IQ8mpUH`&999M1^&7<rBAR%e;h0b4qV*<K+RR~ZEhv|$qs`#YTUB?nIxjO
zdVArmb8HN)9Uj~|h`8D)ggQ7@HUe~5>)BU`JuwYV9qhbaI_*R$@J3L&5(7V(qWt-2
z4S(p&zX6PvPpu*P;fxz#IZI51B#l83j~^5mmTJ<IG!4$6xBw+=O{9-3tAYGDAdgu+
zh=&IyE4Z&gfn5=bqH*aQjNsV3h7Qa-L{fpDi{4!88+!6hP{#T}CI5N%EZ`*RY?CQM
zOtolD+qQfF2sS4}Wj~brrU$Ct^aYj;V$n2+NVskMadYLUw4x!g{Ez3{dmr_dod>##
zQTN(m?l5RMT5q>827u}0m+0`F8G@#(z>#V?#rNv1WAyiD3D5ha?{Fx02F)iD6ZhXk
z>{zcE0Csd!=MUlE9|Qo+KR;i_j|R>B!$u${)4Z@!S56$w1EcSSM9mWlXn(BraQj;f
zo4r!FsOzWGSo_c+49fCr@{%i!0hZl@mjZ4;lEjJhn+h~jr@EOKIxAs)@RBwJ-4_i9
z6S8rEG&#q%Z3fOO05v_4gaqT8&addB(ZOiC32fG(7);V99{z@m`b@>^A`@&mW>W~A
z4o6z_of7jAE^V*bn`4lH4~N`1ICma>W)fI~01se6B40nmaw3^(k!$YB{zqBP!{FVX
zM6J3owhq`@S0O~K9Dv`Az)`9ZJQ_+UHzOa&`vUqE#j2m~7gJmE<YuczEXIP0r4qD0
z1g#;k6%3F#CDGI|ne>Cx%_@d?@DBqeR;brs!VG=4c7S7I_f0PSFE1}ik=O$OaZI@j
zLn+EBrc!VM{3ZQ5<L=vwLG>dLU<Fj}?+22=F^5GjLY@yJkhSoBENE%y|LTvRv#A%O
zLjmzmK{)C#czGJZY>7>z7v(T>hX4}DtEdq&xQq=IeVP+5RDvM@HsTZqRDWD*stYm5
zwm69Y<>o~x*C#;9+`8Dm^q>VbmNlR``U6D&=4yW9)q)GCo-{A{rm6=RtXBbmVOLeL
z7%t2HDp~Q7-PFQ$QR3~cmVN8OQJ|zM4*`czu^@0Hvov=0B!_s7R;;P*$g>I7MX!Fs
zW6)BSk}q!5gKO8bCa_4m+0oVLIBx$q<vYQm-J_tHs#QSe2$>|n=!D3#df<?b3;b!&
zA4Sh-h96;g^kuQzgR&w(yV|8GXcAma(ZJPBE#9?&*D8M9EOtH0vi9Mp4HZm_!RE7&
zt<y<cBID!+AP#9jv7-hmpCDf)yyqE&m6Q<qbnM;-od;{iz+QB#${Fgiv{2Z|9fB*^
z{xoR%>tz>*-}lLS_1jBU+@V99UE@1$Ku*AW6LQY*gF-7jD%x|sIC#O;DzZ*~Ar^<B
zx?P)*jrdet2hq;Hmz=m(86{nS)gawipUS7|&#fJsoI`yX=S5)N<_`h3hJ;6hYTNG=
zuPf=6VuXFFzf%G+74Z?LwQQwZp7B`Lr(s`R0iO5eVka_TcHyceSE>sV@qT%jBcKZV
z15}qAYE(~yRR{+VWuK<Z?Lgc;**4<08{krK$EF%jHCZ)*<*tFlJ%lIuu-Ll4VQu+g
zYm?A_P&jctXcjCajb0+MnqevIv)ykJD*=YkM7|+VRtY-XFew2rLLLRrxuf*Zb8`#Z
zZ%u=4BQ7AfVgTP~&sl$bB;%|%kiid{uiE3%P6R(w=9x8$LF!KX*v>#sgN9W#q1B`J
zeZycTQGN_|2kgcXHB3>)O}WXjs{1Nz-Bv9@q{_Pvnt)`IDj(0c<@OmgQoOhO!NJ{q
zOsCr@yU+*{tAm}++n*VT{D8;NRwjdQwPp)<?<nV_)Or-mUSSHdJfcq!1J5Pg;sgvo
zM3!xYpq|WYOGca4TovZ&sE2jk78U*5QSt4Gj0cX#tj4z&WMeMRLF0q0k5>y>tso^1
zt@s|C-S7cbsN7>wlZyPu=Cnw%eC%RDC-Q@$YUn&Z`I$*B&r%G9h}%hYf&(8xq|&Mf
z0j7_rQf!f;P=UTo+gkJ-?Ky}AhupBYijsr0eM*~7EuPqaQ!(K60aKTMg0#)a?$^;6
z+}9~g<+fO-NSOhSVN1B*C}2lHj%hEz?!(S`iYs;HjaJ721hvy95p;v7f~~52u$*t5
z@{CJbZh8Q&_-wFer()b9;K^QDkOf{BrD?rKj5{Vh%Kh`s?{zHY=FsjGzR9L(<Rj`A
zh?#ebS$kp}XQY3ZlV6mml5$l@jW2<tNGIU{ij74m$r*9ydJq39EWAIU$9~ly6p2w0
z_r}E7MBN1Z&p^lJ49BH&5ImAzv-I_bH%7*&3|1$|Y=rhZdIDz!UHZ{O5l5=%j#9TX
z>i`?e4u0x0yMt>ws*pm6q;A^jfhCJYj+kTOvKc_B>Q=AO2t{9{1+B<e2$7}7+ygsb
za?AnlMGJFg3$7Zvp_#Q_@Lhk-y#B)+hS>O0$>d4D1&9zWdn|LJs}A06^xbf^0?^)S
z3VaRWIv|4C_IvQ3>IhQr4@uO<pI<9hyy3I}3!im4Fz}f<y4mP@eH5%phtiz97Gu`2
z8^$xcdy<P$RY@X>@{5aG0O-X4^UUthD*R68VcqHVQS?pYvQRsn(p0X|dO>CsdE;&1
zMStBY1M*W19KXK!>qT{85Vu8<;@<?@rMc%M!{Z3E0<bM8(OjDf(P<}yA~(Mp0HQZG
zRJ8!Ay~Syw`DB4XOEcDiPZUwg`(;omkTT+<PqXW1oPpU^uzQ_jQ^-j5s82dA=vMzz
zxLY%TYAu*MgaP6wAR>e-p(#_+hxsWqr;ewH!%?*P`};`lI1liKWr-kj5rqi;$O_NV
z<g&wf0U<Uj6Itf|O~9g@klSN963f=`B0N2;v>4kn^{Dj}$_SPwb!k4QPb-V9#erD6
zx|-Wi<q&Pb;45&Z5uQ5<i6eiXk#VqZHXgA_qhD!}mB=RLZ!@N~%Rp{?puhFRIE9aW
zx7M@VIm`<&X<-`qVgg74&JUiQ2Y@l|OcYV<Vwd+Lx71vnto0P`nbS8@|8z@8r)JTu
zY(a=S*qwehRxkTjA*JC+zG$?`1v(GGstA;04T5CfSe0BFSU_t6+D)(~WcXGoow<){
zqIlc!gB`~bD*>>C3pxojq!$>GUwWJ!Hx(FRh(lSwMTSn_)<oWlXtWSZHVeJ`Z4lU!
z>RbELU>J}hx_dz7L9VK9nl3=Ka95gn6^NkyKrnFt#K*U!(YXmMUdT7dL_sdu46$5u
z|9l670n^v=_*jEWr{^KNp)ycIwB)R&g^CJx_lQN#i9%%yGpo;TkVd4(GDln+BWQh(
z!qFXUQRIPyMfOv~mJ2gMi-5_uZzNJ{5N<=im^C2oum+SMgq4i5`=E^xG8;?yHk4IQ
zG#-7BYmlF`UXzY>!3rhW&ut&CYQfGNO8IuX`zN)J4A!HTBfb4G_EDjF^%_r0u$$Yk
zsy9zl0%Hwb^HKfppr4G_L!5n6iY9I&#>hRH^|`h*gLP`N^A=>-2#HxquotQzoeSnJ
zKu&#Q;;$X$o`MeLmz_c2W*xw;^?6PNx4VpT?6+#*#PFr?>#`keENHJ|5AWC30tiX|
zuXWKe$fWLbMoIzx)h)Ad&Di({1c{@WK&Y8q*Y6wfLbTfDQC1@mo#pmI^eahn<u9F)
z7hP<3G{5KvTN24c;8W;TrAY=?hLHNcvK{dw(|LzM67$&jcBSa?d!8NOf-ERoW=NzA
z``oKFP{cX~2M8=D46c4uo6I(wV6}+Z6=N)5?JHx+vSNjz_9e2~pqkgdFriZ9{67*w
z&W}iwSB}o5;|#iw%DqDaLz?(%;z2X9s;Qf5=t1X^$@gi{q9JUVpMQ(87-nvOSPZ>{
zssTJZV|^##qj85ozhmmo==16$Dh#w8k@$!G9-iHdb38xi2$?_9E0QsqyJ_DU_~ZXe
zC0Y^uPbyJ9->RnN7{V%fR~o#8kjyxR4);0sWkASbjnJa5pLdhcUSP@KSSSMh<VJ$~
zEvsx+J(yiBsJY-Dj-k6H#;p)H{(Ut9duNuG_v%5t<f5CAh29;&>QVk`&)Ip;MZ4{`
zAwptebw8uSI8((~=!t*)^^QsjF310j(4L}K-8y)m$@r_3!pa2qU$2~^xqOuB6TP10
z3mcDFCK5eg-PxRGZ0r~p^r`9uJLu(B{a?SJPlFcX8;M_kmsMN`4p+*{MuA#k?TKhE
zf!}OJQGdkMxmhgWKtxQD(P#XRe|`8rr~NE<@3);b*=N;uSidhnDL2rSKD{@U8oqY$
z$Cv--^MCo>Q&t$73wg&I2eCg<2mbPzpMOlLN0&<$9S@p7v*Q`R_QzWHzgKkmaS*!*
zsutefQKpb$p??($;@s8!UTg|3r1R_Zd%srE|KppLQXZi5m<@IU>8U{9`uksp-Tykh
z|LLsE!{nWT^UP|D^xv*nDdieE$&v;9%81s#fkfW^w4C-o270TeS3_Lii8m6F06u_!
zweNc3KVFUa0~k220GVZEBsa6t6*xq*yi(dA|F^^a#|xA7L0pC46aZsHtmB&B(x$fm
zbaQ_XVbqyl2U<e_F^nv&efYQ06!*S`#bY%wCT<l)xc0{n{XZ`$Huxv<BSc=U74?sI
z3!MX%i~#bZ!cdIzuY<3<k6HZmYeUe)i0u0Jf4}Ar7;=e%-^8uHp=+uCU+>8uHxpa^
z^Ia5jZPWU-694_kU0yRU=sJ9Qn=JcpkQrbVY3Vixks9xIJJ>(|MJ)S2pH2}v&^0rh
zf&#5bF7G43@F0jdd#B2mr&eT)=3;hdBI=e>2Mi!oSdhXI5_p+8%W78t-$PuaqYK&i
zf_N27NSnB-Q(@N0vI)9aFF<ud3+0zM>*TG!0)1Aqs7gZ(kh)AZ0nRhG4phEg?Oghl
z6}!Wt)PhO{IG*`nw|W7EF@iD_)%#+uVhyy~(M4SMu^~zu6fV~Q+$Ql4eN|O2!}K61
zW{?$Cr}B59C{|6<hM$Blnje(-F)9122Kk%klF|o*JAf#+UMGu$m0r*fbtng*hQ24%
zg%SXUvMl3{si=<uMNyJN<*5tAP66PE)(=L0renx4_WbOm#iJ#Zni_yVxtO2QN{ty>
zW%G+cbeJA+`eA#<eGaO^{N;>zB3`R?Ip}OV4BF!jpq8=Kd0l$}4*RUP*c(a<yO#GC
z*K*Jp`99UxtbzB(I1P#PGqKk52j!q(Z3N{Q5dfa54`avSuv&29(1Zea8ax45unFW>
z{@^@{=2Ku);)Xn1xX@GM0FLL61$sNSRn$xz&Mr;-{{H=?AuI<pDM>)%x(rr>$Tijg
zo(KRwFeP+1J}~6Ui*2{kF8}zr>jcazUO;4y^90*==2XyrM6||^ntsLwhY7o}ma(Cg
z?;C(lXDS`$2&xzs$DJ&77f2up*(0fPusM1sklqcYqO1WFyE>aVpud!@Zg<rO4J%ww
zfI8`lH1U+iC67?9&bynZl*Q7{31beRc!Sh8dh^0I2E8|Th%g}j!&G+?FdEDrh*oAv
zdI&dlcNK*nq6`9uZvkq@Tx=3f8j$8Bv<eQvTfVuEuC#GL3GKt+u-yoGPD7R<;W5d;
zc^YcHH`PFlweqX$FK=kX=IF`jf}KPJEvjEme?8>gn=M(iZ79;P6x95X<9N*O%B3>*
zZ(blUr$5MgnGM1>`)DQrD~vcIt?%3u)OxX7|F5xYkB2&6!^sf2jLQ~^IAW5}vZ63!
z3dN47mL#`X<Fc~rGP}s6%TPqaA_g&vV!EIh34>I~xVKiQA(vrtt6Z{7(RqLE>FoKO
z-PX?Ezt8+`-{1Rw-{*ba=V603Voa2@iI#1Kfo6^2Cx9vL(i-I;yyUp-fj+1)g@qh9
zP<sFeHN)|bn$32WOWU)7$3h}zXkT*Z=T#nmW<8)DQ~`BR!`ULB`Iw%(!3(B}tUu3j
zfr&c%onYSj2yqM?g-vO4H_KkkCz*j%8+Tx_Jx*&}_U>~K#UfUFpxd?S_6T&I9}L25
zn$$_bT<mk(bM_@}vAgcrm)heNH4qZdv<Yr0xb?ot2Ine}Q+1X+q9D)nX4Dz&4DjkJ
z`|e5ZfDg~q2d1@2lDwf#z?PipZitVgEeY=U^2ps1Ok$TQJF2?QRdS9V;t;W)O3|o2
z&PIiIK80qgbHl)h@CU?GQ`J2}W_C@?FH-)6cMrSL(DRN?Zad6i%5M5mHu|^khab(u
zFgQ)f{S}1*Zi=hD)fUd&N9G#V;KC|s8;$i6In7l+JS!Ey$0ZY9f_G1gI%YPV?WG3}
zXh981zIEY&pzitx5W{F>B(jZ=U;GEo_1`G`pOiu!U$1s%5q8aI5qwV>LYMw<Nc@hc
zVhCd3+67xod1>HRd=y}9y6Adu8DN%&0E5XB)W2fPa5PM0zq@*D6r$dSH1C&|(U@y6
zJ>f#F)tQ3bSlrJbb0QA(^}urAVLk-5jN<KB`G_TO+ag7eBQxh7TWoF?;I$o1Z3fh(
z4_wy;x5~kX65Bsw?B$5K=7F^2uE|-X&`iSuEn*mV$6m!WR8n}2v?PdL6SHFc7tm&J
z@RF-oA5f|AW%1L+_u~a1)u&ZDp39WyX-XJLC9h`_A&?I*lWJ!p3On?NcgnY``2>Tp
zQG1EjYZ1Xn`Qg&McMot$S!tL)$I{E5eB-P4j%?+Bb7hm*wLHa=%qG<gZi9;U`zO1Q
zLJ6b$Ggry-u<q%z7-TB50u@rh8UdJ7Yb+9d0>@hvwjA?aww8UV*_>v}Md~sDcuhr*
zFOoQJRuLV*Wi&X|GxIo#pF$_@5>Oy73{w_2+hArOR(cqm!gJzI0x|M4X$!wYOb4ug
z^v~FY>MEtD1Yu4XOBEpf_F&o(11p<kb<Q}vN*c8z-sqWDfDpAG=G8?E_TF%?A<}KX
zmAh=+sP2-2SG_%AMAz(TM3a7#`)Tx<X?G8x+Jna#SvrGz;%TJF0>84LoW*jZ_P3O>
zi~esXg`Hb8f|4TYCtR7#gEi?>xro($FxO>%bE_K0G`ugQTMByKjs?$p!G{fC)SIPE
zqTv_Zd~-;9qrcjOIv-x}iY|I0_I67GF>v|Iu#nfOOHdKSOT5`fo#d8IXI=3tn-*$N
z*&T5lF=+p?!|d&-5{+RlZHVjWybSB8lBb7pCnZu=-yNHH|KPbFlQGn1+l#i0Y><r1
zexBZtE;Kfy!$#O3?4x2c`SIqsKTxYb1+AMd1JFcCSchSUPHiB}C3o3~^5K~&JEguB
z7<M=O$ecCp<Va#9(!WkcMI!=`Z@@~X&JRHC2RfOTtJi1OG~S&ZZOvrfr!QIug)%~(
ziUR>g`^OrtLhn-`2eWtrv))=HO=ZOsgUa+h0yf{Ftt&ordTGL=xFF<}S^ctI{zP4@
z{O}~I-#<4sq~)0B$zGiJ0#h^3-{e*|KJaiqf9<a%YL}A-)~8`+&}#TmwqNhwfwbU|
z7__RpLB=6jTYi);WLPO~ti__pE5ji>Og=N-{19!pS+TmsVt%`716YfaTgLZ4Hr$Df
zw}XxPuqSt2iqCqMnQDMeGdfIqdLQ*nu!$lzgF~|-{#7~jdwjT3DbiS_Nz8C>AH6i!
zQ%oXA#iz5|5Y9HjIgNl^JFThhS<-Tdpu0}E77T=JTS_z=2{LrlEuhb}$SJo?880#X
z`L3N?2Ab!&FeWxeV3{RjtAK9SZh(D(Dr#rG<KPnC+=XpI!^AAAl2sfT(d^4q39gf!
zc3NGdkx~tZ_NHx{%i1ZlJ7@^)=M#9&M9XuuB*9tsf)i!EC&p_=?j2E;WkXJVRazUV
z{9-5ot<^!j2z|m=Vg;Z=9lR>!>wQ66(B3IZirD8`sSyw+L`375C{&)fq6SVyIh!5S
zI5QFzW3DA>c)9w*c^zUT3#2s?GHOzOxZ)r@i)j1W`8pq44g`b6;4W0AQV-*h%v>1K
zlRz}K>E{M45=<6il*!gvc79^Z=R<5FTmOCuUcZ{K7U?0l61Ma#f<8dK*EPdkTVDvQ
z>7HVi(R;65(;vxF`d}nAl(f@o>o78^@BVHXIM|PX4t(kMt*TBf71&J#KK38;T6_Cm
zKjmBCq=xhJ$iB{b43>nx-FA)((q~jgr%SraRs5oZ2u&E9p2%pgICUS=dcD5@RZ;QO
zBX#ecFlgk&Qr#n~4VyMOIc<BL?$}K!SxP+exaLib+H#W5TOa<7Hoivh4x6tF+OD_R
zO%WjHdkl;{u-F5VI&tIawEj{{a*oJCJ7RmWU~oF6d}8zSg#l(2IfqX7vHNg7Z?@Q7
z(B?!@XT<CqU;IY!uY1aMDO<l8D(M{{hwl2sum6jfcR*#e*F6KA-fsJ79i6fy*_H!w
zUA<y521VN~RLIrYG<SpGFd$rxyY8R7;I*x&{;L*GtBud$DVf*XauLpV?gfP`^VV_i
z7T&nzeEznASQ34nfjb4MO}~*qCl~MT2UtfMVM0&kKKxl@HsguQw?+yGGADy?buu?+
zcfIHH?Xve27N~7+mO0<5K+~O%!W!eV0`^%w{=zzK_TZnw%cs32HBL;1TWEd8c#2&a
zRW(N#<%@60l8JHP39#NtH}ak3<MCwg$g1xpI4*uhK_LMfh1_ADRjyv^oExJMli(cs
zPFtSWs^`(mNA*k19X{MX^68&HbIR+vs~+j$=6guR5kEp`dx%i`>o-lj81lQ5R?_W&
z_NMg-I({LyuH*0ui<Zc={_*5e)fMVM?X9&vRanXw#%D>IP6zo4n|lbM(Dq<Vyf4e&
zXq}i%?nLGLQ*8TxVvJp-_B%ZM19JV`MLJRi$(&4eS?+#TQl}qlA{gX)a>gc)W=tT;
z5i8wd<*MOb8($VyUd4XCUi<_+u=f9sVfbd2ZCjbWa&z~UkA>f@2T$}?xC%gXd$oyU
zqrFX2O)DRIQ$i6gIOm^TFm$x(0ogx1E3&3)i<SEIY11}fi`HVxuYYbo@bRO;yUD1H
zT1+yv3xT_mV<R`kIGAeZ3IvQ}?!=*MoWYB-9?`KEnZLeoa*g`?KZ+NZ;kgCesJF-r
zcX6Vqz!){4BYs$gl>itx)$ZSgmx@HfoK}RF);b)$5<WXBO4(NU85Y_9zFxd8(%X@E
zS#)US1ri6ushck=3jX#sKcWf}2=)WIS-RzaK@I<ZxCQEDC~9~7<7a`etOh>_jU;{;
U`ptZk@GAJ(SlL+??IA|~8+Afp&;S4c

diff --git a/docs/multitenant/ords-based/images/makerunall.png b/docs/multitenant/ords-based/images/makerunall.png
deleted file mode 100644
index ab856f90ca3a29bbaece7f4d80b0056801243613..0000000000000000000000000000000000000000
GIT binary patch
literal 0
HcmV?d00001

literal 211874
zcmdSB2T+r17cLq_K|w^6CJG3sAfSk10fZ=31Zg52A|TR1sY*#yq)11kC?y~u(xijb
zNLNvMM|zds2_?x{5%>P<J@?$1b7t=OXV1Tf>=5$3-}|ohtfzc0Rg~mtsadHJ2n4PC
zO=&d*V$WFwg5v8wN_gcmv4tM~wZ~pkUVR_@&u!m*ANcvGgN&BL9oq*E&W3g-2vZwd
zYm>9~#&#wqHuh$=4)YW^2?XK<LSFiY`s3)CK38=H&2qs7TZ-Ermoqg~8HN;3KHtSr
z)p|wg>E~ueVPCp~pW2LVZXQ=XbW~iAM?&MEi|sWpe5AC9d;|Wf#5+x!;1?ehh5ZwD
zSMbsm9pU1lq-VJyqiTllLmsxUDlSQVYjgd_d@hrvW9P@Rbz5X=YRQLGjYIS?8oZxb
zj2jakzAHcYOsJN{*k7pQwnjK_b?q({-m|KQ;pg8k)^;hcDCxW~&)>%*Ifx>1z3FbC
z#kcF;@<)#D#yS>=AC42MiV&1*@}#NUdV0}xu*k(Rv-ZS$OSeWpj7|v?F<E)tk;VVl
z{;T$sL(=<ro>$hs&#W@s`Ec#070PQHH*S2=)G`we?K#H6-pk=}TBM?*pQ)|Gx1e^M
zo#xf*!Me}a_b@YDpK*#GA2w2PbrqDYiM%$T6h-O%XylOHFEx~RCHdRevg95LC9#P(
z1YR;wWT7^}5ht4ph77CNes1HORktu=aSoexE^WJ1#F~gruZD8UJAz{Zyk=&~4|@D{
zrGigqOm$Y4_ZVmy(#%&6sjN-YA>sm^c(;0oHJA0zqj48cA6GZ7+$E;?)6(OmYsUFU
zSVpggR~-Jv56|yzh^?tVdp1(-jt4WTlXSS{H3ijhC(7+v1c$ifLqpCP)Z-h1IJ?2?
zdkCwUk2jjR@mLAku&Ah+VhYj{Gk&JWGx!~sqNPP;roG)gF|*)co4!mAgH60K`8C_Q
zK96}UanCf7aND;rdX3`g0FkiJpG_fX)8}g*5D@9Ke$K0G<22&Bp>+WLe7Rprp^afr
zUkOXpo0L{`r-=QbXl&4c@D=Wr2DZ|b#kwqwv|R{7Y3U)Q7lY4tBMzO*COIlKAeZFi
zXzFSE*tyz~aNnw2x19EDZ#3e6l)3KvUVqWtZD*N{{RvB7#LNx%`u7SU1gpysmSHhj
zT{`A8N$yDA+1YsYGls^-w3e28)6*HV3MkX9N0D)@PE9B9SW!>7gL(%JRF7%r-ZNPb
zDwZuLNxc5}@eAES*>=}?LoK&bgQKvU>H=naLpWIW@rP0Oi#dNw+cuRlGFCmz?49dD
z8DCa(RM4jPbYfW+T3qk_?W&|-t*Q+4yOQ@GS*WZHI9+3^v?WFxi{xMn;uwjJU_KXk
z%-efx4Dl3m>vm1t0Fg;^yg>%7awyMvzH<KaE>0}mlAkw~>trw(22am;T&7@YOA7))
z$ItgrC;mFT5iyu2`K*<C?>QNn{TtJP>^0_|yBSGqwv;0gQyd7E(tEqU9Xb3EuFoN_
zU>K`*=k^r$&cR_Z#tG!u(5dnwJk{LpPMvUYaEQyur%0MFh@U<8^zz`4<CABf1a-aS
zIx|N|XHn+_N+Pgyh^(C4s^E>~#Xeh%-#EW!liL_I<&WqT=SxyjPM2*sME4**;0rNQ
zpSyFj9@#x#o72}8YGV`kr7|%=JWXBim%3-b{*f3&dKM@bbbbXzVjM_L9GpXus1YB2
z=I!qna~j-gPcy0O>{~;otgcyaFCa-gh`8B#jGThWDTa;?eDVN^J%YG_ZC+WXP_Ku3
zVLR9F`Rxa7kZoUOP>J*O>pNw}ROnTEk?<28$e5`>wknU77OVk>ICY^X%~=iPpSqDf
z5wsE1McQ~1K+VsurL8++c$;btO{EfLUbC{kD%0ACdR&roOyW3o(%~OS%+TJaRHsh4
z@az>;zKZzlk)|1+mGeBto9eBfpGnQaf;Y#D&a<5#Z^WxtHuSLt*$#NYO^dO6t8nYy
z$jpHxKN>h|-+Yz*wYIPh^AoyPWA9J=+HaZ9`s~RQ%2xJ);=QYpLXQ{A)(2S__Q1Ol
zgQ|}CGx%yPv8z67%DTqfh{44ptN8;sx+v_(y}#<-fe=U6eY;e&j*?{dBPPvky$f#p
z^<p~Sx>ZV^Yq21yqN1MN@*yr3FEgKy)jK`(6)VqR;J5v%R=I|h;Pw?SaNTu2wmI*b
zv-40#U<0lMNt&7Z)QFT*klEX?g(vT+;Yb$V^!vz`#9oKZ<OC_6+nmjXfBkWE_kDNE
zySxbgW8A3o7^0GewJ~k*ZaU&=(#eWY_SfN+Pg+iT@a$*5tLf3xbB~mU+FyS_zov<l
z6hU0<siSJ^4-8M`>lXST7u0daFHh%M@slI7>+=b4pF8C>w>EC{w(YUL6AEkKlaKnA
zkjj^L<x16)Zwwy43Z%R~H?$rJGdDNONZUF?<k?KUBWKBv=nK7KcXKu9jJlM!<Ru5*
zWP6vwmZLlOx{>(_$zmQcRc<cX>+v8#^IV=~uj<whsh?#(%dXp?@tiZ)#D{Y2c{Xt?
zhmUU)7Kcg10pwlMB)tV4hu1{vU6rn`IBWznWn)ybX6<J<p&k>B-aU<U2Il4;#9SEQ
zd)EgVHl<}6-Bdi#mLO+bT{1ts7Q#JgX1)v2=C*kToo~YyeOmG9otyj6s|{iwHdgM0
z4o}-`C8@ZIrS`khaTi)w#X-SA8ttKMh<qj_7qlDE!^+y!(Y5b~Et+C5`3Q9kPIM_z
z?uyORJe^MsZz!hGggBLNZoYigTXhU0<@nu19%VbxWM}@Eolddl7P2bnIEDCjrC`vd
z_V$5D3y&M2n+YVpwJZ(3r-4qv1+=qtJxvckN)?~y)|sACVW5A;Jm5;lIe@0IzH`K8
zwwEUngR@|CTc4|G>(R;EUZ5bKZ11Otm<tvXM3&ezjT_=l0&mMVC`q<sw?d6R6`9gq
zdleeLwk$Q$or~91dll?tT}8=Db?^mA6Sa$a@6?5hi&bLtkqlUo*$B0bdD1~G-73?%
zgS=F<m2i982v`zaXs^aCBcnk=1=T`N>CvFnv_~TzbmzC7ajj>hdfQ&iYi8DdSs$pI
zl=5C!&n!QTzH#5^iOA*?SDI-rlG_rWE&k!P@+Wt4Fn_fHp*v@Me3X!n6eJ@x{GKn4
zJj%>cxt4G^OM|ddoWM5uc+ZeVh^Z=ohUdiza*w#h%QB@5{T)NAK0Vr3<gmZ!R?>q1
zn}<hYEvt4u(6xB7k6lvd>~3;DoEZ0gka+oe?{+Injwbfk5hnj^Q!MFg=)U5IyW09~
zS|}d>*?r1_WxY~FE7MNqN9SuJwS5hqBxOqdImFtL{j;3@LTlHCdZqsS4W~0c_#@(f
zgPT~1CG^tkKmDJ@I6XrABG1|Px1+o=bPI2NEHtTSdg1M@TS`2uTX1h_^lM*(;1y!*
zJB_q>72Y@%UKIla8>c5?&U4lH#gVOaVtGeCp-jA7TpyP*vQ_$PdeLO(JQJ!X<^8OC
z3pjasKU^`+zDY=s3zEHm|30>TAcC5PCjR`A+pF>M2YGpUD|XW18K`vkzv@6N(gnx9
z8!<aO+m&rh)zZ@9BF3IOjTJJceDFQ8*>v^dU#;f*g#!lWk7l}r@(K%$=YAGd<}55c
zwCc{0d5pu5(0Dw4-@LA_E<Fbaou;PdhjxoSR8%7^NeZH4wKX-IoSeJTG&8;Y{Ai-1
zqq9sK*|k?Gu1iT#oK}k7CnhEaOEA)rp)1+boFM1fOLw4;{V+RwAS1uV;8+C8D<OgV
zz2cj9p(rJS@+~E$+DIYehZ7BK+5~P!jH{~{{36wrD_5?Hh!}RHYr8CtO-yhL3p1>(
zt+9wY@WM+Jhz}n=Je7<;^zp#28Sf7tcoP<*Qsd)ywI(Zj$HcJhrl5E<+jA+#L1fX7
zzFsideY}H?WgaCmJFi#Qg_oFJjk;JKA&BzI$T<7<?b{ct^L-^$VYfV=Ki?g?`I+TT
z0m|4V2a_}`<}}0d+`}UtZe6okmcuVK;VV}t5K7TkciGz7`g0)J4GavveEIUZDPD@6
zp8i=u!DU3tvaSV5?8(yo?Kx+h2M&jfj)|dXWc1wJbkSb?`U|OGh1t1HM~xN|YqsWb
zK`&nH>FQ!BJyaDZ?z(p3$`xjm`zqrt1%;64X#ce}r?S<991;iM%lZ0JyRG**yP#%j
zrUr`ac{I|so>f*#UPEuQK*wcnd6$rIL%OT<Np3R>9h>M2HZiBT@^bcqf&$sh#9#}O
z7wxg&urSX%$x1g8nprY3`Lpq@EiL4i8YQ+4?A^Qfp`D$il~sDM0SXo5<Fn77U7Xd^
z)AP&s@71vJ5D2)`6I??yT=dU;f<r^O#V((bmzV#LmL`QpOQ@--Wx1}~#5knjlYGV^
zS|#kKnWtg3sjBPN%`*q07vakYT)TGd;c)eSL&D6A)dBWvUGECDzV@MMe+3X3{W9U!
zy?ptSmyb`<#^xOP;@`gION33w&CN~0&dz>QS-I}bMN<_G4KEtzbBN&B0lPIE)xqPR
ziG(dx6pAiiC*W?H#@9gQRMPi8;?AkP=v#c%dG2^hyM=|7Rhu?D6O(Mz6<enM`QE~y
z(y}to^{-#QG8{eHoqv@rJ3D)HVuGhQFnd!<O3J*y^hxDbY3a3`oSb*>-=B_Iy=>dB
zXlQ8YGUny!*{o|@cB+&#!a=%u<g{Y2K56_%lzB^{e4gX9#?s14;;}0>lVO4#NTWr|
zd>ys4_SX>+Jc$D(&Or>+d)wRE4$(KmoiO_zDde&!krEg8^uU3XxTGXcL{od3rcAxi
zYvmMmH6^9MEP>Ofy(A?ieSGfM2x{PdZrAqkT*0wq6T>W!A=?`p!X36R7jMhU$9LzN
z()?N;|B+B#E&a84>{SVYwY8OCY2miDKA)_bAWKiLs-eNOvAKDezPTsg(!BYdjI=ZZ
zJG&ArUvN7~ZEHY2^mH?vYR`4%b9yI|)a1{eJ^N~r{^dIMQ~`3QQusHQv>5dkSZn3n
z-w*rww&;cshUgZJ#IO^I#G7z@;Y-kd<XOdPW^bZgew`Xx{h*rA)ZF|G7UN6cBmBZp
zr6m;=mGI@uZ`Da-^%2<*ez2MevwkWn`uedjG#j6mn%ea9r~jEd@Anl-Too04?xS+|
z?p_4%*|Rm(FOS^**m^iMEv>nugA#>88NR_{u?sp%+eVwB$P@iIwb}Xm4cjvTn-kyP
zP#imUtgEZ*-uU-7IrR~(xLnglStX@|IyyQF_(fy4jj@Qxi>86;1qwBt@(pX2inc46
zT5g&j^={n1e^Qv07VgmS@UVjoE-N<|3XD2mOed^G&L*mX=v?hXUpdWe@OYQCwe_bb
z%kR_i)tilndpUNRLhWR9-X}CcRD!f^pRQM=W?S<S*8>X>zbwJayDuy(?B=aolGfH|
zD=RCrYzHLD?2fas1yFKpU^-cRzTDF@N>6uaY<39eEJVXW_hS}(7axCP{xU-fG2{s8
zN7NNhT@F!F?0amC+mh4KB(;<X8=GzS7?iL2){hvhxISrZwpUe6?fI)$hi7{7>qnPr
zHm{sKxra4?l1DjK8V=Ov`n>Iu{N)sUVgbtjO)t)9v23l!a$#vn^2rkspM6wx?82Xd
zCa1n$s3u>lW?K7H*_;5bWKsN=`2gm3pUXB4ZAhM3S#c=coJtcVg-nl*jwUW+3#X<m
z${b<on9k|>P*5El{BdPK+R3RvzQU)S4q;+qQaQb}WT&O8Th-dynkf1`WuUH(YS*q^
zUAd-o{qF1fdPR0JH$z*IwZrQxD=&01WDN{ro4efH-5<^U6loT;fa-;Cz(qUU*5nI2
zO<I{;7^;d_=Tp_zJ|p0|bi>nbm^p3W_4ZTr*627hcgH{Wf;a6kN)8SV=wP4w`t+SP
z>^3#yRqjFGxQgDsdg0>5#m(u=Y4?{AMgkHFll6-k85uHn?=q_0xid61m8u!eP(-fc
zx_Wx)txT|`K9!Wz`zoiC1hNS`P5*)aLdNi1UkQFRR5|$d>-!I34#eCyH60nM^8S#K
zQPW@M>e%8u-ygs&7Z{h5b2#Fhe&v+`w*>p5e1??GT_^bYX}sw;WaZ`e!=I#QW21$`
z(d`(ii%Et~R$X0vZ*jP$lG!YUNbfh$)5Ch^%o(kG3r6zyuA)Pp5EDDr+}teLUpRn1
zcK7aGt#UV!Z{NPDsH?viAQ9I^$6Oyj{#;v2SqD>Al{cLyihc6FiHYZ<k=mh9Wr-WN
zZwJiOPtVTGz=Yst)muQTlflHu$avLm)F=2H4?25uZ2U@xMA1f#&uXUnme`w%$gLc-
zLcn~qi2d(ofh7GL)s=G5L9NYyenv4gJp4QpM`T5)sHqt(XomWSw347S^C(4suJE8z
z)zkBLobE7$f|^xW7{Q3uB550K?Hrl!9~uB7t@pb!u&|h|3^4};1VA;GKX>k&Fnas3
zPN7XqgU9LhxjqHsT7OPgS64en$0R)dahZ2%O>J$<w=jO%aKXD6Gc(>(Cr_$8e0V-Z
zozK_DC$6VQhqJG@HwrOHxT~poBxJ?oLekW{+ac3rKwQC5QOB%*ep1yS-K@!MxA+y~
z+|TLk?5vieE^Ie?Q>Vl!L+Jpsph05Fo#a=5B503Zcmb_#Wmr*JnFrv=?t2RrZW|jL
zqa!0y)Si`t6bb<;X=w>?&sfjjL+quZYRxgJcVJiN{f}i#swMZq!y{?!7UoTHHxir8
zV4M6%EKmsPL61#-C5HJ5^6+>=SNhu57js%M^18XXxv*8&d9KZ0H=^OZNK5CT2`;`t
zK|EaVj$VAAA}dQtFTaj!BRZ2ikKNcU>V5l8gx!+KEM21RD|gq`aI^cT>g2`i<CCXz
zR@R^889>q#r%%7{RF2+mnKt#$jui%|A}uG!EhLmp2HNEP{r#i{;^B11+0w<@W07Lc
zHrPFj3Yply;qE4bG!uFcjO^LT)F|_c-_17mu3O9Vzu%#Jsudj?{P&OP5exD(e?d-v
z@vvg|7Nd!V7#1YDbOGIyXWmupm?rc5f;w6`*I~QySiTOer{peA$!AMTOXUYAQr1hY
zIo@BmRGw^&7M~^5|NeVjf;IMzNiv3poD9@5DDOo*3mY3*1qB6^cXI+6`>jl>-hc3*
zvavBUv+9?ldpBC)yI?<Y2mHGduW9m}-N6X371y?#M9f35*r28+m9E}i<H@FYt=tCz
z!5vLaPk*&0S2Z*oeD>_wC#TuB28Oh>w2@aIam~!k90Dw>TWIt3pmgfCaa|zi)vGKP
z`K(ZJ6(Y{b*xO%3#JzjBo7!{tjT<)*C-fe$Gcumy$3^3lmI@0BxFjUlKYskElGeWO
z;KAA?g@_j`fb-II3lG}Z*Z>NvOxMm;oWeqdF#6S!^w7zPjFy?s>b!tDJ(+%lnb{j4
zW4b{ZE1VVb+hfID?-!!1wv!@zB~mtPdN6>p9=p04Z{ruqB_8&Q*FiQo8~gI|^WQK?
zIgd<F&q}3}1X1M&0No2;y0m{9@ChAX7&V~4_f8%)BcW0Pxae6_Dq3WuZfBvU-7Dq&
z0K-a4OW#|WY~~dZkbdysG`qOV$@IwAuU`}wivob+K6PquiSv91zZKkGt!$&cFs3X*
z;}t-a>p7iJ8@nPbd_qWwUPead%a0#2=H_Rh`tAA)ShD;9mOINd-<?ZUR8)kYO3PHy
z(eWJ}y$>S_%`Z3>U%q{-G{w4m0al0cfb;TY4JVS-&rkHG4bc_Mz?=fW9opVl*21C7
z`dwfRy>2B*%E;_3-<lJHcJRd)W$|aBl6p}3`T_p_2Od9ud_r8D4L;z8w)W9;dY?{+
zdBsb4zr&D-lbx9y0M{O<xw)6Q`>c{+o*Eh&dUk|IY2UP|sj2b8U_~Xfd&=7SeK$J*
zzPSX2c0tqaKYPplDZ0S0ijwu>g9Arl2$Q^(^vcf8?uChvkPyS+!(63ww6sZ2mdE$c
zFE1^@Rr$gsav<E?Vncs+0Ed+gU`@(R2YeW7_UgmOjoSe@OCqd-ufM<Wr;i$Gr}A}f
zKY8+`GRJj&E<`du?(JJv?Ztz~uLesHR_+WD%H6lVba!i;#&mUQEiEsH-ZkjN*VN+f
zC@9eEii4?bN}y1BD{+e167&Cz4e#Pa7FSo-IFm_t)YQz@X1XOeOP?(B3JIy^*oX+w
zqfAA{zY7}o;?#+AGk;C@Wm2D7-sR;nzyb+BHcBWiW(Byku)4|^e$+)}KtZtVWGVY4
z3kFe9(T5|ov|o?#*nPv<jZt%PbHjiIv+*Hj=45AA4;GP)n&F6V$o~MDo_VRMd@zI=
ze|vqVGHE(6Fz^JI`rW(owP+I2U07I{yf;M&t!-^DYHMX<9I@MtMQ3K2k73S?7bwGS
zo-O<v*oC`1HnX+jupj^aEFgf^%F61z{kUTHSp6>&U|DV+9x6b7kGJtc<=aaN-``wJ
zJ|=GH0%(gvJO(v~|5Msru<~@ndD+?Y2K-^S%2s%=Kb56j>c5{M<#!r*L_{!utFONy
zef9Ce3Ao<-5odXDTH9(H9?zevXluVrOg!1v(ZMAkaA0d~w)G5oihv7>!Hg5rjXH^r
z4i3VfVv7hoa>{wizHQr6$Lsp<&8=m-Z#lhw{W>l&aZicU?1dt?Y$DzM{m*0*D!zvD
zghWO8!8qi+buvt7yc&LUBEt7i)$Z7O5z16vUJmn6bcNs(Kn31vDbgk;Nm<{UJf;9V
zyyzSo8_Oyv@JdcjZV<h6>C%Uk6rq%DXr{2boR=;!LcMZvbj-=m--|HI*NGXkTR!H8
zvOx#PdU(<>4+9W*y!_)zNK6bZV&QKfXAt}Gz-o|(2L<H;mZ!tRMuyq|cwl@Onwb&M
zejiQVkfAVuzrK~!-%j)U2HE%8?k~%BKXB~w0SO6-g~i2ZB_$;@OJgfI$@tGu6(4Tn
zA3<FoUhPDAhlQD-uYEbZxNE%e_bx;i{avdlV%A^&EO(CrkZs<bW1_C3b87&-bv7w6
zao>7Kbxn;btZsgOe)IYOMwvB0c0QJXCTuptk^k`NQzXz5lFJi~oh2M5GhNx0%T%!^
zHPE`c$BI6EYJy|s<3oNEB^|qBl^1R6nS|`@5ZFA>G^ADrD<~|it;1qa0%(y9<mM!|
zs2l#geu-0nudnZy&d!L-);%W^ZGV0W`T6tbByd0Ks;V~tD8-4`kAIoN!uZ$fL(e^#
zi6QXoe|q@Lz->|H)~#DD+B}yphiiP)ONr1_+EyDGIK#{96E28SLK5-ZeMR<lMzf)*
zsC0t1wl>3|L)WFHr#mx~0Vi>By#>C<<o^B1_I9?ie0LV^yXDbD65w9>gyyEf3Xfka
zzgi!x$Tn8X-S6MNP(Y~vD#-YUhflYiyp}&VT;nI~IHjJGo14HX<u&PcChb44&Pw^~
z|3F`5)B*11VSLE{z%wp9XMKEHT3f&V_z{4ZyvA~e52p_2;Xfgsg}FI>OTNz8vgHP`
z(YZM#zA#_ez~l0kogc&ckUxI>$a}nKWcTpl2`GV&9zAk^lON;gACni{i!p-bK_ank
zZf-Z@RaCUJB5Qhh?&7qzTt^Z;)!o8-B>Y48P)Z~i%vpua4w(zHT3A|MOyF@jEy1-s
z5s^KMB7dbFdM3L({=`&G)E~@1hOGB<zTckR`H$rD&s6)*AVPgOl<DvP=E}GDFMtQ1
zxOWHh!aHJbHGY@(GjDxwINg!)YTCLxXD@UVrc6wI_}R#7PwWbp>jQAfz_sx*P{TjK
z9;|C0uf2A5F)Sj2`@{*vt)#;+XU*hZjdlKuLKHoa5L<wc4WHeSB(wV;tR&VHSoa=c
zU}%fV)=DG-1IK;gLQdn<yaF&fD!dGot#6~EnxQAv(|=vhtBwc{Cr?XlZEb_V5V*4i
z%2(H7#e4tx6OGLbftGWc>3RlyV}D@X%%<u0$Y%gWSF{N;-A=%@RoB)U0km~zqyBTP
zgyEy5EyK_;&1`M!eiqq#n!ts2<(T*_K(Qvk;im8ZZ(zvbTY#URl%(WtjZ6btW@ctG
z2iO=Zo-;-D)XR%fG5RXKlatdvI=VU_TVLb>HANkve5_df<h5(Z`8Co%*9+nf$jQkm
zzPTX7gNxq8z6KUe$hdZ}Ax11`Q;v`LA4qFuxW2Jb4(5oN*;yfnNfjtFln517RY0Je
zdPiHj=~Pu!Wk;^GXB*cYI)3~Bpi?M%0NUOa6=~nZUVCx@y<Rd<F)+Z<(9q!H>nrK*
zUN++(gxTsHxCc`goJN{@z}}R!tS?6Df^-wzVG-aCkeR9Qv$~X?l7>sOoVB&dp<UY%
zte9+K#6_arctqrX1%F>`P{6Ogf7QkJ{Vy+oGWH;Ft$Qdbr}S&MOi7%w7HIhzK}IZ#
z$nqVl?f)55*$vD$8K|sXyYRSWn6N$|2WxI+b-=*Kun7<)j7ol)<(t$=Nl8HP$hx|g
z{5zT|6I?S|o&Q;M1eX0eAaQmi+8?+b8gm#<PjFfFmv)=^dmm)03}h2i0g4WwW`d^L
z&3p{hO)`dq87r>Y%)g^EOl$kU!n&K8nVE9Z(tBis*aLv)B-ee|$Owd>px_~TYHBc7
zNblj21gdPND-l}%e;`Z84v~k0h_(5FAi%9~pwe~nza=^tLn(Rr`SbPTq7FB;!lR;S
zGBo@E=0^=&MI<X@Dd{<ZIN<>K$!8yc{hVdLfW}b&ADEOy=4p(`h~VAw*8#__3<Ds*
z5Bmu|oN7BmCc)q)NA#7GJ9>LNClbj4^LkgAYoU@v(H5PM(Xs*`It5?-<qcM?SJ~0=
z(uE5b1_46?mjWX-C2%C49u7U1cL!eul!q>R@Ba%~%MfEY(ZUvOyhDUU`A{>MS}M1I
zrwvw1NemBX(*C8k=)O=vCG0e#HAHxIN?|hKO8@y1Hhs?*FPgkL&}McLA|u9D#QLM8
zkHu@qkj2G$r44=Be+RP~TfpPp{8x7L#k$=Zhf(5qgx0p*aH!GLwwv8Hu(srG>*Le$
zQD4E2=`0u5J5V)59}YeZu6xxhxKo`Psmu7!LXGq~r4atPySqCvlmnW6-Ny37(ENN5
z0PSdT*N#CKHM&BEG|)#44jTlqUZQ4WWBc@I#A}8Hj_0{jr-u)(8yhFcucFG`j#_r4
z0}gu@1>Ou7v7>&t)KqF{Rgo7=d>@+QV1D!22UHE>X-kV5l(6Pe(X(SfVfgs_zkpwo
zjK8j@7u_(+i8yamy>DohMzHiLXbC?{pWJaOj@(Pb6bF!6Gt)rE(vlxYpxeb@C<2P}
zpV-dRV_{s*ZU=sl_h>RHAmmPYB+$PJz^X%mWC{n)B0eQW-uBpqwsK(XU=FP4?9}8T
zg^tc4t68E@YK!$R$uRRZD-x;+;_0oVmM1^x2JZjvXgCK^p0giOxWGmv={UdU$2Q&U
z>CD66OPDOBqo$TLF*)_>)hiWUUB9fX^E17L%9+QZ{w4qcIB<!Q>jFyz3qOCKy>N`l
zmkd;r+7O@$Gc&WM5?Yy5%xE=cdHnWJ3$X#0JZ8#_a-F^O_{o#_($eG7FFdH|rt($E
zOe8udD5<69Q*kjD7uRlbK>@7WoQXmz#)!5jUbY%2XFGN36z`cc6(99W6u()XF<ORM
z7$D>8*hrNAM48rBY-!)E6!odZuYDMwUk%$X7tq=G#G5}F=K`@m|LU0&VGV`&zv<2F
znH_qw;{PnYDYQdxmOAdxo9pl+6YP?kw{Lp_)-uo)Wn^Zi$*lkO?VhnQ1@KheaFA+h
zYK8!8UIl1rWMs6WBq@LNvK0#;p23lkggcq1z8vK+POL@Qkd7V0h%77k@4)Z4i)dIR
zpc29zWjg+eM7_8Yr(nO%Q9B-?zHK)`@f5~LKmja@7cV2n0<o{>Y;ZfEM!f!otve8!
zH9T0i=TPW8_&2w<xPgeI<B*UBUVCk>FD<kjB%tFWc6)&C{^aoMaQVjgv6%Xdq?^D5
z13D#tW5Bb)Z{PY(PMTf4diBf4s-K%;Kn8H0K1~UnH&gkETdP4@+Z`PpH|6CkQtze(
zzj^Z#YVj^OpFV+sOiSg2wcZb@sg+A(^`L2Zy?e*CO<c!yo*AgBqPTqd@>Njl*d^RP
ztk+X$XlSrpu{kcWF?xi2J*DEc!OtkDDr;)?qA-L@PqF0-M>pFeU`ibXB+Ps6Ty3%A
z^m*I<Yd`?iD@FL)0#ghVPzBJr+4m}TYiF-BL51>f!`IJZj7J1b(em1$gpdhra`^|w
zuo~3gtovUNYd`s~#A<`+_#6_kxN(XJI3Us6SP3>D>U=ANjhFAt;pKnLt^HxOE@mtb
zG0m5)v+t#(WOc{O7#nlT$jZI~i8X)&84IFl@^akQGS~GMkW0Vx_s8n#>z|R3Fqq)<
zlSYbvu!WLBSs#&#6c&Dc`0!!gt5+k{`4~a%QL(np2%ejry^UBQf{^m^=H`tzYOBr?
zKDn(iV$Q(D1YEZH$(x2r9PYHpUuh7V4=yPY13r~i#O`E<eu)N;7u=qfwv;<x8yW(=
z4jh$)2IunVeR6Ur@Tt4b<L^~%Z@VomE^-2zS$LLI3x_ATu<%MzNlELA{YOB>2>=e|
zbfWTG;g>MT$OE65sFpGrrfCr0TWAaGeGH|icRYYaNYd%&`>8pPt1lDl<gADa0XTJ%
z^M%X5@el~zI;D?=M6O;9*2#GP>C@F>45@r(t-ZZnRb8EdmgW3Y&}qrTo+w@M>s-<y
z?n}7D;RxT%R=}U0-Va!ftkAvzC?Grb?%4wp+~(>uEL^OQ4+!EnjvhTKI_BWKwWGVw
zXeXWEYO%;?5i;6SVAcIRGBVNt`DjTYll0{LKe$reUv{3}-p0e#FT3*0L$$}UCj64d
zBZ?lQFZ>2o5411;7YbG0(!!z=WXy*^rr7A~G-@diZ+!jT_O%+bcA;HV`Z<UT-V!v!
z5eCRmCSVxnaU^z--KwA=G<6Q0fA2BDv(vuBrEXN?QtG+{yQkXIWLgWYy5B9^$Cb^R
z2L<hL6CL*dI&^5Xr0u{x^4D7}x54IhfrMNe#35LUy==`|VAE$25_ceMpjCj4v@DyU
zAr-H3JzgcQw6qimRQtx>ZA|||(#}V(xjp{)F%KBP7n1Rl)8}IqpwF3^oBx_VFYo}q
z>^^Ghsp<1wM;`xKPk+Z%y_mdvih+Q<VW6f+)5w^bR{4F^@P9A=50bBv_{Jv_)&~H;
z=PcE~MDbyueGZR|fW$)$dhy`kJ-uQF`J15R*TLx@93Q9T;o<rI_ELQ!@d<u`GyI%B
zHBfw@MjC-+`gmdRS%WByn>TOX{0wUjy2oyK`%HJPoYPiKEy}lOXAFmV{wZvISXes1
zso>VQ2h@O%kI!{o-6#WbkYuD_j2dr<;V&VU$C8W)t{Y1xT|GVTpgU`kKsHiIQRn65
z4QBIb!~6XZOj*3*ycNcWYQX=wd9mXEr)gN$|Nqdiahjcf{1GwOuWmgPI4u&)5^yfq
zuRa=nk%e}0x(qywz!nor(TJ@TT0Q_*)SIckVOQ(@XQLi?hqdm?dRFUyRLTp+Rx%uo
zjy`Uvt*Ceapy$5%|DyGKn7q|NYyOeWe+lsO^2YJJJ(+5WzB4la7AYd~2B=Efk09g7
zXK363u`+80Zd#%W?}zvAWi?7+GEY=S64W2#K;*S^a_aa^-fVAg-w*4&gw9@^Zvz?_
zF$w!ewEk@KZ?Ya67A6DC90)v4vpPC?X5b@%!qN)e%Hf;H-}Z&q`WRFrMuZUc>Xjsj
z+Dt7IKceKoF!9RK`PD^Y?YO3M?ZE3<&D8C=8RVa%)kryX%kK}|9DEt@57?(QJ~5G8
z*#EzqjGg~~BVz*yruuxa2oXj$Ks`saqW^}PeXB$9<T3}N!60yhC1`~oBp}7eA||x;
zND=$@WDam14qHfQs0U0GWX}r<y>SXauyK~S*B3U7)Utw-+qe}@ZLFS+<97+J?aHl7
zq<SRrM5IhDrA+~|^pzx?Sol49>EB@{_-3S>y6u+yY6QcO|4prrS+eafJ)^hTzhOGp
zc)@8F1^Cuu`b{s!ZUsp6n?Eue9_@JwGvLT_BeD)qeaYR3qGb%wx&TUV0Obknh>6{X
z5#iY3!@Gey2<1`c0+$Z~HrbjyuMin~xrIk!)Rq-eNq^lt_Mt@2%uGQbEs~c{Ww!n+
zVk^nXxd1lcCnD(?8AHE*rQ|BzzD;XkVWG%}`&R&|A7f>0y$hj}p<!AC29n{3C{#l8
zy`f6at1uY%yDi@a$(jOjO<WudP9YHy$q~u?QiPGg!Kb?@DC0hT($dmUQ`-$Su#BJb
zK*$kX7v32NU{6@h5|@gfYx3>3Hd|sz$;l(_ny4C}E)`P;)Rr+_S%zfdHYkYhXJ4O5
zgkUm;k$UfgA8$Q@{@}iN@d&8JqUq_Q*wELoac|a`&aLs^E&sXr$J{UOAv%Ag$bIXw
zh^S}_sHq?F@?Hb%)4e4xPd~@~($6mez$37B3D6p2g;@jo#R-JX)dVT;gQ|}n3Eh5k
z!E?M3o9T@FM(+C)bl2q5w_%d9d-N#YeQOP@Fz_Z?_G^)VN8aC&1$fon)dgtUdlJOz
zww@k7F`($}mM|;Lat`<f!(yjdR*=R+;7(Zg<jLP0`1FVyM5*S*k-C(3@16s@as%{(
zkUk_RD(~sJWt&i>P0iwmL%Yj>9RQv_F;~gTN+1LLAcC2o{ek|XqH^dgsyrIKy(m{~
zKN0wcp3Ke3;XQHUDNL-HDCNb)MQLea<Jtq?zI-{sMfM*7*BNJ9z9E}wBeJS%K|J=G
z$tC<NlbbUg-iqcL0j@#9z7U*O5mSGxJ6*Z*6DiLBDr!qlC@ARbvjOyOhFeX>i9kiY
zUr##A$@vUmlzft!D)27t9UW75&1MwR)Hg&#L`DHV&dtpU8&>WCdsgdKi<I>1*jOb{
zEcaZWsEAbCNCLqI=R9vfmb<!pdqdOG_-pFwKymU5{`g;|_8FqNjm`TSKju)FQNX3;
z3pW?e#B@6MT9TR)>16;W`EOWx1Kd|kmRNOy(QJf$%W&Cxe*$ng9;@F{V9O1#q(FJd
z)JRLZ;XxT9n-C9oyxXzf92tV&e&yTv6Y8Q{3ULQG`HM#}NcVkWkIpvr(MTij+AOeZ
zg5_ex@#@Z~14Qoy5Z(R7{cQS*J+JgXrm&xAnEeN0dGj<g?{B+z*PWOD`jfKG-!N+?
zrTSkOVwVR>I*L)3X+bs))3XJ-7f8&)#{}I1tBTRDp(QaWn{9EKe@0%7!;>kC*{{Js
zvuDqq>nZ9+gP)(38DL=C0;7@*@N3hK>xnyt&7`_%a3WOYnYT8<WLye!lDNUZ^1H&?
z<PsRp$*;Ze@_GmJWoDI7FH{vF^ftcyVAY3@i>qskY01-=o-JJR>MA}bb}<iAZsady
z&mwM~ZQXl$&)&VO4+NM}Fd(b}TQQTnxuy17b@!~u``diFSzRk9K<t0@FEnzQ0j{h}
zoGe>|D7Eg=H$D}xsGz7QZDjPWc?Dh>spG(a1a(ScdqK*t!`fym)@y^1ckyyLoNNg)
z-2j?0&<UBkCRCJ^!;{Sk;6!`@)~~Emz)Dx+Ev>C->FDTAo<2PcXSdHrPWe0&(s*Wr
zX991S(ufnUh#o;%Sn!cm6d3Bjesl!*b^u=`p4|8S#b>P!oV5br2Y4blJiMcKF;bu8
zfAr#c@R~@ZVPED}<5v<vZvb_f$%B%1Ds(d@I(h*`T1C05tuMzxl|`e`EY}`CgcOm$
z_x5(ik=lSN;G<m<w~>Tj$^d~YL0bv}v+MP=cCyz&T#eb-U%RK3xRF`{ZYl5+`onCQ
z0M;NNPl0Z!Bm@8Qg8@Pve*f;s{TM+vKY-%^J*;x8qeG**uC5CHAeap*Dk@;iex+3O
zUs0(B0nr2whL=ZpD#5`3q_Zf8K@ht*-*(~mrm;uxGg+TEKyR3k0WPSivdC@LG?F}c
zB3a-7gBO^aJP-Z{I93oWheHXQsj|PH9jb24+e?-R1Qbc&v@63nV+e;B8BK)IcgPYR
zR1KGU()I+B1~nJNCguf*8)#VY{R!w7Gr-VLS!^`Y+PYXz&(3}j>>hB;3}JwS4-zf(
zzUGEM1Xc>q+}w+x;$@pPbCr>*zr_rAfgnONd)dL&r)}*NBere(zccW`=PsAq)y;!N
z3(&)9u)hfw6W$~wBv1gkaC+hh*_(Q?5F?O{VdTD4{uGbDX+5B}__Z7N)zI2HATaP?
z=<-)sqGw>A90D!33fz&4;990OS6ftARVH)r|KQ#AYE}zz1X^GmzyMgBr3g11WDxL~
zeX8j(oxyW54unp#h=FxwRUu69^8d_rEP-Wd4JGh1V!O7HkB0Yv8wif+V_?KM!2}Cy
z4U_zyo}M1WO<R=O7PEaI3Oqh)TbXmg_S=WH+)Q2)BbGNRyB6yYW9LCT34liV;>C-5
z70>tj`1w^~N!zB~v&R1790y|a9+L>`A;H0jW5+z0jac%)yFEHSKAe_WE(xZLSD~S_
z2IY>>|G)vMuC6{<GGE@hWhAIUg2It)R71_c#54>o5PWAv!AxLY<EjMlI-vIPWD_TO
zz*}8i&C1We<Z{YWed~%<*VFWLfoM@jYSw^SGk5)$HQ4ZQFL=pqt=kkPou{FpM~sY(
zJy-slw`30j{42ZZ_jAPg?32E~AT8xgHlX*~;@Wi$!0i?sd<cPbAC!lpqN+-7XK$|x
zPLZ}YbwmB^#b3YhV^`fbg?;vcPaVHdMR!9QXvae>S8RUzTr_PM^b;)q3<|_U;`Wnt
z6wV;?xX5zvA<)1Mg*4Mis`W-h;}ge80K&7t2jAA&DV3pN+@5+@@@*IX8ygNhBj2$|
z4)9-ma$WzZLS7d~rLJomovRX-0kYi1Kg3;D_Cc|gZ4IC&Z?#-$lEW2=qUu`a^AZwj
zv!O?@ZN!YwHay%+>a8**yNO1?Ak8=oW@WmQ4&;%GI(0!vq7Td}a0j}{TTV^w@YK{)
zFu0Unzh;1uL-*z};AY59Cs=etZLoNP#sr(v#%|lohYguHJblt>+ofkZf)8co233v*
zN@eubN0M5=?;ZncwP5mWq8$>;(sGQz&jhC^^W#TZ@CkuMJ2*Br5EdvdJ^cXKfe|Ol
z+`o2{9M|!ul1Za;IG5+qBi?NjDElqc+yr*6+V<Nb)@Omd|KYGNtglD(Nq~g${Qp7;
z<Cg_^sD)kEthl%~@gqTJxVb%ie1Ks!Ykhy4a(QOQkz<l2AT`3xL+n3v_^>1}lkxpa
zut!>wv1q>1fkImj5iv1<FQ#aPBFAZ_U2!mT#f-sbQg;JfOg8F4f?$XMh6%EY0l=tY
z^FTmm7ala(=1NZ*&vg#Bg=Z=lcXx69Vu!DT;7*EZzU=G>Mj7DN;xVLkOhim_Xfz?>
z%yO<6!FY~%7Z^$3fFMr&ULGcFG$Be4phXgRph8kpQ(u^jH(<d8v->(!ru){`w-H}@
zdfpPZaHNvnMPxS;>@A7vd}nxg<ZcGNd>IdCX^23@;dUL&Y>fSa+Bq-!ACJ(!DdV~g
zC5%U+sBR!R8x1ha-}crm--icIa=pD`%YN$g>02FVBYrmW)UG&?-m(saE+hH*{lLEa
z(#LGJCqEC$HWwE)9bGaE#$To|DFkd$onSUGca&Iv+%6F5C4tg@M;dc0KO}~JStIC7
zDzof72l5RUf-Lcqy%g=RotCBMZ;^8_hF@Qi8SKlyM(e=e^$1Qb9yn+bk)x)Kv6nu@
zwqZ_JPhox~MZD-tkPVQOlcTcv`H54k7WynrCfo7jO<i4PY6J*<)I!Sw<q-&<(<S{%
zwZoaIsgmH>1K$T%w4sxO!yfv05N{A<+ZlAvw|dE^pz46hbKhrW(jufi5OJ<aHDUak
zhmIcIA0SHsoeSv5vU)++9?<j1Og%V;zekI-jyf364d8-6w1y~!4teVK1~6YH(sqZ=
zma(^dw3g=*NzR{zvlKn#$=n2e>F0Z+my2v7c8Lo*3C;Uf=~&Jq0A^5<Mv2cAjEuP8
zaNdLN1b_K01M>+C$wX1P5o13>QC&waD^DG^s)s{!F`<^wLnjAtNEquDJ9KS#Wqse?
z^^~;TNRqyBV;2}l0+HK8bUrU%hOhyjqOPf#kdZ+P1cao%K1X5^klnAt!-s*OFtfIn
zdGO%93@Mb~X*>7`$G!f=!Yfl(3NTPo8t@IV;>X~`1MOD<V;#9S8Z|_V<n)|lMDd7V
zmHmH*I+QI)_e@Qx5Ws1PX6owb++W2-6R;w`cR(94Em;El#ZZY9wX~58HV+)LfYwuB
z^x>p&fNQ-POI+d6Cig3(gOZLO4$X$e5Q{442>RH~-qrHqxVRJQ8X8<@&g=&x&psNO
zi}=^h|0}Z70p)+lPDLO)4ViX72SXMZ0l$5_1<`>x6b=m%12_gf7fuoW&Bt{wsL$2r
z`@fm(SLP-~=ZuznkJ}Xrg03`<(@1M~?JEjARa-bcs}W-|-;+-RdfMOsX1fmag-;Be
zhMk!xIdBve*bdmJ>0MvnDhw?m7^e`@Sh5%Q`UlaS=#vmx)HWg&z-hSlcmV-#uao0&
zKPhn0nTYtDiC*R3-t5HH!uNPIdJ^;V%3of9FZ3~{IyY;;fQX#|sVyaRd}@kp`vj?b
zA2|qsLle$}p(k{+R?i4*QyduAVsr|jM18|(<Ugp1D;wB-YK!u-*dHb~B;T6OKEgn#
zi4XY(DkyW{zV~5PYbK7IvD+GmY}nwOSk4r(TOR=TD^w2|7<tJ~r)kdU@P02AV|Rs#
zI~Fc3q6Y4(cVjMg0FaJ$Xi$V`&vZrtgsL76NebwFI;5ne^rfMp7RsOr6}JWw@j5JQ
ze`bAsJ>W4~Wo6~=u_#>}Pzt+u?<ObB;CLN@CRGhG2;$2$hw<V%G){oT(2=#W?meq0
zc83H3#M;Q++&5-@2@F3TjU#|cfV>din8}5K6VTOS1r^8O72F0buq2Dbt@*0@dK$3Q
zf;0P{!T_BbMIa<_IbsV_)}J}UDE=8nW)<+YKYfZoT;DOY-7e?)dc3wkP@zUsPfwuq
z96!GYcnZn%N06;^oh=|RaQ5U>2;Zsw4s!?@i_cD`zJE{oS-FvF@|Fe3B;7rHl0#t@
z1&GngE$NFjHX9Ge_td(r9cXDoaJo9W=V9`9P~&B|31|oA8pv9cv@f7jh({&duD-r?
zijSXP=>C^Oi1YXp)liPehS<)J`cjID{{0cs_5cY+YfT$|pWw?Kz>&Sdf;Tz$!H-J7
zafX(bew`>x-{|76xkb6a^5ZD`Ad=lWo!S->Fs2c~G=&gRgjN1daJ%oXzBTGr4tVnd
z6UKRM0Oat;_=WiIOc!cnnJZPn$@Tv|5h3#Ke?1X#)ct=;B4RZ*+Uj2e5%LjhKnM?x
z1R-SsV?#)1VX=;brqJua@vDbmN8o{L*|qI(J#;JW==<t{h;RYz=gtG}%oB~+I^Zv|
z&09|kXy+t$PDS*T3(yZh*Lb)vc!PnN*|@LRF%lXjSc`VH0!;9rOGZ~9?_gXyV1k0+
zi7Z4Gv4NTfPh@P1ptonQX}`k=<YO*%NPNcQZ-ul<WaCF?21cP9GM*#3UyxAvfmH$r
zF@DIK1M(QBj)F+m)!l7K+}`Laus#MbkdKe=;pi9oGEq|?-9XSiF5%WS6Dp?v@~=%G
zNQQ-T+tC+I4??qD*qFdZxmn&+o~|ceTE~NZU~Go;T?GAd6?<wOH9ncrC}-Ehv$`SK
zFoDV*N$w&7vDu67#1J&ejvSElyGon|`=3m(l|rP5$sA_zqb(Z`{UF#81o$*SV*4Ff
zB!M;mT2tc*vWPN_;jK@a8h|!8hY;L-TU%xDmNIZ~WUe1d1h=wIkzG>7QqmOJ91S*i
z>VpSQL#_c>adll?{zS-u96^-f8mL%riSyn}B{on!asndlAeoh`4LD}98l=9hlMzn-
zI(E*^Jn);4z)8%v?3}88xHv5HR@9LX#N_5+PAT3~r(^^hK=FsUfg3@|p%;e5D#MTs
zT)w}=q1NCaiA^7v8<pV>flpT!$n8A)2_;VP|FAWZV;Y?L7H*@p1FinzKDk9jZ<quP
z6b~Len5dC<=G?hJ00Eh~fnD3-^<5rUlL`bOg*8qh+hjnlC0jPZ-e~Y-jIr2#t04H?
zrScg60Bkgsqjn|06f@AFWm^Hi^IyxGmbY6&N!Rw8+K{x2NPHa<DT`sO94Tw^H9V%I
z({<1H((sCibdS0jiE>nLfI)Uz05hFYNGA7u65*i}SfEqDhx!hvU2<9mav+KmH+*6s
z?`8(kHYRHnPxgp60M)w8<T5hQ`>vd!p#a<mSAeV(c(_mJ>-(Ns3li_fjn8nvuK6!~
z<xqUT8bL50lU=>209mPg(uD~4$gT-~g%w=e1Wn2acnpl@`pXo^VMW6#uMqJ5f<$}=
zY-fECkMtS+AqZga#trGjb_*f!!Tio4<F#xzlR6u<lA%49E>zN(Sy(&|4ZV}uPLA0A
z$*puw&Flv|v?Mec;!*_e9+>jo*&6PQJYgAtiw3S@IHRzCs-sE+OSW2)102ww+B)OU
zuYG^azGe%wU$yqG&p_WS)E=|F2h@lA;cCG$bS)9g1>^`bIpGULq08!vn&nXxaSV0d
zsw<1s*dOC9bGHD4ARVkqtvdK|A7A8$$oJ1_-qNt}hQIxEs%SLrb!Mc`>$hR=Q>+Km
z9%O12d?+$Zxfe2~{PO$WBexlDsqMd`uBLw3&}(bmdp?@w!FV*q#eGwRqH`bpL>fgJ
z?UD7`<KMNL-rqh}y3(Ss%69N#D9rSEHhrwO-wNM=B!;`Uu@ejrUHO*GkfacLvNXDR
z@VEArej|I&ocIU%hS0~;-x3TYjLAbVw2`I)YhAacuRN=44HWg=-A5r%l0JVv@(mER
z+!7My<y9Xp0;@#!Cc?geH~0Sid8&sN#h(2o+6r|nM9#-p{Kc2D7(e)DrnBQj`(`4U
z7ivn=6dYQHcDVq}HR=?v)JEqe`#MsVYKl6LJn#>6{Ezbwr~0Zc6X&lOuj&FL1@yCJ
zOlC^`pNKkZxcAg8KY*B^N4Gh%&?Nyv1c2J%%<=$oFjN=}Y4f1R-PR&|Q=mFn6hm{-
zerE@o7T5fC6hQazRW^k2dK4Js0n%o}j@mrvdG`ntlUG(&mWyueAFVuVQtx*Per0}u
z1I(pn&F}V-(F$iqTpR*;7f;xzE-RDIz#uklqM@SlRKk7pb4LdgnSiq!^PRb#xJ1rl
z12&0MOBsYf91sidU|v8#P8!Ao&TYGoWdWSR!s;DMcEb@m<=}4$2?;T4N!$<i4EU|!
zkPyy9OQ6L72SM1=8{A?L)lyAZ1Diz!xGsi9M_~e?QhY1CAKX8p%W&sU@bOUtU-pL{
z11jf43DJlkSktyC9|lAXIWA*6z+UFE`W!$Ls0u;A!;;Shgyx(0O@WYXG81MIcgdSs
zns(jx%b$mDOr9;kW@$(SPev6eZ@+&1$}#?6y+yHZ(0$diL*M|bFvOJ(LLvsML`a&7
zh>YY-FKoA+4<@g<Z6Lnp%TbIGfhQUL$1#)&kpnVv1%pj9+@Iq}^l|bb)z*G<-WdG%
zVAk>?2d98xC3l2+s~>MKMP9OG3gkcrLWanQ9O0!1`G$jA0D@;N^i(nxLv~EkFbN<K
z5aoI5^Fq*!YypLdG<|HWS}@-YN(tHTIbXhYkeucLofjmc;Bu?(3nx#VGK4w`Idbyy
zLc;Dui93{Of8aufqioA7$aF2lB1Ry;+7@LCVq{i!_6>**E5%;h520giAYpI}ccyvn
zma7vWu9F36yvHssMo_}Z`3@L|{GicHhB0z*1VJ27ONVG5uPVhsGMep8QecL6a*2p&
zM`Gst%glQ6Qf74TDOzI?kbC1N6LlaRRzcEY;ucfNCTPDNK3Q%Xc4b|o=>tafQQYV=
zY9o+69c|ljc4W&j5gOmg_)P*r;gJF<<|`zJAf))h98O6x7<Z|$AfhM(kxeg=oRk#e
z>A9DYiHY@l?)weRLI5gLP4ONLdC>P#)lR9lM`W6Bw@3UT06dmc+btjq2?y-7VhLz)
zXBeo9-8OR4ANN6Ep;Z~lC}9if1u}pie{<e&H@FJFe#>;(HX>x+g@^@$m!Dt3v{+;c
z7D<Z``s&pOh+=`11-7cU!sdtR>B#{}U<w_VL>wj$fxW00V${DkV7>VObbc3L1U*;4
ztK9@b@2UEZ3rU2RJ}{h3)-a<OBr^3&!d=$q&ZeR7k`**~{Xp#rQ^Mtf(ld(+A*>j?
z&Y-texSa~+s=iNChrCtXH&=un8*vK?(g8y~*_IM|{zqe@vTZrg{?sJr$);TZukoPT
zo>Gqf@|6T2Smx%<eR_I&<RlV3ef;kvQa$Lx`P(2TLX6$eVY-7Bz!y057+c7MBe0MV
z9oZj&7Q1@&sSkLj`HyaarAh^g1dxK$dCH)bfKrokF*6(0ku(e@;xq3%lvCYARtw2d
z8W=byw^4+lc%bmXDoPDYdq2YV<02BQv|2hkl`SoYVN*uL;G);uVRb@Yy?PFc{?9U3
zW^$edB4Q?45?+x#L_|~SUH&0>aE2@AZJVuj#ycYsQdZk<j0rnJ)r{)hghFrivgm&3
zqJm{pq4O_q+P*!rfn5H65wzMHK&trc10CuHB!Xs2#{>kKaBWMF><44=ZcxX`;YgUb
zVWv>!Apt25mupE<bk8tZU2_B|aTS{~%Oj`X1_n}m%NjRAuk<m!>)K2OIPvw;aunG}
z;P{b*upl|U44}2+DkghvwmX*x)|s4zClCDKss6Ys|KaTi9V87+-w*lr0;<GmO%990
z7;E((2@)N2JBmKLL#3)qvQo@LAU!>(rZRN$pNEApk^_5+7gtVHLY<%{fm|(>qFz~F
zuV5MrkHr`Pui&L`NHApsM1<LJ7i`6Mn&II<P$RBqXiO_cl$2)U$Ii_|*`B~+*x?Bg
zwGfQS1|bvi6e3(up&=%*5}wkavPIUBKzaeV&h*{{(xqR&%Fp}mk{YcR>>%lYu#lCL
z(*nvkxdz)>5c0w5_7Y%DMQ?A3>{yiLHkh;y1JMF$I5_0qGuvZ%nUHD%V6gyb%^0RN
z7NCCmBOVGlb`$M-m3^~Ub$yF!m94+(BQ13QsJZM9DhuC67`W_*t05~J<ibOCF@l$F
z*Teai2?!~0ojZ3BMqyxQy2{;43?9H!I>>_otUlSw2v23H>hCu&jRnzrI3+o@<<03Z
z9Ju%(mi1`x^De}C`9re-U)8YWWFCRDXR`tFf{wjUd2VN!1aLNeqGZP{P{Y@OFDC2Q
zLw1jo)Lz2*1yei~RQO5`%=R<zC<0%lCrBwZOM$raUa<lc6!Q5wF7Co$TeiwXe)h{1
zEGOjmr!i+~XlNW}dl-*hw)zbD0nhr0AF9ZdrQ0b;#Lr?!8hH7-gF{}$%GM<!ZOAv2
z%~l{dvB_7JYpNVzLmQHcyr;8OZ;d=t+hHrB$cB6mL7?}4RZDM;b}BvitFL3-mgK>`
zkOWQyRq|6#$dMIlTG~@UL_l^r4w5XB;y&m3_<W%uf2pnYA}73{z`4*hPqrlaEi@IU
zCN3$%<2GRU3HA1-TAk~Q0?}L+aCBR}DYSvM(kJ%2<CgC!ri_6Su0sTYAr2JIXvhkG
zfCp@lqwNr-kSqrGB52AUK<1JE3cKr!5HP8+Gizt~_}+oBITSS0KS_3o_e_4j2zt8<
zJhx&sJggTDh1L;RjiuGqQ=XFX%b%rwH>90f3pr3}>6P&)TQzu=1$c;nQwEdcOP@)y
zRt`B`76DDAjd4~|?aeWG98SB%C4k<cU@X0>uKwkmE_C!-)Q&kp4`2FdMAl-UyliGO
z-*zAtg7lCL{8epcMF`jFZ~NWn?K<g<S9b*U8P%i{7pek!{V&~vUDw~=Pu3M-&O;3h
z{iTG5rpVF_-=DeRF!qgcdm2Tm1TlA7jA7?Yvlw6ctoaYoJpINn|39+X9VfJRf2O0B
zaj%1zxg%Gk;OReq^qEOG|5<_AU7legcA!@O`KS`P`9zsuoq&5>EBIeLUp=j(D69?g
zBr`J_7WB>Zd3Le3T8t~=IYhYJ=Fkf#O2-?@GKG9n*ilkfvOesqkluG%(ik<cd2r&H
zB~pV_%yEs^-_SG3#NGSPqoyuWc*w2QZ4(}C;U6W?r1Vf^oEG+SjpI(AO~1i7_TiJZ
zy6KIaV(05g&pk8FQig?hh|+npiysP(Z74jJ?Xp<^bXV4V52N_S3sZkxeB_%p{KOZg
zgx6-w?YlJsSQFIrpS^m1>{H$r(~`4hC5S5<9}b_OjXNV``swehbXEU?elNo<7&j|m
znTPG8hTnsSm8emq)pnR&>^NF>StNd)iP6QjKn5!)&^$pyv(jz$jEQ@cYUI$Nr*kPO
zEb2PG=m^1tKC$_I<{CCOj{yLk|B!xQS6xumM{C`(v5cQT2T99~Eb1CwHpp#6)c6mR
zh`y0z?BLdr_vDk|J(LVg!!KVmXqA-E{Q4#v(6kt;d_FGg5QXi4Y;q&gJLk~|YmMnG
zLd`d45P{v%TeL*Ez!T?rsLm$emcrFXG|z6$!;|`6-9?^(=lJz2L=1oB*E~Pian_+b
zU%_lZRzd=9#B~=@#J-40WXLNn%P02ve;%{qpY82e8p_0Uy|ewJ*|BD(TgP+_b6UQ!
zYB&YlGcl#&KgO@6!v_xtxfic~J!Q}9@Fk8W^VzvT8vu9jT9Y5;$<al#3hibpAiZAI
za=VuPR=6VjDPpvIon1#(c518{cE@&+1!Lgq<Sv?H$MR6QvIaw>R;$WA_hqF|wD+;S
zefK{YdlPV|_cm^P)G3vOR7551$&ye}QB+!pXhAfVN=Ootbt)7gZ73}$`;wHsn35$C
z$ySIYd&n}D88h?$e5-Sw^ZeiEy{`AV&ULPH$};nt?{eRt?Ou}R?=SqZK5u-*ecqW{
zi#|kdls~_Af!pZLhC+XvIpM1rp;FBm2iF`!7T7a2u6M_e&tu15Q55?=30=!|ElCK!
zUCTG`6}u~Tpr^BPV|%{<Bl*bBhL`gxx;JlmNz9qCU}%*0Ouwz78hWE?{K4rjmFxfL
zd5b>1(X8#2oG~Th>Fn@esp%+O;#Q>;+>M?amo+6~(yHuLa)Lqg6?D%HEb+XjtbgYm
z>ytd?0@h(z;6ndfI%<KBP~23e(DOaU&g4>C`9}H*Ym$%fP?U!{9=lmfNiSR&ndh|k
z(9F8o!u#Dvq$!I>b4NccmEkw6iiv!dG*bq_Hy!2{_B|cpJQR^8SH51vzGY`S94|iH
zz?>{7BSG0y5w2O;Rh8v5yy{fg2F;Rw`s1-5hMzL5mnV9f&)Kuwh(0)D-Q}6vTDXfo
zgl%zHF|{dY3Raf==)1YMLQ=9^s=kl>QRv8z{FG-4vAAySkMi>;&D*nlkL=-ZwYx7!
zS%+x1?t7p+Mwk0u^EtzMicj#|tL68FV&+<&==O-O@s#Af@GVIi!erB)E<b$U#|w1_
zizV{8(H#{UX2+)-5fEt1b)Ab9uQER8_=)_FCDRX;mp?u0a0_<1ROXuA-W{d9l=s|y
zn-4VQuDS0W_tH&d-nnx(8EZ;PgaY5!mh$Zhp0VZQ$C)v^VKy~78n1V^@lUfOU$jW|
z**+sdijU8jxTKVl*h#7CEGDg6Ed1$p|LShqyTrA+(<;@tHqEB{ox;2mQg+Ybgq|0k
zda#7LE>C6aY=-^;Kl*w`qSX60lbyND#1lO44D$BBI7jJ@W&hoDD;Ym~XcehTnHRD%
zuaVQg>G?;!>DMO}(o5BL>mD4qt8iw<OvSO~Inr_h2ln&4Sa0iXb=lL$t}(S$jmu(Q
zQWU%0-u~{|wwmnc`;JB(di>+#@{@gy+X|a$JyD4h6A`k~-Z@Wo&$*iybi?Ep&!~Dd
zcvg3ZPk9a2X2?B0?fpXcnGE6g^k**@T<9wiQZB8FVxKZfyP)kqZ>PoAVa-i{ha8@{
zF}k>X&)51OpSV@B>s;F|?M&Xr30j`zlyL5%F+9<qTwPu}zZWB0V&qFs<d+xyO>6R!
zW{x*xytXM{uu58{@@+A%c5y&u>6_lJ*h<GA25}P;U!R|v|77_Jbx7uZh&Eo~*LXhA
z8rj`ApBx_DBfW9bGE*qVoMHVm!z{sTxo&S#Ep^gdTKVxuRbqu$p?ibvt}%Hi2M>KK
zFS&JcAfNB4Ri%0s!&^~|Z2m?5{$4C!p{GM5myZ~TF4EDeE}{RZP}^p$6c!*h<@n>B
z`S<olg{16eIkDTt9UC$$PA*htSMIa?)94x>dyp2fXR(|8>TCP5ypzV%bk7XW*kd>6
z(aX+R@BIDkGvh>^`T8Gy)jgg(c{TkU|H`QXJ1x}Ih9}xYHm5qL>|<stJ476a|9Q+)
zbz;5UyhT}tHElYo7whgTPuu9ZAo%$4vEH^&n>lZyz5hC2RIqsQmWAC7nFDT)Y1hwr
zRxWAO+N+V-pQn*2;rS~0vF1RrxLx%sRsBDo;yXZCEwdK{c!tVG4qaQAKg?%G52V+o
zT<Pzw>GWuyiMOs%lI@^Un!v|rf4a|j^E`>5i-m=qVYipLx#&0i>+spOeOM#-$m~ni
z)={I~J`Ke|{&FX$tg`K6Q{#E0N*6au4KD5;sM5&_x#O#L_(@W~Zg;_(qiRKzS9vyv
zhs)l+@?5i~W&Y~dO6Q;O|K8_GW(XC-k0V#LV*{P)xGjNFy<?OkwRd1^_*2t>En_*o
z4ZPf?np?%R0~fve?T`_*$r^52G)T+HU<mPA1l;{zps!QoJnhfjs8ID{i#PV-3U{|@
zzki8<>=Yr1%75|>lUi<!zSIA^@CZm{{kW)XC2#tQ@{-G8-5g3bNSy>w=Y$-s@ao)7
z;2_DNq2e@?|H7*>H}-`p+0;hBj+fuTJk4eG?oat+oBz>bIvlkFR+b4iyWdj!#A-Sq
znrYLg$7c@qRDo#umDu<jz-sF7b@VIzldWPAa4>dsM34eZ#vs>K31#IudaHc)1pIW~
zK0Y-^#{aqc6$HEv8~uRg7E~KC_Qjy3w!mx6@6f)to>=<EjE^3@_V(>AMXQg0A<qR)
z8-SM|N;beb2O9*!d}K-fLT9HhpmoEx$y-4QGl#n-!<$Q#HP9}r8$q9UhUFF6paCdO
z{=adb^1-w3Ql#M4f;wd*Vb>EqU>U-z&N?HBDs~nK*Z{bA<njRQK(D|-jG6`vm_HHX
zGKqrd6SURdYc$e&1;xay6**x!_N`OFwU~l`0+|N?cz2`c;(7G!ZwiNKUynA-TBtGy
zA{rEnyyf9)DVZ+~SoacEv?gYBKjY{P5aTi49=PQ*_VxrNLofapg;<rrPgDYV1VUsA
zX)povP|F7(J(2RU^@ugAGSiMa!D{C2%sl<&>-X>8i2VV*Y=Xq3dYy9SpO54P7b+>=
zpdd|{i=<`v;fdD$pV(59JD?&$_Tk-~8T`JRc%s`<;2{6Qt=W(EnSiX+-vt2<uaMdJ
zVB1a$G&TQ%ed;@d=jbu05dK4``4cwmH^BH#y43g;(*GxH6$OHNAyBKG0P*Y*hk?L1
zK6r>J6e3;{Lc9XcFIzM)G1#J^Yh8@iSM%C}*N{x4qIrAZm^$`eDBOU}gHRGNG@WmV
zuU%X`QAA>K6Q_N#vwKYuI}R#nL;>B|;<g?d=Zi$FiRO+ltJfcfhF)Rx)Db-;te^#u
zUfPfRFeI+O3&Ud}&)LYIQ~<i}4NOZTTF;D#0$OibtHqD~xyBgY3I9TW%7=j~7(qw&
z(*+93>O2p(7Kh*Fi~|+>is2o53%JH{kwx2Re{(o&982Bz?cKW+{i2k#boE_3JkB|D
z=0t_sp>rXU>--KdJ$eAyj)&3#q0N{%GYYs~I802P@UB*uA|kcm8`ACIK7%Pudl&s5
zjBA~ckc?59?;_fSeeU_hJ&607Y$AoPSx$)P<zYdQZP40xK?o-tqkVtl4cCz$ySFb}
z<EcF0CzMEoW)A+w{dnYSZIQX8?!JAn7;XDPYWl%C1^~8u>un!lF$)SIqi?oTceS6d
zFJLguTPw6-O@=749+{m<1Cr_NX?VdvVrPU0El^g6YzM(5Qu8HloM)9lbM~vrNoDCk
z3<H7}`36(KnJXcQ5w2=be4<}+cr;p-{?-CGf%=^ZQh>jFCF9KA)ImfyteR+!)Zm3`
z;u{{u?S&SAWxTn_h_weFBNj}9mz`w$VK;5V9~=)&JTA>?Y&4!TcWxw>Tz;}Jz~9A7
zpc9-#!Kdm447@r^%i(QlsRo<~Do)+Yv=WU(ln3tZN#cNpCqT1b1p(Vs^@}Tz25D+#
zH5~z6GbL1w<xI-Q5|UZ_X{lp0Hsdgm`&Te#f{+Hwr;<s99cmH<nJSJPIT@K?CDrez
z)JR+>7dy=#yO@}^4!N86I;$1^@p31fBNCDSpiW8P5;9fsM!VfdMn{XGw-Q9!B4n!&
zGn-+ZxsJnqD$2hzX`&knf!A3D1_qrEA6K?ZX1YVVLm&z)e%H*%UFkvh$K*_MmNlwG
zvJ;t&zL%q18+aHJw3-H&q@<+bkJ<~>{u|rsj@}!Xl5@hEUHFaGe%BI~TrY&33JSqT
zXnrQ(@L?r^)B#CL7VH)bPF*{-VJsn`f8fu}RuwxWa~wc|==xK4%H_h0z&NVVjoZ<B
zzi<6Nz^Nv&DN7HjQtoeYJ2XZleMkjCKC6<{o7;nsK2+wqIWJqb%oINSF<?tRipsqf
z(w^|6K~5MI9X&rV8OZEL$Ik1WA|U^5C^^)=gxDj7hBad~u@4_UL=I39A`yJ7u&VR9
zpe%$*eVl1sGlPg+5mvDF{RgjAc=G^1yy1<2-V40i{x@QGVpMye&<?_~kv4cr0ZUa`
zy7y`$S=w<b9AH&^SOG}edW$ec_V=QH&RQ@9IE?dQ%D@L@d!`7&do%1}VxK{{Y~I*6
zz6Zl3Mi3`Efg};2@Do&hxA7C%9SQCfL~G`Qsv>4#SmhTZ2Lv&}&q~*(yC>spCn>#f
z+|0|nus0p%Vmv5>y&?s4762e0Wavx=aI)k4`K+fuV2JX@D<|3#D9Q@KIQ)FKCZ+Rx
ze^(b-x#Ze~hdTeBc$&1d^oMkt!(ah<peGCQU|qru08Zfoe*agXhvXL0L)tdt6n~u%
zbPz~I*A|j}3js9Tv8H$@t}fMWWAQc&LmCM>-n6L|Axe}BWo24kc5L~b<zv^Mvq`cl
zs(~}iVJpH70n@+u;K2hVkJjt-jr~c9{z8Kz5GV3u_*)1!^LjoBW`P|!AEsz<5=0~8
z_)%QR+B*|*kq=ay)Dd;U9O?B3V)yytu3!NQ)&eP7z;N-P4uD*nEA$Z`DZ;8rLL}f>
zYSso5w~80axciY@2T&|ud|p&NvQ+Ahy75CEsewxp2Y@#$TM>vmQg_A4Ms70V_5ri2
zi5#Az92{0eb&RmfKoIq<U9sV{_d1YfSs(z20qWGs!#Rhb8R(BRe0~B#(qae;<RMl9
zLjLv|^|X7@t{OD}o3N~a6Q56>HS#RG+9Yc^{3af?%>c@Yj{+!TC6I8faMdrJG6#xw
z1qvuP1Ys#7v0U{6vX~bvSOAf)+$Podky{F$f3m<w!!P;nN<Q?ap+TGk$RL=h-%T*c
zbzI;P!r5A2S6VmLIJ>AU*{(T{#Lj@6_y@fD<Z)~|1^KbB=^RFi7<=&aKJtB+@YuiN
zgzx<FVgo9dAfVgk5P~ok&ih@I0>!v<sc&@6tWT4zkeh)IXezh_m`wS$@7Ph|%Hg$W
z{|6EqIr;BkA)D*cQI>z4Qn(LZaQ|)c6<enICyfzzZR*sLNfac%;Zyt&t0N&Pi9-S>
zEPOz7Vh$cU^aue&XB-^7ko_5xVw^o2e?>B+V{+jf0WnKHDIQ8>B))r&D-93b$)uRo
z4t#tkG-My*_Ae#%C3e+R3OSAAQUF>4Y`g;6@xgI$McyvJ_65PRqW&$B8a3;u=bTof
zkbK+~+F{;6U|&P}0&+6{Fx6vulz$EV=~LaYqythgv-u%??QvF?D21eLr`go)OVI*&
z|B}P(S<ykQ>(gW%PNqY>MHX<lCv*2MxixFvV8;=P6xAmpA?5;Qr7Zre3JP`YrwqI=
zyo(bjCGF2Lb*$Mpt-~RY-Jd3Vx!x2$HI*UJ22ZQ`4W5*bJvt`BYe;HBVtDl+-Z0)c
zLI{LHl)>)7ZG#}g<*kV}?Vs}Y7RtqXnz!;&R9Qb19J{NhqeKOyU*odrphq7qisa|k
zRdY5RcQ5_S@wJuszKH6}An4TzsRwIht}WVf6+8T~f&?yXa(aTD1-;<-5peKz5UTD?
z;F0m)j_uP01T=T<yj)I&mbGkukgGGUXIx*AsH};3kEGJU3DHyb9I4Y-kt9?17k#j;
z6x<-mX$1nW{<yMwY;KZ(8@J{-3+92Zr~$zVZ2GMgIQC%jx~(}J$SRcyH-JQDQc5E7
zM~Y(l_PXTTl9Ja1jd$UjF#~>e!<qBf6?~uQ56xLbCn7&M>4Ajvf^8vA4>UtlC`1xZ
zcpsctcrU&Xs*{pl+AhfhrfZ)Os1R47rSPeMuSO|yhxN_`E}mABN7TuN#mkm$kK=-&
z_i<EikW1~oa-R_^>lZAS$qlTjSkM}q*HB#D`vM6S-7D97l1v9|@P&j`fVTISh!0QT
zS!?3nvn=W<u8lSKo`t)=EiEcTK#y^&io~toSuLIDiB9Y_R_Oqo5XE21V03{^hww-6
zJIJ5;x>fQ$<bSB7A^uj|x?NW)7~X@AhD{)RaHb`DSy$5`^+E#I){Z(K6m1V&P*xI!
z1JQ`#+erT1z>nt@GrG`<5$`6&6a}j&)Okn&go;sS&E+e(-0lQ6C|i=^`<3h_<XZ7i
za5Pli(@Egq=7m>$vWjEp1susO&nr}g2d(SVR?k|r*|+1N+bjyAGiJbZ9=Tb6kWTG(
zolsF$o?c2DC=?+zn~{+iNj4%`?x5)A?i-Xo`cf20OlV?6LJ;T+1EWy8{kd~HajEA9
zSj2N~b<-?*g%>T7HO$E12k{tzqU7C;=WIm5U4Ox;o(m1o2tAd#TSksyL-WWKFs&bf
zeK(t-P@4y!KP7iWjHs5%9&8e!{45aGSu8EBb;#XGJApeiG{hs?%nhsO#$2=Otx+{^
zkcjW~GGKon`Lz#bU?0G#a1D<sGAXI-YZ<5<Vwj59<~1xUz}v^3{mi0x7K|hswHJrq
zT=Io?L(Q~0ZvV5;>HPeVB(LCbSa!K--@ciX8yN!WXY`*uL5H|^pR-Y;n^{_3f!O@c
z@(enM$p--iczhlTg49rDE>==HcxNTT40X0J<{)*jWW4T5jwt;g6k)G{G?I7|e8l?=
z4B{LjAWw5f={x`BlxWGcAW?^c!|5Jc%aIXrie=Wvh>a;bm{&cLn$i8jBhC7SN9a}R
zX?8$*KL{LqMt6-E^={1v(FXDeoN{S5OAXkILWuvc_G#DsG(xx{586?7X-&>~ptW4K
zGqHUjV-`UiHLU!#uEQrQy&j?7>1tHyYHhV>@2(DlFarr{yf`v$=W5}~<sr9@Pz(;L
z*ASwh(?^09C~D2XZ|83_EAIEk9*`QS)Rbs}@JSu*$661j<3ux;9p2=w$3SS$rReD8
zIA+cuCbz|9?yFq6@fsbY1G!2C)f4@hcqB&n!GtV@u+){&O~xWnF8KTVuMHZZ*@}I5
zT3;*}Klc3zwWgu?z}XC{d4oVU&QE#G@v|90jQQcp)#q5Ua}mDgmu`3T=pxFrRy%0Y
zpQfdG<Jazcpt5{ERm1G}Mzxu^ljEUyNG+R9iov_;{k@WqLn4XnQd0odMJH%tu??qZ
z!YMx7U9-2pZWRn^DC}o&4<BYftVR%xLrv?&$GWSAV`NYu5#2a=O+oM+kP&o#IV{_@
zze~*_vl$eB5FvwmGn+3%3-r|N4GDXB;1bo%g^Xe;B-unw+>=7T2AGD=3Ti1Ff28&V
z$Z-(|HWtqv87?bXw#W`J0EkgDJG&sV)zIc{*f{H=+hN`Vb=QAAmMA8DMX$way#@hg
zJd<_l?#d0t%z%moTA#_)5iA?)kxrk`fejSeD`Y=a8divZ<lxP-sQRqt1+B#k8Z<2!
zlcQJ!dQ<Q@&X|s0BTeknXe1tV;nW&~UK3S2-`6IO093Qs;wnSXZ;4N+Pp;-F2z6hD
zqYA7wZcMq)r6>EnY@1$YuTAb&;6cd6RHVzJPVCy!MlE~%k>*tCNy@Um?2ey}4i#q5
z0pbo>MvNaVW_EfEyQ&!ehv&adM{wE<>@$q26MPbbv*scyDcm8L*X1Q^l7k^RCsa!B
z-Q=<liS(*r@si8>%$YM6z>-Q!_dU>ea&nqNY0R?MxHF2Ph|-svzCBSgJxCJrat1wh
zL_YX_Z|MErE7eT>I<3{zzL847HEY%wS~0$;Ua)F#jvp)hSXiHl=?;{>FBxBZdiW58
z<R!m8ij5~ULch?(w(A~j|D-CG5Z?I9<Es_vTn%$*AnJE>;6M3kK-{8YVwNCyn5++M
zQ6L_(&<3^O0#hj^E(-u0DXh2Rg0ON#L_~<?=1VVMJ_YYMU*uUgK5P(5HWPa?HKWP#
zorYr{?h(YD>$M&y&i0CjfhhYswItRZn?@S$CNcAC6aBF{Cuz7G$HvEBS5@hE@VQ_Y
zeg*CZvVK~X=Xje4S~0Jbo3_(>m&Rla%(sznC|H`oPAD1CD80=nUSO@~Y1@4`7;Odk
zW5;*IEB;e@l76egN(bBK=x-@uvNd@y2_YWU&FkgaM=>*dY5el(+#Yl8vMZ6yEm~wd
zCAEBf@o`d?^K?@PpL{CNa(F@Y@X)1we#`5NaOZd-;hdx*fA(RcSl{R}7*(zasZ&c`
zDDP)TqWo|Kwj%i~ALe9|<IXR>-V`TK{$@xIp!Cr=dv+Z{hMvMB{9yBwqq$eHK9RX9
z4!ZsVO0e=5m2IvDtQ6S>xwUHrNt1vx?+k0imNYUtn+Lqh<;IJ;?cSo=77`Zr!cN}I
z9<HMFJxIF)tq{8Z;iD@puTAvSv&HB&tAqCt@!Q@I>5Ir#!J$N4#URz^vx8r#*2k`x
zS!mhKbi(+U+_od>)>A;~8)u#2K})F)`3>y0M8t*auqBztyg@F$w-}J(@nkiplG}rA
z)jIFcccl_z*5P(!!9@VJ%rA*%o|aHX1||fnU6{rae2it?JoOmXJFLvD@aj<<?KBem
z*+IrNqrX;Q-+;acYiYWNU?So?f|Gu)L-p;1@Se04dXW{$klhMWNHhS6C{WkXh|dAK
z8wM#VwywUZX~a=iQ`5zu>fJD#1Ku(c)D$uv!NTbjuM@6%%*JLfG2b75H)qKb)Dyzp
z4O#XU1mD8Qm`>@Q?ry2F*3Qmd*xS)q%%y+V+)ExI&`uwjX;4~TgCAk_=FRtsTn05a
z2^{|G0urMmZgoJbunPrbeh1`1){rH_#-<MgO!>?9xAZ5CK_kc*js&RuxC{O7a6X^h
zbyVQ6_*Y?N#3KyXH*RMy(J6>2S>OJVRkm%PyIxP|0oL}NJH?DSkAqZ!a-mS`iH0Vj
z>$}-0*79`r;+scl-C>P`{BV>o{bY2uJ2JWty5b;u3zayUhm$xj@brSkiVusFrIPzq
z+T=9r$&t)!^_g}$fFY`LoNSn1y#(T(J<~hnKI$LI39aYOzT3o&39wUckVx(Iy3fQ2
zli!v16d|?Met(MuEck=QPY0a%52n8KzuG3he>wOeM)+5%tIhTQ>b9bc!qX5G&yNdo
zx%(pI|2NUN9?$<ezKRBZAxZKpyXx^8K;?)*BobSpMzthaQj!6Nzd1B8=C;wEyJ4n#
zw9kBWP}9+-;2*#i=-?$#k2<y6J2(ipLlw5oz(5pAvXxO1fLLJ-^@3yr{Rqz8sOJ-#
z`d@nCFCW9E44Wc9u_YkOnWd*zbjK>H*6xrSo_K!7LCB#1*Fqh&6F<=7O3|WqfZasa
z!<q{@v02!CHl`@Vt<|Za<D{g#0+t|e^>LY^P3=tbf@%^)@|fLg9&GmHj9ZdIB~VOB
z9SuIo!lDcoaiL!tezypi)$1{I*B=PDK3t`<Gqi@|bNTYScXaqj$xJ3(O7L-$jvng5
ze|M&492^{|&w$@me&^h<R?~02B@9o4f8oklcHy0R8enDwO}&DS%V#rGZ?^c_mMeSW
zNpS(!FP;SvKTZfN+B^-%H|nHY7{5uI7~n<bJ*k$nUc4Zat-!6QyCQ7>j!r0aNvKKL
z!!1WvE~JpF6{TnkFi}OLYmoyhE!lHy)Z&?Y+vubNh1eQ(;oNs?<m5B~K&HZ%XxPhJ
z?a98;O^wGv&89<Cg+6r_bi-&E@?l`g<{lrRE05U8<&8Z$M*aUa+lPa~b&T#*LRFp$
z9}{vNOuxUq;mW%ZGzk#jdC1Y@LqrU6PWh}dp{D>qKTvOzGQSKc)feP16d-~6C)_B6
z^f`}VP(5j?0rErFjp%o~$mkh3GR&c)C4z7Wm}{7`{I(n;pEGhXUf0wdl+(86N+4DY
z{^bXBs0Vo{uxAnrG?8@0$Hx<wQn|<ox)018n}(T91#q|igl_!N%a_J0X{iI?7=rN4
zq?QJPirh5tRq5q}|Fa>S8}k15WGtUHg>~zmBHhSvyyAbhh_?|gLB=)IMr;_K-vdj7
zf~LD(7v#(^wT_5bT;mM={J9mh)K3?19zTEnyl$eV+-tLELNBej9zmQ%*aA1uZ~|SE
z^uU=hh7K;(W#|NXQ&jhXDXL>%CqLK>-b?=cPgA0P-&rcupt`F!JRm*1kttrPhFwZ@
zplCFFT)1F{$h$o!amRvv!~7ImUX%MGE6WsA0}=WXV+lc4QO~NYjM5eLN9@iL@clo%
zymy!Dfc{*~pheM$O1ueYSv*jrVE~EKte}RDMUwV)-0DvKO%I@~j0e!D?g|X33lTce
zxNvXb?*KkmqVwJ@8$SV=78%r2on)v$LSTrMbsT{QH-SEP;{48^z#X>)2(HSxA9sF;
zT4Rw0Q9j_Se5@2sl!5tCYk7_s77xVP<aYpx6Q<<AufFdnq}_jAz;uo6r2zo}Q3z5|
zsJS42PVKD;{jU24yQXCnM@Rw9>M`hQ2Yk14RsDO_e0^sN3zsxEhoc<VLeeq020lRP
z>g|}yuCk-Ech2y+L~fQcDniW>3Nws1RAW;3*`uSQLlcU?)N(~-78fpKGQi-DC46&+
z1_mE)EY%DM*@V$6uJ~B^V@l?8jj)!Yah`Q)rz~m)a5jyC8Fm_$dDDegh#DW2rXlki
zC2Jbc3bT4N^CYSU^n*$ESq#vEtA`k7wr>Y#vxDMTyIOfBLjdf_U9oV4%`>S|c?nVV
z&DCxE463{PW<)INVN<~YeFY0h6PEo5JPB8%FZ%9!>8aQ2hI(SsR-8D=*FEt#CPg@C
z$*uI%0H!vbg3u$rDoD4rq36u+Kpj~H)Wy33EyhZ0k=&PL2m=vXS3a8=sHWT#TRrw+
z-2s~NIFU~yvoZeZ)9W~sG;pO4f3^(Y9TI!|9dl_7UCEHEy^w2!l3o#<bc@0$-9DzT
z*|*Pw%0GR&kc=h9=qNh(8HcISRNvoK&|H~pJ&_;$e-YWA$yoYd1fM@?C?BjwvCdD9
zJcz|xf2U)_{CF;{H!gQ1V<yp5l6iquRfHkN6Q@ve9J?mLe)(YUA)HM91XXTsrk<PG
zK1WQ909g|#99^wISduV7#GJuHV3Ifievbd)dti{7pOLod10V<}?zF0c5eW(rMg!q%
z#Z<3Pbeb9=l2ANP>oRA>7B6y}i4Wlwjz%9VNZ79!B|~4O(UX<&!*jK?bOCY`KO`U7
zP~uWJ!mTmHL@C6YV1(J)JNvd1FWg#4rVZ`I#JEbw;W@@jc(C`XO%G6H=z*%OGVxwv
z;oj9T?=#?F3)G`3#SdQPw(hYA)jaHREiCoV&2#UxmNqLh4=P!#!-eE&07gG9w=&bi
zX0NsTNjaqy*Cbo;)mRq%0DVYuC>DRrP{5<3xvr8cSMuV}u3cS<G;qKyQ|oN98+aX(
z!j<0B^1Y}392qGhH#R6q31B^UHrhW*nkY->?27MYE_G%_B$p!j<{F-s<k3EESYioB
z`w7Zo!dW3t#5FVgKwz`pCQLO<Klvp`3F~}mnW!M<3^%d&;9}AMwMf{@&785;Pq}Uc
zcTTxwkKzGfJ1@lmBcfnt3qn4?>&nXgiU#o$N@DyZzto-8n+c_Z+y%GEHI<b@WEL9O
zKLTWZLpw~|kQ7r~LW~??7#CJkzCt39U*ZFc1FlbT+>ATW*Zd@=38{YaObGr5p1~#q
zgEoI`n>T09Ul`>BlROl{*vylzXL50gRhO)ReFe{LJ;jAZhe4STDfq3EDP$ZKs3fOz
zrultz4B!(Kf~-JRIVF<KMfd8s@0^R98=1|4zE{FySO~5{!f9iepePC80fIzn+$5R@
zKcG>@sntd?sRLBhu{+MU25yKrAoYImDZJj3D5J8KwI4Z9yDpyS2SJBYibRKF=?S(k
zgg5hP)1kxZ+5vD9l7l1UKn^n58|VyM1R#-Q9N%f6Qn!NL*_Q)wEIkDSGj`kW4io^1
zgY>1T-0=z;x$98BPM$t}`r;+zKVUwf^lfoIjYWXYNw|+8hu{-0FR$z2=S~rAE&JrE
zbdT#sYJutD#^&Q|=FGs1iWZ2oFJVXr+N?P<e3IO?O=#aoQmUC20gb(HkkU_PN}^oX
zdboK$Sc?yS;Vf!i7<{5x|H72!&6@{IsW982<HHk^O}S$}x8}hXQ|ThO=iqOOb}Pj6
z-d5;zF`EH*$bT`!+i}_QPyj#YWAE@ZZh9Tbrb==D!w9>kwzap<SSds7^F~Gh$oa@x
zN>^QNI_vV(0@Oi-m?rNY6lp#<4$STt5Hqm_ZNne1KzTOIRGPT>-p^kLkN;Cu&X~m?
z4fqA9(Mf#f)+SCXab&<wjuQzawKiodeiY?x0~bqa7F-xek-vm~5JX<IbHz%xr&ctc
z+YU?Kec-4;dfst&{lOs@&UnWF%F$M0@j>q<53eQ?KKE{X8uI4TSm+vzFvZ;@j}{T-
zK`Qa|xVhD>63F&_OK7}U3v4zOsu50X@C(Pzct-23o}k|1$XmLfttw=4w|(vHC9wgh
zNWEGgtsux~x}=gSN>ZYLz`8~v`ZScw`LLoOR%I5SKceDe4<%NnS?MEJXWGhj2`R;>
z8!3x7AA2ShKd>_0GfYJ_YEWS2%<bW-9spzqFkh~ARexB5Eq6~c_43;<ssVWG1S-T-
z&NV47FQIB(z(p8<w__h|+&YJL>n4UV!36YZg_Nz%-&z1Xa!Q{`*UkI)lZLkH+fIZO
zt&=bKI2ispnUL6thqiAznYa&)bMVie;62d^_8he8>s&KZP@E8L4N6Wj$p8n5_?GDo
zYMAph`9is2Cb<mi>O?5yPzIPmlD|7vH<-g?x)xIuW&&0Lb(S;kbs`{@_W(I101}%b
zL+9tvkjB=n6vPNGi9%sP@Cc}!2ro|@aR{QliuKxEwlsrAT2Uh1fin}=js%`$!q8-m
zb2I=DJXxcqkDot(-ud$K2p9h0&ieGk%Hu$>36Ry2-SO}Z`jWLMEXWKq%*eWgh%MYj
z%Z*~H$3oZr7f5xbTtr3xB+c&yg5B3@yP4}Y#2Ebxb2F<a3H8GVy-*lDeELxASAD9a
zn%z~z1YNZLFU0ljq(v$nQi~r^a!g8D9ul+M(jAM3mzcvb(}f^~$Rsi_G$a-H`G{lN
zwq5*rrW{>*Pr;MuWDSNr6rpHWtC_2D1}w2;J3BemxF~onh<T!>$3DV1Cm7Et6~sM)
zQ5acSSrGvDafZCX{u;ofn7y4F$Or$NCVUHXF2Lo?2OR|zWviZ4u&dog%*<nV^h$#D
z%?B<z^P!|oO~PChk7ru)r<fTr5~V3$L7n7tfq?%eJZ8tF|Kn1raT$DifCE_p$?wpa
zle`ZT6af(uGkhwNDX@t@p4#-K9yHlSkp7h&``}noN6z}o!97}-qjgz8;u>iA?#6t`
z=YL3`zeNW+@8NFAbS_jqnusi#hr|yMf|L(mLQB4IK~R~(2}ryu#6FP1k~rasUyctC
zjZw(=mwGIk@^Or8fgc6Q#EVz0+BFiqsiv52jA|5X$_odvVe#qz0kgFXQe{vhlgS}~
zYeiykdhF|uAFihZL7G1FyWvpE3yTuhtKuZ<U|3Pyz}!5&UK=F20Cy(#moDeNMxlp{
zB|G}YD1GcRpFn`R!;^vDIP~XaO8{%c+G3VR9zPu9Dw$I$qfd5aW@eI(k@4;N3y-*7
z=4xbuZg679@8;H?Apf>OV>n~r47cunJS#H+yM_d#V}$Gd%`USEPWd~TE@o6qh{83t
z8u++ZP7?e#fvM?SwjC;5GCzj2fF!=*kL`z0;3SU#Q=)SDT~QI>`CkU$ZiWO3P}f&-
zb90Y<&>P3FDl)7E#TODWcHo%D+@?ShTic<eMb3Mo*1?8{6}2u$$Yu?)N>S<%O#`rR
z{KS}Bo&amev`ZAeU{NOnBK1k!M&1I_S(|Cxg|BkG+Huo5{`e#WTa@S)S4EQN=iKDN
z3sPpy1-CWlYmS^1wcx*1&3s>GgL?sSG~4iUA9^yaD%n^5V@D!RSBMC3k>&@_Jv&MR
zsk;^S7V;t-C<TjV;er#zARmaUj{W3G)MIh!T#h)NUiIB}0L4VrICZKyCJe&D!*{wl
zFObZt@>}^(&@<N!bY0~OXFKAoM%%j%;ghMD)pn{rt;95`rkIPbBqI<Jbp{soD}b&u
zj*i>0xXM1R#|`~|!y_l=o`alHrC13a&{W#zq<u-Wg8GW;vF|bd44O8puCYvBwV-=t
zO&%z!0*Dn_`ua%n-5=cX*}jJ*^CbZBqpaMCPj>)y)mOOas$EtTqqZRV^25CiA|W9m
z1|%fm@Ch!iHqnh|BFb%fjr1C>BqXGSUpUXIxg9y7ZPv}yzr_hQq9@$y<|3Zd9QhFE
zAxZiGo6^KcgB_`fewHazOdC4G-K%h%JGF7s{)1a`0kgx~=<^3Bjx=dVx8cPmAakel
zd#+A7NL{1H2#y8B@EGzDNnDRM=mhqV00#sapy&MH)@B7Y2tw9LmrIgX(J$?w+Uo@$
z;8>@J5o%%Z=g-BES-Jj5Ek22cM#Tk^7?Rb1^DQAR?z%}vd|HY(&sOZx81!TH&n<(>
zH{%!NZ-yYM8t_s*okqX@#AAvsgAQy>7dYkXG*He>nJVjwtaVPYPsGR%zmr??h~!|w
z%jLVvm3srJ$-NDkD<L!Kh9(2ex|StNDxLNb={Sq+?D})!S0y^*xetG`2<n1~oD0BH
zK8u4pI1Ey~ig2BUDvp@Cx(P2c7I~Ywwr?PS-34>0B$gQYLkun!yzz2C%^l{7XK(WJ
z9ls^^t{MIQovNp&F8A{1BobQ>jfD2Y&3CcT{CvF+FS2g9<a-iXGU@fIV%-ul7QL3%
z?vPp`Bx@|KyE{16oE_`YX5~~vb&)!xmO8S0NscQ+YRhP&!}o9B)R9S|c)D?84&3LT
zyXhFaV2zdlJrRL=Pa;`VrAsXEG91(z=#{?%7nY+>tV6<Tt~+!+U8w8V|3SKLE2#Q@
zrw=}J<rozmb&=Mzt&><Xz)3D)Qtxr-h%gJBuW%Wq^lt3p?=3CcfL%HQ!Z%ygM{6xh
zrTLRqo&%b(^7d-|Rq(f`H2wy)A03^Tu|z>th-4ACZHGqrF)-}&NTY!9=@75)G%((8
zNGBBg&^00NjakhZ?$exSaCf6L;{#g0-gU~fAo>-NQQDhV8@`Z0{S|293g8$gXCw%m
zI_Hf^*HCo<iFxZeZ|)0v7R|r}2D*G0?xbByXZ-!mzkOvZekq6_Y`TJ>O=2E5m4AtF
z5*PlB`hJ=m!%V!Ji0}cQ@}98yiC2p&9`|nRq5b{$zr-|t;s2J_bVaII{Xzmqg^Mw)
z7lF#7l8-d~53n4#YxRGQ$qSqgzwB4M!J=q@xj!?@qenzSP2mDdXZDR2XGI$>hI${%
zEoC6n8K=um++M%1nBk@rqb>dD0FUmX!a)a>6;9=a>8HPhHM#c4d_1Z6Y-r^YqL_xU
zbN}hnPbxP;nYbOF?*U!i2nCaJx3csqh&flUU3(phl4I%b5vKjNxLDJU7-mo6C8|`R
z%w_a8gi=J^b<*X*(J0#1E1q?9T*k}G>xu}nxTq*^Uyh5wSxE1E#*s<v*yOcf{(P&n
zlu&6ybzH?DUf~OO8<kDBs=5pcW|`J4Ynnb&QyM|$He{F@>b2~g96fBwwYlAHz6Yh|
zlHUhib3n*(UraQ)eg$!!{0miX6VltTtu#LTK#l?DEHm7f%+Dj68^h+7g5QHl_vZBz
zKem*Si#Kq0Y4yPFWA$S~HWKli&^>i|E5#{5k95%ubOM}=0c`!b*BO3J!lx+N*53yG
z$@ua4*15jM)zY9`k*OopkXI6q>BH|n)887>3X5W^2hY|@SbXo3XnUeoG$N6{u(^H!
zssCnXaDrVf2N<Jj-deh#n3rLTgOkkrMP2p1t7|vWJ&>I=ZvBG0d<lfYvD}4vHGVne
z^hkx{EV*=!U$TT=gPN*mduzvK&k3yqEOzVxc3WD|{Z>tjfx9`LC0p_~oO555>7Lr^
zmL0$duO0|DVC}J`e@~*ue3#p?k9$C-c@hPR8AL=}1lBqeDtLGjeo33vufdb>82Xv>
zz3FuU<qG!Swo5kSYX~>Ks{vg<X^3H|CJZdGVWPqRBG%Ub<3|8=+N~J=EU!`lk>%Qx
z9~NVrPPbNF#<pF%e08}fQ+vu3(5@Xje%!1%&jTrYMc~NK;F^DY+zL~W|H7inLK47Q
zl88aXk$~D9+f6W&I&NOj{JX%TFww#b=PK!>A-eDl46M1^fqjQQCCR=Cy;@vSQUMC-
zRa&fm8rL6@#t+s3i@VLau_TrQ40k6Etrj%nX=#eNn@JA<UTZO?-4OvJL}CXYixSEY
zv7tY{yb$?qet5EfJm%&*Y7$rHfr<}g<fPgF9`q`d>gh**z6+2Wr&{uO(1z_gbgEr6
zJm#8&K8q^Fh8#c>LK0voUeNZm5U6suhz&s^$T$}~W09lxTo4yzW*G07T~M!S&02vo
zm=pY*c0)`;uT>xNWf|pxQbSr)eWq$=(4Up^9wKHSfW>&$1DK(*7|kW#Rn@(e3>Nj!
zsFsOZL9Lo{gMh{F)nO^m-!k@j0ZRu|L$v=wu5Y2`6LwJbz`fK~jqJ92tz%6F+!AHZ
zEfv)b8SI-cJZsj|vZI)qNAjAiSb*jr!h3w|fu#I)md%Aog+e^xXG4C!!Q9W|HXh8b
z*lLKqACEJ~$18Cvo>KIHqGoE31h_>kto#n~4W|Vu^{EzD43sd@^4YVSVe4)8!2CWh
z2BD5O(OH$JY(ZtX6ofDn=`A*nF$T$pZh^%~HhjMGP6k?K1VtP;dQ|rQ^o1b4Q4#q2
zTAz!#<9iZ~-1qM8J)oW(fuNGx5#5xQ9VC}2ws@B-57Lr>h*v_+Vuh`xXj#6%EGLpG
z1=T797oIy?lgevqf>q%ZYZ(IYFrD%x*X{5#_jqQ>Zjn;VZiF=cCh>AVb~!A;RWiFa
z5D)Csq=B3Z53N+mkS`8W5BH<;_Ng%MJ&X$&MWQ1}7Nh7o?_USO?i!swrslEp+$EMS
zsROGmUG$%%UB60|Qe8663aSsVi(exX1yUJClVV;VT+sjmZebpd(&@%KF!po-x>Om0
zNc<m1Ie_>o^x{jR$diLKf_x$1gf1VEqaVhDWihVv(W6Hvk^Dunt_VYmMIs)!Qbi>U
zb5SD{k~3J%&`Iv*%m6gdg~Y+fz-MoOVdaNZex+*a$c<ZSmAQF$;r1^qC_srVjB4To
z;IL!q;Rjfyk{RyEw9iE}61nKX*eT*vXbH^%bVy39IP6vu-HsBPIMkW6k-p8c3Ef<Y
zF&oj#JFYCW*U*IrNMw%gb>mlS_bcqUC~(?ciEUuML~nOU>6Pm0GqyaXdwN5~Lc%F;
zWHOCsJ4{)=Lr6Y)@s0)ad|D<rU*80po#@Mbvp6C*Jg9i{A_a%OEgc@^s8irxpDijH
zx876HaiZf0*Sl6gzST{po)*Kl)DCmw8ix1A>aq*df<AB_e;9dwNTXIRl{M<l>M(yN
zqCgkaF4ZX;xtrqQQzR$f6RJASC-mICJ4CMg;XKsfm$omd95cd<?yNVf;*_r*GdI74
zm0|(0$4kxakSRHFHcY2Lra{iH3FzO&hRT2xk;%5>wU*Y_GbT@-i~$k`Pd%2+o(}Yi
zsGv@BV5j<qpb_r_Qd1~M#l*bK*|=XW8OzqK4gqW$iE#+gNAWAXz(s;0&F()@e%}v8
z<>N<>)H|2}N?(<fOh<q#4^EZIxKYUfN?Vn@5s^K1or6M0xWIJ@+lPJ$1$Nte2XxXn
z9IK54RB;m%#1{0t*|B5Q5rg9Dt7x{R;qsT^@-atq#4mL?j=SLmw>p-q*gn{?7uwwB
z8-SB6EG(MVS%ZXoU0po~XXt6&oKFLWp^U`7u@wi@QcDkuM~?e2WAoa2UU=BNWj;>!
zfG%=QH&wkL4Rz^kG)>-Ejgo8D@Zt18`)|AmdzJ_mi82g|Pap%D#}}+ZS%tCBXZjkI
zNsc67ZKO%-`~8B)F%AK^A6|9TfYyv6Q4;BcV42{N50<Q+A3tUmi9)HLwNBImsXHAp
zhQOdf)&7JA3)j?S>`IKq`TB9ZUQ>&cj;ne)-VdblUx93#adMhl<Eh>&xBVmsMccQx
zH<pr+IfxaAGSY0|TcNQl#98a@nr7ljlfmi4;e=pRqLdFlD`vxvd%@{a@$6K|tKvLY
zsi&RJVRsbOd(Nn#NA^DM=U8f-tfy5ubB!A&n0?`0FFc;4aK@IOV1Hc6y&OPuXVpDg
zlqUxHGH6pPt)5S*kK?Yw9=8-GI*cP3gLM5VA$>s&qvO%NHv+&L8pVkVfD-o~XmUbm
z!lJG3cRuArJO~d*a>)j54Fu`Dgtp`Qo@h}B1z;cetHBZrz#zwQ^(Y%;uRMhIeM7jK
zk(Y`I_L_;daXwHV^28}m$vD)@LV?qli_!`CH-P{m5mQBtU5CXB{Y}=j`%s1YZGW_W
zA(h1!y}@yOT8%{9{5y!tnM$M4L`6jxBmIU1j)E#wZ2yb^Fv=@vgSXpFVC51O9GRs8
zDbZ`NkJ*YQrFFq~CemfNkXLSY9o}`uWZ$pI{w1TIvAj_QTxxv-T!2S$ANSNrZl&co
zVqFJg8X6iVQ_yQIzOf59yJYYlGC3gFB@G9Z)USzgV4WmU86e9BW&lyV&#9D4UFOA>
zsXd3;1IZy7Og}^J*tGX@)oKhGYIE<sPmI`*jFBnB;u5&g;|AO!N4lT{wBycR62pc$
zWD4ke(g{<bsES+n1@~J3C_KXIG&(mmH8ryE`{K1EfRKZ0p|-t%sPE1D_xxMm$44>h
z=;+;u3M1~xlOobppKaSCs~z5(A_$HG?QaWy+V^_M<FyeHMxGRgKD)gh5lRFTYW#vE
z!~%h%csJ<8v3;h!r(<|T($QQo@PL#H_=L%@*v5UR&`dyM@PG?!eBmrWJP=U&B1R`g
zZ=b~vwQ4Gk!yxQGir}K=^hmbl!8C4T8moeNTCK2_x(b(B(36IWB3&ByXfxX(Z=CT(
zO}L($7@h24GZ08s|8*YLP^%;?!aQj;I20p%0s{k!7CKWN1r>k~xa-#6)8h}pKno(9
z4vITsdO#53C8wZUE<hO9jy99f`1sY72(a8T$s^MuJ}v#ufUt)Mj=l8ay`hLE8w=8j
zwMBn5tb`B%LjRq(B)}CDj}1yK$}6maR6Mu|V1fKs_X^u;wt!gh!;>}W*d{^&69}Q6
zKSs5a$Ud>y78_cmqerNY38N?c=FLfXEM)Ug)`H|D$~+Ynqt=PA^{doLjR(t4Bb_Ee
z!eDUI5_2JR23^K^PYT*oDhAP*@6TS5aZY)9pg=mWOt<w(vJS0&w56<O<MnHxWhe7I
zU?C&%Gs{hmuy~YOTTzITKp%2`5qt}!N4CTvcd`H@8G9SX4k5HP!P9Ag&9`c&etENK
z!v^`ZbUPDf0O8A!)x&!sOhOg|NQ^Avn^o1>K|yy$`1tt?aqknu0)SO>1X)TojG{d4
z<4s-x^jsaJ1#u~1A~=O`EC*uZS)a?w0`5IIg!PZdLmuRYW_MwT%jRMP-N1nix)Ye7
zZIQaKK(JaE0aKjPpeYT@R$wz<dblo&ujL*W2Ln#yZ_E`Gh+1HhxZ{t4;IFOP%}-c)
z9M^~nW~42<%F$H6YAmvJ>@dWbbrI|iOJ{C&h%S5l<M;?I%!tk2;4xY;-fkDbR*-M7
zj2vkbr;pXjc?^jpaM61{8Oe=d_tX#WFj+K+zJA+^TUPEKU{}qb=~e+OOMl!67?;%K
zsQ-WVz35-Rsu@fzcspC$nvd4>#4pq9YT()=@bdSzwn${);k=%*_=yLZRMghyLoQj6
zs>B!r=!loH(V=}NZV=+$5Ed3bZ9#(k2(o&~zGjhMLh>fcY0C)DO@#9RLJbYuX<c#b
zz@HCYUe$5byZB91&AY<^31ETd<4LSov4V(WU37Rbwu?e}z&UubAw!0+H&~2-KxPxC
z4p<=Z1HV?26*;`rWkYQiZ0>%Bv^T7stiu?QL76tnE&378->VjwJE0Wq-1Tt^?#V)&
zT2BFcr_*xM(y1~qg#C)Lfr|ecWDrDkL#RD1kxi<6$<+Fy4Ux>QXYNWuVbnNU_mRB3
zh7GAbLAorAAkio)#t~-kQ3|CS>*y)gG=`dOL0UMnreFdh_9!5ys1$rTv0@ZB2qxpK
z1J>##f7vc?d@AN0N>!n(>MO5q9zaXF6TLcIlNXPdhS;-2nWt%mBn{QsO0zd{L`&SG
zAvOeLNl|}c8r4BiWuq}|e)n_FlSjA(PbAb^U#w5#8hed|-?QXq%V&nGGdlLxWpJ0C
zV|~8U-B0g&K`Y+?hd}sr+i;%|h&AQ%7<-#1#Mg1G>gi8p=q0iO@p1|Z`fYRG!j$=P
zVz88OFz;4h&VdB&(%rlBF+3?Dq`k9q8XlE#u50inTRjm7_s%#wA0}^`0IwTehgSsz
z1|IBtC$?Zg0NFl6fUkvc^P==gnAjAljlE=QW=2MX*vC#I!|Sh?wsqDf-+Sk@4f6^}
zWE##YY2%iuUvb0?UzU}KWP&~=7EZu<jaSd10!04jqo}Cu77w9%!7sP_;1o$QJ$Z6k
z{DB$BW;DplSg4)q7#|+fCU;{OQI3=FK>WU%Z1+fxovrPclkDe`Y|Z928oHULVW#+e
zzwMXMzyOWk*W1@_jyY8zJsu?`X|)O)b;tNGq<PoM*|r|>VDzj^<4phW1#oA?_S(RH
z;YiNm&`%@JVY39VjM&a&1_lO;F(s45`x)01(hsLvX!Tw>g)<i-9YN$=0(+#qLVZ(k
z@TfnA3Y@;86WVLnyRg<qZhl<i2nTW12iGc2xYfM_g?~1CL2-~o#}<}PipSWX2yV==
zdb+GFqvKw4S=me!Flgl0K{~@5ae`ZcG`SwNGxeRnRs}94{C{wl)52yeZuZn(H9j}7
zU$>G|JWZosvzc9SIqn5Frk|7jVInY{b|_S~p@W$gNUg7xGpVVdONL(g$>z*XZ+o7e
zK6j#c4@eqN^|%Tr>ptI~lzVgp*Dy&SfD@7rZ)m}$b2Bl)ZVVW9_V`K|`k>u&$CPL?
zI`%@?+z2!-m&WUIKNDqM01jE}&AsKXUQwWdd;@7W;r4>lz($inF%Y1jekImWlvdmM
z%gyU~<GSYH=<$Kq^IdC1Sy@?@_z51Ggq6d&bC*%&n&#=nlfN&dafT!?V1AoausNm+
z+(A6>v2}Orhe5M^uTOsh6&HXrKB;Dyws*%$^tt!S-7e2`_x{$JNZYe#1}?<4C(1;h
zG-5xK8XSjq>(p+@7C`R8YciMUX|f$+J6$KgLTPvrI!BO6roaT&Dk>7+ETSqaj(GMy
z-tSXSJ;KE4?lP1@GkO-&Mu*Cf*or`ykrIVWA^^5ROrwp8kZy(=jRO#W#H3ja>qMBb
zHRITYvNRK>=K1p*A#c2nkU;#b$sd|LaUg;jdxN<yS5e(Pj*9w=$P5ASWS^V6M?`@$
zEt#4VM^!TkvGXv;{^qPcH&K<r@m)wC_cf#ye6Vz{-l>K2Nlw+gUJm6Ob}uB3>S#AX
zPF==DE$ac;hYZ97!A(?&s3<2v9q|gIdlBlu2N^%n#z8Df;{N~xZs(riwg#z@%y$f1
znu_kJ7%Gs<q;7(@l_#QM#2Jk`;`cv}om4|*FDfQx4v7{akVfrp9*`nh0KoAAxGUfy
z1|ly`^nK9F?noD)a?saEP+9)*^bZq&IN*D_0<G-KnKPdvM*&*o8AV5_4#^S>E3scS
zmuDJxA~QCf+bG(g6UpR@9_r;P){fi?%3yCuWp&j1-laDGx*~0R6a8Wa_BJqUM8}6}
z=p#DYBH1=iCYV7IR-H@l&5}?}8b~$9A)EB_<$a8>y@Y{sYthNnKGqZnF4n*!v%a5+
zX6eyjN-1y+4>WH^ty<dJ$59j>W^n*t9x6q4<ej~B9XEo~F`V}<P+wrL=1?RW#cp!y
zzP&H#lzCEn>PC$J;1-v?e}5NeE1F=jH8L{C1K4aB@I&Psss!e*+unOaJFGsl@2t5N
zYiY9e^mLj=XppYEJ41<b)#Pt20OXs;z@q7vD&UtAExOzHS(I9csWG0S*mJCfH(A~q
z^LXC0q275tm0zp?W$Lm7cX>wZUXgdyvO&uLaE;gG0SlclH_r#P_6E&db{dMpz_z;g
zw}SH6=;fI~d8MdhtCog?`EBNMHVlo7oCuhn*^JF(h#U3}>Q5U8mibW4#lO(aF(4<1
zgw;X1r+aCptZjpc{Lm0XCvv>-nw|PsMv!_>(4AgQ4QA$tr8@J4PfMh-6C+u?sLhVU
zLuwuq6H^9tJ3*j=Lqij_^ha;p1u<oTt#53ENN5Lpdo#cyrvSj5f{Ig$MZA)ypr38*
zKuIqT+6e>$##kSNHRBjGug7q)lwr0qghQz}Z_W-(9kivPn10{b*qB!90O}$M)qr)-
zvgCvWb26&=d1j_%QBhG6zUBvd+uC@Xx|T^NJ`?4ESnF(SwW6^Gsup{^{qU+epck!h
z7zLEHom~%&b>EFdfTfr}L}H|nMq8G=5>W3cNTH;TD>`zwon*HjQ7Z_brJv;99SJ}3
zjiX?}-;6Gns>SmCO#AMi5~3Qkxh8|V;sp18in~d>$RpcvT-W3EhkuL}W_l{^<kb6)
zv!nI$Os`d3$CdgF%8+#!4B-@pOQaUIU`(LMTM_Uhd|MpbYFyAmms=^3u2Z^$eNV9W
zB>Q|$oX0&>k-|ov`P;wv4jIA?{1bA;_%GKJWpN1tVOllk>i^TXFAL}zKc%cbP10MC
z{Ofw`)(M%o-OmkSF|%VrQs$I%Z(}8Yx*GZWx6ge>njhMwxpNIWwfO$|p0r&RHCtr<
z{t1GE6X#FNGJ+}fFPqvVq5G$y`<*s(=BeR9)OddA+m+5^(x{pYF2mV=f8ih0kMHMc
z?j=$Ekfuarzd3K+U6+#0lKAtI6uoP`<^d$b0cZWrKrGrFTp^@)N=L@ucL4~wzH6CS
z6@)$TUfkQb<e>Y2(BChNVfAv8pI&?c<T0u4<AX8RH2Vi3?GjqBpz&0j@ZVn*Wq)#W
z6*<drPu)Ru?x+du9ta36@o0h}7bR+Th0epxuagX)lZh$W#<Spa0~URBc{4-`l2FSb
z^!NfgGu&_2Z{Nm-q@WYHggZn_OG{8x)EA4--inkwZ31Dk0@G*CEI^Y()J}Kq-Ft(M
z;<%@LTisk3ZI0%;wx9%lRIj-TawfkW{`1ISOw#J2F0c8v2?aSMH#7D1^&Jt9OQJd{
z<QAXp=e<cGDq|sXsUwv<O}?N*!%AH%FHa0PI4=&$s(tmR%YPFG8-J9>b~^9sO2TUi
zUk?jT=uu2-2aNg#f7IUIPOe$FV6%sTYY-_It|>CGhUDbh-HQ7VO;fs^(I()VC_&{4
zU!~!pK{<KZSoR87X&6V#x9nBH<q8UvU@1hm1+6!Eu>@U!!k^N@kx}%VCPT{`Ls@-?
z5%g=x34R<_T$E<;;+zb?SVvbat^b99Sy%PKQi{z?%+F8&RC|6J3Z`Sp5SJ^VJ)oME
z2VgBLvuxR40rE)(sp>WX<if*;58LRprAwD4Tk1`#p`n%_BkZA`haxsP{Uvkk8})y~
zUy#kogEhu=MwB>+G!?-31_}kNplJXZ`$l;sI@w|-O4mmg!cbs)p*gs(>LG?+o(xjl
zqe7hsoZAeUTp)oWpFS1Df`_uM<0Gb5Uqz#4ivEE3#UTRmL22#K1#K}2JhpEyn-2|0
zLSeIL!AQ#GuSYl+vX}!5wa76<tPoV_{wC*HAd`tF0a5T-!$?m#)%0>cGGGicPcOW-
zK=~4U8AK#U@n&V-8St_j=PO)U?Wz9v#t569*n$3COE&a5jE-^c5`u!S4ka19_Gp5>
z2S;*?Dwxx!aN99I#{&m6g%tW_)yXw9w9Kb4RK2kSk6HmhEqe2$bziQ|U1P9y>jk4c
z9NoVzl+kh25htLcm}A1hU)~81mpB4tvxB4KF(_~km4>7CC4-&J&t~6WsOEWpuiWa@
zW>~}^6GG*SK7kuGNI9BY{VjP7=6qQhMBN8tH1&cB+LR3v+C#upp`jVEZzdPy_!x$7
z--#P5#N@?_iXiQ9)dwth;EXG7l^8&J4mKGgfDu5)XSzT-SU{a&JhAR>03_lLT>ycM
zCjz&f;##lDYm<xd#7*{O0B7z4MrWm$e31c)NCyW8{D=`qGM*#)2V^%&mSd2rrN?n3
z|14wCRy(y+cIe;hxVk(IH5bvrKzQS%GA0BqHfmY;421#YqNj>0>heB)y5z7YK&R|c
z2wS&0IVnN@BBN4-bztBBzO0NO6A#{@&Rjy+WrHI}NPNhn(&T6v4(eA>>lm%&5V{Yi
z2O3ZO2?bNc=0QB*B>P+*0>D;~@Q9CS%}YEYB0sQ!3{LO!K&8Lm(9jRS|JUD0#U(%|
zq4;305ik*RjKFDw20Y-`{N;;D#~_*%0Sw?qjrWaIL3>52=wesx#{HASKQP~jaDn>@
zLOu-P)~;o<;r`p*Hpqv%k8**O^elW_``H?0W0AJw{(eCz?63sx?B8dtW9-=v-=HBU
zns74DAx_(X8!tfm=J4E?FOksg57QG;qX@f*&r83w7)^xDTKBfPpo{V`^0KN^rzRAi
zv>p;Xl9!q)Pn?<nV&hFNFR4~F|As)fS<YSCdlREoL!Ns!@aU*<0CJ^|hJA}mJk6@j
zZPZ+GtIL=JsDJ=G5Xig3dSTtA&hD`iP6*fKw))cm6@gyeiO6kHi!sFYDvk^=yW3ya
z;hvXpFQrEg)G(xzX}|Bu3H`W<J%-qC@ajYl2Av>D$-y*P80>3eQh#@k10*{dN{?Nb
z$-7!KZ;*#5v>RFIHFiboZB$X|K5$vJ?L|(`BNQ13%29{$0fOg(Xg@0n+ks8!U1dXC
z;lVVrz&a#-)p^=9@%i(4blLWY)lBeaCOY*=AwGY83k+C|&Io#FYx4J_YPqX-htObe
z#K%V_fu1;V0!I7&yDKoG6((;i%*uHEm2Z!&LtfO`F8*vGOUUV4y1Qq<n~50h4RN#h
z3o|DQYf~b7bpET&O@Ha_+Y4~wN=BR93e~(3VevmVbX1o;ugoG<cVEIX6U5LP8hX5I
z4M+`V%$V^MIT*pi(9e+&3zXv<X`IdIQew{L<OoI%@+^j-7YlPc`Vbsvf*8cDprBBB
zyz_`>GUhgu%pd^1t)3V7&`3<6HzXNBe^_lWrRdH1;R$biNj!9LwBvbuk>d|{EQx(M
zIOq(!b7Z9Cx&Ed=%;xSZ;ZH~3L2_3xabgPbk9mw=!fJxs3f=q_6zofJgQ4^@&bfng
zW#uybU$grVzbrK`05`H34#2faN>eE4T9zPj2LNI|;Hygjc_cwgZG9ijhfou81{^#%
z7r}D`mU{5+^lA4}>M6EZ4hQIG{=0WGKnYFNb=bPAN}rY{R7KWTeF*)|*jT;JDem&$
z3rulKU&JpQ6P7rz1%bkOa2pZO3<HY>;8`-oE0O9#&U!wppH3w1i1(X>p)kNVlRCG0
zzvI1tTYV{rZpc}$`1wu8q=|}XNI=w=+#sqLL`(@f+q(8D^#|_vGyy8U1E2M%_ms#H
zp{v{n&P}gLX9_PtR(3X-Uj$%BJoNPM00$!b1KXx?=FC$g4pF?}bcbQ85}gW}re_<5
z`8?Bzg&wl1{-q{8M-ZGyAVnaiWV$S|9O5(V94jm;w#3Ip%v}H=r(l&QVUWPyBhQXa
z2bn80XO1^SW+W;QjxJ+Y2pm!5;pbd|767W`t^?;BgpD}n-Nkj>F>+EtN4^bPh@>6C
zk7Awcy+=HfBY9%tL&gL?$7)Y=rrhs>GOBAgT%edE2!#&Rddne3xVPDt<~m;Sh~zLq
zr}(0X6|$M1JWR|S0G3?0tnEgKPspztc$y?v>oVm`f72Em7aFm&Ch;n@+zHFqc-jLv
zxd}D^pH=~MkVsnj)M)m1HR^J0{v@RhgKm)P-IMwC+sM3tvU?i@p!X-?B1Ccvca@T}
z!S4kisQ%Dmc5QXV@nwJi|1_c3ThISFOG&97qsjZ9s{7-T%5DEH$)^%S55;f$B=m!_
zBw`4aHh89Qd5M@Oiqn;7Q*l7{v0y&hhBZODE@$A(svxfjPf8J$H~(wdY`^-wk-D3E
zRc7ZW0@dyb!Uja4K?Y}$GSRAFm}=Wo43ssi3s=|I{(d5;mfeD#fj=ukp^)AGaI?!L
z(2wRwJk!Y@Q39q+tfs`5iIa)ciNxqmAvLa2tqEQT$T#Cf_1$ucboIy!+m~!ZpSYm{
zZZt4hnC&JlN_DUa;0!4?P*<tSk7s(1)E%N5Q9Z|(qX{%MH=l%4EI3xYa^woRlfQpH
zZZP_WY)~BdK;~`kk0Fk-^Hb_l07P&-*h9i|doS8VO?Wxx$r?|i5V{vT>|i_SjMost
zJsvax*DMyj#JjTxTjCP1U?P}>4*n5V5SsmOAAOi|%}B6Cv3UUi0dfX@ZBHmPFiva%
zL4Bb6CtCu=A1}on@{jX_->0K64>u3wl2(%lhH*gyJ|&pD^Q*IHkqxj3C|}7w1c3h3
zm0?Y}ke#g@dL@JD{{R<J`W)tPc<g76`hZ^veR-N1l}#+B#P@>(OcN4*%yRO_#!oEM
zX^<e7?{&*t@3#2^3Luptq}FvC?X9h)2rqc61j@aHXH}i>l>sd#u8;uv-xpLunH_xf
zNE6)bV=efIpgu6#OeRJ!)T?B$WI_}lgPO;f9A~Hry~G6|fvDgo`HRREW!blyT3cU*
zSJDDP(mSdiDp7i?p`1#EC40sA{)31@MbrBY7%MVYcqr&e&US(6Y-u`TXc!6F-U7Y{
zfJN%ub9{w$dWvb>&AlTcS9Ml#Lq2lqyAK~c=tCsSfZbPM+fXRPCWQc_gYB`s0>2y8
z-E9x&5k)q1(BS<d?Z5qp<d=%gteb&P7n|K57}q>pA37_|)gL}1`e>B%YuB%@wNi~_
zJbps%9~^eXl1*6*iWvvS7>w;tVR1xEp(#dl^FQ&D#Zn^g6+KQ*aF8scZihu--2um5
zHSI5)_jAMZ(rWsFt&r%VwPyL=CjzehDi$}(Nb$;`Ln1=wWh+-EYM+Os+4#jde$4hD
zHVj;4SZ7bxy$5G=UchMCiWLdQItZL-d|M+K)q)R>;N%!80&riBNX-v^9A~E7!E46B
zGYN4VFL)_vj0pe;JQ+iXE+AEQ*Rq?jx_h0lg~Qzkr$d-~8TE!KIfB8PJHFGXV{UMA
z*N%*2$Hv!Vci9@LvxaKq)YK#>ACO-|AwF+2{8m(kaD?9|^~zBDbuv|~NRPcjqWJ)-
zS_{WSMZGF6=7lljGN2?PqZzS#2xScLv+Pj@8RdtltHw3Umq({|Z}V*;QC-K59W#aE
zoxBaq8-H@MypC3wB;jPGvbd$AgBRx)@wP*&tKNE0%Nyk_aYvFEG=zW1!&>+f!Dx><
z>e4yd3#s}apv2h0;wvnU%_h)}b;SY~M$KV+4BcB5yk~7umSa8V_w&Cuvxg=Rp)Tnk
zfj~$#$Hv5v^@zrqN7rFtDj-daws_}=tFeYDAaA0tW%LY>D*`P75!OQz(gKSS=6(3>
z?dYMK*995D989@@^_J+4ZS#1bWSaJCG}Xic^b>XvK45c&#1{leRj1lR$uXH`vhJ?d
zfiTqpr70dvfuF<VM3a2~nd8prsg4)E5LS8=;6o)wj0H9<{^wO!&oV;AXNILm;#@}`
zK=Oi$9)o{y^}13hB<%y}FTm`$GPPrGug8kZOX}R+zT`D@BB*axc56P6?a@qz6a=Rs
zMoGo&x3H6jdK=gW;m9WTOC6v^uJjfa7k>lP9NvOPXMlp=`l2K3+_kmqIFEN*WY8Rn
zW91^57_%Xc<f?6Gl<+#kt)+i0hN!Oig=rLPSs|hd7<J)t*lX9VBObHG!Fzt?X?bB)
z;32Kdc}h~CFswv(oT$oJqXE}LKnyQHpG5j|@WMPN`|0XE#mE5Rq5Sd0;miV7{S+Kf
zO!6E7l0Ju6R6<$q*|X;<CK?mv0jRf2LjdB+_-CU_zB)E`zK=RcM%{~UKED>V-|)2*
z<<5^ZpfeAxSpXM}54gLBJ!cmVr=YI^;VlM`fqW_Ab$PZj)=B^8(f3*59lUV90wLL`
zGU`HT;u>cy)phv)n0xbRs`oa0cxzOYN<}1TP^k=w24jYFqKrj~T~tJ(BJ)%zA$1yP
zK$NMHlv(V|6`2w;WJ*ZpOxw2idwp=u^PJ~-e(zuJZ>@K&v(7pvV(;(%4EKHA*Kko9
z1zO0<qnglR0Kq?G3^In3m*)G=LP14j0!UthjMaqxFFKi@;f`-cb3Te0tvEc4gyXow
zKuaVM=42p%?M?)Ngw-GM!^*$E83rJV_z1*70VR_>Xl`=QLh-N9`tewu#r7a;LJDhr
z7g_7X?gmaUO*m<Ma7~f;Do|e*0f=q+5&rkNnDg^ntpDT|Apd&mUFHxqdm3n4q_pqi
zlPk;rE;r8H>UjLGuNkh}ZNBF(kniSl--U+%`YEaweS7?1)o=o=`TBMU>5l{R4Ons~
ziV-GN>csHceiak4HR9s0(sEZ%{rJR1wo$X$C@ADme8jwkky?zj5qe=%enPnDwY17O
zZ^;XQab7?qFG!jNs);V4?_k)?n-npz_&KGGe<H>6V$m^?yE)m}M5C$<qpjP8EzQlu
zDM(lh%+W7jpkDC=HU(W3K~6T_{rF>HR~npK+*fbkz7zvD;-`wc$_8H0qDH?)RVUwH
zsGQFy0m_+ONW!^{j<g4q%Qv;#L3^N>zSxv&u>_2aj?d9taIv@!g>>J+=XxRu$Yt3=
z&3e0MFh!3L2MEP&f^J6+7YqPvpenpwun2?Hrluz0t#2d<FDlG+c*Uh(HEcLe$s816
zcBEl>D3jQpL)@-Fb!|mWghQN|P!e4@Zm@HF60JOwpO)ir%%d{|Dk2J7;OwM=BzS>n
z947lfm%LE&6In5Mqt8wqhW|E>(cs|V)o}a)YR4^bO^XSoE}1!DbcKO}CuRp1#;9=W
z1;!4M%a16)GM;FRz?D$BOZ`uf@L8?GCo(*OpoCn&7$=cA>84G8=rR5$SZX`Yez%c#
z3@K+M_^a9YLfWzQ$m^VoDI-c9-;X0Eb=0E_K>R9BPU(iS3KPG%fyY1572x{`_(lbF
zJ)qAmJG*i6lT#lT>6}lEI$&Eq#vqVre~E1!CV98ifzjll&rU1F1H1}i`+oX=z^xNJ
z`>|1fFomjZ9j}!!U|+3<q%0f<L^28rgK(zoW@J~RS}P>Bv(33zN%CAC+JJ{I80|)g
zR)R2Y78<VKzrJz<+&RSGI9d>2z$-Y9d@%b4n-&^EJYX`~*9<?5cTm(5HxY~-ZMgTU
zskLHaO62me_4Y$YoK#HYs3;~|fG|2RMkR0=uid>UoB{7zA~z?pUAV-1ASn(FDun{h
zlMm>ps4>$zKUY+c%*eaCqhqA4A~ZWp5=m0jquqA%QG^|Scn(D<s+qkA%Yy;Ly9pca
z>k4>lI2LoD93@tiSQ2wW<X^@y3f{Yu>8FIm9xM+cx4kPVf-8IRiWP);6)R9&7KxLl
z7mo-4*rBbVID)ewVTj(n-5bW<YXF1$_>{K$?nn0|15NM=bfKSJ{)xZdmDKjCP*zfU
z$D0dWknawTU{1gT(-yi~t)ssaVL;P@vP^f^zHJ~NfpYlx>C>klS{y>h==3$Pf&;|`
zluSSix%g<FZd=ee`o*Ais;xWYR3HD6@W;@29Nr~R56f7JmbSJh{&x)!2AqOQfED{N
z^3v}<dl@c~IC|J9z&$+)0Uw_-fcB;Z;CKFuYnDe;>y;~4C;W?TM))o$6XnPfpb$tH
zdPuQ!A(%*C22($mh;IAfl#8*z{_Y<U7-Hp<?wmpr3&EFANh(EM)CAH$9{&sqTz6Cp
zh4tJ_zYF4MKwFE|*AyM*mV>}pu!t?uV9r$hbV>+1WHM(x7$zSlO{*EMUdlodlqR{2
z{8mhh@NG|2S0%zFY#rP}50xl67=xsuxaO8(tez64=V<nJe^PK`IG~pYZINBu-3@$<
zA8-TlWR0+xf?$58x_=#kN&q$i2cjAL(0Z{`i1j~S5*9A;sy_B0EzR+EUcc-(><3^U
zTVSPb?9#7#*XnNBKR$x{%fUje=NhI%TL#4O!^Ck41)`CpPS~=4$m~U402bAG2$gy!
znSW(vi+p^196&2lZ3oR}uD4Ql14U=et#|eHEBz(FQ(}u5D}NLkdIO*$Aw$9x`bllz
zX{$Dv*|B2^h#jW2i3U$vcnoQMQ2u<M-=uZ}PIkaDAQf*w^F<iMNiK=`8^~i;0G|VO
z5}^bdz}277grTimO0j{0{ROOcam1GyNUwf5ku<r|vBvTH)e?sj>GvGU)&NVv@ETr;
zXM42x8qC66eIQ^U$!egbh!RD^0~(HldS}2_Np@-*GsDMVutMNikuGXOLQJgQp+n(V
z5#*#sBsd#oiSN@7tq!XQiHm5cZ~)sNL5#4XiH0QAHmjdw(GK~^e*fmZKcWZgx<VI<
z-TqKn(be;~I`qNOkqq4SHmujxv^+%(CgeDK0OUy({Ag{R322sN_iek+iS>3^hJCGG
zmhh0fZQq3DM;_V~o$1!SdxQ~;mC}R~;~gqryX%@q#{%xU$Ke=RyKC19#ZQ?Brx{>P
zy{GC3{|n7)u(Z{KnBnT><j3GczV+}S2W~I|C$_c0Wkc<Eo7{osX^<Bz?=L?Vw#5>S
zC$R;_>wVYIAn*-5&`oeZzk<b^G`4_KPjIgu%O_5$Q_1!|ZIktKyn2quKVDo%%R+gF
zrjk<m=zz*^UED#aq#$PJLg7X6z<x8uvowG>zCik=j2l}^f!ZX_T(Rvu?KP~9UqO5)
zUQp@wm{<YhQ2=^0uYM^&F@L+b9py;s2+DrYenq02Eo7Qj-=QIV^!tTfHv|<*jNEj>
zP&4ED?FXSd_x*eJ__qVsYXetWwLQFlKN|_GIG>5%GKGSXKUT!jp}_PSc#i%DYv{nK
z=p#p6Or%aT@on|5ITkM53#>lq67(xLeVW1etpB>nq?XE$C6k)^yH;KMFD^hT$;aS@
zEial&;#sj%MkW__2Da$uAuk|?Dm_h~2KNIlL3<6>ck4n!T)+@t+kD0hV28eg1suPQ
zpFHVB7znO!H*sx&T#XNdxt(@DmyUeDO=x*vzup&JaAp<`)cX6IlhB{@nu?4VJp)Jm
zkh;0c6za5<d*t~AFiAjV$OV(c2Cy>5PdA*8g`vKHS03psfg%y#bU+vu_amP^J&sEU
z^m!HdmP1Z=9I!60mlpH?1l)>@5f^yitz;-*n;!OmKvs1s-(qKj=t6R8p-(5?-Ds#{
zAC<fma~*(56)_y?$KlRH5ZSqcE*`jD2_B;OX%8_S>^U@U`tIx3BW-T$>4`L0I}^MF
zfd?xwwHjp%mOlJlK`bWGk2C>dq*yF`X9Sx<lrn4-S+JO(-qv<}8X-EUV2O=Rd@_1&
z{rR6Dch%_|eb#6mFf&ucn<t1dz_7b&C#1chlUfF>h{RwM%V0omMA>9j!5gYiS}0sh
zq<bNhT@vsNAnF>1!NgGdaw|{Y??US2x*qs#V`hjv`DS!PP;seZ{UNy_c0f!I*eI!0
z;kJ<tDmbb+3r!b-xqyUDqSXo0*MR1h30Qc*y*<PpL~vqJ0#X;I5GFu;L>w_wQWm)z
z0mr^}HBHeYuV>+KWuHHPhAAg$TVJ0l;@iqR9B0^!?NA7b#fj6WeF$$EIPUKJ_iAB`
zQ`-pAPrPg~pdxM|M9%M87Ija)n;5x3%5?%H4-~WF;^Ix`X4Nev>6qBs7s4<$rBJXn
zJL=OU3Aq`h54@Ni=1jAIW1?y>xdCb<L0lmKfA75Xix=QrGcp%24{52hrdcHpp!qy>
z?$HtFWPRuk@YUJvQ~=JxnxUKkoH4vT4%s(=HH|0v8`hz_BgQyjWAU2eAmhUY@c>0#
z1GwmcsPxH#pb!b33orvpUI10onK1>&YX*8rwdFT@$zFN(>=}us!2$Bq<>LMd*>CW@
zV?c(rTOoY9ajJOTVY~LA64MvO>Q#hS9*4KgCxQ9pE$I3j`kL70EL?dFWjVQ*_i1RH
z?RhobR5?XR0?sXci%y^!S|b7h5yNSK@Npx5aUo=7{@Ic#Q+68kE{^tEH1L-FY3u8$
zS0MX_(`&=x)8=#boea3eJ=rcymZl4mt}JIebcp>V=Y%`+h|THS!-_%fMdHV=E<47v
zLhddlsdKy8!nX&*e#no=T$pu(V>!e0qx)eyyg`RmvVgL0wrkPWsx5lYJ7dL_yqi4|
z8j~;l{h(rN=)?*!u{)3Cp4$nhag=R}kg6R$^6q^l`-_2jB7z%34R4mt^kbV@cB*`h
z!6;qn^eOMwkloGwAu^u?4nNt3Wbbb)R=f@3-y}+%qbu@ITx3AAzw4%uc-QB-^6jNN
z>^Dxmt($uz1{-e)6sVVPeKzxCoZ*x7XG>10j+}3&acTE8TD;%F483t^rpCODMSPO=
zW<lX;yH**cdd$7b^`!2B)F*+1Z#L~$SJpN(ym<AmHun39)%4KiaVtGvUJPj37SD|z
zI+J3MwB&Ww-i{>}-fVSSCHnYx&2h7u(HQ5`*I+?uw3^c)e)t#@&u_&`LDyMf7u&_3
zrt-R?;H`{W5G490NwqQ4S>i>+jBjS8If<6~NwO#5LBHE^Nv?=UlVjg%|GE^OqnXjh
zOe%tV3L;b;Y<|ad1lykK=?-vH3p6os+{M89OyQE(`okU`d7}I~BJkpQ2b$P?WL>V^
zkTjb?S*Nq<QA=xoPNp;OK%bCP@7E_wXbq$NeexIQC@-7OndL4hr@&gNleUsl_VMcq
zPycKgP!&>je~(8+v*g_Ov5#a%6)8WBGYoHU4>R3&Uc%?zop;^O<5ycXJWwBzbyy_I
zFa5YtQ{ja9AM@yf3NJqoOb?_M4g6YcUzS7ZcvC*dXoH=1WsTRkp@`(=;>2YqqoQuE
zC^~Mw(OXZ%(^GFo?9!WjKQCP=xwLrk`$ya7snsQV>Vzw%c+C=x8?Q~ei6hKEWyiqb
z_`QWk-c<hR#i~1JUE?7+F`oObhFA2Vw6ECP*>~c(p1_yav5B%2?$ANZiSy@w8Sn-N
z#~i4Z-oErppkS-l8%Z~qxt#j?mEuuy{=B)Q({|AV!5)&v#xYK#i+ZT;pFVAPla$|W
z*VX42y`g0Gtj9?R(+v`vOS#kbz3H*aWqc>aB6ROXtu@(Wi`S-(u`~`A?D3toi-X6)
zp9X)jSA5%MwS!Tg)|`7n!e({4sL?Y%X9M2XPa<p*5Af?LI9|rDrAzTm@35Q84^*}Z
zEt$9aR=?)QXDd+XYL7kTJJNqQ#)bXyl8qVb<%1P&-_~|&n@?G7J!J74sq5rkpp=Pj
zU&^yL(5Izh{YK~$9%AAyQy0E*>jHP61C;m3&6~Kf$~)Y9_A|^_g+Eqbov@4#Z>ieK
zkTzR5V)Ws@q{U~su~x2nhjsyqVjI;xTy_V~lGvpo&@i-9o#y4UGT1DKAMN6$_X%P7
z6}CE$^f`l{B0q-3Rm2)N!zsY*W!cC{FXz$>okjUBdUQ@u0RQ>Sl1~R%^_l#UM~+DK
z-o9P#Ht>D#=CEnVXJ641*4AN`eW|LiCmZKeojVP21-TrQ=aq8LU-R!s9ckNPt+eKL
zcHXyDH}|c+_2KboBiCWd#!tn1GUi&&@7O5&<Bh%Z-cf`XF4Q`f#n8ADA6Rwn+(u?2
zmz(^0R)*ITQEoN0eQg);h>n@o;svkn{ld|3INm2Mi09<t!xWF}43~+Sb5~1AUMa3R
z92v6o{(W&+m=}MXf0t_&g|e!8ljc~*Vony%+`m4W_S-Q<%Dfa`&*2S96vZSR-)A31
z82!43t}Ha5XgO*KjbxSF-e_>>OJmz1i;Z3hyYK%|NwaKj+u{A}&n0nZ3cI`0)MYHF
zT&xj;YI(@X1|F?^bipnkizO&GS4d)!tNNWergpV~hxDI6{lg(tXY#(rzrKIn@KZlp
zWd<*=#hB+Pt?`bI@}_s|HfC1!33guK;_7kj3YE)#_Dt)1`$Ca{!EBMuCu$=(f?js+
z4UTgjW{hV(-yE#tJMi|cS(J<GozthXD@rxnR{I$&b9B@aS^DbtNOkbJ%9jEfD+O+4
zxa<mLjBTJO8b`lOdKM<j_SmUUjkE2ES`4F0?Cx+7R4LC=c@O31?`}I)A3oDx#`f`V
zck|s-&*%Htnx6Opi>6Z3{Fp6=%;hdB9*I=RPS_^<wx;iRtv{dlrRL_F&JOQ3$**$%
zRqOq8;DVmM-s9u#2X~f)aruS|8SavK(w*mPF<5tFRX}oh_)TETj$;=X_aBj0ur<OZ
z_SnKV@~&miob4%63iMC(-=3bgv}Ybw{}Q4p@9Fzw?XewJN_Z3}esubtdw$sWLC~hV
z?~i8kHE=H}JN?Tbc=xVs>7Bfpf8J)J+*MVLap|K}DPOJ1>**<xvwQmTdR+>h;qe`A
zvN+ZDtl@U&smh?bc#8Th&o*gNG#DLyT;$x_+`~h?7D_uDmg(G_=B^OQQvN)N*WkkC
z(RTNJW3k%#%&v1*Su-E<aF!RuOBvcrdg}?ZJ-d7S&|R&2ha);vl59@P_N-f<EhIb#
z%4yl1PD`sJo}?vq4Yuc6bsc^S_rwAI9errQ#Jj3BPcbvX+!q#(4GQ%(@aGraXinMj
z&0M1GArLvYt6Ueu#(U}@u_=$__-NfwvFYFe^4XOv5WH~?AVPaJRr}B}f9JYn-%y1S
zq`ky0eaXK=sVZuL$iP5fyL}^DOxhM<N!gX62zztPpRf15y>*yA)bX3%CE}>JjHi`;
zd3HzErLD4HzfnPz(p=R4sbueF9-ecx?^pti-QQxlS2d<xd8mF*@w6pJsp~k!cb0q4
z*DL(JnbFp7{sMI!eJ~~ebv#6U{)}hOZb}@d>@Nvz3)7ynFTnDf{$|gg^KF8zZ&zW3
zxfg_e_>h`;&L~&1T=`;<CVP3<kudqbUGA%{p4`^6YP;vwUs>CxE2I8OQLYn*4s{^G
zxKGyhn*H9x^Yk`Z7=LLi>+%55+);Fq<>n9~zaUC4IhDU@deY6ew|n4bn1;rKwF{Nl
z%Zt)@sAqc?O_xjo8r=hU!H%J2ZPPnlHe;QC`6{{T|68PFxaxeM>|ZyS68jmG(&9aS
z(*X75&v9t_Vc8a7%mid8VP5ulPN|qQGg?(NNEz_Snp@zpXMAlbi;Bz(f)A711Rb&~
zq&g&jZE>hV;XV(JR88_b>{%N$_0^BKPcEqUgKAxS{Ls2OI66w5+7h6Xb@l38NSPnR
zF@D%WGPf_WK1?NC3lhJ#zH67nN9Ls<4iA<OEvOb#L6^LE^$B-YTVq8CsDx0&T?TrM
zi99SxKi3N_7D&7^G(|R(bq8k>Q=1wHeZjkLtnBYFas!Tux$?s}mw~exj)TJBh<gEF
z1eo$REqAPtWOhMF)dvHF?SI!)%T-$U_+hA_9II!7I<?*&kAsjRMjU|)L+slo571;5
zA`>rTwvF}}ac}40N_^L41LA^EnvyUvFzErF5#z;}0k+2gkASZbBoRDXys5&-^&2)^
zjNV|GE{p1a5kQrE7+4%XcWxo3CU?j3?@;vt1d=QZ=+*oz1j9$~PPxcqN(8^28E8Nb
z`Sk*4AwwC^^UGnL@OG%`D8=K^qm>|_^%UQ%y#%s?SJkLp5?X%v1S*RL<<{2n5vGY!
zcvHn(JO}VF1<<geR|mgft(Jko#@!*MKrW9TKkfm#`uRq{^x>FbjG~n1k95ORK(n&*
ze9J6j=WZ$dmJl(n@?;l_{vr49w$f^*3Ftb^d^Phi_(z_AFoL{Y%(|pPBXg=*P(G-F
zk!T7gUxev1&9LERd^9MpNOuGuwj5wvz=>25O&BD4dV+_KHA)YZhp3*OTTKJ9OS&7j
znRC#su0WTt7htV8Sg0^~xqjVqa&zAFsc<MW0Z9P!`paM&b@*c@X46q7M4%BO0>{h)
z4iNu={yt7NE!Ahj8BiQHwU6YSmj?<e6riO~O@#BWc)=@^{P}SbJv9k4L8?*#F_-`k
zSeXHz=l$Q}%<Aarc|on!41AujkzT)kjR|G+wom_{%pU93SQc(;m2TgA1Ken=1%Y~d
zLVg9k3Yj{w?roHns9F6bz!PeMiwc`5Cpy=N_V%Olc4xX+N?@B#<Zp2gXXG~>b^9m5
z7O4~3R&H6$MgzXuETz_Jcz%&FF>x^=UL|0BzH;bq+3Tkn!|Hg$$a|rn)Mbwj^M5Pb
zL+U)H4$hEQP8b|!W2ZRxHF<s<`A<PZ4++uam_PqnSO^@h*ni*-lL<&309~qB_~4`W
zuJUe-os#0>$Dx}N`Haxp%kb-pY2yb)mpRevelZLPsHrp}k;>cR@kP)!6Oec-js%5E
z09BJ1W3^Ys2=7risOT#+U1`4|lMueOuLe6Dk!o9yy!HYlr@r-DI>tJ|KB^x#iHVs}
zY5=7<4lXvuj(>r1O1&8dtI}AkJ%b=M-PaH{h5R+5!n@@t%}uTg!`6{q+qV7r3GAm{
zr^@!$)?5<%6w=Q9#wBscU80DVMei;R9&T&A$>?f5>W06oA$&UlP@||EA`U>=wF%3A
zNlUVW(;&|>eIt5eeA(zJOUojXCD=0v`a&>RiX%tNC))i2C78_5yhWPTL(%70`~Udk
z1iafI#~>}YG&n>MhhU%n!nEwik2A&n-c!57(8A0R?o+El#{)TSw*Z43f?#}_O%MbJ
z2lGOJsMl(%v?JyFW*T_o_2ZbEKTc2Q12=iOfGN<U)DiHK(5HJIY$M|^!n21&wmi$#
zxxB5aV!1ooauCrlr%clw|McloHZN(^DXTYc=D@MHJLszcSOQ*P+Vt%8#e_^JO?DRL
z(W6JHBfvmZPo0YVxL}!g#Tei};_d*>W<DYKU_um9x|CPJO_p=P0&py@!71lRw4?Vm
zBl!n(S}^#@6G@A2(|Bv|QLzMp9ykB^Q4pDtk@5Ufd@p_TUgf$VYX(vR7sKhVsku4Z
zwS9`(8(@0vWj`BZB3j}esJm+`X&7@+D8Q&hdOLqSoV=C4pV8fAejel#26%YHdahFV
z1xt_274DY8SPCY!;6ZE$xI+Y(fUjfQa_uiFXANL5&-<B|M{wrMFQ(g*9ItI{tf}Fp
zF$OsB5-LTN7h4EQ^f#tmyegAK8$L9WaO=|<%qjjsudV!PaOhCvaMn3~NW2o>yvc>_
z7C`WY1i2=>Mh>yJk97rzM?T0~@Stx&UPZ;3Zv{AE$8h`(^F+XPz|hT3Ec(w6CoKlM
zGMLxP%Z8W9xP8&*rv(oYHU)i)LikX0_=Nf|y82|vuunObah>`%ZP#Low)+i0_WwoN
z?m93w2yOSs6m7TH{GYVi^vZO|K1WCiLez(Fg6yyjAH{^p3-eHdrotamUxt1CQ=ERd
zk-f=KGc90G@j&@r^D%^}Srt(=SWA@a1_*8B<hB*iDyP{V*wNxr+Z8Wu(iLyTz*q=D
z$N~E&fHR*sbLK<HEjVhl=T^Jh9&rO6mXFgxD(cKp_q<^-p#=iesp6_RcjBk>Xy4>)
z3)olyx09388nA6a3fZ`EBk=-1Q~}mE@f!t`xCN{pz;nSLJ6n_p`4q!Tk^u(X8|bt$
zXq3=asRV^vk0n8;;t8idjfc_!<DMHU<z4#KBXx-BC6h5mCTb+t30_kOGO!s0O2`lD
z2gw9|c`WTRYKLabV)Z^WV&ad%5h3g0Vy*1?WsPebL^Yz|Oofkrhi;vfmDLG2WrCG8
zGiEG1sxwv$DGG$uZ8J7-YKvhaJ2Yip_#^VHNdPFMy(Z*Yb8v7kbJm5YP2ys(OY5k0
z17N@BfkcX}gK%szl)xZ|_=y9G)_E9aJ#lE`Qlf7K$8ipWc=&9&zPXWqG{rND-|FzZ
zbL`wgmoM+HQOSSI=B2&iyl|>b_Va}+r1maVi4YPN4P<N7pZiDU$vgbFQ~lLXidvT)
z^XHSwTYOVH!sFPLH71KZXH_0v#8)zYHQXmE<N5sba3i;{_Wpzn%`dxXZz?NPznqa}
zRva@hxCZf#XnssUFrA~DhJrAVFhOv$65t*TFydk&YE(R2dexd?8_6PQF$PnXTa~Ma
z*Isg&*V)6IIz1N|ci%n=DV#3`u0J0!BC@hVp~)pOiseKl5^o$QU0#o(?kiXs!I(;4
zw6Qr3&|L4~$y*79+~pvEYgjUs+UCxlod6fgAHBV$SdegJI0Y`ov2?hH&V1Y-@2aE_
z?mOW1(K_tfn+7-$e*_}>9_wktGgq$`{aC$Uhy*<jQWCj0PUQL|kO6f5&7hz{l4?h8
zHV?L$29Vh7eFVk_5f5^DRQb*Z_5MD*pl<J5XSiX@m-R9-4}mI6;AWHtb>`lqN5x<e
z6i1@!3B{}QC(@Do8U=ufi&0yz-EDN%1?53;e!i-0z0sEj-<>PCdjzxk#VT1!-HiwJ
zS$-?1E?)Hbs3;$}PP{=UAc5*N8Dii7-<@LxEZi@N=V;`fG_8zw^&Y0~kNgux9Dzp+
z4Us974SMuf&@t0&!@F@T6^s@J)-d@o(%o?;N;*9mzXy`id>0oN7#hOF%LjpJHz9=q
zRrLs=L&!HY(59-32tO~00$AuFhUXO+Cm^8@)4gxEgMUnl?I{j>b)0Pi1~1?i?Sy>M
zINoJnHSaUlwe#h}%99&ARQfc9q&>YI`|%Le5+Ci$4&RD4<nZzFkx4u%!l<JuFS!R~
zpL9=BXuV|PiaiPyW)rJ1{;k*AGhNnffy9b1G*GNcz)#xrs`7hX@8n6I>7s$eKgIXb
zj;OsKBs$Kwov0@D#&>=GHvF_uZR%X<++|ySdFt%|A<<mN-8{v*nf$5~HAT#jSk0qu
zsvjpgVIcO*nYaHaQ|?n)zk(%hUUWnF2khejfg9yRzenAxhK7d^O#N)f-EzA2hLDh;
zcjJ}uH~SMV?cm}i<cbGl6obUCAwx&33IhFuO9@6XjAY}CH`i&IkFS~PQGX|!{fw9`
zWRjSiY=W=Bo!>G3t|QpqXy=*{0@anYZ5lWDex}eU5yHkij3E|46NuqG5i2AmCDmU>
zt{O2wKotmK&Up}l0*ZhB{7F8N_iYz&vNfT%iI}<gqXJ}PAbcXx^wpa;Bo-V2T9n7g
z<$)e*yvT9floK+gh$<d#S{WU+hC!;05axQ1wKfu_H7FhzI^*Kv3^4A%4r0gHR3l72
zQ@wkzuUQ%K^6xOGL~BNL{i|dh9w%$y9!GnafJ&dp5YQljP_@*EHI=?iViv)8&%rIE
zS{Q9T;q|foISaJwrXN3iJUl4qPzeEpaN-eCY-nh>{o{xC?-eaAH^U<(+qLR*tNXzB
z4}=+sUN^l`*raZ5Q?GkCv)q1s$w!D{r)lu}%q;8;NuL5$q$-j(;h$eijc9Fc)z;O$
zf)@gws|jj+zWb;&7QoGis1i`1dBKMF+Cr6$tn~EV#DE`!T0(b#Ve73scV<y=E6z6M
zgsb;lig>|0Ugb-dl4FMQ^TZOF@E$rp@cj>BXn=~E=rZt%gF-=<grx<U@(?i!$~(-%
z)~CDT47!S@anh0=)$@56YeDw8*E9`WWhLR;$i(EtX$YqZo@MTM@tA)~!0Ui0mcSA|
zaNs~h>*o|Vr8bT)wAZhf5KjvjWE&dtfw&QXIvls8#hoNr;NY^eU}!{16w($YOgwqc
z@}{dbcB^l6m*}3}B0_vM)*zOYVmwvb_!=T8;k)~fn3}G&JbU(}PV60|Xk6?B72zx@
zs`_!1n$j3=^|*rNBPk(qV!?t18rOmuGIg-!;+J<xtu@1gF%x)}_k56U6hIrKLrM#+
zsz%pqk-OL7es%Bm?Oa#LW8}~$pdh;&;{dPHuP{$3$!x@R{07>gqrxI0*Bzalu78Zb
z$N(Ys6o82qqv(W$TWrT6>eU{vUo^xm5*E)y_gS2q3;A3Pd<JT8{h;Xp<@Xg7Y_V+@
zfqq13Z8UIo&8%(Dlw#HunnM#xy=cDZvqCzZCNuH*E}jCb=WOFNT$ICWiq!&Vb(?s?
z<h*xpd40Ma2aZbfGiN-3ss#0PcE+A(JBg0Iz6%VVCvkBLpuJf7)@F?`3yVi+%NGBK
z@5PBCseg{VNmaWa)qDc}Q>5dBZk2dugLa%7c}PzWRGCTmBW?&g=D0thpo<R!k9hL(
z<wCIO^en@CeCAYES3lqS-15R7kYf7z5%O@hL1H=i#NljkOmr><EQqA)kPTc|3i+sq
zkiz&x`$j?mjn`yc?I_EyQ_wY846SJLU(-C>s7vKakveDIp7uW<X7@J4Smdt7$*TUK
z*|ph%eS?2-0jj$`#xLk=V<Bt`KJ_F-`MCcHfDPuBmfRsJ!9!y$Jcf;>rChju;H;nq
z5+$hcgmjj~ux?1tZ!m0RYBq+s{;JQydov9BoHCKu;Y**ln2#z@*b6V`KB7~D#>Oy6
zYIt<VETajozL7wof~#6Aj--Eor7c8e)`f)}3=Ra`Oq6{%J;9QO&@$+y)tXFvp~nuO
z1|XW|U%y@?YoJBPu(VR1`y&ng6@U_m-0;e->^;&AuLQOj_px6e>FF&z8Cigqh;9q3
zgxH}I>lq4xKfv|^la{Z`HY(1Q$kyVi3Q0_O2_w=yph{-WZf<TGRsm|n=fmqWC7~aJ
zY#|_n=XYF~))>8tW`wN=yd&z8nyOl+1T#ZjgVnL7Qh|Pss)VvxVH%_F)aZ`L$2s>3
zCdbFJTvou4y8vJlhUjc*$8HdJG%$UU;)=2tD8<dar?JLK+!XOthp+=ZJTRSSTP2bI
z2ZOI8-IC!9>>r}80m#GV!0=9*&|kb8QZQn?LyV_zIQImt&3hTY*-fIW7k~?aGw={a
zjo)5_{w6d-;2WsdgczCSLgJqhD<ef*bHF6#lQ6dwq!9HR>55Pd3&B7RllDR^HmQ4`
z_i8Xmw+fXq@goNZyb0%|0|x$;_rR+51YrjZ0dFGuDd$wK)QoX){mDfk^*>5iWUt3x
zydS!f1y(4|xKub=dld4JaP9K?`Yj@E5))7Sv{)S(uJhW&k|(BaTOk$Y@$bta@-ai%
zZ3=sRQm~<{e1m(%<~Fsmvho!QeF)DKNFfLlg%=WwK@8k7I5J`e87@NTUZc$n_+$It
zz*V0PJgB*)#RMe>Ya;;8J+ILUzJ{ZoG?KvrT;Q8r1KPt1N|LXHcNNcdY-BVoZ@{IN
zfbjB1Q`0+;Cf@V$^QYO~-Jefl#b9rQ?YIJzE?$zK(J`zoau?zk$Kr~LKXK|U7ZCW=
z(@2X?)&PYS^p5)l=?I`iNLS{-$IV0<4G8WPI3xis=nbdq$}Ky0)*S!WL04D^6YZJ@
zQkFG%%sA){gzUZxX|ZGhZ(ZUU?m+~P8;Y9BDKKGzn@=%kAOWm;g|2?>Re%~iKLuS=
za1?mgPD|jG5^sqQkGc&)@kWgGMMX=@d9>I&=V9T2v_n8%@LQ5Zm0SOsz=g^R=lCre
zu+4BCm;UB5cmP*HZcX@KWmV@4NmNyi>BJuxYbq<@FWU8@3f217zrk^oUrU^1r%&6-
zVl4gNDBc??bT5{hKxPP~!JDQF1Q&!QaduH7Ud@b|Gcz)?YDS%}Pl~iWq0<5trM#sh
zmML)ux;DUZiXdix`<7K*6#w$257<;-qB&*$3PptGWgI%g4q(tr1;Z5@^o%Ph-<+No
z7C9gOeVApd53(=$Gu&%1`{b8dnMrB^)Pn^Jm7`1ghlcx$YTEeg28~%}Uv9fGQPgT~
z3*p&Hkkj_|>W2xuPZ`+GYqo4DHgDtCMg0H~Th(^3Istna-`K}ZW%cDZ9)&Xv9R6=$
zGaLgmrn)Ev98X*e<$!^V#g0-l%iR&k_*Ow3ZJ{v(1fh*$Vuhe)T9myWifg<ro)u=B
zPPZrBCTzbgEG&TFgq~~bhM5@}&b6opfHl{*<0`J7Z3M#x_!yCh2(T18F3CAvemOdi
zsGZ?tm|arRbN_9JdZ>%ZaIep9h3<LumGI&Fvk##Xq#}da04eVbj~-pHQb_2#WAsq9
zGX5t4l3J*SMlQ)Z1t|at(+Ju9#k`H%&8H(Q)E4EYimEDH!;QuFkHH>(w8c-%UuXCY
zLAmg<;O9U~P!^hlO#>pmSbdgjhS~rNG9o;_t6^^RdAK>fk;wui&gtnE69e#pui)q)
zc*L^Jhk0dIDkVBql)9%EA><3ZEnZj*!+L|nv|_)}zep=x+jA!KGnVU2)TV^HK60eJ
z?kau?NeAw6y?9X)Ta|t8+__Uy_EzM8S&V@iy;fR!IpUH$;^MZVAWOK|eo(t@rlOIN
z02~}(yKw_Bb<*u>Jl>1$TR&eKHv*<WoD|3iom9EvCoY%VrW&=`-vK3!Xe<CDFZ&{|
z)SrS%9-t?}7*^xwN&wdk7{#83zH}Cj4o<%9?9dC(qCkZQC4!B;PhyI)gF|Y`Xod;!
zdl=hQjWRNNvs$z2%}$<#10YFD0U>t^WdDAztt%|_2Gt)g4nqP0tD`E%YS(s_{f>%+
zd>6tNi2MMkdjKu(x<F$sNX{3As)mD<!cp$XhxZG@Bm|^qe$XNbPZ;DR3rov1+brg?
zI(Kq96Ey(%!UN~r>A3QtpE(m$-D*jd82X&z%9-Ha23U{c&SJM}gc|TG&G!VfXwblj
z#&7U}?21IaR2w@lzy&ZG#u^h8J+RR&d^q;`^IQZ2tPU!I|K9UUJk>yePr$1ed)y{0
zR&UZ9a<rGlw7yb#Aci&8(v|A}vNb572my!N$kl_rSuSCxs$U|Q*x5;k+G>Y9%%5j~
z6c0Y>I}|A>eo6WVD&+EtiW!Oy3=S(6eI>QFb2n=-H&t`V8~1h@796tub}_qlXYsZ$
zEYU53IQI?<M%;P$tO}^|c<S6nxTY5?cd7ajX*m|i>C=YRd1V#=YDoQ0yslti0JPUU
zQ|=e&ls7+|gp5h~#EI|%9_Orq6lAPG)Dr<`bVz7&U@eiFhznc107hI9k_GUnAh9+v
zadF;g3QJ@*dHtk;YYC_IX6WwGk$pa5Z06Dr2Zgo3YKg1^v_memS=e6ZJJIM7WElpy
z+L-+UqTDVe#YO=eEt@wN(Y|aHe+lt|L}T*~GUp<OgcYL<TogpC;8D0i5625ZjgWur
zOWwlz_2-KQhBP$`#R|~%f+CLx(Fa-HWeFejJff~JH`?h+-<~!0gMTH6BX|J0xOuh@
zESAhlI&W`3*Hok3_g>lXdSNUm8hqx-7z3{moh2zFf(oi>CgWmg;4sNkLZbkEXwh97
ztYDKkqy<=ZZa3=S(`5h9(!%00c@(xrqqX`P6P)Gp4FQ^4vY4}NM*_7b^71w$x?66j
z1l<0k-Yq_)re6|VIik6OrXw4V-|k*N3{2KSYz$?aEkmiB8=<5R9`J#Zx)$6`$N`!v
zh{G(jC@Xi`c#Qu7>lg_}XqEQ|wN`t_W2IRZ+B2N^K2`_S49+!jN@u$C&kHC8^Yv+T
zbS}7!0DQ<}fZPiQC<oS+-&X~@k<l4_VXSMu@f)!IIYPpI)-g>=HPgA>^>38=OB~B|
zT86R$1^@EN)#PmlLhHX85qRYwQrz1a!+=$IUj><(`}V=t@I=TPUG8Pe@@3`Z9D~Xa
zxoK%FdI+2E5qV@%-VY9bg?1pR4a|81sNnZz5o@UO2-W&=P5Cje00Ei9wqrON&%z;^
zI7StNY1{DDQFpC-)^M{QHBv_ckPs@u)ZgfWC45zKP$m=P2kLhOY3*P8?FQCaX`=0>
zzdNkvPtk9Hs18RfOdu?|2Hf)kh%8WZsP5hS8hlJkBQv<koQ3AZaIm6E!K9^k0bJWo
z;53gdXothrFMKTR-+I5kxe5=on5}D1yKtnTaG3cHql7Q=JhfR~E!=!8Qpw?*s2~5k
z<9t#zkT@hpWg#cz&8~|-Y<d-7{{E6tTWd%-%yBH-e703-Z!o9ahQoar6yEE`(ILST
z`uYWC_QaNOvtT&0txM2qcXgncyu|p91dPv$jh#BzAJ*2+c8%&Cjg5~tqXdIYEGZ>*
zibCAS#>X33-?~R-k~Pus-rgU%1xTJc@kYZtYX0U9*N(H0A=i&%kG+9UtM19??5&V;
z_WQ~)`7#*8Rxbvbx>S==L0g<m_EK3lS|vAc_H%S_5HBEw;IfB+Ly&)o0~-!o^4hIb
zbJo+|e(zpJ;mvU#*K51v&Hp->1_h|2=uX@lU;{-OYYOV1L4%7I-^9=tD_t|-vp0Mi
z6-7{MoZ6ig`GNn{Sw6Ab75-uC*hfJq=|`OK;o$ft7R{=KJ5Rn})RTlc*Uzr53_T`f
zE7w3M&B2X2>6>#-#;9NaUrp(<v(Q(G7eLLzMj^45s5#P)MG1i>+lm8)vWlg;9y{BE
z9<rSH+rq_m$6`ZhR|~pB<hlcPeDgr#0rZ`?0NU>|3i?-9`(1wU_iq(t<tqieKVv@}
z9ZMEVz;1H~1Gi@gp&vN8bL65-t}!u#;T@^P0kN3|tCGIozbomQzr<1j#1OhM#AgP{
zXO9H6%*g9SE^}vpytNDNqZ#Sra~Hi7q@u8~Hra}FZFG0uFv^CJ@T_;@t#c{NE*g^q
z&_p4Q<vxImuyxn5Ww><f!l(wVKA5{Ur|d%a0X6ta-ZY+1S$(}f&e<!hNCN<}zFcLj
zQOjQg-s}Q`d5;wO@Np03Z%CZ@*mi;9p&_j6+)z`q(SjThoflo2@u5~SBcn?M^U9(p
zGA_7P2$+n-6B9>xNxediN0e5hD1ubKpd!!H$uK7*Z<mRoYC}!BOsPoySegl@qIZIV
z*23EWU^e^0g;l$YG5|)D93TDIyK<(fhUGCA4UNk9^2Bx+|KHaj-aM6GzMQH5v0>7m
z2AMtfmd4|>4b5i#uo>3E+k~nGy>vJdcw%B=6ycUKvVH>0-zx|P2EK`V1S4<fUtcd8
zkqpMA%a#$>UdY;dFF4uT_Sk3j$8japAxlZA6=%wsx96w@ize#E&OaZ1iz;?utlqPs
zMk<T0uk9Ee8QF{~3b08wq>uHHsUAHk)-tYjg<9kK@-7n`9X*1Isct4Ml6g!k41ozr
znM`456W!MJX7n3^6o>wNo_;)?R%lBL!j-R9{zzPO9aAU!vsC<=dnhG6pgP8xPJx7I
zE2-YW4v$o~TKjbKMB^@bMOJHkLJ`jzTbD((?(-)<sOp9Z-9p*X0$Ol4Ejmz)-b3|2
z&s?o?cD$=XUOw+p*v~bWSQb-`>uVt{BXn}9d1m@4LQ3xk4|H#l!XOH^FuECQzLnrK
z>i%et(Q3gq6lP>r1TcX}U`W?|@kjAu0Z!@|MN3B~CsP!0XgFdXg@mZK$6JrV015U3
z*#HUqu{m0SgA`(}LAhorXw*LfYUvaJ5iIANT=g2m>zlW3u@wZDa3>9$jU5uXTQ#;5
zy(%o#GhFQIp!CLYdbHz7pg1fYV9sQU=73D=P|gx2D8yDU<%4U0dF7!k;iKN{a_tQv
z?e9DbhkC2y1)&w-g!MK>5wYoK&z?<pQTtQg){5$Lz4xD(i?%K6QVNR*ebFe!oiXZ^
zgatA1<d`o{-k_DC1h&uZ&@g93K6mpm7gX-1j{S^&?(TgpF6`wf-t+7cYm>V`1t2{*
zRM*RI!AQiggpB84xaNj*ZH@x5O8I}GI?(P@D25vh{cqeTfarwiSut?1aGCcd=p{2~
z-@1sF&m)r?&~{{W^}U3j@xA>=ehqI<bgyV1&9P^i#!UESwR6!!X&r0y6eJ4WB?@_r
z`t8kFwN+I<Fu=L~LP*H#T5iZP7=Q5)S%-_u+p5`^ex8S9i-<0;%P`<eF{Go+BlH$*
zKGG}@hR&CB_Dk33$x}$FhPnfWdrEi@n14VJu_>L?waA(WS?cfK?}NWe;JBZs)_7mO
zHR@tC^ib)p#8fi%Qa9g?RdR%bajpUFCkOB;V!DCKf>>m~9W0Tt7?atxD;vhV@Emg(
z?F%m`E+($6NRkI$qIKxdm&l`Y3;kDIL52z^XgD|#3dqGQ$7f<~&4q~>kzu}Tof%a_
z{nW9aQLr5&IFhD|(v2_%0E-0T3L7yTQ>qIRYC+OAJ4|N-q1Q1*w-St6gBa$HSlf@6
z!o&%acte)mP_)_BEn9F5zL0c<0|3c{FK9Ozrl$WiyEcsT?U4QirD0;TipIof3pau%
zpQokW&&W(Qb@Aa-=tf6Ipd>u9dE|438y%?yp{U0^2}4x!gafuga7}t*aB8%A{bXu8
zej-`E)0xrzVF08ofI;Ws+Dr+g{YFH@Ko5u0!-QIDW9ysXZvA5BA7QN=jbnjABVzQ9
z*g+nNA@1Ewzg-G#GFkoI)ZY5ED+&nUCBh)QdE&;zB|l0*WYdE^KQ-Bf9u0rk3aVNj
z@i9B-rcI@m=H%oAWAAXVvmXZ}clhCZGqjLrD`T{ab8;?2`1=Y6w}r-QoQnByvWSv$
z4<CS(#NfZ+CD8`pNo-}K)$&3?WhyF4Z7G_0UwhCTp2Ago66HTPX%Zpf9?qUCNQg8r
zkHZ)vmmt`cCK#WZLi;uUc2V0|Xxq1dGqkn@(`iD%nWNa1X8;CHaYIAMA7F@an^+8{
z&?W*%u$I)09dB@noj!FcAANK|B(|v}x+4NgVc1**^x-SkE#`sD#r*D?pQRQ@>%^W!
zsYpEPG{UuBVc>p=#dJ+NHCm8jkS^S^^xsOf{{gna#;guQO5gkJ#fyk_CDhO_C0$9G
z^z^uZ?^kz;s0=rHa-h&~yvq>xPbz*ZEYBuyW@w}yu3xv#)=^HroBMp|ZoB>6gYdZ`
z)6Ifl8<g-sFLI%IIs&y(FpLk5zI8~bRq^Y_MDspC@I76H!8R=T3)(WaT^a*>rozbu
zoTA>-ez6Gg`0{zE+HCyO$B!le2SMC{uTU<*>3B`g{;Z6xe_Dr|%Y1xC-emcuh4QPj
zmNpo|;*FT_zQIx|<Ov@gtA{J#r$@VPlf1(F4<Ab616t0{UqpC?yxcpo*o9O$=b8GW
zWyP4_IP#6^znf-uI*NteyaYI$2<R}^gndARW!s!Nb8tY+K;M;l__SsXiaLOb;Jhe2
zc4sjQ7PkBLZ~1L~;J^aRuOP;XICmhKzMUO5F{rj)xlK4-`C<8sx#QAU!QLVFtS&5B
z6?ftPF-QFl=1w*YA4v)f4^NPB=JEb5V}YzuE~3*H%Nm_D^~1!Ja~<jk+IT}R905G=
zX`5a(wE<j&{Xyj6#H;|{L}1nd6^WUvG?xmWj%o}YcpId-5A_{$DBk@9w2z|@<N6Df
z=oVE~Ehpi8mw5Bu5m7LjWlTR;aRX{2fDTv=coH!Qxs$-3W5hn*Cygto=bbQhy<PZ<
z7Q1&E()C(ovicwM*{A2Ii6r<HmNTg%;7kx9{DLKSk{Qkq!du;|0OA1nz&}7W_+(Z-
z>FVsaKAWCQ1H`vx-MXiBV?Q(Gr|`z_V*?ruXV5Fdl*;6nc<3KMnn^gu!rbH2*qvn?
zVyj6eC|d6;(}-c*S!KRm7uMl4NR0CR${ek7uPC49D%|{LcKR2Ez0(RfQ%$<vW^5|w
zxMH+a*+oShpkC!bW$qMrO!*-^O`{HmSR@Yp&G_y)=!XlG7{?I*QXn)~;o3)!7Hu`q
z*T0IyNJS7xq2)$4OZEE~7y)5nU4a@6kkh1BBLw=A+qPi_%Y_Ja_@!gmiUHCL3XW0C
zlv8PsQWOdnty(2&;VRM35!Z;a6^9jZsX#%2ac?TT9fQ8r)?OzPR?ruS2?exa8I|&|
zBT>N=7$pEnc_qF85T{!d0S)<YbgX=+6j{CKOL0#S%^C#EI<_wKD&YEAbirL0W}zNo
zXJ_|7F^OIg<mT1HW+F0D^~odXmdSh@5eD^Ua&k<hvigHAg52I1bt{u=!)&WqPg_8T
z?Em>Zp19R<3u|bB1_|Q2;E&|zC4u(W$Oo}Qh2fIt&z04`Im&GcLcSRqKJ4%wP!%bt
zE32xMkV*_&=VOLIbkQl^3=0dy1&pvW<+X2s>7IbDoG^)yJVE9a<(}+qR6PFF)Sbtm
zy~K-BIe%UPSSVa=UcNl;-;5y#xNE$;rU2!ZCuIeXdRKv9wt*lhU`8PYiWiejb1SR1
z3WTBEg1JF_7JWV%3}Q|TUn-T9Qc}f$<KP0Hjh*0GqVBs2_N4h1`@W_<051UnhQp^7
zRbfO+d|aF=2HoJ8`oh;0?6Zj2*gvKpZ#Z55@L@6yhaVL2A^=NLTSw<Iy5@k_Wcz{n
z5_~_l(fnj_znDtnFq_9efu`CJVWlBx>nWz3015aKCYLpyrjl2|+{V#my3>=XeOxDK
zE5Hc!^YuOBUIbFteLay=*f1|JcKst#=Uzz2r${xl{}QGJHods|YB04*8^OS=I4{pj
zYWsF^A(MgLv(vDEMOcV}d#GK^lK7G?dnsl~*M@cLz}Xg$D|)6ULWZ)yghsx?ULsg!
z4H)`|B3hE*osHDwT_eP*w78&Puho6fy?=CeZW5uD^drNFU=`QxL+};2v!-28?Y=lU
zQ_7;7ojN4}i)OGh;hbiIDb*=|iRDX{<bd-KeXkUT826RJj}HwES%i&LjamynK@a8f
zDSS`Z@Cp9}_%b9z3EMNVA<QL*+?2dswZn+1%)#I=sbKZ#@y|(F^8Fl(`2<Z0t@Ve+
zre_zqS{a{n5Zd7^2R=$-Vqy~}`S3GUQCH`Xm6c7k)zs7s;8+dI<0fNlv6bM4r8*8q
zHF<MOj8W5ViDI^1#RvQ!zQ7%Qi{Hpo8A@HH2s}lpb_FKNL`Dmz7121Do8i#Hc4#`c
zHRbhdsAEwzUQTF)<uVu_yt^(uH5}i*ef#6AEMu!9Mz_`H=Tnaz^G7E+uOK2I3zH+b
z^t4^rMNt&K9h=!B>u8SZ3tTNOWbOuB@Rwrdm!-H;j=#StRBwr74$%W=C!DTl_4{S-
zkmr<en?Ahcl)EDU&sR8n;%$}ha*)Z?6Z!J~MQbs=yUXrWvTGKD3c@<r8WB*X`%4fm
zCEjhs;PR<=H9j^L{`T!kB%>o^X)p8w=&qmKV_`OvdbFsH)j9s=Wk_8$@V2fC^yDyJ
zIc)_YrPk-IqnQ|UWHITMTR`yYdR?%JB^PcwCM^6@VR>c3IS-o&|M1QI_G*Q){(rwt
zMrGD)%v0|>8|ml}M^7R(#yf-H9;1}@ilhT72LJ5HzTAs__6)r4yR~LYV~}i<!~!^q
z+1S{WZG0XA_dCjvSeVffsy@S{It6S|FqK{b!65<!kd|jtAdy#|%(YN64Jk=X3Iw_W
z;#+i;0tn$iXv&=m70paqMy5Pj9BJ$i9zKNR*`hx4F(JEDr!c!w4~QdoHAzNf_s@X-
zMkBee@+MsyRH}zJ<Y`UR8DYiQcl||Tl27tmPApf@p`Qn#@CAaVU^fR^?`)8Mh+7Z%
zMlpIKI8vGcrSRRy`1rp%mDuEBfbillrAR9E8bB!dRTR9i0iNB|&+}lIn%@Dh>v^Y7
zyBQt3_!k%8G~8g`VFr>$owFz->*Z+v3mO=+Bs~e`4!KvdSWM@hOU|g;2$cq>FR3V?
zb09t#m@Jy-J&wZ?BUDRJb;tn-lmaxdRj|9MHaN&H(NBZ40%*iLpfYHgFB3&PYzVcF
z7Ubp4LKjk#WXS`#GPQ1Sfwn^Uz)-9L1tr>F{aeW?rwa^3aKiwn<>!~@lvUIwSX-zN
z%xu*8wQF9L=CzmInw+lV`q;nm@<VH<_OGq(|A%wr>(&2%pCemvi~Kx_hd1^!?Eg&r
z+YOKsdK41p5ZAV?YOs|BIv}S<0S%y0h{TF#uDs5&w@$%)ZR&vj^yz@@1j#`tXmnK4
zHmU>Nn_f_=Ry?{$#?6jkTBN?KkX+|4m(?f>84lP4=={4Ho(p^Z7QefHHbB3#^{I=&
zDl!ZT??-t%`N?RmBJ4cJbU>i|#B32<uM@wt{wfu1J@5Ce@se%u;aqVU3i`&H6MxU2
z*Yx!N_1`d`+~B){^62J1e*x$*e_vaaE;>cVey>}!`l4a*kr_*3g)aPEkFq;zv_`1D
z+V8!nplLjp>+<HJxiiE>|6J4Lv9(_R;mAIZbWZpaxTU4lJBNLaZhmW$e^Hlt`=|Z$
z!`b6`^GvUncL{I0%YK4W$Ui(jBO@WVoHwj=CcZOG{$_Bwt=!a#ljTVKcIH-Z`_;?u
z6hk&|s`qH_8qaa>U7gBkKmLB{a`V{eqp!vc=FWQ8^?vcJ3HoLw-YdoB<uyWf_wUBX
zH^mKqEDGu`N-)h_T7J9rj*@5ZmMy<ODr<}{X<$m7Uo&9r_Vw>)!5LHJeq-ftpH0Ts
z1!kQI%QDwZYC6#npE|_qiJ-HR_E=2xwi)ohGxV&w>cctGc?#nAac}P!1-toTR^QJ4
zvT@RAD1Q<o<5c<gPh@wTb1n39M4+U&ZS1c479YjhXfcXMQj$__^-8gl*Q)P~`TZN>
z-_^KY@UOG-IiGPr{9NF?IR|)xXuVtt?_9?(`KQ^iar5)_UAQD&Om*;752~$eZL`kG
zetzIUpV&r^{IYO9$9=F_7%6pc`4T1U5Vn);>pM@A=hdxktby*7)MO{ApQVo$3+S31
zhFRsVi*w?orA?F$Ei<Mou++9TT<kSYwQ9H?ByC-gM|aYA>&$b7XA6b0Pvb!I>k~7L
z(_HzvG1crS)<_y%`ORS_b8Ia5sot87YN|xbo6_UYv?vsMYWf;4%qtbRDD_)M#mvlD
z&J)+zdoEf9UJV}Zys{Y9JH87R1l#tmlFec)iE<sk(D`k{!FS!Qfz5*r_T<l9E?!8l
zbXV%m)z6wpJi|LeV{y>xkNJyj&TXPGW^=>C!IiOdT}9#TB=!I<A%q7-xq8zzi$|xu
zc5g-pr1~uv_NcCM<K>fE8ntcLNJ4DoN*zD>n}!C8BDZsji<d@4EeQ_Zf81hz@B=%m
z%Oz~u+8eLmD7epKtoU5VH%Lb}E%C(BWW}FN9xm?gdS`3BvVm8;P(Yzu&lolRK2Fb3
z5xxQoh!zg_86VqCnK>MN@@^}!u5Pt=`3XX~=6mdA!ZFs7H)X>ei%Y=1EG^>TQdeiA
z(A4+maJY}o6#W$J>7t+z)AP-{J<GM;Nypi_UPE0uG-ZeAthrC(ug*Po8+uu;qK`I8
zYxZP?33?RLq%SJ1$<FVyIXCej_v(54@z;!AivahI2U4#>b}r_L*2wlQ(=rGY@C)y%
ziY=6Pmfmk_dj5wuPgzyHf8+Y~D_*#IeGKASae1@*7{`Ni-@J5>tt9K6euI~-%Y$-m
zMOMF%7xY$%@meh36=Bo0*+AmrA%|-!Gxj}Y_`R0)Nlund+@2Edpv+;|GsB#1)we~0
z8lReT9kg_2P-1El=Vc+zdLW2Kq0A|M;GLtuVEd>Z^!TmqJh8XT^aASbt{bcJLuSsU
zP)_w`afC^l9Y1Zg;7db>rs|l>N*=Mjp9A<u8!_fB?P+Vb+*0k*zVIb-U?`7aR$FFZ
zywEpxliNs%OzP-(<CEr;d56`5wq!reuovRrxhU{lV?n9RrI<F|G`r2ljIDyoyuaHO
zTBGw+>L=P2*eGof+d}8ds5~)H@xY%`cB7~pgWh+7^O2;QEmNs`t)5%!P?wf*mVbt$
z<IM#tuU*xTZ`t$5yzk0B3>kTW)+ceXzB{BPy5mdfTZe`s3N}m~uwJrOzr#$Z19k4g
z!r~HA`MJ-e>$lD_P_KUD<j~DGlHO0Z+xJxGy?_9l?<{EgKQ?BS&3JbuVoiY9DKN>|
znvkptn`y<K@3Y$4ipWEtJ2^aVP7$kj>6sY5wny!PnOU&N(!Nh0${!4O3|nnP#G?8`
z>FkfCTslXOQWSMhMSeR!(<3%={nO!Li|)r;L@wVCSnxDC**rFWE=BgImT}j_xcK<i
zg%YE+YB4Sp^NH>p<+>+o^{UsB)dG)KoVaknsI~RPkrmcwVPh0FbYR(h?bh4VCx57P
zgs7o7WeNAZ-fig7&8@VXOYEPWGkQgNJS^#5Z~1{%bV}q4t;n)mXI~-J*qj>AK`S`^
zYhb}1yWY@}#Fc7lvh*>txHHCx&`5uxrY&o>@PVa8nfvfr&MxnH%15papRlsBIJ0CP
zD_GKYtk%|lkGTsw@+@7edIu}iDJuS&(-c3)kJlc2R$9ZRQEcn7YrI<~EcQNB_zpHn
z<J5{}Yt=5qk7EHx>4bMyZQXw8@a3e$cZeHKv$b+p?U6Cbqfs+5t|TQ#Bt*2tZVD^C
z(qdBMFW49<_M!WMh)CHpy`0lIv*J2`%$%dx^UHtW`^oLql@!WSfu9vG<I+}m(1YwH
z3}G=?Bu0x#iqHAX{mf@h3?E<mogh({Zqt|nyMVw;FVa@Lh*a(F;Z#hWsOz+#h7aZ6
z(4^d4z&Gpb<2}1g9curUsxLp!eLk5@s&U8THcy@QkePAM4(qwI7TLT1auXNRc<2Lz
zGA;j=^MV%e+q9PnB}z$0#Kq40GM6g{YW#i0#bt$GmQ9$IR2nogx!e_Twmk0p?PYmk
zo5e!Gz4)LtRmP&`&)$;xw#=+XoDwKD-@wT+JFotj-q{rSiKSRdsn&HqS!?&ctEl4_
zn`mThwlJ!yy?z~%(k)WU#5BSda`5ofXog(ZhUSK1`15C(4wWn8kK3yXe{_DB__<H*
zzz*xnv3fQRtqX99=T5x#;XQ<iMjrimpP`zBSF0rFh`IH#J(Fi0`%PE!sx4g9*2O2-
zZE%#ohiAD-Ss05GPow_HhDklf`20ArOD;1!s&_QL8?UprtLi_axncThKbj}Es$$Na
zmzH?}zmIl|Twh_#+sNZeeeD5=CNb%9tYI1b@oYP@IxorA^Oo>1SierOxzm>}X=WoO
zAF4inX6%B)uWteR&z_fK3-+wsNl_OROd5I)l)t1XNLj*ZJ6{%S6)WQ`+#j><#*4We
z3~BjBbNR(fY5L_S7SUg@AiD<Z)JACgQZbl2O0eiWdJ7h$W|{?dq~CQP6~c`%5_eR{
zwR!gTLwb*Y2(l=BqY0NI-tS9w{k`~@u1=ZW5#NV`u3kdcw77d$pM|q2#2I+vDmnh$
zbLMDUjYJO*hN1T&0w40HoPBT2lXAg_GyBQW6dTuWLvm@m{^DJI>#?vTceVVeA~+b6
z4{{KzED|z>z=jNo@7*c=UG|O5O8eL;%wg-o>MW%$zkfTeZ;2Pw_%2MTocmmFr{E$F
z=h?FvoA<Nner>I`ic>twovNmqo;z|?Q0wBT__?S^I|Xhz-VB$4lTZ5lZD0K!$O-o2
zIj<wq_G6U2v(53;bgAg`q~C#EH<r|Mee#Zf+N)O0h`AHUN|I8F=YZdAgjlaN&6|2o
z)WFg*UejZ$I%Mx$!54VdWkV4El<?pC!|ecp8B@n*-n;FqVDx>{Y@XbzsZIX=vw9A1
zNcrEXPTxPQ?b)C?-7{lhIDP#uGUIz|1<5n}2(1w!@RVvE0P)%zmqPZ9e>QI2DrLAb
z^As*<U}#O>MlOx>XSkR;e<R2*S!WWQ|L>f`-9I*faB6<`?60<KmHqi6Z;L*C%12-z
z$&iATEhOhFWY$fePZGQ1c(zWn`iO~aN^5xr1BxOjl*_^Ds}Pu`;K5i@&h+Z^UlP*f
z#NPs;xC}rdT&8ToK(wDkz{dgO<X|S@{J((52*WJk9Iy`q-)b{F9yu^4g-}md4--;=
zZ@?<{hz6~Nzy~Ab9~H>ZE0$wE?(V+{z65a@1*9fI*lZ_qW+e^f-)YnahaL$i-ozAC
zZ=5~9@xM?_sg|PugejL$v<@Gh1Kvx+ii&Rwo12?=xAs26Pgn-Vv^T<}FlJc7&Hd#Z
ztKF}0QUB~Yb6ODI<^v!GxF}%N8yNVCW&)MfjneSMw<BtcSf$^ZOT}lz0RPw&L6k5r
zTOy#VZ+nVi`T6q@&vmi?rL<`Rc?(%N%8H7Fw*|=l2I9$t;2*hl>sE>v2)YwNi05sw
zjJ6zK#yw4iFWrpC{x`~Z-?zm4zsP8hladbohh~J2`fKcCBVcqwSp=Yn0B?5nds~_-
zFp_{^W&i%`CA?h7PzMkbk(|67M5KKO4_2i=(wcy+o*%R-g!F~!_U@uCe=#O#(PZ+8
zJc1mI5OE6z0Gboc#9zc55-`*{$aP7|O;nUHh2X!urbOmK@sOBP!29~m8<>u+gPA4f
zt5EmmgJ$Okp=nIyV7_(CC_uWaSU==NAcM90U@$BfLF8Ty7kE(8`5-1n7~`FIv4mD?
zQ0PkqstbTGG?KXhxNRV`fhF_WO`Ckx;{m?G><+@`oA8;0riLV3f>}nMs>HZh7U2x0
zOkDS!YD{moFYo#e2V64wqSKv{N}&=s@^7tefHPd5-(d!@+bnuoiZUSj<T>MiNM9_9
zU_tl_Fk*lUe#qAdRln2`;&#t3bLmCLfUb^C4XAxzF~hhIE(%OCqV_Ufx^sDG`y)-}
zdtYw*{@tb%yUi5(E1;kfpbR0Fj9<#)&fd2I1VKI1iI{NHwKLyAj+*l@FnI_JfUjVx
zr<O7Y6<D_eR!I6t6sY7QA4mSb*;N0j-#O;u?+X(KQCemIcv!0W>+jX{$E#~r)1LQt
zH)I4Y5R`v}ASyUU4)*mO_m@bv_#z?=8YzHPL>8Qd(|ANdbQ#kx9x)IS1+<Cl4Q^9s
zljEv0^=ED&d>M;_c)Y9gC=f&nNNhG-aRHLU4$r@;%}W>>c=!Jl&j_?4KsvP=bI6$Z
z_+Fhc7!It(NO2y<9LP4&vQ6u@&4+a?8wl0&xP@&34;maf;wj;S=m?4;@Oscps@t|L
z2!{X)f;ITFHpzDxAc%_pG7>*WoG`Q^EEFtr!hgYpG-(tJJE^K_dj@V1A?vsOb3j#s
zX`~M(v_@-<ibvbAecSzdF^+&Vw^djq;Kq%^&J1KD&7_b#*e>AD+O4|9Om+Q<{5-6w
z;i_q!<NMG1pzQcJeG4DQCFYl_=s%K1U?2(<QVnwn;&BY~T{-7r^Y5nMkVqn^Nrp(<
z`FI4mxrZ#bcSG7v6~0ZB7Fg<hf#K{)fx)9hSR=Q)oEhKxcCqH4C028PyD&uV?r*g#
z+__u6WbNJkf4?P|QcFN9q6M=Hj0G*9as;>w$r&L5j~I*mJ5EdOlCC;JC^6B&6Fk(3
z41TJb=I7z5>t>&|_V_)rlRz1dols2(0kyN1x)8K5se42@|4%HmTL+n0GZp{%W8O$Q
zP+$<Wpu6wUSwX+k+tafUJQJeKCMoXV#-?tU=zg-<4fAPC@?hiH;r}T&cP7~EZ4(h^
z;L)NuQFN%?Hde2;Ell1HA{OAVAgdI+UV;;7Pts&W(o@qhIHHR~V-5#ZU_mot^{xY?
z5;dw*xe4-+X^_}SFsY%My9#;kN&$fd_pD`1zx;<L$XF@wh9=J2mvn@NS&uLKD_g2`
zZBGQzrxTeuJXI`>%CLli_vQlx)iyE;z?Ys!{<n(8xckz1AtgKn>>lE{i8w=0Y=toY
z#lns#DobI&(yIBIzkeP$eW_wiKni$hU<TpdK~&@g%zIkk14@)gIG|JQ8sV%?oRAS7
z2p1iaKS*43V%mC<jt*=a0TxYQd)JF?NCZ*v--I^hfpale0$o@Lw%hQGEr2osw%hrU
zQ#oBEs}Hi^R*-xM%O8Hk^FT?5M6?*g2TX0jjRl=K7lf<rWQY7dIri`B9I6w(8S0$+
zNa>${6j-<;4FtN*7QloQ54_(v+U}=*!Tp;~gAT+rX=$x<%Re_2*x@A`2y}z!6A>(i
zz=1?jAjc-Z;ll{g^=PXg>l#MT&msu}O3-ao2on@?>tbLENcs9g74(7NweP{~0&I={
zhpjJxt8rc1U&atBq`{ENkkFuv(MltU(jb%;g-S?7q*~FaVHb)_jha<TX`mL;XlO2y
zN`vNTuC-cg{jZ0;&)MJq`_6Cw&T;Ho!}~t(^W67+O^7%cKpefDHBd9uO(esE2rm1<
zx3&B<?|_RIv^BdRNgLzkL6f|Qd+leg7h|$r78MAD)I4|LbN)L+12J8%A-OyNr+O?<
z=oyS8>3~H@Tn)eqlJCO#<wdnx{~YtHM_cWt;*-9jcGZ6&hBmMYhqU)NDAI&)ud{mL
zGREieaRLm`**!FpA%X`5abF&L_wL*0fk05#Dbx62fC?ze<|)j4umgi3j+CH{W4;2w
zf`}jW0mAPQzIHpco<wtlGg$=UvK(lecv+PWNz<HJ{<=8Gj*bW|3@aa9cZ&6=Fm1cK
z^0=S;|Cp!dE`K*<#;LMGz{B`NM_9%ulgfpV&yZjUa2Cwg{@k;!>2n;X%z^!<T9sd{
zK*{=}>iH<cZvPe-IyM+K6K5y(<04oR6FD)?N*=JO<u3m>E9&^E*R5fqPF(hw|Ki_o
z2!06<A$MtL%pgWk&~6+9v|c#h_wV++SV8A)4)dkg-(wn-mAS9guly5Nh2pwVOX$Dx
zQiJM|zW+^zxGHg<LXrz1#KwkSv<l!qa>bhQ=LSo_O^}#S;lvuDAD>kQn|fg4Al$!o
zCj4L$KL(x)#TCjhum=3;+R<sTJ;f6pR4zGB!oh_E;`16$C51xbs#;Rv*n~BD9@ab=
zm!Pc6J_+Tv95gSJNGFdhbzWYdX)yr-2vK4q?t<c4U&rtFC6A(KV&V$`-5jhPm_Dha
z#N!ME&?yu`jmbER4-Uvbdxw1noI?D+aa2RwI8)Ly?TT*NfBW_=<Hb*Wl}+82exqA{
zj2lP?V`T$${!zOP+;jXYI3?3td#pV_(`OeTIx?p|^BZWGQviD6+0BA03!52~S|k+C
znxs%3Jb3Wz*qf<Phrfp68uV)P1k+bIO$uCeT3|pwI&gCt*J=1m9$qqQjO^5q48uGa
zg6-GsWtm)oYm+~gkf%1(8B$nSY=Z*2yW=gP|Kt85wa*78SQ(07#Vl2J3b_^rh9dr)
zaT2>0asJJqgPAX{zH>So`9p-D2Jfr$-PLO+;U%O6RHl9-u{y$0I}d!HNnD@mt!qie
zL(Db+%SYmvc~8B?T%RdRAzKo(z9cn?7vwhBcg%z3`1i_q=Mjq!qd1id!9%wLi414a
zOx)qt{Zg4{zP!yS0>p(-zqh&EwmZ66<br?xbHS@QQ#juW@wl0?5YisJ7x{#SHg(`u
zg*<ow>WI5ZVMrf$r5~feux`olw?9|fiB(6~c1YZP4K@JLXHS9(qp@et&CYSh2jvrQ
zNHGgX2~qOEVn@CO*EUcNGIqHCMOE!`LLre7Ta@y75<WG1!5lk|_Kx6V(7b0WMz90)
zSl%MPFZS6}%bJKq4={c)=iytm9#FTC%m4^Xmx5UVa!E@i2$dDp)$Wi(UzeXrG+s(d
ziAhZmJHjboL}imZYMl8Xdz?1zPznv47SKcdbC4Ju5g$JrxyWzAIKyjXazQ=9!N@~d
z4}vs4_jZ7iFgcQu_O#4)o&o{Cr%f16xO@=90qmm_rKt2J%35R~U`P@+Q`hO7p)evS
zp}hY3_2FJRSi0GD(Eb2duB_jmQ%~z<7M`Pv>z?LPxaTaeodS{czkEhk=*pyVJN9^U
zG=aZHM%tCP9AquIHaVM}0j2(!qVp(CbpT<X$)iT`hF1`zO%6K}5JzzZyGaCHnxG)f
zwpob^vIWvPoURkE5scV(X2QZ^2YREo8)WS#1++U7(I1!>F=QaQ?Q>XyZ*UwWcwuEH
zkS_+bobYKyuXfgRDLG%YddIPU4xTZ1S!E6d@MlQZ@!X`#JOYaYmz|{ih-Pk?7Qog2
z1@bCsd{hBumZ>+)^OGm10qRE2&P#;EgE9+Ya2k?**!@UyMr>?sr)>4>=U?;cVUYeB
zASRSRl@Ip!C5APgp+Pf@ziq~m=~%G7np1W=HkDqV1UM8#PXrPt?Ha7AyQ9pR`;GIh
z<{O&9N%NlAL}whkc6b71nzq%MxPSU>SVQC>vV&l`!IJNE!1>wB=<by-mxSfb-RVN-
zOjw?<v{YMt=aTi#qkTh90*F&aE`jmUnnC)Sbort6ON=3!ftZp2YAF8$P)_?>CR@T<
z;aX)n5Z(++(W6I?&NE%shmGPqn1P^^9U9(_;(><(1>Zx~dWfSy>HNc39tUwJXHn7f
z`n<<$gSAokys54ZVy(MqS)KQ-?rR@ZK0YM(fGCII{qKzsn`S&XJ^CLo#4Wy4iQTY}
zW9`sYxrzuJ{zTKAwk|x)U2}4B<b;!F`JYRH<i$L2Hz=={(LuO@CHPE~LX+5NZVZel
zMhv+@w?rX{cw>iIJ)?@Q+;Pd(M~&GpFLEjcJw+KLqxw(DI5;>+`2P;p&PV$sFHhol
zy86O;(y<sR7)W~B??2;tTAJLc55h!f1l}p0g7R^jV6+qU_4QeGk1x5Lg2Lmy-iX}R
zo9dARUvL!>`0NdC|68c_0LoW~2&ol6Z^(lx*&R{{D9N$%Xe)N^JZkfZl40v0{M@+%
z>T}RuonS&w)->ic&(LgDr21OZ#eY9R7rB&xHTr}&lnQ!E#-4$Ck>~6%_kp@Q10pw+
zS+ZbsS8}P>ESHN_)f5gio!EGI&9xiV3vLA>?r3GIS7BcD0#@y987WnhC#S9ZqBRm#
zt@oNp8?I6`)b14we&s!Vt@)Z=>YFzzl(D=V`X82jXt-v1(>?TOheBA{hpV3kA9ZZ|
z+HkEud$U8-tbe!w=Dmq|L-32cLg0TChUzP|83~$)bKghWas(vl_gO*|!Z!xTh{$Y}
zAt6B8VfC?{<GqsAF2ZwXx(%GRIIP?Zg$PN1xOM-2yg(?lljvJ7IyAv(1&IKl%_Ruf
zBEWsSP@78o&gb2|y>lVO#PsUs{)@;=qTu;jBXn@|{t#MmoPD61&{`L{h?{A!5=5Z?
zBX0`gM<lG{pFJz*Y92jB%a1?9+ODKz0set7bS0o@c!5J<0V9UU`R^Cn(3PdXa#UY^
z;7oCa?ay~S#V|dI*njopS4LWW7;3v!3N@S`uY(5m?xrhm3v<TyJFj`dg1D%l*({H@
zFghwma!x4Am7R(`kX1PA^-v}!NTX>|QZqS)Q}~qT_ojNZ2RSyF0g%uwEGHH4l(H05
z-bKDwHvh`!_U4$J+1YfNBWP@ogKvBYu6IHQA@Rf11(KHtI1*7@!Jq>dUV=)cNjk%?
zWZgjvNz@21>M8=KLLQ8c1J-CI1mKyp;ZUiCwe{?H!_&XkeIeHc1k_y!%#O?YkmqS2
z*qc}gwj%BxSSmMskBGAn{3{x*X4HCegpY!4<G11hY}dr<C5MLxB)*1$%y#DNS?qJ~
zJa%3kbXVeiZOHy`GrLe$oc+GkNLnz(8PVM6ZAj{v|1?_S9Mzs_aHoL+`8x<=Ahb@Q
zOv1$<X_Ij@MqXjIV$P4Sv{@zo6)6&O(QIu5I^W+o1I+M^<B=XREW?q}{9|&$enM`w
z8obRDi*qsTvtuALi4P?;IEy^Ub)e`mT%6H)n3IVFFKiE|fJmeG77lqCp^uYi5qCgh
zc|*c1A!>y6rZ<{$bFi3AA0Z1FHU%p%j6#wCSf&p(mt*>(cIwn>D0E4t7Q7X@8#Fh(
zOSGcN%drlw7qo5yYmG!k!1)gjf?8lpKG<TLd@1&Tkm{(=wbw_CG8z2AU18vix1gT@
zf7=ZnKyZQ}9()GurmG#xaIn9D&r^OO2$BttKb5A_Pi8VeyZK(FOKtBTltJIHY`cB)
z<*Ja#Cf^%nbXDe12}+%{R<x0?n~4=53`mKgjOz~zeWOdx2(}~n1f<=-{ttc=G29{B
z`bDAr6BAlbAEj{2Yh`1O^^YonoJOdeVE$snws<MMRKHP~WB{^`%L&gdTsL2!0%=9F
zDEP0xs_lC}-=dU*A!-f6WOb6s7HM4&@vN~R(=W7ZgNk2u+snhF0?`cK-e^*9P^_Fw
z?;froWgt|yB`6)xw^`wL)z$4GW!f)>_7J}ng>u5?$t47Yw_r&eKmmmPVUJ-pcP2|y
zT^&=3p#37xQ@RXeoNs!gAKinaeI?4h!C$|^uTSHt#OKLqA%iIr>?pAM1U+I{J=m5m
zo{&RFz)RxEm!UhaUAO>EP*on`ix@NhTwRcIE5NBQM$jJyt=8ay*>`+e<~EWz>jMa5
zU1e*8Y?=^?aVsoLtmMST1d~h|XU;^&6WqD3F^Td_<rN5+l8(f1`W8kEApe(RA;mp=
z7U=EXAtt`<Ru*%pD^`=n5_}uPL43R9R2BGXR?nhC(-n_hMExD~b*X#;^gq`*F~HsX
z@rid>*4P8_u;YKCx+Azxw*K?~e*dMPw)@fafB%fzfmIb(`PcmY8?Ei9Aai;(h$Phf
z%G(=eh~TvjWE{6V@~>BQdlPs2S&`a*-v+;HxW_NgDir~uIAc6n-;k?`iGRa-ZFw_i
zowL;TDh1)Wp4rD*-!txk6b@do;S15ZJLR}?(l=n0dc5+<o*M&)Sl2ck=g_xZIj*#U
zkY5oMLVRJ6?+f!Arvn<T*x9fd;U9ETDp1y7cpolM1Vq5M6%7OK5OH#e9HBw(@<7pg
zDkgjI%(Xz>g?WSQ6Bj?@haiO|pVf}mM`6T+Df=$?!3xD<*EfBX7KZ7y%wO8ks!*xG
zL18|mtR8T-al)qi9o1pQoTgL@p0*3wQfwC3chT37Z8BV19flJBW-?tPQa_#_6Clw0
z2wxu>7Sv0TRZTA)_`p2EID$yu8UYZZruiB^$zb&>DV}Q(Mo{0cv9Ti1cRw6tl&b5n
zCNfcRxFPrwMnt0ITOwSAq(YV+?1^p#_mdcA;Or{(xG5s$Q79(Q*#^2V20A?Wu7-&R
zi8yu&VxETl!`eqK+S{w+F(9g=T<iA%DXJ6qf`Uk92Zm-uK~LN@FxH+%GIe<Y-9YFj
z<ANOueIRr|r_$)|y_N|s=EFh?+|DXpKlX%N4IK`^#HS2e$9L@$Uo69jv%r?y?%hR}
zO}KpMdofA5Fd>F>8+Q!`hpX$vC|K}fP;5+t<pWN#*VtS){m_yh>cH8Y3ezaqR2;S4
zmQx=V-=h%0<Zb6d93F|QdWAW>*0>SXj$Vq{PRN~fgV>Z-RzM)#gBh@Gl4?`CzB+{_
zhNb|*B~|Q}LyX<rhZZi^@NCR*j{eE@dc(YP3-rYYM>5ZSWcMSS3hDtJ+eyeZD==oT
z28D3CE7X9;&s5C3h>c{b3f4h1l{<L{qZds~(@1$L^B1iBK0a2u2Ry1119q6z?7{{e
zIl?!4b_Di}D$Kn);gbeeKBXh+Ru#O7t?xY}`n06ji678s&Z0PDZeb7I6%$Ag_H17Q
zb;;~U`pdkfTLU2v*rW_YJ>QGCN2eQKZ9|sP1J2}-u8gS;w>b(MM>^aml73;tp@)-8
zy^D_Fr1rjj(GYiaBYG-2CZ-bdQN<G&sZ~d5@$C<N@Iae8ITX;zG+s$K&aj)QY|Oo8
z&E>G$T3S>A%m_So!Qf!g(xo~ekjKKj7J<PLc+hTsq61u7d8fn*hDr7y1#9o#9S+Fp
zVa8tw(;KxoXZB*C9Xi5TsDAX3Db2=Fn+{I_CM-nOnIzr&3nTfeCAP031XiDNS|mz$
zpS*MTt|r#EA`rFhury#JoKg|zgv5e6&P1VZh6|pHpj)?gt=a!59PfV%3le%c<LYtg
zATB!VIQV8aj1R*a%8vOBZmX0)Fi^?);q8rEF^h6E*RkdVch;9OLzq6vw$YW@?>>j|
z8L%^PhCtx77@4(pSE0#%bh;*?AgSc{3I+3?pTfik&z^)~$!-dwShZHy(UNR&G<QL8
z9Q5ds4w#^#HVaaRh7gfwh1$*WeMJpN=V;jM8k!Ur!^ec9FJBa183gS{A4#C`&z|W8
zv30trsvN;?>W^PsoLW{8n%ZMh$iz&n1fF5wL6?=>=Z;wXHL(G1V;Epud0#Qc&DUdR
z`!2?mU>JF+`j{(}l$6}WzwAWOX!;JrkM71?rNbsB28gn>f~e>SeLHpXml|%DIFQXb
ze0;GG%-RTs+`g@EEwq7HGkfH+`d=<WWyZdI@nRIHu@@LPD7H*h!RV=`c<)mVw3^_r
zo{AAQbe7Ix&x$sdTBHa|ii87EGqF(gQRQS0!-oKifLs~V$)W(UJHf$%kGEe+koai6
zxZ152RcrP$+-U=(4rVoB(nnNk56iT~oYet^#iH}B#P*+cUY_k1fQ;$#cQ+T_?3|e4
z2L&8|#n8=j<>9*`hm9ACi0pyEe7Q+2jBziO7F07N28M>BFx0xh0A8#PyWz;Hx_ASx
zJWMnC$DoB*gPLJcFdZ65qZG5pkcpnv7ED-gUe8D4u91LQUKD!iw9L#kAbW};o1D~-
zcZU3Bg=EcElGceQF+Dv9!N%5TZUv3)ZsAkkBFkyVRejq>nAiFHc0%dD8ainItt1mW
z!?r0DkZf^P)g9uvRB=I^MRjHdt=0)qS-yPv30qrTG<oD9sTdT}zyR*-=V!Ylbv}$2
zZ{c_k=;C3E$0oD=<PTx$`<^k_Vog=Sy{hw$wRLKLPm9nC1VTsLFnNjZbV>UKL<owE
z;Y1nhZ}2d*kUi2l$S1&H>(uD_aa4!+!dy-Yq%q>VE=`br1vgN0!;y4YDXu5xx*2D_
z+y;E8D08GUF)Yy8gHtUU$&kT@zLz2e^9NoNOy4J1tc#3-Ph~htA~Eaj-mur0rBKK8
z+wH(EXk);c9}<ix9E^@gZ-<>gxkHolnnR(Y2F!rZzKhM7jQBp<N1T`O(4sWh{-Co%
zwlf57zO;(K78}8|*|B^O+G$etg47Mvx(Ewk>lggI9h!Nf6jeC&p*(x!3Z53oIyVx_
zKq$J1`%=A$Qo=0Ewu!08K=Yev8xG?%MsVzPxH6(e5eX)a)Ib4rjE15kCB6peF#%6V
zpvJ_-)B=c#!j~AxQ&iv(iU%YrwcQ$pWSm*<c4#U-p7os5fdg~5j*dHqeY?7lwuKDt
zztF|-Ds$e{QA-U_+~e$71}7@46LsJz(2EjvI6Ak7`?v|(_%yICi?f@liYrGlMPcK3
z;3~96pf3nue*ppf9cqs9+-nX8CWsOpJ1x9n0<W$+s8LblGR~w@;EZUFS^%)*T<CoQ
zfy2W~!R|udKs4}p?6j+1ocmVl0g!1If)fD#2%4H42Md8jRKl52^syGyD>;|@eBe>k
zjB}H4)S=^5fA7&NhMZOCu8HF$@DA_4{;K^Px^5+1fP@udxVLN9t{ZmqP$NvLsc${s
zOhHw<LR<HuUl`6y$YaVs-v)^=`6%?dp`PDxa9zjg?XPuajZTOwPD!iuCCwABQf#l;
zf4P`EJfT(W64SlrU^1T?+vG5?QhwZkBH-!r#IC*TU47jl_j)hK#H(L2a-cXPc5krE
zbNkVOhY|o%XK$T(k(ZBIQ)eliWXD364hlZ8;3q{G>YN3^VcE<8{=!kQ)K<3~8DjNd
zZY~ikJH+@dypeI!<0qFVjML6eNv&#uM{-;8sYg4m-i8C3ppcLOfLYYl+B!OIZAcfZ
z$uUrdt6KjUPUT{#X)%CNOulUx{CF{Ws;4x+SO>J>7W5O?R~J$SM@M7O?k2r@*BN&I
z{vKQzdrWzUjAMNCZ{Y;bRgGAYZMq*?i0^F>!>)w>?WHqW%%5vF;Y}WFJn18{LC-EO
zB^?QcfriqnC@X`tQM<Ubv|xnCPw@{x8s8cQ{O0fprKP08aeAb^co72^DuG*BoHs?7
zRH>tuu*WzXw1!9!QF7p$14k0*{~xM%r4$A|UhFiIvKz&iCZ!X%U-8UmIY$_oBT??+
zbd}-JLfkYAg@g{{{jr^)T<|BWqn&}_(o_{pCDql3QKQ|$XNxz~#?CHy@TZW69!sE#
z`~Ep9ul~P$LI%1(;H$o3iiFP8;aU^h`x&7zL^~P?#YRn%$vw>MbRkv|y%6zuG3wB0
ze6;S5VY)Jf9I$O(Iheb*$=*PXwt$jzvEwhztdM~NR+Ha{0vzkqOidr{&qWt>H`ida
ztz_W?h!t@mpd_sHw*2sz33vDfl+q6$+TK=M97I9k5Icgeg(b139<FSKk85!RCY>$n
z*8TGB0drFF1l3?<;qAn}#4@fbQ^cHZP&L$-UR+uV3#1jKa)J!Sx-Y%lm@3YCkW-}^
z=ZuLkxxr|y4gfC(&;KEIh1nGBH}AtICUB5VcSZS?aV9o}ec!^l(3qae=Hl4HWI}8H
z{P`#ao(5+s>-1609gh4O5zAxxF2jFyuS<LOYz0LTLpyBR_dSz8aC78~CRe9d-N0@b
zh*fHPc=WUvZv0p-iW-ou3Sf(}OC5jEfYfr^RU8(8AoMqH6Ww(BowM!dXX4m&K=Szu
zPk49&0>abZ!W)$z;l$7+nq!JXvO%zCo-IG;i@%A)Se+>75ubN#e{kXs!5SBwQ&*~h
zaz_E_Lv%(}<yyED!3~W#-V<~a9!z8s3>iZa_NR{r$AsSC5Ga3oSb@kQ0B#Zmt)~;z
zny`b|Jod6T7!c!?bcAZcUWXD&v);dZclp(Dk?@!FPBqw{!Jh&<ggfd23`2-@f}&Nq
zN;)Uztua^Vx@v?9x+g@@`M@fV($Yt8K}k4@<D<{~HTj84Pz+lJ`=C9i8vr_WIfw&V
z=;Kt>PsN)UsnE#E#1`%g*4GL|8)Kk7l~SF2bP44=>hm`Pq`k&YhaB&jn8!cEgiQKU
zc{`|16)zoZi7yluYA2otcwhUWef8B23k^-S(|aI(L4FiIJMXZu!yL^W6A|J}B03Zm
zIH?hyH%;nPLwQZgM4^}gds>LH3*7X~Q3|7fJ8x(A2EViE$C-<fwhi|&!6r(vbR4<7
zn6JAbJpI!+Tx(h9yy+j}!wy|NSw@Y)F*6M)DXNa=M}_sN7e6Vf_91eI__rg<WjY`}
z5aqnUb`ZxGT)dduq$6|6<wZuu3`&1sN!qLoszI%#Ie#g2{d!`(0GBJPro7x;SC{yt
zqQa!*@GB|Lh4mrIMnZfd#R&mMuk<8kZrwJ-xH9)~lRN(qSMB$HX;%^1do#5A=gB3p
z(e2!*_a`=PC@4K>`1n&Gl`4B1{(n;`pr~X&!xoZ{fii_3#&MW|V)SnF==Mh~7z`qK
z;W|7jT5!N`W>gwI@;L{v$+q#;O*nLQS0`b^fe}an3RdwuCC6-S%U<qI@j=HOg^nKS
zwSrJqmnRsl>lc{Xe6{0T?bG|8(g{Zg9V-?sWye?m6n@t#RE@diT5dDv{la{M7@LsQ
zrL#I8y$7iv{EO7whqnmkp`pQArG!#%kU$qonV6Vf&q{T;iYT*(4ag~oOG0ry`TlMM
zP@F?K_VLF!-P9%ktv5ir!@ww^H_K*@YM)mMm!SV(#Sppofutjw&V0)eMD1GVoxdfI
zbkIn%C_vo+?#x_dB+a1-i~68k!z1H~`Dg@ef(Qmod|1%&C5`F{*uH3aPKVww*(}!w
zFS`P@0fv;HVU!7p?OJV)gx=V56jzuE{3@*3q&&x;%A9Qd&$M~qu66hLHWJJ^IZ$*S
z4LkB76glPhZ#epqhytOQJh`|R@ej5@PJ#_n6WzJcD1f3a=bC1;8d)w0WmMHs1tV(e
z1!s;>PgBBcAbumCmNC26oS+@G*|f=N<0kWZE$Dp-@JSTp&}yU6fSnwnNMPfpcs~rQ
zxg^yjQ|j5ZL`>&!*v(yVzqxp^>X4W3n`(|^TT@zq+pH1Uqu$HJFySJ=Ecg;+wz+!s
zOqjCX-PQA)9>u+M{KI6S*JrL+&amuHy8q!G?Bxw((Ad3(e@w>d8dYpfSR}|zHrj8-
zk;&ff|KP(19iWcD6h#b*=8yzjIAJ<+4KWx+wzrSVNpo!5BwHDc;Bgd>KMY5rBO>bq
z^c>;sh>1MlO7)a;m@*(wI3Eb34{lrpw#QQ@>A6-IQ6LE*azIB}422pPhnj$%v0o9U
z5%!!`>=}+_ru^MvC+%>}@%i8q8vwVBNGu?DX}e+=hc%;9%Sf<*<q7%%U~xBim9TQb
z4Ef&K87DA?`bRWn<BU-1#rV9z6iw;i8{Uu=N`%l+jpBFlg0v|aiH<?GR8=+?b8f)w
zh49?g!;+&su<-vpU=4yAQTL;v_5=~;VAnwYe+K3h3cUIJvwH#7iw*!m^F!_3mFrfx
zMo57(wM-}&&du+Lw-$&6$FO0}ELkUts{)`_Qc_Y)E?K-aDle^?bL;ouUMTls(dU7x
zf`S>iz;On#e;xjs49Y30=il1jUf8I5n#$B|ufl0M2j$pXY<bzwkR-NZ(<Y-1OH6J|
zcQ|td(!%1IA`*2T5u7BQ?U#G4e$8Ja&H}eLzqa=75?@L)p4W!MvZ~%^#a<6B2>_#W
z9JNq+%)TZ4GlM@*Y(q_oV>Qk=CG_s{KjmPE65W6mAkNto!xe6!Z^AvV@|tKmuk*O6
z)cgZCAT4N&QMjMvjS-hp0%l;wLy`_Q<-q>t>7mrA7}Y4CHu5B}sLg9sTSd5(<ym$X
z1kr~w-QCS?TI?0n^~kN6-aHX0zh#RMq}>~t&-SX7eEOt`^#uVmKMHAR_N|M5BGeXZ
z5|(}zII2OdXzMTJ?V{q@1bd7Sq_$ogUGLhlEWKBfFJ-&n7nku$<a@xLb{gt6q>#+R
z$ngeV03j2z0fm@y(Bfj$GHu13l3&<B^HwAp&P9z%LT7MDkRyxo8bv;qWQ;%=_Fo|T
zUN}`Te9b=_Yrv>-L_bbYjTH^laUdGXq;n#j5e{=Kr&nhguQ()S2dLI91k8iA2!;VB
z-(W(Tq|aw|r{v|B+#+}aI0Y&g10o*fCTu#Ug7_41@D;4*k*VDbu7PO?*h&vJpY=h6
z(9<IsbMQm~T2#k(%2uj#n!u@n*&81rFaw|=vAtM|Q{r-zzUf3evA*|ku`82v5(SmK
z`MX(<sPyGPJQ_aD0VogpBFt3?A&Fez^{xq1u}PCGAh3im5f8vSDq=$OQVB-$ghOZn
z8x=qwMPR#xS8Q$sqCsvmvF0G;D)ba&uSWSS800HLuS+uFLAyVlher|&MidyDCr+$1
z&cl%olf&z1^IAbE+Rk@KP*e;@yExZruw)G`=NqM;uiW4)5Dq^CJXr7W(A#$(5olc_
z<}`uZ>9>5RC@z>QDmb8oKR!M7#U!NX6|WMeSpL~>zI{8|@%ZE5uL-ZR-!0Ln4!RoK
z=A5*ni(r~9Ok#+!<%O3Nq4kGc=P%ptopWV%j5AC;$(!M@EI<J^04&DZ^qr6rRSahx
zMk|$9dR6?($MqJg)mj!l)wOT8of9)ErZ%~*no%m*#>Jj}9H&iZRV*J4YdiD`0K0fV
ze)--a$K|ysot(LYp=V@f_VV&s_~s6Axcu8y%-(am^JOp==)|lm7PHzw+`3#2v&SB0
z`2BKzSZM}08NreEKaz1;<7XZ#xptQixE}=0yoH~=)K?!&j5JGXc%BDwg_))6EcC<_
zr@Dgrv=-L$FgZ#RD8g_1wzjpY<KEV6UGJ;QMalO#EiGleQ%!v5sAP~?gkCu)GjVv$
z6KBuvn<uIm9-z$Jt)}Inx(id3w(f3iIKB&7%^QmB2}T|^>cY*~iG957#e&?p%bqA8
z-K4uV>EXdV9IH=Ye0#H7Ow|uO<SGwuDbQ%Hm1PREF>6bVzJ@I@qg1|a#r{id+H}lQ
z$p9DAW<0m**xi)jik)-?omMsWhNNGhEqLJ}Q-l39nTZ0hs@=L$TZaS3BuVV_h+Hzv
zJa?4LHDN|^pOGdjjQD~$?wZxBZv(|aN$!gf607fTJw#idmybuD!Zt43>uRh<>heuz
zJ_iECBx64WSH#I@DmxB)W2jdQ3kPu2)WDK@m9irV12>W~mTp?i!Ax)3rnB`y_^o){
z3{0jpkmnHDE=%%wPM3#Y*9`gHQwd-uQ~~18T1CYmGMd6Wz(r!O`VSH6zN_t_A(Os7
zK2{A`c5R)VyRp%d4n=zX`jrxuTfKGn0m$_~!tELi5OpTSf;`jrK7D-Hz~BIn-Qa|-
zGr#3k_xUaBO{mJO1p<K40#NN}!kUEKBDkhiY%eblVsb~n+L8-{G&?dysw|^&pNeA{
zvskPu9KQ*fOON)IRgWA#{4Q@W&53i`eg4Ld{LdV<cRy)rOolv%J~=K=ypB%SKHURW
z8%nJW*f1BgcXV8|3;Aa{svYZuLSYtl&i8+~05`bQxivJ^VJC(qHZd}B0F0}_(&up#
zr`S;E&TKV`#g0JyYO$BCGZECBp`s3n1hK>=zL3T*w)<TmD3cF{C9ts<!341C<uvyU
zhOy8O?mf2zmY&RS;LFGrMOtrt1}~~35RY_DCg#VjKpBBt5sk2u1y@pkzX%#`Fb}Se
z-4d+jm>mt_(&n%Ci24nT4g3V>SSAZ2xr0v+MGOVX6eg;nDn!q@&SakF@({YP;4W<F
z8U+@8KWp44xb3djcDVn+=m>Z=uaxm1dj~9*Yp)zta67QL)`j!!)oG5U(1!mHWcz%7
z@qfTQ^1%~U%GPN3{s%&XdzHY#g+o&nnGWJ7=s(0f*FGDySRUe>u==U9f-v(qJIeg{
zXp-q?=KU#h-1~l?9kN4F*`Sx*gU8`F91=0&Via^us|WP%HzgR1>7Z&jVPmrw`&Tpu
zb$5V^Kc)&)fTdgl_g9E6M!NCt`z~C*97B9!&ddLlH}+E6x)pG^@G{hBL1!1QKcs?@
z?vd|6$78VP`^!b^@4>FIin6`QASnP1swmC`j4KERil6xlta9&8?$2HGXV3oL0&{As
zS3KMPOwNb9f3~-4U|weW88v$exMA3$-+Rpd(zJ;Ct80xReG{I3jQ=%(fEyk;QtENf
znJ?8;<~L{o7rw?cdy+5LjwDJ|Fet)t$8Hkq68AQz3Eu&HD+nIq@X5&c#TKOq^m~8I
z&z&E1Lw9_y+2bGIcc(agG~W`Z32#Zw&ytxcVC@)U=XFF679Sq2lFo+nzAkF0Nc2>9
z@V;mys?b1X4Xa*A?R?JHG`>2<#fek1=|uvyd-H}E?qG&)#IQM1GJ#<{2@9FX|2&#>
zE)0-J^IL)qF#`gf$LsHXW*VO)kTovi2@4CgOWoBGVEEoqjVSlA?48`J9(4P*>df``
z=f*@1rF4gE<nWGA^El#)ocmGqXCu#DJ~IzLdgM)KTl7w@HKfar3OskIjtz?^*>Pq~
zOuaJ`PCeIBJBMJb5KxA^$a^82liD0r?*TsAM0=Gl+yrn`LuPRtjw+6=2=ST&w5cH$
z77mYk!I@MuG+add{ZNhyWBnFF&oHmF3DqWPr10+(w|qhsTakUy5<sf8dkTVS@%wPZ
zR>7bz5LynPXg2R|`uTx&G7~SvheLh1yM`B-OqI#q2Pk!jM>P>`y~Ui`4p16Sv7?gx
zxXUV<OC>iVA*Q!6cL^y5TUuJ68TQ8X!0O!u%*D?m&(&=RglbQ?zQazvz{43lrz;rT
zXo{$gZYiLuddG8NN)2pn-#C-mg0A4mRZ?T1H`WAorkp{iLs3w*Vi_p}Fe)VMWH4IL
ztZs~RG7u;YE91iYk50xcfNQ^lxJruNU%g)x{I{Y2t?mT#J|3Q53!@)ytB;NED>B5w
zVZg|Qlu3juiSqRqxWlK5CwjM_dNR$vFar!u-m&@*7;e~Ed$gH<e;!aiUT92J<|Y)?
z!g>YexZ4sMSeXL=<9K6u+`q<#jGkN%l(q_Zt;zjXNg8W`0XN|<;LSMs-BEEKN9{^<
zaX`2-T11q%8>N>Uuy|<Pg$gd6OSm5@s8}G>Gwk*I=XZ_;Z2O@L5VmBZmg>a3Z^IEd
z!ss#)^V!g}wC9>LXW?_s!XsflOBl%0vltTc4Wzr58pm!KPs?MTb4^}XfRSM2&`lqo
zNKjcSCKA7(3C4-2XPbvTB>i~)%-lhg?xJ$XTn}CW0t#Y~9YajnX*Y#HW==JT`3lz7
zz;cMi-gAo=CVY}u3;r*6LSL{NG+rjE=(#!iPxYjVvGbr-%=ZAJF%-5mC=mQ!E~v*K
z{sABc0g=nmA>LMi)G&V61PDEh@gw1RpwQXBE;JBEh5%JmM~sKS@2|jI)fxqsBK&b=
zOzR$(0{ys$!NqX*;pOl(JOa+}7z@i-k}^EpW$<RuqkE0!r+W-xE~r9b^_jLQTYe7q
zHSvF_P_7B7WcZIT0!^KxC$JJ8Il+s@5YTo1mM}JUG%}9{slhs^fq(dmm#x#ngs{&X
zEp<g87)b+0I*xgxYggy4RodV_EL0h=dvfx)4r_6}wfG4!wfcKdl?~wCA7BCnfF>|E
zcPE(=18q}mnZz=v&U3z&mYOOKGbm=W8{gK$Xm;@fckpxBSy||aS{3^%AxfxvvgZyO
z!2NB_%_`XCqA|wrsj&ofQVq6-znn!!6HGdJ8$AsE7cRJIxb=BJ$mGpX)+qoti<T|h
zN6IUd8pLMuBxbI@*JYi7myq2Xjb-thH`nn%6nwks8xRl+lD-~(t^~0nI893cs^!>s
zMQ(BtR^kkeP$M|vr<{x}&T#eeYs>1fUtP&o=7wyf&#9sLIlI>es1C)7S}^Z@9@*K%
zG}W0fujGw*PdEQzsmz+=PcvuUTRXukUPyInzo%<Eg@R}5y1GQg#Nj-r?9O#-QQ*6y
zF%wm^a)k)u_Lz?q@QybQcU(Ju7Jr1_5ZW*MANPUEV2JECv>^a9Z+OoA!lmBD0+#_}
z{1w}_-QOFAR4q`+mk~->xPH7G3R5B(y^!6o;wWiAQ91ZKW>{5B#jJr;079G5EkKqr
z0|(X2I*0!g^r-YHvZRY=r*Z^LxR|%PdwE4+ypGvJ^T+4lAz-@qs?qTm;d?^DxMIZ$
zl0~f<Y&%zVqGyOI@Ewsc!g!7jw9m<)Uwol!P#>_3UABe+D`v3spqu<?;wcIu8<EXm
zEozn&{8i>ToRZf15N7vGV=>h(59~+n54ST!s_4UCGB*}#MU1X;7iJX{7D_<TgXd8V
zDo0ck5r)#)J7DQvo?&CGXk9rS*j*vMvtr?Ooc4rKXZh*TE?CqOCq7Uz=IsQcMYeP@
z^~Fct?x4>vKyqV2R-bn*WFwc!WZv*5qKV*L>cHmOTGpFp@k0nhY%Ae9-`v*bjw<)!
z1!b0Z3GE{qdU#y=1MGYf9sQ=Mi5A3m@0E4eW1{3B_EUsU%^7dyBUEW3hFrsdofk2n
z-F~UN84Tdp7_1Q2TOdaIQA;n51f;Rc$_Mhx2OcMdWgPG65XyAfTt`kti$05PW|gpg
zQWLQLp1ro+%n#KQ**n^cWaZiKgC_k&xH=Quld~x(hj*b4y`&j;_<2m69}1_N__+BW
zKh8s2u?7;1`Cy}w5bq;)vcSPmOt)h4zU9zyJe!oVHE#ypM)8cOsGBaeSPO?h^haRX
zRbWbj&V6=0VIqZWv0W}ia@;T@wqqD49q|BzAp&t3M;2!A6QOCS?RBFlPUypj@14g+
zMl>*P!ns$Tc5<&<DVR}*Qq5=71;QW`+LZK`fiJY(=bqBtyZLsAg~;MIASa2WuOK#n
zEY$A0loW+B)GFWrAuG~xFbowriO|GdehWDon$PwVo_B4f%m?c_xLD>pt`4d{lTCpD
z01tGl3u}BF@xXh}J7ryHpF<f+*R}W>u$JR+`SOq8x&$L$3J%8kH`S*`>w_ig10cla
zNrfd9e*`xHytg@c4K;v}@(>@{_cw@8rnj3HS*EfRC&yznY3z5yRAu){-V9xX_ggNx
zEc{BZ?tCtLtbSa0!GcHy(_&?ea$3&PRJ~K1@N&&PJ-!&|PNN`wUa`d)_U3Wm+WkHw
zNKeUHE+`l+KnKf=IEyO21sv*%s$|-gyx?>vE(?u<Jj|^D8KJ+Ni7MvDiI@)zRjFWY
z@|@$qR<eu*1K~AX%fOes4(ffl^E>@q$4j4NP-wzwbLNUO*aUgSgIq8=f@!=6n2J*<
zu;_k+EjLTU26Tz?CwmqWR0S^p>~~&y+yP0nYid}PPsK{duni7?>oSFZdDF<7+Oh}F
zMuvQkQXg)o`y}B+X<`<YPgE@pqBT9tQSKnCQ^$%Os~P58^UI&6N*1U`cS=uTNHUkE
z+Mbv?Jyh2vXK_D8opw_Mn(48f5Psur-+)LFwW(7X4%C?O7h#S-2%iV8-YbC1Dn-xK
z^yw-C+LT4tJYMY}q*d6cA+(VMa>68be0<#1dwSnOXuE)|wxB9|mX<~|+Tegpp^)2;
z6f8ensjpJG_7Oj&C!uU2@oP(VbWT-4CxGh#Fryp?)nmKyUfGpfYN#jI(#X#D57Oic
zjtJq);(V&PZ&v3nLHt5t?K}Yf1er@=uP%fiC8BRno}ciP*i1K=q@o-2w=}PDSs*G_
zEwrK3{0vL+1v}&`H>V9EP!%wyNR}vMOBPV)ie7LYofaApfPTLaa~Q-cx&xs*j%>#U
zv31JXp9c=d(Yuy30Wwyv!3@J;O2IFQD)7k`x+$~n76c6pc!{~FU`9gO!EN1$6`PwA
zlnGr;tC}AhpE4EKX!?v91bo1#CZKQ<2;3)jL`?w-bxfP)K6&z_8IvT4xH4>P-mPVQ
z#R=&fdkTOS#J|4@5HM+OX8mLonb_tUi4WNxMrTFhSMb1g1zmM?oKvs09>e?X`5wJ%
zPSC~2E2&opiSFF=>vUI41p)ip<v@x>xzhOJy^CxUpH7z;lNpxG`!J`FPpy!Vh6Q!;
zGjpQ-C^b<afg1M6mOT`?mf@ms$@$a0#-%+9@<Y!9ohJ%q^Ef9@b5uuglH5I*l{}L1
zdDLPGg(Sp4ll-X+;fcu#5&W2?95Jpy*n2rhXW;V+pkPZqFhN!prMbU9d6j`zywG>g
zjhLNc-xdcTiBBqwSXhePsNJPY8fc8+X=^wB>-hAUGb2$cP+W20Nc1p>#;`Q}zWO03
zku5+A7gq0eUZs81fzn_e{%RQ^P(r~fp`cJDwFK?NK>v>B=ZwIHLtO88It&{CDbB~-
z5!ay^Q0^;}*M!+fnfc9#kU~J)7C_7~iop3oGNwqKXZcGv>Am}r@}7%g2DI_*JOOEV
z(Fjm98e$0<-u)|M+t=9CzM=+B-KsI<Dx#!Jg?wTXfdNMxa)!U?`u`0LVRp3`$3i~n
zry#JeloC=><{goBCdcjEffSklv5lche=)z%F952tj{3V8DGABcDy#PCikbHcL9h*e
zw>e5OggwhZ_M_1hKa=D?zlLcq%-vT=kYPC3tfF@7*DIFIlV$w6jO&RrfW#r;alB|V
z*Pw%z+VJY?oonf8>;pg3<!h8rFI~3mlBaJf?c@r3yR27y`+l#D&u9_zdfbx2!ccex
zKX=*OK@LLY?7WeH&l6RTf@qBUzc-uYk^AM7>(levmN3Sd_u?m(C~&%t(0GGW3eN<1
z1$AKTB5JZ?ueNr1rY)^H(OB2QHzI<B+5l++7F=~31^63e9^yX@FZQTmR!l?!2eS^b
z(8n#qv;`)?wOfNTpv>N_tJ~qig<$dxl=|nJUr+IWxsXYGjKK{gd6s7dpr&C!n0o-!
z9siCS#INIYwG><)&9dHVzW%$ON}vO|#PSjl5-Qp>{9iqTWhi_efFsCtXX{Zg-gigD
z<E~xTk4-QaKQNbn;*v8dduumo<-jsD$F?x@o@_M-+N6)Q%Kp~W7$z6z%d5e`JAN>5
zChnG~c9N<-7PPdt&%p2<<c`O-R%_P@DRF?7Ik%czEv?gy<IWZjGK+J5a3n8&=;3FM
zWMN*gymGf{96MO!DI0JaNm=z<x@`gcc1c3G15Y;i3Yc5-c<=5B0HW<cbbeTm5f}|p
zTmh$fC%#$^#z1DX!U>L1*t2Ap6XEN-hkPMwf%+%={C}V^cZV_FFz4|>Ayq&2crR_S
z^GL^DIC4|a(mYafm=6XS<(Ct?196sP^B*by*(~(9U^G>G+jfqBsx2!!-eY-O+MIo+
zd(wJ0+dnlRzDL(W>LuAQWP%z^d!DBWZ=~MSY8sDDp^IowO!{Bl@h*r<yZd@*or<c%
zQ{vMB#uNrDQ?4klO$fV(iS=57%OhZ#e3`9I<8l~|c!5jrx%Yo#Ea4dU-k7+zvlpOn
zRA+Vkolj>SFlzzvMFHa!PoNi8#RPB#Ly=7X(UXJS0)^><O<R3a`F_1RK<4;Jh!ah5
zyKw$|^ZXA}IrQj{c!qGHZ$NAQf6w`$WV0>^Lz87$mxfAbI$l%sIEstSao>NTkop8l
zK6|_yD(=5EB3|n<@pYbMWE8*}I_o;bKTA;YlPq4C^`mrMozqA;kC8jsvS2epx)E@X
za1^E@lCyEJCPh;)jiG!M<QH2`d*-U1K`zXJZ-56xLK=wr5wZrN6(I_5-ytyMk_Opq
zHngu7({*2GjY^)Nr*gJDafbM55wX5OL@G>?r*vk9q36N$Uk(Z??62gli8>b~8B1gF
z?2rMiIJ$`H1XHA?Y0z7QF<u}0c|e!O6;N^+5|80}zX=*RfUQWfI&Ylc0>?ltBqcL&
z@{qiBl)3^UA|)k6Z1R6YGahh4K*?|(zSDlf@>9Vv);e?MX(zQG<D7g_am4D1U2$}5
zLEHt&Gr=5w+UsW%nV`Ob>ad;GXB@kK84zF+mE8I5<rar6d!&Pjoi_=##@L$_QMj7s
zK&PMpUwBe1Z_<O`0&{ER)ao%Yy=wuy;(<MtSclU&PJT$N(i<BzJjj&_NFF#Uc82|d
z&xFbi^EpC&Xu(;OzzD=aXpuZ|htIiZOKQ(WXYW0vxcV^pv@9>De3MI85A8=W;(xmz
z-caqai5RTu(qIe@qodkRdw&U7wzP~)45;e2KoTcZUC>50neibSJwf3tAZv|w+F~-d
zKpiyFeLpZz1)XU5oS$DaQw}y_WYN|Z^J?&bzjkyaD*RiJ{RQ8>+wJer@@}@9*%$TU
z$&9TiCMBVI#u5%k5ut|$TY$|CzK0ohYl}ng=L0>#`*M0sYIW6_H0x;1Voo7bYd1BI
z8L&+0F3!)GVC<>Cg*6T9E>g(U0QsjCDBVW7<9M+V$nXJVKK=E@1}xg&W6<$7<j0aR
z=>NhQ-j@Kxu)j;&tgEbZHte(?*$-*ElY4@7|ApJQ_ie#2?ld?}U+U{`162gYT`#Ji
zj6Qp4o_UoCPVDhXlf}*{a~IwTO>v$REu@q;`^{LXLIg+h6h|(`nKySZX!mDG)$XOH
z*iT|E7Ka{)%whq$M8OCMSG(5RU^Mvtrqk8o#2G3LT_yBXQP@xpz``Es@_H7|*uwXN
zGu`3>qRM^b5qW!eLNBEV%3i|Z=c^HN3)V-56<UFyu&@*Z<GhJ2a&m!S4L{8cCF%y$
zTBmbw8~&f*Rq+beuXf$xhAkv|bbqdUuhu(Tx;(a4nx38tq!;2mJUqAGw<}_l*B_jS
zuC_W-gI7X=Nd)39mCr48k06p$Q=~9i%$+Gl<MJzT;^kkE8LiwI_L*07Z@)0AN4IPt
z5}gB_nDO%M!LiI*Tf{p%wJ*7CHVgB&2VoPv>n=~WkYz~|Gw09;f@#XRoxY2WpkbP?
zhspEqc*Ac0DE)Z!r>D|woAQL>zA&bVvlO^;I@dGAs*aDw=R6zzc&yWFB*4exOXdY^
z^D~FSx~xLa7!{C?6wprk{5EM{<ep*^!!~Xfeu_Kay|-*KUv5UNi;mZq*zULWTihbV
zYN^tTPc@Z#B!!85pvOpxZyfk`@qa)Q!h){jk_jS$Bm&@SJG!dPor-pz$K_a%0ue>h
zE7NBqUlZpI$wsYTAQ3rj>d(qk5aitpmN}y!LZA)uQv;RecNI3QUq-q4>tXi)fI{Td
zqb^lQm`11wNu=*^G?YvAU(?KfG573?oY&MsZMnQ{@jLA#Zs>-#xnyp&pJg`ntG8M7
zAnjnc%do%=Kyzm{38$>sfPi9zH;LbHKPz<NAAOVAZ2RP1-5ETR++pk7n{6&Cecwla
z&ANCaI7u*WSVUVawMuUyj`iIuj?lTBoPG^A?rdnx5~zcG|B1fQi_@p_Q%~+q*WNRw
zsa11E$EWK-r9yFntxa#6mMOiBIINJqe_zrWqyKyr&--%Ym)mTnJ&B`sZ7S~VjnEH@
zlo}I1#~BrNpd0M^G0eU4Wa{qOQobMJ```O&HRWYxoLd(9B>GMAu4&^*X7i*s6l4_m
zt~1FH((Vu4S^VvJY+B8~#9f7ZT{{&v^uBU+ypz<tC3^FT%cB&E{#x<pnKvAs@YbKP
z(=0B#;67>PRxY+)fax|vb&E-JhD*z!?bTtaNd|LHQrV+jMXz=!>gu=$d-1Hfm;Ewo
zqA|DARR6}oSl#>=W;>I1oapbL1%ubed$sxPn<-Cs?kqT%^7g&%?0E(Ln`{CdhNaHg
zHh8~$xFtW=Shj+B^G&MJy7b-qH9K0&(_cC-8M(K<B9Q0Im#GY>o9Po5?45=Ydq&m#
zIC~+50%K6+Fc+UuhyL)^)}mPr8GF^Zr>D&fuZcJ4G}LpQ4?<)`W|OKkER%YjoGUzL
zCF$!^T)##(?T{bfcJa(_dwXf;a*2%RYEiZf4SWsz(lV{qpA4_+#?U)F%eGP&Mv3Ju
zWz>qbRIv>KOXZ6h|60FSCiopH-cGf8Q9o})v)Zk?-jnxk>C+X@Gu%GZF5YMZwRLo$
z_Nr%r+AD&m>hH~;-}zMDY3ru|;p->(_@sE}=+O)2?5{o6u3em9lplXEDKPhp$Z1Ut
z>*y3L%jA?J9tIms-oC9Db+M`SmYtk&&$g@AuabvvZe;-9IzGPX>;axRu)?5iFlnK(
znQz_}YOXUIDc&6ys$3vXqfOR474g}qFokl-^5YF0`dgK(`1jA?Q5zVSpXxGsYwwzi
z4n-rFe$jUA+PZN0d{&|V_m}6zDdAG<czF=!I%ob&%F@8y=T#(jord&{$+ENCy5iOf
zn;$xlnRTqTg<1B!-qp)@o{zCH-s<5Vj%?`%Iea2FKJ2*@*!z7-&2!5*C7Zj}nil^&
zF~V~-gEgyL#TU$8ace+pmEf*u{fOcFbGpLrMh?rn>W6nexN@?;s379k+Zhy<(X^9R
zSKDT7EDYeGRD1iWANkoRwe{NK8Bn!H+0v4}&Ck9z+T2*1L~(tJazSF7$ld+>^>(<J
zMwey|4Y_HBDevxUJo?IRdfZ6=OR4P3^MuyyZ+kna`?%6)thaIJq{6k$l<?s<(-zTk
z=iD^($q{pMt?vJJYm71Nkiwe%>aj%u$NRc&#ya#j*XCRjooG0eE856?U$peq=5tGB
z%0jLe6$MPAB!3Fy!+NyK{_s6!%%NB1xFd7ur=8uerQ0gcwEw+(kuM+BeVi%4;woJ{
zV19fGZ~P*SOrtB0X6nU%KP<=|0tI-yRB-o+ji0L%W<a%Ad_roxN$em+Y6sn{C-OS;
z#x%;JQzumLo5*p|JKt{_yq5L@>^d5~0Eq4{scnaY%*>zJHV9wkvhvHcINasmrF{MG
z2|c;6?a1<Nkp`o~pOzIr+^oSq`Mz0r>D>Fiyp-^^!g*DKJS#4pcm43~X#V~g9cB5I
zUqm(v2?Z%TPN!Ts60@WI&YEYFVaxx$&^N)xc-EA_L!ETV>6Ex2Z7FTRtg+a)alDHu
zie?7I&ay+R=jcmuXlC($sd|^5SY0tcv28H=!nOx}-+Z;a=6~<LF(Yzh;~Jkyr`$Bj
zjMH`jm*c1b+_58dr(QZlZC%H^W|D2EBJn0WLQOoC-+84^g`Nm2m|o@M-mziTzdy%>
zz(|UL#FX{xM<#boHqo`?qZh51%^Q1n=|5b6IkGnyyY-e|y|cQ(fu-rMGG~VNxkmL8
z|0Us-`kx)IUA%CV=Xm{=)5F}K9L|d91qENe7)3hqE?F|2GrGhl#kAszd%o$SnArSn
z>vdWsd=F`-J&#x~<$Ceu<?ZbUH=TZ6_@38TNao#h*4Pxv;KoZvQI4aKLKle1ONH&&
z)#b(`I(m<1y2`D4JQ`-9yRIH)jEX*`UGp#DMql`kzINcWc>lrdIa&0re9;~=935n&
z1hpG>nz|Qp<;_F_%yRWCI`xVlDqb&(4QpwXWvCdL&NbRIyZ_wRnJLy)D^k<lAE(GB
z@GXBD+?eZNYZ&0?zGDR?k5{P0#dK+qZm8kS!H4IX=3{>_rKL_CjM?|S{OSEdjrj)I
z*_St*dG)H9acW-gl1(?%^!U4Fk4j5#SQ}hy_G0clWKU}`T%L^#TnAIeN>qr4BK7g3
zMpu;9`M&DeuZMW&bZ7n*6y3(W6sUR~+pEfHIC<(!u6>%h<?Iayow<)xRhz4GHofZj
z@TL#KgjnOMGe6Cy_cfKZarL+Tb5OszlEHsz?;}H%AFs?!P3Q~H^=<eraEgz`d=Xf>
z(p7u5evs<nLp}`_(%(N^$r4%OyS)P2{`BSp7dFc5dt6!~qx;aakUHr)>hLpiJdA$c
zw&&p1bgPJ4oYBmtw>I^P#bAs%jLXU7ab1F?Xy(=>xsB;Y_Z3!!Hs*L>&51mTQV#vb
z2v9isGLnN02D~S|w)XFzete9qqOp4wRHQw)-8F$%uY|8uS~BL)KmFHaYRHh9*V~^+
z2Y+cLpnb04^@uD(y>G0ss#xvTJ+Jpwu~BbIgRRmoty|vvwJ3MjN=1c*mt9;;8)UdI
z$1gp(e0E3f)rH1CK6!ljwrm$`bjpI+{XgqH=s!Nl*R22dqP}^HUtpQk(C%GXs@H=c
zBcd}E>8c_tGF&)Eqo*6LYF;iV?|D}%fZX9^`hds4{ScLt_sWjR=@k8`6*O+^6h7Wn
zRp5H@?0;$o%^KC70e*d{^1;pn(^st;Sp7s_<-o7WC~40<LhJEU`Gz+}e`@_Ixw9g=
zGJM(<qTv2rPHEO?^b7=2&z_N1<HKLc-Bd_nn0=A{?>4Rwg`EID`%3#?>TbV#LbC--
zD*m<YLH_ONeXV`%f9^dgI0|`xL}y!pK|yrirgDww@G7GB3O&EafCXFn*{`*o!{#F?
zQb23Ls=+@S6%^L(<8w9?WaCeW80Lka97eUq50=X+0mj<}%~e)Y@HdW#;9jGye-36p
zW4>IW4Pe+@N4l6$yzk*s+sY@i(VIvoO_sKy&J66_7WM>62ym!m4@nN-)k!8hnlR|D
zm%!yI{>-JhH_Et1k5}!z8xGSV637KIEGR0JU~Qu>r{&f4jhM23f3emYwVpm4n}*V<
zjw7c5RQ=NEvA8gS)=eFa)w(37!uKB`za=6xgt{8OkmgFeKyV3HJTgPfvhP{|RmXG$
zrh@ktmuB?e^D@}`)8oakIdg?&8+4{w&w!8}8)zwL_zChmqS(V&Y;Xw3>!7p2WD*u@
zf`kt;xC}KX$*ad8JRfa2rWpYC1&x%6&`bhTe&}sGp$i6>lV1W<D66j|XE`6zsCdcf
z1)RwIiV6WD64@;qGnod*hA1>xBmq*2HLEMdP#V;sX#lE#MG>O=5hmz~bKn?3lIw}7
zBXN<zvHWyBu+ejt-u3e#rm0F~L_j(;4L#KjSk@AiJCT(yT6BI86OfkNu|_o{c@aw~
zI6Z)n=Y4m`4*olY#fnk5X^3isD>_9N_K5NG>J*HN0AX#t+$-GZJa!cC;wHvd(IK|U
zsgG97bs80FrOWsE@`-birWT2j0ST3duHsU^{&yQLMnOf8n^wFyYvQ+L%X~1T)m2q*
zSg|Qpz3UWR5NGrq;xTv3YcUKZwiXalUbrC7rddt4+E8Q0b#=JkZD^1u{2Cfk!`dT&
z5+<~*8Fgj^qk^PGTASyeeLnw?y;=I9><g>N{oT9w@e+Ca1^>Su&r?6X+6Ou9n-7_o
z5C#i|Nk@1Q-Cp<fup7A2tyru?;l6tRqv8^91!qaTg{A9och;qzgCuhYbSNM!l`rq8
z#&G})Yrubs0G;sF?B0;F!-*;Tf5N7N5KY<l)eG)>p!f!Bgm_DWs!ySSwGOy-&z>n1
zegW@Un1e=MS||ZJG%OI_fJP7qFa%O?@TT`lej>bbEW;I;#>00BlNN>D$pOId!@-Rw
ze08C_K|#|!RIg(Q7h<-J0-rUCKm_JQu$9{2Jqv^W$f}`<*!9eMMj&^hSGJIgp~Cet
zItKg&fSv4M(ndJb!2YVVVNv-04#>+GMz{@6^UF*rAK!$4Kw|p?=&=B(!ga8JoA2l<
z%Rh8c?JHWuy$Pu`8};lGVqSwWxf`K0d(B@4Zp&|*UbnNa|LJ~&rw0=X@XCAdyMVli
zLX`0x0)2`8G0bsG%E|&*%RplQeAWKE>KGt;BAi~LMVr8S4+oj~A_LB7s+c(<oHbU!
z78}%}<;#<UZLeI}nu~P3hM(X(J^&F^{T>4^O8iIK-`~S`5jqMxgLQOe)~~J<J*nL?
z_lQHl)~hZq%1F}8f%~C=0I?GQ;W{DO_An6d-CldQLBTwma`ME9Uq2*0aq0CiN6Ky@
z((oS-Z7(puKHIbLz8`)_qr_vF1@K`lCKjxnpdmOy_@k4obrlu|`@k65wDqwtx6_7e
zK1mB599>iSlWs96%NNGQukKlW=KxfdYhcYFMO+408(wf12%J21>NXy3eCORk=T7US
z;s&($_wUF0|1&<pbDQ0y$_~?|N^nLk=5s~r>7_4HfZCmI$dVTja7Jc1A<0Qd5H|v1
z#b+vd@h{nb&KpnBq{oZb9eny4x8XY+amot<!2cmwJ>;oG$aUdD+NUe3UM7RVO@KrD
zui<;cT9Js#Dz?`qAAQK`M}{OGbP+=i4B^Dc{zH<7iS^lqn$9XJ2Ckr7Sk)yj%gkuP
z)~4=`ccG|&xqu<-JeexfM?0@A#w{klgsD9|0^zPcg%ZY1bNG4ufT=a-HDjLQw__It
zZ%P$=tLv%E+hQyHh*BCJb;?a>vFWB$s^%)$yA5mKS<MXzn}6H;&VkLRirzck?7dAn
zyujjyxTc2Ivg~5fMFMWqy~8C|C_ZWu^Avs1pDf+^!`z8l)@tDpw!Pz3hkngBjgfeH
zi>xB-*CZ(&RCkTop~G+~!Hprov&bw2ruDqYc+RWg%Dr+MH{Q5)O8~wBO;NAl9vcud
zA$w}FV3@Jlyi`c->$uUugON!|^ME{?=Dd9Q@`#H(3)%&Tffip`B3y%^h|n^V*v3)W
zrhy);<haB{H!m+QZ59mH6ql<xii*9a(ud_;R9OM#lbBXfDED<@216D%{fUTi-q-$w
zh!zJR-Lt?D^YoI-jCH%lg4xbaPI_i$e<1_V(AZcKj1)Zidh3cn1F?~F8gU4?E*~Q=
zqdaqFLWkA%_xvUdXt<#0hxdBysKO!yvo7S~duQ)uDRD35o^4ZsxzTbgFKn!H3WZ_E
z{<KyzT0ed?%SMbhdMGs`Lj%VKv5_TNhp>;l0vC~M)t-<B@PjvoT;#VHWL^t0rj7rg
zHjVps(ZzE<$wmzHFfU4z;BJ}~XUpcza9bo|hIhbJS8Y#DcKpgP51`f8uRO&S^3nB{
zX<d`f9lq>x6CR8(=~JE6wISGc0E|8O93_|143(g(jhk#wN=wr}y9AyKgbP5n8kqF?
zfaJ7%M!qqXg6;Ku05a{4TUpK0(kfbB6S0>K>NE*c2Fjd@-5jJokG%`4sP!!l_V(^j
zNV>S>)qaMqog_9k%Fc$~kYdO%y{vmrJ9;Ol#|rMF@B{*paTe@}GG5q&#@)6Y&MmKt
zi)TTS8Cm7gf{ex2*j7mN89bljAG<Hu2p|b(!`qq~qi8c{eg)<FS^kXAoVv{%^B?zw
z>kG?(#(}<sEH%@d7>}(JqfM}={t!kL!;(bOW7XPE{qJ7Tz7D*HCoCv~M%Hvl>j<Q@
zF6~_}*J=ERu5MvULc$z)hl^IFLlxU`FR*br?T;<@_k8CbP$riXi*+my|0Rx&juJRN
z_U+q;Fup<{twxn&y<gl&m?bj$!25g)mR;<H>@5BW<`ghUc=3#D;0=khn5gI+xb0P3
z>O4Y^g@7F2?>L-V8idp%INyDn%FFq2Mici}Na2WX76%>_`4_IjW&aY4j8}kGf^jwp
zj3aeO@Sv8z=nROWphFKw&gI#YbeM?gJW%}2a6%+s=iaYp|74O92={fX?3oAs%-aCn
zz;BNFTOxvU`53m&?MJ2ZU?>=ltALMN0D`%CK_l&*U%+P7R@oQa41Y$*#467h14vXp
z^y-Q{wssVb2M!+e#Mh2*@Aygw>g)}Ne^{-3he{9pn+qv<TWus_*s4V-#KaayA~6a;
zndXH<fY?%+=7g}r_?jlWO2$bB0_ZHFJ>@UB-j8Xjj@O)iuUT<-<BpcaVDecuHZ~p+
zV!%t+60*Ki;9i}9^S~KE2-3VC`<fVG`$FWd-wz3q!>U>=A`+igEMXBK6lwDOlz$;u
zjbmeDmH?4H)YaXCN_+95MekrBo^1~T=1i47+R2lvEOf3!?1*403AOav!yxaJrDYN9
zRn{la-CK;MgL`3ba|)|dXZ4*_z%Xejof6-jhmGkd@M?u@(@(&sKS6C(-J-K^-$|&$
z5cuXX0}O%?RE!8~7ZqAxvwF*xd*Ca|fkCwyHn=D=-a$fH5)G~HV`7&9AX)ytP9dns
z1un3jtmrat#e;ARb9aGd4!R?k#rGGw7kSxoc>NiAT!%`s^o7JC1`^}rj|0Ct0}crJ
zb|_S}&x-FqJH$vz+Si(w81L+4-$jdPHHP!3NuJX-EItbu=4+^{KZDoS`7Tu!L(j=?
zpbX{&TkKlY&sFH`!}@m`0=v$ae4;|(ub{bt9el!1ezWDLrFWq@*57X%@OOfzl_YGF
zfe!<}IR=IR*d9Fy8`izXX3T(BJ9G;gIyyQjl?8L)@=M$qA<KVUD!wx+Wk7P8?<g_U
zgnj4}`Khijd29|gHhY6ghi9dCY_5yM(};*E_yk*Vtx{x;u4%K@WFb0)xJ>GcObM`^
zQUA4uIr7~)C2STiUYwM5K|za9+t0J#>b~QE75C5j(UqQUVPCdgHS`n;i1vL=@Tx2A
z(_wu*7VuBDo<rx88Go-ee$|<)rhVV{=dmY$$E2m`9s$SWIM!Oj5OH1wa_2Z(+hD?Z
zU(*2hf21hSx8FJ~Ii-VZdzAhYGG+4B0@qa8c5C|r*jACaHP>F4u?IP@R_D$w@01%}
z4S_W1Anb!p0R7=W%m@2ibI_lO6E{|Bh3!bsv_9J3ufx$yth*Jv|JpSr5N15UwsA=u
zdS0fi22B|0m+;lZVLyl+5Z0hSGll>D0&RQpk6Ob<+l%OH!Pp^w%HXD)wz0{c*VEk%
zci*Ymrt@JkNSInl&*1w>+<{RQg8-8Szk^N{_tG+Wu_CAg2s|A0QsF+NxOwxx0+Ss$
ze&SoV9x`-6U~;?d*|Qq>M9}(x3`IH&G(2`)@O~z?UPKyx{P=ZjF~f0mn8ZHAYXJ&<
z+t9ESO-?>GB%>EML7Rtu5Va96)*qUvV?cZ(zXE=upvMgf2{{He(xJ?Ak2}Zh&xYx-
zo%+f?eewjf2vXlvm;`{AVS%53Kt|QX<l&K>AZ1wD+7@9=W!EtsIb1kDc>DO=0Dx-d
zGI5d|cwh=T_K3OCCp`+a>ezeZoaEVmCxwcCi=W)l1`_7hE5BCYlHn`ygK`lK3Tb3a
z%uJ%Y-M#yD=+6Jg-kV3&y!Y{=I~+x*geFNm%84c#2<=2NltPK7twOU5B}27CMU;?~
zjx?c(5~V@4qluzH8dQ{$CY9#huD$nteQ?fs&hI&E-TT+Q|J=2nwH`;BzQg<Te!t$Y
z;q3dFI3EkZG9=`Ek`DqOqL`^dattJ$U@=W<HF0}`4g}_5Qz&Q(UWgJ(6b~gpS*iHi
zAAhWnV;~cG5KWE<ESw5q#zy`zO!H%Nb0c;bY~QX8ktflC6IwknQWX#o`ACJM&lVWS
z<S|?MNy`bI>I>+?-alIh?|Zn1z=+}~@=bAQUcSsgC<t0o;!cJ+f&`4<bgUZaYS4^k
z`8LoH=z!_ym+}F7@J&#Tmfziww6_kmT1Zk7KDTc;ceqG7CteDlSaHG621LZAEXEY0
z2aAS(#jE(lTQR~lJvGd-jvwmSb8__CewmQ%`%j!$?RezKVYmojraj(;p5KWu(oW!R
z{)h`EgTrbir33iddY8fmpRdEU29MxQsUueFwie-qNoP5Ci<>vlF(3Z1;q0?w=aB8o
zz~5d;rAD6Z#mTF;<oaV6!0sAosIPx)pgHby)(ga%!}j(GPxLX%oN#v+F}56Il8ruL
zEq_{%aEn=#=VwL|OM6&$KOZ5)+@skfG50C73J4~V)3Fj02$>r0-+>NiHLUWwdwPs5
z`zyw2P~D)S?E}%ecJ!p|VUM&xx=V4K>_n*Hc<u+rpSeZK#YV|#gyJw(4^kzGEyies
ztdOeO+UaC94X<*G-f6GkxRzCdBW#ndE-&`%%TBd!)*B~g-B4nH<vbg%b+AH9k5vCI
z6dbAO6+KB5D5yd$U0wc|QeZ!Hc}G%wycTLZ5<Xv8n7SbOp;#3C)ifJA{5-q6yIVeg
zj($hQ^~K3)@?mdd>kaJzoO(8p>zz-vi*cOr=@zN>LK&byG%pwQTyatOjT`52UPIZw
z`_Wxa7#G~!BH}g-M@e8ev=g>=i%)u}pdA>fI>enTM|0x-@}A%7E+;F0bNl@Un_^MG
z<7HiFculP=`d3!oPLXw&XjwtWss-kJTi|nrWE;RrL4A3PWvEDP9{<<w`*$u{uBQ7V
z5nR{YUYjwFs=9hzW<)Yub_*@d;8Nvew+5ZKH9)Gj5Rh6`rZcUAi&znumL7oQfw)GT
zYU`7CZWH((6r}m}VkMJ*<j<$oHSYL3$T+T@HAl)Z8mRilM#AX&yN4Wx)l6my6r4&b
zDn7BXv88J04dW9Ncc0depX}~-Ak7#={czQBaC2LwrZzo_)&5j=JiSO!jRA=%i3>ub
z`59&gIxsn+<YRoB={p5RI}WF_tKU-(A3jW8rcx#pkuPwi+vZRG=<nYQqBXe5d&h5l
zibzdWhL2`L4S)7CM7UctHvg`wIv-GpaaK%BQr;adqK?9-bWL>XkXXxTeBEhXtSb>c
zQ04Z&_XJ!^LPi86WKH<HX?8+*gcpaFr2@LdS)!F-6!Y-mESzk6R;>KDZZ*UiNB|*(
zh1B_!W~8Q`gN{3oJ!(b?Vmv<iX?}DP=u9urzLRq6;LzH)P+E=gj9K)h8JsV|XF{lm
zInuhDJ;x;7*XBe=OA}qXhzOCR6Nf5bL1+|=uWa1IrQ{>s>M^DYVnz=hNC93)Vu+F6
ztAYUwnkR_oW)k2KsYDR(75?Fpm+&O;+&La{3c{2uIx+F`guS0;gRBulp_kX2$crIM
z1d3RbtxqfGqWqDBB<R-(rx$@J4+jdp)&BL$T?#KRk_Y3xoUp7xyAIQnu>s}QnhGUW
z22)30e>VS|IfrqN4?(x)1PX@(zt9$4-POqbl?i^m593`@a`IlY%{EY!G{yK^%m|4D
zryb;>FfdiH5|aa`&>AqF(F$2r)exLR$`m<%o0;t*m*K>R%Ju;i<1l~!8Bf#G55Y_D
zVOG}d9sk~mUg?X(Q~wMNH=e3uoYbUkgae@A2buNj@1V8ZBA-&vL4&pMET+uc<_fkr
zY;7@TIJ5)ERD!3c%=NANz*_u-%SNS5z_vRKNYBq4<5WNzD2U*CTfvA6Me><Tb9qi~
zu4--BzUFc+QhCroM?M%Y)3x(p7SrrJTt6~=N=3S<KUzC&zN*bH>)U$XvL`16!A`{y
z&a>{E_Es9~XGnPjhUy0~RbXS~<gXOKYcEQ)P6=z@bs~)J6)8FAam(hoF8|pFAr3Bo
z>yM8@1MGP+W6rN{BJFu`;`HBL+p7cG)Ss;)>ET{QZI=Bz4`bEx4a&0ekQ@3#c*1vt
zAebPLb?0)R7<y4rky1BaRNQQWi}(}9-@ao9@5-xr;!>W!%gg)Xsz5dmq82NcgBkz?
z7r6WL=AOPC=$K%GY!+Du>DmQU=$G%`&jW;ZCbDkKtcuoFZ3fD@lB%jN+*&Yr@M<iK
zKxrXe<y1+(y&v0p`o~hvCDWre^!9QeiGPcv^GP36sy_2>$*(3+?22VKNkGTB!26JM
zjyP`On+MweY$y9V5LFi_K$~PQgSZ9bIqK9)=rCBhUc$n{h<=|1T}Rhgwp)!<n~1P*
z!CA8g(9K)n<)wZ4^jb|;=hEETM~)NI3nmwROAGABsecTTSEPr*HEC+DTqC3sfS+|S
zlEP##t4;!u7sA<oetx2=4)b8=^c^;bmKm{%c2^=PM2`-8kOOe42P)b2(Y;v*uz}V^
zox4k{ulBQ89t|R{r|B>>D@6OskDm@M<D@8|O{+WM<8v)8qWJm6w2TZJfYMvHZ}09u
z<(f<fITmcXa_<@gW|xfz>m7bILSzMpdG=N|8X{%|cd~*fVIm_cJ6jxv4X3`|ww<mq
zFUA(tISi5y><g-8+qu0i^b0UP@Ir<GfuMh~Dm{0LRHcw?3cO?F-x9$S9DHHj0^Y4x
z)TX6AtLv%U;ajNbAl-fjV25f(J{^!{U&9u@suh7Ireyri&6Px-|HZP$Yy3N4DLBcL
zZuqx`IN_!QR0jAK4=tWAz!(d=x_m$>IyC|m<WvzNAa+P_kTBNFSw!`^GvRpqL0Lck
zo9t+EzQ5#GQdcj5j3dp9S+kdJ0umO99sm)11sPS*%a;H>wz9S5Mc4s}yphj?sGB)4
zQGf)6rCS2>L7YPd@1a9jL^Op+N3aDKE_|rUxl6+5pg*m#<N}k;R2)MoN5F(H)))B2
z5hLc03UkCPZ=kD(S;RMMmJi@Y0>FbUj^{8W@}i2Wsuk=T3GX;7Yb~nwgVE4^sY7PL
zINOpxhI=hql7=J@Srsk{!S`Ybm;CB#VR+CY+GLBfvwUc|dY*L&di}HHNJA9W%jeuK
zsI#WxA=^-1Qpd1vh;!t2wlPalWq3FPLJbVxR^byK!UdI;k1IImH9?amTM-c03xGWg
zFt`&8^KipSZT22yBZ6@XL!DD+&nB4{!TLc}R8+JDAbFD`o&Y>T1$cP4o%fx!+bTq8
zb<SzI^x3X#;#&|C6Vrm>i9}~$kkL7L@>wU-XZXv|1sTteUeQeESKE^()lkrt4wcSZ
z18*95z~BmNq4Fc(fWlWnk7m<C$3k~DXmT(4rzrZb%^ULMROxcBoaWYza$<riXqek{
zU|vMFS6JAMs7wv|lM4W`=#*xUp}@{jA?-_|;s&M=>I!2jR9f}!l(gR#vOd6;WdJ^{
zF`1d7cnZW71^(Ijrz?(njKH?h3M}<Z81G@9;X~2}<*`Q#P==X?W8eT3!NhYB(~T8q
ztRvfJMvpSU&4p9WOX!9nO?#A{*T-!A*Ab-S9WX=qjZMSoYMyzN2lRa;#PLvYB`zrY
z4RusZrHI-b2(VvYRVjfJk~z`LO&(>zw~V;#Q-Y|5MTLbe*rKk1c`k6`>tSK9oXgZT
zJtY~U0J~I0ZHS#FsZC1709i}!qtg=u9KZw&d=wl~(jWlG-@QWj&17vMY_tQEA4#S8
zj4CP*%y`Qstruvl@sA$i5!QlUG_;sJVT!m#XrZ@Y>Hxf2QWFVtn&U4Y^f3AuZKxGr
zKX#a!njXNVP_>ZA<IJzt^c*&DX%oKU;=$9~w)DLwzP4nu#*DxeG-vKjJ^wk$AuM1N
z*K>#<1DKPLel^mIH3Lf`G}AF{BHfX|3sFa-u(HK@OE~bMYS?SwStK4!O^%rNd|;N2
zNiwLd&d+6XytStgeQtfXi=ACQX3w+pA_Y?;rP8{3Mu+hBP%#ygv`h3`(&z?pIY_D*
zG&nqX+LTM;KIJhelacho!n)AHh0VU2k=+ekYii`M4CihRb#?JkJp9<CzO1g^<2u17
zy?I{kTfD@#wWAM=jEu;o@J^fd7+DE@;~-mxk<`ESnwodt-rey0>@hiLHEx6Z+^^Q~
z14<(V)Vm!W9jgI1)>c+VJ+T1Go1c%*aE1Ef#ooE24USDiBrVJdJFJ)<gPl7MV~(=L
zO85Ze>fgYOcW56P!GQ%k1Gtw!B~o#}nL&@l4r#BkagnIaH-rvY3CrjiUdc$pqqKVV
zrc#939j4SndU?96O98S~b{S)mA3X|ypRoIJajT0(QSoe$T2>X-fm;vvzhmNM?^HCc
zTl)pzEq0jX0X6hsgZvHqw$FE^)*SUFOlGI0hrRd#<j<L!kNM2lQlx?5(<&U!B|q;9
zljJXVBR8DA1*eqSrlyCfn)+>J>RwQLJ7MYEG$f$O^iINXeaj--bz2)FJY4*db6+2R
zyEpL5$7=X&%#iEc6O-MqC%@@)JI{EuFICC&Xp7x8Habuw`;{qEi{`i<=U^EIw#+)$
z2r6#FEDD*2QTOl%6_tbB5gNCqhxvTe0Hbv9_WLUVBJL2tFN$C3>s|Wy7raiSzZ}BA
z_SnSow9dg4zBUQE@_@f5S8~=!=&f6;aK_#W4V9HsQ!e!Ks(g^r*j&xbF0a6v8)2pB
z?3`dQ1_u5iw01aUK0r~r`7J%VEjYPf(Ib*ReA=VRH*AboAAhXkT7Tk>f1)v4Mb3J_
z%vzoNq?CGyg7!N)CdHFVwa>xC6cYsjcX1Sat9l)T7rqU|`0vBRn=!+~oACazb<sug
z<K0p)#TYw<yVTj)nUBn+%_W^JE%_VNR<GXV>FF8N%`KsF&Jlh-(zgJp#`N^wljorO
z2mVAD^G#w-FeyZBK%^yQxq?D5(8V+6ahk;F09A#uh^w;<Z@YJQ$b$bJsLR$(H0)5!
zorb|rR7}hYO7;yq>%RWAOyV62$Fq)o()+K5H2F`Z8Fc?Z13OL-%z4g!gMt@LZ=bCk
zOB9azCC8zvew4++;$)_~yL%wF@Y9QBu#N*&`8)<4%nsGDnUsMNMQ7koh{evQ=6R0}
z@c1;Ah(w09{jm==3@@PuYU%8}RA+g1wzt<;0m@_veUi64k{X0^O|-TERfQ#~G_KL#
zi!qCjBJa%q&js6_e){jVfQ4J9y3)D5K`fl7SCH}~1hJqugTd&mr+gmcRgRQm4!cc^
zw+c7V+mElMXvqX8tOxwDK$TmxFcQ7l=ZVSKl(ro-PcOkup`8BL9l@Uj&w5zkn-S+*
z(l?U$+GftE`mWxkK7y%6J53?S5{4anR<Qv4qsja}&U0&sNU&I5ifki<)k2h1nOXWA
zRk8K}v%7!MR2w}TbB|fGj4G;JZ%IG%0)qr|ZFF+-&fZlJivGDt8`9v;_G@e%XELJ@
zN{ZDESsbFy;$=Y$ak1yN$p2%-*3_SrLB|di+cRx!TVUh#v2FNMr)HnWkeP_}7*^>%
zUm3d-jLtS?1!@*&OjJD5C_~GkjxoEKP7=9vLLy+;0bq^nA7LbB71TQAOfw_GwO7hh
zk~aQ5P%+BWgYtRQ-`_y0B!h^bp(MyWJtV_n)iI8zbZO8j2MB`Om(@XRFIuq|mUA@a
zE5ds7`6&1&#@jH={p;dSUHi-`&d0VNH?D^Tji1omx#uxPj5_dWMUU}Dx5Zt{JAzQI
z+zpy;@)uk<S3W@1%hsuDE7S7u5?q4yOxGPLYt2Z9rK3y-D9UkqFIm5SA*!KJy1=Nb
z)DoZdAB{BOr~kkj&9Izp;g99to$=&{4~-g&@rI$nDT1{L0J?KnIRP0pa>ds3XBKHD
zvPe;oVBa{;A}@L5IreaH@*^z>#Bs`yq3DGv@pxx)suqwWPK-_@1LolCxq)uD=h91;
zP9;b4ymj<4TmseP60{n#kW1S3v=QSf@mAvniM5%_8B<bIE5_`BRr)NPbJ)Vh#>7kk
znF9(WW5=X@+5`MTtO$1(FWx!pk8p7~!aaZwiZF`S&t2YG51ktdX}vVo<&=K{J69Gp
zf4bU?g%-NGIORvOHed0!!R0aJq^pUs@oy~yEXv0jl8m%;11UBh{S~x{w7?X>)ZXd^
zkpO;L2J|1on~k*IawVRgZzFfYLJqht)cu80obS9Zn7*u%zn~*gO^-DcJ99f_^lx~O
z(2J`JE?DqjbeWM!Losd1^-Grx>c*P$9y0FV{|yJ*#o*vQDgDfMjbps2(-XOFp7aIJ
zxicmIeh;rCM@qS}Cu0H)Ckk`WInt{Z&|R*kfZGA2W$p)UZ9buk6Gp`NjF^OC$P`x}
zMyUnl1c==bIji8LB;D)B*a&!M6Q(_4RzQqG+K=l>YvTq3TE4ny!)56EfKC&R6>dsQ
zPh~o1CzeV?yo>Ul#SrBqr!^h|qW(fV1x_1@vjpL3F$}xPh{BxQEFj;cAwkU_z!;Hu
zlZw6^1(rMmSe81hSS=wcdH~Xt`V1GT#Kgoiu3ari$rwO%!qVl-`Eaf>!Li7S^n=1R
zA8w7!UK8@(B`#ss{oz%?Ox}0@iVa=%N}}0u-|2b)LLss{a8-z?Y^7-$pNx!5Oi4yY
zo2`w_1(4zFC+n)sD#F9UNY1z887OM7Yr8+19o825Y_uzuKJ4aEQ>&>p!JH{nt(nI}
z2UUo7sa-*_Pdqa3t3e!q3IbO_Vsn0ge<TQA@Hl9$-?#w-0RJaXRv}tQ?@{^RE7Y3t
zFIQ!7)15rB^SGmj*q9DCW7Yw0?I>a{%wgeSB3nN3PHTjb++SfmN>eV8wZP%3$?Y6s
z#$3r`O)h!hsol@TTRoV|7?7mFfx$Kh+FTNRh=%1cM0Po#>cCLpu4Mz_hVKBc`UTFU
zD|qdq(JBxm@D?J{ddNBJ@gy2A82rGXQ~$uch_qWPG`uTUt=jE;{XQZBo*~&Lu${lA
zzrVi%gV$}We1cyeT)BMtC1Vql6J2o6n&sWVDF1D??}8<B6B#F@%Xb17CYw$t3|%oS
z-Q`~QcfbDRHQ{_1M!DEOAh&xZ{Qq;e&jO5R1BiA#7ROE?BCV8`-Y8!Vs~@sr#j7Hk
z6cy#2m7To`p2BV$_4G+CeFA&V$F;S4A#p55P&fKC@lfIj@xSQVmv>m)I8A!$H)`Jj
z7~+IoI&!E3P=!E@d4V*}s3)_VCl~C%hqZyxduR{QA<A<C@#78BO0Wu61FShZR6#w_
zrQO!Jt&!=!pHEK;EnEpWlToUkKft>K7XE9!lpo}JW{(DGUQO}n6&9yO4+uF#8hTh?
zb+KN#|A|jgNy*q6smOBQH4FfwA$2tH3BUIAl!*#orNz@7931vx@g@Os($L7rAsqU<
z_uHlJfk}|W>cat+jU{2<nfyhv!yMIXBN^%G_8u-(Y21-p$t5XyeRPY_X40&+x1%q1
z0$&X`?S^u3JqDmmoebZvj7m;Q(3nVG1(l_d*SWoMAfkT=giKl|8~@W;?xhK7q7C|W
zf;Aol8RN~TPj`XIfCk>by14MIA}YwHm!dY9g|TUV0YEOZsDxErZAq1mC@m}djCKbZ
ziCD!Ao8|t!(Ph+p5W)Exh}-zXp!o;ja%W>(hEkrYsw&C+aZJgrO)A<OISt4d0X2{=
z8B=$h_sk@3Hs{=yUV3&T9@)+A(<w(0D3vo<x&m==pS`CIq}3U`f|<>Ez?De)lf=)|
zRVTcFv5d<~;a&zQ<j0B>{uhAIVq{V8m>>JSc(L<`nawQMHD~H7E4=|LlVApz{YZ5l
z{ecQjpTD$aK-(&Jzq1+b?kH=<ZCHVGIAe?gEN8&N8_>EqR0!igZA;5fS{FACJK>S7
z$1A3FvC0-b@c@jO2oMJ@$yCWXKOw~>Rsnr$H~$GaUVEX-7&AgQ^e5;ktYN?LuMcia
zsFRh4J1@Zr`o_@=qivj%JMDhLWZr{*Cf)HLV57zzp1QgrdX#-5mw==B`T3TiNseAW
zzwoQ-c6GP=MSw(Me==Pop!ptP85MPP0awv8!6-yhQjuOs{a}ZK5XB270wIFtAT<Ro
zc4r1_qzDP&AWzhW$sFdkl~L=f27G_6sX4YPl{|v)nj0D$38xallOtvkk)ESsuzn!U
zA?D9d&Ib5^j5P2PJsCw&0>t}+jNmJ&KUe2px?cYOtLFdPRWth?HNVYF4$^LM#hmX`
zP}+!jMhMfV!F`f>><FWqGc-qeLW<_)Sy%yFqva0(U%%GTT@rFsfwiukf+Q6kG#jM8
zgK2Zj9<M-rLISqCJXoqcwyju{{t}PcV}OMOl!3*(HlpFkB0nW5X%j3*NE46Qk)TFs
zttb?1&6SFYlN^O&Gb=zD@WAC#MH#Fb{}*BcM%(cYj~P+ElNeI0Xpv<18?kX1s{o(|
zpWcgvuL^&^eDto5?W<+dd(m9XM1zm>5htD)u<4lAlt+(96AYM`co#wM9CQD^j;qIy
zJy-Oo$=<z7@Zw{D(neA_{7PUuO(GZ)YtoVX08)3stF0s2v41V3?HCALgj@DB80~B0
zd<_T;G)`6#a-acN6SaXi_TDS{Z#X5PG%56t;Zhz$CVId=e!QxlK5Pea8UVPAF!%r%
z<+hRBAuNc=t_36iEu1*_@f)TBX**E?Y5E6Hr7}CP!+VpT@2#q$q9koy+TZsJY>-Qd
zpwjQU+0RYs8$T;fADaXy=LAnd@eE_R5WQ%_$B0+yOD9#=fAdQ;KbwmjZEOli$l_1H
z1^a+fHIR7UU^Q%X`ePftBf`BNJD^iTc)?dwzJXvMm(mmKsXa234jkwT#wn0<NW>1h
zd@%qa=x9$O;3MQXoRr_9rX*qEdpeieL1Kl-c@MP6w6QTlfn6YKgI4PssNZdOx$TN{
zD{z+&1&laxcL1lsN5pLepK|TXQg%#g`+U7vKi(MJ#{ctzZKnQzv)0CZ`v1aOJIawu
z@rJ4PSUoz39m0)>X>y#j{{B|L^9}81{oUGZxYiz)VKs|Z7iZRGTkcd0*<LfVC;N$)
zZQk97&niqf$UkrS2C3t_-FU0e?JWA}xlzw65A+V0NkxGjNZ!}v<Shuwn6q$A)NalX
z(rDQ_Zr2&Jx;}U<A4xv8&SJs<VS|x^(c?949PG@=aJ?2#LhP}|yt`bqImGB0=g0s8
zO$Le|DO&WXD;ehQH>`Wc^RichZ-YNWJ^Plj;85t#^XR2PyO|cm^<$aXnj&4|aYn{P
z{F>Ng;egL_)#n!i7wx}Tp1L8<cs>n{jqeYJ8;)auj|as73_<XEYP!1*VtmsYDYG>g
zbi6`y^7<d*=t2sym;X5h)(pDFCD753DIpmxWB{Z4c|7LDE2d`)3o~FUK%UeIoyz)p
zQH<ri-M?8hVsD$=+kX>dIL_Zh^IcWO*xLSs%PA~*A};TnRBEqqj5Aj_CS{;kK6NM~
zgJ2QlCJo;$-F5{u>4lmeqVNMC%p>?jP6G;t9RNw|Mr<aQkIPrAD8MoNer6f4ZfvSZ
z{xsC~=yhJAeK_<7b_PT)(5@Oi_)h|*N`!k+rvuVFfktR=*)kntR_3~?m)@qxdnu3q
zFAKE9;s~JJOE5b|wU%DJTDUHSri<we1nwH^%J)<X*=`e0PQu?IT|EeLu%6I%UZ-DJ
z$o==R%E{)y0dLGRWV4M;U#mhzoi1n`b@$mn>^Oc6f~FZ=W#f#apS9oD)-F*{m_tx7
zaQId4GT%K=oX~Ze@Ud&;7FN1>xJjSnbidR5^@J<BDI8JuWVw=ofb^Vb<^NE1TrdH;
zbXJk#zcjLDmy|R#!pB)G1fn9b=lni5xAcZ3;t)1`Sy0roJ$@1l>aVS>FJZ1tVzZzL
zm@BdN_&w9LU?RUMFTcuTxL<V7at4+)<M5oUKnPhr*a=~v?Gw@=s<C<Y?u3KHJ^N`!
zhAp;kfv|soF{Y&}7f|36{7RrSu6|&+d>`6rgxH?@QAJ6I?{K<kv>Dg59_@VvmTD51
z&3A0wYPcfq?}_6{R7`R&yed=J80*MLfX*5;s(qlbp`@-o@%1sNQ9wz5F;K;O4n1_~
zpqrUVOpO{fsGe-EZsb^f8_>Q5qo1ZBcoZmsTT|70;@GjOdcV@r?IEJ+y>#tyw?MeT
zkK;N!IQ}A_+;iC~de$R13sf{b3J@k$Gi>$wy8f#TC$PaWiE!?(rg9Zil+Q)`Rd6p5
zl2h#=CXaD;o}2Tte-qT+Dj+(8eDv*$7tzgqwSV@Wo9UU67yoQZrF~|}Y@vKl-@K~w
z7(OGC@7~appI>}^>hO~XzSqSTU+<3n&(G%oZ_>4r_d89eEf3*4IO|h0T`_F`5#9hV
z{mZ}WK5WUZ$~2hrzF1mrrlxJh@rvBR!IsREy?gd>gS*{(>I#N>Qg}52yv8Pqw@h2*
zr&X*}SmPE|u<H*7<2TFGr_H5y1lVOQ`uTml_*E?JceS)#;P>(}UH!Yc_c1fS{IM3k
zfbop$*M8Tl+-neeU}zjdtgzktE{TMPE9K@ajBP%{Kleg&?OU@qxw*e77P%m(Op)gG
z!9ZyCqGq{y%;Lh$ajOc4`>Vh8ueNP%I#Ds(RrJ?Y+|WG`xl}jj;3eBwT`dQVX_BRC
zDm5RAdMo;(Sx@I|mFHwh_E7e%tNe7Y;%KCK!Pkls1IV@U-Y7|~TcGg#<hk_p&tIQ8
zPn9%fB$mD2XtA>#^TMxg;>(Q1ECcp~tKQWPHkpNM$d{+&YcxnpS_f2Jd8E`Hwd}#7
zy$8Cb*FNY~f0@Rf9(FRHvUI_v70nY9{hzbXs>{%FF5R9z`;>yZNO6JRv98?`66?o`
zL{3HD|1A$eBZaTGJ(`seINQUE$)lK-mXC`p4eQ;;9L*H&WSV`v-i}QLW6iM+&6-A1
zYbbwYozN+f^~*|8%-I?7lK<`7uwBN!w#{_fvXAVRjhWvXd~Myo<-cK_d6VNVu$1OG
zpR!n4r7-M~*}!DPy0Fvzi)0QTPAqhpc(>!b{PO&M35n12F@<9Kr1Gr!Gb!E)PghS7
zyU;&AM9H^^;hG=mqYhp4JD%dmI(;cR;dk=S4y&oOjE(gdke&PIYtrV~9d)#V_5y*=
zBX8B2Z1%+W@{0Z{=1ibUY_$^|)(u>?lt=m9qTwg20w${?m0}ZT-j&^{wZt<g>`LXN
z(91fmHOs_qvhdG?m`}{9Fd|KfBGW5AGmcMIwDe0;ncr@kt@?V>s><h#WPGn*m!36y
znUd1Y{7OM3mF^EyA_@u$cFhwy2NRp<+*F~82ltNJ+aOr}eeHtZ^77*A^CYnhs2N<h
zS?6=@MX8wlMv3XG#LVBlD>V63F(R?wG^RI{c4nTGRGU>n%jwo>;{5!_${QuP2#=nA
zJgebk#Y)S7tGYo)8$O72$mnbDvHzXY;_mM+I$A<)Eq&>`{QJPU!A~19r8ElLgB$8w
z_BzOwpFY!Stwr(6%zCl*_ZgH*qrHA9%jV8wGAXA#)Wh*d^O<wL4%RKCUd5kpI@d=j
zd%=|Yfa(bu1z(>QYeT`64|e)ie|?*ns<{9ByH2}1;%c)bA3b7PSjT)~>Bf6yU6`88
z=`yg(a^sH$M`P^vYUP8Ir}pXHe(7AGPWSmf!U*Hc7pE%!*(GRCm)J!WxW1L*f0Mqa
z_C;k?)wyT2bLP1?Z))5?an`EVA9(Q|Kg`8t%P8KLdmBGTL<S|%S;CY9%+{jJ$r5VJ
zK<RuH%dGQOLmf%%^h^a=UaHjEDU{`nk9jQPcD{J^a!TphvFXO_2MP+JYA%Zu*q;Sj
z*Xeq*6OHY%P78BI<`?CjWJGB>Kd+6X7mv`n?i8&?MMhLs&ceByHcj@uRX^4xK-Vfr
z;eUK<i_Yh<vA&ImZ7=GAH6FL&tWjw~Q#yYvU0zpeOU~pfFTJh#xl&#f%1xIKQ$pcE
zZ4+9g@3?B!_s5xFT(*^1Ww<7E4*KFMalT5ZSHgt$Y)3iyat|EqzCXS<?Ktm6dU4z#
zj%!-l_hOj`T({TFdufUeoVh=1)~f@t6LTkS(73CWyw62ThbL+r?O&DOaK_T8dZeeR
z4PSEc_3hFb8StXmdT+N1hvhq;vS`8l1kbMS$(MW-ffP&M!hFi$u2_8MHFn*hre-#+
z+)07b;NV^K?wj$Mg`%xr-|h$u|C0;g=SO249m?YN7|hDPu}<TqVYIiqS6*=%et9ir
zt0{Ls=1G1<fVt^@9*U{l3O9j;-qE+k?y0HCvET1AnznSuj;)U#R_>(<P)@zSpEt@Y
zaA4SRq4oEXAVW5#lGEdV5zlRAu%Kknq8CwRt>Fz{4fgC8b8)g}(LyKvX8OjD@Ay^V
zE(FF0FPP<BsP*!>zV6v|4UIRM;}VBbcJ8AXX6Z|h?HjB(b9?uA1*<{D=-o*9%!u(b
zM>Bl$lA8^q^Y1C<X?a>MDsA>OaW!Y%%c0X8P4jX$EMgA_7pHBDq+iXxvv8iG#pT*?
z@%2v+&M5AyuQIVZzAuzxBPl6oKX(TA&U<%uxNG1>I}YFH9=gTgADR;@DMEigyJEW>
zO}GBX``q<gilFVptyWnzEo_=V$_VFH0J3EJ2CfaXy|}qOttl_?R_XS~&(y*K7QMai
z$XY=@z#Xrzng1|X^6mWj7h=4oW-Sz^PRx3%ek6W!^G4dD1tJB<S;LDwxAnc>z3bd)
z@s@q%VbRJTPce_al9b$a_ofeiW{P*r4zqP`Y0st@vIiBmOkCi#n`jpa;h1DT-}Ir9
za%j`0pwf4KDfD4u#<THi|MX|))6)~oBY616=(5i26*p<$CV!)RxFmEfP&8WA@5SAn
zKd<<>vrvYhEwAB_#ngsHY7V)_qb)vM?d}gh+AozWaJarHOLWnK>An|vi=94Rjtr9A
zq<dnuhN-Ec=kW4{ZLN!yu`PSL`tJU;t@4bwQrt_n3l#lcev~ZVwk>|G*TP<bMYArm
zWIb5F2V9(8@aX2e<uZESAMS0FlU?iTHW3@N*xl8~(Nx?oKuTb>fx-F-E+;ZR2N!8R
za%`No&-9buM+sK8IRKM0nT6Cj6g!{`W}X`!(z$2B3axbi<aRIVmRUyr&F%Gh!*gfp
z>u0TVytHfNwXA6Fv8AMP6@7Uv3iLXj^+mX9+?Q`8NVB_6jjoY;b<X-s53!||USdy#
zmS#rY<s13?5_xZ<dGJ)E<h^Ss{_krvHgs)Hl<SGrM;<g6S9Sy{Ik5z1ovxkcw|hoq
z)tm=Tn<fg>-beHaDg>1D=AKoS(_Dm2?fXa#U&qu`^M;^f$Bs5Kq$;p&8fUppdVJw~
zlapgKXyQ4kjEfi*wnk`nv*$%FbVP>l6_r=D9&zbzJf!chOJ)0boSj%y6tC~7KU-n?
zZ=XLPFm$}1e(^~(kNcd3f)R|#+%d|gO__ZSzjZyfvP+29dQ0c3dzVmGET74Lp^R55
zf9+Z^`H+yzkr%v2Vf-1g>gMd(%wxT#0Uxu37wKMY2~}i#={u_YC~Y1}X4A8CjJuPi
z?nm=u8#9izMYu0cPd(QWN}DowhQliCVtO;&dKX+Z<aWk-<&9S-3<s*WJfl+=Ligd$
z7@saObt=zyJZs>zlqw$nyN*G;lbZ6}e3ev`QS0Q*-!ti-r_i_jeqj08$;?>EPCK5l
zJ=Z^d=Wx!F!f%$4kgK?vcd7;T^pmPdv4wAB^k0725qfmDTzl<zzHcwG)qeI^*IwxK
zc1Y_b_>7G;7Yu#b_9@`uY(q6oPF>Zkh@JZcwJ#;Fhw&2n#`EbJV|F~2ziMjB{n4Ro
zE?)-EUAiEs?RxweoX+Q*``Nn2*g6n8=e6d!tUpPf1`0E5hW+pU)!JSN$~3$Ct32b~
z8Gb7J^<L30r1eGb4<ME1vNXW}5~T}~k+hVdD}js@KxiPZ;eR)8-I}v+A$u9JAE6lk
ze0R*9E8xnW+H3Ff3*FpIO}m>0efhbdAOm`FOekx^`t?d@N5AnT(HC0)W}7SD6O3Ub
z2AE9b(%nTO&DDMX3c`wZKK@lp4{9ZR+%S#uUx2IodW||N1XlQ|ZS%Wj@2P7}d|Qps
z2y5)i&|HgSD<d7U9Y(yYb8`ZJ{o>ODidV=ZFTC>8r>g*kkEi@LeY!P%$EG3d=^>U3
zIs2)h;W8M!FiO{sHY6^qP$%yGT^-v=;JHN7PU3j6^o4Ek<wPk81OrM)3c#ogQfw<m
z4f6(=%VkAU?O3O`!iIHkie;dP<tZLeN5YhC{I+{3kGRiAwj6@mNNN|^193)2Pl9|S
zgw+tCHlF{D|9$I<<;%f9pkl65f_L0Q_-j+J!k-Qx%tGwl2LWsvP22htps}<D)f0vg
zpdRYL-JrCc>oL%?R1>j9IRnKK;E)i5No3CKGBYc?UsqEj4FN3VN{|L31i;T!%!5s>
z9Qk*ZPfVNeyWsJZZL|#9@;tbvf+s?*2v*-<`D})Og0dKLYwWqgRvnsoCnAE-tPt_N
z7<);`Hz+<3yR?NGf;Z7~&zU=4_}3U`up&@a{$yX1Klq%YV)i+Ln__V#Td~w+LdU+#
z+&q9-KxbqmIlDv53JZ{%At9f!QFWkw8}BywAK8$(>7Srwt#})j9moJx!1(?WEV7=E
zdD^`M6C~&>hHL!frjDK;2Z|zLZh-xe2dgWNWM;w{65QDG`*oQ5@v|f5g^>S<2g$p4
zQz%ehOt+Z@;Fg!7RGcrm32;+qy$_KZfjJ91#Ul9Q5fC}VHIF$mzZqm8Vs(ih0oQ7=
zg2L4uR{{eG^_}>iUb_~xKq|kPd*KlW8zQ)Lrs)pM5LyQ+0wJq`RemunOw>H*ln_X6
zn~xn+hWa&Y7&9>uX#qdks;{pD{SssrM<EuXyqpLPYZIYO__nq+(u)dzqTa9eTyZ-A
z88MmeJw0<vdw@=^1o!KQ$cKOm8xV^}^q_r~cP?X#`L(aF{CVIr*1ur2@lK(4?z}<r
z#rx9Pe0&E|a!19-CKc)9{Gj3|cCvzlgFnEs;sY32VSulm!ynpo+=E>p0>a2a=p{*x
zQy1_F+qwQe5P|@CJ^Krvec#&K4IYGE!L{SzfBYdvISIl0r{gN^tJTyFBf4+dSObII
z$RHT<>f*3?W>H~@?Jvx^X$U|0ssy7_d>&Cs{TIEft<^?va#HMn7+mFaXI3_QLty_e
z&>5sH?5)B8r2(ygC>62CxA3z;5P1-cq`9h8->Wo_UXjZ|${e=IH_oOX)#p|9*52(`
zAeJN^ry${O&=@C55VFpJNDw}&B?)`tRF24|WiF$!k-yimC<xqIP!3?;ajR2Qa^b?v
z60igyDC*zE<}ypDkB@xRfDK4NdHGJ)+=#Ry+OA#au$Y1m#)XM4!Uq<$0fb1Q%=@W3
z+K{|QifEx48fHQZ)t8>^EF{d(B++Mova5)jO-M)x%mnuMR{#%}XCx2BQM(y1jkfd{
z&_PBO4~N5vv6<=}YI$Y`AWeXAFL4uU-W9!}Yl5Ad$0UKEK=cdnf`hLClLR>`1C`~c
z8vtyu_rIT<cVhBgErg2$y$p6b_h(5R{Lk*S_JsZJ0jb13h=&{eKK8RJ+2zxr)m*Nq
z2)oynAn*$b3VH+Wi4U>C8>A|l$9i6pFIp`sA~kht%?Xu=Lzf;w1oF8l>jc~h_DqOf
zHUtCshnUGgR)gzip>D0z^~qhUxde=unnmt`u{{;1!9p_ivgk0N)iu}GUn2P9owdRw
zfwVJI!}A}krbo9FRJguBNL-+p{KI8nWp|&PMOn)qk=EqC_d9!7Y}hvO>kwn>w40HY
z3c`Mp21SZ?f;cZnUyJ(xHv<Uo`}gjo6o}j7bYFZ2BOO}vrZ#}tqT=E&tEy6U-8y$O
zplF61=COOfCBZELD}H`gI2`nhi3bE4$!l;ORaL`%y`$+FK6d2+n6i`_MU#)!_jlU|
zxp-<2Mu>z2wCC5(_F|>cWTQNA#ou6S9Sd?8#Hmk%I(p5THCl2ZF*!MRcGRT_-ovd|
z>~XQTe}NlJ*3rm;tWtJU{mT(xK6Kf+au+JJM(F?a7I@-wDI!uE)Vp30VX0=$3bkJt
z=iMz$+pheVGAJ`TE>4zYfV_Y2169YjW(IAUCmfK7Q4bJu;^*T5QLbF*6@DR{k$B;V
zGXaEK(hz_l#aIcjuEoXV5%-y3vm*=uBS^U?k4U#v9uvB|>({P%XJ)R!nyVGbqpx1S
z-iR6>ItJ5RT^*g@z%eKLEs&B)_`A{X^#21{mUUgFq?C`8g~u)cc8rbvIj6n#WHy~T
zwFc#s#HRr2K6vQRu`cUY5#h*d|IdN%!5$4d>j~$71W`?~ieK4QQLN_T;^|N)FcFK#
zLxClQc)!NIz_9V(zcTMXVq5<x(tXrl@L^zP@B)Z~2$u_QvC5H5$O6_6y;+S#LkUq1
z>RefnaPN=saAKEq0ksMzI8h}76t6nRho_93z}vUagsKSU=L6t_9ks`z5DEnn(g5x3
zYqna>ka`Czo{<Fe@|f)G@aF~R47q$o+<q>npIIHr@xl3vms%P)H?$lpLytH*Ucn(5
z6(7%MX=w@Z$W_yER61fkj*K2<<Qq&51ksHe4}%=R1j=p&(#qK#b$#H^Tm`4EprnMC
zu(zNkK&tQN5=AvlO&E2^aV9&c<YQ=mzz>iOy#=Wx3f(Lz&4t+9?R#?2-_$FQBlU^}
zl`08106`5*$n|4QCkQ7H3c81jit6e>^a>0Jz;?)ryg*Pgof@ezN$2?Nkcj^4`huNV
z^zE<f`=0>i2S#$r2t9Oad^Q^-J@%r)YD;dg9k{zBl1nAo?41a_fPYD>yb@d<*HA0t
z*#_<tKNYEB%eVYRwAjEZd#<^mcZ5nrzE@bRGkOsk^VQ)H2iiBz{=4VqT=~^rzH$i@
z`p(>YAveqHT;6)}8H+SMF5y&%`0<Al8~r1y$+}9bUkXsZ@!7$T?|vG)_UjAqN#Bzq
zu=TH|*GKRj_n%_>f6ydeQz$5{2#F^xs6sSYhp61@E}x*O0Y!Lq#rmlrMk2JNZv?ax
zwC&I^oJb)wYx1Pv&QcbyStB~ve{(O*#>R%0aeb&jfO-H_VWPXjIsvcc9179liUi%h
zEe5^pIlL_)Ibei0sex#Ohhz?s2JITroXu`b_X4|^IX?aw;(T5$c9Ou<4-AT-nb{Q_
zuvXaX;hir4t?GL-m(BgKZipF{JQhTk3HEH>=6h+{MiuB|QvIf<*3O-%-EOKQ)Uf3J
z-t>?K7Ctd{yFSO=VEOH~Hj(>XI(1%xeCn1}`?nsx+blI+&OW?q_1LHVOQJj2XWBz<
z58Y{BTXDL4RmZ2ZeMcx-SoWwkY*}(W3L!e?iyFQu%6Pgp(k_KJX?h=)Fj>E~uA;&q
z))S)0hkF^_kLhl#NIjVgusOzy75Wuo16(9%yM^DUBq|p(m)&E8vFx9w+(677F>@oj
zoyf?@(#E*NMh2y~XDS6ezKx&@ER>WankV;9r+MKyNAc;9QXUEpV>wnEJmd~pZRMgq
zw&fvM7Rd;NWxoY$#!wj6EIrBjIwVE>#Bw<CP4>sWz7c~)$}Z3Y_E=Z~@j?)S>Kb<W
z4P-!|AvBF4P45L{3Cqg8d8U%c;6Yn--2rF#1`$jpjcElxXAxdZ5-<B1^g_8~<V{7Z
zy#%)$FTozOo3NcC5fV%kR#Xu;FP-ilCmMy=FhRG5T`P&49{%=07&F?PJ0I$l607qd
zgDe3-^E>uKOChI-)eZW(;3gscf5S#lz_sh0?*s=``RHl8r;PgH8fUt+gTn-c`}7#L
zL$=M3BAgh6SzdhoNSPvo#4TX9%3M=p&kb*(v%1GtDY;J0eTVo(W^o;4af`qiC6Y%_
z;C%^80;z8c9?^`KrfFi5nm*e1k;F8U69o&(Fip?w?TfUBg09_3;dro&)47-5a!Ei7
z7LM2hU%+>50V(P0LG3m~C>AmWh@+pSi{1(^1PvBK;`JT6WBUMTg9D%+54(L^8dw9|
z?phC`8WM(PGo3qo$$29=C>lezpTW)w)?qO-6Q$o^e@zr&Pu9_nZJcwnjtp4%JZ(4v
z5Ca0jH@uUB#9O$?O{I|ZW#k^bz~Ob^$PtC@7wbOcQNUz>^}!aLK#Us2*sv0l3GWYe
zhKXf)cz}qP0x?5C7!HL3YSr2-xD$?j01XSBhIsG2w;bzglMJ?Rd_wQk$%<l#MX;#d
z^ECE}dDLX$AiM-gX+We-IDd-5gh>W>hDEQ44L7m)+Q5#j^wg2+!_6R?kbG>YJ%q5w
zn@+L&@MIYd+09*Jt6I#YFxZm(YC^?C<<DXggE$oVEaqR=+JA)ZEZV@h=`Ml$D*&Up
zjR?j0j;GKH)H{dMb`o?-@2F4@qFFDzIF-9At9l98{&*#Iwr%q-ezk4eHWK{^{#eZs
zm+7S`^N4H<RJKAq)`?qeHY{GUaQ!I~Pb3oY0H5><A#G@|YYvi4HH28maM9sLO}C^?
zIJ^Y^75vpxoXM;$YoDfA<>*adOenzLA`4n=tF80|V`t9g-q?c>FDNN1zd)}Ucq20U
zy(@S1Gxms1^IsPP`%92|x;;9Y%Czk~kM`8cBTOe@@|p`w7ZG|>y40Nf?&dW1tfG1j
zx*`kcH}YS;)Q)p)__n8-eUVseD)NTt^F!D?ZQ8W>ro)L}z>my4Ga?6v!;2ur9<;Sh
z+Hhh6(uzLmRO9cA@7fQKjHn)WQ-NXJMaU2F#_PI<!|RcUf&kG9U;R64gm4;@WC=VW
zk3s8+7(QjuYbFMw5YP{8xsc-~w^tN=OQI?^=0TEAc)+j=6M(w05TY?8j@50mRUQ?I
zc~DQgWRmK6lTe+A5gVr01F(KrlB6(EH;<dNogHv4uPyW%$GW@3wizqjsT6gt0*Jxj
z!Q)UUg3fGN{Et`g)NrQ|B_FYi{Cm9imQpz5x&h{9?2-M9&hx301TDd50DdUMPY2w`
zDdL^u)1ZA^E8+{<6WGwW2`bnh^RP1Xx6Tb|=a5i=#v0Fl%*pgpGz^#^C(Lh`Rye`+
zMJ#F27TqP+<9)#yC7MCdrL;f}g$3cglL~%<DNj8SZw3MF%ysM5k%yI73C7Fje@ham
zv2O+>(E`l^iTQ$nzY3oFB=|eVO~i&So!H3H&MEDkdQ<8iv+sF7>9+Q)ooBGkt$`uK
zq#1YH&YC60K>p&5E2$}ir4xWmj(&M1gjYiF`f|2|`23ONOV99&Pa5~pC?ph%xXVF<
zMMTG>V~QAQc^Y($OYBtJMvBvp=Qp}A0zpHNMnu{&<lBm2&i|5}hq-MdLM<R|mK%U@
zGy!$QsCjh~US)E>A)3&M!?K)*0!z`OR`Vm*3P4SY)0wbgj?ZKWro?)N%v!ic5Tmgl
zgz^Xlx3Z352WG#?%ii;G)Xmkk5X^sN&`E}S8%0q03oy2Bmb@if%keNm;W!o2$V)+i
z@`Yg82CjzU?KRHa?m;Rj0=rgi>UH^f2|9v@J|H1Hn^Gzzfl`K^^p7o)j@_($n2u7u
zBTiG{8-#I`(q`5kA?KkW(X3~zo~K?_yqnl{&_ct#su1z4E&csLaPaDzC75dW<iDPV
z2fmniAqMn^c<Gqcs@t<bbbwf3GYQwC;DjPa5<Jqjvw$`1eN=n~R8B!Cf^lVR0QJSZ
zBkvzPQq3M46+=W0VoZn0liaJL#;sqzOoMOAu4A`7-Qr~GP5hxo2de?uo6|(nwMR2D
zGU|3*3@=V<(4<_0!xx5M8z_KOy8~A?oVv}iwX))YssdBXF)Mi2H0`JOb=&F%sCv!l
zqU}mHTz;xoLQs(8=Yaf~u#joGN6=IXGDTvFK~hdIvrt;V;wHCBT+J!|xI*BA@wg@0
z$32IWX3iR*!KnlYhYf5uG+a#Wo*3wl{XG2_zE_j?9yA+<A!Mm10?jDkJXSq-cY(f|
zq6P6S^3Hrw4zDPD1I~zmB$F9KLqmJcp3IhG4p$qHKr6iMQaG7OXQAd)?+vBc@nfX7
z#?%C{BGTs%K-nO78Z~YSyemM?BSQnYud1K6$QSn5(Ug@Y_R1UEH=|Gyi7*hPR}~ey
z(4v_>b4oaQf0wZKsL0uTQ~eBvV9f_jw3~%^^sd3RGt2xcYA1%#qj4+-moot|#09`a
zmjf-#%`;a-;GFLsW#BZoLRNZ{@h3w3hwQZJql#bW*pn7Vsx*823n0w}X(@xw5*W5&
z&^2}Eoi#jKBgzTk*_t5J68$`}=EaPF>+uE+3|NovPKoSnAJ=_|li#{l(eHp0S8~-s
zKBxwWi>YPqnHg89^Ant;$OFwOKy41FTeu_!v_fG@Hk^ij@2XE-$`gg*<sI4zgajTj
zx(ykbION@r%(HGFHs}2p%nxZ!A66|{aycO2KNJW0{IZ7*plNPL|FH~KMv#HWf|e>M
zR0VF@T2HtgEMK`Y01ZmgjauZqUui?UDyAJ*a1D30b0oe=h>2|@!jnU9^8EHhj4oRe
zj($ef{vA-shp*ng4MZ5B7A~vN6?Lb2rS4`1V|&;&w(mP(V+PLou3iW&rBoY9SnhE+
z8&>7@=M2p;VRWa_-6m-0DrQS++yop;!nmgkEYbr6SGS*$m@i7oy2tU<Q8bS7sz;i_
zKr)L5Ha=V=Lc69NEqK4VOskRQeF?bJB@!eLi~z@!E*_)@INO%Yy-WA`vbnVzM&)yz
zIV*gm**$pSr+E{j#<`qNXZv@dA`1-!QLVor;r-`f&%Q308XWMKOEqb3->*-LoLBOv
zBkK>N>0N=3_4&!ie*72tKh?Q`yvJ7k`aDZ#bS1?rXmHTe)Bmvh+K+!Aaq_`$|NR*O
z;xqm`Jsn?ZOW@{y{VT|5T>PK^_)L8I=|bJKe7mwGJ+YB4M;x_9x7Rbj_b<Z)4B~0c
zqv@OYA9{)!zd%E$1Yfror`~Wa4fahi#B<Wt$=_PJ|2zo01RMi)zVGn?o_RBicKkkp
zSq@_Y{s-UaP2kgByL0E^+!E{&uC#&Fi024I@W9|mO;2%jpu}t#CK=F^?Xl@DIhFew
zqkzXA05^C@iFO-8oUAoq?zFWUO+rgzz7VFm=mB0ps}27F^UN^Li;GYhdqLKc{+;yy
z5PaO^z{JJ4Iu~Q8>7h~vO0<76-8kll^%gIv%CL7Mk%j>BVyZjv#>4askUeQN$zg=<
zrRyda7r64_{?)`=tfE2y5_?rscA~H{XUL@k69jqZ9O{y1<8UQDLFfW&9@VZWLG?|w
zDwvMMS6_bN)tWN{sn!i0fbog>DvZxQ_w`-HOfXfjgX_^|dx#A(n-Cl*(7QS6o1ONU
zU&;Wr5)D2yaz3C|euCW;z|N@@ph_t3m2d`8@Pg6`mkYnrp`#OgA1aVk+lgIV)q_aU
zi6JYy3D5ENP+WN?3<a~+Q?dKOgxjZm!;sDNFMRf&Ke+(kRs_GsS0o9u?R1>p_(y2x
z#LVdwCMH!fw!l#1C2WMyt?s!kRrDqj$IeUiYXd0WcJjKxT(N9T;Y5ZZhxEWWKL;kq
zPbBAHY(#TCooI=cPw=qDq@qXXcT<b)xM+A{;Ijd*=JPmiTHD(8Ph4@L+q`k<&mFsa
zz|4Mv9sQJZPZp_u575&eZC>ZvsRcW?YH=!bVb~Vwqd3Q6`nijX*o8T(F5^@LnZbFY
zP+Y3<ft?^9FN0|c`bM~`p}qi6*nv~hb@0nJ)Tet0f83b|sZ%&ei1M_&JCsU%qN5($
zQpa^9GEspcGlV$fDO$v@!6MJ&w%2&O2sq<0M4Ej?7?o-2^jT3r3`3|eX)IdnHMu6;
z>B9|}Uu{B3UnipQfc~At)0$?xCYUmzFN+6O6*Ej?c0p9#g*nd+Qy>WSozPFoJ;4|1
zu8QTA#pWg!pKs>MPP&0v?mQj`d(7vqupYx5kAauNrJc~T)3GLr!LA8;&~ttL{B{FV
z)ahWLv%)$i7C=H3T;P7kIs@iK2j6S#6|tTysn6NoHdUw!j;=bWvEadOhwMw%bD}qc
zR5qgw)0Bmf4aOm{+iaQM8|HEq4qv(f41pn$+Kq8N0-!7LXcxzkA>=<q&l}j2K!c+m
zjF8^})Q`t|Mbfe1xD-=t5<Q8IO%M68t;KP02)t0;&tXqY^Tw906T-I5n{VE}y^Yd|
zIx#&X=o))gjX?lMyB8Jn=krRA6Le?9tGSG<9lmsRy?*rChjiL#`KM@+<oL`<0Vz#A
zN+)XT^g3FC3*NRaY`@5_g+Wx#ac=6+5MU>JZ2e5js=m<uk}G_=6>k!A)|y9VCWqFK
z1C5Ty8Edp}-||u~zu~{0OLFy4t-7$Yf%(1~IkQMS<ndZggL3iY0tty7@N>y&x5M+9
z#A$k<16Vdtih37k{x$$^^YCE6AgN^uB0aBVyY~|;{C%SFitts3E;j@bi|{b8GG8Oo
z9Nzn#=(kN*2;xiP;LHh8Sx~xVty}jz5jEt`4UUa<<UL0SIc`XqCl_`ce3T7zj`^|_
zG!YI>Y4LB$9@6xq64|=T=}X9qR0T#q)aqA(tGtE~3r>eC5+}n0j#p|xx+tOsF|9*o
z6wlZOXuJSao*o)Uww4_pR~6_)!eJWq<B3&<bs7mv7YcDXfFdTiYkadhrmtPB75-PR
zKEO?Mly^iIB;Ib_O$$-M;fQw%KOHK|>$*A<SJs)4?kW?SXOSltV*<InF@uWo^7m1k
zs~+xuIx9gtP$z(kO(prSco<F|ba64jpubCu3eXuTT9?oh0Lb<y2P=BXJ9k`uBqYPV
zAw+5)-kUGo-P_UmBxhf~au4S(d7yBgOxvK*ig$`}LEIn7Bb(cSRril<_q4SCz(j=A
z85^{@%=a4?73s3SzchMLq`pTZyIccl;dbL?FVPjlqAz8x%wdl&67<3}1H4P|I55Ny
z6^l|=^o*f#pQ43n+sHr8*`vLT@$g{)uCqO;z~*pv?|D^Qd&@HC)C;y<*QeZd8P^m0
zANW2Pm2S<5jAr>)!BY8ib;=U$QFWEv2cxhtT!x{17o>WffbCu3oZ;{>TNQtm;ACo-
z6nV|l*Xw<E3_}L*J0B$i9ufRzxo1?-ejaNsDzAWt;XS<7cJez=a2-9j+{@xv4>mtJ
z#18{lxJ)maKW`q4A0;p<ZhO3b8J_FZKNeWC7}1=RgBYAhUVYy>M|!WQ21CfdF|BfR
zVv`Bmc#*(3l(NKgc|DS7iMJ6R2-!cduZGUio62EMMK4u%s%HSTQVFUpl7v|iNiD%6
z_ui$KsR#iGAo?n~6bD=kKh&l5UX%Ou_hN}aPT%HcDZtui+G!t0lIA2f(3yiKPoPsH
zNd~w8Xw5GIAnY8Z&4<?zSsvm8oi`OQ?_#%x;L4{hZBicW*i~=|EQCecR2=p|(#WSG
z`H)n6ObvD_Y)3g<LU^xTE*0aGmX^-+VrxJxuG3C(4Tu$;OmH-8i5VQ$3cQvIa@?Qj
zg*A+*iXZKptrN^8x?Z3x1bzp6&CkorJ4-?>Aeai@P2i8kC<4dOm=e1=I7WT>;?cGV
zJ#}Tao1;^6UIagmCqX!4BG)%aF8PrXeqoaHjJ9B;oM`zw8`4+6xce&X2&_=7fs_f!
zi##FGyK^Kpd@!f9K_d@$<~>;(Otx}Xk<7^ZJ3<9TMVE`3gbwVA_q@ahQ{By64qK<o
zK475wCx#=J@uj;Aa|?!wIO_}yryGgqg0+OO@CE#BB6GH(X20X}4cV=0O&S_>UwQd;
z%kE8{ZPA#KEed}P!Y&|@t@++OF`$m6<nfJP9Nar}+0hNXI?T6!19GPEwgL(;2!r3(
zrxaZkFwV`Zy2*VErfOT;1sp~Ppo)z*Nm+!U^mjR`4NMS+VR2o;d&q)>jN)GIq}6h=
zW6LIG7UVTcd9X~5&_mYAlP2bfItg;X?rICbJ0o**J?wpNqW5@xah6!j$@?CaQ5&1a
zU;up`Ms;v#Na($ZWz==p14^zv?&EG-yw9#-n+8mud0LK`96xqU8VCK8$B!3NzV!C$
z<B)ea?VnZMdZ;c%#;}G{5X!iL3TdCSPD^iGRjhqy622&8SW~oMAL_;Gl2zD=^O(nQ
zd}v_c^A}7M|G^A&<Mlx-BQ~RcyJGLYWNsamNfsi@;X;EAur|b}^Tfrs18aSNI?|AN
zEOt3NMD%#vZ#10T7><M}8nDG9GX{|^lL3lH(DQ7po=hx^U2ov~!%^B0NJ0F)dz+0o
zsA)2kVFY#~^AG^cR=JQHMsoL|x0g#AE7N{O$CE{B4Ceac`-otWg`#=n2!l+lCPsw;
z0yNK&kkYpEkhDg_AG|JpM8yY2^uf4VH7T@6G#E&mlH7fr|D(OKd!PB4p||SkUn^vR
zZ(@D;X@#=(VCW01>-Z=i8K7~S|2X`=rw0utUxaWa@Qj$v<ik_<A41vyGhA)lCszpc
zLr$^G6R4gn6`m+?L=^Pa9)<_RaT8NT%bcyibz=Z!#GBiDA|j>1xuleF*?kXDC`^bY
zMqV?wr#bg3-iuT~LEO+Bu>iuAI7rMKfTxlSh~Az2&LhH4Qli~W@jz-vF9tX#4$XJS
z&6}0L<(K1>pj4u(b_<V$(~BNuxxBpo+mj8G6{0<>^H^7UNuY@=#6uY6W3kRj&q=qk
z;|iU{o#B2?V$=_OhS{SGR6A3&$jpZRG`_R6fd&divrk`I%LH5c9=&~3{ZVG)=eD*2
z&m%ZAVbymGT4F&V`~fG|>YaT6Xi$ia^sZtgI3D?jiv1K+CG=Cgxa=J-BiElkkBQL=
z8zM5AC-UQVEm#0D6LyIt9+z0NpeZIU-w}P!;(z~H7Sr1MdwR-zd4KyYq04Pz)OlBX
zohuHdAc%|(0M9@aLlOL3jJ}}n%*XMW*+1Xi8k)&UG?{QUpe%2;hm5%PRFqg$7Ts>s
z={OxUZ-}>;jdc@<F>O$KZA8J^+~cy`V}ve-LpT}*0~b#RDn7~pvN5kH!f$WW!VPEU
zX^n?)fts|T@fV3;Jjo+QvJ<1dRmm3X1h4Pv-YZ=Bl?qb?SW#h$i7*Yvx(lFN3*3;g
zU(g`SKX{E!p>)?i;@4_oDj`AimqrOx2Ut}Z1Zs31hnsR|O_B()z6ZDwjsB6C<SkIN
zTq(y!=`)(My;?`1m_x{98Al|6=vO7|ksa>)Xm-eJ-VMgAn<kW^0EuvxYBSTuZi3<$
z6bTzFl5GOu3fl=n90^%l6J{sjPJ9HhYl#AAW=_nfaB!;@BQl`L)}o;#jO8C<GB#<m
z96uS36O2jXZ0%5%*ojX<g93n_@QPVuDTk<SKiJhh*covd?bpk~FLd?bE4L#bJ$y*<
zUU%@x5^av{E0*3Y?Qw`Yqk(o{w?HnKTdA4Jurn>1bALu^TLG9gLJJm<<Iw~0A0S>x
zeMgsc9Gzurm7ABa_M3hI=N}bP|H@_AGjdcD*PVN+xjO2rSMS;L&{`*?OU@6r0<eLZ
z3WLc)V5dd38Qak<{X#rRyS+%3@4rCL?P^l030^fDjVFQ(Ig|q~E-A*;=s`yfOy*>H
zf!qHZV83a+yeEPLDeV!@F`<Z8%gD;MVLZj&Zkpi{Du5HWYVAGT$}M<yzGEO-NcCEX
zi{ghxCp30}IF#boFIsYs5&gY}A%}?i-wZi?FEQ>=Zc;U)-fz1E`;V1K+yRWFi%ywx
z0De%2r51*Zty~ymuw)D`GB)-k$R<K9!g9XPBsLuD;`hW|El$JBzQxFB9`yZFV1R^E
zR+5aK{sroqh`Wl#_+6jpxemH8xXD?x^KY^^_OB2w@tXT8U_5Ymh2{j_t<RV`$R-c&
z8pHva@Cjk9C%B9*wtQkg`X@X)r`jCErF@H}oO|0kJ4u#AQ|{T&482Vy71(22LwHMM
zj)+nz70}pZc=Z@kW<I~XDRE)@A9ANLO%YW);Z0a!2asNCGF!pySwK(R-^cGGcF{8z
z{R2=2n|910g-)^AbjKSFy#PAKjRn}2YXO^rrTMk+aFXYcnVH#wwIrqRZAGbu(dd=S
zRt?3xn`&*X1*^G$3yo@DTPvk;`O;mAN;dkiLS+iC3Y3?Z1GgYTP*C6mQFd@9n8b~I
zV5G8DqbnwhFV;6pg%77Rapa!X;!9^$;1KhJzYb=uT^UC#u+$?L>5h4|aW|X}PDH}B
zb#ch{&xmV}@(4{tsDK@6A`y+AxF4vGB`|hN>70173rD~@yR<MIYvL$5_C-aybm1*-
zB0vQt81seL4vwQ>5ON+ApYN)x2@ewO2k|m8tuPntmYSc6>k50U8z^dMtFVj{Cn@*%
zOQ7g4Saq%#4k|N`*${JT{&g_-LpW278p&mj8<g7<HF<kSdpTong3-(+*ed!T-~f<4
zdg8<;<VnnbpZs;#2Rg__2SDFIS79Fz86128Ws6Xu;Oj{-DiOyU3cJx%&xw;HmJ8N<
z$_+tziTN-j0udA_B87sMFeK|6Dwf;;l#70#f!O7qFP0T~!k7yLi5T{wRbEQ!4UU-Z
z|D-tJ8xsF5=ssU$W(Nc{l<s~OgvI&h%|4y$+=nHp5qItotRGX8SdDvbZZ27fV+cQC
zMMiTXiY-@J1yfG!*i%u@6r8@dydaq)Om%Rb6z)D76?%dJqiac>PjatWge!8bJJ#Lt
z`R4c&kUz3=iZ|xvzK0^xg)Ck}ug{>xiBs9b!mwOEaQN_p>PZjqkLo{shz366aORSv
zRN@&=n{Sh|d#TxJDVl8E&`}fMV{1J3P4rxi9x~Gz9%t{mUfP>-JWl8M@l~KcPe=6t
z!_x-6+MQ}Rf7rmB4PLbpK%#tc-0XMGhri=XG%W-*BUc(nmv=;jr1zi&2fIe=*Eg0C
z3aR&T-el%hE#qM97T|{j^2JhVX&zYm8D1wy+&{4QEHmpvtHelt34oy~%W1=!XwR|2
z$7bYoU_8xjPY7q}O{x@jfH9@?5Yd0&+dLH5o(7=r4><+Dku`s>4Em5`x$Y4F;GoJ%
zL&{6`g&?f^TCw+p-N;3>YM8`Mc`}}G{td#<Z)`M6o72#p()97sc63@7fz~gEK^E3}
zgs4j#h?0tW0PUcKyLSEh3;dv2Bv6fb){z2?GX{a&E%=)+$>u}tE{6~MogVs1{CmN1
z)<WAxEGa438@>+7;R%Lo^i`lOFk+aCPD2;KpW2b8OX$)_gbjAxxT?i?h=EX?0|%<F
zd}eCfCcsBR$XLUf5x>&gVG5uIQS~DW!B+*LE{Kqb0b4!Sm?tWFi3|hSvtWx+f&yUd
z(FUq{32M0#{Ovtp2uSw(c=}UayLNBPGLmagr&5U3EZPo|i-6)u{GQO`Bzs7Ym*vA2
z7GJO!hG8m;9?Pj{4hB-Sdxy|M6E7&>bDCR%76k$_C!9+(%r)_j#sQHY-`k;lSH|<b
z5&}3J%2;L~RY+k=p!od(IVU~6fYPRx?(W2a(!+<C4HqkZj5OtSoa|>QsR`ZV#;@|w
ze7+>H49_VdEBAS0y1LY`UbsyPl?2NMf=i}??>31QklY_k>y8cpt+4<K<$@%a3yDj~
z#gwu1B1ilmOwN8$$%)-DF>@rPlrNo*l1yklz-u7(n@R-FSPoWV+oUkZk#05XcC+_j
zU}EVYrr#y7+{RN=$usECo3j4f5-d10C%<n(Q2l(QB2^Oj4NpLml_*f6D7+{nzWz5}
z-fGClYUb=l-og_6S1`;k;3pe`2k%n+<jB!@*Gs&V5EGX1veFA%DA%w9#;jX~pT@ZL
z|6=V;z^Pu>u<@n2RMJFJqCpW7O^7n3kwiifDpRFwBGamnIZCz$5;9N8)PPko6lDw<
zq70ECmYHR(^}pYSefBwLpa1n;-}RkqU*~jchxPlt!}HwFJ>Y)0aFL&%f4!XC@%G0X
z+h1)CVxMoy*6kfmn5`AX_Iw)_JGtOK(w{UUT@>4EPf6ztAlDrO+(=9qg({si=Cd3F
zN`FmsEXGw;R4Q=Xs0?!n;`O}$rl^cAr#PoW-<L&jnyQ^5BKwl~Pt0%8s$rkToY)*T
zoNb+*YJk3mP|#@V>fY7M2C`~VlXzEe3}ldlxW!RY5EdkX@8kFvu3g8@u&mWYP5BmX
z2wk-)>LfiLzDlh+BWqU|l3vFQupLmpy#zc%zS)l$_@`j6e8A~HFf{ZC+f*;z>}K)U
z#!F7TK-%`pe%9u}3)&4<1%}3=1hnIrIwO|fdITj48AjnJm@|7etaa_1bO<(fA3I50
zPy7@c+o%d&?|Z>WY(sz>#!Vs~>p9;VF2#Z&-#ciNWNT#k7%W<qm62W)g=6m)qyl({
z6?kZ#Z??C_2&ObH3M9xP(T@YLeGBb59^OH`BV}cgnRGHai!5{<b1VNKzc2kSeEv(7
z`d;l7`EP4oie0yhuC`fVS};Mc3-(+OBhKsdSM0+z-qzD|0D6m~vgPFg6KotOS~M4D
z+z2s1fB^kBXtf!4m_oyVDI!B5soiWqL8;bs2{)s-q<CDETjos&motNlo66{_WDlFO
zQDRr1?I5t+sq^O#fsrkZ`Au<ISx3v`k=h%QU$aOC)c^$XNBc)Tk|*|i7Wa+L<>D#=
z#f048!%6dJC|!vk5%?O01n1`@9kV|3oDYBzoh%Vwkt?2nD?9-Td``-0ia&458+5Yw
zb*u=%H!#cp0^nD#k7C3coye<aS3mqJf4hWCvQ+1-l91qn;$=4o#CU2aK6P!1pM_JA
za5znMB@M*Mu*n^nXaIaJ3+Vp-0xz|;&-pRgVjBPizlLhi2)7R(*Ei#A`DxRqn>*QV
zjXd+R-sA8Rzzln|<i1i<gcF&D^PUzd{WWM)egAME;jU;JDC$AATcmiG7_kQXzS>$+
zGtK`tWy5Dx%_~j+*VqjNox`gyM{O0uA?bnRZBC&NVzr!{Cij<jHoFHfbs3xHULE(p
zcyc7}?k4t`P3f;E_EhKf=;u5hmYRC9*L0I{bGrlRYM8Hs4=p@pSC&=tQAe7HNKWK1
z(B9TI(4N-eY6TrQ0w1~x?Bu=T!9Jy7o}HM4lih~iOK&(E*0MWfWGd0cYULGV7ad=A
z9&<<>?<fQ$4`=FP_6F~Sc=v6VHNF_HXy>6ba`*69MDgp3t5Jn)0tB@iI62+`Ehcy?
zN*v`O+UP0|q=L~=d1^Pg^8ZA;^@c|=_`uaH-h-D-5Ej5#?RjoJR%%FV6xO1ywSE=?
z1NXNWvY<tN*6-aXn3<75+}}`vR_gt^4)$tK<xpD3Vha&C<#4-CTv$Me1Y$|mm2Ggt
zK}sq7YvaO#_~PbseMaKz*MF|w>lM!0d+H9mziv+~)4i>D^wiW<=-uP>v&0E?eGNFY
z4Sldzl?G`W%!#FS_4S%CZ$?{s;<$t0vt#LX9#&3^jws}gR7)df_O`rOG<#q?M#BMV
zJj;!Tcq-N3O@^mXMVW)35*^26@7_K(_Y<x#s#g;A;2AXVZQb4bQB7#280;j2B5+XR
z3aac_YlUPSM>c+Ye5&$pd?_v3<jt7G2lm(ml0Zy-S+8o!>W#WhFIo$+hW&E~V>Flr
zANRbQIDFsb`iMkox8u2PrPTJpq`rcPB&J&p)oEl2A1!}KLTP|U@c^Sg$Z$tar>q#j
zOA_u&yh1EPpx6--6Z2zm&Yu0{6m4>V6A=DI%!J-O*ts05r4ZnuZE-US0N||!;5DRd
zDMblW{_GD^+z+vCDaW5JM2xDZudgzggkV8l2L&x5ADI4sQyBG1G%Ir)?T8;ChAORj
z#N8WhKqN+>A{TW~u~fG5-bBel0+dLx2jHIcQW(S}<ipisE<|HCrLq_nBb0>LZS#!4
zs{aSG^7O2_<^Xv49$>12sVHOHMO0%X8>GYpz4FHwb`qd(SELv!^fcw@3$MUv!3UM|
zBuLbl%JOc%@bFOka&HZmQ!o2}Q8z&dcvwlTs;orQC$?{!$yiJ{3+MpnTbQ@b1WoiL
z0DEGUEzcS=S+XOHiEOnSz;Qlzgi*g5+`kM4n|M;d@r_O++<eVrT}8FI#i?5$-P`Ff
z^trGWBRVG_XV<=Q7_k?(8cqnQQn85M<W}#H9~ck5gZ>0;0uug647kDAo=t4C5OJDe
zKT%5ajV~%^y{cvB`wG+-Dwqs$WxCYN*H`cfoLb*d#7mZldz(|YfIQQ83wu^lb9xe2
z!Jk&X!#SBFi_%z&^ujEc)AC0ooCkS)G#ImjQVygHX66o9T!{`v0kFMdJio9|^VqRF
zos&UmXm8$=Hjmh1h!aE)Hi<_sV@fyN*K8;z_jB~~tPdTlASE5-xLk_`+&2}&ACmbD
zMpJLxVK9s=g23YH2RKk~!a@YJOe>k*#lb;AHz8gkVRD?P)mC7eRbt&e4J}9aRRs}&
zr&?C1u@FK10#MKZussalFmg!(Ap6iVyUwtA1ovGmYag+t0%eEqJtRDUQ;OX!pKD@x
zO6Fa)@usJ7P;_G8-kwWtyJ=S*C{V?Z<zk@yW_*CBiiPSe5(TK``xj5x-Pa^1k9Y|(
z^_xd{Zi(96!#wcaTM&xW=kZB@&K;~v`PY2N;jQiN`_5y9+c1skr79}}O*^vOu;5Y0
zpt|I@dC#g8)u@6@&-^lhiLtEm(4~qa6$P~PYC}(awIdjP;$z%I$%T0o8LMiyp!B<5
zpJk<vW1;QKm)(RAD!l)|0i<WI!dOWVM>^oj#A5B|z!&bJptJ4z;Dv@B6<P@CRkg!5
z9EsMzy4TJd3Z<r;c(KlY3EXmhVHv7|!e||IDqU4E{@yNFhJgx)FE_vh_bOOAZz?Ko
zl5sF%s3UrWPf;cNqa-$Nd<353Ef526C6L1Hndn8#Fi7EIQ58K84#yf8F<iE{*TBC2
zP{`$6M9pOhe^AKx?b|ohE3oh5gzkz=m!%T5HS&?u%m#mR0j|FbQyk_o5eOfSET4>1
z4r8so<Xn~|&vPXA&XA&+1*{#U!kpa;B_x?80h8_vs^p#8bq-lgp+JUkRavNFEDMP-
z6|x(MJv3@1zAYAR&^UP8?U9y{Q13|CyK7w58W#+GjBet08Q1r0fax+F`pa+uAjai0
z9`d!3n`&#wafPBFSRM>&$d#7DR*JGKT;n9vU&o%?Y(Rf(TiFf*0){0=;&cG2t_plh
zjOfKT{);$UI=o`*Szae6r^m1jM!q^fG7DbgIaRmN>kQSBtr(t3RQLvA7)uUIl!=31
z>yWoiDCJ2r1yI5LBF`E@jioa_vFbK0b42(z)wVX_xFCC5G?lMKq3|qKejHd9j>0K$
zi*MR|8`8O7oZ6cG;+LFiqNv*Z&2C-7na&x4w+-GX%oA%aA3qqzihQ42Eh#@|Ja~a|
zPcRfc07H#1<{=^Ic<CsypUDwz1kyty&=_vVPyq;3<mUM#5AMI`Qd$+{EIo#SA^y@V
zK)-%=nhUsp4P%x#@@{5NOiWz!B*Mt#xk8FSZ+J{`%^(mZ54hV!{5EK5Co$p;2`Q5|
z{-;6RdIom$tneX{h(Uy;q?^JafiT6zgvfo!1<*Co;gSbU0_R{3`Wch??amYF`*sup
z<za*+w|XSE%IYg5ysjyeuwtG~96u7vny4=-AC8eX)1!e$Qu}99`S9KF!9Pxm_!}Be
z1PhLLOR<&>FiI9vz}50aVd2M(&SSMmB&b6e)6E4}XAIq{BuLx<!$0H7(e`nK8Ey}v
z?+9PO=IBQ>Zo9_U9J^eei<zOPr%$8=7?g0Eyb69j9D7j-P3x_~yMK3on?I-e!Gi^;
z2%hy}SzQAr1&AhU>tRlMXT@qtd)7;l!!9l$_Kw!!1_R8b1`;O7w6-EjLN|#+eaLDY
z0{C@oL2DW<;CS;0cf5jz{3gR3hb7p(u7DIUoVbXkDt-2&hRFjUw^JyMn7s_ODWD=h
z@IY=ErmG$xu;Z{RdTS$QsFUB8lEfT@Wub<~s*k~_ZhUZ5ST`fwjD$YFqJIJOK=Ex2
zo0#wy?Ck?nUUYP5Xc`4`apXhp5)W1aaTe?u5%csqb&;SJ9I-0U8=?{N!NM{Iu7p9W
z6lGR%!HqIwhE6;EpjYOE*Eg!utSFuVb)}MRHZF@AsJG41Bu;)DgJdsW^7tEhz%K2>
z5`y_3`>+X#uo~ZhgF@&R^xW~U%Ri(T3gAHal80OUSs7`p=pZC}LPd38E!-SfW;Kb+
zK;YafI!d$39iIU-4H>^LJ1ZiIWc1LPH<O}nFhWLULl0w5dZbmM{Q3-h3`jD1aHVp2
z<2clNrcfC0fK57eL1q}Ze+%}}z_lW|L;&HZQ$PcliLcwXGzpi&F05F>$iaga@Z;N}
z2r&5~)@qQoZ>mddBin7FXt`B3$1Z!P+8J1yd03iu%(I=78!}mn*5|qfAfPnSxa@4z
zIT0d}6W%QqJ`952h<4sKm)XOlbc?4&bDG?9q0SCU$zQxaY*JdRk;AjeYni0+w9#ky
zX`WKq^0|!fvKhNaQN?%GrU(#3f#4IxFNDy2Qm!DHam!unnHoLwFP|p01L!=UP!nPr
zxNiM)ItTacdg0BR7m_F#7`=h-N^l-%@F_1*%0I?an?&{D@GWZgxflJQjE%u5+h(N=
z$EuAR$>UJb)m?^bD@AgC7>bSSnd&McwF>`Yl~X_foQ9?sDs}I|p?m8V3!-U2Mx!67
zJSP!C#w%^M07t}3oGGCtwM$aRmshfY=V@GCceL)1VymllRfN#QL`*Krq-Ugd4Xjdj
zqD8+-qWwV21DbmHre&IdhP?bpS2ZV&sMk=0mSYrzNMSFAQGqaztUTwi#JN^|<R8XP
zXuI`^JmfVv;{ZOGarv2MZ{E%FKsA=3Tc4@HdVLxTR?ik(RY7*Ek}nem1_U34u|Nc%
zoX$@#vWh2NfNg%CnY2#)_|q$>O<OT8v7Z>)Kp~im$VCyCthBV&mJQ3~>^FhA3SjOk
zoQ-D@u2+-u=qHi8R8eFZ&x2|JBo*`9xIkys@7ah+INxh`a`y_3Rq`xe{28pc5UVM~
zfB?*}?I#fX%yFA>sh})~aaEA1q|dHOPmMF5EI&P&FiT${7^hvz_X%Au4bXR;y2FAG
zwh!MA@BSlqsPI^r*WEDp9wdO!v6cpT;@P-Ls`Iuar4&r~&!#xRl^C+Hsxg>$8JZnf
zuZ%>sdhzE_Yr=)K9Fz{U0s1LU7&}6TZ)>X^xZ(9}p9?3JZNIRJ;Ou}^(RLZ3D4^um
z71h-(!{-1DUx1&UsExson@VAgwQ>>e2M{+*e%jXEN8@RN9dgZKgI&aJ+nF!LW{5O=
zK~}LUFh?||Lr<=v&g%=E>4fU5yFuQ#D-4n#+(!hOL}9cYe7HWblc0l99#(0)6Luyj
zlURiXC<sY>DF5~gyHW;hRnD^R)sqBzkWTn!`g@~Yd5AGoqaoq6&tlLdnMVxSl9w2k
zw@?-lX4|n0izPpZouVh|dt&nOH*sN-md76eC!r&(7ZF)_+h;|X`$TXi{a~yMu<Uhi
zm7L=-;qA+1XkNVviX%zKW;z!Zp+U0Ftp=hbemv3HZBl)?aSz_98wk!sVnF1y1g96R
zrVyMDrVa#%R(8Wj*d4ABn=dJOc;~k4fxHGhPuu{!s4^fVDNB-^8%iy(#<ci*#r*cL
zfkVrcdL#3jnhZ>y@-nn%D&Bt`)KDJ43QuBt^$IAqzS#P4;u(LYOY(!^G|3M2@QJ~<
z8A;Uq(y+ou0~7Ddhj$n{m?V|CeKidqUfVoYP)nQp-Y|@=UNxZ?>$FzYQSQ-Z#A%6S
z?Sjqb!=HnhtHom1pIiS8*x!sG128v*q@)60oYUk%6ONHX%2M$fd91NLsITDbpmpf9
zpSO1&#;#BMsLWv=a>oL9ia#D&ejT?Eu14bH`+eyb1@`13yeYGfkHd@q*bR~kN%z9(
zFMQl+=jY#79Rlo?@O9A`?$}fI?wvCF4>Yq|zTQP`gr+3t0q1lI=o%oV!?xnpK!%uf
zLBxKhbO!CmXk;33{{~?6?Rahg8(iAu?-hpW0!j^R96oUK4)jGp80M3be|$ZVQT4u{
z1!F1j=`m*XvoecY&m+s4_2U>hEmEr<%bxwWQVVIKCe2;E0$T*zs7tsl6@HCuaGG90
z{p`XV*7-ii8aa%_8e_rDdagReRe;$|lm{2=>}FEnGOT;NJ>#Lq`lr*w#0OIb+-%!d
zPhE2Ofg$2kX5a&fH)2+Vr$f};eV-(pM!u97&XOEyO{1!$SBFXDVDf?X<^sJ%CEcQW
z&aUx^vWkks-AlHg<E>OkA4Wb2RK2ka4QuJ4Nns_x4~*iC$psX*pE;cBAKtC*9Q)Ko
z%EnpzcGI!$H1E#M3OcF{&`eXm?Q5SLzATp?&}<mJYkYn{`4UkaT*zx~g$$ljEUeN#
z_=K>v(597VSs7w@+KOA2ShSG)NSq0tBpri)n9WZ^(mF+>i31Iq$Q^3I>-qiy3O4{3
znrHWx{tM0r$BAo69gbppPn{Gv!n?(TiP{JdaKsFVr#Om3jd9jse4%l9#ch0OyOT@%
zX`x%8@<MGn>#OMh!1t%4CCC`Vy%lmoR8vFa3K`Tq2BO~8ww)X@gBkt-E>6RkC|!dJ
z#$ojP`=Ex$MoPzYbxFD0xGVHOr$-A;SW%!7P{DzP<wrQ!$ia@l{w0$itMOu;$T@X}
z_vL`sZ(|o{t+ljZ6YFWH?(NykQQ~jD7^$Xc6+!S5<>>$&!lIoqKJGO@H5n6r7{;De
zXLy#;-6DXiZ8vf&$j~xDM}kt{Yie%p^-q$Jw{_ZT;%6qgy9}ReJj1bMbvobI(22F-
z(qvT)HUCDlljk=D<4vcWK3wNz%o^trFz(5^)T@W<Ul499VAyR({4#F39phkS_><WC
zJh$0npIy0#${);S6X3Bp{M`cs7eQ;_3(gsA2d9D*5kY;5F&arW!p*picw?h3CY2G8
z`56xzCL8cN!3HsR%0PWOO!5^0B8BUu7&KO|iPQ4N<!ORa8@GZo3MeqJ+)-=@;rP4l
zJO;qZmpRrW5zSKkhUh?7qWQnrT1Zrb04<5CeD^2OBPT%KyH{v;4)CYKS>~idyan^D
zFDdyIt#gO{Q@^UqrzbV%CzoXit|Nt&<Y3xXhJ|7kS=!51Q*$RoCFaaYN^vjNiRNJz
zS3z29=_FQ*<rnw#=^d;ORn-2cjEo5OfB5pwQ&8y@rlaNN4x*|+xZVjJKRdnaZb--h
z6n&bUeQ2%qnh+-v(ios4FLHSOVgmc)KU#?F+R}vKnvKKhMTf^NFaCqLW1?A90tBZw
z1${vD>qYNN*JT;Ya+_15f))xga0@C<(5tCvPd}iI$dE&BiCNp5n~kD>{C#AT(G@!z
zHLExmrpZ7(V{m<Wi4ZMso8q{SIk>#Qb2Z_#^tQ6{R%2tM8NOTyNz*VHUozPCT7#_>
z;m_u+$Fn<_;v^*G0Ji-4?c48oy7g`Yk=LT~(QMew-UI`59`B}IQQsA<Q_Z>!pXXM_
zTQkS%vxMpmmaSX2GmJVXibpng_N&oisc_cnGpzC=n!CZ}eQVANq_U#=L|0(ac>qQE
zI`Xy9{UDiK^Ww$SeIec{?=bP(dN52rG%)JXBMmadsj3PDrP&-^q)4|bAdd;6Gw6eL
zcsP2JMchylmVq#^TPx<!3XCp<)z#GrC<5CX%MU?TELi3|1oB~?1j{j(y)YHBNLeE$
zDjEqWF#zTnn3-vSdD4kwwTid$PUDM$vfe|k9D7(okikuFz;hd~EIGBAZ>NJa5RjYD
zkj)d24{>a_KvR#l%G=YEG^NR5NcOG3TG1*lw_~pQfz;lit9#`#U6aDxanv#!Jk;1^
zNgDU8KEr$i?T(Vc<@j^Vb!VJQb#leOxtG_tC=$@40PZKu65er3rFVT2xdWmxJUQlv
z7ZLICmUH#D+pM3}Y=<HfmG5r!DO9g}OxXob6f6a<3vOad@}CL2$2n*<LrFG~swMU=
zx0+L5LFyP|*^REZN4N0f$cD{M!iqQA+&`xuZ%#c4j;*6j6=bB181YUS6nJek68G#s
z2MVqkVPDid=Q@q@|6S)ZS9QrMmZybk5NU`F#xZ-bl{pv^zWg1FsEaYmNLhN8IpXlT
zKKL;AZ0?HPSMAKDpg2v~$8$+)+3znzFE+j{C3c{f;?;lu*<VAGAAestGSi&<@X_ny
z%4W`!Pfr@}=X%N5Ddl$7?wVotvy)CroofQaIk}%Nc%@qM!o+ZG*P%OC9#+LX>r1-9
ze>M2!IgONsDUM9uE&fOM+_+%k=JrYa&F}F__ENL#suur;t3o)rYVW<tlq^4$JMUUn
zE=Sl++ml9??v*jxj+`S#`udaSPise={&0$4QL$WT$Fda<<aYB29kX{hnzc{0z^+0l
zJ?GNAP#+)e2ch%A+&Kkr?n}@YD-_KSTOr$WpyW@;n0|lESDS=n3~x9^(iYDX&gGD@
zT)w_|-{GOo+21Dz=I)@aKl!zvX8(wyHvf%}Z`^kp&k;w*#gAfIzkPXa_SEUJZGwr-
zzA(90!^@=lCr8d5b8w8L$7^fIQE%MmT&k62@#}Gu|A}3v9A<9RJ6-zDsT+lX-Fffo
zXHa&{+41h|yDuwx-2#$s%=&c3r(8g+;!@g%`tw_NH;ApXk4&*Y-2+fuWXlqKmWuC9
zJEf05QMS>G%h+<yg}qbeYkT++7x{b4{;6=~43UGQmb5{}oFo_aiqL_<iiwYs$DoC^
z_R^YzM^M3HIomjm%;kWwz#DhGx9yX;EWUH4VS9?Q<<bxAz549_a^Y=%*s7E`Gs>Sm
zn)a%r^i}-ssTp$bj-TMR8CW9|e0vqXLC}DJ!1gP&)>gXo7VY#y#&q5t3;lFbuG_X2
z>a}XwGM@xX6uIUr%gO#R<5@%2YSZqcz^u+TdjHm`VIj2!DK<vC&n`F4;N+WYMTv7?
z%d>Hdl*iqmE$`qNcg6_C)P_fzvkyF4s1|kQgVrQR=-2b-XHE8Qdn0a;f43%yuG5^m
zDK&lZp)o@~*i44VTvFEaU%9<GLzG`psp4dlT+sH68C<G0`Ce+af4H_3aDE8e5g1q<
zwqw!x9EUG?FRzZRUO($}*@IW?A_0|PE=q>SJSEU3$iIAiozm+iqT6*NgG7zKe!rn`
z&Glx^*=1e%h4E1-vPM%_x*2n*>F4Jy;)J_&nrh6z@LG0{E*|o#w!G=-jWmJeosNpe
z5#RYFqFffvPF%j_+WxHb>$g*zVuw%tCELS3bB`@jTC;GMaiKua;%T6cR`Sd_u6NA4
z(v-6AYJ`5vVmiOV%C%YNzZAR8K7NcPK=s@|_p@KB$;ERMHgd9;7g8?#!E%yD)<>-f
zKWpq{t@vVt=US{ClH4m-tKP0v7g1sQ%PZ=Qet*O0<9MXIXx+oAG}Ffjc^+hps(kBT
zCCTj`EHRbxBv?$T+oUL9$9aCr!%H^Om5#&Ldh({f5kG!KKTO`jZnfORuuj|gW_X*(
zo6OLQiq8A+iUW_$E7MgTVO}kHS2#AMoLFvKctfSNI^im^`$Da9Uw!JM?a?)8+8-Cz
zF-AAbcG!aSucuk&i;|rO_6F75|Jz`7%ktNTmqo_=6c#PIqZYOPdCbc+n}_`(8up7;
z-R$_IUfS|{Hv9bcPVWz;^UuJv=S21!_qUrjpX}<KB_%A3QDkpJqv_?{90%B<X+s0o
zV7Hv)zoNBCzI=m%K!DoGZ|!UK{3B@Wukt+2PdU8qF53vfw{DjBnlontn0BwHQRYZ(
z{!l5pZ5pT>(}2ir?5<vPf_4AJCBcZqx!k8u&l+pz32m3Kw!ZL3g;2;4eK*8A5nrC1
zjvf5|LL$ipYrEC|<*rk61?C55HRUajRP{=h{p(19XNH3EC-dEuHR~2OZJ+auf1q-6
z8_QsZ$d>CCg;zy-?m<Z^6sV@vZS$^bQCVM8^@~LB6x}v?o%OE8#ZSw;HRq|uKYbl}
zK=@Ma%$GrX1N%o4btzZigKzpQE^@UT0HDx2ymwH@e~nOiO0!LH2-Vm!Eb2TkElT~t
z!_O(Slg8$=o837t+A$p-@Zn_teb}|yst&aZu8Y>&D#l{mKVl)`KKX2#yUwuVu=$s$
z{TKS0Y1x~^6h3?_;M6eRa6lwyLd!toN@bD1QA75Q0rY;9lihv(PqO8{SIm&#_asd)
z`0eM9$ty<3uE~GgYE|l-X<ok=Zqv79?I=R{0*To<bRprH6zP>(=2hw6*z%0=t8Lbc
zO-+5o*#OJ!lRX-r8!6etBe3S>)%9>%sN4VNs?m<HaC>@0eV4GL<W;YX485lX%dKwL
zwm0qc`*vrtS<LjWeU!q}vXbjCh3m%G@N|u6TczCw>-LmZ2+1+_E2w;TVu)?b$^M*m
zX5QI*Tis8bT*W7TB7ULA;yL8-##S<d?W2glOJl=R?j}0@!mN4jO82++KaiR^y7l~G
z?X7Ry-xy@h^*fq)MZY=s@c{j*rPku60|!3D%|E}>F=8Y@@bS4OetAxwKiT~f;@2Y{
zP1_-R>7`|tmfC@XM!nrWdag6#qU?IBIWr<6jk^1|npJ$rwi~!Mg>nT8^^%z0%jbtz
zQ?8t=ihgWaF=gG?uQK0aXUEK6L7{ZiXBE{2ENE<gu6^!xgh;okLBi5|=RZ=ia-F}F
zN6(W}z2R0iId1>dE=6yp*hsI^=c`loy7SuD=Xd<I`s{NSjM{rnd2>(4SHJuF%cz_U
zjd^EJR+Z1ul$!l8z_oavpv1<4$VGF$yi4zIc{MepuYSoqoCWt4*vh&FE5BRSMJ$!*
zcI7HRJ9y>;^Yc`>ai(2JU*&Yl1(WZ`?>u`hbb;-%OXwB6V){ozc0`oW#_LS4Xw9Kj
zCm4PGdi_?<S-Fon`Y|$%d)0R3Jl+0rg3)SjA(DLPZr<DEgQ4DM?r)29J~ZE(&03B<
z^g3BvG-zlvm%Y*ew6?9QD3|y6w-kE_SZ`+3Bvo|v8+~^yVKO)<!r3{8ox1-#<Z$%s
z_le<%m9JytCpLKd2*Rtj`QDaIpm~0Co%sg-wzX`=dd|O|#K}#pP&H4_`A4@0ufn!A
zRZ<L~e&?quO6{^Z%+eK{xp?j8l}pCARZfgulv6v9uVCn+`zc;)HYrY0X5uY9JgCPv
z|L)z3rinHcUyk$s-bSv6(=?!?hTI2#aoS3m{QCj>u5Q*H4~yVscg=%H`!I9b%I&1&
z*=_yo(9Dm2-F?3IeCk^TY5ICcJyv2<8ZGE(c1U=x{k!<t#H*^>OJ9I*V;_3b-{W5^
zU3{TXX2ic%KK|<A!3CqmNB;VO$g%1h{7y8@yyB;X`}n3NRDBigw3OXj)?rkuYH$Cv
z>03dUp*C@B#Y{lx<|<Lqg!-X!)q@ohfVPtKGOmHteH_V-e_9=k3rmGZ;XF`9pY~Pv
zHv7i6+YTE3`fh~@t~CdJ(1F6jwDWYA@$CU%W;ftCV<AeD*?|Go8og5Cn{Q7+jp*{0
z&nqUnGYeyIVtEC|8nIKY7)XNVL7ec%A%@8Vf(AP-yYG#0=Yx1<`mIKPe<Ri5@QYQ7
z;=v}EB|(waRZ>&*c>rD2CQ#8VM8oJ7f3z0PbMx?c4OKE^_|-|JmP!cVCb%=4r?j&~
z{&nsxQEZJaz^DWBG)V{=#S;-rdJIzeQD@9;VARo?OS7j>!H@z_j|aL4%q(ugEb3Mt
z*p!lFCUbvlFT3u==;QUJa)zIqXWW}{PCR1s?%nIWuU!k~nAW$Q!>!tvUiaC3`X0Z#
zcX+`Co9{ut#D78k_?p9khu58nd~6_O`thOe2i`6D+TyON9J;Q%^H)uYjGZ-S9&OMg
zeEvZ@oh3F?4P3%H=&3K79lDu0SzX^Fy3T>UG!urmU@iD34sbk-j-CPIlq*p7fcSm^
z;|sxFOf&P^OD4{9&7LzS50f@}y=4j%?@Iy3))Y&`OlE?Rya|L#u-J8uGSmv18ykH=
z8UV2Hs<d=I0Iy0f31Q)x05PF*C<NE*F<=MEE*LW{p5uPuw3?+XvTOK!X^{{sBj<Ex
zhTc51t|air*49>W0;p0yi_!NQ_9b`+v*yiHK}<`JjU;ANu2@g!8=nehM^~7Y)2P%*
zWHw0cW#T6Xh(^>eNQ1@qh<Kgl!P_OUqpQ1{jD9{gG`z--&$)EtOSHo2EsK`ZtPA~l
z<5+Mzd4<OTV~^>;l5%vyJ^lL3tD=oCc0v$vz=|V|#zkCl6Z=<$wWZTOO#Ug8>*dE~
zGNE1y0wfIxxH~#ow4_99fI+VbWN))zt9ax{U?MNC3H(lZyG0z-^@z>@@BrYefSgET
zhlMd9L9<~xfG`!;uV2rE_F`%?Eoh%R7*UV|?(J};9UCWBOnCStsf-LvAahXEgW$mv
zfl9Myn8=|)1g-okOd!EA5|WoU=)0sj+>8hz&}A+_kPc*wcVo)V)UnpqRx;H=P~k%G
z4v1R<Q0M>y>`L%8eff7R1QG<vWD$6)92BHitrCJi$rOs`EM+&4W$IG*lBWdYDUdh(
zF$^J^N33eShDXuSBxw+tOBxB)GCJ{UQOh^OHG_m&Lzj|g8FMJ~nrb9@zJ4kEf=SmO
z|K<W*A;URk;txZNfL942bpB1LM2*4^yDO3{1Tu~v)>;b?AIyziYqlD<>R3#^5v);w
zb_Xd!ikMXqYcash-EBO}o1=|8#{{*hajk(NBiq)=$I*=ru;1Pl&>YM{h!qA<WY7dO
z?E;+L;3)$O6wVdrry?i^Z|Hz`Jvm?Esx6@5d{EO3-oWjEfK_r(#49{|@q)9=#MpTK
znl+D@-_tSqgeo$)bL;hDE<g-`6K0h`$N(jyuZ5*$MkeBV9zt{$%A7G{M&*mXTv0hT
z5kyap(Vvv4<IlkBs|3UH4J;}!c#2D-rjBs?7)DkE=p{u%@FvIv>Fkll`q+pF$VfoK
zRs%{=>6Mj)OrpxFsB7>op0W!V+LBNH{2;DMLs$J}Jl|`PIlZMIZx9X%0h)1-@Gt3p
z)1*5?4I~Y`@yj?;;5sp5+4_8C?>K`|6%*!C|Ha9AVoxH}WW$m0SvYP_91EUgW$`@l
z@iW}fy2tw%TUuJ0d@;OzL70b!K#k$vVclWc%_}A$5xhi4|N0F9>n;gfr(0Dl<3at6
z@<MdFkvFTmbJ9$fDz$m@8{jvdp1|<;V8^WziU5mc-@$`R2JQ@uz54Oc?;MxW(L)h$
z41@<_jK1=>{)j#zue*O_L>2rP=)Dr`WaA3N3W^0Jjotd~A(%3Qt12M6(?y*vEkbgc
zsj07kHp*zRKt#TR$#ovge}K6?DLHp~JqyNaAF8W~`$k^U3gG9fgaAi!P_W@7jq=>)
z2b+sPprWd#=J`0l_|&OKHNAqAO>m9+LdU|b`0(LT#^(sF=XXGkAd4N(Tm_!nn0v`O
zt$hV%?`+U9h}76`TT`co!G^-2G9ZYDj~sCYd0|cpc2js}=21&uK0b2F@L!*Z!74<g
zFg&?Fc&F?%>4@Q<`0)TQIo)bth5B(pP!rv$5H~Kkg-YaK6p^5P-I5ZyZ+|>1hkG@9
zeF&qBB$<ObZ?p9*J7KYyn3!G}2tPjXyG6`kBtplrazE0jv{IM+rP~&Z(wyfiKiVcP
zdFD)ghne1}V3re37pPOP*E$=o3suWox6t5_e8F;0H!V{^v@Y;WX~=9GV{ig-^}GNc
zV5p3RG+$`ZxrSpRCwxKF!u53#y*lXRQ-JB_!B0{~%L5EAUXYj|pnQp&Q08`4O!^7|
z&DPqF^wrf0=d6M?;jof=>5NOU;HAk03AD!6BaTV*lDo~C^u3bN>_=ZcLdFyP8^?cs
z(qlRm6H9NyI0)PSM7Kn85*SYDtj#(G2FYoDn5SSE<`4B{_F$<j<{`&Cu5pVBP{4R~
zgA+%=rfu6i5)v#uiZ?|&L7zW1Hg*!C=#NmbiyP){eDu~_K#7hpaK)sft3^diPM!r-
z86ZMPXYed2lPUFv@(nSfLB;dg!|8aGuzd0K^K(a__MsDcC!SfW*dN!@nufQ&T~@Z_
zP_VZIM&^*I<zwIs|MKL)wFbqQc)$aL1K&Ey`rz*K?9PNR5WFTvdK0SU@r1C-gKY}}
zL+GnL!dVwDUc9Oqrwmv*AlXW=H2Fc;^*2ehaB_MDOVJ8E{rqnX8NzQD;qgP!%kBwS
zcck1dU8(T%Mv=PSpG3Sb2)Pm1{qXtD-d;cGkHT|vSAt54wCb><6Cj0Mgk>wT0$NbA
z5regKap7PgZFvf4NS|R!hBvkgYz+*mPhx4mm}^pEwFLfEV8K9Ir?Gwas%m*-Iy6!y
zpf{5FC>B4-&_-<ZT+o3Pn_y(hg{O23X^waUMD_s_lU<f<*BSG!L1}<{UBl2YC2fF)
z`x;{cS8P=n8!C=O_2Jl2f+^1hIHgn6Y31J-)xo%vTk!m#w4Vch(kA2zz@VEvXDb}?
zFhzQa=e)_PNlrJ_j%NpR^-&tex#Wr_7V==dq+T981Esy%(Yl}8tq4kXu!)H#Oqy>V
z@odMV2%R(@OiNCl57Js5P78`0vyy0)5QK1PePL;hVb|E2YL@laEZ$Ul#ZA_IXihOz
zj?S8^G^q4_GN`hyb>@%z+(gy<L}LrQTGyanaP={4d|~I0iZ&LLQg~Nv_xACr((^nI
zeT+29qbHe}>-Ox~qX(<q8X+HLb)I<rRAcuh=Kdgo1q%=af4HrqV~<FXH?~&XlP8*L
zkR%FIWY~H<lYx3_>hY5`?%VZ0K`4j;s~HC8PwMxGxcI3mVGJjXNh8eG!1dV#J#OgH
zxj?F=k=RT4-8u%B-HDWLktqOcOv||`Ih<Ty+u8y=JZ3@?k;C~X-z}J>K%z#p0J!vH
zAYtGG7dAj1RjFR8@pN$fppl6{Ayfgm&8e6YKP>oL*XJ%1lKp<8t4A?Jd0?VQgNghF
zGu)-8OiYw4GVURL7XYS*;`0w<K~gUHYQyT<+DnL$3?2sb<^GUo#-}Za`8XyI+E&vz
zJYYm*Ra09%w3tyh)HQo0w$P$lRxcC~ux406kD3>8cY^nxfbrnA)vH~>we$2e!`v(#
zj60zpmR)Owg)Mty(u%l#-r_R*cPl@tFe7I;u_?w*{N&Qoc3Oh1LcAs1+}({xZ0f#X
zWIN0vE`gxg`_*$*orz}|?eyvR`Dz_2j!|A>>O}|j%mjqEoeT3z4CDik!bcbG44=XF
z2z{O&n#!}R?B_QfiFiVJz`ETM#u|!Q$=PyRB5W@w%4HmhL_IZkrQFk)*G4^e^9Ef}
z2b%ci#4c8zyno3z=M9{O#O~$786zo7s`q@EgA*wfVTu3XwXoRFJ&vU|a$s{{liQC!
zApe!fu$_2RfO)kfR@s+v6p*QKk_ns^WyL=6{sWz6_Q7HcVl43wmY}0d$jaL4R<=s*
zr@{L_zr=`>LwIsJXpOFl;ho<$8K|MqHZwEBFAuDPjVsQN-pm0oz=>HQamNS22B(zS
z`Sag12M%8C;Q6`u6JOA~F7-rJq1*>GVwJpnZbPxng$uht2*ns$Lr>2e35QBin)H;K
zO+R1EompS@`4FuJi5S7$pLkK>oI%lQ^!naCz5`+MD?n5N)2jfJ(no1&<oE7u;=u1g
z|CNWgaeAgu1{*wS^m@CKjuMAI(s`aZv4ZjtE>?5g6~{_0cb}V!8S9gQ5-&p$DvmQa
zhE2h~i><aG9U=}uMF%7n;Ar^_S3=DHL4Z$C>OEp;=nt*x>!zlas1S&+7<lQAG7iGG
z0Y?=HCH`BZ)HBi1*0yTZDhkY(iO~h|!jY9X=@!<`J;nrO1}Qyu#IX<MGg5p>%L8Xx
z-{|Odq1HGH%kjWqamblsJ3NMo=oTEiM5KxOLJ&6z97B`d*3VqfM~!1iUUJ#nYj}w9
z>%|{))XVbtw>le#aZtcgaH!(rMcUfhe$dZz9J5MGiS-7a{%S~HK*oOc<aEg?^62nD
z6G7F7*9)Ojl8$5fa!!D~e@x|uX$=o$m+~qhSY{L#O9;EfO+qyD3iHYf2zbV*8g8+w
z-2-eK59HQ>Z?N)D9Wfjr1z$MBLd%V83<y&TK|i|)ItO%jyG>tU{J1+xGaRo6hwU|_
zdnb-1AcX+WgJ=%$^TB@IesV0eXUsP#Olw?o7<7_7kblBd)a}uuHQ++efN%sd&TEHs
z;e)ydnb4(WW|xY_goR+~HV;-Ds1mp8GSWAHU~4iVFTGVy3mN&jLVYDy4Ec~k8*g1d
ztP;~>wKy$JC8eoIK>n|i7X7I-E}JixG0(?WJq(8b-kWLc5y*SZP;ly{w154od0)iK
zB8(PE&ngpGv`7gyFb-MOX3~$2CTxI}sD1BWHM`=`?EkE&YwOnu30;F?_f&6+^CYp^
zfe^*(tGSukDhiRTB-I`~tPnR)&=q#`=57=u%E}NZ%jjVxa&x0*IBa1NU*m#3zX!)F
zp?MEG*!i+CNxz9pmE$2ko2H3Lq*mIjwjuv;R^I`(%_%G%n$+(-U+C$Xo}3QBs%O7F
z*llJO7I~1_!_nsk)}_6J!<=s*R>}zPQuXB(B!uAYdU|>n2EQJByGYo2gbG3x?3!L;
z!$Ea{{!u1to9E3y!;M%axLgassQ!Y&1ODo8UOlP?p0yG-<vR5T8;|Q*Sz2-mDMGh*
zss|K$Wkj&R%q6Z`J|iRJDQU7YuP+V0?M*{zjk7qwS4H5*J_?!8*F`FvmPk-d>xhpB
z{DgnC2elhw5{lUH1|($$3}8qJ3VomZml@`JP-t~icQ8%fkwwt>dl96Lq#x2VBju~|
zn(UepYlkS!xU{rP+Q#yGDXVE)S7j2bIAT19!VxaV+b>X1Pd^zI6Q&)T)ExiEvbu(4
z_38QA<9f{#Wgo+w(b40~aL9svaa*VN#NL~HhUbd<z+xa?)<iYtkk#8o?*q3KjJVaX
z<OQ7d{g%r1dBX~;niQgW1vHrw)h<8JeaV^!sPN%GG|S(|+Z*{t9Jt&;TH6(;6_K8<
zrB<62U~u^G&3^nAFX&MqWK`EjM?_3nvSf)~3f}j>*Q>fogfeJG9q&<dQKFZ;CqDz;
z6|oE_W|dG*&me?8cfBOg?*2UVU}Px6|97FP@Uu{@bu8HBXx##~Z$7%R^xQ{T;GfLK
zBm86dTIz71Nb|>uEL2r_*!an|Dk}P)Bw6|y>FE!1a}6%_SWgr!_<f9>|JyMpEJl>P
zh#~n5Bmu5O#0nRZnt50_#7h*u>g8tAL=B7@!uHaiz$<W!z)y<;sDYT7B1pPsD=edm
z(t-OM1lChwr&SI&P9%5my{wW*Orm+0*FcI$@}Y2De5kGEr11-GqlJ&Pw>9TDZX*O1
z^hzY+r`dTl^ums8P<{x8pq+435L6>L#uO0;a0J;da?Ks#xbn|6rm3uRTRt0}o8gIx
zb5VjSL8A#O5XpfsJ7)r=HOxqfj0siig7fb;sW2ZEZ;NJ8F0fh7gf|ZOVn)`tcsdnq
zzU<)|eZVezE?wFRPPPXo^@JDpq&2uo;kp_~EQ9+k*wzjHzitAXbVMEhV}0gUAb|wz
z^{_BRx3M2G^mK@+L)~Wq)r9QY9|j7L{~kGgI;vEN50&=Pr3cUAE91N)EEOn1r6HB^
z_V<s06Gc~#@P-XuC^u(asmZ&eIUdy#TucKSA99Puy88NoXamJ`pSbby@wwUjV<Flz
z5|@w=iIeFT))X)mVu}a>xy89f+}yiidR_ijG>eIn-5hjCI9jNrWDm@N0!Y<V0fj12
zzJTcfUzUSM|2h`I9>uW;rWLAaxOWka59CB%o}IsH@SOIAw!LFCFrnYymGYP|pI?n=
zXi(UqydL`eYN{*UCf(UHpJ5nJ^$j)DWCU9%{H#oPtM=?38gdvUrqEzBWB;MTTkm`K
z4j?O-;ygxu1{}Ei)Ab^SUsuac$9Ipm8TE``0!B*A<?rltyrk}t_p4+}oVxMHpCak0
zaxLw{PoM*Zo8{~*k6*<Q{>`2H$3_<X`T_9&0>>Ur|9x>4KG<9Key<O%Uy_P;tKl39
zS<q_NNl<|&!^lQ6X0XJMmVl}TS#bCVo%-l8{u9*-(VEAP&xI{7(k6z`8#I)pBqkEx
zI}ZEjIX%gX!9c|?FJ0b&EGXi_2H}A_`nQyl634?fI&7PxU{jLcgT@-P!x5Y9stqtK
z1FTtFWyJeIKKHu|yX)J4V||GMo2NRBHSQr<_~7&m^&bEZd@VjL^VwT00MaJ<Acw@s
z2e)BI?5-HTEeYKgB4s}D-xN<}ar@9-z}JCD-EnRa*Q@6_P9%;Ul6>@r-$$PKRj*)X
zS-0=22#Y$ncke48Q)IsqfN-5y!^er8oUII9(^x8mtwdk<Fg|_`=rDb-<a2hu2yapN
z5xp)c*>9f%=w*92qUmqIf`U~2a7#ZN(_OJ-Zb8`<h>;QfwHP%VjzASq?BG)GD6?^7
z;mtpswpDjjC7*o9SX8D^c+9Sx(JhELZ<5pj&iV`4m60W3a0&*$zQUwk>SA<fSTgkf
z3MB0TPHTNP2YP#Y`bogcPR$XYhd7dPwT@M%xKvk#Z(8&RTx6i^2DaWSUdQG!bh?U@
zrlm-LO5ok_3Nx6>mx^!jx%($T4zTn;x3pZtM<>!EG>6nJ-aC&x7%o!?Eg1BdtXVN+
zV2&}ub%4f%qHUkVY<~?ju)n{5!GmpEw-N&k;_IrHbRAMVaf9sGjAqdJ!BsNC#G|t+
zh6|ty2~E>&pSlYdGZM@xID(11+1Y-lb(?2@?PllTW?TeDAU@moX4DdU6O?z$C;Kg9
z|DOT>tFcjuhe>EHjX9$KrNmiJj}Oeches2LUkR%6$mHZhACD$dpUb%H_)l<Ov3n!{
zNibwwfbjq^YDaFL4QrvOom2Ob<Ht9C&~NS))EwL|0w7oc?O!(huu(A*hjy^a4xcz7
z_Q+=#UNtXpXfz?rk~l!wu$DzeMNP;3x}sFLCfB;l^ep2}%b192Je7max_J+X)!QAp
zZ=u<`f%9d4M<8)1flt78z-C_fd0T0$Zkn5P+*nk73<fH=s5~%GftyT5a?5iBBEs?c
z0wzmew)m;K0=#LpqB8F9?OIpOHl}BMDlBK{s0Y)~aiCKr-iBaBDxnR@#j~lS@BQ|s
zW2W=-=PXUSmtPr9@Vrl-R)8f(!ijJcN}ha4f!|VOT-@v{Lu0}B*oE1&^vy%#dk#6B
z*jq|J(KG13q292RK?@({IpV}xc%N$BRm5vz-MQ187}H>7yvkGTbLVyFtxKB;$UYCW
zRFc(%$}T6^V}*>(ERmo&u<e6->{cm{W9k5=YX8w_xTS-fx_}!?cWxmn&E3T822%m>
zJEiT{x@$4vKm_64+z`3T3&H4}QDUjSk@b&F#Uljqt;W~_0xxBFe*knMf<DR>d{WO@
zm|ajPLQ}ZE?W`zYhHGw&(acUBbii~D_%w$cb5{mV4<IV7XpV_5$Jw)qkCTqEZEPp4
zoglJZB{arhv|`Ur=MImKR#j_GH(vx#2-g%Eix1<Kd=yE9&>PBpv#fc--roL-=UkWa
zTlWmDTLSsm#1((<-rb1oLZ1zfm9>w&$O_tzRu7&ogu#kKfU~_1_R`&M2OFrpeXW-+
zTv!nL2iVTnVKVy4Mk&8u=MeKig?y-=I?luCb4UHPm~HvOwoaC7t7%wMc^6ZH8tGDa
zn^=#_3B(FWY~G*rLFBziNi6~<d}&g%chP@!egQC=|EHOYEI&=qm?^Q;P&9Qk#Wc!E
zh`?R}ckj-&vg(^(AguDeW2O=ol`(y<U)jKbH5p%FNfXr`YGVy8EjLUQC;=<k);H8c
zov9q~$$aCLB8pA0-&uZ3CbQi|{@a1c6_=@7rP+_jf_kDM3!kmk8F~ky@vd^%39DT!
z2)7PA7-2NWUoHdIcXxA3Zw~zvj82GK7Je$!82|4UEUD%a=3DTNiA`(9G{pg7X6_wf
zP6M-HiED6a9DhbECg2jW{Mqy8l^6)vj!4u1thAKo(@dxa%)j=Lf_?uLAR*dXTJVL(
zJ!TH>xC}ir=>Glv4$rm9%gc9BI>BR)V3<n?3SMQ6hq3R1)Cm{seTNRM6N&%`TAzJ6
ztx4|JlqH8zS*u{((l;M5enYsqy0V*~C?}j$_aC1QGLocoZN63;a5t@^XaTMse*R(d
zmbbdaq<YBqo5X)kjs{br4MF=X%*@L5A0XMbn}*MJPl1}-KN;ySzpywZIXN1@Mi)~@
zTl@6m(%w(mmjl78?kuCS(t6~Q+W2WQo8@Jz<O^3C7N`xU9AkG@<+>REIFm8}1o6q(
ztOxizJ7t-y3p&L;6f%^8nrk-Y?*02!)X5^MjSMTZw+bJ9U(_u)I=c_yQ$irk^MLxF
zqoP0SL@M(q3=cV3H&Y#-O#WxTnfS3SfHD3mAUT=3r`1wc{(sJUg0`@L>=owHJe^sR
z?eqd(>n4FA{8EKca+%HJNX6{yJH5JmGB94i#P@B~A5jFbg)<>i^%(O*Cy7N*X_&(A
z92FF24q1VEjhcy*a95k<kE#+U@zTcZ%SSHxg07usg1jxDu_;RJBvX}05uh;v;IrmM
z<I(Fapd<Y5PeWe8NCJld3V4bJ4m!la+B`jQ1QUBQ>Aw;~J-qkOp&1XIqY410;82@_
z(KN~}q}z5KZ>p<qavD5{;SW-0rdVauRXwWaT^{R4){@00_(go#0xSawq+Pz@$$Ht^
zXI<X<VHI#K+pKJldF@H*En8-1#odXZddyqCPL7-q#eEG~5<m!sSb+>qaTKBXq=&&R
z11^NkdhuN>dPzX?N_Ju4OwUn?lTWFXZxdbx!X0DlYN28z*%WYTYJoI$`pJ9rsT3-+
z+Ym%;lKb^V9eMY8uV0@o!tQ{09^L;n7|dxLWw=Xsz+?n2NynibMO%d)WZSr*_q<_R
z$QY%ynfl`SBmt%r6a=vTw_j|TmOIwMS(nOD*~euqui*KuYr>~M_-~V{i%LqaiFApM
zu~Y9DJ|8;-j;t_z-ZkjTUzkqaBOhjSy|Fdn<K&`*A1~RqvIYBb3`W^QE}d4i_zMh%
z_kXq94my{!;Ec%Ydu+VdWR+0PMK4LID)~KC&$*tpCuoU4Kof}rykoOM+{n#EY?QWc
z`v>*dJ2@46wqY!U@-q@?Z1DLZUXXD9ftW$aX>Zt$Kh}Z!u7OfnC=ad9^PZ+Zl;mOB
zfb#eu+DrrpbX{;TP4BZyrJtMoY;gZZR1YZ?W;QFc&YO6%&QV`zcjwym)=x(tJlafB
zQs36w0bmCi;VR%1r%8Iz3UAI%Cr0MxOy>i(PD@tT(5`%8aXji47M4H4-we^8I|u_r
zR6AB;$P&sv(=*0#1;*A(Xyfm#`r+x-3SNjFg5e7!V%QCtDVlK~_Mvc8Mz+KJm2#dW
zAP|E{NGbPu)T{2>GeL89x<c=xoj8$;su3<Xe#CmPDf`)LAIiQQ1+^6lQ8u>Bf|l+c
zdR(u3ejzPnyt%qh0_TTA%b@GxXT4Tx-D3fR;~y40E2=GhN4rrfSopEzVD}M1b2p$e
zZIh&0ehlDBoiOw6K8qj?f+Lt9!3hk4*C=2&!T-DNm1htaNnFfpZD}zk`t<5*?Gcur
zSThQJv~I*1gOpe#5t)P;P%ihHtY>lAriK6J0>HotxGrXLoG5y#^fN)w2VlBOd4|IJ
z%%&2&fT83fqaW}?-Iufm<lli!Q?y6G*{zv1l7$K*AHDMzaKtcGAZ7R8CwJ|)ybZlS
zI5&kp<Knm1V?(3e0_=gPUMYC#FPoZjU+b({_PTs>v$hlbx42jGELrjj+ZsLb6Gm1V
z6N&{nXi4{4>Ft?#2S6OnnBK5i3ZR#lRl^+hfif<zp50Jiq*bJoI<c(FaD#QX>3VsT
zFmGG$AICEx)pPm{Ml_#75^f{J3wfdcn5<G@2A;xAjt4d+O4AF4J|t+Ol!tcV1t`=>
zh7vK<!_KwMb>l11V2duEqf1}LU^RrcXZ-?M&hF}H7HI2=8`(C()Wvj4Mt<2KOK4;q
zKM9YCf&wpNykJ4x#M{g4;6ax0dR8gFp{x{}*W`eAe_ZGP&E(MT_W$wZaLnhb7Q?f^
z3MUu>K#0hfFiU`KT!e!Vs@vI@n;rXh;+8f7odvo|MI5>EW1pucF}e7pXJOOAj8F;b
z$)&~b;0jD4=t$TcMvU`M$aDfShtzv661ZVWnr|BBysnY25?3+7>ERALqkm}Lk?$#I
zY}T+IAR<oaY~7RTBn}7w%T}u<UjRC``s12|C5!1RU`RW2KL5)gQJn=mJRV?jkc8?>
z>`R$!h*Uj*;dC-<E5aURWM--YVkH!o7!w%V%cPX-_}5EU8lF0LG-dIQ;YB{`rSyZz
z2-o~F(2_~NYcZJ)84mf>z)c00(X<#uQikjii2B`BBX@%bMY3Cte1+$(2I7Z-bS-nX
z-XoyIl-MS3f)hA?65Jo+d8G)$T{7VW29sz=TM4*bIzHz>QcQjG$5GQAgF2=3w|7Q)
zQp*&g<#Kr=6Xa=c;=(>KXdz`W#(h@CMYSELS(1eYlq4U0Cs-T7c*ybsoutVghC9LV
zw<-^uMtd;l(c>KNX~^=2Bc2L+V`2xj|IdvTx~Db(zCN0GEZmN***<gHG*pF)F-W+H
z*&vuh@rj9xD?feuH2X>^t!DbXsHH-;L}<2xrAO`hnlPRd#`6kH9J%QYhD$k~Dhb5_
z76tXTFPI@QOO)_h4kEz>!8@HnItJlbE}i*zZ{Jo1iDTNXzPw|9AwqeduicrLY?q*h
zgY0(%^PMeQwh&oPFRE=ds6p4DytKY_DH@H-5ho|PdHmZo)PlPNp3&{LC~;n_sjjX7
z;pc5(;dRvRDypiLAZuh~axZVTUZ&@H#KL7SZZj5a1k`{}tpbcf=BkjmJpZHPMu2!V
zEots>Scv<}14gh}khZMZ==$vkh&J7Fe<|JP%>}0KIe{bmh6P>1)ih1!YHfwMu{QqZ
zHiVO`EXdEd*&cQWQ(R1klZGci2_o>E@|qP`5s1e<jGU_B-iBZ_zGhI`>2Zo>61+@M
z>H3{?7v)N(#1gzq9rZt9Y~XwkfuHzb0RVT&gT#QU6O)HR>AOo!{0&chVimq?Mu#;(
zrwa;2;1QSKTDu=3Q%v6TA{sPX4J}yrTbL?n1><f=6mGV0;$cjhc#i}-u!9|_ctgG)
zCIgQE7YkJS`xsUGm{X!`PEWg3O*}4Ch<8;nAOU>vJgM<-pjqbT7kS`*kiaK6Fs`Ic
zRHrz|gqRlkl+%DWfkpQcpSvNh;Aq%P9H4iQ1cA+Xwvstw!ydI6-|5%Qwyq76EWAU1
zNBNAi+@AQ|Vhpu%HkqiVQYTvlh#@~|bWgnrIKR_~E;JrY9p@pjYb50sP;AbF`5t%G
z0AjhI{CN%eHg?_46*t~iBUK*AE<EZAumBuo_zCWoYU(|`-zNO=jpX!m`y?F4ebJMA
z?xV70i9i{rOJdCH%jdB*W`c+I?c1h1UgtpG!xXCT+otCSG&B~F)K$V<!axQ3RD#`o
zlv3H9Pur3Idvu#>>Tgax;`a-;<u!Sy{O=%NsJwY9jFK=dJY+9#+ogq+-1lpCe`}!X
zNZC$G@PP~IuE+ra2j-Oz=EoFaWY}kZ{cAHe4fo>3AHFg9?&EQhZ#H6m`Tu^Vdm1uA
z5D6>puQO$NwNq>8boU=$HTAn`MHR=UnooenaLLaHXlJK?7j3(mn%WiU^I^u83M-yi
zt@w`bI+nz50>)iK$6S75njcG4o>m$o8IA~EF&~<T-Uw7rq#)~keEe^?2nk31)|2>O
z<kPyVYP||D$ihYetMI~w3okLrJFKHKlZ3opMOYTgy2)X=l9^d-;-od;X_7w<gTR+~
z?G_n)_*+lG^bcsl!1dn<sa+Zjj08+Tl_TcAI6M$#b_MmA`8nk7c){@{5z-fMfUiPa
zjM@L{7c3k<SiDzIh{6Jl5X_2ilzp7o8zga*{r`i(?2QQl>LI;t8(|RSS)SO*Leb_2
zcm&{sNmKS^;2`-h<ZBS?ohrxNOFE3!j9LR%{6H9;B`yimV&352A@nX`B+Ks2U8?c;
zL2erFj#j0!lf`i;pvfCbv^4v)^47h3Bnm-GM@K2?s0nUaMLn#4i~$1RK};@Q^x!hG
z1ja>>@Qv(jIpPtIaYf(?&krn13ya7936*T5yu>(6*$rGn3WfWsCxC(tqG$-B2KxRB
z7D_5%|0AWeXQb|bU@HI4Zk-KD=93n5ysD^eN%kOqK4K@2^ZQAwRHln&`~GU${~~V6
zoF*Ic2b;D$w>(z1P=Wgk>?Y9fx@BeAWo2+tNN6dXes=+^!D*S1EPXTH@HcH%CiU&F
zr@A<fF1XdD{ll;MN{vb<4@&Gufbz2Bqy9yvM8m!+N^>u!C5jHnF$aZ`vux^=Da1`Q
zZxEzS5{`t@;g*moyBF%!a@6n{1|{#`M{U(!SS^nZ*(yw7-MZ_5#)r-)RG6tH9X*1v
zTYo)HQ?+mn4HXslM0>_?_a1l~KkIjb>KySkDH#Wqm8XG5__p4VF$VCA5J4BdC(Zj0
z+(IwqegqzpPqhNLF>u)S@-%~+OZv%IQ-p*_h!Z$+Nz4#gyBoOgz>rn%9{$eDMt=jp
z2B|5#@Yx=rQi(gm&0B@h3Rr_fpoh&VQ-F&apMr}Vx9wTh+BIu5PM&<&#M|~xL22C2
z3uW|JfUJwGwUg1$ndRN<H9<=uQ|Dd@&skn@8=u;CFGajExRcYM#ufYoD86Ib8&B@l
zZbi6m_w3)#3Cin+%Pq>KED6J0-++JxpeMt5YZYY39V0U&tp|JxB!Z}@kqD^^;p&7K
z4Vmv8b5!)P2??*^&)~kl1UbvQmEnXR=*z^MFc!RIP}MW)V=^<B64a@_ro82rCY=W=
zdnnm&rFNQ}#Q-k&2o(@F<;uRON{2=ldO6rRB$x%*u}r(o@K_kGYK-uR;~-YRXJo){
zYFyRJ+aON?5dVW{%3ax3laj!@oW^h5`g(C|@XzD7X3IYgnMJ#^zIMN{U>Gz0v*j$W
ztQ2x={`E<Lk&>VU>{<~~QEs@LVvJzf%f>067uBA`_GRkUj`U(c0vfDIgZho+*f6Zv
z>PwSNPcKeIHph}5WmyBD0UXV|kSfD&>@nK*^SW+n=f*+$R9N~U^ZXSXri0?1mOkH1
zMyD6O<mU~wC}voU3}N$H;c!8a42UHFplFB$;Rjk$IV`4pOiOEx9DeIMMx+pLWMsz0
z#_qyWt+CW(V78<T*B?-YzI1lR9yu!di#{oPt65{xdQcWtUuY4D7mRFQwkvo=929(s
z@S_O;NuvT|b~^VW@7xu=n8mO<{QSTN8a9wDe-JXZbLY;B;O|#RTmu-2A4Wz;f>$47
zK))nv0$3s0tch+t9j)~06|FRFEGIDgPZu=>^{&ox(VY8UVMBCRbLlNCQT<=zy<;8b
zq3Oim09mb9fUB&6eI#+_!g-F0a}zR4aEmKORuC2uu%wzgUBp!rV_Eo{!}<^=%X86e
z>NOCC61aC&4hJpR|3O_$XNjol{~O^^Vsi79#>wj~!GTmP$L&bTA~_#$=Wqgwnb$so
z@dA;+06=z!6$SCb1o)u@m&HSKC+cTX0Dif_?(j2s&~Hjh3qev#MH>^^I|P^mWsV0}
z&BTWattIi(o+;q;FvIWP`IS%QnirD^{hf)aFR`Ff?fMMB4qo0EolwXIm9M`>---;o
z!4?EhRDeW*0PHQkK@)A*bDsH#_a4=nw}DoOt?u{NbrYz^lXVB``lMs2*FeOB#YzQ6
z@SUKg<hAgi!XuG2h_zY^&tMWvSE}gtU&KaJZa>f<IDJ|&)@HCV^|1!e5gZ3{+8|cA
z3OKjzNZ{|v-_qzn+@vObe|s~2Lij6qBaH7Yd<sG8Qp7k>@wsYbI6AAqv^1$WEfEAY
z@d5!lbcq4J_dnJ7UY?#0fu(h}1vR+*14%Ls9z*;C{r#&jvCMcFLFf&Ji7Ytaw6(TE
zCIP#_ho~+9Bl|9sT95QQ;KZ=r9vB|3))zlqdxH&hy9!JOGh{xUGB@7~=l}u(6&#A2
zc>OmtcyxYK{1b?E-XLB^;ENY8dM2PLSVRe>0+G{`<hw`J9QX4x^bMg4+D-Bi9Q5Z6
zzuxnKftCEfn2S3vbh)J_NB$eZ(IM*#z3f-bS+-K@+d*E(+)ugA%i*=W^-S4=PZ&J@
ztjT!0DV#t46mecQB@(v3e_KlI%il)Psit1jDNd0ZLpJ=rk~M3ujb(5A`O}n%1tyvs
z8BJY(JNo0IpT9+l-Xk)?VpF#8P2+ww%II4wrN4tCB{w1esjKs6ZqvH89GMg6POP}*
zxj@;iY30fjdPnUp=w{9}kvP8K0V8C`)Y|F<$4x?24i(+CO=(-@8?x9XFFW2X3+GzA
zH2XN$&u=0zB}YfE&3A=Q_TIp`XEa|-eZ6h;x?wS8?l^N-?1vh&=d~HZC&P{=(33K3
zga4#&OauGQ<i<*sm!DqD61rAg_bf(f^M<T3`vYV2J=rzoSN5Jh%?md8;;&zKuK4q8
zG;dgDZmyH4D>qBtR^$nF@cx7OKY5yxXB1bk{%E_h?Y*S51?6^*L!?TT+r+&WPlv-s
z508h5Y1A{>y|L3Do_YAJ>Gqf0?2Tv7(fcdcHp)8lDP^7O{&wL&^0)6NZcozv?KKVN
zC+HZuGl~Qv+uts_4c8F7m7kXfltF?|YSTO0=gc)YKYKJtTw|nb9_8VmXVyFFw^ToK
z-XvbIvXv`VQoef5q7mJbdGb;RK3ZMpNNbyE(%msLEX|azr!;k)j@HRe8Y`hE`)iJa
z5daY*i*sTwjL#f$w6Q5)a~wIpH8nd;9rahZUY6C|lEt<1<u*}H5n*A$6GrE62<m5^
zEbeW%;{ezEm>5fV;xSo{_C58}*^^EOl9CFnHcJ`R(P#n5J+)l4@d?Z9kuk~1fq|1d
z?H`xQ-$oQs50$;mz;Tin-y>3+rEn<Z<?z$(jk1nMFCDPn!DNkIXilA))A(uL`Ksz+
z(T2=<+Hh@jxwQ2=zno|B?Zw-(NAx_pP=e(b?xEEh7P+y<1$=WZa4g!tZ&N=P^<|s)
z9Q!c2+3uPf5?Gq~g*p=3wqdPFfU)SN&+ih5>Xd5PurEX5*NWU})fSq*X=-6lr_ZaK
zu13iiz;D&jQ~dvEd-JfE|F(U6vZhdpq>w}@t&*i^qK%4nEhI(S5D`i>i54o+o~@#^
z7bz4P(xQdZN|v<Iszs%yX6Ado@Ohs5xu5$vj^97OKkobZ*ru8Hyq4=auXAzy%&p_>
zyv9@qXY8v_`#2O&&a8UFaguw2`;_I_0M9_UgyES^t{g9~p;s9e@(**u-i`;o6y6YD
zU7z}7lb7=Fg$p(ty|>JAX->?0lZ~P536q6y#|A>9O0}kxH|*Il>2^e#!TxdP$(C~)
zTuZO`ePel@O}bYhD?-_SDNt?Op;hEBe=AU)yGw6jt^d)M`AK)hT&JcC###depB%ch
z+dJB>^7zm8&};3z+=`K0KUB_~PMLb^arFjwWH^7RRbg<;QtB1&Z2Ek^*dH}rQ4Gn2
zT}np;8UFrlHr|DO$~!_tAa&|&^G&CXPhZ~h?9#TiW^Dt;$#;GQ^4&*!xrdn)7?RBh
zTY!DN!oJU(qECDCUD$8hVs&-9&e<LR^6(CQUVg`b!j&|BuYNmpHrtF3a&tXipU|!9
zBOcH4f2MXbTDGJe>^5p;)ST?CugkARFL~huje4ka<5w2e0VV#_&%;j!-k%rwD9tjD
zjPlp^^V1g***q<I;%8iA^{1tD*4OF#rjlvf`{lT=3drsCZ}~#!!H2y4sZeIEf0~%~
zU`h%ng*=$SHx)$<)F}?iV8y5WCnHZ=5`GNZ)#F*PT%INTY#O|Nu<ZEvuiGeU<sxiO
zYy=w{``K@plQ|y~6qj2)zg%f!bKkRb(Ol178N443&k??3Uc+;|S$&EQPR>u0yx;0Z
z7kQP<UsF|OFf_ovBGQx@ZZ$h~NK8pp$eS_84Jm+Fqb9p|r_fK&3k4movu$PHD+A`<
z<y3)?H}8j5N7B2$Y_;hBuaj4}oi=PTR7pF0SYC0XwwEUN59?{mt)?%JoaWlJsIR~K
zQnPiT!Rd(nka^fM2|p?pwdNK0PBVZ1QT;=5=wNgBuxsmypRWS$kFS1H(Xi;7lalAd
z9LzIl*v0V%FDe>LPcI#9%H|Fg#=GN6TCnHs+xxC3&TmiE_$()(NBL^F?fh<5qg?Te
zI{rDx_A#F)wCd@Up`#;by#sH`y8|OMmVH2-@Y=P8LL#B;<?Cidrltxqu=>WwK7QUq
zSDDSTvh1Vq%xl-WRE`SGk~UxQ^oMP`_S<m>R%fw#Ww=Dq&cG-M{R54MPwY}3jkfI@
z537)S%v|zk)AhNF_3Cg>i<dVJJXTlxDfpZCydR$F97?e(*Vn~wu-}!Eq`7uiLQR%&
z)I-JFQ&T6CE1f14gNoWW*j?2U+j7jYwr<DK>cQM^y)UwNPE`+gK4H;WAS4@`HMO4N
zK6h@@o4C;P1J9=GYHLT7mbIVOxqR$ajnb%d!MVk|&J47*@=#w?Rd5|cz4V>VGDS}#
zc4_RWidJHeT*><(yEU}z1a*$r4z$0Q;JLT23u?C~P^zTodTyTVREf*?+pNa5rJylC
z?ue&}Ip^dheogueql028sXKeKTVB+qi(h9A@uX;9S-9W$oclK8y=y-;ulRPtV#)R1
zo&!{O*JRtp6-SJ{2l&L)gyt=8Dex=n?2NxBZcb;UUCkP(WquLUnqrqNUmpMM@cM|z
za#?nHHMQOFgu?Pgi`&aH_vX}{o41UsTCVU##AU8$3;53G(3obP18u&&pxtL=^j%{}
zR#hEnOpop>2nrE7SQc=#OpUpBiBOztnVIfEF-m{9nCo!mQ5wZyo*<>chhx^kvtR1|
zelc<a?vDd<DW)wAce)L4y`)cVbiQslVYT%KyCz@lm={AbW1m&)gOd^-p@JO3E-rJK
zRJOLWu#@A<SGv*ifSu!o<kfl`LoZiT%hFGrxGzjyewxKP>&Emj@nq#^<fP^=u@mtQ
zw7GPti|Q<p5ioZfeTkxc&+BXR8xq*P+3k^o$MM*TugdH_{(aB}Xh?kL&_R>s$}^fw
z)8mmqgQI-P>Fv^6Q%vt)DpO8B_NBm8K|mxFr$EirpeW_VzD$4c{K!#9QQK-e<49@n
z`Pd}80NeUxeKpLDTq+iJToDfVC@ERAxa&tsTxYhoA0PBZ><o+hKYs<(4bVbG;RwJ;
z&py<&&1p(dQ8lrrrJ`m$LZuLg<eXZEudp$dA861W?_7{N<@!;CQtHW6dZvF<-n{Jl
z)?0rr=rP-CXU^^5Hh7lGu`$dgVPGNmNZfnj=K+?l_N7uRuW!39zMkr|{Y}0=_pK#0
z=B9pAUk}V>4yuo{nFBTTjcsErrt-%{bhhf2U;P&<CkNVpJZ@P@UBgKktSb#M80(!q
z&|b#jH_f!W`$?hq^S)tS_LTjLPfM4poL2ilr!J3<Oz2^=TIM&jHs0PUxR8H(Ui9K0
zx3&g3zk9d6IW&FG%abjtdZ`&2uSR>HoE%(n#M3i(*vxZm$v(48U&ub|y?-rZ*_UvM
zzG-Y)teULPT}?YVwTbfeQ+oCtOd#i%eE3pLW2R?(lrKp0mYFwCe&Dn4a+NdN@uRP&
zr5*oXDQ7rbnJMjx3kECC<j=Y*jlTCtfSR>G#0JiA9WO78mkqTS$p!A{jILw-K?M}X
zo*DA;dDVRjW2lA9%5N`i-M0VsS*_IvvOE}1l9o8Q&u!gvE&AHPua>(#ulYXd>GX6P
z6ch*Tr%KA5W5zAsaIo|RyG`?^k(8g3s;}~W*|~qunGbhPp5t^}KS&CcIOWyXuU)6?
z`dmkonRhl--(0@b<Myvh{DS9Nr={fQt8>3!_h-l7wo-l^;OT7Fz<)x%G{$f^c~@^Y
z@85b^{2pEqlAIm?MaH~s&9#!H@z1FalsNQR+!njP9}C6W;r~s|q)$~PN)nPLd_{Xs
zd1KtL=wGqh<w19!_I=9d2UCmx_L(!21nlm&%l=!iRIQ(TI~U`iVlWJ!Dhh;0P{AGm
z-+sh=Vyh%15?s@J!_m<|){<~TtX5p0rBZgo1_2C;{LsLnq2|Nb3f<)G`9Xi{NsoxP
z*#Q(a=v;^>9P-B>SIWAE?f=1NCxYGl{{y>_i^iyn^H5&@Pp6>Zk)2B>aCjN?5HimM
z{%}XRs*R0|zP7fCZgDwsq!_aWM38af!=mQ{q1w=y4#YhWZl564yaOj20bnGNHm72?
z&;Qc%_~nA!#rc@p^>phhh_Mg@QRbZed=?_{;8AS>$Z_~1@|0hu7~Vbp>xY#^zt|$$
zziW4NB?{5B&6qI*Lpvc7T?zb;g93^g(iV#%MKk+(g@l~sSyu|q{UQ-d8~}fy1G0gV
z(K4DHRN``Z99cIP;qNN)<;xeq!P=O^q@}0(jr<2e63>INf$rh|h~Yy2Be`q|n}IQV
zQX5c^3m{wqaRcjw_$K4a<Dh`@{(lOCD78Ozd&XCr(jJUkF1b#3ZTq{}?UH^amS7OV
zw`kE!ZtmxcZM*V7*Sx9h#)S}4WU+|Cdtqe%7jFayr<h1VF8dWs5M}GWl8To91^4pT
zLTRL?0q9;{upRRv0_X!XeuWA9*T{wcKe+{f%D>IdZZ&a9rm}`Y-$R|Wr@(yb-eoyx
z5I`wO$;$G#%q&H;%EjESE*}T28UJtr9556^*1>F8e80QI!|THSPqel1jfv^KptXU#
zN=E8aQ=a76z*ZlM-9@#Pm6g}v8Vv5QD14|f!`TLcKHdsN&BMEVv-hP2Ybn(S6Kf?@
z|E&1^mi2F;aR4k^2NrVfexA8=6Oj_sI)O2H`RC78XP5uc{PdqmUj0YPqw!e5#2Yz?
zV4G{7y&V~;i7~aw-o5F0RuI9>oHeVbZzGs*aD29Eosfw0+zx$Zw3RphY!|3tQ2%RX
zWo4a$$mSL^C@<7}N+^U(C4q6y=>}*36k;3b(IC8^Xx9SiK4SN?qtGCQ-IiShNj@*7
zz+*J6%X_5rVQy|BUYI)@Z5CYuJ_;*WS`1ZQ(y#gtb^!kq!G6Lka&2m;F1&M~IS)}N
zRh$%=eNV0m2@BhmhzEQca@k?l1g+CwB>Pg}n*S4FwrDrT>fJ+29S<!2p8aX!)$gPA
zedUhtIzj&pur5=cAo0LAskG(TYk}C<kim@}lgN9LWIjPcGM7Ujv=ri-C+<J*^$8+<
z@?sfaH>ia62UM_;{zZ&KfE2$dFW-4OKXY!0^`1Tc1qI6Fta##91Wyl*i$KLFYS<T`
zGS{@O+m(RH0a#5C+b`Vjym#^Dp&Lb@^It3@^Gjo6ei9@Ix+9oajwRnaJCnj&-VfC^
zbXMQk$b-=~NS-gD9vg%y_UkM2DF2h|<-fb&=8)Vyvie&7of_u!*_)V%Pz+K{EJKBb
zgbs!1Z!VKV&CDP7eyTs~pU3laM{i=uzsQ7?g&(mS0>ER-{0^v;#O6ZMZD?U}3GBeW
z7P_@P6*8k)7x?}^%lUgXAm{JZ+M?V1cv;OTAw@#M-|lcuB@}$3a+kjG?w;XgOP9){
zNPwNi0dQ`X?Z1c)l&S?V7Q+MLRDA1H>X2O0?~e&jS3<4<w}+PxKx+J%D|t<)MQq!R
z-wx?!z`7ti^SdKU@%LV8w8|}9y=wL9RwSV|F@kK@LTH&uUmEo<<e`5NAvGo(D8}^w
z1iBUc0|ihOTYGw%6V?Sw{tI&mF|EG1Ah;b}o68KQuyHUEd|gqoPVfd;LI5Bo7@7#?
zS>Q7koj%sBla%v{>ZR;ZvjTP~gy>V`jAMJza)?5Adm1%IS^t-U|5ZuJOr4|!pyh5a
zDD+zqvW&_Oeg5;x<(_8N_!&Wu0FL^=m3MqEznrD>E+xjt_R?irmrGa2>+N^>+HQ<`
zZ+q#I`CV}*X{uP4`d!0%^E-xj)|jtcAYAOfX@%5%8g1~Ks()<$uepkx;@=+%I4ju4
z<y3!3{(N#^>o2z`>wWuzabg|*Od$@Xpdy_Q4dp@1)u>M8cDoN$u%Iw$irM164pg=E
z!(qO8UOFLQ(^cPzGiTd1guZG$zG><FfL9X|E00)i@nS55+@lQkN4Z*Her+ZyBD^?s
zH8w!3orV#})DB})H2~Y>FvbE)-6|{VXEH&#ick<}YsvQkn-wik%`w)Gsg%$4B+_XT
zB!ILyseL}WAGGyou)@Z;-v%}&gv~`<-N6;%!Hthf6!s5z!-Uy|0CQjDjJCs7)v%Hd
zwj07*i8~TBdvczexB0;i4;Ijuf!wx(#Zi?#8<U3v@XH||R@SQEBF>Cet5$Kk3NS53
z!r=wXhfJUnl2?yH2i&d~(DY+2K#B~MAB46^EHUuuYIe9dOs1v`KYaL50gfo3iIU0v
zONjU7LE<>o+qg?^(qw(49SsJ#@F!};ya;}2n2=d7tDUJkd1wj!R70F5^#QB0nfCkH
z;t}7Ztt`4%Lc$@SaD>d&A!HM(Gn4c^^B|gs&-HA^NcUaw$FMd+%F`8aXvC1t31uir
zn|`>`sB`)YVDmn}jpISYBpfw}ac9Khn?AIT3{HqML+j_`4JzMD*U;C)H41*xQG<Td
zB`0@uQz7CfsjnC@YoT&ffHn)E7uHvwBH|O?E!$y&PQ0kV^$VF=wrm-h4-nZg&djdn
zymYObphR#X;S>2HPrD?nDszsvZb#18GBB58K!7AnD?E4k-s-eCK@x)vyDE_9ZCqSJ
z@u<0S@Ro_{5Mm&raVF*!*Y;PjA}tD`WdLKFSU!<NVdHyx+n{lK;M5@Xd?ejLs*;6h
z()aMRhJNh=eECI{l`X%o-B)ncDNedQI*akJOQL~h!Qct_yMBM_YiMbhn45EgEL#;v
z6~SEPT))m#T_ufw0#Ws(@XP!jWikVgl+4RfB3tXan`TZ`_&2fRtZ3K(zxP3Mj{HoL
z-O&yySbgu?rwS9v(QI*IEJ3E-7;NHF5hu(qYy`7MmSp4nvwwsSaz%JL8MMeP5)7w#
zOt?(Lv{ev+@EGR~VMb!pR(z=oWtCle$=`oLRs~&QUG1-@0srzk_}y#{{_ZvZ_FE!_
zjxYcF-z}Y=tW&g6=AXs&`|q0U)T6*FjT><>AjSBuz)S}J`S{r91x3*B8)jN6LG6iN
z*?^OTR*8m}6Z;F%K4<{~5L*aO9|{E<71_r^G@N^Pde;!cCyZrg5oy!Olds_L!9jsg
zgKy*k?4FQbcQqy^C91KcL^H6xuP+$O2g9dZsh?=RUb@jP`1&!BC9+z|<AL7zb^SaP
z6eBNiZ5llHa3gWP2s%d{w~_J{GX5qf6&MSHJ}$~*#j@F1%@n&5L!<O>koBs`3Jne2
zGYQtV^<D2s8+OGJyt@VXV91Z!ejQ7CyLdS2J8dKS<x;`+8xbt&(K<WpMcBz2SnGu4
z3HnuDwz28y$!VvuMJR-qi&aYWOz2(6;@v`HE%h0hDqcr>P;VXWozZVSSDj(Dd-s*W
zy|U4Faq5sS5i9lLR7t5w<AhZPlN^}e-)Q&mBqk0kl$1>EJBWuBPTv%>?B!QPs9EAC
z!6?OT;@5&1IoUXtH$lYQ_vHAt{_5uDX2H>`9q1KElR#3Z(7k+xTY4GprG_?8cjkdj
zr-^#dW27tLLDzL?#86z51S8CWx|x^i=?}d)R!B*4AuEqqIzwAolcc*C9A<9UV=b4H
z*7Z~29S0UWKM4vUEGHN+*lf#(g!AQoOzgBUAoOcNV$g!&nog0%kx$eDzMnjURAHpT
z&l$6Voydw7__$rSLV}+zqFqR0bD(kTST<LG_A|!w`E!@GB#zjp#=ReZ3TZiJfd^rz
zMVtVjN(jbSRKC~j-HuEVoJwR?NW3$^Jk$UM7%fs_R6zaIs@03r=`r4mK6_jIWWyQb
z8ki@bP1>Tr8;1gJW^Dbqn4L(}7};7kHwxF)QqgkUKm0}rlS)134jk*?{}feK%|%<_
z&{Ft(#m~V(HPjm99^vIfek4>5@JwCE1<qaWv^3E-C^--z68~s&zsJjY5%py0;oogV
zZ32(JQzLyJjISb?YaYnO6d(8r+`;odJ2AW(6-4Z*ag~pYDNC0vn>k5%v>3(_mo*rq
z%=7v9_)e<yBo)gCr(+THZ12)c*HTD+&&+(#;s@#QxW|vkZ8nUinb)0UJ7`x>U$Bq#
zA!-{;`FSd76*F~yNc{pY3>*OsFlqb-D{^RdkEy9onbKp~4s(}~=bRZQI|&Xe3Hum_
z^_M(^Dik%?;lVKBWnxRO+7TuZ)}a2g1%CvY_2Im<Pft!Dc`TLJ+Q~aCEU3X+kJ>nv
z&8<Ee-Q#!{eeGSFSN@2`5cOs=&mf1-P>jc_ohSaIYDWL>!^~xalfEVSR`HHt=~E-L
z88O$u47zF(E|j)cs+HgJAsHrEL^wz@1Vbu0_*!u`5N7<z>)67umT1FhRwxG)oWABf
z?!v;ts>Ss$TAB)*@8{(B;?my#>}-PR+y1=|p6#B59}vkO)4sA)VTZjWd+OF%e&$_U
zh^UD>KL(`1VQ~p2qhpZHMMn=`aWP^%Y}AkT0(5Zo)~(E6;cnU7siUtjtp!Qx?rG5$
zL{UPrnrHST@tcICyZfl(!h?@no}L+4iOvmA(IctOE-vkhH#s;DF0J1n19V|F5Qn_7
z9j2cO+_>QeNKQ85vw@j%$eA>(1et<0md`!%npJ|Jc2snA%SH0w1rPwqey?&w%Q=gJ
z(4<1%4XA%nCXxmMT{Rw$%1CYdfKy8j-Vn*ka?RiOBxs)ic4)iXM{C*Wc4Be?w(i&N
z?n_9co`Uwrqr0k2MDhtO_uyQ13P@)wF`)KEd4uNKXxAQ#v23aS?3JU6vpWCoz!)!=
zmcn_IqNy!th!7i5RA0Z4&SpJL^j;KF&u9gmg+jqlTvTtAt}`pJT3_1LYE-V8p(PUB
z;H|E%ZsX)cpaf!$f%B_j?Q_}5`;SD(mG<m|gXh*&%F04RLqkG*{0kP;U}+<<jFe1x
z*o{wwF>Llj3E#@jiSUw86cv4GJ}R#a=U*{tkRs5Lk9S5}^CGqfb(X`;AkmVR4~2Lw
z6mWiE!;v&_Fv=Vn_`i;2a!S>)z<4M^vpk4kC`6@kS{0mn2`YAJhDs1E@hj_HNCJyP
zXTH%CL^wn5v_(>vT~5BUuHSl5v$bZA{oLRCBs%Qjdo#E1Ud4fYgrNa;x0;3?!&FJ9
z*GkChCx6h?t{>JE()r!odQJe`ry?l&NQme2QQn84CX?i9eS0Is@q-VnK5Y?Z0E)R8
zw?4o$>}$WL&cFgly647YH!Yu`tZ}kBK0Wf+?lg$kk?(f`#l^Sv2qB>O;5g^BNotXF
zLG4Wb1j@xc<FTZ1m1Z+dls5|CW)kB_s4d0C3+O48{m!0JA6ZwfT<L0|QyISoLJ5R~
zAkP=Lcw^>Q9vlr7{6uXNY!jiF7kX|cA*X;AoFdI0G1sOuQ6?*t&&{JNAdVxv)>=>Y
za0@CWjy3K_UzC;2MsH*3mXX#A;WP(@c%$%+b(Hf{R$DVAL$W3=X=bIfIxSivW~+b9
zM(cyh)E^D#t3OF`MN3v>I6UNW{^z-r-a{b#W<qDh*T!js8yF6V?|}`0E5S)2=pJa?
zh_h~}eT+m-TP4}qxS?@okP9A!;a3sj*nc<(ihL8LQP<&7deB_^2OO*yftd}b9=prr
zNu>EQP0yY^8;=!$zBw$&Qj(2_6|EbPR(hjHgy_$TiAfQ-;8LTS0#?u7j$u+qpg1Tr
zxd}SR|8|<Z3H6|D#?USucI`0Mr{N@HV&Wx)7GO*`%`V)tD6x?Tt|){93grnnQk;}=
zSQ!#QGWg`_w{-6w^_B{Wc(#RMI>SHL8bt~4En9g0dAL|QJk&RJp^{olVZP7}0kv|m
zv*3~}@D>3%5V&bqW2P|f9!fl15OL5EK~N0$ImGY5`lY@IG?(>XLb5m!=zRr^IMMb9
zLSTowf&{2RR-hRe9vgcJOd)WH;JmpU{9v<6F$4?2*#`MAC3t(-uW6$Sj*_e^V|M31
zK6XvrF$o>nK`eP9G=q;0=)E-=7K$M%A<b8Zd3rgVakXC?)<?5;Th;3_08SJTqOjKl
zzpE$}e(h5VunBAJ=tw+#&~Llwr|t~BNi&34;c7(HE%vGN*4A?yzPNv1*6JvvK61_~
za6(^)rZ539;OhQ#MzcRm*~p(xp`4`DTZgA%t)a04*Zcs8s)NJBz6i#{5l$SmGWA;{
zZpE2*+K$>=v<Uh>K(e1VQ{JX%1{$<@ESa!&eaDLCGAImF|CCqr0s@JyWQGqKISnb?
zTG|u>93c%$3stHK(R&IZ6-~yfAOfF3sRIIzTr?(ND{^y-QG{qol^G5=f&oEnBP1GZ
z24ZZsa%F+n<fC}vP67jqI&_T<wNeYYM6aM01ZlelCuVE~Q{w$bY3X2KqPZ1Myw={X
z$ffcb!q`sf$os3{c@eKo7?VkgiK&ZyfhiMezWq)%MyzW(`o&B!zX%#kKeKF};te8k
zs4}nl*99I`-X1g5Pkm$2w{GnMZHF+Gh`IojwOaggv@v_7eCfD&5<TW-Lt(mEwm8aX
z!UBbva1E%+Btd2;z3F_`=yX0LI;xWFkiP-$B!L}$hQ_L`)Scy*-uKAei{rBDH{()g
zG@%RUq%7O)sv$$<pm*TJuyTP2&Ad;2)t~$C=QlC2Hi<<i{<Von_2^QabLF3w=6Ao5
zyrA`l!0!g*4^Gf}JZ+UFPg}>|Urjxa-E`tkiYEwq@=Be$n&kE{k)6`x{_oBRFJroZ
z<-z&8y7>D_H>GywZ<HZmE7*zL^pAPY0npMc(UhED_MSLDi-&JRUB7kf^PC3!a~FBL
z@6@-{0LUuAxy#CF_}b+&8DPv;b#pU6T7anFvX3n-{6E-fFP+cTlHHnOO;^QNh4I39
zP`0t^pGW0DNG-PSelt1`Btl|LViE+o)XL%$r%!8v8k=QJmwgRQMF`d#VK3tRLa$?}
zO9usZy<_bRG(mv>ih%_f?%OwI*;95+E7hb8XGmnGmLG}_v0N*xeXP@iU}3@&jlT^}
zAKWK&*ih(-?gku13I*T=5D{{<N;9?Rf{icYJ-$uM6Ez3?2JC9VZf|L-d5+#)*)ENa
zLh2jCY!%Feh`izEty|cp7jYK#D6#D9?Zr_2!$JwwXxE2_62!;JjP*ZT9&pc_9Y)jj
z%$woz0AI-iudj-x?0>EdP^PB9%^BI%PjebP+Mi&aK`48OLz-hF-F~-z{8d{VR?Zzf
zBls-)LnV(T#^saA3<`;}8-0k$24p_FZ*EFZJo;hCREmuQ3$-FqNZ?Q*IZqcSHvLx<
zx_t_iM5L#ow5mM7-tnQ@fN4HrA4@ycU1m#Dm^<2nFr7I#V?i>V<L=Fx_>S(gC`2cf
zap{9ustM`rBqevgW&<9<A0X;Z;R%Z}2#<?+m|KtzE<Js%`0kr28>l%|aR*C-Uq;F7
z9Rz&RBdxu65)owLu<xDv4*UT7=qp&*+ugwv)&Q@Wq_T-ma&!(*jaZRA)Y3tE{iwt*
z`mtaII&rxTE39>6CL~ZJ!@=@1K%;cAh4>r+)i$u7f)PzE4wf$Hw{qd<;_Bv>1Q+kf
z$7i1tO$kRllDpo)XoQ#`N+4|wD<Ya#JHeoako}O2zWer;op8IvjV1A#XXz$2;2sHB
z`Fs>|Fj+1E!jNlQ!ljHJ19jFF@Dv@v@Xt>2Ub+Dx)4M5niOd{R1*zZJ*dw^PYSB1#
z;gPI@ODLm>&RSgzC)vAbHVfc&)@%)vC*JQs@au6cI5ng#Vxr32zDbwOcNZQ-BP6Hs
zq8!|J0HakTvLSr$hN=ZiR0|b;B3Ruu_^pORh+B(CGs`_peh0V4%YE$2hah_ZuUsEk
zNitw?bea4z=J$Ozdu8u`{<@_l&dAuf8%`w9-0wg&XY-Z@sS`Zmv<Oukn4U3o*&$05
zOH<r3q|KW{A4saOP2Hfo*~&F%PC`e=AqGBL7YgKi_}YN8xGY7-a|fkan%{%qP^0$H
z2*e>9y+-yFu<dSq6~s8j5LZfI;O~_x#e|ya_v5~$tcjm5ihB~WU0WgRq+t=X^Z4+)
z1mnJV^vZ0b;}h^x)+s0?VCV7i8NxM$BObb^3rsOPs`}``ch(hbTgHR;Kn0kO(L#f0
znhX{#xBCX?#$dp#eoAx`W^vynLguEakqqC9Q=v;YZ>MyjaGcd-o#X=li!MON5s3DJ
zNWsZ@LE}U|N*JOCyVdF7O!LpG2EQbdhJziV3*DnzEMS1zkYN#y+90OSeh2&7aJC6s
z!JnO!Ma^fs9Sok30s9{vu}0-PH>TkpnoZqGL~B9xuoL4*F?>>7fp_UFhVG7Wm=z%u
zji1C*1qsMFpfN<@66ej3#8fE^*EhU0Yf*QflG+3dNT;T(TZu1&&sTKeEiWh{FGxx@
z7YvZBY0SJqa1Lp!C?g1}$$Li3l-=s?NFxVt;nJl?5`|2>;Dh1_mrc0moP)gZF3=w(
zHdynuaP>_A`bQQElmm-9kdYnL>~pUTvWAYfwxWzzpbMv9*N|&k$*DeGUv)xbm+T`)
zc$8~{=P!W|L|zZ0#&Dz5^*T%`p@w)jxbuh}L6>Oq_?T7e8Avf8j0^ns^MifdJFIre
z4I83LLq+5+J{%EIApT7#_*dQun@3cF{D$QkO%S<@Gfm-BVu<B>DoP0s8JVt8IBzjg
zT91IT)?cuO!*S_R)s5n07dl~nZyF3gOdcNIb#DrGi<<bV?jj&v(8y1UTX*tWPaH6g
zRhXLn6Ri##7r3(PT@89eLw&G1R`1^F^XMPfx}G?ZfX86AuVe`vOeOgF`IX^a`gRkF
zWv3f`H#WMEyFYJ}QG0sKz6usn+~Uz2;*ePlD*|{cBxCO=R$4E{7n6%-CQm+U$neON
z&5%C)BFRIvv?~>)R`&dY#mO`^C{_%DlAS#lRl*nVDliO3co%Jdk5d12V`J3*LQlzk
zxu<&ScfQ{tGjPvu1Dp5K$KNM(^mSVC$l8zy=Dc0mZ)n&SNswkby}L8>^OF-7a8d3C
zp*#`4mA8xAYBW42yIwO>mEjD%br7WnvpB!|I5w{Wwi~?R=KbZq&2$t_2KE-s&2bMJ
z?KPTvtHapXKszB-f#o_LQZTp&jsWYzI#cBn+4qlG-XEc<f23c|X^Q*AE>Jk-EoS>M
zx90a!&udaAVUR?H3pCLO5-0LCzXn_$fCbNu|E(n;)9AZ4f+wMkBSGYV8_vTd(Xm+c
zx7Q<pLkDQu{iodcmM^~o*d7t(JJc~#3V<!eOY}de<vS~=m>F~V6&WbCtigoUAD;*|
z-m~EdT?TWOnIDKl3kDuICW(nFX(vz#QYf$<A??KaVHGG&(2JFrjNxz`gc#-y<{f`i
z(J$c6Jp36Gg-fViY@yE~)>X%Q>LsBI_`GKH+~-fv&n?EggtvdqS~3F0&U%-iKD)e$
zTFlV5=xNFhr6S}8rNI-AQ7K{;fJWyNXxcyuHeP3$Mgn+&4})p{+>2Q6c(B6gAM7f`
zK#jnwLI#2I<P}QKnp9(ndsBa)ln|7{!jElD7ar}`PNS(JVi%(wV#r7a3;PN^m!KvP
z=&=21jZVEL$4(b0<t|PYh!JqsyhBUMm6f?3&yDmw0MIIK1=NpAt&Yy2K|4!a@`y(t
zZUdAuzRm6VM#D|p@YTaayDInCJA2QFVV?hjkiu_c0mHHUfUWJFu^lJe^C1Fqb#<-p
zYy1b=ISvc$2X>VLA?`>{k5m>3mG!!EUG{Hv(OFQ_M32<O^odYb@b$#L-k$vr7XZSb
zu+7WTy()uDCJnYa?e~yzK?o-5ZMey+Wlwy7OA;Ve%Sol)af5fg!bc}~1m#IkIPq~M
zIto(VL8GZRu_T?n!|)61m9lC|kI@(-eA1dW65C?V_ms6JlinOIAmTZA{{F)gm>Q5O
z9(wUQY};})HwX-v;f`x+{q0=%W`zz;jt{jTvbEg~Vc_=nFmBL<L*)z~Qq-eTS@_vq
zL7@5cW#D@1l#6B8Ao!2Hew`fK94jD*$~@Cy0ltsEz63g8Wsi}Rp|!@EbLP!ULPYeA
z@#h$%aLt{&>Q2}#c<=5-LGffo^_w?1h_oOhxl1apP!m#O;1E^USba2jbkQBCE^E-3
z$p~rp?c_$S+Kilp!E?Yfq26|gV3@8?yR`=gR#;`{3?Fp5UZ_~N--HfvTKpKs-m6~|
z+ZKGt2%Xi4O$^8T#D)q9e9s6KY@xBYqNRU_sYxn+G^q;Ujv$Kj5<g>lI7@1-d+qiN
z)*_G?A9GTGQC|TTqK~s7kzC4@Z)L)fI;-8fYyI@}^j;SiUxbxGYJ9wpBnhDAr+5s0
zg}bR2>c>^ll{;mljo~Ee*D&cO+TdMLM}2(c!^%&FHnD6}hxf*mTkqSvB1V7fowm*+
zGfiR{h#bxYIKYthuc5<8-*QJtwymqcq<)P2wvpYz5mRm?4R@N_uYndbZu=!7Nu?qR
z?3CLc06>!WJP%gzjw&=p$Ezr`@z_#eGVcJ!*0)7|-_3-?e-0%nIhorgO=0ck%@$AU
zJm3%Rg#P;ImuD9JyL)jstY5COhZ*TDWFAdR?6XhtHgb*ha+|Q$p?dYXICwmekiiDu
zhB7P}a3gtTES(xts^p{)Bhk-f65%!CSPMe9ZWb+EScAKq6kn7YJeSeyaX^wZC|xM&
zgdWv3u!0|`@~2as*;M$i5a&ezam4bvBNNatPj9$@EmJ##mC=47t5^RA?F4G!om(A6
zPm>CxuJ-8??1LgUfb$aUm*cRS<mJQl=!e6F+ZDFum^M5-<qCuH9pi|$_s82Rh5Yam
z4r2<L`32#&Ah<9lxi2AA4MM&GZ{&GB@jA|+pdf-BEvI@11Ae-T4vbjn@7LeE#d``G
zv=QPcPe6u)Y5O`;P1B<g(R&Laiii*=@=Q411Fl_Pi^_84iWO>4PA(A<;aORP8EznU
zT>7#xu~NKh!~EfQ0YGdCAi7;;rcU!2oId0=;3#mR#|*`RYj=_yE_zL@hX;UT$e;|-
z@J_?1qxE9fX^vZYNNfNKPQr%(9r%RZ`i3Dy=IrYn&6A<BCi<3%iHT$`i|avKM~90w
z^;3VnLyeCGO`R{D-HVwUFUo~icyNQL04RN@L2y%8zU3?#pL49q|4Ddy8Q6-OX{KJ<
z!Gh;;;gJ4o#mc+&nNsoT%=;tN@Nps%=uPLwGHS9-nM};(!+u)B1|8WGGZJA2hD>KD
z+*6HaTg`{*1vXv@&=YcapX#oiNqQp)z+!84|14~6O-({w!!@|M`LRnV_$#Sz;&3XT
z@0q`%@<~Fbbx;V^pD|nBb1FDAv<%0dA&3rmSU{__j_z{MI~AfrCcW_Rw|sO&@**7I
z5#8++A{Slh#~vLDRTw=OX*M=>a1GWBR)Rmi=VsZF)HsFj%TmWMc)X9(n`rIPQ<E$o
zoPj6C`Yd8%rUq<IMooMG#!Sgw-Xq(<nrjjFU_~Sil3w`rkpVrPOi$$F!iXmLBIpWZ
zt&+Zts=|2dVsw8WEoH>)W9}L++vFa0ZAf+f2<_b)<a)2YqhqFAg_a)OGQr6(C<0C<
zb+nEorBmu<*QBE}$B^*%<i-X-AU0*%EngXbEH1c@z00yv(YvMGFs@^ELPwwC^X-Kj
zRzLbFW3kT=lag>FI9a~{@($J(fhe&@VZ?2npsZ_Hz>IqAoz0C63YUku81DsSXUk2S
zHtnJrr%%|+=P<*!tiy@l1|cd&`ZEk_*`2QWZ+CGYWoj>;C$#<rF5Tm8#dC6xd{}@N
z-{i$u55=M!ilD@ijSC;3T!o;LqO*USIebig!kT8ADDNbJI`AHWc5FIggJw|>y}%1v
zMj0F;MPunbZIb{C2uB3&+52zocHuJW*Uq4w?rogM$H({nnY$uLBKKkbrFV0aq0E){
zQ;1~tKhxs181A7L=yWRj(Y2m7DRTcAu!i?;=DX!mZIx!WW50g=(gyBG_#;qSVqQlw
zs!3)}_>^0Gk3BBDBCSWVxgn&PlVxN1khuxkqD3-wHA4^aAH-D@AXn>;A6W`5k&7Dy
zNlh!Nm#2`DlY03tNbeN4nhoElQ{GO;5gM?a+R!N?Ik_ZFBz<2r+k&}w5t)L$%~v;L
zCibQGTW<G@(E~k$n84#ay>{!?JkW{YQTGayM1U!{ac8{PKuzy4cw`kZzfMV2Fh}*^
z`6ObNlh?aNU~WIa0vV=qpb5KnR_}OxFT*%)^aJ%ByLnCZl=!UP(SYp<2JDV*Ob0Hq
zv-jmsL-YUS>C?LqX38rns%vTauaKLJ@RJI;OfZp7R{-4(raACm#=Y2?a{B~a@_e(i
zv)=}hjCTC_H~p1h%En^=m9qD-ERZrsJ=2!6m~0ZP8sLI+<i`&mULwv4&51f(KuLv2
zf~wGDgzsCLhF(v>d!lpkyJh=No;(>78|&B?2JCBFf<a0i8$~akc+aPo4awfw!hb;S
zwCCY+WXZ!co!Gv^2>^#0net)Y`Q)wQ;zWkNBl$kCAi!oMOA=jx2HJS?oABPh&oW(x
z9_8%0bHprh`+Ky%Xs)&bz)vrE4u|gMWWDoYXJk!P*ixt+0y$v^8a9EX^1tBxB7>)C
z+8@Rc@q+jxI0an7zbAodK8$^(%52z_@L~zR!g3-*o4ZycrZdn?!|Z3lw*zPp^YVY-
zkDP{*O3f5D_l|dgj{v%6D_la<p@zmEB}YHIGc-8pgMkfZ>8sj%6jghqbUQ`x*=uSH
zzDb;^Q1Mnq)ELTt*fMNz`Zzi=LI?uj9mrjTFRu$Ax`s`4uRncSisPXaE!4&PD52YM
zw_37EibZkVpS2gK>Uy-Rx1}NxN3aLAb(Nhp3HGtDNVVeGf_`vQuO?UH7)QjXm|UEE
z81{ssM8^Wu%btKYY9$HM0zRcQa$uQ=l!q65=;!rQ8RL()FttV4>1({0<;-lV|67-&
zcfT0w;2+=?BJ*{0gRs9Q5hxe6!1eS4=jH$meu;qId%Sga2**}jUKl876Z(()@FDol
z6(Lj&+Eox-H9-+Uc=bHA42y98spFS(v+k?nN<~>r!H7K&cK{w?LkIpo%1vzy8UPvc
zV41dFGlSg}VNKzVpy&wX5o>l_r^IXy4F#bGliC@Uv7GUV)1$oYzQtX}OaNJI@*p8$
zSW3DgV&()`ABMHNDQW=Q?t@f7*kG6w!K7OqW1ZN_@$vT12MFp27E<D31LiU?Fz`XQ
z+X`VlZ(B@E3}>i5!oQ0uDs<j2Tmtzn#uwAkN8?WppuQE{a3tnk&#!`RkkG*B^uhW)
z)!)2`GT8M_42wLa<mb@POT1U&#EQFcPH0_fp`#b_ie}83HSOvTsx9bJBDe}J;PgfT
zdKG?<%^NF-!~S_#M6E=p2>CQ<p69V(;GGcbR%1$Q_;E~gooz8E40VOUIU>w8fSs3+
zNMRzjAFoC1P_Yd~i3u2y*WyaL4-XW8rBI5up@$Usu`j681@7N~M{EJypc{Na<nPwr
z6El6hvnQVIj5tcQW!8ash#4BlWSqqR7B2~R6>j}Kc)07{(BPh<iaEx8n6l>0G%#I3
zd{DK5eZVTmu#WKkQB=-36L1~Dh-9V@<eZF}Ky<5b_D2UNj$#++#XMa7@EQ@r2gP}S
zaxKE35JfRsG+(IOzv6Sf^LUX~KfY!IYsZ8=h-}143t&-jf_ebSW+0406yLc$mVE8W
zg0>Ttovw42teb(`(?2?TF-`+w`GT>L!*g!oWy>-*Y()L#@cf~LfC4-4H)h;v%W7((
zm)^Vc-Ar=wkxR>RsP6f0Ps1qp_ju~w8^x%xYcVl_Xnb+@%m$)YhOL$T=u)*ZH4YRc
zT!3ch`qljE#|?zM8tpqR;v6blcyXdL#?8`bk(w23X@WJ>3a+DbtQI!4>qI8|c30P&
zuF-%}j^Q+QS&W#vTiC3Pc@FP<rKP32p8xuC7r|GpyupARg3yf+Gy{yCkfocA+E=^<
z{lOT&0_;{p44N<**3cLk={D|xS298NKr8_h{1zPccEN$RD&V}JZ_f%o3Q4^ob1blC
z@{rHIJrD+YYFIo@0XC`guSiZtBhmqQRjt%o=FTFziqY)+MZniEDSnL?!`n*1nKuFm
zY|b#k@cfS)InssVcLXITlGw~9FD~FtqUM`{eRX}kW0=-WV0w{6d@mjj)2I~QEE6e5
zP&~jQ(gr_xJs3oJ`pbnZ>6bM=N`yk9&gc^3;^bVhvVV5xSNiPkx$xY==T;hqM_@em
zj^e0@B>GmVuI(D=?$&sIzoE%Sso~tUoR2TT@QUi}6KOqcWgOUdV97#E-#2gCR6}Po
zU8JO?>jS?dv<P)mBPScQVcd7e5JN&tyXy0t&GOXmm=BYL6ZdoHFd|*jkZK$NrjZ`-
zkJ9WuXa6MTj?rq=7{g;@;$SnN=}iP6krvWo^fT@<hOmW?rtcpW1tN%9^$vu<boBJ-
zfNAO!aC58s@I~OL7%W@@p=TFJ!*}AgG;AomT%OcNcdQflfNxZJMa5;*L~8)K0)T%j
zO|!y$)(9v_eUW*ocIpr~JsKL=6?YLxmy?^j3RZo@KY(wE{nYx7@N?1=_-J*2I?KO&
zxsBP210FHlB(*gXPxHoI2D!{}YoI>YQI=ssrMG`i*&S--l-Rwv%a@e{jjL#B7dBO{
zbmO(}#yliCaE*$}4bl~(j3r+5@JDFaR8w=6!N%EWlDvD_x{Vu?agNsFLTTv8`1ugr
zP-Y988TZyTH;<~`WS?Zi?6CVVWx8Y8Az3Z=NuFy@XrtZi&LL{$KeG>Ds1A`d=4ew`
zlZf4DG+*SF>Lm*n_@W6yG|%4|;K*GxEu@4(FCevd(e9aQ8l;UN)<?wu9pk!)^BBz;
zE>-muBy9)Ep;M|HMVQYm#(ZvDgI9OdA6l0W#?gdX3nD?4^_I40?&RnzD^rYfD{+5*
zoPAu13s(#7;>(3O|NLtXTCMNz+2nMG4>_v=L|#Fq+qI?q=HG#(vFgQL-1C#ujK=CN
z*u}yKxA{Bg=05{R){ntazB1mklN0to?@h$HSpGB2{5}0l4I5PacQPew&kX_4`wn@;
zorUiUuGe$(gqRPn=1_m}kk?U||4G%9|4ZTKrJn~`h7XQU?veFmR&hLGuM(|gg&b}m
z_CR%y_vvH)fXbRIXG#|?QK1$ynH#@w3#@t#SV$ii_doaphDb2E;5*6E(15`+$@r?M
zs;W=@4lv|3tSXSDk|OYSc-cwQCuo4l@EZFl_K4!Su_I|_*|)XM;%b+amEA3qk&+S!
zYapa844Cwi0p)t!LaxV;uYhe9fe8T3@V{dhURa7<TCA_DYdksMRZlN?w>2)>8z?VR
zfQ50M8)}>B?%`33q18os$w}ch5d~&qPxc+WHZ}uXhHB8vUL34#5ryw<5}<ya9Xo0)
zqBbBV^=be{L2f@j#e%3^YND#kOzg0ocsL#x*oAu{0e=;FVk^lmL59qVy3u9d(3oH9
zNi3=v+j+=*lJ8+?1UsoCZQ#)K6@Z#BG!<aNlUqE=sQd_>oVDPf=%JYw1ExjhS(qy6
z?vPt;uNm!CT)HueacLsj&fBJ&Zrg7xwN;n>Zf5V)>t@=iHzJ)!Thhkd0kVqrp=NVp
zYFDV*_E!q_UZ@bq(Eu8lHmKkxPfs7czRr#d$Es8D+JPxujZ<h$83SQy+f%xx(v|&#
z*+xwL4BCzm8ounNYEv(!o(XHhIE^JeW@AC^sjaSIl@t^<<*6Q$u|DEeeOZ>hGm~B1
zw^qsf!HAstaI|j;HK}qVhYxlIDIJkVG)?);k6>KBTy(Qc%b5bWmSKfrOh5<wn>bdv
zC-x(79H^MUAu4NJ40ri)P>RrxE&{$mnz{rt7S74D@Pc`Oy6M&lGR(!L3>%~rzw{%#
z0s`XoG-Ss(oxnisDm?yCy%v?1&%sP=+v(Gf-sYHK05AuBP%i)-UAzz18X|KbG(yWy
zxI8XYoT%CX1cn%9;!W71a3OBqDB$Yb2yF}=<{sa-0)jwrL_5MH7Zepvd=q}=IboDJ
z_xG}qH1DC|p`%^qM`Q8|YgTFaJ$$yw3xbh=dC_#R^BQ#nfIY5&MH?C!5`W_H>qn;9
zg#XG&dJLNenj-Og1B6eioI*D19Qgq<yAiT!$$pMUh^{pDl%m$;`dp@94^47{AWSHP
zNJbS2p904{O?)w&zt2xU0hJVCkrml1lIWep$gqbi55w?aSBAGO%P!VBu{pqG@{pr-
zr=KP*iX~>(Qn6H|q&Zrladu<~%waIL2q2jKOW&EKD8>*#sV(vhtJ7qQ{}|5$R@pl5
zE+O_fBQ`s(B!#Qj{$N#{(P(s7P$tGHij7lZdERwoWwZ$Pp0i>dw7}Y^b_=o2V5UEt
zc(}4t#B@UF;~2Du@c`Bo`mZ{uyKPkaxO?d09R8S}D8mzgp?#Y&MIP39+%PGMK;5h@
zpPtU#?T&)1kpc3qA@=d$B%bjMAE4i&d*-cNDJ3g=5BuaDdU%P8Ft-c`S-Aek7-4GT
z?(f2*sdY|%@_$T+`YxXCslNpNmbwO`e<42~K+9Nw(48F}HK^SP4+ccO6h8e5R_ADF
zjJMIK+0efa;GCZtZw9(W%xzNbE%1-MaJ>`_V2FH;QUg$HRb_OVNYFlMngIJ(*Sia_
zU{6;Z$mzEh34W()Dp*Ue?4?QOJ0(v*V&Uug&%Ez(3=`&B<-mcF&21%{uiBLp`hHy8
zl-kJBPW1A&*$I1Ui(28~M861@5rgkRwMeI93xRb%XvdA2ei?m<AG}6c`8wuK#KIG5
zg>Il@PA3S^j;>-ggqLZCcV~GGmrM8_!IJM77|@3rf*j%)NSZy>T?~IBtb=<v&<To4
zm_uZW+N1b)ifU=@{=EfNukIJWwbIgwm=hXc^^+2SaD(o}#dw(yOGpj9fg;rbmkTjR
zg>zUg!WzUUcYcVQ`CtT`9ume&&TW7cU^?ADE+GqJd7<?VYCs`TRm+il9ncL8P<$wr
zh7Mn0+cNdjX!nB$q<*i!Ji`yY_UhmCQyCB6YdbO5DACf^=(BCDT7ojGEh_AH%3<L5
zpsLz-EK-PW&WIMB(0$n!SKFz0%kcq>{BRj((l9c%{iwCATsABzX*GVb4<OD<KLU~a
z*yXix4h7GRq=pd3!#6+CyppNfmx-tn;CBGE&JMNtC3-=ff(q;E&70DR`Up0F;}j@j
z^C<)$1`ba&aW5Jh_sCfh2^|W8JP%aZ(?BmobkgD?%=XEk2gb@>RxKRUXT1Q(N%FR#
zRWQIwjW|SevD-1sq>j!}9%m+4su1a3#^JX@LBVi+^&cv7Pey<s9_ITz=fz0QK!>+K
zYq;`)39DdAUt`m$E?!KgO|x8+n&}E3lSTW>VpxmA5$*JM{KhMzPI!-C5*>%NrE9rG
znY|aotb1rzns)}P!Oz4ab<ELW0{wVrH?^Q|?~?YrCX->lCEj4V5~D6+69&-lAiiRP
zR171>f`h0y37-hd>J?C|`qJ|_b8W#HA|7>QR7U;*`Y<OCA_Rba><gUO=%=$rcXIuS
zTZo8AJj|p1tp)G=eBg21PYH8ZZZ|Rt<FzMlz&m!lz->Z)8xlt%hVtE4r7As<{=U#l
z1uX&z3_;5aerQ0sx6xSib}1&v@h6aH18JZLaf#l2OW6-|3+`dy1th68#p>yXLI?qt
z!rvG(o0s^rh6;r}>@}a+Bg?2G%UUKF7W{?Y-d;HG03wgdWqZxFqD9R<+PhJ`>3cz~
zaDl4gDQ{Wb4?{sov?XCQ_fqPEQKh;vGaU6nC<iig0H&-nU4_&eoP9pX7$Pw}5KI=8
zmd*l0DnaWLY7JYEXU7p-@G9brqf>nfNBp4$(kkHadkJf-DwdSPiUD+SVV|rvU=PH-
ztZ<CO*AIG_F(+AeK$!hn2>c2<6OvQX6byBT23yrBt3zL;88F%S&sH`b=gaD99wJo$
zqBbg}E*@@!;G6C0yJ4^l1UpdTFb#}y*zwZh4;?5({tC>9r=vyzP|^l+CMaixjavwo
zOz7aMKRc-4gOj=$GkhNqY{v##<X(@+SX-M9H+8bH)(ISxBZq!Y2%k^D`<%NwF>()U
ze+6)oLonGZ>M>KWjfOhV5dK~&lojjOF9azKNCVijKx!Xa3R#VXS9Xpwdb5eKAyMYR
zv|kg?gg}9ms}T>cRO4>x8^5>RjA_n@6Ex~ZkW50SurmF@n8>1nK5oGcs)!YLnirj;
z570*AWAsAlv8TX{Pz@1afP;c^u)Yn)4HpJvB(2@=KJM&RHey`z#&P};salpmW4f6f
za%u(D%I_xHO}3z9BT7&d1P9UU#Gndap?HWDiPDi10edr9KjYY(r!DhcS3}fJBFvDZ
zp<b(+0VUk7`$5|i$fKe-;uN&zN+rotWhj&2Q9FYYv*D-^8fF=3OMJya7%atu#6zAm
zIhf!w-HOB5sZ;PE)8G+%=V<8TFCN^;uF2vq^xhMY9cMkj_)s$up2sqBwdxh|`mTS_
z;Ix-Z7h|9F^Mqc-)KRb|$4ucIwR4n|X=(IF!UvnP=q8<tM=g=lkjZ_9Ql+ARu5SU0
z2fYtCn?r9lwm8f!K&g&5wUt*`IOxn5_W;R(T3~$~6ts$2qQ?D{oF7-CSA)z;W=kk*
zaQPA$%UO5#^MR}S`2__0iKrZ72#n5QZ>Wi$f$|ka2A-O#H=0k3rRG^Z9sDzEiTrXw
zmZb8KIX>v<4j&(7Hg2*Viw+a+iK~ssq=6^^#=%TruoO70WD-0CtUkwG*+;iuTM1G=
zx(l$t6^MB&Ncmq;ykK0_^wiVK=1mJP8(@9fbN=+<@cQxi=G-;A+&|j8e++%V%-)5i
zZV9py(S-)UtQSi?S-i=P8h^+W>W;No)}go*?_y31XZ7IYHmk+$m&GM9qO*o%BqRb-
zy_5K!a=$L>)pH4+2$^X$CKDps-VT7NCUGaY=!<1Z8=I<YF}Wj;s$kv+w|qY^%;Pa5
zCIX!Tx88dj=+=dv7Ej_EN<jrvfPWoO9|6$cI4JdCOUdl+ZaIDW^!6=_@Ismx6oGd(
zR4x(s6?5zoi~-F>f4Yz%e1eJ8yL);E?lAu00_+mb%)#xsqd8y^rqG$KMq}YQ^o6$F
zaa+&%<3#2<%1^<4aSg=IE?bDm;uDWXv*<^t@`<#r9$NE;4S69Vj9^+)Yw!03<BW+n
zR@C&XY4n(VN0>hgB%gYNd?*|BMX*;fYQmzT(6&9=oV{*6EtP?*#Y}A9M~0=TYF)3W
zH9R+=m(OL%?0*)sntL8hyVsw7he<c-34jgQfV<UM@e2hVg@SSXyjUr{JkF+QAgf{^
zabwbq2zyb0&(nO~sFL9pMlL|_as1DMq=iT{DTAQUwV{n5WNc`Y<v$R340vrsy>1?V
zQkn|IM!}$waBwtW3Xf={O1tSGf-^eK|GiapnK<B1KnF;KEs#aS(wx_8hBO(RjTEFC
zKvM`;kQG>vc+Fx^ZqS^(bdAiG%b0NfN&h2`$eX`B$#Bg=hvwYW!KV8*>Xh34mYDvB
z&-%;Wvzo*a2&n;TAAvqeT`qK{;M50wgrtiREd-{`Hn=6sa~((?;_A+f_J<h0C>8E(
z&=+AlsY^XKLCNo_{(WO3Db;J;)>Mz1)4jbCjshv-ZiP?06RqIDgE-8s)~#D7kJ=2q
zwkR?UCw41QpyHi}noJ#^JCGBAljeyN4=k7R^N)7weeipXS|4AAJZNE6*Ohe54+<)?
zb6hd@Yi*d{5ZAL)SiS#l(U&j#oi_zBrKYF8Y0Xhx|9fF%Fx8zrn`T;5qhB;tM?Uo4
z@NG)cl%|lMHOkXF<)~MY)iT#AE+}bZBSX*0JId1fa)`Apv$AHYQjz7j*E+p|b~HO6
zVl@<n{d}*%5;`^TWf>lV>A7M9Yp`YJq7<yp+-s)(4XN<B7%=yp6S}MC0vc|tRiz?}
z{yI>4$V3bJvVN0BBFV(w8D~OVco#|`)H_$3KhLp3PHPb|SOGvRUe3n?*8GqB;rZf2
zfWWa{$i-i~NOm?kUZR_*sO+U8Nd_^IG?K6~f4EzBeEa6~M)8lXqtiofAw_T3F45>p
z?6lRDO?fqkG~*bKKk0hn@YP;(df-b4NkFhFG?_dDlYYxdY5hrsdNz@hMn>N{gfg-8
z$}*A(=X~?n+sgp~v;QQ(XOD8rB;k7x{r$a1Cc%1_5x4MvTx0^1drHSs=B19A3GJEO
ztfKNeL=AIB;+X=;Wb1raAR`Z8LBM;h)b9vVd2t$$8OW3Td=3f}=0$tlm*KMF=2rFk
zX5BESH_dF8&Ru1C3WoOg?y>h;x}QCZ5|v207JD%?t5j`KDBDsMCZn~?m?gEC!C|CE
z>{1-SkMju|jRQOBt;+F&KL-We`{m^HWeN-1RsO7rT9aaO5gErZqRUkMv#6Eo-J>@W
zdQYZ~lv>6`YQ;_DOBa;NSuu63E52FZZc;DKqQ@Lo#pW+p*@Gg7H0r>_C=q&>(|*}m
zgV=_rN(8i|vcbmpCsn`=mqNZ;kbH!R;1)4<guFsoy(}ILbl60+YTqCjl0-JySoQ<c
z3`qB869q@tr~HT4rNzXigMy(6egydf!oo;U(Y=?kC8}yW?;`b=6D4H5>TEF3C6>m_
zoN`IdM6U|=+tn&F+316yn8yH;NA%E&=t{gXD6`hhz~EYF2oGiE)2MGC2VzWO$c-u~
zYX9ONWOW5iXzNfPFeFy3dV$#*W?%djnSaRp$1#AhiGPa;J|^}H`1$!nL_z`ND>eyJ
zzz4l{`}P$Wi<1NkGAP2OjAg4?Y33zlTEQyl0IGOrBHByZ;szTdn*U32^AiK0kYO)R
z&luGI%@PKMV`6r+J?!2(RorsF)drZGVURa7{-ZZmJqGHfu%G_={d)j@ba6>Z0zf-o
ztE3L;-wQM#XSA-2ZfCQEUfe9vJD!}*zJH~~_Wp>7z}zJwZZB;`QpZ-$3SuIv{eKTs
zRuB~T|Cn$Qi+ofLXhHZ0YXX=Hzz6%n<JE89Y5|+UCFzfw>?^7^QX}D)v()Glk3o@N
zgD;EWNXKmM73c|2B5#M*!0+i!*ZigMmnuS441F}==n$<qY-wL$d&l;PMbS|Q@;{{N
zGLvd~gg4A37RQKL$6Ap`Rt126J)>VaCg=cy9t~M7_GC)Ww}#urWlO5?K~_W>Jpz~D
z!HfyxxmLX!8%OhH%}EPzFgDKZgPCwMS=*I@6A-1k85=lx$wXL>{S@nD9;yRtFxNY3
zEhIjK=MITaqQRQiMMb^@>KJo>jVYAluD!q6x4JNjS7-mCv6GFfG5>U`i9fG(7Ry~}
z_)1_PZ->9<uptg}1q@bjd-EgoPRITk<c-~<<>Gh3s@vxNZ}H3sU4Q@nf>S#KTfp@Q
z(cj?s(8ZC;*Ud_d<igMe#~<TT0}UGIh0B*`U9*Q+WF9)t@s9ZvkbMa%(~O9)-OKV4
z4AxxSf@5dRs#O=!$yE{Xv$(_P5BLeg0rasNSVd(104@aoA;<tME9Gt_3;I9OU)1Rc
z#*MX3R)4s@hK7jO2;a;ZGkCA%GNGbQ1)++d#LzG;T(Tr}&l$<hYYQ0Bg>ku3d#MWS
zD6OWcqOkoLUOGwk(1r5e5J_V2R8AS*9+Md@H(u!oO=tFS77sipG{~S4!zjdg2?Oh|
z0fgAl7Qs4n7#E=<*hRk5Na}@8I+;x&G1n3Oq*Lz&%*Qbwy#0p=*xwHyd7KbQC?O4S
zNtA#3bQ2_aLi~=naU<Q-?7>760)oMW%XoMjqsr9{DDT_D6H%}d!aH$k#ylL~8Hd-{
z2YZhX+S0T;3tFZC@iwMKM=%46`>Ty;4@M9uM@W#U><&3Q>w-PHP&NPh)vIbUmboid
z-XZNN6Ahy;0HM2kwA`C`extJYgK2-DkMuT1Y|7NnWD}-E->V$&g?0LVq8RMtc^|Zh
z3yRFv_mDg_q3`4^@KCOIe03u|_!?c-Jd0jm5nVMjuMOuRS`r9sq-vKWLwE&ggbs3j
z&W2oPD*iY6zw}sK8n;W!(ksW#vQx~V5?fs8{p~n==c`k^-*5ODr50n;Db4SY3c>vc
z4s3)@r*nN@-1!J*K5di#i;tnL$0tp!&Q5+ie(Kevc1cnH-u%H)#ehkDp(WSOw?wu7
z&*=o^eQ5kQ6CtR?7e-dY2qC+!cr)W=fAw#DR>050FPmIwE@*`;UIzxw-|4yb2Ie7O
zOq7QM%Ky=J-P|Z}_okzb)9lxY^k@I#KS72g!KL>!9c)CE7bJ9E;t#td<4n0N5}Po(
zL1Mf(R=0HH#WB>Q3lhZmj-2uo9@}-NF~x9@>Sa0pxvk6a?2awpM#P8CWQ!#Cyu+_;
zg0Bvhar_;*z}#Y{WnAufLyO4w?b}a@=Zwx0dYiNDMbzW3N>9Y4k7N$^>?~3B^(t-@
zpzgIWby#8=s~qQjxiMNcLET%`S8?6f&2CbMRwi@OQ(xnn8XiA!YL&11XisG3{O|MH
z9-r<%e$V1z#hwd)hd-}c1^J%4Xcso<USZsA@r})!cbVH-l-+vp)5MTuj<>Xb>??Mg
zp@N#Gnqi?r1M_=Z^K+FSa2~Xml)QhehVo_Y9-sZsi!vvEuHCD2*T}g_&?oLe(Vr*$
z`zLgrxaXHQ+u%&_=4WM%<mD+omxB%*J~+R6jYRI3w!jyek2t5^F4%TMk1w};#<m-~
z1{){)D&EhY5wGdGPI(LM%7$M*5?H=7s~kHU8y#|wEo<)Vi1#`sD@2==>DaKr_t`{(
z`r!V;r83^ECH<HJ;PaZ-r-;6`bKU&xTh+FYlfT~m=r$hj|8Q44`VPLS!HJ%=xyrQV
z{jRPx(vow&Wo7w(sw$cJW^6z^z<1h=n<}%@K_nTLKY8LjyF9!Lgo$qf^HU>f8`f|>
zHp|j@dx`(aWACjw8(jR+x>YeQ86F%wa5meV!`Wp(CmnL*ru2a83JOm)AM`iu`Ii*~
zKZZxUxcTF|xn}mv&*0AYOX8K@s2C6%sZ<5h_F)^amo|5}F45~)_qx;PQv}mz_enFe
z_3UnmHF8!(u~9NZlam9liffIOTWP5(UdlI{^IrMAy>){1`AjRXU|@lweOgIs<72s6
zc-7>jue}Vt)~)jJnHKmzL~^W^9s3bt&14#mk4SpbC$HptQc_e8P>g2J*C2m6LZ{w3
zN8_rJdBMWN$BvCFt)RqmFTQhFFIbCVc~`5oy0db~86?dI_kDhWI9|EV?No8PcIZg0
z{^ET5>Y_VZ^KuK%^1YeA)CW(*(t2y^YeqR1p2MqIpT;}*7fMEIr7r##4da(1G5dM0
zl~d4$nMjF~0Z2oo?Y`STxw3ChJ3F(Z#n!mkt7FH)PX&JIceUo&<kMLdQGze_z6xk(
zAj`&Mcok*E!A5C3^7Fk(^J!D4P&=#&_YJe(-bzt$FxbiLaIHst#=frlIh)yAeb#%y
zCx^yZD1e*3ggL3FJe7A+VmNCb2j!6LzQCxmP_d)MoD{Xulr@Q``nftwf($^qX~M0D
z(clvok(|dzr&B%!hG+(L9Ewri6hGK)oOibI%a`N*jq?^OyV*Vp6?AuWd?L7H&d;6(
z!;|C3$x@Ks>#vf&r}amH+nTEK)Immrkm4*kHiMf7dD1lndH=pHUg^6|4Gc|R$Il=0
zy7M*NEI3(G?TgY1x#=rPe{Mc1v{CCVZR64r&13en6&EkYa#&Clk(w&+cIskmcsTD^
z+t|@o_8t4`0}Sifq=4BSj~*3qTwQjlMs?%jtK|o}TVG~qL$S=srqbQ{QNo)SJbjh3
zM+St;_^AQ^Ih2m1drpaFM>#30h3DWMm^Wr+3Y1lSSmKRJ;dRVL9{sTJhC?oF>bWz^
z1xg}+@JxMFQ@{IW<x0MpJ7>(CS<g{yb(7NLAbvvp$?=l71&Z$kH?Go>i+-|eR?NE~
zjq*bg#fSD~>2}PYb6t1AuJy&+&ZiiPuG+?@pyqQag_G+ulf{y+uNg6#`ME}R;Jf?T
z+dZmoJ<se@dw$&MF*z(=WGZzr-9(Vp8le1fv91eJYAlQvu)6z0db}p(9ey4jp$(PD
zX2&sKoImT@Z|V8iGk^E;zxJ62L*;gwS@Ke1BZtcQl$@06Wu&G?^1145uhdjsXuhc=
z8lts!SL3mwvVA-}pC*UOc1JgiDFhX{-dMLIX+e~djE7Ka|B~B{o=3kt+#{vX)()j-
z@tg?eP^j_;`rg8&(d=G2g(9`}v3X$9$4x4)yuNH1p>?l*Uyz@GL&fymuhZ_#rRwUU
z19h|8E%h%?g>7K<m_|tN53Yb%^|QcVr}PKfw>v(nXB?S(Gk3i6OiEseQvI((PkwrR
zU+(3RoWgmmno6U~Pmi`YIH{PDG;>e?a<4QXw=!(T;s`h@jgB@^D0XTTlhM(l%z34s
zWaI)05;)%Si*r7fJLSJl-oX6F=2L5SBo%$`ZQ@vIpv&DC=fU-+p#k}ZcPehH2e8h4
zsOCxBb2s(>arfTgRQLZM_$j5*kd&lQ8bXpJrBIQKq9kM%x2#B_WE~}&D6}P6*_|><
zMn*Kr7DbW@nVH8KzsIX_f7bo|{rkJF-*w%e&vlQ|Iq&g&J)h6V%3nq~lCb~CxWDk-
zu9u6_jjWsV#yY|tS*=o3?oxom#KFKoSMx7>-xoSg>7=q`ypThE<I5L^WV3^3w`xsJ
zvY*^)FXeIlNU2m+u{KfQpqysXKV)iJCbY^s(L16me;K{HXQ{b=PUgHf@jys>?}I}2
z=lKd@@w%yX_gD{j<chkCmp8U~E#=TlKX2wHFODUo9@lhw<#iunQ}=xa{+k5eD^i7+
zrmj=;BO+pLY<Im1T}ttOIo4W=&-UoYhcn))K1mJf%AM~0>f$%+Y$M?`Rh*ps_I*LH
zU-07U+A3}|geO;sYd8tgxBr+!SKSlWUbEV@Xt10q%-Xk);@#~tqaC#D^{RVHSuaEf
z%hC>8GumgQGct;plDDrZEIktx^f4mx!i`e@Slj{1hVMSyM_Q7&H5${-IW=vdcqcwS
z+;b(kvU?F9CuQxeEj+ngvn6$kwyj=W;<mZ6lHy%nqZ2)`UDbmjop$_q_~Q9@<W#k&
z`F~8J!}x4+{jI$(hwgiH<D_7LX!D(_N4LLieJ<4CwB*hKA6?1)Z8keUh=q=q&#}%(
zE`Il1ZBBFklDI;aKnmSW7f0Je(-#t%PpM-Lu7yKfUM$9`TcH6Iit)SqQ=Ihmr@?f6
zc|`0QiP=}-ux{-2E`~MDz^L@Z<mu;=!^Izloaz|;?9=z=HJ<4!^B#9y%Q4ll<FmSl
z@M6(;=6%~mj5Gb^W!<)$VEZ0}8n5hlUyt?jOq*|G%Ax)9gfG&iiptJN=wW#;q1w~2
zPkA=ig^_;d_(~^*?eYub6qO2p%=7a2Di~b<JKd?AzjlwRigVhVDBgDQMO><3o9V)5
zKC<HWruX(q+0}V}S%1N3x6mFe`FwG;PfAL@sfl$C+*9E7z53$@^J%Kl+x$D69&f17
zxKQ`b`?tw9_p<0D|8Nc8@XW$pZwEV6WprlWv3<l&vMI6fEIBWI?Cef7NSBhded=tx
z!X(XqSqUq=b#~yMFpj;if|QM8mmfxm8p%)lRXwg<?|Ls(!fz3_pitq$Pg7r-|J9Iy
zqUvAviugs}i{oUHrvHA85y9c}F?OpB*|HKx3g-f_fK?bn{JN(!U}A}Raa**REyHB@
zPi-~?`myoxW#%XOhwhZ=>*$=vBm~|v!h>(vKjGG3zFv)~5-0(msgaw<!;F!8p=Lin
z)#$(m*BTMn1j6>}d!@l^9j_xtmM8ALZcZDLOvct_Bgc;jIFsJNoO^TS<-VPPQrIye
zgza8h8d)*E&iODS!RyM<S0y%4OB3t7+iu-r$i|=|2b1P(u=j3-C*zl4^Q-E!ZZj$O
z>TQoB-wWEe4}xJYIx)Qn)+TA^8ccj|Ki&Cq(d+1K*z63`oY#g$5?u;V&k{`e1K6rq
zAW#%&3xc216O?~nB!#ELrZ$(5d7f<;3Th@-|85nP<*Qfkb_L1VbbMlBRwgWsh=(2)
zOgocxMF86X>#J>cKvp?OkbWed7encJ%%<R3izTClK@=6nLyV8`bUK%kBEF&*gt3y&
zS9Aw%M9n+}v^ofVGtt=duG#zcrBnhV=Tk?AH2f@xY0%~7J?p&iVK57WZ(a&=hs?3p
zZv&;2l!P&15-(y1&Is&4*#R%mzcyZXv{bYEDQP&u5R3xT8Ur3Iiom%%0usHowe|cO
zEW5(=P0vn;d4}WZ)8$wiA22eK*!tlbNn-?s4!XmXf!i7hyTCXe2%|De*Np@R1bD+n
zF8N^6eeiUj|Mg&An~?cEYP>bfodMyrfB!xQ8%yHMhn-(_P*u}-)JCrmo}L)uyn1u<
zToCZVbaczyCB3<jsHn}6UdfLzA5+)%>91j=3WKOi%Y=_G##iW3X&n)fql;ULo?Sdq
zUhXf(6t!e;$YBd@b(#h~6+}auKy3&IITuDOD>iOi04vzb=0|?MENQ9V6l`da?UT%-
z&70k%%HG=H?hs2aMKoK)9tCKPZMLCR0U^qOBaN*&klFmo#Z-$<n0i@&rH!>p8Q}i=
z5QDFfgb{<v1qjxCq=mLPQV7QyftGOonQN-PLXVBuOyKuRV?1G_j+E#tjkjsz5tlE+
zyDF4hahw7UyrYv-37{C?VI;nRmMyYj!+gxja3n2(glh@~mSoFCusEPl0%odQ0BZPx
z7MP6Z1z;S}%q&y#T1L3XU|$(p0r_isaz@J5&JH_R8dx9m5|(a6LO3kIi5#TF9k<nA
zBcTL@(Y=|=i1_GS0I^@p2fux}2+XC`D^H|R<C`9xTnU4RbHs>~eDL2EHR&!Pp=Pwf
zmA*7qAh_nRO2$r}2Fe1kYh}?Q+TaIMPfrC9cRs|9Q%WniY4l*hnE0$BvBAJl?t^rY
zL{{Xm^>lTYW5o!dcL#L#<WGTg^_HS%Ua9@lpU3O9!w0rOeJ+B0JnTB(x+!hnehc0L
zzKtOAtN`Jq-38M$B3=`iU$XGxUWJ$@B*Wq!11dzo$X5pB<>amcuD@4UXlhr0+k(v8
z#&-@#*#pF4;L3zSLKOHcD<3oP--uk#{@nv#>?>h(X(!(z*PvMb3C0ugy5eGTa{6jT
zz(QaAwGpATt9~V*g0kTJ$vzdz!(r!S6sSPTTX2o+oVV$G|M280kpbij;fE5V2v?L8
z8z?2~>graBnXD_6Yx9Wk;}%|@e=#&P0lcm1&u&?AxcG!)y6u*>2Ae-M26h%87Q2`9
z0FViX`RG9N&$pzEzb7U!aSeW0B;crcyhgPkj$CNe8PkTS{qh2^dy}vmPzy?ritX@^
z{C(YN%oYO=mGTPzt@O;e$vrJhIq*k8*+8-%Nu5Q|wund&xVym3W}SU~mhtNa*()9`
zAqfnPXX(<}R#so<MKj1o7mvVvxVDdvyWZM<R;S<1Ji<sof(m%IWC(_icdD%&dz)on
zNV~bYalL{K$RjvS!)p1<%@d^Tps+lJ?X}ZSt7TKui++Bbdm*fRluZhn$^{rFQ+5Cw
z#s0sgedC)>6bl5BbK!Ma9`Ry6FK?WS`%DT{C9_{)4WxpUHsaKRQUvNJF^X#Qnv_JW
zD3ajn+a+e*rn1fwn=()bsuaeI{fC026Q~Ytg`uc2AoFweW2<(DJR2bb0!2FIVGI4}
zNyy$tg#dWg7?i0XHu;s%589Z0XU4183~j_qt6xlyDkRr+={7}mdv;~{41QtZFW;1C
zOy%S3Lu>JB0+va)yzLS3^MpNoqd`3wi2f&-?vw;Al5o~L&ejbYm0`mb;%AgNULM3q
zf;&xv2YYlcgg63o$_;+U(l4>FOz^yz=(1Gj6+kFrjj&%|Kk3xcAcIM@KoTTfk}jA|
zwHKDKQAe=sIutrY(N7gAf!NQb`<_m+^Ocqynn9klgM$OHIR*WB0OIny;OHQ4&D_76
zXuFK_oM&BKZ&G4(qM$xD|4PkikAP6KgB4*0?5qM4jrCWTh8}7gcd)i59%LKP3Xqt*
z%N@3_ng&Y^m<d8LbL!P!vLyLp`0-XBXNNyvcdv9||Mk1RS~IzjPgg2awLNY`xKR(>
zL__xV)O+{d9<G2=0a{|BJRhjhlxoMxEy#s0PT6m4yl&mq$Vg(n55=IMcxmJilffV+
zd?3Gm3YBYp3e%Mfo5Yaw?gio#4l7_!0wHgp*G8?_NMA{`W8R}-Rij-_kMm2}3h9`z
z&Ys=60CVb>FNp`Q>MfQsU3djj)1wv^9570G(Pch}1t_VC#6S}~BNwl-;4WCO0rkUr
zKj~1$R<&MX&yiD(jyu3S$!`7%ga=3A73XIWk*I;OtU>65KsPyj_<DH82@x%e$*-u_
zgYQpO9mP+Dq(x4wax}i7?d_nt#-!%EqEPA0it;tosHiBkF?BbOS+m3Q*g;+22Y&~I
z9h_N2N1A0Iz=joI@%9Jd=p{aOa8W;CViJm<ZI{sBMB{+d<Ss-dVo~oeRm9NgadMJ2
z@8sA4NNt|b_5kcHaEML;(oZlMW549i+#8V55grw6jM}H2GnnKLZo_59^GVF|p=9v|
zEv5sv0xrl4hQRZAwN^^10$&y`M<F2jeL|9KZ8Hnz21hI`e4ta>w0U#)YsLvnOJ4}4
zj{r}=_lflAdV<;o292*&;rP_2OkrpGZMqZi3PLKvwI?z$5K5+lf=n(wf>=0kCCH^G
zK4W5|eIg0eka{VkQJlyh<V3Y`{PKDUvD>84XqR7J+2|F&p-u@M0zQzct*tmBzexrn
z(h8y(<)c-2N$w)76Vf5nj>V2}qS9hI_8n(FyQpp6D`m;vT;4SPO^ppj?OX^d8;ty7
znabTqrTGv3;R3KE5+7D@|7w}{*2q781`3AQs#RqlKQG21bcfLQK+~}%J8oFs%JO`G
zu)zj+0I@W|i$-$c)7AL``?Pg);oVcvvRFb1{$XhLRN?AD1Qn1Q=$e>F#!u4e3n<Y=
zK|x$13u4r?(-;kbTa1V$&*#2At)H;GqWNH|t~k^Pg1{ZoCI|v*xYm$ilDdf00&92(
z0~fgmESHc4qqo4SoM=BN-=bYNC@IC@>4lu5EBbyN7<bD+x?GKiT>ydi2(mZ;qY2+(
zFhZ(Pl-9y9hNuxhG$YPA>RML?%+Q|#H`l!QBu;)CkLaZ=mb7jWYPBH*T+nKS>m<j6
z_d{HY!q;#1N(d3QD5EDOCi*36MQflNN<<fF_~5U=N|jrF<!3ZCgIhfx_KsgFX&O{c
zW0_Zo(tb8<pH^;ERE!^OLx1b5E;AyXMdfdy;-nM9=LrY^cUc?Vx5&>8|3N4w8&1o+
z|2~+~9{#1GA|AyBgBC!DJDr`Kb7QugegBHOFhp2M2v5AhV<*d`ngkqaPti=%Am50{
zDb2c`O1)+|$SVHXTnNc-rtCj-$QQ>i52*cFYV*U~C-xenZ6Tcqo{iJpHK)skEc2;9
z^9*TwqUJiX4+KR=ziC@0G&Xeo5dd|<QXomBC>@f>>gHb9s`M+RAWlQItSZam`+-p?
zQU&&DtE*SL-Lg63{<h=y;Ba_eOxCYM7NxR@<AsLDqF;|3em||Ru`7ZPPJifLvj*IN
z#WX#z3_g6mCYPCUtZ!Uc7T7PyU-%1m^2)r5PkC+(rS3d;_OahH;4PtK2}yWyKwZ5~
zuzY25Z0r;y=w6vudK`zjG+spqDgC(WBVZ!JNegKieWOGBiYFKU`e<oS6m&!-`6G5A
z_nGi5vTYCLUM;{$F|cXlub(fyCe*RU9Cq!lol*K|1*XBkj*!r^v$IQrTwGiT@Cb4*
zbO(-@sG>vb>+6rAFGP4sKtRBbLx-Y1?<mWO`G;A9LW#U`1x8=9*jrB&gc8Eb<sr>L
zvvnk(1(qAr<mBW~?m_?lgeG}co?*HwN(lfb;)Vvwxbr<vR7e_(|F&$~M*0cDipQam
z)d0eDF)Y#ta5L@#JS1&4istG@Fk}8}EP63`-B5`(6k5*)$rxUg&rl89J34&e0R;jY
zF{MX(UA35~j0`W*!13HHZ0)%?Xl7^_L?m-S@&s)ci}iBw_fu&sX&3f_mcq!<-?yAL
znw617Qc(%r9SuIdN;+Ew2VpES%Axx;fT{^h?bwGjXoA<76)r>TkDLmjE9*_fx6Y^a
zHsUhE;{>Yzb#Rrwh-3rUB~mCj^>?VinwLVE&l4~cQtDsV44dO^CmG`>J-}NA-*gu`
z<vQE!@Y|7*7ob)17$}~B-{XzB^Gjv4#A8ol!iu)>BNSKVFkAJ5cn)Z~>3>Z=+fh?i
zJu@>h3Wf{_E!161=ztL68<+8Ud~bS;!G!rpCZc>*RXItfIfBZG=Qp%jP^)KY9VU+Z
zxDC!iaqpr!%;Kt-qsCJwUYXqiOC&eAZq&x|9{U-+qK>I~d{U?R&uYc_trVz`d*Bsz
z+*2L+{hG(dT6mn%ORG3Nz6Cp&3&U_E0q7k$AdgCmqh)n|CCp7=gp!h(DJrd#)7A=>
zlnn?8hW+rx*nd-e$)DtGMaA1#Hrzd95~Z;lFe3yPzGGk?@7{Pl1gXiZpY;Hq?JpR+
zJ>UjG41`u`*_C+o#NaMbGum7Ma|=#D($}iD<MT}OE@X}xrH{Qi@bmdm`ac_N8~d-A
zp)po;;cFT8pBWi%gR}k5pcRq3xb9Q&iX6JzTcd$7pqpJeti5Mciq?DP*q_&1T0|sW
zLK4WVZznpsy9o)?!H<TC!*oMKLwF5H#m|^F?b|KN5_#u)_qW4s(|VJD@srd0hRXsY
zd(EI9fyvxCkO)XrfVsJ|!-);58eSHI!JQzx{a0_VCLtxYM_Jit!<4waYka`N3YZC}
z-@7!zw8eW4VP~Cf44v)<L8`KyiE@Ny&@+T!5M#oi^1ETlBfJu38q7sp(<x6YE4Az%
zGe5@?x<Y8EFN(a@Rufqkl=0`WRU-aDS%PyeH7n79db6)Rpa$BT*-riro-%MZ6qVE!
zkE-05eSOpY-p*loCtF$A$E<sMBXgzp(hWIGJg|J2jn|5aP2o9;lkKhbrpvjKtBYvk
z&xZc7(N6D$p@+$%tiqA1x(dad6J{8r3VN<Ld+9juW|kq+GN)q<42tn@abfq#A>MPk
ze!QxxicIsk?qoN^hn1)+UadjaWdG98qPRIDN=NdkucZ~s=+JQdJOubH(iGAo`2MTg
z1l?*EoaEEe_Nq0?T`~pH?7lIYb_8*Q2x^ml5Ya3UE~k%`<(Q$>!#sqS{OOxF`;yZ1
zpv0tPQ9VwtDvBLX_;Tjt$zu4D5n5CJaE&JE4=IEbkHZ0M2l=zjwT+4xzrKBVlB>ri
zT|P*GZkhbn+8PXmHNc@gvRc%LxNEMz+GAXB#Fkn1QZAd74nh3DYndu*lLOUy`k`!~
z>%@Z@?63-`$7t?j4wR?3zXMO&m|8mDb?6oI|J1p<f2(s^hRd*jA<A3OGzs?<)R^Md
zR-u3F+Co7f>VTitBj+yk=nLi}mI^$hbQkbK{RjuFKs3h_5-~_uXA{n__oR}6QB2U=
zhW}_oxwJ2a-#|dP&d@(J#*db@{$FiwP2f(mNy<-O8P|@vpF2C-!GLedvf%~Q!lj{h
zj|Kys^+p8G)3D$nupU&3uD#ifSq(I}TVXSJA5fjHo*q~3v1@T&=AAcns1%Y40m7y)
z%tn2Boa@KWI66XP9W&7ACQ=0}W=uhsKV7X+@(UOVOP;*iG@6j}JC`}6%R2f!k#`f<
zN3MDE)?k*rf%p<8+Om?*i)CeHH^DNx`@<7CV%3M366ZA{#_$KkKV3$5xLZ|K$HgVP
za+Lr$xQo~9JB~7n^Wbw&k0$I9HXVD-4=bd*7!G@mi^6;o2j?vBhO%qs6VE;^epQ59
zOSG!*T3RB&2m!Yu;Kq#`7o1TT!5?0U*73LRUM;pGt8=xLl{tvTBN#4f$+|jd7ZD9@
zWETywZ4H@ohcxVqa5}yPyNsxzQ88@5E0J#@Hg`C6FTeN;{27NFdSKLvG#0D`;2XGC
zMFp(lB;tR`Qw<kKc<TBD1R!2xFWCjYTHReZs9pCsaLco1|L3mk;NKVT+27~H@FkuP
zMXes_OGt<dc4Crl3w)(d9Zc387#&sB(BQ)4Gm=r-5%asQ2yNH<l)7QmF*PNn1l9oo
zXsHe57yjwO1dpsN<g(zFgIx<5d9VBlZ!R~OF)P>qPsFuFh{C@j{_xf-gpbGnYk@AL
z#{EV;m}J{PL~yqUp;yaAL`uGQCc#SsA2YgAN|u#zS63W;8rB<_-OXuR@=~a;@e8Lx
z`i*6?ql-)L=n(8#@Jk$#V&Wk6MB>+qIpNhS6w_je@7~7k;m*gbW@6eJclQZB=^-(G
z#=pb1A~r9txu*Tvx?j8Z9A|#c?6AxyN=55T3KJCiMyR?9-`c3y`|mt95WgF<6kHzP
zMboY&Fkngz)!{SqP9q%zUtvw$nuYEknN}{RRPsVb!f4}9G?C$ec3?jW7GfTp-6tSg
zB2;xZm|yi;-b~p>KY?yVRag^}K2rt=ZEGbYN<qZ7Z+NgTz0GGsp|G<b{S2Nh;#+5H
zYkMEkPc8dxt5!_|<60HeOk#~Q*3;AD%bN#pAd(kD9D*UqaLyAlDc;Zc-nL0#E*u;v
z*Y}R9-Fk1%%`H}O=9H&WFIS?6;_6kaj=a6I6AN#DxC$)b<&D)#eY0$Z#rKm*V_hrI
zx{>89Ttm-PSU61p0I0wNC#k0>Q@M;;8%3gq@F3p>IKU^?h8;RK-G#efdM!k>-OA<5
zDcaiyFC-`*JqDt_9|qq$DJdzMIqb0_wjfZ9GQbAjP)jN&=n%_d&6nmT7H}*1`1sj7
zpYEM(R_$T<^ngC=2W<mfND0{)0Vsn9Tlg)GC5&kxGi@(03ZhnV&180#!t%wJ6py^e
zkC$K^I*)e~mTJ3{l~4A)-<sZAURHJlxP<FSy?!;M7YHCaiWT-{Bwu04MFb}(xsV(i
znwi3lV;v)RZ(HXX{Ifx!$JX0kbQ|oO%rORV7BK|Gi_)>u1EFsY`~)AykMabYrR%Lk
zP7)%CNW%>Euk)u@I0T_ffXfSUUV-YHld|8?kn8&1HO5P7n&*L8C(BRWGu+=MjKU+|
zPlXFxN!TR55}Nj1$+{)j`k;?fK~Hf%gU0IW9#6nX@E=gY#`G5D|LNizC$!V*2GcP{
z1@1rLnd=|WYi5p3G8<(0jwpT8o%{FCzZD%#{PgP@8o0X3>H4<p4~RU$+HV=2M;m9h
zjIV0kx$JBg{~t^2%)~}yvOQm)^pI6eqfY5yuFRnZKNIa7UqhlVHwo<X|Di4ovNz$Y
zlC>HiC>89<A~tVL*{8*J{|QkT>YpUWcf{!sWLw`cEF<7};X`F~2p>znX~13@oY^by
zr&uI(VF)@x9Gvr@*xc!4tmE=|(nrz61lf!sp;dTlp2BMe@R%QT`k<%3#l^+`pY(R#
z<Kv54*!w0tY%IS`hDDC&U5@N{LhD!hVoeo`Vf!hXy&h!t)a#q=hHn~#FTU7>E?={T
z6Mk!tKhveluPt=bHYBbvs6alUp{=u}hnwNlPX-8Bt4;%40QzX7``IQCW{+A~`6F8b
zS$d{l{R?PAwY9Z0Je_a={)GOS*e8Ya;cylqW*Ei%@GB+}UvXHrpfTahjGv#%hT{N1
zGjP@B;34OHWmjdu0Mhon5_?hvR)NG$9#Aj|ce$aJf^RxJ_euN-2#xJnqfjVt-kQ&Y
zm=p>{WtvEh``uU>Jn4f7eCx@l0^uNzFHf0Lx+pkhpbwMzhM+VnR_rurG+;ZsFm#q}
zJ3U9`0?5tnV6t=a#Aak@skQwxh7sMXwxo>?knUW-9IxsHEk*HVqMKP`@TkHDgY1yd
zNnwq&peAG_vyS!Z`SYhZ`@xnBhA%4@fq(3x@7qi^vJ@S_$c~$QkF^{O!|XPEm~YW5
zk>K^kI;OH*G>XQWK4&b<fQcV|+QSY6LtLzqlbKO<gSEKHNSom$zIJF@=Uy4a@J0M%
zKy<v^fhP_91BRUCm{G}w4utLtS-49pQ6WJ=oZq?)I2E2Zv`G!^<8!4O*yW$>EWiJF
zRnv)3KH?iAMV*)(sbT5=>9R)m*bL>oJZ9)K(anky;^G7kgM^Z3tRdpq0fH>FvvZL{
zpt)7iW%S4N4J_s!4G$CbmxCtXCzF$VrA8*ztv>ZX|0=`N4*9?yFv8)%wyF^$+N#*o
z5DAju3D$(MBVIsPR*Q<x&K&#xP8k4PNe_w&RP-8?Z)~n_JF^}ucYc$K{SyEq;exiV
z-39(Zm>>^$dKNUefu~JawGTf)u4kC<N*kbOQkfEPhE{c&z<-0TY)kV4%h^zHR)hEM
zoO2@0GvryOPBQ60Ac_q4>S>TfXQ6xeu)2y0D9m@jmF+5P(F0|?t4n7m!WpOB0qeEl
z+v#RaEv-a&xQxMy1%9kL7+86Db^}Yn)g1ov4#3&mB^y=xbB0Io$~`Fs!txEzQ^VOd
z$ef8Wb^8e9n$O?8J8UN?)?u{w(4j?B?qHFZKK2Z=+IU$x8>ojh0MwEmoGlT?>#-YK
zQ_$JfV`jlzEF`3b%{Q-U(ZrXVyC$$SaYiLCprX6u?0MgcFZLXqS=Mlpl6qyW#>>If
zl^qXddM&yK>-lLc*#;$gR%Q%sJbqbQJh>Jyh6_M<>N~bqPzmeF<rKmV#&J2#8#?$d
zD(fp%UXa={YGZ3Fg0UGzd6yeJu#i-t;mQOgQ$u!djaaM>e+rh;IKJp)IR-Ef9VM#d
zAr`Dde5>yL8AvaiN9_9b6tM(DGkeEhS5~fpR!T$!s&mOVF-kE30U{zIM1*;{yr^mL
zMP1cmi#F=(vmVmEkySH1@we419YuDiXCZ&ES@+;bdTuK$_avt7fQI+ZmoLZEN3bSI
zcFxEm(l-#<QO~zI4_Tm@fI+P?3Oqn=qCG0;3Ebyklg5CX5Z5bZzd7er<BD<3R#klK
z>JnSGZOfLAn5qTE+0Z={0|fl|>C;sBz`W?p*|?Aj6hJ^g;KHmj%)ZM61$U}oy*-11
z3PRRXg6nISkz*BQhBC&EyL{==lpT{A!8optyo?lcJb4lhmCDf6S9V65^dg$ZAKs5}
z)fvE+-(|~(aP$*#85#3HLMU;E@$bFN%*G|kCbDN!X-rL95A%+;mKGxepu)>BrC(^#
zeO+AyOquTr2_zlD86OHQWdT(u=HmnCt>?gL7WdGAX1?41)6{t3qB&jNgC}e~ya!1!
z;a+a4WHG3|wNO19;5w-wz)48Z9_2@fFvaz2^ciA^MNB17H}^O@XMG+I&DQ?ceju{m
zOXSV}0A`k>?1f9=moPXbk;*!KXaefqo#>h2vAAX{pJ$n(aJ&a~Lt<)6n}LV<WF~U%
zDd<{kB;{mf)dko(7qt^T3i&5l78xCy`kvJAlE~5i=VK9-;cgz$GFJ0o5FU)8`U%_R
zXL#$*{JPm$T86}C4E**>ty0Wht3?h}vq7xg4j_URwU0Dg+qWC{uj_}wAg7PCp4TM*
zx2rF5<Ttj^qM}B(-e|B_lWYSjPeOQ2Ork3-z07-8u4Z9~n0@t2HcMe<*t4ZuomPRo
zy<bm{6H-WGFo6XItl$@U#VbvIe+cixo$Bhd0%l@V?SJ52HTNCdD3JMZ0oX}9p3rVb
zH><4vGZq~!3w6e%EYNaLqcjp8zR$b3m7dG&)k|;j>PgRqzGZ~Pga#ou-aaWIp&gq8
zED5{n!md{4oRB!!Qej-7ZxJ#gb>tD1GDuestXfu)OBAW#J`|&C7|bnV?sKiG8|0v9
zD~v4k8c8)fiiVNsvl?#knGb4qv2%JQ5FSzkx0U%zmIM<2WL(MJkeVU@tZZI(=(UT(
z)X8y5trGP~3VL!6bU`IB14QqKI!p0JOz;Ec2!UWv#Q;I2XU;B@XiFYeB;~Yh*vv}!
z&Ng9An0F68ThJz4re;r7HmvZE>`(GjQz*;>3uJtt{Tk{v1OuyV7F1sBQx2h3+-%6L
z!)|Z;kJmDWR%J%0DmKv*8UGIJVKMO$OIdU@=145KjGL!OA-bwp*jSS!iK|zye(t?#
zSP1VixM|Vg_O^ZO{VCVJ$6q&q$U><hajZBOy<tI!0|K~ET<&pH8>p+#<FGz(yx^)?
zf=*X-SSheRg7R7AB6Id*PfswAb>1S@NG7rFghxpU=56q6b^&8Wm4rz*1v}*EJdM?S
zMf|kM{B5U%w>TED@Msb}DbKQHb0}mBL28f3?#p6xdd<EB^&@ko1V-)Bc-avlvf?py
zTMHE`7{Y)WNpy*?0%HJFo!CQRqgWYEc^@NuM}gLHHI{xo&hxd4hpe8GGE+j;mN|!{
z0k3xRh)99WBRqey8cwzucO*rDCxcm)_=mSKzR2AjL~1i81Nfj}ICz_T!i@5ETeUgn
zYqFt5-?N-VU+%e=JZA)Ix`>4_$uUJHhYB&{K%#Xa3szs8<g=mE%wkQhOMDo^t#deq
zxsT~_1qh>H%-#tP=}{&g$i)YXl&;a4&*szU>JyBsLlfp}S(VGoWCiA;`Ci=+E?pka
zQ@Duq&_pR@Y<#PA5uC~$VGRJx?`~e605NLOXro!ofW-nyNWQi0%sfau5*j)$nv>vN
zESZ-f3JK6MaDb`soB0SK{^L0ZU!9Oen~sza3;3p#Q0J62R~RrzvBUNo?wG!5Y3q#P
zFb<3w9c^Uz7?Q&XdW$7^5MhTv?weUKdZS@<#vFbMUTI=XNTVIFI(7_)3CT4j9~WuY
z{_6#oAvBg4ED$0M;#2zzCo>%F0{#P<<ldXC{pOn*<H|xvw&hw~InY{cIrU`@p7sl1
z4me1d9cORc;{m!+G1ew0A)SNY7s;c;TzU0<QFN~o7E}0BclDd?5mvA}aUu*SnNJtG
zh*G$?y0l((Vr<k^I+Ydn_+qAC_YD3%GijY}t96QE6>`boDfqq$ZYj6Q7_1cs?0;3t
zOcf?P)(rFBxczH4z{&|8$-5GCVzaUq0_d#~I|Z%^@YOQ(fcq35$A!hRt_u9V{jeIu
zYk#4rL3jvzP)uvx9zNHvCp5R!RauEmW=3{Ih{Z^i7qYMY7&i~fptD30yv$?RI)yO;
zlO8gsJ(yqx43x~4B7vbK+ZL@j@ekUL3VAG9$s%Nyp=fRs>|kMS!hehL2?y*Zq{yPo
zEe;h@xPjq1d(F^0gnNPD6oS$4#hW*wfNSDqUesV&ZUe(1w_GVbFU*ZF2@Sy+`=YY)
zBAWl?ygWm-G2oIEd1^YZK+rywReD}MD!0-R{$fRvHDCg#VJl1<KO_$RZtg`G5MYwH
zNKBs~p|1}jtGZ1{K-5{gunsQ@$>r0!1<!VZpHg7e9TgL!4XWU(h!=CT0+OrRSfg^?
z2*{C@lRF6J$X0oI9XGeU@Y@j)q*49c-o6tSWgs!G>TWA43SZx#q=UddzcrtZTU+0m
zKASHb7a8$ALGa$eS#Otaaoj`G(pp3d=leQE+Mp7eQ$w2hbnGsP3(UUT+pl}kyF^!*
zq*0BQbSsJRp1WR(e#9C#k+T*Xj`e%F8m>fkEWXrEzuv6)WlNzzDk7MJMldRreTs1M
zh#(1$3x$Q-+C9p%w8|!6j$&O<<T_~1HFxf6k-_n2&HsS6HmC%rW2yhVrKKfpWaR>Y
zP~&A7KI4a;*otT!yoil5_26h5UQM!G6uFCtfLhq61O!-PXf26vG4H_hE?4n2n9P^*
zh1Xub9sJNVCVVQZsOc;I3N~Pr!`eFn2+MAgTLssxp@9KnbzP0y6QI^S4ic)^zaz6e
zYlM5W0IP;%qcoNRB|Ttf)|Sp*4W`<5l!W_Eoi80E9!lhoG#DW^t`uxYU(wsHB{l8a
zHwgK%(vy>S;-P_O#{1+Kdcx??c}V&yUe3Q7dJXf~lGtLMWD57wL12}MUPRG7bf_Jd
zsSJ;W<btveQ$>rP?x4VUf!={Mq_qF4tkPaqhZ2heAHU+Dwt_EQ$lleoZ;%0rtrT|T
zvv4{{PVc+;hYL_vR%Rf->|ttV<{m7hkk%832Lb<vED32dg629>?`{y2VV;hvDDWr;
zkaRw?h$VpIxeP{+c3qA_cqB(k;9jy$kW=O%vCP7{>&m>iS1KwhBwBh0R&Ma=wC-~J
z2^a{i-6-PqW&UrtP`X@b`xnndfxrLp+VuhT*?-oP*fh#})`<Ke)oS0^G|MRGxU}Ye
zdQMyYYe9A#0;zuGW)WI$O}l}yei&6#CX4-R33<1+MOGGXHd%#!9~@FMv4I8Y%<FrP
zb!`w*pF4N1wXN*~XZ~Xm$YO;S^R)Y8flyA+O|hu~UCAZ)>WP$J8^YZuZbUMx3|KP+
zh0T6}9z9;0ugvqN^(E@1(qJ@-ymlA&cf_r?bo*E@mTc0<SPky9`i)eZUXUQ69sj^D
zO*7Ef_lGAo1l7wi@uD5AerI4}B8WM7Hqx>HzT<YQ&r>-*3G0KIbLaZ%BwqlkMV2+#
zRQ_SN4#fOuXyFGdL0qgT5@-<auSNCU-AFL@L2CgmI#5#4_|$q^)b$eNFk&}<P1-`$
zzd4CU<3a0x0os2|3eq6Rp_J{hiw5g~utkxAEe?juba<hDfB*QP6Z6N9A3VT>z-b{c
zv0X#jrDZV$0BbW~0)d(evSNskf&hy1^XJcZfPzc<xGPuqqMe8xg<dMjplUDZ<7b0m
z3c|vS&BvSG#-5hW_Vk_%)5UrC@5?&F!NB@{!U^`OXN}Gin~b3`z67-Ki*=NOAgH7C
z>j^Pve4D567pAfQAc2ankc9UKCQXc(6{z22Ar&2(@IOq}7v}=(i!jan&z@xp<zq(&
zhsZ8W)D-W49V&3kycB7s!7!gdGaCpaY7)=B69hg?Yxr8e!zicVymTP-j%4yexV!=3
zq%V3Of)q%gVUjwiIQd-$z{^prx8-{T(KBHGffk+QjkF^eON{kTWZ2aeRs^wHoJz%D
zLku0Tu!93aJMac#Ck5Eb<z+KqRq$@m`S;Ea&2wV>$66%e^J!`QNeXJx3}T2&I%arJ
z^=R<Y=va!K3jk*(jrS&bxV=u5NvR(9;9pv#(_QiVAr~1ACgd4VjEu}`@Q0C{39J`z
zWiMga2i<0c0xZR_k6WET5BW=gzh-5^d7Jo$cK7tCheY<~=3*^QY!4gULHw;t)KJZ?
zYO5Y^`HHBVB#?~0nZQl?5_mQcm$w%HIlr`bO&pLx^})Qnyc$?%iRQOHwBm-xfnB-`
zt|{zT!?OxT2T#Be4r{n$o3#I|JM?-yPt|Fsd031<BmRHP?1n8{5!sC6E$?K9U&Ew{
z0t?2^8gOLo4-CMN97dQjQPxkgHYRum1c0q*gTSwn9@1zNSV^S2iFFl;RuF2tS%3n#
z<mCxG5@qH7b%QOJI%fYWGq1OU{s1I~?+Uh80eJRdJ0}Q#YK%(fig4fxA(Q#k)W80V
zM_SD*s*^))FPRQFVmfw;Aglxg239{VDCQTN2z@4X1#7|o+7PTr&(B|m8dfqb1QZ#}
zj>|=0vKn0OH92YzUh|3#8}_Gq;x6C@&P{ijyKlW1AN3dIR6-zFF|h%cN^C^`50$fX
zG{PUA0wSO)06>-R1fEyq)X4?tfUqa4Pj4uz8=XP{N_6yHaq&*I2*aWbb6bWE|5D*E
z{6)X294#Z(r3Rf`*Sdo@)j3*BwGfTqvbo{(F=m5@;C1`9rcp4f55qg<4saip3pksU
z<EqtKb0Qh#0Om*@L}XMHh=B7zq?yUhU4hk8Rt}X(cWJK~YEU{T+|yj>DJUp7l3`^#
zsb0Nkgm>lU!sd%@|3*6<&S*K*LC7xHHsKcd?TX!jgO&0T-Z*90=bhN(buc^h#Y>IJ
zqdV<;I0G817RWE4T4jCkTU{>o`|fQ?H=FYR24(Xc{r?oo7Cw)?DgZNieW`1Nz_Tx%
zn)+u%)z{6cKh!}*j{_o135hXcG0r0Ma4E&{dy_Py?@Up|LU;X~usV96bQU{MTAzLT
z3ZC3|SfBrV-Q~4=;-BFdyia9&A*_Q3Y@%zjc6{h`!36l<M*W?^KM^oN$%jSQwe4pg
zG`O3$oN;m44HhA>yrVo~`y`Ge^V`qG)(6Id5HYG)Si}wdMM<8R`%G#z8;f5@up99V
zwBrmKhdYPwtKRhVbV9dJgB=$k;CM`IyeOm)1S6Jc{^4wH3R(YxD!aqfR0wUP57>_I
zJl3;P@Qg2G;|Ijy4Z(_oI3tkNOe5rIc7p#gKqWYyE!^5Is#hpBGQ%4SZ*!14VS6j{
zNJ~GI3V5DqTd3)xLtr0a&|f9S$~Z2J^UlJW9Z^!plJ%_{wA1)QgNUvJi;^rvF$oZy
z7xjG;JXh$LIxf7B0`zAMrdJ(O*wET0tk%5pZLi9s<L@?-Mi&5hP)JBT5(T2wHxb7C
z-k`=SO{1rroSru}Ud2FQjaaY9$Ve5uG>z}HAR~Z18ZRY1Q2N<WFsTkuAdsk6u;N8=
z_8Y=H2sL_Emv~eV)|-0(ixWmBHgSpAA!<0p{3FG&K_2!Q2?+iA_BpEA3j<OtTDr@-
zV();wT!T~8B`4zVNh52G?xt+;0G6gw@f2Vf;N__XQQHPhhl<K3^gb`2KZj`nT-^?;
zsRgt;1?HV#@VYplJ8$;?#!|V0HTN&ZKhhsQ(<lC>h^F(;?WLMe><c9ay>j=stnS|j
zefWRD-cQ)CXIYr2CFqbm2!wA3T)f!uWL_BcckAdrU=WyD(o~wBlEMXouE?><TQ*($
zf1PU<Auisb<KiI-@8MiO2roG!`8mITn}y)2pX#yS6u{Btv?<;e8?PsH90{SV=PCYb
z`AfCtZhhTSYxdF^JJ!fmT>0}urOW$jx7zSz=&U$D6B4-9Hx9SY+n#N3v3iDEu~c=A
z=G5aOJ${@j^YNb*n2fxvw7!pzoyAmdD@x|iQ#?7<G_%mQIN){9flM=Z?&k61ZLBb#
zkG!H66vN*QI4k__B)NzXOUY>!S4EiIHTAC9bKceQ#=1`yPqIh+qicjD<?==se3y#U
z@NhWMmSDO4`EBEeoN-d7WwoK9{Q7!+Nv2f6jj4P3+od*2NL={*MdbX<9M4HZ`DHJ_
z=@C@kHLl0W>!E-R7^7SNZ!W+wRYBI7zly%5OIsgSdhR}aLACyTd0xy(X6em)to<C1
zYl|9J&fQ_V<AZgjqp+FhZTERfeNE?DzE;Imd@LULP$*beb3Ro}?8>}1Y1^+#&2YW=
zHwX0F(_4HB`QGPV*|$Hb;T;lEm_ms^pxj!^r~RhSx7s~g`dHBdi&3!+r*r3)_vMr{
zDd>HZQ+C^MF*bIl;@Jh-a<WHvS+3?}PE=j~VL0~fTx@?~u=>cz_(;0Z0DH3S=!b_%
z;X=;e`8{&&m64I!(U|M7VwK$D(|vur@?JL!w4TU67kKE<HRm5|{H!c(5`t&JUSPan
zgikeE;pfjeq&4sO<S<W7XGX?&eT8sG*ON0mh6Xby&vCfqtT^NH>^YUitKC)*d<Sc&
zms0%O_!f0_-D7u4==L@Hb}P7lq`#KA+#yrWWHXh<9ojAm6&CWrWng$<a3_0ru%l(E
zpH@AZS+L}dW6p9~6iv=ssU1`Ps77a)T`IgG_Q8UkF`k^)jn^l$%tJymg%lM7mhZAg
zM>;ci3qxFVkB-+4!^z*G#->u$X7$+;N6JQ9`T1q$H=O2bx3_yN`FT`fIj8~ewdO5d
zYG+{d>WHPJPqyq4`<0&OwOSNC=fgPP`jIP-)vjFwZ$g&b*I8R8!!rL!ANeMWM*zH}
zhnFrnLjTSo=TK+(HE`>x{SS^W(HiaI*mp|i_FlF5HTb_BF>Nfq#m6dDSkEu*|BxT(
z?K!#XDmTURYvr?qYy7vq*Usqn<D8?hZ&3~Bi4R<lZ!R5DRz6U8R)#KR7$4Dgs!PWh
zmY)+VR@{H^(C36(Uh#wDx1y_uGN~?W6_p(pEqq$}K`>6r_-Q6k+zjX|#u_3r(qdk}
z<Wg>P=T68h;B-+|_U~D~*$Zu0NiA<1tDXCid#?aznsH#J=)PT5vC8e6+_K{7!I0Pq
zfIpAP4j+`#r}XCQwY`3)4kl^5<W{r$yJ$42<teDF;rPp`BlWT$G(K-@(souam9&05
z>&|rRd~wP7VXHMA$GQ)B<T@u0w5BsWY_3lkc5k1~xbG(G0GmgO_k(>mKR)r?=4CB2
zVX^Pnn!bgLKA6E4zVFAE51BF9vbQ~YWp7QsIkBJpYFhkifESH&Cra=g$5K*OJ==e3
zd_&*D#T=BEawk;P9M%^yONA*EPphi(30&m4i`U;lhd6w;Z)-H$uTfAT2$EiKi2;6z
zjDJ>d+Ol=0%a6ncHw6#R>aXvtPWH(aU3#xr{(fTA$T%SAynS2YH+IQv@;<u$*k{b{
zF&pf7(!cAFSzG7G597jRZ)9cfy{T-FKd?NiX`E-N@IL*FJMEu#zu$g}6EBQ4gXR8S
zY`tGe?ZGC$Sh`(btE|Ay<PObsRH(TxH~&pG+MHPRdHmHd2g-}VVWT*jj?c}n=eD(R
zoOww}{=qdmJhq1^rL=b2%jRODZr)^^zc#<ov1<Wt`ilN~P1k<Y-M;tJz`NXB6fc&a
ze<WR(i+6|W{C2##Q#LMHXli=7!#dyNuz^FK)AWsxmqF>acDurgh*#AEuV(R59-ZpC
zti@^&E_=%4orO=ZmUGTq!##bU&bPD2XS}=|aT3z#^sJ*8r1g{MXXqS-XukWn*}8(q
zc><Q|>f=edaw%iIrFY)ktY$x3{3PFNlw-!H7uj}$ABH;R&&F@u>=hrvJt8G4v}vqw
zmgoxne{ss2&o}(KrON9DS6=~@^IvacO%&g>9mgy^oK!*$=eh)QDS2j0&AzsB(~mow
zt@f$KRcl0K-yD!`Eae#UV$f<W!PB^V|9#>dO!t=if^VzZy89)`n%x{ri_!=gAGdgq
z8Pbx<h|?PFzamx9$)-zDyfvyM`OLc@P<M=x<7S$<&B}3bSgWbAtG>0s#8j!`?S3K<
zf7B2$wJ1Kc$ZgT;;Kgx6%rTc-%QdT<^wN9zc~Xn`4^~`_Wxyq1>hf6TZ#nk&6)Pu3
z=SwW*P^$Ercw=R6F?U2^NuNjC<2{>O#l+9I{HSV^di|7J-PVCKJIk6mw)7FTUgcF0
zYr5r;<qn=qS;~$j^C^cs3molyq|dy173*N_{o}%{lHS?Tv2*4uyyA{vZJlJtF}jQQ
z%(|MXlS#LCopO<-d@FD+`uaAOZ94jcBe~vM9C)RH*g|3+VV&o+yN53zrw_99z9oTG
z``yBJ`V8ori`>4pl{Z()c*jHx8`^fk^NEii8+AA8nqI7BvDoXa#vP{#ZSj5xPLTc{
zev9LbYx0UJJ?z=a9S6I|ZS7B74-IXYHIv3TBO$&jTZz&%(ldkdNdNGJTH^0}C?r|q
zz+Fv|HEW3L)bc6j<+6<us5jgE>5E+S?9cR;6UyzK(~E|khnLAOoVRl)|M1l!>vUy-
zxehT(VO~=ClqX)yEC=R2kA8*iQP*ZBNn3o}WV`UTVeY&rjI_zeby7(U<V;GuTZOti
zHtN?i+{J%-+|j@L?bqv8Z{_3#UOwINx5WXmLilZR@Ym+e-`YETM323xdC^aAY5NrT
z?qTelncmtu3vA~J`_V`3DNpZnD|*|<C_cJ!gRArYQAh0Udscaix%v7|p>T<6sT6;!
zzSsOj|LcX_`VHEM@9v9?oJl=H-Fl$bz%WH7#(#x*M@8fyguHrw<w<peE@REI;TqF(
z0R_8+36(@>mJMmzQz`s|gB3IB!v}p_JevN0Wre_w8EdGxnWM<Z`-s}9l5t_{qB6#K
z<u>pb&#co^IyHZ(QsPDKr>;z+B?2)z<yTV*g_QE?;yB!bo<ew-sjbL!d%4IJGmU>M
z20twmJSToxCX}a_?CMz3>7D(7X&EZ;_PwuT>hq4ZpHnkQ_0LF1I4mEze(+wS_UjH)
zw!d#_01v-Q-?EFZI!h!s^XOP{{1Lx6!T@1K6c_qT-#Z-@p~vF+cGNqvwQDa_&@W84
zcs+Dpk+~4<1ZQ%6jj&PKuNKw)4y+M|9`8CDxP{;1^(re-?HuQszdK!-+Q-B$L1?vy
z`^;anFt^ka9%|h06(+Gs*wegH`*)SVZ_0b8e5!`zGZNL#H#gFOk9SH(e2Kh#`8)_~
zXXK0O#-9YCpn+45Qx}}JXP>^U|0DOwd(zTY(`nS)Vfy>*y>^y=yUnHFi&(35$HbJN
z3I~UuW-xI@mn?11O{jy_@D@~|H#{~nd~F?&{Y`;8@%e%R1z?lm2*k=ZwC}qAyBmLf
z*ZH>4RLcKJfwYKj|MclR6wzR+-%U&V8B_>B!<5Q&(e(c_4DiMMi>b(9e~&(6pj$D<
zZhNH@Rp>2nKxO{{>9t%Mw7XN>br(Ll$D>mh7O-Y#b(49Z<N*s2ev3Ml&`!H)KX&ro
zZ3<NlIDaHi?f#Mb^QWs!uk7chx+|@F;@-dR$;>rB+=OoXN6VZ6{3~PirP3aZ4;zS~
z%OFVfZNp00$KT(7U=lnqh+8i}$+AvTvK<gG!XBcWfFFipi*^KX3u4s3e47ha?6vM0
z-r!mkLn;dD<~LwLprWmO4nI=K?W{XpgW=e$m}3?tHWHxEAj;S(s^f5XrWz<S<oj=T
z9q@jks6)Ssbqw}F;NE!S2e*3s*eA>MVvgvO95FsVKEe-&z6Ko%QcpO+jeNi4Zk95}
zJw2vNC(yfZExA$%eIlO~Uo7Q4ODeHw#qeyzWD!SvB$a`c4{gshXoAi&z`R2^FgJcZ
zG4jUF%p`q|^kkzm6TS{Ru)vl-{XL+))ZYT!hH+q}*G3|CEoL{Wxa68?6yahKULkA-
zfmc>wHA<HJ6t%s3Rlp=AfzPmrSP6>*AgTgHuL+hvN4Sug&Y)%r)0{3=z1i#V@Zaup
ztaR)5Sp=m8&N0=(B2>=Y8i|whFt8HoCRVWXk=8XhItsy62{IJ1FHkl#ywMz3V88_G
zQ3}ZmVXSWVq%VZFj_)ssA(xA+JN!T;^&*nVpMq45uu2jmmwrY^Et?9~0CBGePCgAg
z_4JWLs(aah=vU&=2Eto{n-2A^4|smFhQN0q+5r3JtYVOMi5>zA0SX25_MIw3EcJ6y
zji3_qhJ8U03K5P!a0qM>i?Juw{cKKOs!;@17$2S}WiKy9JVgYf*a@nmFEVCk<9`yE
zk&_dJmpibVb(DD80oRj!#@yUoExLMfH@o>>-)L|bQYsaQcLgpYF<vG+X%O6Y-UeY1
z6gc9E9^*w9ySQxYc|tD1C!oYvEY@T!uq%r6f+zHDCAjbXbeQ{UHv15yoxFe9*r<cF
ztE&!^@w-@y%q${1SrGH*dqJ*p5Tf4BPrCd7xslBi^rc#lic3y}s3rX{bAV8d2U@3l
zpN)_PiUo6W)KVBu;%nv%xMR`&`RmsTV>T27YnLzg)=M+kiPh>b4BS(qq>dro2VB(`
zH8q#9d0O+F#0EnS1>HQ%9zk4-Yc!*p>}v}G6n|xtb25n~ok_7gb}Z;hT-O%dKY7=I
zJK>v8e>doEqOIiNiD0dx2lC9Hzk?VSdch*(2CPHBLDw<-`33JrX=wtu?o>o7(M~0i
z)9mCIbg++4;o^x<Kn2u->dK-fbh;k9Q58?LJ`;2#Re;EFU_fl2?T0*BBt4I}`x9oM
zhzJ39J>j6RmnF6cuB%cB!k5O!Ed`Z+g+6UrR$0W8y-kvk3{Zx_9MMa969%h@Tk<YM
zNQyNHL;^wO9y(IF3sZ~WCtt!Qp_U*YkO<#nf=gv>SN+sF1HJ9mWrGubk=S;C_HGRa
z%Tom!SzR#^5k8=^g3x!^)wu+klb<df6rzWN*@8<(?R;p}KjGoE{*ad)u1AwxM_)P>
zd#QFdc!wmOiAYBvLK|dEoLa=h4yOKMV<R=?2@7v{2U1B$SPtP^kVLn`aunjh8xk6N
z^!V`*z!)hn4l~R`x*dwHc`aUVyaV><*ib?@Kn(b!DoDkdLV^FTI9mxxXD^fvf4Z78
z`tY0RW-qgb@xQGNO?T^VCLz=3uu$tzVo!t_mcKOf1O%Wz(F++QpktNYyH_B_50dnz
zJeO3%t>A7LMxkeZFi$1^fRuDdi0+tmq~-kvl2!->$VU_~+pt)*cmBKCgg6_fwU#Yj
zD0g@Bfp@2OjPyV`nKDY<tst&gX@QXU)A@z0gC9nKUzbA4gdBnrSQa~b&H4)HJRBy!
zP)2%yQ*P@d#=d$tuSF`c&3g*R$G*OcppDGuK^S1h$&f>d=1a_3FBaetFgwH)9}*9x
z{{3oM#yVa3>45<Km$?4ID3Cnv8E?g<IrPc`><!|d42c3(b<+^naVKJ<`3T2TFzGI^
zkwXfa7f!~z2L<VM{q61NkT9?k^$(Sl2+gN03HHqD>Id5p?+!@Fds7{N_m*Q(sG_|I
z>cA=YZW|xEa`W1?Z;Y;55GaTTFIlJ80RQu4A0D=<)(#39F@sF2yu2LV0;>4#BvKI<
zd}l`2?r=K2>Q!11*0vB+zRsJn14>h%EmI)Nf!4LhdEIPTOE##QNTneemtcVCNN95D
zu_J@bnwzWc#x#vv)`$J^#+;B7Ic~^+qY=?L0fygnY<P6E98VCu7eequh}+ZdLTDR3
zKy3%(f~f4VT~2X&@@S#X2*(cad0<u)h<gD)^w}unpud}ED7Vq0U@mi{EPw|f#bT|e
z3Ex*H79rphr#C66B*l};7zFsU#T)YQ_9jFm%m8%^EAfqlatE<)2R@U&SP_7k4VyQY
z<1i*>5FT512BMfD3@8|DY!dA7I&20aY>&d2m8{{BCmH~^Bgo`tI`J_N4@ZbVvjBz$
zk)FZ0Bp4jv;*yf7IPei5S_+>72o{3CA0b3${cWaZ?BonOTpfaE@vb=nyp+&?a*n?v
z`VaG`k4qv-{%`@jr^vrc%1aiT1jiJ5#(Ag$oRoO5z!}})n++HdtG#UOl!8eqcVYbP
z*veMDu#c2~xB^VY!PszZkfd^e74Y#_DD6?yYw;m@mu@1wRmC~UgNQvq>#uKZjX2Dc
zOrLTDCjlhbi{zcZQ2-!%z$f?o>(WvVAY0PX(vXqx-JYwjc*-GwF7W_(01mfVW?RA^
zghjGok5EpsRl(HBa`+$s9`YV|>rZ=(Mu`wp@X6!g_JUp{({KXV3CO0?@ht4mbufW^
z!%VUYr@=+22uM)&-5BTe*D#(sP~_zanCb{j6<{DDg0zBbBUbg=Apqmk5U&Mv8{EEf
zY{aL(Bi9+BrdWMj;6CvydOT_#G#|};L6=;&Za*}lH~>gW1o4xBw{H-bC_V9Tfj&4Y
zhdYmZOgys?AU~66SA^SZ{359j%B1Xj@tW8&9)t-0{X(||gaq6JLki9d5GaVLhVT#8
zM2+V*vc-qm{e?ea$uH1mq$3EeGV$I5G0R<Sq&|mkC(z2Go|*jHoc2ZuKLx#@4``X1
zNfP~jpW95?sZRmyl4KZQ9qsrcD0dRT<@eXxp8VsayKLT9;SlM8PX~SSypo@WGg^A6
ziwMR9uas~c1;AD2k~R%^zpbI<pU;eAp5b%pQbwD?=f9s5azve-#jkGlcOm}yN1UA)
zK!)MJ*^F+<UQlRL{O`XgNzZ&51++B)qj0TRJPl|N{uXG9U$`Fpb<oy9Nj3$vf?agv
zdqJt=M_LIR0=$C-jiVoH(^<2?Z9X`ObgHzz&0KKxS%7C%HCo<<a5%xmr#uB-G2IhZ
zN^j8;gDR1-tOsnq&otPH;gvaw)TBf=_T15QgCZzsU=~e;8I<>hQa(4blql#mETCyb
zB#t8a31~avkF=OF0Q$LYRx~CcbjJJra#%;V-X06vV$S5S&N=yPajzR9v9tQo>(@8y
z^Nwb!v+?mTGASe6$niDMIHH)_zkhkMnTtih_?iSI&B?5H`Y&MCQJv>vckSlQ($Z4p
z&K_OaUNi5}5e^D^LWu9C;z_?xqZOmQ8btp=srkYCit((*%brf77xB|WG9giE&xMr>
z$wr1nHMrrkI)k4HH%yqkrjlFoqdU$i=^5H~oJJY4Kj3io7BLp+qdP#`5Z?$V1OSUh
z;{|Z@L19k)JZtV;2<uW_n&E2Bsh+3qh5R~LjK-q9AfZr&lYQGr^v~)l^jZX89H-OG
zp<A;J&OqwP3b+iQUhaUeOl6E3Q?z9<h2&?!IYHTfUNLGAI=NEFPNr|oJu#vaF^X1g
z6A8j3#%vfnNg3vg1Psjgy*^1>7)<el;{{$!x7a!M%u=`Q{ldKgBisW@O9AK29);IT
z`tr8i6EQ(12!0}&<K)*rKNvBZIhUn>h-u16FP9Tz9&Q%pqZZM-B|u>!8b;`d7ZO<>
z-eu_?{SRvC!r-5gFG5WAz!6o2N|1EVI(~JGRjU`<p*gAVElTU8{&*utvYug3Pdawu
zM{s_xI16pUvtQTQ*1~vj4|*67Nl1>I&Ffo`5#PD994XF7^y0y{Ui=rDR%pJ9@hndf
zId8lkfi%G{2SIv9Y+JhDF*O;mc5ppYz8C5nJ90=hlShw)Xn=!El-(QPhPKlbspPJ%
zt`rJkiV{P8beulP$zl=n*ndq<^#;s(BnDmJQ;3&I+A$o4C`k8|!)Yt3efuM7WH~BX
zHO*oV#T)a$a^Sj)Snz5hQ@!do+aBSDj<alQ)fB2X`&|>b%6JcLPwO_!&VQ7$9k3+8
zOAbMK=lL~uFIlp^R2}`v!{5z5eB*74AGWfO**uBK%^ds&SDeEnL4mRZvk&0}ufgpw
z@9_ui_IPVPkp=F;3FgZn#wQ>_hMU=XUA`QgZMIhljk8~2hvwPb19+gTA6ROVsP-Z@
zYa3*>X?lJ+;~dtx+^K9*hrZUUc4~nOIFm$;;SveRAcldYxqyeg|B2@k*ORM>!w<<$
z1BEknPlxypm2v1Gq+v1e#R4Q>(w~7xpZWq!WQaM1us_%sv!8=)JZX!kcB-nXsw;gs
zS(QAiLmPWf*xJIOWcD&e4+E*_1p3#QveYIe4J5}>R<2wLkH4zron4ytV@k>`MJc*S
zdFiTZR<s}82bLgiy-VT4KFbx^UMO>%P>bnmea3+whR!=`&!hM+qGD$cjnpnyp6o{p
z79JTnO-4p0`eN;|nC8Bpvw-v*@tb^5H6jN`=W(d+3(!o7Q3<;CB~WgF(saN*(G5J5
zyTNzCXuY@n;kUj%hmT*Z6On*UBA(EDT@Opv&lIA31bu8*bEMcoWU|fs)%eZ9Eviuu
zqo#OD9K-<#=FiUcS7+;Ak|^yp^2|RziMVTz!Dov}5;_tGalD-aYkIe6^kMoQu2!WR
z(kkq=kC9?YrWCY0#bE#J);l<wDaq20rY||4^7|b;)`tH;ng8W0nw-+6CVn)H<7l2%
zkEA-pH*f>==AbmSw9K}7$&T8%!^6w`lARs(P=j3Fk+tl(TwLdAG-+_$Pr_FT&Dox$
zj_h~-^}k=cxY3btJOs$INVeRornUo5{Q>j@1_lOqpzgHQkAnzdzp3eZhS~L(Re!Bn
zwTeGQkaN$Ph~xxhu8aH<lzAf>9kX@fsOcOr){D{5;9wv8i75W}&;B@uSYNw3-jAc{
z^K5HaBor7TLaa=MVTmw@)HCoRpQmlpWUCcV?%75k<sSI7JLm+k$5yXN`>3m*#FEt~
z8#&pjTFg1;6bJWdP{p<edq(NEitf8{0XoV%_$ex7@n-gMcUu=#Z&so`H|rdnPJx{g
z5e$;37kuLxh&_LMm|J>MZGxK|uBP@O5~2tY<i|JMt*3WI!wtSNV0(%gn@C7X`r<eM
z6<wncS`9lC64|l6De38w*b|(D-t3D79I7Z3?1JXkh$|lK>+PLO9t3%3wNA-N9R_c2
zDxox8g9rv2C1QNJa%HbsUFWFmc3FEW7_=eFwk{y5Vd#|tk^e=+k$a_HS@a4^yRrk~
zwAqxW7=1`I+B$d^#^opWnjK_WnVXlas%>QX?TEq2hoGs~g-~=&9r#51IS|Op+t$%?
zGKAs5LxHctj9ty}1DKLO-mSem>y7q0C;Q&am-IyOZ#|&+Wmq?62x4O30D}p&lB=I`
zba#ZO0rO|ik-6FSCLhR8gmsHL?3;x*40(Y^@O+WXWy*4#PY{^64u8A!au8`PsivW+
zgdz&H7V)^j;kZ#S0`DJTNA1*EVqsx{V<lSY@u+rI<^oVVNQLMmmm<5Er2&sW$aMTb
z@_(^AU6*ZOWTda|-&~&BtVAKb6a-60*eqstcksGq*Xt}0{y9-Th^E8_?<8OA^gEee
zer5adM6iQ!N1P5!x}7~+3=^PPvu24)d8A9?Xu=CewnmsVN)hfy8NjGlj2tT@R~$Sm
z6`DAaETS`%@=agxTSpQ4Yr^7(!r8es>+N6vDjm2YPlJsH5U#eGp@_&x<Qx&PFuoXN
z2m0$HM~|KZon)i_Y1}dp5|iU$-E~i4sfnP+aP^*nA3sXB_2>Jbry{B|{0W%oZ-#?K
zIs+A#Ear@jmtnR_)+tAogN>mt_L$_CVIFF5y_vO;tup!GX|K^k-6ST*)TzXe53V8Y
zNSKGK%5GGix{OV>yHcnIX7|hS_UJG{MGr-}Uy2P7<o8&}2|&eiA(vkCqjKBKnKQkk
zqoadD7jgMICOllzYgWr@EO0-w&M-^u(aR^WQNlj+(4(8G!c0>>bEYUBG!Gmzmq!nI
z*_UF&hmPSH=3AKVuQ_DY$c-EsoH3;shTFe<;e2d-5e>{y^nC*TCCS^BXfK~NS3M}K
zo`I?i*9`0mL$Sdjlg37tZu|pJEQPKyem!(sR8&AFT|se%+(M@&-AHcg4j4pi@?yAh
z&6*Yaa=5qUDoDVZ=xY)onv*@dV+TdjtngMq0F*?tyqnFQ$*10g@aQs<zOLWANz&y*
zg_Ujx1YoZ+-LtzPT@yt<3mr<71-^KA1u|dJv5IZodOf+7>f`C-<0H0lqfT5%OD-Ly
zhL;D{fcqhyeu4OzWrBiYNDPA!M*R?8xFC3Z-o3o0UP-5dcaU`n*BxZ;d&i!D7Q_XQ
znvCi~vh!-zM+;@ce&Rm1K6KgE%S0d1+IkyYCN1K9d$_3k>3mYgq_?Je${la|8ES%<
zHQSo_S?R`)FGIC-eb{}8wUN?%o<)ln*CPM-d2{m()Y7#uL&ZrOpyr0do|i^W`_;`1
zeJ;=PM!fE`D1tayS2LknT?6v5$bvAXb)zd5jQyOP^6Ae5#%~7wYl^{zuT#t_nsxEd
zis0vjk;K`4^LNnu?_X-WTEMLA#qaTB!b%1`$$<&9=tqygz8XYknB>Fb+x{~<y-s7i
zW5u5h+|N<QcJ-mwECZO@VeDPS=xaz{iYesi{Ddvblr0dhcYQBb=6?8sH}vqa@=J7Y
zv$wE?;N5{?-l*2rG3zN3<pqg%FhGz?uPd1SF|+#F&BdBeYKbz(x*=@|a;c#EJm1u0
z0McARWZsF^e6d^i4G$lV1(6GHneK~@{~BL*dcmNTFt@SIBjeNAABisqao3e^Znoc_
zq$LO+YjenXu?M4y^>(O{lO6qEU6w#SsL<y=KEcC}E}|TBABNjipHXvohIAR2SQZX}
zdm8sE7YmNd$>Eh7y~^N(HV)sQ`WlF&IdEF6VYU$r;lm`-6b~gbX3v^+)Pd@vgYgaf
zYMkSxX!TJ9YQ<O|kVcD&iyuHX`Y7%vL28YD*#>bAYy#(ELx5(M*pPABne8k2q{KcA
zUtVc!N9!`pgyGeUEN@<vW?aVtr}ud-v+?zI5t&u_0^x*D+?wovnEj5kr1+F1daUg2
zL$R2Ea>KZX7S)leJAsNt%o}hNqNYHIsB%=X^3^LqT0Vr%s{}0(iYW2zeL{`@o|Nge
zj{fkqQuD9{4TIKb+rJH?mR^j(3S9LPUybC^z<0UC_WSxA_y+8nfbxpSZgGuUduMnf
z^qd1uy65mm;#DLaan!^mOBNQm;#ds(VRL-YPT>YayKUsU?qtGCGqC+`Y_d5I&oHhL
zU?FqRP(8yI_4@Z2x}FR*sQSmzZfQnShggjlSA5BZd#}-h%&chYy)NxTf58{G4t;(5
z8M0P~(X-(XDO4Hw`s~KfOGMK`Dhn)d?xfWB5Ru}PJ8*z|3%8(MSha}atZRN~6&AiH
zcK=(5A=k>tM4+Ki$1IK&&Fbd}V^hO|CK05<`IMJfKPKZu3TwzP(L}!$2X#RZU?^qH
zE9=hUal21O)u}t6bC69B+Ibc+kC3rr1N{Hg^(Ej`@9V#-StA-G4WgaO*hGb_GL|tS
zGZ8Y>R#GG^6;YC8Olg^iWr|QFREB6UQyLU0L(1H;SZm$Sw|)NSo_o)|o^zi4?0PoK
z@An<v_cOgf%~Yw=L$it>J!&9=@UQciEFsB@nmRg0lTdRm8^PPcOcfUme6nOxW*#`c
zifZfr<82tpw=Nt*6RHo^<MtQ;3i*`OR0H%|<3HYoBPFm8fQNWKsI>m(w9xf>IyxzM
z_?L^>t+il3YH<SLooN7+;=|F5zT#y}s4&3jNhb3UW+>X*+1-S*6QE9L@ig|ut*ck(
zlOy^KovH`%ED15XT$Go3bXZvB@Oe(=VCiu6>g9rh2hg*Q;ZANuB;$Tq53-yJt@fZJ
z*oO=C$iZV*Lk)&C7&HV_y}+C)n9X}ZqL9GKMqDUCL9e-0U1<j80QBo#y-G$U2egX)
z0;fBwftW6=SL~o9z#;R8`w(NgZ0zxw?@MMNe|kfS=ddV0KNyUql)5)>+Wx&-wZ_q`
zN=~d)>ExJ$_JYzr94+1<2VAqn`EN3+RjBu>48?~SWelcf<IP-{GG_a&Q}Rytn2Ka!
zo82LA2*1=<z{dGvHgR<L_%v|@wVH*BahpAS#9DnbM$oiofX5Oa{`#O^DG6n>0mSIx
z?6Fl;1Ga>$@1jPo!FPHoxA0idq}2B9w{Xd+4K$wP=$q1Pnnl6hkjB*+Mcli$Zx7-9
zVWPVAvx}e(iJ%tXauUF_!`R{-sa1&J*atrxER*U$@7-~7WG_%xQ$u<G@vp@WJQ3<t
zgo53iKpw&^q+1M`W9i~eh)hFlBFsbC>%%fk$-<&_{!oyvZD;oviE>DvQ%FZsj(~>+
zXMcT)Bi9n-^(kB&YEEce4FMSD7Zs%fTV60iRK^?Qw;a^f6$9enu$By1w=8iN!J$P)
zfIZ=Iro`Rybb=9V7`xSGCVn3z(yj<us}O}oadA^wzxt{IOj46fCb?4>#3eqBc(YUl
z5jMIhO%JKWZaX%Y%rV2F2yl-Y-cSt|*9noPs$;gZlCT``&&1X8?wi9onrKHINgCh)
z2@O==qcxQo4!<JVr~aMTb0P=~_|}b<K^waK+e1??Wy+KBUbaVaLCY}E_r1Qi*PJfa
zVrDX};q3kM(~~<;L8l`&kZ6hFl8Q&P`a-w7$zOm>VLmj}y-%jt;lmbyBkXtCy#W}$
zot>R3&XKm*O`A6#un+eE^xKlCwlGrBVAx1o+MdiQGyn@hOo}M1Yinu(v3cqxX{M-|
zo4_9!HJNlJnM~XC(a|*M!)3d(ZV^9@>EEB9&YDSJ0)yH#sj_R4;8!$(c>w{I7m-5R
zA-a}6G(yh~Y7xXBq=oUfnPb1O=;^7xOyOXT!DwiV?~1Ve^0FG2{&Ms?hf!P=x^~_J
zk*$v4%oLDMhxYCBt4j?inmG8*xIg*GO15lRbhHMg7vU(%9XM=ifx9tZ%TsAsi7h}J
zvd=n=P*t+)gLXcor%a<GC(3ESY+e{Yj9;$_h~374!-@4wn~w!YS8-Xa@>_L(7JSmL
zY4yq?r-Z@jq<oHeXrMQ!JwkxtMkA970nRSWhv0o03!aJp6AM+yLxEiLha`rm3i$od
zSl?mody1w~y#LAB#!lN4kR9yBhjN;=4npYt2~XbKybPU=k$5?p`~?BZ*0R=H5XN~C
zvT#xOCh%8CSjby%j+g~x)RE9PVnv2rpAfJV!m^jMC+?V?C+shd@Z0@wkdy?4e?zLy
zYGRE>k}5Ev`44`QOj4kiL%{pHa0fm^lQh(*A-pQtN9GP(J|Y-z0g_IBZ8Qww*jb?U
zRYrz+^M()KhVAkT;>ZahiSe)3L183-4?@--N}k(K$8xjLQhdRZ6aTf3T=RHkSI|9d
zi~REIS13qU#Q2c0+XPR<tG`{R_Yah^&As=~bGfXj#9CT%^>;Yow*vM=1kgGV`|zq&
zpaYs+{C2v%^!yq3-i8_A>iL?G!LJVz1ylbF&$y&)la)nM=^SiLi=OStU6~OUb)3_u
zPm>9;Xg)ziUqlrX`Tk7GR~cByXJX}V%{F((Y0g&pH-IFzcQHQ|)WA_YyJR=5(?-Sr
z0(O41mHAx2Cub;LS`DZKz+T4d_t-1VUKiY}ey2MP2yY=PH`8Ku$%Ly8zmU*1bR{;p
zvEc}`SGv(!W~5d}jd&PqZ1EC<IJ)t402nqp`A#7C!NDQ5`t)ldVa5fYq>O1C!B1bm
zUW}UWIr8fo9-Tgh^sJ~1MU@cYEev^IlkUs;Qjzu4^W1?O(xa;-Y`+Vy7&k6%wgo@)
z><#go)mB#e-%~uVjA_&&DBuybxAZG;hC?Vz|1VOW#|ga3o>i+>@l&AFOhfM3)t{w;
z3v?9J;4KiLJR3Z)Am9>s-P%{Lu2XIz{H<DIMAE|y$u41d&TIF$RStz@qyR;3#APWp
zZB_2O7w0{HV{n`a&RqyXV%F2fdigP|pad#5DQGMnr6BpXED=PMsMnWcS)qKu^FxWE
zrBTt=!)*8N-3=i1rKUfD;dlquI@zZ+#4WA$#fu=s5X@MQ;FwOI-*GoLA(xqwK8+PO
ze+0ZFA@2bQh)YY00bnbEDT+TYM0gv4v~lGoB1#<h<t}`(Mlh%^aDtU_ST17h$lfz)
z0VX(dalrCXFx+|#X^V)d8+_<rlvfXTK|*6d?r!}2>({T70h)N2F?F3t<(Ux=wTGxE
z3vqI=+>v0Nf`S5Pm)|dy>u8MaN)M4%Vxezyn@c=}ku~#i5bFUuirW7^gBSK#5i)HO
zjg?O9&Z}6%Mqdp)%nno;Z`%{h#!OnZ+{y#B)^ov~ucx?UymO>`6m#<mS|v;4eEV})
z;${2ogP5knn(tt9+#)W1jp!I~-ic2#+)_BWb!PkJ=jZ$Hw10*1IQ%&UR;8X{B_6+Y
zv8j!Un_}to+;i{qMsmA8R&=m5>U>%Kn>HGE7@Kpo`qF~g<9n@s=muj;hvAXo%(;Qx
zn|dzopHsF|K`MC~mYuu6FPxCpW@uob{Lr;i3}IO__u=wxa`G*sag}Doqg<1H?=(tP
z$*QmHsF&xUHqkxX--4O)68KE|66UK}H-y_1q$;aJO{Pq{FBgsKed2Zr+WLl<G%Nog
z$87Zqj~xK`{JCfhuHh`}#_7CXRFTG6gM(Y(>%DvT9)Uopdfvz|lK8@fxe|f3YmoA`
z3Erkz6wrLTk=jRq;NP7zVKg<1KY0yEwangrTU$yBiYWpX4Sk-0HtjNKSz>3B|9Em3
zSJon-ojl+(@jNp{jB>`o{2gF+*3~V5{$(}=q;@=d0&r4C6vP0Plp$6s@+A^t`1r}U
zCwXN(_EcLOEa{~$G*+&o`d)|1YrgM-(xG2Ca1_0n#8T>2n2W2@s7cG1Bx#^uuth-#
z5lscEN5ijRvB5<a4L$DCJpq23sH#9s%=FA_2JetQ9N^&hZ8&LhPn-bq1%T(x0_+op
z$=7H(mSHa)Z?m?p?BH&PZIzI_L#PwTGow6S3*YipEZH@Cy_Q!5OK=fFAzcRc<l9K(
zVBAipr6ultmw+K(4qDVy)Zr(`wOK{S`l|p&Npgs6EF@|!AlT~b^e%7aDP(4B0N@6u
z6Cu*p*<Ou3uqro{(`Y1I5vQ#>_RLn4){>Sb5q+K+OmVT}c{JGkfZTl<91Ot<K33s3
zLwqzXV%k2wbmohtyLN`S<S~<6xfE7SJs#(Y50Cf}odLZZrj(Y}#Wvh@3|1gvfjD4L
z>aS1UvU~xgY0j_UUku=$?Gsk%uMyAfo7Awzk^v^X<hFKdql~)~UF7@PEnGBo<hE9a
z5D$%hJVL@^lzil2H(R(NiTm-yo9$F{6BCMGb##f=BwcA>hd^>2FAyo9Hi+}bk+Cwa
zt}T)=fhMhKwu|>odG1$s{f(T_JIf`%3v05C<fO#Q@(xeZ)V}YK<5-`=iQ9N(b7*Fa
zgR3hq6k~wJpe&k=WGmSsClo02DB_zUkU$E};5<qNj8ULgNWxB?`TZ)4@KJ>@sR2+E
z9(>J^X1klXF2&F5a|zTq$V5#)_W@gew9YW{f3yH31r8^m;Of=SD=TM1#PI0cpb&~c
zhSBjY;w)FA_rLRz+(`gAGV=r_+q3p|V^4pIC;tcZTbaXeAy^=-Hbe;&tLrpiMQ59p
zo0*O3&{q-08GYLt@Irp*n-I(v0tuQ{&oJK>_PAOWyY(u9DEwB2t|#8Vir|`g5%LGg
zd<NvEegPl=RF6U->EQqnYY_Y+YFak(bqYNA(9n<{PC4B>y15GsI2+`Ykf7oRsET9~
zkbFlFkXuPdt!O(68PhVN2SnRgfdCyGAsG_^2|0N8wqIX_2_jR8XdcO)MKhxYX0v5F
zLB7m;qXP{`60v*3RSkulGH_sW<|8@s%0bTdLpL5^H`;74Ume?(WH{Z}MkQoyK|v*s
z7S(~4UA`zTmy_|*;E=&iw0?WcNW6X;oiblj#OlkMNbOei+zKl{W5jd>b&$nC+FWF&
zNMApElD)y6>N9>U(q(|w#>rlsW%a~t;6p;TkHJK%yL5u8cB+3B75b~wu*`k{fC3x@
zQv)vI;Q}Ft%4DwJN#7$y3HjEB+RXyOW2W@HitQX=gLUWEEyRJD!O3Rs4*F*qHk{*R
zyk!08e9MhZubUQ|J1`ljoN$Q!wGTW@09VGcWHuUq5Wh(%C$?_ewjY5m>vO%M14aZl
z5@H^KuBT5orrV)}yA~Xr*`WBG&{KfNvo|dUg@eC;MOVe#<)?UnjRj7Jv&<j9xydLS
zAyabzRHLwL-uy5>Um1+w5J=Gk9CJjgN`{D&kh7|UTX@mkAh#10N>Q@n6X?I+SeT!G
z2_JHpi;|aY-;YmQQ+#Ar17t(ILWW|vj5;D-iJut>z(A};z~NxwJ|huAWoPy~Pa9UE
zBtS3%^qBk5z>*R1BrO4d2yeC5fc5(f^M}%KR$fHeJ>LninE&I)3Lra-Mm`}DxaV+c
zMeuRyNCmDYiisc|phmZPF8mvsZ*3^)(6Hx*3DKcp0QL41^(IsYv-h2qJ{HF%hX={k
zN2ICXHe3Ivx-7;lge?Nqn}6nhNJvPXMKtD2-?A1jyH;!3odm%%^uCvgm=nj=?o*%r
zbVvHDkvWQm23u{!t4uBLmLt*mG$<dCUl{Z2Lx%Ho0p!65T*CaP6NfqxZV>=UFM2JR
zWDLS`#qu<~kQN3)7?3j&@`#*7AQmF(TA4t$c8k!9IAQtpGFG2xyMGSbJluVtP3OD9
z-Q*uG|L_x$qZdgt_{%HoQY+PO<w~)EmW<1|1eRdaTmlrLJ9-A%K(x&bc-yjjO}bUi
z=DIGjEGz5Qh~{M1F&k63k%o#m`f?RmZ(LV2j!&zAq{Zn$=ylx2fc>j5hiY~jT4bVa
zB2fmw+-G&txKGUX=|Mq@+l2@s{<l(#j1uEtw(K(UALDT$66-KV00iS-dp{nv#48|)
zXiJwZ<6pTl5LYha1-gY`$m<ln#&}Q_fIG}P_0k1PhBO#JX(*m~>6mu64vfeg$Uhfh
z6QkxcK`gbj#Usk+DoPgf#jElaAOxVAu!RYG>#kiI_(o*h42esDNMJ4nm=wRY&-e<6
z!zkE6v**n_HuU-FtFxuxDTw?@Oz+-x48!8Z>LKwM1ilgpMQee<*@(sh-s`Uu22m%;
z_Hb-WoP)CQK4#ot7|5rigBRYBT&TvzMzVlGA<dxt{?(}gZL+2k<a1!^cnHO{^{C$|
zg}9MBZS#27`2)P7^bK!N2cdHcqGfV`zj(oe6`FVqMG_z{Cd6a<NZA7ek1g{Q6Q)3=
zy^?oyDR=XDD1RF_I|(8IUWzNC8xR%2UgD#25hzSb1QI*+t+zJ_MfX}fPLl@?i~mXE
zAA;p}p>a-C-L7rho&u@lN8BoEYoaShPA4V){V}E7rIBon6W;Rw7NHTGBMcQ6F7PjJ
z76431o&5EBSEniv8p0&yQy7b9&z^l0egyE{&p?duK@<lVbG~sPvh4HF$&$5!EV*YW
z=M247{_Lf$ZU7!fj~}0h104hBKI3OVJ-4hs`d0ZOJX{hljrb1b?uAEE2n-R{PY+dM
z@c>*R@q>Kp){*HHWMmI+yXJJ4vz2<=D(j+O_6TAg8XgP}B(EUM$Rs~dM$Mip<U~c4
z?f*tG*5GOXV7o1QgTtTmJb1i3hwb9XxZoR^?+Vh9h{C=|llf1HD3!JE9GB#faC!W!
zolZ@&0Z?ur%}1n;ciZG7(%E`HJ$YPrY@TLvmx`LZDc#84Co#j@r@>>ox2fEqJ9E1M
zyWWjcJ7q28^KIAXDs?0K^AKI$ymd>|i<2-h^L&q%G>X|?h+ugM1Ol~NFD&)(Sg#9Y
zo-zk=%SmT~8w4ipCglBOPKdsN<KQN^Zy>e$=>17>Mo<ukGv!Kx)n!k-y@{%^_T9VN
zP|z#mf!q473R2o^{nt#t|74{Ufj+#z9#BD)q`1s;gR<SJBi8Ve@1=1plCrus&FA(V
zc=95<pdbR<RtxGpg6E+IO+)VVp_{bHo@hhx^+-Klh5zC%Ifs=JDwV7BezxXX(}@%(
z>O0mQnFT~b*q1N=D|sdQEyT9sf(lDX*@#Flv!3ukR#C2e<5=wm(L})Fcf5Ukt{xZ-
zb{pbaC-3-&iPM)r4^p-hLhsb!4QigAkKz~dL&8rVigOiU17%20y#Q@kYky;p+TFT|
z@<oWVBQaBUE-qStO~&Zl=|B{Ets~e~`Y1tKo4CwwULmA>V|#_ca54^VuxF#bWDiL+
z!S%9VOiZjL`QS3MVz-Tv(b22R@?=&Ckc$IE0fElk&YcrO#0ANX)trus<whWIhn4c=
zv(ZW@lF|`UWoKivA2-%=AtA=dtp|{A61W>bOdq12%}7TW3r~yf%8UVefmSgA&nOP(
z3eLl;h$`!Y%IDQcv>J2)vaX*jHim3e(yT&dAR;P{xeJq1Q{lzM2)veW!m_*iV(ai>
zy57&c2x|)qZQz0HkqV5~FcGXTvM5DG4bJn^ZvifJ^5&;6k7a3GmHP*MlO*VyCSySD
zt}Q#woBz0dvQ?#No{#OsM$wZ0Vh?jBlvR8>xX*d1hr-2lUbM7Cm=&Ek2pNoV*n>Cq
z2sRj_Vc50VK;u^$E2m!k8LReXU5`YVS6H#2(ORl%7d!JMGgp)Q;O_sh9{^HAMr6vE
z$|Ix^+@84d_nEo>R!z?OL(Q)FNIWyBq%c72QtXj{!;AU&$r*yM1_I&BW-m!wT1wm9
zss{f93bkv&D`lLY%<`Y=q^|tLExg<@)gblf`{a^Ymt+zSs*ad)&&u=TXcmwzam=@U
z#rK|P;P)(n`PkxYNDR$7#hv>8Y^wZR#jk?TM5m;|i(bSJ?5`~jd$UfvH~*p|GlZU{
z&Ivqho-y6`v<^LxVb2-=fANl7cP1++iT4AI^Rd*KUBBzU7|Q?REIImj1c1~X_qvCK
zbRnG4GW(NgD-9;Tv!6H4`$@fW@qOC4XY4!A8<z+Rw=R6>`ubUW{TjdD^uJVN%Nw(%
z7cN=iz=|3GwnwIO5m=bA88ajYrx=khIf%WOO-R$)=H_s$uyo7^D8OZfgtTMQ^q^i~
zW@L|`sW2M{A}t0$rU|f|VUuauu^eqwe~Dnd(Vq&2pTtpm06He;K2*@DU^^oVa33vL
zwCFF2Q2F8P5R_sKPyiDS1joQ1<Nym&l{>X0AN%wsb;pjwJqj;yi<(V&f!qX3p^W=g
zxdZ%FEpm?0`fo};_|BTn;cwPsur;xP$!@@jM~<Qcxy-e;fSd5+lELHy<wcFjV~<c+
zee_bjV2QNH9~9_mN*__u;x6Nl+kN^HX!d`x=uW6nE@{8_h!LjxN;1Ni`mn<fP`UgM
zLJhfEwUM2*bK#g!hi-TStDeSD0lN5VVhRVYBVu|DA=t|=C`d-T(uCUGzdPk?mg9p^
z6YpbA$j{4vB_r8w{EC`#158)P(Kun#n$V)jBnBsYto~1VikS)G-5PaDwjBGQ@%=hz
z8&&WG?f(8-7d%xeknzJHY0b(QZ^~6w0nDXv%aa)bjK|X*H<X4k?f7a4Zw9lbz22K`
z@xHxY)rd|_>8Q6Ajv7yrV~?%1&KkIIazLexRn_)8%W;63F;0*1NkN7WvnkDciwP^u
zmaR^?51BTS9m&jNaGCp|Hw@@RWbHh11uNse+=k@G?DHr$B_i&?^@qNBe!j3Ta|YfM
z8dg4-;VzSGU*v2xW_UwH^JgxK&v;~;A|Z3}P2vx2Hf)NN<5{vqpricUpjo6MU>B6X
zm55Bnl^%#exFl@dY`~xi6cI)PEyh7E(1bq<go-l(9EJG#b|``v&s^01-(t>N-_a*S
zz1d#;1JEuA?(Wfg>dGbz4AdfG))a)24Kz~??iX<3`f_}GUj$yP(}>zB+)f~MI7^-b
zFNZ_%8N4B9n{43qA|H<!5Fh};r|dT@FFOz^)5axAMHK1{K${>G6a)&n7VkXu)~201
z4eh5<wk6{6XqT*dMjam)_L;KQ<e>6dzjyCiTqw`c+Y%RE`irU`yI_GKaZ{u$9(wl*
z$RkgUX00h%aNf&Y{#iE$9FZQnB*)0eWDIM^U?RJgx%r#*6%*l>oe%|>z(z&9TewF^
z5))3gBQK3xC!-Iudli%_tA(|u8w9va*6mz+Rr=zA<0`M{27}SJg0pFrV>?==Hx&9d
z7b)3gck*F@uxs);;bwG~VC$^zOh(TG(N=05tF>rQBSc6Ifz~!1B8~nd&VH$JU3j?P
z+;IC~-jrXl_eN_PTek4TI|G+uRQ?4>P|F?x+Zi&*`wtEF<u`az9twDCt*lk5s)klp
zx&S<q&<!0q@E+-$xau-228%Im1Cpc$IO~#|bx&gmG&x{^b@>;dy&*db%YME>0*;(i
zoL@`B{#K|`RRxH-F+h1gj_on#@G&=c_heKYnLXk8G@~gEZED7Z#3V-HIidSnjva*q
zWMz}AWrp|fj~+PX4rktr)Ze^(3}Ht+<uvA(c{BH+5RS~UX81_D<&BuKXiz-20P)GT
zH=dwbZuO^$Hy-ykF65?st&95xG0Vac#4a8JTo=%3J0StQ8LX{5EG3a&OX6Q+NTLqI
zCkqhR==3wU(imF)n%w$00Rxs+pGKt;&9JIG<!1pL5z-u^*72wKXj?=@iIOJ+H}Kc)
zZWW-M#<hSQR`oZfEQDa_FcxMnw3I9DQ0Wnjm4Wsa&#n>D8^fF?Jc33DKGV^91CUok
zk@km3Wx*Cjh*ZNShCCN?52F!r3p`seg?IYfbM;`7+Ii~pz7_1sAI}Yx8iUJj!}Wr^
z`EW=XOwG-kQEkWk*kn%=sJtN~E}jT4%1yMPsK^@8?gU7jhM=Sc3=FZ<0e%PEvqsjj
z!4E}Vh5(fz#I35Pw=j=h{iXS51<L9-4;=UTrk64C;H`!;d$TM}Jfn_jYuOo`U2ocd
ze2>)v9d^xjYVbQ_ao@b_GCp<Dmr`irZS`Zi!Dk2BFv;C%+8l0>_i_uYeu(0UBtgl=
z{PCb()kAgRf(7nnv9rk}YO-aqm1U!DBPkuG)wq}0*FjI9J0QH<!KoK^+tJ2tz%caP
zN*g!MA+tOI08ruq7z0fs&=j#s#kv0v)zi`X57pBJ|A?{~xKASKz(C`;_X?PdjQQy{
zm~%p0D(KX&1Ds&=EPGHMQOaOH@8IA9BBFZGT~PNdm)ZgIEd11F??u$XrGtki>c*JZ
z*drMn#(JZ&BF-jJGAkYSxdV~?ks~w}R+<v$*bC0ea7<!bh<b7>aMo;<t7!XiL7zg$
zFAjL&fpmAKt#`PyunX5&rQdT4x8<R)&-aIn>%u1|vad2X_gEX;e=GBUTVg|SB_~|}
zZ;xu^?o<Cy!{~~=|0nGz^ecJ2s70~c9DFSCiH75xvmPGv_`eXgb*-vDcs-GN1XPpw
zXfR*okBPkj^9p7c$M~4k8RsKf8)m65AS#fsO3=@6cJdDy<a7Ohh{*XPP!>a@n*<jY
z6Y7f77~D#xhk=kjl2LQ0JE@D=EbH4V)H%sAU0desdme|~YaDjD44*Me+L1Xr1G{|M
zzjxed_wY&mHEnUbZaCQ9yYH~CQ5XF!E4HsY6Z=`?=+Ss}QzD}lY66r^rg}iNUp_su
z(BW0gMVv)l$X+*id0}$Ip3ICz3L))wUCse)OiF3YY>9b;_=tRAH`5rTN`zn*xEWzQ
zAw&9Wa2dE=7%3O_L3aVbxn$@9<ek7bmC^aPiaBq=H8<~bmDGLB2rdXEJ!U6TKarpR
z76&Bi%J{=;Aw42fKi2Gl%Yg6}^cZ%^SEE7UjEPw?Ge;vOjEM(EaMdaiFcF}{)qoM~
zj50-4La6{;60?a*Z0DduAa;j-*m4*|?}F`?1MMrKMheGi2*CtDA-N|CT0cLi%X!K_
ze)#ZbU^Wx;oz7CO4A(PQp-OC57Z(X}k8|hdQn0YGB@>`)hRBSNNqf}qu(6ZMm|Y7I
zZEcIk*o!1)2nylR^P>1A-<4H*a3i;FSm$cdMBa7kw&WYpBYHjq?H<0z)>1VK-mPqq
zQDRL_I%!Ae>)|(5Wos=EnED9N2!#+)15+xhs?;`iLIBi=b_)=s?t#(q@fDm<SUYQ}
zu#<U1t|jh-t7<>4*%_seA`3>C=HLiO04|ib{(*tV`kGQMY11c-uVM9*36#uVG_J&3
zCrBB{^2Bq(i9hS$)O`ayx2Mv0`G8L-$%8lnw<O=_ge@^j#(D_?-zgQ~h_>Np+BD*k
z9)`YdF7Uug@(pkt7C5&qz;P%(E@;a>bbk6^NGNe!`MG<y&$Xszq9m8`U}ycBuI=#M
zQd~41nlqXvl3rSdl_?FM>A((@XG>2`7>Np$Cs#)+^=K7ZHwSFf`EFgux-BQQd_h2U
zfCA-P97vXG9`4lCR5zeBlD^k^=_fAQt&R=r5f2<sfCzizN*Ej{Ly&37-gcXJ^K4-0
zb}-;?F?R+<GpV_7wc-T37=-nSLDu+=>tUfq{emKjm|Q4`mKq@bHD72P#QRd_pL{&@
z5ApKk&Hj}Xzz`Vh7>e0E?tM*a$JT9|(yARFq+c`qoAw`E6$LblKcGR}L{5rU&Hkcf
zj0U7G0McdwRh^54@*Jv&qp%~LVV68JD^p?%lU`UmE1#a+b=j>sQPgOhtiFUP>u_&0
zUykpKq!6}@Q+yuDI9JPg?OPGdeEZ*w)0aw3?KeX7l<Mdr=8;2(Dq6~}1zFCq`(nS&
zHE1$q4vxnlrQy?{)*YKu7yGT;B#kqmouOq9{XJb!assR@2q#5!l8ulbWBA2Bd*AvO
zFZgsFWltm530}x$s7b2uAI+dZc56_3c=#bEM&Hz{h2RR-az6murBDws;V2twGj}z5
zIc*+>3|69e06`&S4{`p@0$vGRT0+e!<eJ@5c>}E3Hk<{Um|_&bdx`P!`x>e~d{|Sl
zurr5A>p2}?&uoz6>^ynG`I>M^W%;$C@zI4$)?}+CRU*t8iu)7n(fo{3Ux>J{mPFc)
zOO8H>@TuyGe#>ln=$$cvdqhjhvYBOON^R~IA#^|3;+-6#=uP2~MJh+jxkmijjj&|_
zGG2`GBg3E=R0o9uGCsXF!l_Q}Q4WDpK{paqoai!uH&aebz;hRfAyMd@Nf<w&xlqqj
z{7@UN0PISFjj<!Pz9WDb?AB2&TE)v!PAE`pwjFx61k08TRs$Bnu$vX2EaLV3;=c~J
zsEJKtVqM6r2RIuDC<F7Mq`elJAU=}P>u!{Qf`-sX;O5{Px=!*7zycUCtc^`xwzqKq
zp>bLS6~z+|ZEh$!Y5pY_Wiln1-FcH^YQ){<&ULx<xTGWz7Ziay%eb5ig%Xw>Khi4U
zh$7wxlKYJ<ZHs(Jg!e{8Jg7dNF`OcW0VjIVoL2vqVFONvD;ofK7FxHm74Hv4GT&yI
z?s)nTu#iadgAR>4ZoyMq>ObVu266EPz?66vEU+yzSWKBUcab0X2>j0bRNt2QC_qqc
zG$ObvL;AS5OzGg@;Fq4B0FX5{WEz2xO6O#B<R6#%xy{@NkB(j!;f*NWgqlr%7%w|;
za*6Rz6`$(BqTw2OrR1*1a##>^&<XCq75D~M;L30pbME~&^ef3DES=8r;<v+B%;*PS
z*BcCI<uNzPm5oW2ix2COMZwj&pqRWJC5rgNeNhn+M=>Sdv7;cPPU=btnL7i%e&@*!
zL!EE1lfxncfN#M=o&HMz#YiMTlj&eH8aEg*Dqg+P?#a%AjTfUIuMACrbg#jd7)Cdi
zX%W|O1+xxtC!Rvu=@)@7oxW3xL3$FgP~DmR1oHmJ)seE=Vov1`nT@&5+yjM>Px9g7
z#BKO+YXj7S$h0ORA}7fm&?TYkF!GXKPJuK<B>E+?L^hk27X^q(loaS4=DtL^H)oCw
z$buO8vy3<6T9f5Zo;-Ov{Xm=ph8Y6o!-iJpZ-v#`k?GKoGNnwMJ9FfJdp<&}9Wyo`
z4?*U>mbrJPcF)AY5Gt;M|G2p%Ns*O4e+xI0CzA~o{Wb&-gISylFp)4lr{)x+czugV
z<e&qCs&Y79fuIn7_}#mADHI6gY+XtP$fTq>bm`IDk;Mab8gs=Hy=nTW(yxbb9~NN5
z$3?)OB=f@ScW{gk0P9OtzVIvu6-@-M#f<woh#g1Ymx#wrvC86}IC-+r>SFU1rEZn?
z%y1!Lq(+NRo(=is&7PiF<{OnN-&W6hLoX>P7oTYKV4JQG&*>bqq-(8pO&>Q^bH7cO
zNRsk(T5VloP(000Tqk;tQ?+vxqty>s<%vs5Rzd?pJZTgeF}0r2e6&kdXr+g7z&*n_
zLcEbGbPPktds$G!`(K2MV=E)lZgPe7IZxPdVR*FcKIs8Gg)oI=v^iv3=`Y}67{+o*
zg4zv~KPe5-ZyY}5kjFdpYzy>-^FTX9*6&9LGGFG^OwPmRZ$Ez`D{*zLTaViw{Cyxm
z_-D{dp(X)m{TxO-q!lDaQ32%NcTpn}45aTy79at;&%I09fwraCgnOWGQyVGOQHk3^
ziJ<%hmDy#Y99yTjd3HYzY~s;H)kUsO%&0r_c*bX(&@bxh2y1a4Gu#Q^j_e+gkV~_z
zC!GwpOu2+(mS#|t^<<Hq4x0-d-BTEQewB_cK}NMclzmWqlUX{-_lPmE6|oIZzjCh(
z>BT#9HrRtJZm*)kF;4Vph!2RTaXFNN_w~31;1G!chl6u^sJC$g!gR^mb;&a2tK={g
zpMA>vIx|00C_+33RreeAO!PICN7`JqM&^VNw;)8gjVU$vCDUd<oteH^09RZzuDJL2
zZD#%W@dM%ML;^?DAi!iUO~-kBdJ5KVD{N_{ptqn+dy4fpgjnVZn6@EWAs%5ug5rjQ
zBX1l1Q78Co2xZ7LOrf2Qeh^t5Ljg?wmGbdhCthtl7|ZT7HkzbGAQ8|H%tMp5GDoZy
zd<!m8^uOeMM=^C7oSru{nxyg#|MzM??o{3aA}zEAb0Hdls-w^)N24Isw>0@@WJboY
z{wkee%hld&$tBiQZfL(5b+s)g!nr&GH{!AM$-|3I4(w_hFP1YQ4M6pFs>_31v7J>i
zC%a$r^}vyOUjLA@k5r5G<md(?wp}w~O=NweBrq!b9+Y#K<ClDBGy2NwfU+}2&c8rw
z?xI)(rI2=yapm*pmpQ+<9KFnY;7v(0TsQ{Ah!Ob_9mM{e`c1--0HVU7Tp+zVnw!FJ
z3Xn7F(ocwb4V&I29W`_XSkL;PIuJX~-^f)ue;yVi5gOX|7NvK|wPh=&t{#}$lpS&4
zT{(ljA%$)-MFeE{SkCrPQ4`mZgtyx~N^7=xG)gi@bQET1Tl|$1`07yACV=hJ)YWxh
z&{KSD-7)}c0L;an`}*sb9&{dGdwUPyxvsQ>1wd#Z*CbVt#Y(%yV1|~lWj3~t)o%I^
zqNT$Zub60O^Y7nZkE|agAsab8j<~zxWVcqko|)0#K&+0azW)dA&|F(D)S1k8M>wUL
z_vN(y3T_nZ>z1$rc=$3I1DD}lZUAzs3r!tlRH^_GN$yUh;tJ|*({f***ga=b*K1)a
zF!awiG3#J*l3hOWbFcWd(Vw%J9;Q)qEORa`4qBQU?<wNvxpLXQ?3n5^T^rZ+tqyV0
z4ypFk%F6q6L(Ob)USrD!xnaYx*;#T$jyKxTekK|v`L(16nW-i(cyuZ3qt7R5#MOcP
z9S<ZI^!`4ht9x$Z_U-S#KUBZ7`F2}LbkCl5{nP8ErF98xZ>FoKw-RzJWgZb6*Hw6e
zYUon@A>Sm3CO}-gycLDj;=g~n0_;=;@$}Ix$0Sb~5f2@uw_5DBUq$;D{Q2|Ig!Tb7
zP&<`(_ncY75H4mf9F9MUn4Kdo7MkOm{Jq(kTgpF7s3+-zCALBdxZv{B^|x-_N;b}M
zu(!VoVX=rmA7<0ttUic?%>?dvqjhKZ(hdpH+`3g>59iLUr=RD15Ui&Mq)(O8HG7N?
zQ=Q)k_jF}`c_pDY7+0RLhZ_B|Gi)&OtqV1UM(^o29vs&C+q<=fGpIj0^-`QxwO3B$
z!o&}LNZ|P$9=!W0FA%H-Q+*H$A*HGp_jonO>nB8x-{<ZQ9dGu`qb++^GdygU=et^<
zo_=*OO}ka~u1-LsW2H5hWqfCT@w${o$D2`6bCVjG%Qsw5+T2QgA9(jEr(3a2ue*w)
zV<%iw6JEtSX`)CIE23`?;nOWMzXA6S`Rbj2h&o4BHU?JZ+Eg5;yLaB%z30lf9zIM<
z!O-;JyXpy_GDm+t+t6o^^REWQGCV(NtK%<KTkKk2-WABX=chjT+MN6W`C`1YC<xkd
zn@?tTBJWy*4{!JKIZov)d9uTsU#?yU3Y-?Ny5(bvUWR5jI?9Db7CfB4S8GzC-#&?d
zSb4n_&(4RVe_JM|N;-3WGeTWF71pB*;&0rM0MTMTlHaa!*n@xD@ywBz`TIu9;{A?X
zT6X*{&v=%c>(i+2kB@hWBEsuOwt3LXnXJ#B(_*<wmuGZ(c`CLlUcHw};}!BhCiA4F
z!G@1~Q~kYe%=)nXxh{>To%!5f$3C}ZsN45RSxg<@bB*hC@y*otasN4d4iy%r^e=Lj
zIaXGW&aig={p)?;jhE58+~HCD^A&Qhe~(mb0A=u#hf43f>;#v#HI(&|4!yCD69xsX
z$3A_&tYp2a;dqh)E5}2vb6mRj&d*En{QVQcKD~U;l(=i2=-#W0&);5JaBSX(nKP5!
z<I1U4tZ%DJ-F~gJ)xGPd@%WtFRKw&{()Zt;-H{i5^A#WG9lLnZIrw+wD7Q1m^3iVB
zb$<)*j+YnHIA2w{zQ1Bdsew_z3^lc0W(}3`>B#%6RV5giJ{QsPJ=Yfaa|c};<Xojw
z9zQBh7>$(`G%>go9im=ocl`NiSh=%Hfmwld{_I(~)-~}XZewptS`%2CV6(xO*WHp}
z0qK2}bpnpjElbRvJRU1N@_lZc#*SV^#rWod&;5*mBbgV2kIc#zXeg1F+y8xGceTi-
zE%WEioOx7EsBxRDktT9H(;5m-T>TLvxLn%&%8_ufcPBcr7Az)z?6A|&c&?VK(aSLE
z-{CrYQsKGOdP>-1kLR8fk~h>ex&!$)eD3<0Q~E_^P(ae}SN#6nvL^&}#r~>ztS4Mx
zUT{Fub^MLO5GMF!h^U<UOL0vApv90Q5-H`oJ)~z^`K&mu9-@4%{@&Ke=%j(_ka08h
zfBjNr>0XMeNi%lJPZ|ZNRoLdmv&!ZaYccdKm&6ODmu4x&+<JZI^e!1*%ArRmRweST
zt1RxEo=X{e7PD<PyFYX5y*;zKZ|~so9F)EDc&#P^heEC|qErNQvX|)3TT;>bes$`|
zh*((pj!T>Ls-L`!9;R<Oocv2X|ACRK@K~EU^Yp}t2pV@UCI0BJtv^(v!os@J{hY4g
z^wLu^Japq`Qa(sXMijL=7J3dp=RMsYU9S4>`FxAfH0`G^dwLq?&FxAXXpfT?CTp3W
ze=qGWttaE#7p{fH=fu{;{1=x-nkznzR(zbfZ}(Q}@t&&Srtb``==jFI&+FDK`rVeD
z(AanM)$7QnU*EpIJz;(3=?u!xdkXVHf){>xU*NQTQX%QQ=kB_7R;Nxyv^6i2r_luK
z??smF`1ZA;wPv2YwKb(8<dwGP@4m}coAeT!QLgNgJ7U(p_pjMzmuEE2<JEL^^(;=D
z+2Htj-O?_Lr~f)<ic|V^7tYw%ofu|WV=MRE;^easR~^3AvkSj9wlCMD%Tm8fXs6Og
zGjleEYvkT+Iq|*1DE!Ks@@-3byK{H@t_gf!6hN~THCwdy+KVR_!gkrr%t=er8d$ez
zNwprA?Wz)>`OluL7c}xPbKL0{oEaA^z)K5vu`Kj!`22ISgnM9@`+%6w-=9(z`q%nj
zKm^pM)=a+E)*;9DM>KO!ioW`0Su#DnM{?1#6Y8xSLbvUln2tNWYu8F8Hp|q~?)=?H
zG~vV&A?eU3tQPO@OBmeW)Xb69CFcS%vKFQ0Z|{5DZ~pKUxTihc)nCe;oQCwYXAgbW
z=YP=1L!U8gd3VdaIs1i|SGuQC!`%NYK(C_o3yPI9BfO2T^gmXA?6D+9$6-0m`09vo
z|2pl8p)Z~`KTHHm&Z<lyS^HSCm<fY%wAh2U3L(w6x6KklM)W|#jB>%f9S#?`#@1Cb
z)z>d3xEQ-1&{anW&eqQ2=FKDRLW_p32km=+&=LyVf}dCM&se$Zp?q6Zp-ZOmbG$8^
z%p(csqos$gUstW6vTL2!+T?wH)7Q)cRdw&>OUW8kO1$Go`GUAzyq|nn6_1T&3gW23
zY6EQt`?AG!p2?_(UeS18H00g4k-22e=DpGzUOAAxt(%d-1I5+4!S~OpNNU;TT6A?s
z*Bw{BVwdQTZd>E}-Xt$0Yqs%$+Q)7Yf%P=~71Fs+t_aMs<ZsB`6YDYNcO-3wqyx`k
z*;gK!`d)9l47av7H8nVV(-tf_S2Z|m-YH*}`<B6)RXg~~eD}^3Seew1H0~EK{Eiz&
zv`(m5dtbb{YR6HG`n2!#3FK<uX>%O;eeH&NOPNp8h?auKOv;jnCxaO;qt{-0Aop8K
z^VD{c8Ed1ZRB~zD)p(7W8oQjomj7P&tUXs_;P<EJ*{<bPwM<V+MM}WJgwfv`U*E*}
zsb9X8ZGQSR$J<Fk%YI{r@AS6Vvp;y6;}jlEj<;{NDALxHVIrVBTfj!bSa~I%--UpH
z&673MyV5Jk?~UDBzEhbe?|YcWf-Y^bHNQTthPvy8Yx=AL);zkDLxme}Q<CUeeq0fn
za<0{pD<t}1B;V=IQT?h|AH*|;xWWr(<(-zqGR2f~7m@GRIQr__FrUqK5mtkU>d%i7
zj}y}8YFE$Wnle7O%vmTZdRz^;`}Z_Lm1AD(_|CNWXZ2Nl8@}oK@#AXIC8DBfch@LB
zN>Eu({wC4OVbqfcZ^u70@Xt*tYbhk+sZPoP@)Z(VVtj8Y`KkEYYp?Syu?jLmGR3}X
z9H0~*cS!c$_!ba8XghL8C!D)!28-s-+9|Xc|ATXDwd9fuLR#K{s)DXvyQG^2uQ2V&
z;KRI#+%lqP2F?`~wYr4X96p{kZcRRpv-}UMKQn<rl+zs~$8V8xeXHGzn{!{5i$GN{
zQ%GSnTrfl()4=xj1hu$G4rBcE21&_9=*Kb3)8L<Po<LeI0EmHfx-dQnq>F70B4M-c
z{pM(qUutn$Td;t`gH>eS6)=T+=M;6n)1fSb9$=RVr=<Wj+I;*z8gRp*Clr#udmO&W
zIrwx#2rk*>zL|Uv)fWF2uSQ#-oLld_hAS*$%o3m`9!YW!aQ^j@lG<j(r6Go#5(w>{
z9o<UCw4*-F?{Gy%5|PWG0DB5z{L`mT=*JI7QYjHpQHjuxobvF{z_&uOlXS|-Po<_M
zKE*{fDv<RL!$jU4X>4^7<3Hyv5<FV?Bz9U@7CtzVa)ifZU_{j%zVq6F2<<>rV)9Ql
z%nm2IULw;E*f7SY@GW2NPn3I<Qvg~WcMA2rxf$yvDDR&Bk-4_e{-ppA?uw&ZE6`LU
z%D}(TF`@~LbSP0`qLaY%+^4_+Pmg}nY3*}^W|kM)T#GVqQ`Q^1?IP>fQvgbyeG(yq
zgjtM_gW#$f0AoU<;~HPZN~@`KeN)q`$d4c+T0y{gA`t5I@1K@iES<bF`lxOZ9kBK+
z2WEX4=pEeuE>9M!<<J0;3c{he|HO%`{+M-}Jf;tcmm9FRw3f#XXS;ic4+y_0pvMl2
z?DB;Z=nAaRV?RHxhLE1b%ktw_1^9re!kO1FJ`Q#7!Hn_5DtPd&f#-hK+G;d@1K#5M
z7|Vr`Zp(n8#_TyG_R8VGYcJ^e8V1H6A(jVf{F7(8WTLs~+K0%~ht`@2K@UmU+j0`(
zcs}K$;6BbBdj;zpG%)1Z0QeW#v!}RiJff}~p&DR~ZJ=dD6v%@+o!wu%^x)h8D9hpe
zF7JkVjJzbEDam7iAw`jP3(Dj<p3?oZ14lkQ_TZ%u`8AKoDIhx(KfamDJdnhwoIRll
zDcvx{4xjOa$;3BgU2MZpu*|c>>w@L?8DgHTf{Wxl7@JexHzNm&m`OHlP+|QIz;5ep
zZ9%ycF{1&qNNf|2NJFNv3^epY$~;(rj89fMJ}oA&(og*A42A7{E@<&;G7SluCGxVi
zj0?+t?Klo;AK(iJ-sK$X?}f;^w7oqc(_TIh{G>b3U^22_FM|^oqL)G2-R$dJ9oWQ#
zOGX@a_h9e~M*;hSRG`8%Mj-9L0YCC~(ygx6kZ>r$MRQ5ULFTXSt}c@NoYDg<1V%q`
zsrtKn4li1@{p;{Y(^b3vzDvAAKjbGyLPJ7U056J)!dlr3fKe6cX{}zstXBY6lAA&p
z(K0d$wqQECd|C~*Ese7r@|TDnS_U*_CA$4Cyg0e3=uF{arjA%R9$OcD6$V~vY5@(7
zJK>=`z#~$Lm=iU;#gkn=1TImN(h<*KFqTp(L9p2UPO1hvrwY+}N)Nz!vdA@G0<&8o
zAE%3BDnrxw+Arvu9-y@iEKsz0HhUOKa|O#AHIQp);lX!&8Eh#CwU~s^t_oymGWm_a
zba!u%dKn@k%htGRF@^6kKTdZOm|~HX(6tIjpaIe{JEEZE!U7d&Y*aPA`9ck^Y>%<L
z61GMYGb&h*XOg2YJovqr>FGXA`derb(cgl1;KwUX<x>s<LzM?fiPIgHqVJz$Kg0e^
z8lvmO#k6B6K-L4LeF@r%K!*KL7DGo$#!$DE+-v$8<u>U7T8agx?zoAh0Jv(kv)7?W
zi&DDa<<$k?WJwQ^DSl20Rl0=Z7b-BL@8-{~rXlOvDilJ5*JF->IKlk+V8nsj>)SVS
z=q>qfYE4F0iKtvTuxyLi#*L<Xky?(}g=nRRF70F#+L2|_;wdlBcZck{2|Esmo-Z8s
z6hay^pL;AV<*)|ezzF~XZgpW$Hn7O3OM40*a2^8KdfT$^j9J1XiaFzA<NC$JDXH9a
zn_Qn9t0&hmXbSYDdDZXT$7|Ar3fEFwBCK;bEiL6chG&ehlaxC2oV+)OSi@{V@w3W(
z$a+<~>nd5S38t0>kD#Q-Ks=faz%@AuCC-rr!Bw_}A08angUa?O*&ou<>QHVpH8-D}
z*s!ZO!GaT7v)(^lR(g-LbX&Wl^F)Fi?TJ+=(wi~!x8>Wm<tZ%vWn3V^$r=jIoC{-x
zw-)yqm$OI~s2>CcJR(D_#@6p58tt~f^Y$&c5!uv3(%m2xA--K)aSh-|5NX$tu${z)
z5@o-x?h+-$D+d;x+$_shdChby;%+XiPYTuQbC-Xdr&JQRq5JUS;_g6;$<}rBb;irc
zvAUeT^f>vo(^r)j>MJObUpMI9@=WVti6dF4QlDpYy3C#<u(x044CwGe(;8eB<#-Nc
zH4*tfNSDVdPha%#l9bA(@A%-3g=RR3cSi*7m<$XE5CLBUmWv3i@V+;sWMl|m7!LIJ
z$G!6z`|jMag&27UpwOPCij#E4ea`TtXNhjw8D?%8eDqi{m3Xft+U`z%3*x@B#`XaF
z2b~PG=tx}7a%)_!h?6Fvi4cu+Soj+>K~3h5pDQW(O1zU5U*zK~L5BeZT#}6u6{G>K
zwY-w<nomrFW?IYrb|oz3E4pbUgCxT0z3N>(FYk_|qUni#Jso!Ds!q4BtiTO}#=x49
zo@&<oBZRlG+xVbmsPLbf;LT0nafp?>5g|~Cv&O}8+xG2CA=1^bx8Dc{P#(;bnPWIC
zk3!tEdGqE9+(bi2h&BDFo1?mgMgjJ%?BF2g=H^DmW|F8da4?L~Q*vA(BtTX{8?+5#
z?7o>74cITLa$B8=c93KWLMBiJM-mypivP%<V*(@QrC<>uOgi#MzTlQ%La&uQ(FuDx
z$+kh&g3;0iw<kN{mO)`hcy8e5$*eXHu<#_55?XG`y6O1L!E6}->dy&fhb#y(-CYo=
zlPDz&(<G{PA;%jobdp;Mz0VcKTe^Vk;0EI|lC4{NYvXRWuROrFui&E{gOAmq<ir0w
zV@MAKcQ`CU@QBU!+oTqOd7#$eLh-QEPNCC?=7Gm^UBzYL*HEEUqYztrEl<w5F4x`L
zfI*Y(HosxPJ(bMHnR^A|+4k7LC&LNnro}S`hA)%F`eKW0xH*QlYU9p(A2&@-BwM6E
z5KA7)19Or!=qy@-u##Y~4OncvWHD_+v{vRpfdJ2~`X8Y>aQ;|sz<~^yOa~AZ6I1UU
z_k!eRJzinT7|M(p72nEZ=W`>(nhw{MJBYp!Lh-c}6&H~xGx{~Q_=ea1^{t*RgYb?3
ztK5|^|18DPn|JLC-k>eWKa8HWEX4$F680!}`d?_~0!pE-VoY3|6gYf;^`wlm&kQb*
z6Cde|YNt-!$5a5~`V`1EE4<Z&<e*K!HpQ?8{qX}p^a{YAbSN%It_%{PMkuRVPb)BT
zmYrUZkmK_svfgp$HC$T@Nif@1K~+SmK05RLMnulevX(L7J(`1u4GcsP%PUU!RY*W9
zv0hG!bwvzxBE}%|thWGy<!|W!WF{E;rmzk(Xes2B;2UA9oSYg*UP0{62XYhDfghN!
z>*|&wlM+ZSQe4)f^8L%759!SMSt!4qsb}~8bJ4U$s`H3wi!JLwgkwa+a@g)CGOTx>
z|1?SyKt7l-A&B9gIh5vJh?2JvXg`wh-e$0G7P6d$olVyK*=S=~r|0-VMca+Mt7^c{
zLVpE)-%B%q)9(tF3-KeKEh&uaHLV`rPxfWKxbf$wnfqv%g|^Ftul@ojSrSDmF_2&d
zHWFjglE8HRFHF)9B_7A;D{H>dYbu94|94~fh?(uTl}?82RU-X~sPk?v@0-90#o)8c
RK2h*>P)%1gNBQWb{{_V`YY_kd

diff --git a/docs/multitenant/ords-based/images/makesecrets_1_1.png b/docs/multitenant/ords-based/images/makesecrets_1_1.png
deleted file mode 100644
index f0f6f21569bfa17aab7bd37827d97aa041bb06ac..0000000000000000000000000000000000000000
GIT binary patch
literal 0
HcmV?d00001

literal 117953
zcmd432Rzk%*gt-xLI^1&5tY&~G9!)^C8c2{Ga<^(9*68CNs^2cl9iRc_uggiP4*tg
zanA2Lsr$a4`@Wz5^Zfq5*Kc^8SG^8re7~P@UGMAteqSG-+qYyX4=^4;AP|(-uSwrU
zAokKC5X3~J`{6f*D6ACxx7Skgx*{q3IFdf{hUZ70T~&Q{&s6`JjgEyL!obATSnr~x
zu7#eSiREL{XA8u|VhF?u#C2&2Mcc61ew5<d&O$ES25&>jM`BX7WbAGGLq;+Z(>yM6
ziZ4rC_2l^iPMSylFf5ccI&f|zE^?r)&p|g&*^i&jlIoF0FD80_8}s~CizNZRJJU+8
zFMNo<(Y{?El{j#UQHmkRb!X?~I7gtXU4+hlAB=O-_;f@1Wcr2yYW=lRmj8Buz|*c1
z1NJi)UvEz|qy1M`pFQo#F#K|lmF?#bBmWyT8lB^`y{<YbA-(%UMM~yEEji?LopDCp
z+gs-9S8CnxJv8vsDs^=<{#Ayv%cm7Z(_b%MHRd1FmweOc`G}QzI~K`d{gH|YH(V{;
z;3P<0b$ozX;kEa*q%%k?b*<!y`=r;@=2T;)2yb0&VO(!=pUx3#YeFNRejFy##-NV-
zZ<a^eVq>^B85~<3zVAHnAwG17`hk*1rKqTCSF3B>AXdgC6laR}M16^45Ljn9e{M|c
z)PDTZC5Ex)YmAh1xV4mPv(sO<^~xQVADtq1&B1Tr$DWM($($l58eDKzQJQBgWd82^
zB6X_c;swkIdBY|ePs^yKrL?u}?p41fwlf~=os>}aDdvWf-}&ZYkwJ+zQ<SgA+?*|@
zo{Po?cjdX3t%QlnJ@oK&N;tO!&hf4m%Y;_(D?^8kvL{$ur5#jp#<QBNN33HX&W<a5
z8f*5Y8!kiQMpa{fj_qp8u~w~qkL1O&4GYQ0V}i^(S(>ZQoL+U{*Y@?`Rglk!Q24MZ
z5^0u}&gf*V;sq3og0k{RRjJ$Nqk1~qtu5A7S)>I=_N&qARxD=5x)bAoix4j<u*=#0
z5j$0ELq$t>p`?*YEOq+}KI}5Lv}|<mQ)@$Ygty};rQ>Aoq?uj&Inq$dJH=a+MH{|a
zLtNe63EMf?5#OB7R@a3K8ZQ>`+r^_6GW&&{@eWF9cf6>|pY#c-Yvvxxnm5^7Q7wh{
z^P@IcyK@hZVZkD@pBQn^I}Dc7Zm&yxGn$(aRLA23LVcfz*z7?tqjszw7Zfh})b2&3
z?#v->^Ka1-77$Hqm!%=Ej{071yAVM(+~vcXV)h7^sRcKa0zn+>N$SC!NwJTE`&WBU
ztaYEjY_noq6TL94$_agVBzD$dGb)c!<?Gk6C+K2)(GA+^ompN-yC2_D=K|kxR!#;5
zQ5P0&HhqgZ7)pjl3wxxZc2ux>qcXu&K?McW7%u$tL=o$ubo>emf#`Hz=at_c=UQUP
z&4qU*U~+ZShJ05h%~#y0KDN#*bv;Rm?~!lW#IT*cd^D4cY;&Y+AEG3fo=e!V>Aq82
z8@_36W^=mkh@;i`0g6Gqm?VB&YmxrQ&V$g<@y@JJ!N}H`Ik8v))UQ3}FioZ1hDdkj
zr}0m6mLIr=KyZZ%J}VmixU%NaBukRiL9VHJh)?rSK>>m*sm|@_X)@Ztz*h5-3ewM!
z12z#(bZ8ajkrgD)yapxHqNeCxo2Vic-AP3wdS%C^n0(HiEJt*TeyA6P<1L`r|8jd^
zL+0&_!I2}d0;B}ZqecuW3mvAi)o3<Xzn^5RZ^vxAd+6L%W5g^B9PhRr9J0pkZsli#
zaRc(NPl<oKTpS>=O1`?WF*;D_+*a7(JAH8{uDi`YYqV}>hF#tz7|k;8jEV1g>v{NH
zklx0^657b<O|N6|w#Lg)0m|%z1hbjh`%@>`n4DX)1^6Skqx~1r-@a=wb~=1Jg%Dqu
zMAvuj*QCnGou1diA3!XUk=?<5nVOLr#jM%RwyP{DTJnCTKf?NW>7iFMr3y>t8d~GN
z&#6#Ka<vD;NP~kP@V%&e?ZvUnXMT=uRN7?7Xj4q_j=v1CUogFW4`!+Iw0K;8`e1a?
zmgzbPzH#f50lJc&p7Y~EVhRGG6^8V`ej|7U!-X>JlznoC=5qn|l1XPrUXbsp>n4>_
zIo2P?{iM8F?kjs<zwz$GSq`%FTM-p&PTMURPWjlQu>42sP`KvJ<!`6maZ|EWbJLRB
zt<lzV^Q$TBf6RA+Anjhn^-*l_D6U9sb**Qy6WOCaaBZs4irlHcf02yb^5SCXj?iUV
z?Qh>=NUvQh84<BTAl@jGw{}jZhO}&L503gcZF4t0eg@mOW#7Kq&J0&qgo}fQ24|y=
zOY>MQ!X;nOB<@vOf1bzs;LgFh;_c(YH*V0ZEZ|>F;4xaQ8`)BHUWxua7+8@@dK$-Z
zUv-ElLK<NQsfnE|yN{2kLwo=HsfxIPZ;*&SuFpGcigKNgS=;08o`Tce>+gMd53IUZ
zJ<*6liv4@p*+(qwg*h8Oc#x;-4=*F}ynE;`xO5B-&ZqBe%nw6|BHivpDfJg;<{r)B
zDssWkb}#ee&!DBXYy|DawjN1eR*=6TmEC>8R57Q{C{28M`MG|d&^T4T8j97-X+cwZ
zzK1`muZ@8dg>JdM>F#;(SoOMWe)!KzltEkXVAiI^x~ZOp<$B;VYRL1<M~eqEHa*22
zu=F&q4*B}aylcqp)RgMWwdBV6<6VzIge$1>m!0x=-n%m0j#B7qrgBc#@2>1OG~C(_
zC!#$goPlcZ^7g^6Do}6CN3Njorrt$j2=V4K=#R}tl@)D@eP0s3`fg>!k*+W@Do%1@
zFlM9K#g#~GF#dT&q6#Ypv)I)X{&;)NbS`3yTOCKdN<-5!we~*a8An-1Qu+8xiuTJD
z;iA3@gLWiZ&Z{&TIGioE7;ocvU&U)c!bXNd1&tH2QEW%0u1CxA%ry!wg&Ux+8r%<g
zh>xgYLFgB5F!QNhY`Q8-)lJpQGH1P;tDSlVcjj$ux975tAkSi4t2)1I;s*>XD?HR3
zC*zkG@S<9_KTdrtrYh_3ElRO(waP+O)DphYmxE(-pc(b5g$n6DSI^aIwfw2yV9%jL
z+_A|`^J=i~9`9tMh!J~ZV^3}#^EwlOzD!F9sY&Su<9>UGW++`AC@I0M#h2?#Hlwg4
zCQ3@IX02@PTd1#2A`o#JE^vCDy1qH%L;JWVPe}<EjtZS@uo=8MsG>Doe<OHtiJYsZ
z_*0_!%BrFC)BXdHi0L7r^a(pLqTkC~qmL$w_3Ni6V5mAe`~8l|z8Ye&o_)RYtfTnM
zA6xtk5w#>~0dne=8^i&A%gJ-h;%9##xX>wD8yiGBHYf0bBy3S>LxNA}CfeE~@5Z{N
zb|VnAoXq-iKSNs+rJers)NTSk(XrNx`L5kc-j!F3`);~V@R0Xo`9@qZp5A=28RbNB
zNRWDW%{9KZVW*}MmA5tciF^VK;+;Pb|4d=<58^S&L9MaDzF*G+7(Z+bIGBF1Jh2<^
zqe#3z$HrFch99Naf9=iQ>u*}Rx~9^cHP%+pc&6IgT3rEL^sBWq{09yk;I^4p-`a_~
z>YM7YG0)SmyC>V;G|N9WHVzWpgT-P~wM+MeU9tNX)0CH=ual|PFBg}UMfWDuOQI?4
zGHrZ(yvf>9>aw&`Q0lKRP9-=e$W^dCpHF)5U{!74nI-H>b97D)16RRfnd+Fp!{#e1
z6cKh4A!)Zp11d4QX<4+7DPn?}hQ>7(?aXLew8h?$^uP<fGizY+KuZgzqs#U6YwEpw
z_iAq~kLQ?=dQO*yRSNR+OT0N%QCUgk;utKgruJca$)5$uSxspb>SSSY31Fv7r7wN?
z;2;Y*-Gx+NJY2?718=i<O6N&2F=qC_+IfMer#I&NrIeNFp1Zl}a5GS|u=wZY2?tNB
zXlVFVR7h`PFl>B$hkLV()1PP++VfjjSfuLJ)9u~ApY6m6#MP@;nd4LL;^g|0iVwwX
z(w@0>0zP-Y8<B*BglfL^MHnt3#2JN%3R;CLuDO<zY?m$_S}0gKC@Ccs@aE0)fdS1*
zOniJZc57uR5RKiNZqQuiPDcCs-8;{wrdvu|lxA7Dc^o$Pf!1lcm4)f)vNxx1eC(W|
zId;tVNoVrq)z<cQ4|n&yQ)~98&YbD>YhGjNU;CMnEIhu;N_~!rDSaw1n%*o%jF|1o
zB-hi^6SAIVFfuZtrlxjjXpnDryX@=#@})cV9)5m)1cG(1J9S)K-0dS&h#x<G0QmM3
z9AFUevKe%uFUGW|v~+iqnVOoyC*3fqudkPKa1a61?60C}x6i}FBVlqsVKm~te5r`P
z7kgVv%fF!D%Iex$d{c3HIxPnW$NS5c>_$(X+)-0|A!0Kx^zxp%It2?03m-rK@VA&7
z+>CyI3?yUINPb>ks^NEb^#WU(prD|*loVNK=c2xWZ{MEV4A_y}i@jAjQ0TBU?8Ool
z8A&wRj3)V5AZ9deIaWi%B<9Ev9v;rkK+#oTmp+Ys+cDUWM)LP*uo$c~H#T0Cl_g0?
zOw_p);)&flclK<FC*`r*4<7jD+bpn&h&-@zR{xnlqqZL}jZ{jKvZ|@6?M0Z+_g&^0
zD)S)U<C5dJ^)<EoX_+>+cS6Fs+@1BgUdcD7T01(}wbIp+;O`dWFBs&F9dF+BL!2nO
zZd^buS+G=fjE#e%Hq!sor&CL#EO=FC{CcmcuieT-t(}8|gD>1p?HpI(>YMkx2Ct-$
z<+b(oggqsd6<>>*Yzk*%XRrFf5E2r?CM;|(y+h99=oGYUQ+aJV#WQiqi;9Krd#nPz
zB<USxW%j73D0gbfr-MZr*dY=mgsXtCunVu4E=MIe%dOc>$H!LmWIh?+fB~Zy4!@<E
zq+E%0H!H#=JK|;Q`q#__P>Jp5o(YG;B6!`alBA}$u@dzD{aNK?b&lecgoHzkelmS|
zR!^k2%y)bUQ9{OFhLmSkrhLc^bAgT=)_NMmi7jPo6bePks-32KSny(%uye^<j(cOB
z&d$y`b}Q^IDfo_Mm^<$mFW&STG`x?@(?ZnL)Re&9;C5JlIyOE&y!zui=eQOuAXwRz
z=KFE+W!e#O{^?jzy&Q}K8*bDeDPv@G?)mfQC$1k-PSG^BIhL!LLW0=b-0UjMQcFsh
zj{Pj=kHqC*F=^GzQl_R{Y7ZVLjZZ$^5nbESN_)63L+v6w-d%h!(K0`ep%BEsdq=mr
zzTUIr2#Z6cf(jQBD&{1N+1@ta!B{E%zSnt{Minh5{-?UI>=7qUosur<=;=8($c9|3
z4zk==C9D~ph7Ug8BycY*lkzkt=fTFt#u`{|@ai{j-k43bu=-C>A#gZcc~<WC;t$yV
zak(80Kh%8gB=ymwK2=pRq^xGEQ+ELGo?pM5LuIgb?;cBN<HVx<M|{A9;QRbRG*rj1
zo6DaH=;Cnzw&s)l)3=CSl(#o{wXB50rLaSk4X!z*ojJI9{DvE0c4}z(R8lmLXQf3&
z?P+aoeJ^BA$PC)t47Zh(#xr1GOsAd+d&x@Y9ir;Oqb*cMWR0fV;uqJ~tH$et$DgPq
ztDEPdKYl#%<$n5p*;h=Zc~&#GH8l^4YvAtOxg+GT{-wUSBz}&Cp{Pi13)P#Mon8Jg
z?F16ZQd(MyaPjoq-@art6RU_W9Yn*E$C+yGUS5fH&D|J>>1`G|y8Y3uq|vS3i;HI2
z7{)rY74#*&1J8tye}Lj;J@TM7lX@Twimja;Py~|Z>d8n#nrq#OIVz-X?o#=%)QiR0
z`{IMFk8yFNDTV8dh?4qxa`r&7P(f1}Lqm>a&B7PU%NCzvV|#7lTD3dA+!rz%LiF_X
zjP<^5uTlsXKBAUHcji`@xPpSe<F~w?&4A^lB?*0f_T`lo^Q~n)$aRMxT5_)4QC0PR
z^X3qrpkQ=z@<D^9umIB;<v=`UZAK?e^>ui-AKV%tNIl3lQR2_aUsI~X_nLhBbe)uf
zqJo6Q5rN<iZCt*`*>?LLl7H>8-SVkd%%U&qgSm98UmaJ?wK(nQ<n(iC%5HBjaFjP{
zL0&p}lGtH=*0oVz>fSwCIXO9|k@~v2+Yl_%yI*3lj&M)q&CLpb8Iqj|4|**}n$c?i
zYM83U?Lj<qv)J~RzV+{D++imtr<&SY2?GN{T39S2=Ms9Bhr&A-tbV)ERg6N?acREX
z7({7VVIl26`ZpPym>8*~*OE3eO2AeS#n{3W6=TP_mbYDdqaUcLDehdH<#JvkC#(r`
zb8|vW??~40ot`$T%pn@B@++T7DSo9OwzU_wyDe^O65_04Czp^A18TFJMf+07;#i=<
z!!ma=)pUKo>81XpU#U|BHY8zW{Ei8Z1gU72Lc~ZlAFX0F9cOuUcc-n*pg+&bcBN5J
zM<6ud{d;dM+;VWj$~`qyCK9D<n6pJ(5+Ula`0WOl&hl8TEq1ATX~dUnq#1=v*T6!+
zOEYL@c3f?hRn0MDC6G``qZYgIYo3ct3q6bMuyZ_bJXmxb4fSMoGv!CG?~soJA|hVh
z3>EORI;Z=51(h+WKmc+6bY3E~%z6+%s~bZFc}xecsOMW#dL2A2siQNj8hdrOhFwi6
zYjl?=!c3nBmWzzecVA>=WY<?c@^_pX!X1Xc@S0QNBKk6*9l}q*4Zb>-UtAa)M#Ka_
z-|ycevBOl=!d|9H&!6vU2p3UtE`Hp~HVXlif_M3gX_JCaskY0h>#t9d`T6-pzYh^k
zp7?p8($W!;xsF@Qs*^)+dV18Zz2O_#?CMfwLOL_W#Kd^NdbO^tzfr9^G1%Wvnb<z9
z%rc+MviqHWqBo6==Ts-fcke}-iaMW{cD_H~>&ur5dr3&jwYdoh$I8me!r@<0nTA(;
zd;2wcdH0kQE<ibH#=Qdh>+OjuC(oQAd64x~LR<U9o;`bRD=L2KLcsz*bzM?joe5Es
z-5VPdWA}wYLqkLL>m#yNd(nrwy5@5|nXJgb*RK(Un*L*BkG!_dn=7OL4P^C4bPn}}
zH!3t@gh%Hw9DXVKPJ|HX?frPQ+nD|Ekt2~`zaEOc6)x%IB)Yu3+|t>3CVS!EAW?4N
zzoHciwZEg47dx^tGLodOA3iW5T&VX*k}4`H=I{--wA_Blf@FrRAf>AMUgLp@38%2I
z@NEqZ%D`IpvNB1pO_<21U8zKwnVC5b8=PO$)0O;_6w%4aoP@<f&!s7?r+0dKW+niQ
zP7y`{?7OF?b$UJ-{cY2z!)y1R=Bap2aB(So`uzDtWY<#x0IkwWN<ofue_|1L>W90)
zLBD2`=uhOpDh;rNAuK%>GJoXvAJSK^dN>-lCn!Ax6u-O;U^mTTTyDz=KCI<2-w43(
zgsR*3(4_}i#4dbRKqq5Xn$9*V81E!0Cn8QHtLHxKEY6>aJ^aU5PvKJYd08QT!FQL>
zcBcmf2YUfFsW*l#(BI#$nyT&U=$ltujC7|?RlR_4!C>r9ojP@PUX!A4TI~G?ob0_D
zH^}WB9B7UlIjwbU+NJy`uYOHRtOEKK4(F_1?5t6g^|0~)WD<B>c#ze=sT?oHg2M9L
zy?2l1@L?!%Qtj7_{C9XsVzzQ0;9Fm*<csYtVm=Jtz`($AXikn0MDmk@g7kB9bJyhL
z$|9w_X7>O*7=O@4g3H0!ilI<=o!%?0#SoB^uxhd2FK19WA9AHG8}2D`+SV2bg#eTW
z;WN0(`Cl@3zVN=-w-b{lJF+609KUH8rw;~br;d5a+qbD94Y{3^eWeY->?{`-2?8#z
zM4S6#LV{6O6CgLU_1XJd!B17<ey||+3m~5ggx2c{@#@tbhBOVAUEk>`Jd_d{DdF7T
z)kVt1#RYG#=`1TN)8=E;;bWv>W;UUp`632)27_DE+$?KmmRhblfA<6W{95OaX9xYg
zpV{oZ9cfRd`nA!;Zi<V$U_Ym(QlCD3`mu?LjE2T>SO_NvmFLID_rY?75Eq@1aTq|v
zRXe-O-@bnz-&~vNBxHFJkz<sUlsUFbY*{A#3Fm0|cZf^c;_pSa8v$QPwz|6dF+01H
zSPuc)_|m0IsStl*odVL2{Pd|}*b*}9Sx!#R?x!-&&SLPf!;_P-Mid5XA$*31_7D><
zm6EU^5Doh2*tfphJjl$o&c}T3`Jd1oWD;`8$`a@+u=^gfIozSZp*e@y4V0};P_=Qf
zd^B4elAxibJqcO$D%^cdUELw&L?x5#?x!Q|Dq2T|hlk6mt7YXw1#SXF?w_ajB&X-}
z_8_M}P^ihpt`KoSo;^^*L0|uK7nGN;Nrd8lXpyq6&-b5~l$6}-qC@qP$>-Ipg8}c}
zv9sR_J3BHuT3OFkJZpx~y>;uAx4%EVn3x#b>C;y;va|E~Jkv1{5WLSs*h&KKAz*zU
zjeKjL)YQ~%0l1}<<YYRT=sVZmoC0*H{))u}W+v!2)37bold9upJCl@MWv}oP%E7*8
zran~UEI;^Hfy8fFb~hk+d*fb(lKl$UV~75dKXO8T$8pYK{pYm%_U(HwVv~$@ZjHLy
zRp_u0=V!pp05BS&u&(ZCoL_W@;AF~}MDs6RuFY;pfEH>t*6ZKAM|B|{V>iv;zIz9C
zNRL}c{OASz{JaT-l57l1{gxdY%BC}T_j+W|6LZ;v%ri{CE^mq`%5I@>V@&YhD(&3D
zloTov>sj$@*GM5Vq&jX{^yQeBCzk`LIK|Fh*4ar<$e&rpp&HxM?TG<_fo=f&PH=Nm
z6A=-eJ$LTzY;k-%*_%_W0J;%ly+6Kx`*ub7CB)MU_rLD7FJw+jOUtpI>v@g7e(joz
zW{RwZ#n*DI*QgIRsH0j#Zbc;>*OZfABsZFPAGyn%SfGJ8k#)YOsOVl-Cl@Acbzp66
ztp*BSEiH6k(UVTjw?RR}U1_>;@$nMk;)qMUyyNRot$+ITNqeFpBrYlGDj?ALzT8pn
z$L8idj*gBkZEfy1f;mec^PO8~IeL_gbuX0Q2!tdlDeLV!cZR>YOG!!bIAd*J9uqvM
zqoZSOoSU0FH8mw}WyLSgPJ4iy{P+m@fdi>J<@?(@Iz}KD*EBUL^CzEKR#9V#+2XkK
zq4*o-yt$22P?bu$^X@7bBl4x^q9cY>M?i86FB<h}_q$0bDk;@=nhX|QJazq$v9U3f
zx7PE091kBp^nA(kIwXW6Dmq%Wt(aP}t*wm|ajTkv?9XyAB}pw)t|5e1)*1cJitxso
zklfaTBxNFT^<0a}$i{9=&J9DHQKvx;wqHXl#+H9ZcK5O(bZij1GBW#{!bQBg(+y5?
zaZy2df7kn$>XGi*@9GhOfN{Te?b_|W5{8^0CvN^7|IfRn8r!*Zazz4dM4r6*4X?En
z&|=4Tc6M@{ck&#KD_<OGG0KF8YSz;bS<7cxVh{l#P4V_D8Fl*auE#!u>=0^tdasEI
zeSo`Bg@wnjU%xK&Z0fa!_>(7zj^vmU78RD_$%O^v)6g>*8!zR=AgviFmDWoY7^x+N
z)O)i{SsL_t;jz9jxX{|y_QgN{?Zm=7=B0JP-CqRQn3$KW)c$?@bQ(YK3t5bj61Xg=
zND#0c_fqU9PDn`boV#%D+yR5;h#*w0wZ{h>QAuy_F@$z{w>ooq2*<t8;<4W&b93(#
z?$a59?eff@^-vMrU+X6?+Zb$NVId@RPp66zvzbxOn63P;Vp8L9MdvCLHU3!E{rUh?
zS)rt8>Faw599P(7OPM0$zW=0hs$ZJvO!2CGC}C|az{tpGwls3}X+JQlY(^Lo7od0~
z6Wd2Bd}ybB{E#p;P00uT2xzEBj~;0^M~DJL^4Q2o^7?h3^2xe?sa^={<q02S!v}tH
zl7md*4;~yd87Sb$zWjj2hNDqy4nq+PQ<iu*#d>FV#%hQooH2%52oE<Bsu%CyGYrqn
zoCmt@s<QICRJA0Fd|2KoMVJIqDk?${ehAv~!|nAsYcFo~95aav>N&UJ(s=BaA3-@X
z+r!JtTUq6I%<D>t#7(>;X`0P~Ce5KkYzW&`@v{GJe82MQE)H;R*<-!~*WXCrz5B*d
z!_cWOh7XlF!>f*)Pfoe}=Snzw*U_;c$85Na!PM{<uy1vfv|O8RPiu1h6(N~V973?l
zm}#@^=4Kkv55R@~4&7rEg0#P0S97{g{ujZ^7Hq~_O8NJQ&Y-_)wx#bB#PBEUEA%47
z+Hh3$w-+FO)aW-!`+~%TH<Cc)p7IkC6A+-Q_GgiW*acxg^nG`<L_ALS{^0KrZ?>_$
zTi&dmwS}zk>v|qP1$f<;Z$owe{(Yc&JxjI49UZSsPfw4n7Zr)kcBK)sva*6>p=5cy
z9tt|j{DX;!iBQ6k0>9(#>G=?7RqMG#l@ys<w+?1K?S5WTA`T2MRQ1==@Si`kUwh*Y
zm<{pT)Ij0JjTKcMf_VUq9Xs=0)Ioq<{=G{^2H!Jl>$<tWR}K7LVtILaum3C@FhVPF
zom%llMiUD!^H=UMYBlb1B;HdxAGe07P-lxd&YhD4<b5k#*aL7W@KBK{DGDZonNR3p
z0h`Ts@jy^K0gNx8X$uD^r|;gq%WXL!4-q*EFp|xDpE*MY5Zti*VC9#^+z19(c4YgX
z?5dez8Kg4?r1KTR8ca>)_F4x_IJ7uiJ~cb*UaDO((HJ_O)z_!~?Af!Ad3lULY5==>
za0w>5D^-UWva$Kbyv8E~gT$seow(w=PT_YFQodn>azv0ZOYM%x-HBm70BP@`xTa>r
zwVOAONTvP3SZ?*q^=5mVx*nC3bd!{|0s`?>dHIIdOT>`Iu0DIV>W!h7^oE*-sN@I3
z$+fn73O<=nI_nmi(MT>J24S<68D$;_zjfx^xpQOdN{Pxomn|o17HDZ{E9-*Jk8da`
zDM<ol0CY$^BmPb@TweQxL8jV1g!y>g5&tH@Y<~`XWPDOmkRTlZL^I%58zMxH+1c3%
zIbkyT^wU&Z`uqL%k<-;=yKHZ7OOX=!R_;L%Xkban=Og>8N|MIh;(y?s3AO%sr@!br
z1C$M|Jv}e}%nv3k(=Mg|RROX7^Ah_TO*2N@oqrGA{+?3Pk&zKXkc5a0DDDIY2U#(=
zI@0tT8Mk<ol9D(Fi*Pr8a(Q-9C>wybUY(MpTOWXnd-DVG#Ad0&9tQ7Yj=(86+3u`$
z5;^XiEiY9?jbrjc2On3WmTS)--mdH_$My_DR~lK*o+W+K@uf82q-?55zwq1OU}D4{
zR2~0QgI|1GKi8m9JQN27g@r_2_-_l>gSoWcX$kW2i6^$RUAe+^@3Xw?tyn2b%k)06
zHX?`r@1(IQn~9TKvpS6ozcsn&ea&VP3c2;|UH8o@cWSTv*$Wq>uU{tvLhg==iWjdz
zQ%$z9gPmRJqf0s~6OCstUaW+w{*I>RD{%8%b_Q{jP<Avm$w)~Nb7~fNCq2kckdwZN
zM{rwBD?-5*CS<-xR8(|oZq6!uzxAz%D?ZV({v!|;07;Pm!%PMd;olO7l;i#TM_>5*
z5~v^aPwUX;)>b^@_OHbi+xnRMNyh~yAu|LZ8eo_|%TE0DPEub}-4?Q4{OIlDLsL{#
z#3m%9`bbZY0Bo{*p9(BZC#Jjr3UYXK^yKH8q3l_vgC;hl<xmn-0Nd}OnL;0UMu84w
zqGVBC-g{30m(~z7wXJfwQ-e}=1VY=Ml2j79R~7dZL{AHt^qq}xT)s~DEZh$??mBiY
z1r^jQA}mbMrGR~nBGd?6#n`XqL@zI2zRV^jrU{(2_uIFJTL%V`?Xj|jFd<5zT2@w>
zpoV~|5b*ZxSlSjx<@xblPG>dsHB5bFf4)t%EpoJ12Z!Cdrl3#_7hWZNWEZ<enO<xJ
zy+@?uH?`DCEKN&I&HdNsPXs~<jFKO6=ZC^CPZdzB*%A7HS#`sI>x-h|ryO_qywaNf
zEI=3)to8pa7oyMPTh{`|W(m@hfA^-pa0j~WEC?z?BGGgg)!gAK{dHu1!oE-M3PM_d
zEH~W?Q>Rn<e4mir@~0c&RyH=}Mwxj*w~dVfkXj`AhwvJ(@$<JQi7_ij#HAeS*sVgQ
zhCc(tNf4ocScZ3=ia_D)4%5?*deCb!`1Z-nh8RSY@-|=L?J&IZRdu)Qj`9jEM_NKC
zEcvd0^b;I(q@4jlycrBPxk>+4ZAh(YH;sgT_yDC4?0kfH(G9kX7jLd@LP884^~`G&
zyL|cRF@dKgBbC0x3k&`bn7S%aKyTVkgcuO?I2IPFz}mek2jdEC7MQ<&{YuTmMB!HI
zvbky7*5010Sp45CWtOjjvZFF$vJ-T+5)J!hX=w>`EYbr9%7Dde1*#75^Zso|$bbr@
z4+sdboea03W@LN;YX}sKa~%pdo&G&VCe)d_q_5e4^3#t=7`}l2dwKLh%27py{?MUA
za5tbCJrxw|L_O>LIRQ0CZZ*qayK%#<`)L(W8T%1k|CSRING$38S=&UOV@5!M&+1-s
z%(Q^#>A{7fZBFO4M6F05*?^IOPYUjP2Q1P0x^);5#hg;Gd;rQFrDjURix)3$-@oqz
z(pY3s5i=x)shOF3;i!L4ys>{zyrOrtVjv|xK=FrF+E`iXeE)otKvtYPfBp{WO2DG$
z7RJQvBM7mdZ-u{rLU^Q{3Mmbd3j|FnaXT<qP1XdQ6ms0;78Vf!el68*MZbNEBdIta
zi89Jb7n9qXgu)>@niw!3cZj?c&hg0M!`kJZlu-Q<_GdtNc#<&kw`g(NojNKe<|=|3
zcrjXHPW7A<2yf5;$U__1DfYX?B_zD*HT|O~Tjqz@gz!GElI&gDR@K?o=It6La|j}i
zX~B{wa8?#mCpkE-V>hdj?*@x^)_Wfg6xdn7SPqN;0b{X!gRAfqRH36S&1SpB-}Gx^
zqvgR|%UFnj=E5?-ZUFnsd<QQ{p#@{4!Se=_IBbL+F88Vg-OYnq5{g@&xVW>d?$l7`
z&?7fXsX$SLE$#~_B`yJd*D1n&nj_76PHk&vYh}{oRxB-0EIdfou$1ESgZKao8>g^w
z(@ZtOAC4S3vYZJRp?k;iG&}o?pz|tq3yBE{?lRFd*(UvrcYbTFt<iSiCh_XmV{p8U
zhJwS!Mv(4;>WRU+`Go~4*1Z?#d`DhYs#a6Izohp9+tb`kC1^UZcX4e{Z2*8L<VK6_
zmq&ROH^>o3j~*4WnP<{(j_?EVIZVu{Ck8tMRO;*3ABCDqkV*^<v}@+?ieo8MPzn_&
zzzzV8t^zT4>UtS43v(tXJ7?Aq2oR<7JK?63KzNv3s%8n+Lauk|LgKm#)nNiQEU7rQ
z2!CGri;HrihjL=&SG{_sp8oqR23y$~83f*Ie)2pJB*T_&s0m<Ae{+{gzwdTic4fd}
zfwH%2VBjEvl#DDOB{M6lF1v;bYd)^-n)a&m@ho1?i~3<#v+$E+azKtl1`Y@f^@Tlh
z>h$U1mPje)MivBiXUEIfG8V<Zm0ur($!Em(SvIqRxd3DU5bmd1qo)=YRAw#BSegiO
zs6c4r@R~UOWTPp!O)(NmBiPKqzg6LOwvYGpYp|SFn;UF)YzLNb&P|Y;q>9<mZ)O39
z+C@ZHB))(D&ihpN>eYR)<ax|T2tj?9xU4huf|b{@%PyW~PQ@d~lPmn&U?mRE&H2F^
zukQq&c*FuputTKlQ-T!z+-jyHvY>#;B@Y|@lk@DR+1WE`0)Y>o^~BVaP;de(2*n){
z0su_HXnTi3yqH@t5}rU+4;7wD5ITKrqiq9u;Q|G$BzOR?XR@|-vuXJ+8sZbF<0V2l
z>@XaQ%gd6|((WT&zm@&^VT6ot<#Q^q0}}*^J9lU_9p?BEF2TX{K(`2(4!r#K?XG&E
z{gLtUamcUP3%8?7LGLmfDj~|q%&g63P4q(xTb%>R>Q<PLYeWR|)+ejXrIX{Mqi*1-
z7@M3N1yn-_)KEC6Pe=cgU+qX@$NwvlYV_1*Ch;vkyZ_VmKxzgCZz{1(1Oiy+@mTe^
z$j{DTa9AF@&LnDo7=T~ZtK%Z6K-YsmC4r!-`mb*c(uR$vK>Q8}a20h}FVRnr1Y!)h
z-GffBsUsmq>Zc#w+9F^EFR)wxIUqN-8_BtfHrcBDS^V#Vvu>jpFB;*rem{3E7P-TL
z!C+nk=LQTHO#2WdU9+iYpg`OHhzU*wD*S?G0mA}VVW&6AXxX)a-~-jW(wD2qyRA)e
z%ZFHQ2_^`&Rj)O+L7XiMJ0uSCpi2uoLQhx@kZTDw)EA9>ItZjM%!vslQKuH_INEWU
z3~Wb>VAm;sbSXYr%gl@$x9Ei|d30&G_6)j$AXWkxZy(Kn@GH>U0K_DW%rQZeit{N2
z&w)VECWtTtbx5Wdg2e{Z>&1ys)3T=mCwX{i2%4tSWNZe`2!*S9aTf=QYbk_Icd#mr
z!j`Wl+yD~4)okrVxH!UJWm%lu0T+%WWe?ot7uZdWQ@A%Epk9EqQZ4Ln8UvNpDBz8?
z&0L~YvkyoVf!j_q{Qf!ZmPZw0_Z`fq58AL_sU!GiK&mFhZr~;v4;~i=ZKy2mmhW!$
zHub<Gl+4X>tzD%n!;lupF@lf=rlSiQdC$Il-$i<C807#0DY8@zmfSBZzes^768DM3
zlp@BzQm?u8Ytw(#^BN(G3v^t*lKM~U*VOQGBjy|r0|f|*Z%##~rI{b*y;t3i{pt4b
zW<LBO?N*5rC|9pf8CEPog(>8W6_NwX=keonr47uKa%(L080%eF*Y1@+$o2D5qhw2o
zv;W|sb?Z%dhe5vta$XW<6}T`U(xJjQlfALFrUSA#ghT?Z`i@KM6-;KAmFj=fhxKCT
zuVye22LRo&<Rkwj)S11_V!*tHIp40*hz&QlaRwrI%Xyck5v7<Fp#3)>64+}q*W>Z^
z>m?=;YYMPV0l^^-iM4N_yW0n#SOa+CV2}tUQn-i>)BcMfcKG{KefaRf?8mp$41O||
zI8gan-NkR-q(q3560z=uYFhn++2hA&30sgLd|$ZGkbIK^{|_2qhyI^9Bikzy*EF3d
z9bW`&_Q*W;ZI#N(&hC1!SM??W>;$M<iK0?Joy@KD1Tc?dPqIx1f%NeKH3jlKxUmlN
z@bE}gQPngw90sSz$!X9%fTFG#3KOlpkAqYQ3KZm7R;>q_MnMFV5>||d=gt@P+`G<N
zN=m2s82xgrX5J+%v5XVO(byT@fuIKe$kG%R1gAeZ2|8;Vb|46cz#&T@Z~&i}VO9-u
z8y}{9%+Egt2EEs&L>n6$UetR)Fhme6WCRCLzpv|qT9SL;@sBOvq5h*l_<y3l$G3iJ
z#}z&j4sVKdS`0+EQy=UEo%LswD(UpU#Po7aB{?O3%TF152JN^<{POPt#I^i86L^#e
zVT$Rp#a^gCq(DSNz`X1Mdm!*6<<@jZj(C9MudY}+UlI!Cp}9Fq1Td$Z{*e{;aeo%`
zj>d7s>%hQ{b^e*n954Pg`yE{JH`)oBo{@8g%N(W&m?sb|bAK>g+Swtu|LJ4tT?hYj
z?V~c_n+TpfAmO4QErapT0{gG_mLPB7sI|c%1Zh~vd}Ob^y?sk>?~Dnh;{Qa_`E!jh
z`t48GZ!B{qCTZ#D@PuG!|HxTx$*7p+XUQl{MgG5;?WJ(g9=>+DzBoEs>QhXNj}Psc
z7f`M(E!T62FqOOy3_J;8$;02@|JwEIG@z*_R6DoLq$p}-ZYim#kVm(k1qlUI1Ljcl
zpG+?m`47`jGTr>}KYExbym)^zrQTt~`afN~!0_g}|Nm0!81%>P4~C%+xs@WWzkyPf
z@z^n09$qW;#@#~M`^u<muRK&BK<}M=<?rWLxinf$nA)kS$5i^(sF!*;P~m~XGg%v+
z$Ltc#tz8cP=gHjcT{0IK+SEt2hk*2{sHz%)3RlXRot2dcBs;JtAB0f$MT}t40zMg%
z1Ys*d(ecd2CSNqAG*=`P{b9|js(+0@<^EQIr_zD7`oBfv=Kr@iTjmGxVn9|C(mH`8
z1AVcrv-2bpsbz(edpi-EQ6$%=LEv$}{1WN=S^if@Tpl3<g*3G!$=L5cFJ2tj>Pb*a
ztN_txY{SRL=izu=(DF8TSR-2>R{&Y3=ok4}%<Z_CqpCbwOk-^_{LTk7bZ-0>^^!r|
zC9t=@$9hM{#z6AFQ1Yz)spJ(h<h1{rlIQhbD0v!R?mCI#Hg&=C!UkmNn^QU<pD=G5
z9F$wJ%*I6@PqF^1-v|8QAe|ir8TGNLsqEdmhX7zbq9;&LgHd9O)$P?QTie@Iy%RpT
zey}Wzcm4|Qq`!hYNqRTIY`3$$k<Yho*(~Z+Q*(_^Kmg1>Kv_l=7Z0{`2*vOrZDx=?
zOLD(^%BC!BKS=%0nLG$QE&@ukah|Y{Ki!W|xh!_Jw45k5dHU2HY7)RuV^2U922Kzj
zPyl87S}CKU8dSYN2gSxoA)zjv3m}^{2Vn>zCHOh>34yfpmsv;#{jaiL(*F(FubrW3
zn%D5#DKO8ExKTlO>ib6hEe`q(U1y`2lz$MpH<rqiAiDOf?K<P4wxz_xhlfhtzz;10
zRnLo|A?<*mpwnNJ6Z=fkyDI?po+~RaC&cXc0>&S@ik$NMSt;l_)v3YdaoE04Q$FI#
z{rB?h`Rh=nr4c|DmD%m@pmxvp=c~B8yOScynHer0I)3~(f%}sW6S`ATUF{pJ<=j1t
zs0s^X0+Npl#C&NvxfigiYz)D$5+4^wt#D<@ouE4cCr+DhJ$DFZYQq@rM@vKF;!Bz6
z*Qc&S)t<|Q?8E#?<VtUNt!6j6^9(fq0oy&wLw*}Lq?^omf9rzkWsQ4(;e89T|5OF^
z`MWu=t%~<A7{0CQ&P?cv%JRou6Qi{B^cAyEvi}Umx0$~~0RscW`e4U@9D5}Iq}Us~
zNjZ7}63p*QPSeW{F<TfA1v;G-44wdLfUb;7ObqPZ#$Zx)s}I7M5(G0~0jj~*IV=1n
zIa%i6LpCty&;Vs=+?&;%nW9<92vj)190|rB8t6)hiejt8{gsIg7rS_|QMYpH@68XC
zTOogRK8Q4+gd%FRb`@Cu8Ibs968VZgtexB)x{d$$Er5PA1V4(bp)+KGlniJm0ow#*
zfnT0XJ5Pq!!NF(1=T><eY+=9&M<pc46<Keu8?#=2^Z3aVT9C0VCvSoGiT4qf(AfbM
znP?QwgF5Q-XBmp7?t3tsz|w%pOtL7;sQny|K@-!K)5C{R;6aYT7Qu%-=3_LU>A2WF
zdX~W6?do-20tP?L1c@5x;bj}}myG=7iu%LJ{z12?nWU>;n3|ujdcKc*>_H2dGFaWg
ztWAU<Bso@A3G<DIL(1!=ZL7!+&{qNI(HEG;t)AN?3{CHOq?|>aFwY1Lp8!9XGmo5C
z23ZSC1`oTx>M=LA?s`h*lbat`|3^#1zcFOiM4-|wUz{RFsXJjKii`27#t~D4$JLUQ
zos+)*VCo@38j6z+n-K&$FlfUAywJt6miN;Cbc_5B>;c<^uB5|<-T9w%3;`*unr(8t
zuD+fK0RRdn0@z!|taP}IFi{6(-09vU;Eq6mwI1QpsBdXUVenZ#WKZ}lg4Kj@pPT%A
zd^IV@jvX5wANTO~Cf!m~Rb_Z7a}pj9x{iYdY-4@h^H%J!bsFFDq@S*mIt)e7-^>tB
z)}aJV_$&v9gry}fi0x(*4M(@K%)t`~@$KnA!BOz|=Gd>DgX;tvGiP;*RxvY_RNdX(
zj~_qQ+}1Vx?FA@-=BPBQ8D%9Og6R;r@B>N8zTmI@7#m9hmXi4n1cD$4{DV+JpFe+I
z3d~JlfdR)ne8)i~5=mG)|BT{&6HotUjOh8jFPr~2YjZBLRHtUArl<`K4IhG4g&?>U
zV3+F;l5kIqjd=swCrEXm<4Zd@<k!Q+|A&xW+xg2MmM>Pm>!kTD!%0W5?ilmxJk93)
zWrCP;9X9&|+XwLe2ZzQVfjsKC?NZSxKRsq?>1g(l$uer1R($h7c=c7KEIcuuf`Vcy
zmD2kF!#Va7Q8}#7dufM?-sby|$9J=t<Wx%KN=yET{`@XpZ~X52tww3Im%7~PeU%!w
z6%XH$rZ}u9pyN5S;brdpvZ3KJsdvwsbD`s9%Vf)@!tm{ehQ`YqIxl&Yqm5?k_U7(8
z!5bf6$Wz6j`;zd_tX+&Hcd1sA41z`&w-q~euz``dae&8FA%n87?B<gzZZCP*mAu?Y
zXvEzSY&ByROO(IfsBm>5h^$(~s>~-@W6dP)*}gvdPOl9*lAM>8?vjSDzV*cxzs;Fz
z3NQ0_IfKvi_1lNYL9GQXs?mSnPdT)-voRGB<be`(^u9$#mdbMJliZfsdu}3)H-SrP
z;F!C2cSuO@1@#m9V~M<|D!J40$M_}T0*{NH`=T}2NJ%8kZQ7&w%po^3b8$c`TB7rq
zU<(kT44o+{LCBB*n!LeWH|EQi)sXK#wV{)(3al6C)^#4~@84LPY31dj5?vUSO*AcX
z4anUZ1@Td=YPzR3Lew01zPzUWyTig&7>oHHUVdA*fN=y7Xuo#nGv`&ECecS&dzSmf
z?@BAC@hP%;2t&lp$W1Y><}jZp<n((G>d^Hd^Z9emC4++q@tq;pPmXp^yZ4ORubDYl
zkjAa7=#0-%rk}&MSiKjbnSavB#(#lg;~<kuSt(Igp}k?!N@p|j<XoUa#=D>+bY-gX
zdl9PE^AvhB9W@Ga-$FbG<}O|&Le!2{k4ijbn=ZthQ&&lPF3(vV6MxUcDk<+-Y4n5a
z+sb$M%$W4Q-mYdrd}`O)622G}b%Ix*D(JH1$0C$gmyIvrSOz}QNm>8>@$HM7^CAU#
z&*GIa565?J`z6o%a^g2_Nl}B3t=jj5sBB!)$|w-xdW`Se1h1wC2s{>6Cw?36dWruL
zBY)f%3dQ~E{py|#;hq~BZ{M*OC{Iq5)ih90HHQU+37)jHjN7xvtgMrM!~Zxj;>r~(
zx#jgsxl9*fkUEju6hG?Ui4Nda4aa7?qcb&s^ylwiv0BI;91^m-#Ca2)%*&bOwB&c}
zY>q9>K6)<6?yQSU?D8cs2h8({h|LyCh;AElFj6p_pkTiiU%YJ9W@q=hc3jOoB#npg
zvi3!@zMVll9I!xlLA?IRc{95S`P#qSVxSmNG|f<E4_%|%2XbOEg!a>i2WVI9xp@S=
ze9HD(<np}q)8oGMuC$AR`yDdW=V<(=y?R%#rfzi>M;JMfLyQ%8>Rp^=nxZUrsUt-;
z`r`@c&GSil>QdH9W9@|bINN$MX`FKZ!HPm+60?PkK^;MD@yu^=HD3(x)g&b?eJn#X
zxCNfk`Jxy#keG6y-YCKG=T?M&G}Ygb&_22(uK#dTa{sxL1k(P~CyH45ppnhlOQ)L7
zN=-DkH^rX)_W1SkeEwrxtL!4EvfG%o+lA{N#^xG7@DU*n59aMdJO+0lDw7ds#DAeD
z>qv)X*rlsanuv<q6q9xi$9!hP&)(-_5|B3#e%PChG(*74^7I~+e6=+A<b+M5<~8j(
zyrz~Vt*Oqm{EEpnBt5-@YG;}|Go2Xmb|C-Eh4Uy4=D@pRzat1&@rRIk_4N&uj12cB
z0T~_rqw{E@xD1(f&hEL!(17E##QDxUAD1`0I_LXy(u|JWooo&+@LxVpWMbUq(pT=)
z%ELLobggbMB5Y--_B@G8HLB2bdBDNeY(zTdeb+kunVV(hyaq#y9S_bn)=G5vBM<Q8
zyAqq@yLcWSfWvY&Xb))%Y9ma(sIuldDzPTso_|3R<o_$ab=4~@Ywsa?ee?&;{C={0
zwCiU@Kat`@^p?2fWh+hQug;r9_mNna*>I88iD0eQS++cU9-aoS7mDm?5!w?|-p}72
ze*4J4EpGWcN5#Yygv%^`8<~@==3#GQqBKx+_97*f0=g>3@O#T?4zdk@7WxV9)MMNT
z<)R|nq#TBlQ9I^q(eVML?%(olh!E`Of>Py8bcqpXYinE8I&W|N3ZyR!u?f#Y-2&8`
zwaW&JbN$Av5Vg0>wtleC+z)*5?K>;4faje;`=}YQD-Lw0ySr1538nV@co+0`X#Mj|
zv#={$KWrr3kDXVEs(f=AfzXXPBp_-(giX~Eni%)c)zlP1Ito3_vvR{OoRLtJy`#q1
zwy{wD)yY98M9=GB%h+V}V%?D>tIE1qGcyQ85~gZQleWfHM|Z<PrUJ(Jpk9fV*Gfxj
zERXzjduQHiahOb!M8~jXAM!!q{WkXOR2Prn;Et~&p@MhpH#milUw;1Jn846*clzrG
zYGtR{_P_|q{GdhM@AQzn;So#!R@C0TK*~#dd~(BP5l{8%eOHgNT=9w1G2d_|Nm~A#
z^qh)noK_Bq8qAVx2DTa1qCF&DBQGz0`gF}eCi$mU1mZx7y6fjS(yT&<(O2$1CmTcg
z-TLYdSUh=B^U_aeczoa5&h}Zk8^nfuIXgQWkJpF2&KB4o`PBMxtIVSYi*vYbI9@Nm
z8bpOCz-?<W)Q)?b_J0^<LQR<Ou4mP`K<7}Yqp!clk#-6`D#^-cqQp)|;}R#h1p<il
z7+>cd{_y<n7!yZgBetxrlRjJl-J$jlHe=1^^!YJn;k}c&mO29&9Bo@$H6qVQRVEq&
z3Km{wK9OLg3^Qnytk<i*?Knfn>E$^xoNHMoyk72Eiu0)@p}it{zW=~&+pSB>BO}`1
z(_=d<oO<aE9x2xOvm;ruvrVq1FPe>=IdgKMhDPTEk?oZqk6?Gs?x%Ro_rArV@&F&h
z6;<28tp!=Fh^_5-YL$s*ue7^l&Bnba0&C3-st<l@3Qx4u!qip&&idnLh{dJdca9|U
zEvh62OpTrtE{$l|%dLFHS>rQN-3!*f<q`&6tJ1Q1a=61PB3jzlYLp1l79Kp=?#h_`
z@gt1awaw@mc10lrX;v~+rFbB2g#~~9{2r=P+*Q+x+l3CT9IV4jN3L9PfscaNrkd1h
zr?*G<Wug3L-QL~7HhMP}dzt%pAbCl2Bw1ejcPL~Ce4g^>Gu5C1MK?0gG%G-Cm+tg^
z@j_Buyo9%=)%R+=q9l8u1bZOs>C-XE>E#i;pi@i%m#AUjwi^Z3nOZKtZz)Ehp7v%@
z0wZ+$T+nU&j&0_di&{lY;lfr4?G%j589yBC?W1fK2CUxUR?a~WD|E73h5Mm001Jy(
z1x8M<{)k1Feg94itdkVb){CGKMt}Jt?;RWz#0sYaoC`W2ARzFbM|VFT<IR{ILgWSu
z<m=i;gcg){;JzRM_k?>=(nZB{M?5KxK5uAfFt{tQd+VBf78>MmXu&J6h8-d!Bb#c8
zBpzF?OElzT`~v0ijdvH~*W{<~hOcgKEck<9-+3SNGA&_yty7B!dV`=tb{OPl5Y1eD
ze8|B3Lxmvpl@{SJPo!mKr8t9i$7%x1%*;wabje&#huUxI!<mVljX^?9Znn9oQ}gJO
z{0BZVkQ*ex2+GUBvOC3GZ{$?i!Og$VBA2PDsR?ZO;=!C6&rEWlu!mZaf<;VSl@984
zsC<TZpqF}RVuHPZi-UvEx~XkyN)>aLa8>|VFw~wDgZK~ER|*|rI=Z^VP&$0kD%QM<
zL4d4G46eWTAt9{56A(11he$j&-Rx*_axW9Kf^Zx6@D;50JW0*SkOsp@Mi%{zVo=jz
zPTVsy`7d0&NNAckeE2ZwQnE(=2;7q_I2&|~js3)&Fwmm(z#A;)(0mgOTu<uPuVv7h
znjBQ5imRAbk=s$J2G<W^S-`iKg7MyRqQTYQU%@YkirdlAJIEA-Na%$2yc_Q>7gGi{
zckmu+>5kJsK}qeL<mW$fDMUW!TMSlc4*J`Imd&6qW_7BScw%CLFw_NhEAFZ{gORW>
zjC(Rl;foLqCWF9(l-JadcBW|2XQ?E%KW_O*<h(UbfBnaCkgdVzbhR^CW2xhTsSdcN
zp*JU+TC3PuRKM|q2XvmXLAQ(LWK$&^R*<nC@ZrM?Fj43Xmw5!OLpO#u^l01K+I|G5
z4cLku{nn{|EiCpjZRlLu^Cc;%HCaOhEW_nJJ&dqFR5Oi^z%S1m=Ri9huryNzMiOW+
zB#f505^qA|&g-zSm(a%;9?WVAd**=09yp9Z$a3Okhl{%^hTv1pF#K)?eO_1WS4rW*
zk30n96EO|APwtvBM@L7eK^Gq3%fJAz5JZyqO)KLu%|YfX-gw+baTl~sfUrV1Cm?AK
zddFT6T6v(GOfKdSY^y^LVYS0DqyQi0tBML~)%*8#8s77~SvjLze0K(K=;7(fcK$p$
zY?93(H!6ZvHp$kiUgg%{6033%P;~HGVrcRth)RTefMzSk^Tlu1J7cf<(w$&~W}-a^
zZ&GP@XoRi(VPIfz5=J#5B7z`hK_86I$jC!h&A@Rj=n{sOm{ik2u{gzZ2+!VZz4~`k
zU1=x5{Nmw6Fq#@=GJ@UJA>j(R#7jFm=n%JW-*$lpA45vbt<B97uso=kuOJpT*FAxv
zbX@N?fS41sJ~=bv3*QWsZS=>F2(T1L0Q-PGXSy5mc4(<-?m$Him3u2#d^p(Ho^xvC
zNyCbI2Igqc*rQ*7c}7w$=8c7=W#&6DMc;e$=+mMz(2ir%)8`7PC@Et=RS#s<t$G;=
z%_hgxWwkJ(_NyOhPRfujjE;=JAq(E1xMp<tzI=HK+8pJ!*ETj{;WQ0dTl{#i)?L`$
zr(#VF3}gqLx08N;?j!JJ7Hq7nM1wYVV1f3~p_+;ccaX!cB`F8qjsFD3d{*30De;@y
zM{l8bhy(R-?R*RlVlyd1qrkRx$UZNNm!CfdKJKO}cw>d8`*L|{?)bg+uUTATjd46;
z-2K&~ufP9v3YW~6ok|P|%^e^IgEndt)L;TK4Zq7QW0WqU9z8k*mX%hB`!(I&Atrq}
ztQDU!;PfukEg%q&jDRJS4+!PjA1ZI(ypbe~7PJ7evE@1M2orsTK+zIvT6A5?lOl3u
zvY8f<2b>5EO_FNba|ps<3If7%uM43cYL*v?MDM3y5SNjW0fk!H39}jr=9JjF-_cNH
zxNfh9q$^l$N5HSlaM|LN37mQ*VBAvzNdel#+ZmlyiySY5ZOKYAO}hqoBA|=?K`1^6
zK>+&0zvV`Bee(4DX4;+*wAj<%e;j%s31`@hT@f(+CT(l1qvHx%|Mee8$4zP=L>E_A
z55LO<j~s~iYTIV!<}{k%c_XxL!!(N9+Y1Bh;^8y==+aS$f)di;=m~y{Ov41J;T1+f
z&jn`4)yvB(^~=KtZPHtHKSabT>Yzj6^6Gs5F-TRHLMR|4D-|`MAlJOEABP9S72DKQ
zb))Uh&(LNK<odK<r}P#y@(>yqC1UPILI^Fh;FuFJYC8*Fz)|qQ!grKH_rQ6L5H>j3
zZDX<Om?`W@F>!xp(Ts<%Lnx04xVyO#!^$PPQlvKqDY-028H1ff;t35!&{F)e+>2@y
zn%QijGcX|xxf`=^WbUPVMMOkYA3Pu&gm7HMS{l4Y=F@E)@SD+QB>u1f^mz$GKcB~s
z@3AU9-GS*XDq)7lZLuf0FJ7bsm%22Z<OAloG`MiN?X--Hwoo0ZAIK0AjKiDEgoan9
zk3Na|?G@#@6RL`NXqT}0=;d<fk?%07)STvAc$KAZ#!_3fiCXb%TK6Kph<vmkKOeiW
zNqv6sql8;a)Kzk5@^kTCgd<3lg=H$gsAV1i4VchK3<of<8ip>f)6cMECb8G0+&)Wa
z85tWJn<~(#xxL-f+e-*G;H~J&x8VY>p%>h^3dasOQCDX=sR+mh4zxIXAv-;tcyUwt
z6&%2!3s9p>{a{vB7Qti#ZQ{ctBYU8ANryTLEJd61`3nS1A2>v58JRNhM8bg!s(H^i
zigwl?^g;HJvwQS2u*{;xH^;5PHb&^Sf$4@gP64|P^bZ+O0{6oJ9~K}023Y(b*XY+R
zl$Dj$P(L7p>Bm?BSOJ%rFNlL9kQJ)njD>`^Fqp(8;Dd7Sgd=^p1q3|P(=CI(*?w3B
zLxT2`CvbdWGkHDqv}zk0Ct2;2s@#Ovo(QfV9vj;W5%+A69B6Y&=LxZb4(vJ}K0eoj
zSZKED&Zm?>x=3_{{`bS0or+r(Q|Gl{BEdjK1H~*Hl7r}}exdm4)hjbgOSjO_V_{)o
z?&EiRwB+#I{QUb6h5owy73Jl`a7;<-WyHOpWdnWvX{S?B@JiulQ!bF(KnmCc_FLi;
zg-&kIpHm+{?g#Nh2a<Nset!xMPR=S2mRbw!EWzj}b6&aF*(oP4k3blzTEnR<8IN1{
zynFX<YOomjCNR((*jB>Wg$fw&LCg*ovw$;qKX|F!&mXNjdhD2+cg95cFCZ(*?igre
zZA~~(g@%EFl!SytJ?|Nr+kQ$(a3t&K>+c6z3@--J(Hp$)(|z{=zYq?qI7~+edG5w$
znI=RTt4+Y3gcG3vYK%ggkXmr1FU<`W1R+Pk;R>KGfm?_IQm`9v!ee|1fzDv70^x&j
zkQE#=q66m`L1$KnngMw8HUYPq<FIysigYWyX}ARiz0%Tnz%T3uzCRrp9|CK<KHKf4
zQ|@`a39Y&#7mtE{2q04j%yeK6dh6&@BpF!(NSB(9&J!kE7d}<Zzb(;c*@s6_40di;
zSJx1nz60sct0+0vUC~Q*+jos>XzAlibxr_PBCu*ze~=`z60G1by*$tz0!?~EkhTvo
z`>Fx~4*Q|de(lnGWwe+RxBcp4d0+;OGSw`$0n^UFB~)Y?_i{rVs?{TQ0o(FPKo0~X
z2^=6qpuv-f0>Hzk3tgAqV1NL)OgPd2l)s}Tqoonc5+?)&1$A7~01p5nl!S?B`F!&j
zjK=6#ZJ?0V^x^+O+?#+y-M4?kqq@?jl1gb2icpDYkr0wlBq3p<&62dxB4d;#k``-}
zCR=ust5A|Dg|ym*B2<=1$Ue->`}wNt`rp@m-_QFV&v87@@&1qd_+R&Rml^Y$-|u^#
z=Vv?Bhdz%-cQX-p+U{2}zgl7b?1BkX@PctT8dYKCgdr-Ue8N-|`~-ZSj%Y85b?YMB
z2Y+nG2=Jw)MH_NdOOZF|`~u)Z)J9D@;NoJ0{yGNSRyqw*Wj_+8aFTD=KG+5$pqAFl
z`udx*r~L89#EB*_G|q%zeHkT;_bKmei2n<jmm&th)){cSX~OjxZz?Cde7XN(b&usQ
zaC+Et`r0dFv;|F;&#p{0SI9ltdSxbhOJtph!zV2wJ9~;_?VrouGBl|EfnSZ%JQFH4
zgv+1`DS7)g=zvn>y8yX<Xf0yUVFqi(+`*?QN0XimZ;OhVy5#fXix$I3;V7x93d8f3
zgb(}xdW{pVuAx@yiguj})f%tTtsVu7tvhN+Nl}hjDqNPizc>j$ec;d`-5@cQSa`!G
zDJFkK7rFB6nKP!AHtGWVAK}k;;%0Jy1zl%pL;hDNJ6;wRCg^{aTe-5T_O$#rYFt?<
z9>bS)bx~<)Y2+iuo29z_Fshkw8BqiYo4qGq4+;{h{qUg_{i<)tg5PjO-2wUxY5yzh
zld2paK76<Y-deEr8PT>u5o%n_2X=7J;kMNkYW*>+Oy_wZ$ST#W_252*+g@H2R6IL8
zCvMSmewCpQyMhg@dr-b_Ad<juhPchm;if+7J~W;r(+RE8vCcXbLbO2EmC8Pn*{Wk>
zvzYX_+83u+4Xu>^)zf7jHuxDfIgMj8ATL6~3y{w@1NthA2=Kc5KO0{8LBjx#1hK|}
zUqz-=JSNy*GkWU8#s50~>d{v%_;oXqS3a}){IA&-zwGWlEg|W?@3kVY!&iz}E8tVZ
z75{$8R)x8kz#<JNMjHBshKA<8+Yv;jW{enY)dfbKXB`-cof`O?h~Y}{UC3RN*H+xs
z`{N*!%JWFut1!~DyXK*%P)HrW_I1FBV5-4HK@p<IggJ6kYF?!U2VHX;Y!1;0{Jd94
zn!rqfdAq$Q@4?j=-bqXbFAw~A_*Pu8(S_yW_KIuQ77;}*ym)u++|jg<!2^q|qOEbd
zLHlfN1)#PcZRB$q)t-<`m)^70{!m-HIo(WyZI{>Gk;2{cHaV5Y{Xaf^Tgtu;yfmVa
zYJf3)OR8D=9pmMno0~775Kqe78K*m$(esrLbGO2V#W?1W`!$D*cBfA1o;maI7!N~z
z%7b)6X>YBVQdL34qT5#*wrV^6J+7Y(A5OmhuhaUImyWUg%5bQp7Xxr8fDeL9wzyA8
ziV}rziwK4p?W-`toIr{_QkOHbXwW?^T(rp6(eV;G?NK(BpW<z@+U#^k3Z2hkGvS4p
zl9!iv3}IE6;GVvCF#(6MAO)JtSyVb#1+$7o#B0S9U-Z_mU%wB=F3XWUnEG6|i*b1)
zU3mN!5OWLqN9pZRKF~@pk(T}z8G2RmE)~-k$w(r3No}?FWqvd~nF_u#-3>pI*gxSO
ztX+CnQcdO1b;NE9k%lkmInGO5zHWr^6})>l9e)1mx*DQ|4ALDh6(`y;&KdEp?&r#I
zy4-=r!(-@}ZEZ+|qD$?ce;hq}v|t4BT85EIe+&!^;NxTF&Zs<3D)g*b7myI}yr^g*
zS`t;p2BtiXf+VZ+h!p~QLIMooPnnv@p!4?3J6`EF|1dPeXwUs>Y|aUhT3wxfvwFa;
zU3BhT!u{RL&h|@4SO$45vp)jU@c%AcP;(c@Rt%lbTfJtDcTUbal+5wCb0us({S2(?
z3V}Ym421+nXd`9ruR&jrU7To{u8R`Wjg*i|JuWdr!z_UhX`E~dJD?<b_+>5%W-Pm6
znSBrW^E)&!W&<)R2vhya?r*Qy>huJN&;IVu&yuLDe6x|xh9?U$GBUamR2DdQB}s$8
zS4(0rFck!|KO;8l{Nu+PCkl!AU|wsc^GC!fBpnT}QH<%S^vSu?4_q1-6VDSsg@i0F
zI#A+eBi9SzhvB!5Zck#j<fyhPBzGzlmG;P-;-wtrpEcQD<KoQV$DgTtzg4zVzQ6Y?
zlf^55tXXcQhI`*~VxJ;c6RP+E3`SX;&miv=VaV+3tQS3h{yfq~Rw0DbSe8Kyc<@xp
zcWOX>kMX0syIT_v-fGX$Au;Y~3-2{IXYB~{L(j4S?t;}H`9fb=n37kmT7?wN^m{yv
z4^7{{UlyFPSnm~e1C2{B30^j7>eS~fKG%hq3QO;7?(XlevP?vEfZ<~nPc}@yqz5<9
zejNL4m^@LBe1VgU;_jzV9$95%S>w$~UJTNjY>b@j>!HX)DJBB#ZEW_*{{(bC^fqYB
zTcgvpui(-gdEA}j9$9r2P7MQ;wHOfwPhD7CKlBIavODq&kHgk(ynHs?MTO|=<f3N^
zC9t3aM(~Uf6pc?&mxw7=0vBfWOkqhWss3+@s;Xkd29MFmaQpUto3nT1xoA>|+-azb
z&JRTRp9EsJpph=EJBmw56f>9!Voc?-Jl~L@69~AWc-lBiM8x*sL0`rFMS5fHTROjP
z7Q{Bl?n2TMna`fW2l1e}YNf`$ho175&095&|D^@^2kcSS2Ww0K9$93)Sbiu5pmN77
zwG27}#~PvTA#cy3%kxRQM5-G3)V{vk8f?&BEM$1`c!!htq+!<a0fIxJ2%q<#xnMzR
zRs*oB)i{sP|2Ls6v+O+G`)xZ3!Xl<W_<sWs?a+)H1W4mGE5Wa1yarmbeD)NIS8}rK
zo40S#y3*%;TqP}i_uWJhuiQ<ZsV8~Cbv%={jl37{s8yXBbE<T?>VdtC8;M+x(DHl}
z4JwQee?Ws+miO%!Q1i4!d<}|sIj83v%sLo2nu-nKF2>Z}Q+t@Pn{!=&0*^2n$1SiR
zp`$0kMYxg8mBn{I<3^0QI1f;hizC$iIINga;CSMVw82HhZ;2QJScAvo1TMxgY3tyy
zCt<X`gO5>I3z)|D&Q8cZ{*aN8A<1BXpe@<XA0G-II&{b$&6zqfY4y#Q1QebxE*>Cr
z0<vAvc(BtFkryQ3^`+|+sTr`AkOPJc@OW4=es&5&%z=<WpTtDmQR~m+fsB3l(86D%
zi|ehZ*cT7D`5G`9U<&D9VN{<zf4*#9W8T>{k8*RTbRljg8CZANfO#1@q9kC66Kl#M
zJn`$=V<;#XLA`+~A8K&5^nTo(C5?@&a!-hP+M`c52shA&zeZFh7>Jg%*VopT<urQA
zkG=Aqy?dv2k(LyvZNUhnSxSnEq~kS7ts+h9s#QDuHO_Q<q2wGqbV&cz*lfYapO4eT
z%%}X&W;fh|*YQom(&$p~C-8=y7)Jv99pgv+IwIPRKOXrf3X~?lj0-s6R$aEU{0nby
zZwG`fR;A7xj}Qs1A3uIrzV6GqYQdcqAkNS!=P>el+B%^(Zs_H{o3C@V-UUZ-!3ciZ
z%ASQVk)Pe&OC)1qW~><MX$kOOzGR6PkV(hY8ag`ovL<+4zI^%RhYvR>*Dxw^yPwY}
zP{rgYdGh2*$GQiy+i$By;wiY3MQ#G}kulQCtyr<tS8Fp&T64EQzFXPfvp2fee1mqU
zf^STV(W~K9No#KLwYs#%!^e3dyFR_&D*3!qK8r>^NuL`HdX$$RKi)z!si&iZn@on{
ziiXM^;fD?{uSvLKcpImQHh7t2EEH0u*Ce$4{g<n&-=>t3TnE~>*47Fyf$;?F!>^r$
zXdF{3s})hy<cItd{Pedx`D#zQMwU=NU3OT;{i7fHop_rk?qx9SrG~Oj<Z}361tw8c
zTpDfx5#6@+>f!`IEoGQGecb?d=|JEZi(9J{kD}p;N4LmUj}1F?`Vbg-?fP|Lfjh8(
z86)&1Bjqk2cvCsXY=HWA5eMlLwbof5abk&pQg?Hr@4Ux@o($M5xWfH5M{vKLt4$=y
zeIogSb#=M=akKCyI%t6Ea$K$giC(Dcs@Ljn7a}I6&jQL_;B@-*X>cq}c-Vq_Kg4en
zY0C2T-I8#9C+&X^K#Th?09sblKLNBVonZlP|K1-MjBc!RSqw}B^Nv+Q-&Pb99DP;@
z|AfWv!=saj6Ig2g^Hp7!e>t%M|Cu;raoQYMYZhWM6bjS-1C2Q9Pf0{(KozsHMPz0d
zy$YzNK~t7~Lb-nZn>W)aXrdn2m>(=JL4_5ALi+|xhU%l;+Lsq^vh)vHv~ez?M+%-?
z8$WT{%pb)Q7gNJZ@urnHhR~a$D@g816`7W$VSKvS#qB*+Wn1G|3E#n&HQ(DmlJ<^n
zmohSJ?_c>o0w5U@Ew*)eq64_NuHnphagS~R_rA86IlDkhe7GmEaN$CqdIqiyD!U&D
z9^hR1U7madhZCqCiNi&hyGaU39wwUIa#DlT;~(ixOuktTx38a`JdBv7rvQyeZ|cEm
z2SK7?&1H>F2_u6!+L^ZUgsH$Mh(wey2v1wyccH$JoG(nyBv-x%VQrH~W(JPGT0ew4
zlhit-umuvAp~-xbCx^tIlAQIXl}S6LP<onxr_Eb)Xc~braOo_|voX_#9c3rAo&6zx
zIUrg2#xVr>k^pQVD9i^xL+(>F&PEymaUiG)3N+yqa7ZFA`eXvvH19}?+!$auGAl9V
z&5qG82ju%+95k_O5B!?kJgw&|Q~oXlaS~Q`7CdHiLbTt{U*yD|vwt2v-w`H0lSu_o
z4B$mVMrLd4*F3-SoSdAkNWDZ$PNIe|r_aFX#59RSz_KqAp^2#%cEi$3LSo93R$4yL
z)YqTlKS={(_pC#+s&}(;)oL}S^|LzMe`YV0JsWB{onl{|HXjYqMLY^k$V#8}&2af)
zuwEqQpwXjO2>6H}p0gNGWlvj%XCYU03UEX4TunIg(t4gv(C(a}#wd2#{f?@#`PW?%
z!0TPX&RP5WCehpOkxys}5Kv?UAorl{qv+^GUd0idRbWlgsLcJ*5B)GPn84~TBq}P3
zm!IrC6OVKuk{T{zo*@%0{K$YMyL)?|BjLLT7$ONT3+^rEnlBt|tYfqM>WsdR42H1V
z>UON)LrqFNfymOUUg8}(I^V=|V+GN4uQ-XhYtNp@YLPv1jzAKS6qS6Mk=qO)8xUS0
zD%ia<J$C6Q4IcqgnvM<`Tuq#PJ_9K#7m-jBhrdKLoA6g+(lY(ZZTlJ9Kch%4MfnD?
z&rX}STGMI5pSO@QUac3IaV5hfdG)F97D&39gO)D4I*uB@I#itkh-&kh=-}XSNWojb
zaih6xP~x`6f`V}bo~85h?yZoOom^dAZE3#R^fCw}0kEb!cI?2!2nJEd%E~H>+$DC$
zckSAB<Hn83A*o5!vtQ@jh>CIy;{!`CU`NTZ@;NIJD&PmJ!alG|B)bBTR!XQRJO$*|
z0n~?sAotZ8F7iYR-o6#W@MJlRnOO^T07-#F(DfJoHcs7E^kIt`RR<j%r%>E@7F%%e
zVDz4smx%oK`EXqUB}6)8F`_TKd*5rcAk&Rt!h~@{-EX@6J?ajV`?{*CXYZ$8^G9_@
z=`>6P+^vSrRbBU0`2op4TH`E6^oKp(zj;$RtXBlmY}#VAc{tleZ$CB3Kn~0?H@7Va
zyt?-tCUpC<*gwEfl!0djZ7`K~8n7qD3&x5TM9XVp3P=dBf~jq@j^*I8z$V__O&{s0
z#l|DshI#2szCj5~H|`l&lGWh3N$-q@D&6&#|01f_51tDc6U;G9gje|U^5touv6USw
z^$vRid!Bat@rz~<ECu4TUI`25V+(;CHS8Er7SexBpFaIVuA4j#`HL`};T+O(;W556
zHJwMvX<O)#tj{k!?fFLsZ$x3_u*i?I$o-R=I(4e5$I!iZ=OopKzleZDi-q1kmo~CC
z>qxB$`*u2_$1dTa(*?Q`2R`)r#fyR~ZSpLf#0eJ%nu7h2WiiIZp&#Ap>Z%;ALBEYQ
zTo><{_TYBR29ar>PD+RKP+>|63w`mt>H}!%Lo`h}z8v3&42F2*&6^eQt81bqlET<Y
zx&hxIENn<ZpVWu((inm0m=AB_?vdN@i--&GS9R;q!LO45h@%V)jca(n0}AXe)Nl+$
zCufU@Xalgc9PBgC8MW)*>-pZ|5gupq$4L(!n3`~ObPzd()~y7rA6m?v``va~TI%CR
z9)KK>lvJhj)KrdqxCV?uK0TF51FQahXsOai{;T=9iK;+EQ3H{uzH9U5^VORI{OS~>
zrTu`#Bhw5+%pE`u;5$L>$bTA4Qn04<p`)1e8nC7wK+XrqSd^6f+25alM=%_q(-zEq
z@hC<n_~j7k3(V|*t?g!j!XIqFMPjb!0z8Rrukp!M_e?#<lT`Z1GnuE#n-<MVDW~@(
zcXHA@F&1=qs?VB#l$y*?;CwTjw|XDtth>7j`txXYTGS4P`gT+eEf0vzVQARGM~b#R
z_}O@q<ThBkt0Il8Pf7#m@Pm7y9dZCyFe)9m_riYcocsLuXplJ|GQwL~%`g1PA~30&
zTLRi!)Ky_%pQTX5FKuPs%IC3;HEB6kCJA?bdK^JM8ans6-!#v5e-_w&WA)}6MiO#z
zmoNf40HX<RMylHEg$oT?qd%uETe`FqN!>;SS4AU{u0}>#!d2qj46gU}w+92D44PHn
z&@iq1)SOR`PF}>5*ZyR%VGOrM9KqYjH5dI;sx|tmx_U>s5l==ROcX&RwLUnY%Eu=V
zRNVjL)6FACj=U@`z6dpX){aByb7Rr=U3>IsLv4M11*9Ev+uzx>J=a^oUA)QN7=fMG
zUl0Q1_~}zkoJ6ylar#cUQ_jMJHS79NiOmYk10GSUZO84gupr|IesA}o?wFZ`RK|0$
z3&f~ijIl9XAZ?%$wXD+3DqyqM!O0nKygUgti~zL~tHKGjX~NghK^%_^0DLgc?krRF
zATa(N^*IVaxjR75zrDTbW-baWR2r#`GDdenOvIr<tiWTkG=aJbs5#DI$GawSnD3UE
zo10^iM=U7zQmoW)^|WYn63^t!*{B{cZBQeVx9cd}ag`5`?;m$ZrK$S<Vwhgs5w$~r
zdVhby5u7-ET82yj5OIL$L|{a@e_M}eA?bSSTyR@EU>^LR8&WQj$xT@8IvNnoiXRZC
zIX?Du8X1+jo6ETRwJ(cV`CinTddk4S!0oPeCRbTZ2wX!T^cf|uUR@$gfy$8i^^9je
zsJi7~Azv01`Qb~l|NQiP!IvPF^CJo<rQcb0oiYR5y=nXfulPVcN-#kX|7t&i*-Bss
z84_68KU6-rKPNuk2PlVLf(e1pg~Ziwfm2bCbXOBN1h(a6b#*v+h)0hfSK!w6buMfk
z>}pJefZ$qOoK$2~6u2)DtQ#rCr2gP1im46&<Z`k2xp2W>#+BcJiI%ivwyV$Ux%027
z-ssMw@eeAjvt1qY;6bPj3SN3`86zP=f(AmvGShC0(6^34#BJp1OFggZN$aR-Y-FI<
zcy4KwnCqD9xu?^;;VM;~zD+92^ASDY>LEXW;q4mUNM253?`;jUH8!DLtnb5;Z^DTU
zhDeyeCo|vfmFwdqCi0btU<tQ$u50@R&^08nEbMmGs2cW`Jb&gbcpUo}fZXI~+}~9a
zXv0c7wW+JPD{w~|-ssPc&%C{lAM%y%iZkdIZj-zxZ;w(g+tAy7|EG}={~(cipqwt*
zv}qA439+$*IW?}S4PF5W6D;q~AjSfZ*bBscnSwj_&$|9Rah8H=Cg&@!B*lBgrL&p$
z`i7?m&$de9c}xAm4png=`X6>hZaSC!><qHz5{kp~^=t-yX411GxI><`uZ!o69Bz5`
zTQUc7VE1GVozVY*{|me){~{akKc&w42Wil~Z``>ivdI9C4gF}#@4q(iXG{D3+Np;@
zHIfkKoSeav^AG>}v&@J^)W~0QJ-kt-T+_e4ZNM~&@J{PiZ$)nsV~tHb(U}N2EO_%K
zZAS}C?BT{!eo-g$&TSxXECKF&2^f6JJxI<-n-77N0A;<ZD&%@q4tap--p7jl;yU(!
ze{|>MxFX!96faEj?}FC9>p8p#RJb>KPRi4UhQ)=2g#h)+>oPL_{uD+rCs)UyK{ZaT
z0{>qANVs@|O~movzrudEKyjfGoAux&-n-rUeX(p#sU3y@@%O)__~38+e*b^}sFP<%
z|1C>Q)BgwC^8bFh|K-&MMgD$q)e|JOMZ<ISQ4m{-`E%}Hzrws!VL;ehA^L$4l=1qZ
zx(5+R{{8#?&nqaJEmNZC=(t7y7Iwk6Ax?5-A*w5zzZaxG0PzlGb*xV*Q^K|X>oo?Z
zef|IX4q^|MZV=dyy%&_H&z@~=)m_-SzIemC<5y1JYWe%Wj<z?SI(6zElnIm%_4Q<l
zlZ}myWqp;K)#Z2cBH$o^3?iv6{-o4De(d)v*l>riOkt;$)n(8g>Ji6jLuJ?g`ivHf
zU`uw-XyJ6<`q!J-Q+erMAE7A4=O33r?Z*G=_Wb8}W|Q>H2XX~s9gAf{%L#qq=lNgS
z3S&*>Btl9ci@g>cY*JHetMCx6uBXMti5d5M3c!W^CdjhB9aQ+G{HZu}Y_%=+O|?}f
zSKNPP5R}l>-W~v*6-1ctQ&HToS)j^o?Ty7Cvt~^^_ln=y$fEu?QE1Ri7MOKl<AP33
zPRjPB6g)E3mssD?xObz`EBN@4s4U?lWt#FZI>%zP1Aq+S&og`spBon3`>i$Lo%ewa
z!f{sRW;S+r@f5#s#-XK0X(&P&yM55paVZzzY8;3Pw{Z3SMouV0*wJyfJ0D<j0UKXI
zGgOee=t0q)>0Vhl8HxlFB}XB&4EpCuP(&fau?S5!q2kbfwnj$8t%45jzw$lfhzJ4F
ze3z!UtLj>i3lUHN0s#BY=f?Pr&2j1~9{a3GNGYK0DeUiKj}=#{?THdedcl%`dFmby
z?~$Vuk7~gP#DGuVzTJL?YGOhHe8{5@VIW8ok_uYw`5&~91<UhEe4oG)td;<73u;Ci
zBoNVaz3}7>A8t~(lza3f37<vd)?Mesd{$mQ3wnx*Iy5GjP+{>E#>@tF=?egVJB^K(
zyg+|>2~Czbu(XSin1Xut{{H=lL`IqY%*BhZpqqI9>eUor47o7P5Sfr{Kh+vTY?=o&
zYV#EBCIE>LG%_-RprEGhs!AqjO{m7!ty>XqU{==(_~HuK8Pkm}=&Q*$OKR*ve4D=a
z@2^>`c4o;6Cv+2do_y%~2`2vOAQqr&&_WXm>4-mOK_auHcmY!SjHEV;yfcc>@u0Ck
zO_EcQl#_O<;WZxkJ2(`{mB96t=gv8UfBd_Sbp{1Xtdsx`5?I8RmSq`)U+XiB&H~2V
zmeWvw%v*b8p6clzmqCP*WKtHN_jo21OF78R3Nm5=X8L)`_A}86XARgU@tiCXTmz|t
zHz+azsAu()HDs?q&x{uFDeh}hCfB*#p1G#dQ$cH(2wKtA&xNqfDEjc&c`Y5?@XQBb
zCJ1o2ZyEwc<@P}NN~i^B2Zhj;PZAQUIvd%K5epF6HK<>KVA%`l`TyS|RS1J6k&Q0?
z#fumFP$~7W&m=5t4p<MVvGFR4muf&A2?%q6hynAz8nlA<T-#03#j8~cjk)t*F+dR_
z;&hJ#9Vn9)rnb~*CLaEl$6fi)$!;0oPWZ<5A;1%>2BgrZ`}RWwGzl=xgCn)Gz-eyq
z2QK!^pNLA|?)?0VtWZ1CO{Aw390GDL-oAN5xGLmenr}qLDpIsYp$I4JF@eDV={ppj
zJaJ<6{-S9lz@CI`V;vs8Knev9nGWs>ID}WG(UEBe9-3&-G~X^_>G*)VltK_R?teiF
zsoH=c@8#rNL<|8GAmHlGATZt0IhDzCssn@zzp*!%DF_6AfA5O_!AdwTTHsgLwPiU1
z$Hdjt)O-Yfsou>-+O|QgC6QpVjSwQQ!7j)`KYWIT*%Fh}oQ8{jekNTFPvkq9u^_XI
zL3s&f#3_)mqtstm%4ZPEhsf|l^pWf>y1KzE7CnKBom~|hyYi&+_=s^y#>ES+KpPQ<
z`^{|ZmH$N6bps(1Fv0l_V#q#VXQzeo0DZ}}WK$C>t6MYa7{p2rD7}KzX-rXR!pEOa
z@IqLJ{jp87zAQ%QPkhEQzz4oVI36*ue@*@w6Bxr0c};~@RcOAFkH3HZ@V5n6;eaUB
zpv9Y_5D{jz|Limfba9rOVA!!oh>m3@urfkKw?Qk~2W~6GYL)0uvT<yjCK#PN0P{kK
zNENGwzyS1j>_*5~93Gysy)I9-pdW(db{mKxNs22jjbrQMq$GbsL&N23*P2<Zg=h+5
z+xrd9zsZm>u49ZT$(u2K`d!fW4pl)PdgQ+Wc0`XRHBM7R+VBo|cnD{Yw@ehcgHKn1
zfvg<}P9>D%V&srckKr&U1Na0mxD{FxDX97Im;Gjjl+#~y7`^!m(66EY$$e4jHtg>Y
z&?*^kWeTTvLg!eyvZ!j$QzF%rB!y>XxrOO2Lk$Xm5tlI2NW~@@{O|f-NUJD^dZJ+X
z)PTuZE-(Kaq{PzJOuSfu)6}Vf`t-=k2p+n9NSwyww6)!XOMqQ7iCHrML^iph>X6hM
zfI`@ng=`gZocSV03vtd*5SG}q$=ZZC035mI5g7v_^3=0j%sW%-A)q(i&<RjXYgGhs
zO#r73Yvyzqt)P?g1F93wGzkSh`_OKt;mp@mr1%qt5|0Z>e5<-d;Q8@_)5+2!jLtpa
zuv&m!mRoL3H;aRoj!1qGtWKHq6&=Y`-cZX70t1sL5y!g#MOU|6ye?LO4~?&mgF~{}
zO-O$&o$8_Zj{#2yxd3DVNP#WSHT1-QrMF{85q#S_Q6vE#I9fk45h?CU+8K8YD%m4Y
zRp1ydL=l@oDVQ@I@x^1xM(}k2WcT5@KLbF5;?Pe-*Z-mKZ57Pqh=km_W!0X2<<g5f
zqf5Cf#Jh(&lyQ$>VagNz`myFTGbOc8o|yDW5G)2%8;66DhIjk(;fG<<{+FnF+T*`a
z^)E8L2VaJ0q_qXSzEM~%`g+&!*Kc#E=7vP@s}tW3P@Vl7RA=Q*%VOmJY<EnRVcT3n
zPb2}D6^h#-toM>DEUYu9@&I!A5F8KUUtq4po&z`(K?$jSIx{jy4<0zM1mHdt)t26R
zxeuJ{=aT493M57XXFOy%nAM0`p~=Q|@7}!>FMN4~@xUMgd`u8Y?yDhHXjZw-zm&rT
zY-?Xg#1#<0ELpbf4;>$D9@@!XXzSu~73c@NHv4g0C7Cl9V-jBV!l`*^ce1HH;A+$i
zZ+u%*LlnYmo)J7djSV3Kvf}_VwSP1(<V5JF@i29RYxe`75uLMtzN&_Q71b>ui!s~H
zS{;Bh1U~z)*J5|wm9gu;+dAQy4_Z09r(Ob<bX$eP2M;FnN61-IAME~zV7J=6FKV`5
zxu6&FPbM*UnV9T5a%9@!!>w`&J<9ESEi9hGx<EEThJ(L)R#(@gx))2ymr%CpY&NxI
zPw~6dgP+q}74f{JWHNeF=vMp#15?e&!?WTjz-1AU5HY$=yu~oemo1V}t32mW4ZgOu
zO#(vm@X@1ZB_+v4KMzCU1+2vbS;<2+ES@h>n;<$>6ABi&w?q5~!xiWO*BxDmn1l<E
zH52cPrMHn0c2vx|(urH_c~#XM^rTv&zrf@z3D2UTBZviOIRw3tkAQE-Hx|wXd{LW`
z_jfO?dBSC2X3)cLMX&;hcY(H}jX<5q*8@$)yiM+|3C|cEw>9K&oN8kkhF5WCecGNi
z>1u}$9MF^wi9ySwn!~i<n*=Ok0AMFxtZF6|gw~{68&6O78tU1zBaJt$r@Q+pvf5pz
zH*a&+pg@zVgY>_57S`d+kI<2l#jYCgF}<o+8tZS`ALJ*0V$sD>@hjbxEw`Y!7NZgn
z`8ISJ*!s0iJ|9*VA^;<DDga~0hq{~OtY57PSMMI`If`Fg8yQ9@-m4)PfqYhPN1SRq
zI(MRJ#>F8!T~T8$!)%i7cB-o(2zRD1zSym2&aBtHJWl{P)w~4@_G7iv4Qx>&P8ZAz
zc6j*F=iT@+3O+KFvrb9r0*X9QBIEXt&N-_lB>Qy%mJ|@gn_vhCdknk6s9U;>jx(nS
z)yW%o{m{rr3k(*?*GoiS)8KP?i1cfc(zL?j9tAZD90p{-YoqXsjY6`9`14}WRm8j0
z^yzftoNR{LStSA{K<7bZ)QCKOfy?JR1d@o*9VA>4Sn*Q;-(FznYxEk>^biTj3UE+p
zgdmq9(rBNDfC+$zbpt}CoEg=&s@Y{}L+83dgi6*+%u{g;HA_=%y-FHqB2z+PI}U9=
z*|sK5>l4N^y)<nNIvet;X!XeTC-x+=wG|^+a0g2oVk|*ucF1O4%(}}M;?t@aH%K5k
z#GHhrMWVA8fcD8(=Y-XHQc9UrjlPa5_9J=f27r2G%0QW*r*w|#RByOKO#HWWc;A1M
z4zE7?e@HrfZTA0F>9CMurKjE3b7+`^7O92;gLwJ;xi^p7MXwo}aM_QPPAaW`P8E~N
zz~c-~AruFN17Hi4;2cc9!2p#Di;JhehGYp4<z@T>aZ3IexwJv50snpZ=~FazOQvSc
z2+}2<OG!-5h*poq_Y;Ecoy{yBM_$FbE)-yS3I3`l;+(}w&OO5aZ16G;{Wp;BbCx2j
zi;9YZQ&Z(p0(L_BV-MZfm$o(w2a-svT5sLallmHTlmm1x_@DLe-i80=iw=VQ``~P{
z1>rYq%H+usVftIZdnjW@#%;{<_g`8?cMCHzwtzVD96^aK;cyd%)Z}Yl6=ODPY#i?3
zkjTjSDvp)@Xvd{q#Aj1+E0#Qe-tuS#^$}5uz!`<7(9B6=3=A>UsBQF~3@i(C;bv3Q
z*}7L3bKh)Lw(;vD6Db-9Ta*!%TaP1lVRT1>0SlmI%^utL#+Y|8hGm}VY0iE3YHIsI
zCM!y=5ps<({8pgtQ~XZ+g2d!z9X<IFj1`f4g1oQUrps$@Uo-G0!9&Rd0X!5s`<RUT
zy#;4$+047Ib3omRMH^ilt2hoKcMrLg#|NzLJ!?IbnE3v~>s9}bcD|e1O5S`G6@A--
z#mnA|HGGcY$8L`Q8_T&ddpG^Z+`s>oSN8A78vp8(jWYt9^#=uc&e;<k>^0|3KDtwC
z`O%%5XDd&gXS}c_f5OM+3pM_+da*@IJAz(5IUXpsrepn~3jv?iV<#)xTIo&LBJhW#
zNPz#;*gLEJwj?xhxlIY451yE+JpRU2Gt!u0o%n7;S8Z-G^7yOwkwYSFZ_W-^7U(?i
zheQ!RIo9rbA*M_~L<A*@j{fwq>7H~^%X@sD%y2&=>3h;BY3EU@049`w&cnS!#Bs;4
zcp6?3?XG-m3GjmTsxBM1xE-2E`>K>VpvZ*so$@k9Rb=$Yar6BqICIdl*so-8i3yq>
ztf)4)mVE~g{(%f1s9h#eh{K^tv$=LFcJzH2Vqur)!^e-GW1L1+B0@jPXPEr7&O#dt
z>(**C4|j9Y4!1C{+--BF8fH@g0;D*NAYyxIA#4Uxm{kOE52K0$50XaSY{x>EUGghe
zI#-{`dix9*zw%x+zqGF0wD;k66^mK%@jCN%q4gk*ITFp#ggceG<D8>J8k)6^+A$lE
z*L>{6i3?AjY%-M#)AiJD(1_BejU*<VE31dioUZGkbY5jcf=K|l(J6SIgUq(>-aUtG
z_#wSeJ$RQ1aQ?b>H7p{_(IFxW#6R^`?b7F=>6KWs=KhYJKLiC^0Fl5k%INMrqavt^
z`iV^%Vz}-Et%B-v^7|a;dTCi6gmSi|y1{-8_V=DA*PWCbM=Z2_L6Xp6rh9>ZR89X@
z*vwR*bqaccc%9_D1GN@{VbT<VkJ#3OZhRU9Ph_$9ag4<Xe?xtZeb!7bt9r8;DneTx
z9E%Bi?2_4>@LY9%8n5RneaV_NBA{0b(F}BBYoYRKy>YTFH$y`wU=VR_FaHDM^V`|7
zxa9|0wJr+_Z}J?yf%8BckjMcChi!`&FAj~0l8Z-PS~&rOTHy~PW==JFXI4!c#F}?-
zYXw`alEI~d%wDvdY4u2p;zL%?3SG$r&hr5I+hC?wV}fCSR9L$<9Ivt!N``{$vbe1k
z(1uORz!gQ|n@JG^rnA!Go|iw5ehv-6mKJ#h1sQbQ`a5>a4Uz&m2B(*k@pt?%IRM2y
zhhnPx2#rS}tynhR@hVXWxzU}u3uevIf?8%`;qK?x21JB+o0^tF-me7_(fRlx$fJlc
z1NWvcjVQ>b_+GfJc2+X^9U5Nu!B3|#W(NaE*&eML24`T^z~m`Yi1Kb1S{3}<HDGSY
z<cjw92l}Il%R{ab?w&rl-OAC`#Dw$FnJXW7Ia6ufIvGr$?tJc`N}Z4wLgr(I8Ttva
z=oPLJ*9~yJJ`7>0=`24b1lFhbzOSi?fJ(a^x&urE@>us=mPAdXnat147qVv5<-Kg7
zT3H!V+R%U$WJ5NBdLF$rhf3w(zgO9eI4$<ev(Y=twE^0`a?hVWaJ=hc!(O#s1c$d%
z)Q%h1#l0`Vxv0k<y{^RX*rk5`$8e)@C%*XVpWR`T4T;u?2ykKY(}b-JC-~0YyAK-A
zC-)ARVeAI`L(Ow^9t5PK<sUzO)YN&1G`Hye9>`eV=im@vmTvj1uy9MOCwT+_wqeqz
zP;`8-uXr*v5mobZGMK{TBvYmb!E!?uuwlx(-oU*b1eL}#FzRICN`ptPe<1@~jUgbl
z8y)Hiem!k0wp#i}BTGSyPHS27fQypk2O%HixXCKq+94PbuAl@G3G9bN+;6{^{%mO(
z??tpn&}I=IBC$hazx`x}$Ik%WPiPe3CnY<lF^J)_P$&RUAl23eYK8qG*TTYlp>mx%
zJZ0)sMb|cCVqHN-BWb5~T6a1FV8E2|92hpb=y5ndh-Pkhffn(E<M04#3!xEln(L*y
zj5w}wrPY*Xsh=IK`jk&wfL0jqT(CBCfNjtPjhX)>SQII@uZRjmI&EX3W>UNkD<T0D
zlTFfDp4$yNMz&h(MT^%}=FllU!%}Pc9eX{6oO@XkbvVM(zB*nBnV0s*lo>N>Mz);~
zl?O(0V~LuPq2W?IHgdAEJLMC<?JCH%id<5N<OVI=>DW@_>kRAn5{fGhko2?oh_Z;1
zWVhf*i5+&T3%!1QGw}*S7Qr6<vTLu0jt=o^fE+hQ)8GK)H58jFvQ{~pOZykXn=3I+
z6Ji}5od?j4E3I8Cjq_OF$f(BsAThi7tlbtsZ48@i*E7GIhlcXH)v83Q=kOM%-0UF`
zwUa3a4<DXdk8f}Xr44v-aP$3~oJ0uErVhiRUxHnN=|6C7qs>pMIpKb(Oy9e%X&5WK
zlA$ei?``88umnd8W*-`E+j?Lv+oVHOhN>oWG7QNA(QXg4Gs=MWn;wM@Y}*;pzcO2$
z|GkBJ^56yBJ}^OwQ1A=iCBWN<t!Z2nj?A)Uz8ya`E`AuACH(c<w_pf;!@|Q&kceIK
z^#ljXuxS~o887M-26)>{2YC`o9<)sx`C_pinZs1Z0D2Io$aq@XOPhJP-3vAN!$uU%
zef#coucMIe8s{5<QP8iu>_gba862L|<XAvK3L1g@Xk&{eY~$xKaji8Rzm)7yJM`v;
z06Z-vXDxG%rk|wavce*zx5^1M<U_Xe0?uHUi?Ig`d(W_ET+{=n7RcnMKppR4EQnq=
zPkAX%OogHR4zN3%<<B6|hkmKIJ$I+s{yv2z>0FdXGH87R>U(O<liU~Pk3ZS<Z~^fx
z$FkC!#W3Y-Vy_l%mZ~58p6}ZQoUHOa<|9oINz<D_22$>zo@u$m3HWYpKnd240yrXK
zQkA#0wU2gu6-zmF4z@U-Q{(!bsLpPY^el(H3^kq+x6_5L4HCZ_+Zz_aOmhRn6~#Zh
z5ntd5zH&IUT}0~kFq4Tfk6;ZTgj6gR<u+&tMT!S)Il}XQ%i@GnwQEK}1`pUZGdGNu
z5Q7^ur^Is!e{)RuH>jjOezaO)`Ct+#4EQauFz&%M-uGt*v9d~cIBPI@gN4(p$LnxX
zEFzT@m|#_Q{f7^lF~*-EX}9d9^%RQ2uUo|-#Em_#j$k9;SJE{a@5<-b9nbH5w~=5<
z@Em6TT7wo?EjyR~RwGEIXXE<ylOm{W6Juiv#ZgewuBS#tJ-L%e+Hrg_PYruG=QcZi
z%2lD@>kur+j-n?aw0l``;@kVZ^;m$;_9Tj83;<~9gd_{_KxSpca7b$XvB}5ZK7ai>
zbu+uP_@y3q<(8U&l-v|HCu4g(=SvU01K9{gfNd_J1n$ROHU!npmR|oS`RiV=S)o0f
zFni-hn2M5m<L1p4<Pyx~ZV}UNKgX|3xXU$Z&{(i**BcGZ!QWR^UW9kxMZS#V;lmff
zZ|!>(DvO4Ufc7LN@^d?LHMZ+c8NpVFT~hQ;svxL1KZwpDn<~{T3nUg5%=72buctak
zlpMepPzb=1+?7EdA=29~Ao;dh$=b?Fr?&=D3_tAXBwN6PTPp6tmWZHAEj(_PS&j*(
zshLC0M~-~{{Mie)MOnxs6=+4!G0bSv{8&096kv4oa6JR+$*by|N%$VCYQ=M#&q4JM
zw+YD}K~pl00ziBcbgt$$Xa9g#*1hFE?6d@iMN}j-fC6MIF2Y`<+C_e%xkgR~fqjp;
zx=x@3QOl2=K3$A&X|s;%jHehI!DpoOh@4-f>guHxqX|J4hLreq;Sf)mnwhPwt(u||
z|6m3MZYcpZuII@8j@*2wifr}5Z>@pKJQMWokN}fcCum0efI+)BSQLsEf-*c<VNqxL
zf?V+YK;9Juc=itJEyW8s!#<c4&LI58d(r0(_w?X$4SZAVIt?%0u+%|bRcRJ4K7&f@
zs30k4E6poBGcROW(79}?ELtoegt|Z;zWn&H1J!bFc}?0LZ4wuO1_$=r>295MyIXEg
z#<tv8SPNdge0c|-v;usCN{2(*IcXd;sDN{#v3b?W9TgF$Ulc4-%VcDBA*lsV)wWes
zDzC1wL|T%A2YIE(;KOgXamGU%><?&XJKot9FfZDd7`PI5?`P$XMvX74=(_hB$0)X?
z$Zpycoj=q(b=;j(?|twKs6zMUd+}ljvVj(<oiTo?FqaP17G6!SWn(J}b8xeW6CYl(
zmyM0oxKXqhdY4?VppEo^jdcE|==H}hKsD8dSvsVSM%=$7#Upytxp0)2c3940aEv5(
zia-klu(0yw-aUIrzczc(qU}0Fm_}X)9<Bm)z}U+$zehnq4`F5*h5#g-XvM9VF=GZ<
zl!EeolTe^Xs4yvR*toF*GpekN%tbQS^fpX{AS}4vnoI+DK6KH15)uNbp004=W}WD#
z$soA`GW+!Y9V7jF8cnJbZ-^co%_<vknvNw;f&c`|aCa}uLRtX$GIA{nU%bF}vB)n}
z6Nz$-e5ebTq9-&-HZ9=Eg<XR5$^lP$Fgs~R=0M;R`m8D@z3;8KY%kL<qhIErXGauY
zsBG-k5MdbZy8t>k3c}7UXtM}}0PMgNt1{v-0fb=HeQjM`Fiu=#j%c+U&_eG9(IHy;
zL_D}AkVfim3UX6w!p6Qhv^?xjtr*jw4p>6kTL64fiu?UGyS2UIe}6VbxQyf%ow_GE
zw-I)}B;3hF1Bpq3i2l+ARoymW#mWQP$SKfg%b+tRk~nb4w^LG6ebEiPEH4j+%*5B*
zU(BxOqK}U~cbJK`#l+-@T_<zH(76FcP>9=l!XhFnKvEi@e<m_W2<8)UV{gk87Dl-)
zM;}2%X~e58DCji$AS$1Jx22_p7{uXTF~AcRkErw@`Zp(jpCty`2a64FL+gqzP)|DK
zI+Mw~XPsbDM$97+WiNYVwF8wd0V*QLFN59PcW`cOJ9;_@!{FYyuJPl?`?|`myAe{Z
zZY{XxU%%B;O6UFU;b{HR-Y%Pr*5abSJ?7^x-@jWWGA354<ReM`4lLb4T)cz>n6`;k
zJI(DnMbGimb~1Qn>*(=sG$cQ<!P!gpgiP*thR!21eCq&RMnr6|PO!)k*7z;x{f$jb
z(0<k~IhbN9hXkJaM4zzzxn*$pV#bZ|#dL$K%!H(*BrmADfyiJT{D+TCdPOa-3G7k*
zbKZE1WOh#7d?!5!=!)sQUU3f`pXlkQH_-XqiSmFM>sKo&X~6|vwEeT?g@1X`q2X3W
z57A{q)qA9TL0q-yRRsc>SiF924)CD@N@`*`A)YXtMBSKk*PYh;OHk9{W%NJFr8i4F
zo-8LnItIl|E0FnHk)(L&T5HDvl81E#SZu%#(K&Pe(9mE>`?n3p{uBC8JB`R_(9abg
zZST#s!}$&wmgA4r6X*lOwI7%+3hsP;8hz#R<z9x;&mmihS|Uf@E$e{0ku<UPVS?K}
z$H2R)@%~{WV8!e9a#!xgX$<rsYU8wlTO0;|Sey(1I4ukCc`x&MU3^{i64z|7^9O4=
z!PAg@B>)hpUggUZu?`p7Lq9`lZ9F>nh=cV8e6;A|gb+M|V1<d0VQep7TdfSF!k9_D
zUK+umHb(jR`u>4Ie<HxxlC!vI6Hy?n;3^fC8oRK&)|7=A@80c;`5%UbKV@4Su5obd
zKy>lpNdKAvNe&`w0-$%p%`b?BdkZi{5>qyA+i?_#V|`fYys%r3#INB#@Q<)@-_|0d
z37%=1^Ew(0;Wo#x_n72`Aa;icI&l6%E)W$@yR3K|>K0(6VVlnq8jI|tB8wp)iTt>J
z%;BF_0>YGdK=JVlpi%L4hV%k5rCGPTYVQjI2`cCXY(jJssKEfMfpm~vqn3{liv-aG
zG9e9+$ubpV6g0kiDdJ?S;%Xc(XjPsgG6s=A!sVE>msovE>2#V-5@hb}6KL@0-Hxyw
z!hkvs7j^)UD#ocqlG|{A6B#}ZaIIYIGr|_TO&ASD0V|OONVc{y*KBYdq2zc9rvW}1
zL{TQG)D`NPys&aU#N4AV>dZmR!X!qr%80eZEY0FPupniNBX-<G1$CU6fL)wIhnaNl
zR2*%V?5Q(mYz1SE-(`H+Px?sbx_R^GH-Q(@@`R-dC*(rxt2nWszn}GCNL=j<N%O*G
zfL84}er1rrDLYBb+cBt;f;zEjy%5?9WIlTn?4I=Zh^z4F!=>4W><1!xfqZ^U{)36a
zR9*_IBIxsqF%+r1GD2^TSe4(38(f9-&8^H2SRmJkA_@`HdKgrR%OS{UPvJNEuC(`c
zV(y-o`mg2>UIeL!CZ$QA8CBDcb7`A%vWw@PrV-YLYL>cPr^q?}#6A}55Qa6bO$2iT
zS*L~pT^B6pqP;K2P)FU?5+5+&l1P%0mR41;Dg940A<O35!UYSaKC-%kcLVF~G^!oP
zBtkMf6mzT|AGcV;^D=OjsYF&jUf8y?E=zU)<$!=^z%jr>5#dR+`C|K2dR5A9LUzM5
zv2k>$<tm9bf|WluybClBk)n~mjJA(}cn<${R__VuXIAo<3f3($)%k?61*r=ZZ0P&_
z_uXiv*Pc1T;TTap@I_%EXRPj7G&GRndle0U(3He@4&Rg1_wV0zUU$`H$zu|`iY6xJ
zGVG+#pdobd<DIn~9rVl|1YKx>;RDf&<&IvU(ZJqV#f|1PxKG7^AA1~q)*YN}6fab-
zQE2(i9$zH;{h;~o?rzei7_l0NG-kAm&r_H^#aH(%iR6Lb5SY|XGc!NLQxM<y#Qvap
zv|jBaGzCmNkdr^h6~vr&9t2)$*vhs1n~t<`L2EP;@_6m=H;K*^hIbRV%mm4D_i;?c
zpW}t<`EMWb+#LJ|+RxG5PM#bu+^!~|P=vHW=o-Xi<`F_@z$5N37itwEc!z=4`7uc7
zbnC}vXBMM}f}Fmf7w6#5!NHp4%xui-9c6JB8)&Xoe8}0#z(@JC;^Gn^3^-iJ5&U2{
z=m3>h{qRlzBbY(}QeBkgP%9RYS~x`Zj=e6P*n*RYXN)4!K(!4UBEg{~$Hra&dIvE*
z90aq=#bL!zio8rR3JPVaStcA7{+v>ZZ>jG`VqiuO>M~N9E?v1Yw_J3kr4C5Jj9m-s
z+SnSILm+Jo;Czvgj751b!?Y6MZ~ya4$pbL$lJ2TZbRiCy%Smhv5s+-|gaP_J@gr+-
zaD>C#wr672&PL94C0<r%?fr`|%G}L-f<H#bow3dZ26^BmrI>B}{o8O5K$>IqP?Mw@
z1R+=l=D<l5l5hdg1PNC$S3`n>CsE*q*t+~a2q;WXn|~*~LAnmWUaF*1SSmZeFTD%<
zaR?^^Es6vUzpV1UrxeNHwLHHoS7XG^d0u+L3wWY2Q#c_${#y3n!sHh}+2?4fF8myy
ze&$t+krzc<J4V>J26(T$vlXA`?YFZ_!iP8Av&Z3>%~(lPvt%0n3-;jsPM<&*c*@)0
zU;rL?9GlS6M*==o8dJGIX+(KHs?!&scZ0!4s6;W_sb<GeJ+y~lRf9YD0NjjCO^L#F
zN<CoN^T6n`l%UvKG5RTamkg$+W&p5oE&)17KGuS-cOs7NnZj@`EgkzZM_Bm}f*2Mf
zjvOZXNUg=N(|WTPZ#=aEz~VkTy9+s#=MD{jX#voVNm-lo0}5LqeT8S9Vx-ZOI*hU{
zFM^}nhwP|?J{VTF@Q<Dpl9vOLj+m{~&i<T0^0*!<ZJA=t-g;zIfto)JI6BF9L0&5s
zakFa{A_3}pWMuMv9(wS7_(CkQkIX0AIJ1;-zQZw}*H><kl$JK3yDzv8Qc0L&^t%QV
zV2i#AD3BD@!|!fA0|}$((x4VS;<T$~SRy+gmVy9mR?6B?Pi9&d*_Otc>|JTJAQg>-
zd|uW8p)&s4C%pb3y7mKReizdYvQ9xjdZ3_L&t8$#G>hJ{^^rszNft_yx#q)g?PL3z
z{E&^^eM?|K5ruj|Yx8CSJZezUrSH4~E95(`zAFBaX?^r{$Jc!M@mW{5WBc91M<>Ab
zXJIH8rr*+4=LUYs;Gs^=x1A&9$7p|@leCt^R9an8M{RzD9fV82v;@**gbQ-b?5Uc=
zfSC-A#{l3ikf4ydNxoN@B<r3%MxYiRa@+~={cL4UQB7HyFb4fCz)DFZ06=3~IL0Rq
zp3mTkF5m-TjRi~yNMWL|Eu<=9P8Npf#Sm_Eg>2je6@LBRCkSqzRxnLS?}q#b;e3OJ
zTsJ4OnHe}FNzp)+^9`AaiunT5r|-|7Cy2in2^}l(P?L?X@6|`9p?VeJ8(CIt-Z&hy
zy>r9f5ho+?s$wG@3;2E(47*OJE5my#H0-)&yiJ$jupZU0@_R&`7@<AMT_dUUh};E9
zbtqFpX40fTi@I7=;sdRmEht(?#=RN<CXS2)1R~ilj;@bH#}LyiQ9a_=UNHMwK1bj)
zKG7T=L@U41lYPdE+>#sd_@E-<`S-iG61)u#K}Yk|l{@&*P1@q7hrBcvmk<4e9xPPm
z9(G*$@S})m+qJ7=B7d?<<^U27;!sl@Tg*pXk}(w{@^&J$E>IO^KWhg5aRD?l(i~0_
z<p6=0NyZ)_fiMskcoH#54O9Ho_YdcdG`M7eYq+Ur5R?%hsg^)-387Z?`iJSLn^ZVV
z^77P(906S&#dVPG>6u^6IN$-{R)gn=Gv@!vcxrbW;6(GmTY~cPaYl1PVyTe27X)1f
zMmGrE7D1jcgaJW-qQUJG0i_&-V%VhbCk9G<i6qpWdM8HMsv0k<PlIG8%5vOe5>Ez%
z<|SOA)2QNwbu|{fyI!#wp@V`1Qt6Pf7Lo|3e(&F|&u2&RHG7$;!!<SPvMm)Kx|o#J
zupc1xl|W!eOHYu}R^3<03mL|ScyFY%bXh#Gzg``U$tMtBQyex80_-Rd*c^mnN^muj
zs|9io5bXZagzt9!<2A9@1wbH9hXC*e`ypgUVq37)R$2!GJfAwZZx=C6gATHI;;sTj
zHzxZ%+BsqkM>!;NsT=T}tw1Q@kt3HO-ywY!PNQc;g-yykUN5*s1dtBb<-h?S__jVn
z*}M_uZo&6i2W2}kyowQN3OF8;0=S>2EG>)W7pp0_R0YUqZ9<qU4tR$r!;+K<6DI6K
z$+)3TQw10LrDu_f<7~VT3G#q6NyUCae-Np@N1UCH!w5n#nlT}Zdua*<-ONIlC;j0?
z1F&6^Ex~v%5)_DSDjBD`6>&L<2^pjY5xLxRsE{T)@23^sWl`QF#jc5h31k(X2BIxQ
zi+m4RzGN~)Lq!fz5`7{n8Zog`#=0-v1@I&(H-wzlPk_aGItEagFJVf&ei}_#Xa5_c
z%o>f%K|zXrWBw-80FsLX`?S+7%~?|6)JFErN?wf$-|1XKwZ;->53ycu7UY{Mhu+-^
zfcZ_?{t+26ofa1e%~l`zzNQ1`=(`0g2-5OT{G)T?4nlW8qZf$p<z-pfby(4ou#zbK
zGCCWizQ$DlEbJiM=W=D`P_<2)wylb&z_m_BYM9<wD4y8Ws0CXBK6ybghZW6HxZuEc
z2up$Ih=Zc&<BFz+#K$7=@hTh+Px`C(x}y1)`0ud8ly*CE42SY$#@wtBB40O@u5gdj
zr}dHQNZhF48<yeX!S0s`YVqDPm#0Zg{)^@j#Bu2(WvcH>iAYLX+ESF)I;aP(*_<4o
zEk+n1aFak<!{UEB!E#&k=o5!SJu>>AP|1no$IF&)trwaH_$ezRy>1xm(d{ve9N52K
z8wlpyRaSZ^9!_a>N1qOjbg?R+6)u5E54Tdg0)05}SZ|TvlC^k(2QlT4+!Bn!+tFGp
zqZ&3%ysXpQqToiW-o5|5Q6^9L96brkh^0@QIwehU%aw?=@U&*Sn2b<sg!J|naB8-u
z(d=5J26&cn>g)EUVd1y|Fl3?J{9jM<0sd(v0XXi_<LE-4B5id0<CnwAHa;B0l&uB;
z1q@c@n5)8Fbn9srnd6|gdAmqI1W&<pSQhW$X8bnYS5Zh!V?j-C0}B@#ei{)l%XduW
z*jDc_*&^I2ZSZc|*o{={^Ed!4n;=Pb#2?*Uc1`0P_j{o^^sZoKn=pr~vh1E(oNOAd
zeRzA2_XG)=;FyUPHWuQ6e%0#~3PdOckia%-mJ#?PZNnrP5rBt@r%n&t9XQNnJQ>1r
z>0=O8lR^h5#qr0ndApwX-ao#ni_1nP7M{ddycM_z^Cz#_4No4|8SNxmzVE|Q9&i6A
zd(ZHaAJ<xyw0C15%aiV*1Am*Zihcnu6pF8wz^@oSOf}!8Uko7Tb7Jyn1#YN{Hm%0~
ztA<O|Mqbfkaq>!;--={JZj(`xBu(SQ+KgBp@ZX60f<!sVdE>c(6<~ud6G|BM9su3C
zBv0$%sZ*vvuR>;f+eR=d7&xt1p4KKFsM}bECk9HK<gO#flkAVDc#()Z!Ql7m2w7iR
z%tzeDGei=Th`W;~pW|o{pdfC2)+^Ms0)P)hE%)T$rUit17rOLy52tPh1?9}LUVP4+
zWwQBT2#EUPUS{TbljIj<?#BPMp1ElWfcAb-s`K<K^Auxin-vexY7Wwril*&<IdbwO
znMn^Q?Kyez89uYheDz3U=tFjsqz@<=R~&il+CB^26>+x^@gaO5D~XKYk)iDH`{<1q
zK^mwQiY{Du87-kLiU;gL$`B&2TG)03!Af{vqN9Wgs;RYAMy)a1`DXkOS=dataZpZV
zsKw;a1N<wc69!ptX!}UEKmK91@rGz1E59#GoPxA%$p;%CD@G}}01^gw%+kV~BehDT
zDI^kW&>$pY6(Yxpf&4AzYXsq8@Es;$;fDeeGT3`NIKLBkw`hLnL+T?AZx{o)$A%dG
zR0jitf=IN^PH1=UIivA~sNtGwO}YYqY>FVB;<+m<V3voaRDu$E^QOEQ73>Wl^_?e9
z{As@s>NRD=RCwDlar&T7<{+0S>n`Z95DJjX;Cs$!kSfvrrjIzW8v$Nnf?T&eL(K01
z!yhN^1!BhKAP#J4VWLSgaTFu)NbdW6hz^h>N)EMcZsB2JWdsSvF+@^00i;67pOS5a
zI11#6GBC1$MD`<CIcmC&4q?1WkP<+)KeMtDfUramnS0hK7^pZ2Z9n26C%`^VF=p9O
ziYo?$AfgtbLC0H(WGh%R?gII}Ne0fWw<P1gQk9QeKo+H-;Y^DVh6+g}9|Um<>tw=W
z*!89T$$|MpNM>-rRJAnXbuy8|*q2F)0Zh2YBh#^<xQ8Z2-=%<=0SQbDx@s}ZDbfHx
zLWW(8+8_8Jl4pS5EW=p8tcuz=tT304*1!Qb^Ow(`HF3Nn7Gg8%Y4FI!q~pa~k9e~8
zHo|vOiDLn8Lvj1@F%tdUX7rihBV_V;@N8xBdIkpWB73?FoS{Ch9iph)!8Qgr!zW>4
zLygbZsPX+U+Kc%dcD^a^2^SCa+}}UL=7~N<87dQMKtC&#SC*w7pZ1;;st}gn6Y-}y
zd#?tL2ESr+X|<Mw2%8ItJV1FtfftP)Az5PZPCx=JK$$7*$!V9lylA5tn};5;YFOn0
zL3qD0$-+P6O9<jHDSzB}zXu=t8RAQT9#-Bo63rZ{sHh;`Jrag@A`-JP;e64=Z)st=
zc=%=0QL}+p7XS*&x~s9E5#^P*4-gwWWrTQ#kU)sw;1qk0F}E)<9Fb%+&(WT(q(=)e
zQZGx|h#nULeG~?Wvo9i-c`Td|$Sy+iwt)J=_e&C>B&ZN&6BrJ&ElGo0f8vXOn_9|B
zB+1~)V@sa~Fcwq|;n}m7ZlG%ecl{R#3m(NO4*kwlXTOXtvE1s!&>qo1IviR=mi&&P
zK~&sL@;dLU?}IT#po;*OZWI9#T$ZyZ&4bp``1rI7<Zd>dsRl4iUknKeDKg*Un%p&t
z7lAy3XaI;38CVnSeQ{Ws2wJ^xsO@H>9eV_ZnGcUn%8<A!j4ETo7)%w{Z{3=v>A}@+
zXSn1KPb7)|_;7%m>cTem)411vawPk?k5<LM({P4OeVn8gf`7acnW8#AKp{%{1N&K(
zHB@J|_A5@B(Xfes5Ua9(PYnn4SmpLNwa6YT4)8R@CnQCGC8i~TJGj~H-|m7u90#DK
zIPfZwx76N}!&uV$1QQ83x%A!;Bj+ArVH&r;hLA^?<Kht(0Os*Rb?yV}$R%_6prs~J
z=FFWtOSmjb#fik8T@DHYsc6j(n~Wz}1OjkR8j+_Q)*Dg4egcGmktG)C?RCutJ9bD@
zLZhQs9>K;Zr0=6N8C-hb&~O{P<;pKtuUwIa<{~Q>CQetIw>@cy9y3Oj@o5DeOESpX
z-^Q_DO@PuCLK<j+A*2ykUm9sx{n=cm?Xi+A2%mypOj>0m^S9NcPG*aBb<PJ)s1lFU
z%uGsJ0><mo)vKb}+u^!v3F!jHJn20NKR^%~`V5`=6=wONJ-7qzz)d!(o%o&Z-CJFj
z>r{D|XVA_-7^Nz;R;O~PMQSaJvHKjYxUg_CqY|Gm6wHCHjt;Q#zPIZd^~4YkL7s4=
zMooE-Tco72G8A-%PK#7|BYpcYCpPfIXvOJ+T0x<qvs2i7Q}lg~{I+xS(j4^#u^x(c
z%=aeMhiM(qSX8ecdgY_~FOblf90h(ccY7Lq)(cGefHw%z>)mn_S+6)3Ga&;q-MyO(
z!bo~|@Geq_z#2;EOpAbqfx-AgvfT1+#)91{W_*1II%F@zYYBiL<&z<ERZrE?919OZ
zhk^qr1s@|}gtGv(;sO$UvQD_s%FiLL3na~RWVnK<0D}Ov*PL?n0Iu2F3=wY(Y*g_~
z_r4|(x4*!o4%0){$Z8owru5TYIx6z(I+Xa1Am<a_7}0uAjYOa)1luo~?eJK@8h4~G
z>#-Z#59(WtU)mqmqJja`AmO!83T1!!nQ)m85htmtfa8cD4jlB8qOgUz9n7xLh;j{7
z1symcI2a;<ijw6raSLftb{>6iT{8Qfj~<==x!vhlCre&VZfOuBl-CXuT=!{0=Iz-N
zfa7r6B_k?drHXB!{f1Q(%j65Si(7Zi;8Y*h4pq?o-oK}Vljg)lFDE9*FkD@VLk>$_
zcCG-G<op<E8DKqOElyWygce2sw_EyE{EfhGOlNEz0jg5X>80g1r!H!R0nr<yp#%;*
z5N6tE&pxt`hFoP-#7cyPc!RdD7cu!#D3}mR{!PSk_V~YxShW5UvB+4X(q{cw2loSk
z6l!a0mq=o7u_&}g?yuKEy_Mr*aK>rz_Tk=hfSwfg<nA!7+HGBP+PMz5TM;X}jyj?U
z;f)@1ler`3?f?;VN&y2w86aM&X{)G>Lo+bl0>~rVP@vO;>@fLw_YyPKT9a0m#VD9O
zOz4HkQb7O)1$tCCY78!IPT^d+nm=q^({KHF8m&bpfsO&Vs8QuB#4$$uS^0RlHf@}-
zfRnXbpATV%_3yK+f0-L?tr@w}9lCX*<&pcq-@-lZQzxVRw1TdTs!#OjFp+3VHO6lX
z0sk16Wr$i=HkyTB*cPn_4%@^pLl4?v&q+y1F}AU}f_}LDllclyoG~O87jct6PtU`^
z_5X{kg*inLF~R5@ii~tlwUr8Bg$`hPV57ke7I^${J0_nBPLkDg5T~GX7=MPtWgo6`
zqt)DXrs+pAIL$6K8H>=RU<eBY!$_fkw7k31tW)v*--y<ooi+Dgyoylb;ZX(6Rsg*O
z)(QCG(>g6&$WCG9_u||E(rOEd5s8Wp)n7&|*$^Eib;db)lENi<kj9pB<6i1F0wQL)
z7h``ZATW0pZ{AOiiFkh`aiMqW2SNnw7>bC9iJ#j8<|Yr0ByTt8uhZeT?PUnn^4<1m
zsKlokVQ^V#B;|3gxzN<aL<^d9SCYivjthX!%mGJt=&f6Zu-jr+)6z#Cv|%T@%uWBc
zMm}#Hq=KoR)@)vpk3f(z@VT-oDq$oQ3FbQzfaUnzJc4?1i92Tz6>S{xMJFUCR^S2L
zOsV`4ITI09=wRY;7LepkP{UJ(3!7(5o*aW$bMR=*OG?r+@v!R@2epTV?@pm~fawr=
zLk0~ua~oRGM4Tws0t2TKuZYRxtKlp5XrceUi!;>(cIhWSU&)i6GK+?cdi$mVU$L_o
zqR0RaZ!3aArKG&^ItZ`d@}U*KJND&l2ZW2gU@LOZ^hj>e(XkKxiVhO0-b4_I75M#p
zIx(3_;?XCnZJ6~-0a>{=)ITjL*>>Ww6G-VGsN12%VPM+8@f$?Gc(aWBt`!E(RA9DQ
z4U_ZH3%=samYPck9SK(O3XE*+h#dg*me><LipO9l@L%{IOEI}QK;{(O5pIIgrvV`l
zP7SgZfP`fQv!zoSM<ZtOseF$4CCnn2q;^7&1SNR|UQOjynTm$kxnBqCB2m$;NTidJ
zj3r5)z-*8>x_b3BBJT#mAXBXYhb(C)$dqQC?-7aVwhc+K*JtAh4uQ1Y;>EW{G!tWC
zq-JKiV4Y*|xg0;PiFx?&25!6MNCrcC)KY%%jO%B}IYDE4>+v~9{C@^?<a^@wlI>pu
ze96*7=^2GV8<^kU)ky792k=k6=IdmxSiim$)X}sQZFAn?8D{?e#MzPMJtuRB$h5&V
zkp#CB$Bx|rnc}diG?`s8K{6J&V+hbw#2T3p@hv`}DK@s>GNg<({+*rMG1u;XEl>1P
z{?&{|4mi4Hh0@i$C~wwbag}w8L;{(4dAAy9gVq>bq;X#mI11%%+od3XVs^qjx&u!F
zc)jJII$9E|`nYT6h>IJ6)2qyO-Yd5L*b?~GQ@Cr4;&~NT*cMUdevgK9SFCrEiZs;4
z$Wm|$-4ImoidoL};Xtz>Eek_lSIYIq=g+m*-&1^1@4`wi8$`;sR&MBmJKG!>8T3=^
z`}qmDVts{ltY)7wY0@1)3?T>!#({6tvJdO0{|#6>@yYJ1!F)R2iI@^_6Aj#tGO0Yx
z3oInK_$~m8FAEATz`-KBbg2&e?RdAhGh&MtiDwR{yU+|aL@rtDX~%8B)dEct4*?HR
zA%lbsgfmKBR$Z1WgFz<~(o!@T7(r!VvnBC)kO<i4@n#B>9T~SE$mBWbW%5wp?F8$`
zs<DyjV87Hs+RqZi9yy&Q*i(#bhS!;l<iE8zP`92qc`+^~p;+c_LUChxixW|mkih_(
zU66mi_VoJTo*|{X4CoZV?_9(xFoHmlgK9#f*Unfl{QH3Kl6`3>FUIaRxN2l*aFvx%
zTw{W1Iu5Acdut8+{1~=#XkNb380h2P6E>Dpb8aqlU%xOP#iARVhn%MW^)K_*O!~(k
z@j_)ph=QiIwdSMksKX{E7nsQ(;^K^N(|@lgEQ*Q-zd>9wfCb1t7K}#7Vr*D=ysDP0
z&Iu{$`%&>*KC@FtC@wyJ0*-wA2OvH{YvBqtHZzm{j=tX?uA~@@AHd0pmlHvf@n$>F
z2I7n&8~MWYt1918N*{6+4vrE~k9@YOtJ^wd2&7Ht*3coVpM~3wghS#AM#*REiXeF8
z>C>m*rpN6dZkMOnumgEGaV*?1Nxp}@;S^1rLfA5%iDhYs>LyGPxH<FJj9(TQqSc3m
z8k%?AkesHoKj>rE6aOzO!w|0aA%GS=AZz!-ly|1T%ADk!kW}Umk5W>mz$NU3U=$QC
z65WpPYf}4v5va7=4WCaGe1ZAb0s$q!MWIo}nK~VLM&5!=?d_8Rzkwxsb8CYLhExj9
zeImvHl1B0Bmi2_U%6I@cj!$RZs{5jWeEbZ_)W(ql^chUQ0K_jP(di1F$z-yF;olbe
za^j!L=kw0}KdilZSkL+X|Npj(-6$E7Jw&!dSwfMJNE9P$l&#3VYhi>?w#t$rQj)z<
zAry@=ma(*&vL{-Y7HwMI@89haX6BqZ-|PDP@jKVKKG*roNbmRS^;{m0`}R-_9WmlN
zX}57+e2)-Z#<}UQ`Exo<gKbY0AL11pfn>6By!1V_81O>ka)s{2tSa*hU@#*DX(kg8
zxC=~+YFvBKhO+z)Y<7_nB)L}xKQI|C?Iw?XZT_oG3qFeiiRhN3aepF+pwf8-%(ZIQ
zH%!uh^U^-T{6Lq-0iCY;vvtds+tK)ny%sYBYymL>*6Cezbn3wGNju7~RcqPOalD&?
zSiCLMdyRq|fRud=x1~U@{x6Y5YsF)cI_zEgYP4B<ZPYpqGk3M>|Gk+9a7NCe6VYYA
z;%$M!A{x2Jw8#gqE^N%&`Eool&?Avo@Vyi$e*bo)(9^FnKBQ0xgC}E$cqA+%Z=WAF
z{#lTisshy>3A&VQZ-hjeW$d9*ySR;e=qIZk|2MVB^>O-NgS>24;N^ndQ&&hhw{{@0
zPZH-%`C)@ig>wbmO9H|T1@!--d)V&z8=fIl{M~~XVB=lq`_|@Wopepq`F3i>4DJbf
zdTD+W&=pJPX*BN1;iC`m2=*azj9=|qFnQv{Js3bGF5I*npNu13{eAX+S~0y~@c%PX
z+?B-RSmXa;1o?3!0d{gfLDQnkBp@V2hUqQ8&V6fuTJ!ZfY83hRBSvhwXnC)U#CZ@7
zt-kZT@?By*>N7;@<fYcb<Lz=PHFl<xT*yr@3X%0ORKA)Ml`=w)=i5AC{)2<VfZF#>
z?Em#pi0GsR1MoQrz~T?YKr{7Jt-fgino(^JHT$A05K}^r>86XB5*U=cAocu_{L3ht
zu{G2fy4+0>+vUllC}M`dzh=*$Ul+F{9L?q!o%SOqSE7x(4d40d&p&$wu~MHO`=yn(
zQe<>EAZ`K36fnMMHjJ8S8i|v80s?mPwvKTmbR6k*6QRwPqAz9!1qdDII=Y?%w<dQ%
zq&cPR8mK*Tf!p*$NhMDV-R#9-0GdLu-YZx(5%25MbauF5Ts8l<%Eb5lZ8Ax67N3x!
zZ1cT<f5{g@Kl!PDJ>64&_VB51SoaBwxsHOZSMNYb>gwE-p0Ar0`j7fpQAe|7Xh1-F
z?ahU?HX;Z}nFV;i9fgEsW}A8Nr~{*-()N_>Xu8wR$-iG?b(JU{q0xV!!j1<@^Vp!1
z1c-j?U;X32jUlCD27vp+zRzB~co${xAFq7sN4VDre3v)BVpwX~_Ljhr@C!1O6Pwvh
za;^|GHBD$0s6y@P%C<v=vkgK0IlI)ylcPy<6o?J3=H~&+YKr($tb#iNs;>n7_^CBt
z|8|x4BE%w*I4Nxgt;~YP*aTB;G-=|?O4?Uez^{a7ye92IQAV9$SOP;_YhxYNA3`7e
z$`%Kyj*SG`F@LCM=oU(rI2TpXixuEY-<$~G2_kwCnggO5RPc_tz8Ggpz_`Wv%d0Eg
ztBNO!<^j}a)#6dke|I{|aN9~K`hcr8FAG2h&Tv|7rTCCcu`-I=Wgr=w?-6w~l2RBB
zS$|#O9B-e=UteR%V6|Oy=&r&DCX^{R#D4b`Aqzo9HP)`*Gynh17k4|o#0}BY)3me(
z{WUo_o4Iv97AfBs00aFBVMGI|#yk7zjqG&*OJzN5|D!<PszvO#$GE=fFYyKiv>gqX
zt=+Ie0%A;|yv3Wq#n6Nrpc{!5%Xo*}n{v~9opmQUZ4|I1V>a2BI~c=>grSpeBSafO
z)<&Z5Z=_8~XZ(tKix%5pF;2V29gofc&@MfT;82F2fyHeDjGnF}CPp?Ci3=oVhK^fB
zVJ*AfcFeKW8e9HnNo;9mwWLoe?j;*6Uof&Zq#Qe<cQc&{3NRHJZT?^*Bme0$W^8$H
z|9Sh-7dMyCC{10G4~p|&weG&1J9oyrL8nLqRC6dY{@B%IgVa1$aAn=6lR;$+s3Lv7
z8q9ZBDaCA{)n|@pifyh&Oh3c^v(OU-rImnZ?W3GkS4XbvB_YZpy9cdDFmeL@g7*6L
zmtsWyz5J{Cd!Ie=XD6wotYh4&%psH|KZ(UXDSgz-vhBqtPZ9^d;l}|!5Nn0*kBQFE
zo2$&WSy3zgpFHlcOthvp0HB>yt0mq%wVvJ|RO56E?u_<&|AJ#=86l)#BK_BNwT!)U
zr!F67I7uBVwiQnQ^q(Z?mj|A6JLqbywMV7cBv29L_BNM?OeN$U^j~B9VW8maU)j!L
z<&K75k7mOz#)oE!rV+ligPvX!y&FYMX<C00|F--Tgx59+_aG?_hSg@pwy)#F99G5K
zt@vljx+c5&z03cZr)K<j=%@bXd?~uW{<@YP|EVYMv&j+FrZ!mmOZ&ucHKd^)<@?Fm
zgx*TD5QWpUIcQ6(&yuirag+Z;kp88PuKt&G_SR^x?eymW+rH^AqKK*^PD+FbCGe7z
zqRwOXn=kn8+uw5XCffCCz5u|urb29KK=+`swG}tx;=b#1=<JllHmzIx2e$h5!ABn}
zuH%ImT(ME)*b8;Wxfdh=r4iQCM1c$GHk;&eh*i4?m*0;({Q5Iz=RRKFXEwnr6sE8r
zN&edt?LMsh_9(`-lP`(<?DU9`uX{#w;Y^oD|9n>NTKm49pqdVKUi<tVY58AG!M|DJ
zuP4+0;Y~DUw60{kED6i5{vpda){(r}qb+366W{AqcJ?3IUtW%XgMY-i{@0r|tFzJb
z)YT06(WyaPm#B*;E=-#r;96(Jicj+_iTm5`@nd!IWZ2`&`pBMu<Pa3Kh5~`Q7Zi!a
z&nTFhRuh!|Y&Pwq<&(zMAId5G#YTN{w-osaWAq$<zn%T_!|MMk=Z|I<!Zx%pikooP
z;LoNQ7Ly7M*HkYUTbso7bLF4VTu?lP8ft{BFslA<d4RqvM~<v7@UW!6zMiT&DO86K
zHgV^;>JZz7-Twc6CwoQ?Jf!x;ATjU0YJTbU5<3JCE-o(qgS?uLIX<4$Adxc;8g%W}
z{rAeRNxGwxyLQo7U-F?oddG8)_?t0EoLS+fb6&r~>R#E9NB)7XP+z#B`(6<x3!mR$
z-U3TgyNa)y>QP;v_^t-b_M*A}eZT6_u8Q4XmzJ$V)AM5`C4`9m`0rKasWI62+7Fh?
z4s#J_K}~vW#;nS;F~w3y+1GtO%-6g0h{<UTtV2wws8{h_?b`J!vhFug{JWvTqq1v{
zOm(hZr;db@A|`?0mJ;jjL$&TP|J|2$4jS{(1PO>sK4yU9OI}7(zzidk1m|;dN$5hA
z9n(&ckuWP*J#q-6jbQ-Alf4lrOc-}?Q4U^ds3-<%n71-<t+J6JAX&+0T8JHNsuEtH
z4%$o+GyHbJI+X9a5i|16l+MAfnVFgLlQdJJdXwH4p8Da(zTs~AR!0X9!)5_$ah$n+
z$X3I{!;S7F`Bq7c2M=;XG=dOLs$~UlMtHYDM6QqAH^TYf*7d*C@>-b!yPI`teWj_o
zr};<4bUUS%jNC%7z;_ks72{Kfo`VOAtW5&i@MvAcj1^kdKD3g5#ndY~At`VXNtn?=
zD1I%s`cGQ$JCqM+!>neM$8bGKYfs&vvuM!Q&ZpK>$~QUnnJzA4DDT~ir2zZ#%p6Yr
z-`b(+;l{cjr{S;zVcjCbGDK{Td@%oRmjKOY{pgdATW(F#oA<xi&U>%QHpYK+cmDWw
zg%5Ejh#wn)!Mq2W+S-U~T6}zV)yLBlWzbk|pp#lC6hwfKFrPp4HaGW-VNWdJPB{h!
zF(}-BKQd_Y+GsMK1O`)=42gerOY3v@O^vn))@G0r*tu!>7Z3Ubw2*I=iFascke}%e
zwt{qoi#dJjlv-qRh>9c0Lvy>Q3`=Ey8Qq87{L-QwK3|}b+fG-c>2y!wxQlb(4xV3G
z_Uo}i6EvGS&#ztHV~iyLpmKjuR9xC9Gnv|ombLj&5?p;`NJVC9h+AODr`C!YSC^0I
z$h-cT<|cRgnlV{lagC>+hJC!}@l_&?Sf-2OW5C%|mwnG$^L)BgIy0CJ987T&EUo~J
z1%WONv(b7lxmftAurOcs^xCH@r|v1;D=$o#HMC^*WZ$OE8YTIvHCtA{*_b7zhD-08
z#^^NAc6@u}zO&O@C&&HEr@aW=o*CQI|JnW~hSp2#w-~Q)*-34J`2_We`%Ckhxc}TF
zqsRM3eS73od|sQs_Q8Wy4<iB=KD>Hx#SxC2+TVRw-(=Y3Uw)~nP6pNFkn+U%=g()X
zeGW9qY1H1t#Ln?>REi38LE_9%`brw8TrrZqnJ*zN*iqQOROM{gSm*EUZ|96UEulBS
z{b*=8qMqm~K|$Wo&`HrC4iu(m8>#xdal{oTvDZecKXi4GNo?rXkMA~!gqm%S;0E$c
zG|UKa0#~%Qj8J|(6D@c4J_L}q4Q(v8(wo2iRy{0-7FohSmKQk9otyls<+&$k4;9wx
z>S>-4nHHO)CDPe^jUs<336JDh9Yz)ImumI?`1#_zyu2p#G*n)%0LrO4fP05{<bwbK
zVAQJS*A}HmHilm_3O*j{7PRkvruekQwg2M$@t$rh3Q<0=GzTnwr62%mlW^F+s;C9s
ztS&S028s6fumlr;<!F3q%Cef>xn!%Vz8_I?beTSI+SI9X2HLq4d?$pah_E3Ce&UD*
z#%jF(7=AKE=FWM;aW^&wC1-=^x~%5F+8mb$I734abn@is#{DN&B|lVA-_Dvdr#98}
zjZaMmU(KS;?<z@fK|!4wwdyza;9%VzJ<NDi7|&j1Wpxcw8CZVo@}mj)3+rw%cL`nS
zO}t`D84-Wv4VK(dn6PCa40w6y*zdPLnP`lx2R2DJ!iw|~IdL5vPS|Lz8XdFx3WsL=
zD6?+O8pv=J$^&SR+Vn&rzgVJ>XNF$VpD&*le>->kbv=?@QBmQ*xhiUC2JeYT`iNVg
z-U#{vzJiCS_|Bef#4xxz+b7dTG1?lCNaQG}Xb@B^+H<AGG4wT{RdEPf_WJsIuzxi`
ziGD>Kxy8BB1a}c<!DR8kwxjHEKwL#0a$nnl;++SU;-^MsH?RApk$WR@xTDj%rVj2L
z*pFut?6y+w0xuvf9QCHCv)-05rD6vrb`mh#NZQK48O~KJKqmxngsoZ1s7MhP18AJL
z`JA)QIREW|zS7IdBz6d|uFvhmB$0^jjZl<Zq?d{CtlRSvn+ya6GTlDn-H9+n&DEu5
z$p^LO<ICP1ULrH#*fL{z5U9CFK+jB?I)_2uUXc31t83ID_q67*Lhj{|@aGUVGB`%j
zwWns6Na2O(jmADT?$BWqcifgz5T_!tG4_BT5x?jy0YnVgZaQN?;8xp87z=vfc6*^h
z@S;0$?FduAai9am!|xgaA}sPMI<l1vYz%fTI;Ub6!KSq5WaiUZRD@uPp(SIqpfwb~
z^oB{NCw2E*X%NAXKhMx9ii`1dHS!6`&J41t<h;Pk(`(?2&`biTg3(CtMb9KDD5L-p
zlo<0cJImkATc|l;Y{GbhxAX%t8Y^+Pyh!Fx2O)Uq*7L=b6P!bDKYlz{xXvc@>ltjD
z*rh^+mv?n};HC$M`!@lOPW>ER5T5{s?$vr=Q?!ZRNBrhbr92Sl3`Vy8tACtnKK<*?
z9HR2l8dPhmFEKel&c|3vG7%j<oK&gu_=n9GlKt6v0OXyVP9@D7{}^-S>-n@{+2F}O
z_0j$gr96bhk>PHLA?pIfIDJ?YR)@diCjbEl28$32>g+K8{gz+9?u(~8Gp<JeLsz=>
z&Liiqy$}4txV8W2nv7omqdm*^_=l(Wq{h*IkP`prAM(5FLGvi5DaHs*`t5t)d$;-4
z6M2Qjcdj+mtdonFVV)6TshIU8&oj7<)}U{56*L{Z$ISi5M;zN~X5Vjkw5G%V?;rR-
zzU9%-yQ19}xqo1KPaG4t?;G#w_*@cGiG=Vz;%($JRfPza09|;EB^#%YmPFFO1iA4K
zA2wV<fr5Wk?ZudncB{NqQxczkzK~Zk`%wrwTIPbsK7Fc5oJzOX{?P&JT;_3rA00Ba
ziv|%%_3=z^y|?pLLLOFo8rW7ntKy4L9tsSF#*{b?s}pZ;frYV>;S{dk$}q-S$=LPy
zd=xMP1`fQ1-G=>VF&k>4tDfEkn@U5CPQ=5g8Q+KK$5IU@u(G?^5I%W}akqQ+?1}14
zfW!u`tqW;FJYZ>JaoPfdO2|E&s#a82uOXNHW6RDq2`gx!fGlhPgTW#6iX)=>8w7hj
zD&MzHRsKxQn+-2CW#*9cP@>ty?0})5-_rd>R-}S&(j2gK)`?(M;HAjOcqC9-oj;OV
z819tZKu1T%9LXMJM`JCO%zyLqOP-@w8_5=EpeLVB2CYj%9nPX&9t-cgv#DWsIsQy;
zisEqG&kLGrboL6He}`l(_2$j%fUHEk-dg4+kJdKv@mUxwr&^H9+fSeF=A~t5QT8D_
zAX}zIGj<}jg1*xM0SHYz#qf6kKwH7Ky2rI5o}V&XHXL>vrai|K6Wb}ciNuhS{Z<#e
zPn``2^j&ZEpw%DLl!MOvIp3GnA}xf_#kNzXkachF=pI&t2ER9RhZrJ%Gc8REz;e<b
zDgrzhc-|k-@3HJ_%2(Y=D1SCgJy6+633{Yd16Fe{iq2ZR7Muj*5648QF;}SMyYN)^
z-`%4YDvw70J}jX8+Vac>EQ9<pd;JZV9&;>Q#oeZkoS7P6Mz+Z(`=I!C4DAKCj#&2L
z*;Ne~?9F^x1V|E-OYzphj=qd{PSRjqiEiN|Nio7{yf1f@7Yw2l6fkM6;jplDZwjj9
zqR1fO{}!{0AD@}5M{vduh;Dx6E}Rs3V^wZ*8LHRM)wwDLGzzhz4$rHAr5svyAvjXm
zd1Mba=VIu9DFVk54fs^a2PSJvV#R`rf?LO=#hZjxj%jHZmo&e^)B8fPtBYr{6|qtU
z(iU=e39h}dMlGyropjx;a~`SPxu65=J(9$9px24-2ZU$lQF=)*49}qFBH^BYWyT%%
ziI0KtRu2!l?AN?U@!0U>5-2xcJ}Q4}=VhyGJi(2d^TUWFVtk9&7!i8e0An(0)qSo1
zU=4_sr4nmTwRab-H;c;eBel)<c%^}-U$J7kwK$uWV26oK3@w7Wp`t;CwpFbkYAZE$
zGz2I0cT?!uUYge!^$rHfz=8vHa}sE7b%{YKz<BZoV3$QV($@B%+DvvPm&I{v1+h{~
ze}&~Zcr9WieVQezHkpEGku9cTnWc#x%mYZjC92JCEjHUvja*b8$B9f(2AQ{R;FD&Y
zhB2FcthP5^W3X$^BkEJLPSc;Nt5*k{SvUeBraJZ+=2XesrXk&Fajm9RuW)E*X0mRg
z)0PUHP&JKMx(w0Q0in!7&?~nX-r0>sMJu0_PXWkHFthw<Vp$p{LNI(aVmKM`X^Fjk
zO)g!Tz#4vD{Mb~pevjhH-HE-B1a!_ev9F<TpS*qeG*#1%&0`|VX$AXYIXICtpGvSU
z^7OlxjYbb~GxT=1|D0M{=ImMWq+fK(`+^P;ZV1nJP_D?Na*$jLpSdzugT+)M?aq8>
zacLmg5yu-0@6&5*^l-#>&ePj(!V{7JU*tAYXv+{Qx$H%O0tnE_d$&wX^Q;HNEC#q?
zW=uM29vkdpf{V%icHt7wLc#F#g1&3m{Bfep+v8WSeE+ab@FSTdOhkM20OP`<qGm7d
zkQB3E!6^$DCd_WxD+x=^2Eif~)*7-tJl`0(5*_16iUNytL8Pf@C%tJ*$Ub;P{k&8d
zHyXSHzHW2pRu?!V9p(SQ8A%+<1j=Jj?CDqbko^!8HXXsGfm`L;*Hsd=<r@u1=1THd
z^#}PSEbNJ90P$#ebb?d9jOYdZs2|WWQ0eK(oQctjq^+olgwd2#HAY%Xsv7IkH&U0F
zN5x9oh9hq-=-M#pr}$&~0cw#f#!lAWh#x*FK4R|u=F$zTs}n=yLvpUVIyK;K!Yr6T
z%n=z5(f_0zeMKNg?U^bRoXz>|>IyI$jS|KhUD-2V_p>B%A<la;M(>6h&_XXs8*;uX
zo@C$Pe$F2!&zw09#e(m?ecCRBOb<W|(xUpp-A*Wvcp(t5HGB<xd6IdvPr?_P50uqn
zoiplQ*=bAH%e#{bBDQwe-9)>fyndrbLCDzZ<sn(Wi#{3k!H7?zf^H~--ab+z=xvxN
zW^P~`7L^TC#<tum4Kn_`bNlw=6bj=hw;kaGyA>>G<-QQLYa++ZIsNI0rG59lEBIr4
zargc1!+opo#=WPi=8E85$RkGDWEtpJ@7~~GInP9Qj-fVbahH++W9RG`gkrI|2riD1
zPy%gr;O$`6_0+Y_WH(Yqnp>D)8s?IRd~d4kxQLinZBx22#VdBEMZ;&IiP5ebUPqW7
zS4)V&%tVj*B+Ow{hiC8zV(b58+rm116y12taave97*Xkh%>k@&2RzPBt#3`!b?S!U
zdoTxLKem`22W}j`cI}mfM?sdBmNgX1uTIZiB|_9HNmRLWXVk}ls2>t*ESTPPtc{Wz
zbvNye3;D?sGlE~MH})~VkJunKBW3e@6cJ&E{1<u6tB)Uhx}046yiS<X(EfHkqBw3*
zHzIx5+ZxM4e?nPl@Q-2bq?L|^%+u!&1y?#+*d552{Jf0bs%VH?t3cOqE{Jt5=I7dB
zJAb{3T9}%=!?RtT_nSBucj@fD^%eQ}Fuau{;Ye=eqD4I<RC?#1T@2mF?C)_4)h%q4
z`zve(`nJ)<$>WRDC*GF^({NHZpZc&<zv3O}%>Wlaq!k0!mCxS~%qe-4oLFFWa?cVc
z;kTB9!eE~Hv~sKWn>>@=jX4~0f11X&q$22=Edc{kDzgjAB14v>uQhUA)hJ?pxNU`J
zL|$TgQn0f4oQbnAaGdYAl9HNXZ7w6fFlTNxd4Lf3$8|1$04dPrY@&ixQ>PWx$qxA~
zqGIF8^3P}*F{GX?$s^)taw~?Ib`T0<gtfB9&G`5_*g>011Uv1L10^k~yBa+=PmHLD
zp~<$mVyhAn8uiu|UW*HQ8KXNF&Z!VK4kup^S^R*t`R%0`>D4waVe<RzjN$2JAw5;r
zcP6`Lr5mTkr<M;kX7GbeMSVTP3k%;|Sg3S5^QfS)1iW5ESuP<*oZ_Rf-Qw+Oygx>!
zTQzUaRQadJT4Zmvep#HJbbn1B_Y>c=0M(D&kVg*O7tgBkRc^LndiT_96GLEyZs`a)
z{tFVY*&0qo1{$t569(`ET|5kDqONyT(BFuL)3a2>?|?CW2E+0VzQ7LT0o#=I=-#~{
zmTe=IsaY%Mj~#<ubEm4do;E?_uNYtP^bYZUGTlN(*~-G@5D+IU&X1!BN)8^acEe8U
zDnl+G>OK3X1XB`$wus@F?+Qj-qid?4W>|Sk@(<u*&y_4eHR)7JG{YvuW0FPk>4L5m
z?litC;BMEhUB~}1b6N!>I>boL!csT3xqLIgR^>$0Gup>jnVH`K#M~_ylkE;VM*SGa
zeJ?--Io_euTQ9V*dzr!f5%ZRItuDD5gyv<O*lJsqv^W3>o%CS{1ost&oKpt9yKtUq
z%U)FZftbp~H;5Qzr&z<M{8Ag!QDDWGyLOcBpq(3Oi0x_Y(X(B@H=yfWm!xec3#J?>
zPfk)Td{Z~+eT?pxLoLPNOqE?QsOB5AgOc8u<}Cr^P~U*(jd&`M;g_t-#2rVyE_1a)
ztODY3DxNO7G)3P&yOx#PJ){b&fh0N**1|*g;8=TWkmK*hRV<EY5Z8`m!MZCycj4~e
z#v$1ty)s5ss@j8?nZb##F!eB<{wBqR-oPrE2#)wm?0U2k#F*Q|Ruj5a>vlSK-KMBi
zj=T#r1Y$ly!az2Q&e<Y2SPcr%S%d<`#=T&x3H*-3+&xxFy8N#a)(CCToOjjDWLRo5
zRU$)vecwdDJe@mt?&8MTBx|NktDiH~gtks(XUWQBx7yP<k1^+YiANCjRNU%8m9<D2
zZ7&&5Tznb8OKVAU68V!~dRIwFDnf|bc^r^9-g&UgS+w>dJ^_rEZs*kP38~7?%{dwC
z4!-K$Vc@`)RL~Qy#tri_zQe?Yy++af;!1e?!=0)`$<H}Boa_1Bqk!GipGYXiS}Vho
z1Co@JCL3N}B!Sj4)q+EP>Fn-Xd@EfEUXVa{W$^{~*@XO%X4nDtC$Je;W!QNG??+Kd
z7fvem_Nz{guda^|UBX>8yT%q08oVT6!@FS*Zi{WSt)gef2fBb^R2B`3Fb*D)!NFWE
zl4eIaJZZ`^G*i{MQ$M$`A|Me<3Tz3C1rufbyb1rdS?rJ@L+Wq5XZO45M*D`1b_ClI
z1Sr!L0EHy&j-`;uP)y&*fnccAo;&F;?*8$|A;cM5dWRLU%^eehMoZc=l~}X3ZO4HS
zryguKV|xVYDm#+h8?S2EyJ@zayWx))W?B*`SbM1LQfDwY1F$+jXQo@3BZL@V{(&})
ztjQ654vqb2IxFYRg&P}Zdvon~?K$h<zI~=NO~h+kP?3eu>RN-gdS>0NxdMcXxEMTP
z{zj`#?}@24U!55JdrdEefN(WQk)x9_z2aNxPR6&y){t%4k*-y1;PRlfxXy+>Z<+_)
zsG=AiQL9cP)INi9h;FeAFrG1YlZkHC7>%&9;G`uKfXI~h;8n-ka@SE~^dPqgDTfdA
ziEe5*lcs6Om!^pYC*xo7K#10YawQvY*}lRq!OEh6ZmoWbtd#IY+ECx-ONSuoM*fw+
zCh~hTp}%p;Nyi!^!}8v1`Nz)>Ek1KjweVg{hw7X0hWQ-And{$BDJxi@9@nl7+OKCP
z=&s>gmpY2;`Pn8`RD#I=r;(dP(;F3b3E_YQbjf@sa_-_EHV{DS>55yY-u2r?7ySx>
z_btRETAe%UtuKE>!h^DvaPo-!$jDl!{S5#*Y7;w0azP7-fw=UfPhnt)YOo}eNelxQ
zqdh>d_mMW=SoY%E<}MoXK?7IiOmvvfUy&rqz*>VE@~br+9{u1qYWNpLuKan&U;F;e
zuqWQ_Yj{W)eKawqE3c8F(6Ljepc>1I7KI@YgZQK#f@yS^zs+#pf5SSv0^SF!u4iTT
z_XTdzZr}b`*rkF8uk*UZYrTMBdm{d-ha+#SdvX6xP-t%H{he-Zp8^jceffW3KqpU!
zhc}}@E^e+ulCx!V*t<MBZ}r$SXU;G$trmh*7+SLtBaUMstf!(5C;;w_<@Sd`KiGHv
zF6#jrYl!$v>T&w?U4$jCGc&hPo=v~8ep2V@i3K(<tL~^BEiN2$*WL9`RSzUJ!zH}~
ze+HQl4+2c==2ps0AqL;yGM7U!Nw|jT!KY<&yKXIav$vFx3`Y0L7$f1}0lBRkTsVJz
zE4~24M-!$@`D4JLv!jZKD6eM~SDf9DlAbrE%<UZC`_po_$*EO#9)+o0I$E{_BZ;N)
zVdz~#orn9B*-csxP=iZZ6kcREhpjl2t0n&hGWE3}%}x@)H4;hz-D+<-U>R}8`!`n1
zVwe@VK_d}CNif~)*xG<%_@*Ln-7gq?4cryY7>w_+e$UkISlN^W9#E|d9^dsM9&89a
zEv%#h-n?CYHQ)CrRq^$zlJv5y6V<|w%Bs?r7b7Aj?Vtvl+x1z@Q7Z{Z0U4LO67~5j
zs?##^;r${<j~O$ZgFsS`Anu5>yS#UK#fR7Bu93?s3>zukW_#OntOq^h1Pev%Dbb!T
z%^Atf2sDisT{?9F`3}ifa$+}ASC=%-Ig1yMquwOy`*^b@B$WMrP=7N+GR0#pHfn4J
z`x5d%l3+j&$joF6l=O@eaZyi2SzBLG<Ct{V1877Uh_??QXAJmW66kesRa}A?J#X+m
z#cIMoHsFzU!=)E1Vkai2Byl&1k^1rD@gQUS)n>{m>{iwR<FyakOor2$>AHq}nfL>s
z@TD<~$V>^suOI=QY*Y<nIGi>SOgcxxKgP^VM%W`1^j@}h{rUv%?k%M<{0)vsTU(U0
z3K@jn!G$A>b2r$=IBr3%yZy%%Dy6FyDJV3Aw9HM!;|=1!_~LcPF?MH_<UsW(s!DUG
zrH?J4?d|rOt!aAYX~FQI8!FG_b_eYGhE=u-tSqPH2<-o2?Pm0gpUcawsoyDf8@>j=
zgP$~!j8t~gdgQa&yiP3W%tK@}xUY{-$3=D%CJf_xubw2oub*4CHX1b^P{->{>eU;s
z<$hF$e|CS*ORF5uWLzqtjxK{K98m)&!asR9W3?Fr&bbmP-i?d{IVh<a*QQ54SZ7>l
zGIOBwftPC83;QyT31Ia=iZf^QC<YuKCk$)jyhlgRt<Xxlcj04MU$aUx|J(~5;<2=>
z0aj?HsoC{<072xdK0Mv4R8}m}PI%!S>}6*SY-YHn(9yv&<HY$YA9EL%gdbJb<(F+M
ziw7EOY<G__&$e52!+4MBhw{<s#lg`TJCmv+{9dZP?_#;mCAkHrpWuG&iT{vPoZv^d
zbu>V8hvO%Zz<C;?6J&q~?;IZ3#V-@78+6)4MjfCi52k)Iw-C93tXc|?6I2~Jocas~
zpFZ~`MW^H7DJ$^J&~Grey~7P~76Ul)yP2ezmWHCsT!}%FNcs?x40MmU)TvWvAGt6`
zh<p|53c2nvtXUmg2sA;A*2TioQX*?4w(b;Ck$s;C$Fk0`3%K=$CcHDSX%t&t!r@t}
z5{YM81_~!L$$9@A&Aa68hmSQYdTU=#K@wZN^maxoJr$3+&vi{q0u+y_J-6g@eX|HA
z&YXFE#Z1E|DXQCPIE4mERe%vR5KlYv>U(F+`N_82zSzo4mM=5j+o01ar^GVcy3okY
zGrY82Smn-jPwwl12KdFCm#hP%;N*Od0R~J89MLfNt_LWoq$XI9x)g{Q6F?(GBp}Zo
zJ+jKK=!n(<nluYk!>p5Y<vygp{s5h3@Um*-%q3e7ge8RYWCEJPP(r<ACr7zfL|zPt
zEV#d?Q9)JEF59Zn*#T+sqv(<?%+1vzCDu-kpgKG49w6940kT69IKkEfNi9eO$n1Q;
z?qyL#==t+H6jbH-I>Q&g$C?9c9|FL52oJ*r8!h|H7K4<y4$QABa~4+Wn^mPmKb=YJ
zr#xZW<1I_Wl->KeZ4b>WS@=O#WJ%&>_Z@zA7F7gEU}G&Un?5|Tbf<4&^7}bIJuUWm
zTHJZBGGpgcB?~_9^Jts4c8!O9oD<7|co#8$c8r?Y8}Bw68Xb*nnl^7f5?kNY%TIjW
z*kF$EvauDMxlSo(Tl)F>c6AQ<I0r+JV{C;y7m(l1A*A_OktA>=U${)3r-zuG4CdZz
z_SzNIzKHjc+)n!O$9<sV!6#2Pc+F2?p3-?>yd%@<tXptWO!Q`v5-`AP8`$NA<$>3j
zFPerZq|K1^zEV0<$*MDjN<;k#-@l#$igCw_^|?KncsXG1ym?I(<=oGqyu6uipXXMe
zG`!J?<Hrx>h_Aho;R-WDuAe>;sv7Os4n8^9Cp#-^!DdSx^U(q38>%!6U&MtcRW2-~
zTyO%XRz^YcbRpm@`0h<=FI`KW!Ok3}Qc+f;e#1C>n!iB1bm+yp_ibL^@GThg0Dbrf
z4%dzf1IL6;>nqFj)zvZY+tuDE$2BeLO0rpUn04U|QSx*$mz{aJn~7r}-D8QB^UFtq
z8~Budh1E94>CHo%D_ha~^;RR*shzkIH56%K4%_0LssF_752hD-_N*5>P6ih2OH}Kw
zN<3<;Y@{AzTa}zz=HOX=?&{N-VfNp_XFb8Q(Ai^jc8q<-frI6XW8!-S^xL|?#I=0>
zjOc*m<d~Dno}HEDZ37lA804<r-OhEKj^_*$!{WQOT_0Kb7nV8Ib80bb`qkx~kqkA$
zw!7+<77>nhfWfnf{^ZV-p-K_y+j}~l>RCn3{D`&Bc~TQ6PtKqp-S_hy><kSrK#DB`
zxE-DS5_VF!o~L0a@(*$6fNJ=@5$pL(A~2i7j6kA|qQ~P4N_Iq#KS{BzM&Zr}$$gkq
zo_a?V5b&JfVC~A@`dInK#)FKxS7x*m0!jKZ+!Ze5x>=-?uo%l!L;zpvxbGD8io<|V
zWo%Q=so_JBBFHETg~H#^NBMZ~f3mA-&Pl~4VI`rCD$v4u70AHHJUn2_+iK!m{PJMX
zJG+-v0jY&!CcVr|O)>$mA3tHj@uc@C?0idxtogGw?HY<UOkpyPT8JPQbbc~`m^gk<
zkz~?(BYZNw(joo=g`PIytN46wA#=$OP*v7dcx=&RKh0>=vQKSJP5H(b$$SxM&&KeA
zF<!m}qgv^{wDMnY#$-l$$jQ9-tagsF@2F-)ds&kAayMT`vxl3$j28su%bDmlJg7-l
zYBW=t^Gi#&;hYjf5#}a9Zi^RoXDjXR1Vk64o_aJQH20btebi0_+@{CJ3+Pog-9q(4
ztC-tKYbp#^f8JQ`%+d+*EzGr1S--iES1`q^L-_$s%a3}+<)ONXrIkUtUKff-XLf_G
zT`1NY5kmY@khs(E$H|ks-zfbblABYv9T0Hn4^K;QH)>)Q)Xy$$u<Pup0`kQbPTcTa
znty6UBFmz#x^7jn+jalQuM1(6o0~BwAv5cHtlyh-b;W!xj~W~E>qR5pl2PUhQ_kL^
zPOKqrdBsKo8-!g277|^Tx|*7T9o}L34#L%&!lH;!k4+rBx|MU4l}*K|+=W)9ZHB+K
zI_sWgt@0k$LskB#>iPjYi^}3DZedDC2(jy+Tt7Bw#Z)imC4U)LL8s&!-4Uqj3GH?#
z9i2CzeavV3j$EzI9<A&vF)v9vBjxf%Ae7k!asK*2sHkEiiD^1@{`^RynbWQ~?Y6TX
z-O@c=y}~VFq=j5A{_&%@_rU4IgMooTNa}lc_Zk=E-dB6y&fXy60<i}~waKpVt^mYp
z0m6o@U02va0Hkb#L+wX?DC_H6?qqUInTuQ}gHj2uMbwWI-#kunkBirHZ5ddlb<M@{
zb=j%=pWDnjSf1M4-F5dPdo6pHQ};{lejga|w0N$=LeJdp$K39umIw7YL|m9tBPJAN
zn|v@N^}ui5FG)uhkW2eFn&^>m;&RaA{l*GXT!yVZa^#3N1sHsxWr#t}zG%cGpmx=I
zDMF0C<7f%C>z(v{43SfGAg^+A8qg{s&TnsMIO&4CbK5Iut;jjaEvn}WKgb}w8sHvr
z+^G66GUs;Z5qjS=E&huf7OYAmc6XaWb*O>;Hs6tBU~2eH!p8K*b~PtHSwgmM-M`;Z
zV7yX|h3%+oL^)L)lXju_cWTWJ!AeWUHywM?_DoQyDl0w4E~v0Yvu4NW030eemRI&S
z`)pYJh{Nqyga`CEvGXI^ok1MqiMs(6sf2!QEYIkO(v(_6cy{cqA<GNS=9P|eraA&M
zu9ZKhl2DcdeuX~=1T;bG0N5H)k=iyU=yYzGLsx(3*Ow;$LMH2foPR2>|IkkblH<vZ
z;dEq{{v6eWQ8pF#=JX-N&VfSGsT9GE3_Fut65>g!(^q$!C_TBxpIuvHWu2CGPp`PF
zR?!(d{bEC<=4rPZ;Gx(c$+MaT&NqM~Op#qRc~ND;$>{V8VfX7MEvd*(G>N;X7ojvP
zUJ_b7Eg<7kzbM}e=Tqx$d{=T{c~z&(a_g4`BNn-b6^{Ar=6Ek-;f>Qb=9w};XUf#6
z34%<P9QEWQ9GvM|JZU}c5t`1;Qt7O;x{vvCI9FT<0JSwfoOK&EB*J?6y@6FYG3C;{
zP;a{)RS?-W#JP6W*WU}Qqbq~Zyjq_4<w)cP>xkz*9rr8wnlgz}#JD}$H*M3Vr$=4N
zT)cg*)WCq|1I1*G<#|j!JElNhy>jI-8zmd!D4ZxtEmAGMPFU@-{+GuOaj8pau|>l@
z+o!-DGYdjSAR+nilvHG3Jc?W8c@$CgOFPmg{fzD}i;ea}i5*ui`J)XReqg(nb31wD
z)AEwk90Yw^PS<;iFGPBg@!iiprqfg!3j-*IyZ5}gfOr4+JI%O+)E`xbC^Ltn@)4gS
z>IAhvTVAjXFs$WiAm#3g&jE6T@QluQPn)J}JV_bF<f{<gHTJ^q#MY16^Wr?FrGLjr
ziv|mKFkTh%TO-0L*+O?0hsPdjFlnGbqJ3k7cG=}X9wb1EJ5rM&ry8ds3G}x={+Qxe
z;~8qjeOP<j3|KnUcH`-JjTO2X2aYEdSB&=hR`UjS+4&AhAw`Mxl*&Z40u4uFV<ZZr
zG1MElmajD8#*=cmS*upvuU1+oUN}Pq4jO6ToMs^H2&A_)y|=o$Xp)&a8v4sG)=#5}
z52XdqVg}ouW-*b4V}>X_b7sbvy(yj?kg+?uxS}ZWd*M81M6Fam`m}Sf%IUAW>2_AS
zTR8<)=7FiIG}^MNez(iU1}Q5>98gY5&8?+xpK4{FdcdrFx1M!L>O{BD_gx<4l%3Y2
zOZW?JZT0fsXsh=Ps!_x&62r0=Qyx?CCe7{a=Iqybzf{Q5|BJ&3h=4T{5<c}DSOc^;
z*OB_(vb+Aa<zVkp7yc3+-U&S@?`!h<aEt$mAeycPfOJLaCjcmaAv?qh#9kvduCTfb
z3-HYP8#_%f?P+EPVA2`lUr1i#L4PBSp@bfwSrNmO$O2(Ey0usYIbuLwDLi!tvVlZG
zop9ieyQ;!&Jp=51yM5b(2}VQdFMWLb&-elm5Kh3}s11C%@ABm}HwJ52+t82MrGJq!
zj>tISU@&9s&Ne272F2~d$}<X0jyv}mW}|F8MHwZ?#!{~}xhdX6ESwKlIN-jOp(-dC
zSLMApA_)m4b2<+mJpJRcj;kuIC7HuuebEA8XAT`axQ9PR?m`0fiHEavsdNA`Y?d|?
zpLyrOQIqeL1?#!S1l+Dh26R{Vu>nK@*x?WPwmrP)RN40McI_hCoy#P#a%G>Bd7rm+
z5O7|!?g9{i3;Q#9OMS?c2aECic1s5t+XL#<exMu6XMJUIgxmI@WII=H6SMN<yu=oq
zPcL;q6{<(bj&2uY==}{1*#4xn>~V<nUQSgDbH4OmJxZ#yBV1Np{Q?DiDF0<ESin=I
zKc{Zx+bM1BiaUtBpOFNNBWel&U>of+ko#fsOB2uW1%rcR4#!s!WSxg?7Vbc_rH|5y
zB0M<kQtZ>dfTp!MjBavDwi?vkOaG+Ld)LbKAfK9j2hTP<_b=R+`1--!b#-r1CW<GM
zG|l7H$nm}*c^RpnW*W!aR;lY~5K7wftjlxFnMFk{9X_mU{@+4KX3Tcl@Z!#e_cvU;
z!pb{7dw27zCCf`+XUpP8uCuG*UxA++?*6CX(Z|SAr^gq~-`0osS1dvB2V_0pVg9#h
z1<k~r33E&*Oi*WA*W)0xojMhKS0a3^{|JS?1&DUOI5uT9XzOotei=FX@D~j(=yJr-
zcM1gzF1IO6PNjm~C01FkK$|}tzpCSgXYT#$&s%!t-}gWyUkPks%TY~Xwgo+&J?-ql
zAsZqu7I1w~we#Pk7w?v06>J1v3UizVQve4-)!5#Hp**vo@Yd4b&BiG}B(8*H)#Kdg
z!jc!kH%Gt3U9;<}hghMBy2TU^g@=nwcGFeLSj9XNDr*Am1rOf3ZCghI9YCcvojcc)
zI%>=OoF7RKgXTe-zX_ZM5AbPU6MY&XNeB{EH@_CP@eN8Wt;;B$hJl#KhrR3g)kTlg
z)AHb0k_I<%|4F{YvJ5VWpF9PUjd+b8rYkaYI&<T)SGCU49M3%r@^p5}r8=xge(Dx*
z_LhrO(R58R7lK>kwv1G0(W0(`1U7~GYwin$LK{m$=guSEn*tKG!7)Sx<}LEpJnC-)
zKGKFq6Wa=^m-?JFhyX|LT0_R4sF@^;p^{+&LMM_@k+k^Q($}V_qa>4htLgE_R~vm>
zNwyB^i&rdoaeZL4vV0-J;va<h#vs}obNF>ou6^2qcS*{F{5bijal$I1rk@_Qa<t<$
z>FHppZ~ENbj+CIoBF=D&bZ*u+NN&!rcx|w3`SPZ3BA7xV7H=v_Nl7QWFy^B98=9Bd
z*p=8y(gGR05T;T>Z4e{ZPzZcY8pC!F>aNbE=pP&q>7lmVLeku(F$|^r^7)hXg1^)J
z-?EL->hx-_;ZkGGYACKFOX-#lQT>+^rCy%IrveYNlw@++wrveB57e~&{an)sfVV)1
z3v4^FJ)3dQw%309?%j^~bwIg9IZGr;?0n!GtXvbiWw6ck`#-og?3)&V*bDx~(HhPE
zdcZa(3Ky7DdS54k`RSEq9mP(-*8)mBJ8rMWUZ<aa_ji0Y4+@tT&t=ljvz`#3%>H>>
zbkyzM=98}HkY~j24G7SCW;)^1<PFcaMV&gLhiDJ13(Kr+#z*bHf7i)AhsGa9_DDKG
zCrh1h$HY3Iw|EAc8DC?_$XhQ;5p5JWAfM<)Ygcy-a|elXU?}~e#X;Qq33@GMIzq_b
zLIjH!A^pC(9{fzcXb(^^svFak|Ad37-=e1*ajCw7L|tX^&77yXu!n_DeK0B+<0HOq
z0M=JzOAVK3_9aX7w1~$UMPY&sL);16K`iGf%SXbz%wD*#dk@7SKflg{=N^xQa~3H8
z+95N<T;Sjy7v(sC%Hc#Bj%ox8W{-hYbUhsr-$7B0Bo<Fu`N`@-`sF74Qs35h*h*no
zsDpxoU(=M?USF#Z&T@8jdW~9jW^u4c7+KnO^>57E*-&f$v7&Gl2pR96{TFH`p5N-R
zl=Fne;sX1L#N^n;NYF21#VdxEZKjGtqj!;vEIF8v8Cj2{#kz>GOEe0glw#7YZq$#^
zO3Jh!05Tbr*iKcpO|2iLoXDV)lYfA6{}q^J)oCw|TQw1ofn7)^!b&?qE4#1Mj#zJE
zxYQ8Fl4pwq$^lqe>#_`tqgnSmx<HbIs}E$uRlk6!iYfGlnK4o(F%M>M|6)y*Kd~XQ
z<@P1oGdQOxh&NLnWKeZTyeCyw<3qLoQr>GF8rDSv8{$SJY3v0NVZhIQ&jjx|zjgZd
z%k)!zYh-jt4N(!$cFR5%-yW!!q5jl%jqm>T$4U(TL%7b*{7qK^lm?Ho=oA0+(nJ2|
z+Ubiau7s*whSF>V88!Jcb4usW$Z$_FSgp*x=E~n0_I}uj%0B-?TR!DTsR;=IJgCRO
z)B}u+?BUh7-v7C6cIw!hAg+Wi5=TMv$5qzXJdJbtAQQBHK5}F>QZ-CcAJQTkDta@Q
z_qAzub_{Dpvy-bXtFbmv>_LD3*!%a#tet9(t7=a>HU}m$86{E2aswA#<EbejjtepU
z78Y8k8)J3oZ(dG@rx`0i?iLO`WP7N?p0!^#ruaW)@|#cgJc&i~R_=*@tL`iquD5a8
z%a4f%GpgrvY1*W8^{LN1I@wb=qgr)b=M56S6P8TQw*f1&)a0BdE%M6fV0X+oXj78M
zlyiBDbHlCdb=}qjm)C~pY&!1t<a1NEh?Ii}aT(BnB3%2r-Q~qIZoGZ($cZc;l}+M>
z(%nV*`8^rcKPB{&E*rFoD|qYdU$^ScSY(nL9??WWux)+k<>XhKoq0nG;Aa#uVZ#zs
zgo#|7|ER54$DpZ(QkrtTH*VTL(e8JBEiJ8Xtph-h96u~-Io4tK?&{_GK^OWlPzx|E
z5PVU5HE3H&`#eEQ(_!#{0SD0^>s+@oH*b&S=e4UK=PcVKlCf!cn!!Y(b1^N$$5MY|
zJ}U1~5#Zqo^f=}ygm@GqkmpTEqrCq&iM8D`3xeBXS!(5$ty}j^WDA~{d1L+P7cU-%
z2TM|3&7m@^`1hX&`gkfY7_V5qylC7tuwl`=64()#j*99DZor~(HVlyaK}J2w*zmM`
z6iPLR0^`Qc=UI0l_h@sbWHuTVcNv}#?CR->Vl$L2ZNR0mIY@*e0AAs%KTdsp3GU{X
zix-b^wYBQhSQiaMHbTE3kV;gkm#v@D)@30G(Ba;v<q0C=b-bfvXhJ^_PobrDY~S92
z8;2y}Ks16t`V?Kjd%MxZiN-}{XGFQHq7#(<@c~*~lZ+0UdHvMBHB4;pKx01gV?j$E
zr)XO)FR_zffR50jtzB?JigCHqgMta&oQsL|F_VXayta^JGY&Hmvc|?mo5Xp>A;x2_
z=T?BEY_v+TCGcvUxnzu%z3~Vtf>FO+sJGfpdxUG`?xzL8&Mu?JjXMdeEJG3`bq}pN
zNrGF5*YhZtw5U?;OaOyCBvWoxcET3QHwnT<W71jl^B0cC_vfIo+?k-KAr}!3<_+yu
zI|(_4tR*Bi+hAZAk5qE6DB@zlb7bCChX(*tW*#i{Q_t7n(-Nbyz&Ci;VzD|1a=eyu
znR9R(&+ZLO0X~*koVPU;1c0{JmMnI~P_y>h=sfFvPAKYI#g)F1+E*`T7OAvGewSBY
zjfm45=~VtziavhvaH_(u)#9ATYZqosGm(isY#4o~q^@@zzyDinUVJxdSk^SR8R_#m
z*ck)WlIaJh=06O$vihSIX#QhTw_o=qbHsQ5{x_`Kz>3^yN-ZFGiR%*oB`m1!7O=Sg
z7S)RZ!lE^O);8wlpv_uJHYFHc4Fx(|^&fuN!ai%w=r}>NNxKmOZd8M?f^!|fS?!@-
z2*LUZc#yWTn@9FE<DnZWvQ9+b88y7fDy)3xu3hn5auU09J3hX_<po2IG_iacV1N5f
zYKjW&vll04*XLT)KE`s-K@D1$m$$7J!B+-#NE?-2(79hU?L70z+d_Ta;vQPYR9eZV
zW``+m-)W*-d<pgSBHS+=)r1}0#Ie!&z13MICLdP7S@k64T!y22rKql3e4ZQ26}qJq
z-J_TxWJLLnkascW5$=ab92I4iufKmc7kr^ZU`S&>ltAZ$){L7ve^j-Ge4;T^)&ACa
zKW8SZ;xX$WJpRIV+e-V}2^T^y2|-MPS?5ljG%HP(VBydKBakjX>-n0O!K}m6&(HUY
z8T<IM8<g+}1=1nn1B{hr4o(!?hD%=j3>SN%<UoD4c#E6|YDJ&t{uG_rW#0>9fg6bU
zgj6_ZGc$R#l~tGOENK`18pE1HiBeL3{!%Tog~NX_g1(VN<M>oA^kX56$EfL1Y8~Is
zGG^?aKG7|AMB3>vsn2q4jM%-I;*dYn;<MHm*WJ6fW(B0>NPHuERhL$yjIjaBx~V?z
zFRYq!pe(p3hI||-z$<FT00&4@np$4lYJ4Zaw_JUYiMq|pj~!RL3^`X)w(sYkdsOb5
zPt?A_vNvYh+6_n^WjR<lnS}knW$IeXU8pcp!ZnkR+G_Tl*GT+3ENvO2$m1Ky`M%2k
z=e3!BlRZ*li-(fmC+-G#z6rT*;Pa${ju=0FPg-v<1LF2(I&SJYLqy#Sba%D|(IGd+
zI%I8d{1S8V{vhR;iP&#*JTU@mVX{;=#cjgxv44DQ80wjm!<y&!omhoZNO6;}|DBxw
zxS;Bp1+AXu+Wd`y!Ej$YiwdFKMD9gho#S%WJUH}4GP1=CG#5bqKWfb<{y}o2DOS6l
zdlZ;$at=;gRNE{nQNJq`0swgA_Enm<e5qynv5+>rL1yiu?shiT2MV63RoP6d;xs-U
z7+4c)esz<<&3!sywf)NgN&FHVNpVwRzf<i+Q_FEQ>Pzb26IQt-+cDnACn3^50dm^M
z+NAtwfPq=Xf<e)@<6967ps<S0aEj@rr*|O9%{u4Kf12FeajdQPcDI~c{Z8_I7q9qV
z*6n()t?YiDG<otFGusV^{dYE=(JO}wddswCPRd3FYfnjdBT8T=l`%mASOvu9hVAsi
zfwH))eM)iAA2~8ZZ+E~YOi-i`ZK3(Iha?o70P?<Q*W{Pwp##~p?ZA#+zYp`LTd6tJ
zXTaVkmn#i#r@iNJy-g1GxuQ=~hcnr-mf~5o>$I}7?>rJ;yqLLC1PZ;5wsohkN?P2X
zd~UK0za)+!&j@XkQ8d9W<M71a{dF%~J#*h<yu<0dg0SP|A$ysD_L9r;jK@w_cOeVl
zsR-_E9$lW({YVC<7tsbVjS?Utha;mwy0zGCpM9odahb;bn5Un&cMwhat_xAS^dd4I
zr|@K%6KtKi%Cd5+rb=tWm&fUKRLSV~S(Rl4=#mF>he=GNusAn;LaHa7r@zb04CSG&
zszQ{<(3;lpRe>#+tym#;H;Lt-9gj$dBz0g(wb%C6U;w6$;;74n6k~l&<k}>xgsu+Y
z;QumEPE(RBVQofysxSzXhaW97Sy6n6lkPR_Fvrp33hgwEWgwQ)NrC(q?HKd2oTTu+
zty{O=!-h86K3*tKTHV+!OB)YQ-rcLHXN-~6Wh=;IB^b6nB<9rgGrcn1d1}(ibAPPN
zd(lRbkEHomUOoJz#`75Cdv=HaBBJVZZ7GKGcqxPply|O1Qs&c9$h=D#@pY^)NG&vD
zH)Q?2j@rRqOANJ6xYta$S64x4r#O0c_xKj8bOSov8MUg>6O)K!J5*Y;7cKH4%5uP<
zLA5sCbH7oeAkWHjo%&9^G(LCdXnryOH>UOw^MB?WTN}A`taC@De;(b~vg#5ykA`l>
z&VJT+nuL|#eehsnx1Go!i0~?It6JIeCH=*a`A!!O<>OC(Oobxx!lEQ%cZNeRcBlm9
zI0>ieM{hK=|KexI_%mnD9+HMb2nntTZ2y4>qE9`Wc6{;gWbHB}d@m`>%%40=Sc54N
z;z?1ZrF5@Spi(4;5RsgSBygPQ6_$xEnJ!W&8GggDM2k;^$w`njO@=TDz(zrY_us9^
z9W$*wBCo!VHsceTa=A?ZI0QM_Eh^EV73JWV$LJ$>F%mM1Jtzt~gc3XNt@bW3s2kX&
z^w>QtQfOqdSTIE(JnD*ILk$2?GR22CBUl<ZCme3vZ!JP`F3Dhc-c!$PW=x;H$n(wi
zrV9f^m<Am`sjw9Fl5U($YT+X)WkM<!Alj8_C;~W3uJrl?_s5Ip9ynIi8eip76HrKg
zsa(aW;!0$_K+qVo2v_dgSN@(;G_kS$xX!e-QM)k;yv~dmw<AQ*_jKviFFN_u!U{B@
zexMAN2<e(NZEA{C|0Gmbx41LTzqbm_%q9JPrj^sFg`XQ48mF`fD{uHOKIh($&(_f<
zhSdv)kUup@Rw$Q1JGajxLJD(NRF1yOR<B+%(dl1`72q%*&<~7jglL}}cf`WX4B2N8
z8%(?Dk}ua@Cn|z+$Qkz3ie_qRLuJNUQ03@QlhBM-(z$}k#`5Z=@_<7c$p$b$?;9Mq
zPUtDV%AAD@$1s7!0ALz(I+`kxQ&Vu~5E#K^iqoA=JN5zI-e+8%)lp`hQ#HWGhu|jB
zb+)N^Vn*NNWVIT3n+U~?OtkiSX7PsP{q2FemaJ%?kyUAScK!+O<#P^sN-njN)&8o=
zN)HW<8G>^Bx5iteAl`p$d+n()ZbO7<z-1@?vLf&~8vv``hZGxWF?7jGATaYpzg<x&
zkEooJjopd}dPuo!yU#Pi>i4+BME8gm&$Ul)_<aA~z3MgwW>~rm*uE#+$VEN(-=ego
zUH6e$?a=OB;V?3v%uDMvk30Rh#6%x<XefIpd}X$Eu#cm*W5y%UTA~<t60gWG<c0xb
zTE6tmd0{LqpJN50j|Q*ped=4^56PQjI^+JRIR^{Ej2+L!An<&G85gV4E}@s$f0M7;
z`W04%Qsr5f+x>@9{m8xZc?DheyN7-9(Ml_y|E+h~+viaG6gT@~0)oxS4%Oy-6Ei@J
zyL*&G`Tg^4FM<<q_QMa!?PGpAMf&(=v<!iS7}L-<_AmK#9=90(Q_vU0ep-VDSw7r3
z(?oCm=fhF&Z@3;UE!0n$Sj>cQFfFs;0eOPnM2DU|G(JGolQJQK`FN;&-f#C<zlY2Q
z(%$M5hwt>^tifo#^;M|4m*gBREfMjyATcG{j*stp0Do4pK1pHdiP`Gup3yPA#V-x2
zd?M`9lQ}oCiV=9ngl>3|{(hYv<KZD5b_M|jk(!je=WaE`bR*vl*=hVk#(jmoAK$mY
z@-LhxUfJXynR#QoST64~8)Bkf{rYtM22-Y+e8H#~GU0P?PAtxPOm&SZQ|L%$BMvqi
zvGxlaVYIE*P}COcT3V-VqP8yQ-~enn&Or)-d7CxjD|+(RZ{OBNcZM7(r&%el^b5rx
zFg~qoO15!)`Pp{5A8lHYghv1Z{*e~O6)2<S)?&wQ4*7;CpH+6X)RECy{D)-iKE#^j
zv$`{A5E>s1Wg%&cC_9mnEj<t`7u@T9;T5N(q^TB^6*vSt^XDIn@`2I=O~rcyNnK@z
zn#fd8VaH((TS|7wkv9v@mg@)coNGxB4G5b5=e4|kt5<(}c-cb_juit9=!GYOigs`p
z!$3}ZFMT!Cr68_FY&^I2K@)dlW^W3dbbR=>H;`N3xRBQ>hrEXw{zjjwHo4cFZFp9@
zTZ6HFDYi>P?`e-&)v4J`r*nOoC^R$oaZ1{bU(6$t#zmaSIukK#Mq2k5%hu26c50&A
zh?9%QMkFoU)cw@4i4)A4h4%hw$FV*6mCB_94jg>@vqn?T`=wRuGv_Yf|NgV_{dJ~o
zAHB)VZK!yrx;e_s%yViJ1^%Ab`xg%Kwxj5Q%a;L^AiJPUv6)R2@O<&SH$He{j&sh@
zj_unIT{%|>EX0HYZha}a@@b?(oi9--c`yf+9N(vxmjq;m4+6_GB@YMwiv1ghR4_@W
zGa@-PB0pIbx6q+LQsS&q+_aMxdlSWnR;yN5=Ym3PK~M`uT0=ps5%n!*2mx*Zrk*4v
z)gC&%B0nO=80YLJ(qS5l1yM$@b*th9#u8q^L7Evkxtm{BVn`Egk7w32@=!Ca*Ma{N
zwd?R$=zv>L7+Z<8$$d6}Y%*Gur#CkA=hwX^s||pJ2*v{~G##EbnH;aF=^!k~sbU2r
zNBwwB(JlAgO1%JA)OOXXRTsm<&6q)Oxfd!nFnO6oB8U8qUQcFuz2**=Np^Xw`3-d}
zbym(JYJr<(uuIu^=XI1;6u^k(WE8S=GnK`CF`u#^PsK6FavPqt<zz<}7klpBeTUBq
zudtgGO<)X#TB@<jN4*rT5D7dOhLuvRnbYnZP-12Fpo(eFb)0TYoFNnKal0pVuk+>W
z*Xyu#@9OKQZR;rD-xN1bv|H`2{1i}Qa8%@ToVzG)F*_BELON4R0Z5~ux_`z*92CfT
zdpCwy9<BqVs@Ux|op9;K3W$(eF8IA=$O=X?eUb+#W2)!a`Ym>F=m<)E$ItFC*ZUjD
zSxytdRG>SSqItj02$%H-PK1Wmm)}o9@cCsWW>5uT%QGz$Lun`rVjJptT6{vw*inqD
zAVi9xGC}z5Z(PyIk-K;9%qUb3v<~%3P*Q-MI(IH^R6Ez8HRWFe?j%(3)svtxXw!Je
zW|@}NZ@*rL+XD<1-+Wr|>j!BL;Q@(lys0@HL!!UGzgp9#fvYuc?OHV?4)M%}CG+QR
z+q$)mVz<ulsne!i-Cjqrmg?Ete+@-7%l--KdKxDr>_hV|X;87XClrMr5pqn@k@5H?
zM`jQ38EPkT%rJMA8))$>Sm!ddn#npEf(N5CryL%xy|+E%B(6Oe<{6gulGi}SgBhkI
zkh9>)<y=*!@F|jdkdpEv4>-$pUTs;*@{N97=2O3oNy3t6S86C^v9DS0I-fS~{kTne
zYqM9_)f`SF<s<jr@hcbKzx?Mi$`+2)>7OJ1xV)sD^aTQ-ag&uXl&k3ISP7~Cv|=jL
zmh$rTOm3a#(2A4#M#6_z1dqW*OIO9QEJ=qoYt_11Y;$t#CN>J#=q=4(fe)X&cyWGm
z+pUo*J7r-D7Yr1VjloE}W0T8KmWeMKv*7n_2iL;_alJg}%=$R1Z?9$PGrdnRl*g!R
zSWd}N#|dX5G~<;<Bcw1jhQ4>u*pjlwkLVEo-(?7x7R#Ukvpl`M=0dJehR@6`KY3E8
zwahtWW*Jf|u?TM{T`WN|EX2T1@SCLDG(n$epfj>j=e_2=so=!Kh+eJi*LKRAnG>c>
z+X?Z>2D=HnqX;(+9X`3j)7f1=$XZw8LxuVpG-%p|A||B^6^6qAQn=-f@9Tek9rZHY
zwxfEJ6dw`eUIfAs!5JN1&HSuUr@{PCA4ys?ZP4^+mzG$LJ-xgpj(JQvhIME&PPzq)
z7mu7a?eNUpYjoKSo;-OX>EftQFLJaV(dZZ@q^uk<)S}w}K;J+~)m@{Kz>HY(v*mqE
z?<J7omspq0l)0M0jpBPFF`{*Q!yPsL+U;A!&yE{6PA2p!6!7xTY_yFMla1}u?as={
zL4ViICBKH$>_$}-yn!cA)<F|`&~V|82MTq*t~-0p2vy3F{!7}T`P+t|O$$Gw3}wn^
zCE1fltJnxct0@!iCA|$w3{Ktqa1$fA9pFhSCz<}6j|64sOa_8=*lV6oo>vD95!Y5L
zL2?5de2QyfcZ~6f`NhR?0H?Tg&!qnTSsY>_Sq6BMQ33k2A%D8(l;YV%c>qPXA{|B*
zLCEb_Ax55^Pr3n2&mw$0GO{1xXuGEM^0Nq|J;HBSlg4H(M^_kRyZ7L-v{7R#a>c#Q
z7>YM<)O?~*AJ8ZuPHIACchvoL8efmkY@^Xoa65PJ?!T(_b9>Z*SC(beDZO2{a1rcu
zy+)006Gl5PXZ+Vy{q}07A6~r8mUL_b1A|$}p0ALiLovA(d+;Hn9`>DxXk=PoJ>oo0
z7dLJE?Tj9hamat{6;c(z*(NX}4e4hOFk)VKzg4!k&B@e}>~9z!6sNx>z5aT&{k9^P
z9}}Y@FT^RQw|Rf!FZ!&i_wDM-f7)2{+e%e4^>{p|=C@PCw5V{RrH+6c5IyS87Grkh
z>kLtQk~l)gXW4F_9(sEHR}Fan&e2&#{!zyP1D+<$J~$l_AoIB!qwyeh=%7*S!X@^1
z>=K4}<k)>EQ-<%_Ex&hNVg5KB=v)H(E{E9bPgO$LNXWz8LU(IJL&M|2!Es5mR}ONB
zFwu`DE7ZJG(-+QQC>;*mpI~FNnRBpc{G3><&{x_m#2HoZ`|snCC<m@`eLva8MuT9?
zhTF}4qUBtcegTbh)9oH^$JS_{bU&Ej(>ma3!IAh;@<cUvKD^6}zAf-89rg9Yx@72E
zC?zMaVtIJ?Z(0E6lin@ta&oR$Ntcr=81u;mc!HzoBEcf71~^H^4n}tgU0k|+c`U7%
zD2bQl67q`R`fLfqL%&mqI!21A$lo76jHig)aJ|vn&m%KB%0u=V@qUgef&pfSqW^l>
z)23@PTPA>)t^-mdlIYocPImH{T5w8oKnt9=Y+2aUDDE;caDD}fctz37UCfkl&wK3@
zIk~xv9jOPUgn)tj*=O2i_`5&dYegK155;VVEm-ux^2F-bpO9|XRrT)OJiz`~bh!LO
z)II(Fd>QlTToaxr$Foe<6^SnYId$etM#`Cq-FnQ3YR09%ZS&?@?1R($W5&Cf7I#0X
zY#f*BX8M_{;8#REFtYTmgc^>pvGI9g-*;X`?s6Id$svRtld-&9`&U=R_p*cNCs}J3
zd`7KTc_uCNW_nNwFg^6%#|sm?J;4IYIehuP{z{!B)#vzan2lKoe~t~<wR(rA=lFCx
z?Y*yXrLIN0%1M#bYlYgqc8{N%$hK!lD;KbWlr2fbfA;K|TJz>x+3rtP5gAzz<puPx
zOeAN16C#lsm!qjHHN^sb|G|eRy>pqh!UBT!JpqslUYJjM&XLQ<J>t6@FKF|so%^+G
z?wa?K3RbPDYN)Q&u7<MU_s4|=-gfau#<GzTF0Ev7hlF(G$g~bE3mG+U&KyjB?XY$a
z<;EsNiR!{2lGgbridh5^AkKjWbv5jil3j_|hiEAe(v<9xH$962H0T|lG_JGTbS}x1
z3wFDsqKriRMRSt7I<3$SRUG+!Kgn2n;g4l98o2mG=NKkp&SD+$>L`+J23?Z0-G5cI
zPYUWMUwB&H-}iip#=V&6=(hBrGJzOOn1F(<Ony8OH}^qF>dEuxzlT!OWcnB!!XA2G
zkgKJ+-czDc5)iuD0>0uW3UP%}`H7(H*)m7)!GpI6aF*Mcq>LW(TC-m>ZWp=FAXS3O
zO2R@m>eq?a#E0?7c?CpK?|7<--8j+ec<Cplrsf`rIj@{DV}>{MnxvQ_9}uzjQf1{j
z)N6rbif8{_GZz^{bV{WzF`={#y)qZpi!K=5D7xVCwTf-Wk9w3vT~cnT=e^rB<FMvd
z7gfuOvQF$i^ConW^LN8-Yl1YMJ$`(c^Ez^;MRi!Z4h7Gm-}ZEP_8y^B^R{iz@0~fH
zYxlvOJKNT@n(=uz*M_)ZE2fVh&k&dgwq%H=t%m%z2lUa(-nw<`FQ8?+D=P6fUBbMw
z<KavAP^N;oXBf)>mVrh_%LAAmY74bc`kANmfWcG|;o-f5t;vXN*}ZGmS1B)VY&bBw
zQ_~-9Y&v!`K3@KVjS7QMBLzCJnt7|E@*@HcRt`!>GvCT+<$?omUO6nN$o&QFT0f#|
zo}}kai{|_b<NAvv59M8U_FdF3@#i!W-31lzM?bN+iW=l8=T%Q5_YS62b_-l)d4+-H
z*4fy<9Zrf80Mo1^CJs>*^Qmh;m6Q-^7l{U^AKF;RItH75d>Xd7|IzOeCoBT(0t%42
z9?<U~c=wr8r(UJh8o!}&+rbA(!sBjasJA`L`XaPAAN(fIoX!94fk54rUO2F@f3ufm
zw+}9@sP7#!B-teD%hu|vv)Coo&^TvM^pJ;p@=P3B2guEly>9BGu_B7&)3cXPrQVh?
z-OJEQkgwMO7ukUIMW<3edMtMO?SM=rd2j<`W!JRy^ktB5PxPa%U0ad&@xzD5j~}=1
zrUHOE&YI`)$=Lt7tn64=*o2<mC<a&L)orZh!Fhq)rVWky0w*U^G!bc*&omv#6>9oJ
z!1$^i=iG;9JDD7>6eG|-3-*zD_Z46vbwVdL2%WeCXmxnr)41@MUT71k1d^`4(99f!
zL6^p~5eFu@8v)aLom4&WH*CnCkXhn%6@W`8mc84lHlw(Eq-sqI*TU3f69PYKC=jzb
z<rQDmb;JWe`H43q9~FT;WSP^Q%8b&n6v>m)aaP}2uw=>m7p)FIE;zo>rRkW|vV}Ry
zC$C3;jA;{fM(I6lfs4kk|9GZTw0!E*8^_5^VCrY5MU`bU&JI#`{Zsr7B%~7gdn_`t
zIcxhV1IR}jx%8iuabHzH4?H#FP2#eu!VE{x-|f2U1Y3s|M6ZysS?|Z~{kWEFcF!GF
zr`+O5ds-P0FkboJje%kLo;?^OkE7M2;6z$?;zd})h?ovu6N~{Ag`ua-ooY4eU9QRh
zZWJ<K`jvmoQkiB9U$btoo$HdcQ&#Q%-L5!S@nm2UPL0(1GMy#0`^YelwB1WwnkKr<
zXz9M;7x%&0RjJL2U-~qvQYOY9bTFvCoyR!znGFL1iu6m0$`JGL_=<oO;x4_N5gAF+
zfjy{}l#6?buAMy8<#Vl@NI<Wa!T^qp*?#DJr7Se!)qWndX4kYIVG0Raj_9jtbioA8
zKW~pQO!W}Lpht^19I<N4_^JlyE{BIB108X>YRT^Nm0aYMd0RMyuS7-F9KU2t7;1IJ
z)#>E@y~tP-TUt^Q&)E{LTz1Clvy+q4cpIA&tBz3R!<=&<Zjx*OD0W5rC>7&wX#F*)
z*FAUaNH{oHJ@AZMT#>te#%7=uMRB_}_MStOQHSwBK!Cn_{rdQt=c|S10+O2l_P4g`
zM#d|>tu|gMNi<aYN4c+DYhAHq+n=XZ4+~bUa(UnCrBOz!n5c@1-BNK{HIIndnuiz-
z7Q20i4#RTe0WnPp-SR(tSUM?4<<sY00ujN6Z((gA$gI}1qKe6y<xyC7Bi<mW6j>9*
z>(d8$;EBo_+~}@5bi443a>GfF^Z#-8=HXPX|NrP}qCu&s3`uH7qp3k5ijqo^6tT5J
z5s})FX|a^Kh_*}>vPB7Dmmy?{qEbmA8ACE<SY{S$o!70@-k-fczw`Z_>s-I<T<5y{
zQG17HJ<t8z_xt^t-q7rkO`tT5bgd*~69KwL5P|@E<su?26!@@}K>4r?(LW(lRJEf=
zBaX@$@!f-;#~LX+I8BUUS-l$<C)2hnhc=vrj7%U;AYl1ichR4pa=KI)i18c_BuEU|
zW@pLCqvR|^G6*PRFXh0JXAe}K%633r+0xakXA-dK+Mbve_ImV>rKP1yp|eDfE~^s9
z@z>%k5)!54{<WPeZ{Ocxd`0;n>jQ)B0iY)}Bu6f#eSc<w1VAjNA0xI?ROQ>jH7UQq
zE{B=8K8G2vz~GP;qUZC08ycjr@#GP_2mxWDFd|D>WEvY*l(+I|JumKoXQd<BY2xt%
z*9GAMrrRYSEq<^Nbt2HRtHHsZ=;}x)DAl=tLHd5l5Wo$eqWzUrAc(ZHimf=M?a@O`
zvlK+H1cT-rM19~?pkb<sMO8MdGiwOy@OnUo00L6qhXDsQ$?kolfU?vLwK1qCCc3^$
zmuAnsPfh7(AQyYF5{-<8DYfs56&vaa*%MO%EjUD!lVAxaKhM!{&oa-b4ymVTu~AE?
zU``mi2tN=CXWKKQX?Sme<upZX7K`OzW|1*8SP<LhVx`Z1$vHcId{LHc)j#|9E>d_M
zN8$<K<8Gk5cORqD(hynbHU8Gq8k6E!UI7wfIh_fdIhh4^QOv8>wDoGk*Z`K}oOvF&
z>-UI=H)ymlgpZ7hCek=$yKP<a{6PSTrG}()o~Wqx=a%X7G^4bZN=tY9u%h;9TrQA!
z?^xc>IU*%WwvY|G6>3q4^8x%xJHWZ4FIw!xb{Dt@?JZOwPhc#M%-pN~y(`pQbXxXF
zO^pcBZG2u#cBt)@c&dd^dVt1cvJz2hww?L@Pm85HWw|H1Lif2cnFE&VfBaQ3{iN)L
z@4er2F~`>67w+iJ;I$34<lHF(|B2K%%QornKgxaX(Hhw>X{0|uKz+&(qOhqxJKi;o
zW$gu0H&|^20Uv?FA?iVlQFB^cd^`zSCEiUaHN;S3ld;zN@)$@%)*sMp%&l~K_ybo}
z*9@3x{Rab&(Fkmicvan8POma&3OE+1&u7e9xYiZbA>?8d3Yr?A97LoG<o^u%1(FhD
z#eqcH1l|(@r=n1I;jrp%+~OyN0J**DgY|DT1TZfQRb*1i6J<7&7jj51)?$RCB6W{6
z$3QeN`|DGLIb*yP8Wd${5Ov0UpQ(T*D7jXP=FNLzm7lKM-BMzQ%gIHc1Jup_c&qT-
z0uAV}3}Ctx(QK0T3q$G<FV%N%E)W175qW+bXxmZ35p0yQZSUS$By|e|-aZkPJrae;
zBoPdaJYdB^Dj69vfH;|4;J1A*S!YqI2*8;SJY_ZoV|w&pp@XfT7u_5*{6T9tP(dOK
zEOyf)EWq!r(1%-_C!Sisn~WDzfxVA*ao9-(T%b!m84O0{pTM4w{!2a~(iYJ|Qe4OT
zhh)qL^RxMT=^a`*m8*^|0;eF!bT2I{djhBk(v9j&l)R<o<w%a>BO?A}^Y`K@{kQ6I
z769>925d?hpH>G22pWy2SyX_u2gLax?exUfO<)*we-u~PD1j{*!!ZXVg*zHXOc0nv
zAw!-BqXM8@(hsS8nC^mr;gq7YKNhTiqvSc*ubW+3NKP`=l|9(0)cxW_RD{NVDy6Tp
zMp!DlTg88xBJe8+DyG<P7$!1pN-mlbLOGCr1SH#2fX{@bgSG!qQlF}-D!N2;UN{)u
z#8~5WAiW08jAtm;NP7s=p%EyG>KsxD;qHU$AZf7>AlAd{VUI$!|57~>u%y?yTt<o!
zxuD$W2lI(iW^}00zj~jL+~1(_T}W$4v;24w(t3*hhE_g7!590ye|*k@Tjx#l0N+od
zKoLMTb4rJqxXrKkj*;Q1)lP`s0yadUASAW~PSkxHD7pCE33el#u{w?)>U88IiIN~J
zWaDPo;-iS80!Ri*j!~M(oeN{t&ry_L^Q5j$6sbiQAy_BtR!N~A#WK;)qkt&^!+F}_
z2gIFcIMWy-r3wUq#8W8$K$p*$N&dX_ynW(G6Gsq;5F)<=_QZe~+le294R(V#FK8ks
z#kX@zP1|^H9rJCi4z>=L#Pga=K)M8s7X|Fu&>8lYAPXF(DCYtL*%icD4lVB6>S~@(
zC1dmdi9rK^%R@HU0V*}A|2Ka)T+W4f+hogk&Z=)~y95CR*!Kp&FodClyXBsp$d8Mq
zWl+CBgHF<|N$WGp9%K~aB?rSg2VMY383os=LjFyW9x>tDs;G!r@uZMATLfVJZBySb
z^Jm};z}S#K&IzMb!_D0wCr9WBi2I)5WFcZPoZeq+9}7d^lHoLXzlGNH8v($GmWCjT
zz$BY`pizXW{!@)IhLyq~Nd!tdI@bz5&my}Rd8dt6rc$qyh~IW9hkPFJWerL6vG{@&
zb3A*xyIplw?*vYS5~`%U-1M3a3?*d18Y)B7mUGbMtKucxZmza-XFX8SU*!R6kVq(?
zP`;4MHn{OB<*rG}o(!EG!RnE=L|jq`#=sY1xF<tA1>5|#u58Sl!F(tWSb%4NAp-IN
zRjnG*uArnigF%Eu-YF}qZN>N-{u{i#Nn&D0epnKU<bESSnuMGKngdJ44hiwUW4UP@
zV7b+sKs%5aYP5_b#+z7`96O4eFH7ZYgL{c|9who~)28xUH+W&&#y~oP#8O-lH&PE;
zYZnF&0W`aUc<OqnmAJcG=1-u#tZ!)V?IKNEboje4)N}CZrGEpS6)OK$N@QJ=ns^?0
z6UYBPkzMIzItDn!CtI)9J3vS_myGsRV!bMjnpk8GT)REw92|+QZuaciM9l?h&_#&W
zjNo~SofBWUVbi7t>_+HKSAr4J5SjD+_XL=gBJAx9d`Xx-8;yxn5RD<OaUPWWmTk$7
zzA90<@QDSWSljN#6(+xU;*c-CYi1!!4ipA^Bt9-*It(D`L9cD!PlwN2a`%ZZ4p!F?
z<Q8+c5uRoeJLg+L5MXvGtXsSRGoO4sQnX2(GyWaV1NXEaSGlV_W15LTZ;{l+8G3`<
zN9~IzPYT-~AeFko(bawKvho&?V#j!97A(E0bWr!~yz%es*-_$PnzxEd<)6mgUVUKG
zRDqErQbSgD`JXt8DQm)JR|@ec2UT<=rc0+K@W6hu?U=(Bu2<njiB2atE}dQ~%^{C8
zxQblH@Pl(WqY~-PQjZqTEI8JiRX3wk%GTzylGi<*={e_TOC=i4>OK0nv>`AwtiG(y
zB|l@tF;#TU^51@Y7@K&EC+TaQR48MvOe^nL5~rc|l*z|CyxE*)dbfquIv0A^5}M{s
z*LG3P%IcNN1{WPv^2*)jyJ}^w`xnz}$M%KU;N>Vg%9N=i#%*4TEVkXK{Y_faf`eY$
zzulYlNqafA&6{2?mMVDkBrk1IWsud$`wYK!PS+d@4pm|8Vz#wH`5fs5w=5Qhowi)-
z>C!uUwYK&d1!d90r%$(xRi3h_s;+#%4YBsUb*HRPe{o5!M9S@#Mz`2^+KCP=)pfN?
zC|a9<ye?drH}Gtc%<&p|_1oH`@^q#2#QcgBd;3PNN&|y>f%z9bBV8s_e$`OV4LVUo
zp}6VZcMpqMA-O_g3gwzz*UT?cJ1j?N*^q`mN?iBmb?BrM2l*C{jvgE9@>yuoQLL*3
zr=PUEvZx#w_n4iRkDWH-PFEh=ZDkNO@*yZkrp@d7V({MVxKF&oaq?JgvU{_QT&Tg3
zDHOe|nF}AUW#(x}jGoS%c~W<B#~yW^J;?*-lh1$ZNjqQqx%<w#t9$BGe_L_ig}voo
zdBP-0^%_Yv=c5so=dCy+i#mg@wP-YBI<-Le8-*d;dX>a>j{*9b4xvtJhAV54<hD)5
zQ>(G(gh%q$%R0!OZf<r<O^qu4{G$4}%H9(z(*6F7nq*pDuHQTFC3R6sYrC<j$rLk>
z$vZDx$T-*Y3*}R7>wC4j$RwH+ZDdvFO?i)5;cqrQavn;q+@#W<w8mMr{l|y1Z?Mii
z$>sZNov@oR*IB+9lw+rjX3P>c&?8dUmy@;Qw!C`1LVA5jZuMg6kV{!I(KXMnCV#D3
zlzzUebI+E|AJ)shl@jN|wd4u+CJRYZB<IaLNhhp*<OgbD$0)6uU8wv?*5S|X4t>8s
zn=uf)aPt^@Q2e9l{27jG_%njS*IAr1?EgV;_U+IVSO3NJ=|#>CuJSi;YiqBRm!IdC
zvd)j&*|E~sde`eE^?ivoHIpd3r>iNH?10}dYQ@Zt+Oy)Tn(wDHVQIVjmHpiqTw~Gt
zP)Fxh>np)NKi|^p{%_gQJ-zep=`8y^Vq3vtMfXV2>&rimcG@L7x31W*kpC95LPpQY
zkt{clS$B4^Ydqp~Rz}M4y0J&irXD(Md{T|;ri6y{2s`toS$)g&a|#NIqjs#eJY5d0
z^#|j%rQlJ`qtA7m(6A@3su#cB*pYE?a`L9Jz_y{t7U3Im(e=%dGO@Qlm1q<&wz|B|
zPUAeviMTpxaImhh=8t85wkj;DJ<F<k&8iDkk!<(05y#Tb>KBRU9L8*`w>Zqd#~PeO
zvD<&swdnJUjNk~#Oqy{+m!w>}m8#)s$zR3yyPrF`QmwPf>lDBv;}`RzJFHI*54F_^
z{J1=sn=LP<a&0pfudj(UjJbGkpHCe-s?=#&{dU`plw8MLO0|^Ku2Y600`F<^?x9X|
zN}V}dJrfML4Icg4HD<7S&Do?30fwZWYf4N^#<@0rc7LNkWl4?H6EW$z*vBZ{ElRu^
zG4D>vM#T?mNH08LvfP5fnv+`R?3H<QF;89Aq96>P4D!CQ?b1i8?r^1$aFm6`#WL4P
z*{!`~r<vGz9j_b>*%G?jRzrN0CC7MFy7<`qYQ|kme(MU~;#Qt1pOMYZtYs<Pf1J92
zytb}(wXKfJeCsPKQ@i)<n??yOI(|k-Zcg*E<!7O>xQU5C&9RzZ2i2$F=D5s%`aU-1
z-pu*u&V_!gJkMeK)}MFD8QOI~=`g3@c+(fIHF9$L9N+uj4{jS}X2_O@Q_@{d@2F#b
zNlxyFIp4aSJ4oB3GV;dRW?%M&WMHAgeFw9zMO+#1;w`c7Te<k+MfT$!j=02H$3aiL
zB^In&DX9<YT>vHvB9xO-e*Ma(Xl0#~I6Bg^w-1k1eeK#@eS-so`Mk$gFQD8Sez)ST
zzW!SU#l;Mt?6bG;k5+M<)7+wNpFc0us(kmpS`~vmt<I$Ij7hI)wZb_rZ6_z5qbZXI
zFI_G<OqE(~CBy0s>U!DJ)V<XO1Y^#V*VYUVhoqxtSnngXg!rO2GT!u4LvE}I&Cy%V
zVcUi7j@jJVsM;R+r2pHk59pL&%X*!^MRS;S|8&lk+N3=t5_cClK0Z0++^iXI?@vCM
zw%wL7yT7n9Yw@do>zqjk<35FjdWRq^$xT@9jLfPTgKr|5($4z%y0@Fi=_<-t3h0Zn
zwpY`b%Y<gl{ItO(yYe?fmU4!R;qoPi4)UGuthlf!SaRpVBZ5NyB8}qnU3bZ?uw1*6
ztnNP~_-vZ$bo5tS(8cClxX>*ndD!5vlJ%1NoDcM<`j!LsfSW8`1{GG`xc(M*9ozlo
z{RXetw5BZGUwz*j8QGuhx5yCLGP&uo)7`psO*5D9c7};;R95>q7>7^mE&ZLEF09{g
zCgi?4XeH0|w~kX(Q^VI$&c*NQsyeidHRVi*BL3y73ctlOI1R?14fI@B1yLv-!K|e3
zr$Xlb_N{!O+CDOj(TfL$hqDzPY})p*ucfSZ@^$s4?xCf3-MH(W8lFb4_dYrKd#!Og
zx?k3du4gc4vl#Vl^82L6rfqY-RVWUU-Y(atOw?K`$o+pcH8VDJqMQ;lej7Gp;vJb@
zQgm=*m^3^eFyE`4$@+$62yFdMIcF5HF8eXEfT4mL#1|A&H`dPSIo{UFPBF^onmTpr
znaC{Gko`LrBdYOo94I@bj{e?kr+5C!f84)QXofmQQ=;|-Va?If4Ct&?E23lQ&vag1
zxg+dY_-?1}zEem$UtU`3j<Okpc`}Ax4k}7N94$V_v0wP|Lk;O>AtogG;?UU(wMX`k
zELhEX|K=^T@kp1bN`G&{ATNH&4yt}6au`+z%_R1G^lF*~Cf7zK_FZ=eHWId${;d+5
zF829IZ0{>~SO`cT7pW9(5DVfKAyS>aP^N?bepCz|AXLFl5&~MWz!zkQU_*m(stvR!
z|B%nk4N|6nN?VTEtH3Wn-Df!Til?6jVNq><ty1zF{tFCcli(_#0LH_dsk<Fg;+!`i
zD5XIn5o?Cd*z{)@Rf=d_Z4ecrB-IzW(rPr~!-K?uj0hqk1dNQMK(IE+XGdQ6?vew%
zV2tG(yJi{=+kHAkjp{k^FT8L|k58PklFHbJfB~6@E<9FLlRjRVLb*sNjL5_xTrV*c
zk#UH&!iG?wNkq{K28M?6J}ATJI30aC5sX(+<8=N2ACGA&Nl#J~efn9yl=-K0`-vJC
zh#EHTwWBL5t{RJuZ?x8QrVFV=GN?B7@uI4QW>G^!Id%Ulo|uw1M!n0K%DrrbKVw1*
zz}-mND4;r^oq(rK2V&xLNmFA?aAXi=wqoL6N#8eti#C9i|G#H_-EK&6NT3uXmN4fL
zdm;%jIc*4int+L3szuNn0ese<0F8EY7`I9j!DTU)?QF|iG3dnFUv-_OG4I62l3W1f
z;UgkV3<eN1h_4fq;^Q&9TL1`~Ct3s|!vnoVp`i1XF3{4`n@&0AdqKt%l>X%_`=(Rb
z;jI>UUS(J_0Q>+dsR0az;wS*4PBLjKt+VE}F+3moNA-hjgs;PUYmV)1sGW&z5P%(Y
zpd{l#sH$5;losLMBN&**^hly-LtjpwC4i<!gjXhjD!_9DtXyDS=o^afwS9}Ohlt1E
zh$aIIPY(wkW)$2Pjp`Yk8pTxoIuvU~n`gl=i=qq2vM>47T^pM+mos=7wVjDCGfYY;
zr^}9lWVix|pU9vJgkO&LTHsjr-`qTDTL$NHt1?L5T)aRBbalDIG(4d?Dq#w?g9Q#S
z+YfTmsTw>=sD`)+x;Kj=AVnYV9g5E=1_x{c{dv8T#EKOup!ody<l&Mu#cQ5j)$)=K
zpPeP%{_19cL5P?yfJC({jj+eFX3s8DmxITZSSG5QA-lQmC!%oJhD``!wC0vTsb4_@
z599E@<<2=H^_Q`Zk@H>vuSrHfqzES<St%<mMN$b84+Vwc-c!pChhIRJBL4vlku>Ei
z)XdqfCzp%U4LjDv()_>kz;`QU4V&8cjQBUUGYTw3Roi#nb@mW=r~Gtr9j#SgPcIn{
z`dkqZqfi)i2akMZzAn^hTF;fk+^NAC!Z?o#SfDfdAyqa4V7&=?aA*w<L&?$)l5Smz
z%=JHAvL3iZOr<q?RWP@=uny_6w$2*M4`8OdMKzwXn~zl_Nh1&CNZpV;ozeW|i!5}Z
zV2d&8#0bF-ppdbfRltV1qn{qd=Huso3M%4JG3KZpgQGJcCT6F!Qi1O|+I*Gg57gVk
zX25t&QVI|j*nd3~7C&*q{Xmr>22m{ln6k|9xBF%f_Yn8eqd~+s?R0Wd0DvqmuLf43
z^Kp2%2z=^&FFAh)y-J49zg<B834D$D2Vg?cII}yMaxExGOj=s2OVMwqCA+dxS7Z1;
z1(|A%8&nOS-j;Gt;s`x(&eT_q6(1NXj|CWJWo6YpFz_YVJnKT(Tjo}vlj<?r_{v6x
zrr}zj^Pbl<Eomz4wtiB^BZWB4w4ktne&|+e>H>%jt2w^?fHtwZ^r>)rIEFk}<9mQn
zb4a<sSe@1DCpzNGYxu~#`@vgf9zl8}zslIIS9MaE-PrI7%yNd@bLxH)#2CklJ1jG1
z1|qnc1?V6uF>y9n*+mN?Q?6)2epP-_LmV6E0_D-}Da4wb!fdqLa@yKjm-Y4E8DGeQ
z<fk<J;CxL?V~>8mvf=3$%mVNL8TUs{&e6u-W=4(7<KsY2_2}SQg`?r3#eEyF|L64V
zL!JhtI7p1;HsOJbvQ*!T#uKM3GxkBC<9*qP%*GUK{BJ^LLnC=IVUfHN5f35|6b=%S
zsXwytLWs;u3I52pjycR}pSnc<l?tY~!itE{NR{?>;H0JTzJ@1!M>_70$ShQ?qI!oi
zFIdw`nvS%J8r#IUI9}4?%pGAp)AGDhOk>*ivmT!lqK#2CI0se-33VyFlk2Y&1<UsE
zU4~dLGH%G!q*TFb9DZ{w)~6zuP^b#KE}3}x^oDiL3?TNv#p>}_ev!FUHibx3I-Q|{
zgOR4bwRM%evubZhQIo({#|^-Kx)G=P$xp5}7aH(M-tnS_%&N*t74g8RTek@4`tCY-
zP`N)JJa{7Te#-@8bMqOWN*2YWv9?0;gHQLzUjLT)fiOu%L}WL`Cngfq6^0s;1G(+-
zefdJ(lfjxRol|W3sWPp0W@9#UEvRCi1OE4y)B#k6<r*0=D}cRmQ}nI7SJ=>I8Q!tH
z*W=@-dGhgn<PvhoC@A2EXQ6b1g7qxDx)`bixX=tQ#XX3)TX+4s5XJw#CjD1CEINUA
zZ0rLm1#*TRgKPVERST#oOuO{XY~Cr<F@aOG@||A?vm}jK3@y$UyUv^XN51jhD_7@4
zY=%nev-$0TkWwiBlaV$HdBMpVdniNT|4}`6ZoS2+Qz>wYr}krxZXVueIKF*Q<d8Td
zi#xAp%mamq(~k@f!YY9*cPX-=0P+6OE4_g;2ek({?mU=NpS?aatBjXA`d?to->dBY
zmEDcfAAyq=s5VSRYPcFZiO&GDO(75ag`oMk36J*&^5Y?>G@V2E6gYE|)kHx`L|pkD
zTFdIl&=J184|KmWCBsCVVV6&+bEH2HVUlA3wjuDYTrt`{kg_42WUq;Ws=xKYpyG-p
zqSU7Y{y$Mw3wmj0M#izv&#&rJok#lSiRfyUc7cx}vi|;)V~R6|3V2O?tzA0@oEDCF
zi8Urw3`LsK`rp?yKB(xjGlb3xFF$1Sgk*&Pn}kgn<ESE`KMSauL`l=5(?*+8AeA$8
z5kbXj&9fI`r_{5z-;8JsV>s3<L8M#A2~=bJ0*;@}u=^U}wIf0wA-QxP9D>-lO0VZ=
zvGIbMAdBb~vMHc0z=R6v!v+RLiK2kpr`%%RyMN!*cShaP11mXKgk5dPkeBv4hO$8p
z?a|$ld6#hP{i%#FMN7nxy?Xib60xFLLOp9C1MSD}k0AwrRato*8;U=sxt)6Y2q_Td
zU@f?|wa@l}gXtOI>p=Bi^sRMX>{?0B8CbBojy=Zu7$Bxvk$YjvM`#0&z=9zxea!Vo
zwJFeHqCPe~h?;PJV7%Of|0D&qTsc%4Uz(c>Yv~+kKVceEL{!spm}kX?9PbWM5R;bJ
zM{5?E*?s6D2jq<u+kuCr{$h9rGEI%bRCxh;m+3NxILBTkGZ6<GyR2{UvH;G(mZ7!$
zqIH8#&`$~D<;QUfzU&$qmH-zP>@yW8SOiVJRhrYLr9gP|Cm7-NP`*G{kd%S}fctc4
z#%;xK8OrDj%vT^tzzp&{t<^yS2-HP_ydONkOCn3{K^42tH9<B1Q)wKbuA}U(NQc8|
z9x}LKkUHpv4x^aA^N(DZ5E`HvDgaZuZ~pV%2xUlN|M<yB_se?>Ic)D&C7qh_uhqvd
zV#12j@MpfjX+7D^0Iobq9|4ald{WXU-!47q)%!GRWW1G=xgWtWl))dP;Q)oeSaZWY
zXc(v%UwAoAbty`%-_J%~-ubNq6vJPa>=Xad@$HZ*?mwP~G8K8txz5NkR7C9md#hon
z;ePaWb_PntmkO&Uu)ODi^>HxmAkt#TvU#ai;K&iOlC@=-Esgn2LL9TJvDJL!A@BIb
z;TPU{e^4%LY4DzyJZyoG+n@X)$i~H7sywcO*eXn=nuUQ^XeWn;hohihHuy*Tvzp8o
z4gQ3eRT{(ph({hCY#59V8;Jgsb{>8m;)0k_&`5T%+Y6f}V|UV@6&xNu8^U9df9Hyz
z*(KGmo`Hc0G?UPQUn+2c=m}5K9kF)EDODS`DUnmMf_&Py^B(=vf$)*xVOYeUU|22;
zE>Nb;H*|^Wd-mgF&V7IIh6Y5CB-m=s;?1tG1|i>PdyMwkc3AVSVsaHSXrhyo=i)f?
zzH;SD`G>MH%;M%D3T))1fa$?vpW>(S;Lksa`3^f3=ICsb44D<%g<)U?0^{Z@Um59w
zWLQ@cr|kv7^6RgQZ@=R>jhs+XnGAD^2i&k^L=<-KcNNz7xunU2YLtu)B~x8=cD4ye
zqI#FQt<WxN-)Exy&t79xrS-D8=tNJfN#=T%qv-ST@bX%3b#2cIqSw52%hllgV5gz@
zRdv06`)1?yf)q6cMw(MK3{}k6=w&inwMTqq4(sVXr*wZg3)`W1;0rxf)hX$yG(Avk
z{Jk7@_?LR#p|@RQWlnJLLM~TB#50?SP{%Hp@b%YyL@)6Xw!yOC*3}HH5#!3Ai*kF%
zD|aOPHNb};fUzNHrq5uo#A(By^=5b;Dy<2k^_wb?|7Pyn^9Ogxv|h%{OHa)0!aSR+
z28SVkg$NN8_qihIvNjAj|3{%)unzZF2q!DPYV8|mKW>;0kk;77ZVZDt7NQx#L>kW>
z%eI4vwhMEci)E5F@ivSv6SydLq9OnTrv+seyrjr_+GpiO=+!&PcG-Q-w8+PgAHT8n
zjHUOt9U8?XFuja3QRV&NQcfr)-s;s2@1E)_<97lsepLu|kgu8osZYsSAF)`rUsQa*
zGR7Og3>pPvtgp;hO#cO)@7T1iG)JXle1E|Me%iMo;tQFQh=5~0(xs8;4x}zoT*sY0
zf@q0s#J|8Pg3!LR%6a`_;?5L^L8elm97t?O^4DcDcMVI{qNt{(1`_29(3G7HOA{Uq
z$LJ0xOnaO|BrJ}OzZLxu&s~8Fv`r)u(l<DhZIqU2>*A?~_fv5Xe)@b|9Sv>Y9wM*S
z-|rc5H~w9^_GP~UK#*O~hCug31P2g~FPD<yg$A#h4P_>=k&(!K1Ot$?t|8pUozs@#
zb3noLH)6LSG3#9O98zQ;iP5hQ^}NivFB-5(YzNE%Ne7tocNLOo@^R9V>=Yz&L52i#
znZ!LF73L&Y(5+;~6@+)UV9r4=TP>e6vM5@i9pdBvu=Xr{dX0)g@h^{|RGcJ|5uY8_
z8+hQ!sQbYFekrG8h=6@_xE<gnZnSd{)HT3_^SL}LGqVA&04{_~rItZ<@8gT}_J~r@
zt))P7Of;iVQjiGHN4CWHhGUsH={Al5YTE#h2V6YZe+tkCZAkNhSpXY2N|Y%OJ(78l
zjzJfsa^@i2=_%f58MtOscj?Y7V+3?2(4neD;b;spnE1%BUgG<;=jZgyN=*tK_`cWA
zHFo?Rd&WX2wAwcF#Qsgf6+36*Wu5L|YF@p*-rN?3UNUjXg7bcYnQ@=n7&z0q$A<g{
ziAbEnKlD-oX0_|jnf~<1IC>r_ayx&paDsfrIWs*x?8o2cK2|&wI0GuCLg*W&rW?TC
zfla-nmx@2&bk53VR19TZhKqH_vI}@qG1&A)!%}xmI}wI|RkG0(s5UZ+W0jPg_WY-<
zX0{5mwM}$G&eb;&9~y7qAZ^{99Y{K6ywn|WdcMJ&WTSj2_fG#gx-SkBiRb(5XwQTd
z4sOG~Gdl{N>E<*)>D6*E5n=4ef>sAcQ-~HnA?rJK&Mr4CTIR?uO<!wFOd|R@=>4aN
zibkG(9j`FmPgK)sm>lA;IVioxxk9Yo$o1@aVek7p2W5>kRzhHt=JZy1lf{f3>Co&f
zm6sPn6)R)AQh&y?U1M(K)c^eA*8dTl^M2)iw?qG*!8v_Pa{l3+jt}QrtD_XvxJzTK
zJBZpcwBR6v_V=nlpY!2H*ATxOpe}X|A8cMICjg>&5??tUYoqMsoB?w<1ffL3%Vz}n
z8j>bSrV+&zx-%o#7|48eI5Oc@<iS=2g)snu*DIMmt)es@5z(hDodaEML+=jO@zVN+
z*<~I{qn=CZRG3V74A@eo9QPbjNHU*ri;hn@v#}xJf^BVWJDy3zvK<?SmZF{bTCydK
zq!vJSrye7(dGswA*bRXf8OMM#4%urL_rzfLf+`job`-ALcJKBn;60r)3el7+hF9Oh
z8b!q7Q%G$e*<$O2iUes3@+NRsJVm`mkUPk9!p)XU529oI6fqaWG>?-bVLhXe`7HAK
z^-GYS5g`sne?szyv27dDbN<b?0wVPv9uz70O=7fRyV!VVkC(bssy`}bBKC!=l|<|8
z*>kC-XGV<Fj=LP8cS@e+{xX$vfS~^3>&5`@-Byo7M;aAeo|ZH2_skMu7`N+&U>`>d
zH4AXL3an&m!;{#J2fejuw6QD+B8c^sLH1`OK!iyqJSh5vs#+}~A$lR>IfpQ3?g}6+
z5_me)_g?eS7?fZs$XJIO^B6?w#2!c@^5EhYSfM1-s34ldegwj!lY5{s>CK0aS&tq?
zVf!V5D1<4LzU%57kULJBr{K~ZR4nk+g=4W?$HfG&Aae$U`9z-lY;^1)CLvfNrx^Bi
z60xA6!7l=%gW$;6ZoIEsf->9o4rJgMmH|?UZm~2NHfWMgdNvYcX$qi4&U4<sXOA(;
z4xv`tg+QNCv)HGX1aZI=R3MZvqZkq?JWk(@n>O9EN{1v7P3OI<r{TGA!Z6Z|VhHs%
z3M-sXXc<Mg<ul}dR$$KzMIC^H@4DIutv`PeLpu)kU*84%{Ab$X1~0;!5FZzZRBfD^
z<JK2HdxbS?*B+<X+_yG2H=<OatFnJzqNc&lBv{^(bPRmmgh<fT6PYhR1oep)jyLLf
zqFSsrbToOe5r0H=ka2=D9LaeBJNM4!V!KgqKk6%HQagDyGqHb4!`qmK>i6^!9UXpM
zmx8DMQkgBnk!g52@f{yg$wb?VP+1un8OaQIeyW?H1d@UFA4n(+Sg)$85YAnJc{LSK
z(h8dRBB>?~cRu=AVQ44&NoXf?-(7lnSy>7okHjQ2s6Lmnva0F=m@%rlg}f$nS!40D
zsKb6|Y3;()<^jGoj&Z@RC`Kf1*MGW+rWX_n(8mNDS%DBV_wN2b2&jhsZvm=(=DEi2
z77@(kBf(5m5z-b7Occ8H>ObE&AFyO+UJ-R}=xRfi-^v00cJkDzgKHRR!mnodNr7;1
z(^>7Iv-+8^b#|04&9l#1X87_EDbKWlM|NFH$VLin^Jy|hi9|>!k<1DT)P&kjb;GgV
z1>Q+(+(*o?lIj~9qx)A3_$;caVSD;YZQXg-`5BD^%>z!z@wY^j%2~8t>C!OE{2!pI
zD0R$sa1fPsfLTbv@jNh;Wa99#`aBOIVP%&^EdvARQ;Q)tMjprxv`B!r5QTCHi^BXi
zG60j-FU=Vh^}iq!yHQdJs>z+5>Z+D(Y?7NXsQ}l%aew-Pd!jN-)Jx$C(^4DDhBF85
zOro-Sf~;R&TZM#L6_f@@qj+@gPPzPNz#BfTjDnMq_sjiLw$=_l`z&QM>g^MmG+L9`
zdtxtOcA<8UE5(0z-5hlgj;7CQvR0>w^jV2UG1Je9%Bayi-<ByO5)1zPS&2#T*S=ec
ze>V0^x{0|06?~&t6wlV2;f8h#mhFBwYZ`y=ShUXSjkR{St=qbQF^d&T_`Prk8Dosu
zwifF@iGY$SHO)lQ%f_^`=g${l*Yklz@e}mAJBc%65);892(E0dMe-{d2@j0ZvB^lC
zjns5#7!hH`MKYH`BmCC>wABCp5T^8k0M*jcy0v~2>e9su=Y0oxrHPcYjc%iuQ#+29
zYVnN&b^nA)zu|PMx}1%NSuM*pxkL?=J%c|394{H{l1>N~$L6HVDQ%JdV*Tx%opW#(
zkWKSj(ZiZs`%cmXAv*u2pM>RNrMyzgm;vZBV`LG4bZ{K(Of09P8>%M;H9^ao1ypXs
z#v59kn;TCpL{evJ4(2MZTWxKUO2?807u>f8fYcRHV_P#k)jGYxbV<)84C6xbTFZ;l
zaZ|joz5!|Nd{(GS-zwt*5st&AxP9V?yx;~yv|UBzV!7WgKOqk^PDGyyuNL-=Lk0{;
zw@C^zRJvr6QL!>7;e2J(+^Eq>OaHBlkmptH?V3Ap-i5n&SCXvrYEe@avgiJnfP&8h
z#OV*Yurw%3<Tnz+umD*CcY|{f$bgm<Fm_3Gb;4N*TX2}ZqnxibPC7ce5mMdO+ZXWb
z_ssWMrmp$ab&_ASBEMM0q$x$aG&H-POqNKIsoZ_JCm>YZ^p8hsN78p2(SBKezv-2q
zytk*h`14;a^95oA7i1Ve+$O(o$J3?r^h@U+xNBUe{O)E{!o73n4@{dj#7cPf=bMks
zU&pHaAI!SaEOTlh0{+3@FMJ@mzG+n*f82<Jy*+_#5H2&RyH|8|L2ZxGJr~6eiJg|C
z`tfwGN+s?7kOuI)U<zSIs)uWWyp4EvuO;i=4XrcU%~~C_hnQ<DQib#r7oykN>@u41
z<b3ceDPtz{N>@GM_y9n1lQWvc2Vp~aiqp(eBzVceUg6@=^~flQR?bd(`|vPF3O)tA
zUw<AM?iFeom09dvMo;#)-s?||7{1y(cnACnQqx3<EFH{9it)3VP%WQ*CQ<I9DnrLo
z5Df3zFHUs5&=12ewIP$Z(EZFJ9JsK94wWUjc)$tP66247bYzS*B04aozze7+MAN@<
zFF&M20duRGco+tL0jPe7|0G}`W`BVwtsCpKLjlCsIo6(a=dDoFU<mLdn9}QginTkI
zFW}(Z_9BftoLWGv$hZWE>BVn5IXX6=(|vn#0~rEbVwZ?sk+`tXoe*&>@@FlQU!y){
z!YA>hs>-0REJU+m6%`|M@J@ju1{*tPXlUqIO{T4y^~QPekvgp1SA`hmEs+<}cs0jj
z#zowK!y(bXh_IXG0Gl8tHVv{iA2r6fp1oDNiHD;fJm5odv;*p8Wb>Rz_N!p7+PPM#
zmbvvNcHY^jFo{DQ$Ovea?s_lLIY)-Gd$Zz(U%z9nI+4t(d&lI}+eELpt~18nJCvrz
z*}Xz_^uvS}z)v}%E|SnxL{%&%CPpUz0_L@&X?Ms~6haOVP_jGi+=s%ic3rWm@nyuW
zMA!rsmAnA%o`)ft&$XOj8)PECO4#{6JmUfNq~iv-i$*Hdb|sPRY_r!d!Dl1M#}C+d
zDz8Tj^vn>nTqODHwq3ipfgBT*rV%8PTHUk#-!WBf_rMvT4~Ze(YT@(uN0r3fI_^Ze
zr~m{<jLjzuUxt~Q%&1SBbNL(cDm(c_jGUOeFBiPcL%oq4%XZS|hPG<bM*<Up+0Iqr
z5y%$${U=Pz6Rtu2>-aD9J`&LuI0NGIeC$IWO{n1^f+_Tzx79Gh@`s*fdA_$on3kd8
zY!r>DiTa6Z>gvyz?&`CVxidBqI^ny2dFS!TQsMi(NRrCdtu^I8gw<lvm%;;k=x-!!
z?Cea?XTpf@z9&Wn6(e>{cN=^Qv<D;>9%DeBkg*ns5@<gG2aFH4FcMRYjA(3-C3`jZ
z>`?(+^1T5<WwumGN>i4D93Mcv^?RmZvKW>-nwRJWC?DPT-^m9L=3xuGipa5nIHCbM
zi_vjzW3Up>gC7ng4zh>bMt0AOr$cXn^u#FbxKEv(#B*qK{=EJ=`ms+PYZi!Vvi3F=
zzh_U}Gf(BmYxppofl$AINu#h+!~XHM)kb9mJPpz7W6j=z5F89JDZt->9ZW_T39#WQ
zWFi_gA~+0rX0BVg(iKydP=*s-K2%QXU%Hx`xxc$N2t2E$uW#|t81*KiVlMp3R<>qn
zz%>ovgs^F_-=HzeJ;osYAt)Rop8!Td6jPlA*Y455qa$wPECQLphm(s0;&ix(QM|2E
zcePT)K*-C;zdSw)eo2BR&gaX1ekTe}rs~IP$LRscNbZEzL_<6<1sg9)U!ta1Z}w(G
zCOs0n>Oy}04Yx)GO%m?iyEJL;Is`3TjMG_NUQ!~K(B9T&41YP0(3$OkCNbSEG<orY
z1<!E&i>*a*upZtR68v1!GtynkV8H2<OrUgYWq#c7$hiNwIvz(|ak5e46fH!(O^mUq
zA!eHI+qbXf>(?E}kKaDylZE600TW>9lPNGhEkjme&s5J8uVp=-i}xlTHo;bY#@2R0
z`9>VAckXawCPrQ+ob_(b$i;G~@5N46QdM;s7}v~pl28mN1z&3o(lo58aU;}6zfA*B
z4<N}4gWI*We?OAGh37m=e}1G6JG)~7Z#q8oULg$d*hOR?1MrJN`HNR_Gi@ljc24@~
zn)#AvyI3-V{VuRpiN9a_ngcTyabTw4fRAn+vvvY0!__)gr;{tNUXO%+oZKLUF9Zrl
zDo9dD0y7bcL0ctV5P-O_+S;QJdOpd#9Y|H9X^%;i{bhN&rEejF))DnW%nD?SgS~~~
zikwV@lpxV*pXox_AHWLK`=2@2{h5~n8i7JdJbY?{Gpt_3DM5lk(rXb{1@j_uZ1Uty
zcqs|-@q9`jK77cptzCjbI4={REs1{v(+I^xd6jMg8)zr7*(3c-aqHIEFB@b+JBozA
zJ<aqVTLll@QG$=K8f0<`I4cl6DA#VDIg*Kn0|KL~Kp>!VBI#pDbK6d%WhZk;OfhgT
z=#3_!u_e?M8A*G8n?1b7nBo9xgRmiFx`U>se*mPi&cwrpql#;I&A*=U2;YU7$5kzQ
zJ1!RPAQ{j=_vO9I>QFyI$+Q{fe#*A!lIhk*K5hK3AA-mR{gp<hV==)rs|r8`m+#RB
z!4NMobAi++HWOf&B=uW;u&?ha)_7FONolh;i=nrxNH})8hnoVb3YxB^>(<RiU;d1Y
zBzj0PpWyn!I#=t}jW5F*C+Qm`T?(zbpe52+c~bTLFmVC^I<4o0L^bnr85LoCs4xJ(
zyP{9RLpSR=?0eyJv1)>|LnGfQdK|ma{Kt--AGuaeE(9ZrE9K{0Hc!<jBZm-Ch47|i
z+szaE-1EC9x?j0pZ39oDmvw$!uoU%lyVmz(%01w~KFP-~o_}g=bOVG{S8nv<e2K2T
z`{*y`RaLkBKPkeeYi<7Wzf1)WNboIOtLKW$tQQ@qH0Sa0ne_KOz#rz#lle5}&?veV
zVoPMv;0xHwrps<TnyOosa6w)O&YD@|=1k)mWLme58lQ5j$ytto&hz<WL(4}z9bJ%S
zB`fO_p`jIDhM*k5dwL0n*}yO63Jafl&|`%W%0jYXuTJU%chAhs^xV9xeSUo1``mXU
z%C8$uHk4W?Bfqqf*qA`4p)2Qkx66sOr;L94fel-rqfzyqvl@#)W-6~v^jOW251)e+
zif4qRmt7Knje$^N@_0>~CWQ84(P1yv@PT!Udf%E%8~)A65H$-vuSXL$K9Vx02WdwE
z5He^@W`I=$ivu9HrRm1CYwqxe!ND$wMTzrqJ3RQh!xUmNfR+tUAE5xBa642g7g1?q
zzp9yk-Q<NMjYMY>mnIy7ppN6xl{JUQP8>f@#(BZsCaKF(f0l$Rfj)!yVsT8_1FfIk
z5Rcv#Xb7@?Nu2=-f<nRJ1S_xmnpGo}Vv>??j*m_;x;Lt1JhtW#13Dcz+*D$;iQyUZ
zcCku7-^W?$gDNk$&p)Qa#GIpVLhD{!XN>bU1v7bYy+}H0#OG8?m$9XJ3(o0(kS5W*
zD22%cnVt9M%^b9<a|b?Hq>`vgcDI+Z-r}M&mUZ=|O6AKo(Ys$M$9@TU!gdjmY&5ym
z+ok19*U!6INA>mb_Rh7YvkVYxCk%xHc^4717I3<CbnSx3ia{1Os(R$oV9Dem+6bXH
z?!ZwYnevW^SVDQ%NVOPMFQcx_Q3_rHQH88fm||D}N@U#l=S|{LN2LQ0*a!ypro8P;
zpoO4iUH9KvUvVE|9~7)7PoB&L+&7#3Y2g|=QEOnf6i_~rLyFyMyE^j3AeaL9B`es7
zk~kSdI3K2_j>kd=aclS2rCAB1BRM<LXO1oV#@epk#!Lh+@L_)<S#W5~J~cF4#91r$
z81gR&HlAV;qZISQ4oSu&Q*b8yN5$|`<OY9A4{LoHL%aW!wKa6gt4X97J^?uw*Q~jm
z<)S^j_dg!elDb$jnF&jn030OBZ}H}1q}~=Y-CSCH-S@SWabx47<_J~T<^fxae@3zp
zSK{Hzi25|br_K{q*JSrGcq>t>kzEYg1=3Jl8I7GeMLm`7uQTR#v2^r_0z>cy_4bJM
z24CL2U#PW1R$G)P>^iE(7MxNf{|G!O6w^punq^)d8u_e&kLAMcig+v17r~|d1mQGH
zgz-cJ5JnA6S-O?&P~fjO7Sr&coC$a{dOyl{Co&%NV4O}ubhN6qGw|c8)KekJG=vj<
z>FSbNYj*s2GKML*jgIWq&^Qhq=O0y}tCd%;zLcn!qN0aXelv)W06;rARso>BymQws
z;m^W=L0x)p)J-pnbQxKN5@CtmFdnEexIi;#{$73f5K@!v@O~*hWdO<5@ny0>d!FHx
z_2|P&lSav`udk0pSu`wum|gRJX)PO1Re%!MYG`PPC?LS1CzT4iuUX%tJG2en{$2^S
zC$2xlxbT_tOA7N;B0J@w^X(DcODh`Pnuit^=|*WKLo{V%2pkHC24Ap)zqL%-y~vH;
zucZ_l8v`|!jNsM17?1-7FAc2+>Ncnv6JlcvS}<+RF2m&E3Dz7_77w>^FL&4I(*7}v
zdmOd=q2%N24wKeV`A~a0UFHOGtJY!`m|hOTY!GRN!@p>C?}JCoevXTjq@*d1JfsEH
zVs`fclK$2g2we8@F@l`4Nr<D}xGRCJ&6F_>Zv<wkwme!_{BD^AnYxE}(=<F(4<pt|
zM-6@hA!}3Mt=*UzUaC6#*-JWx9C;KY|9KZ?lR=^JLL}PX-@luX`YkOj(($9j?TuF8
z0^}^>`>sDVJS}>VDF+%7Z6eOfJkInj3JPvAo~RTk+u#_@%g=u;`Ci|?NUofr*q?=b
zK1fyTfdipUfIr@?h-Y8@3+kncp;S{2&qHTRzrmqRv5y`J0+m81%wI0(<Qi7Wg#9mR
zJEAotLrlO~OiA!L8(iuyrxa&%uy<DR5cJ&(00xp|BJ?-WckikXMM8;LxP0Zx=PmwT
zUS1#j7f(O+u<KZ=f2!U)j&ZNomfrkrON11K3cObIcAXL1=wk0epGN{m>U$A~av6IP
z=!PPT-UoU#?Yb^B^AwViH25e!{_?5OUSH9J{mnkb`h^l``8IJ$@R6WgGTR#}0@;e8
z7k3sTQl@PkhBqP!X&x$|lU7zc@fsl2z%sxeN9zmMr!VQUTm_*e8BZ%dw(35T;;row
z5fM4dY}olQJzcnZzgU@)BC{^jc5lYhKfCU5+QZZ)r?3~q*Ae$I;tJqKz&!>n6m7M#
z;P-(>!EZgie<E{9o$*NBCJZL!c^7lVABGB4Q208=VUK+|y#3n7Hi-q1I++!tlfC_U
zVZ>hhYsOrJ@8l!sau;?rE(qC{QOG|=A*@DMLLAA1w#{1QC+nVAh@MJ$$cgEG#cSMq
zc~$fYTDO2Yi)TR`Q>>qLnIDB~_apj};5Ws_%-Mac$Mhw}jge-fDCQtE18S~*qI;Vw
z1T&;-b~HOfF#VSBIIGjAH&qni=t72V0kENZ?6WA7kr8rTVQEUwq+9pz?;rY=O67&E
z0<MzZnyt-;QR)&cGkQNVVG`W|51OH=xgV5b8$_Xw|5jb6fE0;7fuYQQpd|H`36#(R
zYDyU$-D&>S0jYd*@ad*F?p&lf9E%@&sXPg70{R%($uEK>p^T-qi7Fq{Q;r*T2oqu`
z4)dC_`mVN7R|Q}3zp$hZ$N;|mq@^XP2PfsWOv$-@#X634&FYYH?a=La`(8_BH!cUO
zg%-LHlDn$`0ZT`JW8i|o_VKKYWqbbN3|%p0lm={oE8aQb+3)N{H<S}LGQ!#zCDKZ3
z!|15FEZxQyd*ZIlj6@f=G^7Y)@6h?11`U7YukErsXkW-E9g;ajj~Mc7AnN<8&pWYS
z=H)?`PRtBAMg(i@kvvbLnBj#$^1&s5mcL4k0sI8OwiysU34nw_ztwP)#Ljy(3UEy|
z1cPi4nvGdmb45k{VGlnWVq`w-Oa>DM1h|p_uFd)D5M;`%s;XL!6eMKHkUrWDZaq9S
z7_Vosa)5TC`yc`|EnQtNjK8Z#5O7Hm9SA#8G>~BN6qn;6AvTzTNtoD=&fsdn1clm$
z{ep*~URM0~+F!uA$SZDy`7n}yd=C~p$x<(i3|Y~b|9hiBoQ`qR%OKR2Z!J<u1%MZR
zcG`o!p|nF|2^}wnJ?v;C1NWr4IZl`hwNj}NqatKAxFixY!p;<K<nPErIh2j*tg4kt
z`4=iijr@jZOV`k&jc9tZoSp*Zcj3s*0&$7KGpo~1*IWYlhg>7`x6NkbPoO}#_^(f3
zUL0qN0G-3Cdw`Z8kXH|z<uSCY&@THCrJ_|$=Ao`hZfJD3+<^X`s6&CvTLOyV;!WR;
zV~}he*BLs)$i`W_Vuc5$ugQYxN&{q3URk;NHjBktPvKI2{ra`9Oe^;<dxGi)DalI2
z;((}4V=T313(>ftRQ+|VJM<9==zLy-!Txxzcxxd!A07+9?DPC6jkyyNj*nQjM@&s)
zx8H=v#gu$I#aAidE~Y0SXAEbhY2WrB<J&J6wWH|<b|8zmBJ%S9l@%f#>IE$IuMCwV
z2Kbh5bV)2x4t|Kr!eO?}c#R2JYd)4s1-RBDgpEYv$m}KEE6$@s7&)@X!lhnB6mczN
zG^*Re=40tyv!t?@D*7feuD(+Wo_j;tzD;5iqc6pV9bg>Kd=h%1SIT-cZ5g(gYls7T
zfK1mED7vI^TL#dwKR|%gcJ*`{m*7j9Us;bKF?=1i9%F+mkhqzPe8*w|6H5#Y`wF8D
zZW&W*qs#5K;$D_l%=oUY_9sa0;Op0CqJDw`5xK*{GiJ<Cb<u7#mx`RLk|2hF2@tSE
zV`L@rGI>XbYJ?h5MEm=rmb;gzn&NZkF}i(OJ@*@vF_PAg@H2=d-ZbO$`1h|p3tWW;
z$<Ah{frKL=bCuWKbsq29683Hmo9Nd}FDQ1PJ@F=y?cE`a(P_ZIk%y3wm@jyK;-8;t
z5!Kazx~mQKtd&S!vKlVLls@u4(o*E&zO5bo67B&{jB5sszvT!3Pdr{49r)ApCv&+5
zpUzUm?KK$!ir0NX@S^cv@8<S3nlakYKjI6~eJ*cb3a*Rz`a>z0pYNR|8#Ugb`JOUB
zpNkz}`xW&_JsJrSYikpFXYYA^%h-hY?D%n^vl4vvtv2!`@EQ9;+8mFGUR3Z9Q1$=U
zVaMrRqYH}|QBjj%_sMv7tLyxQ{|A_3nDJ>^fqJU4{}T)Pr{+x{A3XNN5S{Mtfq^9-
zKfW-e;{+I)P&s*beC!_>m^lln(tz^wabJnp&)1iy#YSGt8N-MOHH6_C$oHOxfDq`r
zX11c{gVImT^i}8u<lSN9MLm?sTpj@JAWWQxUzkA~CP_%Y^bYp+PBGy@Mk0kmGV!4X
z+o+#{H40h&Hc3uoIyLs6tpSRDRx*TwWEdBAKiDm&=&D{9j+D{vkUAk<B|0?hKL$w>
zNr-}U1i4>30kqhS#q>0{{(RE8=&+xUz+^{ia#P>K@h4UXT?z^bnbnR#JGltaJO%zA
zx&Q<NZGws}nl(taE9|LLUPj6kjF-_RvPi56-4kPs5+*P6{(VWflk_0tPnHxDy8so*
zj3Vr6me85y{RWB^^^XZ4F1~e1%5g(z`~@gvo}1f-l!0a${*Jmj<jGY43hXZryT{OB
zEB;($_Q~%pQuBN~5CPEubqk5vg%RY;z}F*UiAa*c$^>h}FKJ|V{ydin56*LnYh|TA
z;<)xk<Vp`{?T8q4i2G3l=VhX)>Feu5;+U4+B7Xkk$z2FTk)lN?Im<gbIh}=+&8X&7
z(qpdin7}KL#D*;h;V0Kv(Lsl=gT(!!Z~-WS9WBplj`r=I=8hkCHO*|%!iC~%VFmq1
z1(=YY53JpNZw1Tcm9ujssRlRf?M1X3SI%h9Ug%$5oOI+=ErGagyCX+#o^%0EdB?{G
z+(Ld__`;lk<|~)EHCYDv+p0Lo|GW?xDGF};iGV6($|H5+`KtHmF@IgM@C@y=_Q0AZ
zI(I<c#^8cb6=1IP$Ov!)NJ^`ZlTHFkqPgtpa@?A1%BN4CD3liZ&Yg4|5CzazkR<oV
z{Xgm+Qk3UX4GqJ)A0hM;jwUGO7L@OcP!vRMMif%8-h5<k*}NHpzCvj`Z^z-Lg?7}T
z20>E*7VydY_k6A{2K}gC@P4s=zF)16U)TSmK$#H|{@?2j#=q7Z^)uZi=#=l#JV1Py
z5KQAyPd7*OS|P+v$bm5pfCA<zRC-Z|<D<$fO5VODP^hq_E|>$@5P|vPLdgh5fclO1
z+;nJ^W0*aFXsdciHAzjeYnNAmcsW~<>%kb(jy`?);)ybpLfIhX*S&Ch#0bcWD&+|f
z&r-ANcplpE@ep>Hh~e`fL4r7g1K3D5BbKKfAXPvp65Q4Nee8@@6bB?e808r7A~&RH
z-B{qOgGYmuCIEG)??^Ndvd-cH&Ub&>4)qh}y1zTg#tDMgAQa<!A)zHju$vY3GJHm4
z)$xF8(Nr3Knjr7}?1LFfeBx9@c6{Ps+a7@ZvY{P_iYG%bpeD!#><lsTddD?B=<P>B
z?$9SN$BKym8EPp3V3N#<PcY0n+(jRm;Hc&rJO9?YPmK!`V6&06m^Noz#7J(GV87by
zpr0p~pwQn?%Ba5{YDM1iVI+hbkgfXZknnInz-{p%k@y2{>!hw?Va~AwaXOG*;p=Wv
zQu>j_?%sk4jf1-<IJOf8qLHdGSiG=kUQmg0MT?l2FS8V+2XlL`uuS25$58?smjB`?
zyB&P)FTWhWYn-A#yx#QHHcQKd*Dup!u$zPMiZ=g#95#3->`iddbh{J9E|+)lIZK9g
zZ`(!z>Tm{Rmw}hbw$(}p8%<VzNk?@^=GLHaR?*UWdn<UO!0j*oSC1+aDv)Pgp!GR$
zSg>JBq14)Pjj0ziif2!zT5nntIal^f`DPa%a~KeJfsKXT{8+n|@9&rV3qX{j$Lc=T
z^U@uNAkHI9koi?_5o{DNz#9!i28Y*jZg5ss7I8pB#Emzfq#gnGcN`X9u|f>P?SQFx
zVq7|s2Z6N}g3LxEx?E9lF`8dEci=cm3qZ~Zb$ZAnp)8(FD36Gy7~@c;B7Ap;np#^&
z@j(|lI5=W2MKe-Vrliemw~;65;HWV#V$|DF=l(-(L#x-U!GzUm5)u+*yb*#!DXtUj
z;ia7Ozzx?6a<+x8X87xI_LL=|eM4F<a{a*j5M{W$g2JQr!uKx5w+oV1jG36T^rGod
z9bLv<QjODDhR=jpFvpPLJ!P70L-ppODI<GD7>e-rK7K5M!G0ID<8~mwvxL*XP(jJT
z`<cY1950MY<-swBBdi-yU#jAPg4JqE%asX{fnSJtfO@FvF)d7lB$`q_A)OwvdWE2B
z>p=w(mH>DgKtaNK9BOD36g6HOE^5znp2KV7B6zQhdv9p(n571I2^UsXoiTbcP+&XZ
z^gv{myUkvIdfd>{k&x!00HH|jI!*2VW<k1f<EfQb$WgM~|3%=83Fh&1Ps6k+|5kgr
zbwJxsy!5z@zvj?Be&Riy(nC!7FmjS;Ie$^*0`z0<523|`+vL;-$v~MU3g>wMm+v$%
z5JqFHanxbyAr8PX7<B|l1R@s7i=K#I7IOYKxKs)SBa4ptMuBss<O-mcA)_x+cF$YG
zP(DbYYKXUP$Hq2*TOmqNAVcUgGfr09h)!q$+9iS*{Bg`vyE%H5O64tesH`5QrC~hN
ztf87N7cYdKw#4*4#N2`WDt2s}l<jCwTGA?jD;d!GV^LiV3p3ZEZyO!DwhVyt(2|)X
zk5#|~s;hhqjX**=0Pxvq>&ui$UyjG=#~Cf=5Hg4a(vk^pc`oR#FwA}_lH4u=s%UIa
zVyGD!iXg!5SkRFD7dsi_#&hF1YX!ks{cHb@vpyc>&f=^KquMuPfa2_FwOwWhF?Qk-
zu*6$HjX|NHELOR`@d`a<2smQfP{4I%2N%Ztc!my5yRqn9mo6T7w9fyp(bEstP#b>v
z^eGpf!xagvLi*?~=;#UzbMQ=sm5Z6yZ9`4w)PtxALsg=VVg2M~LiiiS_GK1J#fAz4
z)7#1ql}QB|0<vLW0$ov2v4SyL#F$=$lz&qon}9<B<R3Y9Y$;q!z$HQ+BMcA!5e-%a
z3h%^)q9(D0+$OQja&gR$<>dtsKlrloCVQ>ve9}qZ`z1taO1QG;<gUR7s|c_RLM5*U
z!dG%N0E!Q9VZZiEqI33$h${BpDeclV?hm=-FT-S>@cZ`k0!!BLm0E0s<8BHF#RvN}
z{>hgM)$DJJ@-%Kz=8X2{HDmQfr>8HHv#$MorKGTM*N`G8P#YVY&_isffk^UmE^16{
zpAC}f{&7P$u3vxq@uLrtNbBiOZ-$4X>cf~03W*d)uWA}%zAn2-xSbj?V)!3i`TW5X
zxr)Pk=Ls{)ze4)szk&oH*3|gr=58}G<fJ?|$cbw#yg9@@qIGa@0UcglM@PrLHtVmG
z&T01+{YMcTxuWsL9a@CVl7f+DOk&>wi38dju>=Iu=RtSkE`#9ONraVgjASYEmk2Ru
zyO$0vh7l1Io-eyQhiME^(C@=1G6LG@5nX07P;V?yQf7U9(9+ua1eI~Z`O(YIB+4M$
z<1QY3(aQ>o8|i(DeVU8K^1&hZ{KOeq5}`W5+PnEh(q`H~{aO2)y83kBS|pJf$|}Sh
z5>*e^Ff8Ubc+?X{B}|U_3i|E!4G(t-V)cAlSBC}+lQMAqSx=hMv^(<oIOBD>7RzO%
z?t{{N@BSpcF_N`O42&ohd}Tg2Hw#;-$^<_YEgni$BWN{nrj+7?Ii<{eK8D^Hw*jXr
znAGi=rOZcv)eh7p{Fx||6Z10tmmH-p1OBC>Rdipy<w|=)g(6YVd#OZ8kMv?_l|hW<
zsXk?1gC$h$+apv9m#cr2S<F@%EY1f#wl?R&fHg<)=@-q2E{T+psu5NYZbr-TGqOhC
z<N`jmf}Khv?!fF%q&Ch@I}5`N5Y@Br%#pBAq}ZBH`{l3_1!*fYBHP>B;cnnXdhmmn
z$+t%_!~>RUZX7N|X@{(sWw)6RvEH1Wogv22I(qc9Y#NpdLVUd07n{%>Y~zGnl6b#h
z<}=r$Q3VHcR)ORK!i}|vJ^d5t(`}5zk<feKA(_$uiOQ5?y9=bs7}!^3rvZEgpms00
z6M+DxA=Z~tE2+LKI@%i>r+BDbfM~-gJcT=X_iHJL_0&*7p*Kc}`dUP^YbbcxVI|Fx
zZ8+8Dpj7`Ltc-q$uo;F=Ht8|@Wi~Q)`xS$lj~eG#uy?;Xl$JWeh>4koaSx_V#iwrd
zdZpr69u$ovy8NOh2qw}hnbwzL3gx;+SM~o`Xr9I{umQ`;wuX<-2qKC{IIW_E5%(jE
z+h{-3Ev9c^z#MLlY>yFzD+6Q8cOl~$d&wEpY>$g(#;6DJQvOZc&?&oi9YYgmKh!uR
zzhF8eba$%1-Y8lq4EZ3cKjQ9$kT(j$Fd<^g%OPRtketDR#Dxbpo}UW`Szk}&x7g9|
zy^WhhT-C>qM%Z`A<PsE}uQGkF-Ju=4-PT-RKM6*ao0yW7TTH(z;Pg*8m3j&KCt|om
z3;-D=hx!IU#-=RV-o|wI6&)B>L%eKYk03}wlI|y9dt6mVWEtMi3Kep^9w4Rp7zl*T
zNQnW)=#9w-b1~#7#a7Qz<F&P7Z!s`l^46=o*B@hi$6LQWj6(IZJ)d{uood7~t$;tC
zgqTZ6+}W<oUbi*J0Smn@Nuw-MLMes0k-t{~+P<s1(MCZEMR;WFfziSYc+Kp;gqe{6
zSk$pLU8LH393A<$MoZjITDxh=Hq>+2pCLg*b`JA}MC5dHbgXC+#tRIPv-Pz(IZj-O
z2VCf=x<J}2h-g_$>R1NkB=)_p<&a-{5ibJRQ4`D^R>=fefLXh<{nXq5ObR%EfGT?p
zjK3sj6g;yry#HKPWEeRqMY111-br;H{w1R4nRl7yKZGKEhxt-QcBe*?3doNQpu4-2
z`m&48aUv;BP)1f@LJ3+qD4|at9u6*$QfnJZedt_fu@Mz9F+KxsGKSBGtIAs>Qu}E`
zqexx;M_@J>s^|k;hs-U2HyMy=eLzsL0^`Q@y0!RsT&P$?IIbsp3)RUmH5wd>5Nce2
ziVL|A9uJ==vJ*=f+KqwDgKG%mrD;K%J-`I$cl`M8O<%tJ32X_A;-_v!pl92-y3ztO
zmL+pIY^UhrjpVug@>fmfCg#HrKv=!4rfV+GM2-QbOr0v{=oq~Jrn5x32k1OE+o6|q
zPB8aWv}Bck?;dwt8XZrl?Va+nmd<g$F>PD|dW?lhYXPt=0bL+11)QRgPx&O~FZ<Si
z`)>OaG|U4!yP2M5iwHH+X_0<Y>?_6$B%1t?VLqR3YzF;%yTC-NJ6HB%#cpd^N2o{t
z3Y{(%R_n8I`16OB%9jVSOBGw&jc6i1q@e@H({fu}^8VS)fr&U@S$V&Vz!}*#@*-r`
zBE(1rBt_u+<*hysWF=3<&Q1=fHR0sIzeCjVM{KN``Uf<Fcr`$@P6eb$_zcpB9rc6|
z9on&r$jpERi$s4s?gN<$tne5<JtjlBq1^&Q_Diqz$&;=c;(YfveCviud!<jN(@gY;
zAE07^egMYUWl$}nvy`hyLaT&w0`UllF_F0o>SY9A7HO?e#6lxOqKwVV?v(X#bJgZ(
zGno$wO7~X*UY4vFT)RLVH`})HgO>#@JSlv?#O?nLO~vzDZ-K&WmY4qn5HFcIv2B~{
zarQqO47D}E6Dko1df<Eo1K|eaGKsMUlElR#&kl|14m=)&A^0L9?2KHj&KMA-t5`AM
zr=k)Pc!;9p<;y?y+0I<={^b)*g-7m$GoVJ|3tF%CQ(R!nyF~FATvTM>P=Nq+nZn?9
zVoSzYcp3k^b?eroCXf(-ba`A)3Sv%=MvQjKl`C_M40UxE5jy|jLmj=4fPh?-wC+vN
z*``5}ZuBTS`zBOiDd^68f<JiOVULMy`OSSF66~B<Q75T!LmH`nzu(8-X2}|X2qQZ%
z><}a_`{q`s!|JCX0)(;(#%7Pb)qpAfUM&7DA?>@B|EdK2C>AU>><jRdB;WrF?+%NZ
z;8zxsVrE66BfJ8oV|BK}LA}Ah5%G@DV{rhYK><!6M!W#9>A%W+ZIoQ~;rAgRqE_^Y
zb)FxIa6n80K!Wo!$n2m}B&KC}lKanR*tQ3s@o}p2f0Q(M4(Z%srsiyjka9z)E<PZA
z1ow5(tK3i|sdsT=Cl`c1$^09uU43@acqaE>S@FJsf$Krs{uk1cHZ}ydDaZYM5l02H
zUlXkqA)L_>q+r)WECYpt$cu?m=fSs9XFA>eh8ti+SRg4BY;)1A{~Zmbpgs6sp`o=o
z#{JfRt&q&M7WzN2q}G0Wn*SkRJ%d5<D3}*R^ogM=WIUyN(K{%p(c$`F?;tD!%-X7$
z!3oi%$5@?X`#Si*jSvul8D;s1s6jYz*O_T~fyxw8al!Wk44#xNsOsGxqT*}>hKbQn
z>z^Yx=3h9}HUCBhmu*jAgFz)z=a9+(QJSBcebMBk|N0@MO<xJn`bu^|#IXYv4`vKv
zr01&J|D%)i81OFBY0Htih<QDK_dBe<E%MW#ah(AjJl44Q{+q;LlAxdZ^4JaN#!;+5
z;|4sa0Xm%eE7SzyeFBq9s#|y|$x#=WZp`xwL<&S3tH;{gk6Lv?C@9E2j?;hb#*Jm=
zXZ1AxYC5=>nE!p#hNfnno0+(;4sju)l1+i2@UMHi#s3uK%nO=9eQ`X^7ceN-zE_l^
zclLZc7i3;r=!!otoFwa!`rFTZ@iQm-j;lO8d|9Ai?&uxm-KMv0P93eW<_~pxHG7hQ
zNWzk(V(#77d;33l8}Z2aZWkBb=<ojRf{$0oIGj*9p+5cI@?{#GcYC;F>6;fu?aG$!
z7nR6A(BvL5r$}nWfMetASMiC@_WCao%g$L6_#tW0J9f@PogvjIj{oC5)4X65$rn&z
zvlt#7g<MmYddh4bYgqI<tH{vMqv>S$oOuYuc~q12e^qzp;Z*PMyI&$IA`L=@QfW3;
zD#L1^b}1@FnU<l^974iUc423zBq6CJl{sX#icrQ7${fj*nPpnTxj)t3-(l}_{y5j~
zk8@nEeRZ|7to0e*pXdGD_x*ZI$xd;`ZVJlEIg<qfJ{Gq1Gv=Mw9!o`CDwexWlid`&
zF)~EcW!u%#(&6d?Z<pZ;aV}OLZ5Bx^H}@LDW2z%?j*P5#F<c@ud(+Z+8`Yb0Z=77c
zT3FFq)cG_2BI)HrY=&gcr-nZ$tjU$TWeh#L$PBNW6*^>{;n7su3F1k#m&Q&v;gDf5
zTN`)q{ak<c=5jFWBkC>b_wKgOF1(lAT}y8>oiS>f4xBm13^ZPA$U3WB$15lP@bbG*
zTYH74RJw@h%a?ZPaeM*B#=`88QrE_&sdnDY9%Hv!vRdF^AfJdR$bUF*-tL&a=Ba!^
zGs?=GBn$Ki1(4!8)3AAR@H1zqVF20o({igm1zQOTDqGbxJNt{Mh;IOK_q0BZ{xbc_
zn&kOh(w$40hljCR5&L-ep`9<?Bsz>;I2=k!>}EzQheOK4P02Q5IUY>QT<e4c{c8it
z&T^*j7v{j1+16VUoH07cmU%*HeKnuFc=67GZ`aR~CrOH0_g@#DOvxw_P_gHtn-{h9
z{;}kPlT-fc&5KKD5zoFnm(*q)?YCV|ZTV|mG~1q{CG9snTUy4!bI@M)lQOpOae6$3
zCwLgm2b36Qnf%?gvvT#{IqE017$+IGWf$b0Teq;%KsuygFe=clgUYtu-1!wPz_{nT
zF7NkkaZ;r+H+bZ@eLkh;tR0d66^OS;B^VrJ(%4bqO2aj2mXkdVTb|*Q8r$YvAx~&d
zoOsFQTw3zl)s^^oUrz1TGmlF0e-*{)bRfFQ9&UtDXAIJu2@cMv8?^AxrnpB-Qgs#)
z*mE3DlbB=epZgofp)<3GI6Yn@@{pRQ0a+fBWOLx)jyXBsxNF_@m22Xj@G)=i4p!j}
zlBcAskwUD8;jm^Z4I)${D$*Y}o=@kb<m+=hWev&_mC~vk?*B$2UB1S-Sj+sOo&DAP
zBOIAc5WEyVeJ(Yz75G#-B~iA`rf%all~KNd``hGiy3Vob>@+nyx)7yhkH5w?tp|L8
z8QaFxJmS(l@~fjW40Nw&v&Sji>4JRgL-{()&Fo^5Ze9+d-Mzbe$zm>y+~qz`H!sc~
zO{@R#yy~|H_~muY{w)bI8O)K8GuJlBDSGJqRcO7XXJ|{mJLP$Bg~tlczSG_P{Tj~B
zvKFr<9@;y|zBqchYUG+D>wqN2Wkq4C1BqdzEA%)`U)?fIcp{%S-wAhjeYT{B#~v?Z
zHKY0SyBXh>sVtJTO%;32JR1_cLO)jHYrKISKkuFn_B3U8SdFa575Pe4@5`N?8G1)J
zq7xHOR*JPD0(dQU!}ntUf(}}mKwvSMK_c1R-@N}s7tLAL7}i+Y_wT=3o?4Y4L#YT}
zTGMlwU1#7zk7UgqUA9bKRaRg?HuqFg1Pne!vUM!8slQg>9d(zQGQZohKYe~v(IO#W
z;Cg|r@Y=Pk^2H$aF^%l9K)kDBMMe&zOHqV6`c-wbh}AW%Yb@c`;;~HNMeO|QCv@5?
zr%ky0M2u;yEv^lXRbi2`PcCgV`eSCP?CyygZ4v>?e{KGLVN+RoC;ZY3-2y&IpU(*8
zS5_Xhb1uH)zf8Vk^1?B09tWccyO|-=)Fn#`%&Vj_Fgv5}eNaZ`Spm@&cfC(V)ziLd
zv@Iil*7;`J2ZHAEd6sEOXB|q^;xP&oA~QnjzAu^^7#7Y!D#2V^9e35N#)j8^4EeIr
zvMUI`J7cNvlIP$!GuT@D$w$)CVyFwhTs!Iwv*Z9{oXw(;$Yj|!t5w8gRb9DYG**#|
zsE7-i%jte*cV+J74;P*CFN~ZTa2H#n#YIv9Y4}7vJ9KUud{@xL?5I<xQzKR02glG`
zR8v`vv`6Eutoha&8uzBW$q$jOel*j#N9a&(ppr*2eQD{R_rSXk@_k!*lrw#U=2B<E
zTa9f5<U~BC>lk|KtjThvZW~Ll;_B!#gELQB25g#G42Odrqvco5<_p^lw9KbPD07hL
z>z6b=er&fzO=9WU@_Z~sb{D7YGc@+@W~D3b;#*&Yb@kxjalfNQ#f6V_qIOkM*cK|9
z@j?e<6#HuLFfVS|vg?ekK(@U36Q!+6tThd-VPd&CZQY$3JyDw@e%_}Flasa%-LnVo
zXM3L&`m{&>Ok7JmkGrG3xPGPTTc&N9!0+Q@ZPPrGZJAAmxc&StpRLS?otCzmRr!7{
z?la+ux3PRPte9Nd;OK~4VnT(9>L82sAuKYmON}MG=&sDQgO5mk1A7}oC|7$NNuJ)+
zDPBh-BVoy9Hzc=7ik*MKXrUSPFaI`8@1L`sD!~!ye!Y=BotPx4EJR##n_&sqdVoUt
zv@UoE3tLcqd_isShVc<Qmv16|^XGWxrYK6Yr|V7hHw~~Ss1Ah^M~_??6p(lu*y_fa
znWFd<oO4_WA8J}Ej*}lu&h)jitP2ZoPmP9+N3!QCXNq-sU0v(G`020vg<Fzs&7ZrI
zNtbEb=EB=SxnrKsNETKupG%)7@*$S9hQ4z`N1$PYE00)Ne5D#^O;20+gMcpZ$+~9-
zhpqQ=d*s+_d@52@lX#%5VmO@dC(=DI!Lx~^!k`;8ZIJbDygJ*p?@&LxyKa-0i(^DY
zhWprBmQA0oBSu>pYh1IF;+ULz^!r3f>6heFb0^+&>2x|<Y`#6iI-%pG$-C4{-)U=3
z9!s=AlDauV)f9skKR`w!?oB<`7s=nr`7<in*2^9=znb4LGf{PEe0|=@ti^#gEnol0
z?f8CjGH;aszQ-`{Ic4PwgWpf$F&UKYp)x#CPh-yXB0T)3?J1f6B$N})Lx&3Wm<gMG
z>MV|IaZae>5$^4eBYhXAvYKK!T_tyAbONbvW!e;Xa!%~?U7@=<p4QGHnfa+uf0>mO
z?Dj^6zE0KWV)tm@Gt!mLQtabMjUcnfoUUlC!cSVzCD}eVd6#<RUG>pg{_9FS=hyOW
zh;pFwa4`m*2xX6rl)n0NN=(eGiAJ$M_xTHUdwS?ee^4#_s{`?6m)^gpa#r@9%E!=R
zFoITQ8etm*(IU>+1Ajp6%$-BFWq4`)n`5ix%!PXjhV8M5iN)ydJv_V?(<V(*w(Uhr
zg>H&naQ@5qVzQtTYLFifHU$Nr|5Fa<rAOk__e5B@A#>~z6Qq4v*b3=SaKQpkWDYUB
zwYl!gJ&ic_`?h88`^o=$O=0(NP7+!PgzF2Ew^)fw+));WQYX6%n}r8!?|p@AEoOoX
zVq9C&k2EfEFcdb1<|sUZu#3nJ2wzL<3elWWRyH`H1{4eWy}x%34A{g`XcF*1K={SL
zb&W%Z{EhSAvq1#&4MC^=_Kh3u5YS>Tpwo(-5h(MRj;szL7h~WyJt2nS=AX_gvT-0l
ztPl%^F-n;L{h<@#Ix~8wm4c8ZF?1X|I{UQ1V+_0#<opW(T_TbmdKCBC<$35LfZh5A
zlPrnp*Dp`=k{<rDo85k#C=Qq7!6Ms)f5_h~u0{lTsIiqLgm~n2Gz9TaKR|1Wkokr<
z`88k-;1*vI2P@NG0h?$KDC~q+;n}m-_&0>nmu}7fbUG&R(_~05A`M+V)Ca?-_Y;}f
ze`R=<<-XWs#n8MJM%lRCW126O>e3K-)?@Rvvy2=5foPu-=`}e1uE8P1FQGCAsB*&W
z4PU*X{Lf3bI`aR2dHMW5gljZy!(ntH*yRA6cp>KO>Y8=3=c&p>lLIl~9-Z0WFQPjI
z+b}Z8w>pD4hY+6!y&cR|VlF2%?A+Xl%hY66PvytIj{kGUrg+NV8%&pc{Hg1Xj^0>Z
ztWD+Yk$gb!ijegGBEmjed=@eqj=K+{ktUF6CK1s9d&wJ40lUJVR5PCk@b}T5AOlJS
zePJkSnMQZ_6$E<IDM(jkt*w+374O~=He&9n@sNA>-a$fBPnSRLfq)qJ1=o@cjg2cX
zy7&`xx3O0U*(?QCed{}=9XrC9-;`*Aci~vjK~!61V8pq<p%Co6N_401A%mKIY4qtX
zmRbKwA=<wTe?9-$&f1m3L<>uvBwYjez)!DUm79y$&!&{oi3en=nx>YP&|O)>jMqSF
z!LHtZAmoq1KNB!XIlmGxH~NO3;0WUYM~3D~YP0W&vQ?PuCu<rb<!hMan~cacIvSmS
zdI47H(*DUtm{Xj%4(Wrm07=c6ecvZLLM03DDYIq*1A+KKoc5it`FE%%rvZxJ0Rb4U
zAScLQrjnKw0zVerQ;v$Rr?2YA7XcsvCzVB=ukYWzgi($ARX-k%V{}DQjVD#yrybEu
zYR96}BtJblIVZB%f0;L$cqt`p%q=E5uZWD9BRJpGNta(jg#?CvJo0|)45cu%n6F3}
z>J5p61|u;DBm1Cb=6?rZavQ}+CNM<jcR|$_!rh5(n2>YUJwnNXt_v{Z9(0DG3zbbr
zUL?8nr`013fcX{42tTCIgYz57MMY$7Huk>jRHh7$(*E1k7_quI@e{+WyyNUcrulw`
z%9A1_2hiIkk>I1wtsMKH@$>nx;2&Zvcm4-sEb3WAjAh)a=f6ygdAr2Z^yA-jv8*=+
z%M`&GNaX8qiw+f&S%L&M5BAh^y5jK7aQg4Xw-+J~;c1C!xbKo#UFWImyj1h1TZMiE
zUN&v_xb$tQ<wsk5RR77s-~8EE0t8w*eok<?$>P(JCa`9J=vU21e*GbqvTJIanyixi
z|K^XB-|!Flld$90S9kJoahYI(G7#GZ2;tem3cA8S#{FR7AcpuNHaaq5ACx>B!IQ_2
zcaMcod3bn8)6`UQXu{#OWvteBP^QtVTLF3-o^IS1dmO+6{o(+Z34k3?h%#%U+cggy
z$j1QykjE452d|(#M`5}5gGLKFL3gm_d=;koAII3EuV~L%T_TjDZ+pA`Lp+t!cV&cy
zQQ|H#?&UXn94(ftWPGZwzKZ8~)J(W2JEvn$$<D5yLvKgMs%A95gC9c3hM;!&*{EPD
zJ^G<-=*vR>D#SgI5aRK-cI24M<-1aFh+*V(6cU)wVSzP(HNF^tvW(KCRE8QHj>s{;
z21;rL<ID2@iOk6S2On+z!+|O98tyIspB>4fZUbz&ReX_)G6a;Lc%&n>(f0N07`rih
z=Gn6Z2WngE6_K-YE9Z!=m%XkVXW|wwwLb6W-USKrzOlRfHSHVKmx*qeCFOg=a$(S`
z-!G0|)jO2(G3}+R`}4<XX}bnj=SKUk*gB8#cI|SdU2`oKT$#6C@S4bjR>|u+MVGdF
zFV%QIk#cu~;@QaD2?u&hS6tb*`|g`#Vhht@RwPDQ1KolcPR`R$gG)CtJN)$7me$m>
z%*4}f<6kGC(qNRmUmOO{ZWIC`$qWunr_*C!85b|Q_r#ADi^TVL^)hN)-R~p(2)uHi
z9RJx4O5fz+n&v)EL=yzvc`h1zUO*Rkp^(rw$1B$$ru+K(3PREf-D({M6F|k8D{qiJ
zEP;XxMAII$yjQPS@#f40)mzHE_n~ZW-$;pPL0E;q`wo)L@}m9=#l<&a?K<H4+iyOk
zq#0+#(*%!DmLG{{1<V#!#xXvQv6Nrq(_5-Ps#y#hY!tfG;jgp`j%vTXQGTLZ4iMVj
zq5^p0PvQPGQwTi;i~4PtZ<lrfZ}YaYQk%5Ra40@0=`gS#8ZkB74WCtq0=<MJ#w|4A
zL)F}~;7k7v+Rtq@^CG_e2M*jujQB>?xjX2ILw3;H9AoJ(tEOfQMR!Ya^YLaQ&m-!&
zR6~Di8cWZT&0jH1DV^+nKMdf<e)u-|L=@B!M?8&-!iiTdOO$Q#F+n!>0&DCEb;mYK
z>ZbaAg13+jT6<&lj&>_Xwx}f9zzRsv3JP9=_KRb+OI`heYwx<x$>!dNwm0Xh0r4bQ
z<$Oa1#Ve#))8rEi#Kio71lf4<<<~rjrS*M-0z{dKXadMU&Krzkq4FRF)`q0@z>)3h
z0xJWkDDI_P7p#qqHp+7oK{;Fu0d!{7%|Tb@lLVOBC8-Q~*vJ~<4KjQs&WN$`)9Pc(
zF(&xBfMft%Y`K-QrV{G4d$HUMb%sz7E#_Uh*RQ+J&Szl5uNS}BUF*D}`df`Qx&KI3
z7^+c;&NW@|3Unx_Dk|1|OABPiv%ER5S-_X-Z+EsVf{FIWSE`*(>$P8h?v6xmB_Bis
zc}(NzoLQu;as@^Vx~aM&xw-kryHZzoEZ(COdf3pAFG4Hkd@C+ws1KbI`##bfqunLd
z1uip)H?OWP;N@+juxmqX?H}+rnE;UCE<TU=-GYKgXl9C`AK(+mx(9oDzSUO3fQl>g
zKvu0qVb;YyB4|z2u_uy95CvbY13Y;FYI=hIi$N>|GbDTrE=NKO2WtcdkL$pkj8r)4
zb?WKr?vANh=PZid3clgq-=UI3m^Urb%)plm>##(E45BmSJYt41++U5sjWC6S?u2<Z
z*a&<Ur)^+9caO-_8|HAH-i-HkCPf6o?FkH)ftzYeaiVVCUDg`nbV@zWmR|JAwlx6j
zklW-JZ^G}00C=2k?Cl4jrl9B}V4fNp8eq<$E2tSf2A~KrmK7OWB0~a)x*g`kWFJ6E
z%w)6Z5pZS*68PrL$I=)GN9<NVjA>e=1%f_vAn}SxoWK?l{tav6H8DaI*vJ7C#Y7?>
zcve86E>CEJtBG(15U)&dkYMH**B$Wg?|YZ)Cy+5}P6qU8jrId|<OhfeMGqb%Z1+eT
zNgMldJqQYNfVXs)ALFd?D^><zX_5~wKMGcyRkjB+3r7<FM^Nw<1ol!aE8^b<i4j*K
z%1&14B})a@tzW;8B-6Le>HEEV<!8=YS*3m+SWi&E<%RifhlIpf89=9pec<?%1S%%j
zbC2dBiQxnP5}uKneldHf=P73g_PIs$x8xdN6tHzl`ALRFr)AHNyGBYXtKeJ3?{NNh
zAhTP5%^P6?K;^&wJi#`^40L!;?ijoy_;ykN^Kk!|Nh2k-`{JyEs>eS1CG~KP@)Chp
zZUG6al;-1ZgdGfySRh5BtO$N)vj?zL86%g*x~tCF+7`nJc*nX@bwX^+RTbY4-03I7
zbC}V%ChCVH06E1bZfJP;idM`X@KQ$Zd5PjM(tjPs=J9(4ch>138*~j!13&=GP(yq|
zEdJ1Sh|ufOZ#pyjdizF!Y>9X}p2|qfo1Q1>HpBrrHEXescSWFvFdujJScUDp1%lbu
zuxju9i3uMb$R2F?+Aq-GxGZZ~t74^!7cLO21+%2CVo&fG&~eR+vEnp+_M#s**ey_L
zzyoW$w$%7FaKuB1(GiSPk|!uUI75pUFW$Dv3Wy})jE$_!-jI4nfW*noM<U_8d-ous
zn2+2Iq6AIRlURTFz210&^L;uzYW5_u_Q93VxCxu~;lnpyZUU4B#%*HrZesG#h~=H@
zZj>1^Tw7O1Sdw9dMP_8SN#j!S`-Ql1>i+%4v2G;hXc0qvapzBd4br~Tm<J>|;p+nt
zlF%**vLL}Kz`DAcjYRZS)bfPYva_?3pvw_H^Fvq8t&=24T>dWKJ?=`d3*fQDxedQf
zWQ}r=JU}bq!U^x#|IK3;6W0md5f)Tp@G<mD?)jomdW0qE^y3b)9m{q&u0^pnT(wV<
zg9JQbaQe=3zLa>kc&7HxB`(Rx^8x~43K+IGJT$ZbK0A!}f-6X9b+cLWJEAH=;>K*V
z=xNMqc?mi|xP~xBY^^}UKq%<_Dm=o2aQB9fLCQS<&{4r`vD7=VQZK<M8Xg^8MB2(L
zY6GkVYy)C<<5%ZlwiK}6!7KJ$|INiE1EaF@Z8(Y`ht3rcSQ=He7Wkv11_pgE^D3ZR
z)V3QJVM$yAi^@V_;kAhQhrll|cg~y-Vl@3Ji$CALb2q>!tG92@42;?AT49#F9NrN4
z>S3$dPw@t0hxqzv`#C;zC@Bj8Hc)8-aC6Wv5)U`xiy3C@9^zeqP3$nXy%QIOfBv;P
z)0md2c;(k4Wk8^_;&)oFqq_)?V3q2kTL1dsg~U~Q%OTh4>{X8i4;9CB&;R<tv4{5C
zLgk9hcHNniuf{x<MhcP~@}daKSw|}EuAkpMPV)6h4TF2hXCeND<FrT0Dn8<+syK^#
zBIaJxdHT@h+rb!-@)fVU(<OIJ+EBUJmL$J30;yZ*3=~?COum}Zk|78lKHw?u+<o;n
zJt{|~(|dOpb>NI5H{Y`BYXuKZ&9nwHCFjo9xHCs3kL_N|n116GJm?UoTb5(T5w+F&
z>deZ(Pj6$OkAL5wx8U;!lTq{2`H%MSmj*0+6F4$*tgrsD151)Z3rNx?7q;2Xyb~6l
ztV~^|v_SW;=cCcC#;<`^=MK|-b6l4!3KV<uT9S3xp_R{N?1<k~B0K+kgFa)jX#T<N
z9%6aqDc`58p0*`|SCX#IQo$s`GxfEmWrH3(q_Bq8<5T(#k<&Ex#M?#NhNC3Me;s<J
zaXQPfi+x|&<6gHw!Rvh=Y|a;yUyscg>#}^tbWr9qW;ba!a3s&F3l}Xldc_yjdRZX2
zrzayUQXq;(zFrn#nWEh+$?|;B$|yQxFjF30BA{FOT*p*GS*ScZn!nF3thHtl=`g(}
zvfcHFAUCKnb3W&Y?8ud1r`t!rOspU4$v_tNoUL_X+sTv<lU4gjp0b$jj4TRi=a8)j
zXF3Px&}n^9(rbHWmIYJa=>7XQQ{#P)BvpjTlj+m~WX6XlZZ25OEE}ziN=x7mtcVPp
zOPyX+vC-Hsi_AK*pG@;mP5AnC=U~6TAaJM`c=+28&JXLANV%-k#KZqK6my!-+g#Uk
z*><p1>*KlYdAk-#o7j7($qY96%GSqSnR&Qth}yF{+`YD;_2iU(W8}|E)HOj9N{g4L
zX(j*854))u%MOu9=hO3t-jNt4$x3;&5A#wDJe_zQb$OrUidXaBZ>$Xn+mldQ*E23W
z72etw3w7t1ZPOf5#*w2}udm!^MYo(OCfjv<To==6$Q;_k#b9(z(w?mH?y;D%HOla`
zt$0wV1ffF3bQXh3S7cCP#&BVDSa_&CiJy<poOn<=_1N)sGbcoseL17BJ#JsT$CkTK
zrQLLnaFEu{)KfLS*2W5}SPCVGlReh3dMyl<;UR&(tQ0hNWs7U+8HGpVB}-PbqtTjN
zgbBqN^MyU>b-E$rS(jX1uUS8@P*5<#shx||R`fo|Xh)u8&Xjb*5}|ghnCwFdtntLH
zGtbg!DI;mGem&8~@6%@sH+%XTTsKi?%sDNEQPuM~O@@T$czN^i?d2SEb<W7{Yx|bq
zm95;CQ2$D<<Du^&`L@fgdz!CsHgD%IjP7rg->4>GBONqdAtTH=OK$U4q5gE+Ml0%A
zPt1ia;B>O-O4-G829zu{iQ{XtH>zNa`nB_oiql5EJ=Z@)XOc(exJ6#(#})Vj1E`mS
zduDt7%0wWwDc9uU4nE&Mb~nHA3UhL<WBpu2K2B`bmhN`+tZ19w%YA++;!S`fi?6m#
zdt`S=`H$O;M@D(ZM-CNubCPV_nOjJ0JUu=4%#%$53a{d7Svxa()v8Y_0_3Qd)lcu=
zEjh3mN&dX0OS_UJ(ilM_qw>XOZ{jpV+O}U@|H5N@!|L*mnbzXhN1{F)JM8(?yx3&k
zyx!_CPW|5cl4h%-cYb`YEshTy$Y|`}phqI@C6iAZyt})}Wu$HsBO_D93!+)*HQp_?
zYjiiPH@-A`Ws3`^B76m|GftB#Q%{;bDgr9yT;!T~=I8g@&eV(O^$)&q`%!pGWl>$v
zW;!&dvoAP!g=Z_<)TMSbtlQa;Wqhod@|f0=%n7&r)ugLel@&!=vt~js?W1PqrMfF$
zPdss@udvYRyv0<d3?*P$jMf`=bjXLg51tLVmxEIuX_Nge*J!<-E>|LXS{4VIcQd9k
zZbrmUO{TsbJn*_ywtzZi-`&()RrkqfB$6$*sjK3Ru<$ur$|qT$ljD7q){}~Fig^O#
z^{-vPgI#Xp!J6i|A<q4~-ECy9SA_FKZg-Fy9x^rjlp_*sSx;{m&a_~+to`#I)EYf?
zmGmLA$8ey=CN00=%$s1^$t;yyc75#{B+qrrNv)XJot7uj-d3D+cMDH1I3~YawfJ3m
z^vI~9_2}_yuxwA#j>pR7rY^3Z$2%Ozo{}Uv*J%#@;qy8u-G(D0rNZk(yiwS}?w+u@
zdi-KLfq9)>I^LJz-m~yYZgWpwk!b;mlrBrreRa`T@zM9M`-wB8=Fs){%aG}zaf7h1
z!!t9jQS=GgKIWr6!t5CGqu%~>Q>N1`jkCq|bsxDb9TfdIIAltlYgq{;zqSW6F`9wf
zGvF_mc7wiZG|2D6-|AL1uBYBI$#6)mt2ghi(RSWG*xX=XaN$yy7O_q=%c^rN-D;gR
zx|U-=MYl~{#8>gcg>CW|q_hs+_fh0snt!=&V>iux(Oag;c`J2?^XqJkGTQ8MQ(k{t
z^f)thu{C?ryTCE|#B$x(Z+bc{@zGhLJDi;}=8HYcOPQ1Kt*bHTz)@><MSp9!AB!b7
zJ)@W#`SeH4Sd|;Yl*feUfgowO!MV=D+-hc{-Me^V3;$@)wrOwZG7?a4Xs~0IE6J}{
zUWWTOst2={%kK?ax0Bbb!F_7-!6;GT`=sXOvlQ%zdOACu8q>b<5Z9G_FPX&|sK(sv
z$j$jAZOOQ#8!1_zgQNtGPTgH0J}5U!{CW57h@~+bv&CIY7B40ivOQgu`*6W^lpzt>
z!<jdss<KdYp0l<#SI*eNw`OnBXlx^$&pH6w)B}lK)D^jBu*bKJ!WLCJZ~&L{!|xrv
zlNGdap{H(ik==O6g-|DyGq8>@D6Vs(hllz5`kGkdnVBy-Ew>EQ*vo8ORn?X$-|b<_
zMf`Xo45;=8V!Zbf+qAY=@esLFuOtF1T(|-mA2<iN#Xs0wJJDdmd^&%Au^~IHDOhtb
zmnT_YFx7R-Uh5_w10>F5kLq0L7(0JjvNdDdWJ_8``|yR14-GxgTALU!7cE)*dd7E+
z)hp#vYG3v0Y?rw5@{F9b0v<^=;$fvF9~{5mQ@BNHI(aAQ`9l(pL%m99TO8|K_0dC9
zwSKU<)?s|NzfO$Z^cwOJkKdhzlRZ@T#!&=H(=5-aIdDgknVWG<JbeDWC~BYJSa0mm
zBx}O-yv^R4s;EhYP331K^@^RNo^Y*+iW)8`J2;8H!$u{W47Z%e4l~YT#kn@*pDWDK
zm{M#AVX|YS)kJVRY!q62DEylp$DZ&q?$^x5^o6esuFwq*OI%tm)ywN8t@ZZf?S)^L
z@h!M9o3x<Qgt_F$i}b2_TT1&BUL`7_Ck(fc(CGO|n_H*qTV_FKJrWr<7D6*A!6eOr
z<?UR=q%V|*9YgZow9tbS%KTD~C6u>2+fclB63hBn#KS3T{+|oHy86x-<wcVR<%u7`
z*ZDWffA%t-X-d3!|NEK;F0)_;KGrO&sJIA7f?Q+jnKRPp(0uM^=y%Zc%FZalqK$84
zL8mwJpOv^Xi9Zn#HSE6l#CN1tw!3@+$z=&(`8s(M<CAOZCGLy{5|@SqzswpU{UUd|
z<j%|z&BR(Vl3Z}zkDX+?KS!!EOA7*P9Q?HiqfBg<>c>mNP`m*6ddxut^E)rGpl6{T
zQ+uMNpot|=GPRHRNCG_GwhkoH&rZqml`A_uifT5DlgB^mxb!}cnU3>t&A@Ob32Yz>
zqXN|$>K_peDKv3z-fs!DLoED6ye=fa!=HtgEV+iZRObxfZ6M~qa3j2^0GFWyXu35V
z6y5;vd&2EIIywlvB@!L48ylAqs%M^i_S0z&LifbW0u4h9gal|WIF-!!B2Z$T6(He2
z{1t}$4q=~`kM2E2Z@zq=7|p5x_EsL-AEHO7GxMy_Hcg-K+9FFupoDpaHYVL5vc3P=
zyde=|H63?E*ssypr%beH{Asa-gob7$cBcf$8t^Y{>~*Wb8~3HKMndjwKEDvVcRxfN
zfW)%Ya_)p&;E5P>-gNJV)8U0?Z*XA#ATxWkbM4)5#u2W@-d321nnY;TcNUA?AJ^v5
z>!8H5jnZg$S@jBehDZ8n2-22?D+x#k&BYun{=r_mEv(vSMif_jmSeXK``me=Rd_bl
zkE+)}M9h$wc$0d*M$Z20Z^-0x67cYVfW6pjJ{A74XzXy<5qcBZbZp7G$F*#YlTt7{
zgUG!AWv+hmqzI0bX_|gNz4ZP2D^=&zaR?BPJU!vnc$`UeuyJtFQ^O5zYYvz90ex&n
z)wu?9MgwYuiI6XPXb+K2!!F&<wd+d5a3X|r^erb_*-Q$K*tYmVn}qgCjIo11f&jjP
zSxAH=5KTGY>h7-kI4X+3uA-AqY^(|Gi9}4xTp$RSF$YPVOX@26vE|9n&!0O-q-TD0
z*NNf2;7gyubTm34ZX#sw{n?5jcxB%iD8p!PqK5_}!n#I4$k7*-vu(+FASvcaLmjz5
z5FMW-m{TI5&IJHU*l2cdWW{}=Ws66o{xr7Hn+(VQ-p7)m#SSO#?Vqj=8jVRA7z?~h
zuXlBKR4<*>QzpwIctngqNG_HrKx26bS-L2UN<%QKe({gi_$`0r;4>Scs=T$@s%dT>
zRZd4>=biFkPLx|KnlRvWtZl_qztz&xMF}|-;Hs|&LGfZ{V9GS`c&Do#Ym`hNk8r`k
zAqXLpa3%r1g$p{sC=&pITNFn7(vpc*7Cl`7a$)&6ZL~sJ0sZRF85g3sX3u_)t?~B~
z=UTOd_Vg1Q&9;U|KYX}zKkXmdXZ`K{ae&v6wjILE6+x0c$R;73=MV+35m9wb9dSov
z>Lp~q&Kba73Qgo-;lA<IF>R7HN@nYT2Jq003gg3RV2D)J0<sUGuLih8u1r@=HMyb)
zS2wM(xnH(Dhn=m%YQ`bPPh(koUs|eD9kTJH6k3eO^DI@V5f^^w4KXpy4#*Am?vBy1
z9kkI&WFUg&&5L||-oftN8AE11_whkn^gY^0cT{pOxi2UBo~-gO5p$shx!`@sy9~9-
z96AUHt8k<{T?7%9-;oy*Q+56L#lzx;Xx0lhPLrNmpoFR@92^;TU#@-=MvOPXO=9!8
z1;}w`A7ev)3aB@}JRfb=q0!MALtCD+!wA+!VHw3bbJXS*9T;<;hiE8~2o5;zHkta*
z21sNPKnPs?J7a2q@M!ra&qIRnud5a)EI$iG9-xbFe{<A(0O&L><S&3(6IvI#u33zb
z@vaA#`CW4*@C_7`RmjMTss?fZarEk|SrzBjQFzZX2^j?ZP*XI@4ot&S-aj(&Q>7^%
zjmc)#1Wl$LUdFcQC^)6SL4pucepV*yH)1(&HdP8GtOj4a1k`q-uhU%NoOl$Y1#Cv$
zfk%7x;srrgM_xuAXktv8C`}MU7$}A#^96fASpBW3VM0dcX9@d#BKmzwqW%P#6kyoz
z5;2D@B{vOIvK;qkYGid#y6XGJqluXX2%h8o%vR?@k|a%e?~OvUiA;xOvC-M>eSJ6J
zGa!Ia)TvU69A?4++M2CdoP?=Jm=*mvHFYrpTs9#ibRoTt*5ho;^VBV>;uH&J{Z#UD
zuQw(kv^8Cccl$JL?~|MRBU^l0m!u81HV;1<XTbR)CDmJIqhN|B<UKsq$|=j0vD|!S
zMEAiK<TQhm^54xzqj~R+Gf4=UCb%U$d*%rxmIw+5%seKMcw_gg?>d%sY@c?o!2J1z
zNG2v@>10gT(~6Ls4&J<}zhfioU#&}j>tC(QQWW`^D?)0Nba#$f#&=zYz2zmebaaK$
z&GSx7Ol(ee1YO#11YsL7oM|-U!fI;Ufr%{!Q3(btuhp7&KON$Kj>gzdaLk}iS@-tO
z*PkvHNn_PFuzu)D)%hpc^Ci{9xV<>wk2sJOHCy<yD{Dt~-dNpKhhH6CN12^!2p6Bl
zVI7?gIa<na;zhS-Jp<!E+FyB>tvq}&wtoH~jjaYowb+0ProF*b!A0~b0Y?D-<9tva
zm`g-_5U)>w{D}E^4vi_IY12Q(jsSZ~3@=1#6q*h(Lbm+kSSpJjZV`eW?m<t9Tt^oB
z*id|&L4>xztS92Y!0p{vcIMv~AhyfU@c!)ysPVgyjnYjp^o4SLAH+Mfo?jfA3RI;F
zqsL7=ebH@hi2pbM!VQGHc8prs2Rl|lv5J_;f3-oy^R5xkLxNs{=C&6`<CtRQggEoz
zeu7XdtZg_FUZB^gAp0I>Mx&&T1u9xF6VsRx<FvcO(brN~ilGNj<haPAjxtF;LGbm_
z2yW~gd_UFKJ6&zi6{x7+SXnz2Gd{fyrk1h@<$6;wtZa3|kDg}N^AOkGG=FansROi&
zRU0>!^~~Z$goe;9aFZ!Ow>p__6Hz|P3r@8=SV3=q`T~{d0EWJlx4TL?3vGk)Zhs<A
zpNXpE_Pu*+5rRXHcJ+=O`nV~B#}HoPFqs&{bu9HbZ|7rurZ}&h6Om;`QS%;f^yugA
zABh!y1j*jt(DWAe-z&1k;tl{fb<)={jo=*?n!-~G?-Ax*wP{niOa-z{zLAlUB)g0@
z15?vS$o&1G72}X`I9d@&Y(#{ma9t8ll=tu6-GuzVnpppD-?_62-Yy|DcH!-U1e$P8
zt6r1>!2yXE%Yf|ItZY)0k1IO^>LxR>jwODdIJTXC=o9mv{$CV9KW@pbrG8ZWQ`tPM
ztC{_89p(MYTgRvO8^Kni1{5hC9;pWDc8gTYwz0sQ_UYdB_@Fc&?m-xSTq9?X7$ru2
zgsk=jgX`5nI@{|fTvh*NL9^bUFMdSAVfo|11QfU#2P@0UQZMzJQ)7Sj8M3Yi%_Y`o
ze0^MP)0_RXk`@$XE?Tq5kceQSu6XK3ZTDRR;98NIpU*%{_ROyq#ef~|^4>n-tS2b+
zcSLB_<lzwr`c#Q(z%y#kff+R)3Hl`Qez8s9wt?t4&?h`F_n-C8(R+I^JsBsz4R(^0
z&weO<;m26pqZ_*fJSH!A`En5Wgq?sOy*x#9a5vaH5VeW2lQ0KaRsXGuFHx>B3Z|Sq
zITx~Q)A@%rJ@^KKy>I9>VGG3DKz*{lk<h9CUQuu8L5X$`h6A`0pf}h7m6C10OjHzy
zhXY7*$l2K)&e7zwM8%2qYHeDP*S)<9thN?_9tE%uM$o5xo2)IVul`dYu0NFzP&&bw
zB68yJ;9*S5wOWhg)rtxV1nwJ*7h-%NwjKo9>b5Zk2;xcQhr~a@;)Y2DQ;|>Wo!8Rh
z_uIP?>fMFjkLz&Tytqq7@$EAQE-4a8YL*}f?GFk#u}|G=X7;$b?<>p)UI4m8p-w)N
z^7&iE4+*Zemhhm0AM@#zb+}RH-%ITTgNz{7$Gm{1(n(KcGCe3L=vQDp3XxGLSYaJ{
z8z`E;lr=$5RG2*wAlE|$Z1*WN6HNKM5gE!7!UB6kD<%lrJVC*eG>=?ANpg!Riyxb|
zVAP{dv2KF5P?K}Cy$nFf>HFF0E_@r|{Xk9K1aod(E9gBk++Mp7>Id{ogOA$_uGe)v
z@G#v1fN*{5Ka{5-!;amu{e5LjpTrb=>QW4qwSKkz22oi5rSE)d3QdAXm#{k$TPR{i
z37m4P<55Zhf<s_Z?RhhiZdd2RvOywdU*pDjre(5CfAJB`DSe!|FJM9a9yPuk){Edu
zSPphVI3*D0n9=kYyc;;Tj#PsSU>WkaGVf(S80KEaiQdME#Sm^SgVJfKxPErzL5*4o
zt`w?0Y|~&T(vxsF9QE(wpo9a#bOUnmCUW=<4f+JM0_^UW@9i*PrBi4mfNJFK{vakM
zrY7~lUG~3KS_O_o`EyeJj&+3O4LM;xrzvIHx`!(%UH|t|YL!vYToOU@T#69WW%~Cw
zSakeQbCF0WUre@!A31!uEj0-ha~mqet>lWd>Z58TK4CeMXaAF(XMahl)&o1czvEMs
zbm8F(p^}T6+iY^^3*I5B!K2mUn_lbvXI*s1nn3J9R7F(+TwMPM`Fnp~Nv>bwzn3?%
zq{h7NwvB{}|Cju{B{b=8#l+(#dOrs3KxzbVS=5_fJRi0iyRYvA-xe0Go1y@H0<a{p
z>0B!-TMXmPFnDnm^VBt`NJF2@19v6XcYv*$0Rajqt2?Qd^$A~y;s7%~Yg|FP_JaW3
zj?Z=?-9}t!lRlS#fB>8n#C8CyW73I@VBEij^{juS>;D(6b(8&Bjv~bDLsc%l#KS#Q
z*%_!5dyV~xv9UpDK!_-u@&RnJ6qd8^LM8|Q+eD?+m)%&<lBbX5gh=METBVK?czSxQ
z=k~2zD{xkSEGO~opU;VI{$><0r(j}nSBb825V|oN(+a={c?%k&*nlE9oH$3A4L_x}
z??<NyPc3Q&yj=;2=G{wRjVZ#^rDVG=`FZ@m3_Q;$HQ21bBK|i3%*DW?wA7paddQ7m
zc8#j~R4?D81h)S9UyU`i);`p*OKA*EO7Tv0f$idsGBvY}s77mv4wIm2Mw8=?dh)Cv
f4>kN}#|(Qv{o;XI>4;M#eC^lJQcu`za`k@!?0gE|

diff --git a/docs/multitenant/ords-based/openssl_schema.jpg b/docs/multitenant/ords-based/openssl_schema.jpg
deleted file mode 100644
index 4453d52f27eaa83c6891a9ba6c8bef418b89ec8e..0000000000000000000000000000000000000000
GIT binary patch
literal 0
HcmV?d00001

literal 54221
zcmeFYXH-*L`!9+O6#=D7bwdc!0@Ax~DS?D0p$VZ#3j_#AZ-Q=>-U9?e-IN4El@LM|
zlpd;t(2Gh_ssaK6f`|Q{_uTW|`{9mrzTETS{+~6*T5GH|pZQyJ&fgq!K4tx$`u&OS
z78DEt(_OegM|a`;p!+>br$u+^;y?1w`O>*uroa4;T%)JILVx`l1H<)e*RL}$-ehFB
z!F=QTbtV=j=9{-}vD{){WMyN$#ddyw>z_(4{G)m4^0jltTQ{!XIDh)TDZk&*v0S@&
z^U{M$7li08vRt^ta^ZIu9sfU{dg;PHLicaEdWHVl<xAHu{`1=Y79Ab^g-aK%T)Dt_
z{<#d-uF_q&c<J&L`l~FgY}eSi1Rrw<$z+T_<h%`#RW@-5!qkt^gq1X5KIH3iW{!W!
zTlz+(76KKuOq~K=){&?p7Jh-~^dg*sc3N>Qar7L3?;Q8yKluLxosRAb{iVxSFJ8EI
z{#Kjiyb~{7x<G&V;<bxcnEokq4$pG=il7WV>q8Ttzu1HvQm+=W17u;f??*pte&-Z6
zrS5QW$(uR)zC;%hJ31GC&(JYmI>%tS#6tIg?$q>u;{2bw<Eh^+ee$zMZ&)nFUhZO#
zHY|%O0FAxjNh?WZJy;s>mvH{pbefZBZ0>h(xBaf((-Y+Ap8iFrmU3CnmkDXsd@$M?
zs#`<WDu4FK%ib-@m1iPX^}X3oM%wIrw{zj}KqasKZaypspdA56^8)1d_Ey@?o+lCB
zw!1b}_Bi^<bonoJ5U{aJop@J1!TOVW9)m@vq`Juh9!EL8Gn0Hvk$^TT7~m8-fmtba
z;@?+dxJfMGaZyB6=e*SfQ;b>XpCj+2dN+B$8S|jO5#Vi-1g@W1{hStZkEuSu39INO
zb~D6tCI;=&_3KbNYQZVSc6{D6@L|7Qk+XK)eYgmPR{Z?<a<y7SV$@-@$7YViwMPmD
zNgkfqBH%9sbv(m59UgFtl-Y)!JA|ZuYx*|ebytb7IpP~zp8f3D;7ci=fgg+de(bN5
znTXNDia7U*fl9FI-k>p?%m(w+h1+AfTe+O0s;B~&x@{@Ym%})Zs}OGmMP9<gdv1Py
zLUYu&1D|x;vA>Ll#Z~hZtldxQ28|)#v-Tn@49iMQbwia4ZtoU|(b0L3|4;FQujmY(
zK4rbW9e{QcE$Q<q$M_uFilSu*W-eF>Qtb;K{XC&OO-3bq3;lE<1wl#fvK}&nZ^>J`
zC!t+%ak;K9kSIQ5;X?I5T_H$n{;K<~94O|=;*urFnvjF^3ddT)o5~c*ZJ*Khw5s}m
zRVI&)jeWs$2C-st0HKGRv#E@j{DW9r2S6!)JxUCevl(9Cg7**Js#=ks-ZZR9MW@xW
zJY%H5y;lzA-SMZP$WlnYBlajbH^>pdz3M0)SH~Y>N+=&vjj6Cq5-B@sN;s_3P>#(;
z<Qf}s=YFZ(ztW90>hOw7j4U~>6+ppm>7Ot$DELC|%;>g%{na5YQD;O1=g(d2I_?j+
zVQuSf3La&R=(H+}6?yI;(DVEtF~?jDwmhwn215SAk`z*7PWR-~W5plThj~GSPFTUu
zk=S3?NKyMEkMn&%3VE|24_PQIgC#rR?6OV+HWt)2vF|l#*uR#qYL3m?&pPuH-3pk`
zUYU;fH=nFh?mE`~O(z<)ztviNXH1gqUUFi2uW08k^6|2$agS+rW2v<zXW|uNgK_qa
z!N#+{Cikm{BAO*8OiX#;35CYQ3^b*bN!T4C+L{n^2s)dO{$u6wf}xPWrK0pBNru5T
z&q*S0$e4{^x|I=5-!tX|d_VSb#2VJC2(qp1>{L@x+#hStDLGv#t0h_3P{MPaewQK)
zwP)Q0jrh%O&Y2%lio!C$a&l%ThNiJUu!9`~#BP(1vBN@Q$-#Izf!f=#?#HF&!K-Me
zof_}OY2(oT_i=H}{f(y~WYc`PwO$8$B&3oeVUnGmjuVBY7YWG;NZz%o&23IPSY2qI
zWc1@q@%bj`yj9OMv$O`J!jpjAZ}7AkYLO4K7(F=RVA<Ka0O_tCUxjZ@O<oFAxhQ`q
z>$N^iY|1A!JW->!QL=GB?*;U<Q2B)KF31-;qvfWO!INS~XK&XeDZ$(MtLgGIl}L_w
zi0>tot&OD)dW^b&AbKze=Rgl<-L>46l2p!a4qa}%ynbRynDGdTYsrJHbILv7bpS_u
zInL?^-f#y9$(pWNk-^|1P@+AX^sstlWj46X3K(x)7~8_j{F|<ai>E1xM7#607P?sX
zl{=eLTYqYh>T+;<RlV3~buRGv7FR%Qv88WV<-ncoDrvD^Cksklh5&CY>gmQ}N8E3^
z2OYqA(8P6p#hg#>!rQ8OkIgkWFWtS-xmNTrZXCApxyR)?>N-T;P4oG;p9Np!F4U|=
zyBYG2Z}N6AN<R`6o&;AUqdcc)y5Y1$RZ2@oh~i=zw;R+3h#s%y_1L>F;xzth{Xi_s
z;V|??$o)HqawdxI4C{5kWCy#aPABs#YuALy@4wIMdk!AE?3nxlznX4&5Un-6ce}9f
zY2_}y_hMJMMD^l8rzdrdf{^9*VM#II!EchszwqUP5|YCcg2N<Sc5u_{9E`d8%7ln7
z@=bkDsyA+sE0TU(wHQ?-MwlUHfD)T-G$T*&vp~RwucHDJ={(=^rXD#^pK>7qkXlFC
z>EXv|VPcKRg!~`ohQwz8<&s^ksI%3X9D9C@W^$=@ZNhpuS#N?r)zNaCJ-OE*o`Ekl
zUO~0Kfzs7B20Z14ScwUzStmN%y#4rMJnY{1^ygzyGSOO1d`)Ioo#?ovafOQZR0)5w
z2h~>(jR%rQAU+s^R3(yk#Ca@*`C>4?kzXm^!bMZ{cV(j0Yq_|*u=_K?OSi_F-+CdH
zg{ihXLfebLm+WY?>U?oepAhPUcJ}-JE9j9-i~f4G?O8QP#m&LkuAdd<{p=pzPP_ND
z?HsJmO9iD5y(iRP;w?a1pp#JQa0~vt+vqUSIR|kimRc;!E(F#1^5CgsTPZ))P`2@d
zO_Yf3UuNPQZwF^|g}Mls7{nlfao8F{c)PU#4+>~>zia5R)Ya9_P)$RRkX*(4WYibg
zXdzXdSP(FRaZcPI#I)!!@l^uZAsuVjxKSlW5er|{*e=GulHXzeyIW1)Ef852lx?X)
z2wrN^;ZGgsN6vPsu-O|p-~Sefl;TZFbH)`8p~2DIAtH946A4?;v8<z4p&@_=Jv06J
zx+cvEGjDRPlqO5*@Qu@Cm%cRJ{k#g~3Gx73+qzKxgKH|nEN#fweZw6tI`yN8qXsOl
z%!0uUq3Z9w$9=64rmlae5t0P}ZzaB?>URzjZ6s7{C;T#y<<%~a96vbKdz6JlS_#>x
zeDU18B8GM-LNO~6V#5$-vu^SP(R&*ehK6II>Ud73fHLLr2#7O8*=)Be%iTX;ml*0P
z=Dc_)tI=3;IOSQ4-ghLPrI``2$03O;WW{OzA@z7h#J8&lWTg~BR1ql_Wu=&;usUm4
z(h&0FyYB;8=R<(K_5XK^@9V(y(N@)2{^s%E$FH%|I5Ug9SP{wI96v;Q!Trm`hu?L9
zUdWI0w?vQYN}I7Ts=~tMgur7Nc7*S3a3=fiwfN)^w|2hYbWpvKvzRTL-*ms}ZtWVM
zn#ld8^Q}E9JGFg=1<D$L=R-u-&=~k;!Gpi<WX?ElO}7NNZ<=$Ms}u$2?r|r7?lp?@
zcB?imX*U=%a4cJu=~{fAtPxt_T5=p*zn54OOf9Y$qTdXH2ag>cgTsE)#d@zSGk(d|
zD%tAG!_ONWO2s|n&QT~zWaiD;qL9tM@$?;Pj4#7Edv_KXmQ@v<d70s@rYWStCNLs=
z?%+NX_Dn2<<>=0mC&EdwTfvFBR<N;bL)VyH?X-A~tTD3nv!Hh`p6hF-_iB6tqWqat
z%*moqcr&#9*u3SALWPf^9oyh(o!sFDGih@O_w&r>Le*0mqmknta7Oiq$8|qjIcu0U
zBtR5OsRIom_lytJqYbb3x_YlW-TqCt$^V<~W25L&j#s95Q$-VpF(fOwMEhrms>rNY
zwmfDvYlB5@ANzuyP~bZHChLPxHz6Y^Jm`-_)3Gjj+*&fLp*{>#EKC}31Hh9if8vC-
zZ7}#*yEh5EHohFWb2;#c)!1e3lLss%Q7-I5_w~Lhg7lPrVt><BekDO=KjL5B2mZZa
z_5#|<OS897t=OHj{QCaWLeX*UxIJdE9elz3g7|lDlkmsuH3L5O#aCa2#;^C9N5JDw
zZ(lLHT=D*`&c0K5JE%J%L4avpx`N;Q$V=kK6OKo$HT3&j<4NVe8aR&c1uK=cRR&nD
zG}es1F#q$vp#G}^|3!<l{Lw8fpYg_|@z4^gS+R*?+@=lnrQA=>AFE+pYjO{$7x5R(
z|AUJ+|ASHtW!EkLgNy3_lfCc6{|4Iq2N(Z?y>#U-GX8^$ul|F*7t8+(>fh7<|BoGr
zsW9Bflw^nTZ*h4bHe9|bWjJM^r~MD*_O=;2te+*sQ|uAH>Fy*2U8Zqo9+<wF>v&!J
zs~Lw`hQ7!==|Y-d5b63+zv<ZbvlM`k`w*=d6Hk(G`V5BKP$z&9d0=#ccaB=aSAlif
zx(p;o`l5M}cM*I`X0V|JJKr63+YVqMJ=!pR`OYEC*|~$Uom3?E0EBi9OIni!vf#AA
zy35W^r>xe7)U&9ez)GKmot*<+ck+PhEN%YnNYHyc&21YCbC4KoRCaNFBVf$6s7z6r
zv^?|amIwfi4A$M(sr7WJMGdOfO>+r%P&Q75&EnUcw;M$B?Zs--cFvOOe$&~Y_of*R
z&n|<DWoGEqzaDBB#eL~&u(WI1*$*AxY7Td4kM_;allhb#=p9@zYTz)OR&__`2chAS
zn>9O(4+w-jko`waFJc~a2uTYGNt2!z!%nB$11svz#IPsBa0`%5yxC0h_b%O;dn=XS
zq-$fV4;s?^@H;$iK~KNCN}HK*1`KhCZ{;Gd0-5FCQz8u5D{1*g?1&V*LxTa^&ixTM
z5u)ljH}{3VBJc}W*A`QYZtC?A#@Oo0(lis(E0Y2yKw-3&w9E$uoR_a=yn7E*j41+}
z-()^tPGM3g`{1m&5>Qfp_~El-x;8koSa~*b8OM?;;RKM?=#EN4m-66hdPSco&=bog
z9u@Yuk+m2VUuwBQBAju;I%k*IB(eeSQRUt7D5tyk(?mDL0)z}KEbW;<lNyHZS>HKF
zI3ZAZQXMd@{3*s+w>BhobDFGG_Shn2sfm5d3E9G%bB$Vwm{zm0NGC2Uah5%`4HR0E
zt0O>D7to98=~Z>X=_LfE?-wXmmTq&^0=lmZ$_MzXt5a_<rMc2?7Ip-BaMs1f$}+3y
z2Dq=05V$JV$H)xaeQ%a*-N$W<(+<6GhhExi9`qOj4I7N70Q>qH9z<hPBm4w^+%8Y3
z<Lq;t9)ILqZ()kG6P@rW97KI_P!HRj?R$tN*8mR9v?IV5;RNf9l<ta7=Q#+OYTZ(S
zy|rCg#bwsSv8BYUm5|ypY^E6d1&$J~&u)F&AzX!=c{=F^`ZL<}@q!6jx4g9(KQ{g7
zk0vI3Ui#)qX7O|t-XhIvHwlyIw)d4a=Ct#^?)bZlpyHsKx8==+Np|b|k#8$`4=uU4
z@`P@RDy%0mq1whoU07L1d0Vf8i#-qL4t=0jEBhldd2#tb?!hnHLU9YzQw`iAqxy~H
zEbnHj$^fcwD}Wz$ZFP~c{Y@T*gf)9{RTOc2idmYD;umOmwA5lZd;4YOupgrZenBHI
zIw)1))_lV9OHFGz>*N}K#xk_-_}mBa@IqoJuPxI=rB@rJbhGSxj=h^M<c{d6`y^%(
zG~gW~jDUMdyttI%Yv?vE`ZLduNPK*|s<M*m0@kxIb)4+&p4L{fjb+C*v6?=!g94PX
z%p{`!vX8NT*$nR#4~@yu5zG=d+~+t*q=hy||7|t-5D?Gwwg0XcpRsv57C427BpL&J
z{U_ikqJB{n_v6HiyIro#T>%4_C*}2-x#{b(j;a$GRUo3f;w+5z+RqvWwNiX(f&~gc
zT&BfaLqYc`QnEI9BL#Eja?>#{p(?S6OJYcH!>j_(W#~#%>AYpD&hqmM{a#-{71t}9
zs%ZNfuVz=iRrM^;GAaEr3j<Q$7{X_bRe$*Ttj?j`*0F3!3Vi8Ejf@$(OR0!2*{iL7
zx~|qsN2PUf2xVW%BEv}TpqqWqQb<E6U+dubzmaloGoKm+tjf~Hz(**ip<Uj@&;lzp
z@idjvc=2zKl1`73>qp5hGHP4yzv-@+Qk`kD8UV{+%|wq+MZyKJbL(bz!fIlEQl}CB
zCh`8|2@@gtvKruoJyNIHBC=#i9Flr2o6b)({`|KgbZNle74FrsV*VJMJ>dP8!%H_r
z3MehRm>p0jk4*(J3%bD~#9(H+wW%rl|5Dj)aJAk_`!VzwZ2KC)lm1J)H7x{hYZ{B{
z21GzKX#*u0+@6S;zJ|rHt7ZRExQa2)^W?twdFV}|fKGgWGE=D?lnY2BH?T)hU7Kl!
z<i){wzs1Nq?-F{C6lbdIf0}rD7IlXXKkRxvI|5`tA1O8%;`>GdYVczfi+LmQ9uHm`
z^l3b~&sM5g87b7?@5Cacjr8tIIe9&cQbfzaCW@!fXdyYd2SP#u?w&8B0S?oT_vgcl
zB~?9Dm&HWGK~3G_pNb!1SsMv=YmYXI9*|x*(}j3QZg^EJ&6++27tq6zq3T&9z=`~a
znB@|Xh;z|{H+=^Jf74x9sjaIjjsI9x3D8WWq4G(Y=oytp5_u*>w66h1OD|~?!Le{*
zQ*J)`SHo{gdZ<nl@eiXNxQ`UJf!GAnu36&-jCB#VsCW1<n=_I{pa*Gk=Urdui}UhV
zF~ni=dYeYQ!fWJr7jkAXC1KYVxy<ba)ubYzfD^`KhxLD|y~CX*WT_p|(P1j%*o`v2
ze=;DfIEDn#>P3J3U(L4Wdl@ZOmYCwi^%S(eDm=;Kd0jM>e>oM)UD(Bq(`n)kxzm+E
z|K~r|(b0uCSxpRO$TF&38==(rNDjJ`qH(>}DVeO9th&vNA4sAx2XfGuGx|UO&6)dh
zBHGn4r;)Gmj@@xH`Qe8cJrte_C%Bs&0fn^@hzM<Mb&|>zW>XX1KYFA-!N&(7)$&uU
zCPHcyfUKNWj2txHS9bS7>}|#u|H3~%bxpZU;S7uA1DiAqB*ZkN5>(jWsKd|-#o5J~
zbf~35Do%|nJEpHemix*7Q2BpcZ`n;@^=C{<p9X9<P9wZ7X-N32R59hGtY-TAs;1Wo
zDbn^vZREK(J(8&8`Rg-3R4h+Lf77Mp<A2l9+S>%_*8l$R6<!#S3$I!P7w?^vpJeXX
z7BovYC7ph3e&C~^@$u~8sRV98RlV6R?EA{LAI}^wKRis7fN!m%Dak26?zto+|G36L
z*-$TV*xl38G3LuW1R6KW)(e=wpWO_vjQ6Nc{7v_`dF%LH^qF}fJGnx_sy6lM&@;rB
z0hh8}ATT{`M1Hh#R&zp!0(scHR+4Z4@Cifp9WsL>+U;!!<6>Sb*bZOWq5)pVW)6-D
z6kD&L-JmaDgK)L%yhtp4zr(!@9<!pb@2}xo*hr}WldDoCkwN)#ruI47fmPs~0pQ@v
zaxnYGRUzKIQ<)^|JWF$&WXdjt0aA><s{ex7omf!To3@5qFR!aE$xaAwYFumb7>in8
z=GG5c8y#p?U*xs_Jd;ZeDNN6CM|nJ&`|+DjB-x?HYDXwqJYn!BhonxX+HGPi%S!h*
z?Hv)VL16LJ9JmKMZPQ>Z#3}fqaM))MeZ0qAo_cSywwK4NJ62&A@N|85jld8<!YxbS
z-(sc-ce{SQb8nv2PjzPbzMjp?7k7hIHmi>uh}IvSKM3hfF$VT>%ffgq)&O?PNRvVc
z%pzSB-!xBOsxuLn9p_mmRoU~Y>u;|_6Ax6?sGuI^TZBQAXjas9FxC1lUw)>+tfff8
z9MGHk<PuiCdQ#HE-d${0>}V`dwxSNg<x^#sYi<mx2nO0U#sr@<r^Hla1x?}|wQ^Lx
zmGx?_u=+M;Fl$6oX)`mdRJ}x`+t#yyyU&A%R+rj}WTpS|A9)_NvLn#zAz@dW{B-}B
z>)kGwsht(E^qfJ`+TU}UoGuhGE7EA$`Fuk0e(NId)15P<g4VFl`SFkPFlm%R)ss?N
zPO|5SE6-d@N{*vQYB%A^yy4}ws;k{Z&4kot$M6r6SzZV$`ORdtG;h5XTm|is8wxhq
zQ#2<h1du6F5%Vcf5|Tv~mKl`Hp}yQY;`x>Q=G|qFx~-@;cGD~5<Ian=0k3r);@!pJ
z0cFfNdcK+^-I@v1qH`Z9b<XIdTIKJNzyopH+*V4(`qU4aJdt3#vL%MDnoky2It-N=
z<L-LUK1*38p8~$2(6CV>d{uqUhqM$UbCj>Dhov3V>8<c+vmWKaUkSSn7Tw#ZwpHzr
zdwdNZI(aM1>v$zh7ft21;mVaCjOG|CU+pyHIFBUk#Fz)xz`hvY2wd7r9ul2O=-U@l
zRzHx*+8>{J*3=wek5vQWJ^iOq)$V)*DAZs^&!o6Xkcpzit$EUHkZz!igjwG;CjEJp
zt-UlfyK74=8Ni(BfNnC6DFWub7E6Zou&`3R^fg5UalOzC4jW-MG&hXG`y9H88K}Rb
zMD2`=oApxHlS45}e#nsU7E)m0PW3+642y8O^XCOlT2tsNk@joP6-pW^YSbuKQgz--
zZdUS(gr(=NBYwDTLKPFwl4bRs(UupjvQ=(JJK?I7CmxiT0I043(4N{~EZ8?QmG$A$
zq$Y^hRKAy5Y|Lz;?y`~Ks=faqgp6rK_d2X_2i|>cE`BIaS$C6wkw^qgnswZJkbPX5
zPd97OgEtL(0!Y<YFFNbWN-}dF$vCAb8k=eR4yC_+GL2a-`>Nm@AY$)+t?x4QQfRzO
zNSU(tyoEs*NTaGDkztsv0xRyB1MW8ih#YO7d;nD7F>@LdUh*}uIIZB#t-FFj9OU>E
z%Xx))5RC>2OtSV?$=~isT+OauaJsfG*5yBE`WmV^bVI%@ra@WOe~$(GK%g=;i8`>R
zkz)L^V=Cc`VRwOrUsb8oA`ac8UNlA1ZQ9mooUn>V1VjczFV|bvuP$bb1*Gw&kI0|N
zhL90?1HN+&yK|QTB!LG4A7Qn~4CO1Nxj2qIwy#96hPb^2AW*ozo_VNVEUx$=TO8Vp
zod3N)mT382FTZQdGut-5#M1fpgrSs|iGKE<{Vu)TGy0_*N9{jV?ume|iLLtzy`8Yw
z>zWo66-w^KR}a&%3=hfUl1-iW6_iiLe^R9={Z_0yh}tzjxEWY=Sc9o-C*Hr+NHLSW
z(;WtfcosoG{y8ckX_n))Yh_3mSj)hSDG=TwVCKF3!wD}J^Za>3+7Rj(?B*nsi_Vnk
z^^hI(^$sg<jG=vnsd{*qcg6w*Z7j4)w$lL9+F*Mm-AcLpd`JmlTsdGIdl^EV9b9>m
zH=3Eo&n$J|S6!~9+kF*84U|i@v2Fwv|GIOtQ*1EZgI{y3N;Q>GD{E5+^oka7TQaq>
zw4zma$d?UiDaUwGO?UHz()YXtjU^(Ay#$G$iarveUk<;F+xjXig?wThSPe0J*<_Nk
zUeqU?4Vg&PMns~`ik9<|UAVnhFTMZk!_3lcThNvL<(wS7d)e;c3DIVYE0jg>MoZaX
zUwWMhI^sG&7}KS#c|{;Fz&6>{?=7|*!@XgSy&IA|>?<~TD%pRbV--C4DC?8wA*(_*
zq$9W)pE}CuoKEz$ntH_+0-t;s?;`TR&}A$U*gNa;ETORg*!_$QkdxxYvhV~^UcCJ3
z1<70t&JPYLk)-ZwC~A*V14OsfXysoDHKz@fR3=Lr(dZ_Ga|4FNYV4~C5tSBr4lnZw
z(^p8fG@q}y9$3K@AG{B{W00AvJ)0Ewh&&K<8~J6a+7u~kBEQJ~c4l2LoRLn&m7!aq
zRJ3o8VfIvK0J-JT+vkLa=2O*gSMx0%I7cDWKqg%8OUNZc0MX@{T!ZAWzV){SHM{DE
z>>1@vJP56mHz~0J`$iNc>+09%=G1j>CwXpF@_g#hgM`e{Caf^|<4S#!%OlUPca`8i
zj7OH!9sW5flWj9*cmdBtX~j86HoG0tN??}zX8A&C@24JzUWbWJO>87LeTgj93<o4z
zJq%&tE~CCa-#9vJ+h4q}SeJ=a2!{(~M`6q*THoSi&0A_$z-QmUs!qz$hbJNG6CX?b
zBG=qIed`13_|><mo~=Q^R7;0?5?i!n9w3rc&6uZ1wM|^s;U`oxktu?MzTS_Y!zFhq
zLj`5T;vnQ?F<I5TeEH<QX7O99CWdr~_MC=NL}86$&c#A=F@3J@d;^`gwq0_2`@Gib
z|9tZ^8x6bd%jD8(m0)q&r%cUtAwR+<5dAPE+@y4DBhGsn$Gw%2T6gVHiyC}ol3Uob
z$a8gl+eyP4Nb2{VvM?sdE&@9oCSy^G^;LQbtfR}$+L|l>t4qgowvO*h{rbx4Mp?V^
zz1ujSIi7D_y=UGvy@bxw`GX4^Z}G2EVUL{-Vql-Ay94=N<KR5mKJ<|+cczz%**qJr
zT1dyJlx8F8`vKEKwK~`*y$T%80Yn`slSZ97sOSzYD&aTX?uN%+R>ccuKgzvI>tZWR
zWhrF)+vncuUdJcKX6EX9W?%RZV-IG~3w_n{SYiX`QX+7o5fF5pe)_q}LAHDUj?I>T
z@LZJhNa-7Qo<;YnmE2f*;>Qx2n4uDPCZDb_4)U}aYT~2OI#3)XCqfZ>x*0ek*|&NK
zEe}o_&H>;XR1Fl<VB_7F-7P2p4K&#G;1;tj<-7YVct=fYB-Aivv9D*Bz<pWK4wq`o
zsojHIIAr5k)GQ(%rE2>i#*o(e)@eh!eFt0IMSZ&oPEeWFSGSu=@m)S&Rj$Nyrr5+a
zY?);U@tF&DfX45{k2Jp8)56_46LviDaN)@(y0msd;I|(8>Jt(<rlrNMLCPp(YiMo&
zoMrPh5Nfgs0mumnq?e_mO}uL{XD+qB>837a%5NC&P<X14`f`x`hKg3h#hR7nM!yfs
zBriiP3c_q0+u7vevFnW1hZ~a9mLtCJuO-E_Cx4C7u#8-@4cDk6mb82DSE73vLx%E$
zvrUIB-jv$QK1>BlVY<=)0M29nNAHQxvJrP6{shkNYLmf9K6gA*=NI&EhHX6j<7Z<@
zY2QfrA!uOmIoTRlYL>cPYQGwwaBF96Xkyxch|cmU?uQ#TV-mjvlW{x(o(IrmCyU-y
z@SiFT8l80vxd*~0OiBks8;naj39Y{*Jo9425T>W67!<^y<@zpcIs{h21DT+J2vTT6
zQ6#@<mZIK)W#Za><BJ_R+f;-d-iPogBh<?pG_(5119j!e@xTI-7I6LADwve^8oKe=
zPv~)%V@I2*tRn>_eeXm9NZxP<QAuU3>F13DNCN;oOUDE}3&PHlLVIS5ecTnG-{LS3
zv*ug%8nYe<H4J<65&)vTjcK?bM3HGhsg+SHqlGHS4Rs!BVL}5XFf)CUwJ@c$4&@<I
zthm(E>80KkI1;;qk}MhN^E~`{W|HGPj>RY?3<MS)EU6j|(In&f!mk6pifpxfnr&j*
ziQm}l-#crI8`zBX`#PCa6}C1nK@q?PYH@<QXD&opJ7V=K%mTjEY^M8Nrn+-{ODZe)
zM5n-{CoQ7~;UcV3$HHp+O6oUVIoxDHzPZ{SL798!_v|)%<9%by>`$)eSr5}L35IUP
z1`Ctm_e))HU7CSVh>zDyi2EmspoA$%INg0|(3P~rUS3LF3kGL8D*CI?|2<dOig~6k
z8==AaCf{vXzcx)sj*k~1A?^^#Y8;f9Asx_Irxu}6d90CXU%}q3V9(s#qI=)GezMlN
zUy65c9zWr67^v~9mAuD2SS;0jFD~QbDpterij#-FM-Eb<tP%*-K>xF!(i=Rx(w@ca
zK8{ik&(q0dE;Zg<wpQ#B<2Bm)gVwrfE#hQg`ApNfP-Ko3dLyl*UTM-r&$GGZDX3Vq
zBOod}Q=zFxW{t%&x2*QSCMLTe$VbpvOvLT$<e-BL+<zc~SCqoA2$_rY>t>Quk7{QH
zY4>Qfptze-Bs6O7yd6mTEc#)?U~hGi9b$q;gTWAu<i6hO4W+J~0rv5ac0Dh4CI%X<
zOSlX14mygIBj#q8_xRCq?*I@)T5dKx`N@k0NUl98t}=AMRM3$%;39)yi>zTu*aPQ0
zi!s;|+5oS_4P$bK`coiQyPjip;?heN<AlctWgmJwt%li*lT_m6UnR{CRRrF$M7R;*
z)q>kEF>|)Zc`K~;Ry<}&`STCQVqq3&Yj)^AHo8V%-;=7kU#u_B=*7aaKTOQe>}+!o
zH?at_HmH1Q2{m2cFMuW02e1eDgVpvPsTSAX*f5km&LzFbKbr}$QM+!2e{XyiJ<lyq
zXyBUv>7RB*q*&Lq+Sc&(K4E$#DaDZ^Ye}VAg<b^i86sB0+UD*k)Y|k-2lhCjtj-o`
zB&9+ynRsTXw`y~}gP#{tk!_OZob1rJTIv|sbUA{cVNSm;x5vA7hbu%jGJD{!BMIN#
z2T7eLb>kW;#mPQOe+;>ceg0tNMeK3OP47(T!jWbPu9b(Jv|_EQe2U4Y`_!+#zE>=z
zAzJlM?+qzaJh!%pv5$M}g$Fb3=W`XOzA82V0ojyHOas+MrEHM;4f|b=H_#x?(x=5@
zSG65Ut7cm(xX~yT6q1B0Fsa^rU1hv$w6=z0Q25q`MugpL1-k>)tuE6SHg8T1{ZT5L
zPB88Tz-FZiLkO3>KoHQuA<bn+X7d6iRPJ@dXMBcZR{kA~Lq_=^hy$bZmx)tC^LluW
zhM~$I)LG^nMB68{e{yUUQ$yd7x<249jWXl**G=V+ac`u6Lfnbmv|jeCt~!QTrzRvM
z+Eq7Q9M;AX!8lU<(@v}G9eu5LZiW*#bh_JDENO{_O*qG~zB|ki>NcnUXarSYxAKni
zAg)+QhGUR4J(Cc0G00RVX!rPh%^7GtW9KQY%1OO%aF<fb#Z&^K$Ycf2x{&-Q+@Ju_
z0YsC?idOCt7P!AEXD;M0?UW=xAJ6Ks4E{X6G6rMcK<f8d8is-DV8*dW2|t-7hn^br
zNLk(iy(4W%#p@_C-%O^IrFV|>Aua`agx{22cskJ-hay!rag%5bW^Wsh%w!YpK1LG!
z;JHo$shpJl_&Y9rv4q1QR`y*qA}R4%4;x2=LBnTaLQ1u8UZ4N%3Ag<RhO*DHdvEmA
z-{dCuxvRE)AiP5HAH6yDV)F{f(i}qVSfe9-g{HyU5r~VN^CCVGRPovkkU?Y&gmz6d
zYLlXvx_OEYfE(&3L1eS$T=W!D#m0a@S4y4HU|D-2+ydt`Q>=A|$yM3#zVfOhm02xF
zv1;m}Ew+f_)fnB(0QU)64@!rGJ0oGLVF6c-UR=AMW&N1?aSpyZ<Q|{7!@M<6QqBLm
z-1JH5Z#u2*glx0f`0Zb+ke6vD#e_*Id`Bp4bGKJdhGEbrcarZF8;Go)J{fDTAj4v3
zb67->1e;k^lS;YxXk{DsMN0gnE`Me&F2FdA2l?#G-cXz>5NFI0RxGKAbL=%mhK$#E
zfp8*wF3kxID=Tfi4KLG7e@p@sZRPlA>WB%A)?SH?`A8K14}<hs_kbR57^m}6Eb4|;
zp;{R_gB#O@xPbSmUPP`ca0%Dvxw?&;IS*j(-wjAV$&=r1z^=CCM4y)IS@eG#>=j(H
zHZKo;btGl@Fj}N&b+}YM6oaCdFH?kxsCe$iR;Vyo$L{Cwb2)$@C<c?t<ef(zTiLU!
zvssMRV^iQf22<w^Rwva=>wv4@VHRn!CU?F71XB1~$QH)lZRNpsAwiwL>6pWUnof9E
z^JZu6oSf&v{J1n8|6w_GZ|jf#eG94372@{{i@pdpOwyb2(vT>UNZ8YaDHIe^IS*eG
zF+&vqWKrr~cES$N{h#~VP5-9rSeQ7t6STekn{ME3!4`9-l=}1K_SY-zcQ(I`%=6x3
zVzXT*hP~w-EWbyC`mWllM-?luETl&_Kz5P1Z5ux85TN)R85VOW9jmo#1Fn(l=B4H_
zf7oC!a20Aan<YyL8TNSCCUZ(45L9#i?(V0{<pSOFDaJXn>^6OvPiwI%KuPtucD6L7
z$f^>EX_4+)<#7VoR4l|MrZJNP;!KtU+>g)>6PUio>Urm?>!UImn-kNoz^<W+BCUAm
z4AyCgQB6u6Y!-?J<I|6n7rAO#XRX=oz?$VpZ5Tc?i&>w=hdFLOh}Q&o2uoSaVEpq2
zr`f&R$8^_va1a`IK(NQrTM*9NYOYT*Tk*Q9%adcLLlu4+<!kCx7AohI%}RcnTjDR#
zp*F-_CTouj7eg0>7O#55>O_t)gdv{Ov<$VnZKvkdQprN>eEVTWg)bfLb6;mL-f{hN
zLXR)hrkB5RK!);myL=H~TBx^H)mFhQoF3_8#hTV^knF<39bR(LwAkN7X5M`K+L#a`
z(b~$s#krHr4A(IG#Rbq>#PbJ_-@vL+E@MW@)Bhf=73Af#w>hn71CF0moM6;kBfhq+
zocyMH{`FAlr2W^cV|)Ep|0e%uho1+&KkFIQD!;90oMzCuCY2$ya5eNB%P?RIt=2+u
z_!jOae20rY{fPTp+e%YNV%d3w>man2>s}{*X(vD|%WTt;p49)!N#<yj|IHGD;KJ0^
zp}*BFw~m`A@E@cYracRZN0iyGq<v5Pvt(?&qDK}Qml1SbEDD9!A12~To0QvqCSlqx
zN9ZrCGFo@eLy^K0^{g=T+~A0#(1j5>B;w--6SGeiJni&oZ~!-(U44eDfOp;S#eU64
z%V}am-LMfScn>(!5Q>BdA$2k+K0N&bA8vEB_Q*|cI4!}%3L%lI>z@Al27OUf1R<kJ
z4a7I()qlvhw!N6~j$Hpfk71ZSOnf>)KNeK-KtPL`EwObbCQ(8&-WO(&kdV-tkP!av
z|K>RNtvNRNO(&>f_?wRK{Fx@d+5d}Q{OQq=MTxt5hQpmeQUFi&U`0YuaOp?51siNk
zf34q#%)i#U<o;=~FMekrKu|a|!z&#jG5loF?|Wy{K$#CnU3i&)Kl+A%O_=^w;fnHI
z>TZKey%Ht8%J}Kx=kw`gE8jfamMOP&$qyw{mh!|^W|@+*+gON6jU5&9Fe!K!D~xbG
zit(0jj!v+qb~fgyH0uJj|B{*FtRZzZBD33AU?<N;@C|$bl$hKhCPTQvgqv>l?uqI;
z@3?Bo*pF%9%A~V+$rs~)4dWe|-VdkXIyKGu*<`wLZCF-ZV|uSVfhjwsYQS?)UiSSx
z-*xM7jg%F(X_9`wbw8%uHUS@(8na#1Cub2eO!U3JZ760~L#XS!uMJfr25=c?DlXP@
zPpA{J_9W80`KoR!Nnjs(H3;9uY~p}BumhnJ-TkYN?&(A0J&r4f(cvhDk6u(8$ku%t
z2QlBPa77SoNVvWSGp|j3rgvFnz#!ntuL48aNMx65jkvqaPYc~sdL0c{&4=Yy_q^3j
zi&|$mKjV7XcWtLjR5NhAiF;S<+(M_b=iqA*S|)~m%w%;ni0=kx|2SJKYr==Y1_2>^
zbNa;DpWXwpM~qdREuR#p8Tp`8$DNi6)$D;_^TQh5SRtq@@A4QE*^38r97b&VJLc!!
zLoWnE2OCM4GFv-R2k-KbYNOH2iw-l|rZVi#b=G#m%^pu?MaBmzF#{*~s*E>J0ve2x
zVa1=vrKw6t_$9GK2e-~@K~S!IZ%Xuaq)Da;!#XSH#{&5(h<vu8wn)>$tJx_J9m8(a
zmG@5OJEDLOc?^W2p2BV4d7mE@tt5h^qMPEg!sk^GvC`{e!dWd3NAATNL<CxzXO0=;
zEA`8B99aE~dy@<SIk|HWvtdZ%R%h2`JE!+n<+q*tey+i7x_h@|vl8{IaZTxi9(S*I
z0EGRS5XDyBwK%oSu*|L(4}WytAa$wfK2iw(E5nu)m$0fmdq#3O37599)Zm|=IS-N0
z+du=uMHP>pKIFOKGdiv9S#7J8@Hxm_!6J&3Ej(l1;=nKVaRK1c#3(vA@F`q#cB%Fk
zeS6x5RPGXomCIkt`xC_P*<ZG#+&x6zoW2gUepscAS4k}d>(u%!!m%MK2f;PCcE4(u
zGoWMJdv{2u@7S!&Ns%yDcX3$3Mf-xqZ|z?%+@<C5QhaT78ioN&GIys)6AaloLZ+aq
zjQ1_6LVZ)fO4`T|S627EUqT%35{D9n!VlZlweQMF{-wOF<ATxkrOq(ohH;KpmS5Y*
zIoR}@%_1@NTm0#0ymGp(EbNxMW`k5)ytw?-kU_Ly=~CP4=CLYCO!Tdyd2wib-#;?2
zC~pvCUHdFvvc4<T9(iHL`LUXa^Rn!m-K}L{w3+^0#=a(rRPK_uRJn75=BoO%+a08O
zAu;0HANne0o{?o$%Wn~ZfrM-|N7Ob5B&C>^;n^77>6-RU6)hxO>1lC%H+`8WIexk3
zQ^SvX8TVRp`6n~|V*ST0Z<ZUE@thk&jmIoqGoVk{eQJi{7k0FPKS=8NOXt+Wp<X|0
z-p2>BHjzwI76xsxvbSdP;2;8ntTlCpvkv0roL)9a2FSdMuR3;+mh-+U*@0^sli1iS
zpZD!hk@KW=_vz~}9_O^xeC?ML#>|5102(7t^1lu%W3$iQ+4MG$siXp<H&s3P32Vw9
zLu-ASOlLISQq6RJ(}8u_WHtGG>ZTzuegBDhRSjrzv{}2}JkFC5uMk<x-1wUObWA{#
z4~PTXYD<*q!6Tkg>xHREg<DhN`_fEJ6j?@h;u%qYiiEHyhvX<HiSV2o8YuM{ekH86
zT5}?J!wrItk4r~BO+6E+SabKuK$H@c2~L#fE#h<APKQG0nYxPJd!Gje-_9Rikfdpd
z)_I%XJK4NpWEBCDF#FD}1enM(^b`@PGWzid*C55#=i)A3E(2-^L^kls{~ZO;lOKca
z<b|f?E_^0Re45jt0OlYL0d8?WqCJ=1+U-KpzIhk7kat*@3B9)(%+Ok*a)OA=ie}qO
z5@ql4>r9upCcpQ0RA2l;HX2I8;jY2$!lbj)wO<0}!z5z4f$-2GcV;<{u=8{rSZ>|h
zt{H~`@l{@V<&68Ijs2_*!SXl|@Icxbn<`4Z=#etHs=S@KIDYJ1Xrxo`*uC7qf#pDd
z?BRJ@!dCZK1;&e<#6+{dM%(OuyE~YkPN+Ao@|RXkb}-j@z1R@YxIEKpbOV_oRqtvx
zZkA?M<l9^kpzk7VEbGJm8T5ryU%qrf&6MW|KT0~Tfcf#_zt2>JT_U(BeS6axlLh1K
z)dA1Odq<!o2hRs6CCv&eoG>siVf~|-zpI>!__IHUnF*B>gDka$7ES4G?+BpWAUGOm
zKCPL_CPa9$D?ROAjLY$*N}{af`n%2AR$Ok)jki_s@(SNeL}5xm^*0VLzHuxokLIID
z;I)T9B0!!1t~LH3X)oKGhJCzhB9*egzu`BP`fMw-%0=*=P_F_-d}%v&YU<NVx3q0R
z5#p*ltbvVos$dWwTuxJWF6bSMo3A4$54R3IyV1&}F*9%Xt-YZjv+J3@#SfgBxAPip
z&R}gxeJ-eyVO=Q@HF-;4ll|NM%Qzs!ge89!47LMb0=lxv1|E}j6!s;pEt<lheC5&3
z(6rNqgx3@lBkEw+W&StapQ}w81#&;fF-eY7OB|M#8P?G}9Ugu>F4Ou2zH@P1s=MqS
z_f04rnyo`GO)?u@yN)mRT9UH!he5!$GRH@ruH=DQM@UP;*ht~WeW)fo5f&Sk$tHB)
z9<gL6MV*m-M7+VZ8=G3}By)E-cez|;lXdBR@HA%AtN6;tTVuHQx_8R7al-ASybiO_
z2NAFtlDF1D$Ju6hS>A*7iMvI;wMJrkU(-(e+Hq%WC7H&k<1SlUs=}OB9lp3T6(5;N
zbrv^gmWY`oH4}cU#;LsFgW++L%jD$}oc*i&j|PW!fr_gX;WB^Q{6=J+wQ<G|>@XkR
zL9yG`Y~bq0fT>8C%L69a)(cXb&TEA0Fjzq>rbm&Xb(Xa$URSDJ@Fi)vHpy0#b4_t`
zBKGoP`mD#a`(h+Z8F^mqr0Y-N8QW5<qC`~_@c3z|;21p2{77*^tj4CHL_?v$N{bbs
zG8w8;Twde_*Ct;Fk!OCUmRJ&Frfr&|xjVMY-K&_8@(@x*V27${dn<Ur_qGW(^WAY|
zL$A}%n-V;cFDP~7lEhr6?Wqs)rCUWpLm3)&Gx`CbAFNICXzAF>m>A^MnK0cnVOk}g
z+brWZ-Q3zozOQWqVgdsPnWnA#!9SYqU#;w{pR@)ZzHpyj$Xo~E+uqT@72M4|4wg$M
zo8m{Le#w$rDcZQ;<%S?=VYy8R1U2-beKR``MW6RT;KSX&AAhm1t`XYC%m1|Ek=zZD
zBV<(tsuSM2QLh^+V&maVz<QkTgbu$U4_raGZ=k$zFxG)3_B&8cL=r>YyGbO%y~suL
z63}=G<ex;xU0Ip3;NH^s;Q^!1%k_I8>%SZv)LIN3x-5!#mI`V8)6cM0x#?KewC`Fu
zSWozC#mp;%esgLZ<DN^#)&tJYnXb>#PE3apH@n1p1>XrPDWK#@0EDxD9xS-(kW**q
zvhH^ez52L(Jn^qzFrB$r(o7hu*}>)#@1xwZrckpk)zUou>ZcA}PpxmY6_y+>J{L$X
zrt#gl>&4r+;Qi1u{wlw_(BIRtM|yAwP!%)8a3Ap+%M;TepPHKADQ1bX47pGNg^QAJ
z6@0{rNKgWBn~1bU681dJ%4PXE>pj*y;jxK(;g4v@(vr~)u9UeJ6t7sq;N=EIwMv~8
zesHwfsC0EErU<S*jpb?LE^9apjDN>grfhEG-FUkxb<8<KiJ>f{vBD<G3Z2xXw2&SZ
zk|XX<wx&V>u%JV-21PZtbR);dCSgOstTiB`uklIcl#)dDzxSUd@q<HQEaAodRgbA%
z<CInl+#=4FIb<A?6(rNlI3zT;1bX%pH{W`Uc-H<W(@l_M>t2;~T9O+c>_4@e7hxZm
zW;9^F)qbIewbx*^WXMnq31maU6ak-bM>jb$k*kJr8(xrzT(Lg?iG}e9!}>UnNzmF&
zL)65hu9)F~g(SE2vK-7P=%qf2+$N0VJ&>!+4oHJ727dJ4-#1<z-`ONoNUpx=T4Pdw
z31h{CV5{uHxc{KRk65xsR+`K?nG&oKD(c-`1bp1`bWLHjfT?GpdU_FxMDWmv-+`sc
zom_jT7tq2mp7^Bm-s`1%xt-FB_WD>Eqe0|Swez~?VhL?YA0X@FO?+i4zWztSa$X`m
zk_P%=EY_!Rhl^tW-h0j6aoh=I{;n(&jHwNBp!iS>K$AH>KLD{L_<OkxoH%OueDg{C
zb23l-O<<9#tfeERrP)G_Q*wR!=`y~rI5%l?Pg*`2P&qAy+yGuKf+=r%Je2t9VNb#x
znVUE{vk8Ye#K0bh#Dxs&A_+;nCgy_6L{#^Bl{gf#|Hoh-eSER<BElU5UFP<=>!=#8
z+R?xhDp#@;zTVxlV(fNs2r=P0<>oV>T=VG}aREXk?wjyRWIkF_wjDP#FRT)YRm||3
z(uD>c#!P!@G04gOyz_|sbMrY}m}IvTB$ENGZ$^tdEb75fSIHT@p-^<pP-B|Lhf*^V
zj+Eb1XTlmJC-~z8-*fi$Z0YQ)MEKje)8fsxgOAU)bC1I#l71cAoGyg<ocoVH0jvv4
zLtLugI5t&D@oy2Hnwkn|uNnSn>xr<=ZV*<UR$WJQrWiKX1AT^QEk8x(HDfOZVBJ=0
z7Mwyv0GEuHy%PLP|Ip5A(L>eW*BQ_8^`MU8mVEeffPSX2-Y?_59{~6t-cjkmP1@M#
z42lW-mGo9fp$ossZK^Q*Cf~S0(79TYK-{yoa7IeYO}Q*nl9|<rD{Zrk_ac=yszuRJ
zAJB8O;`5}x^VGk4d>Mq>5nKswVB)0fZ4G)LJRR@RXeZ%T#;hDDhS$1o1LlDz9%ecN
z5wB$tpRs$gz{Vne4;BV52~Z^&28SB7%cL@b6#xEY#qMS*^K0Sduts{OU`HT-nskx=
z7P*vj%w019Ln233QsG#j2m;QMb)-bF_T5|$?Wy~P@{{Fc6E9LlJy!CxGU3Mct*x~5
z$pWVJ0D!4?AzMCu%9Rqib=NwIMkrw=y?}esw>t1`i_Q3%Tr2b=BUOlk=*Ym*@#WQz
z2C_Ed^x1GKRc{F4$T?Oe?F0@~WA#KB#R6IH)-Bke@=JqL>Ytj%2$MHnryar~O&r$`
z(uT}PTH}n6{XZSnWGNMm{mPp}h?0$;%Sr4*5Is(y3k?gJ^}YQo)B5R*Co`hNX(W6a
zX3;*HeW0YsSG}zrri>Hw7QEW&zY8_<IE;7BVp6ddlorfMUZy@};xF{&d;Ge5x=|K|
z|8uQCDqe0B_*yviyD_JssKu(yfRl!*QI`9q8F<<n;8=~*vrC&|!V64Qy?NvO4_XE9
zLK&)uQmi+yD`$B}_N8eA)W0$7tB1iDb4l}GiE}IIA3$5iZnuEONP_IIgI{b=6S0v8
z(*6l9&U(qL{~B#c+5bM;um6bmgC+cmiHY}<yD)S+B56I(#liv4IUXnZ{13|Fct(>E
z5*oywY&YQ2*R&s6E#L8^Y%uoO#8US*+TZ~6sM8O(&N97ra7n{xSV!Wfu~<ejOh1_u
zmb*5kok5B+eCabzUX~{y+`;Qom(isF3;)_+%4!*{)#UNcgL$K=Y9~IahVxMLNc4ll
zpt<L;dQ*cxrsWKkOm>3zmT?(%9J4WBL%N#XL=r_6c4e&^Kk~;ftmZY$y>NFewIqii
z2-PTCmB|%P^STQ`w@h3ZbfKy#pEcO?G%+ttQhCfuybo@VddX`^cjWYJ?|6D}VOA7c
zDaM*(zYv@c1c|BEzqAcpny7hkKQI<++`JXgP>-jLHC{K$9kV-=SB|Qpm@ek8s`oFP
z(jxRhz{o=@v7|3ofSo4W^{J))m^Hvhr(Ir!1<Qmb<H_E>n!hbnJOIrP#k_Iol(X41
zJq2!7j7uBke3~7c6V`Vek?x^CI>OmDw$gaIWh6lTHXBNa@&7h4k|ww!hT)848zPgN
zT?AA}UY^<|r2!n$vSSG&Qe%m3wHby35<_KGKF83dl!?vv?($JjYH2HDfRJ9>lwt)g
zwsbv{Ge&YlqK|c2savMcg^+D!tn!|CsuyMEjgh5%L66Pr-TCy)8IP$L`q=03b{mS)
z3>*_#qfXz<^+3h$0t%Oev~XiWO1HJu1V933V4Sqyo|IZhqMGoS!P(2R%g?xsv&6)c
zA*|Z#Q58;0tkba|ucw(-pzgjn1Gc0poR(?4f*8HWAq40!Q17SzT{OvPu<n>Akeirn
zw7X)2x;!{Z%^-FBI_=K!(9e-T<=l5AUZW|rj*%j;pRp0rFZnAyJaTKR_pirTj1N7H
z^KiKq4ow3V!7O}P#`K@fJ&i@Y7EP&oW!b%1?=V;(G2*Lnl`?YIS8^(N-FbQ}?7k#t
z!nlAq=iEy3xwnt0aW85#tY_w?|C?8LJi=utZ(^)HeDojQRmzN=e*D<3CvFoVJY|^2
zscD}-3h^O_?0>ZSZW_BdHXw}M5f;y}EHhI&XaY$oZ&<R)IBJS0T<qW-P+<TT1j)0_
zVf_>9AZg2^UM{s**2Mb^peG%b->+q-hCi7Anu>iXme`K6al?0RwJwRHJnouJN};5^
zBuu!UF<!2?x;b{92jrj=W?V8*paW;ZUh#N&V&U(i_^g@H_#4VIDuzN%#%-go9XxpP
zzIRk|$J=@Ew1eH_y1!K}FT6P8)_}Ng4@9czYImoP_G}ntmvvh1tg1~<PKIXUqLasg
zeN$2|q#i}xkd`M}^J&KW6U5Ks<o`s=V`v@<1rVvb&KVgqX^AZow|pkPWgnzL%!BmM
zUjL1|_l|11`4+vg3knJdN>w1C7YPuW;6o>Y(2Ed?lmrq85UMnN9+ggj1PF#IkkCQt
zRZ*mcs-a1js&pyR;d%M3bKZ5Iv+nV%yY4;j{o~C)$x7DDWWKX!&z_mRKf7>U+r}sk
z1(ez}DTBxWftqSU{k}lhQv2-}vq2d8eWAxu^%}+k7K$QET6QZ4k%3HTJRkbWxR4!I
zO1ZY_xg4{ILdZ2epRe%_tbX#kWQ6?9@^q8>G)3?x%c8RC`C*G2T&<f8wi@4-L=_dh
zuSVt90m4QkhkB(x<R~hG`hTFlBD++SyOR~GSY_;?76aF|_t-I|lJ2E7?gyEj0!Cwe
zJrPcfF$@RpT`?k6O`lfl^f1GNa0<#eP()DsUt2Nl3z-!?!4{R*RGiDm0~0aacD6Wa
zD~OL^OSy!orvCz<+aIB{t@+*RVpy6^YizG(qC~tv9^3klr-Ix1GbH632rFk{^Btn(
zK+PO-#l33f2fDPXHIBxG+8a*tHi-%=*){2j-l4mY=JP<$Wc%)WhUcopX>~VHhxz&N
z7OgO}RpycOZ4MC~1M3XeGhe?dk=A=rfRNs5_r#@p=X&KEL{L@<)`H-~_T~@xH2!bp
z!tXwc8$_3czM3@CNtna-zZ@(?ju&Y!&u_9MLFBA9ecrt;_=K(7=SrC2!Ad_!^ddnh
zOZPL=M6m-x&g-S)Kyv(M;9WefiB4miN3_Rh^|m>}FuXM+4HW%L#Y{wsJmyg*QY!6O
zH>(Ip<b#HOzg{bw)OT5Dfd3Ao`asW~g$?;#361#EO*H1aq+>J48Q7(WU*XnQ1VxL*
zsN<&~;ZG<dxAJtUnlDM@h6i*$;aUD6)Vr-e#jY2#(tgOZ-5ToY$A!ME^>Jg{jl^Mc
z+Ug5*8iEP8l7tC}dd_e~Yh}`#+x>-nOP+o`m|~FbI?`@9jyfGskDRx7cyXqwOn*~H
zgx<5!>)QxGxW|u<ZeHfgwdC<&<G$X7JwOnCPi^n+l<2clo;{J(Q=Pj_0fq;jS$c)F
zr$#oil`KQt@QVYhPe0wui=C8^eUkDPVfjwUv<#TTk0C`7Ugm~RoSpqog#>I(n9^P0
zHTVoOB{?Oqv0wKMsE}@2ZZNR0xcRx5<PSEse*-dMuWcTbomFfa^?k++K=Ds2vTAQ1
z%b)iVr<H&fRqb^MJk=6xJ4KJEfwiymt|xhw>Uqsop{$x*AqB(p&f+J(R&5RFWc44O
zr+RTdczC0&!uqAt{z<S`Nm`oGYE+FF^eS#%S3ij_xio}WX=<<~clQ&PH9p5`c8W?m
zdMP~2@}p7#T&p9>M>JcACD?l3hzXyKs@ap62UfV8z(W#{PK6(?Je;=%G9<DObS=XG
z5zpY}E^F5_qn?MSh*KoX7a5$E6RPAy237M0DRq@rSu<A$$$)r+c3D%SAN;P}eW=+5
zyV?C=8Dr%9h+E#s$ev|w%EzIGD0f};TQiAYaIFt3QGN{2tA3GmpDbp+zEi0jNlwB$
z8RCbRJ26}mp)T|t0T1_xnz<){hfO(POUdkZug0R(Vhw8;3r2MEZCujE26M$k_$?&j
zr)oB4^XusaaXQ5nGucXT=P!u>eMi^YWIl!d@(N959`amt#N*nM>j^9G{Heo9aMp|8
zEuSXl=|Y5`U?)ZTDD%Caou4rCM*}3(qWFEO(!5cM^58W{WKvbi*=fB#%i+s8)GVR{
z!Hkbfq+^xrd-QQ8RYxo4VcwM&`Xy1k;y)hTBOsuf{)AO>y1b2g6k1@9i1ONBC#Mh(
z+l!YLVV)&l`#j?u4B(B|M$hEk+imJi6i;C{_SfqPY&{+T%xBN>erU{e%E*)rQM>k<
zZsGc~KV+U%R5Kq1xj#1_>Q%M8(%dLYVjH=nq@Kdq{Go;vSCINm(|Z`=6rC_y$S_eW
zUa9lueui|rhwQ_vB?f`fR5VqZ-u<nAg?*&gB6mFlNXWu9pd_E2BH|W1P0DOJq*JtT
zL8gs`{?X>t5l<MS84b-P6s@k1&1Ag*>Pah!_6hYENjP#3ppY9G+}to85XE99dZ<Dk
zs`DF$r&!N=InB#+@HB;s6NwoFzkcd+%@~h>9GDjWGyDt3Z8;I`Ol_p-<MT3wRf^iL
zO=jddcnQjWmm9`3(^e&@Mt~v>7fuav@x#6xv14vigP-u1THSb$8k$bA{SwkFFfY^D
zSLtyD-q2p_(r{i+n2Wv1Czhnz&rvt(CKk!Ew4usXKbF&8%Akla-<NOat#Zd;@CaK(
zy<eHoWmOF<e!SC>ib9PF*&JsUW3p*7rkJykk*gSHypKr|Y98sB_pht83(3!D@dxzF
zo+o-ovp1KsyPB7Dj$i(gKc$>(UcF-e@3(DC!Q@u)?WU1On=c=7G$?XXtaty2xRv9r
z&t7gVq+D^8;GE+(2#TQB)^snVZOh&4K|dw9jA~<?FtPRVN0K|`EX4VxcsYKl@^zl{
z?=Ui`s&NQ2ML+2}OI{C&JbwS^saqWCG@zuy8|8hoI8-xy@ao&_W>p)?NtdY@a;{w?
zUYII9ZM+%}s5#pJz;RVaYN*@QVxrbvgGV)A#Dv;|RD5f5Zw24B7`)As5RN07Y~xC=
z%Clz-!b9{UKS5R423f27a@FxLc>H`a$Mr`)qsKJcr!pRIDnzLW<!=2|pH>uDV~4F}
z|E_uw#aBOxN?&<!gJnRW!}j*w=LOOmuiOU-PcK^3u9uJ#%d<z|h-yL|{%yYAY|dR&
z>K;X|?aBOcMrY65+Y)ghh<}Z>K>8CgfIj>Nm#v}-8wuEg(336L1qp23)fhfe-1Vse
zI-zsXg9StMvS5ZxpEzl#Ae2LT>Q?C2!|_C<t;$F<i_AIlGC20Tq8)i+axk9@#;e21
z8Y5^%GUN}Da<-<X&!%F;3z<@>J3y|wI0gaZjdH-TVrKFRlh<jPWnXSf_V6;3#NNY8
z^YbiOew3=gDsXM80zCv6`lFu3B3FlXys)mIzF0xb|CcYqNpZ=4)1mkAtHM`XT#nX*
zk=>!KvaYcPrPrWJ?YLeB{%y$G@oatDyQ#nw2k`!}!b2Yf{eDI6BT>VUctEDCh^wi@
zj)g7j<VBC$B=_8N1=g;+5KLfl>r;fabb7bMUs%^J8=taY?&!K$QIY%zR(WR)b#4J;
z@?0UJ8Hg2s8juYh)qe9v{)c8|ekB@Luir(*+~Wq0==-ZlNb{3q<ewIqJrC3soKP#C
z2694635$>VxQ%SOBvMO}?P_ffd$gR#8G^+1KIPiWk+iX0xm4YrvkO-WGxy09?UhpX
z<p_fnH}S=u&SJ6BSzVjRo2-+0b%&g)8(=+_32Ufwj5Vi&8x*FhO~IZk`uf8z`_WRn
z6UC#Y<@V+FT%i}HUfXZ#RrVyvrSpjkU-)C6f3KXlwb?}G3l@lH?S}u@#ojP-L4)t7
z2RZdFP&@Ap8@xJu91f4R&E1xj!nwhj&;$yA7IAfaPoIX~^LAU4exa?50-M!e7wy{j
zuXGq~<VcowkNzG-La<3R<Oi}w^Q$S1hpO+TEfVC|=l()p*I#4r;ki`JNVz`yrlPo7
zP`TB`tlRT-ukoZGg#vpp7Nv{TT12TNB?Dd@&|)P{lm_%&E+xwqdVVqQc)rqm?=y|~
zl36S-aT|Jd4}d>r(X@a33;8JdsaBNpEeR8Is`qk*^QB7hq;U}a?qD)_dF+^v5BYR6
ze`;GsN+rBi_EE!lUL{~&TslxJKU&aXQs36BRpWU<vF!VCLedwIfslu-YRKRVC@oPv
zN}KgCRA`u?{f8u=mr`EdQL$Gx`^VdNc%j%UA{l?WmvzoizE9}IbCL6{OzN1yZYqSF
zp@Lx9<xs6qt&352UTj+89`6u|^vQf6CuJR#15ZVs%E#2f`XPuswY~S>M18er1SSUy
za=-0@PA=;Idh+3iI74e*z|(D-f-TdQ{g>|2`r3~Cjg5{Tj6$BNM!FN5B2nToX=fyX
z^!80slE}p~D3Tt=IT<e;Ny|}*jXXZ?yl5)eD&&SZePdxJ?PGX;?@DQ#z@yP2{Wt30
z<@tv^2rSER>@a~O?u~86YR(YYkvg?U<~f0F*M3=1<d_~z>DUvLy-(a%TgIqS1-90&
zStiPf-SNO3iY7|7yfw|x5Ysbpo2#*?#3R*TBUrJ(e5iaPMN%)nf&)P>C*g8<HL?d?
z?)L`ftfk-aX6lXmssV*oRhoPbi@4>n1?$ud|6FiP8bz6slim;@f=Dtx{IVo{=9k4+
zU_)cmh<e^yZXce;C|-@B5)Hk0Ew9NxX;x2&FB6%7;-#=auf6Vmj1%J*74r{U!koC<
zQZdg$6&qi?r(}uLRY!XJy!(;Ju5sT0N*fFxLowicXkF>D1Vd-u{l5CgTiz2sOc7_N
zAY!8VVqFJ}PKiTzathl&CkFPVe7oLDlUZhgT(o~F>#Zh6AH6b8@}MB^goq1%iPo2M
z!-)<Zu9$T`Rp;+WAj@`mEeY3AA%MmX^S%cOv;?w*+M7X?$6GnFku;p4M6vjgyD&EV
zn)@`=pSyj))yHDs4L6`P3~QaBP0Wz!JPRoN+N6{{y76G}`o|27zm&p@<_dAFtK792
z7-Ipb>9928R5VOiE+Bx@^1NI<+k59x4&3mx^<rgC*$S^>oaML-hi93le16x9Dt~8%
z?(oDQ4kbh8+}?Z+HI{mz%+|9#Py#xWF~(VX)2%V!)m!|eF7+nhLC@2z%}TB&)p0cX
zq4{9p)#XC&L2byyhd;jiyAGv2AZk_PsxRivm-{h(zuS~KqZAcjRC2~2yG1SMiZSY?
z$bMnwOzt&Mc-)T&S%25n4HhzoJk4n%m41l9e;p8n1fW(Gn>um7NLB&uXZ2bM6J~E|
zLg#Je0{qNz0|uR*E^-VFHOhnqs_*U@{!Wlm@;99tGY8H>vU;f`vhdZfqoK8osKEw{
z<ciml;yJh}Nd47>F}Ayj$`Yc!gyby<pl6V9zun1NFEIYgobNAAQo@{(>q?G>l9KNq
zcsp&HZc<XClGs-7mGXQ)mF~E4thD&E%Dkd!r-Aacj!gyW;yYb<-Bmpfsd~Bbz~aDb
ziCr=X9tqi8NH&j$p7C9N0JCVr|JQPoW8v@JSMKk*vhvL_kP%LTJo>DY?BievYN(d`
zf#bQ}7fDNx+`b5XTnBWnp$E9B6>5sz@s}>RRsBSkJI9t?4V=T;GdbS1%-!06VZJw8
z9MN2VR3?E86A=M&cp$Z+YKQAfeiS!!#5pDJ_O!!S@Qh1auh)1;OrRO^RJcK6tLrwZ
z-AJ<x^1YlTxoVy>|Aph|^$_dz$whHMfC)&G{)WumrY86HjT<#%sqsU8qUuUTI&#c}
zfcq@<oE%wwA3>p@guXk`2lu@NMLmY|r{9Kli$nm0Lod@zKH2TvrZPS7<TQEnajo_E
zJ>&AhA}>%f_kyx#<KJ`*8_q{|mH~pQi=p^W?*de9J@RK1eZeyeo43aspFBB{Jz8N&
zz`ErsN^HgRbWASQB%0KLM@8H$T7!XSPDk^aNZE;JHdTj5H(vMIrMN&W@r8_^Y!}Q@
zPsPl95;SL;o<ms&pfx@z5VWMQb!=zsgF`H3WZ&ZMbEh)&rF7rfWc`mB_BO4CE??`2
zo$>g0Jl;3Q487IBD=w{(@mRr{)s6zv^<ZwaUz{8Rr72jJ@|P2@S#mF-vGL9}Cw7-g
zW<}{}>G~!t_ae(QQPYlZD$5={NU!Dol-*8shISQpZN1lcH2+ImxCmPXnDU|QUy$*Q
zJ$y+}yFJ6modA9P=l5Wq3;pKL`!gbvC1naCJ2~GKkpzHMO$eqW(DT{p6loQgTUd)j
zdJ&9>1W8I&u-r0tfY3JM==<uuLx8DP)CY8RL*!bE4eHE87(8w3(E*=#hDd=kJbm`p
zL5kr4vEO3Vo&i!sDyxzwvZYxrMpXb*2H<%~GCbF?aPUBkF~J{dlq<t8(Vi8)`?AH`
z#^q{bjiR~9HafLYVKs-FWbDL!60K|i(*U&Gs+Gs^Xx$qwjRMx=>1Z6QCmE$tgEY!q
z@5jH4Us(?Jc<6QERl4gn54fwi0Q!`7HTIX9Jfsk-xVp@Rgr!UvOFoP(Oub_&`A-GN
zuJ4khR`?3EG>Ego1Kb_0jvo>*{I+WnNZ#L?hhIyj=Ji;Vdz>1K8{dsV$)<bDbS{-!
zm$42namu@rti0?&23;V-*3NkO7(~@*?3EG`Q^)YR_t*@NmI_$#S{(#hV+w*}TJ|gw
z1!Py9ot=^A*<$^l4aOQ&>aQ#<eAY^fF>*=@AYx0Mv+MOo9=Q3%eXCn>)I&l8a%Pjd
zOA3dClYjCxewS0+EkniS&)`he3cLe*$sM;<JSt351#iavJRsa6^O-2kCqmg8A?n>J
zd>OrdXr^nSmvaVgQk~UO_!|U9jB{ls_}?j6`o)eV%@tsWL<S(juP_7d#AK-`;n-gh
zjmD^LmyEjBYY^kA(~7RXkNX=Rt=_*9HMxta3GTOLkjqA?XJPUtW|3iqsy`VG`B&F6
zmf1?uE5)-kU|1(F|Cd9~wG?@?f?sa9bBnfEB5rRyxkarIR->tzgcl26*)sm2T46$)
zN#GN^S=NwWkoT9eKv83P6yJ;3r7{iCSQr-=-;=Z?OS=3;pr|>(XI{eEsgNx-KTb+0
zzsw(C*5xe<@t50%d{Ptg19q}F%hfE)uDSv7<UI&`d$1Qhk@A>CbijT0lYLw6>f?SV
zLV!E9S}BDmiz}v7G>9-t;=55Z3i#4P<vL>*U(K3&Rs@(?D_q+vJN07Ne&4y9@;12k
z5xzg-@NYU-;zXd=`e{gg@bjI;%2^|zOPpPo(%3uI@QHCN6Mh(`eN^^AJ`Z>z?m1jj
zU-<LfwI?YR&9@yF-p(ra$*0RaURM^?i!Mr;5Udov9_iWfj6B{NR&{uDHUPCq)JA=!
zRgpOGe=h7E@h{Kfuc!A4&sIyP9&p^cLz_=><Dl8d+KFh<Bwg3%U&NyM<rL7sM8w9m
z#k?6s|2zk)(<~^-($@BwNztK|yVAk?<hrh?0RmyJA}Cx_bF5aDvx(-U=vlCj<2B{F
zo&`dULp1}Gj8}lVn3uYKnEUxtsA_p0Nrmx9wFWW^j)8yL=}t3ORS$VW%lv3bNrA{p
zQ7EE1cgKFTr;m<Xs%|l^s02uebM}gYAjH!@fV(GYTilg~n75>YvUZ*>PtNk%avWiF
zsxNMw*(f~S(QJn>d`RrZh*7KZl#-s$KXuva+0l69-94t)rW~WQ>p78Lw!pF#qF|g^
zTrOhrO4I+<3}3BoWGZ&cxca9aqP}D$iSy&1&fNuCu=F_tHIX05lGFkcTk)lukDbPE
z=X!xmHSUD;Gem?sEiCm`ndtZ@F1wvPmkKskVBn%BM-)FGe0iZrQBGn(hRyQ<%y*9R
zodtz5D7-k6Qr~$+$;CEB?sAI0_nrWMPM3N){83?qUBvuDkrC1Px5Uq1WVL4sJ51L%
z>JLudtEVKR49aaBf^bal)95|E8+`{+w9Jq5W<JFA+}R||C>fd6W*B!&4A9hAVD$54
zTp6YuLl4BHJKZ-!JbVu-QCWEQpaD|}X{SzyzO)iaXsRGRO(iz%d#~<U0F5k%@X2VL
zAMP=hU$1k%+wfW9Bwt6EJ-=_ElovcaJhxqa(u>MiS2>$FDr^$(C~%)eJYJ(>wb7Kb
z-*dT$H{Ojiirvff6&%#-Gc>@H07VhGP{rp}bIjrzte5IuSabt9wT}w#_}drMg$F!`
z;0+nxFIU!^bgE}y``lcqQ@f*hq5Q$Gb=f-9%cZ;0D{hafb~O)!zFLBije$(u`!Nw#
zk{TlM5@=0JUcVY#-IAZHwUMU?_nF9S3yg2XE@!g6ng>65FRv6bTGihfqk<|VzAB%;
z{~b1b8wg{)xWwBI+g>D#h(S27CpnO<zNO~7At0G=xIW~}%hq2Q4m0I#hdSvYx~e}e
z?yRr$db9TXzG-xa0aE{_qtPd-Bvd|<D;Jxcoa-0mv2hg%L<d#^YtQA~h=x>qsYzU$
zg=coo?XGK-Xh(z=SMQA0fBWopoO!5eF{9!pnI~YVQ{(|J#)PRt{UqP`V9>^(@w}Hp
zsZ<e=4C9xAn~wrb9=-hJDV8F1bCe|>zg~Lg{w}lqu+PbMP+zrQIro91%5hK^bt1KD
z!J=oxJ`QnOT7jn~ab&elplIXX0Q^zgR)^d}o-Uc##B*<uXdx#R-pUQ|^LVM$0Q&%A
z;oeZ7dxSjyY&COWY`9Z~(<5$O!j>XvV0wN}7dvCwnIWn-!9J5+u$fS61Jdvi-zV=v
zZ{>cC?71?1qfO+ejrE%w9iI=~iUjxp&hHPWywV`<@KSB$v%l${@3WspT?4~+pLO5w
z=2}{_aN6A>v}>kX)r`tj5$Ac*`!;D$&v(vgxnT%<y6N&bdSljL5<}3hECXZFIB7dw
zEC<(pvSk;#!W4fiDn?do8KQ^mX7EFNr1x_*NpdEfMRRg#Ele87=_&I!zeO@)oLzw3
zgsmD4@iUueIQO_!6M3FT?{(mNR`O=m22VwPV<K)rZtoW>2B^$2uANF4Ofgn$1<llK
z@CQ~&(0etwx_C>0MAc>k*~0T28^Ro;e-xIqm7?AGrGXtdmPOrCKLD-w%v;>h`w0#W
z5Z+V!xvi?I^J_zI);RCfuPsTN4V?;#7YzSMdUxXPHy(#&|ELSBn`$5BdiGN8HJ+*m
zxjWkH+RD{i;Kf?jWza29wA-o`+S4y+?Nl`GY;w!}Z#o@&p=)?0$kN)r!DTYbi*pdI
zQnsKB(qi1~Ba?4amg-S<W8S1tQyY!M0eQXA@q6ham%5|gM6iBMpK$GUwJR}f!HTYY
zRoDi<@`pHi4O%zRXsj|{Uy)wsD3;Gw9S3kJB5H3bBvY<IHorFn8KJFCb2L6g=ZIpD
zLY|MEI%Zp#4N~H^fvuq0bX5}`R1zO!RW&DZR&Ub;UI>9id}3?|UFVIs_Nic{AeUxl
z8KA5^AZi-(_;VM8+$tYf=(-3MkWcCU>vrpL_&a#`GVJ=AUc~t<=C`F?2;G{3pwO73
zBE50}=}AhPa67@pKV8O}$GA{1>8C_bx8!2wobkr}o*)ElRgqNU*Xh8L%_;=1xJrvE
zw2sm*b(29|s;HL`)H>)$;T&-XkFkB)^G?lwidz}#bsen5^D<)6UkQnfusqk(Txz%e
z9Oj-o+M;7huD*%7)o>+kM#+%NU~^nFxL#q()c%<<m}Xj@QH3g$fcUYdYe;f=Yzd{Q
ze@?lU7aqXB&EGg8`EhK&53U{0={>4WuH^ZpI^dD2mufVd@WL7b#|wW>1o6v21HM*U
zOW1z!7WpE&vWBQua{une6{S>UBQzjU*CwK0H@?P)5ueL42UHl!G8aCGjCVhkA<!0O
z?|X-MdxjKOxMoEOkZY)m@tYO|E9O-Frq10_O=m<s$DQl17<s|fs3z*}Q2B;4S5o;R
zm9R9dr^h7E=sZyww^;?Ff^9(Rv@Rmbc=PNik)!0He1}W{D1VNCkhqT!y;Xz!1Ai95
zL%nJb8wT(()#Pg6N}?eDiruXRGQV>9)0L=Hs|6|8mOWg1znu4t)=a;{Ipyu1#=$zK
z?|c6x=eyRC!Zz{P&IC%K%}rX;GexCMO2Sk%+D`jOBoAp5Wmr~rX7&`s14(*_Ik&vS
zM_80z9*qdgJl@Cier*1;-D19~W_NeTuQF)cH3JoMkyQ`yb_E9<yf=(!9U8D^cTSYy
zx7OdChtGeYGc31t$?FzhtY&5JoHcISIN>ImA)#efEl)=AAJ076xBw+7ZHC}68-NHb
zl?IPj5p4bj-j}lr;A`yK#Vpp_a+Y@GlgC7%^k{G+*(9({j69Y(3J8|l$ZUK65pphv
zSc@tq?o{0`Tj<Y9_z>e}*Bh!&MXrimGvOlSA}FjFZ-Z_uGO3ozqoE_aaZ+B&>B-;H
zSKT;rSS|e>8j3DWBHE%^sP!&91MX=A_Y&$gL9<F|EWuf4{zAYxx%xHwe6z0uR?tL(
zUR>jkujA!TPW}uToIZ;$)OjP_6W4BEf%{CUaT2P$fT^FMJ=W;m3woIIgkhR9ipcoM
zPsG;jy>v7@Z_p&^eahAFm6xvS_TXNq0EB(s`GWU3N_C0#la-Vx<w8d3xN5l-`uO24
zBquZTC$yyjbX?F5oGzeFtuCPDfItEg5zz+kmV7y%Vfq^1Mvqh*Yh%gA{b;m1dxve^
zcV_*>`8nKbUg!9+kSvQLCr$g-O->t}QGvE;l+$&sSK}l%NvebCiaWoEM0Qw%t|Ybr
z6^!gpyrIw?1>x9~;fI{K{d&mJ+*Hwur7|@?yA)+m&F(AW^(qNFA!rLGEA(GU)96y?
zhO5|Ju3Cqan8T+on9?SOk=fsVdN(p4(G=Yvn}C^0@dfZeECd^d^&NK~P6Wqx_R_1w
ze*=G@W8JIXfI3O8fj}<S+7DS;d^=L$;w1P@8^OiG2v`|QgCqxE%i{@IVXB~}%UfjX
z++UA-p|*sw{KoT#O!AT{=Hi9@GGI7H=?f>Pd(QwZv^q7hKDhPy<R`!#Bf1cWZgdD(
z=za=eBAm9&vMq*aIg1Sjf-8X8c27~p%=iNiW}N(;q0|Snb7Jk~&_;^&EMe-+lhtLU
z+RJ0&I0nvdO#=4{dXQ@kf$rK>*}Aio%RkR!a4WX@r4RCYw>d}9KpVqkvmuO=i3g82
zoT(F<<{*CGP-R`qZ<3lbN^eYJ2J{$-i91YKwAPmSPR1yP&%doyPe5Z(K)`-MWcL|O
z3?v{`b%lI666ZA_M{S5rTY9*E9&k{}t5pB8W%PL&E0c2jh=FlMGZy7wAR@Y_U%PeZ
z$m4TEfMrxmZ<?FX+rsj?C_Uz{kJ@622&-X$G`}QYh@lS1SUA%?DeP2~(M^`zLcB1?
z1UH>2SA5w-oCl{ErI6r~EM{=LNHt!9VS5`I85`f(85{cNzhC*#{m-#gJ|}`dovr=(
z2dz6b!ytqr--<AWBp*;scrL#j2m7%}?*2*mg@O<NR>2j;<@LKVOvC65>nOsf*Kewx
zDtlOe{llz|Z8#Fg&#yd=@=FwSt^_htrizq2+u~lxB_8YT7q5;aexzo!=QtPO!Ybot
zer-AHK98VSzq51zn-*ep19`p<=5sDmz*VVsqwfV1K|e@X{{HA4jxVW+oO)=)qMh0q
z^G~aSK+ZY?1(G=K;_*?bvMfBH{iXH%?{zksug8(^E83#Ga)shr!v!8m1M_ZXt=5d0
zyj<0U@JsxO>h;$xh%rwy{_wVKRyx_zP7S9LtCcjaqb#4a+^0zkNGDghncRFXSgXTg
zRSE$z=HCAt0YWTD)?&4n=IgJ+*KutOd6joYOOedL2LRBl&E#`GDexQ`lEo8SD|7T4
z<nRR^<;s)R#_Rln-+Rj}1Q?10Ms5r%6xUOjX;|7uXTpo6PX5^yL%to7h|7ML4A*6W
z{KLO=3P*VZ0@Iy_*$%ET=N2^xDjZvq^gZ5acB$tzB=h!*Wqpgm<2k(cZ~PP0{ZBly
zOzKC9mtV?lZTbXjWiFl+Ak%nz94<3;z}XE|rP7JZluDH3j7&lc)*Z0Kwm0H`ta}o3
zDws41%?ZW(rjo0Pu{9Hg1h<7-NsT-^O}1attxc(7dJ_+NbKQG-LYw{vi1|NY#EVCE
zjf$cWA*(SBg*U~;%G|!`D6t3`SujlWx#evpwID8IWC<F|U<wNkJ&I^@ZO5}GSx%;R
z57gIomY6y@$fE$sBFtlPW2{qT-4LooMV7oh7G4PF5Q=7v{|DmvpS`}k=MrTOpSGCy
zrcBC9=BEUBNKAbFV%a@696M0xsPkhvJ2*6r5&SgL0>1P<Aa6H?!CTS?Gz_ocicTt$
z4>c}`iN-;^#$}}1w=D0<;sbBU|Asg%%@&$jvbkT)x*6Ogb+=Pga<T?9<_^4B%#Haf
z8d;OVSP!Tci|%dlGb9l@V>~W>@Zh`_GdaTv{L7&pfY7PQZC@$=E}MUICVMwG`<j3$
z()EnA@DwE@aP%OY>mQKne<Id7+^4mr)5m#wg@L1XwR;$wdHU$5vo@WZ2lr^n<;;7x
zc{1XiWNXGCaQ7S#r+ZwFT!8g6DVXQNoRNrRDYNR9q)<$)_F#J|3h+r6pfsCiVvosB
znoT+j%KU6&6wL1Pn|66On0%5JUWL1+AC|5tp#wyuECs{RuwqGNo)K<@FyVRRQo7IA
z{*vd*Px)3g1A{{NN4OI+M!!tA!ouyn(jvQ4&KXo*Y8}xC*M*<?K?FYhe303FW)jnP
zbjJ$}|4w|~yiu2f^>S6xw9qwT)#-(0Wgp%ysm_6%75Q3O?P$l2*n!cInprrf{>jX0
z?dobEQ%=iZ({to)1bQCbE@3Hi-2>Wdl!YCXJU<nRe(5IkL@EVNy=ub9AgPn|JMoz*
zd?MkWw{)tJKipp$NxJ0oYyH7XAlj`Uk>3iai83bds)`B-j5}>f%iu@D%T^2*mP(JC
z(3gNiIYLuft(*Qo#$FA;0IyINBWz63dTUi%=_ctWb)46tZ#ee-PAN>z^m(UO-t1+~
zGJod+GgtsF&wnn3R3kc^8s=gtEJnsWGI7BizY=T>TU8?Cr3_zM&k=kYm6Z3R-gd9E
zVmZ9Oi3~rkOa0+Ry@rv@HWWI%D>I78no&5w&IgVBMt<df{m?F~&-D+|EwyO#uS}L3
z`pV8DG=bEQ04O|n8?%o!PzshJPUty7vYJ$gCmHd4gO99J67*YEOKotE+KLt(a8#=z
z)^(+@5Agm{Bb@WbrLC1fJ_faHt<J5?->}%H3<!%hjk~247a@h!h?;vX9-P)Tw{~zh
zJT?TDQwKw0d{cO8w)dmRW&Ohk7I6bVh`BEJSARUd<yy&RZm<ws`MM1O<j6H4H(}~h
z#!(Arye<O$#h1*aOuhdW(e;%d)g*Gq&D25sE{Ab>h%oSjzV4dn<Ae@%JG)m|HvR#l
z|HoMV8MMCRH?Q56@*GhqCN8Zk!a7TB4nnF8X>3k845yos0EbPP^DkE16V>&c43-p&
zlzAbJf_Hh|sg)7edF*4fA|yMwL_l0YL=*ePmZO&7N^h8mkkRw`;M+6TV<M-If1_Vx
z+hpVVw2cc7B$6(fNfWrEyY7G`w9^N*c`!mCLoEhV<U~EdpfI`Ej};|HU_`!LOMRF}
z*m)n<o(WqG?CpJfwsHIzxueV0yJPLy*yb=YZ3<hbrOPI!2R2kfO?2LV`bQ`K3C_Q8
zG&srAIA~Kr__1}^nLJ3FfyIpvUVYkip{IG!&r1k6C@S5l226ptK1q5G;^#Ms{OLED
zE;uv_^Jl`cKe#L~ubYi%U{Bf+@<8O7g+btP67{Ycg`<pVFns=IZyU3CrRr}asDJ7G
zIk$)|subwKbGCO==8i)zzq_rN+cRGtv~U6wznb<7ziVefo1_~T^shpIB7Ih~<`#QH
z_1uL4u<pWz$?=!~u&nvk{;yow<wy8Kr2@NY<R{JFX#)ZN&%J+iEuz(Imn~FQ*VJDt
zU6Q`d9$K5tcQqlLTgY4m;zctt@2LZ%wAL&|gC)XFdY$XzG}a`y_uy{4{kdOeCL4?d
zG-tZ;+tZCc)6Q%Cn0QRT(Qlf&GHoOq<nNYcjC@-mdKhL}#)8{Lr>tpUqErxXCx)jz
zV{Y93Hh~zPQX>yKYocX1+aHdibGaW>sDzZ*5<zz?u>$%|tcXUW0d+{J60eXhN7d7=
z2GT>VC%GZWYCsbBpV<`tF}8mORZHpc^!qkkzGO~RiMJj|GB=-Uk2X-IAI8(*k)9;>
z6$j7iS}A_tQ{}*K63Wt!ecykP!eqsb3%p*NSrqZ)N%kggel5eIonLoi5tA@odziMX
z&zY`O5U%I7{LR$l@~00IqL24&ac8ianCfqkW93mLQGG`Sj-3`dX1cpW-(UL4d9t3i
zSbI}i?_uNNcK0Tv0$A-P7&*cOwL>ggjN`cy#v&U$@}2aksxUymw;bU3cXG2opDGYa
zaIVXPi7AC!+&MDuOh%^~;HoO){-(2<&oK)~)pOU~)`*qJhtE>5XJ#&L;9^VS%Z>&I
z@FnqePnSu~sJJZs`3AS8Q|Ya_pJ#C<)93dYb$-{iQ{z~Rg<ni(q{bRY<rrwMpa0eh
zfSJ4}krh4Xfq&`^WWM`hkB>6CWMR-AASC(m*VO{YN$t{@0FLFp6TTgFcz9SxXooHd
zi>bpX<a34KL?C2Bj@;eEe>5oD%hvkK$<){L!eH9_!3I1_hj=@B1K1H}87rtP1&to>
z*3fJSD@lM_5g<^L8vaS`r;ouQ*D6aMTmxqJIv_1*8#za&<LlI9iLW)8pY5L{e~z3F
ztGtp_Rk7(yc)EgovCvJzj72;jUogc^ytvcpXlggdnvueIP`#YN(b~w<&Vv~?*%meC
zw4K*ZVR0r4&Ds!xHh#C>G!0a$^q~^X7l=U-=P?;B6DvPRF1T7jJ@2B$J&HtF_Tm6X
zy(qsB9Cb1G>$_86tI;-0wX$EhQru)u6jVUv;|B)otEux8Tk2Ci{1~+jN%d_lKtN>O
z=C;6{-wC!e&p=4aNdttVFZePI1BSL8g?7c)x9eea;E>pHbYNS)pM(KdjNhkuq^4%3
zh+#9|M{oMEWVM1P>oEHZqn`n0qZ(-z^`Ywm{co2W#5C4?c_jbBpB*fz{!N#9!}GyE
zP0xQC+@ewyQR0d`pS%dmj11rjlUtgI@>Md4({KlmPx&gicPKmS=p^+`(YdQJ9U2lf
zwC#Om(OCowx`Rz2J!^srO{h`&Afr2}W@F$z-Oq1+XN2Cj3?(@uZhUnPRL!3<>^5tI
zik7CqHw9X~>k<4)(=T{-bY5vm8>+Om5~)}T{CZ|i)7q|a5xQA5-%~R1rk})Zmjs!K
zD9!n(#H>UX4d>chNs>x{(&XE$dh^6yhz?IY;y1eLa(3bmiOHuV#jsiPDr2cK(49oi
z+E!slr_BNyLBpd9Y_>H#vqQhb+vVpbzt7CayCo&ZW<DrqRIoHF&vMDve^$$(Vw4dy
z1`$@*+h);?Z2kZX`OP{vV-dDM{j>#BiYm(J=ctZyZ*zV!cns9^_6<{^9`InM^|Whm
zzO2#b$VTd!Bv*8A<TnT<pfZ>cmQf2kY$l+zaF1NkT6Rs><hZ0q<&&5?@&N@_$b7Z4
z76>#D9;9TwI@<pq*^2(T(49+mg$EpdyluTw;b$>zsa9O};^fvOhWYDL^g`8aP?V4{
zAF2Jh06&=6?ZI5o9r<x~GDBE)*-p=ESUGOq$fctWyfQP#EMU{C|9$WXpH=QRpE$2c
zk$tWj{UkLg+KQZH)&Cot!num;T;0Gs+0ue8K}C51qK?wCX<uSlqlmLsn+G$q0;VdQ
z1jMs1A%xzJxo?UV2QN>=nKkAu3~sHjwKb-3iXManeM$8b*FE7elk%)|$oYr9|7RC3
zT>qQSrKfzt;=BInkT>qd=-w_@2{Iv3LRv^~1?n&w8ak{wK;S^YvMFE#pq@OAOYFq6
zG9=a$U;)dwnvdQat@2ppviy+}lms=qeXmR2=Bc&4ACvUt6LN+Q3>(=wn4Ee|`ZpPU
z7$fcuEd2^hRIGk))EInm&e#>8FfTZ26TuniQ3l!RA!H((f1x1Em`!P!h*72Y73}tK
zm`}Wg5PuYwmnU7^JkLX*s7394*`|u*FF<ysNg9+zKQ#>mEQIn~VV?fRh8RIL%300T
z4XeS_h;!8h3GcC<_H$}&!S6yt>TsVh`g_{*DPRjDLNIHj6<4&3b$^fZo5lyy_+@<w
z{Th748CL~p%HEX~DJT8Oo3%`F@D28Rl2=3cG9ky(rjzgjLP5!8YWzb{^Zw(1+~F$g
ziKL3lyr}NV)++85U0re3D9BehyDn@9%Q0(_A8ySb72K!vy+9jFg!G2QBBXoi;`Qu}
zxu;uKrb@f+P`R}gqved5*OL(Ui47ut=!Ff=-l4k6>CVW+*2LxC%+@Q-4+c*Dpl<hA
zie>jnFE<=p>k+<OMk*Y4WWmcP9cc1j<jCYYB_v^qM2L*-)tZ+*)~gIXWiGg}tips<
zFGhTN7dDa{Q|Q?RiycN}``p#6QUtmeDRCL5vJUK-5Kjdhe$(=0H=X+riVdV?+O|T<
zijML@X0J9r<asy#rFs-!Dh8cz?xA{|IeHAtYieshb#ka|Eh^n8_Et1mPfIcFZmeZr
zcXusb*j&*@4VDY+_!+%>-y0tFJ7EfXhP;g_D%~s=UlXNx=L3q!sMIo+d%=jQ+`b1(
zO=K!Ke$qXPF*q;epcugpH3&ykx@|$ce=(I?@vK{#CYMX!IUKkw_L(D`#-T9zV**<(
z$o_rbw>aR2(-uGP-*ms3sitoD$3r2=HF8Iy;`MBhU0lm6R0jmutBcXI$`&l`A-Eai
zIhYIK9zha<=hB>RA5d_YU362AbF51p+DPgv{c4$c0u^ZNpq`p)Uk}F)m9g0GELGd6
z>XYB;1_yrE%Qo+%oeZ`fbTBq51l$<wcxu4Arv+GvZ^&8N+r~;#I(j~D8-mFM|5146
zj=m3Tm-JYVDoJr*dv@;E0>dcvOAyV&g2*!NDY77yhz62}bN6~fYGjTKEq*hQSNbZo
zK|!kld>>g0VtGYe7#1Z$ZkZ75V;iqnY{*Z`$Cv4+l>w`=#n+RA7ps|tD@nvu!_NDh
zHU{y0I4h_4?xKv#zR}x+4vTBObp&rETMSe^suDtxBzF_%-$*@p_#3-Hq`LDh`n`-l
z&54>GZbXvOanP5YBNG<MU`om7M2kg;TtR1S<X~y-!$1D-<@t(i4?Uk{w=JCN#)YbD
z7m)U;AmQ!`TFSqkGhSgS#fka}?mY?U_m9eBK{U3ax{5V~MiXI3&ZWZ9TmIeAuWZwy
z<OVotwc1=evT{qMnd_U@VL-N#)6OHx8Nh}kKf>JdTm@QO!5v7n(piMEXllYqS^K0v
zJOAG!+y9gIWPgKWqO9kyXYo(hADe3yR|L$L=RPYw4&L*j6Mg-EQuBX9S)grVGZ4ph
zVm~+C_=?R~bT#8Z+;w{SZ#v$Si4P3_mZ#;vp_%{9D(EepH>gh9f74m+@2xLhGJ`e>
zJ=NosKWy%34!D25=r^_Adm{NBa+aa`{%Xe3-tPMHgOUL5;<D%t+tkI!9|K2H7SDu&
zNqu;(Pk3lw^B&I46q7mbH^zD`=L`-hl49jsm+Iyp&E*X4)}Eu?YL%zzGuLU7v6)nl
zO11Um19wd{!xJXA;OdJ_*G&CVYZb}VwM`q|twPcA(l@bK>9LWeZx3png@?z>a?5ri
z*ar00`IJcnBM8@S;Fu8C$FlV$(x-|h{2lUT49Kbq@6^yHZpl)e?dfNS=`bI_7;s@f
zZ@<LFe%TQ6DyB<BoaB~=xZN-OP>AKumuhMzYpa=Z-HqpH?G5+fyj9h3v<4m(m@r9N
zPQYcjM?p=Z1dgaje|&7;YJUrs?FKh=j^N~z8*Qyy1>iS(+p4NcJDju2ir8^DdaJE@
zTN(RzZ_WRN0{wBV^CONdZ{6Jhy^Ailp7~arSGjkbA^A34`%LpC7CBJ>&#FvOFCs-O
z+9Vf<DgAy@aJQsgwp(g|N2Rex?AL{RFm+ms<Nae(D6hPL2n$8J#S(0*#!RY7bf8%i
zLg*cW&nb7w5mklYv25WNlA03{-Ei|dvdPN@QfUotB+6|A$V`v9)IjuB@F3%bdo^{U
zeX5AuPeLtV7r3csCW^D<EVjI6t^@tK%v!H2i0kEcXWUpqWWV@uepDq?msZV!?-aXt
z|B;<pNqf|7$vOGDqZ1dWW?R2ouaZ9DN@zK%qHqtu?xdt_bxjUPwxBamPQVy@BH7NC
z<SfyX5Y~mWXW?cKqUGx+EL%IuFs|FA!(*U&KKxQL#uNZjt%@#dj#N@=p4TZXFtnKJ
z6KX@&3dwJYn0Dlf1lAl~J58qF0!{beXaWL2Kx_>sd-953_`^{v&W@sCVj$NqrZN7I
zJbrD>LS4r%`=wd13Ph&O&8cI^#bA!(KkWZ-RkWyacw(nPa5}jC47Vo|nTc_^PXcym
zdE10C%(ZFHrc18Q;sCgsxpGow+o?lpsq%fC<6J5%-MBOA9J{f=Xh&Feni!CiL3tJ8
zt*C&^Xz*wl8=wm2Kn)WZk1sk^w!d>uefNUb;nh-TACOrj{cpNz!H4#%d)7$PQo>D`
ze&CihmwWx0`}qqK3zP~@`RJ$WmsfoOergtvo?2<$mX2IqweFi0VAOhtsG$yVT^#TB
zqj2dAK>^^d!RK-;hEc0*f3jdeYs{v_#L0f9f%GB2SXi2sL!h9n_Pvpw=-QieOq}Fj
zHkN`l!29C`0$2bAK-EnB-_fzxd7aW68=h&e>%5xmD1L*|eBn3uFc7Kj{E{3wSk1w_
znuO27pE^*j^T&tv=GW{9#@xOK<TdxtQ2YIwj~wJ?wUYkM<In1zuB+>F@6B<*rhz%L
zP5m=;mT=DrC+B28>~;Kzd4G!4k<yA#cX_O2d4M8fN3;NjUti6Sy6AF1&{;flih+|(
z9U?x;`M|2BnZ&Mie;X|=J$RdFYDjKw!YDxO?+$c$(jH2Hnz}{%FqQ!+)4esR&5|W4
zFdMz2LaFDhr^~uAJJ)Nn9l_RG1&QTPMi~ITd2lh0mh*$7oJ1NA@LuPhfMoE$QZo69
zJqu5LQp+xdc9|Pum5w~X-ibQwm(x*<d&gGPXzq<pOR_$((brrI{H}1yI-~k#_>a3;
zhw$+iM&)uc@XQVa(?`z%TwNfv58{B@B6$W$>-IU_WNM-HdJU91MAv$ahl#=&6A5DT
zxfGF?8#T+?i`sC~ZNS-uFW$2*cf&SuV)wzw)3{%E-x*48%<*nsyBzU^=5be|q1-ZQ
z^WpSpGaX$i@ITYX=l<i8QWW(cR63pcAOBe)x+`*~yUsoLPvD)^BR8w^UBv2pGKkxr
z`U%GF<q>nOs2?U*(?F=*iMV=35qe`Es0js&4SC9$GP?KZja#+n^-sW=1)ai?pIfqD
ztqcegb&|E57j9@P{D`ZP5Zevpv|YyM7X{ap0h<lzm>dTs=!TmJ{qP^c?)Td_ZP8Bw
z0hF#35t(IvHcefY3_TGCSf`(JcN3R97t~)Jhn{!U*)CK`V#5}3NCrbFV=AdcxV`<I
ziT+~c?j3K(3U}6?+X24wRe4dlrk86}7JCje_ZkPjok!SHd{*QtvW&8mWrLt4Y(3`8
z{8f3k#`7g2&hoVpTs1C+`}2RV52lpkJye$m(ke&l$0$>;k3<dF`xL?h-!$Dyg86M*
z<;U}8-DZJrO?y8K@RZi3<Bslkig8t_Noe$ZiSp03`Su8OzZ>mdUae@ciN8<ojy%kH
zP&0vPPnQae552*`@w&S&0{<i2v5&YkBuH<XKUBMaS>v{V7A!<Zq`(d<l92KhC7wOh
z0olvHr6)K-MRd|^Vx!mT?kV+VTd`M^=Z}V)KVNFw)rxp1=OZ1nP=>iRjHn*K(kIND
zOEBFVcW70@#`lUDGA7qQBlz-9mU4&vrTOLLW~ii1Bf=%R^3fXRj7XqLx__i!3hVOx
zd1We2I`t4eT64ghcS<LCcqPAHoAj;BsUB7YP+CYT#Pi7^1V5&}ij(qxT`dY>?XMYS
zUZqeT#-ace5y<Tk8`;@u6KU&V>9ng}8=KwB6U1y&LT>bGfhVN}amu?1o>i<tLpT$A
zk~GU67=+UaCVTov$HV;mJYj#q8WZ`I(AeEKK<V?`zT~JOMW>0Rl``>ODF1pPgc<lS
zL)|>~hh%mCYJbvhXm5@K+YMOE<A!2%@u<IuO`%LCG3kBx+uSrvwgKN|aw#%LKviUm
zZ;<Xh^9}u9MRO*gUKrKtgB!)>TkP!6P~=ndDs6Htzuv_BHd6Y1SDzXSLG#7ex`R{c
zvtWd4If2@#i<Y<7KhHffcnGd8z|1~roA2fv($mYUhCu=MKVjKEP~Rs?xH|_ILT59|
zKAgXs+hAU(K)m6SQ$O**>R7pPTq_J?g#ucD(o)X6w+!06LGZ`a{9$cW;B+9c{EWR;
zIl5PQ>m9JZ{arSBjL+^#2KpPjrIxl<sMn0FevW#4WAy~F<{)icS)jnpn3){w`<5>A
zhiWE#$v-nwD474+HrumjXb*Mkq|s`nDVugZKcG-&YQmWLLb-5~CYoPB>E?erpa1JG
zna;8X=xQ7H`2)jbXHp=A>;&d!{5A-a`!`+0mF6{O30azcfMo$*Cvx7SZSb-!c0{bC
zMpFcT%`-59B~iBS`57VgjN6;?p<SbT%5cx{jp7wppS#%(dTe{zgK(|D{%<;S1IGLc
zT6$a6*+)6mGR4L~Q;QykN)2Rn)!gE{K}}7h3svIoDRpDssoAx3a<oy((cRF0QRLO(
zkarn>$v(0y1k0_jmp)yD^I!9p)J81|(O#|GwNpS&ehgOlVLNzTMy~Ab;PshbZ=;w$
zQ>4!e#BI*%EW(LhQt?Lpv(6d2Tyaggm0IB?1}(qD?o?$r5C;*p1j`2GSUor?w_ub5
z&x{4EW6r>y^~~!shn{Sc$d6wVccTVG-n#$nOaD<@rfp-H51JOzr(V>o<Oc*(`DMlM
zoc<5P{n%6eGEHG?GWiXdhvL+nDx-U?gg7Q(drGZr%~>=XUOb+lDCWEhzsqOxuFfXc
zl5JVE(R@rs%iPpkxtXOf&vkw1RZglPKhhC3cWf*}pDH^z<kILN94*>r%xb9ewLe(;
z$W%JBTs4uy$IfjuGe*a@yl%+7*X@jEGQ@zssRRCUs+{jzg1es0g)iypfA-w4C)V)j
z;qc?V)K9TrmIe8=2sA6Gg2#vYH%Mn6zd;d3vAkuoOwCz*`C4;_XJmu(NZ|WYf7d=F
zy4Pv5LL9nA`rM~45L=Vxrwggl1)Vv>meM5trkk7&t>rF;xrs*4GEM+7{O|QlNDq5z
z2BC&0^Xl8x1BH{jYX&Ly_Cepl-|wuS_UOYDB3IZndk%J59obH7#=f92b^`;^Pl{wl
z-bkyy>d4*c-Y{4#U&@CzJGnJKzZ(>Qh=(beA92|pGeZk2WBkk+W*O?Wvv}&oi?_4S
zoQlp8$%A;y55|g+q*Rv@C1-toB+Hw3$`u`X8KNh+veT=fOOr$u*(J+WOu$bqvnw5g
z#lLO9obJCWN(X(vv);{{>RY@EZrtbF%lCh@GeEH~ub%$MW^_*UXrNI%2t|AIb!_8X
z#8k$p(||$p)Ao^P7tQ~;_<y0vsC=YBPez*O5qL>!ZNsHkuDqiB;}1#?Ns9H)?Jaxn
z3!>N&Zc}YaDOAR|pyyvNKf3?04ZiUI%g6HHHxh}XPL)l5EJd;rJh>)@zD05J6}>_S
zowI33ozrtO$ZUr!T2-Tk2Ld#bD(oXP<VoLhx}<LvusevDH<0*F%ZjRL1}PQL(Y)65
zwT5aZ{OvW@#Zo9?&|OW^)j*c7&?qrHgSx*yk&p`!bJW9adlrq`YI;wGUjuy-kx5N5
zpQxF=&9S5Z7g&)180l8KYoK=xq{<{jhzX6wiJF)})sqriP<^(3V6E^g8KO$wt5}I5
z(^x=4Z@Lg8g10Tn1NpLXz}jN;plaLWHO^IV(o6o&|9TDhU-|XifnLF{J%!A-HpF1q
z6s6jKeze@yIw7h6-afNhb<`Tc@)RnilHA<tYl!st>^rbE&ZzVv%IT4~-Xgm>=pLwA
z!8EeQJrf=S^6iP;Ux!F)LdK`qnFejMa#z@;*MbDOJjL=+I`mH=8yNOQEb&=>&u5o;
z=)<>3$cGA3Nb`_dflk!dEhmMubllp>HD{PSZF?3F=x@5ZfZm$jh?*nIPxV_9dCHX>
z>87e|T8gc$bFm#6iaw?0oVXWO)A^}LAJ*@@XPWfkW<Yo%Vr)et>ATf!SMIRgg8PTR
zDDLTCYe&5pV-cqNuIfQyA1nEf^d}&9Gv^-!aCQ*UhAtb88H|`7j}4w0s5q*a<e`qE
zq!KifxSk$}6+}Ep+=O=bbYlw^cqmV2eonaP`(5BI9jpbI$bdITWfE(RhtgtYIuk17
zYNieSNF1cq;EnpM4%m^^QjJvNhrCu<yIR(gI$}?-^2I)&0<ou8#On0=yFt!gJ2YrK
z<<qQ~pL;`b#+skf|I^-gKsC9pYi8R~K|zW%5kjv*=v4)R1On2fODCa87ZBoB5RlLk
zYG~3+DAGG9(z}!ZA%N1PBfW>oKKINyd*5^RojEgi?wVO^va*t_|NYCC@BjX<yzlcq
z4|hQx#x`}+O#n&_<`PwJJw5HUO-wj)os9|i#JJ`r?NAB}OKn13#oU?ZScE9Yn2j~C
z4q(?DBMxZf${QXL*&ke5^&(}jL>Vc+1=tx|4}y!jIBK0X8TJ)kxCy#O4=vIm$E^}%
znPAr=CMh1jUX2i6ZMCZp<w(Rpjk9Xv<Lk`tfIz$O?roisSHC9Lvq9GjeTpCKy<y@=
z-&S3V1-h{3hSGKkwFwD?Sqx2u%SclPDdYI@bl(Pxvu{f19Cizlf{9uz<K{;S!<+u0
zpbC8MqY36JZ^jzTO7Cp)FjU7t7%IBk3TET95~hq%cF&)#G|$vZU2`1(Q8L@w_51t&
zTu!0P@8tG~q{{9#)DeGCkYKSGd)P;%Q^sg;(xpP3whUyf0er(G?c_I_9%tUs?cEwq
z9H0n=6O5{%H9tclKLRe^xc?80{(|0w%=WXd&7(xQliFVw*JbdOO}#HKLA7f>7jE;z
z!oaLEGDh2XILkm;Ss4&xLn>3jYSm2DqI)jv2MQuoX}fOwfiA`s8c9s)p9@#>DrOkd
z+otN1x33jCJqrv}gT+0COjL!E^I_uaLU;W_cYeXWzF-sU(C93aFkumEgh;dz;bv=1
ze0g?La+^|r1Z}Q_8=6)M9)UT*ztiW&mcEh@xlcVvb$Vb9dw_g5zz`f{lc-x5P>M}j
zc-j`R!pmCY>_PA=JONj7CweLkv#;jF(El7CZcbxeXAUzM2r~}0^wID=*%jUn?x7E3
z9tzb1rg=ww@AN?#800Lc=N#2#I2qq34i*Ap7N;_WnMCwyOr}Ax<{BfCRCZP$S5{Fj
zJ>ojdwk=U7;f#WeZqjLivw_+1;cfSaluDHMYsHi{6rO|&_pX)ozG*zsogGA*VXtY?
zYu{ciV=~EVd&J>f^=4v^VWcQ}z-pZ5)BWR6yemHWs^-qwgHOe7OFm7?*VA%_tRC!|
zx$I6`ICY^q$Yi5dNn&S@O`J>>+1M6rI|S^^w3VvL+Sf{tM6|lPCuurN5;|(*=_o+O
zWp)eAHM3z>LUIReH>3XH=91~xI0ZL{uj&f9uIYbHplvr(+GF~Gx3myC!|8pEZ*Hwm
zkM`kF^3*DV+e+gsa_P<3Pd((Prr1{&Dk@N@Su+bKjC$m(N{`cP#}A@sj9vG7D}t}~
z%s<iDn6~na(~!<25Ols8zZkLGPsCI+zW#>-{L34@L!Yf}#=&t}D>%J3*@@z!waG^1
zg*xFMV>|Taw78Ps2Gl#Ns{WAqfCIS$LX|wp7tcs6^_<-M_0}o&F^72gj9wYsN-rx}
zk4arqHIgTiGpAaaB(3W>9ibq(>nbtrhX)az&jDxCx3=DH%B|C%10)c{&8vrBc55#8
z5Z$X0`(DIRMAO@IfYPpcqrtSo)QbS57jOTfEoClz3aIDtKvz?Sv8ikat!sWIEThu(
zQQ91R;=O6*Ekb?eJ9=b~Yo^FM68iGp<YQHy$4{!**n~*$kBH~I^_%vdjp_B!DU()j
zD@w|QkeyjupEUYzbC*d+rwS<TE8pHd;zPhS(SK5n4-(^S!oS^JE5!1bD=~~)gXao>
zT8W8kG1=^3xK?5`B_#!TlwxwiCfP0nrq6$-3j*S2{p1Y7S*8{J812siGz_OrEy5BN
zUVi3{qeQGqPcl@ejpSEZrccWNy_nifvJPk}ewCS+=JG=_SZ&p9x6C=o+!E95a^;>(
zv_WTaTqp&~#IyP~%s^Qlt`j<gf?k4iP}2KE4g0Y^UCK#a>Z6TY>Nlm`pt-{*C6rgE
z!`^As=kmlSmQpfRO>4c@QI$Ol*~P9PzflC@$A9iQS@x<HnU;&?*fDPRLs%mZ#=~~#
zqHo1oNtyC5I`K?Yz7>(KEoT!kacUnu8p>L;MtqYdS9li()O^3kQnVYfnInC&C`UuT
zo;}fsaU_=D+z*!5BfVEY{cs8xe6_0UCKV^SDD?)MI)6zis}Iueudf&(RaR}J0aDxS
zR0|$eg!lxy)agQiVobqmC$@0s2TzJekZ$^_W^X2&#5=%NHb=et?2^jIs$BaRq~~-J
zJc1ER&EoOQCc4Yw#<Kiyi1>8GV(Tl~w}<ySwgftfUxXh|%ZSxDHj8H@e?1x5(cFuC
z8C2ptU6GVVThL}+FROX5-_2Ff7|%YB$@k3H!#iXp?$nYpUdM*>Xj)fRY}!_`MdmP8
za-)hNo^nr4%4^HeTsPd=#<O99`LKNlA>pr2Y8Zoj-s{eRRtq(hO{9PDX{dOj$!pdX
z>Xj0m@6RTF2o<POTJ{P1c<oY|sZEZdXHMp_z6;FT_;~|oF;1X0NHlLlJyuZGt80;7
zm4{n3KlkR4gCKhb+rpw4)MsriMP=lbw=UZ<G3AG*o=#6j?4#t;2C<6OqK1*UdmBU0
z+$3WM)%Yh}_CCs8SCs5t0d5y2DQ<uH+Q3EKf_=bH`1X2pQRhTqQQ(5|#S&pwjfO8U
zm|#($P~MO4WH&(O4fY4f_s#DcW1pnI-*+<Axv*?q9?MYRfSRp(HQE}rQzTk>lI#s~
zlJ|?7bhL~6r(FkCan}s0J)BswwK>&$J?{@Q{6BH*{nPXO$;L}qQsk%5)a&fI;yHkK
z@O@sa{mfoi@l4@0#DdXnnx}tq7=S5>7{&i#&PuY1X*kt=vC(o{?W8dCjl|g%7rvgI
z++7M!tBQ!6j$!mr`+~vArEh{YgRVEQU$yAz-Dmty2YQ{Rs@)LIs}7?AwOs|*mwr|O
z33cy*J}N|oAXSz#mO*x32Q_mPT%0drQZ)BD-t==22bosZ$Z%x(4K|S-fuYPDA>o-5
zDH4Z>BQ5W!@%vJiI|&0IOor7elEffc-0baDPs^9kdmx#1ZPsd7Fn4XzGitdwqC6gc
z#s3a%OG@1G7+C#Mqd0sdfFx%I5dn(kg|Y|Hqtwra#`}ZN@OOss-^J+%?A9Myj;~;J
z6ZP~xFU2QYhbv`^*ap(Ce>V2vj)7@Wg(`m>-<}>Yk^s_%(mmLZ{3smKqwCRC<In%t
z8f6l>)ewS0?I`rh9ecll3B04xSj0T*)MHobcBW1czeQCeJF9y_lGgzOji_v6Uy*an
zD<(Tg$dP=_MLpj~#rj??PO;po?`_pI#N+@Ido@AA!%1;z%7vv$_VruTZSpjFGXqQ=
zfjajnLnET)O!8$aT;M%$RWbx^RNYajzM9Y7xd!ss4+mO8PF1shn?Fy$<{z(U5_Z(%
zDP8-bVI~Az=RhaHqF;t?S+vQHNOpGd`Pj|O3eL1?_2G5F4rjt=_zLh5a!wZ#hX=-3
zXIs0GSJIOn{oc`q>ZRKny|pTY)LKh--1qE6cS!Aw0#H3LNx6B6LxA@j@Vb6Dv$AGQ
zI_+26DN0jeJz=FC$%s9<rB=(A5mH+V&#+qVDs|(B)qDjo>>V+WAE6ulK9SXLcMkzq
zZ+m?Evu1bc_mSNT1%HgJ{%K?Vv$Orf_Fs6vHm}l|Hb1+44(P66E8sAaII~=>UcJC_
zq#t-$_wW1L`yR!c!iYgD;y&SZllq6#94;=uI9F+qNT0rV;=)xGI4A|k2$8cApLy4<
zj`$t8NYP%_Gs5B3z~hpYFtH=%tJ}YPmoN0q=#y7gJPj#$O=b|pP`VNZI-<F?&H5c&
zc%0r#{JW)mC0OK$oQ`DCDDqA34Nz1*jrz+m(v>T3AN*!{M6w)z=pp{yQoZt4=;$)b
zw&F6QTBT{Cfb0S6Rk5N|5wEdYMmBqmk{?EW_$D%hcn_>{gw%a_^@p7!GhcJdo_K)e
zIY3Huf|Mi`&Sy1IjjT4laoTR|oYtTAQ?7EIYnbV{grikV{tGRpo$mskyf8^GtBza=
z{+N0$$8WQZ2ZB6p`h3ij`uvcXX<5E?6C-4FbN?_gj(|7x$!?`TrAF@n&jHnLgy0`$
z1ww|qzOVXN>w7mSqN~XB3Ns+Xv?d(Rs-l_xHHpsPw2vf&I&)?@^M}U9B`c>KSXf0n
zm()>SJ4i#J?Vi+J$8eI1AGEPtPkJI0!<*bL+-BI%C4c8EE&VJ13sciC3)L5_jqx|Y
zQ-Mbn*)LvHO~7VIf;xy$pXk%8Ggm*ChD&u=&DI3L9u*_Ai^%t=XTu?KBiTG)TU%QM
zjA%)k$FRh|+`z*1fkqfdbE!J)o7nu8NLr&w$C#4PHI=GGkpTHs^V8+|<_GTQfMcLg
z0Mlv)Z@HBY%XK^9J87_l2v8*Ldeiu_UA^0S;$cF&)x9nH9~8;!EDDu3q}t~0UJ%s0
zwE;aUr4Isq8W*f?$ig(qR_~kxe(9G>^C%$sQ9Ws!ny>|}yknRoD=B$p`j|pwmBMCT
zk9GVH0+CFv@osUZ*V~b>r37W#5A*2k$-Fr<???CGi@?R~qoe!i+B{+lkmZB4Ox6g4
z%sX&fzP6^kpNu>#*QO`RW|RLMAfomy<}8%$Fm=(d{@t9pmDkK*j=(8AgDrL5(v>o_
zxM43%NNQlTDC_GmUe0A%s^t4H2sEACZkM_)uk~ZM<LhkGaEf|GO}vF3{uW10C`oYR
z0Z@BHdc@-_1Tyu$np*j2Bvbg?Pptl#=EBVVOyU#0hpuDFkOrR7W?gzjr+qW()^$&Z
z(JL0)3_|lkx`5v-CAw0P|7H=h8>O)M&7%C9g?ltjS1P_U4-tLqx|r1{t=%>+%fDH;
zMk93%bN^x?+ap;VwxwC-Ne`@s$3<Y5o4>T1nW+cXPkJq$Bg16x<1im;)Sob}UQ;0&
zQ>7-JDGr~FiN?CK3G7o_@U9J?nHm#6f|_^qJ`}wE`y&qk{D(-1{{)oD1-(oJPOv`U
zBkMUJ)?Qf`QsHvkHs*r6q_ACd?e{p5Sg+F4I5G4dB8s^2iiCEljGQkmOv9cAAGm+}
zV>v{jMqiO!hRbs!3tRK7F9;Hrz3(cjIo>L8Q0Zpn)sQ4pIKe8VEUh6ue!rwa^Bc43
zp(iv@F%{K_LW9D|5#uBSE75^x@nZhp>g3J=IQ5=$K)*84ME<8K2|BjQX>$(v!FCQ1
zl-9j8b8Og%z`?<YPDZ<vyXqBh%llK8u;sRvooRv|yJ!t)sV9YOT*$%lhrvK9ZM)Lc
zw%SD6ML*h+!C%O+IP)>nq+`rtL2kP?N&Brxpr+C`At&MIYrvKA2Y<T-q=kF#ab5M<
zb34Q$_K_Y{ai7BIX!Ght84|g@(eLYrbi^O$Nq+zY{VAs9Zx{L>|M<heK)M5em_)t)
zU9%xGaA4`OGE^`)y0!76jRdZFMpR?yI&SVnc+3Bf3&LTFL13{6+!b#kyy7?H(Et5y
zbB<*<V=2xwkAa$)wHz~PU#mgGV62TP^l2xQr6<HxTTsFrd-5W9oW4M+1<C7-=?guk
zGghypESt#hV63BOr7O1K47c(*Hjf3kJe`{3ffF42i4<xh{ZkV`^~H~dujk}hM4y!B
zh=)?)ln_*pHioVdheXT|qdqz@ClIO&H89iMXDc<in{(?_p#+IW+R3&Rq6_yTqPmGT
zwbfSwZBGou#bw|PjqE1e(>xMQCZ%o!Xy?k~$@pukZ;sgZaNA@G^wy@^nj?k2gjLj6
z#~iNMmgsX2^E8HDbufCPmQCD2Znl|c4Z<c}*b`RPfLaeyR0{cC@d1NjOd)lFL;J3o
z3cpHDtW~fqY29wC_wsg~useg#^qhR{Q$XBOZ9TiU%h(?27CB-tKnm--EGIZV2e48-
z|I<d7vj28ST&zcB8!Dz37F+I^$$_t@C1}%KXp7BWLXkZ=2z$F;l{sr|OVWv76kki?
zZ~xexE4W?X>G{-XTOwQf2~c4p7a_(?Y>it)SWp;^QcUZ8m5#+gRc1_fG%MByvqa6a
ztDba0&aRYebZn`H`eQ8!5}5irHFx1TIi5(vRJpn{%H#Dh)vDnXW!F0kIJ?Qy7CT}X
z^!jKws=G4NywFW$6O&>S{`GT1+-gq<B*6vW1u@YML+@Pc#2M2U<@WZOLI-x4UWljd
zFOAgkG|KL?t7C3NIA?QYDWQfCBIFgQn_+Wh=-P9@%U~l|T=Q~3A?wZAqw9>NqT71b
zEu1!7J?;}%{DfR82H|X{bKc%-Im_iL0cTBr151!QH3tlC=uB1W^KPed9cxx}zXx2X
zO8k4R{sGs<oAC!H;D2Wd{`=nl@~=O5Wk{$0eOLbQZwobd7sn}B*DfwDo}p!(#@y<q
zOFf&8lBum#b!$kJ-C<58|Jm%0;MLNoW!9s~Njt9n{p#*Qr+(<uhv9&b$f?Dwq;7?+
zsi{a}<Pt6M%R26Wc{-s{T@OkrrmiX6L7C<gYEZ9PSfWxrD*l5;Pnc48tRKN0cSCLW
zst|4&UJiDNC|iq7icFrgZk9u&fV;^xoDrK_hj*7{6+hZ0>1GQq99^zFnK!ey?`FJu
z4k$}iI|uB=A6}=pkzMDVvb1r%u$rQ<)Ncb`0=w}X%_^hp;w;2vcjp{%`Sxcxm=U!!
zeakgzxj)Z3Ix#nVS}qz+5&;rmw>G)$5?wRla~5_7LmYANmQ!EatqU!e+gQ_?nkxqW
zK#raRa#-oI#&_|2!g<XOvtSS?)z>z_ur<JK*j?~bjZLuBU3pVdn&F0ZD{fdIh1eP$
ze>tmJ6@zrQ^~~|<e?6VyXtEOD{Gf^37q#?WCjfzW@Tfy=?;JqoRTizPVIE#!7tJd_
zboN+C8u2ZB+DygH2IU_dD^N8_!Znzx8K;rVZH7&l$yKt?ClWTLrA+$8*_=<QvXzlB
z0yZ;qL=lq4B9YTdun(UCEi!Gql5-B|c)#+VlQW?M6p2sPlibGm?7SpY@zIQz7}$=r
zU@YO0NvS}Ea{7?{IES)#g{CX*7%3U<m{2+zkiiAT);Et+RW21(Q>$(hy1;2{0)1Ef
zZakd5wTrNx8sqO4zRI*+`g&x42tlDP^rq^JQ!}0vrr)KQq0ty~+I6aLTNTf51BHe}
zBqR*5JV_=cS02|@)_c~+_QR2_CmIUx005e-!Qa~O#fR&c&mO}K&H)~Rh(j)=9wo7>
zdhm_i1NEJpEt`iuqI*4fJ)Ck>{Hnp#8u7es{ka15;wQ=Yx)3#ad+nEN*6AL-t|9bI
zK%aL;jjVYFdu8zXT4q(XJlK8=zVAwg2x%hWM;{$`;;izM;gp%JeRUft!Eft{%Kmn^
z+Y4{J?pf|MUZz1`Qymgrmn`_Lza0(nU)VqsY62(A{3EJoMy(|nBJ-ZDuUpYO>pTnD
zTH;WN3(hp@wBSsn81Ugis=|~enFXIbs!GkMVTeEVGA$jGnJ|of_hCg)!dvH}NOQqP
z>DIFA0!Qa|cm<<ot=xzhQz%zkDk_}a&+}IAK)`2FBf*pf+Jl!wL>#knTg-{Ka6ZKs
zQ!5Z>L+-rvM2s8CB*i$4J!$ccSZWvBcxdoag*u&BO?T<(Ie_1}Y@^$>wGh@}QC!m0
zwc|6N*s;kD*I%6*`vw7tXpUb{{M9QMS1;Xg^=bKa0)MIc@B?&kaZ?j})-$l7YWzLf
z{<;|*I3yW~(vg$v;+xlSsk<Q)?lA3XRiyciUM>|F4xHS<vRN63iQjh2{bWtxw0m4?
z)XzUE9m6`kF{#{kU5lqh$F4c-Vf}-?j;&-3+blEdPIS1r(M)TbX$mDiuRJxLA0G#v
zv|WiEitbI4=&LCDVgTh6;=O~pY6{|d>+PL)RN1FzI$OqlcMmx}@F+|HgA1lwE}fx%
zhno#27kr$gQimcXm8xET^4Cu9(t+6?m44i^-lDmQlb>=7YY6+S51r{~Hkn-0)z%n?
zaiXm9HMij7hav&1p;mX_Iy++NHwHY}5#tt2*CKc68=DVvcgdRi?O}v!V+Qz~XrE!i
zPROFwG%J0>O0M#Udf&v>R@YTol^=q3**PN=gFcYy+WvyE=jF4SGX&N*Boso~uw7kE
zd`Fo5c=Lm$Q;Cn4?_44z??}aqnbUx=HvE~V(#39KbcY<ksqr-Gc9AKn+LCVJl~t14
z*Q3nK+0j~7b($pdIImJlMD5Uc+LJ?Blkl*_`EjGpKGn!8uAOgtb_)0->?e1*LK^qq
zR?-#1i=FVs%@?>+*DOO4PC7)-0pD}<oN}$Iz1kRh_KEzX1Ed~yGV7%0QMVr%OsoPy
z3^z0x?1FefLT6*Xrv1=nIzXNSKEqi1>#!46JVUz7)l<_Tp19^~U4ow<*m9FlhH4s#
zlxcDEsz#BW9cs%qVE-b?-K2(9{mqFms%|~lqfAA;eD4oUSE`wvIKS^qx~p=BRF4NK
zQhzNHZkgGvko35uF%#X7LZi7y&o;_)vNz8Gl+1ROGVj{F99JqqzOYo-#-bc&U8%00
z(igYIwyY`cusHrx$y9W*Ch=LX|02`!c!^0lf9Cz9T>98m9J1QXoi8n>*yY2dk#<g9
z@Fssa-@Hln<gaUp=c`*seiP-KC+M-8;6CRUu%m@vX8PJ6L(>!n!QWX<C0Ozlb+#@#
zRezXbs~2q(CFF30wAz90oaRoYl^J#K8PVq~7-G1Xjyxk50f3C6`+sd&|98yFPZLH~
zYklrzS|6a3j5VQEF)K-ij!w~aMNx=dHS2T0r-1SZ`Ss|D$p$w4kKdm*Uw^Y=_65d*
zL>+dk(&5b~&+Z+JXUZIW-(Sv|+}kr8ag|_W<LY)Fo;hswDex~IoE}}~sdY%5C$Wgg
zo~1BmM2K%hJTGv98PZA^p+!>{YQc`k=2j%K`I|6v);S=raQGac&vy>ke{y;>bmlT*
z3dCqyO2D}t47jja(e;#@TVUeyIiLXzX@0WIlv!DPs{qdxYZVtwNbh3T=ehQNdG9W&
zahRCjA{05<rlhh@iJg@YYYZoduj8hR39r=L-4c5}BQabF$3E>=1LXb^_PdxqaxcEr
z1y`kZuB@#Ht|JYu(UC(tBG*^MN@w#)R%pB<9ixift9(8qZD*!SACUWEEdI~;h5G#{
z(@t+{fbQWFQt!Oiw;I1BI!~u=&|%X>;T)nx;6#xUo**8br&Stl#Dj4uuBT!O(xZ$n
z@WuFTt{SjEt;Fn?ONa@lvICu?>Phz#^<Ej7@u`;mrtp9ad1h(@8ZZK0sF#{bDet~c
z<-(jfWIQyQRVjB|kOP~`vK1cd7*gPznb26V;cT2Gk@1c}j5k_*s(J#Tbwfk8h;$Mo
z&pF@&&lI+K$Ukf;)j~qWqvvWG$}W07=Bim`#G3TD3%0WX8M-V(pSAB86~v)r?{PpA
z(Pf%)Dv_(<6W=n)Rblt@revCLok-Z0*9o&$fCOH->{a9Xvh={j4{-e>t&^+zA9*Kn
zgKw351n*DA)49+56rn5+KZ>T0<_ldj3F+xn^7`R1?3|SA2kq5jo=780NKBQFPPXe9
zCcD?O<YMn3+1xrRx8`FDJbn<%oZ~T7kN`D%Hjm<uX0GV<6~F8|DJZWhm=P7Etd&j5
zvkK|$4YMQ=fnx{#FqRXr@yRWp(+}CYW3kG*yctP?7LOwcZqWk6o(DDT=)ShJIsW}A
z2&q~-3Uz2jv75<53j4_F{d+q{4^MuGMxJE~oCP-!pZ*2F^#8o=>IE3$SSOEhv|jEu
zshhGk<{qQK>CaQsxW%-NFczrs`Zl&mX^mv<o(-+=q4q`ZhxpWcO!buFY~d+RPNjM}
z%sJjd9GH=6>augd78PRusu4`nHiiBx)>u91=9h6<)V6MDRpQM(rh2K!rgGzMlVAyL
zRk$39RTixvSG{w$c&Lu-mf@D!&a-z3T`R`gt7#%^T<9&yRfUZ_;?=WQpHp&UydQJz
z@_q^~?6_ni0posByS4i>Eo<Q_UVwZ(;0;z^0nW*F@8wTe<F6);yYH4WjG(YC7Oh-_
z2r!J%O60Vo^c*m5mEAF)as`^S{O-wo-3_(tj3I*g!6>vS53gz>Pxb8p2%Cr;iA(M5
zVzEbXwVZM;7_GlLY{=akm1J)(reb(1;n^%EajcuFd`$JY2S44hy0KF1Y@~_PF<G=!
zfXg*l4X0(?DL=~?`f3?|FLS;i6(q+s^JQiu&&z;VTzC#R>2Wv*Gz(j}wof=|)K#Qk
z18T=)j-!;fKnfp&@58ELeKJFGppTKPKLiEYrzg6?&2OFq=qnp+gNnW!JVgurdXzeC
zjlOMaw9cCETQ?UiKw_0vx7*Nr1XAQQw|japzkI52cb`zr##$tYBuEtX?@dGoJ2WbY
znaM}v5ZuS*9Wc=(=l4^Ta>pm7tq7@~r$3ew+EAxF0_yKql6-=)ak#Yix@ZEj`BP^=
z<JV{PE-I#uyL#<zj$mtn*tl+(+9U2EYs5u?eNtHBdw-`~N~BnsgHAcO%%DL-KtFQj
zRc_}aqEz&$(WCf79_8xKyueLL^cJJXu!ETRZk$g6&Tn`x`Bl^SkDgqU1}_;!KTXR<
z<$j)$yOHWUo2d%l0D#4wguf1Pe+)_dyJWB5Ifnka`@j4}rXPL|cviQ5{3)2Imrn8t
z{XSxG|8L$uh1hfoR%lIN(G4I3l|ev8&Vm(>0Ze3g#j;|x_coBmVJ6F#={KYB7wKcl
z#v5bxTROIZl-L{uHP%H)G<A})K<-=n$8$iRyv;U``RUue7wYv-pN;F1Gz044i9@U!
zL2qWBgmcOiIN_L;{kj!HjMT$<At6X)q?-tkb#PZ91b@bvnk3=W=B{ql2$D)OFBxll
zI_f2(7O-bvUknTViL{hsNxgT|;nwN!qB$E$DY;V`ROVuPLw^IE&ye<r^MZpZumGF<
zxoTxbNWMNiuNtC_cn>zlG;Xq~x~&85R%^C0d(CBIp~{phexV78{j!#_<)`;{<)Vj{
zHirWWatb{{+eH9?4@Iy4tdc1V*F7i7G;D+5W@)4OCphhxiBA@c#qKtxck<Xy?X-<4
z<J(k)ghZqHP_ORdSdMago0Li8bW}hwpwaQHVa!R|$Rk#Zjx7}pk_y@0jl5M>QnPQM
zR?;jTQUFU_MOxYo95-{H{{B#xW4;Lo`2i63mb<LkD)WaB>)oR}>9zFEA0p3m*uPU^
zVt*1EP{xTzYbwXm7rk{3(It(xSg#@-Wu3ddq<$SI-vl*gMh;EZ(u|pmQhx6c5-_zP
zapD^JCO9btk;MozzeBf?SD_|&*iNp61m^+VF$I`h(5P$3d#l?3z~S*<>*D{sFFULG
ztEZ0f2cfNbo60H}3DryJC>SS!!gQ5MLFVXGAYR#|Gy0;IYYd9orcB31cLh1zjIYjw
z62iW>UqDvv%+oyl+kN}xk5M#Ig3Ir`s-H;Sl}m_9TLbhg=J9un10fwF^BJwVCza1p
z&IZ*MHur#Kl%2>>nA5@*NQi?$bB*b!xauhN-I#+sW)`26q>dF3a1g>K+W7O@q$ut7
zx$#YrVYNEhB~eaFsdjBo%qiGy6-z2vG+k5lT8bVpHOUO<O^V0VIm+gk!R(DpV2jC`
z7$&Dy)>iJO>yOo;(`#u#c*}_<g*e-ZR5hD497xR}3g3sUXMbpobL@CNX>n6DFu#MQ
zRIH9fQ&z6EX3ex3yST$Pdpu_ML29EwD#VJx%FBSNEbImfZGg(IN)6Pav$qk;eJ`Er
z`bs@YDd%S69P6`4(-fF~?jQ{JOI|H=g}?IWl3b<8SmS1wHEamSt@>`oZD_|apVYf}
zM(voCp|`4ZiOis<C(_@I!es>0r19H%I}LhkYWLwq`^L^5HdLsQpzQYeGme;=6=V04
zVg_9`HdU^!2rs)<zO=fJy=4t0vSp1K-gkWil!a3ZeRCCXZ4n`kABTAiQBcTZGPvmd
zKC@-VI|7%IB<_wd8PkpMHJY}UJ6!kSf2Om5!&c{Yaa2q?_$txM8Dv)E92T`WrT&`a
zpubMZez*t0#SLcX?XyQG9{In~3EuZEXfMOamK|t=lDomYJ-u^l)*vhCQFFcGurQU!
zGHO0w>_=v__N1G54N_M?(x0w5zlY1$uEc_Y1tp|l^qWOwvAZWyf)#6&AShnh=Ho`a
zf{Ceg#G5$rmwzIFID{fPxV!i0bUYz~vGB`ppY`0esVZrEYhc!D_tl0zubkuKNbo$*
zsOVPxpmumx#f)ZNn!n%O8VmpA(n5yW3}t;-g50C<&Hz0MAvSmU?gH15BCcU}k@zWy
z_G%!W#dAa)azK^JGf6#Wy~Yz(kl$xpi-9eP#M+7;E<+>N@Fz44bNxxMCC~86qJzks
zYTX!5n&Iy?WVG=sf_bo5F`{n5c+Vjpe$GFl?_Cv(j56mJE?*vXr)>|+Bk|Kf%8!nD
zBY`}oN{J}7vQ~}ivIu%pxBP;>a-NutMG^Oo(q#~kw{|k#R?z64Tmn}YxolQGImeKT
zS5$Vk!+f^Z;<vTF5#B~cS<G2He3e6=Gdn*E({*Vlyl~nlLjI(4nUeKYn59vV)l4V5
zkDWc!811k5FTYe$_y3477~PXZYM`?jx{}-<^QL*qX}}?-QrxeGvZ4>TVp1<x;rE-o
zKJ->Z-tW}Na0bE5-?bH^VS02-HDw70#x~O0obANWr~V)gQO&*DxNeXtJ$d(l8b4@b
zgxWXP=Ur!B{_skz@blhivDlQ|A7?l-H37*c0cF@k7W!q>4{f7x9yU!5|H_MHsg!wT
z?j92hBq|U6431o(6}}u5IDe=U*jYxT3u2+k+R7StD^zMos{(E8a1ioEvv2Q*QM!ZD
zx=gFpcPBkA!NOL{W~&Q2L$_;VoS!AfCb`{?y`yHMx*W|;P|Grz6lI8iJHWr>iB>(4
zT3z3uhxF?>#aN&j;}SxQe_q#F7udh+qvXtysg)KlB*Hf1YUNVi&tF&|53@j7>#XCO
zOS(+`4}k1h&`{mF5gwRRU>2$>SsNEag&<o@B|ErMYB9mt1ZE9-u4gorH!^bfhF(BN
z(6xMhWwvIkNS?N4lUdy2JX*_*bHJsQjerz-C`&C?&a<38I?$Zv%?47Mi~|j}SVOcB
zPAwKycn+4y&lR~ll($~~rOUjgfyif=C05SBG-5N!!tTXiE$M!5v&*BczZSo!`FwWE
zW<MmVEMx+mYCD1I9oiIOx7=zPWC+9Vym-c-X&ydY8@0R(eORh@>b;N^%>h$<V6;>>
zc9|h`Llc|GjzV+BH?^(wd9ZK~$SBPlCfXQ+xs(+&S4wf~_MBf7%S_ZyxHyz`T&lKm
zZD)`f9!ZcP_$g!Ht4=4{l%$Ux_u9={-EPL;FcW&1tSz0#Q8Ce(qp69MfG(!U^DIYa
zx4!V<gp1aoLBI5zrN!rIFL-%^lbaPU;PsK_p4L-fFKhe46G%E~HE9ad$iqE(L@D`(
z%@FH8*JkRT&JbyVWiWsy5%g6`%A;zd9D(2$xNc6RIMR3uE&(}CS=gqW9wxdhigs^w
zJ$om2=b8h>$juq%_}uZeLQ9MX+0&6N#i&(5N$2dPe$kcY%yf<}rYFc=bZ=C}x}ZJy
zL3^msV^=~LR|l^KeXDX2G#)%r$uo_O%z>baQeD3o#T3iiR{GF>lRr+&lc@7UKi6b>
zCTLkp{)2Ef63l4W8O)|;tGAJ^l%Xn~&!cvogS~f@BNHgd)i5+!A#c4wXOXDa-@0;t
z(oS>kS<-O98h={+1z~~QEQ#y%N&B~I*+jF&hfS$>B@0JhsgE{z#dU}ju0jMne%xxE
zsVwc*T3fV>X}1zqT2AD_a_Lr6&DK$HP^9x`JBX!UE_>3ad^X|b+nQzh@`~^yZ*OE{
zj_udExLDo@w@lY}^J1v?ih^a|C3}iFUQOyR7Ask25H4ZrD;5jp4>kA;-RhabQTP>(
zVlruHHb<a+dq^yfYMAGNsb@Yvk1}P-gr}`dedxlX8vp*U@SqYHT*k!C@If!6C1;Yd
zT?B{Kx~vJ-Rr8v!NhqUa)!<kV&-2@1&x(xp3xpB&UwN1HQ--UDadPU!cERr%0>x})
zYmu_3@@R8T>R3!)YQfNoP2EbU8i-4k6AkfxbS50pM}5dF%|~+8X_u?JslA+*3*&6(
z!8HSGbuu0Uk5u2Snh<!@R`_xkVJa6~23~A?@mnNJ#ecl}HBk{NMz$-Cr&5JbX`7Nn
z>$ln1PA*qyh^i?MryqW|q`}9=&5vwNs=Z({%c-~L=yNcKy0Sf}bk|As*Av=Oi)4{o
z`u3M6?P8m^eIGObNj{?ocDA0UkCb8<$Ph`Kz4sNgPH!RB$X(vHJR@GTqw=g38}kNe
z>^v^1g*$$709-1Y8@lBtGTVae+#kO>Tn;rJ@lUQOhy$M)opMI-C7lC&Zquut1EwEG
z$?pAR9eo&XVAk?1j66ogBJ1?_ZzWeld<+Q*{_vM#{BM20@cDu2{lbC5Dq;!rG_qCB
z++4C?`|#)er&3!x%aXB@Jy~Y9!~I!JKvw|6;^m}I1Kj>t2KM(yrRFA#kXjQ6)OvA$
zrTrz!)&yP4po<oj3?fkm8#}YY$J@gbzKz+r9{A-9f7iFU<|F{IG*bUy_8_e-^1&du
zf=AwZB#<huD{tU!o><wB0eYOe?c(}fFJ)S1j#$3<>&6w?@ivtA+G`@BlSIBQs?_rt
z=DKm9s9!yF`S1Um!?X~=5pI2EKCe)pMp_O10d4i~FaiH@E#16glWKwYf0p#Bhc(oI
zxecw3?w*<uOq;FfQJr#;w6#{6glQvtLqdA5yn<|LgA3so8FGSn2s#XKB_`bwvxUIw
zo0GBdnY4zn3zA!e@!E846HU%k82lWdA#PeEOX+H05&8|X<6GyTG+KG&LM+;K_V1^U
zBVZK1H1@pj3gmEV)(B^im0VW}`QrGXg=!Kij)E{gR<ndWX$bl4_1gd8fBYBzC#_e2
zJgvg&vnd2`(RO&rN}7lStKk=Cof{&D^i|&()O*(C-kAU(!~>*PB|DBX6@G=43E3yi
zyDgFWeu8K_*SlIV^s1S%BAeyTTy0|7(KlQ=S6A_9T|pq-XSpwQ`fWtsTrrkY_1@py
zO#hrQ%Hp@gynoI-^cM)w-#OD-V0ahRo$igkx)KXe#dNljO4!@!hBf*Z!WE@FWUsgK
z<H<2G(oaZfw0)K7e)L<~npT1zsETn4sP?jel5Li$f!BY+5yt!Bg5IByF8v0r`{&F(
zEd>A$v)?ga{f<|N)Y$%vtLOh;YQ$V$8oNy}So&YCK;0Dbx|j?Z;vgp9(fFiGYH#l}
zY{%sSle^F%{mp&Gj5^a_4M~7GrZ2Oxb0Ol%^~rPSb<;<u+Vji2ZjXEB=5ue&B9fiI
z{ZBq3|H^I`^za?q&v2TfL`9N&j|5BledGI2@c8^IW%<W_|A-Y+;Y4IPQ~-T}8Qzi$
z`{Z_3%6W%V`+`#hx+oh{_$fyQP*bE#W4%tz(`2Y|NL`3v5Jge`%l)-BQjXMc!lg#-
z+|Pwu1lWnn_owyN+ccd0Af=dMNYWz)Bf)CD3{`;u$Gig}HkzORSdRa~Ei61DR*DvG
zIZvG4840SnwxP69r;8*dL8%|+dsm@iSMNsW?)>y!!`+B1XSJ`e9=()e(_%!^;ii+s
zBX2VwOPNTY&nqIEW8toqGO1dS6s2Iu$rSXFV5ot3>@k?BN=m{vq4q;KA{)*Dcj0ug
zl4ca&Ges&n)E_zPy&xBSVi32`hY0z~5`DDccW?gjGHKzd27>x7VX&*zmab=Wt9L@S
zv<|{2-A2_XCWWDLoDHo5=YX`A1L)OkhR=DPsLVM9cXa}el?Tqxuw;+SQ_r=8FsQ-U
zIV$3#*?TP6*yfcKbDnEhb~EZ&<#Pt#_@)Lq%!{;P@4G@`S_cBhd#iyvOm;2>LksPu
z(3>P-!ua{TkG)5A=EnvI`Y-1I7NJ3D<HzjYMLd}Z|0C}-BF7NLh`p1RbBbxbmJ5h7
zWH+&QZXtB8MQ)*d0x{&Mv|LHIQs3?_&$JtwhVeZdsF3&upssBAFTADy?ov$V@y*<2
zd=nw;MRA4m>9(=a`7A*qKy7bAn12Ye$4WuqfWf(eaNuv)WS2_NV<CYj91*p+$It~I
z4&S*B{V}SMU?`*H+f_aiX>A;dk{VUbb|Ow_55;T$s9&{(49L|KkX%*Q2RFWE6@*pE
ze8s(QJ|>hq*VD<%>U`HzIGs^&K{UyHDd&&a%eXsvvf0ywm=d04Ntm8F2fPYE?<+=6
z*UQYhY&Mfv7f4W%C#**6jm3*IO6P#d$g@fTM!GY$l9TdN3(H?ViF`~}qZ>9=9V5U~
z-Zw&WaY^7+=XB@Zt^%_s2@7O%kK$j#a8o+qp(ENJLI^UXXQJr1R+X;8<IKXf7x^`l
zj)wZdDAk*GW#8}eYW$%cHdWmj)t?g!6VVauU7p!L3CJTi+~$3zl)|ah3Wm)}3UsqW
z=D6d6jk(A625wK(o1$-C*~Z>=N0dmTl+B|ACv^7q+NWT5q!a40v`V{IcS|1He=r?v
z$?9<ARCfE`b+f4^LJ-IYd&AqALbb|6#%`E+N@W|h@rmh9{<tD$p~$z?`;Gm^tvm|o
zXJHr(orJjmkj-Q3^5;2O5Ao7{YFe&lQ!j~55}R?S=tbO=az|z4^`Qodd!0LcoCQBc
zSE%`(9j*r<JA|$)cxSp<y)b$?snw)oZVvk95Mj(?2EN$*$<5a0;wB251V0mG4S|cP
zjlV_PF5?vKwe)*XxUQJRC=wToW<`}*<e@ct$PvoqajlC;l1j)*l}(1|c)<J7A9}IR
zQXQ^t*l7#Y6qFu%Renu<JhQPw=KNqqzgrv#botg8W_4>2zz~6+jebygrGz;&cYN`7
z!u-mZa-^*0!;s3FY`(1D*rmcvdXH5PVggjQqz+(>^5r8sE!b81wrv(0e6t<jwazsf
zs(Vmo;bf;LAPCdEWB%e4o3WZpG*>iTUB-=<6c-1ut~bLpU!;KAJ#4b%)QWH7@XJI4
z`yd=RZb7zIZX!O4@NSqK+A!INViW-y#$UQOZw#(nj=e|!VWa}bjCqmllq9FscCyG7
z+|;^s;OM=y{H;7dRy<}dsi>HO5@@Nh;h4!D3<rE;AV6zh+UBlmpkV|g16sq4A*oK5
z6>dRgY4lZ4rHWh&SW{(LU?R~MScN|aTtg`~U(Ons!IK{{GzU6Nmwi%lfJ5+gCbt+R
zXv(QD>NUf5wM`uxlBaR>T5E`H(6-!b@0S$pI63yWuf0rhSm4?~4g>r&S+8?BI^<c7
zRe91pI46bpE8Y7iU02K;fS^O#X+HxyUUgUh3^zlJMdrXVIfXzZjkpT3Q(ZD*+)&js
z^ua=mq^9&|@yTmZF`Wx_eG4C|m$A=RNq+4Anioq#U8KX8r`v&Ur^bod=YRv8XzB>s
zrfZ!ZHS)=3f+|blavVMEN_Nd`#sd-?wHYaGKuO6Q77;i`?DCB?@ODkMkeUC;&(SQk
zgp_Ev4#?=UMY*`IL^D)P-8+b%J<BvUx9zhV@N>dyeXvq1ZWBIz6W4d5#yk#x3>2ej
zt7`EQlg?bum&vN33bWw>?q0$A;#W&^N5>o0+r+U0k_iR!ba(Fbsvo)zyp3H;a;|F6
z)v?lYh9wpxlJY>)5>nAbx3R5&o(Bb1Y#K!iI*iHI;5u3VYo3b;X|tHcbyk~2a12LZ
z)9}evm1SH>`w#(Kf2mz`TDyR^Yv}ocspmcUOspq3`_3hmO#w4wGOz6Y;9ie3p^w?4
z0&In@sfSz23G;TA-c<+kd`^o<%nM`{NJKUDBzny++5x-%Ij0pOzUvbKHd_`v`l8Bm
zct^>OqybtyRqgFnuD((T#oHycX;Gh87Q8xjSI|FOHBP|}OPeZ-XXeP%rUmSY1w4z)
z{2<zVd2KlwerrnY?&SvA^wm&9M&Y$$yS@_Tqypm-HA_%r0Z7w18;db|6ipOt8Mp{}
zah)KzstL5}ltr+aqT@=L{l_#c*O*+p-n+Kt5wvP@lV_&4IVibEBk4kaU)^dRzA@j^
zajr()r~x9?;DvI)j>Ji#9lpg|*LFb+K;TXeS`t^I3}vDhNy~TtUHBF3_sQJ)JM<lX
zjS-En8bR{dcLVNP?$8uHS3Sd3N)iqzO;#n-0F1G)FKrWOjGA4vpu88Pw1Z|b$|zgq
zwrK%r4-~+iDk$^&A=@+ly}f78_HVqOEiv!P%vYmWpw%#*Eb1_MxzKG4Epsr?f{fQW
zR=j!Sh=N=T39)<qI9to5VYU4Dc8{=Y*pj1|9&NbRcUwB)gn&zyMphj@Ioa8_(#c#~
zqa`5|ydsA_*C|+Y?%um-VFe4ea$QNQjJ(2xvQXnZX%P1nHgqZnDMG6z5~&#3b3M6x
zkt4Q#4*{_nYt0#;%r6#qv+#RkjdDw6@RCA@Y!Myn0`)jF8)(TR!MI2Jn5j+`bfB$V
zdTVj4Y%$cRwf#GgzAWE`GL-kSbe<cZv^TJnqn!}-){XjI+@@B0R3+oPOffp3TyO8n
zw~Lp9zI!B)-+8$xyIvoKcXiIzj|T~`yJ>CsH4BWHik!AOj5oEgMve&ZeiqZ<zcx_>
zDvQ^<zhKZ4Dy>8xl_H9vuHpb2yNKGNMbj?FEzJ9cR{$W3`xakS$6xU?ziim&dv1C*
zB(kP<a(B3YIHxMY7>)54N%5F;RTV25rH^Yxyf^malaX8YH+9!jxx-e5Y-_!-sN)`I
zY{Zj4n8IZx9n^!GjZ!tF3cq9><Y<D*pnm;J@uy*ed<l1R?*|=@B$MofHIo`mNhhe<
zHEjm%2{Dga6t%q=$|s*aCa*UNB><<hb7C(3I%-c7z%unwIon>k%8`TBZ1-(c=H{hM
zlh{#tle(m{r1g33Zx@~p*pjnCm8UL^Pk0vDDx1_{@5UYVEuaP4jZoQCTAWsa`0B@q
zYY}{GBw}-jh}=}~EoygZJMG5UFYLCZx>HBhQ!3gF$y~k~;;~fB?1kZ~V%gxg+J_h)
z?B6x9{wq4ot9^^~sG-EDZe}NQWKdQN`W!$d{8}R!Hp|TQ_1C%l7gcPAdLJPIk#0M4
zNA2wwrzH3?_iZh<VWF$H7Op8iQFBV?etZoTlSN7+Kcu`(e0?=|@IR~Ei1Ug62Ey8)
AVE_OC

diff --git a/docs/multitenant/ords-based/provisioning/example_setup_using_oci_oke_cluster.md b/docs/multitenant/ords-based/provisioning/example_setup_using_oci_oke_cluster.md
deleted file mode 100644
index d56efacb..00000000
--- a/docs/multitenant/ords-based/provisioning/example_setup_using_oci_oke_cluster.md
+++ /dev/null
@@ -1,38 +0,0 @@
-# Example of a working setup using OCI OKE(Kubernetes Cluster) and a CDB in Cloud (OCI Exadata Database Cluster)
-
-In this example, the target CDB (for which the PDB life cycle management is needed) is running in a Cloud environment (OCI's [Oracle Exadata Database Service](https://docs.oracle.com/en-us/iaas/exadatacloud/index.html)) and to manage its PDBs, the Oracle DB Operator is running on a Kubernetes Cluster running in cloud (OCI's [Container Engine for Kubernetes or OKE](https://docs.oracle.com/en-us/iaas/Content/ContEng/Concepts/contengoverview.htm#Overview_of_Container_Engine_for_Kubernetes)).
-
-
-## High Level plans for this setup
-
-Below are the main steps that will be involved in this setup:
-
-- Setup VCN, Add security lists
-- Setup OKE cluster with custom settings
-- Install Oracle Database Operator on OKE Cluster
-- Install ords controller definition
-- Manager pdb life cycle management.
-
-
-## OKE Cluster
-
-Check the [Oracle Documentation](https://docs.oracle.com/en-us/iaas/Content/ContEng/Concepts/contengnetworkconfigexample.htm#example-privatek8sapi-privateworkers-publiclb) for the OKE rules settings.
-
-Create OKE cluster with CUSTOM option to use same VCN where ExaCS is provisioned.
-
-**NOTE:** Make sure you choose same VCN exaphxvcn where ExaCS is provisioned.
-
-After this, setup kubeconfig & validate cluster access as well as worker node access via ssh.
-
-For example, you should be able to check the available OKE nodes using "kubectl" as below:
-
-```
-% kubectl get nodes -o wide
-NAME              STATUS   ROLES   AGE     VERSION   INTERNAL-IP       EXTERNAL-IP       OS-IMAGE                  KERNEL-VERSION                      CONTAINER-RUNTIME
-192.168.194.163   Ready    node    3d19h   v1.23.4   192.168.194.163   XX.XX.XX.XX    Oracle Linux Server 7.9   5.4.17-2136.306.1.3.el7uek.x86_64   cri-o://1.23.2
-192.168.194.169   Ready    node    3d19h   v1.23.4   192.168.194.169   XX.XX.XX.XX    Oracle Linux Server 7.9   5.4.17-2136.306.1.3.el7uek.x86_64   cri-o://1.23.2
-192.168.194.241   Ready    node    3d19h   v1.23.4   192.168.194.241   XX.XX.XX.XX    Oracle Linux Server 7.9   5.4.17-2136.306.1.3.el7uek.x86_64   cri-o://1.23.2
-```
-
-Once this setup is ready, you can proceed with the installation of [Oracle Database Operator for Kubernetes](https://github.com/oracle/oracle-database-operator/blob/main/README.md) to use the Oracle On-prem controller to manage PDBs in this CDB.
-
diff --git a/docs/multitenant/ords-based/provisioning/multinamespace/cdb_create.yaml b/docs/multitenant/ords-based/provisioning/multinamespace/cdb_create.yaml
deleted file mode 100644
index 8ace42e8..00000000
--- a/docs/multitenant/ords-based/provisioning/multinamespace/cdb_create.yaml
+++ /dev/null
@@ -1,48 +0,0 @@
-apiVersion: database.oracle.com/v4
-kind: CDB 
-metadata: 
-  name: cdb-dev
-  namespace: cdbnamespace
-spec:
-  cdbName: "DB12"
-  ordsImage: ".............your registry............./ords-dboper:latest"
-  ordsImagePullPolicy: "Always"
-  dbTnsurl : "...Container tns alias....."
-  replicas: 1
-  sysAdminPwd: 
-    secret: 
-      secretName: "[...]"
-      key: "[...]"
-  ordsPwd:
-    secret: 
-      secretName: "[...]"
-      key: "[...]"  
-  cdbAdminUser: 
-    secret: 
-      secretName: "[...]"
-      key: "[...]"
-  cdbAdminPwd: 
-    secret: 
-      secretName: "[...]"
-      key: "[...]"
-  webServerUser: 
-    secret: 
-      secretName: "[...]"
-      key: "[...]"
-  webServerPwd: 
-    secret: 
-      secretName: "[...]"
-      key: "[...]"      
-  cdbTlsKey:
-    secret:
-      secretName: "db-tls"
-      key: "tls.key"
-  cdbTlsCrt:
-    secret:
-      secretName: "db-tls"
-      key: "tls.crt"
-  cdbOrdsPrvKey:
-    secret:
-      secretName: "prvkey"
-      key: "privateKey"
-
diff --git a/docs/multitenant/ords-based/provisioning/multinamespace/pdb_clone.yaml b/docs/multitenant/ords-based/provisioning/multinamespace/pdb_clone.yaml
deleted file mode 100644
index 4dac1aea..00000000
--- a/docs/multitenant/ords-based/provisioning/multinamespace/pdb_clone.yaml
+++ /dev/null
@@ -1,54 +0,0 @@
-#
-# Copyright (c) 2022, Oracle and/or its affiliates. All rights reserved.
-# Licensed under the Universal Permissive License v 1.0 as shown at http://oss.oracle.com/licenses/upl.
-#
-apiVersion: database.oracle.com/v4
-kind: PDB
-metadata:
-  name: pdb2
-  namespace: pdbnamespace 
-  labels:
-    cdb: cdb-dev
-spec:
-  cdbResName: "cdb-dev"
-  cdbNamespace: "cdbnamespace"
-  cdbName: "DB12"
-  pdbName: "pdb2_clone"
-  srcPdbName: "pdbdev"
-  fileNameConversions: "NONE"
-  totalSize: "UNLIMITED"
-  tempSize: "UNLIMITED"
-  assertivePdbDeletion: true
-  adminName:
-    secret:
-      secretName: "[...]"
-      key: "[...]"
-  adminPwd:
-    secret:
-      secretName: "[...]"
-      key: "[...]"
-  pdbTlsKey:
-    secret:
-      secretName: "db-tls"
-      key: "tls.key"
-  pdbTlsCrt:
-    secret:
-      secretName: "db-tls"
-      key: "tls.crt"
-  pdbTlsCat:
-    secret:
-      secretName: "db-ca"
-      key: "ca.crt"
-  webServerUser:
-    secret:
-      secretName: "[...]"
-      key: "[...]"
-  webServerPwd:
-    secret:
-      secretName: "[...]"
-      key: "[...]"
-  pdbOrdsPrvKey:
-    secret:
-      secretName: "prvkey"
-      key: "privateKey"
-  action: "Clone"
diff --git a/docs/multitenant/ords-based/provisioning/multinamespace/pdb_close.yaml b/docs/multitenant/ords-based/provisioning/multinamespace/pdb_close.yaml
deleted file mode 100644
index 44b1a086..00000000
--- a/docs/multitenant/ords-based/provisioning/multinamespace/pdb_close.yaml
+++ /dev/null
@@ -1,48 +0,0 @@
-apiVersion: database.oracle.com/v4
-kind: PDB
-metadata:
-  name: pdb1
-  namespace: pdbnamespace
-  labels:
-    cdb: cdb-dev
-spec:
-  cdbResName: "cdb-dev"
-  cdbNamespace: "cdbnamespace"
-  cdbName: "DB12"
-  pdbName: "pdbdev"
-  adminName:
-    secret:
-      secretName: "[...]"
-      key: "[...]" 
-  adminPwd:
-    secret:
-      secretName: "[...]"
-      key: "[...]"
-  pdbTlsKey:
-    secret:
-      secretName: "db-tls"
-      key: "tls.key"
-  pdbTlsCrt:
-    secret:
-      secretName: "db-tls"
-      key: "tls.crt"
-  pdbTlsCat:
-    secret:
-      secretName: "db-ca"
-      key: "ca.crt"
-  webServerUser:
-    secret:
-      secretName: "[...]"
-      key: "[...]"
-  webServerPwd:
-    secret:
-      secretName: "[...]"
-      key: "[...]"
-  pdbOrdsPrvKey:
-    secret:
-      secretName: "prvkey"
-      key: "privateKey"
-  pdbState: "CLOSE"
-  modifyOption: "IMMEDIATE"
-  action: "Modify"
-
diff --git a/docs/multitenant/ords-based/provisioning/multinamespace/pdb_create.yaml b/docs/multitenant/ords-based/provisioning/multinamespace/pdb_create.yaml
deleted file mode 100644
index 2bf2189b..00000000
--- a/docs/multitenant/ords-based/provisioning/multinamespace/pdb_create.yaml
+++ /dev/null
@@ -1,50 +0,0 @@
-apiVersion: database.oracle.com/v4
-kind: PDB
-metadata:
-  name: pdb1
-  namespace: pdbnamespace 
-  labels:
-    cdb: cdb-dev
-spec:
-  cdbResName: "cdb-dev"
-  cdbNamespace: "cdbnamespace"
-  cdbName: "DB12"
-  pdbName: "pdbdev"
-  adminName:
-    secret:
-      secretName: "[...]"
-      key: "[...]" 
-  adminPwd:
-    secret:
-      secretName: "[...]"
-      key: "[...]"
-  pdbTlsKey:
-    secret:
-      secretName: "db-tls"
-      key: "tls.key"
-  pdbTlsCrt:
-    secret:
-      secretName: "db-tls"
-      key: "tls.crt"
-  pdbTlsCat:
-    secret:
-      secretName: "db-ca"
-      key: "ca.crt"
-  webServerUser:
-    secret:
-      secretName: "[...]"
-      key: "[...]"
-  webServerPwd:
-    secret:
-      secretName: "[...]"
-      key: "[...]"
-  pdbOrdsPrvKey:
-    secret:
-      secretName: "prvkey"
-      key: "privateKey"
-  fileNameConversions: "NONE"
-  tdeImport: false
-  totalSize: "1G"
-  tempSize: "100M"
-  action: "Create"
-
diff --git a/docs/multitenant/ords-based/provisioning/multinamespace/pdb_delete.yaml b/docs/multitenant/ords-based/provisioning/multinamespace/pdb_delete.yaml
deleted file mode 100644
index 296c9feb..00000000
--- a/docs/multitenant/ords-based/provisioning/multinamespace/pdb_delete.yaml
+++ /dev/null
@@ -1,39 +0,0 @@
-apiVersion: database.oracle.com/v4
-kind: PDB
-metadata:
-  name: pdb1
-  namespace: pdbnamespace
-  labels:
-    cdb: cdb-dev
-spec:
-  cdbResName: "cdb-dev"
-  cdbNamespace: "cdbnamespace"
-  pdbName: "pdbdev"
-  action: "Delete"
-  dropAction: "INCLUDING"
-  pdbTlsKey:
-    secret:
-      secretName: "db-tls"
-      key: "tls.key"
-  pdbTlsCrt:
-    secret:
-      secretName: "db-tls"
-      key: "tls.crt"
-  pdbTlsCat:
-    secret:
-      secretName: "db-ca"
-      key: "ca.crt"
-  webServerUser:
-    secret:
-      secretName: "[...]"
-      key: "[...]"
-  webServerPwd:
-    secret:
-      secretName: "[...]"
-      key: "[...]"
-  pdbOrdsPrvKey:
-    secret:
-      secretName: "prvkey"
-      key: "privateKey"
-
-        
diff --git a/docs/multitenant/ords-based/provisioning/multinamespace/pdb_open.yaml b/docs/multitenant/ords-based/provisioning/multinamespace/pdb_open.yaml
deleted file mode 100644
index 9f85f0b5..00000000
--- a/docs/multitenant/ords-based/provisioning/multinamespace/pdb_open.yaml
+++ /dev/null
@@ -1,47 +0,0 @@
-apiVersion: database.oracle.com/v4
-kind: PDB
-metadata:
-  name: pdb1
-  namespace: pdbnamespace
-  labels:
-    cdb: cdb-dev
-spec:
-  cdbResName: "cdb-dev"
-  cdbNamespace: "cdbnamespace"
-  cdbName: "DB12"
-  pdbName: "pdbdev"
-  adminName:
-    secret:
-      secretName: "[...]"
-      key: "[...]" 
-  adminPwd:
-    secret:
-      secretName: "[...]"
-      key: "[...]"
-  pdbTlsKey:
-    secret:
-      secretName: "db-tls"
-      key: "tls.key"
-  pdbTlsCrt:
-    secret:
-      secretName: "db-tls"
-      key: "tls.crt"
-  pdbTlsCat:
-    secret:
-      secretName: "db-ca"
-      key: "ca.crt"
-  webServerUser:
-    secret:
-      secretName: "[...]"
-      key: "[...]"
-  webServerPwd:
-    secret:
-      secretName: "[...]"
-      key: "[...]"
-  pdbOrdsPrvKey:
-    secret:
-      secretName: "prvkey"
-      key: "privateKey"
-  action: "Modify"
-  pdbState: "OPEN"
-  modifyOption: "READ WRITE"
diff --git a/docs/multitenant/ords-based/provisioning/multinamespace/pdb_plug.yaml b/docs/multitenant/ords-based/provisioning/multinamespace/pdb_plug.yaml
deleted file mode 100644
index 10719ccc..00000000
--- a/docs/multitenant/ords-based/provisioning/multinamespace/pdb_plug.yaml
+++ /dev/null
@@ -1,51 +0,0 @@
-#
-# Copyright (c) 2022, Oracle and/or its affiliates. All rights reserved.
-# Licensed under the Universal Permissive License v 1.0 as shown at http://oss.oracle.com/licenses/upl.
-#
-apiVersion: database.oracle.com/v4
-kind: PDB
-metadata:
-  name: pdb1
-  namespace: pdbnamespace
-  labels:
-    cdb: cdb-dev
-spec:
-  cdbResName: "cdb-dev"
-  cdbNamespace: "cdbnamespace"
-  cdbName: "DB12"
-  pdbName: "pdbdev"
-  xmlFileName: "/tmp/pdb.xml"
-  fileNameConversions: "NONE"
-  sourceFileNameConversions: "NONE"
-  copyAction: "MOVE"
-  totalSize: "1G"
-  tempSize: "100M"
-  action: "Plug"
-  assertivePdbDeletion: true
-  pdbTlsKey:
-    secret:
-      secretName: "db-tls"
-      key: "tls.key"
-  pdbTlsCrt:
-    secret:
-      secretName: "db-tls"
-      key: "tls.crt"
-  pdbTlsCat:
-    secret:
-      secretName: "db-ca"
-      key: "ca.crt"
-  webServerUser:
-    secret:
-      secretName: "[...]"
-      key: "[...]"
-  webServerPwd:
-    secret:
-      secretName: "[...]"
-      key: "[...]"
-  pdbOrdsPrvKey:
-    secret:
-      secretName: "prvkey"
-      key: "privateKey"
-
-
-
diff --git a/docs/multitenant/ords-based/provisioning/multinamespace/pdb_unplug.yaml b/docs/multitenant/ords-based/provisioning/multinamespace/pdb_unplug.yaml
deleted file mode 100644
index f30f2699..00000000
--- a/docs/multitenant/ords-based/provisioning/multinamespace/pdb_unplug.yaml
+++ /dev/null
@@ -1,43 +0,0 @@
-#
-# Copyright (c) 2022, Oracle and/or its affiliates. All rights reserved.
-# Licensed under the Universal Permissive License v 1.0 as shown at http://oss.oracle.com/licenses/upl.
-#
-apiVersion: database.oracle.com/v4
-kind: PDB
-metadata:
-  name: pdb1
-  namespace: pdbnamespace
-  labels:
-    cdb: cdb-dev
-spec:
-  cdbResName: "cdb-dev"
-  cdbNamespace: "cdbnamespace"
-  cdbName: "DB12"
-  pdbName: "pdbdev"
-  xmlFileName: "/tmp/pdb.xml"
-  action: "Unplug"
-  pdbTlsKey:
-    secret:
-      secretName: "db-tls"
-      key: "tls.key"
-  pdbTlsCrt:
-    secret:
-      secretName: "db-tls"
-      key: "tls.crt"
-  pdbTlsCat:
-    secret:
-      secretName: "db-ca"
-      key: "ca.crt"
-  webServerUser:
-    secret:
-      secretName: "[...]"
-      key: "[...]"
-  webServerPwd:
-    secret:
-      secretName: "[...]"
-      key: "[...]"
-  pdbOrdsPrvKey:
-    secret:
-      secretName: "prvkey"
-      key: "privateKey"
-
diff --git a/docs/multitenant/ords-based/provisioning/ords_image.md b/docs/multitenant/ords-based/provisioning/ords_image.md
deleted file mode 100644
index e2d1dcef..00000000
--- a/docs/multitenant/ords-based/provisioning/ords_image.md
+++ /dev/null
@@ -1,81 +0,0 @@
-<span style="font-family:Liberation mono; font-size:0.8em; line-height: 1.2em">
-
-# Build ORDS Docker Image
-
-This file contains the steps to create an ORDS based image to be used solely by the PDB life cycle multitentant controllers. 
-
-**NOTE:** It is assumed that before this step, you have followed the [prerequisite](./../README.md#prerequsites-to-manage-pdb-life-cycle-using-oracle-db-operator-on-prem-database-controller) steps.
-
-#### Clone the software using git:
-
-> Under directory ./oracle-database-operator/ords you will find the [Dockerfile](../../../ords/Dockerfile) and [runOrdsSSL.sh](../../../ords/runOrdsSSL.sh) required to build the image.
-
-```sh
- git clone git@orahub.oci.oraclecorp.com:rac-docker-dev/oracle-database-operator.git
- cd oracle-database-operator/ords/
-```
-
-#### Login to the registry: container-registry.oracle.com
-
-**NOTE:** To login to this registry, you will need to the URL https://container-registry.oracle.com , Sign in, then click on "Java" and then accept the agreement.
-
-```bash
-docker login container-registry.oracle.com
-```
-
-#### Login to the your container registry
-
-Login to a repo where you want to push your docker image (if needed) to pull during deployment in your environment.
-
-```bash
-docker login <repo where you want to push the created docker ORDS image>
-```
-
-#### Build the image
-
-Build the docker image by using below command:
-
-```bash
-docker build -t oracle/ords-dboper:latest .
-```
-> If your are working behind a proxy mind to specify https_proxy and http_proxy during image creation  
-
-Check the docker image details using:
-
-```bash
-docker images
-```
-
-> OUTPUT EXAMPLE
-```bash
-REPOSITORY                                                           TAG                 IMAGE ID            CREATED             SIZE
-oracle/ords-dboper                                                   latest              fdb17aa242f8        4 hours ago         1.46GB
-
-```
-
-#### Tag and push the image 
-
-Tag and push the image to your image repository.
-
-NOTE: We have the repo as `phx.ocir.io/<repo_name>/oracle/ords:latest`. Please change as per your environment.
-
-```bash
-docker tag oracle/ords-dboper:ords-latest phx.ocir.io/<repo_name>/oracle/ords:latest
-docker push phx.ocir.io/<repo_name>/oracle/ords:latest
-```
-
-#### In case of private image
-
-If you the image not be public then yuo need to create a secret containing the password of your image repository.
-Create a Kubernetes Secret for your docker repository to pull the image during deployment using the below command:
-
-```bash
-kubectl create secret generic container-registry-secret --from-file=.dockerconfigjson=./.docker/config.json --type=kubernetes.io/dockerconfigjson -n oracle-database-operator-system
-```
-
-Use the parameter `ordsImagePullSecret` to specify the container secrets in pod creation yaml file
-
-#### [Image createion example](../usecase01/logfiles/BuildImage.log)
-
-
-</span>
diff --git a/docs/multitenant/ords-based/provisioning/quickOKEcreation.md b/docs/multitenant/ords-based/provisioning/quickOKEcreation.md
deleted file mode 100644
index 19d9323e..00000000
--- a/docs/multitenant/ords-based/provisioning/quickOKEcreation.md
+++ /dev/null
@@ -1,136 +0,0 @@
-<span style="font-family:Liberation mono; font-size:0.9em; line-height: 1.1em">
-
-### Quick Oke creation script 
-
-Use this script to create quickly an OKE cluster in your OCI. 
-
-#### Prerequisties:
-- ocicli is properly configured on your client 
-- make is installed on your client 
-- vnc is already configured
-- ssh key is configured (public key available under directory ~/.ssh)
-- edit make providing all the information about your compartment, vnc,subnet,lb subnet and nd subnet (exported variables in the header section)
-
-
-#### Execution:
-
-```bash 
-make all
-```
-
-Monitor the OKE from OCI console 
-
-#### Makefile 
-```makefile
-.EXPORT_ALL_VARIABLES:
-
-export CMPID=[.... COMPARTMENT ID.............]
-export VNCID=[.... VNC ID ....................]
-export ENDID=[.... SUBNET END POINT ID .......]
-export LBSID=[.....LB SUBNET ID...............]
-export NDSID=[.....NODE SUBNET ID.............]
-
-
-#ssh public key
-export KEYFL=~/.ssh/id_rsa.pub
-
-#cluster version 
-export KSVER=v1.27.2
-
-#cluster name 
-export CLUNM=myoke
-
-#pool name 
-export PLNAM=Pool1
-
-#logfile
-export LOGFILE=./clustoke.log
-
-#shape 
-export SHAPE=VM.Standard.E4.Flex
-
-OCI=/home/oracle/bin/oci
-CUT=/usr/bin/cut
-KUBECTL=/usr/bin/kubectl
-CAT=/usr/bin/cat
-
-all: cluster waitcluster pool waitpool config desccluster
-
-cluster:
-	@echo " - CREATING CLUSTER "
-	@$(OCI) ce cluster create \
-    --compartment-id $(CMPID) \
-    --kubernetes-version $(KSVER) \
-    --name $(CLUNM) \
-    --vcn-id $(VNCID) \
-    --endpoint-subnet-id $(ENDID) \
-    --service-lb-subnet-ids '["'$(LBSID)'"]' \
-    --endpoint-public-ip-enabled true \
-    --persistent-volume-freeform-tags '{"$(CLUNM)" : "OKE"}' 1>$(LOGFILE) 2>&1
-
-waitcluster:
-	@while [ `$(OCI) ce cluster list  --compartment-id $(CMPID)  \
-        --name $(CLUNM) --lifecycle-state ACTIVE --query data[0].id \
-        --raw-output |wc -l ` -eq 0 ] ; do sleep 5 ; done
-	@echo " - CLUSTER CREATED"
-
-
-pool:
-	@echo " - CREATING POOL"
-	@$(eval PBKEY :=$(shell $(CAT) $(KEYFL)|grep -v " PUBLIC KEY"))
-	@$(OCI) ce node-pool create \
-        --cluster-id `$(OCI) ce cluster list --compartment-id $(CMPID) \
-              --name $(CLUNM) --lifecycle-state ACTIVE --query data[0].id --raw-output` \
-        --compartment-id $(CMPID) \
-        --kubernetes-version $(KSVER) \
-        --name $(PLNAM) \
-        --node-shape $(SHAPE) \
-        --node-shape-config '{"memoryInGBs": 8.0, "ocpus": 1.0}' \
-        --node-image-id `$(OCI) compute image list \
-              --operating-system 'Oracle Linux' --operating-system-version 7.9 \
-              --sort-by TIMECREATED --compartment-id $(CMPID) --shape $(SHAPE) \
-              --query data[1].id --raw-output` \
-        --node-boot-volume-size-in-gbs 50 \
-	--ssh-public-key "$(PBKEY)" \
-        --size 3 \
-        --placement-configs '[{"availabilityDomain": "'`oci iam availability-domain list \
-              --compartment-id $(CMPID) \
-              --query data[0].name --raw-output`'", "subnetId": "'$(NDSID)'"}]' 1>>$(LOGFILE) 2>&1
-
-waitpool:
-	$(eval CLSID :=$(shell $(OCI) ce cluster list --compartment-id $(CMPID) \
-        --name $(CLUNM) --lifecycle-state ACTIVE --query data[0].id --raw-output))
-	@while [ `$(OCI) ce node-pool list --compartment-id $(CMPID) \
-        --lifecycle-state ACTIVE  --cluster-id $(CLSID) \
-        --query data[0].id --raw-output |wc -l ` -eq 0 ] ; do sleep 5 ; done
-	@sleep 10 
-	$(eval PLLID :=$(shell $(OCI) ce node-pool list --compartment-id $(CMPID) \
-          --lifecycle-state ACTIVE  --cluster-id $(CLSID) --query data[0].id --raw-output))
-	@echo " - POOL CREATED"
-
-config:
-	@$(OCI) ce cluster create-kubeconfig --cluster-id \
-              `$(OCI) ce cluster list \
-              --compartment-id $(CMPID)  --name $(CLUNM) --lifecycle-state ACTIVE \
-              --query data[0].id --raw-output` \
-         --file $(HOME)/.kube/config --region  \
-           `$(OCI) ce cluster list \
-              --compartment-id $(CMPID)  --name $(CLUNM) --lifecycle-state ACTIVE \
-              --query data[0].id --raw-output|$(CUT) -f4 -d. ` \
-          --token-version 2.0.0  --kube-endpoint PUBLIC_ENDPOINT
-	@echo " - KUBECTL PUBLIC ENDPOINT CONFIGURED"
-	
-
-desccluster:
-	@$(eval TMPSP := $(shell date "+%y/%m/%d:%H:%M" ))
-	$(KUBECTL) get nodes -o wide
-	$(KUBECTL) get storageclass
-
-checkvol:
-	$(OCI) bv volume list \
-  --compartment-id $(CMPID) \
-  --lifecycle-state AVAILABLE \
-  --query 'data[?"freeform-tags".stackgres == '\''OKE'\''].id'
-```
-
-</span>
diff --git a/docs/multitenant/ords-based/provisioning/singlenamespace/cdb_create.yaml b/docs/multitenant/ords-based/provisioning/singlenamespace/cdb_create.yaml
deleted file mode 100644
index 5e020de6..00000000
--- a/docs/multitenant/ords-based/provisioning/singlenamespace/cdb_create.yaml
+++ /dev/null
@@ -1,49 +0,0 @@
-apiVersion: database.oracle.com/v4
-kind: CDB 
-metadata: 
-  name: cdb-dev
-  namespace: oracle-database-operator-system
-spec:
-  cdbName: "DB12"
-  ordsImage: ".............your registry............./ords-dboper:latest"
-  ordsImagePullPolicy: "Always"
-  dbTnsurl : "...Container tns alias....."
-  replicas: 1
-  sysAdminPwd: 
-    secret: 
-      secretName: "[...]"
-      key: "[...]"
-  ordsPwd:
-    secret: 
-      secretName: "[...]"
-      key: "[...]"  
-  cdbAdminUser: 
-    secret: 
-      secretName: "[...]"
-      key: "[...]"
-  cdbAdminPwd: 
-    secret: 
-      secretName: "[...]"
-      key: "[...]"
-  webServerUser: 
-    secret: 
-      secretName: "[...]"
-      key: "[...]"
-  webServerPwd: 
-    secret: 
-      secretName: "[...]"
-      key: "[...]"      
-  cdbTlsKey:
-    secret:
-      secretName: "[...]"
-      key: "[...]"
-  cdbTlsCrt:
-    secret:
-      secretName: "[...]"
-      key: "[...]"
-  cdbOrdsPrvKey:
-    secret:
-      secretName: "prvkey"
-      key: "privateKey"
-
-
diff --git a/docs/multitenant/ords-based/provisioning/singlenamespace/cdb_secret.yaml b/docs/multitenant/ords-based/provisioning/singlenamespace/cdb_secret.yaml
deleted file mode 100644
index 567b90a4..00000000
--- a/docs/multitenant/ords-based/provisioning/singlenamespace/cdb_secret.yaml
+++ /dev/null
@@ -1,17 +0,0 @@
-#
-# Copyright (c) 2022, Oracle and/or its affiliates. All rights reserved.
-# Licensed under the Universal Permissive License v 1.0 as shown at http://oss.oracle.com/licenses/upl.
-#
-apiVersion: v1
-kind: Secret
-metadata:
-  name: cdb1-secret
-  namespace: oracle-database-operator-system 
-type: Opaque 
-data: 
-  ords_pwd:         ".....base64 encoded password...."
-  sysadmin_pwd:     ".....base64 encoded password...."
-  cdbadmin_user:    ".....base64 encoded password...."
-  cdbadmin_pwd:     ".....base64 encoded password...."
-  webserver_user:   ".....base64 encoded password...."
-  webserver_pwd:    ".....base64 encoded password...."
diff --git a/docs/multitenant/ords-based/provisioning/singlenamespace/pdb_clone.yaml b/docs/multitenant/ords-based/provisioning/singlenamespace/pdb_clone.yaml
deleted file mode 100644
index 964d1e5e..00000000
--- a/docs/multitenant/ords-based/provisioning/singlenamespace/pdb_clone.yaml
+++ /dev/null
@@ -1,60 +0,0 @@
-#
-# Copyright (c) 2022, Oracle and/or its affiliates. All rights reserved.
-# Licensed under the Universal Permissive License v 1.0 as shown at http://oss.oracle.com/licenses/upl.
-#
-apiVersion: database.oracle.com/v1alpha1
-kind: PDB
-metadata:
-  name: pdb2
-  namespace: oracle-database-operator-system
-  labels:
-    cdb: cdb-dev
-spec:
-  cdbResName: "cdb-dev"
-  cdbNamespace: "oracle-database-operator-system"
-  cdbName: "DB12"
-  pdbName: "pdb2_clone"
-  srcPdbName: "pdbdev"
-  fileNameConversions: "NONE"
-  totalSize: "UNLIMITED"
-  tempSize: "UNLIMITED"
-  assertivePdbDeletion: true
-  adminName:
-    secret:
-      secretName: "[...]"
-      key: "[...]"
-  adminPwd:
-    secret:
-      secretName: "[...]"
-      key: "[...]"
-  pdbTlsKey:
-    secret:
-      secretName: "db-tls"
-      key: "tls.key"
-  pdbTlsCrt:
-    secret:
-      secretName: "db-tls"
-      key: "tls.crt"
-  pdbTlsCat:
-    secret:
-      secretName: "db-ca"
-      key: "ca.crt"
-  webServerUser:
-    secret:
-      secretName: "pdb1-secret"
-      key: "webserver_user"
-  webServerPwd:
-    secret:
-      secretName: "pdb1-secret"
-      key: "webserver_pwd"
-      secretName: "[...]"
-      key: "[...]"
-  webServerPwd:
-    secret:
-      secretName: "[...]"
-      key: "[...]"
-  pdbOrdsPrvKey:
-    secret:
-      secretName: "prvkey"
-      key: "privateKey"
-  action: "Clone"
diff --git a/docs/multitenant/ords-based/provisioning/singlenamespace/pdb_close.yaml b/docs/multitenant/ords-based/provisioning/singlenamespace/pdb_close.yaml
deleted file mode 100644
index 06d92469..00000000
--- a/docs/multitenant/ords-based/provisioning/singlenamespace/pdb_close.yaml
+++ /dev/null
@@ -1,48 +0,0 @@
-apiVersion: database.oracle.com/v4
-kind: PDB
-metadata:
-  name: pdb1
-  namespace: oracle-database-operator-system
-  labels:
-    cdb: cdb-dev
-spec:
-  cdbResName: "cdb-dev"
-  cdbNamespace: "oracle-database-operator-system"
-  cdbName: "DB12"
-  pdbName: "pdbdev"
-  adminName:
-    secret:
-      secretName: "[...]"
-      key: "[...]" 
-  adminPwd:
-    secret:
-      secretName: "[...]"
-      key: "[...]"
-  pdbTlsKey:
-    secret:
-      secretName: "db-tls"
-      key: "tls.key"
-  pdbTlsCrt:
-    secret:
-      secretName: "db-tls"
-      key: "tls.crt"
-  pdbTlsCat:
-    secret:
-      secretName: "db-ca"
-      key: "ca.crt"
-  webServerUser:
-    secret:
-      secretName: "[...]"
-      key: "[...]"
-  webServerPwd:
-    secret:
-      secretName: "[...]"
-      key: "[...]"
-  pdbOrdsPrvKey:
-    secret:
-      secretName: "prvkey"
-      key: "privateKey"
-  pdbState: "CLOSE"
-  modifyOption: "IMMEDIATE"
-  action: "Modify"
-
diff --git a/docs/multitenant/ords-based/provisioning/singlenamespace/pdb_create.yaml b/docs/multitenant/ords-based/provisioning/singlenamespace/pdb_create.yaml
deleted file mode 100644
index 2744223e..00000000
--- a/docs/multitenant/ords-based/provisioning/singlenamespace/pdb_create.yaml
+++ /dev/null
@@ -1,51 +0,0 @@
-apiVersion: database.oracle.com/v4
-kind: PDB
-metadata:
-  name: pdb1
-  namespace: oracle-database-operator-system
-  labels:
-    cdb: cdb-dev
-spec:
-  cdbResName: "cdb-dev"
-  cdbNamespace: "oracle-database-operator-system"
-  cdbName: "DB12"
-  pdbName: "pdbdev"
-  adminName:
-    secret:
-      secretName: "[...]"
-      key: "[...]" 
-  adminPwd:
-    secret:
-      secretName: "[...]"
-      key: "[...]"
-  pdbTlsKey:
-    secret:
-      secretName: "db-tls"
-      key: "tls.key"
-  pdbTlsCrt:
-    secret:
-      secretName: "db-tls"
-      key: "tls.crt"
-  pdbTlsCat:
-    secret:
-      secretName: "db-ca"
-      key: "ca.crt"
-  webServerUser:
-    secret:
-      secretName: "[...]"
-      key: "[...]"
-  webServerPwd:
-    secret:
-      secretName: "[...]"
-      key: "[...]"
-  pdbOrdsPrvKey:
-    secret:
-      secretName: "prvkey"
-      key: "privateKey"
-  fileNameConversions: "NONE"
-  tdeImport: false
-  totalSize: "1G"
-  tempSize: "100M"
-  action: "Create"
-  assertivePdbDeletion: true
-
diff --git a/docs/multitenant/ords-based/provisioning/singlenamespace/pdb_delete.yaml b/docs/multitenant/ords-based/provisioning/singlenamespace/pdb_delete.yaml
deleted file mode 100644
index 523ac1cb..00000000
--- a/docs/multitenant/ords-based/provisioning/singlenamespace/pdb_delete.yaml
+++ /dev/null
@@ -1,39 +0,0 @@
-apiVersion: database.oracle.com/v4
-kind: PDB
-metadata:
-  name: pdb1
-  namespace: oracle-database-operator-system
-  labels:
-    cdb: cdb-dev
-spec:
-  cdbResName: "cdb-dev"
-  cdbNamespace: "oracle-database-operator-system"
-  pdbName: "pdbdev"
-  action: "Delete"
-  dropAction: "INCLUDING"
-  pdbTlsKey:
-    secret:
-      secretName: "db-tls"
-      key: "tls.key"
-  pdbTlsCrt:
-    secret:
-      secretName: "db-tls"
-      key: "tls.crt"
-  pdbTlsCat:
-    secret:
-      secretName: "db-ca"
-      key: "ca.crt"
-  webServerUser:
-    secret:
-      secretName: "[...]"
-      key: "[...]"
-  webServerPwd:
-    secret:
-      secretName: "[...]"
-      key: "[...]"
-  pdbOrdsPrvKey:
-    secret:
-      secretName: "prvkey"
-      key: "privateKey"
-
-        
diff --git a/docs/multitenant/ords-based/provisioning/singlenamespace/pdb_open.yaml b/docs/multitenant/ords-based/provisioning/singlenamespace/pdb_open.yaml
deleted file mode 100644
index 866db3e4..00000000
--- a/docs/multitenant/ords-based/provisioning/singlenamespace/pdb_open.yaml
+++ /dev/null
@@ -1,47 +0,0 @@
-apiVersion: database.oracle.com/v4
-kind: PDB
-metadata:
-  name: pdb1
-  namespace: oracle-database-operator-system
-  labels:
-    cdb: cdb-dev
-spec:
-  cdbResName: "cdb-dev"
-  cdbNamespace: "oracle-database-operator-system"
-  cdbName: "DB12"
-  pdbName: "pdbdev"
-  adminName:
-    secret:
-      secretName: "[...]"
-      key: "[...]" 
-  adminPwd:
-    secret:
-      secretName: "[...]"
-      key: "[...]"
-  pdbTlsKey:
-    secret:
-      secretName: "db-tls"
-      key: "tls.key"
-  pdbTlsCrt:
-    secret:
-      secretName: "db-tls"
-      key: "tls.crt"
-  pdbTlsCat:
-    secret:
-      secretName: "db-ca"
-      key: "ca.crt"
-  webServerUser:
-    secret:
-      secretName: "[...]"
-      key: "[...]"
-  webServerPwd:
-    secret:
-      secretName: "[...]"
-      key: "[...]"
-  pdbOrdsPrvKey:
-    secret:
-      secretName: "prvkey"
-      key: "privateKey"
-  action: "Modify"
-  pdbState: "OPEN"
-  modifyOption: "READ WRITE"
diff --git a/docs/multitenant/ords-based/provisioning/singlenamespace/pdb_plug.yaml b/docs/multitenant/ords-based/provisioning/singlenamespace/pdb_plug.yaml
deleted file mode 100644
index e6605276..00000000
--- a/docs/multitenant/ords-based/provisioning/singlenamespace/pdb_plug.yaml
+++ /dev/null
@@ -1,55 +0,0 @@
-#
-# Copyright (c) 2022, Oracle and/or its affiliates. All rights reserved.
-# Licensed under the Universal Permissive License v 1.0 as shown at http://oss.oracle.com/licenses/upl.
-#
-apiVersion: database.oracle.com/v4
-kind: PDB
-metadata:
-  name: pdb1
-  namespace: oracle-database-operator-system
-  labels:
-    cdb: cdb-dev
-spec:
-  cdbResName: "cdb-dev"
-  cdbNamespace: "oracle-database-operator-system"
-  cdbName: "DB12"
-  pdbName: "pdbdev"
-  xmlFileName: "/tmp/pdb.xml"
-  fileNameConversions: "NONE"
-  sourceFileNameConversions: "NONE"
-  copyAction: "MOVE"
-  totalSize: "1G"
-  tempSize: "100M"
-  action: "Plug"
-  assertivePdbDeletion: true
-  pdbTlsKey:
-    secret:
-      secretName: "db-tls"
-      key: "tls.key"
-  pdbTlsCrt:
-    secret:
-      secretName: "db-tls"
-      key: "tls.crt"
-  pdbTlsCat:
-    secret:
-      secretName: "db-ca"
-      key: "ca.crt"
-  webServerUser:
-    secret:
-      secretName: "pdb1-secret"
-      key: "webserver_user"
-  webServerPwd:
-    secret:
-      secretName: "pdb1-secret"
-      key: "webserver_pwd"
-      secretName: "[...]"
-      key: "[...]"
-  webServerPwd:
-    secret:
-      secretName: "[...]"
-      key: "[...]"
-  pdbOrdsPrvKey:
-    secret:
-      secretName: "prvkey"
-      key: "privateKey"
-
diff --git a/docs/multitenant/ords-based/provisioning/singlenamespace/pdb_secret.yaml b/docs/multitenant/ords-based/provisioning/singlenamespace/pdb_secret.yaml
deleted file mode 100644
index 60d95d76..00000000
--- a/docs/multitenant/ords-based/provisioning/singlenamespace/pdb_secret.yaml
+++ /dev/null
@@ -1,16 +0,0 @@
-#
-# Copyright (c) 2022, Oracle and/or its affiliates. All rights reserved.
-# Licensed under the Universal Permissive License v 1.0 as shown at http://oss.oracle.com/licenses/upl.
-#
-apiVersion: v1
-kind: Secret
-metadata:
-  name: pdb1-secret
-  namespace: oracle-database-operator-system
-type: Opaque 
-data: 
-  sysadmin_user:  ".....base64 encoded password...."
-  sysadmin_pwd:   ".....base64 encoded password...."
-  webserver_user: ".....base64 encoded password...."
-  webserver_pwd:  ".....base64 encoded password...."
-
diff --git a/docs/multitenant/ords-based/provisioning/singlenamespace/pdb_unplug.yaml b/docs/multitenant/ords-based/provisioning/singlenamespace/pdb_unplug.yaml
deleted file mode 100644
index 4e404efe..00000000
--- a/docs/multitenant/ords-based/provisioning/singlenamespace/pdb_unplug.yaml
+++ /dev/null
@@ -1,49 +0,0 @@
-#
-# Copyright (c) 2022, Oracle and/or its affiliates. All rights reserved.
-# Licensed under the Universal Permissive License v 1.0 as shown at http://oss.oracle.com/licenses/upl.
-#
-apiVersion: database.oracle.com/v4
-kind: PDB
-metadata:
-  name: pdb1
-  namespace: oracle-database-operator-system
-  labels:
-    cdb: cdb-dev
-spec:
-  cdbResName: "cdb-dev"
-  cdbNamespace: "oracle-database-operator-system"
-  cdbName: "DB12"
-  pdbName: "pdbdev"
-  xmlFileName: "/tmp/pdb.xml"
-  action: "Unplug"
-  pdbTlsKey:
-    secret:
-      secretName: "db-tls"
-      key: "tls.key"
-  pdbTlsCrt:
-    secret:
-      secretName: "db-tls"
-      key: "tls.crt"
-  pdbTlsCat:
-    secret:
-      secretName: "db-ca"
-      key: "ca.crt"
-  webServerUser:
-    secret:
-      secretName: "pdb1-secret"
-      key: "webserver_user"
-  webServerPwd:
-    secret:
-      secretName: "pdb1-secret"
-      key: "webserver_pwd"
-      secretName: "[...]"
-      key: "[...]"
-  webServerPwd:
-    secret:
-      secretName: "[...]"
-      key: "[...]"
-  pdbOrdsPrvKey:
-    secret:
-      secretName: "prvkey"
-      key: "privateKey"
-
diff --git a/docs/multitenant/ords-based/usecase/README.md b/docs/multitenant/ords-based/usecase/README.md
deleted file mode 100644
index b6f5e590..00000000
--- a/docs/multitenant/ords-based/usecase/README.md
+++ /dev/null
@@ -1,112 +0,0 @@
-<span style="font-family:Liberation mono; font-size:0.9em; line-height: 1.1em">
-
-
-# Use case directory 
-
-The use case directory contains the yaml files to test the multitenant controller functionalities: create ords pod and pdb operation  *create / open / close / unplug / plug / delete / clone /map / parameter session*  
-In this exampl the cdb and pdbs resources are depolyed in different namespaces
-
-## Makefile helper
-
-Customizing yaml files (tns alias / credential / namespaces name etc...) is a long procedure prone to human error. A simple [makefile](../usecase/makefile) is available to quickly and safely configure yaml files with your system environment information. Just edit the [parameter file](../usecase/parameters.txt)  before proceding. 
-
-```text 
-[👉 CHECK PARAMETERS..................]
-TNSALIAS...............:(DESCRIPTION=(CONNECT_TIMEOUT=90)(RETRY_COUNT=30)(RETRY_DELA....
-ORDPWD.................:[Password for ORDS_PUBLIC_USER ]
-SYSPWD.................:[SYS password]
-WBUSER.................:[username for https authentication]
-WBPASS.................:[password for https authentication]
-PDBUSR.................:[pdb admin user]
-PDBPWD.................:[pdb admin password]
-CDBUSR.................:[cdb admin user e.g. C##DBAPI_CDB_ADMIN]
-CDBPWD.................:[cdb admin password]
-PDBNAMESPACE...........:[namespace for pdb]
-CDBNAMESPACE...........:[namespace for cdb]
-COMPANY................:oracle
-APIVERSION.............:v4 ---> do not edit
-```
-
-⚠ **WARNING: The makefile is intended to speed up the usecase directory configuartion only, it is not supported, the editing and configuration of yaml files for production system is left up to the end user** 
-
-### Pre requisistes:  
-
-- Make sure that **kubectl** is properly configured.
-- Make sure that all requirements listed in the [operator installation page](../../../../docs/installation/OPERATOR_INSTALLATION_README.md) are implemented. (role binding,webcert,etc)
-- Make sure that administrative user on the container database is configured as documented.
-
-### Commands 
-
-Review your configuraton running ```make check```; if all the parameters are correct then you can proceed with yaml files and certificates generation
-
-By excuting command ```make operator``` You will have in your directory an operator yaml file with the  WATCH LIST required to operate with multiple namespaces.
-Note that the yaml file is not applyed; you need to manually execute ```kubectl apply -f oracle-database-operator.yaml```.
-
-```bash
-make operator
-```
-You can generate all the other yaml files for pdb life cycle management using ```make genyaml```
-
-```bash
-make genyaml
-```
-
-list of generated yaml files 
-
-```text 
--rw-r--r-- 1 mmalvezz g900 137142 Nov 13 09:35 oracle-database-operator.yaml
--rw-r--r-- 1 mmalvezz g900    321 Nov 13 10:27 create_cdb_secrets.yaml
--rw-r--r-- 1 mmalvezz g900    234 Nov 13 10:27 create_pdb_secrets.yaml
--rw-r--r-- 1 mmalvezz g900    381 Nov 13 10:27 pdbnamespace_binding.yaml
--rw-r--r-- 1 mmalvezz g900    381 Nov 13 10:27 cdbnamespace_binding.yaml
--rw-r--r-- 1 mmalvezz g900   1267 Nov 13 10:27 create_ords_pod.yaml
--rw-r--r-- 1 mmalvezz g900    935 Nov 13 10:27 create_pdb1_resource.yaml
--rw-r--r-- 1 mmalvezz g900    935 Nov 13 10:27 create_pdb2_resource.yaml
--rw-r--r-- 1 mmalvezz g900    842 Nov 13 10:27 open_pdb1_resource.yaml
--rw-r--r-- 1 mmalvezz g900    842 Nov 13 10:27 open_pdb2_resource.yaml
--rw-r--r-- 1 mmalvezz g900    845 Nov 13 10:27 open_pdb3_resource.yaml
--rw-r--r-- 1 mmalvezz g900    842 Nov 13 10:27 close_pdb1_resource.yaml
--rw-r--r-- 1 mmalvezz g900    842 Nov 13 10:27 close_pdb2_resource.yaml
--rw-r--r-- 1 mmalvezz g900    846 Nov 13 10:27 close_pdb3_resource.yaml
--rw-r--r-- 1 mmalvezz g900    927 Nov 13 10:27 clone_pdb1_resource.yaml
--rw-r--r-- 1 mmalvezz g900    928 Nov 13 10:27 clone_pdb2_resource.yaml
--rw-r--r-- 1 mmalvezz g900    802 Nov 13 10:27 delete_pdb1_resource.yaml
--rw-r--r-- 1 mmalvezz g900    802 Nov 13 10:27 delete_pdb2_resource.yaml
--rw-r--r-- 1 mmalvezz g900    824 Nov 13 10:27 unplug_pdb1_resource.yaml
--rw-r--r-- 1 mmalvezz g900    992 Nov 13 10:27 plug_pdb1_resource.yaml
--rw-r--r-- 1 mmalvezz g900    887 Nov 13 10:27 map_pdb1_resource.yaml
--rw-r--r-- 1 mmalvezz g900    887 Nov 13 10:27 map_pdb2_resource.yaml
--rw-r--r-- 1 mmalvezz g900    890 Nov 13 10:27 map_pdb3_resource.yaml
-```
-
-The command ```make secretes ``` will configure database secrets credential and certificates secretes 
-
-```bash
-make secrets
-```
-
-
-
-The makefile includes other different targets that can be used to test the various pdb operations available. E.g.
-
-```makefile
-run03.2:
-        @$(call msg,"clone pdb2-->pdb4")
-        $(KUBECTL) apply -f $(PDBCLONE2)
-        $(KUBECTL) wait --for jsonpath='{.status.phase'}="Ready" pdb pdb4 -n $(PDBNAMESPACE) --timeout=$(TEST_EXEC_TIMEOUT)
-        @$(call msg,"clone pdb2-->pdb4 completed")
-        $(KUBECTL) get pdb pdb3 -n $(PDBNAMESPACE) 
-```
-The target ```run03.2``` clones pdb2 into pdb4 and wait for ```$TEST_EXEC_TIMEOUT``` for the operation to complete. 
-
-### Output executions:.
-
-```make secrets```
-
-![image](../images/makesecrets_1_1.png)
-
- 
-
-```make runall``` executes different pdb operations including the cdb controller creation 
-
-![image](../images/makerunall.png)
\ No newline at end of file
diff --git a/docs/multitenant/ords-based/usecase/cdbnamespace_binding.yaml b/docs/multitenant/ords-based/usecase/cdbnamespace_binding.yaml
deleted file mode 100644
index 5fd355f4..00000000
--- a/docs/multitenant/ords-based/usecase/cdbnamespace_binding.yaml
+++ /dev/null
@@ -1,13 +0,0 @@
-apiVersion: rbac.authorization.k8s.io/v1
-kind: RoleBinding
-metadata:
-  name: oracle-database-operator-oracle-database-operator-manager-rolebinding2
-  namespace: cdbnamespace
-roleRef:
-  apiGroup: rbac.authorization.k8s.io
-  kind: ClusterRole
-  name: oracle-database-operator-manager-role
-subjects:
-- kind: ServiceAccount
-  name: default
-  namespace: oracle-database-operator-system
diff --git a/docs/multitenant/ords-based/usecase/clone_pdb1_resource.yaml b/docs/multitenant/ords-based/usecase/clone_pdb1_resource.yaml
deleted file mode 100644
index 5723f7c6..00000000
--- a/docs/multitenant/ords-based/usecase/clone_pdb1_resource.yaml
+++ /dev/null
@@ -1,50 +0,0 @@
-apiVersion: database.oracle.com/v4
-kind: PDB
-metadata:
-  name: pdb3
-  namespace: pdbnamespace
-  labels:
-    cdb: cdb-dev
-spec:
-  cdbResName: "cdb-dev"
-  cdbNamespace: "cdbnamespace"
-  cdbName: "DB12"
-  pdbName: "new_clone"
-  srcPdbName: "pdbdev"
-  fileNameConversions: "NONE"
-  totalSize: "UNLIMITED"
-  tempSize: "UNLIMITED"
-  assertivePdbDeletion: true
-  action: "Clone"
-  adminName:
-    secret:
-      secretName: "pdbusr"
-      key: "e_pdbusr.txt"
-  adminPwd:
-    secret:
-      secretName: "pdbpwd"
-      key: "e_pdbpwd.txt"
-  pdbTlsKey:
-    secret:
-      secretName: "db-tls"
-      key: "tls.key"
-  pdbTlsCrt:
-    secret:
-      secretName: "db-tls"
-      key: "tls.crt"
-  pdbTlsCat:
-    secret:
-      secretName: "db-ca"
-      key: "ca.crt"
-  webServerUser:
-    secret:
-      secretName: "wbuser"
-      key: "e_wbuser.txt"
-  webServerPwd:
-    secret:
-      secretName: "wbpass"
-      key: "e_wbpass.txt"
-  pdbOrdsPrvKey:
-    secret:
-      secretName: "prvkey"
-      key: "privateKey"
diff --git a/docs/multitenant/ords-based/usecase/clone_pdb2_resource.yaml b/docs/multitenant/ords-based/usecase/clone_pdb2_resource.yaml
deleted file mode 100644
index 2b9fc70a..00000000
--- a/docs/multitenant/ords-based/usecase/clone_pdb2_resource.yaml
+++ /dev/null
@@ -1,50 +0,0 @@
-apiVersion: database.oracle.com/v4
-kind: PDB
-metadata:
-  name: pdb4
-  namespace: pdbnamespace
-  labels:
-    cdb: cdb-dev
-spec:
-  cdbResName: "cdb-dev"
-  cdbNamespace: "cdbnamespace"
-  cdbName: "DB12"
-  pdbName: "new_clone2"
-  srcPdbName: "pdbprd"
-  fileNameConversions: "NONE"
-  totalSize: "UNLIMITED"
-  tempSize: "UNLIMITED"
-  assertivePdbDeletion: true
-  action: "Clone"
-  adminName:
-    secret:
-      secretName: "pdbusr"
-      key: "e_pdbusr.txt"
-  adminPwd:
-    secret:
-      secretName: "pdbpwd"
-      key: "e_pdbpwd.txt"
-  pdbTlsKey:
-    secret:
-      secretName: "db-tls"
-      key: "tls.key"
-  pdbTlsCrt:
-    secret:
-      secretName: "db-tls"
-      key: "tls.crt"
-  pdbTlsCat:
-    secret:
-      secretName: "db-ca"
-      key: "ca.crt"
-  webServerUser:
-    secret:
-      secretName: "wbuser"
-      key: "e_wbuser.txt"
-  webServerPwd:
-    secret:
-      secretName: "wbpass"
-      key: "e_wbpass.txt"
-  pdbOrdsPrvKey:
-    secret:
-      secretName: "prvkey"
-      key: "privateKey"
diff --git a/docs/multitenant/ords-based/usecase/close_pdb1_resource.yaml b/docs/multitenant/ords-based/usecase/close_pdb1_resource.yaml
deleted file mode 100644
index ae837ce0..00000000
--- a/docs/multitenant/ords-based/usecase/close_pdb1_resource.yaml
+++ /dev/null
@@ -1,47 +0,0 @@
-apiVersion: database.oracle.com/v4
-kind: PDB
-metadata:
-  name: pdb1
-  namespace: pdbnamespace
-  labels:
-    cdb: cdb-dev
-spec:
-  cdbResName: "cdb-dev"
-  cdbNamespace: "cdbnamespace"
-  cdbName: "DB12"
-  pdbName: "pdbdev"
-  pdbState: "CLOSE"
-  modifyOption: "IMMEDIATE"
-  action: "Modify"
-  adminName:
-    secret:
-      secretName: "pdbusr"
-      key: "e_pdbusr.txt"
-  adminPwd:
-    secret:
-      secretName: "pdbpwd"
-      key: "e_pdbpwd.txt"
-  pdbTlsKey:
-    secret:
-      secretName: "db-tls"
-      key: "tls.key"
-  pdbTlsCrt:
-    secret:
-      secretName: "db-tls"
-      key: "tls.crt"
-  pdbTlsCat:
-    secret:
-      secretName: "db-ca"
-      key: "ca.crt"
-  webServerUser:
-    secret:
-      secretName: "wbuser"
-      key: "e_wbuser.txt"
-  webServerPwd:
-    secret:
-      secretName: "wbpass"
-      key: "e_wbpass.txt"
-  pdbOrdsPrvKey:
-    secret:
-      secretName: "prvkey"
-      key: "privateKey"
diff --git a/docs/multitenant/ords-based/usecase/close_pdb2_resource.yaml b/docs/multitenant/ords-based/usecase/close_pdb2_resource.yaml
deleted file mode 100644
index 1b5d1324..00000000
--- a/docs/multitenant/ords-based/usecase/close_pdb2_resource.yaml
+++ /dev/null
@@ -1,47 +0,0 @@
-apiVersion: database.oracle.com/v4
-kind: PDB
-metadata:
-  name: pdb2
-  namespace: pdbnamespace
-  labels:
-    cdb: cdb-dev
-spec:
-  cdbResName: "cdb-dev"
-  cdbNamespace: "cdbnamespace"
-  cdbName: "DB12"
-  pdbName: "pdbprd"
-  pdbState: "CLOSE"
-  modifyOption: "IMMEDIATE"
-  action: "Modify"
-  adminName:
-    secret:
-      secretName: "pdbusr"
-      key: "e_pdbusr.txt"
-  adminPwd:
-    secret:
-      secretName: "pdbpwd"
-      key: "e_pdbpwd.txt"
-  pdbTlsKey:
-    secret:
-      secretName: "db-tls"
-      key: "tls.key"
-  pdbTlsCrt:
-    secret:
-      secretName: "db-tls"
-      key: "tls.crt"
-  pdbTlsCat:
-    secret:
-      secretName: "db-ca"
-      key: "ca.crt"
-  webServerUser:
-    secret:
-      secretName: "wbuser"
-      key: "e_wbuser.txt"
-  webServerPwd:
-    secret:
-      secretName: "wbpass"
-      key: "e_wbpass.txt"
-  pdbOrdsPrvKey:
-    secret:
-      secretName: "prvkey"
-      key: "privateKey"
diff --git a/docs/multitenant/ords-based/usecase/close_pdb3_resource.yaml b/docs/multitenant/ords-based/usecase/close_pdb3_resource.yaml
deleted file mode 100644
index f4a32938..00000000
--- a/docs/multitenant/ords-based/usecase/close_pdb3_resource.yaml
+++ /dev/null
@@ -1,47 +0,0 @@
-apiVersion: database.oracle.com/v4
-kind: PDB
-metadata:
-  name: pdb3
-  namespace: pdbnamespace
-  labels:
-    cdb: cdb-dev
-spec:
-  cdbResName: "cdb-dev"
-  cdbNamespace: "cdbnamespace"
-  cdbName: "DB12"
-  pdbName: ""new_clone"
-  pdbState: "CLOSE"
-  modifyOption: "IMMEDIATE"
-  action: "Modify"
-  adminName:
-    secret:
-      secretName: "pdbusr"
-      key: "e_pdbusr.txt"
-  adminPwd:
-    secret:
-      secretName: "pdbpwd"
-      key: "e_pdbpwd.txt"
-  pdbTlsKey:
-    secret:
-      secretName: "db-tls"
-      key: "tls.key"
-  pdbTlsCrt:
-    secret:
-      secretName: "db-tls"
-      key: "tls.crt"
-  pdbTlsCat:
-    secret:
-      secretName: "db-ca"
-      key: "ca.crt"
-  webServerUser:
-    secret:
-      secretName: "wbuser"
-      key: "e_wbuser.txt"
-  webServerPwd:
-    secret:
-      secretName: "wbpass"
-      key: "e_wbpass.txt"
-  pdbOrdsPrvKey:
-    secret:
-      secretName: "prvkey"
-      key: "privateKey"
diff --git a/docs/multitenant/ords-based/usecase/create_ords_pod.yaml b/docs/multitenant/ords-based/usecase/create_ords_pod.yaml
deleted file mode 100644
index ad196c9d..00000000
--- a/docs/multitenant/ords-based/usecase/create_ords_pod.yaml
+++ /dev/null
@@ -1,48 +0,0 @@
-apiVersion: database.oracle.com/v4
-kind: CDB
-metadata: 
-  name: cdb-dev
-  namespace: cdbnamespace
-spec:
-  cdbName: "DB12"
-  ordsImage: _your_container_registry/ords-dboper:latest
-  ordsImagePullPolicy: "Always"
-  dbTnsurl : "T H I S   I S  J U S T   A N  E X A M P L E (DESCRIPTION=(CONNECT_TIMEOUT=90)(RETRY_COUNT=30)(RETRY_DELAY=10)(TRANSPORT_CONNECT_TIMEOUT=70)(LOAD_BALLANCE=ON)(ADDRESS=(PROTOCOL=TCP)(HOST=scan12.testrac.com)(PORT=1521)(IP=V4_ONLY))(LOAD_BALLANCE=ON)(ADDRESS=(PROTOCOL=TCP)(HOST=scan34.testrac.com)(PORT=1521)(IP=V4_ONLY))(CONNECT_DATA=(SERVER=DEDICATED)(SERVICE_NAME=TESTORDS)))"
-  replicas: 1
-  deletePdbCascade: true
-  sysAdminPwd:
-    secret:
-      secretName: "syspwd"
-      key: "e_syspwd.txt"
-  ordsPwd:
-    secret:
-      secretName: "ordpwd"
-      key: "e_ordpwd.txt"
-  cdbAdminUser:
-    secret:
-      secretName: "cdbusr"
-      key: "e_cdbusr.txt"
-  cdbAdminPwd:
-    secret:
-      secretName: "cdbpwd"
-      key: "e_cdbpwd.txt"
-  webServerUser:
-    secret:
-      secretName: "wbuser"
-      key: "e_wbuser.txt"
-  webServerPwd:
-    secret:
-      secretName: "wbpass"
-      key: "e_wbpass.txt"
-  cdbTlsKey:
-    secret:
-      secretName: "db-tls"
-      key: "tls.key"
-  cdbTlsCrt:
-    secret:
-      secretName: "db-tls"
-      key: "tls.crt"
-  cdbOrdsPrvKey:
-    secret:
-      secretName: "prvkey"
-      key: "privateKey"
diff --git a/docs/multitenant/ords-based/usecase/create_pdb1_resource.yaml b/docs/multitenant/ords-based/usecase/create_pdb1_resource.yaml
deleted file mode 100644
index 84e910e0..00000000
--- a/docs/multitenant/ords-based/usecase/create_pdb1_resource.yaml
+++ /dev/null
@@ -1,51 +0,0 @@
-apiVersion: database.oracle.com/v4
-kind: PDB
-metadata:
-  name: pdb1
-  namespace: pdbnamespace
-  labels:
-    cdb: cdb-dev
-spec:
-  cdbResName: "cdb-dev"
-  cdbNamespace: "cdbnamespace"
-  cdbName: "DB12"
-  pdbName: "pdbdev"
-  assertivePdbDeletion: true
-  fileNameConversions: "NONE"
-  unlimitedStorage: false
-  tdeImport: false
-  totalSize: "2G"
-  tempSize: "800M"
-  action: "Create"
-  adminName:
-    secret:
-      secretName: "pdbusr"
-      key: "e_pdbusr.txt"
-  adminPwd:
-    secret:
-      secretName: "pdbpwd"
-      key: "e_pdbpwd.txt"
-  pdbTlsKey:
-    secret:
-      secretName: "db-tls"
-      key: "tls.key"
-  pdbTlsCrt:
-    secret:
-      secretName: "db-tls"
-      key: "tls.crt"
-  pdbTlsCat:
-    secret:
-      secretName: "db-ca"
-      key: "ca.crt"
-  webServerUser:
-    secret:
-      secretName: "wbuser"
-      key: "e_wbuser.txt"
-  webServerPwd:
-    secret:
-      secretName: "wbpass"
-      key: "e_wbpass.txt"
-  pdbOrdsPrvKey:
-    secret:
-      secretName: "prvkey"
-      key: "privateKey"
diff --git a/docs/multitenant/ords-based/usecase/create_pdb2_resource.yaml b/docs/multitenant/ords-based/usecase/create_pdb2_resource.yaml
deleted file mode 100644
index 0a71c7c3..00000000
--- a/docs/multitenant/ords-based/usecase/create_pdb2_resource.yaml
+++ /dev/null
@@ -1,51 +0,0 @@
-apiVersion: database.oracle.com/v4
-kind: PDB
-metadata:
-  name: pdb2
-  namespace: pdbnamespace
-  labels:
-    cdb: cdb-dev
-spec:
-  cdbResName: "cdb-dev"
-  cdbNamespace: "cdbnamespace"
-  cdbName: "DB12"
-  pdbName: "pdbprd"
-  assertivePdbDeletion: true
-  fileNameConversions: "NONE"
-  unlimitedStorage: false
-  tdeImport: false
-  totalSize: "2G"
-  tempSize: "800M"
-  action: "Create"
-  adminName:
-    secret:
-      secretName: "pdbusr"
-      key: "e_pdbusr.txt"
-  adminPwd:
-    secret:
-      secretName: "pdbpwd"
-      key: "e_pdbpwd.txt"
-  pdbTlsKey:
-    secret:
-      secretName: "db-tls"
-      key: "tls.key"
-  pdbTlsCrt:
-    secret:
-      secretName: "db-tls"
-      key: "tls.crt"
-  pdbTlsCat:
-    secret:
-      secretName: "db-ca"
-      key: "ca.crt"
-  webServerUser:
-    secret:
-      secretName: "wbuser"
-      key: "e_wbuser.txt"
-  webServerPwd:
-    secret:
-      secretName: "wbpass"
-      key: "e_wbpass.txt"
-  pdbOrdsPrvKey:
-    secret:
-      secretName: "prvkey"
-      key: "privateKey"
diff --git a/docs/multitenant/ords-based/usecase/delete_pdb1_resource.yaml b/docs/multitenant/ords-based/usecase/delete_pdb1_resource.yaml
deleted file mode 100644
index 3aba580c..00000000
--- a/docs/multitenant/ords-based/usecase/delete_pdb1_resource.yaml
+++ /dev/null
@@ -1,45 +0,0 @@
-apiVersion: database.oracle.com/v4
-kind: PDB
-metadata:
-  name: pdb1
-  namespace: pdbnamespace
-  labels:
-    cdb: cdb-dev
-spec:
-  cdbResName: "cdb-dev"
-  cdbNamespace: "cdbnamespace"
-  pdbName: "pdbdev"
-  action: "Delete"
-  dropAction: "INCLUDING"
-  adminName:
-    secret:
-      secretName: "pdbusr"
-      key: "e_pdbusr.txt"
-  adminPwd:
-    secret:
-      secretName: "pdbpwd"
-      key: "e_pdbpwd.txt"
-  pdbTlsKey:
-    secret:
-      secretName: "db-tls"
-      key: "tls.key"
-  pdbTlsCrt:
-    secret:
-      secretName: "db-tls"
-      key: "tls.crt"
-  pdbTlsCat:
-    secret:
-      secretName: "db-ca"
-      key: "ca.crt"
-  webServerUser:
-    secret:
-      secretName: "wbuser"
-      key: "e_wbuser.txt"
-  webServerPwd:
-    secret:
-      secretName: "wbpass"
-      key: "e_wbpass.txt"
-  pdbOrdsPrvKey:
-    secret:
-      secretName: "prvkey"
-      key: "privateKey"
diff --git a/docs/multitenant/ords-based/usecase/delete_pdb2_resource.yaml b/docs/multitenant/ords-based/usecase/delete_pdb2_resource.yaml
deleted file mode 100644
index 59b50a64..00000000
--- a/docs/multitenant/ords-based/usecase/delete_pdb2_resource.yaml
+++ /dev/null
@@ -1,45 +0,0 @@
-apiVersion: database.oracle.com/v4
-kind: PDB
-metadata:
-  name: pdb2
-  namespace: pdbnamespace
-  labels:
-    cdb: cdb-dev
-spec:
-  cdbResName: "cdb-dev"
-  cdbNamespace: "cdbnamespace"
-  pdbName: "pdbprd"
-  action: "Delete"
-  dropAction: "INCLUDING"
-  adminName:
-    secret:
-      secretName: "pdbusr"
-      key: "e_pdbusr.txt"
-  adminPwd:
-    secret:
-      secretName: "pdbpwd"
-      key: "e_pdbpwd.txt"
-  pdbTlsKey:
-    secret:
-      secretName: "db-tls"
-      key: "tls.key"
-  pdbTlsCrt:
-    secret:
-      secretName: "db-tls"
-      key: "tls.crt"
-  pdbTlsCat:
-    secret:
-      secretName: "db-ca"
-      key: "ca.crt"
-  webServerUser:
-    secret:
-      secretName: "wbuser"
-      key: "e_wbuser.txt"
-  webServerPwd:
-    secret:
-      secretName: "wbpass"
-      key: "e_wbpass.txt"
-  pdbOrdsPrvKey:
-    secret:
-      secretName: "prvkey"
-      key: "privateKey"
diff --git a/docs/multitenant/ords-based/usecase/makefile b/docs/multitenant/ords-based/usecase/makefile
deleted file mode 100644
index dc881598..00000000
--- a/docs/multitenant/ords-based/usecase/makefile
+++ /dev/null
@@ -1,915 +0,0 @@
-# Copyright (c) 2022, Oracle and/or its affiliates.
-# Licensed under the Universal Permissive License v 1.0 as shown at http://oss.oracle.com/licenses/upl.
-#   __  __       _         __ _ _
-#  |  \/  | __ _| | _____ / _(_) | ___
-#  | |\/| |/ _` | |/ / _ \ |_| | |/ _ \
-#  | |  | | (_| |   <  __/  _| | |  __/
-#  |_|  |_|\__,_|_|\_\___|_| |_|_|\___|
-#  | | | | ___| |_ __   ___ _ __
-#  | |_| |/ _ \ | '_ \ / _ \ '__|
-#  |  _  |  __/ | |_) |  __/ |
-#  |_| |_|\___|_| .__/ \___|_|
-#               |_|
-#
-#  WARNING: Using this makefile helps you to customize yaml  
-#           files. Edit parameters.txt with your enviroment 
-#           informartion and execute the following steps
-#
-#         1) make operator
-#            it configures the operator yaml files with the 
-#            watch namelist required by the multitenant controllers
-#      
-#         2) make genyaml 
-#            It automatically creates all the yaml files based on the 
-#            information available in the parameters file 
-#
-#         3) make secrets
-#            It configure the required secrets necessary to operate
-#            with pdbs multitenant controllers
-#
-#         4) make runall01
-#            Start a series of operation create open close delete and so on 
-#            
-#            LIST OF GENERAED YAML FILE
-#
-#               -----------------------------       ----------------------------------
-# 		oracle-database-operator.yaml     : oracle database operator
-# 		cdbnamespace_binding.yaml         : role binding for cdbnamespace
-# 		pdbnamespace_binding.yaml         : role binding for pdbnamespace
-# 		create_ords_pod.yaml             : create rest server pod
-# 		create_pdb1_resource.yaml       : create first pluggable database
-# 		create_pdb2_resource.yaml       : create second pluggable database
-# 		open_pdb1_resource.yaml         : open first pluggable database
-# 		open_pdb2_resource.yaml         : open second pluggable database
-# 		close_pdb1_resource.yaml        : close first pluggable database
-# 		close_pdb2_resource.yaml        : close second pluggable database
-# 		clone_pdb_resource.yaml         : clone thrid pluggable database
-# 		clone_pdb2_resource.yaml        : clone 4th pluggable database
-# 		delete_pdb1_resource.yaml       : delete first pluggable database
-# 		delete_pdb2_resource.yaml       : delete sencond pluggable database
-# 		delete_pdb3_resource.yaml       : delete thrid pluggable database
-# 		unplug_pdb1_resource.yaml       : unplug first pluggable database
-# 		plug_pdb1_resource.yaml         : plug first pluggable database
-# 		map_pdb1_resource.yaml          : map the first pluggable database
-# 		config_map.yam                  : pdb parameters array
-#
-DATE  := `date "+%y%m%d%H%M%S"`
-######################
-# PARAMETER SECTIONS #
-######################
-   
-export PARAMETERS=parameters.txt
-export TNSALIAS=$(shell cat $(PARAMETERS)  |grep -v ^\#|grep TNSALIAS|cut -d :  -f 2)
-export ORDPWD=$(shell cat $(PARAMETERS)|grep -v ^\#|grep ORDPWD|cut -d :  -f 2)
-export SYSPWD=$(shell cat $(PARAMETERS)|grep -v ^\#|grep SYSPWD|cut -d :  -f 2)
-export WBUSER=$(shell cat $(PARAMETERS)|grep -v ^\#|grep WBUSER|cut -d :  -f 2)
-export WBPASS=$(shell cat $(PARAMETERS)|grep -v ^\#|grep WBPASS|cut -d :  -f 2)
-export PDBUSR=$(shell cat $(PARAMETERS)|grep -v ^\#|grep PDBUSR|cut -d :  -f 2)
-export PDBPWD=$(shell cat $(PARAMETERS)|grep -v ^\#|grep PDBPWD|cut -d :  -f 2)
-export CDBUSR=$(shell cat $(PARAMETERS)|grep -v ^\#|grep CDBUSR|cut -d :  -f 2)
-export CDBPWD=$(shell cat $(PARAMETERS)|grep -v ^\#|grep CDBPWD|cut -d :  -f 2)
-export PDBNAMESPACE=$(shell cat $(PARAMETERS)|grep -v ^\#|grep PDBNAMESPACE|cut -d :  -f 2)
-export CDBNAMESPACE=$(shell cat $(PARAMETERS)|grep -v ^\#|grep CDBNAMESPACE|cut -d :  -f 2)
-export ORDSIMG=$(shell cat $(PARAMETERS)|grep -v ^\#|grep ORDSIMG|cut -d : -f 2,3)
-export COMPANY=$(shell cat $(PARAMETERS)|grep -v ^\#|grep COMPANY|cut -d : -f 2)
-export APIVERSION=$(shell cat $(PARAMETERS)|grep -v ^\#|grep APIVERSION|cut -d : -f 2)
-export OPRNAMESPACE=oracle-database-operator-system
-export ORACLE_OPERATOR_YAML=../../../../oracle-database-operator.yaml
-export TEST_EXEC_TIMEOUT=3m
-export IMAGE=oracle/ords-dboper:latest
-export ORDSIMGDIR=../../../../ords
-
-REST_SERVER=ords
-SKEY=tls.key
-SCRT=tls.crt
-CART=ca.crt
-PRVKEY=ca.key
-PUBKEY=public.pem
-COMPANY=oracle
-RUNTIME=/usr/bin/podman
-
-#################
-### FILE LIST ###
-#################
-
-export ORDS_POD=create_ords_pod.yaml
-
-export CDB_SECRETS=create_cdb_secrets.yaml
-export PDB_SECRETS=create_pdb_secrets.yaml
-
-export PDBCRE1=create_pdb1_resource.yaml
-export PDBCRE2=create_pdb2_resource.yaml
-
-export PDBCLOSE1=close_pdb1_resource.yaml
-export PDBCLOSE2=close_pdb2_resource.yaml
-export PDBCLOSE3=close_pdb3_resource.yaml
-
-export PDBOPEN1=open_pdb1_resource.yaml
-export PDBOPEN2=open_pdb2_resource.yaml
-export PDBOPEN3=open_pdb3_resource.yaml
-
-export PDBCLONE1=clone_pdb1_resource.yaml
-export PDBCLONE2=clone_pdb2_resource.yaml
-
-export PDBDELETE1=delete_pdb1_resource.yaml
-export PDBDELETE2=delete_pdb2_resource.yaml
-export PDBDELETE3=delete_pdb3_resource.yaml
-
-export PDBUNPLUG1=unplug_pdb1_resource.yaml
-export PDBPLUG1=plug_pdb1_resource.yaml
-
-export PDBMAP1=map_pdb1_resource.yaml
-export PDBMAP2=map_pdb2_resource.yaml
-export PDBMAP3=map_pdb3_resource.yaml
-
-export PDBMAP1=map_pdb1_resource.yaml
-export PDBMAP2=map_pdb2_resource.yaml
-export PDBMAP3=map_pdb3_resource.yaml
-
-
-##BINARIES
-export KUBECTL=/usr/bin/kubectl
-OPENSSL=/usr/bin/openssl
-ECHO=/usr/bin/echo
-RM=/usr/bin/rm
-CP=/usr/bin/cp
-TAR=/usr/bin/tar
-MKDIR=/usr/bin/mkdir
-SED=/usr/bin/sed
-
-define msg
-@printf "\033[31;7m%s\033[0m\r" "......................................]"
-@printf "\033[31;7m[\xF0\x9F\x91\x89 %s\033[0m\n" $(1)
-endef
-
-check:
-	$(call msg,"CHECK PARAMETERS")
-	@printf "TNSALIAS...............:%.60s....\n" $(TNSALIAS)
-	@printf "ORDPWD.................:%s\n" $(ORDPWD)
-	@printf "SYSPWD.................:%s\n" $(SYSPWD)
-	@printf "WBUSER.................:%s\n" $(WBUSER)
-	@printf "WBPASS.................:%s\n" $(WBPASS)
-	@printf "PDBUSR.................:%s\n" $(PDBUSR)
-	@printf "PDBPWD.................:%s\n" $(PDBPWD)
-	@printf "CDBUSR.................:%s\n" $(CDBUSR)
-	@printf "CDBPWD.................:%s\n" $(CDBPWD)
-	@printf "PDBNAMESPACE...........:%s\n" $(PDBNAMESPACE)
-	@printf "CDBNAMESPACE...........:%s\n" $(CDBNAMESPACE)
-	@printf "COMPANY................:%s\n" $(COMPANY)
-	@printf "APIVERSION.............:%s\n" $(APIVERSION)
-
-
-tlscrt:
-	$(call msg,"TLS GENERATION")
-	#$(OPENSSL) genrsa -out $(PRVKEY) 2048	
-	$(OPENSSL)  genpkey -algorithm RSA  -pkeyopt rsa_keygen_bits:2048 -pkeyopt rsa_keygen_pubexp:65537 > $(PRVKEY)
-	$(OPENSSL) req -new -x509 -days 365 -key $(PRVKEY) \
-    	       -subj "/C=CN/ST=GD/L=SZ/O=$(COMPANY), Inc./CN=$(COMPANY) Root CA" -out ca.crt
-	$(OPENSSL) req -newkey rsa:2048 -nodes -keyout $(SKEY) -subj \
-	       	"/C=CN/ST=GD/L=SZ/O=$(COMPANY), Inc./CN=cdb-dev-$(REST_SERVER).$(CDBNAMESPACE)" -out server.csr
-	$(ECHO) "subjectAltName=DNS:cdb-dev-$(REST_SERVER).$(CDBNAMESPACE)" > extfile.txt
-	$(OPENSSL) x509 -req -extfile extfile.txt -days 365 -in server.csr -CA ca.crt -CAkey $(PRVKEY) -CAcreateserial -out $(SCRT)
-	$(OPENSSL) rsa -in $(PRVKEY) -outform PEM  -pubout -out $(PUBKEY)
-
-tlssec:
-	$(call msg,"GENERATE TLS SECRET")
-	$(KUBECTL) create secret tls db-tls --key="$(SKEY)" --cert="$(SCRT)"  -n $(CDBNAMESPACE)
-	$(KUBECTL) create secret generic db-ca --from-file="$(CART)" -n $(CDBNAMESPACE)
-	$(KUBECTL) create secret tls db-tls --key="$(SKEY)" --cert="$(SCRT)"  -n $(PDBNAMESPACE)
-	$(KUBECTL) create secret generic db-ca --from-file="$(CART)"  -n $(PDBNAMESPACE)
-
-
-delsec:
-	$(call msg,"CLEAN OLD SECRETS")
-	$(eval SECRETSP:=$(shell kubectl get secrets -n $(PDBNAMESPACE) -o custom-columns=":metadata.name" --no-headers) )	
-	$(eval SECRETSL:=$(shell kubectl get secrets -n $(CDBNAMESPACE) -o custom-columns=":metadata.name" --no-headers) )	
-	@[ "${SECRETSP}" ] && ( \
-	       	printf "Deleteing secrets in namespace -n $(PDBNAMESPACE)\n") &&\
-	        ($(KUBECTL) delete secret  $(SECRETSP) -n $(PDBNAMESPACE))\
-	        || ( echo "No screts in namespace $(PDBNAMESPACE)")
-	@[ "${SECRETSL}" ] && ( \
-	       	printf "Deleteing secrets in namespace -n $(CDBNAMESPACE)\n") &&\
-	        ($(KUBECTL) delete secret  $(SECRETSL) -n $(CDBNAMESPACE))\
-	        || ( echo "No screts in namespace $(PDBNAMESPACE)")
-
-
-###### ENCRYPTED SECRETS ######
-export PRVKEY=ca.key
-export PUBKEY=public.pem
-WBUSERFILE=wbuser.txt
-WBPASSFILE=wbpass.txt
-CDBUSRFILE=cdbusr.txt
-CDBPWDFILE=cdbpwd.txt
-SYSPWDFILE=syspwd.txt
-ORDPWDFILE=ordpwd.txt
-PDBUSRFILE=pdbusr.txt
-PDBPWDFILE=pdbpwd.txt
-
-
-
-secrets: delsec tlscrt tlssec
-	$(OPENSSL) rsa -in $(PRVKEY) -outform PEM  -pubout -out $(PUBKEY)
-	$(KUBECTL) create secret generic pubkey --from-file=publicKey=$(PUBKEY) -n $(CDBNAMESPACE)
-	$(KUBECTL) create secret generic prvkey --from-file=privateKey=$(PRVKEY)  -n $(CDBNAMESPACE)
-	$(KUBECTL) create secret generic prvkey --from-file=privateKey="$(PRVKEY)" -n $(PDBNAMESPACE)
-	@$(ECHO) $(WBUSER) > $(WBUSERFILE)
-	@$(ECHO) $(WBPASS) > $(WBPASSFILE)
-	@$(ECHO) $(CDBPWD) > $(CDBPWDFILE)
-	@$(ECHO) $(CDBUSR) > $(CDBUSRFILE)
-	@$(ECHO) $(SYSPWD) > $(SYSPWDFILE)
-	@$(ECHO) $(ORDPWD) > $(ORDPWDFILE)
-	@$(ECHO) $(PDBUSR) > $(PDBUSRFILE)
-	@$(ECHO) $(PDBPWD) > $(PDBPWDFILE)
-	$(OPENSSL) rsautl -encrypt -pubin -inkey $(PUBKEY) -in $(WBUSERFILE) |base64 > e_$(WBUSERFILE)
-	$(OPENSSL) rsautl -encrypt -pubin -inkey $(PUBKEY) -in $(WBPASSFILE) |base64 > e_$(WBPASSFILE)
-	$(OPENSSL) rsautl -encrypt -pubin -inkey $(PUBKEY) -in $(CDBPWDFILE) |base64 > e_$(CDBPWDFILE)
-	$(OPENSSL) rsautl -encrypt -pubin -inkey $(PUBKEY) -in $(CDBUSRFILE) |base64 > e_$(CDBUSRFILE)
-	$(OPENSSL) rsautl -encrypt -pubin -inkey $(PUBKEY) -in $(SYSPWDFILE) |base64 > e_$(SYSPWDFILE)
-	$(OPENSSL) rsautl -encrypt -pubin -inkey $(PUBKEY) -in $(ORDPWDFILE) |base64 > e_$(ORDPWDFILE)
-	$(OPENSSL) rsautl -encrypt -pubin -inkey $(PUBKEY) -in $(PDBUSRFILE) |base64 > e_$(PDBUSRFILE)
-	$(OPENSSL) rsautl -encrypt -pubin -inkey $(PUBKEY) -in $(PDBPWDFILE) |base64 > e_$(PDBPWDFILE)
-	$(KUBECTL) create secret generic wbuser --from-file=e_$(WBUSERFILE) -n  $(CDBNAMESPACE)
-	$(KUBECTL) create secret generic wbpass --from-file=e_$(WBPASSFILE) -n  $(CDBNAMESPACE)
-	$(KUBECTL) create secret generic wbuser --from-file=e_$(WBUSERFILE) -n  $(PDBNAMESPACE)
-	$(KUBECTL) create secret generic wbpass --from-file=e_$(WBPASSFILE) -n  $(PDBNAMESPACE)
-	$(KUBECTL) create secret generic cdbpwd --from-file=e_$(CDBPWDFILE) -n  $(CDBNAMESPACE)
-	$(KUBECTL) create secret generic cdbusr --from-file=e_$(CDBUSRFILE) -n  $(CDBNAMESPACE)
-	$(KUBECTL) create secret generic syspwd --from-file=e_$(SYSPWDFILE) -n  $(CDBNAMESPACE)
-	$(KUBECTL) create secret generic ordpwd --from-file=e_$(ORDPWDFILE) -n  $(CDBNAMESPACE)
-	$(KUBECTL) create secret generic pdbusr --from-file=e_$(PDBUSRFILE) -n  $(PDBNAMESPACE)
-	$(KUBECTL) create secret generic pdbpwd --from-file=e_$(PDBPWDFILE) -n  $(PDBNAMESPACE)
-	$(RM)  $(WBUSERFILE)  $(WBPASSFILE) $(CDBPWDFILE) $(CDBUSRFILE)  $(SYSPWDFILE)  $(ORDPWDFILE)  $(PDBUSRFILE) $(PDBPWDFILE) 
-	$(RM)  e_$(WBUSERFILE)  e_$(WBPASSFILE) e_$(CDBPWDFILE) e_$(CDBUSRFILE)  e_$(SYSPWDFILE)  e_$(ORDPWDFILE)  e_$(PDBUSRFILE) e_$(PDBPWDFILE) 
-
-
-### YAML FILE SECTION ###
-operator:
-	$(CP) ${ORACLE_OPERATOR_YAML} .
-	${CP} `basename ${ORACLE_OPERATOR_YAML}` `basename ${ORACLE_OPERATOR_YAML}`.ORG
-	$(SED) -i  's/value: ""/value: $(OPRNAMESPACE),$(PDBNAMESPACE),$(CDBNAMESPACE)/g'   `basename ${ORACLE_OPERATOR_YAML}`
-
-
-define _script00
-cat <<EOF > authsection01.yaml
-  sysAdminPwd:
-    secret:
-      secretName: "syspwd"
-      key: "e_syspwd.txt"
-  ordsPwd:
-    secret:
-      secretName: "ordpwd"
-      key: "e_ordpwd.txt"
-  cdbAdminUser:
-    secret:
-      secretName: "cdbusr"
-      key: "e_cdbusr.txt"
-  cdbAdminPwd:
-    secret:
-      secretName: "cdbpwd"
-      key: "e_cdbpwd.txt"
-  webServerUser:
-    secret:
-      secretName: "wbuser"
-      key: "e_wbuser.txt"
-  webServerPwd:
-    secret:
-      secretName: "wbpass"
-      key: "e_wbpass.txt"
-  cdbTlsKey:
-    secret:
-      secretName: "db-tls"
-      key: "tls.key"
-  cdbTlsCrt:
-    secret:
-      secretName: "db-tls"
-      key: "tls.crt"
-  cdbOrdsPrvKey:
-    secret:
-      secretName: "prvkey"
-      key: "privateKey"
-EOF
-
-cat<<EOF > authsection02.yaml
-  adminName:
-    secret:
-      secretName: "pdbusr"
-      key: "e_pdbusr.txt"
-  adminPwd:
-    secret:
-      secretName: "pdbpwd"
-      key: "e_pdbpwd.txt"
-  pdbTlsKey:
-    secret:
-      secretName: "db-tls"
-      key: "tls.key"
-  pdbTlsCrt:
-    secret:
-      secretName: "db-tls"
-      key: "tls.crt"
-  pdbTlsCat:
-    secret:
-      secretName: "db-ca"
-      key: "ca.crt"
-  webServerUser:
-    secret:
-      secretName: "wbuser"
-      key: "e_wbuser.txt"
-  webServerPwd:
-    secret:
-      secretName: "wbpass"
-      key: "e_wbpass.txt"
-  pdbOrdsPrvKey:
-    secret:
-      secretName: "prvkey"
-      key: "privateKey"
-EOF
-
-
-cat <<EOF > ${PDBNAMESPACE}_binding.yaml
-apiVersion: rbac.authorization.k8s.io/v1
-kind: RoleBinding
-metadata:
-  name: oracle-database-operator-oracle-database-operator-manager-rolebinding1
-  namespace: ${PDBNAMESPACE}
-roleRef:
-  apiGroup: rbac.authorization.k8s.io
-  kind: ClusterRole
-  name: oracle-database-operator-manager-role
-subjects:
-- kind: ServiceAccount
-  name: default
-  namespace: oracle-database-operator-system
-EOF
-
-cat <<EOF > ${CDBNAMESPACE}_binding.yaml
-apiVersion: rbac.authorization.k8s.io/v1
-kind: RoleBinding
-metadata:
-  name: oracle-database-operator-oracle-database-operator-manager-rolebinding2
-  namespace: ${CDBNAMESPACE}
-roleRef:
-  apiGroup: rbac.authorization.k8s.io
-  kind: ClusterRole
-  name: oracle-database-operator-manager-role
-subjects:
-- kind: ServiceAccount
-  name: default
-  namespace: oracle-database-operator-system
-EOF
-
-endef
-export script00 = $(value _script00)
-secyaml:
-	@ eval "$$script00"
-
-#echo ords pod creation
-define _script01
-cat <<EOF > ${ORDS_POD}
-apiVersion: database.oracle.com/${APIVERSION}
-kind: CDB
-metadata: 
-  name: cdb-dev
-  namespace: ${CDBNAMESPACE}
-spec:
-  cdbName: "DB12"
-  ordsImage: ${ORDSIMG}
-  ordsImagePullPolicy: "Always"
-  dbTnsurl : ${TNSALIAS}
-  replicas: 1
-  deletePdbCascade: true
-EOF
-
-cat  authsection01.yaml >> ${ORDS_POD}
-
-endef
-export script01 = $(value _script01)
-
-
-define _script02
-
-cat <<EOF >${PDBCRE1}
-apiVersion: database.oracle.com/${APIVERSION}
-kind: PDB
-metadata:
-  name: pdb1
-  namespace: ${PDBNAMESPACE}
-  labels:
-    cdb: cdb-dev
-spec:
-  cdbResName: "cdb-dev"
-  cdbNamespace: "${CDBNAMESPACE}"
-  cdbName: "DB12"
-  pdbName: "pdbdev"
-  assertivePdbDeletion: true
-  fileNameConversions: "NONE"
-  unlimitedStorage: false
-  tdeImport: false
-  totalSize: "2G"
-  tempSize: "800M"
-  action: "Create"
-EOF
-
-cat <<EOF > ${PDBCRE2}
-apiVersion: database.oracle.com/${APIVERSION}
-kind: PDB
-metadata:
-  name: pdb2
-  namespace: ${PDBNAMESPACE}
-  labels:
-    cdb: cdb-dev
-spec:
-  cdbResName: "cdb-dev"
-  cdbNamespace: "${CDBNAMESPACE}"
-  cdbName: "DB12"
-  pdbName: "pdbprd"
-  assertivePdbDeletion: true
-  fileNameConversions: "NONE"
-  unlimitedStorage: false
-  tdeImport: false
-  totalSize: "2G"
-  tempSize: "800M"
-  action: "Create"
-EOF
-
-cat <<EOF >${PDBOPEN1}
-apiVersion: database.oracle.com/${APIVERSION}
-kind: PDB
-metadata:
-  name: pdb1
-  namespace: ${PDBNAMESPACE}
-  labels:
-    cdb: cdb-dev
-spec:
-  cdbResName: "cdb-dev"
-  cdbNamespace: "${CDBNAMESPACE}"
-  cdbName: "DB12"
-  pdbName: "pdbdev"
-  action: "Modify"
-  pdbState: "OPEN"
-  modifyOption: "READ WRITE"
-EOF
-
-cat <<EOF >${PDBOPEN2}
-apiVersion: database.oracle.com/${APIVERSION}
-kind: PDB
-metadata:
-  name: pdb2
-  namespace: ${PDBNAMESPACE}
-  labels:
-    cdb: cdb-dev
-spec:
-  cdbResName: "cdb-dev"
-  cdbNamespace: "${CDBNAMESPACE}"
-  cdbName: "DB12"
-  pdbName: "pdbprd"
-  action: "Modify"
-  pdbState: "OPEN"
-  modifyOption: "READ WRITE"
-EOF
-
-cat <<EOF >${PDBOPEN3}
-apiVersion: database.oracle.com/${APIVERSION}
-kind: PDB
-metadata:
-  name: pdb3
-  namespace: ${PDBNAMESPACE}
-  labels:
-    cdb: cdb-dev
-spec:
-  cdbResName: "cdb-dev"
-  cdbNamespace: "${CDBNAMESPACE}"
-  cdbName: "DB12"
-  pdbName: "new_clone"
-  action: "Modify"
-  pdbState: "OPEN"
-  modifyOption: "READ WRITE"
-EOF
-
-cat <<EOF >${PDBCLOSE1}
-apiVersion: database.oracle.com/${APIVERSION}
-kind: PDB
-metadata:
-  name: pdb1
-  namespace: ${PDBNAMESPACE}
-  labels:
-    cdb: cdb-dev
-spec:
-  cdbResName: "cdb-dev"
-  cdbNamespace: "${CDBNAMESPACE}"
-  cdbName: "DB12"
-  pdbName: "pdbdev"
-  pdbState: "CLOSE"
-  modifyOption: "IMMEDIATE"
-  action: "Modify"
-EOF
-
-cat <<EOF >${PDBCLOSE2}
-apiVersion: database.oracle.com/${APIVERSION}
-kind: PDB
-metadata:
-  name: pdb2
-  namespace: ${PDBNAMESPACE}
-  labels:
-    cdb: cdb-dev
-spec:
-  cdbResName: "cdb-dev"
-  cdbNamespace: "${CDBNAMESPACE}"
-  cdbName: "DB12"
-  pdbName: "pdbprd"
-  pdbState: "CLOSE"
-  modifyOption: "IMMEDIATE"
-  action: "Modify"
-EOF
-
-cat <<EOF >${PDBCLOSE3}
-apiVersion: database.oracle.com/${APIVERSION}
-kind: PDB
-metadata:
-  name: pdb3
-  namespace: ${PDBNAMESPACE}
-  labels:
-    cdb: cdb-dev
-spec:
-  cdbResName: "cdb-dev"
-  cdbNamespace: "${CDBNAMESPACE}"
-  cdbName: "DB12"
-  pdbName: ""new_clone"
-  pdbState: "CLOSE"
-  modifyOption: "IMMEDIATE"
-  action: "Modify"
-EOF
-
-cat <<EOF  > ${PDBCLONE1}
-apiVersion: database.oracle.com/${APIVERSION}
-kind: PDB
-metadata:
-  name: pdb3
-  namespace: ${PDBNAMESPACE}
-  labels:
-    cdb: cdb-dev
-spec:
-  cdbResName: "cdb-dev"
-  cdbNamespace: "${CDBNAMESPACE}"
-  cdbName: "DB12"
-  pdbName: "new_clone"
-  srcPdbName: "pdbdev"
-  fileNameConversions: "NONE"
-  totalSize: "UNLIMITED"
-  tempSize: "UNLIMITED"
-  assertivePdbDeletion: true
-  action: "Clone"
-EOF
-
-cat <<EOF  > ${PDBCLONE2}
-apiVersion: database.oracle.com/${APIVERSION}
-kind: PDB
-metadata:
-  name: pdb4
-  namespace: ${PDBNAMESPACE}
-  labels:
-    cdb: cdb-dev
-spec:
-  cdbResName: "cdb-dev"
-  cdbNamespace: "${CDBNAMESPACE}"
-  cdbName: "DB12"
-  pdbName: "new_clone2"
-  srcPdbName: "pdbprd"
-  fileNameConversions: "NONE"
-  totalSize: "UNLIMITED"
-  tempSize: "UNLIMITED"
-  assertivePdbDeletion: true
-  action: "Clone"
-EOF
-
-
-cat <<EOF > ${PDBDELETE1}
-apiVersion: database.oracle.com/${APIVERSION}
-kind: PDB
-metadata:
-  name: pdb1
-  namespace: ${PDBNAMESPACE}
-  labels:
-    cdb: cdb-dev
-spec:
-  cdbResName: "cdb-dev"
-  cdbNamespace: "${CDBNAMESPACE}"
-  pdbName: "pdbdev"
-  action: "Delete"
-  dropAction: "INCLUDING"
-EOF
-
-cat <<EOF > ${PDBDELETE2}
-apiVersion: database.oracle.com/${APIVERSION}
-kind: PDB
-metadata:
-  name: pdb2
-  namespace: ${PDBNAMESPACE}
-  labels:
-    cdb: cdb-dev
-spec:
-  cdbResName: "cdb-dev"
-  cdbNamespace: "${CDBNAMESPACE}"
-  pdbName: "pdbprd"
-  action: "Delete"
-  dropAction: "INCLUDING"
-EOF
-
-cat <<EOF > ${PDBUNPLUG1}
-apiVersion: database.oracle.com/${APIVERSION}
-kind: PDB
-metadata:
-  name: pdb1
-  namespace: ${PDBNAMESPACE}
-  labels:
-    cdb: cdb-dev
-spec:
-  cdbResName: "cdb-dev"
-  cdbNamespace: "${CDBNAMESPACE}"
-  cdbName: "DB12"
-  pdbName: "pdbdev"
-  xmlFileName: "/tmp/pdb.xml"
-  action: "Unplug"
-EOF
-
-cat <<EOF >${PDBPLUG1}
-apiVersion: database.oracle.com/${APIVERSION}
-kind: PDB
-metadata:
-  name: pdb1
-  namespace: ${PDBNAMESPACE}
-  labels:
-    cdb: cdb-dev
-spec:
-  cdbResName: "cdb-dev"
-  cdbNamespace: "${CDBNAMESPACE}"
-  cdbName: "DB12"
-  pdbName: "pdbdev"
-  xmlFileName: "/tmp/pdb.xml"
-  action: "plug"
-  fileNameConversions: "NONE"
-  sourceFileNameConversions: "NONE"
-  copyAction: "MOVE"
-  totalSize: "1G"
-  tempSize: "100M"
-  assertivePdbDeletion: true
-  action: "Plug"
-EOF
-
-cat <<EOF >${PDBMAP1}
-apiVersion: database.oracle.com/${APIVERSION}
-kind: PDB
-metadata:
-  name: pdb1
-  namespace: ${PDBNAMESPACE}
-  labels:
-    cdb: cdb-dev
-spec:
-  cdbResName: "cdb-dev"
-  cdbNamespace: "${CDBNAMESPACE}"
-  cdbName: "DB12"
-  pdbName: "pdbdev"
-  assertivePdbDeletion: true
-  fileNameConversions: "NONE"
-  totalSize: "1G"
-  tempSize: "100M"
-  action: "Map"
-EOF
-
-cat <<EOF >${PDBMAP2}
-apiVersion: database.oracle.com/${APIVERSION}
-kind: PDB
-metadata:
-  name: pdb2
-  namespace: ${PDBNAMESPACE}
-  labels:
-    cdb: cdb-dev
-spec:
-  cdbResName: "cdb-dev"
-  cdbNamespace: "${CDBNAMESPACE}"
-  cdbName: "DB12"
-  pdbName: "pdbprd"
-  assertivePdbDeletion: true
-  fileNameConversions: "NONE"
-  totalSize: "1G"
-  tempSize: "100M"
-  action: "Map"
-EOF
-
-
-cat <<EOF >${PDBMAP3}
-apiVersion: database.oracle.com/${APIVERSION}
-kind: PDB
-metadata:
-  name: pdb3
-  namespace: ${PDBNAMESPACE}
-  labels:
-    cdb: cdb-dev
-spec:
-  cdbResName: "cdb-dev"
-  cdbNamespace: "${CDBNAMESPACE}"
-  cdbName: "DB12"
-  pdbName: "new_clone"
-  assertivePdbDeletion: true
-  fileNameConversions: "NONE"
-  totalSize: "1G"
-  tempSize: "100M"
-  action: "Map"
-EOF
-
-
-## Auth information
-for _file in ${PDBCRE1} ${PDBCRE2} ${PDBOPEN1} ${PDBOPEN2} ${PDBOPEN3} ${PDBCLOSE1} ${PDBCLOSE2} ${PDBCLOSE3} ${PDBCLONE1} ${PDBCLONE2} ${PDBDELETE1} ${PDBDELETE2} ${PDBUNPLUG1} ${PDBPLUG1} ${PDBMAP1} ${PDBMAP2} ${PDBMAP3} 
-do 
-ls -ltr ${_file}
-     cat authsection02.yaml >> ${_file}
-done
-rm authsection02.yaml
-rm authsection01.yaml
-endef
-
-export script02 = $(value _script02)
-
-genyaml:  secyaml
-	@ eval "$$script01"
-	@ eval "$$script02"
-
-cleanyaml:
-	- $(RM) $(PDBMAP3) $(PDBMAP2) $(PDBMAP1) $(PDBPLUG1) $(PDBUNPLUG1) $(PDBDELETE2) $(PDBDELETE1) $(PDBCLONE2) $(PDBCLONE1) $(PDBCLOSE3) $(PDBCLOSE2) $(PDBCLOSE1) $(PDBOPEN3) $(PDBOPEN2) $(PDBOPEN1) $(PDBCRE2) $(PDBCRE1) $(ORDS_POD) $(CDB_SECRETS) $(PDB_SECRETS) 
-	- $(RM) ${PDBNAMESPACE}_binding.yaml ${CDBNAMESPACE}_binding.yaml
-
-
-cleancrt:
-	- $(RM) $(SKEY) $(SCRT) $(CART) $(PRVKEY) $(PUBKEY) server.csr extfile.txt ca.srl 
-
-
-#################
-### PACKAGING ###
-#################
-
-pkg:
-	- $(RM) -rf /tmp/pkgtestplan
-	$(MKDIR) /tmp/pkgtestplan
-	$(CP) -R * /tmp/pkgtestplan
-	$(CP) ../../../../oracle-database-operator.yaml /tmp/pkgtestplan/
-	$(TAR) -C /tmp -cvf ~/pkgtestplan_$(DATE).tar pkgtestplan
-
-################
-###   diag   ###
-################
-
-login:
-	$(KUBECTL) exec   `$(KUBECTL) get pods -n $(CDBNAMESPACE)|grep ords|cut -d ' ' -f 1` -n $(CDBNAMESPACE) -it -- /bin/bash
-
-
-reloadop:
-	echo "RESTARTING OPERATOR"
-	$(eval OP1 := $(shell $(KUBECTL) get pods -n $(OPRNAMESPACE)|grep oracle-database-operator-controller|head -1|cut  -d ' ' -f 1 ))
-	$(eval OP2 := $(shell $(KUBECTL) get pods -n $(OPRNAMESPACE)|grep oracle-database-operator-controller|head -2|tail -1|cut  -d ' ' -f 1 ))
-	$(eval OP3 := $(shell $(KUBECTL) get pods -n $(OPRNAMESPACE)|grep oracle-database-operator-controller|tail -1|cut  -d ' ' -f 1 ))
-	$(KUBECTL) get pod $(OP1) -n $(OPRNAMESPACE) -o yaml | kubectl replace --force -f -
-	$(KUBECTL) get pod $(OP2) -n $(OPRNAMESPACE) -o yaml | kubectl replace --force -f -
-	$(KUBECTL) get pod $(OP3) -n $(OPRNAMESPACE) -o yaml | kubectl replace --force -f -
-
-
-dump:
-	@$(eval TMPSP := $(shell date "+%y%m%d%H%M%S" ))
-	@$(eval DIAGFILE := ./opdmp.$(TMPSP))
-	@>$(DIAGFILE)
-	@echo "OPERATOR DUMP"  >> $(DIAGFILE)
-	@echo "~~~~~~~~~~~~~"  >> $(DIAGFILE)
-	$(KUBECTL) logs   pod/`$(KUBECTL) get pods -n $(OPRNAMESPACE)|grep oracle-database-operator-controller|head -1|cut  -d ' ' -f 1` -n $(OPRNAMESPACE) >>$(DIAGFILE)
-	$(KUBECTL) logs   pod/`$(KUBECTL) get pods -n $(OPRNAMESPACE)|grep oracle-database-operator-controller|head -2|tail -1 | cut -d ' ' -f 1` -n $(OPRNAMESPACE) >>$(DIAGFILE)
-	$(KUBECTL) logs   pod/`$(KUBECTL) get pods -n $(OPRNAMESPACE)|grep oracle-database-operator-controller|tail -1|cut  -d ' ' -f 1` -n $(OPRNAMESPACE) >>$(DIAGFILE)
-
-#######################################################
-####                 TEST SECTION                  ####
-#######################################################
-
-run00:
-	@$(call msg,"cdb pod creation")
-	- $(KUBECTL) delete cdb cdb-dev -n $(CDBNAMESPACE)
-	$(KUBECTL) apply -f $(ORDS_POD) 
-	time $(KUBECTL) wait --for jsonpath='{.status.phase'}="Ready" cdb cdb-dev -n $(CDBNAMESPACE) --timeout=$(TEST_EXEC_TIMEOUT)
-	@$(call msg,"cdb pod completed")
-	$(KUBECTL) get cdb -n  $(CDBNAMESPACE)
-	$(KUBECTL) get pod -n  $(CDBNAMESPACE)
-
-run01.1:
-	@$(call msg,"pdb pdb1  creation")
-	$(KUBECTL) apply -f $(PDBCRE1)
-	time $(KUBECTL) wait --for jsonpath='{.status.phase'}="Ready" pdb pdb1 -n $(PDBNAMESPACE) --timeout=$(TEST_EXEC_TIMEOUT)
-	@$(call msg, "pdb pdb1 creation completed")
-	$(KUBECTL) get pdb pdb1 -n $(PDBNAMESPACE) 
-
-run01.2:
-	@$(call msg, "pdb pdb2  creation")
-	$(KUBECTL) apply -f $(PDBCRE2)
-	$(KUBECTL) wait --for jsonpath='{.status.phase'}="Ready" pdb pdb2 -n $(PDBNAMESPACE) --timeout=$(TEST_EXEC_TIMEOUT)
-	@$(call msg, "pdb pdb2  creation completed")
-	$(KUBECTL) get pdb pdb2 -n $(PDBNAMESPACE) 
-
-run02.1:
-	@$(call msg, "pdb pdb1  open")
-	$(KUBECTL) apply -f $(PDBOPEN1)
-	$(KUBECTL) wait --for jsonpath='{.status.openMode'}="READ WRITE" pdb pdb1 -n $(PDBNAMESPACE) --timeout=$(TEST_EXEC_TIMEOUT)
-	@$(call msg, "pdb pdb1 open completed")
-	$(KUBECTL) get pdb pdb1 -n $(PDBNAMESPACE) 
-
-run02.2:
-	@$(call msg,"pdb pdb2  open")
-	$(KUBECTL) apply -f $(PDBOPEN2)
-	$(KUBECTL) wait --for jsonpath='{.status.openMode'}="READ WRITE" pdb pdb2 -n $(PDBNAMESPACE) --timeout=$(TEST_EXEC_TIMEOUT)
-	@$(call msg,"pdb pdb2 open completed")
-	$(KUBECTL) get pdb pdb2 -n $(PDBNAMESPACE) 
-
-
-run03.1:
-	@$(call msg,"clone pdb1-->pdb3")
-	$(KUBECTL) apply -f $(PDBCLONE1)
-	$(KUBECTL) wait --for jsonpath='{.status.phase'}="Ready" pdb pdb3 -n $(PDBNAMESPACE) --timeout=$(TEST_EXEC_TIMEOUT)
-	@$(call msg,"clone pdb1-->pdb3 completed")
-	$(KUBECTL) get pdb pdb3 -n $(PDBNAMESPACE) 
-
-
-run03.2:
-	@$(call msg,"clone pdb2-->pdb4")
-	$(KUBECTL) apply -f $(PDBCLONE2)
-	$(KUBECTL) wait --for jsonpath='{.status.phase'}="Ready" pdb pdb4 -n $(PDBNAMESPACE) --timeout=$(TEST_EXEC_TIMEOUT)
-	@$(call msg,"clone pdb2-->pdb4 completed")
-	$(KUBECTL) get pdb pdb3 -n $(PDBNAMESPACE) 
-
-
-run04.1:
-	@$(call msg,"pdb pdb1  close")
-	$(KUBECTL) apply -f $(PDBCLOSE1)
-	$(KUBECTL) wait --for jsonpath='{.status.openMode'}="MOUNTED" pdb pdb1 -n $(PDBNAMESPACE) --timeout=$(TEST_EXEC_TIMEOUT)
-	@$(call msg, "pdb pdb1 close completed")
-	$(KUBECTL) get pdb pdb1 -n $(PDBNAMESPACE)
-
-run04.2:
-	@$(call msg,"pdb pdb2  close")
-	$(KUBECTL) apply -f $(PDBCLOSE2)
-	$(KUBECTL) wait --for jsonpath='{.status.openMode'}="MOUNTED" pdb pdb2 -n $(PDBNAMESPACE) --timeout=$(TEST_EXEC_TIMEOUT)
-	@$(call msg,"pdb pdb2 close completed")
-	$(KUBECTL) get pdb pdb2 -n $(PDBNAMESPACE)
-
-run05.1:
-	@$(call msg,"pdb pdb1  unplug")
-	$(KUBECTL) apply -f $(PDBUNPLUG1)
-	$(KUBECTL) wait --for=delete pdb pdb1 -n $(PDBNAMESPACE) --timeout=$(TEST_EXEC_TIMEOUT)
-	@$(call msg,"pdb pdb1 unplug completed")
-
-run06.1:
-	@$(call msg, "pdb pdb1  plug")
-	$(KUBECTL) apply -f $(PDBPLUG1)
-	$(KUBECTL) wait --for jsonpath='{.status.phase'}="Ready" pdb pdb1 -n $(PDBNAMESPACE) --timeout=$(TEST_EXEC_TIMEOUT)
-	@$(call msg, "pdb pdb1 plug completed")
-	$(KUBECTL) get pdb pdb1 -n $(PDBNAMESPACE)
-
-run07.1:
-	@$(call msg,"pdb pdb1 delete ")
-	- $(KUBECTL) apply -f $(PDBCLOSE1)
-	$(KUBECTL) wait --for jsonpath='{.status.openMode'}="MOUNTED" pdb pdb1 -n $(PDBNAMESPACE) --timeout=$(TEST_EXEC_TIMEOUT)
-	$(KUBECTL) apply -f $(PDBDELETE1)
-	$(KUBECTL) wait --for=delete pdb pdb1 -n $(PDBNAMESPACE) --timeout=$(TEST_EXEC_TIMEOUT)
-	@$(call msg,"pdb pdb1 delete")
-	$(KUBECTL) get pdb -n $(PDBNAMESPACE)
-
-run99.1:
-	$(KUBECTL) delete cdb cdb-dev -n cdbnamespace
-	$(KUBECTL) wait --for=delete cdb cdb-dev -n $(CDBNAMESPACE) --timeout=$(TEST_EXEC_TIMEOUT)
-	$(KUBECTL) get cdb -n cdbnamespaace
-	$(KUBECTL) get pdb -n pdbnamespaace
-
-
-## SEQ | ACTION
-## ----+----------------
-##  00 | create ords pod
-##  01 | create pdb
-##  02 | open pdb
-##  03 | clone pdb
-##  04 | close pdb
-##  05 | unpug pdb
-##  06 | plug pdb
-##  07 | delete pdb (declarative)
-
-	
-runall01:  run00 run01.1 run01.2 run03.1 run03.2 run04.1 run05.1 run06.1 run02.1  run07.1
-
-
-###### BUILD ORDS IMAGE ######
-
-createimage:
-	$(RUNTIME) build -t $(IMAGE) $(ORDSIMGDIR)
-
-createimageproxy:
-	$(RUNTIME) build -t $(IMAGE) $(ORDSIMGDIR) --build-arg  https_proxy=$(HTTPS_PROXY)  --build-arg http_proxy=$(HTTP_PROXY)
-
-tagimage:
-	@echo "TAG IMAGE"
-	$(RUNTIME) tag $(IMAGE) $(ORDSIMG)
-
-push:
-	 $(RUNTIME) push $(ORDSIMG)
-
-
diff --git a/docs/multitenant/ords-based/usecase/map_pdb1_resource.yaml b/docs/multitenant/ords-based/usecase/map_pdb1_resource.yaml
deleted file mode 100644
index b71b59d5..00000000
--- a/docs/multitenant/ords-based/usecase/map_pdb1_resource.yaml
+++ /dev/null
@@ -1,49 +0,0 @@
-apiVersion: database.oracle.com/v4
-kind: PDB
-metadata:
-  name: pdb1
-  namespace: pdbnamespace
-  labels:
-    cdb: cdb-dev
-spec:
-  cdbResName: "cdb-dev"
-  cdbNamespace: "cdbnamespace"
-  cdbName: "DB12"
-  pdbName: "pdbdev"
-  assertivePdbDeletion: true
-  fileNameConversions: "NONE"
-  totalSize: "1G"
-  tempSize: "100M"
-  action: "Map"
-  adminName:
-    secret:
-      secretName: "pdbusr"
-      key: "e_pdbusr.txt"
-  adminPwd:
-    secret:
-      secretName: "pdbpwd"
-      key: "e_pdbpwd.txt"
-  pdbTlsKey:
-    secret:
-      secretName: "db-tls"
-      key: "tls.key"
-  pdbTlsCrt:
-    secret:
-      secretName: "db-tls"
-      key: "tls.crt"
-  pdbTlsCat:
-    secret:
-      secretName: "db-ca"
-      key: "ca.crt"
-  webServerUser:
-    secret:
-      secretName: "wbuser"
-      key: "e_wbuser.txt"
-  webServerPwd:
-    secret:
-      secretName: "wbpass"
-      key: "e_wbpass.txt"
-  pdbOrdsPrvKey:
-    secret:
-      secretName: "prvkey"
-      key: "privateKey"
diff --git a/docs/multitenant/ords-based/usecase/map_pdb2_resource.yaml b/docs/multitenant/ords-based/usecase/map_pdb2_resource.yaml
deleted file mode 100644
index 75d056d0..00000000
--- a/docs/multitenant/ords-based/usecase/map_pdb2_resource.yaml
+++ /dev/null
@@ -1,49 +0,0 @@
-apiVersion: database.oracle.com/v4
-kind: PDB
-metadata:
-  name: pdb2
-  namespace: pdbnamespace
-  labels:
-    cdb: cdb-dev
-spec:
-  cdbResName: "cdb-dev"
-  cdbNamespace: "cdbnamespace"
-  cdbName: "DB12"
-  pdbName: "pdbprd"
-  assertivePdbDeletion: true
-  fileNameConversions: "NONE"
-  totalSize: "1G"
-  tempSize: "100M"
-  action: "Map"
-  adminName:
-    secret:
-      secretName: "pdbusr"
-      key: "e_pdbusr.txt"
-  adminPwd:
-    secret:
-      secretName: "pdbpwd"
-      key: "e_pdbpwd.txt"
-  pdbTlsKey:
-    secret:
-      secretName: "db-tls"
-      key: "tls.key"
-  pdbTlsCrt:
-    secret:
-      secretName: "db-tls"
-      key: "tls.crt"
-  pdbTlsCat:
-    secret:
-      secretName: "db-ca"
-      key: "ca.crt"
-  webServerUser:
-    secret:
-      secretName: "wbuser"
-      key: "e_wbuser.txt"
-  webServerPwd:
-    secret:
-      secretName: "wbpass"
-      key: "e_wbpass.txt"
-  pdbOrdsPrvKey:
-    secret:
-      secretName: "prvkey"
-      key: "privateKey"
diff --git a/docs/multitenant/ords-based/usecase/map_pdb3_resource.yaml b/docs/multitenant/ords-based/usecase/map_pdb3_resource.yaml
deleted file mode 100644
index 3523aa68..00000000
--- a/docs/multitenant/ords-based/usecase/map_pdb3_resource.yaml
+++ /dev/null
@@ -1,49 +0,0 @@
-apiVersion: database.oracle.com/v4
-kind: PDB
-metadata:
-  name: pdb3
-  namespace: pdbnamespace
-  labels:
-    cdb: cdb-dev
-spec:
-  cdbResName: "cdb-dev"
-  cdbNamespace: "cdbnamespace"
-  cdbName: "DB12"
-  pdbName: "new_clone"
-  assertivePdbDeletion: true
-  fileNameConversions: "NONE"
-  totalSize: "1G"
-  tempSize: "100M"
-  action: "Map"
-  adminName:
-    secret:
-      secretName: "pdbusr"
-      key: "e_pdbusr.txt"
-  adminPwd:
-    secret:
-      secretName: "pdbpwd"
-      key: "e_pdbpwd.txt"
-  pdbTlsKey:
-    secret:
-      secretName: "db-tls"
-      key: "tls.key"
-  pdbTlsCrt:
-    secret:
-      secretName: "db-tls"
-      key: "tls.crt"
-  pdbTlsCat:
-    secret:
-      secretName: "db-ca"
-      key: "ca.crt"
-  webServerUser:
-    secret:
-      secretName: "wbuser"
-      key: "e_wbuser.txt"
-  webServerPwd:
-    secret:
-      secretName: "wbpass"
-      key: "e_wbpass.txt"
-  pdbOrdsPrvKey:
-    secret:
-      secretName: "prvkey"
-      key: "privateKey"
diff --git a/docs/multitenant/ords-based/usecase/open_pdb1_resource.yaml b/docs/multitenant/ords-based/usecase/open_pdb1_resource.yaml
deleted file mode 100644
index 93a1d43a..00000000
--- a/docs/multitenant/ords-based/usecase/open_pdb1_resource.yaml
+++ /dev/null
@@ -1,47 +0,0 @@
-apiVersion: database.oracle.com/v4
-kind: PDB
-metadata:
-  name: pdb1
-  namespace: pdbnamespace
-  labels:
-    cdb: cdb-dev
-spec:
-  cdbResName: "cdb-dev"
-  cdbNamespace: "cdbnamespace"
-  cdbName: "DB12"
-  pdbName: "pdbdev"
-  action: "Modify"
-  pdbState: "OPEN"
-  modifyOption: "READ WRITE"
-  adminName:
-    secret:
-      secretName: "pdbusr"
-      key: "e_pdbusr.txt"
-  adminPwd:
-    secret:
-      secretName: "pdbpwd"
-      key: "e_pdbpwd.txt"
-  pdbTlsKey:
-    secret:
-      secretName: "db-tls"
-      key: "tls.key"
-  pdbTlsCrt:
-    secret:
-      secretName: "db-tls"
-      key: "tls.crt"
-  pdbTlsCat:
-    secret:
-      secretName: "db-ca"
-      key: "ca.crt"
-  webServerUser:
-    secret:
-      secretName: "wbuser"
-      key: "e_wbuser.txt"
-  webServerPwd:
-    secret:
-      secretName: "wbpass"
-      key: "e_wbpass.txt"
-  pdbOrdsPrvKey:
-    secret:
-      secretName: "prvkey"
-      key: "privateKey"
diff --git a/docs/multitenant/ords-based/usecase/open_pdb2_resource.yaml b/docs/multitenant/ords-based/usecase/open_pdb2_resource.yaml
deleted file mode 100644
index deb27f9a..00000000
--- a/docs/multitenant/ords-based/usecase/open_pdb2_resource.yaml
+++ /dev/null
@@ -1,47 +0,0 @@
-apiVersion: database.oracle.com/v4
-kind: PDB
-metadata:
-  name: pdb2
-  namespace: pdbnamespace
-  labels:
-    cdb: cdb-dev
-spec:
-  cdbResName: "cdb-dev"
-  cdbNamespace: "cdbnamespace"
-  cdbName: "DB12"
-  pdbName: "pdbprd"
-  action: "Modify"
-  pdbState: "OPEN"
-  modifyOption: "READ WRITE"
-  adminName:
-    secret:
-      secretName: "pdbusr"
-      key: "e_pdbusr.txt"
-  adminPwd:
-    secret:
-      secretName: "pdbpwd"
-      key: "e_pdbpwd.txt"
-  pdbTlsKey:
-    secret:
-      secretName: "db-tls"
-      key: "tls.key"
-  pdbTlsCrt:
-    secret:
-      secretName: "db-tls"
-      key: "tls.crt"
-  pdbTlsCat:
-    secret:
-      secretName: "db-ca"
-      key: "ca.crt"
-  webServerUser:
-    secret:
-      secretName: "wbuser"
-      key: "e_wbuser.txt"
-  webServerPwd:
-    secret:
-      secretName: "wbpass"
-      key: "e_wbpass.txt"
-  pdbOrdsPrvKey:
-    secret:
-      secretName: "prvkey"
-      key: "privateKey"
diff --git a/docs/multitenant/ords-based/usecase/open_pdb3_resource.yaml b/docs/multitenant/ords-based/usecase/open_pdb3_resource.yaml
deleted file mode 100644
index 586f2f57..00000000
--- a/docs/multitenant/ords-based/usecase/open_pdb3_resource.yaml
+++ /dev/null
@@ -1,47 +0,0 @@
-apiVersion: database.oracle.com/v4
-kind: PDB
-metadata:
-  name: pdb3
-  namespace: pdbnamespace
-  labels:
-    cdb: cdb-dev
-spec:
-  cdbResName: "cdb-dev"
-  cdbNamespace: "cdbnamespace"
-  cdbName: "DB12"
-  pdbName: "new_clone"
-  action: "Modify"
-  pdbState: "OPEN"
-  modifyOption: "READ WRITE"
-  adminName:
-    secret:
-      secretName: "pdbusr"
-      key: "e_pdbusr.txt"
-  adminPwd:
-    secret:
-      secretName: "pdbpwd"
-      key: "e_pdbpwd.txt"
-  pdbTlsKey:
-    secret:
-      secretName: "db-tls"
-      key: "tls.key"
-  pdbTlsCrt:
-    secret:
-      secretName: "db-tls"
-      key: "tls.crt"
-  pdbTlsCat:
-    secret:
-      secretName: "db-ca"
-      key: "ca.crt"
-  webServerUser:
-    secret:
-      secretName: "wbuser"
-      key: "e_wbuser.txt"
-  webServerPwd:
-    secret:
-      secretName: "wbpass"
-      key: "e_wbpass.txt"
-  pdbOrdsPrvKey:
-    secret:
-      secretName: "prvkey"
-      key: "privateKey"
diff --git a/docs/multitenant/ords-based/usecase/parameters.txt b/docs/multitenant/ords-based/usecase/parameters.txt
deleted file mode 100644
index 64dc3759..00000000
--- a/docs/multitenant/ords-based/usecase/parameters.txt
+++ /dev/null
@@ -1,61 +0,0 @@
-
-########################
-## REST SERVER IMAGE ###
-########################
-
-ORDSIMG:_your_container_registry/ords-dboper:latest
-
-##############################
-## TNS URL FOR CDB CREATION ##
-##############################
-TNSALIAS:"T H I S   I S  J U S T   A N  E X A M P L E (DESCRIPTION=(CONNECT_TIMEOUT=90)(RETRY_COUNT=30)(RETRY_DELAY=10)(TRANSPORT_CONNECT_TIMEOUT=70)(LOAD_BALLANCE=ON)(ADDRESS=(PROTOCOL=TCP)(HOST=scan12.testrac.com)(PORT=1521)(IP=V4_ONLY))(LOAD_BALLANCE=ON)(ADDRESS=(PROTOCOL=TCP)(HOST=scan34.testrac.com)(PORT=1521)(IP=V4_ONLY))(CONNECT_DATA=(SERVER=DEDICATED)(SERVICE_NAME=TESTORDS)))"
-
-###########################################
-##           ORDS PUBLIC USER            ##
-###########################################
-ORDPWD:change_me_please
-
-###########################################
-##           SYSPASSWORD                 ##
-###########################################
-SYSPWD:change_me_please
-
-#######################
-## HTTPS CREDENTIAL ###
-#######################
-
-WBUSER:change_me_please
-WBPASS:change_me_please
-
-#####################
-## PDB ADMIN USER ###
-##################### 
-
-PDBUSR:change_me_please
-PDBPWD:change_me_please
-
-#####################
-## CDB ADMIN USER ###
-##################### 
-
-CDBUSR:C##DBAPI_CDB_ADMIN
-CDBPWD:change_me_please
-
-###################
-### NAMESPACES ####
-###################
-
-PDBNAMESPACE:pdbnamespace
-CDBNAMESPACE:cdbnamespace
-
-####################
-### COMPANY NAME ### 
-####################
-
-COMPANY:oracle
-
-####################
-### APIVERSION   ### 
-####################
-
-APIVERSION:v4
diff --git a/docs/multitenant/ords-based/usecase/pdbnamespace_binding.yaml b/docs/multitenant/ords-based/usecase/pdbnamespace_binding.yaml
deleted file mode 100644
index 5af79ed6..00000000
--- a/docs/multitenant/ords-based/usecase/pdbnamespace_binding.yaml
+++ /dev/null
@@ -1,13 +0,0 @@
-apiVersion: rbac.authorization.k8s.io/v1
-kind: RoleBinding
-metadata:
-  name: oracle-database-operator-oracle-database-operator-manager-rolebinding1
-  namespace: pdbnamespace
-roleRef:
-  apiGroup: rbac.authorization.k8s.io
-  kind: ClusterRole
-  name: oracle-database-operator-manager-role
-subjects:
-- kind: ServiceAccount
-  name: default
-  namespace: oracle-database-operator-system
diff --git a/docs/multitenant/ords-based/usecase/plug_pdb1_resource.yaml b/docs/multitenant/ords-based/usecase/plug_pdb1_resource.yaml
deleted file mode 100644
index 9eb5ed77..00000000
--- a/docs/multitenant/ords-based/usecase/plug_pdb1_resource.yaml
+++ /dev/null
@@ -1,53 +0,0 @@
-apiVersion: database.oracle.com/v4
-kind: PDB
-metadata:
-  name: pdb1
-  namespace: pdbnamespace
-  labels:
-    cdb: cdb-dev
-spec:
-  cdbResName: "cdb-dev"
-  cdbNamespace: "cdbnamespace"
-  cdbName: "DB12"
-  pdbName: "pdbdev"
-  xmlFileName: "/tmp/pdb.xml"
-  action: "plug"
-  fileNameConversions: "NONE"
-  sourceFileNameConversions: "NONE"
-  copyAction: "MOVE"
-  totalSize: "1G"
-  tempSize: "100M"
-  assertivePdbDeletion: true
-  action: "Plug"
-  adminName:
-    secret:
-      secretName: "pdbusr"
-      key: "e_pdbusr.txt"
-  adminPwd:
-    secret:
-      secretName: "pdbpwd"
-      key: "e_pdbpwd.txt"
-  pdbTlsKey:
-    secret:
-      secretName: "db-tls"
-      key: "tls.key"
-  pdbTlsCrt:
-    secret:
-      secretName: "db-tls"
-      key: "tls.crt"
-  pdbTlsCat:
-    secret:
-      secretName: "db-ca"
-      key: "ca.crt"
-  webServerUser:
-    secret:
-      secretName: "wbuser"
-      key: "e_wbuser.txt"
-  webServerPwd:
-    secret:
-      secretName: "wbpass"
-      key: "e_wbpass.txt"
-  pdbOrdsPrvKey:
-    secret:
-      secretName: "prvkey"
-      key: "privateKey"
diff --git a/docs/multitenant/ords-based/usecase/unplug_pdb1_resource.yaml b/docs/multitenant/ords-based/usecase/unplug_pdb1_resource.yaml
deleted file mode 100644
index 0036d5f7..00000000
--- a/docs/multitenant/ords-based/usecase/unplug_pdb1_resource.yaml
+++ /dev/null
@@ -1,46 +0,0 @@
-apiVersion: database.oracle.com/v4
-kind: PDB
-metadata:
-  name: pdb1
-  namespace: pdbnamespace
-  labels:
-    cdb: cdb-dev
-spec:
-  cdbResName: "cdb-dev"
-  cdbNamespace: "cdbnamespace"
-  cdbName: "DB12"
-  pdbName: "pdbdev"
-  xmlFileName: "/tmp/pdb.xml"
-  action: "Unplug"
-  adminName:
-    secret:
-      secretName: "pdbusr"
-      key: "e_pdbusr.txt"
-  adminPwd:
-    secret:
-      secretName: "pdbpwd"
-      key: "e_pdbpwd.txt"
-  pdbTlsKey:
-    secret:
-      secretName: "db-tls"
-      key: "tls.key"
-  pdbTlsCrt:
-    secret:
-      secretName: "db-tls"
-      key: "tls.crt"
-  pdbTlsCat:
-    secret:
-      secretName: "db-ca"
-      key: "ca.crt"
-  webServerUser:
-    secret:
-      secretName: "wbuser"
-      key: "e_wbuser.txt"
-  webServerPwd:
-    secret:
-      secretName: "wbpass"
-      key: "e_wbpass.txt"
-  pdbOrdsPrvKey:
-    secret:
-      secretName: "prvkey"
-      key: "privateKey"
diff --git a/docs/multitenant/ords-based/usecase01/README.md b/docs/multitenant/ords-based/usecase01/README.md
deleted file mode 100644
index 0020541c..00000000
--- a/docs/multitenant/ords-based/usecase01/README.md
+++ /dev/null
@@ -1,516 +0,0 @@
-<span style="font-family:Liberation mono; font-size:0.9em; line-height: 1.1em">
-
-
-# STEP BY STEP USE CASE 
-
-- [STEP BY STEP USE CASE](#step-by-step-use-case)
-        - [INTRODUCTION](#introduction)
-    - [OPERATIONAL STEPS](#operational-steps)
-      - [Download latest version from github ](#download-latest-version-from-github-)
-      - [Upload webhook certificates ](#upload-webhook-certificates-)
-      - [Create the dboperator ](#create-the-dboperator-)
-      - [Create secret for container registry](#create-secret-for-container-registry)
-      - [Build ords immage ](#build-ords-immage-)
-      - [Database Configuration](#database-configuration)
-      - [Create CDB secret](#create-cdb-secret)
-      - [Create Certificates](#create-certificates)
-      - [Apply cdb.yaml](#apply-cdbyaml)
-      - [CDB - Logs and throuble shutting](#cdb---logs-and-throuble-shutting)
-      - [Create PDB secret](#create-pdb-secret)
-      - [Apply pdb yaml file to create pdb](#apply-pdb-yaml-file-to-create-pdb)
-      - [Other actions](#other-actions)
-      - [Imperative approach on pdb deletion - will be avilable in 1.2.0 ](#imperative-approach-on-pdb-deletion)
-
-
-
-##### INTRODUCTION
-
-This readme is a step by step guide used to implement database multi tenant operator. It assumes that a kubernets cluster and a database server are already available (no matter if single instance or RAC). kubectl must be configured in order to reach k8s cluster.
-
-The following table reports the parameters required to configure and use oracle multi tenant controller for pluggable database lifecycle management.
-
-| yaml file parameters            	| value  	| description /ords parameter                     	              |
-|--------------	|---------------------------	|-------------------------------------------------|
-| dbserver     	| <db_host\> or <scan_name>   | [--db-hostname][1]                              |
-| dbTnsurl      | <tns connect descriptor\>   | [--db-custom-url/db.customURL][dbtnsurl]                                |
-| port         	| <oracle_port\>        	    | [--db-port][2]                                	|
-| cdbName       | <dbname\>                   | Container Name                                  |
-| name          | <cdb-dev\>                  | Ords podname prefix in cdb.yaml                 |
-| name          | <pdb\>                      | pdb resource in pdb.yaml                        | 
-| ordsImage     | <public_container_registry\>/ords-dboper:latest|My public container registry  |
-| pdbName       | <pdbname\>                  | Pluggable database name                         |
-| servicename  	| <service_name\>           	| [--db-servicename][3]                           |
-| sysadmin_user | <SYS_SYSDBA\>               | [--admin-user][adminuser]                       |
-| sysadmin_pwd  | <sys_password\>             | [--password-stdin][pwdstdin]                    |
-| cdbadmin_user | <CDB_ADMIN_USER\>           | [db.cdb.adminUser][1]                           |
-| cdbadmin_pwd  | <CDB_ADMIN_PASS\>           | [db.cdb.adminUser.password][cdbadminpwd]        |
-| webserver_user| <web_user\>                 | [https user][http] <span style="color:red"> NOT A DB USER </span> |
-| webserver_pwd | <web_user_passwoed\>        | [http user password][http]                      |
-| ords_pwd      | <ords_password\>            | [ORDS_PUBLIC_USER password][public_user]        |
-| pdbTlsKey     | <keyfile\>                  | [standalone.https.cert.key][key]                |
-| pdbTlsCrt     | <certfile\>                 | [standalone.https.cert][cr]                     |
-| pdbTlsCat     | <certauth\>                 | certificate authority                           |
-| cdbOrdsPrvKey | <keyfile\>                  | private key (cdb crd)                           |
-| pdbOrdsPrvKey | <keyfile\>                  | private key (pdb crd)                           |
-| assertivePdbDeletion | boolean             | [turn on imperative approach on crd deleteion][imperative]     |
-
-> A [makfile](./makefile) is available to sped up the command execution for the multitenant setup and test. See the comments in the header of file  
-
-### OPERATIONAL STEPS 
-----
-
-
-#### Download latest version from github <a name="Download"></a>
-
-
-```bash
-git clone https://github.com/oracle/oracle-database-operator.git
-```
-
-If golang compiler is installed on your environment and you've got a public container registry then you can compile the operator, upload to the registry and use it
-
-```bash
-
-cd oracle-database-operator 
-make generate
-make manifests
-make install
-make docker-build IMG=<public_container_registry>/operator:latest
-
-make operator-yaml IMG=<public_container_registry>operator:latest
-```
-
-> **NOTE:** The last make executions recreates the **oracle-database-operator.yaml** with the  **image:** parameter pointing to your public container registry. If you don't have a golang compilation environment you can use the **oracle-database-operator.yaml** provided in the github distribution. Check [operator installation documentation](../installation/OPERATOR_INSTALLATION_README.md ) for more details.
-
-> <span style="color:red"> **NOTE:** If you are using oracle-container-registry make sure to accept the license agreement otherwise the operator image pull fails. </span>
-----
-
-#### Upload webhook certificates <a name="webhook"></a>
-
-```bash
-kubectl apply -f https://github.com/jetstack/cert-manager/releases/latest/download/cert-manager.yaml
-```
-
-#### Create the dboperator <a name="dboperator"></a>
-
-```bash
-cd oracle-database-operator
-/usr/bin/kubectl apply -f oracle-database-operator.yaml
-```
-+ Check the status of the operator
-
-```bash
-/usr/bin/kubectl get pods -n oracle-database-operator-system
-NAME                                                           READY   STATUS    RESTARTS   AGE
-oracle-database-operator-controller-manager-557ff6c659-g7t66   1/1     Running   0          10s
-oracle-database-operator-controller-manager-557ff6c659-rssmj   1/1     Running   0          10s
-oracle-database-operator-controller-manager-557ff6c659-xpswv   1/1     Running   0          10s
-
-```
-----
-
-#### Create secret for container registry
-
-+ Make sure to login to your container registry and then create the secret for you container registry.  
-
-```bash
-docker login **<public-container_registry>**
-/usr/bin/kubectl create secret generic container-registry-secret --from-file=.dockerconfigjson=/home/oracle/.docker/config.json --type=kubernetes.io/dockerconfigjson -n oracle-database-operator-system
-```
-
-+ Check secret 
-
-```bash
-kubectl get secret -n oracle-database-operator-system
-NAME                        TYPE                             DATA   AGE
-container-registry-secret   kubernetes.io/dockerconfigjson   1      19s
-webhook-server-cert         kubernetes.io/tls 
-```
-----
-
-#### Build ords immage <a name="ordsimage"></a>
-
-+ Build the ords image, downloading ords software is no longer needed; just build the image and push it to your repository
-
-```bash
-cd oracle-database-operator/ords
-docker build -t oracle/ords-dboper:latest .
-```
-
-[Example of execution](./logfiles/BuildImage.log)
-+ Login to your container registry and push the ords image. 
-
-```bash 
-docker tag <public-container-registry>/ords-dboper:latest
-docker push <public-container-registry>/ords-dboper:latest
-```
-[Example of execution](./logfiles/tagandpush.log)
-
-----
-
-#### Database Configuration
-
-+ Configure Database
-
-Connect as sysdba and execute the following script in order to create the required ords accounts.
-
-```sql
-ALTER SESSION SET "_oracle_script"=true;
-DROP USER <CDB_ADMIN_USER> cascade;
-CREATE USER <CDB_ADMIN_USER> IDENTIFIED BY <CDB_ADMIN_PASS> CONTAINER=ALL ACCOUNT UNLOCK;
-GRANT SYSOPER TO <CDB_ADMIN_USER> CONTAINER = ALL;
-GRANT SYSDBA TO <CDB_ADMIN_USER> CONTAINER = ALL;
-GRANT CREATE SESSION TO <CDB_ADMIN_USER> CONTAINER = ALL;
-```
-----
-#### Create Certificates
-
-+ Create certificates: At this stage we need to create certificates on our local machine and upload into kubernetes cluster by creating new secrets.
-
-
-
-```text
-
-       +-----------+
-       |  openssl  |
-       +-----------+
-            |
-            |
-       +-----------+
-       | tls.key   |
-       | tls.crt   +------------+
-       | ca.crt    |            |
-       +-----------+            |
-                                |
-       +------------------------|---------------------------+
-       |KUBERNETES       +------+--------+                  |
-       |CLUSTER      +---|kubernet secret|---+              |
-       |             |   +---------------+   |              |
-       |             |                       |              |
-       |  +----------+---+     https      +--+----------+   |
-       |  |ORDS CONTAINER|<-------------->|  PDB/POD    |   |
-       |  +----------+---+                +-------------+   |
-       |  cdb.yaml   |                     pdb.yaml         |
-       +-------------|--------------------------------------+
-                     |
-                     |
-               +-----------+
-               | DB SERVER |
-               +-----------+
-
-```
-
-```bash
-
-openssl genrsa -out <certauth> 2048
-openssl req -new -x509 -days 365 -key <certauth> -subj "/C=CN/ST=GD/L=SZ/O=oracle, Inc./CN=oracle Root CA" -out <certfile>
-openssl req -newkey rsa:2048 -nodes -keyout <keyfile> -subj "/C=CN/ST=GD/L=SZ/O=oracle, Inc./CN=<cdb-dev>-ords" -out server.csr
-/usr/bin/echo "subjectAltName=DNS:<cdb-dev>-ords,DNS:www.example.com" > extfile.txt
-openssl x509 -req -extfile extfile.txt -days 365 -in server.csr -CA <certfile> -CAkey <certauth> -CAcreateserial -out <certfile>
-
-kubectl create secret tls db-tls --key="<keyfile>" --cert="<certfile>"  -n oracle-database-operator-system
-kubectl create secret generic db-ca --from-file=<certfile> -n oracle-database-operator-system
-
-```
-
-[Example of execution:](./logfiles/openssl_execution.log)
-
-#### CDB and PDB credential 
-
-Refer to the [landing page](../README.md) to implement openssl encrpted secrets. 
-
-----
-
-#### Apply cdb.yaml
-
-
-**note:** <span style="color:red">
- Before creating the CDB pod make sure that all the pluggable databases in the container DB are open.  
-</span>
-
-+ Create ords container 
-
-```bash
-/usr/bin/kubectl apply -f create_ords_pod.yaml  -n oracle-database-operator-system
-```
-Example: **create_ords_pod.yaml**
-
-```yaml
-apiVersion: database.oracle.com/v1alpha1
-kind: CDB 
-metadata: 
-  name: cdb-dev
-  namespace: oracle-database-operator-system
-spec:
-  cdbName: "DB12"
-  ordsImage: ".............your registry............./ords-dboper:latest"
-  ordsImagePullPolicy: "Always"
-  dbTnsurl : "...Container tns alias....."
-  replicas: 1
-  sysAdminPwd:
-    secret:
-      secretName: "syspwd"
-      key: "e_syspwd.txt"
-  ordsPwd:
-    secret:
-      secretName: "ordpwd"
-      key: "e_ordpwd.txt"
-  cdbAdminUser:
-    secret:
-      secretName: "cdbusr"
-      key: "e_cdbusr.txt"
-  cdbAdminPwd:
-    secret:
-      secretName: "cdbpwd"
-      key: "e_cdbpwd.txt"
-  webServerUser:
-    secret:
-      secretName: "wbuser"
-      key: "e_wbuser.txt"
-  webServerPwd:
-    secret:
-      secretName: "wbpass"
-      key: "e_wbpass.txt"
-  cdbTlsKey:
-    secret:
-      secretName: "db-tls"
-      key: "tls.key"
-  cdbTlsCrt:
-    secret:
-      secretName: "db-tls"
-      key: "tls.crt"
-  cdbOrdsPrvKey:
-    secret:
-      secretName: "prvkey"
-      key: "privateKey"
-
-
-```
-> **Note** if you are working in dataguard environment with multiple sites (AC/DR) specifying the host name (dbServer/dbPort/serviceName) may not be the suitable solution for this kind of configuration, use **dbTnsurl** instead. Specify the whole tns string which includes the hosts/scan list. 
-
-```                         
-                        +----------+
-                    ____| standbyB |
-                    |   | scanB    |   (DESCRIPTION=
- +----------+       |   +----------+      (CONNECT_TIMEOUT=90)
- | primary  |_______|                     (RETRY_COUNT=30)(RETRY_DELAY=10)(TRANSPORT_CONNECT_TIMEOUT=70)
- | scanA    |       |   +----------+      (TRANSPORT_CONNECT_TIMEOUT=10)(LOAD_BALLANCE=ON)
- +----------+       |___| stanbyC  |      (ADDRESS=(PROTOCOL=TCP)(HOST=scanA.testrac.com)(PORT=1521)(IP=V4_ONLY))
-                        | scanC    |      (ADDRESS=(PROTOCOL=TCP)(HOST=scanB.testrac.com)(PORT=1521)(IP=V4_ONLY))
-                        +----------+      (ADDRESS=(PROTOCOL=TCP)(HOST=scanC.testrac.com)(PORT=1521)(IP=V4_ONLY))
-                                             (CONNECT_DATA=(SERVER=DEDICATED)(SERVICE_NAME=TESTORDS)))
-
-
-   dbtnsurl:((DESCRIPTION=(CONNECT_TIMEOUT=90)(RETRY_COUNT=30)(RETRY_DELAY=10)(TRANSPORT_CONNECT_TIMEOUT=70)(TRANS......
-```
-     
-[create_ords_pod.yaml example](./create_ords_pod.yaml)
-
-
-----
-
-#### CDB - Logs and throuble shutting 
-
-+ Check the status of ords container 
-
-```bash
-/usr/bin/kubectl get pods -n oracle-database-operator-system
-NAME                                                           READY   STATUS              RESTARTS   AGE
-cdb-dev-ords-rs-m9ggp                                          0/1     ContainerCreating   0          67s <-----
-oracle-database-operator-controller-manager-557ff6c659-g7t66   1/1     Running             0          11m
-oracle-database-operator-controller-manager-557ff6c659-rssmj   1/1     Running             0          11m
-oracle-database-operator-controller-manager-557ff6c659-xpswv   1/1     Running             0          11m
-```
-+ Make sure that the cdb container is running
-
-```bash
-/usr/bin/kubectl get pods -n oracle-database-operator-system
-NAME                                                           READY   STATUS    RESTARTS   AGE
-cdb-dev-ords-rs-dnshz                                          1/1     Running   0          31s
-oracle-database-operator-controller-manager-557ff6c659-9bjfl   1/1     Running   0          2m42s
-oracle-database-operator-controller-manager-557ff6c659-cx8hd   1/1     Running   0          2m42s
-oracle-database-operator-controller-manager-557ff6c659-rq9xs   1/1     Running   0          2m42s
-```
-+ Check the status of the services
-
-```bash 
-kubectl get cdb -n oracle-database-operator-system
-NAME      CDB NAME   DB SERVER              DB PORT   REPLICAS   STATUS   MESSAGE
-[.....................................................]          Ready
-```
-+ Use log file to trouble shutting 
-
-```bash
-/usr/bin/kubectl logs `/usr/bin/kubectl get pods -n oracle-database-operator-system|grep ords|cut -d ' ' -f 1` -n oracle-database-operator-system
-```
-[Example of cdb creation log](./logfiles/cdb_creation.log)
-
-+ Test REST API from the pod. By querying the metadata catalog you can verify the status of https setting 
-
-```bash
- /usr/bin/kubectl exec -it  `/usr/bin/kubectl get pods -n oracle-database-operator-system|grep ords|cut -d ' ' -f 1` -n oracle-database-operator-system -i -t --  /usr/bin/curl -sSkv -k -X GET https://localhost:8888/ords/_/db-api/stable/metadata-catalog/
-```
-[Example of execution](./logfiles/testapi.log)
-
-+ Verify the pod environment varaibles
- ```bash 
- kubectl set env pods --all --list -n oracle-database-operator-system 
- ```
-
-+ Connect to cdb pod
-
-```bash
- kubectl exec -it  `kubectl get pods -n oracle-database-operator-system|grep ords|cut -d ' ' -f 1` -n oracle-database-operator-system bash
-```
-+ Dump ords server configuration 
-
-```bash
-/usr/bin/kubectl exec -it  `/usr/bin/kubectl get pods -n oracle-database-operator-system|grep ords|cut -d ' ' -f 1` -n oracle-database-operator-system -i -t --  /usr/local/bin/ords --config /etc/ords/config config list
-```
-[Example of executions](./logfiles/ordsconfig.log)
-
------
-#### Apply pdb yaml file to create pdb 
-
-```bash
-/usr/bin/kubectl apply -f  create_pdb1_resource.yaml -n oracle-database-operator-system
-```
-
-Example: **create_pdb1_resource.yaml**
-
-```yaml
-apiVersion: database.oracle.com/v4
-kind: PDB
-metadata:
-  name: pdb1
-  namespace: oracle-database-operator-system
-  labels:
-    cdb: cdb-dev
-spec:
-  cdbResName: "cdb-dev"
-  cdbNamespace: "cdbnamespace"
-  cdbName: "DB12"
-  pdbName: "pdbdev"
-  assertivePdbDeletion: true
-  fileNameConversions: "NONE"
-  unlimitedStorage: false
-  tdeImport: false
-  totalSize: "2G"
-  tempSize: "800M"
-  action: "Create"
-  adminName:
-    secret:
-      secretName: "pdbusr"
-      key: "e_pdbusr.txt"
-  adminPwd:
-    secret:
-      secretName: "pdbpwd"
-      key: "e_pdbpwd.txt"
-  pdbTlsKey:
-    secret:
-      secretName: "db-tls"
-      key: "tls.key"
-  pdbTlsCrt:
-    secret:
-      secretName: "db-tls"
-      key: "tls.crt"
-  pdbTlsCat:
-    secret:
-      secretName: "db-ca"
-      key: "ca.crt"
-  webServerUser:
-    secret:
-      secretName: "wbuser"
-      key: "e_wbuser.txt"
-  webServerPwd:
-    secret:
-      secretName: "wbpass"
-      key: "e_wbpass.txt"
-  pdbOrdsPrvKey:
-    secret:
-      secretName: "prvkey"
-      key: "privateKey"
-```
-
-+ Monitor the pdb creation status until message is success
-
-```bash
-kubectl get pdbs --all-namespaces=true
-
-  +-----------------------------------------+        +-----------------------------------------+
-  | STATUS   MESSAGE                        |______\ |              STATUS  MESSAGE            |
-  | Creating Waiting for PDB to be created  |      / |              Ready   Success            |
-  +-----------------------------------------+        +-----------------------------------------+
-
-NAMESPACE                         NAME   DBSERVER   CDB NAME   PDB NAME   PDB STATE   PDB SIZE   STATUS   MESSAGE
-oracle-database-operator-system   <pdb>  <db_host>  <dbname>   <pdbname>                    1G Creating   Waiting for PDB to be created
-
-[wait sometimes]
-
-kubectl get pdbs --all-namespaces=true
-NAMESPACE                         NAME   DBSERVER   CDB NAME   PDB NAME   PDB STATE   PDB SIZE   STATUS   MESSAGE
-oracle-database-operator-system   pdb1   <dbhost>   <dbname>   <pdbname>  READ WRITE        1G    Ready   Success
-```
-
-Connect to the hosts and verify the PDB creation.
-
-```text
-[oracle@racnode1 ~]$ sqlplus '/as sysdba'
-[...]
-Oracle Database 19c Enterprise Edition Release 19.0.0.0.0 - Production
-Version 19.15.0.0.0
-
-
-SQL> show pdbs
-
-    CON_ID CON_NAME                       OPEN MODE  RESTRICTED
----------- ------------------------------ ---------- ----------
-         2 PDB$SEED                       READ ONLY  NO
-         3 PDBDEV                         READ WRITE NO
-
-```
-Check controller log to debug pluggable database life cycle actions in case of problem
-
-```bash
-kubectl logs -f $(kubectl get pods -n oracle-database-operator-system|grep oracle-database-operator-controller|head -1|cut -d ' ' -f 1) -n oracle-database-operator-system
-```
-
----
-
-#### Other actions
-
-Configure and use other yaml files to perform pluggable database life cycle managment action **pdb_open.yaml**  **pdb_close.yaml**
-
-> **Note** sql command *"alter pluggable database <pdbname> open instances=all;"* acts  only on closed databases, so you don't get any oracle error in case of execution against an pluggable database already opened
-
-#### Imperative approach on pdb deletion 
-
-If **assertivePdbDeletion** is true then the command execution **kubectl delete pdbs crd_pdb_name** automatically deletes the pluggable database on the container database. By default this option is disabled. You can use this option during **create**,**map**,**plug** and **clone** operation. If  the option is disabled then **kubectl delete** only deletes the crd but not the pluggable on the container db. Database deletion uses the option **including datafiles**.
-If you drop the CRD without dropping the pluggable database and you need to recreate the CRD then you can use the [pdb_map.yaml](./pdb_map.yaml)
-
-
-[1]:https://docs.oracle.com/en/database/oracle/oracle-rest-data-services/22.2/ordig/installing-and-configuring-oracle-rest-data-services.html#GUID-E9625FAB-9BC8-468B-9FF9-443C88D76FA1:~:text=Table%202%2D2%20Command%20Options%20for%20Command%2DLine%20Interface%20Installation
-
-[2]:https://docs.oracle.com/en/database/oracle/oracle-rest-data-services/22.2/ordig/installing-and-configuring-oracle-rest-data-services.html#GUID-E9625FAB-9BC8-468B-9FF9-443C88D76FA1:~:text=Table%202%2D2%20Command%20Options%20for%20Command%2DLine%20Interface%20Installation
-
-[3]:https://docs.oracle.com/en/database/oracle/oracle-rest-data-services/22.2/ordig/installing-and-configuring-oracle-rest-data-services.html#GUID-DAA027FA-A4A6-43E1-B8DD-C92B330C2341:~:text=%2D%2Ddb%2Dservicename%20%3Cstring%3E
-
-[adminuser]:https://docs.oracle.com/en/database/oracle/oracle-rest-data-services/22.2/ordig/installing-and-configuring-oracle-rest-data-services.html#GUID-A9AED253-4EEC-4E13-A0C4-B7CE82EC1C22:~:text=Table%202%2D6%20Command%20Options%20for%20Uninstall%20CLI
-
-[public_user]:https://docs.oracle.com/en/database/oracle/oracle-rest-data-services/22.2/ordig/using-multitenant-architecture-oracle-rest-data-services.html#GUID-E64A141A-A71F-4979-8D33-C5F8496D3C19:~:text=Preinstallation%20Tasks%20for%20Oracle%20REST%20Data%20Services%20CDB%20Installation
-
-[key]:https://docs.oracle.com/en/database/oracle/oracle-rest-data-services/22.2/ordig/about-REST-configuration-files.html#GUID-006F916B-8594-4A78-B500-BB85F35C12A0:~:text=standalone.https.cert.key
-
-[cr]:https://docs.oracle.com/en/database/oracle/oracle-rest-data-services/22.2/ordig/about-REST-configuration-files.html#GUID-006F916B-8594-4A78-B500-BB85F35C12A0
-
-[cdbadminpwd]:https://docs.oracle.com/en/database/oracle/oracle-rest-data-services/22.2/ordig/about-REST-configuration-files.html#GUID-006F916B-8594-4A78-B500-BB85F35C12A0:~:text=Table%20C%2D1%20Oracle%20REST%20Data%20Services%20Configuration%20Settings
-
-[pwdstdin]:https://docs.oracle.com/en/database/oracle/oracle-rest-data-services/22.2/ordig/installing-and-configuring-oracle-rest-data-services.html#GUID-88479C84-CAC1-4133-A33E-7995A645EC05:~:text=default%20database%20pool.-,2.1.4.1%20Understanding%20Command%20Options%20for%20Command%2DLine%20Interface%20Installation,-Table%202%2D2
-
-[http]:https://docs.oracle.com/en/database/oracle/oracle-rest-data-services/22.2/ordig/installing-and-configuring-oracle-rest-data-services.html#GUID-BEECC057-A8F5-4EAB-B88E-9828C2809CD8:~:text=Example%3A%20delete%20%5B%2D%2Dglobal%5D-,user%20add,-Add%20a%20user
-
-[dbtnsurl]:https://docs.oracle.com/en/database/oracle/oracle-rest-data-services/22.2/ordig/installing-and-configuring-oracle-rest-data-services.html#GUID-A9AED253-4EEC-4E13-A0C4-B7CE82EC1C22
-
-[imperative]:https://kubernetes.io/docs/concepts/overview/working-with-objects/object-management/
-
-</span>
diff --git a/docs/multitenant/ords-based/usecase01/ca.crt b/docs/multitenant/ords-based/usecase01/ca.crt
deleted file mode 100644
index cc9aa8bb..00000000
--- a/docs/multitenant/ords-based/usecase01/ca.crt
+++ /dev/null
@@ -1,25 +0,0 @@
------BEGIN CERTIFICATE-----
-MIIEJTCCAw2gAwIBAgIUNXPtpnNEFBCMcnxRP5kJsBDpafcwDQYJKoZIhvcNAQEL
-BQAwgaExCzAJBgNVBAYTAlVTMRMwEQYDVQQIDApDYWxpZm9ybmlhMRUwEwYDVQQH
-DAxTYW5GcmFuY2lzY28xEDAOBgNVBAoMB29yYWNsZSAxNjA0BgNVBAMMLWNkYi1k
-ZXYtb3Jkcy5vcmFjbGUtZGF0YWJhc2Utb3BlcmF0b3Itc3lzdGVtIDEcMBoGA1UE
-AwwTbG9jYWxob3N0ICBSb290IENBIDAeFw0yNDA4MTIxNTMyMzVaFw0yNTA4MTIx
-NTMyMzVaMIGhMQswCQYDVQQGEwJVUzETMBEGA1UECAwKQ2FsaWZvcm5pYTEVMBMG
-A1UEBwwMU2FuRnJhbmNpc2NvMRAwDgYDVQQKDAdvcmFjbGUgMTYwNAYDVQQDDC1j
-ZGItZGV2LW9yZHMub3JhY2xlLWRhdGFiYXNlLW9wZXJhdG9yLXN5c3RlbSAxHDAa
-BgNVBAMME2xvY2FsaG9zdCAgUm9vdCBDQSAwggEiMA0GCSqGSIb3DQEBAQUAA4IB
-DwAwggEKAoIBAQCmnGVApwUBF1kpqcyr2nYeED0VKvefpoHLtxHSP+vP0lWhW7NU
-NJlb1YuUagjJ4/rpGRQmPxcVU51n3aAW3a5qHazIpNxNa3fvgB1rMOPFxGmdel2d
-8lIt+u19q19DknX/GNgH9Mog8RcyZyPeA7d2icT8TBo74ognr+8p68O3CjBHQ8EM
-SnRQR7/bh1c10Uia317ilKvs+I7oErTq5JFLeIuPDdAJ6UncaeblTf1XJ/1FrpHG
-fSS7xmR8x0/MblBQlku4eImYmN35g+eRgf8bLDDwC+GPzDnAqqMLjx6h2N+btDxr
-tnn05qyqmN9G08uUlP4d4BXi9ISb/toYypklAgMBAAGjUzBRMB0GA1UdDgQWBBS+
-a4X2XTmdPivdQtqDWNpfOtHypDAfBgNVHSMEGDAWgBS+a4X2XTmdPivdQtqDWNpf
-OtHypDAPBgNVHRMBAf8EBTADAQH/MA0GCSqGSIb3DQEBCwUAA4IBAQAZIrGBNdSw
-pe+1agefHfaR8hjZQiXBxdwHM1gR2LWOaFzMS8Q/eRETHTO6+VwQ0/FNaXbAqgqk
-G317gZMXS5ZmXuOi28fTpAQtuzokkEKpoK0puTnbXOKGA2QSbBlpSFPqb3aJXvVt
-afXFQb5P/0mhr4kuVt7Ech82WM/o5ryFgObygDayDmLatTp+VaRmBZPksnSMhslq
-3zPyS7bx2YhbPTLkDxq8Mfr/Msxme8LvSXUpFf4PpQ5zwp1RE32gekct6eRQLmqU
-5LXY2aPtqpMF0fBpcwPWbqA9gOYCRKcvXXIr+u1x8hf6Er6grZegHkM9TQ8s0hJd
-sxi5tK0lPMHJ
------END CERTIFICATE-----
diff --git a/docs/multitenant/ords-based/usecase01/ca.key b/docs/multitenant/ords-based/usecase01/ca.key
deleted file mode 100644
index 1a0ef89d..00000000
--- a/docs/multitenant/ords-based/usecase01/ca.key
+++ /dev/null
@@ -1,27 +0,0 @@
------BEGIN RSA PRIVATE KEY-----
-MIIEowIBAAKCAQEAppxlQKcFARdZKanMq9p2HhA9FSr3n6aBy7cR0j/rz9JVoVuz
-VDSZW9WLlGoIyeP66RkUJj8XFVOdZ92gFt2uah2syKTcTWt374AdazDjxcRpnXpd
-nfJSLfrtfatfQ5J1/xjYB/TKIPEXMmcj3gO3donE/EwaO+KIJ6/vKevDtwowR0PB
-DEp0UEe/24dXNdFImt9e4pSr7PiO6BK06uSRS3iLjw3QCelJ3Gnm5U39Vyf9Ra6R
-xn0ku8ZkfMdPzG5QUJZLuHiJmJjd+YPnkYH/Gyww8Avhj8w5wKqjC48eodjfm7Q8
-a7Z59OasqpjfRtPLlJT+HeAV4vSEm/7aGMqZJQIDAQABAoIBAGXRGYdjCgnarOBr
-Jeq3vIsuvUVcVqs35AYMQFXOPltoXHAZTAPfiQC4BW6TRf+q1MDyVH/y+jZMPNsm
-cxjGLDopHFgZd4/QZyDzmAbTf75yA2D7UI6fcV0sBUpRGgx/SqC0HADwtT1gWB6z
-LRYWC13jX4AXOcjy7OXj/DIQJDCMivedt3dv0rDWJUcBCnVot5tr6zjycefxGKa8
-mG9LZQb3x71FxwpFUau3WLDSwOjtXCeMytaGXnGmIiofJmXnFi0KA4ApzKL7QV6I
-cCBS1WBLLXeVM9vOfrtzKVLWGe0qADyLm35p5Fnl3j+vimkk8h/2DEvCZ75c987m
-O3PEgdkCgYEA0Scg+KINTA78sdZL5v2+8fT4b+EfoCgUqfr10ReUPKrz3HfrVHcj
-7Vf00RT52TkfmkL3mIdLyBUzQ9vzPgweo1o4yKCKNCpR9G3ydNW+KI5jSYnq2efz
-Gpe3wTt+8YoyCgm9eUxNWjfO9fipS91sSotY0PovkBohj9aezfcWp1sCgYEAy+3n
-MIvW/9PoYxCvQ9fDGLvx3B4/uy0ZYPh7j5edDuaRzwFd2YXUysXhJVuqTp0KT2tv
-dRPFRE9Oq5N8e5ITIUiKLQ5PIRNBZm8CiAof+XS1fIuU+MTDaTfXwyGQo0xSg8MB
-ITnJulmUlkcTWEtGyBi9sIjor5ve8kqvyrdAKX8CgYA9ZUUSd0978jJPad6iEf6J
-PCXpgaYs91cJhre+BzPmkzA+mZ0lEEwlkdo1vfiRwWj7eYkA50Zhl4eS9e/zWM9t
-mEBu9GFdasbf/55amZvWf+W5YpjkGmiMd9jjCjn7YVvLAozyHGngf91q6vGXaYou
-X7VUsvxfSqxrcs7vGwc1XQKBgB0qaD80MMqj5v+MGlTsndWCw8OEe/7sI04QG7Pc
-rjS8Wyws+NwsXNOnW1z5cDEQGrJjHiyzaCot4YV+cXZG3P+MnV52RnDnjRn2VHla
-YVpPC8nFOMgfdAcvWmdo/IOuXbrEf/vdhPFm8G5Ruf2NvpDNoQuHeSfsdgVXEy89
-6CpHAoGBAMZInYD0XjcnZNqiQnQdcIJN3CqDIU76Z45OOpcUrYrvTos2xhGLrRI5
-qrk5Od/sovJfse+oUIIbgsABieqtyfxM03iu8fvbahIY6Un1iw2KN9t+mcPrSZJK
-jTXKf7XxZ1+yN9kvohdLc65ySyXFSm++glDq8WGrmnOtLUlr0oMm
------END RSA PRIVATE KEY-----
diff --git a/docs/multitenant/ords-based/usecase01/ca.srl b/docs/multitenant/ords-based/usecase01/ca.srl
deleted file mode 100644
index 7c9868bb..00000000
--- a/docs/multitenant/ords-based/usecase01/ca.srl
+++ /dev/null
@@ -1 +0,0 @@
-77D97AB4C4B6D5A9377B84B455D3E16348C6DE04
diff --git a/docs/multitenant/ords-based/usecase01/cdb_create.yaml b/docs/multitenant/ords-based/usecase01/cdb_create.yaml
deleted file mode 100644
index 01fc0a18..00000000
--- a/docs/multitenant/ords-based/usecase01/cdb_create.yaml
+++ /dev/null
@@ -1,44 +0,0 @@
-apiVersion: database.oracle.com/v1alpha1
-kind: CDB 
-metadata: 
-  name: cdb-dev
-  namespace: oracle-database-operator-system
-spec:
-  cdbName: "DB12"
-  ordsImage: ".............your registry............./ords-dboper:latest"
-  ordsImagePullPolicy: "Always"
-  dbTnsurl : "...Container tns alias....."
-  replicas: 1
-  sysAdminPwd: 
-    secret: 
-      secretName: "cdb1-secret"
-      key: "sysadmin_pwd"
-  ordsPwd:
-    secret: 
-      secretName: "cdb1-secret"
-      key: "ords_pwd"  
-  cdbAdminUser: 
-    secret: 
-      secretName: "cdb1-secret"
-      key: "cdbadmin_user"
-  cdbAdminPwd: 
-    secret: 
-      secretName: "cdb1-secret"
-      key: "cdbadmin_pwd"
-  webServerUser: 
-    secret: 
-      secretName: "cdb1-secret"
-      key: "webserver_user"
-  webServerPwd: 
-    secret: 
-      secretName: "cdb1-secret"
-      key: "webserver_pwd"      
-  cdbTlsKey:
-    secret:
-      secretName: "db-tls"
-      key: "tls.key"
-  cdbTlsCrt:
-    secret:
-      secretName: "db-tls"
-      key: "tls.crt"
-
diff --git a/docs/multitenant/ords-based/usecase01/cdb_secret.yaml b/docs/multitenant/ords-based/usecase01/cdb_secret.yaml
deleted file mode 100644
index 567b90a4..00000000
--- a/docs/multitenant/ords-based/usecase01/cdb_secret.yaml
+++ /dev/null
@@ -1,17 +0,0 @@
-#
-# Copyright (c) 2022, Oracle and/or its affiliates. All rights reserved.
-# Licensed under the Universal Permissive License v 1.0 as shown at http://oss.oracle.com/licenses/upl.
-#
-apiVersion: v1
-kind: Secret
-metadata:
-  name: cdb1-secret
-  namespace: oracle-database-operator-system 
-type: Opaque 
-data: 
-  ords_pwd:         ".....base64 encoded password...."
-  sysadmin_pwd:     ".....base64 encoded password...."
-  cdbadmin_user:    ".....base64 encoded password...."
-  cdbadmin_pwd:     ".....base64 encoded password...."
-  webserver_user:   ".....base64 encoded password...."
-  webserver_pwd:    ".....base64 encoded password...."
diff --git a/docs/multitenant/ords-based/usecase01/clone_pdb1_resource.yaml b/docs/multitenant/ords-based/usecase01/clone_pdb1_resource.yaml
deleted file mode 100644
index 3cc2c3dd..00000000
--- a/docs/multitenant/ords-based/usecase01/clone_pdb1_resource.yaml
+++ /dev/null
@@ -1,50 +0,0 @@
-apiVersion: database.oracle.com/v4
-kind: PDB
-metadata:
-  name: pdb3
-  namespace: oracle-database-operator-system
-  labels:
-    cdb: cdb-dev
-spec:
-  cdbResName: "cdb-dev"
-  cdbNamespace: "oracle-database-operator-system"
-  cdbName: "DB12"
-  pdbName: "new_clone"
-  srcPdbName: "pdbdev"
-  fileNameConversions: "NONE"
-  totalSize: "UNLIMITED"
-  tempSize: "UNLIMITED"
-  assertivePdbDeletion: true
-  action: "Clone"
-  adminName:
-    secret:
-      secretName: "pdbusr"
-      key: "e_pdbusr.txt"
-  adminPwd:
-    secret:
-      secretName: "pdbpwd"
-      key: "e_pdbpwd.txt"
-  pdbTlsKey:
-    secret:
-      secretName: "db-tls"
-      key: "tls.key"
-  pdbTlsCrt:
-    secret:
-      secretName: "db-tls"
-      key: "tls.crt"
-  pdbTlsCat:
-    secret:
-      secretName: "db-ca"
-      key: "ca.crt"
-  webServerUser:
-    secret:
-      secretName: "wbuser"
-      key: "e_wbuser.txt"
-  webServerPwd:
-    secret:
-      secretName: "wbpass"
-      key: "e_wbpass.txt"
-  pdbOrdsPrvKey:
-    secret:
-      secretName: "prvkey"
-      key: "privateKey"
diff --git a/docs/multitenant/ords-based/usecase01/clone_pdb2_resource.yaml b/docs/multitenant/ords-based/usecase01/clone_pdb2_resource.yaml
deleted file mode 100644
index 28a4eab6..00000000
--- a/docs/multitenant/ords-based/usecase01/clone_pdb2_resource.yaml
+++ /dev/null
@@ -1,50 +0,0 @@
-apiVersion: database.oracle.com/v4
-kind: PDB
-metadata:
-  name: pdb4
-  namespace: oracle-database-operator-system
-  labels:
-    cdb: cdb-dev
-spec:
-  cdbResName: "cdb-dev"
-  cdbNamespace: "oracle-database-operator-system"
-  cdbName: "DB12"
-  pdbName: "new_clone2"
-  srcPdbName: "pdbprd"
-  fileNameConversions: "NONE"
-  totalSize: "UNLIMITED"
-  tempSize: "UNLIMITED"
-  assertivePdbDeletion: true
-  action: "Clone"
-  adminName:
-    secret:
-      secretName: "pdbusr"
-      key: "e_pdbusr.txt"
-  adminPwd:
-    secret:
-      secretName: "pdbpwd"
-      key: "e_pdbpwd.txt"
-  pdbTlsKey:
-    secret:
-      secretName: "db-tls"
-      key: "tls.key"
-  pdbTlsCrt:
-    secret:
-      secretName: "db-tls"
-      key: "tls.crt"
-  pdbTlsCat:
-    secret:
-      secretName: "db-ca"
-      key: "ca.crt"
-  webServerUser:
-    secret:
-      secretName: "wbuser"
-      key: "e_wbuser.txt"
-  webServerPwd:
-    secret:
-      secretName: "wbpass"
-      key: "e_wbpass.txt"
-  pdbOrdsPrvKey:
-    secret:
-      secretName: "prvkey"
-      key: "privateKey"
diff --git a/docs/multitenant/ords-based/usecase01/close_pdb1_resource.yaml b/docs/multitenant/ords-based/usecase01/close_pdb1_resource.yaml
deleted file mode 100644
index a5c3cf59..00000000
--- a/docs/multitenant/ords-based/usecase01/close_pdb1_resource.yaml
+++ /dev/null
@@ -1,47 +0,0 @@
-apiVersion: database.oracle.com/v4
-kind: PDB
-metadata:
-  name: pdb1
-  namespace: oracle-database-operator-system
-  labels:
-    cdb: cdb-dev
-spec:
-  cdbResName: "cdb-dev"
-  cdbNamespace: "oracle-database-operator-system"
-  cdbName: "DB12"
-  pdbName: "pdbdev"
-  pdbState: "CLOSE"
-  modifyOption: "IMMEDIATE"
-  action: "Modify"
-  adminName:
-    secret:
-      secretName: "pdbusr"
-      key: "e_pdbusr.txt"
-  adminPwd:
-    secret:
-      secretName: "pdbpwd"
-      key: "e_pdbpwd.txt"
-  pdbTlsKey:
-    secret:
-      secretName: "db-tls"
-      key: "tls.key"
-  pdbTlsCrt:
-    secret:
-      secretName: "db-tls"
-      key: "tls.crt"
-  pdbTlsCat:
-    secret:
-      secretName: "db-ca"
-      key: "ca.crt"
-  webServerUser:
-    secret:
-      secretName: "wbuser"
-      key: "e_wbuser.txt"
-  webServerPwd:
-    secret:
-      secretName: "wbpass"
-      key: "e_wbpass.txt"
-  pdbOrdsPrvKey:
-    secret:
-      secretName: "prvkey"
-      key: "privateKey"
diff --git a/docs/multitenant/ords-based/usecase01/close_pdb2_resource.yaml b/docs/multitenant/ords-based/usecase01/close_pdb2_resource.yaml
deleted file mode 100644
index 7fa15111..00000000
--- a/docs/multitenant/ords-based/usecase01/close_pdb2_resource.yaml
+++ /dev/null
@@ -1,47 +0,0 @@
-apiVersion: database.oracle.com/v4
-kind: PDB
-metadata:
-  name: pdb2
-  namespace: oracle-database-operator-system
-  labels:
-    cdb: cdb-dev
-spec:
-  cdbResName: "cdb-dev"
-  cdbNamespace: "oracle-database-operator-system"
-  cdbName: "DB12"
-  pdbName: "pdbprd"
-  pdbState: "CLOSE"
-  modifyOption: "IMMEDIATE"
-  action: "Modify"
-  adminName:
-    secret:
-      secretName: "pdbusr"
-      key: "e_pdbusr.txt"
-  adminPwd:
-    secret:
-      secretName: "pdbpwd"
-      key: "e_pdbpwd.txt"
-  pdbTlsKey:
-    secret:
-      secretName: "db-tls"
-      key: "tls.key"
-  pdbTlsCrt:
-    secret:
-      secretName: "db-tls"
-      key: "tls.crt"
-  pdbTlsCat:
-    secret:
-      secretName: "db-ca"
-      key: "ca.crt"
-  webServerUser:
-    secret:
-      secretName: "wbuser"
-      key: "e_wbuser.txt"
-  webServerPwd:
-    secret:
-      secretName: "wbpass"
-      key: "e_wbpass.txt"
-  pdbOrdsPrvKey:
-    secret:
-      secretName: "prvkey"
-      key: "privateKey"
diff --git a/docs/multitenant/ords-based/usecase01/close_pdb3_resource.yaml b/docs/multitenant/ords-based/usecase01/close_pdb3_resource.yaml
deleted file mode 100644
index fa7cf009..00000000
--- a/docs/multitenant/ords-based/usecase01/close_pdb3_resource.yaml
+++ /dev/null
@@ -1,47 +0,0 @@
-apiVersion: database.oracle.com/v4
-kind: PDB
-metadata:
-  name: pdb3
-  namespace: oracle-database-operator-system
-  labels:
-    cdb: cdb-dev
-spec:
-  cdbResName: "cdb-dev"
-  cdbNamespace: "oracle-database-operator-system"
-  cdbName: "DB12"
-  pdbName: ""new_clone"
-  pdbState: "CLOSE"
-  modifyOption: "IMMEDIATE"
-  action: "Modify"
-  adminName:
-    secret:
-      secretName: "pdbusr"
-      key: "e_pdbusr.txt"
-  adminPwd:
-    secret:
-      secretName: "pdbpwd"
-      key: "e_pdbpwd.txt"
-  pdbTlsKey:
-    secret:
-      secretName: "db-tls"
-      key: "tls.key"
-  pdbTlsCrt:
-    secret:
-      secretName: "db-tls"
-      key: "tls.crt"
-  pdbTlsCat:
-    secret:
-      secretName: "db-ca"
-      key: "ca.crt"
-  webServerUser:
-    secret:
-      secretName: "wbuser"
-      key: "e_wbuser.txt"
-  webServerPwd:
-    secret:
-      secretName: "wbpass"
-      key: "e_wbpass.txt"
-  pdbOrdsPrvKey:
-    secret:
-      secretName: "prvkey"
-      key: "privateKey"
diff --git a/docs/multitenant/ords-based/usecase01/create_ords_pod.yaml b/docs/multitenant/ords-based/usecase01/create_ords_pod.yaml
deleted file mode 100644
index e39c4c56..00000000
--- a/docs/multitenant/ords-based/usecase01/create_ords_pod.yaml
+++ /dev/null
@@ -1,48 +0,0 @@
-apiVersion: database.oracle.com/v4
-kind: CDB
-metadata: 
-  name: cdb-dev
-  namespace: oracle-database-operator-system
-spec:
-  cdbName: "DB12"
-  ordsImage: _your_container_registry/ords-dboper:latest
-  ordsImagePullPolicy: "Always"
-  dbTnsurl : "T H I S   I S  J U S T   A N  E X A M P L E ....(DESCRIPTION=(CONNECT_TIMEOUT=90)(RETRY_COUNT=30)(RETRY_DELAY=10)(TRANSPORT_CONNECT_TIMEOUT=70)(LOAD_BALLANCE=ON)(ADDRESS=(PROTOCOL=TCP)(HOST=scan12.testrac.com)(PORT=1521)(IP=V4_ONLY))(LOAD_BALLANCE=ON)(ADDRESS=(PROTOCOL=TCP)(HOST=scan34.testrac.com)(PORT=1521)(IP=V4_ONLY))(CONNECT_DATA=(SERVER=DEDICATED)(SERVICE_NAME=TESTORDS)))"
-  replicas: 1
-  deletePdbCascade: true
-  sysAdminPwd:
-    secret:
-      secretName: "syspwd"
-      key: "e_syspwd.txt"
-  ordsPwd:
-    secret:
-      secretName: "ordpwd"
-      key: "e_ordpwd.txt"
-  cdbAdminUser:
-    secret:
-      secretName: "cdbusr"
-      key: "e_cdbusr.txt"
-  cdbAdminPwd:
-    secret:
-      secretName: "cdbpwd"
-      key: "e_cdbpwd.txt"
-  webServerUser:
-    secret:
-      secretName: "wbuser"
-      key: "e_wbuser.txt"
-  webServerPwd:
-    secret:
-      secretName: "wbpass"
-      key: "e_wbpass.txt"
-  cdbTlsKey:
-    secret:
-      secretName: "db-tls"
-      key: "tls.key"
-  cdbTlsCrt:
-    secret:
-      secretName: "db-tls"
-      key: "tls.crt"
-  cdbOrdsPrvKey:
-    secret:
-      secretName: "prvkey"
-      key: "privateKey"
diff --git a/docs/multitenant/ords-based/usecase01/create_pdb1_resource.yaml b/docs/multitenant/ords-based/usecase01/create_pdb1_resource.yaml
deleted file mode 100644
index 044d466b..00000000
--- a/docs/multitenant/ords-based/usecase01/create_pdb1_resource.yaml
+++ /dev/null
@@ -1,51 +0,0 @@
-apiVersion: database.oracle.com/v4
-kind: PDB
-metadata:
-  name: pdb1
-  namespace: oracle-database-operator-system
-  labels:
-    cdb: cdb-dev
-spec:
-  cdbResName: "cdb-dev"
-  cdbNamespace: "oracle-database-operator-system"
-  cdbName: "DB12"
-  pdbName: "pdbdev"
-  assertivePdbDeletion: true
-  fileNameConversions: "NONE"
-  unlimitedStorage: false
-  tdeImport: false
-  totalSize: "2G"
-  tempSize: "800M"
-  action: "Create"
-  adminName:
-    secret:
-      secretName: "pdbusr"
-      key: "e_pdbusr.txt"
-  adminPwd:
-    secret:
-      secretName: "pdbpwd"
-      key: "e_pdbpwd.txt"
-  pdbTlsKey:
-    secret:
-      secretName: "db-tls"
-      key: "tls.key"
-  pdbTlsCrt:
-    secret:
-      secretName: "db-tls"
-      key: "tls.crt"
-  pdbTlsCat:
-    secret:
-      secretName: "db-ca"
-      key: "ca.crt"
-  webServerUser:
-    secret:
-      secretName: "wbuser"
-      key: "e_wbuser.txt"
-  webServerPwd:
-    secret:
-      secretName: "wbpass"
-      key: "e_wbpass.txt"
-  pdbOrdsPrvKey:
-    secret:
-      secretName: "prvkey"
-      key: "privateKey"
diff --git a/docs/multitenant/ords-based/usecase01/create_pdb2_resource.yaml b/docs/multitenant/ords-based/usecase01/create_pdb2_resource.yaml
deleted file mode 100644
index eb36aaa2..00000000
--- a/docs/multitenant/ords-based/usecase01/create_pdb2_resource.yaml
+++ /dev/null
@@ -1,51 +0,0 @@
-apiVersion: database.oracle.com/v4
-kind: PDB
-metadata:
-  name: pdb2
-  namespace: oracle-database-operator-system
-  labels:
-    cdb: cdb-dev
-spec:
-  cdbResName: "cdb-dev"
-  cdbNamespace: "oracle-database-operator-system"
-  cdbName: "DB12"
-  pdbName: "pdbprd"
-  assertivePdbDeletion: true
-  fileNameConversions: "NONE"
-  unlimitedStorage: false
-  tdeImport: false
-  totalSize: "2G"
-  tempSize: "800M"
-  action: "Create"
-  adminName:
-    secret:
-      secretName: "pdbusr"
-      key: "e_pdbusr.txt"
-  adminPwd:
-    secret:
-      secretName: "pdbpwd"
-      key: "e_pdbpwd.txt"
-  pdbTlsKey:
-    secret:
-      secretName: "db-tls"
-      key: "tls.key"
-  pdbTlsCrt:
-    secret:
-      secretName: "db-tls"
-      key: "tls.crt"
-  pdbTlsCat:
-    secret:
-      secretName: "db-ca"
-      key: "ca.crt"
-  webServerUser:
-    secret:
-      secretName: "wbuser"
-      key: "e_wbuser.txt"
-  webServerPwd:
-    secret:
-      secretName: "wbpass"
-      key: "e_wbpass.txt"
-  pdbOrdsPrvKey:
-    secret:
-      secretName: "prvkey"
-      key: "privateKey"
diff --git a/docs/multitenant/ords-based/usecase01/delete_pdb1_resource.yaml b/docs/multitenant/ords-based/usecase01/delete_pdb1_resource.yaml
deleted file mode 100644
index b0816929..00000000
--- a/docs/multitenant/ords-based/usecase01/delete_pdb1_resource.yaml
+++ /dev/null
@@ -1,45 +0,0 @@
-apiVersion: database.oracle.com/v4
-kind: PDB
-metadata:
-  name: pdb1
-  namespace: oracle-database-operator-system
-  labels:
-    cdb: cdb-dev
-spec:
-  cdbResName: "cdb-dev"
-  cdbNamespace: "oracle-database-operator-system"
-  pdbName: "pdbdev"
-  action: "Delete"
-  dropAction: "INCLUDING"
-  adminName:
-    secret:
-      secretName: "pdbusr"
-      key: "e_pdbusr.txt"
-  adminPwd:
-    secret:
-      secretName: "pdbpwd"
-      key: "e_pdbpwd.txt"
-  pdbTlsKey:
-    secret:
-      secretName: "db-tls"
-      key: "tls.key"
-  pdbTlsCrt:
-    secret:
-      secretName: "db-tls"
-      key: "tls.crt"
-  pdbTlsCat:
-    secret:
-      secretName: "db-ca"
-      key: "ca.crt"
-  webServerUser:
-    secret:
-      secretName: "wbuser"
-      key: "e_wbuser.txt"
-  webServerPwd:
-    secret:
-      secretName: "wbpass"
-      key: "e_wbpass.txt"
-  pdbOrdsPrvKey:
-    secret:
-      secretName: "prvkey"
-      key: "privateKey"
diff --git a/docs/multitenant/ords-based/usecase01/delete_pdb2_resource.yaml b/docs/multitenant/ords-based/usecase01/delete_pdb2_resource.yaml
deleted file mode 100644
index d2ad95cc..00000000
--- a/docs/multitenant/ords-based/usecase01/delete_pdb2_resource.yaml
+++ /dev/null
@@ -1,45 +0,0 @@
-apiVersion: database.oracle.com/v4
-kind: PDB
-metadata:
-  name: pdb2
-  namespace: oracle-database-operator-system
-  labels:
-    cdb: cdb-dev
-spec:
-  cdbResName: "cdb-dev"
-  cdbNamespace: "oracle-database-operator-system"
-  pdbName: "pdbprd"
-  action: "Delete"
-  dropAction: "INCLUDING"
-  adminName:
-    secret:
-      secretName: "pdbusr"
-      key: "e_pdbusr.txt"
-  adminPwd:
-    secret:
-      secretName: "pdbpwd"
-      key: "e_pdbpwd.txt"
-  pdbTlsKey:
-    secret:
-      secretName: "db-tls"
-      key: "tls.key"
-  pdbTlsCrt:
-    secret:
-      secretName: "db-tls"
-      key: "tls.crt"
-  pdbTlsCat:
-    secret:
-      secretName: "db-ca"
-      key: "ca.crt"
-  webServerUser:
-    secret:
-      secretName: "wbuser"
-      key: "e_wbuser.txt"
-  webServerPwd:
-    secret:
-      secretName: "wbpass"
-      key: "e_wbpass.txt"
-  pdbOrdsPrvKey:
-    secret:
-      secretName: "prvkey"
-      key: "privateKey"
diff --git a/docs/multitenant/ords-based/usecase01/extfile.txt b/docs/multitenant/ords-based/usecase01/extfile.txt
deleted file mode 100644
index c51d22a3..00000000
--- a/docs/multitenant/ords-based/usecase01/extfile.txt
+++ /dev/null
@@ -1 +0,0 @@
-subjectAltName=DNS:cdb-dev-ords.oracle-database-operator-system,DNS:www.example.com
diff --git a/docs/multitenant/ords-based/usecase01/logfiles/BuildImage.log b/docs/multitenant/ords-based/usecase01/logfiles/BuildImage.log
deleted file mode 100644
index f35c66d8..00000000
--- a/docs/multitenant/ords-based/usecase01/logfiles/BuildImage.log
+++ /dev/null
@@ -1,896 +0,0 @@
-/usr/bin/docker build -t oracle/ords-dboper:latest ../../../ords
-Sending build context to Docker daemon  13.82kB
-Step 1/12 : FROM  container-registry.oracle.com/java/jdk:latest
- ---> b8457e2f0b73
-Step 2/12 : ENV ORDS_HOME=/opt/oracle/ords/     RUN_FILE="runOrdsSSL.sh"     ORDSVERSION=23.4.0-8
- ---> Using cache
- ---> 3317a16cd6f8
-Step 3/12 : COPY   $RUN_FILE $ORDS_HOME
- ---> 7995edec33cc
-Step 4/12 : RUN yum -y install yum-utils bind-utils tree hostname openssl net-tools zip unzip tar wget vim-minimal which sudo expect procps curl lsof &&     yum-config-manager --add-repo=http://yum.oracle.com/repo/OracleLinux/OL8/oracle/software/x86_64 &&     yum -y install java-11-openjdk-devel &&     yum -y install iproute &&     yum clean all
- ---> Running in fe168b01f3ad
-Oracle Linux 8 BaseOS Latest (x86_64)            91 MB/s |  79 MB     00:00
-Oracle Linux 8 Application Stream (x86_64)       69 MB/s |  62 MB     00:00
-Last metadata expiration check: 0:00:12 ago on Tue 20 Aug 2024 08:54:50 AM UTC.
-Package yum-utils-4.0.21-23.0.1.el8.noarch is already installed.
-Package tar-2:1.30-9.el8.x86_64 is already installed.
-Package vim-minimal-2:8.0.1763-19.0.1.el8_6.4.x86_64 is already installed.
-Package procps-ng-3.3.15-14.0.1.el8.x86_64 is already installed.
-Package curl-7.61.1-33.el8_9.5.x86_64 is already installed.
-Dependencies resolved.
-================================================================================
- Package                Arch   Version                  Repository         Size
-================================================================================
-Installing:
- bind-utils             x86_64 32:9.11.36-16.el8_10.2   ol8_appstream     453 k
- expect                 x86_64 5.45.4-5.el8             ol8_baseos_latest 266 k
- hostname               x86_64 3.20-6.el8               ol8_baseos_latest  32 k
- lsof                   x86_64 4.93.2-1.el8             ol8_baseos_latest 253 k
- net-tools              x86_64 2.0-0.52.20160912git.el8 ol8_baseos_latest 322 k
- openssl                x86_64 1:1.1.1k-12.el8_9        ol8_baseos_latest 710 k
- sudo                   x86_64 1.9.5p2-1.el8_9          ol8_baseos_latest 1.0 M
- tree                   x86_64 1.7.0-15.el8             ol8_baseos_latest  59 k
- unzip                  x86_64 6.0-46.0.1.el8           ol8_baseos_latest 196 k
- wget                   x86_64 1.19.5-12.0.1.el8_10     ol8_appstream     733 k
- which                  x86_64 2.21-20.el8              ol8_baseos_latest  50 k
- zip                    x86_64 3.0-23.el8               ol8_baseos_latest 270 k
-Upgrading:
- curl                   x86_64 7.61.1-34.el8            ol8_baseos_latest 352 k
- dnf-plugins-core       noarch 4.0.21-25.0.1.el8        ol8_baseos_latest  76 k
- libcurl                x86_64 7.61.1-34.el8            ol8_baseos_latest 303 k
- python3-dnf-plugins-core
-                        noarch 4.0.21-25.0.1.el8        ol8_baseos_latest 263 k
- yum-utils              noarch 4.0.21-25.0.1.el8        ol8_baseos_latest  75 k
-Installing dependencies:
- bind-libs              x86_64 32:9.11.36-16.el8_10.2   ol8_appstream     176 k
- bind-libs-lite         x86_64 32:9.11.36-16.el8_10.2   ol8_appstream     1.2 M
- bind-license           noarch 32:9.11.36-16.el8_10.2   ol8_appstream     104 k
- fstrm                  x86_64 0.6.1-3.el8              ol8_appstream      29 k
- libmaxminddb           x86_64 1.2.0-10.el8_9.1         ol8_appstream      32 k
- libmetalink            x86_64 0.1.3-7.el8              ol8_baseos_latest  32 k
- protobuf-c             x86_64 1.3.0-8.el8              ol8_appstream      37 k
- python3-bind           noarch 32:9.11.36-16.el8_10.2   ol8_appstream     151 k
- python3-ply            noarch 3.9-9.el8                ol8_baseos_latest 111 k
- tcl                    x86_64 1:8.6.8-2.el8            ol8_baseos_latest 1.1 M
-Installing weak dependencies:
- geolite2-city          noarch 20180605-1.el8           ol8_appstream      19 M
- geolite2-country       noarch 20180605-1.el8           ol8_appstream     1.0 M
-
-Transaction Summary
-================================================================================
-Install  24 Packages
-Upgrade   5 Packages
-
-Total download size: 28 M
-Downloading Packages:
-(1/29): hostname-3.20-6.el8.x86_64.rpm          268 kB/s |  32 kB     00:00
-(2/29): libmetalink-0.1.3-7.el8.x86_64.rpm      257 kB/s |  32 kB     00:00
-(3/29): expect-5.45.4-5.el8.x86_64.rpm          1.4 MB/s | 266 kB     00:00
-(4/29): lsof-4.93.2-1.el8.x86_64.rpm            3.2 MB/s | 253 kB     00:00
-(5/29): net-tools-2.0-0.52.20160912git.el8.x86_ 3.6 MB/s | 322 kB     00:00
-(6/29): python3-ply-3.9-9.el8.noarch.rpm        2.7 MB/s | 111 kB     00:00
-(7/29): openssl-1.1.1k-12.el8_9.x86_64.rpm       10 MB/s | 710 kB     00:00
-(8/29): tree-1.7.0-15.el8.x86_64.rpm            2.2 MB/s |  59 kB     00:00
-(9/29): sudo-1.9.5p2-1.el8_9.x86_64.rpm          14 MB/s | 1.0 MB     00:00
-(10/29): unzip-6.0-46.0.1.el8.x86_64.rpm        6.8 MB/s | 196 kB     00:00
-(11/29): which-2.21-20.el8.x86_64.rpm           2.0 MB/s |  50 kB     00:00
-(12/29): tcl-8.6.8-2.el8.x86_64.rpm              13 MB/s | 1.1 MB     00:00
-(13/29): bind-libs-9.11.36-16.el8_10.2.x86_64.r 6.7 MB/s | 176 kB     00:00
-(14/29): zip-3.0-23.el8.x86_64.rpm              8.4 MB/s | 270 kB     00:00
-(15/29): bind-libs-lite-9.11.36-16.el8_10.2.x86  29 MB/s | 1.2 MB     00:00
-(16/29): bind-license-9.11.36-16.el8_10.2.noarc 3.3 MB/s | 104 kB     00:00
-(17/29): bind-utils-9.11.36-16.el8_10.2.x86_64.  13 MB/s | 453 kB     00:00
-(18/29): fstrm-0.6.1-3.el8.x86_64.rpm           1.2 MB/s |  29 kB     00:00
-(19/29): libmaxminddb-1.2.0-10.el8_9.1.x86_64.r 1.3 MB/s |  32 kB     00:00
-(20/29): geolite2-country-20180605-1.el8.noarch  17 MB/s | 1.0 MB     00:00
-(21/29): protobuf-c-1.3.0-8.el8.x86_64.rpm      1.5 MB/s |  37 kB     00:00
-(22/29): python3-bind-9.11.36-16.el8_10.2.noarc 5.8 MB/s | 151 kB     00:00
-(23/29): wget-1.19.5-12.0.1.el8_10.x86_64.rpm    17 MB/s | 733 kB     00:00
-(24/29): curl-7.61.1-34.el8.x86_64.rpm           12 MB/s | 352 kB     00:00
-(25/29): dnf-plugins-core-4.0.21-25.0.1.el8.noa 2.4 MB/s |  76 kB     00:00
-(26/29): libcurl-7.61.1-34.el8.x86_64.rpm       8.6 MB/s | 303 kB     00:00
-(27/29): python3-dnf-plugins-core-4.0.21-25.0.1 9.8 MB/s | 263 kB     00:00
-(28/29): yum-utils-4.0.21-25.0.1.el8.noarch.rpm 3.0 MB/s |  75 kB     00:00
-(29/29): geolite2-city-20180605-1.el8.noarch.rp  66 MB/s |  19 MB     00:00
---------------------------------------------------------------------------------
-Total                                            43 MB/s |  28 MB     00:00
-Running transaction check
-Transaction check succeeded.
-Running transaction test
-Transaction test succeeded.
-Running transaction
-  Preparing        :                                                        1/1
-  Running scriptlet: protobuf-c-1.3.0-8.el8.x86_64                          1/1
-  Installing       : protobuf-c-1.3.0-8.el8.x86_64                         1/34
-  Installing       : fstrm-0.6.1-3.el8.x86_64                              2/34
-  Installing       : bind-license-32:9.11.36-16.el8_10.2.noarch            3/34
-  Upgrading        : python3-dnf-plugins-core-4.0.21-25.0.1.el8.noarch     4/34
-  Upgrading        : dnf-plugins-core-4.0.21-25.0.1.el8.noarch             5/34
-  Upgrading        : libcurl-7.61.1-34.el8.x86_64                          6/34
-  Installing       : geolite2-country-20180605-1.el8.noarch                7/34
-  Installing       : geolite2-city-20180605-1.el8.noarch                   8/34
-  Installing       : libmaxminddb-1.2.0-10.el8_9.1.x86_64                  9/34
-  Running scriptlet: libmaxminddb-1.2.0-10.el8_9.1.x86_64                  9/34
-  Installing       : bind-libs-lite-32:9.11.36-16.el8_10.2.x86_64         10/34
-  Installing       : bind-libs-32:9.11.36-16.el8_10.2.x86_64              11/34
-  Installing       : unzip-6.0-46.0.1.el8.x86_64                          12/34
-  Installing       : tcl-1:8.6.8-2.el8.x86_64                             13/34
-  Running scriptlet: tcl-1:8.6.8-2.el8.x86_64                             13/34
-  Installing       : python3-ply-3.9-9.el8.noarch                         14/34
-  Installing       : python3-bind-32:9.11.36-16.el8_10.2.noarch           15/34
-  Installing       : libmetalink-0.1.3-7.el8.x86_64                       16/34
-  Installing       : wget-1.19.5-12.0.1.el8_10.x86_64                     17/34
-  Running scriptlet: wget-1.19.5-12.0.1.el8_10.x86_64                     17/34
-  Installing       : bind-utils-32:9.11.36-16.el8_10.2.x86_64             18/34
-  Installing       : expect-5.45.4-5.el8.x86_64                           19/34
-  Installing       : zip-3.0-23.el8.x86_64                                20/34
-  Upgrading        : curl-7.61.1-34.el8.x86_64                            21/34
-  Upgrading        : yum-utils-4.0.21-25.0.1.el8.noarch                   22/34
-  Installing       : which-2.21-20.el8.x86_64                             23/34
-  Installing       : tree-1.7.0-15.el8.x86_64                             24/34
-  Installing       : sudo-1.9.5p2-1.el8_9.x86_64                          25/34
-  Running scriptlet: sudo-1.9.5p2-1.el8_9.x86_64                          25/34
-  Installing       : openssl-1:1.1.1k-12.el8_9.x86_64                     26/34
-  Installing       : net-tools-2.0-0.52.20160912git.el8.x86_64            27/34
-  Running scriptlet: net-tools-2.0-0.52.20160912git.el8.x86_64            27/34
-  Installing       : lsof-4.93.2-1.el8.x86_64                             28/34
-  Installing       : hostname-3.20-6.el8.x86_64                           29/34
-  Running scriptlet: hostname-3.20-6.el8.x86_64                           29/34
-  Cleanup          : curl-7.61.1-33.el8_9.5.x86_64                        30/34
-  Cleanup          : yum-utils-4.0.21-23.0.1.el8.noarch                   31/34
-  Cleanup          : dnf-plugins-core-4.0.21-23.0.1.el8.noarch            32/34
-  Cleanup          : python3-dnf-plugins-core-4.0.21-23.0.1.el8.noarch    33/34
-  Cleanup          : libcurl-7.61.1-33.el8_9.5.x86_64                     34/34
-  Running scriptlet: libcurl-7.61.1-33.el8_9.5.x86_64                     34/34
-  Verifying        : expect-5.45.4-5.el8.x86_64                            1/34
-  Verifying        : hostname-3.20-6.el8.x86_64                            2/34
-  Verifying        : libmetalink-0.1.3-7.el8.x86_64                        3/34
-  Verifying        : lsof-4.93.2-1.el8.x86_64                              4/34
-  Verifying        : net-tools-2.0-0.52.20160912git.el8.x86_64             5/34
-  Verifying        : openssl-1:1.1.1k-12.el8_9.x86_64                      6/34
-  Verifying        : python3-ply-3.9-9.el8.noarch                          7/34
-  Verifying        : sudo-1.9.5p2-1.el8_9.x86_64                           8/34
-  Verifying        : tcl-1:8.6.8-2.el8.x86_64                              9/34
-  Verifying        : tree-1.7.0-15.el8.x86_64                             10/34
-  Verifying        : unzip-6.0-46.0.1.el8.x86_64                          11/34
-  Verifying        : which-2.21-20.el8.x86_64                             12/34
-  Verifying        : zip-3.0-23.el8.x86_64                                13/34
-  Verifying        : bind-libs-32:9.11.36-16.el8_10.2.x86_64              14/34
-  Verifying        : bind-libs-lite-32:9.11.36-16.el8_10.2.x86_64         15/34
-  Verifying        : bind-license-32:9.11.36-16.el8_10.2.noarch           16/34
-  Verifying        : bind-utils-32:9.11.36-16.el8_10.2.x86_64             17/34
-  Verifying        : fstrm-0.6.1-3.el8.x86_64                             18/34
-  Verifying        : geolite2-city-20180605-1.el8.noarch                  19/34
-  Verifying        : geolite2-country-20180605-1.el8.noarch               20/34
-  Verifying        : libmaxminddb-1.2.0-10.el8_9.1.x86_64                 21/34
-  Verifying        : protobuf-c-1.3.0-8.el8.x86_64                        22/34
-  Verifying        : python3-bind-32:9.11.36-16.el8_10.2.noarch           23/34
-  Verifying        : wget-1.19.5-12.0.1.el8_10.x86_64                     24/34
-  Verifying        : curl-7.61.1-34.el8.x86_64                            25/34
-  Verifying        : curl-7.61.1-33.el8_9.5.x86_64                        26/34
-  Verifying        : dnf-plugins-core-4.0.21-25.0.1.el8.noarch            27/34
-  Verifying        : dnf-plugins-core-4.0.21-23.0.1.el8.noarch            28/34
-  Verifying        : libcurl-7.61.1-34.el8.x86_64                         29/34
-  Verifying        : libcurl-7.61.1-33.el8_9.5.x86_64                     30/34
-  Verifying        : python3-dnf-plugins-core-4.0.21-25.0.1.el8.noarch    31/34
-  Verifying        : python3-dnf-plugins-core-4.0.21-23.0.1.el8.noarch    32/34
-  Verifying        : yum-utils-4.0.21-25.0.1.el8.noarch                   33/34
-  Verifying        : yum-utils-4.0.21-23.0.1.el8.noarch                   34/34
-
-Upgraded:
-  curl-7.61.1-34.el8.x86_64
-  dnf-plugins-core-4.0.21-25.0.1.el8.noarch
-  libcurl-7.61.1-34.el8.x86_64
-  python3-dnf-plugins-core-4.0.21-25.0.1.el8.noarch
-  yum-utils-4.0.21-25.0.1.el8.noarch
-Installed:
-  bind-libs-32:9.11.36-16.el8_10.2.x86_64
-  bind-libs-lite-32:9.11.36-16.el8_10.2.x86_64
-  bind-license-32:9.11.36-16.el8_10.2.noarch
-  bind-utils-32:9.11.36-16.el8_10.2.x86_64
-  expect-5.45.4-5.el8.x86_64
-  fstrm-0.6.1-3.el8.x86_64
-  geolite2-city-20180605-1.el8.noarch
-  geolite2-country-20180605-1.el8.noarch
-  hostname-3.20-6.el8.x86_64
-  libmaxminddb-1.2.0-10.el8_9.1.x86_64
-  libmetalink-0.1.3-7.el8.x86_64
-  lsof-4.93.2-1.el8.x86_64
-  net-tools-2.0-0.52.20160912git.el8.x86_64
-  openssl-1:1.1.1k-12.el8_9.x86_64
-  protobuf-c-1.3.0-8.el8.x86_64
-  python3-bind-32:9.11.36-16.el8_10.2.noarch
-  python3-ply-3.9-9.el8.noarch
-  sudo-1.9.5p2-1.el8_9.x86_64
-  tcl-1:8.6.8-2.el8.x86_64
-  tree-1.7.0-15.el8.x86_64
-  unzip-6.0-46.0.1.el8.x86_64
-  wget-1.19.5-12.0.1.el8_10.x86_64
-  which-2.21-20.el8.x86_64
-  zip-3.0-23.el8.x86_64
-
-Complete!
-Adding repo from: http://yum.oracle.com/repo/OracleLinux/OL8/oracle/software/x86_64
-created by dnf config-manager from http://yum.o 496 kB/s | 139 kB     00:00
-Last metadata expiration check: 0:00:01 ago on Tue 20 Aug 2024 08:55:14 AM UTC.
-Dependencies resolved.
-==============================================================================================
- Package                     Arch    Version                          Repository          Size
-==============================================================================================
-Installing:
- java-11-openjdk-devel       x86_64  1:11.0.24.0.8-3.0.1.el8          ol8_appstream      3.4 M
-Installing dependencies:
- adwaita-cursor-theme        noarch  3.28.0-3.el8                     ol8_appstream      647 k
- adwaita-icon-theme          noarch  3.28.0-3.el8                     ol8_appstream       11 M
- alsa-lib                    x86_64  1.2.10-2.el8                     ol8_appstream      500 k
- at-spi2-atk                 x86_64  2.26.2-1.el8                     ol8_appstream       89 k
- at-spi2-core                x86_64  2.28.0-1.el8                     ol8_appstream      169 k
- atk                         x86_64  2.28.1-1.el8                     ol8_appstream      272 k
- avahi-libs                  x86_64  0.7-27.el8                       ol8_baseos_latest   61 k
- cairo                       x86_64  1.15.12-6.el8                    ol8_appstream      719 k
- cairo-gobject               x86_64  1.15.12-6.el8                    ol8_appstream       33 k
- colord-libs                 x86_64  1.4.2-1.el8                      ol8_appstream      236 k
- copy-jdk-configs            noarch  4.0-2.el8                        ol8_appstream       30 k
- cpio                        x86_64  2.12-11.el8                      ol8_baseos_latest  266 k
- crypto-policies-scripts     noarch  20230731-1.git3177e06.el8        ol8_baseos_latest   84 k
- cups-libs                   x86_64  1:2.2.6-60.el8_10                ol8_baseos_latest  435 k
- dracut                      x86_64  049-233.git20240115.0.1.el8      ol8_baseos_latest  382 k
- file                        x86_64  5.33-25.el8                      ol8_baseos_latest   77 k
- fribidi                     x86_64  1.0.4-9.el8                      ol8_appstream       89 k
- gdk-pixbuf2                 x86_64  2.36.12-6.el8_10                 ol8_baseos_latest  465 k
- gdk-pixbuf2-modules         x86_64  2.36.12-6.el8_10                 ol8_appstream      108 k
- gettext                     x86_64  0.19.8.1-17.el8                  ol8_baseos_latest  1.1 M
- gettext-libs                x86_64  0.19.8.1-17.el8                  ol8_baseos_latest  312 k
- glib-networking             x86_64  2.56.1-1.1.el8                   ol8_baseos_latest  155 k
- graphite2                   x86_64  1.3.10-10.el8                    ol8_appstream      122 k
- grub2-common                noarch  1:2.02-156.0.2.el8               ol8_baseos_latest  897 k
- grub2-tools                 x86_64  1:2.02-156.0.2.el8               ol8_baseos_latest  2.0 M
- grub2-tools-minimal         x86_64  1:2.02-156.0.2.el8               ol8_baseos_latest  215 k
- gsettings-desktop-schemas   x86_64  3.32.0-6.el8                     ol8_baseos_latest  633 k
- gtk-update-icon-cache       x86_64  3.22.30-11.el8                   ol8_appstream       32 k
- harfbuzz                    x86_64  1.7.5-4.el8                      ol8_appstream      295 k
- hicolor-icon-theme          noarch  0.17-2.el8                       ol8_appstream       48 k
- jasper-libs                 x86_64  2.0.14-5.el8                     ol8_appstream      167 k
- java-11-openjdk             x86_64  1:11.0.24.0.8-3.0.1.el8          ol8_appstream      475 k
- java-11-openjdk-headless    x86_64  1:11.0.24.0.8-3.0.1.el8          ol8_appstream       42 M
- javapackages-filesystem     noarch  5.3.0-1.module+el8+5136+7ff78f74 ol8_appstream       30 k
- jbigkit-libs                x86_64  2.1-14.el8                       ol8_appstream       55 k
- json-glib                   x86_64  1.4.4-1.el8                      ol8_baseos_latest  144 k
- kbd-legacy                  noarch  2.0.4-11.el8                     ol8_baseos_latest  481 k
- kbd-misc                    noarch  2.0.4-11.el8                     ol8_baseos_latest  1.5 M
- lcms2                       x86_64  2.9-2.el8                        ol8_appstream      164 k
- libX11                      x86_64  1.6.8-8.el8                      ol8_appstream      611 k
- libX11-common               noarch  1.6.8-8.el8                      ol8_appstream      157 k
- libXau                      x86_64  1.0.9-3.el8                      ol8_appstream       37 k
- libXcomposite               x86_64  0.4.4-14.el8                     ol8_appstream       28 k
- libXcursor                  x86_64  1.1.15-3.el8                     ol8_appstream       36 k
- libXdamage                  x86_64  1.1.4-14.el8                     ol8_appstream       27 k
- libXext                     x86_64  1.3.4-1.el8                      ol8_appstream       45 k
- libXfixes                   x86_64  5.0.3-7.el8                      ol8_appstream       25 k
- libXft                      x86_64  2.3.3-1.el8                      ol8_appstream       67 k
- libXi                       x86_64  1.7.10-1.el8                     ol8_appstream       49 k
- libXinerama                 x86_64  1.1.4-1.el8                      ol8_appstream       15 k
- libXrandr                   x86_64  1.5.2-1.el8                      ol8_appstream       34 k
- libXrender                  x86_64  0.9.10-7.el8                     ol8_appstream       33 k
- libXtst                     x86_64  1.2.3-7.el8                      ol8_appstream       22 k
- libcroco                    x86_64  0.6.12-4.el8_2.1                 ol8_baseos_latest  113 k
- libdatrie                   x86_64  0.2.9-7.el8                      ol8_appstream       33 k
- libepoxy                    x86_64  1.5.8-1.el8                      ol8_appstream      225 k
- libfontenc                  x86_64  1.1.3-8.el8                      ol8_appstream       37 k
- libgomp                     x86_64  8.5.0-22.0.1.el8_10              ol8_baseos_latest  218 k
- libgusb                     x86_64  0.3.0-1.el8                      ol8_baseos_latest   49 k
- libjpeg-turbo               x86_64  1.5.3-12.el8                     ol8_appstream      157 k
- libkcapi                    x86_64  1.4.0-2.0.1.el8                  ol8_baseos_latest   52 k
- libkcapi-hmaccalc           x86_64  1.4.0-2.0.1.el8                  ol8_baseos_latest   31 k
- libmodman                   x86_64  2.0.1-17.el8                     ol8_baseos_latest   36 k
- libpkgconf                  x86_64  1.4.2-1.el8                      ol8_baseos_latest   35 k
- libproxy                    x86_64  0.4.15-5.2.el8                   ol8_baseos_latest   75 k
- libsoup                     x86_64  2.62.3-5.el8                     ol8_baseos_latest  424 k
- libthai                     x86_64  0.1.27-2.el8                     ol8_appstream      203 k
- libtiff                     x86_64  4.0.9-32.el8_10                  ol8_appstream      189 k
- libwayland-client           x86_64  1.21.0-1.el8                     ol8_appstream       41 k
- libwayland-cursor           x86_64  1.21.0-1.el8                     ol8_appstream       26 k
- libwayland-egl              x86_64  1.21.0-1.el8                     ol8_appstream       19 k
- libxcb                      x86_64  1.13.1-1.el8                     ol8_appstream      231 k
- libxkbcommon                x86_64  0.9.1-1.el8                      ol8_appstream      116 k
- lksctp-tools                x86_64  1.0.18-3.el8                     ol8_baseos_latest  100 k
- lua                         x86_64  5.3.4-12.el8                     ol8_appstream      192 k
- nspr                        x86_64  4.35.0-1.el8_8                   ol8_appstream      143 k
- nss                         x86_64  3.90.0-7.el8_10                  ol8_appstream      750 k
- nss-softokn                 x86_64  3.90.0-7.el8_10                  ol8_appstream      1.2 M
- nss-softokn-freebl          x86_64  3.90.0-7.el8_10                  ol8_appstream      375 k
- nss-sysinit                 x86_64  3.90.0-7.el8_10                  ol8_appstream       74 k
- nss-util                    x86_64  3.90.0-7.el8_10                  ol8_appstream      139 k
- os-prober                   x86_64  1.74-9.0.1.el8                   ol8_baseos_latest   51 k
- pango                       x86_64  1.42.4-8.el8                     ol8_appstream      297 k
- pixman                      x86_64  0.38.4-4.el8                     ol8_appstream      256 k
- pkgconf                     x86_64  1.4.2-1.el8                      ol8_baseos_latest   38 k
- pkgconf-m4                  noarch  1.4.2-1.el8                      ol8_baseos_latest   17 k
- pkgconf-pkg-config          x86_64  1.4.2-1.el8                      ol8_baseos_latest   15 k
- rest                        x86_64  0.8.1-2.el8                      ol8_appstream       70 k
- shared-mime-info            x86_64  1.9-4.el8                        ol8_baseos_latest  328 k
- systemd-udev                x86_64  239-78.0.4.el8                   ol8_baseos_latest  1.6 M
- ttmkfdir                    x86_64  3.0.9-54.el8                     ol8_appstream       62 k
- tzdata-java                 noarch  2024a-1.0.1.el8                  ol8_appstream      186 k
- xkeyboard-config            noarch  2.28-1.el8                       ol8_appstream      782 k
- xorg-x11-font-utils         x86_64  1:7.5-41.el8                     ol8_appstream      104 k
- xorg-x11-fonts-Type1        noarch  7.5-19.el8                       ol8_appstream      522 k
- xz                          x86_64  5.2.4-4.el8_6                    ol8_baseos_latest  153 k
-Installing weak dependencies:
- abattis-cantarell-fonts     noarch  0.0.25-6.el8                     ol8_appstream      155 k
- dconf                       x86_64  0.28.0-4.0.1.el8                 ol8_appstream      108 k
- dejavu-sans-mono-fonts      noarch  2.35-7.el8                       ol8_baseos_latest  447 k
- grubby                      x86_64  8.40-49.0.2.el8                  ol8_baseos_latest   50 k
- gtk3                        x86_64  3.22.30-11.el8                   ol8_appstream      4.5 M
- hardlink                    x86_64  1:1.3-6.el8                      ol8_baseos_latest   29 k
- kbd                         x86_64  2.0.4-11.el8                     ol8_baseos_latest  390 k
- memstrack                   x86_64  0.2.5-2.el8                      ol8_baseos_latest   51 k
- pigz                        x86_64  2.4-4.el8                        ol8_baseos_latest   80 k
-Enabling module streams:
- javapackages-runtime                201801
-
-Transaction Summary
-==============================================================================================
-Install  106 Packages
-
-Total download size: 86 M
-Installed size: 312 M
-Downloading Packages:
-(1/106): crypto-policies-scripts-20230731-1.git 862 kB/s |  84 kB     00:00
-(2/106): avahi-libs-0.7-27.el8.x86_64.rpm       602 kB/s |  61 kB     00:00
-(3/106): cpio-2.12-11.el8.x86_64.rpm            1.8 MB/s | 266 kB     00:00
-(4/106): cups-libs-2.2.6-60.el8_10.x86_64.rpm   5.7 MB/s | 435 kB     00:00
-(5/106): dejavu-sans-mono-fonts-2.35-7.el8.noar 5.1 MB/s | 447 kB     00:00
-(6/106): dracut-049-233.git20240115.0.1.el8.x86 7.0 MB/s | 382 kB     00:00
-(7/106): gdk-pixbuf2-2.36.12-6.el8_10.x86_64.rp  12 MB/s | 465 kB     00:00
-(8/106): gettext-libs-0.19.8.1-17.el8.x86_64.rp 9.3 MB/s | 312 kB     00:00
-(9/106): gettext-0.19.8.1-17.el8.x86_64.rpm      16 MB/s | 1.1 MB     00:00
-(10/106): glib-networking-2.56.1-1.1.el8.x86_64 6.0 MB/s | 155 kB     00:00
-(11/106): grub2-common-2.02-156.0.2.el8.noarch.  26 MB/s | 897 kB     00:00
-(12/106): grub2-tools-minimal-2.02-156.0.2.el8. 8.2 MB/s | 215 kB     00:00
-(13/106): grubby-8.40-49.0.2.el8.x86_64.rpm     2.1 MB/s |  50 kB     00:00
-(14/106): grub2-tools-2.02-156.0.2.el8.x86_64.r  26 MB/s | 2.0 MB     00:00
-(15/106): gsettings-desktop-schemas-3.32.0-6.el  19 MB/s | 633 kB     00:00
-(16/106): hardlink-1.3-6.el8.x86_64.rpm         1.1 MB/s |  29 kB     00:00
-(17/106): json-glib-1.4.4-1.el8.x86_64.rpm      5.9 MB/s | 144 kB     00:00
-(18/106): kbd-2.0.4-11.el8.x86_64.rpm            14 MB/s | 390 kB     00:00
-(19/106): kbd-legacy-2.0.4-11.el8.noarch.rpm     17 MB/s | 481 kB     00:00
-(20/106): kbd-misc-2.0.4-11.el8.noarch.rpm       41 MB/s | 1.5 MB     00:00
-(21/106): libcroco-0.6.12-4.el8_2.1.x86_64.rpm  4.7 MB/s | 113 kB     00:00
-(22/106): libgomp-8.5.0-22.0.1.el8_10.x86_64.rp 9.1 MB/s | 218 kB     00:00
-(23/106): libgusb-0.3.0-1.el8.x86_64.rpm        2.1 MB/s |  49 kB     00:00
-(24/106): libkcapi-1.4.0-2.0.1.el8.x86_64.rpm   1.6 MB/s |  52 kB     00:00
-(25/106): libkcapi-hmaccalc-1.4.0-2.0.1.el8.x86 822 kB/s |  31 kB     00:00
-(26/106): libmodman-2.0.1-17.el8.x86_64.rpm     1.6 MB/s |  36 kB     00:00
-(27/106): libpkgconf-1.4.2-1.el8.x86_64.rpm     1.2 MB/s |  35 kB     00:00
-(28/106): libproxy-0.4.15-5.2.el8.x86_64.rpm    3.0 MB/s |  75 kB     00:00
-(29/106): libsoup-2.62.3-5.el8.x86_64.rpm        15 MB/s | 424 kB     00:00
-(30/106): lksctp-tools-1.0.18-3.el8.x86_64.rpm  3.5 MB/s | 100 kB     00:00
-(31/106): memstrack-0.2.5-2.el8.x86_64.rpm      2.2 MB/s |  51 kB     00:00
-(32/106): os-prober-1.74-9.0.1.el8.x86_64.rpm   2.2 MB/s |  51 kB     00:00
-(33/106): pigz-2.4-4.el8.x86_64.rpm             3.5 MB/s |  80 kB     00:00
-(34/106): pkgconf-1.4.2-1.el8.x86_64.rpm        1.7 MB/s |  38 kB     00:00
-(35/106): pkgconf-m4-1.4.2-1.el8.noarch.rpm     761 kB/s |  17 kB     00:00
-(36/106): pkgconf-pkg-config-1.4.2-1.el8.x86_64 691 kB/s |  15 kB     00:00
-(37/106): shared-mime-info-1.9-4.el8.x86_64.rpm  13 MB/s | 328 kB     00:00
-(38/106): systemd-udev-239-78.0.4.el8.x86_64.rp  32 MB/s | 1.6 MB     00:00
-(39/106): xz-5.2.4-4.el8_6.x86_64.rpm           5.2 MB/s | 153 kB     00:00
-(40/106): abattis-cantarell-fonts-0.0.25-6.el8. 6.4 MB/s | 155 kB     00:00
-(41/106): adwaita-cursor-theme-3.28.0-3.el8.noa  22 MB/s | 647 kB     00:00
-(42/106): alsa-lib-1.2.10-2.el8.x86_64.rpm       18 MB/s | 500 kB     00:00
-(43/106): at-spi2-atk-2.26.2-1.el8.x86_64.rpm   3.8 MB/s |  89 kB     00:00
-(44/106): at-spi2-core-2.28.0-1.el8.x86_64.rpm  6.9 MB/s | 169 kB     00:00
-(45/106): atk-2.28.1-1.el8.x86_64.rpm           9.2 MB/s | 272 kB     00:00
-(46/106): cairo-1.15.12-6.el8.x86_64.rpm         24 MB/s | 719 kB     00:00
-(47/106): adwaita-icon-theme-3.28.0-3.el8.noarc  65 MB/s |  11 MB     00:00
-(48/106): cairo-gobject-1.15.12-6.el8.x86_64.rp 914 kB/s |  33 kB     00:00
-(49/106): colord-libs-1.4.2-1.el8.x86_64.rpm    9.5 MB/s | 236 kB     00:00
-(50/106): copy-jdk-configs-4.0-2.el8.noarch.rpm 1.1 MB/s |  30 kB     00:00
-(51/106): dconf-0.28.0-4.0.1.el8.x86_64.rpm     4.4 MB/s | 108 kB     00:00
-(52/106): fribidi-1.0.4-9.el8.x86_64.rpm        3.9 MB/s |  89 kB     00:00
-(53/106): graphite2-1.3.10-10.el8.x86_64.rpm    5.1 MB/s | 122 kB     00:00
-(54/106): gdk-pixbuf2-modules-2.36.12-6.el8_10. 3.6 MB/s | 108 kB     00:00
-(55/106): gtk-update-icon-cache-3.22.30-11.el8. 1.4 MB/s |  32 kB     00:00
-(56/106): harfbuzz-1.7.5-4.el8.x86_64.rpm        11 MB/s | 295 kB     00:00
-(57/106): gtk3-3.22.30-11.el8.x86_64.rpm         68 MB/s | 4.5 MB     00:00
-(58/106): hicolor-icon-theme-0.17-2.el8.noarch. 2.1 MB/s |  48 kB     00:00
-(59/106): java-11-openjdk-11.0.24.0.8-3.0.1.el8  17 MB/s | 475 kB     00:00
-(60/106): jasper-libs-2.0.14-5.el8.x86_64.rpm   5.0 MB/s | 167 kB     00:00
-(61/106): java-11-openjdk-devel-11.0.24.0.8-3.0  61 MB/s | 3.4 MB     00:00
-(62/106): javapackages-filesystem-5.3.0-1.modul 1.2 MB/s |  30 kB     00:00
-(63/106): jbigkit-libs-2.1-14.el8.x86_64.rpm    2.1 MB/s |  55 kB     00:00
-(64/106): lcms2-2.9-2.el8.x86_64.rpm            3.8 MB/s | 164 kB     00:00
-(65/106): libX11-1.6.8-8.el8.x86_64.rpm          20 MB/s | 611 kB     00:00
-(66/106): libX11-common-1.6.8-8.el8.noarch.rpm  6.8 MB/s | 157 kB     00:00
-(67/106): libXau-1.0.9-3.el8.x86_64.rpm         1.6 MB/s |  37 kB     00:00
-(68/106): libXcomposite-0.4.4-14.el8.x86_64.rpm 1.3 MB/s |  28 kB     00:00
-(69/106): libXcursor-1.1.15-3.el8.x86_64.rpm    1.6 MB/s |  36 kB     00:00
-(70/106): libXdamage-1.1.4-14.el8.x86_64.rpm    1.2 MB/s |  27 kB     00:00
-(71/106): libXext-1.3.4-1.el8.x86_64.rpm        2.0 MB/s |  45 kB     00:00
-(72/106): libXfixes-5.0.3-7.el8.x86_64.rpm      1.1 MB/s |  25 kB     00:00
-(73/106): libXft-2.3.3-1.el8.x86_64.rpm         2.9 MB/s |  67 kB     00:00
-(74/106): libXi-1.7.10-1.el8.x86_64.rpm         2.2 MB/s |  49 kB     00:00
-(75/106): libXinerama-1.1.4-1.el8.x86_64.rpm    717 kB/s |  15 kB     00:00
-(76/106): libXrandr-1.5.2-1.el8.x86_64.rpm      1.5 MB/s |  34 kB     00:00
-(77/106): libXrender-0.9.10-7.el8.x86_64.rpm    1.4 MB/s |  33 kB     00:00
-(78/106): libXtst-1.2.3-7.el8.x86_64.rpm        957 kB/s |  22 kB     00:00
-(79/106): java-11-openjdk-headless-11.0.24.0.8-  71 MB/s |  42 MB     00:00
-(80/106): libdatrie-0.2.9-7.el8.x86_64.rpm      274 kB/s |  33 kB     00:00
-(81/106): libepoxy-1.5.8-1.el8.x86_64.rpm       9.1 MB/s | 225 kB     00:00
-(82/106): libfontenc-1.1.3-8.el8.x86_64.rpm     1.5 MB/s |  37 kB     00:00
-(83/106): libthai-0.1.27-2.el8.x86_64.rpm       8.2 MB/s | 203 kB     00:00
-(84/106): libjpeg-turbo-1.5.3-12.el8.x86_64.rpm 5.1 MB/s | 157 kB     00:00
-(85/106): libtiff-4.0.9-32.el8_10.x86_64.rpm    7.8 MB/s | 189 kB     00:00
-(86/106): libwayland-client-1.21.0-1.el8.x86_64 1.7 MB/s |  41 kB     00:00
-(87/106): libwayland-cursor-1.21.0-1.el8.x86_64 1.2 MB/s |  26 kB     00:00
-(88/106): libwayland-egl-1.21.0-1.el8.x86_64.rp 801 kB/s |  19 kB     00:00
-(89/106): libxcb-1.13.1-1.el8.x86_64.rpm        9.7 MB/s | 231 kB     00:00
-(90/106): libxkbcommon-0.9.1-1.el8.x86_64.rpm   5.0 MB/s | 116 kB     00:00
-(91/106): nspr-4.35.0-1.el8_8.x86_64.rpm        6.0 MB/s | 143 kB     00:00
-(92/106): lua-5.3.4-12.el8.x86_64.rpm           5.9 MB/s | 192 kB     00:00
-(93/106): nss-softokn-3.90.0-7.el8_10.x86_64.rp  38 MB/s | 1.2 MB     00:00
-(94/106): nss-3.90.0-7.el8_10.x86_64.rpm         17 MB/s | 750 kB     00:00
-(95/106): nss-softokn-freebl-3.90.0-7.el8_10.x8  14 MB/s | 375 kB     00:00
-(96/106): nss-sysinit-3.90.0-7.el8_10.x86_64.rp 3.2 MB/s |  74 kB     00:00
-(97/106): nss-util-3.90.0-7.el8_10.x86_64.rpm   5.8 MB/s | 139 kB     00:00
-(98/106): pango-1.42.4-8.el8.x86_64.rpm          11 MB/s | 297 kB     00:00
-(99/106): pixman-0.38.4-4.el8.x86_64.rpm         10 MB/s | 256 kB     00:00
-(100/106): rest-0.8.1-2.el8.x86_64.rpm          3.1 MB/s |  70 kB     00:00
-(101/106): ttmkfdir-3.0.9-54.el8.x86_64.rpm     2.5 MB/s |  62 kB     00:00
-(102/106): tzdata-java-2024a-1.0.1.el8.noarch.r 7.4 MB/s | 186 kB     00:00
-(103/106): xkeyboard-config-2.28-1.el8.noarch.r  27 MB/s | 782 kB     00:00
-(104/106): xorg-x11-font-utils-7.5-41.el8.x86_6 3.9 MB/s | 104 kB     00:00
-(105/106): xorg-x11-fonts-Type1-7.5-19.el8.noar 1.3 MB/s | 522 kB     00:00
-(106/106): file-5.33-25.el8.x86_64.rpm           26 kB/s |  77 kB     00:02
---------------------------------------------------------------------------------
-Total                                            27 MB/s |  86 MB     00:03
-Running transaction check
-Transaction check succeeded.
-Running transaction test
-Transaction test succeeded.
-Running transaction
-  Running scriptlet: copy-jdk-configs-4.0-2.el8.noarch                      1/1
-  Running scriptlet: java-11-openjdk-headless-1:11.0.24.0.8-3.0.1.el8.x86   1/1
-  Preparing        :                                                        1/1
-  Installing       : nspr-4.35.0-1.el8_8.x86_64                           1/106
-  Running scriptlet: nspr-4.35.0-1.el8_8.x86_64                           1/106
-  Installing       : nss-util-3.90.0-7.el8_10.x86_64                      2/106
-  Installing       : libjpeg-turbo-1.5.3-12.el8.x86_64                    3/106
-  Installing       : pixman-0.38.4-4.el8.x86_64                           4/106
-  Installing       : libwayland-client-1.21.0-1.el8.x86_64                5/106
-  Installing       : atk-2.28.1-1.el8.x86_64                              6/106
-  Installing       : libgomp-8.5.0-22.0.1.el8_10.x86_64                   7/106
-  Running scriptlet: libgomp-8.5.0-22.0.1.el8_10.x86_64                   7/106
-  Installing       : libcroco-0.6.12-4.el8_2.1.x86_64                     8/106
-  Running scriptlet: libcroco-0.6.12-4.el8_2.1.x86_64                     8/106
-  Installing       : grub2-common-1:2.02-156.0.2.el8.noarch               9/106
-  Installing       : gettext-libs-0.19.8.1-17.el8.x86_64                 10/106
-  Installing       : gettext-0.19.8.1-17.el8.x86_64                      11/106
-  Running scriptlet: gettext-0.19.8.1-17.el8.x86_64                      11/106
-  Installing       : grub2-tools-minimal-1:2.02-156.0.2.el8.x86_64       12/106
-  Installing       : libwayland-cursor-1.21.0-1.el8.x86_64               13/106
-  Installing       : jasper-libs-2.0.14-5.el8.x86_64                     14/106
-  Installing       : nss-softokn-freebl-3.90.0-7.el8_10.x86_64           15/106
-  Installing       : nss-softokn-3.90.0-7.el8_10.x86_64                  16/106
-  Installing       : xkeyboard-config-2.28-1.el8.noarch                  17/106
-  Installing       : libxkbcommon-0.9.1-1.el8.x86_64                     18/106
-  Installing       : tzdata-java-2024a-1.0.1.el8.noarch                  19/106
-  Installing       : ttmkfdir-3.0.9-54.el8.x86_64                        20/106
-  Installing       : lua-5.3.4-12.el8.x86_64                             21/106
-  Installing       : copy-jdk-configs-4.0-2.el8.noarch                   22/106
-  Installing       : libwayland-egl-1.21.0-1.el8.x86_64                  23/106
-  Installing       : libfontenc-1.1.3-8.el8.x86_64                       24/106
-  Installing       : libepoxy-1.5.8-1.el8.x86_64                         25/106
-  Installing       : libdatrie-0.2.9-7.el8.x86_64                        26/106
-  Running scriptlet: libdatrie-0.2.9-7.el8.x86_64                        26/106
-  Installing       : libthai-0.1.27-2.el8.x86_64                         27/106
-  Running scriptlet: libthai-0.1.27-2.el8.x86_64                         27/106
-  Installing       : libXau-1.0.9-3.el8.x86_64                           28/106
-  Installing       : libxcb-1.13.1-1.el8.x86_64                          29/106
-  Installing       : libX11-common-1.6.8-8.el8.noarch                    30/106
-  Installing       : libX11-1.6.8-8.el8.x86_64                           31/106
-  Installing       : libXext-1.3.4-1.el8.x86_64                          32/106
-  Installing       : libXrender-0.9.10-7.el8.x86_64                      33/106
-  Installing       : cairo-1.15.12-6.el8.x86_64                          34/106
-  Installing       : libXi-1.7.10-1.el8.x86_64                           35/106
-  Installing       : libXfixes-5.0.3-7.el8.x86_64                        36/106
-  Installing       : libXtst-1.2.3-7.el8.x86_64                          37/106
-  Installing       : libXcomposite-0.4.4-14.el8.x86_64                   38/106
-  Installing       : at-spi2-core-2.28.0-1.el8.x86_64                    39/106
-  Running scriptlet: at-spi2-core-2.28.0-1.el8.x86_64                    39/106
-  Installing       : at-spi2-atk-2.26.2-1.el8.x86_64                     40/106
-  Running scriptlet: at-spi2-atk-2.26.2-1.el8.x86_64                     40/106
-  Installing       : libXcursor-1.1.15-3.el8.x86_64                      41/106
-  Installing       : libXdamage-1.1.4-14.el8.x86_64                      42/106
-  Installing       : cairo-gobject-1.15.12-6.el8.x86_64                  43/106
-  Installing       : libXft-2.3.3-1.el8.x86_64                           44/106
-  Installing       : libXrandr-1.5.2-1.el8.x86_64                        45/106
-  Installing       : libXinerama-1.1.4-1.el8.x86_64                      46/106
-  Installing       : lcms2-2.9-2.el8.x86_64                              47/106
-  Running scriptlet: lcms2-2.9-2.el8.x86_64                              47/106
-  Installing       : jbigkit-libs-2.1-14.el8.x86_64                      48/106
-  Running scriptlet: jbigkit-libs-2.1-14.el8.x86_64                      48/106
-  Installing       : libtiff-4.0.9-32.el8_10.x86_64                      49/106
-  Installing       : javapackages-filesystem-5.3.0-1.module+el8+5136+    50/106
-  Installing       : hicolor-icon-theme-0.17-2.el8.noarch                51/106
-  Installing       : graphite2-1.3.10-10.el8.x86_64                      52/106
-  Installing       : harfbuzz-1.7.5-4.el8.x86_64                         53/106
-  Running scriptlet: harfbuzz-1.7.5-4.el8.x86_64                         53/106
-  Installing       : fribidi-1.0.4-9.el8.x86_64                          54/106
-  Installing       : pango-1.42.4-8.el8.x86_64                           55/106
-  Running scriptlet: pango-1.42.4-8.el8.x86_64                           55/106
-  Installing       : dconf-0.28.0-4.0.1.el8.x86_64                       56/106
-  Installing       : alsa-lib-1.2.10-2.el8.x86_64                        57/106
-  Running scriptlet: alsa-lib-1.2.10-2.el8.x86_64                        57/106
-  Installing       : adwaita-cursor-theme-3.28.0-3.el8.noarch            58/106
-  Installing       : adwaita-icon-theme-3.28.0-3.el8.noarch              59/106
-  Installing       : abattis-cantarell-fonts-0.0.25-6.el8.noarch         60/106
-  Installing       : xz-5.2.4-4.el8_6.x86_64                             61/106
-  Installing       : shared-mime-info-1.9-4.el8.x86_64                   62/106
-  Running scriptlet: shared-mime-info-1.9-4.el8.x86_64                   62/106
-  Installing       : gdk-pixbuf2-2.36.12-6.el8_10.x86_64                 63/106
-  Running scriptlet: gdk-pixbuf2-2.36.12-6.el8_10.x86_64                 63/106
-  Installing       : gdk-pixbuf2-modules-2.36.12-6.el8_10.x86_64         64/106
-  Installing       : gtk-update-icon-cache-3.22.30-11.el8.x86_64         65/106
-  Installing       : pkgconf-m4-1.4.2-1.el8.noarch                       66/106
-  Installing       : pigz-2.4-4.el8.x86_64                               67/106
-  Installing       : memstrack-0.2.5-2.el8.x86_64                        68/106
-  Installing       : lksctp-tools-1.0.18-3.el8.x86_64                    69/106
-  Running scriptlet: lksctp-tools-1.0.18-3.el8.x86_64                    69/106
-  Installing       : libpkgconf-1.4.2-1.el8.x86_64                       70/106
-  Installing       : pkgconf-1.4.2-1.el8.x86_64                          71/106
-  Installing       : pkgconf-pkg-config-1.4.2-1.el8.x86_64               72/106
-  Installing       : xorg-x11-font-utils-1:7.5-41.el8.x86_64             73/106
-  Installing       : xorg-x11-fonts-Type1-7.5-19.el8.noarch              74/106
-  Running scriptlet: xorg-x11-fonts-Type1-7.5-19.el8.noarch              74/106
-  Installing       : libmodman-2.0.1-17.el8.x86_64                       75/106
-  Running scriptlet: libmodman-2.0.1-17.el8.x86_64                       75/106
-  Installing       : libproxy-0.4.15-5.2.el8.x86_64                      76/106
-  Running scriptlet: libproxy-0.4.15-5.2.el8.x86_64                      76/106
-  Installing       : libkcapi-1.4.0-2.0.1.el8.x86_64                     77/106
-  Installing       : libkcapi-hmaccalc-1.4.0-2.0.1.el8.x86_64            78/106
-  Installing       : libgusb-0.3.0-1.el8.x86_64                          79/106
-  Installing       : colord-libs-1.4.2-1.el8.x86_64                      80/106
-  Installing       : kbd-misc-2.0.4-11.el8.noarch                        81/106
-  Installing       : kbd-legacy-2.0.4-11.el8.noarch                      82/106
-  Installing       : kbd-2.0.4-11.el8.x86_64                             83/106
-  Installing       : systemd-udev-239-78.0.4.el8.x86_64                  84/106
-  Running scriptlet: systemd-udev-239-78.0.4.el8.x86_64                  84/106
-  Installing       : os-prober-1.74-9.0.1.el8.x86_64                     85/106
-  Installing       : json-glib-1.4.4-1.el8.x86_64                        86/106
-  Installing       : hardlink-1:1.3-6.el8.x86_64                         87/106
-  Installing       : file-5.33-25.el8.x86_64                             88/106
-  Installing       : dejavu-sans-mono-fonts-2.35-7.el8.noarch            89/106
-  Installing       : gsettings-desktop-schemas-3.32.0-6.el8.x86_64       90/106
-  Installing       : glib-networking-2.56.1-1.1.el8.x86_64               91/106
-  Installing       : libsoup-2.62.3-5.el8.x86_64                         92/106
-  Installing       : rest-0.8.1-2.el8.x86_64                             93/106
-  Running scriptlet: rest-0.8.1-2.el8.x86_64                             93/106
-  Installing       : cpio-2.12-11.el8.x86_64                             94/106
-  Installing       : dracut-049-233.git20240115.0.1.el8.x86_64           95/106
-  Running scriptlet: grub2-tools-1:2.02-156.0.2.el8.x86_64               96/106
-  Installing       : grub2-tools-1:2.02-156.0.2.el8.x86_64               96/106
-  Running scriptlet: grub2-tools-1:2.02-156.0.2.el8.x86_64               96/106
-  Installing       : grubby-8.40-49.0.2.el8.x86_64                       97/106
-  Installing       : crypto-policies-scripts-20230731-1.git3177e06.el    98/106
-  Installing       : nss-sysinit-3.90.0-7.el8_10.x86_64                  99/106
-  Installing       : nss-3.90.0-7.el8_10.x86_64                         100/106
-  Installing       : avahi-libs-0.7-27.el8.x86_64                       101/106
-  Installing       : cups-libs-1:2.2.6-60.el8_10.x86_64                 102/106
-  Installing       : java-11-openjdk-headless-1:11.0.24.0.8-3.0.1.el8   103/106
-  Running scriptlet: java-11-openjdk-headless-1:11.0.24.0.8-3.0.1.el8   103/106
-  Installing       : gtk3-3.22.30-11.el8.x86_64                         104/106
-  Installing       : java-11-openjdk-1:11.0.24.0.8-3.0.1.el8.x86_64     105/106
-  Running scriptlet: java-11-openjdk-1:11.0.24.0.8-3.0.1.el8.x86_64     105/106
-  Installing       : java-11-openjdk-devel-1:11.0.24.0.8-3.0.1.el8.x8   106/106
-  Running scriptlet: java-11-openjdk-devel-1:11.0.24.0.8-3.0.1.el8.x8   106/106
-  Running scriptlet: copy-jdk-configs-4.0-2.el8.noarch                  106/106
-  Running scriptlet: dconf-0.28.0-4.0.1.el8.x86_64                      106/106
-  Running scriptlet: crypto-policies-scripts-20230731-1.git3177e06.el   106/106
-  Running scriptlet: nss-3.90.0-7.el8_10.x86_64                         106/106
-  Running scriptlet: java-11-openjdk-headless-1:11.0.24.0.8-3.0.1.el8   106/106
-  Running scriptlet: java-11-openjdk-1:11.0.24.0.8-3.0.1.el8.x86_64     106/106
-  Running scriptlet: java-11-openjdk-devel-1:11.0.24.0.8-3.0.1.el8.x8   106/106
-  Running scriptlet: hicolor-icon-theme-0.17-2.el8.noarch               106/106
-  Running scriptlet: adwaita-icon-theme-3.28.0-3.el8.noarch             106/106
-  Running scriptlet: shared-mime-info-1.9-4.el8.x86_64                  106/106
-  Running scriptlet: gdk-pixbuf2-2.36.12-6.el8_10.x86_64                106/106
-  Running scriptlet: systemd-udev-239-78.0.4.el8.x86_64                 106/106
-  Verifying        : avahi-libs-0.7-27.el8.x86_64                         1/106
-  Verifying        : cpio-2.12-11.el8.x86_64                              2/106
-  Verifying        : crypto-policies-scripts-20230731-1.git3177e06.el     3/106
-  Verifying        : cups-libs-1:2.2.6-60.el8_10.x86_64                   4/106
-  Verifying        : dejavu-sans-mono-fonts-2.35-7.el8.noarch             5/106
-  Verifying        : dracut-049-233.git20240115.0.1.el8.x86_64            6/106
-  Verifying        : file-5.33-25.el8.x86_64                              7/106
-  Verifying        : gdk-pixbuf2-2.36.12-6.el8_10.x86_64                  8/106
-  Verifying        : gettext-0.19.8.1-17.el8.x86_64                       9/106
-  Verifying        : gettext-libs-0.19.8.1-17.el8.x86_64                 10/106
-  Verifying        : glib-networking-2.56.1-1.1.el8.x86_64               11/106
-  Verifying        : grub2-common-1:2.02-156.0.2.el8.noarch              12/106
-  Verifying        : grub2-tools-1:2.02-156.0.2.el8.x86_64               13/106
-  Verifying        : grub2-tools-minimal-1:2.02-156.0.2.el8.x86_64       14/106
-  Verifying        : grubby-8.40-49.0.2.el8.x86_64                       15/106
-  Verifying        : gsettings-desktop-schemas-3.32.0-6.el8.x86_64       16/106
-  Verifying        : hardlink-1:1.3-6.el8.x86_64                         17/106
-  Verifying        : json-glib-1.4.4-1.el8.x86_64                        18/106
-  Verifying        : kbd-2.0.4-11.el8.x86_64                             19/106
-  Verifying        : kbd-legacy-2.0.4-11.el8.noarch                      20/106
-  Verifying        : kbd-misc-2.0.4-11.el8.noarch                        21/106
-  Verifying        : libcroco-0.6.12-4.el8_2.1.x86_64                    22/106
-  Verifying        : libgomp-8.5.0-22.0.1.el8_10.x86_64                  23/106
-  Verifying        : libgusb-0.3.0-1.el8.x86_64                          24/106
-  Verifying        : libkcapi-1.4.0-2.0.1.el8.x86_64                     25/106
-  Verifying        : libkcapi-hmaccalc-1.4.0-2.0.1.el8.x86_64            26/106
-  Verifying        : libmodman-2.0.1-17.el8.x86_64                       27/106
-  Verifying        : libpkgconf-1.4.2-1.el8.x86_64                       28/106
-  Verifying        : libproxy-0.4.15-5.2.el8.x86_64                      29/106
-  Verifying        : libsoup-2.62.3-5.el8.x86_64                         30/106
-  Verifying        : lksctp-tools-1.0.18-3.el8.x86_64                    31/106
-  Verifying        : memstrack-0.2.5-2.el8.x86_64                        32/106
-  Verifying        : os-prober-1.74-9.0.1.el8.x86_64                     33/106
-  Verifying        : pigz-2.4-4.el8.x86_64                               34/106
-  Verifying        : pkgconf-1.4.2-1.el8.x86_64                          35/106
-  Verifying        : pkgconf-m4-1.4.2-1.el8.noarch                       36/106
-  Verifying        : pkgconf-pkg-config-1.4.2-1.el8.x86_64               37/106
-  Verifying        : shared-mime-info-1.9-4.el8.x86_64                   38/106
-  Verifying        : systemd-udev-239-78.0.4.el8.x86_64                  39/106
-  Verifying        : xz-5.2.4-4.el8_6.x86_64                             40/106
-  Verifying        : abattis-cantarell-fonts-0.0.25-6.el8.noarch         41/106
-  Verifying        : adwaita-cursor-theme-3.28.0-3.el8.noarch            42/106
-  Verifying        : adwaita-icon-theme-3.28.0-3.el8.noarch              43/106
-  Verifying        : alsa-lib-1.2.10-2.el8.x86_64                        44/106
-  Verifying        : at-spi2-atk-2.26.2-1.el8.x86_64                     45/106
-  Verifying        : at-spi2-core-2.28.0-1.el8.x86_64                    46/106
-  Verifying        : atk-2.28.1-1.el8.x86_64                             47/106
-  Verifying        : cairo-1.15.12-6.el8.x86_64                          48/106
-  Verifying        : cairo-gobject-1.15.12-6.el8.x86_64                  49/106
-  Verifying        : colord-libs-1.4.2-1.el8.x86_64                      50/106
-  Verifying        : copy-jdk-configs-4.0-2.el8.noarch                   51/106
-  Verifying        : dconf-0.28.0-4.0.1.el8.x86_64                       52/106
-  Verifying        : fribidi-1.0.4-9.el8.x86_64                          53/106
-  Verifying        : gdk-pixbuf2-modules-2.36.12-6.el8_10.x86_64         54/106
-  Verifying        : graphite2-1.3.10-10.el8.x86_64                      55/106
-  Verifying        : gtk-update-icon-cache-3.22.30-11.el8.x86_64         56/106
-  Verifying        : gtk3-3.22.30-11.el8.x86_64                          57/106
-  Verifying        : harfbuzz-1.7.5-4.el8.x86_64                         58/106
-  Verifying        : hicolor-icon-theme-0.17-2.el8.noarch                59/106
-  Verifying        : jasper-libs-2.0.14-5.el8.x86_64                     60/106
-  Verifying        : java-11-openjdk-1:11.0.24.0.8-3.0.1.el8.x86_64      61/106
-  Verifying        : java-11-openjdk-devel-1:11.0.24.0.8-3.0.1.el8.x8    62/106
-  Verifying        : java-11-openjdk-headless-1:11.0.24.0.8-3.0.1.el8    63/106
-  Verifying        : javapackages-filesystem-5.3.0-1.module+el8+5136+    64/106
-  Verifying        : jbigkit-libs-2.1-14.el8.x86_64                      65/106
-  Verifying        : lcms2-2.9-2.el8.x86_64                              66/106
-  Verifying        : libX11-1.6.8-8.el8.x86_64                           67/106
-  Verifying        : libX11-common-1.6.8-8.el8.noarch                    68/106
-  Verifying        : libXau-1.0.9-3.el8.x86_64                           69/106
-  Verifying        : libXcomposite-0.4.4-14.el8.x86_64                   70/106
-  Verifying        : libXcursor-1.1.15-3.el8.x86_64                      71/106
-  Verifying        : libXdamage-1.1.4-14.el8.x86_64                      72/106
-  Verifying        : libXext-1.3.4-1.el8.x86_64                          73/106
-  Verifying        : libXfixes-5.0.3-7.el8.x86_64                        74/106
-  Verifying        : libXft-2.3.3-1.el8.x86_64                           75/106
-  Verifying        : libXi-1.7.10-1.el8.x86_64                           76/106
-  Verifying        : libXinerama-1.1.4-1.el8.x86_64                      77/106
-  Verifying        : libXrandr-1.5.2-1.el8.x86_64                        78/106
-  Verifying        : libXrender-0.9.10-7.el8.x86_64                      79/106
-  Verifying        : libXtst-1.2.3-7.el8.x86_64                          80/106
-  Verifying        : libdatrie-0.2.9-7.el8.x86_64                        81/106
-  Verifying        : libepoxy-1.5.8-1.el8.x86_64                         82/106
-  Verifying        : libfontenc-1.1.3-8.el8.x86_64                       83/106
-  Verifying        : libjpeg-turbo-1.5.3-12.el8.x86_64                   84/106
-  Verifying        : libthai-0.1.27-2.el8.x86_64                         85/106
-  Verifying        : libtiff-4.0.9-32.el8_10.x86_64                      86/106
-  Verifying        : libwayland-client-1.21.0-1.el8.x86_64               87/106
-  Verifying        : libwayland-cursor-1.21.0-1.el8.x86_64               88/106
-  Verifying        : libwayland-egl-1.21.0-1.el8.x86_64                  89/106
-  Verifying        : libxcb-1.13.1-1.el8.x86_64                          90/106
-  Verifying        : libxkbcommon-0.9.1-1.el8.x86_64                     91/106
-  Verifying        : lua-5.3.4-12.el8.x86_64                             92/106
-  Verifying        : nspr-4.35.0-1.el8_8.x86_64                          93/106
-  Verifying        : nss-3.90.0-7.el8_10.x86_64                          94/106
-  Verifying        : nss-softokn-3.90.0-7.el8_10.x86_64                  95/106
-  Verifying        : nss-softokn-freebl-3.90.0-7.el8_10.x86_64           96/106
-  Verifying        : nss-sysinit-3.90.0-7.el8_10.x86_64                  97/106
-  Verifying        : nss-util-3.90.0-7.el8_10.x86_64                     98/106
-  Verifying        : pango-1.42.4-8.el8.x86_64                           99/106
-  Verifying        : pixman-0.38.4-4.el8.x86_64                         100/106
-  Verifying        : rest-0.8.1-2.el8.x86_64                            101/106
-  Verifying        : ttmkfdir-3.0.9-54.el8.x86_64                       102/106
-  Verifying        : tzdata-java-2024a-1.0.1.el8.noarch                 103/106
-  Verifying        : xkeyboard-config-2.28-1.el8.noarch                 104/106
-  Verifying        : xorg-x11-font-utils-1:7.5-41.el8.x86_64            105/106
-  Verifying        : xorg-x11-fonts-Type1-7.5-19.el8.noarch             106/106
-
-Installed:
-  abattis-cantarell-fonts-0.0.25-6.el8.noarch
-  adwaita-cursor-theme-3.28.0-3.el8.noarch
-  adwaita-icon-theme-3.28.0-3.el8.noarch
-  alsa-lib-1.2.10-2.el8.x86_64
-  at-spi2-atk-2.26.2-1.el8.x86_64
-  at-spi2-core-2.28.0-1.el8.x86_64
-  atk-2.28.1-1.el8.x86_64
-  avahi-libs-0.7-27.el8.x86_64
-  cairo-1.15.12-6.el8.x86_64
-  cairo-gobject-1.15.12-6.el8.x86_64
-  colord-libs-1.4.2-1.el8.x86_64
-  copy-jdk-configs-4.0-2.el8.noarch
-  cpio-2.12-11.el8.x86_64
-  crypto-policies-scripts-20230731-1.git3177e06.el8.noarch
-  cups-libs-1:2.2.6-60.el8_10.x86_64
-  dconf-0.28.0-4.0.1.el8.x86_64
-  dejavu-sans-mono-fonts-2.35-7.el8.noarch
-  dracut-049-233.git20240115.0.1.el8.x86_64
-  file-5.33-25.el8.x86_64
-  fribidi-1.0.4-9.el8.x86_64
-  gdk-pixbuf2-2.36.12-6.el8_10.x86_64
-  gdk-pixbuf2-modules-2.36.12-6.el8_10.x86_64
-  gettext-0.19.8.1-17.el8.x86_64
-  gettext-libs-0.19.8.1-17.el8.x86_64
-  glib-networking-2.56.1-1.1.el8.x86_64
-  graphite2-1.3.10-10.el8.x86_64
-  grub2-common-1:2.02-156.0.2.el8.noarch
-  grub2-tools-1:2.02-156.0.2.el8.x86_64
-  grub2-tools-minimal-1:2.02-156.0.2.el8.x86_64
-  grubby-8.40-49.0.2.el8.x86_64
-  gsettings-desktop-schemas-3.32.0-6.el8.x86_64
-  gtk-update-icon-cache-3.22.30-11.el8.x86_64
-  gtk3-3.22.30-11.el8.x86_64
-  hardlink-1:1.3-6.el8.x86_64
-  harfbuzz-1.7.5-4.el8.x86_64
-  hicolor-icon-theme-0.17-2.el8.noarch
-  jasper-libs-2.0.14-5.el8.x86_64
-  java-11-openjdk-1:11.0.24.0.8-3.0.1.el8.x86_64
-  java-11-openjdk-devel-1:11.0.24.0.8-3.0.1.el8.x86_64
-  java-11-openjdk-headless-1:11.0.24.0.8-3.0.1.el8.x86_64
-  javapackages-filesystem-5.3.0-1.module+el8+5136+7ff78f74.noarch
-  jbigkit-libs-2.1-14.el8.x86_64
-  json-glib-1.4.4-1.el8.x86_64
-  kbd-2.0.4-11.el8.x86_64
-  kbd-legacy-2.0.4-11.el8.noarch
-  kbd-misc-2.0.4-11.el8.noarch
-  lcms2-2.9-2.el8.x86_64
-  libX11-1.6.8-8.el8.x86_64
-  libX11-common-1.6.8-8.el8.noarch
-  libXau-1.0.9-3.el8.x86_64
-  libXcomposite-0.4.4-14.el8.x86_64
-  libXcursor-1.1.15-3.el8.x86_64
-  libXdamage-1.1.4-14.el8.x86_64
-  libXext-1.3.4-1.el8.x86_64
-  libXfixes-5.0.3-7.el8.x86_64
-  libXft-2.3.3-1.el8.x86_64
-  libXi-1.7.10-1.el8.x86_64
-  libXinerama-1.1.4-1.el8.x86_64
-  libXrandr-1.5.2-1.el8.x86_64
-  libXrender-0.9.10-7.el8.x86_64
-  libXtst-1.2.3-7.el8.x86_64
-  libcroco-0.6.12-4.el8_2.1.x86_64
-  libdatrie-0.2.9-7.el8.x86_64
-  libepoxy-1.5.8-1.el8.x86_64
-  libfontenc-1.1.3-8.el8.x86_64
-  libgomp-8.5.0-22.0.1.el8_10.x86_64
-  libgusb-0.3.0-1.el8.x86_64
-  libjpeg-turbo-1.5.3-12.el8.x86_64
-  libkcapi-1.4.0-2.0.1.el8.x86_64
-  libkcapi-hmaccalc-1.4.0-2.0.1.el8.x86_64
-  libmodman-2.0.1-17.el8.x86_64
-  libpkgconf-1.4.2-1.el8.x86_64
-  libproxy-0.4.15-5.2.el8.x86_64
-  libsoup-2.62.3-5.el8.x86_64
-  libthai-0.1.27-2.el8.x86_64
-  libtiff-4.0.9-32.el8_10.x86_64
-  libwayland-client-1.21.0-1.el8.x86_64
-  libwayland-cursor-1.21.0-1.el8.x86_64
-  libwayland-egl-1.21.0-1.el8.x86_64
-  libxcb-1.13.1-1.el8.x86_64
-  libxkbcommon-0.9.1-1.el8.x86_64
-  lksctp-tools-1.0.18-3.el8.x86_64
-  lua-5.3.4-12.el8.x86_64
-  memstrack-0.2.5-2.el8.x86_64
-  nspr-4.35.0-1.el8_8.x86_64
-  nss-3.90.0-7.el8_10.x86_64
-  nss-softokn-3.90.0-7.el8_10.x86_64
-  nss-softokn-freebl-3.90.0-7.el8_10.x86_64
-  nss-sysinit-3.90.0-7.el8_10.x86_64
-  nss-util-3.90.0-7.el8_10.x86_64
-  os-prober-1.74-9.0.1.el8.x86_64
-  pango-1.42.4-8.el8.x86_64
-  pigz-2.4-4.el8.x86_64
-  pixman-0.38.4-4.el8.x86_64
-  pkgconf-1.4.2-1.el8.x86_64
-  pkgconf-m4-1.4.2-1.el8.noarch
-  pkgconf-pkg-config-1.4.2-1.el8.x86_64
-  rest-0.8.1-2.el8.x86_64
-  shared-mime-info-1.9-4.el8.x86_64
-  systemd-udev-239-78.0.4.el8.x86_64
-  ttmkfdir-3.0.9-54.el8.x86_64
-  tzdata-java-2024a-1.0.1.el8.noarch
-  xkeyboard-config-2.28-1.el8.noarch
-  xorg-x11-font-utils-1:7.5-41.el8.x86_64
-  xorg-x11-fonts-Type1-7.5-19.el8.noarch
-  xz-5.2.4-4.el8_6.x86_64
-
-Complete!
-Last metadata expiration check: 0:00:23 ago on Tue 20 Aug 2024 08:55:14 AM UTC.
-Package iproute-6.2.0-5.el8_9.x86_64 is already installed.
-Dependencies resolved.
-================================================================================
- Package       Architecture Version               Repository               Size
-================================================================================
-Upgrading:
- iproute       x86_64       6.2.0-6.el8_10        ol8_baseos_latest       853 k
-
-Transaction Summary
-================================================================================
-Upgrade  1 Package
-
-Total download size: 853 k
-Downloading Packages:
-iproute-6.2.0-6.el8_10.x86_64.rpm               4.2 MB/s | 853 kB     00:00
---------------------------------------------------------------------------------
-Total                                           4.2 MB/s | 853 kB     00:00
-Running transaction check
-Transaction check succeeded.
-Running transaction test
-Transaction test succeeded.
-Running transaction
-  Preparing        :                                                        1/1
-  Upgrading        : iproute-6.2.0-6.el8_10.x86_64                          1/2
-  Cleanup          : iproute-6.2.0-5.el8_9.x86_64                           2/2
-  Running scriptlet: iproute-6.2.0-5.el8_9.x86_64                           2/2
-  Verifying        : iproute-6.2.0-6.el8_10.x86_64                          1/2
-  Verifying        : iproute-6.2.0-5.el8_9.x86_64                           2/2
-
-Upgraded:
-  iproute-6.2.0-6.el8_10.x86_64
-
-Complete!
-24 files removed
-Removing intermediate container fe168b01f3ad
- ---> 791878694a50
-Step 5/12 : RUN curl -o /tmp/ords-$ORDSVERSION.el8.noarch.rpm https://yum.oracle.com/repo/OracleLinux/OL8/oracle/software/x86_64/getPackage/ords-$ORDSVERSION.el8.noarch.rpm
- ---> Running in 59d7143da358
-  % Total    % Received % Xferd  Average Speed   Time    Time     Time  Current
-                                 Dload  Upload   Total   Spent    Left  Speed
-100  108M  100  108M    0     0  1440k      0  0:01:16  0:01:16 --:--:-- 1578k
-Removing intermediate container 59d7143da358
- ---> 17c4534293e5
-Step 6/12 : RUN rpm -ivh /tmp/ords-$ORDSVERSION.el8.noarch.rpm
- ---> Running in 84b1cbffdc51
-Verifying...                          ########################################
-Preparing...                          ########################################
-Updating / installing...
-ords-23.4.0-8.el8                     ########################################
-INFO: Before starting ORDS service, run the below command as user oracle:
-         ords --config /etc/ords/config install
-Removing intermediate container 84b1cbffdc51
- ---> 6e7151b79588
-Step 7/12 : RUN mkdir -p  $ORDS_HOME/doc_root                                  &&     mkdir -p  $ORDS_HOME/error                                     &&     mkdir -p  $ORDS_HOME/secrets                                   &&     chmod ug+x $ORDS_HOME/*.sh                                     &&     groupadd -g 54322 dba                                          &&     usermod -u 54321 -d /home/oracle -g dba -m -s /bin/bash oracle &&     chown -R oracle:dba $ORDS_HOME                                 &&     echo "oracle  ALL=(ALL)       NOPASSWD: ALL" >> /etc/sudoers
- ---> Running in 66e5db5f343f
-Removing intermediate container 66e5db5f343f
- ---> 0523dc897bf4
-Step 8/12 : USER oracle
- ---> Running in ffda8495ac77
-Removing intermediate container ffda8495ac77
- ---> 162acd4d0b93
-Step 9/12 : WORKDIR /home/oracle
- ---> Running in 8c14310ffbc7
-Removing intermediate container 8c14310ffbc7
- ---> c8dae809e772
-Step 10/12 : VOLUME ["$ORDS_HOME/config/ords"]
- ---> Running in ed64548fd997
-Removing intermediate container ed64548fd997
- ---> 22e2c99247b0
-Step 11/12 : EXPOSE 8888
- ---> Running in 921f7c85d61d
-Removing intermediate container 921f7c85d61d
- ---> e5d503c92224
-Step 12/12 : CMD $ORDS_HOME/$RUN_FILE
- ---> Running in cad487298d63
-Removing intermediate container cad487298d63
- ---> fdb17aa242f8
-Successfully built fdb17aa242f8
-Successfully tagged oracle/ords-dboper:latest
-08:57:18 oracle@mitk01:#
-
diff --git a/docs/multitenant/ords-based/usecase01/logfiles/ImagePush.log b/docs/multitenant/ords-based/usecase01/logfiles/ImagePush.log
deleted file mode 100644
index 9b8df426..00000000
--- a/docs/multitenant/ords-based/usecase01/logfiles/ImagePush.log
+++ /dev/null
@@ -1,11 +0,0 @@
-/usr/bin/docker tag oracle/ords-dboper:latest <public-container-registry>/ords-dboper:latest
-/usr/bin/docker push <public-container-registry>/ords-dboper:latest
-The push refers to repository [<public-container-registry>/ords-dboper]
-aef18205865c: Pushing [=============================>                     ]  56.55MB/95.45MB
-2564d855e579: Pushing [=======>                                           ]  57.08MB/357.6MB
-a70a4f9a73c3: Pushed
-f283c83ba6ac: Pushed
-8c6709989678: Pushing [=======>                                           ]  52.58MB/332.7MB
-5bfd57d8f58a: Pushing [========>                                          ]  37.47MB/229.2MB
-
-
diff --git a/docs/multitenant/ords-based/usecase01/logfiles/cdb.log b/docs/multitenant/ords-based/usecase01/logfiles/cdb.log
deleted file mode 100644
index c75e9bf8..00000000
--- a/docs/multitenant/ords-based/usecase01/logfiles/cdb.log
+++ /dev/null
@@ -1,372 +0,0 @@
-Picked up _JAVA_OPTIONS: -Xms1126M -Xmx1126M
-NOT_INSTALLED=2
- SETUP
-====================================================
-CONFIG=/etc/ords/config
-+ export ORDS_LOGS=/tmp
-+ ORDS_LOGS=/tmp
-+ '[' -f /opt/oracle/ords//secrets/webserver_user ']'
-++ cat /opt/oracle/ords//secrets/webserver_user
-+ WEBSERVER_USER=....
-+ '[' -f /opt/oracle/ords//secrets/webserver_pwd ']'
-++ cat /opt/oracle/ords//secrets/webserver_pwd
-+ WEBSERVER_PASSWORD=....
-+ '[' -f /opt/oracle/ords//secrets/cdbadmin_user ']'
-++ cat /opt/oracle/ords//secrets/cdbadmin_user
-+ CDBADMIN_USER=....
-+ '[' -f /opt/oracle/ords//secrets/cdbadmin_pwd ']'
-++ cat /opt/oracle/ords//secrets/cdbadmin_pwd
-+ CDBADMIN_PWD=....
-+ '[' -f /opt/oracle/ords//secrets/sysadmin_pwd ']'
-++ cat /opt/oracle/ords//secrets/sysadmin_pwd
-+ SYSDBA_PASSWORD=.....
-+ '[' -f /opt/oracle/ords//secrets/sysadmin_pwd ']'
-++ cat /opt/oracle/ords//secrets/ords_pwd
-+ ORDS_PASSWORD=....
-+ setupHTTPS
-+ rm -rf /home/oracle/keystore
-+ '[' '!' -d /home/oracle/keystore ']'
-+ mkdir /home/oracle/keystore
-+ cd /home/oracle/keystore
-+ cat
-+ rm /home/oracle/keystore/PASSWORD
-+ ls -ltr /home/oracle/keystore
-total 0
-+ SetParameter
-+ /usr/local/bin/ords --config /etc/ords/config config set security.requestValidationFunction false
-Picked up _JAVA_OPTIONS: -Xms1126M -Xmx1126M
-
-ORDS: Release 22.3 Production on Tue Oct 11 07:45:22 2022
-
-Copyright (c) 2010, 2022, Oracle.
-
-Configuration:
-  /etc/ords/config/
-
-The setting named: security.requestValidationFunction was set to: false in configuration: default
-+ /usr/local/bin/ords --config /etc/ords/config config set jdbc.MaxLimit 100
-Picked up _JAVA_OPTIONS: -Xms1126M -Xmx1126M
-
-ORDS: Release 22.3 Production on Tue Oct 11 07:45:23 2022
-
-Copyright (c) 2010, 2022, Oracle.
-
-Configuration:
-  /etc/ords/config/
-
-The setting named: jdbc.MaxLimit was set to: 100 in configuration: default
-+ /usr/local/bin/ords --config /etc/ords/config config set jdbc.InitialLimit 50
-Picked up _JAVA_OPTIONS: -Xms1126M -Xmx1126M
-
-ORDS: Release 22.3 Production on Tue Oct 11 07:45:24 2022
-
-Copyright (c) 2010, 2022, Oracle.
-
-Configuration:
-  /etc/ords/config/
-
-The setting named: jdbc.InitialLimit was set to: 50 in configuration: default
-+ /usr/local/bin/ords --config /etc/ords/config config set error.externalPath /opt/oracle/ords/error
-Picked up _JAVA_OPTIONS: -Xms1126M -Xmx1126M
-
-ORDS: Release 22.3 Production on Tue Oct 11 07:45:26 2022
-
-Copyright (c) 2010, 2022, Oracle.
-
-Configuration:
-  /etc/ords/config/
-
-The global setting named: error.externalPath was set to: /opt/oracle/ords/error
-+ /usr/local/bin/ords --config /etc/ords/config config set standalone.access.log /home/oracle
-Picked up _JAVA_OPTIONS: -Xms1126M -Xmx1126M
-
-ORDS: Release 22.3 Production on Tue Oct 11 07:45:27 2022
-
-Copyright (c) 2010, 2022, Oracle.
-
-Configuration:
-  /etc/ords/config/
-
-The global setting named: standalone.access.log was set to: /home/oracle
-+ /usr/local/bin/ords --config /etc/ords/config config set standalone.https.port 8888
-Picked up _JAVA_OPTIONS: -Xms1126M -Xmx1126M
-
-ORDS: Release 22.3 Production on Tue Oct 11 07:45:28 2022
-
-Copyright (c) 2010, 2022, Oracle.
-
-Configuration:
-  /etc/ords/config/
-
-The global setting named: standalone.https.port was set to: 8888
-+ /usr/local/bin/ords --config /etc/ords/config config set standalone.https.cert /opt/oracle/ords//secrets/tls.crt
-Picked up _JAVA_OPTIONS: -Xms1126M -Xmx1126M
-
-ORDS: Release 22.3 Production on Tue Oct 11 07:45:29 2022
-
-Copyright (c) 2010, 2022, Oracle.
-
-Configuration:
-  /etc/ords/config/
-
-The global setting named: standalone.https.cert was set to: /opt/oracle/ords//secrets/tls.crt
-+ /usr/local/bin/ords --config /etc/ords/config config set standalone.https.cert.key /opt/oracle/ords//secrets/tls.key
-Picked up _JAVA_OPTIONS: -Xms1126M -Xmx1126M
-
-ORDS: Release 22.3 Production on Tue Oct 11 07:45:31 2022
-
-Copyright (c) 2010, 2022, Oracle.
-
-Configuration:
-  /etc/ords/config/
-
-The global setting named: standalone.https.cert.key was set to: /opt/oracle/ords//secrets/tls.key
-+ /usr/local/bin/ords --config /etc/ords/config config set restEnabledSql.active true
-Picked up _JAVA_OPTIONS: -Xms1126M -Xmx1126M
-
-ORDS: Release 22.3 Production on Tue Oct 11 07:45:32 2022
-
-Copyright (c) 2010, 2022, Oracle.
-
-Configuration:
-  /etc/ords/config/
-
-The setting named: restEnabledSql.active was set to: true in configuration: default
-+ /usr/local/bin/ords --config /etc/ords/config config set security.verifySSL true
-Picked up _JAVA_OPTIONS: -Xms1126M -Xmx1126M
-
-ORDS: Release 22.3 Production on Tue Oct 11 07:45:33 2022
-
-Copyright (c) 2010, 2022, Oracle.
-
-Configuration:
-  /etc/ords/config/
-
-The global setting named: security.verifySSL was set to: true
-+ /usr/local/bin/ords --config /etc/ords/config config set database.api.enabled true
-Picked up _JAVA_OPTIONS: -Xms1126M -Xmx1126M
-
-ORDS: Release 22.3 Production on Tue Oct 11 07:45:34 2022
-
-Copyright (c) 2010, 2022, Oracle.
-
-Configuration:
-  /etc/ords/config/
-
-The global setting named: database.api.enabled was set to: true
-+ /usr/local/bin/ords --config /etc/ords/config config set plsql.gateway.mode false
-Picked up _JAVA_OPTIONS: -Xms1126M -Xmx1126M
-
-ORDS: Release 22.3 Production on Tue Oct 11 07:45:35 2022
-
-Copyright (c) 2010, 2022, Oracle.
-
-Configuration:
-  /etc/ords/config/
-
-Invalid VALUE argument false for KEY plsql.gateway.mode.
-+ /usr/local/bin/ords --config /etc/ords/config config set database.api.management.services.disabled false
-Picked up _JAVA_OPTIONS: -Xms1126M -Xmx1126M
-
-ORDS: Release 22.3 Production on Tue Oct 11 07:45:37 2022
-
-Copyright (c) 2010, 2022, Oracle.
-
-Configuration:
-  /etc/ords/config/
-
-The global setting named: database.api.management.services.disabled was set to: false
-+ /usr/local/bin/ords --config /etc/ords/config config set misc.pagination.maxRows 1000
-Picked up _JAVA_OPTIONS: -Xms1126M -Xmx1126M
-
-ORDS: Release 22.3 Production on Tue Oct 11 07:45:38 2022
-
-Copyright (c) 2010, 2022, Oracle.
-
-Configuration:
-  /etc/ords/config/
-
-The setting named: misc.pagination.maxRows was set to: 1000 in configuration: default
-+ /usr/local/bin/ords --config /etc/ords/config config set db.cdb.adminUser 'C##DBAPI_CDB_ADMIN AS SYSDBA'
-Picked up _JAVA_OPTIONS: -Xms1126M -Xmx1126M
-
-ORDS: Release 22.3 Production on Tue Oct 11 07:45:39 2022
-
-Copyright (c) 2010, 2022, Oracle.
-
-Configuration:
-  /etc/ords/config/
-
-The setting named: db.cdb.adminUser was set to: C##DBAPI_CDB_ADMIN AS SYSDBA in configuration: default
-+ /usr/local/bin/ords --config /etc/ords/config config secret --password-stdin db.cdb.adminUser.password
-Picked up _JAVA_OPTIONS: -Xms1126M -Xmx1126M
-
-ORDS: Release 22.3 Production on Tue Oct 11 07:45:40 2022
-
-Copyright (c) 2010, 2022, Oracle.
-
-Configuration:
-  /etc/ords/config/
-
-The setting named: db.cdb.adminUser.password was set to: ****** in configuration: default
-+ /usr/local/bin/ords --config /etc/ords/config config user add --password-stdin sql_admin 'SQL Administrator, System Administrator'
-Picked up _JAVA_OPTIONS: -Xms1126M -Xmx1126M
-
-ORDS: Release 22.3 Production on Tue Oct 11 07:45:42 2022
-
-Copyright (c) 2010, 2022, Oracle.
-
-Configuration:
-  /etc/ords/config/
-
-Created user sql_admin in file /etc/ords/config/global/credentials
-+ /usr/local/bin/ords --config /etc/ords/config install --admin-user 'SYS AS SYSDBA' --db-hostname racnode1.testrac.com --db-port 1521 --db-servicename TESTORDS --feature-db-api true --feature-rest-enabled-sql true --log-folder /tmp --proxy-user --password-stdin
-Picked up _JAVA_OPTIONS: -Xms1126M -Xmx1126M
-
-ORDS: Release 22.3 Production on Tue Oct 11 07:45:43 2022
-
-Copyright (c) 2010, 2022, Oracle.
-
-Configuration:
-  /etc/ords/config/
-
-Oracle REST Data Services - Non-Interactive Install
-Connecting to database user: SYS AS SYSDBA url: jdbc:oracle:thin:@//racnode1.testrac.com:1521/TESTORDS
-
-Retrieving information..
-Your database connection is to a CDB.  ORDS common user ORDS_PUBLIC_USER will be created in the CDB.  ORDS schema will be installed in the PDBs.
-Root CDB$ROOT - create ORDS common user
-PDB PDB$SEED - install ORDS 22.3.0.r2781755
-PDB PDB$SEED - configure PL/SQL gateway user APEX_PUBLIC_USER in ORDS version 22.3.0.r2781755
-
-The setting named: db.connectionType was set to: basic in configuration: default
-The setting named: db.hostname was set to: racnode1.testrac.com in configuration: default
-The setting named: db.port was set to: 1521 in configuration: default
-The setting named: db.servicename was set to: TESTORDS in configuration: default
-The setting named: db.serviceNameSuffix was set to:  in configuration: default
-The setting named: plsql.gateway.mode was set to: proxied in configuration: default
-The setting named: db.username was set to: ORDS_PUBLIC_USER in configuration: default
-The setting named: db.password was set to: ****** in configuration: default
-The setting named: security.requestValidationFunction was set to: wwv_flow_epg_include_modules.authorize in configuration: default
-2022-10-11T07:45:45.885Z INFO        Installing Oracle REST Data Services version 22.3.0.r2781755 in CDB$ROOT
-2022-10-11T07:45:46.703Z INFO        ... Verified database prerequisites
-2022-10-11T07:45:46.946Z INFO        ... Created Oracle REST Data Services proxy user
-2022-10-11T07:45:46.979Z INFO        Completed installation for Oracle REST Data Services version 22.3.0.r2781755. Elapsed time: 00:00:01.71
-
-2022-10-11T07:45:46.986Z INFO        Installing Oracle REST Data Services version 22.3.0.r2781755 in PDB$SEED
-2022-10-11T07:45:47.078Z INFO        ... Verified database prerequisites
-2022-10-11T07:45:47.290Z INFO        ... Created Oracle REST Data Services proxy user
-2022-10-11T07:45:47.741Z INFO        ... Created Oracle REST Data Services schema
-2022-10-11T07:45:48.097Z INFO        ... Granted privileges to Oracle REST Data Services
-2022-10-11T07:45:51.848Z INFO        ... Created Oracle REST Data Services database objects
-2022-10-11T07:46:00.829Z INFO        Completed installation for Oracle REST Data Services version 22.3.0.r2781755. Elapsed time: 00:00:13.841
-
-2022-10-11T07:46:00.898Z INFO        Completed configuring PL/SQL gateway user for Oracle REST Data Services version 22.3.0.r2781755. Elapsed time: 00:00:00.68
-
-2022-10-11T07:46:00.898Z INFO        Completed CDB installation for Oracle REST Data Services version 22.3.0.r2781755. Total elapsed time: 00:00:15.17
-
-2022-10-11T07:46:00.898Z INFO        Log file written to /tmp/ords_cdb_install_2022-10-11_074545_78000.log
-2022-10-11T07:46:00.901Z INFO        To run in standalone mode, use the ords serve command:
-2022-10-11T07:46:00.901Z INFO        ords --config /etc/ords/config serve
-2022-10-11T07:46:00.901Z INFO        Visit the ORDS Documentation to access tutorials, developer guides and more to help you get started with the new ORDS Command Line Interface (http://oracle.com/rest).
-+ '[' 0 -ne 0 ']'
-+ StartUp
-+ /usr/local/bin/ords --config /etc/ords/config serve --port 8888 --secure
-Picked up _JAVA_OPTIONS: -Xms1126M -Xmx1126M
-
-ORDS: Release 22.3 Production on Tue Oct 11 07:46:02 2022
-
-Copyright (c) 2010, 2022, Oracle.
-
-Configuration:
-  /etc/ords/config/
-
-2022-10-11T07:46:02.286Z INFO        HTTPS and HTTPS/2 listening on host: 0.0.0.0 port: 8888
-2022-10-11T07:46:02.302Z INFO        Disabling document root because the specified folder does not exist: /etc/ords/config/global/doc_root
-2022-10-11T07:46:04.636Z INFO        Configuration properties for: |default|lo|
-db.servicename=TESTORDS
-db.serviceNameSuffix=
-java.specification.version=19
-conf.use.wallet=true
-database.api.management.services.disabled=false
-sun.jnu.encoding=UTF-8
-user.region=US
-java.class.path=/opt/oracle/ords/ords.war
-java.vm.vendor=Oracle Corporation
-standalone.https.cert.key=/opt/oracle/ords//secrets/tls.key
-sun.arch.data.model=64
-nashorn.args=--no-deprecation-warning
-java.vendor.url=https://java.oracle.com/
-resource.templates.enabled=false
-user.timezone=UTC
-db.port=1521
-java.vm.specification.version=19
-os.name=Linux
-sun.java.launcher=SUN_STANDARD
-user.country=US
-sun.boot.library.path=/usr/java/jdk-19/lib
-sun.java.command=/opt/oracle/ords/ords.war --config /etc/ords/config serve --port 8888 --secure
-jdk.debug=release
-sun.cpu.endian=little
-user.home=/home/oracle
-oracle.dbtools.launcher.executable.jar.path=/opt/oracle/ords/ords.war
-user.language=en
-db.cdb.adminUser.password=******
-java.specification.vendor=Oracle Corporation
-java.version.date=2022-09-20
-database.api.enabled=true
-java.home=/usr/java/jdk-19
-db.username=ORDS_PUBLIC_USER
-file.separator=/
-java.vm.compressedOopsMode=32-bit
-line.separator=
-
-restEnabledSql.active=true
-java.specification.name=Java Platform API Specification
-java.vm.specification.vendor=Oracle Corporation
-java.awt.headless=true
-standalone.https.cert=/opt/oracle/ords//secrets/tls.crt
-db.hostname=racnode1.testrac.com
-db.password=******
-sun.management.compiler=HotSpot 64-Bit Tiered Compilers
-security.requestValidationFunction=wwv_flow_epg_include_modules.authorize
-misc.pagination.maxRows=1000
-java.runtime.version=19+36-2238
-user.name=oracle
-error.externalPath=/opt/oracle/ords/error
-stdout.encoding=UTF-8
-path.separator=:
-db.cdb.adminUser=C##DBAPI_CDB_ADMIN AS SYSDBA
-os.version=5.4.17-2136.308.9.el7uek.x86_64
-java.runtime.name=Java(TM) SE Runtime Environment
-file.encoding=UTF-8
-plsql.gateway.mode=proxied
-security.verifySSL=true
-standalone.https.port=8888
-java.vm.name=Java HotSpot(TM) 64-Bit Server VM
-java.vendor.url.bug=https://bugreport.java.com/bugreport/
-java.io.tmpdir=/tmp
-oracle.dbtools.cmdline.ShellCommand=ords
-java.version=19
-user.dir=/home/oracle/keystore
-os.arch=amd64
-java.vm.specification.name=Java Virtual Machine Specification
-jdbc.MaxLimit=100
-oracle.dbtools.cmdline.home=/opt/oracle/ords
-native.encoding=UTF-8
-java.library.path=/usr/java/packages/lib:/usr/lib64:/lib64:/lib:/usr/lib
-java.vendor=Oracle Corporation
-java.vm.info=mixed mode, sharing
-stderr.encoding=UTF-8
-java.vm.version=19+36-2238
-sun.io.unicode.encoding=UnicodeLittle
-jdbc.InitialLimit=50
-db.connectionType=basic
-java.class.version=63.0
-standalone.access.log=/home/oracle
-
-2022-10-11T07:46:06.669Z INFO        Oracle REST Data Services initialized
-Oracle REST Data Services version : 22.3.0.r2781755
-Oracle REST Data Services server info: jetty/10.0.11
-Oracle REST Data Services java info: Java HotSpot(TM) 64-Bit Server VM 19+36-2238
-
diff --git a/docs/multitenant/ords-based/usecase01/logfiles/cdb_creation.log b/docs/multitenant/ords-based/usecase01/logfiles/cdb_creation.log
deleted file mode 100644
index b4602f54..00000000
--- a/docs/multitenant/ords-based/usecase01/logfiles/cdb_creation.log
+++ /dev/null
@@ -1,357 +0,0 @@
-/usr/local/go/bin/kubectl logs -f `/usr/local/go/bin/kubectl get pods -n oracle-database-operator-system|grep ords|cut -d ' ' -f 1` -n oracle-database-operator-system
-** Copyright (c) 2022 Oracle and/or its affiliates.
-**
-** The Universal Permissive License (UPL), Version 1.0
-**
-** Subject to the condition set forth below, permission is hereby granted to any
-** person obtaining a copy of this software, associated documentation and/or data
-** (collectively the "Software"), free of charge and under any and all copyright
-** rights in the Software, and any and all patent rights owned or freely
-** licensable by each licensor hereunder covering either (i) the unmodified
-** Software as contributed to or provided by such licensor, or (ii) the Larger
-** Works (as defined below), to deal in both
-**
-** (a) the Software, and
-** (b) any piece of software and/or hardware listed in the lrgrwrks.txt file if
-** one is included with the Software (each a "Larger Work" to which the Software
-** is contributed by such licensors),
-**
-** without restriction, including without limitation the rights to copy, create
-** derivative works of, display, perform, and distribute the Software and make,
-** use, sell, offer for sale, import, export, have made, and have sold the
-** Software and the Larger Work(s), and to sublicense the foregoing rights on
-** either these or other terms.
-**
-** This license is subject to the following condition:
-** The above copyright notice and either this complete permission notice or at
-** a minimum a reference to the UPL must be included in all copies or
-** substantial portions of the Software.
-**
-** THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-** IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-** FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-** AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-** LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-** OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
-** SOFTWARE.
-ORDSVERSIN:23.4.0-8
-NOT_INSTALLED=2
- SETUP 
-====================================================
-CONFIG=/etc/ords/config
-Picked up _JAVA_OPTIONS: -Xms1126M -Xmx1126M
-
-ORDS: Release 23.4 Production on Tue Aug 20 07:21:16 2024
-
-Copyright (c) 2010, 2024, Oracle.
-
-Configuration:
-  /etc/ords/config/
-
-The setting named: db.connectionType was set to: customurl in configuration: default
-Picked up _JAVA_OPTIONS: -Xms1126M -Xmx1126M
-
-ORDS: Release 23.4 Production on Tue Aug 20 07:21:18 2024
-
-Copyright (c) 2010, 2024, Oracle.
-
-Configuration:
-  /etc/ords/config/
-
-The setting named: db.customURL was set to: jdbc:oracle:thin:@(DESCRIPTION=(CONNECT_TIMEOUT=90)(RETRY_COUNT=30)(RETRY_DELAY=10)(TRANSPORT_CONNECT_TIMEOUT=70)(LOAD_BALLANCE=ON)(ADDRESS=(PROTOCOL=TCP)(HOST=scan12.testrac.com)(PORT=1521)(IP=V4_ONLY))(LOAD_BALLANCE=ON)(ADDRESS=(PROTOCOL=TCP)(HOST=scan34.testrac.com)(PORT=1521)(IP=V4_ONLY))(CONNECT_DATA=(SERVER=DEDICATED)(SERVICE_NAME=TESTORDS))) in configuration: default
-Picked up _JAVA_OPTIONS: -Xms1126M -Xmx1126M
-
-ORDS: Release 23.4 Production on Tue Aug 20 07:21:20 2024
-
-Copyright (c) 2010, 2024, Oracle.
-
-Configuration:
-  /etc/ords/config/
-
-The setting named: security.requestValidationFunction was set to: false in configuration: default
-Picked up _JAVA_OPTIONS: -Xms1126M -Xmx1126M
-
-ORDS: Release 23.4 Production on Tue Aug 20 07:21:22 2024
-
-Copyright (c) 2010, 2024, Oracle.
-
-Configuration:
-  /etc/ords/config/
-
-The setting named: jdbc.MaxLimit was set to: 100 in configuration: default
-Picked up _JAVA_OPTIONS: -Xms1126M -Xmx1126M
-
-ORDS: Release 23.4 Production on Tue Aug 20 07:21:24 2024
-
-Copyright (c) 2010, 2024, Oracle.
-
-Configuration:
-  /etc/ords/config/
-
-The setting named: jdbc.InitialLimit was set to: 50 in configuration: default
-Picked up _JAVA_OPTIONS: -Xms1126M -Xmx1126M
-
-ORDS: Release 23.4 Production on Tue Aug 20 07:21:25 2024
-
-Copyright (c) 2010, 2024, Oracle.
-
-Configuration:
-  /etc/ords/config/
-
-The global setting named: error.externalPath was set to: /opt/oracle/ords/error
-Picked up _JAVA_OPTIONS: -Xms1126M -Xmx1126M
-
-ORDS: Release 23.4 Production on Tue Aug 20 07:21:27 2024
-
-Copyright (c) 2010, 2024, Oracle.
-
-Configuration:
-  /etc/ords/config/
-
-The global setting named: standalone.access.log was set to: /home/oracle
-Picked up _JAVA_OPTIONS: -Xms1126M -Xmx1126M
-
-ORDS: Release 23.4 Production on Tue Aug 20 07:21:29 2024
-
-Copyright (c) 2010, 2024, Oracle.
-
-Configuration:
-  /etc/ords/config/
-
-The global setting named: standalone.https.port was set to: 8888
-Picked up _JAVA_OPTIONS: -Xms1126M -Xmx1126M
-
-ORDS: Release 23.4 Production on Tue Aug 20 07:21:31 2024
-
-Copyright (c) 2010, 2024, Oracle.
-
-Configuration:
-  /etc/ords/config/
-
-The global setting named: standalone.https.cert was set to: /opt/oracle/ords//secrets/tls.crt
-Picked up _JAVA_OPTIONS: -Xms1126M -Xmx1126M
-
-ORDS: Release 23.4 Production on Tue Aug 20 07:21:33 2024
-
-Copyright (c) 2010, 2024, Oracle.
-
-Configuration:
-  /etc/ords/config/
-
-The global setting named: standalone.https.cert.key was set to: /opt/oracle/ords//secrets/tls.key
-Picked up _JAVA_OPTIONS: -Xms1126M -Xmx1126M
-
-ORDS: Release 23.4 Production on Tue Aug 20 07:21:35 2024
-
-Copyright (c) 2010, 2024, Oracle.
-
-Configuration:
-  /etc/ords/config/
-
-The setting named: restEnabledSql.active was set to: true in configuration: default
-Picked up _JAVA_OPTIONS: -Xms1126M -Xmx1126M
-
-ORDS: Release 23.4 Production on Tue Aug 20 07:21:37 2024
-
-Copyright (c) 2010, 2024, Oracle.
-
-Configuration:
-  /etc/ords/config/
-
-The global setting named: security.verifySSL was set to: true
-Picked up _JAVA_OPTIONS: -Xms1126M -Xmx1126M
-
-ORDS: Release 23.4 Production on Tue Aug 20 07:21:39 2024
-
-Copyright (c) 2010, 2024, Oracle.
-
-Configuration:
-  /etc/ords/config/
-
-The global setting named: database.api.enabled was set to: true
-Picked up _JAVA_OPTIONS: -Xms1126M -Xmx1126M
-
-ORDS: Release 23.4 Production on Tue Aug 20 07:21:41 2024
-
-Copyright (c) 2010, 2024, Oracle.
-
-Configuration:
-  /etc/ords/config/
-
-The setting named: plsql.gateway.mode was set to: disabled in configuration: default
-Picked up _JAVA_OPTIONS: -Xms1126M -Xmx1126M
-
-ORDS: Release 23.4 Production on Tue Aug 20 07:21:43 2024
-
-Copyright (c) 2010, 2024, Oracle.
-
-Configuration:
-  /etc/ords/config/
-
-The global setting named: database.api.management.services.disabled was set to: false
-Picked up _JAVA_OPTIONS: -Xms1126M -Xmx1126M
-
-ORDS: Release 23.4 Production on Tue Aug 20 07:21:45 2024
-
-Copyright (c) 2010, 2024, Oracle.
-
-Configuration:
-  /etc/ords/config/
-
-The setting named: misc.pagination.maxRows was set to: 1000 in configuration: default
-Picked up _JAVA_OPTIONS: -Xms1126M -Xmx1126M
-
-ORDS: Release 23.4 Production on Tue Aug 20 07:21:47 2024
-
-Copyright (c) 2010, 2024, Oracle.
-
-Configuration:
-  /etc/ords/config/
-
-The setting named: db.cdb.adminUser was set to: C##DBAPI_CDB_ADMIN AS SYSDBA in configuration: default
-Picked up _JAVA_OPTIONS: -Xms1126M -Xmx1126M
-
-ORDS: Release 23.4 Production on Tue Aug 20 07:21:49 2024
-
-Copyright (c) 2010, 2024, Oracle.
-
-Configuration:
-  /etc/ords/config/
-
-The setting named: db.cdb.adminUser.password was set to: ****** in configuration: default
-Picked up _JAVA_OPTIONS: -Xms1126M -Xmx1126M
-
-ORDS: Release 23.4 Production on Tue Aug 20 07:21:51 2024
-
-Copyright (c) 2010, 2024, Oracle.
-
-Configuration:
-  /etc/ords/config/
-
-Created user welcome in file /etc/ords/config/global/credentials
-Picked up _JAVA_OPTIONS: -Xms1126M -Xmx1126M
-
-ORDS: Release 23.4 Production on Tue Aug 20 07:21:53 2024
-
-Copyright (c) 2010, 2024, Oracle.
-
-Configuration:
-  /etc/ords/config/
-
-Oracle REST Data Services - Non-Interactive Install
-
-Retrieving information...
-Completed verifying Oracle REST Data Services schema version 23.4.0.r3461619.
-Connecting to database user: ORDS_PUBLIC_USER url: jdbc:oracle:thin:@(DESCRIPTION=(CONNECT_TIMEOUT=90)(RETRY_COUNT=30)(RETRY_DELAY=10)(TRANSPORT_CONNECT_TIMEOUT=70)(LOAD_BALLANCE=ON)(ADDRESS=(PROTOCOL=TCP)(HOST=scan12.testrac.com)(PORT=1521)(IP=V4_ONLY))(LOAD_BALLANCE=ON)(ADDRESS=(PROTOCOL=TCP)(HOST=scan34.testrac.com)(PORT=1521)(IP=V4_ONLY))(CONNECT_DATA=(SERVER=DEDICATED)(SERVICE_NAME=TESTORDS)))
-The setting named: db.serviceNameSuffix was set to:  in configuration: default
-The setting named: db.username was set to: ORDS_PUBLIC_USER in configuration: default
-The setting named: db.password was set to: ****** in configuration: default
-The setting named: security.requestValidationFunction was set to: ords_util.authorize_plsql_gateway in configuration: default
-2024-08-20T07:21:57.563Z INFO        Oracle REST Data Services schema version 23.4.0.r3461619 is installed.
-2024-08-20T07:21:57.565Z INFO        To run in standalone mode, use the ords serve command:
-2024-08-20T07:21:57.565Z INFO        ords --config /etc/ords/config serve
-2024-08-20T07:21:57.565Z INFO        Visit the ORDS Documentation to access tutorials, developer guides and more to help you get started with the new ORDS Command Line Interface (http://oracle.com/rest).
-Picked up _JAVA_OPTIONS: -Xms1126M -Xmx1126M
-
-ORDS: Release 23.4 Production on Tue Aug 20 07:21:59 2024
-
-Copyright (c) 2010, 2024, Oracle.
-
-Configuration:
-  /etc/ords/config/
-
-2024-08-20T07:21:59.739Z INFO        HTTP and HTTP/2 cleartext listening on host: 0.0.0.0 port: 8080
-2024-08-20T07:21:59.741Z INFO        HTTPS and HTTPS/2 listening on host: 0.0.0.0 port: 8888
-2024-08-20T07:21:59.765Z INFO        Disabling document root because the specified folder does not exist: /etc/ords/config/global/doc_root
-2024-08-20T07:21:59.765Z INFO        Default forwarding from / to contextRoot configured.
-2024-08-20T07:22:05.313Z INFO        Configuration properties for: |default|lo|
-db.serviceNameSuffix=
-java.specification.version=22
-conf.use.wallet=true
-database.api.management.services.disabled=false
-sun.jnu.encoding=UTF-8
-user.region=US
-java.class.path=/opt/oracle/ords/ords.war
-java.vm.vendor=Oracle Corporation
-standalone.https.cert.key=/opt/oracle/ords//secrets/tls.key
-sun.arch.data.model=64
-nashorn.args=--no-deprecation-warning
-java.vendor.url=https://java.oracle.com/
-resource.templates.enabled=false
-user.timezone=UTC
-java.vm.specification.version=22
-os.name=Linux
-sun.java.launcher=SUN_STANDARD
-user.country=US
-sun.boot.library.path=/usr/java/jdk-22/lib
-sun.java.command=/opt/oracle/ords/ords.war --config /etc/ords/config serve --port 8888 --secure
-jdk.debug=release
-sun.cpu.endian=little
-user.home=/home/oracle
-oracle.dbtools.launcher.executable.jar.path=/opt/oracle/ords/ords.war
-user.language=en
-db.cdb.adminUser.password=******
-java.specification.vendor=Oracle Corporation
-java.version.date=2024-07-16
-database.api.enabled=true
-java.home=/usr/java/jdk-22
-db.username=ORDS_PUBLIC_USER
-file.separator=/
-java.vm.compressedOopsMode=32-bit
-line.separator=
-
-restEnabledSql.active=true
-java.specification.name=Java Platform API Specification
-java.vm.specification.vendor=Oracle Corporation
-java.awt.headless=true
-standalone.https.cert=/opt/oracle/ords//secrets/tls.crt
-db.password=******
-sun.management.compiler=HotSpot 64-Bit Tiered Compilers
-security.requestValidationFunction=ords_util.authorize_plsql_gateway
-misc.pagination.maxRows=1000
-java.runtime.version=22.0.2+9-70
-user.name=oracle
-error.externalPath=/opt/oracle/ords/error
-stdout.encoding=UTF-8
-path.separator=:
-db.cdb.adminUser=C##DBAPI_CDB_ADMIN AS SYSDBA
-os.version=5.4.17-2136.329.3.1.el7uek.x86_64
-java.runtime.name=Java(TM) SE Runtime Environment
-file.encoding=UTF-8
-plsql.gateway.mode=disabled
-security.verifySSL=true
-standalone.https.port=8888
-java.vm.name=Java HotSpot(TM) 64-Bit Server VM
-java.vendor.url.bug=https://bugreport.java.com/bugreport/
-java.io.tmpdir=/tmp
-oracle.dbtools.cmdline.ShellCommand=ords
-java.version=22.0.2
-user.dir=/home/oracle
-os.arch=amd64
-java.vm.specification.name=Java Virtual Machine Specification
-jdbc.MaxLimit=100
-oracle.dbtools.cmdline.home=/opt/oracle/ords
-native.encoding=UTF-8
-java.library.path=/usr/java/packages/lib:/usr/lib64:/lib64:/lib:/usr/lib
-java.vendor=Oracle Corporation
-java.vm.info=mixed mode, sharing
-stderr.encoding=UTF-8
-java.vm.version=22.0.2+9-70
-sun.io.unicode.encoding=UnicodeLittle
-jdbc.InitialLimit=50
-db.connectionType=customurl
-java.class.version=66.0
-db.customURL=jdbc:oracle:thin:@(DESCRIPTION=(CONNECT_TIMEOUT=90)(RETRY_COUNT=30)(RETRY_DELAY=10)(TRANSPORT_CONNECT_TIMEOUT=70)(LOAD_BALLANCE=ON)(ADDRESS=(PROTOCOL=TCP)(HOST=scan12.testrac.com)(PORT=1521)(IP=V4_ONLY))(LOAD_BALLANCE=ON)(ADDRESS=(PROTOCOL=TCP)(HOST=scan34.testrac.com)(PORT=1521)(IP=V4_ONLY))(CONNECT_DATA=(SERVER=DEDICATED)(SERVICE_NAME=TESTORDS)))
-standalone.access.log=/home/oracle
-
-2024-08-20T07:22:09.268Z INFO        
-
-Mapped local pools from /etc/ords/config/databases:
-  /ords/                              => default                        => VALID     
-
-
-2024-08-20T07:22:09.414Z INFO        Oracle REST Data Services initialized
-Oracle REST Data Services version : 23.4.0.r3461619
-Oracle REST Data Services server info: jetty/10.0.18
-Oracle REST Data Services java info: Java HotSpot(TM) 64-Bit Server VM 22.0.2+9-70
-
diff --git a/docs/multitenant/ords-based/usecase01/logfiles/openssl_execution.log b/docs/multitenant/ords-based/usecase01/logfiles/openssl_execution.log
deleted file mode 100644
index e3915a21..00000000
--- a/docs/multitenant/ords-based/usecase01/logfiles/openssl_execution.log
+++ /dev/null
@@ -1,19 +0,0 @@
-CREATING TLS CERTIFICATES
-/usr/bin/openssl genrsa -out ca.key 2048
-Generating RSA private key, 2048 bit long modulus (2 primes)
-......................+++++
-..................................................+++++
-e is 65537 (0x010001)
-/usr/bin/openssl req -new -x509 -days 365 -key ca.key -subj "/C=US/ST=California/L=SanFrancisco/O=oracle /CN=cdb-dev-ords.oracle-database-operator-system /CN=localhost  Root CA " -out ca.crt
-/usr/bin/openssl req -newkey rsa:2048 -nodes -keyout tls.key -subj "/C=US/ST=California/L=SanFrancisco/O=oracle /CN=cdb-dev-ords.oracle-database-operator-system /CN=localhost" -out server.csr
-Generating a RSA private key
-...........+++++
-...........................................+++++
-writing new private key to 'tls.key'
------
-/usr/bin/echo "subjectAltName=DNS:cdb-dev-ords.oracle-database-operator-system,DNS:www.example.com" > extfile.txt
-/usr/bin/openssl x509 -req -extfile extfile.txt -days 365 -in server.csr -CA ca.crt -CAkey ca.key -CAcreateserial -out tls.crt
-Signature ok
-subject=C = US, ST = California, L = SanFrancisco, O = "oracle ", CN = "cdb-dev-ords.oracle-database-operator-system ", CN = localhost
-Getting CA Private Key
-
diff --git a/docs/multitenant/ords-based/usecase01/logfiles/ordsconfig.log b/docs/multitenant/ords-based/usecase01/logfiles/ordsconfig.log
deleted file mode 100644
index b787b752..00000000
--- a/docs/multitenant/ords-based/usecase01/logfiles/ordsconfig.log
+++ /dev/null
@@ -1,39 +0,0 @@
-ORDS: Release 23.4 Production on Tue Aug 20 07:48:44 2024
-
-Copyright (c) 2010, 2024, Oracle.
-
-Configuration:
-  /etc/ords/config/
-
-Database pool: default
-
-Setting                                     Value                                                Source
------------------------------------------   --------------------------------------------------   -----------
-database.api.enabled                        true                                                 Global
-database.api.management.services.disabled   false                                                Global
-db.cdb.adminUser                            C##DBAPI_CDB_ADMIN AS SYSDBA                         Pool
-db.cdb.adminUser.password                   ******                                               Pool Wallet
-db.connectionType                           customurl                                            Pool
-db.customURL                                jdbc:oracle:thin:@(DESCRIPTION=(CONNECT_TIMEOUT=90   Pool
-                                            )(RETRY_COUNT=30)(RETRY_DELAY=10)(TRANSPORT_CONNEC
-                                            T_TIMEOUT=70)(LOAD_BALLANCE=ON)(ADDRESS=(PROTOCOL=
-                                            TCP)(HOST=scan12.testrac.com)(PORT=1521)(IP=V4_ONL
-                                            Y))(LOAD_BALLANCE=ON)(ADDRESS=(PROTOCOL=TCP)(HOST=
-                                            scan34.testrac.com)(PORT=1521)(IP=V4_ONLY))(CONNEC
-                                            T_DATA=(SERVER=DEDICATED)(SERVICE_NAME=TESTORDS)))
-db.password                                 ******                                               Pool Wallet
-db.serviceNameSuffix                                                                             Pool
-db.username                                 ORDS_PUBLIC_USER                                     Pool
-error.externalPath                          /opt/oracle/ords/error                               Global
-jdbc.InitialLimit                           50                                                   Pool
-jdbc.MaxLimit                               100                                                  Pool
-misc.pagination.maxRows                     1000                                                 Pool
-plsql.gateway.mode                          disabled                                             Pool
-restEnabledSql.active                       true                                                 Pool
-security.requestValidationFunction          ords_util.authorize_plsql_gateway                    Pool
-security.verifySSL                          true                                                 Global
-standalone.access.log                       /home/oracle                                         Global
-standalone.https.cert                       /opt/oracle/ords//secrets/tls.crt                    Global
-standalone.https.cert.key                   /opt/oracle/ords//secrets/tls.key                    Global
-standalone.https.port                       8888                                                 Global
-
diff --git a/docs/multitenant/ords-based/usecase01/logfiles/tagandpush.log b/docs/multitenant/ords-based/usecase01/logfiles/tagandpush.log
deleted file mode 100644
index 232d5bb2..00000000
--- a/docs/multitenant/ords-based/usecase01/logfiles/tagandpush.log
+++ /dev/null
@@ -1,14 +0,0 @@
-/usr/bin/docker tag oracle/ords-dboper:latest [.......]/ords-dboper:latest
-
-/usr/bin/docker push [your container registry]/ords-dboper:latest
-The push refers to repository [your container registry]
-0405aac3af1c: Pushed
-6be46e8e1e21: Pushed
-c9884830a66d: Pushed
-a46244557bb9: Pushing [===========================>                       ]  261.8MB/469.9MB
-f988845e261e: Pushed
-fe07ec0b1f5a: Layer already exists
-2ac63de5f950: Layer already exists
-386cd7a64c01: Layer already exists
-826c69252b8b: Layer already exists
-
diff --git a/docs/multitenant/ords-based/usecase01/logfiles/testapi.log b/docs/multitenant/ords-based/usecase01/logfiles/testapi.log
deleted file mode 100644
index cb42ecc3..00000000
--- a/docs/multitenant/ords-based/usecase01/logfiles/testapi.log
+++ /dev/null
@@ -1,62 +0,0 @@
-kubectl exec -it `kubectl get pods -n oracle-database-operator-system|grep ords|cut -d ' ' -f 1` -n oracle-database-operator-system -i -t -- /usr/bin/curl -sSkv -k -X GET https://localhost:8888/ords/_/db-api/stable/metadata-catalog/
-*   Trying ::1...
-* TCP_NODELAY set
-* Connected to localhost (::1) port 8888 (#0)
-* ALPN, offering h2
-* ALPN, offering http/1.1
-* successfully set certificate verify locations:
-*   CAfile: /etc/pki/tls/certs/ca-bundle.crt
-  CApath: none
-* TLSv1.3 (OUT), TLS handshake, Client hello (1):
-* TLSv1.3 (IN), TLS handshake, Server hello (2):
-* TLSv1.3 (IN), TLS handshake, [no content] (0):
-* TLSv1.3 (IN), TLS handshake, Encrypted Extensions (8):
-* TLSv1.3 (IN), TLS handshake, Certificate (11):
-* TLSv1.3 (IN), TLS handshake, CERT verify (15):
-* TLSv1.3 (IN), TLS handshake, Finished (20):
-* TLSv1.3 (OUT), TLS change cipher, Change cipher spec (1):
-* TLSv1.3 (OUT), TLS handshake, [no content] (0):
-* TLSv1.3 (OUT), TLS handshake, Finished (20):
-* SSL connection using TLSv1.3 / TLS_AES_256_GCM_SHA384
-* ALPN, server accepted to use h2
-* Server certificate:
-*  subject: C=US; ST=California; L=SanFrancisco; O=oracle ; CN=cdb-dev-ords.oracle-database-operator-system ; CN=localhost
-*  start date: Aug 20 07:14:04 2024 GMT
-*  expire date: Aug 20 07:14:04 2025 GMT
-*  issuer: C=US; ST=California; L=SanFrancisco; O=oracle ; CN=cdb-dev-ords.oracle-database-operator-system ; CN=localhost  Root CA
-*  SSL certificate verify result: unable to get local issuer certificate (20), continuing anyway.
-* Using HTTP2, server supports multi-use
-* Connection state changed (HTTP/2 confirmed)
-* Copying HTTP/2 data in stream buffer to connection buffer after upgrade: len=0
-* TLSv1.3 (OUT), TLS app data, [no content] (0):
-* TLSv1.3 (OUT), TLS app data, [no content] (0):
-* TLSv1.3 (OUT), TLS app data, [no content] (0):
-* Using Stream ID: 1 (easy handle 0x55d14a7dea90)
-* TLSv1.3 (OUT), TLS app data, [no content] (0):
-> GET /ords/_/db-api/stable/metadata-catalog/ HTTP/2
-> Host: localhost:8888
-> User-Agent: curl/7.61.1
-> Accept: */*
->
-* TLSv1.3 (IN), TLS handshake, [no content] (0):
-* TLSv1.3 (IN), TLS handshake, Newsession Ticket (4):
-* TLSv1.3 (IN), TLS handshake, [no content] (0):
-* TLSv1.3 (IN), TLS handshake, Newsession Ticket (4):
-* TLSv1.3 (IN), TLS app data, [no content] (0):
-* Connection state changed (MAX_CONCURRENT_STREAMS == 128)!
-* TLSv1.3 (OUT), TLS app data, [no content] (0):
-* TLSv1.3 (IN), TLS app data, [no content] (0):
-* TLSv1.3 (IN), TLS app data, [no content] (0):
-< HTTP/2 200
-< content-type: application/json
-<
-* TLSv1.3 (IN), TLS handshake, [no content] (0):
-* TLSv1.3 (IN), TLS handshake, Newsession Ticket (4):
-* TLSv1.3 (IN), TLS app data, [no content] (0):
-* TLSv1.3 (IN), TLS app data, [no content] (0):
-* TLSv1.3 (IN), TLS app data, [no content] (0):
-* TLSv1.3 (IN), TLS app data, [no content] (0):
-* TLSv1.3 (IN), TLS app data, [no content] (0):
-* TLSv1.3 (IN), TLS app data, [no content] (0):
-* Connection #0 to host localhost left intact
-{"items":[{"name":"default","links":[{"rel":"canonical","href":"https://localhost:8888/ords/_/db-api/stable/metadata-catalog/openapi.json","mediaType":"application/vnd.oai.openapi+json;version=3.0"}]}],"links":[{"rel":"self","href":"https://localhost:8888/ords/_/db-api/stable/metadata-catalog/"},{"rel":"describes","href":"https://localhost:8888/ords/_/db-api/stable/"}]}
diff --git a/docs/multitenant/ords-based/usecase01/makefile b/docs/multitenant/ords-based/usecase01/makefile
deleted file mode 100644
index ec454e28..00000000
--- a/docs/multitenant/ords-based/usecase01/makefile
+++ /dev/null
@@ -1,906 +0,0 @@
-# Copyright (c) 2022, Oracle and/or its affiliates.
-# Licensed under the Universal Permissive License v 1.0 as shown at http://oss.oracle.com/licenses/upl.
-#   __  __       _         __ _ _
-#  |  \/  | __ _| | _____ / _(_) | ___
-#  | |\/| |/ _` | |/ / _ \ |_| | |/ _ \
-#  | |  | | (_| |   <  __/  _| | |  __/
-#  |_|  |_|\__,_|_|\_\___|_| |_|_|\___|
-#  | | | | ___| |_ __   ___ _ __
-#  | |_| |/ _ \ | '_ \ / _ \ '__|
-#  |  _  |  __/ | |_) |  __/ |
-#  |_| |_|\___|_| .__/ \___|_|
-#               |_|
-#
-#  WARNING: Using this makefile helps you to customize yaml  
-#           files. Edit parameters.txt with your enviroment 
-#           informartion and execute the following steps
-#
-#         1) make operator
-#            it configures the operator yaml files with the 
-#            watch namelist required by the multitenant controllers
-#      
-#         2) make genyaml 
-#            It automatically creates all the yaml files based on the 
-#            information available in the parameters file 
-#
-#         3) make secrets
-#            It configure the required secrets necessary to operate
-#            with pdbs multitenant controllers
-#
-#         4) make runall01
-#            Start a series of operation create open close delete and so on 
-#            
-#            LIST OF GENERAED YAML FILE
-#
-#               -----------------------------       ----------------------------------
-# 		oracle-database-operator.yaml     : oracle database operator
-# 		cdbnamespace_binding.yaml         : role binding for cdbnamespace
-# 		pdbnamespace_binding.yaml         : role binding for pdbnamespace
-# 		create_cdb_secret.yaml            : create secrets for ords server pod
-# 		create_pdb_secret.yaml            : create secrets for pluggable database
-# 		create_ords_pod.yaml             : create rest server pod
-# 		create_pdb1_resource.yaml       : create first pluggable database
-# 		create_pdb2_resource.yaml       : create second pluggable database
-# 		open_pdb1_resource.yaml         : open first pluggable database
-# 		open_pdb2_resource.yaml         : open second pluggable database
-# 		close_pdb1_resource.yaml        : close first pluggable database
-# 		close_pdb2_resource.yaml        : close second pluggable database
-# 		clone_pdb_resource.yaml         : clone thrid pluggable database
-# 		clone_pdb2_resource.yaml        : clone 4th pluggable database
-# 		delete_pdb1_resource.yaml       : delete first pluggable database
-# 		delete_pdb2_resource.yaml       : delete sencond pluggable database
-# 		delete_pdb3_resource.yaml       : delete thrid pluggable database
-# 		unplug_pdb1_resource.yaml       : unplug first pluggable database
-# 		plug_pdb1_resource.yaml         : plug first pluggable database
-# 		map_pdb1_resource.yaml          : map the first pluggable database
-# 		config_map.yam                  : pdb parameters array
-#
-DATE  := `date "+%y%m%d%H%M%S"`
-######################
-# PARAMETER SECTIONS #
-######################
-   
-export PARAMETERS=parameters.txt
-export TNSALIAS=$(shell cat $(PARAMETERS)  |grep -v ^\#|grep TNSALIAS|cut -d :  -f 2)
-export ORDPWD=$(shell cat $(PARAMETERS)|grep -v ^\#|grep ORDPWD|cut -d :  -f 2)
-export SYSPWD=$(shell cat $(PARAMETERS)|grep -v ^\#|grep SYSPWD|cut -d :  -f 2)
-export WBUSER=$(shell cat $(PARAMETERS)|grep -v ^\#|grep WBUSER|cut -d :  -f 2)
-export WBPASS=$(shell cat $(PARAMETERS)|grep -v ^\#|grep WBPASS|cut -d :  -f 2)
-export PDBUSR=$(shell cat $(PARAMETERS)|grep -v ^\#|grep PDBUSR|cut -d :  -f 2)
-export PDBPWD=$(shell cat $(PARAMETERS)|grep -v ^\#|grep PDBPWD|cut -d :  -f 2)
-export CDBUSR=$(shell cat $(PARAMETERS)|grep -v ^\#|grep CDBUSR|cut -d :  -f 2)
-export CDBPWD=$(shell cat $(PARAMETERS)|grep -v ^\#|grep CDBPWD|cut -d :  -f 2)
-export OPRNAMESPACE=$(shell cat $(PARAMETERS)|grep -v ^\#|grep OPRNAMESPACE|cut -d :  -f 2)
-export OPRNAMESPACE=$(shell cat $(PARAMETERS)|grep -v ^\#|grep OPRNAMESPACE|cut -d :  -f 2)
-export ORDSIMG=$(shell cat $(PARAMETERS)|grep -v ^\#|grep ORDSIMG|cut -d : -f 2,3)
-export COMPANY=$(shell cat $(PARAMETERS)|grep -v ^\#|grep COMPANY|cut -d : -f 2)
-export APIVERSION=$(shell cat $(PARAMETERS)|grep -v ^\#|grep APIVERSION|cut -d : -f 2)
-export OPRNAMESPACE=oracle-database-operator-system
-export ORACLE_OPERATOR_YAML=../../../../oracle-database-operator.yaml
-export TEST_EXEC_TIMEOUT=3m
-export IMAGE=oracle/ords-dboper:latest
-export ORDSIMGDIR=../../../../ords
-
-REST_SERVER=ords
-SKEY=tls.key
-SCRT=tls.crt
-CART=ca.crt
-PRVKEY=ca.key
-PUBKEY=public.pem
-COMPANY=oracle
-RUNTIME=/usr/bin/podman
-
-#################
-### FILE LIST ###
-#################
-
-export ORDS_POD=create_ords_pod.yaml
-
-export CDB_SECRETS=create_cdb_secrets.yaml
-export PDB_SECRETS=create_pdb_secrets.yaml
-
-export PDBCRE1=create_pdb1_resource.yaml
-export PDBCRE2=create_pdb2_resource.yaml
-
-export PDBCLOSE1=close_pdb1_resource.yaml
-export PDBCLOSE2=close_pdb2_resource.yaml
-export PDBCLOSE3=close_pdb3_resource.yaml
-
-export PDBOPEN1=open_pdb1_resource.yaml
-export PDBOPEN2=open_pdb2_resource.yaml
-export PDBOPEN3=open_pdb3_resource.yaml
-
-export PDBCLONE1=clone_pdb1_resource.yaml
-export PDBCLONE2=clone_pdb2_resource.yaml
-
-export PDBDELETE1=delete_pdb1_resource.yaml
-export PDBDELETE2=delete_pdb2_resource.yaml
-export PDBDELETE3=delete_pdb3_resource.yaml
-
-export PDBUNPLUG1=unplug_pdb1_resource.yaml
-export PDBPLUG1=plug_pdb1_resource.yaml
-
-export PDBMAP1=map_pdb1_resource.yaml
-export PDBMAP2=map_pdb2_resource.yaml
-export PDBMAP3=map_pdb3_resource.yaml
-
-export PDBMAP1=map_pdb1_resource.yaml
-export PDBMAP2=map_pdb2_resource.yaml
-export PDBMAP3=map_pdb3_resource.yaml
-
-
-##BINARIES
-export KUBECTL=/usr/bin/kubectl
-OPENSSL=/usr/bin/openssl
-ECHO=/usr/bin/echo
-RM=/usr/bin/rm
-CP=/usr/bin/cp
-TAR=/usr/bin/tar
-MKDIR=/usr/bin/mkdir
-SED=/usr/bin/sed
-
-define msg
-@printf "\033[31;7m%s\033[0m\r" "......................................]"
-@printf "\033[31;7m[\xF0\x9F\x91\x89 %s\033[0m\n" $(1)
-endef
-
-check:
-	$(call msg,"CHECK PARAMETERS")
-	@printf "TNSALIAS...............:%.60s....\n" $(TNSALIAS)
-	@printf "ORDPWD.................:%s\n" $(ORDPWD)
-	@printf "SYSPWD.................:%s\n" $(SYSPWD)
-	@printf "WBUSER.................:%s\n" $(WBUSER)
-	@printf "WBPASS.................:%s\n" $(WBPASS)
-	@printf "PDBUSR.................:%s\n" $(PDBUSR)
-	@printf "PDBPWD.................:%s\n" $(PDBPWD)
-	@printf "CDBUSR.................:%s\n" $(CDBUSR)
-	@printf "CDBPWD.................:%s\n" $(CDBPWD)
-	@printf "OPRNAMESPACE...........:%s\n" $(OPRNAMESPACE)
-	@printf "COMPANY................:%s\n" $(COMPANY)
-	@printf "APIVERSION.............:%s\n" $(APIVERSION)
-
-
-tlscrt:
-	$(call msg,"TLS GENERATION")
-	#$(OPENSSL) genrsa -out $(PRVKEY) 2048	
-	$(OPENSSL)  genpkey -algorithm RSA  -pkeyopt rsa_keygen_bits:2048 -pkeyopt rsa_keygen_pubexp:65537 > $(PRVKEY)
-	$(OPENSSL) req -new -x509 -days 365 -key $(PRVKEY) \
-    	       -subj "/C=CN/ST=GD/L=SZ/O=$(COMPANY), Inc./CN=$(COMPANY) Root CA" -out ca.crt
-	$(OPENSSL) req -newkey rsa:2048 -nodes -keyout $(SKEY) -subj \
-	       	"/C=CN/ST=GD/L=SZ/O=$(COMPANY), Inc./CN=cdb-dev-$(REST_SERVER).$(OPRNAMESPACE)" -out server.csr
-	$(ECHO) "subjectAltName=DNS:cdb-dev-$(REST_SERVER).$(OPRNAMESPACE)" > extfile.txt
-	$(OPENSSL) x509 -req -extfile extfile.txt -days 365 -in server.csr -CA ca.crt -CAkey $(PRVKEY) -CAcreateserial -out $(SCRT)
-	$(OPENSSL) rsa -in $(PRVKEY) -outform PEM  -pubout -out $(PUBKEY)
-
-tlssec:
-	$(call msg,"GENERATE TLS SECRET")
-	$(KUBECTL) create secret tls db-tls --key="$(SKEY)" --cert="$(SCRT)"  -n $(OPRNAMESPACE)
-	$(KUBECTL) create secret generic db-ca --from-file="$(CART)" -n $(OPRNAMESPACE)
-
-
-delsec:
-	$(call msg,"CLEAN OLD SECRETS")
-	$(eval SECRETSP:=$(shell kubectl get secrets -n $(OPRNAMESPACE) -o custom-columns=":metadata.name" --no-headers|grep -v webhook-server-cert) )	
-	@[ "${SECRETSP}" ] && ( \
-	       	printf "Deleteing secrets in namespace -n $(OPRNAMESPACE)\n") &&\
-	        ($(KUBECTL) delete secret  $(SECRETSP) -n $(OPRNAMESPACE))\
-	        || ( echo "No screts in namespace $(OPRNAMESPACE)")
-
-
-###### ENCRYPTED SECRETS ######
-export PRVKEY=ca.key
-export PUBKEY=public.pem
-WBUSERFILE=wbuser.txt
-WBPASSFILE=wbpass.txt
-CDBUSRFILE=cdbusr.txt
-CDBPWDFILE=cdbpwd.txt
-SYSPWDFILE=syspwd.txt
-ORDPWDFILE=ordpwd.txt
-PDBUSRFILE=pdbusr.txt
-PDBPWDFILE=pdbpwd.txt
-
-
-
-secrets: delsec tlscrt tlssec
-	$(OPENSSL) rsa -in $(PRVKEY) -outform PEM  -pubout -out $(PUBKEY)
-	$(KUBECTL) create secret generic pubkey --from-file=publicKey=$(PUBKEY) -n $(OPRNAMESPACE)
-	$(KUBECTL) create secret generic prvkey --from-file=privateKey=$(PRVKEY)  -n $(OPRNAMESPACE)
-	@$(ECHO) $(WBUSER) > $(WBUSERFILE)
-	@$(ECHO) $(WBPASS) > $(WBPASSFILE)
-	@$(ECHO) $(CDBPWD) > $(CDBPWDFILE)
-	@$(ECHO) $(CDBUSR) > $(CDBUSRFILE)
-	@$(ECHO) $(SYSPWD) > $(SYSPWDFILE)
-	@$(ECHO) $(ORDPWD) > $(ORDPWDFILE)
-	@$(ECHO) $(PDBUSR) > $(PDBUSRFILE)
-	@$(ECHO) $(PDBPWD) > $(PDBPWDFILE)
-	$(OPENSSL) rsautl -encrypt -pubin -inkey $(PUBKEY) -in $(WBUSERFILE) |base64 > e_$(WBUSERFILE)
-	$(OPENSSL) rsautl -encrypt -pubin -inkey $(PUBKEY) -in $(WBPASSFILE) |base64 > e_$(WBPASSFILE)
-	$(OPENSSL) rsautl -encrypt -pubin -inkey $(PUBKEY) -in $(CDBPWDFILE) |base64 > e_$(CDBPWDFILE)
-	$(OPENSSL) rsautl -encrypt -pubin -inkey $(PUBKEY) -in $(CDBUSRFILE) |base64 > e_$(CDBUSRFILE)
-	$(OPENSSL) rsautl -encrypt -pubin -inkey $(PUBKEY) -in $(SYSPWDFILE) |base64 > e_$(SYSPWDFILE)
-	$(OPENSSL) rsautl -encrypt -pubin -inkey $(PUBKEY) -in $(ORDPWDFILE) |base64 > e_$(ORDPWDFILE)
-	$(OPENSSL) rsautl -encrypt -pubin -inkey $(PUBKEY) -in $(PDBUSRFILE) |base64 > e_$(PDBUSRFILE)
-	$(OPENSSL) rsautl -encrypt -pubin -inkey $(PUBKEY) -in $(PDBPWDFILE) |base64 > e_$(PDBPWDFILE)
-	$(KUBECTL) create secret generic wbuser --from-file=e_$(WBUSERFILE) -n  $(OPRNAMESPACE)
-	$(KUBECTL) create secret generic wbpass --from-file=e_$(WBPASSFILE) -n  $(OPRNAMESPACE)
-	$(KUBECTL) create secret generic cdbpwd --from-file=e_$(CDBPWDFILE) -n  $(OPRNAMESPACE)
-	$(KUBECTL) create secret generic cdbusr --from-file=e_$(CDBUSRFILE) -n  $(OPRNAMESPACE)
-	$(KUBECTL) create secret generic syspwd --from-file=e_$(SYSPWDFILE) -n  $(OPRNAMESPACE)
-	$(KUBECTL) create secret generic ordpwd --from-file=e_$(ORDPWDFILE) -n  $(OPRNAMESPACE)
-	$(KUBECTL) create secret generic pdbusr --from-file=e_$(PDBUSRFILE) -n  $(OPRNAMESPACE)
-	$(KUBECTL) create secret generic pdbpwd --from-file=e_$(PDBPWDFILE) -n  $(OPRNAMESPACE)
-	$(RM)  $(WBUSERFILE)  $(WBPASSFILE) $(CDBPWDFILE) $(CDBUSRFILE)  $(SYSPWDFILE)  $(ORDPWDFILE)  $(PDBUSRFILE) $(PDBPWDFILE) 
-	$(RM)  e_$(WBUSERFILE)  e_$(WBPASSFILE) e_$(CDBPWDFILE) e_$(CDBUSRFILE)  e_$(SYSPWDFILE)  e_$(ORDPWDFILE)  e_$(PDBUSRFILE) e_$(PDBPWDFILE) 
-
-
-### YAML FILE SECTION ###
-operator:
-	 $(CP) ${ORACLE_OPERATOR_YAML} .
-	${CP} `basename ${ORACLE_OPERATOR_YAML}` `basename ${ORACLE_OPERATOR_YAML}`.ORG
-	$(SED) -i  's/value: ""/value: $(OPRNAMESPACE)/g'   `basename ${ORACLE_OPERATOR_YAML}`
-
-
-define _script00
-cat <<EOF > authsection01.yaml
-  sysAdminPwd:
-    secret:
-      secretName: "syspwd"
-      key: "e_syspwd.txt"
-  ordsPwd:
-    secret:
-      secretName: "ordpwd"
-      key: "e_ordpwd.txt"
-  cdbAdminUser:
-    secret:
-      secretName: "cdbusr"
-      key: "e_cdbusr.txt"
-  cdbAdminPwd:
-    secret:
-      secretName: "cdbpwd"
-      key: "e_cdbpwd.txt"
-  webServerUser:
-    secret:
-      secretName: "wbuser"
-      key: "e_wbuser.txt"
-  webServerPwd:
-    secret:
-      secretName: "wbpass"
-      key: "e_wbpass.txt"
-  cdbTlsKey:
-    secret:
-      secretName: "db-tls"
-      key: "tls.key"
-  cdbTlsCrt:
-    secret:
-      secretName: "db-tls"
-      key: "tls.crt"
-  cdbOrdsPrvKey:
-    secret:
-      secretName: "prvkey"
-      key: "privateKey"
-EOF
-
-cat<<EOF > authsection02.yaml
-  adminName:
-    secret:
-      secretName: "pdbusr"
-      key: "e_pdbusr.txt"
-  adminPwd:
-    secret:
-      secretName: "pdbpwd"
-      key: "e_pdbpwd.txt"
-  pdbTlsKey:
-    secret:
-      secretName: "db-tls"
-      key: "tls.key"
-  pdbTlsCrt:
-    secret:
-      secretName: "db-tls"
-      key: "tls.crt"
-  pdbTlsCat:
-    secret:
-      secretName: "db-ca"
-      key: "ca.crt"
-  webServerUser:
-    secret:
-      secretName: "wbuser"
-      key: "e_wbuser.txt"
-  webServerPwd:
-    secret:
-      secretName: "wbpass"
-      key: "e_wbpass.txt"
-  pdbOrdsPrvKey:
-    secret:
-      secretName: "prvkey"
-      key: "privateKey"
-EOF
-
-
-cat <<EOF > ${OPRNAMESPACE}_binding.yaml
-apiVersion: rbac.authorization.k8s.io/v1
-kind: RoleBinding
-metadata:
-  name: oracle-database-operator-oracle-database-operator-manager-rolebinding1
-  namespace: ${OPRNAMESPACE}
-roleRef:
-  apiGroup: rbac.authorization.k8s.io
-  kind: ClusterRole
-  name: oracle-database-operator-manager-role
-subjects:
-- kind: ServiceAccount
-  name: default
-  namespace: oracle-database-operator-system
-EOF
-
-cat <<EOF > ${OPRNAMESPACE}_binding.yaml
-apiVersion: rbac.authorization.k8s.io/v1
-kind: RoleBinding
-metadata:
-  name: oracle-database-operator-oracle-database-operator-manager-rolebinding2
-  namespace: ${OPRNAMESPACE}
-roleRef:
-  apiGroup: rbac.authorization.k8s.io
-  kind: ClusterRole
-  name: oracle-database-operator-manager-role
-subjects:
-- kind: ServiceAccount
-  name: default
-  namespace: oracle-database-operator-system
-EOF
-
-endef
-export script00 = $(value _script00)
-secyaml:
-	@ eval "$$script00"
-
-#echo ords pod creation
-define _script01
-cat <<EOF > ${ORDS_POD}
-apiVersion: database.oracle.com/${APIVERSION}
-kind: CDB
-metadata: 
-  name: cdb-dev
-  namespace: oracle-database-operator-system
-spec:
-  cdbName: "DB12"
-  ordsImage: ${ORDSIMG}
-  ordsImagePullPolicy: "Always"
-  dbTnsurl : ${TNSALIAS}
-  replicas: 1
-  deletePdbCascade: true
-EOF
-
-cat  authsection01.yaml >> ${ORDS_POD}
-
-endef
-export script01 = $(value _script01)
-
-
-define _script02
-
-cat <<EOF >${PDBCRE1}
-apiVersion: database.oracle.com/${APIVERSION}
-kind: PDB
-metadata:
-  name: pdb1
-  namespace: ${OPRNAMESPACE}
-  labels:
-    cdb: cdb-dev
-spec:
-  cdbResName: "cdb-dev"
-  cdbNamespace: "${OPRNAMESPACE}"
-  cdbName: "DB12"
-  pdbName: "pdbdev"
-  assertivePdbDeletion: true
-  fileNameConversions: "NONE"
-  unlimitedStorage: false
-  tdeImport: false
-  totalSize: "2G"
-  tempSize: "800M"
-  action: "Create"
-EOF
-
-cat <<EOF > ${PDBCRE2}
-apiVersion: database.oracle.com/${APIVERSION}
-kind: PDB
-metadata:
-  name: pdb2
-  namespace: ${OPRNAMESPACE}
-  labels:
-    cdb: cdb-dev
-spec:
-  cdbResName: "cdb-dev"
-  cdbNamespace: "${OPRNAMESPACE}"
-  cdbName: "DB12"
-  pdbName: "pdbprd"
-  assertivePdbDeletion: true
-  fileNameConversions: "NONE"
-  unlimitedStorage: false
-  tdeImport: false
-  totalSize: "2G"
-  tempSize: "800M"
-  action: "Create"
-EOF
-
-cat <<EOF >${PDBOPEN1}
-apiVersion: database.oracle.com/${APIVERSION}
-kind: PDB
-metadata:
-  name: pdb1
-  namespace: ${OPRNAMESPACE}
-  labels:
-    cdb: cdb-dev
-spec:
-  cdbResName: "cdb-dev"
-  cdbNamespace: "${OPRNAMESPACE}"
-  cdbName: "DB12"
-  pdbName: "pdbdev"
-  action: "Modify"
-  pdbState: "OPEN"
-  modifyOption: "READ WRITE"
-EOF
-
-cat <<EOF >${PDBOPEN2}
-apiVersion: database.oracle.com/${APIVERSION}
-kind: PDB
-metadata:
-  name: pdb2
-  namespace: ${OPRNAMESPACE}
-  labels:
-    cdb: cdb-dev
-spec:
-  cdbResName: "cdb-dev"
-  cdbNamespace: "${OPRNAMESPACE}"
-  cdbName: "DB12"
-  pdbName: "pdbprd"
-  action: "Modify"
-  pdbState: "OPEN"
-  modifyOption: "READ WRITE"
-EOF
-
-cat <<EOF >${PDBOPEN3}
-apiVersion: database.oracle.com/${APIVERSION}
-kind: PDB
-metadata:
-  name: pdb3
-  namespace: ${OPRNAMESPACE}
-  labels:
-    cdb: cdb-dev
-spec:
-  cdbResName: "cdb-dev"
-  cdbNamespace: "${OPRNAMESPACE}"
-  cdbName: "DB12"
-  pdbName: "new_clone"
-  action: "Modify"
-  pdbState: "OPEN"
-  modifyOption: "READ WRITE"
-EOF
-
-cat <<EOF >${PDBCLOSE1}
-apiVersion: database.oracle.com/${APIVERSION}
-kind: PDB
-metadata:
-  name: pdb1
-  namespace: ${OPRNAMESPACE}
-  labels:
-    cdb: cdb-dev
-spec:
-  cdbResName: "cdb-dev"
-  cdbNamespace: "${OPRNAMESPACE}"
-  cdbName: "DB12"
-  pdbName: "pdbdev"
-  pdbState: "CLOSE"
-  modifyOption: "IMMEDIATE"
-  action: "Modify"
-EOF
-
-cat <<EOF >${PDBCLOSE2}
-apiVersion: database.oracle.com/${APIVERSION}
-kind: PDB
-metadata:
-  name: pdb2
-  namespace: ${OPRNAMESPACE}
-  labels:
-    cdb: cdb-dev
-spec:
-  cdbResName: "cdb-dev"
-  cdbNamespace: "${OPRNAMESPACE}"
-  cdbName: "DB12"
-  pdbName: "pdbprd"
-  pdbState: "CLOSE"
-  modifyOption: "IMMEDIATE"
-  action: "Modify"
-EOF
-
-cat <<EOF >${PDBCLOSE3}
-apiVersion: database.oracle.com/${APIVERSION}
-kind: PDB
-metadata:
-  name: pdb3
-  namespace: ${OPRNAMESPACE}
-  labels:
-    cdb: cdb-dev
-spec:
-  cdbResName: "cdb-dev"
-  cdbNamespace: "${OPRNAMESPACE}"
-  cdbName: "DB12"
-  pdbName: ""new_clone"
-  pdbState: "CLOSE"
-  modifyOption: "IMMEDIATE"
-  action: "Modify"
-EOF
-
-cat <<EOF  > ${PDBCLONE1}
-apiVersion: database.oracle.com/${APIVERSION}
-kind: PDB
-metadata:
-  name: pdb3
-  namespace: ${OPRNAMESPACE}
-  labels:
-    cdb: cdb-dev
-spec:
-  cdbResName: "cdb-dev"
-  cdbNamespace: "${OPRNAMESPACE}"
-  cdbName: "DB12"
-  pdbName: "new_clone"
-  srcPdbName: "pdbdev"
-  fileNameConversions: "NONE"
-  totalSize: "UNLIMITED"
-  tempSize: "UNLIMITED"
-  assertivePdbDeletion: true
-  action: "Clone"
-EOF
-
-cat <<EOF  > ${PDBCLONE2}
-apiVersion: database.oracle.com/${APIVERSION}
-kind: PDB
-metadata:
-  name: pdb4
-  namespace: ${OPRNAMESPACE}
-  labels:
-    cdb: cdb-dev
-spec:
-  cdbResName: "cdb-dev"
-  cdbNamespace: "${OPRNAMESPACE}"
-  cdbName: "DB12"
-  pdbName: "new_clone2"
-  srcPdbName: "pdbprd"
-  fileNameConversions: "NONE"
-  totalSize: "UNLIMITED"
-  tempSize: "UNLIMITED"
-  assertivePdbDeletion: true
-  action: "Clone"
-EOF
-
-
-cat <<EOF > ${PDBDELETE1}
-apiVersion: database.oracle.com/${APIVERSION}
-kind: PDB
-metadata:
-  name: pdb1
-  namespace: ${OPRNAMESPACE}
-  labels:
-    cdb: cdb-dev
-spec:
-  cdbResName: "cdb-dev"
-  cdbNamespace: "${OPRNAMESPACE}"
-  pdbName: "pdbdev"
-  action: "Delete"
-  dropAction: "INCLUDING"
-EOF
-
-cat <<EOF > ${PDBDELETE2}
-apiVersion: database.oracle.com/${APIVERSION}
-kind: PDB
-metadata:
-  name: pdb2
-  namespace: ${OPRNAMESPACE}
-  labels:
-    cdb: cdb-dev
-spec:
-  cdbResName: "cdb-dev"
-  cdbNamespace: "${OPRNAMESPACE}"
-  pdbName: "pdbprd"
-  action: "Delete"
-  dropAction: "INCLUDING"
-EOF
-
-cat <<EOF > ${PDBUNPLUG1}
-apiVersion: database.oracle.com/${APIVERSION}
-kind: PDB
-metadata:
-  name: pdb1
-  namespace: ${OPRNAMESPACE}
-  labels:
-    cdb: cdb-dev
-spec:
-  cdbResName: "cdb-dev"
-  cdbNamespace: "${OPRNAMESPACE}"
-  cdbName: "DB12"
-  pdbName: "pdbdev"
-  xmlFileName: "/tmp/pdb.xml"
-  action: "Unplug"
-EOF
-
-cat <<EOF >${PDBPLUG1}
-apiVersion: database.oracle.com/${APIVERSION}
-kind: PDB
-metadata:
-  name: pdb1
-  namespace: ${OPRNAMESPACE}
-  labels:
-    cdb: cdb-dev
-spec:
-  cdbResName: "cdb-dev"
-  cdbNamespace: "${OPRNAMESPACE}"
-  cdbName: "DB12"
-  pdbName: "pdbdev"
-  xmlFileName: "/tmp/pdb.xml"
-  action: "plug"
-  fileNameConversions: "NONE"
-  sourceFileNameConversions: "NONE"
-  copyAction: "MOVE"
-  totalSize: "1G"
-  tempSize: "100M"
-  assertivePdbDeletion: true
-  action: "Plug"
-EOF
-
-cat <<EOF >${PDBMAP1}
-apiVersion: database.oracle.com/${APIVERSION}
-kind: PDB
-metadata:
-  name: pdb1
-  namespace: ${OPRNAMESPACE}
-  labels:
-    cdb: cdb-dev
-spec:
-  cdbResName: "cdb-dev"
-  cdbNamespace: "${OPRNAMESPACE}"
-  cdbName: "DB12"
-  pdbName: "pdbdev"
-  assertivePdbDeletion: true
-  fileNameConversions: "NONE"
-  totalSize: "1G"
-  tempSize: "100M"
-  action: "Map"
-EOF
-
-cat <<EOF >${PDBMAP2}
-apiVersion: database.oracle.com/${APIVERSION}
-kind: PDB
-metadata:
-  name: pdb2
-  namespace: ${OPRNAMESPACE}
-  labels:
-    cdb: cdb-dev
-spec:
-  cdbResName: "cdb-dev"
-  cdbNamespace: "${OPRNAMESPACE}"
-  cdbName: "DB12"
-  pdbName: "pdbprd"
-  assertivePdbDeletion: true
-  fileNameConversions: "NONE"
-  totalSize: "1G"
-  tempSize: "100M"
-  action: "Map"
-EOF
-
-
-cat <<EOF >${PDBMAP3}
-apiVersion: database.oracle.com/${APIVERSION}
-kind: PDB
-metadata:
-  name: pdb3
-  namespace: ${OPRNAMESPACE}
-  labels:
-    cdb: cdb-dev
-spec:
-  cdbResName: "cdb-dev"
-  cdbNamespace: "${OPRNAMESPACE}"
-  cdbName: "DB12"
-  pdbName: "new_clone"
-  assertivePdbDeletion: true
-  fileNameConversions: "NONE"
-  totalSize: "1G"
-  tempSize: "100M"
-  action: "Map"
-EOF
-
-
-## Auth information
-for _file in ${PDBCRE1} ${PDBCRE2} ${PDBOPEN1} ${PDBOPEN2} ${PDBOPEN3} ${PDBCLOSE1} ${PDBCLOSE2} ${PDBCLOSE3} ${PDBCLONE1} ${PDBCLONE2} ${PDBDELETE1} ${PDBDELETE2} ${PDBUNPLUG1} ${PDBPLUG1} ${PDBMAP1} ${PDBMAP2} ${PDBMAP3} 
-do 
-ls -ltr ${_file}
-     cat authsection02.yaml >> ${_file}
-done
-rm authsection02.yaml
-rm authsection01.yaml
-endef
-
-export script02 = $(value _script02)
-
-genyaml:  secyaml
-	@ eval "$$script01"
-	@ eval "$$script02"
-
-cleanyaml:
-	- $(RM) $(PDBMAP3) $(PDBMAP2) $(PDBMAP1) $(PDBPLUG1) $(PDBUNPLUG1) $(PDBDELETE2) $(PDBDELETE1) $(PDBCLONE2) $(PDBCLONE1) $(PDBCLOSE3) $(PDBCLOSE2) $(PDBCLOSE1) $(PDBOPEN3) $(PDBOPEN2) $(PDBOPEN1) $(PDBCRE2) $(PDBCRE1) $(ORDS_POD) $(CDB_SECRETS) $(PDB_SECRETS) 
-	- $(RM) ${OPRNAMESPACE}_binding.yaml ${OPRNAMESPACE}_binding.yaml
-
-
-cleancrt:
-	- $(RM) $(SKEY) $(SCRT) $(CART) $(PRVKEY) $(PUBKEY) server.csr extfile.txt ca.srl 
-
-
-#################
-### PACKAGING ###
-#################
-
-pkg:
-	- $(RM) -rf /tmp/pkgtestplan
-	$(MKDIR) /tmp/pkgtestplan
-	$(CP) -R * /tmp/pkgtestplan
-	$(CP) ../../../../oracle-database-operator.yaml /tmp/pkgtestplan/
-	$(TAR) -C /tmp -cvf ~/pkgtestplan_$(DATE).tar pkgtestplan
-
-################
-###   diag   ###
-################
-
-login:
-	$(KUBECTL) exec   `$(KUBECTL) get pods -n $(OPRNAMESPACE)|grep ords|cut -d ' ' -f 1` -n $(OPRNAMESPACE) -it -- /bin/bash
-
-
-reloadop:
-	echo "RESTARTING OPERATOR"
-	$(eval OP1 := $(shell $(KUBECTL) get pods -n $(OPRNAMESPACE)|grep oracle-database-operator-controller|head -1|cut  -d ' ' -f 1 ))
-	$(eval OP2 := $(shell $(KUBECTL) get pods -n $(OPRNAMESPACE)|grep oracle-database-operator-controller|head -2|tail -1|cut  -d ' ' -f 1 ))
-	$(eval OP3 := $(shell $(KUBECTL) get pods -n $(OPRNAMESPACE)|grep oracle-database-operator-controller|tail -1|cut  -d ' ' -f 1 ))
-	$(KUBECTL) get pod $(OP1) -n $(OPRNAMESPACE) -o yaml | kubectl replace --force -f -
-	$(KUBECTL) get pod $(OP2) -n $(OPRNAMESPACE) -o yaml | kubectl replace --force -f -
-	$(KUBECTL) get pod $(OP3) -n $(OPRNAMESPACE) -o yaml | kubectl replace --force -f -
-
-
-dump:
-	@$(eval TMPSP := $(shell date "+%y%m%d%H%M%S" ))
-	@$(eval DIAGFILE := ./opdmp.$(TMPSP))
-	@>$(DIAGFILE)
-	@echo "OPERATOR DUMP"  >> $(DIAGFILE)
-	@echo "~~~~~~~~~~~~~"  >> $(DIAGFILE)
-	$(KUBECTL) logs   pod/`$(KUBECTL) get pods -n $(OPRNAMESPACE)|grep oracle-database-operator-controller|head -1|cut  -d ' ' -f 1` -n $(OPRNAMESPACE) >>$(DIAGFILE)
-	$(KUBECTL) logs   pod/`$(KUBECTL) get pods -n $(OPRNAMESPACE)|grep oracle-database-operator-controller|head -2|tail -1 | cut -d ' ' -f 1` -n $(OPRNAMESPACE) >>$(DIAGFILE)
-	$(KUBECTL) logs   pod/`$(KUBECTL) get pods -n $(OPRNAMESPACE)|grep oracle-database-operator-controller|tail -1|cut  -d ' ' -f 1` -n $(OPRNAMESPACE) >>$(DIAGFILE)
-
-#######################################################
-####                 TEST SECTION                  ####
-#######################################################
-
-run00:
-	@$(call msg,"cdb pod creation")
-	- $(KUBECTL) delete cdb cdb-dev -n $(OPRNAMESPACE)
-	$(KUBECTL) apply -f $(ORDS_POD) 
-	time $(KUBECTL) wait --for jsonpath='{.status.phase'}="Ready" cdb cdb-dev -n $(OPRNAMESPACE) --timeout=$(TEST_EXEC_TIMEOUT)
-	@$(call msg,"cdb pod completed")
-	$(KUBECTL) get cdb -n  $(OPRNAMESPACE)
-	$(KUBECTL) get pod -n  $(OPRNAMESPACE)
-
-run01.1:
-	@$(call msg,"pdb pdb1  creation")
-	$(KUBECTL) apply -f $(PDBCRE1)
-	time $(KUBECTL) wait --for jsonpath='{.status.phase'}="Ready" pdb pdb1 -n $(OPRNAMESPACE) --timeout=$(TEST_EXEC_TIMEOUT)
-	@$(call msg, "pdb pdb1 creation completed")
-	$(KUBECTL) get pdb pdb1 -n $(OPRNAMESPACE) 
-
-run01.2:
-	@$(call msg, "pdb pdb2  creation")
-	$(KUBECTL) apply -f $(PDBCRE2)
-	$(KUBECTL) wait --for jsonpath='{.status.phase'}="Ready" pdb pdb2 -n $(OPRNAMESPACE) --timeout=$(TEST_EXEC_TIMEOUT)
-	@$(call msg, "pdb pdb2  creation completed")
-	$(KUBECTL) get pdb pdb2 -n $(OPRNAMESPACE) 
-
-run02.1:
-	@$(call msg, "pdb pdb1  open")
-	$(KUBECTL) apply -f $(PDBOPEN1)
-	$(KUBECTL) wait --for jsonpath='{.status.openMode'}="READ WRITE" pdb pdb1 -n $(OPRNAMESPACE) --timeout=$(TEST_EXEC_TIMEOUT)
-	@$(call msg, "pdb pdb1 open completed")
-	$(KUBECTL) get pdb pdb1 -n $(OPRNAMESPACE) 
-
-run02.2:
-	@$(call msg,"pdb pdb2  open")
-	$(KUBECTL) apply -f $(PDBOPEN2)
-	$(KUBECTL) wait --for jsonpath='{.status.openMode'}="READ WRITE" pdb pdb2 -n $(OPRNAMESPACE) --timeout=$(TEST_EXEC_TIMEOUT)
-	@$(call msg,"pdb pdb2 open completed")
-	$(KUBECTL) get pdb pdb2 -n $(OPRNAMESPACE) 
-
-
-run03.1:
-	@$(call msg,"clone pdb1-->pdb3")
-	$(KUBECTL) apply -f $(PDBCLONE1)
-	$(KUBECTL) wait --for jsonpath='{.status.phase'}="Ready" pdb pdb3 -n $(OPRNAMESPACE) --timeout=$(TEST_EXEC_TIMEOUT)
-	@$(call msg,"clone pdb1-->pdb3 completed")
-	$(KUBECTL) get pdb pdb3 -n $(OPRNAMESPACE) 
-
-
-run03.2:
-	@$(call msg,"clone pdb2-->pdb4")
-	$(KUBECTL) apply -f $(PDBCLONE2)
-	$(KUBECTL) wait --for jsonpath='{.status.phase'}="Ready" pdb pdb4 -n $(OPRNAMESPACE) --timeout=$(TEST_EXEC_TIMEOUT)
-	@$(call msg,"clone pdb2-->pdb4 completed")
-	$(KUBECTL) get pdb pdb3 -n $(OPRNAMESPACE) 
-
-
-run04.1:
-	@$(call msg,"pdb pdb1  close")
-	$(KUBECTL) apply -f $(PDBCLOSE1)
-	$(KUBECTL) wait --for jsonpath='{.status.openMode'}="MOUNTED" pdb pdb1 -n $(OPRNAMESPACE) --timeout=$(TEST_EXEC_TIMEOUT)
-	@$(call msg, "pdb pdb1 close completed")
-	$(KUBECTL) get pdb pdb1 -n $(OPRNAMESPACE)
-
-run04.2:
-	@$(call msg,"pdb pdb2  close")
-	$(KUBECTL) apply -f $(PDBCLOSE2)
-	$(KUBECTL) wait --for jsonpath='{.status.openMode'}="MOUNTED" pdb pdb2 -n $(OPRNAMESPACE) --timeout=$(TEST_EXEC_TIMEOUT)
-	@$(call msg,"pdb pdb2 close completed")
-	$(KUBECTL) get pdb pdb2 -n $(OPRNAMESPACE)
-
-run05.1:
-	@$(call msg,"pdb pdb1  unplug")
-	$(KUBECTL) apply -f $(PDBUNPLUG1)
-	$(KUBECTL) wait --for=delete pdb pdb1 -n $(OPRNAMESPACE) --timeout=$(TEST_EXEC_TIMEOUT)
-	@$(call msg,"pdb pdb1 unplug completed")
-
-run06.1:
-	@$(call msg, "pdb pdb1  plug")
-	$(KUBECTL) apply -f $(PDBPLUG1)
-	$(KUBECTL) wait --for jsonpath='{.status.phase'}="Ready" pdb pdb1 -n $(OPRNAMESPACE) --timeout=$(TEST_EXEC_TIMEOUT)
-	@$(call msg, "pdb pdb1 plug completed")
-	$(KUBECTL) get pdb pdb1 -n $(OPRNAMESPACE)
-
-run07.1:
-	@$(call msg,"pdb pdb1 delete ")
-	- $(KUBECTL) apply -f $(PDBCLOSE1)
-	$(KUBECTL) wait --for jsonpath='{.status.openMode'}="MOUNTED" pdb pdb1 -n $(OPRNAMESPACE) --timeout=$(TEST_EXEC_TIMEOUT)
-	$(KUBECTL) apply -f $(PDBDELETE1)
-	$(KUBECTL) wait --for=delete pdb pdb1 -n $(OPRNAMESPACE) --timeout=$(TEST_EXEC_TIMEOUT)
-	@$(call msg,"pdb pdb1 delete")
-	$(KUBECTL) get pdb -n $(OPRNAMESPACE)
-
-run99.1:
-	$(KUBECTL) delete cdb cdb-dev -n cdbnamespace
-	$(KUBECTL) wait --for=delete cdb cdb-dev -n $(OPRNAMESPACE) --timeout=$(TEST_EXEC_TIMEOUT)
-	$(KUBECTL) get cdb -n cdbnamespaace
-	$(KUBECTL) get pdb -n pdbnamespaace
-
-
-## SEQ | ACTION
-## ----+----------------
-##  00 | create ords pod
-##  01 | create pdb
-##  02 | open pdb
-##  03 | clone pdb
-##  04 | close pdb
-##  05 | unpug pdb
-##  06 | plug pdb
-##  07 | delete pdb (declarative)
-
-	
-runall01:  run00 run01.1 run01.2 run03.1 run03.2 run04.1 run05.1 run06.1 run02.1  run07.1
-
-
-###### BUILD ORDS IMAGE ######
-
-createimage:
-	$(RUNTIME) build -t $(IMAGE) $(ORDSIMGDIR)
-
-createimageproxy:
-	$(RUNTIME) build -t $(IMAGE) $(ORDSIMGDIR) --build-arg  https_proxy=$(HTTPS_PROXY)  --build-arg http_proxy=$(HTTP_PROXY)
-
-tagimage:
-	@echo "TAG IMAGE"
-	$(RUNTIME) tag $(IMAGE) $(ORDSIMG)
-
-push:
-	 $(RUNTIME) push $(ORDSIMG)
-
-
diff --git a/docs/multitenant/ords-based/usecase01/map_pdb1_resource.yaml b/docs/multitenant/ords-based/usecase01/map_pdb1_resource.yaml
deleted file mode 100644
index 18cb35b1..00000000
--- a/docs/multitenant/ords-based/usecase01/map_pdb1_resource.yaml
+++ /dev/null
@@ -1,49 +0,0 @@
-apiVersion: database.oracle.com/v4
-kind: PDB
-metadata:
-  name: pdb1
-  namespace: oracle-database-operator-system
-  labels:
-    cdb: cdb-dev
-spec:
-  cdbResName: "cdb-dev"
-  cdbNamespace: "oracle-database-operator-system"
-  cdbName: "DB12"
-  pdbName: "pdbdev"
-  assertivePdbDeletion: true
-  fileNameConversions: "NONE"
-  totalSize: "1G"
-  tempSize: "100M"
-  action: "Map"
-  adminName:
-    secret:
-      secretName: "pdbusr"
-      key: "e_pdbusr.txt"
-  adminPwd:
-    secret:
-      secretName: "pdbpwd"
-      key: "e_pdbpwd.txt"
-  pdbTlsKey:
-    secret:
-      secretName: "db-tls"
-      key: "tls.key"
-  pdbTlsCrt:
-    secret:
-      secretName: "db-tls"
-      key: "tls.crt"
-  pdbTlsCat:
-    secret:
-      secretName: "db-ca"
-      key: "ca.crt"
-  webServerUser:
-    secret:
-      secretName: "wbuser"
-      key: "e_wbuser.txt"
-  webServerPwd:
-    secret:
-      secretName: "wbpass"
-      key: "e_wbpass.txt"
-  pdbOrdsPrvKey:
-    secret:
-      secretName: "prvkey"
-      key: "privateKey"
diff --git a/docs/multitenant/ords-based/usecase01/map_pdb2_resource.yaml b/docs/multitenant/ords-based/usecase01/map_pdb2_resource.yaml
deleted file mode 100644
index 85899597..00000000
--- a/docs/multitenant/ords-based/usecase01/map_pdb2_resource.yaml
+++ /dev/null
@@ -1,49 +0,0 @@
-apiVersion: database.oracle.com/v4
-kind: PDB
-metadata:
-  name: pdb2
-  namespace: oracle-database-operator-system
-  labels:
-    cdb: cdb-dev
-spec:
-  cdbResName: "cdb-dev"
-  cdbNamespace: "oracle-database-operator-system"
-  cdbName: "DB12"
-  pdbName: "pdbprd"
-  assertivePdbDeletion: true
-  fileNameConversions: "NONE"
-  totalSize: "1G"
-  tempSize: "100M"
-  action: "Map"
-  adminName:
-    secret:
-      secretName: "pdbusr"
-      key: "e_pdbusr.txt"
-  adminPwd:
-    secret:
-      secretName: "pdbpwd"
-      key: "e_pdbpwd.txt"
-  pdbTlsKey:
-    secret:
-      secretName: "db-tls"
-      key: "tls.key"
-  pdbTlsCrt:
-    secret:
-      secretName: "db-tls"
-      key: "tls.crt"
-  pdbTlsCat:
-    secret:
-      secretName: "db-ca"
-      key: "ca.crt"
-  webServerUser:
-    secret:
-      secretName: "wbuser"
-      key: "e_wbuser.txt"
-  webServerPwd:
-    secret:
-      secretName: "wbpass"
-      key: "e_wbpass.txt"
-  pdbOrdsPrvKey:
-    secret:
-      secretName: "prvkey"
-      key: "privateKey"
diff --git a/docs/multitenant/ords-based/usecase01/map_pdb3_resource.yaml b/docs/multitenant/ords-based/usecase01/map_pdb3_resource.yaml
deleted file mode 100644
index 9c2c1cd3..00000000
--- a/docs/multitenant/ords-based/usecase01/map_pdb3_resource.yaml
+++ /dev/null
@@ -1,49 +0,0 @@
-apiVersion: database.oracle.com/v4
-kind: PDB
-metadata:
-  name: pdb3
-  namespace: oracle-database-operator-system
-  labels:
-    cdb: cdb-dev
-spec:
-  cdbResName: "cdb-dev"
-  cdbNamespace: "oracle-database-operator-system"
-  cdbName: "DB12"
-  pdbName: "new_clone"
-  assertivePdbDeletion: true
-  fileNameConversions: "NONE"
-  totalSize: "1G"
-  tempSize: "100M"
-  action: "Map"
-  adminName:
-    secret:
-      secretName: "pdbusr"
-      key: "e_pdbusr.txt"
-  adminPwd:
-    secret:
-      secretName: "pdbpwd"
-      key: "e_pdbpwd.txt"
-  pdbTlsKey:
-    secret:
-      secretName: "db-tls"
-      key: "tls.key"
-  pdbTlsCrt:
-    secret:
-      secretName: "db-tls"
-      key: "tls.crt"
-  pdbTlsCat:
-    secret:
-      secretName: "db-ca"
-      key: "ca.crt"
-  webServerUser:
-    secret:
-      secretName: "wbuser"
-      key: "e_wbuser.txt"
-  webServerPwd:
-    secret:
-      secretName: "wbpass"
-      key: "e_wbpass.txt"
-  pdbOrdsPrvKey:
-    secret:
-      secretName: "prvkey"
-      key: "privateKey"
diff --git a/docs/multitenant/ords-based/usecase01/open_pdb1_resource.yaml b/docs/multitenant/ords-based/usecase01/open_pdb1_resource.yaml
deleted file mode 100644
index 63a0a49c..00000000
--- a/docs/multitenant/ords-based/usecase01/open_pdb1_resource.yaml
+++ /dev/null
@@ -1,47 +0,0 @@
-apiVersion: database.oracle.com/v4
-kind: PDB
-metadata:
-  name: pdb1
-  namespace: oracle-database-operator-system
-  labels:
-    cdb: cdb-dev
-spec:
-  cdbResName: "cdb-dev"
-  cdbNamespace: "oracle-database-operator-system"
-  cdbName: "DB12"
-  pdbName: "pdbdev"
-  action: "Modify"
-  pdbState: "OPEN"
-  modifyOption: "READ WRITE"
-  adminName:
-    secret:
-      secretName: "pdbusr"
-      key: "e_pdbusr.txt"
-  adminPwd:
-    secret:
-      secretName: "pdbpwd"
-      key: "e_pdbpwd.txt"
-  pdbTlsKey:
-    secret:
-      secretName: "db-tls"
-      key: "tls.key"
-  pdbTlsCrt:
-    secret:
-      secretName: "db-tls"
-      key: "tls.crt"
-  pdbTlsCat:
-    secret:
-      secretName: "db-ca"
-      key: "ca.crt"
-  webServerUser:
-    secret:
-      secretName: "wbuser"
-      key: "e_wbuser.txt"
-  webServerPwd:
-    secret:
-      secretName: "wbpass"
-      key: "e_wbpass.txt"
-  pdbOrdsPrvKey:
-    secret:
-      secretName: "prvkey"
-      key: "privateKey"
diff --git a/docs/multitenant/ords-based/usecase01/open_pdb2_resource.yaml b/docs/multitenant/ords-based/usecase01/open_pdb2_resource.yaml
deleted file mode 100644
index 8c4eed0d..00000000
--- a/docs/multitenant/ords-based/usecase01/open_pdb2_resource.yaml
+++ /dev/null
@@ -1,47 +0,0 @@
-apiVersion: database.oracle.com/v4
-kind: PDB
-metadata:
-  name: pdb2
-  namespace: oracle-database-operator-system
-  labels:
-    cdb: cdb-dev
-spec:
-  cdbResName: "cdb-dev"
-  cdbNamespace: "oracle-database-operator-system"
-  cdbName: "DB12"
-  pdbName: "pdbprd"
-  action: "Modify"
-  pdbState: "OPEN"
-  modifyOption: "READ WRITE"
-  adminName:
-    secret:
-      secretName: "pdbusr"
-      key: "e_pdbusr.txt"
-  adminPwd:
-    secret:
-      secretName: "pdbpwd"
-      key: "e_pdbpwd.txt"
-  pdbTlsKey:
-    secret:
-      secretName: "db-tls"
-      key: "tls.key"
-  pdbTlsCrt:
-    secret:
-      secretName: "db-tls"
-      key: "tls.crt"
-  pdbTlsCat:
-    secret:
-      secretName: "db-ca"
-      key: "ca.crt"
-  webServerUser:
-    secret:
-      secretName: "wbuser"
-      key: "e_wbuser.txt"
-  webServerPwd:
-    secret:
-      secretName: "wbpass"
-      key: "e_wbpass.txt"
-  pdbOrdsPrvKey:
-    secret:
-      secretName: "prvkey"
-      key: "privateKey"
diff --git a/docs/multitenant/ords-based/usecase01/open_pdb3_resource.yaml b/docs/multitenant/ords-based/usecase01/open_pdb3_resource.yaml
deleted file mode 100644
index 5f0e4b77..00000000
--- a/docs/multitenant/ords-based/usecase01/open_pdb3_resource.yaml
+++ /dev/null
@@ -1,47 +0,0 @@
-apiVersion: database.oracle.com/v4
-kind: PDB
-metadata:
-  name: pdb3
-  namespace: oracle-database-operator-system
-  labels:
-    cdb: cdb-dev
-spec:
-  cdbResName: "cdb-dev"
-  cdbNamespace: "oracle-database-operator-system"
-  cdbName: "DB12"
-  pdbName: "new_clone"
-  action: "Modify"
-  pdbState: "OPEN"
-  modifyOption: "READ WRITE"
-  adminName:
-    secret:
-      secretName: "pdbusr"
-      key: "e_pdbusr.txt"
-  adminPwd:
-    secret:
-      secretName: "pdbpwd"
-      key: "e_pdbpwd.txt"
-  pdbTlsKey:
-    secret:
-      secretName: "db-tls"
-      key: "tls.key"
-  pdbTlsCrt:
-    secret:
-      secretName: "db-tls"
-      key: "tls.crt"
-  pdbTlsCat:
-    secret:
-      secretName: "db-ca"
-      key: "ca.crt"
-  webServerUser:
-    secret:
-      secretName: "wbuser"
-      key: "e_wbuser.txt"
-  webServerPwd:
-    secret:
-      secretName: "wbpass"
-      key: "e_wbpass.txt"
-  pdbOrdsPrvKey:
-    secret:
-      secretName: "prvkey"
-      key: "privateKey"
diff --git a/docs/multitenant/ords-based/usecase01/oracle-database-operator-system_binding.yaml b/docs/multitenant/ords-based/usecase01/oracle-database-operator-system_binding.yaml
deleted file mode 100644
index 79e44269..00000000
--- a/docs/multitenant/ords-based/usecase01/oracle-database-operator-system_binding.yaml
+++ /dev/null
@@ -1,13 +0,0 @@
-apiVersion: rbac.authorization.k8s.io/v1
-kind: RoleBinding
-metadata:
-  name: oracle-database-operator-oracle-database-operator-manager-rolebinding2
-  namespace: oracle-database-operator-system
-roleRef:
-  apiGroup: rbac.authorization.k8s.io
-  kind: ClusterRole
-  name: oracle-database-operator-manager-role
-subjects:
-- kind: ServiceAccount
-  name: default
-  namespace: oracle-database-operator-system
diff --git a/docs/multitenant/ords-based/usecase01/oracle-database-operator.yaml b/docs/multitenant/ords-based/usecase01/oracle-database-operator.yaml
deleted file mode 120000
index d5bae7bc..00000000
--- a/docs/multitenant/ords-based/usecase01/oracle-database-operator.yaml
+++ /dev/null
@@ -1 +0,0 @@
-../../../oracle-database-operator.yaml
\ No newline at end of file
diff --git a/docs/multitenant/ords-based/usecase01/parameters.txt b/docs/multitenant/ords-based/usecase01/parameters.txt
deleted file mode 100644
index 0a7b394a..00000000
--- a/docs/multitenant/ords-based/usecase01/parameters.txt
+++ /dev/null
@@ -1,61 +0,0 @@
-
-########################
-## REST SERVER IMAGE ###
-########################
-
-ORDSIMG:_your_container_registry/ords-dboper:latest
-
-##############################
-## TNS URL FOR CDB CREATION ##
-##############################
-TNSALIAS:"T H I S   I S  J U S T   A N  E X A M P L E ....(DESCRIPTION=(CONNECT_TIMEOUT=90)(RETRY_COUNT=30)(RETRY_DELAY=10)(TRANSPORT_CONNECT_TIMEOUT=70)(LOAD_BALLANCE=ON)(ADDRESS=(PROTOCOL=TCP)(HOST=scan12.testrac.com)(PORT=1521)(IP=V4_ONLY))(LOAD_BALLANCE=ON)(ADDRESS=(PROTOCOL=TCP)(HOST=scan34.testrac.com)(PORT=1521)(IP=V4_ONLY))(CONNECT_DATA=(SERVER=DEDICATED)(SERVICE_NAME=TESTORDS)))"
-
-###########################################
-##           ORDS PUBLIC USER            ##
-###########################################
-ORDPWD:Change_me_please
-
-###########################################
-##           SYSPASSWORD                 ##
-###########################################
-SYSPWD:Change_me_please
-
-#######################
-## HTTPS CREDENTIAL ###
-#######################
-
-WBUSER:Change_me_please
-WBPASS:Change_me_please
-
-#####################
-## PDB ADMIN USER ###
-##################### 
-
-PDBUSR:Change_me_please
-PDBPWD:Change_me_please
-
-#####################
-## CDB ADMIN USER ###
-##################### 
-
-CDBUSR:C##DBAPI_CDB_ADMIN
-CDBPWD:Change_me_please
-
-###################
-### NAMESPACES ####
-###################
-
-PDBNAMESPACE:pdbnamespace
-CDBNAMESPACE:cdbnamespace
-
-####################
-### COMPANY NAME ### 
-####################
-
-COMPANY:oracle
-
-####################
-### APIVERSION   ### 
-####################
-
-APIVERSION:v4
diff --git a/docs/multitenant/ords-based/usecase01/pdb_close.yaml b/docs/multitenant/ords-based/usecase01/pdb_close.yaml
deleted file mode 100644
index 5917d33a..00000000
--- a/docs/multitenant/ords-based/usecase01/pdb_close.yaml
+++ /dev/null
@@ -1,44 +0,0 @@
-apiVersion: database.oracle.com/v1alpha1
-kind: PDB
-metadata:
-  name: pdb1
-  namespace: oracle-database-operator-system
-  labels:
-    cdb: cdb-dev
-spec:
-  cdbResName: "cdb-dev"
-  cdbNamespace: "oracle-database-operator-system"
-  cdbName: "DB12"
-  pdbName: "pdbdev"
-  adminName:
-    secret:
-      secretName: "pdb1-secret"
-      key: "sysadmin_user" 
-  adminPwd:
-    secret:
-      secretName: "pdb1-secret"
-      key: "sysadmin_pwd"
-  pdbTlsKey:
-    secret:
-      secretName: "db-tls"
-      key: "tls.key"
-  pdbTlsCrt:
-    secret:
-      secretName: "db-tls"
-      key: "tls.crt"
-  pdbTlsCat:
-    secret:
-      secretName: "db-ca"
-      key: "ca.crt"
-  webServerUser:
-    secret:
-      secretName: "pdb1-secret"
-      key: "webserver_user"
-  webServerPwd:
-    secret:
-      secretName: "pdb1-secret"
-      key: "webserver_pwd"
-  pdbState: "CLOSE"
-  modifyOption: "IMMEDIATE"
-  action: "Modify"
-
diff --git a/docs/multitenant/ords-based/usecase01/pdb_create.yaml b/docs/multitenant/ords-based/usecase01/pdb_create.yaml
deleted file mode 100644
index be3581ad..00000000
--- a/docs/multitenant/ords-based/usecase01/pdb_create.yaml
+++ /dev/null
@@ -1,47 +0,0 @@
-apiVersion: database.oracle.com/v1alpha1
-kind: PDB
-metadata:
-  name: pdb1
-  namespace: oracle-database-operator-system
-  labels:
-    cdb: cdb-dev
-spec:
-  cdbResName: "cdb-dev"
-  cdbNamespace: "oracle-database-operator-system"
-  cdbName: "DB12"
-  pdbName: "pdbdev"
-  adminName:
-    secret:
-      secretName: "pdb1-secret"
-      key: "sysadmin_user" 
-  adminPwd:
-    secret:
-      secretName: "pdb1-secret"
-      key: "sysadmin_pwd"
-  pdbTlsKey:
-    secret:
-      secretName: "db-tls"
-      key: "tls.key"
-  pdbTlsCrt:
-    secret:
-      secretName: "db-tls"
-      key: "tls.crt"
-  pdbTlsCat:
-    secret:
-      secretName: "db-ca"
-      key: "ca.crt"
-  webServerUser:
-    secret:
-      secretName: "pdb1-secret"
-      key: "webserver_user"
-  webServerPwd:
-    secret:
-      secretName: "pdb1-secret"
-      key: "webserver_pwd"
-  fileNameConversions: "NONE"
-  tdeImport: false
-  totalSize: "1G"
-  tempSize: "100M"
-  action: "Create"
-  assertivePdbDeletion: true
-
diff --git a/docs/multitenant/ords-based/usecase01/pdb_delete.yaml b/docs/multitenant/ords-based/usecase01/pdb_delete.yaml
deleted file mode 100644
index c22b546a..00000000
--- a/docs/multitenant/ords-based/usecase01/pdb_delete.yaml
+++ /dev/null
@@ -1,34 +0,0 @@
-apiVersion: database.oracle.com/v1alpha1
-kind: PDB
-metadata:
-  name: pdb1
-  namespace: oracle-database-operator-system
-  labels:
-    cdb: cdb-dev
-spec:
-  cdbResName: "cdb-dev"
-  cdbNamespace: "oracle-database-operator-system"
-  pdbName: "pdbdev"
-  action: "Delete"
-  dropAction: "INCLUDING"
-  pdbTlsKey:
-    secret:
-      secretName: "db-tls"
-      key: "tls.key"
-  pdbTlsCrt:
-    secret:
-      secretName: "db-tls"
-      key: "tls.crt"
-  pdbTlsCat:
-    secret:
-      secretName: "db-ca"
-      key: "ca.crt"
-  webServerUser:
-    secret:
-      secretName: "pdb1-secret"
-      key: "webserver_user"
-  webServerPwd:
-    secret:
-      secretName: "pdb1-secret"
-      key: "webserver_pwd"
-        
diff --git a/docs/multitenant/ords-based/usecase01/pdb_map.yaml b/docs/multitenant/ords-based/usecase01/pdb_map.yaml
deleted file mode 100644
index 3300a7fa..00000000
--- a/docs/multitenant/ords-based/usecase01/pdb_map.yaml
+++ /dev/null
@@ -1,45 +0,0 @@
-apiVersion: database.oracle.com/v1alpha1
-kind: PDB
-metadata:
-  name: pdb1
-  namespace: oracle-database-operator-system
-  labels:
-    cdb: cdb-dev
-spec:
-  cdbResName: "cdb-dev"
-  cdbNamespace: "oracle-database-operator-system"
-  cdbName: "DB12"
-  pdbName: "pdbdev"
-  adminName:
-    secret:
-      secretName: "pdb1-secret"
-      key: "sysadmin_user" 
-  adminPwd:
-    secret:
-      secretName: "pdb1-secret"
-      key: "sysadmin_pwd"
-  pdbTlsKey:
-    secret:
-      secretName: "db-tls"
-      key: "tls.key"
-  pdbTlsCrt:
-    secret:
-      secretName: "db-tls"
-      key: "tls.crt"
-  pdbTlsCat:
-    secret:
-      secretName: "db-ca"
-      key: "ca.crt"
-  webServerUser:
-    secret:
-      secretName: "pdb1-secret"
-      key: "webserver_user"
-  webServerPwd:
-    secret:
-      secretName: "pdb1-secret"
-      key: "webserver_pwd"
-  fileNameConversions: "NONE"
-  totalSize: "1G"
-  tempSize: "100M"
-  action: "Map"
-  assertivePdbDeletion: true
diff --git a/docs/multitenant/ords-based/usecase01/pdb_open.yaml b/docs/multitenant/ords-based/usecase01/pdb_open.yaml
deleted file mode 100644
index 25fdccc4..00000000
--- a/docs/multitenant/ords-based/usecase01/pdb_open.yaml
+++ /dev/null
@@ -1,43 +0,0 @@
-apiVersion: database.oracle.com/v1alpha1
-kind: PDB
-metadata:
-  name: pdb1
-  namespace: oracle-database-operator-system
-  labels:
-    cdb: cdb-dev
-spec:
-  cdbResName: "cdb-dev"
-  cdbNamespace: "oracle-database-operator-system"
-  cdbName: "DB12"
-  pdbName: "pdbdev"
-  adminName:
-    secret:
-      secretName: "pdb1-secret"
-      key: "sysadmin_user" 
-  adminPwd:
-    secret:
-      secretName: "pdb1-secret"
-      key: "sysadmin_pwd"
-  pdbTlsKey:
-    secret:
-      secretName: "db-tls"
-      key: "tls.key"
-  pdbTlsCrt:
-    secret:
-      secretName: "db-tls"
-      key: "tls.crt"
-  pdbTlsCat:
-    secret:
-      secretName: "db-ca"
-      key: "ca.crt"
-  webServerUser:
-    secret:
-      secretName: "pdb1-secret"
-      key: "webserver_user"
-  webServerPwd:
-    secret:
-      secretName: "pdb1-secret"
-      key: "webserver_pwd"
-  action: "Modify"
-  pdbState: "OPEN"
-  modifyOption: "READ WRITE"
diff --git a/docs/multitenant/ords-based/usecase01/pdb_secret.yaml b/docs/multitenant/ords-based/usecase01/pdb_secret.yaml
deleted file mode 100644
index 60d95d76..00000000
--- a/docs/multitenant/ords-based/usecase01/pdb_secret.yaml
+++ /dev/null
@@ -1,16 +0,0 @@
-#
-# Copyright (c) 2022, Oracle and/or its affiliates. All rights reserved.
-# Licensed under the Universal Permissive License v 1.0 as shown at http://oss.oracle.com/licenses/upl.
-#
-apiVersion: v1
-kind: Secret
-metadata:
-  name: pdb1-secret
-  namespace: oracle-database-operator-system
-type: Opaque 
-data: 
-  sysadmin_user:  ".....base64 encoded password...."
-  sysadmin_pwd:   ".....base64 encoded password...."
-  webserver_user: ".....base64 encoded password...."
-  webserver_pwd:  ".....base64 encoded password...."
-
diff --git a/docs/multitenant/ords-based/usecase01/plug_pdb1_resource.yaml b/docs/multitenant/ords-based/usecase01/plug_pdb1_resource.yaml
deleted file mode 100644
index 0e86e10c..00000000
--- a/docs/multitenant/ords-based/usecase01/plug_pdb1_resource.yaml
+++ /dev/null
@@ -1,53 +0,0 @@
-apiVersion: database.oracle.com/v4
-kind: PDB
-metadata:
-  name: pdb1
-  namespace: oracle-database-operator-system
-  labels:
-    cdb: cdb-dev
-spec:
-  cdbResName: "cdb-dev"
-  cdbNamespace: "oracle-database-operator-system"
-  cdbName: "DB12"
-  pdbName: "pdbdev"
-  xmlFileName: "/tmp/pdb.xml"
-  action: "plug"
-  fileNameConversions: "NONE"
-  sourceFileNameConversions: "NONE"
-  copyAction: "MOVE"
-  totalSize: "1G"
-  tempSize: "100M"
-  assertivePdbDeletion: true
-  action: "Plug"
-  adminName:
-    secret:
-      secretName: "pdbusr"
-      key: "e_pdbusr.txt"
-  adminPwd:
-    secret:
-      secretName: "pdbpwd"
-      key: "e_pdbpwd.txt"
-  pdbTlsKey:
-    secret:
-      secretName: "db-tls"
-      key: "tls.key"
-  pdbTlsCrt:
-    secret:
-      secretName: "db-tls"
-      key: "tls.crt"
-  pdbTlsCat:
-    secret:
-      secretName: "db-ca"
-      key: "ca.crt"
-  webServerUser:
-    secret:
-      secretName: "wbuser"
-      key: "e_wbuser.txt"
-  webServerPwd:
-    secret:
-      secretName: "wbpass"
-      key: "e_wbpass.txt"
-  pdbOrdsPrvKey:
-    secret:
-      secretName: "prvkey"
-      key: "privateKey"
diff --git a/docs/multitenant/ords-based/usecase01/server.csr b/docs/multitenant/ords-based/usecase01/server.csr
deleted file mode 100644
index e308d301..00000000
--- a/docs/multitenant/ords-based/usecase01/server.csr
+++ /dev/null
@@ -1,18 +0,0 @@
------BEGIN CERTIFICATE REQUEST-----
-MIIC3TCCAcUCAQAwgZcxCzAJBgNVBAYTAlVTMRMwEQYDVQQIDApDYWxpZm9ybmlh
-MRUwEwYDVQQHDAxTYW5GcmFuY2lzY28xEDAOBgNVBAoMB29yYWNsZSAxNjA0BgNV
-BAMMLWNkYi1kZXYtb3Jkcy5vcmFjbGUtZGF0YWJhc2Utb3BlcmF0b3Itc3lzdGVt
-IDESMBAGA1UEAwwJbG9jYWxob3N0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
-CgKCAQEAm9nlNSQNsPTVqH57MkWKZEyaVtzVKQ8Z3oDK6hWXfB24p0jVj6sTOJkf
-NVAxnqmU8DpW3odpbU6qWe/n+B5vJpqdXUGdsq9NKyus2fGb/xf1UnskpA2FUuWZ
-o3upyCFxDAOvE4eZUzlxIn+54XXaNAdQiU9E8VXPr5YxrvZ15T/xCXLtJPs/RCOF
-cJ8+gvZGcjMbdP16auJDVWZzBaur3eKbiHN7LXNCCRzGO++dv0kGY8vH7MyFfgp3
-qYBiSHS3WDiFUJjYIvfa8lLfP1hnlCyHn8TnU9gjGjmd1YcccSKqWIAT24wPUKVU
-Lme4n91jxDPp7g8nRtDw0Smj9gYCtQIDAQABoAAwDQYJKoZIhvcNAQELBQADggEB
-AGOG/9IJJRvT2JLcuzE5Arai1XHc6Jh65iuDRqXQav47Bz38FFF2gZNO69gzDmhq
-6k7tie+5bPcAHuuJZ0dAa71a9SLjKl+XNkkI0vS6te6OK3DCVUoMqNCk5VdwrJw0
-RORbKUwgLEG6mu80Gc/6wCdeR/36hoYTMeNPjm6M9e+X5ppsXqxCNsgDxasJFT82
-FejuJE2sZ6RCradlDToUHNS1dMLoW0WAIISqOmrDvEI6snm9ZZr3Sxo1auEtpI6v
-NllBM4AgEghy/2mAtke+By4WHCfXBpxEGv9S7ATqJHYrR5Qa3nwx0eojWW1vmn0/
-aEzslX1tAH6oz2jA6QZ0sNo=
------END CERTIFICATE REQUEST-----
diff --git a/docs/multitenant/ords-based/usecase01/tde_secret.yaml b/docs/multitenant/ords-based/usecase01/tde_secret.yaml
deleted file mode 100644
index 7cf66c03..00000000
--- a/docs/multitenant/ords-based/usecase01/tde_secret.yaml
+++ /dev/null
@@ -1,17 +0,0 @@
-#
-# Copyright (c) 2022, Oracle and/or its affiliates. All rights reserved.
-# Licensed under the Universal Permissive License v 1.0 as shown at http://oss.oracle.com/licenses/upl.
-#
-apiVersion: v1
-kind: Secret
-metadata:
-  name: tde1-secret
-  namespace: oracle-database-operator-system
-type: Opaque 
-data: 
-  tdepassword: "bW1hbHZlenoK"
-  tdesecret:   "bW1hbHZlenoK"
-
-
-
-
diff --git a/docs/multitenant/ords-based/usecase01/tls.crt b/docs/multitenant/ords-based/usecase01/tls.crt
deleted file mode 100644
index 6bf8aef4..00000000
--- a/docs/multitenant/ords-based/usecase01/tls.crt
+++ /dev/null
@@ -1,24 +0,0 @@
------BEGIN CERTIFICATE-----
-MIIEFDCCAvygAwIBAgIUd9l6tMS21ak3e4S0VdPhY0jG3gQwDQYJKoZIhvcNAQEL
-BQAwgaExCzAJBgNVBAYTAlVTMRMwEQYDVQQIDApDYWxpZm9ybmlhMRUwEwYDVQQH
-DAxTYW5GcmFuY2lzY28xEDAOBgNVBAoMB29yYWNsZSAxNjA0BgNVBAMMLWNkYi1k
-ZXYtb3Jkcy5vcmFjbGUtZGF0YWJhc2Utb3BlcmF0b3Itc3lzdGVtIDEcMBoGA1UE
-AwwTbG9jYWxob3N0ICBSb290IENBIDAeFw0yNDA4MTIxNTMyMzVaFw0yNTA4MTIx
-NTMyMzVaMIGXMQswCQYDVQQGEwJVUzETMBEGA1UECAwKQ2FsaWZvcm5pYTEVMBMG
-A1UEBwwMU2FuRnJhbmNpc2NvMRAwDgYDVQQKDAdvcmFjbGUgMTYwNAYDVQQDDC1j
-ZGItZGV2LW9yZHMub3JhY2xlLWRhdGFiYXNlLW9wZXJhdG9yLXN5c3RlbSAxEjAQ
-BgNVBAMMCWxvY2FsaG9zdDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB
-AJvZ5TUkDbD01ah+ezJFimRMmlbc1SkPGd6AyuoVl3wduKdI1Y+rEziZHzVQMZ6p
-lPA6Vt6HaW1Oqlnv5/gebyaanV1BnbKvTSsrrNnxm/8X9VJ7JKQNhVLlmaN7qcgh
-cQwDrxOHmVM5cSJ/ueF12jQHUIlPRPFVz6+WMa72deU/8Qly7ST7P0QjhXCfPoL2
-RnIzG3T9emriQ1VmcwWrq93im4hzey1zQgkcxjvvnb9JBmPLx+zMhX4Kd6mAYkh0
-t1g4hVCY2CL32vJS3z9YZ5Qsh5/E51PYIxo5ndWHHHEiqliAE9uMD1ClVC5nuJ/d
-Y8Qz6e4PJ0bQ8NEpo/YGArUCAwEAAaNMMEowSAYDVR0RBEEwP4IsY2RiLWRldi1v
-cmRzLm9yYWNsZS1kYXRhYmFzZS1vcGVyYXRvci1zeXN0ZW2CD3d3dy5leGFtcGxl
-LmNvbTANBgkqhkiG9w0BAQsFAAOCAQEAh7Lsu2ITS6Bc2q/Ef4No5Us0Vo9BWKoL
-AlrfQPjsv1erMGsyEEyZ0Cg8l3QrXlscQ1ESvx0BnRGjoqZGE4+PoVZTEYSkokXP
-aAr69epPzXQRyyAGCg5GeL6IFAj1AzqJGNnKOrPaLpcTri4MboiWmW+MHmgLdyPK
-iwl8bNa8841nK/L/m6QET15BI+MIAvn7pgcpztum5jmkB+eceXzXnKUGg77TaFiX
-bXqVBR4EvexC4DgUfQJI4zJLFdcH/GHxCpaaXNjbXeVz1ZK/qo2TCrXp2UXVrznU
-9VTUuCaQA2VYZCitvAbupt+1OvMFYhWiIAroJSmzrvH4oK+IXgY6GA==
------END CERTIFICATE-----
diff --git a/docs/multitenant/ords-based/usecase01/tls.key b/docs/multitenant/ords-based/usecase01/tls.key
deleted file mode 100644
index 666c5639..00000000
--- a/docs/multitenant/ords-based/usecase01/tls.key
+++ /dev/null
@@ -1,28 +0,0 @@
------BEGIN PRIVATE KEY-----
-MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQCb2eU1JA2w9NWo
-fnsyRYpkTJpW3NUpDxnegMrqFZd8HbinSNWPqxM4mR81UDGeqZTwOlbeh2ltTqpZ
-7+f4Hm8mmp1dQZ2yr00rK6zZ8Zv/F/VSeySkDYVS5Zmje6nIIXEMA68Th5lTOXEi
-f7nhddo0B1CJT0TxVc+vljGu9nXlP/EJcu0k+z9EI4Vwnz6C9kZyMxt0/Xpq4kNV
-ZnMFq6vd4puIc3stc0IJHMY7752/SQZjy8fszIV+CnepgGJIdLdYOIVQmNgi99ry
-Ut8/WGeULIefxOdT2CMaOZ3VhxxxIqpYgBPbjA9QpVQuZ7if3WPEM+nuDydG0PDR
-KaP2BgK1AgMBAAECggEAKUwl1l0FW7yk2Q8a6glPUKCTzSybN1QPEMyj+D9ccsEV
-aw57uKQmZbr9cA0d+OMK2lU7K6BKKXLM5SQTHcZCwcH6rPl0JiMZmbTrCp1hLslU
-clS7MtV6XKsGeTGNncBuyjY3sD8gO9NezTt3L+0gsuS1TI06wZBxhh+QbsJUHzjW
-bC3mNjD4SqXree4Snp05nlFaT2s2isIjj25mKDwBu8IX0BN2VjsaSiQcjb8Dmzmu
-42Xh7bcWBebns8Ehuq9TIl6ZjQht+pmVOMlB862baVpW/9CxkknzM+UQhIkXTSJk
-Jt/mGeO89V4/Zh2N4ixIOE1hw87EvRFBoYh2VF58QQKBgQDMujXYblh+eEdsB1LG
-kY0LerFHuQgdzifYmjPl0jtBsWDmh5i6q9PRUs2JZ/Fsq4QMQ8SLinGzaIBq5FKr
-CL067X5blrFA9H0D6exJI3iHBTQpeMFwtqvu3j+zpCmgzonaUDQrczUpc0hxU7YI
-/jhDe9LSWknPrzzMoWWKuy0sTQKBgQDC4g8F2krqm9Q5ug8bRKTAvMrY0skFIwrP
-5LXBq9C8YCnLnT4S4tYQfbnWaBeG7YpkkmkZe30c9MUjsr1OHZbo+jlxHBU+oRYZ
-e1j0UorVGt7FfNe/zjW0fLd72CBO741EDvV6pVeItkAwH6P5/cbRu085dwvyFbxv
-JmOaYddECQKBgQCuid6YG1NE10SE3CV89uAZtktny18ZEgY0ixrNx5MPaaskPtw9
-4Xofjol+qOhR7lQQpMHu+WQAQYqiFvBHspapo4pDiVCrAQWIDamNnTkHW69h3/qD
-HqmsZzxF6iI3X351akVf+cOMCCXtwCGEvz+2gN12ytT8w/iAuOS6BuP3TQKBgBlf
-v57+diSn13EQtajSPjVOH4ctorjFgEHjQHsP+OSeDLMTLSLeYArTo9+zu+R4hz1j
-BsYnmvmrMQPd4OIL3jtFYTdF9coqxSraMZHWMXdfwUOrZpf1rG5skqNQV5yPejAz
-Vmj6oDQPrrnVVM9W6I0kO0N7KZYCmH9MW0mdlZ6pAoGAB60f2sk35VUBpvh7qzTY
-70WDbNnCCU3I3KZ7LCUwUPWzGLQwMXRlAb5ZMheT/SGPChX4QXCNUCjXkR3Am3NO
-yURHqZIRy0bwZRVjYnlCtc9YQ8pB0isZ1z2a9FXRD75o2WboFZ+VsG0FU81IE2ZO
-gW802gT76NRnz851B7/nFNs=
------END PRIVATE KEY-----
diff --git a/docs/multitenant/ords-based/usecase01/unplug_pdb1_resource.yaml b/docs/multitenant/ords-based/usecase01/unplug_pdb1_resource.yaml
deleted file mode 100644
index 61fe915d..00000000
--- a/docs/multitenant/ords-based/usecase01/unplug_pdb1_resource.yaml
+++ /dev/null
@@ -1,46 +0,0 @@
-apiVersion: database.oracle.com/v4
-kind: PDB
-metadata:
-  name: pdb1
-  namespace: oracle-database-operator-system
-  labels:
-    cdb: cdb-dev
-spec:
-  cdbResName: "cdb-dev"
-  cdbNamespace: "oracle-database-operator-system"
-  cdbName: "DB12"
-  pdbName: "pdbdev"
-  xmlFileName: "/tmp/pdb.xml"
-  action: "Unplug"
-  adminName:
-    secret:
-      secretName: "pdbusr"
-      key: "e_pdbusr.txt"
-  adminPwd:
-    secret:
-      secretName: "pdbpwd"
-      key: "e_pdbpwd.txt"
-  pdbTlsKey:
-    secret:
-      secretName: "db-tls"
-      key: "tls.key"
-  pdbTlsCrt:
-    secret:
-      secretName: "db-tls"
-      key: "tls.crt"
-  pdbTlsCat:
-    secret:
-      secretName: "db-ca"
-      key: "ca.crt"
-  webServerUser:
-    secret:
-      secretName: "wbuser"
-      key: "e_wbuser.txt"
-  webServerPwd:
-    secret:
-      secretName: "wbpass"
-      key: "e_wbpass.txt"
-  pdbOrdsPrvKey:
-    secret:
-      secretName: "prvkey"
-      key: "privateKey"
diff --git a/docs/multitenant/ords-based/usecase02/README.md b/docs/multitenant/ords-based/usecase02/README.md
deleted file mode 100644
index 39978747..00000000
--- a/docs/multitenant/ords-based/usecase02/README.md
+++ /dev/null
@@ -1,523 +0,0 @@
-<span style="font-family:Liberation mono; font-size:0.9em; line-height: 1.1em">
-
-
-# UNPLUG - PLUG - CLONE 
-
-- [UNPLUG - PLUG - CLONE](#unplug---plug---clone)
-    - [INTRODUCTION](#introduction)
-    - [UNPLUG DATABASE](#unplug-database)
-    - [PLUG DATABASE](#plug-database)
-    - [CLONE PDB](#clone-pdb)
-
-### INTRODUCTION
-
-> &#9758; The examples of this folder are based on single namespace   **oracle-database-operator-system**
-
-This page explains how to plug and unplug database a pdb; it assumes that you have already configured a pluggable database (see [usecase01](../usecase01/README.md)).  Check yaml parameters in the CRD tables in the main [README](../README.md) file.
-
-```text
-
-
-                                                        +--------------------------------+
-     UNPLUG PDB                         PLUG PDB        |  CLONE PDB                     |
-                                                        |                                |
-     +-----------+                      +-----------+   | +-----------+  +----------+    |
-     | PDB       |                      | PDB       |   | | PDB       |  |CLONED PDB|    |
-     +----+------+                      +----+------+   | +----+------+  +----------+    |
-          |                                  |          |      |            |            |
-+---->  UNPLUG  -----+                +--> PLUG         |    CLONE ---------+            |
-|         |          |                |      |          |      |                         |
-|    +----+------+   |                | +----+------+   | +----+------+                  |
-|    | Container |   |                | | Container |   | | Container |                  |
-|    |           |   |                | |           |   | |           |                  |
-|    +-----------+   |                | +-----------+   | +-----------+                  |
-|                    |                |                 |                                |
-|             +------+----+           |                 | kubectk apply -f pdb_clone.yaml|
-|             |           |           |                 |                                |
-|      +------|-----------|--------+  |                 +--------------------------------+
-|      | +----+----+   +--+------+ |  |
-|      | |xml file |   |DB FILES | |--+
-|      | +---------+   +---------+ |  |
-|      +---------------------------+  |
-|                                     |
-|                                     |
-+- kubectl apply -f pdb_unplug.yaml   |
-                                      |
-   kubectl apply -f pdb_plug.yaml-----+
-```
-
-### UNPLUG DATABASE 
-
-Use the following command to check kubernets pdb resources. Note that the output of the commands can be tailored to meet your needs. Just check the structure of pdb resource  **kubectl get pdbs -n oracle-database-operator-system -o=json** and modify the script accordingly. For the sake of simplicity put this command in a single script **checkpdbs.sh**.
-
-```bash
-kubectl get pdbs -n oracle-database-operator-system -o=jsonpath='{range .items[*]}
-{"\n==================================================================\n"}
-{"CDB="}{.metadata.labels.cdb}
-{"K8SNAME="}{.metadata.name}
-{"PDBNAME="}{.spec.pdbName}
-{"OPENMODE="}{.status.openMode}
-{"ACTION="}{.status.action}
-{"MSG="}{.status.msg}
-{"\n"}{end}'
-```
-
-We assume that the pluggable database pdbdev is already configured and opened in read write mode  
-
-```bash
-./checkpdbs.sh
-==================================================================
-CDB=cdb-dev
-K8SNAME=pdb1
-PDBNAME=pdbdev
-OPENMODE=READ WRITE
-ACTION=CREATE
-MSG=Success
-
-```
-
-Prepare a new yaml file **pdb_unplug.yaml**  to unplug the pdbdev database. Make sure that the  path of the xml file is correct and check the existence of all the required secrets. Do not reuse an existing xml files.
-
-```yaml
-# Copyright (c) 2022, Oracle and/or its affiliates. All rights reserved.
-# Licensed under the Universal Permissive License v 1.0 as shown at http://oss.oracle.com/licenses/upl.
-#
-#pdb_unplug.yaml
-apiVersion: database.oracle.com/v1alpha1
-kind: PDB
-metadata:
-  name: pdb1
-  namespace: oracle-database-operator-system
-  labels:
-    cdb: cdb-dev
-spec:
-  cdbResName: "cdb-dev"
-  cdbNamespace: "oracle-database-operator-system"
-  cdbName: "DB12"
-  pdbName: "pdbdev"
-  xmlFileName: "/tmp/pdbunplug.xml"
-  action: "Unplug"
-  [ secret sections ]
-```
-
-Close the pluggable database by applying the following yaml file **pdb_close.yaml** 
-
-```yaml
-# Copyright (c) 2022, Oracle and/or its affiliates. All rights reserved.
-# Licensed under the Universal Permissive License v 1.0 as shown at http://oss.oracle.com/licenses/upl.
-#
-#pdb_close.yaml
-apiVersion: database.oracle.com/v1alpha1
-kind: PDB
-metadata:
-  name: pdb1
-  namespace: oracle-database-operator-system
-  labels:
-    cdb: cdb-dev
-spec:
-  cdbResName: "cdb-dev"
-  cdbNamespace: "oracle-database-operator-system"
-  cdbName: "DB12"
-  pdbName: "pdbdev"
-  pdbState: "CLOSE"
-  modifyOption: "IMMEDIATE"
-  action: "Modify"
-  [secret section]
-```
-
-```bash
-kubectl apply -f pdb_close.yaml
-pdb.database.oracle.com/pdb1 configured
-
-sh checkpdbs.sh
-==================================================================
-CDB=cdb-dev
-K8SNAME=pdb1
-PDBNAME=pdbdev
-OPENMODE=MOUNTED
-ACTION=MODIFY
-MSG=Success
-```
-After that apply the unplug file **pdb_unplug.yaml** ; The resource is no longer available once the unplug operation is completed.  
-
-```bash
-kubectl apply -f pdb_unplug.yaml
-pdb.database.oracle.com/pdb1 configured
-
-sh checkpdbs.sh
-==================================================================
-CDB=cdb-dev
-K8SNAME=pdb1
-PDBNAME=pdbdev
-OPENMODE=MOUNTED
-ACTION=MODIFY
-MSG=Waiting for PDB to be unplugged
-```
-
-Check kubernets log files and the database alert log 
-
-```text
-/usr/bin/kubectl logs -f  pod/`/usr/bin/kubectl get pods -n oracle-database-operator-system|grep oracle-database-operator-controller|head -1|cut -d ' ' -f 1` -n oracle-database-operator-system
-[...]
-base-oracle-com-v1alpha1-pdb", "UID": "6f469423-85e5-4287-94d5-3d91a04b621e", "kind": "database.oracle.com/v1alpha1, Kind=PDB", "resource": {"group":"database.oracle.com","version":"v1alpha1","resource":"pdbs"}}
-2023-01-03T14:04:05Z    INFO    pdb-webhook     ValidateUpdate-Validating PDB spec for : pdb1
-2023-01-03T14:04:05Z    INFO    pdb-webhook     validateCommon  {"name": "pdb1"}
-2023-01-03T14:04:05Z    INFO    pdb-webhook     Valdiating PDB Resource Action : UNPLUG
-2023-01-03T14:04:05Z    DEBUG   controller-runtime.webhook.webhooks     wrote response  {"webhook": "/validate-database-oracle-com-v1alpha1-pdb", "code": 200, "reason": "", "UID": "6f469423-85e5-4287-94d5-3d91a04b621e", "allowed": true}
-
-
-[database alert log]
-Domain Action Reconfiguration complete (total time 0.0 secs)
-Completed: ALTER PLUGGABLE DATABASE "pdbdev" UNPLUG INTO '/tmp/pdbunplug.xml'
-DROP PLUGGABLE DATABASE "pdbdev" KEEP DATAFILES
-2023-01-03T14:04:05.518845+00:00
-Deleted Oracle managed file +DATA/DB12/F146D9482AA0260FE0531514000AB1BC/TEMPFILE/temp.266.1125061101
-2023-01-03T14:04:05.547820+00:00
-Stopped service pdbdev
-Completed: DROP PLUGGABLE DATABASE "pdbdev" KEEP DATAFILES
-
-```
-
-
-login to the server and check xml file existence. Verify the datafile path on the ASM filesystem.
-
-```bash
-ls -ltr /tmp/pdbunplug.xml
--rw-r--r--. 1 oracle asmadmin 8007 Jan  3 14:04 /tmp/pdbunplug.xml
-[..]
-cat /tmp/pdbunplug.xml |grep path
-      <path>+DATA/DB12/F146D9482AA0260FE0531514000AB1BC/DATAFILE/system.353.1125061021</path>
-      <path>+DATA/DB12/F146D9482AA0260FE0531514000AB1BC/DATAFILE/sysaux.328.1125061021</path>
-      <path>+DATA/DB12/F146D9482AA0260FE0531514000AB1BC/DATAFILE/undotbs1.347.1125061021</path>
-      <path>+DATA/DB12/F146D9482AA0260FE0531514000AB1BC/TEMPFILE/temp.266.1125061101</path>
-      <path>+DATA/DB12/F146D9482AA0260FE0531514000AB1BC/DATAFILE/undo_2.318.1125061021</path>
-[..]
-asmcmd ls -l +DATA/DB12/F146D9482AA0260FE0531514000AB1BC/DATAFILE/system.353.1125061021
-Type      Redund  Striped  Time             Sys  Name
-DATAFILE  UNPROT  COARSE   JAN 03 14:00:00  Y    system.353.1125061021
-```
-
-### PLUG DATABASE
-
-Prepare a new yaml file **pdb_plug.yaml** to plug the database back into the container. 
-
-```yaml 
-# Copyright (c) 2022, Oracle and/or its affiliates. All rights reserved.
-# Licensed under the Universal Permissive License v 1.0 as shown at http://oss.oracle.com/licenses/upl.
-#
-# pdb_plug.yaml
-apiVersion: database.oracle.com/v1alpha1
-kind: PDB
-metadata:
-  name: pdb1
-  namespace: oracle-database-operator-system
-  labels:
-    cdb: cdb-dev
-spec:
-  cdbResName: "cdb-dev"
-  cdbNamespace: "oracle-database-operator-system"
-  cdbName: "DB12"
-  pdbName: "pdbdev"
-  xmlFileName: "/tmp/pdbunplug.xml"
-  fileNameConversions: "NONE"
-  sourceFileNameConversions: "NONE"
-  copyAction: "MOVE"
-  totalSize: "1G"
-  tempSize: "100M"
-  action: "Plug"
-  [secrets section]
-```
-Apply **pdb_plug.yaml** 
-
-```bash
-kubectl apply -f pdb_plug.yaml
-[...]
-sh checkpdbs.sh
-==================================================================
-CDB=cdb-dev
-K8SNAME=pdb1
-PDBNAME=pdbdev
-OPENMODE=
-ACTION=
-MSG=Waiting for PDB to be plugged
-[...]
-sh checkpdbs.sh
-==================================================================
-CDB=cdb-dev
-K8SNAME=pdb1
-PDBNAME=pdbdev
-OPENMODE=READ WRITE
-ACTION=PLUG
-MSG=Success
-```
-
-Check kubernets log files and the database alert log
-
-```text
-/usr/bin/kubectl logs -f  pod/`/usr/bin/kubectl get pods -n oracle-database-operator-system|grep oracle-database-operator-controller|head -1|cut -d ' ' -f 1` -n oracle-database-operator-system
-
-2023-01-03T14:33:51Z    INFO    pdb-webhook     ValidateCreate-Validating PDB spec for : pdb1
-2023-01-03T14:33:51Z    INFO    pdb-webhook     validateCommon  {"name": "pdb1"}
-2023-01-03T14:33:51Z    INFO    pdb-webhook     Valdiating PDB Resource Action : PLUG
-2023-01-03T14:33:51Z    INFO    pdb-webhook     PDB Resource : pdb1 successfully validated for Action : PLUG
-2023-01-03T14:33:51Z    DEBUG   controller-runtime.webhook.webhooks     wrote response  {"webhook": "/validate-database-oracle-com-v1alpha1-pdb", "code": 200, "reason": "", "UID": "fccac7ba-7540-42ff-93b2-46675506a098", "allowed": true}
-2023-01-03T14:34:16Z    DEBUG   controller-runtime.webhook.webhooks     received request        {"webhook": "/mutate-database-oracle-com-v1alpha1-pdb", "UID": "766dadcc-aeea-4a80-bc17-e957b4a44d3c", "kind": "database.oracle.com/v1alpha1, Kind=PDB", "resource": {"group":"database.oracle.com","version":"v1alpha1","resource":"pdbs"}}
-2023-01-03T14:34:16Z    INFO    pdb-webhook     Setting default values in PDB spec for : pdb1
-2023-01-03T14:34:16Z    DEBUG   controller-runtime.webhook.webhooks     wrote response  {"webhook": "/mutate-database-oracle-com-v1alpha1-pdb", "code": 200, "reason": "", "UID": "766dadcc-aeea-4a80-bc17-e957b4a44d3c", "allowed": true}
-
-[database alert log]
-...
-All grantable enqueues granted
-freeing rdom 3
-freeing the fusion rht of pdb 3
-freeing the pdb enqueue rht
-Domain Action Reconfiguration complete (total time 0.0 secs)
-Completed: CREATE PLUGGABLE DATABASE "pdbdev"
-                USING '/tmp/pdbunplug.xml'
-                SOURCE_FILE_NAME_CONVERT=NONE
-                MOVE
-                FILE_NAME_CONVERT=NONE
-                STORAGE UNLIMITED       TEMPFILE REUSE
-
-2023-01-03T14:35:41.500186+00:00
-ALTER PLUGGABLE DATABASE "pdbdev" OPEN READ WRITE INSTANCES=ALL
-2023-01-03T14:35:41.503482+00:00
-PDBDEV(3):Pluggable database PDBDEV opening in read write
-PDBDEV(3):SUPLOG: Initialize PDB SUPLOG SGA, old value 0x0, new value 0x18
-PDBDEV(3):Autotune of undo retention is turned on
-...
-```
-### CLONE PDB
-
-Prepare and apply a new yaml file **pdb_clone.yaml** to clone the existing pluggable database.
-
-```yaml
-#pdb_clone.yaml
-apiVersion: database.oracle.com/v1alpha1
-kind: PDB
-metadata:
-  name: pdb2
-  namespace: oracle-database-operator-system
-  labels:
-    cdb: cdb-dev
-spec:
-  cdbResName: "cdb-dev"
-  cdbNamespace: "oracle-database-operator-system"
-  cdbName: "DB12"
-  pdbName: "pdb2-clone"
-  srcPdbName: "pdbdev"
-  fileNameConversions: "NONE"
-  totalSize: "UNLIMITED"
-  tempSize: "UNLIMITED"
-  action: "Clone"
-  [secret section]
-
-```
-```bash
-kubectl apply -f pdb_clone.yaml
-pdb.database.oracle.com/pdb2 created
-[oracle@mitk01 https.ords.22]$ sh checkpdbs.sh
-==================================================================
-CDB=cdb-dev
-K8SNAME=pdb1
-PDBNAME=pdbdev
-OPENMODE=READ WRITE
-ACTION=PLUG
-MSG=Success
-==================================================================
-CDB=cdb-dev
-K8SNAME=pdb2
-PDBNAME=pdb2-clone
-OPENMODE=
-ACTION=
-MSG=Waiting for PDB to be cloned
-[...]
-[.wait sometimes..]
- sh checkpdbs.sh
-==================================================================
-CDB=cdb-dev
-K8SNAME=pdb1
-PDBNAME=pdbdev
-OPENMODE=READ WRITE
-ACTION=PLUG
-MSG=Success
-==================================================================
-CDB=cdb-dev
-K8SNAME=pdb2
-PDBNAME=pdb2-clone
-OPENMODE=READ WRITE
-ACTION=CLONE
-MSG=Success
-```
-log info 
-
-```text
-[kubernets log]
-2023-01-03T15:13:31Z    INFO    pdb-webhook      - asClone : false
-2023-01-03T15:13:31Z    INFO    pdb-webhook      - getScript : false
-2023-01-03T15:13:31Z    DEBUG   controller-runtime.webhook.webhooks     wrote response  {"webhook": "/mutate-database-oracle-com-v1alpha1-pdb", "code": 200, "reason": "", "UID": "7c17a715-7e4e-47d4-ad42-dcb37526bb3e", "allowed": true}
-2023-01-03T15:13:31Z    DEBUG   controller-runtime.webhook.webhooks     received request        {"webhook": "/validate-database-oracle-com-v1alpha1-pdb", "UID": "11e0d49c-afaa-47ac-a301-f1fdd1e70173", "kind": "database.oracle.com/v1alpha1, Kind=PDB", "resource": {"group":"database.oracle.com","version":"v1alpha1","resource":"pdbs"}}
-2023-01-03T15:13:31Z    INFO    pdb-webhook     ValidateCreate-Validating PDB spec for : pdb2
-2023-01-03T15:13:31Z    INFO    pdb-webhook     validateCommon  {"name": "pdb2"}
-2023-01-03T15:13:31Z    INFO    pdb-webhook     Valdiating PDB Resource Action : CLONE
-2023-01-03T15:13:31Z    INFO    pdb-webhook     PDB Resource : pdb2 successfully validated for Action : CLONE
-2023-01-03T15:13:31Z    DEBUG   controller-runtime.webhook.webhooks     wrote response  {"webhook": "/validate-database-oracle-com-v1alpha1-pdb", "code": 200, "reason": "", "UID": "11e0d49c-afaa-47ac-a301-f1fdd1e70173", "allowed": true}
-
-[database alert log]
-Domain Action Reconfiguration complete (total time 0.0 secs)
-2023-01-03T15:15:00.670436+00:00
-Completed: CREATE PLUGGABLE DATABASE "pdb2-clone" FROM "pdbdev"
-                STORAGE UNLIMITED
-                TEMPFILE REUSE
-                FILE_NAME_CONVERT=NONE
-ALTER PLUGGABLE DATABASE "pdbdev" CLOSE IMMEDIATE INSTANCES=ALL
-2023-01-03T15:15:00.684271+00:00
-PDBDEV(3):Pluggable database PDBDEV closing
-PDBDEV(3):JIT: pid 8235 requesting stop
-PDBDEV(3):Buffer Cache flush started: 3
-PDBDEV(3):Buffer Cache flush finished: 3
-
-```
-### UNPLUG AND PLUG WITH TDE
-
-
-<span style="color:red">
-
-> &#9888; __WARNING FOR THE TDE USERS__ &#9888; According to the [ords documentation](https://docs.oracle.com/en/database/oracle/oracle-database/21/dbrst/op-database-pdbs-pdb_name-post.html) the plug and unplug operation with tde is supported only if ords runs on the same host of the database which is not the case of operator where ords runs on an isolated pods. Do not use pdb controller for unplug and plug operation with tde in production environments.   
-
-</span>
-
-You can use unplug and plug database with TDE; in order to do that you have to specify a key store path and create new kubernets secret for TDE using the following yaml file. **tde_secrete.yaml**. 
-
-```yaml
-#tde_secret
-apiVersion: v1
-kind: Secret
-metadata:
-  name: tde1-secret
-  namespace: oracle-database-operator-system
-type: Opaque
-data:
-  tdepassword: "...."
-  tdesecret:   "...."
-```
-
-```bash 
-kubectl apply -f tde_secret.yaml
-```
-
-The file to unplug and plug database with TDE are the following 
-
-
-```yaml
-#pdb_unplugtde.yaml
-apiVersion: database.oracle.com/v1alpha1
-kind: PDB
-metadata:
-  name: pdb1
-  namespace: oracle-database-operator-system
-  labels:
-    cdb: cdb-dev
-spec:
-  cdbResName: "cdb-dev"
-  cdbNamespace: "oracle-database-operator-system"
-  cdbName: "DB12"
-  pdbName: "pdbdev"
-  adminName:
-    secret:
-      secretName: 
-      key: "sysadmin_user"
-  adminPwd:
-    secret:
-      secretName: pdb1-secret
-      key: "sysadmin_pwd"
-  pdbTlsKey:
-    secret:
-      secretName: "db-tls"
-      key: "tls.key"
-  pdbTlsCrt:
-    secret:
-      secretName: "db-tls"
-      key: "tls.crt"
-  pdbTlsCat:
-    secret:
-      secretName: "db-ca"
-      key: "ca.crt"
-  tdePassword:
-    secret:
-      secretName: "tde1-secret"
-      key: "tdepassword"
-  tdeSecret:
-    secret:
-      secretName: "tde1-secret"
-      key: "tdesecret"
-  totalSize: 1G
-  tempSize: 1G
-  unlimitedStorage: true
-  reuseTempFile: true
-  fileNameConversions: NONE
-  action: "Unplug"
-  xmlFileName: "/home/oracle/unplugpdb.xml"
-  tdeExport: true
-```
-
-```yaml
-#pdb_plugtde.ymal
-kind: PDB
-metadata:
-  name: pdb1
-  namespace: oracle-database-operator-system
-  labels:
-    cdb: cdb-dev
-spec:
-  cdbResName: "cdb-dev"
-  cdbNamespace: "oracle-database-operator-system"
-  cdbName: "DB12"
-  pdbName: "pdbdev"
-  adminName:
-    secret:
-      secretName: pdb1-secret
-      key: "sysadmin_user"
-  adminPwd:
-    secret:
-      secretName: pdb1-secret
-      key: "sysadmin_pwd"
-  pdbTlsKey:
-    secret:
-      secretName: "db-tls"
-      key: "tls.key"
-  pdbTlsCrt:
-    secret:
-      secretName: "db-tls"
-      key: "tls.crt"
-  pdbTlsCat:
-    secret:
-      secretName: "db-ca"
-      key: "ca.crt"
-  tdePassword:
-    secret:
-      secretName: "tde1-secret"
-      key: "tdepassword"
-  tdeSecret:
-    secret:
-      secretName: "tde1-secret"
-      key: "tdesecret"
-  totalSize: 1G
-  tempSize: "100M"
-  unlimitedStorage: true
-  reuseTempFile: true
-  fileNameConversions: NONE
-  sourceFileNameConversions: "NONE"
-  copyAction: "MOVE"
-  action: "Plug"
-  xmlFileName: /home/oracle/unplugpdb.xml
-  tdeImport: true
-  tdeKeystorePath: /home/oracle/keystore
-
-```
-
-
-</span>
-
-
-
diff --git a/docs/multitenant/ords-based/usecase02/pdb_clone.yaml b/docs/multitenant/ords-based/usecase02/pdb_clone.yaml
deleted file mode 100644
index 5723f7c6..00000000
--- a/docs/multitenant/ords-based/usecase02/pdb_clone.yaml
+++ /dev/null
@@ -1,50 +0,0 @@
-apiVersion: database.oracle.com/v4
-kind: PDB
-metadata:
-  name: pdb3
-  namespace: pdbnamespace
-  labels:
-    cdb: cdb-dev
-spec:
-  cdbResName: "cdb-dev"
-  cdbNamespace: "cdbnamespace"
-  cdbName: "DB12"
-  pdbName: "new_clone"
-  srcPdbName: "pdbdev"
-  fileNameConversions: "NONE"
-  totalSize: "UNLIMITED"
-  tempSize: "UNLIMITED"
-  assertivePdbDeletion: true
-  action: "Clone"
-  adminName:
-    secret:
-      secretName: "pdbusr"
-      key: "e_pdbusr.txt"
-  adminPwd:
-    secret:
-      secretName: "pdbpwd"
-      key: "e_pdbpwd.txt"
-  pdbTlsKey:
-    secret:
-      secretName: "db-tls"
-      key: "tls.key"
-  pdbTlsCrt:
-    secret:
-      secretName: "db-tls"
-      key: "tls.crt"
-  pdbTlsCat:
-    secret:
-      secretName: "db-ca"
-      key: "ca.crt"
-  webServerUser:
-    secret:
-      secretName: "wbuser"
-      key: "e_wbuser.txt"
-  webServerPwd:
-    secret:
-      secretName: "wbpass"
-      key: "e_wbpass.txt"
-  pdbOrdsPrvKey:
-    secret:
-      secretName: "prvkey"
-      key: "privateKey"
diff --git a/docs/multitenant/ords-based/usecase02/pdb_plug.yaml b/docs/multitenant/ords-based/usecase02/pdb_plug.yaml
deleted file mode 100644
index 9eb5ed77..00000000
--- a/docs/multitenant/ords-based/usecase02/pdb_plug.yaml
+++ /dev/null
@@ -1,53 +0,0 @@
-apiVersion: database.oracle.com/v4
-kind: PDB
-metadata:
-  name: pdb1
-  namespace: pdbnamespace
-  labels:
-    cdb: cdb-dev
-spec:
-  cdbResName: "cdb-dev"
-  cdbNamespace: "cdbnamespace"
-  cdbName: "DB12"
-  pdbName: "pdbdev"
-  xmlFileName: "/tmp/pdb.xml"
-  action: "plug"
-  fileNameConversions: "NONE"
-  sourceFileNameConversions: "NONE"
-  copyAction: "MOVE"
-  totalSize: "1G"
-  tempSize: "100M"
-  assertivePdbDeletion: true
-  action: "Plug"
-  adminName:
-    secret:
-      secretName: "pdbusr"
-      key: "e_pdbusr.txt"
-  adminPwd:
-    secret:
-      secretName: "pdbpwd"
-      key: "e_pdbpwd.txt"
-  pdbTlsKey:
-    secret:
-      secretName: "db-tls"
-      key: "tls.key"
-  pdbTlsCrt:
-    secret:
-      secretName: "db-tls"
-      key: "tls.crt"
-  pdbTlsCat:
-    secret:
-      secretName: "db-ca"
-      key: "ca.crt"
-  webServerUser:
-    secret:
-      secretName: "wbuser"
-      key: "e_wbuser.txt"
-  webServerPwd:
-    secret:
-      secretName: "wbpass"
-      key: "e_wbpass.txt"
-  pdbOrdsPrvKey:
-    secret:
-      secretName: "prvkey"
-      key: "privateKey"
diff --git a/docs/multitenant/ords-based/usecase02/pdb_plugtde.yaml b/docs/multitenant/ords-based/usecase02/pdb_plugtde.yaml
deleted file mode 100644
index 995be538..00000000
--- a/docs/multitenant/ords-based/usecase02/pdb_plugtde.yaml
+++ /dev/null
@@ -1,56 +0,0 @@
-#
-# Copyright (c) 2022, Oracle and/or its affiliates. All rights reserved.
-# Licensed under the Universal Permissive License v 1.0 as shown at http://oss.oracle.com/licenses/upl.
-#
-
-apiVersion: database.oracle.com/v4
-kind: PDB
-metadata:
-  name: pdb1
-  namespace: oracle-database-operator-system
-  labels:
-    cdb: cdb-dev
-spec:
-  cdbResName: "cdb-dev"
-  cdbName: "DB12"
-  pdbName: "pdbdev"
-  adminName:
-    secret:
-      secretName: pdb1-secret
-      key: "sysadmin_user"
-  adminPwd:
-    secret:
-      secretName: pdb1-secret
-      key: "sysadmin_pwd"
-  pdbTlsKey:
-    secret:
-      secretName: "db-tls"
-      key: "tls.key"
-  pdbTlsCrt:
-    secret:
-      secretName: "db-tls"
-      key: "tls.crt"
-  pdbTlsCat:
-    secret:
-      secretName: "db-ca"
-      key: "ca.crt"
-  tdePassword:
-    secret:
-      secretName: "tde1-secret"
-      key: "tdepassword"
-  tdeSecret:
-    secret:
-      secretName: "tde1-secret"
-      key: "tdesecret"
-  totalSize: 1G
-  tempSize: "100M"
-  unlimitedStorage: true
-  reuseTempFile: true
-  fileNameConversions: NONE
-  sourceFileNameConversions: "NONE"
-  copyAction: "MOVE"
-  action: "Plug"
-  xmlFileName: /home/oracle/unplugpdb.xml
-  tdeImport: true
-  tdeKeystorePath: /home/oracle/keystore
-
diff --git a/docs/multitenant/ords-based/usecase02/pdb_unplug.yaml b/docs/multitenant/ords-based/usecase02/pdb_unplug.yaml
deleted file mode 100644
index 0036d5f7..00000000
--- a/docs/multitenant/ords-based/usecase02/pdb_unplug.yaml
+++ /dev/null
@@ -1,46 +0,0 @@
-apiVersion: database.oracle.com/v4
-kind: PDB
-metadata:
-  name: pdb1
-  namespace: pdbnamespace
-  labels:
-    cdb: cdb-dev
-spec:
-  cdbResName: "cdb-dev"
-  cdbNamespace: "cdbnamespace"
-  cdbName: "DB12"
-  pdbName: "pdbdev"
-  xmlFileName: "/tmp/pdb.xml"
-  action: "Unplug"
-  adminName:
-    secret:
-      secretName: "pdbusr"
-      key: "e_pdbusr.txt"
-  adminPwd:
-    secret:
-      secretName: "pdbpwd"
-      key: "e_pdbpwd.txt"
-  pdbTlsKey:
-    secret:
-      secretName: "db-tls"
-      key: "tls.key"
-  pdbTlsCrt:
-    secret:
-      secretName: "db-tls"
-      key: "tls.crt"
-  pdbTlsCat:
-    secret:
-      secretName: "db-ca"
-      key: "ca.crt"
-  webServerUser:
-    secret:
-      secretName: "wbuser"
-      key: "e_wbuser.txt"
-  webServerPwd:
-    secret:
-      secretName: "wbpass"
-      key: "e_wbpass.txt"
-  pdbOrdsPrvKey:
-    secret:
-      secretName: "prvkey"
-      key: "privateKey"
diff --git a/docs/multitenant/ords-based/usecase02/pdb_unplugtde.yaml b/docs/multitenant/ords-based/usecase02/pdb_unplugtde.yaml
deleted file mode 100644
index 2eacc5b7..00000000
--- a/docs/multitenant/ords-based/usecase02/pdb_unplugtde.yaml
+++ /dev/null
@@ -1,54 +0,0 @@
-#
-# Copyright (c) 2022, Oracle and/or its affiliates. All rights reserved.
-# Licensed under the Universal Permissive License v 1.0 as shown at http://oss.oracle.com/licenses/upl.
-#
-
-apiVersion: database.oracle.com/v4
-Kind: PDB
-metadata:
-  name: pdb1
-  namespace: oracle-database-operator-system
-  labels:
-    cdb: cdb-dev
-spec:
-  cdbResName: "cdb-dev"
-  cdbName: "DB12"
-  pdbName: "pdbdev"
-  adminName:
-    secret:
-      secretName: pdb1-secret
-      key: "sysadmin_user"
-  adminPwd:
-    secret:
-      secretName: pdb1-secret
-      key: "sysadmin_pwd"
-  pdbTlsKey:
-    secret:
-      secretName: "db-tls"
-      key: "tls.key"
-  pdbTlsCrt:
-    secret:
-      secretName: "db-tls"
-      key: "tls.crt"
-  pdbTlsCat:
-    secret:
-      secretName: "db-ca"
-      key: "ca.crt"
-  tdePassword:
-    secret:
-      secretName: "tde1-secret"
-      key: "tdepassword"
-  tdeSecret:
-    secret:
-      secretName: "tde1-secret"
-      key: "tdesecret"
-  totalSize: 1G
-  tempSize: 1G
-  unlimitedStorage: true
-  reuseTempFile: true
-  fileNameConversions: NONE
-  action: "Unplug"
-  xmlFileName: "/home/oracle/unplugpdb.xml"
-  tdeExport: true
-  tdeKeystorePath: "/home/oracle/keystore"
-
diff --git a/docs/multitenant/provisioning/ords_image.md b/docs/multitenant/provisioning/ords_image.md
deleted file mode 100644
index e2d1dcef..00000000
--- a/docs/multitenant/provisioning/ords_image.md
+++ /dev/null
@@ -1,81 +0,0 @@
-<span style="font-family:Liberation mono; font-size:0.8em; line-height: 1.2em">
-
-# Build ORDS Docker Image
-
-This file contains the steps to create an ORDS based image to be used solely by the PDB life cycle multitentant controllers. 
-
-**NOTE:** It is assumed that before this step, you have followed the [prerequisite](./../README.md#prerequsites-to-manage-pdb-life-cycle-using-oracle-db-operator-on-prem-database-controller) steps.
-
-#### Clone the software using git:
-
-> Under directory ./oracle-database-operator/ords you will find the [Dockerfile](../../../ords/Dockerfile) and [runOrdsSSL.sh](../../../ords/runOrdsSSL.sh) required to build the image.
-
-```sh
- git clone git@orahub.oci.oraclecorp.com:rac-docker-dev/oracle-database-operator.git
- cd oracle-database-operator/ords/
-```
-
-#### Login to the registry: container-registry.oracle.com
-
-**NOTE:** To login to this registry, you will need to the URL https://container-registry.oracle.com , Sign in, then click on "Java" and then accept the agreement.
-
-```bash
-docker login container-registry.oracle.com
-```
-
-#### Login to the your container registry
-
-Login to a repo where you want to push your docker image (if needed) to pull during deployment in your environment.
-
-```bash
-docker login <repo where you want to push the created docker ORDS image>
-```
-
-#### Build the image
-
-Build the docker image by using below command:
-
-```bash
-docker build -t oracle/ords-dboper:latest .
-```
-> If your are working behind a proxy mind to specify https_proxy and http_proxy during image creation  
-
-Check the docker image details using:
-
-```bash
-docker images
-```
-
-> OUTPUT EXAMPLE
-```bash
-REPOSITORY                                                           TAG                 IMAGE ID            CREATED             SIZE
-oracle/ords-dboper                                                   latest              fdb17aa242f8        4 hours ago         1.46GB
-
-```
-
-#### Tag and push the image 
-
-Tag and push the image to your image repository.
-
-NOTE: We have the repo as `phx.ocir.io/<repo_name>/oracle/ords:latest`. Please change as per your environment.
-
-```bash
-docker tag oracle/ords-dboper:ords-latest phx.ocir.io/<repo_name>/oracle/ords:latest
-docker push phx.ocir.io/<repo_name>/oracle/ords:latest
-```
-
-#### In case of private image
-
-If you the image not be public then yuo need to create a secret containing the password of your image repository.
-Create a Kubernetes Secret for your docker repository to pull the image during deployment using the below command:
-
-```bash
-kubectl create secret generic container-registry-secret --from-file=.dockerconfigjson=./.docker/config.json --type=kubernetes.io/dockerconfigjson -n oracle-database-operator-system
-```
-
-Use the parameter `ordsImagePullSecret` to specify the container secrets in pod creation yaml file
-
-#### [Image createion example](../usecase01/logfiles/BuildImage.log)
-
-
-</span>
diff --git a/docs/multitenant/usecase/README.md b/docs/multitenant/usecase/README.md
new file mode 100644
index 00000000..062200ee
--- /dev/null
+++ b/docs/multitenant/usecase/README.md
@@ -0,0 +1,248 @@
+<!-- vscode-markdown-toc -->
+* 1. [Prerequisites](#Prerequisites)
+* 2. [Operator setup](#Operatorsetup)
+* 3. [Secrets creation](#Secretscreation)
+* 4. [Yaml file creation](#Yamlfilecreation)
+* 5. [Run testcase](#Runtestcase)
+* 6. [Makefile targets table](#Makefiletargetstable)
+* 7. [Diag commands and troubleshooting](#Diagcommandsandtroubleshooting)
+	* 7.1. [Connect to rest server pod](#Connecttorestserverpod)
+	* 7.2. [Lrest pod log](#Lrestpodlog)
+	* 7.3. [Monitor control plane](#Monitorcontrolplane)
+	* 7.4. [Error decrypting credential](#Errordecryptingcredential)
+	* 7.5. [Crd details](#Crddetails)
+
+<!-- vscode-markdown-toc-config
+	numbering=true
+	autoSave=true
+	/vscode-markdown-toc-config -->
+<!-- /vscode-markdown-toc -->
+
+
+<span style="font-family:Liberation mono; font-size:0.9em; line-height: 1.1em">
+
+
+
+# Use case directory 
+
+The use case directory contains a makefile to automatically install the Oracle Database Operator (namespace scope configuration) and generate the yaml files to test pdb life cycle management in two different namespaces (one for lrest pod the other one for pdb crd). To simplify and speed up the execution you just need to edit a [parameter file](../usecase/parameters.txt) with all the information about your environment. The makefile script uses parameter file to generate all the yaml file required to test the controllers. 
+After parameters setup there is the operator installation (**make opsetup**) , the secrets installation (**make secrets**), the yaml file generation (**make genyaml**).
+
+![generalschema](../images/usecaseschema.jpg)
+
+**parameter file table of contents**
+```text 
+                                Check the latest version available<--------------+
+                                                                                 |           
+                                                                              +-----+
+LRESTIMG...............:container-registry.oracle.com/database/operator:lrest-241210-amd64
+TNSALIAS...............:[Tnsalias do not use quotes and avoid space in the string --> (DESCRIPTION=(CONNECT_TIMEOUT=90)(RETRY_COUNT=30)(RETRY_DELA....]
+DBUSER.................:[CDB admin user]
+DBPASS.................:[CDB admin user password]
+WBUSER.................:[HTTPS user]
+WBPASS.................:[HTTPS user password]
+PDBUSR.................:[PDB admin user]
+PDBPWD.................:[PDB admin user password]
+PDBNAMESPACE...........:[pdb namespace]
+LRSNAMESPACE...........:[cdb namespace]
+COMPANY................:[your company name]
+APIVERSION.............:[v4 --> do not edit]
+SERVICENAMEACCOUNT.....:[service account - for openshift ]
+AUTODISCOVER...........:[boolean: check for pdb with no crd ]
+CODE_TREE..............:[Is the path of the directory with the original operator yaml file]
+CERT_MANAGER...........:https://github.com/cert-manager/cert-manager/releases/download/v1.16.2/cert-manager.yaml
+OPENSHIFT..............:[boolean]
+```
+
+Verify parameters using ``make check`` command.
+
+##  1. <a name='Prerequisites'></a>Prerequisites
+
+- Ensure that **kubectl** is properly installed on your client.
+- Even if the makefile automation, read carefully the [operator installation page](../../../../docs/installation/OPERATOR_INSTALLATION_README.md). (role binding,webcert,etc)
+- Ensure that the administrative user (admin) on the container database is configured as documented.
+
+eg
+
+```sql
+-- Connect to the  container and creates the administrative user 
+alter session set "_oracle_script"=true;
+create user [DBUSER] identified by [DBPASS];
+grant create session to restdba container=all;
+grant sysdba to restdba container=all;
+```
+
+##  2. <a name='Operatorsetup'></a>Operator setup
+
+```bash
+make opsetup
+```
+The make target **make opsetup** does the following actions:
+- Creates a copy the original **oracle-database-operator.yaml** and updates the WATCH_NAMESPACE list with the pdbnamespace and cdbnamespace values.
+- [Applies the certmaneger](../../../README.md#install-cert-manager)
+- Creates two namespaces: one for the lrest pod and the other one for the pdb controller.
+- [Namespace Scoped Deployment](../../../README.md#2-namespace-scoped-deployment)
+- Applies the oracle-database-operator.yaml
+- [ClusterRole and ClusterRoleBinding for NodePort services](../../../README.md#clusterrole-and-clusterrolebinding-for-nodeport-services)
+
+👉 **If your are running on Openshift you need to manually apply the [service context file](./security_context.yaml)** 
+
+##  3. <a name='Secretscreation'></a>Secrets creation 
+
+```bash
+make secrets
+```
+**make secrets** creates secrets encrypting the credential specified in the parameters
+
+##  4. <a name='Yamlfilecreation'></a>Yaml file creation 
+
+```bash
+make genyaml
+```
+**make genyaml** generates the required `yaml` files to work with multitenant controllers.
+
+##  5. <a name='Runtestcase'></a>Run testcase 
+
+```bash
+make runall00
+```
+
+You can run **make runall00** to test all the functionality the multitenant controller 
+
+##  6. <a name='Makefiletargetstable'></a>Makefile targets table
+
+ | target          | action              | additional info |
+ |-----------------|---------------------|-----------------|
+ |tkapplyinit      | config map creation |                 |
+ |run00            | lrest pod creation  |                 |
+ |run01.1          | pdb1 creation       |                 |
+ |run01.2          | pdb2 creation       |                 |
+ |run02.1          | pdb1 open           | declarative     |
+ |run02.2          | pdb2 open           | declarative     |
+ |run03.1          | pdb1 clone          | declarative     |
+ |run04.1          | pdb1 close          | declarative     |
+ |run04.2          | pdb2 close          | declatative     |
+ |run05.1          | pdb1 unplug         | declarative     |
+ |run06.1          | pdb1 plug           | declarative     |
+ |openpdb1         | pdb1 open           | imperative      |
+ |openpdb2         | pdb2 open           | imperative      |
+ |closepdb1        | pdb1 close          | imperative      |
+ |closepdb2        | pdb2 close          | imperative      |
+ |openpdb1rs       | pdb1 open restrict  | imperative      |
+ |openpdb2rs       | pdb2 open restrict  | imperative      |
+ |tkaudosicov      | test autodiscovery  |                 |
+ |tkplsqlexec      | test sql/plsql      |                 |
+ |tkapplyinit      | apply init map      |                 |
+ |altercpu         | alter cpu_count     | make  altercpu LRPDBNAME=_lrpdb resource_ CPU_COUNT=_cpu count value_   |
+ |open             | open pdb  [imperative]| make open LRPDBNAME=_lrpdb resource_ |
+ |close            | close pdb [imperative]| make close LRPDBNAME=_lrpdb resource_ |
+ |listimage        | images available on the cluster|      |
+ |dumpoperator     | dump operator log   |                 |
+ |dumplrest        | dump lrest log      |                 |
+ |login            | connect to lrest pod|                 |
+ |reloadod         | reload operator img |                 | 
+ |mgrrestart       | manager restart     |                 |
+ |**opsetup**      | install the  operator|                |
+ |**secrets**      | create secrets      |                 |
+ |**genyaml**      | generate the yaml files|              |
+ |opclean          | deintall the operator|                |   
+ |cleanlrest       | drop lrest resource | **lrest name hard coded** | 
+ |rest             | rest status bitmask | make rest LRPDBNAME=_resname_ RESETVALUE=_new bitmask value_ |
+ |tkautd           | Turn on/off autodiscover |  make tkautd AUTOD=true/false |
+ |tkdelcs          | Turn on/off pdb delete cascade | make tkdelcs DELETECS=true/false |
+ |tkdelcrd         |Turn ON/OFF lrest pdb imperativeLrpdb deletion |  make tkdelcrd DELETECRD=true/false  LRPDBNAME=_lrpdb resource name_ |
+ | checkimpdel     | report of imperative delete setting ||
+
+
+##  7. <a name='Diagcommandsandtroubleshooting'></a>Diag commands and troubleshooting
+
+###  7.1. <a name='Connecttorestserverpod'></a>Connect to rest server pod
+
+```bash 
+/usr/bin/kubectl exec   <podname> -n <namespace> -it -- /bin/bash
+```
+
+###  7.2. <a name='Lrestpodlog'></a>Lrest pod log
+
+```bash
+kubectl logs  `kubectl get pods -o custom-columns=:metadata.name -n cdbnamespace --no-headers ` -n cdbnamespace
+```
+
+```bash 
+## example ##
+
+kubectl get pods -n cdbnamespace
+NAME                     READY   STATUS    RESTARTS      AGE
+cdb-dev-lrest-rs-fnw99   1/1     Running   1 (17h ago)   18h
+
+kubectl exec  cdb-dev-lrest-rs-fnw99 -n cdbnamespace -it -- /bin/bash
+[oracle@cdb-dev-lrest-rs-fnw99 ~]$
+```
+
+###  7.3. <a name='Monitorcontrolplane'></a>Monitor control plane
+
+```bash
+kubectl logs -f -l control-plane=controller-manager -n oracle-database-operator-system
+```
+```bash 
+## output example: ##
+2024-10-28T23:54:25Z    INFO    lrpdb-webhook   ValidateUpdate-Validating LRPDB spec for : lrpdb2
+2024-10-28T23:54:25Z    INFO    lrpdb-webhook   validateCommon  {"name": "lrpdb2"}
+2024-10-28T23:54:25Z    INFO    lrpdb-webhook   Valdiating LRPDB Resource Action : MODIFY
+2024-10-29T10:07:34Z    INFO    lrpdb-webhook   ValidateUpdate-Validating LRPDB spec for : lrpdb2
+2024-10-29T10:07:34Z    INFO    lrpdb-webhook   ValidateUpdate-Validating LRPDB spec for : lrpdb1
+2024-10-29T16:49:15Z    INFO    lrpdb-webhook   ValidateUpdate-Validating LRPDB spec for : lrpdb1
+2024-10-29T16:49:15Z    INFO    lrpdb-webhook   validateCommon  {"name": "lrpdb1"}
+2024-10-29T16:49:15Z    INFO    lrpdb-webhook   Valdiating LRPDB Resource Action : CREATE
+2024-10-29T10:07:20Z    INFO    controller-runtime.certwatcher  Updated current TLS certificate
+2024-10-29T10:07:20Z    INFO    controller-runtime.webhook      Serving webhook server  {"host": "", "port": 9443}
+2024-10-29T10:07:20Z    INFO    controller-runtime.certwatcher  Starting certificate watcher
+I1029 10:07:20.189724       1 leaderelection.go:250] attempting to acquire leader lease oracle-database-operator-system/a9d608ea.oracle.com...
+2024-10-29T16:49:15Z    INFO    lrpdb-webhook   Setting default values in LRPDB spec for : lrpdb1
+
+```
+
+###  7.4. <a name='Errordecryptingcredential'></a>Error decrypting credential 
+
+In the following example you can see a resource creation failure due to a decryption issue
+
+```text 
+2024-10-30T10:09:08Z    INFO    controllers.LRPDB       getEncriptedSecret :pdbusr      {"getEncriptedSecret": {"name":"lrpdb1","namespace":"pdbnamespace"}}
+2024-10-30T10:09:08Z    ERROR   controllers.LRPDB       Failed to parse private key - x509: failed to parse private key (use ParsePKCS1PrivateKey instead for this key format)     {"DecryptWithPrivKey": {"name":"lrpdb1","namespace":"pdbnamespace"}, "error": "x509: failed to parse private key (use ParsePKCS1PrivateKey instead for this key format)"}
+```
+
+**Solution**: Ensure you use **PCKS8** format during private key generation. If you are not using `openssl3`, then run this command:
+
+```bash
+openssl genpkey -algorithm RSA  -pkeyopt rsa_keygen_bits:2048 -pkeyopt rsa_keygen_pubexp:65537 > mykey
+```
+###  7.5. <a name='Crddetails'></a>Crd details 
+Use the **describe** option to obtain `crd` information
+
+```bash
+kubectl describe lrpdb lrpdb1 -n pdbnamespace
+[...]
+    Secret:
+      Key:          e_wbuser.txt
+      Secret Name:  wbuser
+Status:
+  Action:       CREATE
+  Bitstat:      25
+  Bitstatstr:   |MPAPPL|MPWARN|MPINIT|
+  Conn String:  (DESCRIPTION=(CONNECT_TIMEOUT=90)(RETRY_COUNT=30)(RETRY_DELAY=10)(TRANSPORT_CONNECT_TIMEOUT=70)(LOAD_BALLANCE=ON)(ADDRESS=(PROTOCOL=TCP)(HOST=scan12.testrac.com)(PORT=1521)(IP=V4_ONLY))(LOAD_BALLANCE=ON)(ADDRESS=(PROTOCOL=TCP)(HOST=scan34.testrac.com)(PORT=1521)(IP=V4_ONLY))(CONNECT_DATA=(SERVER=DEDICATED)(SERVICE_NAME=pdbdev)))
+  Msg:          Success
+  Open Mode:    MOUNTED
+  Phase:        Ready
+  Status:       true
+  Total Size:   2G
+Events:
+  Type     Reason     Age                   From   Message
+  ----     ------     ----                  ----   -------
+  Normal   Created    108s                  LRPDB  LRPDB 'pdbdev' created successfully
+  Normal   Created    108s                  LRPDB  PDB 'pdbdev' assertive pdb deletion turned on
+  Warning  LRESTINFO  95s                   LRPDB  pdb=pdbdev:test_invalid_parameter:16:spfile:2065
+  Warning  Done       15s (x12 over 2m25s)  LRPDB  cdb-dev
+
+```
+
+</span>
\ No newline at end of file
diff --git a/docs/multitenant/lrest-based/usecase/altersystem_pdb1_resource.yaml b/docs/multitenant/usecase/altersystem_pdb1_resource.yaml
similarity index 97%
rename from docs/multitenant/lrest-based/usecase/altersystem_pdb1_resource.yaml
rename to docs/multitenant/usecase/altersystem_pdb1_resource.yaml
index 0467a948..7e4deaa5 100644
--- a/docs/multitenant/lrest-based/usecase/altersystem_pdb1_resource.yaml
+++ b/docs/multitenant/usecase/altersystem_pdb1_resource.yaml
@@ -10,12 +10,9 @@ spec:
   cdbNamespace: "cdbnamespace"
   cdbName: "DB12"
   pdbName: "pdbdev"
-  action: "Alter"
   alterSystemParameter : "cpu_count"
   alterSystemValue : "3"
   parameterScope : "memory"
-
-
   adminpdbUser:
     secret:
       secretName: "pdbusr"
diff --git a/docs/multitenant/lrest-based/usecase/cdbnamespace_binding.yaml b/docs/multitenant/usecase/cdbnamespace_binding.yaml
similarity index 100%
rename from docs/multitenant/lrest-based/usecase/cdbnamespace_binding.yaml
rename to docs/multitenant/usecase/cdbnamespace_binding.yaml
diff --git a/docs/multitenant/lrest-based/usecase/clone_pdb1_resource.yaml b/docs/multitenant/usecase/clone_pdb1_resource.yaml
similarity index 95%
rename from docs/multitenant/lrest-based/usecase/clone_pdb1_resource.yaml
rename to docs/multitenant/usecase/clone_pdb1_resource.yaml
index 2c4afe13..dfeac7ab 100644
--- a/docs/multitenant/lrest-based/usecase/clone_pdb1_resource.yaml
+++ b/docs/multitenant/usecase/clone_pdb1_resource.yaml
@@ -15,8 +15,7 @@ spec:
   totalSize: "UNLIMITED"
   tempSize: "UNLIMITED"
   pdbconfigmap: "config-map-pdb"
-  assertiveLrpdbDeletion: true
-  action: "Clone"
+  imperativeLrpdbDeletion: true
   adminpdbUser:
     secret:
       secretName: "pdbusr"
diff --git a/docs/multitenant/lrest-based/usecase/clone_pdb2_resource.yaml b/docs/multitenant/usecase/clone_pdb2_resource.yaml
similarity index 95%
rename from docs/multitenant/lrest-based/usecase/clone_pdb2_resource.yaml
rename to docs/multitenant/usecase/clone_pdb2_resource.yaml
index 16255a87..aeabc9d0 100644
--- a/docs/multitenant/lrest-based/usecase/clone_pdb2_resource.yaml
+++ b/docs/multitenant/usecase/clone_pdb2_resource.yaml
@@ -15,8 +15,7 @@ spec:
   totalSize: "UNLIMITED"
   tempSize: "UNLIMITED"
   pdbconfigmap: "config-map-pdb"
-  assertiveLrpdbDeletion: true
-  action: "Clone"
+  imperativeLrpdbDeletion: true
   adminpdbUser:
     secret:
       secretName: "pdbusr"
diff --git a/docs/multitenant/lrest-based/usecase/close_pdb1_resource.yaml b/docs/multitenant/usecase/close_pdb1_resource.yaml
similarity index 97%
rename from docs/multitenant/lrest-based/usecase/close_pdb1_resource.yaml
rename to docs/multitenant/usecase/close_pdb1_resource.yaml
index 87f7383d..4f5c9cb4 100644
--- a/docs/multitenant/lrest-based/usecase/close_pdb1_resource.yaml
+++ b/docs/multitenant/usecase/close_pdb1_resource.yaml
@@ -12,7 +12,6 @@ spec:
   pdbName: "pdbdev"
   pdbState: "CLOSE"
   modifyOption: "IMMEDIATE"
-  action: "Modify"
   adminpdbUser:
     secret:
       secretName: "pdbusr"
diff --git a/docs/multitenant/lrest-based/usecase/close_pdb2_resource.yaml b/docs/multitenant/usecase/close_pdb2_resource.yaml
similarity index 97%
rename from docs/multitenant/lrest-based/usecase/close_pdb2_resource.yaml
rename to docs/multitenant/usecase/close_pdb2_resource.yaml
index 0743bd8c..c37c8184 100644
--- a/docs/multitenant/lrest-based/usecase/close_pdb2_resource.yaml
+++ b/docs/multitenant/usecase/close_pdb2_resource.yaml
@@ -12,7 +12,6 @@ spec:
   pdbName: "pdbprd"
   pdbState: "CLOSE"
   modifyOption: "IMMEDIATE"
-  action: "Modify"
   adminpdbUser:
     secret:
       secretName: "pdbusr"
diff --git a/docs/multitenant/lrest-based/usecase/close_pdb3_resource.yaml b/docs/multitenant/usecase/close_pdb3_resource.yaml
similarity index 95%
rename from docs/multitenant/lrest-based/usecase/close_pdb3_resource.yaml
rename to docs/multitenant/usecase/close_pdb3_resource.yaml
index 6c6ca519..6b201d95 100644
--- a/docs/multitenant/lrest-based/usecase/close_pdb3_resource.yaml
+++ b/docs/multitenant/usecase/close_pdb3_resource.yaml
@@ -9,10 +9,9 @@ spec:
   cdbResName: "cdb-dev"
   cdbNamespace: "cdbnamespace"
   cdbName: "DB12"
-  pdbName: ""new_clone"
+  pdbName: "new_clone"
   pdbState: "CLOSE"
   modifyOption: "IMMEDIATE"
-  action: "Modify"
   adminpdbUser:
     secret:
       secretName: "pdbusr"
diff --git a/docs/multitenant/lrest-based/usecase/config_map_pdb.yaml b/docs/multitenant/usecase/config_map_pdb.yaml
similarity index 100%
rename from docs/multitenant/lrest-based/usecase/config_map_pdb.yaml
rename to docs/multitenant/usecase/config_map_pdb.yaml
diff --git a/docs/multitenant/usecase/config_map_plsql.yaml b/docs/multitenant/usecase/config_map_plsql.yaml
new file mode 100644
index 00000000..1a4f998e
--- /dev/null
+++ b/docs/multitenant/usecase/config_map_plsql.yaml
@@ -0,0 +1,29 @@
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: sql-map-example1
+  namespace: pdbnamespace
+data:
+  plblock1.sql: |
+        create user k8stestuser identified by tkstestuser
+  plblock2.sql: |
+        grant dba to k8stestuser
+  plblock3.sql: |
+        create table k8stestuser.rndnum (c1 number ,c2 number)
+  plblock4.sql: |
+        alter session set events '942 trace name errorstack level  3'
+  plblock5.sql: |
+        create or replace  procedure k8stestuser.gennum 
+        as 
+        begin 
+        for cnt in 1..100 
+        loop 
+           insert into k8stestuser.rndnum values (dbms_random.value(1,100), 
+           dbms_random.value(1,100));
+           end loop;
+           commit;
+        end;
+  plblock6.sql: |
+        begin 
+        k8stestuser.gennum;
+        end;
diff --git a/docs/multitenant/lrest-based/usecase/create_lrest_pod.yaml b/docs/multitenant/usecase/create_lrest_pod.yaml
similarity index 86%
rename from docs/multitenant/lrest-based/usecase/create_lrest_pod.yaml
rename to docs/multitenant/usecase/create_lrest_pod.yaml
index b80c1c56..926a4462 100644
--- a/docs/multitenant/lrest-based/usecase/create_lrest_pod.yaml
+++ b/docs/multitenant/usecase/create_lrest_pod.yaml
@@ -10,6 +10,11 @@ spec:
   dbTnsurl : "(DESCRIPTION=(CONNECT_TIMEOUT=90)(RETRY_COUNT=30)(RETRY_DELAY=10)(TRANSPORT_CONNECT_TIMEOUT=70)(LOAD_BALLANCE=ON)(ADDRESS=(PROTOCOL=TCP)(HOST=scan12.testrac.com)(PORT=1521)(IP=V4_ONLY))(LOAD_BALLANCE=ON)(ADDRESS=(PROTOCOL=TCP)(HOST=scan34.testrac.com)(PORT=1521)(IP=V4_ONLY))(CONNECT_DATA=(SERVER=DEDICATED)(SERVICE_NAME=TESTORDS)))"
   replicas: 1
   deletePdbCascade: true
+  autodiscover: false
+  namespaceAutoDiscover: pdbnamespace
+  clusterIp: false
+  loadBalancer: false
+  trace_level_client : 16 
   cdbAdminUser:
     secret:
       secretName: "dbuser"
@@ -34,6 +39,10 @@ spec:
     secret:
       secretName: "db-tls"
       key: "tls.crt"
+  cdbTlsCat:
+    secret:
+      secretName: "db-ca"
+      key: "ca.crt"
   cdbPubKey:
     secret:
       secretName: "pubkey"
diff --git a/docs/multitenant/lrest-based/usecase/create_pdb1_resource.yaml b/docs/multitenant/usecase/create_pdb1_resource.yaml
similarity index 95%
rename from docs/multitenant/lrest-based/usecase/create_pdb1_resource.yaml
rename to docs/multitenant/usecase/create_pdb1_resource.yaml
index fa58d36a..1ce6476c 100644
--- a/docs/multitenant/lrest-based/usecase/create_pdb1_resource.yaml
+++ b/docs/multitenant/usecase/create_pdb1_resource.yaml
@@ -10,14 +10,13 @@ spec:
   cdbNamespace: "cdbnamespace"
   cdbName: "DB12"
   pdbName: "pdbdev"
-  assertiveLrpdbDeletion: true
+  imperativeLrpdbDeletion: true
   fileNameConversions: "NONE"
   unlimitedStorage: false
   pdbconfigmap: "config-map-pdb"
   tdeImport: false
   totalSize: "2G"
   tempSize: "800M"
-  action: "Create"
   adminpdbUser:
     secret:
       secretName: "pdbusr"
diff --git a/docs/multitenant/lrest-based/usecase/create_pdb2_resource.yaml b/docs/multitenant/usecase/create_pdb2_resource.yaml
similarity index 95%
rename from docs/multitenant/lrest-based/usecase/create_pdb2_resource.yaml
rename to docs/multitenant/usecase/create_pdb2_resource.yaml
index 02d5763b..a966de91 100644
--- a/docs/multitenant/lrest-based/usecase/create_pdb2_resource.yaml
+++ b/docs/multitenant/usecase/create_pdb2_resource.yaml
@@ -10,14 +10,13 @@ spec:
   cdbNamespace: "cdbnamespace"
   cdbName: "DB12"
   pdbName: "pdbprd"
-  assertiveLrpdbDeletion: true
+  imperativeLrpdbDeletion: true
   fileNameConversions: "NONE"
   unlimitedStorage: false
   pdbconfigmap: "config-map-pdb"
   tdeImport: false
   totalSize: "2G"
   tempSize: "800M"
-  action: "Create"
   adminpdbUser:
     secret:
       secretName: "pdbusr"
diff --git a/docs/multitenant/lrest-based/usecase/delete_pdb1_resource.yaml b/docs/multitenant/usecase/delete_pdb1_resource.yaml
similarity index 94%
rename from docs/multitenant/lrest-based/usecase/delete_pdb1_resource.yaml
rename to docs/multitenant/usecase/delete_pdb1_resource.yaml
index 1a3c328a..751de900 100644
--- a/docs/multitenant/lrest-based/usecase/delete_pdb1_resource.yaml
+++ b/docs/multitenant/usecase/delete_pdb1_resource.yaml
@@ -9,8 +9,9 @@ spec:
   cdbResName: "cdb-dev"
   cdbNamespace: "cdbnamespace"
   pdbName: "pdbdev"
-  action: "Delete"
+  pdbState: "DELETE"
   dropAction: "INCLUDING"
+  imperativeLrpdbDeletion: true
   adminpdbUser:
     secret:
       secretName: "pdbusr"
diff --git a/docs/multitenant/lrest-based/usecase/delete_pdb2_resource.yaml b/docs/multitenant/usecase/delete_pdb2_resource.yaml
similarity index 94%
rename from docs/multitenant/lrest-based/usecase/delete_pdb2_resource.yaml
rename to docs/multitenant/usecase/delete_pdb2_resource.yaml
index 747641d4..01118ea0 100644
--- a/docs/multitenant/lrest-based/usecase/delete_pdb2_resource.yaml
+++ b/docs/multitenant/usecase/delete_pdb2_resource.yaml
@@ -9,8 +9,9 @@ spec:
   cdbResName: "cdb-dev"
   cdbNamespace: "cdbnamespace"
   pdbName: "pdbprd"
-  action: "Delete"
+  pdbState: "DELETE"
   dropAction: "INCLUDING"
+  imperativeLrpdbDeletion: true
   adminpdbUser:
     secret:
       secretName: "pdbusr"
diff --git a/docs/multitenant/usecase/delete_pdb3_resource.yaml b/docs/multitenant/usecase/delete_pdb3_resource.yaml
new file mode 100644
index 00000000..9c57c5c1
--- /dev/null
+++ b/docs/multitenant/usecase/delete_pdb3_resource.yaml
@@ -0,0 +1,46 @@
+apiVersion: database.oracle.com/v4
+kind: LRPDB
+metadata:
+  name: pdb3
+  namespace: pdbnamespace
+  labels:
+    cdb: cdb-dev
+spec:
+  cdbResName: "cdb-dev"
+  cdbNamespace: "cdbnamespace"
+  pdbName: "new_clone"
+  pdbState: "DELETE"
+  dropAction: "INCLUDING"
+  imperativeLrpdbDeletion: true
+  adminpdbUser:
+    secret:
+      secretName: "pdbusr"
+      key: "e_pdbusr.txt"
+  adminpdbPass:
+    secret:
+      secretName: "pdbpwd"
+      key: "e_pdbpwd.txt"
+  lrpdbTlsKey:
+    secret:
+      secretName: "db-tls"
+      key: "tls.key"
+  lrpdbTlsCrt:
+    secret:
+      secretName: "db-tls"
+      key: "tls.crt"
+  lrpdbTlsCat:
+    secret:
+      secretName: "db-ca"
+      key: "ca.crt"
+  webServerUser:
+    secret:
+      secretName: "wbuser"
+      key: "e_wbuser.txt"
+  webServerPwd:
+    secret:
+      secretName: "wbpass"
+      key: "e_wbpass.txt"
+  cdbPrvKey:
+    secret:
+      secretName: "prvkey"
+      key: "privateKey"
diff --git a/docs/multitenant/usecase/makefile b/docs/multitenant/usecase/makefile
new file mode 100644
index 00000000..a05f3e47
--- /dev/null
+++ b/docs/multitenant/usecase/makefile
@@ -0,0 +1,1545 @@
+# Copyright (c) 2022, Oracle and/or its affiliates.
+# Licensed under the Universal Permissive License v 1.0 as shown at http://oss.oracle.com/licenses/upl.
+#   __  __       _         __ _ _
+#  |  \/  | __ _| | _____ / _(_) | ___
+#  | |\/| |/ _` | |/ / _ \ |_| | |/ _ \
+#  | |  | | (_| |   <  __/  _| | |  __/
+#  |_|  |_|\__,_|_|\_\___|_| |_|_|\___|
+#  | | | | ___| |_ __   ___ _ __
+#  | |_| |/ _ \ | '_ \ / _ \ '__|
+#  |  _  |  __/ | |_) |  __/ |
+#  |_| |_|\___|_| .__/ \___|_|
+#               |_|
+#
+#  WARNING: Using this makefile helps you to customize yaml  
+#           files. Edit parameters.txt with your enviroment 
+#           informartion and execute the following steps
+#
+#         1) make opsetup
+#            it configures the operator yaml files with the 
+#            watch namelist required by the multitenant controllers
+#      
+#         2) make secrets
+#            It configure the required secrets necessary to operate
+#            with pdbs multitenant controllers
+#
+#         3) make genyaml 
+#            It automatically creates all the yaml files based on the 
+#            information available in the parameters file 
+#            
+#            LIST OF GENERAED YAML FILE
+#
+#               -----------------------------       ----------------------------------
+# 		oracle-database-operator.yaml     : oracle database operator
+# 		lrestnamespace_binding.yaml       : role binding for lrestnamespace
+# 		pdbnamespace_binding.yaml         : role binding for pdbnamespace
+# 		create_lrest_secret.yaml          : create secrets for rest server pod
+# 		create_lrpdb_secret.yaml          : create secrets for pluggable database
+# 		create_lrest_pod.yaml             : create rest server pod
+# 		create_pdb1_resource.yaml         : create first pluggable database
+# 		create_pdb2_resource.yaml         : create second pluggable database
+# 		open_pdb1_resource.yaml           : open first pluggable database
+# 		open_pdb2_resource.yaml           : open second pluggable database
+# 		close_pdb1_resource.yaml          : close first pluggable database
+# 		close_pdb2_resource.yaml          : close second pluggable database
+# 		clone_lrpdb_resource.yaml         : clone thrid pluggable database
+# 		clone_pdb2_resource.yaml          : clone 4th pluggable database
+# 		delete_pdb1_resource.yaml         : delete first pluggable database
+# 		delete_pdb2_resource.yaml         : delete sencond pluggable database
+# 		delete_pdb3_resource.yaml         : delete thrid pluggable database
+# 		unplug_pdb1_resource.yaml         : unplug first pluggable database
+# 		plug_pdb1_resource.yaml           : plug first pluggable database
+# 		map_pdb1_resource.yaml            : map the first pluggable database
+# 		config_map.yam                    : pdb parameters array
+# 		altersystem_pdb1_resource.yaml    : chage cpu_count count parameter for the first pdb
+# 		config_map_plsql.yaml             : plsql code 
+#
+#[BEGIN TABLE]
+#               
+# TARGETS DEPENDENCIES                                  
+#          
+#|level 1         |level 2         |level 3        |description                          |
+#|----------------|----------------|---------------|-------------------------------------|
+#|**opsetup**     |                |               |install the operator                 |
+#|                | prsyaml        |               |configure the watch list             |
+#|                | crtmgrappl     |               |apply the certmanager                |
+#|                | nscrt          |               |namespace creation                   |
+#|                | bndappl        |               |role binding                         |
+#|                | opapply        |               |apply operator yaml file             |
+#|                | rbacap         |               |apply rbac                           |
+#+----------------+----------------+---------------+-------------------------------------+
+#|**secrets**     |                |               |create certificates and secrets      |
+#|                | tkl            |               |tls cert for https                   |
+#|                | delsecres      |               |cleanup existing secrets             |
+#+----------------+----------------+---------------+-------------------------------------+
+#|**genyaml**     |                |               |generate yaml files                  |
+#|                | secyaml        |               |not documented                       |
+#+----------------+----------------+---------------+-------------------------------------+
+#
+# OTHER TARGETS
+#
+#|target          | description                                                          |
+#+----------------+----------------------------------------------------------------------+
+#|dumplrest       | dump lrest                                                           |
+#+----------------+----------------------------------------------------------------------+
+#|dumpoperator    | dump operator logs                                                   |
+#+----------------+----------------------------------------------------------------------+
+#|check           | print parameters value                                               |
+#+----------------+----------------------------------------------------------------------+
+#|tklrestnew      | online rest server recreation                                        |
+#+----------------+----------------------------------------------------------------------+
+#|mgrrestart      | restart manager                                                      |
+#+----------------+----------------------------------------------------------------------+
+#|listimage       | list images available on the cluster                                 |
+#+----------------+----------------------------------------------------------------------+
+#|loglrest        | tail -f log lrest                                                    |
+#+----------------+----------------------------------------------------------------------+
+#|cleanyaml       | clean yaml files                                                     |
+#+----------------+----------------------------------------------------------------------+
+#|pkg             | tar this directory                                                   |
+#+----------------+----------------------------------------------------------------------+
+#|run00           | delete and recreate the lrest pod                                    |
+#+----------------+----------------------------------------------------------------------+
+#|tkautd          | autodiscovery turn on/off *make tkautd AUTOD=false/true*             |
+#+----------------+----------------------------------------------------------------------+
+#|tkdelcs         | lrest pdb delete cascade (on/off) *make tkdelcs DELETECS=true/false* |
+#+----------------+----------------------------------------------------------------------+
+#|tkdelcrd        | imperative deletion  *make tkdelcrd DELETECRD=false LRPDNNAME=<crd>* |
+#+----------------+----------------------------------------------------------------------+
+
+#[END TABLE]
+
+
+DATE  := `date "+%y%m%d%H%M%S"`
+######################
+# PARAMETER SECTIONS #
+######################
+   
+export PARAMETERS=parameters.txt
+#export TNSALIAS=$(shell cat $(PARAMETERS)  |grep -v ^\#|grep TNSALIAS|cut -d :  -f 2)
+export TNSALIAS=$(shell cat $(PARAMETERS)  |grep -v ^\#|grep TNSALIAS|awk -F ':' '{$$1="" ;printf("%s",$$2) }')
+export DBUSER=$(shell cat $(PARAMETERS)|grep -v ^\#|grep DBUSER|cut -d :  -f 2)
+export DBPASS=$(shell cat $(PARAMETERS)|grep -v ^\#|grep DBPASS|cut -d :  -f 2)
+export WBUSER=$(shell cat $(PARAMETERS)|grep -v ^\#|grep WBUSER|cut -d :  -f 2)
+export WBPASS=$(shell cat $(PARAMETERS)|grep -v ^\#|grep WBPASS|cut -d :  -f 2)
+export PDBUSR=$(shell cat $(PARAMETERS)|grep -v ^\#|grep PDBUSR|cut -d :  -f 2)
+export PDBPWD=$(shell cat $(PARAMETERS)|grep -v ^\#|grep PDBPWD|cut -d :  -f 2)
+export PDBNAMESPACE=$(shell cat $(PARAMETERS)|grep -v ^\#|grep PDBNAMESPACE|cut -d :  -f 2)
+export LRSNAMESPACE=$(shell cat $(PARAMETERS)|grep -v ^\#|grep LRSNAMESPACE|cut -d :  -f 2)
+export LRESTIMG=$(shell cat $(PARAMETERS)|grep -v ^\#|grep LRESTIMG|cut -d : -f 2,3)
+export OPRIMG=$(shell cat $(PARAMETERS)|grep -v ^\#|grep OPRIMG|cut -d : -f 2,3)
+export COMPANY=$(shell cat $(PARAMETERS)|grep -v ^\#|grep COMPANY|cut -d : -f 2)
+export APIVERSION=$(shell cat $(PARAMETERS)|grep -v ^\#|grep APIVERSION|cut -d : -f 2)
+export SERVICENAM=$(shell cat $(PARAMETERS)|grep -v ^\#|grep SERVICENAMEACCOUNT|cut -d : -f 2)
+export OPENSHIFT=$(shell cat $(PARAMETERS)|grep -v ^\#|grep OPENSHIFT|cut -d : -f 2)
+export PLSQLMAP=$(shell cat $(PARAMETERS)|grep -v ^\#|grep PLSQLMAP|cut -d : -f 2)
+export OPRNAMESPACE=oracle-database-operator-system
+export CODE_TREE=$(shell cat $(PARAMETERS)|grep -v ^\#|grep CODE_TREE|cut -d : -f 2)
+export ORACLE_OPERATOR_YAML=$(CODE_TREE)/oracle-database-operator.yaml
+export AUTODISCOVER=$(shell cat $(PARAMETERS)|grep -v ^\#|grep AUTODISCOVER|cut -d : -f 2)
+export CERT_MANAGER=$(shell cat $(PARAMETERS)|grep -v ^\#|grep CERT_MANAGER| awk -F ':' '{$$1="" ;\
+	if ($$2 == "https" ) {printf("%s:%s",$$2,$$3) } else {printf ("%s",$$2)}}')
+export TEST_EXEC_TIMEOUT=3m
+
+REST_SERVER=lrest
+SKEY=tls.key
+SCRT=tls.crt
+CART=ca.crt
+PRVKEY=ca.key
+PUBKEY=public.pem
+COMPANY=oracle
+DBUSERFILE=dbuser.txt
+DBPASSFILE=dbpass.txt
+WBUSERFILE=wbuser.txt
+WBPASSFILE=wbpass.txt
+PDBUSRFILE=pdbusr.txt
+PDBPWDFILE=pdbpwd.txt
+
+#################
+## PARAMETERS  ##
+#################
+
+export ASSERTDELETION=true
+
+#######################
+### BEGIN FILE LIST ###
+#######################
+
+export LREST_POD=create_lrest_pod.yaml
+
+export LRPDBCRE1=create_pdb1_resource.yaml
+export LRPDBCRE2=create_pdb2_resource.yaml
+
+export LRPDBCLOSE1=close_pdb1_resource.yaml
+export LRPDBCLOSE2=close_pdb2_resource.yaml
+export LRPDBCLOSE3=close_pdb3_resource.yaml
+
+export LRPDBOPEN1=open_pdb1_resource.yaml
+export LRPDBOPEN2=open_pdb2_resource.yaml
+export LRPDBOPEN3=open_pdb3_resource.yaml
+
+export LRPDBCLONE1=clone_pdb1_resource.yaml
+export LRPDBCLONE2=clone_pdb2_resource.yaml
+
+export LRPDBDELETE1=delete_pdb1_resource.yaml
+export LRPDBDELETE2=delete_pdb2_resource.yaml
+export LRPDBDELETE3=delete_pdb3_resource.yaml
+
+export LRPDBUNPLUG1=unplug_pdb1_resource.yaml
+export LRPDBPLUG1=plug_pdb1_resource.yaml
+
+export LRPDBMAP1=map_pdb1_resource.yaml
+export LRPDBMAP2=map_pdb2_resource.yaml
+export LRPDBMAP3=map_pdb3_resource.yaml
+
+export LRPDBMAP1=map_pdb1_resource.yaml
+export LRPDBMAP2=map_pdb2_resource.yaml
+export LRPDBMAP3=map_pdb3_resource.yaml
+
+export SECURITYCTX=security_context.yaml
+export NODE_RBAC=node_rbac.yaml
+
+export ALTERSYSTEMYAML=altersystem_pdb1_resource.yaml
+export CONFIG_MAP=config_map_pdb.yaml
+export CONFIG_MAP_SQL=config_map_plsql.yaml
+
+
+
+
+##BINARIES
+export KUBECTL=/usr/bin/kubectl
+OPENSSL=/usr/bin/openssl
+ECHO=/usr/bin/echo
+RM=/usr/bin/rm
+CP=/usr/bin/cp
+TAR=/usr/bin/tar
+MKDIR=/usr/bin/mkdir
+SED=/usr/bin/sed
+DIFF=/usr/bin/diff
+MAKE=/usr/bin/make
+MAKEFILE=./makefile
+
+check:
+	@printf "LRESTIMG...............:%s\n" $(LRESTIMG)
+	@printf "OPRIMG.................:%s\n" $(OPRIMG)
+	@printf "TNSALIAS...............:%.60s....\n" $(TNSALIAS)
+	@printf "DBUSER.................:%s\n" $(DBUSER)
+	@printf "DBPASS.................:%s\n" $(DBPASS)
+	@printf "WBUSER.................:%s\n" $(WBUSER)
+	@printf "WBPASS.................:%s\n" $(WBPASS)
+	@printf "PDBUSR.................:%s\n" $(PDBUSR)
+	@printf "PDBPWD.................:%s\n" $(PDBPWD)
+	@printf "PDBNAMESPACE...........:%s\n" $(PDBNAMESPACE)
+	@printf "LRSNAMESPACE...........:%s\n" $(LRSNAMESPACE)
+	@printf "COMPANY................:%s\n" $(COMPANY)
+	@printf "SERVICENAMEACCOUNT.....:%s\n" $(SERVICENAM)
+	@printf "APIVERSION.............:%s\n" $(APIVERSION)
+	@printf "PLSQLMAP...............:%s\n" $(PLSQLMAP)
+	@printf "AUTODISCOVER...........:%s\n" $(AUTODISCOVER)
+	@printf "ORACLE_OPERATOR_YAML...:%s\n" $(ORACLE_OPERATOR_YAML)
+	@printf "CODE_TREE..............:%s\n" $(CODE_TREE)
+	@printf "CERT_MANAGER...........:%s\n" $(CERT_MANAGER)
+	@printf "OPENSHIFT..............:%s\n" $(OPENSHIFT)
+
+define msg
+@printf "\033[31;7m%s\033[0m\r" "......................................]"
+@printf "\033[31;7m[\xF0\x9F\x91\x89 %s\033[0m\n" $(1)
+endef
+
+define _gendoc
+echo producing markdown tables
+cat ./makefile |awk 'BEGIN { PRINTLINE=0; }
+{ 
+if (( PRINTLINE==1 ) && ( $0 !~ /+-----/ ) && ( $0 !~ / TABLE/)) { print; }
+if ( $0 ~ /BEGIN TABLE/ ) { PRINTLINE=1; }
+if ( $0 ~ /END TABLE/ )   { PRINTLINE=0; }  
+} ' |sed 's/#//g' > toc_targets.md
+cat toc_targets.md
+endef
+
+export gendoc = $(value _gendoc)
+docs:
+	eval "$$gendoc"
+
+tls:
+	$(call msg,"TLS GENERATION")
+	#$(OPENSSL) genrsa -out $(PRVKEY) 2048	
+	$(OPENSSL)  genpkey -algorithm RSA  -pkeyopt rsa_keygen_bits:2048 -pkeyopt rsa_keygen_pubexp:65537 > $(PRVKEY)
+	$(OPENSSL) req -new -x509 -days 365 -key $(PRVKEY) \
+    	       -subj "/C=CN/ST=GD/L=SZ/O=$(COMPANY), Inc./CN=$(COMPANY) Root CA" -out ca.crt
+	$(OPENSSL) req -newkey rsa:2048 -nodes -keyout $(SKEY) -subj \
+	       	"/C=CN/ST=GD/L=SZ/O=$(COMPANY), Inc./CN=cdb-dev-$(REST_SERVER).$(LRSNAMESPACE)" -out server.csr
+	$(ECHO) "subjectAltName=DNS:cdb-dev-$(REST_SERVER).$(LRSNAMESPACE)" > extfile.txt
+	$(OPENSSL) x509 -req -extfile extfile.txt -days 365 -in server.csr -CA ca.crt -CAkey $(PRVKEY) -CAcreateserial -out $(SCRT)
+	$(OPENSSL) rsa -in $(PRVKEY) -outform PEM  -pubout -out $(PUBKEY)
+
+secrets: tls delsecrets
+	$(call msg,"CREATING NEW TLS/PRVKEY/PUBKEY SECRETS")
+	$(KUBECTL) create secret tls db-tls --key="$(SKEY)" --cert="$(SCRT)"  -n $(LRSNAMESPACE)
+	$(KUBECTL) create secret generic db-ca --from-file="$(CART)" -n $(LRSNAMESPACE)
+	$(KUBECTL) create secret tls db-tls --key="$(SKEY)" --cert="$(SCRT)"  -n $(PDBNAMESPACE)
+	$(KUBECTL) create secret generic db-ca --from-file="$(CART)" -n $(PDBNAMESPACE)
+	#$(KUBECTL) create secret tls prvkey --key="$(PRVKEY)" --cert=ca.crt  -n $(LRSNAMESPACE)
+	$(KUBECTL) create secret generic pubkey --from-file=publicKey=$(PUBKEY) -n $(LRSNAMESPACE)
+	$(KUBECTL) create secret generic prvkey --from-file=privateKey=$(PRVKEY)  -n $(LRSNAMESPACE)
+	$(KUBECTL) create secret generic prvkey --from-file=privateKey="$(PRVKEY)" -n $(PDBNAMESPACE)
+	$(call msg,"CREATING NEW CREDENTIAL SECRETS")
+	@$(ECHO) $(DBUSER) > $(DBUSERFILE)
+	@$(ECHO) $(DBPASS) > $(DBPASSFILE)
+	@$(ECHO) $(WBUSER) > $(WBUSERFILE)
+	@$(ECHO) $(WBPASS) > $(WBPASSFILE)
+	@$(ECHO) $(PDBUSR) > $(PDBUSRFILE)
+	@$(ECHO) $(PDBPWD) > $(PDBPWDFILE)
+	$(OPENSSL) pkeyutl -encrypt -pubin -inkey $(PUBKEY) -in $(DBUSERFILE) -pkeyopt rsa_padding_mode:oaep -pkeyopt rsa_oaep_md:sha256 |base64 > e_$(DBUSERFILE)
+	$(OPENSSL) pkeyutl -encrypt -pubin -inkey $(PUBKEY) -in $(DBPASSFILE) -pkeyopt rsa_padding_mode:oaep -pkeyopt rsa_oaep_md:sha256 |base64 > e_$(DBPASSFILE)
+	$(OPENSSL) pkeyutl -encrypt -pubin -inkey $(PUBKEY) -in $(WBUSERFILE) -pkeyopt rsa_padding_mode:oaep -pkeyopt rsa_oaep_md:sha256 |base64 > e_$(WBUSERFILE)
+	$(OPENSSL) pkeyutl -encrypt -pubin -inkey $(PUBKEY) -in $(WBPASSFILE) -pkeyopt rsa_padding_mode:oaep -pkeyopt rsa_oaep_md:sha256 |base64 > e_$(WBPASSFILE)
+	$(OPENSSL) pkeyutl -encrypt -pubin -inkey $(PUBKEY) -in $(PDBUSRFILE) -pkeyopt rsa_padding_mode:oaep -pkeyopt rsa_oaep_md:sha256 |base64 > e_$(PDBUSRFILE)
+	$(OPENSSL) pkeyutl -encrypt -pubin -inkey $(PUBKEY) -in $(PDBPWDFILE) -pkeyopt rsa_padding_mode:oaep -pkeyopt rsa_oaep_md:sha256 |base64 > e_$(PDBPWDFILE)
+	$(KUBECTL) create secret generic dbuser --from-file=e_$(DBUSERFILE) -n  $(LRSNAMESPACE)
+	$(KUBECTL) create secret generic dbpass --from-file=e_$(DBPASSFILE) -n  $(LRSNAMESPACE)
+	$(KUBECTL) create secret generic wbuser --from-file=e_$(WBUSERFILE) -n  $(LRSNAMESPACE)
+	$(KUBECTL) create secret generic wbpass --from-file=e_$(WBPASSFILE) -n  $(LRSNAMESPACE)
+	$(KUBECTL) create secret generic wbuser --from-file=e_$(WBUSERFILE) -n  $(PDBNAMESPACE)
+	$(KUBECTL) create secret generic wbpass --from-file=e_$(WBPASSFILE) -n  $(PDBNAMESPACE)
+	$(KUBECTL) create secret generic pdbusr --from-file=e_$(PDBUSRFILE) -n  $(PDBNAMESPACE)
+	$(KUBECTL) create secret generic pdbpwd --from-file=e_$(PDBPWDFILE) -n  $(PDBNAMESPACE)
+	$(RM) $(SKEY) $(SCRT) $(CART) $(PRVKEY) $(PUBKEY) server.csr extfile.txt ca.srl \
+		$(DBUSERFILE) $(DBPASSFILE) $(WBUSERFILE) $(WBPASSFILE) $(PDBUSRFILE) $(PDBPWDFILE)\
+		e_$(DBUSERFILE) e_$(DBPASSFILE) e_$(WBUSERFILE) e_$(WBPASSFILE) e_$(PDBUSRFILE) e_$(PDBPWDFILE)
+	$(KUBECTL) get secrets -n  $(LRSNAMESPACE)
+	$(KUBECTL) get secrets -n  $(PDBNAMESPACE)
+
+delsecrets:
+	$(call msg,"CLEAN OLD SECRETS")
+	$(eval SECRETSP:=$(shell kubectl get secrets -n $(PDBNAMESPACE) -o custom-columns=":metadata.name" --no-headers) )	
+	$(eval SECRETSL:=$(shell kubectl get secrets -n $(LRSNAMESPACE) -o custom-columns=":metadata.name" --no-headers) )	
+	@[ "${SECRETSP}" ] && ( \
+	       	printf "Deleteing secrets in namespace -n $(PDBNAMESPACE)\n") &&\
+	        ($(KUBECTL) delete secret  $(SECRETSP) -n $(PDBNAMESPACE))\
+	        || ( echo "No screts in namespace $(PDBNAMESPACE)")
+	@[ "${SECRETSL}" ] && ( \
+	       	printf "Deleteing secrets in namespace -n $(LRSNAMESPACE)\n") &&\
+	        ($(KUBECTL) delete secret  $(SECRETSL) -n $(LRSNAMESPACE))\
+	        || ( echo "No screts in namespace $(PDBNAMESPACE)")
+
+cleanCert:
+	$(RM) $(SKEY) $(SCRT) $(CART) $(PRVKEY) $(PUBKEY) server.csr extfile.txt ca.srl \
+		$(DBUSERFILE) $(DBPASSFILE) $(WBUSERFILE) $(WBPASSFILE) $(PDBUSRFILE) $(PDBPWDFILE)\
+		e_$(DBUSERFILE) e_$(DBPASSFILE) e_$(WBUSERFILE) e_$(WBPASSFILE) e_$(PDBUSRFILE) e_$(PDBPWDFILE)
+
+### YAML FILE SECTION ###
+define _opr
+
+
+export OPBASENAME=`basename ${ORACLE_OPERATOR_YAML}`
+echo "code path..........: ${ORACLE_OPERATOR_YAML}"
+echo "basename...........: ${OPBASENAME}"
+
+if [[ ${CODE_TREE:-"OFF"} == "OFF" ]] ; then
+echo "code tree not available"
+if [[ ! -f ${OPBASENAME} ]]; then 
+    echo "ERROR: oracle-database-operator.yaml not available"
+    exit 1
+    fi 
+cp ${OPBASENAME} ${OPBASENAME}.ORIG
+else
+echo "code tree..........: ${CODE_TREE}"
+cp ${ORACLE_OPERATOR_YAML} .
+cp ${OPBASENAME} ${OPBASENAME}.ORIG
+fi
+
+sed -i  's/value: ""/value: '${OPRNAMESPACE}','${PDBNAMESPACE}','${LRSNAMESPACE}'/g'   `basename ${ORACLE_OPERATOR_YAML}` 
+
+if [[ ${OPRIMG:-"OFF"} != "OFF" ]] ; then 
+	export IMG=`cat ${OPBASENAME}| awk '( $1 == "image:" ) && ( NF == 2)    { printf("%s",$2); }'`
+	echo "ORIGINALIMG........: ${IMG}"
+        echo "NEWIMAG............: ${OPRIMG}"
+	sed -i 's!image: '${IMG}'!image: '${OPRIMG}'!g' ${OPBASENAME}
+fi
+
+diff ${OPBASENAME} ${OPBASENAME}.ORIG||true
+endef
+
+export opr = $(value _opr)
+
+opsetup: prsyaml crtmgrappl nscrt  bndappl opapply rbacap
+
+#opclean: rbacdl opdelete bnddel crtmgrdel
+opclean: rbacdl bnddel crtmgrdel opdelete
+
+opapply:
+	@$(call msg,"Applying operator yaml file")
+	$(KUBECTL) apply -f `basename ${ORACLE_OPERATOR_YAML}`
+
+opdelete:
+	- $(KUBECTL) delete -f `basename ${ORACLE_OPERATOR_YAML}`
+	
+prsyaml:
+	@ eval "$$opr"	
+
+### Certmanager ###
+crtmgrappl:
+	@$(call msg,"Install cert-manager")
+	$(KUBECTL) apply -f $(CERT_MANAGER)
+	$(KUBECTL) wait --for jsonpath='{.webhooks[0].clientConfig.caBundle'} \
+		validatingwebhookconfiguration cert-manager-webhook --timeout=$(TEST_EXEC_TIMEOUT)
+	@$(call msg,"Cert manager application completed")
+
+crtmgrdel:
+	@$(call msg,"Deleting cert manager $(CERT_MANAGER)")
+	- $(KUBECTL) delete -f $(CERT_MANAGER)
+
+### Namespaces creation ###
+nscrt:
+	@$(call msg,"Namespace scope: creating namespace")
+	- $(KUBECTL) create namespace $(LRSNAMESPACE)
+	- $(KUBECTL) create namespace $(PDBNAMESPACE)
+
+### Namespace deletion  ###
+nsdel:
+	@$(call msg,"Deleting namespaces $(LRSNAMESPACE) $(PDBNAMESPACE)")
+	$(KUBECTL) delete namespace $(LRSNAMESPACE)
+	$(KUBECTL) delete namespace $(PDBNAMESPACE)
+
+### Namespace Scoped Deployment ###
+bndappl:
+	@$(call msg," Namespace Scoped Deployment: Binding $(PDBNAMESPACE) $(LRSNAMESPACE)")
+	- $(KUBECTL) apply -f $(PDBNAMESPACE)_binding.yaml
+	- $(KUBECTL) apply -f $(LRSNAMESPACE)_binding.yaml
+
+### Namespace Scope Remove ###
+bnddel:
+	@$(call msg," Namespace Scoped remove $(PDBNAMESPACE) $(LRSNAMESPACE)")
+	- $(KUBECTL) delete -f $(PDBNAMESPACE)_binding.yaml
+	- $(KUBECTL) delete -f $(LRSNAMESPACE)_binding.yaml
+
+### Cluster Role Binfing ###
+rbacap:
+	@$(call msg," ClusterRole and ClusterRoleBinding for NodePort services")
+	- $(KUBECTL) apply -f ${NODE_RBAC}
+
+### Remove Cluster Role Binding ###
+rbacdl:
+	@$(call msg," Clean $(NODE_RBAC)")
+	- $(KUBECTL) delete -f ${NODE_RBAC}
+
+
+define _script00
+cat <<EOF > authsection.yaml
+  adminpdbUser:
+    secret:
+      secretName: "pdbusr"
+      key: "e_pdbusr.txt"
+  adminpdbPass:
+    secret:
+      secretName: "pdbpwd"
+      key: "e_pdbpwd.txt"
+  lrpdbTlsKey:
+    secret:
+      secretName: "db-tls"
+      key: "tls.key"
+  lrpdbTlsCrt:
+    secret:
+      secretName: "db-tls"
+      key: "tls.crt"
+  lrpdbTlsCat:
+    secret:
+      secretName: "db-ca"
+      key: "ca.crt"
+  webServerUser:
+    secret:
+      secretName: "wbuser"
+      key: "e_wbuser.txt"
+  webServerPwd:
+    secret:
+      secretName: "wbpass"
+      key: "e_wbpass.txt"
+  cdbPrvKey:
+    secret:
+      secretName: "prvkey"
+      key: "privateKey"
+EOF
+
+
+cat <<EOF > ${PDBNAMESPACE}_binding.yaml
+apiVersion: rbac.authorization.k8s.io/v1
+kind: RoleBinding
+metadata:
+  name: oracle-database-operator-oracle-database-operator-manager-rolebinding1
+  namespace: ${PDBNAMESPACE}
+roleRef:
+  apiGroup: rbac.authorization.k8s.io
+  kind: ClusterRole
+  name: oracle-database-operator-manager-role
+subjects:
+- kind: ServiceAccount
+  name: default
+  namespace: oracle-database-operator-system
+EOF
+
+cat <<EOF > ${LRSNAMESPACE}_binding.yaml
+apiVersion: rbac.authorization.k8s.io/v1
+kind: RoleBinding
+metadata:
+  name: oracle-database-operator-oracle-database-operator-manager-rolebinding2
+  namespace: ${LRSNAMESPACE}
+roleRef:
+  apiGroup: rbac.authorization.k8s.io
+  kind: ClusterRole
+  name: oracle-database-operator-manager-role
+subjects:
+- kind: ServiceAccount
+  name: default
+  namespace: oracle-database-operator-system
+EOF
+
+cat <<EOF > ${NODE_RBAC}
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRole
+metadata:
+  name: oracle-database-operator-manager-role-node
+rules:
+- apiGroups:
+  - ""
+  resources:
+  - nodes
+  verbs:
+  - list
+  - watch
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRoleBinding
+metadata:
+  name: oracle-database-operator-manager-role-node-cluster-role-binding
+roleRef:
+  apiGroup: rbac.authorization.k8s.io
+  kind: ClusterRole
+  name: oracle-database-operator-manager-role-node
+subjects:
+- kind: ServiceAccount
+  name: default
+  namespace: oracle-database-operator-system
+---
+EOF
+
+endef
+export script00 = $(value _script00)
+secyaml:
+	@ eval "$$script00"
+
+
+#echo lrest pod creation
+define _script01
+cat <<EOF > ${LREST_POD}
+apiVersion: database.oracle.com/${APIVERSION}
+kind: LREST
+metadata: 
+  name: cdb-dev
+  namespace: ${LRSNAMESPACE}
+spec:
+  cdbName: "DB12"
+  lrestImage: ${LRESTIMG}
+  lrestImagePullPolicy: "Always"
+  dbTnsurl : ${TNSALIAS}
+  replicas: 1
+  deletePdbCascade: true
+  autodiscover: ${AUTODISCOVER}
+  namespaceAutoDiscover: ${PDBNAMESPACE}
+  clusterIp: false
+  loadBalancer: false
+  trace_level_client : 0 
+EOF
+
+if [[ ${OPENSHIFT} == "true" ]];then 
+cat <<EOF >> ${LREST_POD}
+  serviceAccountName: ${SERVICENAM}
+EOF
+fi
+
+cat <<EOF >> ${LREST_POD}
+  cdbAdminUser:
+    secret:
+      secretName: "dbuser"
+      key: "e_dbuser.txt"
+  cdbAdminPwd:
+    secret:
+      secretName: "dbpass"
+      key: "e_dbpass.txt"
+  webServerUser:
+    secret:
+      secretName: "wbuser"
+      key: "e_wbuser.txt"
+  webServerPwd:
+    secret:
+      secretName: "wbpass"
+      key: "e_wbpass.txt"
+  cdbTlsKey:
+    secret:
+      secretName: "db-tls"
+      key: "tls.key"
+  cdbTlsCrt:
+    secret:
+      secretName: "db-tls"
+      key: "tls.crt"
+  cdbTlsCat:
+    secret:
+      secretName: "db-ca"
+      key: "ca.crt"
+  cdbPubKey:
+    secret:
+      secretName: "pubkey"
+      key: "publicKey"
+  cdbPrvKey:
+    secret:
+      secretName: "prvkey"
+      key: "privateKey"
+EOF
+
+endef
+export script01 = $(value _script01)
+
+
+define _script02
+
+cat <<EOF >${LRPDBCRE1}
+apiVersion: database.oracle.com/${APIVERSION}
+kind: LRPDB
+metadata:
+  name: pdb1
+  namespace: ${PDBNAMESPACE}
+  labels:
+    cdb: cdb-dev
+spec:
+  cdbResName: "cdb-dev"
+  cdbNamespace: "${LRSNAMESPACE}"
+  cdbName: "DB12"
+  pdbName: "pdbdev"
+  imperativeLrpdbDeletion: ${ASSERTDELETION}
+  fileNameConversions: "NONE"
+  unlimitedStorage: false
+  pdbconfigmap: "config-map-pdb"
+  tdeImport: false
+  totalSize: "2G"
+  tempSize: "800M"
+EOF
+
+cat <<EOF > ${LRPDBCRE2}
+apiVersion: database.oracle.com/${APIVERSION}
+kind: LRPDB
+metadata:
+  name: pdb2
+  namespace: ${PDBNAMESPACE}
+  labels:
+    cdb: cdb-dev
+spec:
+  cdbResName: "cdb-dev"
+  cdbNamespace: "${LRSNAMESPACE}"
+  cdbName: "DB12"
+  pdbName: "pdbprd"
+  imperativeLrpdbDeletion: ${ASSERTDELETION}
+  fileNameConversions: "NONE"
+  unlimitedStorage: false
+  pdbconfigmap: "config-map-pdb"
+  tdeImport: false
+  totalSize: "2G"
+  tempSize: "800M"
+EOF
+
+cat <<EOF >${LRPDBOPEN1}
+apiVersion: database.oracle.com/${APIVERSION}
+kind: LRPDB
+metadata:
+  name: pdb1
+  namespace: ${PDBNAMESPACE}
+  labels:
+    cdb: cdb-dev
+spec:
+  cdbResName: "cdb-dev"
+  cdbNamespace: "${LRSNAMESPACE}"
+  cdbName: "DB12"
+  pdbName: "pdbdev"
+  pdbState: "OPEN"
+  modifyOption: "READ WRITE"
+EOF
+
+cat <<EOF >${LRPDBOPEN2}
+apiVersion: database.oracle.com/${APIVERSION}
+kind: LRPDB
+metadata:
+  name: pdb2
+  namespace: ${PDBNAMESPACE}
+  labels:
+    cdb: cdb-dev
+spec:
+  cdbResName: "cdb-dev"
+  cdbNamespace: "${LRSNAMESPACE}"
+  cdbName: "DB12"
+  pdbName: "pdbprd"
+  pdbState: "OPEN"
+  modifyOption: "READ WRITE"
+EOF
+
+cat <<EOF >${LRPDBOPEN3}
+apiVersion: database.oracle.com/${APIVERSION}
+kind: LRPDB
+metadata:
+  name: pdb3
+  namespace: ${PDBNAMESPACE}
+  labels:
+    cdb: cdb-dev
+spec:
+  cdbResName: "cdb-dev"
+  cdbNamespace: "${LRSNAMESPACE}"
+  cdbName: "DB12"
+  pdbName: "new_clone"
+  pdbState: "OPEN"
+  modifyOption: "READ WRITE"
+EOF
+
+cat <<EOF >${LRPDBCLOSE1}
+apiVersion: database.oracle.com/${APIVERSION}
+kind: LRPDB
+metadata:
+  name: pdb1
+  namespace: ${PDBNAMESPACE}
+  labels:
+    cdb: cdb-dev
+spec:
+  cdbResName: "cdb-dev"
+  cdbNamespace: "${LRSNAMESPACE}"
+  cdbName: "DB12"
+  pdbName: "pdbdev"
+  pdbState: "CLOSE"
+  modifyOption: "IMMEDIATE"
+EOF
+
+cat <<EOF >${LRPDBCLOSE2}
+apiVersion: database.oracle.com/${APIVERSION}
+kind: LRPDB
+metadata:
+  name: pdb2
+  namespace: ${PDBNAMESPACE}
+  labels:
+    cdb: cdb-dev
+spec:
+  cdbResName: "cdb-dev"
+  cdbNamespace: "${LRSNAMESPACE}"
+  cdbName: "DB12"
+  pdbName: "pdbprd"
+  pdbState: "CLOSE"
+  modifyOption: "IMMEDIATE"
+EOF
+
+cat <<EOF >${LRPDBCLOSE3}
+apiVersion: database.oracle.com/${APIVERSION}
+kind: LRPDB
+metadata:
+  name: pdb3
+  namespace: ${PDBNAMESPACE}
+  labels:
+    cdb: cdb-dev
+spec:
+  cdbResName: "cdb-dev"
+  cdbNamespace: "${LRSNAMESPACE}"
+  cdbName: "DB12"
+  pdbName: "new_clone"
+  pdbState: "CLOSE"
+  modifyOption: "IMMEDIATE"
+EOF
+
+cat <<EOF  > ${LRPDBCLONE1}
+apiVersion: database.oracle.com/${APIVERSION}
+kind: LRPDB
+metadata:
+  name: pdb3
+  namespace: ${PDBNAMESPACE}
+  labels:
+    cdb: cdb-dev
+spec:
+  cdbResName: "cdb-dev"
+  cdbNamespace: "${LRSNAMESPACE}"
+  cdbName: "DB12"
+  pdbName: "new_clone"
+  srcPdbName: "pdbdev"
+  fileNameConversions: "NONE"
+  totalSize: "UNLIMITED"
+  tempSize: "UNLIMITED"
+  pdbconfigmap: "config-map-pdb"
+  imperativeLrpdbDeletion: true
+EOF
+
+cat <<EOF  > ${LRPDBCLONE2}
+apiVersion: database.oracle.com/${APIVERSION}
+kind: LRPDB
+metadata:
+  name: pdb4
+  namespace: ${PDBNAMESPACE}
+  labels:
+    cdb: cdb-dev
+spec:
+  cdbResName: "cdb-dev"
+  cdbNamespace: "${LRSNAMESPACE}"
+  cdbName: "DB12"
+  pdbName: "new_clone2"
+  srcPdbName: "pdbprd"
+  fileNameConversions: "NONE"
+  totalSize: "UNLIMITED"
+  tempSize: "UNLIMITED"
+  pdbconfigmap: "config-map-pdb"
+  imperativeLrpdbDeletion: ${ASSERTDELETION}
+EOF
+
+cat <<EOF > ${LRPDBDELETE1}
+apiVersion: database.oracle.com/${APIVERSION}
+kind: LRPDB
+metadata:
+  name: pdb1
+  namespace: ${PDBNAMESPACE}
+  labels:
+    cdb: cdb-dev
+spec:
+  cdbResName: "cdb-dev"
+  cdbNamespace: "${LRSNAMESPACE}"
+  pdbName: "pdbdev"
+  pdbState: "DELETE"
+  dropAction: "INCLUDING"
+  imperativeLrpdbDeletion: ${ASSERTDELETION}
+EOF
+
+cat <<EOF > ${LRPDBDELETE2}
+apiVersion: database.oracle.com/${APIVERSION}
+kind: LRPDB
+metadata:
+  name: pdb2
+  namespace: ${PDBNAMESPACE}
+  labels:
+    cdb: cdb-dev
+spec:
+  cdbResName: "cdb-dev"
+  cdbNamespace: "${LRSNAMESPACE}"
+  pdbName: "pdbprd"
+  pdbState: "DELETE"
+  dropAction: "INCLUDING"
+  imperativeLrpdbDeletion: ${ASSERTDELETION}
+EOF
+
+cat <<EOF > ${LRPDBDELETE3}
+apiVersion: database.oracle.com/${APIVERSION}
+kind: LRPDB
+metadata:
+  name: pdb3
+  namespace: ${PDBNAMESPACE}
+  labels:
+    cdb: cdb-dev
+spec:
+  cdbResName: "cdb-dev"
+  cdbNamespace: "${LRSNAMESPACE}"
+  pdbName: "new_clone"
+  pdbState: "DELETE"
+  dropAction: "INCLUDING"
+  imperativeLrpdbDeletion: ${ASSERTDELETION}
+EOF
+
+cat <<EOF > ${LRPDBUNPLUG1}
+apiVersion: database.oracle.com/${APIVERSION}
+kind: LRPDB
+metadata:
+  name: pdb1
+  namespace: ${PDBNAMESPACE}
+  labels:
+    cdb: cdb-dev
+spec:
+  cdbResName: "cdb-dev"
+  cdbNamespace: "${LRSNAMESPACE}"
+  cdbName: "DB12"
+  pdbName: "pdbdev"
+  pdbState: "UNPLUG"
+  xmlFileName: "/var/tmp/pdb.$$.xml"
+EOF
+
+cat <<EOF >${LRPDBPLUG1}
+apiVersion: database.oracle.com/${APIVERSION}
+kind: LRPDB
+metadata:
+  name: pdb1
+  namespace: ${PDBNAMESPACE}
+  labels:
+    cdb: cdb-dev
+spec:
+  cdbResName: "cdb-dev"
+  cdbNamespace: "${LRSNAMESPACE}"
+  cdbName: "DB12"
+  pdbName: "pdbdev"
+  pdbState: "PLUG"
+  xmlFileName: "/var/tmp/pdb.$$.xml"
+  fileNameConversions: "NONE"
+  sourceFileNameConversions: "NONE"
+  copyAction: "MOVE"
+  totalSize: "1G"
+  tempSize: "100M"
+  imperativeLrpdbDeletion: true
+  pdbconfigmap: "config-map-pdb"
+EOF
+
+cat <<EOF >${LRPDBMAP1}
+apiVersion: database.oracle.com/${APIVERSION}
+kind: LRPDB
+metadata:
+  name: pdb1
+  namespace: ${PDBNAMESPACE}
+  labels:
+    cdb: cdb-dev
+spec:
+  cdbResName: "cdb-dev"
+  cdbNamespace: "${LRSNAMESPACE}"
+  cdbName: "DB12"
+  pdbName: "pdbdev"
+  imperativeLrpdbDeletion: true
+  fileNameConversions: "NONE"
+  totalSize: "1G"
+  tempSize: "100M"
+EOF
+
+cat <<EOF >${LRPDBMAP2}
+apiVersion: database.oracle.com/${APIVERSION}
+kind: LRPDB
+metadata:
+  name: pdb2
+  namespace: ${PDBNAMESPACE}
+  labels:
+    cdb: cdb-dev
+spec:
+  cdbResName: "cdb-dev"
+  cdbNamespace: "${LRSNAMESPACE}"
+  cdbName: "DB12"
+  pdbName: "pdbprd"
+  imperativeLrpdbDeletion: true
+  fileNameConversions: "NONE"
+  totalSize: "1G"
+  tempSize: "100M"
+EOF
+
+
+cat <<EOF >${LRPDBMAP3}
+apiVersion: database.oracle.com/${APIVERSION}
+kind: LRPDB
+metadata:
+  name: pdb3
+  namespace: ${PDBNAMESPACE}
+  labels:
+    cdb: cdb-dev
+spec:
+  cdbResName: "cdb-dev"
+  cdbNamespace: "${LRSNAMESPACE}"
+  cdbName: "DB12"
+  pdbName: "new_clone"
+  imperativeLrpdbDeletion: true
+  fileNameConversions: "NONE"
+  totalSize: "1G"
+  tempSize: "100M"
+EOF
+
+cat <<EOF >${CONFIG_MAP}
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: config-map-pdb
+  namespace: ${PDBNAMESPACE}
+data:
+  rdbmsparameters.txt: |
+     session_cached_cursors;100;spfile
+     open_cursors;100;spfile
+     db_file_multiblock_read_count;16;spfile
+     test_invalid_parameter;16;spfile
+EOF
+
+
+cat <<EOF > ${ALTERSYSTEMYAML}
+apiVersion: database.oracle.com/${APIVERSION}
+kind: LRPDB
+metadata:
+  name: pdb1
+  namespace: ${PDBNAMESPACE}
+  labels:
+    cdb: cdb-dev
+spec:
+  cdbResName: "cdb-dev"
+  cdbNamespace: "${LRSNAMESPACE}"
+  cdbName: "DB12"
+  pdbName: "pdbdev"
+  alterSystemParameter : "cpu_count"
+  alterSystemValue : "3"
+  parameterScope : "memory"
+EOF
+
+
+cat <<EOF > ${CONFIG_MAP_SQL}
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: ${PLSQLMAP}
+  namespace: ${PDBNAMESPACE}
+data:
+  plblock1.sql: |
+        create user k8stestuser identified by tkstestuser
+  plblock2.sql: |
+        grant dba to k8stestuser
+  plblock3.sql: |
+        create table k8stestuser.rndnum (c1 number ,c2 number)
+  plblock4.sql: |
+        alter session set events '942 trace name errorstack level  3'
+  plblock5.sql: |
+        create or replace  procedure k8stestuser.gennum 
+        as 
+        begin 
+        for cnt in 1..100 
+        loop 
+           insert into k8stestuser.rndnum values (dbms_random.value(1,100), 
+           dbms_random.value(1,100));
+           end loop;
+           commit;
+        end;
+  plblock6.sql: |
+        begin 
+        k8stestuser.gennum;
+        end;
+EOF
+
+
+## Auth information
+for _file in ${LRPDBCRE1} ${LRPDBCRE2} ${LRPDBOPEN1} ${LRPDBOPEN2} ${LRPDBOPEN3} ${LRPDBCLOSE1} ${LRPDBCLOSE2} ${LRPDBCLOSE3} ${LRPDBCLONE1} ${LRPDBCLONE2} ${LRPDBDELETE1} ${LRPDBDELETE2}  ${LRPDBDELETE3} ${LRPDBUNPLUG1} ${LRPDBPLUG1} ${LRPDBMAP1} ${LRPDBMAP2} ${LRPDBMAP3} ${ALTERSYSTEMYAML} 
+do 
+ls -ltr ${_file}
+     cat authsection.yaml >> ${_file}
+done
+rm authsection.yaml
+endef
+
+define _script03
+cat <<EOF >${SECURITYCTX}
+#
+# Copyright (c) 2024, Oracle and/or its affiliates.
+# Licensed under the Universal Permissive License v 1.0 as shown at http://oss.oracle.com/licenses/upl.
+#
+---
+
+# Create a Security Context Contraint
+kind: SecurityContextConstraints
+apiVersion: security.openshift.io/v1
+metadata:
+  name: lrest-scc
+allowPrivilegedContainer: false
+allowedCapabilities:
+  - SYS_NICE
+runAsUser:
+  type: MustRunAs
+  uid: 54321
+seLinuxContext:
+  type: RunAsAny
+fsGroup:
+  type: MustRunAs
+  ranges:
+  - min: 54321
+    max: 54321
+supplementalGroups:
+   type: MustRunAs
+   ranges:
+   - min: 54321
+     max: 54321
+---
+
+# Create a Security Context Contraint
+kind: SecurityContextConstraints
+apiVersion: security.openshift.io/v1
+metadata:
+  name: lrest-root-user-scc
+allowPrivilegedContainer: false
+allowedCapabilities:
+  - SYS_NICE
+runAsUser:
+  type: MustRunAsRange
+  uidRangeMin: 0
+  uidRangeMax: 54321
+seLinuxContext:
+  type: RunAsAny
+fsGroup:
+  type: MustRunAs
+  ranges:
+  - min: 0
+    max: 54325
+supplementalGroups:
+  type: MustRunAs
+  ranges:
+  - min: 0
+    max: 54321
+---
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+  name: lrest-sa
+  namespace: ${LRSNAMESPACE}
+---
+
+kind: Role
+apiVersion: rbac.authorization.k8s.io/v1
+metadata:
+  name: use-lrest-scc
+  namespace: ${LRSNAMESPACE}
+rules:
+  - apiGroups:
+    - security.openshift.io
+    verbs:
+    - use
+    resources:
+    - securitycontextconstraints
+    resourceNames:
+    - lrest-scc
+    - lrest-root-user-scc
+---
+
+kind: RoleBinding
+apiVersion: rbac.authorization.k8s.io/v1
+metadata:
+  name: use-lrest-scc
+  namespace: ${LRSNAMESPACE}
+subjects:
+  - kind: ServiceAccount
+    name: lrest-sa
+    namespace: ${LRSNAMESPACE}
+roleRef:
+  kind: Role
+  name: use-lrest-scc
+  apiGroup: rbac.authorization.k8s.io
+EOF
+
+endef
+
+define _envfile
+cat <<EOF >tkpc_mmk8slenv.sh
+export TNSALIAS=${TNSALIAS}
+export DBUSER=${DBUSER}
+export DBPASS=${DBPASS}
+export WBUSER=${WBUSER}
+export WBPASS=${WBPASS}
+export PDBUSR=${PDBUSR}
+export PDBPWD=${PDBPWD}
+export PDBNAMESPACE=${PDBNAMESPACE}
+export LRSNAMESPACE=${LRSNAMESPACE}
+export LRESTIMG=${LRESTIMG}
+export COMPANY=${COMPANY}
+export APIVERSION=${APIVERSION}
+export SERVICENAM=${SERVICENAM}
+export OPENSHIFT=${OPENSHIFT}
+export PLSQLMAP=${PLSQLMAP}
+export OPRNAMESPACE=oracle-database-operator-system
+export CODE_TREE=${CODE_TREE}
+export ORACLE_OPERATOR_YAML=${ORACLE_OPERATOR_YAML}
+export AUTODISCOVER=${AUTODISCOVER}
+export CERT_MANAGER=${CERT_MANAGER}
+export TEST_EXEC_TIMEOUT=3m
+EOF
+endef
+
+export script02 = $(value _script02)
+export script03 = $(value _script03)
+export script04 = $(value _envfile)
+
+
+
+genyaml: secyaml
+	@ eval "$$script01"
+	@ eval "$$script02"
+	@ eval "$$script03"
+	@ eval "$$script04"
+
+cleanyaml:
+	- $(RM) $(LRPDBMAP3) $(LRPDBMAP2) $(LRPDBMAP1) $(LRPDBPLUG1) $(LRPDBUNPLUG1) $(LRPDBDELETE2) $(LRPDBDELETE1) $(LRPDBDELETE3) $(LRPDBCLONE2) $(LRPDBCLONE1) $(LRPDBCLOSE3) $(LRPDBCLOSE2) $(LRPDBCLOSE1) $(LRPDBOPEN3) $(LRPDBOPEN2) $(LRPDBOPEN1) $(LRPDBCRE2) $(LRPDBCRE1) $(LREST_POD) ${ALTERSYSTEMYAML}
+	- $(RM) ${CONFIG_MAP} ${PDBNAMESPACE}_binding.yaml ${LRSNAMESPACE}_binding.yaml
+
+
+
+
+#################
+### PACKAGING ###
+#################
+
+pkg:
+	- $(RM) -rf /tmp/pkgtestplan
+	$(MKDIR) /tmp/pkgtestplan
+	$(CP) -R * /tmp/pkgtestplan
+	$(CP) $(ORACLE_OPERATOR_YAML) /tmp/pkgtestplan/
+	$(TAR) -C /tmp -cvf ~/pkgtestplan_$(DATE).tar pkgtestplan
+
+################
+###   diag   ###
+################
+
+login:
+	$(KUBECTL) exec   `$(KUBECTL) get pods -n $(LRSNAMESPACE)|grep rest|cut -d ' ' -f 1` -n $(LRSNAMESPACE) -it -- /bin/bash
+
+
+reloadop:
+	echo "RESTARTING OPERATOR"
+	$(eval OP1 := $(shell $(KUBECTL) get pods -n $(OPRNAMESPACE)|grep oracle-database-operator-controller|head -1|cut  -d ' ' -f 1 ))
+	$(eval OP2 := $(shell $(KUBECTL) get pods -n $(OPRNAMESPACE)|grep oracle-database-operator-controller|head -2|tail -1|cut  -d ' ' -f 1 ))
+	$(eval OP3 := $(shell $(KUBECTL) get pods -n $(OPRNAMESPACE)|grep oracle-database-operator-controller|tail -1|cut  -d ' ' -f 1 ))
+	$(KUBECTL) get pod $(OP1) -n $(OPRNAMESPACE) -o yaml | kubectl replace --force -f -
+	$(KUBECTL) get pod $(OP2) -n $(OPRNAMESPACE) -o yaml | kubectl replace --force -f -
+	$(KUBECTL) get pod $(OP3) -n $(OPRNAMESPACE) -o yaml | kubectl replace --force -f -
+
+
+dumpoperator:
+	@$(eval TMPSP := $(shell date "+%y%m%d%H%M%S" ))
+	@$(eval DIAGFILE := ./opdmp.$(TMPSP))
+	@>$(DIAGFILE)
+	@echo "OPERATOR DUMP"  >> $(DIAGFILE)
+	@echo "~~~~~~~~~~~~~"  >> $(DIAGFILE)
+	$(KUBECTL) logs   pod/`$(KUBECTL) get pods -n $(OPRNAMESPACE)|grep oracle-database-operator-controller|head -1|cut  -d ' ' -f 1` -n $(OPRNAMESPACE) >>$(DIAGFILE)
+	$(KUBECTL) logs   pod/`$(KUBECTL) get pods -n $(OPRNAMESPACE)|grep oracle-database-operator-controller|head -2|tail -1 | cut -d ' ' -f 1` -n $(OPRNAMESPACE) >>$(DIAGFILE)
+	$(KUBECTL) logs   pod/`$(KUBECTL) get pods -n $(OPRNAMESPACE)|grep oracle-database-operator-controller|tail -1|cut  -d ' ' -f 1` -n $(OPRNAMESPACE) >>$(DIAGFILE)
+
+dumplrest:
+	@$(eval TMPSP := $(shell date "+%y%m%d%H%M%S" ))
+	@$(eval DIAGFILE := ./lrestdump.$(TMPSP))
+	@>$(DIAGFILE)
+	$(KUBECTL) logs  `$(KUBECTL) get pods -o custom-columns=:metadata.name -n $(LRSNAMESPACE) --no-headers ` -n $(LRSNAMESPACE) |strings > $(DIAGFILE)
+
+loglrest:
+	$(KUBECTL) logs -f `$(KUBECTL) get pods -o custom-columns=:metadata.name -n $(LRSNAMESPACE) --no-headers ` -n $(LRSNAMESPACE)
+
+
+listimage:
+	 $(KUBECTL) get pods --all-namespaces -o jsonpath="{.items[*].spec['initContainers', 'containers'][*].image}" | tr -s '[[:space:]]' '\n' | sort | uniq -c
+
+getvaliduid:
+	$(KUBECTL) get namespace  $(LRSNAMESPACE) -ojson | jq '.metadata.annotations | with_entries(select(.key | contains("sa.scc")))'
+
+mgrrestart:
+	$(KUBECTL) rollout restart -n $(OPRNAMESPACE) deployment oracle-database-operator-controller-manager
+
+
+#######################################################
+####                 TEST SECTION                  ####
+#######################################################
+CREATEMSG="create:[op completed]"
+OPENMSG="open:[op. completed]"
+CLOSEMSG="close:[op. completed]"
+CLONEMSG="clone:[op. completed]"
+PLUGMSG="plug:[op. completed]"
+
+cleanlrest:
+	@$(call msg,"lrest deletion")
+	- $(KUBECTL) delete lrest cdb-dev -n $(LRSNAMESPACE)
+	- $(KUBECTL) delete replicaset.apps/cdb-dev-lrest-rs -n $(LRSNAMESPACE)
+	$(KUBECTL) wait --for=delete lrest cdb-dev -n $(LRSNAMESPACE) --timeout=10m
+	$(KUBECTL) wait --for=delete pod/* -n $(LRSNAMESPACE) --timeout=10m
+
+toplrest:
+	$(KUBECTL) top pod  `$(KUBECTL) get pods -o custom-columns=:metadata.name -n $(LRSNAMESPACE) --no-headers ` -n $(LRSNAMESPACE)
+
+
+run00: cleanlrest
+	@$(call msg,"lrest pod creation")
+	$(KUBECTL) apply -f $(LREST_POD) 
+	$(KUBECTL) wait --for jsonpath='{.status.phase'}="Ready" lrest cdb-dev -n $(LRSNAMESPACE) --timeout=$(TEST_EXEC_TIMEOUT)
+	@$(call msg,"lrest pod completed")
+	$(KUBECTL) get lrest -n  $(LRSNAMESPACE)
+	$(KUBECTL) get pod -n  $(LRSNAMESPACE)
+	$(KUBECTL) logs  `$(KUBECTL) get pods -o custom-columns=:metadata.name -n $(LRSNAMESPACE) --no-headers ` -n $(LRSNAMESPACE)
+
+run01.1:
+	@$(call msg,"lrpdb pdb1  creation")
+	$(KUBECTL) apply -f $(LRPDBCRE1)
+	$(KUBECTL) wait --for jsonpath='{.status.msg'}=$(CREATEMSG) lrpdb pdb1 -n $(PDBNAMESPACE) --timeout=$(TEST_EXEC_TIMEOUT)
+	@$(call msg, "lrpdb pdb1 creation completed")
+	$(KUBECTL) get lrpdb pdb1 -n $(PDBNAMESPACE) 
+
+run01.2:
+	@$(call msg, "lrpdb pdb2  creation")
+	$(KUBECTL) apply -f $(LRPDBCRE2)
+	$(KUBECTL) wait --for jsonpath='{.status.msg'}=$(CREATEMSG) lrpdb pdb2 -n $(PDBNAMESPACE) --timeout=$(TEST_EXEC_TIMEOUT)
+	@$(call msg, "lrpdb pdb2  creation completed")
+	$(KUBECTL) get lrpdb pdb2 -n $(PDBNAMESPACE) 
+
+open:
+	@$(call msg, "lrpdb $(LRPDBNAME)  open")
+	$(KUBECTL) patch lrpdb $(LRPDBNAME) -n $(PDBNAMESPACE) -p \
+		'{"spec":{"pdbState":"OPEN","modifyOption":"READ WRITE","modifyOption2":"NONE"}}' --type=merge
+	$(KUBECTL) wait --for jsonpath='{.status.msg'}=$(OPENMSG) lrpdb $(LRPDBNAME) -n $(PDBNAMESPACE) --timeout=$(TEST_EXEC_TIMEOUT)
+	@$(call msg, "lrpdb $(LRPDBNAME)  completed")
+	$(KUBECTL) get lrpdb $(LRPDBNAME) -n $(PDBNAMESPACE) 
+
+openrestricted:
+	@$(call msg, "lrpdb $(LRPDBNAME)  open")
+	$(KUBECTL) patch lrpdb $(LRPDBNAME) -n $(PDBNAMESPACE) -p \
+		'{"spec":{"pdbState":"OPEN","modifyOption":"READ WRITE","modifyOption2":"RESTRICTED"}}' --type=merge
+	$(KUBECTL) wait --for jsonpath='{.status.msg'}=$(OPENMSG) lrpdb $(LRPDBNAME) -n $(PDBNAMESPACE) --timeout=$(TEST_EXEC_TIMEOUT)
+	@$(call msg, "lrpdb $(LRPDBNAME)  completed")
+	$(KUBECTL) get lrpdb $(LRPDBNAME) -n $(PDBNAMESPACE) 
+
+
+close:
+	@$(call msg, "lrpdb $(LRPDBNAME)  close")
+	$(KUBECTL) patch lrpdb $(LRPDBNAME) -n $(PDBNAMESPACE) -p \
+		'{"spec":{"pdbState":"CLOSE","modifyOption":"IMMEDIATE"}}' --type=merge
+	$(KUBECTL) wait --for jsonpath='{.status.msg'}=$(CLOSEMSG) lrpdb $(LRPDBNAME) -n $(PDBNAMESPACE) --timeout=$(TEST_EXEC_TIMEOUT)
+	@$(call msg, "lrpdb $(LRPDBNAME)  completed")
+	$(KUBECTL) get lrpdb $(LRPDBNAME) -n $(PDBNAMESPACE) 
+
+altercpu:
+	@$(call msg, "lrpdb $(LRPDBNAME)  alter cpu")
+	$(KUBECTL) patch lrpdb $(LRPDBNAME) -n $(PDBNAMESPACE) -p \
+		'{"spec":{"alterSystemParameter":"cpu_count","alterSystemValue":"3","parameterScope":"memory"}}' --type=merge
+
+openpdb1:
+	$(MAKE) -f $(MAKEFILE) open LRPDBNAME=pdb1 
+
+openpdb2:
+	$(MAKE) -f $(MAKEFILE) open LRPDBNAME=pdb2 
+
+openpdb3:
+	$(MAKE) -f $(MAKEFILE) open LRPDBNAME=pdb3
+
+openpdb1rs:
+	$(MAKE) -f $(MAKEFILE) openrestricted LRPDBNAME=pdb1
+
+openpdb2rs:
+	$(MAKE) -f $(MAKEFILE) openrestricted LRPDBNAME=pdb2
+
+closepdb1:
+	$(MAKE) -f $(MAKEFILE) close LRPDBNAME=pdb1 
+
+closepdb2:
+	$(MAKE) -f $(MAKEFILE) close LRPDBNAME=pdb2 
+
+closepdb3:
+	$(MAKE) -f $(MAKEFILE) close LRPDBNAME=pdb3 
+
+
+run02.1:
+	@$(call msg, "lrpdb pdb1  open")
+	$(KUBECTL) apply -f $(LRPDBOPEN1)
+	$(KUBECTL) wait --for jsonpath='{.status.msg'}=$(OPENMSG) lrpdb pdb1 -n $(PDBNAMESPACE) --timeout=$(TEST_EXEC_TIMEOUT)
+	@$(call msg, "lrpdb pdb1 open completed")
+	$(KUBECTL) get lrpdb pdb1 -n $(PDBNAMESPACE) 
+
+
+run02.2:
+	@$(call msg,"lrpdb pdb2  open")
+	$(KUBECTL) apply -f $(LRPDBOPEN2)
+	$(KUBECTL) wait --for jsonpath='{.status.msg'}=$(OPENMSG) lrpdb pdb2 -n $(PDBNAMESPACE) --timeout=$(TEST_EXEC_TIMEOUT)
+	@$(call msg,"lrpdb pdb2 open completed")
+	$(KUBECTL) get lrpdb pdb2 -n $(PDBNAMESPACE) 
+
+
+run03.1:
+	@$(call msg,"clone pdb1-->pdb3")
+	$(KUBECTL) apply -f $(LRPDBCLONE1)
+	$(KUBECTL) wait --for jsonpath='{.status.msg'}=$(CLONEMSG) lrpdb pdb3 -n $(PDBNAMESPACE) --timeout=$(TEST_EXEC_TIMEOUT)
+	@$(call msg,"clone pdb1-->pdb3 completed")
+	$(KUBECTL) get lrpdb pdb3 -n $(PDBNAMESPACE) 
+
+
+run03.2:
+	@$(call msg,"clone pdb2-->pdb4")
+	$(KUBECTL) apply -f $(LRPDBCLONE2)
+	$(KUBECTL) wait --for jsonpath='{.status.msg'}=$(CLONEMSG) lrpdb pdb4 -n $(PDBNAMESPACE) --timeout=$(TEST_EXEC_TIMEOUT)
+	@$(call msg,"clone pdb2-->pdb4 completed")
+	$(KUBECTL) get lrpdb pdb3 -n $(PDBNAMESPACE) 
+
+
+run04.1:
+	@$(call msg,"lrpdb pdb1  close")
+	$(KUBECTL) apply -f $(LRPDBCLOSE1)
+	$(KUBECTL) wait --for jsonpath='{.status.msg'}=$(CLOSEMSG) lrpdb pdb1 -n $(PDBNAMESPACE) --timeout=$(TEST_EXEC_TIMEOUT)
+	@$(call msg, "lrpdb pdb1 close completed")
+	$(KUBECTL) get lrpdb pdb1 -n $(PDBNAMESPACE)
+
+run04.2:
+	@$(call msg,"lrpdb pdb2  close")
+	$(KUBECTL) apply -f $(LRPDBCLOSE2)
+	$(KUBECTL) wait --for jsonpath='{.status.msg'}=$(CLOSEMSG) lrpdb pdb2 -n $(PDBNAMESPACE) --timeout=$(TEST_EXEC_TIMEOUT)
+	@$(call msg,"lrpdb pdb2 close completed")
+	$(KUBECTL) get lrpdb pdb2 -n $(PDBNAMESPACE)
+
+run05.1:
+	@$(call msg,"lrpdb pdb1  unplug")
+	$(KUBECTL) apply -f $(LRPDBUNPLUG1)
+	$(KUBECTL) wait --for=delete lrpdb pdb1 -n $(PDBNAMESPACE) --timeout=$(TEST_EXEC_TIMEOUT)
+	@$(call msg,"lrpdb pdb1 unplug completed")
+
+run06.1:
+	@$(call msg, "lrpdb pdb1  plug")
+	$(KUBECTL) apply -f $(LRPDBPLUG1)
+	$(KUBECTL) wait --for jsonpath='{.status.msg'}=$(PLUGMSG) lrpdb pdb1 -n $(PDBNAMESPACE) --timeout=$(TEST_EXEC_TIMEOUT)
+	@$(call msg, "lrpdb pdb1 plug completed")
+	$(KUBECTL) get lrpdb pdb1 -n $(PDBNAMESPACE)
+
+run07.1:
+	@$(call msg,"lrpdb pdb1 delete ")
+	- $(KUBECTL) apply -f $(LRPDBCLOSE1)
+	$(KUBECTL) wait --for jsonpath='{.status.msg'}=$(CLOSEMSG) lrpdb pdb1 -n $(PDBNAMESPACE) --timeout=$(TEST_EXEC_TIMEOUT)
+	$(KUBECTL) apply -f $(LRPDBDELETE1)
+	$(KUBECTL) wait --for=delete lrpdb pdb1 -n $(PDBNAMESPACE) --timeout=$(TEST_EXEC_TIMEOUT)
+	@$(call msg,"lrpdb pdb1 delete")
+	$(KUBECTL) get lrpdb -n $(PDBNAMESPACE)
+
+run99.1:
+	$(KUBECTL) delete lrest cdb-dev -n $(LRSNAMESPACE)
+	$(KUBECTL) wait --for=delete lrest cdb-dev -n $(LRSNAMESPACE) --timeout=$(TEST_EXEC_TIMEOUT)
+	$(KUBECTL) get lrest -n $(LRSNAMESPACE)
+	$(KUBECTL) get lrpdb -n $(PDBNAMESPACE)
+	
+
+tklifecycle: runall01
+
+tkonepdbcre: runall02
+
+tkapplyinit:
+	@$(call msg," init config map creation")
+	-- $(KUBECTL) delete -f $(CONFIG_MAP) -n $(PDBNAMESPACE)
+	$(KUBECTL) apply -f $(CONFIG_MAP) -n $(PDBNAMESPACE)
+
+tkplsqlexec: 
+	@$(call msg,"==>PLSQL TESTING<==")
+	$(MAKE) -f $(MAKEFILE) run00 run01.1 run02.1
+	@$(call msg,"delete config map ")
+	-- $(KUBECTL) delete configmap $(PLSQLMAP) -n $(PDBNAMESPACE)
+	@$(call msg,"recreating config sql map")
+	$(KUBECTL) apply -f $(CONFIG_MAP_SQL)
+	$(KUBECTL) describe configmap $(PLSQLMAP) -n $(PDBNAMESPACE)
+	@$(call msg,"applying config sql map")
+	$(KUBECTL) patch lrpdb pdb1 -n $(PDBNAMESPACE) -p \
+	       '{"spec":{"codeconfigmap":"$(PLSQLMAP)"}}' --type=merge
+	sleep 10 
+	$(KUBECTL) get events --sort-by='.lastTimestamp' -n $(PDBNAMESPACE)
+	$(KUBECTL) get events -n $(PDBNAMESPACE) --sort-by='.lastTimestamp' --field-selector involvedObject.name=pdb1|grep APPLYSQL
+	$(KUBECTL) get events -n $(PDBNAMESPACE) --sort-by='.lastTimestamp' --field-selector involvedObject.name=pdb1|grep APPLYSQL
+
+
+tkplsqlexec01:
+	@$(call msg,"delete config map ")
+	-- $(KUBECTL) delete configmap $(PLSQLMAP) -n $(PDBNAMESPACE)
+	@$(call msg,"recreating config sql map")
+	$(KUBECTL) apply -f $(CONFIG_MAP_SQL)
+	$(KUBECTL) describe configmap $(PLSQLMAP) -n $(PDBNAMESPACE)
+	@$(call msg,"applying config sql map")
+	$(KUBECTL) patch lrpdb $(LRPDBNAME) -n $(PDBNAMESPACE) -p \
+	                '{"spec":{"codeconfigmap":"$(PLSQLMAP)"}}' --type=merge
+	sleep 10
+	$(KUBECTL) get events --sort-by='.lastTimestamp' -n $(PDBNAMESPACE)
+	$(KUBECTL) get events -n $(PDBNAMESPACE) --sort-by='.lastTimestamp' --field-selector involvedObject.name=$(LRPDBNAME)|grep APPLYSQL
+
+tkaudosicov:
+	@$(call msg,"==>AUTODISCOVER TESTING<==")
+	$(MAKE) -f $(MAKEFILE) genyaml ASSERTDELETION=false
+	$(MAKE) -f $(MAKEFILE) run00 run01.1 run02.1
+	@$(call msg,"deleting pdb1 (imperativedeletion=false)")
+	$(KUBECTL) delete lrpdb pdb1 -n $(PDBNAMESPACE)
+	$(KUBECTL) wait --for=delete lrpdb pdb1 -n $(PDBNAMESPACE) --timeout=$(TEST_EXEC_TIMEOUT)
+	 @$(call msg,"checking lrpdb pdb1 recreation")
+	$(KUBECTL) wait --for jsonpath='{.status.phase'}="Ready" \
+		lrpdb atd-pdbdev -n $(PDBNAMESPACE) --timeout=$(TEST_EXEC_TIMEOUT)
+	$(MAKE) -f $(MAKEFILE) genyaml ASSERTDELETION=true
+
+# Proceudure to recreate restserver
+tklrestnew:
+	@$(call msg,"Recrete resetserver")
+	@$(call msg,"disable autodiscover and delete cascade")
+	$(KUBECTL) patch lrest cdb-dev -n $(LRSNAMESPACE) -p '{"spec":{"autodiscover":false,"deletePdbCascade":false}}'  --type=merge
+	$(KUBECTL) wait --for jsonpath='{.spec.autodiscover'}=false lrest cdb-dev -n $(LRSNAMESPACE) --timeout=$(TEST_EXEC_TIMEOUT)
+	$(KUBECTL) wait --for jsonpath='{.spec.deletePdbCascade'}=false lrest cdb-dev -n $(LRSNAMESPACE) --timeout=$(TEST_EXEC_TIMEOUT)
+	sleep 10
+	$(MAKE) -f $(MAKEFILE) run00
+
+# Turn ON/OFF autodiscovery 
+#          ON:    make tkautd AUTOD=true
+#          OFF:   make tkautd AUTOD=false
+tkautd:
+	@$(call msg,"autodiscover $(AUTOD)")
+	$(KUBECTL) patch lrest cdb-dev -n $(LRSNAMESPACE) -p '{"spec":{"autodiscover":$(AUTOD)}}'  --type=merge
+	$(KUBECTL) wait --for jsonpath='{.spec.autodiscover'}=$(AUTOD) lrest cdb-dev -n $(LRSNAMESPACE) --timeout=$(TEST_EXEC_TIMEOUT)
+
+# Turn ON/OFF lrest pdb delete cascade
+#          ON:    make tkdelcs DELETECS=true
+#          OFF:   make tkdelcs DELETECS=false
+tkdelcs:
+	@$(call msg,"delete pdb cascade $(DELETECS)")
+	$(KUBECTL) patch lrest cdb-dev -n $(LRSNAMESPACE) -p '{"spec":{"deletePdbCascade":$(DELETECS)}}'  --type=merge
+	$(KUBECTL) wait --for jsonpath='{.spec.deletePdbCascade'}=$(DELETECS) lrest cdb-dev -n $(LRSNAMESPACE) --timeout=$(TEST_EXEC_TIMEOUT)
+
+# Turn ON/OFF lrest pdb imperativeLrpdb deletion (delete CRD & PDB)
+#          ON:    make tkdelcrd DELETECRD=true  LRPDBNAME=<crdname>
+#          OFF:   make tkdelcrd DELETECRD=false LRPDNNAME=<crdname>
+tkdelcrd:
+	@$(call msg,"imperativeLrpdbDeletion $(DELETECRD)")
+	$(KUBECTL) patch lrpdb $(LRPDBNAME) -n $(PDBNAMESPACE) \
+                -p '{"spec":{"imperativeLrpdbDeletion":$(DELETECRD)}}' --type=merge
+	$(KUBECTL) wait --for jsonpath='{.spec.imperativeLrpdbDeletion'}=$(DELETECRD) lrpdb $(LRPDBNAME) -n $(PDBNAMESPACE)  --timeout=$(TEST_EXEC_TIMEOUT)
+
+checkpdbsize:
+	$(KUBECTL) get lrpdb -n $(PDBNAMESPACE)  -o jsonpath='{range .items[*]}{.metadata.name}{"\t"}{.spec.pdbName}{"\t"}{.spec.totalSize}{"\t"}{.status.totalSize}{"\n"}{end}'
+
+checkimpdel:
+	$(KUBECTL) get lrpdb -n $(PDBNAMESPACE) \
+	       	-o jsonpath='{range .items[*]}{.metadata.name}{" "}{.spec.pdbName}{" "}{.status.openMode}{" "}{.spec.imperativeLrpdbDeletion}{" "}{"\t\t"}{"\n"}{end}'| sed 's/READ WRITE/READ_WRITE/g' |awk ' BEGIN { printf( "%-20s %-10s %-10s %10s\n","CRD","PDB NAME","OPEN MODE","IMPERATIVELRPDBDELETION"); \
+		 printf( "%-20s %-10s %-10s %-23s\n","--------------------","----------","----------","-----------------------");\
+		 } { printf("%-20s %-10s %-10s %-23s\n",$$1,$$2,$$3,$$4) }'
+
+reset:
+	@$(call msg,"Reset state $(LRPDBNAME):$(RESETVALUE)")
+	$(KUBECTL) patch lrpdb $(LRPDBNAME) -n $(PDBNAMESPACE) \
+		-p '{"spec":{"pdbState":"RESET","reststate":$(RESETVALUE)}}'  \
+		--type=merge
+	$(KUBECTL) get  lrpdb $(LRPDBNAME) -n $(PDBNAMESPACE)
+ 
+
+
+
+# tkapplyinit - config map creation
+# run00       - lrest pod creation 
+# run01.1     - pdb1 creation 
+# run01.2     - pdb2 creation
+# run02.1     - pdb1 open               - declarative  
+# run02.2     - pdb2 open               - declarative
+# run03.1     - pdb1 clone              - declarative
+# run04.1     - pdb1 close              - declarative
+# run04.2     - pdb2 close              - declatative  
+# run05.1     - pdb1 unplug             - declarative
+# run06.1     - pdb1 plug               - declarative
+# openpdb1    - pdb1 open               - imperative 
+# openpdb2    - pdb2 open               - imperative 
+# closepdb1   - pdb1 close              - imperative
+# closepdb2   - pdb2 close              - imperative 
+# openpdb1rs  - pdb1 open restrict      - imperative  
+# openpdb2rs  - pdb2 open restrict      - imperative  
+#
+
+runall01: genyaml tkapplyinit run00 run01.1 run01.2 run02.1 run02.2 \
+	  run03.1 run03.2 run04.1 run04.2 run05.1 run06.1 run07.1 
+runall02: genyaml tkapplyinit run00 run01.1 openpdb1
+runall03: genyaml tkapplyinit run00 run01.1 run01.2 run02.1 run02.2 \
+       	run04.1 run04.2 openpdb1 openpdb2 closepdb1 closepdb2 openpdb1rs
+	$(MAKE) -f $(MAKEFILE) close LRPDBNAME=pdb1
+	$(MAKE) -f $(MAKEFILE) open  LRPDBNAME=pdb1
+	$(MAKE) -f $(MAKEFILE) close LRPDBNAME=pdb1
+	$(MAKE) -f $(MAKEFILE) run05.1 run06.1
+runall04: genyaml tkapplyinit run00 run01.1 run01.2 run02.1 run02.2 run04.1 \
+       	run04.2 openpdb1 \
+          openpdb2 closepdb1 closepdb2 run05.1 run06.1 closepdb1 
+runall05: genyaml tkapplyinit run00 run01.1 run02.1 run03.1
+## Delete cloned pdb
+## setup:create/open/clone
+runall06: run01.1 run02.1 run03.1
+	$(KUBECTL) apply -f $(LRPDBDELETE3)
+	$(KUBECTL) apply -f $(LRPDBDELETE1)
+
+
+
+
+
+
+
+
diff --git a/docs/multitenant/lrest-based/usecase/map_pdb1_resource.yaml b/docs/multitenant/usecase/map_pdb1_resource.yaml
similarity index 95%
rename from docs/multitenant/lrest-based/usecase/map_pdb1_resource.yaml
rename to docs/multitenant/usecase/map_pdb1_resource.yaml
index 2cd57b87..177b6915 100644
--- a/docs/multitenant/lrest-based/usecase/map_pdb1_resource.yaml
+++ b/docs/multitenant/usecase/map_pdb1_resource.yaml
@@ -10,11 +10,10 @@ spec:
   cdbNamespace: "cdbnamespace"
   cdbName: "DB12"
   pdbName: "pdbdev"
-  assertiveLrpdbDeletion: true
+  imperativeLrpdbDeletion: true
   fileNameConversions: "NONE"
   totalSize: "1G"
   tempSize: "100M"
-  action: "Map"
   adminpdbUser:
     secret:
       secretName: "pdbusr"
diff --git a/docs/multitenant/lrest-based/usecase/map_pdb2_resource.yaml b/docs/multitenant/usecase/map_pdb2_resource.yaml
similarity index 95%
rename from docs/multitenant/lrest-based/usecase/map_pdb2_resource.yaml
rename to docs/multitenant/usecase/map_pdb2_resource.yaml
index bab614cf..3e8028e7 100644
--- a/docs/multitenant/lrest-based/usecase/map_pdb2_resource.yaml
+++ b/docs/multitenant/usecase/map_pdb2_resource.yaml
@@ -10,11 +10,10 @@ spec:
   cdbNamespace: "cdbnamespace"
   cdbName: "DB12"
   pdbName: "pdbprd"
-  assertiveLrpdbDeletion: true
+  imperativeLrpdbDeletion: true
   fileNameConversions: "NONE"
   totalSize: "1G"
   tempSize: "100M"
-  action: "Map"
   adminpdbUser:
     secret:
       secretName: "pdbusr"
diff --git a/docs/multitenant/lrest-based/usecase/map_pdb3_resource.yaml b/docs/multitenant/usecase/map_pdb3_resource.yaml
similarity index 95%
rename from docs/multitenant/lrest-based/usecase/map_pdb3_resource.yaml
rename to docs/multitenant/usecase/map_pdb3_resource.yaml
index 7bbae48d..df69929a 100644
--- a/docs/multitenant/lrest-based/usecase/map_pdb3_resource.yaml
+++ b/docs/multitenant/usecase/map_pdb3_resource.yaml
@@ -10,11 +10,10 @@ spec:
   cdbNamespace: "cdbnamespace"
   cdbName: "DB12"
   pdbName: "new_clone"
-  assertiveLrpdbDeletion: true
+  imperativeLrpdbDeletion: true
   fileNameConversions: "NONE"
   totalSize: "1G"
   tempSize: "100M"
-  action: "Map"
   adminpdbUser:
     secret:
       secretName: "pdbusr"
diff --git a/docs/multitenant/usecase/node_rbac.yaml b/docs/multitenant/usecase/node_rbac.yaml
new file mode 100644
index 00000000..ac474873
--- /dev/null
+++ b/docs/multitenant/usecase/node_rbac.yaml
@@ -0,0 +1,27 @@
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRole
+metadata:
+  name: oracle-database-operator-manager-role-node
+rules:
+- apiGroups:
+  - ""
+  resources:
+  - nodes
+  verbs:
+  - list
+  - watch
+---
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRoleBinding
+metadata:
+  name: oracle-database-operator-manager-role-node-cluster-role-binding
+roleRef:
+  apiGroup: rbac.authorization.k8s.io
+  kind: ClusterRole
+  name: oracle-database-operator-manager-role-node
+subjects:
+- kind: ServiceAccount
+  name: default
+  namespace: oracle-database-operator-system
+---
diff --git a/docs/multitenant/lrest-based/usecase/open_pdb1_resource.yaml b/docs/multitenant/usecase/open_pdb1_resource.yaml
similarity index 97%
rename from docs/multitenant/lrest-based/usecase/open_pdb1_resource.yaml
rename to docs/multitenant/usecase/open_pdb1_resource.yaml
index a845a0bd..8b6dac1f 100644
--- a/docs/multitenant/lrest-based/usecase/open_pdb1_resource.yaml
+++ b/docs/multitenant/usecase/open_pdb1_resource.yaml
@@ -10,7 +10,6 @@ spec:
   cdbNamespace: "cdbnamespace"
   cdbName: "DB12"
   pdbName: "pdbdev"
-  action: "Modify"
   pdbState: "OPEN"
   modifyOption: "READ WRITE"
   adminpdbUser:
diff --git a/docs/multitenant/lrest-based/usecase/open_pdb2_resource.yaml b/docs/multitenant/usecase/open_pdb2_resource.yaml
similarity index 97%
rename from docs/multitenant/lrest-based/usecase/open_pdb2_resource.yaml
rename to docs/multitenant/usecase/open_pdb2_resource.yaml
index 9356184f..c2d24d50 100644
--- a/docs/multitenant/lrest-based/usecase/open_pdb2_resource.yaml
+++ b/docs/multitenant/usecase/open_pdb2_resource.yaml
@@ -10,7 +10,6 @@ spec:
   cdbNamespace: "cdbnamespace"
   cdbName: "DB12"
   pdbName: "pdbprd"
-  action: "Modify"
   pdbState: "OPEN"
   modifyOption: "READ WRITE"
   adminpdbUser:
diff --git a/docs/multitenant/lrest-based/usecase/open_pdb3_resource.yaml b/docs/multitenant/usecase/open_pdb3_resource.yaml
similarity index 97%
rename from docs/multitenant/lrest-based/usecase/open_pdb3_resource.yaml
rename to docs/multitenant/usecase/open_pdb3_resource.yaml
index 1b8024ba..393a7a6f 100644
--- a/docs/multitenant/lrest-based/usecase/open_pdb3_resource.yaml
+++ b/docs/multitenant/usecase/open_pdb3_resource.yaml
@@ -10,7 +10,6 @@ spec:
   cdbNamespace: "cdbnamespace"
   cdbName: "DB12"
   pdbName: "new_clone"
-  action: "Modify"
   pdbState: "OPEN"
   modifyOption: "READ WRITE"
   adminpdbUser:
diff --git a/docs/multitenant/lrest-based/usecase/parameters.txt b/docs/multitenant/usecase/parameters.txt
similarity index 52%
rename from docs/multitenant/lrest-based/usecase/parameters.txt
rename to docs/multitenant/usecase/parameters.txt
index 1f21ed38..34a64c6f 100644
--- a/docs/multitenant/lrest-based/usecase/parameters.txt
+++ b/docs/multitenant/usecase/parameters.txt
@@ -2,7 +2,6 @@
 ########################
 ## REST SERVER IMAGE ###
 ########################
-
 LRESTIMG:container-registry.oracle.com/database/operator:lrest-241210-amd64
 
 ##############################
@@ -14,39 +13,75 @@ TNSALIAS:"(DESCRIPTION=(CONNECT_TIMEOUT=90)(RETRY_COUNT=30)(RETRY_DELAY=10)(TRAN
 ## CDB USER FOR PDB LIFECYCLE MANAGMENT ###
 ###########################################
 
-DBUSER:restdba
-DBPASS:CLWKO655321
+DBUSER:_username_
+DBPASS:_password_
+
+#########################
+## SERVICENAME ACCOUNT ##
+#########################
+SERVICENAMEACCOUNT:_your_service_account_
+
+
+#########################
+## OPENSHIFT           ##
+#########################
+OPENSHIFT:false
+
+#########################
+## PLSQL CONFIGMAP     ##
+#########################
+PLSQLMAP:sql-map-example1
 
 #######################
 ## HTTPS CREDENTIAL ###
 #######################
 
-WBUSER:welcome
-WBPASS:welcome1
+WBUSER:_username_
+WBPASS:_password_
 
 #####################
 ## PDB ADMIN USER ###
 ##################### 
 
-PDBUSR:Citizenkane
-PDBPWD:Rosebud
+PDBUSR:_username_
+PDBPWD:_password_
 
 ###################
 ### NAMESPACES ####
 ###################
-
 PDBNAMESPACE:pdbnamespace
 LRSNAMESPACE:cdbnamespace
 
-
 ####################
 ### COMPANY NAME ### 
 ####################
-
 COMPANY:oracle
 
+##########################
+### CODE TREE          ###
+##########################
+CODE_TREE:../../../../oracle-database-operator
+
+########################
+##  OPERATOR IMAGE   ###
+########################
+#Use this parameter if you need to change the image
+#OPRIMG:lin.ocir.io/intsanjaysingh/operator/dboperator_master_orahub:test
+
+
+##########################
+### PDB AUTODISCOVER   ###
+##########################
+AUTODISCOVER:false
+
 ####################
 ### APIVERSION   ### 
 ####################
-
 APIVERSION:v4
+
+##########################
+### CERT_MANAGER       ###
+##########################
+CERT_MANAGER:https://github.com/cert-manager/cert-manager/releases/download/v1.16.2/cert-manager.yaml
+
+
diff --git a/docs/multitenant/lrest-based/usecase/pdbnamespace_binding.yaml b/docs/multitenant/usecase/pdbnamespace_binding.yaml
similarity index 100%
rename from docs/multitenant/lrest-based/usecase/pdbnamespace_binding.yaml
rename to docs/multitenant/usecase/pdbnamespace_binding.yaml
diff --git a/docs/multitenant/lrest-based/usecase/plug_pdb1_resource.yaml b/docs/multitenant/usecase/plug_pdb1_resource.yaml
similarity index 91%
rename from docs/multitenant/lrest-based/usecase/plug_pdb1_resource.yaml
rename to docs/multitenant/usecase/plug_pdb1_resource.yaml
index d7d310db..7ce0d60e 100644
--- a/docs/multitenant/lrest-based/usecase/plug_pdb1_resource.yaml
+++ b/docs/multitenant/usecase/plug_pdb1_resource.yaml
@@ -10,16 +10,15 @@ spec:
   cdbNamespace: "cdbnamespace"
   cdbName: "DB12"
   pdbName: "pdbdev"
-  xmlFileName: "/tmp/pdb.xml"
-  action: "plug"
+  pdbState: "PLUG"
+  xmlFileName: "/var/tmp/pdb.4095290.xml"
   fileNameConversions: "NONE"
   sourceFileNameConversions: "NONE"
   copyAction: "MOVE"
   totalSize: "1G"
   tempSize: "100M"
-  assertiveLrpdbDeletion: true
+  imperativeLrpdbDeletion: true
   pdbconfigmap: "config-map-pdb"
-  action: "Plug"
   adminpdbUser:
     secret:
       secretName: "pdbusr"
diff --git a/docs/multitenant/usecase/security_context.yaml b/docs/multitenant/usecase/security_context.yaml
new file mode 100644
index 00000000..61d7637d
--- /dev/null
+++ b/docs/multitenant/usecase/security_context.yaml
@@ -0,0 +1,93 @@
+#
+# Copyright (c) 2024, Oracle and/or its affiliates.
+# Licensed under the Universal Permissive License v 1.0 as shown at http://oss.oracle.com/licenses/upl.
+#
+---
+
+# Create a Security Context Contraint
+kind: SecurityContextConstraints
+apiVersion: security.openshift.io/v1
+metadata:
+  name: lrest-scc
+allowPrivilegedContainer: false
+allowedCapabilities:
+  - SYS_NICE
+runAsUser:
+  type: MustRunAs
+  uid: 54321
+seLinuxContext:
+  type: RunAsAny
+fsGroup:
+  type: MustRunAs
+  ranges:
+  - min: 54321
+    max: 54321
+supplementalGroups:
+   type: MustRunAs
+   ranges:
+   - min: 54321
+     max: 54321
+---
+
+# Create a Security Context Contraint
+kind: SecurityContextConstraints
+apiVersion: security.openshift.io/v1
+metadata:
+  name: lrest-root-user-scc
+allowPrivilegedContainer: false
+allowedCapabilities:
+  - SYS_NICE
+runAsUser:
+  type: MustRunAsRange
+  uidRangeMin: 0
+  uidRangeMax: 54321
+seLinuxContext:
+  type: RunAsAny
+fsGroup:
+  type: MustRunAs
+  ranges:
+  - min: 0
+    max: 54325
+supplementalGroups:
+  type: MustRunAs
+  ranges:
+  - min: 0
+    max: 54321
+---
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+  name: lrest-sa
+  namespace: cdbnamespace
+---
+
+kind: Role
+apiVersion: rbac.authorization.k8s.io/v1
+metadata:
+  name: use-lrest-scc
+  namespace: cdbnamespace
+rules:
+  - apiGroups:
+    - security.openshift.io
+    verbs:
+    - use
+    resources:
+    - securitycontextconstraints
+    resourceNames:
+    - lrest-scc
+    - lrest-root-user-scc
+---
+
+kind: RoleBinding
+apiVersion: rbac.authorization.k8s.io/v1
+metadata:
+  name: use-lrest-scc
+  namespace: cdbnamespace
+subjects:
+  - kind: ServiceAccount
+    name: lrest-sa
+    namespace: cdbnamespace
+roleRef:
+  kind: Role
+  name: use-lrest-scc
+  apiGroup: rbac.authorization.k8s.io
diff --git a/docs/multitenant/lrest-based/usecase/unplug_pdb1_resource.yaml b/docs/multitenant/usecase/unplug_pdb1_resource.yaml
similarity index 93%
rename from docs/multitenant/lrest-based/usecase/unplug_pdb1_resource.yaml
rename to docs/multitenant/usecase/unplug_pdb1_resource.yaml
index a5da5a57..f48fe74b 100644
--- a/docs/multitenant/lrest-based/usecase/unplug_pdb1_resource.yaml
+++ b/docs/multitenant/usecase/unplug_pdb1_resource.yaml
@@ -10,8 +10,8 @@ spec:
   cdbNamespace: "cdbnamespace"
   cdbName: "DB12"
   pdbName: "pdbdev"
-  xmlFileName: "/tmp/pdb.xml"
-  action: "Unplug"
+  pdbState: "UNPLUG"
+  xmlFileName: "/var/tmp/pdb.4095290.xml"
   adminpdbUser:
     secret:
       secretName: "pdbusr"
diff --git a/docs/multitenant/usecase01/logfiles/BuildImage.log b/docs/multitenant/usecase01/logfiles/BuildImage.log
deleted file mode 100644
index f35c66d8..00000000
--- a/docs/multitenant/usecase01/logfiles/BuildImage.log
+++ /dev/null
@@ -1,896 +0,0 @@
-/usr/bin/docker build -t oracle/ords-dboper:latest ../../../ords
-Sending build context to Docker daemon  13.82kB
-Step 1/12 : FROM  container-registry.oracle.com/java/jdk:latest
- ---> b8457e2f0b73
-Step 2/12 : ENV ORDS_HOME=/opt/oracle/ords/     RUN_FILE="runOrdsSSL.sh"     ORDSVERSION=23.4.0-8
- ---> Using cache
- ---> 3317a16cd6f8
-Step 3/12 : COPY   $RUN_FILE $ORDS_HOME
- ---> 7995edec33cc
-Step 4/12 : RUN yum -y install yum-utils bind-utils tree hostname openssl net-tools zip unzip tar wget vim-minimal which sudo expect procps curl lsof &&     yum-config-manager --add-repo=http://yum.oracle.com/repo/OracleLinux/OL8/oracle/software/x86_64 &&     yum -y install java-11-openjdk-devel &&     yum -y install iproute &&     yum clean all
- ---> Running in fe168b01f3ad
-Oracle Linux 8 BaseOS Latest (x86_64)            91 MB/s |  79 MB     00:00
-Oracle Linux 8 Application Stream (x86_64)       69 MB/s |  62 MB     00:00
-Last metadata expiration check: 0:00:12 ago on Tue 20 Aug 2024 08:54:50 AM UTC.
-Package yum-utils-4.0.21-23.0.1.el8.noarch is already installed.
-Package tar-2:1.30-9.el8.x86_64 is already installed.
-Package vim-minimal-2:8.0.1763-19.0.1.el8_6.4.x86_64 is already installed.
-Package procps-ng-3.3.15-14.0.1.el8.x86_64 is already installed.
-Package curl-7.61.1-33.el8_9.5.x86_64 is already installed.
-Dependencies resolved.
-================================================================================
- Package                Arch   Version                  Repository         Size
-================================================================================
-Installing:
- bind-utils             x86_64 32:9.11.36-16.el8_10.2   ol8_appstream     453 k
- expect                 x86_64 5.45.4-5.el8             ol8_baseos_latest 266 k
- hostname               x86_64 3.20-6.el8               ol8_baseos_latest  32 k
- lsof                   x86_64 4.93.2-1.el8             ol8_baseos_latest 253 k
- net-tools              x86_64 2.0-0.52.20160912git.el8 ol8_baseos_latest 322 k
- openssl                x86_64 1:1.1.1k-12.el8_9        ol8_baseos_latest 710 k
- sudo                   x86_64 1.9.5p2-1.el8_9          ol8_baseos_latest 1.0 M
- tree                   x86_64 1.7.0-15.el8             ol8_baseos_latest  59 k
- unzip                  x86_64 6.0-46.0.1.el8           ol8_baseos_latest 196 k
- wget                   x86_64 1.19.5-12.0.1.el8_10     ol8_appstream     733 k
- which                  x86_64 2.21-20.el8              ol8_baseos_latest  50 k
- zip                    x86_64 3.0-23.el8               ol8_baseos_latest 270 k
-Upgrading:
- curl                   x86_64 7.61.1-34.el8            ol8_baseos_latest 352 k
- dnf-plugins-core       noarch 4.0.21-25.0.1.el8        ol8_baseos_latest  76 k
- libcurl                x86_64 7.61.1-34.el8            ol8_baseos_latest 303 k
- python3-dnf-plugins-core
-                        noarch 4.0.21-25.0.1.el8        ol8_baseos_latest 263 k
- yum-utils              noarch 4.0.21-25.0.1.el8        ol8_baseos_latest  75 k
-Installing dependencies:
- bind-libs              x86_64 32:9.11.36-16.el8_10.2   ol8_appstream     176 k
- bind-libs-lite         x86_64 32:9.11.36-16.el8_10.2   ol8_appstream     1.2 M
- bind-license           noarch 32:9.11.36-16.el8_10.2   ol8_appstream     104 k
- fstrm                  x86_64 0.6.1-3.el8              ol8_appstream      29 k
- libmaxminddb           x86_64 1.2.0-10.el8_9.1         ol8_appstream      32 k
- libmetalink            x86_64 0.1.3-7.el8              ol8_baseos_latest  32 k
- protobuf-c             x86_64 1.3.0-8.el8              ol8_appstream      37 k
- python3-bind           noarch 32:9.11.36-16.el8_10.2   ol8_appstream     151 k
- python3-ply            noarch 3.9-9.el8                ol8_baseos_latest 111 k
- tcl                    x86_64 1:8.6.8-2.el8            ol8_baseos_latest 1.1 M
-Installing weak dependencies:
- geolite2-city          noarch 20180605-1.el8           ol8_appstream      19 M
- geolite2-country       noarch 20180605-1.el8           ol8_appstream     1.0 M
-
-Transaction Summary
-================================================================================
-Install  24 Packages
-Upgrade   5 Packages
-
-Total download size: 28 M
-Downloading Packages:
-(1/29): hostname-3.20-6.el8.x86_64.rpm          268 kB/s |  32 kB     00:00
-(2/29): libmetalink-0.1.3-7.el8.x86_64.rpm      257 kB/s |  32 kB     00:00
-(3/29): expect-5.45.4-5.el8.x86_64.rpm          1.4 MB/s | 266 kB     00:00
-(4/29): lsof-4.93.2-1.el8.x86_64.rpm            3.2 MB/s | 253 kB     00:00
-(5/29): net-tools-2.0-0.52.20160912git.el8.x86_ 3.6 MB/s | 322 kB     00:00
-(6/29): python3-ply-3.9-9.el8.noarch.rpm        2.7 MB/s | 111 kB     00:00
-(7/29): openssl-1.1.1k-12.el8_9.x86_64.rpm       10 MB/s | 710 kB     00:00
-(8/29): tree-1.7.0-15.el8.x86_64.rpm            2.2 MB/s |  59 kB     00:00
-(9/29): sudo-1.9.5p2-1.el8_9.x86_64.rpm          14 MB/s | 1.0 MB     00:00
-(10/29): unzip-6.0-46.0.1.el8.x86_64.rpm        6.8 MB/s | 196 kB     00:00
-(11/29): which-2.21-20.el8.x86_64.rpm           2.0 MB/s |  50 kB     00:00
-(12/29): tcl-8.6.8-2.el8.x86_64.rpm              13 MB/s | 1.1 MB     00:00
-(13/29): bind-libs-9.11.36-16.el8_10.2.x86_64.r 6.7 MB/s | 176 kB     00:00
-(14/29): zip-3.0-23.el8.x86_64.rpm              8.4 MB/s | 270 kB     00:00
-(15/29): bind-libs-lite-9.11.36-16.el8_10.2.x86  29 MB/s | 1.2 MB     00:00
-(16/29): bind-license-9.11.36-16.el8_10.2.noarc 3.3 MB/s | 104 kB     00:00
-(17/29): bind-utils-9.11.36-16.el8_10.2.x86_64.  13 MB/s | 453 kB     00:00
-(18/29): fstrm-0.6.1-3.el8.x86_64.rpm           1.2 MB/s |  29 kB     00:00
-(19/29): libmaxminddb-1.2.0-10.el8_9.1.x86_64.r 1.3 MB/s |  32 kB     00:00
-(20/29): geolite2-country-20180605-1.el8.noarch  17 MB/s | 1.0 MB     00:00
-(21/29): protobuf-c-1.3.0-8.el8.x86_64.rpm      1.5 MB/s |  37 kB     00:00
-(22/29): python3-bind-9.11.36-16.el8_10.2.noarc 5.8 MB/s | 151 kB     00:00
-(23/29): wget-1.19.5-12.0.1.el8_10.x86_64.rpm    17 MB/s | 733 kB     00:00
-(24/29): curl-7.61.1-34.el8.x86_64.rpm           12 MB/s | 352 kB     00:00
-(25/29): dnf-plugins-core-4.0.21-25.0.1.el8.noa 2.4 MB/s |  76 kB     00:00
-(26/29): libcurl-7.61.1-34.el8.x86_64.rpm       8.6 MB/s | 303 kB     00:00
-(27/29): python3-dnf-plugins-core-4.0.21-25.0.1 9.8 MB/s | 263 kB     00:00
-(28/29): yum-utils-4.0.21-25.0.1.el8.noarch.rpm 3.0 MB/s |  75 kB     00:00
-(29/29): geolite2-city-20180605-1.el8.noarch.rp  66 MB/s |  19 MB     00:00
---------------------------------------------------------------------------------
-Total                                            43 MB/s |  28 MB     00:00
-Running transaction check
-Transaction check succeeded.
-Running transaction test
-Transaction test succeeded.
-Running transaction
-  Preparing        :                                                        1/1
-  Running scriptlet: protobuf-c-1.3.0-8.el8.x86_64                          1/1
-  Installing       : protobuf-c-1.3.0-8.el8.x86_64                         1/34
-  Installing       : fstrm-0.6.1-3.el8.x86_64                              2/34
-  Installing       : bind-license-32:9.11.36-16.el8_10.2.noarch            3/34
-  Upgrading        : python3-dnf-plugins-core-4.0.21-25.0.1.el8.noarch     4/34
-  Upgrading        : dnf-plugins-core-4.0.21-25.0.1.el8.noarch             5/34
-  Upgrading        : libcurl-7.61.1-34.el8.x86_64                          6/34
-  Installing       : geolite2-country-20180605-1.el8.noarch                7/34
-  Installing       : geolite2-city-20180605-1.el8.noarch                   8/34
-  Installing       : libmaxminddb-1.2.0-10.el8_9.1.x86_64                  9/34
-  Running scriptlet: libmaxminddb-1.2.0-10.el8_9.1.x86_64                  9/34
-  Installing       : bind-libs-lite-32:9.11.36-16.el8_10.2.x86_64         10/34
-  Installing       : bind-libs-32:9.11.36-16.el8_10.2.x86_64              11/34
-  Installing       : unzip-6.0-46.0.1.el8.x86_64                          12/34
-  Installing       : tcl-1:8.6.8-2.el8.x86_64                             13/34
-  Running scriptlet: tcl-1:8.6.8-2.el8.x86_64                             13/34
-  Installing       : python3-ply-3.9-9.el8.noarch                         14/34
-  Installing       : python3-bind-32:9.11.36-16.el8_10.2.noarch           15/34
-  Installing       : libmetalink-0.1.3-7.el8.x86_64                       16/34
-  Installing       : wget-1.19.5-12.0.1.el8_10.x86_64                     17/34
-  Running scriptlet: wget-1.19.5-12.0.1.el8_10.x86_64                     17/34
-  Installing       : bind-utils-32:9.11.36-16.el8_10.2.x86_64             18/34
-  Installing       : expect-5.45.4-5.el8.x86_64                           19/34
-  Installing       : zip-3.0-23.el8.x86_64                                20/34
-  Upgrading        : curl-7.61.1-34.el8.x86_64                            21/34
-  Upgrading        : yum-utils-4.0.21-25.0.1.el8.noarch                   22/34
-  Installing       : which-2.21-20.el8.x86_64                             23/34
-  Installing       : tree-1.7.0-15.el8.x86_64                             24/34
-  Installing       : sudo-1.9.5p2-1.el8_9.x86_64                          25/34
-  Running scriptlet: sudo-1.9.5p2-1.el8_9.x86_64                          25/34
-  Installing       : openssl-1:1.1.1k-12.el8_9.x86_64                     26/34
-  Installing       : net-tools-2.0-0.52.20160912git.el8.x86_64            27/34
-  Running scriptlet: net-tools-2.0-0.52.20160912git.el8.x86_64            27/34
-  Installing       : lsof-4.93.2-1.el8.x86_64                             28/34
-  Installing       : hostname-3.20-6.el8.x86_64                           29/34
-  Running scriptlet: hostname-3.20-6.el8.x86_64                           29/34
-  Cleanup          : curl-7.61.1-33.el8_9.5.x86_64                        30/34
-  Cleanup          : yum-utils-4.0.21-23.0.1.el8.noarch                   31/34
-  Cleanup          : dnf-plugins-core-4.0.21-23.0.1.el8.noarch            32/34
-  Cleanup          : python3-dnf-plugins-core-4.0.21-23.0.1.el8.noarch    33/34
-  Cleanup          : libcurl-7.61.1-33.el8_9.5.x86_64                     34/34
-  Running scriptlet: libcurl-7.61.1-33.el8_9.5.x86_64                     34/34
-  Verifying        : expect-5.45.4-5.el8.x86_64                            1/34
-  Verifying        : hostname-3.20-6.el8.x86_64                            2/34
-  Verifying        : libmetalink-0.1.3-7.el8.x86_64                        3/34
-  Verifying        : lsof-4.93.2-1.el8.x86_64                              4/34
-  Verifying        : net-tools-2.0-0.52.20160912git.el8.x86_64             5/34
-  Verifying        : openssl-1:1.1.1k-12.el8_9.x86_64                      6/34
-  Verifying        : python3-ply-3.9-9.el8.noarch                          7/34
-  Verifying        : sudo-1.9.5p2-1.el8_9.x86_64                           8/34
-  Verifying        : tcl-1:8.6.8-2.el8.x86_64                              9/34
-  Verifying        : tree-1.7.0-15.el8.x86_64                             10/34
-  Verifying        : unzip-6.0-46.0.1.el8.x86_64                          11/34
-  Verifying        : which-2.21-20.el8.x86_64                             12/34
-  Verifying        : zip-3.0-23.el8.x86_64                                13/34
-  Verifying        : bind-libs-32:9.11.36-16.el8_10.2.x86_64              14/34
-  Verifying        : bind-libs-lite-32:9.11.36-16.el8_10.2.x86_64         15/34
-  Verifying        : bind-license-32:9.11.36-16.el8_10.2.noarch           16/34
-  Verifying        : bind-utils-32:9.11.36-16.el8_10.2.x86_64             17/34
-  Verifying        : fstrm-0.6.1-3.el8.x86_64                             18/34
-  Verifying        : geolite2-city-20180605-1.el8.noarch                  19/34
-  Verifying        : geolite2-country-20180605-1.el8.noarch               20/34
-  Verifying        : libmaxminddb-1.2.0-10.el8_9.1.x86_64                 21/34
-  Verifying        : protobuf-c-1.3.0-8.el8.x86_64                        22/34
-  Verifying        : python3-bind-32:9.11.36-16.el8_10.2.noarch           23/34
-  Verifying        : wget-1.19.5-12.0.1.el8_10.x86_64                     24/34
-  Verifying        : curl-7.61.1-34.el8.x86_64                            25/34
-  Verifying        : curl-7.61.1-33.el8_9.5.x86_64                        26/34
-  Verifying        : dnf-plugins-core-4.0.21-25.0.1.el8.noarch            27/34
-  Verifying        : dnf-plugins-core-4.0.21-23.0.1.el8.noarch            28/34
-  Verifying        : libcurl-7.61.1-34.el8.x86_64                         29/34
-  Verifying        : libcurl-7.61.1-33.el8_9.5.x86_64                     30/34
-  Verifying        : python3-dnf-plugins-core-4.0.21-25.0.1.el8.noarch    31/34
-  Verifying        : python3-dnf-plugins-core-4.0.21-23.0.1.el8.noarch    32/34
-  Verifying        : yum-utils-4.0.21-25.0.1.el8.noarch                   33/34
-  Verifying        : yum-utils-4.0.21-23.0.1.el8.noarch                   34/34
-
-Upgraded:
-  curl-7.61.1-34.el8.x86_64
-  dnf-plugins-core-4.0.21-25.0.1.el8.noarch
-  libcurl-7.61.1-34.el8.x86_64
-  python3-dnf-plugins-core-4.0.21-25.0.1.el8.noarch
-  yum-utils-4.0.21-25.0.1.el8.noarch
-Installed:
-  bind-libs-32:9.11.36-16.el8_10.2.x86_64
-  bind-libs-lite-32:9.11.36-16.el8_10.2.x86_64
-  bind-license-32:9.11.36-16.el8_10.2.noarch
-  bind-utils-32:9.11.36-16.el8_10.2.x86_64
-  expect-5.45.4-5.el8.x86_64
-  fstrm-0.6.1-3.el8.x86_64
-  geolite2-city-20180605-1.el8.noarch
-  geolite2-country-20180605-1.el8.noarch
-  hostname-3.20-6.el8.x86_64
-  libmaxminddb-1.2.0-10.el8_9.1.x86_64
-  libmetalink-0.1.3-7.el8.x86_64
-  lsof-4.93.2-1.el8.x86_64
-  net-tools-2.0-0.52.20160912git.el8.x86_64
-  openssl-1:1.1.1k-12.el8_9.x86_64
-  protobuf-c-1.3.0-8.el8.x86_64
-  python3-bind-32:9.11.36-16.el8_10.2.noarch
-  python3-ply-3.9-9.el8.noarch
-  sudo-1.9.5p2-1.el8_9.x86_64
-  tcl-1:8.6.8-2.el8.x86_64
-  tree-1.7.0-15.el8.x86_64
-  unzip-6.0-46.0.1.el8.x86_64
-  wget-1.19.5-12.0.1.el8_10.x86_64
-  which-2.21-20.el8.x86_64
-  zip-3.0-23.el8.x86_64
-
-Complete!
-Adding repo from: http://yum.oracle.com/repo/OracleLinux/OL8/oracle/software/x86_64
-created by dnf config-manager from http://yum.o 496 kB/s | 139 kB     00:00
-Last metadata expiration check: 0:00:01 ago on Tue 20 Aug 2024 08:55:14 AM UTC.
-Dependencies resolved.
-==============================================================================================
- Package                     Arch    Version                          Repository          Size
-==============================================================================================
-Installing:
- java-11-openjdk-devel       x86_64  1:11.0.24.0.8-3.0.1.el8          ol8_appstream      3.4 M
-Installing dependencies:
- adwaita-cursor-theme        noarch  3.28.0-3.el8                     ol8_appstream      647 k
- adwaita-icon-theme          noarch  3.28.0-3.el8                     ol8_appstream       11 M
- alsa-lib                    x86_64  1.2.10-2.el8                     ol8_appstream      500 k
- at-spi2-atk                 x86_64  2.26.2-1.el8                     ol8_appstream       89 k
- at-spi2-core                x86_64  2.28.0-1.el8                     ol8_appstream      169 k
- atk                         x86_64  2.28.1-1.el8                     ol8_appstream      272 k
- avahi-libs                  x86_64  0.7-27.el8                       ol8_baseos_latest   61 k
- cairo                       x86_64  1.15.12-6.el8                    ol8_appstream      719 k
- cairo-gobject               x86_64  1.15.12-6.el8                    ol8_appstream       33 k
- colord-libs                 x86_64  1.4.2-1.el8                      ol8_appstream      236 k
- copy-jdk-configs            noarch  4.0-2.el8                        ol8_appstream       30 k
- cpio                        x86_64  2.12-11.el8                      ol8_baseos_latest  266 k
- crypto-policies-scripts     noarch  20230731-1.git3177e06.el8        ol8_baseos_latest   84 k
- cups-libs                   x86_64  1:2.2.6-60.el8_10                ol8_baseos_latest  435 k
- dracut                      x86_64  049-233.git20240115.0.1.el8      ol8_baseos_latest  382 k
- file                        x86_64  5.33-25.el8                      ol8_baseos_latest   77 k
- fribidi                     x86_64  1.0.4-9.el8                      ol8_appstream       89 k
- gdk-pixbuf2                 x86_64  2.36.12-6.el8_10                 ol8_baseos_latest  465 k
- gdk-pixbuf2-modules         x86_64  2.36.12-6.el8_10                 ol8_appstream      108 k
- gettext                     x86_64  0.19.8.1-17.el8                  ol8_baseos_latest  1.1 M
- gettext-libs                x86_64  0.19.8.1-17.el8                  ol8_baseos_latest  312 k
- glib-networking             x86_64  2.56.1-1.1.el8                   ol8_baseos_latest  155 k
- graphite2                   x86_64  1.3.10-10.el8                    ol8_appstream      122 k
- grub2-common                noarch  1:2.02-156.0.2.el8               ol8_baseos_latest  897 k
- grub2-tools                 x86_64  1:2.02-156.0.2.el8               ol8_baseos_latest  2.0 M
- grub2-tools-minimal         x86_64  1:2.02-156.0.2.el8               ol8_baseos_latest  215 k
- gsettings-desktop-schemas   x86_64  3.32.0-6.el8                     ol8_baseos_latest  633 k
- gtk-update-icon-cache       x86_64  3.22.30-11.el8                   ol8_appstream       32 k
- harfbuzz                    x86_64  1.7.5-4.el8                      ol8_appstream      295 k
- hicolor-icon-theme          noarch  0.17-2.el8                       ol8_appstream       48 k
- jasper-libs                 x86_64  2.0.14-5.el8                     ol8_appstream      167 k
- java-11-openjdk             x86_64  1:11.0.24.0.8-3.0.1.el8          ol8_appstream      475 k
- java-11-openjdk-headless    x86_64  1:11.0.24.0.8-3.0.1.el8          ol8_appstream       42 M
- javapackages-filesystem     noarch  5.3.0-1.module+el8+5136+7ff78f74 ol8_appstream       30 k
- jbigkit-libs                x86_64  2.1-14.el8                       ol8_appstream       55 k
- json-glib                   x86_64  1.4.4-1.el8                      ol8_baseos_latest  144 k
- kbd-legacy                  noarch  2.0.4-11.el8                     ol8_baseos_latest  481 k
- kbd-misc                    noarch  2.0.4-11.el8                     ol8_baseos_latest  1.5 M
- lcms2                       x86_64  2.9-2.el8                        ol8_appstream      164 k
- libX11                      x86_64  1.6.8-8.el8                      ol8_appstream      611 k
- libX11-common               noarch  1.6.8-8.el8                      ol8_appstream      157 k
- libXau                      x86_64  1.0.9-3.el8                      ol8_appstream       37 k
- libXcomposite               x86_64  0.4.4-14.el8                     ol8_appstream       28 k
- libXcursor                  x86_64  1.1.15-3.el8                     ol8_appstream       36 k
- libXdamage                  x86_64  1.1.4-14.el8                     ol8_appstream       27 k
- libXext                     x86_64  1.3.4-1.el8                      ol8_appstream       45 k
- libXfixes                   x86_64  5.0.3-7.el8                      ol8_appstream       25 k
- libXft                      x86_64  2.3.3-1.el8                      ol8_appstream       67 k
- libXi                       x86_64  1.7.10-1.el8                     ol8_appstream       49 k
- libXinerama                 x86_64  1.1.4-1.el8                      ol8_appstream       15 k
- libXrandr                   x86_64  1.5.2-1.el8                      ol8_appstream       34 k
- libXrender                  x86_64  0.9.10-7.el8                     ol8_appstream       33 k
- libXtst                     x86_64  1.2.3-7.el8                      ol8_appstream       22 k
- libcroco                    x86_64  0.6.12-4.el8_2.1                 ol8_baseos_latest  113 k
- libdatrie                   x86_64  0.2.9-7.el8                      ol8_appstream       33 k
- libepoxy                    x86_64  1.5.8-1.el8                      ol8_appstream      225 k
- libfontenc                  x86_64  1.1.3-8.el8                      ol8_appstream       37 k
- libgomp                     x86_64  8.5.0-22.0.1.el8_10              ol8_baseos_latest  218 k
- libgusb                     x86_64  0.3.0-1.el8                      ol8_baseos_latest   49 k
- libjpeg-turbo               x86_64  1.5.3-12.el8                     ol8_appstream      157 k
- libkcapi                    x86_64  1.4.0-2.0.1.el8                  ol8_baseos_latest   52 k
- libkcapi-hmaccalc           x86_64  1.4.0-2.0.1.el8                  ol8_baseos_latest   31 k
- libmodman                   x86_64  2.0.1-17.el8                     ol8_baseos_latest   36 k
- libpkgconf                  x86_64  1.4.2-1.el8                      ol8_baseos_latest   35 k
- libproxy                    x86_64  0.4.15-5.2.el8                   ol8_baseos_latest   75 k
- libsoup                     x86_64  2.62.3-5.el8                     ol8_baseos_latest  424 k
- libthai                     x86_64  0.1.27-2.el8                     ol8_appstream      203 k
- libtiff                     x86_64  4.0.9-32.el8_10                  ol8_appstream      189 k
- libwayland-client           x86_64  1.21.0-1.el8                     ol8_appstream       41 k
- libwayland-cursor           x86_64  1.21.0-1.el8                     ol8_appstream       26 k
- libwayland-egl              x86_64  1.21.0-1.el8                     ol8_appstream       19 k
- libxcb                      x86_64  1.13.1-1.el8                     ol8_appstream      231 k
- libxkbcommon                x86_64  0.9.1-1.el8                      ol8_appstream      116 k
- lksctp-tools                x86_64  1.0.18-3.el8                     ol8_baseos_latest  100 k
- lua                         x86_64  5.3.4-12.el8                     ol8_appstream      192 k
- nspr                        x86_64  4.35.0-1.el8_8                   ol8_appstream      143 k
- nss                         x86_64  3.90.0-7.el8_10                  ol8_appstream      750 k
- nss-softokn                 x86_64  3.90.0-7.el8_10                  ol8_appstream      1.2 M
- nss-softokn-freebl          x86_64  3.90.0-7.el8_10                  ol8_appstream      375 k
- nss-sysinit                 x86_64  3.90.0-7.el8_10                  ol8_appstream       74 k
- nss-util                    x86_64  3.90.0-7.el8_10                  ol8_appstream      139 k
- os-prober                   x86_64  1.74-9.0.1.el8                   ol8_baseos_latest   51 k
- pango                       x86_64  1.42.4-8.el8                     ol8_appstream      297 k
- pixman                      x86_64  0.38.4-4.el8                     ol8_appstream      256 k
- pkgconf                     x86_64  1.4.2-1.el8                      ol8_baseos_latest   38 k
- pkgconf-m4                  noarch  1.4.2-1.el8                      ol8_baseos_latest   17 k
- pkgconf-pkg-config          x86_64  1.4.2-1.el8                      ol8_baseos_latest   15 k
- rest                        x86_64  0.8.1-2.el8                      ol8_appstream       70 k
- shared-mime-info            x86_64  1.9-4.el8                        ol8_baseos_latest  328 k
- systemd-udev                x86_64  239-78.0.4.el8                   ol8_baseos_latest  1.6 M
- ttmkfdir                    x86_64  3.0.9-54.el8                     ol8_appstream       62 k
- tzdata-java                 noarch  2024a-1.0.1.el8                  ol8_appstream      186 k
- xkeyboard-config            noarch  2.28-1.el8                       ol8_appstream      782 k
- xorg-x11-font-utils         x86_64  1:7.5-41.el8                     ol8_appstream      104 k
- xorg-x11-fonts-Type1        noarch  7.5-19.el8                       ol8_appstream      522 k
- xz                          x86_64  5.2.4-4.el8_6                    ol8_baseos_latest  153 k
-Installing weak dependencies:
- abattis-cantarell-fonts     noarch  0.0.25-6.el8                     ol8_appstream      155 k
- dconf                       x86_64  0.28.0-4.0.1.el8                 ol8_appstream      108 k
- dejavu-sans-mono-fonts      noarch  2.35-7.el8                       ol8_baseos_latest  447 k
- grubby                      x86_64  8.40-49.0.2.el8                  ol8_baseos_latest   50 k
- gtk3                        x86_64  3.22.30-11.el8                   ol8_appstream      4.5 M
- hardlink                    x86_64  1:1.3-6.el8                      ol8_baseos_latest   29 k
- kbd                         x86_64  2.0.4-11.el8                     ol8_baseos_latest  390 k
- memstrack                   x86_64  0.2.5-2.el8                      ol8_baseos_latest   51 k
- pigz                        x86_64  2.4-4.el8                        ol8_baseos_latest   80 k
-Enabling module streams:
- javapackages-runtime                201801
-
-Transaction Summary
-==============================================================================================
-Install  106 Packages
-
-Total download size: 86 M
-Installed size: 312 M
-Downloading Packages:
-(1/106): crypto-policies-scripts-20230731-1.git 862 kB/s |  84 kB     00:00
-(2/106): avahi-libs-0.7-27.el8.x86_64.rpm       602 kB/s |  61 kB     00:00
-(3/106): cpio-2.12-11.el8.x86_64.rpm            1.8 MB/s | 266 kB     00:00
-(4/106): cups-libs-2.2.6-60.el8_10.x86_64.rpm   5.7 MB/s | 435 kB     00:00
-(5/106): dejavu-sans-mono-fonts-2.35-7.el8.noar 5.1 MB/s | 447 kB     00:00
-(6/106): dracut-049-233.git20240115.0.1.el8.x86 7.0 MB/s | 382 kB     00:00
-(7/106): gdk-pixbuf2-2.36.12-6.el8_10.x86_64.rp  12 MB/s | 465 kB     00:00
-(8/106): gettext-libs-0.19.8.1-17.el8.x86_64.rp 9.3 MB/s | 312 kB     00:00
-(9/106): gettext-0.19.8.1-17.el8.x86_64.rpm      16 MB/s | 1.1 MB     00:00
-(10/106): glib-networking-2.56.1-1.1.el8.x86_64 6.0 MB/s | 155 kB     00:00
-(11/106): grub2-common-2.02-156.0.2.el8.noarch.  26 MB/s | 897 kB     00:00
-(12/106): grub2-tools-minimal-2.02-156.0.2.el8. 8.2 MB/s | 215 kB     00:00
-(13/106): grubby-8.40-49.0.2.el8.x86_64.rpm     2.1 MB/s |  50 kB     00:00
-(14/106): grub2-tools-2.02-156.0.2.el8.x86_64.r  26 MB/s | 2.0 MB     00:00
-(15/106): gsettings-desktop-schemas-3.32.0-6.el  19 MB/s | 633 kB     00:00
-(16/106): hardlink-1.3-6.el8.x86_64.rpm         1.1 MB/s |  29 kB     00:00
-(17/106): json-glib-1.4.4-1.el8.x86_64.rpm      5.9 MB/s | 144 kB     00:00
-(18/106): kbd-2.0.4-11.el8.x86_64.rpm            14 MB/s | 390 kB     00:00
-(19/106): kbd-legacy-2.0.4-11.el8.noarch.rpm     17 MB/s | 481 kB     00:00
-(20/106): kbd-misc-2.0.4-11.el8.noarch.rpm       41 MB/s | 1.5 MB     00:00
-(21/106): libcroco-0.6.12-4.el8_2.1.x86_64.rpm  4.7 MB/s | 113 kB     00:00
-(22/106): libgomp-8.5.0-22.0.1.el8_10.x86_64.rp 9.1 MB/s | 218 kB     00:00
-(23/106): libgusb-0.3.0-1.el8.x86_64.rpm        2.1 MB/s |  49 kB     00:00
-(24/106): libkcapi-1.4.0-2.0.1.el8.x86_64.rpm   1.6 MB/s |  52 kB     00:00
-(25/106): libkcapi-hmaccalc-1.4.0-2.0.1.el8.x86 822 kB/s |  31 kB     00:00
-(26/106): libmodman-2.0.1-17.el8.x86_64.rpm     1.6 MB/s |  36 kB     00:00
-(27/106): libpkgconf-1.4.2-1.el8.x86_64.rpm     1.2 MB/s |  35 kB     00:00
-(28/106): libproxy-0.4.15-5.2.el8.x86_64.rpm    3.0 MB/s |  75 kB     00:00
-(29/106): libsoup-2.62.3-5.el8.x86_64.rpm        15 MB/s | 424 kB     00:00
-(30/106): lksctp-tools-1.0.18-3.el8.x86_64.rpm  3.5 MB/s | 100 kB     00:00
-(31/106): memstrack-0.2.5-2.el8.x86_64.rpm      2.2 MB/s |  51 kB     00:00
-(32/106): os-prober-1.74-9.0.1.el8.x86_64.rpm   2.2 MB/s |  51 kB     00:00
-(33/106): pigz-2.4-4.el8.x86_64.rpm             3.5 MB/s |  80 kB     00:00
-(34/106): pkgconf-1.4.2-1.el8.x86_64.rpm        1.7 MB/s |  38 kB     00:00
-(35/106): pkgconf-m4-1.4.2-1.el8.noarch.rpm     761 kB/s |  17 kB     00:00
-(36/106): pkgconf-pkg-config-1.4.2-1.el8.x86_64 691 kB/s |  15 kB     00:00
-(37/106): shared-mime-info-1.9-4.el8.x86_64.rpm  13 MB/s | 328 kB     00:00
-(38/106): systemd-udev-239-78.0.4.el8.x86_64.rp  32 MB/s | 1.6 MB     00:00
-(39/106): xz-5.2.4-4.el8_6.x86_64.rpm           5.2 MB/s | 153 kB     00:00
-(40/106): abattis-cantarell-fonts-0.0.25-6.el8. 6.4 MB/s | 155 kB     00:00
-(41/106): adwaita-cursor-theme-3.28.0-3.el8.noa  22 MB/s | 647 kB     00:00
-(42/106): alsa-lib-1.2.10-2.el8.x86_64.rpm       18 MB/s | 500 kB     00:00
-(43/106): at-spi2-atk-2.26.2-1.el8.x86_64.rpm   3.8 MB/s |  89 kB     00:00
-(44/106): at-spi2-core-2.28.0-1.el8.x86_64.rpm  6.9 MB/s | 169 kB     00:00
-(45/106): atk-2.28.1-1.el8.x86_64.rpm           9.2 MB/s | 272 kB     00:00
-(46/106): cairo-1.15.12-6.el8.x86_64.rpm         24 MB/s | 719 kB     00:00
-(47/106): adwaita-icon-theme-3.28.0-3.el8.noarc  65 MB/s |  11 MB     00:00
-(48/106): cairo-gobject-1.15.12-6.el8.x86_64.rp 914 kB/s |  33 kB     00:00
-(49/106): colord-libs-1.4.2-1.el8.x86_64.rpm    9.5 MB/s | 236 kB     00:00
-(50/106): copy-jdk-configs-4.0-2.el8.noarch.rpm 1.1 MB/s |  30 kB     00:00
-(51/106): dconf-0.28.0-4.0.1.el8.x86_64.rpm     4.4 MB/s | 108 kB     00:00
-(52/106): fribidi-1.0.4-9.el8.x86_64.rpm        3.9 MB/s |  89 kB     00:00
-(53/106): graphite2-1.3.10-10.el8.x86_64.rpm    5.1 MB/s | 122 kB     00:00
-(54/106): gdk-pixbuf2-modules-2.36.12-6.el8_10. 3.6 MB/s | 108 kB     00:00
-(55/106): gtk-update-icon-cache-3.22.30-11.el8. 1.4 MB/s |  32 kB     00:00
-(56/106): harfbuzz-1.7.5-4.el8.x86_64.rpm        11 MB/s | 295 kB     00:00
-(57/106): gtk3-3.22.30-11.el8.x86_64.rpm         68 MB/s | 4.5 MB     00:00
-(58/106): hicolor-icon-theme-0.17-2.el8.noarch. 2.1 MB/s |  48 kB     00:00
-(59/106): java-11-openjdk-11.0.24.0.8-3.0.1.el8  17 MB/s | 475 kB     00:00
-(60/106): jasper-libs-2.0.14-5.el8.x86_64.rpm   5.0 MB/s | 167 kB     00:00
-(61/106): java-11-openjdk-devel-11.0.24.0.8-3.0  61 MB/s | 3.4 MB     00:00
-(62/106): javapackages-filesystem-5.3.0-1.modul 1.2 MB/s |  30 kB     00:00
-(63/106): jbigkit-libs-2.1-14.el8.x86_64.rpm    2.1 MB/s |  55 kB     00:00
-(64/106): lcms2-2.9-2.el8.x86_64.rpm            3.8 MB/s | 164 kB     00:00
-(65/106): libX11-1.6.8-8.el8.x86_64.rpm          20 MB/s | 611 kB     00:00
-(66/106): libX11-common-1.6.8-8.el8.noarch.rpm  6.8 MB/s | 157 kB     00:00
-(67/106): libXau-1.0.9-3.el8.x86_64.rpm         1.6 MB/s |  37 kB     00:00
-(68/106): libXcomposite-0.4.4-14.el8.x86_64.rpm 1.3 MB/s |  28 kB     00:00
-(69/106): libXcursor-1.1.15-3.el8.x86_64.rpm    1.6 MB/s |  36 kB     00:00
-(70/106): libXdamage-1.1.4-14.el8.x86_64.rpm    1.2 MB/s |  27 kB     00:00
-(71/106): libXext-1.3.4-1.el8.x86_64.rpm        2.0 MB/s |  45 kB     00:00
-(72/106): libXfixes-5.0.3-7.el8.x86_64.rpm      1.1 MB/s |  25 kB     00:00
-(73/106): libXft-2.3.3-1.el8.x86_64.rpm         2.9 MB/s |  67 kB     00:00
-(74/106): libXi-1.7.10-1.el8.x86_64.rpm         2.2 MB/s |  49 kB     00:00
-(75/106): libXinerama-1.1.4-1.el8.x86_64.rpm    717 kB/s |  15 kB     00:00
-(76/106): libXrandr-1.5.2-1.el8.x86_64.rpm      1.5 MB/s |  34 kB     00:00
-(77/106): libXrender-0.9.10-7.el8.x86_64.rpm    1.4 MB/s |  33 kB     00:00
-(78/106): libXtst-1.2.3-7.el8.x86_64.rpm        957 kB/s |  22 kB     00:00
-(79/106): java-11-openjdk-headless-11.0.24.0.8-  71 MB/s |  42 MB     00:00
-(80/106): libdatrie-0.2.9-7.el8.x86_64.rpm      274 kB/s |  33 kB     00:00
-(81/106): libepoxy-1.5.8-1.el8.x86_64.rpm       9.1 MB/s | 225 kB     00:00
-(82/106): libfontenc-1.1.3-8.el8.x86_64.rpm     1.5 MB/s |  37 kB     00:00
-(83/106): libthai-0.1.27-2.el8.x86_64.rpm       8.2 MB/s | 203 kB     00:00
-(84/106): libjpeg-turbo-1.5.3-12.el8.x86_64.rpm 5.1 MB/s | 157 kB     00:00
-(85/106): libtiff-4.0.9-32.el8_10.x86_64.rpm    7.8 MB/s | 189 kB     00:00
-(86/106): libwayland-client-1.21.0-1.el8.x86_64 1.7 MB/s |  41 kB     00:00
-(87/106): libwayland-cursor-1.21.0-1.el8.x86_64 1.2 MB/s |  26 kB     00:00
-(88/106): libwayland-egl-1.21.0-1.el8.x86_64.rp 801 kB/s |  19 kB     00:00
-(89/106): libxcb-1.13.1-1.el8.x86_64.rpm        9.7 MB/s | 231 kB     00:00
-(90/106): libxkbcommon-0.9.1-1.el8.x86_64.rpm   5.0 MB/s | 116 kB     00:00
-(91/106): nspr-4.35.0-1.el8_8.x86_64.rpm        6.0 MB/s | 143 kB     00:00
-(92/106): lua-5.3.4-12.el8.x86_64.rpm           5.9 MB/s | 192 kB     00:00
-(93/106): nss-softokn-3.90.0-7.el8_10.x86_64.rp  38 MB/s | 1.2 MB     00:00
-(94/106): nss-3.90.0-7.el8_10.x86_64.rpm         17 MB/s | 750 kB     00:00
-(95/106): nss-softokn-freebl-3.90.0-7.el8_10.x8  14 MB/s | 375 kB     00:00
-(96/106): nss-sysinit-3.90.0-7.el8_10.x86_64.rp 3.2 MB/s |  74 kB     00:00
-(97/106): nss-util-3.90.0-7.el8_10.x86_64.rpm   5.8 MB/s | 139 kB     00:00
-(98/106): pango-1.42.4-8.el8.x86_64.rpm          11 MB/s | 297 kB     00:00
-(99/106): pixman-0.38.4-4.el8.x86_64.rpm         10 MB/s | 256 kB     00:00
-(100/106): rest-0.8.1-2.el8.x86_64.rpm          3.1 MB/s |  70 kB     00:00
-(101/106): ttmkfdir-3.0.9-54.el8.x86_64.rpm     2.5 MB/s |  62 kB     00:00
-(102/106): tzdata-java-2024a-1.0.1.el8.noarch.r 7.4 MB/s | 186 kB     00:00
-(103/106): xkeyboard-config-2.28-1.el8.noarch.r  27 MB/s | 782 kB     00:00
-(104/106): xorg-x11-font-utils-7.5-41.el8.x86_6 3.9 MB/s | 104 kB     00:00
-(105/106): xorg-x11-fonts-Type1-7.5-19.el8.noar 1.3 MB/s | 522 kB     00:00
-(106/106): file-5.33-25.el8.x86_64.rpm           26 kB/s |  77 kB     00:02
---------------------------------------------------------------------------------
-Total                                            27 MB/s |  86 MB     00:03
-Running transaction check
-Transaction check succeeded.
-Running transaction test
-Transaction test succeeded.
-Running transaction
-  Running scriptlet: copy-jdk-configs-4.0-2.el8.noarch                      1/1
-  Running scriptlet: java-11-openjdk-headless-1:11.0.24.0.8-3.0.1.el8.x86   1/1
-  Preparing        :                                                        1/1
-  Installing       : nspr-4.35.0-1.el8_8.x86_64                           1/106
-  Running scriptlet: nspr-4.35.0-1.el8_8.x86_64                           1/106
-  Installing       : nss-util-3.90.0-7.el8_10.x86_64                      2/106
-  Installing       : libjpeg-turbo-1.5.3-12.el8.x86_64                    3/106
-  Installing       : pixman-0.38.4-4.el8.x86_64                           4/106
-  Installing       : libwayland-client-1.21.0-1.el8.x86_64                5/106
-  Installing       : atk-2.28.1-1.el8.x86_64                              6/106
-  Installing       : libgomp-8.5.0-22.0.1.el8_10.x86_64                   7/106
-  Running scriptlet: libgomp-8.5.0-22.0.1.el8_10.x86_64                   7/106
-  Installing       : libcroco-0.6.12-4.el8_2.1.x86_64                     8/106
-  Running scriptlet: libcroco-0.6.12-4.el8_2.1.x86_64                     8/106
-  Installing       : grub2-common-1:2.02-156.0.2.el8.noarch               9/106
-  Installing       : gettext-libs-0.19.8.1-17.el8.x86_64                 10/106
-  Installing       : gettext-0.19.8.1-17.el8.x86_64                      11/106
-  Running scriptlet: gettext-0.19.8.1-17.el8.x86_64                      11/106
-  Installing       : grub2-tools-minimal-1:2.02-156.0.2.el8.x86_64       12/106
-  Installing       : libwayland-cursor-1.21.0-1.el8.x86_64               13/106
-  Installing       : jasper-libs-2.0.14-5.el8.x86_64                     14/106
-  Installing       : nss-softokn-freebl-3.90.0-7.el8_10.x86_64           15/106
-  Installing       : nss-softokn-3.90.0-7.el8_10.x86_64                  16/106
-  Installing       : xkeyboard-config-2.28-1.el8.noarch                  17/106
-  Installing       : libxkbcommon-0.9.1-1.el8.x86_64                     18/106
-  Installing       : tzdata-java-2024a-1.0.1.el8.noarch                  19/106
-  Installing       : ttmkfdir-3.0.9-54.el8.x86_64                        20/106
-  Installing       : lua-5.3.4-12.el8.x86_64                             21/106
-  Installing       : copy-jdk-configs-4.0-2.el8.noarch                   22/106
-  Installing       : libwayland-egl-1.21.0-1.el8.x86_64                  23/106
-  Installing       : libfontenc-1.1.3-8.el8.x86_64                       24/106
-  Installing       : libepoxy-1.5.8-1.el8.x86_64                         25/106
-  Installing       : libdatrie-0.2.9-7.el8.x86_64                        26/106
-  Running scriptlet: libdatrie-0.2.9-7.el8.x86_64                        26/106
-  Installing       : libthai-0.1.27-2.el8.x86_64                         27/106
-  Running scriptlet: libthai-0.1.27-2.el8.x86_64                         27/106
-  Installing       : libXau-1.0.9-3.el8.x86_64                           28/106
-  Installing       : libxcb-1.13.1-1.el8.x86_64                          29/106
-  Installing       : libX11-common-1.6.8-8.el8.noarch                    30/106
-  Installing       : libX11-1.6.8-8.el8.x86_64                           31/106
-  Installing       : libXext-1.3.4-1.el8.x86_64                          32/106
-  Installing       : libXrender-0.9.10-7.el8.x86_64                      33/106
-  Installing       : cairo-1.15.12-6.el8.x86_64                          34/106
-  Installing       : libXi-1.7.10-1.el8.x86_64                           35/106
-  Installing       : libXfixes-5.0.3-7.el8.x86_64                        36/106
-  Installing       : libXtst-1.2.3-7.el8.x86_64                          37/106
-  Installing       : libXcomposite-0.4.4-14.el8.x86_64                   38/106
-  Installing       : at-spi2-core-2.28.0-1.el8.x86_64                    39/106
-  Running scriptlet: at-spi2-core-2.28.0-1.el8.x86_64                    39/106
-  Installing       : at-spi2-atk-2.26.2-1.el8.x86_64                     40/106
-  Running scriptlet: at-spi2-atk-2.26.2-1.el8.x86_64                     40/106
-  Installing       : libXcursor-1.1.15-3.el8.x86_64                      41/106
-  Installing       : libXdamage-1.1.4-14.el8.x86_64                      42/106
-  Installing       : cairo-gobject-1.15.12-6.el8.x86_64                  43/106
-  Installing       : libXft-2.3.3-1.el8.x86_64                           44/106
-  Installing       : libXrandr-1.5.2-1.el8.x86_64                        45/106
-  Installing       : libXinerama-1.1.4-1.el8.x86_64                      46/106
-  Installing       : lcms2-2.9-2.el8.x86_64                              47/106
-  Running scriptlet: lcms2-2.9-2.el8.x86_64                              47/106
-  Installing       : jbigkit-libs-2.1-14.el8.x86_64                      48/106
-  Running scriptlet: jbigkit-libs-2.1-14.el8.x86_64                      48/106
-  Installing       : libtiff-4.0.9-32.el8_10.x86_64                      49/106
-  Installing       : javapackages-filesystem-5.3.0-1.module+el8+5136+    50/106
-  Installing       : hicolor-icon-theme-0.17-2.el8.noarch                51/106
-  Installing       : graphite2-1.3.10-10.el8.x86_64                      52/106
-  Installing       : harfbuzz-1.7.5-4.el8.x86_64                         53/106
-  Running scriptlet: harfbuzz-1.7.5-4.el8.x86_64                         53/106
-  Installing       : fribidi-1.0.4-9.el8.x86_64                          54/106
-  Installing       : pango-1.42.4-8.el8.x86_64                           55/106
-  Running scriptlet: pango-1.42.4-8.el8.x86_64                           55/106
-  Installing       : dconf-0.28.0-4.0.1.el8.x86_64                       56/106
-  Installing       : alsa-lib-1.2.10-2.el8.x86_64                        57/106
-  Running scriptlet: alsa-lib-1.2.10-2.el8.x86_64                        57/106
-  Installing       : adwaita-cursor-theme-3.28.0-3.el8.noarch            58/106
-  Installing       : adwaita-icon-theme-3.28.0-3.el8.noarch              59/106
-  Installing       : abattis-cantarell-fonts-0.0.25-6.el8.noarch         60/106
-  Installing       : xz-5.2.4-4.el8_6.x86_64                             61/106
-  Installing       : shared-mime-info-1.9-4.el8.x86_64                   62/106
-  Running scriptlet: shared-mime-info-1.9-4.el8.x86_64                   62/106
-  Installing       : gdk-pixbuf2-2.36.12-6.el8_10.x86_64                 63/106
-  Running scriptlet: gdk-pixbuf2-2.36.12-6.el8_10.x86_64                 63/106
-  Installing       : gdk-pixbuf2-modules-2.36.12-6.el8_10.x86_64         64/106
-  Installing       : gtk-update-icon-cache-3.22.30-11.el8.x86_64         65/106
-  Installing       : pkgconf-m4-1.4.2-1.el8.noarch                       66/106
-  Installing       : pigz-2.4-4.el8.x86_64                               67/106
-  Installing       : memstrack-0.2.5-2.el8.x86_64                        68/106
-  Installing       : lksctp-tools-1.0.18-3.el8.x86_64                    69/106
-  Running scriptlet: lksctp-tools-1.0.18-3.el8.x86_64                    69/106
-  Installing       : libpkgconf-1.4.2-1.el8.x86_64                       70/106
-  Installing       : pkgconf-1.4.2-1.el8.x86_64                          71/106
-  Installing       : pkgconf-pkg-config-1.4.2-1.el8.x86_64               72/106
-  Installing       : xorg-x11-font-utils-1:7.5-41.el8.x86_64             73/106
-  Installing       : xorg-x11-fonts-Type1-7.5-19.el8.noarch              74/106
-  Running scriptlet: xorg-x11-fonts-Type1-7.5-19.el8.noarch              74/106
-  Installing       : libmodman-2.0.1-17.el8.x86_64                       75/106
-  Running scriptlet: libmodman-2.0.1-17.el8.x86_64                       75/106
-  Installing       : libproxy-0.4.15-5.2.el8.x86_64                      76/106
-  Running scriptlet: libproxy-0.4.15-5.2.el8.x86_64                      76/106
-  Installing       : libkcapi-1.4.0-2.0.1.el8.x86_64                     77/106
-  Installing       : libkcapi-hmaccalc-1.4.0-2.0.1.el8.x86_64            78/106
-  Installing       : libgusb-0.3.0-1.el8.x86_64                          79/106
-  Installing       : colord-libs-1.4.2-1.el8.x86_64                      80/106
-  Installing       : kbd-misc-2.0.4-11.el8.noarch                        81/106
-  Installing       : kbd-legacy-2.0.4-11.el8.noarch                      82/106
-  Installing       : kbd-2.0.4-11.el8.x86_64                             83/106
-  Installing       : systemd-udev-239-78.0.4.el8.x86_64                  84/106
-  Running scriptlet: systemd-udev-239-78.0.4.el8.x86_64                  84/106
-  Installing       : os-prober-1.74-9.0.1.el8.x86_64                     85/106
-  Installing       : json-glib-1.4.4-1.el8.x86_64                        86/106
-  Installing       : hardlink-1:1.3-6.el8.x86_64                         87/106
-  Installing       : file-5.33-25.el8.x86_64                             88/106
-  Installing       : dejavu-sans-mono-fonts-2.35-7.el8.noarch            89/106
-  Installing       : gsettings-desktop-schemas-3.32.0-6.el8.x86_64       90/106
-  Installing       : glib-networking-2.56.1-1.1.el8.x86_64               91/106
-  Installing       : libsoup-2.62.3-5.el8.x86_64                         92/106
-  Installing       : rest-0.8.1-2.el8.x86_64                             93/106
-  Running scriptlet: rest-0.8.1-2.el8.x86_64                             93/106
-  Installing       : cpio-2.12-11.el8.x86_64                             94/106
-  Installing       : dracut-049-233.git20240115.0.1.el8.x86_64           95/106
-  Running scriptlet: grub2-tools-1:2.02-156.0.2.el8.x86_64               96/106
-  Installing       : grub2-tools-1:2.02-156.0.2.el8.x86_64               96/106
-  Running scriptlet: grub2-tools-1:2.02-156.0.2.el8.x86_64               96/106
-  Installing       : grubby-8.40-49.0.2.el8.x86_64                       97/106
-  Installing       : crypto-policies-scripts-20230731-1.git3177e06.el    98/106
-  Installing       : nss-sysinit-3.90.0-7.el8_10.x86_64                  99/106
-  Installing       : nss-3.90.0-7.el8_10.x86_64                         100/106
-  Installing       : avahi-libs-0.7-27.el8.x86_64                       101/106
-  Installing       : cups-libs-1:2.2.6-60.el8_10.x86_64                 102/106
-  Installing       : java-11-openjdk-headless-1:11.0.24.0.8-3.0.1.el8   103/106
-  Running scriptlet: java-11-openjdk-headless-1:11.0.24.0.8-3.0.1.el8   103/106
-  Installing       : gtk3-3.22.30-11.el8.x86_64                         104/106
-  Installing       : java-11-openjdk-1:11.0.24.0.8-3.0.1.el8.x86_64     105/106
-  Running scriptlet: java-11-openjdk-1:11.0.24.0.8-3.0.1.el8.x86_64     105/106
-  Installing       : java-11-openjdk-devel-1:11.0.24.0.8-3.0.1.el8.x8   106/106
-  Running scriptlet: java-11-openjdk-devel-1:11.0.24.0.8-3.0.1.el8.x8   106/106
-  Running scriptlet: copy-jdk-configs-4.0-2.el8.noarch                  106/106
-  Running scriptlet: dconf-0.28.0-4.0.1.el8.x86_64                      106/106
-  Running scriptlet: crypto-policies-scripts-20230731-1.git3177e06.el   106/106
-  Running scriptlet: nss-3.90.0-7.el8_10.x86_64                         106/106
-  Running scriptlet: java-11-openjdk-headless-1:11.0.24.0.8-3.0.1.el8   106/106
-  Running scriptlet: java-11-openjdk-1:11.0.24.0.8-3.0.1.el8.x86_64     106/106
-  Running scriptlet: java-11-openjdk-devel-1:11.0.24.0.8-3.0.1.el8.x8   106/106
-  Running scriptlet: hicolor-icon-theme-0.17-2.el8.noarch               106/106
-  Running scriptlet: adwaita-icon-theme-3.28.0-3.el8.noarch             106/106
-  Running scriptlet: shared-mime-info-1.9-4.el8.x86_64                  106/106
-  Running scriptlet: gdk-pixbuf2-2.36.12-6.el8_10.x86_64                106/106
-  Running scriptlet: systemd-udev-239-78.0.4.el8.x86_64                 106/106
-  Verifying        : avahi-libs-0.7-27.el8.x86_64                         1/106
-  Verifying        : cpio-2.12-11.el8.x86_64                              2/106
-  Verifying        : crypto-policies-scripts-20230731-1.git3177e06.el     3/106
-  Verifying        : cups-libs-1:2.2.6-60.el8_10.x86_64                   4/106
-  Verifying        : dejavu-sans-mono-fonts-2.35-7.el8.noarch             5/106
-  Verifying        : dracut-049-233.git20240115.0.1.el8.x86_64            6/106
-  Verifying        : file-5.33-25.el8.x86_64                              7/106
-  Verifying        : gdk-pixbuf2-2.36.12-6.el8_10.x86_64                  8/106
-  Verifying        : gettext-0.19.8.1-17.el8.x86_64                       9/106
-  Verifying        : gettext-libs-0.19.8.1-17.el8.x86_64                 10/106
-  Verifying        : glib-networking-2.56.1-1.1.el8.x86_64               11/106
-  Verifying        : grub2-common-1:2.02-156.0.2.el8.noarch              12/106
-  Verifying        : grub2-tools-1:2.02-156.0.2.el8.x86_64               13/106
-  Verifying        : grub2-tools-minimal-1:2.02-156.0.2.el8.x86_64       14/106
-  Verifying        : grubby-8.40-49.0.2.el8.x86_64                       15/106
-  Verifying        : gsettings-desktop-schemas-3.32.0-6.el8.x86_64       16/106
-  Verifying        : hardlink-1:1.3-6.el8.x86_64                         17/106
-  Verifying        : json-glib-1.4.4-1.el8.x86_64                        18/106
-  Verifying        : kbd-2.0.4-11.el8.x86_64                             19/106
-  Verifying        : kbd-legacy-2.0.4-11.el8.noarch                      20/106
-  Verifying        : kbd-misc-2.0.4-11.el8.noarch                        21/106
-  Verifying        : libcroco-0.6.12-4.el8_2.1.x86_64                    22/106
-  Verifying        : libgomp-8.5.0-22.0.1.el8_10.x86_64                  23/106
-  Verifying        : libgusb-0.3.0-1.el8.x86_64                          24/106
-  Verifying        : libkcapi-1.4.0-2.0.1.el8.x86_64                     25/106
-  Verifying        : libkcapi-hmaccalc-1.4.0-2.0.1.el8.x86_64            26/106
-  Verifying        : libmodman-2.0.1-17.el8.x86_64                       27/106
-  Verifying        : libpkgconf-1.4.2-1.el8.x86_64                       28/106
-  Verifying        : libproxy-0.4.15-5.2.el8.x86_64                      29/106
-  Verifying        : libsoup-2.62.3-5.el8.x86_64                         30/106
-  Verifying        : lksctp-tools-1.0.18-3.el8.x86_64                    31/106
-  Verifying        : memstrack-0.2.5-2.el8.x86_64                        32/106
-  Verifying        : os-prober-1.74-9.0.1.el8.x86_64                     33/106
-  Verifying        : pigz-2.4-4.el8.x86_64                               34/106
-  Verifying        : pkgconf-1.4.2-1.el8.x86_64                          35/106
-  Verifying        : pkgconf-m4-1.4.2-1.el8.noarch                       36/106
-  Verifying        : pkgconf-pkg-config-1.4.2-1.el8.x86_64               37/106
-  Verifying        : shared-mime-info-1.9-4.el8.x86_64                   38/106
-  Verifying        : systemd-udev-239-78.0.4.el8.x86_64                  39/106
-  Verifying        : xz-5.2.4-4.el8_6.x86_64                             40/106
-  Verifying        : abattis-cantarell-fonts-0.0.25-6.el8.noarch         41/106
-  Verifying        : adwaita-cursor-theme-3.28.0-3.el8.noarch            42/106
-  Verifying        : adwaita-icon-theme-3.28.0-3.el8.noarch              43/106
-  Verifying        : alsa-lib-1.2.10-2.el8.x86_64                        44/106
-  Verifying        : at-spi2-atk-2.26.2-1.el8.x86_64                     45/106
-  Verifying        : at-spi2-core-2.28.0-1.el8.x86_64                    46/106
-  Verifying        : atk-2.28.1-1.el8.x86_64                             47/106
-  Verifying        : cairo-1.15.12-6.el8.x86_64                          48/106
-  Verifying        : cairo-gobject-1.15.12-6.el8.x86_64                  49/106
-  Verifying        : colord-libs-1.4.2-1.el8.x86_64                      50/106
-  Verifying        : copy-jdk-configs-4.0-2.el8.noarch                   51/106
-  Verifying        : dconf-0.28.0-4.0.1.el8.x86_64                       52/106
-  Verifying        : fribidi-1.0.4-9.el8.x86_64                          53/106
-  Verifying        : gdk-pixbuf2-modules-2.36.12-6.el8_10.x86_64         54/106
-  Verifying        : graphite2-1.3.10-10.el8.x86_64                      55/106
-  Verifying        : gtk-update-icon-cache-3.22.30-11.el8.x86_64         56/106
-  Verifying        : gtk3-3.22.30-11.el8.x86_64                          57/106
-  Verifying        : harfbuzz-1.7.5-4.el8.x86_64                         58/106
-  Verifying        : hicolor-icon-theme-0.17-2.el8.noarch                59/106
-  Verifying        : jasper-libs-2.0.14-5.el8.x86_64                     60/106
-  Verifying        : java-11-openjdk-1:11.0.24.0.8-3.0.1.el8.x86_64      61/106
-  Verifying        : java-11-openjdk-devel-1:11.0.24.0.8-3.0.1.el8.x8    62/106
-  Verifying        : java-11-openjdk-headless-1:11.0.24.0.8-3.0.1.el8    63/106
-  Verifying        : javapackages-filesystem-5.3.0-1.module+el8+5136+    64/106
-  Verifying        : jbigkit-libs-2.1-14.el8.x86_64                      65/106
-  Verifying        : lcms2-2.9-2.el8.x86_64                              66/106
-  Verifying        : libX11-1.6.8-8.el8.x86_64                           67/106
-  Verifying        : libX11-common-1.6.8-8.el8.noarch                    68/106
-  Verifying        : libXau-1.0.9-3.el8.x86_64                           69/106
-  Verifying        : libXcomposite-0.4.4-14.el8.x86_64                   70/106
-  Verifying        : libXcursor-1.1.15-3.el8.x86_64                      71/106
-  Verifying        : libXdamage-1.1.4-14.el8.x86_64                      72/106
-  Verifying        : libXext-1.3.4-1.el8.x86_64                          73/106
-  Verifying        : libXfixes-5.0.3-7.el8.x86_64                        74/106
-  Verifying        : libXft-2.3.3-1.el8.x86_64                           75/106
-  Verifying        : libXi-1.7.10-1.el8.x86_64                           76/106
-  Verifying        : libXinerama-1.1.4-1.el8.x86_64                      77/106
-  Verifying        : libXrandr-1.5.2-1.el8.x86_64                        78/106
-  Verifying        : libXrender-0.9.10-7.el8.x86_64                      79/106
-  Verifying        : libXtst-1.2.3-7.el8.x86_64                          80/106
-  Verifying        : libdatrie-0.2.9-7.el8.x86_64                        81/106
-  Verifying        : libepoxy-1.5.8-1.el8.x86_64                         82/106
-  Verifying        : libfontenc-1.1.3-8.el8.x86_64                       83/106
-  Verifying        : libjpeg-turbo-1.5.3-12.el8.x86_64                   84/106
-  Verifying        : libthai-0.1.27-2.el8.x86_64                         85/106
-  Verifying        : libtiff-4.0.9-32.el8_10.x86_64                      86/106
-  Verifying        : libwayland-client-1.21.0-1.el8.x86_64               87/106
-  Verifying        : libwayland-cursor-1.21.0-1.el8.x86_64               88/106
-  Verifying        : libwayland-egl-1.21.0-1.el8.x86_64                  89/106
-  Verifying        : libxcb-1.13.1-1.el8.x86_64                          90/106
-  Verifying        : libxkbcommon-0.9.1-1.el8.x86_64                     91/106
-  Verifying        : lua-5.3.4-12.el8.x86_64                             92/106
-  Verifying        : nspr-4.35.0-1.el8_8.x86_64                          93/106
-  Verifying        : nss-3.90.0-7.el8_10.x86_64                          94/106
-  Verifying        : nss-softokn-3.90.0-7.el8_10.x86_64                  95/106
-  Verifying        : nss-softokn-freebl-3.90.0-7.el8_10.x86_64           96/106
-  Verifying        : nss-sysinit-3.90.0-7.el8_10.x86_64                  97/106
-  Verifying        : nss-util-3.90.0-7.el8_10.x86_64                     98/106
-  Verifying        : pango-1.42.4-8.el8.x86_64                           99/106
-  Verifying        : pixman-0.38.4-4.el8.x86_64                         100/106
-  Verifying        : rest-0.8.1-2.el8.x86_64                            101/106
-  Verifying        : ttmkfdir-3.0.9-54.el8.x86_64                       102/106
-  Verifying        : tzdata-java-2024a-1.0.1.el8.noarch                 103/106
-  Verifying        : xkeyboard-config-2.28-1.el8.noarch                 104/106
-  Verifying        : xorg-x11-font-utils-1:7.5-41.el8.x86_64            105/106
-  Verifying        : xorg-x11-fonts-Type1-7.5-19.el8.noarch             106/106
-
-Installed:
-  abattis-cantarell-fonts-0.0.25-6.el8.noarch
-  adwaita-cursor-theme-3.28.0-3.el8.noarch
-  adwaita-icon-theme-3.28.0-3.el8.noarch
-  alsa-lib-1.2.10-2.el8.x86_64
-  at-spi2-atk-2.26.2-1.el8.x86_64
-  at-spi2-core-2.28.0-1.el8.x86_64
-  atk-2.28.1-1.el8.x86_64
-  avahi-libs-0.7-27.el8.x86_64
-  cairo-1.15.12-6.el8.x86_64
-  cairo-gobject-1.15.12-6.el8.x86_64
-  colord-libs-1.4.2-1.el8.x86_64
-  copy-jdk-configs-4.0-2.el8.noarch
-  cpio-2.12-11.el8.x86_64
-  crypto-policies-scripts-20230731-1.git3177e06.el8.noarch
-  cups-libs-1:2.2.6-60.el8_10.x86_64
-  dconf-0.28.0-4.0.1.el8.x86_64
-  dejavu-sans-mono-fonts-2.35-7.el8.noarch
-  dracut-049-233.git20240115.0.1.el8.x86_64
-  file-5.33-25.el8.x86_64
-  fribidi-1.0.4-9.el8.x86_64
-  gdk-pixbuf2-2.36.12-6.el8_10.x86_64
-  gdk-pixbuf2-modules-2.36.12-6.el8_10.x86_64
-  gettext-0.19.8.1-17.el8.x86_64
-  gettext-libs-0.19.8.1-17.el8.x86_64
-  glib-networking-2.56.1-1.1.el8.x86_64
-  graphite2-1.3.10-10.el8.x86_64
-  grub2-common-1:2.02-156.0.2.el8.noarch
-  grub2-tools-1:2.02-156.0.2.el8.x86_64
-  grub2-tools-minimal-1:2.02-156.0.2.el8.x86_64
-  grubby-8.40-49.0.2.el8.x86_64
-  gsettings-desktop-schemas-3.32.0-6.el8.x86_64
-  gtk-update-icon-cache-3.22.30-11.el8.x86_64
-  gtk3-3.22.30-11.el8.x86_64
-  hardlink-1:1.3-6.el8.x86_64
-  harfbuzz-1.7.5-4.el8.x86_64
-  hicolor-icon-theme-0.17-2.el8.noarch
-  jasper-libs-2.0.14-5.el8.x86_64
-  java-11-openjdk-1:11.0.24.0.8-3.0.1.el8.x86_64
-  java-11-openjdk-devel-1:11.0.24.0.8-3.0.1.el8.x86_64
-  java-11-openjdk-headless-1:11.0.24.0.8-3.0.1.el8.x86_64
-  javapackages-filesystem-5.3.0-1.module+el8+5136+7ff78f74.noarch
-  jbigkit-libs-2.1-14.el8.x86_64
-  json-glib-1.4.4-1.el8.x86_64
-  kbd-2.0.4-11.el8.x86_64
-  kbd-legacy-2.0.4-11.el8.noarch
-  kbd-misc-2.0.4-11.el8.noarch
-  lcms2-2.9-2.el8.x86_64
-  libX11-1.6.8-8.el8.x86_64
-  libX11-common-1.6.8-8.el8.noarch
-  libXau-1.0.9-3.el8.x86_64
-  libXcomposite-0.4.4-14.el8.x86_64
-  libXcursor-1.1.15-3.el8.x86_64
-  libXdamage-1.1.4-14.el8.x86_64
-  libXext-1.3.4-1.el8.x86_64
-  libXfixes-5.0.3-7.el8.x86_64
-  libXft-2.3.3-1.el8.x86_64
-  libXi-1.7.10-1.el8.x86_64
-  libXinerama-1.1.4-1.el8.x86_64
-  libXrandr-1.5.2-1.el8.x86_64
-  libXrender-0.9.10-7.el8.x86_64
-  libXtst-1.2.3-7.el8.x86_64
-  libcroco-0.6.12-4.el8_2.1.x86_64
-  libdatrie-0.2.9-7.el8.x86_64
-  libepoxy-1.5.8-1.el8.x86_64
-  libfontenc-1.1.3-8.el8.x86_64
-  libgomp-8.5.0-22.0.1.el8_10.x86_64
-  libgusb-0.3.0-1.el8.x86_64
-  libjpeg-turbo-1.5.3-12.el8.x86_64
-  libkcapi-1.4.0-2.0.1.el8.x86_64
-  libkcapi-hmaccalc-1.4.0-2.0.1.el8.x86_64
-  libmodman-2.0.1-17.el8.x86_64
-  libpkgconf-1.4.2-1.el8.x86_64
-  libproxy-0.4.15-5.2.el8.x86_64
-  libsoup-2.62.3-5.el8.x86_64
-  libthai-0.1.27-2.el8.x86_64
-  libtiff-4.0.9-32.el8_10.x86_64
-  libwayland-client-1.21.0-1.el8.x86_64
-  libwayland-cursor-1.21.0-1.el8.x86_64
-  libwayland-egl-1.21.0-1.el8.x86_64
-  libxcb-1.13.1-1.el8.x86_64
-  libxkbcommon-0.9.1-1.el8.x86_64
-  lksctp-tools-1.0.18-3.el8.x86_64
-  lua-5.3.4-12.el8.x86_64
-  memstrack-0.2.5-2.el8.x86_64
-  nspr-4.35.0-1.el8_8.x86_64
-  nss-3.90.0-7.el8_10.x86_64
-  nss-softokn-3.90.0-7.el8_10.x86_64
-  nss-softokn-freebl-3.90.0-7.el8_10.x86_64
-  nss-sysinit-3.90.0-7.el8_10.x86_64
-  nss-util-3.90.0-7.el8_10.x86_64
-  os-prober-1.74-9.0.1.el8.x86_64
-  pango-1.42.4-8.el8.x86_64
-  pigz-2.4-4.el8.x86_64
-  pixman-0.38.4-4.el8.x86_64
-  pkgconf-1.4.2-1.el8.x86_64
-  pkgconf-m4-1.4.2-1.el8.noarch
-  pkgconf-pkg-config-1.4.2-1.el8.x86_64
-  rest-0.8.1-2.el8.x86_64
-  shared-mime-info-1.9-4.el8.x86_64
-  systemd-udev-239-78.0.4.el8.x86_64
-  ttmkfdir-3.0.9-54.el8.x86_64
-  tzdata-java-2024a-1.0.1.el8.noarch
-  xkeyboard-config-2.28-1.el8.noarch
-  xorg-x11-font-utils-1:7.5-41.el8.x86_64
-  xorg-x11-fonts-Type1-7.5-19.el8.noarch
-  xz-5.2.4-4.el8_6.x86_64
-
-Complete!
-Last metadata expiration check: 0:00:23 ago on Tue 20 Aug 2024 08:55:14 AM UTC.
-Package iproute-6.2.0-5.el8_9.x86_64 is already installed.
-Dependencies resolved.
-================================================================================
- Package       Architecture Version               Repository               Size
-================================================================================
-Upgrading:
- iproute       x86_64       6.2.0-6.el8_10        ol8_baseos_latest       853 k
-
-Transaction Summary
-================================================================================
-Upgrade  1 Package
-
-Total download size: 853 k
-Downloading Packages:
-iproute-6.2.0-6.el8_10.x86_64.rpm               4.2 MB/s | 853 kB     00:00
---------------------------------------------------------------------------------
-Total                                           4.2 MB/s | 853 kB     00:00
-Running transaction check
-Transaction check succeeded.
-Running transaction test
-Transaction test succeeded.
-Running transaction
-  Preparing        :                                                        1/1
-  Upgrading        : iproute-6.2.0-6.el8_10.x86_64                          1/2
-  Cleanup          : iproute-6.2.0-5.el8_9.x86_64                           2/2
-  Running scriptlet: iproute-6.2.0-5.el8_9.x86_64                           2/2
-  Verifying        : iproute-6.2.0-6.el8_10.x86_64                          1/2
-  Verifying        : iproute-6.2.0-5.el8_9.x86_64                           2/2
-
-Upgraded:
-  iproute-6.2.0-6.el8_10.x86_64
-
-Complete!
-24 files removed
-Removing intermediate container fe168b01f3ad
- ---> 791878694a50
-Step 5/12 : RUN curl -o /tmp/ords-$ORDSVERSION.el8.noarch.rpm https://yum.oracle.com/repo/OracleLinux/OL8/oracle/software/x86_64/getPackage/ords-$ORDSVERSION.el8.noarch.rpm
- ---> Running in 59d7143da358
-  % Total    % Received % Xferd  Average Speed   Time    Time     Time  Current
-                                 Dload  Upload   Total   Spent    Left  Speed
-100  108M  100  108M    0     0  1440k      0  0:01:16  0:01:16 --:--:-- 1578k
-Removing intermediate container 59d7143da358
- ---> 17c4534293e5
-Step 6/12 : RUN rpm -ivh /tmp/ords-$ORDSVERSION.el8.noarch.rpm
- ---> Running in 84b1cbffdc51
-Verifying...                          ########################################
-Preparing...                          ########################################
-Updating / installing...
-ords-23.4.0-8.el8                     ########################################
-INFO: Before starting ORDS service, run the below command as user oracle:
-         ords --config /etc/ords/config install
-Removing intermediate container 84b1cbffdc51
- ---> 6e7151b79588
-Step 7/12 : RUN mkdir -p  $ORDS_HOME/doc_root                                  &&     mkdir -p  $ORDS_HOME/error                                     &&     mkdir -p  $ORDS_HOME/secrets                                   &&     chmod ug+x $ORDS_HOME/*.sh                                     &&     groupadd -g 54322 dba                                          &&     usermod -u 54321 -d /home/oracle -g dba -m -s /bin/bash oracle &&     chown -R oracle:dba $ORDS_HOME                                 &&     echo "oracle  ALL=(ALL)       NOPASSWD: ALL" >> /etc/sudoers
- ---> Running in 66e5db5f343f
-Removing intermediate container 66e5db5f343f
- ---> 0523dc897bf4
-Step 8/12 : USER oracle
- ---> Running in ffda8495ac77
-Removing intermediate container ffda8495ac77
- ---> 162acd4d0b93
-Step 9/12 : WORKDIR /home/oracle
- ---> Running in 8c14310ffbc7
-Removing intermediate container 8c14310ffbc7
- ---> c8dae809e772
-Step 10/12 : VOLUME ["$ORDS_HOME/config/ords"]
- ---> Running in ed64548fd997
-Removing intermediate container ed64548fd997
- ---> 22e2c99247b0
-Step 11/12 : EXPOSE 8888
- ---> Running in 921f7c85d61d
-Removing intermediate container 921f7c85d61d
- ---> e5d503c92224
-Step 12/12 : CMD $ORDS_HOME/$RUN_FILE
- ---> Running in cad487298d63
-Removing intermediate container cad487298d63
- ---> fdb17aa242f8
-Successfully built fdb17aa242f8
-Successfully tagged oracle/ords-dboper:latest
-08:57:18 oracle@mitk01:#
-
diff --git a/docs/multitenant/usecase01/logfiles/openssl_execution.log b/docs/multitenant/usecase01/logfiles/openssl_execution.log
deleted file mode 100644
index e3915a21..00000000
--- a/docs/multitenant/usecase01/logfiles/openssl_execution.log
+++ /dev/null
@@ -1,19 +0,0 @@
-CREATING TLS CERTIFICATES
-/usr/bin/openssl genrsa -out ca.key 2048
-Generating RSA private key, 2048 bit long modulus (2 primes)
-......................+++++
-..................................................+++++
-e is 65537 (0x010001)
-/usr/bin/openssl req -new -x509 -days 365 -key ca.key -subj "/C=US/ST=California/L=SanFrancisco/O=oracle /CN=cdb-dev-ords.oracle-database-operator-system /CN=localhost  Root CA " -out ca.crt
-/usr/bin/openssl req -newkey rsa:2048 -nodes -keyout tls.key -subj "/C=US/ST=California/L=SanFrancisco/O=oracle /CN=cdb-dev-ords.oracle-database-operator-system /CN=localhost" -out server.csr
-Generating a RSA private key
-...........+++++
-...........................................+++++
-writing new private key to 'tls.key'
------
-/usr/bin/echo "subjectAltName=DNS:cdb-dev-ords.oracle-database-operator-system,DNS:www.example.com" > extfile.txt
-/usr/bin/openssl x509 -req -extfile extfile.txt -days 365 -in server.csr -CA ca.crt -CAkey ca.key -CAcreateserial -out tls.crt
-Signature ok
-subject=C = US, ST = California, L = SanFrancisco, O = "oracle ", CN = "cdb-dev-ords.oracle-database-operator-system ", CN = localhost
-Getting CA Private Key
-
diff --git a/docs/multitenant/usecase01/logfiles/ordsconfig.log b/docs/multitenant/usecase01/logfiles/ordsconfig.log
deleted file mode 100644
index b787b752..00000000
--- a/docs/multitenant/usecase01/logfiles/ordsconfig.log
+++ /dev/null
@@ -1,39 +0,0 @@
-ORDS: Release 23.4 Production on Tue Aug 20 07:48:44 2024
-
-Copyright (c) 2010, 2024, Oracle.
-
-Configuration:
-  /etc/ords/config/
-
-Database pool: default
-
-Setting                                     Value                                                Source
------------------------------------------   --------------------------------------------------   -----------
-database.api.enabled                        true                                                 Global
-database.api.management.services.disabled   false                                                Global
-db.cdb.adminUser                            C##DBAPI_CDB_ADMIN AS SYSDBA                         Pool
-db.cdb.adminUser.password                   ******                                               Pool Wallet
-db.connectionType                           customurl                                            Pool
-db.customURL                                jdbc:oracle:thin:@(DESCRIPTION=(CONNECT_TIMEOUT=90   Pool
-                                            )(RETRY_COUNT=30)(RETRY_DELAY=10)(TRANSPORT_CONNEC
-                                            T_TIMEOUT=70)(LOAD_BALLANCE=ON)(ADDRESS=(PROTOCOL=
-                                            TCP)(HOST=scan12.testrac.com)(PORT=1521)(IP=V4_ONL
-                                            Y))(LOAD_BALLANCE=ON)(ADDRESS=(PROTOCOL=TCP)(HOST=
-                                            scan34.testrac.com)(PORT=1521)(IP=V4_ONLY))(CONNEC
-                                            T_DATA=(SERVER=DEDICATED)(SERVICE_NAME=TESTORDS)))
-db.password                                 ******                                               Pool Wallet
-db.serviceNameSuffix                                                                             Pool
-db.username                                 ORDS_PUBLIC_USER                                     Pool
-error.externalPath                          /opt/oracle/ords/error                               Global
-jdbc.InitialLimit                           50                                                   Pool
-jdbc.MaxLimit                               100                                                  Pool
-misc.pagination.maxRows                     1000                                                 Pool
-plsql.gateway.mode                          disabled                                             Pool
-restEnabledSql.active                       true                                                 Pool
-security.requestValidationFunction          ords_util.authorize_plsql_gateway                    Pool
-security.verifySSL                          true                                                 Global
-standalone.access.log                       /home/oracle                                         Global
-standalone.https.cert                       /opt/oracle/ords//secrets/tls.crt                    Global
-standalone.https.cert.key                   /opt/oracle/ords//secrets/tls.key                    Global
-standalone.https.port                       8888                                                 Global
-
diff --git a/docs/multitenant/usecase01/makefile b/docs/multitenant/usecase01/makefile
deleted file mode 100644
index d4176c75..00000000
--- a/docs/multitenant/usecase01/makefile
+++ /dev/null
@@ -1,284 +0,0 @@
-#   __  __       _         __ _ _
-#  |  \/  | __ _| | _____ / _(_) | ___
-#  | |\/| |/ _` | |/ / _ \ |_| | |/ _ \
-#  | |  | | (_| |   <  __/  _| | |  __/
-#  |_|  |_|\__,_|_|\_\___|_| |_|_|\___|
-#
-#    ___
-#   / _ \ _ __  _ __  _ __ ___ _ __ ___
-#  | | | | '_ \| '_ \| '__/ _ \ '_ ` _ \
-#  | |_| | | | | |_) | | |  __/ | | | | |
-#   \___/|_| |_| .__/|_|  \___|_| |_| |_|
-#              |_|
-#    ____            _             _ _
-#   / ___|___  _ __ | |_ _ __ ___ | | | ___ _ __
-#  | |   / _ \| '_ \| __| '__/ _ \| | |/ _ \ '__|
-#  | |__| (_) | | | | |_| | | (_) | | |  __/ |
-#   \____\___/|_| |_|\__|_|  \___/|_|_|\___|_|
-#
-#  
-# This makefile helps to speed up the  kubectl commands executions to deploy and test
-# the OnPremises operator. Although it has few functionality you can adapt to your needs  
-# by adding much more targets.
-#
-# Quick start:
-# ~~~~~~~~~~~
-#
-# - Copy files of tab.1 in the makefile directory.
-# - Edit the secret files and other yaml files with the correct credential as 
-#   specified in the documentation.
-# - Edit makefile updating variables of tab.2
-# - Execute commands of tab.3 "make step1" "make step2" "make step3"....
-#
-# Tab.1 - List of required files
-# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
-# 
-# +-----------------------------+---------------------------------------------+
-# |oracle-database-operator.yaml| Opertaor yaml file                          |
-# +-----------------------------+---------------------------------------------+
-# |cdb_secret.yaml              | Secret file for the rest server pod         |
-# +-----------------------------+---------------------------------------------+
-# |pdb_secret.yaml              | Secret file for the pdb creation            |
-# +-----------------------------+---------------------------------------------+
-# |tde_secret.yaml              | Secret file for the tablepsace enc.         |
-# +-----------------------------+---------------------------------------------+
-# |cdb_create.yaml              | Rest server pod creation                    |
-# +-----------------------------+---------------------------------------------+
-# |pdb_create.yaml              | Pluggable database creation                 |
-# +-----------------------------+---------------------------------------------+
-# |pdb_close.yaml               | Close pluggable database                    |
-# +-----------------------------+---------------------------------------------+
-# |pdb_open.yaml                | Open pluggable database                     |
-# +-----------------------------+---------------------------------------------+
-# |pdb_map.yaml                 | Map an existing pdb                         |
-# +-----------------------------+---------------------------------------------+ 
-# |oracle-database-operator.yaml| Database operator                           |
-# +-----------------------------+---------------------------------------------+
-# |Dockerfiles                  | Dockerfile for CBD                          |
-# +-----------------------------+---------------------------------------------+
-# |runOrdsSSL.sh                | Init script executed by Dockerfile          |
-# +-----------------------------+---------------------------------------------+
-#
-# Tab.2 - List of variables
-# ~~~~~~~~~~~~~~~~~~~~~~~~~
-#
-# +-----------------------------+---------------------------------------------+
-# |OCIR                         | Your image registry                         |
-# +-----------------------------+---------------------------------------------+
-# |OCIRPATH                     | Path of the image in your registry          |
-# +-----------------------------+---------------------------------------------+
-#
-# Tab.3 - Execution steps
-# ~~~~~~~~~~~~~~~~~~~~~~~
-#
-# +-----------------------------+---------------------------------------------+
-# |                      MAKEFILE TARGETS  LIST                               |
-# |                         ----- ooo -----                                   |
-# |          - TARGET -                         - DESCRIPTION -               |
-# +-----------------------------+-------------------------------------+-------+
-# |step1                        | Build rest server images            |       |
-# +-----------------------------+-------------------------------------+ REST  |
-# |step2                        | Tag the immages                     | SRV   |
-# +-----------------------------+-------------------------------------+ IMG   |
-# |step3                        | Push the image into the repository  |       | 
-# +-----------------------------+-------------------------------------+-------+
-# |step4                        | Load webhook certmanager            | DB    |
-# +-----------------------------+-------------------------------------+ OPER  |
-# |step5                        | Create the db operator              |       |
-# +-----------------------------+-------------------------------------+-------+
-# |step6                        | Create tls certificates             |   T   |
-# +-----------------------------+-------------------------------------+   L   |
-# |step7                        | Create tls secret                   |   S   |
-# +-----------------------------+---------------------------------------------+
-# |step8                        | Create database secrets                     |
-# +-----------------------------+---------------------------------------------+
-# |step9                        | Create restserver pod                       |
-# |  |                          +---------------------------------------------+
-# |  +---> checkstep9           | Monitor the executions                      |
-# +-----------------------------+---------------------------------------------+
-# |step10                       | Create pluggable database                   |
-# |  |                          +---------------------------------------------+
-# |  +---> checkpdb             | Monitor PDB status                          |
-# +-----------------------------+---------------------------------------------+
-# |step11                       | Close pluggable database                    |
-# +-----------------------------+---------------------------------------------+
-# |step12                       | Open pluggable database                     |
-# +-----------------------------+---------------------------------------------+
-# |step13                       | Map pluggable database                      |
-# +-----------------------------+---------------------------------------------+
-# | Before testing step13 delete the crd:                                     |
-# |    kubectl delete pdb pdb1 -n oracle-database-operator-system             |
-# +---------------------------------------------------------------------------+
-# |step14                       | delete pdb                                  |
-# +-----------------------------+---------------------------------------------+
-# |                        DIAGNOSTIC  TARGETS                                |
-# +-----------------------------+---------------------------------------------+
-# | dump                        | Dump  pods info into a file                 |
-# +-----------------------------+---------------------------------------------+
-# | reloadop                    | Reload the db operator                      |
-# +-----------------------------+---------------------------------------------+
-# | login                       | Login into cdb pod                          |
-# +-----------------------------+---------------------------------------------+
-
-
-################ TAB 2 VARIABLES ############
-OCIR=[...........YOUR REGISTRY...........]
-OCIRPATH=[...PATH IN YOUR REGISTRY.....]/$(REST_SERVER)-dboper:$(ORDSVERSION)
-#############################################
-REST_SERVER=ords
-ORDSVERSION=latest
-DOCKER=/usr/bin/docker
-KUBECTL=/usr/bin/kubectl
-ORDS=/usr/local/bin/ords
-CONFIG=/etc/ords/config
-IMAGE=oracle/$(REST_SERVER)-dboper:$(ORDSVERSION)
-DBOPERATOR=oracle-database-operator.yaml
-URLPATH=/_/db-api/stable/database/pdbs/
-OPENSSL=/usr/bin/openssl
-ORDSPORT=8888
-MAKE=/usr/bin/make
-DOCKERFILE=../../../ords/Dockerfile
-RUNSCRIPT=../../../ords/runOrdsSSL.sh
-ORDSIMGDIR=../../../ords
-RM=/usr/bin/rm
-CP=/usr/bin/cp
-ECHO=/usr/bin/echo
-NAMESPACE=oracle-database-operator-system
-CERTMANAGER=https://github.com/jetstack/cert-manager/releases/latest/download/cert-manager.yaml
-CDB_SECRET=cdb_secret.yaml
-PDB_SECRET=pdb_secret.yaml
-TDE_SECRET=tde_secret.yaml
-CDB=cdb_create.yaml
-PDB=pdb_create.yaml
-PDB_CLOSE=pdb_close.yaml
-PDB_OPEN=pdb_open.yaml 
-PDB_MAP=pdb_map.yaml
-SKEY=tls.key
-SCRT=tls.crt
-CART=ca.crt
-COMPANY=oracle
-LOCALHOST=localhost
-RESTPREFIX=cdb-dev
-
-step1:   createimage
-step2:   tagimage
-step3:   push 
-step4:   certmanager
-step5:   dboperator
-step6:   tlscert 
-step7:   tlssecret 
-step8:   dbsecret 
-step9:   cdb
-step10:  pdb
-step11:  close 
-step12:  open
-step13:  map
-step14:  delete
-
-checkstep9: checkcdb
-
-
-createimage:
-	$(DOCKER) build -t $(IMAGE) $(ORDSIMGDIR)
-
-tagimage: 
-	@echo "TAG IMAGE"
-	$(DOCKER) tag $(IMAGE) $(OCIR)$(OCIRPATH)
-
-push:
-	@echo "PUSH IMAGE INTO THE REGISTRY"
-	$(DOCKER) push $(OCIR)$(OCIRPATH)
-
-certmanager:
-	@echo "WEBHOOK CERT MANAGER"
-	$(KUBECTL) apply -f $(CERTMANAGER) 
-
-dboperator:
-	@echo "ORACLE DATABASE OPERATOR"
-	$(KUBECTL) apply -f $(DBOPERATOR)
-
-
-#C: Country
-#ST: State
-#L: locality (city)
-#O: Organization Name Organization Unit
-#CN: Common Name
-
-tlscert:
-	 @echo "CREATING TLS CERTIFICATES"
-	$(OPENSSL) genrsa -out ca.key 2048
-	$(OPENSSL) req -new -x509 -days 365 -key ca.key -subj "/C=US/ST=California/L=SanFrancisco/O=$(COMPANY) /CN=$(RESTPREFIX)-$(REST_SERVER).$(NAMESPACE) /CN=$(LOCALHOST)  Root CA " -out ca.crt
-	$(OPENSSL) req -newkey rsa:2048 -nodes -keyout $(SKEY) -subj "/C=US/ST=California/L=SanFrancisco/O=$(COMPANY) /CN=$(RESTPREFIX)-$(REST_SERVER).$(NAMESPACE) /CN=$(LOCALHOST)" -out server.csr
-	$(ECHO) "subjectAltName=DNS:$(RESTPREFIX)-$(REST_SERVER).$(NAMESPACE),DNS:www.example.com" > extfile.txt
-	$(OPENSSL) x509 -req -extfile extfile.txt -days 365 -in server.csr -CA ca.crt -CAkey ca.key -CAcreateserial -out $(SCRT)
-
-tlssecret:
-	@echo "CREATING TLS SECRETS"
-	$(KUBECTL) create secret tls db-tls --key="$(SKEY)" --cert="$(SCRT)"  -n $(NAMESPACE)
-	$(KUBECTL) create secret generic db-ca --from-file="$(CART)" -n $(NAMESPACE)
-
-dbsecret:
-	@echo "CREATING DB SECRETS"
-	$(KUBECTL) apply -f $(CDB_SECRET) -n $(NAMESPACE)
-	$(KUBECTL) apply -f $(PDB_SECRET) -n $(NAMESPACE)
-	$(KUBECTL) apply -f $(TDE_SECRET) -n $(NAMESPACE)
-
-cdb:
-	@echo "CREATING REST SRV POD"
-	$(KUBECTL) apply -f $(CDB)
-
-checkcdb:
-	$(KUBECTL) logs -f `$(KUBECTL) get pods -n $(NAMESPACE)|grep $(REST_SERVER)|cut -d ' ' -f 1` -n $(NAMESPACE)
-
-pdb:
-	$(KUBECTL) apply -f $(PDB)
-
-close:
-	$(KUBECTL) apply -f $(PDB_CLOSE)
-
-open:
-	$(KUBECTL) apply -f $(PDB_OPEN)
-
-map:
-	$(KUBECTL) apply -f $(PDB_MAP)
-
-checkpdb:
-	$(KUBECTL) get pdbs -n $(NAMESPACE)
-
-delete:
-	$(KUBECTL) apply -f pdb_delete.yaml
-
-dump:
-	@$(eval TMPSP := $(shell date "+%y%m%d%H%M%S" ))
-	@$(eval DIAGFILE := ./opdmp.$(TMPSP))
-	@>$(DIAGFILE)
-	@echo "OPERATOR DUMP"  >> $(DIAGFILE)
-	@echo "~~~~~~~~~~~~~"  >> $(DIAGFILE)
-	$(KUBECTL) logs   pod/`$(KUBECTL) get pods -n $(NAMESPACE)|grep oracle-database-operator-controller|head -1|cut  -d ' ' -f 1` -n $(NAMESPACE) >>$(DIAGFILE)
-	$(KUBECTL) logs   pod/`$(KUBECTL) get pods -n $(NAMESPACE)|grep oracle-database-operator-controller|head -2|tail -1 | cut -d ' ' -f 1` -n $(NAMESPACE) >>$(DIAGFILE)
-	$(KUBECTL) logs   pod/`$(KUBECTL) get pods -n $(NAMESPACE)|grep oracle-database-operator-controller|tail -1|cut  -d ' ' -f 1` -n $(NAMESPACE) >>$(DIAGFILE)
-	@echo "CDB LOG DUMP" >> $(DIAGFILE)
-	@echo "~~~~~~~~" >> $(DIAGFILE)
-	$(KUBECTL) logs `$(KUBECTL) get pods -n $(NAMESPACE)|grep $(REST_SERVER)|  cut -d ' ' -f 1` -n $(NAMESPACE)  >>$(DIAGFILE)
-	@echo "SECRET DMP" >>$(DIAGFILE)
-	@echo "~~~~~~~~" >> $(DIAGFILE)
-	$(KUBECTL) get secrets  -o yaml -n $(NAMESPACE) >> $(DIAGFILE)
-	@echo "CDB/PDB DMP" >> $(DIAGFILE)
-	$(KUBECTL) get pdbs  -o yaml -n $(NAMESPACE) >> $(DIAGFILE)
-	$(KUBECTL) get cdb  -o yaml -n $(NAMESPACE) >> $(DIAGFILE)
-	@echo "CLUSTER INFO" >>  $(DIAGFILE)
-	$(KUBECTL) get nodes -o wide
-	$(KUBECTL) get svc --namespace=kube-system
-
-reloadop:
-	echo "RESTARTING OPERATOR"
-	$(eval OP1 := $(shell $(KUBECTL) get pods -n $(NAMESPACE)|grep oracle-database-operator-controller|head -1|cut  -d ' ' -f 1 ))
-	$(eval OP2 := $(shell $(KUBECTL) get pods -n $(NAMESPACE)|grep oracle-database-operator-controller|head -2|tail -1|cut  -d ' ' -f 1 ))
-	$(eval OP3 := $(shell $(KUBECTL) get pods -n $(NAMESPACE)|grep oracle-database-operator-controller|tail -1|cut  -d ' ' -f 1 ))
-	$(KUBECTL) get pod $(OP1) -n $(NAMESPACE) -o yaml | kubectl replace --force -f -
-	$(KUBECTL) get pod $(OP2) -n $(NAMESPACE) -o yaml | kubectl replace --force -f -
-	$(KUBECTL) get pod $(OP3) -n $(NAMESPACE) -o yaml | kubectl replace --force -f -
-
-login:
-	$(KUBECTL) exec -it  `$(KUBECTL) get pods -n $(NAMESPACE)|grep $(REST_SERVER)|cut -d ' ' -f 1` -n $(NAMESPACE) bash
-
diff --git a/docs/multitenant/usecase03/Dockerfile b/docs/multitenant/usecase03/Dockerfile
deleted file mode 100644
index 772a7e6d..00000000
--- a/docs/multitenant/usecase03/Dockerfile
+++ /dev/null
@@ -1,80 +0,0 @@
-## Copyright (c) 2022 Oracle and/or its affiliates.
-##
-## The Universal Permissive License (UPL), Version 1.0
-##
-## Subject to the condition set forth below, permission is hereby granted to any
-## person obtaining a copy of this software, associated documentation and/or data
-## (collectively the "Software"), free of charge and under any and all copyright
-## rights in the Software, and any and all patent rights owned or freely
-## licensable by each licensor hereunder covering either (i) the unmodified
-## Software as contributed to or provided by such licensor, or (ii) the Larger
-## Works (as defined below), to deal in both
-##
-## (a) the Software, and
-## (b) any piece of software and/or hardware listed in the lrgrwrks.txt file if
-## one is included with the Software (each a "Larger Work" to which the Software
-## is contributed by such licensors),
-##
-## without restriction, including without limitation the rights to copy, create
-## derivative works of, display, perform, and distribute the Software and make,
-## use, sell, offer for sale, import, export, have made, and have sold the
-## Software and the Larger Work(s), and to sublicense the foregoing rights on
-## either these or other terms.
-##
-## This license is subject to the following condition:
-## The above copyright notice and either this complete permission notice or at
-## a minimum a reference to the UPL must be included in all copies or
-## substantial portions of the Software.
-##
-## THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-## IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-## FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-## AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-## LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-## OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
-## SOFTWARE.
-
-FROM  container-registry.oracle.com/java/jdk:latest
-
-# Environment variables required for this build (do NOT change)
-# -------------------------------------------------------------
-ENV ORDS_HOME=/opt/oracle/ords/ \
-    RUN_FILE="runOrdsSSL.sh" \
-    ORDSVERSION=23.4.0-8
-
-# Copy binaries
-# -------------
-COPY   $RUN_FILE $ORDS_HOME 
-
-RUN yum -y install yum-utils bind-utils tree hostname openssl net-tools zip unzip tar wget vim-minimal which sudo expect procps curl lsof && \
-    yum-config-manager --add-repo=http://yum.oracle.com/repo/OracleLinux/OL8/oracle/software/x86_64 && \
-    yum -y install java-11-openjdk-devel && \
-    yum -y install iproute && \
-    yum clean all
-
-RUN curl -o /tmp/ords-$ORDSVERSION.el8.noarch.rpm https://yum.oracle.com/repo/OracleLinux/OL8/oracle/software/x86_64/getPackage/ords-$ORDSVERSION.el8.noarch.rpm
-
-RUN rpm -ivh /tmp/ords-$ORDSVERSION.el8.noarch.rpm
-
-# Setup filesystem and oracle user
-# --------------------------------
-RUN mkdir -p  $ORDS_HOME/doc_root                                  && \
-    mkdir -p  $ORDS_HOME/error                                     && \
-    mkdir -p  $ORDS_HOME/secrets                                   && \
-    chmod ug+x $ORDS_HOME/*.sh                                     && \
-    groupadd -g 54322 dba                                          && \
-    usermod -u 54321 -d /home/oracle -g dba -m -s /bin/bash oracle && \
-    chown -R oracle:dba $ORDS_HOME                                 && \
-    echo "oracle  ALL=(ALL)       NOPASSWD: ALL" >> /etc/sudoers
-
-# Finalize setup
-# -------------------
-USER oracle
-WORKDIR /home/oracle
-
-VOLUME ["$ORDS_HOME/config/ords"]
-EXPOSE 8888
-
-# Define default command to start Ords Services
-CMD $ORDS_HOME/$RUN_FILE
-
diff --git a/docs/multitenant/usecase03/NamespaceSegregation.png b/docs/multitenant/usecase03/NamespaceSegregation.png
deleted file mode 100644
index bcb0ae77818e87ed64bf248bc0c173a4aac28c73..0000000000000000000000000000000000000000
GIT binary patch
literal 0
HcmV?d00001

literal 270813
zcmeD^2_V$j|IS1k38^SuNX{|NWQ0(;Dsq%UjB^-fMy_#HvWaxLa&=M>Ns3&fLWd&>
zkz?e_O%ulbf5VI@+qL`KRsXEb%=>=d`+nd1+}C?2c4?_CW?IQaMMbrE$M$V|sHkX&
zR8$MDEnEOvc6wx1fj`vfJ!(o+iN)M)R8)Bl7!?DIor{Gv0#3yXRi669D=ub*L}PfN
z+jzyrRS<A93<_xvK7w{Tq`9?)HQapanz)#_gs>PySX@$9OqLg_C?N&@fyju+$ja`U
zy5H0iZciRa6X|A+K$!B1t4fN9fuS}UKp?zOCGbhZ+TO_p{B@C$GM17M0G|{c91w7Q
z_#t&`4C#KTv<Os+)J1)}uBHaBxH9;Ru(pMRKWcC@TO_HAIm*;o#2N{17l(+5i$Fk=
zvK0zx2X0b@K*UAFL?opkk|HwF;KIi_sftU8fZIWvj;Vzy%6i7rNR4oespZsE6{S?o
zT`(G2Zt6-JGO99?2F@tisVN?YqtMo1eI{3n@@!IPjH?5Ds?{8R*xC%dh&V4)g;z`w
zTqFHLmCdb9Em5X+;ETN}c+trbc7Y`m25(Oq!J53ziid3AlHwA!HfCs7166U!ox(`a
zY4&K8G3{K`P^J!6nn-gv0t{j9GBqp&0+E;+)ZBHdMM_#`s=*RPc@Fupqy`;pH}VTX
zz{`?e#?r~!9F8WBHr0edA`uvChuMv0NPByLGP7<pMWK++vv0FNBFM8NKh*(Dd{!q?
zgN~Ug;`3I0Yjcd%)V(s2<kutJy&Z0CX+?Q5M2vjJ&XjU9xdCluYL0ZC>Oa{u6Dm{d
zNLfu35(&ne0koNyDL2`<D8mt?#ipzy`8fcYzQ6DEYM`bm=kE-suPAJY-o8giQA={4
z#*V#vG&ND%g(U$okwALb6yZc(-KhpN#+9<%D5R6U`6Qu}sMOiY8UxpHFa=l)-R2As
z476Ec>=57^=`!FS2xTM!i2~p4k@nywC391>)pU3A<KQR^oPv*2O%A3Xr#U(EFR%5-
z6<31;(#D`%!7RulN|G*;W<|zts1*6T^G9qEry#S{3`~)bAm3<8#!$=Yu}Q;y3lzaU
zWF+|V`;$2AC%7^<fB={J8i3HYaEuv=3IHdW35)54C$&$)4LuufGl9h`4i%S?mQ(?}
zL<tSpye*spMsUSq@&{aTKw8^lCKpFiiC0odOhimf5^!NL5h*C?53eK;6v~qq01QDh
zc=cJWfK$%VIyuCrcgp_7z|xaripWk5HRFM#+b177qfHzzHt@WU_k#C>Dgi!?u?Fl!
z!}Jgwu?vZ|#!PYTLr4q;uv4g#DZ<*4#Kz44;lTkWPxnwHU%((qXb-r@Bwx340leG6
zO2pRb5FBL>$H37d)`0hcI~-6uCO>R*K$`y>m=Bfy1oLG+$9xK#oQ3#g0Wgp7p8Q5%
zVobmBo<xDa@m^dULSft#j{o!GJw=zCDUhWQK=n|vKmr9?T+Cuh^zw>JIXaP45+!A%
z6UrK}DRD6^xbw$m@X3;N8T_5>eu&bbrKqW*vrAD~1@zESQQM=Url`9^TZ?iZkYLld
z&S;x@I%P<bNSdJ{0AWsg)NHvy7XLGa47rKIUlDK%Qa1`erf^p~Yjbmw@}Wc$SJw8H
z8k4tella)OhpgR^nvkHo1!7W*vjQFAlYI9RF*PX#B&P+#lx&*(J}D3!kSL5Y(jL6N
zDG+af@xx8g7-u-i@KHh`F{T*PLzBwTv>g3w{pVld@)X^LjP2rc=r<6GB$&zOq4Q3?
zp}hGlHvi9}yY?PMWepYKZHl^zN{Tuv!rHr3_9*IV?-AB9)X`PZoPpy14B7*A2?`Yh
zKLB}V;{K!>1(z~21MR;F04TLzR*=7>;7gDVSPHkN==(GEdx}Ju=lDNq>U?5<&BA{(
zvM~kll+5oZ5or>^W;FeMv7o$7X@+EwGPNVAxb}z8q(A=)A|cISZX&S||4k%7j!dG)
zj}r-00%(RLIsFAHnf8p#b1DJTAkE~jrNo?60{AenTxSx_-=~sYv#DfKv--z0CP3L@
za2YWfna@SXAu%`<4xFmLMF$BLew->KrGFi&04|r$sDjimLoxqtBF}ph*$nlsxP~NU
ze-+n|6j}TGYiaPeO=OCV@Q>>~U$=?>(&zZwDh3EV`AhPhf9~~%h)a`vVI&4f(Re7<
z<qW$(hJ4FBS9r*8`9DN)pve3O*!|n%L&o7LO#b}exp7-cT>KkwTXvcN<~erH6?B|s
z^!{xI4vg8~*!|P^GiAR8yP-b^=l+IxttE)4JCJqv&jaD)tO>Hq8QezJ+y21-xwtI(
zEy;pX0;KCq3eFjVQi9@Sp2<rfvSi(B{sao8z9CTf!x;=DSDPg1KaxQX!Y?yI;w0w+
z6bjmB2R%R!smUL3<u5@z6O?mC{iP=1^W#=7#nDeugvcl~1H97_vsvJ!C`|JRymQ6F
zejB+na~jAA7l1v^-~0zO+zbT=(aTAH#pgWle@75AQ2ysge4xbb{#x~))7NQXG0Bep
z>4<=_j*9Xg6<wXbqfC7l_oYO}rp@5bLTDBilm5}q*e+BGDhmaPg#RJirNo>lVs#F-
zOOfU?*)FBq{NcLNUkyur^f7)6OMU$G-F|iueaC><`(zdaNp%-fM!`WSA7f2Q`XnbX
z05|&=lMucO&;A2eM9xm6K%0yt6t~<AMg{pvkOVOENq+t@RmBQ}0g9~{;PqtSP2KSk
zS;T)%AWdsaKOvO9AxiLFK>3s*|BU+abjHljuOLf*)f@h==?lQ6_*-9?+rKxrTTh&#
z?EU--!&e>FA7#KtHR0o@?^YOgA)G8NCw(O1Vjq2dhfqLSn9O?os6SBDhmY4NEx(9D
z@hKMl#2Urtj^STMqxcj`KeI~l4L;5vRw?Ex8X^_4>@vlGS`1QE25|U^kuqfdI~AUy
zpOe`(1WJ~{Gqgh}g$idHdh^e{MydRp<!vA-^&i=_`0pH&d7ne_pSjn_HZ90oo1(@U
z6!3Gn+dx6^XI3mlKls6d3zEn}PpX0B!i#C8WTss_b?sMCL8by0)0r1@3pcVQI+G((
za#ZJ$>+2f=4nHj1{)Kqb-^>~&Rb7(!KUuU%Q7n`hggp)1nSg{)!iDn(l9U>--?9xv
zh9+xrf6CI??~rYO6ZfS)!F`ISb_VYM970XztM2=M%_p=?Nmv<db1^OL4uQ|J$`b!k
z3HY_>k(n7>5>y1t5w!ol=+WOqGzh6^ekPZtu&NoD_LBqwWWK6C{hO$!t1*8fmGczW
zq~}o8e->Q(hET>l$gLtLBvCY|Ii$#(#ktdJ)jZOm=87$l_|^>Xz<kz)=gh5=nZ%-h
zKeuWgD#&v=?LPtUZ|Bc1@BH~;f|#ML{3Lqu=kW!KYD)I?{F}<kFQ^y)PZ%ymfd2GB
zQqqotB=$PXAu+4&;on5RUr|^7H}H=V*qOooeir@t8&c)}bNyKoO13D!TYsj=pn0S}
z|Kz^pxyfk~i+=0R+l48dV1DrP|2OKy-^9OPMxBtI%gg)QeEa`a8Uv~!fL8ef{CI`}
zLlK=bBYF~KZDIb1Q(3ZRFhBV1{~!JNM-l8-D|nFo8T`*uWFH5`T9zbBi5b)mks|A*
zGs%4(x}Pb<#<S@C69M-hxt~FiHo0DDYS(SDVgCb_jZ;YV1MHiUdPRmM8Qyb6cPJXq
zEO5_1cQhsS<V)cG?T-Fg+|f{_c|apGnBGsK;>;fpwZ4kdc5Q8Sih~^FY0UfFjd_4^
z6rG10Ii)zU$dR@g_&A*~H<K$<IQ2Zzx##j(|5Gw}u3Z0blB9n#|Avx>Pm!6F?=!&j
zvz!k?I@*E+j#)x;R!rfC_fkSpQnhTY?Ll2V>9C?1+bVr5rvj(1n3{t<(kE}3di2MO
zpc5Eo)@H&}CmfN6Gc!LV3{FI%u$Zs*A|GEeb!-y(NtBnQ4Dx+}ys2C?@E)X>ni~FN
zuG;Ks^Qq^}#RfmVH`)OXw)dXScl&r@j%5H3)tWr(i98+h?#|nkNEzuLE91UlL6InP
z^bWhpLz8BYg|N04L7G{krcT2W`S|mr57^~|00*WZtjz%B%zl(2!r9an{hi~QAJVl)
zJE2GiCVe{I#%(G(%6oR~nmm~Rx^1Jf_T<}Bp!~&^MZq1wE0TC9=^X*D_=Yt^yP_4%
z?X2y0IZvVbH*^8x&cf?YzmpSJzY!fi?ft#qr=B(!MuCxL9{>R`4<bxStDU;`30hC@
zH2x1P!`CKa3;zt605D8Rz%X_I(D;5@_zgo)8~0rt<ZCec+VweLNMcGq06&16lXSQj
zO*(i9(C<Hhfxih6P2R-+i~MR1AOdJi5uy_b9N&ji6iEK2#(6-E(}4Vbj_M3QqytBR
zLw0_X<m5pZ|FLWY-~hA;z+wCYG&v2+-$XeNi1H&Szn>}rLF*#W>SW#N7ZQ@dB*Y-T
z*O2&{e)6^JbBI3h5+bDL?-qIhEXpWwa@en>yUZuBn1SW}B3M2rhreq1tom%~M&Jnm
z$6U`SbD(I`B$t4&g{hr2f@HMVA?=YAr@=?D@M(G5)L@jVH<GhvM)|~?C+C4OVO7<?
zI30<y-4><P?HAlpowUfx)5l&-?z20&)9%0F8l>cOkzIqbl%u0(x&|f5-rSj<Tj}{1
zPn$m6X%64uv@3toqbCOT`24~dkaMH#j6<Ji@5T8~oN+PNDbpWAy}(;EbuQ!7xxJ)B
zyl>nN=5IQVg((htGI~Jf+W2Bl*D)n7JAXX;5Rzw%1ll>!gX~28Uf1!Ddx9N+OA7Gx
zDL)m-(j+s{Ii1H-EO*kmH{IuBm#IO>Gng}>p2SgRp9?niIPenxj2jp%DtMn+#x{a<
z*7TG|@*8IPY41<J1MP3hxd}eZ?Lq%ePxKx*dM?-D$KgMUx39wp^db#58%&=J@Fn<I
zSWL>knIe9cOr2(4;6ZZ%Z2CG_Hp&5QQ_rKI6-As=Zup`*nLM4T1qVIIGx-5WJwULz
zRv9!;ML|AUqc6VIq+e!ww0{7n=B<~E#2bDNcl8fg<db0h|6q;(JW%|8V;s!ww=q8R
zu-I9m?^EIRweSC!F+K&B-^Td#8NUAuuzb}R|4bDkgT?e$^pTjEepC>^r?2ZuUn7RE
zU7v$k%uGeTA1KqF;r|z2{&_EqKDvf~K&P07<!`;>C-?G$z4qZG9UmNz0U|zV;O-zN
zwS43<TH0DFAHRW5U*|a(bNCKB2PD}^4YuA!pr;Sn_@d2$L1Ii1I@WIRPi-NH+V{Q!
z+|FUnfyBf#zjG*4Gt8tLh?MK|u`AgB+Y~eBtp3U*oLsjlU+oMBEyda+*^j>+zocyh
zfuBZM44g(OxsCJ-RU#o0z|Vi;utCxy|5uJ*Ns5Q=OP*ip>4OUAz3&%z_C9m&ks4;i
z9zHr$ApnkZxm;)XcxN8_F<0I$+RD@%=?u2#Ci!Bg9K!n6<`^r`GUq9I(*cfu!>bRW
zoRUESt|U3Fd4^km&V+0VQp_i}?Kf1R!R^fzQK(69m?2EjXlsy_3V>pY!hGI51I8Z_
zf&@gki#5gofRBV6q|b&V-~z&*`nHXf=}x(A8);o9zu03?uB1-WUuN_oUHjN=@*AZe
zX@_?>$h@3<*eq0<LJzpPB@jB>z!$R9dgh67<R&!I31vpUYtEeuAYzk5@dLG1GtgwN
zIuc473XU+vSRbDKrgNdrx4Z&Lnt@dWXI<|?THAw&rx>}mK#~$_A}t<iMZ_pk3Cg3U
zR)XA(MD!rc`ArqVfB8%)$`q%cNjZ*{@=SnSmT=4uJQJ!6-fqT$-d|oD^4-dC1mY_*
zBCXuyZQ^3qB+LRU^%q$24ZGa^GXynF98*+8`br{?Ndo%<aZm{HBk_@XP1D|-g!pd~
zl(^Uw@V~IgvOiiw{QsWvBq_xyWXhAJM5uoO!uy8(2S19W|3F6}1qxLG=LA;dq%QU4
z^4>`?^kwe#k-w_Jksw-%0{KN0wl4JvTbGsiiFK5@${0V<KIdeqUsXoFhX;c5Bgx8$
zh@`j#NpG3vxFTZWB&~F^;V)E@$!ojdC~E*GQZD)=!=1%er?BE5QccLT@KsJKIk~hy
zfM&lr=`YMl|LH2tS$IB&={Gy$XJ)?I=ceDk!8~Q9M5M_SG_9dZlMSUAh%YVy6%n5!
zdkae0fSn>#EvMP@x2ezn3$>KI|IV!RoKJY@e<~gSRSRB<V&hDMmn2I`%P|AIKaB}L
zSJCd@0qu8_>$GO`-;k^1XV9G5gm@M-#U-Rfq{uWp)7>T^PUd#=h*&AQ+bm-J+!a67
zLe72q-t0PCr$cZvj0Qk?U}%GXrxJERs=SymDOnkbGBrcMg-MmzhfIM(AG!_c07sc(
zkSJkLPl<us%@rH?ubkn3Yaz50H9^RO<m~@j0qtL{zpmk~|BuVEO;MK|`uQR@D5`<Q
z`II6-_9Q7{|NkD9v>i+xoj|ngms<#6lmFv$k|Ncle-dS-l*jzz51a2yiX@a!_P|0$
zPi-<WS-bVsRhUw$|5^4u7g#_hgcTBL3$jN^6_dhdz=87(2=QZc0-DNK=l#9VlropK
z`W)FlZ<$gJNc(8asTxdo03T*$Qj;~2IkV*dDhvBBlCGzQnmzm{yGndQGxJo8{}!Wm
z4!|{LKX=yPoMQAd`~o=g<&^EOQpztYk%0T|tCI)o`9)pk)9X^^5V1M<#C*|iepy)l
z^4i6ZNy2|ix=*tm6!<hL*ZvoBkmM@)pH_?gmV;jsIG^&m|MmA@!JPcfaKE6ze2PGG
z*$w}hIroz=TnfMaY99SpRh?fJRY6kGS111|Dt_&|_}qFP$mjm3ZGZKlzwC<tFVqf*
z)Es&>0MjR?>|eLc&kaV*;TEP&lXI9E+a-l@B}xAQ^Y0hlUgTeiM*}h>;UgtlDMiUW
zm=Ud%pzJL&Gq?q%G|r#k)>Q7^C;LQ@CilNeCI2@7Bu+`ABSQ!}2Y}|>$U}k>x|}}%
zf<VX_&~ro|e=yc)g~2$GB8#6hHZv659Hd5Bn*wj+6dU}E#r+-J_%~n=g^~lvWY|l}
zkW)ft5GUB#W$IOC5~l?DzW*iYCo@S<NF=C^RpAwzifjQeO#V_*rBS91R+>n2`0Nzu
z$*bnprj{sEJ91}o2T~c?REsYIPbn4E8mb+@%yBu`8O8Wow~;HqXFxu9;Iz_ZbL%*v
zTgP-ml-?pWeec}6xFI-I=#tRxotG~QS+n||y>nIfyzs5NJtGqj>K(I@+14RYsHH`5
zVS0TBsv!bhH|XkB;%d=Nh;H@JN_^zU!gKt>!au!d{BBiU@`TqXhSl@chHYEvKK|mC
zoW@o9uAx~s<9EfjtuzWpBX8W8HG(%?b|N+Fk{Q2G*3c{^u4vNGRGBg0R=N$nPK#&t
z+`54EG_GWgrOl?9Pg%FdC&_l^t8Aqc|I?e!bAham4(p7kETLw^9-sw1A#4V>O{m)|
zZk-f|KQrm7P9?U+c<s8RM4$QLrTV*?^prN|XXgd1Y9B~4acnvk$R&NjD<xRuK=tT^
zzOjezaDT^@Z6}t#PBvrkoEUS)bW|+n@%XTtIfIFPqqn^KfVXJ<YB3Y4gYI3Dh}XBN
z`J*sP7qF}jI4SaAVTk+|h<5ZAnQ>yHrg3eCb4k14dHK%4QZ=5u-iAlXP91uY&ULQK
zA&2NT?Y((ST_k<ORrxb`%?lEYW5fNAl5)mvWNIA?R;3NrxffZhoLrVy93_Xwl-_}>
zYea1>FHAw!XXh_i{U|4hTXt!lKgV-Z?S_ZGyR+P!9v%B5+O1un#<|`@Elkq6+epId
z1=Y!A!b+hc2W~qwDCs5`uxi7GHdLqDa)y-na|r&?YSPtpzdk=w7A*#5!Oc?^M`$U6
zdT~kGoHxB~QM5ABslw1gOVYNY@V$Oo2mexI50OdGJ8U4WGRNd9_j101S{6UP5f|-t
z43{%D@TTwmbI}OM#_Ij4Ho?5T&Rx~;ZHTg1&A^K-6C;a86^|}hi>%9RaT$+Lih4NS
z5`oOOyI*TT*Mak)O|~iDG}>3d(^8+=kcL09=tY7dG;^dogV^B5(>p%W(|G5(2z2b&
zoz^@~<876R2Lh?C35#a-9!c*DlXpKHa*^3WTgK&ii0~upxTxc*fh!wgBkUgn5cWOg
zkHH^hfr&}WvlG>LJnpiN>BaB4#w3z6ih{x>JO`>Q8w;T&5;PakeCi#?j}9Q}vuj5K
zr4_u!hxqGU8W*qcefqBHoOW^hV6|<M%G0yFfx9LK>%9V>OnfNQR_x2h4xw}tjbt~(
z2=Bj#FV{Dgj43;nGcnG^9ntktT~u;nVr;NJf-56ueE2ywKf=#8F?~U1vP^3vx-e}^
zNWrcb=)xG!;itrt!ms+-2zfWyQ~;vm9s$yj@5E{zpnJ<}!iZ%m80dP#mApFbNXcGI
zVucRX9wVK!JAFuYpMq7+k*q|3IGdM=9*k7R_ta%^(Jxw7Xv!D!heNPO^RwXV`%-Tj
z(#QVUv`Hdn-7Ya$FOJq?Z_K*0@o(<exy8%+37?lwwXKvoa?WEH1}&m6PP}615xc9o
zXor~lLkPFDJ$GXEunk%V)fgzf(o~bWm}|)?HJ_4TgzdFAIiht|FUI>jDkB<)2YZ6v
zH$RU^H=wD%<9F{pK{RJ{X+4$@$V$vSlh*ri5jsrT^}RXz3ZeHAOXC@})ezVUsKp=l
z>CGVt5k9-H38!3Alv*+`EkpoH%?>{~VR?5jSpOj8aCy9bNk9=lFOMg2?XzG(%TbQ*
z;S+-^%ZEq|0<Qwt%E1p0T7+nrS#Q(9RMx8u01EIkJ0;5}sA36#rHb40YWEs|bX5z{
z>Ugwdj8ag17yJ7wYC*+od(&x(UvW$M8`ZIkY5E=t7pyh9)?#x%b&p+@8RMu^M@2Xn
zGZTiX%3;7Ea;2nAm@J)?`YwhPe(q<+o<n&bp5EP%h$rwJqmk85G%`fLeI`}rl8`Tp
zO1#?|04)|f627k92L3!mGJc}z>5!O*Uwj{SPc8=*#(NRh8b}wj?RH-q!`Q>%{<<vp
z#>OB8slx_siW&rggPAS{uw*7|VqHm$0?)`m7nIQQn$sAYob2lvhhuRXlfi`F<RWp`
zUT#2%CFw?N%cxry8XUP`&B-3l9%__)57m1M+bfz)e7Nu>f3yn?`&0HN_B%!@7S)R<
zB4n$LqF92DdX4p0a+N--!3;dgPG47?AID&1ZRsgXzkVbg5MAFWp(MhK_{zIY`ch}Z
zIq%US0+-_GP-~1IJ8_)HU|`$jr(DZhYS5C=fo)RkA2d!dh8!*73hPMBDE<=#tHSG0
z#ojdtwB8;WGqIY!+t>vVS?LX(xQntx?vnx<745QRr(P!oOP55j#Nv+;^b=@Ev?MLP
zT7zI}mhIV?A6Ocv&2!hfET1R{sN%#e80RFHU#PW}##sOO!auhb(h2#L1jg4iJuQC+
z&{$9%FKzvj&e&^AGDPHn4XR4OKgP9X#fNvLkN$LH+Uc*sgkG&5rxnFb<26d`dlD)d
zlN@woi^l%sY9Cq#jhG<$fv~6b777~F$*2dn8aJL5IG(<4b@A%NJNof@MOT||uiA`R
zn2v6hny|Zt_e<elx-E7>O!Lpf2VI+kO^n%zHIGM#jX{=C#Q^w5Hxve5n-wv^S_>Kl
z#>ePk$m^@Iy^7~He|Uq;36EP7vOO-WwTO;O|K0w(R@AmJ)H+UDTl%)G&m5BQmR`V4
zY#=_~)H`(58;xgzxxVCVdMb<FGCa8oH^{31q_89j_r<8ad`d9v{`WK^q{8>2?c2>o
zM#jfR&;ifx2DFvMSu$e%VTsky^5a~4#`JrSHfIiYR+W7i0xKQi=}N#AWo5bbiwlUc
z2aHN1`NBdD)v`N4ZDicj!h>&YV1J>}Vd}J^E<htfs_4Tib!Hg7tn?jmhMetZ*5w~;
ziHdP}$k=k6&xjd@)Nr9qaqG89IZ`4|fA^6w{v1mIzU<s3WxuzH8Qss85_3_#RrTqu
z(YB`=`w*D|?_MXbKmNyxr6Jl0G%@!aeWM9>uWw)4!FtGzS;t96R2|Q7P(hD_&rj6Q
ziJv5IqSsvHz-p%%o@4iUyrh?tsF7!~X`znQ#&>Bnnx)0BmfNQAOCLe`MoLp}35hR~
zu5maDImLybrO);%U%C2G#DdtvyI$=%kIIV?5QAD2ib*fl*xOfc-l5QOf{p)ps$UG6
zH$(5%zSs@C`WXU`(^<=(xw2TWAQvb}#xCwtJu1y&lxpd=RKG91y*My7_vSl;@*@e0
zlkfUPpwj)kr3DfUlr1V2GZgTthtM}~f|Z>)vbXfo?N&Bs`|fKjVIhzFrG=h8#qhN}
z^CN^h9bJkzCmbVo?B?Z15qx@bZ`o+${h6f~o%0RelgBZN>rkUnfI#980s)YzxRs`!
z%d<jAWzAZ;QF>UJNSe}f%pXkH3Pa0khUa2?Hl{ejCyM2IB;bMqV(S@4w_Zs<6RLDN
z!irxb%tWe7+-p4Ay*qbed@v{BL3;(?{t1Gi0AHkh&AX?25#x`BN7*wIDvNK5=eFZh
zkn#7hGHDu58#2RbOUg%>S8ZPISQ0s5B1_cE@*3E&|H+@y+t}Y_=Hl5-;5Kd6(0Qv#
ztKU3?S#Pik8~r?v2dnh(nUqmcoP5po!W{H9`K3J7>>7B&0osOkJk;)_fHHPvZiG0h
zxuwyeGKkJoNl7ot-+Q6UF`y%=ao@5ApQjZ-m!qIjdNjdsR^#tGf3Fe+Nq%F<w^7H|
z#A=)=Qe$rlyHDYU+xXk}m1Ka965jSiBD&l(=)h6y&YQ==JzuR4;!i+2adY|H^5FTi
zYg<$>D_sE2__l?js)p*hCDci**L9MaGdK3KAj_OX_9ylm<#hnQBwV*WY85;2ihcX}
z&9o9IW}2vjT=a}sq%r$aV%<QFMNA7&Udw8HR+wZ16HTVnM_@Z%j;b_QWJB+&W8tv}
zcHrY~G@9RAc$#D;9@S+#jnhtLsDWhDWy_747_Rl{5%IeEa3$lY?ykzPb$F6Z=ePA{
zL>S|Cd_jQ76|M6)=TJG`-rD9MU4!*LF-+|%b?CT(h1j!XyAvCfnsGF&6#nYOQernM
zjxIZ6^bC{jhF%@T17`l-%HX|L(cG{<#J9$W2l^mj^KP2@1Kp(Y6!w?~(s^#WZmYrS
z01V4)<u&D+h2U;8)zIDiJMkIMqriCY)ix!Z!D-Vw1quLd^EA$R;nfEx!hsoD_)ffi
z8za^^T?dRezTH=HDe=a|M2HG*EznMxeRQQEV2(j64yZ<L1e0?njmLB2HeUkHxVNz+
zEvwZ;Xn07UTmQzE1%v6dp~f|jUmJdSoc}uA_Wn@MSv3x|u@sxPRcbvdsW%J4bL^__
zt-59_k(YbaPpl)WL1v<}x}^uZ_SqHXgL%EBY{^a|%#oG7LIEy!ST+TVo}^`9URUqf
zU;2LZc-ZEFA?__!>a{0NVNc{=tgC&I@@BDV)q$5c<X{&d46g5+qzFXgk&1Wd%D^X4
za?S?(gJk15^pf5<Y^%S2ppscsq3+G-ShU)4e0YOd;TBko*t!k_FIe754#jim_P70O
zS-A8Xh={rei{*!5M}sUqedXN;FXtM@nZCZr;IJpSvG<kw703E3C96$KY6RAoUL3GC
zT``*C2({1fS`%A5yi(;PyK1XeXyX}oByByDO`j=)8i%NVO2?~*1lsNb#sZ#mjZj-}
znjwN&36F8>ZGL3kmg8MrQHi*$`^KSgbun1dDG#3eHF9gNXW4oY+2N-|PDInj6g+V}
zmu%SsGkTc-Ij&Ip=5<TSnpa_$wrUKUFB_JZq{$f{4_(oCit7#6ejfJ$r!7R{Nf)oC
zvb2O|*Om_v-Q7Xb`CfnWSY`(9<al=M!;UoDrpJvzi`$auPlmib1=GGbl->`qs}b7*
z>(u;!?Q}KrD(7`Evr>3dPrsB%eLZA+K@D`d!R_T64=|<msN%i4unfV-KYHcjw|ZW5
z<G|NNct6M1Tc+KS>uuw%_aYE3@KcuzP}}T%KHm9s#QRM(Z7l;0k0*0NSctq!<0)Lw
zbMJ%qhsRC1Agj{`8SzJkaSV^V*CJ^=Vi*$B>0Hu{@5ztrSXD0x`>-Wvt50+ZRarL8
zKqq~B^nxt}Du;)TvUb7;*{>Tfa%uOx_zcp})ev`>NSDH2$RXf^lrw@3<95+_75QUb
zy6Rq9bf=?ed7rJ`R;wqsJEvcZaKAwAd_lH+`f2HU)AO(as+Gp+wB=mgkeEQOT}(M5
z8%@R|VnXG|sYKfDa5UfSEE(>6xc}az?mW4^Qgt=cq0A#`BSrm&k;YkZ5*3MseuT}P
zxb#)`B67S&99cD1?dIOAU4PP+r|MV||FXQo-FXgf=W4AyT0?}~N28n`hPyjz)@#1b
zS}z@&bC5enM97<V1l15`Gvd%-_r?K}M=OgE-bEBUbt9XFv-SZ8?{l6%Y*`dWE%zS8
zj=tY*Kv0LV3pg$eOnmK=vakDDE`OMOgUCk4(Ew)Y{pS`5^xp4z?aQ|EpvAV9TdUsq
zynR=aQ~B1f4SB_)pDh5V@Sth8>V{jR1Z04V?b7y0Pp0glcbd>%xpQ%slr3WxW+$oh
zZ|TEFwd5FM8xLT*#$<{&-+I8BCmO&VG;CS%xO31rmA6+^CXRWZq%6NJs#Qv6QGam)
z>)|^g-d)Zmw}`})B(aGR-j-NzX@&+wv*we5RdNug3ZueEXnkSux`BWT{8tPc-CAmN
zinC~*>y1+T7kP1(NUS>_h<z3;;Cs+{l%*bfe>r>VpmW=?f{Df@{v}S%TM(}ocUEx>
z5n7d#d_?h0Y?~T0tj+E`?kcLh3-L;+PVEv=@<nBfzS!0E(6$>F7gIuCat$|jsN31a
z+Cg;v2Vq!K-(dCP<uErIn`kUeb_`6az|xh_1gS+Q)*{pS{NxLG_Omv^i0mgrZ#^zR
z%KM$X5V`7XiMG1_^8L)KU;zvZwpg|(WxRe+<G>s3ZWkFYy+Z%yu4Twm6HB`G-^Zne
zGE}dGE~g!ScbBiL^m^Tjw6^x=VuxSqV&7L)67hkSFPb7ZU*D6Hnto!~?O8`lY@*HB
z^TMLe*PJ}cGBL+8R6PwcYZi{0j9=*OvrL;PwLHVGy&7?F^CCO@Ooo)~ecpnic6>fO
z4e=+XuPN4>XISz$=*gMXD&RErsTPG2kBu{k(r~^aFt)$s^%2}p(+H!{LsId<7$oH6
z_Dis|(IaY^|8QZH$=WQ|QPf#d3}Xu$es+e&YfSZGwXabYRq<vHBKABIm~1Tai<*jQ
z6E4sjd9d_0(_FMmLHHQAZ@h>e>0F_o*p$(h)@*9>R^lR3e~lOHV$Y(jsn2kokg9<X
z9Sahws4`*HGW~QW#RkR-mpYRl@t>DB#jXRdeWd?M!5O;ozPK*s;C=3Wgi8A4@j-0b
z%|VMuBV-WkE8mkmN=0br#sWj%+a6}CjmCQUB3&x#gi32}67)K&!ntCCgpa@9JJ=Y@
zKT$N?nWi(?Fzmw>w1g;kuPOh<L@?CUu<!9$TH6h;K>m%rmYKT?k2QNBZ#^O^Uh6H;
z9&&7#b-zRBdFhZ}q2|%@ogs2o_M7W?_R*+Ya4MbaxVKjOAU>ru&jE9dHmx}v;eNsB
zer=&?L!9sKmb9@nr$3Q3y9T&l$1D;(EO4|d;{C+|U%BL#%29(cbr=R~&UQ00yRw%N
zuAQc?PE)_$hqF5)UCO~F_riMP5iM$rT_r={nrmWXh~oQJZslDTd4#8a-QqMMN?vt-
z$gu7bTW7)SgT3nq#$-zpn2f#jjWY?k7+r-v7j79Bs*{$1(go%ARjdla`>7LOy<c#t
zN9R#r<5^>|_Vn?MM%PUqbBr=PIEakiu&qppI%6UUS;%(m9M}Cv3S9S1%1UC^8fRy&
zwM)&%w~Oez(&|5(Fi6c`s9a~#8{1IJ8r0~oe&Isd=uqeD^hJ4En>p=7A5gIwyT8P)
z_Sf#u4~^K{QJ)izkkJ|?LJ>8Y<y)MV4?i<lzg%Gjfm<XK$A7Wwu4KoA;x(wK_~nSV
z5!wfzy+Ryc$sgm5R9F$r`__44T#{+olc0EHPoN`@#-j^8ac@IL7KFv|R9KET8pgMU
z$g^M9OzaF8A9TuBmbX`xfpzk~VvDe8eW4JMY+o9OFFS&MQ+FhN5obe89<;YTY!EHB
zkQ>U*QtU@?>k9XCH1n$<I+rcW>?>yPJ)V5{md+h}?(8rbnjY=3ni_MVq0s|q0&6jU
zW|irp!+~_~`|bxy-}}&7-9K@G-$*#A`?%Sr5XpO1^a`VUSM9-jz2|)~Zh!GjDh{_A
zmoL2ajhwfLKJBV~Lv%3xrnsyH38Rayd(b<0%Hzj4@2C)tC;1#1@<AujjvFi<?GNus
zK`x_ybC~KmY{7z{C+SBfD$FmcdtE%d7@ra2!x2LR-#J7#emfcWz{@AdkJj!1b?`G9
z%gD3By#j>_1P{L!t5i{jjZZkW7oeJH_`DV%s+ll|u8iIIvIWm8xZG)bG-*A<na+zY
zK6a;oIcC?uu@P2*g9X^6o30UCH~4rR&RAttZ7nC2SbUN*BLpJ&inBhue4#<&lX@|$
z^-_sXPli4ShDg&?4!k+f`_?@xqc{PNR`Gm3yd`b$R)0%MPH6L^=mY7cW2ybbLq^Hm
zf<%Qvp#Xsr9$$a{u7YZgp%-RNZYi6!d?t#T*1b-amEOGg^`DTjotIvh0)p~RJ!0IF
zMw`~h7$Y`_yc=<3^i%_vhJi@b{v{drTk}_FI)`)7!|ZM&qKLYTLg6}30`}i+S__=t
zp+oe2#kjLpFWmSq)Tb@ZxYwNjT5ad0@oRF9)k7JJNz=@DyP-F0RZyhI6OK{XQRBzB
z)`JD1=ME}14qG0o?3Uk%Qo54xVFlCcb2qt9Ivcxk3r-N<Bvj}N881+W@gTE11tUwB
z^2a!AX^(c?6zw@AJUZ0nXVIUrwfXpUN7UYwb*o-?UVZ0~NAhkK=x(&sJO4-$_@T^@
zJ+cc$gD#jL<eRT<0`xQd2XC)mAa{_xN3_`Gv1j{vw#EsHK&)jDP0EhM(sz~+%W;+#
zg5_{+;OhGa*+N)+C$2jyJd}0PR*Mr9m6E2{;5SX7TTj0x#`AV_Q3NM=6xZSLvYgQc
z!kaNgOY63z9gNp9_&{JfXJgivybasRu;2pwP2=nfR(o_d_J$Tkd(#;0XsYpNS8dzF
zd#AG@vLkAD8PT;#?i|FEXp*vY)hU({#+DwBk-;nYK1;3!dGx5dMdk>@7C(MtZn*vJ
zCugN)FXjJ1|2DLKTq%%{wC&OndWW)dyBCS&^cIpahtAjyMrU2G#@+Xy7<=2?qH5Q4
zI=dys0mkSYc#ObF4|83$KRGgefva*6|1vDi1|OdBld@NFUTzzDpNN^%K)1%DgE}7@
z;|XP(^@-aE$g&jr@v{QBfde?-`&5=O4IL+GyhgN4+IC*lw#2t`$kKbpF?efR(5@e*
ztsJB~u0Uhtk*tkZ7+mI{A&YO?gd^U_=4Zq{v%K~$(nUyY;09uUkO(!qz#lagoGv5l
zFXpyoXNzRv20!=|?c~2h2h%xzFlHfEp)~X%+q2bjSfwhqeBOPzEM8e|%{m!0F@jaf
z_5iY-Z|b_#PbAa940q#us-w9EGuznu*o&M`y*7F2QrGDraY`P}Q$1LPfW65O<dhl>
z=4>@iq2(Gcj8Mks3~t*oI&4R6RN=9RZ;Rp5(Are`RFT(qbmN(WCoj6R9p&S->I?NP
zT&$A2&M$?|^C=U9!``GK!$d)&&L!_THwUmp3;U>~Fs<OSiOS(B=jv2!xWXLXD70VL
zr{w&l9++@|i0HW49v7u5XlvHxuzo!VG|tA!<HnBhK+<%&tIy&FcQ*M(TW<I9s#Mkv
z->VU89l86;g|@Xl$^9By#7LHd&(9n!DcKm1pDjb>q@}>2m%Rm@*%7^)_SWV)Yg9!#
z>Ov0c==%5N!i3I+qqrLm*CN{1B92D$oamoGh)>jB-F@J$eZ$BZ7ItD5!(wQ``!-s_
z`|vkBR)U1iTg!IhQ;cC%uQL%LhVX-_7V>&tgC|%6$7P9~emA!1)N#|aH2S@L1W9*p
zs8c)s_7-D|Nl&(i1^r0rh+Kq39Pqsb2i@>iXwinmir;F##E-ok)>U!J&e10ICSTUg
zTFpVzC+nRfUah=mq3;B-R>R)R{jfy+anhUHtX*=05(Nq4_M1dT>T6q|6Bf-U7^)x1
zFLthbMXf#9Wj`Q&tntzKk)a6pB|D>DK5lvl<&U<*y{IhAjLjjeOSsGVJQ@cPC=P#V
zmdd~S0oxE^$X){$3F8_Z;PG!3oRFCCvM4$SY3q;MdK^)bGtS(N?cG7pwH)d^aUB)e
z^MI-KoI~Yy8L!=V0wMm*-N#&wabf2-`n%U{*@16Ot2srCIZcx@aT2GKM9Z_7Vdcoc
zXp@x>O-@xH?lL?(*kOVj8;#L$#n)ci8p!4m)93CxG4`fDdvr`71uIKrV5TXMrZ2wU
zov}iuo93dX4!++9<}=Z0WxVr6m_W9~N`H4I;x1XDXg_^o)~isySC$)li}`VN9@!q$
zEQc3#x1YD`c*vNIiR8le`8Vr$SSyhfuGSony@oYH?hn(p(I|}ew+Cwje`+;nx47$I
zy{GPS@IM`A-2)D%{au@t@Ijrf5*4=!E%hFbp?jb9T^DC4ZOGN!xW6itkd0QiKYuHe
zC!(@h@{mWBkumf5rK32V%3w8Lwt*`iJ(@0e%v>X1I!IU7X5=j#P4D4UEXvR5Yb<=Y
zQO8vw3~GFF*F9Wo(J`;aXE5}Ka6SnSbBNIR<-P<qK1wdYX~U<jI=+O&s#7U%x(n~5
zKELf1aDe>-!YJ3$;P@TOim*dr1pD0tiA$&=4>co^iq*a*Kpxx!@?fd!rPdXD@cS=^
zaH*y5E4<6>uP0b^bmBm=(TWtq{#f_n#+NOvE0Z5rOoZ!ev=_N2Z86pBu#NQM5V5X!
z(j>=u6D4(X@2vnH%WS(-@|btKDlGKnXmSq3^QCqB>ls3A91qf-tA3QP%cP!JTb8~)
z+AS?($Q{JFEXr7sniBCZd$3}{S8r9U$)$spS)GEVo=6{ZwIrHs8R)caxj_}9u}kJG
zi@v46O@YkxcB8x7*J2gy64KKb<`t|w*9y!5eT$T~9<N&v0j*K50YY!>{V>RD8E0{m
zD>AL;*y8(+zdhR$2r(PLN+9d$YmUAcTwT9lYuzg$!|bIQo+Isl2Hx!?bcHUsz_sDz
zD*a{wY!z|Carccv)X#0bwP|6IkT-=f8teK@6)x%ZF4`;00L-(ptBJQAi@8sZ$Yn<k
zMh#7vn7ua;<lsNqm}I=Nw6i{q!GyS<t%z*_%o<<wI?dlWtzGtbYaBAiVcRP@0%H>L
zo`b;V+)+5=s3|RvSU_87-gCX}cpk;ECkn^di4}Ym5ba^T%qr$pG~;hHV%Dqp#XyW>
z1PM8w7lbd=yXJ>3CA@rtlUATM4(zi#eC@O+@i5-Mduv7uF0_7_Zd|{fnzNRvrj+#^
zYO%v!XMB$n4hi+HtRpaD?N2pp(n!~%`s<DH`a-lH2D`My1ErZV({ERwI*=WBuO@P&
zbtOKc5BI19j$GK{I6BTH`(p6bx=8twz=3|YQ`#Hcj}X;p>ho1Pe3aKQV!h}Jg?oDO
z7VA&b>i7CN2^{svKwT-|suCo2xg%8*jr{tG{8Vncxq8-&7Uo!_2$ms=a}H;)R>noA
zaCr%BGNBufQGaiy8*`-;e<zBszqyN=H@QD%OPcd5H=(e0HewCcb3z)m^H_{4dg18h
zYs{Cc`m;6D5rreIMZV<&UB$i}ix!!*Tz~ue&RUku3KJ|A*@jzemBoUd>*H^yU&7zS
z%DA^=_q=IxhnEz!oS=Hspq#z<DWZw(X|zdbC|x$g5s`=N%1onu=i;t-v>sgkIzGN?
z<L0iDu6)|Bt2egCm=!nHMTxIhuaQh^T9A_bDu+YBXd#zZ^od0xJpn@sLiso8c_IQY
zX=J%rJYKHh?jE*d@1MFV1vj`yi}v4(i0oFivuCmv)Gw(zaza|~O8UEfIXo>Bd~$dn
z5moGh?%nTR+KL@?BghMly_c_fk!Ab>5-u*$n|_8bE{037%7wY)8s1#;iUF!uU{o;L
z_0o;k4?Q>Ph9C8E3p^KKHNe?tq|%}jwucv6?nzVTJn8}7SF6;RaAd%uIZE2?4Doi%
zE@@0$wDYy9cMm*EF)94`PIcttBPt3JnuVE=l;w1%R&?*PY=04#($bJ>xtb<P<sK?^
zAO6_0g0R5U@d2Zn1XdWg<g3v@+4p17t65+2R}}3Pk|j0`J_<-~IiXoOaR6?=H1!D2
zkUCIZCJ@o0C1W9iK5;zwRa_2kT=<9iIJC#9!d!(8)J6DulhM=b%MS8sG1$KYic;6B
zDwt1+(Gc5(5xRaKT9}V^ZXwr6T>h2`mFFHb6CKIf<;4AoG|_ItAfz2aD2^OcT#uC<
zi^A5^y7bHAyK}S0XhZ`EjHA*Fv}zpm#alQwww<iJJ>cL3TguanSIeey+O~@Zn8yN(
z2QTWKtKF#Ae$mkIel@Es@xXKZ<IV1+mrBma5*11W{$$h+rjxE6e{k_4E3q)xYj_y-
z#27Eey!r{84n_}+Z={oI8A=+Fk6|U&j6N%OfvJRz*_U$DC>RvW6&#B8x^`}$F~B05
zNqSM-GO2Q8nz6~apGp8OXEeKruhvg?jQ-^COXr7GDPBmC6qbv{Dj5!?cKdTDye^>)
z(Pj>gob{{eoAHA04y|3X2ah&;cf#_1Zt($k+^aK;JRZk$DiaGXhc^Z+8RWcOKX$he
z5p9QV7;<U8!4T+h$dlkP5v*?R|D>alF9PMw9ud`zU7o5X%P1^rWp%TCm$`?6#~&bE
zhoH;$+RLGJ)9E?kw%rJGN;|iKO58KY;5$2=kJFf(cvawb7{cLb;YG+|ZP3tXv=pR=
z>=*0H*JX~yi1lCJGbAn(@W_IPMn5U%!l>J+O`FYS-wjFMb}w0-va}>HJ(qY}!s>pV
z_VQxqT5RgmEK8Bm<AD*kQQZu&2=m)Fg-Ugoz73=$ls@%t-hoWNXJ^3LV{BS*^RhBu
zLJid7Ex)Y2%syi;=Za0^9Z0VwAwfA8nT1Z;)XInz`6JYF1|f;o?rZb^;5yy^3RnHQ
zLm@VJ=d#Yt`0NEOFH`6?>USCL^+WJ<da|v~nmCO1cY4$y+H2SntbJT*=onX?@`3dg
zTWI3ny)Y(t860XkbWJ}wNYFmr81S$A2HQb!JbYN6T2P-_`T(=gM6G_R#Rs<RXA*iG
zQMRIe&G*qNkw?PeLbupgF}Wq;gWT%xn}+N~Z^R4q=5Q~@bg=|P|8ZWpnT@zuj(D>#
zz~!;!5HcPsI6heS?oIDbpOQ?^_yf*fT0T4msmDi7*mqDloa?&KkL%JOLG^^2l}KDt
z;UT^!j7e7wLl;?U_q<t0V6<R~(Ku$kFZaG<sT=<EcAENXbFM!h-n^_6|5QZi!rtZk
zrJHgk$E3o=L-hQa>E$22A8GT=y%UjeL77^+)PqnqaiQpL&EtJd*OgWAEIILi+(Q=H
zz3;A)x>a=2I*C*5ilB4Y;v{xrVaNUIjG)lMwY{|Q6}@XsveXY>D9U{^UUbwgv|GXq
zQs7w-vc;lIm@xTvCD2IuR;SmeLVJYF5DB#?&hat1q#Nz%X4(kN=4g|>7^|SY780+n
zUE{#A&>c7?aQxQM9EZ|9DQo)+c(XSXgA`mC!qz=nmZnt1emWeT?Q593ddnY4u(4eg
zn<RAB*+_Po&`Ij(9S>N3a_##3uy(N;jh&aCZgEpLp|37%mjEurwN|S}O(Y4lC4)(X
zgZD53DV*Mi?<ANN*t7ViN}hL-YwNrhd+gm!UmnZF&O=3mjYqW=3XaEE;L|p9T4wQk
z-w;mVdwhPao*$z$pSt6n!&{yk+!=lmE*T$zie`_!)Q*4S%1ITUU*lG9X6V#wc<QWx
z9HK$5ZLDet-Cy5pbD}FLdyF+uB;#q#yJRB^85mY+i4A>>^?rGVY^u5qVs^*dj5Af!
zyw=_p51a_o^EbF|8!aH4DKKJIzE9`j-A8cY-gmV3Et}slun|>L#?m)m)lNu$cni-^
zt?cD^?I4Z9JyHB=nwZ+;_nL!>xXOC!YdfiG<*1|Nhzstt;|Y~#BpcmpX^foC^gx03
zyNOXR<5HSM`(lL@y79vF>}OlpiN@LVx=8xFNczl|^_3;L%D5fE)UgjRHf)A?hL%id
z<#<ez2jQJOT^J#%$C_IG@EsvO+d2mOJE>xK%q?Wx4OGjRdA#l$3><R|rt?HpI>ttE
z1mP@;<#hJ!3|8>Y?{dc9C187A_mu!Ga+%!l#Tz1zUU7L^FpdV-bBYC9ZhR1)P3Y8w
zYtmnks`a3W5fCjIO^S4NbFd)PveJ8+FvE0Cr15)mU|p{CR-PS|aS`L(q+81pl4o8t
zg44Vg;&tDykgZ}hY==os&H3k^hT?Zk-$b<>KO$_voDCd+w%chG%GQAh*gMU8rO>h!
z>+maS+)9IOjT#J<K@MEUFgIIe1ftey)%K~dnJSF}$1BO$g)$)Xw0`aBc0LObWP@CJ
zew~dJ6Vw7>xS{nN72EM~M;_#}Q~NChu}8W+wU0GGo~i|Ah0|pa6RZ*V{}N;TCl_md
zuMXrkSW;Gp<G3S_>X;gg(owRsT3Irx_}c}EiUm0ME;V+dP4~LnsXesa;@c}W1aD1z
zG;E=@$zd_ytfb)+8`k*5Y=6+ce^xH=SrUkz;v^$KCWL^@kPT-+fOTElP2{X};_c!f
z&bxuO(t(r&IQ<Ja>Qdr~tMS>S6w2w}HBUhx_uL;wk4{js2uKMhTi1bjGXL4c;bk-P
zhkZ7%ZMXF)Svv04rg=7L`C@(=)`c5IoKBEaRJPhMrX9pjfaJK1MrmTF6vkbYZQi}O
zL>%r&N_HQ#ziVH+5+tM9E>oOvK0LI@Ypm99J9nq!YmjnlpFL!8UU>g9kbo+&*||Fa
zq$OXK+H*i^_-)?F-3bN|QU<A@NX~G(U}tRxXXrt<8*kq$c(u7dVR*>M9H8!559M1C
zbiej+#9MK^``X^Y_f?iL^o?h8LhY*WLh5bx%6fdV>S^N=>ovOk99^Fa-@k}yd%1D%
zP4)+vw##Xlr#-2*^y44_Eiec+ywH81GnY5i=m?j6TJD<t$%p7c;-=+e{Yy%|Mn`sA
zm@lRFG#vx^YzC<|98!qa-uAT*!rR6OB?>Ox>8&r)9L?@pm99G%i*OgwGurb6Dgu&E
z-O$}2H}i~wmnVTYDeZ2c4uh(qx8qYT_3;IWnlx7D8b>wKz0n}2)~X`GkX_!Q_>x({
zsk{OnFNCM4>ruPBW{@v>XxWpU=QsLXRyk==d`yz9a*2u2ILH<?xNpCzBFQ)iyuQ4e
zQ8dV(wyMiax9#jdyEc)P7$J?!m#)ViT_l?MqBjorHq_-DpJrwgOHp|q-T2s`@gH1L
zg$w_vGl7kLC=<C?v7(GUwAevc^u&6Tyk;=(-Pu^zErdeo39dq3d1UonMnY>zWzRMB
z(Y4T18*uc=An~%a<~$FWK{PQ7^Tz2k%BO_GkCaupXqgahg=M4<NV&@hJk!bQvwoq_
zfd}kyktqM65s)Ap1X9bFJDw2;6#NjRFrIeed6~AtDzN-ku^O6$CnhxPL;Nw=JK<}S
zYDw9uSKgxPvpx7kKoa%-v4a-9PLb9+jhA1a;E%S7%`5jD*Ry!pb8Y`vFv>?;tS}zD
zsDPGSm&AS4*#qmAoW+63dzZjQ3b!1;yIR|VMkIE9U*9JB><bI8a#1I)78e<Mb9RU0
z5GkoMEn#oG-h=dQ1O8Ov{ev$96E#oZTK!u?g!en-(sQPrIe}Q}bDhyar7KXn4p-}3
zAIPR9v$ma3>p)ZXmiW%tv26kJ$pZd`4jdExmBt0~gEi;wIi`dBa>Sc^nvQLc=`X>I
z0OVy+O;7HQXJP1{EL7ca01x#W0+UzqV_xM@Bw2Ztc74@Gn%!(B?S{EW=&!&;_wr|s
zzJG3^GXfHRPiRGLzV_^oKtUQt-qZGuPwSt9ywS@5SFFJDC{<lYvu@|`!JK@q>*#;D
z<|-4`{@!wN^FIZg^m07MtnAAB)}5B3TkYD!suOb8IL9;bewDwv-pxb4Yb05p=+Xof
z9A#jM&5J%u%D5gqct-<CN`Wlry%4(4J0}$3F*3lhn1OM_UVNFoXL`%ia|O8q*9BP}
zc&K4}da6?51XhGImmg;4mhsMXB|KocDzucEfl*Avy}unEop?>zsD1FIVr#r$C8=`2
zZz#+B23%A(cW21@v+H_?!jf$(6Q5o<m(NOFxn#MtedG=`v{@tHw(RrUH0d%`y?fAU
z!|m}0WbN#g?$%{B?4*UCU%25<?}$cmMI9}x`;45#ni|Zz7i$UEcMEUv*?mPd{QN19
zn~zUODSr4T>-t?O7MeQUw*aZOn8U{K`#pweUu3xta>on}!mM7bL8}#pMs(Jsmtl49
znD02ZGB5O@F34;h4UC8yLaj?=FS;Q4JX7d+U~{ux(m{`7xmfoNgj8!bK^>uecb~jU
zTeZbS4CKqd=N{<o3KsHp>dWKgn&?mw>^?!2cg-E!fCP!w>V=0E)-yhI7XHvy#@}%Z
zrzga@aTgUR47fQI04c~1J>|$k&!u45e5K)$U&J1Nn>OXGj%_ew-;uFvss8GNLmJD5
z7H-hR=M1$(w7|KIa`hK!n{?NtlM>|}Uhd!zmuAfdwHqx?B?%pcMjA|5J?VysmGvHj
z2Xxd2K!&~AwVlCtV7BEq_g1WFjdo9b`lczA#ki~ZKJ2~Sl}zjFI&r61mmqpF30f6Q
z1dqX5%eoynRma;NBZpIRZCeV%Td+*7ObhBZ+}`ttbiRW^-qjuFdO;@o$_S$L^9n#6
zZ=Z|iNFWU|C&ouK$1IZWl_*Sb8)N%?1yO$(cKPk~Vh`<puyTc5LPIeZwr&d{<DBDW
zk6{ekU;x~c-=WzRWFiwsdU8m`2w|bC3~6HOxiYQ2-d*x5T<62l+I``MdxB{$gXiD_
z)1<=qq->kI8<)~BCH;!(LOwj5gM*;<LC1&>ci`3H(IPCUh+un>;ru}3I*wm8JM5_I
zUYiEST^n=WKND<W2!9yKDP=730aQ&~1_D}DLV=X;e=YKIj$41bs!=`axv(s35x4JU
zZ*A(9q6kaap|K{wz^jSAf}PlFvMR6<v(-}4M#J|Rc(6-IdC^0xh!+=qhW<=a$r-4&
z4K#^!xNoCb@7|LY`|@bct<G~piQJ*mOb6`>Ax&j0cN)%x>Plxn@fXap>0T=af5r}E
zV)gk`W}Y(jFLw5MRvvI}c+imuRXQU58r@Qu3!ZFqDCA+xy7HyO4CfxHzWfMcz2`{L
zdHKDIG`+Q@U7>j@i=?lf*(6fyoVt%j;dPHF=R?52M*?y}0n>-BltNf#PrN#`{`3-`
z5}x2a*LLPvoKY)z+b*x)Db!H37a4m`to*pb+wse;wGW(Hif#x&tFNfB5LO5Z_bz&3
zqmkSYyTfy+_Xd^zSo)C?Y%i#bIdX$4;r&C;G@B=|jhoVzmIS-S)3XsZ7B81^xM&z<
zSsr{K<M1Vr1&#L~^QNZNFlJ9--(=)rzL^!Bm6a`?w-+6|2~r@%(U<H>us9cctwoC_
zpr4fCPbxuCQg~hTfVX#OMg7%G$3|69cC%I;KS3&bdCC=ohe%b0?gQES4jTKL7F`9B
z@C?St|M}JRK{mLpK0Om7au$VQ+%(3HD>$leGsF!KzDy6lnizL%AvPAh3-8!$P_&x5
zrErfCp>H#nejAZi6H*(i86m`~U0TSqZe01&lVE;9g?g{6^<ERTP3<GCcmmqrBN2!8
zEg61$=)|UhTy~z8$};B$I#|#3p%5LI);$!~6`IT8nH?<iVs&;yaD-*prl$UoXKpzG
z>ahM&t}C^!9Q&k;$K6dwh5L;Kn(BcBLa-e*N*yf8ZMDqY(ORZ3R2`k9vm(@ps^OeL
z76g1b>v6tc?y1UMT)i=@f431|@%kG9&mR|Ua+Q}80bZ~$XfcLOa)b_4TbRGJN;?uG
z=WL&1dP<>M<EZt^t4~=khbI}gLi9X6GY)qZnqlKptx9Qp7XgHa870TLq_xFHXm~21
zTdF`c3KI1YV5$78>$@L~K7x$tj~%&%-|uC1idzRs42x(q!j!7SYBOQ$&Wrha3#hP<
zxfNPW?A!kMOy=6F%bWJgm)Gp@PA(4YW8>G__U4{l;2EJ^xE|VjTi53DBZWrN4tG@x
z`6z&bmUC_e9M-YrrLCDa^wIp(u+m27w6`y##xLz1k3a|u-l{i_l?B+_A(ynj<vK1-
zrkQCiI&Pyuc_*6*(<1375QS)0ORR2*+JHuRL;hxe3xAiELg?6Wu6Lt3*o09Wjupfi
z!g)$`qk6JOiW4%?dGZcyt99&%uj`+cF!S{m1o0qIUE#5hF1!R~R?s%t!h+U_UAHjn
zy4RBGer~*YgvDdrQsO;IRJ=9}q1ZM|nELBpj^GG2;x*qCc0rEOz|s6#3Z%d5F`Kr;
z+o*^}TC|5iZ+Lz|%@~dwE2ugY^)Og1^$A^CtIwj<0qS}aJ25G5-{*57B?R``bZ;<W
z95u<w@sX~p;kuHBsR$a)YKq=A{%Gt^n*m0dO}$+#@#|?B#U`SUL@2z|<5)HRL}>rL
z!t<9ul;jR7RC@X4cyUC5I=HZ<ZsRmD53|9dS~x{%8!Q*fWHsyOmP+hI^PW&TYAuNX
zVFPL03$4T&Xq4r{V~nwv8M>P4N9~%`1r3HZ<B78J#Sv?VRrk_-IAFqxKaPo&+_PcV
zdC>z8UY$>DW|I;OaZM?aW=^>(Qr4T68<N~^tl}p~Ov)O#aO1pr*Ev?WJ00<W0nozp
zuE`rk%WM*3P;hvu=Oma1e=EX}&nw%ZdA}4Af(tsOuN36jaqE5|%c71Fs9JRVVT}mJ
zL3*~%zO{i({+rc}7U-2;T5clAWq%xA&8(gRaq<fc@&_^relydcM|dG$uWRQ+-$k1J
zCwRO@OPfZ-v%CeleeS)t@Qy+EM>kKr!qRPg>(clrixF#cnU7`zj{iV_AQQUVuptm1
z<y>ctHyE)FyYomqbu`&bQcw!G3z)F5X0v_VNf1CY%R>uOS{AjlhYqB}-=8^52jjfQ
z9(p2!NiV^`^zELU&{D`@4LlTiUesc@jTVOaMQI%`PP05%P+w~!6)f1)Xp<!WrLc0>
z1*|5#>y~ZYZeG>{2X<GF#)i`Y_0KgLTf%Uy3rgY>A3VDndL5WjX-BsfoLZ%6v_LT9
z9rGf%??RU#DlgG=;~kD|^7Xd)>rM;NoLY#@e)p$rOafy(FaS+raG*ZNcWh)Z;{2jG
zuEw(h20|xqPF|pDJex<I7W%X;pM6KS6Hs)^%*%~q+3=fS(sA+PVe;B?>w41_&$~A2
zSxdVscU<4b=Hk_$l__S&rH6!h@8l(1-hc9~mCpX5x)Uv{H7B&?`_BtFJ$ZjwOWOX9
z5vWA0;=0tbng(bY#C7L+K^5dxf#olfj1>w3;YRNl9N~&9U#h*eFT^GP=}MoRQ0y6=
z`r0eY!oAniD7+Wjyv~sBUJvZpZuDV%k?fn?31$TQuw4hcVw|eV?u64x+4uIfFLaRX
zA*svnO0Vcx9#hqlq0WOpWR=@Y731j`9OcXM>Sd7kTj4RRMZux*gQvJ<_c&TJETdw?
zMqI4%G`K2yck75icM?)pL#dwr6uf+0_Mmr!X}S1G@3-O}V>i+?6zT=)UY1yv?kh}d
z8gbTTQxH#2qyInl-YPE2u<Zkc5hN5OMMP3ULXhqd5Kvkg29OfzMx;}uK@g<7yN4b`
zK%@kuYZ$tR9zxig_x-;8?e5X;`5t)Wa6iv;-B-u|k|@Qjs+(;)TcG;HN4+G3S+MBX
z?K>Kn{!(Y>DZvN4e*$j!seCl`19b3@q%Vx)^1J_jRh4o|_Fmh3!LVoruWO<a_sk1w
zvNFp>KDUE1$;2zr*#`_aCOgMx8A-*;R$?+&`c56&$xVrle{UYE|Kx<{Q|Mn%McclP
z_>(Q;X`=eoCkv*;gW{u7aoQ~FB6Aoz)O1LGb$duJlebIp$&YUXKbG648Ikv%J0_A`
z^qq(<D*UGSr0ej&-PE;x<%?4vPqK9w3phk<**pf$@~%ILOCAiYKB3Zg+Pwd!JC*mz
zST#k@ZCr@l*tZaIt}=6(gZM49ekw30UTiK(6oMS->~&XB8g%-xl&WvkZmG19;xpPP
zs7CXe_1v$u`jTpwZtb!@^s3%^oGeKNlVBtU$<yhtG3CP`aLmfN>{5h$F5#Q(=+1!T
zA%$V3%FIC|H9BDyM#X69dugKBzLW3eUvIE%<e)*Ma{xw2kw6At|H0jwumY@97}i`V
zDWSDJRv3dE#ja3qZGz)*as&2>>_1rUZTZP?mI6B2jTW=c(8}EFQ!YogZ6(-$>g4F-
zHHPI=c$0Q|t`<*w>L`=G!*V21C2u*I6Eg}9x~a<=2mf(c?*Y2FcEqGrIf8l4f`ta;
zC|*kS8L?vP!CB>GK9l2{?yITyZ{!^WJN#7m{t=42<UW-Ef<N8;9F?qr-l-j)p;eck
zVSo?TUYSM|XjOiHa8mM+FGm8ZPoN`%w&?YHc9m;&HM;W`rps5jF-1lMI~o!_m~$D<
zf44F~^VTVO`dayT=h%yqdPx@<h4g)U<}6PZ@rcjjp4{L9O*$rh^u&JF(?{d41Mz-7
zN4c#24grJYEK^GRZi}0%1nASoU+1TC11|aP1rGTVGw-!eDK527cgr0Amg{5Wij*38
z)uqMzv?6)9f08GKEp2@>B2OCmG-Ka-e)b#t89oZ$^Z5Maq9S_8pGbcD;~(P4Eyhle
z#38*eG_j}J<frvVgB4j$?s+}C`F_;n+F<EHeRIcgm{~f_#L>T~N8FIx!B(>;jEqlY
zl5?MSTbRO{>vg&<ti?&$7JlfR{5Z)UbTF@)aNiK&FsNOOd%b!42yQo|E40U4_Hi0n
zBitC~NN+t^k$zW0nU<8bs*<*S2{-6G-_2*)6tVR(hboh%Ran$x0h!wPZTz!AC^e#v
zP6sNoLkFKjvvH=cZ>`agClw#56nR9L6KB2%y@)cu6444%=?IDwi-QfPNB95KOPR@7
zeuysSm*kcAGr7<{A}Lji68=1R-CtX{!KMA;;~ZVXzVOOyaEmk7dyZ*p_oo$y4<wL(
z<^H!9V7bRf7U$xJb4Kx)ICv)W*7Y?Rc&0kcqc&W@aZ&HxGV_$$X34<j18<%-pEHwz
z8#~p%?3WkRO7r#Eu)1C&$RbT)9?kgfpkL5h*YLhE9`D0Tf!+(9uB9Ys?c)$-8s8Iq
zdEccF9^dJif6O<&Jzov=jP0+-KMp9%#-_bm&_r<;rMO_(x9kesr<Is%A{>uj#v)6K
ze(L5E8s7i6>6s?rR{Otp7M+W1ECzK{o+qLkjQ=(+-a==V$s6I78ij-pIdtDS@KIYt
zV7%fN#KLZXr**tLKb+WV|5mu)(LAi>$=<Qx_e}z7<X81XA)5Op?oGp5PSD%i$WiQL
zcm9!5+e9vMw7plR+W_{&>#_|;k|*Vf&p*N*MT2#g6sb9gam<@EH)27I14U-tdyU1R
z>x0Hky?K*pokf!-rNp6?rwTW7GS_XJ#T<otM4dD)`pcm+D}1>+A>T_*g%lOrLKuJ?
zp3bO2Mf%4|+gLewKS@Aa4_-HrS`~M4gf%1-_~PuIYslw+21!b5Sm+b}IWy^&meZyS
z)ocgtZNJmiF_-#ImW_MguY6i!1ZD8N+fm_7(bhvmj?HZT!NI(~)t>6$Y+gf84QN4+
zhRRO^jzpJzDwmsGfq#TEOshLiD!uu&6HSGUFzogcH=*qTqkY>Sm-jx(wFT1t#^1hI
zYH*bMr~cDHQ4|3aN|c}Nvr&0W8UK?L43SPENBvlK&h)k_5HB4nB`pB%I7k>fc>nR?
z2)_62>D&Le)4dA5QYP|I)d{T3TI^OJF5?vv;FkKsd3&q8cbf0L&*tKw5TcL73s?Mj
z$)Y~N%1Qc4z`H}GH+5c5mK}8>`XQ;TwigiSAOYUk%gQSM%5y9u6-y$(F}HkPGcylE
zY5AolIlOI11KK<(7}lWVl>Fg`{AuPFk6O`)57_O1j$hqQg@6N=;dIYi3%d$uW=Op(
zyleDbcFHVPyV0>pZ)vfxoYUqLaPKZ0Z42>8o<njX)`jo(zqN}sX*4UpOO}lOiIcP3
zle{tM7H)B99p8V)SaKnzg@t^G_S8hCZQoU12vm1zD2#$zs&t%KY(K$1S;4~W&L<`F
z@p;CXZnk-nL6#I(>926`a7w1IryHK6B0P^~TngEo{c+9gq6GA;ve7@`SD@~|`jzl_
z3}`yxH_*H8n+@dN?SyHS*g6rJ{$pC0jEu;$u<;<|sBq%u1bEMLng}w7PL4O`c2{a#
zb2U4E_TL>=5*IG>obxISeYySIZO0+?Y_<vAr!Zy2ScR^wbF}W-@ydU6%167~S4*}R
zXXT9FuLiF+z>w(ozC?-P@gjRyYP6$rM^G3YZL=yku4#hBp$>-ad#E(H6Q^5yeX%s;
z7sgl;9=%GSJ&JdhQ#Np#;!-<Ck?6vaz60De#=+xlMW<wF=5&~#;4MoqpNXgg;d~z8
z5To%U2HDU5tS8-wNudsIx%bqCZXEeEs|4fVK=JQ%c)x6%a*Qu|Qr}5@y2riu>N$rf
z;fITgUCmcZDZV)IUg^&OCqx?{O4<Cy|HMUyC#?4#nSHwd{X@VaFo7>_)CUcLsu)7c
z08=l20uF}V_hXt0YlPG2mVA0YjE~1U-TM9rvyQTPp_M=aI<}w1Fc<Yd7a3`=>s|dC
zA=))_uMN=VpawZg8NJml50pY0yi${g3)WfxahoJM%nScwJoSO;?4Hc`n^_~{z5!fh
z2Jct6PH;;c81YhU{lWEhVYy54Ze;#jDKU0*+!irux;2KV3#PCkxs>z|$_{Y)()SAR
zkoaw3(SwKm(n<4rKM!-*f$-#S&)tfqOJY-L;eSPQT}`w!r0gMl<_OwUHD*eTE_)1z
zD%gAAPtN@141Bq(IL$57D@*rZOYyOf_5XIOYXSk4i=8XRPgQy?4lQHTh=FP7;~t~R
zMXA&EJ3TjOkwga1POt{r4@Tsg_O+VCM9CqJ4j7GhI<*oM$~{B83+_rB(T*covbf67
zl*}bK-4;2&nmdfUEe?IiSQmDHBOaE>HK5;i?w>4GDA%p@SUK<EE<O;ur^Lzw>*0!C
zP$tx_)0-J}Z*hTF5*=APd=+aSt)XPy_;)F0KrGSwnBOZ@ufB0iXd;hh75+ql-x9Zo
z&7b!P>39T^N8NmWz7om9e~m}s5QpVk6jklcwk!J-sD<w-HbJ>;oV(RA|HBL;Pb^r@
z<~t-SasU=XDOtetuW(v^%NB5SZQQRdgHLB89=!a$w??!A=9*DF>8S~wIr9L9lo8dH
zk5<}Jr-8aX7|$U_Ur^WWD^e#vh5!K)XL}vF3_O$Qml_SS<H9<Bz3MsRmetLl1q^ek
z-pGG<$9dak+>-a!D-F0DSN|86Lqxar70Kq{-SWXVgLqG(yn4R#(w4mXebYEJw*Su6
z_wPtCJt$Q@-fNIs?dL~-jrx#!BR3}%;PCN|T@`nI@-uzaDanP+5)2ZO(`k9HJS304
z>82O(YfjqlMG6+=yW1Iw<(U-Db+Fa>KXBpH&`KrLr#i4|@Ws*aQx>95D$Z0l<@f?9
zqc3mzq|4~3oj^EPn}e)z8Y{c;lNaHdTK6vN`$k&-^S`>BbeRQ&q_E~{%WjLUHj<r>
zu?!tngVHa@>~hG_WT$11dc{8s{ChBYEc*RoJK!OBz~1+7N7}$cOBZ}CenI+<+`mC)
zVs^nb71wi4iLX}2bb;(UuGd(#s*g#2(j-~Z=4z#GxfZnN&CvAGtw*nP2CT-Z*t1)O
z@FoVi_2Z;VFmK@V>-qj%&+b1|@o(Sj-X$n2!Ps0^>bAHz=g^M;ejJJ7+(CHb&uZny
z407<t4;$e+S{Png%i?T_gFXk*eMdM(T5RlXy<yjX<()xwExt?7Df!7zGEX>?M?#ft
z0l8dQ+jbjBRLV2;wY)Q(pQ9)ZnNcERZ~B{A2vf><K$g^JmcI8CxbSCL$mhPFw>qhS
zb2#>E_`tq7>U|0LDM2|p#_iU^%3euS&jL-%S$r%C;uMKY)`hwCcyoglS19xBwRsc;
zc)9v$^QPZ|Dm(&IRvLEBKEFrO9<GG<uUx1B)wt02SlKC=V{{}c*CQfYr+|9b75e@$
zt&N1!y(=Z`<+V@M2|Bac+a&LE1jd=~+x?0@3Hj!|rV>*Gb4~fMbqS360!}uET5HpP
zZJt$36;`{rN`+{+Lk_jjr+X8&5{U11<ce#r_WcEyL?)U<@D-)BFnN|C>d^O}Y0LGV
zanA3mcBi)di+{EaZsJ$ZbCec2oaO^H6Qqw3gig$MQB06iK*U|AQFTxVJs<_#w5|U7
zN=5Af1A-42w=voAOx&L!^rMuNIRTZ@cQHWsiK~db!6JDB{}1Qlxh095;ewyuj^h`Q
zV**Q3&P*Fp{U5{hC9r{zJb(!6mL`gZ)(k|FAhx}_KOTfDqzvDLxz0#59s?qN?3XnU
z#m(cz1dLRBX6{u$q6U3mV##0W%A5tOTNlUk_DXXF1&sv%5(pz%r3gj9ckt3?KMLYy
z>9T<(I7R*cU-tjs*{vS^f6I-<;r(Y6dq3}uHJF^N-6;ZQzq$Tdv_O5tuYHEtM8Hy3
zn*x;SOIT^q{Yu>++!)q;0jhkA@lqmwCU%QHxVdXP@Kl$Epd0F`XUDguRV6AsM>l(}
z?`KK1EFC8#ydQ?zG$&TT4RDR_55~Z&cl1C51h2j)YGxq$_2e}jbty!a<TRi*57yDH
z&W-1TEj2@=1}%sxH7^2^U<NJtA?{QO93UySxdQH2bYcOrJxpT`FjGmZ&Y>*!(>QOl
z|4q{H6Ql5f`00q1e+rk{x(%pLiWpB+60jMF6zGVZUYkhTUI;whNw-#--<)ZM1-ENR
zjmMPYJ>xXorJ-bjP`;vjj@>SBXz`c7s1M^du!xstApRloXOrXt|BfJ##I3t?QIq+T
zcFrQ4yx%NAnnQ0~gkkm4`l)e&QO?5mr1-$JpJ`wE&)LsRry|P{9r5GOj`iFM7x1vZ
z^5^vs2gCw$O7Mj%Vuz*T0;6J|k{aJ|YgG7{b&cbKeGtMkzmh)06y3-YIgU|ivjzLm
zY2aT~3`T$bqx!SEK*Ekx4Z0?q53BRp+<;?|ID$%+V~W$qUHyQ{C~v1rZR$K?%tlS@
z4RPQ2T;bD$W`Fk3JC$tY4uT@aSf(HVyC1FWL^-ya7ypC-kqC4BAcD8eY#*@is^u@c
za>>>qXfhci;?5eNi~O2u$%-oPscQ^pI$HU@bSfTNWjlCX)%!ETd~hvj?UkPPwwo26
zt2LBk!QQPMH!lrj*j71XF&Pk)w_Zdc%{NBrDI8CA=|$ej`gNAaicojYPj}k?Jr`YU
z2XU5C2-Qu`@Tau#Kx$GhZ|$v5CKnTB_FLM|{ngX^duGdrC;}3|rxwg%^GIQd$<VEW
zPNnnqnHMX`+oE>NTi|_lgMYG~RsQbme-6o%d+vjrsyoQPKllVNo2~KP1rK&k-gObx
z#$-U_O##1_Q=k*g$|vIRO=xjnQGMPqViw^X!7?RYS+Wfm;G~S1d@yX3Y`GX2<EeFT
z?a^n|nX7FCj%a~yHnhlyUUI@#*nd2gP%g^;+QBQjXzpmu&Z2%v!1}8Qz0vIh1H=10
zDw)&w$$-KiWo?<8Pz8*Uh-dZGnB%Xj3Nxv~3B^MVQ<yY`joC>F5RMdQ&ufQ53-U5b
zMfcS9e@9!n)bgLuBP3%7DuC}l7Xp)qWYeG>AyIIH%Go%SM5{K#C*|5ToAj5Plch>Z
zA+BCW#sknAQD#|X8?ql+rEdZlB%u-OJsD=Ljy{{;cg9{b5U~U6;^7?LuUpBHPVpc>
zv)4kbf#qlp1T}S9n00Yn$$R6vModI@(24Dq$56YNhTGIud~?#U(@ahMrLr;E)j0b~
z|AAf^L#EH5U*6lgwM`FVM{*!trE~OVvUIt((v|C@nG@wr=_79C%t=qA46WI*05&|Q
zAuY!X<hk@%g~?9a7N$L9DF=<p75&+LY{{<eLMvie4K3v=@r6hIas+f)zDR`w0o2&R
zAmD<~FvM!!vNBC`4c~YXu8<))-D7&<?*f*SjyFm3YI8@MPymP(?ltDO{q<dwVgral
zQ#($Y>&*XTFBrpkH~JgUKiH#-nIV0E*$0@*VM-HPg-#5_jv|~-qmn8zd%-IgPh>}V
zZ+a&G+LI;yA{RSb&6EP$IT->4AkmqgG!GjK2~9%D?MYtc!Z8$qUa{B&X^>hzSJ1cR
zT)Xtg<aZn%{gtKD17bX#2ZFZdEj|@S2naRu4n|Lo0CD+9!A*Vmu&K*MtguR<UHj6;
z>`n4P<@e<qQ#QX2b%e`mMzwLVrV$y}#_X5=Wy{kNe;{HsOKWP<47%+dNfpF{{O92G
zIP7*1?gCXKuVeu&AiV_r8Fnj*g^Dr_%<)nsC6E{SpPeX`b3aIWPc2XuY7STm%+|=h
zf2Zv2d-@~NPPgH`arBS}wCHQf+y|;+{TT6n;4{bq4`Seb9xT$kZR5)dk%AVK+0uO|
zilh<VXh1GSb)M#u;z<&qfVI=Zq-f^sCZ4jkVqkIZ{Csb)diMASdrKY|_W@Tmzd=6D
z2uXeo{7Q#2^)R3=*Rb>Sn&SQEVNduzMNA(*R#wc1@6WUfHS<fdJ$7*`!-akJM~?DW
z#L_dw9$<ZCM%Bl0EmtxrzaWID=wMf|GeQ;>O)T+?LBH*~Wq51~E@Ke*J&gs(VW^1w
zrUdlO=hbeiOakHIyfyXAuXTy_eugumD)wKy`nH0ccfem4-Y7satt7qK;L0#N>rgHm
zO1p5v-3Y$+bm5Ih#8n{AWfl5$|510okG2Sp#O;lFPr%N0z=`R_R!=jj--z_|W4%2H
zA>U~ubN43N3r#yg%@X$cT1{k~<}-v}!MSC$MyjKiQ(g3$WR$T;ltBeRS=T9fqg46d
zEK_Vatj;DiHCizo2&#l&6SM&qC&g9*`FUX!?g+^|IZlqY<X`LOb&yDT_*&t(xeiN&
zpYx$|l8E+y)N&mciad$i&{Tx=E~NNN|Dyq=b5@{5MgJqHtG<btG*92LaGLpWy%Gu-
zE_4GTBxu2@H{=XttcWacqHUG10*%xDFOll-T(zht$>xB`z?vb}9<b5o8uv6iWK;3>
zuGVkwDt{lFp?@siKOLqN3}<<cf0}P|+Eo%j8~qN9D<r~cMO>c&*te7n!rxM*0K_r^
z6xnjk`@R<GRx^}n76)37mw?_jd`h9&sRF=AQK>`W=|J_nyKnlwe~Sf7Xa1!H!zC$j
zXiG5MgJsL|ZPMqIC?epN&##)bjzI4b^{;pq)f~gzYdaDl4-}pI-dq^KTr;`F72U4v
zr~(L(WUOzoPPQlIbLFB22&6>#!Ie3HY*_7^wYczp^HKLnT@W!SjEmI84I2_B@q@~#
ze5}0Lr#x8QMYsjI<TpsB)+d<LN6_OW<cN^sQ*gBn$1T&XhP2X9aOnEKA56&xZClUO
zvZTVx!t8Yciy48KJ#Ef40XeF?pb+`|_Vo8acQZ;~K(R0iLxK$plnPDosa=+K8#M8*
zw#W~YAEQGKsd*sA&)aYvE&M>si*Bn2H-G~T{Y*gB><di7FV446x%Vq;Psx((PgT4d
zn4pN>8tGrG;8^eI@#)Q1bl<cv6U(O^WUql~b(SjqD2<827Pz(p##LBg@UAHH<3lA<
z<Y(y3>8^uUCyU>8xo+p&_rJMM*q(f&@;ck=2CYB2lybezUodnCCDDjG@wtoDX7Utz
z?s=@hA~A<6>KK<eQ5C`>sj|04KqMnyf**?;pc>vc^Xm-2)-5L)`#PmBo5wngw*WBL
z+xEt2@l)M24`f)8UM(}|m{|HG7Kh{^QmcB~(D?>>D4!vCM>`__{(HuCEcSS-)w8|n
zT6v@d37qfz3KVm=&o3GmeZ6K@*LuTsohaFb(~~$LMv?vI)yk(rw-k+eG3N7hac{mQ
zewQ@LG9E+6X%k?b2%4U3jq5f!GbM891;(q0;DJ6N3G2T_CbfkFq8x9bcT*3Frf0c7
z{7$SwijzYYODYGydD%bG=zjvq^gaxm{xaL<^-=YUcelkFv?W=Lw6fcx;DTofl8G?Y
z>sHmu;MyJkoPFFj$9e&pp{NEj#HsQXlLVUDH`NNb$j3zjKP7V&Bl}CHbUWJL7N==h
zH|$Da6&&k6pW;3+5-$~`9(XgW&e5Yd_HSK7=@wBH2Ku3(mSsquS*CEsNy7|0{$C*N
zrxwe)BL)PlP(Kt1z@IJ}8c)!f`JKliyzj^&OhT|xSNrtGV6O`FuBc?9t}>a9{X**B
z+}7g6T;=+(oSkUj<cG0b#uAgOE9{&xtrDRB=}WS??$S4y(%pW|NMfL#ZR!LLr<wAX
z(-^A&wreDnAfaWN(_PM%9Uhhz_d2e^5LvMvr!kvZ`t6u0S1Q%ak&J%jdR{LrsW`}=
zf|(CX`I`rG`#*V7>`N+gVFRDISvkk}V8|B+PLw#UWSJ>^0mGkw3me|HJF*0TW<w^8
zya)hT=*RM3suuOp?~-1X?N>T(k)-}@6H}>(1$~^tRJ1-~l#>7Iuu>b*Z$tl%hD!C3
zymFke;{UUiqp03tG+*_(HoO;9ak<~YF(&`^=|I<9lgYtkXL3wf{DKy=K=s*Lm8Mg2
zL3G3@P{RM?le~Gb=_rq@w(@{V;6Bg_Za&S?q@>XToIz2Pk4jahEDB=+biPT?ioAN^
zh%(a!n2!~01tgCJI3h;n3w!(Hb_Pb+d#_rYxYmZ|{khF_a^DZmz*;WnO$x8~TK021
z4v-%}|A`#K?_k&y@%Mb7e>4Zl6IH3!ZSh!?3x5nG3aiC_{FQ5eCYC2d{S@w+PA~I0
z3%~?hRUZgsg!Pgnb@m*^jC<@<dsWmICn9~<hgLmy)c3WeYx+41qqmR#kdU!yJ}>)a
zIXwX2d6z(g+Q6?8kxiPUvG+<{6vnOjFr}odT9ZQL=-oU%aYiPHG1d9#v2`CtZPP&_
zxoETd?pDb(EMH%qF2TH~r2dn`X<Frro$kUH_O^F)&J}uos%CZZA34sJ&vzAUJDM4T
zKD|Gn!xxPcS&P%n1e$Q0-L^;m?G1(Z3stfTX6&87Tys^^s#xs<Xl?2V?N(fV_-s9W
z2!T?!BE#9CS}cpj-^3&2%bX}9EqP4G{f-vywC(jaMV%o=6{DlN+eCW1u?oCl_{Kw=
zU*s=NA6Vs|$PI?lcs^U@1vwQ5cO7WKm9x@!Orx0o-~eT(ULfWkJ0JVyB-*HXX}Ag&
zn}Gf38qHTUtPkI>i*=k~FAE$8g~Gy?!L8w$)?Qs(uTP?_{LR_Ud!%xrZq&SIjmvH>
z+y`xVCQ%!U9g=&XyDgz`l$Fybbsm%eBa+P{%Ya0zuEfN>4H(`m@O+xN5S@G#!8!i)
z&_dVe;`k-#TUE=E4bx0D>-lH^_*P99+Xk`nT(|bz-)w*_aUf!$TrtZkN?K0#2>>Cb
z;A<gT^!BMXGb?)fk+{h36o5UOS?lJ0FVLvB*1E-(X5}|>0!;&(*x!G4k|(_mPS48*
z1rQZYY=v<-iFUD2t`YSkngDLI9z=qMO5aqth{{h3o=W^1-2}KQ^Z81Qg}lN*x+ujQ
znO_%yAmbt&E4m1#L<e=FroiOtwSXd^-p+H7#W4Br#Z$iu8_k;0B}#!-N@M515b~%<
z>29QbQ7oK);dN?z#0j}6WcE&RMj>9J7PaHyA5&UeE^41L!iYg%_M$wfY|mSGr%gQL
zT*fLIBb9^qJ0-s;V%?h}hh*OW+7=hHiD3;|RK`0&J-v&7>U;ycQG46*5Wfj@LOBkL
zpM4iuUrNDhkN-PAnM6%rZ8s}`B1oAd%KTjb8z`uRDXo6{j;?Ndk`z{$nnHX_0_|;u
zH93hJ@~*#GlSRdha0+8_fYe&R*-n)*#_pxklds{eo8pQ>bOLK1gVnB~HdaL|Djlfm
z=6SkfWu%e>4hA$@JxLn4J+^NpZJ_%0SgO>rC~uY7^6SwE3<ne}1++4Awft}dHkh56
z{2i7c$4pc9=$mY+w)He+_h2mf?U7uZ&ktz#=HT4NdEmsDrJC3M8n+3HhAO!h6$A@O
zHAp6YwZAyoy^Cq0t{7@fec-7Jku(ZScJdX$!|Tq+@_jFBxB`-cPkG-oJ_YY!UxJUi
zZTJLe!}4glDY<r6mxLX+4F6QD_OV(Q4d}(<&kxv(R;q=@ew&PpX$7SqJy~?&67HV_
zLch=U+bkfQE&yqA9o+dftm*j2kYo<jJXsQev1@9d7b!^!2}X{V>*VhoI)kj<854?k
zyf#Hg7Ge*umy0G$&hCoQ3!^!@&bQvaLps2t|H1Y010>x1YeM|@T>OP?0_K|h4?_Yb
zdhZBkATMu5`U5N}&MTO%{X%|7O^*3L?3HV6uQFvv4aC5aQBv1p@Fwzr%V8}1wLY4$
z4hothH&ME@^6S%;^Wg<{6^sf|O7thvKUQmT?rx$4&(tv<Rnfr)GmY?9`gdzjO6%bZ
zL2xViI}g(Ep6GBKisgziqz4BB+t-8_rpSIOq%`6!Ri5j^?X0BUosZ;M5sVmfqFmL{
zoq0k7(wG|cge?#TyVj>Nq;KHLkj2e!;)31z?AoYBLrk%2akaKQ)wvjByuTdSt)4F%
zVqqtmh*CHBS7kWCI3~WCqMES=flveP3unqI3)&YaBv~HUe<oR8T`<vNHaTN9PGD%;
zV)k6)LtRK5&nTzOobThi30$Wx2iK0*6e^QvnGz$$I{d%Q`maB}!*qCw<(pmu7hbKk
z6D_^3M)%;wM{4*afmkDM5%m5$TH6Lfx~2c^1<=XBy${7zGQf5%-z2@{x>^x^ujJBe
z_97h%#AB}^nNC$Ef-g*%9Dk_8r`Ez1yDfh0(}1Y|fJ->Z^%3~&KCwtj614r{=S#aj
z^MHN13-@JSdiD@%OL$q4i`Guj6&%F`=Q8lW26zic-t6c_=#qiBgCO}-4F!6K2eE7H
z!;U8VW0{2W`5L$N<Q~f11(8RR&FwIEr!EarS91Tja$VGZu2MpM=$p6A>fv^Oz*UpW
zDe2He7`w|%?YldF&hKTp5M=t0p(iu%&#AM+>~J33Ia$2(I1wkqA<buCRU^PB)W477
z-2RQkCDl~(gAayGmv?_=NBr&wGho5d?(w6r`;kElN8W-d8eAvhPH&-XoI%iC67*?1
zgb@_BM%5`5z<nBzi;%RwopOYz)q9}GtrX4G5H93Cf2802aDbx|+Y`v~uX-P2SSH-1
zxw?yXp?a}ux>({-<i7FZ&l>5wUCyj?ZmA=)02em%h)*^HcoY}f1Jn5HC;6k`0`)un
zV1#N%9~K9DRu%&~2?D}Hz?}183H)Td_Bp$bkU?H33EF4<4(&g@G+#c)g9AABH~+8L
zBqS%Bj3AD}i|&^S7-o5`l$+|2&1Eq_f(F-=zt|W@fgBCvS_BbaY6)b@Fw7B>cA?;R
zD|sqot{PB%ms+aK=t=~w5EkEej2BuKKhNcJ2+7c05AQrpf;jMDx8Jac;$&I^JmBnR
zDMcz_w4W^w%?+V0DrUb=su%*#Jqfs24O~YUJBy*-?V=hk))8Ygd-paRN&d7wtg>}M
zJ-O;D_f{pGlE%B*z4XtH@K?QtoKhd}QX(`0R9HlPtQY{3jm7Ig?-HGKjI3%@X1Ms^
zIAY)IRXXE)0|^`5^dCT7-|8q&O;a5ybC@c>cq$f;9-@VnQ-c#_1)nDM|K06V%x?=d
zDHM8t51=EkG3ZQoK$l6;hSnE{XUV-1_Sk<qI33k3ymV$HTLL!y?r>eN801@~sKwm;
zyr;8pbZv<vh<1*2Y|w{frurv4^LaggQ9!9yE_=#6%iN1m9^Kzi{_@je)N7#t2kN$M
z|NY|bBS}mf_lpcuR9|S&VE=7XwKV7sUUL(vdO5@=u-%t}eCxD{IE$rd1~@W-N&LN8
zSaXc1^a^}BdSb*OmE@g=4iJfUtY?NqkLsU1I=c5_2fFxq6b@b7y$ql%52)@~8ThnV
zhx38ETjy1%G^6I_lCg2g%S+OL$NAp!Cn-1sXsYjH4?W&hI1B)=7XbN3@VTDFUl41z
z5OZA%D?>yS1V5=kH~Td2ev)LSC;e+YIBoj|N9_Ak3}HV`a5<)8{EuwUo<vLP9d$IV
zMRAsHr0Mf`9W~!XHP#Et0T%!Z;R+SGz+TT8`j3T}$R_uuFx0bp7k+CM0_T*StPJsQ
z<y;!MEEy2Geksr+z=6}+GO80EQ@W_lhM}{$UU8Pc>KKxCvwzz#JAE{HDS*l2v%01s
zW4!9Oiy`8@)o<3Z#b~_Q*O+*zJ@b$K46QR_;sDYa+|tv(Q%P==JL=~3yDiz?R<VhE
z3x_DPg&1|NkKMPgG3>YpyI{;Rf4Mk_=kQ+Q!|H6p&O1ex0ARMi!XLQj+Th*t4iDn8
z7u1+g+k;w$ptEhBkE#XoLs_6d@h|Z&^MFi|l5F_~s!Tj$G+%@TTQA3%R;X~g8_MR=
zdF-E!Qxe-oX^^Tqu`W)gPZi(V`8RKVWS3pdYBkvw*Ykt?(HAFK_Ig>Do5D8xILOD-
zKXrm663QnCLbb-%d!yjWndi36)t;y)-Z$aG+0H1PeXP${xZY<E;8fTJ_y=o2Zhh4D
zMi0@1xvqIF2|X4t>$l;GpvZRoI0@cJaRC&M&}PwnMg()fen<%hD>(_J$G?K@gwfXs
zc23gPz|0B?r@J%dumQ0`kmQ{QoiP>uzr+Ns<*JDs<KZ#g*N*EjR?g?5yFHdav{C87
z1K%9&FYb+hM`~<#{N`7QPQ~=ekB@bH+=v{t%EA1{%4v3YXB8GnnbNNsX@F?iR1Y)6
zTyoC*)yjBFseRxPDFkHZ+3=Bu9@NBw(j1aJozmsjnt#TLNejX9E%4Mn3cuBmi~lJJ
z63<uOc`HlzAH#Xc@H&FUhPAnX*F+aMfXryFsVD!-P*+NAN~FA8f_UDA*iEU(x9sS!
zCf~98Nmmk*a7DZ;*QnYLyQj`jxqddoXwU%AVwLm%ureC#A@;`^E&{I=gnCEAK>Lk~
zn$iu3B{%oG;FJmooP$llqmJ%`7|CvA=0mgXiRa1dCw%E6>hj;D2FI+CquS4J!#0@Z
z5_3SMHMKr#<Yk~rJmKhTg=d`PNmeA<PN~KJXELFsn9YCw+ZRV859?npXs3~37-IBP
z=%nnfP)YESTbAKR^1QH@2935qhZhIC%2@Xi$NGiH1)7gN7EP&GzEDy;=bBXHD9^CH
zw>9?SW@)G4zuPNFNxQv*tzlM(QM6*=qvrBVpsUA(!w)cO*y*IBUOIJ{Y|~s-dUbdV
z{Aqek_rm#uWP*6fJ1B!>JkaULw-8A@%s4q24?Xb8V;j;Z-;0ev#mcQ7>)J2FLVxHU
zSKH?W899rRN?v=TJ6^8Rjk6Bn!iK&7v1K(}s^thvXwlktwg32qNS@kUZZG%S15TWP
zlde22g4FBut6Id+EO#S(EYKvR;gjxklyW&OkG31pdGu$$^ZVKwVA12>8UMLGZo>>p
zuebl>WA@xNh5u}Ql9ar)d~1H-KcAvzp$nMenKZ>|UV_4WfzJo}XuXGTP}jju+<NJK
z5J_e_Jc&Mg?}iqnGYFCB-_RP;bv`V<G$%!WTsCrTwdZ7R7o<o2vHzl4i0%9Hbs++y
z+X6qU#a5v^zyAp`R+t2R6JV|nkJ$IwB+_<^=YSYi2vO9&SBkO{62!&58Q%r@qh7uk
zSK+>j*p16yT|$iqG*HjJ>P;U0X{&g6!ULV9{%Pz3g~e;)VMiJ7l5mxVRI(&uuIV~)
zkoat<xM$;WOBF559sDovWI@Zo5oDMwV4u$i_;@$U1F`fn3@YC)O+Lpw3U@N2k`>d&
z$)gA$oE+$~Yjkg{cjzI2ELt_+w*Hn#vfz4%bEd!B=#lu3X$uAu<vofV)dH^(IP2R5
zut;sh5!&*zM9_STU#D5jgu)JX-a@=w*07ACT9F$6-26X#1GD!za2@E3a~t6s22l1O
zF=6=x@Mv%RZLlT#bTVYREW&Sl6P|M6hF^6@P#|Y)*s@K!YJT^9eD?n9G=YoP`u~|P
zxT*a}t)@Yy*vM!p;Y>)vi2p^Ehs{(@Gtg9u=)UA@GE62mI!HJ!306ixnSUTdc)*H=
zniTB=BBH)PthhAZo2K&1>cyJHy#bYyjADu2r&Z$f<Bi)xbDPB#?F&^ffZ~VMj(Y2{
z$!t8grRcHwaCG6+Ob_AmdxD-Fy&w`#(RTR?G22$t8<rGSh6t^A2^(tVS|8==D9e=z
zRrOdh9WBJha%Qr~x2Y_b{kS+jrKYRmp>umC&&A3;uII6Vo%uf$@5Unn@e;Ay?+HBK
zlg4T{De~4($7+|*unNh%h<wXYe-Bd<-@B!%x|Vt=KmEf+$MdCp2^S8?O=i<qB5I#B
zfw{LGxZZse*@ZV@<3sfDmkPLC>8Zw6da78#Nf!gD76HSo?Ec@r;eyT~p>kS~lizSb
zT70n8Mq3F=jMDgF3E|?ksFN7YL>1Mo3qX8V@@F44k7rtdUZ2REZvh6xL=32My8Zcj
zU%k#os+TIQWT1|)b2nF95+85L;)VC*aPIL_u74uN45*uAJuWQYH9M+eWNpl!M4HO6
zC6PwPOWnRDF7?xT_VEs#jhQX{#o6%^(p|f2A;YtGK5twu5-$EpCziRE{U)euJ5qF|
zHy~vDXRY%_|C;t<v5a=Z^y0o|^;l5C-cKieUK1Kaw*v<9WWMl24s_&bny8|@eUWO%
z$DLOcHRc+2t9n=1<QMP6EQDa0Dv6x8|Djy?CZT{Mb%NdNRKP~LMPD-4wzc5wrr1}I
z@R5w`xK_o{PcDdYjT>xFWR%|JmKaM+E-b`HP<ePvt1Go^l1Lo~O4wrij~zBG@(F{_
zdc2|4V%q~2)pLFyQ6j@u1wXL`J-jWm$?J&dt5W;J{a$vRLQ)I%Vw+*6)q=LcS+$8M
z8`gcn%+ZB{@(+{C>1Oy>fwZc54Ds?~BPIMB(2T1D%aL{0qU+td`b)as%_aoj{0{I$
z42vF77dt&&y*xA%$>gOdrxuOiaac^_Kz)=v^wT^@4t@4-q^r*Nud7HZONSz7Y7G_O
zf)<@qp@X;DDDmvir|Hf_BtH~)=N0b0<GsDrL85A_p&Ga)FA2k_GU84PTe*E<kl>=S
zAHQepS6^KPKY>q?Y;GS^dfByeJN7=Ln0AYi*x+7ibSsX17G!>#qQSD+{7`UoX@=l~
z;&3)Mw(qLDGV6StOr7W9q${h>UAD<1R;C>tRYR#)EYW$b#(vUNpOxQo5r-5;<x2A|
z<PUO1Ww{8uu*|x!D(kZyk6do$V{qXZkrShh=pEXP*{}E(Q=!?S5C+D%<d;kNqC%JX
z6oAutS#LT0kU<v5Fv%;sT>q7%UO^y!s-C3v-EUsm1iL<2<@zSQ_}9iC1vE^!vz<8|
zFq;zu%Jn-X4fC+<d^ex}KHX+x<6n7ovD~-5IqXIIS_^S=IP|1sp)C4>t;z|ZJI*NU
z6EGcb)%6EY^SEs(!EH=LU)U=dzp3whF<-ObrZ%`LD^^_oS}Vr+%7K!)#O0pdw!|+D
zhqDNHk}Y*cbDZlC5hkIuv`60`?w^dR#6(7(_#MSV&+mDw=wX(X$$BuMh#fMmhH2S8
zOZ1kk)?JRcYkK^itvl(acV+flD&j_Wv>s8WKUWiabzkB=b+%~g<$WEy5K~lF8zvXY
zww!XIb<CV}sLg_`f#(AaNs5$n8uAR0M1i)$2C!M~bT?aTtV65A!k{Dk_ld{XQ?WmZ
zgp<v}A>wSO*O^IJ8b+387JxOV=+%{-{=dn+5#E(F?RDy*_hmkQvatK^Ny7CXOmfwm
zZB#KEAuT(4%HIpI))JpB>}mMC`8#(!3EJ}LVOF}Tn5va(W?l~ILe9Npp0P>?pDgX8
z>OOblT%54cg8aFN^^yGhl&{MXf|ZKBY)0}_I8i!w$Yw~UlDdiTt3{vqn(Nd4MRv5+
zsM=6wl3Ft6a53yUck)_s+J)Zbp@@2WxPJHI)uDojvkx`<*!xX=V)V$;@=rx}fUZ^9
zQP3C9G6vF^n_$AWW`*6k`Vx1gKPd)m#8WKSug?+PgLNff`jP?B(BP!|MlCJnu}M@l
zkU}1CGaL+VioR7bdPg;Bv>>-!+_-S`PRpnk#ZW2vab%18qv+1w7vV9~IRf1kUYBO%
zd-3`Y)8A0jW*y_4j-;?2X?;#V<f_x6bk<fiD5{X5qB8O`4ns3&^r&^lFh8UB<COne
zvp#%Dqvds%t={2HVT6(L_Tq(9+kFr9D+UykLGQPPu_hPG3sATy1|##XU}RVwRPS0H
zxi`lk5CC0~4JLxVf|`{a*jiQ)_f-C|eN+&f!U&&>K(tJbJS6F{aw4|IE!$0txPmcq
zJsYDBr2^v&iS098f@9~l!U<D^`T3CpIW7%S#N;<L8Lx0sZSM`HDCndME88&pDC<1f
zjxT}tT8nG%5}UdRs7m~<^`N0{-Bg*GaLWqs;9A^u643x^sXe=$<Z|74HQVi1POY6r
zI7Ku`u2FXD(R$I}G#vZ3$v`S*-(q8|_IY-%G>_z8_!2+=flQ{=#qnmCXehJ~KLBK<
zztmXtzt>%HAwvJ?PvB&1HGjow5J_w_19{pn#{oVecT^owDC!+s($H*ZF?^moSj!eP
z6f&Tv1yfQ$$eViCdD_kVb<hld<n4_qWLU@eZ{$>18dtSU42}DbRpb-jYO-YLXqtHL
zs0qWQxapZXN-G<Mv;3?ppkqTe8NV)9gH}YV^)LA+6me-xq!?S&8d`P3^mAlIOAxO2
zB)uw3CihBKS0z)z2dqkT!#iW5IF!u-L)LttMk%u-;!B2pV)@FW&q;f({<X&@=YstS
zGvtOguML01$tLIDObqyX^KIBpHbA|2#&19OeWt-~Tc?p=2e#mM<C7x#krUKQo^#&)
zuX{l`sqUlp5+K9Aj^x4Whh%DKW8|_Ej}(9kZ3f{UMSz3gMVbfY<5YEDP<Q(Za0;Gt
zpSg=-2b~gKf^CCZGwnWJP#YoKE0|nL8C@$M-gnK9*a2BbqvWyT8$WB{jiPcR_;=;7
z!Mrs4v!iBhEZ^gE#81Uqh@{O#830RRGKyxNnEH(2ee^So)M@r87w}Y1x_dE#81iy0
zUp`iJp&a+hk1mniyVqwhj_|*{YH?Pji10g`|9A{m2>$7bqAE7+4(D^<(JfKW{cIsQ
zS7UMSWN%(Hn*a{>Y!-ld{1LFvvG~JCPNLoGx&VM701bJW|2kgIhxHSx6UXXL*2@G|
z4d(hLVZi4J+-7ob0DZ{WwIjjoe*Rm-8Fdg?{ZRD!gxApm7DTeje7^s?5#A5HVhw;}
zp(zj04G2$mXOjRXoGjRNl?4C?773FSVNn3CVia&%ky0{`PF;YwGy#=>CReGd*Z~%p
zmSR})m8QVwihB7$kSpq>#Q6Cw?HdU7IwyxQ%k_5v;m>~4uo!t(2l|0bJ{Z>}JK0~%
zyj?a)eiRkeV$f*M)GDRRn(1>&=>t9j5AW(81?L}C$$zq-8mGh18x~keiz?K`mWFs-
z0R$3jUKfA^LT02<p!E77nn+LBWi1aZx*P#mBjr`>Z}Yxb#JiE8e<)sJOI+ClI0x6g
zIpGu$H#WEZ1;cY~Fg^KIwB=;N0HA`Xlwte+(zSiO*x}b<2Ql`bym@FQ$hCY{WJv%%
zVXW#E!X<^^qb+g3KH-r2v1vl4dl^DCO-Q|5!R$mrlUX@M7VO<rmp1MCOz^kDP;{ov
zt5Lt+cej30v%-h$@5{1dus$M7d#3s~?#q~Q`>PHB58`^dqsQc{{*V)@@Jrh10QpM#
zap$L_wPHy#tt&7ks7kLtQDLYEcJ}2`i@N9OcJ`J?*na1?NhA^7SO(kkbS7y;-Ic<q
z)9_*?d^}I6uA`l=uRdAe7;We`+L!l?*I8+#yf6u*4|tFrQUeMaY&sQbHTQ}+sskSc
zWF{o!`Eo&FRW$@nJLQRV_q<D|gq_+_Tkp5&e!e1HZUXQjc;0Pb1l|<?3Lra--A*gs
z&bpR_9!Gl+!xs-~{GI$Grn-Xs05FQU4?vON_LC9aZ#&CC(##Y=n`-p$<F?tp!=^Q^
ztTMe%gWQJfQ7tj?2gF=HAl#Gzycyt$3D>FCWg?+nvT&`FMNqYneu3ZMu;7hwuf3SF
zK7WN!Y>4j9un2|wErn1deE7GK8&lz^SLSGjO<g*nJ8xY3K8l0_x2-Q-RPd#O6q?JZ
zRX2nf>a|<X_kQ3}^J=1jrU6*}m+Js9aKg#2rfV%rx$f$cOS)~58M+Me^H~CSMX&Zf
zJ{4UG{c)F!D;*;d<Ou8#Ws4)ICJ2a1dhp~J+lx*N<p7qz-5E?1)@TdP%A%c$lF1_q
z3{JY&8u^`=q{tvg7LUo?@z7QQA+sUniU>i17J%G=WL|@I><va#NYd#cPYS%Z|LG5>
zt;x#FDmV@;T@kTL5K*m&+txEq#J!hgi;f}!(tiXT7RuUH=xqtyThYjf-w#oTVB;FS
zd2+xFm~uX`4)VCZI*+%DVn)TW;u|xg-Vzdu10;^$1puN2kL&s3ONF+9C|b#d&xu#_
z!T$|TM!tRdpuq+)R+R@nRU?&;O6&co!Do`YMCe;)8Y@&S9dG&-sP*ZKY1uE(5uoxf
zGSnf4MqJbT1(w7$jsDBtE=qbffCm-EiaJ30dqB(lbLYS=S!=C-x9c_;QMcU$C&+-n
z+!dWN-E3_^6Lu`QXDXBjH$;6z51$e7L_Oxu0UZ|8RaCD?^*5;Oy6kbiaY@Upks+8|
zLSJ|rashpIA31nXy<E3|Ev5^*+^$*8H&Qxqj;hqiCV4K)GJ${XGAv%$ZoY&~g$=z1
zOD#cp>x60x%o_83>h=YtHER<LuI6V%XfOcJJ@0)q*ay8c3~y8mV@3f;9xFDZRv3Pe
zOtPe3dyO5yl;Jjf<6$MZ95|l=D72{&rjAK$_xlxM`!yDDcGjavxnv$bUM-}CbXX2&
zu!-TAFvVfB?*MH~3p#Vy&slK2u0n_ZRR?2nD%fG)0Bx(u?ur}V`CC%^ite3$gKhGU
z;J@0aF2N&m4qde{OxryfpH{wLBRL|P;1_8lx$>p%V0J$rD=L{FY$O;<n}?V!fQxX6
zUPQP0=QI}jhre*0ejo=bXs92h+<^YAS+39DT?q7Jo+EoLgtk3w{KPWTN4x%L!oZ=p
zjgtsn?c0^{D0rSjw@RvwZ-2fe>2`F|6TEIb_BFtZQYB~8RP*cY=R#jinZ<OIp%Dyd
zD$nU&MV|JWkWl7V%W<gDt@&3K59Fn=t|dQwfltOi@+C&QTVmrj$HH0sf;X?gn%utV
zsBev+U#OTvAdVgV<$3QGzeFz!8|uK>@o?pJy*fFB)<hB)vxW@?=B>f>3K8WN>ElOO
zzMu@P>0L8I!pex^2}YZ(bjhVTn%|c&Vs`xTLi$13Ly&Gp9Uj`w9w4ce;c`cXA0Qn-
zYqKeF9)Atfa@|S7+$WOO&XU4pnouXAxnunK_TGJa@x`RA9F5`P5U%Sb2(1L|j8|Z#
z1>$l0M#!5wa_^s;%i9Le{`Nkz3{L8atw~Ml@f@#AycGt6&=K+<AI2CV#**tH-M3$P
z&l!lrr$lw%8G1${wmZZzYSd+0J^+Yl>qghGx6r%n)TEZ}XD2`*8~^>}2NqExi7Mjh
z!)q{>uf`tyrM{PqPJ6oAnnGV$-h)73w;d=;9oyf$ErBtW#JGa~zvO@27x-s#$3X#Q
zK#u+*DTgLTNh@ePQ-1#;{(10d*8|Bi>0oJ-m)d&|Mew|rm}moN@sqnG$iF!5M0GN|
zJ3g9|dJHW~p%r$PZG$dvV_<ogEmj?z03@HcH}s^0+WXZv7QpfAV@IQWyu)VetVj(%
z&bwKU(1Bgi+}ILEpG~-SFc%MgU>M`u5vfE;E&+3vd|}vQZ=~Op>C`?^17GJ8%7rkb
z44w&keet}XDkU7xNt!e^^)r#3SjZWTL9jXVSt9-9Y;ekU$u(Am$X-|O+$t0v%7x&A
z9)}Ghe+36A>rG{a2cjs;DwgBLBywf=f|0h%c;2|iWi&ZHtwd6c@7#zp4~Yw-VTND!
zfwwTqUfG%>FoW!d7?Y{RzQS=M%E3q_;v`FU5EYZf;bQ+abd-5>CGSHo<w3YZkUy=Y
zi7=C)Z|6gV;BejlK$`lY>j=?hRA!4@#XkRCy*X)(2b{3*bkfO|zJ6VHw8scxd1R28
zUX8iBaeNi!b$*i3TPl-IWfVE9p?a0h-O|-5hoCCT;Ki3&L4LpFLMpAQePwj1J^TZe
z8#eAuf2uN}fWglWv@o)5gt{Q?SJ`dPeoX{5bgBj;5Tz7GY^WOlz*iV6C%s0rX$$w`
zXt@S$pFIF6r-nkDrB7BkldljrL8h6$cZxN?HEUib_NQ9zVCc>`5(dyx_`Ecj<j4>B
zcfIh-yupzK{qh$+q9FFg_Pw`@;#jW0IqC2BHJOZPq{<KgQ0VoeG&6-H3zlVzb5&6`
zv_BLpc;jJ)iP#c_Wf*eUvV5?_N_3c9j8BXw!HuXxIoUPt{jJe(k$S&C>j|`%)`aa6
zBWiGlrc#2%=(8>VZ`Jf*+15|7i<PocEc7O4S9n~za>x6pv3n#YAJO5T>r#J-#wZC)
zy`$O|v@9E`9j7~bJ4_kjQ2)OgGVU>l!+qM<m(ghj0>dW}F=>BMWC3_jFVwHol8X$I
zhVW*WECYtak{D2=?&`)ykId=mTV03piP=JTgyArguFq`Dk_n&KCLD(J@^t!v>ubbo
zF$aQ6V%?W3l}5E0kNNChl9x_?{qDWozT%<$bFR|3De~cP`b(`+%{s<C6Al)TGSkK&
zCW&szb&aKifNb*8>gwx6E*m_NR^}w^<fIg(I4j=&254m!h|oVWu%Wq6#$z+a6QglY
zLzRQrD1?HfhSFYZp3nULi{29@A?(L%jEo2UzOgRI{4y~4iDPIm{u(6sfGPORTkDRK
zob<kWG`}5?z$(if&s)We#2`%uJ`7nD{!8L8{Y=s#|AkYe8|-Z`R;3<^(P7Gi$}(aj
z&yZG^f8p?tga%g0!jQDvP$l-8^qOn+pcp88fPAM_>N2l`f=8csAjykiAb|<w@QpXJ
z5TQOM30Z&eI#fpgW1-XaJ9`USI)iY=z(1{_OFU9$HLw=kHbi2EUOUXyU#8Kq#(o2y
z{!1V>o=Uj+<KEnBpgZ~hc7xWZziTopyK<ZkwqnOQ8;p!QJ@OuuRO(MQJ|D5R11P}X
znUa#X?lz6zm6Jgsrf&zp$XOY)F6WC5T5?1`aXye|2ZnRUy7u&cdjVL%-fHDll%T%j
z#vHKbuYZluir5Zq)N5}6(rY^|dzb$=r%7HFiI2<f^Q->)C7@I$DVH$r6?m)SJNb?q
zWYMX;#SKC$_$+gB>|lZX+i9VJhb>swz@Ev`f@Q`f5Zc0ZB;)+ncqt35hs9s*G`R>3
z(N_qnR|D;yKl-P1!QS*JuyLOITL(?($dZ)s7emJh&WssWl#~8*6@L|FgiO{`T1i4U
zk3lRZu2{EtcN7C;ksx7yR|deddMG+X5+N9Ga{(5;j;7eOrT#+a<U+ZKx(N_SeyP%T
z2TrqF3cCPvqy4;ox=6&BY4wkoz$E_+aj(&2UQ66U9n*2nI_u~$i)!Q-4J)TSaTTxb
zEjr&`yu@@7w;bSm#EllJs_xD<>iEgO6zKpsdPM?GNM>8OHLbIU%v3ID6Se$i_zc7`
zd2hb46-zF9ZkLxlNc++PdV$H<(O}EGMxhf8Q1*CtBD29SSap+t&$yW$&vN5Kh<o@&
z26u^3y(K~gWWzQ&xVn67Kt!+=tnd8|KOHRswidea*lmvHkG~!g8hHo}jxh`I8u-rL
z$9`3O&ZRxoIReuCrAatn?9!wn;w_dBsEqrJymt9hKpcT&^}th)fp9Jx`CsCz_}|qz
zcpK<^yrIr?)oFuz;f+mOxPUabjwJBwVI2jTp9^w6(tym1^j>?T8K0Qt(OWkP*jBK~
z$cbHi2atHzXnOf)f2`o6)k0DTExSL_K5#W7x6(Wwtq-NA%0)jZ*1mUu2>B5D#UC#9
z3nLg4OYEmWbb@@R8;CvCxv)Go-Z618HUl)SHvqn^z-p|ZSatV*-0ygzf&lX05<VBt
z;*488oS38l9;WP_yZ6<0qp1W{PLlP%5N^p{>SJ)n{K<IuT>se!hI$bB9~6l)VmMti
zsrlo6g^?V9k$m|;423aXtRWvlF=cqGd=<~IB(S)I!h?!)$Q^IvZOuk|L#8qS$N7C=
zO!xZU^^%1fpzfQg$r3Haa{(-0G2ivUR2}NXliOIqXxRvZ)AD!1>tysFnFqy=9l!(B
z0r}LyR6$jG6!0U<0mjqyxh3%S6PiO2{iXmKQRBV=mhaX_nwC#iXX4R{UO=}e1;7b&
zA%XFOrV$@;(Rv84Q0pyms{c^2bWz;%IIEY&i=!lf=mZzX<9szq<0^Xm82EUZ0P!O0
zn)-ox+25sm7^dg+LkA9kXj-KQx_$TXyv1Nnb|8}fTTis$@#5t>8HC@_pkT1t6S6Yd
z3f<~J5VD%TMsz(ad-j9oiyLkMXhrTJM+=>hnsqAT{02MPzu^LN8n#<OW)7A)eiz`|
zVB+c;?4{s$B)e42`38E}N%jal4sK(_x0+$A9Yl+0hChuC#%{`$Ms0s5xp1#^ukOas
zp*l5!e`LQKCiL(;`9ElT&p^1^wp}<T#2|X~PKp+ji0CD{5Jc}o2tw2#K@c_3OVsFs
z=)Hysqeh76y^UVO=%Vgx<i6kM{l5Kud+$H{Po5voZLKwHUDtUY=W!nAaSiDdG~QuF
zlb(O@yf;>Eu3?L*D1vh$M0XT|?*}1Or@n$+&(;9-FcW-ymx&em__78hTJlGh7}Zz1
zdy4~WRW&i10(TNB@bljV&y?-p_J!bj=Aw2*w5PY<wO(ga;Rl|SKR#nWlyWX@4*%e~
z!l&#%X_Cz}$9Tb#Y_T?&_rsUbRQPlY^p@t`ZEnlGxPncJ{chn};|s1MYJp?oAR><@
zBo$%dqw&AX!_tjr(*V?9RdXxgaQDx3^x8Aq5C+?MEA9(f=yg|G{D_wLyAC%X5|oWi
z&(MsbcQw9*mg5-{BBOg}$Vrcmti54oP@L8f!De?*-^kuIs0OVbv;{dfoYtS!;^BWW
zQ?IYwv0aI{0@9s8;y=WcFbkSggrJE|pXK{)t>+(`I)#q?kXs`qOjB;lDI8xQEWEY1
zd4J->lJI&boc7|2V@qfsN`JELjE9vJhn?<)zf2)H8vUtLZKJ0T<mFn$hI#?Z%zNJh
zk>5G*Xx{>Mld|<j+rbB57rgdkL4YGOZQQ>z-Z<hi-Bu&%e;=<5U5!NI&PcKFW(=Ex
zP;$sJOxhUXOYQDJf%&y+BX~X+3(>0iZ~Fkt6odRe0!3>Ae$poT0K+w=DT0LX>9yn)
z%zAd3yM^l$A%^D~DRqz8g0f&|G&i_si#-p|qwuy=F54#K_V0{)v<PaHhKN5@-CoL@
znUd+*6(CgB@P#B{MI8{cGSQup(0UKaK+jzvOpYz~i0${CF;^x1s6KYs&_>-q(zPY_
zR72`qwP9}0XZP1|4XXBya3>MhO_8Z5kwCKqlGZCl;$ZNaKtMx!(*+vh37Fu%P?`st
z2?oFvv+La*mE>Ihsta@rvGuOo+426+w=15lb2X$s#LvRRR!|QPh@SVPinVpgS5kX~
z-rs8@IV2C=9?~)X#u{!c<-F0bi(Mi{deoHUM6)dc1t<>`QY0*n*-2(qM2=_@M9t)@
zkl+a7#U@o{R3=4hrrA|a)6Lz5ADOKXf9DkeZf@q&Yk2}?cvNLuw-jTZI#zeY`D`%h
zmPxx3@vpN~3#20DsUZj0h463sw(hd*Sp2_OySjl-Z~Czu{e5lfG8)&@qittEzvOE@
zGW2`*A@W0qyenC8%gD9Bo1+0*YJsFS^yg~@C7N$tGhCNb-e?}A<!cpiV%_MpFkM!b
zzT*Q!AVhanJoG~LxE!u~G`}}+AQTT(E@m&o_Ts*1n@*^<o#14g=NkH5GgAylNb8lG
zZi`Igp99ZhtpjfVDU)c?hP_!X+6H!JE=s9I2MbyD)-3=S)G~yQ+ymdWbcwHF97U}&
z?_x`|hx+n6QeHXo?G<_6^Qs*CQ@qODn)w6<<JvHk`)*}(t&RwQjZnk946=zO$R>1B
zQWEz25p5Xsmt7B;k$@M^DER(VI<x3XXail|GP}t<bInJ!W?_5H3|JBb9^s=PdO|(I
zD=gELS#NH%^oPg!$G=X`eMi@<bhdo&6*epSOdyAs)erNj03c_UYECyhMkHc#EC<(-
zc#hc)+CTn0$?Bi|32A;ez|N+KjimySAU!cNY6*&G5eeHN2Z(@8{z<_N;OB4I!$>g`
zp`kQSA+e+3N@G8~_y$G-6^4C7PKJpCd|GdIqv-m0u6Jqw2g7wH>{E7TsS0oz3!L-J
z2ysOae6{K3vyKR`Y;4-|GCRm_lpIB+HFvpI@HD>ldDQE+inC<5$AN)0*~D?+sYyN-
z&6kHTFEaG&78}%rXU_zx1+jUP2SnY%&Uw?$MSsMBxB+k9)sQ%4bcP>4BgzbG!hp^q
zX>Ih`+LvFUA%5Nt)@>=|u<l}1rg*;+qlA|sgA7|66BJc=B{@dq)q;Zb)j6bUz0PDn
z{QEC(&aZ*q=ziH!qs`88<eRbSgejK8jnZc=n$x-*zK^)E9Te0?ijAx$YaO}0%MBDt
zsWtscEsT*YJ5d^pyZ$XEH*crS7q(a9m3`|V3_s!B*`}j7d@&RONt?fp4-@(oT)~eA
zOKFQ&T5ljba%Dy_CvoeQJ2dHRm;_%TVr*XZ5lje_j<R9sv&5Pe7R<5&DS0hRfy14}
z+piV0p$dq&c*)|(#f6DLsmp;F3~_8Pq=3`5JU-O_TRI6663I7FacMs}bR#`skTU^*
zgwJW|$=XCsNsE}<fGDVzNbc3EuMocK=b{1)YmfRelK;7T-@{R9GS?cU2>?iQ*{(Xa
zk1iBgP=>zV7?s4Ba>IP)T9rtT8l3Nc$6b`iR6>)sSyw-hqS;^!?}447=Ph(Rx1JP0
zQd}(EsW&8<DIp32z$hIjU#EnTApNERZip2L8}(ng0gaG<LNf$QV&@}HDG~KEj6wq6
z;RyW<!y^V4#f4Q9xrV4Fwq7&X81gQ;dFxggbu8!&!FS0xc(!E;GoIoSGiFs-_Vm9y
z-%Zmj+Z-y0PmCVK7Zd~j&0obSuulVxYa_4doE&bYt(^ih=C0tLyjYnM;%(l(b?F0#
z#_5Q2@=bzQ7o~^iZU8oDyuVJ9`^X2P39^axa3PIWp>AK5W!_Ye(#Z8UU)g|g*8J`K
zYXQK#R`GH@6L!qNx54pWMk%R+aknuOR1F<vD|Nr2?*~F!zVykjPSLHX3P*vv*Jn%B
zR|Md4Nv^Zml+Gq*&jaIeiRhVSlsy0yGg$ge+Pd#^z)SvXKJl-;S4DgxVq3s#P5@xe
z4p+SYJuxXY7}a}dKb`DQiyJ>zW5ZziD>(zi^e^5z{@7IZ11&^EkQsZRttk1h<y5Wi
z`orzD`nUynlRxpjwN8P_bbhQfSiFLe5GvRgfZr?hzr8ViFSrAGMC1>C&+rQY5l0`z
z|Hm@e*1#ijd=z+vUQOMiZc*{{L{e06XPON@vi0G%<3cvn<D7o>c?MH}Kl)?zhoHMb
z%qV&IZC^j4kt21~RoB+{cMWTw77cbb=?K?;uHc_D;qn-hEM$)VDKyI#2iEv9Q-(O8
zt@*nFa>aB2KyGpvR?BjcC+SFh$ORJlCt3l!Ck(>QwX7ao`Z@HVzU(J`6Djvl4#+D8
zU4=~(?Er>MDPkL50fTwcbo@5yz+zrXromWj6j{r>iE*;!G;R<DO%l&*#SV?ZVByfa
zS-l2;f3(_u1|Bdjwm+z$nJGuu8Fx47B$`c3U+xNBG2nS6L7yc9hk&xTBZ_T4)us!h
zi-D<n9(5gndSYcTPb2P3iq?V22e@`?faXfBNs}+I*@pE2XLqwssKieHjVrWT)!gW>
z5frTNKs#m+pytQ5M2A0KA;tX{pQMSWfUMN6J!v-jng9<s{YljiaNe{A0L??vY})tP
z&@7uxdNv8)^Gj}AFngEW7j!%YM#zC2JF*J350>Rz@x;L}<tMvu``YdsW#1RfCsOhp
zv*LTZ4nXg!q#=}bU<{b#o7TeE5UoyBq&HL;ZszUo_TTH}2O0$=t{imaldwxZ8GiZp
z@U@b@EIgasHo`(M1;O3&s`=TVkO8j$QLW?rTq=i&jKUT2!W(fM8gh$$RE{NhV^0$C
z;H;XsTuo79aZ<`Oq-3}29~v21!f6?7MB!4C5<4Ain0ParsrK|?9xfwmCjHJh9mO9x
z*Psej^u9}bC`~vsDK>l@D;X43_qiVNnUrq7KG+zme0SlMZ`|0R?-<iky5YbAw?&Z@
zEOx~YU?^VDE6N6@%*S5Rwv{vvA@Rt1;N;F{KaHpjCs9@Kr+ooD2g&}Zh|$l{a#9#d
zri1?Ink<noi~fDqn}+uX+f^p#vT35tw#h^b)w6@gaoJ!K7EgzA>|T&=VCETb6r07w
z17b1WohR_u&Mzte>!!qGnN`n0k3%Vm-&WnNS1F!HSvL4ahN#=lQ?S(9Xuj>r4v0w`
zvJ&0Ewc8l43aPdklS(j7F8n}&r{cD$O#EvO$8M+pg|Qrt_<^Fy{&}2%U0I;7;V&8=
zz!s3IJZ-!1V?~F(YU_3jX;XU6FoAG;pqy~8NjW+T7Eg-QvGeCOOM8Ma)kHb%?Yo-o
zPHg#*A7$W)dK{H@cKRey&9$K)<C&6vRtsi?qOSSI^Co``cFxr$l=%{#m333>8i_^r
zuQB1!>5ee`Q_w%ni{~GET987Q#7kX<99^lgpAoNy7=y2t5~_=6RXRwQ^aG2CJt1+p
zMT!5QZDX{IZ4-(~4sJAWdK0xvfr!asz1Nwib>j+~iRMkZfDUCiZPipRQeIKkt&d-L
zz<tDTD=Y4JFgMbH3@fw2cJP{jo7LbKUBpko#QdJB*MV1u`Q}-PA#BVtt`nqf2dlxy
zyHgzMlWjz%k6ezY%8?^hrKSbUND8bJdtEtODxaRA6GR2q3&@N}md2J4C2Y|=X+BiQ
zOoN-}{UJMKhUPTog%${3xr#}?-jA`Jf8jGjW)_|+?LWt^CGbcAH}3|mHrdXZeE|C<
zQP~XBf8(JE?!Er^%;^sxc01)@Hki+CXQ9^Nj|<K_U^QQ9GsYVmEKv0djBsH(u{ZWD
z7brl-p+-3H?u&qWWX)Ug$%SmS2@GQcF1$f`1mO8KKpb_?q~B*s0R)lrez*{kX(}^{
z3tMo9Hy3gNrXn@L86{Hr(=W0?H+rr24(Sm`-+fyAbaF?R`D{BD;hpjnK{{}$AOlvN
z@c?h|&Ld-9V`C9OM^h*s39yh7rG$TmEb|y5T%){Bx8*Ut9$}}eG^QYaspx)_k1O{0
zvy=C%0btI(K@HVB3F%2tmFn9%fQ5UP<&87@EtYb;XXZ?IaKPZ00mJox7PF_N97M({
z;AoJNW83~LJVF{?nR>p)NgdFVQDXQ?z5X&0VUu$n2}IWu-AV)zcEj=dlt=UxkWx9r
zP;%_g%q9S@b|^`dpbl3D<Wox2Km#Y%t{5;1gTNg4;Q)xjPnUU_=^j`5Qehd=ef5p-
z8;?wLZw(~f0~5df4@V58=>+VuAUOEFxoVl3i8DanF#z1iS3X&$W>CRheH7!k^C%i?
z2~N{@)#ZI)u!*242&Q)11-_?8#^!pcU8c{v>`=5kGgN>ZVBq9YYT<6GXOO^}G(M}3
z<~|pzIce&c&c2At+MpV)^b}~WaZY0n-pB#-drv`=i^HhS`7}i|mTH1I`^SRdW3S*Q
z+`|QPk^3;f`%v2@mym%W+1IVrNM;iM!Yf{sN3+kcFfG<wN^v*s>#E9qBZfKvEyK<@
z2@2Fb(61%qU;J!B!F1=`ZlXFY)nn%|#b<Dw3T=^Kizkl63S!U^#~5BsUXN*&`XReo
zE$%OB0l4<P@XG5eY_?E{FdH%oFw5N^Ry+>IEUgzAamr4iCsx3O9e?B$v;%Vi*)dr4
zQU`+)wC%c#P!oh->=1)$sIIQprtpGjq^ga7Q$4_|#8NLL(UVegg(47oHyTZ!#+M^J
z6m$`0C`<*W64Hv7k)aNN4XvnaDcNdArAC$l={~tBnzZNQV8Xs&^klubUd492&0-4c
z>b0jqWVdp`;<k>yTa0OY%c36KDYgS3<Dy2|Cq&X~j3_6TslwoXqwP(bROqRHMl=Bq
z)(J_e2$y$~lxb%S$B$=hWh8j{NZi}dj8FH?u4SvHr2;97QU@smXTk}Fb^PkIocn6A
za}P9%Zie6&cD@6*0m42S7jKqM5brfb0BXwtp|{VrX6g(7JS%yGO27$z!!HEi8m?DJ
zQ$&?7SRHw91E#o+rt071WJrIYb&=NC-&o4d`}Hv21_OYGGf2-(^O@60N)00Ge<)>E
zpJ<^(7Mpb+8a8+c#qt=9=kbWz$JZkT)+Xe9oTKCAZ1F!L<Kt})L4`kwS2OveI&4So
zgFC3bi2QEQ;b3h-S3FvHt?Qv4PH?CXSO?%pqJ;XVnd6e=NAx-Es=(yZ!|%MDA-tfE
zgdwvhKxXOZk81L=59<$s7x%BwQ3`fUtTNfN;DXE~D}^ApKJT2q)pK6TR-2STeV6B4
zF<iKfStCbqn#T8kQ{?G0B|=H$47BzKz})8tx9-S)_r#gmEW7+UA;^e`80cviwWDrR
zgoK&;Rj4lIksQ+|q=uOpTKmB}3BflWUx=y~xTxE^!RKQi!)5m?4eBA#w=@wym1HAy
zENr}&QuYM9;X$opfv-0Q_Qo%K)Kd4*3!unV{wl-F=|puTyxX69H3%sX9MiZC#;$%Z
zWgA;!dTR+3$dc$=^E)tzoNT!o_P?<)<r`{no(COvT-`_Ggn6T6KK3^_-i-`g29(BM
zh2}n6IwsEzeZ7+~FB8~IP$;L03h@|9QXD;g{J8S<Z+%Yv$`^*Ab6QBNYKgNwjeLNh
z3gm#6Dia(j(*9EMtif(d*cu!Iks|2mo9a4;7ppYWO~&W5b-P;b<e$4$7@+10i6=vn
z*@Y!wDM+>|epys~Q1#v|XqN9Il5)rj58BbxCXvtT$w{fve+6onaa-#}P|jnFFY=-V
zx?=zrmM>i)gUXS)3-<Bvn-i|$_Ec1Ts*&*O7RQHmKlrB&b^nM#5tY8GEBc^_Hq*W$
z;vL10jg>-*>QD-YTyzV}WI4{a_W@<$(A5(#!JC80$9eX>=~&;;%>;aob29p+CRmd6
zHe=<oXVu_*3-{yIoY>J{ad+tmnZ%Rr5ZiM56QH<Za$n2K8SFx0x~g6TMJOgfIRm;?
zM&kS^Q+TKv$ZXcO*zLdVQx@q}y#JLfBn>1++2B~Fft)liMG#*xz@O`ch*4DG&(5O8
zzOmaP#Sn3)66~8ypi)~<4Hyr$3#RZ`=-=wixXJ)X`mkr<$N)_+cYb5@E@XzGdc9q#
z7y`oB??at>9rW*-r}}&$-sV2AG{v7%Jo`9U%a|W*cWE`Qh{TAy6py4zr3D`?WTLjf
z;UstWSNi-g{g{1wFj57r!tgA!K-eUq0V1mvpujK^uDYefmoGXZSq6cm=T_ZB)k}Gi
z*Beh+gu&q<*<gncR9X#ygTtg1D|?cKqI;)7cFj{w6IWcIg24@g-W0YIQ{Q{E|Ls}J
zwK{MfjupswdBVNmm8<@xsackQn}+gT{mS$a<98{PF!&Q=uRoxOS+;VOC9d1<SH>ip
zcl89{<9|EIFO~XkVYyUofEp=o;I`ZeAy$0_WaakF=H-FAYFJoC`I;PS;Bce0b5H^(
zqAY)Wls#jZW7^&%X`RJ^oB;+(yWkwdQA-RJ8N`EwHB`Zo0orq?pmbOhC~OA>oRA($
z`g9)WGyI$TnlRM<Ck5jg$<d6*E}<vL0c$lNRrP{%RbKRGJ&wZ`xA_st;#ZDqOoUN9
zH9YdC3jgfu7YSIGskzSx8)FMLd7f9~AVv1uyR-5!{#}QSDsiD*jnL7%9YQ<hpao-X
zE^;$iBT2bNrVW%S(%=gjze-Tb64U+qVI?9|$rw2P>pK$9@DY?r08)hF*!L+zYsCkA
zI5l&w8j~?TNq;ntk?{U5Xz~mxO0<fdOAB^`Uo&J6WzYwwBkjzP8#T$l1^3Znktiki
zeFq!?3USWC!W)byM=ZGN`TkO>sbz;vxI;Y}clx{DhDLiDfH`p5JGKN6NlBy~OA~1g
z@C+#+iKQ2M)ymg%SIwvJKG1@33ggesAO4<@2jU&=cOQ^4O-helB?GUo(E}!@sNn-u
z;U*v(c-?TA=*+<3IFCi%Y-&Op0V=YVZ2*c69TSv4@&YV^Jg~tkUo9%`yI>i!F@FIl
z5e1HEyGJYRoSRcj?+mYNlXV*#mPQf4#J(|n+BC#&u<BTVNFu$keIqGMfX2|D+7XJ<
zZM&-mYIb81xG?a}$(Io{T_pYNr<`AgE$&qSPD{dfX+oR<&6>XhSz#^cix_?5yUr+@
z!05ihvi}OxHK0f%_K9#v2fJ1}=oI+us{y#S(uB*T=_`?noT+*l-%PZ93Q(yUoi*6J
zX^_qipi;GkVn|;<e%tY0uyj3T=_P7Puh?+5Uo%6^o8$en3f5VG4hudV_Vdv8vh+7$
zy!KU!1Wg5??kkXv_b~Dp9FnmYU{zs6z!og%XV}_-Gj7Wa6m_o#lm+^Zw&%5=%A!6I
z+ybNiAs5DV&X3#H+1Q9Kdn9Q2qwb0x@q+Rd=7VoCL1dgW9)MfY`ogdmgr>LQkqPwx
ze^?EiS{^6fH+$cS^iyu=co;Tx^z?~@j08BaPXghM!nrE6ty2OoQn!@qkX|q&a(Ime
zrzUxiU5|d{M|ESN{{n2AxnDU96zW}*SP1kGTjkfW@CL!k+1s$NZ~;o#6xq>EdC>=?
zK#LN0s_PlfFLvBheb8ejZoc!RQKbR1+Ch@c^pqTwB4JBXDx8bUMQ?4aKPVr>7KfXn
zZ(+lXyg22)&MhUFf!)s2*~Q-jwz@H2i&A*Q=Is)}y<3p97VbboA9>_v;T5}S!?1&Z
z<n50A@Z{gD=&M^h_}<_`>V9+Uxc&a_f0MQ;CT!Rb!t<7|L*#Z)Nwe8~%TlbFWl8Zt
zqrkxfgYs+`gs;H(@gcL&QO^eeVp!OGpMBC{2pEP>nhcL*WF2Zrl{J|cUVxBbz2!U7
z7HUsdHU#RcvOAi09>Vddy3=#tOu0g4xM9DS!lQeXz*)jB>wsu&gs{z%VNc2+e<WoL
z%-=H;*+H09yePcKKuV#~L!EYz8HDeT1ss<A?HbQs_YgjupGc*9+2lRw%3)Y}CEp^x
zo&3ncZT04xWE+DDs}QSVsE0)Nmrz*)08oaXEm?$wWsiCU*zf|77A|buaotZdCZoG}
zTqU2HksK?F=B{pOx}q{IC!pUnX#z<i7=#^uDp9*EWz$Tm&x4@)fPKwKAP%YOA8(OL
zU=c-t59^*I)0_DV8#vitePd1+0V}hABkVL<Rh(r(!wcnu`?=Wz9KuMVZasIQej0)V
zh9{b|PfjH?#gA9mTvVh0ruGnW0F@;r@&zI$-nN2$O;2LH>-CWW*=+XMvTtg~cJ+8U
zGXC*`Sd*#IJyHkovQLDamagxEN+o+Zlrkiu@?+p(^1WwL_wK-$Gv(@3eoFizdDN85
zrkeg_@Lw&!BB#0=I5es+o;_hPIEh(iJ{w_EFLZT!pW?T<$aCe-h=q;yX_nu1J*?=d
zHUoE16S0~A?S_DTF&Gk17aHomv7iAjHSrN1<1c^oLNiZ2VA|`%)_StG?2|=y@ogwD
z3W*nXUU>u*)Q>551-~8usax1v72hQ3!B6o)s2e|&+{RR}WzUL(JjRHaBtIisX&3<b
zal*b{@3tBkb)B{f5K9&~Cf-E}%us4Mq@85(RalNnO1_FySoJJrPLcROEDY(N_umvE
zf=Lbqza0YpC>_i%NYgL~BM3gca^#d;20zPbN6ykF=%Acoje{NGd`)l509^YUldmo_
zbS1)jN=k}Krc~H}KywQiv~WFn-|;=KM0ZG5P!)(CpU)TZkkdW8W9os?MM^oK7cCY#
zqJGSsgCpOv0M?K{OPt?#2#9|Zg|K=1JK)zo6L@=rN$7r|$ti0+>;?k`B?;e0*Rg#Q
zDXxr($c0i%E_TL-aPE}(20mpF4g7}>B$4PR!Fq0%2ZXlAw0^zGPea9IS^;M$2dqr!
zLkfkWdhuZwOW>EhRH)N@624!~z_S?;f86sGU}qsN@ACmRHWF+y=|^|qQVS6bBHG#A
zp|MO7_irw67DG|H68&3M_A{y3wQnE-DQ+CF2^ClW6WcG~eU#q}L^!{roLub#;bra4
zlQ&=F-AOSQl83Y2eh1)+qiUV<b<(fF1dt5!`y~y>)^n6jTYPfON;#x)2jsHM9f&74
z9&C<)V<N?+O^ul^>!NTe2zeMcBVenwXX$~O{K@{k!bgGuJ=cPUjzOZ#e_8;lp7PGP
zXxhQ%uEr=*_;G0Hvlj3_Z|uN+XDD|$dUO2zxfe*5lEn{Tr1<xMD58pnoP`jR6b3#1
zczt@?7;%-$5B)vu-MOA^Lc_^sebo;q(DK?yX;yl7U(0p1<WDF+Enu;MdKHSnY^4SY
zg7({sj0amYs`d?kZtri5MVDLl*cprjb{m&J$GdCXU}#(1CN~LAT-5-mc(7C4^f5Ry
z>!rcF{>X>eJchODOL$zqm;n=@fygDSOvnKYDW?3c45=FV6hCb7V80+BUWH}-Nxj|f
z4hH_jyn3$CA~q4kir{;n|F;D$iB!XO?iu#+Si(?!05%Evl4Ap0NT(Hg4luzgz<k&l
zjzGU6e;h5>%@zrO$Sq*6*eMI%+U?d+W1w?h3wSc}Sp=5SZsfYk*E~G&CMjO<hy?Zr
zyos+a^BPu?u2$CpKsN^RvUcVueP8c$Xl=I=^f!RePs>c(Fz2ftUu6f2h5ixJ7A|}b
z+e)1ToS6v_MBi|cftCUslnU4!5u|_%Ths{p{(yao0HQ{M_Kok*0!sRKoJMtg%E^LJ
zyq3SXo!FpI$TO&GlhUUvl1M9TlEe|<*M{j$e**%_SI4yj-gGu#$U`zcE0Gy>6XNw_
z*bz)pR0WYe;{%*jHaPt;7<50jZaVi@Goz>>UbER|S01<c$f4@D8Zv=lSD1sVHXs}^
z8N)x4IVWTa;XDp68L#0+yZjoSrC8}NVI~Rk{@W$t62j2p;GCI)XeA9U@J=;w8M3v3
zfn5$!)5rBpHs&Ltb%{p|u%g$0jBmoer2_u=I2e>!as}E&>T}%X(2Iq0@~!ib!5W~7
zzxj+Q&Y*2`IosfM{Zs^~<Eoqb(*Ws@z3_hVyI$=5)o^dL`XSAYlQT>cZM4w(4qD=D
z3y=1!TW#EBMU>)4Y`E}Ls^4a#ctKg8;$2B^4v1GLJ~O@f+H=!5E9}$Ou8t-GRpoj=
zLnJnq#BRSzAXxVT<q&!im#Et?A(iMjdbU%c@<%HIe{{61wP1ASJ=`KSznw{}lvJ@N
zQRafY&1zz2GKH_Huxi|BgoJ1F>UZyc!-K$CP4rMAfAVflce9fT2A&M>mxuHo_Gf0<
zQ$huQC_QL~3wAa$v_fw~Yul76n&GaUt&*+RC6RL2y7(UcGbU~4(P^qOMr9EK=aIdQ
z7sh&;)Dbr%y+t6P`|Y5w0G0pxHfGck7gD#)`|4-2h6v)(IO@Ik6k>s2yndsM8~yv|
zuuoE7!XNqA(wYKh=bU+4A(@p4oZQNJC<JJ9Mcin_O=ff124G>lvX7|Xa^wd)+~#YV
zrg7%jfXp!WOW+63KXISuj*N7c5$oRX1P-ef4(!^QQvXbqZbW4l4b~>YS$edqBBtWQ
zwE_Mq*VQ3zH%_#UjgYh%B|XdOOc5j_qEO_aqNQ_z(yBa3V91q`!Yj>vwHkLQJVLMN
zz~!WPMEA?cJ9~>Cf&06Qxy0dkvFc$VYH4I4gg!Id!^y0B-wqzF&VU#=YhKIJtS0|O
zmX=TuqV4uW65N*$rNRw*@K_+SY~*}|KOi2bHM6I%DqJCUzgIJ4vEVN0O#!iRqp?Fc
z#0+T$-xrrc;=|aUk)$4X+<(sQ>wOhk%ZV;?qZG(~D)~OC`D_0d>fy2hDyx=Fr~B)=
zZO;xf2-eaIpRSGx2I&v=*j4F$g_9^yV@k4{oHzY5@l-PmSER9P(Y$2(vw6fR%I}|p
z|I^K?)~uToke3$aE|s)35nki&LemWcwnAF(lhD31YB0^uLuJAD%LzhL-`)KBiB8cx
z>&NdM16%E4Dr_=2W;MxF{SOwdG}G@L_+~j`2s{I?fKMaECAyzc@gwp&n~4C7@J*qf
zEcneoUAYjY4`f|<AWU*+$L{wZNJrKAdKW<*zCOc~w@uNudg65XaB{PGOX0Vc45Yld
zV0Q^SeL{@Lk47s;+)o!{-9mBbj9$ic#+d3tQ}BBHn2J;me(I?Gk)nBVIJ;Z9j=~uz
zEgW?}4*n??eGY51seKrhWoSYLp)ZF(<$otCTYZN?9Z=>s<C--ZUE@R9)G!QmUzwmA
zhL`5!x*}ytLL2>}X|=Lw&7939m{20+U^FkJ(qxKb=(Vfiw=u7qL^Ir`>S+%ka$q%H
zn`K|7p_n-Je#D9hrLRE`5~nho0Y7_rWI0mcI4^4;>#WjYD$ieTuvFcG_SD4Aw<AKU
z@HxdJrc8rn<qq+$3M60ysKMV)+@)XS4>66HAyM#;kD`XEo-I-EGD;$8unozN9>S+(
zb!`O<I;m7t(?oUdwVBf$Bx~48qT^vP;%)Xp!5)=WpWl&IEIsy=L{eg?smQ=clJIff
z*#5u>5)`saK`<ak{M9`gMJecLcb9)?FNzg>4TWl=tZz2FrX^N_%yklO#gASo5czxd
z(BKv;WRC4l-)zPg#rJ;~P5SQkjpB-Q%ZwYd5?=`82(W#yNfl%wzpr&dVJ#(8;kN}H
zUwtYeMJL8bq3~5bf7|g2`hnXh`Au2tbc5HxJJ*r?O|Don1udP+ya@!vJ6u;<zgb^Q
z8~QuPvq#6%Yg`OhI2Pv`c^=P@s}WB$`{=A_1T&-fA#lvbwd<+f%ee}H@A8td&E^ro
z+4zOSt_Z+|#inH@-pHa3lN}?O^SdcqTR&(oX@rQ#oV)w4R?;@YgktVgc1G#1b#;gy
zvDE7ib*Z>Mi)4k?hIx<ZVg0W!3lc=wbDUZibgI9UMe~Ctf2JoC;<`|e!pV7@bcIdl
z7`A~KI!Cp4&w8XZ1$FAUN*^nu<U<ZsZ|HtiAwiR2u_3P4s0ywv+B}{C6+1VK&5<<q
zTARl6WM6L=Y;Ir)n5Iag?x!qifiH8Ct<+we`&97TxJ}57Pf<eK+Y>7|@?bw#aL`JB
z8&tP8&9p_>h_!P^gH-$m+B$DuYu>E3we;AXh!O%eT~H{RPq%?JlLEVt6;+Frw|-Js
zoW$`ul{2KJ%HdvMA1f}LMpkic45T?dte;@+J~!n7hwUFcESMWjP$qg%HT9NRnJ);z
zm8JyCFYkh98xy|v?zOJ1`$G-HjUxv8F3A+TE~|FKJT9oN95R$ypkGfE{=SBV{-JN~
zARa3OzQapqKWjxI_OzWIa6fLVIx(25Aenc&RSm*Q(lf<iIO21ENLg>nk~olK!R&RL
z)dVc{kNf{VLNr?QP7kR;ii|foEQLO2sG5Q5hyp%pHQo+%U1^*^fS=^B)hPa2U#Wsc
z_;sU60wcnZL;)M|6J$fetgavFgv_X0Ft%>;RN91ld1O#*!R?O^P#`K77G4ST{D9;)
zFvas&XtC!#-O14NGgt`c+F?6Uy&IyE%c$~8R*r$g*Si=>-95}gKjiYh&5nWeUT0TF
z8J?<3vTd0j37Qf_YKh?-vaEdnguj;>kmo@?l|+cnEp^AZg3+M)o7P$q^`CBM7c(RA
zu`<){1!NX}Q4ZY}!o&wWKlI>oI7<sT1}&-iq>ayNZnu*vq1d!^!M4ihi&wDx^TP=z
zS0TpmFhjg_j>+x#uFBQccX<@_#R1aQSx|@_3#Mesl#&u$8@{e2A<T-RfU%X4rLL`r
znO10Ewpq@`UY!wmO6_W*J9dg!uKS*iOf9p=T$P{<3~EJvz&;0}oEHGkz<Z+h((oZ9
zWkAFH1xPM50Gh*$Y-)aeWv-~$zr|;o={uSGfV%rL8~wxJ+(9L5tSO;23fL6M(GItA
zYv!3-n4M@<Qv7+c76={^l=pORZ9Uw5B^ahgGH+Y{aGYrE7Arc6;NrbH4W{vLQTMTq
zhs^=twTJRR!;ucC$vyy=Fq6I*%?O5g%mcH&JO(kYZ-6zbe`Zk6Cqo*hzxQN|qDXB&
ze3%y{2%tg?0gPOJGKGtQ;)q&`mCGNF@9})GseK9~W&vt|sZThoZT#2{nfjnp;RzV5
z7y)~@H8{Z@3_NvIAEa1!bb%DEmSdqc9`@c_g?|5I{OiKGt_n@T1a?TWTPLs;nOkqi
zByvRI6=;s+IlQ%*?k;>Prjtss<Q2+N<((Ry2ZuXbsq3~WW~jKzX6z$Srso`*Jke*0
zh@b7olUMfT8nTsUenJ1RrAr|)AgB6k3g2@wpY-j)o1!)afW4CwkF^=~R0%pY%Yl8l
z@>y;*)ZZ_=xocCJO5G+gO#A!w#G}d}!mqP9xb`f+bzOg?au9m<XJ4V{{B+4syS|P6
zECB(8UDoPA4shZeS^*Wyz`IA+<W2nJXO;2f2_alVHuB60^bfnb6iUGZ)Ti;iAn{?|
z9%R0`QSg-&?E@jokz#-38WcB2Hb)1$n(<MA_NQyEyiznxaJ_`*ab@6%>lN#R6TrT&
zf>S>;fsC($;txP=3Niq-J#?~R`qUMhN$*M{)ZMJXB-CIbJ=?5N@0K^lN6kM1VtiuJ
zRZ8Xab85oWw}M|>52a8acBai1&w*3+`=;pNV`gu<frR^JxnTZ-yTyf!bfK(Qprs4_
z+CTI7sB(sTu|tgq5t{sRHg5)DoVM+N%9}zA;(9v80Zg(~$L69yK~x|md4A0Lb>Pd3
zxs|*S|DMPUvZC-Yaklj>VOJI*8+raAeOZmP_3a=>aE`_v@W`x~aP3-se~W(Td(N2!
zhd}tNIr9ZW0+3eEjzhn{OntR<D@V`S2z94it%Czuns*S*gQHbVKc=~UqZ0u-dl{fI
z*8o~2J(_l4?BWm;`x5&XwF>=WYnOsNN$Rz5+QMraw^W68KMvf~15N4YILI#}w_7d{
zrUOMuNE40U&8Y$GFXcWeSJ^>&(n~<cO&##ORh`lHl+`i-Dt&Mm<epQXQNcd#R4YIr
z=3Z8cD*bjAvFZX<&SKtU>QQZwgUHV`eYyDs{W}YGK#<5Y%y8aI+iJ+^X*dcVJ}-|8
zr~itOKmrSTV<+gs&rdS3B}Grdwi^7bhijX9+rSh-CXgw|PH{G{%oA!W#(<SdAW!If
zcgU2Lnf}}L2nIwbb`pVV{9R*7rtVa>9(Cm{+-42sJ3Q~lQt>=SZ+unjxa*25mXMTq
z%Ed)UzbAZVzproITZ^Mr2oHI6d(p8Ad-eNm>~MPVN9#H~nQcy%Plq@u^1uv`qk$a$
zAUKp<15Ev~b8v9jc?xiXE<KWmg@xY5?BHzb!!P>9&Mt+B?Zlku9Ir=COJ28n)Wh-$
z$yGtmtbKrTz!?OXJ{ty>f@T5yuUM~MX#7Stl?+Tv-^uHCI-6Y4K6b$Rcj)MP&?%^c
z)dKJ-MxPIsDMfxTsqXATuabq=p%7TBQsBccnP+vmwhfdl!?M2aHpW}#MF{>($pJk8
zd5w5ecF?iZGMSuYzcH?Pa`rKs&vejr?V(4x*6yOa#lNFetai0T&CdU*`UFEr9U1^!
z)vFD(5A6-gOm?GLC4r-zx27fX<}0Qa_15TK!x^ELscWrDFryYHpNOXVvJ9AqhHVX_
zXYSu|Fgds>%u~c084=QuUi31qAL-?3S{=@3{J`>8R)gn>ut~t5+h2iTI6N^;<14E$
zMA$J#1ja^6nTo%@A?5u*6-XkCoJ^}30EjCtywc%0^Sl*aaX?qhG_DyEZN2q!+!qY-
zG2cIY-#3uMItTsWY%87iE0J;F1^w_g;EwYVM_$~ow|VL5W^<Xu+RpCde9BZo^S-(k
zkh6JG$@KO*uj(0Z8hA4)X^IZmhv_{;1Dn#zwk<Ud#m<B4(>JYkIUYz(g0YJz+DZ32
z-_Ew*RPVD8ZcC+0@6uUq`<9r}282~(dQqUEx6M0!`{l-hdF|t7wWQnZsBY}oOqFfk
z{uKWltUC$HEySFvw!S^P7P@#IclwZ$+Je3KvcPs%;q6RyR1#U?Mt?Q|W{~-<Ur+~z
zYsSM9X(A6F54yco?L3={-cghwOWj$DOBr@t1VN*c{DF!s*pII*)=Tk!0vUzMn@LCc
zV2e`qx3kSS%@@+((pp(=#y$IAZV)`I#}NWD&j<s-&Lj~#y&M90zviwEH>%XSHtgv$
z2h8;r#0Y{6EcH-#rmN0$Oy>il60Av&4$OM;WQzrE2>^ZaA83uNV5f`4WR((C_%$sB
zsOr?>)sgAi9ll%y-#Qp==w`jWKgNc{+^;tMIS$DzGF7~oI`{9r9)o*HT|G!~ShRZT
zW;Of_2&zC4Pt6cB857F7xaDqWuW0xAS5Q3AKrj7V@6&lI)ENu(5BsRF3GHjKId=0K
zn(r`jR#lLBQ(lpO8;?yQBfSF$2QGw2*y++~hQC?_46^_N-YD+dsc~k(S=R=1&b-mQ
z;m@(15gcPF6y61qk?{^JoFu&gnZOSS>M?81hh4ifXa_%bIRKmja5<3?JsMK(4hvaV
z<``z*pj=4C2%?ux1)x<fvoD^yazG@Yg%2d;iZR$=DXMQCA9U3Q?w#F6SJ>#QQq)ze
zlNkR@4hYxDReV?J^<KruGwir#ov~2WN+nJGT|?w8E{1|vS8caW$&5PU*bXWU>tq5f
z5K4a<K&ht6m}3^3Kd_bJKJZoaPjpE^Z}u(ov2vdS(Nn(PUPo3c1N0-5mtVrmFj6$1
znVuqit<slClZ8c;0z`PsOFbw9O<8VJo?&9VQ!}lXy{n&ZUHU||g?@T5l@PIFSS+fD
zN>l1oew$R2QAjtEKXb@$D_hUFML*E#u`B+0ZXTW)o!!Odn068J$@#OP`LS(B{aW4L
z2coC3-?whoIR~l46e$1`rq_;x!}Y*V1@{)0w{d`<!yvu=<@;GZr0{TyOPsgN<=08Q
z78`G237AsMuwTjCv!1KAR)=N`>|3Wonx=zXmFs2Um4`n3;DI>diTsHBQT@rnk4LI%
zqliZA9vQe3g{|W1rt}~@9~6B$eVEdd8jb(%UMjEsgu+Dq^{2)Vj9ZstIQ^qLo!XxZ
zlST&C9vct*$(pqA?5a4%EG0;DQ2gvXWjMaPP|0=SZna{>^<X53heE`de-O1pK!_>i
z$+=zcs_^cJS<A{rgdzVem#wE`AlXq)NKAS+?3?VEmyvAtdyFC1AJH?nEw=k-h3*66
z&iSq!$1bgvx%<5;{i-tq)yud~!QqO%2Rvu1kNo5&Jp{DgE_}JE=REmpxVO_pK@ch*
z#=->Fr#rkok;5&nvx2V!HrKvsdipX5X(=inH8-2Ty9}K>UD<beG0?@P(TXyo#&~{p
zd%iEwa*Z)mqIz0wtWzM7)~yqHj@VMGTWfa9pU$FWC@@UnCptc)$ZT9|#>qc^Ax+Ux
zk=>J|xgT}SIaft`eAtu3EK5D{OQtIj;9SvRnSC?MO#kq8(&hR$@6|>J<hbvG<xeXu
z-FPV#w_)(2B3>o_ox@qQmF2f@uj5O{_5WwV^ax{VG-q~At)aw{t3*`q3*_v0>Bj!@
zdg4&V16jr1<0z){-(^%Vvh2s1=LxpI6*))Nt&Vrk<0`ir<a2*|FSDN+zqRTf#Bp9t
z6P}zhq}nD4&z$m2CWp0r=eS(lywo?~*OXCR6@#N1$?FyW{Xtnyj6_YyZG-x*u0~Y%
za9}Yq`bD_0i@%0q+|Be4558M#*jZ<v64-KdwO8$R`MWvu=)gJez2&7yco4=<NG<)f
z@$4i1uSDmz?8a{gshx9~(zEUw!2w23?Lf&k`vQ#15FM(Hvj4NSQscF^sDNo5>k4Xr
zR^&o8jx(qAB-?q_>i4Lgv$$pP4L#@5AJx5uLC!;;1}ZK3N1X3#ENR~D0&YjK^yg$L
zoO*HL+9k>z`A%O<)bu4xX|+5KNIM-&m~7Ykjg8VA4^=o1rjsfUo2n}d%yDt$Um6bx
z<DY^MiY{<?M9DCl>qxZT+?S5#W#>9-)|jVX1Xc;1N=_B>&p}hS6Cb6s?fqD`gHT<2
z(<7fQh1)=_+sT#D<1}3BZQ&-<w_<HW33l`tZp_7iRm|onX%+9q+warP97e+V{Y!Sj
zqbR%aVRLWm`TP*7JjHd96`M^D&OP}LpF><7$dtfbE>n(!reLR@px}?kmEE!NlBA$U
zdbm6b{`o*vGyXRwdyx}QCd*R&UHH!1L+Rr*e^>mDm|NVn*iRha88lOm%@1TzC+4@!
z>3=|1Ts6us7bQ!xWMKXPzSmP%O!RnWWD0fgj2rLnYVDnU7YiCTV8}8M_nc_?eE`_j
zW$kvD!5Afp4=c5^Jzg8qAQ1(CEOFMsyKXku2~fHf14rszAa_cB5BjzPHm;TgBS{~V
zfMRsd?2wy&QTV~;cs58#fFR7--0^v7Z|Fv=2~XSy(`pu^(Z?I4D6kB044;-m0v$|L
znRKoXUgioQmYO>lcWI8zkzCBy!!5@c_~DRjo4h_g(@R@d{-Incw5=}XJelk!c8t#{
z{}rR6XGAzobf)hN+9s#0VP>B9@??M$zTIb?`d1nsxrN=`Y|w>-obp0quz624dT|d|
z!|yf@>nVE&-)Gv2?ojN>Fz1R6IaL=|>SH$;Td223g?fhz+yd;T0|nU*8IKGOq|Skl
z9T7wEf0oBsg#WjB?9%0D%LeR(R~ldp(`zF&Ak)yY-KgFfBtM|%A2bqo_#MWj3f5kQ
z7nm}}P=jI+%xCc?Py}=8L>sH~!9M>!mChu*UgaNf@CdU?zzly|%UL($XU3M>Pk&{J
zT5Nwj{`uc57aocgXB*WyX8`Tz_o5s#9I*7hs|x043XHvUio~FSAbgNr#=8hrif}&V
zBri1u-~GGz<l3bF<31p#T^jw8h7~>k8TMj5F`KW{IIVX057;Mj=ByB7LD~_|sv?r-
z04<n*2IDgMcM0cd8K0-N<H$$j``kF{(m9pM{N5n{?Y-*o^TgICng7CK;4o0jvUv;4
zwgYad79TGYHVdfo%>rAT6hYb>@Y|dqn2z_~E1peuvj)ydz8O|HnDMD<qRcrgr~P(x
zROMEOmG!QngmR9`&u|%&=0L9)3Cr7S!`T%q4uW_dm-y^<xi5_V;X?DcR(}|PD1V=j
z0f&(0FNP;!r`5(Ry|A%RB=J;&c8Q)UA#F{1@X*W0PsDS6@Vy|I!yYLylnYt@m7cG~
zNlSV7Vj4{DGkX;4kcZb1eO+c)``MQcOg8hDD;=k<q_|?1zDw{U0uS#1)ljEpPvw{I
z^pxbo>G?y_1`nxyfSxLMrz$pYd+H4}eixoVd^D06eCLX0Nx`-IO*SiVOU&-m)<#Q@
zbXE*rD|a3BR}m%Tgmu?_z-(NuN33&A+$QQXe`f+S0sAm(2Jo!dz`0$IJ*bM5M6eqg
z#nj}e2(TKr2VoT$iOR7i_#>Fz>My}l4~@%-qRpcUrnlR4e>WA=*!*<DX}iW@q*FDJ
zP5+wXDtaL2J)ryp;AO)Ae}w;o+t|_rh^0%gmX@*m^7+RJ3|OO;wC&XV`$0&FzbuKP
zW2YK8+8~p5l9!N^$u<Ahb?*^+LVRF^aA)K5s|;K`F3@E$zJmcU*r8AlZo<3V|7rnL
zDw<{}OWLFbr6e(2{-0gn=m5AA*o!xOdVZ|$SG3t)f*&z3fv?w^)nHHJaPluC_SvF4
zuH_{u5dv!l7$&r(cuoXOT)s2m$jf);9f(^oz_f8}Hxn}{lSB@?CG)-e)1i*B*F3up
z_=`g-`$@*I8P_#_FO_`&)-mr3$V&ybE$h7+I2`8ys(rWfJxuLSSf-&HW@66%z@Eu#
zKF`=f@oyA)MvJBLpD1ECu6)(g=bzt=n`jY-yTy;GOU<ubc9(!JZB(FZ<iKHq`xnUy
zXJJp+aO5Q_wsOHS7POAM{-j_PtSEFpkq=DNT=9{g#cC@i29vP<&IgrAvYd@Js`0+Z
z&7%L9U3^Y{>?TMkZ*$)p8P$UO;;hrW(slECzJ4~V%X<G9QtO?L<J+MoAfKVej_1Oc
zH@cQA`9|1@FBi-vc6tl)B&CyIh94eMT_0k{#((xyMZ#mxFVH8{eGxm$Kc52=Kp^k`
zfo~!Qpw}m|ZeP7RNAPhf!R8XJdIbFv|7!WN1Tn&l>gr*I2IG1t(u*C4VM<{=M3%S{
z_B9tP*_3e!$%ii|Nk-Jc*kf_oZ7zp7^V-#BwP^CymNm&G@HN1m2L-US@A-o)=3TIS
ztuH@^six@Osz9WoR-RIoz12dzTMU@f`R~Q=oax-9Ye*0%KwcOg4pmG28{B5|s`)}+
zx<<OuQqe1OVymNOW;R&X?%VjbPQIMWviK=OKO0$WyE33RFb{7B!r9A`=H4+G4}I8r
z!?-r6&;N}Xn5g#a6R7)nd8q%6YM8Iz<7E7|f=yKUl)ymjL)2}b)ke?|tkXRLRKMH2
zQ6QCIo~X{3hra4W_7fM3oC4sDA}i_<*UOT}(Wkf47c5h&NmjH__xm^14&ON1q;9ec
zaL?wxL7)aJc>eAnCsSM|gMUIl2*v;Jy3nWRzv@DuUM{Zv_WIwd(C6<bkr7Qu@p?DB
z3=$E!tqLNBgh9X(9?{_231B=JXv4Litme%Xb)mD&Ij*>b@xYiaCTV4;crqps*wtb;
zz)u}p#?xQLaDnYyKf8atPpX-^CZN%Gm(ph|{!@(OO}6y;|HKReH6QPPo}2)d$%2f<
z5GExR_TYPhM)X`$iJi5bAtueqJ-b97dQAe$jgq-Vn8FtP07;XSKlfi@N@%`_P)40g
z@WJta8+@SsT-hI>ggXE1lGVlBCQJdf0nwy8?6+I`UA08M8^?sv9>79ZSg)M>_sU?B
z3fxoqr(5H3cSFp{1gs?2sZIe;U*I(*Md}Ve#qo;g_&sMx3i}(|V0Wtsrfk!#hQ~q|
z^)bc5Z{^M!GN(eEzc@HnG%V?Rg8Fmh3NtGP6xKNK)los^Gv}LEE3HJ1x?<yjhvg1;
z)n*y^Cp;tm5`>Az9z7P_0M#paPW8?@D+Y{9^Ka`R4n5S?N^f*Oql6rA^UaRV?i_gk
zEZX##q}A;Ug8|1tYD&yu!I<;Hah-EvXCs(^NM6HXjYBrNA1TGG*W16)DF_Gn)t!^q
zjc>LMH9|Uo*qcc3>{5PQz9P7q%mT_BW%@<%{Reh=r>QV!<$X^v`E_RuUv*x^coJW7
z(aO+-FOM0LHYO8br^qFt7w+PoKUmC>E#aP^?O7VA*f_3Sw0U7aOzeE$^IAUo)GWqv
zi)TM6>Z92{KIcS@pSvDXNjkTc>?n3zAd_$TS3hja<JyqIV+roh&fmjxsr;0z2547@
z_l1S0V?c)zsiknVddpBSQSdL1u(}L(THb{#KnmpYfrqge7z1iAa$=I+wi(7JfDe#e
zm+JwBxAL4m7hUyE9KZ9THH()uoC{4Kj`xF+b$DDL5+-zN-dS-(APmpoWO&gVh^d>G
zotAh9({y5;Nr`8VFe2Y=UXSGFzR^OG@Gq_3*GW=9tlokcr)CF<g?$xQ`n_asx`J*5
zLn6z3G7`Zb{;`(r#n>}vtZs4oFmVR<&7Af_g|$A19_Mfyyvq~~5m!Awi})^5P@4Gk
zv5aVzm}6*ggM=^e^u1-|vRN2>Hnaai<ha6$OGP8C84woPy52a8fSaZW_r<-0hSz;D
zb@(6oe<^~em@G+O%*6QFPwNAjJ+Zpu?&x&`;G3+7vTqMQ)6!8p?-9?kX*`o!mw%#>
z1b2FOL1-jasZ$<sk+jWV^fS5bBa+xC6n0JMygnxQ39T&6#ia7Od`}iInidL`GwpT)
zL5fxxK>8y!6oGvAuI6RYAPJ0OH7?K??n=b(FFXYwAcOkU`Flj)S{^~}UV#xP#h3MY
z(-gl=N0+W1l!zp?rM#`+I>J=Q&A`VPupu%h_Vub&X<J<pc}Jrxm3bF0gx!sbYCYZ6
zB&oJhH~E2^g}BP>iw!-hzaN019s^{(s4#7&pV5nYiPUz6#TZNnsEBCS(V_CIi>EUY
zF}70|nu$NBB3u-rWO2EU+#3GGl-ud6HWGS$2-m6ODOPPGCqCJ<%20RuoZJ&7gG<N9
zYE!P<c%eG}W~+tsKzv50f@5mduks*8h?9W$JFCF0AD`#5jNdnu<H?iD3+2);?jb@C
zW&2=y&i*;g1FfXJCyJy;KbK&lBWHj`sk|6|YxSm!h!f^@WKRMZfCZiAlb#a;T3T6A
zAEs$&vpvasKW;JE877snk>Z<m4yh`!JSF95dYEzB(=@ndznUoEzyaTe9#E=vC#4L(
zE#qi}fyu{iIL5AtB(g)Yh8URq-xog#F=9%Vc)fNy#x%q7()|GKNFcwDiX6~h!_>b0
z5#Y!GCL*bm%fCDmjtAfDj){z@Ln7h-&60(c@uy0o#5!0*UxWDXz!d|-lOB}F8%r);
z!m$xQ0XqX4&D6TE3XL-i;t`JxM84@%-m})RQ~W3^4~rm7tpfjT&aycI7F=i9hsRj3
z!Q}YV&06B)bR`&Bq?^pv!6oh8{_-4jK8vNK;LQxq9$|^Y|5TkXWf-ZH7cq71Dr;8p
zYcS`AIVxbTNo(fW1kFg2Iydq!Ny#E?lQ;M2+2#HM$1u=P=)U=h$zmV(Z|dFy9_=-~
zHNWG7ku?nJcj*=`%R8qO!CCf^PmUuz;KN`@M3;DC!?*LD1L-^cg=v9Efslkj%ZMwO
zd!T$jQatj%`u4ciH2pG7n&Zq+)Ql997ynPdb*tx+eEZxT6i@bf{(r;cf}y)i&?F<Z
z3D)`-n5aDC{Oum<9hC(9w&QbwXEmSQq+mpm%a^y9l#}5w`03AZ(a>dLXFHR3&8N#u
zE)xJq;F|KG!G0`q3lQkQBsd9};E<93I7t$d5qqzk4iM+0yrH}E4Ij1-#J&F@D6<16
zVB&~z<@uq&DJV~Pp5yqpv<4k}M9>>1VGLvp-J_o6uqXQZjKMN>yjw{Cz4w{;vWN)R
zfx87T0{bpb?Lyrr+$Vc<3fcLC+2b{QI}oSU0ZDMk$sUfaQANzPgLU$X_!N;h{lFJB
z51b`Qq;H0>`b)-V0y1us+^Z;$97Dz{7?Y<S$9lGZZ^PiWenC$6A<Q`egm3=wTmaKf
z+D|I}V}O_T^M^-S+qM4(R;{Q41KWM!3?eJQ^1CKOXI&W^6MCyQx$0`t|K24Hw9|j_
zt{*sEGRCj9|C=p?*zroHqob?Yk;3?!1->e`V&lm=bxC6E+o3D+f1E5n+ZhRef9N`1
zX{GtswE;d^XQv4T1>tNi-E?aW@f2o<%ejZ5V_+X9OG8C2fw~hwQNUX)5o5SiZ7jdW
zB<_)LyuY4fS}<>08GuFdr(mQo=USM-)3&v$o4048^c<_zTJehiV}!?dbF-|8^6f(u
z7nlS4MZ2Q59wBx>t^A3%Epu99OIxthPLW<fLC~GXRHdg&mmDVQl1#ZFOp;ojMAmf;
zY)Rnm48x2n#yotf-PJzYhXlRZ!A={*y_BcMVCG$9>!tolm%i|;g;Ivw3UoZIkq<1%
zv>K{;A2ytX*FF<ssUS)9gNXqht8<_Fn|cT=M>UP{P0QDM?X#&Qhe3kDZ|fT1=5Ou5
z&EYJf`{57Zd)%V?5Esi6@cEcrQCP7-S-_?Gm%erBKA4>B`_A<42^d=va1GETpoK_(
zAj$>~!x~_uO85F1khEf~c?}M)R=()-y+%kY1Ga(1{dNa7|ICdq{wb35g6=3J7U;|u
z7a<l75TOsZn>Ainnpj3siMEa05`}F)e4=OrR5u=z*cgj2Ak(+-d#KF_re_}m^9d8P
zXzJ#xKEM-g;NbU!UePp6zfxgwUS6B2z7vQ)^Aw_3W4Ls9>Juxg0OwfbaGZaihdzJ-
zwFqn_Y+9%g+=jLH3P2>&!q71MXARaJT&Z(zLSCn?25zebL3nhbpf(^)5PN&@^y2&s
z@2kgr_RobEjiU?KAqrtZCCb2UzTBN-Q61=KWoz}q8O0Jq9*0kWJ}JHFT@h4k9}tuJ
zFZHCU0x5TOobLFuO7tMnjkA&W@uC!P+QU1>_#W4p^sWHM=v-~<c?J)2dY-&IE{NbL
zenC4BPCt(py5oOKrgf|FLIq>iT#UZ`9Dr1oQIEHz0^z3F4nUy2*GjH>MCrtK6-a0#
zIRsr0OB}92C1~4;YC@tFyzs$tBxdMUOY}xOxnzr@w-IJ;S>OffA3XO!VxAVlf8_!L
zo`+M*exz+o&AvDU&<ijvebdXF_$5?c3_DG2L~@qBm3Qvg7#PjTt$Y`db){v>WFCa#
zgFYijTIb+%=gCJfTAOiw_oW*E+j=GA1LH>rhH&zQQstwVKpS2#*+>vti<`ARQj!Bq
z-+DL3Dj4KO-FKVS)~VMfr6L7`#a_a`?UAu?tJbiJ4%xPER0$}ER#6FU>4S3Ue=zkQ
z@Kpc(|2WR+;23dG_TEZXGP3t7q(VqSM%iR!9(!afLPS*3P*ln~qL58PGLD^n>?7j;
zcy+x$-{1ds>$<M@_3pgRdA^?G@qCQ?<9@$-3(DbhKV6E-I6V`>ZauMVZh6`cAeC|`
zPy)F_g(305m6kV-Z|L^hr!^`J*yKHj4aUN@?+cDAv28=|ohfjQZ<B@jU8d3R8lTP?
zvQ<iwY9tzpew^{2xK>(3ZTk14ir*yR<9X4doEdE2!?!0;yh@)kLJIwwocW(QFOM}A
z0Z`c#m;mMc*;r;}5<M&hBDJ60mAYaw7IC0D-Ibq{C-3p)y0%B@r)VmMN5DSb7fF7|
zy~u<coF&)sCrgs}*P7glNf)=EweRWSodDJmz+!}tmyhr?RjH<`a4UNA-B%6yo-r%j
zbE(q#4ivresF&?hOiKq9D%}P|?oe?Df6OqE213|uB|m4zzsn}^WuxAQq7?NS=Kq7{
zVAgH^1LpjkdY^Wx&EmQBIp`$$8ezV#r=d8{YubC~q1Clkkp>&j_n*|WuC5!zJeEH+
zf7R~;@rY=(;P3|^o8T!aGyU<FW)Dtt1y|$gBV2bQ3t9%XBL`o@YaM%q(a$NNLRntE
zdFPgRGdrC@y!E3q>`!gq%L)q%yU9c{i<<NTnLH+bO!3mz@`y1Ii}=5$)gNL>J&mfU
zNSSXtM_dEa+Y&e|N=Zj8J}Q+hoCQ|50iBFVzx(tm6mXc<jBgs09dX1A0yB0q=kX_8
zRda07TGy#j``TnwQGA6~L354o?=a3Klld+P76w7L{U3TQ305?k{5$dt1NZ6D)D6Ac
zU*G(&>$uhHP{2nxg|bQknw5%4XZxFnuWCe79yY(C0LZK;jd={T))fGk?Tn&MklkBg
zi&T}WxKKV36w#0SN1d>0?sB{2r)NH1e-f12&3$^9-u+fk$XFdr(E$5@As}C$C%9$#
z(Mwl`ikP6e&-_=+(d3$ZH_>=wr|28d!#*k9zTWSXP<E(@kIc>vc)vG@%?!IvI?Hs;
z7Pytv_WoqP2MVa;7SH&cde{{_xsHmNX{<CQY(_<zVoA{5|Fy{*Qv_`hPUhFxh6IVQ
zkt=4W2VXggN9^wnrL}gEgJZ_*F=veBD}gpjF|N}Ai(*0WW@OB0zC|E|*XU7Mr(;eA
zgtrD3YbUaNC>1b}QBG~?n%u7ib+K4<5MSg)?9^5`5V8lc30WYI)^82nK(qyJEx(^d
zA4VQTyKCbaaR-eDe@(fu{S}r{aK7()d^XaKitNTL{(9FlV0s%s^a5Oj=%CM>UUlbO
z#6AUR;^oo%e-@;GyspS&>7ECs$C$`;;G=qYbTPNIfzSRZd4X5-dSa<iYNQ~FcZN^}
z(e!LN^a&=~h+5L1)HDh3o(R*!Igpo7>2hB0R$l1^^pr4NlW4ebb7h=HLQZ|i_Lki4
zFB`A=GWtu|vt@5~vMc`L$X?H=thO+Jt#UDaYVkZzopQQKjEkAXb6fYr5%i!yWKf9v
zaPzVIN8r^6II^I`ln~N{#Q!D(?kcLyi_aqt_EqTmztUKu_hEAgUC=*I#aQ)RFfuFC
zr8Bo!%Te(TTw&$_gj2dF^cI79!C&dvN}s3XC!%Z@4*0bTjp1QGywg*GTns}9-T}Ae
zJdmU+-YY9R@dC4Fa{qMs*>})_^5`yKVqa7wFC%{b8nno{4pv?b=PJByi0x$}SCIlf
zces{sD1|sw^Wmw;EzxRm$#mq<lWJL{HBe^UN=5!k2kT8n-m-->zbsnvr_a%d&TlRJ
zFugXIA%G#VlM|VC&1zhNnC<@jq`l^zf#I9s30?*oPD#RGLgWn;ul!_W5yz?PgRTv7
z!Wg2qJ#<UU-P&-429Ii{?qOPbQpO_pu#4ehRT50n%Qk3QdI)R@Rvz7}3$Zz=+7jH-
z8U)xAFaKD_&X%<d|5E0EL9^#QFbf1l&~jT;|1je_nw%1I8zdQ^w^y6=^@WY*q9dTF
zZl1JRJc^zWkiPy^>`u9!zFjypg8Re7wQ@hafJOUjlO5k~s}ZB>{Hg8-gbUEqJOGk4
zCeZs_3N7B&7Mn{&mTrC5(9juDV!`Jx33s3%mwDh!C%YEQp`D>e>+VTQ8e~0rz*yjV
z_%k%ue4`O9%sJSOIM9b{;KwZ$hdMs8q6TQeMq_}>ONS8uIVRr%*lx<fkkT`p&tpXw
zXp*5EfPk<1=7I&{PnScRZMXlFLxrH;ZL@r@*c{0y$;&@sVs=&{4s59RKpK4~D#vQB
zMU7n|$&eB4uVW9rL+w2s&{l8$De34<t~h!5kYhx_b6Uf`2;T(UTSH`Gag>}mAip<*
zH~GqM(dM_(iYkt=9cL0CwEo<j&Gk;Y1w2CEk^-BeD8iK5fFbD0h#xH3RL5%jgS~iI
z7TwErrGGYq+ugnoV)g(}`E<a`@`Y`=$q*MXUu^L+6o^>6ze>d;H+t(AZD`9Kvpa=p
z)TOa%WV!7H)NV0{BNDP&ERz7pxpT8dR`M{QW58EH#Y1bdP{hqOWho$AecWJXKS@N8
zg<w>(X3OFl7F@De!DA`RLFl>pi!_7meDh7^QR-YEX7SzZ&asPM)d7BIdVfFhT|F2J
zbC`>7jYylVM{cG7W-yUVXAzvWId~z<<A)LQlCFrgc2PM{1sC@80@iz=Pb<7Xa=nkm
zu0eaXksvIKzIyFo=*G)3xH!sXY-_wV`#rA9<lkbaZbV7>C>{;E1or1horGPT;z;=J
zl0P*0&YhCx1mSHvgfM2lg2JHyaa+F~n%I7|dL@a^UKB+T-txrdE7tP2H1@7D)x|j1
zg1K5+v>1|2AT!4CdMd9y1ZA7c)M3L9uuQnu;eT)4F{c(~{1}YTzizG=yx({k@z?n8
zrTxp^(hCg6cO{C=-X5-Vn#dBM*~1>+hC7!4N-;?}Kz?hkumvn2Pb0=EuSS2QQwSO_
zBKAlem{;&l2(tuK_72nrdW~Pp&SwnT>C@-!1ODOS?tE%hDY!2zfzM6~*s_cPo`ILY
zkG2!I!S!+c*o7zQdv!6q6QM`NM+NY9gb>=a4N2(5Lg49qXMoQ3v0Z4o02_lw!X=d>
zWyrq=k__m;5d`iaPn|N=e^x!g6?g-TzD~N6w>)%sN!frd=KD&Gg2_QX3QrKwC_p7?
zTpT)rM&s~;k)~e<=@Jh<((ZH5M#jh&Qt*h8BbNi*c=!Oc4&fJlxttjCBz|lchp4B(
zqMv6^0FU^oy{2#E-`(x=%fs&}ME?CY@(?3Dq>QSNJNECPYiOWMsfbbQR~Q9HbOSoi
zF)IHJJ1Wu<0~Z~gwVM_EUR0{a_VS1u&?6uO8c%^n*1En38eM&@`yNaRP9mNF{De0p
zIaJaJ$DY%`J&$Mn4Ma~Kqji_AbvIp=0;r++)zfVc{@sB8`!o}L+N9(-bm&KE@G<@#
zet&Xl`2G3BU9<PApE<vYk0{=}`2Wp|5Hc@1mP0K6`>B6ZfXsxgo(8(1Bhok!nLJZ;
zIz6+fvb<|AzUWZ)IqLtdfon7nA9*}7qB{!DzQDjKi-C4KEogN+Q4gv$wp~YRVL*K3
zXi7RZ4ZwMexaZ{vV17rzQ<t5M7GWjG?_$7p)=vz1Hp~G1_GKv!*|1<jsTzeU!3br<
zyw3F<tsKQv-?Ca{(pbIb&ce|4i|S93zboI{Cw-VrEy>IlFfSInmxnd_f~96ZnZ<ve
z@vmI2wv&h<`!QL)8LW6$_C47<jc0_7d}ene8jN@ShnJPMhfgk7ZEuJ1nEGswuG~^z
zX_yTi+k6ptf|iK{^cH2nZ^OdH9<PJi5<#RS#I38J@T4OYp_}QUVDT0Y$39HMppK9j
zWzNcFq7CrwXrOj02k5Vm2I{+TW$2DCkYhYYG%8NFK@VmJP}zwBJ;1Bw2THQW*a!G`
zEponC_-wHd5g3kcSan1DtpphC!`FT+CZi4bV$gQC=7fW%?^qV7er|2;02K6b;54Ht
zKDwBM_BDw_sn2!>QBkKyrck>N*PQ#LN<Z+{ZQ%1~Aw_?tN;MpG9D?`!v*gfO1A|^O
zZmt?oN-4J}a~348VtRmASm^APWa1+qV6v)q%|P6XM{m;NGRUaWabzu_dU|n5A$t+f
z6#X^i0GzZN*2BO(K>0{eEf$SB1HX*d*inS1Z!lQ__XLD3t$ERtPYfc_``Y%vv1tye
z2l0zfvw?Z?%yP{n{Z9}qLS%1zfA{jg2bjHK3i^z3Bx<bsymm7@)Tw0;JaUL1cIktE
zxeBPpILjmlq{CP;$Yf{y=f4_)Cwr`~ua6_|M~N;i!r+MwnSKc3vS=~lq2>%zesZQt
zF&ro)eS!UQad-@9qgc3w<8@ImyF&KDutpYnXH#QgP6_CACMkLOyW%p3OztuWk;6MM
zVOYp%_UtpJ{R|_~FdFzHp=%Ef(fv;^9v270RQCB(lT{iSMZ@Mywx9qx6ERBz0%yc)
zjT#J*N4`NCBX|9)0g>tz$z90a8Gg>Wkb6iEC4}`wDV|AQWCvTCar{M%z|`L=ZTS2;
zQ?8;<$s(|NLDR6aouC^#bpnP$?aCqKyS({(fsBh?EwrYkr6rw~8m7Tk%O3dD*MJGb
z7(4^RIP{sbFnM1Gv?u>J-2eWY&jqH#?{l(c78$iwI@y|y;Mh&b-knf9O`rJh#qgf+
zfhGA#E-BbFS$J?y-vph7o(m`7m=MxNChI2?@YpM$bt|EXK4a-kT_pOWF08ig)K7Rs
zV~~0g_~05#Aui?)uyG}Wf8~V5&wd7W*kd4Zl|&cqR(68gjPT2MNXZp>mw$h*P!GeG
zz6RbO@pC0HFVhHNLf8v1N1C5H;$ft@DP(nChp6bYA+*Zvk{g0?VENJMdLT`8JyYsR
z1Ljq(^H2)R{)ltIq%b)r^WcY@6`zNJR>bnw#_y|+OkAgtIZBVb1HWt&9H0a%f-}b8
z{jy*0*!~|D;0n-XK`Zj1cI1=Dhp!<Y4!Eu){eQ#6*)xhEI~Hg!fplTZ{$|r`W@Hb{
zSD0QaCu|G>9GSzlld`g<kPFSQm-K+GlYm7HQa>{*j#Bx%F~H~`(^bt(P7|u!CEsd<
zk{6VQ6w%!9`znno^*v&<Jf~{BF}&Fs6tMNYcxLrV3sNY&ot`9jCSoGIoatZ?GYsn|
z_1?ySsd<(2*)G2;&;?VKZ@deuD{vbRx_?t~oSxYDX2z>`2W*uQ`_U}ncU#E*JfacE
z*wX$Q4)4EryN`h-aC@s{!Bk0(V-(agfZggLZBCy7Hi{0hQR3k2%SVe><In~0f;+PC
zlvNxau|5@+FYm%%&VN_pM7|51g@@o*j*@pabkG2Q20q*+$5{>M2=9Ut)KATZWM_Ge
z%T2=~nKeC_buO%8_+HJU_C46Ce%`E7!Z-r+13ZJ8;}#r4tN;o;taPAIihZIG@Nc&X
zT>Fxp0TECKLTbY$WX}P+;?X@C4lR@rftI}VV<@;#Vejv3BX5N)nlQ3xzSc@&OqEnP
z@Pds)L+k1wbGXGOt#A16tZSg`U}CmWOj2MHq*-xOQ%=EqtF2|;;~!-`hUEO%^>4s*
zy6Y2w4<!qfiv~T1xhjL<Yx4s=UD@F$s8FC=cQ@bjL*i}ZRPimMmp?2>-jlwHN}i7m
z6LF2yj6@Z!pkU{>U=;%vbB{oLTk`Os;AdwJBQP~#sIWg98ITaLwhJ1kSYWs-c>DkF
zh9KZ^hx#9A9&-Es>>i?_g@zZ^Kt1BG1opy94WaLy2d)Z|pM)1sXqM=ugq@j&284g{
zL<5i?tu0pdWU~C52V^R!V5&k@k*yI$Mn3>+swCiEmVuZ%WU5WzZ^uh}8ere5FhLX+
zec`3u{cPlg@Ed4s$vUvAw!>J?dL2Jptp<B`p+`pF0L5r%4~~5vjUNbk^#j3Q0@tAw
z5wNTbI0!O2fU$`pm0F$&qX5>@yN7I7l$?pgK%VdisBPMSsJ0Y@I)rroy^ttOHwB2E
zy(2V=;al}k<3buZUXwqI`7oizD4>c>=M5)mf*Y-;^>4T`=s#Oa$3c9qQU&NQ7#&X@
zej@^-y3u`HUl&G20AYtrpzqWvU6RZD&q8-<fd!N}si|y$pFv}5KY-)318jaR<KBY>
zl<}tjra=SM0NZc-KKBY7Rty#gS|vB?RQHF$nI^w=jQ8IbEEZ1B%R2^_?j49<d=zA>
zfB&=*LFQH%X6vJgJw#0Xb-{k(W)Cz5J&MVZ;Sv~d5V5#wHt6$)eJyGw+A$H6;RIhH
z1)coA<sqZqGqwlc#TV9v{nYg%ufTS~p^QJQsw_et!VG^Cec|Z^L*kWxw?`!n4k#-x
zl$4Yp;u{w1Os$MKIBJ64{jRdqI;Y8FCY_v|+Tb7xgo#xb{Wk$;^kD-0&uc{+;D^xr
zq)CPp)BC{Q^M>k6-+y*MBNzEeYL!}H@>)jw)R5XP#a3g~masHXL}@mu31RI8ao(`m
z7^rS;8G^y`p8qQDHdt9aQ==~)_`iY4;($`XXy6)>1F+x`X?1phsSzpU%F{zx@DT@0
z)eRx{R2u&Gk1S9&AE!%nL<~O8oq7u7C&EeNRF4k2?jDiCP$KuM+4M=+js<AA@<bA9
z5siTIe}~!wvj~o<QI4cX{;KbT837HP*NdG8r;wTce}4$9upJtStIqK4&oF!p8&Etc
zg+qb<x8L3hrxzAV(#JQyot(ut!@Q`6F8(}8ZIy`!K8q<xR^&jE!5EzP6H0pYNyz-w
z@q2fj`te)y7pG@UQ+`MAVQTbkGKz4#*_tN&XnT7*Vu9y?KJ;saWtzsnbMqaIu+^QF
zC4!#7P~IUb-divg#V*}EhWLJTccJR>Hl8N9@ikBZqS9{tLQPkHDU5{<EQ=}bV-XuD
z;~k)nvJi@tlA3zoQ>5N_G`>{^S*J)-Xjf7a0D{`pIlECE)IMUq;(1nt$(eeMQkX@~
zq=Pv&x+i<hAm+b?H{k1p&C#qvzF3GBxQ7QX@3>eyy$`g$tQzppc)+RT!#%)~zywp=
z`;;CUnS$0ruJ8+`KN+a4vhk3R6o7Ey_3z(`63E?0Oe0JB8wQFUvNyg<9PqT%8uC%W
z_xq70=VXHCA%vtfEFMjF{96k<?BF}EBG8Vsq32aw{Pe9Z2945&FPG-pIl@$V7$<r8
z1BO2J#HH6d6O)r3Cq3!2kwJ$Fo0Xdj-&68?Gz_vb4Qf%_85*guH)k=dQpj<D2Fy1F
z>JfIJiQ?pi<x>6c6y@f^sY(=$f0PmV69eqweK)+`8WyYmw=2@&)>OMf{m)49&70mo
zEsPL~i2v_8=f&{thr@#RzxA-;U7k51l<o(srR4G%%!ND}xHle_k3h)D2b5=Tx@wfn
zkf$(m<fTlXf0hB$j$m)v%(?+V9p+)j95$(wA=#W1|1yyNh=X*dpz!~GL>=S5ICu{9
z*F+(2wmvCdcL!Z3sDWGI7PZqwy%my%*dN-!QckpXYl54TuE9tBK$`H%v2_YK#u%m?
zcO;nFGLd(ng9S6jxQ{hl1~*Lm*#F!0j7BiCTB51WSsK!q2SW~U)F98v-w$rCy?>Jn
ztj_=LMf5$`y6NQWt3p_D&_yIU9^D3m`2nHCHSc_MANfA43|iz&E+0EP`x?l$>fG*<
zlaqx@Pk*Ma?>ZBP2FIXA(%_JHXUle3FGfCZABX}5vm9V_ag*l;lMmK-&%S@U%8(C*
z*&|J+nV0A!Vk)ymkTGaDF)R8^#AHicGEa}nO+iN)!mxAwcifqzm2eR7eSwSP8n~ed
zHE-^)b)G(QNHR<bAXJwQ1d`>wE`s2D!4YA(q?Us|V`9HH)xHKDVe=NNAQ^Yf_l6tK
z|C!aucd#P$!k-ol@D6AwFo^-nb8Ysqi(ecBC%utVid=A`@R=pmga5aU(ls#D1!`f|
zz(+0tg(A$=my2Ki&kuh2occkO0|fEc@R8(iXYft`7D|zN7y@=#sA<1H*xzk-quhNf
z4fcoDR5D%<^#ToECqKC31G&3!Ct>OT4GwIr%J#6I@3)JV?a5LNY$CLS&%YtwN?4qd
z8WSmA1Cs4%pKbd1=rjKt=SKr1JNYk8vZ}Oadv5>3LIf<|^v~(R|6b(Z>$oFUKHz*e
z`L9?FYwJ8Y*Io@o8Hwff>yA>t0+>ifT>?a3zM$c%m)#{NFAK*?|FcS;5mOr@4pPtM
zHTwK_46{V0f7{ue`DakEp(sdP<d8@~>~gMVL}f>Yx3FowYQ<+Gmo$+3e+_C<Zv4mp
zT>ucOFj|3#X}BJw*7`y}_mw1wV&9|Gj~$yB_alR!S7T~xBd+R=>Y*4lBFDTKr49G<
zgEVy{nKN`46Soh1LQ%*~NYF@h#YOC|G%6vx@c=tm8~CygrdHOe4QqVzy+oiVBTcAr
z&#NUW)}z9E;Z?0R-ar`ieo?k96gD3nZqU*$V{p)lW)Dx8I&Z*NhepCd$RROLS-{%)
z1*K5?u0T9N+1VOj1ZROX8_ANc5d%SP8h|Z-3Z);#L2j-CXtcy2pna{vM-$p%Dnn&}
z^Qs6$TrzXe?XpR^7k!uqwmIR|bQauGQ3kM!6TEj^{SbGoRV4;bQ+g5+QJjYD{7jk$
zH5%|c3N=Pw)hT10hX))4h`D-Z!2jCZD!50b4_`g^cGg~;=y7TV%E@;;M?M(B8Spse
zNiVMm8#KE4j;Sy%9gDv@<Wd-{2O>#)NIB84$aya2e|}Ar9t^<MwTon5`UN2pc7i5i
zXSp<aT{ajbCSN+w7)6PL0;&#_ghi3V8nXPpHNaks=%FyZ#VJkE@OP#_Py|PYoGh$?
zS{(YLCZZ_umbObq@jM}ZGR3ioUl`mn^WnwY=w~{x&5WwrUkyg#!SO2vz1+8K6^}K|
z3BUG_R;rO99-_}9MuBgu$n^o0{oJL`-Q-kvVY2Om*W8eJ4y;oqly_aNx*?ar`?aBS
z-<u}1st3EYo)2bx3?sNi4%YS#)YBkG<PJ_0oT!N3t9DEne)6EDK*Y`6|8o2#-PN9%
z#UvouUDv8WA!`sREjW1&xHVHY=D!&?fCxmJbgo4n{Bnca<G8pCd<3<SsHm~6Emz<F
zLg)^-ZQt!3aXEztQRub=M!_k_vc8!nDgDMHz7Cx}WH6%i$auJwo!i^##VEo9Vo2)=
zqA(My=iA8BHEIy2DOqJ#m|O}2JoUB}9FQ{|Nv>GBNlnpEKlAJE!!rE4>1w}TAuQtA
z;~uoRq-#V{3yFvrRXKM}LA59w)bP-xx$i+-6b+|lG9D5&U~=!iYz5j>Cs34<wa1g$
zq!vZf)4@XGy^#$~Ktpv`42-ZnzUamsDszI(H4!Cx#MpW4`T`B04#N-&!W=-S=zRdg
z+igt?%+k=H<~xv4@2%H1`gi3VZGw*r2CeO#tOs<7`Aa)hH%RwHFiecRg=O~oRX&UF
z(zAz1@Xysz$e{#7Ev(bIaBi^}uP~C``#=M6Qsnv)f=8j;#ZN(VBptyuz(w)Z7QVOZ
z6mRwCM`$1}e<8CCh149_&p)%Zy5r8`icZ?qokk&-38A#liAkD@+?aOH@=Dl6&ku7V
zZvCZ+HbYRc&4eA=0ePgAf!l~0EaE+^|J8e3US2K>EV`E(!|Qc)b&(S?4K+fR_-1~f
zSnQk7laZ0(Xy~i)adct7vFASiG4@YYObl8aM4~sAM{Hhvm_JtZxjFx%zCDyW`d?hG
zC9-3$s-7q4561Kj7r-0!D4iVDL<v1WyGs$zF`ZUby-dR*@q6GnqZkfB5Ojbq>I8`%
zCQi=dQgy^Ah>|X+i!ciC$V1q5?)W{2@hB}eP~dyA?g9#D>5T{bHgShJMd0mDX{&_h
zb@h&Iz;KP=<Z6$-qPSIxe}@<H#T3G1{Q7ek;@Y(A6E+r*#<+Hao~zCa?Jh_RTp2w9
zWoMS4MaCana8Npk<INOv82-}Bsw83puS$@axw-iiuz8|ZPQT~^KXLy6&f^qlL;N`A
z2Z)fI($Z4n<pa2a-$(^b);~X;bU6;nZ-zkX=P%NC07#OJoL^WHcGZ<PY$F4}O!}k1
zbAGT#SN^8bjP0cJZ7(nM3Jp6BB-Y!`o2r)0^)5rPEq(LGom4U6bJ;AecpKQ%Z^M-c
zq-cv^5LNN$!bNYVM4kZh%)?q-3|xw4fKmyjE`O#%1YJZN3k$f|cO@zLevcoG{}Bp~
z5C_wtz7z@#Fg4Su;7aKbBKCJ?WkDc57-EQeCX$sC65|~kOlCRpr|4d%1o72xjXHUE
z+<oG*W2hCD&ubYxS1EX(wWSooWq$t1ZF+tyD6#oT&TI9*ialKnC^;uzu}jD?-^^bH
z%lHNUBMB*xSEs1xM-@<aSxE_(^x4o_mtTJoUp65`>@K~Nb!fqq(KIy%uGj?w1?)6Z
z^||rly&j;X9;!Eg`2!Ob{)tee8e-u%&w9eTv=(*G#u=A(@(>VPFa<>d?&9(r24xD;
z_Ajr-%YmG0GhGY6IGbv<w8(Z+UP)I#PQ&0&m4hgx84E6^&M_fV7{Lz|wGT{`y&jUg
zGu$RCKubsw8DC^(Wbi-KPqQ!$nVB&m2$s$QWA*nANDyhKgtd;nqBR5X0TP4l)7kxj
z1Pe)+n3a_^Js!`?!u7fi5~o#1No{xb5lJ&DURt{5=rnGM7>ce!RhxsB*4FilqU0TL
z>%Ck2>T3@%S7-z6zbm@34&OMDbo@ekGi_>+yi=Z!htg4!l^8yH4BX?e&Z+jSP49}A
zmxAbQ%)X*_dKSKxKRoaUjYT9S;lDJrsqV8y+D5WML9!v+K3=fMrzj7A_;Pdg4Z)*{
zFS7DEC~_KB3BTGg1xptZ7aG+LM<72m%9V#YHz#tMq9H?s`R6t8>ja^CfBOn5Vsri*
zM>NQsUpTteW|K-0Q-L3=3$9vbBb@en_pP!w(p8^@TfzuyoEDv<sOpsv)Z)GZF(Ly|
zizMhdc9HP7tZa_lrhr|ehT(IEGd(Kk0DvK7b0#2P=}!MpV3-DO$RdrrB2^q8b?73h
z5$X^h1eb0odlMp;uRF5-%6|)F!e`CTK~>vJa`w~#R)fPcW@;ah3{F}oB>{U*T-u>0
z3HcFoWjUo#CY{IWFRIYj2((PU?vOk`PLZbKFf<bTo3DUUAQV76zJE7=RA3O1f-)$x
zn-CkE`ZU=X={p4;(k$Xc$4)V*v5>W;rLl!M4F^voidL)tP$5As+ZPh8^G#y_0Gs-)
zOZe0z9O>_35SG+D<c{Nq+lVbSG%1l9ZAcJgM1NG$28HvHq!n<13L3ovM}r?rmU@3q
zO+nWQ+q>abPN40;tHuT+H-J~Ss}DVO4I{}L&42Nv$|`tt1NSGS8c14k^xRL2??Dc(
z_l##-1FDrl_7&UgXTHS@3DoEYxKS0F5N`I;d3sCo$6yV~2>x0QG>a^phf_uNnk4<;
zBshV~Wx}9V;P9JS`PZOo+`t0(JbgB;X}m8D`OVT9U7Cr0rML7tUYOb*3VG#7gu8GG
z`{0yhd=-O0BWMA9XT$0<B8P*&sncZ9fJ|9j(dJy4(NSf3_1}(<@C>IN0<fMaPqbRg
z8k9>;byC*WgXm@-mj0`grpMvM#eFc@99rwZm^s(TU%meJm*)T@zfTL?tNW8p`U#@_
z+KvkBwcpy*;@y1#sh0_mCAT&)*>~eyLx{4o@`zpneZZ&H^?06J1_w(JI1iXzd{`Xu
z^=A8G)ArZLJ}UrZ+Stp?_$fI&z%;)Pc$hDjcg(ckX+#_$vE=H|H-(}R4)4N~PI?Zs
z^oXzMJ$?SH4n7(mPsNMkDGV;4-UY=?C%9z$p#a+TI?nGZ@lT0n<wMQiAxtFVQ1fnD
z`bD`I79dEqxp9+k;|MhmAw^&NnA^iq+Wpi|6i+Lax#)iak#v$zvvFEcEi<X`k6hoG
z-Xly2iZE@A3fJTY7tsWE?LYl62_uV-^s2+)U#o`6jdG%R&}wzF*j2IX81gjiec+UD
zhbqY95-tI56H2*KGd+Wp45yFxsd#7m34itHT`)KIShx9#n;~=e^>~^zpWN5Drf%GL
z)0NtQ=ORfOuc-<=n&~4K$ZZ2rW9N%T`Cbp4B6&7RVmPUTAmSh6G^&e(V9Ou2+*t)-
zIk8@J=n)c;@K9P%>&ENr%jkW`fj%t^5_%YkUjeT5N0;O9`ip8Rq=X;(&6=0F3Stw~
zA!vLQtT*rM^rCqg_4<9VAW?Ob-L)WNPer2I`w{uYg`Wm^PI&E6vx!qe>4$Nk<~g5J
z^6IFGeG}rYg??V-??iqTtbKrj)AGlw)}fN)_-Fj2b3%+0zY^ZW|KO&&;-f12#vVt;
zpc-%p=t4_<)?v5)IO8u?lE8*Q9NHl#xT&N__UpNgf~rCC<wG&Ed`=iz>W7-dNonbr
zV^7~X#*;@Nn?p(~JzbKir}BpO{EgC4y{FgYnTT=Vg>o8oGB0*5G~du5yP^W>Mc=Fj
z5B{!1#4rgU8y(f<`B5LQk4sa$6*L4`g%{(pm>wLN{%sYGem%iDs*hY+oOV~aQa^2C
z`v9z5CP@kQpfrjns@|zRQ#Nqf_GqpZ9pA-uNd9fCBs|prO<$M;TvBs`uO2?i`h1c=
z($Lo9jhW*UqMD29W9WBw{vo>jCWM7sI+D2@L~CwU-UAx}=42&~X&oK1{)fnc#ajg7
zP!#^k`6rOY({9aEjZM@@Un9i3$t~W61Z@mj;yCf1sA7y4W32#A8gZHr`3JCD!|N1J
zca0k0wf^^kK`pOx>iB=r;%Ox=HAh<T==X@;E-(3!Y_Hbf%*s3nw7w2rcMf04jd*(I
zYH=Bb+B!Oag1f4K@yY1mvr8vIS|qOObm=rDJNcm!d|ISoN#Z`lE8A&BpO*K*4R~WN
zLvL1<p%H+VIDrhQc5b%E&xion+-!KcIr6vQTTO2S*zsz>;K*az_3vfDiYUzr-?k{0
zJ#C(B0Zjk5Eh-lb`0Q<PJt|EZ#9Mg-dMunWt#xoeIr6ybV&S5qV)S%U<8af>n8sX6
zhcX8<`7fH#8R{7+JrfMymFjads-oMgLj)v{;;~WtDFm}7buR&`Rj$?!2{wDI!G8e9
zv*`00lmetc2{`%@^)*3qWyZ?qc$Y$Z<@%ZZl$!t!x5iQ`6`e!Jb#cM-T`~;S0txUB
zVJxIJPIXY-`dRIkWieTXXP5~2qMx4`d5xk$+-=}Vf?%Y>3B=J#+RgWBP?}hL_qqwZ
zjKa&QXQ@eI#B=$RU<I=Pxc&vQLQ{|OJu^W8;}REreCgxIv;{1PNCL|ft=M1S8($AR
zn<tk+#S^5V>jT&lCrCfc|NUI=T0>Pk28>9)BR7AzT~)vE<`f4#4zfs-vVfd=55<-G
zJe><JpMu{%c_OB&Lc@6uyYRH)MgOrnv4q$db|~{dKLQF4nVFddJbS<sWCT9^HMriH
zczIWzCDHmEK-uE@TlT@cf&zDO9E0<ddh<8eFTP}37YIQ-mDxJKuS$I06D`z#WgSl<
zSzf;`s^`=wa$X8G^bWYt*B}AU#LayIYS$US-((D<zF5}-@R2}a{?L5j?Y?vU+|9QD
z^R%v90l~LpGq12g8-4m0e}lI<)(?TsJrEW;0-}mo$tplTsS@3)0aRoJ)k=R&04ZI1
z8HvY5={AR~)IUy+1whb(06O5A%{vo5=f`L6m1xyN4#l^XJ5Z5A?bu8SjTFn#N}u*j
z;k=Q~H%-ZD8<`es1jHwvn3$+;6X2w-fmBLQU^MzQ9}#>uBhYAV|J(x0d{#wC?u0aY
z4?OdaU?VOn0~mr2fs{e+M!$XwbFO~zb;pJa)Q-+c1%dB-fgq^OrZPi(+N=!-8|`3l
zVJ~*Rw0&<5MX$%(O<AeC2(5ZzO3G$%9hUUuxPuDfncjhn^LbXjm-SnDN#PP^y~GvJ
zs_>x+l@PhT&&<sH%`vTU_RF0Pw={m@_Tn74mpbjd5jxjyEIckM?AgkDdQoa^{cF@_
z!REq`<D8}L^45w=?Ma#s7TZ&0B9;pwRXIk_)TTpL$P={0cz3dgm9>d72QmQOJ8N?y
ze1v$segd6CPak#-$!h&oM$4*95c>tWC=bGB?zvpx(k3(l@?;GOdSIVyV2|$~cHk^w
z(&A;ey-oR2E#Q!Cv%jy=VN?WAoFV0e`lGbTKvFh8E2Z)c>V!VuIgtqBo84skiN&~+
zpIsSLH_{0lG3#tySkhzD?Yo-`59?*6tUjukX|W}PW%>MjLV}-Plb2IW)8p-I(5b6+
zV#Z)5LS+o_u^Iqjl3PZ~V8X0f5J@QPp!-w~sL`6>l2eXu=h)pcq)^kk%C}d=Od`%V
zJKiS!(U8Z4UT}d1gJ)_i#hTb@;`fJA5<CdPM_rpl&vF#*H|HwQW|&u`V^G`oOt2ev
z#O!^!6Jpd;xN3LLGXTf?BvwmErL}^3QWr)+Wq{|4Y&Ik@;d5{|c44zroAc%GAZ~L+
zs%vo(I*N~&q0jvjZ$|43n5Ox%m9OPlaYDD&2(2wGzf}_!8X@1bVTTFlaz4cYDo`ee
zyh7jmPS<g$fcK;lKn1sm5TvTJ;NCC-Y|$oB!hwj;%zxxLpiFDvCyuA%a(Jm?K?htI
z9J6mO@8y56?F~GBI5l5!vhH;<YlcQC^8+gNewXyET^&Ba=K6j*YS{+Mu|am1F>QXJ
zIq19<k|?22Rz56@<HPI$IPQisN6Zkx{)7$?kymX#I8pa!S<4?-`$PeSk^%n8<^8>N
z)4zK$+hd#3&!MG_kH|Qd7X1cP2)@Qp>alQhq4Y#fZiIk0-2n^p{9Zu%uYJhQ9a}!v
zw+T5_GpU9QRlqU%-3nqmTzk~D?RB&tC1wFCrvGZ;gA%*um=;bn@ef}Z$6Fu4`lgO(
zcRJU$50O%dwaY=zyo~-23-H0XkuWF_4?B0N^XQ4qj7Vr%YaRXQ%Zc6xOq;(CQpUj|
z{ua*BElKno!A1RW8x8IZt-;B=qNY3}h4O1EE)fbZrD?%hRdu45FdXFhm{6`~(=Oh<
zqa_KqDi`>#cy(*(d?jePKl7jn7dnb+QkIF>554r({T`2y7CCdNR4pX3!X(j|BO!4f
zX6{)NjR}VOY_xUTaa6qVW+_K5w>`gY+mg_yLno>t(>53xmwRT<W~P(!=O*v7BEe`K
z$b_7_$i?y21I*L&xhd?Gd5>Y&%Ed{)dhm=^RFB)S7lYLi^q+8j`x3cjgty0b-H#Im
z%du^cyeRWYGw`64N$NylpI~=zV(83o3o&eG6UIQ#rX4DgrJszwE2&Wk?#D6&TR|O?
z?#Ql`lYi>QBl!twfCB&Bcy-T@i)#7X=8~aeWGn^7-QU9?K9S-JbcD?OiVn7HgMAEm
zOJ%xK<eZp2Gr?;SGmzZot=W0?2A`I##fSX`w`Vp`Z_am45*X=)_-W7Z(cqjmPdDWs
z&PcsY;R=JOwxEr{x1tVRdktbp&()jB#hi{s)&O67BaefYrvt|M$1ZAn=+C~;kr2(D
z068w%=5DmCG?E|(?bq^2hh#cf!3-JG>V5|J2esy3Z<odjwy$+O+S%h8Wkb9f+@!}1
z9Itq+20;ljJG*7@_6PTZBWQ3B@~#3o>HVG-E!3r>y*wd{GM7M|GjpMhG4XWR>0b&j
zE)6{DW*W!tBV}U{y12gYkPs%JcOm`SK)1`<Gnbq1U-oFyoN=<nzc^&2CUfKNS4KwD
zn}?&_OlMy0oPM#GYrQ!Om-zilsU1)&8Jo?)Y4y4IU#-trXHnccLb`O}&q*78Y$>(&
zu_}mb=Q_1>1-aSxyNa~<FzcFUKJ=w;(b)yc1rZ+~{Czid<z08hyRM6v9?11TTJ70C
zJuD8R7#1<|g&x23)GkF{LXV$qaqg0m-Pv3U$&&vsNwvEd7o#Qi)~krGyj)<VE=#P!
zvK2C>KC+&+nHQemxer|tl{~UOQ{j;jz)KO%f*Ny=)iC?XAhSX`v~tquf}jpn;a`m-
zsP_3XZa^z#D+Zjg?kSl2rd)5oAL?>x0|~!iAhrH;{h#iM{&d$Ge7Xf@n58BGHHOM+
z;|I@cjvEteR*GlXn~HT9MR~nZDl)(o#o`s<_3KWzX;nFVqUkD$t_ixptK%bbg%;<u
zeY#N5N2}_$&`0JguSz7vps`O3BGY~wK!}QV<VgKs+X6L1w>mYWB+kR}e$ZP|9-yxq
zOcT}K&9q;Dehu5ON1=HQ9lAk?7c}O|l(FC5g<@HMPiV~blFB0-i<(=qM_y|=zkvXB
zA&@QU{CMp(aNbb*EC3J?q2Vvo^UKksS8r8?;$l{I_K_3mu_F$XA#E4MQhDmnVKW!b
za>|L>sU4_T7lz4SdUPi7+n0CRaYDv@C39=DMdxI_?F$xvGM`{j%|5ofr37KC*AGeE
z@6Qq$zy6pXI;DI4`<Xk@RNRotjPjq$6c`I%NFS+vI6WFN;MDs-C^3~~XY+>`yOOL)
zz*5p(fOM8#>p0>zD1C9a!bTxSWy|X6GaFXH%O8X~>VjYS?o6}GdRUi?CPx&VI&NW7
zcsr9xxF1p!LgKb0hr2bgw2n?qQC5KQH=<!R$ypvb?;kimTf_~hw<tgamN@=wR5#j<
ztan{rZ0bpm^jsdcy7X2;ue<Q*``JSOxnByGUeruD6csM6#;H>@C}h{wetruCPAYX!
zVaGoMtJ8J*Wc6`-Btjc+V~SU+xLEP1WFN$l&H7SrU&HQ_*tygUTCm*Q&y{NpIL?7r
zi1@&r;MzShEqXzJ{K5m>KFtEE^=wW0@iI{UN{2F5c^364du&vqE@fVYS%KnevhlIy
zTX{v6c8OVOYDpRTJcf55-2o}xAn{8~$>}=xr1?!)q*5~qRkMV}#f=`Brri<H?U$nN
zd%yJ7-)&4ySLAF`*7?UJ(1;rIRnM^FF12shDfU|{mREE;zTCmg8D@UDGvGud1nq1L
zxCU>26T0+4PEXz|^=>S!l)(#Ift&MFna*A2QwRG!{J-8Q!zZ2Q21M;f!<EnV_v-*U
zy!Vsd`b@cOfO`QAvHU#qeSwCX3rCh5XF9FkxO~2?bD2)gBhMHTW9hR+rr^OiIsuz3
z4BGI^9X~IIMJi6|>!T{VMt6*IinS*pr6I?zC~e59vb?yu6$sTQ8}px6^l?S1f_9MP
zw$}oiCQ@)D?}!yD9IUQOVsz!_R8R19Humn^fE>k-(YCrc|4+mZfeYWy)^90V#&Nq<
zL*tqOxa>EJ3F6Vi(D8W<nj(<OXT6lTxZ#R6qjst4)<rRTUY^H1q~LW)gQh6<wU4x`
z$7+5&SC%qWy~8)#qu*Yl%UazNcUUUP3A_mMLz!iIDHkqP^680~re>Xcn7N^ZB|$H#
zQIT5v>%f=VrvpvWmq)V746`omEW8vuIz#MyX~ih`Q14TFOQInZ<37;r6>DdqFW~}K
z0)7iT2>)v<8y=b&x>Ke-)01{b$&cxqHbch#TF2_zXh>pap=AGun^BVHy<YEq=Q5A~
z(3RR<on)m@W08@n&z7K~S45BN5q~@8G~HKi)7u#KTYViCQvJ*>%+A{h4qv=vK;_9u
zZic`ud;S)d{}<#!NyfH^DJW}Glt39X2aHo!Q9Yj8`gjH$@4SQ$cJ8Eer&*ecHMpwx
zV;T908N+1dcl**4#t-&a4&+KH3xk5T(zujL_?1ag<|hP&s~*$&5(fcR_$zOD(DjK|
z)CgJ39O*bw!BgcWzx2y`mdE2_*i9_yhh0AZz+=(tIhQ^Ww1c3}NMzxMen&e0>ahpo
z-{SErgEG2=bLydk{2oI>2D9DbYg1X`w=`I<$~XRHDf`G(7|it@K-bAAki->&Y_aQR
zIs<Q^(B}Mfe^JE7xoSy0!km6{J?8Mol8J`hey8pNt9!}{dfoSvGiwwx0Ng%R{@A<#
z)p)TYIYK?`v=N6~n=m9zz8vi5EPm%n2pUYGz)yT)WmS67WySTrO4PqmagiEM`VJ42
zTfvP^BT|>{2oX{>u;_5H*DXtc>PCQFPl5`iuBaXEL*Sn$nYozs9u%7-iH4|LOW#Eb
z8F{B=+pm4wJ4(W2h@0_g|JiP2%kl~$!j)W76Pp_+`uAyt<R$?`;3eMNI9O<kSb8J$
ze)&T(&)zfiKC@}5!E@^z!?}JpIAoc(h>X`KQ}74N%JFr(p3iRWuFoF)(1u@+v)4w;
zmn@B~r2njPykD$N3JfA1)=Vo3{O#QroputvyokfEj40a$EZ@F+v7+19{aG996`h5T
zXqi3Cr8Osph(2w=E2~%6{p6%Z7l7-C&sf6=+0&zdpQ7mt6P1?=ed{QoTseHB*+RG?
zk;)BCsF0^doeD?YZbGwu7^~@4&=<aK;D5b-dKReDKr3rl01!+UoBl<}ys9Cejjtc0
z|G1nb<G7y*$n)S+kK<VXjK`lZGcQY)At~0KzGhVN`P(Gn`a4gI<NKh&YO`WvN21S(
zx``~2PxDtVwh#`s@|&OIy?XgBUjNZuW*6QvYkDuL`E9~A)4o^~3*)j1$qHmAif?Vo
z0VXn8nLM6e$*D6}=;!NC{LOKnZW#2QRVeFtdQs*BGkFLTvlLAz*YBktQkUf2YuKXG
zbSb(yYpNdmOeRw$=%=L)j70XA4V>a>)Qa^Vxuh|+yr?P0Y~zYJes|xMha~SWo_rkU
zcJXQMkOjxK6jF;gEM$M~zv<cr1WX6g<5t2!bt7NSZQ{&*I$T<HJJ_mBAc($r@-@%{
z*l7Ez{5%ixgzwm=q$i)0q>cc4{#T#5pH;KM@owj&D6eV~*Fy4jTd^cl_4@)RT|PhA
z4kO^50AHSb$)A$0CRdkg)XS+=GpJ+uJ?m66gCo4G;#{BLrISDK#-kOMuP;2$6VXqt
zVI^Vun#c!(*BykesAaI)8DxTh`qZFI{F%anCs9A|<Ky+iCO^C0lM%E?<qdS@3V&=O
z&Jma<%`3s8wy$Vix!^r=a}JP3Nnf92%+U3f+bCQN-|ORV+>3HoEsv5BoV%|a;@n+V
zQ-K>H<6@#@;39kyXi8WKbV<{V&_1gwK@)o3)YLVFHqPvf>zG}-zQpSNKq2SN>xrB)
zTA80yvZ`s0YAGwyZnNADPDb0_Zc2-}RFV?TNIXZ_{pN!8jKenqq<9MYYz}`MIJ9e^
zO@Pj$U>`-)u6vbAm!ebhIvIx3p$Z^80H~}meMl1r9@n<pF<<}l(laOY!Mr)p>`CKX
z-W3bl^W#=-{Z{ZN^Bc|LC#Gn>Rf>q(S&>FJ__TfBV;Ru8f*G_RRAJjb{rGf~cD-r-
z+x?aFR(A<@b|z?bZ;`MOdE%cD-lLj1{O+Zbtxv4Z-<`)Thq=W1LbeR%wHXo}#~KcT
zi06miWI<EaMoom#j~AKNRgV<ud9q^ymW0ZTS$#rxpX)%0)D1cv09r_G&aU(KPen@#
zmv~=ofT7;<aAyDOvQl~XCx54(+E|+NhMaNu{yb|+^0H9Cs7iayp08nn{MnUHjji2z
z!skRyjcz3}WqxgJbUGsW%rWIsjhO?hMEaAHE<*L*R}JSzF9))6sUJvCKeskCN@h8I
z_sQSgHw=TxGu=FYi>cIx9#e&c?g&4^Z^v@1@Z&Ii5W%b&mf#tbd;{2oP;ZZtB+$OA
zDOwks0BG==|B2C^;~~OCN3}l&6L!J6=6MP^8|Gy~;lIr^JHz|&I3|UwQ7sa7678xX
zMi<O8TTF^1=X8^7nM$(4e|co~H`KSB%@aEJ*rYvH*jQ+OdrY|ansIy03`f1fpNf}4
z&eKMQ95Pz{$1LxXnxcjO444YfeX|sHo-<E`9w12xTd_8VyA>wfhHl@_a6w<-#9+ha
zOe%)EB(*T1)unf*#;mk*BtHxqc#PUkd``VcUZ{9;z7d>}8%u%#GiTn2`h2FlOgD9X
z=z{FpRL0b7QBLmWg7B>Y5yL!b&3<r3ZZIrvw@}gY1a6W3D4XC`jw_AoqeMjQ8F5~|
zU*yuz5{CHisIlc(4cW%NQJPPr*}|;fOTVV~=D$T5v8G<Gz0ldbe!us_8=d>=QmiZ|
z`deqO51Q$|zCjnh7D=9I{V=Wt5HLPjqQ-zb&OBH7fM)OOpH1QSro29jBgd)lD;xW6
zFJ}&wChG8C)6|Q*HREXUEWPI3Lm{^b9YZOLGZf+dy~RxR9{Gv^E8lfBUcj?%dqF<n
zGPHCTNhSKtJc;KKP~D%-5nip|mWyXwJX>LPZuhK|rHSmmA%XMeUJd-9K2OF}jvZ4g
z?ogDsV9>^^4nlWf_3LY&n2QF*&kqkp$EHhljnowrX_FeDEzb%%<zG;BRpwS1IVPlD
zbk3agh8v<tD!vOt${YRaoLk57;yE-e(BeqPh|ELP=WrocS0@hYoUq>^YkE9!;PFDw
z>)TDd>URBKa&msdbceTLkM<JhwF!^?7sbS%+aymCuWG7`!^?lkGMy*Ce7I_7>0NSr
z*g*eArRSgL@9d6{9_kx!D2%xpnDrCKGb`*={|0a9^IoQ-`f?%oP;yfB?sC?klAn<C
zvTY(bU1romWp3vUgXhI%(BU*6{fXPqdu$m^nQ8qvRp?+P!gHxlH<e1wr#U{Py0v1=
znt`=Ah)(A(2qsWmI)M~#p{74T#{&JfcWo)DB9vvD{({4qi_XK^g6G*Z-SId-6>dht
zqZm}9=jAe`Afo;AYRh+?m(yYu05C1&Rks=!3fY~!E87r3Fz@{W`Q2$iHf&o3HQyZS
zG{dx5;&{hu-|4Iji_cm<XS(nqVSj@5=xD+@ONM=D6g_e<H#cwCQ#1e6Se5j5*ZBI<
z(7`R@m5{TtFKWB%@evc$@1I$mFg$+QI`eZX2($7ke?N{}AuTH>0-7&*6hQ6wwYxRc
zWOI!8QvdD>2W%}yXh+y9tB?*bxAs&Zw*@Xmz|!#0A>2wLgVtS@p~==2`8AW5Wcf9U
zn!5TA$5)`(n{|xEI1CUstsNh21f$_~ojRGH(;=9w$l_`*VVjnM+I7OOGAzbUu!Zo>
zZ9orTG(vY)8pn2=gHJngR)xNAN#S`uy1da}c8W*6UW;P0K=1_*mF4*lH<>S>nywCS
zXvIpVG)bM)s-Jk3&~&hAnbH)vx0P=LN-Ym?Q%^73)bAzqq~*)%Hb-HPMaM?PP1dXu
z9DQ(?W2)!B2~V%Kep_Ew^f$=-e4DZL?g=J!_uM#i*_eM;%QNdTs`#r6$8fH6;b2II
zUlz5v4|>Z`^43xc8-I8sTIS=p*;_jq-7xYq+Ds&Z!`F;~T~-Hac-IV~=TO-qov*Ms
z@g7{*H|V;H93WBfZ_7h%>j1%lgB0$DA6dD0$Oa%mrVu=7;2+}O+<`c0jZn(*b*eGZ
zaepx`RgSWqk%K?SjSe1IyW85D=(j9rpSADdIYKh(^#qVd`n3+pm?5<BranVB3r}b*
z3#$CI_k;Cm6D_Oc+Pj4>Mm@QrbXhpL%wjQmdmo(p*rf>$EcZ{}lvAevXd}tD&<#oV
z;ar)_;fL|gFL3ed?=7VaE37Ya>8A$KA$NRk@H+aAMy6em=EUa|=GIq^nTo-$X`BO5
zygZw~Q#geKKGXRCfr89=lgB3iUGXLA`&NP6{V!`x%!l6IspdFUz<;{@=0ehBE3fc;
z&K2}Q(b~p9lo8+Z;(KYoM@~n?2zMFMVLHipPqZb)9LvD;G_juG2q+^8r(G7z4%gRa
z>$&l=UPMeNTK$OzyITrMz2Euv)=Vyvh5S8xKX5by^o0e5;Quh+aRR(5n+1-+=Fe72
z&dbJBiz*HUlW(XC?lU6L9$Fw_$MsO}?umR6W>Gu;3$J$c@DPA2*f!N3&!oYj)1rb4
z7jHLtjac_k=ve1VUyY)JN(I1+sxR#Is2_y3V*%LqJc@UEgz>sO%g<PyDd;cE0?4l+
zh~Qixy}R+FyIT7(USa8LZ>0t!CJJwAYMPVCEcyj1OyUTVm=MiyniXokUccU+t>~Mm
zDh6Vj`IN@_rxpG>H7)?H`STtrDzzW%Z>ztD)^tgB4-3=*)C6TiN#07Kq)NLGNa!20
z3LV$@`89%riykz2da;8Vau{8V-osPZvyU;T7aS`yDx;cM4b>w9oL};pd=^n!R=XqH
zu7^2Fzf|@3o||ECMsS1_#L-TEZSqh#-swZQ&Up8*Ae}+4pMWWG?$UH40WQ(j{Nu=d
zA0XpM4u7S+=SW31e%*DlHH}q;p@g?s4S)@_yHHPSR-=&P8$^=t3J_tz!~K4a&<%ie
zfUwIr#7NHb6Zr|?q27EC>31h+<H&?!><GD{-^^{G0@8vWVIja<WI=Yb4U{K0JM(UI
z7!d@sSX)%PpIyb_dYJ#Ex0Stg8!;!MPT*WI18#i+IluISC;3O;p0K{Pb$i>DzGzat
z=;ne0e0>C~;}6>`enEW^!_^7f+dJ#EklkgdCmV%sZjD^>pzNb)HEBQ|ei2MlDY-I)
zoo$d0`p&nvN_B+<hoWD<*q$qZ>b4oLdsqC^bA<RLxm{{bNY;l2Edi4TUk-nJWCGY=
z{p&wooH%v;s~PT~U9{*)Jns_J?laj>I=4Z|Q5@K9azOw5OO4OuhD*XqYZzubIVI($
zz!xLJ%gePEGu`)(li2&u>+4^kyH6eP>$R}8-tB}en4`eQ_}^I{ha;}?JfY}K<))t-
z{p+x(IyCso(D%n>x2AAaiG$GpfVik8K{8Wy`e{wlWHO-Fpq%;LBRpuAf1e+X8i5Ya
zv)Mf-x&IA(0;+NXKz+;@-&}m~X*@&`#YaT2qgRz&k>CM(^V|k`RJIUmB3o#jH96Dv
zJ$8ibhctJf42d`aM#?&sSN+9o6p<abA3d_Q64;h>RK}O&oxQh_rQKavFSaF4>=GoV
zaVNufO_W{#CRc8&be4wo(X1M_k@Y{gC(@8fX0wg`i#>o&e;=M2ZKF%>9oid$LS(Cr
z4e~UhSK3z_68N!bTv|Fu(AX6%a`kxaTU(3eQSfq#57eDI*>tDon-COVz0sljBm6co
zbPlsGp;=(9SDQh%^FnVgfl-4_t%{4HPzo;8duxe8SaZ~<1s{F+InUG4LDCL;MYra~
zT?Vl#dvWi0CmMn5;AfsOuIPk-9d-`czN%$7c?aV7omQ>AJC=5Rhu$I?^*so?AY)*9
zeNSa#eKn-cxr^g)t&hhg>QEJic;Ac{tTGTFY7E!X>_IX4dci&*4+X-$yQ)*?MnPF!
z{1HwsJ#qytU`VLt6s9NVELLlqPU}>6#q7w?Z$UEOqJCfRA%6Ss{qg&ZT5vCnl^QZ{
z_D?dPPhG!?)QHbd-ZDCrlFo$*bgIV<N`eS=+ydKGC8!Sd9jd|ZT0+Ed>tHox2jF~0
zV+~<PkI~Pzwzl4|4M%#6fcq(m=GUN-#>mkE@*3a=*|htCy|3ZYmzd7}=$;T(4qOmT
z?GCCe4OfhnCc#B_9x6p^fX+Ovy05tCBImSTv);@wy%oGZg`?t0M^VtkP|An!<II>K
zj*9Qs*@9kSdlS@M7LvhxikIXnG;QyGeYkm}>qulA8y;Ms4giXLs~}sUG!J6uiG@yX
z%Xhqezy$Ns?c>BgHB-KNL<7?7d@_4D;Fm`pEeYhF0=uOhjzV?o*(IvmA)QKp53G;g
zBtB4l>yh=O%0+k{K#MH?Mx^ZvwLh2MRfMHN{WgY*r+3_Csz-`dcDnYRKn~E3wF9Gs
z6qWV6yCW$akY`Kw&m|rc$R;aRBSqItm~l;12{@*<Bano%vW#-kXo0jyKv|fZT2xq^
z)m44E!@tSuaKN{<S_R;l>+<BKi&}jtuv7?S^$m^KTmEz2f`QA!2qd`+8#O$p=pR!w
zuD0jC@w@NCG$zAKZaD3uCNOn{w_rjCdBz^#bY5PrXf{~-em0Yx*6q*O?;3FQbIZ?v
z>#ja_vBi<XVIWP!h0>Y6uc^r{W{1F_bvV7B;V><#g=sR7?IUkI^-lvn0i;EtMXt|)
zNm>xF!l6McjK&Gq3v`oN>SNRa!?Z=5f5_h>^>iI@^JjIH-|nRp@h^J=!1vg^4;jWM
z(TeUtu^GmJi&=uO6lWG=FJ}$*D-*EJrDI|5*vBr1{L0Q1^EpIm(3vfM&~5qHBy-O+
z^|~^CRi2WU*3)u4ja$ANQvTMJ=UsyKUe&k=lAi}?hr&1iUN)u#A!G-L&ERS-Us%>&
z0F=!@2o>%M)U%N;(oGk?na;jw4PuL62bnK9XRHPv!RG;{=N2Gb-*g6maI%0~Vg2i)
zS5LoRt{Yf-Ga8ieP<{8z#EoxjgS?1U&)r!Uei0TTI(s{cLKrN+q15@$74P4E)E%V>
z4Rnm{jepEL!MnOY=%a1(${{w~8K#U11yd#g>)RZ4|9)oVQH+%}q1FUTvqs2PR|x<#
z!~pg_ldzEiAUZZ=V@4kE$FV-%882(qZ0Pg=WV87bGyd5yD;<P{;E$JuYage)f$eNJ
z)6K=fh&b)5%Z<_uUr}uUiOnPuo4b{atQ&0mpIW~Ac>MP!8)W2`PiwiR@$a2`^W({U
zB8A$=u-j%u(Blx|aa>A>ya<7!$D}Ag8(RX5s+n`_%?(S0UE+<L!pG|Xt$rj<;v<?C
zDDndUynmZ)G^}O3S^1z#VXO@xr>BHOp*l0)r#-Ajzl8LkePF}$wh$ijVN~{ri<}<d
z4RXv>K_h8GQj@}Bp!=AlOqH`CXn0Kw)>@W?@1Bj&!FloEcyE#_TmFA!y=7FCUD*B&
z!vI6i0Ma!yf=V|-4W*=rf`pWS0#Z^k(lK-hC>^4hNT`5>G=m^z08&E;NDe)O^51hm
z&$HIM*89PGEkAf)bH(2KjN|y7!7BoH_Sdf5EK<#KXl~d*4MmF(rlY!?9E8483-Y@M
z48v(Xu5HAP@s~w-3B%zKQ8pqe*4VOeS*Dv!SFR5N)+DIwipoR7>UC|(TNU(yf76Cu
zdN&sX(?r`SgukZVr)57k{79!%NJ$zMJ4|SgRSpYTHMe;OnoT6BpZiaS>?H>vm+c|2
z1FZ?Dqc2PKrZUN6!(B%tET5;i&B}Cy64ng|%30DLr$0Q_7LYI!o(XvAr&-L0sE-G)
zGzQeNw^TI#k<{j@w8Pad*m;!x3#Qtjn*Z_2g{3A#W<9Sp4~vqtP#Ry6(0?GS5hLmV
zoC7mf9pZ){ZsOV-9bNaLR(wDq%HeLsj=avplyZkmC5rdTE6|Sr4uyCn?g(E|2F}%t
z%fEiaq-Wfy$mmH61yBi+iSx05j>r@+MJuzn&k*RIYuM~FB?x5Q5jeL6^wO`@{KYxk
zLI~5(hWV6zOP|l^%SVowFVeY$kBbzJ7Rc;!fk~I-wsfaJN;CFngb8YliUDe}`_O@l
zgy~Ez>r%vO%wCcH0pGd+*GxDzB9^*#qEHJ<*;*+-43r6@b?)$nF}r}&=f&M&>*ooQ
zR<9}&&u3Iabl8)lURQnkqLTQ+Aq-58SFRhrt<=>1QS9}<vA4FBb01(MdTuR)MQUq}
z+%Sxp#QSZzDLEjVdnmO^z|R0r@i4Q^L2ZHLzbOn@MQ1b<GV76cq5r1^nEgI12;6*T
zP(dqjs<8}iaCDrJVsM~}Tz!UHy&ZB=LxxREoJ)3MhalOA#iLq6d#p~cLF9PjcsBgx
zZ5>ItNf-lhhY_%L>@SnTF4iBgi2V<7oqWO*Z4fFoxQAicLqKvmM=ZYT(YZSd{NE;{
zers>*S05U-&D|90y}{U=4#gmWL~V;sY6iHH9r+;FS-|TAb*1l|3#6dTBa2M_R1K=x
zr70U-W0Uc}kBvl?0Hr_ES+)0o8}=mwse5r7-x-ry!RA47p#x?9v6c13CkN^$>vgpe
zXW<{tsj-k0if0Bd7zTeTc#WH%rST>K9ng!m!)zVyG3V`=)qTUwsE#KMd_&IvUvsc9
zUWvR3cKSvO0R67FB<ic0@kq;a{hNmE%XH<=Rv$$Y;IJC-KcRX6Bu}gD0A3Sat7S-A
z`?WEC1s^V@Jc4frP}P>=z}*j&--<QQPAyq{OF^gU%30~$AvGVSYv`#{N(5+U(~{nx
z--RGNNSiB?q3dpu49uA7Of6-S*d#{v1Q@vq1(8LRt!g0zLtuRP!MPd$l<F;epsxsz
z{mW5?QdY;YkwbN)NFfjk&<Nt+4gh&PrF85%IKeL=h#=6-0G6vB&X{!TARe5;O(2h<
zbe~N*mYevhRlU*o>I|6OJ?T;5=>qFca?J!d>9uhWb(GzddQ<b-O^UgeTP(s9(oQM|
z(!aup0t4hQsCtK`6M;qrUa=dSfN+igl#T~->Sx?a_wLh1+>lxN`z`eLFf7&@@4^E<
zp#?ID+Fy7wB8!<i(oih*^V1(d1;$PW#{oRj<DOaf!K=$x*oqu~J^IlsA|^%`#0V%Z
zf<QpiQktc3_0Hke?5#_r_oZ0^tQP}?Dwgj$|AKApB8Y$-GJ-GM-)^VoUwJG%>g9Hi
z$lM*p#Zv{kos+^BE|`!|xS*41*0Lh9_t>%j++;dQ{1akSK_TZKqPhRwa;K9?(-1%v
z_&9X*p$i1od8xU%HmA@3>$&*}_x+k18CIj0%oH}pMeZ1T;^*;)Bmw7w=yODgh3S|j
zXyg}xQ1MJImY$y&GbE1<bA@ZiEVItofSuT{+sjD+P8G!;Z&7;%cwPlaR%ggvQz(j&
zSNpq*+R!?LUjmm=>jV6`Tyn6e^t+!u;KaAK^|@+W&6XrL#koj}XVrkxdVbiVr5->?
zKE)+kcamTW-Kx#}xT?qv6CPuoVpm;!X8<<F7?)!H>HeL4@eV3=rmv4Q9E@2m)o_wj
z+a}8X#DzmXnSZb~nX6~WUX}1(<Y}suW_w+<85`(SK>x=z@wUwX$r$nusgLZkz(Q0!
z{RDa}%jiM~H7%*08G5B4+vQ4zZ7DQ=!^!&su1#uiT=3+N7^X`T01RWr>XOW28%}T*
za+m%x4P=<V{ei~OL@9pRk!}w-(#Ku~-mvR@63p|jJxC4RQ11<DYv-%{n9xd4)F`Hr
z7Q-r{-I*)We1ucSpC@d~VgC61dT#{KX-}!ErTL`bgkCGWO96{uD-f+58`~xD#(*4c
zbyj0yVdF_i(L>T|ajOEfl0s@qgA|Ukl05i7piK+nYrp_0;Rjje*fSHQX;!Yz^<g^7
zR$jL}7h&KT2a45%gd>m<=J(KAt!Dgu1&RUrKl{N=gOst3l=hxmHss6&Deu0UE?#$C
zaFg-ehI#jp6@H<OfstKfZ&;UW8Jq2*T$3K-ODGh&Mx{mu+tOYl-=mP(c-auYeI0+3
z^=BJ<b^QjgJso4D7zwv{Xl2iDa`Itx@$YVaxGX0gS@60|GkCL*o<mw|69k^_&rF|2
zuoC>v5%V@66jHg>4cfb|>Gdx2fd?d)#7rY9;$L$>Fk@4&K4V1eQp?`xmAgD_r#<a6
zYgJ7bo2d+(fipBy+4FrK)L0wTM?Ql%a}Xl?geGLq#l=OTYU;ncTPz2%l5$f4^-<8+
z9c~DNVY=#^Ysf~DV-%|({B$&XbH2*oDX3)92pq6el1d85L#*&Z{aT<@@*Nejsc~+M
zuzW%134@o;18J|O&Wlg6roca>N7aL+r-c*okqvg3zD`diQ24N4X;3tSM6CUMD+>yw
z582psJ%EJ5y|8&KADmBLRo?j)3b-;ca2nFjrJJL$5%S8yDLnu3G?fNaUP;^NMe&Og
zfJ|GkB+{D_rM{1qQ|NlOcJ0CW`{Yhd0NKdUuN`CF%g$~(zzu3zcQ7?`j^{52a3^>H
zDAQ|)2eD8QQPEc~;@P<&pTUNFd^V2IYV_gp(&N!&Bbzuk2J7*BVuKe-p`vy}`~)eg
zfrJlFS{$L5KX#krYf;<T@!GpUznB_9wvtqEVu4}=-3P*S!1}n11jy#NB8T*05t#7#
zfKKuAvBUZcj+b<Jyk~)l@r)KuMnk*|9zVa;k^^R2ud)qobmu*=)`UvkCy!$CQJnue
zQoDoK#S0Bk=ZV7$(wJwlZ+olAovjd0kAaZabE-)RqS-Xh)oR*Wc_K@PS(l1rV7r*-
zLfGah<R)X0GFGR-q;S&-N|Q+6(#Fej-a0^8#l@29r2z{@>vHLJE~M`j!T##%mQ&~w
zZC$=QqyhcJ6>~6f)=)r>B>3(cCOHDRBx!wAV<pjNq>4)M-Qc*3DIA!^PkL|uk{l$|
zUcl(|=ZZR!Ft`x<BA1#;iLosRWGUd9NZ{yMZPy>6kKJ=!Za;k9K;^uE=uFeo705>t
zwg5ur>!Vcbn=ZYbVBIP~k~#L8JVpdH)YpLt%z@vX0iN$tF-0Hy789=l4inq3nas;$
zhAqjl6odm8naDG)G-zRHG(m|CmMf$a<<ltfJJL|#8Wc$S5Nc__T9A#r>L>8?Mb+}l
zVaiy|+GTt=?5>xJkliwH)Hb8>E)Zm_1r&-@#i64zSYZ#l3Z0X=^6tPr(>v>nb?y`1
ztS5OAv-EnuU7?CffAs|04`#MYMUt}H`i7<UUT4bC^~@+BBd5*Jq)z6Lm%5kIp`u(F
zxz4R@hW`X>3mh+3at_knpRX&yk(?Pv0Z+am+Bg@uKE>!<CJ<ey*^H>F`?2x9hCG`J
zI??{W((hD(!s6F!!*FJ-JgJkGsc7;3G1L%$6`WxhA$o}WP;nsNPQo%jUj!^d*(alT
z%%kMtLEeMY)VRn$G!NiJ>tTWK2rHM&8P32fcfY?V)72qL3_f=1rSQstaOS1qtF?Et
zgE&nk)>9m1;!^I3&tO>x^>uL)K~6PtUm+gPBVs&CQ^Av-4B1h+&x~~i*UeN9E34sk
zFG<-ed{H&s`Y?=PyFE>kcDu|;JF>_M7BTi}vaCkBz(F18fGytv3~SN@Rzz2typAdI
zfAZ_qdy+vm7Cz9qOhXJ_VncQ?8;Lo0_<OL(HrTG_g#N#5`oTqIP5mgJr21I>46R(S
z;E$XE!~rb~jwNiNq9sQv;qp^~F~FWynB-Ld2S0jY799`Q3#r-miC<P*><NPt2{S_1
z-UHzwm;Rq$KxO_R;RZj0L|W!H{c@Z7Gy5K!^RWt?=e{DUlJ>d>JXm+~+!IK_8=$8k
zcF4iGHb;tE7*~I8vMj#_PR^GxXa&F6Pi?zQmyQ6=rs6E^K8_TH)2@^%F+uo0*!q5?
zF=8C{t)ep$92Ow>iGFzzn|8nd1rMWHbLIPf!>=g=dio!>OViVN!F@mhrYn4Sc&8m)
z2>glSH~xhAs7>bJ6>`|0BUyO{^-*RPE>sP?Ou0uA+@GaUk~RMYmI+-vJ~R{;G*qmS
z|AM?`U-=eURQi`i{dpKEp`9!M7vi{4rW03q=!A%(7$7PEHbE2)fMWP<cJ(}gS^po{
ziiU0=3!xbz^c|l;PIi~-s;E#9?~ir_mmCl?{S6KoN1g%;a!Ejd1~|(WEEITc1_Zhg
z*JEhgSEwQU%S@njTk)`?DP0*8vaIpUUVnp4ii$ujLww;K4d)FxNR7`BjXe^0%Hu)^
zKs{@Y`H!hGYc?w079C<b#-tUT-bH?iXUX4NKgU+{D}F=RQ4M@j9}9M{9MbA1$~fDW
z2Z0|B^W2L^uC>7j2&F=3Du#0{$WysWhE~@MVBKPDDpxeRd-oOJ8*kv5X5&G}v|TbU
zjr<iQrDGin%+8acxowueZu1oDy>cnk6#p-$^wYo$NU0*Wxke3{;k1}bw;-;}Z3!Mr
zxhzpWQ^_HwU8ZajSG)RWLIK!Hi$tZvhzTZ=)gEa1j)8#ltNss%uA>EWNgnhIjp&aL
zPlC?<1Ac2khxirOC9<dpV0xulg;s;?e*6*Xu&HGd_`&YXj+_GX9ySJeBB%O@YRy99
zL4QG25j;*{di!A;ZA>Aa5eQ%utJ;!YeO!DPuijRY=;<cC15=kCo8<NNta{11w%$20
zSF~1@lh^AGx)`SLMSuMiv5$tC5QfRhkWGMTcwt-TQB5tA1C+l%zI;-)jyuHxK-~9|
z1wOAy!5GMBx05Y9byrF}@$z2Og)vgXS^SxjClE~{KH%;=9m#{?;ak8w0;DsSk6C!K
z?d$IqC7n7o1@{X@oV`6udxM(cTaRn&U2dEk5xWoazY~&M$G}U_pIYb&qzec<iWUI{
zBd2NeQ~w|PDE#J+*N@$-B60e!<S_)n19(j?{Ob#RQc@xi{U4ARCwF-kN$!3S#0^qh
z=~>IM!Sic8xW>*7!s{HQZoG#dBIK69zz7o?1L!GafnP?)h*1D=0eujgS@|k~&^Dpj
zT$|1B$vC9vFEP>}d>OECJa|OeILE!)bjXrvo|eH#o|V00KyUuFr4%WYW)0paLM>2U
zog3miCD3|STYLN2uqK4xNfGpqo`!FB_PKWbb8#2gy(bMAGcw>NCuvVfu-S%70EgU4
ziAy2do@xmT21X4{lvbw8_=k2|My3!@3Mf3(HU!bbJhyE%F#wQ)-H+mLix6ruteZn>
zXfYuU1Z0}EiK|}Z7~lLfHf9~z+&881D)24r1{$Nu6^nAdxJ{mZIY#nE)qTE$4pWLv
z-H!=?-qHG37(N1aJfR229?eQn*|?R`yBDs8&HyA3$y~6)g8z~5h<26}$c6(qITpg&
z0_%SkY=$rZMp7V2cQW?I#!}bUe2|;rcjFvyl(fEX4|$j2^_N$FXHDp@&@uA;m(cQ3
zXW_MFpr{USe0wkX`3klej^2ct|JpFw)I(gV_g~!mG0&&Ya+F*X87ap9*O8t4th@b!
z*KbB{MdNqgQw=piQPXk2J^4o&Ut`b!f2GK^0Scf$r^&(zw#$#ltAv07eQjXUW6Gfi
zFVsan_q=NMhT#||KmR+m;c-CCS9%w%2IANF7!r=px&W-4a5pAYhg0>1q{|WUZ3%~{
z06SIZAILP2BfcIpDOR@;$d_{;(KZ|cJT&M8ZHjtd&+BZ<|7jgq#PfiVi5+1}6Qv2}
zH#CCYTA>=Pp-(&$2vJ?tNNARxvAWF2A0Xhj_10G@K7$jk;+upL2xcLtfU)M(0(Gy#
z!#j>-U}qrkRq^R&RQ%?!!z)a__FuFwZE&iBmQ&}#IY#QfCkz6UDgXdpzoha}2f2<I
zjR_MVY|qg!sVBv?1w?mR5}Q6l_{&t4edBm3G1fxfoH|%ALf{>QujYh6;68BdXM^yE
z=KC?Rk=IZ8C(k6W`TcD3aE$bQ3XGO2bdA=_`%8vz06cW|OI?4B1UXO*t0ftZrEF0Y
za(0?-0hZ6}xgx{wWLv1gyJb#?9E`&9*9hIg6^NNcJxHrsHTR}jXE1x~V|aNICDpP1
zO$*^%X_wC6yFiNl8`y4t%K5<J_TNiieqo_o9)4<3Zdx)Jq`Z8l;xqS0=kHYibIMf}
z&GpGjcQT6;vMqz_7qSnackO1>#ngH-2?3-C@V!tmAHP2#N$3%M?N1H{q^eCQVeWTi
z<ZSKj<ZuoW#FuL~jR_^+HL%c0J2a3Z`S`)4AB>$L8Rn`Z&A2{4i#l3liF({^iDevp
zK4*ST#~bdRILwbBn=ic(tJZP9`iWKpB0L;~%k~YW?WQ67$OA+jO_&|iH`!!U;nVz4
z{rX!#OckpO=&^9&s4dz7!~K*kfx<sJApj&9u+O~stM{Hv^WX8to<`Y<5d95y;g@Y1
zTg|&^;q1pC7<dd6DWS(TlHNg4Ov_wQRBKpfDMame@l8xq5Oa%T)Qym4L~$AGcZ0L7
zvqA{J-VlH(<?Da5bG41~$>)SsBe4sbp*s~lE8vUDp&5?(k4BUY8q@rYQtMYc<<j2|
z!A7)ulqzBmvR9A5K0Und(?B(N2?V^GdqC4@6}xcC4n+l}X1?NVJoa;=cOUotM{gwP
zi)SCauzrtwQ22BbBz}QTk?~2Ne9PPUV3^pP`7pY(t@EH-gXIH&?|^#prilioAi*iN
zzny%smGcvM8!|H&7Ycd3wm&*i^B`LZAWOJp`*9#t(yNW5ny4+RvHo#3Xg;=U?A7ld
z3$|dQNU1p&v4KrAphZOtGHajjRWTP1c1<sD)v%=$OMHwHW%x&&aUeNm>&xdt!2jMw
zbsM+sl*YvBx)8cv(|bCj__a}lbi)6y;M0}^20FtC9a^Vkf@$GwG>1XFQtY>o%lq_E
zOi?NJw?bYZoRc~m0U%@;&MW*p68ONBLaM0gIZB<`)jG$^^gYhY)=vX%=*@4pfnJ!a
zHM+<f76Nm?2F0d!@P+(CVz;N`ihP7x>Ja4%5_<ApomGnGsXEIj%TfnI3{_GeNLN!&
ztaHhGlqQOqQ&2UXtD2LqJ}C~{1gmS?E#66}2Sb8`2fwSCjM{SE({Sp5-cHySD5EUA
zm-a~PnO+Hs>t=GkYV|ojzrv`tL0EAjB~5E@%?Z<F%?hq?QK;@=@zSVezSsJSkOj<3
z_v{IaFXS7k;?i^n)RE&&oMsT^-vE);hd|(BA$3YdT#0vSQSS-K*mx#I*UiMVw1a&=
zP{ITxO3HAwF-z)R0_mICHxt-QC76foA=H@Cn<}pj!HF<#h56af$E%X(_6&s>$`af=
zxYNw7V0N8X&VYUK&NwYpELL6iSW8N$YhH~;hX|@s-*@jC+C@RKJQ5QV^ZziEX<GA?
z8oGe?RgnxR%%K;KKo#+uyYpP6J#<~5?Svuo?l?tzN_<FY$dpsMCWE3&X5@0TWJsyg
zI(%PWoDMA)bP-6Io-XggAt@mbr>Mintw3#I93egG?-CVX)9GgR^_!jBV^MCW?r|q_
zvGu)Df*ADkNJ@<pHB3$Q3IE6cf85y)>?Ewjyl+}f{yW*LoDhD8U}1Z$NnqnI-qul6
zzQKgLs?D!@-%wATi*ZAzYXSduL?E{2=_%;-{?XKa-w}{XNv8fC#u<HsV^E@yUpF-u
zj8f3&z2<w<DRT~d5XXvldpIPXrOJOB*TxMNYkgL8jJ-BF{sT8v?c46`0R#tw{Mz`=
z6QG%{A+*_O$qO&FO{lM{mO5p|HEMU3_ux10T&%nDC^e4fxObjm&Qf{O{re$}JU8l+
zIyjFzJBwNX$Bjs`BAG=tPoMtp-E_vJ0Erta^-A#LRZc->YEOns_uZIU5#<zH7u7$*
z&j`5-M=LCPtcV+1FOd?II(K|Qc^WDs+ctMrQySUJ(ZNE=Gm<gH@2n7z<Y5Nk7aX?@
zgX}ZE0iuD7+ayx|v0(@Sz+v1OZa_*v_^k{GIO}7ttgf&tfw1cMYAlf>8F|WHX61oT
z)$|xolv(8n$?snub#-AUr=yK^DdU$CJXMk66;GRckhV5K<-@3!&_7tX2io8)H=BWz
zy-gn6or&Bzd0}hPEy2BE1=@-VA)|8|@p!#lF0+@#sT`QDG~IP%Hq{+j#QFKv_FiA)
zCj?dWlZV&`b`&E?a*l*%At5Fmck?LTArK6%?JdJwtLdWoBH%IUaNh9*FJEk>K?AKi
z0oEvStF^i31^3aZpEvj<DXktNv6(6t>!|sM_FdCu?D5g|k-*G#q!GhWhlsfah+|Rs
z-i8`$?FNRP1P;u2JS5jzDyj@gsHr1&^MHxym=pux_JjBR-|QYd66Kya@(m)RlPct`
z4tUz8w6K0cB=_hk8x{p&-4?0(Jd|`pU!0u(^DG{zkL?FN<9B?1u6Z)(H(=ep*oGie
zPcpZkJGMu2RmF6^$)iLSQ)ts6)8Z&b<vO3HoR!bP-y-~@DJsOrVKOu|$$O*9c-nW(
zuiJpyV^-TvZGET^)H+i^-0FF%+B^@_i*D=Pg(owW(IOfA*8BJtya^)7X_ZPeNPU=I
z$2<jfLXBk<FHFAT4HbV^oe&@YJl~k}T+AB&&)H_vmi&eyo3!-`$1?TQexCiWP4G&E
zT$q>0-6gAuwf}Q_VMManVDie*%uzbOhvH<nD>`+IdFClHo$x^B{6mU7Z_>Tw;q%EG
zRn%r3i2~LK?|o)x{!DM*#^4I*fjpY-5mENJ?{ti=B{56KOGI4*n>t`;qGI<k?=6^4
zRreLPL8A;D=HYD{(nl1jF)hkd$;$qq3Z^?w=TCG&kiAo`orE^&MI7YSC4<Ix^fYe?
zzW|80$swG>y&*(0^r^tdW&srPi2xy$L#dOB^^exzuQyQC`KkFBib-!bkC|T-Oh!R|
z8C47IP7+>W9akQGi*LoZYY#eHo4mc79%+H(w4EGZjc-$ubs`?Ru1$kU$}K9tv9cuk
z!CFqF5R)1+{Gaa*C&PpbNzYU4&l*L4t*+dho|Ripvo~qi?GMK(kjbnb@L!e^`biJr
zZ*;J?y$<1@d^GOR^;49wuHgZpCN7kK*9PO*M#{Oy@5R76gY1GB^mOoLdg0DI+3oFY
zooZ_@r4z-%9ECt`SIo4XrTjfcy-EMJy_q6XgR_>a%_YT)Y8)7hkI}!RFw)L7kto?q
zX}%YNi~z1|#W*aNm*U@)9Qk5$55}>Q=H({g-nk1mv&U;eiD780V+X9h7};*@es3^$
zmu83Mu&*0==<eK$Xu_ewR?}<qsZY0)-RN}G!*z6Y%zHW#r~pkP+)<h8K!OiNhR}sY
zF<GRZ<%(PAxE$895POC)kLeP^>?l!;NF)_J!JU>>yp)bQ<a5p6<(KW>Qa!8NUVsrB
z7n!R)Bd1!d(IMxJ=ll3h>HT6usC3dm!&cXLqI<LPR}xbLKp^0mqtc6**1ZH2;m-UC
zG3M=CRZW}zGfCYHA9ZW0OJNKHo~eg)$r=L^&K5|5A1ry}Gq{_h>(;;pAC7y@vArH&
zKZ{#PAG8pr69io_?SW5~OXpcX6Hfy|3GLJh55;-z;zowtNE~LjLUtzpNcbmgjS_8u
z)?WE=0*IpZkfhWvJxZW60TNqX8Nc(5fD=r8Vi8MQd5T>0E$y*%%323jZY9%6ZarCl
zRTCSU(}6obGbGvhBXO#Z@+rK<aGxML|GSUu-}Mf{*<!>ioU<`QMh!Vd4HhK$x3}tb
z+S6(?_1Y1RnQ+Wl=gWk6IX^>|yRpZPh{#+U@p*z&5OuYuCa6INcGcvO==MiT=&m6q
zEi)M+aEbtx@AV-R*Q?z!Y3z1zFcwc4nW30ug;#~SU{5{;uH986i=8ONCp6{eXf&|R
z@#rg(-FhxA8C5dDw=Q3bO^`9gnuTonVL8<}L2v3Vcn)Qvga33)+lIF4GbTNsGG=a2
zb<D!g^s{Jglo5Nrzr5K@7uP=QOJtutB32ogKooaDdq`=>?$k4}gg>&3nFxY$L`?ek
z+h7*UsFdP3r8r1q)4qO?PL#0*r^`&(t-7}%3+)C~F0qROe>u2xvNLE0emwQ*8H-W0
z0hof;z~x+_lZ42US)UnS^e6q;I>E>4Jmyu5Qe!6oPnBa;QxG=kUH^wuA+`hqruWR;
zcPa3+i<_5gdGIIr2=s&ZPM9yCP!2;M+G~^mZHy<ts9_70`Td&FRIT2;YGBqAm4L-l
z{s^pVk|}OG=E8%RBDrri#~E*xwmhYwq;YZzvlkc_1;2NA;1pw;+lbxqN<5XvbDRc9
zxLKSLNo=t$Q(TbKmf+5(l5CLyod|<7rSVcPa_M`au6hbSm-Yclf9IY&2<8sQWL_0}
zXf5?aXLqv3#}=v50lU|pbXk_T)rmE!Y%fiJI8k6F21QVKNryk8!LSxbzvy)a?xnRu
z(5i`e@0RMOs~hrq#Jr5XyEmh+_i;CZGJG(6Yojo45LD=IKSh+JYhr&G6ryU^9X}*!
zV&8RAb6lU+KQ?^x5tJ%?6BC49!+Eo@`fqq;2O2=D>Le21ox~@$>W5?dyy#I(`zWNA
z8p4fKEmkMmOpw~Ml}dazws3x!t;IS-jZS$bF&q(qt)sJkQmRbN#fW!)Jz_bax!IjY
zA<J?5-X;;RTCIJ{THy8vp*gTWRieJSrHfIioDgfbey|b`iozySrVOICBqX_moVPV%
z1+A4&6Sp)lOrYGvs@b7HT)%X+0;_6k?nujr2`SIK&Y32INoagPm^(69QoxkpPskaO
zi$zLFc1T25S%Z(s|7ih$w)J~^+%o>8OFTAi-3icsNABqTzKK!dnk|C4Yd=?%ACD=z
zr#?GAQsvO{Nx+4#^>t>|grVg6AfI|K3;*fVBMo9><rd40s0jNgNd8^!gJ`;t&N8ZH
zcIN9GHh;?piyn=Wd=Woh>+vuec~9TGO2zaOzW8D`;&H>zw<5;{KEfaTT>LPHMTVEZ
zi13{*jyx3!8kg<^g!wG@q1-*St?Vabw;ngNJ`}lg;Puz$d*7q1UrqHDdmFE%cng%S
zOa%-jx}1d@UAlQKOUyW9?_}%o%CjpXRc8D~pHJ@jVfJ$>=y}9zE;S3>`C4#gXS_!6
z&K+hoS8NwZAkm=nT=Da*WS`}8tX)tZO3CdDYhsbSQF-`ZtI_0hkFsyv%6SiTb5H(!
z6WPpj7Y+qQ)y6{2OMS!%%}*Ug8X?ccP!kg_%LDg8HUHyLG+xW7tsHEb7gTF_etsr}
zU&Xbxpp|PH{5aEwG2z%xnYDZzBm})(X|i2MU}#6+W435ebh?uRq*)I%B;!{bsvw_%
z=#R@k3Gxu9p7838@AtO6Sk``V<wRbx*uyCx!HW)e>;#6os=w`=(5(Y7obWqe>|1A<
zC`u~l@ytT!k#aqf{K@1zd1eY~+qfdWr%F61Cp9EE_<*cR3{|`?BTDsAsJAuKt8+gm
z^{i4*icPK_u($z#Wpp4^{8Jn~#^&~Z^4h4L^U~Kxi!UujR+mdef>zAWO}*q*dj(6+
zQ?(M9e+p(Ai~~zf3p()%H2m)C>si-<n<aSj%{<C)K|e8c?Ly+(k1L~+*R!+PZ)J~1
zQFPZlY_cOBx%V~9)Am_4H@GhLi}kUHUB>jLWg)mF6DL0!?d|+#o_&)i{54O=57>o{
zd4mm)b(xF?R!02ix@Z!Mlr5YA!gn!KNTdZ5nh5HMS0_K_WFvLEwmX@!%v+l)91|){
zc@ue2cI9b&IbH8sN6iIO<XVh5jX32Eolo{zdbbz+=kVHn4ePS?2a#_{52L*$XwcXo
zYUmORD6V5k#rw=}`cDH$LQc|BgNk0=5@cm&klFu_DRT<Qvt2ehJl%q%`Eg@fc$Z!-
zwPyGnd=&Ico5;p#deXK4bLiS>IZhaglI<lKX1bMw+$?O^ioHT^)WEdL<AFl@wFXK3
z>8^XKE9_Fqk(>?~wg#Oxsh|s0eM8E6Sd2{)I2Ogo#v1FW55wjc`icvU?Uy{K-S+!&
z8T~uUkKZSq6S>n(o4I#C(V^+OY}IFnZeP%*T9x<=SboPiyY3_-{h8*+uv0o}#+ChT
zlYGOyFFF4I#%_rKPs}->UGKcYM>lkI<&x1n`>hp0GBpa$?QP{FNxzNBD+3*IT>a@M
zNWvu^jq}?Io~s>5VAn_ldiuc<H8C2i*O$N7xcJWvBR^2nWvp~3|L&OUoFA_@+c0?z
zau~5cR<8_uG_B%XX2Q(oRfB)((Fch;i<;#&0CQEvvnwA+j$`&tp^}rWU|_DQ3vg2f
zI`(jv(EsMFkoxyvRsiEU5T&+OzVUjonpSrWsMx<-v`wZ7rT|Ka%^Y6AAjaI_JPtJJ
zRVe?%t@WJ~sLEuS!3r73h=u$?{7T{o=qg&6fD=JE^T%0l8d=umwu01u)nt*w1|{(!
z32^<}Hd0c<8F5s9g=|d#6n+nNN~$+{)T~I~1gpRmz?HdZ7Y6z4))LKv4xkTKkzN7k
zE=s*LDY(3&=@PUdbYrAE%de9mt0A=RUw}?`(izQ&%Gq*>;K&H`*wchA@M$DRttfb2
z!;4kfiv7tsZ#2N|<FUffd;<HN2<G~g13RAhR6+hLI=XY9@(4Qr5y$U^)d`UmKdRo+
zMH6!`>@PQ7eti91^WvAlk%4U1%tcrGYXZh%K?59#oNCw00gS-NFeAHILty~eK&`tf
zG>D}Kyt7qB!k_nZD-=DKe)5ekXPWh8@omuTVf03KLHYU4M-NF*QwF3k)Gexh79jr(
z`|^c~NkN?mbJEt;q3lWk`w;THOHay3$?f0m32kQ)2ZNM@ul)WlY{~z~zMP;Va_&5B
z-?P`E!JiBpuMve3b&|fRbfE7k%$;WT9R({_D#uO<+Fu*=lMwD=J#U=#G<mTizv8*u
zzmhG>t&eU>VH+pK9}dE2hTKsB6P_(=_Md~l&U`)$jTqWO-fi`r)7b?{64y>5_C3ov
z1Hk|=6gjz-zbHZ&TEZKr4^+TM_fpjrdXlbD$I!x1OHA-kLE_3Pa`StBJ52C<NJBg~
zDl<*YX~^NupJG^GZ<<>#7_H>}!|0LmL|MXRVLL&hZGHa6t%wW4cCfQ{>c{DzoaXi=
zUr|Bj?@7UWo?KiZT^XY`VFH2s^W#c|ya@1^-7gl$2tz;X*WVLeYuXy{30TgJDNRXQ
zo0upcskE~B^!-}XSvcp=!8u9egQl&`L_8qixsBa^ocD@F^vP=dv?u~INT<N(&uq7i
zJl;|)jy1_XQ@t7uc;Md<l8~gx3*wg7pIeJV{v>OqKxe<^YydVqoS`+49m!>eo_*Qg
zOU3zC!|IDs^)vCOIV)O(#6jIG2}oQXl;)ka_z+M)!IXD+1h>#*oq7Zn#`!ei1lMcF
z)rwhC(x8pPD$W?U#`D)EIvqn@sU&y^@Lz1HsLY7^Z9;X!+=3$CNoiwaZTF7!b$;dH
zYekACSypx7|7@~u8fi@jE~GL~i28kqozE{&D!9v}>2*0>y|$U^thQfxv{){rdSbe&
zXaY!H$r-}+5T|caxlK%GTiwP!jC~3Hk-(^6v-Xqb&d{&-eG1V-^G{X#KDqQf8GU4?
zXtlem$Je!~d+_>QexY^@dhFJ(PalNmzod11$q^0Pv_lfh+dnTbHuj$P{E71v9*^f@
zO8k6}c<tfocE&>D?Te#-ctnVQ<O?2LO46c2mLg8+^Vf}AesIvV7D#e0lEl93Z`Fib
zL7O<f+@xVf>(p;(4kNgT{+YRk7hV=78dJyebflsaRwr>j0zZX+3(n4Qd2CEb_&!=0
zW@j!Wc|QUHT<xBI8jnO1z2U=gno?&~i(??l!zoKJcN16Gr!{Ck$}cMP@&u%;g;>M?
z=RtCOYFz2sd7<;_bt;EbEr5{~1_Vv}#z+AD*{uEji=U@lBTj3Oc^|*9-+J<9f9>nR
zvnwWpk>sLaQbL`a=Ik|Yjhp2}wUW@D?2jIEmkD6lm4eFIuBIq=<DijPUQzJ0NJViG
z`J((iX5Joy9Vs;^E;$Hje+QLsU$}|=UU|GxU$Fl8mZA-KSEJ8OO!~mzr~e*P3ad`B
zcg<$!^fiPsB$~b01}uU2^oEsKE;Fe|nflA(?dbusMS40NfpNj=K9PfL$xQbe*3dhu
zKEBq@Hzj3fjKLJ=tJ~|T6;3x2-8K3wu1nq-qTA=<hc~NCqThg?T4HV;&{aBJN^~Jl
zyeVu7_*a&8ywTi0pQGKz*{as5r~q+a$$-Z%7X3N;g5{Aw_q}XG&fanT#pD;~jC{})
zSPv_=UH?qD2r=i#b>)L)G*||jA}+5NleGwEr^}jGcB&M&gy6&Yp?r~#c@Ca8`+j=L
zb%b2qqcV(*_U^>9F|^k&*A~GfdcM`y=8F(B4BzyTG$}s0XnQY(X<rv1nY)0acLK)@
zzFtv)p^AH^)KL8%V#r0umHP(1O;xr|vb6qlD#p+kwUhYvm^i$Pf)YTmjl5LlrsKxs
z*W|d&u}_(*ZOBi&s`857`YnjOOprX07+VwLjbeS+D)JYV<x4I?G$K<-w5JlA5Z%5i
z6ZjUYDLS5oxtih=3Aan~&&Xr)10=Jiko{3#a(pmOoU026Et7{Xj=0wgA`7pKA`<nb
zU;=NwkW?&#j?w&8a99<Dl9Dp(JNmQrBPT0;7j?7^04+*QzHOj~Z}dn+^{9j#IG^i2
z5PjB@_*0FhRU{Lgu0mzM0Q9>OL2j%fWfl#|ts7fqhRsDAzR+1dY8t8=wBd7$Z7ruM
zR5dph8hi21H_jn2n{m_BOR3K1+Yy+LncF^YP3%l=(s<>ydgBqfN#EO!33$LT%+-vO
zY(BU8=idVVnK+kK`7Rt&<ueIzeBIo6Yvq@I7k7Yv-8}I@OVYDo`m4aplx_ywMUX;d
zF6S*we4=8Z{ZjqaM4OvydCtjXPBF-Fs@UcdJB>wj$>QPljn*9mc6;~j4t4P<LcHA!
z)sxs9&3uY3=d`)SDLJCer~O>RYFhw{wnN^&_V_8X226dTyYu5!&b1~zik0iavAg0P
zQ3*akddqN*{AIO4_RooEn(zj|*^;i{VeQk>q{)j*dFoS9yO}LvSz!pf2*GI!)WGk%
z@+s5!zLS#0X4k<5j9v*wGbI`*#%TJ#f}wIwheHIvMZtE}IH~}45O!g)FtqyXg=im1
zZdDqTKYI|(aB{6>R17p(*bueI72(e2Do=2pkx0?b(dUvC?xE!Sxauo>c9Vyxz1IR#
zn;KZ)?IqzN*1Ji4JuqVhKV682q5h4i7m%>(e$FhtI*jYeXBJ82>%T<$+&w%(b0>=C
z@_tX?6@nN%uEn{wZ{vj0aa;F>-aJl@1?zRu=(`IhHIf-~%j6at&C|FzXG9`Z3z(1A
zb^dBWJ>tdAcCRzdWy#mKZY4!M)9ts8=J$F;ITE98%M6{XyvaA><sKl(+~JquW5{s}
zz$#x8IA3D%P3Is{89Fm>Qz)5x87cm1%^<6;FOla7InhQZZifAQV?!=zu$a4xB{Gi~
z#4yoR++q_#k0u`I?mRLfv~%rX*T`wEqrcdsNGsZLct~9rn5r!FzdQgf!6_s<2L;Ek
z)mq22?Y02foik0ZhHmrcqa|+S*|uU39nPovz+2(1d$mlhugY93i|b&6L2(^k&r!PF
zJ*u~G+pdPp#p$x{ag3Ql<^w|vW89UL%oUAfA-4Q=_}q=Je`WZV6qS_53IhgJ{NGH<
zt^Kz=7am^T#|#OTLT7g^S=HML=`LpISiQH`O~@}|Laj7~;og%^-ff>c+?=wja~Ujr
zA1UBM6Yg6^hZ_b;;|q%kLBP66(-;d=DX`6ir^Of}+Qn3jjl6NndK!gq1*5l?WVO0-
zVe-suFs|9mEUjUI;5{abXPM23#l<HA&Sv+ysG*YtwRovoabM91!5;!wANFv%<I4I3
ziHdz}oHSVof_CNL6F;rUy~&=MjIc^6@n101PapeF_cO%<^%ywW7N7WUWO%o#-Ih-L
zcgY|;Rz1Nzb_JEp?T?6N$%&yssVN8}EIS?o8hI^6jBs)s)L|ICk>}~P7NXzw$emn;
zEj3OuN3idm7F&0nQ?P_!s2fYFuHdm{bP0_01Ctr)$$a}}If8#>S}6X*-g`3e@BY=U
zr1`7A)Z@vb8b+RW$IDCKilI)HG*^9}B0>bagWwoiYkTLJHX(6_+OussDOQ;uR^Ey3
zMfw_g6kfO)on8^YqITerp;TUz;Q&L)GGUUuC;S%0GYny>Blcf{<d*Q)Gts@F^rPuO
z`YnTh72|CKbeSww?e$|*)lQu#1V)~S{`eB(Vf!9hQsKmQQ&DHo6xKv}no4Ekb_h-E
z2jeWzmn|)11IzzS*tBJsISC!Bi=`wk#}-jdM$@2ng#7h!j~!)jr?py+Vv);{;_6*3
zW+kXvmhSmfz1Jc{^<*Gmd}%#z5&OK{p0?gy(c-WK7oLq5V>a37e*_b6KU{p@z(AX4
zYQpZ`U?|u%0Y)+w-kY}DvOh`WFL`yT+3}T{@x?D(3bJ4>xJ~o%x3b$(?UmJ3$9E0o
zXp+#{i5!zF-r~_)*M*_;hUG#P%rBucEvI~!+UsXp*Tvy4yEmw45Q$j;(K>}DCJwT^
z6p>{l7tZfjk%C~e0xtGG9bz;fv?u6C7={yM<9)?c`+gpo#a`!){-Q8$g8al}6sWq6
zzCtjPbsOnqZ(_sw3DlwwykqbIBvad_P~SYK({@)hwJfiXi(gMi-}TH2&84iaJBAO$
zqlX|&c?gm5JkMgu;!DN1{4ZuWAo)8f^7WvHYxnOugNbXefC1CryTA<4ow&CiiY;J7
zh<#dCCwr_A2?3(1nDUI8?_sUlgsGITwvcpWVa_2>5Gr)`mDKBH-`!Yr&X5d>|43>s
zAaf{?tK_gbVn^jGqjHJHfkx)xjUY|n&pO{!*u2GZip+51UfyYC;P(wjMIn~?0o1|m
znnk7xe(csEr)bw{k4u__QZYUz8{c%rl{wBVhY2OEaKLp}np(|mK)UJh6-S50t?&>H
z7aCM7wGQ-;$a%(^F7K|7=Fr)<hOp%<0xa>lS^0aos_VG}6Ux+jlkwj^KqFu}emMdd
zMiA_*6^g<?nIHC$$DwVpYO=gDzKm+?(xDFl1x)AEgH<jHFz}29T-BR1<AjL9|K?>o
zH3TTjkXw!x+8ttjpVmW$nf{InETqVN_e5vBHF48B<1y4z<{$0jmb@8w@;rHgUik4P
zf{R_VlUxD@d25cMvY|m)zz8CgRF!c*`M0n?8=J3GMxoCaVbd6-#r?2%L719PE7$Hv
z>~+g6rMwB?31z;95ndg9atBwtPEETT8G}GPK$(XshW702?*3Lg)VWB(6-L`ut#u3x
zw7>JTXk9&d#~bHRMNO=v17fx-8y^-Lbl;0cyUhh!au_}n1Iq|0!n;&!rTqe9A0?~&
zF%IK)QZQ7O-T-fgW^IhwKdwe=_<fWM@f7LN<4$pOA9IgzG!!Oz&~A8p<K$96>K*E>
zk>;Tt8x{8{<$yNHcTX&tRB_jATBpo4a;e%sztv6fU$BTiQ-i#m%EJL2`}wU+AlX~r
z9MPqXeP#*HpAyqYE6waUDF=eb-Uq#SGMXN^ldI~VsRjdVOTb~<(BW(7>`+~$OFAry
zg9b$|RX&zsfmQzad69klY|Cxm7~F?$8j={-#NPB6%8fMzP4w4Gpl5#0^H#L<APl54
zuCW=;6|w7BmPlH63I;|+T-(sPuTGV>WAx|lt14{NYB<%d>0i)=QT;mT?9%vzeQ;2H
z5wyg`kEgRQZTc2UsDXcQx!;H|@yE@=X}3i=&5@p*Cx0?T@B!OiX_rv7OM*;Tss!_F
z=<mZ9(9b)|0#yhBq*GX?QUH%-MuB;1uCTNB96~@)*EPQD#$DbDPoZA&#&i4**B@^k
zhFL{#9ddr(PS6w3k2Z_Vvy)mZT7Mw;4h_LAM;H8%gO+$GHnnC1R79>v>og#V8TLUc
z6Bpc+#*7FwJQ-`TG3-&IL0)}l;LiSn+@^nDU>+y#{g8QQ(aXhn98%}Wd#6*Z<WP-`
z8e<TBXRQFrg7MD=6Ks*0p<?X@t^Fa=ckyx^6F8#)=2N_16nV0U|BA=Gg~Yw$J!L%s
zE@(F1ASTx!T~GH;f1uEBEgz4!q8h5MX7tHe+N+|diqX(s3L`kbVguC1)7Z>dt1!kq
znqMsP!KXt6HWUBIhoZ55$6WB3l?i=g(`}!=-9Rx3L6(Y@Z&Y8|L=p{YY^1avOd#$v
zW7wGOC_-1+Z()$GJfZX;)1}JSBfEId(9HvP`44wFubHk}=aY;8W}K7Vl;(ve_&OY(
zFVoQ9-q(?uoaTI}2@Ywqg1$`1e0lXoe5*D6$W#x@(8JZnBrS1p3u|>{FmXsLT8pOj
zQl$wsF9Sq|`P7lyV_9VSO)>K0HKakVZp@3xQ{gLwM8i66+@Oq#JvfS+ZZY4?gl29*
zUy4?fwFlQlxgk3gyd7B4PnxS7*YF;WbirQI?FRa~9a3s@;7beCGW;1w+`YY)G92*&
zhGLtLx;Oq;EBT!X;)N9W6*t&+9@y(?A+U5HAMk6h6gwdYUvzjigFMYY`78qIrx4L~
zBL&~iC*gGonMZi@ctu{dC4ihxzQX=Nxq7QRiG4bZRO_IWidNCI0#D(QI=$lc9*;*}
z8zIsc$ynS?3X))`!>`e>lox!Y%Nmm|D|-CEn{-)Da9J7MO0i=~(n88VNaa>af@XTC
zcAXndM-P2now!Soh{yf}BCMJ$$K>WAP7v0ZMKshQ=AN5UE4cbf>hfKNo`8YI%tmGn
zFjVgZPNlDLPg}P7TNbCcI#&=IL!w76z64CBUD~Lh&0VzNnaTL3EJR$_ug1=OQqGY<
zkq+Vq5A7agELk7cqf@L-%%RSDS~UM07RN;^8sI*WWzCUqKe*~SKDBxCCgN`MrqM^e
z-X{azCd&^4Or+Y=l;>fgyUQjse;%~ec=eZ$tdBfRD7^bHdql@st;aKj#`dj{VrF|P
zj&`>e82CrhvOM(eKLeu4EYHZLM?F8K_o+f2-RAT4)sp+OC%+Vvu)_Qx3{zP1{k==w
z*l)X~(ZLTbV$7CCSB0V`W(@R($R~eT2c>Z-yqfA~HCadoIVqF;RN63ZXMN761Xglq
zv*c}nprLi^1RE`X{dU*!^Q>39+4xG@J1wTqkZ_^)<-f^?GJ;<+t}#1%*Jvuec0ZjZ
z6&qj*nSqO{*79mJs1U-;<#490(A&3f3mQeO?6&rY!3X8X6(3>NL`TXly$Lh&|NRNw
zD)DATo&wvg*XunfK(xNTYtwZiOeZiEw*JtDAA^#6!5dA1IPw;T)RC3htlbG;3SjRQ
z3^FK8CUemJ)wx`xs3-6P1TeG7A;QpE6_sY>oLpLQjVzbX3)4#h@+qwEFQ02qc%n=2
zyU8K%k>T}Cl{=Qdm$KkZw<ksmE^>4-dv=kZ&-&FixlXo3;U!I1;DAgr^^*#6b1(FZ
zPa&_TT1rQYW7Wo7ujIc-mg9=q=k}RG=RDDztPWnl{JU2WpsuV&8tXh2L>%^CJ-;3E
zeDorJX?rSE4n-&&f?dBWl}03U$<(P}P*dokM{OS)?~->W^!-R%#oQw{q*lrnuX$9x
zglclV-?P3Y2p;U=@0QilbL4sgWiVH%_Jr~3oSxwOfpFFGL&a$RFLdMOw-D_K1KP4k
z4E&zg7lF8skn<z%g0InO$mIsA!oZ(4qaryJYWG**<GHS0X!`Nz!VukOS8+17&w<91
z?TSJ9_mAC|2`(2Fq3v$TxiA!zUv|q2?)T=$IOM}uW=s>z2B@Yp>_4KmuZc#d+uQg;
zV|N?bD#rC~lpn{6-GAh0DqJFtNNwz*iC)1}SIX?BPIJ;RbN^*BAZ&z;2i+Sk)o#37
zKf;XRNf&>kBaGG8mTb-oEhan;+RbA;EE&pGZ}@ft_+=ppO{6N^=8t|8n%2ke2EDm(
zu%N}D`Wt8j4h@yf#j{Mu2{_MEZpT;X{FG{E`c1j6Pe{Bh)G0ulj7mofV=w*KlS%~d
zcJ<{0gYUU33a+!M_<)OOj?tbFTY#0V;=1^*7wnn`zFT&hT#1NY-A|d#)x0O5Uq<;a
zqK!pE)V9hiDqfIyN=nXj1~OkYATU8<<B;10d2tzaUdl~0g<*4X?3=rqJUs1{rL>7I
z1Mj>u!FF!%wX9R_oeX}VlY6TTae}J75~@zuXpZ`Zdk|6;&7F8BXsxK5oGm~KQuLJp
zET71_#|6xoOG9aC7m(m%HG`%6N)*gUB)#Bz*+c-oa9HBy4J|=Egg`a3*?pCx&3=CZ
zGrhhz!R>L9wQ#PHu=0K>Na3-E1Dyc@dB;%oO`00fDK!V*dp!K8Ar8e0N$-_)==_-3
zr5DRHT~SAAKnP9krc~nu!5vH1=J)NV5$~<bn+#5HTOMd+NrvZMaiN*Nr5@jwshLYp
z=og7f><8{6+K(Xe8?Uc<+L=Z}N3lGmcZGobW9VT`HqlcDQj4efB{|-ERoL%O*`H~;
z2Xyv&t2<meeFoK>Vkvuf!Us0s))Ji-a=p@8IL<oStX4R07hQS>?)PeH0v0ZQ3GWM1
z;x`vm_kph~`TEp9#&&eE&UI8Ou3qHX91KNAjV-wF)_wvyyAdUlKXgyuxBQMCl)sVw
zI5<dTN{~3XhV+aYsC}y4evbBCwIs9Mos57&1O}@?)6||Bt`zOV&Lai0PANSJ{^&u2
zO6Fse#HD(<IMIygf1(86jvVi%iJ<b!2|iE)oD9K*68tSeJ!@j5Mg$6eI8Bs=ngvuA
z5d{*yjN7oxoM&1yhU4%5dl~A`*`vq{fbmh4?h55qF{NDTw+R^*h{R#uSaCp0RvwB^
zpkE0Q69tIEj|GF<=i+E%%3!E_lq)}x9Uo;hLoU`ic9cBfrEDsV)OtkUKc6)Awo(So
zCqX|mU|JN>01MYsArImK>xC_BUB_G@Q=bt^$5L1@o>vXk9Cue`PBaCHRXmdlQ(4bK
zwsz?DR|}d}c6YtrY;)3bVKv<_Mu1)$X}OT=$E2(E1IfaoTE(xI?eB1O%6!pGjl%g!
zDbXINT4rH>aNM#_qPc?Xg`=G>^wji;5<LjW2`OnWS>NU}vJCy^xRGGB0=ejPC0XHS
zFc@3s)3n|FHd^MCH*u~mU(z4xM%|~nnp}Vw30>1PmX)P>-LMB0o2a$*T`5b*eT1vX
z!aoX0y;r=<&<I~}VGQA$#yl6wV|jnLZb-?V;z#;o4)V8J4vPmwuGTq9e)k<>8j?%C
zS|EmRW>WI;toQtd0wLMXwH29GeE~{n2|6suj^=u7EtaYiJx+Y?f6>=}As~m0d8;09
zp{1c;%Dpq^S*9*M=UyLRF;A-3bH2j6rLcFprweKtsGLKASYTPn!8Pt*7fV`Sq69T5
zu~qt`uBuFQKcF5^!qj8g8)<F^jju%s{ht<qHU%IU-XA2F2@(y}*g)0sp-z^>wn=9R
zhkL&7h3o9R_2J%GZ!cIorw1P6T{IG>C?PnVerAmO)r-r>%BW^bS>7u~$MLRUVxj|c
z+Mk5@CH@nW&4eS@5yyvwA}bmdekRxE#O<I>FdM0GNXD*!mzViL=S0x2uvZ{eRiB)O
zdb)p!PQAqSY#=kid%Rlvji$~0YFq%=I+fC!2NUFmbbPbka-;4o)QmxG|J^wMDiFST
zR8w1<gtDG)emh-trxz^9tV*5qZ3PIQ5OMn#>9I*$w&5X7&To>CMCgxlZwCS5oY%{z
zEn*rdInq)s;rwQ+5=`?_q~=ldRqKa$uP{J@mJ_;*3f_n-JT>}f1wJ!=mlhonA#gg0
zwP{)XBypjDmLm65I+_C-Gfw^t#zuJ%l4@_k-Oh9yVM5mNwdZk>d5}rH_oV2S<`ZUf
zF-i&1P`yQCgtg0!{P2sd#QDf|=9jC5DgjV0h`hCwS}>i9#Ql8|9+puew`=OsVWJD?
z1y17drDXC}*n6j|Z5k6WlyWu8mnw-U^=MmYw%0ICsA$uu{LbF^bp7Uia6ghq5<mLG
zSix%ME8_UfM8}|_m^Y|%BmA?NW=aW@?0Kztf7_i-4YaDh2r*OeS?>`WDN-DTpTDi^
z>nG$wox1YjgOA(e{IScIFIQZaRP4^hC)8r&!GE?XZv}~G&KHF)<>}m&sHQHv9h~ne
zl;cDl=^P6NgRnySImWkLgV_WJ)1=fUQmDDzCY9L)jW1*wa@PtSyZf~rf+|H)CKb4$
zYN7tWb=GqlPl~RwY2@PT0*t-c*f?2DT_5LllhJX~E8)oRr=?TUM9Henn1B49IbYU$
zn-6lCAm=k^8PtnTG1dIL7fCOAn|%;Z=RN(&3MGYoLTOv`oLlNL;hVSqe)xg50Auu)
zFjjb9cd5@MnxLcQt-<8bnK!_EYR)!tUB~bqhwv#NOJpA&9_=poS5Hv3tv<Gg2<K$@
zEy}<#i`g9XT7<s7J76@oAq%oo3gRnK=bC$yZ;wGDy%O2vYK-m=-kg$H=on~cUP3R#
zyvZnKV>aUov>hLb#9PL~A!hjgFXlB%JyS9E_pm5B!JW~J1ZVMWKp(i`q?ccCAyA#;
zPvaj@!#&+AzSW|pC*X}Rk1qLW`C7>hfsMiI^1R*UKyxR;EL`?hzDLvqwZqM&iY}18
ztBnDKj)RUs)T#It0tx$X@qqR~+YtF<kD<MnKB{D^X$$po&vZYes<%Pl*zVgGOMxXr
zJFo6tS9N+cfhCoxR>)BG(6IAdDka0ANymi{WMVBtiZ!u%LHi;L9ofzcX^ysufs3qJ
zerLbj-2_UZnsQ4vTUQZ=YG9wOoX%clpcH~rw;N<RPruG+8^&_6$cRPzJo@LCudU=m
z6aN30d(Wt-wryRMP)H%E$T<}Sh#*;Vjs=Q{U`B!@MS=v$A{04C38EkwQ4vH@RKPL;
zN=76qMUX5}pg@G%=h}OpcJ6)W$8GP=dw*=&)~Yn-oMZI<^)DPsydptlu3t5}m>R<M
z?W1Z?(XxpQHyzQ{qzF=q{=B>;w(by4lHe6Oj*cTa-q)ozsiC1pYqIjiX&m6=IO_jK
zz5o~xD$Nkyrjm!bGR6}QON6rUxlKcV{5Hf4UmNHyD*tLJeJF%TmD%?=e}UteuWyG}
zNM^FWK;_>>(@&>DH;sgEcUchjZxk<`pbPt&Hb)m`0CxlP+$W<L<KNr@VL39F7;b;+
zAvs#n*Gl|r#QLNaI}A@N`skX_-M;Q!(XQ>;lGM^_6Ql>yi%OqLyL;{Xz#}82$$+}A
z$<AgX<oHjn0KH;E-W4U&uz%~rsa<5$PL#6Qsk{-1OK6DrI&zPm(>%0j<Q7=_d^sJP
z`crU&AKIX>yImB9P4jhKcNTdRkAIu*{~0_Y@0v1nFQ1Q`&+02ST_pIznswb!D;AmJ
zElOIoFRgbfI-BQz+Ad`OJ7>01(sI0Og@?);6YBTt%DDHyJOtw)-h8vo>7DmCj2BYG
ze8CBBirdC(RJ!=Pd#LvbgF93`Ed{wWGy}TVx=uvo8^-eFso$tFZ0;#k0q%@juWp7%
zBGPx1BflzkVLaIJQu}qfi6-*B7%`RC5}_5Bg6GP9Ca7SC^iD<pVe&09XNluN`b_M(
zo2?jX%Y)(@ol6PJue+>y<lhaTZvC}1$<w*#ml4<=>lTkq8cyxv)KzrJz1w(#Ytj1G
ztKGG%jGOT4rl7g2d&py&YL)zWeY}wGL<e4koM7Qr^X;KE@~{gGjuacFA2-<mdXbON
zs9CDU2`4o+PHDNbC-Pm~>fN4q$y=X)46Il73u|stGBV26r5}HWABQ4nxj&@aTZ}8>
z<UTd#Z^oN9r6wD<NfH5J&jXl+;ofa|{7KSx_3igS7c?gHV~b*65w$5R70<C1$!Wc8
z?c2(=PxaYM<l~pVzo!3MbkM6NI^KAxb$_>oAy2)3*XDKogQ3RPZB4V-y4Po)yj8mA
zKYX=V%#V{FOGzi>;Fs#Imw|U2fy8a2*tqAMGAQ!+gvD`vrfMp38`utZ*Pw}a7#=E&
zRHpnvB6y!5sbpBe&IRLB97^PE{U`Aq*pV0Riie37y|?bCzIJXYn|Dmj17d>I8~V7g
z>w;!jud{Sv*q*OVn(^>xlparnKi*c|3uZv7HgfNT-1SlKmiQZk;PZCKkT<#b;y9!G
zqeHLcoj<etw!XSi4(TLn%&+BKAI6bJ25M<0Z%7a&;^Phmyom{rMF}Pg=KZ#QE;>h-
zksOxMocSTDDg8S|M$ihQctiZuT?1w<Yo(leZ=G+c1Lp<gGF;Q6F>MxRE24T*im5C|
z_L6wY=d&bZaK5f1@;BTXqP?&zrwE03rRTC1|MYZIjkEXJp{FZDN`8qV8iKjgU7w!L
z=`(@Ugl2mp)jBfgk~AEZWM@4dULr<5m!!A!fMg<CY|(=`=!<zi6Oiw*U!n8Y)StIg
zeL>or>b{#K6B@#onE5j+EAVt-#cAzHVRtS6;#p%S^^EAkG-u};njkB>Nw(aS_5nKZ
zpVHRwok;6!`#m4d;`D37FI1S7-LHIGI$}01{f3elz)7W79T`HQ!0C!KHV;hPd<Pw3
zf34pY7Q!Z+kZ1MhCWk>TFs(mD4bS8b;)pvTkaqK6G_F{ZXn{(|8=!5Q*_BoExXhM}
z%rHf({su9@vr>@HDv*XHaiJ6nNLF{>eLhq3=0k<x<+XK(*t|QS3sy|6@8!?n;(Zl3
zC2zPoDMDr^>T0Aq#Th#=@b(rVsdY{o0i)ira5U-SEY!rb`4c~KtA~}U8*a1pKw&~<
z^h=ZnX{ioW4OdiPP7;<M%yknFQHALv&<i0ojC<jj>j<Q6JP7Ml`+3kycSU3!*Is->
z2r`k$d#9vvf&_~)y)`P~)z;Wq=3bbDzVdCCZ^7%!{d^*sA`dj_KJfWkhoG)IAfz;H
zyT)7anw`^|HPp;bR0FGb?kG8IXX|V2E0OysyTa6GCQ!ESf8?@L0^C32-WZ;j=^BhW
z<(|A*GgEsK{K6M9+Aesfyyq*7DdpIfTs!5F5ROgbhXZDR!Oo?b%TC&4>C5KWSbM{g
z`uc|fyJain{s>&XZ2G9oOn@_EYt%PYjTBDJ@Wk?CO3b5}<{slz!6QaTD}S53H=@0%
z<&^)~ANQ5@ri4&9>)6X#-5(x#t76Bp@k3tjM@=6&I}mT+pOs0gKDi0<Ue@ofn(S@D
zYhD+nWz?nRAP!oi?%IINkXGgChuNdl^n4x(x>$^T1%sr;BLzV*a(ph$ulIfEz%<hO
zkjecA5H`N1X3Tf=aEtqQxAs(>Gx7`HoQ)Xf-bRSU$iCQ|%Is&b^ECfs8LF=(6dxRx
zkhrBe0MaO<-O#g}5wPVPSs|u}gf0fWS<%Ncd*L-N1Ymy+Baetb%FS;cfWU;V+B6u&
z)H*(K-9bUAwueN}Hz4#}mWR%VzZ5_<=F^ArKp$i|u1+RJnnSQOF3tee3>o$lD>1%&
zl;TxiK(8=pFJ=1PjCV$Pr=_;zO#ZJQjpal2M|>`O^~B~fbJvKLGAd0zu+!-RcM{hD
zx`!9HX!@T1)R>5yc@&=b_4a(tqP^_JZ$?}PWe$lapewHF$Tpqphs2#5eQ$yuv~_&<
zIHBtB;_68K*FG;CkNJueZp(M(jzSKVH71nx+AqF>3fHr=73e_rh<Q<yJ5{&-K1@p4
ze{l}q#2T7<0>W;*(I4<D5ZP@hvW7nzUvJPZpJku31y*_N4dR~|#l*x;dC_bsqxX!s
zF5%Q{xz*C_K2<C9Ul-Xq5hNkw3Fe-D;m4VUY~QnUo{8US5+R%LuRcjr?oOI{IVqm|
z;)mPPu*%=BRU3~Mt266d_~_G-=+l`E*FxZ$JV7<<qp(AipSzxTPPad}uoPOntrfhe
z%yr57GOzM)TPK|oy0GLF0rT5kIyrQitv9)Sy1d~W4r3l*V~@CrNsHR_?K*n?Vm%7K
z=f&=GZCL5@Gw9wJZVS$yMP0^`TQx<<YHDgeGlt7;T~&6?P1|Gpf9*u3sShxu4YW!c
zoN|LUJu;fUS<ZKw-~QWUjSlOF{<nkXAMA!tW%&Y;!P1gL(fwRO!+Phn<1?KdrASPf
z=@_sfm9DIuch}tCU4LqD(%PE6oAi1}*I<Q*`86ZzTU@tY;CM8aBf1^JBBkulcgUb7
z?`Q;g>Z(r-TpjQZVU9>ZH~D6Hj4UaiwQKyc@?Gjk37s}C>F(a&WT;r;S{u)bo3|99
zOR2%hLMV?3r_)=G(m7T7TXhWC$R*sE>3)DL*zng`;MrJ)#QnV#@ZC8@XD?9Xvl3o~
zB?P@k!)0@|Q*&KtdSl>P-dNa3$wKw{^`q;%>k>I%77mJ&`D5!w#`ZQ<(tmfiiaO?m
zj~yXO>?a*wUF0Th8fQGtXH-HJYRhMk1m$u`Ubwl5@D{C%d>6jIR_wi!eXGAl7v5^c
zQmF5CX+OMtkiM>iKr`g>cW3SCGXg=tY=uqzntT(bdJ9EQK;}=J-<#n)?0qx}6Fyb)
z@r4IekS;Tk%*Ih^th;gcy^*^~x=Dpz)*8!W&CRo254H(;)Bvc+2KzPH-RM6}VEFbK
zGue4B{_V0tS=sZ?B4?h@znK1+^H3s+By{7e<uq8Ga-CJh0=r0s?}`e+!ul2%c=_lI
zvqyZ^rO4R-#CN(QWZ5}Uu=zge#b<8g)@v?)s4*+WqDVkm*dwY^wOpz+q<6X}mpeNc
z6JuC+YcO+^VJ81fiUcH?40+E>Dz}4usWKD_@`#7L;kpEj>_6<iT39;zDM@Z&K<E<F
zV{n;p_k8uBe7i*__}GWhxpvNLsC_75vx}2nzD?JqM<yHofNHs47SIAEz3)`IiCHxz
zNIj@Wx=Er&ufS2ZgHGZuX{$o7W!Vz-$Tw@ik8HM*x$<^pS`8$%Lx(jd;zadri;7iD
zUyMtitI_>YIdm$y^d`uCF6YJH<{5bgCem!T{wjM68~Ow{I0mvAYw+0ENX@7GMj73w
zLZy9n?z$`aq$a-}CapE9l0;_ubU{)8@`R|4lB}2|P1M)H7%cI&f)USEat~y9NR-<)
zPPX6L^KBk#@J&5a=-;jPy1h-}mRr^7e5(_z2122G-NK!C$Lq6*8})H0>aiI>j!b71
zVJ6%)So!XL-}@oGSkL&6m$aV@3$48*^j-p?J|e{X)vVuaH*wh_GR2N1?jRh_mPC#r
zV%il}LJiMr7%UnTupc3gy}I#m8@`bF`t(u?)g}S6duw-6h_yjv-0jDkpfwk~Lnf@b
z?9=?AkSx~SN>XoRi6KRvO>#-9vU7`&EbBeIyW(w<3Efk{B^~5P_Ka5ceXH>ryEJiZ
zS>nm^m8H|Er%{L5D3x{}?2df~oY3LH?rtbj>ri<E^~99&A^7Q?3ni@5mZ#sdc!wED
zU=JZEArVSzycY{fjFT0>&@6lGf$^7m>_{r^fP<LJMF$55UD?2I=UwS~rf(b`C^mRx
zRgrSOIjqr8-}dIlX&zc$vrh@-tgfgOZ{wArBlk(1{;pue#fI&=Ii5|zk^LEF72@Yh
zUh^xv=i)97eY$x$K8Bt$o%vwkU+7y8e8)Ko2QMd)>S&Vqs8~4RTzrEj#XpfzUoEbj
zso+3p0;FgIwErzz9}3flL0|LR0#VoR@M>$eFz}tZ{3>AVHmfG!b9FcA8YHBIPNk+W
zvzkvZM{yJ%#}ypN1M|Ouk12^*q1o-h`42SVk53-{;y;{!2;YnZy8doa#-&h7Q(bX4
zWfIgJyc<0Kpmz+aQQVBdBU8<ZH;4&JP4ZB!qscl<#S`fxJkqZ2hTcO7-4xrwPw7f)
zpUXYT%D+68@Xy91JP8={E4A&Z%(5v}nFH=#ry8;cxE24}*ZPB&ylrfbIfq7q=o<RQ
z*ys}c%qo^{bXXP3z(N^+1Ut)a)>w}1NtRY&RNN>tueIpOpWB-w0p(Fst|&mqZ?}C`
zc)d4siz=1f=k`oN$O%@TN6tAnS9SKcQ?G0bFI*WA>2GLg(D#h5DdCG+1b{3|=mEW@
zcSca!^yu~XjQYFj^B5KhZ0d8an-lKWH-}tl(b|T07W7tn4%T~qzmSnCJOVKBF#gz6
zkzE{L?L)Y3HmL*WPNq#ML4_Z`W3XbXKM^?Gy#Ln=%-p!oCnfQ#DPYEDYzNIxGKL*!
zlnUBCbDI<rO7II@1rm@>7{hZ~qx%^w;Uu<3i3Be`%h0$mg^R|R-8+vj^1c4s>^T25
zyopOcxrCyZ(@Ea?cVuW^+z&f27oUDPnZov3eo6_klpH_;c}3cw9#)iq)-UZQmIOAJ
zb*;W}OW?yX?!!P&r?g`DYR-51hoSyX1dMit2^Phy=|P_p0Y^FSB>x*sI=f=T$eo{G
z8BW8qd^nNSHRDLzNqov7Wy0iJNK10Y4?BCm|0_y#*rIB{6nq5fOA|Zyxb~H#)K%z~
zrkhJPVdx7dv)-}P4Keu3O*IeoD@MZH5efLcWR)eQzdK?U)tQ?posdrqnZ9jegd0P9
zfAW7VeEYRNRir3EU`(%=5K4af1K|i=9jLx%-BUuay&lP4;%rhy?Jcf<;_5PZiheG_
z--4?qV_2v#HoNA5D)e0ycS%n_4j71gWJ}8E4AjWkqm->0^i-{yubI;VVX*RDomIGp
zQb>%v^XVrCRJkF};(q+51^@^2-tSN0fP+H#CDv2nr}|Zk72j7k6oGfts+m3YGcTj@
z6uZ&_Bd-!BgOQ~rh2F=DPW!{|(=RfLK)Ah45YC>3#f{C-Oe~EtUQL6Q)<bJQEkM{+
zCv~F+dPWhyw&{#xGU>8mGrWe=B4djT)(40$UhRW>#W}ydMSlB|158sCX_biw3je(O
zl(dZZzl#zQa$e)^Ubtq3I)&g<)}qw|$JD6kgvo5;)+!%AiqH9kJ2`-n5AXJ)QmQ8~
zcoe{JYrlz+lpZbNB%Y2v__8BEM|}5N?;UUm)GL5i*!c^UjKJ)ocQvu=#iK{Zu^Sja
zsh)BExCO8g6r)Q05FHa0-E0t}mTg2;t)!&1S%2Yv<MgBRb-1F9c!>f`mu=Nj`r9wS
zlEW)Bzc%%|{!s5kWa0^LZ}0m`D%IL}k5QaD0M$vUahi$DqmhR&R1an}IPXmHl8Wp6
ze_c5LtOgB!fi&qJ^TnAf`zF8S4#Ficq0APXw?Iwc$kxOBN8M6ev`|#obhCVImG14)
z=Y<bFTN)vO?dkes)L3C^O-isGittmtt%{KU4K;RN#CI!bCQm^24W_>?Cc8jI_+qa{
zRpy30GJ)rdID9PUP8ASs=+=lo;0&FNIjgavjvzKw*Cs|O^X}i6dpa^Tvy2XD@l@`n
z=aOL$P+{Ojdx~7rn!O)cYC+IL-8}Qe_Q<wduBAP#`Frdg8>P}hyn(mpdlKP-oKiau
zEz^TO<Zve95yxeVLKM-hze?;$CZBPS@rYcEF!#sWyCvo<E7VlDQ6|1@M<3sS{PFjh
zRw3BObWL^Y)156sDz9alH79}~T00W=5o=fLWzSOhi1sj5g6=5VT1c(e`ujDu*Xt3q
z?bVI-&+8q5$YAhDAW$Ge6|G$@5FI__6U)e(mDiSei=M9$>WY{w(Tinf8Xq}_B3xqg
z?_K8==lE(#ygv@vHe7WFN^5deP6{1RQ9CYmj{RhG_9X{@Vtlt%I7^5des>mlhP#xe
zQpp0>Ini(p?{*baW*!tH+upi=BlH9+;}ZEWd}~a2V~1oH-Bz4P-FOGpHN5#@#@Otp
zYBY|Pa?#@<GY|IO*=N)hC>^zz*PaOKL*?{O(e={1*`!WnEB#6+lmhW-qH1M=49S`@
z*cEnT!}){TGp<s;Mkf+RGsn{F*Ul%<MR&N?9fBVcLtlLZl>3VXBfN6s=%!egW3k2P
zz=ILb#K^dB8TQAduJwL!w`&@;db?l`ecD@r2onDtyB8i(0R-02n}lA$2yS%Pb<2AZ
z)W;a?((6wucN;EBnBQS<r7S@NeWqE0iC5<9Nw~9?B~0`_0;6;8{Q)8TGY-GnFNYgD
z35{IEX(<6R-+5QC0-a?d>_MmfB0lWJ=iTj$bFW{YmAw}NHyHqcM=w5CI1k?VB|rWR
zAHJj(BWvd$7x4Uz{-C>382a?icp})~=LOA`t@PeaIKb&no%~JUo+ir{DW>!`5LxWp
zQ9@gMrK*F*7YTOhCj^skLRB%fn{bD9cUFi`%YcO<;+Z&E{UfyIBrjAIv!JwT{WE(3
zXxVOcJx<Z4LR}UnYXyI0z<o1bsQu+a-RS&<(=<asC+rRTvC_-xQH4(Dc{#hUtU$`2
z$MpvWpj|$|*u+P4Z3z!n!2854SuwEs(kEE-{s>(+PjBD*yL>Ar?0Tl}64jfnA0ba?
z1Lw+etRsbpqGhp8ObGPvTD@_CgK|tn*z4r>wt}at0Dah5!t(36uaqW<x(x7J__5@d
ze)k(w%cGx0h_hN42wCV$I|=bHe(ODBWucWDD;SKQf0wqHU`q4t^HbF^sUEtYevup-
zNj!?B#p-l#zS`7IbAsjC?W!eqSHn+{?^7P1H5i*OX6s;BsLhLlolq&);|MC_KxXBO
zlOj}}@%3ga8%3re$U0n2jsI~Un?{MQ(M`q4|6qh$STOA5GfZ5pgh^~RE9!3BT3JKG
z^ovH@Azq>d-EMIDXJgp?ox8$q?O5=VREtd=c~<=hg0MI=GWn{Wb(fper!OoYUS4sC
zN?thac~Bkh;O+j$Qg$a~Lz77@6qN-NvapN&xz^<OEJ61!`uD=wzDIV=6{_C{Yc)zS
zXC9f;g=Mu~6-hfp+4r6!0tdK^j_F&s7eDj>3k#UmHz`J!Qbf?PRpsZ{RvkV&|IH((
z?aK(y`e~$Qy~jxv&nl;7!-8jph0jDi@?Q`@PAyj%KU{+DL5yz5t&RSpQ)Yl;d=%@m
zBnZ8af=}Ys?XzN!Kp`~+G2AWS2OMurThoRnrDz-vWySG|`}VO{N0gQGPF!FOJ!o^9
zPwiCs{YU0}b?ZdhOa*}pXq;q?TSbDdA)r{PXmPF9F61xQHo^4Qu^MorzEaanpTDFY
zyC=3<z7U-AWo&g2JaemfRIl6H3>^E`_El&W8aOp*Q`#9-M(y>7l3!iA^)8C;l+@ed
z^xiR!vo<0d2lbCio90NL$8IpWmyJ7pcU1WE)7I<NoOmD54198mT6z0(5x3G>+m5a-
z6#;OqnLde~ACc^fuV;O}PIc9E<@;R~tp31H;Ug$kSwe6VHjNurM&f|UuaEE1hPo?>
ziFL;<Ewd3M<h@G9%OazBnHCOO$iSKc(zu0u^{u`2!s#>vrd3U1MI1NoHkIQj+mHR8
z`YUKeBHsb`sk3d+PmYEpF1oPNF3P9#FrjU`ER#!u905!8Ug7?(t1rYY&=Ykw2OUeI
zmB(9}SB+0AdfMEW%h_Kb5N7Ak4^m1JQ+?c?VenbubK?oR8Gr^B;_RPaTo%Sq676b)
zN0NANi#n#LNXi!QA%-OF)XbXp35khitVhz<>pInsy&7%0`8o&+iw-c3I_~dZ56&m4
z4J+^HsdEq_Nc+MQ5MzaE?aY>Rc)a-T0wV~~)7QW;!Si}GpN9XV^NqpJ)xb@=0~lg5
zGctgAYwnRJ%S%f?Ao1j#bu>?f-+?<`R#=twgUjmvi`=TIl^YJR0^+Crw}*I$vPYs%
za^T0(S|L~KyA8AjK3Z`TS1azhfCJg3_%Jp`Fwdz4G(_WlN-Xsr5SKnTS_P@x!OQm(
zWE-Yf<4L}D_C_IK!iYL+dkdl+Xmk!Hu_V`TQL0r0a+BM^q0R=?eD;a03%Dp9SWgqw
z3dXa@PcyYkp859ds+HBbbKD$6*PQTLcW|7RbJ0Y~*`%DR57PW$yQ?OBPo0nDF{c#O
zl8R6Aa%2o$YJi53x~mIrPA7R|4(Fz({k;(4D)_Nw|C!o`oX2cUSA^5Ae-)}^IeHjg
zz$SZm>)h6_k+Vygo9&8SXks%s>$E%PToOk$pRaRS-Q~kg*(CIDEZbS_B$&iLLFtI}
z72P`or*joDB6Rz(5iDsUOhribQnq^*Sie5msDhW7;yY!5;?4+d5ePs#>@L{ty8-5R
z$S{|NqI3tmvRD+ls#W{F)ylzxM?XyDTiOlYHFmr@Ya;xct|+p`Kv=}tuw0}j?eoV(
zt}od4mQ5Rt|KS4E|7Z;PvcO@qB9fLi2}So0P3W5_<C&%eSP#xsP%W3`*t&rb$o0Yt
zPY;<_v)Bhe=!s60Z?!f-28LHOlphTQ`)@9hS(3dJg$Y5U#b5<e39kEg9399-`lA#1
zS|Rm@<rkk_afn+}EGWFSH}nS9G{#1+Gx8Bz!?fzB*{s=<$z(8EXPMBtwHF%cR0e`x
zpC#`W0SVuCm$AJ-nvvtwmR>rc_LH4><9!UH3s_uD!%fPG?U<lGPAmu#Pw3Q7@%8^T
z><qRe4lbQ{B|*;<eqGe`6&y9@Fvl~8nOQsFANEL4A3ZH+Y*J?Q2TKzHv98genR~7=
z3_RE_-pPFcti+!{s@<oPx3?kwi*pxJKExBL3gin+(M^|xjTL0uG|NM_v`}EPt&myR
zY!Dar3^w9tadWH4DN2WIqL+F7Fl~l#{R#{1E*+fg_I%@AF*o3KR>6e*saM?5psTZk
zktO#rmC*5=MsqT*9gnou0$f-Bn@sbr&o*BvFRKMA`+)bauMhgPcLMQ3mLn#DL53+K
zwT`iA0F=z!aqHid4jhHOV(+(v$d=($VnPBHN~o7^uI`R+N{Jn(3}zRsZoh^?YdQTz
zwmHiPt-)fLd)_9B&*BlAfm1=8Iz8W~Gj-E~Yg?cAyjmwBy)hB4>Fa}zscqOf=o>J_
zIydI6iChE*mlFgFln~*cNRxNe6CMFlvqJBHmUjzG);kcIuVc8hs8DfjBDJM!(_2BT
zXUjpl*d!h3^jM#}ihQJU`kW={0sw^1r2<+`v^0juWy;EWm@~rgCw%Yid&$1gy+{mo
z+?Uru@<;NZW#8@W0^@^#XjTFLuw1X2pF_@%r15=aFnY<!`wC3cUiJvL?d=E+skSfl
zkdLfmE@9)f5P-r8li$Y<$VEq=p1K>zuQCxWFkxECIbkf?8``Nh)7ph`LMyKE^L|LU
zqQgobr}Ok+tBX-`r7V5a=;)}AtbvQjH^UnqqWb1v2aFxwvxKIYlt(PxsjXFYaHUW%
z%M#S@2>8_22)f(@vKOAUA}q*fBfH5o^iyi1ffFB9$)U$q&QD=F>eD^J^dYqMadMNv
zF0tKo1x)gUKNM8%15_%Uh<fe&?zuio=%0WT5jRgR_g$t4*I3G4ChwTtky%y8+NeS!
z{zL`Nz|h!5gNgViT9p+S5yG<r@yT@}`ImEqC0tXFCtso{ke$Lyv$mbJe^H5L3@e^_
zf9<a%acekfHV|sn`}|b;Q(N^=tRjnJCzSQf<gE#?MY*p05^+j%#j#-go^`j{5cobU
zfH~Xk)+5Q$R2OdS83P^RP2|x9j0#$`Xa3|7eq!w1r@q%=JQOEbxKP7JIUa=rF7uSG
zI;>6c&iJRy*_nQbt<ZuojTFE|$0)NgS2*oX5XK%~RLRWAk<j4AXXi?k9;uJUl0CO5
zy(?;^!aesOevfTS(4Q($FpZ@j4EMTex@grXUQ*W%+V>E#iI=GSL(}Ze6T0pW8kPLA
zhwwQUcyN24)YV=i?n)A$xIFzlSh3>xki;mLC!-z~g>QL;CL?s{umUZC5F6xhe(nEV
z_ImvG`mN*zpVhm^r?~QH;`7q{;uPs>($tznOTv${I*3giTRR*jbVP$Uv<Z+=VmOX<
zC_t19J`F7TX1!vkm@*Va261<XW5fmHEkL~_X67OK$1p4XM;di_6b;r4$4%(s7TNu6
zUT8Qs7x@u5Izss!*C+KNnInu82%%y>TmWVdMXPfY6npQ&;KG{oH0Cl+Q93HENR=)O
zc#2||Qx6EOF`J63Q0RB?>wne(Q_b^>aw@a)--p4L(6L6G=HePnE6aW6Pt;dklMs3?
zu2sQ5PHWx#_q`dKBiezAf^lkHjEQn8gw&J**KpTVen!82O<(2JylAd%zC}ze8vDvC
zGi>tX*uu;;)YyVz>7*4(fghHNXOF^Z?bn|;QZw|v6E0K{CM^sO^*;1Kj<}-P-;*iY
zC9>xBe9bV=^wHFFgszD%=zklVKw3Yit1a?8?Ix>ne7#2IS&^JH!%rWu;f_~N5V{&>
zXGLZ(p`YU1QFF}nnBp;Mitbkieg>v~afY$5<;bWP?a@dRU3)0<#7`W<-3_JWG_~(6
zrp;*o>lo6Ob1A&2!S0pcgO_X~J+%eoc7e@|&I81mU{6Lu${RYLlwG=+0?5ZXOo}nE
z7Ubb#3GgE;Hxsl){@|0Fz-iI<EhTLnKkXc62XJBw(}F*JvU#d1YB}&~eMOy~;?oDJ
zSlne-tiO75W2qRiYxvF3$;E^-XI@lGe$OAw>}2CvXoSjkEIsj)#9%>LwC?4bYgio%
zy0EEpbLm%O!c);<cSM#GN9ewh{#@=>Z_N@(%SP!q&j$V0Pv;D`Cqq%IOn4HldunS%
zifAG5Em$m71Zpsewr}<4=qCaft8b{XV4+^tzpwCHPK+#hH}D8*!ZtVRLEH^`MQahv
z&a;mvzg1t78p(1WD?0yGUwH2jsu-mc?R6?x(hGT~t#9EslpcWQA?$F^=Gb!}=v?oF
z!f&2F0^k$lQ67Ai-q|=#=6e$7|FZXX>kI#o{co=a1>nW?q7qBgsVH4<?`+A#!;@`x
zuj}PI@|V3O63U^9Jn&dGwO?QOfh>w3A!~XDw|6ox)n_nt++O!-7AMtem<UL=y_;5N
z=k|cw(sXO)gh@5}Lxiq_Lp_gnXzB~dfhiN`+`h-Ut12!$Z1wz~FNUdYF;0BP2f_py
z73XueuZm!nxv0j?Ki6kimQd+DWDa|_tQ-7h85v=}mh7XHqKb#{z4oD<-;5{eBXART
z!l6PCqT$OE%fC2qsA(0ra*15B-!2%gJjcZ8NWpH$yuZ7^qHXfFqR>m*<WlStw6!_{
z1{%ZvfGo^Omt9B&U}xMD%dxpE4wIDlH?nV52ngQ?`Zf7aaJfKFvE!P?Bs_#B$B{(!
z%3iWGoUpyJzcbL>?g--=+mK&JCErBVQWfmjUj6<$Kn0mU-Y1`V>7A|^ld3~0*{pnc
zaw7HCz@>mZ#V*ahshOE&tD?atTiLVTQp7DD;=n&k`c70oy2&(CoM)lfpq4ek{)$N2
z`zfuqe?DJgN7U%gIzN1G$ASzfmrnY7w!J5u)L(g!J%5|?f16HpH2To9Bu94T96nvu
zT8kPKCbKJOz)&!nBowk(%d(Mql@``SZ$;AQw8s=aNbvLUGkFc6P`SPW#zs3M;a^Bi
zxoP!CW!8$Y|1-z#4&p(B-V}-D$KJL=ER-Xaj%sKiS;Zz*EvL4BPbA7_f3C$`A5Ia_
zI1YmLvS8_%-nd;(4vu(vAooj(PanMN_^0B6RB}Rj+LzN0&$KOD9~XPY%)_W6ShaB~
z{q{GAMI553PVR`8cL7mx#<I~*8-GQZ-wRZ>UOad1%HCQ|bE~)Yotsd)ixE;E^1T*<
zl*#n@TI+oy_0Otr<7-cOb3Ri2#6xUh^aQI(=qn7X-uqlydI+tOgTsWny`yj6TmCm>
zEp~0|L**hj%k*V_ePFZ5s;UFQea_ee@#ClMr8U7N+>vMf>jNw58NC(a4nV4zwaVAN
zNiUvLT%`~rw+GXBh5uXrIhA*)qvL4vubUXfRgs>MGpJq;*emDM>w@hlk<ubMI;6Nn
zX;k^}!}IZ-5V<H5m0B4D#0Mu;ObepFIRZ#!ZNuj9HD}7}zk5vR+oE!RfFG`p^wjpo
zfSpRJ<{F-K=DL1KN;`y%Vw<#DH3ppjMV7n+dcBLCw|?F}8#T&iTCb6tHXFmp_bO!u
zq;E%a71NqO>i>jmrVP+V<s1;fU~+30m1Xc&WDxJu_J`2gE8G}K%dA{c5L`9-uW3o$
zeFs-c$sRasrE>kiiJ7$L;+0FoL{_8IKEOJas|9V_Q|`+mR?uWi+VfO5u!O3Fp2P}s
zT>gQejEUUED|q{>(wEP*UvK`txh4m2&Kqf<yt+~lZguO?M)SEDH&vqwubw3orZYGH
zcm|uBU10>!L8u60&lkcdxu?7KpZ5w!kPQ4GjX;*gHLl46^9oAc{%4RCy@!$n4ob}t
z@p<|OQE2_kzQF8Lo4Lz2(5O2q(slIOHzlwZ&uT)nq&GYBRV=W-*zr+!^}l)e@-ee)
zMo`m!ZUiSxZOpwFGpyS`yqdMv5z<q9)tJwhBN<yX+Y++j-g1JReA%Qizdm!HeatRI
zjOBt4Q~sMbn(<k&qGZFiU+-wC8bh~zhEAggM$t`t+L%C2wyF9a#M}D(N=;m`$a@C{
z@MZYJ5OFW&=~IRH%}5Sk#{iml$tr!eX9-<NQpB!jGq%fTSr8e=LS)(|nw&(+Tt<Oe
zfco?P*$$DWY`nqmIH$4D^$vw-!)1}AuZQOVxM)2KK_2N}=b}%Fibg~k_{TEvuy!ZB
zPNwxefRkuVmh%c<1S9snr)=S&wD0JzMt?;_SZnI9nSZN6EaO`(y_NG$HE0JGU8g<Z
zuqc8%rm~5^jjX#Sd%CKGRQ?1b7LT3Zb1rkeWf5cFDf~pqcexG<aSGbJmvMUOwR8(w
zCLcBIpLW^Ts>7E}?pIbONFEv#4RPx!{>s2tuQ=b?+e>RFrf#W28%)5G5H9E+&(D5u
zd$1%$0&|Z+w!RXVBlWS~coN%bafM5kNK=PIZ6S@-hkp8?V^zbjOX3_I9U|)Jk7TT3
zB0iPH8qv#W88)`@g_DXkVpn=q3<ZK%m-LmPW@tSt+;iJ#rDs$zj6vecVy@gYDOjFJ
z77l_nveXS`*R)W!cy}zt=s|Gy8-D@7i}P6oQeniOWpMvOSQu#wIDc=u0G`tWcrMg<
z<+1s6uDl~|^{er0PqzVk{9f@3lj6vz7S=Gop)391`R`W!YW{E^WEl8ZB`#8TX!5Qb
zD*b!zVvgc<J=)qRMlSjksn`V(qzoCny#8Nwc2^=Xq5cAKO9tUUqm*6~T8gzn`5*1B
zEFmJJmiSHI6V5E5emiIFZa!E0nPtWBDwtEPH9?r{Nxq&c&2a96e9NL)jUzFI0y;!&
zLHCE>MJOG4RpYOTJ17&B73uyJj}LF=+1m3}g-#gyT$!ig|L!Yn80Pio#)z^QxrbO`
z@`s1AkTq0V;GZ^vCx-*Q4!S+JY(TfF<y(DYm;_)_{*W_Qp!E;TS&a5rAALzdXr9A8
zL+e4uFH2A5-=kima921qb4E$<Q|CX%)G&g12dIrFlje$U9q7T|hG@o@sBY>mrSI9(
z#rx6DvC{MZCWp$@TptfmiD%mCbmfy##~p$s!n2;q->DAQwjA!MZF`DC)!i?CQtQ}~
zpm<U>G`9o{b>dP4M>^9*O%7x@!}M{6(S$DS;LN*gD7%{kE5&Uh%C0fI<ozYOFu%aL
zo~uzvW%Z^qvy!e>g0LJt{d_f$l1(7889}n%ZTql>ZqRKuSzJ#Q)WWUO=TIqS89J?q
z)nCjsth~$EA!3KiVfm?dEEuQ>iOq^5HOhokMM5y8$zCeV2z(y>ZdEc6HbC#ePKu+u
zy>&)*P(0W}vq!rhw}BO^svO5fmEte%h$5BTwRIPRTB!@?zrQN?dvf%wvqi-Y>Q9#h
z8KhGjDirm0wPEk)NJ!tpMX8kNZdBKCT;V*VxEQ@}JtIwnC)d0)4?l7N-z-K(uHLO;
z0M=J}OZw0e48mlL<&U#oFUMnEK9*;bU$^D6z%H5oX+4hW%^-!`INUE0XhEZ=vyHNf
zdmpT_PHCve`pF`L8zmTke$>5UJnedzr#KIH&{=fXLUYwn?PfXrye*+Bl#cqF-?K{k
zu-)o}l9&B6XlR<tdO8*!Bj}MPf~V3p9_orFJ+!E44kd`Js)}@12FKmzrUPB=gJ*H6
ztHaN)b-<Y<OJ@bfUbP1ws+!gI#hthbaBBoQEGyOglTbBEXHqDlody9g8c4JE5dSJZ
zs8g)Sp}H&m5`#M0#KExdkYyM_ICAbT%YzDOH6Q-a<Oid1PP8Ga2g^xgNmf)Wq50A=
zW!!f{q<T!pMRPcFfF#P<SE<56k5oK*=3SPk(A0m`q@OeXR9+g%o$feR(j);?4Fk?U
zbe*`1|J(p_sQo0xPB~HIB+Q6hXr%Xt?e{`^!Ym<pjj4ORi-R%Vnzk+0CWet--+l0c
zqQ!uu)$hY*Q9EAlT1JV`6^Jr+<0s!&u~1VbC>h<sAfVwL5OpLx$NiWKB&`cxXxu3<
zyO&;nrG@uubMRd(=_m@}8m)}0DLkt8IA$)rrh!!LrzMDI3+<Qxpf0{Uv7x8^_4-$0
zS8j~55YQ-rh1Y1f9=~bj5(?=kYl?04K-^+CWj3;1IrfcHi|UQ(&>00cYm(~`KMt+z
z;FvDViZHQ4?(5pmFXk{z|FS*!T7(`%rix&2LOSU?b1&eI%%xYkQq?c9RbZbZ#9<R$
zlL{qV*Hjsav0JJuZXh(MQMtgdiw#wHFsb$Wvmj=uRet2N30M*klbvL$6I<T{3IS(K
z4*X&VAY8=Z$LwbgI!_+EKk=;ZM5c{=tIEfuO80{z6_)olpv<^UWeJ2sp9ZwH<xO{j
z8dt+*DEiDH?dGSZ1aW2y&Ys+%I@d1?i~f)--o$^M{n+QWwsiTI=b3za5e@?I__w&J
z<a?ITxWM{npmT75+ptTRuzb|c_DQnD@O~8@?nH8E_X=f2M+p44tsi%1<5+=`g(|G7
z#RTnkB6L8JuXrbz6Lq91H*sC^OSks>$ZkLWF1q~weciQW;hhs}HkP-&f5^VRu^=9{
zi3GsBOz<}Eq!%ZHo#rd+6V9P{VUca?*JT%^SOpK0u&Gl4DqkGB%drb!u`lg%00?8d
zyH^8l$H0(>L4<6({&QnEFk?fg5~Xv#RlM8|Sf518kX1R5l!wO2qY4kH{sQDS>zxS*
z$pW6QMw9AP@8g9&a?3NmWpwW?HJuKpW<pbNfW-S*`cilB#=LV4+PHicN5=E5udN-2
zbZ;>)I#&fwD*U<g=j`>8?$W9}g>$06-)Hc>VugVfY657xVQ7Ly`a?HSlY=jvJ%)3^
zwuYOlJNPM_a)JN-nx>Q3p2uc+4Lvm~-jq7?C=IV_TI;FY1ZUF`t|J$4Gxm(_W5VBo
zL2Q4HusphISRC0Qr*Xd%H*(>*8{IZyq~Pq{dOeLTSwQ0(g3tR?kVo3{6n}cTsof>H
zn!R49foIYHv%3faj1w<B72^LHWU2Xv$``5Qk%2b?9Hcvzne4DfpwVFt4!7TSjMwXx
z%q#C~YTw+!_v-ZWV95wMZp?`_G~bC&lg%2XGhbPP+pY)iMi&S=o-mA2%)7w!=XXQD
zLknVS1YM<$;cx_&bQY;IZcO`)vWP;ryF7fOSvO#PX8*8`Xi-t|rhE&(BZ9!vki{(u
z-0vt|op77H$b%9RjidqN76=}~Yq2=#aq|fe#eeY0RmVxA28)0L^T8rpaMl~%8JaP&
zXw`cwR7NaZ_$h~nS|JF-R+~wM{8jX!-pn5Gzw)0n?R+MM8q+&ZE*P)OMMhIGa@_+1
z=mdkVBQHj=**QeDV?@?_Cs{)Any8!5(3FEA+SB!J$bwb`npvE5Y`;;9Xjc`JXc3y7
z<Fq^tO~}0Avn!TvF^nTTH}<d2MHZUHpD1m5)4aFy&^>b)O?|P<z2t)3#uXQt-fPBv
z6@m}ZWJXxxuzYy|udfJCwxlVg;68XATt&V$y5bp7DvCLXM@~J3S+OT2j%NrZj+KN#
zfK61%pzpcTfut%ct#d3Zhp773)~QAR4ULYKu$8|zLpn^h*s{%1v=cWXfDjoy7mR2;
z<23Gk1Z>!*TqsdKY`;ZkPvrbA$fp14B&@MFz&xsfefw==I1MrE&o7CQ92^rg5ZcYp
zKr0!4jpE7b3rgw(Ss}ZJc;5}wwg~do57GvIDK5r(>vor;OWFQ|LV_33iOh#v6De@X
zZ|WnYXJbUbX^|_Z_jIF;6l>2csCh0S;w}`rRANTzFlTb~L}qnWr=<*nmaZG=t1|zQ
z^-Cc$a&dCr>C)M^k#0VWC0maHH#%<?hmeRIhk(YHwO?&n62s1&r{J6bqYI07oPUHZ
z<0s6ed7nvA%^`zbzdPoQIh9ad{Ij3J6SkY8`-ye;m`sBq`uXjalWEi%@|uBHF?$fX
zn+JVHc8G0UR!QND9{<jfXIC>DHojf_sp_|pwK)9{$hplXf?IAY>9d%j*xfo&3V8_!
zx<Uud$n)oFT1l^Vk55>>yf#n$7+tCei{BUIzwyHcHt;9Raqzhx;&d;t?mp_sXZ%=w
z#rej<onB>+&4?MK-k|G5Mr2RMS$5%o&PM`D!c2IniJcuCM*^zBql&52Oo%1)V6^>)
zk))?)SY)O<v)U9!5p3)vTRN!5s~%P>K&KfOwA3)u{_kVn3xPkXX~wI0CPx>pCWOl(
zpiAP_UOjPYxZx1<A8V8XRm3wKIlbKmWXpK<o#00eAlyj!Q3RGR-;FK=QkydO1Si}O
zu6uwlo?PTsJJB5W*U2*ciEP+ggjr}o!aw0@ySX5r5I%;y`3s)DRdEK`C-zpxk5c7G
z9U>ob$k{YAL7d|3`6FZy9RNlRxf21rkWc>vN*00Qkcuqj44%)IU$cb1c*h6cnzzcP
zlsi>{R6U{5zMPH;#co2Flw#7gz1{7na&OP(M&ofGwc|FCMAZ!M=l}aPjteK5^cTi5
zG5tKwrTGDpBF2zu8JKYvHS`scsSyp$$O|tnk3Vn%iv?w8{D3)zxBa)YS!;HpNrg}q
z9xb7>-mVBUB(+`%BaIklAsHFfaV&XzdmFnPQTfEK*|vDwrowlolZE5YNiKm~yYJ@?
zm6*VG{yTS$=PE&03=>-X)2sP!Jq7;fMW6mh>m%=?>BYPr0gS;<8gvksNRD}y)g@vx
zBNtCvUw>5BnK96+R+1s}^z7(DTG?f{h>Q2ueKQM@x=+!4Q0@T_b!~-(|3Ga{IWmyF
ze8M50^Oaeq>m{!eeyWcj&zDzTNj<9ZDG@kX#>pq)rmjryWkY5Gr{H?nN!BbFHHPaZ
z(CtC|)U~CiKb~!(UphOLtv?tkCyb*?|Dl?xc02q%u9Xdw!F)uBlE$mx6sOv3`DPUe
zJ~@|G0bTg4<UZK#KKjyfbV}~Iy=A!X-5cei`WDqZoLy<;9&k`Sne_eIFknc|5g4=L
z_uJCE1(1BAD`F~p{9cM4OB`*)yLax2p@AuWJ@p<B;*G+fP%q%=_C@R;=FltR&KKJ%
zEh7q_cc1Pp8lbmUrjisVFAA~+wQy9!C~$)8!q?+x^Ib0T{;$DW1MCVcK1YMpRAJ#z
zV>t&G*O%?xJ*Z^zz#p!Kot-@w+PrLo+x&{hB@kZ0wnlxowA}UEiBY7po9uHN91%_+
zdK9v@+C7k)6#rEl`3}KwSeT^d6^tvQ4v(+@f;KCIUoJtnz^~U-e-rMZTk(TdA8I|n
zzoNvn@rj!4uXpJnkb<Je@Uw%I#={9Vw3BpFTeY-4f;a3JFB4j|2Ml^kP-CuL51CYu
zdI;c>npjhfQ>b02Kth{4a#K{?P=_N(Bk~z4F>}<X1QrW=US--Df6#h~h@r7$I5g=E
zSG=3`5)5R(@N$vr{^I~;rA;s`&RCan8^@_zI#x*>qS8i`PpqLrn&s+-M#5_FNfu1i
z!w+LIczNPJSVRNaiDUHY*Vt{~EJl%#8Y07~B~{2P1t2N;%J7v;>0>3TINn{D04F-2
zctcB-udIAWYik^k#-&YRz89+bmbZQW%*v%UobS~nxf7hA*V_fExi7z{?4>%2Ct)&t
zim@qH@RER8D17#RfslGH5Z;H?W6{Zw-rw#<ZzGYik5oFF#+nGXqV|QLN7=Q3#u}+s
zOq)H16IW*^P2-{$MN5ccoo@5z(VCF6{8U)j%;I!lhVNBRRN+86sv}q4V00Q!5>WGT
zdV7zS@0ydok&zJ=;zwqnP-7s$lp+4+)H4+?M9+#McG=dvo$^}{ud}|Be=RIuv4u}D
zyVMc@SRCcU@4>vV`4toh3fN#Vuv>6(E}6QOjn{+f@g!<D6;2B!2>|v#?C+Nb)3zZT
z&b6BU0xg0r3e|jVVC<eJKwSNz)B_Ix>A9ZZkP*N{ko$&>k+3{+4H!~}6Jue|UmkDk
zDUzgWGx#^$l9~3S*ysU|vb*b7u4Bi9cAd=p0L=f|l?%r`jt0J!X~b!b4TO`^sKlqv
zY4r9iyj!ZztN)^U+(lb|>0<tUG9!nJd>*u>Z|CQJz}C~WHG?;)1oaKPh5Yd(VE0fe
zX&JG^u~3Svg^WBIsRyW^#YC$k7P$`NrE_T<l>aPLN)U_;y#01g9r+IzAiSdDFx9_D
z7QbtLBfoy9<H3(~Y#J7MMChLVhdC6-2A}0kRax-|QHpwZd<Xoc{q|Ygt5Bt#suoJP
z4p?m0D71-d0SQ-5Kfch<z^^J-y&$&WbTDaSd2Ec|`vc2#44<bQ$7vK(z%M#BalE|T
zMX&I^YOsx$#B)|z`r5Z;h@I+A;zfmdj7ohRQ4d(MS>miLe&aEs><iGlsYf&r>idce
zXq$gbYfqjyMkoXpRnZ{F<42yCtcJ_Y--#cGfdYfsFFZ>e8one8v6Qw<6c%?YuOI)b
zM9mu<T=ah+1;xnU8J+#BOmLibv4vKl3{E`|Zr8FLl^O=)*|9f4bs*NMXosX>Y|bi{
znEG2y*y}0ueNS_t|6r3i!A{tRmk-^A9Z!EHRcmwbO3}vRDo}~E66=|c!%bC;P{9zH
z@*Hv#-6F5>M!Y_9i2S&BY4`PVlOi)1f=hzB_5AtstZF(7kLsK>;e=9wsX)#7diT6G
z*sgEx{Fdjk4Ro-7gp4wRfJx6t`3!cc;Zgq)k8&tlT(*|J12JLgz_ocmW$wV@=L6N~
zbk#yHr;N=N!CSlDR;Ny3PY0+i-;ZR<82C3or}8tf3R>O<89rtPi@d%X2ZMNf4N-Dg
zSsBuJ?Zg-sAoOAg#m><dNvOEze<uifOR*huCB!phx>IABK|_#<ynJh4YHKg2c~`6o
zzbdp(HUa8&4jxtbhe~Sr+LK1{muov9bvQ(})XTl{tdY4@tv`b33L1-_SaM_Vh613y
z3NNWQXL}5)P>KQeCyq`)$$#hFyLaHe^%|Ar4Dp8q`AN08(oCl}5FA$i|KRDcuEA06
z9Po4g;S(lJolJ4_jE{rl)yba=2tSn{UgFYVQIHB9ahvbAvSVBiqHIcx8S6ldst91C
z&psQRFt`7dYQdqezw+eulDhAZa}FKR3rhX6zszDg@1TNCuH3AEf}9Q!c<YaU?c9xm
z3ppnBg1Rj_)L=fI!XRV$<s_3x(yhM>b{)W#iAL8^gj<h6Z>&F^-ncim|F@9e>fxCq
zBF&g<t?G<H2XO-NM)1R<y7dNub)$go!<@ta1QgFX-Qgni-#<4JpryjMuEIg%RRHC2
zxFPKt6J7N0<<SNR%$h56fqb#@8w=m2ixXuO-p4X?5!$H2Ll(hpBh4l5^2^m-5H0C<
z6N`Y5%3>k#e^PQf@BNRIoCAuO|3=AK1TcE~|5v0O{y<X1^#4T5(Nq)EK1tVva52l_
zGJQHk9H<a>WLW_NsdJ8+5h+@#2M<QPf+9ZJzDKxA3EvMamqSj!V2yH`^{PZx4ehUD
z2H+`zgFp5+%k!Hco|<|Iju+@WK-sGwKo<5cjF<Q4EN-#-SQs`{RvrR*?Y%VZhiWsb
zJI>=&#9J`->43;Cm!{pdW9Or4*z}_EJ{r9QJ28H?Jc;7YcQLj75bydbcrsbVX_crN
z_qMJT31f6h|4pP7LiZGcUY|s-cR&%O+5~3eKG4gY#wl0pUvvCs9)AMkdXNQ8!$XuN
zubZ9D+%xzwqEgY$o|)x^V|0|kCx{L|A3t1|c9~KE#vye#7S1%tbWzizIO9l(I669x
zMBU=Gw2<Q6&QEG!tC6|r(w$rQ;z#h8<AvIn!e(Y*4|=U1&!nN#t}?i`sBng})b`51
z3d^o@ZUf5YLF>JhvEa7i)(T25T^2kdy|9X}xBX&;j86?T<G<>UUNOAWr8dLA%|l>t
zFfK5NJje3O<TB-|$r;L_N0lra&Jk((`4^X*TctnTsjT)etc>3oKIE=S=vr-6>b|6?
z%qg+Rplcl8Yf!n}soKDW*6tyJ3OSEM>P(z}esisTgeEWviVKhY-|}qE8T`NJ*+`h|
zwaZX+arxjl<ENx*E?TD_(CJxEZ{7PBG8nS-z~iEmW6zgmpoRJvKa)k4MD-t>Z=&1E
zt>|Ht!DE47MoQ?_B>etwcsJk8g*`FG#r;JWR0+&#&NHN3#}pPV?Ewb~s&{mzF(lEp
z2)`JZTy4Bhmgq^%5hL5f1b5~PH*grKq(!==o9?2Tfz>Q7D{J8|mnJQ5fxqZZZ?y7#
ziF)FM<5`ODyC9vCSkhWVt!N61f<86uK79eR55;xb%eBPfNF&bIs711H^HWrzT5Y27
z2obVsIspDCwR3eGAZ%L^>^huo*IJCXO!uki>gYdqJcD`z9d)Q|M@)*CB$_<Cp4=*{
zK+mcuGKX<xwHNUXH8G~l!@V>6kTZ1}t#iR&i5yx)G$Bx$;+`%Wue@*{!bWA49xLU?
zx$4)Lsy=5l*JLe(Bo(u)VdKsCL!yl$v=nsohFN$yRH3{+c`jc&zPFDyk>&+jTRDIH
zQ{(|5szfK$w%Hr7a8n{<{NzxsrD}+vN4iS*1K#BvTExJcbr<^IV;=+=wWowKj(bu>
z-BF9mLIj6T2OT`S`(Hl~_z~1%Z+@_Tiat$LS15_Lx0Aa|b&|m}&3O?MGMzuG(M5kD
zbj3vz<6FST>EMYH642_R=n_=po!twXcArqBmt9jC6uHb|=r<<*_fz66g{}d#_Uz6q
zFq4=gHy@*&c;OLI^!TK>5_a?V_9j?*Cg#(j1O*hMhCUw=PP|gGYHebXq8Z!zu>Uig
zvv_UBz(2~`pfl7$hY4MM6x&f>^*2qq#fF!T+eX{yv+}SdQlyjt0y9$#UWp(97JbT6
zsw1r%7gk51yTH`LDApswD&VOJKC@B5Ye)XS<=WJr9RnvNDProMAt1Cg8*nFE)My=}
zkNEHx{b@9UbvL)DkL@o320%@A!sZp;2d=I3&HYgLYnw%i1!_Y>m9kH%rqI6u(Ok<e
zvr-yi3L|*=Km3lL`^SI^wyW070-STGmk$h%eFv0pYqufU76DWXAqKc@?wfgy6f)88
z$eWC>(4~)f$tCUpb~f)APNSo=J>;`MS@~I6Y$V_cCvZxd=_8;j{xEWf37dzI$mr=G
zqKv~wV(Qz0N*}h<`J6ShkR=p!0XzD_h$uhcK!#g4NAX948PhX5(MrH6xrMxg#Tc_n
zV_oBaXlN7zyW7o&{Se!O14z~VA5zHw$g=^ej~Mytie&i<(!Zgyh$O>*^$e9VTmRKF
zsFs#7H=Pwz2iDO>v~C>m!;Qw1q1wp#LrbiJT9^C+69@hO*zyLd8T0^SUW(<Dr%{@b
z(9)RQIS9Ximn8WpVn%^UZSaX@=p@t@kT>w?c^v7Q2*&H|&cp0Np}=!yYim?GKxXRL
zPqQs!Mb1#ySl(sd(lpyE);G$67m$jsX>sb3L&Mx{;~QfYg<<NX4k1q)yjkt`)cWUR
z$@4FvusQhk$bD5#&b)x{H*(aVvN8_~+tW7s{6=ZdPZ0b}*gLB^sZ4K*U_K`yN<#<(
znaViU{vn=CEPX4Q%T^AY0@69D<Ua*AV&X8{jlTvwMu7UXqIFF6bQ{tV1yO15t{BiQ
z3in01>%+QD{ddkx+0%zP7vzXDikt+CBa!ec?a+GwQZAH<xVE1|7*tjNA_~bhTF>Sy
zUCpSKQD>JbLdS4YsU0r}d%{HpsRi#;Bpb6{U{)lF`%oox0Mk(v^#^GE>F>;ty4+z#
zT|?vI;k;8e3GeU#Al0&G6T<ua7Y9X7J4(uYY)~qG2kmKw3ddE)itJIT&f33L?eWG$
z(Kv~8S6-UiaZBsA+@6~3>&5nLkAWe?iYvxSdqBa7r7f%Be9cp0lFG!scvxCG%k8Ps
zK})@)c#`AJ+a(illPrD7{*gF%-i4p^;hZF%<_!O263LOX*5{|$gHE&6L)BkyTDBdv
zSpZK}RI@fvVCo>GOVaP-#@nPnMS<CM5zKaJH&$?RelR=z@<!gZeogN6G$u5qEJJSc
zDtv*L<FgB<04jvB>h{YZ$cQ&Aw*`Opa3&0{M2Jv6^pzcyv|LAM<)k!YJg(aL<HwJu
z<Zsiwh2+vBDE`YxiSxNO&Gm5iss69ZNvt(_<q%QLxYl{&JpT$vh_a`Vw28h4)1Ma%
z^E|?-S-(TuF|c~l<M!y0se97awqe`O5Bx?RSV^n{K#i7+4L7J6sx{$+L?TPcoX?M~
zSAXsa2G5G93Hh{lQk^P>)9tL>++eNaTmE-HWa;@=d|5-+zNFpP{)g#82po8L)?$7n
z>Y6mJQ)|m6?;+?a+pvVDv5;l02cBQvMPH(>VjQTneE)lKsPA~5f>G7R(;5mZPELau
z29{n>V>({eYx%3th1rc{Qa?0${r3h=`2Uz3KQqtA=~i4q<aLJub1OWUwZU6p_|_FA
z^i%`r>>`Pnn<K&@n77IyI*B4>N@(F~7o=kEy;Nq#AyNxk;b}-Vh`(kgyp%Qr`qMj5
zbDE6-vFf%q;{KKHKVPAHLS&)7AvqTP=WPV_Put-aUP5u5BfjzV5GpS?a;jC%a^s?B
zgOO8F+O0JzZrVwQS_is4bCvJ7EoS0!cTptba@O|ci=yFsAn;;W{Ku&qY@0$G($=pt
z5}3E^eSO|Ds<i4yt}5za0;higf}R~R?dpH%oSfdEN7Oz@G}CAZU>F&e-~qbDOa4M{
zb)=;J7i(`G4fX&3e=`Q7EMwo98M1_|*^PaR5G6{8u~Z0=ZOEE^uk5=>QK%4-Ek<^g
zNEl0~#Mo+NyPmJ!@6Y%9yUz8!uHX5cbN%-|=Y6Wzyq4$l@q9dP_xoMqzwZT|^0h3m
z&{-IRcjcKdai{)%>VM9;J{)ZO*4La3TqF5dd}G<(R<#)1Wb}EV$HQVIya$OWHdtO8
zo{GHh0|t)zZ8{&6a~O2amWUZC<Fbqt7S+B45~g!OZA?fe{EVDf`xlRiMJPpcSTd<B
z`QH|7>dldNqw%7P9L7ZHBN8b}m!a_|h?9S=0!C1a>YKD6xMa~nGQs_QrFqs$%fU2*
z<{CH4EKq`|Bu&$ETmVF_{KYH&_g9N$u;n!%8{+liv-HLOA$m1dqiXl0JUb;5Ql^UA
z=Kw!w;bD~4xCBo0mPueuWutnUwZ#ZyM&h5*a{xvrW?!4HFQi_$U`6_z3+6rhOE5Rh
zg9u>4iO*h(QdQTX;yWohhWe@W3!@%gKb|ZB4ymT?S_!QgiVUF_n~(>@Hp7N~VRTCx
zfLXm7y{3h)JLJFts=Ll4*`3D3TxIAL%@?~-FBFA~#ltvs2975xVaPx<?-;%Ww!g=P
z6NG1Fe-Q|1aQ6rfS~eG9E5XJ$Q2^q(=_%Kn#4Qw`tEiKDSD-#|75-X-1u3llfK)bV
z@Wf1kdwv4qW5}!;2J)#r>dXv-!BI2}(KyhB4WtCR<S-B{H1OPg6cbf`_b%@gSO!t>
zqARqedqy^j|MD?$N-aE1P1>ceXwrj95Av;Y;DRkH%t8inrpKnS3;#X5=kH@z<IvlG
zMSELggm}4;@3x4|2Y~o@XYPgw{@c=i5zn{wmk9tj`Vsm))X_%Wht{GKpM#~$(L}3A
zb6*i2&$un{c8VEirDFd)vaQF(H}#-~xmEoh344F0336x+tV`>29J~#Tf4sI3B`&=Y
z-8KXzHQGf=n|Q|mnTl!mRrSMsX&U=W#Bj#@#jYqpL`>SXf27Gx0qP{5QMC3e&<pmx
zvC3ibNLC=8F}mOi^&frATjgu+TODy5=>b{_MedrL=uKL3&K_Evd)1~jBC4SqZDEt`
zd6#K8opGu`>U13eIzf10JAd7akI{<M@a>Acw@CFu%rJw}Oy@Vm4a^$}yw|yCOmVqo
zn*)Z$kT+nl@(kTGXEf)3O3!Qo3LtP@l#Iu0u2!SEMwc|e)0P*-22*VV1tJcOEJd-q
zybCEH-Z;m&{<=<I74siENJ_!bwzp9mfAJXhpKY9y?BK6*uRBr2xoe@%Ac_{&N8&fB
zd6c~PJbwq{k3nM{=g9R~9aMu1T{k}`{4#Y~jZT=MuJY|wo9Dqh*C%~l5>tK}G-9|K
zR@jci?ARxAlgi};jV;(JOCQlrJ!boa`f&#g^Gj*@G{f+(?x@T(`TF_}0KHy`zKSKu
z^*nbLm{f2-`f=I{q<tarabjkY6AC>yl5^r-ZF~-7@iAxL0qE4<LA^QizL6163=hi;
zew)T!h#V#c*P+&7i9wCy_A~kP#*hsT3U<ui$54}TP9nl5ON;?ipmZhCar^s6lZ0ps
zMD)9`^Ssf~u{S2d&Q;_gn4VIf?{n_Zw&XO{NyGaUN@9)HboPv4%x`X-OYvU$v*mw+
ze3-Aq@6QIEbfgkm#&n@gkselvAqywNl^P-^PGWxK8+=fltBF+7N`O?4zQd=d0D;ST
zFGz5G0!<DRhwE%IEDAU{@w}BZdRq692E9LV?dp@S9&-tf78EfollXH!(qlBha>pE#
z#?NH`4!6g;(=kqu-&lBC60u<9UAoxF@imUk<qm%(eAZ#>VOcUID1HBtjvgAeTfsHC
z%u08Vl5+EC@OD?fJg-yo42UHD^-r{`P*D1`ujpo`Bh7uoE$k#*hwg^3GQr8+<8m12
zBSye@^hV<6t$ao%JJ~x>@<j-2B9=qVol^We^HTs7pB$?+7gS-(ll{|~mBmkSEE>hx
z`7vA{ai{DN;?Db0zPXW|<sWBA2P!vJzl;6bP8T22>+;mi1LIDzAf-7A-iQ--oW*eT
zxWf2^`Q+vxUF@_Qd{!E~^Fn0YRN1rM&q?6d2b<e^x+T6q&}0adu1Qjef8z)LJWyqD
zr)^oBOTFurSwO=<Cv1Rb*S!>dQ99I6wb1+1r%$iJh#bE@7@s26@t?}udlU#j&XOnq
zivrd_dbm0ewq0E4NoJk>0Fsar?ekV7qZO+L|G5M)Z*4h=OSjdNA;YrC7&OnC0cjdM
zm*%{;f&$IL?eizV0Fnj2AK1rGd<D=n^@NqNhlw_!bF4|TGGvyIZUN!^tWxjNKOD84
z`DsTN_OSCAr#bcCK$S{}ue-l>Az%hmMA_;_s|3@)Lt~8Fp&RGl06U)FlhX{;oIw}h
zc<?2P#3HjxPD&ckdD8(u5)lmWdwR>pwi<MJ`33RF+3kaj@BnR5x53FGZ3^@yT0ZY~
zY!v!rK4}S<JMZYAgsV#{9l(YzJd8>9S+b2zAjV2WZh*lE$ZTFRDgt2bz3Bo#wkxhW
zYr~H~87u36--u!RsC8uSD|MhXAO8WENSXX8Ukn6-7ner#m%vVY8zzz@IK^tHomQ>Y
zLle=FH*a2ho4{`Q(hpFk>@z1iULTikl>yG_EqoEe1V~!W5>xuC41p7d(Fu{+gNkW|
zavuv{es-O-5ZXERngn7Sk^6ut&n?sl={a6jxGoQW{B@bu!0w+}M%%E6Wh}1-l<8p6
z&<WT3QVojU1+N}icmS9vU`7Mo+D~yrrn2&WJa@6?(h08Gtutwe8Al;9TN4lPyI=fX
z;QLOTvf9HUPSb)t%Sbc*02)hr$DMrAFb&p#O>Q3`hwCqzI4z>APa$Sw#&dvM;Z6vD
zgEZpmsPyn@a+Tuf;^+MM1DilJ^movv-2+!V_1f8`&rAD}L8s)H^i1)_+Q$dB2t@kq
zRM>O_U^-pT-f^Av1W9)HYGl;%ysUeWc;VDVW&WVWbWF)UAk~m*!!q1;$o-4<LHY!Z
zmnLZo7L9Pjm*8>JAPzx`;^9ih;MV*lK>fBQ#l(fxTzUyB7dTB}z|hnJyr7H=(?P8o
zzd`le0`#kQdF8A)7>HneIyDgXV0%rTF(R6Iznzx!>`g8t>D1)SIF@f-+i!ZQpCYnI
zJVxnDA@fWzFva}&hVY&r9Fe!TSBM$$T72*~n9ElQ&-3ofE|Ni#9N<-`eJ`F@D^d@t
zM_!w9LX+LU7lo{;^bHDqH<MzWiX(3Qfs_DX*v~-C;VHDqm|FXb0B4!(YdCk*7P^-U
z&~$>rjq!onI5Mc`glSEn@183Y5NnV5^11<Q0<V3G$-FZLfDvKZbpS^8QJRHZfbU0u
z5BJVMW{MmgqFbA!J9(_dmRpwuF&*`MJSxDgJt@8WQy>Dntkd3?1*E41tKAt-VsVIi
zGX()FxZS9XMXlukn89+V`p*gdN%f&kWaKe^y-M+(b9r-`M_c%+;tLaKfF_(oJkktV
zhVfqr`ne(9gJhGb5wq5_-$V*B>z_-9Z%{jxT)?ADrb??Xoh!YcYhBwAX|QciU3S6b
z*#)@ZYwQM{r30N2^9bs^g;2r;wqxUtTG2D!pKf+3X+-C!xVa7u<jX(*eMu5=OJH`l
zC{zCECK!6nGHGn5r3E51`rX(FwTlM7xP#~zVyk0cJwxaRQF16KaOGZMo-#ROYIUvZ
zS>=Z)ad386g3b;q)jOt?x+v;M!G3GyLVp>!pe?<vPv<lGHr5NKERUGm>E}LJnJ42G
zM#n+ETAo}<xcSJ>{EswE-Gp?ZvKcOs<L<wpFeKS4j`!P5G#uO4>KP50jgG_GnD@cF
z=n_r^A`>Qo#!@IspUUtmeZL3LER&8f>a7$9npFblKyfP<18Oc)bj>myA55Ta_T<Ui
zD}(Xhze{Z@W%SrIbZ%5f)zE-oRYA5;^<<cM?Flt6A?|p_-ZHv55Ur>mm3knz*rw94
z%$LuarLuZ&Hu#5Bl#9G=806}YhzJ;W(kAth<V&v2*zzB0&!@A~DJR^;q?seg1|;$8
z+OuwMhi1rYxAoJ751ZOzV>ulkFK>Tm^%(wZ`{bY|{Sq__d(;nd+zQ2Wj#+E8!tK}D
z_#iUEUNOr_sAc<FKrtcVq2;sXZ9mMk5wj6A@OzJVDxf-n5Z*oD82)=(XRkCZ6N7cn
zNlxA(_!t`-+eMmZ-D+E=Yg_(y%kunr+z@upBT9{tK_;E3)#USDZLMjc8#8&vFCR-@
zO<g*K9O0Ds7PSLc<wbb7t*x!sHV^biYwt75iu>GcUV-mzjE_F#q?|=yr74ctk941A
z;=z&TiCI&>jW(&X3Cb)d$Y4!)sBpaF;43ii*+?d4eza-1UDLYQswYB+mG->Cv*UZw
zFHaBB?ua=xhYq3A7JpyHP9AgqVLT@#$IqaTx`=f5kd)ckq4re)K2GmzE?aeGE%9~;
z0(K(^V6Fo|S;D(f?4qzwzaa<~$o;?nwvmwNgF}!RE3B`IJ0>;~QC>06+8TBcERQF9
zZ!Db%F}piMBaPWk?S|y|*~+9{VCXH}GFow#*Vfu)H$9h{$K+h2))LG_wx>^Vh#t#Y
z2?}q5$5g}Fge)$#ur83BiZ~Q4!ef?CICuJIp1x`aClg&sGa>8o3zQ4RL3AC;HldDk
zy}sYURy+t2&C9jp8D3=W?Cdz*tN><&k>JfcKk`0QH(4uV_U7)qYR`4}cpiRvlfS$K
zv3LyT?;lf9T55BuGGM(TZvRyJkF8{4*=uPD30Ap;JEu%sB>S}wQ4iUM1Haki5{NES
z!Vcj^cNIM*93PGK7AAhxGE!hoKaY=0f1?h1QuABK(ZDozPzRwN4B0mHC&u+L`c{Y*
z2I>sm8P(_P3j@Pl1xR|M;NO|b^|OQlAusJE+7a9RcM_z6^k;0GzMTiGAZh}Snt^Kg
ztqp32fq}s(`L5!aqTto~PDN7+o0wN1KG((L*QKUsD}o_A-%m83d2rcN=C%m3@r$oX
zXXE(*3wS<)lu=*j*%?iE^K$e)R#YYR@6XpFWl3EYnY~Cw%c!8xG-d(!rHjyF#)p69
zWQ<HmJ>|<6w<KPfj~UO=2>E5o^vk%7qUv4jmnmaf?i&hGfxjx}S(8{P-l`kj5;IlZ
z=w{V_9L15AwC`~A=OVfjCt!2B7A{yiut>2_3h8Ca-jLPy79uk+vRwQR3s9|NgJGyL
z)QvZZ;O!6%8IDfs6vjsvbl{?IFFsV`kIU9WB10qNk9`_%eI%}-WSjaJvHG`tdD2%P
zLio+BuK?$3EqzokGlH*U_}C1%yuJ@YvMNC99>9CM9@|lks68JiP-~KP%92kHSX6}c
zxt0y~Qn%B<1usj>k=ex3b1H8+LcEy{yaTeqx&nfS?#L;21L<S8Qg#uVJdvONQIt^s
zS15C26qx-%ra@^YP#4>KhYYy!v^zo_9Xaia!rCyshFRA$?(##z;TL$px5En#lEXCL
zgNKqZ(066f`$*IZ&PF-Qi~tOn<vd5)*;%1JPL%xt?iD27;%4E#4NDxxg+`)>2zEf{
z^$byRS5J2vSQ?<4@p&Dhw^CfVZ1?<_|L*kGh%_PQiR{vc%SU+uoCY_Bg`?Q1WWrmc
zm?Y>%VUgy)3O~~PZ?2)YY+OptCDS<bN$I;Y+(W;{ET8+k(M+jeS4Bp%%jU`m_g7WR
zi|C=7I1x6tn<|yfP%h~XS5dq}=3aM@+p0!cxaXaUG%u4q=9c3}Y>hH2(s6iNQ2bEo
zB`xS7W_V!zDcqO)*0z)wjML~qjI3VlkJ@OEDkERj?mGBXph<)G&nrxt7+5-4^-UX@
z_`!b+0%wR*v-hj3Z-~KmBejYVhmh!GO{c`oK<M4^+S-P3HsB!C<$h8^{<7=vjHeN9
z1l<O<qLil2{S`w^mKyc+By*WwEobv(`^w&ZP&}gQb3ld6E#u@*(K*nN77{0;*_*jy
z!5U7BU3SdCX~b8W7kNRxhINZcBBOJc#Fh#GkHj{5dwu2#A8qwaVM<J^vWjNR%W9bk
z8VoYbqxS)*9#~O}D%&c>W)a|R27X|pvyrXpIV}6Ftv`4DM+FdJSEla_FnCWPOafn8
zFNGxBzj=au_0@A#GfgCT_^~J*dvqFivM^oPf4>yq{Hs<T++K_(Mi8^I*7>>p&kio#
zdlp{K^xzYm(c9?s&tn?XE4I@QMG}WzRKupCIV5_7Z+j1wZJb~+yU{Z6PIkxMNVCqt
z;MAXfheONjuMy=X&jUo}ZK!*zVYU+8h0Yn#Kzw)K!(_hi+Odd5wpgVG7eVlfaDs|p
z_{#anqT|E$_EDHL8R&W3H4Q-U!nj4qpv#^y^pZ>8u~v)WlQu2CaLTnb-!IE6V=0T7
z>?@EPvNU@nR?e-!{{bM5vLUh7TOS5nu?LfctG4LMrDS7DfBW%EIrJL!=YlJ==7Cs+
z#-~wt>`X0e2#&U<DLTkeaI^#mZx5!X6eSMW&Q3`7_wW3y<7?A-0~2+ZS!w!}1o3iY
z_ZNG=e)8Tzg7%eJVE9utv5tTkBPFm{F@sa;tH6spxwo}ZUGO4<MBI#z_d*Mw=xJUY
zAwAy=G+Pf7Kg-IIfV_?QvIjx)sNujOEwf%zQ)sKajltFffDi$%^sEole_2W!pj=!c
zuZFaP=%P?3s2QXR1K^ud+US>E0U-X3J<s$A0jG;7ef*f<-H<FOxZB9GkD5NgZ*mDq
z0J8v|8Bm7!gmu~0fVfbA^i8@6_D#%!N-dp7rePW&zPN9m?~U>oOR4=m3I6u@jkj@M
zdc9)Psm6zH%W1n7ZK1!R!RX*?-&oWVCG;=no}TMwkx0?_WpjiE>3^CP!2rP1f=&nA
zc}kv^k%Gk`WxB@lFk2KkefA}A{+SM#m9i{=`03YjszGvVgU-O+AfuylJ#mn@5EjKo
zJLPUdD*LuLI?)I+Req&%fU;#j>D$~b4oU~QHjc@q)mx>U6$l)JirYrno9BDN<xEN6
zE<E?1)6uO@X=h&pJ3edV8>ru(0Y37_DvN2l<<7vS%gGjY++BgJJa(`kc!XrYTJkE8
zHxO6}8dCuISqzxS8wtM|AN5@O@~ZS%@8g^WqR8@#uZ2oC3r$raaOfk^Z7=BK7VR;p
zp3zqV<W<3|?J<)wdm_MY9(wou9-(hrPy0^E9)W^PsEh)1dozIZttn~r-TRhB5Q3Ct
zs&1x&f0h|9I?`)}JU$7s_SQL{RJmcifsIIibhy*S;C_pIlWrk0K1F!t)pDWy#Ko=?
zCnY3=*3^NBGMNzl{l^b|;Mc|Y8t3sS(afO8NW(S`NlGRfwzwK;G;6qy1GgcCoG~Kj
z|5{jIi}Ny`*ZpXKig&IEiKYd&ZSK`YRm&n~@IL$w+74C*?EwM?*2cQOR2~LIEcdSC
zPp-Tld(_!=TqcoR;dk8=p231|zLf$Yg@#_`_6GBaKyuiVNABDzUj91|x`#_bAOz41
zL*(t~Z5em{ehu#fhRprLpy&HycO&&qK9&TP)!0{xunpdG8ig1nFSv?7ev48tTXI<c
z<?5YI_6R=RcHk*|j=s4Gm?bw>R96p-d|ZPdmn#KQ4~&oB<_@F0E|m7-i@wGq3=)Fw
z{&<5w&wU8~d_MH&!_gxXHjdwa9LJsiPaP<<olN|_GTMa)d!|!>eox^%kLstdJRP45
zP;{Ek&0r;g5JS*G4Pb;2^)CExztse-F~o<D?70aEPLpo})<rUt_J@=rhfy=Y9>?h1
zPhcn`Or-`GtO4+RBzX3_7}X@dB__Xe=CBX{3|PsjM~3I&PUv=%cRdYsteB&5gNuI#
z7S;d$&LGnr7<&W~g;b7Q?_LG!!<4j8oRnULou8cldhPa@0V+r5@^BeqH31w6LovQk
z!j|~-e4bZx-~OVgrYrz)zI;^<+y*H-<EDk`wugeLq4e4Y$vpSRcE?`IAJCp^BEsH7
zdJJHP%35=kYq{qo37A)KTt0Vr`0-ho3j|P=-`(jvE}ebnXm57xQ*n??ArKCI27MID
z^pq}pGaW1WW<lqs$nuuQkKgg#+263gJ=o$2J4-4Epjx*RP~Z0tO{ITB@sc@iJ-`C2
zG{Vpksoe2>L1(nq-8ZwH6v-C@RG!APsi*b1!;4()z^s8YgU2t@oK+TqW$0-VX+0{7
zDS{U*p76gn3eL1)U`X-s+a%=nHJmyKiM8QH@x34-Iht7cP%~qhnL3~gRC>+B=#Hy*
zC)KatxWVvTTkY~M_OXAi;#q(>Qw2g8a_=lJdC%V!30;L{#Mex7tSlgVo?P?rxM%hP
zH)IYX?Nt{4qThf|+X8iXPG_f1)qAz&{9BmHGG}PbxIqrn0L1O!&9E(Az}oSCyA-mN
z<HnQ!!wZmeP=8n6v7O>tn?CS_Zr=xQwE|%AGb`*?V-t%`{5FbFVLaPnraTu-2*Z)k
z&-^C8&H^8p579HPE~O0OoQUlakbicTGsJ_>Bgw#UNbfp5NbN%{VZ0XRwt)EN%+rFQ
zmU!ILZyf4Q-H5r1NPI1ZP@Ac&FEIV|irV|vApu)p?bMeef3gp$A^sjSk<OW)can!p
zuEG1=GUFPjmY;Hg;aAx$06c59_J`FWuoDn@8p)sB$3->R9|zQ_h>oMT(qUH(QuxH-
zZva02bfK@80j5vdjae#jas35E{kdafmO&`@D}(j)N-9<?{JD1Q7p&jO*S&u6!Q*W2
zJ8dl1CwMSHD;(^}g2j0yy2eZ}G=`jJM^GwnD=E=7+Jt14xFe=J<S59I8F^KNBJDfx
z&DL`S^(XUwy)Jps$TT%vLTj9E5tX(LEKS~lrgXnnJ9-r|o`@En@&9y12i0dUZCkG=
z!mUWaZUw!dhfFLmnJJK;lRBxLiaDMUz5^Y-$INMGKnXSS1ya7Z^I`E#e(Ny{GL%G~
zIpyqlExYNSsA}p+M#cuJ+AP}GpJ+1hD3b+aWkpCLvZ@GB+BzXxH4&ApE4OoS-8Fi#
zp5ONS%Oho-F0Y+l7&^F`6z@ukW#m5@xCUOHil<M9B!Os1M7JA2r6)2q*2IS?;In3g
zR$`j@6#M~EK66?7g#bB6gdFqoWd+ER2;#_n_io_9<nyg>uSRZMfN#RUHyz}Yx3!1S
zK<+m;YhbwM8q#aRZLG5Hro0Za=Fp-2CcI&&RY+$f!0rC!H)J!mt7&vvxXq=XpP@Ca
zlKAeEonR^>zf1c)aVwmf+$Y?V<$)aMgoK2}qj~0iu&n~mX(0y(2SGI1^c1QDS47va
z&}3?dA_LZ^5;t&k`1?)2aP)nI+_>qfFFl#7udlk40mMwM?y3h+g=X;`^P<*11c2X3
zP4hg(vm#jVqjG8kz3B(c$dhY=H`V)C@FIF(CY-MMK}9*r7(w=xQkO`IqATuM1BVIP
zOfhLKur&WDMJ!^$l6vb%VEKSO7)Ad2RV_~JoYixc8)@3=eT<ouq67h5F*<}?G&hJ1
z85NoWMvE7ZbN>YX0O&1VskB=%+Qn~D<OvhH)h1`oV2;jm6s)!k9s|ml217-i@w__O
z_;6Gvv#1GE$<oc9zL#1gC=Lp$0iFW{;G87sj;T$ycT;ljdY*1*2QWBePgj$@dbJh&
zoHane>YJHdm6$>;&xL{3Ur_pRw!2CJW9A9+2gS4w+A=WVHWD!chso`|v0I0MXGr&n
z%lo=dIUgaqfn2c-%L~q>afr4p`{I{|4~_@TfG$!@F%Wa1A74;>8HCi9SO^a+y|8?Q
zKw!IDUbz<NyayA|#Bxz<P_)H~O3<#1jV|00u*TRhXxYO-z?ANDGqCkp&w8qdX+E=4
z%giY{SatJtKjxhC!X|R~SRa`GOMbd4Pu?H+j>z#7kyivQTtVBnwdo*Da_{-EEnroW
z+ba+<Fp#hEe%)kvcj4ow^{bDcTqgM6UZ27Bq)g|MPVX&64a*&WD+VB6_5=Rsb`PG4
z{b^S^eEG?~Kbyuuo=m4n3pPZgDj1%{u08k`&Z>{n18I!M-adj3N~<#6IWU_S6Z;3l
zcMh!*)WzvfEHF5roRc2#GhpwG5NClp4l^22-XlcjRr0zQPeonQ)DQWCArz^r6i2#+
zHpHc+m3S3B;&8vvZMX+jl;Pp?6}psC@L7&hUyl^y2ZhcuwsBb<v3$S?f&uHBI}6^_
zC16!!wta2FGbF)nlz2HH7og{sa(^BWZ)xCmJ9z33KxaQLsn;ZJ)bLE#Ns0wm>bpgr
zdJ^?6PKwvYgk{f{DF24at|Fkr*Zy+k3DlNeUH#|NYgq7&Y9&PyusQAGM~_d+O?WQ!
z8XnfbHPwGx80HE?%h}fQFlQq#LY+<%A)j*-)|q-c6!=MG7#kGcddq%M@5Ls;z}s_9
z9&xh#^L3)L3rXb^#}`w2)E=(5uR$&GqEFsc-;V5Tc&*f&FnQHPj>VS|?V6N!xm?p!
z%f{Fdrd1+kdtk%DZ+#Mcg4Ky;)s?Zq)C7fP7wUQ7HJ%yIc1rgHyVly?&JQ=pG`4U4
zc|vD-k4fz@U5+A2%}c>D9YOB%-SL(;DJoW0Ittq9;_p*hduF@)U=@CSVSU-T9ocj=
z1^S3V?O*1Bot^)b@W$|ks3K+86phUqW+U}l@5?CO$SDfxQ}|e0#if3fHPND-6DF;&
z7jtinp>J%+PT~|ho?BT6k!&1ISWg<vQxxwQ9+NMv9E3r)$5zYGyb1uuK2Y&_D+MTe
zFDxn#jIRz99QC$5$Z@{(;MzUn`t6XH%tosQs4!+c&YkVn<f#a4VX}Qu6p&d12`4Tx
zmvtYdAaXA9+3eMzM6iRmzTOE2HlB~64k#M-!lEHUfQg?ATN(J)@<qlv3%@6v<&7-e
zuvxuHb{$WIx9JqU3y5N<Hw^&}i$<Ptp6)P}Uc(#%aW<5SJXu+7WHSU9Upno9y6>x-
z9ePBlRO#&xCFaQCla!1|$<X@6c&~bJ2-<uS^-PvE7NBssz#)@hDKUj?Vl6h;=X{qT
zjvZ=9r(a``6e=_P%4BvdP_V3MQPozpw=?;nFP{Xc%w1IOi};zg6+}FTeKLlZ$i{=V
zox@i19e2>M6#RU-lIkM7J~{j*h}?}_O6Xx$xQcpi+(92B)ysD)X$5$p&V}gx-`e2s
z&DO8X4i^w9!JS*;jlcs3RLt`Tt;~ma_e-~;ak^fwMAQ7iqF?KS@@Bzr$24hcwcfaX
zy*nUV$JhEXq-LtK(p~;`pZGlYZQ#mg;Fz&!e8B|3Si9}lAV<SqMD+lPWho%uST@s5
zRkfa}*-%7m<pQ^6CZ&31o%=!n{j`{>>9Ho#gQezC135DhmL`K@A(xos3NeL(tNSZw
zcKM2~zbK!0#H{UZ3JkhBI6?ZS8q`H92&uYQ3dFV0;b?Mz*Q-gJKy_H_m%qTo{(-Hw
zye20Cw6O2WCI_j4<HW83%Fn8Ta4hmTTJ-pkAVQ}6fvZQ8nATl10r_=_8;>}Q6$}&O
zN1$gKJXMr<It7!73p_7@SxpcJs^9$!owX0@yMkB8{Rp3l3ZW!sxuNX7&kLf1aQL+;
zrCGet@<V}eIv5L@r=}L;1ANhpl#J>D_+7t0<S2OTnYRT>?6$6%+d=xS(o@D!Vby<r
zir7sVe#0JS66wJDTwNKO?c9~uCl+)+utGSK3^RDob%`6ehksrNiB7$+Zw5c+(r{6G
z$3M?0txoj#;A2ZrDBON^IqedmX0UAmo#fYJOsZ3ent0CQ4;Ji1)7}P)R6~-~h8u7F
zQo}7FO<f{4Q+YwW?BZ<0PgltYB%vDZ&v!#8@96$QZw&q62+>wxzlw=`(KFc^J#72R
z@jk_rT;v6cxRxE=9&?_?Xm_|~M6a4>9*6|seGyD77DAS;Hx}zw0gt;)25?r!Dq6aS
zrK26+!fkzTS3a+)45d~nm)7!x&;PJOZaKOW(4UkS9p4y;giY4FEZws*V-BL{#!G&#
z)rr!|JRQKY-w{QdC@uHE*?p$YQuniykTs3w%t!4nbUl$?VL-Nm;dVL^zG3-1GT;S+
zu>1!Ki-k^Hlrim}P;0uh4;Gq^bXW=ZhLG}ULA7S-HnL924|;2<w2xpN8F>E4?HruN
z098JFlg^=X4U%}bp#D9*EgoHJRIIq%$lr=i2m5YIfwGl;gVzFKeEBm%cq>^;Oi`aD
ziX*f;j=9vWGL2K5UN!ibDH<Z4BRU1%8<PM5F2x<9Ku)`3B!}%sUbn`fzS?x_R9C5J
zUlf$KzjNRpbz1zab+g|$%%Gt%4J(6@S|&n7kc}|b4R=aiyt}HF>^w66{7g?EYKf3)
zgN`#K*>*Udpo(XzR}oP(MP-j5{T#b7nSJD9?I_`vn~7o1cUtDvpShBvygB{oZMC6o
zlkViYf;D{<k|1S!Uq6?y$KgzUJ>SDowf(w?W#5uECU(h;AXt^UDKr+t<m|%U1Y&D5
z;PcG|3|0GFEdoMY|DHhkpRBzOQ95zr4e0J0W-=(mMt5q>3h6=55c-7FZz6BmxmG7K
z;`ox)a{RVe2u`TJl}T~N<<y_uaZ80Mq19*pdI{p=uS$QTM_|j<?X^ZmKkE*Oue^N~
ztGF-@Msey6Vz@8dLi}twcx2jvxK)KwKsyjJ?O}R5m}9|@e`RK*;apaA+;dX=!^<^w
z{17}`R<@%gE?c^+7%nZ&JH?lx`FZ7}Sb$M)x*}X>`{2PTSe|6VhZA+aiNYCo&5`&F
zVMWwYD^(dN-QvfqPEXd=Iy95!)L@arzd0pZTYFD;rh+bNn4~hAi2$NE(7}`y3{)Dm
zm^4VGH{6w1cr%NybX`d_;w?pZvj9TT)|*A7DH45F3Sgn^X9kpv0`q|oz|sv)Df&n$
z(oe_%=KvEImNQObZl$p_%@AL8PBqWCiz?CX^ntn?AJ17|&p{{)adh<hX6w<9f+Q7N
zYS%lBMx59U5G2`CUPQ|o(awxlUr*;o`PW8J&jGt!l>EvIy*T^uYp=pU`ymZzpgM-%
z^A?$B@q;TfainGB6MK?~UlyVhMt%PA=^3XjYP_{NT8^^VnhBP2o+i&8wwdIS{_zYi
zaA0099vZ$e@+NvqPK9{0x)n4@wh3$bg0EaK+<5DAvTlz0_u}7yWDE4p<=gj9&rE=K
zBpaitFK{||+g;Xs1fdCw0Aa=aVzv6s;cYp@ERJuKEOcQV`N_5TC{6Hk%s#bcDhHpG
z0jN~rP^H>7i>gh#@+Su68ND*4C2F={VoHhlagt`Vx1p)DRHr<>`j@Uv|GRg$<&PU}
z+h69Cv+Dx^EGK(KoNo$oN2W^N0#;PMQbydsLipxz*BMUiw!ikR;hj25rz;ccOr}co
z!q62Be0cNw^*XoTl9@51iT8fJWo_qX{yOtlYNNm1dzFt+_kO2g3a?osU;(D9_0X2T
zI{(aVm;#0tA`5THymw?jiW5qSqv$?^#bsA3X`_$8WK3AxDD5@Kd$m8Y(&s}oN&Hc`
z@Zf|lX_EgIO>kwqn~YHS>U-p<6pDPcv-fB4_SQBA36hnih3<b>Qad)k`t?1<aRxql
zFv$4t=6vP#f12~Z4qgOnLEW!Y;HdIE@lBxy6(SHt_V+)k^6Byvx=a}nv*Khpkf6~+
z^PoJl!|+KMNJ!M@7w~d|hQ|uuyFT_$-Vna>DHGJ;3ms|UI#)!byagK(Ag=jSSy3e?
zG^FzQot^%CU|e0S!nW2iLOF{3UtQX0h+ewdWTM)04@uG@_4gkMu~t=0=8t`|oSd}P
zOJJ9YsZ`WWy<6z@d7DkUIZ=<6F7?E|kqJ1vUsLt}F8tKVeW4)YwQO!MOH3Gbug>RA
zu5(<qox~SeN!GYTd8QPXiDRsUbjXGH3IZE?)~2JlF@7uXTX(Ot>9%r*Hp&8C<Y2}_
z10fczty3>=h(?EfesOJnFFBO;<8qr}93rgQqdw#9he6SaA3nBbU%&QSo+$jGEM}AH
z|ExEzfxo{Qn(j}64ub}NMMJ|lFmKS<<hy%X4AF(nguMhu<c}6jz)QS0cE@*2)eDgQ
zF&CKx;BcKYq;F$qb+MB1sVYlcqj#+;8~wgn+V+WZ8&S2DmX;#kA=g0LK5qYEv7=#>
zAa7sOO4Bq}SP{1&O9KrVO$BNP^Ob!{lcM4gw!so_>R!fp#9olK#CfDZvPE5a9o_~X
z$6K1g%fH{ulAEqP2@}A=zyJ6x^YNn;jyT<-lvC&2D1v8h+a<oYK-6g5QDQpzb+l0X
zPbd>mQs{nPVqM*7*G7|D6#xY!QE;V;%}l~p?gA2@YYRM$Oc8BX{X7*v&iuByPpss<
zsu4EMj9~6CXP3yohWdpgoxW|TwJ}<W0nSdqdaenyL~^$+-1{>)pF6pJ-|rN$^ei0F
zkG@BwofgebI{v2<9KPc(%KmbKIuNbleI99VwIuq=8IGJ<6Fq6(Jbh}`U|Z)DLxwv`
z7&wbWu0>1)Zm2Zae{h>{i#n)&dveXhl#f8n+(7R^)9Guc^sP>-zL_sdDw4D1u;b+t
zol=%3OJ;@vU7qEKw+SrEF$zNBw~h}*#asr}3eIZv!^ne8`Q=6BYCEJteyK_6pgP26
z@whYNYHO39_rFv&C^mk$!A6#It+$5nX_Hhqo;c-~fzFYa?%=oK#K(^@pBg>)$%HrH
zjJ)mnDUm7y!~g<FCR69~%rpCo9$Vii&*3+}dF=(%fN8<e-TUq7I!2@}BCDxL5O6Rr
z&53Sx0JiBmr64;1w=`5B@khtL2k924Y3pi28oi9UU-DcaL+Z<YRFml+)K{c8LNVq%
z8%`TXXC!@PH=Auf3J;p+iNi9>l~ib{UR$h-e%#El{8-tEV&-FGDA5i>x#$@XydZe5
zLfq6eI}pQtD=`pWbcvOqk#l>Bjsp)Fz~vBq4@?<Xy!wS{@T8L>+1)ZZbHTLhk~ED&
zR!LcX>_u16v>n60rPa}!YR+2~XU~wP1?&#g1CRu&$kgqa07b>mz@6A&?TcE`Q@xE1
zI)b`-67W}=+4kEdiiFT@0N<zSv=9lV2*1*-ZbL2&;d0jG6WRsTss<(`2T+k%UAZDv
zgr;)35bKGMn^knyytQQ7_t*jSW0sygYh&3=^<u71yea#H<^j>_1H9@kvCOzqIdLO>
z0|edS`aGl95DF5<l~tSc)gvL5M*kW36?g~X^BY^(Fb+1Q<g_vWc8u$-nL)O?EKOqi
zEk4ui+8m)NChI^RrB7we$!edlz?b1h!1-sr@~|K+l7@2$FI4sFfL+cU@$`ctV<yw7
zoZy5~an<VrY~dL}z5Ma0J)NI1C&*1qsDAVVX@^t#<3<+Q7T%@^>2h|<J3!I-F3e9H
z7ysbboFa;x<}ODzg?TUsfEl(au#I!kbPL(A;l{g-u7eRa{lb<doG+CqZy>@)@W?K&
zm6G5#HOmh4W>ia`YZm|DRH~ac8B2KnxMU8Rss|+bCH@VVPMNWJEvb(>Kr9M(NV~hs
zD70W2vhHP96ijc8F}dx_NB7Zks?gbb@uVWtd|-_f!Xh}5r!3p0P``x-M4@xq_PXHH
zz`X{;)l+cJX_aWs9}2(9l2xvxdD0ZEp5A0P@@qg~b3>jEW<1~x{0|FY=4*p>9k9;4
zxvuz$!dk(-WA`q53Wz{9EH@l1I`*_k%kA0!%T<Daq`G#@<pgXqsP;<hDjsEEbS3LY
zoc06+?8DoN<ol>9-qU`%S>&j&nC9g%B<6dfh4EYLV#Z5@sGIx_<fNoFtEki^eht;+
zVX*Z(7>`O`p+L8@;e>8>{LW^l#EJ6>GGK*s2Gl3Re)Vwx3zyWdKa52Sgqwqn)ax+_
z?59|Lo=l|NHnF>Dx9hZ=tX4)8r@|AKYMZpLqJY2tb-Wz7GPe5t;L~aE`h8hnzn?&T
z@uKLA>DZIwJg2oMbQM!UtU33gI`BH*9P$Evb#^<uomQHi3$2%Zbh@Yne;7Z*N37FJ
zQ0@d{r_GoNw9xv8Q#1s5wR$y8O*RB%ce1H8J27XwgXw#+NhQ<MS!@SxWHfH!UX&Wc
z<SLW`SgbFo8MKK@|Ex9t4Qs@amnGLN7^<>o6@5k|FDn%ANqUvTvVo@{Dk;byt-+D5
zZ^MSa{Tq!2)<NAALslu&i@niHRphhzweuCi`Z$=Gf4qX<Wldk1aI!rXxjQyzV`}3~
z^9Qnd8p5(MZVg0Ht|>Rza2T^V1QNqN-CSH;%5ALa!kpfefC+P#N#hV2u8!P4|7={M
zqjA~xmG490TY*^y$61sJO0QY)suP$S-4+y7)NKJavMC=wB>b+aF_}L&^O}nl&H(C)
z36SE0z`n`eAJgt8eBL@v+gB;ZGH)*N9e}9h)H^ix;fGABuY?{mdHFVdv!8?95t`PE
zQn1wUjQy~M7S3yEjt*gTtz6GWB3$pJVy~UC9I%V2k?9toqHUt;Xy7_c&n>5yp{Ssa
za|vI32T-E7F3C8Sm*%+jzCTmtjCRhzJf68dN6hh|>AVpyO$CYX`%`Yi;<~!_51-cE
z$>Ys0Wv81@pHQa(muVX!SH;Gd@k+lmN?{JT@vx}rdT^x6kp%#+5-Mnz%k&7_bO<v&
z_w1+X#6Cfp8W{c#&9Z(U&44a@Y~)+YRYO$Yx{@i}{ZFhZGFJL~Xf4kvpvC>XG@+A2
z-;wGjL2qpM-Tf?Y?yQ_-RMljsF-SDG?-W`+BfiAwonrHZ&eY3-DV+96El+}$4f4?w
z2?cicw{l-*Ugw$0ZK^?Sg^>N89PRf>h;KBPJi~l)Ld#~IuMI*d*~*^sSfJKU$62AK
z;FWeEX!@oY`?^Z8`PhEVd&&wB4KsTad8z)__+!pw)uAgF?R@mlfZJ*I&+T-^Z8G;$
z716ar5(?F$r8xtVRgA-L(7K7yA|ehyUUZO3P9y0Va>i;nfjC9bWxX{3{FLt#-F_I4
zZk>dw#DPkdueB=JxCN62>sW5#3_2EZjnZG2%R%_YEf3lU^c`-q02r)Zd;bbgCe58&
z$39`gZIoU6bD#J_+Vm*~8VJ(7a3xJ6$A$q`-!1{l(bt%VQ!yM7Y=|&m{)y>9G?g+p
z<(#;2EB_?u`6@NC_gHdQDo){%bc`a5Y(K_Um;g|N&AkiMFYZMi{7uK9l6+--IuauY
zAw0$F3nNs}nr;A*bmy9OaFbfl(-KxSa)DxixKEGS#`yy6QD%dRSq!oFIeSkqD{VbA
zw(;9E3I?RH3qb!ERb12~hj9^y;(qFtIjB?DC*-EIqRe~!^S`8kSVWI6+8ULZG&bm;
z9+H><p=*;(K4lZId8)$kxJ_7j--UB75A$z_T&tQ4p7OlLA1MI*z~FL_)69VLQ?~&b
zm^gBuicwihHC{Jzv=%aLw9L<~9`pg*8rZ@0?7UHv*<Qq?D0Vpp=4p=@pqON@n(NxR
z+ooa^U(FN-t}VM(A`C!(<=I@z{NL%JA^F{+iy8$t5%3fui1m;b0Vqi4WqV1<#-N?<
zvs?vY((Rp}FIlMv*77~Bsvhvj(NLS~QVlTrAj%~jC?|@O@@7q7pST0f1)1;oHEPfA
z3|amF{OI?FD*Pe9d=m<|q%Ya80;Sr6yB8iB`~7-bNd~g96kEjCYg*0e7$QVnhQh6w
z*iE5@1RD4__j*R5qRhLD?N${aegltyClKYMDlBLcwGVqhs5jqW1S)G_<h{-&l@SR&
z>bLz+maV|z07E7pIE5N42uo9TxV_30!37E~;M(C4bp2qO`SU9>-4m?h@GP%<O3=c0
zqrhqC-)8>jSh02LS=A&T0Gh`=f3L3EM;BfJx1B{F)c=B(=AvV74u0MoOCIV05lH2-
z)V9vK7r{5rvJZ|p<6lC5PrHtm>W`T&0BR;H<#DxY`4|Fs@MmY9Cj68)(6VHdG@b+7
z1hpAFQ2WJhK1}EV_r@Q6r9P8gFiL#j^|T2!LS6s^=X*Z&$?{Rd*C_{0YqiQYXq_v4
z5Yrb6;Ik=nk;hM^RbxM;+#x|@8tz#zO%df5v`e-5tjF57=>^pb^b^@CH3R!=g+KP5
zm(UJe1HW*2`{&0*$i3|kpBOACUMuuKprW}s#twMDoONBDsG(aR<}qQZPmw2e`0{8!
zl2(3<EbT(S3+N<2Sx9KP@;D`4;1uS`8wOD_JaO`8bx=ddBcT*!ozJ&4fn;*5DbbV+
z%;B9x&gKeV(k947uyb9(*HJ(80pc-v)7}*RukzJxq-~eZEuiD%`9dYeIKNM(crI9Q
zCkIv6`YwnoD*4Z!VB27S7JLs?10iC>ZfvFn*pQ5U5#s4EWHs(!PS%F7nNdln8}AOv
zc3F#LT~ne`GL|s=n!O8u3gAT>8<W6!aemM9BlvW^Krt4eYoy7f0Rul`#G%nX9Ps7k
zNuar0G@w*I(vWvMCCOC!s7O4|RGJ5m|AYRG42Vp^Uh)?<NXmj;eY{SW8?6-yH1Q`&
zo0~6To!`Rf=%)a<_;@FM$<f$=0cOcBH;-F{X0Qgw3jRWon88Jg$l<Z?kRRVdlm{5T
zS)(QU?vkE?!H#5aKD?;&Bz6H0oPM%%0FY*Ck0RSuz7*3vqkjYw5xRf>emcG8r_Sp-
z)vm(gn(@ID`Y0Nh{)G$a=Kpd@_)y$m#zEyyA_PYGp@CRlP}#fq+f?JamviWkn#S^X
z8o)otRO8P!XkG_4Ziq}FqS+}IRUoGzFpo(@Uh`Wwr6Bl~4T7oqve0rAQFD_Zl+ob^
z({n9kj{rXT@sfAxs2R?DK|sXh9z16kyj>T=ZgWh^QI<WQ12*)yuMwXS3Ab~IsGr)A
zy3=r9bTcCpui^j{hvdr-UvO>({L#*nN4?20;mF;Bx}f(W;GKK4$OJy@t!4Wk_fNvG
zLg2y!crT|R4&#`Ggl|B$Der3gYFUA}1$<drgtW}bN)=k|E=Fq_)E}u!FOXN-28p_l
zXaOe(Xh|0QW!%*M4C;4>8yBw?L5&r}sXhU5s&eFg&9-hh3;*^WIB*pD9(=h8-uu1e
zM*`9c;ALPMtQm_q3Df?I%|z5(F5dm6k@108R#J)j1vwQ}pPuwL(uDs4-efEcSk(ha
z@9V}^rh1y}KGPQnnX-@BP|+P9R3(w#{{BRh8)B`f47kZ%fYsk0P+!c`ness5pX}WP
z`LHYdwkpMQh(HS}t&&qbc)3G>s@{K-zN$=zCF8;Q9y17-+%X6R@k2l9Wl#sV=6|Im
z6T$=jo`vfxDtfBzU#pG@<Q<i{vxb-&d0xVRu1s-B$H;2JguSIxZYjAfQ(JWE5Lhb3
zsST!vZI=<6GOxiqWk)8CzDnPjeEX?zhJxTavLa8{sZU$U+Ys|bH)9v7`*JB374oBW
zzGh^wyn<rf5<iF(>WM=1ULQezw>X^uJb_|9Y$<W%HtmAAR1oT#^P-kVTZ8fmqv8jB
zQ7Q8m0x!71h3}*jF2jAZiO)+@{XR%70q=f^S#bN)z|I_T1sVf5*TlUR;=zZZ>Ea|9
z<!q#M_`pi7(MqvX0UV;W0-?drOh~1WIWr~G>`iudDIw9Sr!yJzbji5>svIHmp~1WB
zYGcwMSNzMgj61o5DGZe?C0mX%qDkLI_k9AXYru_3tS(BVHm-t$;hX4~g{g%1r?N?*
zh#WXy1ga$3mb%_LPNO&4<i%&(L|sp=v%H>;^xAR>o|A^UU|qkB0u+`eWD+ILV92?5
ze3;ICAX<X{Z8feWl!*y+2ZyU@&%@awk|0LS+2Tih<XwoF0Z_(?Cu>~#Y#ba3KR!bg
z<&(yLC`z;E`qsrzlAwkiVzvBRS)?}A*;BGNYAvl7Yn%GcZS|CgUsAG;xfW@xgX~)c
z8-}RxA@DOpZqW+Yz$J*LNGBK4WRWqI2>TgQ)Gvx3f%Wmwnnhz8*k}0O+4(oYB*Lt^
z&G4>6cw4FiK#IUr5!}OPOhz-9w7GSq@*Lbum6G%6naPcOdX<d#phHdgS)7tcum0pW
zI6J>gyK~5JP4q7<X|-%{z)^2=<BQ|Ec>RUorV+zft#|L>UBAM8gvddA9xE}+3b5p4
z>Wa3o*ytMn8_v!CH_niQLxsqab9MVYn^(5976w<FOG?mll+9~tbDYIL0{y5!9Z!N{
zFxon+Xpgf(AXnEo&vGMZh7LnnAp~qP^1ld5$L{Dz$=9Ad@tJlnik~vP8UlwJuJpZ$
zpGFi;KRrZQalcdqGX!+#!m<Ty_@6lZ2Q*W$Tc0^A!o6E?6Mh8dFtV*&Bcs3@PSZDe
zWdXR`pM0A?a2T2@*-8=mhDM_pEc@Mh;aT^RJy}Kc4r`L1ZkO~0!RyHfcbTaRzNLRB
zmi7dw%&z0U<n@BVpKz4<EN5PaVSVENL{{E96#sNQ=`Y3H8ni_(Tr|(ibFyyHV3Z*j
z8`iO#KhHfYln7p$XZnAiOd)tO>)a=&WvUT4@?P@LDhTye@Us^6j)6k0fw3ZR#<c!c
zX;yG@kmXx8<6Nc9gLW7X12)C)h}^5G2PLDbeFN>6ZWJq>u!<O^J578GV+DWrmshv+
zDM^)@2gWH;dHGU*zTRr0&Sb2vxez5dPJ5+ynh)xv()3E7Y$LI~F7CSlnt<Fgj#}mJ
zB2tYqUDE9@>~s@oFBB2kC_hZ=#)EapVn&hQ4+C8!Lyfw>-?ko_HPvbefJLG?fv`|@
z>N-H)DQt(;<pztu0NB%Fia>qdPAyT+0uzs2KI0M4$rR=PC{BF1oN)R_@olCY<REwY
z2C;U*Z_$dgKu<tyT2T_JDcz`>0Ei|Zl>D7F-}uFj-BrjaaAFPET3&_wlJ}&pO8U|2
zqf#M$c`)TaC9wLjDHD@H>ms$9$L8Jw2M@kIq~QQBSj6kosxpxC|2k(zFrPl^JXqvY
zwMoZs+&H^2l=9@Pi;HXj5Dib*mn*;%o=RT>h=riMAFE!ARHXMm)g^z!J-8Py59BQy
z233I(zyRNye8*?|m@iZ+z48&<IXRE|7vEOVIy>kZV+Ga>UkdO)0ic_285((u*k~w?
z-i9`q1E~+ky`gYZULA;n&qRPj<6o@grT>4h68}F-QAMPjgU{%9$7Kpw_?K&eGyb!@
zN4;Ra2U)?+XMYnwL-&N>mCbmO83E<nvbJ)9yM=OW27f2!Z$TjB!K;bg1OU1?>`4o)
zAh;Ou>9YR^_UOEz0eS<wchrA@7KAzES$A(J>uJF^P45nB&TOED%9VBQ$#!SxQdXM2
z3#H!Fv4356IQV{XsZX@X^tz3L$ieS7M^d2-xwH!%#|pv>8y0G_GDkint@Xayn_ln!
z{^Gxw$B&*FkoQMqah17uWcatG1g(VsCYp;dh0P&x;5ogS8r-}tIGB=UA6)gn;T@Np
zX$A4#=Rx4dEXek}7W@E&VS*JThA6+m1(<Z?J}5jfdT-L^cpkItdrwRA*I?2Dz%v+b
zx%`yV1L`jyfn&u$P2<dU9$wyutWr5!@6FWCK3#<JaRR>h#0IUu{%v~oY6*nfdVr|E
zd_ri&KUAYpF@Nw%$&%8W-DIFLNcO9N4E`9#KPZgaf%sB|;qqOMI^Y4g1)3tGkbo)I
zx30)Djhguoz&DG^3O`lnqFFI}=^e4HV=h^D)ab&jtTL;fK7HUUpTh-;wO7Dl?<*dP
zs8<1&(}Uo|c=c2p+3DKQM_@>~1#%?E{nb54;0)dO@_mp}`oQVwNW&y9G&la~@oI$J
zs)9%eu=+Oz;VGuTxp5FwXPkXRsPh>)Ya;y`2f|thfra59ux(xYvq$YyStj#@XVq|-
z2>5`&tOF-zeC;b>3qh^MlPOD+o5c*sS7hW-qQib?5}%4CA`C<kT<I<275-~`?*0BX
zbl}p3?kjR6IG2b<Vj`LTIv4Wt@I(uP?PN#i*AXdJGaK05A7^%jQB<`7(NfHSP{>2I
zQ&TUle>_8wUPRWLp=cw@9sECDr~n-d8W`i%qfc)RPY7>3ZCPW18UG3few}iCwGm)!
zU*<xBqFQtO)PXQ>DS}oY&d3k-hzUzBP76~d*$2+WK+b})vHZ8QL68_=7lE&gxeKiQ
zbfN#at<E<3sn>$`I82+Cc8YSMU$^%cavuss0E*r`C=2s;9&qIg0tFcL|3ENe!CzG<
zzxGA2hwE%<*DGh{ePCsMtPpg|i>jVHkq4OznSIC&Q0?{MQbXR!Q*<=4%1JA)D8{4H
zGU0FjmzwO139GJtqcx}*+93j5rcsAB;~HE?kAxoQGB0+%S$IEYL|fG)AdFM@FSfV>
z+M#)gr<#opnJgLNf!FTC{Ur6TAeidQS%_RLApieFE-rMvGf3o+!Z~$K04b8R3R~`N
z#HRV3KUTXzV2mZVQ3o&Ti+&sBobS`az4?4vb0#q31lcqWia5RV=$1E4CX)2^QlK>#
zEvr`YHVXV`O%020=O9~y|B^*%L2Kp3^Q)*%Jpj5_Gw{yG3*^x&YyaZXG1f{$4-jr4
z;shoSL6iOx!5wr@7;<LaBl4r@bZl)WPYGt$#oA=uyQg<pB&j+XkjD<X^&Y7n(bY=M
z&b}~h5h1e&AW(BQDf31I5jym`g5$I+$oVQgv3!(WD>LWKn>wo$`zNw2MfD^mz^St{
z5FFmVfXX!?|3Rm9gZ5C@fhy1yVTxo&o$hxU0OPvPG;(A|KM+sV2d{D)E(~*M78s@i
zE3QU(c^*XQ{{o9vk;dxIfUQA0RmboqqO4G$M&t7h!WIZpl7NST4Cxl6QHzk7;{Q3r
zxCM0HBlm%RGXPxn?}Qs}a$C=fz*ObzRmn^aU{{C^0-0T3RXu2mifsAOnM1gq9_-$#
z&=amI7JQ556B&SrltNCB10a&&pv_OCkQQuUAr!_+=fI1%3Kgp%6F+jECjsyh>&u>S
zP7O>zC$GlIQ`frJ?d}19ypk=*lIu)Q-uwl*9{0&n;ubB#A(YF^!f$k4{jVG(N7(|I
z&@zy~E)nf$m3Ey9a@^b8^nHG{>#mWj;Jk@z4i5!F%uAJRM2F;wKH0mJjr*oTlNl4p
zjVIJi1%i;w%3a{eeiQ0--4i_Zf5IfbC(6r07F!dkmic?Y#-<-+HoZo*{ZRb39K~1t
zryNE7BW<z(zuFW^Ow4ru@d^e^&Je)!ee3N{8d&O6o=(%Hyl_(46(}wemyy0~=ku1G
zxkkO7+3qr#KJr*q0}mNYS5jI6H=J^~w0`wzWqJm1JeybST8xyHrE|R8X-t~r<kwi_
z(;47GHyYi^4zJB<hllH2uK!aftXh4(DOuE(v%qFpc;{H!wW0oF-B1ECtGM0WM-t&*
ze*gG1+zKSu8E@U#V~mrt9NB4d7;VE|Y&%A7jR5DehcgtWqoYx35v(i{RMnqlM(6SF
ztFJ__$9$vSxYAhlPg{4h=yk}#>b<6YGf*QmEq@T$9Y+Yy40d@&cp$u}TAN7xu9Ml)
zQ8p2}ln#j2kyTDhE<xl|_N-%V^!d!uJ;JT!9v*oz=*^p+e(XJ>XM6LJ5SB=HCCjV&
z-vb1b`XAVrpXgBoR2^>wS)WuFQI_3*n~omS@%s-S9=wYgo<gi2@`<#s0JMicxH}L8
z-`<m2zFB8qj6p)$BETd7;wa3S#mnt~1P*nPQzLNSlvKH7OEE29SCY@|;;+9!4psNB
z#3YUW;U=A8L%o{`pKfB{MHgUvD4RdHKGta*=pQcz@Hse(FoG%2X^r6Rw1?IWXm3%i
zqJ&fTPFUgdJ%zZx@Y)y{q`ni(XCq+^H2eJP{Ze9hO};8ypSQMt=X>4Lvqo}CmCB9!
zX(qzg8Az!Ayv^Q%_O#v0)c{cjMdJ>A^a}N(WG%T_#3E#Fm%{+hl{~%3Ss*IR>)Wpp
zQJwipBr2IIB9mAq-OT`-zhY%2)Yb*a;L}k2unK6QyftGesJs|yE^5%Do7J0XrfR&}
z4dUZOfB6dHNfF8hjxKkzWX{?UIy3bv%Y^odLvWFi_V+jBx!Z5?Br3j0UojZHYS|vs
zsPHLSF~dhLz5O(dU;ML8Zs~~M-HkGdueb1zM>Cwt4B-FVeJ61DA#`Z#w~n+0GXVw5
z?MO}UsQlY7{*v(X;X~ISo{cV~hHmVAMOYtR2>JPj6^^<iCM}bCnF-EiY2v17$A;=c
z;^KU_=&|r4pntf>7>&F+)sU~oFqdjT0u{yS=MX>0_5aNe(nbQCWP>3S4GLDcu#Uo|
ztNQaG;U>*14F{5%ak~W_ST_5)Vl9i+U%+J9VE?}eLN5r0L_Yh!7<=omsP;DMpBM?L
zA*4G+Is^&n6cj}zM0x~Nx=WCukw)njK@>?9RBA*@kx~Jr8x#aYWF+5vd(L_4dVlfX
zxjYIpd-i<y9cz8oNe(SVWWavTdut?4%?6nTgikRI4Q0>Z!sk0q-n*A2R_91MBM3&O
z9(f`jdn3l|p$QH}?~!?h+aEPtU4C)U*p|qg!zMjodBb_<84`+!QG6a5sEl=sRUJ(}
zS)a%Dn}w*)pL?|{nEUX#i#((yb6uwj>1kkEm&b6?x#bDxGHG6<739^snfu;gB<dc8
z33;^`pV^Vy4Hl}Hy%G<D7@c+EjXU)AXz0d+{k)x<kw@I{r&U^oWB<`PM8{7laVdbz
zEX!IA_K`Q)J*%zx=v$mWOMAT)E{jo)qEumYF)LCp?9NsqKLFf8I}^)0DcLo%avql&
zT9I(BwXfXYQTFQcs%{g?DU>yIt^SW6KW<n0LXygIgP;TOTWM5+9825g0&2#Z`?m$~
zU2e|XdaqP{y%8V_`!Gwz6`O0NC{@Uz%h#sWV<x0QwKN8=b=ls$Atw}kw8hsZ@+AzR
zQqPlVRI?fkM%^<|UMqj4L3BMln?IGKqC}2nV$;8+PBAW6dNl0gUBwg56897C@m~Nz
z$Gj5uoA1si$DozKgE@F0(zsr*x~=|x>gJ!%q-caepYqC2gw>Uwr(snhxwIrK8Hwi0
zDiY!Tl?jd>m>G1B+{Z=lX{K(NN1d<ZB^K@sXSO?=#^}AZF@wZhnx*}SY|G&Je^D3C
z(!T#+b)iv}RTES)C@eXZI;oDRwD56GfE8f2T?X7dt4e!T9<c27OjS5`^TOjijfCqn
zZ!Cw2ArFvNCW=5^r^oY`x~@xj8OL99|HF|4PGa;nIIsk-qJ!tM`ETQ`5Z&0{&eeqW
zmws;2_MNV0@x`8lq^b{5)@)&zW?Hfq+J6LvxlI2O6gG0#G|l}bC}cX_UZdw-A*5n{
zVnra25Ep&7lY&g~N|4oShMzNInmHcdqBKqN<7rv^I=bHFbdwT(E`TH&Z_+(5ok)1H
zvwOrq@Bc00ql{ek%l`B{4a;x6ZHtBk%=Gl^aWUN;M^1w(W}kW)Zw%5<RKX56CKT;l
zJJo0;MP)Ppvby>_9kXo4%q@SQ{>D+#5}o7Ljqt8}+1-p1c~DVoEI)tJtbE?`oysqK
zV;lK|AM>&PTj_J;vFw6Gy)oMB-6fm(f{MN?$Mt!C`B5~7Hc&SkxJ%wIPrtP``=%qP
z;2yC%@8@tCb`mr?=$HMour+4vnpn@V7=LO{SNp*}FT}C<;#R28<r5<RXaTmqGKBT>
zoxgPX*o&xtECfI6O(a^W!q9Ykke+kqN0_sWNEAvd2sS3QH)6b)V(A14ye~)I*0l22
z;N|YCxRKgZjXNVia>P4ri*<y}%c@H%)LtogXSqz*cX6+xLogLGlr>fvAr{~S1ffK9
zDY?)IPK+e`BK?5_tk~@ADM=a%2f`SgC5>9iu*d8%S^QSX=jotKq*GdOVhNVK=97JF
z8est4%8246fZJzF0Vyuj_#k7^(Rt#jK6yytS~_*FDM|xm_pe6C>wb_A)T=wd9^l~F
zM@rfuZ-Uf2kIl8UBP((>oOmi=NB-&)oj}~<lftb}Z9wVc=`8(AE|mvg@g+52@rv2<
z&o52vOm&cem<`Y+Ej=ZAj$e*f&E)xxJ)`Si7-mhHs*}hLN^Cn5d-A#-gT%PXHd2)a
zZC|R=qwNw#Haj0zKi<(tg(U;8FxjcI+);5RhL6`Y?juUtU?``s*Rl0B;b2S>caYH&
z1{UX^a}8NM_WF(x%+5md%)(5BPrlfMyw<4Yu0H|;mAYBTdE$yBp?am}Srge8M#^wF
z$NwCe{%6;2McWmC{LVeGA&U4&wJtIhEv9;DeyNYA%~Q{ja6Q?9-3Q~=8J_2e;_v51
z;nL)F?cB;}K69*Fr)Cpf<V(XVl4oO>Mi|m?o!KLAUEMp><LphDx$!mZ?%<RDCfv0;
zyYN5yly}${w?vSeXAH@+cAYS7IzdAg5kF;-W0?E8OKX(!G;1K{1g2(Sly5-&wLQ7&
zARU=I4AtIv6Sy?WxT|VjG^(kv#?>T0m(&rJGPiaAVxS{Z+nz<LNqn`FY-|MTYDDq(
zytBf_=GKZbXB4^9`oJEafku8rIu{kJ9y)pP4W+h=l&;PO9<>>-ty-!FXCvsta{2Mo
zjmH#kz{E2KiD$Vb{(})Yc#CILjnjd9V;=r?Ioya|b;oDQ%(q9XGe(YmG2?+jM%)B@
z0QJ5Cc+hxfBi#|(-kb!`lwMucl?L9R8g~uPoh19S;Fi4h<8~c0$9oo1dfM8bCLzRG
zLL<~dGSV9jg_gj_O^vO$-HnqK`eul#R$g$6QLW{-$b~2}9KA65oQ9#+aXSQMIxc=e
zwa*I~ZmkoNS@5B&`U^AoU%jRvOW<L=K4d@sO{&->+I6!ino}BL4_eCFKEmS{^ufB)
z9O_4fRO0VQh=@viXiW)NUcP({Xw!IZDuwg*5HR>~v?#orp9shZg3)QcUMcURM$&M@
z$XDef@<>;V%1=VeV%LVq-h7KZ5;>JNkAP~teW{EgB}G(TbN#wm<TX~*q<J!9Ne!v3
zC_G;O)`J_7sj&J;e{tGw67;V1RQ*{Jrxx`$vqs6J)~T)^LDo2$U<)KM-D^|)cy%|_
z>(moRw4k@8YvMY<;qj@qw#%v4&cqb~D@%y#jMF(g89aWg_C0hmCA4JCI9Uf?Cz?bf
ziGusXjnh$Vye9T5(Y`5#Q)G6ABn1MN)i+`8Bb%`^O%r-N&-!|@MjJ!=g_>*jxz4ja
zQ}@I7V9@jCS=hpbTqcdPLZ<c1Na~T&Z9<iHS^eqYVDh3+4EYz9r|OF|nA40Z&Z_nu
zkR0fI=lk7_kx~Iy`?sBaApM)Q9KOkj`f+=T@78qQX@{Q7yHBLH$}gZikA%H^sd4eb
z1<{NTul&;Vb&$lPaHDWgzB-{a(h&)uF~gC77MLPMYSFODcAZ}*_J~^2$mKamzGAR0
z{7~bBrsD{pfwR_btpydclq8cI_r7DtCR`*+q)5I>RCeTOO26aa5~_(eLF<&NSVuv?
z0?UBzAp3j-{W(cQ2dGvMBip6Fo<eycQ%jTfC9g)~fW_e8s92_+ds93|p5Sm_jc{=>
z0fi}<2~~f}45K>XCul+61JuKQrcHr`p8j}chK2}Pv%?d+Nh&L2x#wpy(ZB2EUU~*$
zw>JCvl1WjjKezQH)M)jPR$DWD`u0@x16r~YHcz()d}!ks(FBeDWKBI6k|3B$XxtXV
z!IWwEfh}nmWenq(vu3hO{d>SdU_K$>y-k>tk^e4}jGYmPOZ>Bf9VTKeQd=K*Jloug
z?}~yAtn~VGV&1vzdq=unSU~u~<Z}fI7C}MQc-XL{QRwXe-&y3n5nf(|VPkzd*D!89
zuC)KCa<%?Vt4j-Va{FV<&@M25A04cj2aMm2oFE#2)0ayF%ayLfjj23b3_Z}jdL)~)
zy$Cb$C&wVBLhebu7*6O_f@riEko9oVRE{V`3Qt4nG4vI^({q{oPMV1%n-ET)luM0G
z%8jN}Nh9cOi&OhY>em93x{-TRN_Rpw=pBNs;%@Wcll?13$z(UZ+1@<P(vZATF4GKp
zsIH@=k2x!@zG>67zIK2>yH!QE^azoh5jD4XY6Dt53FPX6auoCjVE#y*FRkMyWD%++
z))X=#nS9An_(}JoD>>36YyT1U$^On%x%KkJTJx@!h>-)A8|IhhYzQogb*1r`=YMTp
zo$2<v(}Z+Qq>^b;$~(VMDp1c}(<bSr-a=LAa4W?{8wJ9L;o~iU|LxPV`QrxM<?|qL
zHG#9IlN&Gl;>4qhyFwU5&GOaWEB+Fvl4FWXKU-LGY?Sw`y<v(7vVLV*f#I;e?7|RL
zRA1MU60&=}KIH)@PJ=M9AB=Gh*EbU)9uyVf_8<%X?#d|^H+~UzF1iFC{;Yu7{gt${
z*ib09GjCSD&|yt09CcLw$dFv)XxuheT3V`Oa=Z)gMYXZ6KmU8+mLFWHW))hH`;(A0
zn=;9Mja(0P<K#b$-vm{5x6-ScnhPfGpz&9p<ox<L+1dDmR+>oTd_Z3yd9zFf>f^g#
zFB5ptB!9iNzrD*ZqW`QMRz8O{6xiNCX^?PmoIa<}@S*?K8W>I)*#|n)KI_~dj@7Nz
z5X?uEdI?Iqvk4IS85Hmt8GCu}u!kQbxO$y?n_=0Gse7X<WY#;Jvp|AVkamyVsJJbH
zkS4gJJA-18*G$YG+`oPs^G277iEYcoZ_my=Y&%8%^mlSdM|2&{=U_>76$Y9DHRTuu
zX)*!4f+ydWv>o5yeamOA`UI^u(C2kp{*OLy4>mg%U(5Z=><U}AsYN=hUJm^@t@)QY
zk2?do@1?N?U)#zO)Qq(yYhX`2`!SqSm(L$sXqt)B1GK;6Z<AuJt(yJjN=}~4nV;+u
zDKB`<%e*aJ5ns;px|RD_j(uVtB`!Kfb4q^)y}!H7lw)(F1|Levt~Y~rzH@<CuKlBn
zI-W_?jQerpss5V4Gu*NKK}JK9f<8J)oG!50W5tEX5)F0mCqB(8?CUG#6n}#B@qE~-
z1hu_=%i@Q_&pF*fFu7P@+Y6<#eLbS+y)?Dfz2(#lgV;$X<}Ge@9d3PWQY^vQLrL=E
zqM{7a3B+ar0Re+@os6XzGL>hSl7j?Ul7E$7EQ?!}6lqQN{`#cidibWV&6%(<`eA7k
zozJAYvR6Nn^>9>6B|gh;og=v};Lp83a31v<`;VlCvOZ{AP{wy<C?YyPO$D!hZ;3zH
z&-Z&FpvknwpY21H6J`B!8=haT5nFh3U10VZ4RM<Dgz0buO(5~T0&tn`QQ|sn2s@?b
zl*}Y#maB2hS;6NgKPh*8u^(`La!<c8H(()akZgbg*SE9(f$%tyIZ_!h;)X9Gsmn@#
zmP85vs7Cx&yzeCQfzWR4Ls?SSMKVK*hb*t>Ma*;T?_i`+1-H6q?A2~RjhZ8WW~vvJ
zJf=1hO~chZ`o6g3=wmeI>*w?qU@d&@!nBHobNzT#)n<w^Mlxu@lhBKV6u6@PWq37`
zp9<WY;zoWG)X#622~A~*<m)gli5CU%zM+&X4`~~wuoQ2ks0^;<esSJZ=T~NCOkULu
zO}fMC>Wbcri#wXdKH}U$w>PEyNHKK^nPK{GYw0519BTNceVa|LCo54~_t<{<t@0I0
zG0tdU`r;U(cRK+=8~ZdN>%`#In&MeW4mz-DBKK&4RfM)s(x(L&GWBryjq!X}gtN85
zo4hlRib^&6*41$`L5fqE0~@)VG7WjQ@0^LLR5*q`Je6Seu=z`BkfP5BeyfoGWI^E9
za!Y5XoV7%&e3vf0saXR;^!Sx<Mh4}L*99_;=P*w1>-f~!>Jo)ik;<oF+p_8la~cs&
zb?P>8N!ls?%!S~eo7@!n|E<ge{Qb;d(!3N>TY9Q#9n+*|(v$M>(f;%IOiPj(hv7C*
z&?(Uh4uuuQr4?z9?xJc&U73|6;is#g9%rn)^FW3)16#9=nt5SVJ_7@j#lbq<LgXRp
zn&CyCkJU7lypg?^zT=xTOB-xeDnI5Pj^SRyzcsk|_O9>(A~wsgEXLhIvq`CjuaHZ8
zG6XTo)#!rEr5Y?k2eFyt;;>|;)eD;{aDPoc=wX3qC4T&=d0p#Mi}PT(^=>dvrpswF
z`r2#YWMqC;V#B0d;HIA})~4w09scwwHbc@N3J@%J=T*~>cpNRvDX?UmA7S7xij26F
z)~<HgVB1Dg2WSp`KeL<T?NWz(i>mL8`3=$-n2OZdp_gaiswvSQU{Gg_I1B<e##vZ-
z*(Kg{=}vVwOuq&J#uz9M_$*Dw$wHJT?Go82xU$bqd$#gNi$6#5Xo*QElLgJ>GV#^y
z2E@XWpU$IZ;C`|$NNUuEQGOM$c*4qF2Hx3Yv(O8k9C!?DvN*L6-sB7v7u~`4S8Hc3
z(43X-s)W=T<64fV??PZ(NU5#wUsw+-t=b=EK?9!{utuAFDyqOr>M7Ar<27cNO)_My
zNMJIE^CeI1ykjyc%2Vr1zTwD{DvnJagZ-F+`o|PqPT|A8qqpBbm*M#g?5OgJio0cZ
zrTSmo`xN$jbFq_MWK_Dy<_AHyE<owJr#d&qe3gV2?RY&tT{i8Oe$+(0E7EabXqQ<C
zhh86(5w9tD@M)iVkLGH?drI<cf+FRsaQ~ePs8kJZ338PPrY5d8EYfj0Az(=Ru?9JC
z>UvT;+TVB@VbHC~Wd1z*>W6DdUqfcxLU(g86B{go55MY0BNM3KEW<>#>uCS0#NaSt
z<Jk|^p{JJKbo%8%GS%>&&GQc*h)PF>CR?(G>zAW5ms>^dA*d?v-6K)5+P&LwZGHAP
z<Ey+h-s7?bHje<$2!NiwOSB*NHSegUqEw#_KL(#S1EKog!s=wFdRG_2de^h$d};6j
z{HBOh#k5{;t^v)_#!Mt-T2`570cDFzr8-IW(OWUfsDi%adGykEH%R<VX*xwb9&q+-
z0tTPOZnG7cMwrUVmK<0+c8dHwK7wf-$&dR{w1C5eOZk2uGw-1O?D&ai!c2kWF<SPN
zy4@V5;tP#8JU`?{Nc@OKwfNKBYDN`O6r{|-s&0S}`^do%wg69<VMks!<eObzZzZAJ
zLi@MWnn(jwC>?Lt=+p(^ViWLm;;imG3a(uRVoC}LdzbyeZp-25Q@6<pSgm@>i}K+0
z4A;L4<g)BVQZSu)b_g98>*plO(-G{CCHPeuhO|U-pP^LK#q)FoFylOU$mYt5Pm7T^
zF<Af2Hn>XpO?*n3YaBJOZ}FsMy!i$4LKT=k2gw$K`uov;VjwR+>iT*RhKLEK+)}8|
z)9R5zA*g;5u!Nu8y;osxR*(78-Fh(@MIH)@!MQ^hsqZlJmMF>XdqToxJqbL;^GEfC
ztF`4cr-i@ZA3Zuz2e1nLQe<WO40G@~-K8G~dOyQBC*h9v;f#Ak^4J#FamD4mXzwmY
zBCp>Y9mvGub?dWy0EI|%V)PIeW|Hbb!_wlPo8kk&0*f>j+Fo1=FGw`i3}L@W9uhLP
z*x39QAwQDWA!*HqY)h?=f!j#|ulyp|Vcf5}B+s8`H;^m%9srY}v_;a_MpELg(f~qB
zBN_%|g|(h=w(mhfykb_!oFeACN3uGdrU|<~H71u*<-ImMG|(0Yg5r(quk}Pc08aI*
zD_{tmYVGB{mv5WdCxC>-87$qr7wxnOmXlo~UOT!rw{P?=>#Tp$7P7Xwu-tS`0KeRB
zn#4(fDBXgd89B7)u3Zwq6Z&)dkg*_gjiaCq^V2s%9#z+o^q(s>pTbGV!$i@+wezxx
zywzbHF1<sMVxVHXI`{Bfv5c7U1v+cFu*hKgo0zX{$=AOGR+`E6pX#Npan9iR#ZGT=
zgMBpyiE=J^BqwXjP(o_bIl}~3!yZg^SC6eey*p-g<;L>~-yG}AZyv~!o*OB`x)S<r
zOK8F<>GvQ7q&rTw1MMAkYbI8x<Q$c$Eat(-2RvfeF0<WPL>PZU=0xPe&s_9WJkr`2
zznn3j{jB!tv$*|n9D?w(cFFj#jbBcwLv#Sls1^j$xb`#H4Y7gx%2m9bcrqx1R2q};
zTepEwW;KO4GQWNO6+_8ZpKyuj#fdDx8=X6V_wz`d&BT1DNzob7=hhS;PVzv#XW}{B
z8~qi6pr-agib(Y|XSJ3MXEYz^W3A1N>|;!^Tpt}Tc0M30;ea9H^=LDrWEVuQ^W#So
z-~9@3eEx`$x=`2=7nOACk@~NiSV4QRRBjtIWl_bS=o<Wx$FYksJYKA=%;qFNdJVKO
zlg6jj$l&{1g;I@3dO~eZyN*EJ4yGRJl1n0-Jw~c{e)lxZM>4Ksr^1JB{aX2K$1tGm
z9>5oFWPL0L*SQ~+xB?0b)2kV${`^3~5EUP%>zaklAv6~)$2Afsn}X6<lzeZ#UVN+1
z6%6Ix9{Un?oZ1pnF~77ZB|gUhA4%}e%l^J2opRX9m4*uSb$QpZ<5ZL|q`HBmhkB%i
zuYXXAEcD=I4bB#rc^yT<C8o+auyJ)}%sFHEAkm9`d{Keg)u-1X`Npf<CCvw;i^z9l
zbN<{npA$qp+JCStKmM7imdIa<Ugbc3=hGhuXf^<@j=;b5T-Xp{@1W=vzR~iB4<(y|
zw$uAE$@&RWTbA8Cq4GH6AwKOu%+crj8<Klzv(DeT)#S9Z+;DE&kL_#m?7qjK*d_&B
zJq7m`Ksiv4X*ES;{#)u()pzEAJJ}XnpxXKsguX8js{+BKJ%C82a_(!sV}{o(L-H*D
zxD#@>e&HC{I8IcAd|l}3&#;B@6J~!eCgVrsX#8Ox#$O}<czsf{iAbB<;D0@9gT|9n
zK<H~$FDErdDI@JKz2VCX;>ZG+Y3-3!8gDW!$}@GUj2_v^{MjzGBDkgDGC0WLP8B(E
zMP~|;nbx0Qj)WVzwG#fP(M)VVv<J6KUmYjXM}Ct2lz06)(l$jO@@^ePzGWQ9Un9H>
zKa<G+<zwC{gjC5HHu&C?2L9uPpV3wv10fBWtQ=$J&JNM%+P`+xKdLhv*6B&QUxdpM
z>65FBn<M)f0X(^8sS=Qh;e>mcCO__-_Pg6C#101T4evahUVnP-Vj=TKy_M~>3gkQo
zc!CS(NdVT&W(D;Bl9sQ0PXg&&3ds$9Fs!zTpFG^R-rVTqGMFUzH@nW8O604@vSH)(
z4}zPoCil<n9J_S+auyKoRPNh%MW%iF3)}bN?%$T7_ftZ6ekZ<U6yb;W$HEwBrv$Fq
zk4BKEgx<XWm?7-bcsTNjjDJrt-F5P91d?N<lMWx=do&N`1`1H>5*e*8(^2Be!X<~b
zysDgNQP@x@n~vffJ*6OyoCmMV?xD3FI!q*|A%Gu4-y$Sgsrfj4oG1&q0UX?i>M*on
z=vytffP}a(WZ`x)At3<?la*dX@?&prgES!<aN2E+AOkC{uI}FhfutPJ=+2==TK488
z7Ct)`oaFDPKK=9jX3peZ$J6T{I`-hA6d)mDpxy$^Nu4?9w?GDY+k04mQPj-l0DeL?
z7!34>Eq{%|2{JDevyR{jJBvit0AYZJhw}m0Xq*wpYg<bm%U-Eq?SoIA&Vuv^S2@Ev
z<OTcY-e#XXV5@5bAiS!loypoc9}xIRwD5l`xekXz_f0j-SFI0zWH=zx7~JB^);K&O
zugi;`3|Qp&@c)Ncr_w)G1(}<pqF0{keaArw?<)RkMfyb*Os-o0Z$hrVa<)HcL>OTy
z!P8U>IWc|>E%rr5L;9vC&t&pWR1^tls3E#2`L*iaG>rp1Ts0!H2-F_AHE!teY<5|#
zy;$V@TnbMUjS!xpWFI03pxuA;xKbMOcj>U?f9beTKS0NYJd0&8Rfz66jgn1uXCP^A
z(}`uzK>UT4AO{k%6EGD<%1g)5wF}OK<0YZ62U!4{i!89L?<lNPxAm+~x1EKZ2|}Cw
z4?Wj2*V*47&W|h%*955RY1K|=2&Muf1Iy{arx2H*i<tyBN_Hn#=+$cbRAO==3s(U}
zXC=s&$+{%j0TFXw_I~$;`kt0B$Ac5SE8;deF+ICGGjtb*u6EOHVbIwLXZ3qbHuRx`
zm6knE*SMnLZUo=;z7KReh{!Y`=-cMvYt4U)w`w9+5b@Tpk}zd@w3>AP>S(<@lcjgc
z9#;t~-DK@N^{&yJFrdI^TzCAvmyp!uEZFHelhO)UoObMGzj)~q{~=S-R1%x~xvtYJ
zzjt<a$lx17s6Gxpn|WsEPLHexV6y><zdQ2~#4{QCWFoW>B;WEEeJ=dnTW}r-%Ei0D
z_%l_r$S+#?@MoFoy@Il{IfC?D2J2adX3D2JSR8YCR7dyi6QW~}&P|-Tc}ghLxC~9h
zmDs5j?!qk5N4#j4T9$$w$A1+RmraglBO2SGQC9;>^Km4piU|3#w@&hM*gPVOfcu3A
zAav6L|Ax>d3WQ;HVKQ)o=RQnw<TazI6XGCSOOOoNcLks8;Iy+eHm3U>TDyeFaOoIH
zn5sLSN*5#g{~_g)`A5oS^e9PlbH7~T6ohf{dI|}O#t(xp=rrUgcDXV%)lzwKejf(M
z3DfWRSjNW;sH{NDg|5tOUFG1t=H_6P{C`y~U>WJtxoDpCSvts9MO7$p72&SJ*)HVv
z*y=7lvaP9fP3q!oa6$3(f4P4cr3_fSW{rL!!%Q?!a<9}3#tY<Ov88$c38<r|h%Bvh
z>|@k7ssL6rVDIkUBlcci+EAbop{*d{mcT;v>Tg&cES*{J{`v}#dO>Z^WU_vL?t@K<
zj(lH9J6*7eo)yH^y`av)EjpU$cGYSQxqu*CCACN>nb@NR;Zpt1+EsU#n4O;8-kRUs
zxI5*weZP?aMyi`tkyb&-JWJL3yEmtG*`JA<<{6ETADw$y&AKl4-|+kTQD09H_;Vu=
z{%dq_02$-LwKPXHyZtXVp6Or~Q(_H1D8wPjz}m&c`cVBMwFrGQGV}Tmu~#|yAF<cK
z-O(PEH%!Y^CkYVWQp56jH40pP<U{rx`_u=E%!Z6J*VcJDL3J6Pl)C`uS(5@xPcAl_
zGV~SW>U&QjX$6>{Vz|Y?t{>rB(2Y6e!@eP9qv6OlHk({f!I1KlcuB$Kcz=8YhpFl|
z;#U{IPZXpxTP)-lxhuCG@0hu!FGcr7-MPE##KtwW$Z?x1AmR$HF?;XuR$hRDbn1$*
z9ROq|#T{vC%WCNMM3s*RzU|=!p{goG=%x6mO$}Vt%<K-PM~6K9)+oXg-{l2C@o_OG
zoS(apwx>Y-JkO_Jw^&8O`#d1jQk0&!ONGU$cC~lr@|Z*BRY^fXLT3Z;?d<*uP>o^X
z^E~z+P`U{Dbgk%>=cE3qJ_E5^{THfQkCOc_lrEqQ3EW6+7ZT|!=@7#o+`pZ9nf$7E
z=Ge%wbbtJL)RSqNe}o22)c+D1v??rz7p$=aZ;>ai(yuV#It7THl)3QIX+ds}0v@0R
z^Y1bx;ucV<UHKiLfD4)YMs2GJC?!?r{;&SW!mc9yAIVzv4ytooY{7&-XF6t{zDMeb
z=?@4B<i7(>(cu{D>aESlT>HAHB<US3N0Nfq5{g8XSDw8^Jkp|_UFR;yMi~&i8}RY*
zA-}e6E>NgOxzDF<C>r_;TpamY&V8AuDlA_O{e=8=X{qP^u^pnK)^*N?OghdJ6@9Yp
zmY6KF$_1K86SMmlFzr66=55oPCL7=X(E@}SvL0~(%Uf|<#gixZDiURmH_j-=a{IF~
zUB0Xx^$#J#aee+l*;_;eUl;x=|1xdYAFt-RAou_lZedjq_q@!nMEs$>)lyP+M~!(J
zaeu>9cH3Mmoa4uf?i!1dY*dz)(^}Lbfiu9jH8`5=ZehbRa+9P$M=U;CP*Nz*I~6Zc
zWl?`_Oh^SkMJ#;0ZJD6YRyn&Hlv<8icW;^9aKOIyl$&*wzAeB(O%2WL-D}s<uMhay
zo$mDcpcMsLt-^=#*BsJ&Hw-({vN!5hdKO1UYCgulBceqa+5ZcGA%pK7ym$?Xo;7bK
z3=GufZiG^@Z>s5H!Bo#KN_B6&tr!<ErP0-m-6SQVEPt>;s%?^NOD3)LB7lSodkA{&
zGvRbG^{Y3!?i2r)K<nkd1X_5-`!_M{Lur{(8XYV$=0Ph9nYR(bC6Z+3Y4!BJAv&3C
zx~(S;^<?NeqoxU`r&0PO%SyO-8j%Q**a~QJS!;}DCmC*Or!ApyAI#wXu{I8TWP^-h
z&9*gl?~_H4!OLf9GzT|AK!J_)FHF($p00t1quLFgdb!=icIH7AAzbGMfn5@D8<b-Z
zH!^A~#fhtbQ{d8-J=!6@M;Yd*oa~EHNe&&|NUAY=o%EFCmE6&0JX<YIY<=X--kZ3L
ztXQ%^*0Or3(P~fJ3Bo6D$xR5kzYmF1y;6922C7Y#y{(vl69Rbk1`5Tf3gi?Nss5%9
z_q*EvOg>jv@|jB5N>y-KFWCMfw@vk`{WrOdo!$M+?SGTo#F!INP7@wi)c&8yZ8KK4
zpXL4`w}GKmN07}>v45@Z%<Yn>9YTZkl*y3=Y2VPX6V3P;3WZ7;vuCa5>QL9_YoEUJ
zZva2C9p@lB-(vD~F~8JC$!=0I3cz^h#SLy@W!C5oYlKsopDy9?|3hkXV#S`$Oq+sO
z$1BpmoYr{`lQGUC+#f5t)ZW${4>y~gj;~a)YCPEaMsm|wIr9~e+9uwxhsTnX<msc*
zXpUkwPDPFIz2MnRtdhMFEIP+b^M?I5tq5uZQ0~kX814;RM|><5J(-{^%EZYGV|?C_
zRI_&X`I0<Yi&8d@=Cx(N6z0f3<~+^E&^6t&^)%*x*!aOric*8S9&?%TI`5iA{IQ1~
zM{n3*Tfd$de7~S>7kh64iRUhkzG=T@s!1CYt#%HWZ-MVV37y(h!6{SxBc1v$78@d+
za`}i|H~@0<Nrq0|ftq~$|DDDr9`T39cBCGmu~C_1{!L@cgj#7b7+~E@3e<_Gw7}x-
zqw$r6Ex*s(rR4nZ%guEKdV-EOsAyih=8AAS5FL05d9$<VBJys0rd_TiXuw|bo4BTE
z&5+XIg!Jj|I=R~SU?TiHWdXlNfGSu!ZsHMO3ghB`{KYWH468sYipT5Uy6a-q^vG36
z2tID9RZ9_a+hRqS2R{Nh+q|gc1p|2!xTH+K#&b`hwsexO&fQrt;EvQ1jFrL;tHtR{
zN8Vc5&>uv{lWH_URwhdu)c4|p2BOJNZb|=oo9zCwRWae%OkOB>B|Og=qRj-ZJ^N(E
zq|caW3b8{_ZjzVd?0%?+pP&;xb$@^=<I@$B#NRzSFaxRbU-F&S_-oY4)KzHl7cFpb
zLJMqlyiUu{ktL1?EIJ(7Jx|-7N0ag3qS19P^@hfL<syGpTDMqX!pt^n>E5DlS3W|!
zmk5viq^q#wwZJ?ZBr(=v?^+W4c5=!3bwC#Ty8JC|?jI=Qv+?u~tL!ug!yKP6#`20Z
zkI-CvrCnxrP_Q}pNzN)5w)wRht&b$Ld`+Shs83oMvL}D4R=o2j?SLOrVfx6{r|Lk4
z<*sQLhq?g|7rVj2l+l0qejUuf_shb}`N5=nmu2AbMU+Mo!5^sJ*%wa-E-$$~vAWHM
z(9trF^-G|PDF^DqqV|x%WhN1N=rUz-l8XoQ7<zodJJCJq_wKDaFiw$N-t2oq!BUAq
z`y`%?%4JsYEJ@x)Z0#X}_i3gVylPkWke2hE<I?u>J-cgnYdX{|8A>L;FnERVCt+sE
z`87|~UvRsYH<;TQr@Ov9j$O#VY2!Tb%ZPz%TxA3f`Nabe7c;MP>g$$~MIfV->6g}u
zU-;2v1KVt@!L^fU3?+qVz``Ryc{<D~pd$B>)rFy)`Y%oyRN%eBlbw~B=SG*0N^f~@
zKljn=-L&yl>);9}Av+l=)4T8;^S)C@^;q_?3HLUt3(;ru7({4+lmTF)0&(`A4LD@W
z4f`~eJVj}3?)S*_LZ&qkzru%>#u_cUt;FzjF|(N=!mZ9)Gij!=HxnVdF4sRsKhCHd
z)>CvP@?`30i@>&;C$y$!#vZNZ=mDWtg?N9^n}n$krYJsQ5i#EIBn3?vW6hmH2Ycgd
zzLLRubM{>Hb|wOWj^1AWlp;bTjC?(`34FGvklzb&vNc3H*>*BN0o`7jAW8yhvK&a7
zET59P95GABWlFJ^GW|XG%gfA$k{TBCgGvMm=#us#kD>Hb`SYb_WIIYQNS@&FJ9iQ;
zvT?a6V-B8>6io1=LuBzL5^Fl^FXS+%Y@+fDj?n<vch)s}llk9m&RffIWN^Ck)0k}0
zzWBZg$`eUOcoAT|^@yD;;_lQeT2oVn?59*GJKsx>I3pxgE`l|HnhNh+By38FYmX!;
zzaysnOpkxIn0`$`gU!f@-h{$^AgmE&xb3wR_83tC0Rd^kqDlf?uA?q41MU?Y{T4@l
z81YDnD^}2rP=9qraYggg;td(TJa-YXj}hb<oJ`t7ymORTYcq?RailcqWrcr}HPA*{
z{lVA|17s1UXUs}I3!VuhP|+nxN!&f=-~`m^-`|%<P9xbef7Hkfu57kcb0X*<X*_HM
zn)zVa1xwl%;$<gPsy=qI@q*qNo0Tz^asI&W!U!+r<pyi@7ho!Zm=>0g-Ua9X&Zuz@
z;<<4{F8b?_6`Ns@uS>H$-33)x=<zCb(kEniWHg5c2(diTw7{K^Q~?vm{)HUXB|gWV
zOrCTbltDF~^FC7qyq-_7y>$C_z<g+DjqiONv3i0+LD$|NKqIU_<50fW8ziQT;;EP=
zf*-ffWj4?h-YKy?`Yu!Uu$9Uda4)qCV@Px;^^W!d&Ed4~>X&xdiy5o6O9>|yFYD*X
zxnN>P#LS9L9pGml;Nxtr-`gB5@NjDF%OW67zwyM9mFiM|$qc``kj2rrD;ZZBH{RSF
zn~|Hix(6wn;uDvfN-Yr#*<nV@p7z8in4x)yVLp{<(snWZgS?ybeD#mqchC#uzDsm@
zh4MrJprY-8-cY23K}<kVe+=EL_)Sy>z+=lgdMR|S1Q5bVXCWy%aNHO>rD^p$*MTcd
z@T~OY?!-2RNR5(1@lr0TUr6H%&l8i~7@;4@Jeri_B&L;Dh2Jo}k_94-Rt-lb>7J@9
zsobmg5g3S5DD`w4KVtvz$&+L9;eYK0XKgibr?`KI`@MbHh*_Vd{WIh*iTd`2F|jgo
z=@iIawX!nL8|p;s3d&vOdU<iq!gV%wxItiga*urkYLP#~T0GetA#PY#4Lbb6aQHZX
zPO)x1Om2{rB??=g@g(qw!gB_#)F9)=e-?&fZ#KjP8KE`8q_6S}L;A%_21(kkGhK}c
z?>?lI@F;)2Dg)i;+pV*qhIMFz>h7hhfy)n4S;{0SqKOkn$84v;UBIvy1{8Vy`*gqV
zA5$FdWD{8|<&HzPg;hzKK&zS0us&)f>kA+YH@Fo#b#!T>hR#qa$tf2DtRE<k{>U3?
z|JKmfV0q#4Wz5KEM^e(B1$hYbT4|yJ53;2PkPG5uIYfquBn45`vP3-Z42$Ub8SYep
zSV~XCtxG5?!1+zr`sle(w9#G?&kuC43SanHQS0V0n=FTG5?$_@lvBrBG11~-(9z36
zvfLn+O+SH3Z~wBX<+XFCw=OMf=?SUtr9S!C9`G&GS+b)yPwCwV&u)d{8#WQ3%7<O*
zsFd`-#XiQb*dXlwzQR{hJ!~bMmL+Jf$it}`_m$Z9MwfRgN7ArIw1?8a`hqrpdY_(d
zq{dbl^OgW5sU(cZ@n|(fw}n#Z1)Z1#e=xv<NkV54DDa$=S;RAl`6&^64=6p+j_2Q8
z^Ktc~GQzhjG_fiB{Z6P@nyi%t#_KEg<SH!dP7|#Vw_S|~u`hzP)VqJz-~Jh@pru?)
zk3X~Ze2^pzW<OH}oCgVvRyY?=NsfFD+~O7`iiQqW2rS6b<{HnH5y9iJi9#tg(JmIC
zLVRVfXf=sMBl*ebt4Z|9@mp8?Og%PHcx3WOqvmgwn(1e@m-{QVJMWY6BfwHjih-SK
z*;xlf=tU(|N2%}x`Z3;fgu?u}E3$`fcRUJ04+41RgI!PJF(rU0QS<ss>{ZL6r<{$*
z&2k{KWAl##3>}Px-J@o<xwcx_xingnqW~!pr$jK2deP22lAZDLLze*CW^|s+keJDY
zs+E#5^JBFJTzFgtZyGh(0f>UMzsmZ2y;OcdjT1FpW^?M^20zrs4om|0q8FDH&$rN$
zp>d8U(*s2)Q4hm-&2cBzJ{YMs-6?1?B^zAErt4!162Gm-6}gs?z0v%ie&b#`$&9c&
z-5#72<&PfGnX+LNoZfaXX!Zb;UdT)XFWm9KmaM%PQ=O8j3<sCSmEWOOwV0i5Ukm*>
zpGkGcq>I$%$BufFm#AT$|ISgXN=na%*^)DHkrk+BPf4FLCA3R8c}#=KcJW=}O&ea#
z^8|)%47C=r!nQ<hJ~MZ{#(jpnGkDeC6B!G2sfZ}r*nB%G8{V>81@>sQ#%6Cc;H$`?
zCSa0PtozX`v|&dq6M@j%gT(d3om`=;6>6RxNnC<73I3>+Z5`2!Q`vSGWZL<o=RN@?
z?ZI`XH9t1PVE4;+o_)zp=+x`WDnK?eeV;7K6VyDndcXR#BffVPF5uF`K<dJPG?9_d
z79-E}vb#FpK)8=IDkJdt%SJ_xPV5|ZL1!I;_w;$TE6{vQ*R=0N&~>xQFP=29sktav
zq~$oe&~$NxOT>}x?7&<}z^>@GNJn-;$`f(F#y&7OJLU<;Pfs6V?s#`Y#R1kZFJ9@T
zldOhRv{t6wBTwi-8bX;<-^__()aWMNmc7+?VVtb(sb|R;R*`DOukNMp#fPuZvEdGr
zO+ALWQR3X7P_+-j6Q+0exr4F{VcdL$EPLFOd3p99bhvpM^cCMcMZTIY{a?ev6V>QY
zs(Ip0jN(7SJ~~{`Y=0~5+oJBNz6(ZkN-cI?H{vo`{<{?_Xw1fS_m}|Gvx^_yYj~#@
z8l&z;i-wq+oA(!Ra#+XE{*%6W<e$_f)B7k@+b-Z909cnFMjbM-&+|pjlkuysvxF*M
z?U$r3O#j-iNt2+aRX|5cLJhM5wHJl9OKSV+7fF%0N&SuqU*&qHFnyx49LsH3fx4Vc
zR#d^t>Aaqk3;+o_Z))mv;zZp1I+V^VbAGW=bbDH~A660H?*0GL4d}Rq=ZmtD@$0XD
zn8xZ%3v;{{KKFoLK{0eEsQ(bP8kl^w-^{jkW3_R!m)=w^o=Wgs?r}l%(xOK|+aAHN
zob1m(i-e#9xTY__ieS(cd@AF{dfkRW8rvc``EMCQgehCnZL3J$<Q8Q3F&R`KZ<-G=
zitr{Mo_#%kr{Yv9yJ&3p)U28&>irQHSjpSX#?G=(G4L$-R-8JRy0Hy*p`1g<HN#fd
z6T>P8nHqZG9||=h&zHVsKG8i=QQYh)n|rrBu{hjVxXN3Fz3N<e;=_;nMcrnLvW4fP
zOcxsOst6Q&8J6`-ZoSHLtalFL9J0E(w%aVuG|@ElrEf>|+xYI`Sl{8nq$ml5Lvy=2
zJa;;kx_LzwTP3cjusNDF#C925K!`06OHivO=L@oxp)|WX!)wDP-@Z9Fn0K#OuvP(J
z5*G08{3x#9Dv0Mv=En7n_-`d3S6cx7c$*oweUT4su)Zv4QEJE%ULcij>pwob$Y}&N
zL{hQSa+i@B{a9)sM;{c;lXVyG6JJCPB6XJ}n3GHecDCqOXg-zO{{pu<?IuVHCz5q8
zL4Fecn(%;J2U2Eu$2NBKtt<PISfuUYOyYIU8KjG*Jn4g+!0z-XGT}x=#y~xAUcPah
zXc;Lx70-XV8F&<G;QVZAj(FZFMz{gn(0g`X3z?}dqi>bjohQcj6ulN`y^0gm;-dKR
z-jk1wAH;cIP55{`5-V^t#_Tw3K#W$}x%bau4`HLjT=CXS*6F`~dKfcVh`RbfYqG~^
zKTJRf51}|!RYyddJ+!Dp$lEw+qw&fmMj=ucF*T$8_d+Bf#;4}U>?G7d^lVbHyK-%+
z5YZLBU3+7F|FCGLObMVLWuFIY1S8ZaQ7zhc?1?k-Pw%RdHznjF5{wB%pom3WT6;R{
zE-6oZw4A_IpX}3^;K5xu%JrRWr1CT{G5+ifk=<0eMSbN9n4iqcW7EgHPhG;UJ)wzl
z=1QR3b1txLYJtxf)Q4V>*1$y+8L53X<Uq>P{?j84*`~nNgk8Zps1dWZNbh<!(dr$i
zYTjIqjiBLd!K|C3(0$6A@t>Q5AX2a)bpK}r1{47Wl!1Yj5@^W2lYk7_ax#C~uw3Xs
zCdl|%aY+$0t4#w_X#>$C+bf?hO7B2YZk27GzEmZ!ODKs1e*7RRTVs>tUI+9?cj2SO
z9V8uT0Sa{a(B08V%%T}0(zDa$b|ep}lqZVSS?8Os^INm3`A{;FP8}snUNkPx8Uky4
z`dx`4P8JqIo*#z^hbt3LP}W?TW9r;@$W^FH;~0eLe8izzkhxy@0Hu23Qs8Y~cNCF=
z!CyWo!cas?%e7f@-;kJyg&U7~hmb>FWSzNpA`2W`Bo%iT-{%PFP&Sm=mhT~enz?M$
zvn%|*NR}@A9f1x?D3nu&B|ZF?A7s3FXba0w<Haq6rSbIU@Hs0a)#!cC;mdJLfRrG#
zh`|V2yS|g#Ym*ZDS7HFD8atXpwaT6owRlb<>lkv1#9jZG18{UExDub0>H{4wpxv{k
zs;pZklz)xbJB&4Wl$zDpISiKQFTkTf9@yQq#v$*->i;kyKp4u($}WE8X%{6Znp}xq
zVQ$nfMI|o3<~mp>MS{XU&%;{t@r%{xqb0GtcZe!7X*iXg;uytlboJX$sP!@E?Lnx)
z8(-K#_Ikp^>Xs=Z*|ao1x38G6j`SvLQQtja4>70RL$!4MT8(lreN*&f{yk37$GZ}t
zRw7XR?d3Pi)oHq|*RY4MmOrzQ7x)NL-dRQOx+I_N6lC!`iCu`oOgX;K78rW_7r6=g
zA%VrsLtt-wdg?m<Wo~gXCvfX4M;JvZRYQZ%@}PD|;?J}rBy#T|KYmVqNaQ%t=U6op
zAjjvPXcE!pmPd4KIh&P!E{39VSxrG1N7e2X9NrwPzO~WLw2&Y_A&EpHf>f|5d4D!h
z>74X0`_9CZ^Y1cf8c78yFw2mo=RiWqY*T8OMfYRBd{m=yb|u%9W=@$^<V!m$>(&H~
zeiCHMm0grbZbLqv>F!|*Q`FvVSnR0wq$Wy<k-bUA8NJ)hZfi2GR?~U3*-A{q{Pg?M
zTz3O$ClVSRj-V@1()fl+?sj3zmrsF8VR_qzg^G0-+&gc77x89m30ZDe4MP$<vMp-q
zD@?Se?eathSie!<RwI#XiL8F=fYIUw@R;sQcuqOV!HNqN3Js|-|1NZX?YUmP3J#EV
z1BF?-!1v}|*MTVnpSf^&uy*(dyF?YjkL^n&qyX&FwRh<!FP5D<=9h=WDOK*mEIzI|
z|NGagi>+bAVa3)~1wa)MRjhV3p=v&mzD7ax%J-O5WMs5u>D%;^r8ho>drW4-0l>34
zLH?C~rAc9c_5n5At>taTRdX_^tAco^`DM#m5Ic6i0krSF)PE3{K%GPF^wpe<l1t?(
zBMR-Zb06|9wRrK3kar2Pw+u_-qyA7}GPy5)e&JQt6>*e;0?E7Vg?@@NQ_p8$<Fm|@
zwgmDpEY_~nZ!Oi+xhatJEbk8`0lbuYURL-=p;Iyq-(Ce$5UP|oudtnxTn9eD{F8ve
zff7Q(4Dt}x?`jfAY!Nwp=ehc&*9jl0;K-Gq1jg|u+rb4dV?N)MyN&K@-Okxo>!%ea
zdV$ErDABOA>TR-?ZL)Vmo?$tg#rMzfz+>eiS*g_-+I0j3D5JIx+#}T%ZpFbB#98Ru
zS2bbj;QR0x*fMCl5VuVmB6PdAG;HLsbUshf0SfUl@8|G(AGm*QX9$Zx4pOvpU}^z!
zkQO)?bUq?0p@fTSOBPb2;APnT+~vqp`1_n3YsX$gmZe?_;1Yo(@6HJ#DWskg%>2o%
z%7-S#NgO{lrjXw1qKO=wd&tHc9<yB0bwdWeUtmscj@k;==01r$lBp5{kI^9i#BE?^
zq?M{Cf1itHGJaPx2;?efVN7KB;LN>5e=p@7BgJL@O@tEDw=p7N)!6U?_N?Pv7|J!h
z!?1ICidnGb9ra$D7>~HY%(yBI$$IHlghPpUzm5Bjx(rrvU$xPPs1@U7KN}?~-5@TB
z=H8~k(INm5=~5;M-t@Ld!1V2bCnY5MWN&=zqOXT{LyWS%g+0Bo@{OAztnCh7Gn#>1
zn>z@;=b<0RI)JwnizL}4*F$=N!&Qiqs#Tc3dr{eF{W>p+{sSEIcEomQBP|UMd?>G2
zR6`oGlmluT6PU<DD*6b0{s@yq7qH|92;d8ad^Keuyy_VmbT6u^R!$#0gKcduq!on5
zUww7uSvVZnO&%>qLpxJtU}=|s9f*bVujB}PF4w~@OMDeT1#7Lt-q}J1+RnP0!{W<Y
z1`CZKF2OFq>$1~{XSOw|ym}qJ=MI%%?(%|3F=;YTnLrugs8{&u;f1z62-=ed<V#xR
zv(+!pWXvwout>jg9;wD%_3RcH48D^I;j;nLkxV_X?<)~zTHOEc*OE5O{TkFJY2W&v
zK8Cozu+6S3;CajX180)KlhO=cI&NJ_72CK{`>qEG)EtgDZUqC31!(>5t;l~~m+3v#
zrVNOO3!QC*uyL##Q_Az3?PmBO)&QqI2zi=Y<NN{1gfg`Xh1T_mDr<a7!t-rHg|Yx<
zeDFGsR2Q>e_44Zp_<xhkV}vl_kU0A$Q%SPS+#KG>S#@>wt8l^*b^NFb-8YbQP)3g4
z_>9UoqU>^R6V8uJtHd{PQYZ>>)&~PTS>yLW0>!t!7tf(&!f5Y(VWAHmIzp!=K)vKy
zpv(p3QraRA;vEK$Ke<$H?9iL5;81wq@93Hr$dlgQq64|cBlI4aJ3Ep1M~(Hzm&#`z
z7~L-ENPUKCxis5Rx>S3Os5c+nd|?ak(}>O(0mO)KoA$VhEmm03F;U^ti&_Qu`FjgC
zd5U4`P~(QG{N%9IY1Kt>rBeKk`j|!-#gA+<HJA}7YW5S0`lGZCgaqYCq{ZJ%s7_!R
z>2yiFVFf0XQCJCI%|r9LQnVtO5{k}P$AOiIqWtPprxa0X=c{lU{|I~ta0)ulJ<t`5
z$Fs?cbHkujQ-f#Ud#VXm>hJrDG|xgcfv{yC1WBOMju32*fb@#zJ-Xd#_BSG~LUFJ|
z`^vQ0_GSaUSJ$ifZVZri3(!Smcp(`3tYs*RS!(y<9l>n7017j?%rJLO3^Y!iQaWW?
z(XMZh^uHOH2RVmh9su^n(-m&JYv;@i-(=$)2|Hd#w~vG9OSHlDb8S1Kh+Ftp)xya8
zeumf(mmdJB-WrKszt$$*c786~mjdK(E;rz|JD)x);FE=|n;Wn97lxHvw=|cV)f9`e
zo3TruW2A$5ccroyBAZwqdXl4jGyV`pKpDf|K9=)YW*Mpc#^Bt*zfpU9ie)w{Vruk=
zT~FHVG;v+}6qncbcq#s775UGgXeyaq$YNZVUFt_fiwr~pN<Px<rRPrX1?|12a5#KY
ze*#8;0)FUqT3oc5y>eLM=~EO(!+?4g9brS8>_}w11+@}|`Kzs#meJ%Jdde(jL^EH&
z<#7M!MzTunb3Wa~yR)E@<-_<6RhXA*#nSz#(?cBstqbjGq|;noEeS@;ykwQf3X7*I
z-@QJ9RRuz49j2SE&aVBac|<k6dQ{f<g;}<Lv;ghePdE5?rc$$n?)Scqs<|g_c|{!5
zjg;oWlGM`cqMnFk#GL;Ym=QI8PWsPM;h3<L4(G5&uo!RgUA<!NuhzKgdSp0yJ(?HK
z6}ner4!+BH!rJ)Y7#k+i;@;q}(^_MR$LOe8LSX{Uf3r^`?nqYzIeiZd@aAs?aGG&f
ztD&s<_4OW_p;GTfkEPA~ku2`P6{yWomsI7t^)n>^Qg`PM_jbW7N+CR8yBPhO#3J9a
z<1JR!g7+qQ$cAISRHyRK<em=)hrhY%{CYB-vt*iRw7DJ8$1NYH3)k9)kF8a0E?g&3
zb#$<DyY%O}`=^#iHqc_Sk^HU0C~nQnltnaJq;_9Vl>4CT1b0pmwnBm;VnO}Yda`-U
zNpnj!%){=TFQU${hur9r?YESXV-#AURMY7m)O`3m$HP+sq~<sZMo~#{zc8-KsoLX+
z0utr&FR6Y?pQ`KP$#Ibx$JBtA)FS6rG(J2lZ3;;?WwJ9GIs`XWnl^S^!M0+Wta)Fd
z6R;^1atAbFj?sjJ)E-fLqbsKXn^K_7en*<oe~;>O^qaI>G}P-3JlLlsu?aHCXKM`3
z*J8Tcg53^70-BTgYV=C1!p4iwv+iB$iyp4bc!rw1ey<!gc{3?5QI|F*k>Cv{)@@ex
zl^>T!>KX51`-i%Cc0w-NV4*>$RUS;TBR?(L`)PmIRV?w04}cvE7Se5sZkyy4(4vE5
z{Hh%|W=L%LEjYxBX@k3jl}O>}&0pFG;PU0=&P@gjUn;wvqb!7js($e|-j}_CrFri1
z<tcd<&M|{Xl&4>`ITzIenokE{BGiV5VPXR`VBOD-OY-Id`m-gW_a+?b$F@0riTpW}
zX)ixK&*M&>PjiF7oz$)dR~)X*_zJax=WYRZm_p4RouDw7p=BbVV4pl(<&n)YR7-@g
zXUwgmsyY!gYCm5&tqrU}qaAm<1%3S2!EPyLu~&NO{JtnqiEpa-JSFFz;=>v(Fl8Ny
z%u4n~&|Jw12Rb^0S^RBhIx=Q1lc`?umBsIYv<gL>s^_3ehnuXik478EiKlp;&n3r|
zPJJZF_UBgtLUOX`v-c}$7jyzOsR-y8V~%Ipkg3>5tb4gsLQ?3>YO|QTxK0O|FTmu|
zv`LBQw$_&u#p#CAsFP~C>txq~9mxEWdQ3`BHCiKTh93_V@4fibtifHX{8?WJ$WD5Z
z30pU~7m502vUzW%%phUWW@%WlEuxQP?o=Jb*B#@<ES}#b0((u3V{>=&W@BMHsaprJ
z)Zz<UTE^I^`}Y@Fras@-As$!l%M}ZDnAYAWQPL8{c6}c$p2Tcy@BB8;!EGz9E2=>C
z7Zb1cRFM@VtEg+IiKNhb6HPQXKgI6tS<8@gI~Lp$bQMJVd-tFnMCxyg7AJIE<T$PH
zgI&7HM8qgP>-8C{$I!|rD?bjS$-ph@@DxC{pvsZ^n9;oU$H@kIy!Ljqtu+y8Q(oeV
zfn5ry0x4cL^_@1Nh!uGXf~Vin<L-1E(gOn>X~4m6(1$^}HZdk!SuD%_>k%{lFoipu
zdeYlTs{)}bM3nFMp$-!GuJs4+;uYOgBEyYuv@W?_$mfR5<qLiNq6~Odg!1gQKe`&a
z8t%8%ZymczUz_yN2@*ILz-o_HpdJ+CrNb?%@NC5=yuf(q6jk~xPWvzt#K#_?)_&8g
zu@b-kx?vr}U6ur&-?<efsD<R@`3GZH&4IFY+Q=_ub@c3V+%aON!)x<z@B6}pqKq`C
z=}|N~CTuFm>8T<^1})jp)T_N;JHDJC25asVI-WA!{)GU06Tm%h$eKZmKGz+;&pzkV
zxo1idSncbw`EBpFZe9gS)mM2-uK+3C%jg$-t07Y`+)Hrc+HfUrY4v*beWTB{9haU2
zHazFa2Y&<26@AXf32MCZf`k)Vz?MBpG@bpN<t=O-xJU0gPZpVf)Zw0h2t{w)QAe-G
zDAjHn{?p^TNauUNe$71sS^=_<?8%pfg_+CayVWx1n*wF6?^q+ygZF83jg4|d9xb$8
zpy`nKPRa18P(<rabZ^?D5Z3EXeCRbfBK1<@fzDl(OGS-z!Az=+Kc7e=JFT9n%C$#G
zv?kySZzriB>Fc`*YU^_ky5e4QDQ*r>=ct}yJ}>$JOv9sOTI3;7Enz=bKP25wYMvaV
ziE4(JdnKggzde<9OnJ^JetKaRW?ujk*XZD66JvEl_=viO@+Q|HzrH0w?e5g8-^&ly
z?$IJGD9ZQNMQ!d6@XwRdrkFxkPlgM|c9`yxQ1>kDUFSplO_kM<<iGn9Be|IXU$a;y
ziJ>c)b$ErUO8de%zePX2Nr7<q=Y8DxouN3j1!#1*NO68IJ(F=|t4*U+)ldJt87G;E
z2L?<7Q-0saJ|hV;#$8GtGg_NajKGDlkB7+@{D`rPq~<yUGJMPwpZbFrw9n32#f0w7
zazRLYz7!~o6J@Pln-LoAW3b~>$3#p}*~bOE#7=MPp$4U_Lpn|gpj0LL?jE;NR#N&*
zV&q!hk#Kh4+Pk?<?}l+1uhPexFusFp@*4G_$Zch$rsL&Oe?^2K^B1x?!+?YRFK}I(
zA9GpnIAp1DlVGjSpO=-C9+Q(kX2pkO1!v@0e68lZ_45J`-rL};;21xCW5lvE&?tC_
zNo;3ylkQu<vSP17zITu5%Z}9!pNksn(Ud6;p4!wKvcIM5@B~lmFaLa8WmqnFmdKB#
zH>58~aw!u;V2Bf|^1VOxgd63go7fe0HUfuVD~A|Lej%LDyM6p@5(Q2Lnx7J{ufUzB
z9Q<h49+!2qs>$SK=iu+3z~D~qtwFonL4d+S_RY$a?=`swduxXWRl;Btw~sI*78YDM
znrmNWRBsYu^4!^6bKBH0d3=#3&ppL=kT4zbHkUm9ibw~xt^&?wki`!M45h{o&O}`i
zSFECw%R=Q9)4M^Rbr$}7{$vlw0c;*};9-<C_`o11|8x+^%kQ3N6&nZ7GUXm@RfV!t
z6pTK-ZjUgSIJ`ec3LbzQ{9RvidVcVaZrjecHQvAGvq!E&7Fb5<)fb+~>?Y<Y&v(xR
z){{rQc^$+9LPxVQ6WhHX2(;QvwT5AZZC%Q@S4V~NoG*y){ppK%6NJWswK<&AISWw*
zu?f?}{R)RO6xkU}cv|DUaG$T3WxnG22W0+SgmYdi6*W_dkbBe_p3eEr0A+^{*<{7F
zK+hC`PCHozMSLrD`2@_$^ekXNb?sn1TD6O)Q0M>f_1^JR_y7NRI5_sq-lRli?@cHn
z8f1@*>=NM+$Id#4C@YjStR#|gY-MCzA$tqS%u(X^c=aB?@8|dV-hO{vx7&67aXII_
z&htE<kLP_Ra%eU2chlPt&l12Mngtn0WY4Hi%KYjCq*`Xt?Eo4<=0hyFHUf56{^>b>
z&B`8bG9iCMJwzq|&~Q??kbe3GnE3644Kw-Taj^eiZNCDzxwPwNzS}Sl#<wzI`^@j=
z<o*qNQUqdcAvEq~>HG6H>rP*O&PPS0FDloA+8c+Ag%$xvco8iO1o>aIPza;xnAvIX
zLpbwMixXqLBLP1qJ%0gJH*8OBt`b4_BFx8e!JLITfh2VbtT>A58Pos>K}JWA#gI>)
z*cT|da57T=<2P7jz+{n$+@>na9qn8Gz){>;PKcMw_1QkY9qBR}{vW*f+JEt4+S|S4
zysSB?o?lT#N(CLZZ%;e+D*5(h=H{cF7>L^@?@c{e8@E`GjgqUZHMcH>O{G5~{~aR-
zQ67|`PeLkx58Na@_<qUpWg>NgCEHU@9PQ*8JE^0>Z<N6@1c%<IMSwn#_`%)F8n{s!
zKFbC`fouJt)+}mc>yX~1{SMGZSrCP6eW>dBRffN9jmxA?SInx$q*JUzyHtIDo+&La
zPoj)plz$uAyV&;C_h{ml`k)<)nN1zl0ASc6aQf8rYwHtr7fuFB&FwhPgw~2HqkEg!
zW`V1fhZK?0guLw$q8Wm|;{wM}cEz9_kpB58=tHoAp1LcU2X>4HIh35x#{F5mx2X~Q
zOwMqZsKniuK_1;|=59?PL#HB^4y7ySadvq#er<$-kHu+A7A`bRswiA{y2sd;@?~M#
zFQuM8yB|G8P1TEh4%kwHZV7_^Wn8g_N>|WW*t{mHi@?|^FAkBy{H3VTV6-f|N9@@w
z+sc)1=*n(*(c_HwL!{nXfWWH^XIwdhNUx|HPn6R4A=oEkH6HG?WBT+^LLRw#Y5Z(<
zh-z!Xl2Qr1yyy$om|W4Vg1Yth7ldTx_;%rrkcWgj-yj-zaYa-*<kwCZC<T7lwXnf8
zTfi}9EyB2{;+9$+y`5(On?sv4PzDi{MQUsQ<r;`iVEbIXWnj#4#X7pVj%3y>qk_4(
zJL5s)DG1L>PF&1$?+2BH{yRgYCd-FB-0s%B=cXr+6I(JZ_*@A)CSdVAa&Qn5rnR@q
z1%=0G`rioUtSO{sUVnQt3dQ7rWSb7=Ym)fxYCTKs)kumMqZ7ickJru~z5#bwpskQ9
z90ANF20j`aDQyVcXhYdMJvL{->|>0xb5d7$$G^#+W?iJ8QdsH^$^suDWxVE-vy3c%
zX>}5U4#&$AgahufV0tRHn{=gM3t^|+%4a!q9VJ8X#~gtPr?n(DiZedz-r;thX<ZYs
z#N`o=`*%CidR_P*m*u=c<r(Pyj=v(Dq=baAPty|XrTm6s_wJAnZ$S_-ktGrGkXm3`
z8WE3m-8A!alipeWa_`r-lU)jh@AL#BB0CsE@B8o%rHfw6puSUX7`3K^dgw5E88zx7
z^$BMtq)YEhsn0*-RJ>n%raedL&I{Zvn|DymF@Si>*df1(c|_oGcxz$Ty_J$;Ly%a)
zl;%Ev1d0PkL~$?*ii5-H2)d6(nljkN8=qJPUt7wj(2i=^m9o3N>Y~T2=h?YL1v(mm
z=D>WYTpPbm622f451NA{Ze^Vnod|=Q%s6sQf(V<Dvr0+kw$+DoMogG@C&%689KLPj
z+!;LA{eAyJ$M1?epZrfHp;7GY4R=qOIIhY;9oRT^<q1>Wb-Xr3Xtm1mAYOZh4H10t
z-Qy2A#%()M+S7W895*sRrWSO2UJ>F^>8-12I+aPYaNnoJ0tCdBQgTnLT}v4(_t7vj
zlH+xlta39`Oq4W9xDX8lzto7n;bhS28UEJ?*`(xIp_LO?QynG(KL0NKQ(WD2J{?D#
zGP>wZT(5RLNPq*s#D?C5jb)*(InKDILRkAb{~9yvZ8|Y0^t@ROr{ulv<5X<xOvTxU
ze|}%EKl^Vff-*=ESUn!$1NPn+Q8dKg4NjacZVC8u5t~P&hR37wB)HIOS=>^p7zV|+
zuf)|#-2z2jB<^cdIIn+if|2&d{hb0EEkKymEk-_<YFl-&{7q`uLgq7`mdvtzHT>ut
zQ$p?oXA8jim~0(XviTS89!p!Wj~`%n5+A8<3klN_I>b%zrM0m<>zPg?!cM=T0YD$c
zJ8`2LMf&#X&7rf4gt?yFIHtLb1qENgmCqPQP3oDW9QX+J!ADmU9_1aql)&p?v0NyN
zgk8hEg+zkg=N%q9Js~T*;jZ4u=p%qyd2i5GY-$(tmZ>QW-8h54mN&h&LE&8YKthNz
zfp6Z=KqulWXxjMqJuYn9-)BjGy#iFndAVFVlUNm7CszeGN|5U)^JT{*F-$q3L#sn(
z_y=bKPG42-_Gv6Q51c1yQ2;$D@Td(_k~%FtOS~MrPOl~ZBt-%Dp??D4a>0BN|3?=e
z#U}EKEC0?7RT42J{`)32DTLj<>r*#1+mjNsgc^!`OzavOf3GWxoSIYc+m&(G9CMRC
z@MA5y{p19}isT!E5#_Q<zee;eYyE|oFxxWNSIeY}=aSgNx%dc@j!(#;ye+b+)LPfj
ze#XAz#3R(T*Fk63>%g#0B&G5`z9)-G0h=&)n5)`@AR%2E?VR*#KnC#S*&W>TOktLD
zX7;pyb1s@^4^_F%%vZ77-RI+&Pl5LL`Cw#HE_-)l`WQZWFKg@TrdV`ZPd5yNpxo3w
zpS+D&7ekcqDEa8}v7;y{?`KWcU-)=p<sW5N#*`@$d~zyY{h6)0na9ddVUj@My)boO
za}O<`7zk${gziza??-=Gs-{saB|?pLFK@efVN03Gqk*=548bL_(j>jQP8+@t_%<%L
zr*=DUr0r{T4%Om<LiO&~|9Y|W(C4Le72|<nPfbIaJ1n~Znwuelx=k10UtQ#^2*-rt
zZ410@&HP3y3m4UMg)MpoETL}Vo$*-|Z?No#1d8{}1ufoRUS;980|AbmwM-Dsd!;rY
zwwUL9dZeQs&WnQA9S(_F){P*UaBo}emDP3WlN%}-@v5?8==-4~#rqrrOf`-Bc1elF
zF^!78v5VMfn_S28^N5V-srHI4tM$C%sTBEHMeoPwHZ9`MJoOxB?hBLDX<|(Cdi@_Y
zLfrHi#ZyU^d-o5oRY&wpNj#QoQ<*ZtmZ{+ne^NwG5Bf!3U63Jm8z_on9-gH#tmbKS
zoL6vNcB?mH)xhLYd@bD8HQ4-4BR|fU6>|6^W_n*D<)I57Va8!9jL3PaDcr4*`>#`f
z3hq94W2d(*V&s2K9sZQxR4I1<)|n#M1H(p0WM0TC+|$9u5k}0-CxBu)UM;gZBkuCQ
z^bY}9(_?WF;|~a{whN8Hg??Y=Mh5J^-X2@!{+AfRxpfI^jk-xJ5M|S$iuonyYR4h(
z<>4C0bGq_Q10SKoZ`FV34DXA}U2CiTEnGF<<^Gv2USYB+14)|3h9~(|f65#@ZQ*z9
zO-`vzrNrl*t!dwdmEnrQH{o1D_u_I%>YCKR>s|1v(g!}7csp+uD{ZRF$T`H9GBQ%_
z`B+HqxoRa%Qq3atEeNgKWm10bN?(5lAd@77-7r6ty!i<25wp);_XzO?D<s*U;8MAI
zXv}n?)WDRq1$%4Zqd{}4!G=K*Jy<5wADyz9bD7z|fBUykW3R)|9_}B&8JJDny};|I
z%ZJ=z*#!ujD)&nSf|Q{|Cp&1n2lz2Q-05t`+Fl77&POqiWz%TiRIT@(z$UlzxQNU)
zfsLQ$BcA1qse>SA-;d)RH_6m(T6gYF@#Bu+V<Hif-IS`;NOHmf=Iaw(v5=OU2}kGo
z;!8odaTCI#bS2-%Yv0gggrYx$LN`V%dszA`pFt$^JNMyUD0TQa^y12e*m@d|5MVRB
z!ThVlf2hyY75c_!1a1IBqA99NOKZnWV%qk_^q2o=zB9*4^7%RigmFCm*HA6S!?&-0
z3th^7e;ULCa|33Pdr6UWIp!6L&Q>*#_}`*<i*?8od~_W9^C3G1DPmF7+DP$!h52c*
zy%a^2J{=r3{l-j-Or4cNZQ~94esPToH!lQI4Mx4N88$<=YHUzZh6;|>cxv3OSd7Zo
z!t{3z+9lr;<cwq%l&E59q`&^Y^Onl|F9gTh-`^)Dndt5M;7DR<_xsacKUC{19A#4C
zqGFl^b%D&FBPq%oUPt`6-G!qaYMHBFUp2G^0u8YEpFvjySUxMJ0I8&8nXA3U+w#gZ
z{vUomGQuLQzLdgXj(ylhrHo41;8#v|o^pnm0DrE_5kE?%5?=8do=1n;<ceJSP$O~+
zt(na$7)__4KADkZ0d%AQXwfhsT9rKEYz<S_s}$spwXBUEF-SqC<+ZLbvme_qg6rR-
z?L0fWK}15PPsTZW0cX%LK_ftiUy^lFM7<BD=Ep%i&ik`KUvzD}QP60{_8&`S;l%xd
zp0z$JxHvk4r#f|4kIDOlbnj}#h+Try2)nXVo^=ci?HGUl&PqYaTjzXI&QNi%aLRBd
zMAQ8_zw+g^duiigP_2+DKZ_jr@($nin8{}{V%42u*QQ1AdqYDjb_nah0b6z<e^J?Q
zo^TXeZ7+dq>Dgm1#y#=M?=^ul(@~I!eFs$hJy6(pi&=#p<0RP<L-%kP(s4+sSTeU3
zK0W4;y@~3LkkRh!Q~sfnLg;=ZE9&H^c44D}qPkbESH3tIZ6r&70IjMY72@>&t!hQ<
zZnT^^B{0)cO2m#?k8f&cqex-IOdZMXuaHqv#XmYYaCGYa&rK}&U<F7@r@tiSU8Gyy
zCX<v~`#OU@ZaR%7=7E+`S5;bgu??E>5MY(gK2J$;8p3i$&+63(b&!VK{_0k2@J5Z&
zBc;b=?Y^8EFtV4Qn`lb?!P!V1aeb0po~|emx?m(J-YdJttRqO+q1IeAdN#pA9N}IB
z!xKnzwDIB`7=M)}oP)j8FC%Q9yO{o|b_lBa0BK2>vfhNG3&<(}9L|;(_ezgX6H7<Y
z@ei56d0(+njF<rE;7{XVq-@vys3omNY1MUI+oQi~`!-taUl}-bTnc=tY?T}Ow_dG9
zP4c2l`6{OlE>0_ZD~IR_61bAHUA7l{1mf)R_JZT)Y5atg4f|Jix}L;T56NgaVvkGx
z6$+*8HU?VwM!+eYd9IkwtLPkG4I22x#pj}?)2+N}CY$t=Z`~haT;-B0sKm2a{8F#F
zbdvLA+`x=Pe_c<Q$=IRSZQ6sAa_<lG3XP67d<Nd{mA~EtE9|5W>%%c~&YYs5o|(no
zW9iZ<=F=NTPs2_!U>kuZ>Jrje?<xfySuK(sWtFqf^&Uh|iZY`?FYjyIWazZO9(|H%
zjHOLkWb;t9fj)-<A}4p8Fz*b9wa!gcDm2Jmc;KmBtxHj@+Ako*^B7;e98(}%Ed>g*
z*`_r5Qij-FdFS9SWd2UfY`%@HkUAtb_T1yO!|&%$&;*3B4$Ttbc4<cDOg1IeOAMWN
zP`5Is3ojPU@yJ;%Q;59Rl#VTyuxa@3>*WD&jtjn@ikpKpihC)W`9xJHUe7sj;@b!9
zEHm8o5|kyz?;fKA2*2awCbQa1RJW>~=DBH#?t&S}1ylT(r!ag^ap$le($_HFeaT7U
zq{xdC#RdVJFOPiSWL>uTT-rM*_K*WDw<?B`e%-2bd{&|iakP(uRN_;9oP7p(7HO_N
zTCMC2{gYt6*A1TVD4Mlq+Bv<MKS{53nCpDL+<G0iuqap-kaGt9dS6D?&~J1+qM-};
z(bB~spni0X6e+lZY%UOysbvLG+JJ<uyO1YJKT+Jl4V4O61@!bjV(&LZ+bgNNaGnbn
z<wB8EZQXO)3{G-7@P@_(8HGyQY7Y_@AU=CK06@{-A!K(BE-?Tutydq-lMi|l#W;;#
zM$ADNIW3p#&Ee8BOvx-c3Y)D=y2(7H{kpKqeo~x&Fg><iG4J3}b@+@be^7S`1P2d$
zv1K2&?%!q5b4N8h5cM2Bzf@=l1rbgUo7^-r(v0gT{jP#iMP2mSC2s*nSYJH|aNMQ9
z=namTQoeHcYYb-QcSpnlyK{VTRh4b;^^zFA_{JU}B|Wg2dbpNcl%~>0qA5<q|ND)=
z-HszZ8}k1KPNCdr=CI@BOqj`tMM33&b>^~3*F+5k9<1@36d;-7t&62U|BF-`>jfmK
z<Ik~g6!$frAxagI`P~p}ZP3>pLZy(ydAUn2(R&awF`TOuB1p$)Vq((0vu<sA&a`Y2
zA2}ZYQaj(*U44D>pxk7j_#``Q<>*!SU5-fFv@l*Dpmv4>FkyV%`95}y7Ej*j)RkJW
z-?;vMwdjQ0MFZTl2Glhc)}Di%orICQm`-ge05oBg5xy;PL+Hr8Lf6b!>K&J=R;fW8
z)Z|@B%l|L;#N*uglPD>TjjoJ)K-Oacv`lxBuN4!~aqNbkyKX9p4|dQ}bdo}3rFP`I
z@Y!%XJtT?PVOB$`1oRtQ*EKc6{XVqKhjU0#^FEgc>Lcd^PcH>6NcViJMa`ZiaDDQU
zk-Z^z2tdH!v<?=cudMCHbnlX6k?%?KBnfX=Xt3D654XHmHs&mFW}{g6*?VLe)F+pt
zYYzTY1M)W7v+$d^Fb2ss25rWKjN5>YzTzS?BB5D-w-aLl!U3UY=#{$XG<CmLULw_4
zF0Kciy)p(T{687w^T*w|6vmuUbX?XsC40I?{EriXmI_EB3=554(-mx4;|1g;A${Od
z-VJ}j@=3t73v1_7FBI^Uk)I+CMPfm0ozHh<oh24$IslgWlGG2Gn;<=TqOa_U<Ij`x
ze8djc!2|R)d8rKulTXcY=~O?8u3}n~xvh4jM;3pOZoQ2N^@#L@PS%*CLz_od;_ipV
zz}*pIsb=SDp(>((%hrGNMl{(qSgvx2PU*3;*^d)K@Pe3j4Qtk0y)dIag0I4)^AIVR
zVGj;^@j${>?d;G*UBHEm$)69NoI7(F=c-lu7knD;;9>2d5Wh}ln+N51od0?u&OG<}
zle&Du@U!edrSZ(WAYb|!tD%zq@7yK5ko{)&`F&ruqM6kq))5-7Qt`#M@jcUXp%Ki*
ze%}U6hsp4CPt%eYQN^gKKDzQG)l2Y)MDfNuqy5{=L{p&ao!T>dE>BPMSMrOuH=qt5
zJ0~Rxay;$6<JrTpaZD#4!HG@zm&j!98o2QXgm{wq`ZJRM(E_}@`kJxXxI)Yq;Iw!$
z-WEzj!Ozo$3wjZ}anpLYu`NQxA%BoizhOLc3(KFa2B2%xb;-%tUf_+Lf9_gIz+<ze
zXn2^b#~m*)eHzx5b(H0l7!xuST2>J*o>UM1c`udY#Pxk790rcEb5ffM3p+oiY^63^
zo1>^`SO%f#P+6hg;-V@Q(feoH@;aQWZuf7;L9Onvpd#L$BGK?UG%LvbK@xC&yMmZD
zZRo*j7mu!8Z?=Q;bW@95R?j2uvw?xZvpjBbA5_c=?)sX|(@!RZCa|d;`*YWFGr@v0
zycJON$Nysop7JgcA}BE-;1><bx%-qCLA%QRo$X;Or{Zb^uY^gKf(>*|5Z?(gZiFpv
zN<#YSoFN<Xl<WMT_N-6DDBBq29mb1Te#xtSA1OJ&gb2<NGXc}xvsDcG#QEPuppy^Q
zK%Rrf?yX5};AE!i0z@3|5cc<j4M7$7A%Is&0KpcK$TeTB(nO6}lp)<U)IcQs4rPd5
zKHNo880w{2l^AuKT;S|TzTFIeI6Lgy%zceV$R;Ojw_7=>34d7KPQyStz)O<-_R(Q5
z)4)p5QuG}m#ASRM7R$-7B48em$*4k0i6s0*GwSCyy}`)W(~&4@PtYE}I~O|ma@gj_
zL`;%CoJ4<vEEsXXSqe1`njH@pLOz2~SkU`D<UlEImKgi3v5ZDOtqroK<1*!l<CxB>
zS~2J|!CxOly|VeDjQn+Z&(jV{cTS(VSo%nI%-id|NT{;vk8z)ydRt)Mc!ZS1fjXJn
z*Zz@Dj^BX6Vo7msYTlsE%e$Mii$BM_jlUl=^^@gDxU(|Ul^ybP^cl2f^D7hU1;0d!
zBBaX^(>X4CJ_t!$lM$j~-QhBaloA=4Lh^9ih~TGzmY~c^t|5JY3by4jq}p!4lK<Zl
zzOr|LLpABs9g69|>l!uf0K{<-Iry2%gDigVf#7hj*KUH{;MLFmghgoiWrh^&=|Rsu
zP<YA}XWzQNM4@Jl<uCE0U(9t~KknVCz46X_%Bww@*IU>)SIm1(7t6bPTVrDWqWpwV
ze61b!2;!|N@b^HM)&tq;XHZ9=<V$9~-p5n+AGZN>xIVo8@RHyv1L%W};M4b%+qZOs
zm)|f&Kv(GYB%s?_1-7C4Z3%3W&9AI#2be{#c3VL}-XbJ5(HTxbr&Z7Ymh4HxVSo1j
zBHFWl_&-E@tK$D3(O&wy|3kF5ST$&rMqMo(ac^T<6QL-EqjhXx&s;>pN8PoUCF*xf
zx4}4n{^w&40y28>KuFZ{xtTC<nOUs=>AQD$+bU~T{ctn++5cU<r-V-XE8Z)+{`ST6
zHpm^hQt*u{FJ5*-ewd>VxyMvPy&qtcP1#<puo=q%&F9O2@uy(>)OffnfzRBuf`&q=
zNnpQCSZE*1d&~Xv^4i1wX*Mh=YYy%jR0h|HLiwcL^ghG|z7lJPG_c0bJRnPqd_F)c
z<APeC+B3*;>H`H|k0BBWUt;<c5<G5qgU~pckXZwP#tUk3AUwE&J_G}UqgU+$3qRos
zARUB`kJ5cy$W-IH@<r9oNcqfW0}GJrYUxVH;8(4Wf?su9{<9?lC8D&^7oX=eH6~+A
zMees$_6MuBM>ngzCQj>Qk{&Di1u1f@Qpsz(5aE&T2r!M{JgWnZ#YrGl22#w2URju-
zxg)tDJW^1aCOqmgsOR-r*yT!V7dZk|FO%^SQz#z(o;vaZw;d~PS!0s_3GNVN%#R*>
zH;e-7Hw4(hC%?6k{+;y+OUPe7wq5}^h}I+i`~B_PKkgk_qLmbeUS5+})JvJ;C%EL?
z$*6^}=Wfu|i7y%DsaZ=60(mO!w9npG?K##BsFLSdk{Ojwr7ZU(#{{FeUN{(CAa_!<
zH5deHWL@WBN?90(EAyx9^2}J-h(6+kD7yGMI6=&PCMs{l2Z9Ts8+=P=bRM;lXJS>i
z4Ow!cxR%zY8mFMFxWh0<=}M>K_OY2ma46W5(eZeEd??`!)*!o;;WF>jS6`i?B4>$7
zNQ-Jk$e_OQ^lLV5&><|`$1#T#tS{^;-C4<GGFIu&2F?~cg%mknYLaf3rog|WYRx=(
zvW=XDg$4RZFP$&F{;ZpS`-^3x@c0Mlc)Nd6PXhb_#Ougr&z-$%EfpJ<j8<#q@RV2j
zIW2YywF2?6j96U_XpsB|rlB)V-yt(EJx}um|E7~2MXWoRkCO&Ew10JeO@d<2q_H<H
z$+%HiS6PfFXzM6-1qk4^48sLWZAC>z5n<`RMebPiD0cW-vxw6lfXyNcB0@8P5$Y6(
z%t1?ai-{K`p6ovv*R8^Shea;oHOvCHN&r0VoQ?3sg}bCc#$I2iz&DuDSqqNfx`A$>
zcRG8U5hF#QKX~gt{IQv2)-yn~MlDjE8Gi&kd=FgkZ&2fI%xk0S6zK0PQmygN`oF^Y
zbb^4fUf3d-#Z*iKC|^6s>=pU(X}gIyoK%1yV4$VdCV+dTGM_8fD6OyrCwS@vHFkd=
z`Z)eNvyYahAfw7$KaN&ey<2`{Yfb7ZOHo!re_^tucl{Ns=+D*PL#6FBW=qZCm!X*U
zYZ5t>&LW3ow2|=+6|tHCf!<i^ExkO}@HSim79g4dExpA>?4VoC8%Ns8YeDKHeHpiV
zBm6VW#DX@_-CD1@R=)CSU;HxcY!8J}NqW!1*B@0>DA>CklRE$JvdZ9aKoe}r?ZT1t
zLDzTt>{KkBx2rabepLYJrAs^N@%Wo?JPkf({Og)>D{pr;>Ig~Eq7SY-9JUU~5o28I
zrEsLt+xXt682zf&x_t8<T1A-}=N~IQKjqxP9)IFMY}WiiMbn&jr<zdiTCh);JQYKc
ztiDHfxW|2KZ0d;%ACpH(r}wpzS_M*qNd4or+&0Wqc}r?|NVl1LnY5$VB*CvUnRT5a
z^t7{1*%MfErN|g}r*oHP0+IGkQP5luMzhbe8=z3!XJn)vPKVvi3H|jgwf2Phsr)NT
zE+`c5Eccohv2VoL)Yr7E{b;rM2RRYjy~@Trgb#Ge4D?3&QYc;n+9GKV{K=P)*H99Q
z5yO*@$$5T_?4EvefhdFCmBkjC!hmO&wre^zir1)YRY7XelBV_E)5R*|OOL(Z2aC=9
zU^-<Y6}rw?p!Vr&P<`aG$7)Cbwd%(U#9I^lV{o<>*uLx$-NJf}WFFOS*h%N#_u36(
z_qUnw0oNx5`m!YF9v1PipCB0Ei%%lu^Z&=?3_fXIw}ccGr8NIHdKXGN{@VwM3B*zc
z(dh{iZ7(4_Y|V9JKZ1;xf=no-8<7GycF^({F<T2P<SQ^?FXBsRWH$9N*Q;FlEp9#@
zJz1Er6U}i<NR0lH6rLW_j-FZiYLzCYI&4=#FA|a5<6O0wkB?~*VApI&^)SaKgOZgt
zdOAVI1t|K;=UAvuv*(YbZZp_`8C;Y-ScZVRr!V!Ei2mjxy=jBbjF!dPS^4D^!8U-H
z9m<7CEmugNGfZ<NkPq~-Syp?9kX9yeJM>}FLY4wG<LM?7$Q^obw+M(a;`Q|Uq?_L8
zC6c|rm#b(==x&bxMdKf9j!Kz$r`y;yo42wZyeIC)x35#V#Z?N?5dTQezgb;)WPH~0
zK@Hi)0)7gUX)aoRx0ts6gzZ(#201zJ4kojZ*J(`YOQ*l>q`7bGg2D+xMSf8Sfg@Z9
zt=1N#;9GMXiL$QA+Q^DcVsG|XV8Q8D_1}F_cv3G{d-0!}3tduX=3VZ0R==e8-T0So
zuYvFXPq(M`hM$nYFp3`FW#Mybv^bW3CuTW1Z5bB_YF8a=zviANCkSF3e1pqfU6E!I
zO#&3%7CRcLwf7oU3689GuIr7zRz!VIY85!DZe}U}tz}#KBS4Dc4rH3=+Gpxj1yuk|
z%?vJm={GJxSqWoli<jm9t)B?$1V<x<8C1#~--Lhw17@Acv~MKy0*edt%Jl#q8yBLc
zO!H|Ioi(vm|J6OgufG-E>~Vo6OTs{L8HVNP8e`k!e|R&-KFQ`yUuML}Bw}JC1qgPZ
z$WQW$fi~S^Z{gxX*#k&PFDMz_5+bGmt!wiIiQ^9q?O=$8?E9~Tk7>6bV>L<LH_Utt
z>UE;&_3!+&p=kKTRHBAY35m~2(vjwx!C<?_af$YilWyLtmg>Lum0C^d5@i!1-|6vZ
zufB7^GJNY!*&`VXD%DCN;<wHzVEe9~YBLvW?KG7n^NWtW77|!ElM*+aKJ9{BG_En|
zhe1x|wdReOQ<gt*f!jT;o<FVXuZ6s+fgv1_(_B^jx7@V*YxRtnhsD=JuoHU}=RWC$
z(~U*D{y4?gEQx2tWb=$r>M+I1F}${W#U5~adz3awJ|dar^9ssMpb|p2HNvx4LjtW2
zW#jh0!}v~}&a-?C#mGkhWd;N9ciwv{YpuR>iN7zF*~D3X-#`A|iVeJ!YmaV#d9z!@
z8OC_oI<FV_fX#iAJiEORY=4!RdDOWSHfiSs=HKwU(&_poTzFK(7k6YSTBe_@R{*rH
zpuf|>6URL156hocXUp`hyusxtUbADTE&$}nk{mw;2{}(SjSzT1u3g(DghpQPc!hT2
zgj2#g`_e9j|I|rBzaDRT!I?3Z90zes;u(C$)QDW`^rieyJRN*X_6^y&b^0OMa^BFA
zdi_=!zSt+0Se%Re6m}pM2?^eud8+rDJ{(1%7Vs4=U}h#Jm%SeO?>Tn7xZDwA90uXk
z{|*O!I35Q%Yh0lfxrwrD?3mO06qJr7>+ev!!^b!rrXRXX6RI`IIH2`L&c{vTwzuFV
ztao4Wd)_4ykFU#%#SFaghUZ!?B>&_mHlW8;|4vz1n+!33q20p8u>`2<eGM;UvS<su
z3i)#cR3ZM|x(pIznb2^8FjA1R(2>Sod9lvjNu>hdMy1^fs<0Enq;C$U&OH~fydRqf
zaZ}%3==q9g*d0L1j94shU;^U-L2^(U6Ado;JY|}Um7TR(`5V6`?SxYDXG4<O3RtnF
zr9yrLLzjol5u{@BX%sh$uD&v7*f2L<yk6@gPE++<)#+Nc38!m-i!~w?cxhbzTMZBQ
ztm9IN>XIN80zY=5#;?5}5);4q_CRx;UOfp;dupxiG;^#qTP4A1zkfiRP|?E$?g|78
zx+^hPcVRIvQ^B{Os<&N)+}mN2?zQ@45A)&8R>Y@9*cd1biG@CbJmu<jF67cqLbi6?
zCC4vv_-}V`&vJiZ+eAWNAX=^GK`MnjMW~AZaK$83T|4GS&2c=+)-!)X>u}>YP{OR<
zA@azS%>WPG3{_;)UWYCUo4$S9yTL-mGb@-XHx25~g!hT?&qjH74F%67oE6dqmy>Ym
zjUnBBwr_~?a2}1y2D-vU>d^&Xam_{6O8vAFbCLk5@j-<Sn>=Tu18Pf0_YZbudj5Ip
z3WcLW)Mbc6cDAa0T@1y$B%LbnR|}S(RKKTBC7Bqyh_k+m3KjYdov3K>s`UKWChO~6
zILe}sBGddUtM{c}-&1_X_lA#NlIm~XI?S|xysOXSdvV;q;b7~6S*ev`O5`~zMr)y$
zh=Qzcu$!i*V_B&?NkOi^_n4!9(I`XlF!eoskN(dIP8mJZFKJ|?W*mzyyym>P{9sxy
zcwqMqJc<njdr(z8qxAf;08Rj#_mMxUE(2Oix%pe2dLYDABu4uM<k_9Rl?dCdLC0m5
zV`~{&w1`v?>s9QR|MX=E&HMfVy=bq>3bLG!fwnB<2iEmLcW$>GzZT0awPm2c2Ih^Y
zkHwW=LK`f7iBLSf(xjC5`**Y)GW!1JfX<4c@+vlza_m#C@c^QEt5HXY%4wZ_Nrr_T
zX$R5w=WiC{YFexw^OA=7G$U{D_^|UByYd}Jq+VdpjvBTX28;=5B&TRcWxn0!u`Z~_
zeVxsFfh;fZ>xaNM)9qNeN7V7^moGC?b-DDn6DPJYQsF?<L1{Eju9N%q9lv&TY*805
z7uDhI4H?c?{W6_d&#2!s{%QbuT;}R$b`+4O#Ed*8S#G6FKRysQC5w)LypQH;6MYCL
zz2Qpk3YdP>gTR-&;H@u_<tf#ZcG8$-i=x(J@<XjT%Sk4BCx4R848ecqzh(+)+zq_f
zDLVIlxgcI>ySovI11`$Ui2z`ub4>6@>u$mv|8q#)hyz^t;V_OUCGg!H%Na2o{|2a`
zq;_sppz7eKHeit3{XzEb^n1CN-akU%vTnK*HO4u&q~fp9baKF4k=KA4AvY^#ySQ*~
z-?91JGgp{`oBmeA(94SamK0hs#UxVh__Hh~axHzOM9PdA(@QUCs?x^C6nzTSqu_Jr
z-BmRLP)8*SkXGZ1F|@+mh+<9flBP24rr($2{b#tCh%50Z9lCw8)^xsLIs>5y8V2Dv
z7q6;vhaZq$la-oA@`v`pfg4$)72Op**pp4IJ_my+pL}?y_C_F$1#Jbi7H<QlL*^s_
zpD%^A|1!hx8~@@wjbCM1gaLnjK31B2bNU!(yZO`e$AR$V#Rw#(yO&cDeesXszpBDd
z5K}SNryr8^@m>?hJ#ksWt{ng#bozEj-||{7u^Y^2TT1v@>?4^A8;&7I9!jO4UT0U@
zVT*W~o_P3Y?~(s^)4}f3j8}mj{bn!_45fZZa3*k9wLve%p^+}Zui@f3R>O0w0tpw`
zN7sQ6BGXqI^%aurRTJnHi5k(Omee$_bc&<z@*}&&H6A+Rn+XnMePfuIg?_{r6$8z)
zm|^LqcoY3!-V`fM_!((O<upEsBYf7W&`+6)%~hR*^Y>o1k;l(FXt`9u|E1J}p`58T
z$8JWuJh(|^;2o&Z&wyL`h4b&9-wQVN#`*|d)5#pN=aa}qvlDKm|7#NHVE0N1o`lK{
zC3W4MugLvL4q&%pn(OuD*XVuXrqk@RCFgwjy@pGFGv4~@%QBk!k1&%bqSo`35S&Yx
z<gp-U<helTzpecoeCA^8D|T6wqj%8aZIvbH%9-V_{CWEK`HB(y8*T&1I|}uR_w6#&
z{unrMbE6}fSEAIzsY0YYig50Y#v+^F2I56!?l%oHoH?yb3O5g@_h6?I;I52nnx+R~
z9^+r2zFoikchhe<_b-Mw>7NtXsfZ<*Ggp{699jrn`d}C?101Z<si7WS><<qa^5`2M
zxfoeRe_g6M4zfe7>r;BLTul)Q@<DS6>$U(fT#xO_FqFrF_a;vo@os{b#OwoQe<6X9
zl>@C}G4b?Y?Vd((0V!(whislZ*uK->CqtQmHAmmE@6#uyE($90SRioM9#j|#vyo)E
zdL(t3noU#MKdoUNrBHXlYd+&;v~0ixDoUi1N}2K%T{yUyKm3j{6M`w{QnpP9lotN8
zOkVKWFf2^^IP*+dph51tm+<mg_J#0uJZT^@xB^9(PHGfR#^zdYnp*hdHaCx~sIp)B
zbn_#EsjaP_LRCISWb#Oa1nW|*%{E2S7j&epUF8|`3{rB-(h-+U{xCVo<0;}8Hc?(J
z&|FtLU2pb`cs9$k!?6zd`jqOc-5jaNFe>0TH$Fc(aZwYWa<~ji%Fgl7-~%1?OGT%g
zqH4aD&c)g2^<Cg05>f)lpT&hgv6Ue|O@``*f4dX|OjA0l)+o7t%UF1E&+{LAv>7my
z(wB?B=yWs(ersNW4ki|C@@w`|QluCvjs02fDq^q*b`tPo`=;GQiuEQp7S4NS?z)*n
z)UQ{a)?1(<bc)$sAfDf>G(`<nUhM?>y!<*BmqI`@1TGA0Aa#h=*~*PF#6*l9rJs2m
zKIxKBRgaz8@r60~=w0KViy+qG2se4a^pTy9?U&z-b_;z~IufmNSInKj3qRn)Jnj03
zQ|KD~4R(sQY6MZ>aQr^`hqIqo%E|a^RZFKlE~mWi(JR?!YQ`m+VbrkE7go&gMdXNQ
z`;Ondn%<po8gEQiuh6%9L6AP!Qbyp(h)6E=A#jDdX`TL}8LoiYq!M$<VEP5D2^;pL
z_+q|T2YwkW$06e1Ia)IL(PW95N+J`G4pGXRIsx{@_U_Eh3qvJX!t_RF0+aEOd_M^@
z(L?&_z{Neg?_UclN31{8JeMh{oQX~jseJbWM3ksG1zzISm~(tUY*J>pa%h>QLEZ$}
zhe*e85o?0UP}D9PsTOnaCAOlOd+@k_-=p27{a~<>Q-~dE)%t2#rLe}yD}G9*yYEPL
zR?_L*x1S}$6p3N8b2&@o-@dlS^|Ll)9VD1xe+c}dH&>S-Hi!nR)fel_y@Okio!N0A
z2PuV7QyX#q>c4`55Fp<Mv%A8h(R3rus34$QAPlQ@V)1-;1Vd+a6!)H4;~^3JqiI%_
z8=Ubl?!XJ49_lTsZxix!yd)Xol9)JNwVoQ%{Tm^nqub+6(5dHF<$H~Q=b|5id?omB
zD7?$N)V>WYmRQ^V1h-iZP0@x_armWjy+8q4w@(j$$WGLi$uE4oBCj04GZA<E)S%{0
zjr^K?#fKsa<|%2&jbl!%;te2vapm_LbDvaZs^d1b603#*(;BMMx117BHHyUdtc}Jb
zXMyY7hj>lxo1dXA>izHDyvDwr)qs(kG8i$r_HpjJNP_|0jzz4CN`*>{nECcLou!r5
z;%0f7%^%znMaWrySeXa(NG^~a{vn$iRnPhI)*}9xH=k@^+RhGyt_r@~dKBqpze#}9
zl*nfb<BQ9;gTA$Pw7GqGcZ&j+rZ~}S?=(eJDj%UH>SE?uP4pEg9Y}gl{$YjxI^hGk
z-UnJYoT<u$Z_|uwMO`cFAG&*lmP;33nvx37bu=C(DX*WsW_>4pAJAYLGP*UMVBKf~
zJ<Fme6=aOpdhxbXpBQ?xkdi3*2#BW?b`~==H{bGp6gN{$$532+Og2zV+#+*fY3Wme
z@W6J<?ICa`4FW=jD}Qcgvs|nT(|n_D=uH%{n7&8nvHm+hiqec2o0C0-8=GW=@Pc`^
zhN6uXJz@%8AiCbd`-1}e5lDz118gc8CS$8&B|nm^mP4pf==pV39NB(O<nMY)#b{tr
zyaI1M$K>`Cs^@c`X`AzHWnD}=(Rr=*)`FHlJ3wY#O#@wiV7J*C?M*sXl<Tfl-KV-|
z^-VusW)Spu^r|2@K(cdKw~|MRlqpe5*5LXVu)Tqi$yAz4kfvUQeTk>7(d`jn_!0)x
z{XTJRk%JSSi``iResNAii1FSZ=yvTh?}ulpwWrsv7M`Pd11xTY?nyH0pMMbB4$b=-
za%{!6w7*iPTnr~&$4|h#^~D^2Lwq}_EelsG^lge>{S3u+jMRLu{^sK7-|xr72UWlz
z$&-Rt_glt&K>Ymk=I@VYsXJ6tg$m8Ywl!HT79X!7VxuI|K^Pu5O7WZEQ&)A+)Z4R;
zm8Fo6zbHl*tl*-AKKzT1k0FJE2$evLIs)s6%wI<{f=-{AK8|3F(<CvmI|m?9T6qAr
zyNsnTgB?%;(>Yj3xch7K;{G(8?_8$!`NQ-ejJnN<SUWmzgLkVR7jVVg{8W*gc|i;Q
z30f_ZdP^;6$CW>hUXD=}cNLtt6sd|rUVPg|*yIGVtu7<+96Nre!D8cwLiF?O4%GZE
zM4IOwl3kz=(U;1y(dVa1*Nh;Gt0K83^WiK1TcK<$iB|jxDOBp3nowpGk-;f_`8}G=
z4q6Th5$k|&Lm!EWB@PkZ`&m{d^lNDL%G{dQ-v-Jeikq%O>j9qYU%s6w=Z!#PC4$xp
zuwvqSU0Thf=`4odaH|iNHzpzbGbQS{GLulp+10QescKeROn(Bey3He_R4YODj(VnX
z<*9i3(DpWLwC)2M774CTBR<{nvdxNvni~~Q)V@~@607=oknwud43qO>&Thzc)5W&}
z)u4w71#j}5k7hu<y;<#=1DbT+?Gi?1f8^O66W}B%%WTG}5S6U<_%|=w{u4k{IKuyS
zGV6v^Cr(yhd7e{?mi-+gw?7phVdpY`=cG1RE$J~V$3PDvDSGu4eRGFHc(-&aXRPQb
zw3swUX_@oSBt%FmtWvH$*bHfMh^)|@rojB<pM+0TL4TcvQbt3FO*F?6QEMW-XO)*(
z^moE%R4T{s?r58~B*v_kFWV831k%yg(Kp{n3JN!20A(h0hifgLk#y-NX_zL#FC8Ir
z)lZxECiA!{u{j*;aq9F(mvxa<rdCs7N&Kuk9bmUsHWDgz&TjIpM<628!GzvTGA~kG
zFcRy{)Yi(`(&~G4-p_QmwRlqrxK62>`^Fr+YIL^ODH>u<>cwPmpj31=UJ5_l{Erp@
zoJ=3L7Ve2g3k_cUnF*E-UM(6CJw}pEo%`C(Yy(}jQ1n8dS{<}|Gvy)QkML=2^OTZ}
z+fpA661rs=IsKV%59yZ&Q*I-{45|Ik8saCg)6+`KK3aD@%j=HS7Aw2^2%fB*)xYJj
zbd`k}cRBX%aH(}vm4N)rqnY-W-#)xz{v&75wD)t_<ty2VJ+Pd?Q33>~?Z>k2!lQR*
zfsx9{NriyQPk$;-Rc;BicM;Z(`fIc+@fo_r%BMP?4;%;MedZHs$-T~XY7Wd|>i!#L
z!G!QArq(>}C;ENHRn(#H*E@a;U%~#^V;|ZSC00bnOs*V))q77m2F%Uk&oyanw6sD>
z8TprLs7eY=n7>h>@(iU$Z=ok9>w|S0v>b#vAglW}cjYD?f0u7ajM>9SMT*Ty0nd&>
zD_d*;0DkTSVfk0eM~w{&oe^td{hKwL=GeX|@QWI^7C-nUx3l58nzQRx;RNg1d9x+Y
z6*Wam?9j7L85FR>GH@Is7W$=AMOkFP*}=#X)|rUjITD+%A@}zeP*n%k<gp}>iZjn#
zL;y~TMvn6tiqG$i)rooFF-@gh=1Wvq%DycmN;jit{6mNkru8MuP-=hyt!B#8xe47Z
zCnIUCRh>S7)`&rxFhns;94S-`kf1YMdkf}-2aV2UZ)#AB@Kyf`=~PsvbV{}`@e#A|
zt{fISJwg+kf!CY;>%y7S`0`qf`xdvC3e5lUC>D0a15_~;wEDV|%AU$W5f~@Ey*@26
z2Wp0A&#(#d@x}TmUgDm0GDhCs76SH2nL>>NQ>wkUkGTK-sK9?xDb8P4k?*W~9%$F!
zrc$2PoV|6(OsW?g3hD(pS@_&77yC>h^_?1tv1?(<_s$DN4M5_>S7xt*_>TUz^Ik}|
zOMg<#ZGG(mEE&%&S~u;}+Ru2lI1NAZ1<_wG?N~)7J!<jMn`rqhZuH45hRWYFLP}i5
zU$U^4lOzuDtr6Yoc;c|%Gv2Y%7QW-Y=y?(594$X~<x2JoLqIh3cC2Jgpzq^yqRLa+
z9l0H}po3+l^Wk&d>7bf+a|3!QzWbT|scD`r3|L3*cnWOoKA4y0r|5mxNe6h&M0j)G
z!|4KEiLsb?-&1gMwt#6JAHax73U7V$T&qBv?|8u^mh>_J13Fu+#3#RQli-Wxn%R+y
zfEc4}GxDjUi(6`6&>lwJ%I($ejJfJ#a=C?9t%yLnq@8~Jwu14niFOd=GB_<H?n&^P
zx^5(a%$x0;cTsGcSA3fvmZu0!I0jRTTBZ=U!!0D}GA-Cq)e>%6NTk;RoAcSLSZ@j4
za5~Ee%pW2tt7UvCV$-J~Ov(J}dyg9_Ieem8SFvk4&zl6gow>}}-<)YD)`S3OMAYOm
z=&@2Cse@#ZvLUxqJ|wuVzp3I++f{zc^lMhWQLgKJ?H*4wb1S|VROr6F`A=&S)d1w5
zt6L;#M#M(rJPwfRuS~2CT1|(G*w~&<^B<KlOhQcF-1(-Tg7^vqLov6N^xsKbqlTgs
zBz#EoenKb2F&qBOebqP-t^3gR<!0^Gf<$pf%;b)YF5eAgAZ33L#9xM3>R(D1&Ou{c
z@?QbuO_5)G(zJoa1ky8hpyw@GkWJrT?kN9&B@|i$JJ`(T7t73XsS10!-7P*Hjn~UV
z*LDa{)9^$YCd5QD;QXw}JAcJcQYQM)Xh@sCalWWH^{Z__C9)!F?4o{Ef7DW*2e;i9
z<ojAJHupAxXF~GdXOi+-W8D)^!5&gMFH@cG8Y95-;uFQrDsz)L*7)bRTxF*Ey$0qW
z1=;mDxG1>V-1~FKSIEw=T9N!m@=1x~d-&X1|6Yq@hz8H^5YLbZ&2i()Zud3Xk!@g8
z<TFtbCw#%*&Y72$p`FekUqaWAp!*Y3RfX~=FW`>O=V)|XRcDkDv(^Y*uKzYz7G3@|
zrXLA628#p4m{S$K668<Y+4`nVBiLQVQJd71r;_kQ<`2LsKLg~KybUQrd)0|Y>0rsM
z<vG@CBf^<^F?>f}x_>W#dMvK}1xzEi`a2`2)xKOoT@O+E2^!jof1qe=;qB!c8#&v*
zfjI9Pai!L};5|w8TWl<pgMxOl+Ua*i19m#C-h1eI|E1(OP(S@yT)rWVtjq-Ca9X|z
z<okqdD=0f~|0~Ol4h6D!5ilv1Ekny2`sz|_mCLRh{ol0L0uvJ&%p#0~y>>R4t4;03
zKnKyJovKfkx0(Zz(t@`!P153>s`tt#TN^X{znVK$ZkL13QQDyu9oPqgvo_+;Is*Ni
zWrA+;8$N}962&Wj%IkV}--b7^H~wHb%rp_e_Ipr+>_FxVg+4l5SDr7Pe_}LUN8(8C
zvJv96@S>z)*SzeZIH#-AJDD%dL)hqRGN13W$ov%e7E|=Fw?bxVzyu`~g{;L;w|%>2
z5%QB9YA83yi=V?2sTD7(@@>*^$eg9Wk?qEJShM7#rdv_<`dq1_^-TrXRg2Sd@8D-5
zQiYGZ9)4@?Fe19B2v<qroQd+<c~$=1YV(Y%eO1q#i)Wy(5GO3~g&gurTvV*~Am@<9
zTAlYZm=)0~-k_f=u~iM3azYl47&fS3i9sJMdfN#o*(<0ihqoXFFR`U^8OM1UPLzi)
z1~V9}K?)zEX*=h49z^Y9!G*AE4;pff5Pfzr)8+bVBy$Y8uYc<>pW<&p3+Zq8+DF(q
zaA-<V6u3!$PVvaEwH*8N;9i<xbJX`t$0UklFzz&h1vpjgH+VXpj)`>){=@vR7HR94
ze<~)2z~BaAuZn#W1j9+~msF87#vhknUOkhNH_#)?B=^~AhP`gk=238y(&LFcj1i!#
zPxD2ToTh@TTu;!4$dunD$A}rRb<EZD<PPs5SKb2f>wyl}#Eq8P#T$gUp?7--br2$B
zp>!EwVFC@j`(H9ns>BqG7@vyN-f1wObGoj4!j-9kUJIfZrJO(KYtF7jWBxgJ3ft#E
zoQ9q+Tw{cAO7o(p<|czPe?U<#3Hl?JRX4O)9R!%Yb?tBN&XU%%S}xCf_AJ3S4;cJg
zJSh~M%RX=2;Xg_=jXrrPDgQCIc*AFRX*R(G#Y??>iKGNcg%e}O&1(I`lXji$C_gqm
zi4Skj0D)=&@-tvoR5gZeTMC(65}M1r*U5<8_z3WXB{Ma=jr_ATo+&}6Dt|s4%`lUk
z&T?59M*4ByKxz|Q1bFuqErNrs(W<J>xOjn>sLz&hVm&7<?2vS`Nhx@+GiWu7;L7i7
z;`E4GMdnde*4_9^r(lEPag&H<1KpG2>^FM`?L=ERtLB%)_|SEozH^rb_d3;(qhKm~
zg<FJJF&y4ocIM)ELzfKwfxg^l*VT&fY7~nB<s$V?5M-owt!bO~muj1&)S4tmGm~TQ
zL4Mr*ok$IFoeB20PTAT^{$utzL9#0o;6RtMC*e+-HdFcJ5Hp;@y154#jQ1`lKZ0nz
zC?bVQDvi%qCVy7jryN_XKB9@|t^8vJwdwlI@NLEk6fYrT(m7<AUn1=GOla`Ypwv@o
zWJW_01YJ?=;>`wr1q=ruBqy)j=?p`UF9D?MbZEghBIYmbk>A3AsodyH!hO-$kZjI(
zx#+|6(N(wF^}FOm{?B9XUQ&c15!8i{@w=@%s+FwajDdmAbT((7b@KnrJzz7y9Q(ED
zf2SMvejmh5_Dcv>mI0>m67%^AQ42dt%P#uuBX}@4_wj&EQ?tzYYMw*|p)cnOP)AU#
zD1+#$KjG@5Ytm}<_L7CjM`=m%YiCWKyDN9OG?OWD;ay_pkVt5)q{lpUO!~3dRW2>i
z#EG8jd~H=**@=0snZFJp&6Hd6Mj=*t0<J9b%p0d?`hHDqR88hP|Gf@b!5SI>PT;_g
z|K;#5HNsd{wld!o5LNtEl-5d0cJeX2y>WT#(J6?B=#ST~LPFIOdB0H%Lfl(8**98t
z56s4EM;NKqzJ@9_YCAoaaTEB8aVPl$H|@uCY6Oi^>&DO!-}Ue{rmXUCTD=XV*h9e~
zo@W1<e^`Z?E7i=>6e@EpRGRs;ps@qLHiHx@SC{FJ+gdY4GZJ3bvit2*gi6dW)T=7U
z)Yd`1#8bC;l<3^0)D$`~z^B$Ca&@b$Z(I$1Lg<EvCfX5GHNJCA#P|!2gB74=haU)r
zuJ6^GCwfKpsq9cZdiVr2)pEN;`+_R`@XeA-Z2BD`{sE61It-?~$^5TdE}<%sm{1Bs
zk<nX9EsW`>ucXehja4L(u`Pdljzz9#Z70IMU!0BM4L!>&=?Ni-4^Ce>zgGFG{wk>P
zFOL*{FPtH@#K`>4f1isU#-KopKl-!fU8dd3KDQQKR;%ipieE;{g~Ba|&6tV$5H?ua
z><Nhh(lR|5^~&ZNLuU~DiaHeApk7ZN>HfP*;^+owvrzxc6OqUVb7~s=3}4$o7deRZ
zk-i^hfT-NGGasQx?E2c<jhd%!?QX?6!WYFih(J18Ek^nL)jOpQ*B(7r_FiKCY@L{G
z3z-8*Gy(7M5@vN~5^1UlSURVdA%LokoGwPw)F;43-irKs6`E#EvX6Csn41^_C2E-M
z*|L=X3hu3rE1!|tsG4qXJGRx==xNWuz3L-3eZ>65?yYWsGUdZ;hS&T0GVmH_R%Y&p
zNq|uKN4(pBrZAEd<n(#)_VMs+B!HB7Fgcygh@^(ugqv=(m>ta?{Qk!!dvB5@qRJh}
z24tdoC1Un05~G(*gIfj5i7MY-1^GF5wE~oSxWSMa29iTDQ^rpwHDutC>1pfRBCSwo
zksWfjzv&!xpIwns)vI%>YET!V-L9%o?J+9Aj(ODt;K3eekphqgEUQxJ&{H{>szpJt
z`)2B>{__qw<-ZSoYjV_u<o-S{NU6Z{eD9xBx^zwMm28QzqYDSSI~+A6-fgn`JikGv
zs~dE`DE)_FG0i+kMyYAaajDKq&!ZqYFijD<AD*&b+t@?e|5}f7bBU{0B^+%&+^rai
zHua8~QoWi_SY)yyY1jaTacBLtmsc-}Y5Wb3huP7{X{j&I8!5~MOkPd#_H1jM^IUu4
z7F8WcphQv^SPwwM&tPkXR&T3B@uEQ{)%5hDJO`%gz;#2A;Q+pIwSx`qeUl<ZvSCG^
z=_ZD{V}C{a9hTnpPdN@0mMrP^#9`6ZE6XcYGV=py8)G;N$)|YZFX@Rt>foMzh=%Sh
zN7&<w0*}W@Cb=P5-maWL^2)#wm+|YZA^Frl35h>8k-qfQ0I;lsIQc2k*HV;}^dsN`
zqKFos{3(Wp${lyeO*eC6BhzcTOtP*KGKt6ycW*(~thF0NmLsv@*_{RH#r>qBcmJm`
z-~<)Xs9v?UsQb$j7yh#tf{z9LwDaH_7vnCc5xOKFc8m?(FeY-CV5cK|8Bj4^IT;Eh
z41^@$nYfa#Q6<kh6|9Wk4v+kBU3?G<|E{O_KC6T{O`%U<ggN7g#N5Yos%)Aq!f5#^
z?tZJ$k>htE{Pc#)^s6_$QZl}`oXcx%PGO<z*2OLJ4xW^?GuZ2El|g&ko^a$5WawnH
zUIx@NsdGB*gMjZ15<w~!I={#h0<~W@e}S>h0|`?#@Ub6cclV)7$bv}CBgi>TGxL4^
zrc06058$~E89JOJUkNKO%Y-8O#E&X(e2Ux{e9KBpghz};4&13c(0Bp9Gzc*sWI_^H
zsF20kEVj%xa365kJW2aR!&@Q>5y{NX-I<aOO9?6u=6tXb<%}~zd2G7lP)()fAPRXr
zUfv+{I{vLh8V(2+E~f_H`w^~V;$^+t`X>GKqS-p+!EXM<o!B?4+&yoT+@+n-O2agA
zWwA2eTy%IBhT8yEb`=OKfXL1l1yaI3TGUpN$tFOWa5Z|-It4hbJlybfuk-TOgWV36
z?z<)1A2tjd|49$nFlW#w!6OkLk)O4zDPrX<ZcrmqE*n9R0sLeVHpCfXVBjfa#Q5z&
z#!b34NzqFj#y<xlYY0uXkX-{QwE}X32epLR_=Rl!(mO_;_g<MOCp#ABTKoHd3-o5u
zLNExn?Clx}w92kOs_tiJQd8KlXAk$VbBr#G0{`#k3I`rCG*vafWZff1h9>&Y&OMK^
zknE!M4J1W0>)U)+njj-gO}bT`Ch^Q70$UH`#oz0rUrWPvKc_4$5TO$lX&HGr;hh0k
z&QBwlqg#?<wd!%Z%g@N(hwKQ{$dX{il1)gDqK`-U(?!#A-@G~WJf-)^^4sI#IQR~S
z$&uh=4D<_NY>gh%D)AsdMuapWQz8HMyX$*M9NqwY=t`&G{7Zf|N1&`PV8pEStNmIQ
z>~9{+$35gGDTT{l;k}cV#?j+SpM8ylhTq@iGuj!k!zO2ua)fk?c_3nMq*9b3w196l
z&;ao@i4b<2V9xDC<PXwOACO=L00Bhib)0WORed}Qw;Rn-jFt94|BTu4{X!~6MlP>d
zAE17_EvWPPJ0znGRj=ak+(Yn2^{x2c!$ktup4@qvjdRZTV=z3NQEN5@pZtV9;2D&N
zf4Y|5;pz^#ZM!@R2U*^L8<jADnWAv4*i7{;<q&n4Diu@DbTM;Ky?FvWkYt8as)q1L
zJ|GGO@1B?>VH)JExwYyOok?Zulq}*HGsGHx_$O8y<7*SK#x!F!T9cGM#}|$#BD<9=
z&O_|prKCo%qT*KR@caJtA7~e{8eiDJyQFBc-hK7#6Nu@l$SCjecV@eD>Pnq^r4~rT
z%Et*rlMLhw6&=W@x^tJEgnWK4VGCE23mWFdDu+Ertz9Sc#29lRewLzE9hiy8wQX`%
zZW`StPuNoG5^Fjplj%PG$H5{g#dVxuYN!0r?so<@AMpPP#{i$Z3jG{uBbsSZ%{^ff
zrw>EH{Xz0|@UFL*sUUm1_Rr-9W=4t*oJwDVH*V<dIW{O%DCxfBNUpc6T6Gy*h3mGP
z+^&t50PM`ybP%V_J7oTe+D`71)HSI<>1yD*;JVOgTX_n1xs2(+C(!^aseb~W{6(LP
z&Z*iZM`_UY_W#4)o5xetwr}IvHnt)5MuyBY5jKU&Jj+xmkurx$hB9WzHp@2FEy@s;
zA(WwHp2w1*!H{U9GP6Z&k$&g8d!GAyzrTOpzuy18&!^Alaa;D<YhCMF*L9x9d7Q@)
z{sAmWqUbUNFi?2N5m<Vj8GM00)XXf%V;saaKHc+du+bBY!rbY8ttfVjQ(2F>h2a;M
z`p-SiL8(i}s)U3{&V83W^d4C7;vFL$Z2nqOWk_|Kb%^i?VCOlR(eEe8-_Cxtyfp49
z&Y${L;K=@ZXxwYxM~HooL0@a~7(ZIW++hqwXy!}<+MK2HJJDM&Z<D6;laU6JZ{;<h
zVungEnEm1p%>c(aHQYzs?D{Ol8e0cD+ZN(HilVQWXzOrP<s;taHid^c%Pn1;$)lFE
z8s`!#OI7Wg!!)m~8a6Sf?C%*_YsCeZ<u)@dmN0+t^L%8)fEIX(*?IhTkH+e>r_0AK
zkXKy7F7P<-rxFNhy14&9$W3?=R9LCrkm@M9nusa;jazpFdl1*A<dER&2uJGgu8jS^
zM4huahG#jC(7qAAuq7Ci9E>`G5#=)#`KgOhiBwC|7d)hu>up%bw9DuJNhqFqf6{*x
zlOH5PO~X*5v~Es2b{`iXPAWeyNbYLA^&YPzggceT;vMz;dnoo?#T@VkQuUG&PAiM&
z+B2P{E`xeO&a7TftW6xVsmVZ2#REs8XVWjgUhYk=1m`?l@ZwzaZ5KQubvHS1<CJ-Z
zf*wauuT=jY^yj^=l{s(jJ+%Q87z^6Rw%x_Zelg!WTMdyWEX<!fq{6$WlHx&kSeh|6
z!e^++!a(2o;A_D^=Lb;WaPw&RVHvph)ZRF`Gf(d92m~Jg)6LNJ79+~qQgB7^OEyuJ
zna(nze+tEVnJ3$e*V+sE7J^G!yVIXpm1}bdE$SwhNB2Io5rCFV;(e2&GlM&#7ZQvH
zp6eu+>Y)2@RaQhM^*XMNU!#1N#%o{fXq<MsO)?NW8QvdW2&J^|5+mH<dKk*7*v`sU
z70179YABLHQ>8#ZaNO^Modb9=^yuJ+E7B-y*c5{~3ph^^`R_BSXl-z58)^Co^;Ui4
z&oihJxL-=@6m8Mb?`uKj2CjWGsAo48Nd_KA$*~Gt#RM^-gC3nhRI$F{$3Xcb;G0Q{
zgjt9x%DHQyo#9b5bh@8wMdhuY_Iqg7R=j`DIbb&aD$A-&-u8Zr>nDo(*n_gaoRZh%
z?UW}1oJfZ`&MlrAF}y>v7}KN`AkIqmpyr_4%XihNH}U1E@EpFiLVp~hbMP|&A%KR%
zGcm_jJDclVN!sQ49y}E%!Jq~82qVFzAhfbLAt3Ke3@_{7n!97iWfC;ufyYYxTW`0!
zQRHu{^P2Ckq+!pj_^IgH#~znr(-Kr3(EKFffqa@?lo(|(*`Bj2WQ0lmx2u1o$<cUj
zo-UZ6xY7<bG0Mh`#a4)>$Lpc7DY|N9|0=RMsMoK%2_R5u%<X&~OLRSC0KuFyR5h;<
zarQS_f^*mz&`8&MKC)waR`Zss6qDGr>FR+<f&ciL3#bQIBciO{D&Ydavp`t+ZXe4*
zWl>X{Z_3yuWB(qEq{mVA0d4YCp#$-$(7pVRLaxD7+Y$D{Y_Nv7CL5W9vgRrBFwtI>
z*&n=M_IIQ=YZKo8EBPzkmF^7)HAVK?JI29_uvn9O%iTJC@KvTBk6r_C8&iHuw<OW5
ziX@#37tnCI5#5gkM9ZLJ)s&6_2~30gzH`TXNgX$DRLs=+wePLY_V{0k-tE^+8yCp4
zh(fiqL6+?EMb%>w{Vt8e6z1}4r)^zh?yl%I7Hmz-0&Mc2O*WyK5<2}e*#9<KC)%iV
zU!45q53-FE$D+zMv4j;5`CAuN%Rk-ae~3|mm3n1rO_NURlLy6K^XwZrr3_D0Ym#5c
z+}p>gM*7)0GaALFGdfYUJoU6%QK!d1%o3fmpnnA&uE-M4*omHV!D)f}IU|jzZ1Qys
z-YN2v@QX<uViuZXPjJ90fx|4X%?wfRM)s`zMQ6iI)*2Tz54jC!a-6DWI(c?ajpxVb
zMO)Bg_*LiLg*#St%+Xgw6$8ljMap|D8hg8U*i?kd6`P;#W#pM)Nl+8mxg5p)TQ2Wk
zTw;xT37!X1G*7+q=dP;*0Y}AdtWa0-g@PS2U=w$~uphpd!Bl5stlh;L%<78%%<Wem
zo_V|f^7aMBlU<ZO?w1<%-X?zG%DS>uGIMNvc`^0TShe@VLtm%rq1fEB$)dksW<TX=
z$9cka5W~E!G8eRs;MTj@8hj1H$(8Vi^p6(xXYrUPlME_XUl`Gb)q~1syAiQ<*HEcT
zR9CP7gpb*0<SGW7pBb4!@v6gT{=E?sLp3uYj!NycVAp#dEuv6G=1MPV+Q-FIOohc-
zlwQoQF3!v81q;=w(}sr++io;C1!{ITD%u*8YiPCd5@;BVWOrfApJjQq(mQ&aCO;S1
zqMe*MD#KM0hdy<}@5QK*!^?Xm8d)AkvUOQ|_{u8lcqcpAUN_9*Z)r+GNU(4n>EdZb
ziXd_YrgVHP2#h!(d_DpD=*}YkSgE0UkBrVCNS}BIzfphyard0KpX8{6{!sWOR5X?I
zS8q|LyJ_xzz=Wli_3Rt-Roc%)LmhHHIa>IuL)YQAR!dvFPD`24o!4z70X?R5FFzSW
zuVUhU*3m$TmX{$GR*$eU=;RQ`_hjI`@c2nut&cQ^X6RAHb3Do;vc&ZPek+{MwHR&_
zF7P^FD$r-$3d#Ndu1%1Pku2%jN1uUJ!DQO-q}4qczW1Z_8!<**+y_(N;D4M{X-e@n
zu#J_W8^#-lf%>gfgQ+?g5LE`Qxy&8Z=E!!s3ic@7r{^qM1q|hJmr7Qfx#q1Vl4Op)
z5l*o<#kP;P1ubwy?AX5d9pw*K!Fq~5kxP-39Agp#_LBxw^vu6qX2OF!-{mJPT52x0
zKnIQ!w|T{8$;=F5jCK7=;}4I0gc8JLa>(TIgrN!&FXN4x_cYJH>S?r)Kx-v9r)pmB
zw6}4%k&|50X*t5}V_48fA8zc_WQ9?8p;pO0Y2hOB)@nS!4Fc6?)l&@R#C-f$5b+Y_
z2ItnH@QkSoOgzbICk<bF&;w+u&WH-tx4a1y0RwEX^0L8ak(WrXwar?oe=){+FI-cl
z%Yh&I=S3-pen0HqNB4pht543VYIV-+F?{G`a8FySsFIVh)~6&|s1|Y)7Z$hKB0evd
z9g&0&2{Gd7r0eF+KU)ZzzgcPuoQ^377^)u=Liee3XAh8^y7#mcFcV}n;-wX~`j{Gd
zHXp8}AkJp}rCURFXV4Y2@S<2N{&hnHl9x&M;PPvch1$B_;VoHv&nlnyg5Bc$d#~dn
z*Ui&zfcaADma9P+Q7w`;jzRCG+uWRBUpZtgNaLkm!Fx2?e<SgbWsqs?;Zyv@-sWH1
z*iFcH<?Ie?Y}o&o3n1Hfg#>n~M`{ebobIBgm~&@rCC}5^@y-@{H|xR6e@q=5buy(I
zERi>$j&j~!$ZyEnmGA4`#VKrJfV6^m@QIUK{d8xb;+HtWpYY`&@uK)W69_|_U5`rc
zX$!x@@|k2`GArJ%zU}@F>NM5k910<xKX-Fs1$}0&KO~YIsVkA0AeTNl`yGk|j8Z_?
zdBUD9oCFB6l!Bf=OOd#{Is5M3$*!~f#ZKLFk2vF)wY+5&_C2394DYr_97n$Yibz19
z8Rv3`2tAYrs6_?2=gA(O%;w|RFLMKfseN(eTM)Apt8UizBidXDLmXY-pyI3mrCBf1
zYK+J_952*&HazD?Q&D!k7I41I;{P-%bd-j%NXO#QIp1uQ^0p*nE`RwVoLTYfiiVZ<
zDf<@ITcqhOrk1W5fdaZl>><SDCir)M?t~UQ8t7t0og8DvKcA6QA0lhU1VS{7zy3v(
z0#R7<{0)qfwbwe)DkQ}>H;j%BRUcMF?(!opSz=VmUHkc0hacCl&#<~DocbW}DM9Y-
z(&WWnCE=No1q(r4-L;e7(qStxIcmnBi-?K5ew&d+ubeLsO3_-TE<UthyPVJcrGHOY
zvX&4Ji<xu8Y}nY-3&(^uGGo|KRi0=)6F~P<ZeHiLDL^QgvucO`xo`q&a0o4;Fr|hB
zFf31no?QmtvV)SU!ehObqEv$}Hc9%zhp@S^F*JKFoDm`=pWX4J?^YE3p!A;P>hlon
zcsw89cQ4V>kKT;pT|<<I_cBu{wQfm{4eQ``ek=^fTkNU2B6E7c?d@C@h>e_#iBdZk
z!_3!yF^oCfULK^MR&{83s)8W1J~&RjYU5Ho%;9`;wq028G_8OMtcnlI0^5FQwf%<6
z+x*Qt&j)F?>%aYW(?~jg<z2PlV6s>DGi}DD+U*Yz|Asmr+t#{vDWC9L*5)Dh97fs$
z3?g5eU0z36{$y0Xn)0wLAa<wF0?ITBE1!&^v6<S^eUSDi6fxt9sS}yfo>vZN75DtU
zD((4+!7YlPHwB|U^VU9c!Rpzh+w|aY1M=io`co3+jnJy1gGS%Y)_oxN@ZyH|SQceQ
zo8vd+)>ZVgAn3u~N8-uW6%%M0RUgK7|8&71bDg~kBeOkH>sp<ueTIM$1$e1Hh-Iu9
zjN-JFbpFh7Ac|)Nu?e-m0`1~LEDltTSv=Z3A)r*_<M?Q}j~7YvV;T@Ga%h&JcMIXs
z6Wqp1f`Z_2b~%q*yy3n-@xkj<n3kB?Qx}p%qm@3VJ-XduP;3igAjy?sI#m09B6Uba
z4kzPyEz;@K6{SNRRV#DOYc7s`<Vi|Pfye_;DIrF%cP)eW$lzGaWrL?^jdAmc&8MJi
z5Oh6H<TxIs{xj5gHEZE3GIxy7hax~mVl{JFrlJEyG<p7J;9;&ozBUKXKW^j)3436{
zv6kryzjy$MgPB?u=H>2Bgfo*W8bT%as`sfPW*dm;FRv0vuU`rS--OBFc<(x`2y-fY
zh3FR}x2-|a7*nW9xcRovJz^M7*QrciV+YSCWp5X%k!P`qANKd*CNM!&Dy{94+FPSV
zp%kKHX-3b3Q1{K{@l!!jArc9XKn6`zXKMS-iae{MM5b4G4JZ@0-w_&b*&Ip7JH7p-
zgcPC?p_7N&cWS9K(Kl!MvfiT6Ip^;=YLdJ|twD!k_D#wR>6uNQZd~&oN*TasDcyD@
zYL7zjz)E-X=jbyCB$HYcm^p-<=Sp{I70l)P5X)roU2w7bi&oNk>T2ZLK^LL082OvG
z9~-1O$6p5u3R#yS@;3IA#I5wL=HYHcd&70*(|p!1&i~vG@z%#uh^^zKBG$I0*skk4
zGKMFGNPGixFzJx5$HHhZvX|49NIyJzyrcFPzw<jX7&N(^tjpVQ5nNbJ5bW-qBDQP$
z_M7OD+bzQ<(AN-IlA2xgm*!s*hU81yly)|Au8P%QR}%j>lYnGmOI(68tJzgU^-E^^
z;=jt9T{<ribI6refORin0yG=3zoAV<IoZ@8^wqZg8zL{8fnu+43GeL;6H%id0DCgD
zG=cF>q?Hc2+yEqUZ>tm>>FQoqc=JNOHrBbW*Q$CMil<+xM5usy_lPZ?hsX~?xDqdX
z7AvmjpjV7GvYjoqzJLAdN-}Gc3%_vb@=7z^s1$w4iD=vr^67<xwIHGrd^gN&<0|FE
z7iy}d(EOKrw;MRsK)jU(o}2|C&$jIyQm7u?>k_l?lIW;k#mIYatwNz%*p5nq?+z%V
z-_l#Z@V!v}UQx(55a^t!&w82WNw}Ydnr?_s`=j(IG$UQNYJ1x5f%nekLF0(nY`+p~
z`HjvygmKTyBgsD6<gL&z{4q@2!s9n|^hC!l`pGxb1zjd{A971xWGJ(57NuTrk*4X`
z%W~zi^y7;uZ6Og3Uh?XXOzk6!&;d?qxF`9&@A@Ax_bDUmTFdEGp}59+=ovDyar#N}
z^NqcwX#xk5==1;fXT4hT@pn^i+q3TE<7}ystj8mcKk7#O0p2{spG+mbiI{lFZgl%l
zTq^DHhu?%FX?2Y5oqna7`TIvr(D1HjUFD`au#Gmziz~IVoLzy@FVwH7^{+Lo_&)Pp
zc;GIc{Gi!&FDt4ERPTpw)NckGfJ>H#&>fhxOcxJI?BM#Je<lmz2rJ4)_V=Bd*myrn
zNBRS{VL}o~9i>VPcT-<1YcnBpJT4pK?W7UTAakis_gW=O(?$@yhIWpZT)m4AFcj>0
z>U#%3x%Q!O2duXo6GN+}6xRu^W9mXqhX_epT4UDI-&_xpB2KoOT|Xdvf)_1Hj*ocq
zR0<`0ViEb7uiPWq14YjeT)(mSwhGMs*zN=nAqwDL^Qg3(>lR63ib~W~!s7@zpOv~w
z8ni$815AomkGI=Wj^g`>t=gS&c5*3pSzdi>EcZ2N&T34ya*&3{FaVdd+ICb?q3E_2
zUv5%zjP%XQlhOS~Y^J12C8AdrEEbXT5h*P$?B}G@7AJ;(s8Z1fC(z)qgc4CfLe5{~
z`Nuh<HN#Ok131-AM4xo&01!ftt&v2?o{d{B@j4QUDl|#!u$C|VmW;#f?5I-O^RFj~
zB&rC1MdfT@8QOZ4EBD<2xS>szjG4E(uT;hnc0G13Nyhz-)-_0pG)cF^SVhFLn+wz<
zDe`T&8ZCW?=!nF9gjQ^FvmDbwK53M2G9Cs<F<<(0%9JoXN(py#?#D6*9b<k&lOz1I
z4I3X{bHsjEycvskol&TNAFv@sGkQ%$fi`E2e8TC3U;xs;&1lzB*vw{&WeKf#d83of
zJoiFmH{uxP(VZ-mc2GU7xog{emqYc3`wLajw`cqMJpM}SodFRSqmhP~s2A=_CJtBn
z5MMWr&8Z)*#wV+0A7N7?ayvXUdeNU?rSNOak&=8W^l0ImEEWCEr=_45=g}4S!qB0X
z{y7Kiu*hRYi*LWLRKvHf1D&O+G(JvD!j`XJsr4^;9IIS3;~O^{=IM}5$p>Ze%*Q$e
zgK>S4J7va9tG@z@<7QmTi$06x3!*eqF8DYKJ>qMBS4rY1e<M5$iY6bWR;w<E`{mHo
zw*P<^d$?-Ec_ZR#$t97it_}w)`IA(?#~yq>4t8%#9|N|mshiKChq%hd4}%5FUzP&9
z`SP#BwH^thI`lMAP1W7=wZej^j^psN)$05d7;$J3a_G;T<<r$fzctoGX*BHk`oq*f
z(;Jc`FlGf8S>R?D=cGTJMk^5EW}|&$pNPPGmPfHtXr>=MtVoAna`<OIkwwjk!ECbK
zt*yhvLj6aS%!V#_R}lk;H`f2Ud;rC*4`**Xs`~*)g_Gohvxa-WJ!x$Mzl=X-euk5<
z&YIk8E_ZYM0$Nv43(ig-{_fJK4jc~pdHnD`AXdWJ9r*I*W5Y1)$d$CH%oWOr!!J9s
z3ZBGk-hc}(xZAWW3v)>j&W>)Gd%h?Hht)zJ-$SUV$<6&`%qM-}J{jOjn(Q-uPIIuq
zFQ@t}KIjQHpkEPr=U&~BT{`~d>({T3Uml>JxFFXIXE}uH_JGS79l!Y`gbFjeZMnzr
zs4iTi2I@QM%6YgNXEFG?l0~I6weoP+j5@|$x56-y@O{HxSSnoiarm(H=+!4a4j4lc
zXLMTPJ}TrG7jn!GIq^iqlbh$^2XEZm9vJx@`tAs*Wy5X!1*fa57&|@pulGcdrLi*%
z2Dl2j^bP*gzouc>lHv{N;6mVYctMmfRuE1`HE(iQ>?ZuMpBtVxJ?n{Bvv88nJ^18*
z2Pzu{N2S6_Y+^O#VeIHC?LHj9VPI|8Y4$JQFG=|OT>l-)LvUgLeL!k7a9tLAtY2aY
z_VDE_E=^C)2x9}_Y=jlZ!zWO7PMZIEgz)YEoftt3Faia8Dm;WxEwJ(k^oE`())gef
z*{DBvTz-K5b7%jZI{%uGo9wVqm{U2AYoo)BU`C|>dSV%;NkXo=G5&)ltY%dInzC_W
zm`8VEg520zSe6om8G!1pjl!UB!>{DG&y=zfnqll%f;o!`FgnzKj}Dw2n`y>Ig)@|c
z`(OV)JZ_;0-$Rq^%ZS5>!>{Z&iqDCm2oiAB6j@7ZG4f$rxIR|V6E0s2&*uAFIx8#(
z|7*GOX!AL%*xR5#vp57@vHs#Ob^F@umbih<gT=MRf9)d>MZBgHtYyfGiTMXaQSj~m
z{F{?VZs6Zpue8_;r~aRRg3~Z+uIKL-YX9?>$PdXXa9Qo6b0#>LNdNrnR)NRBJuLPl
z83PmIpMRoea5vt5M=kz!UQM(@A`D5VZ`}XyI^tk>%rmq4*#C82EL=B?r1yn91{mId
z&KnDYaPXqL7AWfd?<Ip$+y9R8f9J;kPK<xOCjT!dMujEmuH;GKRm+7xD*+)>Jo)b3
zyYH6HPQyDHZYo$zvkQ$x5#z@$XZ`(fG~d$ieE$6_=XSICQOgS_V5yEk7MK&Rg$MpD
zFdgQwJyN(AnBhPFyL7{zj_f+OkWH4W+Cu`?pKHkWVepg(Haj@>2w7f_&Mi#9hl-Fz
zm*G`y%%2Z+!s6YZ{`7<%tZBF6;Lq@c4;TNe7YfLyTsGn_i@^z1;e<U-Mbdv37-uS2
z-(+S*&zwZ-J}`t;CO*<!BL461a^`_U?hE)2XW>v89AY#!>H5#1!*Hl%S^bPH9NL2%
z+G7;+XSqTnp@`SdQwJgb=*|g4H|j_Kxjr)_G$>lO1WuI%+~17z%i_VmSJ*oE{PmYB
zAFkoL_rbN*ynT1M;O~!wAse_REV`JZ@O2M1%Ra(@z?xjf2a)w&4D3Y@kS*p0OK}MD
zYh*wEd!so5A(%!%txW=i0PyK#x<6axEPPMIMBC+@KPOlHzx**uiVXCNYr|mN;}2OM
z$CKZkMDA&XexV$?L($GUn;aomO+xuY)u<N4Wv}{Ez@-&D@25XOzRGwl;}IWQsk%{}
z)-BoR&ONOD?@X0z4EO^@_56FEj`8{oXe|Q*>l?IK9<vP%BDWrYuUo3RzYXFEpMdJc
zzxgw6efX|j=$si?T5p1BZdXI7tbo`1lLj^5C@lf<kTRYV^`jR+@~~rwgMP<Rr<f5Q
zjWY%Ysw`2`jBv9ZXHX5^0?x$dB+DEVuDgMOflt9LmgdPT@J{%W4IJcV`W-0E)qqSH
zN32$TgiC++5}4)Q#zAnr`|2XWZoqXC_+QtccJIe^Lhm3=gX_r^wxt~qysrkGz2hWK
zPWuZmH3TIvXj{^BiUzbcjRU9a+Xl2aLHw)?YKvVpphebyH2pI`zpp~|Nnn3c_f4%;
zB<|%e5c2VbN?s*j(Ad?NH4@nYt-Bx!XzagG`mz>`8b<p;hw&OU9kUOZR^KlMlQSN*
z8_z?$q+;iwoLh6?%#&(pUaEl%U_y=DOubR3t44Xh`lR^jHAtrN#~_g?-3xiAf=D=2
zNS{@=M9|fNZcPo6;UFQr5X+U4pY1$9ps~&uls&52Hpcz!?uQgYTAM;4@*a6B<mM0v
z4)!&`dL4h0b!_<K51<>@LGRaC?{TQ#jU(0{vcQ3_6KLH95Tj}r@viuV2p5h6MD6)I
z@yu|*5^-Z2xFOZh40g}Tw%jpld;vNYWRtlHJanR&ym^#8d;%JNujTwsPtJV~_71wB
z&Zn_F0WP~Q-<ch&*;<<!TX73|X4~)ysDs4AP6g0TzflM66(4&CfTpwzvXS$Bs%s`!
z{HqD<rlhX@BIOj4n2R4V2(d|A23^j*f#i&XprsQ-ZyI`YIzhP>0Luo=Ur{p~KsJ27
z>rBi16ilrj>X34-y^?wgh(c!pu!WaFd(-F5edVOrF{^Fq*5E#>Q|$-ptKb_Z(=IWj
z$QQ3w()eX-Gvqs5Z!PFKj?8Pu9nOB~KI%9<1(o8;X-+v?cSX+K3%G=SP#ff%2+F<>
zdF@z8zy@&Qg10w8JK|zLz3(J94^)hyv434mV{>7+zjFi*F9PjN)`{;KFzq|~zK%Z5
z;i9AC4|tFj1Qy93w|nk_7WP<O+NzPA{Og}HIXBN~G~e>po#cLyb@A1m@=%xh{tQJ4
zpDedu9ozRo>RYJt_D%zI25$oNJeIwgqQ}1z&`|stc~_1RG#Pg+%+)@qJI79d<H*R*
z1KG_pZL!VTnnI^3_QGGb9@zPh`)*8<oH`8vwqU*vDoxL^vEV;f4X@^CUmJ$&@Z~#k
zH{_m!kouBs$d3<?0?9c+%SRMd3R#2!FBy6Ys*fDD?FRd&!?#ykzP7#g&YU)W{<D4m
z005X?(4m*O4SnCH?joH)6?K|=E*XrS$I$4$LaOu%_v~W^Bjs~1fQC*C-x}1*GP?8a
z?FCN>>-ac+cp=Gha60Daz%bX97~X5Kb?{=nA;q7uEIoJ837U{jhG~W%c3SBc*xu(4
z!T3<f`>PrSGm12KpU@9(_%UR|?5$U``*VSB_}dL2XT9_eJFx&8SmDtvNEwMKZc7gC
z4!VNsbDZrWj(4zpk;157*+I+r!OuYZetGTdai@L7O##vJg@G>E?&mM`;yJ`ASjx`*
z8SG>{*<k%=@<Xd&dG{kZu6w94ja)>or1DOg6#{fj?=n(3?Q2uAw3{+iStzM2Y4rNW
zy)zXrcOJYGrxIO9rZCk|CRob)>Uzy_H8(Yu0-1R&uyj4nx)S#@-5@fdHS|SRbhBBO
z+pNA>9|aZFH}qw%W$PlBxmS*~csJMWc^Fx4eDiNa0v2qS5&W{Gyx{3Y&_MMDQO)P&
zf!}*1?iY3mwH^TrzZ0_;;)I&7^K<91!R?#{_U)T2zmJ!czF{}Hrilib0<4tP8x~ER
zum|lYG&2N8&LDE^j&!*z#;SxQuhvQ<EkP00hOSf=<q2^H?Y;eq<!hM3x@wyb$tPW2
zeG01DYI0@_Mhn<3K+Stp&9i!vb`#|8(@Ecjq$71sU_*l=w+5i&d}vn=NBBMN|2e~z
z*`Z&ioB7xxcIuX<=^d6#JTLjD{*5uLDuzXufrh1elc|f9SU!L5PE7hLHMQ<R8XXn~
z-;Gh%uKGnVRk`Hk3{6RXytct;dK6;>E_WA*gVCL~l#W@ApL<h?54210ZCYBY!n#Fl
zG%R@AbE*#-zetc774*Mf88FxQ^#$G&4K|neT`$`hgX;${!S&DBbwyG4S2>HDD17})
zGLo3{y8A16GtGZ*uhs#*>;9Q(*G^*@_1<K>beIELgvr9rF=5myi~E^eAaj5O1s^{c
z6{|KG$<|9wJe-}R{?kn{-CJBY%`I3(_Fl7VT3pau&&H+qbl@GoX#KrU=QL+NuU9jb
z(sH05ynMq0MfJZCz1J0;-TVeFl^xTTAafh8wH@^eT{cSjPeuYuok)`ETPAZRE~b0n
z_;znLN#;9=Grz#M1Oh1~R!m8=LE&`64WPcgdAE!_G%jJ8nDBJRTFz&j7O!{u;?Jo&
z#&XtM21sY<cUE$hirSE-$6MnAK<#Se;BQdVy{D;561hb#6BY~+s*gCq(u7sO5&B=q
zySd2?w<<=DfL!tA6bfmzO|!=nC)tYqW}At<)=tMes2}&OB?-0xmII2yldTcSqN+dc
zSWQa|`L6MZ1Q>H$05Lr2g+MuRSh+&*6mB)v6+H?~T)pp1Tcmpr2N#-$`gWU>x_Cr-
zWhnAWBSHQ04)$FBNEgPeW$!h>hpWgR*-$#w7)316sBd*z_T0_M3$DGa^U+i>f_kwE
zjaW)#fFLDgax{V}KE`QvG9XecS1r^0exZPG{0|e($8tD|ssxudd#Ch-bN$cN&NZ-4
zb(*?=B9F`(&(fvGMnSYA17EFXZ@&fdGuvjFz07L1eVW)Op~<9<mPwsR`90!hnOwEZ
z@!8(ju)Ez{F2psnyn(yKv%C2M4t+9AG$KCjvAA4o$@*X9Rk3@`NgwPm!7kzfX1MkG
zq%95NfsZ`aqU7lYnjb+B%ehNntq4i8Um{w=OJT45oF6R}a352kS#3dH2GP5?T(01J
zLW2Z<zk-19l*;PJ5QrIT(+V3uGGJLvD%2AFDIX87+B~89VF<fwXyj!<^52jz$F_Xp
z4(+8p)MvZ+q(hb5u^Q@&dXo{&F^UelDN#is?WLR}DNRXY<cA*)Pw2!u#QKkLcBXE|
zN*o}IbYWT<987W?ngz*Hm|SwJ3EK9C?osbKq8{<69GRXzf<=gfJrYkd-Ewya9a@hM
zFV`|;r)ha(^-z9VGd5+DG#%Fw6yL1dKK<dM4EA{2;X=BJ_W>w@l+d*|%41xDY5N`G
zX4g>y-do_OGP3rip>M}z_PC7tq)f)7wzGwXb{O(12^|gSXmfQE-ex7R*sWMSSPm#&
z?d{^}#{?&K#4^a0Q@qYQs8YDT_3jZ4ZD=mgfR4`J&kQ1Fcq8t%_F_ZWtmV})_ovm!
zK>i$ihR?57SELRYTqVuC^x8!LR4+azoQBIo`W>rZVg!Me(tKod{POo|*JLW5?V)NR
zK~0POFBhQQ&!S#X-$YOln;2`{)Xm|^I&sO-2PYMYqMYDu@=9F54foT<uVMEGS8t^Y
zc~Q8oGYcHH!wR|2#459#G|0q@4eC{4m?HVIwd>aco>kMKZbB8<Qh>M*EogftQNl#X
zHpEeF50`4JcdLY?jOZ?`M@wyHYOG(`j7cKTu`bX58eq}(k$+WBl3)+#3TQ3FO2_W~
zDPegb{(CY!vyk3n{Fj+DT+U;1^O7V1)pzO+>c!_HE~HLNYV%xvu^x`;xJIxHD=&NQ
zmE;zRY7%r3)iC4IfavCVInnjb41?T3TR&Y@{`n${f{!RG)uxhMdzVg67M{|k^pp0y
zUb2pCC%cc7l#)J14wF59^5c8%QU6rs7Z_^AN}Dw~1c;D}lu;T(=?RDRr+$c`1mqN^
zS>=>-kIKk&Jcw7$Mn*cgP<lmyNlyE*yrFgTyfR($U`rj*e_!@h-u+w`B6T|0D1$2Y
zhEt*~$wIu04oTe`sGKz{<x_<J$$)O$V&IHI8-c22|DK`0DDtvQRz!N2IeC(N7+&4+
z$6a*j$%)HHk+?h-jglj;YFAk8rHY*4*Lu~JokYtY$dIkXM5W8=$n{J#4<)BOc~t#9
zjgT=HbCW^$^o4cptR$9fW%ZKaLb8nF)g{K(`$@-y_YriNnm8%JlD~v?cUjB@@Ndf*
z1YG8cGx2&iF}At_OOL!l)SrN#c#Er+>}t{KJljGx#!$WS)9s&*=<>DX&3ds{5>OWi
z>efEur#!XGWys|kdXVZ@{A}C9gml4n8Y<kgr*Z1NaSXxBG3i}lqP-ZuSfzGX8A8$n
z{rUlQIqaw&hUyKMjv(%Hf@W*Ag9$L#xtvv}h(|hQro+Oko%E$AxZ*lv*G7b*{N(wq
znr}^N+XRU3IGUoxa@Awib=8Frp1Ub@@0Z6hRf`fu`>MS<;Z>{)3HFgfPAm~gdS6#5
z*n8JTFW${K@de^6wV}?~n-j>Z=Ok)rCrq{u?pN&H-s4%5gD3vy`R%-jyXq>W7A?3a
z?;**>z0Q`GIdI3uqehI~GpDe5rq)Z;ImUY5M8OU(KXV*@Mu+!T-H-;|y7YAF^|;c_
zN&6lCXX+a7TwG!>mFq%ogFlT?8iUIB`T!cm93W^i>^$(ZEb*H>D4N;Ul|Lg){lXfp
zK-hy4h=`BctvR3W;2?gRuRx(xl2+s04c#A*X&Wj*;^)j}I{1TZsPH3k^FB9q{r!OQ
z)|Un*C(ros!15}Og0<JI)s=j0FIJJdeMm8=wZtZWAN`KW0`7wWOqWqek8hhEiW(Ma
zk4VN0q2yomulrJz!lX)Wc>r!e)<D(Bl1JZ%y<jfUAz#T+xatLP#<`?Ibx6E>kOF~w
z9yGiCjbG>^sQK*j$*%xKq#_6}J=T~0Z}gP#Ked7|j3`p7z<V4u{u?e8GzL__^-@>S
zM>rvkI97$wUqx^q>*nwl)z2+cRvBaad3w=ZqMIY#orgO+BV|cy)FL~iP0C%drz(9>
zu`hIDahu<E#Q)ya!)J7xlj?R1lLZLvrif94Q@pWVxA^g0)JBl2r(e~s^S1s*kE^uK
zhIx|T1%=9MYJZWi<Q1;eC*{;EHa0&G%7;jgzPfu=x#vTRUmg2|)8uylwo~BEa$mWq
ztCpj!sk|IA!KQjW&z^p|JKpHVvtqq5Uy$v-z+HOqOQ_+-vOO!Mh>HrrWi*e{qfe1U
zCX8y^43cOHQ&2g4vLmAemO03Zu6nvLpmLa=FOI)q=E9V$H2t2~C9ihK+dp&Nhl|w<
z>*)K!Ac(&$hja)pttAdP_Iquly8ia;l>F^t=e2Rm)zd3AN9aa(M>D0vUMvMiUw=B>
zxVg#6OJ6V)HzlemQduk~s;2Yl_JTb$ERVI=_m-D^kkDfME!NX*MZVQ7L4W?h@#nRv
zMw}1R{H1)wRyl&kZx8Qrii!+`cCQ0N2Oz_jw!Ls3rUo?z?qb^76D%qh#_L{AJF!ZU
zR~K(nW|m%lR!U0Sj1(ptRkUqo8hks;N)dbt6-N8#E=K#lvr$fGwOeo{2Ao0SK4T8w
zPHxu`^+{XOws>k>hDjOG39zR*im;{PcfPho;XK~y<W>`5qa`k7_avSpL0rb9+ooxy
zKBIy0&NmN3E2!gDryTy$r<fb5=u>n#f}Y@^tn~0)(J3(iK$iCXeW`bmOBKm8yl5`o
z1E7NAF+vh&_UE-pQSQAN;td7+2<FHABh|R&j2=%wYubs}L{&=7x|`_4kQ)?c(bqUh
zSvMg+xVkf$+iy-%)bGgyL<g?2y-v8ekH}5|oyO~ss8q<*J5!14$a4qx<Qco1MXP0d
z+2zp(D{xNNNEFMhsI)qD2b|9oJ9i;NP4G)})z`CMTIBj{2VVdjcP&m+kVbvAIADBB
zg*6eOyPaTC&%1TWUHdvFP7u%j`y2JEuB1y&>YA~E>iPkvLYUO?k0-Z#A(Ys20!Q#d
z!JgJ7xNQAe>%6*SG^;FG+2hkJBsxx8d%yMPtWdbkT@e+om-bA%K>ZEpmq)>@v+lg$
zKmI`*4WypS3y0IUgbo!zcDm6h%&(E%ETH6`9t32Xr4W4ziy{i_Qlu?!49*|D_==tJ
znDFU@n~JaJa~LzFRoRH!02W2h$7n?mQhW2TS<Y|YzkpX<Aw|=kMjaJfZNVYSYM}uX
zV;g5MJuqL3og9^zsDYf6gJBR-zvN~EuMn`f;$Sp=yI&3@&HLMhG6Q{YiILaVDikJm
zgl!_<5a{^b^!Ly{v2!lw+UZ@GaUPaDMUu0wXvdvv+rA8;0!Q{5fGGFg5%8VcagR=|
zqSYO2RSsH_-cUq#l233Gqo*X{E^nPXJH&xas{#oFgDM-B6Wi-^)Ay7;Jyu)-$?*>j
zd`w|QJTHoMBP7if0|>_P`3R`r+Z-~UZG#+GCz}FPw6Uo!a6gGcs|ySO(Rc(8$Rx#z
zz4Q%~=DWFq?WpN@@_y(kW${UoM_b~Pd3EuXM`cPb5|l1N&#KGL<kGia`aS&t&bb>x
zF}#j5fzMQC@H}(=PmPowTKS6gW&6v=zYb{#TAy{ubpt?lnf`(~ylHpo(dS6-$|I-A
z1W|qsu&Ggf9MHMbcf`ad2XH@*{5B8f$XSxsW5MrY<m+3jh9yg^lsNC#KPu~+k$#IP
zmWm+evEppsA?t62D&Nwb+{>HfA{WZE!dR~Nn3JyW0xst2VBd&67fW`Xxi=-bI{(V?
zI<ItO?xg$NQ0e`K0x=jK<v+tCh7BO}$LwWM!}lW`tT;cvR5Fb@*R~PhV&hfSN@>lA
zaKp>^y<hjsa7aHbT0YNrXLMqD3QJi`60pV8R4-MHRq*{aFQC6?b@?;ieeJc!5x`Aq
zwjm>RZ_$XqxOLNRgqH+n8WrQsk^nmZPWEw8%mLq67O~ehq}3<2;m2jI`Qz2NrF%!N
z=a<SkymlO7T?88%j=Z*~M`hGEqqxs7Wjk|pkR)#BKSi+ZI5bLvtca_a|5NfyJ_381
zVu9RgHhA1qP^AV%JKr;ZHX<gZjGoK)@G{`wq6vUmzdbSkpVHqbvSsnyF!F`coFoHm
zta$_PYW^V1)&_8Bq1I#{2OJWGL)xf!lYb74n!=&FZSxlZ7Q_O!uc0o&2jyh|rvIrF
z>%kMYLr`k2KOgxYpqh{=n#_i}2_8n*5tW-IA=6WT0oklC)ut#`vx2@%SuK!5$$i9r
zi?h4*1hg<af7Tynl&7kw=l6Yo(gSQ+a(iEl4xQg<Ya+KYj)ObL<sOtk0Ex<fK#T6{
z7?Her{mDluLe7D=wMnom)glGr`1)lY6%_PZzWAaGa<6$}V3Ilm0z4#;4`Z*cdZN`M
z5q6RSh9W8oZ$iPfHjQ*ShR@G%H{q052LKJDeBSN2r+_RiXSimUYl!aeeFi6epyR^`
zW1T62H6;87jIkOB=Wi>7Qd?3MlPCFiz>=jJ>018<sMk}#Ueh|16fE3AMI6>=2h)yR
zgD!RiG4p^%*0himZOa}2h~HfWoI53O6<&Hjz$%^k_7<M^Aj5ag0irkq39}1V_RZZu
zwkt?~2lOOo1Bz7~_yft4H=#{IMPY*f#%!*4mpLV1`R(KQI?&Mj1l`YH0kZq`jJpVg
zMuq{LK5$5<gV+k4oDQ3A(BgdYvMlfqW&JHWs~YT@LYDz;^#jPZocMI~02%N&1D;`E
zM0x`(wad9;wK8+s7xs}N;nHoSL=z7Sd?<8jj}PSP9HjY4S)CpSyQd`%Ia^+a!AX&$
zPMu6_KY|T$&alni8l`*I`148J;XaXuW3=snb(wtm4b*+{MXWc{nur_D(_<ViFwgP%
zQM`Pg7DYVPiP0B}^47OPO*;V&{S?4(@ha}SuxM9$Z^9UL@@Y&?2g0WH)PH5dV|QoE
zW2Ip;QHl(wSVr7}6<zR3b^a^M05Hi9SGx8e8W=ptsI!OaUMVWa{|h+6PBE*H_H2T7
z!<b4(Tm?8I@r1(-w#pxPRnAJ$%PqJLdsqcQlLYHx2LN^b2&Y$^gls}j&J<T=HFvco
zVjq(IZEdr8j$Cu@-L0LvCEe?E>uy4;&ruY(i{9E;v%C3g-}jNvq1#IyqZJo9;!9JH
zp%HJ}O1;RhCt`CafPeN0B-(jxO^NF5>eJWY=AME>m=KQh>W+LifRzGAlf2J@B>7AG
zmhftnfXE%n3=|%Q=5;7^)4?DTS@TZH`r})74oc+od7nW&5AYLQ214ZvZV8t|ab3S5
z5q4_KvG{NS;<SIB8410crx)*zTLSDs!10#gy<`3!-4Qo?@m(WyvEf{Z7uPsQj(BRY
z2&jMJh&*XEi%?Iul~><`^|TKF(YsAQFM}A7l9T+EAsI$S?K>|##y_gNAE?pU<M|6r
zr1)}=va3=+t*|U=TIPK9zzfgM6HFR*Pb^F45nUDorfbhv*{-UJq)i2qi@HFJT*vzp
z*CVcd0>NahWuN0|Rfq1=sPhNA$Yl&Zl3(_l2z1>J1l3Ob=l-I3S^AyRDMKN!7r)gL
z^g;=kOIfr`L?pTTK-=~Uy(^)dAO>+SQgwCWwgw0sEkrc^-W@BwP&c$|T2hfz-ULmU
zy%C?AZvGzd4tN+llXK`&Y8_Cd53+|(<5?}Ao`;p=>B+48ZB{2c*joqO2P*s3uS|#k
z5NMxdV~+mY2UDpNx|<#NO*y{m^JolqDh@+U0h+luY;Ho!yjAgPdNx2f91-Sj`+uA)
zw7N&Di}Seu2K5_3WszK*E4Z_klfqS_qT|?*6CYM`q5z^#hP%wL%yw&|2yB$du|w`7
z1LHpLOrL^+!7?J7x*{3g4H)Hi`+JL#IfwU!Cqe7N4_~(et=HuNF0H&!BXXXKW8t*D
zq3umRS02w0O_Lq!_}x0780K4SaToTBXZx`$_`ahHGB(dzC?dOATsIuoL80^H{lkte
zS4&pej$~VRzX@>BXCP=mctA}ggq;lR7K%|Jo<XbUszlDz1AboR;oKTYuhjPFprhhV
z6PL>77}?54#Ov8~LsF}<&fg>_wvU`q6ZzNDi#8)sv*P;vqS}wJ9Wy_FXi^dE+wMAX
zvO2DhMxnKIN6>ln<`(s>+IUB!Q9U|Onc<5($Lh;sk1)i$!#eG_R^sR!(0{r9%ED%g
zV3=0VvP#J>`;t|~V{w9H^CMr`6_2ith&)GTjZFZL=MH7Hm)Vpnt$ommOOQ-2C-Rbd
z8tbV>qZ6*yE%iPM|JsBjo*!?>{qR7B0SU|y<VA=TAnIs<;f!jWfK*uFSu6f>J5kCZ
zc_*QZ-zja=qaOB>{r}!eAmA=w%wLv94PpezqddGV7Vout)hAA%8*jm0GYMH8XLd#(
z6k@w&VecFLVE5!|8mlI$QcaxEGyWV@oR6QFnL#SN=LM)PH(}6FG!7+iTOI7(1Aopv
zK>s8h0}Tl1#^`W3-2j}9t|8`w`k!5V33jq8ny~7kv*1$$K~_tULL)Wb|1iI#;1owb
zj9&&Y7^!Lhr{=3A0h?`(UYsb;_ifVcIi-|_W}{E7LwC29Ja6`h-K`$B4SG|h>bz~b
z!FRUjAWCD09C7if*pV|1#}%g67_Wa0=t}L`%JQFx^S3&6^EbTvAC<Dz@fU<SU0F7u
zRoq(qGDE+#4e@8GPTMo14TsdE^1T<uoheAw<=}0lA8H#TPC7QL;;lkiGs$mwCY;Yt
zz&2EBTGsb0vMI;njO)MNX5a{5zu4WF6Wd&WXWnIEug5CGddY~yiE`Iue#1^MR}k75
zl{@b6c?Ue-Y?R)f=1|BIX23-tg7WL7b^((#P^=D6hSJzTjVN_7sJ}I$a*$H*)zQ#*
z2gyc_25P~M74SNbUE>7%$AqYF$;)gbtZAa*&;#QO{=>vyh?s{c`Q13awh6|+4~u!!
z+_hl1aYC1Ql-<a1-*U?{i-N=;05ti+OJGY+L|a17$*s{jOi(J*q_s}FMZS5Chtc^~
z<4{x%`w|iWwjDFd>Xtp;a5`L1@H|PRqQ}wrnt)4)aKm~)A$Jg%a^1G~U6~kH1AqFb
zP>#$MwZcwuvA%?^pI4KC^<UF$WCr&~m8*jg$nY~ejbV@ozOPjaPIbJ)Kf%Rr0n#8(
zqnA)r`38Z~RQ8Q|shF-i+J4`l25h6PlG>a?jJ1CH_4VERo7=F~`-61FOQ$2tkSx8t
z+4ZC!0*9;6n6@TA3*s$-?-(7unyEROcD~2kKr_&X4$kZsU@u{1Q>Za|6Sp);Gac6M
zfC(nDF@$rogo5xhQ961P`i!cM$=z%2G7LM&U5uCx1|{(ZkO&=0ZZMT}UIHVzi%H}w
z1ilL88s1awj&-iy=hL}MbXe5h6LnJS_0nL+oq__u@EtmhGmm@)AfocY!MM*%tNYBJ
z81v6eQfvLhNLvvqd;&y29P;>cBll><wo60Mp{VtjU2LL;vIgNZc-0$2W7uy<(mx?a
z#sVwhvDpE>Z&ws!G^?9kckth^i|f}_37;XvFbJTXO7E?VJQR?m;B=?A+u3k;v9e$0
zio&q8U1NO|_2H`@-}8l1CdCK*M=x@+J#u#82cI8qPDIZ*$|(6mAZ#?g&L$mL(vg-c
zL^r*9$MqX>(zJ$<3yr^hZ2X%>#WJLj+IRW}#zVCla$ecfr=E5v?`66V`;t}kWv0st
zdz=adL)#ep#kh+@l&pT&A%PiF+K#r5ia3nqtd@_3Kz7j22v_AZUm*jyZXgiyd||ZG
z^@&Huoo%v52j=3&B=~YxHFm{KWeJr}^cxjvQppMv?EXU|EvAQcmu)+4m|Z9#tZN$l
zAYUw@LnCPSegblZCtug+fc*xEyxcEE*!EEZR_FsswvYlQ1qtvaXQAtxyRL^q3X~qh
z`wS2KYKcs$K~t+&K!W%LA+Ec|^x(yMR*7ZTjMz8)!05jM;rOi8@>i!mH8r%la5@>o
zpiix6?bMaHH|ieFPv5#Jw1M8*F2)V;JYmZa7=bU#^=oGL^_t`F=g=wJuIMxD06+XK
zB9aYKGnf3H+{`ax%=Uc+!R~orMeqt8h0;;K-%G>OB#{&Jw_B=P<&R&~64U^FIu{>@
z?u!-<^$vv!eP(JuPJ>eRX2#(0*?rT}L$DDo-Dx)8cWE4f`z|1<66e8l&K95ATeh{+
zTRzoX*NJzxj_jg~y|%sdvJT`1hU#<J^S|J<+0ho1^?*E7PFWOAL_cyWJg#U7o@(vS
z^P307QJ5XLuv*w{)BROdnN_o!At`8x8l<!yhDMDU=%~M1X)-x^fNKwN42)y$mvw}_
z@pMo|39P79TCsP^O<WEYZ;!I3?fXIF6h2*Z_7LHB2d7<o3Cr-5wd1$&jk5GCZUq;1
zhI7I+>Yc0(hhuf^(u*D(wC$Z1a;YLXi5SCmWvDaV<mkUH@bry|wm0W;Ty+=a36Lec
zKg-SycR|p>K7F^9$Vw}%v5kG?wleeRtoSP$F|vi;xlIH+<s>xI2iM;)p$TG9&%R#o
z8G4pk+lOMvR%x=D9gJ3?!8d|t-nKu$Dxb`bEwRtv*QE&!m<dIYjHfz<G{SmfDrhVP
z6ExM2`;0LbcxhJMhX|RTdwxrqO{Bkz<YdAcl!)En4-R$NQM&xTTQz4Z$|sP}ACR=Z
z-pNV{uwK0t!y`1QhBGB8>TndRPY#FCEnqPzA|-_n#Iosfl$@Tk)mFAK9~=3Yro()s
zy#ZqGts5U<rZzT4?nibLaWeAo!<9sGrxCkywvBaTN}WV*{NuStK!@pkap_%W=h5j=
z#^7v5tIiu51y5f6pP{e%q*B1iI5mCeaq#f`R@5Fb|FWk&NOut*H4qEqSmU?!v15sP
zDs+{dH7UNE<g~BG#w-+1iREF!<mclBV>3d5wxb=-H$7oR=S)K&a|NT-6pe`c9FuXm
zz*q5$&4J|Lo<mRTRVbUe3Pooo)3%Fxe+!L&1p<%9nBFnURyRkg$3Hhn;=ej61$6)y
z+L5B@j$(|Twm)_!a_B@lPBV6pdEWTfYU?S-4>7KBBfj(TWjdra-e|^PsMhjBH*}_F
zlRiUmlWiE~hV~~6K^tx1&%hWar8={<Z;0Q%gzczqA)CHdHU5qrlX^5$Jw6gssXej@
z>=-MWT}TVBOlq#v^j6l$8^5~u5C{dmL*epO)@|68Uztyoj7bHzo-YF<KUo%uM#G%(
z{B?<C$1no^96LhHSpEQ0+((SNE>kWpn8L`ajWo!o?{Rv<?cI@Q7|AFg@8}{Gi;Kig
zSZWK!-qw$`_bQ`i*>s4>(cPFd9~K-8VbmAAcHgAc&808%660QOmdKlG@Qy1nTfaAz
zq;(J@N;o#Gk`*muUr2;zq+es`l6S!bY6+IReTYdHJ3#(*{Th_YM?H>Uj@NgE`tyhO
zf5dT&vl=9kb?du|S!kK^n1xI)Sj#nEXKggz#~-2{5-YbEbwWkserGRDu8yj-Y8@mo
zhh!tGR!yAbagJz%ddm9@?i4qhcM4ZJ*E%bE-1#Tv7Mt4^8GK1K&iU=}^E8Yc)sUl|
zYbfIU(JV=tf!SGNA0b3|C@)#aGxd&>sO=(NQ7TW}&h^!kNw2jkV5Kt%=3Umm=N+WU
zwf6Ikf3T1Y1TtCMHav`gF8dMCW%b?YpF`G2o#6FRlMle>lRSigE+X&f{~Q`c8XN8h
znfn6hB8iaS!cV-#|2aeeyhkAY>1iFvit>OPIXnPyArgiDPfYj)L2xn`{SKc)DiGHY
zHv95M!#P=0jW(RNq(Fp?I*KLSs!95leFo%2S0Mu4KF}kkna5Wpagk;D^quaj3XC`U
zyJcR|s6DGr64^@o9N$#E^7UDN=r+<3C6;gerE#&vY~%dAdG7B~hP75kxt-y!-89W<
z*$DG*>0S16tK}on_YWK0%U}CFaPPT)HA)plcG-Rl7Q^o<BHE5Nv1V_EnY=`pM^_U-
z!^o-M6O_`Io;x>2h><I=>J}lx7X?_B9Kmz@ubI1IFUlgMzEh@ZJxXpweZK8%D0=(V
zVL}em@*<<Tr7iK%X^zw`q5mU5e64}Y&h>8&qpDg7fe?-7%iY;01IlKt^zSpy(=TqB
zx7II@*NyRi=aL?^>>e^@ZD|bIK35^Xn`|MJ-MsRl`0hoa0v3EQ?DSWD0h+`IoKYV1
zlV=bso<sKBm!N*i`j-4s4j~!IREgFK;jwYy2#wO1q@$1qWW+;XgoN*lPAFCw4Hcj5
zR|ALcv}%SGoWTBy>kx6oeEaJLAoAm~b&HNO-%s)@IL9I~5*G_Q)}jj^BrisNQ3r{z
zhZo;}5kXeuv6WUeiZf@&6@y<}WgXJa%j=_>fNk5Y?QA(~JgfhH>mo%IkEJIV9-^jZ
zpigt7^Q{3yNM>*lwm-g1!~MG2VyxRI^3Ag5J%FoYY@#c~&B|>q1qkr-+G|<xe^zy1
zyQSuIoc28^T=l5>uQJ4ClG=_q?-iTGS<6c~?<Ne{l`qGY&D>iTbL`o~g%?#Huci}7
zG37X$x=o5AuD?|jKk74!edQeVN~$3JK@ePY0#$}PKvy1T#KsQBjTz2I&ZIoLtS+>V
z->=gG<Q;gYV)155=bq|y4kMhv^hf5C9VWP6x^YVSX>xWR6P}%V0E{nLb+X3gPJM{k
z&HK$Md)_TtguVe=NP`!gq>^C0fall=NZ1VC+HF?}<DSA!N4|wNMMW~1w(YMOr@qW1
zV|xj1sLzZZ+575eMaPc<r852sWu&sLVW*dRB^lymjrIC{V+prwStIrT%LNE_n7Hoj
z(y8)=kH?y;Qq;rAgq+#-*XF@rrcEhd-Xw)|o(JuqMeD>(W?2(OsDS*Z1uX%IJhlX%
z13aP-A?(*}R^v7({JMP$3?ym@)O7a-^wG%~X-RXCeSW*AboH_THj*jBi|6oV=b|~B
zN~~3A%!wetBbP+_Aw+xT>Bv6WVGz59O^#KJd=EgKhcKP_5JV8}DEgMDY6%+`Q18@6
z2@DdsjzU0nkj<^Wb?Z63Q$&)aHlN&CFaRkT50(tMuoaeC{w`<$+Z3z)F%)ES(lran
zEgkYxPB*?~xPJT%<&rlaAyFT`htv6H@idC0rJFi>TgsPV^O32uml}l>VOqj2sv{qb
zx+-*AqLp*?7L_GnCF#HRtz-k4A<id&jBmsiVf?B)*(ek8dc2Scw7GC?CF25`WAN=<
z;z55x?SzY+%K+nf==0JR%q(}w$lwio=1s)UGF1gQMTRzaw^MG(l+Ww%74kSSw<OSU
zQYS1{(j1%=;>l!N*kWiB|7GIV6-m!lRrdj0v9CBal<@~MIc3Yux2fc5fKT|naHWTa
zT@LS87rmPx7~`BfSEL?@(BvZdfpnGDk<o}ybeG0wbF8yjc=y!DG<YX9yMBwtw+H0g
zW8`n^RIOUAkXoxwqMFLued^&Qufkz6n<b+6Jv)rrN!DS;dt#%c995TNPpAvVdNA1f
zqel{yC)@<E^?m_LQW)n*c>({>uKxDd7L<$=sHgqDxLE|d{5**-wJg0CC+B#pMgm_n
zaUYDa$t_NEYLs?93l?=}8Yu{5vjTgt8}Mk(cTe}#sLMoQ_c3G#>N4adCW$R+%1=2=
z>u}m)T|66pqy+&Vj?ZB~*WTxB<!xOYxv?V!_5<=f@}L2_jaXJIQB#XNcz|^7xo9>Q
zoGv=$x4&0jP@dWG$JzRzd}Gq|5u_*Cop<tZemfh5Xz*DBkiAN4kx+5*8X)p<NGxyh
z!UFCAg;k}o>7=i=6Ke~jiu!m3?rnA=t?FaqXn>O_u-i<!p0G@3;Cp3I(~24_9`)ro
zDYBEAow|BfMh!>~9?|xJ3(Z;bNGWVKc<`Nn(z-?d_?b!WsjP^WczM~_l*}i!`@X0X
zm6^_TjusVUUtW<UT26=%FS)$Hv^l75`#;VpcM!kj-wK(dGp$1B-WBDixCOrR$v2_|
zL<n|Pjz@u?FF1yQWqA7WH<2XQj54$~Em=?~61x^l*J@r*Zsuyf{Y6dJWSA{YrzNP%
zfa6)v7nEGPNY@lWyBELIZ_vxBTC~Go{_4;=;Pz}k`2-HO{{sIAS5%HXsy++jy31!P
zFCU!Fi1Gk!(p)={k{V_HbM5>BS}ro_AG>s-QzjX;Q>MwOlMZe1_dn-pNBV(yLTMwH
z%qNz9HJWGYSHDjl3%Ip9vb|7Njcbd_i0uv^c+|j-(B1gw4Am!RI_KpQ<9+*mFu@}&
z=r+-R5{!hicGaEWbj0gm6VTh%c82S9Z>oGEwrX85uRF$d>q`6n%GFN8Lj?0e%aWg7
zo=k2ovTiIPX0c`tx|bg{C;bQx#3x~0OuXHljZTxM^}51B;N|XhBYo_B|2VJ2s=U?Z
z85bSsFPn87yzR#_Ay?nU)x<u*##OS@8-!^AtHIAP@OnxKg%iC)%~kg2rj~vCjh$ZC
zDOo)~^2(URnU<aiF-f-)5-tYoVz@^^k=JClf|{D&pdF7NG@+WdZmkorri2N);IWbc
zwFX44$q9hO(*^Dt{(tPfWmHt{+czvQ$`DFPiF6q>QqnC7f}(_UtCUC$-2&30gp`7U
z3eq8+5`rR%NHc_l)BplQzsJ`9y`KBI-}m#oo)6Dj*J8;v!JfVMoab@;>Y(7vj*6pu
zc|4Rr)f-1OeXzIfiNp_(_$qm$FE$Z<Ie1$n$Z!rqFe+F{UcWR+2(uD8MfoLyQs!>Y
zxlpnmoGbp=cL62G^@|KLFdFW;*IKRH0`>66;J0oqwj42(0VmtU*{}IFagt?THqc3V
z`{qW@qXQ;(B32onapliFgpD2X5kJh*Sr;=GDDmZCc-J<GmTw*Jr(<3<9%SFHOD$Ga
z;W%W>YRlvdt=G@YN>ybyCYRg!SmF~Dr~WiP14n(0@*@)`@YE;F3wA>%vcyPaT%(y<
z9+TbyXuCB_5GagGy`sJM{4=*yjyDtuwo6#}$`}EH?xmP^V}3e?S>@|4-ZlM1G-vx2
zaoThu1RyT?f&mfK9AQ%EZw!Upbef!1ofoILOnF?zc}Y5q9ymDfoqkgYwa@~h9MP5}
z&19{tZ*A2&E6Zw=>l=BSr=4XosMC&s$J8%3feP)bfd0|^J?3ZDJzE*=wK{dV%v8MD
z)H+EYn@qb;LuAqH9gOJCT^c)Wa@on_lTi+-QcXs2INKZM1;J}UIvt7En!C3FS9y+Z
zUW^i&J&X`;5rIBMOJ|D2cYp#H&PXm-Cl^he$v};nUZb;m%67TlPA+LM_6J=XKSwmf
zy*6@rSLa<ey#P>pl@s&|OrDBRYEylcES*YWj^{8!$v!%@oy#2Y70Bq39&{NWgHmW0
z20j&;@JzI78<$$vMD~+-fvJ*IEz5#F;y)78yf=baouh>~11WQu`;&J!_;jF4qLgZ>
zej})KGAQoKNqT%Jy+uF%_*8-)<$2t+tXVV_X_?;N&giV@HTC~=MiU%H<ct_AG?nc~
z>9)pePo!*Hid3^KpNf)cOo*sqSwHIt7J73{*VK`vq*}>Rt=?`I7xgR9uuK9$X*Aiu
zu|DT$Vw7AgMf=I9om43cB9v_mmOUsdI<rp<DX_y3+K4%v_$<Yxmjq}dI^Ol>+16Nz
zbV=>pz_q7S?;8-(L7dqlmZ3erjhI;R(L4`|W4z<IaEyyWCq;1V5K-u<<5c0DFHZT>
zpJo+guBMRNY#vlVeZ0`0VNX33JeTHkQ@t^tVr{LhrHqD@Foq&`!V3VKx#9AR_bVKp
z&CP*qr%BY>&e71d?FNB3M9)Y_6SuxDp%i`GyNzA<@A5BV6=-g&M;z2-xzK`nLbgX8
zF-pujO_mc8_6RP6k?_Tq4{XsStqH}{ztsyQSp3_m4k8JzYD$G!85}8ek`YF#<}*Y;
zRXHv<*M5d`{}7loiIT1!N|*VFZOmqKpkhD!tG5>yk7HNt>?E@q)XKwp*{Db#y?8C;
z+AJEroh-)ww-wuwHS2jIT$oA~X<LVACTv43&tdu7b-$d_?<v$FCiiO>?Ik%rT?>So
zp7U>2S&S!6^ku-u+d>Lnw!#-MabJ&QoO_<z7&Qww{ig$qsNbHB6*@cIDIG1>F4f}N
zEKO~dwKnO=xk2VMT^~Z$dWHRR*vr>e2)~zrP?+K#p}+b564>!)07id1Sx}46n*hc8
z?+z}0`PXILLriEV=4)O<DR33A`MlFrPCWl!gxI+kRtUz-z$5knVF4s8OyJ*$YdHt8
z!rk(GBLZ*o5!m)dh8Mq|{CmSx#2xRtrzVEjgik?#HuIqWHu54ktWfyVNp4TyLDECK
z5Ihvxx1jQm2XH_l7GmmiFN1dV^doqh#oYyie-9Oan>cIJ<jn~<_%`SXi`Y5-9iJ|U
z16<$L{xG2G)Iey0q2>GK2u(2azk&xIhQV7E{wW`ZzX(LWIlMxQ5{@Jov7pY&7Hs`9
z(K&!Bz>G)<KG^^8nEl6V{lBble?P}e^Iu!~|8TYam*xEb@FyecL{KY_irxL%WCC$0
zVZR%Nt=d0;z^gNcRlY%Ij&=r%z&R#REEk&Adyg<TJeXAa+2H2`d8(H^flR0Y`n`fJ
z`Qo~8-*4R+vOGK?!lg@$xh49{B&gr?otvsP0i%k^!qMT+_eU$zbBBi`x8biju1rig
zHmtQz)xIs{Ba~8sOAvn9NQ*Y;EVRF@18X18<KiTz&=M9cp#dbm0ec|FL>Ox4^ECLi
z--%!5*g;P7?A(oPh1(bin;iu!6n~Hz+nvi-P$~%1bcPr%u_7;sUgFeQdh!3CPPW~o
z|L$aSf(ZB(kU|IxA3{x81BB2}Y(0oxMiCvs5pdhDBiH`BmF-f3DGUmdfI)pfK~%QK
zZ0S8-=Y=rag;0U6fceW4Mr|~CSmhTJW?eRQ|8aW-^0nPSvQt%I(U+}itD<A-^@~;l
z^i@^&zVlQ8OH~aKf)mRPdn?BawabHGW}%LR*ShuICj6g8AcW>FfQo@jj#E9>4cc?j
zBqT9u4=R^2Xm;P5fDNt+k@I~ncq(8rYyw323Iv{1?6EI_B;o#I5ggdikrqURE(2Y>
zwQAt5^`{w;P}oDPB;r{_IQk`1BrW%%VX5`#wIuIfwEDI<bNz=4H>=*?;H+9$sT~t<
z@2qqzbZGQ1>~D({SPdi^t*qaA_?lO1_)AFRul)^^F2P1O?uPwuj<S0WRgtNg)ZE5l
zW1gNyVC<`YciUv4gT-~^_kcT7miMP$%hh?VMwK5*{q|~Z_R89A4|;#oaQYr_IBop)
zX5l`2_y<Q~miepo`=w>}0c&9wrJOTIB&{BeRIWA@{?XO076Bxadctq6QtaN8xEwC9
zJKyN%u)+NSK7CuPg8uqqk%{T%Z>NnP`nCM}#uknFI{8T>9$ys&iuCyPy{A;FHaj`T
za>2If1?HSGIghcszUfhhSs$?OfoK&3V2THH34Qs$TxD&SvbW(ZRW?NP;;244*R4IW
zhy3qFFyrN$*4L1Dg-*NwG_eczhK9xshADc2xF!V{jl4Y|But=j9))k2!<+>w`i$5o
zmHKTJfPF^lcYo(=Y+w<qrR@WqEPz&P06?vUR>Ba|hs4ddAK#XS-hB*Qc=jDGv4U{p
zPc)eon+HjQ*=!WXRot~?5;g^t2HvffV@>f5qGn(Q4H3eqqZze|Tkr0!b+E$C@xPhQ
zV8)2_(K@!{o&61#`|T8)FN=f+PD#yBdcqx*)=Z!O)S$HO_TAxrN5>zZ9IMx_>gPI}
z>02(}sq*jR(7!)?Nx#ruzv{J*XH|utkN(!TYbKFm_LVevuiN=GT5zOFRsCdwA7XU#
zYTi2ze;}=}m#%Wk7!ffK?A~iUa<%c<_An}J7<Pmc@r*^{%d_R7?~W{DpQ>Y+Oj6mE
zN83qgMhCuRnCyT<uTbeY&4G>6hh|6LEkpfEb&4vlrejsh5uC<5R<SNdmpwg<yth4U
zd^SahELsZ;k0S8H6=RjTT4S?8L?&<P&D>sh#8pjL9J}?#Y~mSy$F6FpW-)!FZs-}K
z+-U5G%w3(H-L@&+hhNfDHqT!T_&qv`>^o@(g?dp60#u0C2-5%ptU~=F(^G#fV)7uO
z-0;_>>_ls$xYqW2j!~*>H=~<2WS|q>21!cln>qi}b$tN`oBEw)pN~G$z!YHY_Ugn$
z-2iY?r9R`3-@k%P8DU>i)<c`UEHG;vhZV+&XCDY&`y=`yxgA*)(i%(u`KqinC`wjJ
zWIA;8EE^Xj`iN-lk1wW`>=9`hMNhEKBXUMdweK-UQR;C#I4i_IC^=1hqUWrR(4XN-
z$HgyldrK+F{H_51*G~w!=8kyaCua`?AmQI>u}{6WG-3igp^J09o?aF9wGZdAR<Ft)
z{ArZIV<xVB$yofv>JmCKnx8x(V;LH`T=(hO*dr;|r9)a+5u+nwwB?sahbs!(9-R~@
zx=O2Wxo}f|vWZ9w<J@rQO@kkam4Pq+?{lI80|)zM7Xv`gwg|vjvySbbyR|&y`!~Ub
zA<QIqH0lWG;O#*l=Vbl&&quyBHjWIJzU~I|u+GRuA)hD7c8|!^6vJe<-MnD&6R+E`
zMJ`oH0%g9O>VkGgS{kz3mreY*Pt^$tBeZz5yJa=fa%`0EQEOv+Gi66w9-hOzGmO3*
zaOmp^n9pVZIaPj+%y=dxG1#<NB<#MNCHoPfH%0Qhg>)ZWfM0D-7UIqBwgnvRnQeol
z@p;oxZ@{6|<awa~$Zo@+Dlxj*saChCAG~*@|C+@(_|PS0pf%%IOBJ?y#CWbanva1;
z$gVw5sk2XmH{&k}xF_|zY0k6n_nB1!JGEE-2fHs@(Hbqf+L2=ZmL|zMso!9$-8A!^
zTnF5sR=GRFH8!lTU~hqU&SS9o8H}3H-<3Za@=sU}Byid|De-|iU$2^UZ)v&`oTejg
zM+Zlk?@X5-Fdf<Tu)kR=oSqci>EfMj7OcjUxEfUv3YHtt2Q_Yfm>#X1{cKV#U@}@G
ze{`v@u|k(uA4c66-&5+VE2(f~(#sx^^eP=0u6%zH0^I0!L;4g_z7Eh_f52ooV_cH0
zjGbF<sAUv+N=nRZ{ZfiSu;e#Ql=e`RV60&l=HTr_lmfu+zA<130RKMnopGxKjQAvj
zP*Xj~%?hES9Z1GJCi&l-UrH`@;QU&TpyC`w=IXMHfa$JU&Tn_$UQ=dgCULeoOWg7K
z!KpQE85xeg4%-g+9?|0abJSwa49JmADgzQH5_Hrf+H2q^^f3DwW;0R(7a3zGPBa;V
z6(nUv$)%HUKIS84c8h0{_Hejju6_tPR@)tF17fBlLgcB-xUiC2xtff7!Z(7<W-CYd
zRBT)Ai>e*@@1*cH%<Qe!zR$~A`4r8t7DpT~E|aXE7wgr%_B?zwyX>`*MAbqwF~45J
z{$zOVXV|ztD~GqA#{UA7$uolwUmd}j3d_A$%l*SDCT+eTZRze&@B9(`r;AQTpP#dz
z@&eTR1e(SB@Toy%&olph7ya2JqtV<FtFfd)6D@4*6YjCy<79`wz-X9d;5&HZoUPxK
z`x}2jLMo(G<@#HyvK13fI44HtrK!I7>)t}Ttg%neE^0|~2pn)2Daqrmmo+6G&)_TG
zd?|?@hFF5JLUm*LmmKNaumwqmo_i@veD*;g%yoK_u>rtpXgfs-4*Xo(jO<^OMsYX6
zwHK(4pL*Rc-Ft^<C8)`)-n-%lu~nED0UyIGzILT1ziG3}8Eb`OYeypN_r%B|!P9R<
zgYW0OAy<Nuv*$p|X20jl<yIli>GA0&iQ_ntDfABPSRWvS^UhHlvg!N=%C)Pg;o&c^
zX*+UP*4t_8&+abr>oKz%-=Edo$aY@%_OWjASIV=Uz13wa+(mtlwD#y7-V*_zPFGF-
z(C2UCNg{5PdDQmPtoCGER~*ya)#)JlLrm@U>Pp8PZ=CSuo@0^+ZdE(kQJQVZ#>GvJ
zT&U&M#?Lx~-YeBk-2ec$jF##fPm0T}g^mCn!GpV2V0^FaBxa?XoN4PQ<}t(O`L*xb
zH+G&HmvY_rLu=op3TlDSCP6-7W<h9H91$y)VM-U_NH~jkr_46`rpg%$R?N)#P@FlM
zayFQO$Nvz{b-AQ_i@Wa|GNmM;v;J}MyfPoj+)*n~53GWgUpvaPqpVKb;M|E8rjo~3
zVCdA#k2u}Iu;Uh=<nWloxAaPWFuhf{gL+P94x$TtJjxVtkUr2qtTDNZ*&IqZL2-%f
zA%vK9eih64!8@S!mXlp^H1T*YgW{4*Ia#L3oaQ`l3)r-HjdMZrT3JiA-J#GTxnWN-
zZ-$a5dv3Vj6Fd(!^H^-m?Vl>F{m|fUE2n^wRlsPgSK#t=yJ2+ga(1he#8US6SCI#W
ze-5^5H`^9C-=tkCN!hzuW>-rcMPJLGY)m~&BcIe{7oJ|KZ}MyO(Mh@@v-PrGhrEm!
zSldKA#~E*9%O?Eab|pFnIdp+d#xC=-#Mn$_rM=zYRj4&H%wT~Cuw1KkcTEc?-?7ur
zItrVo%+<ZW>lU>(amgaMJO5Uf$5NzT)_c2jstk%H%YNRzhJLSVq_6bcGv%ibGG+&L
za@NHR`tj>^gM56OB@5M^3Xa$1325*>OOxU~DUg5h<^%^NG=B|`Aid<T=*;dOMVT0{
zJvq)_)C$7Ec?T;qL2mf@8{OMsMK;RnPI0v3O{QQ(9**&QM+beO143v<siSItQS!9i
z3ABopYFDz}cM>%m<-08#1^uv{%iJ%WAE4uZQ}*K)Rp$+)2OVC!U-`EOy#Vd4@v>Ki
z5$YilsIu~>;?9M?Jt+3d8ZID-R~5A6(1$|6octTve2;&9=nQ;DGa}{xS0CEsfvg5>
z|5k$sgjofzm%8P^Pt#p^^&Z4+a|Zpmq0Ve0pGY1lyD~)Yk07~nPCpAXxMQBn`cxjU
z?sb+G?ZG6T`4gwk-i^#?A@dn5b8fimK==Uhm>juN`uYu+QM>H4$ZfL*?3eh!epwKQ
z$gmiLJcsY`j%;MMSp(Ltn>Ewf<g@cDnZJs_${bM)A?PHx3`mT8BaV4dcG@XYS0c>&
z;Y3z4E6@5xJcvx_yFKb5Kc#zBXOw$*FMRJwR0zLwS6=gA05*u2Z^*Q~vRJIJ_xp{}
z%~Rhtxp5)=Y4@YxlKG<`zlCZQc>UVQs~#zlr}0QG2)E`1-P~xS2H)zBRyQf}5D-%8
zP{H-~@>B%pC~#cP0hD;(6pdG}o-hzlTeE+;()o+*gdwP^`1b_6YC2o4WeZY=|0pt>
zP&vi;P}=?Xj9!6(g~lhK^RT<yt3`4e1x%$Yd~N)OFEl(Vk**h{Y1eMfCD!!4c&QwI
zr}DmvoMAL4*>voCYmHO%rVIgG4kM*DQ9f%Q>Bk@s#bn7hyFP$n1DW=VFc?S|(9_&h
zORW4;6bL4Y$Mycz55RX~Ja1ER1NATsF%o6E%f*A9$^-OFyU9%*W!mDyF!ORm#vgod
zSFd0bQ<FBNRzdjv5Q$SkCSRs#wzxjYYMLvx{_!s%!r}^h%}V{YX|2_Vra3#A17zHs
z4+P%y^J>f|I($%h^}(dlAys<*MabyX$0%jPr#p-Uy#poI`Gq%f+C8+Qc>emVX}&>~
z`T;r{@2k`wReg@kedD{%P{@VN1&WK?4`>p~cM;u&9}4bLu<b`9_JFwU10-hzG6%{@
zS{_iynPU9os#f1ujhDW~AwfA@IKi5E4w|hF7M}vx^AC(+Jd`r~Wia<U?yJ$@AAm2Q
zI!q56$t@Eul)sOXGc}TVj!d|361?MS{ds7|t0;9$v1h|U(4e?UW_!YSBj$69iOWaY
zqxF7u8a&sdRtC0vqk#lOOJ{m^Y4syF4=uKiQOK>n=;WaAf9Rt^C|@n(E(QnNgB+|G
zv`iZ{5+L3YW`+=$zn-nkIN6s{nw}d$a}#YF9H-FD)iC*n?<{fLLnz&q2($2mIF*~Q
zo7OWPyKtP7QVZ)U&f>Le1Dp}hs2|BTmb2lD<TN?W1A5~JLCkq_=Na}K<Sxj&T*IHW
zxP#<_GJ!8EY!z2mIxq|Ct~=0VBZXZ%B)(HPlHODquTrEB9|4$R6gYJ2@%^a_CFAm;
zZ`R~2w2p~J^xR@oF$^IL0g|s4W{N#}Hvr)}+wg6r*S}5VXF{^C;8}DA;*_xIWCcx#
zBK|Xsj!#J01(D<k$4I8EPYtN_f5_|sEnR6~N>}Q>G$_o4+ew*H<q_}&EgUElHR7)F
z1@-ddUUBq;6{9MnX*<f{;_Y`c-r#9cJ4Pl@A;6)*oH&^b#v@U+l-HagqLUbgU&*H4
zZ>^%)V-4qSKrO7(4JN_18YKKh$=krVTNrp&_o~r{*Gj06E8<A9%5GZ<tcXNDz5Iqi
zBC&k62}e+tab^t?u{cYGE^o36x&zpTW5?OtiM3s-%#gV+K2snIb(VHRX7F&~)`rXG
zW39m2DsdMCQ~n8#)>`n(Pl;6D*H>JSUV9|i!K2==;{LOPv_bc1Int8Fo+X&7CnbDb
zj;xYobG>%W97hx0tF$+DPELjwmLQie92?+f8(yZu_wYb`XQKqXVec({5UzCc5eCuW
zU$kHBs7!8~POOf<=M)+=Ar*e_0LejWal0<Frb5<dK~GQ0VMZwLMWhEm_*@sRP69t2
zmB*rufHSL)C|Hr~9@&itdrI@8h+x(PfAtke2tF?{vkQa<-S9s;@T?VB4Ta1a$%P2R
ze%8f<)&iokXjq{?9DF7;w`G6>8mIkao#y+hCL2!FBPw)V)ApV^&GhFfO%>^=4POh^
zEfDPuf1%|ojN!%&4Sn<>IoN6IdK6A*ZE$3J%l)x3HeXxhT~yR-kwZqF=tn~QZI`R5
zFWh=#Ub4~ir9`}yKKfW)o#eOf|Iz~NqGzF`90^b-^&LOnwgMqMcD0wwDnshGx+>zA
zTDCIb=IjwKO*_4a77|Cx*33S)cW4ff48eJq<eWA-e0Mq)#MxofuX7OiISzON|1I~R
z`~QKTk!;VmuipE>F83+~cEihW7Bl~$#rKf7MDag0CGaU9Bd#WNxf7_g0IQ8>ggs9*
zhxHcXN1B4CnfW@n+x&xs$&s!-C?op<ydl>!c*C16zb*g0VJd>`e)qYu3GnkdWE0M&
z?%(<MkRcK)_BUM;km*2$>ty>Ny8Hg4!0>yi`8aT*E0AJSNnW+zs2xh%^>pcjbqyEU
zEC>PPkFEDehSj&_-+DU*4au`7q$OJCBYm&Pc??>F8`6CP0Usy#_JCGtRudAyB2b4@
zLi))&PNb#UtPm7tI8=;OjhWKa_8DO8+ghdOzPg{!?=aWxe~3t1<~_OAvd0`Km<|t9
z!6&!)JufbV#s}|8QMvc3X%QgAa;|_2M+iW5<u5=5ABvFFS7e;ycTvsn3wuI#*-duZ
zN1cAVIVa6aH%kLNE}#zKTACpHUhQ2FNQ?qdHP@+jRf(MzL{>qF`Ag)+_VUP2YK67%
z`lYh>zJL1E5dpO)Lmk5)xSC33x9=HQlhEU>n-Acm6dXhx!tNl+g#&AoV8=#JCZ21#
zW+69i6gcJSOy6}4lKpc;u;Pwnp8ZeQ9I|=Gf#~THjE}5cnnEmTS3{Lcxt|PS7g}<n
z2c!RBCp<<Rlh_koS-obcx*dF=W3NGU`^<n`A*$IhYW#l^#4g=10<VxKNJeTe7Jg{i
z{S6zWD_7IxFq9;sM8PxSr$tsp$^s=~r{QH*$Z1A|`h_5XpB+mRv3WerVm-MJ!E8&$
z)U#~kppTHgmJ-sDII(9Kg$sJvL_qujrrf?Lw#sYj;JhUif#bO8zw?V;A9f7zClMkr
z?GPWS-x|2OYN0ynv%M(*`<nC?68{F{^NN>RF;W_YZo3P4BdbE?0uVW;{z%7`=!#R@
z8lvZ>3MC+N{RDwozYx{XE@P0`fAHUYBEuVqyqB;_gE%+#nAOx*Wr_-6N=I9M_lonw
z8JLD`Nb*6F>kb!{qV2}X{AD)Ahl(viWT&mCSRhNS{wIbNSGA4R&ba);w#^hQ2DP)0
zGsbsq6(C*nt|lCIBXhdi0GheQiN?lS@CZE~i06|x0x6!f&JV=ocnz#ZS(*u&H#kTC
zA|w_qsBO61HSqec2xiQ4nzG(^33rSml=Ju@=o}m^pC8R}Mqxlv7`_f!NA7bOo~AER
z{>#G^{L?%fSvAqD@^W0ARQaoQ8?kAUF4>VrD_z8Cdm91hG1zpC(kN>%`$Cr`>6%U7
z-w{jmUIoXhmbB=vI15*>X?=jLZls!l60?1eI1_l5j#y?B7&WY^bF09h4~jPV6?2V0
z$J)rJ&Q7<{|BimsZXSGblP3y?z@|NGdIN86w1S?fH&n(iaxM6ZomyZ)?jPoMqDKTu
zZ@^8#vrZ)qz3R5PS`Z^@MYUc?uC$Lc{ce`^cP~-fp5kIj@*5&Z88x2d^?XihgtV8t
zC4IXIuD3-m7Eze@s^c-^pj(TvYZ+=$cDpNBW)6!!@3GZODfnQ5lNX~&G6gd|GoO8g
zCMhTO@~2Gpv!vBvj&ZG+`{6{@$&APd&}(3&PR*m&rp<IdECOBb>}RF3Y&=wWjAx`>
z%xS!)^D01tvzr|kA9XNNX|i8plMj;jTrrNC0H<sqQ~|?rqcrT-{qT2P9Z7W;F-6+a
z%a=q|&Oy|h#AI+p2hjm+JE<vxP$GK`k<e!Qf#}5*$>`JC5WG{~xeO6#FMX`8V3*TG
z?P5pZ-urAm4`$0f_~x6`dv6xVV(=*%S5zZTv6HkBg-?*Jgi?c+3q92yejX8ffzCmR
z!2#{N8>{3)wJP-L5Hq%Rs5|d!03<j@d2&%UQ|OmBI$*-CdV{ocKWV+kVjcpW1~R;V
zzvaP@+-Q#fEa)MdXw>$>&Nd#$m`)ktZp$G2hq1Q~1g;E}XL@Dw!3@57#&RP~%-(jD
zXWUEjG<s<A2-AT0LtUwL@QitctAWP+VB{X&xL<{yIfdxHTW;fQX;wdX2-IQgr&{O2
z_;rWSwO4|Ak3e32nb}!-Zs+*RK2*a|Kmf$?)Xlf+YA!87TcQ=uW=xghTNjz3TIXXC
z$$N$>Fqzr;lBpc4E%i8EZ0p^o9Qk|SUM&wV(35RY<zVa8+pcHI3{^Oe421HPk-nwI
zkA|lb?Y7a&{N1)Ay-~zbs5SAMlm{4b;Wpeb1(SHs0VD}lHXOSFe*0p(+}Dt?7JIz)
zDF7<n{Kg-I3Y$6-yDabFca*ZM&=)j$H%$F8I75ZYkPG=0)BfR?9m++VRt6uf-!AbB
zSg@*X!d^B1=~O##{M(JXp6xxziIcl8Y9UDrfrBye#PYrg{JnC$MgoF0&zgF3^VHly
zZF?mYc49fx6(kd744~*)5@i({@1S@Ua@^$f^wqN$g|V0(POv3f#&WJ?VtiyQ!B->E
z(1-Hp!?%6gumgK1&wUb!CZ@=_%oN|;-nEvU;6e329OH;RH|_e|QOd&(Wvw@{^mve4
ztu&&JWxB|%x21-YvB`upFuw%@=M<$==+F4zwN_2S>`-8@N%dQ(&V^D^Rt9<|7L${s
zWIlxQe?75#lKuKTMS!T4;>*TJ;r5WY8;{skN5zk~2Kvusjz$g9MJqn*;cbdO!*2hF
zTaD$!MM74q*tJBhupzz{RQ-*|O?GzYmA<Ys^)h54_t3c(SIXt5FhXM}np+qjI;paf
z%^6f=;#Rtldcy<?6lzW+ouphM>MF@Hn`YQo3KTPo%i$52nkC{GIpTFr<`%+9ndFO5
zma)Y2Q4R2YF@csdtP4xf4x&XN9`H(>ekR9iXnPWjP2?EnNFR0cQqe0gcx1V?hr^(5
z50gYia8{Xtkkt<*u&FjPMes@s79T=}lAdz;IrCe%0Kqz3a6XK9C$UkojZn5Drl_07
zY^7?Piw(xI4P+deTL=ZGe=IH!2|m_5sQ8MlNw}TTnL)m%n9?$o{RHQi*AzmOcj+^=
zWuBqgr*^2c|L{jeQi((;({Wn~eVs67<qR}@vhY1GjnXnH@UV&I-IG)l!**y-iKH7?
zv&D(@(#cw*q6o{VLbKK+dZizciQZz^NSNOFFdbWF;sP3&7S}W44tFiWLyuX`uWN1`
z;(C*1@FUxAWbhxwTHH;bBGY7tQ%GUZ#us%hQmUghyyL8(RM?TS!t@X?Pr8W#<pf&w
zQ0-3)ByoBeG)HNlz38$ex5QmKjVtCfwW5_P=L<E0K+Ui)N~KHIos@e`oZ`ZCc<l5q
zUYX;o(wQDDcbs6RLYl{%WSj8jj3=BtclNX4h6K^nbkkEmIyhIz+^2?nPO)uGQnPeq
zEfIVYP~=MqBLH{FgGM@npx$gnlw?bK1?iHTisGmcQQ%x={6)I{oBD0c`?%0jOv(eI
zXf|8k58`24Wj++OGi)#B^`oUp)d-}c*dP{dP>MwOHJr1-<0Mwk8Vz$=QgG}hsfN?@
z6_#f$UkP38s6|gF22X;u)Pb5cZsQm+!6W`v?z2><qYVdMna6LKS_sS5-k(I9KZ<jS
z9<(#oooPPuGy}wFL^o#_f`CsaA^Hpp_IdmtYK1^HorrF*0NMg=TGu4_slu%gis1){
zPqNDShX|bO0K_E8^(sT5RK)QrHn0BTZRk`;p{6$M(|Y#`o=gQ#peM+@uJzya7XOvr
z{}dkI0w}Y0yg~Of-1`6`Q6rj<W0x{OM-hJ;s_e3NwYLoaRo2-E=y^dg0|7l3kOI6u
z{FeN`hhD)$+83^yXaYP%L^2cFWGAh*b(!}(wb8B8MmOuE5%Q%ph1-#@jG$n8&%J38
z=kHOoHWWnkLq{xk5M4YWy+ek;6y3TB@58u!9QtZu>|FOiPvg+KSZVRy^jAI!dssXB
zTG6-T)cDkXrgsPm<N{T%;Hh^tvmU5H`>a=YmL_{m_m||gTi!xJb^DbHn*hPOV)4QG
z9S+L6nFpPEK}P_?42^Fy)WHa>l6`WnG|uWYl>g|<_;MoXsUF>=r-oCfLl|@#kJKnO
zfgdlbZC#V`pJegfGU6@c)Ubvk&7ASpwPzP-tD-vF9&bDTC(|IQz!t!+(v8jnjc<%~
z50RNlRHcyc&|YsVa5j+lNvN(+Uc7a*92+~M#+&;C1^34No){#&34dkDC6*n(Rte4+
zr>-a516eTtBgba`b<=Yd8|(A7;(-ONXSJWO?w$}91EZ&O(oveMkH@?nimt1t(^r%E
zN_rc4+|^ksHi9#~EL~qQhj?kD<A=BPO>9VNF!HK&?V^kY2N<3p7Lw(eX6?fi@Q2Ci
znm`sbTiM^tAAXk0Zf|VDRIv$@E^AXCUs5vHby&x$_9t%k<vou3A%;oolI-$&c2U2Q
z;tvvDaE0T-BE&L)@ypJVmf&jT0B|(cdd_)o#m5I*zOIM$ltuhTGJ8cFsoyD_FcazH
zaKH^d2}@b3LPKzBbw~6iauHk9d~IH)_a_S(a|X81JCzRiII?hA283BYLTdB6e`_z;
zEUGV2eRCwc8p!wpeEuD0U85O!krazPcz0tc`<Cj1*UrdgcHQsB@T6-IHonNo!FGUe
zHvL&F(x+cX>M8kyKZ#zQ2)aNM<a;jvKk)@C-&;34A-;gq&$l4h?mbwacqGrGucG`v
zKBirsYdqY&I8y@r#R#MocWe5-lO)p^g#L(sV36MOt#i!+k7x@e7^7Hozt*_hdwv%C
znL;@X7$3<#DeZ;9x1nN`xy?1C<Pvo&n4|NU?NovYUfdd5bb1}67eii%M`Dp3;db){
zy3GlP1aOSoP<coBAels45nJSEE_J38M%$f55uG4M$Jp7{!d)rP#{J*%2b#aIrfNCg
z?4Q?=OYH<9N$h~GU1BBtmtycaO_LE)cYOdpU7Ap5c7KXg+6Q}xsS;71m7Fn*pt5Z@
zA1E-Kjcn~yc=fw=pW=KdS#(76b{J&_7@I~_WC;TxWx+P(22!o8{hqF{d-Myj(sEx*
zazo;(a^k4A5D@e8Q)BOi*B;{#KJ<%Dz?eZFYlZ1EWAJY%Ff40V@;;rLXejumbJ)7J
zX>P0)W8<rfIpPDxA~R;cU9>F5JB}+r^D34%>uupVSWXNP+rS!j1sV(ZJelrw9cF%;
zx36F&?tSB$iQLZgrK`Cy_|^)ViLF&o-Go^#3Dz!&Y#?m9yxUn8v(Vp2J~y<(4i+qJ
zGge%bYS|PU@*&LAB+8K$RHw<=l%7)xhED#AjU-clVQ$bT7*S1hO0tO@1vjM?&Y!wA
zj*|CJcq1{O;B%8Z#?Ts(>;n>112H(gS}8)!{vDUeTKv&NQ>NN7YoX9PUbU5td8cKJ
zTu2wnvyel=o^v`VPBfUZ96sTrym3yKaMhO-utr@H$v`j*8{{*RRNVt^CoI5iWpwDT
zAMZVPL926O7x9l(Y%p=^SE^9uf|hJej{q-7bT$UFwWb?&c54THoKVRQ7;wZ|3AN=3
zlY}T~=b&A%DOurr>HvmJl7|EQlu62pU@;6vtN;1Vi<wIGVs|@H2-Sa8D(#m80GOi%
zMUP?R7HC2#*Y+cLQF4<Kp(gd<2cVm3^)u9rYU)6<-Liy?a6o?5#IFTn?M^6gmysZs
zPgW7n7$7?G6C!-Ro_W!^)}zT~ABx<YJpbd~#H!*-jE)NzwtXp!c!Fa@vFJ{R2G>Eq
zJ!_+mFWEae$+|{L_;k!=P&J%F@aLFCI5VHe$m)_3Ie%>vg38%i8$W11z9x`H(}>LL
zbr`UQuO*#c2wJ_)C#bhY!*UvoklJb7YonABJ;$)syq*MP_W`GIrP)DqwJ^^c(Jixp
zt7w4UIIV%VEnF^FdvG%%Y+!ueGTOYDYFD@7{%udt6c}c`vt}V6FS#aA-FD#-dxv+l
zh|Q-#*C?ti$K$Pus@Q_<rkqtfs??X3GNR&O`27_tyJax4&>c>0Ya}gN-2hwAsPwxu
z*n&imb(EJVx-j7~A$UMOpgk{KwcrU8I{P;s0hB`kO%;_uP!OdX?8u6%lYDns39~lI
zFq2U?AsazSd+xEq3T$J&84Y^ZRN3@lU!S|*Yo}AojT3z%dW)8-lK>%(zINTuM$aI_
zO3tz#yWjAaLqc41#)~c$`lyG9Xme$=`p#cKO$tdW%BwYtp$|$&wsM-W0=0kR1(4}7
zXUG8VQbb0u{9)1CgY6#vt3(cx;NL+?vEzoEGpyC*`e;e42X*U<ZD3!jtn%|GDHzO4
zs~;Z<&#3<iOoQ=YH}Nh;<l7U?$D#UR=V2dojoi|=SkX<fS_pVzheX$hNxkpvc(PCh
za+#!V_JkI^^(y8`<&M&Td6tFb{_|AvObGR{x%RMqL-nD^L!J0u4yJCz>d>{xpgeOQ
zJ2B%H!M8-J8Z5_MbJbt)+J9RrU?M>utF<~eqiz9tg>^NzZXxP$%Uo0uoA^sop8a+N
zyLtF25FGq~nEGFY0nNe3oe(+-lp7Zvo-sS}HZyb$cam!EfSt$~Kp5sn_T^7Vrc;-`
zTIXc~^3E+<3mX7G%_frc|CxP^7XiSMMoBsI5iuWp2c01IHmTl_P~N>BqCYMV)Fi^4
z;Qe<;O{jxFdaa%eNNAs3Cfmj)>O}he?4llmSZx~FzsU(i=)L@+hT%G=2o_RCaadQ6
zmcMjsQ$o-8)dY~Gq}R_bBjQTEBI65_gjt6vpnO0WB>ptJ8Szw*go&@UH{dZit4(^w
zyQz#X${mKjjd?G=FNAD+C)in%&Tj)u;Yx4fmS9sNyYMQJ@8Uf8D3*>oEoFSR9I7A;
z36Usz!bci$Z#dkw?+)!b;zT)B|4PzH8iD;hB}kp;w#Yln&d-pv-v6xccPoKzuBJ<C
zIE5!5@vcaqd`x$6&s}n8VL=i)-cB(-3j7X7JtPvHn!F-D3w}bQc5G)0UX@Mz`K2!Z
z3g4ZF;oF&-4M-Hj5t9t2II<UqobS1(L&RnhyLr%wCD8(?GW|G}cw9Rn%#$n?FuXm-
zD&U3&2L}Pvg2v)&7d8IlvD?YW_I?hj&@kNLr<m^tpRx!QQpfI4GNW3e8AUbw0WVBA
zMG(fzZ^|g)lpZE}dLRUeO7Q#_3(n*PTef8GLgJ)Wtp1$lPCY#y34b8@`giVH%2N!X
z{G9*`bJ)?`Z41~_sH#Fs{wxiBFYK1YvK$rFixO0oEFB(+eD8g#qH#v!jAs2kOjP{K
zuhw^kPA8~6TfcDi#+xgbzUC`ZX=Go@SBX4v!Qb>|Ux9|##Zw(pUygS98tsm%zDxOJ
z0YLAy<!O?<C~3Dk=fAR7yJEMxdS`pPfu3;!2?mQ4<6;;hT1|tC?+(%Y;2T~z3{<h~
zi3IBA4tNF~U?$=K#5OnP`tGbBdczQb^s{!!^KFX&_qi_t&9L1R;#Kapa5Ia{3xbMj
zhNR}w%gCBpA-|ya{49@kmOspW_yWZj<2|~mPCTO>jHKoaFst==k3bj$MP^y{^ba}k
zKHhRP@gWnCR<uEC@~y52Fp2??`cgPaI1bM=oCULH03DXqS_&awA!qM1k>2cEuFH|0
zS!n+$;oDJ43TQ5R!k3(XOEJ4nHd#tc!?}b@Dm43m_~Mf<v}@0hfqFH1F*O*5+;7JV
zuFz@~PmK$yI0s_O0)qI~AZnukjy|F9BPYIkCyMXf&r*(Hs!P}og&IY*1|aBJP%2E;
z8RSB)$F0JSPt`&6#t7UlE{(u$iIu+l4qtdCsBq0_qOcu{6bukU)*3?mN_?jx9WCem
zrz?@S*6ldL!}ad;<*2JaN0N~cHGYFPmE&=4yw5{9njR|i$?18ir)GTH{d<T>5sbg(
zjH0#%-rhC6+Ou?uT#*roSP8|4<0dG9k6q6loQ2W+kxfZS*cGNQkCx+#(Mp}i5-A7c
z0QFZB!CUvm-!-@Pgxl^KQkosbhH|heSt~<=7t6i87pNm-C`SfAbqqGD_5~AnqW$g+
zjMp3~FTd3Lf|K_x{H>WO3`$-iKoOHLh+v;19Ln15nLU#2?l4Ycf8;kgD(eTc-U*=y
zft&pPX3$03;S85a9AIgX)2?w_m<ssBAHrHBU#@+u<to8?&f0W`5v+k5<d)Y_jlf^T
z68I1by;8gK$e_9<#m9Qpu!L~#?!|M>6S^CWqd<eNJ}F>((Itw}SXZ0nvO;GD%+g*w
zhalv{0ZWNk_vmK~v(a!GGI;;TX<#&PTT?ud)gv`@vs06;FX-0s%fHwXDF`Ugeb7!E
z9Nn$XiM*>w;$Pm4gs3DhvK_D`CSN$w%qs0szz-a6#WL_;80&c?VT<M~8z++Vc3Fes
z5^`Te^Zv|^>g{6F#U}>}4qH<BmhM`AlzPuCL2}y(C2txKEN5+NJKX<PHv^k!*qi^0
zJEWJC<jL9Vw$1p+)1iK-q4zIP0opxwZVOkk<9`VyKh7_SdjUyxRMZsByo}Ap=Eoy?
z&s`^L>6|$N^(+To73)B?&vERw7AXOH{4I27ES9rsvhCyyo3%0fv-vf4cY@|QvS+%I
zLf4A|Q6;xndcSs_*fkSxRO~O!N=i($P5tFbh<>GPEf1nAOEP)^H-3+I1}~b6^oueV
zA3H<B1BDwQt3q2>c8(QqEy>zRw7=7#Qf`n8@n;eL6rd~;*RkmSU`pTJ5dVzN^?tj5
zT(Wy*JEL<pItI}ixQ>LxD_#bQ3R$fA@~Bhg5|CFmk=~8>-d?FEYqpyfP7^W=%RX32
zqG=9CaZH<25HQ&qx?3K9tSO`@U;tU1T%`%(HCnN*+ze_BP-2Qrv|W2Z>)0if#Yo@V
z1MJYk^u;e~Y~2lH{v!I2IK(_e)RsvpvUBA#+ZHOffaiQj7A7tV%gdr$aSj!#@Q|JI
zaxg`mucFe^uOF1!CEthk2&bK8kE3)%i=)C5Z?WCKqCUl#`V|R;(Y6R$a<L?vVUBT)
zX9w)(34UFTC&-EE+tnsT+h=?6Z!dOA?XT@7_Y|pTWfM(W=kVNQE+%9xO`4Bmzhr$+
zYB|iDEwi!HxAaWY)sx$S<b9{~bb{lo0cQhts6jqN_dcNp{c<U3$PrE~UwP>~noFc)
zx7Am1{o`4-b68I_#ymb?I4p&j$vYuVkx&>d*_QPatq`9`B~<#b>HLi)sh3%IXN1ME
zrG(G?D3t!lOx9yfYTWKkFewzLIc%hAE#o=8#rSc`id!N}3v;McItJI^(~Jk^v<dYz
zov!$OOPj~_tm$k|{Z`vDR{|JT1cO;m2;L`$WwK3)?J3GkfSwTkjfR_wiI4;ToC$sj
zWhS87FZMB*ruq9&kO?Ja^UqL9LM65(bObhhto2M5tTgb%2(0}n<drw!UwKb!#SGZl
zP@#d8Iw#Cr;VpxTIoX0)Jt*vb|NVg%<PEcd@WS(9foT7$)kYz-|NgQKPK+2{g_efD
zZ?Rq6&WpSUCE=(4`{w_DoR*hdczt7+FvNRPSo8ax?~e1gR~lO&qd`*3lZqDC*Jq(X
z8*Dt>6wKEz8W(Uzw3tY#S!vTv2f$477(};v-7EaM+Vx&O%n2hQQ4FRWq?lcf<joxX
z>?u$)G8PbEm?oBA{y8n#)~GVYeNnI3`_G`0-=33TP1-vf_IM@a28u5eyTu+4;sUI?
zRKq!v!yol!iT|Yq05P*QRD?TB%@j@nP*)Fu6~&XOIqqkc?2e4Jjg4U>HTQad7$`xy
zGGQt&)xONj*AgTI?8lIMn)vTM9rTsPS7hC~9kywA#L%#u9VJkTs1F4o0dJeX2pQ6H
zD2+lUrc^ACRE<C!)Qt6h7jITMe88U*KA=z;gwZ~~j(`oRPDETdJF75qr#Q{2rc1*c
z#8M6r+BX1`Zv#$>)WbBJzXPMdg)@+=#pDB_6P~F?JKXp`YshFPL{D|<@;n=BE6}4d
z5lt}Y=XNa;<t8gT28v578s6*W028qF9&|ZQA$|%#r=$X^p)A>gS;GbpKR_DR+nK=W
z2#jRxFQk6~2&2{y2w%BEfRnmGopssF@VrS)`6h7c$PT(4GH3=9bytdjhToeog&s(H
zy_56csATufS7L;2tAfy|L13YlVUyeNL4wlsO0Bz6w7z5*4X@N!6_|LM)W~jVGLF>z
zSbCTL4W@x>j+C^*XD;3Po&S0X*IMQPO5DN4qSfcktAoO=14V-O76+aci+<@W&o8<z
zVfjL|x4``KbDJ}*0l%Jo)2rP&1!<mXKMGQ9Qd4cW$Mgrrz4M>i*raB7-_JdH=Bblg
zg?`bxUe(Gea4X$Z8_5bV{noHw`U*yKiNob%77y^hmnQN$`rwZ)Nxr^w_?R0_K<~P+
zfRWxO7T@A%zYQ&o{5xXZHSQx$CN<W0d%KL=%@c5z47Y~uU%$6#)r4ErEnkP-BjAHa
z*OQxDxK^8`aMr8C7U9dqi$&Voa+W2#x;kdRYx)79mUs6nN+1imrO4KgIvREDbr(6g
zAiDyp_PjN;+$%hyFazpq7`8h{XgEAMC|v455uKr<|L#^-jpwQpVzoxp=>A~Jupj+U
zQV$KAKeJ*J*re0@iBsp12qsf#z(Q?sb}%!IfcRjj&a12f+AK(`_`RMDu7aTuvK7yz
zl8#|S&$BxHylHBaH;>pH`pW^x#r8Qm*v@cJZb#-1fr;DXB`)aA1OzX6Kp@EAV2Kr{
zBF!MxB@p;FcR+FzPe3nHm{?n(7yxtrG9dzEZ|<aor|l>Q;KZ7T<qy{=kWxnm8)YNd
zXgsVIC$Jb=Vb-`TZlT0D@}cC_=hQ@7R$rZOPSvl|E1a_|cr%_Ztd7)Gw+T>Ze0o;4
z)XwxhV_x9StxxUIL$)2PSqq`h%_pa#L<@X(_?RRL3)~lzEc8uNoqFZXhTCKL?e$Ho
z$G(04%%d$})%wVB<3+aT>bjZ(=|cFeIF|a)YSHKH>%ASTtm4Kj4)&6(KzP3tOeP{D
z#IBGc>0%$+_Oqz5RiFV=TfcGryw7CVx5G083dsVrOWPCI@b-+1wsEq0?MD-}+gm9I
zJBNGJ13Bu)?T0UYukrX?ytl%MzF<*i`+8`&g4=2<Pw23};w?yc{O|9Y<j@hm4OO^H
zBG<MNMsHe-#KE%d20>Q<X`!1-5+@WNVU*bVHp&PCV_7)SY#aL!Y&;0<dq%&je6+(K
zxMqx94jWaN(94aC`w;QqHQ+t}^`(C=Vj^rfI`rXf39>%ELz<M7WDB0VMw%l)e|IO4
z%NmY_5YrMQ&7s7O_7#Ye6RK!Wus+~<prGAL?_5sxrg*pM0vg0BRbF2q!&K-<Rw9@+
zzbMSBDHT#hKM|<CfZ@|d;0sglvF$31J9B&B1jY3#_$C(HWuAAWkkJ`fskTeA>znI2
z@2D-GVOw$EW(YU=Ybi$J>ar59t5g}+RldETJ1+3SycX~Q4_-X&McW}=?PabB$Kj=4
zTweWe9O0;wGEG}9-2PO`>VM9H-qfI3pxV0jC<H6v@SzoaRe!Kk6+bHt8vTF0SB=u7
zV6gqdH|_Z3v)PB@r;T>Q<?r?KzMO&)Wx==KKCzMYwl+xQN!6?0{n8^hP+@<Z;so1l
zfu`G%L38BME0{^YHTO2}6XwMlHpFN-#mZx_Y9guJxsl%@hRM!5o-$uPY%Q-)OADof
z)BV1Brh@VcH%jRmj{W!D>baiO>C~;JDXM)0QMHj`NWCwfbGUkRScJr{VEEZ8;xSwj
zSH#-mSe=oW>}z5V%aALEIs){3^L7XlHtoCvKqesW-RW3)*f<2VL3rZFF}8#70<+Ye
zZg9z}TqwT^nGP$_p@xc}etn5cl@DkjK4+dfhSqFKrzIlq>NB*<uz_PJI?7~fo~sz$
zMf^Cbh#x1Rid}<4H}2ze`I6z2=)(^#Bk6(4SoU@0@LcI;b+wJ(`9=;!^*xdD1PXt6
zj6@dwb{(o>n63><&E3MW1(_2B2h6{ej`k=y#e9Kb$X#SVUqAT|`QcBqWVh0KzgkuC
zMJ1def#mNu%;MHpq>PHqqf8!ZcuD_ys=4<onHpKV-z$Y>a83<7j`XZF_@re#P|D>u
zx%26@JnCd;sDZn=%?sb13{=2`Us?K_)wcZLYhh?p%gykuOrOGXt*lJj3j3p@z#wt8
zSe1sSJ^@oZx<zC`NTFzd9cn{LkH1$U15uxzWRV$6;xn}LX-@Bv(Tz?goQh2tTZNTK
zB_!@NZ)aPgVFPFy9l@8HS%SphEQ7x3Xe2!atW9<}GvBq3N1Q6s#uOA9<mE$aXm@`S
zxdS9;B91~?4w>72xj9SBK509gjaMS-XBLKr)lnv&k<u9*V1Wz5hKPz}FM%M3Gfl?p
zVW_!XfGk}z#dunM(OSEjdFOp~^PblL$L_OQeD<SIFYq7=mbboAQ{kBAdLp1b`jRv@
zkgqo>Q7n!JzdUR+_*o)vgx>7wpQSxjddI46fsxea-WaTzi>lY&?|f=;t9HGSauO2F
z9T_U$c47DXjA=p^X}60Sbcy0_=O_IlKr?zDIu7czxF2cD8MX(zDB{=;MC}e`L!fyY
zr6B1$*mmB0c3kg*ULoH-ek0r6NTrfpn%*pL6STFu0?N!)>2GaKc_*0lY@$YPn%0ZE
zwIzX+aV)aK07Db=#>RJ>C-Q%zDE;n$vsUJ1av(Z?Ds&52ia%RlH#uo1YXAZL$d-M@
zCst~f!3S!FgXb{CPGy$j4kp%>Ymc1Dj?=09S27mv!3OKMU0=$62Kp%A0)W$6rD!Jg
zAsiIy+3Sd5N}fBMxwJ-tVVkyUk6ue2y0Q;pnU|aMSdV|?rE9j+Mt$RK|73fI>oUql
zQH|N_^cjrxEoj{;dU`aswF?^PW?u?8oM1f(m`FIw1*^vWQr(b7UoVZ`?5cZ-7QC4$
z_qIoMzr=M!^WZxlbPnb;hwp2r6#qCQHcXX>HS@mbm0T0eT>E1aYOtqU<TA^~u3FW`
zqWB;+)`xyuLn9e&MMmn<(l+vAwaHbdm_?TVd>56$e%M<n6}M~?w;w-y;CtMRz`P=;
z2Sh7Lkto`d-Hj1v?gG2s^@bXk!yQI(7fZ%zXB6o~K%?lJuD9}74jRH8q!eh3SU7-!
z^0Wj>NgFqm(scr<6#GTDDQ{jmQ%WJS&OpsVNMJ1xZ}Dg2Xs0*8I4{<iH@-%}I$;ub
zS%t;xszN{e2PF9Y=y1ES(37{!7bKgivqWu7rKB3Nzu)8-x5l}UlC?c`#U&hk6^z*3
z=#^)66>vG}X9|LkEL);U6A1f^qsj3r-A%uueB$}Z>ZAQR`ROh2-z;!GVO!}sp&QJ0
zo#h?OH#O7K@dadJMnq!tK}eQU+W|>D`b%&<3QynC`^Z*YzKp#F_Oioq13&)xkUIv!
zas7`@R#`U{ec%|oQ#J1O_zQkbTDwnbDuPd5(ROR;o4Ak1^VhGRJy4371?uwV*5=PE
zZXz6ZQyrhMoCl1exdq+!g&!<y-y7<F>)OROk2vi95viv3{W4-!{NkzogoMMnh0DI;
zCun@lH)h#ipSO}fGH$8B7YIB!nYyQtt(&8k#BXZ+N$jxo(d&_;eeI-c2@e-3Bq={o
zQlj$a+03TK4GIoV_b1l~xKmL!Ynx2i&nU6orbKf$YtzoD#wGHJGhHKc^uAyj-(&Tq
zuvvSyfiBmX(zo+~h+?T9+a0O^*$}~5(WW=DpuxNX^BnMzDy|ZhAN$gmgxU5!KUUn^
zT0Su71taDIi7ln7PZtT_s^D@YhGuD5>$TBK*I|3{<Q=X_hUV0V5L#r}An)Lnu6t6Q
zp@U>!A@Mf36P5RwYo6{tk0LC8yyz=poG9u*C?*IMZqdLk!zBiPQe&CL{W{Wbv!SSC
z;IV9~+djx+NcY_}OSP%~@3F^#Iq!3X>Bo>ke~m)kE{F!EYW?l62mRppRk;FpUif{B
z905B|i%ku-1BK?b#tqfgK>N-XGNkC}i{ZlApstbxFfqijO%$3)%j;%7u3+fUe8@Ko
zV(q2eG^cgfiJTZt0VzFQIwpb#Q1-_iZSmlK-PL&<>~cN8{A|b$WQPp{8at+bi#pfb
z01D27E1JLQo?g_yE~k+Yxec>$@qKwcLD2E_LUyf8QMgX#x9TIivx%Qvs`~GK*kA8H
zC~9_>YHnN056TEQ+%YA02Ij_p-~NV?Q<nT_a*nqYRn)Xc>K@|z|2fs^$d{f@Yf@74
zW{)LlOBL5Tr4geHE8Zw_p~LG~Ayn-8g`vRb8CYH6XB+)*ukV5wl8JST0mWLXA$;*m
zu{;nEOJMKV450LFNRhHL(Gx;R%CkOf_c{ooiWh^-_oxt;Bze`EH$)011Q!UDAD(;h
zqr^%bSjpA8N6jz?;vTpyo@kTKKC<+rok`+w=~qHDs|Z74+RE`}rzsH8(|=rI+c_=O
z?bIWE{du;BO1bdSo4NRe1Pe%TD1$z+qI0clc_UnEB1fG9ao)U#$uF7a*s^d1i6(Ox
zv!FWOc<VzD+W!K^(CRed+Zcs&Byy?l4Qxfwx=AmWe?L^ibuH-@+(&l9HN<Mqfy!#R
zZQSdA%ijdd_xg3T&4T+OPiUI+Za)sZkw9m8;!AuXlHK6UpoQDX&^&^Dwf=sw?@dhB
z>2SKz#1Tkf_;gV$01hRA!+!r%(46)8$3s8f+^|Z1`AZE4=Hg!}yKOYu<zT#6O}b27
z?RQA&t1}-<F4ykb!~mqgh2Sh~B>XT}_>m6Z0F7|uh=;bpt30s<Hdsma=r7pBusQcq
zKR_4%yvD((Bn~AUe5DrK8h~x_fa%eLFtdP@n%M?NCK2GuiN|^a?p<3RtjV{Y{^GKe
zN3ixlQuHjC7WsnBBt1{3<-2||Evq3)of|R*FNNJoBg`}~3(E<1+0yiLLS@xZp@{mQ
zG61(z)%?!vhG9W3s~$xsc7yTh*wbe10(BJ}O;p|;z_8eMkXuI{?Ci3O{=h*obx%S%
zLfl;(`=;*@=Vy!RG(pT^Tqga)K-64mw}7kEDaKzXPM%Rg%k2)%yUvD_Gfoi%@;Ret
z)Ns|$qh<UV0p6$CZptQ+o5_b}>pB+r>*>`*?e#}~F8=!0XXtj$io8bx(A6M-Yn?e$
ze`}b}sItctDwq$9zHazVSEQY{htXF*-s*NBGU?t~`ez?^_Z73-=SX}A4HT_k6LNfF
zIW05~*%;6GA%wjG@ahp@CLX`bf9a%;lJ8&nfrUj(sO&5CKGGbPHT$w>zik8v!7mY<
z+C<S8imkU`8r8}jQ}I&w`LFCsxE&GhsAz%xCL)SkC*&2uXcOGa-}y@EuhE9AnL>OB
zrZNoWZ&IU*CvQ?`prm-Z(z+tCqUr{(bDEeQ$^@^&pkF3e@`pWgarb|`Q&mgSJ;C~Z
z@1(>i_6dvl&-F~0K|2a_mJ2zQxd!Gae86*L$!!lP|G1$4T$v{0ep`(SO1=d1P7D^U
zClo<CG``|*5aLI>$6_a=fOY+>h^Hct96$eO?RgA@w!rOPAe**=i34Dt#}PpK;x2I?
zZMdd$Y1U5XrK=ABv+z?E&l}%|CF?Mtd=cfxFzl}9;k~uQn20U2V0x?n;0y(UJZw0_
z^kK)>(?{h3Qsx{)vVd%zU<vNMAB+$u?EjrHctawmllW|U@Y)}|p`l?z&q-nQ^)D8N
zM<77=NWGqSJ;OM=^}GNB7noOFX!PKRLGI0KeJIv%*K#v8_u3+9mLc(?806MIkEDfO
zxgxv2M?#TxFIKtKuwHp8n4BCj<J6nT(ZKUQgev#s9vWoH7hEp>B<VPO>8R_3xgG<2
zz!g&1(DxL05EvAFk?<uizImtbZrxBi$vrz)Q}gszf0)_6(?#o07^8}l8shGxKJhar
zF(!#H)IFQa(pXgy_bX8a!&5zi&a|+;)LG89*njnn&dXr?Il~MqXEk#af%PVP52(@B
z<n4IzzH~3fj=+lG!6@S+Eoq;1hb&S&b~}1=r}aK(o<>PrpgGY(ALK30Gacp#N378E
zUUiu%;tPNsXpTa#-Ut@vsc@j2{MTHAy!rkix3yq&*&mCnT;WEAHf1U(0MGHF&<A)6
z*u9!ql;QU{#Uduy*oxBtS)R~RSQLjH5CM|UA{$*eYd;x0_3<fqm+V$Oet06hP=OlR
zyhE?wNJchqQ19SL!gON*;zJ%Q1*AD^iRI=IJa!HQ3HUHoouB`CU5Szcs?nhOS_Z()
zFOH#Kp_+mIK3E34rW8@)oO5!85_oTDyL2r4SjW?wo#9hf2wbDj4%1AwRu%(SZY@#0
z2)qr(|LB|>BUR334jmhi%`*(GN8OYEr?4*%hqCSeW=xE1W8aDyOV%Q?#@M$kQ$k3H
zK_!)xsIko0vXntcmMLkIqT%jNi6%><)KICEG$dM7gJNjn{a)SA^ZUKe^ZxPPf857)
z93wT?Tyvh^^Rv#aPz>QL8*QoWde_q#-(EGj43-J`H#gSAK5*fd44QsMhJ{@C7uaoa
zudfb~1{_em0s0(5ceDVLm<SaIs)O!&x>~ZRY3y0l6vW@`<=mtAB!S9*I>M7{$Kwdy
z0SjP3`Vr{dxe40!#fo2kLr?Z;@TQ|(nPG}dBg@3wzQ~6_f#rA!l=YF@b{sB^>DEnm
z>M^p;fTLl~Yb4$P-t*n+<cW&V@jMOdX#}ctor?p0?nTS)t%wcZ|61^%(Xp{yohcCP
z|7-|>9k43Xuij5Dv_x;(+W7+<c@Ov9Ku!)^CIoLc_*7d%80lK}w+;ZhZtm<92Avrl
z0UO`_0)<2H_mR7I7mb(dFq<czRR1<>YKO|6f|chQgf|Z#pSJ_#@tZ2^IRMNP-#_g4
z+aQ^m6OQN!%4%x9rJU8*H?U!hJEiMCw>buyH11>}z1u7!4d|3N(r&9p>BONE3uG{%
zxK5bL{{;z9_2Q}0ULOBJjumrC)~bObZCg@i{|<mXVbi0#XjzjAC!x=-uEyl2UyD|W
z!XuWsl(I=z<9X{fVf}v0EO$plX&3`SlS7P^g0>I>ft)~z`Z3?HJV7%RC;{O}piaqW
z^SIZqpj7Uo?}~a1NQ2nIH}H|$&$~+88O>I$VikfuA!7r|Bmm7_?QbWlh5;EE2%?S@
z7xLj;G^y4nO@4Uyqasse&^xO4gn)s4cg3GX<BSq0UK#?m(-i#5dA2<D<;R7#xHsl>
zHfu<0z=K~U$0XWZ+_MEfY#4hFp_ieOYepOa!mH6UF0J6tp91WrY4$?iw5fr?BUh*%
zcxFoalc}RqrIaZ{?En?*!gm<JVzeUdqWhHKtlC&be%Pli3fcVh*b_odo+)s33@gmc
z8Ah9ALEXh`<csgDtEt&3nwqszp6^SNU~PD{&4J_kqI$~CHIXi#o`j|s7#plJy8ELz
zth}sj;;RFqH8d#KUXSXo=9qqu1>q^!S-69mJ*E&QMO<l2_rQv)*;ty;gTBfziTup}
zdS7V}bJCt$_PC1T-x&Iq@cYLzcVW6=FiwzCkOoHY8t)zeUL_Gk{r565<RWoW%W2@2
z3j%FMRYSDJhWialhQQvM#-o*Kektp}JFgr=x$fc$In|oNI;-;&%SV(KLZ;$RiP0qu
zgrH*qfr$SRBB$ygjk%AzzN;OyvF*N3JJQlR_CfL0O%OfaLeuYwrAhNv%z<9<R-Kzk
z_4s1?!;#7{AMV1`&UTZI^@KFgFnnjb`pi}gx~81eO7+S6Pezg`JP+u70g2n&P+}W;
zCowJ)DY>#N&XqD**n6nc@=7Gkj!VnHEVyi#Lrj`6ToG`oC95lk9sdkWMI2;@CRT`?
zAyd&Lt;L8Dt0B=E%&AwZ6lnqcZfYB@lfq%2F?;j@qePKUrSz=^3zHfSOS_@sG$;F&
z;JoUSlpUfb?Ks&t3FhYsblS{#@6Dv?2*i=r(L)d;*}31m^%7>+C^!{*U%#~FZf?GP
zybezb11yDt=q5Z*OOtl?!v?yj%}*<tBf;apBs6#n*<OmUbZ_p%VpcQV_9ejH)XG2a
zS-#FZaVn7gLgNeOWbe3`nI$tz+~leBaVNvbt!plIAo9F`)`L+x)$WIQGuoO3=7?c<
z{vOrK4y~Ykyl)C_@}X-RRkhjRXVw{?+HPN#;lK^TQ!<?vr$sB00zzp|(!T&P{@uVJ
z1focNAC$`rn9zA>jm#SL88p)^HDl^C;s?u>nvXJFi>BiQu5`g<xfdz<Xq2(%1qsr$
zEs!U4){4R}pf}8cV#S&vqWg;+tzB&E2uDMD3H<MY-&%xk4?*~LA*0N~XZroOYO7;p
zwP%zuYM$@i9YBNnF(~o4`lWZc<>N8f%{~uC<yN;R?fx53+v{&7eG(m<9_bl_?eGWg
zJdsYAKI5GWF1_D}!^{@oxDgT{B%0GEf~KD++4UZ2hF{e8NLL-thW9f6d|kNHSGWyR
zTI$ryVZnEd-SaS>9}4R?Z+9EZD4Z6(q;_M#8gu)!CVH=X8m!6D5aCt$%dd=#!5-g{
zI21Lq9%VHbc}j0<4}Ck8Hx`Yq*^7$l5c$Im%j-{=Cd>k?c@xme1&=Tasp-}U(~4gP
zRC?dYmUqY&i$(!8m@D8KH$_0RII;)uNAwGB6jQ}Ts78Ny;qmNrO#4JO>~A{(m9m>s
zTPOTJ<Bx=fyweNaVf^t^FrH=&8~UY_jb^@hT0L@EKUuPC7!JYX;)h)@bqG7B$012<
z!PHqImjuBL<Ujj)Js$S+J!&tLvg|)2mq!UNk7xbij*%ntraNI7iYPq_a(OE#Lk@*Z
z4-^4GY4T&_gna)byzt7lVfvrp;NCj;i(?((83ioTm&!>PvF<LQI&PDrje7m$zlO>c
z{@!0zD+A+wEMo2^NN$X2+y?cp9glMsfBV&4I4!rLaV8Q`w#h#aTWBSwj^r=v)f|Sj
zzllkPV@LTWWL3TP@}TbV^>$VpYii>tTg)sk8?SmB&3HVyEi}11ziOJirK&(h?s>EB
z$vGGtj>g+gVE<C#*_o|os9tj1a+a8NUFLg~G`}mdUIE^u`#QiGW=Ey!&-)hW1!M)+
z5ButEL#J&EFQIU@ez4ThC@s|E>|YJX9;7|zPBo_yN{qmbW%mY9>6tfCkyCO?=L1#!
zDK`)=F=CoQUvCXE>5Hj%+FHE`5#F;A(FkI<={W?*xwgl@dZtL`GDSj%^Kh~M8Zur(
z?%=1vN*C@C`Vqi9)In^BU>?Gh%`#+@Vr0N5X@#)2qc>r~AUbG2*>P#pI8vWjhvZ(b
zw-vb20bXpIFT$UgmzzKu=l1R34xh|j5GbG6Ex#?PG+^;ZW7_XWze+bLcyp&8<Qui`
zf`xB(Pt8zaugy5ksj4l09YL8NxKxW;YakQ|uYHB@%1u}ogIry+w>{hewModRarG6_
zN*XGE2wb;I7WGO<cjz1d!LK2$d<v4#ekKw?rQ4X<_YRK&aox7MhhLH48$q>FzbltF
z;pTzcbq=Z6o|e=J;e~%@cTlSbf?$#yIuYd(34%-LK`C6|<11CGnK^Y~@H>R#>r@iJ
zRCPDvKw{*QBMqeKyVE|w#AD8w_nWx}DSXRcUu@rhct#l!uO#~frC=7b)1cyILt|dZ
za6xkSLm^~-VJqnGNBob_82L3J5<HO)If|4L7jC|QpP3%av%YxjCMq%DAdfrh^AYEY
zO~8bLd<oY_w|nRD+irP*m|<V!kskxmJI5a>&r~vziq5Y{fsZfId<JN!4P~EXi@Z<1
zoFpaN;{K=&W&8ggIr_--bf68DUfF?ZLcB~;FK~Ud?Ic5F$bx-kIHTY@P==FTDl!FA
zlzHz;^T$xGNivOjawyGSWBr6PB${1Aa(qBr`DM7ZIc#e?IXUevC~bXCHhTgK0w*Nv
zIWQO=<1lT4Zy&nC&T0#W`3#9Z7|P;Efze=6E<u(-?0}gi26ozl4Px;menB(Bfpj!N
zcOaz3#ljrP{!7dX&^24SD2us&ZfYnwYu(c%Nwk1~%0Ulj2fy7TNP}f82+&3T23+D`
zm?R8wc4Ay9Mio*73Z9V(L4#R8nd+`PM6})X>3SDf6pF<t{nC8+xOz=VG&PJ(*eQ3F
zT2Z8}iSH@@US}q&NYkz7r<Vgj8pl|Q^Lc9m<M%7oTG(@kI_%4mpv@ov-U;g?@JPda
z7ll)?LDEc&3O5q>7N?2eYEr0L35JjG=~n8E`>1%x<UE0Jt+(ERuudgtaQ9$+sl;mQ
z=Z(28-1k34#39aNlquv}$q)8HtJ^M)_m=FqO@(x-zDYiG$7nuAB&>ubUS!za<2R`?
zd|NBJ=me&T8~<a~L!+`|pMN8D(Xb`I2JxvOC<Z2V67q4y&d#7g2tg_Eiqiw(ZI8fg
z^?#3x>cu@5y$*3Hcn2QTzG*6x8N1v!7&Go59jD$^mIG;Sj?!2>;~WANwrt%@U50I{
z^@&2RE4O<`|B2#Wvy_<;RaRVZ@R^wYq7pyQXdR6I^DN=o-1q7SG<=LJI;Rs!j9&Hr
zHbqEeDekZ^mHk=LKuF11@rpu6Bcz|3@*3vQh-!qc0}7^TyANfc-%x+8Be3&=z`_7@
znj#QcvhaExY8VXD57KP~m3%d|oEk!Q_SrJ#8v-c_E%K*0->)o)??d9tJp!=(<H~JX
z$(jkp>(Okx**y7EAk^#6u$%MXTK8-cPjH3X@I>}MZv$Q2@HP*ZL7b@Ct4CTx`)FT}
zsy;~T%}E!@L>3_c5{3tyTh5~GUVl(e<(+$Un3hWG^_0)x6oPM9!7z~X8kzrWOnyL8
z#w*cXv?3TXQmX4jRFLPQrzCcudy+)c<9psyjJts$1f?*>s$LXVX6ge$+i2&YZenU0
z2LcZt7y%~-XNs9IS!fSQo#t@9^UC`K>J&)FI&>yXZy(ay!a8``vwQHBTR#|EFu6IL
zl7jGcO{lIIxl1c{l4h29@1@|xbKoW>RXV+X4YF<MqaEG2MQ;v_2_M9oT&HdN!K2+y
z=gek3)LW%=X`4MYP`@x{7fI;1QRO?_o+09+UXSL!nT>+zr+5b4`^<(LSz?N}6*l@C
z_H!U(h<&&lii0aftSM5sG19=mjgq&SJYhrvihpKblM$_K=T%|S?U8%{y~hDV`0dc~
zWMTwlLY4!QYNVclg~+{`TD<oxk2)I=Zn6sp)lnj^!9rcO|49@XqHadAIL*_iy-znd
z4x}bN%H=qrisGAc(j}T3tZ$%P)||#EHk2C%$qc!xzFqU6RYqJB=?Fcue@y#U-c8bJ
zc0qp31gzaZrsZQaX;JT1*i~GGShtf?f)PYa1-UL7dknQTpad|$HaLXK7G4R42?5uN
z%%>uu?Ku3VT_O0$ssP7{)7~d(ZpY2hs?<&oeXLoX=5&GAN7x|0TxznPv%Ill=46i*
z3$#gi4|1|*iT&RayR|vE=7%Y)=knvLmXdyZPP{x%9H1OvY>~Yp8Ay=|^8E1ttHNlh
znsYS9vcpJ(Ac^n`*~jd&cZq<Q)y;%b*uMDL;2oW*XGW>ZPYlXprt!`U;^*YhG8KWp
zcedjeA|$bL+>K}(W0u`l$G!}SyQ~K|iV}L&7&{h?WA$Q`f~+{Fbmyx2i5q5=R1XAE
z9=40%kJfNQkyy5t?-ICI-ZvNeE++D&@19ZMox>edp8JtN^%5(va>y%4ZOUVfh>ly4
zQ*W4bk4X7oAGRNfAkN!~&nq&eG8D~(VVR6THXft$f1s0eEK33zswDnDLzOeP^V`l7
z#D9nj=YQ0E?s^Cr|M0C!156GupXp{aTH#=4dj-sm)SVnN0{l*xGXE_VJmm-@<b~mD
z%zsd#bQ9hgA^207t0||}@K$YP73G!hNUTsV9fHt>#^T<0R_4Y!@4Zq^c99Wi9db3g
z6H^bYQuhzbpt`%*(!h#2$S#@mI(9OfKi{z&2Ns5PpWoE~rs3@eN8tFLWEQ?BP|o6g
z;MSAe3(+XI8sE13U}38vAt@Wq&yBTg=Hw#Ck{1R#2IzJzZcK~MYd5!^zKvl@*A5xD
zC|dO8)pmd)ms0;4d9o@1#A0hQiJqPbzU*?-$srw0<~!gMYM#u-pv*y62X(LwZymW;
zEc!tmW;EvHu>MIDf*WXd_Y{AkYz`|{q!bj0H;QtBqg8S_m#4{`?E3}I!~2$R=%~==
zy`XZbUGCdAfTq_TH3(>Eg7ww<)1^5ld+rrM=B(FY(r5S02^q)0N8MQ|$6WqZrNAVP
zOorGZ(D!=e<g&H2q`sWgtn2;*<lslUH|zICJSsPu&#NWfX6ZVaH^*?lLma7*h96`}
zFKZBB>N%lbOOohS^NrtNho)<6mpe#(4y}7{#bmdni=Dqb@Yl=GFL5OUn(1esYP%L`
z2Pm+5rU@*GijDOreJ|&0>>$lgK!j^no9<0#re;C?9nvJ;3B><%5ms$#4Z+St^_9+R
zcii5v-c&y)0H@FS3FGUptA3%j0MW+*!4yg^@IQ4{<10{9WNmF-LzfGId?f1INDT_h
zjg8i2OYhopc{ea4?JC^DG=8VSBLYB5K2%Kjy;a-6Pq6KwL~4x7C=6mhBX<1|EOxmN
z88o9|FTZ<2psRGU)>4L?S25j&q^?meHi72)@f1Yr&oA^%IvUd#hR;Qqvw5a$oA-mK
zM8uUibP>KdW(io>?*<VF%JH{{e8|eEEn4~Yy;w3~GHD&+_B2ZG`RzLdPyEm?l{;8>
z31lt4LO2SC;UEy}Rkb)AT0kL~)t|A{Xsf$XSfU?y{O1(91CR!viwhgW7_^xB>oYFM
zsc^CUU@B$_pR;PrK}0JJ0=+{=&2i(j!6PHd4-Bdt_qFQ${;<TCsP)wLFMEr>4MXdX
zvl;VHJU0}hzHzFlvyGt_7K}uIA!x?cTZs^4*{Ge4yTi8aMLXh<XgU7~yd1Du+cFQx
zb+=qvsn=D&(K22vNW+}ISDLzYsPuDFxX(=nd<7CaB`hqb&p8@0#k8vB1?z8)ZKUQP
zQ&#R~*e$Eaof3gx{>IF^59+9i`PwkFdY?$pK@BeKia}ry8IB=c$v0pYx+=Cx%oeg`
z2<o+yrv7mi0BO}~TZgdq12-^5#0bwY=_t+g3Dd&*w>Dum-)#)E?0ukiI4#><x2`@H
zIW?N?L(Y=$C_}9A%k~h7ota%ua^Q$`W`CT$kOYnNE}@#0`88%6nK8+T7VdB4coI-h
zV5+60DO4`YjJY82J2kvPU~`_@`x<P#Nep@SGxMIO)<a*A6s?P16=P`|f&2Ul_{<?0
zqVQ2LCi_f4H`@E4#5zaA$^Ao&?m5UsdO6StHdB~(lv*t)=%IEZVWA6Z#=i)5f<kN;
zfVMY4{>O%nn!?h|x96B00NsX2tx7RE;I`?W5*|mZ#A!l0pJ!M%&MDVWh)P@|6WK;P
zVqCXOdfU4cNt$Qst1)#{SGGI!$a?LT8dK*P9wwmj9=KO@pzCeaX(IqO1zBm_i(V3@
z7|m9&Gwe&)<cXjYZrp_ieBdq!Z%Z@3@!IWPIw_}Pnhaj52PJ5wjuJnPDbC*;ZRc;>
z7%xV7?tp7StD8Jl97p08mA`?z$J&9DZ-l#P809p@kR>nqWGl6b4<#}}nc4lrm{jh3
z_-CBpN_UGOx0YrY&*#0&yX2|8<rYlLxGk=XREzH*4fVS2f8C;|VUSx>)>e3yQm_Pg
z)!j!066RvF+Sx^SbGitCPP_nBnhv8ue`+0-of2qepP{a#++*)1F&bWi8*&wYDz$)j
z*NjE_#9tb~0Pu914rUk5wV|boJk#5gy>svXLUCSeDlagNjLA>*Pmrv8p{2emFU=wQ
z_AOa*jSEU4K-t3)t-6?ShOLDklO|8tet+MZ24<`j?Si`dP!%BG%V~D(p2YPuvu73f
zHDooTMYUXxqHWLZ4CI`vK<Squw;Sp}i>eCQq;o)-%+j<D*uWv7n?XX{MRusY<F=pZ
z3TnogZ&%<38Cuj{m{gy^yRW^(^@2ne)A?O9K?EH!MJ1B@Q?cYQ1}WF*(yT?<aPMZ#
zK~W5Wku`-*@3Rb>p=p><DK{>qpN%{sORlqIonWa%pzRv8>^IRyjROv3-P-Anc~x*+
zPVlaYAj(&pBvv5U;m}pI#4V8*E9lcvi8SG%qtL#)=GUWy_)lzG6|b(H+CkH{Lrpbv
zth7G%aO2@H%U_rn((~!blY444mtx;18Z7i^H$gV3N0S%s#1-28z<tlElph1vnQqx7
zDJ9o1?X6WsY!d8guz56KGRrt%yBsp@`MAC4GFSU}%ZgUXibL)=Ux~8oa5EUOG$)e?
z(g6O&-X|_g8D81q#>&a&jW_oUKD@PUUr)K=RbgyADjUrFx4*5XCc|F69S+aG^DDfY
zNb|jhn!87Bt4=Y?3Fz`vr-K78G-Kd^guh3N`tdu&X*2U(D3ndJRUA(h^__K!nO#2=
zZ}O`_OD@a7vR_40H6qeDv+8kEflx*|cFNut$3c@wW1^{nJDF+di14nzc<BO^_|Zs{
zQY`)lf9l4)zxS@mX5s#h*lHpuv~)2Aqj6Qs2vkS1_yAF^NTz2QA0sy@z69ql+x`!;
z$0u!HGuV@eJbYfYOA{#DS4X<`2*}u@cGT=9*ik1vmH9g+|H7os*iC*u2RAFr3Hes7
z)mJ%Wa*Llf&MI2U%9C7;I$<O1Z8_w?vT!b<(+DGvL=8yO12<|TrAS6YqiZ@PlTSpE
z2Wpk0&*K<a^R5w)bdIRA)-dn$7iMkGXWC><ZLCNnt;M3s-X^P$pH7_#Hlz~6Xz!c!
z?Kj_#4gt$im(Y1)%j3@iB=wNm!~CqufV7S?TdA*%#e`XVaHGsnG=}g?6UV_OjQdv|
z%5>NlD2PiaR3F;x8HQir<k;jq?qo?|sDagI;|iu_IYn!u%+MV&!#mL{sti%m8Umbg
zE!HW+1!>(U0DqsdQoH*yBNKJ?D0-wXW@61^Qn82@2D5h|L_?Y)-N(?$O0Qze2cRwe
z^PL3@$bFG4!fY_wZgRnpO6Rj%k0REbQ7mRH7=pC5cEAm{=i+rg&WJ@eG&EhY#__Ut
zd%lGE4+{-r+|DoCPj~^USB*S^B9(hTd>nVfZOKY<=9avB33uFG7=EaPDfSup#=0Pi
z-7U3OZ_Z}IMNRnAN(8{f0;DL4@_mdDi!I3Bp|kes=hMi84RV_m@S?}4@L@ztrvY~4
z4h+-(8N7h}Fd1PX>BQ%nFr&&q`%7xXv|sGMUK>YVYt49W3$Lw2z{qoWKV(vcKeriV
z5lkbW5#KO4j_G1h=d^iM=bvn;sM@&tkuKrz6RXLj(r0Z-F-=={myUV6B<~}KF8ZFH
zAD5@!AJ$w9uKzq%h!iB}ABaB{1(5@?gKe)xtx$56=UK{!C3SrgVOv88uq}Jtyay~k
z6WTzpa;Jc@C@I(ael|<v7}z6j01B)!_}7&phjZpZqcCY3*<{1{3<x7vcsl8OE|aa+
z<Z-qJ=AkzDIRpQA4agOuhZ|S#ROwyo=zY(O8hKg~i@sj@^{sNBYF{a=xQNqlga~+z
zGuu@0Zs9=Yhh8Zii<2`|g{E%yYJGb}i}Nh`tS`C^u7WprQHd_W`i4YU01cjo0#+8v
z&7%W^{<GzOZlIPrf+^Ep!g}x;XvR2Lofv<nad&ZsM|W_l`M%*-NG$ao4pmG;ncSX4
zho<#3qcDbF>Dq1AtG4aTI^|0#+f=lG=YbbxF0Yl`>U6J{bmZ&n!SBp+>oATwnM)~!
z=8;8EoeUZZX+E1rm|7sR8X%O|98w+FAEQX5B<)u~(*H7}r_5Ev@Tl>{>o4_h18=3Q
zXgw3@EF9TuNY0DMJ4mpVk3u}b`)l;?%l!o|$kKUe6bwEo>c8hom&aguPv&pn2VdMd
zvcJ(?94Vn|hP=36vA_`@34t2y@vDL)n`AqG8>Xn2`mw3?X+~*aWti9KcyRxcuJPu|
z6>jN!uKPJ&M49y@B)#5!DcOH~EP8ElOVi@dFWUhVL`qoRWN}Ic=#ZHFxXNmFe<ziL
zM4E&?t`Im!>MdSs*eV}fmWIH^g%#J~xjvhO9N!AXkRA>8Oca~b%=fN1!br#NXRRAo
z%$5AW>0RgK41ua7q#eYn7la~-)B0hOa6eDg+Ce*T_4ASwZPPuf)h$keMXT-i;A;_p
zZ2@r$T=OVdGm;h{j$|++Nj6un-+q`l^=fonUemw_+ZhOw2FtV)MyVw6ww|9z!0sbu
zCE0O&(=b;r?~`YTvcYc*jHZ$a!=mk$B6M7ScwYOn82zV6MxKztaX!F5e<*pFyPsv4
zqAZSMnL-pn14A^4Mjp2VlWQnfZ{@1z(Gl2mr4E?c?(|J|wY2>TKDTW1Ye1QgXzCFT
zPbviS3h1~7n_pP6jF=XV_R`@SNWde}^$b3u5lHJhlm#n5w;1J=CeM(fDKBag22=8n
zg7s*1jg>=Ml?C`-WvheZ@9G4=tV5~@(o1hBxtni(+|s$+UMMmP$MTacu<ydRDrqUm
z{6nZhuFM|i8JV|hD(->g={_RoSx!J;vR`-ryUKoceD$FcCk{itOEU=cTyE#8?*pSu
z*kOSL*3oo90v@vmkjzFud#>n1W0VR@@;y{)#*+OtxQat5)C*v{HR8!NKCnD|)bs4a
zm8)i|fUr<_Lz#5uR<LcFA!)F!P(q^v*x#fBkE(Qj5hEz<9NhU1Fb_oJGi#=9VU}u~
z!{!xGj^Rgew1ep7vl)^m=2M8>YdR`pt!f;e$9L|L-dmI9<)k~rQ;4$yCo9X49_bzj
zY^HiETKNf(0lN{)Lx+QNhWA~p|F;KbO2sPf@F<VOLfm2vA}`YLW)bkb`|6el&O)qj
ze0e!*4`N&DbqGgVUpxa)6;Hlt@v!9}{*`J#{SOgK#%yoeT|Av31wh%HrfUJWZ_QO%
zppQ-6CEmkMoFlS_QnwqXzIJ`tLeAt0`rB#lC$$A9feOiXSH~QM4$JNPl*s`+wWA;L
z>aRik_TASkpqUZN9TMr<Q)d2FVXwk*j-t554iKW)Pdnf~U{afgN<Qopr-}+@ZJsId
zjsuW0#Y<|!nfo`O#xkk};;J*nRZ}2kI@J1P=EI|Fa2t!f54(FZ-hjCITg4pMI2Jt7
zD@mjH2TEwVKLrMalyXl*Jg23L(LMP20ldqG&0auBN69M%xz}x_$sV9`p2cX1Dw$~a
zbY~AEneD$(1A>vpPIsi3G2K~o_ti~ELh>I*mVP2{iWq+0Ec>}&ZKj+)eDZWROS7X7
z3HcDn{5;C4FL!JoK;wWw4hy{vm%^gy>DeWBKr{3u9{8iND=(0JkANud2jWF!uqUe`
zHFdIAiL{D58o}NJbUry+naVDYZ5on&YcP&wsF5aw=09w!?Yy`dJmQz}pFVzpn%|Em
zvgY?0xmd?MxfQvRm7j3@kFi6t>3)}ifblsL<c~2Sw@Q=U*U2c&$sMS}1s!k~QvP=D
zVCN;>i@Ll7J9BY5xC4DyL*lA?*JN^<g9Sx%e#jmw%7ydb?Z`~hDCo70yj}m2QR|p~
zZ>2!Hka~b_|13C$`$P%8BIEwMs+gs}80QqJbVYI=O60E~V|3u%(Tbf3ddx5-LmeuS
zn*NN6=}S%(-G$jTRH;Fw2R4HBSAqB!D5mUZ@SuyAD$1~N`o?>jiH<-*x?_`y`kVA*
z?|WV3f#+}LC4PzYw7;)JFVjnQRg>U4mar2RlA0#I!=UalJUfhkjaL1!qC&J{61VFW
z*sx-!@U>N^GHjy2$}fG*rmlR6t8!Ixub+gLGu(&8?j%u3oZFAm$H~n46^)bG#4X-i
z#^no2Br=f+jCMqv%65%znXcN<mA7IsQk)+onEo+c*;m)(42?`RGN}R&p|SZ_jW^+0
z88?fp@zXn<)-An9YnZQNSm5CSkeA$Jv5euE)+qZF=9vd{zIp>};-I-!G+Cj^BKuzT
zLg5B1lGTy2RD$8u;l@dOd5WNZEC=NCf7Op`nMA_n!Sln|bWT&Pw0q&oJUJ3ZSrQ%g
zM`ZT@pnM_XJtEA>Lvjpm)_Q6F{j-;1frrJx@@d`v!ad8r9#LY|*AQ#t;l3A{K9|SS
zPzbr3USj5qr;Q<(Jaj+z4`F)+SmM<B<dFCBs4F>e`FSBk6BZ+TOx*^A@%@@A5ekwl
z<Z?7x0)$M0Fjt{qM>A7|NBO@k!FS-_&?t(BkNLk~MDQoCLJlk!U;-oR9f@uFXCnKz
z<M>|$^$Q;SPGtO3CO=009^aLe2yXx>xBeTX)DovOG&E%Xbs_uD5B6r?TNX+Q%~c@`
S*V+lde;zJA&et8oss9JAh>QII

diff --git a/docs/multitenant/usecase03/README.md b/docs/multitenant/usecase03/README.md
deleted file mode 100644
index c06368cd..00000000
--- a/docs/multitenant/usecase03/README.md
+++ /dev/null
@@ -1,268 +0,0 @@
-<span style="font-family:Liberation mono; font-size:0.9em; line-height: 1.1em">
-
-
-# STEP BY STEP (NAMESPACE SEGREGATION)
-
-- [STEP BY STEP (NAMESPACE SEGREGATION)](#step-by-step-namespace-segregation)
-    - [INTRODUCTION](#introduction)
-    - [GIT CLONE ORACLE DATABASE OPERATOR PROJECT](#git-clone-oracle-database-operator-project)
-    - [NAMESPACE CREATION](#namespace-creation)
-    - [WEBHOOK CERTIFICATES](#webhook-certificates)
-    - [ORACLE DATABASE OPERATOR](#oracle-database-operator)
-    - [CREATE PDB AND CDB SECRETS](#create-pdb-and-cdb-secrets)
-    - [CREATE TLS CERTIFICATE](#create-tls-certificate)
-    - [REST SERVER IMAGE CREATION](#rest-server-image-creation)
-    - [CDB POD CREATION](#cdb-pod-creation)
-    - [PDB CREATION](#pdb-creation)
-    - [MAKEFILE](#makefile)
-
-
-### INTRODUCTION
-
-> &#9758; This folder contains the yaml files required to configure and manage cdb and pdb in different namespaces. The main change here is the possibility to specify the namespace where CDB will be created, this implies the introduction of new parameter at PDB level in order to specify the CDB namespace.
-
-Tasks performed in the usecase03 are the same ones of the other usecase01 with the exception that controller pods cdb pods and pdb crd are running in different namespaces. You must be aware of the fact that secrets must be created in the proper namespaces; cdb secrets  go into cdb namespace , pdb secrets go into pdbnamespace while certificate secrets need to be created in every namespace.  
-
-
-| yaml file parameters            	| value  	| description /ords parameter                     |
-|--------------	|---------------------------	|-------------------------------------------------|
-|	&#9758; cdbNamespace  | <cdb namespace>	            | Cdb namespace                                   |
-| dbserver     	| <db_host\> or <scan_name>   | [--db-hostname][1]                              |
-| dbTnsurl      | <tns connect descriptor\>   | [--db-custom-url/db.customURL][dbtnsurl]        |
-| port         	| <oracle_port\>        	    | [--db-port][2]                                	|
-| cdbName       | <dbname\>                   | Container Name                                  |
-| name          | <cdb-dev\>                  | Ords podname prefix in cdb.yaml                 |
-| name          | <pdb\>                      | pdb resource in pdb.yaml                        | 
-| ordsImage     | <public_container_registry\>/ords-dboper:latest|My public container registry  |
-| pdbName       | <pdbname\>                  | Pluggable database name                         |
-| servicename  	| <service_name\>           	| [--db-servicename][3]                           |
-| sysadmin_user | <SYS_SYSDBA\>               | [--admin-user][adminuser]                       |
-| sysadmin_pwd  | <sys_password\>             | [--password-stdin][pwdstdin]                    |
-| cdbadmin_user | <CDB_ADMIN_USER\>           | [db.cdb.adminUser][1]                           |
-| cdbadmin_pwd  | <CDB_ADMIN_PASS\>           | [db.cdb.adminUser.password][cdbadminpwd]        |
-| webserver_user| <web_user\>                 | [https user][http] <span style="color:red"> NOT A DB USER </span> |
-| webserver_pwd | <web_user_passwoed\>        | [http user password][http]                      |
-| ords_pwd      | <ords_password\>            | [ORDS_PUBLIC_USER password][public_user]        |
-| pdbTlsKey     | <keyfile\>                  | [standalone.https.cert.key][key]                |
-| pdbTlsCrt     | <certfile\>                 | [standalone.https.cert][cr]                     |
-| pdbTlsCat     | <certauth\>                 | certificate authority                           |
-| xmlFileName   | <xml file path\>            | path for the unplug and plug operation          |
-| srcPdbName    | <source db\>                | name of the database to be cloned               |
-| fileNameConversions | <file name conversion\> | used for database cloning                     |
-| tdeKeystorePath     | <TDE keystore path is required if the tdeExport flag is set to true\>   |  [tdeKeystorePath][tdeKeystorePath] |
-| tdeExport           | <BOOLEAN\>              | [tdeExport] |
-| tdeSecret           | <TDE secret is required if the tdeExport flag is set to true\>  | [tdeSecret][tdeSecret] |
-| tdePassword         | <TDE password for unplug operations only\>  | [tdeSecret][tdeSecret] | 
-|  assertivePdbDeletion | boolean             | [turn on imperative approach on crd deleteion][imperative]     |
-
-![generla schema](./NamespaceSegregation.png)
-
-### GIT CLONE ORACLE DATABASE OPERATOR PROJECT 
-
-```bash
-git clone https://github.com/oracle/oracle-database-operator.git
-cd oracle-database-operator/docs/multitenant/usecase03
-```
-### NAMESPACE CREATION
-
-We need first to create two different namespaces (**cdbnamespace**,**pdbnamespace**)  using ns_pdb_namespace.yaml and ns_cdb_namespace.yaml 
-
-```bash 
-kubectl apply -f ns_pdb_namespace.yaml
-kubectl apply -f ns_cdb_namespace.yaml
-```
-
-### WEBHOOK CERTIFICATES 
-Create cert manager and verify the status 
-
-```bash
-kubectl apply -f https://github.com/jetstack/cert-manager/releases/latest/download/cert-manager.yaml
-```
-
-```bash
-kubectl get pods --namespace cert-manager
-NAME                                       READY   STATUS    RESTARTS   AGE
-cert-manager-75997f4b44-4nf5c              1/1     Running   1          9d
-cert-manager-cainjector-769785cd7b-mzfq5   1/1     Running   1          9d
-cert-manager-webhook-6bc9944d78-tslrp      1/1     Running   1          9d
-```
-
-### ORACLE DATABASE OPERATOR
-
-Create the oracle database operator using  oracle-database-operator.yaml
-```bash 
-cd oracle-database-operator
-kubectl apply -f oracle-database-operator.yaml
-cd -
-```
-
-[operator creation log](operator_creation_log.txt)
-### CREATE PDB AND CDB SECRETS 
-
-Update secrets files with your base64 encodede password.
-
-```bash
-echo ImAdemoPassword | base64
-SW1BZGVtb1Bhc3N3b3JkCg==
-```
-Apply the cdb_secret and pdb_secret yaml file to generate credential information in each namespace. 
-
-```
-kubectl apply -f cdb_secret.yaml 
-kubectl apply -f pdb_secret.yaml 
-```
-> &#9758; Note that https credential needs to be replicated in any secret file. It is possible to improve configuration by creating a dedicated namespace for https credential in order to specify this information only once. 
-
-Namespace segregation enables  the capability of deploying and manages pluggable database without the cdb administrative passwords. 
-
-### CREATE TLS CERTIFICATE 
-
-Here follow an example of script shell that can be used to create secret certificates in each namespace involved in the kubernets multi tenant architecture
-
-```bash
-#!/bin/bash 
-export CDB_NAMESPACE=cdbnamespace 
-export PDB_NAMESPACE=pdbnamespace 
-export OPR_NAMESPACE=oracle-database-operator-system 
-export SKEY=tls.key 
-export SCRT=tls.crt 
-export CART=ca.crt 
-export COMPANY=oracle 
-export REST_SERVER=ords
-
-openssl genrsa -out ca.key 2048 
-openssl req -new -x509 -days 365 -key ca.key -subj "/C=CN/ST=GD/L=SZ/O=${COMPANY}, Inc./CN=${COMPANY} Root CA" -out ca.crt 
-openssl req -newkey rsa:2048 -nodes -keyout ${SKEY} -subj "/C=CN/ST=GD/L=SZ/O=${COMPANY}, Inc./CN=cdb-dev-${REST_SERVER}.${CDB_NAMESPACE}" -out server.csr 
-echo "subjectAltName=DNS:cdb-dev-${REST_SERVER}.${CDB_NAMESPACE},DNS:www.example.com" > extfile.txt 
-openssl x509 -req -extfile extfile.txt -days 365 -in server.csr -CA ca.crt -CAkey ca.key -CAcreateserial -out ${SCRT} 
-
-kubectl create secret tls db-tls --key="${SKEY}" --cert="${SCRT}"  -n ${CDB_NAMESPACE} 
-kubectl create secret generic db-ca --from-file="${CART}" -n ${CDB_NAMESPACE} 
-kubectl create secret tls db-tls --key="${SKEY}" --cert="${SCRT}"  -n ${PDB_NAMESPACE} 
-kubectl create secret generic db-ca --from-file="${CART}"  -n ${PDB_NAMESPACE} 
-kubectl create secret tls db-tls --key="${SKEY}" --cert="${SCRT}"  -n ${OPR_NAMESPACE} 
-kubectl create secret generic db-ca --from-file="${CART}"  -n ${OPR_NAMESPACE}
-```
-after all secrets creation you shoud have the following pattern 
-
-```bash
-kubectl get secrets -n oracle-database-operator-system 
-NAME                  TYPE                DATA   AGE 
-db-ca                 Opaque              1      6d5h 
-db-tls                kubernetes.io/tls   2      6d5h 
-webhook-server-cert   kubernetes.io/tls   3      6d15h
-
-
-kubectl get secrets -n cdbnamespace 
-NAME          TYPE                DATA   AGE 
-cdb1-secret   Opaque              6      6d15h 
-db-ca         Opaque              1      6d6h 
-db-tls        kubernetes.io/tls   2      6d6h
-
-
-kubectl get secrets -n pdbnamespace 
-NAME          TYPE                DATA   AGE 
-db-ca         Opaque              1      6d6h 
-db-tls        kubernetes.io/tls   2      6d6h 
-pdb1-secret   Opaque              4      2d16h 
-tde1-secret   Opaque              2      22h
-```
-### REST SERVER IMAGE CREATION
-
-```bash
-cd oracle-database-operator/ords
-docker build -t oracle/ords-dboper:latest .
-docker tag oracle/ords-dboper:latest [path_of_your_registry]/ords-dboper:latest
-docker push [path_of_your_registry]/ords-dboper.latest
-cd -
-```
-
-### CDB POD CREATION
-
-**note:** <span style="color:red">
- Before creating the CDB pod make sure that all the pluggable databases in the container DB are open.
-</span>
-
-
-Update the cdb_create.yaml with the path of the image generated before to create CDB pod 
-
-```bash
-kubectl apply -f cdb_create.yaml 
-```
-
-Verify the status of the operation and cdb pod existence using the following commands 
-
-```bash
-## check the pod creation 
-kubectl get pods -n cdbnamespace 
-
-## check the rest server log after pod creation 
-kubectl logs -f `/usr/bin/kubectl get pods -n cdbnamespace|grep ords|cut -d ' ' -f 1` -n cdbnamespace
-
-##login to the pod for further debug and information gathering 
-kubectl exec -it `kubectl get pods -n cdbnamespace |grep ords|cut -d ' ' -f 1` -n cdbnamespace bash
-```
-
-[log cdb creation](./cdb_creation_log.txt)
-
-### PDB CREATION
-
-Apply the the pdb_create.yaml file to create a new pdb , after pdb creation you should be able to get pdb details using **kubectl get** command 
-
-```bash
-kubectl apply -f pdb_create.yaml
-```
-
-```bash
-#!/bin/bash
-#checkpdbs.sh
-kubectl get pdbs -n pdbnamespace -o=jsonpath='{range .items[*]}
-{"\n==================================================================\n"}
-{"CDB="}{.metadata.labels.cdb}
-{"K8SNAME="}{.metadata.name}
-{"PDBNAME="}{.spec.pdbName}
-{"OPENMODE="}{.status.openMode}
-{"ACTION="}{.status.action}
-{"MSG="}{.status.msg}
-{"\n"}{end}'
-```
-
-```bash
-./checkpdbs.sh
-==================================================================
-CDB=cdb-dev
-K8SNAME=pdb1
-PDBNAME=pdbdev
-OPENMODE=READ WRITE
-ACTION=CREATE
-MSG=Success
-
-```
-[pdb creation log](./pdb_creation_log.txt)
-
-### MAKEFILE
-
-In order to facilitate the command execution use the [makefile](./makefile) available target details are exposed in the following tables.
-
-|target                       |Action                                     |
-|-----------------------------|-------------------------------------|
-|step1                        | Build rest server images            | 
-|step2                        | Tag the immages                     |
-|step3                        | Push the image into the repository  | 
-|step4                        | Load webhook certmanager            | 
-|step5                        | Create the db operator              |  
-|step6                        | Create tls certificates             |  
-|step7                        | Create tls secret                   | 
-|step8                        | Create database secrets             |
-|step9                        | Create restserver pod               | 
-|checkstep9                   | Monitor the executions              |
-|step10                       | Create pluggable database           |
-|checkpdb                     | Monitor PDB status                  |
-|dump                         | Dump  pods info into a file         |
-|reloadop                     | Reload the db operator              |
-|login                        | Login into cdb pod                  |
-
-[imperative]:https://kubernetes.io/docs/concepts/overview/working-with-objects/object-management/
-
-</span>
-
diff --git a/docs/multitenant/usecase03/cdb_create.yaml b/docs/multitenant/usecase03/cdb_create.yaml
deleted file mode 100644
index d3b5e04f..00000000
--- a/docs/multitenant/usecase03/cdb_create.yaml
+++ /dev/null
@@ -1,44 +0,0 @@
-apiVersion: database.oracle.com/v1alpha1
-kind: CDB 
-metadata: 
-  name: cdb-dev
-  namespace: cdbnamespace
-spec:
-  cdbName: "DB12"
-  ordsImage: ".............your registry............./ords-dboper:latest"
-  ordsImagePullPolicy: "Always"
-  dbTnsurl : "...Container tns alias....."
-  replicas: 1
-  sysAdminPwd: 
-    secret: 
-      secretName: "cdb1-secret"
-      key: "sysadmin_pwd"
-  ordsPwd:
-    secret: 
-      secretName: "cdb1-secret"
-      key: "ords_pwd"  
-  cdbAdminUser: 
-    secret: 
-      secretName: "cdb1-secret"
-      key: "cdbadmin_user"
-  cdbAdminPwd: 
-    secret: 
-      secretName: "cdb1-secret"
-      key: "cdbadmin_pwd"
-  webServerUser: 
-    secret: 
-      secretName: "cdb1-secret"
-      key: "webserver_user"
-  webServerPwd: 
-    secret: 
-      secretName: "cdb1-secret"
-      key: "webserver_pwd"      
-  cdbTlsKey:
-    secret:
-      secretName: "db-tls"
-      key: "tls.key"
-  cdbTlsCrt:
-    secret:
-      secretName: "db-tls"
-      key: "tls.crt"
-
diff --git a/docs/multitenant/usecase03/cdb_creation_log.txt b/docs/multitenant/usecase03/cdb_creation_log.txt
deleted file mode 100644
index 8c7dc161..00000000
--- a/docs/multitenant/usecase03/cdb_creation_log.txt
+++ /dev/null
@@ -1,336 +0,0 @@
-kubectl get pods -n cdbnamespace 
-NAME                    READY   STATUS              RESTARTS   AGE
-cdb-dev-ords-rs-pgqqh   0/1     ContainerCreating   0          1s
-
-kubectl get pods -n cdbnamespace 
-NAME                    READY   STATUS    RESTARTS   AGE
-cdb-dev-ords-rs-pgqqh   1/1     Running   0          6s
-
-kubectl logs -f `/usr/bin/kubectl get pods -n cdbnamespace|grep ords|cut -d ' ' -f 1` -n cdbnamespace
-Picked up _JAVA_OPTIONS: -Xms1126M -Xmx1126M
-NOT_INSTALLED=2
- SETUP 
-====================================================
-CONFIG=/etc/ords/config
-total 0
-Picked up _JAVA_OPTIONS: -Xms1126M -Xmx1126M
-
-ORDS: Release 23.3 Production on Thu Jan 25 17:17:20 2024
-
-Copyright (c) 2010, 2024, Oracle.
-
-Configuration:
-  /etc/ords/config/
-
-The setting named: db.connectionType was set to: customurl in configuration: default
-Picked up _JAVA_OPTIONS: -Xms1126M -Xmx1126M
-
-ORDS: Release 23.3 Production on Thu Jan 25 17:17:21 2024
-
-Copyright (c) 2010, 2024, Oracle.
-
-Configuration:
-  /etc/ords/config/
-
-The setting named: db.customURL was set to: jdbc:oracle:thin:@(DESCRIPTION=(CONNECT_TIMEOUT=90)(RETRY_COUNT=30)(RETRY_DELAY=10)(TRANSPORT_CONNECT_TIMEOUT=70)(LOAD_BALLANCE=ON)(ADDRESS=(PROTOCOL=TCP)(HOST=scan12.testrac.com)(PORT=1521)(IP=V4_ONLY))(LOAD_BALLANCE=ON)(ADDRESS=(PROTOCOL=TCP)(HOST=scan34.testrac.com)(PORT=1521)(IP=V4_ONLY))(CONNECT_DATA=(SERVER=DEDICATED)(SERVICE_NAME=TESTORDS))) in configuration: default
-Picked up _JAVA_OPTIONS: -Xms1126M -Xmx1126M
-
-ORDS: Release 23.3 Production on Thu Jan 25 17:17:23 2024
-
-Copyright (c) 2010, 2024, Oracle.
-
-Configuration:
-  /etc/ords/config/
-
-The setting named: security.requestValidationFunction was set to: false in configuration: default
-Picked up _JAVA_OPTIONS: -Xms1126M -Xmx1126M
-
-ORDS: Release 23.3 Production on Thu Jan 25 17:17:25 2024
-
-Copyright (c) 2010, 2024, Oracle.
-
-Configuration:
-  /etc/ords/config/
-
-The setting named: jdbc.MaxLimit was set to: 100 in configuration: default
-Picked up _JAVA_OPTIONS: -Xms1126M -Xmx1126M
-
-ORDS: Release 23.3 Production on Thu Jan 25 17:17:27 2024
-
-Copyright (c) 2010, 2024, Oracle.
-
-Configuration:
-  /etc/ords/config/
-
-The setting named: jdbc.InitialLimit was set to: 50 in configuration: default
-Picked up _JAVA_OPTIONS: -Xms1126M -Xmx1126M
-
-ORDS: Release 23.3 Production on Thu Jan 25 17:17:29 2024
-
-Copyright (c) 2010, 2024, Oracle.
-
-Configuration:
-  /etc/ords/config/
-
-The global setting named: error.externalPath was set to: /opt/oracle/ords/error
-Picked up _JAVA_OPTIONS: -Xms1126M -Xmx1126M
-
-ORDS: Release 23.3 Production on Thu Jan 25 17:17:31 2024
-
-Copyright (c) 2010, 2024, Oracle.
-
-Configuration:
-  /etc/ords/config/
-
-The global setting named: standalone.access.log was set to: /home/oracle
-Picked up _JAVA_OPTIONS: -Xms1126M -Xmx1126M
-
-ORDS: Release 23.3 Production on Thu Jan 25 17:17:32 2024
-
-Copyright (c) 2010, 2024, Oracle.
-
-Configuration:
-  /etc/ords/config/
-
-The global setting named: standalone.https.port was set to: 8888
-Picked up _JAVA_OPTIONS: -Xms1126M -Xmx1126M
-
-ORDS: Release 23.3 Production on Thu Jan 25 17:17:34 2024
-
-Copyright (c) 2010, 2024, Oracle.
-
-Configuration:
-  /etc/ords/config/
-
-The global setting named: standalone.https.cert was set to: /opt/oracle/ords//secrets/tls.crt
-Picked up _JAVA_OPTIONS: -Xms1126M -Xmx1126M
-
-ORDS: Release 23.3 Production on Thu Jan 25 17:17:36 2024
-
-Copyright (c) 2010, 2024, Oracle.
-
-Configuration:
-  /etc/ords/config/
-
-The global setting named: standalone.https.cert.key was set to: /opt/oracle/ords//secrets/tls.key
-Picked up _JAVA_OPTIONS: -Xms1126M -Xmx1126M
-
-ORDS: Release 23.3 Production on Thu Jan 25 17:17:38 2024
-
-Copyright (c) 2010, 2024, Oracle.
-
-Configuration:
-  /etc/ords/config/
-
-The setting named: restEnabledSql.active was set to: true in configuration: default
-Picked up _JAVA_OPTIONS: -Xms1126M -Xmx1126M
-
-ORDS: Release 23.3 Production on Thu Jan 25 17:17:40 2024
-
-Copyright (c) 2010, 2024, Oracle.
-
-Configuration:
-  /etc/ords/config/
-
-The global setting named: security.verifySSL was set to: true
-Picked up _JAVA_OPTIONS: -Xms1126M -Xmx1126M
-
-ORDS: Release 23.3 Production on Thu Jan 25 17:17:42 2024
-
-Copyright (c) 2010, 2024, Oracle.
-
-Configuration:
-  /etc/ords/config/
-
-The global setting named: database.api.enabled was set to: true
-Picked up _JAVA_OPTIONS: -Xms1126M -Xmx1126M
-
-ORDS: Release 23.3 Production on Thu Jan 25 17:17:43 2024
-
-Copyright (c) 2010, 2024, Oracle.
-
-Configuration:
-  /etc/ords/config/
-
-The setting named: plsql.gateway.mode was set to: disabled in configuration: default
-Picked up _JAVA_OPTIONS: -Xms1126M -Xmx1126M
-
-ORDS: Release 23.3 Production on Thu Jan 25 17:17:45 2024
-
-Copyright (c) 2010, 2024, Oracle.
-
-Configuration:
-  /etc/ords/config/
-
-The global setting named: database.api.management.services.disabled was set to: false
-Picked up _JAVA_OPTIONS: -Xms1126M -Xmx1126M
-
-ORDS: Release 23.3 Production on Thu Jan 25 17:17:47 2024
-
-Copyright (c) 2010, 2024, Oracle.
-
-Configuration:
-  /etc/ords/config/
-
-The setting named: misc.pagination.maxRows was set to: 1000 in configuration: default
-Picked up _JAVA_OPTIONS: -Xms1126M -Xmx1126M
-
-ORDS: Release 23.3 Production on Thu Jan 25 17:17:49 2024
-
-Copyright (c) 2010, 2024, Oracle.
-
-Configuration:
-  /etc/ords/config/
-
-The setting named: db.cdb.adminUser was set to: C##DBAPI_CDB_ADMIN AS SYSDBA in configuration: default
-Picked up _JAVA_OPTIONS: -Xms1126M -Xmx1126M
-
-ORDS: Release 23.3 Production on Thu Jan 25 17:17:51 2024
-
-Copyright (c) 2010, 2024, Oracle.
-
-Configuration:
-  /etc/ords/config/
-
-The setting named: db.cdb.adminUser.password was set to: ****** in configuration: default
-Picked up _JAVA_OPTIONS: -Xms1126M -Xmx1126M
-
-ORDS: Release 23.3 Production on Thu Jan 25 17:17:53 2024
-
-Copyright (c) 2010, 2024, Oracle.
-
-Configuration:
-  /etc/ords/config/
-
-Created user welcome in file /etc/ords/config/global/credentials
-Picked up _JAVA_OPTIONS: -Xms1126M -Xmx1126M
-
-ORDS: Release 23.3 Production on Thu Jan 25 17:17:55 2024
-
-Copyright (c) 2010, 2024, Oracle.
-
-Configuration:
-  /etc/ords/config/
-
-Oracle REST Data Services - Non-Interactive Install
-
-Retrieving information..
-Completed verifying Oracle REST Data Services schema version 23.3.0.r2891830.
-Connecting to database user: ORDS_PUBLIC_USER url: jdbc:oracle:thin:@(DESCRIPTION=(CONNECT_TIMEOUT=90)(RETRY_COUNT=30)(RETRY_DELAY=10)(TRANSPORT_CONNECT_TIMEOUT=70)(LOAD_BALLANCE=ON)(ADDRESS=(PROTOCOL=TCP)(HOST=scan12.testrac.com)(PORT=1521)(IP=V4_ONLY))(LOAD_BALLANCE=ON)(ADDRESS=(PROTOCOL=TCP)(HOST=scan34.testrac.com)(PORT=1521)(IP=V4_ONLY))(CONNECT_DATA=(SERVER=DEDICATED)(SERVICE_NAME=TESTORDS)))
-The setting named: db.serviceNameSuffix was set to:  in configuration: default
-The setting named: db.username was set to: ORDS_PUBLIC_USER in configuration: default
-The setting named: db.password was set to: ****** in configuration: default
-The setting named: security.requestValidationFunction was set to: ords_util.authorize_plsql_gateway in configuration: default
-2024-01-25T17:17:58.898Z INFO        Oracle REST Data Services schema version 23.3.0.r2891830 is installed.
-2024-01-25T17:17:58.900Z INFO        To run in standalone mode, use the ords serve command:
-2024-01-25T17:17:58.900Z INFO        ords --config /etc/ords/config serve
-2024-01-25T17:17:58.900Z INFO        Visit the ORDS Documentation to access tutorials, developer guides and more to help you get started with the new ORDS Command Line Interface (http://oracle.com/rest).
-Picked up _JAVA_OPTIONS: -Xms1126M -Xmx1126M
-
-ORDS: Release 23.3 Production on Thu Jan 25 17:18:00 2024
-
-Copyright (c) 2010, 2024, Oracle.
-
-Configuration:
-  /etc/ords/config/
-
-2024-01-25T17:18:00.960Z INFO        HTTP and HTTP/2 cleartext listening on host: 0.0.0.0 port: 8080
-2024-01-25T17:18:00.963Z INFO        HTTPS and HTTPS/2 listening on host: 0.0.0.0 port: 8888
-2024-01-25T17:18:00.980Z INFO        Disabling document root because the specified folder does not exist: /etc/ords/config/global/doc_root
-2024-01-25T17:18:00.981Z INFO        Default forwarding from / to contextRoot configured.
-2024-01-25T17:18:06.634Z INFO        Configuration properties for: |default|lo|
-db.serviceNameSuffix=
-java.specification.version=21
-conf.use.wallet=true
-database.api.management.services.disabled=false
-sun.jnu.encoding=UTF-8
-user.region=US
-java.class.path=/opt/oracle/ords/ords.war
-java.vm.vendor=Oracle Corporation
-standalone.https.cert.key=/opt/oracle/ords//secrets/tls.key
-sun.arch.data.model=64
-nashorn.args=--no-deprecation-warning
-java.vendor.url=https://java.oracle.com/
-resource.templates.enabled=false
-user.timezone=UTC
-java.vm.specification.version=21
-os.name=Linux
-sun.java.launcher=SUN_STANDARD
-user.country=US
-sun.boot.library.path=/usr/java/jdk-21/lib
-sun.java.command=/opt/oracle/ords/ords.war --config /etc/ords/config serve --port 8888 --secure
-jdk.debug=release
-sun.cpu.endian=little
-user.home=/home/oracle
-oracle.dbtools.launcher.executable.jar.path=/opt/oracle/ords/ords.war
-user.language=en
-db.cdb.adminUser.password=******
-java.specification.vendor=Oracle Corporation
-java.version.date=2023-10-17
-database.api.enabled=true
-java.home=/usr/java/jdk-21
-db.username=ORDS_PUBLIC_USER
-file.separator=/
-java.vm.compressedOopsMode=32-bit
-line.separator=
-
-restEnabledSql.active=true
-java.specification.name=Java Platform API Specification
-java.vm.specification.vendor=Oracle Corporation
-java.awt.headless=true
-standalone.https.cert=/opt/oracle/ords//secrets/tls.crt
-db.password=******
-sun.management.compiler=HotSpot 64-Bit Tiered Compilers
-security.requestValidationFunction=ords_util.authorize_plsql_gateway
-misc.pagination.maxRows=1000
-java.runtime.version=21.0.1+12-LTS-29
-user.name=oracle
-error.externalPath=/opt/oracle/ords/error
-stdout.encoding=UTF-8
-path.separator=:
-db.cdb.adminUser=C##DBAPI_CDB_ADMIN AS SYSDBA
-os.version=5.4.17-2136.323.8.1.el7uek.x86_64
-java.runtime.name=Java(TM) SE Runtime Environment
-file.encoding=UTF-8
-plsql.gateway.mode=disabled
-security.verifySSL=true
-standalone.https.port=8888
-java.vm.name=Java HotSpot(TM) 64-Bit Server VM
-java.vendor.url.bug=https://bugreport.java.com/bugreport/
-java.io.tmpdir=/tmp
-oracle.dbtools.cmdline.ShellCommand=ords
-java.version=21.0.1
-user.dir=/home/oracle/keystore
-os.arch=amd64
-java.vm.specification.name=Java Virtual Machine Specification
-jdbc.MaxLimit=100
-oracle.dbtools.cmdline.home=/opt/oracle/ords
-native.encoding=UTF-8
-java.library.path=/usr/java/packages/lib:/usr/lib64:/lib64:/lib:/usr/lib
-java.vendor=Oracle Corporation
-java.vm.info=mixed mode, sharing
-stderr.encoding=UTF-8
-java.vm.version=21.0.1+12-LTS-29
-sun.io.unicode.encoding=UnicodeLittle
-jdbc.InitialLimit=50
-db.connectionType=customurl
-java.class.version=65.0
-db.customURL=jdbc:oracle:thin:@(DESCRIPTION=(CONNECT_TIMEOUT=90)(RETRY_COUNT=30)(RETRY_DELAY=10)(TRANSPORT_CONNECT_TIMEOUT=70)(LOAD_BALLANCE=ON)(ADDRESS=(PROTOCOL=TCP)(HOST=scan12.testrac.com)(PORT=1521)(IP=V4_ONLY))(LOAD_BALLANCE=ON)(ADDRESS=(PROTOCOL=TCP)(HOST=scan34.testrac.com)(PORT=1521)(IP=V4_ONLY))(CONNECT_DATA=(SERVER=DEDICATED)(SERVICE_NAME=TESTORDS)))
-standalone.access.log=/home/oracle
-
-2024-01-25T17:18:10.381Z INFO        
-
-Mapped local pools from /etc/ords/config/databases:
-  /ords/                              => default                        => VALID     
-
-
-2024-01-25T17:18:10.532Z INFO        Oracle REST Data Services initialized
-Oracle REST Data Services version : 23.3.0.r2891830
-Oracle REST Data Services server info: jetty/10.0.17
-Oracle REST Data Services java info: Java HotSpot(TM) 64-Bit Server VM 21.0.1+12-LTS-29
-
-
-exec -it `kubectl get pods -n cdbnamespace |grep ords|cut -d ' ' -f 1` -n cdbnamespace bash
-[oracle@cdb-dev-ords-rs-pgqqh ~]$ ps -ef|grep java
-oracle    1147  1116 10 17:17 ?        00:00:21 /usr/java/jdk-21/bin/java -Doracle.dbtools.cmdline.home=/opt/oracle/ords -Duser.language=en -Duser.region=US -Dfile.encoding=UTF-8 -Djava.awt.headless=true -Dnashorn.args=--no-deprecation-warning -Doracle.dbtools.cmdline.ShellCommand=ords -Duser.timezone=UTC -jar /opt/oracle/ords/ords.war --config /etc/ords/config serve --port 8888 --secure
-oracle    1227  1200  0 17:21 pts/0    00:00:00 grep --color=auto java
diff --git a/docs/multitenant/usecase03/cdb_secret.yaml b/docs/multitenant/usecase03/cdb_secret.yaml
deleted file mode 100644
index 8f1b6fc9..00000000
--- a/docs/multitenant/usecase03/cdb_secret.yaml
+++ /dev/null
@@ -1,17 +0,0 @@
-#
-# Copyright (c) 2022, Oracle and/or its affiliates. All rights reserved.
-# Licensed under the Universal Permissive License v 1.0 as shown at http://oss.oracle.com/licenses/upl.
-#
-apiVersion: v1
-kind: Secret
-metadata:
-  name: cdb1-secret
-  namespace: cdbnamespace 
-type: Opaque 
-data: 
-  ords_pwd: "[...base64 encoded password...]"
-  sysadmin_pwd: "[...base64 encoded password...]"
-  cdbadmin_user: "[...base64 encoded password...]"
-  cdbadmin_pwd: "[...base64 encoded password...]"
-  webserver_user: "[...base64 encoded password...]"
-  webserver_pwd: "[...base64 encoded password...]"
diff --git a/docs/multitenant/usecase03/gentlscert.sh b/docs/multitenant/usecase03/gentlscert.sh
deleted file mode 100644
index 49e29147..00000000
--- a/docs/multitenant/usecase03/gentlscert.sh
+++ /dev/null
@@ -1,23 +0,0 @@
-#!/bin/bash 
-export CDB_NAMESPACE=cdbnamespace 
-export PDB_NAMESPACE=pdbnamespace 
-export OPR_NAMESPACE=oracle-database-operator-system 
-export SKEY=tls.key 
-export SCRT=tls.crt 
-export CART=ca.crt 
-export COMPANY=oracle 
-export REST_SERVER=ords
-
-openssl genrsa -out ca.key 2048 
-openssl req -new -x509 -days 365 -key ca.key -subj "/C=CN/ST=GD/L=SZ/O=${COMPANY}, Inc./CN=${COMPANY} Root CA" -out ca.crt 
-openssl req -newkey rsa:2048 -nodes -keyout ${SKEY} -subj "/C=CN/ST=GD/L=SZ/O=${COMPANY}, Inc./CN=cdb-dev-${REST_SERVER}.${CDB_NAMESPACE}" -out server.csr 
-echo "subjectAltName=DNS:cdb-dev-${REST_SERVER}.${CDB_NAMESPACE},DNS:www.example.com" > extfile.txt 
-openssl x509 -req -extfile extfile.txt -days 365 -in server.csr -CA ca.crt -CAkey ca.key -CAcreateserial -out ${SCRT} 
-
-kubectl create secret tls db-tls --key="${SKEY}" --cert="${SCRT}"  -n ${CDB_NAMESPACE} 
-kubectl create secret generic db-ca --from-file="${CART}" -n ${CDB_NAMESPACE} 
-kubectl create secret tls db-tls --key="${SKEY}" --cert="${SCRT}"  -n ${PDB_NAMESPACE} 
-kubectl create secret generic db-ca --from-file="${CART}"  -n ${PDB_NAMESPACE} 
-kubectl create secret tls db-tls --key="${SKEY}" --cert="${SCRT}"  -n ${OPR_NAMESPACE} 
-kubectl create secret generic db-ca --from-file="${CART}"  -n ${OPR_NAMESPACE}
-
diff --git a/docs/multitenant/usecase03/makefile b/docs/multitenant/usecase03/makefile
deleted file mode 100644
index 7270a5e0..00000000
--- a/docs/multitenant/usecase03/makefile
+++ /dev/null
@@ -1,285 +0,0 @@
-#   __  __       _         __ _ _
-#  |  \/  | __ _| | _____ / _(_) | ___
-#  | |\/| |/ _` | |/ / _ \ |_| | |/ _ \
-#  | |  | | (_| |   <  __/  _| | |  __/
-#  |_|  |_|\__,_|_|\_\___|_| |_|_|\___|
-#
-#    ___
-#   / _ \ _ __  _ __  _ __ ___ _ __ ___
-#  | | | | '_ \| '_ \| '__/ _ \ '_ ` _ \
-#  | |_| | | | | |_) | | |  __/ | | | | |
-#   \___/|_| |_| .__/|_|  \___|_| |_| |_|
-#              |_|
-#    ____            _             _ _
-#   / ___|___  _ __ | |_ _ __ ___ | | | ___ _ __
-#  | |   / _ \| '_ \| __| '__/ _ \| | |/ _ \ '__|
-#  | |__| (_) | | | | |_| | | (_) | | |  __/ |
-#   \____\___/|_| |_|\__|_|  \___/|_|_|\___|_|
-#
-#  
-# This makefile helps to speed up the  kubectl commands executions to deploy and test
-# the mutlitenant operator. Although it has few functionality you can adapt to your needs  
-# by adding much more targets.
-#
-# Quick start:
-# ~~~~~~~~~~~
-#
-# - Copy files of tab.1 in the makefile directory.
-# - Edit the secret files and other yaml files with the correct credential as 
-#   specified in the documentation.
-# - Edit makefile updating variables of tab.2
-# - Execute commands of tab.3 "make step1" "make step2" "make step3"....
-#
-# Tab.1 - List of required files
-# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
-# 
-# +-----------------------------+---------------------------------------------+
-# |oracle-database-operator.yaml| Opertaor yaml file                          |
-# +-----------------------------+---------------------------------------------+
-# |cdb_secret.yaml              | Secret file for the rest server pod         |
-# +-----------------------------+---------------------------------------------+
-# |pdb_secret.yaml              | Secret file for the pdb creation            |
-# +-----------------------------+---------------------------------------------+
-# |cdb_create.yaml              | Rest server pod creation                    |
-# +-----------------------------+---------------------------------------------+
-# |pdb_create.yaml              | Pluggable database creation                 |
-# +-----------------------------+---------------------------------------------+
-# |oracle-database-operator.yaml| Database operator                           |
-# +-----------------------------+---------------------------------------------+
-# |Dockerfiles                  | Dockerfile for CBD                          |
-# +-----------------------------+---------------------------------------------+
-# |runOrdsSSL.sh                | Init script executed by Dockerfile          |
-# +-----------------------------+---------------------------------------------+
-#
-# Tab.2 - List of variables
-# ~~~~~~~~~~~~~~~~~~~~~~~~~
-#
-# +-----------------------------+---------------------------------------------+
-# |OCIR                         | Your image registry                         |
-# +-----------------------------+---------------------------------------------+
-# |OCIRPATH                     | Path of the image in your registry          |
-# +-----------------------------+---------------------------------------------+
-#
-# Tab.3 - Execution steps
-# ~~~~~~~~~~~~~~~~~~~~~~~
-#
-# +-----------------------------+---------------------------------------------+
-# |                      MAKEFILE TARGETS  LIST                               |
-# |                         ----- ooo -----                                   |
-# |          - TARGET -                         - DESCRIPTION -               |
-# +-----------------------------+-------------------------------------+-------+
-# |step1                        | Build rest server images            |       |
-# +-----------------------------+-------------------------------------+ REST  |
-# |step2                        | Tag the immages                     | SRV   |
-# +-----------------------------+-------------------------------------+ IMG   |
-# |step3                        | Push the image into the repository  |       | 
-# +-----------------------------+-------------------------------------+-------+
-# |step4                        | Load webhook certmanager            | DB    |
-# +-----------------------------+-------------------------------------+ OPER  |
-# |step5                        | Create the db operator              |       |
-# +-----------------------------+-------------------------------------+-------+
-# |step6                        | Create tls certificates             |   T   |
-# +-----------------------------+-------------------------------------+   L   |
-# |step7                        | Create tls secret                   |   S   |
-# +-----------------------------+---------------------------------------------+
-# |step8                        | Create database secrets                     |
-# +-----------------------------+---------------------------------------------+
-# |step9                        | Create restserver pod                       |
-# |  |                          +---------------------------------------------+
-# |  +---> checkstep9           | Monitor the executions                      |
-# +-----------------------------+---------------------------------------------+
-# |step10                       | Create pluggable database                   |
-# |  |                          +---------------------------------------------+
-# |  +---> checkpdb             | Monitor PDB status                          |
-# +-----------------------------+---------------------------------------------+
-# |                        DIAGNOSTIC  TARGETS                                |
-# +-----------------------------+---------------------------------------------+
-# | dump                        | Dump  pods info into a file                 |
-# +-----------------------------+---------------------------------------------+
-# | reloadop                    | Reload the db operator                      |
-# +-----------------------------+---------------------------------------------+
-# | login                       | Login into cdb pod                          |
-# +-----------------------------+---------------------------------------------+
-
-
-################ TAB 2 VARIABLES ############
-REST_SERVER=ords
-ORDSVERSION=latest
-
-OCIR=[container registry]
-OCIRPATH=$(REST_SERVER)-dboper:$(ORDSVERSION)
-
-#examples:
-#OCIR=lin.ocir.io
-#OCIRPATH=/sampletenancy/samplepath/sampledir/$(REST_SERVER)-dboper:$(ORDSVERSION)
-#############################################
-DOCKER=/usr/bin/docker
-KUBECTL=/usr/bin/kubectl
-ORDS=/usr/local/bin/ords
-CONFIG=/etc/ords/config
-IMAGE=oracle/$(REST_SERVER)-dboper:$(ORDSVERSION)
-DBOPERATOR=oracle-database-operator.yaml
-URLPATH=/_/db-api/stable/database/pdbs/
-OPENSSL=/usr/bin/openssl
-ORDSPORT=8888
-MAKE=/usr/bin/make
-DOCKERFILE=../../../ords/Dockerfile
-RUNSCRIPT=../../../ords/runOrdsSSL.sh
-RM=/usr/bin/rm
-CP=/bin/cp
-ECHO=/usr/bin/echo
-CERTMANAGER=https://github.com/jetstack/cert-manager/releases/latest/download/cert-manager.yaml
-CDB_SECRET_YAML=cdb_secret.yaml
-PDB_SECRET_YAML=pdb_secret.yaml
-TDE_SECRET_YAML=tde_secret.yaml
-CDB_NAMESPACE_YAML=ns_namespace_cdb.yaml
-PDB_NAMESPACE_YAML=ns_namespace_pdb.yaml
-OPR_NAMESPACE=oracle-database-operator-system
-PDB_NAMESPACE=$(shell grep namespace $(PDB_NAMESPACE_YAML)  |cut -d: -f 2| tr -d ' ')
-CDB_NAMESPACE=$(shell grep namespace $(CDB_NAMESPACE_YAML)  |cut -d: -f 2| tr -d ' ')
-CDB=cdb_create.yaml
-PDB=pdb_create.yaml
-SKEY=tls.key
-SCRT=tls.crt
-CART=ca.crt
-COMPANY=oracle
-LOCALHOST=localhost
-RESTPREFIX=cdb-dev
-
-
-step1:   createimage
-step2:   tagimage
-step3:   push 
-step4:   certmanager
-step5:   dboperator
-step6:   tlscert 
-step7:   tlssecret 
-step8:   dbsecret 
-step9:   cdb
-step10:  pdb
-
-checkstep9: checkcdb
-
-
-createimage:
-	@echo "BUILDING CDB IMAGES"
-	$(CP) $(DOCKERFILE) .
-	$(CP) $(RUNSCRIPT) .
-	$(DOCKER) build -t $(IMAGE) . 
-
-tagimage: 
-	@echo "TAG IMAGE"
-	$(DOCKER) tag $(IMAGE) $(OCIR)$(OCIRPATH)
-
-push:
-	@echo "PUSH IMAGE INTO THE REGISTRY"
-	$(DOCKER) push $(OCIR)$(OCIRPATH)
-
-certmanager:
-	@echo "WEBHOOK CERT MANAGER"
-	$(KUBECTL) apply -f $(CERTMANAGER) 
-
-dboperator:
-	@echo "ORACLE DATABASE OPERATOR"
-	$(KUBECTL) apply -f $(DBOPERATOR)
-
-namespace:
-	$(KUBECTL) get namespaces
-	$(KUBECTL) apply -f  $(CDB_NAMESPACE_YAML)
-	$(KUBECTL) apply -f  $(PDB_NAMESPACE_YAML)
-	$(KUBECTL) get namespaces
-
-
-tlscert:
-	@echo "CREATING TLS CERTIFICATES"
-	$(OPENSSL) genrsa -out ca.key 2048
-	$(OPENSSL) req -new -x509 -days 365 -key ca.key -subj "/C=US/ST=California/L=SanFrancisco/O=$(COMPANY) /CN=$(RESTPREFIX)-$(REST_SERVER).$(CDB_NAMESPACE) /CN=$(LOCALHOST)  Root CA " -out ca.crt
-	$(OPENSSL) req -newkey rsa:2048 -nodes -keyout $(SKEY) -subj "/C=US/ST=California/L=SanFrancisco/O=$(COMPANY) /CN=$(RESTPREFIX)-$(REST_SERVER).$(CDB_NAMESPACE) /CN=$(LOCALHOST)" -out server.csr
-	$(ECHO) "subjectAltName=DNS:$(RESTPREFIX)-$(REST_SERVER).$(CDB_NAMESPACE),DNS:www.example.com" > extfile.txt
-	$(OPENSSL) x509 -req -extfile extfile.txt -days 365 -in server.csr -CA ca.crt -CAkey ca.key -CAcreateserial -out $(SCRT)
-
-
-tlssecret:
-	$(KUBECTL) create secret tls db-tls --key="$(SKEY)" --cert="$(SCRT)"  -n $(CDB_NAMESPACE)
-	$(KUBECTL) create secret generic db-ca --from-file="$(CART)" -n $(CDB_NAMESPACE)
-	$(KUBECTL) create secret tls db-tls --key="$(SKEY)" --cert="$(SCRT)"  -n $(PDB_NAMESPACE)
-	$(KUBECTL) create secret generic db-ca --from-file="$(CART)"  -n $(PDB_NAMESPACE)
-	$(KUBECTL) create secret tls db-tls --key="$(SKEY)" --cert="$(SCRT)"  -n $(OPR_NAMESPACE)
-	$(KUBECTL) create secret generic db-ca --from-file="$(CART)"  -n $(OPR_NAMESPACE)
-
-
-dbsecret:
-	@echo "CREATING DB SECRETS"
-	$(KUBECTL) apply -f $(CDB_SECRET_YAML) 
-	$(KUBECTL) apply -f $(PDB_SECRET_YAML) 
-	$(KUBECTL) apply -f $(TDE_SECRET_YAML) 
-
-
-cdb:
-	@echo "CREATING REST SRV POD"
-	$(KUBECTL) apply -f $(CDB)
-
-checkcdb:
-	$(KUBECTL) logs -f `$(KUBECTL) get pods -n $(CDB_NAMESPACE)|grep $(REST_SERVER)|cut -d ' ' -f 1` -n $(CDB_NAMESPACE)
-
-pdb:
-	$(KUBECTL) apply -f $(PDB)
-
-checkpdb:
-	$(KUBECTL) get pdbs -n $(OPR_NAMESPACE)
-
-dump:
-	@$(eval TMPSP := $(shell date "+%y%m%d%H%M%S" ))
-	@$(eval DIAGFILE := ./opdmp.$(TMPSP))
-	@>$(DIAGFILE)
-	@echo "OPERATOR DUMP"  >> $(DIAGFILE)
-	@echo "~~~~~~~~~~~~~"  >> $(DIAGFILE)
-	$(KUBECTL) logs   pod/`$(KUBECTL) get pods -n $(OPR_NAMESPACE)|grep oracle-database-operator-controller|head -1|cut  -d ' ' -f 1` -n $(OPR_NAMESPACE) >>$(DIAGFILE)
-	$(KUBECTL) logs   pod/`$(KUBECTL) get pods -n $(OPR_NAMESPACE)|grep oracle-database-operator-controller|head -2|tail -1 | cut -d ' ' -f 1` -n $(OPR_NAMESPACE) >>$(DIAGFILE)
-	$(KUBECTL) logs   pod/`$(KUBECTL) get pods -n $(OPR_NAMESPACE)|grep oracle-database-operator-controller|tail -1|cut  -d ' ' -f 1` -n $(OPR_NAMESPACE) >>$(DIAGFILE)
-	@echo "CDB LOG DUMP" >> $(DIAGFILE)
-	@echo "~~~~~~~~" >> $(DIAGFILE)
-	$(KUBECTL) logs `$(KUBECTL) get pods -n $(OPR_NAMESPACE)|grep $(REST_SERVER)|  cut -d ' ' -f 1` -n $(OPR_NAMESPACE)  >>$(DIAGFILE)
-	@echo "SECRET DMP" >>$(DIAGFILE)
-	@echo "~~~~~~~~" >> $(DIAGFILE)
-	$(KUBECTL) get secrets  -o yaml -n $(OPR_NAMESPACE) >> $(DIAGFILE)
-	@echo "CDB/PDB DMP" >> $(DIAGFILE)
-	$(KUBECTL) get pdbs  -o yaml -n $(OPR_NAMESPACE) >> $(DIAGFILE)
-	$(KUBECTL) get cdb  -o yaml -n $(OPR_NAMESPACE) >> $(DIAGFILE)
-	@echo "CLUSTER INFO" >>  $(DIAGFILE)
-	$(KUBECTL) get nodes -o wide
-	$(KUBECTL) get svc --namespace=kube-system
-
-reloadop:
-	echo "RESTARTING OPERATOR"
-	$(eval OP1 := $(shell $(KUBECTL) get pods -n $(OPR_NAMESPACE)|grep oracle-database-operator-controller|head -1|cut  -d ' ' -f 1 ))
-	$(eval OP2 := $(shell $(KUBECTL) get pods -n $(OPR_NAMESPACE)|grep oracle-database-operator-controller|head -2|tail -1|cut  -d ' ' -f 1 ))
-	$(eval OP3 := $(shell $(KUBECTL) get pods -n $(OPR_NAMESPACE)|grep oracle-database-operator-controller|tail -1|cut  -d ' ' -f 1 ))
-	$(KUBECTL) get pod $(OP1) -n $(OPR_NAMESPACE) -o yaml | kubectl replace --force -f -
-	$(KUBECTL) get pod $(OP2) -n $(OPR_NAMESPACE) -o yaml | kubectl replace --force -f -
-	$(KUBECTL) get pod $(OP3) -n $(OPR_NAMESPACE) -o yaml | kubectl replace --force -f -
-
-login:
-	$(KUBECTL) exec -it  `$(KUBECTL) get pods -n $(CDB_NAMESPACE) |grep $(REST_SERVER)|cut -d ' ' -f 1` -n $(CDB_NAMESPACE) bash
-
-cdblog:
-	$(KUBECTL) logs -f `$(KUBECTL) get pods -n $(CDB_NAMESPACE)|grep $(REST_SERVER)|cut -d ' ' -f 1` -n $(CDB_NAMESPACE)
-
-
-
-xlog1:
-	$(KUBECTL) logs -f  pod/`$(KUBECTL) get pods -n $(OPR_NAMESPACE)|grep oracle-database-operator-controller|head -1|cut -d ' ' -f 1` -n $(OPR_NAMESPACE)
-
-xlog2:
-	$(KUBECTL) logs -f  pod/`$(KUBECTL) get pods -n $(OPR_NAMESPACE)|grep oracle-database-operator-controller|head -2|tail -1|cut -d ' ' -f 1` -n $(OPR_NAMESPACE)
-
-xlog3:
-	$(KUBECTL) logs -f  pod/`$(KUBECTL) get pods -n $(OPR_NAMESPACE)|grep oracle-database-operator-controller|tail -1|cut -d ' ' -f 1` -n $(OPR_NAMESPACE)
-
-checkdep:
-	 $(KUBECTL) api-resources --verbs=list --namespaced -o name | xargs -n 1 $(KUBECTL) get -n $(OPR_NAMESPACE)
-	 $(KUBECTL) api-resources --verbs=list --namespaced -o name | xargs -n 1 $(KUBECTL) get -n $(CBD_NAMESPACE)
-	 $(KUBECTL) api-resources --verbs=list --namespaced -o name | xargs -n 1 $(KUBECTL) get -n $(PDB_NAMESPACE)
-
-
-
diff --git a/docs/multitenant/usecase03/ns_namespace_cdb.yaml b/docs/multitenant/usecase03/ns_namespace_cdb.yaml
deleted file mode 100644
index f4c6d77b..00000000
--- a/docs/multitenant/usecase03/ns_namespace_cdb.yaml
+++ /dev/null
@@ -1,7 +0,0 @@
-apiVersion: v1
-kind: Namespace
-metadata:
-  labels:
-    control-plane: controller-manager
-  name: cdbnamespace
-
diff --git a/docs/multitenant/usecase03/ns_namespace_pdb.yaml b/docs/multitenant/usecase03/ns_namespace_pdb.yaml
deleted file mode 100644
index b22245f9..00000000
--- a/docs/multitenant/usecase03/ns_namespace_pdb.yaml
+++ /dev/null
@@ -1,7 +0,0 @@
-apiVersion: v1
-kind: Namespace
-metadata:
-  labels:
-    control-plane: controller-manager
-  name: pdbnamespace
-
diff --git a/docs/multitenant/usecase03/operator_creation_log.txt b/docs/multitenant/usecase03/operator_creation_log.txt
deleted file mode 100644
index 36ed02ac..00000000
--- a/docs/multitenant/usecase03/operator_creation_log.txt
+++ /dev/null
@@ -1,27 +0,0 @@
-kubectl apply -f oracle-database-operator.yaml 
-namespace/oracle-database-operator-system created
-customresourcedefinition.apiextensions.k8s.io/autonomouscontainerdatabases.database.oracle.com configured
-customresourcedefinition.apiextensions.k8s.io/autonomousdatabasebackups.database.oracle.com configured
-customresourcedefinition.apiextensions.k8s.io/autonomousdatabaserestores.database.oracle.com configured
-customresourcedefinition.apiextensions.k8s.io/autonomousdatabases.database.oracle.com configured
-customresourcedefinition.apiextensions.k8s.io/cdbs.database.oracle.com configured
-customresourcedefinition.apiextensions.k8s.io/dataguardbrokers.database.oracle.com configured
-customresourcedefinition.apiextensions.k8s.io/dbcssystems.database.oracle.com configured
-customresourcedefinition.apiextensions.k8s.io/oraclerestdataservices.database.oracle.com configured
-customresourcedefinition.apiextensions.k8s.io/pdbs.database.oracle.com configured
-customresourcedefinition.apiextensions.k8s.io/shardingdatabases.database.oracle.com configured
-customresourcedefinition.apiextensions.k8s.io/singleinstancedatabases.database.oracle.com configured
-role.rbac.authorization.k8s.io/oracle-database-operator-leader-election-role created
-clusterrole.rbac.authorization.k8s.io/oracle-database-operator-manager-role created
-clusterrole.rbac.authorization.k8s.io/oracle-database-operator-metrics-reader created
-clusterrole.rbac.authorization.k8s.io/oracle-database-operator-oracle-database-operator-proxy-role created
-rolebinding.rbac.authorization.k8s.io/oracle-database-operator-oracle-database-operator-leader-election-rolebinding created
-clusterrolebinding.rbac.authorization.k8s.io/oracle-database-operator-oracle-database-operator-manager-rolebinding created
-clusterrolebinding.rbac.authorization.k8s.io/oracle-database-operator-oracle-database-operator-proxy-rolebinding created
-service/oracle-database-operator-controller-manager-metrics-service created
-service/oracle-database-operator-webhook-service created
-certificate.cert-manager.io/oracle-database-operator-serving-cert created
-issuer.cert-manager.io/oracle-database-operator-selfsigned-issuer created
-mutatingwebhookconfiguration.admissionregistration.k8s.io/oracle-database-operator-mutating-webhook-configuration created
-validatingwebhookconfiguration.admissionregistration.k8s.io/oracle-database-operator-validating-webhook-configuration created
-deployment.apps/oracle-database-operator-controller-manager created
diff --git a/docs/multitenant/usecase03/pdb_create.yaml b/docs/multitenant/usecase03/pdb_create.yaml
deleted file mode 100644
index 200f3712..00000000
--- a/docs/multitenant/usecase03/pdb_create.yaml
+++ /dev/null
@@ -1,46 +0,0 @@
-apiVersion: database.oracle.com/v1alpha1
-kind: PDB
-metadata:
-  name: pdb1
-  namespace: pdbnamespace 
-  labels:
-    cdb: cdb-dev
-spec:
-  cdbResName: "cdb-dev"
-  cdbNamespace: "cdbnamespace"
-  cdbName: "DB12"
-  pdbName: "pdbdev"
-  adminName:
-    secret:
-      secretName: "pdb1-secret"
-      key: "sysadmin_user" 
-  adminPwd:
-    secret:
-      secretName: "pdb1-secret"
-      key: "sysadmin_pwd"
-  pdbTlsKey:
-    secret:
-      secretName: "db-tls"
-      key: "tls.key"
-  pdbTlsCrt:
-    secret:
-      secretName: "db-tls"
-      key: "tls.crt"
-  pdbTlsCat:
-    secret:
-      secretName: "db-ca"
-      key: "ca.crt"
-  webServerUser:
-    secret:
-      secretName: "pdb1-secret"
-      key: "webserver_user"
-  webServerPwd:
-    secret:
-      secretName: "pdb1-secret"
-      key: "webserver_pwd"
-  fileNameConversions: "NONE"
-  tdeImport: false
-  totalSize: "1G"
-  tempSize: "100M"
-  action: "Create"
-
diff --git a/docs/multitenant/usecase03/pdb_creation_log.txt b/docs/multitenant/usecase03/pdb_creation_log.txt
deleted file mode 100644
index 71d0eb4f..00000000
--- a/docs/multitenant/usecase03/pdb_creation_log.txt
+++ /dev/null
@@ -1,6 +0,0 @@
-kubectl apply -f pdb_create.yaml 
-pdb.database.oracle.com/pdb1 created
-
-kubectl get pdbs -n pdbnamespace 
-NAME   CONNECT_STRING                                                                                                                                                                                                                                                                                                                               CDB NAME   PDB NAME   PDB STATE    PDB SIZE   STATUS   MESSAGE
-pdb1   (DESCRIPTION=(CONNECT_TIMEOUT=90)(RETRY_COUNT=30)(RETRY_DELAY=10)(TRANSPORT_CONNECT_TIMEOUT=70)(LOAD_BALLANCE=ON)(ADDRESS=(PROTOCOL=TCP)(HOST=scan12.testrac.com)(PORT=1521)(IP=V4_ONLY))(LOAD_BALLANCE=ON)(ADDRESS=(PROTOCOL=TCP)(HOST=scan34.testrac.com)(PORT=1521)(IP=V4_ONLY))(CONNECT_DATA=(SERVER=DEDICATED)(SERVICE_NAME=pdbdev)))   DB12       pdbdev     READ WRITE   0.78G      Ready    Success
diff --git a/docs/multitenant/usecase03/pdb_secret.yaml b/docs/multitenant/usecase03/pdb_secret.yaml
deleted file mode 100644
index f1dfdac6..00000000
--- a/docs/multitenant/usecase03/pdb_secret.yaml
+++ /dev/null
@@ -1,16 +0,0 @@
-#
-# Copyright (c) 2022, Oracle and/or its affiliates. All rights reserved.
-# Licensed under the Universal Permissive License v 1.0 as shown at http://oss.oracle.com/licenses/upl.
-#
-apiVersion: v1
-kind: Secret
-metadata:
-  name: pdb1-secret
-  namespace: pdbnamespace
-type: Opaque 
-data: 
-  sysadmin_user: "[...base64 encoded password...]"
-  sysadmin_pwd: "[...base64 encoded password...]"
-  webserver_user: "[...base64 encoded password...]"
-  webserver_pwd: "[...base64 encoded password...]"
-
diff --git a/docs/multitenant/usecase03/runOrdsSSL.sh b/docs/multitenant/usecase03/runOrdsSSL.sh
deleted file mode 100644
index 35f1b77b..00000000
--- a/docs/multitenant/usecase03/runOrdsSSL.sh
+++ /dev/null
@@ -1,190 +0,0 @@
-#!/bin/bash
-
-cat <<EOF
-** Copyright (c) 2022 Oracle and/or its affiliates.
-**
-** The Universal Permissive License (UPL), Version 1.0
-**
-** Subject to the condition set forth below, permission is hereby granted to any
-** person obtaining a copy of this software, associated documentation and/or data
-** (collectively the "Software"), free of charge and under any and all copyright
-** rights in the Software, and any and all patent rights owned or freely
-** licensable by each licensor hereunder covering either (i) the unmodified
-** Software as contributed to or provided by such licensor, or (ii) the Larger
-** Works (as defined below), to deal in both
-**
-** (a) the Software, and
-** (b) any piece of software and/or hardware listed in the lrgrwrks.txt file if
-** one is included with the Software (each a "Larger Work" to which the Software
-** is contributed by such licensors),
-**
-** without restriction, including without limitation the rights to copy, create
-** derivative works of, display, perform, and distribute the Software and make,
-** use, sell, offer for sale, import, export, have made, and have sold the
-** Software and the Larger Work(s), and to sublicense the foregoing rights on
-** either these or other terms.
-**
-** This license is subject to the following condition:
-** The above copyright notice and either this complete permission notice or at
-** a minimum a reference to the UPL must be included in all copies or
-** substantial portions of the Software.
-**
-** THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-** IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-** FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-** AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-** LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-** OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
-** SOFTWARE.
-EOF
-
-echo "ORDSVERSIN:$ORDSVERSION"
-
-export ORDS=/usr/local/bin/ords
-export ETCFILE=/etc/ords.conf
-export CONFIG=`cat /etc/ords.conf |grep -v ^#|grep ORDS_CONFIG| awk -F= '{print $2}'`
-export export _JAVA_OPTIONS="-Xms1126M -Xmx1126M"
-export ERRORFOLDER=/opt/oracle/ords/error
-export KEYSTORE=~/keystore
-export OPENSSL=/usr/bin/openssl
-export PASSFILE=${KEYSTORE}/PASSWORD
-export HN=`hostname`
-export KEY=$ORDS_HOME/secrets/$TLSKEY
-export CERTIFICATE=$ORDS_HOME/secrets/$TLSCRT
-export TNS_ADMIN=/opt/oracle/ords/
-export TNSNAME=${TNS_ADMIN}/tnsnames.ora 
-export TNSALIAS=ordstns
-echo "${TNSALIAS}=${DBTNSURL}" >$TNSNAME
-
-
-function SetParameter() {
-  ##ords config info <--- Use this command to get the list
-
-[[ ! -z "${ORACLE_HOST}" && -z "${DBTNSURL}" ]] && {
-  $ORDS --config ${CONFIG} config    set   db.hostname                                 ${ORACLE_HOST:-racnode1} 
-  $ORDS --config ${CONFIG} config    set   db.port                                     ${ORACLE_PORT:-1521} 
-  $ORDS --config ${CONFIG} config    set   db.servicename                              ${ORACLE_SERVICE:-TESTORDS}
-}
-
-[[  -z "${ORACLE_HOST}" && ! -z "${DBTNSURL}" ]] && {
-  #$ORDS --config ${CONFIG}  config    set   db.tnsAliasName                           ${TNSALIAS}
-  #$ORDS --config ${CONFIG}  config    set   db.tnsDirectory                           ${TNS_ADMIN}
-  #$ORDS --config ${CONFIG}  config    set   db.connectionType                         tns
- 
-   $ORDS --config ${CONFIG}  config    set   db.connectionType                         customurl
-   $ORDS --config ${CONFIG}  config    set   db.customURL                              jdbc:oracle:thin:@${DBTNSURL}
-}
-
-  $ORDS --config ${CONFIG} config    set   security.requestValidationFunction          false   
-  $ORDS --config ${CONFIG} config    set   jdbc.MaxLimit                               100
-  $ORDS --config ${CONFIG} config    set   jdbc.InitialLimit                           50
-  $ORDS --config ${CONFIG} config    set   error.externalPath                          ${ERRORFOLDER}
-  $ORDS --config ${CONFIG} config    set   standalone.access.log                       /home/oracle
-  $ORDS --config ${CONFIG} config    set   standalone.https.port                       8888
-  $ORDS --config ${CONFIG} config    set   standalone.https.cert                       ${CERTIFICATE}
-  $ORDS --config ${CONFIG} config    set   standalone.https.cert.key                   ${KEY}
-  $ORDS --config ${CONFIG} config    set   restEnabledSql.active                       true
-  $ORDS --config ${CONFIG} config    set   security.verifySSL                          true
-  $ORDS --config ${CONFIG} config    set   database.api.enabled                        true
-  $ORDS --config ${CONFIG} config    set   plsql.gateway.mode                          disabled
-  $ORDS --config ${CONFIG} config    set   database.api.management.services.disabled   false
-  $ORDS --config ${CONFIG} config    set   misc.pagination.maxRows                     1000
-  $ORDS --config ${CONFIG} config    set   db.cdb.adminUser                            "${CDBADMIN_USER:-C##DBAPI_CDB_ADMIN} AS SYSDBA"
-  $ORDS --config ${CONFIG} config    secret --password-stdin db.cdb.adminUser.password << EOF
-${CDBADMIN_PWD:-PROVIDE_A_PASSWORD}
-EOF
-
-$ORDS --config ${CONFIG} config  user add --password-stdin ${WEBSERVER_USER:-ordspdbadmin} "SQL Administrator, System Administrator" <<EOF
-${WEBSERVER_PASSWORD:-welcome1}
-EOF
-
-}
-
-
-function setupOrds() {
-
-echo "===================================================="
-echo CONFIG=$CONFIG
-
-export ORDS_LOGS=/tmp
-
- [ -f $ORDS_HOME/secrets/$WEBSERVER_USER_KEY ]     && 
-  {
-    WEBSERVER_USER=`cat $ORDS_HOME/secrets/$WEBSERVER_USER_KEY` 
-  }
-
- [ -f $ORDS_HOME/secrets/$WEBSERVER_PASSWORD_KEY ] && 
-  { 
-    WEBSERVER_PASSWORD=`cat $ORDS_HOME/secrets/$WEBSERVER_PASSWORD_KEY` 
-  }
-
- [ -f $ORDS_HOME/secrets/$CDBADMIN_USER_KEY ]      && 
-  {
-     CDBADMIN_USER=`cat $ORDS_HOME/secrets/$CDBADMIN_USER_KEY` 
-  }
-
- [ -f $ORDS_HOME/secrets/$CDBADMIN_PWD_KEY ]       && 
-  { 
-     CDBADMIN_PWD=`cat $ORDS_HOME/secrets/$CDBADMIN_PWD_KEY` 
-  }
-
- [ -f $ORDS_HOME/secrets/$ORACLE_PWD_KEY ]         && 
-  { 
-    SYSDBA_PASSWORD=`cat $ORDS_HOME/secrets/$ORACLE_PWD_KEY`
-   }
-
- [ -f $ORDS_HOME/secrets/$ORACLE_PWD_KEY ]         && 
-  { 
-    ORDS_PASSWORD=`cat $ORDS_HOME/secrets/$ORDS_PWD_KEY`
-  }
-
-
-SetParameter;
-$ORDS --config                           ${CONFIG} install                 \
-      --admin-user                       ${SYSDBA_USER:-"SYS AS SYSDBA"}   \
-      --feature-db-api                   true                              \
-      --feature-rest-enabled-sql         true                              \
-      --log-folder                       ${ORDS_LOGS}                      \
-      --proxy-user                                                         \
-      --password-stdin <<EOF
-${SYSDBA_PASSWORD:-PROVIDE_A_PASSWORD}
-${ORDS_PASSWORD:-PROVIDE_A_PASSWORD}
-EOF
-
-
-
-if [ $? -ne 0 ]
-then
-  echo "Installation error"
-  exit 1
-fi
-
-}
-
-export CKF=/tmp/checkfile
-
-$ORDS --config $CONFIG config list 1>${CKF} 2>&1 
-echo "checkfile" >> ${CKF}
-NOT_INSTALLED=`cat ${CKF} | grep "INFO: The" |wc -l `
-echo NOT_INSTALLED=$NOT_INSTALLED
-
-
-function StartUp () {
-  $ORDS  --config $CONFIG serve     --port 8888 --secure
-}
-
-# Check whether ords is already setup
-if [ $NOT_INSTALLED -ne 0 ]
-then
-  echo " SETUP "
-  setupOrds;
-  StartUp;
-fi
-
-if [ $NOT_INSTALLED -eq 0 ]
-then
-  echo " STARTUP "
-  StartUp;
-fi
-
-
diff --git a/docs/observability/README.md b/docs/observability/README.md
index 5a281c9c..a087c892 100644
--- a/docs/observability/README.md
+++ b/docs/observability/README.md
@@ -2,155 +2,304 @@
 
 Oracle Database Operator for Kubernetes (`OraOperator`) includes the
 Observability controller for Oracle Databases and adds the `DatabaseObserver` CRD, which enables users to observe 
-Oracle Databases by scraping database metrics using SQL queries and observe logs in the Database _alert.log_. The controller 
-automates the deployment and maintenance of the metrics exporter container image,
-metrics exporter service and Prometheus servicemonitor.
+Oracle Databases by scraping database metrics using SQL queries and observe logs in the Database _alert.log_. 
+The controller automates the deployment and maintenance of the [database observability exporter](https://github.com/oracle/oracle-db-appdev-monitoring),
+metrics exporter service and Prometheus ServiceMonitor.
 
 The following sections explains the configuration and functionality
 of the controller.
 
 * [Prerequisites](#prerequisites)
 * [The DatabaseObserver Custom Resource Definition](#the-databaseobserver-custom-resource)
-  * [Configuration Options](#configuration-options)
-  * [Resources Managed by the Controller](#resources-managed-by-the-controller)
+  * [Configuring Database Credentials](#configuration-fields-related-to-managing-database-credentials)
+  * [Configuring Cloud Provider Vaults for Database credentials](#configuration-fields-related-to-vault-usage)
+  * [Configuring the Managed Resources](#configuration-fields-related-to-the-deployment-pod-service-and-servicemonitor-resources)
+  * [Configuring Export of Database Metrics](#configuration-fields-related-to-metrics-export)
+  * [Configuring Export of Database Logs](#configuration-fields-related-to-logs-export)
+  * [Configuring the Exporter Config File](#configuration-fields-related-to-the-exporter-config-file)
+
 * [DatabaseObserver Operations](#databaseobserver-operations)
   * [Create](#create-resource)
   * [List](#list-resource)
   * [Get Status](#get-detailed-status)
   * [Update](#patch-resource)
   * [Delete](#delete-resource)
-* [Configuration Options for Scraping Metrics](#scraping-metrics)
+
+* [Connecting to the Database](#connecting-to-the-database)
+  * [Default DB Configuration](#default-database-configuration)
+  * [Multiple DB Configuration](#multiple-database-configuration)
+
+* [Vault Configuration](#database-authentication-with-vaults-in-the-cloud)
+    * [Using OCI Vault](#oci-vault-configuration)
+    * [Using Azure Vault](#azure-vault-configuration)
+
+* [Setting the Exporter Config File](#defining-an-exporter-config-file)
+
+* [Scraping Metrics](#scraping-metrics)
   * [Custom Metrics Config](#custom-metrics-config)
   * [Prometheus Release](#prometheus-release)
-* [Configuration Options for Scraping Logs](#scraping-logs)
+  
+* [Scraping Logs](#scraping-logs)
   * [Custom Log Location with PersistentVolumes](#custom-log-location-with-persistentvolumes)
   * [Example Working with Sidecars and Promtail](#working-with-sidecars-to-deploy-promtail)
-  * [Promtail Config Example](#Promtail-Config-Example)
-* [Other Configuration Options](#other-configuration-options)
-    * [Labels](#labels)
-    * [Custom Exporter Image or Version](#custom-exporter-image-or-version)
+
+  
+* [Customizing Resources](#customizing-resources-and-available-configuration-options)
+    * [Environment Variables and Default Values](#environment-variables-and-default-values)
+    * [Managing Labels](#managing-labels)
+    * [Custom Exporter Image or Version](#custom-environment-variables-arguments-and-commands)
+    * [Security Contexts](#security-contexts)
+    * [Custom Service Ports](#custom-service-ports)
+    * [Custom ServiceMonitor](#custom-servicemonitor-endpoints)
+  
 * [Mandatory Roles and Privileges](#mandatory-roles-and-privileges-requirements-for-observability-controller)
+
 * [Debugging and troubleshooting](#debugging-and-troubleshooting)
 * [Known Issues](#known-issues)
+* [Resources](#resources)
 
 ## Prerequisites
 The `DatabaseObserver` custom resource has the following prerequisites:
 
-1. Prometheus and its `servicemonitor` custom resource definition must be installed on the cluster.
+1. Installation of Prometheus `servicemonitor` custom resource definition (CRD) on the cluster.
 
-- The Observability controller creates multiple Kubernetes resources that include
-  a Prometheus `servicemonitor`. For the controller
-  to create ServiceMonitors, the ServiceMonitor custom resource must exist.
+   - The Observability controller creates multiple Kubernetes resources that include
+     a Prometheus `servicemonitor`. For the controller
+     to create ServiceMonitors, the ServiceMonitor custom resource must exist. For __example__, to install
+     Prometheus CRDs using the [Kube Prometheus Stack helm chart](https://prometheus-community.github.io/helm-charts/), run the following helm commands:
+       ```bash
+       helm repo add prometheus https://prometheus-community.github.io/helm-charts
+       helm repo update
+       helm upgrade --install prometheus prometheus/kube-prometheus-stack -n prometheus --create-namespace
+       ```
+     - You can check if the ServiceMonitor API exists in your cluster by running the following command:
+     ```bash
+     kubectl api-resources | grep smon
+     ```
 
-2. A preexisting Oracle Database and the proper database grants and privileges.
+2. A preexisting Oracle Database, and the proper database grants and privileges.
 
-- The controller exports metrics through SQL queries that the user can control 
-   and specify through a _toml_ file. The necessary access privileges to the tables used in the queries
-   are not provided and applied automatically.
+    - The controller exports metrics through SQL queries that the user can control 
+       and specify through the _toml_ files. The necessary access privileges to the tables used in the queries
+       are not provided and applied automatically.
 
 ## The DatabaseObserver Custom Resource
-The Oracle Database Operator (__v1.2.0__ or later) includes the Oracle Database Observability controller, which automates
-the deployment and setting up of the Oracle Database exporter and the related resources to make Oracle Databases observable.
-
-In the example YAML file found in 
-[`./config/samples/observability/v4/databaseobserver.yaml`](../../config/samples/observability/v4/databaseobserver.yaml),
-the databaseObserver custom resource provides the following configurable properties:
-
-| Attribute                                              | Type   | Default                                                             | Required?   | Example                                                               |
-|--------------------------------------------------------|--------|---------------------------------------------------------------------|:------------|-----------------------------------------------------------------------|
-| `spec.database.dbUser.key`                             | string | user                                                                | Optional    | _username_                                                            |
-| `spec.database.dbUser.secret`                          | string | -                                                                   | Yes         | _db-secret_                                                           |
-| `spec.database.dbPassword.key`                         | string | password                                                            | Optional    | _admin-password_                                                      |
-| `spec.database.dbPassword.secret`                      | string | -                                                                   | Conditional | _db-secret_                                                           |
-| `spec.database.dbPassword.vaultOCID`                   | string | -                                                                   | Conditional | _ocid1.vault.oc1..._                                                  |
-| `spec.database.dbPassword.vaultSecretName`             | string | -                                                                   | Conditional | _db-vault_                                                            |
-| `spec.database.dbWallet.secret`                        | string | -                                                                   | Conditional | _devsec-oradevdb-wallet_                                              |
-| `spec.database.dbConnectionString.key`                 | string | connection                                                          | Optional    | _connection_                                                          |
-| `spec.database.dbConnectionString.secret`              | string | -                                                                   | Yes         | _db-secretg_                                                          |
-| `spec.sidecars`                                        | array  | -                                                                   | Optional    | -                                                                     |
-| `spec.sidecarVolumes`                                  | array  | -                                                                   | Optional    | -                                                                     |
-| `spec.exporter.deployment.securityContext`             | object |                                                                     | Optional    | _                                                                     |
-| `spec.exporter.deployment.env`                         | map    | -                                                                   | Optional    | _DB_ROLE: "SYSDBA"_                                                   |
-| `spec.exporter.deployment.image`                       | string | container-registry.oracle.com/database/observability-exporter:1.5.1 | Optional    | _container-registry.oracle.com/database/observability-exporter:1.3.0_ |
-| `spec.exporter.deployment.args`                        | array  | -                                                                   | Optional    | _[ "--log.level=info" ]_                                              |
-| `spec.exporter.deployment.commands`                    | array  | -                                                                   | Optional    | _[ "/oracledb_exporter" ]_                                            |
-| `spec.exporter.deployment.labels`                      | map    | -                                                                   | Optional    | _environment: dev_                                                    |
-| `spec.exporter.deployment.podTemplate.labels`          | map    | -                                                                   | Optional    | _environment: dev_                                                    |
-| `spec.exporter.deployment.podTemplate.securityContext` | object | -                                                                   | Optional    | _                                                                     |
-| `spec.exporter.service.ports`                          | array  | -                                                                   | Optional    | -                                                                     |
-| `spec.exporter.service.labels`                         | map    | -                                                                   | Optional    | _environment: dev_                                                    |                                                                     |
-| `spec.configuration.configMap.key`                     | string | config.toml                                                         | Optional    | _config.toml_                                                         |
-| `spec.configuration.configMap.name`                    | string | -                                                                   | Optional    | _devcm-oradevdb-config_                                               |
-| `spec.prometheus.serviceMonitor.labels`                | map    | -                                                                   | Yes         | _release: prometheus_                                                 |
-| `spec.prometheus.serviceMonitor.namespaceSelector`     | -      | -                                                                   | Yes         | -                                                                     |
-| `spec.prometheus.serviceMonitor.endpoints`             | array  | -                                                                   | Optional    | -                                                                     |
-| `spec.log.filename`                                    | string | alert.log                                                           | Optional    | _alert.log_                                                           |
-| `spec.log.path`                                        | string | /log                                                                | Optional    | _/log_                                                                |
-| `spec.log.volume.name`                                 | string | log-volume                                                          | Optional    | _my-persistent-volume_                                                |
-| `spec.log.volume.persistentVolumeClaim.claimName`      | string | -                                                                   | Optional    | _my-pvc_                                                              |
-| `spec.replicas`                                        | number | 1                                                                   | Optional    | _1_                                                                   |
-| `spec.inheritLabels`                                   | array  | -                                                                   | Optional    | _- environment: dev_<br/>- app.kubernetes.io/name: observer           |
-| `spec.ociConfig.configMapName`                         | string | -                                                                   | Conditional | _oci-cred_                                                            |
-| `spec.ociConfig.secretName`                            | string | -                                                                   | Conditional | _oci-privatekey_                                                      |
-
-
-### Configuration Options
-The `databaseObserver` Custom resource has the following fields for all configurations that are <u>required</u>:
-* `spec.database.dbUser.secret` - Secret containing the database username. The corresponding key can be any value but must match the key in the secret provided.
-* `spec.database.dbPassword.secret` - Secret containing the database password (if `vault` is NOT used). The corresponding key field can be any value, but must match the key in the Secret provided
-* `spec.database.dbConnectionString.secret` - Secret containing the database connection string. The corresponding key field can be any value but must match the key in the Secret provided
-* `spec.prometheus.serviceMonitor.labels` - Custom labels to add to the service monitors labels. A label is required for your serviceMonitor to be discovered. This label must match what is set in the serviceMonitorSelector of your Prometheus configuration
-
-If a database wallet is required to connect, then the following field containing the wallet secret is <u>required</u>:
-* `spec.database.dbWallet.secret` - Secret containing the database wallet. The filenames inside the wallet must be used as keys
-
-If vault is used to store the database password instead, then the following fields are <u>required</u>:
-* `spec.database.dbPassword.vaultOCID` - OCID of the vault used
-* `spec.database.dbPassword.vaultSecretName` - Name of the secret inside the desired vault
-* `spec.ociConfig.configMapName` - Holds the rest of the information of the OCI API signing key. The following keys must be used: `fingerprint`, `region`, `tenancy` and `user`
-* `spec.ociConfig.secretName` - Holds the private key of the OCI API signing key. The key to the file containing the user private key must be: `privatekey`
-
-The `databaseObserver` Resource provides the remaining multiple fields that are <u>optional</u>:
-* `spec.prometheus.serviceMonitor.endpoints` - ServiceMonitor endpoints
-* `spec.prometheus.serviceMonitor.namespaceSelector` - ServiceMonitor namespace selector
-* `spec.sidecars` - List of containers to run as a sidecar container with the observability exporter container image
-* `spec.sidecarVolumes` - Volumes of any sidecar containers
-* `spec.log.path` - Custom path to create
-* `spec.log.filename` - Custom filename for the log file
-* `spec.log.volume.name` - Custom name for the log volume
-* `spec.log.volume.persistentVolumeClaim.claimName` - A volume in which to place the log to be shared by the containers. If not specified, an EmptyDir is used by default.
-* `spec.configuration.configMap.key` - Configuration filename inside the container and the configmap
-* `spec.configuration.configMap.name` - Name of the `configMap` that holds the custom metrics configuration
-* `spec.replicas` - Number of replicas to deploy
-* `spec.exporter.service.ports` - Port number for the generated service to use
-* `spec.exporter.service.labels` - Custom labels to add to service labels
-* `spec.exporter.deployment.image` - Image version of observability exporter to use
-* `spec.exporter.deployment.env` - Custom environment variables for the observability exporter
-* `spec.exporter.deployment.labels` - Custom labels to add to deployment labels
-* `spec.exporter.deployment.podTemplate.labels` - Custom labels to add to pod labels
-* `spec.exporter.deployment.podTemplate.securityContext` - Configures pod securityContext
-* `spec.exporter.deployment.args` - Additional arguments to provide the observability-exporter
-* `spec.exporter.deployment.commands` - Commands to supply to the observability-exporter
-* `spec.exporter.deployment.securityContext` - Configures container securityContext
-* `spec.inheritLabels` - Keys of inherited labels from the databaseObserver resource. These labels are applied to generated resources.
-
-### Resources Managed by the Controller
+Oracle Database Operator (__v1.0.0__ or later) includes the Oracle Database Observability controller, which automates
+the deployment and configuration of the Oracle Database exporter and the related resources to make Oracle Databases observable.
+The Observability Controller introduces the `databaseobserver` APIs.
+
+To list the available APIs included in the
+Database Operator, you can run the following command:
+
+```bash
+kubectl api-resources | grep oracle
+```
+
+Learn about the different and configurable fields available in this release of the DatabaseObserver APIs in the following sections.
+
+> In this release, the controller deploys the Database Observability Exporter ([v2.0.2](https://github.com/oracle/oracle-db-appdev-monitoring/releases/tag/2.0.2)).
+
+
+
+### Configuration Fields Related to Managing Database Credentials
+The following fields are available for configuring the exporter to successfully connect to databases:
+
+| Attribute                                         | Type   | Required?   | Example              |
+|---------------------------------------------------|--------|:------------|----------------------|
+| `spec.database.dbUser.key`                        | string | No          | _username_           |
+| `spec.database.dbPassword.key`                    | string | No          | _password_           |
+| `spec.database.dbConnectionString.key`            | string | No          | _connection_         |
+| `spec.database.dbUser.secret`                     | string | Yes         | _db-secret_          |
+| `spec.database.dbPassword.secret`                 | string | Yes         | _db-secret_          |
+| `spec.database.dbConnectionString.secret`         | string | Yes         | _db-secret_          |
+| `spec.database.dbUser.envName`                    | string | No          | _DB_USERNAME_        |
+| `spec.database.dbPassword.envName`                | string | No          | _DB_PASSWORD_        |
+| `spec.database.dbConnectionString.envName`        | string | No          | _DB_CONN_STRING_     |
+| `spec.databases.<key>.dbUser.key`                 | string | No          | _username_           |
+| `spec.databases.<key>.dbPassword.key`             | string | No          | _password_           |
+| `spec.databases.<key>.dbConnectionString.key`     | string | No          | _connection_         |
+| `spec.databases.<key>.dbUser.secret`              | string | Yes         | _db02-secret_        |
+| `spec.databases.<key>.dbPassword.secret`          | string | Yes         | _db02-secret_        |
+| `spec.databases.<key>.dbConnectionString.secret`  | string | Yes         | _db02-secret_        |
+| `spec.databases.<key>.dbUser.envName`             | string | No          | _DB2_USERNAME_       |
+| `spec.databases.<key>.dbPassword.envName`         | string | No          | _DB2_PASSWORD_       |
+| `spec.databases.<key>.dbConnectionString.envName` | string | No          | _DB2_CONN_STRING_    |
+| `spec.wallet.secret`                              | string | Conditional | _combined-wallet_    |
+| `spec.wallet.mountPath`                           | string | No          | _"/wallet/combined"_ |
+| `spec.wallet.additional[].name`                   | string | Conditional | _db02_               |
+| `spec.wallet.additional[].secret`                 | string | Conditional | _db02-wallet_        |
+| `spec.wallet.additional[].mountPath`              | string | Conditional | _"/wallet/db02"_     |
+
+These fields enable you to define connection details for a single database, or for multiple databases. For default values, environment variables and default behavior, see [defaults](#environment-variables-and-default-values).
+
+1. `spec.database` - Use to configure the database username, password and connection string. 
+The environment variables set by the controller can be customized through the `envName` field.
+Both `envName` and `key` fields are optional.
+
+
+2. `spec.databases` - Use to configure multiple database credentials. The keys are used as a prefix for environment
+variables. For example, a key of `MYDB` will produce the environment variables `MYDB_USERNAME` and `MYDB_PASSWORD`.
+
+
+3. `spec.wallet` - Use to configure the wallet with which you want to connect to the Oracle Database, if applicable. The field `mountPath`
+enables you to control where the wallet is to be mounted. Meanwhile, additional wallets can be mounted in the array `additional`, used for multi
+database configuration.
+
+To learn more about configuring the database connection, see [Connecting to the Database](#connecting-to-the-database).
+
+### Configuration Fields Related to Vault Usage
+The following fields are available for configuring the exporter to use the vault when connecting to databases.
+
+| Attribute                                 | Type   | Required?   | Example                                 |
+|-------------------------------------------|--------|:------------|-----------------------------------------|
+| `spec.database.oci.vaultID`               | string | Conditional | _ocid1.vault.oc1.<region>.<vault-ocid>_ |
+| `spec.database.oci.vaultPasswordSecret`   | string | Conditional | _sample_secret_                         |
+| `spec.database.azure.vaultID`             | string | Conditional | -                                       |
+| `spec.database.azure.vaultUsernameSecret` | string | Conditional | _sample_usn_secret                      |
+| `spec.database.azure.vaultPasswordSecret` | string | Conditional | _sample_pwd_secret_                     |
+| `spec.ociConfig.configMap.key`            | string | No          | _config_                                |
+| `spec.ociConfig.configMap.name`           | string | Conditional | _oci-config-file_                       |
+| `spec.ociConfig.privateKey.key`           | string | No          | _private.pem_                           |
+| `spec.ociConfig.privateKey.secret`        | string | Conditional | _oci-privatekey_                        |
+| `spec.ociConfig.mountPath`                | string | No          | _"/.oci"_                               |
+| `spec.azureConfig.configMap.name`         | string | Conditional | _azure-configmap_                       |
+
+
+These fields enable you to define vault details for OCI or Azure. For default values, environment variables and default behavior, see [defaults](#environment-variables-and-default-values).
+1. About `spec.database.oci` - for configuring the OCI Vault details for the default database.
+
+> Note: For multiple database configuration with Vault integration, use the exporter config file. See instructions on the [Exporter Config File](#defining-an-exporter-config-file).
+
+2. `spec.database.azure.` - Use to configure the Azure Vault details for the default database.
+
+
+3. `spec.ociConfig` - Use to configure the authentication of requests made to the Oracle Cloud performed by the exporter. The configMap should contain
+the actual _config_ file use by the OCI CLI (usually found in ~/.oci/config). See the Oracle Cloud Infrastructure documentation on [configuring the OCI CLI (external link)](https://docs.oracle.com/en-us/iaas/Content/API/SDKDocs/cliconfigure.htm#Configuring_the_CLI).
+> Note: The OCI profile used is [DEFAULT]. Under the profile DEFAULT, set `key_file=/.oci/<your-file-name>.pem`.
+
+4. About `spec.azureConfig` - for configuring the authentication of requests made to the Azure Cloud done by the exporter. 
+The configMap should contain the keys `tenantId`, `clientId` and `clientSecret`, which are used to create the related environment variables.
+
+To learn more about configuring an integration with a vault for database authentication, see [Authenticating with Vaults](#database-authentication-with-vaults-in-the-cloud).
+
+### Configuration Fields Related to the Deployment, Pod, Service and ServiceMonitor Resources
 When you create a `DatabaseObserver` resource, the controller creates and manages the following resources:
+1. Deployment
+2. Service 
+3. Prometheus ServiceMonitor
+The following fields below are available for configuring the controller-managed resources for a custom deployment, pod, service and servicemonitor.
+
+| Attribute                               | Type   | Required? | Example                                                               |
+|-----------------------------------------|--------|:----------|-----------------------------------------------------------------------|
+| `spec.deployment.securityContext`       | object | No  | -                                                                     |
+| `spec.deployment.podSecurityContext`    | object | No  | -                                                                     |
+| `spec.deployment.env`                   | map    | No  | _DB_ROLE: "SYSDBA"_                                                   |
+| `spec.deployment.image`                 | string | No  | _container-registry.oracle.com/database/observability-exporter:1.3.0_ |
+| `spec.deployment.args`                  | array  | No  | _[ "--log.level=info" ]_                                              |
+| `spec.deployment.commands`              | array  | No  | _[ "/oracledb_exporter" ]_                                            |
+| `spec.deployment.labels`                | map    | No  | _environment: dev_                                                    |
+| `spec.deployment.podTemplate.labels`    | map    | No  | _environment: dev_                                                    |
+| `spec.service.ports`                    | array  | No  | -                                                                     |
+| `spec.service.labels`                   | map    | No  | _environment: dev_                                                    |                                                                   
+| `spec.serviceMonitor.labels`            | map    | Yes       | _release: prometheus_                                                 |
+| `spec.serviceMonitor.endpoints`         | array  | No  | -                                                                     |
+| `spec.serviceMonitor.namespaceSelector` | -      | No  | -                                                                     |
+| `spec.replicas`                         | number | No  | _1_                                                                   |
+| `spec.inheritLabels`                    | array  | No  | _- environment: dev_<br/>- app.kubernetes.io/name: observer           |
+
+These fields enable you to define deployment, service and serviceMonitor details. For default values, environment variables and default behavior, see [defaults](#environment-variables-and-default-values).
+
+1. `spec.deployment` - Use to configure deployment details such as custom environment variables through `env` and arguments through `args`.
+The container image can also be replaced with a later or older version of the exporter using the `image` field. For security related configurations,
+the `securityContext` and `podSecurityContext` are available.
+
+2. `spec.service` - Use to configure a customized service resource.
+
+
+3. `spec.serviceMonitor` - Use to configure the serviceMonitor resource.
+
+> Note: It is an essential requirement that you set the Prometheus label inside `serviceMonitor.labels`. Ensure that the label set is included in the serviceMonitorSelector field of your Prometheus CR. 
+
+
+5. `spec.replicas` - Use to configure the number of replicas to deploy
+
+
+6. `spec.inheritLabels` - Use to configure all resources created and managed so that they inherit the labels from databaseobserver CR.
+
+
+To learn more about configuring managed resources, such as the Deployment, Service and other services, see [Customizing Resources and Available Configuration Options](#customizing-resources-and-available-configuration-options)
+
+### Configuration Fields Related to Metrics Export
+The following fields are available for configuring the metrics exported from the database.
+
+| Attribute                       | Type   | Required?   | Example                 |
+|---------------------------------|--------|:------------|-------------------------|
+| `spec.metrics.configMap[].key`  | string | No          | _config.toml_           ||                                              |        |             |                                                                       |
+| `spec.metrics.configMap[].name` | string | Conditional | _custom-metrics-config_ |
+
+These fields enable you to define configMap sources for metrics. For default values, environment variables and default behavior, see [defaults](#environment-variables-and-default-values).
+1. `metrics.configMap[]` - Use to configure an array of configs that will contain the TOML files. This field creates a volume with multiple source files mounted in the same directory.
+
+To learn more about configuring the metrics export, see [Defining an Exporter Config File](#defining-an-exporter-config-file).
+
+### Configuration Fields Related to Logs Export
+The following fields are available for configuring how the `alert.log` is exported from the database.
+
+| Attribute                                        | Type   | Required?   | Example      |
+|--------------------------------------------------|--------|:------------|--------------|
+| `spc.log.destination`                            | string | No          | _alert.log_  |
+| `spc.log.filename`                               | string | No          | _/log_       |
+| `spc.log.disable`                                | bool   | No          | true         |
+| `spc.log.volume.name`                            | string | No          | _log-volume_ |                                                                |
+| `spc.log.volume.persistentVolumeClaim.claimName` | string | Conditional | _my-pvc_     |
+| `spc.sidecar.containers[]`                       | array  | Conditional | -            |
+| `spc.sidecar.volumes[]`                          | array  | Conditional | -            |
+
+These fields enable you to define log details and sidecar resources. For default values, environment variables and default behavior, see [defaults](#environment-variables-and-default-values).
+1. `spec.sidecar.containers` - Use to configure an array of containers as a sidecar to the observability 
+exporter container, such as promtail. The field `sidecar.containers` enables you to list containers as you would normally for deployments.
+
+2. `spec.sidecar.volumes` - Use to configure extra volumes related to your sidecar containers.
+
+
+3. `spec.log.disable` - Use to disable the log volume creation
+
+
+4. `spec.log.filename` - Use to specify a custom filename for the log file
+
+
+5. `spec.log.destination` - Use to configure a custom destination for the log volume.
+
+
+6. `spec.log.volume` - Use to configure the log volume into which the exporter extracts the logs, and from which the logs are read. 
+If a persistentVolumeClaim is not provided, then an emptyDir is created instead. Meanwhile, the field `log.volume.name` can be used to define the name of the volume
+to reference.
 
-1. __Deployment__ - The deployment will have the same name as the `databaseObserver` resource
-    - Deploys a container named `observability-exporter`
-    - The default container image version of the `container-registry.oracle.com/database/observability-exporter` supported is __[v1.5.1](https://github.com/oracle/oracle-db-appdev-monitoring/releases/tag/1.5.1)__
+To learn more about configuring the log export, see [Scraping Logs](#scraping-logs).
 
-2. __Service__ - The service will have the same name as the databaseObserver
-    - The service is of type `ClusterIP`
+### Configuration Fields Related to the Exporter Config File
+The following fields are available for configuring the exporter through a config-file:
 
-3. __Prometheus ServiceMonitor__ - The serviceMonitor will have the same name as the `databaseObserver`
+| Attribute                           | Type   | Required?   | Example           |
+|-------------------------------------|--------|:------------|-------------------|
+| `spec.exporterConfig.configMapName` | string | Conditional | _exporter-config_ |
+| `spec.exporterConfig.mountPath`     | string | No          | _/config_         |
+
+These fields enable you to define the exporter config-file. For default values, environment variables and default behavior, see [defaults](#environment-variables-and-default-values).
+
+1. `spec.exporterConfig` - Use to configure the exporter with a config file containing database, log and metrics details. You can use
+the `mountPath` field to define a custom location for the config file.
+
+> Note: The CONFIG_FILE environment variable or the --config.file args must be set to the desired location of the config file.
+
+To learn more about configuring the config-file for the exporter, see [Defining an Exporter Config File](#defining-an-exporter-config-file).
 
 ## DatabaseObserver Operations
 ### Create Resource
-Follow the steps below to create a new `databaseObserver` resource object.
+Use the following steps to create a new `databaseObserver` resource object.
 
-1. To begin, creating a `databaseObserver` requires you to create and provide Kubernetes Secrets to provide connection details:
+1. When you create a `databaseObserver`, you are required to create and to provide Kubernetes Secrets containing your database connection details. Replace the values and
+create a single secret by running the following command:
 ```bash
 kubectl create secret generic db-secret \
     --from-literal=username='username' \
@@ -158,17 +307,18 @@ kubectl create secret generic db-secret \
     --from-literal=connection='dbsample_tp'
 ```
 
-2. (Conditional) Create a Kubernetes Secret for the wallet (if a wallet is required to connect to the database). 
+2. (Conditional) Create a Kubernetes Secret for the wallet (if a wallet is required to connect to the database).
 
-You can create this Secret by using a command similar to the example that follows. 
-If you are connecting to an Autunomous Database, and the operator is used to manage the Oracle Autonomous Database, then a client wallet can also be downloaded as a Secret through `kubectl` commands. See the ADB README section on [Download Wallets](../../docs/adb/README.md#download-wallets).
+If you are connecting to an Autonomous Database, and the operator is used to manage the Oracle Autonomous Database, 
+then a client wallet can also be downloaded as a Secret through `kubectl` commands. 
+See the ADB README section on [Download Wallets](../../docs/adb/README.md#download-wallets).
 
 You can also choose to create the wallet secret from a local directory containing the wallet files:
 ```bash
-kubectl create secret generic db-wallet --from-file=wallet_dir
+kubectl create secret generic db-wallet --from-file=<wallet_dir>
 ```
 
-3. Finally, update the `databaseObserver` manifest with the resources you have created. You can use the example _minimal_ manifest 
+3. Update the `databaseObserver` manifest with the resources that you have created. You can use the example _minimal_ manifest 
 inside [config/samples/observability/v4](../../config/samples/observability/v4/databaseobserver_minimal.yaml) to specify and create your databaseObserver object with a 
 YAML file.
 
@@ -192,15 +342,15 @@ spec:
       key: "connection"
       secret: db-secret
      
-    dbWallet:
-      secret: db-wallet
+  wallet:
+    secret: db-wallet
 
-  prometheus:
-    serviceMonitor:
-      labels:
-        release: prometheus
+  serviceMonitor:
+    labels:
+      release: prometheus
 ```
 
+To create the resource:
 ```bash
    kubectl apply -f databaseobserver.yaml
 ```
@@ -208,19 +358,19 @@ spec:
 ### List Resource
 To list the Observability custom resources, use the following command as an example:
 ```bash
-kubectl get databaseobserver -A
+kubectl get dbobserver -A
 ```
 
 ### Get Detailed Status
-To obtain a quick status, use the following command as an example: 
+To obtain a quick status, use the following command as an example:
 
 > Note: The databaseobserver custom resource is named `obs-sample` in the next following sections. 
 > We will use this name as an example.
 
 ```sh
 $ kubectl get databaseobserver obs-sample
-NAME         EXPORTERCONFIG   STATUS   VERSION
-obs-sample   DEFAULT          READY    1.5.1
+NAME         METRICSCONFIG   STATUS   VERSION
+obs-sample   DEFAULT          READY    2.0.2
 ```
 
 
@@ -231,13 +381,16 @@ kubectl describe databaseobserver obs-sample
 ```
 
 This command displays details of the current state of your `databaseObserver` resource object. A successful 
-deployment of the `databaseObserver` resource object should display `READY` as the status, and all conditions should display with a `True` value for every ConditionType.
+deployment of the `databaseObserver` resource object should display `READY` as the status, and all conditions should 
+display with a `True` value for every ConditionType.
 
 
 ### Patch Resource
-The Observability controller currently supports updates for most of the fields in the manifest. The following is an example of patching the `databaseObserver` resource:
+The Observability controller currently supports updates for most of the fields in the manifest. The following is an example 
+of patching the `databaseObserver` resource:
+
 ```bash
-kubectl --type=merge -p '{"spec":{"exporter":{"image":"container-registry.oracle.com/database/observability-exporter:1.5.0"}}}' patch databaseobserver obs-sample
+kubectl --type=merge -p '{"spec":{"exporter":{"image":"container-registry.oracle.com/database/observability-exporter:2.0.1"}}}' patch databaseobserver obs-sample
 ```
 
 ### Delete Resource
@@ -248,16 +401,368 @@ To delete the `databaseObserver` custom resource and all related resources, use
 kubectl delete databaseobserver obs-sample
 ```
 
+## Connecting to the Database
+
+
+### Default Database Configuration
+To configure the observability exporter to export from a single Oracle Database, use the field `spec.database`
+to define the details of the database. If the wallet is applicable, `spec.wallet` allows you to define a secret containing the wallet
+and where the wallet is to be mounted as a volume. 
+
+```yaml
+spec:
+  database:
+    dbUser:
+      key: "username"
+      secret: db-secret
+ 
+    dbPassword:
+      key: "password"
+      secret: db-secret
+    
+    dbConnectionString:
+      key: "connection"
+      secret: db-secret
+    
+  wallet:
+    secret: db-wallet
+    mountPath: /oracle/wallet
+  #...
+```
+Alternatively, the default database can be defined and configured through the exporter config-file. In this case, the config-file must be defined, and the
+credentials are set only through the exporter YAML file as kubernetes secrets. As an example, using the same secret with the same keys, you can define the relevant secrets
+in the following YAML file:
+
+```yaml
+
+spec:
+  database:
+    dbUser:
+      secret: db-secret
+    dbPassword:
+      secret: db-secret
+      
+  wallet:
+    secret: db-wallet
+    mountPath: /oracle/wallet
+    
+  deployment:
+    env:
+      CONFIG_FILE: "/oracle/exporter/config.yaml"
+  
+  exporterConfig:
+    configMap:
+      name: config-file
+```
+
+In the config-file, we reference the environment variables DB_USERNAME and DB_PASSWORD which are set by default by the observability controller
+when `spec.database.dbUser` and `spec.database.dbPassword` are defined. The TNS_ADMIN is also set through the config-file, and the
+connection string provided through the config file. 
+
+```yaml
+# config.yaml
+
+# Environment variables of the form ${VAR_NAME} will be expanded.
+databases:
+  default:
+    username: ${DB_USERNAME}
+    password: ${DB_PASSWORD}
+    url: oracledb_tp
+    
+    ## Path to Oracle Database wallet, if using wallet
+    tnsAdmin: /oracle/wallet
+```
+To create the configmap:
+```bash
+kubectl create cm config-file --from-file=config.yaml
+```
+
+### Multiple Database Configuration
+To configure the observability exporter to export metrics and logs from multiple Oracle Databases, __instead__ of `spec.database`, you must use an exporter config file, 
+configure the _databaseobserver_ YAML file with a combined wallet (if applicable), and then use the
+`spec.databases` field . The field `spec.databases` is a map with keys used for naming environment variables
+and identifying groups of credentials.
+
+For example, to define two databases, in the _databaseobserver_ YAML file, you can have the following configuration:
+
+```yaml
+spec:
+  databases:
+    db01:
+      dbUser:
+        secret: adb01-secret
+      dbPassword:
+        secret: adb01-secret
+    db02:
+      dbUser:
+        secret: adb02-secret
+        envName: "DB2_USN"
+      dbPassword:
+        secret: adb02-secret
+        envName: "DB2_PWD"
+
+  wallet:
+    secret: combined
+    mountPath: "/example_dbwallet/combined"
+    additional:
+      - name: db01
+        secret: db01-wallet
+        mountPath: "/example_dbwallet/db01"
+      - name: db02
+        secret: db02-wallet
+        mountPath: "/example_dbwallet/db02"
+
+  deployment:
+    env:
+      TNS_ADMIN: /example_dbwallet/combined
+      CONFIG_FILE: "/config/config.yaml"
+
+  exporterConfig:
+    configMap:
+      name: config-file
+```
+Each database is configured under `spec.databases`, and multiple wallets are defined in the shared directory `/dbwallet` 
+as an example. To configure a combined wallet for multiple databases, see [configuring a combined wallet](#configuring-wallets-for-multiple-databases).
+
+In the configuration file _config-file_, db1 and db2 are configured with the credentials provided as environment variables through the
+__databaseobserver__ YAML file as secrets.
+
+```yaml
+# config.yaml
+# Environment variables of the form ${VAR_NAME} will be expanded.
+databases:
+  db1:
+    username: ${db01_USERNAME}
+    password: ${db01_PASSWORD}
+    url: db1_tp
+  
+  db2:
+    username: ${DB2_USN}
+    password: ${DB2_PWD}
+    url: db2_tp
+```
+
+To create the configMap, run the following command:
+
+```bash
+kubectl create cm config-file --from-file=config.yaml
+```
+
+To learn more about the config file, you can consult the [official documentations of the exporter](https://github.com/oracle/oracle-db-appdev-monitoring?tab=readme-ov-file#standalone-binary).
+
+#### Configuring Wallets for Multiple Databases
+In configuring multiple databases where each connection requires a database wallet, a combined wallet is required and can be configured through the databaseobserver YAML file. To
+create a combined wallet:
+
+1. Copy TNS aliases from every tnsnames.ora and combined them into one tnsnames.ora file.
+
+
+2. Set the wallet directory for the aliases inside security, with the following snippet pointing to each database wallet location: `(MY_WALLET_DIRECTORY=/example_dbwallet/db01)`, for example:
+
+```
+...)(security=(MY_WALLET_DIRECTORY=)(ssl_server_dn_match=...)))
+```
+
+
+3. Place the combined `tnsnames.ora` file and one of the `sqlnet.ora` files inside a combined directory.
+
+
+4. Take wallet files (`.sso`, `.p12`, `.pem`) and place them in separate directories.
+
+
+The resulting wallet directory structure should look similar to the following, where wallet files for each database are in separate directories:
+```bash
+#
+example_dbwallet
+├── combined
+│   ├── sqlnet.ora
+│   └── tnsnames.ora # Combined tnsnames.ora
+├── db01
+│   ├── cwallet.sso
+│   ├── ewallet.p12
+│   └── ewallet.pem
+└── db02
+    ├── cwallet.sso
+    ├── ewallet.p12
+    └── ewallet.pem
+```
+Return to the YAML file for the next example.
+
+5. Set the combined _tnsnames.ora_ under `spec.wallet.secret` and set the 
+specific database wallet files (.sso, .p12, .pem) under `.spec.wallet.additional`.
+
+6. Finally, set the TNS_ADMIN to the location of the `tnsnames.ora`.
+
+> Note: When setting the name under `spec.wallets.additional[].name`, you must provide a unique name other than `creds`,  because this is the default volume name.
+
+To learn more about this requirement, you can consult the [official documentation of the exporter](https://github.com/oracle/oracle-db-appdev-monitoring?tab=readme-ov-file#configuring-connections-for-multiple-databases-using-oracle-database-wallets).
+
+
+## Database Authentication with Vaults in the Cloud
+You can use Cloud Vault resources to store sensitive database credentials. In this release, the following vaults are supported:
+- OCI Vault
+- Azure Vault
+
+### OCI Vault Configuration
+The OCI Vault can be used to store the database credentials. This release supports storing the Oracle Database password in the OCI Vault.
+
+When you configure the Vault, you must provide the following:
+- Vault details:
+  - The string OCID of the Vault used
+  - The string name of the OCI Vault Secret containing the password
+- Authentication details (if applicable):
+  - Kubernetes Secret containing the [OCI CLI Config file](https://docs.oracle.com/en-us/iaas/Content/API/SDKDocs/cliconfigure.htm)
+  - Kubernetes Secret containing the user's OCI CLI Private Key
+
+The observability exporter needs to authenticate requests to retrieve the database password from the OCI Vault. When configuring API Key authentication, 
+the OCI CLI config file and the __DEFAULT profile is used__. 
+> Note: The exporter uses the DEFAULT profile.
+
+For example, the OCI CLI config file can appear as follows:
+```bash
+[DEFAULT]
+user=<ocid1.user.oc1..>
+fingerprint=<your-fingerprint>
+key_file=/.oci/private.pem
+tenancy=<ocid1.tenancy.oc1..>
+region=<us-ashburn-1>
+```
+
+> Note: Ensure that the key_file is in `/.oci` and that the private key file matches.
+
+You can create the configmap with the following command:
+```bash
+kubectl create cm oci-cred --from-file=config
+```
+
+You can create the secret with the following command:
+```bash
+kubectl create secret generic oci-privatekey --from-file=private.pem
+```
+
+Finally, to configure the exporter to use an OCI Vault for retrieving the password, you can configure the following fields in the YAML file:
+```yaml
+spec:
+    database:
+      oci:
+        vaultID: ocid1.vault.oc1.<region>.<vault-ocid>
+        vaultPasswordSecret: sample_secret
+
+    # ...
+    
+    ociConfig:
+      configMap:
+        name: oci-cred
+      privateKey:
+        name: oci-privatekey
+```
+
+### Azure Vault Configuration
+The Azure Vault can be used to store the database credentials. This release supports storing the database username and password in the Azure Vault.
+
+To configure the exporter to use Azure Vault for retrieving database credentials, you can configure the following fields:
+```yaml
+spec:
+    database:
+      azure:
+        vaultID: "..."
+        vaultUsernameSecret: sample_usn_secret
+        vaultPasswordSecret: sample_pwd_secret
+
+    # ...
+    
+    azureConfig:
+      configMap:
+        name: azure-cred
+```
+
+The `spec.azureConfig` field allows you to provide the environment variables through a configMap:
+- AZURE_TENANT_ID
+- AZURE_CLIENT_ID
+- AZURE_CLIENT_SECRET
+
+You can then create the following configmap referenced in the YAML file above with your desired values:
+```bash
+kubectl create configmap azure-cred \
+--from-literal=tenantId=<AZURE_TENANT_ID> \
+--from-literal=clientId=<AZURE_CLIENT_ID> \
+--from-literal=clientSecret=<AZURE_CLIENT_SECRET>
+```
+
+## Defining an Exporter Config File
+A YAML configuration file for the exporter can be provided by setting the `--config.file=`
+command-line argument. It is recommended to use the configuration file from the 2.0.0 release of the exporter
+and onwards.
+
+To configure the exporter config file, set the path to the YAML file 
+under `spec.deployment.args` from which to read the config from. The configMap
+containing the exporter settings and configurations is set through `spec.exporterConfig`.
+Specifying `spec.exporterConfig.mountPath` allows you to control the location where
+the volume will be mounted.
+```yaml
+spec:
+  # ...
+  
+  deployment:
+    args: "--config.file=/config/exporter-config.yaml"
+
+  exporterConfig:
+    mountPath: "/config"
+    configMap:
+      key: exporter-config.yaml
+      name: exporter-config-file
+```
+
+Create the _exporter-config-file_ configMap. For example, using the following example configuration.
+```yaml
+# exporter-config.yaml
+
+# Example Oracle Database Metrics Exporter Configuration file.
+# Environment variables of the form ${VAR_NAME} will be expanded.
+databases:
+  default:
+    ## Database username
+    username: ${DB_USERNAME}
+    ## Database password
+    password: ${DB_PASSWORD}
+    ## Database connection url
+    url: localhost:1521/freepdb1
+
+    ## Metrics query timeout for this database, in seconds
+    queryTimeout: 5
+    
+    ### Connection pooling settings for the go-sql connection pool
+    ## Max open connections for this database using go-sql connection pool
+    maxOpenConns: 10
+    ## Max idle connections for this database using go-sql connection pool
+    maxIdleConns: 10
+```
+For more information on the configuration fields, see the following [examples](https://github.com/oracle/oracle-db-appdev-monitoring/blob/main/example-config.yaml). You can then create the configMap that is referenced in the _databaseobserver_ YAML file with the following command:
+```bash
+kubectl create cm exporter-config-file --from-file=exporter-config.yaml
+```
+
+Note that in the above configuration file, the environment variables `DB_USERNAME` and `DB_PASSWORD` will be expanded
+by the exporter. These environment variables
+are one of the default environment variables set by the DatabaseObserver controller. In the DatabaseObserver YAML file, you
+can set the following details:
+
+```yaml
+spec:
+  database:
+    dbUser:
+      secret: db-secret
+    dbPassword:
+      secret: db-secret
+    
+  # ...
+```
+
 ## Scraping Metrics
-The `databaseObserve`r resource deploys the Observability exporter container. This container connects to an Oracle Database and
+The `databaseObserver` resource deploys the Observability exporter container. This container connects to an Oracle Database and
 scrapes metrics using SQL queries. By default, the exporter provides standard metrics, which are listed in the [official GitHub page of the Observability Exporter](https://github.com/oracle/oracle-db-appdev-monitoring?tab=readme-ov-file#standard-metrics).
 
 To define custom metrics in Oracle Database for scraping, a TOML file that lists your custom queries and properties is required.
-The file will have metric sections with the following parts:
-- a context
-- a request, which contains the SQL query
-- a map between the field(s) in the request and comment(s)
-
 For example, the code snippet that follows shows how you can define custom metrics:
 ```toml
 [[metric]]
@@ -277,35 +782,46 @@ oracledb_test_value_2 2
 
 You can find more information in the [__Custom Metrics__](https://github.com/oracle/oracle-db-appdev-monitoring?tab=readme-ov-file#custom-metrics) section of the Official GitHub page.
 
-
-
 ### Custom Metrics Config
-When configuring a `databaseObserver` resource, you can use the field `spec.configuration.configMap` to provide a 
-custom metrics file as a `configMap`.
+When configuring a `databaseObserver` resource, you can use the field `spec.metrics.configMap[]` to provide one or more
+custom metrics files as a `configMap`.
 
 You can create the `configMap` by running the following command:
 ```bash
-kubectl create cm custom-metrics-cm --from-file=metrics.toml
+kubectl create cm custom-metrics --from-file=metrics.toml
 ```
 
 Finally, when creating or updating a `databaseObserver` resource, if we assume using the example above, you can set the fields in your YAML file as follows:
 ```yaml
 spec:
-  configuration:
+  metrics:
+    configMap:
+      - name: custom-metrics
+        key: "metrics.toml"
+```
+
+When configuring multiple configurations with different configmaps, you can do so by listing them under `spec.metrics.configMap`:
+```yaml
+spec:
+  metrics:
     configMap:
-      key: "metrics.toml"
-      name: "custom-metrics-cm"
+      - name: custom-metrics
+        key: "metrics.toml"
+      - name: txeventq-metrics
+        key: "txeventq.toml"
 ```
 
+> Note: This mounts a volume named `metrics-volume` and in one mounted directory located inside the container `/oracle/observability` will include all
+the provided TOML files.
+
 ### Prometheus Release
-To enable your Prometheus configuration to find and include the `ServiceMonitor` created by the `databaseObserver` resource, the field `spec.prometheus.serviceMonitor.labels` is an __important__ and __required__ field. The label on the ServiceMonitor
+To enable your Prometheus configuration to find and include the `ServiceMonitor` created by the `databaseObserver` resource, the field `spec.serviceMonitor.labels` is an __important__ and __required__ field. The label on the ServiceMonitor
 must match the `spec.serviceMonitorSelector` field in your Prometheus configuration.
 
 ```yaml
-  prometheus:
-    serviceMonitor:
-      labels:
-        release: stable
+  serviceMonitor:
+    labels:
+      release: prometheus
 ```
 
 ## Scraping Logs
@@ -319,8 +835,9 @@ In the following example, `Promtail` is used as a sidecar container that ships t
 To configure the `databaseObserver` resource with a sidecar, two fields can be used:
 ```yaml
 spec:
-  sidecars: []
-  sidecarVolumes: []
+  sidecar: 
+    containers: []
+    volumes: []
 ```
 
 You can find an example in the `samples` directory, which deploys a Promtail sidecar container as an example:
@@ -328,13 +845,13 @@ You can find an example in the `samples` directory, which deploys a Promtail sid
 
 ### Custom Log Location with PersistentVolumes
 
-The fields `spec.log.filename` and `spec.log.path` enable you to configure a custom location and filename for the log.
+The fields `spec.log.filename` and `spec.log.destination` enable you to configure a custom location and filename for the log.
 Using a custom location enables you to control where to place the logfile, such as a `persistentVolume`.
 
 ```yaml
   log:
     filename: "alert.log"
-    path: "/log"
+    destination: "/log"
 ```
 
 To configure the `databaseObserver` resource to put the log file in a `persistentVolume`, you can set the following fields 
@@ -349,32 +866,11 @@ If `spec.log.volume.persistentVolumeClaim.claimName` is not specified, then an `
 ```yaml
   log:
     volume:
-      name: my-log-volume
+      name: log-volume
       persistentVolumeClaim:
         claimName: "my-pvc"
 ```
 
-The security context defines privilege and access control settings for a pod container, If these privileges and access control settingrs need to be updated in the pod, then the same field is available on the `databaseObserver` spec. You can set this object under deployment: `spec.exporter.deployment.securityContext`.
-
-```yaml
-spec:
-  exporter:
-    deployment:
-      runAsUser: 1000
-```
-
-Configuring security context under the PodTemplate is also possible. You can set this object under: `spec.exporter.deployment.podTemplate.securityContext`
-
-```yaml
-spec:
-  exporter:
-    deployment:
-      podTemplate:
-          securityContext:
-            supplementalGroups: [1000]
-```
-
-
 ### Working with Sidecars to deploy Promtail
 The fields `spec.sidecars` and `spec.sidecarVolumes` provide the ability to deploy container images as a sidecar container
 alongside the `observability-exporter` container.
@@ -384,7 +880,8 @@ You can specify container images to deploy inside `spec.sidecars` as you would n
 
 For example, to deploy a Grafana Promtail image, you can specify the container and its details as an element to the array, `spec.sidecars`.
 ```yaml
-  sidecars:
+  sidecar:
+    containers:
     - name: promtail
       image: grafana/promtail
       args:
@@ -392,19 +889,19 @@ For example, to deploy a Grafana Promtail image, you can specify the container a
       volumeMounts:
         - name: promtail-config-volume
           mountPath: /etc/promtail
-        - name: my-log-volume
+        - name: log-volume
           mountPath: /log  
 ```
 
-> Important Note: Make sure the volumeMount name matches the actual name of the volumes referenced. In this case, `my-log-volume` is referenced in `spec.log.volume.name`.
+> Important Note: The log volume is set by the controller with the name `log-volume` by default, unless set in `spec.log.volume.name`.
 
-In the field `spec.sidecarVolumes`, you can specify and list the volumes you need in your sidecar containers. The field
-`spec.sidecarVolumes` is an array of Volumes (`[]corev1.Volume`).
+In the field `spec.sidecar.volumes`, you can specify and list the volumes you need in your sidecar containers. The field
+`spec.sidecar.volumes` is an array of Volumes (`[]corev1.Volume`).
 
 For example, when deploying the Promtail container, you can specify in the field any volume that needs to be mounted in the sidecar container above.
 
 ```yaml
-  sidecarVolumes:
+  volumes:
     - name: promtail-config-volume
       configMap:
         name: promtail-config-file
@@ -441,10 +938,73 @@ To create the `configmap`, you can run the following command:
 kubectl create cm promtail-config-file --from-file=config.yaml
 ```
 
+## Customizing Resources and Available Configuration Options
+
+### Environment Variables and Default Values
+The following environment variables are set and provided by the controller by default:
+
+| Environment Variable       | Related Field                           | Default                                   | Details                                                                                                         |
+|----------------------------|-----------------------------------------|-------------------------------------------|-----------------------------------------------------------------------------------------------------------------|
+| `ORACLE_HOME`              | -                                       | /lib/oracle/21/client64/lib               | Location of the Oracle Instant Client                                                                           |
+| `TNS_ADMIN`                | -                                       | /lib/oracle/21/client64/lib/network/admin | Location of your (unzipped) wallet                                                                              |
+| `DB_USERNAME`              | database.dbUser                         | -                                         | Database username, retrieved from a Kubernetes secret, not set or used for multi-databases                      |
+| `DB_PASSWORD`              | database.dbPassword                     | -                                         | Database password, retrieved from a Kubernetes secret,  not set or used for multi-databases                     |
+| `DB_CONNECT_STRING`        | database.dbConnectionString             | -                                         | Database connection string, retrieved from a Kubernetes secret,  not set or used for multi-databases            |
+| `<key>_USERNAME`           | databases.&lt;key&gt;.dbUser            | -                                         | Database username, Environment Variable can be completely renamed through `dbUser.envName`                      |
+| `<key>_PASSWORD`           | databases.&lt;key&gt;.dbPassword        | -                                         | Database password, Environment Variable can be completely renamed through `dbPassword.envName`                  |
+| `<key>_CONNECT_STRING`     | database.&lt;key&gt;.dbConnectionString | -                                         | Database connection string, Environment Variable can be completely renamed through `dbConnectionString.envName` |
+| `OCI_VAULT_ID`             | database.oci.vaultID                    | -                                         | Vault OCID containing the OCI Vault Secret referenced                                                           |
+| `OCI_VAULT_SECRET_NAME`    | database.oci.vaultPasswordSecret        | -                                         | Vault Secret name containing the DB Password secret                                                             |
+| `AZ_VAULT_ID`              | database.azure.vaultID                  | -                                         | Vault ID containing the Azure Vault Secret referenced                                                           |
+| `AZ_VAULT_PASSWORD_SECRET` | database.azure.vaultPasswordSecret      | -                                         | Vault Secret name containing the DB Password secret                                                             |
+| `AZ_VAULT_USERNAME_SECRET` | database.azure.vaultUsernameSecret      | -                                         | Vault Secret name containing the DB Username secret                                                             |
+| `AZURE_TENANT_ID`          | azureConfig.configMap.name              | -                                         | Your Azure cloud Tenant ID                                                                                      |
+| `AZURE_CLIENT_ID`          | azureConfig.configMap.name              | -                                         | Your Azure cloud client ID                                                                                      |
+| `AZURE_CLIENT_SECRET`      | azureConfig.configMap.name              | -                                         | Your Azure cloud client secret                                                                                  |
+| `LOG_DESTINATION`          | log.destination                         | /log/alert.log                            | Location of where alert.log will be placed                                                                      |
+| `CUSTOM_METRICS`           | metrics.ConfigMap[]                     | -                                         | List of paths where the TOML files are located                                                                  |
+
+The following default values or behavior is set:
+
+| Usage                                       | Related Field(s)                             | Default                                                             | Details |
+|---------------------------------------------|----------------------------------------------|---------------------------------------------------------------------|---------|
+| Database Username Key                       | `database.dbUser.key`                        | username                                                            |         |
+| Database Password Key                       | `database.dbPassword.key`                    | password                                                            |         |
+| Database Connection String Key              | `database.dbConnectionString.key`            | connection                                                          |         |
+| Wallet MountPath                            | `wallet.MountPath`                           | /lib/oracle/21/client64/lib/network/admin                           |         |
+| Env Var for Database Username               | `databases.<key>.dbUser.envName`             | &lt;key&gt;_USERNAME                                                |         |
+| Env Var for Database Password               | `databases.<key>.dbPassword.envName`         | &lt;key&gt;_PASSWORD                                                |         |
+| Env Var for Database Connection String      | `databases.<key>.dbConnectionString.envName` | &lt;key&gt;_CONNECT_STRING                                          |         |
+| Exporter Image                              | `deployment.image`                           | container-registry.oracle.com/database/observability-exporter:2.0.2 |         |
+| Volume name of OCI Config file mounted      | `ociConfig.configMap.name`                   | oci-config-volume                                                   |         |
+| Volume name of Metrics Config files mounted | `metrics.configMap.name`                     | metrics-volume                                                      |         |
+| Volume name of Log volume mounted           | `log.volume.name`                            | log-volume                                                          |         |
+| Volume name of Exporter Config mounted      | `exporterConfig.configMap.name`              | config-volume                                                       |         |
+| Volume name of Wallet                       | `wallet`                                     |                                                                     |         |
+| Log config filename                         | `log.filename`                               | alert.log                                                           |         |
+| Log config file location for mounting       | `log.destination`                            | /log                                                                |         |
+| Metrics config files location for mounting  | `metrics`                                    | /oracle/observability                                               |         |
+| Exporter config file location for mounting  | `exporterConfig.mountPath`                   | /config                                                             |         |
+| OCI Config file location for mounting       | `ociConfig.mountPath`                        | /.oci                                                               |         |
+
+Overwriting environment variables can be managed by configuring the fields `spec.deployment.envs` or `spec.deployment.args` or through the [exporter config file](#defining-an-exporter-config-file):
+```yaml
+spec:
+  deployment:
+    args:
+      - "--config.file=/location"
+    env:
+      TNS_ADMIN: /path/to/new/location
+```
+These variables and configuration values can be set explicitly, variables such as:
+- DB_ROLE
+- DATABASE_MAXIDLECONNS
+- DATABASE_MAXOPENCONNS
+- DATABASE_POOLINCREMENT
+- DATABASE_POOLMAXCONNECTIONS
+- DATABASE_POOLMINCONNECTIONS
 
-## Other Configuration Options
-
-### Labels
+### Managing Labels
 
 __About the Default Label__ - The resources created by the Observability Controller will automatically be labelled with:
 - `app`: `<database-observer-resource-name>`
@@ -475,78 +1035,92 @@ spec:
 Meanwhile, you can provide extra labels to the resources created by the `databaseObserver` controller, such as the Deployment, Pods, Service and ServiceMonitor.
 ```yaml
 spec:
-  exporter:
-    deployment:
-      labels:
-      podTemplate:
-        labels:
-    service:
-      labels:
-  prometheus:
-    serviceMonitor:
+  deployment:
+    labels:
+    podTemplate:
       labels:
+  service:
+    labels:
+  serviceMonitor:
+    labels:
 ```
 
 ### Custom Exporter Image or Version
-The field `spec.exporter.deployment.image` is provided to enable you to make use of a newer or older version of the [observability-exporter](https://github.com/oracle/oracle-db-appdev-monitoring)
+The field `spec.deployment.image` is provided to enable you to make use of a newer or older version of the [observability-exporter](https://github.com/oracle/oracle-db-appdev-monitoring)
 container image.
 
 ```yaml
 spec:
-  exporter:
-    deployment:
-      image: "container-registry.oracle.com/database/observability-exporter:1.5.3"
+  deployment:
+    image: "container-registry.oracle.com/database/observability-exporter:2.0.1"
 ```
 
 ### Custom Environment Variables, Arguments and Commands
-The fields `spec.exporter.deployment.env`, `spec.exporter.deployment.args` and `spec.exporter.deployment.commands` are provided for adding custom environment variables, arguments (`args`) and commands to the containers. 
+The fields `spec.deployment.env`, `spec.deployment.args` and `spec.deployment.commands` are provided for adding custom environment variables, arguments (`args`) and commands to the containers. 
 Any custom environment variable will overwrite environment variables set by the controller.
 
 ```yaml
 spec:
-  exporter:
-    deployment:
-      env:
-        DB_ROLE: ""
-        TNS_ADMIN: ""
-      args:
-        - "--log.level=info"
-      commands:
-        - "/oracledb_exporter"
+  deployment:
+    env:
+      DB_ROLE: "SYSDBA"
+      TNS_ADMIN: "/path/to/wallet"
+    args:
+      - "--log.level=info"
+    commands:
+      - "/oracledb_exporter"
 ```
 
 
+### Security Contexts
+The security context defines privilege and access control settings for a pod container. If these privileges and access control setting need to be updated in the pod, then the same field is available on the `databaseObserver` spec. You can set this object under deployment: `spec.deployment.securityContext`.
+
+```yaml
+spec:
+  deployment:
+    securityContext:
+        runAsUser: 1000
+```
+
+Configuring security context under the PodTemplate is also possible. You can set this object under: `spec.deployment.podTemplate.securityContext`
+
+```yaml
+spec:
+  deployment:
+    podSecurityContext:
+      supplementalGroups: [1000]
+          
+```
+
 ### Custom Service Ports
-The field `spec.exporter.service.ports` is provided to enable setting the ports of the service. If not set, then the following definition is set by default.
+The field `spec.service.ports` is provided to enable setting the ports of the service. If not set, then the following definition is set by default.
 
 ```yaml
 spec:
-  exporter:
-    service:
-      ports:
-        - name: metrics
-          port: 9161
-          targetPort: 9161
+  service:
+    ports:
+      - name: metrics
+        port: 9161
+        targetPort: 9161
       
 ```
 
 ### Custom ServiceMonitor Endpoints
-The field `spec.prometheus.serviceMonitor.endpoints` is provided for providing custom endpoints for the ServiceMonitor resource created by the `databaseObserver`:
+The field `spec.serviceMonitor.endpoints` is provided for providing custom endpoints for the ServiceMonitor resource created by the `databaseObserver`:
 
 ```yaml
 spec:
-  prometheus:
-    serviceMonitor:
-      endpoints:
-        - bearerTokenSecret:
-            key: ''
-          interval: 20s
-          port: metrics
-          relabelings:
-            - action: replace
-              sourceLabels:
-                - __meta_kubernetes_endpoints_label_app
-              targetLabel: instance
+  serviceMonitor:
+    endpoints:
+      - bearerTokenSecret:
+          key: ''
+        interval: 20s
+        port: metrics
+        relabelings:
+          - action: replace
+            sourceLabels:
+              - __meta_kubernetes_endpoints_label_app
+            targetLabel: instance
 ```
 
 ## Mandatory roles and privileges requirements for Observability Controller
@@ -572,6 +1146,8 @@ and gets and lists configmaps and secrets.
 | configmaps.apps                                       | get list                                  |
 | databaseobservers.observability.oracle.com/finalizers | update                                    |
 
+
+
 ## Debugging and troubleshooting
 
 ### Show the details of the resource
@@ -582,7 +1158,7 @@ kubectl describe databaseobserver/database-observer-sample
 ```
 
 If any error occurs during the reconciliation loop, then the Operator either reports
-the error using the resource's event stream, or it will show the error under conditions.
+the error using the resource's event stream, or the resource's Conditions.
 
 ### Check the logs of the pod where the operator deploys
 Follow these steps to check the logs.
@@ -599,12 +1175,24 @@ Follow these steps to check the logs.
     kubectl logs deployment.apps/oracle-database-operator-controller-manager -n oracle-database-operator-system
     ```
 
-## Known Potential Issues
+## Known Issues
+
+### Using the OCI Vault (or Azure Vault) causes an error
 
-| Issue                                                                                                                           | Example error                                                         | Potential Workaround                                                                                                                                      |
-|---------------------------------------------------------------------------------------------------------------------------------|-----------------------------------------------------------------------|-----------------------------------------------------------------------------------------------------------------------------------------------------------|
-| Pod may encounter error Permission denied when creating log file. Pod cannot access file system due to insufficient permissions | ```level=error msg="Failed to create the log file: /log/alert.log"``` | Configure securityContext in the spec, add your group ID to the `supplementalgroups` inside `spec.exporter.deployment.podTemplate.securityContext` field. |    
+> The development team has identified an issue with v2.0.2 of the exporter when using the OCI vault to store only the username or only the password, leading to an error.
+> Using the Azure Vault to store only the username or the password will likely produce the same error.
 
+__WORKAROUND:__<br/>
+Because the OCI Vault feature is not functioning for v2 to v2.0.2 of the exporter, Oracle recomends that you use Kubernetes secrets. 
+For Azure users, only retrieval of both username and password from the Vault is supported. 
+Retrieving only one (username or password) of the credentials will lead to an error.
+
+__WORKAROUND AFTER V2.0.2__:
+When a new version of the exporter is released with the fix, set the field `deployment.image` to the new version of the exporter.
 
 ## Resources
+For further information about the Oracle Databases logs and metrics Exporter container image, 
+consult the official repository documentations:
 - [GitHub - Unified Observability for Oracle Database Project](https://github.com/oracle/oracle-db-appdev-monitoring)
+
+
diff --git a/docs/oraclerestart/README.md b/docs/oraclerestart/README.md
new file mode 100644
index 00000000..a7fbe0a1
--- /dev/null
+++ b/docs/oraclerestart/README.md
@@ -0,0 +1,75 @@
+# Using Oracle Restart with Oracle Database Operator for Kubernetes
+
+Oracle Restart is an option to the award-winning Oracle Database Enterprise Edition. Oracle Restart is a feature introduced in Oracle 11gR2 that automatically restarts Oracle components, such as the database instance, listener, and Oracle ASM, after a failure or system reboot. It ensures that these components are started in the correct order and that they are managed by Oracle's High Availability Services (HAS). This enhances the availability of Oracle databases in a standalone server environment. Refer [this documentation](https://docs.oracle.com/cd/E18283_01/server.112/e17120/restart001.htm)
+
+For more information on Oracle Restart Database 19c refer to the [Oracle Database Documentation](http://docs.oracle.com/en/database/).
+
+Kubernetes provides essential infrastructure building blocks, including compute, storage, and networking resources, and exposes them as code for infrastructure automation. This approach enables rapid provisioning of multi-node topologies. Additionally, Kubernetes offers the **StatefulSet** workload API object—ideal for managing stateful applications such as Oracle Restart, Single Instance Oracle Databases, and other Oracle features or configurations that require persistent storage and stable network identities.
+
+The Oracle Restart Controller in the Oracle Database Operator deploys Oracle Databases as a StatefulSet within Kubernetes clusters, using the Oracle Restart Slim Image. The Oracle Restart Controller manages the typical lifecycle operations of an Oracle Database in a Kubernetes environment, including deployment, monitoring, scaling, upgrades, and deletion, as illustrated below:
+
+* Create Oracle Database
+  * Install and Configure Oracle Grid Infrastructure
+  * Install and Configure Oracle Database
+* Create Persistent Storage, along with Statefulset
+* Create Services
+* Oracle Restart Instances Cleanup
+
+## Using Oracle Restart Controller
+
+To create an Oracle Database, complete the steps in the following sections:
+
+1. [Prerequisites for running Oracle Restart Controller](#prerequisites-for-running-oracle-restart-controller)  
+2. [Provisioning Oracle Restart database in a Oracle Kubernetes Engine Environment](#provisioning-oracle-restart-database-in-an-oracle-kubernetes-engine-environment)
+3. [Connecting to Oracle Restart Database](#connecting-to-oracle-restart-database)
+4. [Known Issues](#known-issues)
+5. [Cleanup](#cleanup)
+6. [Debugging and Troubleshooting](#debugging-and-troubleshooting)
+
+**Note** Before proceeding to the next section, you must complete the instructions given in each section based on your enviornment.
+
+### Prerequisites for running Oracle Restart Controller
+
+**IMPORTANT :** You must make the changes specified in this section before you proceed to the next section.
+
+To become familiar with Oracle Restart in containerized environments, review the [this documentation](https://github.com/oracle/docker-images/blob/main/OracleDatabase/RAC/OracleRealApplicationClusters/docs/orestart/README.md) before proceeding further
+
+[Prerequisites for running Oracle Restart Controller](./provisioning/prerequisites_oracle_restart_db.md)
+
+## Provisioning Oracle Restart database in an Oracle Kubernetes Engine Environment
+
+Deploy Oracle Restart Database YAML files using Kubernetes Cluster on your Oracle Kubernetes Engine Environment (OKE). There are multiple use case possible for deploying the Oracle Restart Database.
+
+[1. Provisioning an Oracle Restart Database](./provisioning/provisioning_oracle_restart_db.md)  
+[2. Provisioning an Oracle Restart Database with NodePort Service](./provisioning/provisioning_oracle_restart_db_nodeport.md)  
+[3. Provisioning an Oracle Restart Database with Load Balancer](./provisioning/provisioning_oracle_restart_db_loadbalancer.md)  
+[4. Change Memory and CPU allocation for an earlier provisioned Oracle Restart Database](./provisioning/change_memory_cpu_for_oracle_restart_db.md)  
+[5. Change the size of Software Storage Location for an existing Oracle Restart Database](./provisioning/change_sw_storage_size_for_oracle_restart_db.md)  
+[6. Provisioning an Oracle Restart Database with Custom Storage Class](./provisioning/provisioning_oracle_restart_storage_class.md)  
+[7. Provisioning an Oracle Restart Database with RU Patch on FileSystem](./provisioning/provisioning_oracle_restart_db_rupatch.md)  
+[8. Provisioning an Oracle Restart Database with RU Patch on Existing PVC](./provisioning/provisioning_oracle_restart_rupatch_pvc.md)  
+[9. Provisioning an Oracle Restart Database with RU Patch and One Offs with Custom Storage Class](./provisioning/provisioning_oracle_restart_db_rupatch_oneoffs.md)  
+[10. Provisioning an Oracle Restart Database with multiple diskgroups](./provisioning/provisioning_oracle_restart_multiple_diskgroups.md)  
+[11. Provisioning an Oracle Restart Database with multiple diskgroups with different redundancy](./provisioning/provisioning_oracle_restart_multiple_diskgroups_with_redundancy.md)   
+[12. Provisioning an Oracle Restart Database with multiple diskgroups with different redundancy and option to specify separate storage class](./provisioning/oraclerestart_prov_multiple_diskgroups_with_redundancy_with_separate_storage_class.md)  
+[13. Adding ASM Disks - Add ASM Disks to an existing Oracle Restart Database](./provisioning/add_asm_disk_to_an_existing_restart_database.md)  
+[14. Deleting ASM Disks - Delete ASM Disks from an existing Oracle Restart Database](./provisioning/delete_asm_disks_from_an_existing_restart_database.md)
+
+**NOTE:** Resizing of the `ASM Disks` is _not_ allowed. You can add new ASM Disks to an exising Oracle Restart Database.
+
+## Connecting to Oracle Restart Database
+
+After the Oracle Restart database has been provisioned using the Oracle Restart Controller in Oracle Database Operator, you can follow the steps in this document to connect to the Oracle Restart Database: [Database Connectivity](./provisioning/database_connection.md)
+
+## Known Issues
+
+Refer to the Known Issues document for assistance related to issues deploying Oracle Restart Database using Oracle Restart Controller: [Known Issues](./provisioning/known_issues.md)
+
+## Cleanup
+
+Steps to clean up Oracle Restart Database deployed using Oracle Restart Controller in this document in Oracle Database Kubernetes Operator are documented in this page: [Cleanup](./provisioning/cleanup.md)
+
+
+## Debugging and Troubleshooting
+
+To debug the Oracle Restart Database provisioned using the Oracle Restart Controller in Oracle Database Kubernetes Operator, follow this document: [Debugging and troubleshooting](./provisioning/debugging.md)
diff --git a/docs/oraclerestart/provisioning/add_asm_disk_to_an_existing_restart_database.md b/docs/oraclerestart/provisioning/add_asm_disk_to_an_existing_restart_database.md
new file mode 100644
index 00000000..eee3f5ae
--- /dev/null
+++ b/docs/oraclerestart/provisioning/add_asm_disk_to_an_existing_restart_database.md
@@ -0,0 +1,64 @@
+## Adding ASM Disks - Add ASM Disks to an existing Oracle Restart Database
+
+### In this use case:
+
+* You have previously deployed an Oracle Restart Database in Kubernetes (for example, on OKE or OpenShift) using the Oracle Restart Database Controller. Now, you need to expand ASM storage by adding new ASM disks.
+* The existing Oracle Restart Database is deployed with Node Port Service using the file `oraclerestart_prov_nodeports.yaml` from Case [Provisioning an Oracle Restart Database with NodePort Service](./provisioning_oracle_restart_db_nodeport.md) using Oracle Restart Controller with:
+  * Oracle Restart Pod
+  * Headless services for Oracle Restart
+    * Oracle Restart Node hostname
+  * Node Port 30007 mapped to port 1521 for Database Listener. If you are using Loadbalancer then you will see LB service. 
+  * Persistent volumes created automatically based on specified disks for Oracle ASM storage
+  * Software Persistent Volume and Staged Software Persistent Volume using the specified location on the corresponding worker node.
+  * Namespace: `orestart`
+  * Staged Software location on the worker nodes is specified by `hostSwStageLocation`. The Grid Infrastructure and RDBMS Binaries are copied to this location on the worker node.
+  * Software location on the worker nodes is specified by `hostSwLocation`. The GI HOME and the RDBMS HOME in the Oracle Restart Pod will be mounted using this location on the worker node.
+
+### General Steps 
+  * If you are using storage class to dynamically provision the ASM disks, then you do not need to allocate block devices. If you are not using storage class, then you must allocate block devices to worker nodes where the Oracle Restart database pod is running. You must clean up the new ASM disks by using the `dd` command.         
+  * Update the Oracle Restart Custom Resource. Edit the custom resource YAML (`oraclerestarts.database.oracle.com`) to reference the new PVCs/disks under the appropriate ASM configuration.
+
+### In this Example: 
+  * Oracle Restart Database Slim Image `dbocir/oracle/database-orestart:19.3.0-slim` is used. The image is built using files from this [GitHub location](https://github.com/oracle/docker-images/tree/main/OracleDatabase/RAC/OracleRealApplicationClusters#building-oracle-rac-database-container-slim-image). 
+  * The existing disks on the worker nodes for the ASM that are used in Oracle Restart storage are `/dev/disk/by-partlabel/asm-disk1` and `/dev/disk/by-partlabel/asm-disk2`. 
+  * Specify the size and names of these devices using the parameter `storageSizeInGb`. By default, size is in GBs.
+  * If you are using **storage class to dynamically provision ASM disks**, then you can skip these steps. In this example, two new disks will be added to the existing Oracle Restart Database Deployment. For this purpose, the disks on the worker nodes that will be used are `/dev/disk/by-partlabel/asm-disk3` and `/dev/disk/by-partlabel/asm-disk4`.
+  * Update the corresponding device list in the `initParams` section.
+  * The default value in YAML file is `autoUpdate: "true"`, which will delete and recreate the pod with updated ASM disks in the Oracle Restart Deployment. In this case, the new disks will be automatically added to the existing Diskgroup.
+  * If the value in the YAML file is set to `autoUpdate: "false"`, then the Oracle Restart Database Pod is recreated, but the additional disks are _not_ added to the ASM Disk Group automatically.
+
+
+## When autoUpdate is set to true
+* For this use case, use the file [orestart_prov_asm_disk_addition.yaml](./orestart_prov_asm_disk_addition.yaml):
+* Deploy the `orestart_prov_asm_disk_addition.yaml` file:
+    ```sh
+    kubectl apply -f orestart_prov_asm_disk_addition.yaml
+    ```
+In this case, the new disks will be added to the existing Diskgroup in the Oracle Restart Database.
+* Check the status of the deployment:
+    ```sh
+    # Check the status of the Kubernetes Pods:
+    kubectl get all -n orestart
+
+    # Check the logs of a particular pod. For example, to check status of pod "dbmc1-0":
+    kubectl exec -it pod/dbmc1-0 -n orestart -- bash -c "tail -f /tmp/orod/oracle_db_setup.log"
+    ```
+ * Example logs are in [ASM addition autoupdate_true logs](./logs/asm_addition_autoupdate_true.txt) for disk addition with the option `autoUpdate: true`.
+
+
+## When autoUpdate is set to false
+* For this use case, use the file: [orestart_prov_asm_disk_addition_autoupdate_false.yaml](./orestart_prov_asm_disk_addition_autoupdate_false.yaml):
+* Deploy the `orestart_prov_asm_disk_addition_autoupdate_false.yaml` file:
+    ```sh
+    kubectl apply -f orestart_prov_asm_disk_addition_autoupdate_false.yaml
+    ```
+In this scenario, new disks are added to Oracle Restart Database Object Statefulset and Pods are recreated, but this disk is not added to the ASM Disk Group.
+* Check the status of the deployment:
+    ```sh
+    # Check the status of the Kubernetes Pods:
+    kubectl get all -n orestart
+
+    # Check the logs of a particular pod. For example, to check status of pod "dbmc1-0":
+    kubectl exec -it pod/dbmc1-0 -n orestart -- bash -c "tail -f /tmp/orod/oracle_db_setup.log"
+    ```
+ * Example logs are in [ASM addition autoupdate_false logs](./logs/asm_addition_autoupdate_false.txt) for disk addition with option `autoUpdate: false`.
diff --git a/docs/oraclerestart/provisioning/asm_addition_autoupdate_false.txt b/docs/oraclerestart/provisioning/asm_addition_autoupdate_false.txt
new file mode 100644
index 00000000..5e548d89
--- /dev/null
+++ b/docs/oraclerestart/provisioning/asm_addition_autoupdate_false.txt
@@ -0,0 +1,424 @@
+#### Status before the additional ASM Disks additional
+
+$ kubectl describe oraclerestarts.database.oracle.com/oraclerestart-sample -n orestart
+Name:         oraclerestart-sample
+Namespace:    orestart
+Labels:       <none>
+Annotations:  OracleRestarts.database.oracle.com/old-spec:
+                {"instDetails":{"name":"dbmc1","hostSwLocation":"/scratch/orestart/","workerNode":["10.0.10.58"],"nodePortSvc":[{"name":"dbmc1-service-nod...
+API Version:  database.oracle.com/v4
+Kind:         OracleRestart
+Metadata:
+  Creation Timestamp:  2025-08-21T15:03:39Z
+  Finalizers:
+    database.oracle.com/oraclerestartfinalizer
+  Generation:        1
+  Resource Version:  225385451
+  UID:               29deacda-d177-48d2-8092-30a5adbfcdf1
+Spec:
+  Asm Storage Details:
+    Disks By Size:
+      Disk Names:
+        /dev/disk/by-partlabel/asm-disk1
+        /dev/disk/by-partlabel/asm-disk2
+      Storage Size In Gb:  50
+  Config Params:
+    Cpu Count:                   4
+    Crs Asm Device List:         /dev/disk/by-partlabel/asm-disk1,/dev/disk/by-partlabel/asm-disk2
+    Crs Asm Disk Dg:             +DATA
+    Crs Asm Disk Dg Redundancy:  external
+    Db Base:                     /u01/app/oracle
+    Db Char Set:                 AL32UTF8
+    Db Data File Dest Dg:        +DATA
+    Db Home:                     /u01/app/oracle/product/19c/dbhome_1
+    Db Name:                     PORCLCDB
+    Db Recovery File Dest:       +DATA
+    Db Response File:
+    Db Sw Zip File:  db_home.zip
+    Grid Base:       /u01/app/grid
+    Grid Home:       /u01/app/19c/grid
+    Grid Response File:
+    Grid Sw Zip File:        grid_home.zip
+    Host Sw Stage Location:  /scratch/software/stage
+    Inventory:               /u01/app/oraInventory
+    Pga Size:                1G
+    Processes:               2000
+    Sga Size:                3G
+    Sw Mount Location:       /u01
+  Db Secret:
+    Key File Mount Location:  /mnt/.dbsecrets
+    Key File Name:            key.pem
+    Name:                     db-user-pass-pkutl
+    Pwd File Mount Location:  /mnt/.dbsecrets
+    Pwd File Name:            pwdfile.enc
+  Image:                      localhost/oracle/database-orestart:19.3.0-slim
+  Image Pull Policy:          Always
+  Inst Details:
+    Host Sw Location:  /scratch/orestart/
+    Name:              dbmc1
+    Node Port Svc:
+      Name:      dbmc1-service-nodeport
+      Svc Type:  nodeport
+    Port Mappings:
+      Node Port:    30007
+      Port:         1521
+      Protocol:     TCP
+      Target Port:  1521
+    Worker Node:
+      10.0.10.58
+  Resources:
+    Limits:
+      Cpu:     2
+      Memory:  16Gi
+    Requests:
+      Cpu:     2
+      Memory:  16Gi
+  Security Context:
+    Sysctls:
+      Name:   kernel.shmall
+      Value:  2097152
+      Name:   kernel.sem
+      Value:  250 32000 100 128
+      Name:   kernel.shmmax
+      Value:  8589934592
+      Name:   kernel.shmmni
+      Value:  4096
+  Service Details:
+    Name:  soepdb
+  Ssh Key Secret:
+    Key Mount Location:    /mnt/.ssh
+    Name:                  ssh-key-secret
+    Priv Key Secret Name:  ssh-privkey
+    Pub Key Secret Name:   ssh-pubkey
+Status:
+  Oracle Restart Nodes:
+    Name:  dbmc1-0
+    Node Details:
+      Instance State:  OPEN
+      Pod State:       AVAILABLE
+      Cluster State:   HEALTHY
+      Mounted Devices:
+        /dev/disk/by-partlabel/asm-disk1
+        /dev/disk/by-partlabel/asm-disk2
+      State:  AVAILABLE
+  Asm Details:
+    Diskgroup:
+      Disks:
+        /dev/disk/by-partlabel/asm-disk1,/dev/disk/by-partlabel/asm-disk2
+      Name:        DATA
+      Redundancy:  EXTERN
+  Conditions:
+    Last Transition Time:  2025-08-21T15:14:22Z
+    Message:               oracle restart database is in a restricted state: PROVISIONING
+    Observed Generation:   1
+    Reason:                LastReconcileCycleQueued
+    Status:                True
+    Type:                  ReconcileQueued
+    Last Transition Time:  2025-08-21T15:24:02Z
+    Message:               no reconcile errors
+    Observed Generation:   1
+    Reason:                LastReconcileCycleCompleted
+    Status:                True
+    Type:                  ReconcileComplete
+  Config Params:
+    Crs Asm Device List:         /dev/disk/by-partlabel/asm-disk1,/dev/disk/by-partlabel/asm-disk2
+    Crs Asm Disk Dg:             +DATA
+    Crs Asm Disk Dg Redundancy:  external
+    Db Base:                     /u01/app/oracle
+    Db Data File Dest Dg:        +DATA
+    Db Home:                     /u01/app/oracle/product/19c/dbhome_1
+    Db Name:                     PORCLCDB
+    Db Recovery File Dest:       +DATA
+    Db Response File:
+    Grid Base:  /u01/app/grid
+    Grid Home:  /u01/app/19c/grid
+    Grid Response File:
+    Inventory:     /u01/app/oraInventory
+  Connect String:  dbmc1-0:1521/PORCLCDB
+  Db Secret:
+    Key File Mount Location:  /mnt/.dbsecrets
+    Key File Name:            key.pem
+    Name:                     db-user-pass-pkutl
+    Pwd File Mount Location:  /mnt/.dbsecrets
+    Pwd File Name:            pwdfile.enc
+  Db State:                   OPEN
+  External Connect String:    129.146.0.149:30007/soepdb
+  Inst Details:
+    Name:
+  Pdb Connect String:  dbmc1-0:1521/ORCLPDB
+  Release Update:      19.28.0.0.0
+  Role:                PRIMARY
+  Service Details:
+    Name:       soepdb
+    Svc State:  service soepdb is running
+  State:        AVAILABLE
+Events:         <none>
+
+
+[grid@dbmc1-0 ~]$ export ORACLE_SID=+ASM
+[grid@dbmc1-0 ~]$ asmcmd lsdsk
+Path
+/dev/disk/by-partlabel/asm-disk1
+/dev/disk/by-partlabel/asm-disk2
+[grid@dbmc1-0 ~]$
+[grid@dbmc1-0 ~]$ ls -lrt /dev/disk/by-partlabel/asm-disk*
+brw-rw----. 1 grid asmadmin 8, 49 Aug 21 15:24 /dev/disk/by-partlabel/asm-disk2
+brw-rw----. 1 grid asmadmin 8, 33 Aug 21 15:24 /dev/disk/by-partlabel/asm-disk1
+
+
+
+### Apply the file "orestart_prov_asm_disk_addition_autoupdate_false.yaml" to add two new ASM Disks
+
+$ kubectl logs -f pod/oracle-database-operator-controller-manager-bc8dd8f68-pwfdk -n oracle-database-operator-system
+.
+.
+2025-08-21T15:26:44Z	INFO	controllers.OracleRestart	Detected Addition of ASM Disks:	{"addedAsmDisks": ["/dev/disk/by-partlabel/asm-disk3", "/dev/disk/by-partlabel/asm-disk4"]}
+2025-08-21T15:26:44Z	INFO	controllers.OracleRestart	Initialized autoUpdate from provided specification	{"autoUpdate": false}
+2025-08-21T15:26:44Z	INFO	controllers.OracleRestart	PV Found	{"Instance.Namespace": "orestart", "Instance.Name": "oraclerestart-sample", "dep.Name": "asm-pv-disk-0-oraclerestart-sample"}
+2025-08-21T15:26:44Z	INFO	controllers.OracleRestart	PV Found	{"Instance.Namespace": "orestart", "Instance.Name": "oraclerestart-sample", "dep.Name": "asm-pv-disk-1-oraclerestart-sample"}
+2025-08-21T15:26:44Z	INFO	controllers.OracleRestart	Creating a new PV	{"Instance.Namespace": "orestart", "Instance.Name": "oraclerestart-sample", "dep.Name": "asm-pv-disk-2-oraclerestart-sample"}
+2025-08-21T15:26:44Z	INFO	controllers.OracleRestart	Creating a new PV	{"Instance.Namespace": "orestart", "Instance.Name": "oraclerestart-sample", "dep.Name": "asm-pv-disk-3-oraclerestart-sample"}
+2025-08-21T15:26:44Z	INFO	controllers.OracleRestart	Creating a PVC	{"Instance.Namespace": "orestart", "Instance.Name": "oraclerestart-sample"}
+2025-08-21T15:26:44Z	INFO	controllers.OracleRestart	Creating a PVC	{"Instance.Namespace": "orestart", "Instance.Name": "oraclerestart-sample"}
+2025-08-21T15:26:44Z	INFO	controllers.OracleRestart	Validate New ASM Disks
+2025-08-21T15:26:44Z	INFO	controllers.OracleRestart	Creating DaemonSet:	{"desiredDaemonSet.Name": "disk-check-daemonset"}
+2025-08-21T15:26:54Z	INFO	controllers.OracleRestart	Provided ASM Disks are valid, proceeding further
+2025-08-21T15:26:54Z	INFO	controllers.OracleRestart	Updating existing configmap
+2025-08-21T15:26:54Z	INFO	controllers.OracleRestart	Config Map updated successfully with new asm details
+2025-08-21T15:26:54Z	INFO	controllers.OracleRestart	Change State to UPDATING
+2025-08-21T15:26:54Z	INFO	controllers.OracleRestart	Oracle Restart Object updated with updateOracleRestartInstStatus
+2025-08-21T15:26:54Z	INFO	controllers.OracleRestart	StatefulSet spec differs for volume devices, updating StatefulSet (pods may be recreated)	{"oracleRestart.Namespace": "orestart", "oracleRestart.Name": "oraclerestart-sample", "StatefulSet.Namespace": "orestart", "StatefulSet.Name": "dbmc1"}
+2025-08-21T15:26:54Z	INFO	controllers.OracleRestart	StatefulSet update applied, waiting for pod recreation	{"oracleRestart.Namespace": "orestart", "oracleRestart.Name": "oraclerestart-sample", "StatefulSet.Namespace": "orestart", "StatefulSet.Name": "dbmc1"}
+2025-08-21T15:26:54Z	INFO	controllers.OracleRestart	Waiting for StatefulSet update to be applied	{"oracleRestart.Namespace": "orestart", "oracleRestart.Name": "oraclerestart-sample", "StatefulSet.Namespace": "orestart", "StatefulSet.Name": "dbmc1"}
+2025-08-21T15:26:59Z	INFO	controllers.OracleRestart	StatefulSet update is applied successfully	{"oracleRestart.Namespace": "orestart", "oracleRestart.Name": "oraclerestart-sample", "StatefulSet.Namespace": "orestart", "StatefulSet.Name": "dbmc1"}
+2025-08-21T15:27:59Z	INFO	controllers.OracleRestart	All Pods are running	{"oracleRestart.Namespace": "orestart", "oracleRestart.Name": "oraclerestart-sample", "StatefulSet.Namespace": "orestart", "StatefulSet.Name": "dbmc1"}
+2025-08-21T15:28:14Z	INFO	controllers.OracleRestart	Pod is not ready yet	{"oracleRestart.Namespace": "orestart", "oracleRestart.Name": "oraclerestart-sample", "Pod.Name": "dbmc1-0"}
+2025-08-21T15:28:44Z	INFO	controllers.OracleRestart	Pod is not ready yet	{"oracleRestart.Namespace": "orestart", "oracleRestart.Name": "oraclerestart-sample", "Pod.Name": "dbmc1-0"}
+2025-08-21T15:29:14Z	INFO	controllers.OracleRestart	Pod is not ready yet	{"oracleRestart.Namespace": "orestart", "oracleRestart.Name": "oraclerestart-sample", "Pod.Name": "dbmc1-0"}
+2025-08-21T15:29:44Z	INFO	controllers.OracleRestart	Pod is not ready yet	{"oracleRestart.Namespace": "orestart", "oracleRestart.Name": "oraclerestart-sample", "Pod.Name": "dbmc1-0"}
+2025-08-21T15:30:14Z	INFO	controllers.OracleRestart	Pod is ready	{"oracleRestart.Namespace": "orestart", "oracleRestart.Name": "oraclerestart-sample", "Pod.Name": "dbmc1-0"}
+2025-08-21T15:30:19Z	INFO	controllers.OracleRestart	DaemonSet deleted successfully	{"DaemonSet.Name": "disk-check-daemonset"}
+2025-08-21T15:30:19Z	INFO	controllers.OracleRestart	Oracle Restart Object annotations updated with current spec annotation
+2025-08-21T15:30:19Z	INFO	controllers.OracleRestart	Reconcile completed. Requeuing....
+2025-08-21T15:30:31Z	INFO	controllers.OracleRestart	Oracle Restart Object updated with updateOracleRestartInstStatus
+2025-08-21T15:30:31Z	INFO	controllers.OracleRestart	Completed Update of Oracle Restart instance status
+2025-08-21T15:30:50Z	INFO	controllers.OracleRestart	Updating Oracle Restart instance status with validateoraclerestartdb	{"Instance": "oraclerestart-sample"}
+2025-08-21T15:30:50Z	INFO	controllers.OracleRestart	Updated Oracle Restart instance status with validateoraclerestartdb	{"Instance": "oraclerestart-sample"}
+2025-08-21T15:30:50Z	INFO	controllers.OracleRestart	Updated Oracle Restart instance status successfully	{"Instance": "oraclerestart-sample"}
+2025-08-21T15:30:50Z	INFO	controllers.OracleRestart	Returning from updateReconcileStatus
+2025-08-21T15:30:50Z	INFO	controllers.OracleRestart	Reconcile requested
+2025-08-21T15:30:50Z	INFO	controllers.OracleRestart	Entering reconcile validation
+2025-08-21T15:30:50Z	INFO	controllers.OracleRestart	Completed reconcile validation
+2025-08-21T15:30:50Z	INFO	controllers.OracleRestart	Initialized autoUpdate from provided specification	{"autoUpdate": false}
+2025-08-21T15:30:50Z	INFO	controllers.OracleRestart	Oracle Restart Object annotations updated with current spec annotation
+2025-08-21T15:30:50Z	INFO	controllers.OracleRestart	Reconcile completed. Requeuing....
+2025-08-21T15:31:01Z	INFO	controllers.OracleRestart	Oracle Restart Object updated with updateOracleRestartInstStatus
+2025-08-21T15:31:01Z	INFO	controllers.OracleRestart	Completed Update of Oracle Restart instance status
+2025-08-21T15:31:20Z	INFO	controllers.OracleRestart	Updating Oracle Restart instance status with validateoraclerestartdb	{"Instance": "oraclerestart-sample"}
+2025-08-21T15:31:20Z	INFO	controllers.OracleRestart	Updated Oracle Restart instance status with validateoraclerestartdb	{"Instance": "oraclerestart-sample"}
+2025-08-21T15:31:20Z	INFO	controllers.OracleRestart	Updated Oracle Restart instance status successfully	{"Instance": "oraclerestart-sample"}
+2025-08-21T15:31:20Z	INFO	controllers.OracleRestart	Returning from updateReconcileStatus
+2025-08-21T15:31:20Z	INFO	controllers.OracleRestart	Reconcile requested
+2025-08-21T15:31:20Z	INFO	controllers.OracleRestart	Entering reconcile validation
+2025-08-21T15:31:20Z	INFO	controllers.OracleRestart	Completed reconcile validation
+2025-08-21T15:31:20Z	INFO	controllers.OracleRestart	Initialized autoUpdate from provided specification	{"autoUpdate": false}
+2025-08-21T15:31:20Z	INFO	controllers.OracleRestart	Annotations are already up to date. Skipping update.
+2025-08-21T15:31:20Z	INFO	controllers.OracleRestart	Reconcile completed. Requeuing....
+2025-08-21T15:31:32Z	INFO	controllers.OracleRestart	Oracle Restart Object updated with updateOracleRestartInstStatus
+2025-08-21T15:31:32Z	INFO	controllers.OracleRestart	Completed Update of Oracle Restart instance status
+2025-08-21T15:31:51Z	INFO	controllers.OracleRestart	Updating Oracle Restart instance status with validateoraclerestartdb	{"Instance": "oraclerestart-sample"}
+2025-08-21T15:31:51Z	INFO	controllers.OracleRestart	Updated Oracle Restart instance status with validateoraclerestartdb	{"Instance": "oraclerestart-sample"}
+2025-08-21T15:31:51Z	INFO	controllers.OracleRestart	Updated Oracle Restart instance status successfully	{"Instance": "oraclerestart-sample"}
+2025-08-21T15:31:51Z	INFO	controllers.OracleRestart	Returning from updateReconcileStatus
+2025-08-21T15:31:51Z	INFO	controllers.OracleRestart	Reconcile requested
+2025-08-21T15:31:51Z	INFO	controllers.OracleRestart	Entering reconcile validation
+2025-08-21T15:31:51Z	INFO	controllers.OracleRestart	Completed reconcile validation
+2025-08-21T15:31:51Z	INFO	controllers.OracleRestart	Initialized autoUpdate from provided specification	{"autoUpdate": false}
+2025-08-21T15:31:51Z	INFO	controllers.OracleRestart	Annotations are already up to date. Skipping update.
+2025-08-21T15:31:51Z	INFO	controllers.OracleRestart	Reconcile completed. Requeuing....
+2025-08-21T15:32:02Z	INFO	controllers.OracleRestart	Oracle Restart Object updated with updateOracleRestartInstStatus
+2025-08-21T15:32:02Z	INFO	controllers.OracleRestart	Completed Update of Oracle Restart instance status
+
+
+
+###############################################################
+### During this operation, the "pod/dbmc1-0" will be recreated
+###############################################################
+
+
+
+### Status after the Disks are added with "autoUpdate=true"
+
+$ kubectl describe oraclerestarts.database.oracle.com/oraclerestart-sample -n orestart
+Name:         oraclerestart-sample
+Namespace:    orestart
+Labels:       <none>
+Annotations:  OracleRestarts.database.oracle.com/old-spec:
+                {"instDetails":{"name":"dbmc1","hostSwLocation":"/scratch/orestart/","workerNode":["10.0.10.58"],"nodePortSvc":[{"name":"dbmc1-service-nod...
+API Version:  database.oracle.com/v4
+Kind:         OracleRestart
+Metadata:
+  Creation Timestamp:  2025-08-21T15:03:39Z
+  Finalizers:
+    database.oracle.com/oraclerestartfinalizer
+  Generation:        2
+  Resource Version:  225388030
+  UID:               29deacda-d177-48d2-8092-30a5adbfcdf1
+Spec:
+  Asm Storage Details:
+    Auto Update:  false
+    Disks By Size:
+      Disk Names:
+        /dev/disk/by-partlabel/asm-disk1
+        /dev/disk/by-partlabel/asm-disk2
+        /dev/disk/by-partlabel/asm-disk3
+        /dev/disk/by-partlabel/asm-disk4
+      Storage Size In Gb:  50
+  Config Params:
+    Cpu Count:                   4
+    Crs Asm Device List:         /dev/disk/by-partlabel/asm-disk1,/dev/disk/by-partlabel/asm-disk2,/dev/disk/by-partlabel/asm-disk3,/dev/disk/by-partlabel/asm-disk4
+    Crs Asm Disk Dg:             +DATA
+    Crs Asm Disk Dg Redundancy:  external
+    Db Base:                     /u01/app/oracle
+    Db Char Set:                 AL32UTF8
+    Db Data File Dest Dg:        +DATA
+    Db Home:                     /u01/app/oracle/product/19c/dbhome_1
+    Db Name:                     PORCLCDB
+    Db Recovery File Dest:       +DATA
+    Db Response File:
+    Db Sw Zip File:  db_home.zip
+    Grid Base:       /u01/app/grid
+    Grid Home:       /u01/app/19c/grid
+    Grid Response File:
+    Grid Sw Zip File:        grid_home.zip
+    Host Sw Stage Location:  /scratch/software/stage
+    Inventory:               /u01/app/oraInventory
+    Pga Size:                1G
+    Processes:               2000
+    Sga Size:                3G
+    Sw Mount Location:       /u01
+  Db Secret:
+    Key File Mount Location:  /mnt/.dbsecrets
+    Key File Name:            key.pem
+    Name:                     db-user-pass-pkutl
+    Pwd File Mount Location:  /mnt/.dbsecrets
+    Pwd File Name:            pwdfile.enc
+  Image:                      localhost/oracle/database-orestart:19.3.0-slim
+  Image Pull Policy:          Always
+  Inst Details:
+    Host Sw Location:  /scratch/orestart/
+    Name:              dbmc1
+    Node Port Svc:
+      Name:      dbmc1-service-nodeport
+      Svc Type:  nodeport
+    Port Mappings:
+      Node Port:    30007
+      Port:         1521
+      Protocol:     TCP
+      Target Port:  1521
+    Worker Node:
+      10.0.10.58
+  Resources:
+    Limits:
+      Cpu:     2
+      Memory:  16Gi
+    Requests:
+      Cpu:     2
+      Memory:  16Gi
+  Security Context:
+    Sysctls:
+      Name:   kernel.shmall
+      Value:  2097152
+      Name:   kernel.sem
+      Value:  250 32000 100 128
+      Name:   kernel.shmmax
+      Value:  8589934592
+      Name:   kernel.shmmni
+      Value:  4096
+  Service Details:
+    Name:  soepdb
+  Ssh Key Secret:
+    Key Mount Location:    /mnt/.ssh
+    Name:                  ssh-key-secret
+    Priv Key Secret Name:  ssh-privkey
+    Pub Key Secret Name:   ssh-pubkey
+Status:
+  Oracle Restart Nodes:
+    Name:  dbmc1-0
+    Node Details:
+      Instance State:  OPEN
+      Pod State:       AVAILABLE
+      Cluster State:   HEALTHY
+      Mounted Devices:
+        /dev/disk/by-partlabel/asm-disk1
+        /dev/disk/by-partlabel/asm-disk2
+        /dev/disk/by-partlabel/asm-disk3
+        /dev/disk/by-partlabel/asm-disk4
+      State:  AVAILABLE
+  Asm Details:
+    Diskgroup:
+      Disks:
+        /dev/disk/by-partlabel/asm-disk1,/dev/disk/by-partlabel/asm-disk2
+      Name:        DATA
+      Redundancy:  EXTERN
+  Conditions:
+    Last Transition Time:  2025-08-21T15:14:22Z
+    Message:               oracle restart database is in a restricted state: PROVISIONING
+    Observed Generation:   1
+    Reason:                LastReconcileCycleQueued
+    Status:                True
+    Type:                  ReconcileQueued
+    Last Transition Time:  2025-08-21T15:32:21Z
+    Message:               no reconcile errors
+    Observed Generation:   2
+    Reason:                LastReconcileCycleCompleted
+    Status:                True
+    Type:                  ReconcileComplete
+  Config Params:
+    Crs Asm Device List:         /dev/disk/by-partlabel/asm-disk1,/dev/disk/by-partlabel/asm-disk2,/dev/disk/by-partlabel/asm-disk3,/dev/disk/by-partlabel/asm-disk4
+    Crs Asm Disk Dg:             +DATA
+    Crs Asm Disk Dg Redundancy:  external
+    Db Base:                     /u01/app/oracle
+    Db Data File Dest Dg:        +DATA
+    Db Home:                     /u01/app/oracle/product/19c/dbhome_1
+    Db Name:                     PORCLCDB
+    Db Recovery File Dest:       +DATA
+    Db Response File:
+    Grid Base:  /u01/app/grid
+    Grid Home:  /u01/app/19c/grid
+    Grid Response File:
+    Inventory:     /u01/app/oraInventory
+  Connect String:  dbmc1-0:1521/PORCLCDB
+  Db Secret:
+    Key File Mount Location:  /mnt/.dbsecrets
+    Key File Name:            key.pem
+    Name:                     db-user-pass-pkutl
+    Pwd File Mount Location:  /mnt/.dbsecrets
+    Pwd File Name:            pwdfile.enc
+  Db State:                   OPEN
+  External Connect String:    129.146.0.149:30007/soepdb
+  Inst Details:
+    Name:
+  Pdb Connect String:  dbmc1-0:1521/ORCLPDB
+  Release Update:      19.28.0.0.0
+  Role:                PRIMARY
+  Service Details:
+    Name:       soepdb
+    Svc State:  service soepdb is running
+  State:        AVAILABLE
+Events:         <none>
+
+
+
+[grid@dbmc1-0 ~]$ export ORACLE_SID=+ASM
+[grid@dbmc1-0 ~]$ asmcmd lsdsk
+Path
+/dev/disk/by-partlabel/asm-disk1
+/dev/disk/by-partlabel/asm-disk2
+
+
+[grid@dbmc1-0 ~]$ ls -lrt /dev/disk/by-partlabel/asm-disk*
+brw-rw----. 1 grid asmadmin 8, 81 Aug 21 15:27 /dev/disk/by-partlabel/asm-disk4
+brw-rw----. 1 grid asmadmin 8, 65 Aug 21 15:27 /dev/disk/by-partlabel/asm-disk3
+brw-rw----. 1 grid asmadmin 8, 49 Aug 21 15:34 /dev/disk/by-partlabel/asm-disk2
+brw-rw----. 1 grid asmadmin 8, 33 Aug 21 15:34 /dev/disk/by-partlabel/asm-disk1
\ No newline at end of file
diff --git a/docs/oraclerestart/provisioning/asm_addition_autoupdate_true.txt b/docs/oraclerestart/provisioning/asm_addition_autoupdate_true.txt
new file mode 100644
index 00000000..1f025fc0
--- /dev/null
+++ b/docs/oraclerestart/provisioning/asm_addition_autoupdate_true.txt
@@ -0,0 +1,423 @@
+#### Status before the additional ASM Disks additional
+
+$ kubectl describe oraclerestarts.database.oracle.com/oraclerestart-sample -n orestart
+Name:         oraclerestart-sample
+Namespace:    orestart
+Labels:       <none>
+Annotations:  OracleRestarts.database.oracle.com/old-spec:
+                {"instDetails":{"name":"dbmc1","hostSwLocation":"/scratch/orestart/","workerNode":["10.0.10.58"],"nodePortSvc":[{"name":"dbmc1-service-nod...
+API Version:  database.oracle.com/v4
+Kind:         OracleRestart
+Metadata:
+  Creation Timestamp:  2025-08-21T14:24:02Z
+  Finalizers:
+    database.oracle.com/oraclerestartfinalizer
+  Generation:        1
+  Resource Version:  225373653
+  UID:               9f7225ed-1e97-40f6-bd1d-4efa5acb3007
+Spec:
+  Asm Storage Details:
+    Disks By Size:
+      Disk Names:
+        /dev/disk/by-partlabel/asm-disk1
+        /dev/disk/by-partlabel/asm-disk2
+      Storage Size In Gb:  50
+  Config Params:
+    Cpu Count:                   4
+    Crs Asm Device List:         /dev/disk/by-partlabel/asm-disk1,/dev/disk/by-partlabel/asm-disk2
+    Crs Asm Disk Dg:             +DATA
+    Crs Asm Disk Dg Redundancy:  external
+    Db Base:                     /u01/app/oracle
+    Db Char Set:                 AL32UTF8
+    Db Data File Dest Dg:        +DATA
+    Db Home:                     /u01/app/oracle/product/19c/dbhome_1
+    Db Name:                     PORCLCDB
+    Db Recovery File Dest:       +DATA
+    Db Response File:
+    Db Sw Zip File:  db_home.zip
+    Grid Base:       /u01/app/grid
+    Grid Home:       /u01/app/19c/grid
+    Grid Response File:
+    Grid Sw Zip File:        grid_home.zip
+    Host Sw Stage Location:  /scratch/software/stage
+    Inventory:               /u01/app/oraInventory
+    Pga Size:                1G
+    Processes:               2000
+    Sga Size:                3G
+    Sw Mount Location:       /u01
+  Db Secret:
+    Key File Mount Location:  /mnt/.dbsecrets
+    Key File Name:            key.pem
+    Name:                     db-user-pass-pkutl
+    Pwd File Mount Location:  /mnt/.dbsecrets
+    Pwd File Name:            pwdfile.enc
+  Image:                      localhost/oracle/database-orestart:19.3.0-slim
+  Image Pull Policy:          Always
+  Inst Details:
+    Host Sw Location:  /scratch/orestart/
+    Name:              dbmc1
+    Node Port Svc:
+      Name:      dbmc1-service-nodeport
+      Svc Type:  nodeport
+    Port Mappings:
+      Node Port:    30007
+      Port:         1521
+      Protocol:     TCP
+      Target Port:  1521
+    Worker Node:
+      10.0.10.58
+  Resources:
+    Limits:
+      Cpu:     2
+      Memory:  16Gi
+    Requests:
+      Cpu:     2
+      Memory:  16Gi
+  Security Context:
+    Sysctls:
+      Name:   kernel.shmall
+      Value:  2097152
+      Name:   kernel.sem
+      Value:  250 32000 100 128
+      Name:   kernel.shmmax
+      Value:  8589934592
+      Name:   kernel.shmmni
+      Value:  4096
+  Service Details:
+    Name:  soepdb
+  Ssh Key Secret:
+    Key Mount Location:    /mnt/.ssh
+    Name:                  ssh-key-secret
+    Priv Key Secret Name:  ssh-privkey
+    Pub Key Secret Name:   ssh-pubkey
+Status:
+  Oracle Restart Nodes:
+    Name:  dbmc1-0
+    Node Details:
+      Instance State:  OPEN
+      Pod State:       AVAILABLE
+      Cluster State:   HEALTHY
+      Mounted Devices:
+        /dev/disk/by-partlabel/asm-disk1
+        /dev/disk/by-partlabel/asm-disk2
+      State:  AVAILABLE
+  Asm Details:
+    Diskgroup:
+      Disks:
+        /dev/disk/by-partlabel/asm-disk1,/dev/disk/by-partlabel/asm-disk2
+      Name:        DATA
+      Redundancy:  EXTERN
+  Conditions:
+    Last Transition Time:  2025-08-21T14:36:35Z
+    Message:               oracle restart database is in a restricted state: PROVISIONING
+    Observed Generation:   1
+    Reason:                LastReconcileCycleQueued
+    Status:                True
+    Type:                  ReconcileQueued
+    Last Transition Time:  2025-08-21T14:45:26Z
+    Message:               no reconcile errors
+    Observed Generation:   1
+    Reason:                LastReconcileCycleCompleted
+    Status:                True
+    Type:                  ReconcileComplete
+  Config Params:
+    Crs Asm Device List:         /dev/disk/by-partlabel/asm-disk1,/dev/disk/by-partlabel/asm-disk2
+    Crs Asm Disk Dg:             +DATA
+    Crs Asm Disk Dg Redundancy:  external
+    Db Base:                     /u01/app/oracle
+    Db Data File Dest Dg:        +DATA
+    Db Home:                     /u01/app/oracle/product/19c/dbhome_1
+    Db Name:                     PORCLCDB
+    Db Recovery File Dest:       +DATA
+    Db Response File:
+    Grid Base:  /u01/app/grid
+    Grid Home:  /u01/app/19c/grid
+    Grid Response File:
+    Inventory:     /u01/app/oraInventory
+  Connect String:  dbmc1-0:1521/PORCLCDB
+  Db Secret:
+    Key File Mount Location:  /mnt/.dbsecrets
+    Key File Name:            key.pem
+    Name:                     db-user-pass-pkutl
+    Pwd File Mount Location:  /mnt/.dbsecrets
+    Pwd File Name:            pwdfile.enc
+  Db State:                   OPEN
+  External Connect String:    129.146.0.149:30007/soepdb
+  Inst Details:
+    Name:
+  Pdb Connect String:  dbmc1-0:1521/ORCLPDB
+  Release Update:      19.28.0.0.0
+  Role:                PRIMARY
+  Service Details:
+    Name:       soepdb
+    Svc State:  service soepdb is running
+  State:        AVAILABLE
+Events:         <none>
+
+
+[grid@dbmc1-0 ~]$ export ORACLE_SID=+ASM
+[grid@dbmc1-0 ~]$ asmcmd lsdsk
+Path
+/dev/disk/by-partlabel/asm-disk1
+/dev/disk/by-partlabel/asm-disk2
+
+[grid@dbmc1-0 ~]$ ls -lrt /dev/disk/by-partlabel/asm-disk*
+brw-rw----. 1 grid asmadmin 8, 49 Aug 21 14:46 /dev/disk/by-partlabel/asm-disk2
+brw-rw----. 1 grid asmadmin 8, 33 Aug 21 14:46 /dev/disk/by-partlabel/asm-disk1
+
+
+
+### Apply the file "orestart_prov_asm_disk_addition.yaml" to add two new ASM Disks
+
+$ kubectl logs -f pod/oracle-database-operator-controller-manager-bc8dd8f68-pwfdk -n oracle-database-operator-system
+.
+.
+2025-08-21T14:49:32Z	INFO	controllers.OracleRestart	Detected Addition of ASM Disks:	{"addedAsmDisks": ["/dev/disk/by-partlabel/asm-disk3", "/dev/disk/by-partlabel/asm-disk4"]}
+2025-08-21T14:49:32Z	INFO	controllers.OracleRestart	Initialized autoUpdate as true (default)
+2025-08-21T14:49:32Z	INFO	controllers.OracleRestart	PV Found	{"Instance.Namespace": "orestart", "Instance.Name": "oraclerestart-sample", "dep.Name": "asm-pv-disk-0-oraclerestart-sample"}
+2025-08-21T14:49:32Z	INFO	controllers.OracleRestart	PV Found	{"Instance.Namespace": "orestart", "Instance.Name": "oraclerestart-sample", "dep.Name": "asm-pv-disk-1-oraclerestart-sample"}
+2025-08-21T14:49:32Z	INFO	controllers.OracleRestart	Creating a new PV	{"Instance.Namespace": "orestart", "Instance.Name": "oraclerestart-sample", "dep.Name": "asm-pv-disk-2-oraclerestart-sample"}
+2025-08-21T14:49:32Z	INFO	controllers.OracleRestart	Creating a new PV	{"Instance.Namespace": "orestart", "Instance.Name": "oraclerestart-sample", "dep.Name": "asm-pv-disk-3-oraclerestart-sample"}
+2025-08-21T14:49:32Z	INFO	controllers.OracleRestart	Creating a PVC	{"Instance.Namespace": "orestart", "Instance.Name": "oraclerestart-sample"}
+2025-08-21T14:49:32Z	INFO	controllers.OracleRestart	Creating a PVC	{"Instance.Namespace": "orestart", "Instance.Name": "oraclerestart-sample"}
+2025-08-21T14:49:32Z	INFO	controllers.OracleRestart	Validate New ASM Disks
+2025-08-21T14:49:32Z	INFO	controllers.OracleRestart	Creating DaemonSet:	{"desiredDaemonSet.Name": "disk-check-daemonset"}
+2025-08-21T14:49:42Z	INFO	controllers.OracleRestart	Provided ASM Disks are valid, proceeding further
+2025-08-21T14:49:42Z	INFO	controllers.OracleRestart	Updating existing configmap
+2025-08-21T14:49:42Z	INFO	controllers.OracleRestart	Config Map updated successfully with new asm details
+2025-08-21T14:49:42Z	INFO	controllers.OracleRestart	Change State to UPDATING
+2025-08-21T14:49:42Z	INFO	controllers.OracleRestart	Oracle Restart Object updated with updateOracleRestartInstStatus
+2025-08-21T14:49:42Z	INFO	controllers.OracleRestart	StatefulSet spec differs for volume devices, updating StatefulSet (pods may be recreated)	{"oracleRestart.Namespace": "orestart", "oracleRestart.Name": "oraclerestart-sample", "StatefulSet.Namespace": "orestart", "StatefulSet.Name": "dbmc1"}
+2025-08-21T14:49:42Z	INFO	controllers.OracleRestart	StatefulSet update applied, waiting for pod recreation	{"oracleRestart.Namespace": "orestart", "oracleRestart.Name": "oraclerestart-sample", "StatefulSet.Namespace": "orestart", "StatefulSet.Name": "dbmc1"}
+2025-08-21T14:49:42Z	INFO	controllers.OracleRestart	Waiting for StatefulSet update to be applied	{"oracleRestart.Namespace": "orestart", "oracleRestart.Name": "oraclerestart-sample", "StatefulSet.Namespace": "orestart", "StatefulSet.Name": "dbmc1"}
+2025-08-21T14:49:47Z	INFO	controllers.OracleRestart	StatefulSet update is applied successfully	{"oracleRestart.Namespace": "orestart", "oracleRestart.Name": "oraclerestart-sample", "StatefulSet.Namespace": "orestart", "StatefulSet.Name": "dbmc1"}
+2025-08-21T14:50:47Z	INFO	controllers.OracleRestart	All Pods are running	{"oracleRestart.Namespace": "orestart", "oracleRestart.Name": "oraclerestart-sample", "StatefulSet.Namespace": "orestart", "StatefulSet.Name": "dbmc1"}
+2025-08-21T14:51:02Z	INFO	controllers.OracleRestart	Pod is not ready yet	{"oracleRestart.Namespace": "orestart", "oracleRestart.Name": "oraclerestart-sample", "Pod.Name": "dbmc1-0"}
+2025-08-21T14:51:32Z	INFO	controllers.OracleRestart	Pod is not ready yet	{"oracleRestart.Namespace": "orestart", "oracleRestart.Name": "oraclerestart-sample", "Pod.Name": "dbmc1-0"}
+2025-08-21T14:52:02Z	INFO	controllers.OracleRestart	Pod is not ready yet	{"oracleRestart.Namespace": "orestart", "oracleRestart.Name": "oraclerestart-sample", "Pod.Name": "dbmc1-0"}
+2025-08-21T14:52:32Z	INFO	controllers.OracleRestart	Pod is not ready yet	{"oracleRestart.Namespace": "orestart", "oracleRestart.Name": "oraclerestart-sample", "Pod.Name": "dbmc1-0"}
+2025-08-21T14:53:02Z	INFO	controllers.OracleRestart	Pod is ready	{"oracleRestart.Namespace": "orestart", "oracleRestart.Name": "oraclerestart-sample", "Pod.Name": "dbmc1-0"}
+2025-08-21T14:53:02Z	INFO	controllers.OracleRestart	New disk to be added to CRS ASM device list 	{"oracleRestart.Namespace": "orestart", "oracleRestart.Name": "oraclerestart-sample", "disk": "/dev/disk/by-partlabel/asm-disk3"}
+2025-08-21T14:53:02Z	INFO	controllers.OracleRestart	New disk to be added to CRS ASM device list 	{"oracleRestart.Namespace": "orestart", "oracleRestart.Name": "oraclerestart-sample", "disk": "/dev/disk/by-partlabel/asm-disk4"}
+2025-08-21T14:53:03Z	INFO	controllers.OracleRestart	Executing command to add disk	{"Instance.Namespace": "orestart", "Instance.Name": "oraclerestart-sample", "Pod.Name": "dbmc1-0", "Command": "python3 /opt/scripts/startup/scripts/main.py --updateasmdevices=\"diskname=/dev/disk/by-partlabel/asm-disk3;diskgroup=DATA;processtype=addition\""}
+2025-08-21T14:53:06Z	INFO	controllers.OracleRestart	Executing command to add disk	{"Instance.Namespace": "orestart", "Instance.Name": "oraclerestart-sample", "Pod.Name": "dbmc1-0", "Command": "python3 /opt/scripts/startup/scripts/main.py --updateasmdevices=\"diskname=/dev/disk/by-partlabel/asm-disk4;diskgroup=DATA;processtype=addition\""}
+2025-08-21T14:53:16Z	INFO	controllers.OracleRestart	New Disks added to CRS Disks Group	{"oracleRestart.Namespace": "orestart", "oracleRestart.Name": "oraclerestart-sample"}
+2025-08-21T14:53:16Z	INFO	controllers.OracleRestart	DaemonSet deleted successfully	{"DaemonSet.Name": "disk-check-daemonset"}
+2025-08-21T14:53:16Z	INFO	OracleRestart-resource	validate update	{"name": "oraclerestart-sample"}
+2025-08-21T14:53:16Z	INFO	OracleRestart-resource	validate create	{"name": "oraclerestart-sample"}
+2025-08-21T14:53:16Z	INFO	controllers.OracleRestart	Oracle Restart Object annotations updated with current spec annotation
+2025-08-21T14:53:16Z	INFO	controllers.OracleRestart	Reconcile completed. Requeuing....
+2025-08-21T14:53:28Z	INFO	controllers.OracleRestart	Oracle Restart Object updated with updateOracleRestartInstStatus
+2025-08-21T14:53:28Z	INFO	controllers.OracleRestart	Completed Update of Oracle Restart instance status
+2025-08-21T14:53:48Z	INFO	controllers.OracleRestart	Updating Oracle Restart instance status with validateoraclerestartdb	{"Instance": "oraclerestart-sample"}
+2025-08-21T14:53:48Z	INFO	controllers.OracleRestart	Updated Oracle Restart instance status with validateoraclerestartdb	{"Instance": "oraclerestart-sample"}
+2025-08-21T14:53:48Z	INFO	controllers.OracleRestart	Updated Oracle Restart instance status successfully	{"Instance": "oraclerestart-sample"}
+2025-08-21T14:53:48Z	INFO	controllers.OracleRestart	Returning from updateReconcileStatus
+2025-08-21T14:53:48Z	INFO	controllers.OracleRestart	Reconcile requested
+2025-08-21T14:53:48Z	INFO	controllers.OracleRestart	Entering reconcile validation
+2025-08-21T14:53:48Z	INFO	controllers.OracleRestart	Completed reconcile validation
+2025-08-21T14:53:48Z	INFO	controllers.OracleRestart	Initialized autoUpdate as true (default)
+2025-08-21T14:53:48Z	INFO	OracleRestart-resource	validate update	{"name": "oraclerestart-sample"}
+2025-08-21T14:53:48Z	INFO	OracleRestart-resource	validate create	{"name": "oraclerestart-sample"}
+2025-08-21T14:53:48Z	INFO	controllers.OracleRestart	Oracle Restart Object annotations updated with current spec annotation
+2025-08-21T14:53:48Z	INFO	controllers.OracleRestart	Reconcile completed. Requeuing....
+2025-08-21T14:53:59Z	INFO	controllers.OracleRestart	Oracle Restart Object updated with updateOracleRestartInstStatus
+2025-08-21T14:53:59Z	INFO	controllers.OracleRestart	Completed Update of Oracle Restart instance status
+2025-08-21T14:54:19Z	INFO	controllers.OracleRestart	Updating Oracle Restart instance status with validateoraclerestartdb	{"Instance": "oraclerestart-sample"}
+2025-08-21T14:54:19Z	INFO	controllers.OracleRestart	Updated Oracle Restart instance status with validateoraclerestartdb	{"Instance": "oraclerestart-sample"}
+2025-08-21T14:54:19Z	INFO	controllers.OracleRestart	Updated Oracle Restart instance status successfully	{"Instance": "oraclerestart-sample"}
+2025-08-21T14:54:19Z	INFO	controllers.OracleRestart	Returning from updateReconcileStatus
+2025-08-21T14:54:19Z	INFO	controllers.OracleRestart	Reconcile requested
+2025-08-21T14:54:19Z	INFO	controllers.OracleRestart	Entering reconcile validation
+2025-08-21T14:54:19Z	INFO	controllers.OracleRestart	Completed reconcile validation
+2025-08-21T14:54:19Z	INFO	controllers.OracleRestart	Initialized autoUpdate as true (default)
+2025-08-21T14:54:19Z	INFO	controllers.OracleRestart	Annotations are already up to date. Skipping update.
+2025-08-21T14:54:19Z	INFO	controllers.OracleRestart	Reconcile completed. Requeuing....
+2025-08-21T14:54:31Z	INFO	controllers.OracleRestart	Oracle Restart Object updated with updateOracleRestartInstStatus
+2025-08-21T14:54:31Z	INFO	controllers.OracleRestart	Completed Update of Oracle Restart instance status
+
+
+
+###############################################################
+### During this operation, the "pod/dbmc1-0" will be recreated
+###############################################################
+
+
+
+### Status after the Disks are added with "autoUpdate=true"
+
+$ kubectl describe oraclerestarts.database.oracle.com/oraclerestart-sample -n orestart
+Name:         oraclerestart-sample
+Namespace:    orestart
+Labels:       <none>
+Annotations:  OracleRestarts.database.oracle.com/old-spec:
+                {"instDetails":{"name":"dbmc1","hostSwLocation":"/scratch/orestart/","workerNode":["10.0.10.58"],"nodePortSvc":[{"name":"dbmc1-service-nod...
+API Version:  database.oracle.com/v4
+Kind:         OracleRestart
+Metadata:
+  Creation Timestamp:  2025-08-21T14:24:02Z
+  Finalizers:
+    database.oracle.com/oraclerestartfinalizer
+  Generation:        2
+  Resource Version:  225377019
+  UID:               9f7225ed-1e97-40f6-bd1d-4efa5acb3007
+Spec:
+  Asm Storage Details:
+    Auto Update:  true
+    Disks By Size:
+      Disk Names:
+        /dev/disk/by-partlabel/asm-disk1
+        /dev/disk/by-partlabel/asm-disk2
+        /dev/disk/by-partlabel/asm-disk3
+        /dev/disk/by-partlabel/asm-disk4
+      Storage Size In Gb:  50
+  Config Params:
+    Cpu Count:                   4
+    Crs Asm Device List:         /dev/disk/by-partlabel/asm-disk1,/dev/disk/by-partlabel/asm-disk2,/dev/disk/by-partlabel/asm-disk3,/dev/disk/by-partlabel/asm-disk4
+    Crs Asm Disk Dg:             +DATA
+    Crs Asm Disk Dg Redundancy:  external
+    Db Base:                     /u01/app/oracle
+    Db Char Set:                 AL32UTF8
+    Db Data File Dest Dg:        +DATA
+    Db Home:                     /u01/app/oracle/product/19c/dbhome_1
+    Db Name:                     PORCLCDB
+    Db Recovery File Dest:       +DATA
+    Db Response File:
+    Db Sw Zip File:  db_home.zip
+    Grid Base:       /u01/app/grid
+    Grid Home:       /u01/app/19c/grid
+    Grid Response File:
+    Grid Sw Zip File:        grid_home.zip
+    Host Sw Stage Location:  /scratch/software/stage
+    Inventory:               /u01/app/oraInventory
+    Pga Size:                1G
+    Processes:               2000
+    Sga Size:                3G
+    Sw Mount Location:       /u01
+  Db Secret:
+    Key File Mount Location:  /mnt/.dbsecrets
+    Key File Name:            key.pem
+    Name:                     db-user-pass-pkutl
+    Pwd File Mount Location:  /mnt/.dbsecrets
+    Pwd File Name:            pwdfile.enc
+  Image:                      localhost/oracle/database-orestart:19.3.0-slim
+  Image Pull Policy:          Always
+  Inst Details:
+    Host Sw Location:  /scratch/orestart/
+    Name:              dbmc1
+    Node Port Svc:
+      Name:      dbmc1-service-nodeport
+      Svc Type:  nodeport
+    Port Mappings:
+      Node Port:    30007
+      Port:         1521
+      Protocol:     TCP
+      Target Port:  1521
+    Worker Node:
+      10.0.10.58
+  Resources:
+    Limits:
+      Cpu:     2
+      Memory:  16Gi
+    Requests:
+      Cpu:     2
+      Memory:  16Gi
+  Security Context:
+    Sysctls:
+      Name:   kernel.shmall
+      Value:  2097152
+      Name:   kernel.sem
+      Value:  250 32000 100 128
+      Name:   kernel.shmmax
+      Value:  8589934592
+      Name:   kernel.shmmni
+      Value:  4096
+  Service Details:
+    Name:  soepdb
+  Ssh Key Secret:
+    Key Mount Location:    /mnt/.ssh
+    Name:                  ssh-key-secret
+    Priv Key Secret Name:  ssh-privkey
+    Pub Key Secret Name:   ssh-pubkey
+Status:
+  Oracle Restart Nodes:
+    Name:  dbmc1-0
+    Node Details:
+      Instance State:  OPEN
+      Pod State:       AVAILABLE
+      Cluster State:   HEALTHY
+      Mounted Devices:
+        /dev/disk/by-partlabel/asm-disk1
+        /dev/disk/by-partlabel/asm-disk2
+        /dev/disk/by-partlabel/asm-disk3
+        /dev/disk/by-partlabel/asm-disk4
+      State:  AVAILABLE
+  Asm Details:
+    Diskgroup:
+      Disks:
+        /dev/disk/by-partlabel/asm-disk1,/dev/disk/by-partlabel/asm-disk2,/dev/disk/by-partlabel/asm-disk3,/dev/disk/by-partlabel/asm-disk4
+      Name:        DATA
+      Redundancy:  EXTERN
+  Conditions:
+    Last Transition Time:  2025-08-21T14:36:35Z
+    Message:               oracle restart database is in a restricted state: PROVISIONING
+    Observed Generation:   1
+    Reason:                LastReconcileCycleQueued
+    Status:                True
+    Type:                  ReconcileQueued
+    Last Transition Time:  2025-08-21T14:56:23Z
+    Message:               no reconcile errors
+    Observed Generation:   2
+    Reason:                LastReconcileCycleCompleted
+    Status:                True
+    Type:                  ReconcileComplete
+  Config Params:
+    Crs Asm Device List:         /dev/disk/by-partlabel/asm-disk1,/dev/disk/by-partlabel/asm-disk2,/dev/disk/by-partlabel/asm-disk3,/dev/disk/by-partlabel/asm-disk4
+    Crs Asm Disk Dg:             +DATA
+    Crs Asm Disk Dg Redundancy:  external
+    Db Base:                     /u01/app/oracle
+    Db Data File Dest Dg:        +DATA
+    Db Home:                     /u01/app/oracle/product/19c/dbhome_1
+    Db Name:                     PORCLCDB
+    Db Recovery File Dest:       +DATA
+    Db Response File:
+    Grid Base:  /u01/app/grid
+    Grid Home:  /u01/app/19c/grid
+    Grid Response File:
+    Inventory:     /u01/app/oraInventory
+  Connect String:  dbmc1-0:1521/PORCLCDB
+  Db Secret:
+    Key File Mount Location:  /mnt/.dbsecrets
+    Key File Name:            key.pem
+    Name:                     db-user-pass-pkutl
+    Pwd File Mount Location:  /mnt/.dbsecrets
+    Pwd File Name:            pwdfile.enc
+  Db State:                   OPEN
+  External Connect String:    129.146.0.149:30007/soepdb
+  Inst Details:
+    Name:
+  Pdb Connect String:  dbmc1-0:1521/ORCLPDB
+  Release Update:      19.28.0.0.0
+  Role:                PRIMARY
+  Service Details:
+    Name:       soepdb
+    Svc State:  service soepdb is running
+  State:        AVAILABLE
+Events:         <none>
+
+
+
+[grid@dbmc1-0 ~]$ export ORACLE_SID=+ASM
+[grid@dbmc1-0 ~]$ asmcmd lsdsk
+Path
+/dev/disk/by-partlabel/asm-disk1
+/dev/disk/by-partlabel/asm-disk2
+/dev/disk/by-partlabel/asm-disk3
+/dev/disk/by-partlabel/asm-disk4
+
+
+[grid@dbmc1-0 ~]$ ls -lrt /dev/disk/by-partlabel/asm-disk*
+brw-rw----. 1 grid asmadmin 8, 81 Aug 21 14:57 /dev/disk/by-partlabel/asm-disk4
+brw-rw----. 1 grid asmadmin 8, 65 Aug 21 14:57 /dev/disk/by-partlabel/asm-disk3
+brw-rw----. 1 grid asmadmin 8, 33 Aug 21 14:57 /dev/disk/by-partlabel/asm-disk1
+brw-rw----. 1 grid asmadmin 8, 49 Aug 21 14:57 /dev/disk/by-partlabel/asm-disk2
\ No newline at end of file
diff --git a/docs/oraclerestart/provisioning/asm_disk_deletion.txt b/docs/oraclerestart/provisioning/asm_disk_deletion.txt
new file mode 100644
index 00000000..7b0929c6
--- /dev/null
+++ b/docs/oraclerestart/provisioning/asm_disk_deletion.txt
@@ -0,0 +1,453 @@
+#### Status before the ASM Disk deletion
+
+$ kubectl describe oraclerestarts.database.oracle.com/oraclerestart-sample -n orestart
+Name:         oraclerestart-sample
+Namespace:    orestart
+Labels:       <none>
+Annotations:  OracleRestarts.database.oracle.com/old-spec:
+                {"instDetails":{"name":"dbmc1","hostSwLocation":"/scratch/orestart/","workerNode":["10.0.10.58"],"nodePortSvc":[{"name":"dbmc1-service-nod...
+API Version:  database.oracle.com/v4
+Kind:         OracleRestart
+Metadata:
+  Creation Timestamp:  2025-08-21T15:36:59Z
+  Finalizers:
+    database.oracle.com/oraclerestartfinalizer
+  Generation:        1
+  Resource Version:  225402792
+  UID:               872a653b-2751-475d-848e-b0d2af5504b6
+Spec:
+  Asm Storage Details:
+    Disks By Size:
+      Disk Names:
+        /dev/disk/by-partlabel/asm-disk1
+        /dev/disk/by-partlabel/asm-disk2
+      Storage Size In Gb:  50
+  Config Params:
+    Cpu Count:                   4
+    Crs Asm Device List:         /dev/disk/by-partlabel/asm-disk1,/dev/disk/by-partlabel/asm-disk2
+    Crs Asm Disk Dg:             +DATA
+    Crs Asm Disk Dg Redundancy:  external
+    Db Base:                     /u01/app/oracle
+    Db Char Set:                 AL32UTF8
+    Db Data File Dest Dg:        +DATA
+    Db Home:                     /u01/app/oracle/product/19c/dbhome_1
+    Db Name:                     PORCLCDB
+    Db Recovery File Dest:       +DATA
+    Db Response File:
+    Db Sw Zip File:  db_home.zip
+    Grid Base:       /u01/app/grid
+    Grid Home:       /u01/app/19c/grid
+    Grid Response File:
+    Grid Sw Zip File:        grid_home.zip
+    Host Sw Stage Location:  /scratch/software/stage
+    Inventory:               /u01/app/oraInventory
+    Pga Size:                1G
+    Processes:               2000
+    Sga Size:                3G
+    Sw Mount Location:       /u01
+  Db Secret:
+    Key File Mount Location:  /mnt/.dbsecrets
+    Key File Name:            key.pem
+    Name:                     db-user-pass-pkutl
+    Pwd File Mount Location:  /mnt/.dbsecrets
+    Pwd File Name:            pwdfile.enc
+  Image:                      localhost/oracle/database-orestart:19.3.0-slim
+  Image Pull Policy:          Always
+  Inst Details:
+    Host Sw Location:  /scratch/orestart/
+    Name:              dbmc1
+    Node Port Svc:
+      Name:      dbmc1-service-nodeport
+      Svc Type:  nodeport
+    Port Mappings:
+      Node Port:    30007
+      Port:         1521
+      Protocol:     TCP
+      Target Port:  1521
+    Worker Node:
+      10.0.10.58
+  Resources:
+    Limits:
+      Cpu:     2
+      Memory:  16Gi
+    Requests:
+      Cpu:     2
+      Memory:  16Gi
+  Security Context:
+    Sysctls:
+      Name:   kernel.shmall
+      Value:  2097152
+      Name:   kernel.sem
+      Value:  250 32000 100 128
+      Name:   kernel.shmmax
+      Value:  8589934592
+      Name:   kernel.shmmni
+      Value:  4096
+  Service Details:
+    Name:  soepdb
+  Ssh Key Secret:
+    Key Mount Location:    /mnt/.ssh
+    Name:                  ssh-key-secret
+    Priv Key Secret Name:  ssh-privkey
+    Pub Key Secret Name:   ssh-pubkey
+Status:
+  Oracle Restart Nodes:
+    Name:  dbmc1-0
+    Node Details:
+      Instance State:  OPEN
+      Pod State:       AVAILABLE
+      Cluster State:   HEALTHY
+      Mounted Devices:
+        /dev/disk/by-partlabel/asm-disk1
+        /dev/disk/by-partlabel/asm-disk2
+      State:  AVAILABLE
+  Asm Details:
+    Diskgroup:
+      Disks:
+        /dev/disk/by-partlabel/asm-disk1,/dev/disk/by-partlabel/asm-disk2
+      Name:        DATA
+      Redundancy:  EXTERN
+  Conditions:
+    Last Transition Time:  2025-08-21T15:49:46Z
+    Message:               oracle restart database is in a restricted state: PROVISIONING
+    Observed Generation:   1
+    Reason:                LastReconcileCycleQueued
+    Status:                True
+    Type:                  ReconcileQueued
+    Last Transition Time:  2025-08-21T16:21:04Z
+    Message:               no reconcile errors
+    Observed Generation:   1
+    Reason:                LastReconcileCycleCompleted
+    Status:                True
+    Type:                  ReconcileComplete
+  Config Params:
+    Crs Asm Device List:         /dev/disk/by-partlabel/asm-disk1,/dev/disk/by-partlabel/asm-disk2
+    Crs Asm Disk Dg:             +DATA
+    Crs Asm Disk Dg Redundancy:  external
+    Db Base:                     /u01/app/oracle
+    Db Data File Dest Dg:        +DATA
+    Db Home:                     /u01/app/oracle/product/19c/dbhome_1
+    Db Name:                     PORCLCDB
+    Db Recovery File Dest:       +DATA
+    Db Response File:
+    Grid Base:  /u01/app/grid
+    Grid Home:  /u01/app/19c/grid
+    Grid Response File:
+    Inventory:     /u01/app/oraInventory
+  Connect String:  dbmc1-0:1521/PORCLCDB
+  Db Secret:
+    Key File Mount Location:  /mnt/.dbsecrets
+    Key File Name:            key.pem
+    Name:                     db-user-pass-pkutl
+    Pwd File Mount Location:  /mnt/.dbsecrets
+    Pwd File Name:            pwdfile.enc
+  Db State:                   OPEN
+  External Connect String:    129.146.0.149:30007/soepdb
+  Inst Details:
+    Name:
+  Pdb Connect String:  dbmc1-0:1521/ORCLPDB
+  Release Update:      19.28.0.0.0
+  Role:                PRIMARY
+  Service Details:
+    Name:       soepdb
+    Svc State:  service soepdb is running
+  State:        AVAILABLE
+Events:         <none>
+
+
+[grid@dbmc1-0 ~]$ export ORACLE_SID=+ASM
+[grid@dbmc1-0 ~]$ asmcmd lsdsk
+Path
+/dev/disk/by-partlabel/asm-disk1
+/dev/disk/by-partlabel/asm-disk2
+
+[grid@dbmc1-0 ~]$ ls -lrt /dev/disk/by-partlabel/asm-disk*
+brw-rw----. 1 grid asmadmin 8, 33 Aug 21 16:21 /dev/disk/by-partlabel/asm-disk2
+brw-rw----. 1 grid asmadmin 8, 49 Aug 21 16:21 /dev/disk/by-partlabel/asm-disk1
+
+
+### Drop the disk the ASM Level using "ALTER DISKGROUP DROP DISK" command as below:
+
+[grid@dbmc1-0 ~]$ sqlplus "/ as sysasm"
+
+SQL*Plus: Release 19.0.0.0.0 - Production on Thu Aug 21 16:23:43 2025
+Version 19.28.0.0.0
+
+Copyright (c) 1982, 2025, Oracle.  All rights reserved.
+
+
+Connected to:
+Oracle Database 19c Enterprise Edition Release 19.0.0.0.0 - Production
+Version 19.28.0.0.0
+
+SQL> set lines 200
+SQL> col path format a50
+SQL> select group_number, disk_number, name, total_mb, free_mb, path from v$asm_disk;
+
+GROUP_NUMBER DISK_NUMBER NAME				  TOTAL_MB    FREE_MB PATH
+------------ ----------- ------------------------------ ---------- ---------- --------------------------------------------------
+	   1	       1 DATA_0001			     51196	46452 /dev/disk/by-partlabel/asm-disk2
+	   1	       0 DATA_0000			     51196	46464 /dev/disk/by-partlabel/asm-disk1
+
+SQL> ALTER DISKGROUP DATA DROP DISK 'DATA_0001' REBALANCE POWER 10;
+
+Diskgroup altered.
+
+SQL> select EST_MINUTES,EST_WORK,ACTUAL,SOFAR from v$asm_operation;
+
+EST_MINUTES   EST_WORK	   ACTUAL      SOFAR
+----------- ---------- ---------- ----------
+	  0	     0	       10	   0
+	  0	  1183	       10	 122
+	  0	     0	       10	   0
+
+SQL> select EST_MINUTES,EST_WORK,ACTUAL,SOFAR from v$asm_operation;
+
+EST_MINUTES   EST_WORK	   ACTUAL      SOFAR
+----------- ---------- ---------- ----------
+	  0	     0	       10	   0
+	  0	  1183	       10	 723
+	  0	     0	       10	   0
+
+SQL> select EST_MINUTES,EST_WORK,ACTUAL,SOFAR from v$asm_operation;
+
+no rows selected
+
+SQL> select group_number, disk_number, name, total_mb, free_mb, path from v$asm_disk;
+
+GROUP_NUMBER DISK_NUMBER NAME				  TOTAL_MB    FREE_MB PATH
+------------ ----------- ------------------------------ ---------- ---------- --------------------------------------------------
+	   0	       0					 0	    0 /dev/disk/by-partlabel/asm-disk2
+	   1	       0 DATA_0000			     51196	41732 /dev/disk/by-partlabel/asm-disk1
+
+
+### Apply the file "orestart_prov_asm_disk_deletion.yaml" to delete an exising ASM Disk
+
+$ kubectl logs -f pod/oracle-database-operator-controller-manager-bc8dd8f68-pwfdk -n oracle-database-operator-system
+.
+.
+2025-08-21T16:31:12Z	INFO	controllers.OracleRestart	Detected Removal of ASM Disks:	{"removedAsmDisks": ["/dev/disk/by-partlabel/asm-disk2"]}
+2025-08-21T16:31:12Z	INFO	controllers.OracleRestart	Initialized autoUpdate as true (default)
+2025-08-21T16:31:12Z	INFO	controllers.OracleRestart	PV Found	{"Instance.Namespace": "orestart", "Instance.Name": "oraclerestart-sample", "dep.Name": "asm-pv-disk-0-oraclerestart-sample"}
+2025-08-21T16:31:12Z	INFO	controllers.OracleRestart	Updating existing configmap
+2025-08-21T16:31:12Z	INFO	controllers.OracleRestart	Config Map updated successfully with new asm details
+2025-08-21T16:31:15Z	INFO	controllers.OracleRestart	Change State to UPDATING
+2025-08-21T16:31:15Z	INFO	controllers.OracleRestart	Oracle Restart Object updated with updateOracleRestartInstStatus
+2025-08-21T16:31:15Z	INFO	controllers.OracleRestart	StatefulSet spec differs for volume devices, updating StatefulSet (pods may be recreated)	{"oracleRestart.Namespace": "orestart", "oracleRestart.Name": "oraclerestart-sample", "StatefulSet.Namespace": "orestart", "StatefulSet.Name": "dbmc1"}
+2025-08-21T16:31:15Z	INFO	controllers.OracleRestart	StatefulSet update applied, waiting for pod recreation	{"oracleRestart.Namespace": "orestart", "oracleRestart.Name": "oraclerestart-sample", "StatefulSet.Namespace": "orestart", "StatefulSet.Name": "dbmc1"}
+2025-08-21T16:31:15Z	INFO	controllers.OracleRestart	StatefulSet update is applied successfully	{"oracleRestart.Namespace": "orestart", "oracleRestart.Name": "oraclerestart-sample", "StatefulSet.Namespace": "orestart", "StatefulSet.Name": "dbmc1"}
+
+
+2025-08-21T16:32:15Z	INFO	controllers.OracleRestart	All Pods are running	{"oracleRestart.Namespace": "orestart", "oracleRestart.Name": "oraclerestart-sample", "StatefulSet.Namespace": "orestart", "StatefulSet.Name": "dbmc1"}
+2025-08-21T16:32:30Z	INFO	controllers.OracleRestart	Pod is not ready yet	{"oracleRestart.Namespace": "orestart", "oracleRestart.Name": "oraclerestart-sample", "Pod.Name": "dbmc1-0"}
+2025-08-21T16:33:00Z	INFO	controllers.OracleRestart	Pod is not ready yet	{"oracleRestart.Namespace": "orestart", "oracleRestart.Name": "oraclerestart-sample", "Pod.Name": "dbmc1-0"}
+2025-08-21T16:33:30Z	INFO	controllers.OracleRestart	Pod is not ready yet	{"oracleRestart.Namespace": "orestart", "oracleRestart.Name": "oraclerestart-sample", "Pod.Name": "dbmc1-0"}
+2025-08-21T16:34:00Z	INFO	controllers.OracleRestart	Pod is not ready yet	{"oracleRestart.Namespace": "orestart", "oracleRestart.Name": "oraclerestart-sample", "Pod.Name": "dbmc1-0"}
+2025-08-21T16:34:30Z	INFO	controllers.OracleRestart	Pod is ready	{"oracleRestart.Namespace": "orestart", "oracleRestart.Name": "oraclerestart-sample", "Pod.Name": "dbmc1-0"}
+2025-08-21T16:34:30Z	INFO	controllers.OracleRestart	Successfully deleted PVC	{"PVC.Name": "asm-pvc-disk-1-oraclerestart-sample"}
+2025-08-21T16:34:30Z	INFO	controllers.OracleRestart	Successfully deleted PV	{"PV.Name": "asm-pv-disk-1-oraclerestart-sample"}
+2025-08-21T16:34:30Z	INFO	OracleRestart-resource	validate update	{"name": "oraclerestart-sample"}
+2025-08-21T16:34:30Z	INFO	OracleRestart-resource	validate create	{"name": "oraclerestart-sample"}
+2025-08-21T16:34:30Z	INFO	controllers.OracleRestart	Oracle Restart Object annotations updated with current spec annotation
+2025-08-21T16:34:30Z	INFO	controllers.OracleRestart	Reconcile completed. Requeuing....
+2025-08-21T16:34:42Z	INFO	controllers.OracleRestart	Oracle Restart Object updated with updateOracleRestartInstStatus
+2025-08-21T16:34:42Z	INFO	controllers.OracleRestart	Completed Update of Oracle Restart instance status
+2025-08-21T16:35:01Z	INFO	controllers.OracleRestart	Updating Oracle Restart instance status with validateoraclerestartdb	{"Instance": "oraclerestart-sample"}
+2025-08-21T16:35:01Z	INFO	controllers.OracleRestart	Updated Oracle Restart instance status with validateoraclerestartdb	{"Instance": "oraclerestart-sample"}
+2025-08-21T16:35:01Z	INFO	controllers.OracleRestart	Updated Oracle Restart instance status successfully	{"Instance": "oraclerestart-sample"}
+2025-08-21T16:35:01Z	INFO	controllers.OracleRestart	Returning from updateReconcileStatus
+2025-08-21T16:35:01Z	INFO	controllers.OracleRestart	Reconcile requested
+2025-08-21T16:35:01Z	INFO	controllers.OracleRestart	Entering reconcile validation
+2025-08-21T16:35:01Z	INFO	controllers.OracleRestart	Completed reconcile validation
+2025-08-21T16:35:01Z	INFO	controllers.OracleRestart	Initialized autoUpdate as true (default)
+2025-08-21T16:35:01Z	INFO	OracleRestart-resource	validate update	{"name": "oraclerestart-sample"}
+2025-08-21T16:35:01Z	INFO	OracleRestart-resource	validate create	{"name": "oraclerestart-sample"}
+2025-08-21T16:35:01Z	INFO	controllers.OracleRestart	Oracle Restart Object annotations updated with current spec annotation
+2025-08-21T16:35:01Z	INFO	controllers.OracleRestart	Reconcile completed. Requeuing....
+2025-08-21T16:35:12Z	INFO	controllers.OracleRestart	Oracle Restart Object updated with updateOracleRestartInstStatus
+2025-08-21T16:35:12Z	INFO	controllers.OracleRestart	Completed Update of Oracle Restart instance status
+2025-08-21T16:35:31Z	INFO	controllers.OracleRestart	Updating Oracle Restart instance status with validateoraclerestartdb	{"Instance": "oraclerestart-sample"}
+2025-08-21T16:35:31Z	INFO	controllers.OracleRestart	Updated Oracle Restart instance status with validateoraclerestartdb	{"Instance": "oraclerestart-sample"}
+2025-08-21T16:35:31Z	INFO	controllers.OracleRestart	Updated Oracle Restart instance status successfully	{"Instance": "oraclerestart-sample"}
+2025-08-21T16:35:31Z	INFO	controllers.OracleRestart	Returning from updateReconcileStatus
+2025-08-21T16:35:31Z	INFO	controllers.OracleRestart	Reconcile requested
+2025-08-21T16:35:31Z	INFO	controllers.OracleRestart	Entering reconcile validation
+2025-08-21T16:35:31Z	INFO	controllers.OracleRestart	Completed reconcile validation
+2025-08-21T16:35:31Z	INFO	controllers.OracleRestart	Initialized autoUpdate as true (default)
+2025-08-21T16:35:31Z	INFO	controllers.OracleRestart	Annotations are already up to date. Skipping update.
+2025-08-21T16:35:31Z	INFO	controllers.OracleRestart	Reconcile completed. Requeuing....
+2025-08-21T16:35:42Z	INFO	controllers.OracleRestart	Oracle Restart Object updated with updateOracleRestartInstStatus
+2025-08-21T16:35:42Z	INFO	controllers.OracleRestart	Completed Update of Oracle Restart instance status
+
+
+
+###############################################################
+### During this operation, the "pod/dbmc1-0" will be recreated
+###############################################################
+
+
+
+### Status after the Disk removed:
+
+$ kubectl describe oraclerestarts.database.oracle.com/oraclerestart-sample -n orestart
+Name:         oraclerestart-sample
+Namespace:    orestart
+Labels:       <none>
+Annotations:  OracleRestarts.database.oracle.com/old-spec:
+                {"instDetails":{"name":"dbmc1","hostSwLocation":"/scratch/orestart/","workerNode":["10.0.10.58"],"nodePortSvc":[{"name":"dbmc1-service-nod...
+API Version:  database.oracle.com/v4
+Kind:         OracleRestart
+Metadata:
+  Creation Timestamp:  2025-08-21T15:36:59Z
+  Finalizers:
+    database.oracle.com/oraclerestartfinalizer
+  Generation:        2
+  Resource Version:  225407022
+  UID:               872a653b-2751-475d-848e-b0d2af5504b6
+Spec:
+  Asm Storage Details:
+    Disks By Size:
+      Disk Names:
+        /dev/disk/by-partlabel/asm-disk1
+      Storage Size In Gb:  50
+  Config Params:
+    Cpu Count:                   4
+    Crs Asm Device List:         /dev/disk/by-partlabel/asm-disk1
+    Crs Asm Disk Dg:             +DATA
+    Crs Asm Disk Dg Redundancy:  external
+    Db Base:                     /u01/app/oracle
+    Db Char Set:                 AL32UTF8
+    Db Data File Dest Dg:        +DATA
+    Db Home:                     /u01/app/oracle/product/19c/dbhome_1
+    Db Name:                     PORCLCDB
+    Db Recovery File Dest:       +DATA
+    Db Response File:
+    Db Sw Zip File:  db_home.zip
+    Grid Base:       /u01/app/grid
+    Grid Home:       /u01/app/19c/grid
+    Grid Response File:
+    Grid Sw Zip File:        grid_home.zip
+    Host Sw Stage Location:  /scratch/software/stage
+    Inventory:               /u01/app/oraInventory
+    Pga Size:                1G
+    Processes:               2000
+    Sga Size:                3G
+    Sw Mount Location:       /u01
+  Db Secret:
+    Key File Mount Location:  /mnt/.dbsecrets
+    Key File Name:            key.pem
+    Name:                     db-user-pass-pkutl
+    Pwd File Mount Location:  /mnt/.dbsecrets
+    Pwd File Name:            pwdfile.enc
+  Image:                      localhost/oracle/database-orestart:19.3.0-slim
+  Image Pull Policy:          Always
+  Inst Details:
+    Host Sw Location:  /scratch/orestart/
+    Name:              dbmc1
+    Node Port Svc:
+      Name:      dbmc1-service-nodeport
+      Svc Type:  nodeport
+    Port Mappings:
+      Node Port:    30007
+      Port:         1521
+      Protocol:     TCP
+      Target Port:  1521
+    Worker Node:
+      10.0.10.58
+  Resources:
+    Limits:
+      Cpu:     2
+      Memory:  16Gi
+    Requests:
+      Cpu:     2
+      Memory:  16Gi
+  Security Context:
+    Sysctls:
+      Name:   kernel.shmall
+      Value:  2097152
+      Name:   kernel.sem
+      Value:  250 32000 100 128
+      Name:   kernel.shmmax
+      Value:  8589934592
+      Name:   kernel.shmmni
+      Value:  4096
+  Service Details:
+    Name:  soepdb
+  Ssh Key Secret:
+    Key Mount Location:    /mnt/.ssh
+    Name:                  ssh-key-secret
+    Priv Key Secret Name:  ssh-privkey
+    Pub Key Secret Name:   ssh-pubkey
+Status:
+  Oracle Restart Nodes:
+    Name:  dbmc1-0
+    Node Details:
+      Instance State:  OPEN
+      Pod State:       PODAVAILABLE
+      Cluster State:   HEALTHY
+      Mounted Devices:
+        /dev/disk/by-partlabel/asm-disk1
+      State:  AVAILABLE
+  Asm Details:
+    Diskgroup:
+      Disks:
+        /dev/disk/by-partlabel/asm-disk1
+      Name:        DATA
+      Redundancy:  EXTERN
+  Conditions:
+    Last Transition Time:  2025-08-21T15:49:46Z
+    Message:               oracle restart database is in a restricted state: PROVISIONING
+    Observed Generation:   1
+    Reason:                LastReconcileCycleQueued
+    Status:                True
+    Type:                  ReconcileQueued
+    Last Transition Time:  2025-08-21T16:35:01Z
+    Message:               no reconcile errors
+    Observed Generation:   2
+    Reason:                LastReconcileCycleCompleted
+    Status:                True
+    Type:                  ReconcileComplete
+  Config Params:
+    Crs Asm Device List:         /dev/disk/by-partlabel/asm-disk1
+    Crs Asm Disk Dg:             +DATA
+    Crs Asm Disk Dg Redundancy:  external
+    Db Base:                     /u01/app/oracle
+    Db Data File Dest Dg:        +DATA
+    Db Home:                     /u01/app/oracle/product/19c/dbhome_1
+    Db Name:                     PORCLCDB
+    Db Recovery File Dest:       +DATA
+    Db Response File:
+    Grid Base:  /u01/app/grid
+    Grid Home:  /u01/app/19c/grid
+    Grid Response File:
+    Inventory:     /u01/app/oraInventory
+  Connect String:  dbmc1-0:1521/PORCLCDB
+  Db Secret:
+    Key File Mount Location:  /mnt/.dbsecrets
+    Key File Name:            key.pem
+    Name:                     db-user-pass-pkutl
+    Pwd File Mount Location:  /mnt/.dbsecrets
+    Pwd File Name:            pwdfile.enc
+  Db State:                   OPEN
+  External Connect String:    129.146.0.149:30007/soepdb
+  Inst Details:
+    Name:
+  Pdb Connect String:  dbmc1-0:1521/ORCLPDB
+  Release Update:      19.28.0.0.0
+  Role:                PRIMARY
+  Service Details:
+    Name:       soepdb
+    Svc State:  service soepdb is running
+  State:        AVAILABLE
+Events:         <none>
+
+
+
+[grid@dbmc1-0 ~]$ export ORACLE_SID=+ASM
+[grid@dbmc1-0 ~]$ asmcmd lsdsk
+Path
+/dev/disk/by-partlabel/asm-disk1
+
+
+[grid@dbmc1-0 ~]$ ls -lrt /dev/disk/by-partlabel/asm-disk*
+brw-rw----. 1 grid asmadmin 8, 49 Aug 21 16:36 /dev/disk/by-partlabel/asm-disk1
\ No newline at end of file
diff --git a/docs/oraclerestart/provisioning/asm_disk_deletion1.txt b/docs/oraclerestart/provisioning/asm_disk_deletion1.txt
new file mode 100644
index 00000000..aa2c6631
--- /dev/null
+++ b/docs/oraclerestart/provisioning/asm_disk_deletion1.txt
@@ -0,0 +1,619 @@
+#### Status before the ASM Disk deletion
+
+$ kubectl describe oraclerestarts.database.oracle.com/oraclerestart-sample -n orestart
+Name:         oraclerestart-sample
+Namespace:    orestart
+Labels:       <none>
+Annotations:  OracleRestarts.database.oracle.com/old-spec:
+                {"instDetails":{"name":"dbmc1","hostSwLocation":"/scratch/orestart/","workerNode":["10.0.10.58"],"nodePortSvc":[{"name":"dbmc1-service-nod...
+API Version:  database.oracle.com/v4
+Kind:         OracleRestart
+Metadata:
+  Creation Timestamp:  2025-08-22T05:09:46Z
+  Finalizers:
+    database.oracle.com/oraclerestartfinalizer
+  Generation:        1
+  Resource Version:  226218859
+  UID:               e3378459-8aa7-4c05-98b2-9c03a44b3a57
+Spec:
+  Asm Storage Details:
+    Disks By Size:
+      Disk Names:
+        /dev/disk/by-partlabel/asm-disk1
+        /dev/disk/by-partlabel/asm-disk2
+      Storage Size In Gb:  50
+  Config Params:
+    Cpu Count:                   4
+    Crs Asm Device List:         /dev/disk/by-partlabel/asm-disk1,/dev/disk/by-partlabel/asm-disk2
+    Crs Asm Disk Dg:             +DATA
+    Crs Asm Disk Dg Redundancy:  external
+    Db Base:                     /u01/app/oracle
+    Db Char Set:                 AL32UTF8
+    Db Data File Dest Dg:        +DATA
+    Db Home:                     /u01/app/oracle/product/19c/dbhome_1
+    Db Name:                     PORCLCDB
+    Db Recovery File Dest:       +DATA
+    Db Response File:
+    Db Sw Zip File:  db_home.zip
+    Grid Base:       /u01/app/grid
+    Grid Home:       /u01/app/19c/grid
+    Grid Response File:
+    Grid Sw Zip File:        grid_home.zip
+    Host Sw Stage Location:  /scratch/software/stage
+    Inventory:               /u01/app/oraInventory
+    Pga Size:                1G
+    Processes:               2000
+    Sga Size:                3G
+    Sw Mount Location:       /u01
+  Db Secret:
+    Key File Mount Location:  /mnt/.dbsecrets
+    Key File Name:            key.pem
+    Name:                     db-user-pass-pkutl
+    Pwd File Mount Location:  /mnt/.dbsecrets
+    Pwd File Name:            pwdfile.enc
+  Image:                      localhost/oracle/database-orestart:19.3.0-slim
+  Image Pull Policy:          Always
+  Inst Details:
+    Host Sw Location:  /scratch/orestart/
+    Name:              dbmc1
+    Node Port Svc:
+      Name:      dbmc1-service-nodeport
+      Svc Type:  nodeport
+    Port Mappings:
+      Node Port:    30007
+      Port:         1521
+      Protocol:     TCP
+      Target Port:  1521
+    Worker Node:
+      10.0.10.58
+  Resources:
+    Limits:
+      Cpu:     2
+      Memory:  16Gi
+    Requests:
+      Cpu:     2
+      Memory:  16Gi
+  Security Context:
+    Sysctls:
+      Name:   kernel.shmall
+      Value:  2097152
+      Name:   kernel.sem
+      Value:  250 32000 100 128
+      Name:   kernel.shmmax
+      Value:  8589934592
+      Name:   kernel.shmmni
+      Value:  4096
+  Service Details:
+    Name:  soepdb
+  Ssh Key Secret:
+    Key Mount Location:    /mnt/.ssh
+    Name:                  ssh-key-secret
+    Priv Key Secret Name:  ssh-privkey
+    Pub Key Secret Name:   ssh-pubkey
+Status:
+  Oracle Restart Nodes:
+    Name:  dbmc1-0
+    Node Details:
+      Instance State:  OPEN
+      Pod State:       AVAILABLE
+      Cluster State:   HEALTHY
+      Mounted Devices:
+        /dev/disk/by-partlabel/asm-disk1
+        /dev/disk/by-partlabel/asm-disk2
+      State:  AVAILABLE
+  Asm Details:
+    Diskgroup:
+      Disks:
+        /dev/disk/by-partlabel/asm-disk1,/dev/disk/by-partlabel/asm-disk2
+      Name:        DATA
+      Redundancy:  EXTERN
+  Conditions:
+    Last Transition Time:  2025-08-22T05:22:19Z
+    Message:               oracle restart database is in a restricted state: PROVISIONING
+    Observed Generation:   1
+    Reason:                LastReconcileCycleQueued
+    Status:                True
+    Type:                  ReconcileQueued
+    Last Transition Time:  2025-08-23T13:45:49Z
+    Message:               no reconcile errors
+    Observed Generation:   1
+    Reason:                LastReconcileCycleCompleted
+    Status:                True
+    Type:                  ReconcileComplete
+  Config Params:
+    Crs Asm Device List:         /dev/disk/by-partlabel/asm-disk1,/dev/disk/by-partlabel/asm-disk2
+    Crs Asm Disk Dg:             +DATA
+    Crs Asm Disk Dg Redundancy:  external
+    Db Base:                     /u01/app/oracle
+    Db Data File Dest Dg:        +DATA
+    Db Home:                     /u01/app/oracle/product/19c/dbhome_1
+    Db Name:                     PORCLCDB
+    Db Recovery File Dest:       +DATA
+    Db Response File:
+    Grid Base:  /u01/app/grid
+    Grid Home:  /u01/app/19c/grid
+    Grid Response File:
+    Inventory:     /u01/app/oraInventory
+  Connect String:  dbmc1-0:1521/PORCLCDB
+  Db Secret:
+    Key File Mount Location:  /mnt/.dbsecrets
+    Key File Name:            key.pem
+    Name:                     db-user-pass-pkutl
+    Pwd File Mount Location:  /mnt/.dbsecrets
+    Pwd File Name:            pwdfile.enc
+  Db State:                   OPEN
+  External Connect String:    129.146.0.149:30007/soepdb
+  Inst Details:
+    Name:
+  Pdb Connect String:  dbmc1-0:1521/ORCLPDB
+  Release Update:      19.28.0.0.0
+  Role:                PRIMARY
+  Service Details:
+    Name:       soepdb
+    Svc State:  service soepdb is running
+  State:        AVAILABLE
+Events:         <none>
+
+
+[grid@dbmc1-0 ~]$ export ORACLE_SID=+ASM
+[grid@dbmc1-0 ~]$ asmcmd lsdsk
+Path
+/dev/disk/by-partlabel/asm-disk1
+/dev/disk/by-partlabel/asm-disk2
+
+[grid@dbmc1-0 ~]$ ls -lrt /dev/disk/by-partlabel/asm-disk*
+brw-rw----. 1 grid asmadmin 8, 33 Aug 22 11:17 /dev/disk/by-partlabel/asm-disk2
+brw-rw----. 1 grid asmadmin 8, 49 Aug 22 11:17 /dev/disk/by-partlabel/asm-disk1
+
+
+### Apply the file "orestart_prov_asm_disk_deletion.yaml" to delete an exising ASM Disk
+### When the above .yaml file is applied, Operator will check if the disk is in use before deletion
+### As the disk is not deleted at the ASM level and rebalance has NOT been done, the Operator will be waiting for the disk to be deleted at the ASM Level
+
+
+$ kubectl logs -f pod/oracle-database-operator-controller-manager-bc8dd8f68-pwfdk -n oracle-database-operator-system
+.
+.
+2025-08-23T13:48:51Z	INFO	controllers.OracleRestart	Detected Removal of ASM Disks:	{"removedAsmDisks": ["/dev/disk/by-partlabel/asm-disk2"]}
+2025-08-23T13:48:51Z	INFO	controllers.OracleRestart	Initialized autoUpdate as true (default)
+2025-08-23T13:48:51Z	INFO	controllers.OracleRestart	PV Found	{"Instance.Namespace": "orestart", "Instance.Name": "oraclerestart-sample", "dep.Name": "asm-pv-disk-0-oraclerestart-sample"}
+2025-08-23T13:48:51Z	INFO	controllers.OracleRestart	Updating existing configmap
+2025-08-23T13:48:51Z	INFO	controllers.OracleRestart	Config Map updated successfully with new asm details
+2025-08-23T13:48:54Z	INFO	controllers.OracleRestart	Disk is in use and cannot be removed. Must be manually removed before proceeding	{"disk": "/dev/disk/by-partlabel/asm-disk2", "diskgroup": "DATA"}
+2025-08-23T13:49:05Z	INFO	controllers.OracleRestart	Oracle Restart Object updated with updateOracleRestartInstStatus
+2025-08-23T13:49:05Z	INFO	controllers.OracleRestart	Completed Update of Oracle Restart instance status
+2025-08-23T13:49:24Z	INFO	controllers.OracleRestart	Updating Oracle Restart instance status with validateoraclerestartdb	{"Instance": "oraclerestart-sample"}
+2025-08-23T13:49:24Z	INFO	controllers.OracleRestart	Updated Oracle Restart instance status with validateoraclerestartdb	{"Instance": "oraclerestart-sample"}
+2025-08-23T13:49:24Z	ERROR	Reconciler error	{"controller": "oraclerestart", "controllerGroup": "database.oracle.com", "controllerKind": "OracleRestart", "OracleRestart": {"name":"oraclerestart-sample","namespace":"orestart"}, "namespace": "orestart", "name": "oraclerestart-sample", "reconcileID": "ae8e9e7d-ee7c-4cae-b19a-63c57471a0d7", "error": "disk '/dev/disk/by-partlabel/asm-disk2' is part of diskgroup 'DATA' and must be manually removed before proceeding"}
+sigs.k8s.io/controller-runtime/pkg/internal/controller.(*Controller[...]).reconcileHandler
+	/gomod-cache/sigs.k8s.io/controller-runtime@v0.21.0/pkg/internal/controller/controller.go:353
+sigs.k8s.io/controller-runtime/pkg/internal/controller.(*Controller[...]).processNextWorkItem
+	/gomod-cache/sigs.k8s.io/controller-runtime@v0.21.0/pkg/internal/controller/controller.go:300
+sigs.k8s.io/controller-runtime/pkg/internal/controller.(*Controller[...]).Start.func2.1
+	/gomod-cache/sigs.k8s.io/controller-runtime@v0.21.0/pkg/internal/controller/controller.go:202
+2025-08-23T13:49:24Z	INFO	controllers.OracleRestart	Reconcile requested
+2025-08-23T13:49:24Z	INFO	controllers.OracleRestart	Entering reconcile validation
+2025-08-23T13:49:24Z	INFO	controllers.OracleRestart	Completed reconcile validation
+2025-08-23T13:49:24Z	INFO	controllers.OracleRestart	Detected Removal of ASM Disks:	{"removedAsmDisks": ["/dev/disk/by-partlabel/asm-disk2"]}
+2025-08-23T13:49:24Z	INFO	controllers.OracleRestart	Initialized autoUpdate as true (default)
+2025-08-23T13:49:24Z	INFO	controllers.OracleRestart	PV Found	{"Instance.Namespace": "orestart", "Instance.Name": "oraclerestart-sample", "dep.Name": "asm-pv-disk-0-oraclerestart-sample"}
+2025-08-23T13:49:24Z	INFO	controllers.OracleRestart	Updating existing configmap
+2025-08-23T13:49:24Z	INFO	controllers.OracleRestart	Config Map updated successfully with new asm details
+2025-08-23T13:49:27Z	INFO	controllers.OracleRestart	Disk is in use and cannot be removed. Must be manually removed before proceeding	{"disk": "/dev/disk/by-partlabel/asm-disk2", "diskgroup": "DATA"}
+2025-08-23T13:49:38Z	INFO	controllers.OracleRestart	Oracle Restart Object updated with updateOracleRestartInstStatus
+2025-08-23T13:49:38Z	INFO	controllers.OracleRestart	Completed Update of Oracle Restart instance status
+2025-08-23T13:49:57Z	INFO	controllers.OracleRestart	Updating Oracle Restart instance status with validateoraclerestartdb	{"Instance": "oraclerestart-sample"}
+2025-08-23T13:49:57Z	INFO	controllers.OracleRestart	Updated Oracle Restart instance status with validateoraclerestartdb	{"Instance": "oraclerestart-sample"}
+2025-08-23T13:49:57Z	ERROR	Reconciler error	{"controller": "oraclerestart", "controllerGroup": "database.oracle.com", "controllerKind": "OracleRestart", "OracleRestart": {"name":"oraclerestart-sample","namespace":"orestart"}, "namespace": "orestart", "name": "oraclerestart-sample", "reconcileID": "e379037b-4a89-415c-b3f5-aad5e72ff818", "error": "disk '/dev/disk/by-partlabel/asm-disk2' is part of diskgroup 'DATA' and must be manually removed before proceeding"}
+sigs.k8s.io/controller-runtime/pkg/internal/controller.(*Controller[...]).reconcileHandler
+	/gomod-cache/sigs.k8s.io/controller-runtime@v0.21.0/pkg/internal/controller/controller.go:353
+sigs.k8s.io/controller-runtime/pkg/internal/controller.(*Controller[...]).processNextWorkItem
+	/gomod-cache/sigs.k8s.io/controller-runtime@v0.21.0/pkg/internal/controller/controller.go:300
+sigs.k8s.io/controller-runtime/pkg/internal/controller.(*Controller[...]).Start.func2.1
+	/gomod-cache/sigs.k8s.io/controller-runtime@v0.21.0/pkg/internal/controller/controller.go:202
+2025-08-23T13:49:57Z	INFO	controllers.OracleRestart	Reconcile requested
+2025-08-23T13:49:57Z	INFO	controllers.OracleRestart	Entering reconcile validation
+2025-08-23T13:49:57Z	INFO	controllers.OracleRestart	Completed reconcile validation
+2025-08-23T13:49:57Z	INFO	controllers.OracleRestart	Detected Removal of ASM Disks:	{"removedAsmDisks": ["/dev/disk/by-partlabel/asm-disk2"]}
+2025-08-23T13:49:57Z	INFO	controllers.OracleRestart	Initialized autoUpdate as true (default)
+2025-08-23T13:49:57Z	INFO	controllers.OracleRestart	PV Found	{"Instance.Namespace": "orestart", "Instance.Name": "oraclerestart-sample", "dep.Name": "asm-pv-disk-0-oraclerestart-sample"}
+2025-08-23T13:49:57Z	INFO	controllers.OracleRestart	Updating existing configmap
+2025-08-23T13:49:57Z	INFO	controllers.OracleRestart	Config Map updated successfully with new asm details
+2025-08-23T13:49:59Z	INFO	controllers.OracleRestart	Disk is in use and cannot be removed. Must be manually removed before proceeding	{"disk": "/dev/disk/by-partlabel/asm-disk2", "diskgroup": "DATA"}
+2025-08-23T13:50:11Z	INFO	controllers.OracleRestart	Oracle Restart Object updated with updateOracleRestartInstStatus
+2025-08-23T13:50:11Z	INFO	controllers.OracleRestart	Completed Update of Oracle Restart instance status
+2025-08-23T13:50:36Z	INFO	controllers.OracleRestart	Updating Oracle Restart instance status with validateoraclerestartdb	{"Instance": "oraclerestart-sample"}
+2025-08-23T13:50:36Z	INFO	controllers.OracleRestart	Updated Oracle Restart instance status with validateoraclerestartdb	{"Instance": "oraclerestart-sample"}
+2025-08-23T13:50:36Z	ERROR	Reconciler error	{"controller": "oraclerestart", "controllerGroup": "database.oracle.com", "controllerKind": "OracleRestart", "OracleRestart": {"name":"oraclerestart-sample","namespace":"orestart"}, "namespace": "orestart", "name": "oraclerestart-sample", "reconcileID": "e51d673e-6475-445e-bb4f-21e175057290", "error": "disk '/dev/disk/by-partlabel/asm-disk2' is part of diskgroup 'DATA' and must be manually removed before proceeding"}
+sigs.k8s.io/controller-runtime/pkg/internal/controller.(*Controller[...]).reconcileHandler
+	/gomod-cache/sigs.k8s.io/controller-runtime@v0.21.0/pkg/internal/controller/controller.go:353
+sigs.k8s.io/controller-runtime/pkg/internal/controller.(*Controller[...]).processNextWorkItem
+	/gomod-cache/sigs.k8s.io/controller-runtime@v0.21.0/pkg/internal/controller/controller.go:300
+sigs.k8s.io/controller-runtime/pkg/internal/controller.(*Controller[...]).Start.func2.1
+	/gomod-cache/sigs.k8s.io/controller-runtime@v0.21.0/pkg/internal/controller/controller.go:202
+2025-08-23T13:50:36Z	INFO	controllers.OracleRestart	Reconcile requested
+2025-08-23T13:50:36Z	INFO	controllers.OracleRestart	Entering reconcile validation
+2025-08-23T13:50:36Z	INFO	controllers.OracleRestart	Completed reconcile validation
+2025-08-23T13:50:36Z	INFO	controllers.OracleRestart	Detected Removal of ASM Disks:	{"removedAsmDisks": ["/dev/disk/by-partlabel/asm-disk2"]}
+2025-08-23T13:50:36Z	INFO	controllers.OracleRestart	Initialized autoUpdate as true (default)
+2025-08-23T13:50:36Z	INFO	controllers.OracleRestart	PV Found	{"Instance.Namespace": "orestart", "Instance.Name": "oraclerestart-sample", "dep.Name": "asm-pv-disk-0-oraclerestart-sample"}
+2025-08-23T13:50:36Z	INFO	controllers.OracleRestart	Updating existing configmap
+2025-08-23T13:50:36Z	INFO	controllers.OracleRestart	Config Map updated successfully with new asm details
+2025-08-23T13:50:43Z	INFO	controllers.OracleRestart	Disk is in use and cannot be removed. Must be manually removed before proceeding	{"disk": "/dev/disk/by-partlabel/asm-disk2", "diskgroup": "DATA"}
+2025-08-23T13:50:54Z	INFO	controllers.OracleRestart	Oracle Restart Object updated with updateOracleRestartInstStatus
+2025-08-23T13:50:54Z	INFO	controllers.OracleRestart	Completed Update of Oracle Restart instance status
+2025-08-23T13:51:14Z	INFO	controllers.OracleRestart	Updating Oracle Restart instance status with validateoraclerestartdb	{"Instance": "oraclerestart-sample"}
+2025-08-23T13:51:14Z	INFO	controllers.OracleRestart	Updated Oracle Restart instance status with validateoraclerestartdb	{"Instance": "oraclerestart-sample"}
+2025-08-23T13:51:14Z	ERROR	Reconciler error	{"controller": "oraclerestart", "controllerGroup": "database.oracle.com", "controllerKind": "OracleRestart", "OracleRestart": {"name":"oraclerestart-sample","namespace":"orestart"}, "namespace": "orestart", "name": "oraclerestart-sample", "reconcileID": "9fd9fffb-ea21-44a6-9fde-7481106503ca", "error": "disk '/dev/disk/by-partlabel/asm-disk2' is part of diskgroup 'DATA' and must be manually removed before proceeding"}
+sigs.k8s.io/controller-runtime/pkg/internal/controller.(*Controller[...]).reconcileHandler
+	/gomod-cache/sigs.k8s.io/controller-runtime@v0.21.0/pkg/internal/controller/controller.go:353
+sigs.k8s.io/controller-runtime/pkg/internal/controller.(*Controller[...]).processNextWorkItem
+	/gomod-cache/sigs.k8s.io/controller-runtime@v0.21.0/pkg/internal/controller/controller.go:300
+sigs.k8s.io/controller-runtime/pkg/internal/controller.(*Controller[...]).Start.func2.1
+	/gomod-cache/sigs.k8s.io/controller-runtime@v0.21.0/pkg/internal/controller/controller.go:202
+2025-08-23T13:51:14Z	INFO	controllers.OracleRestart	Reconcile requested
+2025-08-23T13:51:14Z	INFO	controllers.OracleRestart	Entering reconcile validation
+2025-08-23T13:51:14Z	INFO	controllers.OracleRestart	Completed reconcile validation
+2025-08-23T13:51:14Z	INFO	controllers.OracleRestart	Detected Removal of ASM Disks:	{"removedAsmDisks": ["/dev/disk/by-partlabel/asm-disk2"]}
+2025-08-23T13:51:14Z	INFO	controllers.OracleRestart	Initialized autoUpdate as true (default)
+2025-08-23T13:51:14Z	INFO	controllers.OracleRestart	PV Found	{"Instance.Namespace": "orestart", "Instance.Name": "oraclerestart-sample", "dep.Name": "asm-pv-disk-0-oraclerestart-sample"}
+2025-08-23T13:51:14Z	INFO	controllers.OracleRestart	Updating existing configmap
+2025-08-23T13:51:14Z	INFO	controllers.OracleRestart	Config Map updated successfully with new asm details
+2025-08-23T13:51:18Z	INFO	controllers.OracleRestart	Disk is in use and cannot be removed. Must be manually removed before proceeding	{"disk": "/dev/disk/by-partlabel/asm-disk2", "diskgroup": "DATA"}
+2025-08-23T13:51:30Z	INFO	controllers.OracleRestart	Oracle Restart Object updated with updateOracleRestartInstStatus
+2025-08-23T13:51:30Z	INFO	controllers.OracleRestart	Completed Update of Oracle Restart instance status
+2025-08-23T13:51:51Z	INFO	controllers.OracleRestart	Updating Oracle Restart instance status with validateoraclerestartdb	{"Instance": "oraclerestart-sample"}
+2025-08-23T13:51:51Z	INFO	controllers.OracleRestart	Updated Oracle Restart instance status with validateoraclerestartdb	{"Instance": "oraclerestart-sample"}
+2025-08-23T13:51:51Z	ERROR	Reconciler error	{"controller": "oraclerestart", "controllerGroup": "database.oracle.com", "controllerKind": "OracleRestart", "OracleRestart": {"name":"oraclerestart-sample","namespace":"orestart"}, "namespace": "orestart", "name": "oraclerestart-sample", "reconcileID": "39f5168e-cf8e-4d0d-990e-e291b024cbc8", "error": "disk '/dev/disk/by-partlabel/asm-disk2' is part of diskgroup 'DATA' and must be manually removed before proceeding"}
+sigs.k8s.io/controller-runtime/pkg/internal/controller.(*Controller[...]).reconcileHandler
+	/gomod-cache/sigs.k8s.io/controller-runtime@v0.21.0/pkg/internal/controller/controller.go:353
+sigs.k8s.io/controller-runtime/pkg/internal/controller.(*Controller[...]).processNextWorkItem
+	/gomod-cache/sigs.k8s.io/controller-runtime@v0.21.0/pkg/internal/controller/controller.go:300
+sigs.k8s.io/controller-runtime/pkg/internal/controller.(*Controller[...]).Start.func2.1
+	/gomod-cache/sigs.k8s.io/controller-runtime@v0.21.0/pkg/internal/controller/controller.go:202
+2025-08-23T13:51:51Z	INFO	controllers.OracleRestart	Reconcile requested
+2025-08-23T13:51:51Z	INFO	controllers.OracleRestart	Entering reconcile validation
+2025-08-23T13:51:51Z	INFO	controllers.OracleRestart	Completed reconcile validation
+2025-08-23T13:51:51Z	INFO	controllers.OracleRestart	Detected Removal of ASM Disks:	{"removedAsmDisks": ["/dev/disk/by-partlabel/asm-disk2"]}
+2025-08-23T13:51:51Z	INFO	controllers.OracleRestart	Initialized autoUpdate as true (default)
+2025-08-23T13:51:51Z	INFO	controllers.OracleRestart	PV Found	{"Instance.Namespace": "orestart", "Instance.Name": "oraclerestart-sample", "dep.Name": "asm-pv-disk-0-oraclerestart-sample"}
+2025-08-23T13:51:51Z	INFO	controllers.OracleRestart	Updating existing configmap
+2025-08-23T13:51:51Z	INFO	controllers.OracleRestart	Config Map updated successfully with new asm details
+2025-08-23T13:51:55Z	INFO	controllers.OracleRestart	Disk is in use and cannot be removed. Must be manually removed before proceeding	{"disk": "/dev/disk/by-partlabel/asm-disk2", "diskgroup": "DATA"}
+2025-08-23T13:52:06Z	INFO	controllers.OracleRestart	Oracle Restart Object updated with updateOracleRestartInstStatus
+2025-08-23T13:52:06Z	INFO	controllers.OracleRestart	Completed Update of Oracle Restart instance status
+2025-08-23T13:52:28Z	INFO	controllers.OracleRestart	Updating Oracle Restart instance status with validateoraclerestartdb	{"Instance": "oraclerestart-sample"}
+2025-08-23T13:52:28Z	INFO	controllers.OracleRestart	Updated Oracle Restart instance status with validateoraclerestartdb	{"Instance": "oraclerestart-sample"}
+2025-08-23T13:52:28Z	ERROR	Reconciler error	{"controller": "oraclerestart", "controllerGroup": "database.oracle.com", "controllerKind": "OracleRestart", "OracleRestart": {"name":"oraclerestart-sample","namespace":"orestart"}, "namespace": "orestart", "name": "oraclerestart-sample", "reconcileID": "6120c33d-b761-4661-b2f9-a45042e50790", "error": "disk '/dev/disk/by-partlabel/asm-disk2' is part of diskgroup 'DATA' and must be manually removed before proceeding"}
+sigs.k8s.io/controller-runtime/pkg/internal/controller.(*Controller[...]).reconcileHandler
+	/gomod-cache/sigs.k8s.io/controller-runtime@v0.21.0/pkg/internal/controller/controller.go:353
+sigs.k8s.io/controller-runtime/pkg/internal/controller.(*Controller[...]).processNextWorkItem
+	/gomod-cache/sigs.k8s.io/controller-runtime@v0.21.0/pkg/internal/controller/controller.go:300
+sigs.k8s.io/controller-runtime/pkg/internal/controller.(*Controller[...]).Start.func2.1
+	/gomod-cache/sigs.k8s.io/controller-runtime@v0.21.0/pkg/internal/controller/controller.go:202
+2025-08-23T13:52:28Z	INFO	controllers.OracleRestart	Reconcile requested
+2025-08-23T13:52:28Z	INFO	controllers.OracleRestart	Entering reconcile validation
+2025-08-23T13:52:28Z	INFO	controllers.OracleRestart	Completed reconcile validation
+2025-08-23T13:52:28Z	INFO	controllers.OracleRestart	Detected Removal of ASM Disks:	{"removedAsmDisks": ["/dev/disk/by-partlabel/asm-disk2"]}
+2025-08-23T13:52:28Z	INFO	controllers.OracleRestart	Initialized autoUpdate as true (default)
+2025-08-23T13:52:28Z	INFO	controllers.OracleRestart	PV Found	{"Instance.Namespace": "orestart", "Instance.Name": "oraclerestart-sample", "dep.Name": "asm-pv-disk-0-oraclerestart-sample"}
+2025-08-23T13:52:28Z	INFO	controllers.OracleRestart	Updating existing configmap
+2025-08-23T13:52:28Z	INFO	controllers.OracleRestart	Config Map updated successfully with new asm details
+2025-08-23T13:52:32Z	INFO	controllers.OracleRestart	Disk is in use and cannot be removed. Must be manually removed before proceeding	{"disk": "/dev/disk/by-partlabel/asm-disk2", "diskgroup": "DATA"}
+2025-08-23T13:52:44Z	INFO	controllers.OracleRestart	Oracle Restart Object updated with updateOracleRestartInstStatus
+2025-08-23T13:52:44Z	INFO	controllers.OracleRestart	Completed Update of Oracle Restart instance status
+2025-08-23T13:53:05Z	INFO	controllers.OracleRestart	Updating Oracle Restart instance status with validateoraclerestartdb	{"Instance": "oraclerestart-sample"}
+2025-08-23T13:53:05Z	INFO	controllers.OracleRestart	Updated Oracle Restart instance status with validateoraclerestartdb	{"Instance": "oraclerestart-sample"}
+2025-08-23T13:53:05Z	ERROR	Reconciler error	{"controller": "oraclerestart", "controllerGroup": "database.oracle.com", "controllerKind": "OracleRestart", "OracleRestart": {"name":"oraclerestart-sample","namespace":"orestart"}, "namespace": "orestart", "name": "oraclerestart-sample", "reconcileID": "8cd9f41c-c062-44ab-8436-781b70e41602", "error": "disk '/dev/disk/by-partlabel/asm-disk2' is part of diskgroup 'DATA' and must be manually removed before proceeding"}
+sigs.k8s.io/controller-runtime/pkg/internal/controller.(*Controller[...]).reconcileHandler
+	/gomod-cache/sigs.k8s.io/controller-runtime@v0.21.0/pkg/internal/controller/controller.go:353
+sigs.k8s.io/controller-runtime/pkg/internal/controller.(*Controller[...]).processNextWorkItem
+	/gomod-cache/sigs.k8s.io/controller-runtime@v0.21.0/pkg/internal/controller/controller.go:300
+sigs.k8s.io/controller-runtime/pkg/internal/controller.(*Controller[...]).Start.func2.1
+	/gomod-cache/sigs.k8s.io/controller-runtime@v0.21.0/pkg/internal/controller/controller.go:202
+2025-08-23T13:53:05Z	INFO	controllers.OracleRestart	Reconcile requested
+2025-08-23T13:53:05Z	INFO	controllers.OracleRestart	Entering reconcile validation
+2025-08-23T13:53:05Z	INFO	controllers.OracleRestart	Completed reconcile validation
+2025-08-23T13:53:05Z	INFO	controllers.OracleRestart	Detected Removal of ASM Disks:	{"removedAsmDisks": ["/dev/disk/by-partlabel/asm-disk2"]}
+2025-08-23T13:53:05Z	INFO	controllers.OracleRestart	Initialized autoUpdate as true (default)
+2025-08-23T13:53:05Z	INFO	controllers.OracleRestart	PV Found	{"Instance.Namespace": "orestart", "Instance.Name": "oraclerestart-sample", "dep.Name": "asm-pv-disk-0-oraclerestart-sample"}
+2025-08-23T13:53:05Z	INFO	controllers.OracleRestart	Updating existing configmap
+2025-08-23T13:53:05Z	INFO	controllers.OracleRestart	Config Map updated successfully with new asm details
+2025-08-23T13:53:10Z	INFO	controllers.OracleRestart	Disk is in use and cannot be removed. Must be manually removed before proceeding	{"disk": "/dev/disk/by-partlabel/asm-disk2", "diskgroup": "DATA"}
+2025-08-23T13:53:21Z	INFO	controllers.OracleRestart	Oracle Restart Object updated with updateOracleRestartInstStatus
+2025-08-23T13:53:21Z	INFO	controllers.OracleRestart	Completed Update of Oracle Restart instance status
+2025-08-23T13:53:43Z	INFO	controllers.OracleRestart	Updating Oracle Restart instance status with validateoraclerestartdb	{"Instance": "oraclerestart-sample"}
+2025-08-23T13:53:43Z	INFO	controllers.OracleRestart	Updated Oracle Restart instance status with validateoraclerestartdb	{"Instance": "oraclerestart-sample"}
+2025-08-23T13:53:43Z	ERROR	Reconciler error	{"controller": "oraclerestart", "controllerGroup": "database.oracle.com", "controllerKind": "OracleRestart", "OracleRestart": {"name":"oraclerestart-sample","namespace":"orestart"}, "namespace": "orestart", "name": "oraclerestart-sample", "reconcileID": "f29aaac7-f09b-4036-9adb-3615fb8357d7", "error": "disk '/dev/disk/by-partlabel/asm-disk2' is part of diskgroup 'DATA' and must be manually removed before proceeding"}
+sigs.k8s.io/controller-runtime/pkg/internal/controller.(*Controller[...]).reconcileHandler
+	/gomod-cache/sigs.k8s.io/controller-runtime@v0.21.0/pkg/internal/controller/controller.go:353
+sigs.k8s.io/controller-runtime/pkg/internal/controller.(*Controller[...]).processNextWorkItem
+	/gomod-cache/sigs.k8s.io/controller-runtime@v0.21.0/pkg/internal/controller/controller.go:300
+sigs.k8s.io/controller-runtime/pkg/internal/controller.(*Controller[...]).Start.func2.1
+	/gomod-cache/sigs.k8s.io/controller-runtime@v0.21.0/pkg/internal/controller/controller.go:202
+2025-08-23T13:53:43Z	INFO	controllers.OracleRestart	Reconcile requested
+2025-08-23T13:53:43Z	INFO	controllers.OracleRestart	Entering reconcile validation
+2025-08-23T13:53:43Z	INFO	controllers.OracleRestart	Completed reconcile validation
+2025-08-23T13:53:43Z	INFO	controllers.OracleRestart	Detected Removal of ASM Disks:	{"removedAsmDisks": ["/dev/disk/by-partlabel/asm-disk2"]}
+2025-08-23T13:53:43Z	INFO	controllers.OracleRestart	Initialized autoUpdate as true (default)
+2025-08-23T13:53:43Z	INFO	controllers.OracleRestart	PV Found	{"Instance.Namespace": "orestart", "Instance.Name": "oraclerestart-sample", "dep.Name": "asm-pv-disk-0-oraclerestart-sample"}
+2025-08-23T13:53:43Z	INFO	controllers.OracleRestart	Updating existing configmap
+2025-08-23T13:53:43Z	INFO	controllers.OracleRestart	Config Map updated successfully with new asm details
+2025-08-23T13:53:47Z	INFO	controllers.OracleRestart	Disk is in use and cannot be removed. Must be manually removed before proceeding	{"disk": "/dev/disk/by-partlabel/asm-disk2", "diskgroup": "DATA"}
+2025-08-23T13:53:59Z	INFO	controllers.OracleRestart	Oracle Restart Object updated with updateOracleRestartInstStatus
+2025-08-23T13:53:59Z	INFO	controllers.OracleRestart	Completed Update of Oracle Restart instance status
+2025-08-23T13:54:18Z	INFO	controllers.OracleRestart	Updating Oracle Restart instance status with validateoraclerestartdb	{"Instance": "oraclerestart-sample"}
+2025-08-23T13:54:18Z	INFO	controllers.OracleRestart	Updated Oracle Restart instance status with validateoraclerestartdb	{"Instance": "oraclerestart-sample"}
+2025-08-23T13:54:18Z	ERROR	Reconciler error	{"controller": "oraclerestart", "controllerGroup": "database.oracle.com", "controllerKind": "OracleRestart", "OracleRestart": {"name":"oraclerestart-sample","namespace":"orestart"}, "namespace": "orestart", "name": "oraclerestart-sample", "reconcileID": "c656d21f-6cb5-4006-9cfa-9d3800fbdda3", "error": "disk '/dev/disk/by-partlabel/asm-disk2' is part of diskgroup 'DATA' and must be manually removed before proceeding"}
+sigs.k8s.io/controller-runtime/pkg/internal/controller.(*Controller[...]).reconcileHandler
+	/gomod-cache/sigs.k8s.io/controller-runtime@v0.21.0/pkg/internal/controller/controller.go:353
+sigs.k8s.io/controller-runtime/pkg/internal/controller.(*Controller[...]).processNextWorkItem
+	/gomod-cache/sigs.k8s.io/controller-runtime@v0.21.0/pkg/internal/controller/controller.go:300
+sigs.k8s.io/controller-runtime/pkg/internal/controller.(*Controller[...]).Start.func2.1
+	/gomod-cache/sigs.k8s.io/controller-runtime@v0.21.0/pkg/internal/controller/controller.go:202
+2025-08-23T13:54:18Z	INFO	controllers.OracleRestart	Reconcile requested
+2025-08-23T13:54:18Z	INFO	controllers.OracleRestart	Entering reconcile validation
+2025-08-23T13:54:18Z	INFO	controllers.OracleRestart	Completed reconcile validation
+
+
+
+### Now, in the meanwhile, when the Operator is waiting, if the disk is dropped at the ASM Level using "ALTER DISKGROUP DROP DISK" command as below, it will be detected by the Operator:
+
+[grid@dbmc1-0 ~]$ sqlplus "/ as sysasm"
+
+SQL*Plus: Release 19.0.0.0.0 - Production on Sat Aug 23 13:49:55 2025
+Version 19.28.0.0.0
+
+Copyright (c) 1982, 2025, Oracle.  All rights reserved.
+
+
+Connected to:
+Oracle Database 19c Enterprise Edition Release 19.0.0.0.0 - Production
+Version 19.28.0.0.0
+
+SQL> set lines 200
+SQL> col path format a50
+SQL> select group_number, disk_number, name, total_mb, free_mb, path from v$asm_disk;
+
+GROUP_NUMBER DISK_NUMBER NAME				  TOTAL_MB    FREE_MB PATH
+------------ ----------- ------------------------------ ---------- ---------- --------------------------------------------------
+	   1	       1 DATA_0001			     51196	46452 /dev/disk/by-partlabel/asm-disk2
+	   1	       0 DATA_0000			     51196	46464 /dev/disk/by-partlabel/asm-disk1
+
+SQL> ALTER DISKGROUP DATA DROP DISK 'DATA_0001' REBALANCE POWER 10;
+
+Diskgroup altered.
+
+SQL> select EST_MINUTES,EST_WORK,ACTUAL,SOFAR from v$asm_operation;
+
+EST_MINUTES   EST_WORK	   ACTUAL      SOFAR
+----------- ---------- ---------- ----------
+	  0	     0	       10	   0
+	  0	  1183	       10	 122
+	  0	     0	       10	   0
+
+SQL> select EST_MINUTES,EST_WORK,ACTUAL,SOFAR from v$asm_operation;
+
+EST_MINUTES   EST_WORK	   ACTUAL      SOFAR
+----------- ---------- ---------- ----------
+	  0	     0	       10	   0
+	  0	  1183	       10	 723
+	  0	     0	       10	   0
+
+SQL> select EST_MINUTES,EST_WORK,ACTUAL,SOFAR from v$asm_operation;
+
+no rows selected
+
+SQL> select group_number, disk_number, name, total_mb, free_mb, path from v$asm_disk;
+
+GROUP_NUMBER DISK_NUMBER NAME				  TOTAL_MB    FREE_MB PATH
+------------ ----------- ------------------------------ ---------- ---------- --------------------------------------------------
+	   0	       0					 0	    0 /dev/disk/by-partlabel/asm-disk2
+	   1	       0 DATA_0000			     51196	41732 /dev/disk/by-partlabel/asm-disk1
+
+
+
+
+### When the Operator detectes the Disk is deleted, it will update the Statefulset as well:
+
+$ kubectl logs -f pod/oracle-database-operator-controller-manager-bc8dd8f68-pwfdk -n oracle-database-operator-system
+.
+.
+2025-08-23T13:54:18Z	INFO	controllers.OracleRestart	Detected Removal of ASM Disks:	{"removedAsmDisks": ["/dev/disk/by-partlabel/asm-disk2"]}
+2025-08-23T13:54:18Z	INFO	controllers.OracleRestart	Initialized autoUpdate as true (default)
+2025-08-23T13:54:18Z	INFO	controllers.OracleRestart	PV Found	{"Instance.Namespace": "orestart", "Instance.Name": "oraclerestart-sample", "dep.Name": "asm-pv-disk-0-oraclerestart-sample"}
+2025-08-23T13:54:18Z	INFO	controllers.OracleRestart	Updating existing configmap
+2025-08-23T13:54:18Z	INFO	controllers.OracleRestart	Config Map updated successfully with new asm details
+2025-08-23T13:54:20Z	INFO	controllers.OracleRestart	Change State to UPDATING
+2025-08-23T13:54:20Z	INFO	controllers.OracleRestart	Oracle Restart Object updated with updateOracleRestartInstStatus
+2025-08-23T13:54:20Z	INFO	controllers.OracleRestart	StatefulSet spec differs for volume devices, updating StatefulSet (pods may be recreated)	{"oracleRestart.Namespace": "orestart", "oracleRestart.Name": "oraclerestart-sample", "StatefulSet.Namespace": "orestart", "StatefulSet.Name": "dbmc1"}
+2025-08-23T13:54:20Z	INFO	controllers.OracleRestart	StatefulSet update applied, waiting for pod recreation	{"oracleRestart.Namespace": "orestart", "oracleRestart.Name": "oraclerestart-sample", "StatefulSet.Namespace": "orestart", "StatefulSet.Name": "dbmc1"}
+2025-08-23T13:54:20Z	INFO	controllers.OracleRestart	Waiting for StatefulSet update to be applied	{"oracleRestart.Namespace": "orestart", "oracleRestart.Name": "oraclerestart-sample", "StatefulSet.Namespace": "orestart", "StatefulSet.Name": "dbmc1"}
+2025-08-23T13:54:25Z	INFO	controllers.OracleRestart	StatefulSet update is applied successfully	{"oracleRestart.Namespace": "orestart", "oracleRestart.Name": "oraclerestart-sample", "StatefulSet.Namespace": "orestart", "StatefulSet.Name": "dbmc1"}
+2025-08-23T13:55:25Z	INFO	controllers.OracleRestart	All Pods are running	{"oracleRestart.Namespace": "orestart", "oracleRestart.Name": "oraclerestart-sample", "StatefulSet.Namespace": "orestart", "StatefulSet.Name": "dbmc1"}
+2025-08-23T13:55:40Z	INFO	controllers.OracleRestart	Pod is not ready yet	{"oracleRestart.Namespace": "orestart", "oracleRestart.Name": "oraclerestart-sample", "Pod.Name": "dbmc1-0"}
+2025-08-23T13:56:10Z	INFO	controllers.OracleRestart	Pod is not ready yet	{"oracleRestart.Namespace": "orestart", "oracleRestart.Name": "oraclerestart-sample", "Pod.Name": "dbmc1-0"}
+2025-08-23T13:56:40Z	INFO	controllers.OracleRestart	Pod is not ready yet	{"oracleRestart.Namespace": "orestart", "oracleRestart.Name": "oraclerestart-sample", "Pod.Name": "dbmc1-0"}
+2025-08-23T13:57:10Z	INFO	controllers.OracleRestart	Pod is not ready yet	{"oracleRestart.Namespace": "orestart", "oracleRestart.Name": "oraclerestart-sample", "Pod.Name": "dbmc1-0"}
+2025-08-23T13:57:40Z	INFO	controllers.OracleRestart	Pod is ready	{"oracleRestart.Namespace": "orestart", "oracleRestart.Name": "oraclerestart-sample", "Pod.Name": "dbmc1-0"}
+2025-08-23T13:57:40Z	INFO	controllers.OracleRestart	Successfully deleted PVC	{"PVC.Name": "asm-pvc-disk-1-oraclerestart-sample"}
+2025-08-23T13:57:40Z	INFO	controllers.OracleRestart	Successfully deleted PV	{"PV.Name": "asm-pv-disk-1-oraclerestart-sample"}
+2025-08-23T13:57:40Z	INFO	controllers.OracleRestart	Oracle Restart Object annotations updated with current spec annotation
+2025-08-23T13:57:40Z	INFO	controllers.OracleRestart	Reconcile completed. Requeuing....
+2025-08-23T13:57:52Z	INFO	controllers.OracleRestart	Oracle Restart Object updated with updateOracleRestartInstStatus
+2025-08-23T13:57:52Z	INFO	controllers.OracleRestart	Completed Update of Oracle Restart instance status
+
+
+
+
+###############################################################
+### During this operation, the "pod/dbmc1-0" will be recreated
+###############################################################
+
+
+
+### Status after the Disk removed:
+
+$ kubectl describe oraclerestarts.database.oracle.com/oraclerestart-sample -n orestart
+Name:         oraclerestart-sample
+Namespace:    orestart
+Labels:       <none>
+Annotations:  OracleRestarts.database.oracle.com/old-spec:
+                {"instDetails":{"name":"dbmc1","hostSwLocation":"/scratch/orestart/","workerNode":["10.0.10.58"],"nodePortSvc":[{"name":"dbmc1-service-nod...
+API Version:  database.oracle.com/v4
+Kind:         OracleRestart
+Metadata:
+  Creation Timestamp:  2025-08-22T05:09:46Z
+  Finalizers:
+    database.oracle.com/oraclerestartfinalizer
+  Generation:        2
+  Resource Version:  226226031
+  UID:               e3378459-8aa7-4c05-98b2-9c03a44b3a57
+Spec:
+  Asm Storage Details:
+    Auto Update:  true
+    Disks By Size:
+      Disk Names:
+        /dev/disk/by-partlabel/asm-disk1
+      Storage Size In Gb:  50
+  Config Params:
+    Cpu Count:                   4
+    Crs Asm Device List:         /dev/disk/by-partlabel/asm-disk1
+    Crs Asm Disk Dg:             +DATA
+    Crs Asm Disk Dg Redundancy:  external
+    Db Base:                     /u01/app/oracle
+    Db Char Set:                 AL32UTF8
+    Db Data File Dest Dg:        +DATA
+    Db Home:                     /u01/app/oracle/product/19c/dbhome_1
+    Db Name:                     PORCLCDB
+    Db Recovery File Dest:       +DATA
+    Db Response File:
+    Db Sw Zip File:  db_home.zip
+    Grid Base:       /u01/app/grid
+    Grid Home:       /u01/app/19c/grid
+    Grid Response File:
+    Grid Sw Zip File:        grid_home.zip
+    Host Sw Stage Location:  /scratch/software/stage
+    Inventory:               /u01/app/oraInventory
+    Pga Size:                1G
+    Processes:               2000
+    Sga Size:                3G
+    Sw Mount Location:       /u01
+  Db Secret:
+    Key File Mount Location:  /mnt/.dbsecrets
+    Key File Name:            key.pem
+    Name:                     db-user-pass-pkutl
+    Pwd File Mount Location:  /mnt/.dbsecrets
+    Pwd File Name:            pwdfile.enc
+  Image:                      localhost/oracle/database-orestart:19.3.0-slim
+  Image Pull Policy:          Always
+  Inst Details:
+    Host Sw Location:  /scratch/orestart/
+    Name:              dbmc1
+    Node Port Svc:
+      Name:      dbmc1-service-nodeport
+      Svc Type:  nodeport
+    Port Mappings:
+      Node Port:    30007
+      Port:         1521
+      Protocol:     TCP
+      Target Port:  1521
+    Worker Node:
+      10.0.10.58
+  Resources:
+    Limits:
+      Cpu:     2
+      Memory:  16Gi
+    Requests:
+      Cpu:     2
+      Memory:  16Gi
+  Security Context:
+    Sysctls:
+      Name:   kernel.shmall
+      Value:  2097152
+      Name:   kernel.sem
+      Value:  250 32000 100 128
+      Name:   kernel.shmmax
+      Value:  8589934592
+      Name:   kernel.shmmni
+      Value:  4096
+  Service Details:
+    Name:  soepdb
+  Ssh Key Secret:
+    Key Mount Location:    /mnt/.ssh
+    Name:                  ssh-key-secret
+    Priv Key Secret Name:  ssh-privkey
+    Pub Key Secret Name:   ssh-pubkey
+Status:
+  Oracle Restart Nodes:
+    Name:  dbmc1-0
+    Node Details:
+      Instance State:  OPEN
+      Pod State:       AVAILABLE
+      Cluster State:   HEALTHY
+      Mounted Devices:
+        /dev/disk/by-partlabel/asm-disk1
+      State:  AVAILABLE
+  Asm Details:
+    Diskgroup:
+      Disks:
+        /dev/disk/by-partlabel/asm-disk1
+      Name:        DATA
+      Redundancy:  EXTERN
+  Conditions:
+    Last Transition Time:  2025-08-22T05:22:19Z
+    Message:               oracle restart database is in a restricted state: PROVISIONING
+    Observed Generation:   1
+    Reason:                LastReconcileCycleQueued
+    Status:                True
+    Type:                  ReconcileQueued
+    Last Transition Time:  2025-08-23T14:06:52Z
+    Message:               no reconcile errors
+    Observed Generation:   2
+    Reason:                LastReconcileCycleCompleted
+    Status:                True
+    Type:                  ReconcileComplete
+  Config Params:
+    Crs Asm Device List:         /dev/disk/by-partlabel/asm-disk1
+    Crs Asm Disk Dg:             +DATA
+    Crs Asm Disk Dg Redundancy:  external
+    Db Base:                     /u01/app/oracle
+    Db Data File Dest Dg:        +DATA
+    Db Home:                     /u01/app/oracle/product/19c/dbhome_1
+    Db Name:                     PORCLCDB
+    Db Recovery File Dest:       +DATA
+    Db Response File:
+    Grid Base:  /u01/app/grid
+    Grid Home:  /u01/app/19c/grid
+    Grid Response File:
+    Inventory:     /u01/app/oraInventory
+  Connect String:  dbmc1-0:1521/PORCLCDB
+  Db Secret:
+    Key File Mount Location:  /mnt/.dbsecrets
+    Key File Name:            key.pem
+    Name:                     db-user-pass-pkutl
+    Pwd File Mount Location:  /mnt/.dbsecrets
+    Pwd File Name:            pwdfile.enc
+  Db State:                   OPEN
+  External Connect String:    129.146.0.149:30007/soepdb
+  Inst Details:
+    Name:
+  Pdb Connect String:  dbmc1-0:1521/ORCLPDB
+  Release Update:      19.28.0.0.0
+  Role:                PRIMARY
+  Service Details:
+    Name:       soepdb
+    Svc State:  service soepdb is running
+  State:        AVAILABLE
+Events:         <none>
+
+
+
+[grid@dbmc1-0 ~]$ export ORACLE_SID=+ASM
+[grid@dbmc1-0 ~]$ asmcmd lsdsk
+Path
+/dev/disk/by-partlabel/asm-disk1
+
+
+[grid@dbmc1-0 ~]$ ls -lrt /dev/disk/by-partlabel/asm-disk*
+brw-rw----. 1 grid asmadmin 8, 49 Aug 23 14:10 /dev/disk/by-partlabel/asm-disk1
\ No newline at end of file
diff --git a/docs/oraclerestart/provisioning/change_memory_cpu_for_oracle_restart_db.md b/docs/oraclerestart/provisioning/change_memory_cpu_for_oracle_restart_db.md
new file mode 100644
index 00000000..cb6e45a1
--- /dev/null
+++ b/docs/oraclerestart/provisioning/change_memory_cpu_for_oracle_restart_db.md
@@ -0,0 +1,55 @@
+# Change Memory and CPU allocation for an earlier provisioned Oracle Restart Database
+
+### In this Use case:
+* You have previously deployed an Oracle Restart Database in Kubernetes (for example, on OKE or OpenShift) using the Oracle Restart Database Controller.
+* You can change the memory and CPU allocation for an existing Oracle Restart Database Pod by updating resource requests and limits in the Custom Resource YAML associated with your Oracle Restart instance.
+* This example uses `oraclerestart_prov_nodeports.yaml` to provision the initial Oracle Restart Database using Oracle Restart Controller with:
+
+  * Oracle Restart Pod
+  * Headless services for Oracle Restart
+    * Oracle Restart Node hostname
+  * Node Port 30007 mapped to port 1521 for Database Listener. If you are using Loadbalancer service then you will see `lbservice`.
+  * Persistent volumes that are created automatically based on specified disks for Oracle ASM storage
+  * Software Persistent Volume and Staged Software Persistent Volume using the specified location on the corresponding worker node. If you are using Storageclass, then the software volume is dynamically provisioned.
+  * Namespace: `orestart`
+  * Staged Software location on the worker nodes is specified by `hostSwStageLocation`. The Grid Infrastructure and RDBMS Binaries are copied to this location on the worker node. If you are using, existing NFS-based PVC for the staged software, then the parameter is `swStagePvcMountLocation` under `configParams`.
+  * Software location on the worker nodes is specified by `hostSwLocation`. The GI HOME and the RDBMS HOME in the Oracle Restart Pod will be mounted using this location on the worker node.
+
+
+### In this Example: 
+  * Oracle Restart Database Slim Image `dbocir/oracle/database-orestart:19.3.0-slim` is used. It is built using files from this [GitHub location](https://github.com/oracle/docker-images/tree/main/OracleDatabase/RAC/OracleRealApplicationClusters#building-oracle-rac-database-container-slim-image). Default image created using files from this project is `localhost/oracle/database-rac:19.3.0-slim`. You must tag it with the name `localhost/oracle/database-orestart:19.3.0-slim`. 
+  * When you are building the image yourself, update the image value in the `oraclerestart_prov_nodeports.yaml` file to point to the container image that you have built. 
+  * The disks on the worker nodes for the Oracle Restart storage are `/dev/disk/by-partlabel/asm-disk1` and `/dev/disk/by-partlabel/asm-disk2`. 
+  * Specify the sizes and names of these devices using the parameter `storageSizeInGb`. By default, size is in GBs.
+
+**NOTE:** When no separate diskgroup names are specified for CRS Files, Database Files, Recovery Area Files and Redo Log Files, the default diskgroup named `+DATA` is created from the disks specified by the parameter `crsAsmDeviceList`.
+
+### Steps - Deploy initial Oracle Restart Database 
+* Use the file [oraclerestart_prov_nodeports.yaml](./oraclerestart_prov_nodeports.yaml) for the initial deployment before any CPU or memory change.
+* Deploy the `oraclerestart_prov_nodeports.yaml` file:
+    ```sh
+    kubectl apply -f oraclerestart_prov_nodeports.yaml
+    oraclerestart.database.oracle.com/oraclerestart-sample created
+    ```
+* Check the status of the deployment:
+    ```sh
+    # Check the status of the Kubernetes Pods:    
+    kubectl get all -n orestart
+
+    # Check the logs of a particular pod. For example, to check status of pod "dbmc1-0":    
+    kubectl exec -it pod/dbmc1-0 -n orestart -- bash -c "tail -f /tmp/orod/oracle_db_setup.log"
+    ===============================
+    ORACLE DATABASE IS READY TO USE
+    ===============================
+    ```
+
+### Steps - Modify the Memory and CPU in the Oracle Restart Database Pod
+* Use the file [oraclerestart_prov_nodeports_mcpu_change.yaml](./oraclerestart_prov_nodeports_mcpu_change.yaml) to change the Memory and CPU allocation for the existing Oracle Restart Database Pod:
+    ```sh
+    kubectl apply -f oraclerestart_prov_nodeports_mcpu_change.yaml
+    oraclerestart.database.oracle.com/oraclerestart-sample configured
+    ```
+  
+**NOTE:**  You will notice that the exiting Oracle Restart Database Pod will be recreated with updated Memory and CPU allocation.
+
+* Check Details of Kubernetes CRD Object before and after the change as in this [example](./oraclerestart_prov_nodeports_mcpu_change.txt). It also has the details of the memory and cpu inside the pod before and after the change.
\ No newline at end of file
diff --git a/docs/oraclerestart/provisioning/change_sw_storage_size_for_oracle_restart_db.md b/docs/oraclerestart/provisioning/change_sw_storage_size_for_oracle_restart_db.md
new file mode 100644
index 00000000..a93036a5
--- /dev/null
+++ b/docs/oraclerestart/provisioning/change_sw_storage_size_for_oracle_restart_db.md
@@ -0,0 +1,59 @@
+# Change the size of Software Storage Location for an existing Oracle Restart Database
+
+### In this Use case:
+* You have previously deployed an Oracle Restart Database in Kubernetes (for example, on OKE or OpenShift) using the Oracle Restart Database Controller.
+* The Software Home Location for Grid Infrastructure and Database, the ASM Disks are provisioned as Persistent Volumes using custom storage class during the initial deployment. An updated YAML file is applied to `increase` the size of the Software Home Location.
+
+**NOTE:** The `decrease` in the size of Software Home Location for an existing Oracle Restart Database is _not_ allowed.
+
+This example uses `oraclerestart_prov_storage_class_before_sw_home_resize.yaml` to initially provision an Oracle Restart Database using Oracle Restart Controller with:
+
+  * Oracle Restart Pod
+  * Headless services for Oracle Restart
+    * Oracle Restart Node hostname
+  * Node Port 30007 mapped to port 1521 for Database Listener. If you are using Loadbalancer service then you will see lbservice.
+  * Persistent volumes for ASM Disks created automatically using the Storage Class for Oracle ASM storage
+  * Persistent volume for Software location is created automatically using the Storage Class. The GI HOME and the RDBMS HOME in the Oracle Restart Pod will be mounted using the corresponding Persistent Volume Claim. Its size is specified by `swLocStorageSizeInGb`.
+  * Namespace: `orestart`
+  * Staged Software location on the worker nodes is specified by `hostSwStageLocation`. The Grid Infrastructure and RDBMS Binaries are copied to this location on the worker node.
+  * Name of Custom Storage Class is specified by `storageClass`.
+  * You will be using storageclass to dynamically allcate the storage. using the storage class **oci-bv**.
+
+### In this Example: 
+  * Oracle Restart Database Slim Image `dbocir/oracle/database-orestart:19.3.0-slim` is used. It is built using files from this [GitHub location](https://github.com/oracle/docker-images/tree/main/OracleDatabase/RAC/OracleRealApplicationClusters#building-oracle-rac-database-container-slim-image). 
+  * The disks provisioned using storageclass are mounted inside the Oracle Restart Pod as `/dev/asm-disk1` and `/dev/asm-disk2`. 
+  * Specify the size of these devices along with names using the parameter `swLocStorageSizeInGb`. Size is by-default in GBs.
+
+**NOTE:** When no separate diskgroup names are specified for CRS Files, Database Files, Recovery Area Files and Redo Log Files, the default diskgroup named `+DATA` is created from the disks specified by the parameter `crsAsmDeviceList`.
+  
+### Steps - Deploy the Oracle Restart Database
+* Skip this step if you have already deployed the Oracle Restart database using storage class.
+* Use the file [oraclerestart_prov_storage_class_before_sw_home_resize.yaml](./oraclerestart_prov_storage_class_before_sw_home_resize.yaml) for this use case in this procedure.
+* Update the Oracle Restart container image. In this example, we have `dbocir/oracle/database-orestart:19.3.0-slim` in [oraclerestart_prov_storage_class_before_sw_home_resize.yaml](./oraclerestart_prov_storage_class_before_sw_home_resize.yaml) file to point to the container image you have built. 
+* Deploy the `oraclerestart_prov_storage_class_before_sw_home_resize.yaml` file:
+    ```sh
+    kubectl apply -f oraclerestart_prov_storage_class_before_sw_home_resize.yaml
+    oraclerestart.database.oracle.com/oraclerestart-sample created
+    ```
+* Check the status of the deployment:
+    ```sh
+    # Check the status of the Kubernetes Pods:    
+    kubectl get all -n orestart
+
+    # Check the logs of a particular pod. For example, to check status of pod "dbmc1-0":    
+    kubectl exec -it pod/dbmc1-0 -n orestart -- bash -c "tail -f /tmp/orod/oracle_db_setup.log"
+    ===============================
+      ORACLE DATABASE IS READY TO USE
+    ===============================
+    ```
+* Check Details of Kubernetes CRD Object as shown in this [example](./orestart_storage_class_object_before_sw_home_resize.txt)
+
+### Steps - Update the Software Home Location in Oracle Restart Database
+*  To `increase` the size of the Software Home Location, you can use the updated file [oraclerestart_prov_storage_class_after_sw_home_resize.yaml](./oraclerestart_prov_storage_class_after_sw_home_resize.yaml). 
+* Update the Oracle Restart container image. In this example, we use the file `dbocir/oracle/database-orestart:19.3.0-slim` in [oraclerestart_prov_storage_class_before_sw_home_resize.yaml](./oraclerestart_prov_storage_class_before_sw_home_resize.yaml) to point to the container image that you have built.
+*  Deploy the `oraclerestart_prov_storage_class_after_sw_home_resize.yaml` file:
+    ```sh
+    $ kubectl apply -f oraclerestart_prov_storage_class_after_sw_home_resize.yaml
+    oraclerestart.database.oracle.com/oraclerestart-sample configured
+    ```
+   You will notice the Persistent Volume for the Software Location has been resized. You can check Details of updated Kubernetes CRD Object as shown in this [example](./orestart_storage_class_object_after_sw_home_resize.txt)
diff --git a/docs/oraclerestart/provisioning/cleanup.md b/docs/oraclerestart/provisioning/cleanup.md
new file mode 100644
index 00000000..846927ce
--- /dev/null
+++ b/docs/oraclerestart/provisioning/cleanup.md
@@ -0,0 +1,20 @@
+# Cleanup an Oracle Restart Database Deployed using Oracle Database Operator
+
+To delete and clean up the Oracle Restart Database deployed using Oracle Database Operator, run the following commands.
+
+This example uses `oraclerestart_prov.yaml` to clean up an Oracle Restart Database that was initially used for deployment:
+
+
+1. Use the file `oraclerestart_prov.yaml` to delete an existing deployment:
+    ```sh
+    kubectl delete -f oraclerestart_prov.yaml
+    oraclerestart.database.oracle.com/oraclerestart-sample deleted
+    ```
+2. Check the status of the deployment:
+    ```sh
+    # Check the status of the Kubernetes Pods:    
+    kubectl get all -n orestart
+    ```
+3. If your deleted deployment used a software location specified by `hostSwLocation` from the worker node, then to reuse this location in your next deployment, you must clear it at the worker node level.
+
+4. If your deleted deployment used ASM Disks from the worker node, then to reuse the same disks for the next deployment, you must clear the disks at the worker node level using the `dd` command.
\ No newline at end of file
diff --git a/docs/oraclerestart/provisioning/create_kubernetes_secret_for_db_user.md b/docs/oraclerestart/provisioning/create_kubernetes_secret_for_db_user.md
new file mode 100644
index 00000000..90ce9c45
--- /dev/null
+++ b/docs/oraclerestart/provisioning/create_kubernetes_secret_for_db_user.md
@@ -0,0 +1,27 @@
+# Create Kubernetes secret for db user
+
+Create a Kubernetes secret named `db-user-pass-pkutl` using a password in a text file, and then encrypt it using an `openssl` key. The text file will be removed after the secret is created. Note that openssl _must_ be installed on worker nodes.
+
+**NOTE:** The openssl version on the system where you run the commands in this procedure to generate the secret and the openssl version of the Oracle Restart Slim Image must be compatible with each other.
+
+```sh
+mkdir /tmp/.secrets/
+
+# Generate a random openssl key
+echo Oracle_23ai > /tmp/.secrets/pwdfile.txt
+openssl genrsa -out /tmp/.secrets/key.pem
+openssl rsa -in /tmp/.secrets/key.pem -out /tmp/.secrets/key.pub -pubout
+
+# Encrypt the password file
+openssl pkeyutl -in /tmp/.secrets/pwdfile.txt -out /tmp/.secrets/pwdfile.enc -pubin -inkey /tmp/.secrets/key.pub -encrypt
+rm -rf /tmp/.secrets/pwdfile.txt
+
+# Deleting the exisitng secret
+kubectl delete secret db-user-pass-pkutl -n orestart
+
+# Create the Kubernetes secret in namespace "rac"
+kubectl create secret generic db-user-pass-pkutl --from-file=/tmp/.secrets/pwdfile.enc --from-file=/tmp/.secrets/key.pem -n orestart
+
+# Check the secret details 
+kubectl get secret -n orestart
+```
diff --git a/docs/oraclerestart/provisioning/create_kubernetes_secret_for_ssh_setup.md b/docs/oraclerestart/provisioning/create_kubernetes_secret_for_ssh_setup.md
new file mode 100644
index 00000000..3505f8c5
--- /dev/null
+++ b/docs/oraclerestart/provisioning/create_kubernetes_secret_for_ssh_setup.md
@@ -0,0 +1,19 @@
+# Create Kubernetes secret for db user using an SSH Key Pair
+
+Generate an SSH Key Pair using `ssh-keygen`. Then create a Kubernetes secret named `ssh-key-secret` using this key pair.
+
+```sh
+mkdir /tmp/.secrets/ssh
+
+# Generate a private and public key
+ssh-keygen -t rsa -C "your_email@example.info" -f /tmp/.secrets/ssh/id_rsa
+
+# Deleting the exisitng secret
+kubectl delete secret ssh-key-secret -n orestart
+
+# Create the Kubernetes secret in namespace "orestart"
+kubectl create secret generic ssh-key-secret --from-file=ssh-privkey=/tmp/.secrets/ssh/id_rsa --from-file=ssh-pubkey=/tmp/.secrets/ssh/id_rsa.pub -n orestart
+
+# Check the secret details 
+kubectl get secret -n orestart
+```
diff --git a/docs/oraclerestart/provisioning/database_connection.md b/docs/oraclerestart/provisioning/database_connection.md
new file mode 100644
index 00000000..14d3935e
--- /dev/null
+++ b/docs/oraclerestart/provisioning/database_connection.md
@@ -0,0 +1,100 @@
+# Database Connectivity
+
+To connect to the Oracle Restart Database, follow the example that matches your deployment method—NodePort Service, Load Balancer Service, or another supported method.
+
+## Database Connection to Oracle Restart Database with NodePort Service
+If you deployed the Oracle Restart Database with a NodePort service using the Oracle Restart Controller, then you can connect by specifying the worker node’s IP address and the port of the Node Port service.  Follow these steps:
+
+1. Get the Details of the deployment:
+```sh
+$ kubectl get all -n orestart -o wide
+NAME          READY   STATUS    RESTARTS   AGE     IP            NODE         NOMINATED NODE   READINESS GATES
+pod/dbmc1-0   1/1     Running   0          5h46m   10.244.0.52   10.0.10.58   <none>           <none>
+ 
+NAME              TYPE        CLUSTER-IP     EXTERNAL-IP   PORT(S)          AGE     SELECTOR
+service/dbmc1     NodePort    10.96.53.210   <none>        1521:30007/TCP   5h46m   statefulset.kubernetes.io/pod-name=dbmc1-0
+service/dbmc1-0   ClusterIP   None           <none>        <none>           171m    statefulset.kubernetes.io/pod-name=dbmc1-0
+ 
+NAME                     READY   AGE     CONTAINERS   IMAGES
+statefulset.apps/dbmc1   1/1     5h46m   dbmc1        localhost/oracle/database-orestart:19.3.0-slim
+```
+In this case, the port 1521 from the pod is mapped to port 30007 on the worker node. To make the connection from outside, you must open the port 30007 on the worker node for INGRESS.
+ 
+2. With this NodePort Service deployment, you can make a SQL*Plus database connection to this Oracle Restart Database from a remote client:
+ 
+```sh
+bash-4.4$ sqlplus system/<Database Password>@//<Worker Node Public IP>:30007/PORCLCDB
+ 
+SQL*Plus: Release 23.0.0.0.0 - for Oracle Cloud and Engineered Systems on Sat Jul 19 04:02:48 2025
+Version 23.9.0.25.09
+ 
+Copyright (c) 1982, 2025, Oracle.  All rights reserved.
+ 
+Last Successful login time: Sat Jul 19 2025 00:20:14 +00:00
+ 
+Connected to:
+Oracle Database 19c Enterprise Edition Release 19.0.0.0.0 - Production
+Version 19.28.0.0.0
+ 
+SQL>
+SQL> set lines 200
+SQL> col HOST_NAME format a40
+SQL> select INSTANCE_NAME,HOST_NAME, DATABASE_TYPE from v$instance;
+ 
+INSTANCE_NAME    HOST_NAME                                DATABASE_TYPE
+---------------- ---------------------------------------- ---------------
+PORCLCDB          dbmc1-0                                 SINGLE
+```
+
+## Database Connection to Oracle Restart Database with Load Balancer
+
+In this case, the Oracle Restart Database is deployed with an External Load Balancer, and the deployment has a Public IP Assigned from the External Load Balancer Service. 
+
+After the deployment is completed, you can make a database connection:
+
+1. Get the Details of the deployment:
+```sh
+$ kubectl get all -n orestart -o wide
+NAME          READY   STATUS    RESTARTS   AGE   IP            NODE         NOMINATED NODE   READINESS GATES
+pod/dbmc1-0   1/1     Running   0          14m   10.244.0.41   10.0.10.58   <none>           <none>
+
+NAME              TYPE           CLUSTER-IP     EXTERNAL-IP    PORT(S)                         AGE   SELECTOR
+service/dbmc1     LoadBalancer   10.96.34.208   XXX.XX.XX.XX   1521:30433/TCP,6200:30656/TCP   14m   statefulset.kubernetes.io/pod-name=dbmc1-0
+service/dbmc1-0   ClusterIP      None           <none>         <none>                          14m   statefulset.kubernetes.io/pod-name=dbmc1-0
+
+NAME                     READY   AGE   CONTAINERS   IMAGES
+statefulset.apps/dbmc1   1/1     14m   dbmc1        localhost/oracle/database-orestart:19.3.0-slim
+```
+In this case, you can make a remote database connection using the Load Balancer target port 1521.
+ 
+2. With this Load Balancer deployment, you can make a SQL*Plus database connection to this Oracle Restart Database from a remote client:
+ 
+```sh
+bash-4.4$ sqlplus system/<Database Password>@//<Load Balancer Public IP XXX.XX.XX.XX >:1521/PORCLCDB
+ 
+SQL*Plus: Release 21.0.0.0.0 - Production on Tue Sep 2 04:57:56 2025
+Version 21.19.0.0.0
+
+Copyright (c) 1982, 2022, Oracle.  All rights reserved.
+
+Last Successful login time: Tue Sep 02 2025 04:53:52 +00:00
+
+Connected to:
+Oracle Database 19c Enterprise Edition Release 19.0.0.0.0 - Production
+Version 19.28.0.0.0
+ 
+SQL>
+SQL> set lines 200
+SQL> col HOST_NAME format a40
+SQL> select INSTANCE_NAME,HOST_NAME, DATABASE_TYPE from v$instance;
+
+INSTANCE_NAME	 HOST_NAME				  DATABASE_TYPE
+---------------- ---------------------------------------- ---------------
+PORCLCDB	 dbmc1-0				  SINGLE
+```
+
+## Database Connection to Oracle Restart Database without NodePort Service
+
+In this case, the Oracle Restart Database will NOT be reachable using the Public IP of the worker node and thus, will not be reachable from outside the Kuberenetes Cluster.
+
+In this case, an application deployed with in the Kubernetes Cluster will be able to reach the Oracle Restart Database on Port 1521.
\ No newline at end of file
diff --git a/docs/oraclerestart/provisioning/debugging.md b/docs/oraclerestart/provisioning/debugging.md
new file mode 100644
index 00000000..d943f2e7
--- /dev/null
+++ b/docs/oraclerestart/provisioning/debugging.md
@@ -0,0 +1,41 @@
+# Debugging and Troubleshooting
+
+When provisioning the Oracle Restart Database with the Oracle Restart Controller, your debugging approach depends on the stage in which the issue occurs. Use the guidance below for targeted troubleshooting.
+
+Below are the possible cases and the steps to debug such an issue:
+
+## Failure during the provisioning of Kubernetes Pods
+
+If the failure occurs while creating Kubernetes Pods, start by checking the status of the affected Pod:
+
+Use the following command to check the logs of the Pod that has a failure. For example, pod `pod/dbmc1-0`, use the following command:
+
+```sh
+kubectl logs -f pod/dbmc1-0 -n orestart
+```
+
+If the Pod has failed to provision due to an issue with the Docker Image Pull, then you see the error `Error: ErrImagePull` in the logs.
+
+If the Pod has not yet been initialized, then use the following command to find the reason for it:
+
+```sh
+kubectl describe pod/dbmc1-0 -n orestart
+```
+
+You will need to further troubleshoot depending on further issues or errors seen after you run `kubectl describe pod`.
+
+## Oracle Database Provisioning Failure
+
+If the Oracle Database provisioning fails after the Kubernetes Pods have been created, but during the processing of database creation scripts, then troubleshoot the issue within the affected Pod.
+
+Initially, check the logs of the Kubernetes Pod using the `kubectl logs` command (exchange the name of the Pod in this example with the actual Pod on your system):
+
+```sh
+kubectl logs -f pod/dbmc1-0 -n orestart
+```
+
+To check the details of the CRS logs or the RDBMS instance logs at the host level, switch to the corresponding Kubernetes container using the following command:
+
+```sh
+kubectl exec -it dbmc1-0 -n orestart -- tail -f /tmp/orod/oracle_db_setup.log
+```
\ No newline at end of file
diff --git a/docs/oraclerestart/provisioning/delete_asm_disks_from_an_existing_restart_database.md b/docs/oraclerestart/provisioning/delete_asm_disks_from_an_existing_restart_database.md
new file mode 100644
index 00000000..ba70aa40
--- /dev/null
+++ b/docs/oraclerestart/provisioning/delete_asm_disks_from_an_existing_restart_database.md
@@ -0,0 +1,47 @@
+# Deleting ASM Disks - Delete ASM Disks from an existing Oracle Restart Database
+
+### In this use case:
+
+* You have previously deployed an Oracle Restart Database in Kubernetes (for example, on OKE or OpenShift) using the Oracle Restart Database Controller. Now, you need to remove ASM disks from the ASM storage.
+* The existing Oracle Restart Database is deployed with Node Port Service using the file `oraclerestart_prov_nodeports.yaml` described in [Provisioning an Oracle Restart Database with NodePort Service](./provisioning/provisioning_oracle_restart_db_nodeport.md) This deployment uses Oracle Restart Controller with:
+  * Oracle Restart Pod
+  * Headless services for Oracle Restart
+    * Oracle Restart Node hostname
+  * Node Port 30007 mapped to port 1521 for Database Listener. If you are using Load Balancer,  then you will see the LB service. 
+  * Persistent volumes created automatically based on specified disks for Oracle ASM storage
+  * Software Persistent Volume and Staged Software Persistent Volume using the specified location on the corresponding worker node.
+  * Namespace: `orestart`
+  * Staged Software location on the worker nodes is specified by `hostSwStageLocation`. The Grid Infrastructure and RDBMS Binaries are copied to this location on the worker node.
+  * Software location on the worker nodes is specified by `hostSwLocation`. The GI HOME and the RDBMS HOME in the Oracle Restart Pod will be mounted using this location on the worker node.
+
+### In this exapmple:
+  * Oracle Restart Database Slim Image `dbocir/oracle/database-orestart:19.3.0-slim` is used. It is built using files from this [GitHub location](https://github.com/oracle/docker-images/tree/main/OracleDatabase/RAC/OracleRealApplicationClusters#building-oracle-rac-database-container-slim-image).
+  * The disks on the worker nodes for the Oracle Restart storage are `/dev/disk/by-partlabel/asm-disk1` and `/dev/disk/by-partlabel/asm-disk2`. 
+  * Specify the size of these devices along with names using the parameter `storageSizeInGb`. By default, size is in GBs.
+  * Before deleting the disk, **you will need to remove the disk at the ASM Level** using `ALTER DISKGROUP DROP DISK` command. 
+  * If you delete the disk’s YAML file before first removing the disk at the ASM level, thne the Operator will not delete the disk from the StatefulSet, and the Oracle Restart Database Pod will not be recreated. Instead, to prevent data loss, the operator will wait until you remove the disk at the ASM level before proceeding.
+  * In this example, out of the two disks mentioned above, the disk `/dev/disk/by-partlabel/asm-disk2` will be deleted from the existing Oracle Restart Database Deployment. 
+
+### Steps: Delete the ASM Disk
+Use the file: [orestart_prov_asm_disk_deletion.yaml](./orestart_prov_asm_disk_deletion.yaml) for this procedure:
+
+* Deploy the `orestart_prov_asm_disk_deletion.yaml` file:
+    ```sh
+    kubectl apply -f orestart_prov_asm_disk_deletion.yaml
+    ```
+
+In this case, the disk will be deleted and Oracle Restart Database Pod will be recreated. 
+
+* Check the status of the deployment:
+    ```sh
+    # Check the status of the Kubernetes Pods:
+    kubectl get all -n orestart
+
+    # Check the logs of a particular pod. For example, to check status of pod "dbmc1-0":
+    kubectl exec -it pod/dbmc1-0 -n orestart -- bash -c "tail -f /tmp/orod/oracle_db_setup.log"
+    ```
+* You can review example logs in [logs](./asm_disk_deletion.txt) when the disk `/dev/disk/by-partlabel/asm-disk2` is removed at the ASM Level first and then the file [orestart_prov_asm_disk_deletion.yaml](./orestart_prov_asm_disk_deletion.yaml) is applied to remove it from the Stateful set.
+
+* Example logs in [logs](./asm_disk_deletion1.txt) show what happens when the attempt  is made to remove the disk `/dev/disk/by-partlabel/asm-disk2` from the Stateful Set by using the file [orestart_prov_asm_disk_deletion.yaml](./orestart_prov_asm_disk_deletion.yaml) but this disk is NOT yet removed at the ASM Level. 
+
+In this case, the Operator will be waiting for the disk to be deleted at the ASM Level. After it detects the Disk has been deleted at the ASM Level, and it is safe to proceed, it will remove the disk from the Stateful Set.
\ No newline at end of file
diff --git a/docs/oraclerestart/provisioning/known_issues.md b/docs/oraclerestart/provisioning/known_issues.md
new file mode 100644
index 00000000..a2a7d966
--- /dev/null
+++ b/docs/oraclerestart/provisioning/known_issues.md
@@ -0,0 +1,5 @@
+# Known Issues
+
+This document lists any known issues when the Oracle Restart Database is provisioned using the Oracle Restart controller.
+
+- If you describe the resource `oraclerestarts.database.oracle.com/oraclerestart-sample` in the namespace used for Oracle Restart Database provisioning, sometimes it may report the `State` under `Service Details` as `FAILED` while the Service is up and running. Similarly, the `Instance State` may report as `NOTAVAILABLE` while the Oracle Restart Database Instance is up and running fine.
\ No newline at end of file
diff --git a/docs/oraclerestart/provisioning/nfs_pv_stage_vol.yaml b/docs/oraclerestart/provisioning/nfs_pv_stage_vol.yaml
new file mode 100644
index 00000000..5525f3e5
--- /dev/null
+++ b/docs/oraclerestart/provisioning/nfs_pv_stage_vol.yaml
@@ -0,0 +1,39 @@
+apiVersion: v1
+kind: PersistentVolume
+metadata:
+  name: pv-stage-vol1
+  namespace: orestart
+spec:
+  storageClassName: fss-dyn-storage
+  capacity:
+    storage: 500Gi
+  accessModes:
+  - ReadOnlyMany
+  nfs:
+    path: /stage
+    server: 10.0.10.212
+  persistentVolumeReclaimPolicy: Retain
+  mountOptions:
+    - rw
+    - nointr
+    - hard
+    - bg
+    - tcp
+    - actimeo=0
+    - vers=3
+    - rsize=1048576
+    - wsize=1048576
+    - timeo=600
+---
+kind: PersistentVolumeClaim
+apiVersion: v1
+metadata:
+  name: pv-stage-vol-claim
+  namespace: orestart
+spec:
+  storageClassName: fss-dyn-storage
+  accessModes:
+    - ReadOnlyMany
+  resources:
+    requests:
+      storage: 500Gi
diff --git a/docs/oraclerestart/provisioning/oraclerestart_prov.yaml b/docs/oraclerestart/provisioning/oraclerestart_prov.yaml
new file mode 100644
index 00000000..aa1989d8
--- /dev/null
+++ b/docs/oraclerestart/provisioning/oraclerestart_prov.yaml
@@ -0,0 +1,100 @@
+# API version of the OracleRestart Custom Resource
+apiVersion: database.oracle.com/v4
+
+# Resource type being created
+kind: OracleRestart
+
+# Metadata section to define the resource's name and namespace
+metadata:
+  name: oraclerestart-sample          # Name of the OracleRestart instance
+  namespace: orestart                 # Kubernetes namespace to deploy into
+
+spec:
+  # Instance details for Oracle Restart
+  instDetails:
+    name: dbmc1                       # Logical name of the OracleRestart instance
+    hostSwLocation: /scratch/orestart/  # Host directory for Oracle GI HOME and Oracle RDBMS HOME
+
+    # Worker nodes where the instance should be scheduled
+    workerNode:
+      - 10.0.10.58                   # IP address of the target node for deployment
+
+    # Environment variables in case you want to want to ignore prerequisite checks during the GI/RDBSMS Install
+    envVars:
+      - name: IGNORE_CRS_PREREQS     # If set to true, it will use flags -ignorePreReq and -ignorePrereqFailure during the CRS Installation. Do not set this parameter in the .yaml file if you do not want to use the parameters -ignorePreReq and -ignorePrereqFailure during the CRS Installation.
+        value: "true"
+      - name: IGNORE_DB_PREREQS      # If set to true, it will use flags -ignorePrereq and -ignorePrereqFailure during the DB Software Installation. Do not set this parameter in the .yaml file if you do not want to use the parameters -ignorePreReq and -ignorePrereqFailure during the DB Software Installation.
+        value: "true"
+
+  # ASM (Automatic Storage Management) storage configuration
+  asmStorageDetails:
+    disksBySize:
+      - storageSizeInGb: 50          # Each disk in this group has 50Gi of storage
+        diskNames:
+          - /dev/disk/by-partlabel/asm-disk1  # ASM disk device path 1
+          - /dev/disk/by-partlabel/asm-disk2  # ASM disk device path 2
+
+  # SSH key secret used for remote access and automation
+  sshKeySecret:
+    name: ssh-key-secret          # Kubernetes secret name
+    privKeySecretName: ssh-privkey  # Private key inside secret
+    pubKeySecretName: ssh-pubkey    # Public key inside secret
+
+  # Secret containing DB user credentials
+  dbSecret:
+    name: db-user-pass-pkutl     # Secret name
+    keyFileName: key.pem         # Key file name inside secret
+    pwdFileName: pwdfile.enc     # Password file name inside secret
+
+  # Image for Oracle Restart container
+  image: dbocir/oracle/database-orestart:19.3.0-slim  # <-- Replace with your image registry
+
+  # Policy to pull image
+  # Use the value as "Always" if you want use the latest version of the image from the container registry.
+  # Use the value as "IfNotPresent" it the image is not already present locally.
+  imagePullPolicy: IfNotPresent
+
+  # Optional service account for security context permissions
+  # serviceAccountName: oraclerestart   # <-- Required for OpenShift; optional for vanilla Kubernetes
+
+  # Service-specific database name and related details
+  serviceDetails:
+    name: soepdb                     # Name of the Oracle service (pluggable DB)
+
+  # Resource requests and limits for memory and CPU
+  resources:
+    requests:
+      memory: "16Gi"                 # Minimum memory required
+      cpu: "2"                       # Minimum CPU required
+    limits:
+      memory: "16Gi"                 # Max memory allowed
+      cpu: "2"                       # Max CPU allowed
+
+  # Kernel-level system control parameters for Oracle
+  securityContext:
+    sysctls:
+      - name: kernel.shmall
+        value: "2097152"
+      - name: kernel.sem
+        value: "250 32000 100 128"
+      - name: kernel.shmmax
+        value: "8589934592"
+      - name: kernel.shmmni
+        value: "4096"
+
+  # Configuration parameters for Oracle Grid and Database homes
+  configParams:
+    gridHome: "/u01/app/19c/grid"                             # Oracle Grid home path
+    gridBase: "/u01/app/grid"                                 # Grid base directory
+    dbHome: "/u01/app/oracle/product/19c/dbhome_1"            # Oracle DB home path
+    dbBase: "/u01/app/oracle"                                 # Oracle base directory
+    crsAsmDeviceList: /dev/disk/by-partlabel/asm-disk1,/dev/disk/by-partlabel/asm-disk2   # Comma-separated list of ASM device files
+    inventory: "/u01/app/oraInventory"                        # Inventory location
+    gridSwZipFile: "grid_home.zip"                            # Grid infrastructure software ZIP
+    dbSwZipFile: "db_home.zip"                                # Database software ZIP
+    sgaSize: "3G"                                             # Size of the System Global Area
+    pgaSize: "1G"                                             # Size of the Program Global Area
+    processes: 2000                                           # Oracle process limit
+    cpuCount: 4                                               # Number of CPUs to allocate
+    dbName: "PORCLCDB"                                        # Oracle database name
+    hostSwStageLocation: /scratch/software/stage              # Host location where Oracle software ZIPs are staged
diff --git a/docs/oraclerestart/provisioning/oraclerestart_prov_loadbalancer.yaml b/docs/oraclerestart/provisioning/oraclerestart_prov_loadbalancer.yaml
new file mode 100644
index 00000000..5bd64c6a
--- /dev/null
+++ b/docs/oraclerestart/provisioning/oraclerestart_prov_loadbalancer.yaml
@@ -0,0 +1,114 @@
+# API version of the OracleRestart Custom Resource
+apiVersion: database.oracle.com/v4
+
+# Resource type being created
+kind: OracleRestart
+
+# Metadata section to define the resource's name and namespace
+metadata:
+  name: oraclerestart-sample          # Name of the OracleRestart instance
+  namespace: orestart                 # Kubernetes namespace to deploy into
+
+spec:
+  # Instance details for Oracle Restart
+  instDetails:
+    name: dbmc1                       # Logical name of the OracleRestart instance
+    hostSwLocation: /scratch/orestart/  # Host directory for Oracle GI HOME and Oracle RDBMS HOME
+
+    # Worker nodes where the instance should be scheduled
+    workerNode:
+      - 10.0.10.58                   # IP address of the target node for deployment
+
+    # Environment variables in case you want to want to ignore prerequisite checks during the GI/RDBSMS Install
+    envVars:
+      - name: IGNORE_CRS_PREREQS     # If set to true, it will use flags -ignorePreReq and -ignorePrereqFailure during the CRS Installation. Do not set this parameter in the .yaml file if you do not want to use the parameters -ignorePreReq and -ignorePrereqFailure during the CRS Installation.
+        value: "true"
+      - name: IGNORE_DB_PREREQS      # If set to true, it will use flags -ignorePrereq and -ignorePrereqFailure during the DB Software Installation. Do not set this parameter in the .yaml file if you do not want to use the parameters -ignorePreReq and -ignorePrereqFailure during the DB Software Installation.
+        value: "true"
+
+  # Load Balancer service configuration
+  lbService:
+    svcType: lbservice                # Service type set to Load Balancer
+
+    # Mapping between container and host ports
+    portMappings:
+      - port: 1521                    # Port inside container (Oracle Listener port)
+        targetPort: 1521              # Target port for the service
+        protocol: TCP                 # Protocol type (TCP for Oracle)
+      - port: 6200                    # Port inside container (Oracle ONS port)
+        targetPort: 6200              # Target port for the service
+        protocol: TCP                 # Protocol type (TCP for Oracle)
+  enableOns: "enable"                 # If you want to have ONS notification configured on the specified port. Default value is "enable"                
+
+  # ASM (Automatic Storage Management) storage configuration
+  asmStorageDetails:
+    disksBySize:
+      - storageSizeInGb: 50          # Each disk in this group has 50Gi of storage
+        diskNames:
+          - /dev/disk/by-partlabel/asm-disk1  # ASM disk device path 1
+          - /dev/disk/by-partlabel/asm-disk2  # ASM disk device path 2
+
+  # SSH key secret used for remote access and automation
+  sshKeySecret:
+    name: ssh-key-secret          # Kubernetes secret name
+    privKeySecretName: ssh-privkey  # Private key inside secret
+    pubKeySecretName: ssh-pubkey    # Public key inside secret
+
+  # Secret containing DB user credentials
+  dbSecret:
+    name: db-user-pass-pkutl     # Secret name
+    keyFileName: key.pem         # Key file name inside secret
+    pwdFileName: pwdfile.enc     # Password file name inside secret
+
+  # Image for Oracle Restart container
+  image: dbocir/oracle/database-orestart:19.3.0-slim  # <-- Replace with your image registry
+
+  # Policy to pull image
+  # Use the value as "Always" if you want use the latest version of the image from the container registry.
+  # Use the value as "IfNotPresent" it the image is not already present locally.
+  imagePullPolicy: IfNotPresent
+
+  # Optional service account for security context permissions
+  # serviceAccountName: oraclerestart   # <-- Required for OpenShift; optional for vanilla Kubernetes
+
+  # Service-specific database name and related details
+  serviceDetails:
+    name: soepdb                     # Name of the Oracle service (pluggable DB)
+
+  # Resource requests and limits for memory and CPU
+  resources:
+    requests:
+      memory: "16Gi"                 # Minimum memory required
+      cpu: "2"                       # Minimum CPU required
+    limits:
+      memory: "16Gi"                 # Max memory allowed
+      cpu: "2"                       # Max CPU allowed
+
+  # Kernel-level system control parameters for Oracle
+  securityContext:
+    sysctls:
+      - name: kernel.shmall
+        value: "2097152"
+      - name: kernel.sem
+        value: "250 32000 100 128"
+      - name: kernel.shmmax
+        value: "8589934592"
+      - name: kernel.shmmni
+        value: "4096"
+
+  # Configuration parameters for Oracle Grid and Database homes
+  configParams:
+    gridHome: "/u01/app/19c/grid"                             # Oracle Grid home path
+    gridBase: "/u01/app/grid"                                 # Grid base directory
+    dbHome: "/u01/app/oracle/product/19c/dbhome_1"            # Oracle DB home path
+    dbBase: "/u01/app/oracle"                                 # Oracle base directory
+    crsAsmDeviceList: /dev/disk/by-partlabel/asm-disk1,/dev/disk/by-partlabel/asm-disk2   # Comma-separated list of ASM device files
+    inventory: "/u01/app/oraInventory"                        # Inventory location
+    gridSwZipFile: "grid_home.zip"                            # Grid infrastructure software ZIP
+    dbSwZipFile: "db_home.zip"                                # Database software ZIP
+    sgaSize: "3G"                                             # Size of the System Global Area
+    pgaSize: "1G"                                             # Size of the Program Global Area
+    processes: 2000                                           # Oracle process limit
+    cpuCount: 4                                               # Number of CPUs to allocate
+    dbName: "PORCLCDB"                                        # Oracle database name
+    hostSwStageLocation: /scratch/software/stage              # Host location where Oracle software ZIPs are staged, same location will be mounted inside the Oracle Restart Pod
diff --git a/docs/oraclerestart/provisioning/oraclerestart_prov_multiple_diskgroups.txt b/docs/oraclerestart/provisioning/oraclerestart_prov_multiple_diskgroups.txt
new file mode 100644
index 00000000..c1aac095
--- /dev/null
+++ b/docs/oraclerestart/provisioning/oraclerestart_prov_multiple_diskgroups.txt
@@ -0,0 +1,315 @@
+$ kubectl describe oraclerestarts.database.oracle.com/oraclerestart-sample -n orestart
+Name:         oraclerestart-sample
+Namespace:    orestart
+Labels:       <none>
+Annotations:  OracleRestarts.database.oracle.com/old-spec:
+                {"instDetails":{"name":"dbmc1","hostSwLocation":"/scratch/orestart/","workerNode":["10.0.10.58"],"envVars":[{"name":"IGNORE_CRS_PREREQS","...
+API Version:  database.oracle.com/v4
+Kind:         OracleRestart
+Metadata:
+  Creation Timestamp:  2025-10-09T05:13:25Z
+  Finalizers:
+    database.oracle.com/oraclerestartfinalizer
+  Generation:        1
+  Resource Version:  246221746
+  UID:               31337564-9573-4c63-bccc-269e232ea9bb
+Spec:
+  Asm Storage Details:
+    Disks By Size:
+      Disk Names:
+        /dev/disk/by-partlabel/asm-disk1
+        /dev/disk/by-partlabel/asm-disk2
+        /dev/disk/by-partlabel/asm-disk3
+        /dev/disk/by-partlabel/asm-disk4
+        /dev/disk/by-partlabel/asm-disk5
+        /dev/disk/by-partlabel/asm-disk6
+        /dev/disk/by-partlabel/asm-disk7
+        /dev/disk/by-partlabel/asm-disk8
+      Storage Size In Gb:  50
+  Config Params:
+    Cpu Count:                   4
+    Crs Asm Device List:         /dev/disk/by-partlabel/asm-disk1,/dev/disk/by-partlabel/asm-disk2
+    Crs Asm Disk Dg:             +CRSDATA
+    Crs Asm Disk Dg Redundancy:  external
+    Db Asm Device List:          /dev/disk/by-partlabel/asm-disk3,/dev/disk/by-partlabel/asm-disk4
+    Db Base:                     /u01/app/oracle
+    Db Char Set:                 AL32UTF8
+    Db Data File Dest Dg:        +DBDATA
+    Db Home:                     /u01/app/oracle/product/19c/dbhome_1
+    Db Name:                     PORCLCDB
+    Db Recovery File Dest:       +RECO
+    Db Response File:
+    Db Sw Zip File:  db_home.zip
+    Grid Base:       /u01/app/grid
+    Grid Home:       /u01/app/19c/grid
+    Grid Response File:
+    Grid Sw Zip File:        grid_home.zip
+    Host Sw Stage Location:  /scratch/software/stage
+    Inventory:               /u01/app/oraInventory
+    Pdb Name:                TESTPDB
+    Pga Size:                1G
+    Processes:               2000
+    Reco Asm Device List:    /dev/disk/by-partlabel/asm-disk5,/dev/disk/by-partlabel/asm-disk6
+    Redo Asm Device List:    /dev/disk/by-partlabel/asm-disk7,/dev/disk/by-partlabel/asm-disk8
+    Redo Asm Disk Dg:        +REDO
+    Sga Size:                3G
+    Sw Mount Location:       /u01
+  Db Secret:
+    Key File Mount Location:  /mnt/.dbsecrets
+    Key File Name:            key.pem
+    Name:                     db-user-pass-pkutl
+    Pwd File Mount Location:  /mnt/.dbsecrets
+    Pwd File Name:            pwdfile.enc
+  Enable Ons:                 enable
+  Image:                      localhost/oracle/database-orestart:19.3.0-slim
+  Image Pull Policy:          IfNotPresent
+  Inst Details:
+    Env Vars:
+      Name:            IGNORE_CRS_PREREQS
+      Value:           true
+      Name:            IGNORE_DB_PREREQS
+      Value:           true
+    Host Sw Location:  /scratch/orestart/
+    Name:              dbmc1
+    Worker Node:
+      10.0.10.58
+  Lb Service:
+  Node Port Svc:
+    Name:  dbmc1-service-nodeport
+    Port Mappings:
+      Node Port:    30007
+      Port:         1521
+      Protocol:     TCP
+      Target Port:  1521
+      Node Port:    30200
+      Port:         6200
+      Protocol:     TCP
+      Target Port:  6200
+    Svc Type:       nodeport
+  Resources:
+    Limits:
+      Cpu:     2
+      Memory:  16Gi
+    Requests:
+      Cpu:     2
+      Memory:  16Gi
+  Security Context:
+    Sysctls:
+      Name:   kernel.shmall
+      Value:  2097152
+      Name:   kernel.sem
+      Value:  250 32000 100 128
+      Name:   kernel.shmmax
+      Value:  8589934592
+      Name:   kernel.shmmni
+      Value:  4096
+  Service Details:
+    Name:  soepdb
+  Ssh Key Secret:
+    Key Mount Location:    /mnt/.ssh
+    Name:                  ssh-key-secret
+    Priv Key Secret Name:  ssh-privkey
+    Pub Key Secret Name:   ssh-pubkey
+Status:
+  Oracle Restart Nodes:
+    Name:  dbmc1-0
+    Node Details:
+      Instance State:  OPEN
+      Pod State:       AVAILABLE
+      Cluster State:   HEALTHY
+      Mounted Devices:
+        /dev/disk/by-partlabel/asm-disk1
+        /dev/disk/by-partlabel/asm-disk2
+        /dev/disk/by-partlabel/asm-disk3
+        /dev/disk/by-partlabel/asm-disk4
+        /dev/disk/by-partlabel/asm-disk5
+        /dev/disk/by-partlabel/asm-disk6
+        /dev/disk/by-partlabel/asm-disk7
+        /dev/disk/by-partlabel/asm-disk8
+      State:  AVAILABLE
+  Asm Details:
+    Diskgroup:
+      Disks:
+        /dev/disk/by-partlabel/asm-disk1,/dev/disk/by-partlabel/asm-disk2,/dev/disk/by-partlabel/asm-disk3,/dev/disk/by-partlabel/asm-disk4,/dev/disk/by-partlabel/asm-disk5,/dev/disk/by-partlabel/asm-disk6,/dev/disk/by-partlabel/asm-disk7,/dev/disk/by-partlabel/asm-disk8
+      Name:        CRSDATA
+      Redundancy:  EXTERN
+      Disks:
+        /dev/disk/by-partlabel/asm-disk1,/dev/disk/by-partlabel/asm-disk2,/dev/disk/by-partlabel/asm-disk3,/dev/disk/by-partlabel/asm-disk4,/dev/disk/by-partlabel/asm-disk5,/dev/disk/by-partlabel/asm-disk6,/dev/disk/by-partlabel/asm-disk7,/dev/disk/by-partlabel/asm-disk8
+      Name:        REDO
+      Redundancy:  EXTERN
+      Disks:
+        /dev/disk/by-partlabel/asm-disk1,/dev/disk/by-partlabel/asm-disk2,/dev/disk/by-partlabel/asm-disk3,/dev/disk/by-partlabel/asm-disk4,/dev/disk/by-partlabel/asm-disk5,/dev/disk/by-partlabel/asm-disk6,/dev/disk/by-partlabel/asm-disk7,/dev/disk/by-partlabel/asm-disk8
+      Name:        RECO
+      Redundancy:  EXTERN
+      Disks:
+        /dev/disk/by-partlabel/asm-disk1,/dev/disk/by-partlabel/asm-disk2,/dev/disk/by-partlabel/asm-disk3,/dev/disk/by-partlabel/asm-disk4,/dev/disk/by-partlabel/asm-disk5,/dev/disk/by-partlabel/asm-disk6,/dev/disk/by-partlabel/asm-disk7,/dev/disk/by-partlabel/asm-disk8
+      Name:        DBDATA
+      Redundancy:  EXTERN
+  Conditions:
+    Last Transition Time:  2025-10-09T05:26:31Z
+    Message:               reconcile has been queued
+    Observed Generation:   1
+    Reason:                LastReconcileCycleQueued
+    Status:                True
+    Type:                  ReconcileQueued
+    Last Transition Time:  2025-10-09T05:37:15Z
+    Message:               reconcile completed successfully
+    Observed Generation:   1
+    Reason:                LastReconcileCycleCompleted
+    Status:                True
+    Type:                  ReconcileComplete
+  Config Params:
+    Crs Asm Device List:         /dev/disk/by-partlabel/asm-disk1,/dev/disk/by-partlabel/asm-disk2
+    Crs Asm Disk Dg:             +CRSDATA
+    Crs Asm Disk Dg Redundancy:  external
+    Db Asm Device List:          /dev/disk/by-partlabel/asm-disk3,/dev/disk/by-partlabel/asm-disk4
+    Db Base:                     /u01/app/oracle
+    Db Data File Dest Dg:        +DBDATA
+    Db Home:                     /u01/app/oracle/product/19c/dbhome_1
+    Db Name:                     PORCLCDB
+    Db Recovery File Dest:       +RECO
+    Db Response File:
+    Grid Base:  /u01/app/grid
+    Grid Home:  /u01/app/19c/grid
+    Grid Response File:
+    Inventory:             /u01/app/oraInventory
+    Reco Asm Device List:  /dev/disk/by-partlabel/asm-disk5,/dev/disk/by-partlabel/asm-disk6
+  Connect String:          dbmc1-0:1521/PORCLCDB
+  Db Secret:
+    Key File Mount Location:  /mnt/.dbsecrets
+    Key File Name:            key.pem
+    Name:                     db-user-pass-pkutl
+    Pwd File Mount Location:  /mnt/.dbsecrets
+    Pwd File Name:            pwdfile.enc
+  Db State:                   OPEN
+  External Connect String:    129.146.0.149:30007/soepdb
+  Pdb Connect String:         dbmc1-0:1521/ORCLPDB
+  Release Update:             19.28.0.0.0
+  Role:                       PRIMARY
+  Service Details:
+    Name:       soepdb
+    Svc State:  service soepdb is running
+  State:        AVAILABLE
+Events:         <none>
+
+
+
+
+[grid@dbmc1-0 ~]$ ls -rlt /dev/disk/by-partlabel/asm-disk*
+brw-rw----. 1 grid asmadmin 8,  65 Oct  9 05:21 /dev/disk/by-partlabel/asm-disk6
+brw-rw----. 1 grid asmadmin 8,  49 Oct  9 05:21 /dev/disk/by-partlabel/asm-disk2
+brw-rw----. 1 grid asmadmin 8, 145 Oct  9 05:38 /dev/disk/by-partlabel/asm-disk8
+brw-rw----. 1 grid asmadmin 8, 129 Oct  9 05:38 /dev/disk/by-partlabel/asm-disk1
+brw-rw----. 1 grid asmadmin 8,  33 Oct  9 05:38 /dev/disk/by-partlabel/asm-disk5
+brw-rw----. 1 grid asmadmin 8,  97 Oct  9 05:38 /dev/disk/by-partlabel/asm-disk7
+brw-rw----. 1 grid asmadmin 8, 113 Oct  9 05:38 /dev/disk/by-partlabel/asm-disk3
+brw-rw----. 1 grid asmadmin 8,  81 Oct  9 05:38 /dev/disk/by-partlabel/asm-disk4
+[grid@dbmc1-0 ~]$
+[grid@dbmc1-0 ~]$ export ORACLE_SID=+ASM
+[grid@dbmc1-0 ~]$
+[grid@dbmc1-0 ~]$ asmcmd lsdg
+State    Type    Rebal  Sector  Logical_Sector  Block       AU  Total_MB  Free_MB  Req_mir_free_MB  Usable_file_MB  Offline_disks  Voting_files  Name
+MOUNTED  EXTERN  N         512             512   4096  4194304    102392   102276                0          102276              0             N  CRSDATA/
+MOUNTED  EXTERN  N         512             512   4096  1048576    102396    99345                0           99345              0             N  DBDATA/
+MOUNTED  EXTERN  N         512             512   4096  1048576    102396   102329                0          102329              0             N  RECO/
+MOUNTED  EXTERN  N         512             512   4096  1048576    102396    99226                0           99226              0             N  REDO/
+[grid@dbmc1-0 ~]$
+[grid@dbmc1-0 ~]$ asmcmd lsdsk
+
+Path
+/dev/disk/by-partlabel/asm-disk1
+/dev/disk/by-partlabel/asm-disk2
+/dev/disk/by-partlabel/asm-disk3
+/dev/disk/by-partlabel/asm-disk4
+/dev/disk/by-partlabel/asm-disk5
+/dev/disk/by-partlabel/asm-disk6
+/dev/disk/by-partlabel/asm-disk7
+/dev/disk/by-partlabel/asm-disk8
+[grid@dbmc1-0 ~]$
+[grid@dbmc1-0 ~]$ sqlplus "/ as sysdba"
+
+SQL*Plus: Release 19.0.0.0.0 - Production on Thu Oct 9 05:38:48 2025
+Version 19.28.0.0.0
+
+Copyright (c) 1982, 2025, Oracle.  All rights reserved.
+
+
+Connected to:
+Oracle Database 19c Enterprise Edition Release 19.0.0.0.0 - Production
+Version 19.28.0.0.0
+
+SQL> set lines 200
+SQL> col DISKGROUP_NAME format a20
+SQL> col PATH format a50
+SQL> SELECT
+    dg.NAME AS DISKGROUP_NAME,
+    d.PATH,
+    d.MOUNT_STATUS,
+    d.HEADER_STATUS,
+    d.STATE,
+    d.TOTAL_MB,
+    d.FREE_MB
+FROM
+    V$ASM_DISK d
+JOIN
+    V$ASM_DISKGROUP dg ON d.GROUP_NUMBER = dg.GROUP_NUMBER
+ORDER BY
+    dg.NAME, d.DISK_NUMBER;  2    3    4    5    6    7    8    9   10   11   12   13   14
+
+DISKGROUP_NAME	     PATH						MOUNT_S HEADER_STATU STATE	TOTAL_MB    FREE_MB
+-------------------- -------------------------------------------------- ------- ------------ -------- ---------- ----------
+CRSDATA 	     /dev/disk/by-partlabel/asm-disk1			CACHED	MEMBER	     NORMAL	   51196      51136
+CRSDATA 	     /dev/disk/by-partlabel/asm-disk2			CACHED	MEMBER	     NORMAL	   51196      51140
+DBDATA		     /dev/disk/by-partlabel/asm-disk3			CACHED	MEMBER	     NORMAL	   51198      49672
+DBDATA		     /dev/disk/by-partlabel/asm-disk4			CACHED	MEMBER	     NORMAL	   51198      49673
+RECO		     /dev/disk/by-partlabel/asm-disk5			CACHED	MEMBER	     NORMAL	   51198      51165
+RECO		     /dev/disk/by-partlabel/asm-disk6			CACHED	MEMBER	     NORMAL	   51198      51164
+REDO		     /dev/disk/by-partlabel/asm-disk7			CACHED	MEMBER	     NORMAL	   51198      49616
+REDO		     /dev/disk/by-partlabel/asm-disk8			CACHED	MEMBER	     NORMAL	   51198      49610
+
+8 rows selected.
+
+
+
+
+[root@dbmc1-0 rac-work-dir]# su - oracle
+Last login: Thu Oct  9 05:39:36 UTC 2025 on pts/0
+[oracle@dbmc1-0 ~]$
+[oracle@dbmc1-0 ~]$
+[oracle@dbmc1-0 ~]$ export ORACLE_SID=PORCLCDB
+[oracle@dbmc1-0 ~]$
+[oracle@dbmc1-0 ~]$ sqlplus "/ as sysdba"
+
+SQL*Plus: Release 19.0.0.0.0 - Production on Thu Oct 9 05:39:43 2025
+Version 19.28.0.0.0
+
+Copyright (c) 1982, 2025, Oracle.  All rights reserved.
+
+
+Connected to:
+Oracle Database 19c Enterprise Edition Release 19.0.0.0.0 - Production
+Version 19.28.0.0.0
+
+SQL> show pdbs
+
+    CON_ID CON_NAME			  OPEN MODE  RESTRICTED
+---------- ------------------------------ ---------- ----------
+	 2 PDB$SEED			  READ ONLY  NO
+	 3 TESTPDB			  READ WRITE NO
+SQL> show parameter DB_CREATE_ONLINE_LOG_DEST_1
+
+NAME				     TYPE	 VALUE
+------------------------------------ ----------- ------------------------------
+db_create_online_log_dest_1	     string	 +REDO
+SQL> show parameter db_create_file_dest
+
+NAME				     TYPE	 VALUE
+------------------------------------ ----------- ------------------------------
+db_create_file_dest		     string	 +DBDATA
+SQL>  show parameter db_recovery_file_dest
+
+NAME				     TYPE	 VALUE
+------------------------------------ ----------- ------------------------------
+db_recovery_file_dest		     string	 +RECO
+db_recovery_file_dest_size	     big integer 20058M
+SQL>
diff --git a/docs/oraclerestart/provisioning/oraclerestart_prov_multiple_diskgroups.yaml b/docs/oraclerestart/provisioning/oraclerestart_prov_multiple_diskgroups.yaml
new file mode 100644
index 00000000..d99c4abf
--- /dev/null
+++ b/docs/oraclerestart/provisioning/oraclerestart_prov_multiple_diskgroups.yaml
@@ -0,0 +1,131 @@
+# API version of the OracleRestart Custom Resource
+apiVersion: database.oracle.com/v4
+
+# Resource type being created
+kind: OracleRestart
+
+# Metadata section to define the resource's name and namespace
+metadata:
+  name: oraclerestart-sample          # Name of the OracleRestart instance
+  namespace: orestart                 # Kubernetes namespace to deploy into
+
+spec:
+  # Instance details for Oracle Restart
+  instDetails:
+    name: dbmc1                       # Logical name of the OracleRestart instance
+    hostSwLocation: /scratch/orestart/  # Host directory for Oracle GI HOME and Oracle RDBMS HOME
+
+    # Worker nodes where the instance should be scheduled
+    workerNode:
+      - 10.0.10.58                   # IP address of the target node for deployment
+
+    # Environment variables in case you want to want to ignore prerequisite checks during the GI/RDBSMS Install
+    envVars:
+      - name: IGNORE_CRS_PREREQS     # If set to true, it will use flags -ignorePreReq and -ignorePrereqFailure during the CRS Installation. Do not set this parameter in the .yaml file if you do not want to use the parameters -ignorePreReq and -ignorePrereqFailure during the CRS Installation.
+        value: "true"
+      - name: IGNORE_DB_PREREQS      # If set to true, it will use flags -ignorePrereq and -ignorePrereqFailure during the DB Software Installation. Do not set this parameter in the .yaml file if you do not want to use the parameters -ignorePreReq and -ignorePrereqFailure during the DB Software Installation.
+        value: "true"
+
+  # NodePort service configuration for exposing DB port externally
+  nodePortSvc:
+    name: dbmc1-service-nodeport  # Name of the Kubernetes Service
+    svcType: nodeport             # Service type (NodePort to expose externally)
+
+    # Mapping between container and host ports
+    portMappings:
+      - port: 1521                    # Port inside container (Oracle Listener port)
+        targetPort: 1521              # Target port for the service
+        protocol: TCP                 # Protocol type (TCP for Oracle)
+        nodePort: 30007               # Host port exposed on worker node (must be in NodePort range)
+      - port: 6200                    # Port inside container (for ONS)
+        targetPort: 6200              # Target port for the service
+        protocol: TCP                 # Protocol type (TCP for Oracle)
+        nodePort: 30200               # Host port exposed on worker node (must be in NodePort range)        
+  enableOns: "enable"                 # If you want to have ONS notification configured on the specified port. Default value is "enable"        
+
+  # ASM (Automatic Storage Management) storage configuration
+  asmStorageDetails:
+    disksBySize:
+      - storageSizeInGb: 50          # Each disk in this group has 50Gi of storage
+        diskNames:
+          - /dev/disk/by-partlabel/asm-disk1  # ASM disk device path 1
+          - /dev/disk/by-partlabel/asm-disk2  # ASM disk device path 2
+          - /dev/disk/by-partlabel/asm-disk3  # ASM disk device path 3
+          - /dev/disk/by-partlabel/asm-disk4  # ASM disk device path 4
+          - /dev/disk/by-partlabel/asm-disk5  # ASM disk device path 5
+          - /dev/disk/by-partlabel/asm-disk6  # ASM disk device path 6
+          - /dev/disk/by-partlabel/asm-disk7  # ASM disk device path 7
+          - /dev/disk/by-partlabel/asm-disk8  # ASM disk device path 8                    
+
+  # SSH key secret used for remote access and automation
+  sshKeySecret:
+    name: ssh-key-secret          # Kubernetes secret name
+    privKeySecretName: ssh-privkey  # Private key inside secret
+    pubKeySecretName: ssh-pubkey    # Public key inside secret
+
+  # Secret containing DB user credentials
+  dbSecret:
+    name: db-user-pass-pkutl     # Secret name
+    keyFileName: key.pem         # Key file name inside secret
+    pwdFileName: pwdfile.enc     # Password file name inside secret
+
+  # Image for Oracle Restart container
+  image: dbocir/oracle/database-orestart:19.3.0-slim  # <-- Replace with your image registry
+
+  # Policy to pull image
+  # Use the value as "Always" if you want use the latest version of the image from the container registry.
+  # Use the value as "IfNotPresent" it the image is not already present locally.
+  imagePullPolicy: IfNotPresent
+
+  # Optional service account for security context permissions
+  # serviceAccountName: oraclerestart   # <-- Required for OpenShift; optional for vanilla Kubernetes
+
+  # Service-specific database name and related details
+  serviceDetails:
+    name: soepdb                     # Name of the Oracle service (pluggable DB)
+
+  # Resource requests and limits for memory and CPU
+  resources:
+    requests:
+      memory: "16Gi"                 # Minimum memory required
+      cpu: "2"                       # Minimum CPU required
+    limits:
+      memory: "16Gi"                 # Max memory allowed
+      cpu: "2"                       # Max CPU allowed
+
+  # Kernel-level system control parameters for Oracle
+  securityContext:
+    sysctls:
+      - name: kernel.shmall
+        value: "2097152"
+      - name: kernel.sem
+        value: "250 32000 100 128"
+      - name: kernel.shmmax
+        value: "8589934592"
+      - name: kernel.shmmni
+        value: "4096"
+
+  # Configuration parameters for Oracle Grid and Database homes
+  configParams:
+    gridHome: "/u01/app/19c/grid"                             # Oracle Grid home path
+    gridBase: "/u01/app/grid"                                 # Grid base directory
+    dbHome: "/u01/app/oracle/product/19c/dbhome_1"            # Oracle DB home path
+    dbBase: "/u01/app/oracle"                                 # Oracle base directory
+    crsAsmDeviceList: /dev/disk/by-partlabel/asm-disk1,/dev/disk/by-partlabel/asm-disk2   # Comma-separated list of ASM devices for CRSDATA Diskgroup
+    dbAsmDeviceList: /dev/disk/by-partlabel/asm-disk3,/dev/disk/by-partlabel/asm-disk4    # Comma-separated list of ASM device files for DBDATA Diskgroup for database files
+    recoAsmDeviceList: /dev/disk/by-partlabel/asm-disk5,/dev/disk/by-partlabel/asm-disk6  # Comma-separated list of ASM device files for RECO Diskgroup for Recovery Area files
+    redoAsmDeviceList: /dev/disk/by-partlabel/asm-disk7,/dev/disk/by-partlabel/asm-disk8 # Comma-separated list of ASM device files for REDO Diskgroup for Redo files    
+    crsAsmDiskDg: "+CRSDATA"                                  # Name of the Diskgroup for CRS Files
+    dbRecoveryFileDest: "+RECO"                               # Name of the Diskgroup for Recovery Files
+    dbDataFileDestDg: "+DBDATA"                               # Name of the Diskgroup for Database Files
+    redoAsmDiskDg: "+REDO"                                    # Name of the Diskgroup for Redo Files
+    inventory: "/u01/app/oraInventory"                        # Inventory location
+    gridSwZipFile: "grid_home.zip"                            # Grid infrastructure software ZIP
+    dbSwZipFile: "db_home.zip"                                # Database software ZIP
+    sgaSize: "3G"                                             # Size of the System Global Area
+    pgaSize: "1G"                                             # Size of the Program Global Area
+    processes: 2000                                           # Oracle process limit
+    cpuCount: 4                                               # Number of CPUs to allocate
+    dbName: "PORCLCDB"                                        # Oracle database name
+    pdbName: "TESTPDB"                                        # PDB name, in case you want to explicitly specify the PDB Name
+    hostSwStageLocation: /scratch/software/stage              # Host location where Oracle software ZIPs are staged, same location will be mounted inside the Oracle Restart Pod
diff --git a/docs/oraclerestart/provisioning/oraclerestart_prov_multiple_diskgroups_with_redundancy.txt b/docs/oraclerestart/provisioning/oraclerestart_prov_multiple_diskgroups_with_redundancy.txt
new file mode 100644
index 00000000..cabd436e
--- /dev/null
+++ b/docs/oraclerestart/provisioning/oraclerestart_prov_multiple_diskgroups_with_redundancy.txt
@@ -0,0 +1,335 @@
+$ kubectl describe oraclerestarts.database.oracle.com/oraclerestart-sample -n orestart
+Name:         oraclerestart-sample
+Namespace:    orestart
+Labels:       <none>
+Annotations:  OracleRestarts.database.oracle.com/old-spec:
+                {"instDetails":{"name":"dbmc1","hostSwLocation":"/scratch/orestart/","workerNode":["10.0.10.58"],"envVars":[{"name":"IGNORE_CRS_PREREQS","...
+API Version:  database.oracle.com/v4
+Kind:         OracleRestart
+Metadata:
+  Creation Timestamp:  2025-10-09T02:27:24Z
+  Finalizers:
+    database.oracle.com/oraclerestartfinalizer
+  Generation:        1
+  Resource Version:  246182750
+  UID:               93e5d361-47f7-4be0-a953-b23010228ebd
+Spec:
+  Asm Storage Details:
+    Disks By Size:
+      Disk Names:
+        /dev/disk/by-partlabel/asm-disk1
+        /dev/disk/by-partlabel/asm-disk2
+      Storage Size In Gb:  50
+      Disk Names:
+        /dev/disk/by-partlabel/asm-disk3
+        /dev/disk/by-partlabel/asm-disk4
+        /dev/disk/by-partlabel/asm-disk5
+        /dev/disk/by-partlabel/asm-disk6
+      Storage Size In Gb:  100
+      Disk Names:
+        /dev/disk/by-partlabel/asm-disk7
+        /dev/disk/by-partlabel/asm-disk8
+      Storage Size In Gb:  100
+      Disk Names:
+        /dev/disk/by-partlabel/asm-disk9
+        /dev/disk/by-partlabel/asm-disk10
+      Storage Size In Gb:  50
+  Config Params:
+    Cpu Count:                   4
+    Crs Asm Device List:         /dev/disk/by-partlabel/asm-disk1,/dev/disk/by-partlabel/asm-disk2
+    Crs Asm Disk Dg:             +CRSDATA
+    Crs Asm Disk Dg Redundancy:  EXTERNAL
+    Db Asm Device List:          /dev/disk/by-partlabel/asm-disk3,/dev/disk/by-partlabel/asm-disk4,/dev/disk/by-partlabel/asm-disk5,/dev/disk/by-partlabel/asm-disk6
+    Db Asm Disk Dg Redundancy:   NORMAL
+    Db Base:                     /u01/app/oracle
+    Db Char Set:                 AL32UTF8
+    Db Data File Dest Dg:        +DBDATA
+    Db Home:                     /u01/app/oracle/product/19c/dbhome_1
+    Db Name:                     PORCLCDB
+    Db Recovery File Dest:       +RECO
+    Db Response File:
+    Db Sw Zip File:  db_home.zip
+    Grid Base:       /u01/app/grid
+    Grid Home:       /u01/app/19c/grid
+    Grid Response File:
+    Grid Sw Zip File:             grid_home.zip
+    Host Sw Stage Location:       /scratch/software/stage
+    Inventory:                    /u01/app/oraInventory
+    Pdb Name:                     TESTPDB
+    Pga Size:                     1G
+    Processes:                    2000
+    Reco Asm Device List:         /dev/disk/by-partlabel/asm-disk7,/dev/disk/by-partlabel/asm-disk8
+    Reco Asm Disk Dg Redundancy:  EXTERNAL
+    Redo Asm Device List:         /dev/disk/by-partlabel/asm-disk9,/dev/disk/by-partlabel/asm-disk10
+    Redo Asm Disk Dg:             +REDO
+    Redo Asm Disk Dg Redundancy:  EXTERNAL
+    Sga Size:                     3G
+    Sw Mount Location:            /u01
+  Db Secret:
+    Key File Mount Location:  /mnt/.dbsecrets
+    Key File Name:            key.pem
+    Name:                     db-user-pass-pkutl
+    Pwd File Mount Location:  /mnt/.dbsecrets
+    Pwd File Name:            pwdfile.enc
+  Enable Ons:                 enable
+  Image:                      localhost/oracle/database-orestart:19.3.0-slim
+  Image Pull Policy:          IfNotPresent
+  Inst Details:
+    Env Vars:
+      Name:            IGNORE_CRS_PREREQS
+      Value:           true
+      Name:            IGNORE_DB_PREREQS
+      Value:           true
+    Host Sw Location:  /scratch/orestart/
+    Name:              dbmc1
+    Worker Node:
+      10.0.10.58
+  Lb Service:
+  Node Port Svc:
+    Name:  dbmc1-service-nodeport
+    Port Mappings:
+      Node Port:    30007
+      Port:         1521
+      Protocol:     TCP
+      Target Port:  1521
+      Node Port:    30200
+      Port:         6200
+      Protocol:     TCP
+      Target Port:  6200
+    Svc Type:       nodeport
+  Resources:
+    Limits:
+      Cpu:     2
+      Memory:  16Gi
+    Requests:
+      Cpu:     2
+      Memory:  16Gi
+  Security Context:
+    Sysctls:
+      Name:   kernel.shmall
+      Value:  2097152
+      Name:   kernel.sem
+      Value:  250 32000 100 128
+      Name:   kernel.shmmax
+      Value:  8589934592
+      Name:   kernel.shmmni
+      Value:  4096
+  Service Details:
+    Name:  soepdb
+  Ssh Key Secret:
+    Key Mount Location:    /mnt/.ssh
+    Name:                  ssh-key-secret
+    Priv Key Secret Name:  ssh-privkey
+    Pub Key Secret Name:   ssh-pubkey
+Status:
+  Oracle Restart Nodes:
+    Name:  dbmc1-0
+    Node Details:
+      Instance State:  OPEN
+      Pod State:       AVAILABLE
+      Cluster State:   HEALTHY
+      Mounted Devices:
+        /dev/disk/by-partlabel/asm-disk1
+        /dev/disk/by-partlabel/asm-disk2
+        /dev/disk/by-partlabel/asm-disk3
+        /dev/disk/by-partlabel/asm-disk4
+        /dev/disk/by-partlabel/asm-disk5
+        /dev/disk/by-partlabel/asm-disk6
+        /dev/disk/by-partlabel/asm-disk7
+        /dev/disk/by-partlabel/asm-disk8
+        /dev/disk/by-partlabel/asm-disk9
+        /dev/disk/by-partlabel/asm-disk10
+      State:  AVAILABLE
+  Asm Details:
+    Diskgroup:
+      Disks:
+        /dev/disk/by-partlabel/asm-disk1,/dev/disk/by-partlabel/asm-disk10,/dev/disk/by-partlabel/asm-disk2,/dev/disk/by-partlabel/asm-disk3,/dev/disk/by-partlabel/asm-disk4,/dev/disk/by-partlabel/asm-disk5,/dev/disk/by-partlabel/asm-disk6,/dev/disk/by-partlabel/asm-disk7,/dev/disk/by-partlabel/asm-disk8,/dev/disk/by-partlabel/asm-disk9
+      Name:        CRSDATA
+      Redundancy:  EXTERN
+      Disks:
+        /dev/disk/by-partlabel/asm-disk1,/dev/disk/by-partlabel/asm-disk10,/dev/disk/by-partlabel/asm-disk2,/dev/disk/by-partlabel/asm-disk3,/dev/disk/by-partlabel/asm-disk4,/dev/disk/by-partlabel/asm-disk5,/dev/disk/by-partlabel/asm-disk6,/dev/disk/by-partlabel/asm-disk7,/dev/disk/by-partlabel/asm-disk8,/dev/disk/by-partlabel/asm-disk9
+      Name:        REDO
+      Redundancy:  EXTERN
+      Disks:
+        /dev/disk/by-partlabel/asm-disk1,/dev/disk/by-partlabel/asm-disk10,/dev/disk/by-partlabel/asm-disk2,/dev/disk/by-partlabel/asm-disk3,/dev/disk/by-partlabel/asm-disk4,/dev/disk/by-partlabel/asm-disk5,/dev/disk/by-partlabel/asm-disk6,/dev/disk/by-partlabel/asm-disk7,/dev/disk/by-partlabel/asm-disk8,/dev/disk/by-partlabel/asm-disk9
+      Name:        RECO
+      Redundancy:  EXTERN
+      Disks:
+        /dev/disk/by-partlabel/asm-disk1,/dev/disk/by-partlabel/asm-disk10,/dev/disk/by-partlabel/asm-disk2,/dev/disk/by-partlabel/asm-disk3,/dev/disk/by-partlabel/asm-disk4,/dev/disk/by-partlabel/asm-disk5,/dev/disk/by-partlabel/asm-disk6,/dev/disk/by-partlabel/asm-disk7,/dev/disk/by-partlabel/asm-disk8,/dev/disk/by-partlabel/asm-disk9
+      Name:        DBDATA
+      Redundancy:  NORMAL
+  Conditions:
+    Last Transition Time:  2025-10-09T02:40:30Z
+    Message:               reconcile has been queued
+    Observed Generation:   1
+    Reason:                LastReconcileCycleQueued
+    Status:                True
+    Type:                  ReconcileQueued
+    Last Transition Time:  2025-10-09T03:32:32Z
+    Message:               reconcile completed successfully
+    Observed Generation:   1
+    Reason:                LastReconcileCycleCompleted
+    Status:                True
+    Type:                  ReconcileComplete
+  Config Params:
+    Crs Asm Device List:         /dev/disk/by-partlabel/asm-disk1,/dev/disk/by-partlabel/asm-disk2
+    Crs Asm Disk Dg:             +CRSDATA
+    Crs Asm Disk Dg Redundancy:  EXTERNAL
+    Db Asm Device List:          /dev/disk/by-partlabel/asm-disk3,/dev/disk/by-partlabel/asm-disk4,/dev/disk/by-partlabel/asm-disk5,/dev/disk/by-partlabel/asm-disk6
+    Db Asm Disk Dg Redundancy:   NORMAL
+    Db Base:                     /u01/app/oracle
+    Db Data File Dest Dg:        +DBDATA
+    Db Home:                     /u01/app/oracle/product/19c/dbhome_1
+    Db Name:                     PORCLCDB
+    Db Recovery File Dest:       +RECO
+    Db Response File:
+    Grid Base:  /u01/app/grid
+    Grid Home:  /u01/app/19c/grid
+    Grid Response File:
+    Inventory:             /u01/app/oraInventory
+    Reco Asm Device List:  /dev/disk/by-partlabel/asm-disk7,/dev/disk/by-partlabel/asm-disk8
+  Connect String:          dbmc1-0:1521/PORCLCDB
+  Db Secret:
+    Key File Mount Location:  /mnt/.dbsecrets
+    Key File Name:            key.pem
+    Name:                     db-user-pass-pkutl
+    Pwd File Mount Location:  /mnt/.dbsecrets
+    Pwd File Name:            pwdfile.enc
+  Db State:                   OPEN
+  External Connect String:    129.146.0.149:30007/soepdb
+  Pdb Connect String:         dbmc1-0:1521/ORCLPDB
+  Release Update:             19.28.0.0.0
+  Role:                       PRIMARY
+  Service Details:
+    Name:       soepdb
+    Svc State:  service soepdb is running
+  State:        AVAILABLE
+Events:         <none>
+
+
+
+
+
+[grid@dbmc1-0 ~]$ ls -rlt /dev/disk/by-partlabel/asm-disk*
+brw-rw----. 1 grid asmadmin 8,  49 Oct  9 02:35 /dev/disk/by-partlabel/asm-disk2
+brw-rw----. 1 grid asmadmin 8, 145 Oct  9 02:56 /dev/disk/by-partlabel/asm-disk8
+brw-rw----. 1 grid asmadmin 8, 129 Oct  9 03:32 /dev/disk/by-partlabel/asm-disk6
+brw-rw----. 1 grid asmadmin 8, 177 Oct  9 03:35 /dev/disk/by-partlabel/asm-disk10
+brw-rw----. 1 grid asmadmin 8, 161 Oct  9 03:35 /dev/disk/by-partlabel/asm-disk9
+brw-rw----. 1 grid asmadmin 8,  33 Oct  9 03:35 /dev/disk/by-partlabel/asm-disk1
+brw-rw----. 1 grid asmadmin 8,  65 Oct  9 03:35 /dev/disk/by-partlabel/asm-disk7
+brw-rw----. 1 grid asmadmin 8, 113 Oct  9 03:35 /dev/disk/by-partlabel/asm-disk5
+brw-rw----. 1 grid asmadmin 8,  81 Oct  9 03:35 /dev/disk/by-partlabel/asm-disk4
+brw-rw----. 1 grid asmadmin 8,  97 Oct  9 03:35 /dev/disk/by-partlabel/asm-disk3
+[grid@dbmc1-0 ~]$ export ORACLE_SID=+ASM
+[grid@dbmc1-0 ~]$ asmcmd lsdg
+State    Type    Rebal  Sector  Logical_Sector  Block       AU  Total_MB  Free_MB  Req_mir_free_MB  Usable_file_MB  Offline_disks  Voting_files  Name
+MOUNTED  EXTERN  N         512             512   4096  4194304    102392   102276                0          102276              0             N  CRSDATA/
+MOUNTED  NORMAL  N         512             512   4096  1048576    204792   198553            51198           73677              0             N  DBDATA/
+MOUNTED  EXTERN  N         512             512   4096  1048576    102396   102310                0          102310              0             N  RECO/
+MOUNTED  EXTERN  N         512             512   4096  1048576    102396    99226                0           99226              0             N  REDO/
+[grid@dbmc1-0 ~]$
+[grid@dbmc1-0 ~]$ asmcmd lsdsk
+Path
+/dev/disk/by-partlabel/asm-disk1
+/dev/disk/by-partlabel/asm-disk10
+/dev/disk/by-partlabel/asm-disk2
+/dev/disk/by-partlabel/asm-disk3
+/dev/disk/by-partlabel/asm-disk4
+/dev/disk/by-partlabel/asm-disk5
+/dev/disk/by-partlabel/asm-disk6
+/dev/disk/by-partlabel/asm-disk7
+/dev/disk/by-partlabel/asm-disk8
+/dev/disk/by-partlabel/asm-disk9
+[grid@dbmc1-0 ~]$
+[grid@dbmc1-0 ~]$
+[grid@dbmc1-0 ~]$ sqlplus "/ as sysdba"
+
+SQL*Plus: Release 19.0.0.0.0 - Production on Thu Oct 9 03:35:52 2025
+Version 19.28.0.0.0
+
+Copyright (c) 1982, 2025, Oracle.  All rights reserved.
+
+
+Connected to:
+Oracle Database 19c Enterprise Edition Release 19.0.0.0.0 - Production
+Version 19.28.0.0.0
+
+SQL> set lines 200
+SQL> col DISKGROUP_NAME format a20
+SQL> col PATH format a50
+SQL> SELECT
+    dg.NAME AS DISKGROUP_NAME,
+    d.PATH,
+    d.MOUNT_STATUS,
+    d.HEADER_STATUS,
+    d.STATE,
+    d.TOTAL_MB,
+    d.FREE_MB
+FROM
+    V$ASM_DISK d
+JOIN
+    V$ASM_DISKGROUP dg ON d.GROUP_NUMBER = dg.GROUP_NUMBER
+ORDER BY
+    dg.NAME, d.DISK_NUMBER;  2    3    4    5    6    7    8    9   10   11   12   13   14
+
+DISKGROUP_NAME	     PATH						MOUNT_S HEADER_STATU STATE	TOTAL_MB    FREE_MB
+-------------------- -------------------------------------------------- ------- ------------ -------- ---------- ----------
+CRSDATA 	     /dev/disk/by-partlabel/asm-disk1			CACHED	MEMBER	     NORMAL	   51196      51132
+CRSDATA 	     /dev/disk/by-partlabel/asm-disk2			CACHED	MEMBER	     NORMAL	   51196      51144
+DBDATA		     /dev/disk/by-partlabel/asm-disk3			CACHED	MEMBER	     NORMAL	   51198      49635
+DBDATA		     /dev/disk/by-partlabel/asm-disk4			CACHED	MEMBER	     NORMAL	   51198      49634
+DBDATA		     /dev/disk/by-partlabel/asm-disk5			CACHED	MEMBER	     NORMAL	   51198      49644
+DBDATA		     /dev/disk/by-partlabel/asm-disk6			CACHED	MEMBER	     NORMAL	   51198      49640
+RECO		     /dev/disk/by-partlabel/asm-disk7			CACHED	MEMBER	     NORMAL	   51198      51152
+RECO		     /dev/disk/by-partlabel/asm-disk8			CACHED	MEMBER	     NORMAL	   51198      51158
+REDO		     /dev/disk/by-partlabel/asm-disk9			CACHED	MEMBER	     NORMAL	   51198      49610
+REDO		     /dev/disk/by-partlabel/asm-disk10			CACHED	MEMBER	     NORMAL	   51198      49616
+
+10 rows selected.
+
+SQL>
+
+
+
+
+
+[oracle@dbmc1-0 ~]$ export ORACLE_SID=PORCLCDB
+[oracle@dbmc1-0 ~]$ sqlplus "/ as sysdba"
+
+SQL*Plus: Release 19.0.0.0.0 - Production on Thu Oct 9 03:45:27 2025
+Version 19.28.0.0.0
+
+Copyright (c) 1982, 2025, Oracle.  All rights reserved.
+
+
+Connected to:
+Oracle Database 19c Enterprise Edition Release 19.0.0.0.0 - Production
+Version 19.28.0.0.0
+
+SQL>
+SQL> show pdbs
+
+    CON_ID CON_NAME			  OPEN MODE  RESTRICTED
+---------- ------------------------------ ---------- ----------
+	 2 PDB$SEED			  READ ONLY  NO
+	 3 TESTPDB			  READ WRITE NO
+SQL>
+SQL> show parameter DB_CREATE_ONLINE_LOG_DEST_1
+
+NAME				     TYPE	 VALUE
+------------------------------------ ----------- ------------------------------
+db_create_online_log_dest_1	     string	 +REDO
+SQL>
+SQL> show parameter db_create_file_dest
+
+NAME				     TYPE	 VALUE
+------------------------------------ ----------- ------------------------------
+db_create_file_dest		     string	 +DBDATA
+SQL>
+SQL> show parameter db_recovery_file_dest
+
+NAME				     TYPE	 VALUE
+------------------------------------ ----------- ------------------------------
+db_recovery_file_dest		     string	 +RECO
+db_recovery_file_dest_size	     big integer 20058M
\ No newline at end of file
diff --git a/docs/oraclerestart/provisioning/oraclerestart_prov_multiple_diskgroups_with_redundancy.yaml b/docs/oraclerestart/provisioning/oraclerestart_prov_multiple_diskgroups_with_redundancy.yaml
new file mode 100644
index 00000000..3fc9c56f
--- /dev/null
+++ b/docs/oraclerestart/provisioning/oraclerestart_prov_multiple_diskgroups_with_redundancy.yaml
@@ -0,0 +1,143 @@
+# API version of the OracleRestart Custom Resource
+apiVersion: database.oracle.com/v4
+
+# Resource type being created
+kind: OracleRestart
+
+# Metadata section to define the resource's name and namespace
+metadata:
+  name: oraclerestart-sample          # Name of the OracleRestart instance
+  namespace: orestart                 # Kubernetes namespace to deploy into
+
+spec:
+  # Instance details for Oracle Restart
+  instDetails:
+    name: dbmc1                       # Logical name of the OracleRestart instance
+    hostSwLocation: /scratch/orestart/  # Host directory for Oracle GI HOME and Oracle RDBMS HOME
+
+    # Worker nodes where the instance should be scheduled
+    workerNode:
+      - 10.0.10.58                   # IP address of the target node for deployment
+
+    # Environment variables in case you want to want to ignore prerequisite checks during the GI/RDBSMS Install
+    envVars:
+      - name: IGNORE_CRS_PREREQS     # If set to true, it will use flags -ignorePreReq and -ignorePrereqFailure during the CRS Installation. Do not set this parameter in the .yaml file if you do not want to use the parameters -ignorePreReq and -ignorePrereqFailure during the CRS Installation.
+        value: "true"
+      - name: IGNORE_DB_PREREQS      # If set to true, it will use flags -ignorePrereq and -ignorePrereqFailure during the DB Software Installation. Do not set this parameter in the .yaml file if you do not want to use the parameters -ignorePreReq and -ignorePrereqFailure during the DB Software Installation.
+        value: "true"
+
+  # NodePort service configuration for exposing DB port externally
+  nodePortSvc:
+    name: dbmc1-service-nodeport  # Name of the Kubernetes Service
+    svcType: nodeport             # Service type (NodePort to expose externally)
+
+    # Mapping between container and host ports
+    portMappings:
+      - port: 1521                    # Port inside container (Oracle Listener port)
+        targetPort: 1521              # Target port for the service
+        protocol: TCP                 # Protocol type (TCP for Oracle)
+        nodePort: 30007               # Host port exposed on worker node (must be in NodePort range)
+      - port: 6200                    # Port inside container (for ONS)
+        targetPort: 6200              # Target port for the service
+        protocol: TCP                 # Protocol type (TCP for Oracle)
+        nodePort: 30200               # Host port exposed on worker node (must be in NodePort range)        
+  enableOns: "enable"                 # If you want to have ONS notification configured on the specified port. Default value is "enable"        
+
+  # ASM (Automatic Storage Management) storage configuration
+  asmStorageDetails:
+    disksBySize:
+      - storageSizeInGb: 50           # Each disk in this group has 50Gi of storage, will be used for CRSDATA Diskgroup
+        diskNames:
+          - /dev/disk/by-partlabel/asm-disk1  # ASM disk device path 1
+          - /dev/disk/by-partlabel/asm-disk2  # ASM disk device path 2
+      - storageSizeInGb: 100          # Each disk in this group has 100Gi of storage, will be used for DATA Diskgroup
+        diskNames:
+          - /dev/disk/by-partlabel/asm-disk3  # ASM disk device path 3
+          - /dev/disk/by-partlabel/asm-disk4  # ASM disk device path 4
+          - /dev/disk/by-partlabel/asm-disk5  # ASM disk device path 5
+          - /dev/disk/by-partlabel/asm-disk6  # ASM disk device path 6
+      - storageSizeInGb: 100          # Each disk in this group has 100Gi of storage, will be used for RECO Diskgroup
+        diskNames:
+          - /dev/disk/by-partlabel/asm-disk7  # ASM disk device path 7
+          - /dev/disk/by-partlabel/asm-disk8  # ASM disk device path 8
+      - storageSizeInGb: 50           # Each disk in this group has 50Gi of storage, will be used for REDO Diskgroup
+        diskNames:
+          - /dev/disk/by-partlabel/asm-disk9  # ASM disk device path 9
+          - /dev/disk/by-partlabel/asm-disk10  # ASM disk device path 10          
+
+  # SSH key secret used for remote access and automation
+  sshKeySecret:
+    name: ssh-key-secret          # Kubernetes secret name
+    privKeySecretName: ssh-privkey  # Private key inside secret
+    pubKeySecretName: ssh-pubkey    # Public key inside secret
+
+  # Secret containing DB user credentials
+  dbSecret:
+    name: db-user-pass-pkutl     # Secret name
+    keyFileName: key.pem         # Key file name inside secret
+    pwdFileName: pwdfile.enc     # Password file name inside secret
+
+  # Image for Oracle Restart container
+  image: dbocir/oracle/database-orestart:19.3.0-slim  # <-- Replace with your image registry
+
+  # Policy to pull image
+  # Use the value as "Always" if you want use the latest version of the image from the container registry.
+  # Use the value as "IfNotPresent" it the image is not already present locally.
+  imagePullPolicy: IfNotPresent
+
+  # Optional service account for security context permissions
+  # serviceAccountName: oraclerestart   # <-- Required for OpenShift; optional for vanilla Kubernetes
+
+  # Service-specific database name and related details
+  serviceDetails:
+    name: soepdb                     # Name of the Oracle service (pluggable DB)
+
+  # Resource requests and limits for memory and CPU
+  resources:
+    requests:
+      memory: "16Gi"                 # Minimum memory required
+      cpu: "2"                       # Minimum CPU required
+    limits:
+      memory: "16Gi"                 # Max memory allowed
+      cpu: "2"                       # Max CPU allowed
+
+  # Kernel-level system control parameters for Oracle
+  securityContext:
+    sysctls:
+      - name: kernel.shmall
+        value: "2097152"
+      - name: kernel.sem
+        value: "250 32000 100 128"
+      - name: kernel.shmmax
+        value: "8589934592"
+      - name: kernel.shmmni
+        value: "4096"
+
+  # Configuration parameters for Oracle Grid and Database homes
+  configParams:
+    gridHome: "/u01/app/19c/grid"                             # Oracle Grid home path
+    gridBase: "/u01/app/grid"                                 # Grid base directory
+    dbHome: "/u01/app/oracle/product/19c/dbhome_1"            # Oracle DB home path
+    dbBase: "/u01/app/oracle"                                 # Oracle base directory
+    crsAsmDiskDg: "+CRSDATA"                                  # Name of the Diskgroup for CRS Files
+    dbDataFileDestDg: "+DBDATA"                               # Name of the Diskgroup for Database Files
+    dbRecoveryFileDest: "+RECO"                               # Name of the Diskgroup for Recovery Files
+    redoAsmDiskDg: "+REDO"                                    # Name of the Diskgroup for Redo Files    
+    crsAsmDeviceList: /dev/disk/by-partlabel/asm-disk1,/dev/disk/by-partlabel/asm-disk2   # Comma-separated list of ASM devices for CRSDATA Diskgroup
+    dbAsmDeviceList: /dev/disk/by-partlabel/asm-disk3,/dev/disk/by-partlabel/asm-disk4,/dev/disk/by-partlabel/asm-disk5,/dev/disk/by-partlabel/asm-disk6     # Comma-separated list of ASM device files for DBDATA Diskgroup for database files
+    recoAsmDeviceList: /dev/disk/by-partlabel/asm-disk7,/dev/disk/by-partlabel/asm-disk8  # Comma-separated list of ASM device files for RECO Diskgroup for Recovery Area files
+    redoAsmDeviceList: /dev/disk/by-partlabel/asm-disk9,/dev/disk/by-partlabel/asm-disk10 # Comma-separated list of ASM device files for REDO Diskgroup for Redo files
+    crsAsmDiskDgRedundancy: "EXTERNAL"                        # Specify the Redudancy for the diskgroup with CRS Files
+    dbAsmDiskDgRedundancy: "NORMAL"                           # Specify the Redudancy for the diskgroup with Database Files
+    recoAsmDiskDgRedundancy: "EXTERNAL"                       # Specify the Redudancy for the diskgroup with Recovery Files
+    redoAsmDiskDgRedundancy: "EXTERNAL"                       # Specify the Redudancy for the diskgroup with Redo Files
+    inventory: "/u01/app/oraInventory"                        # Inventory location
+    gridSwZipFile: "grid_home.zip"                            # Grid infrastructure software ZIP
+    dbSwZipFile: "db_home.zip"                                # Database software ZIP
+    sgaSize: "3G"                                             # Size of the System Global Area
+    pgaSize: "1G"                                             # Size of the Program Global Area
+    processes: 2000                                           # Oracle process limit
+    cpuCount: 4                                               # Number of CPUs to allocate
+    dbName: "PORCLCDB"                                        # Oracle database name
+    pdbName: "TESTPDB"                                        # PDB name, in case you want to explicitly specify the PDB Name    
+    hostSwStageLocation: /scratch/software/stage              # Host location where Oracle software ZIPs are staged, same location will be mounted inside the Oracle Restart Pod
diff --git a/docs/oraclerestart/provisioning/oraclerestart_prov_multiple_diskgroups_with_redundancy_with_separate_storage_class.md b/docs/oraclerestart/provisioning/oraclerestart_prov_multiple_diskgroups_with_redundancy_with_separate_storage_class.md
new file mode 100644
index 00000000..69d4cae3
--- /dev/null
+++ b/docs/oraclerestart/provisioning/oraclerestart_prov_multiple_diskgroups_with_redundancy_with_separate_storage_class.md
@@ -0,0 +1,53 @@
+# Provisioning an Oracle Restart Database with multiple diskgroups with different redundancy and option to specify separate storage class
+
+### In this Usecase:
+The Oracle Grid Infrastructure and Oracle Restart Database are deployed automatically using Oracle Restart Controller. In this example, multiple diskgroups are created for CRS Files, Database Files, Recovery Area Files and Redo Log Files. Different Disk Groups have different redundancy levels.
+
+This example uses `oraclerestart_prov_multiple_diskgroups_with_redundancy_with_separate_storage_class.yaml` to provision an Oracle Database configured with Oracle Restart using Oracle Restart Controller. The provisioning includes:
+  * Oracle Restart Pod
+  * Headless services for Oracle Restart.
+    * Oracle Database Node hostname.
+  * Persistent volumes created automatically based on specified disks for Oracle ASM Storage.
+  * Software Persistent Volume and Staged Software Persistent Volume using the specified location on the corresponding worker node.
+  * Namespace: `orestart`
+  * Staged Software location on the worker nodes is specified by `hostSwStageLocation`. The Grid Infrastructure and RDBMS Binaries are copied to this location on the worker node.
+  * The GI HOME and the RDBMS HOME in the Oracle Restart Pod are mounted using a Persistent Volume created using the Storage Class (specified using `swDgStorageClass`). This Persistent Volume is mounted to `/u01` inside the Pod. Size of this Persistent Volume is specified using `swLocStorageSizeInGb`.
+  * Name of Custom Storage Class for Diskgroup having CRS files is specified by `crsDgStorageClass`.  
+  * Name of Custom Storage Class for Diskgroup having Database files is specified by `dataDgStorageClass`.  
+  * Name of Custom Storage Class for Diskgroup having Recovery Area files is specified by `recoDgStorageClass`.  
+  * Name of Custom Storage Class for Diskgroup having Redo Log files is specified by `redoDgStorageClass`.  
+
+### In this example, 
+  * Oracle Restart Database Slim Image `dbocir/oracle/database-orestart:19.3.0-slim` is used and it is built using files from [GitHub location](https://github.com/oracle/docker-images/tree/main/OracleDatabase/RAC/OracleRealApplicationClusters#building-oracle-rac-database-container-slim-image). Default image created using files from this project is `localhost/oracle/database-rac:19.3.0-slim`. You need to tag it with name `localhost/oracle/database-orestart:19.3.0-slim`. 
+  * When you are building the image yourself, update the image value in the `oraclerestart_prov_multiple_diskgroups_with_redundancy_with_separate_storage_class.yaml` file to point to the container image you have built. 
+  * The disks provisioned using custom storage classes are mounted inside the Oracle Restart Pod as `/dev/asm-disk1` to `/dev/asm-disk10`. 
+  * Specify the size of disk devices along with names using the parameter `storageSizeInGb`. Size is by-default in GBs. 
+  * The Diskgroup for CRS files is specified by `crsAsmDiskDg` and the disks on the worker nodes for this diskgroup are specified by `crsAsmDeviceList`. 
+  * The Diskgroup for Database files is specified by `dbDataFileDestDg` and the disks on the worker nodes for this diskgroup are specified by `dbAsmDeviceList`. 
+  * The Diskgroup for Recovery Area files is specified by `dbRecoveryFileDest` and the disks on the worker nodes for this diskgroup are specified by `recoAsmDeviceList`. 
+  * The Diskgroup for Redo Log files is specified by `redoAsmDiskDg` and the disks on the worker nodes for this diskgroup are specified by `redoAsmDeviceList`. 
+  * Redundancy level for the diskgroup with CRS files is mentioned by `crsAsmDiskDgRedundancy`.
+  * Redundancy level for the diskgroup with Database files is mentioned by `dbAsmDiskDgRedundancy`.
+  * Redundancy level for the diskgroup with Recovery files is mentioned by `recoAsmDiskDgRedudancy`. 
+  * Redundancy level for the diskgroup with Redo Log files is mentioned by `redoAsmDiskDgRedundancy`. 
+
+### Steps: Deploy Oracle Restart Database
+* Use the file: [oraclerestart_prov_multiple_diskgroups_with_redundancy_with_separate_storage_class.yaml](./oraclerestart_prov_multiple_diskgroups_with_redundancy_with_separate_storage_class.yaml) for this use case as below:
+* Deploy the `oraclerestart_prov_multiple_diskgroups_with_redundancy_with_separate_storage_class.yaml` file:
+    ```sh
+    kubectl apply -f oraclerestart_prov_multiple_diskgroups_with_redundancy_with_separate_storage_class.yaml
+    oraclerestart.database.oracle.com/oraclerestart-sample created
+    ```
+* Check the status of the deployment:
+    ```sh
+    # Check the status of the Kubernetes Pods:    
+    kubectl get all -n orestart
+
+    # Check the logs of a particular pod. For example, to check status of pod "dbmc1-0":    
+    kubectl exec -it pod/dbmc1-0 -n orestart -- bash -c "tail -f /tmp/orod/oracle_db_setup.log"
+    ===============================
+    ORACLE DATABASE IS READY TO USE
+    ===============================
+    ```
+* Check Details of Kubernetes CRD Object as in this [example](./oraclerestart_prov_multiple_diskgroups_with_redundancy_with_separate_storage_class.txt)
+* Refer to the page [Database Connection](./database_connection.md) for the details to connect to Oracle Restart Database deployed using above example.
diff --git a/docs/oraclerestart/provisioning/oraclerestart_prov_multiple_diskgroups_with_redundancy_with_separate_storage_class.txt b/docs/oraclerestart/provisioning/oraclerestart_prov_multiple_diskgroups_with_redundancy_with_separate_storage_class.txt
new file mode 100644
index 00000000..595258d8
--- /dev/null
+++ b/docs/oraclerestart/provisioning/oraclerestart_prov_multiple_diskgroups_with_redundancy_with_separate_storage_class.txt
@@ -0,0 +1,344 @@
+$ kubectl describe oraclerestarts.database.oracle.com/oraclerestart-sample -n orestart
+Name:         oraclerestart-sample
+Namespace:    orestart
+Labels:       <none>
+Annotations:  OracleRestarts.database.oracle.com/old-spec:
+                {"instDetails":{"name":"dbmc1","swLocStorageSizeInGb":300,"workerNode":["10.0.10.58"],"envVars":[{"name":"IGNORE_CRS_PREREQS","value":"tru...
+API Version:  database.oracle.com/v4
+Kind:         OracleRestart
+Metadata:
+  Creation Timestamp:  2025-10-09T03:57:56Z
+  Finalizers:
+    database.oracle.com/oraclerestartfinalizer
+  Generation:        1
+  Resource Version:  246198029
+  UID:               19d43856-477c-43d2-a01f-8d1492107370
+Spec:
+  Asm Storage Details:
+    Disks By Size:
+      Disk Names:
+        /dev/asm-disk1
+        /dev/asm-disk2
+      Storage Size In Gb:  50
+      Disk Names:
+        /dev/asm-disk3
+        /dev/asm-disk4
+        /dev/asm-disk5
+        /dev/asm-disk6
+      Storage Size In Gb:  100
+      Disk Names:
+        /dev/asm-disk7
+        /dev/asm-disk8
+      Storage Size In Gb:  100
+      Disk Names:
+        /dev/asm-disk9
+        /dev/asm-disk10
+      Storage Size In Gb:  50
+  Config Params:
+    Cpu Count:                   4
+    Crs Asm Device List:         /dev/asm-disk1,/dev/asm-disk2
+    Crs Asm Disk Dg:             +CRSDATA
+    Crs Asm Disk Dg Redundancy:  EXTERNAL
+    Db Asm Device List:          /dev/asm-disk3,/dev/asm-disk4,/dev/asm-disk5,/dev/asm-disk6
+    Db Asm Disk Dg Redundancy:   NORMAL
+    Db Base:                     /u01/app/oracle
+    Db Char Set:                 AL32UTF8
+    Db Data File Dest Dg:        +DBDATA
+    Db Home:                     /u01/app/oracle/product/19c/dbhome_1
+    Db Name:                     PORCLCDB
+    Db Recovery File Dest:       +RECO
+    Db Response File:
+    Db Sw Zip File:  db_home.zip
+    Grid Base:       /u01/app/grid
+    Grid Home:       /u01/app/19c/grid
+    Grid Response File:
+    Grid Sw Zip File:             grid_home.zip
+    Host Sw Stage Location:       /scratch/software/stage
+    Inventory:                    /u01/app/oraInventory
+    Pdb Name:                     TESTPDB
+    Pga Size:                     1G
+    Processes:                    2000
+    Reco Asm Device List:         /dev/asm-disk7,/dev/asm-disk8
+    Reco Asm Disk Dg Redundancy:  EXTERNAL
+    Redo Asm Device List:         /dev/asm-disk9,/dev/asm-disk10
+    Redo Asm Disk Dg:             +REDO
+    Redo Asm Disk Dg Redundancy:  EXTERNAL
+    Sga Size:                     3G
+    Sw Mount Location:            /u01
+  Crs Dg Storage Class:           oci-bv
+  Data Dg Storage Class:          oci-bv
+  Db Secret:
+    Key File Mount Location:  /mnt/.dbsecrets
+    Key File Name:            key.pem
+    Name:                     db-user-pass-pkutl
+    Pwd File Mount Location:  /mnt/.dbsecrets
+    Pwd File Name:            pwdfile.enc
+  Enable Ons:                 enable
+  Image:                      localhost/oracle/database-orestart:19.3.0-slim
+  Image Pull Policy:          IfNotPresent
+  Inst Details:
+    Env Vars:
+      Name:                     IGNORE_CRS_PREREQS
+      Value:                    true
+      Name:                     IGNORE_DB_PREREQS
+      Value:                    true
+    Name:                       dbmc1
+    Sw Loc Storage Size In Gb:  300
+    Worker Node:
+      10.0.10.58
+  Lb Service:
+  Node Port Svc:
+    Name:  dbmc1-service-nodeport
+    Port Mappings:
+      Node Port:          30007
+      Port:               1521
+      Protocol:           TCP
+      Target Port:        1521
+      Node Port:          30200
+      Port:               6200
+      Protocol:           TCP
+      Target Port:        6200
+    Svc Type:             nodeport
+  Reco Dg Storage Class:  oci-bv
+  Redo Dg Storage Class:  oci-bv
+  Resources:
+    Limits:
+      Cpu:     2
+      Memory:  16Gi
+    Requests:
+      Cpu:     2
+      Memory:  16Gi
+  Security Context:
+    Sysctls:
+      Name:   kernel.shmall
+      Value:  2097152
+      Name:   kernel.sem
+      Value:  250 32000 100 128
+      Name:   kernel.shmmax
+      Value:  8589934592
+      Name:   kernel.shmmni
+      Value:  4096
+  Service Details:
+    Name:  soepdb
+  Ssh Key Secret:
+    Key Mount Location:    /mnt/.ssh
+    Name:                  ssh-key-secret
+    Priv Key Secret Name:  ssh-privkey
+    Pub Key Secret Name:   ssh-pubkey
+  Sw Dg Storage Class:     oci-bv
+Status:
+  Oracle Restart Nodes:
+    Name:  dbmc1-0
+    Node Details:
+      Instance State:  OPEN
+      Pod State:       AVAILABLE
+      Cluster State:   HEALTHY
+      Mounted Devices:
+        /dev/asm-disk1
+        /dev/asm-disk2
+        /dev/asm-disk3
+        /dev/asm-disk4
+        /dev/asm-disk5
+        /dev/asm-disk6
+        /dev/asm-disk7
+        /dev/asm-disk8
+        /dev/asm-disk9
+        /dev/asm-disk10
+      State:  AVAILABLE
+  Asm Details:
+    Diskgroup:
+      Disks:
+        /dev/asm-disk1,/dev/asm-disk10,/dev/asm-disk2,/dev/asm-disk3,/dev/asm-disk4,/dev/asm-disk5,/dev/asm-disk6,/dev/asm-disk7,/dev/asm-disk8,/dev/asm-disk9
+      Name:        CRSDATA
+      Redundancy:  EXTERN
+      Disks:
+        /dev/asm-disk1,/dev/asm-disk10,/dev/asm-disk2,/dev/asm-disk3,/dev/asm-disk4,/dev/asm-disk5,/dev/asm-disk6,/dev/asm-disk7,/dev/asm-disk8,/dev/asm-disk9
+      Name:        REDO
+      Redundancy:  EXTERN
+      Disks:
+        /dev/asm-disk1,/dev/asm-disk10,/dev/asm-disk2,/dev/asm-disk3,/dev/asm-disk4,/dev/asm-disk5,/dev/asm-disk6,/dev/asm-disk7,/dev/asm-disk8,/dev/asm-disk9
+      Name:        RECO
+      Redundancy:  EXTERN
+      Disks:
+        /dev/asm-disk1,/dev/asm-disk10,/dev/asm-disk2,/dev/asm-disk3,/dev/asm-disk4,/dev/asm-disk5,/dev/asm-disk6,/dev/asm-disk7,/dev/asm-disk8,/dev/asm-disk9
+      Name:        DBDATA
+      Redundancy:  NORMAL
+  Conditions:
+    Last Transition Time:  2025-10-09T04:11:38Z
+    Message:               reconcile has been queued
+    Observed Generation:   1
+    Reason:                LastReconcileCycleQueued
+    Status:                True
+    Type:                  ReconcileQueued
+    Last Transition Time:  2025-10-09T04:20:34Z
+    Message:               reconcile completed successfully
+    Observed Generation:   1
+    Reason:                LastReconcileCycleCompleted
+    Status:                True
+    Type:                  ReconcileComplete
+  Config Params:
+    Crs Asm Device List:         /dev/asm-disk1,/dev/asm-disk2
+    Crs Asm Disk Dg:             +CRSDATA
+    Crs Asm Disk Dg Redundancy:  EXTERNAL
+    Db Asm Device List:          /dev/asm-disk3,/dev/asm-disk4,/dev/asm-disk5,/dev/asm-disk6
+    Db Asm Disk Dg Redundancy:   NORMAL
+    Db Base:                     /u01/app/oracle
+    Db Data File Dest Dg:        +DBDATA
+    Db Home:                     /u01/app/oracle/product/19c/dbhome_1
+    Db Name:                     PORCLCDB
+    Db Recovery File Dest:       +RECO
+    Db Response File:
+    Grid Base:  /u01/app/grid
+    Grid Home:  /u01/app/19c/grid
+    Grid Response File:
+    Inventory:             /u01/app/oraInventory
+    Reco Asm Device List:  /dev/asm-disk7,/dev/asm-disk8
+  Connect String:          dbmc1-0:1521/PORCLCDB
+  Db Secret:
+    Key File Mount Location:  /mnt/.dbsecrets
+    Key File Name:            key.pem
+    Name:                     db-user-pass-pkutl
+    Pwd File Mount Location:  /mnt/.dbsecrets
+    Pwd File Name:            pwdfile.enc
+  Db State:                   OPEN
+  External Connect String:    129.146.0.149:30007/soepdb
+  Pdb Connect String:         dbmc1-0:1521/ORCLPDB
+  Release Update:             19.28.0.0.0
+  Role:                       PRIMARY
+  Service Details:
+    Name:       soepdb
+    Svc State:  service soepdb is running
+  State:        AVAILABLE
+Events:         <none>
+
+
+
+
+
+[grid@dbmc1-0 ~]$ ls -rlt /dev/asm-disk*
+brw-rw----. 1 grid asmadmin 65,  80 Oct  9 04:04 /dev/asm-disk2
+brw-rw----. 1 grid asmadmin  8, 224 Oct  9 04:06 /dev/asm-disk8
+brw-rw----. 1 grid asmadmin 65,   0 Oct  9 04:18 /dev/asm-disk6
+brw-rw----. 1 grid asmadmin 65,  64 Oct  9 04:21 /dev/asm-disk1
+brw-rw----. 1 grid asmadmin 65,  32 Oct  9 04:21 /dev/asm-disk9
+brw-rw----. 1 grid asmadmin  8, 208 Oct  9 04:21 /dev/asm-disk7
+brw-rw----. 1 grid asmadmin  8, 240 Oct  9 04:21 /dev/asm-disk5
+brw-rw----. 1 grid asmadmin 65,  96 Oct  9 04:21 /dev/asm-disk4
+brw-rw----. 1 grid asmadmin 65,  48 Oct  9 04:21 /dev/asm-disk3
+brw-rw----. 1 grid asmadmin  8, 192 Oct  9 04:21 /dev/asm-disk10
+[grid@dbmc1-0 ~]$
+[grid@dbmc1-0 ~]$
+[grid@dbmc1-0 ~]$ export ORACLE_SID=+ASM
+[grid@dbmc1-0 ~]$ asmcmd lsdg
+State    Type    Rebal  Sector  Logical_Sector  Block       AU  Total_MB  Free_MB  Req_mir_free_MB  Usable_file_MB  Offline_disks  Voting_files  Name
+MOUNTED  EXTERN  N         512             512   4096  4194304    102400   102284                0          102284              0             N  CRSDATA/
+MOUNTED  NORMAL  N         512             512   4096  1048576    409600   403401           102400          150500              0             N  DBDATA/
+MOUNTED  EXTERN  N         512             512   4096  1048576    204800   204733                0          204733              0             N  RECO/
+MOUNTED  EXTERN  N         512             512   4096  1048576    102400    99230                0           99230              0             N  REDO/
+[grid@dbmc1-0 ~]$
+[grid@dbmc1-0 ~]$ asmcmd lsdsk
+Path
+/dev/asm-disk1
+/dev/asm-disk10
+/dev/asm-disk2
+/dev/asm-disk3
+/dev/asm-disk4
+/dev/asm-disk5
+/dev/asm-disk6
+/dev/asm-disk7
+/dev/asm-disk8
+/dev/asm-disk9
+[grid@dbmc1-0 ~]$
+[grid@dbmc1-0 ~]$
+[grid@dbmc1-0 ~]$ sqlplus "/ as sysdba"
+
+SQL*Plus: Release 19.0.0.0.0 - Production on Thu Oct 9 04:22:20 2025
+Version 19.28.0.0.0
+
+Copyright (c) 1982, 2025, Oracle.  All rights reserved.
+
+
+Connected to:
+Oracle Database 19c Enterprise Edition Release 19.0.0.0.0 - Production
+Version 19.28.0.0.0
+
+SQL> set lines 200
+SQL> col DISKGROUP_NAME format a20
+SQL> col PATH format a50
+SQL> SELECT
+    dg.NAME AS DISKGROUP_NAME,
+    d.PATH,
+    d.MOUNT_STATUS,
+    d.HEADER_STATUS,
+    d.STATE,
+    d.TOTAL_MB,
+    d.FREE_MB
+FROM
+    V$ASM_DISK d
+JOIN
+    V$ASM_DISKGROUP dg ON d.GROUP_NUMBER = dg.GROUP_NUMBER
+ORDER BY
+    dg.NAME, d.DISK_NUMBER;  2    3    4    5    6    7    8    9   10   11   12   13   14
+
+DISKGROUP_NAME	     PATH						MOUNT_S HEADER_STATU STATE	TOTAL_MB    FREE_MB
+-------------------- -------------------------------------------------- ------- ------------ -------- ---------- ----------
+CRSDATA 	     /dev/asm-disk1					CACHED	MEMBER	     NORMAL	   51200      51144
+CRSDATA 	     /dev/asm-disk2					CACHED	MEMBER	     NORMAL	   51200      51140
+DBDATA		     /dev/asm-disk3					CACHED	MEMBER	     NORMAL	  102400     100846
+DBDATA		     /dev/asm-disk4					CACHED	MEMBER	     NORMAL	  102400     100851
+DBDATA		     /dev/asm-disk5					CACHED	MEMBER	     NORMAL	  102400     100851
+DBDATA		     /dev/asm-disk6					CACHED	MEMBER	     NORMAL	  102400     100853
+RECO		     /dev/asm-disk7					CACHED	MEMBER	     NORMAL	  102400     102366
+RECO		     /dev/asm-disk8					CACHED	MEMBER	     NORMAL	  102400     102367
+REDO		     /dev/asm-disk9					CACHED	MEMBER	     NORMAL	   51200      49613
+REDO		     /dev/asm-disk10					CACHED	MEMBER	     NORMAL	   51200      49617
+
+10 rows selected.
+
+SQL>
+
+
+
+
+
+[oracle@dbmc1-0 ~]$ export ORACLE_SID=PORCLCDB
+[oracle@dbmc1-0 ~]$ sqlplus "/ as sysdba"
+
+SQL*Plus: Release 19.0.0.0.0 - Production on Thu Oct 9 04:23:14 2025
+Version 19.28.0.0.0
+
+Copyright (c) 1982, 2025, Oracle.  All rights reserved.
+
+
+Connected to:
+Oracle Database 19c Enterprise Edition Release 19.0.0.0.0 - Production
+Version 19.28.0.0.0
+
+SQL>
+SQL> show pdbs
+
+    CON_ID CON_NAME			  OPEN MODE  RESTRICTED
+---------- ------------------------------ ---------- ----------
+	 2 PDB$SEED			  READ ONLY  NO
+	 3 TESTPDB			  READ WRITE NO
+SQL>
+SQL>
+SQL> show parameter DB_CREATE_ONLINE_LOG_DEST_1
+
+NAME				     TYPE	 VALUE
+------------------------------------ ----------- ------------------------------
+db_create_online_log_dest_1	     string	 +REDO
+SQL>
+SQL>
+SQL> show parameter db_create_file_dest
+
+NAME				     TYPE	 VALUE
+------------------------------------ ----------- ------------------------------
+db_create_file_dest		     string	 +DBDATA
+SQL>
+SQL> show parameter db_recovery_file_dest
+
+NAME				     TYPE	 VALUE
+------------------------------------ ----------- ------------------------------
+db_recovery_file_dest		     string	 +RECO
+db_recovery_file_dest_size	     big integer 20058M
diff --git a/docs/oraclerestart/provisioning/oraclerestart_prov_multiple_diskgroups_with_redundancy_with_separate_storage_class.yaml b/docs/oraclerestart/provisioning/oraclerestart_prov_multiple_diskgroups_with_redundancy_with_separate_storage_class.yaml
new file mode 100644
index 00000000..175604bf
--- /dev/null
+++ b/docs/oraclerestart/provisioning/oraclerestart_prov_multiple_diskgroups_with_redundancy_with_separate_storage_class.yaml
@@ -0,0 +1,154 @@
+# API version of the OracleRestart Custom Resource
+apiVersion: database.oracle.com/v4
+
+# Resource type being created
+kind: OracleRestart
+
+# Metadata section to define the resource's name and namespace
+metadata:
+  name: oraclerestart-sample          # Name of the OracleRestart instance
+  namespace: orestart                 # Kubernetes namespace to deploy into
+
+spec:
+  # Instance details for Oracle Restart
+  instDetails:
+    name: dbmc1                       # Logical name of the OracleRestart instance
+
+    # Worker nodes where the instance should be scheduled
+    workerNode:
+      - 10.0.10.58                   # IP address of the target node for deployment
+
+    # Size of the storage location for software. This parameter will be effective when the local SW location is NOT specified by hostSwLocation
+    swLocStorageSizeInGb: 300
+
+    # Environment variables in case you want to want to ignore prerequisite checks during the GI/RDBSMS Install
+    envVars:
+      - name: IGNORE_CRS_PREREQS     # If set to true, it will use flags -ignorePreReq and -ignorePrereqFailure during the CRS Installation. Do not set this parameter in the .yaml file if you do not want to use the parameters -ignorePreReq and -ignorePrereqFailure during the CRS Installation.
+        value: "true"
+      - name: IGNORE_DB_PREREQS      # If set to true, it will use flags -ignorePrereq and -ignorePrereqFailure during the DB Software Installation. Do not set this parameter in the .yaml file if you do not want to use the parameters -ignorePreReq and -ignorePrereqFailure during the DB Software Installation.
+        value: "true"
+
+  # NodePort service configuration for exposing DB port externally
+  nodePortSvc:
+    name: dbmc1-service-nodeport  # Name of the Kubernetes Service
+    svcType: nodeport             # Service type (NodePort to expose externally)
+
+    # Mapping between container and host ports
+    portMappings:
+      - port: 1521                    # Port inside container (Oracle Listener port)
+        targetPort: 1521              # Target port for the service
+        protocol: TCP                 # Protocol type (TCP for Oracle)
+        nodePort: 30007               # Host port exposed on worker node (must be in NodePort range)
+      - port: 6200                    # Port inside container (for ONS)
+        targetPort: 6200              # Target port for the service
+        protocol: TCP                 # Protocol type (TCP for Oracle)
+        nodePort: 30200               # Host port exposed on worker node (must be in NodePort range)        
+  enableOns: "enable"                 # If you want to have ONS notification configured on the specified port. Default value is "enable"    
+
+  # Custom Storage class to be used for dynamic provisioning (if applicable)
+  # You have separate parameters to specify the storage class for all the diskgroups (CRS, DATA, RECO, REDO)
+  # You have a parameter to specify the storage class for the software location for the GI and RDBMS HOME
+  crsDgStorageClass: "oci-bv"         # Specify storage class for the CRS Diskgroup, Currently using "oci-bv" but you can specify another available storage class as well
+  dataDgStorageClass: "oci-bv"        # Specify storage class for the DATA Diskgroup, Currently using "oci-bv" but you can specify another available storage class as well
+  recoDgStorageClass: "oci-bv"        # Specify storage class for the RECO Diskgroup, Currently using "oci-bv" but you can specify another available storage class as well
+  redoDgStorageClass: "oci-bv"        # Specify storage class for the REDO Diskgroup, Currently using "oci-bv" but you can specify another available storage class as well
+  swDgStorageClass: "oci-bv"          # Specify storage class for the storage location for software, Currently using "oci-bv" but you can specify another available storage class as well
+
+  # ASM (Automatic Storage Management) storage configuration
+  asmStorageDetails:
+    disksBySize:
+      - storageSizeInGb: 50           # Each disk in this group has 50Gi of storage, will be used for CRSDATA Diskgroup
+        diskNames:
+          - /dev/asm-disk1  # ASM disk device path 1
+          - /dev/asm-disk2  # ASM disk device path 2
+      - storageSizeInGb: 100          # Each disk in this group has 100Gi of storage, will be used for DATA Diskgroup
+        diskNames:
+          - /dev/asm-disk3  # ASM disk device path 3
+          - /dev/asm-disk4  # ASM disk device path 4
+          - /dev/asm-disk5  # ASM disk device path 5
+          - /dev/asm-disk6  # ASM disk device path 6
+      - storageSizeInGb: 100          # Each disk in this group has 100Gi of storage, will be used for RECO Diskgroup
+        diskNames:
+          - /dev/asm-disk7  # ASM disk device path 7
+          - /dev/asm-disk8  # ASM disk device path 8
+      - storageSizeInGb: 50           # Each disk in this group has 50Gi of storage, will be used for REDO Diskgroup
+        diskNames:
+          - /dev/asm-disk9  # ASM disk device path 9
+          - /dev/asm-disk10  # ASM disk device path 10
+
+  # SSH key secret used for remote access and automation
+  sshKeySecret:
+    name: ssh-key-secret          # Kubernetes secret name
+    privKeySecretName: ssh-privkey  # Private key inside secret
+    pubKeySecretName: ssh-pubkey    # Public key inside secret
+
+  # Secret containing DB user credentials
+  dbSecret:
+    name: db-user-pass-pkutl     # Secret name
+    keyFileName: key.pem         # Key file name inside secret
+    pwdFileName: pwdfile.enc     # Password file name inside secret
+
+  # Image for Oracle Restart container
+  image: dbocir/oracle/database-orestart:19.3.0-slim  # <-- Replace with your image registry
+
+  # Policy to pull image
+  # Use the value as "Always" if you want use the latest version of the image from the container registry.
+  # Use the value as "IfNotPresent" it the image is not already present locally.
+  imagePullPolicy: IfNotPresent
+
+  # Optional service account for security context permissions
+  # serviceAccountName: oraclerestart   # <-- Required for OpenShift; optional for vanilla Kubernetes
+
+  # Service-specific database name and related details
+  serviceDetails:
+    name: soepdb                     # Name of the Oracle service (pluggable DB)
+
+  # Resource requests and limits for memory and CPU
+  resources:
+    requests:
+      memory: "16Gi"                 # Minimum memory required
+      cpu: "2"                       # Minimum CPU required
+    limits:
+      memory: "16Gi"                 # Max memory allowed
+      cpu: "2"                       # Max CPU allowed
+
+  # Kernel-level system control parameters for Oracle
+  securityContext:
+    sysctls:
+      - name: kernel.shmall
+        value: "2097152"
+      - name: kernel.sem
+        value: "250 32000 100 128"
+      - name: kernel.shmmax
+        value: "8589934592"
+      - name: kernel.shmmni
+        value: "4096"
+
+  # Configuration parameters for Oracle Grid and Database homes
+  configParams:
+    gridHome: "/u01/app/19c/grid"                             # Oracle Grid home path
+    gridBase: "/u01/app/grid"                                 # Grid base directory
+    dbHome: "/u01/app/oracle/product/19c/dbhome_1"            # Oracle DB home path
+    dbBase: "/u01/app/oracle"                                 # Oracle base directory
+    crsAsmDiskDg: "+CRSDATA"                                  # Name of the Diskgroup for Voting Disks
+    dbDataFileDestDg: "+DBDATA"                               # Name of the Diskgroup for Database Files
+    dbRecoveryFileDest: "+RECO"                               # Name of the Diskgroup for Recovery Files
+    redoAsmDiskDg: "+REDO"                                    # Name of the Diskgroup for Redo Files    
+    crsAsmDeviceList: /dev/asm-disk1,/dev/asm-disk2           # Comma-separated list of ASM device files for CRS Diskgroup CRSDATA
+    dbAsmDeviceList: /dev/asm-disk3,/dev/asm-disk4,/dev/asm-disk5,/dev/asm-disk6          # Comma-separated list of ASM device files for DBDATA Diskgroup for database files
+    recoAsmDeviceList: /dev/asm-disk7,/dev/asm-disk8          # Comma-separated list of ASM device files for RECO Diskgroup for Recovery Area files
+    redoAsmDeviceList: /dev/asm-disk9,/dev/asm-disk10         # Comma-separated list of ASM device files for REDO Diskgroup for Redo files
+    crsAsmDiskDgRedundancy: "EXTERNAL"                        # Specify the Redudancy for the diskgroup with CRS Files
+    dbAsmDiskDgRedundancy: "NORMAL"                           # Specify the Redudancy for the diskgroup with Database Files
+    recoAsmDiskDgRedundancy: "EXTERNAL"                       # Specify the Redudancy for the diskgroup with Recovery Files
+    redoAsmDiskDgRedundancy: "EXTERNAL"                       # Specify the Redudancy for the diskgroup with Redo Files
+    inventory: "/u01/app/oraInventory"                        # Inventory location
+    gridSwZipFile: "grid_home.zip"                            # Grid infrastructure software ZIP
+    dbSwZipFile: "db_home.zip"                                # Database software ZIP
+    sgaSize: "3G"                                             # Size of the System Global Area
+    pgaSize: "1G"                                             # Size of the Program Global Area
+    processes: 2000                                           # Oracle process limit
+    cpuCount: 4                                               # Number of CPUs to allocate
+    dbName: "PORCLCDB"                                        # Oracle database name
+    pdbName: "TESTPDB"                                        # PDB name, in case you want to explicitly specify the PDB Name    
+    hostSwStageLocation: /scratch/software/stage              # Host location where Oracle software ZIPs are staged, same location will be mounted inside the Oracle Restart Pod
diff --git a/docs/oraclerestart/provisioning/oraclerestart_prov_nodeports.yaml b/docs/oraclerestart/provisioning/oraclerestart_prov_nodeports.yaml
new file mode 100644
index 00000000..02aa274c
--- /dev/null
+++ b/docs/oraclerestart/provisioning/oraclerestart_prov_nodeports.yaml
@@ -0,0 +1,117 @@
+# API version of the OracleRestart Custom Resource
+apiVersion: database.oracle.com/v4
+
+# Resource type being created
+kind: OracleRestart
+
+# Metadata section to define the resource's name and namespace
+metadata:
+  name: oraclerestart-sample          # Name of the OracleRestart instance
+  namespace: orestart                 # Kubernetes namespace to deploy into
+
+spec:
+  # Instance details for Oracle Restart
+  instDetails:
+    name: dbmc1                       # Logical name of the OracleRestart instance
+    hostSwLocation: /scratch/orestart/  # Host directory for Oracle GI HOME and Oracle RDBMS HOME
+
+    # Worker nodes where the instance should be scheduled
+    workerNode:
+      - 10.0.10.58                   # IP address of the target node for deployment
+
+    # Environment variables in case you want to want to ignore prerequisite checks during the GI/RDBSMS Install
+    envVars:
+      - name: IGNORE_CRS_PREREQS     # If set to true, it will use flags -ignorePreReq and -ignorePrereqFailure during the CRS Installation. Do not set this parameter in the .yaml file if you do not want to use the parameters -ignorePreReq and -ignorePrereqFailure during the CRS Installation.
+        value: "true"
+      - name: IGNORE_DB_PREREQS      # If set to true, it will use flags -ignorePrereq and -ignorePrereqFailure during the DB Software Installation. Do not set this parameter in the .yaml file if you do not want to use the parameters -ignorePreReq and -ignorePrereqFailure during the DB Software Installation.
+        value: "true"
+
+  # NodePort service configuration for exposing DB port externally
+  nodePortSvc:
+    name: dbmc1-service-nodeport  # Name of the Kubernetes Service
+    svcType: nodeport             # Service type (NodePort to expose externally)
+
+    # Mapping between container and host ports
+    portMappings:
+      - port: 1521                    # Port inside container (Oracle Listener port)
+        targetPort: 1521              # Target port for the service
+        protocol: TCP                 # Protocol type (TCP for Oracle)
+        nodePort: 30007               # Host port exposed on worker node (must be in NodePort range)
+      - port: 6200                    # Port inside container (for ONS)
+        targetPort: 6200              # Target port for the service
+        protocol: TCP                 # Protocol type (TCP for Oracle)
+        nodePort: 30200               # Host port exposed on worker node (must be in NodePort range)        
+  enableOns: "enable"                 # If you want to have ONS notification configured on the specified port. Default value is "enable"        
+
+  # ASM (Automatic Storage Management) storage configuration
+  asmStorageDetails:
+    disksBySize:
+      - storageSizeInGb: 50          # Each disk in this group has 50Gi of storage
+        diskNames:
+          - /dev/disk/by-partlabel/asm-disk1  # ASM disk device path 1
+          - /dev/disk/by-partlabel/asm-disk2  # ASM disk device path 2
+
+  # SSH key secret used for remote access and automation
+  sshKeySecret:
+    name: ssh-key-secret          # Kubernetes secret name
+    privKeySecretName: ssh-privkey  # Private key inside secret
+    pubKeySecretName: ssh-pubkey    # Public key inside secret
+
+  # Secret containing DB user credentials
+  dbSecret:
+    name: db-user-pass-pkutl     # Secret name
+    keyFileName: key.pem         # Key file name inside secret
+    pwdFileName: pwdfile.enc     # Password file name inside secret
+
+  # Image for Oracle Restart container
+  image: dbocir/oracle/database-orestart:19.3.0-slim  # <-- Replace with your image registry
+
+  # Policy to pull image
+  # Use the value as "Always" if you want use the latest version of the image from the container registry.
+  # Use the value as "IfNotPresent" it the image is not already present locally.
+  imagePullPolicy: IfNotPresent
+
+  # Optional service account for security context permissions
+  # serviceAccountName: oraclerestart   # <-- Required for OpenShift; optional for vanilla Kubernetes
+
+  # Service-specific database name and related details
+  serviceDetails:
+    name: soepdb                     # Name of the Oracle service (pluggable DB)
+
+  # Resource requests and limits for memory and CPU
+  resources:
+    requests:
+      memory: "16Gi"                 # Minimum memory required
+      cpu: "2"                       # Minimum CPU required
+    limits:
+      memory: "16Gi"                 # Max memory allowed
+      cpu: "2"                       # Max CPU allowed
+
+  # Kernel-level system control parameters for Oracle
+  securityContext:
+    sysctls:
+      - name: kernel.shmall
+        value: "2097152"
+      - name: kernel.sem
+        value: "250 32000 100 128"
+      - name: kernel.shmmax
+        value: "8589934592"
+      - name: kernel.shmmni
+        value: "4096"
+
+  # Configuration parameters for Oracle Grid and Database homes
+  configParams:
+    gridHome: "/u01/app/19c/grid"                             # Oracle Grid home path
+    gridBase: "/u01/app/grid"                                 # Grid base directory
+    dbHome: "/u01/app/oracle/product/19c/dbhome_1"            # Oracle DB home path
+    dbBase: "/u01/app/oracle"                                 # Oracle base directory
+    crsAsmDeviceList: /dev/disk/by-partlabel/asm-disk1,/dev/disk/by-partlabel/asm-disk2   # Comma-separated list of ASM device files
+    inventory: "/u01/app/oraInventory"                        # Inventory location
+    gridSwZipFile: "grid_home.zip"                            # Grid infrastructure software ZIP
+    dbSwZipFile: "db_home.zip"                                # Database software ZIP
+    sgaSize: "3G"                                             # Size of the System Global Area
+    pgaSize: "1G"                                             # Size of the Program Global Area
+    processes: 2000                                           # Oracle process limit
+    cpuCount: 4                                               # Number of CPUs to allocate
+    dbName: "PORCLCDB"                                        # Oracle database name
+    hostSwStageLocation: /scratch/software/stage              # Host location where Oracle software ZIPs are staged, same location will be mounted inside the Oracle Restart Pod
diff --git a/docs/oraclerestart/provisioning/oraclerestart_prov_nodeports_mcpu_change.txt b/docs/oraclerestart/provisioning/oraclerestart_prov_nodeports_mcpu_change.txt
new file mode 100644
index 00000000..ebb7218e
--- /dev/null
+++ b/docs/oraclerestart/provisioning/oraclerestart_prov_nodeports_mcpu_change.txt
@@ -0,0 +1,389 @@
+$ kubectl apply -f oraclerestart_prov_nodeports.yaml
+
+-- Before the memory and cpu change:
+$ kubectl describe oraclerestarts.database.oracle.com/oraclerestart-sample -n orestart
+Name:         oraclerestart-sample
+Namespace:    orestart
+Labels:       <none>
+Annotations:  OracleRestarts.database.oracle.com/old-spec:
+                {"instDetails":{"name":"dbmc1","hostSwLocation":"/scratch/orestart/","workerNode":["10.0.10.58"],"envVars":[{"name":"IGNORE_CRS_PREREQS","...
+API Version:  database.oracle.com/v4
+Kind:         OracleRestart
+Metadata:
+  Creation Timestamp:  2025-09-10T15:45:13Z
+  Finalizers:
+    database.oracle.com/oraclerestartfinalizer
+  Generation:        1
+  Resource Version:  234001859
+  UID:               4b261940-9e2e-4ee0-8c21-75a57eb1b0ed
+Spec:
+  Asm Storage Details:
+    Disks By Size:
+      Disk Names:
+        /dev/disk/by-partlabel/asm-disk1
+        /dev/disk/by-partlabel/asm-disk2
+      Storage Size In Gb:  50
+  Config Params:
+    Cpu Count:                   4
+    Crs Asm Device List:         /dev/disk/by-partlabel/asm-disk1,/dev/disk/by-partlabel/asm-disk2
+    Crs Asm Disk Dg:             +DATA
+    Crs Asm Disk Dg Redundancy:  external
+    Db Base:                     /u01/app/oracle
+    Db Char Set:                 AL32UTF8
+    Db Data File Dest Dg:        +DATA
+    Db Home:                     /u01/app/oracle/product/19c/dbhome_1
+    Db Name:                     PORCLCDB
+    Db Recovery File Dest:       +DATA
+    Db Response File:
+    Db Sw Zip File:  db_home.zip
+    Grid Base:       /u01/app/grid
+    Grid Home:       /u01/app/19c/grid
+    Grid Response File:
+    Grid Sw Zip File:        grid_home.zip
+    Host Sw Stage Location:  /scratch/software/stage
+    Inventory:               /u01/app/oraInventory
+    Pga Size:                1G
+    Processes:               2000
+    Sga Size:                3G
+    Sw Mount Location:       /u01
+  Db Secret:
+    Key File Mount Location:  /mnt/.dbsecrets
+    Key File Name:            key.pem
+    Name:                     db-user-pass-pkutl
+    Pwd File Mount Location:  /mnt/.dbsecrets
+    Pwd File Name:            pwdfile.enc
+  Enable Ons:                 enable
+  Image:                      localhost/oracle/database-orestart:19.3.0-slim
+  Image Pull Policy:          IfNotPresent
+  Inst Details:
+    Env Vars:
+      Name:            IGNORE_CRS_PREREQS
+      Value:           true
+      Name:            IGNORE_DB_PREREQS
+      Value:           true
+    Host Sw Location:  /scratch/orestart/
+    Name:              dbmc1
+    Worker Node:
+      10.0.10.58
+  Lb Service:
+  Node Port Svc:
+    Name:  dbmc1-service-nodeport
+    Port Mappings:
+      Node Port:    30007
+      Port:         1521
+      Protocol:     TCP
+      Target Port:  1521
+      Node Port:    30200
+      Port:         6200
+      Protocol:     TCP
+      Target Port:  6200
+    Svc Type:       nodeport
+  Resources:
+    Limits:
+      Cpu:     2
+      Memory:  16Gi
+    Requests:
+      Cpu:     2
+      Memory:  16Gi
+  Security Context:
+    Sysctls:
+      Name:   kernel.shmall
+      Value:  2097152
+      Name:   kernel.sem
+      Value:  250 32000 100 128
+      Name:   kernel.shmmax
+      Value:  8589934592
+      Name:   kernel.shmmni
+      Value:  4096
+  Service Details:
+    Name:  soepdb
+  Ssh Key Secret:
+    Key Mount Location:    /mnt/.ssh
+    Name:                  ssh-key-secret
+    Priv Key Secret Name:  ssh-privkey
+    Pub Key Secret Name:   ssh-pubkey
+Status:
+  Oracle Restart Nodes:
+    Name:  dbmc1-0
+    Node Details:
+      Instance State:  OPEN
+      Pod State:       AVAILABLE
+      Cluster State:   HEALTHY
+      Mounted Devices:
+        /dev/disk/by-partlabel/asm-disk1
+        /dev/disk/by-partlabel/asm-disk2
+      State:  AVAILABLE
+  Asm Details:
+    Diskgroup:
+      Disks:
+        /dev/disk/by-partlabel/asm-disk1,/dev/disk/by-partlabel/asm-disk2
+      Name:        DATA
+      Redundancy:  EXTERN
+  Conditions:
+    Last Transition Time:  2025-09-10T15:57:27Z
+    Message:               reconcile has been queued
+    Observed Generation:   1
+    Reason:                LastReconcileCycleQueued
+    Status:                True
+    Type:                  ReconcileQueued
+    Last Transition Time:  2025-09-10T20:38:23Z
+    Message:               reconcile completed successfully
+    Observed Generation:   1
+    Reason:                LastReconcileCycleCompleted
+    Status:                True
+    Type:                  ReconcileComplete
+  Config Params:
+    Crs Asm Device List:         /dev/disk/by-partlabel/asm-disk1,/dev/disk/by-partlabel/asm-disk2
+    Crs Asm Disk Dg:             +DATA
+    Crs Asm Disk Dg Redundancy:  external
+    Db Base:                     /u01/app/oracle
+    Db Data File Dest Dg:        +DATA
+    Db Home:                     /u01/app/oracle/product/19c/dbhome_1
+    Db Name:                     PORCLCDB
+    Db Recovery File Dest:       +DATA
+    Db Response File:
+    Grid Base:  /u01/app/grid
+    Grid Home:  /u01/app/19c/grid
+    Grid Response File:
+    Inventory:     /u01/app/oraInventory
+  Connect String:  dbmc1-0:1521/PORCLCDB
+  Db Secret:
+    Key File Mount Location:  /mnt/.dbsecrets
+    Key File Name:            key.pem
+    Name:                     db-user-pass-pkutl
+    Pwd File Mount Location:  /mnt/.dbsecrets
+    Pwd File Name:            pwdfile.enc
+  Db State:                   OPEN
+  External Connect String:    Pending
+  Pdb Connect String:         dbmc1-0:1521/ORCLPDB
+  Release Update:             19.28.0.0.0
+  Role:                       PRIMARY
+  Service Details:
+    Name:       soepdb
+    Svc State:  service soepdb is running
+  State:        AVAILABLE
+Events:         <none>
+
+
+[root@dbmc1-0 rac-work-dir]# cd /sys/fs/cgroup/memory
+[root@dbmc1-0 memory]#  cat memory.limit_in_bytes
+17179869184
+[root@dbmc1-0 memory]#
+[root@dbmc1-0 memory]# cd /sys/fs/cgroup/cpu/
+[root@dbmc1-0 cpu]# cat cpu.cfs_quota_us
+200000
+[root@dbmc1-0 cpu]#
+
+
+
+
+
+-- Attempt the memory and cpu change:
+$ kubectl apply -f oraclerestart_prov_nodeports_mcpu_change.yaml
+
+-- After the memory and cpu change:
+-- The Oracle Restart Database Pod will be recreated:
+
+$ kubectl get all -n orestart
+NAME          READY   STATUS    RESTARTS   AGE   IP             NODE         NOMINATED NODE   READINESS GATES
+pod/dbmc1-0   0/1     Running   0          13s   10.244.0.124   10.0.10.58   <none>           <none>
+
+NAME                                     TYPE        CLUSTER-IP      EXTERNAL-IP   PORT(S)                         AGE    SELECTOR
+service/dbmc1-0-local                    ClusterIP   None            <none>        <none>                          5h3m   statefulset.kubernetes.io/pod-name=dbmc1-0
+service/dbmc1-service-nodeport-0-npsvc   NodePort    10.96.249.147   <none>        1521:30007/TCP,6200:30200/TCP   5h3m   statefulset.kubernetes.io/pod-name=dbmc1-0
+
+NAME                     READY   AGE    CONTAINERS   IMAGES
+statefulset.apps/dbmc1   0/1     5h3m   dbmc1        localhost/oracle/database-orestart:19.3.0-slim
+
+
+
+-- After some time:
+$ kubectl get all -n orestart
+NAME          READY   STATUS    RESTARTS   AGE   IP             NODE         NOMINATED NODE   READINESS GATES
+pod/dbmc1-0   1/1     Running   0           3m   10.244.0.124   10.0.10.58   <none>           <none>
+
+NAME                                     TYPE        CLUSTER-IP      EXTERNAL-IP   PORT(S)                         AGE     SELECTOR
+service/dbmc1-0-local                    ClusterIP   None            <none>        <none>                          5h17m   statefulset.kubernetes.io/pod-name=dbmc1-0
+service/dbmc1-service-nodeport-0-npsvc   NodePort    10.96.249.147   <none>        1521:30007/TCP,6200:30200/TCP   5h17m   statefulset.kubernetes.io/pod-name=dbmc1-0
+
+NAME                     READY   AGE     CONTAINERS   IMAGES
+statefulset.apps/dbmc1   1/1     5h17m   dbmc1        localhost/oracle/database-orestart:19.3.0-slim
+
+
+
+-- Memory and CPU changes will be reflected as below:
+
+$ kubectl describe oraclerestarts.database.oracle.com/oraclerestart-sample -n orestart
+Name:         oraclerestart-sample
+Namespace:    orestart
+Labels:       <none>
+Annotations:  OracleRestarts.database.oracle.com/old-spec:
+                {"instDetails":{"name":"dbmc1","hostSwLocation":"/scratch/orestart/","workerNode":["10.0.10.58"],"envVars":[{"name":"IGNORE_CRS_PREREQS","...
+API Version:  database.oracle.com/v4
+Kind:         OracleRestart
+Metadata:
+  Creation Timestamp:  2025-09-10T15:45:13Z
+  Finalizers:
+    database.oracle.com/oraclerestartfinalizer
+  Generation:        2
+  Resource Version:  234009515
+  UID:               4b261940-9e2e-4ee0-8c21-75a57eb1b0ed
+Spec:
+  Asm Storage Details:
+    Disks By Size:
+      Disk Names:
+        /dev/disk/by-partlabel/asm-disk1
+        /dev/disk/by-partlabel/asm-disk2
+      Storage Size In Gb:  50
+  Config Params:
+    Cpu Count:                   4
+    Crs Asm Device List:         /dev/disk/by-partlabel/asm-disk1,/dev/disk/by-partlabel/asm-disk2
+    Crs Asm Disk Dg:             +DATA
+    Crs Asm Disk Dg Redundancy:  external
+    Db Base:                     /u01/app/oracle
+    Db Char Set:                 AL32UTF8
+    Db Data File Dest Dg:        +DATA
+    Db Home:                     /u01/app/oracle/product/19c/dbhome_1
+    Db Name:                     PORCLCDB
+    Db Recovery File Dest:       +DATA
+    Db Response File:
+    Db Sw Zip File:  db_home.zip
+    Grid Base:       /u01/app/grid
+    Grid Home:       /u01/app/19c/grid
+    Grid Response File:
+    Grid Sw Zip File:        grid_home.zip
+    Host Sw Stage Location:  /scratch/software/stage
+    Inventory:               /u01/app/oraInventory
+    Pga Size:                1G
+    Processes:               2000
+    Sga Size:                3G
+    Sw Mount Location:       /u01
+  Db Secret:
+    Key File Mount Location:  /mnt/.dbsecrets
+    Key File Name:            key.pem
+    Name:                     db-user-pass-pkutl
+    Pwd File Mount Location:  /mnt/.dbsecrets
+    Pwd File Name:            pwdfile.enc
+  Enable Ons:                 enable
+  Image:                      localhost/oracle/database-orestart:19.3.0-slim
+  Image Pull Policy:          IfNotPresent
+  Inst Details:
+    Env Vars:
+      Name:            IGNORE_CRS_PREREQS
+      Value:           true
+      Name:            IGNORE_DB_PREREQS
+      Value:           true
+    Host Sw Location:  /scratch/orestart/
+    Name:              dbmc1
+    Worker Node:
+      10.0.10.58
+  Lb Service:
+  Node Port Svc:
+    Name:  dbmc1-service-nodeport
+    Port Mappings:
+      Node Port:    30007
+      Port:         1521
+      Protocol:     TCP
+      Target Port:  1521
+      Node Port:    30200
+      Port:         6200
+      Protocol:     TCP
+      Target Port:  6200
+    Svc Type:       nodeport
+  Resources:
+    Limits:
+      Cpu:     4
+      Memory:  20Gi
+    Requests:
+      Cpu:     4
+      Memory:  20Gi
+  Security Context:
+    Sysctls:
+      Name:   kernel.shmall
+      Value:  2097152
+      Name:   kernel.sem
+      Value:  250 32000 100 128
+      Name:   kernel.shmmax
+      Value:  8589934592
+      Name:   kernel.shmmni
+      Value:  4096
+  Service Details:
+    Name:  soepdb
+  Ssh Key Secret:
+    Key Mount Location:    /mnt/.ssh
+    Name:                  ssh-key-secret
+    Priv Key Secret Name:  ssh-privkey
+    Pub Key Secret Name:   ssh-pubkey
+Status:
+  Oracle Restart Nodes:
+    Name:  dbmc1-0
+    Node Details:
+      Instance State:  OPEN
+      Pod State:       AVAILABLE
+      Cluster State:   HEALTHY
+      Mounted Devices:
+        /dev/disk/by-partlabel/asm-disk1
+        /dev/disk/by-partlabel/asm-disk2
+      State:  AVAILABLE
+  Asm Details:
+    Diskgroup:
+      Disks:
+        /dev/disk/by-partlabel/asm-disk1,/dev/disk/by-partlabel/asm-disk2
+      Name:        DATA
+      Redundancy:  EXTERN
+  Conditions:
+    Last Transition Time:  2025-09-10T15:57:27Z
+    Message:               reconcile has been queued
+    Observed Generation:   1
+    Reason:                LastReconcileCycleQueued
+    Status:                True
+    Type:                  ReconcileQueued
+    Last Transition Time:  2025-09-10T21:03:50Z
+    Message:               reconcile completed successfully
+    Observed Generation:   2
+    Reason:                LastReconcileCycleCompleted
+    Status:                True
+    Type:                  ReconcileComplete
+  Config Params:
+    Crs Asm Device List:         /dev/disk/by-partlabel/asm-disk1,/dev/disk/by-partlabel/asm-disk2
+    Crs Asm Disk Dg:             +DATA
+    Crs Asm Disk Dg Redundancy:  external
+    Db Base:                     /u01/app/oracle
+    Db Data File Dest Dg:        +DATA
+    Db Home:                     /u01/app/oracle/product/19c/dbhome_1
+    Db Name:                     PORCLCDB
+    Db Recovery File Dest:       +DATA
+    Db Response File:
+    Grid Base:  /u01/app/grid
+    Grid Home:  /u01/app/19c/grid
+    Grid Response File:
+    Inventory:     /u01/app/oraInventory
+  Connect String:  dbmc1-0:1521/PORCLCDB
+  Db Secret:
+    Key File Mount Location:  /mnt/.dbsecrets
+    Key File Name:            key.pem
+    Name:                     db-user-pass-pkutl
+    Pwd File Mount Location:  /mnt/.dbsecrets
+    Pwd File Name:            pwdfile.enc
+  Db State:                   OPEN
+  External Connect String:    Pending
+  Pdb Connect String:         dbmc1-0:1521/ORCLPDB
+  Release Update:             19.28.0.0.0
+  Role:                       PRIMARY
+  Service Details:
+    Name:       soepdb
+    Svc State:  service soepdb is running
+  State:        AVAILABLE
+Events:         <none>
+
+
+
+
+[root@dbmc1-0 rac-work-dir]# cd /sys/fs/cgroup/memory
+[root@dbmc1-0 memory]# cat memory.limit_in_bytes
+21474836480
+[root@dbmc1-0 memory]#
+[root@dbmc1-0 memory]# cd /sys/fs/cgroup/cpu/
+[root@dbmc1-0 cpu]# cat cpu.cfs_quota_us
+400000
+[root@dbmc1-0 cpu]#
\ No newline at end of file
diff --git a/docs/oraclerestart/provisioning/oraclerestart_prov_nodeports_mcpu_change.yaml b/docs/oraclerestart/provisioning/oraclerestart_prov_nodeports_mcpu_change.yaml
new file mode 100644
index 00000000..de342075
--- /dev/null
+++ b/docs/oraclerestart/provisioning/oraclerestart_prov_nodeports_mcpu_change.yaml
@@ -0,0 +1,117 @@
+# API version of the OracleRestart Custom Resource
+apiVersion: database.oracle.com/v4
+
+# Resource type being created
+kind: OracleRestart
+
+# Metadata section to define the resource's name and namespace
+metadata:
+  name: oraclerestart-sample          # Name of the OracleRestart instance
+  namespace: orestart                 # Kubernetes namespace to deploy into
+
+spec:
+  # Instance details for Oracle Restart
+  instDetails:
+    name: dbmc1                       # Logical name of the OracleRestart instance
+    hostSwLocation: /scratch/orestart/  # Host directory for Oracle GI HOME and Oracle RDBMS HOME
+
+    # Worker nodes where the instance should be scheduled
+    workerNode:
+      - 10.0.10.58                   # IP address of the target node for deployment
+
+    # Environment variables in case you want to want to ignore prerequisite checks during the GI/RDBSMS Install
+    envVars:
+      - name: IGNORE_CRS_PREREQS     # If set to true, it will use flags -ignorePreReq and -ignorePrereqFailure during the CRS Installation. Do not set this parameter in the .yaml file if you do not want to use the parameters -ignorePreReq and -ignorePrereqFailure during the CRS Installation.
+        value: "true"
+      - name: IGNORE_DB_PREREQS      # If set to true, it will use flags -ignorePrereq and -ignorePrereqFailure during the DB Software Installation. Do not set this parameter in the .yaml file if you do not want to use the parameters -ignorePreReq and -ignorePrereqFailure during the DB Software Installation.
+        value: "true"
+
+  # NodePort service configuration for exposing DB port externally
+  nodePortSvc:
+    name: dbmc1-service-nodeport  # Name of the Kubernetes Service
+    svcType: nodeport             # Service type (NodePort to expose externally)
+
+    # Mapping between container and host ports
+    portMappings:
+      - port: 1521                    # Port inside container (Oracle Listener port)
+        targetPort: 1521              # Target port for the service
+        protocol: TCP                 # Protocol type (TCP for Oracle)
+        nodePort: 30007               # Host port exposed on worker node (must be in NodePort range)
+      - port: 6200                    # Port inside container (for ONS)
+        targetPort: 6200              # Target port for the service
+        protocol: TCP                 # Protocol type (TCP for Oracle)
+        nodePort: 30200               # Host port exposed on worker node (must be in NodePort range)        
+  enableOns: "enable"                 # If you want to have ONS notification configured on the specified port. Default value is "enable"        
+
+  # ASM (Automatic Storage Management) storage configuration
+  asmStorageDetails:
+    disksBySize:
+      - storageSizeInGb: 50          # Each disk in this group has 50Gi of storage
+        diskNames:
+          - /dev/disk/by-partlabel/asm-disk1  # ASM disk device path 1
+          - /dev/disk/by-partlabel/asm-disk2  # ASM disk device path 2
+
+  # SSH key secret used for remote access and automation
+  sshKeySecret:
+    name: ssh-key-secret          # Kubernetes secret name
+    privKeySecretName: ssh-privkey  # Private key inside secret
+    pubKeySecretName: ssh-pubkey    # Public key inside secret
+
+  # Secret containing DB user credentials
+  dbSecret:
+    name: db-user-pass-pkutl     # Secret name
+    keyFileName: key.pem         # Key file name inside secret
+    pwdFileName: pwdfile.enc     # Password file name inside secret
+
+  # Image for Oracle Restart container
+  image: dbocir/oracle/database-orestart:19.3.0-slim  # <-- Replace with your image registry
+
+  # Policy to pull image
+  # Use the value as "Always" if you want use the latest version of the image from the container registry.
+  # Use the value as "IfNotPresent" it the image is not already present locally.
+  imagePullPolicy: IfNotPresent
+
+  # Optional service account for security context permissions
+  # serviceAccountName: oraclerestart   # <-- Required for OpenShift; optional for vanilla Kubernetes
+
+  # Service-specific database name and related details
+  serviceDetails:
+    name: soepdb                     # Name of the Oracle service (pluggable DB)
+
+  # Resource requests and limits for memory and CPU
+  resources:
+    requests:
+      memory: "20Gi"                 # Minimum memory required
+      cpu: "4"                       # Minimum CPU required
+    limits:
+      memory: "20Gi"                 # Max memory allowed
+      cpu: "4"                       # Max CPU allowed
+
+  # Kernel-level system control parameters for Oracle
+  securityContext:
+    sysctls:
+      - name: kernel.shmall
+        value: "2097152"
+      - name: kernel.sem
+        value: "250 32000 100 128"
+      - name: kernel.shmmax
+        value: "8589934592"
+      - name: kernel.shmmni
+        value: "4096"
+
+  # Configuration parameters for Oracle Grid and Database homes
+  configParams:
+    gridHome: "/u01/app/19c/grid"                             # Oracle Grid home path
+    gridBase: "/u01/app/grid"                                 # Grid base directory
+    dbHome: "/u01/app/oracle/product/19c/dbhome_1"            # Oracle DB home path
+    dbBase: "/u01/app/oracle"                                 # Oracle base directory
+    crsAsmDeviceList: /dev/disk/by-partlabel/asm-disk1,/dev/disk/by-partlabel/asm-disk2   # Comma-separated list of ASM device files
+    inventory: "/u01/app/oraInventory"                        # Inventory location
+    gridSwZipFile: "grid_home.zip"                            # Grid infrastructure software ZIP
+    dbSwZipFile: "db_home.zip"                                # Database software ZIP
+    sgaSize: "3G"                                             # Size of the System Global Area
+    pgaSize: "1G"                                             # Size of the Program Global Area
+    processes: 2000                                           # Oracle process limit
+    cpuCount: 4                                               # Number of CPUs to allocate
+    dbName: "PORCLCDB"                                        # Oracle database name
+    hostSwStageLocation: /scratch/software/stage              # Host location where Oracle software ZIPs are staged, same location will be mounted inside the Oracle Restart Pod
diff --git a/docs/oraclerestart/provisioning/oraclerestart_prov_rupatch.yaml b/docs/oraclerestart/provisioning/oraclerestart_prov_rupatch.yaml
new file mode 100644
index 00000000..f8ba6484
--- /dev/null
+++ b/docs/oraclerestart/provisioning/oraclerestart_prov_rupatch.yaml
@@ -0,0 +1,120 @@
+# API version of the OracleRestart Custom Resource
+apiVersion: database.oracle.com/v4
+
+# Resource type being created
+kind: OracleRestart
+
+# Metadata section to define the resource's name and namespace
+metadata:
+  name: oraclerestart-sample          # Name of the OracleRestart instance
+  namespace: orestart                 # Kubernetes namespace to deploy into
+
+spec:
+  # Instance details for Oracle Restart
+  instDetails:
+    name: dbmc1                       # Logical name of the OracleRestart instance
+    hostSwLocation: /scratch/orestart/  # Host directory for Oracle GI HOME and Oracle RDBMS HOME
+
+    # Worker nodes where the instance should be scheduled
+    workerNode:
+      - 10.0.10.58                   # IP address of the target node for deployment
+
+    # Environment variables in case you want to want to ignore prerequisite checks during the GI/RDBSMS Install
+    envVars:
+      - name: IGNORE_CRS_PREREQS     # If set to true, it will use flags -ignorePreReq and -ignorePrereqFailure during the CRS Installation. Do not set this parameter in the .yaml file if you do not want to use the parameters -ignorePreReq and -ignorePrereqFailure during the CRS Installation.
+        value: "true"
+      - name: IGNORE_DB_PREREQS      # If set to true, it will use flags -ignorePrereq and -ignorePrereqFailure during the DB Software Installation. Do not set this parameter in the .yaml file if you do not want to use the parameters -ignorePreReq and -ignorePrereqFailure during the DB Software Installation.
+        value: "true"
+
+  # NodePort service configuration for exposing DB port externally
+  nodePortSvc:
+    name: dbmc1-service-nodeport  # Name of the Kubernetes Service
+    svcType: nodeport             # Service type (NodePort to expose externally)
+
+    # Mapping between container and host ports
+    portMappings:
+      - port: 1521                    # Port inside container (Oracle Listener port)
+        targetPort: 1521              # Target port for the service
+        protocol: TCP                 # Protocol type (TCP for Oracle)
+        nodePort: 30007               # Host port exposed on worker node (must be in NodePort range)
+      - port: 6200                    # Port inside container (for ONS)
+        targetPort: 6200              # Target port for the service
+        protocol: TCP                 # Protocol type (TCP for Oracle)
+        nodePort: 30200               # Host port exposed on worker node (must be in NodePort range)        
+  enableOns: "enable"                 # If you want to have ONS notification configured on the specified port. Default value is "enable"        
+
+  # ASM (Automatic Storage Management) storage configuration
+  asmStorageDetails:
+    disksBySize:
+      - storageSizeInGb: 50          # Each disk in this group has 50Gi of storage
+        diskNames:
+          - /dev/disk/by-partlabel/asm-disk1  # ASM disk device path 1
+          - /dev/disk/by-partlabel/asm-disk2  # ASM disk device path 2
+
+  # SSH key secret used for remote access and automation
+  sshKeySecret:
+    name: ssh-key-secret          # Kubernetes secret name
+    privKeySecretName: ssh-privkey  # Private key inside secret
+    pubKeySecretName: ssh-pubkey    # Public key inside secret
+
+  # Secret containing DB user credentials
+  dbSecret:
+    name: db-user-pass-pkutl     # Secret name
+    keyFileName: key.pem         # Key file name inside secret
+    pwdFileName: pwdfile.enc     # Password file name inside secret
+
+  # Image for Oracle Restart container
+  image: dbocir/oracle/database-orestart:19.3.0-slim  # <-- Replace with your image registry
+
+  # Policy to pull image
+  # Use the value as "Always" if you want use the latest version of the image from the container registry.
+  # Use the value as "IfNotPresent" it the image is not already present locally.
+  imagePullPolicy: IfNotPresent
+
+  # Optional service account for security context permissions
+  # serviceAccountName: oraclerestart   # <-- Required for OpenShift; optional for vanilla Kubernetes
+
+  # Service-specific database name and related details
+  serviceDetails:
+    name: soepdb                     # Name of the Oracle service (pluggable DB)
+
+  # Resource requests and limits for memory and CPU
+  resources:
+    requests:
+      memory: "16Gi"                 # Minimum memory required
+      cpu: "2"                       # Minimum CPU required
+    limits:
+      memory: "16Gi"                 # Max memory allowed
+      cpu: "2"                       # Max CPU allowed
+
+  # Kernel-level system control parameters for Oracle
+  securityContext:
+    sysctls:
+      - name: kernel.shmall
+        value: "2097152"
+      - name: kernel.sem
+        value: "250 32000 100 128"
+      - name: kernel.shmmax
+        value: "8589934592"
+      - name: kernel.shmmni
+        value: "4096"
+
+  # Configuration parameters for Oracle Grid and Database homes
+  configParams:
+    gridHome: "/u01/app/19c/grid"                             # Oracle Grid home path
+    gridBase: "/u01/app/grid"                                 # Grid base directory
+    dbHome: "/u01/app/oracle/product/19c/dbhome_1"            # Oracle DB home path
+    dbBase: "/u01/app/oracle"                                 # Oracle base directory
+    crsAsmDeviceList: /dev/disk/by-partlabel/asm-disk1,/dev/disk/by-partlabel/asm-disk2   # Comma-separated list of ASM device files
+    inventory: "/u01/app/oraInventory"                        # Inventory location
+    gridSwZipFile: "grid_home.zip"                            # Grid infrastructure software ZIP
+    dbSwZipFile: "db_home.zip"                                # Database software ZIP
+    sgaSize: "3G"                                             # Size of the System Global Area
+    pgaSize: "1G"                                             # Size of the Program Global Area
+    processes: 2000                                           # Oracle process limit
+    cpuCount: 4                                               # Number of CPUs to allocate
+    dbName: "PORCLCDB"                                        # Oracle database name
+    oPatchSwZipFile: "p6880880_190000_Linux-x86-64.zip"       # Opatch software ZIP
+    hostSwStageLocation: /scratch/software/stage/19.3.0       # Host location where Oracle software ZIPs are staged, same location will be mounted inside the Oracle Restart Pod
+    ruPatchLocation: /scratch/software/ru_patch/37957391      # Directory containing the unzipped RU patch, same location will be mounted inside the Oracle Restart Pod
+    oPatchLocation: /scratch/software/opatch                  # Location of the Opatch Software, same location will be mounted inside the Oracle Restart Pod
diff --git a/docs/oraclerestart/provisioning/oraclerestart_prov_rupatch_oneoff_storageclass.yaml b/docs/oraclerestart/provisioning/oraclerestart_prov_rupatch_oneoff_storageclass.yaml
new file mode 100644
index 00000000..dce27302
--- /dev/null
+++ b/docs/oraclerestart/provisioning/oraclerestart_prov_rupatch_oneoff_storageclass.yaml
@@ -0,0 +1,134 @@
+# API version of the OracleRestart Custom Resource
+apiVersion: database.oracle.com/v4
+
+# Resource type being created
+kind: OracleRestart
+
+# Metadata section to define the resource's name and namespace
+metadata:
+  name: oraclerestart-sample          # Name of the OracleRestart instance
+  namespace: orestart                 # Kubernetes namespace to deploy into
+
+spec:
+  # Instance details for Oracle Restart
+  instDetails:
+    name: dbmc1                       # Logical name of the OracleRestart instance
+
+    # Worker nodes where the instance should be scheduled
+    workerNode:
+      - 10.0.10.58                   # IP address of the target node for deployment
+
+    # Size of the storage location for software. This parameter will be effective when the local SW location is NOT specified by hostSwLocation
+    swLocStorageSizeInGb: 300      
+
+    # Environment variables in case you want to want to ignore prerequisite checks during the GI/RDBSMS Install
+    envVars:
+      - name: IGNORE_CRS_PREREQS     # If set to true, it will use flags -ignorePreReq and -ignorePrereqFailure during the CRS Installation. Do not set this parameter in the .yaml file if you do not want to use the parameters -ignorePreReq and -ignorePrereqFailure during the CRS Installation.
+        value: "true"
+      - name: IGNORE_DB_PREREQS      # If set to true, it will use flags -ignorePrereq and -ignorePrereqFailure during the DB Software Installation. Do not set this parameter in the .yaml file if you do not want to use the parameters -ignorePreReq and -ignorePrereqFailure during the DB Software Installation.
+        value: "true"
+
+  # NodePort service configuration for exposing DB port externally
+  nodePortSvc:
+    name: dbmc1-service-nodeport  # Name of the Kubernetes Service
+    svcType: nodeport             # Service type (NodePort to expose externally)
+
+    # Mapping between container and host ports
+    portMappings:
+      - port: 1521                    # Port inside container (Oracle Listener port)
+        targetPort: 1521              # Target port for the service
+        protocol: TCP                 # Protocol type (TCP for Oracle)
+        nodePort: 30007               # Host port exposed on worker node (must be in NodePort range)
+      - port: 6200                    # Port inside container (for ONS)
+        targetPort: 6200              # Target port for the service
+        protocol: TCP                 # Protocol type (TCP for Oracle)
+        nodePort: 30200               # Host port exposed on worker node (must be in NodePort range)        
+  enableOns: "enable"                 # If you want to have ONS notification configured on the specified port. Default value is "enable"        
+
+  # Custom Storage class to be used for dynamic provisioning (if applicable)
+  # You have separate parameters to specify the storage class for all the diskgroups (CRS, DATA, RECO, REDO)
+  # You have a parameter to specify the storage class for the software location for the GI and RDBMS HOME
+  crsDgStorageClass: "oci-bv"         # Specify storage class for the CRS Diskgroup, Currently using "oci-bv" but you can specify another available storage class as well
+  swDgStorageClass: "oci-bv"          # Specify storage class for the storage location for software, Currently using "oci-bv" but you can specify another available storage class as well
+
+  # ASM (Automatic Storage Management) storage configuration
+  asmStorageDetails:
+    disksBySize:
+      - storageSizeInGb: 50          # Each disk in this group has 50Gi of storage
+        diskNames:
+          - /dev/asm-disk1           # Device for ASM disk 1
+          - /dev/asm-disk2           # Device for ASM disk 2
+
+  # SSH key secret used for remote access and automation
+  sshKeySecret:
+    name: ssh-key-secret          # Kubernetes secret name
+    privKeySecretName: ssh-privkey  # Private key inside secret
+    pubKeySecretName: ssh-pubkey    # Public key inside secret
+
+  # Secret containing DB user credentials
+  dbSecret:
+    name: db-user-pass-pkutl     # Secret name
+    keyFileName: key.pem         # Key file name inside secret
+    pwdFileName: pwdfile.enc     # Password file name inside secret
+
+  # Image for Oracle Restart container
+  image: dbocir/oracle/database-orestart:19.3.0-slim  # <-- Replace with your image registry
+
+  # Policy to pull image
+  # Use the value as "Always" if you want use the latest version of the image from the container registry.
+  # Use the value as "IfNotPresent" it the image is not already present locally.
+  imagePullPolicy: IfNotPresent
+
+  # Optional service account for security context permissions
+  # serviceAccountName: oraclerestart   # <-- Required for OpenShift; optional for vanilla Kubernetes
+
+  # Service-specific database name and related details
+  serviceDetails:
+    name: soepdb                     # Name of the Oracle service (pluggable DB)
+
+  # Resource requests and limits for memory and CPU
+  resources:
+    requests:
+      memory: "16Gi"                 # Minimum memory required
+      cpu: "2"                       # Minimum CPU required
+    limits:
+      memory: "16Gi"                 # Max memory allowed
+      cpu: "2"                       # Max CPU allowed
+
+  # Kernel-level system control parameters for Oracle
+  securityContext:
+    sysctls:
+      - name: kernel.shmall
+        value: "2097152"
+      - name: kernel.sem
+        value: "250 32000 100 128"
+      - name: kernel.shmmax
+        value: "8589934592"
+      - name: kernel.shmmni
+        value: "4096"
+
+  # Configuration parameters for Oracle Grid and Database homes
+  configParams:
+    gridHome: "/u01/app/19c/grid"                             # Oracle Grid home path
+    gridBase: "/u01/app/grid"                                 # Grid base directory
+    dbHome: "/u01/app/oracle/product/19c/dbhome_1"            # Oracle DB home path
+    dbBase: "/u01/app/oracle"                                 # Oracle base directory
+    crsAsmDeviceList: /dev/asm-disk1,/dev/asm-disk2           # Comma-separated list of ASM device files
+    inventory: "/u01/app/oraInventory"                        # Inventory location
+    gridSwZipFile: "grid_home.zip"                            # Grid infrastructure software ZIP
+    dbSwZipFile: "db_home.zip"                                # Database software ZIP
+    sgaSize: "3G"                                             # Size of the System Global Area
+    pgaSize: "1G"                                             # Size of the Program Global Area
+    processes: 2000                                           # Oracle process limit
+    cpuCount: 4                                               # Number of CPUs to allocate
+    dbName: "PORCLCDB"                                        # Oracle database name
+    pdbName: "TESTPDB"                                        # PDB name, in case you want to explicitly specify the PDB Name
+    oPatchSwZipFile: "p6880880_190000_Linux-x86-64.zip"       # Opatch software ZIP
+    swStagePvc: pv-stage-vol-claim                            # PVC name for the Software Location mounting the NFS
+    swStagePvcMountLocation: "/stage"                         # Mount point for the Software Location inside the Pod
+    hostSwStageLocation: /stage/software/19c/19.3.0           # Base Release Software Location on the NFS based Persistent Volume, Pod will also have this software in the same path
+    ruPatchLocation: /stage/software/19c/19.28/37957391       # Directory containing the unzipped RU patch on the NFS based Persistent Volume, Pod will also have this software in the same path
+    oPatchLocation: /stage/software/19c                       # Location of the Opatch Software on the NFS based Persistent Volume, Pod will also have this software in the same path    
+    oneOffLocation: /stage/software/19c/oneoff                # One-off patch files directory where all the one-off patches for GI and RDBMS Home are unzipped
+    gridOneOffIds: "38336965"                                 # Comma-separated Grid one-off patch IDs
+    dbOneOffIds: "38336965,34436514"                          # Comma-separated DB one-off patch IDs    
diff --git a/docs/oraclerestart/provisioning/oraclerestart_prov_rupatch_pvc.yaml b/docs/oraclerestart/provisioning/oraclerestart_prov_rupatch_pvc.yaml
new file mode 100644
index 00000000..9211c549
--- /dev/null
+++ b/docs/oraclerestart/provisioning/oraclerestart_prov_rupatch_pvc.yaml
@@ -0,0 +1,131 @@
+# API version of the OracleRestart Custom Resource
+apiVersion: database.oracle.com/v4
+
+# Resource type being created
+kind: OracleRestart
+
+# Metadata section to define the resource's name and namespace
+metadata:
+  name: oraclerestart-sample          # Name of the OracleRestart instance
+  namespace: orestart                 # Kubernetes namespace to deploy into
+
+spec:
+  # Instance details for Oracle Restart
+  instDetails:
+    name: dbmc1                       # Logical name of the OracleRestart instance
+
+    # Worker nodes where the instance should be scheduled
+    workerNode:
+      - 10.0.10.58                   # IP address of the target node for deployment
+
+    # Size of the storage location for software. This parameter will be effective when the local SW location is NOT specified by hostSwLocation
+    swLocStorageSizeInGb: 300  
+
+    # Environment variables in case you want to want to ignore prerequisite checks during the GI/RDBSMS Install
+    envVars:
+      - name: IGNORE_CRS_PREREQS     # If set to true, it will use flags -ignorePreReq and -ignorePrereqFailure during the CRS Installation. Do not set this parameter in the .yaml file if you do not want to use the parameters -ignorePreReq and -ignorePrereqFailure during the CRS Installation.
+        value: "true"
+      - name: IGNORE_DB_PREREQS      # If set to true, it will use flags -ignorePrereq and -ignorePrereqFailure during the DB Software Installation. Do not set this parameter in the .yaml file if you do not want to use the parameters -ignorePreReq and -ignorePrereqFailure during the DB Software Installation.
+        value: "true"
+
+  # NodePort service configuration for exposing DB port externally
+  nodePortSvc:
+    name: dbmc1-service-nodeport  # Name of the Kubernetes Service
+    svcType: nodeport             # Service type (NodePort to expose externally)
+
+    # Mapping between container and host ports
+    portMappings:
+      - port: 1521                    # Port inside container (Oracle Listener port)
+        targetPort: 1521              # Target port for the service
+        protocol: TCP                 # Protocol type (TCP for Oracle)
+        nodePort: 30007               # Host port exposed on worker node (must be in NodePort range)
+      - port: 6200                    # Port inside container (for ONS)
+        targetPort: 6200              # Target port for the service
+        protocol: TCP                 # Protocol type (TCP for Oracle)
+        nodePort: 30200               # Host port exposed on worker node (must be in NodePort range)        
+  enableOns: "enable"                 # If you want to have ONS notification configured on the specified port. Default value is "enable"        
+    
+  # Custom Storage class to be used for dynamic provisioning (if applicable)
+  # You have separate parameters to specify the storage class for all the diskgroups (CRS, DATA, RECO, REDO)
+  # You have a parameter to specify the storage class for the software location for the GI and RDBMS HOME
+  crsDgStorageClass: "oci-bv"         # Specify storage class for the CRS Diskgroup, Currently using "oci-bv" but you can specify another available storage class as well
+  swDgStorageClass: "oci-bv"          # Specify storage class for the storage location for software, Currently using "oci-bv" but you can specify another available storage class as well
+
+  # ASM (Automatic Storage Management) storage configuration
+  asmStorageDetails:
+    disksBySize:
+      - storageSizeInGb: 50          # Each disk in this group has 50Gi of storage
+        diskNames:
+          - /dev/asm-disk1           # Device for ASM disk 1
+          - /dev/asm-disk2           # Device for ASM disk 2
+
+  # SSH key secret used for remote access and automation
+  sshKeySecret:
+    name: ssh-key-secret          # Kubernetes secret name
+    privKeySecretName: ssh-privkey  # Private key inside secret
+    pubKeySecretName: ssh-pubkey    # Public key inside secret
+
+  # Secret containing DB user credentials
+  dbSecret:
+    name: db-user-pass-pkutl     # Secret name
+    keyFileName: key.pem         # Key file name inside secret
+    pwdFileName: pwdfile.enc     # Password file name inside secret
+
+  # Image for Oracle Restart container
+  image: dbocir/oracle/database-orestart:19.3.0-slim  # <-- Replace with your image registry
+
+  # Policy to pull image
+  # Use the value as "Always" if you want use the latest version of the image from the container registry.
+  # Use the value as "IfNotPresent" it the image is not already present locally.
+  imagePullPolicy: IfNotPresent
+
+  # Optional service account for security context permissions
+  # serviceAccountName: oraclerestart   # <-- Required for OpenShift; optional for vanilla Kubernetes
+
+  # Service-specific database name and related details
+  serviceDetails:
+    name: soepdb                     # Name of the Oracle service (pluggable DB)
+
+  # Resource requests and limits for memory and CPU
+  resources:
+    requests:
+      memory: "16Gi"                 # Minimum memory required
+      cpu: "2"                       # Minimum CPU required
+    limits:
+      memory: "16Gi"                 # Max memory allowed
+      cpu: "2"                       # Max CPU allowed
+
+  # Kernel-level system control parameters for Oracle
+  securityContext:
+    sysctls:
+      - name: kernel.shmall
+        value: "2097152"
+      - name: kernel.sem
+        value: "250 32000 100 128"
+      - name: kernel.shmmax
+        value: "8589934592"
+      - name: kernel.shmmni
+        value: "4096"
+
+  # Configuration parameters for Oracle Grid and Database homes
+  configParams:
+    gridHome: "/u01/app/19c/grid"                             # Oracle Grid home path
+    gridBase: "/u01/app/grid"                                 # Grid base directory
+    dbHome: "/u01/app/oracle/product/19c/dbhome_1"            # Oracle DB home path
+    dbBase: "/u01/app/oracle"                                 # Oracle base directory
+    crsAsmDeviceList: /dev/asm-disk1,/dev/asm-disk2           # Comma-separated list of ASM device files
+    inventory: "/u01/app/oraInventory"                        # Inventory location
+    gridSwZipFile: "grid_home.zip"                            # Grid infrastructure software ZIP
+    dbSwZipFile: "db_home.zip"                                # Database software ZIP
+    oPatchSwZipFile: "p6880880_190000_Linux-x86-64.zip"       # Opatch software ZIP
+    sgaSize: "3G"                                             # Size of the System Global Area
+    pgaSize: "1G"                                             # Size of the Program Global Area
+    processes: 2000                                           # Oracle process limit
+    cpuCount: 4                                               # Number of CPUs to allocate
+    dbName: "PORCLCDB"                                        # Oracle database name
+    pdbName: "TESTPDB"                                        # PDB name, in case you want to explicitly specify the PDB Name
+    swStagePvc: pv-stage-vol-claim                            # PVC name for the Software Location mounting the NFS
+    swStagePvcMountLocation: "/stage"                         # Mount point for the Software Location inside the Pod
+    hostSwStageLocation: /stage/software/19c/19.3.0           # Base Release Software Location on the NFS based Persistent Volume, Pod will also have this software in the same path
+    ruPatchLocation: /stage/software/19c/19.28/37957391       # Directory containing the unzipped RU patch on the NFS based Persistent Volume, Pod will also have this software in the same path
+    oPatchLocation: /stage/software/19c                       # Location of the Opatch Software on the NFS based Persistent Volume, Pod will also have this software in the same path
diff --git a/docs/oraclerestart/provisioning/oraclerestart_prov_storage_class.yaml b/docs/oraclerestart/provisioning/oraclerestart_prov_storage_class.yaml
new file mode 100644
index 00000000..9c19754b
--- /dev/null
+++ b/docs/oraclerestart/provisioning/oraclerestart_prov_storage_class.yaml
@@ -0,0 +1,124 @@
+# API version of the OracleRestart Custom Resource
+apiVersion: database.oracle.com/v4
+
+# Resource type being created
+kind: OracleRestart
+
+# Metadata section to define the resource's name and namespace
+metadata:
+  name: oraclerestart-sample          # Name of the OracleRestart instance
+  namespace: orestart                 # Kubernetes namespace to deploy into
+
+spec:
+  # Instance details for Oracle Restart
+  instDetails:
+    name: dbmc1                       # Logical name of the OracleRestart instance
+
+    # Worker nodes where the instance should be scheduled
+    workerNode:
+      - 10.0.10.58                   # IP address of the target node for deployment
+
+    # Size of the storage location for software. This parameter will be effective when the local SW location is NOT specified by hostSwLocation
+    swLocStorageSizeInGb: 300
+
+    # Environment variables in case you want to want to ignore prerequisite checks during the GI/RDBSMS Install
+    envVars:
+      - name: IGNORE_CRS_PREREQS     # If set to true, it will use flags -ignorePreReq and -ignorePrereqFailure during the CRS Installation. Do not set this parameter in the .yaml file if you do not want to use the parameters -ignorePreReq and -ignorePrereqFailure during the CRS Installation.
+        value: "true"
+      - name: IGNORE_DB_PREREQS      # If set to true, it will use flags -ignorePrereq and -ignorePrereqFailure during the DB Software Installation. Do not set this parameter in the .yaml file if you do not want to use the parameters -ignorePreReq and -ignorePrereqFailure during the DB Software Installation.
+        value: "true"
+
+  # NodePort service configuration for exposing DB port externally
+  nodePortSvc:
+    name: dbmc1-service-nodeport  # Name of the Kubernetes Service
+    svcType: nodeport             # Service type (NodePort to expose externally)
+
+    # Mapping between container and host ports
+    portMappings:
+      - port: 1521                    # Port inside container (Oracle Listener port)
+        targetPort: 1521              # Target port for the service
+        protocol: TCP                 # Protocol type (TCP for Oracle)
+        nodePort: 30007               # Host port exposed on worker node (must be in NodePort range)
+      - port: 6200                    # Port inside container (for ONS)
+        targetPort: 6200              # Target port for the service
+        protocol: TCP                 # Protocol type (TCP for Oracle)
+        nodePort: 30200               # Host port exposed on worker node (must be in NodePort range)        
+  enableOns: "enable"                 # If you want to have ONS notification configured on the specified port. Default value is "enable"        
+
+  # Custom Storage class to be used for dynamic provisioning (if applicable)
+  # You have separate parameters to specify the storage class for all the diskgroups (CRS, DATA, RECO, REDO)
+  crsDgStorageClass: "oci-bv"         # Specify storage class for the CRS Diskgroup, Currently using "oci-bv" but you can specify another available storage class as well
+  swDgStorageClass: "oci-bv"          # Specify storage class for the storage location for software, Currently using "oci-bv" but you can specify another available storage class as well
+
+  # ASM (Automatic Storage Management) storage configuration
+  asmStorageDetails:
+    disksBySize:
+      - storageSizeInGb: 50          # Each disk in this group has 50Gi of storage
+        diskNames:
+          - /dev/asm-disk1  # ASM disk device path 1
+          - /dev/asm-disk2  # ASM disk device path 2
+
+  # SSH key secret used for remote access and automation
+  sshKeySecret:
+    name: ssh-key-secret          # Kubernetes secret name
+    privKeySecretName: ssh-privkey  # Private key inside secret
+    pubKeySecretName: ssh-pubkey    # Public key inside secret
+
+  # Secret containing DB user credentials
+  dbSecret:
+    name: db-user-pass-pkutl     # Secret name
+    keyFileName: key.pem         # Key file name inside secret
+    pwdFileName: pwdfile.enc     # Password file name inside secret
+
+  # Image for Oracle Restart container
+  image: dbocir/oracle/database-orestart:19.3.0-slim  # <-- Replace with your image registry
+
+  # Policy to pull image
+  # Use the value as "Always" if you want use the latest version of the image from the container registry.
+  # Use the value as "IfNotPresent" it the image is not already present locally.
+  imagePullPolicy: IfNotPresent
+
+  # Optional service account for security context permissions
+  # serviceAccountName: oraclerestart   # <-- Required for OpenShift; optional for vanilla Kubernetes
+
+  # Service-specific database name and related details
+  serviceDetails:
+    name: soepdb                     # Name of the Oracle service (pluggable DB)
+
+  # Resource requests and limits for memory and CPU
+  resources:
+    requests:
+      memory: "16Gi"                 # Minimum memory required
+      cpu: "2"                       # Minimum CPU required
+    limits:
+      memory: "16Gi"                 # Max memory allowed
+      cpu: "2"                       # Max CPU allowed
+
+  # Kernel-level system control parameters for Oracle
+  securityContext:
+    sysctls:
+      - name: kernel.shmall
+        value: "2097152"
+      - name: kernel.sem
+        value: "250 32000 100 128"
+      - name: kernel.shmmax
+        value: "8589934592"
+      - name: kernel.shmmni
+        value: "4096"
+
+  # Configuration parameters for Oracle Grid and Database homes
+  configParams:
+    gridHome: "/u01/app/19c/grid"                             # Oracle Grid home path
+    gridBase: "/u01/app/grid"                                 # Grid base directory
+    dbHome: "/u01/app/oracle/product/19c/dbhome_1"            # Oracle DB home path
+    dbBase: "/u01/app/oracle"                                 # Oracle base directory
+    crsAsmDeviceList: /dev/asm-disk1,/dev/asm-disk2           # Comma-separated list of ASM device files
+    inventory: "/u01/app/oraInventory"                        # Inventory location
+    gridSwZipFile: "grid_home.zip"                            # Grid infrastructure software ZIP
+    dbSwZipFile: "db_home.zip"                                # Database software ZIP
+    sgaSize: "3G"                                             # Size of the System Global Area
+    pgaSize: "1G"                                             # Size of the Program Global Area
+    processes: 2000                                           # Oracle process limit
+    cpuCount: 4                                               # Number of CPUs to allocate
+    dbName: "PORCLCDB"                                        # Oracle database name
+    hostSwStageLocation: /scratch/software/stage              # Host location where Oracle software ZIPs are staged, same location will be mounted inside the Oracle Restart Pod
diff --git a/docs/oraclerestart/provisioning/oraclerestart_prov_storage_class_after_sw_home_resize.yaml b/docs/oraclerestart/provisioning/oraclerestart_prov_storage_class_after_sw_home_resize.yaml
new file mode 100644
index 00000000..1f59f3cc
--- /dev/null
+++ b/docs/oraclerestart/provisioning/oraclerestart_prov_storage_class_after_sw_home_resize.yaml
@@ -0,0 +1,125 @@
+# API version of the OracleRestart Custom Resource
+apiVersion: database.oracle.com/v4
+
+# Resource type being created
+kind: OracleRestart
+
+# Metadata section to define the resource's name and namespace
+metadata:
+  name: oraclerestart-sample          # Name of the OracleRestart instance
+  namespace: orestart                 # Kubernetes namespace to deploy into
+
+spec:
+  # Instance details for Oracle Restart
+  instDetails:
+    name: dbmc1                       # Logical name of the OracleRestart instance
+
+    # Worker nodes where the instance should be scheduled
+    workerNode:
+      - 10.0.10.58                   # IP address of the target node for deployment
+
+    # Size of the storage location for software. This parameter will be effective when the local SW location is NOT specified by hostSwLocation
+    swLocStorageSizeInGb: 400
+
+    # Environment variables in case you want to want to ignore prerequisite checks during the GI/RDBSMS Install
+    envVars:
+      - name: IGNORE_CRS_PREREQS     # If set to true, it will use flags -ignorePreReq and -ignorePrereqFailure during the CRS Installation. Do not set this parameter in the .yaml file if you do not want to use the parameters -ignorePreReq and -ignorePrereqFailure during the CRS Installation.
+        value: "true"
+      - name: IGNORE_DB_PREREQS      # If set to true, it will use flags -ignorePrereq and -ignorePrereqFailure during the DB Software Installation. Do not set this parameter in the .yaml file if you do not want to use the parameters -ignorePreReq and -ignorePrereqFailure during the DB Software Installation.
+        value: "true"
+
+  # NodePort service configuration for exposing DB port externally
+  nodePortSvc:
+    name: dbmc1-service-nodeport  # Name of the Kubernetes Service
+    svcType: nodeport             # Service type (NodePort to expose externally)
+
+    # Mapping between container and host ports
+    portMappings:
+      - port: 1521                    # Port inside container (Oracle Listener port)
+        targetPort: 1521              # Target port for the service
+        protocol: TCP                 # Protocol type (TCP for Oracle)
+        nodePort: 30007               # Host port exposed on worker node (must be in NodePort range)
+      - port: 6200                    # Port inside container (for ONS)
+        targetPort: 6200              # Target port for the service
+        protocol: TCP                 # Protocol type (TCP for Oracle)
+        nodePort: 30200               # Host port exposed on worker node (must be in NodePort range)        
+  enableOns: "enable"                 # If you want to have ONS notification configured on the specified port. Default value is "enable"        
+    
+  # Custom Storage class to be used for dynamic provisioning (if applicable)
+  # You have separate parameters to specify the storage class for all the diskgroups (CRS, DATA, RECO, REDO)
+  crsDgStorageClass: "oci-bv"         # Specify storage class for the CRS Diskgroup, Currently using "oci-bv" but you can specify another available storage class as well
+  swDgStorageClass: "oci-bv"          # Specify storage class for the storage location for software, Currently using "oci-bv" but you can specify another available storage class as well
+
+  # ASM (Automatic Storage Management) storage configuration
+  asmStorageDetails:
+    disksBySize:
+      - storageSizeInGb: 50          # Each disk in this group has 50Gi of storage
+        diskNames:
+          - /dev/asm-disk1  # ASM disk device path 1
+          - /dev/asm-disk2  # ASM disk device path 2
+
+  # SSH key secret used for remote access and automation
+  sshKeySecret:
+    name: ssh-key-secret          # Kubernetes secret name
+    privKeySecretName: ssh-privkey  # Private key inside secret
+    pubKeySecretName: ssh-pubkey    # Public key inside secret
+
+  # Secret containing DB user credentials
+  dbSecret:
+    name: db-user-pass-pkutl     # Secret name
+    keyFileName: key.pem         # Key file name inside secret
+    pwdFileName: pwdfile.enc     # Password file name inside secret
+
+  # Image for Oracle Restart container
+  image: dbocir/oracle/database-orestart:19.3.0-slim  # <-- Replace with your image registry
+
+  # Policy to pull image
+  # Use the value as "Always" if you want use the latest version of the image from the container registry.
+  # Use the value as "IfNotPresent" it the image is not already present locally.
+  imagePullPolicy: IfNotPresent
+
+  # Optional service account for security context permissions
+  # serviceAccountName: oraclerestart   # <-- Required for OpenShift; optional for vanilla Kubernetes
+
+  # Service-specific database name and related details
+  serviceDetails:
+    name: soepdb                     # Name of the Oracle service (pluggable DB)
+
+  # Resource requests and limits for memory and CPU
+  resources:
+    requests:
+      memory: "16Gi"                 # Minimum memory required
+      cpu: "2"                       # Minimum CPU required
+    limits:
+      memory: "16Gi"                 # Max memory allowed
+      cpu: "2"                       # Max CPU allowed
+
+  # Kernel-level system control parameters for Oracle
+  securityContext:
+    sysctls:
+      - name: kernel.shmall
+        value: "2097152"
+      - name: kernel.sem
+        value: "250 32000 100 128"
+      - name: kernel.shmmax
+        value: "8589934592"
+      - name: kernel.shmmni
+        value: "4096"
+
+  # Configuration parameters for Oracle Grid and Database homes
+  configParams:
+    gridHome: "/u01/app/19c/grid"                             # Oracle Grid home path
+    gridBase: "/u01/app/grid"                                 # Grid base directory
+    dbHome: "/u01/app/oracle/product/19c/dbhome_1"            # Oracle DB home path
+    dbBase: "/u01/app/oracle"                                 # Oracle base directory
+    crsAsmDeviceList: /dev/asm-disk1,/dev/asm-disk2           # Comma-separated list of ASM device files
+    inventory: "/u01/app/oraInventory"                        # Inventory location
+    gridSwZipFile: "grid_home.zip"                            # Grid infrastructure software ZIP
+    dbSwZipFile: "db_home.zip"                                # Database software ZIP
+    sgaSize: "3G"                                             # Size of the System Global Area
+    pgaSize: "1G"                                             # Size of the Program Global Area
+    processes: 2000                                           # Oracle process limit
+    cpuCount: 4                                               # Number of CPUs to allocate
+    dbName: "PORCLCDB"                                        # Oracle database name
+    hostSwStageLocation: /scratch/software/stage              # Host location where Oracle software ZIPs are staged, same location will be mounted inside the Oracle Restart Pod
+
diff --git a/docs/oraclerestart/provisioning/oraclerestart_prov_storage_class_before_sw_home_resize.yaml b/docs/oraclerestart/provisioning/oraclerestart_prov_storage_class_before_sw_home_resize.yaml
new file mode 100644
index 00000000..1d221bd7
--- /dev/null
+++ b/docs/oraclerestart/provisioning/oraclerestart_prov_storage_class_before_sw_home_resize.yaml
@@ -0,0 +1,125 @@
+# API version of the OracleRestart Custom Resource
+apiVersion: database.oracle.com/v4
+
+# Resource type being created
+kind: OracleRestart
+
+# Metadata section to define the resource's name and namespace
+metadata:
+  name: oraclerestart-sample          # Name of the OracleRestart instance
+  namespace: orestart                 # Kubernetes namespace to deploy into
+
+spec:
+  # Instance details for Oracle Restart
+  instDetails:
+    name: dbmc1                       # Logical name of the OracleRestart instance
+
+    # Worker nodes where the instance should be scheduled
+    workerNode:
+      - 10.0.10.58                   # IP address of the target node for deployment
+
+    # Size of the storage location for software. This parameter will be effective when the local SW location is NOT specified by hostSwLocation
+    swLocStorageSizeInGb: 300    
+
+    # Environment variables in case you want to want to ignore prerequisite checks during the GI/RDBSMS Install
+    envVars:
+      - name: IGNORE_CRS_PREREQS     # If set to true, it will use flags -ignorePreReq and -ignorePrereqFailure during the CRS Installation. Do not set this parameter in the .yaml file if you do not want to use the parameters -ignorePreReq and -ignorePrereqFailure during the CRS Installation.
+        value: "true"
+      - name: IGNORE_DB_PREREQS      # If set to true, it will use flags -ignorePrereq and -ignorePrereqFailure during the DB Software Installation. Do not set this parameter in the .yaml file if you do not want to use the parameters -ignorePreReq and -ignorePrereqFailure during the DB Software Installation.
+        value: "true"
+
+  # NodePort service configuration for exposing DB port externally
+  nodePortSvc:
+    name: dbmc1-service-nodeport  # Name of the Kubernetes Service
+    svcType: nodeport             # Service type (NodePort to expose externally)
+
+    # Mapping between container and host ports
+    portMappings:
+      - port: 1521                    # Port inside container (Oracle Listener port)
+        targetPort: 1521              # Target port for the service
+        protocol: TCP                 # Protocol type (TCP for Oracle)
+        nodePort: 30007               # Host port exposed on worker node (must be in NodePort range)
+      - port: 6200                    # Port inside container (for ONS)
+        targetPort: 6200              # Target port for the service
+        protocol: TCP                 # Protocol type (TCP for Oracle)
+        nodePort: 30200               # Host port exposed on worker node (must be in NodePort range)        
+  enableOns: "enable"                 # If you want to have ONS notification configured on the specified port. Default value is "enable"        
+    
+  # Custom Storage class to be used for dynamic provisioning (if applicable)
+  # You have separate parameters to specify the storage class for all the diskgroups (CRS, DATA, RECO, REDO)
+  crsDgStorageClass: "oci-bv"         # Specify storage class for the CRS Diskgroup, Currently using "oci-bv" but you can specify another available storage class as well
+  swDgStorageClass: "oci-bv"          # Specify storage class for the storage location for software, Currently using "oci-bv" but you can specify another available storage class as well
+
+  # ASM (Automatic Storage Management) storage configuration
+  asmStorageDetails:
+    disksBySize:
+      - storageSizeInGb: 50          # Each disk in this group has 50Gi of storage
+        diskNames:
+          - /dev/asm-disk1  # ASM disk device path 1
+          - /dev/asm-disk2  # ASM disk device path 2
+
+  # SSH key secret used for remote access and automation
+  sshKeySecret:
+    name: ssh-key-secret          # Kubernetes secret name
+    privKeySecretName: ssh-privkey  # Private key inside secret
+    pubKeySecretName: ssh-pubkey    # Public key inside secret
+
+  # Secret containing DB user credentials
+  dbSecret:
+    name: db-user-pass-pkutl     # Secret name
+    keyFileName: key.pem         # Key file name inside secret
+    pwdFileName: pwdfile.enc     # Password file name inside secret
+
+  # Image for Oracle Restart container
+  image: dbocir/oracle/database-orestart:19.3.0-slim  # <-- Replace with your image registry
+
+  # Policy to pull image
+  # Use the value as "Always" if you want use the latest version of the image from the container registry.
+  # Use the value as "IfNotPresent" it the image is not already present locally.
+  imagePullPolicy: IfNotPresent
+
+  # Optional service account for security context permissions
+  # serviceAccountName: oraclerestart   # <-- Required for OpenShift; optional for vanilla Kubernetes
+
+  # Service-specific database name and related details
+  serviceDetails:
+    name: soepdb                     # Name of the Oracle service (pluggable DB)
+
+  # Resource requests and limits for memory and CPU
+  resources:
+    requests:
+      memory: "16Gi"                 # Minimum memory required
+      cpu: "2"                       # Minimum CPU required
+    limits:
+      memory: "16Gi"                 # Max memory allowed
+      cpu: "2"                       # Max CPU allowed
+
+  # Kernel-level system control parameters for Oracle
+  securityContext:
+    sysctls:
+      - name: kernel.shmall
+        value: "2097152"
+      - name: kernel.sem
+        value: "250 32000 100 128"
+      - name: kernel.shmmax
+        value: "8589934592"
+      - name: kernel.shmmni
+        value: "4096"
+
+  # Configuration parameters for Oracle Grid and Database homes
+  configParams:
+    gridHome: "/u01/app/19c/grid"                             # Oracle Grid home path
+    gridBase: "/u01/app/grid"                                 # Grid base directory
+    dbHome: "/u01/app/oracle/product/19c/dbhome_1"            # Oracle DB home path
+    dbBase: "/u01/app/oracle"                                 # Oracle base directory
+    crsAsmDeviceList: /dev/asm-disk1,/dev/asm-disk2           # Comma-separated list of ASM device files
+    inventory: "/u01/app/oraInventory"                        # Inventory location
+    gridSwZipFile: "grid_home.zip"                            # Grid infrastructure software ZIP
+    dbSwZipFile: "db_home.zip"                                # Database software ZIP
+    sgaSize: "3G"                                             # Size of the System Global Area
+    pgaSize: "1G"                                             # Size of the Program Global Area
+    processes: 2000                                           # Oracle process limit
+    cpuCount: 4                                               # Number of CPUs to allocate
+    dbName: "PORCLCDB"                                        # Oracle database name
+    hostSwStageLocation: /scratch/software/stage              # Host location where Oracle software ZIPs are staged, same location will be mounted inside the Oracle Restart Pod
+
diff --git a/docs/oraclerestart/provisioning/orestart_db_rupatch_oneoffs_object.txt b/docs/oraclerestart/provisioning/orestart_db_rupatch_oneoffs_object.txt
new file mode 100644
index 00000000..b08bb817
--- /dev/null
+++ b/docs/oraclerestart/provisioning/orestart_db_rupatch_oneoffs_object.txt
@@ -0,0 +1,197 @@
+$ kubectl describe oraclerestarts.database.oracle.com/oraclerestart-sample -n orestart
+Name:         oraclerestart-sample
+Namespace:    orestart
+Labels:       <none>
+Annotations:  OracleRestarts.database.oracle.com/old-spec:
+                {"instDetails":{"name":"dbmc1","swLocStorageSizeInGb":300,"workerNode":["10.0.10.58"],"envVars":[{"name":"IGNORE_CRS_PREREQS","value":"tru...
+API Version:  database.oracle.com/v4
+Kind:         OracleRestart
+Metadata:
+  Creation Timestamp:  2025-10-09T05:53:39Z
+  Finalizers:
+    database.oracle.com/oraclerestartfinalizer
+  Generation:        1
+  Resource Version:  246360830
+  UID:               d37b51c4-58ae-42d9-bec4-983ce94ee540
+Spec:
+  Asm Storage Details:
+    Disks By Size:
+      Disk Names:
+        /dev/asm-disk1
+        /dev/asm-disk2
+      Storage Size In Gb:  50
+  Config Params:
+    Cpu Count:                   4
+    Crs Asm Device List:         /dev/asm-disk1,/dev/asm-disk2
+    Crs Asm Disk Dg:             DATA
+    Crs Asm Disk Dg Redundancy:  external
+    Db Base:                     /u01/app/oracle
+    Db Char Set:                 AL32UTF8
+    Db Data File Dest Dg:        DATA
+    Db Home:                     /u01/app/oracle/product/19c/dbhome_1
+    Db Name:                     PORCLCDB
+    Db One Off Ids:              38336965,34436514
+    Db Recovery File Dest:       DATA
+    Db Response File:
+    Db Sw Zip File:    db_home.zip
+    Grid Base:         /u01/app/grid
+    Grid Home:         /u01/app/19c/grid
+    Grid One Off Ids:  38336965
+    Grid Response File:
+    Grid Sw Zip File:             grid_home.zip
+    Host Sw Stage Location:       /stage/software/19c/19.3.0
+    Inventory:                    /u01/app/oraInventory
+    O Patch Location:             /stage/software/19c
+    O Patch Sw Zip File:          p6880880_190000_Linux-x86-64.zip
+    One Off Location:             /stage/software/19c/oneoff
+    Pdb Name:                     TESTPDB
+    Pga Size:                     1G
+    Processes:                    2000
+    Ru Patch Location:            /stage/software/19c/19.28/37957391
+    Sga Size:                     3G
+    Sw Mount Location:            /u01
+    Sw Stage Pvc:                 pv-stage-vol-claim
+    Sw Stage Pvc Mount Location:  /stage
+  Crs Dg Storage Class:           oci-bv
+  Db Secret:
+    Key File Mount Location:  /mnt/.dbsecrets
+    Key File Name:            key.pem
+    Name:                     db-user-pass-pkutl
+    Pwd File Mount Location:  /mnt/.dbsecrets
+    Pwd File Name:            pwdfile.enc
+  Enable Ons:                 enable
+  Image:                      localhost/oracle/database-orestart:19.3.0-slim
+  Image Pull Policy:          IfNotPresent
+  Inst Details:
+    Env Vars:
+      Name:                     IGNORE_CRS_PREREQS
+      Value:                    true
+      Name:                     IGNORE_DB_PREREQS
+      Value:                    true
+    Name:                       dbmc1
+    Sw Loc Storage Size In Gb:  300
+    Worker Node:
+      10.0.10.58
+  Lb Service:
+  Node Port Svc:
+    Name:  dbmc1-service-nodeport
+    Port Mappings:
+      Node Port:    30007
+      Port:         1521
+      Protocol:     TCP
+      Target Port:  1521
+      Node Port:    30200
+      Port:         6200
+      Protocol:     TCP
+      Target Port:  6200
+    Svc Type:       nodeport
+  Resources:
+    Limits:
+      Cpu:     2
+      Memory:  16Gi
+    Requests:
+      Cpu:     2
+      Memory:  16Gi
+  Security Context:
+    Sysctls:
+      Name:   kernel.shmall
+      Value:  2097152
+      Name:   kernel.sem
+      Value:  250 32000 100 128
+      Name:   kernel.shmmax
+      Value:  8589934592
+      Name:   kernel.shmmni
+      Value:  4096
+  Service Details:
+    Name:  soepdb
+  Ssh Key Secret:
+    Key Mount Location:    /mnt/.ssh
+    Name:                  ssh-key-secret
+    Priv Key Secret Name:  ssh-privkey
+    Pub Key Secret Name:   ssh-pubkey
+  Sw Dg Storage Class:     oci-bv
+Status:
+  Oracle Restart Nodes:
+    Name:  dbmc1-0
+    Node Details:
+      Instance State:  OPEN
+      Pod State:       AVAILABLE
+      Cluster State:   HEALTHY
+      Mounted Devices:
+
+        /dev/asm-disk1
+        /dev/asm-disk2
+      State:  AVAILABLE
+  Asm Details:
+    Diskgroup:
+      Disks:
+        /dev/asm-disk1,/dev/asm-disk2
+      Name:        DATA
+      Redundancy:  EXTERN
+  Conditions:
+    Last Transition Time:  2025-10-09T08:04:31Z
+    Message:               reconcile has been queued
+    Observed Generation:   1
+    Reason:                LastReconcileCycleQueued
+    Status:                True
+    Type:                  ReconcileQueued
+    Last Transition Time:  2025-10-09T13:21:11Z
+    Message:               reconcile completed successfully
+    Observed Generation:   1
+    Reason:                LastReconcileCycleCompleted
+    Status:                True
+    Type:                  ReconcileComplete
+  Config Params:
+    Crs Asm Device List:         /dev/asm-disk1,/dev/asm-disk2
+    Crs Asm Disk Dg:             DATA
+    Crs Asm Disk Dg Redundancy:  external
+    Db Base:                     /u01/app/oracle
+    Db Data File Dest Dg:        DATA
+    Db Home:                     /u01/app/oracle/product/19c/dbhome_1
+    Db Name:                     PORCLCDB
+    Db Recovery File Dest:       DATA
+    Db Response File:
+    Grid Base:  /u01/app/grid
+    Grid Home:  /u01/app/19c/grid
+    Grid Response File:
+    Inventory:     /u01/app/oraInventory
+  Connect String:  dbmc1-0:1521/PORCLCDB
+  Db Secret:
+    Key File Mount Location:  /mnt/.dbsecrets
+    Key File Name:            key.pem
+    Name:                     db-user-pass-pkutl
+    Pwd File Mount Location:  /mnt/.dbsecrets
+    Pwd File Name:            pwdfile.enc
+  Db State:                   OPEN
+  External Connect String:    129.146.0.149:30007/soepdb
+  Pdb Connect String:         dbmc1-0:1521/ORCLPDB
+  Release Update:             19.28.0.0.0
+  Role:                       PRIMARY
+  Service Details:
+    Name:       soepdb
+    Svc State:  service soepdb is running
+  State:        AVAILABLE
+Events:         <none>
+
+
+
+
+-- Patches Details for GI HOME and RDBMS HOME:
+[grid@dbmc1-0 ~]$ $ORACLE_HOME/OPatch/opatch lspatches
+38336965;OCW Interim patch for 38336965
+38124772;TOMCAT RELEASE UPDATE 19.0.0.0.0 (38124772)
+37962938;ACFS RELEASE UPDATE 19.28.0.0.0 (37962938)
+37960098;Database Release Update : 19.28.0.0.250715 (37960098)
+36758186;DBWLM RELEASE UPDATE 19.0.0.0.0 (36758186)
+
+OPatch succeeded.
+
+
+
+
+[oracle@dbmc1-0 ~]$ $ORACLE_HOME/OPatch/opatch lspatches
+34436514;DBCA REPORTS INCORRECT MEMORY IN PODMAN CONTAINERS
+38336965;OCW Interim patch for 38336965
+37960098;Database Release Update : 19.28.0.0.250715 (37960098)
+
+OPatch succeeded.
diff --git a/docs/oraclerestart/provisioning/orestart_loadbalancer_object.txt b/docs/oraclerestart/provisioning/orestart_loadbalancer_object.txt
new file mode 100644
index 00000000..b018eaf0
--- /dev/null
+++ b/docs/oraclerestart/provisioning/orestart_loadbalancer_object.txt
@@ -0,0 +1,169 @@
+$ kubectl describe oraclerestarts.database.oracle.com/oraclerestart-sample -n orestart
+Name:         oraclerestart-sample
+Namespace:    orestart
+Labels:       <none>
+Annotations:  OracleRestarts.database.oracle.com/old-spec:
+                {"instDetails":{"name":"dbmc1","hostSwLocation":"/scratch/orestart/","workerNode":["10.0.10.58"],"envVars":[{"name":"IGNORE_CRS_PREREQS","...
+API Version:  database.oracle.com/v4
+Kind:         OracleRestart
+Metadata:
+  Creation Timestamp:  2025-09-02T19:48:48Z
+  Finalizers:
+    database.oracle.com/oraclerestartfinalizer
+  Generation:        1
+  Resource Version:  230654736
+  UID:               38d28453-0906-4e31-b1cf-b0c2980293fa
+Spec:
+  Asm Storage Details:
+    Disks By Size:
+      Disk Names:
+        /dev/disk/by-partlabel/asm-disk1
+        /dev/disk/by-partlabel/asm-disk2
+      Storage Size In Gb:  50
+  Config Params:
+    Cpu Count:                   4
+    Crs Asm Device List:         /dev/disk/by-partlabel/asm-disk1,/dev/disk/by-partlabel/asm-disk2
+    Crs Asm Disk Dg:             +DATA
+    Crs Asm Disk Dg Redundancy:  external
+    Db Base:                     /u01/app/oracle
+    Db Char Set:                 AL32UTF8
+    Db Data File Dest Dg:        +DATA
+    Db Home:                     /u01/app/oracle/product/19c/dbhome_1
+    Db Name:                     PORCLCDB
+    Db Recovery File Dest:       +DATA
+    Db Response File:
+    Db Sw Zip File:  db_home.zip
+    Grid Base:       /u01/app/grid
+    Grid Home:       /u01/app/19c/grid
+    Grid Response File:
+    Grid Sw Zip File:        grid_home.zip
+    Host Sw Stage Location:  /scratch/software/stage
+    Inventory:               /u01/app/oraInventory
+    Pga Size:                1G
+    Processes:               2000
+    Sga Size:                3G
+    Sw Mount Location:       /u01
+  Db Secret:
+    Key File Mount Location:  /mnt/.dbsecrets
+    Key File Name:            key.pem
+    Name:                     db-user-pass-pkutl
+    Pwd File Mount Location:  /mnt/.dbsecrets
+    Pwd File Name:            pwdfile.enc
+  Image:                      localhost/oracle/database-orestart:19.3.0-slim
+  Image Pull Policy:          IfNotPresent
+  Inst Details:
+    Env Vars:
+      Name:            IGNORE_CRS_PREREQS
+      Value:           true
+      Name:            IGNORE_DB_PREREQS
+      Value:           true
+    Host Sw Location:  /scratch/orestart/
+    Name:              dbmc1
+    Worker Node:
+      10.0.10.58
+  Lb Service:
+    Port Mappings:
+      Port:         1521
+      Protocol:     TCP
+      Target Port:  1521
+      Port:         6200
+      Protocol:     TCP
+      Target Port:  6200
+    Svc Type:       lbservice
+  Resources:
+    Limits:
+      Cpu:     2
+      Memory:  16Gi
+    Requests:
+      Cpu:     2
+      Memory:  16Gi
+  Security Context:
+    Sysctls:
+      Name:   kernel.shmall
+      Value:  2097152
+      Name:   kernel.sem
+      Value:  250 32000 100 128
+      Name:   kernel.shmmax
+      Value:  8589934592
+      Name:   kernel.shmmni
+      Value:  4096
+  Service Details:
+    Name:  soepdb
+  Ssh Key Secret:
+    Key Mount Location:    /mnt/.ssh
+    Name:                  ssh-key-secret
+    Priv Key Secret Name:  ssh-privkey
+    Pub Key Secret Name:   ssh-pubkey
+Status:
+  Oracle Restart Nodes:
+    Name:  dbmc1-0
+    Node Details:
+      Instance State:  OPEN
+      Pod State:       AVAILABLE
+      Cluster State:   HEALTHY
+      Mounted Devices:
+        /dev/disk/by-partlabel/asm-disk1
+        /dev/disk/by-partlabel/asm-disk2
+      State:  AVAILABLE
+  Asm Details:
+    Diskgroup:
+      Disks:
+        /dev/disk/by-partlabel/asm-disk1,/dev/disk/by-partlabel/asm-disk2
+      Name:        DATA
+      Redundancy:  EXTERN
+  Conditions:
+    Last Transition Time:  2025-09-02T20:06:26Z
+    Message:               reconcile has been queued
+    Observed Generation:   1
+    Reason:                LastReconcileCycleQueued
+    Status:                True
+    Type:                  ReconcileQueued
+    Last Transition Time:  2025-09-02T21:13:28Z
+    Message:               reconcile completed successfully
+    Observed Generation:   1
+    Reason:                LastReconcileCycleCompleted
+    Status:                True
+    Type:                  ReconcileComplete
+  Config Params:
+    Crs Asm Device List:         /dev/disk/by-partlabel/asm-disk1,/dev/disk/by-partlabel/asm-disk2
+    Crs Asm Disk Dg:             +DATA
+    Crs Asm Disk Dg Redundancy:  external
+    Db Base:                     /u01/app/oracle
+    Db Data File Dest Dg:        +DATA
+    Db Home:                     /u01/app/oracle/product/19c/dbhome_1
+    Db Name:                     PORCLCDB
+    Db Recovery File Dest:       +DATA
+    Db Response File:
+    Grid Base:  /u01/app/grid
+    Grid Home:  /u01/app/19c/grid
+    Grid Response File:
+    Inventory:     /u01/app/oraInventory
+  Connect String:  dbmc1-0:1521/PORCLCDB
+  Db Secret:
+    Key File Mount Location:  /mnt/.dbsecrets
+    Key File Name:            key.pem
+    Name:                     db-user-pass-pkutl
+    Pwd File Mount Location:  /mnt/.dbsecrets
+    Pwd File Name:            pwdfile.enc
+  Db State:                   OPEN
+  Pdb Connect String:         dbmc1-0:1521/ORCLPDB
+  Release Update:             19.28.0.0.0
+  Role:                       PRIMARY
+  Service Details:
+    Name:       soepdb
+    Svc State:  service soepdb is running
+  State:        AVAILABLE
+Events:         <none>
+
+
+
+$ kubectl get all -n orestart
+NAME          READY   STATUS    RESTARTS   AGE
+pod/dbmc1-0   1/1     Running   0          85m
+
+NAME              TYPE           CLUSTER-IP    EXTERNAL-IP      PORT(S)                         AGE
+service/dbmc1     LoadBalancer   10.96.60.91   XXX.XXX.XXX.XX   1521:32083/TCP,6200:30857/TCP   85m
+service/dbmc1-0   ClusterIP      None          <none>           <none>                          85m
+
+NAME                     READY   AGE
+statefulset.apps/dbmc1   1/1     85m
\ No newline at end of file
diff --git a/docs/oraclerestart/provisioning/orestart_nodeport_object.txt b/docs/oraclerestart/provisioning/orestart_nodeport_object.txt
new file mode 100644
index 00000000..ef1385ac
--- /dev/null
+++ b/docs/oraclerestart/provisioning/orestart_nodeport_object.txt
@@ -0,0 +1,153 @@
+$ kubectl describe oraclerestarts.database.oracle.com/oraclerestart-sample -n orestart
+Name:         oraclerestart-sample
+Namespace:    orestart
+Labels:       <none>
+Annotations:  OracleRestarts.database.oracle.com/old-spec:
+                {"instDetails":{"name":"dbmc1","hostSwLocation":"/scratch/orestart/","workerNode":["10.0.10.58"],"nodePortSvc":[{"name":"dbmc1-service-nod...
+API Version:  database.oracle.com/v4
+Kind:         OracleRestart
+Metadata:
+  Creation Timestamp:  2025-08-20T01:53:13Z
+  Finalizers:
+    database.oracle.com/oraclerestartfinalizer
+  Generation:        1
+  Resource Version:  224754865
+  UID:               f9404b92-c1b2-400d-8fff-9bda472a7d54
+Spec:
+  Asm Storage Details:
+    Disks By Size:
+      Disk Names:
+        /dev/disk/by-partlabel/asm-disk1
+        /dev/disk/by-partlabel/asm-disk2
+      Storage Size In Gb:  50
+  Config Params:
+    Cpu Count:                   4
+    Crs Asm Device List:         /dev/disk/by-partlabel/asm-disk1,/dev/disk/by-partlabel/asm-disk2
+    Crs Asm Disk Dg:             +DATA
+    Crs Asm Disk Dg Redundancy:  external
+    Db Base:                     /u01/app/oracle
+    Db Char Set:                 AL32UTF8
+    Db Data File Dest Dg:        +DATA
+    Db Home:                     /u01/app/oracle/product/19c/dbhome_1
+    Db Name:                     PORCLCDB
+    Db Recovery File Dest:       +DATA
+    Db Response File:
+    Db Sw Zip File:  db_home.zip
+    Grid Base:       /u01/app/grid
+    Grid Home:       /u01/app/19c/grid
+    Grid Response File:
+    Grid Sw Zip File:        grid_home.zip
+    Host Sw Stage Location:  /scratch/software/stage
+    Inventory:               /u01/app/oraInventory
+    Pga Size:                1G
+    Processes:               2000
+    Sga Size:                3G
+    Sw Mount Location:       /u01
+  Db Secret:
+    Key File Mount Location:  /mnt/.dbsecrets
+    Key File Name:            key.pem
+    Name:                     db-user-pass-pkutl
+    Pwd File Mount Location:  /mnt/.dbsecrets
+    Pwd File Name:            pwdfile.enc
+  Image:                      localhost/oracle/database-orestart:19.3.0-slim
+  Image Pull Policy:          Always
+  Inst Details:
+    Host Sw Location:  /scratch/orestart/
+    Name:              dbmc1
+    Node Port Svc:
+      Name:      dbmc1-service-nodeport
+      Svc Type:  nodeport
+    Port Mappings:
+      Node Port:    30007
+      Port:         1521
+      Protocol:     TCP
+      Target Port:  1521
+    Worker Node:
+      10.0.10.58
+  Resources:
+    Limits:
+      Cpu:     2
+      Memory:  16Gi
+    Requests:
+      Cpu:     2
+      Memory:  16Gi
+  Security Context:
+    Sysctls:
+      Name:   kernel.shmall
+      Value:  2097152
+      Name:   kernel.sem
+      Value:  250 32000 100 128
+      Name:   kernel.shmmax
+      Value:  8589934592
+      Name:   kernel.shmmni
+      Value:  4096
+  Service Details:
+    Name:  soepdb
+  Ssh Key Secret:
+    Key Mount Location:    /mnt/.ssh
+    Name:                  ssh-key-secret
+    Priv Key Secret Name:  ssh-privkey
+    Pub Key Secret Name:   ssh-pubkey
+Status:
+  Oracle Restart Nodes:
+    Name:  dbmc1-0
+    Node Details:
+      Instance State:  OPEN
+      Pod State:       AVAILABLE
+      Cluster State:   HEALTHY
+      Mounted Devices:
+        /dev/disk/by-partlabel/asm-disk1
+        /dev/disk/by-partlabel/asm-disk2
+      State:  AVAILABLE
+  Asm Details:
+    Diskgroup:
+      Disks:
+        /dev/disk/by-partlabel/asm-disk1,/dev/disk/by-partlabel/asm-disk2
+      Name:        DATA
+      Redundancy:  EXTERN
+  Conditions:
+    Last Transition Time:  2025-08-20T02:04:46Z
+    Message:               oracle restart database is in a restricted state: PROVISIONING
+    Observed Generation:   1
+    Reason:                LastReconcileCycleQueued
+    Status:                True
+    Type:                  ReconcileQueued
+    Last Transition Time:  2025-08-20T04:22:18Z
+    Message:               no reconcile errors
+    Observed Generation:   1
+    Reason:                LastReconcileCycleCompleted
+    Status:                True
+    Type:                  ReconcileComplete
+  Config Params:
+    Crs Asm Device List:         /dev/disk/by-partlabel/asm-disk1,/dev/disk/by-partlabel/asm-disk2
+    Crs Asm Disk Dg:             +DATA
+    Crs Asm Disk Dg Redundancy:  external
+    Db Base:                     /u01/app/oracle
+    Db Data File Dest Dg:        +DATA
+    Db Home:                     /u01/app/oracle/product/19c/dbhome_1
+    Db Name:                     PORCLCDB
+    Db Recovery File Dest:       +DATA
+    Db Response File:
+    Grid Base:  /u01/app/grid
+    Grid Home:  /u01/app/19c/grid
+    Grid Response File:
+    Inventory:     /u01/app/oraInventory
+  Connect String:  dbmc1-0:1521/PORCLCDB
+  Db Secret:
+    Key File Mount Location:  /mnt/.dbsecrets
+    Key File Name:            key.pem
+    Name:                     db-user-pass-pkutl
+    Pwd File Mount Location:  /mnt/.dbsecrets
+    Pwd File Name:            pwdfile.enc
+  Db State:                   OPEN
+  External Connect String:    129.146.0.149:30007/soepdb
+  Inst Details:
+    Name:
+  Pdb Connect String:  dbmc1-0:1521/ORCLPDB
+  Release Update:      19.28.0.0.0
+  Role:                PRIMARY
+  Service Details:
+    Name:       soepdb
+    Svc State:  service soepdb is running
+  State:        AVAILABLE
+Events:         <none>
\ No newline at end of file
diff --git a/docs/oraclerestart/provisioning/orestart_object.txt b/docs/oraclerestart/provisioning/orestart_object.txt
new file mode 100644
index 00000000..41fb5c50
--- /dev/null
+++ b/docs/oraclerestart/provisioning/orestart_object.txt
@@ -0,0 +1,147 @@
+$ kubectl describe oraclerestarts.database.oracle.com/oraclerestart-sample -n orestart
+Name:         oraclerestart-sample
+Namespace:    orestart
+Labels:       <none>
+Annotations:  OracleRestarts.database.oracle.com/old-spec:
+                {"instDetails":{"name":"dbmc1","hostSwLocation":"/scratch/orestart/","workerNode":["10.0.10.58"],"envVars":[{"name":"IGNORE_CRS_PREREQS","...
+API Version:  database.oracle.com/v4
+Kind:         OracleRestart
+Metadata:
+  Creation Timestamp:  2025-08-27T03:31:52Z
+  Finalizers:
+    database.oracle.com/oraclerestartfinalizer
+  Generation:        1
+  Resource Version:  227759597
+  UID:               41235735-cadc-49d3-b198-56e6bb4a1d9f
+Spec:
+  Asm Storage Details:
+    Disks By Size:
+      Disk Names:
+        /dev/disk/by-partlabel/asm-disk1
+        /dev/disk/by-partlabel/asm-disk2
+      Storage Size In Gb:  50
+  Config Params:
+    Cpu Count:                   4
+    Crs Asm Device List:         /dev/disk/by-partlabel/asm-disk1,/dev/disk/by-partlabel/asm-disk2
+    Crs Asm Disk Dg:             +DATA
+    Crs Asm Disk Dg Redundancy:  external
+    Db Base:                     /u01/app/oracle
+    Db Char Set:                 AL32UTF8
+    Db Data File Dest Dg:        +DATA
+    Db Home:                     /u01/app/oracle/product/19c/dbhome_1
+    Db Name:                     PORCLCDB
+    Db Recovery File Dest:       +DATA
+    Db Response File:
+    Db Sw Zip File:  db_home.zip
+    Grid Base:       /u01/app/grid
+    Grid Home:       /u01/app/19c/grid
+    Grid Response File:
+    Grid Sw Zip File:        grid_home.zip
+    Host Sw Stage Location:  /scratch/software/stage
+    Inventory:               /u01/app/oraInventory
+    Pga Size:                1G
+    Processes:               2000
+    Sga Size:                3G
+    Sw Mount Location:       /u01
+  Db Secret:
+    Key File Mount Location:  /mnt/.dbsecrets
+    Key File Name:            key.pem
+    Name:                     db-user-pass-pkutl
+    Pwd File Mount Location:  /mnt/.dbsecrets
+    Pwd File Name:            pwdfile.enc
+  Image:                      localhost/oracle/database-orestart:19.3.0-slim
+  Image Pull Policy:          IfNotPresent
+  Inst Details:
+    Env Vars:
+      Name:            IGNORE_CRS_PREREQS
+      Value:           true
+      Name:            IGNORE_DB_PREREQS
+      Value:           true
+    Host Sw Location:  /scratch/orestart/
+    Name:              dbmc1
+    Worker Node:
+      10.0.10.58
+  Resources:
+    Limits:
+      Cpu:     2
+      Memory:  16Gi
+    Requests:
+      Cpu:     2
+      Memory:  16Gi
+  Security Context:
+    Sysctls:
+      Name:   kernel.shmall
+      Value:  2097152
+      Name:   kernel.sem
+      Value:  250 32000 100 128
+      Name:   kernel.shmmax
+      Value:  8589934592
+      Name:   kernel.shmmni
+      Value:  4096
+  Service Details:
+    Name:  soepdb
+  Ssh Key Secret:
+    Key Mount Location:    /mnt/.ssh
+    Name:                  ssh-key-secret
+    Priv Key Secret Name:  ssh-privkey
+    Pub Key Secret Name:   ssh-pubkey
+Status:
+  Oracle Restart Nodes:
+    Name:  dbmc1-0
+    Node Details:
+      Instance State:  OPEN
+      Pod State:       AVAILABLE
+      Cluster State:   HEALTHY
+      Mounted Devices:
+        /dev/disk/by-partlabel/asm-disk1
+        /dev/disk/by-partlabel/asm-disk2
+      State:  AVAILABLE
+  Asm Details:
+    Diskgroup:
+      Disks:
+        /dev/disk/by-partlabel/asm-disk1,/dev/disk/by-partlabel/asm-disk2
+      Name:        DATA
+      Redundancy:  EXTERN
+  Conditions:
+    Last Transition Time:  2025-08-27T03:43:52Z
+    Message:               reconcile has been queued
+    Observed Generation:   1
+    Reason:                LastReconcileCycleQueued
+    Status:                True
+    Type:                  ReconcileQueued
+    Last Transition Time:  2025-08-27T03:58:18Z
+    Message:               reconcile completed successfully
+    Observed Generation:   1
+    Reason:                LastReconcileCycleCompleted
+    Status:                True
+    Type:                  ReconcileComplete
+  Config Params:
+    Crs Asm Device List:         /dev/disk/by-partlabel/asm-disk1,/dev/disk/by-partlabel/asm-disk2
+    Crs Asm Disk Dg:             +DATA
+    Crs Asm Disk Dg Redundancy:  external
+    Db Base:                     /u01/app/oracle
+    Db Data File Dest Dg:        +DATA
+    Db Home:                     /u01/app/oracle/product/19c/dbhome_1
+    Db Name:                     PORCLCDB
+    Db Recovery File Dest:       +DATA
+    Db Response File:
+    Grid Base:  /u01/app/grid
+    Grid Home:  /u01/app/19c/grid
+    Grid Response File:
+    Inventory:     /u01/app/oraInventory
+  Connect String:  dbmc1-0:1521/PORCLCDB
+  Db Secret:
+    Key File Mount Location:  /mnt/.dbsecrets
+    Key File Name:            key.pem
+    Name:                     db-user-pass-pkutl
+    Pwd File Mount Location:  /mnt/.dbsecrets
+    Pwd File Name:            pwdfile.enc
+  Db State:                   OPEN
+  Pdb Connect String:         dbmc1-0:1521/ORCLPDB
+  Release Update:             19.28.0.0.0
+  Role:                       PRIMARY
+  Service Details:
+    Name:       soepdb
+    Svc State:  service soepdb is running
+  State:        AVAILABLE
+Events:         <none>
\ No newline at end of file
diff --git a/docs/oraclerestart/provisioning/orestart_prov_asm_disk_addition.yaml b/docs/oraclerestart/provisioning/orestart_prov_asm_disk_addition.yaml
new file mode 100644
index 00000000..8f36a496
--- /dev/null
+++ b/docs/oraclerestart/provisioning/orestart_prov_asm_disk_addition.yaml
@@ -0,0 +1,120 @@
+# API version of the OracleRestart Custom Resource
+apiVersion: database.oracle.com/v4
+
+# Resource type being created
+kind: OracleRestart
+
+# Metadata section to define the resource's name and namespace
+metadata:
+  name: oraclerestart-sample          # Name of the OracleRestart instance
+  namespace: orestart                 # Kubernetes namespace to deploy into
+
+spec:
+  # Instance details for Oracle Restart
+  instDetails:
+    name: dbmc1                       # Logical name of the OracleRestart instance
+    hostSwLocation: /scratch/orestart/  # Host directory for Oracle GI HOME and Oracle RDBMS HOME
+
+    # Worker nodes where the instance should be scheduled
+    workerNode:
+      - 10.0.10.58                   # IP address of the target node for deployment
+
+    # Environment variables in case you want to want to ignore prerequisite checks during the GI/RDBSMS Install
+    envVars:
+      - name: IGNORE_CRS_PREREQS     # If set to true, it will use flags -ignorePreReq and -ignorePrereqFailure during the CRS Installation. Do not set this parameter in the .yaml file if you do not want to use the parameters -ignorePreReq and -ignorePrereqFailure during the CRS Installation.
+        value: "true"
+      - name: IGNORE_DB_PREREQS      # If set to true, it will use flags -ignorePrereq and -ignorePrereqFailure during the DB Software Installation. Do not set this parameter in the .yaml file if you do not want to use the parameters -ignorePreReq and -ignorePrereqFailure during the DB Software Installation.
+        value: "true"
+
+  # NodePort service configuration for exposing DB port externally
+  nodePortSvc:
+    name: dbmc1-service-nodeport  # Name of the Kubernetes Service
+    svcType: nodeport             # Service type (NodePort to expose externally)
+
+    # Mapping between container and host ports
+    portMappings:
+      - port: 1521                    # Port inside container (Oracle Listener port)
+        targetPort: 1521              # Target port for the service
+        protocol: TCP                 # Protocol type (TCP for Oracle)
+        nodePort: 30007               # Host port exposed on worker node (must be in NodePort range)
+      - port: 6200                    # Port inside container (for ONS)
+        targetPort: 6200              # Target port for the service
+        protocol: TCP                 # Protocol type (TCP for Oracle)
+        nodePort: 30200               # Host port exposed on worker node (must be in NodePort range)        
+  enableOns: "enable"                 # If you want to have ONS notification configured on the specified port. Default value is "enable"        
+
+  # ASM (Automatic Storage Management) storage configuration
+  asmStorageDetails:
+    disksBySize:
+      - storageSizeInGb: 50          # Each disk in this group has 50Gi of storage
+        diskNames:
+          - /dev/disk/by-partlabel/asm-disk1  # ASM disk device path 1
+          - /dev/disk/by-partlabel/asm-disk2  # ASM disk device path 2
+          - /dev/disk/by-partlabel/asm-disk3  # ASM disk device path 3
+          - /dev/disk/by-partlabel/asm-disk4  # ASM disk device path 4
+    autoUpdate: "true"
+
+  # SSH key secret used for remote access and automation
+  sshKeySecret:
+    name: ssh-key-secret          # Kubernetes secret name
+    privKeySecretName: ssh-privkey  # Private key inside secret
+    pubKeySecretName: ssh-pubkey    # Public key inside secret
+
+  # Secret containing DB user credentials
+  dbSecret:
+    name: db-user-pass-pkutl     # Secret name
+    keyFileName: key.pem         # Key file name inside secret
+    pwdFileName: pwdfile.enc     # Password file name inside secret
+
+  # Image for Oracle Restart container
+  image: dbocir/oracle/database-orestart:19.3.0-slim  # <-- Replace with your image registry
+
+  # Policy to pull image
+  # Use the value as "Always" if you want use the latest version of the image from the container registry.
+  # Use the value as "IfNotPresent" it the image is not already present locally.
+  imagePullPolicy: IfNotPresent
+
+  # Optional service account for security context permissions
+  # serviceAccountName: oraclerestart   # <-- Required for OpenShift; optional for vanilla Kubernetes
+
+  # Service-specific database name and related details
+  serviceDetails:
+    name: soepdb                     # Name of the Oracle service (pluggable DB)
+
+  # Resource requests and limits for memory and CPU
+  resources:
+    requests:
+      memory: "16Gi"                 # Minimum memory required
+      cpu: "2"                       # Minimum CPU required
+    limits:
+      memory: "16Gi"                 # Max memory allowed
+      cpu: "2"                       # Max CPU allowed
+
+  # Kernel-level system control parameters for Oracle
+  securityContext:
+    sysctls:
+      - name: kernel.shmall
+        value: "2097152"
+      - name: kernel.sem
+        value: "250 32000 100 128"
+      - name: kernel.shmmax
+        value: "8589934592"
+      - name: kernel.shmmni
+        value: "4096"
+
+  # Configuration parameters for Oracle Grid and Database homes
+  configParams:
+    gridHome: "/u01/app/19c/grid"                             # Oracle Grid home path
+    gridBase: "/u01/app/grid"                                 # Grid base directory
+    dbHome: "/u01/app/oracle/product/19c/dbhome_1"            # Oracle DB home path
+    dbBase: "/u01/app/oracle"                                 # Oracle base directory
+    crsAsmDeviceList: /dev/disk/by-partlabel/asm-disk1,/dev/disk/by-partlabel/asm-disk2,/dev/disk/by-partlabel/asm-disk3,/dev/disk/by-partlabel/asm-disk4   # Comma-separated list of ASM device files
+    inventory: "/u01/app/oraInventory"                        # Inventory location
+    gridSwZipFile: "grid_home.zip"                            # Grid infrastructure software ZIP
+    dbSwZipFile: "db_home.zip"                                # Database software ZIP
+    sgaSize: "3G"                                             # Size of the System Global Area
+    pgaSize: "1G"                                             # Size of the Program Global Area
+    processes: 2000                                           # Oracle process limit
+    cpuCount: 4                                               # Number of CPUs to allocate
+    dbName: "PORCLCDB"                                        # Oracle database name
+    hostSwStageLocation: /scratch/software/stage              # Host location where Oracle software ZIPs are staged, same location will be mounted inside the Oracle Restart Pod
diff --git a/docs/oraclerestart/provisioning/orestart_prov_asm_disk_addition_autoupdate_false.yaml b/docs/oraclerestart/provisioning/orestart_prov_asm_disk_addition_autoupdate_false.yaml
new file mode 100644
index 00000000..532cdc00
--- /dev/null
+++ b/docs/oraclerestart/provisioning/orestart_prov_asm_disk_addition_autoupdate_false.yaml
@@ -0,0 +1,120 @@
+# API version of the OracleRestart Custom Resource
+apiVersion: database.oracle.com/v4
+
+# Resource type being created
+kind: OracleRestart
+
+# Metadata section to define the resource's name and namespace
+metadata:
+  name: oraclerestart-sample          # Name of the OracleRestart instance
+  namespace: orestart                 # Kubernetes namespace to deploy into
+
+spec:
+  # Instance details for Oracle Restart
+  instDetails:
+    name: dbmc1                       # Logical name of the OracleRestart instance
+    hostSwLocation: /scratch/orestart/  # Host directory for Oracle GI HOME and Oracle RDBMS HOME
+
+    # Worker nodes where the instance should be scheduled
+    workerNode:
+      - 10.0.10.58                   # IP address of the target node for deployment
+
+    # Environment variables in case you want to want to ignore prerequisite checks during the GI/RDBSMS Install
+    envVars:
+      - name: IGNORE_CRS_PREREQS     # If set to true, it will use flags -ignorePreReq and -ignorePrereqFailure during the CRS Installation. Do not set this parameter in the .yaml file if you do not want to use the parameters -ignorePreReq and -ignorePrereqFailure during the CRS Installation.
+        value: "true"
+      - name: IGNORE_DB_PREREQS      # If set to true, it will use flags -ignorePrereq and -ignorePrereqFailure during the DB Software Installation. Do not set this parameter in the .yaml file if you do not want to use the parameters -ignorePreReq and -ignorePrereqFailure during the DB Software Installation.
+        value: "true"
+
+  # NodePort service configuration for exposing DB port externally
+  nodePortSvc:
+    name: dbmc1-service-nodeport  # Name of the Kubernetes Service
+    svcType: nodeport             # Service type (NodePort to expose externally)
+
+    # Mapping between container and host ports
+    portMappings:
+      - port: 1521                    # Port inside container (Oracle Listener port)
+        targetPort: 1521              # Target port for the service
+        protocol: TCP                 # Protocol type (TCP for Oracle)
+        nodePort: 30007               # Host port exposed on worker node (must be in NodePort range)
+      - port: 6200                    # Port inside container (for ONS)
+        targetPort: 6200              # Target port for the service
+        protocol: TCP                 # Protocol type (TCP for Oracle)
+        nodePort: 30200               # Host port exposed on worker node (must be in NodePort range)        
+  enableOns: "enable"                 # If you want to have ONS notification configured on the specified port. Default value is "enable"        
+
+  # ASM (Automatic Storage Management) storage configuration
+  asmStorageDetails:
+    disksBySize:
+      - storageSizeInGb: 50          # Each disk in this group has 50Gi of storage
+        diskNames:
+          - /dev/disk/by-partlabel/asm-disk1  # ASM disk device path 1
+          - /dev/disk/by-partlabel/asm-disk2  # ASM disk device path 2
+          - /dev/disk/by-partlabel/asm-disk3  # ASM disk device path 3
+          - /dev/disk/by-partlabel/asm-disk4  # ASM disk device path 4
+    autoUpdate: "false"
+
+  # SSH key secret used for remote access and automation
+  sshKeySecret:
+    name: ssh-key-secret          # Kubernetes secret name
+    privKeySecretName: ssh-privkey  # Private key inside secret
+    pubKeySecretName: ssh-pubkey    # Public key inside secret
+
+  # Secret containing DB user credentials
+  dbSecret:
+    name: db-user-pass-pkutl     # Secret name
+    keyFileName: key.pem         # Key file name inside secret
+    pwdFileName: pwdfile.enc     # Password file name inside secret
+
+  # Image for Oracle Restart container
+  image: dbocir/oracle/database-orestart:19.3.0-slim  # <-- Replace with your image registry
+
+  # Policy to pull image
+  # Use the value as "Always" if you want use the latest version of the image from the container registry.
+  # Use the value as "IfNotPresent" it the image is not already present locally.
+  imagePullPolicy: IfNotPresent
+
+  # Optional service account for security context permissions
+  # serviceAccountName: oraclerestart   # <-- Required for OpenShift; optional for vanilla Kubernetes
+
+  # Service-specific database name and related details
+  serviceDetails:
+    name: soepdb                     # Name of the Oracle service (pluggable DB)
+
+  # Resource requests and limits for memory and CPU
+  resources:
+    requests:
+      memory: "16Gi"                 # Minimum memory required
+      cpu: "2"                       # Minimum CPU required
+    limits:
+      memory: "16Gi"                 # Max memory allowed
+      cpu: "2"                       # Max CPU allowed
+
+  # Kernel-level system control parameters for Oracle
+  securityContext:
+    sysctls:
+      - name: kernel.shmall
+        value: "2097152"
+      - name: kernel.sem
+        value: "250 32000 100 128"
+      - name: kernel.shmmax
+        value: "8589934592"
+      - name: kernel.shmmni
+        value: "4096"
+
+  # Configuration parameters for Oracle Grid and Database homes
+  configParams:
+    gridHome: "/u01/app/19c/grid"                             # Oracle Grid home path
+    gridBase: "/u01/app/grid"                                 # Grid base directory
+    dbHome: "/u01/app/oracle/product/19c/dbhome_1"            # Oracle DB home path
+    dbBase: "/u01/app/oracle"                                 # Oracle base directory
+    crsAsmDeviceList: /dev/disk/by-partlabel/asm-disk1,/dev/disk/by-partlabel/asm-disk2,/dev/disk/by-partlabel/asm-disk3,/dev/disk/by-partlabel/asm-disk4   # Comma-separated list of ASM device files
+    inventory: "/u01/app/oraInventory"                        # Inventory location
+    gridSwZipFile: "grid_home.zip"                            # Grid infrastructure software ZIP
+    dbSwZipFile: "db_home.zip"                                # Database software ZIP
+    sgaSize: "3G"                                             # Size of the System Global Area
+    pgaSize: "1G"                                             # Size of the Program Global Area
+    processes: 2000                                           # Oracle process limit
+    cpuCount: 4                                               # Number of CPUs to allocate
+    dbName: "PORCLCDB"                                        # Oracle database name
+    hostSwStageLocation: /scratch/software/stage              # Host location where Oracle software ZIPs are staged, same location will be mounted inside the Oracle Restart Pod
diff --git a/docs/oraclerestart/provisioning/orestart_prov_asm_disk_deletion.yaml b/docs/oraclerestart/provisioning/orestart_prov_asm_disk_deletion.yaml
new file mode 100644
index 00000000..a91d967b
--- /dev/null
+++ b/docs/oraclerestart/provisioning/orestart_prov_asm_disk_deletion.yaml
@@ -0,0 +1,116 @@
+# API version of the OracleRestart Custom Resource
+apiVersion: database.oracle.com/v4
+
+# Resource type being created
+kind: OracleRestart
+
+# Metadata section to define the resource's name and namespace
+metadata:
+  name: oraclerestart-sample          # Name of the OracleRestart instance
+  namespace: orestart                 # Kubernetes namespace to deploy into
+
+spec:
+  # Instance details for Oracle Restart
+  instDetails:
+    name: dbmc1                       # Logical name of the OracleRestart instance
+    hostSwLocation: /scratch/orestart/  # Host directory for Oracle GI HOME and Oracle RDBMS HOME
+
+    # Worker nodes where the instance should be scheduled
+    workerNode:
+      - 10.0.10.58                   # IP address of the target node for deployment
+
+    # Environment variables in case you want to want to ignore prerequisite checks during the GI/RDBSMS Install
+    envVars:
+      - name: IGNORE_CRS_PREREQS     # If set to true, it will use flags -ignorePreReq and -ignorePrereqFailure during the CRS Installation. Do not set this parameter in the .yaml file if you do not want to use the parameters -ignorePreReq and -ignorePrereqFailure during the CRS Installation.
+        value: "true"
+      - name: IGNORE_DB_PREREQS      # If set to true, it will use flags -ignorePrereq and -ignorePrereqFailure during the DB Software Installation. Do not set this parameter in the .yaml file if you do not want to use the parameters -ignorePreReq and -ignorePrereqFailure during the DB Software Installation.
+        value: "true"
+
+  # NodePort service configuration for exposing DB port externally
+  nodePortSvc:
+    name: dbmc1-service-nodeport  # Name of the Kubernetes Service
+    svcType: nodeport             # Service type (NodePort to expose externally)
+
+    # Mapping between container and host ports
+    portMappings:
+      - port: 1521                    # Port inside container (Oracle Listener port)
+        targetPort: 1521              # Target port for the service
+        protocol: TCP                 # Protocol type (TCP for Oracle)
+        nodePort: 30007               # Host port exposed on worker node (must be in NodePort range)
+      - port: 6200                    # Port inside container (for ONS)
+        targetPort: 6200              # Target port for the service
+        protocol: TCP                 # Protocol type (TCP for Oracle)
+        nodePort: 30200               # Host port exposed on worker node (must be in NodePort range)        
+  enableOns: "enable"                 # If you want to have ONS notification configured on the specified port. Default value is "enable"        
+
+  # ASM (Automatic Storage Management) storage configuration
+  asmStorageDetails:
+    disksBySize:
+      - storageSizeInGb: 50          # Each disk in this group has 50Gi of storage
+        diskNames:
+          - /dev/disk/by-partlabel/asm-disk1  # ASM disk device path 1
+
+  # SSH key secret used for remote access and automation
+  sshKeySecret:
+    name: ssh-key-secret          # Kubernetes secret name
+    privKeySecretName: ssh-privkey  # Private key inside secret
+    pubKeySecretName: ssh-pubkey    # Public key inside secret
+
+  # Secret containing DB user credentials
+  dbSecret:
+    name: db-user-pass-pkutl     # Secret name
+    keyFileName: key.pem         # Key file name inside secret
+    pwdFileName: pwdfile.enc     # Password file name inside secret
+
+  # Image for Oracle Restart container
+  image: dbocir/oracle/database-orestart:19.3.0-slim  # <-- Replace with your image registry
+
+  # Policy to pull image
+  # Use the value as "Always" if you want use the latest version of the image from the container registry.
+  # Use the value as "IfNotPresent" it the image is not already present locally.
+  imagePullPolicy: IfNotPresent
+
+  # Optional service account for security context permissions
+  # serviceAccountName: oraclerestart   # <-- Required for OpenShift; optional for vanilla Kubernetes
+
+  # Service-specific database name and related details
+  serviceDetails:
+    name: soepdb                     # Name of the Oracle service (pluggable DB)
+
+  # Resource requests and limits for memory and CPU
+  resources:
+    requests:
+      memory: "16Gi"                 # Minimum memory required
+      cpu: "2"                       # Minimum CPU required
+    limits:
+      memory: "16Gi"                 # Max memory allowed
+      cpu: "2"                       # Max CPU allowed
+
+  # Kernel-level system control parameters for Oracle
+  securityContext:
+    sysctls:
+      - name: kernel.shmall
+        value: "2097152"
+      - name: kernel.sem
+        value: "250 32000 100 128"
+      - name: kernel.shmmax
+        value: "8589934592"
+      - name: kernel.shmmni
+        value: "4096"
+
+  # Configuration parameters for Oracle Grid and Database homes
+  configParams:
+    gridHome: "/u01/app/19c/grid"                             # Oracle Grid home path
+    gridBase: "/u01/app/grid"                                 # Grid base directory
+    dbHome: "/u01/app/oracle/product/19c/dbhome_1"            # Oracle DB home path
+    dbBase: "/u01/app/oracle"                                 # Oracle base directory
+    crsAsmDeviceList: /dev/disk/by-partlabel/asm-disk1        # Comma-separated list of ASM device files
+    inventory: "/u01/app/oraInventory"                        # Inventory location
+    gridSwZipFile: "grid_home.zip"                            # Grid infrastructure software ZIP
+    dbSwZipFile: "db_home.zip"                                # Database software ZIP
+    sgaSize: "3G"                                             # Size of the System Global Area
+    pgaSize: "1G"                                             # Size of the Program Global Area
+    processes: 2000                                           # Oracle process limit
+    cpuCount: 4                                               # Number of CPUs to allocate
+    dbName: "PORCLCDB"                                        # Oracle database name
+    hostSwStageLocation: /scratch/software/stage              # Host location where Oracle software ZIPs are staged, same location will be mounted inside the Oracle Restart Pod
diff --git a/docs/oraclerestart/provisioning/orestart_rupatch_object.txt b/docs/oraclerestart/provisioning/orestart_rupatch_object.txt
new file mode 100644
index 00000000..c2868d6b
--- /dev/null
+++ b/docs/oraclerestart/provisioning/orestart_rupatch_object.txt
@@ -0,0 +1,176 @@
+$ kubectl describe oraclerestarts.database.oracle.com/oraclerestart-sample -n orestart
+Name:         oraclerestart-sample
+Namespace:    orestart
+Labels:       <none>
+Annotations:  OracleRestarts.database.oracle.com/old-spec:
+                {"instDetails":{"name":"dbmc1","hostSwLocation":"/scratch/orestart/","workerNode":["10.0.10.58"],"nodePortSvc":[{"name":"dbmc1-service-nod...
+API Version:  database.oracle.com/v4
+Kind:         OracleRestart
+Metadata:
+  Creation Timestamp:  2025-08-20T05:11:47Z
+  Finalizers:
+    database.oracle.com/oraclerestartfinalizer
+  Generation:        1
+  Resource Version:  225105545
+  UID:               6da86e89-0c6b-4c4d-aa14-c04c72071388
+Spec:
+  Asm Storage Details:
+    Disks By Size:
+      Disk Names:
+        /dev/disk/by-partlabel/asm-disk1
+        /dev/disk/by-partlabel/asm-disk2
+      Storage Size In Gb:  50
+  Config Params:
+    Cpu Count:                   4
+    Crs Asm Device List:         /dev/disk/by-partlabel/asm-disk1,/dev/disk/by-partlabel/asm-disk2
+    Crs Asm Disk Dg:             +DATA
+    Crs Asm Disk Dg Redundancy:  external
+    Db Base:                     /u01/app/oracle
+    Db Char Set:                 AL32UTF8
+    Db Data File Dest Dg:        +DATA
+    Db Home:                     /u01/app/oracle/product/19c/dbhome_1
+    Db Name:                     PORCLCDB
+    Db Recovery File Dest:       +DATA
+    Db Response File:
+    Db Sw Zip File:  db_home.zip
+    Grid Base:       /u01/app/grid
+    Grid Home:       /u01/app/19c/grid
+    Grid Response File:
+    Grid Sw Zip File:        grid_home.zip
+    Host Sw Stage Location:  /scratch/software/stage
+    Inventory:               /u01/app/oraInventory
+    O Patch Location:        /scratch/software/opatch
+    O Patch Sw Zip File:     p6880880_190000_Linux-x86-64.zip
+    Pga Size:                1G
+    Processes:               2000
+    Ru Patch Location:       /scratch/software/ru_patch/37957391
+    Sga Size:                3G
+    Sw Mount Location:       /u01
+  Db Secret:
+    Key File Mount Location:  /mnt/.dbsecrets
+    Key File Name:            key.pem
+    Name:                     db-user-pass-pkutl
+    Pwd File Mount Location:  /mnt/.dbsecrets
+    Pwd File Name:            pwdfile.enc
+  Image:                      localhost/oracle/database-orestart:19.3.0-slim
+  Image Pull Policy:          Always
+  Inst Details:
+    Host Sw Location:  /scratch/orestart/
+    Name:              dbmc1
+    Node Port Svc:
+      Name:      dbmc1-service-nodeport
+      Svc Type:  nodeport
+    Port Mappings:
+      Node Port:    30007
+      Port:         1521
+      Protocol:     TCP
+      Target Port:  1521
+    Worker Node:
+      10.0.10.58
+  Resources:
+    Limits:
+      Cpu:     2
+      Memory:  16Gi
+    Requests:
+      Cpu:     2
+      Memory:  16Gi
+  Security Context:
+    Sysctls:
+      Name:   kernel.shmall
+      Value:  2097152
+      Name:   kernel.sem
+      Value:  250 32000 100 128
+      Name:   kernel.shmmax
+      Value:  8589934592
+      Name:   kernel.shmmni
+      Value:  4096
+  Service Details:
+    Name:  soepdb
+  Ssh Key Secret:
+    Key Mount Location:    /mnt/.ssh
+    Name:                  ssh-key-secret
+    Priv Key Secret Name:  ssh-privkey
+    Pub Key Secret Name:   ssh-pubkey
+Status:
+  Oracle Restart Nodes:
+    Name:  dbmc1-0
+    Node Details:
+      Instance State:  OPEN
+      Pod State:       AVAILABLE
+      Cluster State:   GI_NOT_INSTALLED_OR_CONFIGURED
+      Mounted Devices:
+        /dev/disk/by-partlabel/asm-disk1
+        /dev/disk/by-partlabel/asm-disk2
+      State:  AVAILABLE
+  Asm Details:
+    Diskgroup:
+      Disks:
+        /dev/disk/by-partlabel/asm-disk1,/dev/disk/by-partlabel/asm-disk2
+      Name:        DATA
+      Redundancy:  EXTERN
+  Conditions:
+    Last Transition Time:  2025-08-20T06:23:57Z
+    Message:               oracle restart database is in a restricted state: PROVISIONING
+    Observed Generation:   1
+    Reason:                LastReconcileCycleQueued
+    Status:                True
+    Type:                  ReconcileQueued
+    Last Transition Time:  2025-08-20T23:52:35Z
+    Message:               no reconcile errors
+    Observed Generation:   1
+    Reason:                LastReconcileCycleCompleted
+    Status:                True
+    Type:                  ReconcileComplete
+  Config Params:
+    Crs Asm Device List:         /dev/disk/by-partlabel/asm-disk1,/dev/disk/by-partlabel/asm-disk2
+    Crs Asm Disk Dg:             +DATA
+    Crs Asm Disk Dg Redundancy:  external
+    Db Base:                     /u01/app/oracle
+    Db Data File Dest Dg:        +DATA
+    Db Home:                     /u01/app/oracle/product/19c/dbhome_1
+    Db Name:                     PORCLCDB
+    Db Recovery File Dest:       +DATA
+    Db Response File:
+    Grid Base:  /u01/app/grid
+    Grid Home:  /u01/app/19c/grid
+    Grid Response File:
+    Inventory:     /u01/app/oraInventory
+  Connect String:  dbmc1-0:1521/PORCLCDB
+  Db Secret:
+    Key File Mount Location:  /mnt/.dbsecrets
+    Key File Name:            key.pem
+    Name:                     db-user-pass-pkutl
+    Pwd File Mount Location:  /mnt/.dbsecrets
+    Pwd File Name:            pwdfile.enc
+  Db State:                   OPEN
+  External Connect String:    129.146.0.149:30007/soepdb
+  Inst Details:
+    Name:
+  Pdb Connect String:  dbmc1-0:1521/ORCLPDB
+  Release Update:      19.28.0.0.0
+  Role:                PRIMARY
+  Service Details:
+    Name:       soepdb
+    Svc State:  service soepdb is running
+  State:        AVAILABLE
+Events:         <none>
+
+
+
+# When the 19.28 RU Patch 37957391 is applied to both the GI HOME and RDBMS HOME, you can check the status of the patches applied once the deployment is completed:
+
+[grid@dbmc1-0 ~]$ $ORACLE_HOME/OPatch/opatch lspatches
+37962946;OCW RELEASE UPDATE 19.28.0.0.0 (37962946)
+37962938;ACFS RELEASE UPDATE 19.28.0.0.0 (37962938)
+37960098;Database Release Update : 19.28.0.0.250715 (37960098)
+37954209;TOMCAT RELEASE UPDATE 19.0.0.0.0 (37954209)
+36758186;DBWLM RELEASE UPDATE 19.0.0.0.0 (36758186)
+
+OPatch succeeded.
+
+
+[oracle@dbmc1-0 ~]$ $ORACLE_HOME/OPatch/opatch lspatches
+37962946;OCW RELEASE UPDATE 19.28.0.0.0 (37962946)
+37960098;Database Release Update : 19.28.0.0.250715 (37960098)
+
+OPatch succeeded.
\ No newline at end of file
diff --git a/docs/oraclerestart/provisioning/orestart_rupatch_pvc_object.txt b/docs/oraclerestart/provisioning/orestart_rupatch_pvc_object.txt
new file mode 100644
index 00000000..31bfa302
--- /dev/null
+++ b/docs/oraclerestart/provisioning/orestart_rupatch_pvc_object.txt
@@ -0,0 +1,209 @@
+$ kubectl describe oraclerestarts.database.oracle.com/oraclerestart-sample -n orestart
+Name:         oraclerestart-sample
+Namespace:    orestart
+Labels:       <none>
+Annotations:  OracleRestarts.database.oracle.com/old-spec:
+                {"instDetails":{"name":"dbmc1","swLocStorageSizeInGb":300,"workerNode":["10.0.10.58"],"envVars":[{"name":"IGNORE_CRS_PREREQS","value":"tru...
+API Version:  database.oracle.com/v4
+Kind:         OracleRestart
+Metadata:
+  Creation Timestamp:  2025-10-09T13:31:37Z
+  Finalizers:
+    database.oracle.com/oraclerestartfinalizer
+  Generation:        1
+  Resource Version:  246434925
+  UID:               0a283621-f64c-4d34-ad46-92e02376d7ad
+Spec:
+  Asm Storage Details:
+    Disks By Size:
+      Disk Names:
+        /dev/asm-disk1
+        /dev/asm-disk2
+      Storage Size In Gb:  50
+  Config Params:
+    Cpu Count:                   4
+    Crs Asm Device List:         /dev/asm-disk1,/dev/asm-disk2
+    Crs Asm Disk Dg:             DATA
+    Crs Asm Disk Dg Redundancy:  external
+    Db Base:                     /u01/app/oracle
+    Db Char Set:                 AL32UTF8
+    Db Data File Dest Dg:        DATA
+    Db Home:                     /u01/app/oracle/product/19c/dbhome_1
+    Db Name:                     PORCLCDB
+    Db Recovery File Dest:       DATA
+    Db Response File:
+    Db Sw Zip File:  db_home.zip
+    Grid Base:       /u01/app/grid
+    Grid Home:       /u01/app/19c/grid
+    Grid Response File:
+    Grid Sw Zip File:             grid_home.zip
+    Host Sw Stage Location:       /stage/software/19c/19.3.0
+    Inventory:                    /u01/app/oraInventory
+    O Patch Location:             /stage/software/19c
+    O Patch Sw Zip File:          p6880880_190000_Linux-x86-64.zip
+    Pdb Name:                     TESTPDB
+    Pga Size:                     1G
+    Processes:                    2000
+    Ru Patch Location:            /stage/software/19c/19.28/37957391
+    Sga Size:                     3G
+    Sw Mount Location:            /u01
+    Sw Stage Pvc:                 pv-stage-vol-claim
+    Sw Stage Pvc Mount Location:  /stage
+  Crs Dg Storage Class:           oci-bv
+  Db Secret:
+    Key File Mount Location:  /mnt/.dbsecrets
+    Key File Name:            key.pem
+    Name:                     db-user-pass-pkutl
+    Pwd File Mount Location:  /mnt/.dbsecrets
+    Pwd File Name:            pwdfile.enc
+  Enable Ons:                 enable
+  Image:                      localhost/oracle/database-orestart:19.3.0-slim
+  Image Pull Policy:          IfNotPresent
+  Inst Details:
+    Env Vars:
+      Name:                     IGNORE_CRS_PREREQS
+      Value:                    true
+      Name:                     IGNORE_DB_PREREQS
+      Value:                    true
+    Name:                       dbmc1
+    Sw Loc Storage Size In Gb:  300
+    Worker Node:
+      10.0.10.58
+  Lb Service:
+  Node Port Svc:
+    Name:  dbmc1-service-nodeport
+    Port Mappings:
+      Node Port:    30007
+      Port:         1521
+      Protocol:     TCP
+      Target Port:  1521
+      Node Port:    30200
+      Port:         6200
+      Protocol:     TCP
+      Target Port:  6200
+    Svc Type:       nodeport
+  Resources:
+    Limits:
+      Cpu:     2
+      Memory:  16Gi
+    Requests:
+      Cpu:     2
+      Memory:  16Gi
+  Security Context:
+    Sysctls:
+      Name:   kernel.shmall
+      Value:  2097152
+      Name:   kernel.sem
+      Value:  250 32000 100 128
+      Name:   kernel.shmmax
+      Value:  8589934592
+      Name:   kernel.shmmni
+      Value:  4096
+  Service Details:
+    Name:  soepdb
+  Ssh Key Secret:
+    Key Mount Location:    /mnt/.ssh
+    Name:                  ssh-key-secret
+    Priv Key Secret Name:  ssh-privkey
+    Pub Key Secret Name:   ssh-pubkey
+  Sw Dg Storage Class:     oci-bv
+Status:
+  Oracle Restart Nodes:
+    Name:  dbmc1-0
+    Node Details:
+      Instance State:  OPEN
+      Pod State:       AVAILABLE
+      Cluster State:   HEALTHY
+      Mounted Devices:
+        /dev/asm-disk1
+        /dev/asm-disk2
+      State:  AVAILABLE
+  Asm Details:
+    Diskgroup:
+      Disks:
+        /dev/asm-disk1,/dev/asm-disk2
+      Name:        DATA
+      Redundancy:  EXTERN
+  Conditions:
+    Last Transition Time:  2025-10-09T15:39:34Z
+    Message:               reconcile has been queued
+    Observed Generation:   1
+    Reason:                LastReconcileCycleQueued
+    Status:                True
+    Type:                  ReconcileQueued
+    Last Transition Time:  2025-10-09T17:29:10Z
+    Message:               reconcile completed successfully
+    Observed Generation:   1
+    Reason:                LastReconcileCycleCompleted
+    Status:                True
+    Type:                  ReconcileComplete
+  Config Params:
+    Crs Asm Device List:         /dev/asm-disk1,/dev/asm-disk2
+    Crs Asm Disk Dg:             DATA
+    Crs Asm Disk Dg Redundancy:  external
+    Db Base:                     /u01/app/oracle
+    Db Data File Dest Dg:        DATA
+    Db Home:                     /u01/app/oracle/product/19c/dbhome_1
+    Db Name:                     PORCLCDB
+    Db Recovery File Dest:       DATA
+    Db Response File:
+    Grid Base:  /u01/app/grid
+    Grid Home:  /u01/app/19c/grid
+    Grid Response File:
+    Inventory:     /u01/app/oraInventory
+  Connect String:  dbmc1-0:1521/PORCLCDB
+  Db Secret:
+    Key File Mount Location:  /mnt/.dbsecrets
+    Key File Name:            key.pem
+    Name:                     db-user-pass-pkutl
+    Pwd File Mount Location:  /mnt/.dbsecrets
+    Pwd File Name:            pwdfile.enc
+  Db State:                   OPEN
+  External Connect String:    129.146.0.149:30007/soepdb
+  Pdb Connect String:         dbmc1-0:1521/ORCLPDB
+  Release Update:             19.28.0.0.0
+  Role:                       PRIMARY
+  Service Details:
+    Name:       soepdb
+    Svc State:  service soepdb is running
+  State:        AVAILABLE
+Events:         <none>
+
+
+$ kubectl get pvc -n orestart
+NAME                                                   STATUS   VOLUME                                     CAPACITY   ACCESS MODES   STORAGECLASS      VOLUMEATTRIBUTESCLASS   AGE
+asm-pvc-crsdg-asm-disk1-oraclerestart-sample-dbmc1-0   Bound    csi-dd26294f-caa3-4c1c-b5f4-a64145afe926   50Gi       RWO            oci-bv            <unset>                 3h57m
+asm-pvc-crsdg-asm-disk2-oraclerestart-sample-dbmc1-0   Bound    csi-972a9dc2-f49b-4475-8add-c185f4cfe05f   50Gi       RWO            oci-bv            <unset>                 3h57m
+dbmc1-oradata-sw-vol-pvc-dbmc1-0                       Bound    csi-6722f64f-71a2-458d-857f-921aee569b43   300Gi      RWO            oci-bv            <unset>                 3h57m
+pv-stage-vol-claim                                     Bound    pv-stage-vol1                              500Gi      ROX            fss-dyn-storage   <unset>                 11h
+
+
+
+[root@dbmc1-0 rac-work-dir]# ls -lrt /stage/software/19c/
+total 71682
+-rwxrwxrwx. 1 2001 2001 72539776 Aug 19 01:21 p6880880_190000_Linux-x86-64.zip
+drwxrwxrwx. 2 2001 2001        3 Aug 19 03:56 19.3.0
+drwxrwxrwx. 3 2001 2001        3 Sep 11 04:36 19.28
+[root@dbmc1-0 rac-work-dir]# ls -lrt /stage/software/19c/19.3.0/
+total 6774784
+-rwxrwxrwx. 1 2001 2001 3059705302 Aug 19 01:10 db_home.zip
+-rwxrwxrwx. 1 2001 2001 2889184573 Aug 19 01:11 grid_home.zip
+-rwxrwxrwx. 1 2001 2001  987216967 Aug 19 01:13 LINUX.X64_193000_client_home.zip
+[root@dbmc1-0 rac-work-dir]#
+[root@dbmc1-0 rac-work-dir]# ls -lrt /stage/software/19c/19.28/
+total 3847169
+drwxrwxrwx. 8 2001 2001          9 Jul 15 14:13 37957391
+-rwxrwxrwx. 1 2001 2001    2930311 Jul 15 20:49 PatchSearch.xml
+-rwxrwxrwx. 1 2001 2001 3934314158 Sep 11 04:31 p37957391_190000_Linux-x86-64.zip
+[root@dbmc1-0 rac-work-dir]# ls -lrt /stage/software/19c/19.28/37957391/
+total 171
+drwxrwxrwx. 5 2001 2001      4 Jul 15 14:13 37962946
+drwxrwxrwx. 5 2001 2001      4 Jul 15 14:14 37962938
+drwxrwxrwx. 4 2001 2001      3 Jul 15 14:14 38124772
+drwxrwxrwx. 5 2001 2001      5 Jul 15 14:14 37960098
+drwxrwxrwx. 4 2001 2001      3 Jul 15 14:14 36758186
+drwxrwxrwx. 2 2001 2001     13 Jul 15 14:19 automation
+-rwxrwxrwx. 1 2001 2001      0 Jul 15 14:19 README.txt
+-rwxrwxrwx. 1 2001 2001 152522 Jul 15 14:29 README.html
+-rwxrwxrwx. 1 2001 2001   5824 Jul 15 14:47 bundle.xml
+[root@dbmc1-0 rac-work-dir]#
\ No newline at end of file
diff --git a/docs/oraclerestart/provisioning/orestart_storage_class_object.txt b/docs/oraclerestart/provisioning/orestart_storage_class_object.txt
new file mode 100644
index 00000000..27fdf146
--- /dev/null
+++ b/docs/oraclerestart/provisioning/orestart_storage_class_object.txt
@@ -0,0 +1,180 @@
+$ kubectl describe oraclerestarts.database.oracle.com/oraclerestart-sample -n orestart
+Name:         oraclerestart-sample
+Namespace:    orestart
+Labels:       <none>
+Annotations:  OracleRestarts.database.oracle.com/old-spec:
+                {"instDetails":{"name":"dbmc1","swLocStorageSizeInGb":300,"workerNode":["10.0.10.58"],"envVars":[{"name":"IGNORE_CRS_PREREQS","value":"tru...
+API Version:  database.oracle.com/v4
+Kind:         OracleRestart
+Metadata:
+  Creation Timestamp:  2025-10-09T18:01:21Z
+  Finalizers:
+    database.oracle.com/oraclerestartfinalizer
+  Generation:        1
+  Resource Version:  246453216
+  UID:               c42b7961-6cdb-416e-a17c-616cc0c08b1f
+Spec:
+  Asm Storage Details:
+    Disks By Size:
+      Disk Names:
+        /dev/asm-disk1
+        /dev/asm-disk2
+      Storage Size In Gb:  50
+  Config Params:
+    Cpu Count:                   4
+    Crs Asm Device List:         /dev/asm-disk1,/dev/asm-disk2
+    Crs Asm Disk Dg:             DATA
+    Crs Asm Disk Dg Redundancy:  external
+    Db Base:                     /u01/app/oracle
+    Db Char Set:                 AL32UTF8
+    Db Data File Dest Dg:        DATA
+    Db Home:                     /u01/app/oracle/product/19c/dbhome_1
+    Db Name:                     PORCLCDB
+    Db Recovery File Dest:       DATA
+    Db Response File:
+    Db Sw Zip File:  db_home.zip
+    Grid Base:       /u01/app/grid
+    Grid Home:       /u01/app/19c/grid
+    Grid Response File:
+    Grid Sw Zip File:        grid_home.zip
+    Host Sw Stage Location:  /scratch/software/stage
+    Inventory:               /u01/app/oraInventory
+    Pga Size:                1G
+    Processes:               2000
+    Sga Size:                3G
+    Sw Mount Location:       /u01
+  Crs Dg Storage Class:      oci-bv
+  Db Secret:
+    Key File Mount Location:  /mnt/.dbsecrets
+    Key File Name:            key.pem
+    Name:                     db-user-pass-pkutl
+    Pwd File Mount Location:  /mnt/.dbsecrets
+    Pwd File Name:            pwdfile.enc
+  Enable Ons:                 enable
+  Image:                      localhost/oracle/database-orestart:19.3.0-slim
+  Image Pull Policy:          IfNotPresent
+  Inst Details:
+    Env Vars:
+      Name:                     IGNORE_CRS_PREREQS
+      Value:                    true
+      Name:                     IGNORE_DB_PREREQS
+      Value:                    true
+    Name:                       dbmc1
+    Sw Loc Storage Size In Gb:  300
+    Worker Node:
+      10.0.10.58
+  Lb Service:
+  Node Port Svc:
+    Name:  dbmc1-service-nodeport
+    Port Mappings:
+      Node Port:    30007
+      Port:         1521
+      Protocol:     TCP
+      Target Port:  1521
+      Node Port:    30200
+      Port:         6200
+      Protocol:     TCP
+      Target Port:  6200
+    Svc Type:       nodeport
+  Resources:
+    Limits:
+      Cpu:     2
+      Memory:  16Gi
+    Requests:
+      Cpu:     2
+      Memory:  16Gi
+  Security Context:
+    Sysctls:
+      Name:   kernel.shmall
+      Value:  2097152
+      Name:   kernel.sem
+      Value:  250 32000 100 128
+      Name:   kernel.shmmax
+      Value:  8589934592
+      Name:   kernel.shmmni
+      Value:  4096
+  Service Details:
+    Name:  soepdb
+  Ssh Key Secret:
+    Key Mount Location:    /mnt/.ssh
+    Name:                  ssh-key-secret
+    Priv Key Secret Name:  ssh-privkey
+    Pub Key Secret Name:   ssh-pubkey
+  Sw Dg Storage Class:     oci-bv
+Status:
+  Oracle Restart Nodes:
+    Name:  dbmc1-0
+    Node Details:
+      Instance State:  OPEN
+      Pod State:       AVAILABLE
+      Cluster State:   HEALTHY
+      Mounted Devices:
+        /dev/asm-disk1
+        /dev/asm-disk2
+      State:  AVAILABLE
+  Asm Details:
+    Diskgroup:
+      Disks:
+        /dev/asm-disk1,/dev/asm-disk2
+      Name:        DATA
+      Redundancy:  EXTERN
+  Conditions:
+    Last Transition Time:  2025-10-09T18:10:31Z
+    Message:               reconcile has been queued
+    Observed Generation:   1
+    Reason:                LastReconcileCycleQueued
+    Status:                True
+    Type:                  ReconcileQueued
+    Last Transition Time:  2025-10-09T18:28:17Z
+    Message:               reconcile completed successfully
+    Observed Generation:   1
+    Reason:                LastReconcileCycleCompleted
+    Status:                True
+    Type:                  ReconcileComplete
+  Config Params:
+    Crs Asm Device List:         /dev/asm-disk1,/dev/asm-disk2
+    Crs Asm Disk Dg:             DATA
+    Crs Asm Disk Dg Redundancy:  external
+    Db Base:                     /u01/app/oracle
+    Db Data File Dest Dg:        DATA
+    Db Home:                     /u01/app/oracle/product/19c/dbhome_1
+    Db Name:                     PORCLCDB
+    Db Recovery File Dest:       DATA
+    Db Response File:
+    Grid Base:  /u01/app/grid
+    Grid Home:  /u01/app/19c/grid
+    Grid Response File:
+    Inventory:     /u01/app/oraInventory
+  Connect String:  dbmc1-0:1521/PORCLCDB
+  Db Secret:
+    Key File Mount Location:  /mnt/.dbsecrets
+    Key File Name:            key.pem
+    Name:                     db-user-pass-pkutl
+    Pwd File Mount Location:  /mnt/.dbsecrets
+    Pwd File Name:            pwdfile.enc
+  Db State:                   OPEN
+  External Connect String:    129.146.0.149:30007/soepdb
+  Pdb Connect String:         dbmc1-0:1521/ORCLPDB
+  Release Update:             19.28.0.0.0
+  Role:                       PRIMARY
+  Service Details:
+    Name:       soepdb
+    Svc State:  service soepdb is running
+  State:        AVAILABLE
+Events:         <none>
+
+
+
+$ kubectl get pvc -n orestart
+NAME                                                   STATUS   VOLUME                                     CAPACITY   ACCESS MODES   STORAGECLASS      VOLUMEATTRIBUTESCLASS   AGE
+asm-pvc-crsdg-asm-disk1-oraclerestart-sample-dbmc1-0   Bound    csi-4c9b2faa-9cd5-45a5-9ca1-dd77e708f03f   50Gi       RWO            oci-bv            <unset>                 27m
+asm-pvc-crsdg-asm-disk2-oraclerestart-sample-dbmc1-0   Bound    csi-ed7630fc-4f79-426b-a877-ab70ca6ebb87   50Gi       RWO            oci-bv            <unset>                 27m
+dbmc1-oradata-sw-vol-pvc-dbmc1-0                       Bound    csi-15fbddd5-3994-4e3e-b072-c760eaa76188   300Gi      RWO            oci-bv            <unset>                 27m
+pv-stage-vol-claim                                     Bound    pv-stage-vol1                              500Gi      ROX            fss-dyn-storage   <unset>                 12h
+
+
+$ kubectl get pv
+NAME                                       CAPACITY   ACCESS MODES   RECLAIM POLICY   STATUS   CLAIM                                                           STORAGECLASS      VOLUMEATTRIBUTESCLASS   REASON   AGE
+csi-15fbddd5-3994-4e3e-b072-c760eaa76188   300Gi      RWO            Delete           Bound    orestart/dbmc1-oradata-sw-vol-pvc-dbmc1-0                       oci-bv            <unset>                          27m
+csi-4c9b2faa-9cd5-45a5-9ca1-dd77e708f03f   50Gi       RWO            Delete           Bound    orestart/asm-pvc-crsdg-asm-disk1-oraclerestart-sample-dbmc1-0   oci-bv            <unset>                          27m
+csi-ed7630fc-4f79-426b-a877-ab70ca6ebb87   50Gi       RWO            Delete           Bound    orestart/asm-pvc-crsdg-asm-disk2-oraclerestart-sample-dbmc1-0   oci-bv            <unset>                          27m
\ No newline at end of file
diff --git a/docs/oraclerestart/provisioning/orestart_storage_class_object_after_sw_home_resize.txt b/docs/oraclerestart/provisioning/orestart_storage_class_object_after_sw_home_resize.txt
new file mode 100644
index 00000000..1ddb0a47
--- /dev/null
+++ b/docs/oraclerestart/provisioning/orestart_storage_class_object_after_sw_home_resize.txt
@@ -0,0 +1,197 @@
+$ kubectl describe oraclerestarts.database.oracle.com/oraclerestart-sample -n orestart
+Name:         oraclerestart-sample
+Namespace:    orestart
+Labels:       <none>
+Annotations:  OracleRestarts.database.oracle.com/old-spec:
+                {"instDetails":{"name":"dbmc1","swLocStorageSizeInGb":400,"workerNode":["10.0.10.58"],"envVars":[{"name":"IGNORE_CRS_PREREQS","value":"tru...
+API Version:  database.oracle.com/v4
+Kind:         OracleRestart
+Metadata:
+  Creation Timestamp:  2025-10-09T18:01:21Z
+  Finalizers:
+    database.oracle.com/oraclerestartfinalizer
+  Generation:        2
+  Resource Version:  246493782
+  UID:               c42b7961-6cdb-416e-a17c-616cc0c08b1f
+Spec:
+  Asm Storage Details:
+    Disks By Size:
+      Disk Names:
+        /dev/asm-disk1
+        /dev/asm-disk2
+      Storage Size In Gb:  50
+  Config Params:
+    Cpu Count:                   4
+    Crs Asm Device List:         /dev/asm-disk1,/dev/asm-disk2
+    Crs Asm Disk Dg:             DATA
+    Crs Asm Disk Dg Redundancy:  external
+    Db Base:                     /u01/app/oracle
+    Db Char Set:                 AL32UTF8
+    Db Data File Dest Dg:        DATA
+    Db Home:                     /u01/app/oracle/product/19c/dbhome_1
+    Db Name:                     PORCLCDB
+    Db Recovery File Dest:       DATA
+    Db Response File:
+    Db Sw Zip File:  db_home.zip
+    Grid Base:       /u01/app/grid
+    Grid Home:       /u01/app/19c/grid
+    Grid Response File:
+    Grid Sw Zip File:        grid_home.zip
+    Host Sw Stage Location:  /scratch/software/stage
+    Inventory:               /u01/app/oraInventory
+    Pga Size:                1G
+    Processes:               2000
+    Sga Size:                3G
+    Sw Mount Location:       /u01
+  Crs Dg Storage Class:      oci-bv
+  Db Secret:
+    Key File Mount Location:  /mnt/.dbsecrets
+    Key File Name:            key.pem
+    Name:                     db-user-pass-pkutl
+    Pwd File Mount Location:  /mnt/.dbsecrets
+    Pwd File Name:            pwdfile.enc
+  Enable Ons:                 enable
+  Image:                      localhost/oracle/database-orestart:19.3.0-slim
+  Image Pull Policy:          IfNotPresent
+  Inst Details:
+    Env Vars:
+      Name:                     IGNORE_CRS_PREREQS
+      Value:                    true
+      Name:                     IGNORE_DB_PREREQS
+      Value:                    true
+    Name:                       dbmc1
+    Sw Loc Storage Size In Gb:  400
+    Worker Node:
+      10.0.10.58
+  Lb Service:
+  Node Port Svc:
+    Name:  dbmc1-service-nodeport
+    Port Mappings:
+      Node Port:    30007
+      Port:         1521
+      Protocol:     TCP
+      Target Port:  1521
+      Node Port:    30200
+      Port:         6200
+      Protocol:     TCP
+      Target Port:  6200
+    Svc Type:       nodeport
+  Resources:
+    Limits:
+      Cpu:     2
+      Memory:  16Gi
+    Requests:
+      Cpu:     2
+      Memory:  16Gi
+  Security Context:
+    Sysctls:
+      Name:   kernel.shmall
+      Value:  2097152
+      Name:   kernel.sem
+      Value:  250 32000 100 128
+      Name:   kernel.shmmax
+      Value:  8589934592
+      Name:   kernel.shmmni
+      Value:  4096
+  Service Details:
+    Name:  soepdb
+  Ssh Key Secret:
+    Key Mount Location:    /mnt/.ssh
+    Name:                  ssh-key-secret
+    Priv Key Secret Name:  ssh-privkey
+    Pub Key Secret Name:   ssh-pubkey
+  Sw Dg Storage Class:     oci-bv
+Status:
+  Oracle Restart Nodes:
+    Name:  dbmc1-0
+    Node Details:
+      Instance State:  OPEN
+      Pod State:       AVAILABLE
+      Cluster State:   HEALTHY
+      Mounted Devices:
+        /dev/asm-disk1
+        /dev/asm-disk2
+      State:  AVAILABLE
+  Asm Details:
+    Diskgroup:
+      Disks:
+        /dev/asm-disk1,/dev/asm-disk2
+      Name:        DATA
+      Redundancy:  EXTERN
+  Conditions:
+    Last Transition Time:  2025-10-09T18:10:31Z
+    Message:               reconcile has been queued
+    Observed Generation:   1
+    Reason:                LastReconcileCycleQueued
+    Status:                True
+    Type:                  ReconcileQueued
+    Last Transition Time:  2025-10-09T20:44:39Z
+    Message:               reconcile completed successfully
+    Observed Generation:   2
+    Reason:                LastReconcileCycleCompleted
+    Status:                True
+    Type:                  ReconcileComplete
+  Config Params:
+    Crs Asm Device List:         /dev/asm-disk1,/dev/asm-disk2
+    Crs Asm Disk Dg:             DATA
+    Crs Asm Disk Dg Redundancy:  external
+    Db Base:                     /u01/app/oracle
+    Db Data File Dest Dg:        DATA
+    Db Home:                     /u01/app/oracle/product/19c/dbhome_1
+    Db Name:                     PORCLCDB
+    Db Recovery File Dest:       DATA
+    Db Response File:
+    Grid Base:  /u01/app/grid
+    Grid Home:  /u01/app/19c/grid
+    Grid Response File:
+    Inventory:     /u01/app/oraInventory
+  Connect String:  dbmc1-0:1521/PORCLCDB
+  Db Secret:
+    Key File Mount Location:  /mnt/.dbsecrets
+    Key File Name:            key.pem
+    Name:                     db-user-pass-pkutl
+    Pwd File Mount Location:  /mnt/.dbsecrets
+    Pwd File Name:            pwdfile.enc
+  Db State:                   OPEN
+  External Connect String:    129.146.0.149:30007/soepdb
+  Pdb Connect String:         dbmc1-0:1521/ORCLPDB
+  Release Update:             19.28.0.0.0
+  Role:                       PRIMARY
+  Service Details:
+    Name:       soepdb
+    Svc State:  service soepdb is running
+  State:        AVAILABLE
+Events:         <none>
+
+
+
+$ kubectl get pvc -n orestart
+NAME                                                   STATUS   VOLUME                                     CAPACITY   ACCESS MODES   STORAGECLASS      VOLUMEATTRIBUTESCLASS   AGE
+asm-pvc-crsdg-asm-disk1-oraclerestart-sample-dbmc1-0   Bound    csi-4c9b2faa-9cd5-45a5-9ca1-dd77e708f03f   50Gi       RWO            oci-bv            <unset>                 164m
+asm-pvc-crsdg-asm-disk2-oraclerestart-sample-dbmc1-0   Bound    csi-ed7630fc-4f79-426b-a877-ab70ca6ebb87   50Gi       RWO            oci-bv            <unset>                 164m
+dbmc1-oradata-sw-vol-pvc-dbmc1-0                       Bound    csi-15fbddd5-3994-4e3e-b072-c760eaa76188   400Gi      RWO            oci-bv            <unset>                 164m
+pv-stage-vol-claim                                     Bound    pv-stage-vol1                              500Gi      ROX            fss-dyn-storage   <unset>                 14h
+
+
+
+
+[root@dbmc1-0 rac-work-dir]# df -h
+Filesystem                  Size  Used Avail Use% Mounted on
+overlay                     489G   37G  452G   8% /
+tmpfs                        64M     0   64M   0% /dev
+tmpfs                        46G     0   46G   0% /sys/fs/cgroup
+tmpfs                        45G  3.9G   42G   9% /etc/hostname
+tmpfs                        46G  112K   46G   1% /run
+/dev/sdo                    393G   14G  380G   4% /u01
+tmpfs                        83G  8.0K   83G   1% /mnt/.ssh
+tmpfs                        83G  8.0K   83G   1% /mnt/.dbsecrets
+tmpfs                        83G  1.1G   82G   2% /dev/shm
+/dev/mapper/ocivolume-root  489G   37G  452G   8% /etc/hosts
+/dev/sdb1                   196G   55G  132G  30% /scratch/software/stage
+tmpfs                        46G     0   46G   0% /run/lock
+tmpfs                        46G   75M   46G   1% /tmp
+tmpfs                        46G   64M   46G   1% /var/log/journal
+tmpfs                        46G     0   46G   0% /proc/acpi
+tmpfs                        46G     0   46G   0% /proc/scsi
+tmpfs                        46G     0   46G   0% /sys/firmware
+tmpfs                        46G     0   46G   0% /sys/fs/selinux
\ No newline at end of file
diff --git a/docs/oraclerestart/provisioning/orestart_storage_class_object_before_sw_home_resize.txt b/docs/oraclerestart/provisioning/orestart_storage_class_object_before_sw_home_resize.txt
new file mode 100644
index 00000000..d7dab6c9
--- /dev/null
+++ b/docs/oraclerestart/provisioning/orestart_storage_class_object_before_sw_home_resize.txt
@@ -0,0 +1,196 @@
+$ kubectl describe oraclerestarts.database.oracle.com/oraclerestart-sample -n orestart
+Name:         oraclerestart-sample
+Namespace:    orestart
+Labels:       <none>
+Annotations:  OracleRestarts.database.oracle.com/old-spec:
+                {"instDetails":{"name":"dbmc1","swLocStorageSizeInGb":300,"workerNode":["10.0.10.58"],"envVars":[{"name":"IGNORE_CRS_PREREQS","value":"tru...
+API Version:  database.oracle.com/v4
+Kind:         OracleRestart
+Metadata:
+  Creation Timestamp:  2025-10-09T18:01:21Z
+  Finalizers:
+    database.oracle.com/oraclerestartfinalizer
+  Generation:        1
+  Resource Version:  246491127
+  UID:               c42b7961-6cdb-416e-a17c-616cc0c08b1f
+Spec:
+  Asm Storage Details:
+    Disks By Size:
+      Disk Names:
+        /dev/asm-disk1
+        /dev/asm-disk2
+      Storage Size In Gb:  50
+  Config Params:
+    Cpu Count:                   4
+    Crs Asm Device List:         /dev/asm-disk1,/dev/asm-disk2
+    Crs Asm Disk Dg:             DATA
+    Crs Asm Disk Dg Redundancy:  external
+    Db Base:                     /u01/app/oracle
+    Db Char Set:                 AL32UTF8
+    Db Data File Dest Dg:        DATA
+    Db Home:                     /u01/app/oracle/product/19c/dbhome_1
+    Db Name:                     PORCLCDB
+    Db Recovery File Dest:       DATA
+    Db Response File:
+    Db Sw Zip File:  db_home.zip
+    Grid Base:       /u01/app/grid
+    Grid Home:       /u01/app/19c/grid
+    Grid Response File:
+    Grid Sw Zip File:        grid_home.zip
+    Host Sw Stage Location:  /scratch/software/stage
+    Inventory:               /u01/app/oraInventory
+    Pga Size:                1G
+    Processes:               2000
+    Sga Size:                3G
+    Sw Mount Location:       /u01
+  Crs Dg Storage Class:      oci-bv
+  Db Secret:
+    Key File Mount Location:  /mnt/.dbsecrets
+    Key File Name:            key.pem
+    Name:                     db-user-pass-pkutl
+    Pwd File Mount Location:  /mnt/.dbsecrets
+    Pwd File Name:            pwdfile.enc
+  Enable Ons:                 enable
+  Image:                      localhost/oracle/database-orestart:19.3.0-slim
+  Image Pull Policy:          IfNotPresent
+  Inst Details:
+    Env Vars:
+      Name:                     IGNORE_CRS_PREREQS
+      Value:                    true
+      Name:                     IGNORE_DB_PREREQS
+      Value:                    true
+    Name:                       dbmc1
+    Sw Loc Storage Size In Gb:  300
+    Worker Node:
+      10.0.10.58
+  Lb Service:
+  Node Port Svc:
+    Name:  dbmc1-service-nodeport
+    Port Mappings:
+      Node Port:    30007
+      Port:         1521
+      Protocol:     TCP
+      Target Port:  1521
+      Node Port:    30200
+      Port:         6200
+      Protocol:     TCP
+      Target Port:  6200
+    Svc Type:       nodeport
+  Resources:
+    Limits:
+      Cpu:     2
+      Memory:  16Gi
+    Requests:
+      Cpu:     2
+      Memory:  16Gi
+  Security Context:
+    Sysctls:
+      Name:   kernel.shmall
+      Value:  2097152
+      Name:   kernel.sem
+      Value:  250 32000 100 128
+      Name:   kernel.shmmax
+      Value:  8589934592
+      Name:   kernel.shmmni
+      Value:  4096
+  Service Details:
+    Name:  soepdb
+  Ssh Key Secret:
+    Key Mount Location:    /mnt/.ssh
+    Name:                  ssh-key-secret
+    Priv Key Secret Name:  ssh-privkey
+    Pub Key Secret Name:   ssh-pubkey
+  Sw Dg Storage Class:     oci-bv
+Status:
+  Oracle Restart Nodes:
+    Name:  dbmc1-0
+    Node Details:
+      Instance State:  OPEN
+      Pod State:       AVAILABLE
+      Cluster State:   HEALTHY
+      Mounted Devices:
+        /dev/asm-disk1
+        /dev/asm-disk2
+      State:  AVAILABLE
+  Asm Details:
+    Diskgroup:
+      Disks:
+        /dev/asm-disk1,/dev/asm-disk2
+      Name:        DATA
+      Redundancy:  EXTERN
+  Conditions:
+    Last Transition Time:  2025-10-09T18:10:31Z
+    Message:               reconcile has been queued
+    Observed Generation:   1
+    Reason:                LastReconcileCycleQueued
+    Status:                True
+    Type:                  ReconcileQueued
+    Last Transition Time:  2025-10-09T20:35:50Z
+    Message:               reconcile completed successfully
+    Observed Generation:   1
+    Reason:                LastReconcileCycleCompleted
+    Status:                True
+    Type:                  ReconcileComplete
+  Config Params:
+    Crs Asm Device List:         /dev/asm-disk1,/dev/asm-disk2
+    Crs Asm Disk Dg:             DATA
+    Crs Asm Disk Dg Redundancy:  external
+    Db Base:                     /u01/app/oracle
+    Db Data File Dest Dg:        DATA
+    Db Home:                     /u01/app/oracle/product/19c/dbhome_1
+    Db Name:                     PORCLCDB
+    Db Recovery File Dest:       DATA
+    Db Response File:
+    Grid Base:  /u01/app/grid
+    Grid Home:  /u01/app/19c/grid
+    Grid Response File:
+    Inventory:     /u01/app/oraInventory
+  Connect String:  dbmc1-0:1521/PORCLCDB
+  Db Secret:
+    Key File Mount Location:  /mnt/.dbsecrets
+    Key File Name:            key.pem
+    Name:                     db-user-pass-pkutl
+    Pwd File Mount Location:  /mnt/.dbsecrets
+    Pwd File Name:            pwdfile.enc
+  Db State:                   OPEN
+  External Connect String:    129.146.0.149:30007/soepdb
+  Pdb Connect String:         dbmc1-0:1521/ORCLPDB
+  Release Update:             19.28.0.0.0
+  Role:                       PRIMARY
+  Service Details:
+    Name:       soepdb
+    Svc State:  service soepdb is running
+  State:        AVAILABLE
+Events:         <none>
+
+
+$ kubectl get pvc -n orestart
+NAME                                                   STATUS   VOLUME                                     CAPACITY   ACCESS MODES   STORAGECLASS      VOLUMEATTRIBUTESCLASS   AGE
+asm-pvc-crsdg-asm-disk1-oraclerestart-sample-dbmc1-0   Bound    csi-4c9b2faa-9cd5-45a5-9ca1-dd77e708f03f   50Gi       RWO            oci-bv            <unset>                 154m
+asm-pvc-crsdg-asm-disk2-oraclerestart-sample-dbmc1-0   Bound    csi-ed7630fc-4f79-426b-a877-ab70ca6ebb87   50Gi       RWO            oci-bv            <unset>                 154m
+dbmc1-oradata-sw-vol-pvc-dbmc1-0                       Bound    csi-15fbddd5-3994-4e3e-b072-c760eaa76188   300Gi      RWO            oci-bv            <unset>                 154m
+
+
+
+
+[root@dbmc1-0 rac-work-dir]# df -h
+Filesystem                  Size  Used Avail Use% Mounted on
+overlay                     489G   37G  452G   8% /
+tmpfs                        64M     0   64M   0% /dev
+tmpfs                        46G     0   46G   0% /sys/fs/cgroup
+tmpfs                        45G  3.9G   42G   9% /etc/hostname
+tmpfs                        46G  112K   46G   1% /run
+/dev/sdo                    295G   14G  281G   5% /u01
+tmpfs                        83G  8.0K   83G   1% /mnt/.ssh
+tmpfs                        83G  8.0K   83G   1% /mnt/.dbsecrets
+tmpfs                        83G  1.1G   82G   2% /dev/shm
+/dev/mapper/ocivolume-root  489G   37G  452G   8% /etc/hosts
+/dev/sdb1                   196G   55G  132G  30% /scratch/software/stage
+tmpfs                        46G     0   46G   0% /run/lock
+tmpfs                        46G   71M   46G   1% /tmp
+tmpfs                        46G   64M   46G   1% /var/log/journal
+tmpfs                        46G     0   46G   0% /proc/acpi
+tmpfs                        46G     0   46G   0% /proc/scsi
+tmpfs                        46G     0   46G   0% /sys/firmware
+tmpfs                        46G     0   46G   0% /sys/fs/selinux
+[root@dbmc1-0 rac-work-dir]#
\ No newline at end of file
diff --git a/docs/oraclerestart/provisioning/prerequisites_oracle_restart_db.md b/docs/oraclerestart/provisioning/prerequisites_oracle_restart_db.md
new file mode 100644
index 00000000..3aa64552
--- /dev/null
+++ b/docs/oraclerestart/provisioning/prerequisites_oracle_restart_db.md
@@ -0,0 +1,323 @@
+# Prerequisites for running Oracle Restart Database Controller
+ * [Kubernetes Cluster Requirements](#kubernetes-cluster-requirements)
+    * [Mandatory roles and privileges requirements for Oracle Restart Database Controller](#mandatory-roles-and-privileges-requirements-for-oracle-restart-database-controller)
+    * [Prerequisites for Oracle Restart on OKE](#prerequisites-for-oracle-restart-on-oke)
+    * [Preparing to Install Oracle Restart on OKE](#preparing-to-install-oracle-restart-on-oke)
+    * [Worker Node Preparation for Oracle Restart on OKE](#worker-node-preparation-for-oracle-restart-on-oke)
+        + [Download Oracle Grid Infrastructure and Oracle Database Software](#download-oracle-grid-infrastructure-and-oracle-database-software)
+        + [Permission on the software files](#permission-on-the-software-files)
+        + [Prepare the Worker Node for Oracle Restart Deployment](#prepare-the-worker-node-for-oracle-restart-deployment)
+        + [Set up SELinux Module on Worker Nodes](#set-up-selinux-module-on-worker-nodes)
+    * [Create a namespace for the Oracle Restart Setup](#create-a-namespace-for-the-oracle-restart-setup)
+    * [Install Cert Manager and Setup Access Permissions](#install-cert-manager-and-setup-access-permissions)
+    * [Additional requirements for OpenShift Security Context Constraints](#additional-requirements-for-openshift-security-context-constraints)
+    * [Deploy Oracle Database Operator](#deploy-oracle-database-operator)
+    * [Oracle Restart Database Slim Image](#oracle-restart-database-slim-image)
+    * [Create a Kubernetes secret for the Oracle Restart Database installation owner for the Oracle Restart Database Deployment](#create-a-kubernetes-secret-for-the-oracle-restart-database-installation-owner-for-the-oracle-restart-database-deployment)
+
+To deploy an Oracle Database using the Oracle Restart Database Controller in the Oracle Database Operator, you require a Kubernetes cluster such as Oracle Kubernetes Engine (OKE).
+
+If you are using an Oracle Kubernetes Engine (OKE) Kubernetes Cluster, you will require:
+
+  ## Kubernetes Cluster Requirements
+  You must ensure that your Kubernetes Cluster meets the necessary requirements for Oracle Restart Database deployment. The minimum required OKE cluster version is 1.33 or higher. Refer documentation for details [Oracle Kubernetes Engine](https://docs.oracle.com/en-us/iaas/Content/ContEng/Concepts/contengoverview.htm) cluster.
+
+  ## Mandatory roles and privileges requirements for Oracle Restart Database Controller
+  Oracle Restart Database Controller uses Kubernetes objects such as :-
+
+  | Resources | Verbs |
+  | --- | --- |
+  | Pods | create delete get list patch update watch |
+  | Containers | create delete get list patch update watch |
+  | PersistentVolumeClaims | create delete get list patch update watch |
+  | Services | create delete get list patch update watch |
+  | Secrets | create delete get list patch update watch |
+  | Events | create patch |
+
+  ## Prerequisites for Oracle Restart on OKE
+ Before proceeding with the Oracle Database deployment, ensure that you have completed all required prerequisites on your Oracle Kubernetes Engine (OKE) cluster. This includes setting up the necessary infrastructure and configuring all relevant components. To effectively use these instructions, you should have background knowledge of both Kubernetes technology and the underlying operating system.
+  * Verify that all necessary dependencies are installed and up-to-date. You should be familiar with the following technologies:
+    * Linux
+    * Kubernetes
+    * Oracle Kubernetes Engine Environment (OKE)
+    * Oracle Real Database installation for Oracle Restart
+    * Oracle Grid Infrastructure installation
+    * Oracle Automatic Storage Management (Oracle ASM)
+
+  ## Preparing to Install Oracle Restart on OKE
+  To prepare for the Oracle Restart Database installation, follow these steps:
+   * Ensure that your OKE cluster is properly configured and meets the necessary requirements. 
+     Each pod that you deploy as part of your cluster must satisfy the minimum hardware requirements of the Oracle Restart Database and Oracle Grid Infrastructure software. If you are planning to install Oracle Grid Infrastructure and Oracle Restart database software on host local volumes exposed from your environment, then you must have at least 50 GB space allocated for the Oracle Restart on OKE Pod.
+   * In addition to the standard memory (RAM) required for Oracle Linux (Linux-x86-64), the Oracle Grid Infrastructure and Oracle Database instances, Oracle     recommends that you provide an additional 2 GB of RAM to each Kubernetes node for the control plane. 
+   * Database storage for Oracle Database on OKE must use Oracle Automatic Storage Management (Oracle ASM) configured on block storage.
+    
+   * Prerequisite Software and Environment Versions: 
+     * Oracle Grid Infrastructure: Release 19.28 or later
+     * Oracle Database: Release 19.28 or later
+     * Oracle Kubernetes Engine (OKE): Version 1.33 or later
+     * Unbreakable Enterprise Kernel (UEK): Release 7 UEKR7 (Kernel Release 5.15.0-202.135.2.el9uek.x86_64) or later
+     * Oracle Linux: For Operator, control plane, and worker nodes—Oracle Linux 8 (Linux-x86-64) Update 10 or later
+       
+  ## Worker Node Preparation for Oracle Restart on OKE
+   * When configuring your Worker Nodes, follow these guidelines, and see the configuration Oracle used for testing.
+     Each OKE worker node must have sufficient resources to support the intended number of Oracle Database Pods, each of which must meet at least the minimum requirements for Oracle Grid Infrastructure servers hosting an Oracle Database node.
+   * The Oracle Database Pods in this example configuration were created on the machine `10.0.10.58` for Oracle Restart:
+      - Oracle Database Node
+        - Worker Node: 10.0.10.58
+        - Container Pod: dbmc1-0
+   * Worker node has the following configuration:
+      - RAM:32GB
+      - Operating system disk:
+      - Ensure that your storage has at least the following available space:
+          - / (Root): 40 GB
+          - /scratch/orestart/: 80 GB (the worker node directory which will be used for /u01 to store Oracle Grid Infrastructure and Oracle Database homes)
+          - /var/lib/containers: 100 GB xfs
+      - Oracle Linux 8.10 with Unbreakable Enterprise Kernel Release UEKR7 (Kernel Release 5.15.0-308.179.6.el8uek.x86_64) or later
+      - Network Cards:
+          - ens3: Default network interface. The Oracle Restart pod will use this network interface for cluster public network.
+      - Skip this step **if you are using a StorageClass**, You only need to configure the following storage locations on the worker node for the software volume and ASM disks.    
+        - /scratch/software/stage (the worker node directory will be exposed as local host volume to the Oracle Restart pod for staging Oracle Grid Infrastructure and Oracle RDBMS software)
+        - Block devices:
+          - You can use any supported storage options for Oracle Grid Infrastructure. Ensure that your storage has at least the following space available:
+            - /dev/oracleoci/oraclevdd (50 GB)
+            - /dev/oracleoci/oraclevde (50 GB)
+
+        **Notes**  
+          - Make sure the devices you are using for ASM Storage are cleared of any data from a previous usage or installation.**
+          - If you want to use the devices from the worker nodes for ASM storage, you will need to mark any default StorageClass as non-default in your Kubernetes Cluster.**
+
+  ### Download Oracle Grid Infrastructure and Oracle Database Software
+  You need to download the Oracle Grid Infrastructure and Oracle Database software, you can make it available inside the Pod using following steps:
+
+  * Prepare the Persistent Volume (PVC) for Staging: 
+    * If you plan to use an existing Persistent Volume Claim (PVC) as a staging area, ensure it is pre-created and available before deployment.
+    * NFS (Network File System) is commonly used as a backing storage for staging, since it allows multiple pods/nodes to access the staged files.
+  * Copy Software to Staging Location: 
+    * Download the Oracle Grid Infrastructure and Oracle Database installation media from Oracle's official sources.
+    * Copy (stage) these files onto the PVC (or NFS volume) you intend to use. If you opt to stage on a worker node's local storage, ensure sufficient space and security practices.
+  * Mounting in Pod: 
+    * The Oracle Restart Database Controller is responsible for mounting the staged software into the Pod at runtime, making the installers available for use during installation or upgrade tasks.
+    * You should define the appropriate volume mounts in your deployment YAML manifests to ensure the pod sees the staged content.
+         
+  * The Oracle Database Container does not contain any Oracle software binaries. Download the following software from the [Oracle Technology Network](https://www.oracle.com/technetwork/database/enterprise-edition/downloads/index.html).
+    - Oracle Grid Infrastructure 19c (19.28) for Linux x86-64
+    - Oracle Database 19c (19.28) for Linux x86-64
+
+  ### Permission on the software files
+
+  Depending on the wheter you are provisioning the Oracle Restart Database using Base Release sofware or you are applying an RU patch or any one-off patch, please set the below permissions on the software files in the staging location:
+
+  - Set the permission on the GRID Infrastructure Software and RDBMS Software .zip files to be 755.
+  - Set the permission on the Opatch .zip file to be 755
+  - Set the permission on the unzipped RU software directory to be 755 recursively.
+  - Set the permission on the unzipped oneoff patch software directory to be 755 recursively.
+
+
+  ### Worker Node Preparation Checklist
+  Preparing the worker node is a critical foundation for a secure and successful Oracle Restart Database deployment in a Kubernetes environmen. These steps need to be executed by Kuberernetes administrator as root user on worker nodes and follow these steps:
+  
+  #### System Requirements
+   * Verify OS and Kernel Versions: Ensure your node’s operating system and kernel version are supported by Oracle Database and Kubernetes.
+   * Resource Allocation: Confirm the node has sufficient CPU, memory, and storage for Oracle Grid and Database.
+  #### Kernel and System Settings
+   * Use the vim editor to update `/etc/sysctl.conf` parameters to the following values:
+      ```sh
+      fs.file-max = 6815744
+      net.core.rmem_default = 262144
+      net.core.rmem_max = 4194304
+      net.core.wmem_default = 262144
+      net.core.wmem_max = 1048576
+      fs.aio-max-nr = 1048576
+      vm.nr_hugepages=16384
+      ```
+   * Run the following commands:
+      * `# sysctl -a`
+      * `# sysctl –p`
+   * Verify that the swap memory is disabled by running:  
+      ```sh
+      # free -m
+      .....
+      Swap:             0           0           0
+      ```
+   * Enable kernel parameters at the Kubelet level, so that kernel parameters can be set at the Pod level. This is a one-time activity.
+      * In the `/etc/systemd/system/kubelet.service.d/00-default.conf` file of OKE Worker nodes, add below environment variable: 
+      ```txt
+      Environment="KUBELET_EXTRA_ARGS=--fail-swap-on=false --allowed-unsafe-sysctls='kernel.shm*,net.*,kernel.sem'"
+      ```
+      * Reload Configurations: `# systemctl daemon-reload`
+      * Restart Kubelet: `# systemctl restart kubelet`
+      * Check the Kubelet status: `# systemctl status kubelet`
+      
+      **Note: For openshift worker nodes**, path to edit is `/etc/systemd/system/kubelet.service.d/99-kubelet-extra-args.conf` and add below content in this file:
+      ```txt
+      [Service]
+      Environment="KUBELET_EXTRA_ARGS=--fail-swap-on=false --allowed-unsafe-sysctls='kernel.shm*,net.*,kernel.sem'"
+      ```
+      * Reload Configurations: `# systemctl daemon-reload`
+      * Restart Kubelet: `# systemctl restart kubelet`
+      * Check the Kubelet status: `# systemctl status kubelet`
+
+   * Skip this step **if you are using a StorageClass**.Otherwise, create the necessary mount points on the worker node. These mount points will be used by the Oracle Restart pod for Oracle Grid Infrastructure and RDBMS Home, as well as for the software staging location.
+      * On worker node:
+          + `# mkdir -p /scratch/orestart/`
+          + `# mkdir -p /scratch/software/stage`
+      * For the case where you are installing Oracle Base Release with RU Patch, create the required mount points for Base Release Software, for the location to unzip the RU Patch etc:
+        * For Example, for Release 19c with 19.28 RU, on worker node:
+          + `# mkdir -p /stage/software/19c/19.3.0`
+          + `# mkdir -p /stage/software/19c/19.28`     
+  
+      * Download the Oracle Grid Infrastructure and Oracle RDBMS Software .zip files. Copy those files to the worker node at the staging location `/scratch/software/stage/`
+
+  #### Security Controls
+  Traditional Unix security uses discretionary access control (DAC). SELinux is an example of mandatory access control. SELinux restricts many commands from the Oracle Restart Pod that are not allowed to run, which results in permission denied errors. To avoid such errors, you must create an SELinux policy package to allow certain commands.
+
+  To set up the SELinux module on the worker node, follow these steps as `root` user to create an SELinux policy package on the worker node: 
+
+  * Verify that SELinux is enabled on the Worker node. For example: 
+  ```sh
+  # getenforce
+  enforcing
+  ```
+  * Install the SELinux devel package on the Worker nodes: `# dnf install selinux-policy-devel`
+  * Create a file `oradb-oke.te` under `/var/opt` on the Worker nodes with the below content:
+    ```sh
+    module oradb-oke 1.0;
+     
+    require {
+      type kernel_t;
+      class system syslog_read;
+      type container_runtime_t;
+      type container_init_t;
+      class file getattr;
+      type container_file_t;
+      type lib_t;
+      type textrel_shlib_t;
+      type bin_t;
+      class file { execmod execute map setattr };
+    }
+     
+    #============= container_init_t ==============
+    allow container_init_t container_runtime_t:file getattr;
+    allow container_init_t bin_t:file map;
+    allow container_init_t bin_t:file execute;
+    allow container_init_t container_file_t:file execmod;
+    allow container_init_t lib_t:file execmod;
+    allow container_init_t textrel_shlib_t:file setattr;
+    allow container_init_t kernel_t:system syslog_read;
+    ```
+* Create and install the policy package: 
+  * `# cd /var/opt`
+  * `make -f /usr/share/selinux/devel/Makefile oradb-oke.pp`
+  * `semodule -i oradb-oke.pp`
+  * `semodule -l | grep oradb-oke`
+* Skip this step, **if you are using storgaclass**. Configure the SELinux context for the required worker node directory and files:
+    * On worker node:
+      + `# semanage fcontext -a -t container_file_t /scratch/orestart`
+      + `# sudo restorecon -vF /scratch/orestart`
+      + `# semanage fcontext -a -t container_file_t  /scratch/software/stage/grid_home.zip`
+      + `# sudo restorecon -vF /scratch/software/stage/grid_home.zip`
+      + `# semanage fcontext -a -t container_file_t  /scratch/software/stage/db_home.zip`
+      + `# sudo restorecon -vF /scratch/software/stage/db_home.zip`
+
+  **Notes:** 
+  * Change these paths and file names as per location of your environment for setting Oracle Restart and names of the software .zip files.
+  * In case of Oracle Base Release and RU Patch software, you will need to run similar commands for the corresponding .zip files.
+
+## Create a namespace for the Oracle Restart Setup
+Create a Kubernetes namespace named `orestart`. All the resources belonging to the Oracle Restart Database will be provisioned in this namespace named `orestart`. For example:
+
+  ```sh
+  #### Create the namespace 
+  kubectl create ns orestart
+
+  #### Check the created namespace 
+  kubectl get ns orestart
+  ```
+If you want, you can choose any name for the namespace to deploy Oracle Restart Database.
+
+## Install Cert Manager and Setup Access Permissions
+Before using Oracle Restart Database Controller, ensure you have completed the prerequisites which includes:
+
+* The installation of cert-manager
+* Creation of Role Bindings for Access Management
+
+Refer to the section [Prerequisites](../../../README.md#prerequisites)
+
+Apart from the default Role Bindings for access management mentioned in above section, you will require the below mentioned role bindings:
+
+  For exposing the database using Nodeport services, apply [RBAC](../../../rbac/node-rbac.yaml)
+  ```sh
+    kubectl apply -f rbac/node-rbac.yaml
+  ```
+  For automatic storage expansion of block volumes, apply [RBAC](../../../rbac/storage-class-rbac.yaml)
+  ```sh
+    kubectl apply -f rbac/storage-class-rbac.yaml
+  ```
+  For getting get, list and watch privileges on the persistent volumes, apply [RBAC](../../rbac/persistent-volume-rbac.yaml)
+  ```sh
+    kubectl apply -f rbac/persistent-volume-rbac.yaml
+  ```
+
+
+## Additional requirements for OpenShift Security Context Constraints
+When you deploy Oracle Restart Database using the Oracle Restart Database Controller on an OpenShift cluster, you must account for OpenShift's stricter security model, especially around Security Context Constraints (SCCs). 
+
+Apart from the same steps listed above for setting up Oracle Restart Database using Oracle Restart Database Controller on an OKE Cluster, there are some additional steps required to setup Oracle Restart Database using Oracle Restart Database Controller on an OpenShift Cluster.
+
+OpenShift requires additional Security Context Constraints (SCC) for deploying and managing the `oraclerestarts.database.oracle.com` resource. To create the appropriate SCCs before deploying the `oraclerestarts.database.oracle.com` resource, complete these steps:
+
+  * Apply the file [custom-kubeletconfig.yaml](../../config/samples/orestart/custom-kubeletconfig.yaml) with cluster-admin user privileges.
+
+  ```sh
+  oc apply -f custom-kubeletconfig.yaml
+  ```
+  Watch the worker MCP update:
+  ```sh
+  watch oc get mcp
+  # Wait for: UPDATING = False ,UPDATED = True ,DEGRADED = False
+  oc label mcp worker custom-kubelet=enable-unsafe-sysctls
+  oc get kubeletconfig
+  NAME                    AGE
+  enable-unsafe-sysctls   10m
+   ```
+
+  **Note:** OpenShift recommends that you should not deploy in namespaces starting with `kube`, `openshift` and the `default` namespace.
+
+  * Create service account to be used for Openshift cluster to be used for `oraclerestarts.database.oracle.com` resource.
+  ```sh
+  oc create serviceaccount oraclerestart -n orestart
+  ```
+  Note: We are using `oraclerestart` as service account name, you can change and make sure to use same in yaml file while creating `oraclerestarts.database.oracle.com` resource and step 3 below.
+
+  * Apply the file [custom-scc.yaml](../../config/samples/orestart/custom-scc.yaml) with cluster-admin user privileges.
+
+  ```sh
+  oc apply -f custom-scc.yaml
+  oc adm policy add-scc-to-user privileged -z oraclerestart -n orestart
+  ```
+
+## Deploy Oracle Database Operator
+After you have completed the prerequisite steps, you can install the operator. To install the operator in the cluster quickly, you can apply the modified `oracle-database-operator.yaml` file from the previous step.
+
+```sh 
+kubectl apply -f oracle-database-operator.yaml
+```
+
+For more details, please refer to [Install Oracle DB Operator](../../../README.md#install-oracle-db-operator)
+
+## Oracle Restart Database Slim Image
+
+  #### Build your own Oracle Restart Database Slim Image
+   You can build this image using instructions provided in below documentation:
+   * [Building Oracle RAC Database Container Slim Image](https://github.com/oracle/docker-images/blob/main/OracleDatabase/RAC/OracleRealApplicationClusters/README.md#building-oracle-rac-database-container-slim-image)
+
+After the image is ready, push it to your private container images repository, so that you can pull this image during Oracle Restart Database provisioning..
+
+**Note**: In the Oracle Restart Database provisioning sample .yaml files, we are using Oracle Restart Database slim image `odbcir/oracle/database-orestart:19.3.0-slim`.
+
+## Create a Kubernetes secret for the Oracle Restart Database installation owner for the Oracle Restart Database Deployment
+ * Create a Kubernetes secret named `db-user-pass` in `orestart` namespace using these steps: [Create Kubernetes Secret](./create_kubernetes_secret_for_db_user.md)
+   * Once the setup completes, you can change the password inside the pod for Oracle sys user.
+ * Create a Kubernetes secret named `ssh-key-secret` in `orestart` namespace using these steps: [Create Kubernetes Secret for SSH Key](./create_kubernetes_secret_for_ssh_setup.md)
+
+After you have the above prerequsites completed, you can proceed to the next section for your environment to provision the Oracle Restart Database.
\ No newline at end of file
diff --git a/docs/oraclerestart/provisioning/provisioning_oracle_restart_db.md b/docs/oraclerestart/provisioning/provisioning_oracle_restart_db.md
new file mode 100644
index 00000000..90720156
--- /dev/null
+++ b/docs/oraclerestart/provisioning/provisioning_oracle_restart_db.md
@@ -0,0 +1,41 @@
+# Provisioning an Oracle Restart Database
+### In this Usecase:
+* In this use case, the Oracle Grid Infrastructure and Oracle Restart Database are deployed automatically using Oracle Restart Controller.
+* This example uses `oraclerestart_prov.yaml` to provision an Oracle Database configured with Oracle Restart using Oracle Restart Controller. The provisioning includes:
+  * Oracle Restart Pod
+  * Headless services for Oracle Restart.
+    * Oracle Database Node hostname.
+  * Persistent volumes created automatically based on specified disks for Oracle ASM Storage.
+  * Software Persistent Volume and Staged Software Persistent Volume using the specified location on the corresponding worker node.
+  * Namespace: `orestart`
+  * Staged Software location on the worker nodes is specified by `hostSwStageLocation`. The Grid Infrastructure and RDBMS Binaries are copied to this location on the worker node.
+  * Software location on the worker nodes is specified by `hostSwLocation`. The GI HOME and the RDBMS HOME in the Oracle Restart Pod will be mounted using this location on the worker node.
+
+### In this Example:
+  * Oracle Restart Database Slim Image `dbocir/oracle/database-orestart:19.3.0-slim` is used. It is built using files from thsi [GitHub location](https://github.com/oracle/docker-images/tree/main/OracleDatabase/RAC/OracleRealApplicationClusters#building-oracle-rac-database-container-slim-image). The default image created using files from this project is `localhost/oracle/database-rac:19.3.0-slim`. You must tag it with the name `dbocir/oracle/database-orestart:19.3.0-slim`.
+  * When you are building the image yourself, update the image value in the `oraclerestart_prov.yaml` file to point to the container image that you have built. 
+  * The disks on the worker nodes for the Oracle Restart storage are `/dev/disk/by-partlabel/asm-disk1` and `/dev/disk/by-partlabel/asm-disk2`. 
+  * Specify the sizes and names of these devices using the parameter `storageSizeInGb`. By default, size is in GBs.
+
+**NOTE:** When no separate diskgroup names are specified for CRS Files, Database Files, Recovery Area Files and Redo Log Files,  the default diskgroup named `+DATA` is created from the disks specified by the parameter `crsAsmDeviceList`.
+
+### Steps: Deploy Oracle Restart Database
+* Use the file [oraclerestart_prov.yaml](./oraclerestart_prov.yaml) for this procedure:
+* Deploy the `oraclerestart_prov.yaml` file:
+    ```sh
+    kubectl apply -f oraclerestart_prov.yaml
+    oraclerestart.database.oracle.com/oraclerestart-sample created
+    ```
+* Check the status of the deployment:
+    ```sh
+    # Check the status of the Kubernetes Pods:    
+    kubectl get all -n orestart
+
+    # Check the logs of a particular pod. For example, to check status of pod "dbmc1-0":    
+    kubectl exec -it pod/dbmc1-0 -n orestart -- bash -c "tail -f /tmp/orod/oracle_db_setup.log"
+    ===============================
+    ORACLE DATABASE IS READY TO USE
+    ===============================
+    ```
+* Check Details of Kubernetes CRD Object as shown in this [example](./orestart_object.txt)
+* For details about how ot connect to the Oracle Restart Database deployed in this procedure, refer to [Database Connection](./database_connection.md).
diff --git a/docs/oraclerestart/provisioning/provisioning_oracle_restart_db_loadbalancer.md b/docs/oraclerestart/provisioning/provisioning_oracle_restart_db_loadbalancer.md
new file mode 100644
index 00000000..ed91a65f
--- /dev/null
+++ b/docs/oraclerestart/provisioning/provisioning_oracle_restart_db_loadbalancer.md
@@ -0,0 +1,44 @@
+# Provisioning an Oracle Restart Database with Load Balancer
+
+### In this Use case:
+* In this use case, the Oracle Grid Infrastructure and Oracle Database are deployed automatically using Oracle Restart Controller.
+* When Oracle Restart is deployed using the Oracle Restart Controller with a Load Balancer Service, the database is exposed externally through the cloud provider’s (for example, Oracle Cloud's) load balancer. This setup allows you to connect remotely to the database using the load balancer’s external IP and the target port, which is commonly 1521 (the Oracle default).
+* This example uses the file `oraclerestart_prov_loadbalancer.yaml` to provision an Oracle Restart Database using Oracle Restart Controller with:
+  * Oracle Restart Pod
+  * Headless services for Oracle Restart
+    * Oracle Restart Node hostname
+  * Load Balancer Service with target port 1521
+  * Persistent volumes created automatically based on specified disks for Oracle ASM storage
+  * Software Persistent Volume and Staged Software Persistent Volume using the specified location on the corresponding worker node.
+  * Namespace: `orestart`
+  * Staged Software location on the worker nodes is specified by `hostSwStageLocation`. The Grid Infrastructure and RDBMS Binaries are copied to this location on the worker node.
+  * Software location on the worker nodes is specified by `hostSwLocation`. The GI HOME and the RDBMS HOME in the Oracle Restart Pod will be mounted using this location on the worker node.
+
+### In this Example:
+  * Oracle Restart Database Slim Image `dbocir/oracle/database-orestart:19.3.0-slim` is used. It is built using files from this [GitHub location](https://github.com/oracle/docker-images/tree/main/OracleDatabase/RAC/OracleRealApplicationClusters#building-oracle-rac-database-container-slim-image). 
+  * The disks on the worker nodes for the Oracle Restart storage are `/dev/disk/by-partlabel/asm-disk1` and `/dev/disk/by-partlabel/asm-disk2`. 
+  * Specify the size of these devices along with names using the parameter `storageSizeInGb`. Size is by-default in GBs.
+
+**NOTE:** When no separate diskgroup names are specified for CRS Files, Database Files, Recovery Area Files and Redo Log Files, the default diskgroup named `+DATA` is created from the disks specified by the parameter `crsAsmDeviceList`.
+
+### Steps: Provision Oracle Restart Database 
+* Use the file [oraclerestart_prov_loadbalancer.yaml](./oraclerestart_prov_loadbalancer.yaml) for this procedure. 
+* When you are building the image yourself, update the image value in the `oraclerestart_prov_loadbalancer.yaml` file to point to the container image that you have built. 
+* Deploy the `oraclerestart_prov_loadbalancer.yaml` file:
+    ```sh
+    kubectl apply -f oraclerestart_prov_loadbalancer.yaml
+    oraclerestart.database.oracle.com/oraclerestart-sample created
+    ```
+* Check the status of the deployment:
+    ```sh
+    # Check the status of the Kubernetes Pods:    
+    kubectl get all -n orestart
+
+    # Check the logs of a particular pod. For example, to check status of pod "dbmc1-0":    
+    kubectl exec -it pod/dbmc1-0 -n orestart -- bash -c "tail -f /tmp/orod/oracle_db_setup.log"
+    ===============================
+    ORACLE DATABASE IS READY TO USE
+    ===============================
+    ```
+* Check Details of Kubernetes CRD Object as in this [example](./orestart_loadbalancer_object.txt)
+* For details about how to connect to the Oracle Restart Database deployed using this procedure, see: [Database Connection](./database_connection.md) .
diff --git a/docs/oraclerestart/provisioning/provisioning_oracle_restart_db_nodeport.md b/docs/oraclerestart/provisioning/provisioning_oracle_restart_db_nodeport.md
new file mode 100644
index 00000000..78e427f9
--- /dev/null
+++ b/docs/oraclerestart/provisioning/provisioning_oracle_restart_db_nodeport.md
@@ -0,0 +1,43 @@
+# Provisioning an Oracle Restart Database with NodePort Service
+### In this Usecase:
+* In this use case, the Oracle Grid Infrastructure and Oracle Database are deployed automatically using Oracle Restart Controller. In this use case, Oracle Restart is deployed with Node Port Service.
+* A node port exposes the service on a static port on the node IP address and NodePorts are in the 30000-32767 range by default.
+* This example uses `oraclerestart_prov_nodeports.yaml` to provision an Oracle Restart Database using Oracle Restart Controller with:
+  * Oracle Restart Pod
+  * Headless services for Oracle Restart
+    * Oracle Restart Node hostname
+  * Node Port 30007 mapped to port 1521 for Database Listener
+  * Persistent volumes created automatically based on specified disks for Oracle ASM storage
+  * Software Persistent Volume and Staged Software Persistent Volume using the specified location on the corresponding worker node.
+  * Namespace: `orestart`
+  * Staged Software location on the worker nodes is specified by `hostSwStageLocation`. The Grid Infrastructure and RDBMS Binaries are copied to this location on the worker node.
+  * Software location on the worker nodes is specified by `hostSwLocation`. The GI HOME and the RDBMS HOME in the Oracle Restart Pod will be mounted using this location on the worker node.
+
+### In this Example:
+  * Oracle Restart Database slim image `dbocir/oracle/database-orestart:19.3.0-slim` is used and it is built using files from [GitHub location](https://github.com/oracle/docker-images/tree/main/OracleDatabase/RAC/OracleRealApplicationClusters#building-oracle-rac-database-container-slim-image). Default image created using files from this project is `localhost/oracle/database-rac:19.3.0-slim`. You need to tag it with name `dbocir/oracle/database-orestart:19.3.0-slim`. 
+  * When you are building the image yourself, update the image value in the `oraclerestart_prov_nodeports.yaml` file to point to the container image you have built. 
+  * The disks on the worker nodes for the Oracle Restart storage are `/dev/disk/by-partlabel/asm-disk1` and `/dev/disk/by-partlabel/asm-disk2`. 
+  * Specify the size of these devices along with names using the parameter `storageSizeInGb`. Size is by-default in GBs.
+
+**NOTE:** When no separate diskgroup names are specified for CRS Files, Database Files, Recovery Area Files and Redo Log Files, then the default diskgroup named `+DATA` is created from the disks specified by the parameter `crsAsmDeviceList`.
+
+### Steps: Deploy Oracle Restart Database 
+* Use the file: [oraclerestart_prov_nodeports.yaml](./oraclerestart_prov_nodeports.yaml) for this use case as below:
+* Deploy the `oraclerestart_prov_nodeports.yaml` file:
+    ```sh
+    kubectl apply -f oraclerestart_prov_nodeports.yaml
+    oraclerestart.database.oracle.com/oraclerestart-sample created
+    ```
+* Check the status of the deployment:
+    ```sh
+    # Check the status of the Kubernetes Pods:    
+    kubectl get all -n orestart
+
+    # Check the logs of a particular pod. For example, to check status of pod "dbmc1-0":    
+    kubectl exec -it pod/dbmc1-0 -n orestart -- bash -c "tail -f /tmp/orod/oracle_db_setup.log"
+    ===============================
+    ORACLE DATABASE IS READY TO USE
+    ===============================
+    ```
+* Check Details of Kubernetes CRD Object as in this [example](./orestart_nodeport_object.txt)
+* Refer to the page [Database Connection](./database_connection.md) for the details to connect to Oracle Restart Database deployed using above example.
diff --git a/docs/oraclerestart/provisioning/provisioning_oracle_restart_db_rupatch.md b/docs/oraclerestart/provisioning/provisioning_oracle_restart_db_rupatch.md
new file mode 100644
index 00000000..09393ec1
--- /dev/null
+++ b/docs/oraclerestart/provisioning/provisioning_oracle_restart_db_rupatch.md
@@ -0,0 +1,45 @@
+# Provisioning an Oracle Restart Database with RU Patch on FileSystem
+### In this Usecase:
+* In this use case, the Oracle Grid Infrastructure and Oracle Restart Database are deployed automatically using Oracle Restart Controller. 
+* In this use case, before the installation of Oracle Restart, the GRID HOME and RDBMS HOME are patched with the provided `RU Patch`.
+* This example uses `oraclerestart_prov_rupatch.yaml` to provision an Oracle Restart Database using Oracle Restart Controller with:
+  * Oracle Restart Pod
+  * Headless services for Oracle Restart
+    * Oracle Restart Node hostname
+  * Node Port 30007 mapped to port 1521 for Database Listener
+  * Persistent volumes created automatically based on specified disks for Oracle ASM storage
+  * Software Persistent Volume and Staged Software Persistent Volume using the specified location on the corresponding worker node.
+  * Namespace: `orestart`
+  * Staged Software location on the worker nodes is specified by `hostSwStageLocation`. The Grid Infrastructure and RDBMS Binaries are copied to this location on the worker node.
+  * Software location on the worker nodes is specified by `hostSwLocation`. The GI HOME and the RDBMS HOME in the Oracle Restart Pod will be mounted using this location on the worker node.
+  * Directory where the **Release Update (RU) patch** has been unzipped is specified by `ruPatchLocation`. 
+    * For Example: To apply the 19.28 RU Patch `37957391`, if you have unzipped the RU Patch .zip file `p37957391_190000_Linux-x86-64.zip` to location `/scratch/software/19c/19.28/` on the worker node, then set this parameter `ruPatchLocation` to value `/scratch/software/ru_patch/37957391`.
+
+### In this Example:
+  * Oracle Restart Database Slim Image `dbocir/oracle/database-orestart:19.3.0-slim` is used and it is built using files from [GitHub location](https://github.com/oracle/docker-images/tree/main/OracleDatabase/RAC/OracleRealApplicationClusters#building-oracle-rac-database-container-slim-image). Default image created using files from this project is `localhost/oracle/database-rac:19.3.0-slim`. You need to tag it with name `dbocir/oracle/database-orestart:19.3.0-slim`. 
+  * When you are building the image yourself, update the image value in the `oraclerestart_prov_rupatch.yaml` file to point to the container image you have built. 
+  * The disks on the worker nodes for the Oracle Restart storage are `/dev/disk/by-partlabel/asm-disk1` and `/dev/disk/by-partlabel/asm-disk2`. 
+  * Specify the size of these devices along with names using the parameter `storageSizeInGb`. Size is by-default in GBs.
+
+**NOTE:** When no separate diskgroup names are specified for CRS Files, Database Files, Recovery Area Files and Redo Log Files, then the default diskgroup named `+DATA` is created from the disks specified by the parameter `crsAsmDeviceList`.
+
+### Steps: Deploy Oracle Restart Database
+* Use the file: [oraclerestart_prov_rupatch.yaml](./oraclerestart_prov_rupatch.yaml) for this use case as below:
+* Deploy the `oraclerestart_prov_rupatch.yaml` file:
+    ```sh
+    kubectl apply -f oraclerestart_prov_rupatch.yaml
+    oraclerestart.database.oracle.com/oraclerestart-sample created
+    ```
+* Check the status of the deployment:
+    ```sh
+    # Check the status of the Kubernetes Pods:    
+    kubectl get all -n orestart
+
+    # Check the logs of a particular pod. For example, to check status of pod "dbmc1-0":    
+    kubectl exec -it pod/dbmc1-0 -n orestart -- bash -c "tail -f /tmp/orod/oracle_db_setup.log"
+    ===============================
+    ORACLE DATABASE IS READY TO USE
+    ===============================
+    ```
+* Check Details of Kubernetes CRD Object as in this [example](./orestart_rupatch_object.txt)
+* Refer to the page [Database Connection](./database_connection.md) for the details to connect to Oracle Restart Database deployed using above example.
diff --git a/docs/oraclerestart/provisioning/provisioning_oracle_restart_db_rupatch_oneoffs.md b/docs/oraclerestart/provisioning/provisioning_oracle_restart_db_rupatch_oneoffs.md
new file mode 100644
index 00000000..86edbff1
--- /dev/null
+++ b/docs/oraclerestart/provisioning/provisioning_oracle_restart_db_rupatch_oneoffs.md
@@ -0,0 +1,47 @@
+# Provisioning an Oracle Restart Database with RU Patch and One Offs with Custom Storage Class
+### In this Usecase:
+* In this use case, the Oracle Grid Infrastructure and Oracle Restart Database are deployed automatically using Oracle Restart Controller. 
+* This example uses `oraclerestart_prov_rupatch_oneoff_storageclass.yaml` to provision an Oracle Restart Database using Oracle Restart Controller with:
+  * Oracle Restart Pod
+  * Headless services for Oracle Restart
+    * Oracle Restart node hostname
+  * Node Port 30007 mapped to port 1521 for Database Listener.  
+  * Persistent volumes created automatically based on specified disks for Oracle ASM storage.
+  * Staged Software location using a mount location which is using a pre created Persistent Volume from a network file system(NFS).
+  * Namespace: `orestart`
+  * Mount point for the Software Stage Location inside the Pod is specified by `swStagePvcMountLocation`.
+  * Staged Software location inside the Pod is specified by `hostSwStageLocation`. It is assumed that the Grid Infrastructure and RDBMS Binaries are already available in this path on the Persistent Volume used.
+  * The GI HOME and the RDBMS HOME in the Oracle Restart Pod are mounted using a Persistent Volume created using the Storage Class (specified using `swDgStorageClass`). This Persistent Volume is mounted to `/u01` inside the Pod. Size of this Persistent Volume is specified using `swLocStorageSizeInGb`.
+  * Directory where the **Release Update (RU) patch** has been unzipped is specified by `ruPatchLocation`. 
+    * For Example: To apply the 19.28 RU Patch `37957391`, if you have unzipped the RU Patch .zip file `p37957391_190000_Linux-x86-64.zip` to location `/scratch/software/19c/19.28/` on the worker node, then set this parameter `ruPatchLocation` to value `/scratch/software/ru_patch/37957391`.
+  * Directory, where latest opatch zip file is available, is specified by `oPatchLocation`.
+  * Directory, where unzipped One-off patch files are available, is specified by `oneOffLocation`.
+  * Specify Comma-separated one-off patch IDs to be applied to the GI HOME using `gridOneOffIds`. For Example: `gridOneOffIds: "38336965,34436514"`
+  * Specify Comma-separated one-off patch IDs to be applied to the RDBMS HOME using `dbOneOffIds`. For Example: `dbOneOffIds: "38336965,34436514"`
+
+### In this example, 
+  * We are using Oracle Restart Database slim image by building it from Git location(./https://orahub.oci.oraclecorp.com/rac-docker-dev/rac-docker-images/-/blob/master/OracleRealApplicationClusters/README.md#building-oracle-rac-database-container-slim-image) i.e. `dbocir/oracle/database-rac:19.3.0-slim`. To use this in your in own environment, update the image value in the `oraclerestart_prov_rupatch_oneoff_storageclass.yaml` file to point to your own container registry base container image.
+  * The disks provisioned using customer storage class (specified by `crsDgStorageClass`) for the Oracle Restart storage are `/dev/asm-disk1` and `/dev/asm-disk2`. 
+  * Specify the size of these devices along with names using the parameter `storageSizeInGb`. Size is by-default in GBs.
+
+**NOTE:** When no separate diskgroup names are specified for CRS Files, Database Files, Recovery Area Files and Redo Log Files, then the default diskgroup named `+DATA` is created from the disks specified by the parameter `crsAsmDeviceList`.
+
+### Steps: Deploy Oracle Restart Database  
+* Use the file: [oraclerestart_prov_rupatch_oneoff_storageclass.yaml](./oraclerestart_prov_rupatch_oneoff_storageclass.yaml) for this use case as below:
+* Deploy the `oraclerestart_prov_rupatch_oneoff_storageclass.yaml` file:
+    ```sh
+    kubectl apply -f oraclerestart_prov_rupatch_oneoff_storageclass.yaml
+    oraclerestart.database.oracle.com/oraclerestart-sample created
+    ```
+* Check the status of the deployment:
+    ```sh
+    # Check the status of the Kubernetes Pods:    
+    kubectl get all -n orestart
+
+    # Check the logs of a particular pod. For example, to check status of pod "dbmc1-0":    
+    kubectl exec -it pod/dbmc1-0 -n orestart -- bash -c "tail -f /tmp/orod/oracle_db_setup.log"
+    ===============================
+    ORACLE DATABASE IS READY TO USE
+    ===============================
+    ```
+* Check Details of Kubernetes CRD Object as in this [example](./orestart_db_rupatch_oneoffs_object.txt)
diff --git a/docs/oraclerestart/provisioning/provisioning_oracle_restart_multiple_diskgroups.md b/docs/oraclerestart/provisioning/provisioning_oracle_restart_multiple_diskgroups.md
new file mode 100644
index 00000000..0cc3800d
--- /dev/null
+++ b/docs/oraclerestart/provisioning/provisioning_oracle_restart_multiple_diskgroups.md
@@ -0,0 +1,42 @@
+# Provisioning an Oracle Restart Database with multiple diskgroups
+### In this Usecase:
+* In this use case, the Oracle Grid Infrastructure and Oracle Restart Database are deployed automatically using Oracle Restart Controller. In this example, multiple diskgroups are created for CRS Files, Database Files and Recovery Area Files. 
+* This example uses `oraclerestart_prov_multiple_diskgroups.yaml` to provision an Oracle Database configured with Oracle Restart using Oracle Restart Controller. The provisioning includes:
+  * Oracle Restart Database Pod
+  * Headless services for Oracle Restart.
+    * Oracle Database Node hostname.
+  * Persistent volumes created automatically based on specified disks for Oracle ASM Storage.
+  * Software Persistent Volume and Staged Software Persistent Volume using the specified location on the corresponding worker node.
+  * Namespace: `orestart`
+  * Staged Software location on the worker nodes is specified by `hostSwStageLocation`. The Grid Infrastructure and RDBMS Binaries are copied to this location on the worker node.
+  * Software location on the worker nodes is specified by `hostSwLocation`. The GI HOME and the RDBMS HOME in the Oracle Restart Pod will be mounted using this location on the worker node.
+### In this Example:
+  * Oracle Restart Database Slim Image `dbocir/oracle/database-orestart:19.3.0-slim` is used and it is built using files from [GitHub location](https://github.com/oracle/docker-images/tree/main/OracleDatabase/RAC/OracleRealApplicationClusters#building-oracle-rac-database-container-slim-image). Default image created using files from this project is `localhost/oracle/database-rac:19.3.0-slim`. You need to tag it with name `dbocir/oracle/database-orestart:19.3.0-slim`. 
+  * When you are building the image yourself, update the image value in the `oraclerestart_prov_multiple_diskgroups.yaml` file to point to the container image you have built. 
+  * The disks on the worker nodes for the Oracle Restart storage are `/dev/disk/by-partlabel/asm-disk1` to`/dev/disk/by-partlabel/asm-disk8`. 
+  * Specify the size of these devices along with names using the parameter `storageSizeInGb`. Size is by-default in GBs. 
+  * The Diskgroup for CRS files is specified by `crsAsmDiskDg` and the disks on the worker nodes for this diskgroup are specified by `crsAsmDeviceList`. 
+  * The Diskgroup for Database files is specified by `dbDataFileDestDg` and the disks on the worker nodes for this diskgroup are specified by `dbAsmDeviceList`. 
+  * The Diskgroup for Recovery Area files is specified by `dbRecoveryFileDest` and the disks on the worker nodes for this diskgroup are specified by `recoAsmDeviceList`. 
+  * The Diskgroup for Redo Log files is specified by `redoAsmDiskDg` and the disks on the worker nodes for this diskgroup are specified by `redoAsmDeviceList`. 
+
+### Steps: Deploy Oracle Restart Database
+* Use the file: [oraclerestart_prov_multiple_diskgroups.yaml](./oraclerestart_prov_multiple_diskgroups.yaml) for this use case as below:
+* Deploy the `oraclerestart_prov_multiple_diskgroups.yaml` file:
+    ```sh
+    kubectl apply -f oraclerestart_prov_multiple_diskgroups.yaml
+    oraclerestart.database.oracle.com/oraclerestart-sample created
+    ```
+* Check the status of the deployment:
+    ```sh
+    # Check the status of the Kubernetes Pods:    
+    kubectl get all -n orestart
+
+    # Check the logs of a particular pod. For example, to check status of pod "dbmc1-0":    
+    kubectl exec -it pod/dbmc1-0 -n orestart -- bash -c "tail -f /tmp/orod/oracle_db_setup.log"
+    ===============================
+    ORACLE DATABASE IS READY TO USE
+    ===============================
+    ```
+* Check Details of Kubernetes CRD Object as in this [example](./oraclerestart_prov_multiple_diskgroups.txt)
+* Refer to the page [Database Connection](./database_connection.md) for the details to connect to Oracle Restart Database deployed using above example.
diff --git a/docs/oraclerestart/provisioning/provisioning_oracle_restart_multiple_diskgroups_with_redundancy.md b/docs/oraclerestart/provisioning/provisioning_oracle_restart_multiple_diskgroups_with_redundancy.md
new file mode 100644
index 00000000..ecd09b16
--- /dev/null
+++ b/docs/oraclerestart/provisioning/provisioning_oracle_restart_multiple_diskgroups_with_redundancy.md
@@ -0,0 +1,48 @@
+# Provisioning an Oracle Restart Database with multiple diskgroups with different redundancy
+# In this Usecase:
+The Oracle Grid Infrastructure and Oracle Restart Database are deployed automatically using Oracle Restart Controller. In this example, multiple diskgroups are created for CRS Files, Database Files, Recovery Area Files and Redo Log Files. Different Disk Groups have different redundancy levels.
+
+This example uses `oraclerestart_prov_multiple_diskgroups_with_redundancy.yaml` to provision an Oracle Database configured with Oracle Restart using Oracle Restart Controller. The provisioning includes:
+  * Oracle Restart Pod
+  * Headless services for Oracle Restart.
+    * Oracle Database Node hostname.
+  * Persistent volumes created automatically based on specified disks for Oracle ASM Storage.
+  * Software Persistent Volume and Staged Software Persistent Volume using the specified location on the corresponding worker node.
+  * Namespace: `orestart`
+  * Staged Software location on the worker nodes is specified by `hostSwStageLocation`. The Grid Infrastructure and RDBMS Binaries are copied to this location on the worker node.
+  * Software location on the worker nodes is specified by `hostSwLocation`. The GI HOME and the RDBMS HOME in the Oracle Restart Pod will be mounted using this location on the worker node.
+
+### In this example, 
+  * Oracle Restart Database Slim Image `dbocir/oracle/database-orestart:19.3.0-slim` is used and it is built using files from [GitHub location](https://github.com/oracle/docker-images/tree/main/OracleDatabase/RAC/OracleRealApplicationClusters#building-oracle-rac-database-container-slim-image). Default image created using files from this project is `localhost/oracle/database-rac:19.3.0-slim`. You need to tag it with name `localhost/oracle/database-orestart:19.3.0-slim`. 
+  * When you are building the image yourself, update the image value in the `oraclerestart_prov_multiple_diskgroups_with_redundancy.yaml` file to point to the container image you have built. 
+  * The disks on the worker nodes for the Oracle Restart storage are `/dev/disk/by-partlabel/asm-disk1` to`/dev/disk/by-partlabel/asm-disk10`. 
+  * Specify the size of disk devices along with names using the parameter `storageSizeInGb`. Size is by-default in GBs. 
+  * The Diskgroup for CRS files is specified by `crsAsmDiskDg` and the disks on the worker nodes for this diskgroup are specified by `crsAsmDeviceList`. 
+  * The Diskgroup for Database files is specified by `dbDataFileDestDg` and the disks on the worker nodes for this diskgroup are specified by `dbAsmDeviceList`. 
+  * The Diskgroup for Recovery Area files is specified by `dbRecoveryFileDest` and the disks on the worker nodes for this diskgroup are specified by `recoAsmDeviceList`. 
+  * The Diskgroup for Redo Log files is specified by `redoAsmDiskDg` and the disks on the worker nodes for this diskgroup are specified by `redoAsmDeviceList`. 
+  * Redundancy level for the diskgroup with CRS files is mentioned by `crsAsmDiskDgRedundancy`.
+  * Redundancy level for the diskgroup with Database files is mentioned by `dbAsmDiskDgRedundancy`.
+  * Redundancy level for the diskgroup with Recovery files is mentioned by `recoAsmDiskDgRedudancy`.
+  * Redundancy level for the diskgroup with Redo Log files is mentioned by `redoAsmDiskDgRedundancy`.
+
+### Steps: Deploy Oracle Restart Database
+* Use the file: [oraclerestart_prov_multiple_diskgroups_with_redundancy.yaml](./oraclerestart_prov_multiple_diskgroups_with_redundancy.yaml) for this use case as below:
+* Deploy the `oraclerestart_prov_multiple_diskgroups_with_redundancy.yaml` file:
+    ```sh
+    kubectl apply -f oraclerestart_prov_multiple_diskgroups_with_redundancy.yaml
+    oraclerestart.database.oracle.com/oraclerestart-sample created
+    ```
+* Check the status of the deployment:
+    ```sh
+    # Check the status of the Kubernetes Pods:    
+    kubectl get all -n orestart
+
+    # Check the logs of a particular pod. For example, to check status of pod "dbmc1-0":    
+    kubectl exec -it pod/dbmc1-0 -n orestart -- bash -c "tail -f /tmp/orod/oracle_db_setup.log"
+    ===============================
+    ORACLE DATABASE IS READY TO USE
+    ===============================
+    ```
+* Check Details of Kubernetes CRD Object as in this [example](./oraclerestart_prov_multiple_diskgroups_with_redundancy.txt)
+* Refer to the page [Database Connection](./database_connection.md) for the details to connect to Oracle Restart Database deployed using above example.
diff --git a/docs/oraclerestart/provisioning/provisioning_oracle_restart_rupatch_pvc.md b/docs/oraclerestart/provisioning/provisioning_oracle_restart_rupatch_pvc.md
new file mode 100644
index 00000000..d964eb66
--- /dev/null
+++ b/docs/oraclerestart/provisioning/provisioning_oracle_restart_rupatch_pvc.md
@@ -0,0 +1,47 @@
+# Provisioning an Oracle Restart Database with RU Patch on Existing PVC
+
+### In this Usecase:
+* The Oracle Grid Infrastructure and Oracle Restart Database are deployed automatically using Oracle Restart Controller. In this case, no storage location from the worker node is used for ASM Disks or GI HOME or RDBMS HOME or Software Staging etc. 
+* This example uses `oraclerestart_prov_rupatch_pvc.yaml` to provision an Oracle Restart Database using Oracle Restart Controller with:
+  * Oracle Restart Database pod
+  * Headless services for Oracle Restart
+    * Oracle Restart Node hostname
+  * Node Port 30007 mapped to port 1521 for Database Listener
+  * Persistent volumes created automatically based on specified disks for Oracle ASM storage.
+  * Staged Software location using a mount location which is using a pre created Persistent Volume from a network file system(NFS)
+  * Namespace: `orestart`
+  * Mount point for the Software Stage Location inside the Pod is specified by `swStagePvcMountLocation`.
+  * Staged Software location inside the Pod is specified by `hostSwStageLocation`. It is assumed that the Grid Infrastructure and RDBMS Binaries are already available in this path on the Persistent Volume used.
+  * The GI HOME and the RDBMS HOME in the Oracle Restart Pod are mounted using a Persistent Volume created using the Storage Class (specified using `swDgStorageClass`). This Persistent Volume is mounted to `/u01` inside the Pod. Size of this Persistent Volume is specified using `swLocStorageSizeInGb`.
+  * Location where the `RU Patch` has been unzipped on the mounted PV is specified by `ruPatchLocation`.
+  * Path to the Opatch Software compatible with the RU Patch is specified using `oPatchLocation`.
+
+### In this Example: 
+  * Oracle Restart Database Slim Image `dbocir/oracle/database-orestart:19.3.0-slim` is used and it is built using files from [GitHub location](https://github.com/oracle/docker-images/tree/main/OracleDatabase/RAC/OracleRealApplicationClusters#building-oracle-rac-database-container-slim-image). Default image created using files from this project is `localhost/oracle/database-rac:19.3.0-slim`. You need to tag it with name `dbocir/oracle/database-orestart:19.3.0-slim`. 
+  * When you are building the image yourself, update the image value in the `oraclerestart_prov_rupatch_pvc.yaml` file to point to the container image you have built. 
+  * Use the file [nfs_pv_stage_vol.yaml](./nfs_pv_stage_vol.yaml) to mount the Network File System as a Persistent Volume named `pv-stage-vol1`. It is assumed this NFS has the required GI and RDBMS Base Software, unzipped RU Patch binaries and Opatch binaries in the specified location. In current case, an OCI File System is used with its export path as `/stage` and Mount Target IP as `10.0.10.212`. 
+  * The disks provisioned using customer storage class (specified by `crsDgStorageClass`) for the Oracle Restart storage are `/dev/asm-disk1` and `/dev/asm-disk2`. 
+  * Specify the size of these devices using the parameter `storageSizeInGb`. Size is by-default in GBs.
+
+**NOTE:** When no separate diskgroup names are specified for CRS Files, Database Files, Recovery Area Files and Redo Log Files, then the default diskgroup named `+DATA` is created from the disks specified by the parameter `crsAsmDeviceList`.
+
+### Steps: Deploy Oracle Restart Database
+* Use the file: [oraclerestart_prov_rupatch_pvc.yaml](./oraclerestart_prov_rupatch_pvc.yaml) for this use case as below:
+* Deploy the `oraclerestart_prov_rupatch_pvc.yaml` file:
+    ```sh
+    kubectl apply -f oraclerestart_prov_rupatch_pvc.yaml
+    oraclerestart.database.oracle.com/oraclerestart-sample created
+    ```
+* Check the status of the deployment:
+    ```sh
+    # Check the status of the Kubernetes Pods:    
+    kubectl get all -n orestart
+
+    # Check the logs of a particular pod. For example, to check status of pod "dbmc1-0":    
+    kubectl exec -it pod/dbmc1-0 -n orestart -- bash -c "tail -f /tmp/orod/oracle_db_setup.log"
+    ===============================
+    ORACLE DATABASE IS READY TO USE
+    ===============================
+    ```
+* Check Details of Kubernetes CRD Object as in this [example](./orestart_rupatch_pvc_object.txt)
+* Refer to the page [Database Connection](./database_connection.md) for the details to connect to Oracle Restart Database deployed using above example.
diff --git a/docs/oraclerestart/provisioning/provisioning_oracle_restart_storage_class.md b/docs/oraclerestart/provisioning/provisioning_oracle_restart_storage_class.md
new file mode 100644
index 00000000..acf95d4e
--- /dev/null
+++ b/docs/oraclerestart/provisioning/provisioning_oracle_restart_storage_class.md
@@ -0,0 +1,42 @@
+# Provisioning an Oracle Restart Database with Custom Storage Class
+### In this Usecase:
+* The Oracle Grid Infrastructure and Oracle Restart Database are deployed automatically using Oracle Restart Controller with Custom Storage Class. 
+* In this use case, the ASM Disks are provisioned as Persistent Volumes using custom storage class during the deployment.
+* This example uses `oraclerestart_prov_storage_class.yaml` to provision an Oracle Restart Database using Oracle Restart Controller with:
+  * Oracle Restart Pod
+  * Headless services for Oracle Restart
+    * Oracle Restart node hostname
+  * Node Port 30007 mapped to port 1521 for Database Listener
+  * Persistent volumes for ASM Disks created automatically using the Storage Class for Oracle ASM storage
+  * Software Persistent Volume and Staged Software Persistent Volume using the specified location on the corresponding worker node
+  * Namespace: `orestart`
+  * Staged Software location on the worker nodes is specified by `hostSwStageLocation`. The Grid Infrastructure and RDBMS Binaries are copied to this location on the worker node.
+  * The GI HOME and the RDBMS HOME in the Oracle Restart Pod are mounted using a Persistent Volume created using the Storage Class (specified using `storageClass`). This Persistent Volume is mounted to `/u01` inside the Pod. Size of this Persistent Volume is specified using `swLocStorageSizeInGb`.
+
+### In this Example:
+  * Oracle Restart Database Slim Image `localhost/oracle/database-orestart:19.3.0-slim` is used and it is built using files from [GitHub location](https://github.com/oracle/docker-images/tree/main/OracleDatabase/RAC/OracleRealApplicationClusters#building-oracle-rac-database-container-slim-image). Default image created using files from this project is `localhost/oracle/database-rac:19.3.0-slim`. You need to tag it with name `localhost/oracle/database-orestart:19.3.0-slim`. 
+  * When you are building the image yourself, update the image value in the `oraclerestart_prov_storage_class.yaml` file to point to the container image you have built. 
+  * The disks provisioned using customer storage class (specified by `crsDgStorageClass`) for the Oracle Restart storage are `/dev/asm-disk1` and `/dev/asm-disk2`. 
+  * Specify the size of these devices along with names using the parameter `storageSizeInGb`. Size is by-default in GBs.
+
+**NOTE:** When no separate diskgroup names are specified for CRS Files, Database Files, Recovery Area Files and Redo Log Files, then the default diskgroup named `+DATA` is created from the disks specified by the parameter `crsAsmDeviceList`.
+  
+### Steps: Deploy Oracle Restart Database
+* Use the file: [oraclerestart_prov_storage_class.yaml](./oraclerestart_prov_storage_class.yaml) for this use case as below:
+* Deploy the `oraclerestart_prov_storage_class.yaml` file:
+    ```sh
+    kubectl apply -f oraclerestart_prov_storage_class.yaml
+    oraclerestart.database.oracle.com/oraclerestart-sample created
+    ```
+* Check the status of the deployment:
+    ```sh
+    # Check the status of the Kubernetes Pods:    
+    kubectl get all -n orestart
+
+    # Check the logs of a particular pod. For example, to check status of pod "dbmc1-0":    
+    kubectl exec -it pod/dbmc1-0 -n orestart -- bash -c "tail -f /tmp/orod/oracle_db_setup.log"
+    ===============================
+      ORACLE DATABASE IS READY TO USE
+    ===============================
+    ```
+* Check Details of Kubernetes CRD Object as in this [example](./orestart_storage_class_object.txt)
diff --git a/docs/ordsservices/README.md b/docs/ordsservices/README.md
index e2fa97be..d012d4ef 100644
--- a/docs/ordsservices/README.md
+++ b/docs/ordsservices/README.md
@@ -1,10 +1,10 @@
-# Oracle Rest Data Services (ORDSSRVS) Controller for Kubernetes -  ORDS Life cycle management
+# Oracle Rest Data Services (OrdsSrvs) Controller for Kubernetes -  ORDS Life cycle management
 
 
 ## Description
 
-The ORDSRVS controller extends the Kubernetes API with a Custom Resource (CR) and Controller for automating Oracle Rest Data
-Services (ORDS) lifecycle management.  Using the ORDS controller, you can easily migrate existing, or create new, ORDS implementations
+The OrdsSrvs controller extends the Kubernetes API with a Custom Resource (CR) and Controller for automating Oracle Rest Data
+Services (ORDS) lifecycle management.  Using the OrdsSrvs controller, you can easily migrate existing, or create new, ORDS implementations
 into an existing Kubernetes cluster.  
 
 This controller allows you to run what would otherwise be an On-Premises ORDS middle-tier, configured as you require, inside Kubernetes with the additional ability of the controller to perform automatic ORDS/APEX install/upgrades inside the database.
@@ -17,55 +17,92 @@ The custom RestDataServices resource supports the following configurations as a
 * Single OrdsSrvs resource with multiple database pools<sup>*</sup>
 * Multiple OrdsSrvs resources, each with one database pool
 * Multiple OrdsSrvs resources, each with multiple database pools<sup>*</sup>
+* ORDS and APEX database schemas [automatic installation/upgrade](./autoupgrade.md)
 
 <sup>*See [Limitations](#limitations)</sup>
 
-It supports the majority of ORDS configuration settings as per the [API Documentation](./api.md).
+ORDS Version supported : 25.1.0+  
+OrdsSrvs controller supports the majority of ORDS configuration settings as per the [API Documentation](./api.md).
 
-The ORDS and APEX schemas can be [automatically installed/upgraded](./autoupgrade.md) into the Oracle Database by the ORDS controller.
 
-ORDS Version support: 
-* 24.1.1  
-(Newer versions of ORDS will be supported in the next update of OraOperator)
+## Prerequisites
 
-Oracle Database Version: 
-* 19c
-* 23ai (incl. 23ai Free)
+ This chapter outlines the necessary requirements that must be satisfied to successfully deploy and operate the OrdsSrvs controller within your Kubernetes cluster.
 
-### Prerequisites
+### Oracle Database Operator  
 
-1. Oracle Database Operator  
+Before installing the OrdsSrvs controller, ensure that the Oracle Database Operator (OraOperator) is installed in your Kubernetes environment. Please follow the detailed installation steps provided in the [README](https://github.com/oracle/oracle-database-operator/blob/main/README.md) to complete this process. The OraOperator must be properly configured and running, as OrdsSrvs depends on its services for functionality.
 
-    Install the Oracle Database Operator (OraOperator) using the instructions in the [README](https://github.com/oracle/oracle-database-operator/blob/main/README.md) file.
 
-1. Namespace  
+### Namespace Namespace Scoped Deployment
 
-    For a dedicated namespace deployment of the ORDSSRVS controller, refer to the "Namespace Scoped Deployment" section in the OraOperator [README](https://github.com/oracle/oracle-database-operator/blob/main/README.md#2-namespace-scoped-deployment).
+For a dedicated namespace deployment of the OrdsSrvs controller, refer to the "Namespace Scoped Deployment" section in the OraOperator [README](https://github.com/oracle/oracle-database-operator/blob/main/README.md#2-namespace-scoped-deployment).
+The following examples demonstrate deploying the controller to the ordsnamespace namespace. 
 
-    The following examples deploy the controller to the 'ordsnamespace' namespace.
+Create the namespace:
 
-    Create the namespace:
-    ```bash
-    kubectl create namespace ordsnamespace
-    ```
+```bash
+kubectl create namespace ordsnamespace
+```
 
-    Apply namespace role binding [ordsnamespace-role-binding.yaml](./examples/ordsnamespace-role-binding.yaml):
-    ```bash
-    kubectl apply -f ordsnamespace-role-binding.yaml
-    ```
+Apply namespace role binding [ordsnamespace-role-binding.yaml](./ordsnamespace-role-binding.yaml):
 
-    Edit OraOperator to add the namespace under WATCH_NAMESPACE:
-    ```yaml
-    - name: WATCH_NAMESPACE
+```bash
+kubectl apply -f ordsnamespace-role-binding.yaml
+```
+
+Edit OraOperator to add the namespace under WATCH_NAMESPACE:
+```yaml
+  - name: WATCH_NAMESPACE
     value: "default,<your namespaces>,ordsnamespace"
-    ```
+```
 
-### Common configuration examples
+## OpenShift Security Context Constraints
 
-A few common configuration examples can be used to quickly familiarise yourself with the ORDS Custom Resource Definition.
-The "Conclusion" section of each example highlights specific settings to enable functionality that maybe of interest.
+If you are deploying the OrdsSrvs controller on OpenShift, ensure that the appropriate Security Context Constraints (SCCs) are configured. This involves assigning privileged SCCs to the service accounts used by OrdsSrvs to permit required operations.
+
+### Create a Service Account
+
+This account will be used to assign the necessary Security Context Constraints (SCCs) for the controller’s operation.
+Below is an example [YAML](./examples/ordssrvs-sa.yaml) manifest to create a service account named "ordssrvs-sa" in the "ordsnamespace" namespace:
+
+```yaml
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+  name: ordssrvs-sa
+  namespace: ordsnamespace
+```
+
+### Create a Custom Security Context Constraint (SCC)
+
+To configure the required security permissions, use the attached [YAML](./examples/ordssrvs-sa-scc.yaml) file to create a custom Security Context Constraint (SCC) and bind it to the "ordssrvs-sa" service account. 
+This will ensure the service account has the necessary permissions for the OrdsSrvs controller to operate on OpenShift.
+
+### Set serviceAccountName in OrdsSrvs 
+
+Ensure that the OrdsSrvs controller uses the dedicated service account you created. In the deployment manifest for OrdsSrvs, specify the serviceAccountName field with the name of your service account (e.g., ordssrvs-sa) as in this [example](./examples/ordssrvs.yaml).
 
-Before 
+```yaml
+apiVersion: database.oracle.com/v4
+kind: OrdsSrvs
+metadata:
+  name: ordssrvs
+  namespace: ordsnamespace
+spec:
+  ...
+  globalSettings:
+    ...
+  poolSettings:
+    ...
+  serviceAccountName: ordssrvs-sa
+```
+
+
+## Common configuration examples
+
+A few common configuration examples can be used to quickly familiarise yourself with the OrdsSrvs Custom Resource Definition.
+The "Conclusion" section of each example highlights specific settings to enable functionality that maybe of interest.
 
 * [Pre-existing Database](./examples/existing_db.md)
 * [Containerised Single Instance Database (SIDB)](./examples/sidb_container.md)
@@ -73,16 +110,31 @@ Before
 * [Autonomous Database using the OraOperator](./examples/adb_oraoper.md) <sup>*See [Limitations](#limitations)</sup>
 * [Autonomous Database without the OraOperator](./examples/adb.md)
 * [Oracle API for MongoDB Support](./examples/mongo_api.md)
+* [ORDS and APEX database schemas automatic installation/upgrade](./autoupgrade.md)
 
 Running through all examples in the same Kubernetes cluster illustrates the ability to run multiple ORDS instances with a variety of different configurations.
 
-If you have a specific use-case that is not covered and would like it to be feel free to contribute it via a Pull Request.
 
-### Limitations
+## Change Log
+
+### Version 2.0
+
+  - ORDS image 25.1+ 
+  - OpenShift installation 
+  - APEX installation files from download url or PersistenceVolume
+  - BUGFIX [#181 enhancement, init script refactoring and improved logging](https://github.com/oracle/oracle-database-operator/issues/181)
+  - BUGFIX [#186 autoUpgradeORDS: true and autoUpgradeAPEX: false not working](https://github.com/oracle/oracle-database-operator/issues/186)
+  - BUGFIX [#188 int64 for configuration settings of type Duration](https://github.com/oracle/oracle-database-operator/issues/188)
+
+### Upgrading from 1.2 to 2.0
+Password secrets must be recreated when upgrading the operator from version 1.2 to 2.0.  
+Secrets can be recreated either before or after the operator upgrade. Restarting the OrdsSrvs deployment is not required for this procedure; however, if the deployment does need to be restarted for any reason, ensure secrets are recreated first.
+
+## Limitations
 
 When connecting to a mTLS enabled ADB and using the Oracontroller to retreive the Wallet, it is currently not supported to have multiple, different databases supported by the single RestDataServices resource.  This is due to a requirement to set the `TNS_ADMIN` parameter at the Pod level ([#97](https://github.com/oracle/oracle-database-controller/issues/97)).
 
-### Troubleshooting 
+## Troubleshooting 
 See [Troubleshooting](./TROUBLESHOOTING.md)
 
 ## Contributing
diff --git a/docs/ordsservices/api.md b/docs/ordsservices/api.md
index da4db09c..4268e98c 100644
--- a/docs/ordsservices/api.md
+++ b/docs/ordsservices/api.md
@@ -291,14 +291,32 @@ Contains settings that are configured across the entire ORDS instance.
             <i>Format</i>: int64<br/>
         </td>
         <td>false</td>
-      </tr><tr>
+      </tr>
+      <tr>
         <td><b>debug.printDebugToScreen</b></td>
         <td>boolean</td>
         <td>
           Specifies whether to display error messages on the browser.<br/>
         </td>
         <td>false</td>
-      </tr><tr>
+      </tr>
+      <tr>
+        <td><b>downloadAPEX</b></td>
+        <td>boolean</td>
+        <td>
+          Specifies whether to downloan APEX installation files.<br/>
+        </td>
+        <td>false</td>
+      </tr>
+      <tr>
+        <td><b>downloadUrlAPEX</b></td>
+        <td>string</td>
+        <td>
+          Specifies the URL to downloan APEX installation files.<br/>
+        </td>
+        <td>https://download.oracle.com/otn_software/apex/apex-latest.zip</td>
+      </tr>
+      <tr>
         <td><b>enable.mongo.access.log</b></td>
         <td>boolean</td>
         <td>
diff --git a/docs/ordsservices/autoupgrade.md b/docs/ordsservices/autoupgrade.md
index fddc30b3..55d431cb 100644
--- a/docs/ordsservices/autoupgrade.md
+++ b/docs/ordsservices/autoupgrade.md
@@ -1,10 +1,117 @@
-# AutoUpgrade
+# ORDS and APEX AutoUpgrade
 
-Each pool can be configured to automatically install and upgrade the ORDS and/or APEX schemas in the database.
-The ORDS and APEX version is based on the ORDS image used for the RestDataServices resource.
+Each pool can be configured to automatically install and upgrade the ORDS and/or APEX schemas in the database.  
 
-For example, in the below manifest:
-* `Pool: pdb1` is configured to automatically install/ugrade both ORDS and APEX to version 24.1.0  
+## ORDS autoUpgrade
+
+The ORDS version is determined by the ORDS image used for the RestDataServices resource.
+ORDS schema installation and upgrade can be activated at the pool level:  
+
+```yaml
+apiVersion: database.oracle.com/v1
+kind: OrdsSrvs
+metadata:
+    name: ordspoc-server
+spec:
+    ...
+    poolSettings:
+      - poolName: pdb1
+        autoUpgradeORDS: true
+```
+
+## APEX autoUpgrade
+
+ORDS image does **not** contain APEX installation files.  
+APEX installation files can be provided to the pod in two ways:  
+
+ - automatic download
+ - external storage (PersistenceVolume)
+
+
+### APEX installation automatic download
+
+The ORDS container can download the latest APEX version either from "Oracle APEX Downloads" or a specified custom URL.  
+To download APEX installation files, the Kubernetes worker node must have internet access.  
+The APEX download is defined globally, and upgrades can be enabled or disabled for each pool individually.
+
+```yaml
+apiVersion: database.oracle.com/v1
+kind: OrdsSrvs
+metadata:
+    name: ordspoc-server
+spec:
+    ...
+    globalSettings:
+        downloadAPEX : true
+        downloadUrlAPEX : https://download.oracle.com/otn_software/apex/apex_24.2.zip
+    encPrivKey:
+      ...
+    poolSettings:
+      - poolName: pdb1
+        autoUpgradeAPEX: true
+        ...
+      - poolName: pdb2
+        autoUpgradeAPEX: false
+        ...
+```
+
+If you do not specify a download URL (downloadUrlAPEX), the default value is used:
+https://download.oracle.com/otn_software/apex/apex-latest.zip
+
+
+### APEX installation files on external storage
+
+Alternatively, you can provide APEX installation files in a dedicated PersistentVolume containing a single apex.zip file.  
+
+You can download apex.zip from:  
+https://www.oracle.com/tools/downloads/apex-downloads/
+
+```yaml
+apiVersion: database.oracle.com/v4
+kind: OrdsSrvs
+metadata:
+  name: ordssrvs
+  namespace: testcase
+spec:
+  ...
+  globalSettings:
+    apex.download : false
+    apex.installation.persistence:
+      volumeName : apexpv
+      storageClass :
+      size : 20Gi
+      accessMode : ReadWriteMany
+    ...  
+  poolSettings:
+    - poolName: default
+      autoUpgradeAPEX: true
+```
+
+The OrdsSrvs controller will create a PersistentVolumeClaim (PVC) for the PV and mount it in the pod’s container at /opt/oracle/apex.
+
+The volume can be static or dynamic. If the volume is empty, the init container will wait until it finds apex.zip at the mount point.   
+The init container logs the following message:  
+
+``` bash
+Missing /opt/oracle/apex/apex.zip, manually copy apex.zip in /opt/oracle/apex on the init container of the pod
+```
+
+You can copy the apex.zip file into the container while the init script is waiting:  
+
+``` bash
+kubectl cp /tmp/apex.zip <ordspod>:/tmp -c ordssrvs-init -n ordsnamespace
+kubectl exec -c ordssrvs-init -n ordsnamespace <ordspod> -- mv /tmp/apex.zip /opt/oracle/apex
+```
+
+
+
+## Example: ORDS autoUpgrade and APEX download/autoUpgrade
+
+In the following manifest example:  
+
+* APEX installation files will be downloaded from latest version.
+* `Pool: pdb1` is configured to automatically install/ugrade both ORDS and APEX to version 25.1.0  
+* `Pool: pdb2` will install or upgrade ORDS
 * `Pool: pdb2` will not install or upgrade ORDS/APEX
 
 As an additional requirement for `Pool: pdb1`, the `spec.poolSettings.db.adminUser` and `spec.poolSettings.db.adminUser.secret`
@@ -16,10 +123,12 @@ kind: OrdsSrvs
 metadata:
     name: ordspoc-server
 spec:
-    image: container-registry.oracle.com/database/ords:24.1.0
+    image: container-registry.oracle.com/database/ords:25.1.0
     forceRestart: true
     globalSettings:
         database.api.enabled: true
+        downloadAPEX : true
+        downloadUrlAPEX : https://download.oracle.com/otn_software/apex/apex_24.2.zip
     encPrivKey:
         secretName: prvkey
         passwordKey: privateKey
@@ -35,12 +144,20 @@ spec:
         db.adminUser.secret:
             secretName:  pdb1-sys-auth-enc
       - poolName: pdb2
+        autoUpgradeORDS: true
         db.connectionType: customurl
         db.customURL: jdbc:oracle:thin:@//localhost:1521/PDB2
         db.secret:
             secretName:  pdb2-ords-auth-enc
+      - poolName: pdb3
+        db.connectionType: customurl
+        db.customURL: jdbc:oracle:thin:@//localhost:1521/PDB3
+        db.secret:
+            secretName:  pdb3-ords-auth-enc
 ```
 
+
+
 ## Minimum Privileges for Admin User
 
 The `db.adminUser` must have privileges to create users and objects in the database.  For Oracle Autonomous Database (ADB), this could be `ADMIN` while for
diff --git a/docs/ordsservices/examples/adb.md b/docs/ordsservices/examples/adb.md
index 90a21b5c..ab87a3b5 100644
--- a/docs/ordsservices/examples/adb.md
+++ b/docs/ordsservices/examples/adb.md
@@ -21,13 +21,13 @@ kubectl create secret generic adb-wallet \
 Create a Secret for the ADB ADMIN password, replacing <ADMIN_PASSWORD> with the real password:
 
 ```bash
-echo ${ADMIN_PASSWORD} > adb-db-auth-enc
-openssl  genpkey -algorithm RSA  -pkeyopt rsa_keygen_bits:2048 -pkeyopt rsa_keygen_pubexp:65537 > ca.key
+echo ${ADMIN_PASSWORD} > db-auth
+openssl genpkey -algorithm RSA  -pkeyopt rsa_keygen_bits:2048 -pkeyopt rsa_keygen_pubexp:65537 > ca.key
 openssl rsa -in ca.key -outform PEM  -pubout -out public.pem
 kubectl create secret generic prvkey --from-file=privateKey=ca.key  -n ordsnamespace
-openssl rsautl -encrypt -pubin -inkey public.pem -in adb-db-auth-enc |base64 > e_adb-db-auth-enc
-kubectl create secret generic adb-oraoper-db-auth-enc  --from-file=password=e_adb-db-auth-enc -n  ordsnamespace
-rm adb-db-auth-enc e_adb-db-auth-enc
+openssl pkeyutl -encrypt -pubin -inkey public.pem -in db-auth -pkeyopt rsa_padding_mode:oaep -pkeyopt rsa_oaep_md:sha256 |base64 > e_db-auth
+kubectl create secret generic adb-oraoper-db-auth-enc  --from-file=password=e_db-auth -n  ordsnamespace
+rm db-auth e_db-auth
 ```
 
 ### Create RestDataServices Resource
@@ -46,7 +46,7 @@ rm adb-db-auth-enc e_adb-db-auth-enc
       name: ords-adb
       namespace: ordsnamespace
     spec:
-      image: container-registry.oracle.com/database/ords:24.1.1
+      image: container-registry.oracle.com/database/ords:25.1.0
       forceRestart: true
       encPrivKey:
         secretName: prvkey
@@ -71,7 +71,7 @@ rm adb-db-auth-enc e_adb-db-auth-enc
           db.adminUser.secret:
             secretName:  adb-oraoper-db-auth-enc
     ```
-    <sup>latest container-registry.oracle.com/database/ords version, **24.1.1**, valid as of **30-May-2024**</sup>
+    <sup>latest container-registry.oracle.com/database/ords version, **25.1.0**, valid as of **26-May-2025**</sup>
     
 1. Watch the restdataservices resource until the status is **Healthy**:
     ```bash
diff --git a/docs/ordsservices/examples/adb_oraoper.md b/docs/ordsservices/examples/adb_oraoper.md
index 253365c5..36180194 100644
--- a/docs/ordsservices/examples/adb_oraoper.md
+++ b/docs/ordsservices/examples/adb_oraoper.md
@@ -74,13 +74,13 @@ kubectl create secret generic adb-oraoper-db-auth \
 ### Create encrypted password 
 
 ```bash
-echo ${DB_PWD} > adb-db-auth-enc
+echo ${DB_PWD} > db-auth
 openssl  genpkey -algorithm RSA  -pkeyopt rsa_keygen_bits:2048 -pkeyopt rsa_keygen_pubexp:65537 > ca.key
 openssl rsa -in ca.key -outform PEM  -pubout -out public.pem
 kubectl create secret generic prvkey --from-file=privateKey=ca.key  -n ordsnamespace
-openssl rsautl -encrypt -pubin -inkey public.pem -in adb-db-auth-enc |base64 > e_adb-db-auth-enc
-kubectl create secret generic adb-oraoper-db-auth-enc  --from-file=password=e_adb-db-auth-enc -n  ordsnamespace
-rm adb-db-auth-enc e_adb-db-auth-enc
+openssl pkeyutl -encrypt -pubin -inkey public.pem -in db-auth -pkeyopt rsa_padding_mode:oaep -pkeyopt rsa_oaep_md:sha256 |base64 > e_db-auth
+kubectl create secret generic adb-oraoper-db-auth-enc  --from-file=password=e_db-auth -n  ordsnamespace
+rm db-auth e_db-auth
 ```
 
 ### Create OrdsSrvs Resource
@@ -103,7 +103,7 @@ rm adb-db-auth-enc e_adb-db-auth-enc
       name: ords-adb-oraoper
       namespace: ordsnamespace
     spec:
-      image: container-registry.oracle.com/database/ords:24.1.1
+      image: container-registry.oracle.com/database/ords:25.1.0
       forceRestart: true
       encPrivKey:
         secretName: prvkey
@@ -126,7 +126,7 @@ rm adb-db-auth-enc e_adb-db-auth-enc
           db.adminUser.secret:
             secretName:  adb-oraoper-db-auth-enc
     ```
-    <sup>latest container-registry.oracle.com/database/ords version, **24.1.1**, valid as of **30-May-2024**</sup>
+    <sup>latest container-registry.oracle.com/database/ords version, **25.1.0**, valid as of **26-May-2025**</sup>
 
 1. Watch the ordssrvs resource until the status is **Healthy**:
     ```bash
diff --git a/docs/ordsservices/examples/existing_db.md b/docs/ordsservices/examples/existing_db.md
index 6d4791ae..a43849e2 100644
--- a/docs/ordsservices/examples/existing_db.md
+++ b/docs/ordsservices/examples/existing_db.md
@@ -16,17 +16,14 @@ export CONN_STRING=<database host ip or scan>:<port>/<service_name>
 
 ```bash
 DB_PWD=<specify password here>
-
 openssl  genpkey -algorithm RSA  -pkeyopt rsa_keygen_bits:2048 -pkeyopt rsa_keygen_pubexp:65537 > ca.key
 openssl rsa -in ca.key -outform PEM -pubout -out public.pem
 kubectl create secret generic prvkey --from-file=privateKey=ca.key -n ordsnamespace
 
 echo "${DB_PWD}" > db-auth
-openssl rsautl -encrypt -pubin -inkey public.pem -in db-auth |base64 > e_db-auth-enc
-kubectl create secret generic db-auth-enc --from-file=password=e_db-auth-enc -n ordsnamespace
-
-rm db-auth e_db-auth-enc
-
+openssl pkeyutl -encrypt -pubin -inkey public.pem -in db-auth -pkeyopt rsa_padding_mode:oaep -pkeyopt rsa_oaep_md:sha256 |base64 > e_db-auth
+kubectl create secret generic db-auth-enc --from-file=password=e_db-auth -n ordsnamespace
+rm db-auth e_db-auth
 ```
 
 ### Create ordssrvs Resource
@@ -49,7 +46,7 @@ rm db-auth e_db-auth-enc
       name: ords-db
       namespace: ordsnamespace
     spec:
-      image: container-registry.oracle.com/database/ords:24.1.1
+      image: container-registry.oracle.com/database/ords:25.1.0
       forceRestart: true
       encPrivKey:
         secretName: prvkey
@@ -74,7 +71,7 @@ rm db-auth e_db-auth-enc
     kubectl apply -f ords-db.yaml
     ```
 
-    <sup>latest container-registry.oracle.com/database/ords version, **24.1.1**, valid as of **30-May-2024**</sup>
+    <sup>latest container-registry.oracle.com/database/ords version, **25.1.0**, valid as of **26-May-2025**</sup>
     
 1. Watch the restdataservices resource until the status is **Healthy**:
     ```bash
diff --git a/docs/ordsservices/examples/mongo_api.md b/docs/ordsservices/examples/mongo_api.md
index f0fd0cf5..c7ea2695 100644
--- a/docs/ordsservices/examples/mongo_api.md
+++ b/docs/ordsservices/examples/mongo_api.md
@@ -40,10 +40,10 @@ openssl  genpkey -algorithm RSA  -pkeyopt rsa_keygen_bits:2048 -pkeyopt rsa_keyg
 openssl rsa -in ca.key -outform PEM  -pubout -out public.pem
 kubectl create secret generic prvkey --from-file=privateKey=ca.key  -n ordsnamespace
 
-echo "${DB_PWD}" > sidb-db-auth-enc
-openssl rsautl -encrypt -pubin -inkey public.pem -in sidb-db-auth-enc |base64 > e_sidb-db-auth-enc
-kubectl create secret generic sidb-db-auth-enc --from-file=password=e_sidb-db-auth-enc -n  ordsnamespace
-rm sidb-db-auth-enc e_sidb-db-auth-enc
+echo "${DB_PWD}" > db-auth
+openssl pkeyutl -encrypt -pubin -inkey public.pem -in db-auth -pkeyopt rsa_padding_mode:oaep -pkeyopt rsa_oaep_md:sha256 |base64 > e_db-auth
+kubectl create secret generic sidb-db-auth-enc --from-file=password=e_db-auth -n  ordsnamespace
+rm db-auth e_db-auth
 ```
 
 ### Create ordssrvs Resource
@@ -74,7 +74,7 @@ rm sidb-db-auth-enc e_sidb-db-auth-enc
       name: ords-sidb
       namespace: ordsnamespace
     spec:
-      image: container-registry.oracle.com/database/ords:24.1.1
+      image: container-registry.oracle.com/database/ords:25.1.0
       forceRestart: true
       encPrivKey:
         secretName: prvkey
@@ -101,7 +101,8 @@ rm sidb-db-auth-enc e_sidb-db-auth-enc
           db.adminUser.secret:
             secretName:  sidb-db-auth-enc" | kubectl apply -f -
     ```
-    <sup>latest container-registry.oracle.com/database/ords version, **24.1.1**, valid as of **30-May-2024**</sup>
+    <sup>latest container-registry.oracle.com/database/ords version, **25.1.0**, valid as of **26-May-2025**</sup>
+
     
 1. Watch the restdataservices resource until the status is **Healthy**:
     ```bash
diff --git a/docs/ordsservices/examples/multi_pool.md b/docs/ordsservices/examples/multi_pool.md
index ffb537bf..b7d3441d 100644
--- a/docs/ordsservices/examples/multi_pool.md
+++ b/docs/ordsservices/examples/multi_pool.md
@@ -55,7 +55,7 @@ The following secret will be used for PDB1:
 
 ```bash
 echo "THIS_IS_A_PASSWORD"     > ordspwdfile
-openssl rsautl -encrypt -pubin -inkey public.pem -in ordspwdfile |base64 > e_ordspwdfile
+openssl pkeyutl -encrypt -pubin -inkey public.pem -in ordspwdfile -pkeyopt rsa_padding_mode:oaep -pkeyopt rsa_oaep_md:sha256 |base64 > e_ordspwdfile
 kubectl create secret generic pdb1-ords-auth-enc --from-file=password=e_ordspwdfile -n  ordsnamespace 
 rm ordspwdfile e_ordspwdfile
 ```
@@ -64,7 +64,7 @@ The following secret will be used for PDB2:
 
 ```bash
 echo "THIS_IS_A_PASSWORD"     > ordspwdfile
-openssl rsautl -encrypt -pubin -inkey public.pem -in ordspwdfile |base64 > e_ordspwdfile
+openssl pkeyutl -encrypt -pubin -inkey public.pem -in ordspwdfile -pkeyopt rsa_padding_mode:oaep -pkeyopt rsa_oaep_md:sha256 |base64 > e_ordspwdfile
 kubectl create secret generic pdb2-ords-auth-enc --from-file=password=e_ordspwdfile -n  ordsnamespace 
 rm ordspwdfile e_ordspwdfile
 ```
@@ -73,7 +73,7 @@ The following secret will be used for PDB3 and PDB4:
 
 ```bash
 echo "THIS_IS_A_PASSWORD"     > ordspwdfile
-openssl rsautl -encrypt -pubin -inkey public.pem -in ordspwdfile |base64 > e_ordspwdfile
+openssl pkeyutl -encrypt -pubin -inkey public.pem -in ordspwdfile -pkeyopt rsa_padding_mode:oaep -pkeyopt rsa_oaep_md:sha256 |base64 > e_ordspwdfile
 kubectl create secret generic multi-ords-auth-enc --from-file=password=e_ordspwdfile -n  ordsnamespace 
 rm ordspwdfile e_ordspwdfile
 ```
@@ -86,7 +86,7 @@ In this example, only PDB1 will be set for [AutoUpgrade](../autoupgrade.md), the
 
 ```bash
 echo "THIS_IS_A_PASSWORD"     > syspwdfile
-openssl rsautl -encrypt -pubin -inkey public.pem -in syspwdfile |base64 > e_syspwdfile
+openssl pkeyutl -encrypt -pubin -inkey public.pem -in syspwdfile -pkeyopt rsa_padding_mode:oaep -pkeyopt rsa_oaep_md:sha256 |base64 > e_syspwdfile
 kubectl create secret generic pdb1-priv-auth-enc --from-file=password=e_syspwdfile -n  ordsnamespace
 rm syspwdfile e_syspwdfile
 ```
@@ -102,7 +102,7 @@ rm syspwdfile e_syspwdfile
       name: ords-multi-pool
       namespace: ordsnamespace
     spec:
-      image: container-registry.oracle.com/database/ords:24.1.1
+      image: container-registry.oracle.com/database/ords:25.1.0
       forceRestart: true
       encPrivKey:
         secretName: prvkey
@@ -112,7 +112,6 @@ rm syspwdfile e_syspwdfile
       poolSettings:
         - poolName: pdb1
           autoUpgradeORDS: true
-          autoUpgradeAPEX: true
           db.connectionType: tns
           db.tnsAliasName: PDB1
           tnsAdminSecret:
@@ -160,7 +159,8 @@ rm syspwdfile e_syspwdfile
           db.secret:
             secretName: multi-ords-auth-enc
     ```
-    <sup>latest container-registry.oracle.com/database/ords version, **24.1.1**, valid as of **30-May-2024**</sup>
+    <sup>latest container-registry.oracle.com/database/ords version, **25.1.0**, valid as of **26-May-2025**</sup>
+
 
 1. Apply the yaml file:
     ```bash
@@ -196,5 +196,4 @@ This example has multiple pools, named `pdb1`, `pdb2`, `pdb3`, and `pdb4`.
 * They all share the same `tnsAdminSecret` to connect using thier individual `db.tnsAliasName`
 * They will all automatically restart when the configuration changes: `forceRestart: true`
 * Only the `pdb1` pool will automatically install/update ORDS on startup, if required: `autoUpgradeORDS: true`
-* Only the `pdb1` pool will automatically install/update APEX on startup, if required: `autoUpgradeAPEX: true`
 * The `passwordKey` has been ommitted from both `db.secret` and `db.adminUser.secret` as the password was stored in the default key (`password`)
diff --git a/docs/ordsservices/examples/ordssrvs-sa-scc.yaml b/docs/ordsservices/examples/ordssrvs-sa-scc.yaml
new file mode 100644
index 00000000..0f854f59
--- /dev/null
+++ b/docs/ordsservices/examples/ordssrvs-sa-scc.yaml
@@ -0,0 +1,50 @@
+kind: SecurityContextConstraints
+apiVersion: security.openshift.io/v1
+metadata:
+  name: ordssrvs-scc
+  namespace: ordsnamespace
+allowPrivilegedContainer: false
+runAsUser:
+  type: MustRunAs
+  uid: 54321
+seLinuxContext:
+  type: RunAsAny
+fsGroup:
+  type: MustRunAs
+  ranges:
+  - min: 54321
+    max: 54321
+supplementalGroups:
+   type: MustRunAs
+   ranges:
+   - min: 54321
+     max: 54321
+---
+kind: Role
+apiVersion: rbac.authorization.k8s.io/v1
+metadata:
+  name: ordssrvs-role
+  namespace: ordsnamespace
+rules:
+  - apiGroups:
+    - security.openshift.io
+    verbs:
+    - use
+    resources:
+    - securitycontextconstraints
+    resourceNames:
+    - ordssrvs-scc
+---
+kind: RoleBinding
+apiVersion: rbac.authorization.k8s.io/v1
+metadata:
+  name: ordssrvs-rb
+  namespace: ordsnamespace
+subjects:
+  - kind: ServiceAccount
+    name: ordssrvs-sa
+    namespace: ordsnamespace
+roleRef:
+  kind: Role
+  name: ordssrvs-role
+  apiGroup: rbac.authorization.k8s.io
diff --git a/docs/ordsservices/examples/ordssrvs-sa.yaml b/docs/ordsservices/examples/ordssrvs-sa.yaml
new file mode 100644
index 00000000..2eb59a18
--- /dev/null
+++ b/docs/ordsservices/examples/ordssrvs-sa.yaml
@@ -0,0 +1,5 @@
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+  name: ordssrvs-sa
+  namespace: ordsnamespace
diff --git a/docs/ordsservices/examples/ordssrvs.yaml b/docs/ordsservices/examples/ordssrvs.yaml
new file mode 100644
index 00000000..2f40d945
--- /dev/null
+++ b/docs/ordsservices/examples/ordssrvs.yaml
@@ -0,0 +1,32 @@
+apiVersion: database.oracle.com/v4
+kind: OrdsSrvs
+metadata:
+  name: ordssrvs
+  namespace: ordsnamespace
+spec:
+  image: container-registry.oracle.com/database/ords:latest
+  forceRestart: true
+  encPrivKey:
+    secretName: prvkey
+    passwordKey: privateKey
+  globalSettings:
+    database.api.enabled: true
+    mongo.enabled: true
+    apex.download : false
+    db.invalidPoolTimeout: 1m
+  poolSettings:
+    - poolName: default
+      autoUpgradeORDS: true
+      autoUpgradeAPEX: false
+      feature.sdw: true
+      restEnabledSql.active: true
+      plsql.gateway.mode: direct
+      db.connectionType: customurl
+      db.customURL: jdbc:oracle:thin:@//<db_ip>:1521/FREEPDB1
+      db.username: ORDS_PUBLIC_USER
+      db.secret:
+        secretName:  db-auth-enc
+      db.adminUser: SYS
+      db.adminUser.secret:
+        secretName:  db-auth-enc
+  serviceAccountName: ordssrvs-sa
diff --git a/docs/ordsservices/examples/sidb_container.md b/docs/ordsservices/examples/sidb_container.md
index 3cda09ea..b493e516 100644
--- a/docs/ordsservices/examples/sidb_container.md
+++ b/docs/ordsservices/examples/sidb_container.md
@@ -12,7 +12,7 @@ Refer to Single Instance Database (SIDB) [README](https://github.com/oracle/orac
 
     ```bash
     DB_PWD=<specify password here>
-    kubectl create secret generic sidb-db-auth --from-literal=password=${DB_PWD} --namespace ordsnamespace
+    kubectl create secret generic sidb-db-auth --from-literal=oracle_pwd=${DB_PWD} --namespace ordsnamespace
     ```
 1. Create a manifest for the containerised Oracle Database.
 
@@ -50,13 +50,12 @@ openssl  genpkey -algorithm RSA  -pkeyopt rsa_keygen_bits:2048 -pkeyopt rsa_keyg
 openssl rsa -in ca.key -outform PEM  -pubout -out public.pem
 kubectl create secret generic prvkey --from-file=privateKey=ca.key  -n ordsnamespace
 
-echo "${DB_PWD}"     > sidb-db-auth
-openssl rsautl -encrypt -pubin -inkey public.pem -in sidb-db-auth |base64 > e_sidb-db-auth
-kubectl create secret generic sidb-db-auth-enc --from-file=password=e_sidb-db-auth -n  ordsnamespace
-rm sidb-db-auth e_sidb-db-auth
+echo "${DB_PWD}"     > db-auth
+openssl pkeyutl -encrypt -pubin -inkey public.pem -in db-auth -pkeyopt rsa_padding_mode:oaep -pkeyopt rsa_oaep_md:sha256 |base64 > e_db-auth
+kubectl create secret generic sidb-db-auth-enc --from-file=password=e_db-auth -n  ordsnamespace
+rm db-auth e_db-auth
 ```
 
-
 ### Create RestDataServices Resource
 
 1. Retrieve the Connection String from the containerised SIDB.
@@ -73,7 +72,6 @@ rm sidb-db-auth e_sidb-db-auth
 
     As the DB in the Free image does not contain ORDS (or APEX), the following additional keys are specified for the pool:
     * `autoUpgradeORDS` - Boolean; when true the ORDS will be installed/upgraded in the database
-    * `autoUpgradeAPEX` - Boolean; when true the APEX will be installed/upgraded in the database
     * `db.adminUser` - User with privileges to install, upgrade or uninstall ORDS in the database (SYS).
     * `db.adminUser.secret` - Secret containing the password for `db.adminUser` (created in the first step)
 
@@ -87,7 +85,7 @@ rm sidb-db-auth e_sidb-db-auth
       name: ords-sidb
       namespace: ordsnamespace
     spec:
-      image: container-registry.oracle.com/database/ords:24.1.1
+      image: container-registry.oracle.com/database/ords:25.1.0
       forceRestart: true
       encPrivKey:
         secretName: prvkey
@@ -97,7 +95,6 @@ rm sidb-db-auth e_sidb-db-auth
       poolSettings:
         - poolName: default
           autoUpgradeORDS: true
-          autoUpgradeAPEX: true
           restEnabledSql.active: true
           plsql.gateway.mode: direct
           db.connectionType: customurl
@@ -112,7 +109,7 @@ rm sidb-db-auth e_sidb-db-auth
 
     kubectl apply -f ords-sidb.yaml
     ```
-    <sup>latest container-registry.oracle.com/database/ords version, **24.1.1**, valid as of **30-May-2024**</sup>
+    <sup>latest container-registry.oracle.com/database/ords version, **25.1.0**, valid as of **26-May-2025**</sup>
 
 1. Watch the ordssrvs resource until the status is **Healthy**:
     ```bash
@@ -147,6 +144,5 @@ This example has a single database pool, named `default`.  It is set to:
 
 * Automatically restart when the configuration changes: `forceRestart: true`
 * Automatically install/update ORDS on startup, if required: `autoUpgradeORDS: true`
-* Automatically install/update APEX on startup, if required: `autoUpgradeAPEX: true`
 * Use a basic connection string to connect to the database: `db.customURL: jdbc:oracle:thin:@//${CONN_STRING}`
 * The `passwordKey` has been ommitted from both `db.secret` and `db.adminUser.secret` as the password was stored in the default key (`password`)
diff --git a/docs/ordsservices/usecase01/makefile b/docs/ordsservices/usecase01/makefile
index 76b47210..c16a7c30 100644
--- a/docs/ordsservices/usecase01/makefile
+++ b/docs/ordsservices/usecase01/makefile
@@ -80,9 +80,9 @@ export PDB1_PRIV_AUTH_SECRET=pdb1-priv-auth-enc
 export PDB2_PRIV_AUTH_SECRET=pdb2-priv-auth-enc
 
 
-export SIDB_IMAGE=container-registry.oracle.com/database/free:23.4.0.0
-export ORDS_IMAGE=container-registry.oracle.com/database/ords:24.1.0
-export ORDS_IMAGE.1=container-registry.oracle.com/database/ords:24.1.1
+export SIDB_IMAGE=container-registry.oracle.com/database/free:23.7.0.0
+export ORDS_IMAGE=container-registry.oracle.com/database/ords:25.1.0
+export ORDS_IMAGE.1=container-registry.oracle.com/database/ords:25.1.0
 export SECRET_CONTAINER_REGISTRY=oracle-container-registry-secret
 export ORACLE_CONTAINER_REGISTRY=container-registry.oracle.com
 export REST_SERVER_NAME=ords-sidb
@@ -386,7 +386,7 @@ step5a:
 	$(OPENSSL) rsa -in $(PRVKEY) -outform PEM  -pubout -out $(PUBKEY)
 	$(KUBECTL) create secret generic pubkey --from-file=publicKey=$(PUBKEY)   -n $(ORDSNAMESPACE)
 	$(KUBECTL) create secret generic prvkey --from-file=privateKey=$(PRVKEY)  -n $(ORDSNAMESPACE)
-	$(OPENSSL) rsautl -encrypt -pubin -inkey $(PUBKEY) -in $(SIDB_PASSWORD_FILE) |base64 > e_$(SIDB_PASSWORD_FILE)
+	$(OPENSSL) pkeyutl -encrypt -pubin -inkey $(PUBKEY) -in $(SIDB_PASSWORD_FILE) -pkeyopt rsa_padding_mode:oaep -pkeyopt rsa_oaep_md:sha256|base64 > e_$(SIDB_PASSWORD_FILE)
 	$(KUBECTL) create secret generic $(SIDB_SECRET) --from-literal=password=$(SIDB_PASSWORD) -n $(OPRNAMESPACE)
 	$(KUBECTL) create secret generic $(ORDS_SECRET) --from-file=password=e_$(SIDB_PASSWORD_FILE) -n  $(ORDSNAMESPACE)
 	$(RM) e_$(SIDB_PASSWORD_FILE) $(SIDB_PASSWORD_FILE) 
@@ -467,7 +467,6 @@ cat<<EOF|sed 's/^#//g' >$(REST_SERVER_CREATION)
 #  poolSettings:
 #    - poolName: default
 #      autoUpgradeORDS: true
-#      autoUpgradeAPEX: true
 #      restEnabledSql.active: true
 #      plsql.gateway.mode: direct
 #      db.connectionType: customurl
@@ -675,9 +674,9 @@ step13a:
 	$(OPENSSL) rsa -in $(PRVKEY) -outform PEM  -pubout -out $(PUBKEY)
 	#$(KUBECTL) create secret generic pubkey --from-file=publicKey=$(PUBKEY) -n $(ORDSNAMESPACE)
 	$(KUBECTL) create secret generic prvkey --from-file=privateKey=$(PRVKEY)  -n $(ORDSNAMESPACE)
-	$(OPENSSL) rsautl -encrypt -pubin -inkey $(PUBKEY) -in $(SYSPWDFILE1) |base64 > e_$(SYSPWDFILE1)
-	$(OPENSSL) rsautl -encrypt -pubin -inkey $(PUBKEY) -in $(SYSPWDFILE2) |base64 > e_$(SYSPWDFILE2)
-	$(OPENSSL) rsautl -encrypt -pubin -inkey $(PUBKEY) -in $(ORDPWDFILE) |base64 > e_$(ORDPWDFILE)
+	$(OPENSSL) pkeyutl -encrypt -pubin -inkey $(PUBKEY) -in $(SYSPWDFILE1) -pkeyopt rsa_padding_mode:oaep -pkeyopt rsa_oaep_md:sha256|base64 > e_$(SYSPWDFILE1)
+	$(OPENSSL) pkeyutl -encrypt -pubin -inkey $(PUBKEY) -in $(SYSPWDFILE2) -pkeyopt rsa_padding_mode:oaep -pkeyopt rsa_oaep_md:sha256|base64 > e_$(SYSPWDFILE2)
+	$(OPENSSL) pkeyutl -encrypt -pubin -inkey $(PUBKEY) -in $(ORDPWDFILE) -pkeyopt rsa_padding_mode:oaep -pkeyopt rsa_oaep_md:sha256|base64 > e_$(ORDPWDFILE)
 	$(KUBECTL) create secret generic $(PDB1_PRIV_AUTH_SECRET) --from-file=password=e_$(SYSPWDFILE1) -n  $(ORDSNAMESPACE)
 	$(KUBECTL) create secret generic $(PDB2_PRIV_AUTH_SECRET) --from-file=password=e_$(SYSPWDFILE2) -n  $(ORDSNAMESPACE)
 	$(KUBECTL) create secret generic $(MULTI_ORDS_AUTH_SECRET) --from-file=password=e_$(ORDPWDFILE) -n  $(ORDSNAMESPACE)
@@ -698,7 +697,7 @@ cat <<EOF |sed 's/^#//g' >$(MULTISRV_MANIFEST)
 #  name: ords-multi-pool
 #  namespace: $(ORDSNAMESPACE)
 #spec:
-#  image: container-registry.oracle.com/database/ords:24.1.1
+#  image: $(ORDS_IMAGE.1)
 #  forceRestart: true
 #  encPrivKey:
 #    secretName: prvkey
@@ -707,7 +706,6 @@ cat <<EOF |sed 's/^#//g' >$(MULTISRV_MANIFEST)
 #    database.api.enabled: true
 #  poolSettings:
 #    - poolName: pdb1
-#      autoUpgradeAPEX: false
 #      autoUpgradeORDS: false
 #      db.connectionType: tns
 #      db.tnsAliasName: pdb1
@@ -723,7 +721,6 @@ cat <<EOF |sed 's/^#//g' >$(MULTISRV_MANIFEST)
 #      db.adminUser.secret:
 #        secretName: $(PDB1_PRIV_AUTH_SECRET)
 #    - poolName: pdb2
-#      autoUpgradeAPEX: false
 #      autoUpgradeORDS: false
 #      db.connectionType: tns
 #      db.tnsAliasName: PDB2
diff --git a/docs/sharding/README.md b/docs/sharding/README.md
index 487d9ec3..47c5853e 100644
--- a/docs/sharding/README.md
+++ b/docs/sharding/README.md
@@ -132,6 +132,7 @@ If you want to use Oracle Database 23ai Free Image for Database and GSM for depl
 * For Oracle Database 23ai Free, you can control the `CPU` and `Memory` allocation of the PODs using tags `cpu` and `memory` respectively but tags `INIT_SGA_SIZE` and `INIT_PGA_SIZE` to control the SGA and PGA allocation at the database level are `not` supported.
 * Provisioning the Oracle Globally Distributed Database using Cloning from Database Gold Image is `NOT` supported with Oracle Database 23ai Free.
 * Total number of chunks for FREE Database defaults to `12` if `CATALOG_CHUNKS` parameter is not specified. This default value is determined considering limitation of 12 GB of user data on disk for oracle free database.
+* Oracle 23ai FREE Database supports maximum three shards. Please refer [here](https://docs.oracle.com/en/database/oracle/oracle-database/23/dblic/Licensing-Information.html)
 
 
 ## Provisioning Oracle Globally Distributed Database Topology with System-Managed Sharding in a Cloud-Based Kubernetes Cluster
@@ -169,18 +170,15 @@ In this example, the deployment uses the YAML file based on `OCI OKE` cluster. T
 
 Deploy Oracle Globally Distributed Database Topology with `System-Managed Sharding` and with `RAFT Replication` enabled on your Cloud based Kubernetes cluster. 
 
-**NOTE: RAFT Replication Feature is available only for Oracle 23ai RDBMS and Oracle 23ai GSM version.**
+**NOTE:** RAFT Replication Feature is available only for Oracle 23ai RDBMS and Oracle 23ai GSM version.
+**NOTE:** RAFT Replication requires atleast three shards. Oracle 23ai FREE Database supports maximum three shards. Please refer [here](https://docs.oracle.com/en/database/oracle/oracle-database/23/dblic/Licensing-Information.html)
 
 In this example, the deployment uses the YAML file based on `OCI OKE` cluster. There are multiple use case possible for deploying the Oracle Globally Distributed Database Topology covered by below examples:
 
 [1. Provisioning Oracle Globally Distributed Database Topology with System-Managed Sharding and Raft replication enabled without Database Gold Image](./provisioning/snr_system_sharding/snr_ssharding_provisioning_without_db_gold_image.md)  
-[2. Provisioning Oracle Globally Distributed Database Topology with System-Managed Sharding and Raft replication enabled with number of chunks specified](./provisioning/snr_system_sharding/snr_ssharding_provisioning_with_chunks_specified.md)  
-[3. Provisioning Oracle Globally Distributed Database Topology with System-Managed Sharding and Raft replication enabled with additional control on resources like Memory and CPU allocated to Pods](./provisioning/snr_system_sharding/snr_ssharding_provisioning_with_control_on_resources.md)  
-[4. Provisioning Oracle Globally Distributed Database Topology with System-Managed Sharding and Raft replication enabled by cloning database from your own Database Gold Image in the same Availability Domain(AD)](./provisioning/snr_system_sharding/snr_ssharding_provisioning_by_cloning_db_gold_image_in_same_ad.md)  
-[5. Provisioning Oracle Globally Distributed Database Topology with System-Managed Sharding and Raft replication enabled by cloning database from your own Database Gold Image across Availability Domains(ADs)](./provisioning/snr_system_sharding/snr_ssharding_provisioning_by_cloning_db_from_gold_image_across_ads.md)  
-[6. Provisioning Oracle Globally Distributed Database Topology with System-Managed Sharding and Raft replication enabled send Notification using OCI Notification Service](./provisioning/snr_system_sharding/snr_ssharding_provisioning_with_notification_using_oci_notification.md)  
-[7. Scale Out - Add Shards to an existing Oracle Globally Distributed Database provisioned earlier with System-Managed Sharding and RAFT replication enabled](./provisioning/snr_system_sharding/snr_ssharding_scale_out_add_shards.md)  
-[8. Scale In - Delete an existing Shard from a working Oracle Globally Distributed Database provisioned earlier with System-Managed Sharding and RAFT reolication enabled](./provisioning/snr_system_sharding/snr_ssharding_scale_in_delete_an_existing_shard.md)
+[2. Provisioning Oracle Globally Distributed Database Topology with System-Managed Sharding and Raft replication enabled with additional control on resources like Memory and CPU allocated to Pods](./provisioning/snr_system_sharding/snr_ssharding_provisioning_with_control_on_resources.md)  
+[3. Provisioning Oracle Globally Distributed Database Topology with System-Managed Sharding and Raft replication enabled send Notification using OCI Notification Service](./provisioning/snr_system_sharding/snr_ssharding_provisioning_with_notification_using_oci_notification.md)  
+
 
 ## Connecting to Oracle Globally Distributed Database
 
diff --git a/docs/sharding/provisioning/debugging/sharding_provisioning_with_db_events.yaml b/docs/sharding/provisioning/debugging/sharding_provisioning_with_db_events.yaml
index 40ad600a..fcf5939f 100644
--- a/docs/sharding/provisioning/debugging/sharding_provisioning_with_db_events.yaml
+++ b/docs/sharding/provisioning/debugging/sharding_provisioning_with_db_events.yaml
@@ -3,18 +3,29 @@
 # Licensed under the Universal Permissive License v 1.0 as shown at http://oss.oracle.com/licenses/upl.
 #
 ---
+# API version of the ShardingDatabase Custom Resource
 apiVersion: database.oracle.com/v4
+
+# Resource type being created
 kind: ShardingDatabase
+
+# Metadata section to define the resource's name and namespace
 metadata:
-  name: shardingdatabase-sample
-  namespace: shns
+  name: shardingdatabase-sample                                             # Name of the ShardingDatabase instance
+  namespace: shns                                                           # Kubernetes namespace to deploy into
+
+# Specs for the ShardingDatabase instance
 spec:
+
+ # Details of the individual shard databases
  shard:
-    - name: shard1
-      storageSizeInGb: 50
-      imagePullPolicy: "Always"
-      shardGroup: shardgroup1
-      shardRegion: primary
+    - name: shard1                                                          # Name of the shard database
+      storageSizeInGb: 50                                                   # Size of the Disk Storage allocated to the Shard Database pod
+      imagePullPolicy: "Always"                                             # Image Pull Policy for the Database Container Image
+      shardGroup: shardgroup1                                               # Shard Group name for the Shard Database
+      shardRegion: primary                                                  # Name of the region for the Shard Database
+      
+      # Defined Environment Variable "DB_EVENTS" and its Value as the event tracing to be enabled at the Database Level
       envVars:
         - name: "DB_EVENTS"
           value: "10798 trace name context forever, level 7:scope=spfile;immediate trace name GWM_TRACE level 263"
@@ -25,7 +36,7 @@ spec:
       shardRegion: primary
       envVars:
         - name: "DB_EVENTS"
-          value: "10798 trace name context forever, level 7:scope=spfile;immediate trace name GWM_TRACE level 263"
+          value: "10798 trace name context forever, level 7:scope=spfile;immediate trace name GWM_TRACE level 263"      
     - name: shard3
       storageSizeInGb: 50
       imagePullPolicy: "Always"
@@ -34,35 +45,58 @@ spec:
       envVars:
         - name: "DB_EVENTS"
           value: "10798 trace name context forever, level 7:scope=spfile;immediate trace name GWM_TRACE level 263"
+
+ # Details of the individual shard databases     
  catalog:
-    - name: catalog
-      storageSizeInGb: 50
-      imagePullPolicy: "Always"
-       envVars:
+    - name: catalog                                                         # Name of the Catalog database
+      storageSizeInGb: 50                                                   # Size of the Disk Storage allocated to the Shard Database pod
+      imagePullPolicy: "Always"                                             # Image Pull Policy for the Database Container Image
+      envVars:
         - name: "DB_EVENTS"
-          value: "10798 trace name context forever, level 7:scope=spfile;immediate trace name GWM_TRACE level 263"
+          value: "10798 trace name context forever, level 7:scope=spfile;immediate trace name GWM_TRACE level 263"      
+
+ # Details of the GSM Pods     
  gsm:
-    - name: gsm1
-      imagePullPolicy: "Always"
-      storageSizeInGb: 50
-      region: primary
-    - name: gsm2
-      imagePullPolicy: "Always"
-      storageSizeInGb: 50
-      region: standby
+    - name: gsm1                                                            # Name of the Primary Global Service Manager
+      imagePullPolicy: "Always"                                             # Image Pull Policy for the GSM Container Image
+      storageSizeInGb: 50                                                   # Size of the Disk Storage allocated to the GSM pod
+      region: primary                                                       # Name of the Primary region for the Shard Database
+
+    - name: gsm2                                                            # Name of the Standby Global Service Manager
+      imagePullPolicy: "Always"                                             # Image Pull Policy for the GSM Container Image
+      storageSizeInGb: 50                                                   # Size of the Disk Storage allocated to the GSM pod
+      region: standby                                                       # Name of the Standby region for the Shard Database
+
+ # Kubernetes Storage Class Name
  storageClass: oci
- dbImage: container-registry.oracle.com/database/enterprise:latest
+
+ # Database Container Image to be used for Catalog and Shard Database
+ dbImage: container-registry.oracle.com/database/enterprise_ru:19.27.0.0
+
+ # Database Conrainer Image Pull Secret
  dbImagePullSecret: ocr-reg-cred
- gsmImage: container-registry.oracle.com/database/gsm:latest
+
+ # GSM Container Image to be used for GSM Pods
+ gsmImage: container-registry.oracle.com/database/gsm_ru:19.27.0.0
+
+ # GSM Conrainer Image Pull Secret
  gsmImagePullSecret: ocr-reg-cred
+
+ # Whether an External Load Balancer has to be configured for the Catalog, Shard and GSM Pods
  isExternalSvc: False
+
+ # If set to true, the Persistent Volumes will be deleted when the deployment for the Oracle Globally Distributed Database is deleted
  isDeleteOraPvc: True
+
+ # Details of the Database Secret 
  dbSecret:
    name: db-user-pass-rsa
    pwdFileName: pwdfile.enc
    keyFileName: key.pem
+
+ # Details of Services to be created for the Oracle Globally Distributed Database Resource
  gsmService:
    - name: oltp_rw_svc
      role: primary
    - name: oltp_ro_svc
-     role: primary
+     role: primary
\ No newline at end of file
diff --git a/docs/sharding/provisioning/free/sharding_provisioning_with_free_images.yaml b/docs/sharding/provisioning/free/sharding_provisioning_with_free_images.yaml
index dadd619a..a2258f96 100644
--- a/docs/sharding/provisioning/free/sharding_provisioning_with_free_images.yaml
+++ b/docs/sharding/provisioning/free/sharding_provisioning_with_free_images.yaml
@@ -3,18 +3,27 @@
 # Licensed under the Universal Permissive License v 1.0 as shown at http://oss.oracle.com/licenses/upl.
 #
 ---
+# API version of the ShardingDatabase Custom Resource
 apiVersion: database.oracle.com/v4
+
+# Resource type being created
 kind: ShardingDatabase
+
+# Metadata section to define the resource's name and namespace
 metadata:
-  name: shardingdatabase-sample
-  namespace: shns
+  name: shardingdatabase-sample                                             # Name of the ShardingDatabase instance
+  namespace: shns                                                           # Kubernetes namespace to deploy into
+
+# Specs for the ShardingDatabase instance
 spec:
+
+ # Details of the individual shard databases
  shard:
-    - name: shard1
-      storageSizeInGb: 50
-      imagePullPolicy: "Always"
-      shardGroup: shardgroup1
-      shardRegion: primary
+    - name: shard1                                                          # Name of the shard database
+      storageSizeInGb: 50                                                   # Size of the Disk Storage allocated to the Shard Database pod
+      imagePullPolicy: "Always"                                             # Image Pull Policy for the Database Container Image
+      shardGroup: shardgroup1                                               # Shard Group name for the Shard Database
+      shardRegion: primary                                                  # Name of the region for the Shard Database
     - name: shard2
       storageSizeInGb: 50
       imagePullPolicy: "Always"
@@ -25,33 +34,60 @@ spec:
       imagePullPolicy: "Always"
       shardGroup: shardgroup1
       shardRegion: primary
+
+ # Details of the individual shard databases     
  catalog:
-    - name: catalog
-      storageSizeInGb: 50
-      imagePullPolicy: "Always"
+    - name: catalog                                                         # Name of the Catalog database
+      storageSizeInGb: 50                                                   # Size of the Disk Storage allocated to the Shard Database pod
+      imagePullPolicy: "Always"                                             # Image Pull Policy for the Database Container Image
+
+ # Details of the GSM Pods     
  gsm:
-    - name: gsm1
-      imagePullPolicy: "Always"
-      storageSizeInGb: 50
-      region: primary
-    - name: gsm2
-      imagePullPolicy: "Always"
-      storageSizeInGb: 50
-      region: standby
+    - name: gsm1                                                            # Name of the Primary Global Service Manager
+      imagePullPolicy: "Always"                                             # Image Pull Policy for the GSM Container Image
+      storageSizeInGb: 50                                                   # Size of the Disk Storage allocated to the GSM pod
+      region: primary                                                       # Name of the Primary region for the Shard Database
+
+    - name: gsm2                                                            # Name of the Standby Global Service Manager
+      imagePullPolicy: "Always"                                             # Image Pull Policy for the GSM Container Image
+      storageSizeInGb: 50                                                   # Size of the Disk Storage allocated to the GSM pod
+      region: standby                                                       # Name of the Standby region for the Shard Database
+
+ # Kubernetes Storage Class Name
  storageClass: oci
+
+ # Database Container Image to be used for Catalog and Shard Database
  dbImage: container-registry.oracle.com/database/free:latest
+
+ # Database Conrainer Image Pull Secret
  dbImagePullSecret: ocr-reg-cred
+
+ # GSM Container Image to be used for GSM Pods
  gsmImage: container-registry.oracle.com/database/gsm:latest
+
+ # GSM Conrainer Image Pull Secret
  gsmImagePullSecret: ocr-reg-cred
+
+ # Specify the Database Edition as "free" for Oracle Database FREE
  dbEdition: "free"
+
+ # Whether an External Load Balancer has to be configured for the Catalog, Shard and GSM Pods
  isExternalSvc: False
+
+ # If set to true, the Persistent Volumes will be deleted when the deployment for the Oracle Globally Distributed Database is deleted
  isDeleteOraPvc: True
+
+ # Details of the Database Secret 
  dbSecret:
    name: db-user-pass-rsa
    pwdFileName: pwdfile.enc
    keyFileName: key.pem
+
+ # Details of Services to be created for the Oracle Globally Distributed Database Resource
  gsmService:
    - name: oltp_rw_svc
      role: primary
+     ruMode: READWRITE                       # Specify the ruMode for the service as READWRITE in RAFT Replication Setup
    - name: oltp_ro_svc
      role: primary
+     ruMode: READONLY                        # Specify the ruMode for the service as READWRITE in RAFT Replication Setup
diff --git a/docs/sharding/provisioning/oraclesi.yaml b/docs/sharding/provisioning/oraclesi.yaml
index cac70ffa..fa36a10a 100644
--- a/docs/sharding/provisioning/oraclesi.yaml
+++ b/docs/sharding/provisioning/oraclesi.yaml
@@ -5,10 +5,10 @@
 apiVersion: v1
 kind: PersistentVolumeClaim
 metadata:
-  name: oshard-gold-image-pvc21c
+  name: oshard-gold-image-pvc19c
   namespace: shns
   labels:
-    app: oshard21cdb-dep
+    app: oshard19cdb-dep
 spec:
   accessModes:
   - ReadWriteOnce
@@ -18,28 +18,28 @@ spec:
   storageClassName: oci
   selector:
     matchLabels:
-      topology.kubernetes.io/zone: "PHX-AD-1"
+      topology.kubernetes.io/zone: "PHX-AD-3"
 ---
 apiVersion: apps/v1
 kind: StatefulSet
 metadata:
-  name: oshard21cdb
+  name: oshard19cdb
   namespace: shns
   labels:
-    app: oshard21cdb-dep
+    app: oshard19cdb-dep
 spec:
   selector:
     matchLabels:
-      app: oshard21cdb-dep
+      app: oshard19cdb-dep
   serviceName: gold-shard
   template:
     metadata:
       labels:
-        app: oshard21cdb-dep
+        app: oshard19cdb-dep
     spec:
       containers:
-      - image: container-registry.oracle.com/database/enterprise:latest
-        name: oshard21cdb
+      - image: container-registry.oracle.com/database/enterprise_ru:19.28.0.0
+        name: oshard19cdb
         ports:
         - containerPort: 1521
           name: db1-dbport
@@ -68,17 +68,17 @@ spec:
       volumes:
         - name: data
           persistentVolumeClaim:
-            claimName: oshard-gold-image-pvc21c
+            claimName: oshard-gold-image-pvc19c
         - name: dshm
           emptyDir:
             medium: Memory
       nodeSelector:
-        topology.kubernetes.io/zone: "PHX-AD-1"
+        topology.kubernetes.io/zone: "PHX-AD-3"
 ---
 apiVersion: v1
 kind: Service
 metadata:
-  name: oshard21cdb
+  name: oshard19cdb
   namespace: shns
 spec:
   ports:
@@ -95,4 +95,4 @@ spec:
     port: 6234
     targetPort: db1-onsrport
   selector:
-   app: oshard21cdb-dep
\ No newline at end of file
+   app: oshard19cdb-dep
diff --git a/docs/sharding/provisioning/oraclesi_pvc_commented.yaml b/docs/sharding/provisioning/oraclesi_pvc_commented.yaml
index 43b50a5e..a54e07a5 100644
--- a/docs/sharding/provisioning/oraclesi_pvc_commented.yaml
+++ b/docs/sharding/provisioning/oraclesi_pvc_commented.yaml
@@ -5,10 +5,10 @@
 #apiVersion: v1
 #kind: PersistentVolumeClaim
 #metadata:
-#  name: oshard-gold-image-pvc21c
+#  name: oshard-gold-image-pvc19c
 #  namespace: shns
 #  labels:
-#    app: oshard21cdb-dep
+#    app: oshard19cdb-dep
 #spec:
 #  accessModes:
 #  - ReadWriteOnce
@@ -18,28 +18,28 @@
 #  storageClassName: oci
 #  selector:
 #    matchLabels:
-#      topology.kubernetes.io/zone: "PHX-AD-1"
-#---
+#      topology.kubernetes.io/zone: "PHX-AD-3"
+---
 apiVersion: apps/v1
 kind: StatefulSet
 metadata:
-  name: oshard21cdb
+  name: oshard19cdb
   namespace: shns
   labels:
-    app: oshard21cdb-dep
+    app: oshard19cdb-dep
 spec:
   selector:
     matchLabels:
-      app: oshard21cdb-dep
+      app: oshard19cdb-dep
   serviceName: gold-shard
   template:
     metadata:
       labels:
-        app: oshard21cdb-dep
+        app: oshard19cdb-dep
     spec:
       containers:
-      - image: container-registry.oracle.com/database/enterprise:latest
-        name: oshard21cdb
+      - image: container-registry.oracle.com/database/enterprise_ru:19.28.0.0
+        name: oshard19cdb
         ports:
         - containerPort: 1521
           name: db1-dbport
@@ -68,17 +68,17 @@ spec:
       volumes:
         - name: data
           persistentVolumeClaim:
-            claimName: oshard-gold-image-pvc21c
+            claimName: oshard-gold-image-pvc19c
         - name: dshm
           emptyDir:
             medium: Memory
       nodeSelector:
-        topology.kubernetes.io/zone: "PHX-AD-1"
+        topology.kubernetes.io/zone: "PHX-AD-3"
 ---
 apiVersion: v1
 kind: Service
 metadata:
-  name: oshard21cdb
+  name: oshard19cdb
   namespace: shns
 spec:
   ports:
@@ -95,4 +95,4 @@ spec:
     port: 6234
     targetPort: db1-onsrport
   selector:
-   app: oshard21cdb-dep
\ No newline at end of file
+   app: oshard19cdb-dep
diff --git a/docs/sharding/provisioning/snr_system_sharding/snr_ssharding_provisioning_by_cloning_db_from_gold_image_across_ads.md b/docs/sharding/provisioning/snr_system_sharding/snr_ssharding_provisioning_by_cloning_db_from_gold_image_across_ads.md
deleted file mode 100644
index 9ffebad9..00000000
--- a/docs/sharding/provisioning/snr_system_sharding/snr_ssharding_provisioning_by_cloning_db_from_gold_image_across_ads.md
+++ /dev/null
@@ -1,58 +0,0 @@
-# Provisioning System managed Sharding Topology with Raft replication enabled by cloning database from your own Database Gold Image across Availability Domains(ADs)
-
-**NOTE: RAFT Replication Feature is available only for Oracle 23ai RDBMS and Oracle 23ai GSM version.**
-
-**IMPORTANT:** Make sure you have completed the steps for [Prerequsites for Running Oracle Sharding Database Controller](../../README.md#prerequsites-for-running-oracle-sharding-database-controller) before using Oracle Sharding Controller.
-
-In this test case, you provision the System managed Sharding Topology with Raft replication enabled while provisioning the Catalog and Shard Databases by cloning from an existing Oracle Database Gold Image created earlier.
-
-This use case applies when you want to provision the database Pods on a Kubernetes Node in any availability domain (AD), which can also be different from the availability domain (AD) of the Block Volume that has the Oracle Database Gold Image provisioned earlier.
-
-Choosing this option takes substantially less time during the Oracle Database Sharding Topology setup across ADs.
-
-NOTE:
-
-* Cloning from Block Volume Backup in OCI enables the new Persistent Volumes to be created in other ADs.
-* To specify the AD where you want to provision the database Pod, use the tag `nodeSelector` and the POD will be provisioned in a node running in that AD.
-* To specify GSM containers, you can also use the tag `nodeSelector` to specify the AD.
-* Before you can provision with the Gold Image, you need the OCID of the Persistent Volume that has the Oracle Database Gold Image.
-
-1. Check the OCID of the Persistent Volume provisioned for the Oracle Database Gold Image:
-    ```sh
-    kubectl get pv -n shns
-    ```
-2. Create a Block Volume Backup for this Block Volume, and use the OCID of the Block Volume Backup in the next step. This example uses `snr_ssharding_shard_prov_clone_across_ads.yaml` to provision an Oracle Database sharding topology using Oracle Sharding controller with:
-
-* Primary GSM Pods `gsm1` and standby GSM Pod `gsm2`
-* Three sharding Pods: `shard1`, `shard2` and `shard3`
-* One Catalog Pod: `catalog`
-* Namespace: `shns`
-* Database Cloning from the `BLOCK VOLUME FULL BACKUP` of the Persistent Volume which had the Gold Image.
-* OCID of the Block Volume Backup: `ocid1.volumebackup.oc1.phx.abyhqljrxtv7tu5swqb3lzc7vpzwbwzdktd2y4k2vjjy2srmgu2w7bqdftjq`
-* `RAFT Replication` enabled
-
-NOTE: In this case, the Persistent Volume with DB Gold Image was provisioned in the Availability Domain `PHX-AD-1`. The Shards and Catalog will be provisioned across multiple Availability Domains by cloning the database.
-
-**NOTE:** Provisioning the Sharded Database using Cloning from Database Gold Image is `NOT` supported with Oracle Database 23ai Free.
-
-In this example, we are using pre-built Oracle Database and Global Data Services container images available on [Oracle Container Registry](https://container-registry.oracle.com/)
-  * To pull the above images from Oracle Container Registry, create a Kubernetes secret named `ocr-reg-cred` using your credentials with type set to `kubernetes.io/dockerconfigjson` in the namespace `shns`.
-  * If you plan to use images built by you, you need to change `dbImage` and `gsmImage` tag with the images you have built in your enviornment in file `snr_ssharding_shard_prov_clone_across_ads.yaml`.
-  * The `dbImage` used during provisioning the Persistent Volume with Database Gold Image and the `dbImage` used for deploying the Shard or Catalog Database by cloning should be same.
-  * To understand the Pre-requisite of Database and Global Data Services docker images, refer [Oracle Database and Global Data Services Docker Images](../../README.md#3-oracle-database-and-global-data-services-docker-images)
-  * Make sure the version of `openssl` in the Oracle Database and Oracle GSM images is compatible with the `openssl` version on the machine where you will run the openssl commands to generated the encrypted password file during the deployment.
-
-Use the file: [snr_ssharding_shard_prov_clone_across_ads.yaml](./snr_ssharding_shard_prov_clone_across_ads.yaml) for this use case as below:
-
-1. Deploy the `snr_ssharding_shard_prov_clone_across_ads.yaml` file:
-    ```sh
-    kubectl apply -f snr_ssharding_shard_prov_clone_across_ads.yaml
-    ```
-2. Check the status of the deployment:
-    ```sh
-    # Check the status of the Kubernetes Pods:
-    kubectl get all -n shns
-
-    # Check the logs of a particular pod. For example, to check status of pod "shard1-0":
-    kubectl logs -f pod/shard1-0 -n shns
-  
diff --git a/docs/sharding/provisioning/snr_system_sharding/snr_ssharding_provisioning_by_cloning_db_gold_image_in_same_ad.md b/docs/sharding/provisioning/snr_system_sharding/snr_ssharding_provisioning_by_cloning_db_gold_image_in_same_ad.md
deleted file mode 100644
index 054d760e..00000000
--- a/docs/sharding/provisioning/snr_system_sharding/snr_ssharding_provisioning_by_cloning_db_gold_image_in_same_ad.md
+++ /dev/null
@@ -1,54 +0,0 @@
-# Provisioning System managed Sharding Topology with Raft replication enabled by cloning database from your own Database Gold Image in the same Availability Domain(AD)
-
-**NOTE: RAFT Replication Feature is available only for Oracle 23ai RDBMS and Oracle 23ai GSM version.**
-
-**IMPORTANT:** Make sure you have completed the steps for [Prerequsites for Running Oracle Sharding Database Controller](../../README.md#prerequsites-for-running-oracle-sharding-database-controller) before using Oracle Sharding Controller.
-
-In this test case, you provision the System managed Sharding Topology with Raft replication enabled while provisioning the Catalog and Shard Databases by cloning from an existing Oracle Database Gold Image created earlier.
-
-This use case applies when you are cloning from a Block Volume, and you can clone _only_ in the same availability domain (AD). The result is that the cloned shard database PODs can be created _only_ in the same AD where the Gold Image Block Volume is present.
-
-Choosing this option takes substantially less time during the Oracle Database Sharding Topology setup.
-
-**NOTE** For this step, the Persistent Volume that has the Oracle Database Gold Image is identified using its OCID.
-
-1. Check the OCID of the Persistent Volume provisioned earlier using below command:
-
-    ```sh
-    kubectl get pv -n shns
-    ```
-
-2. This example uses `snr_ssharding_shard_prov_clone.yaml` to provision an Oracle Database sharding topology using Oracle Sharding controller with:
-
-* Primary GSM Pods `gsm1` and standby GSM Pod `gsm2`
-* Three sharding Pods: `shard1`, `shard2` and `shard3`
-* One Catalog Pod: `catalog`
-* Namespace: `shns`
-* Database Cloning from the Database Gold Image present in Persistent Volume having OCID: `ocid1.volume.oc1.phx.abyhqljr3z3w72t6ay5eud7d5w3kdfhktfp6gwb6euy5tzwfaxgmbvwqlvsq`
-* `RAFT Replication` enabled
-
-NOTE: In this case, the Persistent Volume with DB Gold Image was provisioned in the Availability Domain `PHX-AD-1`. The Shards and Catalog will be provisioned in the same Availability Domain `PHX-AD-1` by cloning the database.
-
-In this example, we are using pre-built Oracle Database and Global Data Services container images available on [Oracle Container Registry](https://container-registry.oracle.com/)
-  * To pull the above images from Oracle Container Registry, create a Kubernetes secret named `ocr-reg-cred` using your credentials with type set to `kubernetes.io/dockerconfigjson` in the namespace `shns`.
-  * If you plan to use images built by you, you need to change `dbImage` and `gsmImage` tag with the images you have built in your enviornment in file `snr_ssharding_shard_prov_clone.yaml`. 
-  * The `dbImage` used during provisioning the Persistent Volume with Database Gold Image and the `dbImage` used for deploying the Shard or Catalog Database by cloning should be same.
-  * To understand the Pre-requisite of Database and Global Data Services docker images, refer [Oracle Database and Global Data Services Docker Images](../../README.md#3-oracle-database-and-global-data-services-docker-images)
-  * Make sure the version of `openssl` in the Oracle Database and Oracle GSM images is compatible with the `openssl` version on the machine where you will run the openssl commands to generated the encrypted password file during the deployment.
-
-**NOTE:** Provisioning the Sharded Database using Cloning from Database Gold Image is `NOT` supported with Oracle Database 23ai Free.
-
-Use the file: [snr_ssharding_shard_prov_clone.yaml](./snr_ssharding_shard_prov_clone.yaml) for this use case as below:
-
-1. Deploy the `snr_ssharding_shard_prov_clone.yaml` file:
-    ```sh
-    kubectl apply -f snr_ssharding_shard_prov_clone.yaml
-    ```
-2. Check the status of the deployment:
-    ```sh
-    # Check the status of the Kubernetes Pods:
-    kubectl get all -n shns
-
-    # Check the logs of a particular pod. For example, to check status of pod "shard1-0":
-    kubectl logs -f pod/shard1-0 -n shns
-    ```
diff --git a/docs/sharding/provisioning/snr_system_sharding/snr_ssharding_provisioning_with_chunks_specified.md b/docs/sharding/provisioning/snr_system_sharding/snr_ssharding_provisioning_with_chunks_specified.md
deleted file mode 100644
index 253d099b..00000000
--- a/docs/sharding/provisioning/snr_system_sharding/snr_ssharding_provisioning_with_chunks_specified.md
+++ /dev/null
@@ -1,44 +0,0 @@
-# Provisioning System-Managed Sharding Topology with Raft replication enabled with number of chunks specified
-
-**NOTE: RAFT Replication Feature is available only for Oracle 23ai RDBMS and Oracle 23ai GSM version.**
-
-**IMPORTANT:** Make sure you have completed the steps for [Prerequsites for Running Oracle Sharding Database Controller](../../README.md#prerequsites-for-running-oracle-sharding-database-controller) before using Oracle Sharding Controller.
-
-In this use case, the database is created automatically using DBCA during the provisioning of the shard databases and the catalog database when the Oracle Sharding topology with System-Managed with RAFT Replication enabled is deployed using Oracle Sharding controller.
-
-**NOTE** In this use case, because DBCA creates the database automatically during the deployment, the time required to create the database is greater than the time it takes when the database is created by cloning from a Database Gold Image.
-
-By default, the System-Managed with RAFT Replication deploys the Sharded Database with 360 chunks per Shard Database (because there are 3 chunks created for each replication unit). In this example, the Sharded Database will be deployed with non-default number of chunks specified using parameter `CATALOG_CHUNKS`.
-
-This example uses `snr_ssharding_shard_prov_chunks.yaml` to provision an Oracle Database sharding topology using Oracle Sharding controller with:
-
-* Primary GSM Pods `gsm1` and standby GSM Pod `gsm2`
-* Three sharding Pods: `shard1`, `shard2` and `shard3`
-* One Catalog Pod: `catalog`
-* Total number of chunks as `120` specified by variable `CATALOG_CHUNKS` (it will be 120 chunks per shard)
-* Namespace: `shns`
-* `RAFT Replication` enabled
-
-
-In this example, we are using pre-built Oracle Database and Global Data Services container images available on [Oracle Container Registry](https://container-registry.oracle.com/)
-  * To pull the above images from Oracle Container Registry, create a Kubernetes secret named `ocr-reg-cred` using your credentials with type set to `kubernetes.io/dockerconfigjson` in the namespace `shns`.
-  * If you plan to use images built by you, you need to change `dbImage` and `gsmImage` tag with the images you have built in your enviornment in file `snr_ssharding_shard_prov.yaml`.
-  * To understand the Pre-requisite of Database and Global Data Services docker images, refer [Oracle Database and Global Data Services Docker Images](../../README.md#3-oracle-database-and-global-data-services-docker-images)
-  * In case you want to use the [Oracle Database 23ai Free](https://www.oracle.com/database/free/get-started/) Image for Database and GSM, then you will need to add the additional parameter `dbEdition: "free"` to the below .yaml file.
-  * Make sure the version of `openssl` in the Oracle Database and Oracle GSM images is compatible with the `openssl` version on the machine where you will run the openssl commands to generated the encrypted password file during the deployment.
-  
-
-Use the file: [snr_ssharding_shard_prov_chunks.yaml](./snr_ssharding_shard_prov_chunks.yaml) for this use case as below:
-
-1. Deploy the `snr_ssharding_shard_prov_chunks.yaml` file:
-    ```sh
-    kubectl apply -f snr_ssharding_shard_prov_chunks.yaml
-    ```
-1. Check the status of the deployment:
-    ```sh
-    # Check the status of the Kubernetes Pods:
-    kubectl get all -n shns
-
-    # Check the logs of a particular pod. For example, to check status of pod "shard1-0":
-    kubectl logs -f pod/shard1-0 -n shns
-    ```
diff --git a/docs/sharding/provisioning/snr_system_sharding/snr_ssharding_scale_in_delete_an_existing_shard.md b/docs/sharding/provisioning/snr_system_sharding/snr_ssharding_scale_in_delete_an_existing_shard.md
deleted file mode 100644
index fc093654..00000000
--- a/docs/sharding/provisioning/snr_system_sharding/snr_ssharding_scale_in_delete_an_existing_shard.md
+++ /dev/null
@@ -1,51 +0,0 @@
-# Scale In - Delete an existing Shard from a working Oracle Sharded Database provisioned earlier with System-Managed Sharding with RAFT reolication enabled
-
-**NOTE: RAFT Replication Feature is available only for Oracle 23ai RDBMS and Oracle 23ai GSM version.**
-
-**IMPORTANT:** Make sure you have completed the steps for [Prerequsites for Running Oracle Sharding Database Controller](../../README.md#prerequsites-for-running-oracle-sharding-database-controller) before using Oracle Sharding Controller.
-
-This use case demonstrates how to delete an existing Shard from an existing Oracle Database sharding topology with System-Managed with RAFT Replication enabled provisioned using Oracle Database Sharding controller.
-
-**NOTE** The deletion of a shard is done after verifying the Chunks have been moved out of that shard.
-
-In this use case, the existing database Sharding is having:
-
-* Primary GSM Pods `gsm1` and standby GSM Pod `gsm2`
-* Five sharding Pods: `shard1`,`shard2`,`shard3`,`shard4` and `shard5`
-* One Catalog Pod: `catalog`
-* Namespace: `shns`
-* `RAFT Replication` enabled
-
-In this example, we are using pre-built Oracle Database and Global Data Services container images available on [Oracle Container Registry](https://container-registry.oracle.com/)
-  * To pull the above images from Oracle Container Registry, create a Kubernetes secret named `ocr-reg-cred` using your credentials with type set to `kubernetes.io/dockerconfigjson` in the namespace `shns`.
-  * If you plan to use images built by you, you need to change `dbImage` and `gsmImage` tag with the images you have built in your enviornment in file `snr_ssharding_shard_prov_delshard.yaml`.
-  * To understand the Pre-requisite of Database and Global Data Services docker images, refer [Oracle Database and Global Data Services Docker Images](../../README.md#3-oracle-database-and-global-data-services-docker-images)
-  * In case you want to use the [Oracle Database 23ai Free](https://www.oracle.com/database/free/get-started/) Image for Database and GSM, then you will need to add the additional parameter `dbEdition: "free"` to the below .yaml file.
-  * Make sure the version of `openssl` in the Oracle Database and Oracle GSM images is compatible with the `openssl` version on the machine where you will run the openssl commands to generated the encrypted password file during the deployment.
-
-NOTE: Use tag `isDelete: enable` to delete the shard you want.
-
-This use case deletes the shard `shard4` from the above Sharding Topology.
-
-Use the file: [snr_ssharding_shard_prov_delshard.yaml](./snr_ssharding_shard_prov_delshard.yaml) for this use case as below:
-
-1. Deploy the `snr_ssharding_shard_prov_delshard.yaml` file:
-    ```sh
-    kubectl apply -f snr_ssharding_shard_prov_delshard.yaml
-    ```
-2. Check the status of the deployment:
-    ```sh
-    # Check the status of the Kubernetes Pods:
-    kubectl get all -n shns
-
-**NOTE:** After you apply `snr_ssharding_shard_prov_delshard.yaml`, the change may not be visible immediately. When the shard is removed, first the chunks will be moved out of that shard that is going to be deleted.
-
-To monitor the chunk movement, use the following command:
-
-```sh
-# Switch to the primary GSM Container:
-kubectl exec -i -t gsm1-0 -n shns /bin/bash
-
-# Check the status of the chunks and repeat to observe the chunk movement:
-gdsctl config chunks
-```
diff --git a/docs/sharding/provisioning/snr_system_sharding/snr_ssharding_scale_out_add_shards.md b/docs/sharding/provisioning/snr_system_sharding/snr_ssharding_scale_out_add_shards.md
deleted file mode 100644
index 3461bf13..00000000
--- a/docs/sharding/provisioning/snr_system_sharding/snr_ssharding_scale_out_add_shards.md
+++ /dev/null
@@ -1,38 +0,0 @@
-# Scale Out - Add Shards to an existing Oracle Sharded Database provisioned earlier with System-Managed Sharding with RAFT replication enabled
-
-**NOTE: RAFT Replication Feature is available only for Oracle 23ai RDBMS and Oracle 23ai GSM version.**
-
-**IMPORTANT:** Make sure you have completed the steps for [Prerequsites for Running Oracle Sharding Database Controller](../../README.md#prerequsites-for-running-oracle-sharding-database-controller) before using Oracle Sharding Controller.
-
-This use case demonstrates adding a new shard to an existing Oracle Database sharding topology with System-Managed with RAFT Replication enabled provisioned earlier using Oracle Database Sharding controller.
-
-In this use case, the existing Oracle Database sharding topology is having:
-
-* Primary GSM Pods `gsm1` and standby GSM Pod `gsm2`
-* Three sharding Pods: `shard1`, `shard2` and `shard3`
-* One Catalog Pod: `catalog`
-* Namespace: `shns`
-* `RAFT Replication` enabled
-
-In this example, we are using pre-built Oracle Database and Global Data Services container images available on [Oracle Container Registry](https://container-registry.oracle.com/)
-  * To pull the above images from Oracle Container Registry, create a Kubernetes secret named `ocr-reg-cred` using your credentials with type set to `kubernetes.io/dockerconfigjson` in the namespace `shns`.
-  * If you plan to use images built by you, you need to change `dbImage` and `gsmImage` tag with the images you have built in your enviornment in file `snr_ssharding_shard_prov_extshard.yaml`.
-  * To understand the Pre-requisite of Database and Global Data Services docker images, refer [Oracle Database and Global Data Services Docker Images](../../README.md#3-oracle-database-and-global-data-services-docker-images)
-  * If the existing Sharding Topology was deployed using [Oracle Database 23ai Free](https://www.oracle.com/database/free/get-started/) Image for Database and GSM, then the additional parameter `dbEdition: "free"` will be needed for the below .yaml file as well.
-  * Make sure the version of `openssl` in the Oracle Database and Oracle GSM images is compatible with the `openssl` version on the machine where you will run the openssl commands to generated the encrypted password file during the deployment.
-
-This use case adds two new shards `shard4`,`shard5` to above Sharding Topology.
-
-Use the file: [snr_ssharding_shard_prov_extshard.yaml](./snr_ssharding_shard_prov_extshard.yaml) for this use case as below:
-
-1. Deploy the `snr_ssharding_shard_prov_extshard.yaml` file:
-    ```sh
-    kubectl apply -f snr_ssharding_shard_prov_extshard.yaml
-    ```
-2. Check the status of the deployment:
-    ```sh
-    # Check the status of the Kubernetes Pods:
-    kubectl get all -n shns
-
-    # Check the logs of a particular pod. For example, to check status of pod "shard4-0":
-    kubectl logs -f pod/shard4-0 -n shns
diff --git a/docs/sharding/provisioning/snr_system_sharding/snr_ssharding_shard_prov.yaml b/docs/sharding/provisioning/snr_system_sharding/snr_ssharding_shard_prov.yaml
index 53b93a0d..2f7b6ebe 100644
--- a/docs/sharding/provisioning/snr_system_sharding/snr_ssharding_shard_prov.yaml
+++ b/docs/sharding/provisioning/snr_system_sharding/snr_ssharding_shard_prov.yaml
@@ -3,18 +3,27 @@
 # Licensed under the Universal Permissive License v 1.0 as shown at http://oss.oracle.com/licenses/upl.
 #
 ---
+# API version of the ShardingDatabase Custom Resource
 apiVersion: database.oracle.com/v4
+
+# Resource type being created
 kind: ShardingDatabase
+
+# Metadata section to define the resource's name and namespace
 metadata:
-  name: shardingdatabase-sample
-  namespace: shns
+  name: shardingdatabase-sample                                             # Name of the ShardingDatabase instance
+  namespace: shns                                                           # Kubernetes namespace to deploy into
+
+# Specs for the ShardingDatabase instance
 spec:
+
+ # Details of the individual shard databases
  shard:
-    - name: shard1
-      storageSizeInGb: 50
-      imagePullPolicy: "Always"
-      shardGroup: shardgroup1
-      shardRegion: primary
+    - name: shard1                                                          # Name of the shard database
+      storageSizeInGb: 50                                                   # Size of the Disk Storage allocated to the Shard Database pod
+      imagePullPolicy: "Always"                                             # Image Pull Policy for the Database Container Image
+      shardGroup: shardgroup1                                               # Shard Group name for the Shard Database
+      shardRegion: primary                                                  # Name of the region for the Shard Database
     - name: shard2
       storageSizeInGb: 50
       imagePullPolicy: "Always"
@@ -25,34 +34,63 @@ spec:
       imagePullPolicy: "Always"
       shardGroup: shardgroup1
       shardRegion: primary
+
+ # Details of the individual shard databases     
  catalog:
-    - name: catalog
-      storageSizeInGb: 50
-      imagePullPolicy: "Always"
+    - name: catalog                                                         # Name of the Catalog database
+      storageSizeInGb: 50                                                   # Size of the Disk Storage allocated to the Shard Database pod
+      imagePullPolicy: "Always"                                             # Image Pull Policy for the Database Container Image
+
+ # Details of the GSM Pods     
  gsm:
-    - name: gsm1
-      imagePullPolicy: "Always"
-      storageSizeInGb: 50
-      region: primary
-    - name: gsm2
-      imagePullPolicy: "Always"
-      storageSizeInGb: 50
-      region: standby
+    - name: gsm1                                                            # Name of the Primary Global Service Manager
+      imagePullPolicy: "Always"                                             # Image Pull Policy for the GSM Container Image
+      storageSizeInGb: 50                                                   # Size of the Disk Storage allocated to the GSM pod
+      region: primary                                                       # Name of the Primary region for the Shard Database
+
+    - name: gsm2                                                            # Name of the Standby Global Service Manager
+      imagePullPolicy: "Always"                                             # Image Pull Policy for the GSM Container Image
+      storageSizeInGb: 50                                                   # Size of the Disk Storage allocated to the GSM pod
+      region: standby                                                       # Name of the Standby region for the Shard Database
+
+ # Kubernetes Storage Class Name
  storageClass: oci
+
+ # Database Container Image to be used for Catalog and Shard Database
  dbImage: container-registry.oracle.com/database/free:latest
+
+ # Database Conrainer Image Pull Secret
  dbImagePullSecret: ocr-reg-cred
+
+ # GSM Container Image to be used for GSM Pods
  gsmImage: container-registry.oracle.com/database/gsm:latest
+
+ # GSM Conrainer Image Pull Secret
  gsmImagePullSecret: ocr-reg-cred
+
+ # Specify the Database Edition as "free" for Oracle Database FREE
  dbEdition: "free"
+
+ # Parameter value for RAFT Replication for the Oracle Globally Distributed Database
  replicationType: "native"
+
+ # Whether an External Load Balancer has to be configured for the Catalog, Shard and GSM Pods
  isExternalSvc: False
+
+ # If set to true, the Persistent Volumes will be deleted when the deployment for the Oracle Globally Distributed Database is deleted
  isDeleteOraPvc: True
+
+ # Details of the Database Secret 
  dbSecret:
    name: db-user-pass-rsa
    pwdFileName: pwdfile.enc
    keyFileName: key.pem
+
+ # Details of Services to be created for the Oracle Globally Distributed Database Resource
  gsmService:
    - name: oltp_rw_svc
      role: primary
+     ruMode: READWRITE                       # Specify the ruMode for the service as READWRITE in RAFT Replication Setup
    - name: oltp_ro_svc
      role: primary
+     ruMode: READONLY                        # Specify the ruMode for the service as READWRITE in RAFT Replication Setup
diff --git a/docs/sharding/provisioning/snr_system_sharding/snr_ssharding_shard_prov_chunks.yaml b/docs/sharding/provisioning/snr_system_sharding/snr_ssharding_shard_prov_chunks.yaml
deleted file mode 100644
index 0230eac2..00000000
--- a/docs/sharding/provisioning/snr_system_sharding/snr_ssharding_shard_prov_chunks.yaml
+++ /dev/null
@@ -1,61 +0,0 @@
-#
-# Copyright (c) 2022, Oracle and/or its affiliates. 
-# Licensed under the Universal Permissive License v 1.0 as shown at http://oss.oracle.com/licenses/upl.
-#
----
-apiVersion: database.oracle.com/v4
-kind: ShardingDatabase
-metadata:
-  name: shardingdatabase-sample
-  namespace: shns
-spec:
- shard:
-    - name: shard1
-      storageSizeInGb: 50
-      imagePullPolicy: "Always"
-      shardGroup: shardgroup1
-      shardRegion: primary
-    - name: shard2
-      storageSizeInGb: 50
-      imagePullPolicy: "Always"
-      shardGroup: shardgroup1
-      shardRegion: primary
-    - name: shard3
-      storageSizeInGb: 50
-      imagePullPolicy: "Always"
-      shardGroup: shardgroup1
-      shardRegion: primary
- catalog:
-    - name: catalog
-      storageSizeInGb: 50
-      imagePullPolicy: "Always"
-      envVars:
-        - name:  "CATALOG_CHUNKS"
-          value: "120"
- gsm:
-    - name: gsm1
-      imagePullPolicy: "Always"
-      storageSizeInGb: 50
-      region: primary
-    - name: gsm2
-      imagePullPolicy: "Always"
-      storageSizeInGb: 50
-      region: standby
- storageClass: oci
- dbImage: container-registry.oracle.com/database/free:latest
- dbImagePullSecret: ocr-reg-cred
- gsmImage: container-registry.oracle.com/database/gsm:latest
- gsmImagePullSecret: ocr-reg-cred
- dbEdition: "free"
- replicationType: "native"
- isExternalSvc: False
- isDeleteOraPvc: True
- dbSecret:
-   name: db-user-pass-rsa
-   pwdFileName: pwdfile.enc
-   keyFileName: key.pem
- gsmService:
-   - name: oltp_rw_svc
-     role: primary
-   - name: oltp_ro_svc
-     role: primary
diff --git a/docs/sharding/provisioning/snr_system_sharding/snr_ssharding_shard_prov_clone.yaml b/docs/sharding/provisioning/snr_system_sharding/snr_ssharding_shard_prov_clone.yaml
deleted file mode 100644
index fcc18da0..00000000
--- a/docs/sharding/provisioning/snr_system_sharding/snr_ssharding_shard_prov_clone.yaml
+++ /dev/null
@@ -1,83 +0,0 @@
-#
-# Copyright (c) 2022, Oracle and/or its affiliates. 
-# Licensed under the Universal Permissive License v 1.0 as shown at http://oss.oracle.com/licenses/upl.
-#
----
-apiVersion: database.oracle.com/v4
-kind: ShardingDatabase
-metadata:
-  name: shardingdatabase-sample
-  namespace: shns
-spec:
- shard:
-    - name: shard1
-      storageSizeInGb: 50
-      nodeSelector:
-        "failure-domain.beta.kubernetes.io/zone": "PHX-AD-1"
-      pvMatchLabels:
-        "failure-domain.beta.kubernetes.io/zone": "PHX-AD-1"
-      pvAnnotations:
-        volume.beta.kubernetes.io/oci-volume-source: ocid1.volume.oc1.phx.abyhqljr3z3w72t6ay5eud7d5w3kdfhktfp6gwb6euy5tzwfaxgmbvwqlvsq
-      imagePullPolicy: "Always"
-      shardGroup: shardgroup1
-      shardRegion: primary
-    - name: shard2
-      storageSizeInGb: 50
-      nodeSelector:
-        "failure-domain.beta.kubernetes.io/zone": "PHX-AD-1"
-      pvMatchLabels:
-        "failure-domain.beta.kubernetes.io/zone": "PHX-AD-1"
-      pvAnnotations:
-        volume.beta.kubernetes.io/oci-volume-source: ocid1.volume.oc1.phx.abyhqljr3z3w72t6ay5eud7d5w3kdfhktfp6gwb6euy5tzwfaxgmbvwqlvsq
-      imagePullPolicy: "Always"
-      shardGroup: shardgroup1
-      shardRegion: primary
-    - name: shard3
-      storageSizeInGb: 50
-      nodeSelector:
-        "failure-domain.beta.kubernetes.io/zone": "PHX-AD-1"
-      pvMatchLabels:
-        "failure-domain.beta.kubernetes.io/zone": "PHX-AD-1"
-      pvAnnotations:
-        volume.beta.kubernetes.io/oci-volume-source: ocid1.volume.oc1.phx.abyhqljr3z3w72t6ay5eud7d5w3kdfhktfp6gwb6euy5tzwfaxgmbvwqlvsq
-      imagePullPolicy: "Always"
-      shardGroup: shardgroup1
-      shardRegion: primary
- catalog:
-    - name: catalog
-      storageSizeInGb: 50
-      nodeSelector:
-        "failure-domain.beta.kubernetes.io/zone": "PHX-AD-1"
-      pvMatchLabels:
-        "failure-domain.beta.kubernetes.io/zone": "PHX-AD-1"
-      pvAnnotations:
-        volume.beta.kubernetes.io/oci-volume-source: ocid1.volume.oc1.phx.abyhqljr3z3w72t6ay5eud7d5w3kdfhktfp6gwb6euy5tzwfaxgmbvwqlvsq
-      imagePullPolicy: "Always"
- gsm:
-    - name: gsm1
-      imagePullPolicy: "Always"
-      storageSizeInGb: 50
-      region: primary
-    - name: gsm2
-      imagePullPolicy: "Always"
-      storageSizeInGb: 50
-      region: standby
- storageClass: oci
- dbImage: container-registry.oracle.com/database/free:latest
- dbImagePullSecret: ocr-reg-cred
- gsmImage: container-registry.oracle.com/database/gsm:latest
- gsmImagePullSecret: ocr-reg-cred
- dbEdition: "free"
- replicationType: "native"
- isExternalSvc: False
- isDeleteOraPvc: True
- isClone: True
- dbSecret:
-   name: db-user-pass-rsa
-   pwdFileName: pwdfile.enc
-   keyFileName: key.pem
- gsmService:
-   - name: oltp_rw_svc
-     role: primary
-   - name: oltp_ro_svc
-     role: primary
diff --git a/docs/sharding/provisioning/snr_system_sharding/snr_ssharding_shard_prov_clone_across_ads.yaml b/docs/sharding/provisioning/snr_system_sharding/snr_ssharding_shard_prov_clone_across_ads.yaml
deleted file mode 100644
index 0663f8a5..00000000
--- a/docs/sharding/provisioning/snr_system_sharding/snr_ssharding_shard_prov_clone_across_ads.yaml
+++ /dev/null
@@ -1,91 +0,0 @@
-#
-# Copyright (c) 2022, Oracle and/or its affiliates. 
-# Licensed under the Universal Permissive License v 1.0 as shown at http://oss.oracle.com/licenses/upl.
-#
----
-apiVersion: database.oracle.com/v4
-kind: ShardingDatabase
-metadata:
-  name: shardingdatabase-sample
-  namespace: shns
-spec:
- shard:
-    - name: shard1
-      storageSizeInGb: 50
-      nodeSelector:
-        "failure-domain.beta.kubernetes.io/zone": "PHX-AD-1"
-      pvMatchLabels:
-        "failure-domain.beta.kubernetes.io/zone": "PHX-AD-1"
-      pvAnnotations:
-        volume.beta.kubernetes.io/oci-volume-source: ocid1.volumebackup.oc1.phx.abyhqljrxtv7tu5swqb3lzc7vpzwbwzdktd2y4k2vjjy2srmgu2w7bqdftjq
-      imagePullPolicy: "Always"
-      shardGroup: shardgroup1
-      shardRegion: primary
-    - name: shard2
-      storageSizeInGb: 50
-      nodeSelector:
-        "failure-domain.beta.kubernetes.io/zone": "PHX-AD-2"
-      pvMatchLabels:
-        "failure-domain.beta.kubernetes.io/zone": "PHX-AD-2"
-      pvAnnotations:
-        volume.beta.kubernetes.io/oci-volume-source: ocid1.volumebackup.oc1.phx.abyhqljrxtv7tu5swqb3lzc7vpzwbwzdktd2y4k2vjjy2srmgu2w7bqdftjq
-      imagePullPolicy: "Always"
-      shardGroup: shardgroup1
-      shardRegion: primary
-    - name: shard3
-      storageSizeInGb: 50
-      nodeSelector:
-        "failure-domain.beta.kubernetes.io/zone": "PHX-AD-3"
-      pvMatchLabels:
-        "failure-domain.beta.kubernetes.io/zone": "PHX-AD-3"
-      pvAnnotations:
-        volume.beta.kubernetes.io/oci-volume-source: ocid1.volumebackup.oc1.phx.abyhqljrxtv7tu5swqb3lzc7vpzwbwzdktd2y4k2vjjy2srmgu2w7bqdftjq
-      imagePullPolicy: "Always"
-      shardGroup: shardgroup1
-      shardRegion: primary
- catalog:
-    - name: catalog
-      storageSizeInGb: 50
-      nodeSelector:
-        "failure-domain.beta.kubernetes.io/zone": "PHX-AD-1"
-      pvMatchLabels:
-        "failure-domain.beta.kubernetes.io/zone": "PHX-AD-1"
-      pvAnnotations:
-        volume.beta.kubernetes.io/oci-volume-source: ocid1.volumebackup.oc1.phx.abyhqljrxtv7tu5swqb3lzc7vpzwbwzdktd2y4k2vjjy2srmgu2w7bqdftjq
-      imagePullPolicy: "Always"
- gsm:
-    - name: gsm1
-      imagePullPolicy: "Always"
-      storageSizeInGb: 50
-      region: primary
-      nodeSelector:
-        "failure-domain.beta.kubernetes.io/zone": "PHX-AD-3"
-      pvMatchLabels:
-        "failure-domain.beta.kubernetes.io/zone": "PHX-AD-3"
-    - name: gsm2
-      imagePullPolicy: "Always"
-      storageSizeInGb: 50
-      region: standby
-      nodeSelector:
-        "failure-domain.beta.kubernetes.io/zone": "PHX-AD-3"
-      pvMatchLabels:
-        "failure-domain.beta.kubernetes.io/zone": "PHX-AD-3"
- storageClass: oci
- dbImage: container-registry.oracle.com/database/free:latest
- dbImagePullSecret: ocr-reg-cred
- gsmImage: container-registry.oracle.com/database/gsm:latest
- gsmImagePullSecret: ocr-reg-cred
- dbEdition: "free"
- replicationType: "native" 
- isExternalSvc: False
- isDeleteOraPvc: True
- isClone: True
- dbSecret:
-   name: db-user-pass-rsa
-   pwdFileName: pwdfile.enc
-   keyFileName: key.pem
- gsmService:
-   - name: oltp_rw_svc
-     role: primary
-   - name: oltp_ro_svc
-     role: primary
diff --git a/docs/sharding/provisioning/snr_system_sharding/snr_ssharding_shard_prov_delshard.yaml b/docs/sharding/provisioning/snr_system_sharding/snr_ssharding_shard_prov_delshard.yaml
deleted file mode 100644
index ce194246..00000000
--- a/docs/sharding/provisioning/snr_system_sharding/snr_ssharding_shard_prov_delshard.yaml
+++ /dev/null
@@ -1,69 +0,0 @@
-#
-# Copyright (c) 2022, Oracle and/or its affiliates. 
-# Licensed under the Universal Permissive License v 1.0 as shown at http://oss.oracle.com/licenses/upl.
-#
----
-apiVersion: database.oracle.com/v4
-kind: ShardingDatabase
-metadata:
-  name: shardingdatabase-sample
-  namespace: shns
-spec:
- shard:
-    - name: shard1
-      storageSizeInGb: 50
-      imagePullPolicy: "Always"
-      shardGroup: shardgroup1
-      shardRegion: primary
-    - name: shard2
-      storageSizeInGb: 50
-      imagePullPolicy: "Always"
-      shardGroup: shardgroup1
-      shardRegion: primary
-    - name: shard3
-      storageSizeInGb: 50
-      imagePullPolicy: "Always"
-      shardGroup: shardgroup1
-      shardRegion: primary
-    - name: shard4
-      isDelete: enable
-      storageSizeInGb: 50
-      imagePullPolicy: "Always"
-      shardGroup: shardgroup1
-      shardRegion: primary
-    - name: shard5
-      storageSizeInGb: 50
-      imagePullPolicy: "Always"
-      shardGroup: shardgroup1
-      shardRegion: primary
- catalog:
-    - name: catalog
-      storageSizeInGb: 50
-      imagePullPolicy: "Always"
- gsm:
-    - name: gsm1
-      imagePullPolicy: "Always"
-      storageSizeInGb: 50
-      region: primary
-    - name: gsm2
-      imagePullPolicy: "Always"
-      storageSizeInGb: 50
-      region: standby
- storageClass: oci
- dbImage: container-registry.oracle.com/database/free:latest
- dbImagePullSecret: ocr-reg-cred
- gsmImage: container-registry.oracle.com/database/gsm:latest
- gsmImagePullSecret: ocr-reg-cred
- dbEdition: "free"
- replicationType: "native"
- isExternalSvc: False
- isDeleteOraPvc: True
- dbSecret:
-   name: db-user-pass-rsa
-   pwdFileName: pwdfile.enc
-   keyFileName: key.pem
- gsmService:
-   - name: oltp_rw_svc
-     role: primary
-   - name: oltp_ro_svc
-     role: primary
diff --git a/docs/sharding/provisioning/snr_system_sharding/snr_ssharding_shard_prov_extshard.yaml b/docs/sharding/provisioning/snr_system_sharding/snr_ssharding_shard_prov_extshard.yaml
deleted file mode 100644
index 8848b8c7..00000000
--- a/docs/sharding/provisioning/snr_system_sharding/snr_ssharding_shard_prov_extshard.yaml
+++ /dev/null
@@ -1,68 +0,0 @@
-#
-# Copyright (c) 2022, Oracle and/or its affiliates. 
-# Licensed under the Universal Permissive License v 1.0 as shown at http://oss.oracle.com/licenses/upl.
-#
----
-apiVersion: database.oracle.com/v4
-kind: ShardingDatabase
-metadata:
-  name: shardingdatabase-sample
-  namespace: shns
-spec:
- shard:
-    - name: shard1
-      storageSizeInGb: 50
-      imagePullPolicy: "Always"
-      shardGroup: shardgroup1
-      shardRegion: primary
-    - name: shard2
-      storageSizeInGb: 50
-      imagePullPolicy: "Always"
-      shardGroup: shardgroup1
-      shardRegion: primary
-    - name: shard3
-      storageSizeInGb: 50
-      imagePullPolicy: "Always"
-      shardGroup: shardgroup1
-      shardRegion: primary
-    - name: shard4
-      storageSizeInGb: 50
-      imagePullPolicy: "Always"
-      shardGroup: shardgroup1
-      shardRegion: primary
-    - name: shard5
-      storageSizeInGb: 50
-      imagePullPolicy: "Always"
-      shardGroup: shardgroup1
-      shardRegion: primary
- catalog:
-    - name: catalog
-      storageSizeInGb: 50
-      imagePullPolicy: "Always"
- gsm:
-    - name: gsm1
-      imagePullPolicy: "Always"
-      storageSizeInGb: 50
-      region: primary
-    - name: gsm2
-      imagePullPolicy: "Always"
-      storageSizeInGb: 50
-      region: standby
- storageClass: oci
- dbImage: container-registry.oracle.com/database/free:latest
- dbImagePullSecret: ocr-reg-cred
- gsmImage: container-registry.oracle.com/database/gsm:latest
- gsmImagePullSecret: ocr-reg-cred
- dbEdition: "free"
- replicationType: "native"
- isExternalSvc: False
- isDeleteOraPvc: True
- dbSecret:
-   name: db-user-pass-rsa
-   pwdFileName: pwdfile.enc
-   keyFileName: key.pem
- gsmService:
-   - name: oltp_rw_svc
-     role: primary
-   - name: oltp_ro_svc
-     role: primary
diff --git a/docs/sharding/provisioning/snr_system_sharding/snr_ssharding_shard_prov_memory_cpu.yaml b/docs/sharding/provisioning/snr_system_sharding/snr_ssharding_shard_prov_memory_cpu.yaml
index dce4ba29..191fd6dc 100644
--- a/docs/sharding/provisioning/snr_system_sharding/snr_ssharding_shard_prov_memory_cpu.yaml
+++ b/docs/sharding/provisioning/snr_system_sharding/snr_ssharding_shard_prov_memory_cpu.yaml
@@ -3,27 +3,40 @@
 # Licensed under the Universal Permissive License v 1.0 as shown at http://oss.oracle.com/licenses/upl.
 #
 ---
+# API version of the ShardingDatabase Custom Resource
 apiVersion: database.oracle.com/v4
+
+# Resource type being created
 kind: ShardingDatabase
+
+# Metadata section to define the resource's name and namespace
 metadata:
-  name: shardingdatabase-sample
-  namespace: shns
+  name: shardingdatabase-sample                                             # Name of the ShardingDatabase instance
+  namespace: shns                                                           # Kubernetes namespace to deploy into
+
+# Specs for the ShardingDatabase instance
 spec:
+
+ # Details of the individual shard databases
  shard:
-    - name: shard1
-      storageSizeInGb: 50
+    - name: shard1                                                          # Name of the shard database
+      storageSizeInGb: 50                                                   # Size of the Disk Storage allocated to the Shard Database pod
+
+      # Memory and CPU allocation for the Shard Database pod
       resources:
         requests:
           memory: "1000Mi"
           cpu: "1000m"
+      
+      # SGA and PGA values for the Shard Database
       envVars:
         - name: "INIT_SGA_SIZE"
           value: "600"
         - name: "INIT_PGA_SIZE"
-          value: "400"
-      imagePullPolicy: "Always"
-      shardGroup: shardgroup1
-      shardRegion: primary
+          value: "400"      
+      imagePullPolicy: "Always"                                             # Image Pull Policy for the Database Container Image
+      shardGroup: shardgroup1                                               # Shard Group name for the Shard Database
+      shardRegion: primary                                                  # Name of the region for the Shard Database
     - name: shard2
       storageSizeInGb: 50
       resources:
@@ -34,7 +47,7 @@ spec:
         - name: "INIT_SGA_SIZE"
           value: "600"
         - name: "INIT_PGA_SIZE"
-          value: "400"
+          value: "400"      
       imagePullPolicy: "Always"
       shardGroup: shardgroup1
       shardRegion: primary
@@ -48,42 +61,71 @@ spec:
         - name: "INIT_SGA_SIZE"
           value: "600"
         - name: "INIT_PGA_SIZE"
-          value: "400"
+          value: "400"      
       imagePullPolicy: "Always"
       shardGroup: shardgroup1
       shardRegion: primary
+
+ # Details of the individual shard databases     
  catalog:
-    - name: catalog
-      storageSizeInGb: 50
+    - name: catalog                                                         # Name of the Catalog database
+      storageSizeInGb: 50                                                   # Size of the Disk Storage allocated to the Shard Database pod
       resources:
         requests:
           memory: "1000Mi"
-          cpu: "1000m"
-      imagePullPolicy: "Always"
+          cpu: "1000m"      
+      imagePullPolicy: "Always"                                             # Image Pull Policy for the Database Container Image
+
+ # Details of the GSM Pods     
  gsm:
-    - name: gsm1
-      imagePullPolicy: "Always"
-      storageSizeInGb: 50
-      region: primary
-    - name: gsm2
-      imagePullPolicy: "Always"
-      storageSizeInGb: 50
-      region: standby
+    - name: gsm1                                                            # Name of the Primary Global Service Manager
+      imagePullPolicy: "Always"                                             # Image Pull Policy for the GSM Container Image
+      storageSizeInGb: 50                                                   # Size of the Disk Storage allocated to the GSM pod
+      region: primary                                                       # Name of the Primary region for the Shard Database
+
+    - name: gsm2                                                            # Name of the Standby Global Service Manager
+      imagePullPolicy: "Always"                                             # Image Pull Policy for the GSM Container Image
+      storageSizeInGb: 50                                                   # Size of the Disk Storage allocated to the GSM pod
+      region: standby                                                       # Name of the Standby region for the Shard Database
+
+ # Kubernetes Storage Class Name
  storageClass: oci
+
+ # Database Container Image to be used for Catalog and Shard Database
  dbImage: container-registry.oracle.com/database/free:latest
+
+ # Database Conrainer Image Pull Secret
  dbImagePullSecret: ocr-reg-cred
+
+ # GSM Container Image to be used for GSM Pods
  gsmImage: container-registry.oracle.com/database/gsm:latest
+
+ # GSM Conrainer Image Pull Secret
  gsmImagePullSecret: ocr-reg-cred
+
+ # Specify the Database Edition as "free" for Oracle Database FREE
  dbEdition: "free"
- replicationType: "native" 
+
+ # Parameter value for RAFT Replication for the Oracle Globally Distributed Database
+ replicationType: "native"
+
+ # Whether an External Load Balancer has to be configured for the Catalog, Shard and GSM Pods
  isExternalSvc: False
+
+ # If set to true, the Persistent Volumes will be deleted when the deployment for the Oracle Globally Distributed Database is deleted
  isDeleteOraPvc: True
+
+ # Details of the Database Secret 
  dbSecret:
    name: db-user-pass-rsa
    pwdFileName: pwdfile.enc
    keyFileName: key.pem
+
+ # Details of Services to be created for the Oracle Globally Distributed Database Resource
  gsmService:
    - name: oltp_rw_svc
      role: primary
+     ruMode: READWRITE                       # Specify the ruMode for the service as READWRITE in RAFT Replication Setup
    - name: oltp_ro_svc
      role: primary
+     ruMode: READONLY                        # Specify the ruMode for the service as READWRITE in RAFT Replication Setup
\ No newline at end of file
diff --git a/docs/sharding/provisioning/snr_system_sharding/snr_ssharding_shard_prov_send_notification.yaml b/docs/sharding/provisioning/snr_system_sharding/snr_ssharding_shard_prov_send_notification.yaml
index 2b410e8b..55690010 100644
--- a/docs/sharding/provisioning/snr_system_sharding/snr_ssharding_shard_prov_send_notification.yaml
+++ b/docs/sharding/provisioning/snr_system_sharding/snr_ssharding_shard_prov_send_notification.yaml
@@ -3,24 +3,33 @@
 # Licensed under the Universal Permissive License v 1.0 as shown at http://oss.oracle.com/licenses/upl.
 #
 ---
+# API version of the ShardingDatabase Custom Resource
 apiVersion: database.oracle.com/v4
+
+# Resource type being created
 kind: ShardingDatabase
+
+# Metadata section to define the resource's name and namespace
 metadata:
-  name: shardingdatabase-sample
-  namespace: shns
+  name: shardingdatabase-sample                                             # Name of the ShardingDatabase instance
+  namespace: shns                                                           # Kubernetes namespace to deploy into
+
+# Specs for the ShardingDatabase instance
 spec:
+
+ # Details of the individual shard databases
  shard:
-    - name: shard1
-      storageSizeInGb: 50
-      nodeSelector:
+    - name: shard1                                                          # Name of the shard database
+      storageSizeInGb: 50                                                   # Size of the Disk Storage allocated to the Shard Database pod
+      nodeSelector:                                                         # Node Selector the worker node to deploy the Pod. Worker Node with this label will be selected for the Pod.
         "failure-domain.beta.kubernetes.io/zone": "PHX-AD-1"
-      pvMatchLabels:
+      pvMatchLabels:                                                        # To specify the availability domain where the Persistent Volume will be created. It should be same as the nodeSelector.
         "failure-domain.beta.kubernetes.io/zone": "PHX-AD-1"
       pvAnnotations:
-        volume.beta.kubernetes.io/oci-volume-source: ocid1.volumebackup.oc1.phx.abyhqljrxtv7tu5swqb3lzc7vpzwbwzdktd2y4k2vjjy2srmgu2w7bqdftjq
-      imagePullPolicy: "Always"
-      shardGroup: shardgroup1
-      shardRegion: primary
+        volume.beta.kubernetes.io/oci-volume-source: ocid1.volumebackup.oc1.phx.abyhqljrxtv7tu5swqb3lzc7vpzwbwzdktd2y4k2vjjy2srmgu2w7bqdftjq      # Specify the OCID of the Block Volume Backup which has the Database Gold Image
+      imagePullPolicy: "Always"                                             # Image Pull Policy for the Database Container Image
+      shardGroup: shardgroup1                                               # Shard Group name for the Shard Database
+      shardRegion: primary                                                  # Name of the region for the Shard Database
     - name: shard2
       storageSizeInGb: 50
       nodeSelector:
@@ -28,7 +37,7 @@ spec:
       pvMatchLabels:
         "failure-domain.beta.kubernetes.io/zone": "PHX-AD-2"
       pvAnnotations:
-        volume.beta.kubernetes.io/oci-volume-source: ocid1.volumebackup.oc1.phx.abyhqljrxtv7tu5swqb3lzc7vpzwbwzdktd2y4k2vjjy2srmgu2w7bqdftjq
+        volume.beta.kubernetes.io/oci-volume-source: ocid1.volumebackup.oc1.phx.abyhqljrxtv7tu5swqb3lzc7vpzwbwzdktd2y4k2vjjy2srmgu2w7bqdftjq      
       imagePullPolicy: "Always"
       shardGroup: shardgroup1
       shardRegion: primary
@@ -39,47 +48,82 @@ spec:
       pvMatchLabels:
         "failure-domain.beta.kubernetes.io/zone": "PHX-AD-3"
       pvAnnotations:
-        volume.beta.kubernetes.io/oci-volume-source: ocid1.volumebackup.oc1.phx.abyhqljrxtv7tu5swqb3lzc7vpzwbwzdktd2y4k2vjjy2srmgu2w7bqdftjq
+        volume.beta.kubernetes.io/oci-volume-source: ocid1.volumebackup.oc1.phx.abyhqljrxtv7tu5swqb3lzc7vpzwbwzdktd2y4k2vjjy2srmgu2w7bqdftjq      
       imagePullPolicy: "Always"
       shardGroup: shardgroup1
       shardRegion: primary
+
+ # Details of the individual shard databases     
  catalog:
-    - name: catalog
-      storageSizeInGb: 50
+    - name: catalog                                                         # Name of the Catalog database
+      storageSizeInGb: 50                                                   # Size of the Disk Storage allocated to the Shard Database pod
       nodeSelector:
         "failure-domain.beta.kubernetes.io/zone": "PHX-AD-1"
       pvMatchLabels:
         "failure-domain.beta.kubernetes.io/zone": "PHX-AD-1"
       pvAnnotations:
-        volume.beta.kubernetes.io/oci-volume-source: ocid1.volumebackup.oc1.phx.abyhqljrxtv7tu5swqb3lzc7vpzwbwzdktd2y4k2vjjy2srmgu2w7bqdftjq
-      imagePullPolicy: "Always"
+        volume.beta.kubernetes.io/oci-volume-source: ocid1.volumebackup.oc1.phx.abyhqljrxtv7tu5swqb3lzc7vpzwbwzdktd2y4k2vjjy2srmgu2w7bqdftjq      
+      imagePullPolicy: "Always"                                             # Image Pull Policy for the Database Container Image
+
+ # Details of the GSM Pods     
  gsm:
-    - name: gsm1
-      imagePullPolicy: "Always"
-      storageSizeInGb: 50
-      region: primary
-    - name: gsm2
-      imagePullPolicy: "Always"
-      storageSizeInGb: 50
-      region: standby
+    - name: gsm1                                                            # Name of the Primary Global Service Manager
+      imagePullPolicy: "Always"                                             # Image Pull Policy for the GSM Container Image
+      storageSizeInGb: 50                                                   # Size of the Disk Storage allocated to the GSM pod
+      region: primary                                                       # Name of the Primary region for the Shard Database
+
+    - name: gsm2                                                            # Name of the Standby Global Service Manager
+      imagePullPolicy: "Always"                                             # Image Pull Policy for the GSM Container Image
+      storageSizeInGb: 50                                                   # Size of the Disk Storage allocated to the GSM pod
+      region: standby                                                       # Name of the Standby region for the Shard Database
+
+ # Kubernetes Storage Class Name
  storageClass: oci
+
+ # Database Container Image to be used for Catalog and Shard Database
  dbImage: container-registry.oracle.com/database/free:latest
+
+ # Database Conrainer Image Pull Secret
  dbImagePullSecret: ocr-reg-cred
+
+ # GSM Container Image to be used for GSM Pods
  gsmImage: container-registry.oracle.com/database/gsm:latest
+
+ # GSM Conrainer Image Pull Secret
  gsmImagePullSecret: ocr-reg-cred
+
+ # Specify the Database Edition as "free" for Oracle Database FREE
  dbEdition: "free"
- replicationType: "native"  
+
+ # Parameter value for RAFT Replication for the Oracle Globally Distributed Database
+ replicationType: "native"
+
+ # Whether an External Load Balancer has to be configured for the Catalog, Shard and GSM Pods
  isExternalSvc: False
+
+ # If set to true, the Persistent Volumes will be deleted when the deployment for the Oracle Globally Distributed Database is deleted
  isDeleteOraPvc: True
- isClone: True
+
+ # To specify if Catalog and Shard Databases will be deployed by cloning from the Gold Image
+ isClone: True 
+
+ # Details of the Database Secret 
  dbSecret:
    name: db-user-pass-rsa
    pwdFileName: pwdfile.enc
    keyFileName: key.pem
+
+   # Specify the configmap created with the credentials of the OCI User Account which will be used for sending the OCI Notification
    nsConfigMap: onsconfigmap
-   nsSecret: my-secret
+
+   # Specify the secret which has the privatekey for the OCI User Account to be used for sending the OCI Notification
+   nsSecret: my-secret   
+
+ # Details of Services to be created for the Oracle Globally Distributed Database Resource
  gsmService:
    - name: oltp_rw_svc
      role: primary
+     ruMode: READWRITE                       # Specify the ruMode for the service as READWRITE in RAFT Replication Setup
    - name: oltp_ro_svc
      role: primary
+     ruMode: READONLY                        # Specify the ruMode for the service as READWRITE in RAFT Replication Setup
\ No newline at end of file
diff --git a/docs/sharding/provisioning/system_sharding/ssharding_provisioning_with_chunks_specified.md b/docs/sharding/provisioning/system_sharding/ssharding_provisioning_with_chunks_specified.md
index 649fc7c4..5e287e60 100644
--- a/docs/sharding/provisioning/system_sharding/ssharding_provisioning_with_chunks_specified.md
+++ b/docs/sharding/provisioning/system_sharding/ssharding_provisioning_with_chunks_specified.md
@@ -21,7 +21,7 @@ In this example, we are using pre-built Oracle Database and Global Data Services
   * To pull the above images from Oracle Container Registry, create a Kubernetes secret named `ocr-reg-cred` using your credentials with type set to `kubernetes.io/dockerconfigjson` in the namespace `shns`.
   * If you plan to use images built by you, you need to change `dbImage` and `gsmImage` tag with the images you have built in your enviornment in file `ssharding_shard_prov.yaml`.
   * To understand the Pre-requisite of Database and Global Data Services docker images, refer [Oracle Database and Global Data Services Docker Images](../../README.md#3-oracle-database-and-global-data-services-docker-images)
-  * In case you want to use the [Oracle Database 23ai Free](https://www.oracle.com/database/free/get-started/) Image for Database and GSM, then you will need to add the additional parameter `dbEdition: "free"` to the below .yaml file.
+  * In case you want to use the [Oracle Database 23ai Free](https://www.oracle.com/database/free/get-started/) Image for Database and GSM, then you will need to add the additional parameter `dbEdition: "free"` to the below .yaml file. 
   * Make sure the version of `openssl` in the Oracle Database and Oracle GSM images is compatible with the `openssl` version on the machine where you will run the openssl commands to generated the encrypted password file during the deployment.
   
 
diff --git a/docs/sharding/provisioning/system_sharding/ssharding_provisioning_with_control_on_resources.md b/docs/sharding/provisioning/system_sharding/ssharding_provisioning_with_control_on_resources.md
index d284bf9b..2e3d516f 100644
--- a/docs/sharding/provisioning/system_sharding/ssharding_provisioning_with_control_on_resources.md
+++ b/docs/sharding/provisioning/system_sharding/ssharding_provisioning_with_control_on_resources.md
@@ -17,7 +17,7 @@ In this example, we are using pre-built Oracle Database and Global Data Services
   * To pull the above images from Oracle Container Registry, create a Kubernetes secret named `ocr-reg-cred` using your credentials with type set to `kubernetes.io/dockerconfigjson` in the namespace `shns`.
   * If you plan to use images built by you, you need to change `dbImage` and `gsmImage` tag with the images you have built in your enviornment in file `ssharding_shard_prov_memory_cpu.yaml`.
   * To understand the Pre-requisite of Database and Global Data Services docker images, refer [Oracle Database and Global Data Services Docker Images](../../README.md#3-oracle-database-and-global-data-services-docker-images)
-  * In case you want to use the [Oracle Database 23ai Free](https://www.oracle.com/database/free/get-started/) Image for Database and GSM, then you will need to add the additional parameter `dbEdition: "free"` to the below .yaml file.
+  * In case you want to use the [Oracle Database 23ai Free](https://www.oracle.com/database/free/get-started/) Image for Database and GSM, then you will need to add the additional parameter `dbEdition: "free"` to the below .yaml file. 
   * Make sure the version of `openssl` in the Oracle Database and Oracle GSM images is compatible with the `openssl` version on the machine where you will run the openssl commands to generated the encrypted password file during the deployment.
 
   **NOTE:** For Oracle Database 23ai Free, you can control the `CPU` and `Memory` allocation of the PODs using tags `cpu` and `memory` respectively but tags `INIT_SGA_SIZE` and `INIT_PGA_SIZE` to control the SGA and PGA allocation at the database level are `not` supported.
diff --git a/docs/sharding/provisioning/system_sharding/ssharding_provisioning_with_notification_using_oci_notification.md b/docs/sharding/provisioning/system_sharding/ssharding_provisioning_with_notification_using_oci_notification.md
index e77718f4..8cce1b18 100644
--- a/docs/sharding/provisioning/system_sharding/ssharding_provisioning_with_notification_using_oci_notification.md
+++ b/docs/sharding/provisioning/system_sharding/ssharding_provisioning_with_notification_using_oci_notification.md
@@ -16,13 +16,13 @@ This example uses `ssharding_shard_prov_send_notification.yaml` to provision an
 
 **NOTE:**
 
-* The notification will be sent using a configmap created with the credentials of the OCI user account in this use case.
+* The notification will be sent using a configmap created with the credentials of the OCI user account used with this procedure.
 
 We will create a topic in Notification Service of the OCI Console and use its OCID. 
 
 To do this:
 
-1. Create a `configmap_data.txt` file, such as the following, which has the OCI User details that will be used to send notfication:
+1. Create a `configmap_data.txt` file, such as the following, which has the OCI User details that will be used to send notification:
 
     ```sh
     user=ocid1.user.oc1........fx7omxfq
@@ -31,12 +31,12 @@ To do this:
     region=us-phoenix-1
     topicid=ocid1.onstopic.oc1.phx.aaa............6xrq
     ```
-2. Create a configmap using the below command using the file created above:
+2. Using the file created in step 1, create a configmap with the following command:
     ```sh
     kubectl create configmap onsconfigmap --from-file=./configmap_data.txt -n shns
     ```
 
-3. Create a key file `priavatekey` having the PEM key of the OCI user being used to send notification:
+3. Create a key file called `privatekey` that has the PEM key of the OCI user being used to send notification:
     ```sh
     -----BEGIN PRIVATE KEY-G----
     MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQCXYxA0DJvEwtVR
@@ -61,16 +61,16 @@ To do this:
     kubectl describe secret my-secret -n shns
     ```
 
-In this example, we are using pre-built Oracle Database and Global Data Services container images available on [Oracle Container Registry](https://container-registry.oracle.com/)
-  * To pull the above images from Oracle Container Registry, create a Kubernetes secret named `ocr-reg-cred` using your credentials with type set to `kubernetes.io/dockerconfigjson` in the namespace `shns`.
-  * If you plan to use images built by you, you need to change `dbImage` and `gsmImage` tag with the images you have built in your enviornment in file `ssharding_shard_prov_send_notification.yaml`.
-  * To understand the Pre-requisite of Database and Global Data Services docker images, refer [Oracle Database and Global Data Services Docker Images](../../README.md#3-oracle-database-and-global-data-services-docker-images)
-  * In case you want to use the [Oracle Database 23ai Free](https://www.oracle.com/database/free/get-started/) Image for Database and GSM, then you will need to add the additional parameter `dbEdition: "free"` to the below .yaml file.
-  * Make sure the version of `openssl` in the Oracle Database and Oracle GSM images is compatible with the `openssl` version on the machine where you will run the openssl commands to generated the encrypted password file during the deployment.
+In this example, we are using pre-built Oracle Database and Global Data Services container images available on the [Oracle Container Registry](https://container-registry.oracle.com/)
+  * To pull these images from Oracle Container Registry, create a Kubernetes secret named `ocr-reg-cred` using your credentials with type set to `kubernetes.io/dockerconfigjson` in the namespace `shns`.
+  * If you plan to use images built by you, then you must exchange the `dbImage` and `gsmImage` tags for the images that you have built in your enviornment in file `ssharding_shard_prov_send_notification.yaml`.
+  * To understand the Database and Global Data Services Docker images prerequsites, see: [Oracle Database and Global Data Services Docker Images](../../README.md#3-oracle-database-and-global-data-services-docker-images)
+  * If you want to use the [Oracle Database 23ai Free image](https://www.oracle.com/database/free/get-started/) for Database and GSM, then you must add the additional parameter `dbEdition: "free"` to the `.yaml` file used in this procedure. 
+  * Ensure that the version of `openssl` in the Oracle Database and Oracle GSM images is compatible with the `openssl` version on the machine where you will run the openssl commands to generated the encrypted password file during the deployment.
   
-**NOTE:** Provisioning the Sharded Database using Cloning from Database Gold Image is `NOT` supported with Oracle Database 23ai Free.
+**NOTE:** Provisioning the Sharded Database using Cloning from Database Gold Image is _not_ supported with Oracle Database 23ai Free.
 
-Use the file: [ssharding_shard_prov_send_notification.yaml](./ssharding_shard_prov_send_notification.yaml) for this use case as below:
+Use the file: [ssharding_shard_prov_send_notification.yaml](./ssharding_shard_prov_send_notification.yaml) for this use case: 
 
 1. Deploy the `ssharding_shard_prov_send_notification.yaml` file:
     ```sh
diff --git a/docs/sharding/provisioning/system_sharding/ssharding_provisioning_without_db_gold_image.md b/docs/sharding/provisioning/system_sharding/ssharding_provisioning_without_db_gold_image.md
index 1ecb0ec1..ae28a635 100644
--- a/docs/sharding/provisioning/system_sharding/ssharding_provisioning_without_db_gold_image.md
+++ b/docs/sharding/provisioning/system_sharding/ssharding_provisioning_without_db_gold_image.md
@@ -16,12 +16,12 @@ This example uses `ssharding_shard_prov.yaml` to provision an Oracle Database sh
 
 In this example, we are using pre-built Oracle Database and Global Data Services container images available on [Oracle Container Registry](https://container-registry.oracle.com/)
   * To pull the above images from Oracle Container Registry, create a Kubernetes secret named `ocr-reg-cred` using your credentials with type set to `kubernetes.io/dockerconfigjson` in the namespace `shns`.
-  * If you plan to use images built by you, you need to change `dbImage` and `gsmImage` tag with the images you have built in your enviornment in file `ssharding_shard_prov.yaml`.
-  * To understand the Pre-requisite of Database and Global Data Services docker images, refer [Oracle Database and Global Data Services Docker Images](../../README.md#3-oracle-database-and-global-data-services-docker-images)
-  * In case you want to use the [Oracle Database 23ai Free](https://www.oracle.com/database/free/get-started/) Image for Database and GSM, then you will need to add the additional parameter `dbEdition: "free"` to the below .yaml file.
-  * Make sure the version of `openssl` in the Oracle Database and Oracle GSM images is compatible with the `openssl` version on the machine where you will run the openssl commands to generated the encrypted password file during the deployment.
+  * If you plan to use images built by you, then you must change `dbImage` and `gsmImage` tag with the images you have built in your enviornment in file `ssharding_shard_prov.yaml`.
+  * To understand Database and Global Data Services Docker images prerequsites, see [Oracle Database and Global Data Services Docker Images](../../README.md#3-oracle-database-and-global-data-services-docker-images)
+  * If you want to use the [Oracle Database 23ai Free](https://www.oracle.com/database/free/get-started/) Image for Database and GSM, then you must add the additional parameter `dbEdition: "free"` to the `.yaml` file with this document. 
+  * Ensure the version of `openssl` in the Oracle Database and Oracle GSM images is compatible with the `openssl` version on the machine where you will run the openssl commands to generated the encrypted password file during the deployment.
 
-Use the file: [ssharding_shard_prov.yaml](./ssharding_shard_prov.yaml) for this use case as below:
+Use the file: [ssharding_shard_prov.yaml](./ssharding_shard_prov.yaml) for this use case:
 
 1. Deploy the `ssharding_shard_prov.yaml` file:
     ```sh
diff --git a/docs/sharding/provisioning/system_sharding/ssharding_scale_in_delete_an_existing_shard.md b/docs/sharding/provisioning/system_sharding/ssharding_scale_in_delete_an_existing_shard.md
index 889de98c..da7cf3fe 100644
--- a/docs/sharding/provisioning/system_sharding/ssharding_scale_in_delete_an_existing_shard.md
+++ b/docs/sharding/provisioning/system_sharding/ssharding_scale_in_delete_an_existing_shard.md
@@ -17,7 +17,7 @@ In this example, we are using pre-built Oracle Database and Global Data Services
   * To pull the above images from Oracle Container Registry, create a Kubernetes secret named `ocr-reg-cred` using your credentials with type set to `kubernetes.io/dockerconfigjson` in the namespace `shns`.
   * If you plan to use images built by you, you need to change `dbImage` and `gsmImage` tag with the images you have built in your enviornment in file `ssharding_shard_prov_delshard.yaml`.
   * To understand the Pre-requisite of Database and Global Data Services docker images, refer [Oracle Database and Global Data Services Docker Images](../../README.md#3-oracle-database-and-global-data-services-docker-images)
-  * In case you want to use the [Oracle Database 23ai Free](https://www.oracle.com/database/free/get-started/) Image for Database and GSM, then you will need to add the additional parameter `dbEdition: "free"` to the below .yaml file.
+  * In case you want to use the [Oracle Database 23ai Free](https://www.oracle.com/database/free/get-started/) Image for Database and GSM, then you will need to add the additional parameter `dbEdition: "free"` to the below .yaml file. 
   * Make sure the version of `openssl` in the Oracle Database and Oracle GSM images is compatible with the `openssl` version on the machine where you will run the openssl commands to generated the encrypted password file during the deployment.
 
 NOTE: Use tag `isDelete: enable` to delete the shard you want.
diff --git a/docs/sharding/provisioning/system_sharding/ssharding_scale_out_add_shards.md b/docs/sharding/provisioning/system_sharding/ssharding_scale_out_add_shards.md
index 5086d887..32ecfc7c 100644
--- a/docs/sharding/provisioning/system_sharding/ssharding_scale_out_add_shards.md
+++ b/docs/sharding/provisioning/system_sharding/ssharding_scale_out_add_shards.md
@@ -15,7 +15,7 @@ In this example, we are using pre-built Oracle Database and Global Data Services
   * To pull the above images from Oracle Container Registry, create a Kubernetes secret named `ocr-reg-cred` using your credentials with type set to `kubernetes.io/dockerconfigjson` in the namespace `shns`.
   * If you plan to use images built by you, you need to change `dbImage` and `gsmImage` tag with the images you have built in your enviornment in file `ssharding_shard_prov_extshard.yaml`.
   * To understand the Pre-requisite of Database and Global Data Services docker images, refer [Oracle Database and Global Data Services Docker Images](../../README.md#3-oracle-database-and-global-data-services-docker-images)
-  * If the existing Sharding Topology was deployed using [Oracle Database 23ai Free](https://www.oracle.com/database/free/get-started/) Image for Database and GSM, then the additional parameter `dbEdition: "free"` will be needed for the below .yaml file as well.
+  * In case you want to use the [Oracle Database 23ai Free](https://www.oracle.com/database/free/get-started/) Image for Database and GSM, then you will need to add the additional parameter `dbEdition: "free"` to the below .yaml file. 
   * Make sure the version of `openssl` in the Oracle Database and Oracle GSM images is compatible with the `openssl` version on the machine where you will run the openssl commands to generated the encrypted password file during the deployment.
 
 This use case adds two new shards `shard4`,`shard5` to above Sharding Topology.
diff --git a/docs/sharding/provisioning/system_sharding/ssharding_shard_prov.yaml b/docs/sharding/provisioning/system_sharding/ssharding_shard_prov.yaml
index 1bdb9ce5..d09e93c7 100644
--- a/docs/sharding/provisioning/system_sharding/ssharding_shard_prov.yaml
+++ b/docs/sharding/provisioning/system_sharding/ssharding_shard_prov.yaml
@@ -3,18 +3,27 @@
 # Licensed under the Universal Permissive License v 1.0 as shown at http://oss.oracle.com/licenses/upl.
 #
 ---
+# API version of the ShardingDatabase Custom Resource
 apiVersion: database.oracle.com/v4
+
+# Resource type being created
 kind: ShardingDatabase
+
+# Metadata section to define the resource's name and namespace
 metadata:
-  name: shardingdatabase-sample
-  namespace: shns
+  name: shardingdatabase-sample                                             # Name of the ShardingDatabase instance
+  namespace: shns                                                           # Kubernetes namespace to deploy into
+
+# Specs for the ShardingDatabase instance
 spec:
+
+ # Details of the individual shard databases
  shard:
-    - name: shard1
-      storageSizeInGb: 50
-      imagePullPolicy: "Always"
-      shardGroup: shardgroup1
-      shardRegion: primary
+    - name: shard1                                                          # Name of the shard database
+      storageSizeInGb: 50                                                   # Size of the Disk Storage allocated to the Shard Database pod
+      imagePullPolicy: "Always"                                             # Image Pull Policy for the Database Container Image
+      shardGroup: shardgroup1                                               # Shard Group name for the Shard Database
+      shardRegion: primary                                                  # Name of the region for the Shard Database
     - name: shard2
       storageSizeInGb: 50
       imagePullPolicy: "Always"
@@ -25,30 +34,53 @@ spec:
       imagePullPolicy: "Always"
       shardGroup: shardgroup1
       shardRegion: primary
+
+ # Details of the individual shard databases     
  catalog:
-    - name: catalog
-      storageSizeInGb: 50
-      imagePullPolicy: "Always"
+    - name: catalog                                                         # Name of the Catalog database
+      storageSizeInGb: 50                                                   # Size of the Disk Storage allocated to the Shard Database pod
+      imagePullPolicy: "Always"                                             # Image Pull Policy for the Database Container Image
+
+ # Details of the GSM Pods     
  gsm:
-    - name: gsm1
-      imagePullPolicy: "Always"
-      storageSizeInGb: 50
-      region: primary
-    - name: gsm2
-      imagePullPolicy: "Always"
-      storageSizeInGb: 50
-      region: standby
+    - name: gsm1                                                            # Name of the Primary Global Service Manager
+      imagePullPolicy: "Always"                                             # Image Pull Policy for the GSM Container Image
+      storageSizeInGb: 50                                                   # Size of the Disk Storage allocated to the GSM pod
+      region: primary                                                       # Name of the Primary region for the Shard Database
+
+    - name: gsm2                                                            # Name of the Standby Global Service Manager
+      imagePullPolicy: "Always"                                             # Image Pull Policy for the GSM Container Image
+      storageSizeInGb: 50                                                   # Size of the Disk Storage allocated to the GSM pod
+      region: standby                                                       # Name of the Standby region for the Shard Database
+
+ # Kubernetes Storage Class Name
  storageClass: oci
- dbImage: container-registry.oracle.com/database/enterprise_ru:19.25.0.0
+
+ # Database Container Image to be used for Catalog and Shard Database
+ dbImage: container-registry.oracle.com/database/enterprise_ru:19.28.0.0
+
+ # Database Conrainer Image Pull Secret
  dbImagePullSecret: ocr-reg-cred
- gsmImage: container-registry.oracle.com/database/gsm_ru:19.25.0.0
+
+ # GSM Container Image to be used for GSM Pods
+ gsmImage: container-registry.oracle.com/database/gsm_ru:19.28.0.0
+
+ # GSM Conrainer Image Pull Secret
  gsmImagePullSecret: ocr-reg-cred
+ 
+ # Whether an External Load Balancer has to be configured for the Catalog, Shard and GSM Pods
  isExternalSvc: False
+
+ # If set to true, the Persistent Volumes will be deleted when the deployment for the Oracle Globally Distributed Database is deleted
  isDeleteOraPvc: True
+
+ # Details of the Database Secret 
  dbSecret:
    name: db-user-pass-rsa
    pwdFileName: pwdfile.enc
    keyFileName: key.pem
+
+ # Details of Services to be created for the Oracle Globally Distributed Database Resource
  gsmService:
    - name: oltp_rw_svc
      role: primary
diff --git a/docs/sharding/provisioning/system_sharding/ssharding_shard_prov_chunks.yaml b/docs/sharding/provisioning/system_sharding/ssharding_shard_prov_chunks.yaml
index 868e8bc1..c261a1cb 100644
--- a/docs/sharding/provisioning/system_sharding/ssharding_shard_prov_chunks.yaml
+++ b/docs/sharding/provisioning/system_sharding/ssharding_shard_prov_chunks.yaml
@@ -3,18 +3,27 @@
 # Licensed under the Universal Permissive License v 1.0 as shown at http://oss.oracle.com/licenses/upl.
 #
 ---
+# API version of the ShardingDatabase Custom Resource
 apiVersion: database.oracle.com/v4
+
+# Resource type being created
 kind: ShardingDatabase
+
+# Metadata section to define the resource's name and namespace
 metadata:
-  name: shardingdatabase-sample
-  namespace: shns
+  name: shardingdatabase-sample                                             # Name of the ShardingDatabase instance
+  namespace: shns                                                           # Kubernetes namespace to deploy into
+
+# Specs for the ShardingDatabase instance
 spec:
+
+ # Details of the individual shard databases
  shard:
-    - name: shard1
-      storageSizeInGb: 50
-      imagePullPolicy: "Always"
-      shardGroup: shardgroup1
-      shardRegion: primary
+    - name: shard1                                                          # Name of the shard database
+      storageSizeInGb: 50                                                   # Size of the Disk Storage allocated to the Shard Database pod
+      imagePullPolicy: "Always"                                             # Image Pull Policy for the Database Container Image
+      shardGroup: shardgroup1                                               # Shard Group name for the Shard Database
+      shardRegion: primary                                                  # Name of the region for the Shard Database
     - name: shard2
       storageSizeInGb: 50
       imagePullPolicy: "Always"
@@ -25,33 +34,58 @@ spec:
       imagePullPolicy: "Always"
       shardGroup: shardgroup1
       shardRegion: primary
+
+ # Details of the individual shard databases     
  catalog:
-    - name: catalog
-      storageSizeInGb: 50
-      imagePullPolicy: "Always"
+    - name: catalog                                                         # Name of the Catalog database
+      storageSizeInGb: 50                                                   # Size of the Disk Storage allocated to the Shard Database pod
+      imagePullPolicy: "Always"                                             # Image Pull Policy for the Database Container Image
+
+      # Specify the environment variables for the Catalog Database
       envVars:
-        - name:  "CATALOG_CHUNKS"
-          value: "120"
+        - name:  "CATALOG_CHUNKS"                                           # Specify variable for the the number of chunks to be configured
+          value: "120"                                                      # Specify the value of the variable
+
+ # Details of the GSM Pods     
  gsm:
-    - name: gsm1
-      imagePullPolicy: "Always"
-      storageSizeInGb: 50
-      region: primary
-    - name: gsm2
-      imagePullPolicy: "Always"
-      storageSizeInGb: 50
-      region: standby
+    - name: gsm1                                                            # Name of the Primary Global Service Manager
+      imagePullPolicy: "Always"                                             # Image Pull Policy for the GSM Container Image
+      storageSizeInGb: 50                                                   # Size of the Disk Storage allocated to the GSM pod
+      region: primary                                                       # Name of the Primary region for the Shard Database
+
+    - name: gsm2                                                            # Name of the Standby Global Service Manager
+      imagePullPolicy: "Always"                                             # Image Pull Policy for the GSM Container Image
+      storageSizeInGb: 50                                                   # Size of the Disk Storage allocated to the GSM pod
+      region: standby                                                       # Name of the Standby region for the Shard Database
+
+ # Kubernetes Storage Class Name
  storageClass: oci
- dbImage: container-registry.oracle.com/database/enterprise_ru:19.25.0.0
+
+ # Database Container Image to be used for Catalog and Shard Database
+ dbImage: container-registry.oracle.com/database/enterprise_ru:19.28.0.0
+
+ # Database Conrainer Image Pull Secret
  dbImagePullSecret: ocr-reg-cred
- gsmImage: container-registry.oracle.com/database/gsm_ru:19.25.0.0
+
+ # GSM Container Image to be used for GSM Pods
+ gsmImage: container-registry.oracle.com/database/gsm_ru:19.28.0.0
+
+ # GSM Conrainer Image Pull Secret
  gsmImagePullSecret: ocr-reg-cred
+
+ # Whether an External Load Balancer has to be configured for the Catalog, Shard and GSM Pods
  isExternalSvc: False
+
+ # If set to true, the Persistent Volumes will be deleted when the deployment for the Oracle Globally Distributed Database is deleted
  isDeleteOraPvc: True
+
+ # Details of the Database Secret 
  dbSecret:
    name: db-user-pass-rsa
    pwdFileName: pwdfile.enc
    keyFileName: key.pem
+
+ # Details of Services to be created for the Oracle Globally Distributed Database Resource
  gsmService:
    - name: oltp_rw_svc
      role: primary
diff --git a/docs/sharding/provisioning/system_sharding/ssharding_shard_prov_clone.yaml b/docs/sharding/provisioning/system_sharding/ssharding_shard_prov_clone.yaml
index 3cafeba7..6bc1917f 100644
--- a/docs/sharding/provisioning/system_sharding/ssharding_shard_prov_clone.yaml
+++ b/docs/sharding/provisioning/system_sharding/ssharding_shard_prov_clone.yaml
@@ -3,24 +3,33 @@
 # Licensed under the Universal Permissive License v 1.0 as shown at http://oss.oracle.com/licenses/upl.
 #
 ---
+# API version of the ShardingDatabase Custom Resource
 apiVersion: database.oracle.com/v4
+
+# Resource type being created
 kind: ShardingDatabase
+
+# Metadata section to define the resource's name and namespace
 metadata:
-  name: shardingdatabase-sample
-  namespace: shns
+  name: shardingdatabase-sample                                             # Name of the ShardingDatabase instance
+  namespace: shns                                                           # Kubernetes namespace to deploy into
+
+# Specs for the ShardingDatabase instance
 spec:
+
+ # Details of the individual shard databases
  shard:
-    - name: shard1
-      storageSizeInGb: 50
-      nodeSelector:
+    - name: shard1                                                          # Name of the shard database
+      storageSizeInGb: 50                                                   # Size of the Disk Storage allocated to the Shard Database pod
+      nodeSelector:                                                         # Node Selector the worker node to deploy the Pod. Worker Node with this label will be selected for the Pod.
         "failure-domain.beta.kubernetes.io/zone": "PHX-AD-1"
-      pvMatchLabels:
+      pvMatchLabels:                                                        # To specify the availability domain where the Persistent Volume will be created. It should be same as the nodeSelector.
         "failure-domain.beta.kubernetes.io/zone": "PHX-AD-1"
       pvAnnotations:
-        volume.beta.kubernetes.io/oci-volume-source: ocid1.volume.oc1.phx.abyhqljr3z3w72t6ay5eud7d5w3kdfhktfp6gwb6euy5tzwfaxgmbvwqlvsq
-      imagePullPolicy: "Always"
-      shardGroup: shardgroup1
-      shardRegion: primary
+        volume.beta.kubernetes.io/oci-volume-source: ocid1.volume.oc1.phx.abyhqljr3z3w72t6ay5eud7d5w3kdfhktfp6gwb6euy5tzwfaxgmbvwqlvsq      # Specify the OCID of the Block Volume which has the Database Gold Image      
+      imagePullPolicy: "Always"                                             # Image Pull Policy for the Database Container Image
+      shardGroup: shardgroup1                                               # Shard Group name for the Shard Database
+      shardRegion: primary                                                  # Name of the region for the Shard Database
     - name: shard2
       storageSizeInGb: 50
       nodeSelector:
@@ -28,7 +37,7 @@ spec:
       pvMatchLabels:
         "failure-domain.beta.kubernetes.io/zone": "PHX-AD-1"
       pvAnnotations:
-        volume.beta.kubernetes.io/oci-volume-source: ocid1.volume.oc1.phx.abyhqljr3z3w72t6ay5eud7d5w3kdfhktfp6gwb6euy5tzwfaxgmbvwqlvsq
+        volume.beta.kubernetes.io/oci-volume-source: ocid1.volume.oc1.phx.abyhqljr3z3w72t6ay5eud7d5w3kdfhktfp6gwb6euy5tzwfaxgmbvwqlvsq      
       imagePullPolicy: "Always"
       shardGroup: shardgroup1
       shardRegion: primary
@@ -39,43 +48,68 @@ spec:
       pvMatchLabels:
         "failure-domain.beta.kubernetes.io/zone": "PHX-AD-1"
       pvAnnotations:
-        volume.beta.kubernetes.io/oci-volume-source: ocid1.volume.oc1.phx.abyhqljr3z3w72t6ay5eud7d5w3kdfhktfp6gwb6euy5tzwfaxgmbvwqlvsq
+        volume.beta.kubernetes.io/oci-volume-source: ocid1.volume.oc1.phx.abyhqljr3z3w72t6ay5eud7d5w3kdfhktfp6gwb6euy5tzwfaxgmbvwqlvsq      
       imagePullPolicy: "Always"
       shardGroup: shardgroup1
       shardRegion: primary
+
+ # Details of the individual shard databases     
  catalog:
-    - name: catalog
-      storageSizeInGb: 50
+    - name: catalog                                                         # Name of the Catalog database
+      storageSizeInGb: 50                                                   # Size of the Disk Storage allocated to the Shard Database pod
       nodeSelector:
         "failure-domain.beta.kubernetes.io/zone": "PHX-AD-1"
       pvMatchLabels:
         "failure-domain.beta.kubernetes.io/zone": "PHX-AD-1"
       pvAnnotations:
-        volume.beta.kubernetes.io/oci-volume-source: ocid1.volume.oc1.phx.abyhqljr3z3w72t6ay5eud7d5w3kdfhktfp6gwb6euy5tzwfaxgmbvwqlvsq
-      imagePullPolicy: "Always"
+        volume.beta.kubernetes.io/oci-volume-source: ocid1.volume.oc1.phx.abyhqljr3z3w72t6ay5eud7d5w3kdfhktfp6gwb6euy5tzwfaxgmbvwqlvsq      
+      imagePullPolicy: "Always"                                             # Image Pull Policy for the Database Container Image
+
+ # Details of the GSM Pods     
  gsm:
-    - name: gsm1
-      imagePullPolicy: "Always"
-      storageSizeInGb: 50
-      region: primary
-    - name: gsm2
-      imagePullPolicy: "Always"
-      storageSizeInGb: 50
-      region: standby
+    - name: gsm1                                                            # Name of the Primary Global Service Manager
+      imagePullPolicy: "Always"                                             # Image Pull Policy for the GSM Container Image
+      storageSizeInGb: 50                                                   # Size of the Disk Storage allocated to the GSM pod
+      region: primary                                                       # Name of the Primary region for the Shard Database
+
+    - name: gsm2                                                            # Name of the Standby Global Service Manager
+      imagePullPolicy: "Always"                                             # Image Pull Policy for the GSM Container Image
+      storageSizeInGb: 50                                                   # Size of the Disk Storage allocated to the GSM pod
+      region: standby                                                       # Name of the Standby region for the Shard Database
+
+ # Kubernetes Storage Class Name
  storageClass: oci
- dbImage: container-registry.oracle.com/database/enterprise_ru:19.25.0.0
+
+ # Database Container Image to be used for Catalog and Shard Database
+ dbImage: container-registry.oracle.com/database/enterprise_ru:19.28.0.0
+
+ # Database Conrainer Image Pull Secret
  dbImagePullSecret: ocr-reg-cred
- gsmImage: container-registry.oracle.com/database/gsm_ru:19.25.0.0
+
+ # GSM Container Image to be used for GSM Pods
+ gsmImage: container-registry.oracle.com/database/gsm_ru:19.28.0.0
+
+ # GSM Conrainer Image Pull Secret
  gsmImagePullSecret: ocr-reg-cred
+
+ # Whether an External Load Balancer has to be configured for the Catalog, Shard and GSM Pods
  isExternalSvc: False
+
+ # If set to true, the Persistent Volumes will be deleted when the deployment for the Oracle Globally Distributed Database is deleted
  isDeleteOraPvc: True
- isClone: True
+
+ # To specify if Catalog and Shard Databases will be deployed by cloning from the Gold Image
+ isClone: True 
+ 
+ # Details of the Database Secret 
  dbSecret:
    name: db-user-pass-rsa
    pwdFileName: pwdfile.enc
    keyFileName: key.pem
+
+ # Details of Services to be created for the Oracle Globally Distributed Database Resource
  gsmService:
    - name: oltp_rw_svc
      role: primary
    - name: oltp_ro_svc
-     role: primary
+     role: primary
\ No newline at end of file
diff --git a/docs/sharding/provisioning/system_sharding/ssharding_shard_prov_clone_across_ads.yaml b/docs/sharding/provisioning/system_sharding/ssharding_shard_prov_clone_across_ads.yaml
index d7ec6365..c0b4760e 100644
--- a/docs/sharding/provisioning/system_sharding/ssharding_shard_prov_clone_across_ads.yaml
+++ b/docs/sharding/provisioning/system_sharding/ssharding_shard_prov_clone_across_ads.yaml
@@ -3,24 +3,33 @@
 # Licensed under the Universal Permissive License v 1.0 as shown at http://oss.oracle.com/licenses/upl.
 #
 ---
+# API version of the ShardingDatabase Custom Resource
 apiVersion: database.oracle.com/v4
+
+# Resource type being created
 kind: ShardingDatabase
+
+# Metadata section to define the resource's name and namespace
 metadata:
-  name: shardingdatabase-sample
-  namespace: shns
+  name: shardingdatabase-sample                                             # Name of the ShardingDatabase instance
+  namespace: shns                                                           # Kubernetes namespace to deploy into
+
+# Specs for the ShardingDatabase instance
 spec:
+
+ # Details of the individual shard databases
  shard:
-    - name: shard1
-      storageSizeInGb: 50
-      nodeSelector:
+    - name: shard1                                                          # Name of the shard database
+      storageSizeInGb: 50                                                   # Size of the Disk Storage allocated to the Shard Database pod
+      nodeSelector:                                                         # Node Selector the worker node to deploy the Pod. Worker Node with this label will be selected for the Pod.
         "failure-domain.beta.kubernetes.io/zone": "PHX-AD-1"
-      pvMatchLabels:
+      pvMatchLabels:                                                        # To specify the availability domain where the Persistent Volume will be created.It should be same as the nodeSelector.
         "failure-domain.beta.kubernetes.io/zone": "PHX-AD-1"
       pvAnnotations:
-        volume.beta.kubernetes.io/oci-volume-source: ocid1.volumebackup.oc1.phx.abyhqljrxtv7tu5swqb3lzc7vpzwbwzdktd2y4k2vjjy2srmgu2w7bqdftjq
-      imagePullPolicy: "Always"
-      shardGroup: shardgroup1
-      shardRegion: primary
+        volume.beta.kubernetes.io/oci-volume-source: ocid1.volumebackup.oc1.phx.abyhqljrxtv7tu5swqb3lzc7vpzwbwzdktd2y4k2vjjy2srmgu2w7bqdftjq      # Specify the OCID of the Block Volume Backup which has the Database Gold Image
+      imagePullPolicy: "Always"                                             # Image Pull Policy for the Database Container Image
+      shardGroup: shardgroup1                                               # Shard Group name for the Shard Database
+      shardRegion: primary                                                  # Name of the region for the Shard Database
     - name: shard2
       storageSizeInGb: 50
       nodeSelector:
@@ -28,7 +37,7 @@ spec:
       pvMatchLabels:
         "failure-domain.beta.kubernetes.io/zone": "PHX-AD-2"
       pvAnnotations:
-        volume.beta.kubernetes.io/oci-volume-source: ocid1.volumebackup.oc1.phx.abyhqljrxtv7tu5swqb3lzc7vpzwbwzdktd2y4k2vjjy2srmgu2w7bqdftjq
+        volume.beta.kubernetes.io/oci-volume-source: ocid1.volumebackup.oc1.phx.abyhqljrxtv7tu5swqb3lzc7vpzwbwzdktd2y4k2vjjy2srmgu2w7bqdftjq      
       imagePullPolicy: "Always"
       shardGroup: shardgroup1
       shardRegion: primary
@@ -39,51 +48,76 @@ spec:
       pvMatchLabels:
         "failure-domain.beta.kubernetes.io/zone": "PHX-AD-3"
       pvAnnotations:
-        volume.beta.kubernetes.io/oci-volume-source: ocid1.volumebackup.oc1.phx.abyhqljrxtv7tu5swqb3lzc7vpzwbwzdktd2y4k2vjjy2srmgu2w7bqdftjq
+        volume.beta.kubernetes.io/oci-volume-source: ocid1.volumebackup.oc1.phx.abyhqljrxtv7tu5swqb3lzc7vpzwbwzdktd2y4k2vjjy2srmgu2w7bqdftjq      
       imagePullPolicy: "Always"
       shardGroup: shardgroup1
       shardRegion: primary
+
+ # Details of the individual shard databases     
  catalog:
-    - name: catalog
-      storageSizeInGb: 50
+    - name: catalog                                                         # Name of the Catalog database
+      storageSizeInGb: 50                                                   # Size of the Disk Storage allocated to the Shard Database pod
       nodeSelector:
         "failure-domain.beta.kubernetes.io/zone": "PHX-AD-1"
       pvMatchLabels:
         "failure-domain.beta.kubernetes.io/zone": "PHX-AD-1"
       pvAnnotations:
-        volume.beta.kubernetes.io/oci-volume-source: ocid1.volumebackup.oc1.phx.abyhqljrxtv7tu5swqb3lzc7vpzwbwzdktd2y4k2vjjy2srmgu2w7bqdftjq
-      imagePullPolicy: "Always"
+        volume.beta.kubernetes.io/oci-volume-source: ocid1.volumebackup.oc1.phx.abyhqljrxtv7tu5swqb3lzc7vpzwbwzdktd2y4k2vjjy2srmgu2w7bqdftjq      
+      imagePullPolicy: "Always"                                             # Image Pull Policy for the Database Container Image
+
+ # Details of the GSM Pods         
  gsm:
-    - name: gsm1
-      imagePullPolicy: "Always"
-      storageSizeInGb: 50
-      region: primary
-      nodeSelector:
-        "failure-domain.beta.kubernetes.io/zone": "PHX-AD-3"
-      pvMatchLabels:
+    - name: gsm1                                                            # Name of the Primary Global Service Manager
+      imagePullPolicy: "Always"                                             # Image Pull Policy for the GSM Container Image
+      storageSizeInGb: 50                                                   # Size of the Disk Storage allocated to the GSM pod
+      region: primary                                                       # Name of the Primary region for the Shard Database
+      nodeSelector:                                                         # Node Selector the worker node to deploy the Pod. Worker Node with this label will be selected for the Pod.
         "failure-domain.beta.kubernetes.io/zone": "PHX-AD-3"
-    - name: gsm2
-      imagePullPolicy: "Always"
-      storageSizeInGb: 50
-      region: standby
+      pvMatchLabels:                                                        # To specify the availability domain where the Persistent Volume will be created. It should be same as the nodeSelector.
+        "failure-domain.beta.kubernetes.io/zone": "PHX-AD-3"      
+
+    - name: gsm2                                                            # Name of the Standby Global Service Manager
+      imagePullPolicy: "Always"                                             # Image Pull Policy for the GSM Container Image
+      storageSizeInGb: 50                                                   # Size of the Disk Storage allocated to the GSM pod
+      region: standby                                                       # Name of the Standby region for the Shard Database
       nodeSelector:
         "failure-domain.beta.kubernetes.io/zone": "PHX-AD-3"
       pvMatchLabels:
-        "failure-domain.beta.kubernetes.io/zone": "PHX-AD-3"
+        "failure-domain.beta.kubernetes.io/zone": "PHX-AD-3"      
+
+ # Kubernetes Storage Class Name
  storageClass: oci
- dbImage: container-registry.oracle.com/database/enterprise_ru:19.25.0.0
+
+ # Database Container Image to be used for Catalog and Shard Database
+ dbImage: container-registry.oracle.com/database/enterprise_ru:19.28.0.0
+
+ # Database Conrainer Image Pull Secret
  dbImagePullSecret: ocr-reg-cred
- gsmImage: container-registry.oracle.com/database/gsm_ru:19.25.0.0
+
+ # GSM Container Image to be used for GSM Pods
+ gsmImage: container-registry.oracle.com/database/gsm_ru:19.28.0.0
+
+ # GSM Conrainer Image Pull Secret
  gsmImagePullSecret: ocr-reg-cred
+
+ # Whether an External Load Balancer has to be configured for the Catalog, Shard and GSM Pods
  isExternalSvc: False
+
+ # If set to true, the Persistent Volumes will be deleted when the deployment for the Oracle Globally Distributed Database is deleted
  isDeleteOraPvc: True
- isClone: True
+
+ # To specify if Catalog and Shard Databases will be deployed by cloning from the Gold Image
+ isClone: True 
+ 
+ # Details of the Database Secret 
  dbSecret:
    name: db-user-pass-rsa
    pwdFileName: pwdfile.enc
    keyFileName: key.pem
+
+ # Details of Services to be created for the Oracle Globally Distributed Database Resource
  gsmService:
    - name: oltp_rw_svc
      role: primary
    - name: oltp_ro_svc
-     role: primary
+     role: primary
\ No newline at end of file
diff --git a/docs/sharding/provisioning/system_sharding/ssharding_shard_prov_delshard.yaml b/docs/sharding/provisioning/system_sharding/ssharding_shard_prov_delshard.yaml
index 1017a9d5..01619fd9 100644
--- a/docs/sharding/provisioning/system_sharding/ssharding_shard_prov_delshard.yaml
+++ b/docs/sharding/provisioning/system_sharding/ssharding_shard_prov_delshard.yaml
@@ -3,18 +3,27 @@
 # Licensed under the Universal Permissive License v 1.0 as shown at http://oss.oracle.com/licenses/upl.
 #
 ---
+# API version of the ShardingDatabase Custom Resource
 apiVersion: database.oracle.com/v4
+
+# Resource type being created
 kind: ShardingDatabase
+
+# Metadata section to define the resource's name and namespace
 metadata:
-  name: shardingdatabase-sample
-  namespace: shns
+  name: shardingdatabase-sample                                             # Name of the ShardingDatabase instance
+  namespace: shns                                                           # Kubernetes namespace to deploy into
+
+# Specs for the ShardingDatabase instance
 spec:
+
+ # Details of the individual shard databases
  shard:
-    - name: shard1
-      storageSizeInGb: 50
-      imagePullPolicy: "Always"
-      shardGroup: shardgroup1
-      shardRegion: primary
+    - name: shard1                                                          # Name of the shard database
+      storageSizeInGb: 50                                                   # Size of the Disk Storage allocated to the Shard Database pod
+      imagePullPolicy: "Always"                                             # Image Pull Policy for the Database Container Image
+      shardGroup: shardgroup1                                               # Shard Group name for the Shard Database
+      shardRegion: primary                                                  # Name of the region for the Shard Database
     - name: shard2
       storageSizeInGb: 50
       imagePullPolicy: "Always"
@@ -26,7 +35,7 @@ spec:
       shardGroup: shardgroup1
       shardRegion: primary
     - name: shard4
-      isDelete: enable
+      isDelete: enable                                                      # Specify this parameter "isDelete: enable" for the shard which has to be deleted during the Scale In Operation
       storageSizeInGb: 50
       imagePullPolicy: "Always"
       shardGroup: shardgroup1
@@ -36,32 +45,55 @@ spec:
       imagePullPolicy: "Always"
       shardGroup: shardgroup1
       shardRegion: primary
+
+ # Details of the individual shard databases
  catalog:
-    - name: catalog
-      storageSizeInGb: 50
-      imagePullPolicy: "Always"
+    - name: catalog                                                         # Name of the Catalog database
+      storageSizeInGb: 50                                                   # Size of the Disk Storage allocated to the Shard Database pod
+      imagePullPolicy: "Always"                                             # Image Pull Policy for the Database Container Image
+
+ # Details of the GSM Pods     
  gsm:
-    - name: gsm1
-      imagePullPolicy: "Always"
-      storageSizeInGb: 50
-      region: primary
-    - name: gsm2
-      imagePullPolicy: "Always"
-      storageSizeInGb: 50
-      region: standby
+    - name: gsm1                                                            # Name of the Primary Global Service Manager
+      imagePullPolicy: "Always"                                             # Image Pull Policy for the GSM Container Image
+      storageSizeInGb: 50                                                   # Size of the Disk Storage allocated to the GSM pod
+      region: primary                                                       # Name of the Primary region for the Shard Database
+
+    - name: gsm2                                                            # Name of the Standby Global Service Manager
+      imagePullPolicy: "Always"                                             # Image Pull Policy for the GSM Container Image
+      storageSizeInGb: 50                                                   # Size of the Disk Storage allocated to the GSM pod
+      region: standby                                                       # Name of the Standby region for the Shard Database
+
+ # Kubernetes Storage Class Name
  storageClass: oci
- dbImage: container-registry.oracle.com/database/enterprise_ru:19.25.0.0
+
+ # Database Container Image to be used for Catalog and Shard Database
+ dbImage: container-registry.oracle.com/database/enterprise_ru:19.28.0.0
+
+ # Database Conrainer Image Pull Secret
  dbImagePullSecret: ocr-reg-cred
- gsmImage: container-registry.oracle.com/database/gsm_ru:19.25.0.0
+
+ # GSM Container Image to be used for GSM Pods
+ gsmImage: container-registry.oracle.com/database/gsm_ru:19.28.0.0
+
+ # GSM Conrainer Image Pull Secret
  gsmImagePullSecret: ocr-reg-cred
+
+ # Whether an External Load Balancer has to be configured for the Catalog, Shard and GSM Pods
  isExternalSvc: False
+
+ # If set to true, the Persistent Volumes will be deleted when the deployment for the Oracle Globally Distributed Database is deleted
  isDeleteOraPvc: True
+
+ # Details of the Database Secret 
  dbSecret:
    name: db-user-pass-rsa
    pwdFileName: pwdfile.enc
    keyFileName: key.pem
+
+ # Details of Services to be created for the Oracle Globally Distributed Database Resource
  gsmService:
    - name: oltp_rw_svc
      role: primary
    - name: oltp_ro_svc
-     role: primary
+     role: primary
\ No newline at end of file
diff --git a/docs/sharding/provisioning/system_sharding/ssharding_shard_prov_extshard.yaml b/docs/sharding/provisioning/system_sharding/ssharding_shard_prov_extshard.yaml
index d23052fb..078a7858 100644
--- a/docs/sharding/provisioning/system_sharding/ssharding_shard_prov_extshard.yaml
+++ b/docs/sharding/provisioning/system_sharding/ssharding_shard_prov_extshard.yaml
@@ -3,18 +3,27 @@
 # Licensed under the Universal Permissive License v 1.0 as shown at http://oss.oracle.com/licenses/upl.
 #
 ---
+# API version of the ShardingDatabase Custom Resource
 apiVersion: database.oracle.com/v4
+
+# Resource type being created
 kind: ShardingDatabase
+
+# Metadata section to define the resource's name and namespace
 metadata:
-  name: shardingdatabase-sample
-  namespace: shns
+  name: shardingdatabase-sample                                             # Name of the ShardingDatabase instance
+  namespace: shns                                                           # Kubernetes namespace to deploy into
+
+# Specs for the ShardingDatabase instance
 spec:
+
+ # Details of the individual shard databases
  shard:
-    - name: shard1
-      storageSizeInGb: 50
-      imagePullPolicy: "Always"
-      shardGroup: shardgroup1
-      shardRegion: primary
+    - name: shard1                                                          # Name of the shard database
+      storageSizeInGb: 50                                                   # Size of the Disk Storage allocated to the Shard Database pod
+      imagePullPolicy: "Always"                                             # Image Pull Policy for the Database Container Image
+      shardGroup: shardgroup1                                               # Shard Group name for the Shard Database
+      shardRegion: primary                                                  # Name of the region for the Shard Database
     - name: shard2
       storageSizeInGb: 50
       imagePullPolicy: "Always"
@@ -25,6 +34,8 @@ spec:
       imagePullPolicy: "Always"
       shardGroup: shardgroup1
       shardRegion: primary
+
+    # Details of the Additional two shards to be added during the Scale Out Operation
     - name: shard4
       storageSizeInGb: 50
       imagePullPolicy: "Always"
@@ -34,33 +45,56 @@ spec:
       storageSizeInGb: 50
       imagePullPolicy: "Always"
       shardGroup: shardgroup1
-      shardRegion: primary
+      shardRegion: primary            
+
+ # Details of the individual shard databases     
  catalog:
-    - name: catalog
-      storageSizeInGb: 50
-      imagePullPolicy: "Always"
+    - name: catalog                                                         # Name of the Catalog database
+      storageSizeInGb: 50                                                   # Size of the Disk Storage allocated to the Shard Database pod
+      imagePullPolicy: "Always"                                             # Image Pull Policy for the Database Container Image
+
+ # Details of the GSM Pods     
  gsm:
-    - name: gsm1
-      imagePullPolicy: "Always"
-      storageSizeInGb: 50
-      region: primary
-    - name: gsm2
-      imagePullPolicy: "Always"
-      storageSizeInGb: 50
-      region: standby
+    - name: gsm1                                                            # Name of the Primary Global Service Manager
+      imagePullPolicy: "Always"                                             # Image Pull Policy for the GSM Container Image
+      storageSizeInGb: 50                                                   # Size of the Disk Storage allocated to the GSM pod
+      region: primary                                                       # Name of the Primary region for the Shard Database
+
+    - name: gsm2                                                            # Name of the Standby Global Service Manager
+      imagePullPolicy: "Always"                                             # Image Pull Policy for the GSM Container Image
+      storageSizeInGb: 50                                                   # Size of the Disk Storage allocated to the GSM pod
+      region: standby                                                       # Name of the Standby region for the Shard Database
+
+ # Kubernetes Storage Class Name
  storageClass: oci
- dbImage: container-registry.oracle.com/database/enterprise_ru:19.25.0.0
+
+ # Database Container Image to be used for Catalog and Shard Database
+ dbImage: container-registry.oracle.com/database/enterprise_ru:19.28.0.0
+
+ # Database Conrainer Image Pull Secret
  dbImagePullSecret: ocr-reg-cred
- gsmImage: container-registry.oracle.com/database/gsm_ru:19.25.0.0
+
+ # GSM Container Image to be used for GSM Pods
+ gsmImage: container-registry.oracle.com/database/gsm_ru:19.28.0.0
+
+ # GSM Conrainer Image Pull Secret
  gsmImagePullSecret: ocr-reg-cred
+
+ # Whether an External Load Balancer has to be configured for the Catalog, Shard and GSM Pods
  isExternalSvc: False
+
+ # If set to true, the Persistent Volumes will be deleted when the deployment for the Oracle Globally Distributed Database is deleted
  isDeleteOraPvc: True
+
+ # Details of the Database Secret 
  dbSecret:
    name: db-user-pass-rsa
    pwdFileName: pwdfile.enc
    keyFileName: key.pem
+
+ # Details of Services to be created for the Oracle Globally Distributed Database Resource
  gsmService:
    - name: oltp_rw_svc
      role: primary
    - name: oltp_ro_svc
-     role: primary
+     role: primary
\ No newline at end of file
diff --git a/docs/sharding/provisioning/system_sharding/ssharding_shard_prov_memory_cpu.yaml b/docs/sharding/provisioning/system_sharding/ssharding_shard_prov_memory_cpu.yaml
index 075919f7..8876084a 100644
--- a/docs/sharding/provisioning/system_sharding/ssharding_shard_prov_memory_cpu.yaml
+++ b/docs/sharding/provisioning/system_sharding/ssharding_shard_prov_memory_cpu.yaml
@@ -3,27 +3,40 @@
 # Licensed under the Universal Permissive License v 1.0 as shown at http://oss.oracle.com/licenses/upl.
 #
 ---
+# API version of the ShardingDatabase Custom Resource
 apiVersion: database.oracle.com/v4
+
+# Resource type being created
 kind: ShardingDatabase
+
+# Metadata section to define the resource's name and namespace
 metadata:
-  name: shardingdatabase-sample
-  namespace: shns
+  name: shardingdatabase-sample                                             # Name of the ShardingDatabase instance
+  namespace: shns                                                           # Kubernetes namespace to deploy into
+
+# Specs for the ShardingDatabase instance
 spec:
+
+ # Details of the individual shard databases
  shard:
-    - name: shard1
-      storageSizeInGb: 50
+    - name: shard1                                                          # Name of the shard database
+      storageSizeInGb: 50                                                   # Size of the Disk Storage allocated to the Shard Database pod
+
+      # Memory and CPU allocation for the Shard Database pod
       resources:
         requests:
           memory: "1000Mi"
           cpu: "1000m"
+
+      # SGA and PGA values for the Shard Database
       envVars:
         - name: "INIT_SGA_SIZE"
           value: "600"
         - name: "INIT_PGA_SIZE"
-          value: "400"
-      imagePullPolicy: "Always"
-      shardGroup: shardgroup1
-      shardRegion: primary
+          value: "400"      
+      imagePullPolicy: "Always"                                             # Image Pull Policy for the Database Container Image
+      shardGroup: shardgroup1                                               # Shard Group name for the Shard Database
+      shardRegion: primary                                                  # Name of the region for the Shard Database
     - name: shard2
       storageSizeInGb: 50
       resources:
@@ -34,7 +47,7 @@ spec:
         - name: "INIT_SGA_SIZE"
           value: "600"
         - name: "INIT_PGA_SIZE"
-          value: "400"
+          value: "400"      
       imagePullPolicy: "Always"
       shardGroup: shardgroup1
       shardRegion: primary
@@ -48,40 +61,65 @@ spec:
         - name: "INIT_SGA_SIZE"
           value: "600"
         - name: "INIT_PGA_SIZE"
-          value: "400"
+          value: "400"      
       imagePullPolicy: "Always"
       shardGroup: shardgroup1
       shardRegion: primary
+
+ # Details of the individual shard databases     
  catalog:
-    - name: catalog
-      storageSizeInGb: 50
+    - name: catalog                                                         # Name of the Catalog database
+      storageSizeInGb: 50                                                   # Size of the Disk Storage allocated to the Shard Database pod
+
+      # Memory and CPU allocation for the Catalog Database pod      
       resources:
         requests:
           memory: "1000Mi"
-          cpu: "1000m"
-      imagePullPolicy: "Always"
+          cpu: "1000m"      
+      imagePullPolicy: "Always"                                             # Image Pull Policy for the Database Container Image
+
+ # Details of the GSM Pods     
  gsm:
-    - name: gsm1
-      imagePullPolicy: "Always"
-      storageSizeInGb: 50
-      region: primary
-    - name: gsm2
-      imagePullPolicy: "Always"
-      storageSizeInGb: 50
-      region: standby
+    - name: gsm1                                                            # Name of the Primary Global Service Manager
+      imagePullPolicy: "Always"                                             # Image Pull Policy for the GSM Container Image
+      storageSizeInGb: 50                                                   # Size of the Disk Storage allocated to the GSM pod
+      region: primary                                                       # Name of the Primary region for the Shard Database
+
+    - name: gsm2                                                            # Name of the Standby Global Service Manager
+      imagePullPolicy: "Always"                                             # Image Pull Policy for the GSM Container Image
+      storageSizeInGb: 50                                                   # Size of the Disk Storage allocated to the GSM pod
+      region: standby                                                       # Name of the Standby region for the Shard Database
+
+ # Kubernetes Storage Class Name
  storageClass: oci
- dbImage: container-registry.oracle.com/database/enterprise_ru:19.25.0.0
+
+ # Database Container Image to be used for Catalog and Shard Database
+ dbImage: container-registry.oracle.com/database/enterprise_ru:19.28.0.0
+
+ # Database Conrainer Image Pull Secret
  dbImagePullSecret: ocr-reg-cred
- gsmImage: container-registry.oracle.com/database/gsm_ru:19.25.0.0
+
+ # GSM Container Image to be used for GSM Pods
+ gsmImage: container-registry.oracle.com/database/gsm_ru:19.28.0.0
+
+ # GSM Conrainer Image Pull Secret
  gsmImagePullSecret: ocr-reg-cred
+
+ # Whether an External Load Balancer has to be configured for the Catalog, Shard and GSM Pods
  isExternalSvc: False
+
+ # If set to true, the Persistent Volumes will be deleted when the deployment for the Oracle Globally Distributed Database is deleted
  isDeleteOraPvc: True
+
+ # Details of the Database Secret 
  dbSecret:
    name: db-user-pass-rsa
    pwdFileName: pwdfile.enc
    keyFileName: key.pem
+
+ # Details of Services to be created for the Oracle Globally Distributed Database Resource
  gsmService:
    - name: oltp_rw_svc
      role: primary
    - name: oltp_ro_svc
-     role: primary
+     role: primary
\ No newline at end of file
diff --git a/docs/sharding/provisioning/system_sharding/ssharding_shard_prov_send_notification.yaml b/docs/sharding/provisioning/system_sharding/ssharding_shard_prov_send_notification.yaml
index aea6fc7c..abda743c 100644
--- a/docs/sharding/provisioning/system_sharding/ssharding_shard_prov_send_notification.yaml
+++ b/docs/sharding/provisioning/system_sharding/ssharding_shard_prov_send_notification.yaml
@@ -3,24 +3,33 @@
 # Licensed under the Universal Permissive License v 1.0 as shown at http://oss.oracle.com/licenses/upl.
 #
 ---
+# API version of the ShardingDatabase Custom Resource
 apiVersion: database.oracle.com/v4
+
+# Resource type being created
 kind: ShardingDatabase
+
+# Metadata section to define the resource's name and namespace
 metadata:
-  name: shardingdatabase-sample
-  namespace: shns
+  name: shardingdatabase-sample                                             # Name of the ShardingDatabase instance
+  namespace: shns                                                           # Kubernetes namespace to deploy into
+
+# Specs for the ShardingDatabase instance
 spec:
+
+ # Details of the individual shard databases
  shard:
-    - name: shard1
-      storageSizeInGb: 50
-      nodeSelector:
+    - name: shard1                                                          # Name of the shard database
+      storageSizeInGb: 50                                                   # Size of the Disk Storage allocated to the Shard Database pod
+      nodeSelector:                                                         # Node Selector the worker node to deploy the Pod. Worker Node with this label will be selected for the Pod.
         "failure-domain.beta.kubernetes.io/zone": "PHX-AD-1"
-      pvMatchLabels:
+      pvMatchLabels:                                                        # To specify the availability domain where the Persistent Volume will be created. It should be same as the nodeSelector.
         "failure-domain.beta.kubernetes.io/zone": "PHX-AD-1"
       pvAnnotations:
-        volume.beta.kubernetes.io/oci-volume-source: ocid1.volumebackup.oc1.phx.abyhqljrxtv7tu5swqb3lzc7vpzwbwzdktd2y4k2vjjy2srmgu2w7bqdftjq
-      imagePullPolicy: "Always"
-      shardGroup: shardgroup1
-      shardRegion: primary
+        volume.beta.kubernetes.io/oci-volume-source: ocid1.volumebackup.oc1.phx.abyhqljrxtv7tu5swqb3lzc7vpzwbwzdktd2y4k2vjjy2srmgu2w7bqdftjq      # Specify the OCID of the Block Volume Backup which has the Database Gold Image
+      imagePullPolicy: "Always"                                             # Image Pull Policy for the Database Container Image
+      shardGroup: shardgroup1                                               # Shard Group name for the Shard Database
+      shardRegion: primary                                                  # Name of the region for the Shard Database
     - name: shard2
       storageSizeInGb: 50
       nodeSelector:
@@ -28,7 +37,7 @@ spec:
       pvMatchLabels:
         "failure-domain.beta.kubernetes.io/zone": "PHX-AD-2"
       pvAnnotations:
-        volume.beta.kubernetes.io/oci-volume-source: ocid1.volumebackup.oc1.phx.abyhqljrxtv7tu5swqb3lzc7vpzwbwzdktd2y4k2vjjy2srmgu2w7bqdftjq
+        volume.beta.kubernetes.io/oci-volume-source: ocid1.volumebackup.oc1.phx.abyhqljrxtv7tu5swqb3lzc7vpzwbwzdktd2y4k2vjjy2srmgu2w7bqdftjq      
       imagePullPolicy: "Always"
       shardGroup: shardgroup1
       shardRegion: primary
@@ -39,46 +48,74 @@ spec:
       pvMatchLabels:
         "failure-domain.beta.kubernetes.io/zone": "PHX-AD-3"
       pvAnnotations:
-        volume.beta.kubernetes.io/oci-volume-source: ocid1.volumebackup.oc1.phx.abyhqljrxtv7tu5swqb3lzc7vpzwbwzdktd2y4k2vjjy2srmgu2w7bqdftjq
+        volume.beta.kubernetes.io/oci-volume-source: ocid1.volumebackup.oc1.phx.abyhqljrxtv7tu5swqb3lzc7vpzwbwzdktd2y4k2vjjy2srmgu2w7bqdftjq      
       imagePullPolicy: "Always"
       shardGroup: shardgroup1
       shardRegion: primary
+
+ # Details of the individual shard databases     
  catalog:
-    - name: catalog
-      storageSizeInGb: 50
+    - name: catalog                                                         # Name of the Catalog database
+      storageSizeInGb: 50                                                   # Size of the Disk Storage allocated to the Shard Database pod
       nodeSelector:
         "failure-domain.beta.kubernetes.io/zone": "PHX-AD-1"
       pvMatchLabels:
         "failure-domain.beta.kubernetes.io/zone": "PHX-AD-1"
       pvAnnotations:
-        volume.beta.kubernetes.io/oci-volume-source: ocid1.volumebackup.oc1.phx.abyhqljrxtv7tu5swqb3lzc7vpzwbwzdktd2y4k2vjjy2srmgu2w7bqdftjq
-      imagePullPolicy: "Always"
+        volume.beta.kubernetes.io/oci-volume-source: ocid1.volumebackup.oc1.phx.abyhqljrxtv7tu5swqb3lzc7vpzwbwzdktd2y4k2vjjy2srmgu2w7bqdftjq      
+      imagePullPolicy: "Always"                                             # Image Pull Policy for the Database Container Image
+
+ # Details of the GSM Pods     
  gsm:
-    - name: gsm1
-      imagePullPolicy: "Always"
-      storageSizeInGb: 50
-      region: primary
-    - name: gsm2
-      imagePullPolicy: "Always"
-      storageSizeInGb: 50
-      region: standby
+    - name: gsm1                                                            # Name of the Primary Global Service Manager
+      imagePullPolicy: "Always"                                             # Image Pull Policy for the GSM Container Image
+      storageSizeInGb: 50                                                   # Size of the Disk Storage allocated to the GSM pod
+      region: primary                                                       # Name of the Primary region for the Shard Database
+
+    - name: gsm2                                                            # Name of the Standby Global Service Manager
+      imagePullPolicy: "Always"                                             # Image Pull Policy for the GSM Container Image
+      storageSizeInGb: 50                                                   # Size of the Disk Storage allocated to the GSM pod
+      region: standby                                                       # Name of the Standby region for the Shard Database
+
+ # Kubernetes Storage Class Name
  storageClass: oci
- dbImage: container-registry.oracle.com/database/enterprise_ru:19.25.0.0
+
+ # Database Container Image to be used for Catalog and Shard Database
+ dbImage: container-registry.oracle.com/database/enterprise_ru:19.28.0.0
+
+ # Database Conrainer Image Pull Secret
  dbImagePullSecret: ocr-reg-cred
- gsmImage: container-registry.oracle.com/database/gsm_ru:19.25.0.0
+
+ # GSM Container Image to be used for GSM Pods
+ gsmImage: container-registry.oracle.com/database/gsm_ru:19.28.0.0
+
+ # GSM Conrainer Image Pull Secret
  gsmImagePullSecret: ocr-reg-cred
+
+ # Whether an External Load Balancer has to be configured for the Catalog, Shard and GSM Pods
  isExternalSvc: False
+
+ # If set to true, the Persistent Volumes will be deleted when the deployment for the Oracle Globally Distributed Database is deleted
  isDeleteOraPvc: True
- isClone: True
+
+ # To specify if Catalog and Shard Databases will be deployed by cloning from the Gold Image
+ isClone: True 
+
+ # Details of the Database Secret 
  dbSecret:
    name: db-user-pass-rsa
    pwdFileName: pwdfile.enc
    keyFileName: key.pem
+
+   # Specify the configmap created with the credentials of the OCI User Account which will be used for sending the OCI Notification
    nsConfigMap: onsconfigmap
-   nsSecret: my-secret
+
+   # Specify the secret which has the privatekey for the OCI User Account to be used for sending the OCI Notification
+   nsSecret: my-secret   
+
+ # Details of Services to be created for the Oracle Globally Distributed Database Resource
  gsmService:
    - name: oltp_rw_svc
      role: primary
    - name: oltp_ro_svc
-     role: primary
-
+     role: primary
\ No newline at end of file
diff --git a/docs/sharding/provisioning/user-defined-sharding/udsharding_provisioning_with_control_on_resources.md b/docs/sharding/provisioning/user-defined-sharding/udsharding_provisioning_with_control_on_resources.md
index 638b7124..61ce6317 100644
--- a/docs/sharding/provisioning/user-defined-sharding/udsharding_provisioning_with_control_on_resources.md
+++ b/docs/sharding/provisioning/user-defined-sharding/udsharding_provisioning_with_control_on_resources.md
@@ -14,14 +14,14 @@ This example uses `udsharding_shard_prov_memory_cpu.yaml` to provision an Oracle
 * Additional tags `INIT_SGA_SIZE` and `INIT_PGA_SIZE` to control the SGA and PGA allocation at the database level
 * User Defined Sharding is specified using `shardingType: USER`
 
-In this example, we are using pre-built Oracle Database and Global Data Services container images available on [Oracle Container Registry](https://container-registry.oracle.com/)
+In this example, we are using pre-built Oracle Database and Global Data Services container images available on the [Oracle Container Registry](https://container-registry.oracle.com/)
   * To pull the above images from Oracle Container Registry, create a Kubernetes secret named `ocr-reg-cred` using your credentials with type set to `kubernetes.io/dockerconfigjson` in the namespace `shns`.
-  * If you plan to use images built by you, you need to change `dbImage` and `gsmImage` tag with the images you have built in your enviornment in file `udsharding_shard_prov_memory_cpu.yaml`.
-  * To understand the Pre-requisite of Database and Global Data Services docker images, refer [Oracle Database and Global Data Services Docker Images](../../README.md#3-oracle-database-and-global-data-services-docker-images)
-  * In case you want to use the [Oracle Database 23ai Free](https://www.oracle.com/database/free/get-started/) Image for Database and GSM, then you will need to add the additional parameter `dbEdition: "free"` to the below .yaml file.
-  * Make sure the version of `openssl` in the Oracle Database and Oracle GSM images is compatible with the `openssl` version on the machine where you will run the openssl commands to generated the encrypted password file during the deployment.
+  * If you plan to use images built by you, then you must change the `dbImage` and `gsmImage` tags with the images that you have built in your enviornment in file `udsharding_shard_prov_memory_cpu.yaml`.
+  * To understand the Database and Global Data Services Docker images prerequisites, see: [Oracle Database and Global Data Services Docker Images](../../README.md#3-oracle-database-and-global-data-services-docker-images)
+  * If you want to use the [Oracle Database 23ai Free image](https://www.oracle.com/database/free/get-started/) for Database and GSM, then you must add the additional parameter `dbEdition: "free"` to the `.yaml` file used with this procedure. 
+  * Ensure that the version of `openssl` in the Oracle Database and Oracle GSM images is compatible with the `openssl` version on the machine where you will run the openssl commands to generated the encrypted password file during the deployment.
 
-**NOTE:** For Oracle Database 23ai Free, you can control the `CPU` and `Memory` allocation of the PODs using tags `cpu` and `memory` respectively but tags `INIT_SGA_SIZE` and `INIT_PGA_SIZE` to control the SGA and PGA allocation at the database level are `not` supported.
+**NOTE:** For Oracle Database 23ai Free, you can control the `CPU` and `Memory` allocation of the PODs by using tags `cpu` and `memory` respectively, but tags `INIT_SGA_SIZE` and `INIT_PGA_SIZE` to control the SGA and PGA allocation at the database level are _not_ supported.
 
 Use the YAML file [udsharding_shard_prov_memory_cpu.yaml](./udsharding_shard_prov_memory_cpu.yaml).
 
diff --git a/docs/sharding/provisioning/user-defined-sharding/udsharding_provisioning_with_notification_using_oci_notification.md b/docs/sharding/provisioning/user-defined-sharding/udsharding_provisioning_with_notification_using_oci_notification.md
index fe1ca870..976798e2 100644
--- a/docs/sharding/provisioning/user-defined-sharding/udsharding_provisioning_with_notification_using_oci_notification.md
+++ b/docs/sharding/provisioning/user-defined-sharding/udsharding_provisioning_with_notification_using_oci_notification.md
@@ -17,7 +17,7 @@ This example uses `udsharding_shard_prov_send_notification.yaml` to provision an
 
 **NOTE:**
 
-* The notification will be sent using a configmap created with the credentials of the OCI user account in this use case.
+* The notification will be sent using a configmap created with the credentials of the OCI user account used in this procedure.
 
 We will create a topic in Notification Service of the OCI Console and use its OCID. 
 
@@ -37,7 +37,7 @@ To do this:
     kubectl create configmap onsconfigmap --from-file=./configmap_data.txt -n shns
     ```
 
-3. Create a key file `priavatekey` having the PEM key of the OCI user being used to send notification:
+3. Create a key file `privatekey` that has the PEM key of the OCI user being used to send notification:
     ```sh
     -----BEGIN PRIVATE KEY-G----
     MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQCXYxA0DJvEwtVR
@@ -62,16 +62,16 @@ To do this:
     kubectl describe secret my-secret -n shns
     ```
 
-In this example, we are using pre-built Oracle Database and Global Data Services container images available on [Oracle Container Registry](https://container-registry.oracle.com/)
-  * To pull the above images from Oracle Container Registry, create a Kubernetes secret named `ocr-reg-cred` using your credentials with type set to `kubernetes.io/dockerconfigjson` in the namespace `shns`.
-  * If you plan to use images built by you, you need to change `dbImage` and `gsmImage` tag with the images you have built in your enviornment in file `udsharding_shard_prov_send_notification.yaml`.
-  * To understand the Pre-requisite of Database and Global Data Services docker images, refer [Oracle Database and Global Data Services Docker Images](../../README.md#3-oracle-database-and-global-data-services-docker-images)
-  * In case you want to use the [Oracle Database 23ai Free](https://www.oracle.com/database/free/get-started/) Image for Database and GSM, then you will need to add the additional parameter `dbEdition: "free"` to the below .yaml file.
-  * Make sure the version of `openssl` in the Oracle Database and Oracle GSM images is compatible with the `openssl` version on the machine where you will run the openssl commands to generated the encrypted password file during the deployment.
+In this example, we are using pre-built Oracle Database and Global Data Services container images available on the [Oracle Container Registry](https://container-registry.oracle.com/)
+  * To pull these images from Oracle Container Registry, create a Kubernetes secret named `ocr-reg-cred` using your credentials with type set to `kubernetes.io/dockerconfigjson` in the namespace `shns`.
+  * If you plan to use images built by you, then you must exchanage the `dbImage` and `gsmImage` tags for the images that you have built in your enviornment in file `udsharding_shard_prov_send_notification.yaml`.
+  * To understand the Database and Global Data Services Docker images prerequisites, see: [Oracle Database and Global Data Services Docker Images](../../README.md#3-oracle-database-and-global-data-services-docker-images)
+  * If you want to use the [Oracle Database 23ai Free image](https://www.oracle.com/database/free/get-started/) for Database and GSM, then you must add the additional parameter `dbEdition: "free"` to the _.yaml_ file used in this procedure. 
+  * Ensure the version of `openssl` in the Oracle Database and Oracle GSM images is compatible with the `openssl` version on the machine where you will run the openssl commands to generated the encrypted password file during the deployment.
 
-**NOTE:** Provisioning the Sharded Database using Cloning from Database Gold Image is `NOT` supported with Oracle Database 23ai Free.
+**NOTE:** Provisioning the Sharded Database using Cloning from Database Gold Image is _not_ supported with Oracle Database 23ai Free.
 
-Use the file: [udsharding_shard_prov_send_notification.yaml](./udsharding_shard_prov_send_notification.yaml) for this use case as below:
+Use the file: [udsharding_shard_prov_send_notification.yaml](./udsharding_shard_prov_send_notification.yaml) for this use case:
 
 1. Deploy the `udsharding_shard_prov_send_notification.yaml` file:
     ```sh
diff --git a/docs/sharding/provisioning/user-defined-sharding/udsharding_provisioning_without_db_gold_image.md b/docs/sharding/provisioning/user-defined-sharding/udsharding_provisioning_without_db_gold_image.md
index b0378e04..cd187f2e 100644
--- a/docs/sharding/provisioning/user-defined-sharding/udsharding_provisioning_without_db_gold_image.md
+++ b/docs/sharding/provisioning/user-defined-sharding/udsharding_provisioning_without_db_gold_image.md
@@ -15,14 +15,14 @@ This example uses `udsharding_shard_prov.yaml` to provision an Oracle Database s
 * User Defined Sharding is specified using `shardingType: USER`
 
 
-In this example, we are using pre-built Oracle Database and Global Data Services container images available on [Oracle Container Registry](https://container-registry.oracle.com/)
-  * To pull the above images from Oracle Container Registry, create a Kubernetes secret named `ocr-reg-cred` using your credentials with type set to `kubernetes.io/dockerconfigjson` in the namespace `shns`.
-  * If you plan to use images built by you, you need to change `dbImage` and `gsmImage` tag with the images you have built in your enviornment in file `udsharding_shard_prov.yaml`.
-  * To understand the Pre-requisite of Database and Global Data Services docker images, refer [Oracle Database and Global Data Services Docker Images](../../README.md#3-oracle-database-and-global-data-services-docker-images)
-  * In case you want to use the [Oracle Database 23ai Free](https://www.oracle.com/database/free/get-started/) Image for Database and GSM, then you will need to add the additional parameter `dbEdition: "free"` to the below .yaml file.
-  * Make sure the version of `openssl` in the Oracle Database and Oracle GSM images is compatible with the `openssl` version on the machine where you will run the openssl commands to generated the encrypted password file during the deployment.
-
-Use the file: [udsharding_shard_prov.yaml](./udsharding_shard_prov.yaml) for this use case as below:
+In this example, we are using pre-built Oracle Database and Global Data Services container images available on the [Oracle Container Registry](https://container-registry.oracle.com/)
+  * To pull these images from Oracle Container Registry, create a Kubernetes secret named `ocr-reg-cred` using your credentials with type set to `kubernetes.io/dockerconfigjson` in the namespace `shns`.
+  * If you plan to use images built by you, then you must exchange the `dbImage` and `gsmImage` tags for the images that you have built in your enviornment in file `udsharding_shard_prov.yaml`.
+  * To understand the Database and Global Data Services docker images prerequisites, see: [Oracle Database and Global Data Services Docker Images](../../README.md#3-oracle-database-and-global-data-services-docker-images)
+  * If you want to use the [Oracle Database 23ai Free image](https://www.oracle.com/database/free/get-started/) for Database and GSM, then you must add the additional parameter `dbEdition: "free"` to the `.yaml` file usd in this procedure. 
+  * Ensure that the version of `openssl` in the Oracle Database and Oracle GSM images is compatible with the `openssl` version on the machine where you will run the openssl commands to generated the encrypted password file during the deployment.
+
+Use the file: [udsharding_shard_prov.yaml](./udsharding_shard_prov.yaml) for this use case:
 
 1. Deploy the `udsharding_shard_prov.yaml` file:
     ```sh
diff --git a/docs/sharding/provisioning/user-defined-sharding/udsharding_scale_in_delete_an_existing_shard.md b/docs/sharding/provisioning/user-defined-sharding/udsharding_scale_in_delete_an_existing_shard.md
index 673e455e..60a8b5c7 100644
--- a/docs/sharding/provisioning/user-defined-sharding/udsharding_scale_in_delete_an_existing_shard.md
+++ b/docs/sharding/provisioning/user-defined-sharding/udsharding_scale_in_delete_an_existing_shard.md
@@ -4,7 +4,7 @@
 
 This use case demonstrates how to delete an existing Shard from an existing Oracle Database sharding topology with User Defined Sharding provisioned using Oracle Database Sharding controller.
 
-In this use case, the existing database Sharding is having:
+In this use case, the existing database Sharding has the following:
 
 * Primary GSM Pods `gsm1` and standby GSM Pod `gsm2`
 * Five sharding Pods: `shard1`,`shard2`,`shard3`,`shard4` and `shard5`
@@ -12,24 +12,24 @@ In this use case, the existing database Sharding is having:
 * Namespace: `shns`
 * User Defined Sharding is specified using `shardingType: USER`
 
-In this example, we are using pre-built Oracle Database and Global Data Services container images available on [Oracle Container Registry](https://container-registry.oracle.com/)
-  * To pull the above images from Oracle Container Registry, create a Kubernetes secret named `ocr-reg-cred` using your credentials with type set to `kubernetes.io/dockerconfigjson` in the namespace `shns`.
-  * If you plan to use images built by you, you need to change `dbImage` and `gsmImage` tag with the images you have built in your enviornment in file `udsharding_shard_prov_delshard.yaml`.
-  * To understand the Pre-requisite of Database and Global Data Services docker images, refer [Oracle Database and Global Data Services Docker Images](../../README.md#3-oracle-database-and-global-data-services-docker-images)
-  * In case you want to use the [Oracle Database 23ai Free](https://www.oracle.com/database/free/get-started/) Image for Database and GSM, then you will need to add the additional parameter `dbEdition: "free"` to the below .yaml file.
-  * Make sure the version of `openssl` in the Oracle Database and Oracle GSM images is compatible with the `openssl` version on the machine where you will run the openssl commands to generated the encrypted password file during the deployment.
+In this example, we are using pre-built Oracle Database and Global Data Services container images available on the [Oracle Container Registry](https://container-registry.oracle.com/)
+  * To pull these images from Oracle Container Registry, create a Kubernetes secret named `ocr-reg-cred` using your credentials with type set to `kubernetes.io/dockerconfigjson` in the namespace `shns`.
+  * If you plan to use images built by you, then you need to change the `dbImage` and `gsmImage` tags with the images you have built in your enviornment in the file `udsharding_shard_prov_delshard.yaml`.
+  * To understand the Database and Global Data Services Docker images prerequisites, see: [Oracle Database and Global Data Services Docker Images](../../README.md#3-oracle-database-and-global-data-services-docker-images)
+  * If you want to use the [Oracle Database 23ai Free image](https://www.oracle.com/database/free/get-started/) for Database and GSM, then you must add the additional parameter `dbEdition: "free"` to the `.yaml` file we show in these steps. 
+  * Ensure that the version of `openssl` in the Oracle Database and Oracle GSM images is compatible with the `openssl` version on the machine where you will run the `openssl` commands to generate the encrypted password file during the deployment.
 
-**NOTE:** Use tag `isDelete: enable` to delete the shard you want.
+**NOTE:** Use the tag `isDelete: enable` to delete the shard that you want to remove.
 
-This use case deletes the shard `shard4` from the above Sharding Topology.
+This use case deletes the shard `shard4` from this Sharding Topology.
 
-Use the file: [udsharding_shard_prov_delshard.yaml](./udsharding_shard_prov_delshard.yaml) for this use case as below:
+Use the file: [udsharding_shard_prov_delshard.yaml](./udsharding_shard_prov_delshard.yaml) for this use case, as described in the following steps:
 
-1. Move out the chunks from the shard to be deleted to another shard. For example, in the current case, before deleting the `shard4`, if you want to move the chunks from `shard4` to `shard2`, then you can run the below `kubectl` command where `/u01/app/oracle/product/23ai/gsmhome_1` is the GSM HOME:
+1. Move out the chunks from the shard to be deleted to another shard. For example, in the current case, before deleting `shard4`, if you want to move the chunks from `shard4` to `shard2`, then you can run the `kubectl` command where `/u01/app/oracle/product/23ai/gsmhome_1` is the GSM HOME:
     ```sh
     kubectl exec -it pod/gsm1-0 -n shns -- /u01/app/oracle/product/23ai/gsmhome_1/bin/gdsctl "move chunk -chunk all -source shard4_shard4pdb -target shard4_shard4pdb"
     ```
-2. Confirm the shard to be deleted (`shard4` in this case) is not having any chunk using below command:
+2. To confirm that the shard that you want to be deleted (`shard4` in this case) does not have any chunks, use the following command:
     ```sh
     kubectl exec -it pod/gsm1-0 -n shns -- /u01/app/oracle/product/23ai/gsmhome_1/bin/gdsctl "config chunks"
     ```
@@ -46,12 +46,12 @@ Use the file: [udsharding_shard_prov_delshard.yaml](./udsharding_shard_prov_dels
     ```
 
 **NOTE:** 
-- After you apply `udsharding_shard_prov_delshard.yaml`, the change may not be visible immediately and it may take some time for the delete operation to complete.
-- If the shard, that you are trying to delete, is still having chunks, then the you will see message like below in the logs of the Oracle Database Operator Pod.
+- After you apply `udsharding_shard_prov_delshard.yaml`, the change may not be visible immediately. It can take some time for the delete operation to complete.
+- If the shard that you are trying to delete still contains chunks, then a message such as the following is displayed in the logs of the Oracle Database Operator Pod:
     ```sh
     INFO    controllers.database.ShardingDatabase   manual intervention required
     ```
-  In this case, you will need to first move out the chunks from the shard to be deleted using Step 2 above and then apply the file in Step 3 to delete that shard.
+  When you see that message, you are required to first move the chunks out of the shard that you want to delete using Step 2 as described above, and then apply the file in Step 3 to delete that shard.
 
 To check the status, use the following command:
   ```sh
diff --git a/docs/sharding/provisioning/user-defined-sharding/udsharding_scale_out_add_shards.md b/docs/sharding/provisioning/user-defined-sharding/udsharding_scale_out_add_shards.md
index abdc53ff..c1ec963e 100644
--- a/docs/sharding/provisioning/user-defined-sharding/udsharding_scale_out_add_shards.md
+++ b/docs/sharding/provisioning/user-defined-sharding/udsharding_scale_out_add_shards.md
@@ -4,7 +4,7 @@
 
 This use case demonstrates adding a new shard to an existing Oracle Database sharding topology with User Defined Sharding provisioned earlier using Oracle Database Sharding controller.
 
-In this use case, the existing Oracle Database sharding topology is having:
+In this use case, the existing Oracle Database sharding topology is as follows:
 
 * Primary GSM Pods `gsm1` and standby GSM Pod `gsm2`
 * Three sharding Pods: `shard1`, `shard2` and `shard3`
@@ -12,16 +12,16 @@ In this use case, the existing Oracle Database sharding topology is having:
 * Namespace: `shns`
 * User Defined Sharding is specified using `shardingType: USER`
 
-In this example, we are using pre-built Oracle Database and Global Data Services container images available on [Oracle Container Registry](https://container-registry.oracle.com/)
-  * To pull the above images from Oracle Container Registry, create a Kubernetes secret named `ocr-reg-cred` using your credentials with type set to `kubernetes.io/dockerconfigjson` in the namespace `shns`.
-  * If you plan to use images built by you, you need to change `dbImage` and `gsmImage` tag with the images you have built in your enviornment in file `udsharding_shard_prov_extshard.yaml`.
-  * To understand the Pre-requisite of Database and Global Data Services docker images, refer [Oracle Database and Global Data Services Docker Images](../../README.md#3-oracle-database-and-global-data-services-docker-images)
-  * If the existing Sharding Topology was deployed using [Oracle Database 23ai Free](https://www.oracle.com/database/free/get-started/) Image for Database and GSM, then the additional parameter `dbEdition: "free"` will be needed for the below .yaml file as well.
-  * Make sure the version of `openssl` in the Oracle Database and Oracle GSM images is compatible with the `openssl` version on the machine where you will run the openssl commands to generated the encrypted password file during the deployment.
+In this example, we are using pre-built Oracle Database and Global Data Services container images available on the [Oracle Container Registry](https://container-registry.oracle.com/)
+  * To pull these images from Oracle Container Registry, create a Kubernetes secret named `ocr-reg-cred` using your credentials with type set to `kubernetes.io/dockerconfigjson` in the namespace `shns`.
+  * If you plan to use images built by you, then you must exchange the `dbImage` and `gsmImage` tags for the images that you have built in your enviornment in file `udsharding_shard_prov_extshard.yaml`.
+  * To understand the Database and Global Data Services Docker images prerequisites, see: [Oracle Database and Global Data Services Docker Images](../../README.md#3-oracle-database-and-global-data-services-docker-images)
+  * If you want to use the [Oracle Database 23ai Free image](https://www.oracle.com/database/free/get-started/) for Database and GSM, then you must add the additional parameter `dbEdition: "free"` to the `.yaml` file used with this procedure. 
+  * Ensure the version of `openssl` in the Oracle Database and Oracle GSM images is compatible with the `openssl` version on the machine where you will run the openssl commands to generated the encrypted password file during the deployment.
 
-This use case adds two new shards `shard4`,`shard5` to above Sharding Topology.
+This use case adds two new shards `shard4`,`shard5` to the Sharding Topology.
 
-Use the file: [udsharding_shard_prov_extshard.yaml](./udsharding_shard_prov_extshard.yaml) for this use case as below:
+Use the file: [udsharding_shard_prov_extshard.yaml](./udsharding_shard_prov_extshard.yaml) for this use case:
 
 1. Deploy the `udsharding_shard_prov_extshard.yaml` file:
     ```sh
diff --git a/docs/sharding/provisioning/user-defined-sharding/udsharding_shard_prov.yaml b/docs/sharding/provisioning/user-defined-sharding/udsharding_shard_prov.yaml
index c9f20eb3..6553fdb3 100644
--- a/docs/sharding/provisioning/user-defined-sharding/udsharding_shard_prov.yaml
+++ b/docs/sharding/provisioning/user-defined-sharding/udsharding_shard_prov.yaml
@@ -3,18 +3,27 @@
 # Licensed under the Universal Permissive License v 1.0 as shown at http://oss.oracle.com/licenses/upl.
 #
 ---
+# API version of the ShardingDatabase Custom Resource
 apiVersion: database.oracle.com/v4
+
+# Resource type being created
 kind: ShardingDatabase
+
+# Metadata section to define the resource's name and namespace
 metadata:
-  name: shardingdatabase-sample
-  namespace: shns
+  name: shardingdatabase-sample                                             # Name of the ShardingDatabase instance
+  namespace: shns                                                           # Kubernetes namespace to deploy into
+
+# Specs for the ShardingDatabase instance
 spec:
+
+ # Details of the individual shard databases
  shard:
-    - name: shard1
-      storageSizeInGb: 50
-      imagePullPolicy: "Always"
-      shardSpace: sspace1
-      shardRegion: primary
+    - name: shard1                                                          # Name of the shard database
+      storageSizeInGb: 50                                                   # Size of the Disk Storage allocated to the Shard Database pod
+      imagePullPolicy: "Always"                                             # Image Pull Policy for the Database Container Image
+      shardSpace: sspace1                                                   # Shard Space name for the Shard Database with User Defined Sharding
+      shardRegion: primary                                                  # Name of the region for the Shard Database      
     - name: shard2
       storageSizeInGb: 50
       imagePullPolicy: "Always"
@@ -25,33 +34,58 @@ spec:
       imagePullPolicy: "Always"
       shardSpace: sspace3
       shardRegion: primary
+
+ # Details of the individual shard databases           
  catalog:
-    - name: catalog
-      storageSizeInGb: 50
-      imagePullPolicy: "Always"
+    - name: catalog                                                         # Name of the Catalog database
+      storageSizeInGb: 50                                                   # Size of the Disk Storage allocated to the Shard Database pod
+      imagePullPolicy: "Always"                                             # Image Pull Policy for the Database Container Image
+
+ # Details of the GSM Pods     
  gsm:
-    - name: gsm1
-      imagePullPolicy: "Always"
-      storageSizeInGb: 50
-      region: primary
-    - name: gsm2
-      imagePullPolicy: "Always"
-      storageSizeInGb: 50
-      region: standby
+    - name: gsm1                                                            # Name of the Primary Global Service Manager
+      imagePullPolicy: "Always"                                             # Image Pull Policy for the GSM Container Image
+      storageSizeInGb: 50                                                   # Size of the Disk Storage allocated to the GSM pod
+      region: primary                                                       # Name of the Primary region for the Shard Database
+
+    - name: gsm2                                                            # Name of the Standby Global Service Manager
+      imagePullPolicy: "Always"                                             # Image Pull Policy for the GSM Container Image
+      storageSizeInGb: 50                                                   # Size of the Disk Storage allocated to the GSM pod
+      region: standby                                                       # Name of the Standby region for the Shard Database
+
+ # Kubernetes Storage Class Name
  storageClass: oci
- dbImage: container-registry.oracle.com/database/enterprise_ru:19.25.0.0
+
+ # Database Container Image to be used for Catalog and Shard Database
+ dbImage: container-registry.oracle.com/database/enterprise_ru:19.28.0.0
+
+ # Database Conrainer Image Pull Secret
  dbImagePullSecret: ocr-reg-cred
- gsmImage: container-registry.oracle.com/database/gsm_ru:19.25.0.0
+
+ # GSM Container Image to be used for GSM Pods
+ gsmImage: container-registry.oracle.com/database/gsm_ru:19.28.0.0
+
+ # GSM Conrainer Image Pull Secret
  gsmImagePullSecret: ocr-reg-cred
+
+ # Type of the Sharding. By Default, it is System Sharding unless specified to be USER or NATIVE
  shardingType: USER
+
+ # Whether an External Load Balancer has to be configured for the Catalog, Shard and GSM Pods
  isExternalSvc: False
+
+ # If set to true, the Persistent Volumes will be deleted when the deployment for the Oracle Globally Distributed Database is deleted
  isDeleteOraPvc: True
+
+ # Details of the Database Secret 
  dbSecret:
    name: db-user-pass-rsa
    pwdFileName: pwdfile.enc
    keyFileName: key.pem
+
+ # Details of Services to be created for the Oracle Globally Distributed Database Resource
  gsmService:
    - name: oltp_rw_svc
      role: primary
    - name: oltp_ro_svc
-     role: primary
+     role: primary
\ No newline at end of file
diff --git a/docs/sharding/provisioning/user-defined-sharding/udsharding_shard_prov_clone.yaml b/docs/sharding/provisioning/user-defined-sharding/udsharding_shard_prov_clone.yaml
index d7e5ce78..522f6cd9 100644
--- a/docs/sharding/provisioning/user-defined-sharding/udsharding_shard_prov_clone.yaml
+++ b/docs/sharding/provisioning/user-defined-sharding/udsharding_shard_prov_clone.yaml
@@ -3,24 +3,33 @@
 # Licensed under the Universal Permissive License v 1.0 as shown at http://oss.oracle.com/licenses/upl.
 #
 ---
+# API version of the ShardingDatabase Custom Resource
 apiVersion: database.oracle.com/v4
+
+# Resource type being created
 kind: ShardingDatabase
+
+# Metadata section to define the resource's name and namespace
 metadata:
-  name: shardingdatabase-sample
-  namespace: shns
+  name: shardingdatabase-sample                                             # Name of the ShardingDatabase instance
+  namespace: shns                                                           # Kubernetes namespace to deploy into
+
+# Specs for the ShardingDatabase instance
 spec:
+
+ # Details of the individual shard databases
  shard:
-    - name: shard1
-      storageSizeInGb: 50
-      imagePullPolicy: "Always"
-      nodeSelector:
+    - name: shard1                                                          # Name of the shard database
+      storageSizeInGb: 50                                                   # Size of the Disk Storage allocated to the Shard Database pod
+      imagePullPolicy: "Always"                                             # Image Pull Policy for the Database Container Image
+      nodeSelector:                                                         # Node Selector the worker node to deploy the Pod. Worker Node with this label will be selected for the Pod.
         "failure-domain.beta.kubernetes.io/zone": "PHX-AD-1"
-      pvMatchLabels:
+      pvMatchLabels:                                                        # To specify the availability domain where the Persistent Volume will be created. It should be same as the nodeSelector.
         "failure-domain.beta.kubernetes.io/zone": "PHX-AD-1"
       pvAnnotations:
-        volume.beta.kubernetes.io/oci-volume-source: ocid1.volume.oc1.phx.abyhqljr3z3w72t6ay5eud7d5w3kdfhktfp6gwb6euy5tzwfaxgmbvwqlvsq
-      shardSpace: sspace1
-      shardRegion: primary
+        volume.beta.kubernetes.io/oci-volume-source: ocid1.volume.oc1.phx.abyhqljr3z3w72t6ay5eud7d5w3kdfhktfp6gwb6euy5tzwfaxgmbvwqlvsq      # Specify the OCID of the Block Volume which has the Database Gold Image
+      shardSpace: sspace1                                                   # Shard Space name for the Shard Database with User Defined Sharding
+      shardRegion: primary                                                  # Name of the region for the Shard Database      
     - name: shard2
       storageSizeInGb: 50
       imagePullPolicy: "Always"
@@ -40,43 +49,70 @@ spec:
       pvMatchLabels:
         "failure-domain.beta.kubernetes.io/zone": "PHX-AD-1"
       pvAnnotations:
-        volume.beta.kubernetes.io/oci-volume-source: ocid1.volume.oc1.phx.abyhqljr3z3w72t6ay5eud7d5w3kdfhktfp6gwb6euy5tzwfaxgmbvwqlvsq
+        volume.beta.kubernetes.io/oci-volume-source: ocid1.volume.oc1.phx.abyhqljr3z3w72t6ay5eud7d5w3kdfhktfp6gwb6euy5tzwfaxgmbvwqlvsq      
       shardSpace: sspace3
       shardRegion: primary
+
+ # Details of the individual shard databases           
  catalog:
-    - name: catalog
-      storageSizeInGb: 50
-      imagePullPolicy: "Always"
+    - name: catalog                                                         # Name of the Catalog database
+      storageSizeInGb: 50                                                   # Size of the Disk Storage allocated to the Shard Database pod
+      imagePullPolicy: "Always"                                             # Image Pull Policy for the Database Container Image
       nodeSelector:
         "failure-domain.beta.kubernetes.io/zone": "PHX-AD-1"
       pvMatchLabels:
         "failure-domain.beta.kubernetes.io/zone": "PHX-AD-1"
       pvAnnotations:
-        volume.beta.kubernetes.io/oci-volume-source: ocid1.volume.oc1.phx.abyhqljr3z3w72t6ay5eud7d5w3kdfhktfp6gwb6euy5tzwfaxgmbvwqlvsq
+        volume.beta.kubernetes.io/oci-volume-source: ocid1.volume.oc1.phx.abyhqljr3z3w72t6ay5eud7d5w3kdfhktfp6gwb6euy5tzwfaxgmbvwqlvsq      
+
+ # Details of the GSM Pods     
  gsm:
-    - name: gsm1
-      imagePullPolicy: "Always"
-      storageSizeInGb: 50
-      region: primary
-    - name: gsm2
-      imagePullPolicy: "Always"
-      storageSizeInGb: 50
-      region: standby
+    - name: gsm1                                                            # Name of the Primary Global Service Manager
+      imagePullPolicy: "Always"                                             # Image Pull Policy for the GSM Container Image
+      storageSizeInGb: 50                                                   # Size of the Disk Storage allocated to the GSM pod
+      region: primary                                                       # Name of the Primary region for the Shard Database
+
+    - name: gsm2                                                            # Name of the Standby Global Service Manager
+      imagePullPolicy: "Always"                                             # Image Pull Policy for the GSM Container Image
+      storageSizeInGb: 50                                                   # Size of the Disk Storage allocated to the GSM pod
+      region: standby                                                       # Name of the Standby region for the Shard Database
+
+ # Kubernetes Storage Class Name
  storageClass: oci
- dbImage: container-registry.oracle.com/database/enterprise_ru:19.25.0.0
+
+ # Database Container Image to be used for Catalog and Shard Database
+ dbImage: container-registry.oracle.com/database/enterprise_ru:19.28.0.0
+
+ # Database Conrainer Image Pull Secret
  dbImagePullSecret: ocr-reg-cred
- gsmImage: container-registry.oracle.com/database/gsm_ru:19.25.0.0
+
+ # GSM Container Image to be used for GSM Pods
+ gsmImage: container-registry.oracle.com/database/gsm_ru:19.28.0.0
+
+ # GSM Conrainer Image Pull Secret
  gsmImagePullSecret: ocr-reg-cred
+
+ # Type of the Sharding. By Default, it is System Sharding unless specified to be USER or NATIVE
  shardingType: USER
+
+ # To specify if Catalog and Shard Databases will be deployed by cloning from the Gold Image
+ isClone: True 
+
+ # Whether an External Load Balancer has to be configured for the Catalog, Shard and GSM Pods
  isExternalSvc: False
+
+ # If set to true, the Persistent Volumes will be deleted when the deployment for the Oracle Globally Distributed Database is deleted
  isDeleteOraPvc: True
- isClone: True
+
+ # Details of the Database Secret 
  dbSecret:
    name: db-user-pass-rsa
    pwdFileName: pwdfile.enc
    keyFileName: key.pem
+
+ # Details of Services to be created for the Oracle Globally Distributed Database Resource
  gsmService:
    - name: oltp_rw_svc
      role: primary
    - name: oltp_ro_svc
-     role: primary
+     role: primary
\ No newline at end of file
diff --git a/docs/sharding/provisioning/user-defined-sharding/udsharding_shard_prov_clone_across_ads.yaml b/docs/sharding/provisioning/user-defined-sharding/udsharding_shard_prov_clone_across_ads.yaml
index ae02c7fe..0fc7ed0d 100644
--- a/docs/sharding/provisioning/user-defined-sharding/udsharding_shard_prov_clone_across_ads.yaml
+++ b/docs/sharding/provisioning/user-defined-sharding/udsharding_shard_prov_clone_across_ads.yaml
@@ -3,24 +3,33 @@
 # Licensed under the Universal Permissive License v 1.0 as shown at http://oss.oracle.com/licenses/upl.
 #
 ---
+# API version of the ShardingDatabase Custom Resource
 apiVersion: database.oracle.com/v4
+
+# Resource type being created
 kind: ShardingDatabase
+
+# Metadata section to define the resource's name and namespace
 metadata:
-  name: shardingdatabase-sample
-  namespace: shns
+  name: shardingdatabase-sample                                             # Name of the ShardingDatabase instance
+  namespace: shns                                                           # Kubernetes namespace to deploy into
+
+# Specs for the ShardingDatabase instance
 spec:
+
+ # Details of the individual shard databases
  shard:
-    - name: shard1
-      storageSizeInGb: 50
-      imagePullPolicy: "Always"
-      nodeSelector:
+    - name: shard1                                                          # Name of the shard database
+      storageSizeInGb: 50                                                   # Size of the Disk Storage allocated to the Shard Database pod
+      imagePullPolicy: "Always"                                             # Image Pull Policy for the Database Container Image
+      nodeSelector:                                                         # Node Selector the worker node to deploy the Pod. Worker Node with this label will be selected for the Pod.
         "failure-domain.beta.kubernetes.io/zone": "PHX-AD-1"
-      pvMatchLabels:
+      pvMatchLabels:                                                        # To specify the availability domain where the Persistent Volume will be created. It should be same as the nodeSelector.
         "failure-domain.beta.kubernetes.io/zone": "PHX-AD-1"
       pvAnnotations:
-        volume.beta.kubernetes.io/oci-volume-source: ocid1.volumebackup.oc1.phx.abyhqljrxtv7tu5swqb3lzc7vpzwbwzdktd2y4k2vjjy2srmgu2w7bqdftjq
-      shardSpace: sspace1
-      shardRegion: primary
+        volume.beta.kubernetes.io/oci-volume-source: ocid1.volumebackup.oc1.phx.abyhqljrxtv7tu5swqb3lzc7vpzwbwzdktd2y4k2vjjy2srmgu2w7bqdftjq      # Specify the OCID of the Block Volume Backup which has the Database Gold Image
+      shardSpace: sspace1                                                   # Shard Space name for the Shard Database with User Defined Sharding
+      shardRegion: primary                                                  # Name of the region for the Shard Database      
     - name: shard2
       storageSizeInGb: 50
       imagePullPolicy: "Always"
@@ -40,51 +49,78 @@ spec:
       pvMatchLabels:
         "failure-domain.beta.kubernetes.io/zone": "PHX-AD-3"
       pvAnnotations:
-        volume.beta.kubernetes.io/oci-volume-source: ocid1.volumebackup.oc1.phx.abyhqljrxtv7tu5swqb3lzc7vpzwbwzdktd2y4k2vjjy2srmgu2w7bqdftjq
+        volume.beta.kubernetes.io/oci-volume-source: ocid1.volumebackup.oc1.phx.abyhqljrxtv7tu5swqb3lzc7vpzwbwzdktd2y4k2vjjy2srmgu2w7bqdftjq 
       shardSpace: sspace3
       shardRegion: primary
+
+ # Details of the individual shard databases           
  catalog:
-    - name: catalog
-      storageSizeInGb: 50
-      imagePullPolicy: "Always"
+    - name: catalog                                                         # Name of the Catalog database
+      storageSizeInGb: 50                                                   # Size of the Disk Storage allocated to the Shard Database pod
+      imagePullPolicy: "Always"                                             # Image Pull Policy for the Database Container Image
       nodeSelector:
         "failure-domain.beta.kubernetes.io/zone": "PHX-AD-1"
       pvMatchLabels:
         "failure-domain.beta.kubernetes.io/zone": "PHX-AD-1"
       pvAnnotations:
-        volume.beta.kubernetes.io/oci-volume-source: ocid1.volumebackup.oc1.phx.abyhqljrxtv7tu5swqb3lzc7vpzwbwzdktd2y4k2vjjy2srmgu2w7bqdftjq
+        volume.beta.kubernetes.io/oci-volume-source: ocid1.volumebackup.oc1.phx.abyhqljrxtv7tu5swqb3lzc7vpzwbwzdktd2y4k2vjjy2srmgu2w7bqdftjq    
+
+ # Details of the GSM Pods     
  gsm:
-    - name: gsm1
-      imagePullPolicy: "Always"
-      storageSizeInGb: 50
-      region: primary
-      nodeSelector:
+    - name: gsm1                                                            # Name of the Primary Global Service Manager
+      imagePullPolicy: "Always"                                             # Image Pull Policy for the GSM Container Image
+      storageSizeInGb: 50                                                   # Size of the Disk Storage allocated to the GSM pod
+      region: primary                                                       # Name of the Primary region for the Shard Database
+      nodeSelector:                                                         # Node Selector the worker node to deploy the Pod. Worker Node with this label will be selected for the Pod.
         "failure-domain.beta.kubernetes.io/zone": "PHX-AD-3"
-      pvMatchLabels:
-        "failure-domain.beta.kubernetes.io/zone": "PHX-AD-3"
-    - name: gsm2
-      imagePullPolicy: "Always"
-      storageSizeInGb: 50
-      region: standby
+      pvMatchLabels:                                                        # To specify the availability domain where the Persistent Volume will be created. It should be same as the nodeSelector.
+        "failure-domain.beta.kubernetes.io/zone": "PHX-AD-3"      
+
+    - name: gsm2                                                            # Name of the Standby Global Service Manager
+      imagePullPolicy: "Always"                                             # Image Pull Policy for the GSM Container Image
+      storageSizeInGb: 50                                                   # Size of the Disk Storage allocated to the GSM pod
+      region: standby                                                       # Name of the Standby region for the Shard Database
       nodeSelector:
         "failure-domain.beta.kubernetes.io/zone": "PHX-AD-3"
       pvMatchLabels:
         "failure-domain.beta.kubernetes.io/zone": "PHX-AD-3"
+
+ # Kubernetes Storage Class Name
  storageClass: oci
- dbImage: container-registry.oracle.com/database/enterprise_ru:19.25.0.0
+
+ # Database Container Image to be used for Catalog and Shard Database
+ dbImage: container-registry.oracle.com/database/enterprise_ru:19.28.0.0
+
+ # Database Conrainer Image Pull Secret
  dbImagePullSecret: ocr-reg-cred
- gsmImage: container-registry.oracle.com/database/gsm_ru:19.25.0.0
+
+ # GSM Container Image to be used for GSM Pods
+ gsmImage: container-registry.oracle.com/database/gsm_ru:19.28.0.0
+
+ # GSM Conrainer Image Pull Secret
  gsmImagePullSecret: ocr-reg-cred
+
+ # Type of the Sharding. By Default, it is System Sharding unless specified to be USER or NATIVE
  shardingType: USER
+
+ # To specify if Catalog and Shard Databases will be deployed by cloning from the Gold Image
+ isClone: True 
+
+ # Whether an External Load Balancer has to be configured for the Catalog, Shard and GSM Pods
  isExternalSvc: False
+
+ # If set to true, the Persistent Volumes will be deleted when the deployment for the Oracle Globally Distributed Database is deleted
  isDeleteOraPvc: True
- isClone: True
+
+ # Details of the Database Secret 
  dbSecret:
    name: db-user-pass-rsa
    pwdFileName: pwdfile.enc
    keyFileName: key.pem
+
+ # Details of Services to be created for the Oracle Globally Distributed Database Resource
  gsmService:
    - name: oltp_rw_svc
      role: primary
    - name: oltp_ro_svc
-     role: primary
+     role: primary
\ No newline at end of file
diff --git a/docs/sharding/provisioning/user-defined-sharding/udsharding_shard_prov_delshard.yaml b/docs/sharding/provisioning/user-defined-sharding/udsharding_shard_prov_delshard.yaml
index d83bf546..4f858b87 100644
--- a/docs/sharding/provisioning/user-defined-sharding/udsharding_shard_prov_delshard.yaml
+++ b/docs/sharding/provisioning/user-defined-sharding/udsharding_shard_prov_delshard.yaml
@@ -3,18 +3,27 @@
 # Licensed under the Universal Permissive License v 1.0 as shown at http://oss.oracle.com/licenses/upl.
 #
 ---
+# API version of the ShardingDatabase Custom Resource
 apiVersion: database.oracle.com/v4
+
+# Resource type being created
 kind: ShardingDatabase
+
+# Metadata section to define the resource's name and namespace
 metadata:
-  name: shardingdatabase-sample
-  namespace: shns
+  name: shardingdatabase-sample                                             # Name of the ShardingDatabase instance
+  namespace: shns                                                           # Kubernetes namespace to deploy into
+
+# Specs for the ShardingDatabase instance
 spec:
+
+ # Details of the individual shard databases
  shard:
-    - name: shard1
-      storageSizeInGb: 50
-      imagePullPolicy: "Always"
-      shardSpace: sspace1
-      shardRegion: primary
+    - name: shard1                                                          # Name of the shard database
+      storageSizeInGb: 50                                                   # Size of the Disk Storage allocated to the Shard Database pod
+      imagePullPolicy: "Always"                                             # Image Pull Policy for the Database Container Image
+      shardSpace: sspace1                                                   # Shard Space name for the Shard Database with User Defined Sharding
+      shardRegion: primary                                                  # Name of the region for the Shard Database
     - name: shard2
       storageSizeInGb: 50
       imagePullPolicy: "Always"
@@ -26,43 +35,68 @@ spec:
       shardSpace: sspace3
       shardRegion: primary
     - name: shard4
+      isDelete: enable                                                      # Specify this parameter "isDelete: enable" for the shard which has to be deleted during the Scale In Operation
       storageSizeInGb: 50
       imagePullPolicy: "Always"
       shardSpace: sspace4
       shardRegion: primary
-      isDelete: enable
     - name: shard5
       storageSizeInGb: 50
       imagePullPolicy: "Always"
       shardSpace: sspace5
       shardRegion: primary
+
+ # Details of the individual shard databases
  catalog:
-    - name: catalog
-      storageSizeInGb: 50
-      imagePullPolicy: "Always"
+    - name: catalog                                                         # Name of the Catalog database
+      storageSizeInGb: 50                                                   # Size of the Disk Storage allocated to the Shard Database pod
+      imagePullPolicy: "Always"                                             # Image Pull Policy for the Database Container Image
+
+ # Details of the GSM Pods     
  gsm:
-    - name: gsm1
-      imagePullPolicy: "Always"
-      storageSizeInGb: 50
-      region: primary
-    - name: gsm2
-      imagePullPolicy: "Always"
-      storageSizeInGb: 50
-      region: standby
+    - name: gsm1                                                            # Name of the Primary Global Service Manager
+      imagePullPolicy: "Always"                                             # Image Pull Policy for the GSM Container Image
+      storageSizeInGb: 50                                                   # Size of the Disk Storage allocated to the GSM pod
+      region: primary                                                       # Name of the Primary region for the Shard Database
+
+    - name: gsm2                                                            # Name of the Standby Global Service Manager
+      imagePullPolicy: "Always"                                             # Image Pull Policy for the GSM Container Image
+      storageSizeInGb: 50                                                   # Size of the Disk Storage allocated to the GSM pod
+      region: standby                                                       # Name of the Standby region for the Shard Database
+
+ # Kubernetes Storage Class Name
  storageClass: oci
- dbImage: container-registry.oracle.com/database/enterprise_ru:19.25.0.0
+
+ # Database Container Image to be used for Catalog and Shard Database
+ dbImage: container-registry.oracle.com/database/enterprise_ru:19.28.0.0
+
+ # Database Conrainer Image Pull Secret
  dbImagePullSecret: ocr-reg-cred
- gsmImage: container-registry.oracle.com/database/gsm_ru:19.25.0.0
+
+ # GSM Container Image to be used for GSM Pods
+ gsmImage: container-registry.oracle.com/database/gsm_ru:19.28.0.0
+
+ # GSM Conrainer Image Pull Secret
  gsmImagePullSecret: ocr-reg-cred
+
+ # Type of the Sharding. By Default, it is System Sharding unless specified to be USER or NATIVE
  shardingType: USER
+
+ # Whether an External Load Balancer has to be configured for the Catalog, Shard and GSM Pods
  isExternalSvc: False
+
+ # If set to true, the Persistent Volumes will be deleted when the deployment for the Oracle Globally Distributed Database is deleted
  isDeleteOraPvc: True
+
+ # Details of the Database Secret 
  dbSecret:
    name: db-user-pass-rsa
    pwdFileName: pwdfile.enc
    keyFileName: key.pem
+
+ # Details of Services to be created for the Oracle Globally Distributed Database Resource
  gsmService:
    - name: oltp_rw_svc
      role: primary
    - name: oltp_ro_svc
-     role: primary
+     role: primary
\ No newline at end of file
diff --git a/docs/sharding/provisioning/user-defined-sharding/udsharding_shard_prov_extshard.yaml b/docs/sharding/provisioning/user-defined-sharding/udsharding_shard_prov_extshard.yaml
index 7526feb7..0929ae89 100644
--- a/docs/sharding/provisioning/user-defined-sharding/udsharding_shard_prov_extshard.yaml
+++ b/docs/sharding/provisioning/user-defined-sharding/udsharding_shard_prov_extshard.yaml
@@ -2,18 +2,28 @@
 # Copyright (c) 2022, Oracle and/or its affiliates. 
 # Licensed under the Universal Permissive License v 1.0 as shown at http://oss.oracle.com/licenses/upl.
 #
+---
+# API version of the ShardingDatabase Custom Resource
 apiVersion: database.oracle.com/v4
+
+# Resource type being created
 kind: ShardingDatabase
+
+# Metadata section to define the resource's name and namespace
 metadata:
-  name: shardingdatabase-sample
-  namespace: shns
+  name: shardingdatabase-sample                                             # Name of the ShardingDatabase instance
+  namespace: shns                                                           # Kubernetes namespace to deploy into
+
+# Specs for the ShardingDatabase instance
 spec:
+
+ # Details of the individual shard databases
  shard:
-    - name: shard1
-      storageSizeInGb: 50
-      imagePullPolicy: "Always"
-      shardSpace: sspace1
-      shardRegion: primary
+    - name: shard1                                                          # Name of the shard database
+      storageSizeInGb: 50                                                   # Size of the Disk Storage allocated to the Shard Database pod
+      imagePullPolicy: "Always"                                             # Image Pull Policy for the Database Container Image
+      shardSpace: sspace1                                                   # Shard Space name for the Shard Database with User Defined Sharding
+      shardRegion: primary                                                  # Name of the region for the Shard Database      
     - name: shard2
       storageSizeInGb: 50
       imagePullPolicy: "Always"
@@ -24,6 +34,8 @@ spec:
       imagePullPolicy: "Always"
       shardSpace: sspace3
       shardRegion: primary
+
+    # Details of the Additional two shards to be added during the Scale Out Operation
     - name: shard4
       storageSizeInGb: 50
       imagePullPolicy: "Always"
@@ -33,34 +45,59 @@ spec:
       storageSizeInGb: 50
       imagePullPolicy: "Always"
       shardSpace: sspace5
-      shardRegion: primary
+      shardRegion: primary      
+
+ # Details of the individual shard databases           
  catalog:
-    - name: catalog
-      storageSizeInGb: 50
-      imagePullPolicy: "Always"
+    - name: catalog                                                         # Name of the Catalog database
+      storageSizeInGb: 50                                                   # Size of the Disk Storage allocated to the Shard Database pod
+      imagePullPolicy: "Always"                                             # Image Pull Policy for the Database Container Image
+
+ # Details of the GSM Pods     
  gsm:
-    - name: gsm1
-      imagePullPolicy: "Always"
-      storageSizeInGb: 50
-      region: primary
-    - name: gsm2
-      imagePullPolicy: "Always"
-      storageSizeInGb: 50
-      region: standby
+    - name: gsm1                                                            # Name of the Primary Global Service Manager
+      imagePullPolicy: "Always"                                             # Image Pull Policy for the GSM Container Image
+      storageSizeInGb: 50                                                   # Size of the Disk Storage allocated to the GSM pod
+      region: primary                                                       # Name of the Primary region for the Shard Database
+
+    - name: gsm2                                                            # Name of the Standby Global Service Manager
+      imagePullPolicy: "Always"                                             # Image Pull Policy for the GSM Container Image
+      storageSizeInGb: 50                                                   # Size of the Disk Storage allocated to the GSM pod
+      region: standby                                                       # Name of the Standby region for the Shard Database
+
+ # Kubernetes Storage Class Name
  storageClass: oci
- dbImage: container-registry.oracle.com/database/enterprise_ru:19.25.0.0
+
+ # Database Container Image to be used for Catalog and Shard Database
+ dbImage: container-registry.oracle.com/database/enterprise_ru:19.28.0.0
+
+ # Database Conrainer Image Pull Secret
  dbImagePullSecret: ocr-reg-cred
- gsmImage: container-registry.oracle.com/database/gsm_ru:19.25.0.0
+
+ # GSM Container Image to be used for GSM Pods
+ gsmImage: container-registry.oracle.com/database/gsm_ru:19.28.0.0
+
+ # GSM Conrainer Image Pull Secret
  gsmImagePullSecret: ocr-reg-cred
+
+ # Type of the Sharding. By Default, it is System Sharding unless specified to be USER or NATIVE
  shardingType: USER
+
+ # Whether an External Load Balancer has to be configured for the Catalog, Shard and GSM Pods
  isExternalSvc: False
+
+ # If set to true, the Persistent Volumes will be deleted when the deployment for the Oracle Globally Distributed Database is deleted
  isDeleteOraPvc: True
+
+ # Details of the Database Secret 
  dbSecret:
    name: db-user-pass-rsa
    pwdFileName: pwdfile.enc
    keyFileName: key.pem
+
+ # Details of Services to be created for the Oracle Globally Distributed Database Resource
  gsmService:
    - name: oltp_rw_svc
      role: primary
    - name: oltp_ro_svc
-     role: primary
+     role: primary
\ No newline at end of file
diff --git a/docs/sharding/provisioning/user-defined-sharding/udsharding_shard_prov_memory_cpu.yaml b/docs/sharding/provisioning/user-defined-sharding/udsharding_shard_prov_memory_cpu.yaml
index 8be81d39..a2b16ebb 100644
--- a/docs/sharding/provisioning/user-defined-sharding/udsharding_shard_prov_memory_cpu.yaml
+++ b/docs/sharding/provisioning/user-defined-sharding/udsharding_shard_prov_memory_cpu.yaml
@@ -3,27 +3,40 @@
 # Licensed under the Universal Permissive License v 1.0 as shown at http://oss.oracle.com/licenses/upl.
 #
 ---
+# API version of the ShardingDatabase Custom Resource
 apiVersion: database.oracle.com/v4
+
+# Resource type being created
 kind: ShardingDatabase
+
+# Metadata section to define the resource's name and namespace
 metadata:
-  name: shardingdatabase-sample
-  namespace: shns
+  name: shardingdatabase-sample                                             # Name of the ShardingDatabase instance
+  namespace: shns                                                           # Kubernetes namespace to deploy into
+
+# Specs for the ShardingDatabase instance
 spec:
+
+ # Details of the individual shard databases
  shard:
-    - name: shard1
-      storageSizeInGb: 50
+    - name: shard1                                                          # Name of the shard database
+      storageSizeInGb: 50                                                   # Size of the Disk Storage allocated to the Shard Database pod
+
+      # Memory and CPU allocation for the Shard Database pod
       resources:
         requests:
           memory: "1000Mi"
           cpu: "1000m"
+
+      # SGA and PGA values for the Shard Database          
       envVars:
         - name: "INIT_SGA_SIZE"
           value: "600"
         - name: "INIT_PGA_SIZE"
-          value: "400"
-      imagePullPolicy: "Always"
-      shardSpace: sspace1
-      shardRegion: primary
+          value: "400"      
+      imagePullPolicy: "Always"                                             # Image Pull Policy for the Database Container Image
+      shardSpace: sspace1                                                   # Shard Space name for the Shard Database with User Defined Sharding
+      shardRegion: primary                                                  # Name of the region for the Shard Database      
     - name: shard2
       storageSizeInGb: 50
       resources:
@@ -34,7 +47,7 @@ spec:
         - name: "INIT_SGA_SIZE"
           value: "600"
         - name: "INIT_PGA_SIZE"
-          value: "400"
+          value: "400"      
       imagePullPolicy: "Always"
       shardSpace: sspace2
       shardRegion: primary
@@ -48,41 +61,67 @@ spec:
         - name: "INIT_SGA_SIZE"
           value: "600"
         - name: "INIT_PGA_SIZE"
-          value: "400"
+          value: "400"      
       imagePullPolicy: "Always"
       shardSpace: sspace3
       shardRegion: primary
+
+ # Details of the individual shard databases           
  catalog:
-    - name: catalog
-      storageSizeInGb: 50
+    - name: catalog                                                         # Name of the Catalog database
+      storageSizeInGb: 50                                                   # Size of the Disk Storage allocated to the Shard Database pod
+      imagePullPolicy: "Always"                                             # Image Pull Policy for the Database Container Image
       resources:
         requests:
           memory: "1000Mi"
           cpu: "1000m"
-      imagePullPolicy: "Always"
+      imagePullPolicy: "Always"      
+
+ # Details of the GSM Pods     
  gsm:
-    - name: gsm1
-      imagePullPolicy: "Always"
-      storageSizeInGb: 50
-      region: primary
-    - name: gsm2
-      imagePullPolicy: "Always"
-      storageSizeInGb: 50
-      region: standby
+    - name: gsm1                                                            # Name of the Primary Global Service Manager
+      imagePullPolicy: "Always"                                             # Image Pull Policy for the GSM Container Image
+      storageSizeInGb: 50                                                   # Size of the Disk Storage allocated to the GSM pod
+      region: primary                                                       # Name of the Primary region for the Shard Database
+
+    - name: gsm2                                                            # Name of the Standby Global Service Manager
+      imagePullPolicy: "Always"                                             # Image Pull Policy for the GSM Container Image
+      storageSizeInGb: 50                                                   # Size of the Disk Storage allocated to the GSM pod
+      region: standby                                                       # Name of the Standby region for the Shard Database
+
+ # Kubernetes Storage Class Name
  storageClass: oci
- dbImage: container-registry.oracle.com/database/enterprise_ru:19.25.0.0
+
+ # Database Container Image to be used for Catalog and Shard Database
+ dbImage: container-registry.oracle.com/database/enterprise_ru:19.28.0.0
+
+ # Database Conrainer Image Pull Secret
  dbImagePullSecret: ocr-reg-cred
- gsmImage: container-registry.oracle.com/database/gsm_ru:19.25.0.0
+
+ # GSM Container Image to be used for GSM Pods
+ gsmImage: container-registry.oracle.com/database/gsm_ru:19.28.0.0
+
+ # GSM Conrainer Image Pull Secret
  gsmImagePullSecret: ocr-reg-cred
+
+ # Type of the Sharding. By Default, it is System Sharding unless specified to be USER or NATIVE
  shardingType: USER
+
+ # Whether an External Load Balancer has to be configured for the Catalog, Shard and GSM Pods
  isExternalSvc: False
+
+ # If set to true, the Persistent Volumes will be deleted when the deployment for the Oracle Globally Distributed Database is deleted
  isDeleteOraPvc: True
+
+ # Details of the Database Secret 
  dbSecret:
    name: db-user-pass-rsa
    pwdFileName: pwdfile.enc
    keyFileName: key.pem
+
+ # Details of Services to be created for the Oracle Globally Distributed Database Resource
  gsmService:
    - name: oltp_rw_svc
      role: primary
    - name: oltp_ro_svc
-     role: primary
+     role: primary
\ No newline at end of file
diff --git a/docs/sharding/provisioning/user-defined-sharding/udsharding_shard_prov_send_notification.yaml b/docs/sharding/provisioning/user-defined-sharding/udsharding_shard_prov_send_notification.yaml
index 4dda6db9..163e77b8 100644
--- a/docs/sharding/provisioning/user-defined-sharding/udsharding_shard_prov_send_notification.yaml
+++ b/docs/sharding/provisioning/user-defined-sharding/udsharding_shard_prov_send_notification.yaml
@@ -3,24 +3,33 @@
 # Licensed under the Universal Permissive License v 1.0 as shown at http://oss.oracle.com/licenses/upl.
 #
 ---
+# API version of the ShardingDatabase Custom Resource
 apiVersion: database.oracle.com/v4
+
+# Resource type being created
 kind: ShardingDatabase
+
+# Metadata section to define the resource's name and namespace
 metadata:
-  name: shardingdatabase-sample
-  namespace: shns
+  name: shardingdatabase-sample                                             # Name of the ShardingDatabase instance
+  namespace: shns                                                           # Kubernetes namespace to deploy into
+
+# Specs for the ShardingDatabase instance
 spec:
+
+ # Details of the individual shard databases
  shard:
-    - name: shard1
-      storageSizeInGb: 50
-      imagePullPolicy: "Always"
-      nodeSelector:
+    - name: shard1                                                          # Name of the shard database
+      storageSizeInGb: 50                                                   # Size of the Disk Storage allocated to the Shard Database pod
+      imagePullPolicy: "Always"                                             # Image Pull Policy for the Database Container Image
+      nodeSelector:                                                         # Node Selector the worker node to deploy the Pod. Worker Node with this label will be selected for the Pod.
         "failure-domain.beta.kubernetes.io/zone": "PHX-AD-1"
-      pvMatchLabels:
+      pvMatchLabels:                                                        # To specify the availability domain where the Persistent Volume will be created. It should be same as the nodeSelector.
         "failure-domain.beta.kubernetes.io/zone": "PHX-AD-1"
       pvAnnotations:
-        volume.beta.kubernetes.io/oci-volume-source: ocid1.volumebackup.oc1.phx.abyhqljrxtv7tu5swqb3lzc7vpzwbwzdktd2y4k2vjjy2srmgu2w7bqdftjq
-      shardSpace: sspace1
-      shardRegion: primary
+        volume.beta.kubernetes.io/oci-volume-source: ocid1.volumebackup.oc1.phx.abyhqljrxtv7tu5swqb3lzc7vpzwbwzdktd2y4k2vjjy2srmgu2w7bqdftjq      # Specify the OCID of the Block Volume Backup which has the Database Gold Image
+      shardSpace: sspace1                                                   # Shard Space name for the Shard Database with User Defined Sharding
+      shardRegion: primary                                                  # Name of the region for the Shard Database      
     - name: shard2
       storageSizeInGb: 50
       imagePullPolicy: "Always"
@@ -40,45 +49,84 @@ spec:
       pvMatchLabels:
         "failure-domain.beta.kubernetes.io/zone": "PHX-AD-3"
       pvAnnotations:
-        volume.beta.kubernetes.io/oci-volume-source: ocid1.volumebackup.oc1.phx.abyhqljrxtv7tu5swqb3lzc7vpzwbwzdktd2y4k2vjjy2srmgu2w7bqdftjq
+        volume.beta.kubernetes.io/oci-volume-source: ocid1.volumebackup.oc1.phx.abyhqljrxtv7tu5swqb3lzc7vpzwbwzdktd2y4k2vjjy2srmgu2w7bqdftjq 
       shardSpace: sspace3
       shardRegion: primary
+
+ # Details of the individual shard databases           
  catalog:
-    - name: catalog
-      storageSizeInGb: 50
-      imagePullPolicy: "Always"
+    - name: catalog                                                         # Name of the Catalog database
+      storageSizeInGb: 50                                                   # Size of the Disk Storage allocated to the Shard Database pod
+      imagePullPolicy: "Always"                                             # Image Pull Policy for the Database Container Image
       nodeSelector:
         "failure-domain.beta.kubernetes.io/zone": "PHX-AD-1"
       pvMatchLabels:
         "failure-domain.beta.kubernetes.io/zone": "PHX-AD-1"
       pvAnnotations:
-        volume.beta.kubernetes.io/oci-volume-source: ocid1.volumebackup.oc1.phx.abyhqljrxtv7tu5swqb3lzc7vpzwbwzdktd2y4k2vjjy2srmgu2w7bqdftjq
+        volume.beta.kubernetes.io/oci-volume-source: ocid1.volumebackup.oc1.phx.abyhqljrxtv7tu5swqb3lzc7vpzwbwzdktd2y4k2vjjy2srmgu2w7bqdftjq    
+
+ # Details of the GSM Pods     
  gsm:
-    - name: gsm1
-      imagePullPolicy: "Always"
-      storageSizeInGb: 50
-      region: primary
-    - name: gsm2
-      imagePullPolicy: "Always"
-      storageSizeInGb: 50
-      region: standby
+    - name: gsm1                                                            # Name of the Primary Global Service Manager
+      imagePullPolicy: "Always"                                             # Image Pull Policy for the GSM Container Image
+      storageSizeInGb: 50                                                   # Size of the Disk Storage allocated to the GSM pod
+      region: primary                                                       # Name of the Primary region for the Shard Database
+      nodeSelector:                                                         # Node Selector the worker node to deploy the Pod. Worker Node with this label will be selected for the Pod.
+        "failure-domain.beta.kubernetes.io/zone": "PHX-AD-3"
+      pvMatchLabels:                                                        # To specify the availability domain where the Persistent Volume will be created. It should be same as the nodeSelector.
+        "failure-domain.beta.kubernetes.io/zone": "PHX-AD-3"      
+
+    - name: gsm2                                                            # Name of the Standby Global Service Manager
+      imagePullPolicy: "Always"                                             # Image Pull Policy for the GSM Container Image
+      storageSizeInGb: 50                                                   # Size of the Disk Storage allocated to the GSM pod
+      region: standby                                                       # Name of the Standby region for the Shard Database
+      nodeSelector:
+        "failure-domain.beta.kubernetes.io/zone": "PHX-AD-3"
+      pvMatchLabels:
+        "failure-domain.beta.kubernetes.io/zone": "PHX-AD-3"
+
+ # Kubernetes Storage Class Name
  storageClass: oci
- dbImage: container-registry.oracle.com/database/enterprise_ru:19.25.0.0
+
+ # Database Container Image to be used for Catalog and Shard Database
+ dbImage: container-registry.oracle.com/database/enterprise_ru:19.28.0.0
+
+ # Database Conrainer Image Pull Secret
  dbImagePullSecret: ocr-reg-cred
- gsmImage: container-registry.oracle.com/database/gsm_ru:19.25.0.0
+
+ # GSM Container Image to be used for GSM Pods
+ gsmImage: container-registry.oracle.com/database/gsm_ru:19.28.0.0
+
+ # GSM Conrainer Image Pull Secret
  gsmImagePullSecret: ocr-reg-cred
+
+ # Type of the Sharding. By Default, it is System Sharding unless specified to be USER or NATIVE
  shardingType: USER
+
+ # To specify if Catalog and Shard Databases will be deployed by cloning from the Gold Image
+ isClone: True 
+
+ # Whether an External Load Balancer has to be configured for the Catalog, Shard and GSM Pods
  isExternalSvc: False
+
+ # If set to true, the Persistent Volumes will be deleted when the deployment for the Oracle Globally Distributed Database is deleted
  isDeleteOraPvc: True
- isClone: True
+
+ # Details of the Database Secret 
  dbSecret:
    name: db-user-pass-rsa
    pwdFileName: pwdfile.enc
    keyFileName: key.pem
+
+   # Specify the configmap created with the credentials of the OCI User Account which will be used for sending the OCI Notification
    nsConfigMap: onsconfigmap
-   nsSecret: my-secret
+
+   # Specify the secret which has the privatekey for the OCI User Account to be used for sending the OCI Notification
+   nsSecret: my-secret   
+
+ # Details of Services to be created for the Oracle Globally Distributed Database Resource
  gsmService:
    - name: oltp_rw_svc
      role: primary
    - name: oltp_ro_svc
-     role: primary
+     role: primary
\ No newline at end of file
diff --git a/docs/sidb/README.md b/docs/sidb/README.md
index 35f42f22..e1bc6148 100644
--- a/docs/sidb/README.md
+++ b/docs/sidb/README.md
@@ -649,10 +649,10 @@ The following table depicts the fail over matrix for any destructive operation t
 - If the `ReadWriteMany` access mode is used, then all the replicas will be distributed on different nodes. For this reason, Oracle recommends that you have replicas more than or equal to the number of the nodes, because the database image is downloaded on all those nodes. This is beneficial in quick cold fail-over scenario (when the active pod dies) as the image would already be available on that node.
 
 #### Database Pod Resource Management
-When creating a Single Instance Database, you can specify the CPU and memory resources needed by the database pod. These specified resources are passed to the `kube-scheduler` so that the pod is scheduled on one of the pods that has the required resources available. To use database pod resource management, specify values for the `resources` attributes in the [`config/samples/sidb/singleinstancedatabase.yaml`](../../config/samples/sidb/singleinstancedatabase.yaml) file, and apply it.
-
-#### Database Pod Resource Management
-When creating a Single Instance Database you can specify the cpu and memory resources needed by the database pod. These specified resources are passed to the `kube-scheduler` so that the pod gets scheduled on one of the pods that has the required resources available. To use database pod resource management specify values for the `resources` attributes in the [config/samples/sidb/singleinstancedatabase.yaml](../../config/samples/sidb/singleinstancedatabase.yaml) file, and apply it.
+When creating a Single Instance Database you can specify the cpu and memory resources needed by the database pod. These specified resources are passed to the `kube-scheduler` so that the pod gets scheduled on one of the nodes that has the required resources available. To use database pod resource management specify values for the `resources` attributes in the [config/samples/sidb/singleinstancedatabase.yaml](../../config/samples/sidb/singleinstancedatabase.yaml) file, and apply it.
+For Enterprise Edition, the recommended values are:
+cpu="2"
+memory="16Gi"
 
 #### Setup Database with LoadBalancer
 For the Single Instance Database, the default service is the `NodePort` service. You can enable the `LoadBalancer` service by using the `kubectl patch` command.
diff --git a/go.mod b/go.mod
index 863f2e99..1c9c56ec 100644
--- a/go.mod
+++ b/go.mod
@@ -1,106 +1,120 @@
 module github.com/oracle/oracle-database-operator
 
-go 1.23.3
+go 1.25.1
 
 require (
-	github.com/go-logr/logr v1.4.2
-	github.com/onsi/ginkgo/v2 v2.20.2
-	github.com/onsi/gomega v1.34.2
-	github.com/oracle/oci-go-sdk/v65 v65.77.1
-	github.com/prometheus-operator/prometheus-operator/pkg/apis/monitoring v0.78.2
-	go.uber.org/zap v1.26.0
-	golang.org/x/text v0.19.0
-	gopkg.in/yaml.v3 v3.0.1
-	k8s.io/api v0.31.3
-	k8s.io/apimachinery v0.31.3
-	k8s.io/cli-runtime v0.31.3
-	k8s.io/client-go v0.31.3
-	k8s.io/kubectl v0.31.3
-	sigs.k8s.io/controller-runtime v0.19.3
-	sigs.k8s.io/yaml v1.4.0
+	github.com/go-logr/logr v1.4.3
+	github.com/onsi/ginkgo/v2 v2.25.2
+	github.com/onsi/gomega v1.38.2
+	github.com/oracle/oci-go-sdk/v65 v65.99.1
+	github.com/prometheus-operator/prometheus-operator/pkg/apis/monitoring v0.85.0
+	go.uber.org/zap v1.27.0
+	golang.org/x/text v0.29.0
+	k8s.io/api v0.34.1
+	k8s.io/apimachinery v0.34.1
+	k8s.io/cli-runtime v0.34.1
+	k8s.io/client-go v0.34.1
+	k8s.io/kubectl v0.34.1
+	k8s.io/utils v0.0.0-20250604170112-4c0f3b243397 // indirect
+	sigs.k8s.io/controller-runtime v0.22.1
+	sigs.k8s.io/yaml v1.6.0
 )
 
 require (
-	github.com/Azure/go-ansiterm v0.0.0-20210617225240-d185dfc1b5a1 // indirect
+	github.com/Azure/go-ansiterm v0.0.0-20250102033503-faa5f7b0171c // indirect
 	github.com/MakeNowJust/heredoc v1.0.0 // indirect
+	github.com/Masterminds/semver/v3 v3.4.0 // indirect
 	github.com/beorn7/perks v1.0.1 // indirect
 	github.com/blang/semver/v4 v4.0.0 // indirect
 	github.com/cespare/xxhash/v2 v2.3.0 // indirect
-	github.com/chai2010/gettext-go v1.0.2 // indirect
+	github.com/chai2010/gettext-go v1.0.3 // indirect
 	github.com/davecgh/go-spew v1.1.2-0.20180830191138-d8f796af33cc // indirect
-	github.com/emicklei/go-restful/v3 v3.11.0 // indirect
+	github.com/emicklei/go-restful/v3 v3.13.0 // indirect
 	github.com/evanphx/json-patch v5.6.0+incompatible // indirect
-	github.com/evanphx/json-patch/v5 v5.9.0 // indirect
-	github.com/exponent-io/jsonpath v0.0.0-20151013193312-d6023ce2651d // indirect
+	github.com/evanphx/json-patch/v5 v5.9.11 // indirect
+	github.com/exponent-io/jsonpath v0.0.0-20210407135951-1de76d718b3f // indirect
 	github.com/fatih/camelcase v1.0.0 // indirect
-	github.com/fxamacker/cbor/v2 v2.7.0 // indirect
-	github.com/go-errors/errors v1.4.2 // indirect
+	github.com/fsnotify/fsnotify v1.9.0 // indirect
+	github.com/fxamacker/cbor/v2 v2.9.0 // indirect
+	github.com/go-errors/errors v1.5.1 // indirect
 	github.com/go-logr/zapr v1.3.0 // indirect
-	github.com/go-openapi/jsonpointer v0.19.6 // indirect
-	github.com/go-openapi/jsonreference v0.20.2 // indirect
-	github.com/go-openapi/swag v0.22.4 // indirect
+	github.com/go-openapi/jsonpointer v0.22.0 // indirect
+	github.com/go-openapi/jsonreference v0.21.1 // indirect
+	github.com/go-openapi/swag v0.24.1 // indirect
+	github.com/go-openapi/swag/cmdutils v0.24.0 // indirect
+	github.com/go-openapi/swag/conv v0.24.0 // indirect
+	github.com/go-openapi/swag/fileutils v0.24.0 // indirect
+	github.com/go-openapi/swag/jsonname v0.24.0 // indirect
+	github.com/go-openapi/swag/jsonutils v0.24.0 // indirect
+	github.com/go-openapi/swag/loading v0.24.0 // indirect
+	github.com/go-openapi/swag/mangling v0.24.0 // indirect
+	github.com/go-openapi/swag/netutils v0.24.0 // indirect
+	github.com/go-openapi/swag/stringutils v0.24.0 // indirect
+	github.com/go-openapi/swag/typeutils v0.24.0 // indirect
+	github.com/go-openapi/swag/yamlutils v0.24.0 // indirect
 	github.com/go-task/slim-sprig/v3 v3.0.0 // indirect
-	github.com/gofrs/flock v0.8.1 // indirect
+	github.com/gofrs/flock v0.12.1 // indirect
 	github.com/gogo/protobuf v1.3.2 // indirect
-	github.com/golang/groupcache v0.0.0-20210331224755-41bb18bfe9da // indirect
-	github.com/golang/protobuf v1.5.4 // indirect
-	github.com/google/btree v1.0.1 // indirect
-	github.com/google/gnostic-models v0.6.8 // indirect
-	github.com/google/go-cmp v0.6.0 // indirect
-	github.com/google/gofuzz v1.2.0 // indirect
-	github.com/google/pprof v0.0.0-20240827171923-fa2c70bbbfe5 // indirect
-	github.com/google/shlex v0.0.0-20191202100458-e7afc7fbc510 // indirect
+	github.com/google/btree v1.1.3 // indirect
+	github.com/google/gnostic-models v0.7.0 // indirect
+	github.com/google/go-cmp v0.7.0 // indirect
+	github.com/google/pprof v0.0.0-20250903194437-c28834ac2320 // indirect
 	github.com/google/uuid v1.6.0 // indirect
-	github.com/gorilla/websocket v1.5.0 // indirect
-	github.com/gregjones/httpcache v0.0.0-20180305231024-9cad4c3443a7 // indirect
-	github.com/imdario/mergo v0.3.6 // indirect
+	github.com/gorilla/websocket v1.5.4-0.20250319132907-e064f32e3674 // indirect
+	github.com/grafana/regexp v0.0.0-20240518133315-a468a5bfb3bc // indirect
+	github.com/gregjones/httpcache v0.0.0-20190611155906-901d90724c79 // indirect
 	github.com/inconshreveable/mousetrap v1.1.0 // indirect
 	github.com/josharian/intern v1.0.0 // indirect
 	github.com/json-iterator/go v1.1.12 // indirect
 	github.com/liggitt/tabwriter v0.0.0-20181228230101-89fcab3d43de // indirect
-	github.com/mailru/easyjson v0.7.7 // indirect
+	github.com/mailru/easyjson v0.9.0 // indirect
 	github.com/mitchellh/go-wordwrap v1.0.1 // indirect
-	github.com/moby/spdystream v0.4.0 // indirect
-	github.com/moby/term v0.5.0 // indirect
+	github.com/moby/spdystream v0.5.0 // indirect
+	github.com/moby/term v0.5.2 // indirect
 	github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd // indirect
-	github.com/modern-go/reflect2 v1.0.2 // indirect
+	github.com/modern-go/reflect2 v1.0.3-0.20250322232337-35a7c28c31ee // indirect
 	github.com/monochromegane/go-gitignore v0.0.0-20200626010858-205db1a8cc00 // indirect
 	github.com/munnerz/goautoneg v0.0.0-20191010083416-a7dc8b61c822 // indirect
 	github.com/mxk/go-flowrate v0.0.0-20140419014527-cca7078d478f // indirect
 	github.com/peterbourgon/diskv v2.0.1+incompatible // indirect
-	github.com/pkg/errors v0.9.1 // indirect
-	github.com/prometheus/client_golang v1.19.1 // indirect
-	github.com/prometheus/client_model v0.6.1 // indirect
-	github.com/prometheus/common v0.55.0 // indirect
-	github.com/prometheus/procfs v0.15.1 // indirect
+	github.com/pmezard/go-difflib v1.0.0 // indirect
+	github.com/prometheus/client_golang v1.23.0 // indirect
+	github.com/prometheus/client_model v0.6.2 // indirect
+	github.com/prometheus/common v0.66.0 // indirect
+	github.com/prometheus/procfs v0.17.0 // indirect
 	github.com/russross/blackfriday/v2 v2.1.0 // indirect
-	github.com/sony/gobreaker v0.5.0 // indirect
-	github.com/spf13/cobra v1.8.1 // indirect
-	github.com/spf13/pflag v1.0.5 // indirect
+	github.com/sony/gobreaker v1.0.0 // indirect
+	github.com/spf13/cobra v1.10.1 // indirect
+	github.com/spf13/pflag v1.0.10 // indirect
 	github.com/x448/float16 v0.8.4 // indirect
 	github.com/xlab/treeprint v1.2.0 // indirect
-	go.starlark.net v0.0.0-20230525235612-a134d8f9ddca // indirect
+	github.com/youmark/pkcs8 v0.0.0-20240726163527-a2c0da244d78 // indirect
+	go.uber.org/automaxprocs v1.6.0 // indirect
 	go.uber.org/multierr v1.11.0 // indirect
-	golang.org/x/exp v0.0.0-20240719175910-8a7402abbf56 // indirect
-	golang.org/x/net v0.29.0 // indirect
-	golang.org/x/oauth2 v0.21.0 // indirect
-	golang.org/x/sync v0.8.0 // indirect
-	golang.org/x/sys v0.25.0 // indirect
-	golang.org/x/term v0.24.0 // indirect
-	golang.org/x/time v0.3.0 // indirect
-	golang.org/x/tools v0.24.0 // indirect
-	gomodules.xyz/jsonpatch/v2 v2.4.0 // indirect
-	google.golang.org/protobuf v1.34.2 // indirect
-	gopkg.in/evanphx/json-patch.v4 v4.12.0 // indirect
+	go.yaml.in/yaml/v2 v2.4.2 // indirect
+	go.yaml.in/yaml/v3 v3.0.4 // indirect
+	golang.org/x/crypto v0.41.0 // indirect
+	golang.org/x/net v0.43.0 // indirect
+	golang.org/x/oauth2 v0.30.0 // indirect
+	golang.org/x/sync v0.17.0 // indirect
+	golang.org/x/sys v0.35.0 // indirect
+	golang.org/x/term v0.34.0 // indirect
+	golang.org/x/time v0.12.0 // indirect
+	golang.org/x/tools v0.36.0 // indirect
+	gomodules.xyz/jsonpatch/v2 v2.5.0 // indirect
+	google.golang.org/protobuf v1.36.8 // indirect
+	gopkg.in/evanphx/json-patch.v4 v4.13.0 // indirect
 	gopkg.in/inf.v0 v0.9.1 // indirect
 	gopkg.in/yaml.v2 v2.4.0 // indirect
-	k8s.io/apiextensions-apiserver v0.31.2 // indirect
-	k8s.io/component-base v0.31.3 // indirect
+	gopkg.in/yaml.v3 v3.0.1 // indirect
+	k8s.io/apiextensions-apiserver v0.34.0 // indirect
+	k8s.io/component-base v0.34.1 // indirect
+	k8s.io/component-helpers v0.34.1 // indirect
 	k8s.io/klog/v2 v2.130.1 // indirect
-	k8s.io/kube-openapi v0.0.0-20240228011516-70dd3763d340 // indirect
-	k8s.io/utils v0.0.0-20240902221715-702e33fdd3c3 // indirect
-	sigs.k8s.io/json v0.0.0-20221116044647-bc3834ca7abd // indirect
-	sigs.k8s.io/kustomize/api v0.17.2 // indirect
-	sigs.k8s.io/kustomize/kyaml v0.17.1 // indirect
-	sigs.k8s.io/structured-merge-diff/v4 v4.4.1 // indirect
+	k8s.io/kube-openapi v0.0.0-20250902184714-7fc278399c7f // indirect
+	sigs.k8s.io/json v0.0.0-20250730193827-2d320260d730 // indirect
+	sigs.k8s.io/kustomize/api v0.20.1 // indirect
+	sigs.k8s.io/kustomize/kyaml v0.20.1 // indirect
+	sigs.k8s.io/randfill v1.0.0 // indirect
+	sigs.k8s.io/structured-merge-diff/v6 v6.3.0 // indirect
 )
diff --git a/go.sum b/go.sum
index d23debb8..ec9b90c0 100644
--- a/go.sum
+++ b/go.sum
@@ -1,107 +1,101 @@
-cloud.google.com/go v0.26.0/go.mod h1:aQUYkXzVsufM+DwF1aE+0xfcU+56JwCaLick0ClmMTw=
-github.com/Azure/go-ansiterm v0.0.0-20210617225240-d185dfc1b5a1 h1:UQHMgLO+TxOElx5B5HZ4hJQsoJ/PvUvKRhJHDQXO8P8=
-github.com/Azure/go-ansiterm v0.0.0-20210617225240-d185dfc1b5a1/go.mod h1:xomTg63KZ2rFqZQzSB4Vz2SUXa1BpHTVz9L5PTmPC4E=
-github.com/BurntSushi/toml v0.3.1/go.mod h1:xHWCNGjB5oqiDr8zfno3MHue2Ht5sIBksp03qcyfWMU=
+github.com/Azure/go-ansiterm v0.0.0-20250102033503-faa5f7b0171c h1:udKWzYgxTojEKWjV8V+WSxDXJ4NFATAsZjh8iIbsQIg=
+github.com/Azure/go-ansiterm v0.0.0-20250102033503-faa5f7b0171c/go.mod h1:xomTg63KZ2rFqZQzSB4Vz2SUXa1BpHTVz9L5PTmPC4E=
 github.com/MakeNowJust/heredoc v1.0.0 h1:cXCdzVdstXyiTqTvfqk9SDHpKNjxuom+DOlyEeQ4pzQ=
 github.com/MakeNowJust/heredoc v1.0.0/go.mod h1:mG5amYoWBHf8vpLOuehzbGGw0EHxpZZ6lCpQ4fNJ8LE=
+github.com/Masterminds/semver/v3 v3.4.0 h1:Zog+i5UMtVoCU8oKka5P7i9q9HgrJeGzI9SA1Xbatp0=
+github.com/Masterminds/semver/v3 v3.4.0/go.mod h1:4V+yj/TJE1HU9XfppCwVMZq3I84lprf4nC11bSS5beM=
 github.com/armon/go-socks5 v0.0.0-20160902184237-e75332964ef5 h1:0CwZNZbxp69SHPdPJAN/hZIm0C4OItdklCFmMRWYpio=
 github.com/armon/go-socks5 v0.0.0-20160902184237-e75332964ef5/go.mod h1:wHh0iHkYZB8zMSxRWpUBQtwG5a7fFgvEO+odwuTv2gs=
 github.com/beorn7/perks v1.0.1 h1:VlbKKnNfV8bJzeqoa4cOKqO6bYr3WgKZxO8Z16+hsOM=
 github.com/beorn7/perks v1.0.1/go.mod h1:G2ZrVWU2WbWT9wwq4/hrbKbnv/1ERSJQ0ibhJ6rlkpw=
 github.com/blang/semver/v4 v4.0.0 h1:1PFHFE6yCCTv8C1TeyNNarDzntLi7wMI5i/pzqYIsAM=
 github.com/blang/semver/v4 v4.0.0/go.mod h1:IbckMUScFkM3pff0VJDNKRiT6TG/YpiHIM2yvyW5YoQ=
-github.com/census-instrumentation/opencensus-proto v0.2.1/go.mod h1:f6KPmirojxKA12rnyqOA5BBL4O983OfeGPqjHWSTneU=
 github.com/cespare/xxhash/v2 v2.3.0 h1:UL815xU9SqsFlibzuggzjXhog7bL6oX9BbNZnL2UFvs=
 github.com/cespare/xxhash/v2 v2.3.0/go.mod h1:VGX0DQ3Q6kWi7AoAeZDth3/j3BFtOZR5XLFGgcrjCOs=
-github.com/chai2010/gettext-go v1.0.2 h1:1Lwwip6Q2QGsAdl/ZKPCwTe9fe0CjlUbqj5bFNSjIRk=
-github.com/chai2010/gettext-go v1.0.2/go.mod h1:y+wnP2cHYaVj19NZhYKAwEMH2CI1gNHeQQ+5AjwawxA=
-github.com/chzyer/logex v1.1.10/go.mod h1:+Ywpsq7O8HXn0nuIou7OrIPyXbp3wmkHB+jjWRnGsAI=
-github.com/chzyer/readline v0.0.0-20180603132655-2972be24d48e/go.mod h1:nSuG5e5PlCu98SY8svDHJxuZscDgtXS6KTTbou5AhLI=
-github.com/chzyer/test v0.0.0-20180213035817-a1ea475d72b1/go.mod h1:Q3SI9o4m/ZMnBNeIyt5eFwwo7qiLfzFZmjNmxjkiQlU=
-github.com/client9/misspell v0.3.4/go.mod h1:qj6jICC3Q7zFZvVWo7KLAzC3yx5G7kyvSDkc90ppPyw=
-github.com/cpuguy83/go-md2man/v2 v2.0.4/go.mod h1:tgQtvFlXSQOSOSIRvRPT7W67SCa46tRHOmNcaadrF8o=
-github.com/creack/pty v1.1.9/go.mod h1:oKZEueFk5CKHvIhNR5MUki03XCEU+Q6VDXinZuGJ33E=
+github.com/chai2010/gettext-go v1.0.3 h1:9liNh8t+u26xl5ddmWLmsOsdNLwkdRTg5AG+JnTiM80=
+github.com/chai2010/gettext-go v1.0.3/go.mod h1:y+wnP2cHYaVj19NZhYKAwEMH2CI1gNHeQQ+5AjwawxA=
+github.com/cpuguy83/go-md2man/v2 v2.0.6/go.mod h1:oOW0eioCTA6cOiMLiUPZOpcVxMig6NIQQ7OS05n1F4g=
 github.com/creack/pty v1.1.18 h1:n56/Zwd5o6whRC5PMGretI4IdRLlmBXYNjScPaBgsbY=
 github.com/creack/pty v1.1.18/go.mod h1:MOBLtS5ELjhRRrroQr9kyvTxUAFNvYEK993ew/Vr4O4=
 github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
 github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
 github.com/davecgh/go-spew v1.1.2-0.20180830191138-d8f796af33cc h1:U9qPSI2PIWSS1VwoXQT9A3Wy9MM3WgvqSxFWenqJduM=
 github.com/davecgh/go-spew v1.1.2-0.20180830191138-d8f796af33cc/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
-github.com/emicklei/go-restful/v3 v3.11.0 h1:rAQeMHw1c7zTmncogyy8VvRZwtkmkZ4FxERmMY4rD+g=
-github.com/emicklei/go-restful/v3 v3.11.0/go.mod h1:6n3XBCmQQb25CM2LCACGz8ukIrRry+4bhvbpWn3mrbc=
-github.com/envoyproxy/go-control-plane v0.9.1-0.20191026205805-5f8ba28d4473/go.mod h1:YTl/9mNaCwkRvm6d1a2C3ymFceY/DCBVvsKhRF0iEA4=
-github.com/envoyproxy/protoc-gen-validate v0.1.0/go.mod h1:iSmxcyjqTsJpI2R4NaDN7+kN2VEUnK/pcBlmesArF7c=
+github.com/emicklei/go-restful/v3 v3.13.0 h1:C4Bl2xDndpU6nJ4bc1jXd+uTmYPVUwkD6bFY/oTyCes=
+github.com/emicklei/go-restful/v3 v3.13.0/go.mod h1:6n3XBCmQQb25CM2LCACGz8ukIrRry+4bhvbpWn3mrbc=
 github.com/evanphx/json-patch v5.6.0+incompatible h1:jBYDEEiFBPxA0v50tFdvOzQQTCvpL6mnFh5mB2/l16U=
 github.com/evanphx/json-patch v5.6.0+incompatible/go.mod h1:50XU6AFN0ol/bzJsmQLiYLvXMP4fmwYFNcr97nuDLSk=
-github.com/evanphx/json-patch/v5 v5.9.0 h1:kcBlZQbplgElYIlo/n1hJbls2z/1awpXxpRi0/FOJfg=
-github.com/evanphx/json-patch/v5 v5.9.0/go.mod h1:VNkHZ/282BpEyt/tObQO8s5CMPmYYq14uClGH4abBuQ=
-github.com/exponent-io/jsonpath v0.0.0-20151013193312-d6023ce2651d h1:105gxyaGwCFad8crR9dcMQWvV9Hvulu6hwUh4tWPJnM=
-github.com/exponent-io/jsonpath v0.0.0-20151013193312-d6023ce2651d/go.mod h1:ZZMPRZwes7CROmyNKgQzC3XPs6L/G2EJLHddWejkmf4=
+github.com/evanphx/json-patch/v5 v5.9.11 h1:/8HVnzMq13/3x9TPvjG08wUGqBTmZBsCWzjTM0wiaDU=
+github.com/evanphx/json-patch/v5 v5.9.11/go.mod h1:3j+LviiESTElxA4p3EMKAB9HXj3/XEtnUf6OZxqIQTM=
+github.com/exponent-io/jsonpath v0.0.0-20210407135951-1de76d718b3f h1:Wl78ApPPB2Wvf/TIe2xdyJxTlb6obmF18d8QdkxNDu4=
+github.com/exponent-io/jsonpath v0.0.0-20210407135951-1de76d718b3f/go.mod h1:OSYXu++VVOHnXeitef/D8n/6y4QV8uLHSFXX4NeXMGc=
 github.com/fatih/camelcase v1.0.0 h1:hxNvNX/xYBp0ovncs8WyWZrOrpBNub/JfaMvbURyft8=
 github.com/fatih/camelcase v1.0.0/go.mod h1:yN2Sb0lFhZJUdVvtELVWefmrXpuZESvPmqwoZc+/fpc=
-github.com/fxamacker/cbor/v2 v2.7.0 h1:iM5WgngdRBanHcxugY4JySA0nk1wZorNOpTgCMedv5E=
-github.com/fxamacker/cbor/v2 v2.7.0/go.mod h1:pxXPTn3joSm21Gbwsv0w9OSA2y1HFR9qXEeXQVeNoDQ=
-github.com/go-errors/errors v1.4.2 h1:J6MZopCL4uSllY1OfXM374weqZFFItUbrImctkmUxIA=
-github.com/go-errors/errors v1.4.2/go.mod h1:sIVyrIiJhuEF+Pj9Ebtd6P/rEYROXFi3BopGUQ5a5Og=
-github.com/go-logr/logr v1.4.2 h1:6pFjapn8bFcIbiKo3XT4j/BhANplGihG6tvd+8rYgrY=
-github.com/go-logr/logr v1.4.2/go.mod h1:9T104GzyrTigFIr8wt5mBrctHMim0Nb2HLGrmQ40KvY=
+github.com/fsnotify/fsnotify v1.9.0 h1:2Ml+OJNzbYCTzsxtv8vKSFD9PbJjmhYF14k/jKC7S9k=
+github.com/fsnotify/fsnotify v1.9.0/go.mod h1:8jBTzvmWwFyi3Pb8djgCCO5IBqzKJ/Jwo8TRcHyHii0=
+github.com/fxamacker/cbor/v2 v2.9.0 h1:NpKPmjDBgUfBms6tr6JZkTHtfFGcMKsw3eGcmD/sapM=
+github.com/fxamacker/cbor/v2 v2.9.0/go.mod h1:vM4b+DJCtHn+zz7h3FFp/hDAI9WNWCsZj23V5ytsSxQ=
+github.com/go-errors/errors v1.5.1 h1:ZwEMSLRCapFLflTpT7NKaAc7ukJ8ZPEjzlxt8rPN8bk=
+github.com/go-errors/errors v1.5.1/go.mod h1:sIVyrIiJhuEF+Pj9Ebtd6P/rEYROXFi3BopGUQ5a5Og=
+github.com/go-logr/logr v1.4.3 h1:CjnDlHq8ikf6E492q6eKboGOC0T8CDaOvkHCIg8idEI=
+github.com/go-logr/logr v1.4.3/go.mod h1:9T104GzyrTigFIr8wt5mBrctHMim0Nb2HLGrmQ40KvY=
 github.com/go-logr/zapr v1.3.0 h1:XGdV8XW8zdwFiwOA2Dryh1gj2KRQyOOoNmBy4EplIcQ=
 github.com/go-logr/zapr v1.3.0/go.mod h1:YKepepNBd1u/oyhd/yQmtjVXmm9uML4IXUgMOwR8/Gg=
-github.com/go-openapi/jsonpointer v0.19.6 h1:eCs3fxoIi3Wh6vtgmLTOjdhSpiqphQ+DaPn38N2ZdrE=
-github.com/go-openapi/jsonpointer v0.19.6/go.mod h1:osyAmYz/mB/C3I+WsTTSgw1ONzaLJoLCyoi6/zppojs=
-github.com/go-openapi/jsonreference v0.20.2 h1:3sVjiK66+uXK/6oQ8xgcRKcFgQ5KXa2KvnJRumpMGbE=
-github.com/go-openapi/jsonreference v0.20.2/go.mod h1:Bl1zwGIM8/wsvqjsOQLJ/SH+En5Ap4rVB5KVcIDZG2k=
-github.com/go-openapi/swag v0.22.3/go.mod h1:UzaqsxGiab7freDnrUUra0MwWfN/q7tE4j+VcZ0yl14=
-github.com/go-openapi/swag v0.22.4 h1:QLMzNJnMGPRNDCbySlcj1x01tzU8/9LTTL9hZZZogBU=
-github.com/go-openapi/swag v0.22.4/go.mod h1:UzaqsxGiab7freDnrUUra0MwWfN/q7tE4j+VcZ0yl14=
+github.com/go-openapi/jsonpointer v0.22.0 h1:TmMhghgNef9YXxTu1tOopo+0BGEytxA+okbry0HjZsM=
+github.com/go-openapi/jsonpointer v0.22.0/go.mod h1:xt3jV88UtExdIkkL7NloURjRQjbeUgcxFblMjq2iaiU=
+github.com/go-openapi/jsonreference v0.21.1 h1:bSKrcl8819zKiOgxkbVNRUBIr6Wwj9KYrDbMjRs0cDA=
+github.com/go-openapi/jsonreference v0.21.1/go.mod h1:PWs8rO4xxTUqKGu+lEvvCxD5k2X7QYkKAepJyCmSTT8=
+github.com/go-openapi/swag v0.24.1 h1:DPdYTZKo6AQCRqzwr/kGkxJzHhpKxZ9i/oX0zag+MF8=
+github.com/go-openapi/swag v0.24.1/go.mod h1:sm8I3lCPlspsBBwUm1t5oZeWZS0s7m/A+Psg0ooRU0A=
+github.com/go-openapi/swag/cmdutils v0.24.0 h1:KlRCffHwXFI6E5MV9n8o8zBRElpY4uK4yWyAMWETo9I=
+github.com/go-openapi/swag/cmdutils v0.24.0/go.mod h1:uxib2FAeQMByyHomTlsP8h1TtPd54Msu2ZDU/H5Vuf8=
+github.com/go-openapi/swag/conv v0.24.0 h1:ejB9+7yogkWly6pnruRX45D1/6J+ZxRu92YFivx54ik=
+github.com/go-openapi/swag/conv v0.24.0/go.mod h1:jbn140mZd7EW2g8a8Y5bwm8/Wy1slLySQQ0ND6DPc2c=
+github.com/go-openapi/swag/fileutils v0.24.0 h1:U9pCpqp4RUytnD689Ek/N1d2N/a//XCeqoH508H5oak=
+github.com/go-openapi/swag/fileutils v0.24.0/go.mod h1:3SCrCSBHyP1/N+3oErQ1gP+OX1GV2QYFSnrTbzwli90=
+github.com/go-openapi/swag/jsonname v0.24.0 h1:2wKS9bgRV/xB8c62Qg16w4AUiIrqqiniJFtZGi3dg5k=
+github.com/go-openapi/swag/jsonname v0.24.0/go.mod h1:GXqrPzGJe611P7LG4QB9JKPtUZ7flE4DOVechNaDd7Q=
+github.com/go-openapi/swag/jsonutils v0.24.0 h1:F1vE1q4pg1xtO3HTyJYRmEuJ4jmIp2iZ30bzW5XgZts=
+github.com/go-openapi/swag/jsonutils v0.24.0/go.mod h1:vBowZtF5Z4DDApIoxcIVfR8v0l9oq5PpYRUuteVu6f0=
+github.com/go-openapi/swag/loading v0.24.0 h1:ln/fWTwJp2Zkj5DdaX4JPiddFC5CHQpvaBKycOlceYc=
+github.com/go-openapi/swag/loading v0.24.0/go.mod h1:gShCN4woKZYIxPxbfbyHgjXAhO61m88tmjy0lp/LkJk=
+github.com/go-openapi/swag/mangling v0.24.0 h1:PGOQpViCOUroIeak/Uj/sjGAq9LADS3mOyjznmHy2pk=
+github.com/go-openapi/swag/mangling v0.24.0/go.mod h1:Jm5Go9LHkycsz0wfoaBDkdc4CkpuSnIEf62brzyCbhc=
+github.com/go-openapi/swag/netutils v0.24.0 h1:Bz02HRjYv8046Ycg/w80q3g9QCWeIqTvlyOjQPDjD8w=
+github.com/go-openapi/swag/netutils v0.24.0/go.mod h1:WRgiHcYTnx+IqfMCtu0hy9oOaPR0HnPbmArSRN1SkZM=
+github.com/go-openapi/swag/stringutils v0.24.0 h1:i4Z/Jawf9EvXOLUbT97O0HbPUja18VdBxeadyAqS1FM=
+github.com/go-openapi/swag/stringutils v0.24.0/go.mod h1:5nUXB4xA0kw2df5PRipZDslPJgJut+NjL7D25zPZ/4w=
+github.com/go-openapi/swag/typeutils v0.24.0 h1:d3szEGzGDf4L2y1gYOSSLeK6h46F+zibnEas2Jm/wIw=
+github.com/go-openapi/swag/typeutils v0.24.0/go.mod h1:q8C3Kmk/vh2VhpCLaoR2MVWOGP8y7Jc8l82qCTd1DYI=
+github.com/go-openapi/swag/yamlutils v0.24.0 h1:bhw4894A7Iw6ne+639hsBNRHg9iZg/ISrOVr+sJGp4c=
+github.com/go-openapi/swag/yamlutils v0.24.0/go.mod h1:DpKv5aYuaGm/sULePoeiG8uwMpZSfReo1HR3Ik0yaG8=
 github.com/go-task/slim-sprig/v3 v3.0.0 h1:sUs3vkvUymDpBKi3qH1YSqBQk9+9D/8M2mN1vB6EwHI=
 github.com/go-task/slim-sprig/v3 v3.0.0/go.mod h1:W848ghGpv3Qj3dhTPRyJypKRiqCdHZiAzKg9hl15HA8=
-github.com/gofrs/flock v0.8.1 h1:+gYjHKf32LDeiEEFhQaotPbLuUXjY5ZqxKgXy7n59aw=
 github.com/gofrs/flock v0.8.1/go.mod h1:F1TvTiK9OcQqauNUHlbJvyl9Qa1QvF/gOUDKA14jxHU=
+github.com/gofrs/flock v0.12.1 h1:MTLVXXHf8ekldpJk3AKicLij9MdwOWkZ+a/jHHZby9E=
+github.com/gofrs/flock v0.12.1/go.mod h1:9zxTsyu5xtJ9DK+1tFZyibEV7y3uwDxPPfbxeeHCoD0=
 github.com/gogo/protobuf v1.3.2 h1:Ov1cvc58UF3b5XjBnZv7+opcTcQFZebYjWzi34vdm4Q=
 github.com/gogo/protobuf v1.3.2/go.mod h1:P1XiOD3dCwIKUDQYPy72D8LYyHL2YPYrpS2s69NZV8Q=
-github.com/golang/glog v0.0.0-20160126235308-23def4e6c14b/go.mod h1:SBH7ygxi8pfUlaOkMMuAQtPIUF8ecWP5IEl/CR7VP2Q=
-github.com/golang/groupcache v0.0.0-20210331224755-41bb18bfe9da h1:oI5xCqsCo564l8iNU+DwB5epxmsaqB+rhGL0m5jtYqE=
-github.com/golang/groupcache v0.0.0-20210331224755-41bb18bfe9da/go.mod h1:cIg4eruTrX1D+g88fzRXU5OdNfaM+9IcxsU14FzY7Hc=
-github.com/golang/mock v1.1.1/go.mod h1:oTYuIxOrZwtPieC+H1uAHpcLFnEyAGVDL/k47Jfbm0A=
-github.com/golang/protobuf v1.2.0/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U=
-github.com/golang/protobuf v1.3.2/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U=
-github.com/golang/protobuf v1.4.0-rc.1/go.mod h1:ceaxUfeHdC40wWswd/P6IGgMaK3YpKi5j83Wpe3EHw8=
-github.com/golang/protobuf v1.4.0-rc.1.0.20200221234624-67d41d38c208/go.mod h1:xKAWHe0F5eneWXFV3EuXVDTCmh+JuBKY0li0aMyXATA=
-github.com/golang/protobuf v1.4.0-rc.2/go.mod h1:LlEzMj4AhA7rCAGe4KMBDvJI+AwstrUpVNzEA03Pprs=
-github.com/golang/protobuf v1.4.0-rc.4.0.20200313231945-b860323f09d0/go.mod h1:WU3c8KckQ9AFe+yFwt9sWVRKCVIyN9cPHBJSNnbL67w=
-github.com/golang/protobuf v1.4.0/go.mod h1:jodUvKwWbYaEsadDk5Fwe5c77LiNKVO9IDvqG2KuDX0=
-github.com/golang/protobuf v1.4.1/go.mod h1:U8fpvMrcmy5pZrNK1lt4xCsGvpyWQ/VVv6QDs8UjoX8=
-github.com/golang/protobuf v1.5.4 h1:i7eJL8qZTpSEXOPTxNKhASYpMn+8e5Q6AdndVa1dWek=
-github.com/golang/protobuf v1.5.4/go.mod h1:lnTiLA8Wa4RWRcIUkrtSVa5nRhsEGBg48fD6rSs7xps=
-github.com/google/btree v1.0.1 h1:gK4Kx5IaGY9CD5sPJ36FHiBJ6ZXl0kilRiiCj+jdYp4=
-github.com/google/btree v1.0.1/go.mod h1:xXMiIv4Fb/0kKde4SpL7qlzvu5cMJDRkFDxJfI9uaxA=
-github.com/google/gnostic-models v0.6.8 h1:yo/ABAfM5IMRsS1VnXjTBvUb61tFIHozhlYvRgGre9I=
-github.com/google/gnostic-models v0.6.8/go.mod h1:5n7qKqH0f5wFt+aWF8CW6pZLLNOfYuF5OpfBSENuI8U=
-github.com/google/go-cmp v0.2.0/go.mod h1:oXzfMopK8JAjlY9xF4vHSVASa0yLyX7SntLO5aqRK0M=
-github.com/google/go-cmp v0.3.0/go.mod h1:8QqcDgzrUqlUb/G2PQTWiueGozuR1884gddMywk6iLU=
-github.com/google/go-cmp v0.3.1/go.mod h1:8QqcDgzrUqlUb/G2PQTWiueGozuR1884gddMywk6iLU=
-github.com/google/go-cmp v0.4.0/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE=
-github.com/google/go-cmp v0.5.0/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE=
-github.com/google/go-cmp v0.5.1/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE=
-github.com/google/go-cmp v0.5.9/go.mod h1:17dUlkBOakJ0+DkrSSNjCkIjxS6bF9zb3elmeNGIjoY=
-github.com/google/go-cmp v0.6.0 h1:ofyhxvXcZhMsU5ulbFiLKl/XBFqE1GSq7atu8tAmTRI=
+github.com/google/btree v1.1.3 h1:CVpQJjYgC4VbzxeGVHfvZrv1ctoYCAI8vbl07Fcxlyg=
+github.com/google/btree v1.1.3/go.mod h1:qOPhT0dTNdNzV6Z/lhRX0YXUafgPLFUh+gZMl761Gm4=
+github.com/google/gnostic-models v0.7.0 h1:qwTtogB15McXDaNqTZdzPJRHvaVJlAl+HVQnLmJEJxo=
+github.com/google/gnostic-models v0.7.0/go.mod h1:whL5G0m6dmc5cPxKc5bdKdEN3UjI7OUGxBlw57miDrQ=
 github.com/google/go-cmp v0.6.0/go.mod h1:17dUlkBOakJ0+DkrSSNjCkIjxS6bF9zb3elmeNGIjoY=
+github.com/google/go-cmp v0.7.0 h1:wk8382ETsv4JYUZwIsn6YpYiWiBsYLSJiTsyBybVuN8=
+github.com/google/go-cmp v0.7.0/go.mod h1:pXiqmnSA92OHEEa9HXL2W4E7lf9JzCmGVUdgjX3N/iU=
 github.com/google/gofuzz v1.0.0/go.mod h1:dBl0BpW6vV/+mYPU4Po3pmUjxk6FQPldtuIdl/M65Eg=
 github.com/google/gofuzz v1.2.0 h1:xRy4A+RhZaiKjJ1bPfwQ8sedCA+YS2YcCHW6ec7JMi0=
 github.com/google/gofuzz v1.2.0/go.mod h1:dBl0BpW6vV/+mYPU4Po3pmUjxk6FQPldtuIdl/M65Eg=
-github.com/google/pprof v0.0.0-20240827171923-fa2c70bbbfe5 h1:5iH8iuqE5apketRbSFBy+X1V0o+l+8NF1avt4HWl7cA=
-github.com/google/pprof v0.0.0-20240827171923-fa2c70bbbfe5/go.mod h1:vavhavw2zAxS5dIdcRluK6cSGGPlZynqzFM8NdvU144=
-github.com/google/shlex v0.0.0-20191202100458-e7afc7fbc510 h1:El6M4kTTCOh6aBiKaUGG7oYTSPP8MxqL4YI3kZKwcP4=
-github.com/google/shlex v0.0.0-20191202100458-e7afc7fbc510/go.mod h1:pupxD2MaaD3pAXIBCelhxNneeOaAeabZDe5s4K6zSpQ=
+github.com/google/pprof v0.0.0-20250903194437-c28834ac2320 h1:c7ayAhbRP9HnEl/hg/WQOM9s0snWztfW6feWXZbGHw0=
+github.com/google/pprof v0.0.0-20250903194437-c28834ac2320/go.mod h1:I6V7YzU0XDpsHqbsyrghnFZLO1gwK6NPTNvmetQIk9U=
 github.com/google/uuid v1.6.0 h1:NIvaJDMOsjHA8n1jAhLSgzrAzy1Hgr+hNrb57e+94F0=
 github.com/google/uuid v1.6.0/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo=
-github.com/gorilla/websocket v1.5.0 h1:PPwGk2jz7EePpoHN/+ClbZu8SPxiqlu12wZP/3sWmnc=
-github.com/gorilla/websocket v1.5.0/go.mod h1:YR8l580nyteQvAITg2hZ9XVh4b55+EU/adAjf1fMHhE=
-github.com/gregjones/httpcache v0.0.0-20180305231024-9cad4c3443a7 h1:pdN6V1QBWetyv/0+wjACpqVH+eVULgEjkurDLq3goeM=
-github.com/gregjones/httpcache v0.0.0-20180305231024-9cad4c3443a7/go.mod h1:FecbI9+v66THATjSRHfNgh1IVFe/9kFxbXtjV0ctIMA=
-github.com/imdario/mergo v0.3.6 h1:xTNEAn+kxVO7dTZGu0CegyqKZmoWFI0rF8UxjlB2d28=
-github.com/imdario/mergo v0.3.6/go.mod h1:2EnlNZ0deacrJVfApfmtdGgDfMuh/nq6Ok1EcJh5FfA=
+github.com/gorilla/websocket v1.5.4-0.20250319132907-e064f32e3674 h1:JeSE6pjso5THxAzdVpqr6/geYxZytqFMBCOtn/ujyeo=
+github.com/gorilla/websocket v1.5.4-0.20250319132907-e064f32e3674/go.mod h1:r4w70xmWCQKmi1ONH4KIaBptdivuRPyosB9RmPlGEwA=
+github.com/grafana/regexp v0.0.0-20240518133315-a468a5bfb3bc h1:GN2Lv3MGO7AS6PrRoT6yV5+wkrOpcszoIsO4+4ds248=
+github.com/grafana/regexp v0.0.0-20240518133315-a468a5bfb3bc/go.mod h1:+JKpmjMGhpgPL+rXZ5nsZieVzvarn86asRlBg4uNGnk=
+github.com/gregjones/httpcache v0.0.0-20190611155906-901d90724c79 h1:+ngKgrYPPJrOjhax5N+uePQ0Fh1Z7PheYoUI/0nzkPA=
+github.com/gregjones/httpcache v0.0.0-20190611155906-901d90724c79/go.mod h1:FecbI9+v66THATjSRHfNgh1IVFe/9kFxbXtjV0ctIMA=
 github.com/inconshreveable/mousetrap v1.1.0 h1:wN+x4NVGpMsO7ErUn/mUI3vEoE6Jt13X2s0bqwp9tc8=
 github.com/inconshreveable/mousetrap v1.1.0/go.mod h1:vpF70FUmC8bwa3OWnCshd2FqLfsEA9PFc4w1p2J65bw=
 github.com/josharian/intern v1.0.0 h1:vlS4z54oSdjm0bgjRigI+G1HpF+tI+9rE5LLzOg8HmY=
@@ -110,226 +104,259 @@ github.com/json-iterator/go v1.1.12 h1:PV8peI4a0ysnczrg+LtxykD8LfKY9ML6u2jnxaEnr
 github.com/json-iterator/go v1.1.12/go.mod h1:e30LSqwooZae/UwlEbR2852Gd8hjQvJoHmT4TnhNGBo=
 github.com/kisielk/errcheck v1.5.0/go.mod h1:pFxgyoBC7bSaBwPgfKdkLd5X25qrDl4LWUI2bnpBCr8=
 github.com/kisielk/gotool v1.0.0/go.mod h1:XhKaO+MFFWcvkIS/tQcRk01m1F5IRFswLeQ+oQHNcck=
-github.com/kr/pretty v0.2.1/go.mod h1:ipq/a2n7PKx3OHsz4KJII5eveXtPO4qwEXGdVfWzfnI=
+github.com/klauspost/compress v1.18.0 h1:c/Cqfb0r+Yi+JtIEq73FWXVkRonBlf0CRNYc8Zttxdo=
+github.com/klauspost/compress v1.18.0/go.mod h1:2Pp+KzxcywXVXMr50+X0Q/Lsb43OQHYWRCY2AiWywWQ=
 github.com/kr/pretty v0.3.1 h1:flRD4NNwYAUpkphVc1HcthR4KEIFJ65n8Mw5qdRn3LE=
 github.com/kr/pretty v0.3.1/go.mod h1:hoEshYVHaxMs3cyo3Yncou5ZscifuDolrwPKZanG3xk=
-github.com/kr/pty v1.1.1/go.mod h1:pFQYn66WHrOpPYNljwOMqo10TkYh1fy3cYio2l3bCsQ=
-github.com/kr/text v0.1.0/go.mod h1:4Jbv+DJW3UT/LiOwJeYQe1efqtUx/iVham/4vfdArNI=
 github.com/kr/text v0.2.0 h1:5Nx0Ya0ZqY2ygV366QzturHI13Jq95ApcVaJBhpS+AY=
 github.com/kr/text v0.2.0/go.mod h1:eLer722TekiGuMkidMxC/pM04lWEeraHUUmBw8l2grE=
+github.com/kylelemons/godebug v1.1.0 h1:RPNrshWIDI6G2gRW9EHilWtl7Z6Sb1BR0xunSBf0SNc=
+github.com/kylelemons/godebug v1.1.0/go.mod h1:9/0rRGxNHcop5bhtWyNeEfOS8JIWk580+fNqagV/RAw=
 github.com/liggitt/tabwriter v0.0.0-20181228230101-89fcab3d43de h1:9TO3cAIGXtEhnIaL+V+BEER86oLrvS+kWobKpbJuye0=
 github.com/liggitt/tabwriter v0.0.0-20181228230101-89fcab3d43de/go.mod h1:zAbeS9B/r2mtpb6U+EI2rYA5OAXxsYw6wTamcNW+zcE=
 github.com/lithammer/dedent v1.1.0 h1:VNzHMVCBNG1j0fh3OrsFRkVUwStdDArbgBWoPAffktY=
 github.com/lithammer/dedent v1.1.0/go.mod h1:jrXYCQtgg0nJiN+StA2KgR7w6CiQNv9Fd/Z9BP0jIOc=
-github.com/mailru/easyjson v0.7.7 h1:UGYAvKxe3sBsEDzO8ZeWOSlIQfWFlxbzLZe7hwFURr0=
-github.com/mailru/easyjson v0.7.7/go.mod h1:xzfreul335JAWq5oZzymOObrkdz5UnU4kGfJJLY9Nlc=
+github.com/mailru/easyjson v0.9.0 h1:PrnmzHw7262yW8sTBwxi1PdJA3Iw/EKBa8psRf7d9a4=
+github.com/mailru/easyjson v0.9.0/go.mod h1:1+xMtQp2MRNVL/V1bOzuP3aP8VNwRW55fQUto+XFtTU=
 github.com/mitchellh/go-wordwrap v1.0.1 h1:TLuKupo69TCn6TQSyGxwI1EblZZEsQ0vMlAFQflz0v0=
 github.com/mitchellh/go-wordwrap v1.0.1/go.mod h1:R62XHJLzvMFRBbcrT7m7WgmE1eOyTSsCt+hzestvNj0=
-github.com/moby/spdystream v0.4.0 h1:Vy79D6mHeJJjiPdFEL2yku1kl0chZpJfZcPpb16BRl8=
-github.com/moby/spdystream v0.4.0/go.mod h1:xBAYlnt/ay+11ShkdFKNAG7LsyK/tmNBVvVOwrfMgdI=
-github.com/moby/term v0.5.0 h1:xt8Q1nalod/v7BqbG21f8mQPqH+xAaC9C3N3wfWbVP0=
-github.com/moby/term v0.5.0/go.mod h1:8FzsFHVUBGZdbDsJw/ot+X+d5HLUbvklYLJ9uGfcI3Y=
+github.com/moby/spdystream v0.5.0 h1:7r0J1Si3QO/kjRitvSLVVFUjxMEb/YLj6S9FF62JBCU=
+github.com/moby/spdystream v0.5.0/go.mod h1:xBAYlnt/ay+11ShkdFKNAG7LsyK/tmNBVvVOwrfMgdI=
+github.com/moby/term v0.5.2 h1:6qk3FJAFDs6i/q3W/pQ97SX192qKfZgGjCQqfCJkgzQ=
+github.com/moby/term v0.5.2/go.mod h1:d3djjFCrjnB+fl8NJux+EJzu0msscUP+f8it8hPkFLc=
 github.com/modern-go/concurrent v0.0.0-20180228061459-e0a39a4cb421/go.mod h1:6dJC0mAP4ikYIbvyc7fijjWJddQyLn8Ig3JB5CqoB9Q=
 github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd h1:TRLaZ9cD/w8PVh93nsPXa1VrQ6jlwL5oN8l14QlcNfg=
 github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd/go.mod h1:6dJC0mAP4ikYIbvyc7fijjWJddQyLn8Ig3JB5CqoB9Q=
-github.com/modern-go/reflect2 v1.0.2 h1:xBagoLtFs94CBntxluKeaWgTMpvLxC4ur3nMaC9Gz0M=
 github.com/modern-go/reflect2 v1.0.2/go.mod h1:yWuevngMOJpCy52FWWMvUC8ws7m/LJsjYzDa0/r8luk=
+github.com/modern-go/reflect2 v1.0.3-0.20250322232337-35a7c28c31ee h1:W5t00kpgFdJifH4BDsTlE89Zl93FEloxaWZfGcifgq8=
+github.com/modern-go/reflect2 v1.0.3-0.20250322232337-35a7c28c31ee/go.mod h1:yWuevngMOJpCy52FWWMvUC8ws7m/LJsjYzDa0/r8luk=
 github.com/monochromegane/go-gitignore v0.0.0-20200626010858-205db1a8cc00 h1:n6/2gBQ3RWajuToeY6ZtZTIKv2v7ThUy5KKusIT0yc0=
 github.com/monochromegane/go-gitignore v0.0.0-20200626010858-205db1a8cc00/go.mod h1:Pm3mSP3c5uWn86xMLZ5Sa7JB9GsEZySvHYXCTK4E9q4=
 github.com/munnerz/goautoneg v0.0.0-20191010083416-a7dc8b61c822 h1:C3w9PqII01/Oq1c1nUAm88MOHcQC9l5mIlSMApZMrHA=
 github.com/munnerz/goautoneg v0.0.0-20191010083416-a7dc8b61c822/go.mod h1:+n7T8mK8HuQTcFwEeznm/DIxMOiR9yIdICNftLE1DvQ=
 github.com/mxk/go-flowrate v0.0.0-20140419014527-cca7078d478f h1:y5//uYreIhSUg3J1GEMiLbxo1LJaP8RfCpH6pymGZus=
 github.com/mxk/go-flowrate v0.0.0-20140419014527-cca7078d478f/go.mod h1:ZdcZmHo+o7JKHSa8/e818NopupXU1YMK5fe1lsApnBw=
-github.com/onsi/ginkgo/v2 v2.20.2 h1:7NVCeyIWROIAheY21RLS+3j2bb52W0W82tkberYytp4=
-github.com/onsi/ginkgo/v2 v2.20.2/go.mod h1:K9gyxPIlb+aIvnZ8bd9Ak+YP18w3APlR+5coaZoE2ag=
-github.com/onsi/gomega v1.34.2 h1:pNCwDkzrsv7MS9kpaQvVb1aVLahQXyJ/Tv5oAZMI3i8=
-github.com/onsi/gomega v1.34.2/go.mod h1:v1xfxRgk0KIsG+QOdm7p8UosrOzPYRo60fd3B/1Dukc=
-github.com/oracle/oci-go-sdk/v65 v65.77.1 h1:gqjTXIUWvTihkn470AclxSAMcR1JecqjD2IUtp+sDIU=
-github.com/oracle/oci-go-sdk/v65 v65.77.1/go.mod h1:IBEV9l1qBzUpo7zgGaRUhbB05BVfcDGYRFBCPlTcPp0=
+github.com/onsi/ginkgo/v2 v2.25.2 h1:hepmgwx1D+llZleKQDMEvy8vIlCxMGt7W5ZxDjIEhsw=
+github.com/onsi/ginkgo/v2 v2.25.2/go.mod h1:43uiyQC4Ed2tkOzLsEYm7hnrb7UJTWHYNsuy3bG/snE=
+github.com/onsi/gomega v1.38.2 h1:eZCjf2xjZAqe+LeWvKb5weQ+NcPwX84kqJ0cZNxok2A=
+github.com/onsi/gomega v1.38.2/go.mod h1:W2MJcYxRGV63b418Ai34Ud0hEdTVXq9NW9+Sx6uXf3k=
+github.com/oracle/oci-go-sdk/v65 v65.99.1 h1:fWNC7Ef1XQ3m7QyWa7848eHnGR8c4O3+t9k//hLOkqU=
+github.com/oracle/oci-go-sdk/v65 v65.99.1/go.mod h1:RGiXfpDDmRRlLtqlStTzeBjjdUNXyqm3KXKyLCm3A/Q=
 github.com/peterbourgon/diskv v2.0.1+incompatible h1:UBdAOUP5p4RWqPBg048CAvpKN+vxiaj6gdUUzhl4XmI=
 github.com/peterbourgon/diskv v2.0.1+incompatible/go.mod h1:uqqh8zWWbv1HBMNONnaR/tNboyR3/BZd58JJSHlUSCU=
 github.com/pkg/errors v0.9.1 h1:FEBLx1zS214owpjy7qsBeixbURkuhQAwrK5UwLGTwt4=
 github.com/pkg/errors v0.9.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0=
+github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM=
 github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4=
-github.com/pmezard/go-difflib v1.0.1-0.20181226105442-5d4384ee4fb2 h1:Jamvg5psRIccs7FGNTlIRMkT8wgtp5eCXdBlqhYGL6U=
-github.com/pmezard/go-difflib v1.0.1-0.20181226105442-5d4384ee4fb2/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4=
-github.com/prometheus-operator/prometheus-operator/pkg/apis/monitoring v0.78.2 h1:SyoVBXD/r0PntR1rprb90ClI32FSUNOCWqqTatnipHM=
-github.com/prometheus-operator/prometheus-operator/pkg/apis/monitoring v0.78.2/go.mod h1:SvsRXw4m1F2vk7HquU5h475bFpke27mIUswfyw9u3ug=
-github.com/prometheus/client_golang v1.19.1 h1:wZWJDwK+NameRJuPGDhlnFgx8e8HN3XHQeLaYJFJBOE=
-github.com/prometheus/client_golang v1.19.1/go.mod h1:mP78NwGzrVks5S2H6ab8+ZZGJLZUq1hoULYBAYBw1Ho=
-github.com/prometheus/client_model v0.0.0-20190812154241-14fe0d1b01d4/go.mod h1:xMI15A0UPsDsEKsMN9yxemIoYk6Tm2C1GtYGdfGttqA=
-github.com/prometheus/client_model v0.6.1 h1:ZKSh/rekM+n3CeS952MLRAdFwIKqeY8b62p8ais2e9E=
-github.com/prometheus/client_model v0.6.1/go.mod h1:OrxVMOVHjw3lKMa8+x6HeMGkHMQyHDk9E3jmP2AmGiY=
-github.com/prometheus/common v0.55.0 h1:KEi6DK7lXW/m7Ig5i47x0vRzuBsHuvJdi5ee6Y3G1dc=
-github.com/prometheus/common v0.55.0/go.mod h1:2SECS4xJG1kd8XF9IcM1gMX6510RAEL65zxzNImwdc8=
-github.com/prometheus/procfs v0.15.1 h1:YagwOFzUgYfKKHX6Dr+sHT7km/hxC76UB0learggepc=
-github.com/prometheus/procfs v0.15.1/go.mod h1:fB45yRUv8NstnjriLhBQLuOUt+WW4BsoGhij/e3PBqk=
-github.com/rogpeppe/go-internal v1.12.0 h1:exVL4IDcn6na9z1rAb56Vxr+CgyK3nn3O+epU5NdKM8=
-github.com/rogpeppe/go-internal v1.12.0/go.mod h1:E+RYuTGaKKdloAfM02xzb0FW3Paa99yedzYV+kq4uf4=
+github.com/prashantv/gostub v1.1.0 h1:BTyx3RfQjRHnUWaGF9oQos79AlQ5k8WNktv7VGvVH4g=
+github.com/prashantv/gostub v1.1.0/go.mod h1:A5zLQHz7ieHGG7is6LLXLz7I8+3LZzsrV0P1IAHhP5U=
+github.com/prometheus-operator/prometheus-operator/pkg/apis/monitoring v0.85.0 h1:oY+F5FZFmCjCyzkHWPjVQpzvnvEB/0FP+iyzDUUlqFc=
+github.com/prometheus-operator/prometheus-operator/pkg/apis/monitoring v0.85.0/go.mod h1:VB7wtBmDT6W2RJHzsvPZlBId+EnmeQA0d33fFTXvraM=
+github.com/prometheus/client_golang v1.23.0 h1:ust4zpdl9r4trLY/gSjlm07PuiBq2ynaXXlptpfy8Uc=
+github.com/prometheus/client_golang v1.23.0/go.mod h1:i/o0R9ByOnHX0McrTMTyhYvKE4haaf2mW08I+jGAjEE=
+github.com/prometheus/client_model v0.6.2 h1:oBsgwpGs7iVziMvrGhE53c/GrLUsZdHnqNwqPLxwZyk=
+github.com/prometheus/client_model v0.6.2/go.mod h1:y3m2F6Gdpfy6Ut/GBsUqTWZqCUvMVzSfMLjcu6wAwpE=
+github.com/prometheus/common v0.66.0 h1:K/rJPHrG3+AoQs50r2+0t7zMnMzek2Vbv31OFVsMeVY=
+github.com/prometheus/common v0.66.0/go.mod h1:Ux6NtV1B4LatamKE63tJBntoxD++xmtI/lK0VtEplN4=
+github.com/prometheus/procfs v0.17.0 h1:FuLQ+05u4ZI+SS/w9+BWEM2TXiHKsUQ9TADiRH7DuK0=
+github.com/prometheus/procfs v0.17.0/go.mod h1:oPQLaDAMRbA+u8H5Pbfq+dl3VDAvHxMUOVhe0wYB2zw=
+github.com/rogpeppe/go-internal v1.13.1 h1:KvO1DLK/DRN07sQ1LQKScxyZJuNnedQ5/wKSR38lUII=
+github.com/rogpeppe/go-internal v1.13.1/go.mod h1:uMEvuHeurkdAXX61udpOXGD/AzZDWNMNyH2VO9fmH0o=
 github.com/russross/blackfriday/v2 v2.1.0 h1:JIOH55/0cWyOuilr9/qlrm0BSXldqnqwMsf35Ld67mk=
 github.com/russross/blackfriday/v2 v2.1.0/go.mod h1:+Rmxgy9KzJVeS9/2gXHxylqXiyQDYRxCVz55jmeOWTM=
 github.com/sergi/go-diff v1.2.0 h1:XU+rvMAioB0UC3q1MFrIQy4Vo5/4VsRDQQXHsEya6xQ=
 github.com/sergi/go-diff v1.2.0/go.mod h1:STckp+ISIX8hZLjrqAeVduY0gWCT9IjLuqbuNXdaHfM=
-github.com/sony/gobreaker v0.5.0 h1:dRCvqm0P490vZPmy7ppEk2qCnCieBooFJ+YoXGYB+yg=
 github.com/sony/gobreaker v0.5.0/go.mod h1:ZKptC7FHNvhBz7dN2LGjPVBz2sZJmc0/PkyDJOjmxWY=
-github.com/spf13/cobra v1.8.1 h1:e5/vxKd/rZsfSJMUX1agtjeTDf+qv1/JdBF8gg5k9ZM=
-github.com/spf13/cobra v1.8.1/go.mod h1:wHxEcudfqmLYa8iTfL+OuZPbBZkmvliBWKIezN3kD9Y=
-github.com/spf13/pflag v1.0.5 h1:iy+VFUOCP1a+8yFto/drg2CJ5u0yRoB7fZw3DKv/JXA=
-github.com/spf13/pflag v1.0.5/go.mod h1:McXfInJRrz4CZXVZOBLb0bTZqETkiAhM9Iw0y3An2Bg=
+github.com/sony/gobreaker v1.0.0 h1:feX5fGGXSl3dYd4aHZItw+FpHLvvoaqkawKjVNiFMNQ=
+github.com/sony/gobreaker v1.0.0/go.mod h1:ZKptC7FHNvhBz7dN2LGjPVBz2sZJmc0/PkyDJOjmxWY=
+github.com/spf13/cobra v1.10.1 h1:lJeBwCfmrnXthfAupyUTzJ/J4Nc1RsHC/mSRU2dll/s=
+github.com/spf13/cobra v1.10.1/go.mod h1:7SmJGaTHFVBY0jW4NXGluQoLvhqFQM+6XSKD+P4XaB0=
+github.com/spf13/pflag v1.0.9/go.mod h1:McXfInJRrz4CZXVZOBLb0bTZqETkiAhM9Iw0y3An2Bg=
+github.com/spf13/pflag v1.0.10 h1:4EBh2KAYBwaONj6b2Ye1GiHfwjqyROoF4RwYO+vPwFk=
+github.com/spf13/pflag v1.0.10/go.mod h1:McXfInJRrz4CZXVZOBLb0bTZqETkiAhM9Iw0y3An2Bg=
 github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME=
 github.com/stretchr/objx v0.4.0/go.mod h1:YvHI0jy2hoMjB+UWwv71VJQ9isScKT/TqJzVSSt89Yw=
-github.com/stretchr/objx v0.5.0 h1:1zr/of2m5FGMsad5YfcqgdqdWrIhu+EBEJRhR1U7z/c=
 github.com/stretchr/objx v0.5.0/go.mod h1:Yh+to48EsGEfYuaHDzXPcE3xhTkx73EhmCGUpEOglKo=
+github.com/stretchr/objx v0.5.2 h1:xuMeJ0Sdp5ZMRXx/aWO6RZxdr3beISkG5/G/aIRr3pY=
+github.com/stretchr/objx v0.5.2/go.mod h1:FRsXN1f5AsAjCGJKqEizvkpNtU+EGNCLh3NxZ/8L+MA=
 github.com/stretchr/testify v1.3.0/go.mod h1:M5WIy9Dh21IEIfnGCwXGc5bZfKNJtfHm1UVUgZn+9EI=
+github.com/stretchr/testify v1.6.1/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg=
 github.com/stretchr/testify v1.7.0/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg=
 github.com/stretchr/testify v1.7.1/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg=
 github.com/stretchr/testify v1.8.0/go.mod h1:yNjHg4UonilssWZ8iaSj1OCr/vHnekPRkoO+kdMU+MU=
-github.com/stretchr/testify v1.8.1/go.mod h1:w2LPCIKwWwSfY2zedu0+kehJoqGctiVI29o6fzry7u4=
 github.com/stretchr/testify v1.8.4/go.mod h1:sz/lmYIOXD/1dqDmKjjqLyZ2RngseejIcXlSw2iwfAo=
-github.com/stretchr/testify v1.9.0 h1:HtqpIVDClZ4nwg75+f6Lvsy/wHu+3BoSGCbBAcpTsTg=
-github.com/stretchr/testify v1.9.0/go.mod h1:r2ic/lqez/lEtzL7wO/rwa5dbSLXVDPFyf8C91i36aY=
+github.com/stretchr/testify v1.11.1 h1:7s2iGBzp5EwR7/aIZr8ao5+dra3wiQyKjjFuvgVKu7U=
+github.com/stretchr/testify v1.11.1/go.mod h1:wZwfW3scLgRK+23gO65QZefKpKQRnfz6sD981Nm4B6U=
 github.com/x448/float16 v0.8.4 h1:qLwI1I70+NjRFUR3zs1JPUCgaCXSh3SW62uAKT1mSBM=
 github.com/x448/float16 v0.8.4/go.mod h1:14CWIYCyZA/cWjXOioeEpHeN/83MdbZDRQHoFcYsOfg=
 github.com/xlab/treeprint v1.2.0 h1:HzHnuAF1plUN2zGlAFHbSQP2qJ0ZAD3XF5XD7OesXRQ=
 github.com/xlab/treeprint v1.2.0/go.mod h1:gj5Gd3gPdKtR1ikdDK6fnFLdmIS0X30kTTuNd/WEJu0=
+github.com/youmark/pkcs8 v0.0.0-20240726163527-a2c0da244d78 h1:ilQV1hzziu+LLM3zUTJ0trRztfwgjqKnBWNtSRkbmwM=
+github.com/youmark/pkcs8 v0.0.0-20240726163527-a2c0da244d78/go.mod h1:aL8wCCfTfSfmXjznFBSZNN13rSJjlIOI1fUNAtF7rmI=
 github.com/yuin/goldmark v1.1.27/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74=
 github.com/yuin/goldmark v1.2.1/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74=
-go.starlark.net v0.0.0-20230525235612-a134d8f9ddca h1:VdD38733bfYv5tUZwEIskMM93VanwNIi5bIKnDrJdEY=
-go.starlark.net v0.0.0-20230525235612-a134d8f9ddca/go.mod h1:jxU+3+j+71eXOW14274+SmmuW82qJzl6iZSeqEtTGds=
+github.com/yuin/goldmark v1.4.13/go.mod h1:6yULJ656Px+3vBD8DxQVa3kxgyrAnzto9xy5taEt/CY=
+go.uber.org/automaxprocs v1.6.0 h1:O3y2/QNTOdbF+e/dpXNNW7Rx2hZ4sTIPyybbxyNqTUs=
+go.uber.org/automaxprocs v1.6.0/go.mod h1:ifeIMSnPZuznNm6jmdzmU3/bfk01Fe2fotchwEFJ8r8=
 go.uber.org/goleak v1.3.0 h1:2K3zAYmnTNqV73imy9J1T3WC+gmCePx2hEGkimedGto=
 go.uber.org/goleak v1.3.0/go.mod h1:CoHD4mav9JJNrW/WLlf7HGZPjdw8EucARQHekz1X6bE=
 go.uber.org/multierr v1.11.0 h1:blXXJkSxSSfBVBlC76pxqeO+LN3aDfLQo+309xJstO0=
 go.uber.org/multierr v1.11.0/go.mod h1:20+QtiLqy0Nd6FdQB9TLXag12DsQkrbs3htMFfDN80Y=
-go.uber.org/zap v1.26.0 h1:sI7k6L95XOKS281NhVKOFCUNIvv9e0w4BF8N3u+tCRo=
-go.uber.org/zap v1.26.0/go.mod h1:dtElttAiwGvoJ/vj4IwHBS/gXsEu/pZ50mUIRWuG0so=
+go.uber.org/zap v1.27.0 h1:aJMhYGrd5QSmlpLMr2MftRKl7t8J8PTZPA732ud/XR8=
+go.uber.org/zap v1.27.0/go.mod h1:GB2qFLM7cTU87MWRP2mPIjqfIDnGu+VIO4V/SdhGo2E=
+go.yaml.in/yaml/v2 v2.4.2 h1:DzmwEr2rDGHl7lsFgAHxmNz/1NlQ7xLIrlN2h5d1eGI=
+go.yaml.in/yaml/v2 v2.4.2/go.mod h1:081UH+NErpNdqlCXm3TtEran0rJZGxAYx9hb/ELlsPU=
+go.yaml.in/yaml/v3 v3.0.4 h1:tfq32ie2Jv2UxXFdLJdh3jXuOzWiL1fo0bu/FbuKpbc=
+go.yaml.in/yaml/v3 v3.0.4/go.mod h1:DhzuOOF2ATzADvBadXxruRBLzYTpT36CKvDb3+aBEFg=
 golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w=
 golang.org/x/crypto v0.0.0-20191011191535-87dc89f01550/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI=
 golang.org/x/crypto v0.0.0-20200622213623-75b288015ac9/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto=
-golang.org/x/exp v0.0.0-20190121172915-509febef88a4/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA=
-golang.org/x/exp v0.0.0-20240719175910-8a7402abbf56 h1:2dVuKD2vS7b0QIHQbpyTISPd0LeHDbnYEryqj5Q1ug8=
-golang.org/x/exp v0.0.0-20240719175910-8a7402abbf56/go.mod h1:M4RDyNAINzryxdtnbRXRL/OHtkFuWGRjvuhBJpk2IlY=
-golang.org/x/lint v0.0.0-20181026193005-c67002cb31c3/go.mod h1:UVdnD1Gm6xHRNCYTkRU2/jEulfH38KcIWyp/GAMgvoE=
-golang.org/x/lint v0.0.0-20190227174305-5b3e6a55c961/go.mod h1:wehouNa3lNwaWXcvxsM5YxQ5yQlVC4a0KAMCusXpPoU=
-golang.org/x/lint v0.0.0-20190313153728-d0100b6bd8b3/go.mod h1:6SW0HCj/g11FgYtHlgUYUwCkIfeOF89ocIRzGO/8vkc=
+golang.org/x/crypto v0.0.0-20210921155107-089bfa567519/go.mod h1:GvvjBRRGRdwPK5ydBHafDWAxML/pGHZbMvKqRZ5+Abc=
+golang.org/x/crypto v0.13.0/go.mod h1:y6Z2r+Rw4iayiXXAIxJIDAJ1zMW4yaTpebo8fPOliYc=
+golang.org/x/crypto v0.19.0/go.mod h1:Iy9bg/ha4yyC70EfRS8jz+B6ybOBKMaSxLj6P6oBDfU=
+golang.org/x/crypto v0.22.0/go.mod h1:vr6Su+7cTlO45qkww3VDJlzDn0ctJvRgYbC2NvXHt+M=
+golang.org/x/crypto v0.23.0/go.mod h1:CKFgDieR+mRhux2Lsu27y0fO304Db0wZe70UKqHu0v8=
+golang.org/x/crypto v0.33.0/go.mod h1:bVdXmD7IV/4GdElGPozy6U7lWdRXA4qyRVGJV57uQ5M=
+golang.org/x/crypto v0.41.0 h1:WKYxWedPGCTVVl5+WHSSrOBT0O8lx32+zxmHxijgXp4=
+golang.org/x/crypto v0.41.0/go.mod h1:pO5AFd7FA68rFak7rOAGVuygIISepHftHnr8dr6+sUc=
 golang.org/x/mod v0.2.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA=
 golang.org/x/mod v0.3.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA=
-golang.org/x/net v0.0.0-20180724234803-3673e40ba225/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4=
-golang.org/x/net v0.0.0-20180826012351-8a410e7b638d/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4=
-golang.org/x/net v0.0.0-20190213061140-3a22650c66bd/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4=
-golang.org/x/net v0.0.0-20190311183353-d8887717615a/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg=
+golang.org/x/mod v0.6.0-dev.0.20220419223038-86c51ed26bb4/go.mod h1:jJ57K6gSWd91VN4djpZkiMVwK6gcyfeH4XE8wZrZaV4=
+golang.org/x/mod v0.8.0/go.mod h1:iBbtSCu2XBx23ZKBPSOrRkjjQPZFPuis4dIYUhu/chs=
+golang.org/x/mod v0.12.0/go.mod h1:iBbtSCu2XBx23ZKBPSOrRkjjQPZFPuis4dIYUhu/chs=
+golang.org/x/mod v0.15.0/go.mod h1:hTbmBsO62+eylJbnUtE2MGJUyE7QWk4xUqPFrRgJ+7c=
+golang.org/x/mod v0.17.0/go.mod h1:hTbmBsO62+eylJbnUtE2MGJUyE7QWk4xUqPFrRgJ+7c=
 golang.org/x/net v0.0.0-20190404232315-eb5bcb51f2a3/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg=
 golang.org/x/net v0.0.0-20190620200207-3b0461eec859/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s=
 golang.org/x/net v0.0.0-20200226121028-0de0cce0169b/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s=
 golang.org/x/net v0.0.0-20201021035429-f5854403a974/go.mod h1:sp8m0HH+o8qH0wwXwYZr8TS3Oi6o0r6Gce1SSxlDquU=
-golang.org/x/net v0.29.0 h1:5ORfpBpCs4HzDYoodCDBbwHzdR5UrLBZ3sOnUJmFoHo=
-golang.org/x/net v0.29.0/go.mod h1:gLkgy8jTGERgjzMic6DS9+SP0ajcu6Xu3Orq/SpETg0=
-golang.org/x/oauth2 v0.0.0-20180821212333-d2e6202438be/go.mod h1:N/0e6XlmueqKjAGxoOufVs8QHGRruUQn6yWY3a++T0U=
-golang.org/x/oauth2 v0.21.0 h1:tsimM75w1tF/uws5rbeHzIWxEqElMehnc+iW793zsZs=
-golang.org/x/oauth2 v0.21.0/go.mod h1:XYTD2NtWslqkgxebSiOHnXEap4TF09sJSc7H1sXbhtI=
-golang.org/x/sync v0.0.0-20180314180146-1d60e4601c6f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
-golang.org/x/sync v0.0.0-20181108010431-42b317875d0f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
+golang.org/x/net v0.0.0-20210226172049-e18ecbb05110/go.mod h1:m0MpNAwzfU5UDzcl9v0D8zg8gWTRqZa9RBIspLL5mdg=
+golang.org/x/net v0.0.0-20220722155237-a158d28d115b/go.mod h1:XRhObCWvk6IyKnWLug+ECip1KBveYUHfp+8e9klMJ9c=
+golang.org/x/net v0.6.0/go.mod h1:2Tu9+aMcznHK/AK1HMvgo6xiTLG5rD5rZLDS+rp2Bjs=
+golang.org/x/net v0.10.0/go.mod h1:0qNGK6F8kojg2nk9dLZ2mShWaEBan6FAoqfSigmmuDg=
+golang.org/x/net v0.15.0/go.mod h1:idbUs1IY1+zTqbi8yxTbhexhEEk5ur9LInksu6HrEpk=
+golang.org/x/net v0.21.0/go.mod h1:bIjVDfnllIU7BJ2DNgfnXvpSvtn8VRwhlsaeUTyUS44=
+golang.org/x/net v0.25.0/go.mod h1:JkAGAh7GEvH74S6FOH42FLoXpXbE/aqXSrIQjXgsiwM=
+golang.org/x/net v0.43.0 h1:lat02VYK2j4aLzMzecihNvTlJNQUq316m2Mr9rnM6YE=
+golang.org/x/net v0.43.0/go.mod h1:vhO1fvI4dGsIjh73sWfUVjj3N7CA9WkKJNQm2svM6Jg=
+golang.org/x/oauth2 v0.30.0 h1:dnDm7JmhM45NNpd8FDDeLhK6FwqbOf4MLCM9zb1BOHI=
+golang.org/x/oauth2 v0.30.0/go.mod h1:B++QgG3ZKulg6sRPGD/mqlHQs5rB3Ml9erfeDY7xKlU=
 golang.org/x/sync v0.0.0-20190423024810-112230192c58/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
 golang.org/x/sync v0.0.0-20190911185100-cd5d95a43a6e/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
 golang.org/x/sync v0.0.0-20201020160332-67f06af15bc9/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
-golang.org/x/sync v0.8.0 h1:3NFvSEYkUoMifnESzZl15y791HH1qU2xm6eCJU5ZPXQ=
-golang.org/x/sync v0.8.0/go.mod h1:Czt+wKu1gCyEFDUtn0jG5QVvpJ6rzVqr5aXyt9drQfk=
-golang.org/x/sys v0.0.0-20180830151530-49385e6e1522/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
+golang.org/x/sync v0.0.0-20220722155255-886fb9371eb4/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
+golang.org/x/sync v0.1.0/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
+golang.org/x/sync v0.3.0/go.mod h1:FU7BRWz2tNW+3quACPkgCx/L+uEAv1htQ0V83Z9Rj+Y=
+golang.org/x/sync v0.6.0/go.mod h1:Czt+wKu1gCyEFDUtn0jG5QVvpJ6rzVqr5aXyt9drQfk=
+golang.org/x/sync v0.7.0/go.mod h1:Czt+wKu1gCyEFDUtn0jG5QVvpJ6rzVqr5aXyt9drQfk=
+golang.org/x/sync v0.11.0/go.mod h1:Czt+wKu1gCyEFDUtn0jG5QVvpJ6rzVqr5aXyt9drQfk=
+golang.org/x/sync v0.17.0 h1:l60nONMj9l5drqw6jlhIELNv9I0A4OFgRsG9k2oT9Ug=
+golang.org/x/sync v0.17.0/go.mod h1:9KTHXmSnoGruLpwFjVSX0lNNA75CykiMECbovNTZqGI=
 golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
 golang.org/x/sys v0.0.0-20190412213103-97732733099d/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
 golang.org/x/sys v0.0.0-20200930185726-fdedc70b468f/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
+golang.org/x/sys v0.0.0-20201119102817-f84b799fce68/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
 golang.org/x/sys v0.0.0-20210615035016-665e8c7367d1/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
 golang.org/x/sys v0.0.0-20210616094352-59db8d763f22/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
-golang.org/x/sys v0.0.0-20220715151400-c0bba94af5f8/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
+golang.org/x/sys v0.0.0-20220520151302-bc2c85ada10a/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
+golang.org/x/sys v0.0.0-20220722155257-8c9f86f7a55f/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
+golang.org/x/sys v0.5.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
 golang.org/x/sys v0.8.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
-golang.org/x/sys v0.25.0 h1:r+8e+loiHxRqhXVl6ML1nO3l1+oFoWbnlu2Ehimmi34=
-golang.org/x/sys v0.25.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA=
-golang.org/x/term v0.0.0-20220526004731-065cf7ba2467/go.mod h1:jbD1KX2456YbFQfuXm/mYQcufACuNUgVhRMnK/tPxf8=
-golang.org/x/term v0.24.0 h1:Mh5cbb+Zk2hqqXNO7S1iTjEphVL+jb8ZWaqh/g+JWkM=
-golang.org/x/term v0.24.0/go.mod h1:lOBK/LVxemqiMij05LGJ0tzNr8xlmwBRJ81PX6wVLH8=
+golang.org/x/sys v0.12.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
+golang.org/x/sys v0.17.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA=
+golang.org/x/sys v0.19.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA=
+golang.org/x/sys v0.20.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA=
+golang.org/x/sys v0.30.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA=
+golang.org/x/sys v0.35.0 h1:vz1N37gP5bs89s7He8XuIYXpyY0+QlsKmzipCbUtyxI=
+golang.org/x/sys v0.35.0/go.mod h1:BJP2sWEmIv4KK5OTEluFJCKSidICx8ciO85XgH3Ak8k=
+golang.org/x/telemetry v0.0.0-20240228155512-f48c80bd79b2/go.mod h1:TeRTkGYfJXctD9OcfyVLyj2J3IxLnKwHJR8f4D8a3YE=
+golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo=
+golang.org/x/term v0.0.0-20210927222741-03fcf44c2211/go.mod h1:jbD1KX2456YbFQfuXm/mYQcufACuNUgVhRMnK/tPxf8=
+golang.org/x/term v0.5.0/go.mod h1:jMB1sMXY+tzblOD4FWmEbocvup2/aLOaQEp7JmGp78k=
+golang.org/x/term v0.8.0/go.mod h1:xPskH00ivmX89bAKVGSKKtLOWNx2+17Eiy94tnKShWo=
+golang.org/x/term v0.12.0/go.mod h1:owVbMEjm3cBLCHdkQu9b1opXd4ETQWc3BhuQGKgXgvU=
+golang.org/x/term v0.17.0/go.mod h1:lLRBjIVuehSbZlaOtGMbcMncT+aqLLLmKrsjNrUguwk=
+golang.org/x/term v0.19.0/go.mod h1:2CuTdWZ7KHSQwUzKva0cbMg6q2DMI3Mmxp+gKJbskEk=
+golang.org/x/term v0.20.0/go.mod h1:8UkIAJTvZgivsXaD6/pH6U9ecQzZ45awqEOzuCvwpFY=
+golang.org/x/term v0.29.0/go.mod h1:6bl4lRlvVuDgSf3179VpIxBF0o10JUpXWOnI7nErv7s=
+golang.org/x/term v0.34.0 h1:O/2T7POpk0ZZ7MAzMeWFSg6S5IpWd/RXDlM9hgM3DR4=
+golang.org/x/term v0.34.0/go.mod h1:5jC53AEywhIVebHgPVeg0mj8OD3VO9OzclacVrqpaAw=
 golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
 golang.org/x/text v0.3.3/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ=
-golang.org/x/text v0.19.0 h1:kTxAhCbGbxhK0IwgSKiMO5awPoDQ0RpfiVYBfK860YM=
-golang.org/x/text v0.19.0/go.mod h1:BuEKDfySbSR4drPmRPG/7iBdf8hvFMuRexcpahXilzY=
-golang.org/x/time v0.3.0 h1:rg5rLMjNzMS1RkNLzCG38eapWhnYLFYXDXj2gOlr8j4=
-golang.org/x/time v0.3.0/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ=
+golang.org/x/text v0.3.7/go.mod h1:u+2+/6zg+i71rQMx5EYifcz6MCKuco9NR6JIITiCfzQ=
+golang.org/x/text v0.7.0/go.mod h1:mrYo+phRRbMaCq/xk9113O4dZlRixOauAjOtrjsXDZ8=
+golang.org/x/text v0.9.0/go.mod h1:e1OnstbJyHTd6l/uOt8jFFHp6TRDWZR/bV3emEE/zU8=
+golang.org/x/text v0.13.0/go.mod h1:TvPlkZtksWOMsz7fbANvkp4WM8x/WCo/om8BMLbz+aE=
+golang.org/x/text v0.14.0/go.mod h1:18ZOQIKpY8NJVqYksKHtTdi31H5itFRjB5/qKTNYzSU=
+golang.org/x/text v0.15.0/go.mod h1:18ZOQIKpY8NJVqYksKHtTdi31H5itFRjB5/qKTNYzSU=
+golang.org/x/text v0.22.0/go.mod h1:YRoo4H8PVmsu+E3Ou7cqLVH8oXWIHVoX0jqUWALQhfY=
+golang.org/x/text v0.29.0 h1:1neNs90w9YzJ9BocxfsQNHKuAT4pkghyXc4nhZ6sJvk=
+golang.org/x/text v0.29.0/go.mod h1:7MhJOA9CD2qZyOKYazxdYMF85OwPdEr9jTtBpO7ydH4=
+golang.org/x/time v0.12.0 h1:ScB/8o8olJvc+CQPWrK3fPZNfh7qgwCrY0zJmoEQLSE=
+golang.org/x/time v0.12.0/go.mod h1:CDIdPxbZBQxdj6cxyCIdrNogrJKMJ7pr37NYpMcMDSg=
 golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ=
-golang.org/x/tools v0.0.0-20190114222345-bf090417da8b/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ=
-golang.org/x/tools v0.0.0-20190226205152-f727befe758c/go.mod h1:9Yl7xja0Znq3iFh3HoIrodX9oNMXvdceNzlUR8zjMvY=
-golang.org/x/tools v0.0.0-20190311212946-11955173bddd/go.mod h1:LCzVGOaR6xXOjkQ3onu1FJEFr0SW1gC7cKk1uF8kGRs=
-golang.org/x/tools v0.0.0-20190524140312-2c0ae7006135/go.mod h1:RgjU9mgBXZiqYHBnxXauZ1Gv1EHHAz9KjViQ78xBX0Q=
 golang.org/x/tools v0.0.0-20191119224855-298f0cb1881e/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo=
 golang.org/x/tools v0.0.0-20200619180055-7c47624df98f/go.mod h1:EkVYQZoAsY45+roYkvgYkIh4xh/qjgUK9TdY2XT94GE=
 golang.org/x/tools v0.0.0-20210106214847-113979e3529a/go.mod h1:emZCQorbCU4vsT4fOWvOPXz4eW1wZW4PmDk9uLelYpA=
-golang.org/x/tools v0.24.0 h1:J1shsA93PJUEVaUSaay7UXAyE8aimq3GW0pjlolpa24=
-golang.org/x/tools v0.24.0/go.mod h1:YhNqVBIfWHdzvTLs0d8LCuMhkKUgSUKldakyV7W/WDQ=
+golang.org/x/tools v0.1.12/go.mod h1:hNGJHUnrk76NpqgfD5Aqm5Crs+Hm0VOH/i9J2+nxYbc=
+golang.org/x/tools v0.6.0/go.mod h1:Xwgl3UAJ/d3gWutnCtw505GrjyAbvKui8lOU390QaIU=
+golang.org/x/tools v0.13.0/go.mod h1:HvlwmtVNQAhOuCjW7xxvovg8wbNq7LwfXh/k7wXUl58=
+golang.org/x/tools v0.21.1-0.20240508182429-e35e4ccd0d2d/go.mod h1:aiJjzUbINMkxbQROHiO6hDPo2LHcIPhhQsa9DLh0yGk=
+golang.org/x/tools v0.36.0 h1:kWS0uv/zsvHEle1LbV5LE8QujrxB3wfQyxHfhOk0Qkg=
+golang.org/x/tools v0.36.0/go.mod h1:WBDiHKJK8YgLHlcQPYQzNCkUxUypCaa5ZegCVutKm+s=
 golang.org/x/xerrors v0.0.0-20190717185122-a985d3407aa7/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
 golang.org/x/xerrors v0.0.0-20191011141410-1b5146add898/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
 golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
 golang.org/x/xerrors v0.0.0-20200804184101-5ec99f83aff1/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
-gomodules.xyz/jsonpatch/v2 v2.4.0 h1:Ci3iUJyx9UeRx7CeFN8ARgGbkESwJK+KB9lLcWxY/Zw=
-gomodules.xyz/jsonpatch/v2 v2.4.0/go.mod h1:AH3dM2RI6uoBZxn3LVrfvJ3E0/9dG4cSrbuBJT4moAY=
-google.golang.org/appengine v1.1.0/go.mod h1:EbEs0AVv82hx2wNQdGPgUI5lhzA/G0D9YwlJXL52JkM=
-google.golang.org/appengine v1.4.0/go.mod h1:xpcJRLb0r/rnEns0DIKYYv+WjYCduHsrkT7/EB5XEv4=
-google.golang.org/genproto v0.0.0-20180817151627-c66870c02cf8/go.mod h1:JiN7NxoALGmiZfu7CAH4rXhgtRTLTxftemlI0sWmxmc=
-google.golang.org/genproto v0.0.0-20190819201941-24fa4b261c55/go.mod h1:DMBHOl98Agz4BDEuKkezgsaosCRResVns1a3J2ZsMNc=
-google.golang.org/genproto v0.0.0-20200526211855-cb27e3aa2013/go.mod h1:NbSheEEYHJ7i3ixzK3sjbqSGDJWnxyFXZblF3eUsNvo=
-google.golang.org/grpc v1.19.0/go.mod h1:mqu4LbDTu4XGKhr4mRzUsmM4RtVoemTSY81AxZiDr8c=
-google.golang.org/grpc v1.23.0/go.mod h1:Y5yQAOtifL1yxbo5wqy6BxZv8vAUGQwXBOALyacEbxg=
-google.golang.org/grpc v1.27.0/go.mod h1:qbnxyOmOxrQa7FizSgH+ReBfzJrCY1pSN7KXBS8abTk=
-google.golang.org/protobuf v0.0.0-20200109180630-ec00e32a8dfd/go.mod h1:DFci5gLYBciE7Vtevhsrf46CRTquxDuWsQurQQe4oz8=
-google.golang.org/protobuf v0.0.0-20200221191635-4d8936d0db64/go.mod h1:kwYJMbMJ01Woi6D6+Kah6886xMZcty6N08ah7+eCXa0=
-google.golang.org/protobuf v0.0.0-20200228230310-ab0ca4ff8a60/go.mod h1:cfTl7dwQJ+fmap5saPgwCLgHXTUD7jkjRqWcaiX5VyM=
-google.golang.org/protobuf v1.20.1-0.20200309200217-e05f789c0967/go.mod h1:A+miEFZTKqfCUM6K7xSMQL9OKL/b6hQv+e19PK+JZNE=
-google.golang.org/protobuf v1.21.0/go.mod h1:47Nbq4nVaFHyn7ilMalzfO3qCViNmqZ2kzikPIcrTAo=
-google.golang.org/protobuf v1.22.0/go.mod h1:EGpADcykh3NcUnDUJcl1+ZksZNG86OlYog2l/sGQquU=
-google.golang.org/protobuf v1.23.1-0.20200526195155-81db48ad09cc/go.mod h1:EGpADcykh3NcUnDUJcl1+ZksZNG86OlYog2l/sGQquU=
-google.golang.org/protobuf v1.25.0/go.mod h1:9JNX74DMeImyA3h4bdi1ymwjUzf21/xIlbajtzgsN7c=
-google.golang.org/protobuf v1.34.2 h1:6xV6lTsCfpGD21XK49h7MhtcApnLqkfYgPcdHftf6hg=
-google.golang.org/protobuf v1.34.2/go.mod h1:qYOHts0dSfpeUzUFpOMr/WGzszTmLH+DiWniOlNbLDw=
+gomodules.xyz/jsonpatch/v2 v2.5.0 h1:JELs8RLM12qJGXU4u/TO3V25KW8GreMKl9pdkk14RM0=
+gomodules.xyz/jsonpatch/v2 v2.5.0/go.mod h1:AH3dM2RI6uoBZxn3LVrfvJ3E0/9dG4cSrbuBJT4moAY=
+google.golang.org/protobuf v1.36.8 h1:xHScyCOEuuwZEc6UtSOvPbAT4zRh0xcNRYekJwfqyMc=
+google.golang.org/protobuf v1.36.8/go.mod h1:fuxRtAxBytpl4zzqUh6/eyUujkJdNiuEkXntxiD/uRU=
 gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
 gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c h1:Hei/4ADfdWqJk1ZMxUNpqntNwaWcugrBjAiHlqqRiVk=
 gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c/go.mod h1:JHkPIbrfpd72SG/EVd6muEfDQjcINNoR0C8j2r3qZ4Q=
-gopkg.in/evanphx/json-patch.v4 v4.12.0 h1:n6jtcsulIzXPJaxegRbvFNNrZDjbij7ny3gmSPG+6V4=
-gopkg.in/evanphx/json-patch.v4 v4.12.0/go.mod h1:p8EYWUEYMpynmqDbY58zCKCFZw8pRWMG4EsWvDvM72M=
+gopkg.in/evanphx/json-patch.v4 v4.13.0 h1:czT3CmqEaQ1aanPc5SdlgQrrEIb8w/wwCvWWnfEbYzo=
+gopkg.in/evanphx/json-patch.v4 v4.13.0/go.mod h1:p8EYWUEYMpynmqDbY58zCKCFZw8pRWMG4EsWvDvM72M=
 gopkg.in/inf.v0 v0.9.1 h1:73M5CoZyi3ZLMOyDlQh031Cx6N9NDJ2Vvfl76EDAgDc=
 gopkg.in/inf.v0 v0.9.1/go.mod h1:cWUDdTG/fYaXco+Dcufb5Vnc6Gp2YChqWtbxRZE0mXw=
-gopkg.in/yaml.v2 v2.2.8/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI=
 gopkg.in/yaml.v2 v2.4.0 h1:D8xgwECY7CYvx+Y2n4sBz93Jn9JRvxdiyyo8CTfuKaY=
 gopkg.in/yaml.v2 v2.4.0/go.mod h1:RDklbk79AGWmwhnvt/jBztapEOGDOx6ZbXqjP6csGnQ=
 gopkg.in/yaml.v3 v3.0.0-20200313102051-9f266ea9e77c/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=
 gopkg.in/yaml.v3 v3.0.1 h1:fxVm/GzAzEWqLHuvctI91KS9hhNmmWOoWu0XTYJS7CA=
 gopkg.in/yaml.v3 v3.0.1/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=
-honnef.co/go/tools v0.0.0-20190102054323-c2f93a96b099/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4=
-honnef.co/go/tools v0.0.0-20190523083050-ea95bdfd59fc/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4=
-k8s.io/api v0.31.3 h1:umzm5o8lFbdN/hIXbrK9oRpOproJO62CV1zqxXrLgk8=
-k8s.io/api v0.31.3/go.mod h1:UJrkIp9pnMOI9K2nlL6vwpxRzzEX5sWgn8kGQe92kCE=
-k8s.io/apiextensions-apiserver v0.31.2 h1:W8EwUb8+WXBLu56ser5IudT2cOho0gAKeTOnywBLxd0=
-k8s.io/apiextensions-apiserver v0.31.2/go.mod h1:i+Geh+nGCJEGiCGR3MlBDkS7koHIIKWVfWeRFiOsUcM=
-k8s.io/apimachinery v0.31.3 h1:6l0WhcYgasZ/wk9ktLq5vLaoXJJr5ts6lkaQzgeYPq4=
-k8s.io/apimachinery v0.31.3/go.mod h1:rsPdaZJfTfLsNJSQzNHQvYoTmxhoOEofxtOsF3rtsMo=
-k8s.io/cli-runtime v0.31.3 h1:fEQD9Xokir78y7pVK/fCJN090/iYNrLHpFbGU4ul9TI=
-k8s.io/cli-runtime v0.31.3/go.mod h1:Q2jkyTpl+f6AtodQvgDI8io3jrfr+Z0LyQBPJJ2Btq8=
-k8s.io/client-go v0.31.3 h1:CAlZuM+PH2cm+86LOBemaJI/lQ5linJ6UFxKX/SoG+4=
-k8s.io/client-go v0.31.3/go.mod h1:2CgjPUTpv3fE5dNygAr2NcM8nhHzXvxB8KL5gYc3kJs=
-k8s.io/component-base v0.31.3 h1:DMCXXVx546Rfvhj+3cOm2EUxhS+EyztH423j+8sOwhQ=
-k8s.io/component-base v0.31.3/go.mod h1:xME6BHfUOafRgT0rGVBGl7TuSg8Z9/deT7qq6w7qjIU=
+k8s.io/api v0.34.1 h1:jC+153630BMdlFukegoEL8E/yT7aLyQkIVuwhmwDgJM=
+k8s.io/api v0.34.1/go.mod h1:SB80FxFtXn5/gwzCoN6QCtPD7Vbu5w2n1S0J5gFfTYk=
+k8s.io/apiextensions-apiserver v0.34.0 h1:B3hiB32jV7BcyKcMU5fDaDxk882YrJ1KU+ZSkA9Qxoc=
+k8s.io/apiextensions-apiserver v0.34.0/go.mod h1:hLI4GxE1BDBy9adJKxUxCEHBGZtGfIg98Q+JmTD7+g0=
+k8s.io/apimachinery v0.34.1 h1:dTlxFls/eikpJxmAC7MVE8oOeP1zryV7iRyIjB0gky4=
+k8s.io/apimachinery v0.34.1/go.mod h1:/GwIlEcWuTX9zKIg2mbw0LRFIsXwrfoVxn+ef0X13lw=
+k8s.io/cli-runtime v0.34.1 h1:btlgAgTrYd4sk8vJTRG6zVtqBKt9ZMDeQZo2PIzbL7M=
+k8s.io/cli-runtime v0.34.1/go.mod h1:aVA65c+f0MZiMUPbseU/M9l1Wo2byeaGwUuQEQVVveE=
+k8s.io/client-go v0.34.1 h1:ZUPJKgXsnKwVwmKKdPfw4tB58+7/Ik3CrjOEhsiZ7mY=
+k8s.io/client-go v0.34.1/go.mod h1:kA8v0FP+tk6sZA0yKLRG67LWjqufAoSHA2xVGKw9Of8=
+k8s.io/component-base v0.34.1 h1:v7xFgG+ONhytZNFpIz5/kecwD+sUhVE6HU7qQUiRM4A=
+k8s.io/component-base v0.34.1/go.mod h1:mknCpLlTSKHzAQJJnnHVKqjxR7gBeHRv0rPXA7gdtQ0=
+k8s.io/component-helpers v0.34.1 h1:gWhH3CCdwAx5P3oJqZKb4Lg5FYZTWVbdWtOI8n9U4XY=
+k8s.io/component-helpers v0.34.1/go.mod h1:4VgnUH7UA/shuBur+OWoQC0xfb69sy/93ss0ybZqm3c=
 k8s.io/klog/v2 v2.130.1 h1:n9Xl7H1Xvksem4KFG4PYbdQCQxqc/tTUyrgXaOhHSzk=
 k8s.io/klog/v2 v2.130.1/go.mod h1:3Jpz1GvMt720eyJH1ckRHK1EDfpxISzJ7I9OYgaDtPE=
-k8s.io/kube-openapi v0.0.0-20240228011516-70dd3763d340 h1:BZqlfIlq5YbRMFko6/PM7FjZpUb45WallggurYhKGag=
-k8s.io/kube-openapi v0.0.0-20240228011516-70dd3763d340/go.mod h1:yD4MZYeKMBwQKVht279WycxKyM84kkAx2DPrTXaeb98=
-k8s.io/kubectl v0.31.3 h1:3r111pCjPsvnR98oLLxDMwAeM6OPGmPty6gSKaLTQes=
-k8s.io/kubectl v0.31.3/go.mod h1:lhMECDCbJN8He12qcKqs2QfmVo9Pue30geovBVpH5fs=
-k8s.io/utils v0.0.0-20240902221715-702e33fdd3c3 h1:b2FmK8YH+QEwq/Sy2uAEhmqL5nPfGYbJOcaqjeYYZoA=
-k8s.io/utils v0.0.0-20240902221715-702e33fdd3c3/go.mod h1:OLgZIPagt7ERELqWJFomSt595RzquPNLL48iOWgYOg0=
-sigs.k8s.io/controller-runtime v0.19.3 h1:XO2GvC9OPftRst6xWCpTgBZO04S2cbp0Qqkj8bX1sPw=
-sigs.k8s.io/controller-runtime v0.19.3/go.mod h1:j4j87DqtsThvwTv5/Tc5NFRyyF/RF0ip4+62tbTSIUM=
-sigs.k8s.io/json v0.0.0-20221116044647-bc3834ca7abd h1:EDPBXCAspyGV4jQlpZSudPeMmr1bNJefnuqLsRAsHZo=
-sigs.k8s.io/json v0.0.0-20221116044647-bc3834ca7abd/go.mod h1:B8JuhiUyNFVKdsE8h686QcCxMaH6HrOAZj4vswFpcB0=
-sigs.k8s.io/kustomize/api v0.17.2 h1:E7/Fjk7V5fboiuijoZHgs4aHuexi5Y2loXlVOAVAG5g=
-sigs.k8s.io/kustomize/api v0.17.2/go.mod h1:UWTz9Ct+MvoeQsHcJ5e+vziRRkwimm3HytpZgIYqye0=
-sigs.k8s.io/kustomize/kyaml v0.17.1 h1:TnxYQxFXzbmNG6gOINgGWQt09GghzgTP6mIurOgrLCQ=
-sigs.k8s.io/kustomize/kyaml v0.17.1/go.mod h1:9V0mCjIEYjlXuCdYsSXvyoy2BTsLESH7TlGV81S282U=
-sigs.k8s.io/structured-merge-diff/v4 v4.4.1 h1:150L+0vs/8DA78h1u02ooW1/fFq/Lwr+sGiqlzvrtq4=
-sigs.k8s.io/structured-merge-diff/v4 v4.4.1/go.mod h1:N8hJocpFajUSSeSJ9bOZ77VzejKZaXsTtZo4/u7Io08=
-sigs.k8s.io/yaml v1.4.0 h1:Mk1wCc2gy/F0THH0TAp1QYyJNzRm2KCLy3o5ASXVI5E=
-sigs.k8s.io/yaml v1.4.0/go.mod h1:Ejl7/uTz7PSA4eKMyQCUTnhZYNmLIl+5c2lQPGR2BPY=
+k8s.io/kube-openapi v0.0.0-20250902184714-7fc278399c7f h1:wyRlmLgBSXi3kgawro8klrMRljXeRo1HFkQRs+meYfs=
+k8s.io/kube-openapi v0.0.0-20250902184714-7fc278399c7f/go.mod h1:kdmbQkyfwUagLfXIad1y2TdrjPFWp2Q89B3qkRwf/pQ=
+k8s.io/kubectl v0.34.1 h1:1qP1oqT5Xc93K+H8J7ecpBjaz511gan89KO9Vbsh/OI=
+k8s.io/kubectl v0.34.1/go.mod h1:JRYlhJpGPyk3dEmJ+BuBiOB9/dAvnrALJEiY/C5qa6A=
+k8s.io/utils v0.0.0-20250604170112-4c0f3b243397 h1:hwvWFiBzdWw1FhfY1FooPn3kzWuJ8tmbZBHi4zVsl1Y=
+k8s.io/utils v0.0.0-20250604170112-4c0f3b243397/go.mod h1:OLgZIPagt7ERELqWJFomSt595RzquPNLL48iOWgYOg0=
+sigs.k8s.io/controller-runtime v0.22.1 h1:Ah1T7I+0A7ize291nJZdS1CabF/lB4E++WizgV24Eqg=
+sigs.k8s.io/controller-runtime v0.22.1/go.mod h1:FwiwRjkRPbiN+zp2QRp7wlTCzbUXxZ/D4OzuQUDwBHY=
+sigs.k8s.io/json v0.0.0-20250730193827-2d320260d730 h1:IpInykpT6ceI+QxKBbEflcR5EXP7sU1kvOlxwZh5txg=
+sigs.k8s.io/json v0.0.0-20250730193827-2d320260d730/go.mod h1:mdzfpAEoE6DHQEN0uh9ZbOCuHbLK5wOm7dK4ctXE9Tg=
+sigs.k8s.io/kustomize/api v0.20.1 h1:iWP1Ydh3/lmldBnH/S5RXgT98vWYMaTUL1ADcr+Sv7I=
+sigs.k8s.io/kustomize/api v0.20.1/go.mod h1:t6hUFxO+Ph0VxIk1sKp1WS0dOjbPCtLJ4p8aADLwqjM=
+sigs.k8s.io/kustomize/kyaml v0.20.1 h1:PCMnA2mrVbRP3NIB6v9kYCAc38uvFLVs8j/CD567A78=
+sigs.k8s.io/kustomize/kyaml v0.20.1/go.mod h1:0EmkQHRUsJxY8Ug9Niig1pUMSCGHxQ5RklbpV/Ri6po=
+sigs.k8s.io/randfill v1.0.0 h1:JfjMILfT8A6RbawdsK2JXGBR5AQVfd+9TbzrlneTyrU=
+sigs.k8s.io/randfill v1.0.0/go.mod h1:XeLlZ/jmk4i1HRopwe7/aU3H5n1zNUcX6TM94b3QxOY=
+sigs.k8s.io/structured-merge-diff/v6 v6.3.0 h1:jTijUJbW353oVOd9oTlifJqOGEkUw2jB/fXCbTiQEco=
+sigs.k8s.io/structured-merge-diff/v6 v6.3.0/go.mod h1:M3W8sfWvn2HhQDIbGWj3S099YozAsymCo/wrT5ohRUE=
+sigs.k8s.io/yaml v1.6.0 h1:G8fkbMSAFqgEFgh4b1wmtzDnioxFCUgTZhlbj5P9QYs=
+sigs.k8s.io/yaml v1.6.0/go.mod h1:796bPqUfzR/0jLAl6XjHl3Ck7MiyVv8dbTdyT3/pMf4=
diff --git a/main.go b/main.go
index ee9992b7..e717978a 100644
--- a/main.go
+++ b/main.go
@@ -55,10 +55,13 @@ import (
 	clientgoscheme "k8s.io/client-go/kubernetes/scheme"
 	_ "k8s.io/client-go/plugin/pkg/client/auth/gcp"
 	"k8s.io/client-go/rest"
+	"k8s.io/client-go/tools/record"
 	ctrl "sigs.k8s.io/controller-runtime"
 	"sigs.k8s.io/controller-runtime/pkg/cache"
 	"sigs.k8s.io/controller-runtime/pkg/client"
+
 	"sigs.k8s.io/controller-runtime/pkg/log/zap"
+	ctrlzap "sigs.k8s.io/controller-runtime/pkg/log/zap"
 	metricsserver "sigs.k8s.io/controller-runtime/pkg/metrics/server"
 
 	databasev1alpha1 "github.com/oracle/oracle-database-operator/apis/database/v1alpha1"
@@ -99,13 +102,12 @@ func main() {
 	flag.Parse()
 
 	// Initialize new logger Opts
-	options := &zap.Options{
+	options := &ctrlzap.Options{
 		Development: true,
 		TimeEncoder: zapcore.RFC3339TimeEncoder,
 	}
 
 	ctrl.SetLogger(zap.New(func(o *zap.Options) { *o = *options }))
-
 	watchNamespaces, err := getWatchNamespace()
 	if err != nil {
 		setupLog.Error(err, "Failed to get watch namespaces")
@@ -122,6 +124,10 @@ func main() {
 			opts.DefaultNamespaces = watchNamespaces
 			return cache.New(config, opts)
 		},
+		EventBroadcaster: record.NewBroadcasterWithCorrelatorOptions(record.CorrelatorOptions{
+			BurstSize: 10,
+			QPS:       1,
+		}),
 	}
 
 	mgr, err := ctrl.NewManager(ctrl.GetConfigOrDie(), opt)
@@ -210,6 +216,16 @@ func main() {
 		os.Exit(1)
 	}
 
+	if err = (&databasecontroller.OracleRestartReconciler{
+		Client: mgr.GetClient(),
+		Log:    ctrl.Log.WithName("controllers").WithName("OracleRestart"),
+		Scheme: mgr.GetScheme(),
+		Config: mgr.GetConfig(),
+	}).SetupWithManager(mgr); err != nil {
+		setupLog.Error(err, "unable to create controller", "controller", "OracleRestart")
+		os.Exit(1)
+	}
+
 	// Set RECONCILE_INTERVAL environment variable if you want to change the default value from 15 secs
 	interval := os.Getenv("RECONCILE_INTERVAL")
 	i, err := strconv.ParseInt(interval, 10, 64)
@@ -228,18 +244,10 @@ func main() {
 			setupLog.Error(err, "unable to create webhook", "webhook", "OracleRestDataService")
 			os.Exit(1)
 		}
-		if err = (&databasev4.PDB{}).SetupWebhookWithManager(mgr); err != nil {
-			setupLog.Error(err, "unable to create webhook", "webhook", "PDB")
-			os.Exit(1)
-		}
 		if err = (&databasev4.LRPDB{}).SetupWebhookWithManager(mgr); err != nil {
 			setupLog.Error(err, "unable to create webhook", "webhook", "LRPDB")
 			os.Exit(1)
 		}
-		if err = (&databasev4.CDB{}).SetupWebhookWithManager(mgr); err != nil {
-			setupLog.Error(err, "unable to create webhook", "webhook", "CDB")
-			os.Exit(1)
-		}
 		if err = (&databasev4.LREST{}).SetupWebhookWithManager(mgr); err != nil {
 			setupLog.Error(err, "unable to create webhook", "webhook", "LREST")
 			os.Exit(1)
@@ -312,18 +320,22 @@ func main() {
 			setupLog.Error(err, "unable to create webhook", "webhook", "DatabaseObserver")
 			os.Exit(1)
 		}
-	}
-
-	// PDB Reconciler
-	if err = (&databasecontroller.PDBReconciler{
-		Client:   mgr.GetClient(),
-		Scheme:   mgr.GetScheme(),
-		Log:      ctrl.Log.WithName("controllers").WithName("PDB"),
-		Interval: time.Duration(i),
-		Recorder: mgr.GetEventRecorderFor("PDB"),
-	}).SetupWithManager(mgr); err != nil {
-		setupLog.Error(err, "unable to create controller", "controller", "PDB")
-		os.Exit(1)
+		if err = (&databasev4.SingleInstanceDatabase{}).SetupWebhookWithManager(mgr); err != nil {
+			setupLog.Error(err, "unable to create webhook", "webhook", "SingleInstanceDatabase")
+			os.Exit(1)
+		}
+		if err = (&databasev4.DataguardBroker{}).SetupWebhookWithManager(mgr); err != nil {
+			setupLog.Error(err, "unable to create webhook", "webhook", "DataguardBroker")
+			os.Exit(1)
+		}
+		if err = (&databasev4.OracleRestDataService{}).SetupWebhookWithManager(mgr); err != nil {
+			setupLog.Error(err, "unable to create webhook", "webhook", "OracleRestDataService")
+			os.Exit(1)
+		}
+		if err = (&databasev4.OracleRestart{}).SetupWebhookWithManager(mgr); err != nil {
+			setupLog.Error(err, "unable to create webhook", "webhook", "OracleRestart")
+			os.Exit(1)
+		}
 	}
 
 	// LRPDBR Reconciler
@@ -338,19 +350,6 @@ func main() {
 		os.Exit(1)
 	}
 
-	// CDB Reconciler
-	if err = (&databasecontroller.CDBReconciler{
-		Client:   mgr.GetClient(),
-		Scheme:   mgr.GetScheme(),
-		Config:   mgr.GetConfig(),
-		Log:      ctrl.Log.WithName("controllers").WithName("CDB"),
-		Interval: time.Duration(i),
-		Recorder: mgr.GetEventRecorderFor("CDB"),
-	}).SetupWithManager(mgr); err != nil {
-		setupLog.Error(err, "unable to create controller", "controller", "CDB")
-		os.Exit(1)
-	}
-
 	// LREST Reconciler
 	if err = (&databasecontroller.LRESTReconciler{
 		Client:   mgr.GetClient(),
@@ -394,30 +393,8 @@ func main() {
 		setupLog.Error(err, "unable to create controller", "controller", "DatabaseObserver")
 		os.Exit(1)
 	}
-
-	if err = (&databasev4.SingleInstanceDatabase{}).SetupWebhookWithManager(mgr); err != nil {
-		setupLog.Error(err, "unable to create webhook", "webhook", "SingleInstanceDatabase")
-		os.Exit(1)
-	}
-	if err = (&databasev4.DataguardBroker{}).SetupWebhookWithManager(mgr); err != nil {
-		setupLog.Error(err, "unable to create webhook", "webhook", "DataguardBroker")
-		os.Exit(1)
-	}
-	if err = (&databasev4.OracleRestDataService{}).SetupWebhookWithManager(mgr); err != nil {
-		setupLog.Error(err, "unable to create webhook", "webhook", "OracleRestDataService")
-		os.Exit(1)
-	}
 	// +kubebuilder:scaffold:builder
 
-	// Add index for PDB CR to enable mgr to cache PDBs
-	indexFunc := func(obj client.Object) []string {
-		return []string{obj.(*databasev4.PDB).Spec.PDBName}
-	}
-	if err = cache.IndexField(context.TODO(), &databasev4.PDB{}, "spec.pdbName", indexFunc); err != nil {
-		setupLog.Error(err, "unable to create index function for ", "controller", "PDB")
-		os.Exit(1)
-	}
-
 	indexFunc2 := func(obj client.Object) []string {
 		return []string{obj.(*databasev4.LRPDB).Spec.LRPDBName}
 	}
diff --git a/oracle-database-operator.yaml b/oracle-database-operator.yaml
index 1179b272..98535d86 100644
--- a/oracle-database-operator.yaml
+++ b/oracle-database-operator.yaml
@@ -10,7 +10,7 @@ kind: CustomResourceDefinition
 metadata:
   annotations:
     cert-manager.io/inject-ca-from: oracle-database-operator-system/oracle-database-operator-serving-cert
-    controller-gen.kubebuilder.io/version: v0.16.5
+    controller-gen.kubebuilder.io/version: v0.17.3
   name: autonomouscontainerdatabases.database.oracle.com
 spec:
   conversion:
@@ -182,7 +182,7 @@ kind: CustomResourceDefinition
 metadata:
   annotations:
     cert-manager.io/inject-ca-from: oracle-database-operator-system/oracle-database-operator-serving-cert
-    controller-gen.kubebuilder.io/version: v0.16.5
+    controller-gen.kubebuilder.io/version: v0.17.3
   name: autonomousdatabasebackups.database.oracle.com
 spec:
   conversion:
@@ -253,14 +253,14 @@ spec:
                 type: integer
               target:
                 properties:
-                  k8sADB:
+                  k8sAdb:
                     properties:
                       name:
                         type: string
                     type: object
-                  ociADB:
+                  ociAdb:
                     properties:
-                      ocid:
+                      id:
                         type: string
                     type: object
                 type: object
@@ -344,14 +344,14 @@ spec:
                 type: integer
               target:
                 properties:
-                  k8sADB:
+                  k8sAdb:
                     properties:
                       name:
                         type: string
                     type: object
-                  ociADB:
+                  ociAdb:
                     properties:
-                      ocid:
+                      id:
                         type: string
                     type: object
                 type: object
@@ -396,7 +396,7 @@ kind: CustomResourceDefinition
 metadata:
   annotations:
     cert-manager.io/inject-ca-from: oracle-database-operator-system/oracle-database-operator-serving-cert
-    controller-gen.kubebuilder.io/version: v0.16.5
+    controller-gen.kubebuilder.io/version: v0.17.3
   name: autonomousdatabaserestores.database.oracle.com
 spec:
   conversion:
@@ -453,7 +453,7 @@ spec:
                 type: object
               source:
                 properties:
-                  k8sADBBackup:
+                  k8sAdbBackup:
                     properties:
                       name:
                         type: string
@@ -466,14 +466,14 @@ spec:
                 type: object
               target:
                 properties:
-                  k8sADB:
+                  k8sAdb:
                     properties:
                       name:
                         type: string
                     type: object
-                  ociADB:
+                  ociAdb:
                     properties:
-                      ocid:
+                      id:
                         type: string
                     type: object
                 type: object
@@ -539,7 +539,7 @@ spec:
                 type: object
               source:
                 properties:
-                  k8sADBBackup:
+                  k8sAdbBackup:
                     properties:
                       name:
                         type: string
@@ -552,14 +552,14 @@ spec:
                 type: object
               target:
                 properties:
-                  k8sADB:
+                  k8sAdb:
                     properties:
                       name:
                         type: string
                     type: object
-                  ociADB:
+                  ociAdb:
                     properties:
-                      ocid:
+                      id:
                         type: string
                     type: object
                 type: object
@@ -600,7 +600,7 @@ kind: CustomResourceDefinition
 metadata:
   annotations:
     cert-manager.io/inject-ca-from: oracle-database-operator-system/oracle-database-operator-serving-cert
-    controller-gen.kubebuilder.io/version: v0.16.5
+    controller-gen.kubebuilder.io/version: v0.17.3
   name: autonomousdatabases.database.oracle.com
 spec:
   conversion:
@@ -639,9 +639,9 @@ spec:
     - jsonPath: .spec.details.isDedicated
       name: Dedicated
       type: string
-    - jsonPath: .spec.details.cpuCoreCount
-      name: OCPUs
-      type: integer
+    - jsonPath: .spec.details.computeCount
+      name: Compute Count
+      type: number
     - jsonPath: .spec.details.dataStorageSizeInTBs
       name: Storage (TB)
       type: integer
@@ -673,6 +673,8 @@ spec:
                 - Start
                 - Terminate
                 - Clone
+                - Switchover
+                - Failover
                 type: string
               clone:
                 properties:
@@ -972,9 +974,9 @@ spec:
     - jsonPath: .spec.details.isDedicated
       name: Dedicated
       type: string
-    - jsonPath: .spec.details.cpuCoreCount
-      name: OCPUs
-      type: integer
+    - jsonPath: .spec.details.computeCount
+      name: Compute Count
+      type: number
     - jsonPath: .spec.details.dataStorageSizeInTBs
       name: Storage (TB)
       type: integer
@@ -1006,6 +1008,8 @@ spec:
                 - Start
                 - Terminate
                 - Clone
+                - Switchover
+                - Failover
                 type: string
               clone:
                 properties:
@@ -1298,47 +1302,31 @@ kind: CustomResourceDefinition
 metadata:
   annotations:
     cert-manager.io/inject-ca-from: oracle-database-operator-system/oracle-database-operator-serving-cert
-    controller-gen.kubebuilder.io/version: v0.16.5
-  name: cdbs.database.oracle.com
+    controller-gen.kubebuilder.io/version: v0.17.3
+  name: databaseobservers.observability.oracle.com
 spec:
-  group: database.oracle.com
+  group: observability.oracle.com
   names:
-    kind: CDB
-    listKind: CDBList
-    plural: cdbs
-    singular: cdb
+    kind: DatabaseObserver
+    listKind: DatabaseObserverList
+    plural: databaseobservers
+    shortNames:
+    - dbobserver
+    - dbobservers
+    singular: databaseobserver
   scope: Namespaced
   versions:
   - additionalPrinterColumns:
-    - description: Name of the CDB
-      jsonPath: .spec.cdbName
-      name: CDB Name
-      type: string
-    - description: ' Name of the DB Server'
-      jsonPath: .spec.dbServer
-      name: DB Server
+    - jsonPath: .status.metricsConfig
+      name: MetricsConfig
       type: string
-    - description: DB server port
-      jsonPath: .spec.dbPort
-      name: DB Port
-      type: integer
-    - description: Replicas
-      jsonPath: .spec.replicas
-      name: Replicas
-      type: integer
-    - description: Status of the CDB Resource
-      jsonPath: .status.phase
+    - jsonPath: .status.status
       name: Status
       type: string
-    - description: Error message, if any
-      jsonPath: .status.msg
-      name: Message
-      type: string
-    - description: ' string of the tnsalias'
-      jsonPath: .spec.dbTnsurl
-      name: TNS STRING
+    - jsonPath: .status.version
+      name: Version
       type: string
-    name: v1alpha1
+    name: v1
     schema:
       openAPIV3Schema:
         properties:
@@ -1350,808 +1338,554 @@ spec:
             type: object
           spec:
             properties:
-              cdbAdminPwd:
+              azureConfig:
                 properties:
-                  secret:
+                  configMap:
                     properties:
                       key:
                         type: string
-                      secretName:
+                      name:
                         type: string
-                    required:
-                    - key
-                    - secretName
                     type: object
-                required:
-                - secret
                 type: object
-              cdbAdminUser:
+              database:
                 properties:
-                  secret:
+                  azure:
                     properties:
-                      key:
+                      vaultID:
                         type: string
-                      secretName:
+                      vaultPasswordSecret:
+                        type: string
+                      vaultUsernameSecret:
                         type: string
-                    required:
-                    - key
-                    - secretName
                     type: object
-                required:
-                - secret
-                type: object
-              cdbName:
-                type: string
-              cdbOrdsPrvKey:
-                properties:
-                  secret:
+                  dbConnectionString:
                     properties:
+                      envName:
+                        type: string
                       key:
                         type: string
-                      secretName:
+                      secret:
                         type: string
-                    required:
-                    - key
-                    - secretName
                     type: object
-                required:
-                - secret
-                type: object
-              cdbOrdsPubKey:
-                properties:
-                  secret:
+                  dbPassword:
                     properties:
+                      envName:
+                        type: string
                       key:
                         type: string
-                      secretName:
+                      secret:
                         type: string
-                    required:
-                    - key
-                    - secretName
                     type: object
-                required:
-                - secret
-                type: object
-              cdbTlsCrt:
-                properties:
-                  secret:
+                  dbUser:
                     properties:
+                      envName:
+                        type: string
                       key:
                         type: string
-                      secretName:
+                      secret:
                         type: string
-                    required:
-                    - key
-                    - secretName
                     type: object
-                required:
-                - secret
-                type: object
-              cdbTlsKey:
-                properties:
-                  secret:
+                  oci:
                     properties:
-                      key:
+                      vaultID:
                         type: string
-                      secretName:
+                      vaultPasswordSecret:
                         type: string
-                    required:
-                    - key
-                    - secretName
                     type: object
-                required:
-                - secret
                 type: object
-              dbPort:
-                type: integer
-              dbServer:
-                type: string
-              dbTnsurl:
-                type: string
-              deletePdbCascade:
-                type: boolean
-              nodeSelector:
+              databases:
                 additionalProperties:
-                  type: string
+                  properties:
+                    dbConnectionString:
+                      properties:
+                        envName:
+                          type: string
+                        key:
+                          type: string
+                        secret:
+                          type: string
+                      type: object
+                    dbPassword:
+                      properties:
+                        envName:
+                          type: string
+                        key:
+                          type: string
+                        secret:
+                          type: string
+                      type: object
+                    dbUser:
+                      properties:
+                        envName:
+                          type: string
+                        key:
+                          type: string
+                        secret:
+                          type: string
+                      type: object
+                  type: object
                 type: object
-              ordsImage:
-                type: string
-              ordsImagePullPolicy:
-                enum:
-                - Always
-                - Never
-                type: string
-              ordsImagePullSecret:
-                type: string
-              ordsPort:
-                type: integer
-              ordsPwd:
+              deployment:
                 properties:
-                  secret:
-                    properties:
-                      key:
-                        type: string
-                      secretName:
-                        type: string
-                    required:
-                    - key
-                    - secretName
+                  args:
+                    items:
+                      type: string
+                    type: array
+                  commands:
+                    items:
+                      type: string
+                    type: array
+                  env:
+                    additionalProperties:
+                      type: string
                     type: object
-                required:
-                - secret
-                type: object
-              replicas:
-                type: integer
-              serviceName:
-                type: string
-              sysAdminPwd:
-                properties:
-                  secret:
-                    properties:
-                      key:
-                        type: string
-                      secretName:
-                        type: string
-                    required:
-                    - key
-                    - secretName
+                  image:
+                    type: string
+                  labels:
+                    additionalProperties:
+                      type: string
                     type: object
-                required:
-                - secret
-                type: object
-              webServerPwd:
-                properties:
-                  secret:
+                  podSecurityContext:
                     properties:
-                      key:
+                      appArmorProfile:
+                        properties:
+                          localhostProfile:
+                            type: string
+                          type:
+                            type: string
+                        required:
+                        - type
+                        type: object
+                      fsGroup:
+                        format: int64
+                        type: integer
+                      fsGroupChangePolicy:
                         type: string
-                      secretName:
+                      runAsGroup:
+                        format: int64
+                        type: integer
+                      runAsNonRoot:
+                        type: boolean
+                      runAsUser:
+                        format: int64
+                        type: integer
+                      seLinuxChangePolicy:
                         type: string
-                    required:
-                    - key
-                    - secretName
+                      seLinuxOptions:
+                        properties:
+                          level:
+                            type: string
+                          role:
+                            type: string
+                          type:
+                            type: string
+                          user:
+                            type: string
+                        type: object
+                      seccompProfile:
+                        properties:
+                          localhostProfile:
+                            type: string
+                          type:
+                            type: string
+                        required:
+                        - type
+                        type: object
+                      supplementalGroups:
+                        items:
+                          format: int64
+                          type: integer
+                        type: array
+                        x-kubernetes-list-type: atomic
+                      supplementalGroupsPolicy:
+                        type: string
+                      sysctls:
+                        items:
+                          properties:
+                            name:
+                              type: string
+                            value:
+                              type: string
+                          required:
+                          - name
+                          - value
+                          type: object
+                        type: array
+                        x-kubernetes-list-type: atomic
+                      windowsOptions:
+                        properties:
+                          gmsaCredentialSpec:
+                            type: string
+                          gmsaCredentialSpecName:
+                            type: string
+                          hostProcess:
+                            type: boolean
+                          runAsUserName:
+                            type: string
+                        type: object
                     type: object
-                required:
-                - secret
-                type: object
-              webServerUser:
-                properties:
-                  secret:
+                  podTemplate:
                     properties:
-                      key:
-                        type: string
-                      secretName:
-                        type: string
-                    required:
-                    - key
-                    - secretName
+                      labels:
+                        additionalProperties:
+                          type: string
+                        type: object
                     type: object
-                required:
-                - secret
-                type: object
-            type: object
-          status:
-            properties:
-              msg:
-                type: string
-              phase:
-                type: string
-              status:
-                type: boolean
-            required:
-            - phase
-            - status
-            type: object
-        type: object
-    served: true
-    storage: false
-    subresources:
-      status: {}
-  - additionalPrinterColumns:
-    - description: Name of the CDB
-      jsonPath: .spec.cdbName
-      name: CDB Name
-      type: string
-    - description: ' Name of the DB Server'
-      jsonPath: .spec.dbServer
-      name: DB Server
-      type: string
-    - description: DB server port
-      jsonPath: .spec.dbPort
-      name: DB Port
-      type: integer
-    - description: Replicas
-      jsonPath: .spec.replicas
-      name: Replicas
-      type: integer
-    - description: Status of the CDB Resource
-      jsonPath: .status.phase
-      name: Status
-      type: string
-    - description: Error message, if any
-      jsonPath: .status.msg
-      name: Message
-      type: string
-    - description: ' string of the tnsalias'
-      jsonPath: .spec.dbTnsurl
-      name: TNS STRING
-      type: string
-    name: v4
-    schema:
-      openAPIV3Schema:
-        properties:
-          apiVersion:
-            type: string
-          kind:
-            type: string
-          metadata:
-            type: object
-          spec:
-            properties:
-              cdbAdminPwd:
-                properties:
-                  secret:
-                    properties:
-                      key:
-                        type: string
-                      secretName:
-                        type: string
-                    required:
-                    - key
-                    - secretName
-                    type: object
-                required:
-                - secret
-                type: object
-              cdbAdminUser:
-                properties:
-                  secret:
+                  securityContext:
                     properties:
-                      key:
-                        type: string
-                      secretName:
+                      allowPrivilegeEscalation:
+                        type: boolean
+                      appArmorProfile:
+                        properties:
+                          localhostProfile:
+                            type: string
+                          type:
+                            type: string
+                        required:
+                        - type
+                        type: object
+                      capabilities:
+                        properties:
+                          add:
+                            items:
+                              type: string
+                            type: array
+                            x-kubernetes-list-type: atomic
+                          drop:
+                            items:
+                              type: string
+                            type: array
+                            x-kubernetes-list-type: atomic
+                        type: object
+                      privileged:
+                        type: boolean
+                      procMount:
                         type: string
-                    required:
-                    - key
-                    - secretName
+                      readOnlyRootFilesystem:
+                        type: boolean
+                      runAsGroup:
+                        format: int64
+                        type: integer
+                      runAsNonRoot:
+                        type: boolean
+                      runAsUser:
+                        format: int64
+                        type: integer
+                      seLinuxOptions:
+                        properties:
+                          level:
+                            type: string
+                          role:
+                            type: string
+                          type:
+                            type: string
+                          user:
+                            type: string
+                        type: object
+                      seccompProfile:
+                        properties:
+                          localhostProfile:
+                            type: string
+                          type:
+                            type: string
+                        required:
+                        - type
+                        type: object
+                      windowsOptions:
+                        properties:
+                          gmsaCredentialSpec:
+                            type: string
+                          gmsaCredentialSpecName:
+                            type: string
+                          hostProcess:
+                            type: boolean
+                          runAsUserName:
+                            type: string
+                        type: object
                     type: object
-                required:
-                - secret
                 type: object
-              cdbName:
-                type: string
-              cdbOrdsPrvKey:
+              exporterConfig:
                 properties:
-                  secret:
+                  configMap:
                     properties:
                       key:
                         type: string
-                      secretName:
+                      name:
                         type: string
-                    required:
-                    - key
-                    - secretName
                     type: object
-                required:
-                - secret
+                  mountPath:
+                    type: string
                 type: object
-              cdbOrdsPubKey:
+              inheritLabels:
+                items:
+                  type: string
+                type: array
+              log:
                 properties:
-                  secret:
+                  destination:
+                    type: string
+                  disable:
+                    type: boolean
+                  filename:
+                    type: string
+                  volume:
                     properties:
-                      key:
-                        type: string
-                      secretName:
+                      name:
                         type: string
-                    required:
-                    - key
-                    - secretName
+                      persistentVolumeClaim:
+                        properties:
+                          claimName:
+                            type: string
+                        type: object
                     type: object
-                required:
-                - secret
                 type: object
-              cdbTlsCrt:
+              metrics:
                 properties:
-                  secret:
-                    properties:
-                      key:
-                        type: string
-                      secretName:
-                        type: string
-                    required:
-                    - key
-                    - secretName
-                    type: object
-                required:
-                - secret
+                  configMap:
+                    items:
+                      properties:
+                        key:
+                          type: string
+                        name:
+                          type: string
+                      type: object
+                    type: array
                 type: object
-              cdbTlsKey:
+              ociConfig:
                 properties:
-                  secret:
+                  configMap:
                     properties:
                       key:
                         type: string
-                      secretName:
+                      name:
                         type: string
-                    required:
-                    - key
-                    - secretName
                     type: object
-                required:
-                - secret
-                type: object
-              dbPort:
-                type: integer
-              dbServer:
-                type: string
-              dbTnsurl:
-                type: string
-              deletePdbCascade:
-                type: boolean
-              nodeSelector:
-                additionalProperties:
-                  type: string
-                type: object
-              ordsImage:
-                type: string
-              ordsImagePullPolicy:
-                enum:
-                - Always
-                - Never
-                type: string
-              ordsImagePullSecret:
-                type: string
-              ordsPort:
-                type: integer
-              ordsPwd:
-                properties:
-                  secret:
+                  mountPath:
+                    type: string
+                  privateKey:
                     properties:
-                      key:
-                        type: string
-                      secretName:
+                      secret:
                         type: string
-                    required:
-                    - key
-                    - secretName
                     type: object
-                required:
-                - secret
                 type: object
               replicas:
+                format: int32
                 type: integer
-              serviceName:
-                type: string
-              sysAdminPwd:
+              service:
                 properties:
-                  secret:
-                    properties:
-                      key:
-                        type: string
-                      secretName:
-                        type: string
-                    required:
-                    - key
-                    - secretName
+                  labels:
+                    additionalProperties:
+                      type: string
                     type: object
-                required:
-                - secret
+                  ports:
+                    items:
+                      properties:
+                        appProtocol:
+                          type: string
+                        name:
+                          type: string
+                        nodePort:
+                          format: int32
+                          type: integer
+                        port:
+                          format: int32
+                          type: integer
+                        protocol:
+                          default: TCP
+                          type: string
+                        targetPort:
+                          anyOf:
+                          - type: integer
+                          - type: string
+                          x-kubernetes-int-or-string: true
+                      required:
+                      - port
+                      type: object
+                    type: array
                 type: object
-              webServerPwd:
+              serviceMonitor:
                 properties:
-                  secret:
-                    properties:
-                      key:
-                        type: string
-                      secretName:
-                        type: string
-                    required:
-                    - key
-                    - secretName
-                    type: object
-                required:
-                - secret
-                type: object
-              webServerUser:
-                properties:
-                  secret:
-                    properties:
-                      key:
-                        type: string
-                      secretName:
-                        type: string
-                    required:
-                    - key
-                    - secretName
-                    type: object
-                required:
-                - secret
-                type: object
-            type: object
-          status:
-            properties:
-              msg:
-                type: string
-              phase:
-                type: string
-              status:
-                type: boolean
-            required:
-            - phase
-            - status
-            type: object
-        type: object
-    served: true
-    storage: true
-    subresources:
-      status: {}
----
-apiVersion: apiextensions.k8s.io/v1
-kind: CustomResourceDefinition
-metadata:
-  annotations:
-    controller-gen.kubebuilder.io/version: v0.16.5
-  name: databaseobservers.observability.oracle.com
-spec:
-  group: observability.oracle.com
-  names:
-    kind: DatabaseObserver
-    listKind: DatabaseObserverList
-    plural: databaseobservers
-    shortNames:
-    - dbobserver
-    - dbobservers
-    singular: databaseobserver
-  scope: Namespaced
-  versions:
-  - additionalPrinterColumns:
-    - jsonPath: .status.exporterConfig
-      name: ExporterConfig
-      type: string
-    - jsonPath: .status.status
-      name: Status
-      type: string
-    - jsonPath: .status.version
-      name: Version
-      type: string
-    name: v1
-    schema:
-      openAPIV3Schema:
-        properties:
-          apiVersion:
-            type: string
-          kind:
-            type: string
-          metadata:
-            type: object
-          spec:
-            properties:
-              configuration:
-                properties:
-                  configMap:
-                    properties:
-                      key:
-                        type: string
-                      name:
-                        type: string
-                    type: object
-                type: object
-              database:
-                properties:
-                  dbConnectionString:
-                    properties:
-                      key:
-                        type: string
-                      secret:
-                        type: string
-                    type: object
-                  dbPassword:
-                    properties:
-                      key:
-                        type: string
-                      secret:
-                        type: string
-                      vaultOCID:
-                        type: string
-                      vaultSecretName:
-                        type: string
-                    type: object
-                  dbUser:
-                    properties:
-                      key:
-                        type: string
-                      secret:
-                        type: string
-                    type: object
-                  dbWallet:
-                    properties:
-                      key:
-                        type: string
-                      secret:
-                        type: string
-                    type: object
-                type: object
-              exporter:
-                properties:
-                  deployment:
-                    properties:
-                      args:
-                        items:
-                          type: string
-                        type: array
-                      commands:
-                        items:
-                          type: string
-                        type: array
-                      env:
-                        additionalProperties:
-                          type: string
-                        type: object
-                      image:
-                        type: string
-                      labels:
-                        additionalProperties:
+                  endpoints:
+                    items:
+                      properties:
+                        authorization:
+                          properties:
+                            credentials:
+                              properties:
+                                key:
+                                  type: string
+                                name:
+                                  default: ""
+                                  type: string
+                                optional:
+                                  type: boolean
+                              required:
+                              - key
+                              type: object
+                              x-kubernetes-map-type: atomic
+                            type:
+                              type: string
+                          type: object
+                        basicAuth:
+                          properties:
+                            password:
+                              properties:
+                                key:
+                                  type: string
+                                name:
+                                  default: ""
+                                  type: string
+                                optional:
+                                  type: boolean
+                              required:
+                              - key
+                              type: object
+                              x-kubernetes-map-type: atomic
+                            username:
+                              properties:
+                                key:
+                                  type: string
+                                name:
+                                  default: ""
+                                  type: string
+                                optional:
+                                  type: boolean
+                              required:
+                              - key
+                              type: object
+                              x-kubernetes-map-type: atomic
+                          type: object
+                        bearerTokenFile:
                           type: string
-                        type: object
-                      podTemplate:
-                        properties:
-                          labels:
-                            additionalProperties:
+                        bearerTokenSecret:
+                          properties:
+                            key:
                               type: string
-                            type: object
-                          securityContext:
+                            name:
+                              default: ""
+                              type: string
+                            optional:
+                              type: boolean
+                          required:
+                          - key
+                          type: object
+                          x-kubernetes-map-type: atomic
+                        enableHttp2:
+                          type: boolean
+                        filterRunning:
+                          type: boolean
+                        followRedirects:
+                          type: boolean
+                        honorLabels:
+                          type: boolean
+                        honorTimestamps:
+                          type: boolean
+                        interval:
+                          pattern: ^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$
+                          type: string
+                        metricRelabelings:
+                          items:
                             properties:
-                              appArmorProfile:
-                                properties:
-                                  localhostProfile:
-                                    type: string
-                                  type:
-                                    type: string
-                                required:
-                                - type
-                                type: object
-                              fsGroup:
-                                format: int64
-                                type: integer
-                              fsGroupChangePolicy:
+                              action:
+                                default: replace
+                                enum:
+                                - replace
+                                - Replace
+                                - keep
+                                - Keep
+                                - drop
+                                - Drop
+                                - hashmod
+                                - HashMod
+                                - labelmap
+                                - LabelMap
+                                - labeldrop
+                                - LabelDrop
+                                - labelkeep
+                                - LabelKeep
+                                - lowercase
+                                - Lowercase
+                                - uppercase
+                                - Uppercase
+                                - keepequal
+                                - KeepEqual
+                                - dropequal
+                                - DropEqual
                                 type: string
-                              runAsGroup:
-                                format: int64
-                                type: integer
-                              runAsNonRoot:
-                                type: boolean
-                              runAsUser:
+                              modulus:
                                 format: int64
                                 type: integer
-                              seLinuxOptions:
-                                properties:
-                                  level:
-                                    type: string
-                                  role:
-                                    type: string
-                                  type:
-                                    type: string
-                                  user:
-                                    type: string
-                                type: object
-                              seccompProfile:
-                                properties:
-                                  localhostProfile:
-                                    type: string
-                                  type:
-                                    type: string
-                                required:
-                                - type
-                                type: object
-                              supplementalGroups:
+                              regex:
+                                type: string
+                              replacement:
+                                type: string
+                              separator:
+                                type: string
+                              sourceLabels:
                                 items:
-                                  format: int64
-                                  type: integer
+                                  pattern: ^[a-zA-Z_][a-zA-Z0-9_]*$
+                                  type: string
                                 type: array
-                                x-kubernetes-list-type: atomic
-                              supplementalGroupsPolicy:
+                              targetLabel:
                                 type: string
-                              sysctls:
-                                items:
+                            type: object
+                          type: array
+                        noProxy:
+                          type: string
+                        oauth2:
+                          properties:
+                            clientId:
+                              properties:
+                                configMap:
                                   properties:
+                                    key:
+                                      type: string
                                     name:
+                                      default: ""
+                                      type: string
+                                    optional:
+                                      type: boolean
+                                  required:
+                                  - key
+                                  type: object
+                                  x-kubernetes-map-type: atomic
+                                secret:
+                                  properties:
+                                    key:
                                       type: string
-                                    value:
+                                    name:
+                                      default: ""
                                       type: string
+                                    optional:
+                                      type: boolean
                                   required:
-                                  - name
-                                  - value
+                                  - key
                                   type: object
-                                type: array
-                                x-kubernetes-list-type: atomic
-                              windowsOptions:
-                                properties:
-                                  gmsaCredentialSpec:
-                                    type: string
-                                  gmsaCredentialSpecName:
-                                    type: string
-                                  hostProcess:
-                                    type: boolean
-                                  runAsUserName:
-                                    type: string
-                                type: object
-                            type: object
-                        type: object
-                      securityContext:
-                        properties:
-                          allowPrivilegeEscalation:
-                            type: boolean
-                          appArmorProfile:
-                            properties:
-                              localhostProfile:
-                                type: string
-                              type:
-                                type: string
-                            required:
-                            - type
-                            type: object
-                          capabilities:
-                            properties:
-                              add:
-                                items:
+                                  x-kubernetes-map-type: atomic
+                              type: object
+                            clientSecret:
+                              properties:
+                                key:
                                   type: string
-                                type: array
-                                x-kubernetes-list-type: atomic
-                              drop:
-                                items:
+                                name:
+                                  default: ""
                                   type: string
-                                type: array
-                                x-kubernetes-list-type: atomic
-                            type: object
-                          privileged:
-                            type: boolean
-                          procMount:
-                            type: string
-                          readOnlyRootFilesystem:
-                            type: boolean
-                          runAsGroup:
-                            format: int64
-                            type: integer
-                          runAsNonRoot:
-                            type: boolean
-                          runAsUser:
-                            format: int64
-                            type: integer
-                          seLinuxOptions:
-                            properties:
-                              level:
-                                type: string
-                              role:
-                                type: string
-                              type:
-                                type: string
-                              user:
-                                type: string
-                            type: object
-                          seccompProfile:
-                            properties:
-                              localhostProfile:
-                                type: string
-                              type:
-                                type: string
-                            required:
-                            - type
-                            type: object
-                          windowsOptions:
-                            properties:
-                              gmsaCredentialSpec:
-                                type: string
-                              gmsaCredentialSpecName:
-                                type: string
-                              hostProcess:
-                                type: boolean
-                              runAsUserName:
+                                optional:
+                                  type: boolean
+                              required:
+                              - key
+                              type: object
+                              x-kubernetes-map-type: atomic
+                            endpointParams:
+                              additionalProperties:
                                 type: string
-                            type: object
-                        type: object
-                    type: object
-                  service:
-                    properties:
-                      labels:
-                        additionalProperties:
-                          type: string
-                        type: object
-                      ports:
-                        items:
-                          properties:
-                            appProtocol:
-                              type: string
-                            name:
-                              type: string
-                            nodePort:
-                              format: int32
-                              type: integer
-                            port:
-                              format: int32
-                              type: integer
-                            protocol:
-                              default: TCP
-                              type: string
-                            targetPort:
-                              anyOf:
-                              - type: integer
-                              - type: string
-                              x-kubernetes-int-or-string: true
-                          required:
-                          - port
-                          type: object
-                        type: array
-                    type: object
-                type: object
-              inheritLabels:
-                items:
-                  type: string
-                type: array
-              log:
-                properties:
-                  filename:
-                    type: string
-                  path:
-                    type: string
-                  volume:
-                    properties:
-                      name:
-                        type: string
-                      persistentVolumeClaim:
-                        properties:
-                          claimName:
-                            type: string
-                        type: object
-                    type: object
-                type: object
-              ociConfig:
-                properties:
-                  configMapName:
-                    type: string
-                  secretName:
-                    type: string
-                type: object
-              prometheus:
-                properties:
-                  serviceMonitor:
-                    properties:
-                      endpoints:
-                        items:
-                          properties:
-                            authorization:
-                              properties:
-                                credentials:
-                                  properties:
-                                    key:
-                                      type: string
-                                    name:
-                                      default: ""
-                                      type: string
-                                    optional:
-                                      type: boolean
-                                  required:
-                                  - key
-                                  type: object
-                                  x-kubernetes-map-type: atomic
-                                type:
-                                  type: string
                               type: object
-                            basicAuth:
-                              properties:
-                                password:
-                                  properties:
-                                    key:
-                                      type: string
-                                    name:
-                                      default: ""
-                                      type: string
-                                    optional:
-                                      type: boolean
-                                  required:
-                                  - key
-                                  type: object
-                                  x-kubernetes-map-type: atomic
-                                username:
+                            noProxy:
+                              type: string
+                            proxyConnectHeader:
+                              additionalProperties:
+                                items:
                                   properties:
                                     key:
                                       type: string
@@ -2164,85 +1898,21 @@ spec:
                                   - key
                                   type: object
                                   x-kubernetes-map-type: atomic
-                              type: object
-                            bearerTokenFile:
-                              type: string
-                            bearerTokenSecret:
-                              properties:
-                                key:
-                                  type: string
-                                name:
-                                  default: ""
-                                  type: string
-                                optional:
-                                  type: boolean
-                              required:
-                              - key
+                                type: array
                               type: object
                               x-kubernetes-map-type: atomic
-                            enableHttp2:
-                              type: boolean
-                            filterRunning:
-                              type: boolean
-                            followRedirects:
-                              type: boolean
-                            honorLabels:
+                            proxyFromEnvironment:
                               type: boolean
-                            honorTimestamps:
-                              type: boolean
-                            interval:
-                              pattern: ^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$
+                            proxyUrl:
+                              pattern: ^(http|https|socks5)://.+$
                               type: string
-                            metricRelabelings:
+                            scopes:
                               items:
-                                properties:
-                                  action:
-                                    default: replace
-                                    enum:
-                                    - replace
-                                    - Replace
-                                    - keep
-                                    - Keep
-                                    - drop
-                                    - Drop
-                                    - hashmod
-                                    - HashMod
-                                    - labelmap
-                                    - LabelMap
-                                    - labeldrop
-                                    - LabelDrop
-                                    - labelkeep
-                                    - LabelKeep
-                                    - lowercase
-                                    - Lowercase
-                                    - uppercase
-                                    - Uppercase
-                                    - keepequal
-                                    - KeepEqual
-                                    - dropequal
-                                    - DropEqual
-                                    type: string
-                                  modulus:
-                                    format: int64
-                                    type: integer
-                                  regex:
-                                    type: string
-                                  replacement:
-                                    type: string
-                                  separator:
-                                    type: string
-                                  sourceLabels:
-                                    items:
-                                      pattern: ^[a-zA-Z_][a-zA-Z0-9_]*$
-                                      type: string
-                                    type: array
-                                  targetLabel:
-                                    type: string
-                                type: object
+                                type: string
                               type: array
-                            oauth2:
+                            tlsConfig:
                               properties:
-                                clientId:
+                                ca:
                                   properties:
                                     configMap:
                                       properties:
@@ -2271,28 +1941,9 @@ spec:
                                       type: object
                                       x-kubernetes-map-type: atomic
                                   type: object
-                                clientSecret:
+                                cert:
                                   properties:
-                                    key:
-                                      type: string
-                                    name:
-                                      default: ""
-                                      type: string
-                                    optional:
-                                      type: boolean
-                                  required:
-                                  - key
-                                  type: object
-                                  x-kubernetes-map-type: atomic
-                                endpointParams:
-                                  additionalProperties:
-                                    type: string
-                                  type: object
-                                noProxy:
-                                  type: string
-                                proxyConnectHeader:
-                                  additionalProperties:
-                                    items:
+                                    configMap:
                                       properties:
                                         key:
                                           type: string
@@ -2305,81 +1956,7 @@ spec:
                                       - key
                                       type: object
                                       x-kubernetes-map-type: atomic
-                                    type: array
-                                  type: object
-                                  x-kubernetes-map-type: atomic
-                                proxyFromEnvironment:
-                                  type: boolean
-                                proxyUrl:
-                                  pattern: ^http(s)?://.+$
-                                  type: string
-                                scopes:
-                                  items:
-                                    type: string
-                                  type: array
-                                tlsConfig:
-                                  properties:
-                                    ca:
-                                      properties:
-                                        configMap:
-                                          properties:
-                                            key:
-                                              type: string
-                                            name:
-                                              default: ""
-                                              type: string
-                                            optional:
-                                              type: boolean
-                                          required:
-                                          - key
-                                          type: object
-                                          x-kubernetes-map-type: atomic
-                                        secret:
-                                          properties:
-                                            key:
-                                              type: string
-                                            name:
-                                              default: ""
-                                              type: string
-                                            optional:
-                                              type: boolean
-                                          required:
-                                          - key
-                                          type: object
-                                          x-kubernetes-map-type: atomic
-                                      type: object
-                                    cert:
-                                      properties:
-                                        configMap:
-                                          properties:
-                                            key:
-                                              type: string
-                                            name:
-                                              default: ""
-                                              type: string
-                                            optional:
-                                              type: boolean
-                                          required:
-                                          - key
-                                          type: object
-                                          x-kubernetes-map-type: atomic
-                                        secret:
-                                          properties:
-                                            key:
-                                              type: string
-                                            name:
-                                              default: ""
-                                              type: string
-                                            optional:
-                                              type: boolean
-                                          required:
-                                          - key
-                                          type: object
-                                          x-kubernetes-map-type: atomic
-                                      type: object
-                                    insecureSkipVerify:
-                                      type: boolean
-                                    keySecret:
+                                    secret:
                                       properties:
                                         key:
                                           type: string
@@ -2392,190 +1969,28 @@ spec:
                                       - key
                                       type: object
                                       x-kubernetes-map-type: atomic
-                                    maxVersion:
-                                      enum:
-                                      - TLS10
-                                      - TLS11
-                                      - TLS12
-                                      - TLS13
-                                      type: string
-                                    minVersion:
-                                      enum:
-                                      - TLS10
-                                      - TLS11
-                                      - TLS12
-                                      - TLS13
+                                  type: object
+                                insecureSkipVerify:
+                                  type: boolean
+                                keySecret:
+                                  properties:
+                                    key:
                                       type: string
-                                    serverName:
+                                    name:
+                                      default: ""
                                       type: string
+                                    optional:
+                                      type: boolean
+                                  required:
+                                  - key
                                   type: object
-                                tokenUrl:
-                                  minLength: 1
-                                  type: string
-                              required:
-                              - clientId
-                              - clientSecret
-                              - tokenUrl
-                              type: object
-                            params:
-                              additionalProperties:
-                                items:
-                                  type: string
-                                type: array
-                              type: object
-                            path:
-                              type: string
-                            port:
-                              type: string
-                            proxyUrl:
-                              type: string
-                            relabelings:
-                              items:
-                                properties:
-                                  action:
-                                    default: replace
-                                    enum:
-                                    - replace
-                                    - Replace
-                                    - keep
-                                    - Keep
-                                    - drop
-                                    - Drop
-                                    - hashmod
-                                    - HashMod
-                                    - labelmap
-                                    - LabelMap
-                                    - labeldrop
-                                    - LabelDrop
-                                    - labelkeep
-                                    - LabelKeep
-                                    - lowercase
-                                    - Lowercase
-                                    - uppercase
-                                    - Uppercase
-                                    - keepequal
-                                    - KeepEqual
-                                    - dropequal
-                                    - DropEqual
-                                    type: string
-                                  modulus:
-                                    format: int64
-                                    type: integer
-                                  regex:
-                                    type: string
-                                  replacement:
-                                    type: string
-                                  separator:
-                                    type: string
-                                  sourceLabels:
-                                    items:
-                                      pattern: ^[a-zA-Z_][a-zA-Z0-9_]*$
-                                      type: string
-                                    type: array
-                                  targetLabel:
-                                    type: string
-                                type: object
-                              type: array
-                            scheme:
-                              enum:
-                              - http
-                              - https
-                              type: string
-                            scrapeTimeout:
-                              pattern: ^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$
-                              type: string
-                            targetPort:
-                              anyOf:
-                              - type: integer
-                              - type: string
-                              x-kubernetes-int-or-string: true
-                            tlsConfig:
-                              properties:
-                                ca:
-                                  properties:
-                                    configMap:
-                                      properties:
-                                        key:
-                                          type: string
-                                        name:
-                                          default: ""
-                                          type: string
-                                        optional:
-                                          type: boolean
-                                      required:
-                                      - key
-                                      type: object
-                                      x-kubernetes-map-type: atomic
-                                    secret:
-                                      properties:
-                                        key:
-                                          type: string
-                                        name:
-                                          default: ""
-                                          type: string
-                                        optional:
-                                          type: boolean
-                                      required:
-                                      - key
-                                      type: object
-                                      x-kubernetes-map-type: atomic
-                                  type: object
-                                caFile:
-                                  type: string
-                                cert:
-                                  properties:
-                                    configMap:
-                                      properties:
-                                        key:
-                                          type: string
-                                        name:
-                                          default: ""
-                                          type: string
-                                        optional:
-                                          type: boolean
-                                      required:
-                                      - key
-                                      type: object
-                                      x-kubernetes-map-type: atomic
-                                    secret:
-                                      properties:
-                                        key:
-                                          type: string
-                                        name:
-                                          default: ""
-                                          type: string
-                                        optional:
-                                          type: boolean
-                                      required:
-                                      - key
-                                      type: object
-                                      x-kubernetes-map-type: atomic
-                                  type: object
-                                certFile:
-                                  type: string
-                                insecureSkipVerify:
-                                  type: boolean
-                                keyFile:
-                                  type: string
-                                keySecret:
-                                  properties:
-                                    key:
-                                      type: string
-                                    name:
-                                      default: ""
-                                      type: string
-                                    optional:
-                                      type: boolean
-                                  required:
-                                  - key
-                                  type: object
-                                  x-kubernetes-map-type: atomic
-                                maxVersion:
-                                  enum:
-                                  - TLS10
-                                  - TLS11
-                                  - TLS12
-                                  - TLS13
+                                  x-kubernetes-map-type: atomic
+                                maxVersion:
+                                  enum:
+                                  - TLS10
+                                  - TLS11
+                                  - TLS12
+                                  - TLS13
                                   type: string
                                 minVersion:
                                   enum:
@@ -2587,640 +2002,329 @@ spec:
                                 serverName:
                                   type: string
                               type: object
-                            trackTimestampsStaleness:
-                              type: boolean
+                            tokenUrl:
+                              minLength: 1
+                              type: string
+                          required:
+                          - clientId
+                          - clientSecret
+                          - tokenUrl
                           type: object
-                        type: array
-                      labels:
-                        additionalProperties:
-                          type: string
-                        type: object
-                      namespaceSelector:
-                        properties:
-                          any:
-                            type: boolean
-                          matchNames:
+                        params:
+                          additionalProperties:
                             items:
                               type: string
                             type: array
-                        type: object
-                    type: object
-                type: object
-              replicas:
-                format: int32
-                type: integer
-              sidecarVolumes:
-                items:
-                  properties:
-                    awsElasticBlockStore:
-                      properties:
-                        fsType:
-                          type: string
-                        partition:
-                          format: int32
-                          type: integer
-                        readOnly:
-                          type: boolean
-                        volumeID:
-                          type: string
-                      required:
-                      - volumeID
-                      type: object
-                    azureDisk:
-                      properties:
-                        cachingMode:
-                          type: string
-                        diskName:
-                          type: string
-                        diskURI:
-                          type: string
-                        fsType:
-                          default: ext4
-                          type: string
-                        kind:
-                          type: string
-                        readOnly:
-                          default: false
-                          type: boolean
-                      required:
-                      - diskName
-                      - diskURI
-                      type: object
-                    azureFile:
-                      properties:
-                        readOnly:
-                          type: boolean
-                        secretName:
-                          type: string
-                        shareName:
-                          type: string
-                      required:
-                      - secretName
-                      - shareName
-                      type: object
-                    cephfs:
-                      properties:
-                        monitors:
-                          items:
-                            type: string
-                          type: array
-                          x-kubernetes-list-type: atomic
+                          type: object
                         path:
                           type: string
-                        readOnly:
-                          type: boolean
-                        secretFile:
+                        port:
                           type: string
-                        secretRef:
-                          properties:
-                            name:
-                              default: ""
-                              type: string
+                        proxyConnectHeader:
+                          additionalProperties:
+                            items:
+                              properties:
+                                key:
+                                  type: string
+                                name:
+                                  default: ""
+                                  type: string
+                                optional:
+                                  type: boolean
+                              required:
+                              - key
+                              type: object
+                              x-kubernetes-map-type: atomic
+                            type: array
                           type: object
                           x-kubernetes-map-type: atomic
-                        user:
-                          type: string
-                      required:
-                      - monitors
-                      type: object
-                    cinder:
-                      properties:
-                        fsType:
-                          type: string
-                        readOnly:
+                        proxyFromEnvironment:
                           type: boolean
-                        secretRef:
-                          properties:
-                            name:
-                              default: ""
-                              type: string
-                          type: object
-                          x-kubernetes-map-type: atomic
-                        volumeID:
+                        proxyUrl:
+                          pattern: ^(http|https|socks5)://.+$
                           type: string
-                      required:
-                      - volumeID
-                      type: object
-                    configMap:
-                      properties:
-                        defaultMode:
-                          format: int32
-                          type: integer
-                        items:
+                        relabelings:
                           items:
                             properties:
-                              key:
+                              action:
+                                default: replace
+                                enum:
+                                - replace
+                                - Replace
+                                - keep
+                                - Keep
+                                - drop
+                                - Drop
+                                - hashmod
+                                - HashMod
+                                - labelmap
+                                - LabelMap
+                                - labeldrop
+                                - LabelDrop
+                                - labelkeep
+                                - LabelKeep
+                                - lowercase
+                                - Lowercase
+                                - uppercase
+                                - Uppercase
+                                - keepequal
+                                - KeepEqual
+                                - dropequal
+                                - DropEqual
                                 type: string
-                              mode:
-                                format: int32
+                              modulus:
+                                format: int64
                                 type: integer
-                              path:
+                              regex:
                                 type: string
-                            required:
-                            - key
-                            - path
-                            type: object
-                          type: array
-                          x-kubernetes-list-type: atomic
-                        name:
-                          default: ""
-                          type: string
-                        optional:
-                          type: boolean
-                      type: object
-                      x-kubernetes-map-type: atomic
-                    csi:
-                      properties:
-                        driver:
-                          type: string
-                        fsType:
-                          type: string
-                        nodePublishSecretRef:
-                          properties:
-                            name:
-                              default: ""
-                              type: string
-                          type: object
-                          x-kubernetes-map-type: atomic
-                        readOnly:
-                          type: boolean
-                        volumeAttributes:
-                          additionalProperties:
-                            type: string
-                          type: object
-                      required:
-                      - driver
-                      type: object
-                    downwardAPI:
-                      properties:
-                        defaultMode:
-                          format: int32
-                          type: integer
-                        items:
-                          items:
-                            properties:
-                              fieldRef:
-                                properties:
-                                  apiVersion:
-                                    type: string
-                                  fieldPath:
-                                    type: string
-                                required:
-                                - fieldPath
-                                type: object
-                                x-kubernetes-map-type: atomic
-                              mode:
-                                format: int32
-                                type: integer
-                              path:
+                              replacement:
+                                type: string
+                              separator:
+                                type: string
+                              sourceLabels:
+                                items:
+                                  pattern: ^[a-zA-Z_][a-zA-Z0-9_]*$
+                                  type: string
+                                type: array
+                              targetLabel:
                                 type: string
-                              resourceFieldRef:
-                                properties:
-                                  containerName:
-                                    type: string
-                                  divisor:
-                                    anyOf:
-                                    - type: integer
-                                    - type: string
-                                    pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
-                                    x-kubernetes-int-or-string: true
-                                  resource:
-                                    type: string
-                                required:
-                                - resource
-                                type: object
-                                x-kubernetes-map-type: atomic
-                            required:
-                            - path
                             type: object
                           type: array
-                          x-kubernetes-list-type: atomic
-                      type: object
-                    emptyDir:
-                      properties:
-                        medium:
+                        scheme:
+                          enum:
+                          - http
+                          - https
                           type: string
-                        sizeLimit:
+                        scrapeTimeout:
+                          pattern: ^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$
+                          type: string
+                        targetPort:
                           anyOf:
                           - type: integer
                           - type: string
-                          pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
                           x-kubernetes-int-or-string: true
-                      type: object
-                    ephemeral:
-                      properties:
-                        volumeClaimTemplate:
+                        tlsConfig:
                           properties:
-                            metadata:
-                              type: object
-                            spec:
+                            ca:
                               properties:
-                                accessModes:
-                                  items:
-                                    type: string
-                                  type: array
-                                  x-kubernetes-list-type: atomic
-                                dataSource:
+                                configMap:
                                   properties:
-                                    apiGroup:
-                                      type: string
-                                    kind:
+                                    key:
                                       type: string
                                     name:
+                                      default: ""
                                       type: string
+                                    optional:
+                                      type: boolean
                                   required:
-                                  - kind
-                                  - name
+                                  - key
                                   type: object
                                   x-kubernetes-map-type: atomic
-                                dataSourceRef:
+                                secret:
                                   properties:
-                                    apiGroup:
-                                      type: string
-                                    kind:
+                                    key:
                                       type: string
                                     name:
+                                      default: ""
                                       type: string
-                                    namespace:
-                                      type: string
+                                    optional:
+                                      type: boolean
                                   required:
-                                  - kind
-                                  - name
+                                  - key
                                   type: object
-                                resources:
+                                  x-kubernetes-map-type: atomic
+                              type: object
+                            caFile:
+                              type: string
+                            cert:
+                              properties:
+                                configMap:
                                   properties:
-                                    limits:
-                                      additionalProperties:
-                                        anyOf:
-                                        - type: integer
-                                        - type: string
-                                        pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
-                                        x-kubernetes-int-or-string: true
-                                      type: object
-                                    requests:
-                                      additionalProperties:
-                                        anyOf:
-                                        - type: integer
-                                        - type: string
-                                        pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
-                                        x-kubernetes-int-or-string: true
-                                      type: object
+                                    key:
+                                      type: string
+                                    name:
+                                      default: ""
+                                      type: string
+                                    optional:
+                                      type: boolean
+                                  required:
+                                  - key
                                   type: object
-                                selector:
+                                  x-kubernetes-map-type: atomic
+                                secret:
                                   properties:
-                                    matchExpressions:
-                                      items:
-                                        properties:
-                                          key:
-                                            type: string
-                                          operator:
-                                            type: string
-                                          values:
-                                            items:
-                                              type: string
-                                            type: array
-                                            x-kubernetes-list-type: atomic
-                                        required:
-                                        - key
-                                        - operator
-                                        type: object
-                                      type: array
-                                      x-kubernetes-list-type: atomic
-                                    matchLabels:
-                                      additionalProperties:
-                                        type: string
-                                      type: object
+                                    key:
+                                      type: string
+                                    name:
+                                      default: ""
+                                      type: string
+                                    optional:
+                                      type: boolean
+                                  required:
+                                  - key
                                   type: object
                                   x-kubernetes-map-type: atomic
-                                storageClassName:
-                                  type: string
-                                volumeAttributesClassName:
-                                  type: string
-                                volumeMode:
+                              type: object
+                            certFile:
+                              type: string
+                            insecureSkipVerify:
+                              type: boolean
+                            keyFile:
+                              type: string
+                            keySecret:
+                              properties:
+                                key:
                                   type: string
-                                volumeName:
+                                name:
+                                  default: ""
                                   type: string
+                                optional:
+                                  type: boolean
+                              required:
+                              - key
                               type: object
-                          required:
-                          - spec
+                              x-kubernetes-map-type: atomic
+                            maxVersion:
+                              enum:
+                              - TLS10
+                              - TLS11
+                              - TLS12
+                              - TLS13
+                              type: string
+                            minVersion:
+                              enum:
+                              - TLS10
+                              - TLS11
+                              - TLS12
+                              - TLS13
+                              type: string
+                            serverName:
+                              type: string
                           type: object
+                        trackTimestampsStaleness:
+                          type: boolean
                       type: object
-                    fc:
-                      properties:
-                        fsType:
+                    type: array
+                  labels:
+                    additionalProperties:
+                      type: string
+                    type: object
+                  namespaceSelector:
+                    properties:
+                      any:
+                        type: boolean
+                      matchNames:
+                        items:
                           type: string
-                        lun:
-                          format: int32
-                          type: integer
-                        readOnly:
-                          type: boolean
-                        targetWWNs:
-                          items:
-                            type: string
-                          type: array
-                          x-kubernetes-list-type: atomic
-                        wwids:
+                        type: array
+                    type: object
+                type: object
+              sidecar:
+                properties:
+                  containers:
+                    items:
+                      properties:
+                        args:
                           items:
                             type: string
                           type: array
                           x-kubernetes-list-type: atomic
-                      type: object
-                    flexVolume:
-                      properties:
-                        driver:
-                          type: string
-                        fsType:
-                          type: string
-                        options:
-                          additionalProperties:
-                            type: string
-                          type: object
-                        readOnly:
-                          type: boolean
-                        secretRef:
-                          properties:
-                            name:
-                              default: ""
-                              type: string
-                          type: object
-                          x-kubernetes-map-type: atomic
-                      required:
-                      - driver
-                      type: object
-                    flocker:
-                      properties:
-                        datasetName:
-                          type: string
-                        datasetUUID:
-                          type: string
-                      type: object
-                    gcePersistentDisk:
-                      properties:
-                        fsType:
-                          type: string
-                        partition:
-                          format: int32
-                          type: integer
-                        pdName:
-                          type: string
-                        readOnly:
-                          type: boolean
-                      required:
-                      - pdName
-                      type: object
-                    gitRepo:
-                      properties:
-                        directory:
-                          type: string
-                        repository:
-                          type: string
-                        revision:
-                          type: string
-                      required:
-                      - repository
-                      type: object
-                    glusterfs:
-                      properties:
-                        endpoints:
-                          type: string
-                        path:
-                          type: string
-                        readOnly:
-                          type: boolean
-                      required:
-                      - endpoints
-                      - path
-                      type: object
-                    hostPath:
-                      properties:
-                        path:
-                          type: string
-                        type:
-                          type: string
-                      required:
-                      - path
-                      type: object
-                    image:
-                      properties:
-                        pullPolicy:
-                          type: string
-                        reference:
-                          type: string
-                      type: object
-                    iscsi:
-                      properties:
-                        chapAuthDiscovery:
-                          type: boolean
-                        chapAuthSession:
-                          type: boolean
-                        fsType:
-                          type: string
-                        initiatorName:
-                          type: string
-                        iqn:
-                          type: string
-                        iscsiInterface:
-                          default: default
-                          type: string
-                        lun:
-                          format: int32
-                          type: integer
-                        portals:
+                        command:
                           items:
                             type: string
                           type: array
                           x-kubernetes-list-type: atomic
-                        readOnly:
-                          type: boolean
-                        secretRef:
-                          properties:
-                            name:
-                              default: ""
-                              type: string
-                          type: object
-                          x-kubernetes-map-type: atomic
-                        targetPortal:
-                          type: string
-                      required:
-                      - iqn
-                      - lun
-                      - targetPortal
-                      type: object
-                    name:
-                      type: string
-                    nfs:
-                      properties:
-                        path:
-                          type: string
-                        readOnly:
-                          type: boolean
-                        server:
-                          type: string
-                      required:
-                      - path
-                      - server
-                      type: object
-                    persistentVolumeClaim:
-                      properties:
-                        claimName:
-                          type: string
-                        readOnly:
-                          type: boolean
-                      required:
-                      - claimName
-                      type: object
-                    photonPersistentDisk:
-                      properties:
-                        fsType:
-                          type: string
-                        pdID:
-                          type: string
-                      required:
-                      - pdID
-                      type: object
-                    portworxVolume:
-                      properties:
-                        fsType:
-                          type: string
-                        readOnly:
-                          type: boolean
-                        volumeID:
-                          type: string
-                      required:
-                      - volumeID
-                      type: object
-                    projected:
-                      properties:
-                        defaultMode:
-                          format: int32
-                          type: integer
-                        sources:
+                        env:
                           items:
                             properties:
-                              clusterTrustBundle:
+                              name:
+                                type: string
+                              value:
+                                type: string
+                              valueFrom:
                                 properties:
-                                  labelSelector:
+                                  configMapKeyRef:
                                     properties:
-                                      matchExpressions:
-                                        items:
-                                          properties:
-                                            key:
-                                              type: string
-                                            operator:
-                                              type: string
-                                            values:
-                                              items:
-                                                type: string
-                                              type: array
-                                              x-kubernetes-list-type: atomic
-                                          required:
-                                          - key
-                                          - operator
-                                          type: object
-                                        type: array
-                                        x-kubernetes-list-type: atomic
-                                      matchLabels:
-                                        additionalProperties:
-                                          type: string
-                                        type: object
+                                      key:
+                                        type: string
+                                      name:
+                                        default: ""
+                                        type: string
+                                      optional:
+                                        type: boolean
+                                    required:
+                                    - key
+                                    type: object
+                                    x-kubernetes-map-type: atomic
+                                  fieldRef:
+                                    properties:
+                                      apiVersion:
+                                        type: string
+                                      fieldPath:
+                                        type: string
+                                    required:
+                                    - fieldPath
+                                    type: object
+                                    x-kubernetes-map-type: atomic
+                                  fileKeyRef:
+                                    properties:
+                                      key:
+                                        type: string
+                                      optional:
+                                        default: false
+                                        type: boolean
+                                      path:
+                                        type: string
+                                      volumeName:
+                                        type: string
+                                    required:
+                                    - key
+                                    - path
+                                    - volumeName
+                                    type: object
+                                    x-kubernetes-map-type: atomic
+                                  resourceFieldRef:
+                                    properties:
+                                      containerName:
+                                        type: string
+                                      divisor:
+                                        anyOf:
+                                        - type: integer
+                                        - type: string
+                                        pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+                                        x-kubernetes-int-or-string: true
+                                      resource:
+                                        type: string
+                                    required:
+                                    - resource
+                                    type: object
+                                    x-kubernetes-map-type: atomic
+                                  secretKeyRef:
+                                    properties:
+                                      key:
+                                        type: string
+                                      name:
+                                        default: ""
+                                        type: string
+                                      optional:
+                                        type: boolean
+                                    required:
+                                    - key
                                     type: object
                                     x-kubernetes-map-type: atomic
-                                  name:
-                                    type: string
-                                  optional:
-                                    type: boolean
-                                  path:
-                                    type: string
-                                  signerName:
-                                    type: string
-                                required:
-                                - path
-                                type: object
-                              configMap:
-                                properties:
-                                  items:
-                                    items:
-                                      properties:
-                                        key:
-                                          type: string
-                                        mode:
-                                          format: int32
-                                          type: integer
-                                        path:
-                                          type: string
-                                      required:
-                                      - key
-                                      - path
-                                      type: object
-                                    type: array
-                                    x-kubernetes-list-type: atomic
-                                  name:
-                                    default: ""
-                                    type: string
-                                  optional:
-                                    type: boolean
-                                type: object
-                                x-kubernetes-map-type: atomic
-                              downwardAPI:
-                                properties:
-                                  items:
-                                    items:
-                                      properties:
-                                        fieldRef:
-                                          properties:
-                                            apiVersion:
-                                              type: string
-                                            fieldPath:
-                                              type: string
-                                          required:
-                                          - fieldPath
-                                          type: object
-                                          x-kubernetes-map-type: atomic
-                                        mode:
-                                          format: int32
-                                          type: integer
-                                        path:
-                                          type: string
-                                        resourceFieldRef:
-                                          properties:
-                                            containerName:
-                                              type: string
-                                            divisor:
-                                              anyOf:
-                                              - type: integer
-                                              - type: string
-                                              pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
-                                              x-kubernetes-int-or-string: true
-                                            resource:
-                                              type: string
-                                          required:
-                                          - resource
-                                          type: object
-                                          x-kubernetes-map-type: atomic
-                                      required:
-                                      - path
-                                      type: object
-                                    type: array
-                                    x-kubernetes-list-type: atomic
                                 type: object
-                              secret:
+                            required:
+                            - name
+                            type: object
+                          type: array
+                          x-kubernetes-list-map-keys:
+                          - name
+                          x-kubernetes-list-type: map
+                        envFrom:
+                          items:
+                            properties:
+                              configMapRef:
                                 properties:
-                                  items:
-                                    items:
-                                      properties:
-                                        key:
-                                          type: string
-                                        mode:
-                                          format: int32
-                                          type: integer
-                                        path:
-                                          type: string
-                                      required:
-                                      - key
-                                      - path
-                                      type: object
-                                    type: array
-                                    x-kubernetes-list-type: atomic
                                   name:
                                     default: ""
                                     type: string
@@ -3228,283 +2332,257 @@ spec:
                                     type: boolean
                                 type: object
                                 x-kubernetes-map-type: atomic
-                              serviceAccountToken:
+                              prefix:
+                                type: string
+                              secretRef:
                                 properties:
-                                  audience:
-                                    type: string
-                                  expirationSeconds:
-                                    format: int64
-                                    type: integer
-                                  path:
+                                  name:
+                                    default: ""
                                     type: string
-                                required:
-                                - path
+                                  optional:
+                                    type: boolean
                                 type: object
+                                x-kubernetes-map-type: atomic
                             type: object
                           type: array
                           x-kubernetes-list-type: atomic
-                      type: object
-                    quobyte:
-                      properties:
-                        group:
-                          type: string
-                        readOnly:
-                          type: boolean
-                        registry:
-                          type: string
-                        tenant:
-                          type: string
-                        user:
-                          type: string
-                        volume:
-                          type: string
-                      required:
-                      - registry
-                      - volume
-                      type: object
-                    rbd:
-                      properties:
-                        fsType:
-                          type: string
                         image:
                           type: string
-                        keyring:
-                          default: /etc/ceph/keyring
-                          type: string
-                        monitors:
-                          items:
-                            type: string
-                          type: array
-                          x-kubernetes-list-type: atomic
-                        pool:
-                          default: rbd
+                        imagePullPolicy:
                           type: string
-                        readOnly:
-                          type: boolean
-                        secretRef:
+                        lifecycle:
                           properties:
-                            name:
-                              default: ""
+                            postStart:
+                              properties:
+                                exec:
+                                  properties:
+                                    command:
+                                      items:
+                                        type: string
+                                      type: array
+                                      x-kubernetes-list-type: atomic
+                                  type: object
+                                httpGet:
+                                  properties:
+                                    host:
+                                      type: string
+                                    httpHeaders:
+                                      items:
+                                        properties:
+                                          name:
+                                            type: string
+                                          value:
+                                            type: string
+                                        required:
+                                        - name
+                                        - value
+                                        type: object
+                                      type: array
+                                      x-kubernetes-list-type: atomic
+                                    path:
+                                      type: string
+                                    port:
+                                      anyOf:
+                                      - type: integer
+                                      - type: string
+                                      x-kubernetes-int-or-string: true
+                                    scheme:
+                                      type: string
+                                  required:
+                                  - port
+                                  type: object
+                                sleep:
+                                  properties:
+                                    seconds:
+                                      format: int64
+                                      type: integer
+                                  required:
+                                  - seconds
+                                  type: object
+                                tcpSocket:
+                                  properties:
+                                    host:
+                                      type: string
+                                    port:
+                                      anyOf:
+                                      - type: integer
+                                      - type: string
+                                      x-kubernetes-int-or-string: true
+                                  required:
+                                  - port
+                                  type: object
+                              type: object
+                            preStop:
+                              properties:
+                                exec:
+                                  properties:
+                                    command:
+                                      items:
+                                        type: string
+                                      type: array
+                                      x-kubernetes-list-type: atomic
+                                  type: object
+                                httpGet:
+                                  properties:
+                                    host:
+                                      type: string
+                                    httpHeaders:
+                                      items:
+                                        properties:
+                                          name:
+                                            type: string
+                                          value:
+                                            type: string
+                                        required:
+                                        - name
+                                        - value
+                                        type: object
+                                      type: array
+                                      x-kubernetes-list-type: atomic
+                                    path:
+                                      type: string
+                                    port:
+                                      anyOf:
+                                      - type: integer
+                                      - type: string
+                                      x-kubernetes-int-or-string: true
+                                    scheme:
+                                      type: string
+                                  required:
+                                  - port
+                                  type: object
+                                sleep:
+                                  properties:
+                                    seconds:
+                                      format: int64
+                                      type: integer
+                                  required:
+                                  - seconds
+                                  type: object
+                                tcpSocket:
+                                  properties:
+                                    host:
+                                      type: string
+                                    port:
+                                      anyOf:
+                                      - type: integer
+                                      - type: string
+                                      x-kubernetes-int-or-string: true
+                                  required:
+                                  - port
+                                  type: object
+                              type: object
+                            stopSignal:
                               type: string
                           type: object
-                          x-kubernetes-map-type: atomic
-                        user:
-                          default: admin
-                          type: string
-                      required:
-                      - image
-                      - monitors
-                      type: object
-                    scaleIO:
-                      properties:
-                        fsType:
-                          default: xfs
-                          type: string
-                        gateway:
-                          type: string
-                        protectionDomain:
-                          type: string
-                        readOnly:
-                          type: boolean
-                        secretRef:
+                        livenessProbe:
                           properties:
-                            name:
-                              default: ""
-                              type: string
+                            exec:
+                              properties:
+                                command:
+                                  items:
+                                    type: string
+                                  type: array
+                                  x-kubernetes-list-type: atomic
+                              type: object
+                            failureThreshold:
+                              format: int32
+                              type: integer
+                            grpc:
+                              properties:
+                                port:
+                                  format: int32
+                                  type: integer
+                                service:
+                                  default: ""
+                                  type: string
+                              required:
+                              - port
+                              type: object
+                            httpGet:
+                              properties:
+                                host:
+                                  type: string
+                                httpHeaders:
+                                  items:
+                                    properties:
+                                      name:
+                                        type: string
+                                      value:
+                                        type: string
+                                    required:
+                                    - name
+                                    - value
+                                    type: object
+                                  type: array
+                                  x-kubernetes-list-type: atomic
+                                path:
+                                  type: string
+                                port:
+                                  anyOf:
+                                  - type: integer
+                                  - type: string
+                                  x-kubernetes-int-or-string: true
+                                scheme:
+                                  type: string
+                              required:
+                              - port
+                              type: object
+                            initialDelaySeconds:
+                              format: int32
+                              type: integer
+                            periodSeconds:
+                              format: int32
+                              type: integer
+                            successThreshold:
+                              format: int32
+                              type: integer
+                            tcpSocket:
+                              properties:
+                                host:
+                                  type: string
+                                port:
+                                  anyOf:
+                                  - type: integer
+                                  - type: string
+                                  x-kubernetes-int-or-string: true
+                              required:
+                              - port
+                              type: object
+                            terminationGracePeriodSeconds:
+                              format: int64
+                              type: integer
+                            timeoutSeconds:
+                              format: int32
+                              type: integer
                           type: object
-                          x-kubernetes-map-type: atomic
-                        sslEnabled:
-                          type: boolean
-                        storageMode:
-                          default: ThinProvisioned
-                          type: string
-                        storagePool:
-                          type: string
-                        system:
-                          type: string
-                        volumeName:
+                        name:
                           type: string
-                      required:
-                      - gateway
-                      - secretRef
-                      - system
-                      type: object
-                    secret:
-                      properties:
-                        defaultMode:
-                          format: int32
-                          type: integer
-                        items:
+                        ports:
                           items:
                             properties:
-                              key:
+                              containerPort:
+                                format: int32
+                                type: integer
+                              hostIP:
                                 type: string
-                              mode:
+                              hostPort:
                                 format: int32
                                 type: integer
-                              path:
+                              name:
+                                type: string
+                              protocol:
+                                default: TCP
                                 type: string
                             required:
-                            - key
-                            - path
+                            - containerPort
                             type: object
                           type: array
-                          x-kubernetes-list-type: atomic
-                        optional:
-                          type: boolean
-                        secretName:
-                          type: string
-                      type: object
-                    storageos:
-                      properties:
-                        fsType:
-                          type: string
-                        readOnly:
-                          type: boolean
-                        secretRef:
-                          properties:
-                            name:
-                              default: ""
-                              type: string
-                          type: object
-                          x-kubernetes-map-type: atomic
-                        volumeName:
-                          type: string
-                        volumeNamespace:
-                          type: string
-                      type: object
-                    vsphereVolume:
-                      properties:
-                        fsType:
-                          type: string
-                        storagePolicyID:
-                          type: string
-                        storagePolicyName:
-                          type: string
-                        volumePath:
-                          type: string
-                      required:
-                      - volumePath
-                      type: object
-                  required:
-                  - name
-                  type: object
-                type: array
-              sidecars:
-                items:
-                  properties:
-                    args:
-                      items:
-                        type: string
-                      type: array
-                      x-kubernetes-list-type: atomic
-                    command:
-                      items:
-                        type: string
-                      type: array
-                      x-kubernetes-list-type: atomic
-                    env:
-                      items:
-                        properties:
-                          name:
-                            type: string
-                          value:
-                            type: string
-                          valueFrom:
-                            properties:
-                              configMapKeyRef:
-                                properties:
-                                  key:
-                                    type: string
-                                  name:
-                                    default: ""
-                                    type: string
-                                  optional:
-                                    type: boolean
-                                required:
-                                - key
-                                type: object
-                                x-kubernetes-map-type: atomic
-                              fieldRef:
-                                properties:
-                                  apiVersion:
-                                    type: string
-                                  fieldPath:
-                                    type: string
-                                required:
-                                - fieldPath
-                                type: object
-                                x-kubernetes-map-type: atomic
-                              resourceFieldRef:
-                                properties:
-                                  containerName:
-                                    type: string
-                                  divisor:
-                                    anyOf:
-                                    - type: integer
-                                    - type: string
-                                    pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
-                                    x-kubernetes-int-or-string: true
-                                  resource:
-                                    type: string
-                                required:
-                                - resource
-                                type: object
-                                x-kubernetes-map-type: atomic
-                              secretKeyRef:
-                                properties:
-                                  key:
-                                    type: string
-                                  name:
-                                    default: ""
-                                    type: string
-                                  optional:
-                                    type: boolean
-                                required:
-                                - key
-                                type: object
-                                x-kubernetes-map-type: atomic
-                            type: object
-                        required:
-                        - name
-                        type: object
-                      type: array
-                      x-kubernetes-list-map-keys:
-                      - name
-                      x-kubernetes-list-type: map
-                    envFrom:
-                      items:
-                        properties:
-                          configMapRef:
-                            properties:
-                              name:
-                                default: ""
-                                type: string
-                              optional:
-                                type: boolean
-                            type: object
-                            x-kubernetes-map-type: atomic
-                          prefix:
-                            type: string
-                          secretRef:
-                            properties:
-                              name:
-                                default: ""
-                                type: string
-                              optional:
-                                type: boolean
-                            type: object
-                            x-kubernetes-map-type: atomic
-                        type: object
-                      type: array
-                      x-kubernetes-list-type: atomic
-                    image:
-                      type: string
-                    imagePullPolicy:
-                      type: string
-                    lifecycle:
-                      properties:
-                        postStart:
+                          x-kubernetes-list-map-keys:
+                          - containerPort
+                          - protocol
+                          x-kubernetes-list-type: map
+                        readinessProbe:
                           properties:
                             exec:
                               properties:
@@ -3514,6 +2592,20 @@ spec:
                                   type: array
                                   x-kubernetes-list-type: atomic
                               type: object
+                            failureThreshold:
+                              format: int32
+                              type: integer
+                            grpc:
+                              properties:
+                                port:
+                                  format: int32
+                                  type: integer
+                                service:
+                                  default: ""
+                                  type: string
+                              required:
+                              - port
+                              type: object
                             httpGet:
                               properties:
                                 host:
@@ -3543,14 +2635,15 @@ spec:
                               required:
                               - port
                               type: object
-                            sleep:
-                              properties:
-                                seconds:
-                                  format: int64
-                                  type: integer
-                              required:
-                              - seconds
-                              type: object
+                            initialDelaySeconds:
+                              format: int32
+                              type: integer
+                            periodSeconds:
+                              format: int32
+                              type: integer
+                            successThreshold:
+                              format: int32
+                              type: integer
                             tcpSocket:
                               properties:
                                 host:
@@ -3563,8 +2656,157 @@ spec:
                               required:
                               - port
                               type: object
+                            terminationGracePeriodSeconds:
+                              format: int64
+                              type: integer
+                            timeoutSeconds:
+                              format: int32
+                              type: integer
+                          type: object
+                        resizePolicy:
+                          items:
+                            properties:
+                              resourceName:
+                                type: string
+                              restartPolicy:
+                                type: string
+                            required:
+                            - resourceName
+                            - restartPolicy
+                            type: object
+                          type: array
+                          x-kubernetes-list-type: atomic
+                        resources:
+                          properties:
+                            claims:
+                              items:
+                                properties:
+                                  name:
+                                    type: string
+                                  request:
+                                    type: string
+                                required:
+                                - name
+                                type: object
+                              type: array
+                              x-kubernetes-list-map-keys:
+                              - name
+                              x-kubernetes-list-type: map
+                            limits:
+                              additionalProperties:
+                                anyOf:
+                                - type: integer
+                                - type: string
+                                pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+                                x-kubernetes-int-or-string: true
+                              type: object
+                            requests:
+                              additionalProperties:
+                                anyOf:
+                                - type: integer
+                                - type: string
+                                pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+                                x-kubernetes-int-or-string: true
+                              type: object
+                          type: object
+                        restartPolicy:
+                          type: string
+                        restartPolicyRules:
+                          items:
+                            properties:
+                              action:
+                                type: string
+                              exitCodes:
+                                properties:
+                                  operator:
+                                    type: string
+                                  values:
+                                    items:
+                                      format: int32
+                                      type: integer
+                                    type: array
+                                    x-kubernetes-list-type: set
+                                required:
+                                - operator
+                                type: object
+                            required:
+                            - action
+                            type: object
+                          type: array
+                          x-kubernetes-list-type: atomic
+                        securityContext:
+                          properties:
+                            allowPrivilegeEscalation:
+                              type: boolean
+                            appArmorProfile:
+                              properties:
+                                localhostProfile:
+                                  type: string
+                                type:
+                                  type: string
+                              required:
+                              - type
+                              type: object
+                            capabilities:
+                              properties:
+                                add:
+                                  items:
+                                    type: string
+                                  type: array
+                                  x-kubernetes-list-type: atomic
+                                drop:
+                                  items:
+                                    type: string
+                                  type: array
+                                  x-kubernetes-list-type: atomic
+                              type: object
+                            privileged:
+                              type: boolean
+                            procMount:
+                              type: string
+                            readOnlyRootFilesystem:
+                              type: boolean
+                            runAsGroup:
+                              format: int64
+                              type: integer
+                            runAsNonRoot:
+                              type: boolean
+                            runAsUser:
+                              format: int64
+                              type: integer
+                            seLinuxOptions:
+                              properties:
+                                level:
+                                  type: string
+                                role:
+                                  type: string
+                                type:
+                                  type: string
+                                user:
+                                  type: string
+                              type: object
+                            seccompProfile:
+                              properties:
+                                localhostProfile:
+                                  type: string
+                                type:
+                                  type: string
+                              required:
+                              - type
+                              type: object
+                            windowsOptions:
+                              properties:
+                                gmsaCredentialSpec:
+                                  type: string
+                                gmsaCredentialSpecName:
+                                  type: string
+                                hostProcess:
+                                  type: boolean
+                                runAsUserName:
+                                  type: string
+                              type: object
                           type: object
-                        preStop:
+                        startupProbe:
                           properties:
                             exec:
                               properties:
@@ -3574,6 +2816,20 @@ spec:
                                   type: array
                                   x-kubernetes-list-type: atomic
                               type: object
+                            failureThreshold:
+                              format: int32
+                              type: integer
+                            grpc:
+                              properties:
+                                port:
+                                  format: int32
+                                  type: integer
+                                service:
+                                  default: ""
+                                  type: string
+                              required:
+                              - port
+                              type: object
                             httpGet:
                               properties:
                                 host:
@@ -3603,14 +2859,15 @@ spec:
                               required:
                               - port
                               type: object
-                            sleep:
-                              properties:
-                                seconds:
-                                  format: int64
-                                  type: integer
-                              required:
-                              - seconds
-                              type: object
+                            initialDelaySeconds:
+                              format: int32
+                              type: integer
+                            periodSeconds:
+                              format: int32
+                              type: integer
+                            successThreshold:
+                              format: int32
+                              type: integer
                             tcpSocket:
                               properties:
                                 host:
@@ -3623,1927 +2880,1965 @@ spec:
                               required:
                               - port
                               type: object
-                          type: object
-                      type: object
-                    livenessProbe:
-                      properties:
-                        exec:
-                          properties:
-                            command:
-                              items:
-                                type: string
-                              type: array
-                              x-kubernetes-list-type: atomic
-                          type: object
-                        failureThreshold:
-                          format: int32
-                          type: integer
-                        grpc:
-                          properties:
-                            port:
+                            terminationGracePeriodSeconds:
+                              format: int64
+                              type: integer
+                            timeoutSeconds:
                               format: int32
                               type: integer
-                            service:
-                              default: ""
-                              type: string
-                          required:
-                          - port
                           type: object
-                        httpGet:
-                          properties:
-                            host:
-                              type: string
-                            httpHeaders:
-                              items:
-                                properties:
-                                  name:
-                                    type: string
-                                  value:
-                                    type: string
-                                required:
-                                - name
-                                - value
-                                type: object
-                              type: array
-                              x-kubernetes-list-type: atomic
-                            path:
-                              type: string
-                            port:
-                              anyOf:
-                              - type: integer
-                              - type: string
-                              x-kubernetes-int-or-string: true
-                            scheme:
-                              type: string
-                          required:
-                          - port
-                          type: object
-                        initialDelaySeconds:
-                          format: int32
-                          type: integer
-                        periodSeconds:
-                          format: int32
-                          type: integer
-                        successThreshold:
-                          format: int32
-                          type: integer
-                        tcpSocket:
-                          properties:
-                            host:
-                              type: string
-                            port:
-                              anyOf:
-                              - type: integer
-                              - type: string
-                              x-kubernetes-int-or-string: true
-                          required:
-                          - port
-                          type: object
-                        terminationGracePeriodSeconds:
-                          format: int64
-                          type: integer
-                        timeoutSeconds:
-                          format: int32
-                          type: integer
-                      type: object
-                    name:
-                      type: string
-                    ports:
-                      items:
-                        properties:
-                          containerPort:
-                            format: int32
-                            type: integer
-                          hostIP:
-                            type: string
-                          hostPort:
-                            format: int32
-                            type: integer
-                          name:
-                            type: string
-                          protocol:
-                            default: TCP
-                            type: string
-                        required:
-                        - containerPort
-                        type: object
-                      type: array
-                      x-kubernetes-list-map-keys:
-                      - containerPort
-                      - protocol
-                      x-kubernetes-list-type: map
-                    readinessProbe:
-                      properties:
-                        exec:
-                          properties:
-                            command:
-                              items:
+                        stdin:
+                          type: boolean
+                        stdinOnce:
+                          type: boolean
+                        terminationMessagePath:
+                          type: string
+                        terminationMessagePolicy:
+                          type: string
+                        tty:
+                          type: boolean
+                        volumeDevices:
+                          items:
+                            properties:
+                              devicePath:
                                 type: string
-                              type: array
-                              x-kubernetes-list-type: atomic
-                          type: object
-                        failureThreshold:
-                          format: int32
-                          type: integer
-                        grpc:
-                          properties:
-                            port:
-                              format: int32
-                              type: integer
-                            service:
-                              default: ""
-                              type: string
-                          required:
-                          - port
-                          type: object
-                        httpGet:
-                          properties:
-                            host:
-                              type: string
-                            httpHeaders:
-                              items:
-                                properties:
-                                  name:
-                                    type: string
-                                  value:
-                                    type: string
-                                required:
-                                - name
-                                - value
-                                type: object
-                              type: array
-                              x-kubernetes-list-type: atomic
-                            path:
-                              type: string
-                            port:
-                              anyOf:
-                              - type: integer
-                              - type: string
-                              x-kubernetes-int-or-string: true
-                            scheme:
-                              type: string
-                          required:
-                          - port
-                          type: object
-                        initialDelaySeconds:
-                          format: int32
-                          type: integer
-                        periodSeconds:
-                          format: int32
-                          type: integer
-                        successThreshold:
-                          format: int32
-                          type: integer
-                        tcpSocket:
-                          properties:
-                            host:
-                              type: string
-                            port:
-                              anyOf:
-                              - type: integer
-                              - type: string
-                              x-kubernetes-int-or-string: true
-                          required:
-                          - port
-                          type: object
-                        terminationGracePeriodSeconds:
-                          format: int64
-                          type: integer
-                        timeoutSeconds:
-                          format: int32
-                          type: integer
-                      type: object
-                    resizePolicy:
-                      items:
-                        properties:
-                          resourceName:
-                            type: string
-                          restartPolicy:
-                            type: string
-                        required:
-                        - resourceName
-                        - restartPolicy
-                        type: object
-                      type: array
-                      x-kubernetes-list-type: atomic
-                    resources:
-                      properties:
-                        claims:
+                              name:
+                                type: string
+                            required:
+                            - devicePath
+                            - name
+                            type: object
+                          type: array
+                          x-kubernetes-list-map-keys:
+                          - devicePath
+                          x-kubernetes-list-type: map
+                        volumeMounts:
                           items:
                             properties:
+                              mountPath:
+                                type: string
+                              mountPropagation:
+                                type: string
                               name:
                                 type: string
-                              request:
+                              readOnly:
+                                type: boolean
+                              recursiveReadOnly:
+                                type: string
+                              subPath:
+                                type: string
+                              subPathExpr:
                                 type: string
                             required:
+                            - mountPath
                             - name
                             type: object
                           type: array
                           x-kubernetes-list-map-keys:
-                          - name
+                          - mountPath
                           x-kubernetes-list-type: map
-                        limits:
-                          additionalProperties:
-                            anyOf:
-                            - type: integer
-                            - type: string
-                            pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
-                            x-kubernetes-int-or-string: true
-                          type: object
-                        requests:
-                          additionalProperties:
-                            anyOf:
-                            - type: integer
-                            - type: string
-                            pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
-                            x-kubernetes-int-or-string: true
-                          type: object
+                        workingDir:
+                          type: string
+                      required:
+                      - name
                       type: object
-                    restartPolicy:
-                      type: string
-                    securityContext:
+                    type: array
+                  volumes:
+                    items:
                       properties:
-                        allowPrivilegeEscalation:
-                          type: boolean
-                        appArmorProfile:
+                        awsElasticBlockStore:
                           properties:
-                            localhostProfile:
+                            fsType:
                               type: string
-                            type:
+                            partition:
+                              format: int32
+                              type: integer
+                            readOnly:
+                              type: boolean
+                            volumeID:
                               type: string
                           required:
-                          - type
-                          type: object
-                        capabilities:
-                          properties:
-                            add:
-                              items:
-                                type: string
-                              type: array
-                              x-kubernetes-list-type: atomic
-                            drop:
-                              items:
-                                type: string
-                              type: array
-                              x-kubernetes-list-type: atomic
+                          - volumeID
                           type: object
-                        privileged:
-                          type: boolean
-                        procMount:
-                          type: string
-                        readOnlyRootFilesystem:
-                          type: boolean
-                        runAsGroup:
-                          format: int64
-                          type: integer
-                        runAsNonRoot:
-                          type: boolean
-                        runAsUser:
-                          format: int64
-                          type: integer
-                        seLinuxOptions:
+                        azureDisk:
                           properties:
-                            level:
+                            cachingMode:
                               type: string
-                            role:
-                              type: string
-                            type:
+                            diskName:
                               type: string
-                            user:
+                            diskURI:
                               type: string
-                          type: object
-                        seccompProfile:
-                          properties:
-                            localhostProfile:
+                            fsType:
+                              default: ext4
                               type: string
-                            type:
+                            kind:
                               type: string
+                            readOnly:
+                              default: false
+                              type: boolean
                           required:
-                          - type
+                          - diskName
+                          - diskURI
                           type: object
-                        windowsOptions:
+                        azureFile:
                           properties:
-                            gmsaCredentialSpec:
-                              type: string
-                            gmsaCredentialSpecName:
-                              type: string
-                            hostProcess:
+                            readOnly:
                               type: boolean
-                            runAsUserName:
+                            secretName:
+                              type: string
+                            shareName:
                               type: string
+                          required:
+                          - secretName
+                          - shareName
                           type: object
-                      type: object
-                    startupProbe:
-                      properties:
-                        exec:
+                        cephfs:
                           properties:
-                            command:
+                            monitors:
                               items:
                                 type: string
                               type: array
                               x-kubernetes-list-type: atomic
+                            path:
+                              type: string
+                            readOnly:
+                              type: boolean
+                            secretFile:
+                              type: string
+                            secretRef:
+                              properties:
+                                name:
+                                  default: ""
+                                  type: string
+                              type: object
+                              x-kubernetes-map-type: atomic
+                            user:
+                              type: string
+                          required:
+                          - monitors
                           type: object
-                        failureThreshold:
-                          format: int32
-                          type: integer
-                        grpc:
+                        cinder:
                           properties:
-                            port:
-                              format: int32
-                              type: integer
-                            service:
-                              default: ""
+                            fsType:
+                              type: string
+                            readOnly:
+                              type: boolean
+                            secretRef:
+                              properties:
+                                name:
+                                  default: ""
+                                  type: string
+                              type: object
+                              x-kubernetes-map-type: atomic
+                            volumeID:
                               type: string
                           required:
-                          - port
+                          - volumeID
                           type: object
-                        httpGet:
+                        configMap:
                           properties:
-                            host:
-                              type: string
-                            httpHeaders:
+                            defaultMode:
+                              format: int32
+                              type: integer
+                            items:
                               items:
                                 properties:
-                                  name:
+                                  key:
                                     type: string
-                                  value:
+                                  mode:
+                                    format: int32
+                                    type: integer
+                                  path:
                                     type: string
                                 required:
-                                - name
-                                - value
+                                - key
+                                - path
                                 type: object
                               type: array
                               x-kubernetes-list-type: atomic
-                            path:
-                              type: string
-                            port:
-                              anyOf:
-                              - type: integer
-                              - type: string
-                              x-kubernetes-int-or-string: true
-                            scheme:
+                            name:
+                              default: ""
                               type: string
-                          required:
-                          - port
+                            optional:
+                              type: boolean
                           type: object
-                        initialDelaySeconds:
-                          format: int32
-                          type: integer
-                        periodSeconds:
-                          format: int32
-                          type: integer
-                        successThreshold:
-                          format: int32
-                          type: integer
-                        tcpSocket:
+                          x-kubernetes-map-type: atomic
+                        csi:
                           properties:
-                            host:
+                            driver:
                               type: string
-                            port:
-                              anyOf:
-                              - type: integer
-                              - type: string
-                              x-kubernetes-int-or-string: true
+                            fsType:
+                              type: string
+                            nodePublishSecretRef:
+                              properties:
+                                name:
+                                  default: ""
+                                  type: string
+                              type: object
+                              x-kubernetes-map-type: atomic
+                            readOnly:
+                              type: boolean
+                            volumeAttributes:
+                              additionalProperties:
+                                type: string
+                              type: object
                           required:
-                          - port
+                          - driver
                           type: object
-                        terminationGracePeriodSeconds:
-                          format: int64
-                          type: integer
-                        timeoutSeconds:
-                          format: int32
-                          type: integer
-                      type: object
-                    stdin:
-                      type: boolean
-                    stdinOnce:
-                      type: boolean
-                    terminationMessagePath:
-                      type: string
-                    terminationMessagePolicy:
-                      type: string
-                    tty:
-                      type: boolean
-                    volumeDevices:
-                      items:
-                        properties:
-                          devicePath:
-                            type: string
-                          name:
-                            type: string
-                        required:
-                        - devicePath
-                        - name
-                        type: object
-                      type: array
-                      x-kubernetes-list-map-keys:
-                      - devicePath
-                      x-kubernetes-list-type: map
-                    volumeMounts:
-                      items:
-                        properties:
-                          mountPath:
-                            type: string
-                          mountPropagation:
-                            type: string
-                          name:
-                            type: string
-                          readOnly:
-                            type: boolean
-                          recursiveReadOnly:
-                            type: string
-                          subPath:
-                            type: string
-                          subPathExpr:
-                            type: string
-                        required:
-                        - mountPath
-                        - name
-                        type: object
-                      type: array
-                      x-kubernetes-list-map-keys:
-                      - mountPath
-                      x-kubernetes-list-type: map
-                    workingDir:
-                      type: string
-                  required:
-                  - name
-                  type: object
-                type: array
-            type: object
-          status:
-            properties:
-              conditions:
-                items:
-                  properties:
-                    lastTransitionTime:
-                      format: date-time
-                      type: string
-                    message:
-                      maxLength: 32768
-                      type: string
-                    observedGeneration:
-                      format: int64
-                      minimum: 0
-                      type: integer
-                    reason:
-                      maxLength: 1024
-                      minLength: 1
-                      pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$
-                      type: string
-                    status:
-                      enum:
-                      - "True"
-                      - "False"
-                      - Unknown
-                      type: string
-                    type:
-                      maxLength: 316
-                      pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$
-                      type: string
-                  required:
-                  - lastTransitionTime
-                  - message
-                  - reason
-                  - status
-                  - type
-                  type: object
-                type: array
-              exporterConfig:
-                type: string
-              replicas:
-                type: integer
-              status:
-                type: string
-              version:
-                type: string
-            required:
-            - conditions
-            - exporterConfig
-            - version
-            type: object
-        type: object
-    served: true
-    storage: false
-    subresources:
-      status: {}
-  - additionalPrinterColumns:
-    - jsonPath: .status.exporterConfig
-      name: ExporterConfig
-      type: string
-    - jsonPath: .status.status
-      name: Status
-      type: string
-    - jsonPath: .status.version
-      name: Version
-      type: string
-    name: v1alpha1
-    schema:
-      openAPIV3Schema:
-        properties:
-          apiVersion:
-            type: string
-          kind:
-            type: string
-          metadata:
-            type: object
-          spec:
-            properties:
-              configuration:
-                properties:
-                  configMap:
-                    properties:
-                      key:
-                        type: string
-                      name:
-                        type: string
-                    type: object
-                type: object
-              database:
-                properties:
-                  dbConnectionString:
-                    properties:
-                      key:
-                        type: string
-                      secret:
-                        type: string
-                    type: object
-                  dbPassword:
-                    properties:
-                      key:
-                        type: string
-                      secret:
-                        type: string
-                      vaultOCID:
-                        type: string
-                      vaultSecretName:
-                        type: string
-                    type: object
-                  dbUser:
-                    properties:
-                      key:
-                        type: string
-                      secret:
-                        type: string
-                    type: object
-                  dbWallet:
-                    properties:
-                      key:
-                        type: string
-                      secret:
-                        type: string
-                    type: object
-                type: object
-              exporter:
-                properties:
-                  deployment:
-                    properties:
-                      args:
-                        items:
-                          type: string
-                        type: array
-                      commands:
-                        items:
-                          type: string
-                        type: array
-                      env:
-                        additionalProperties:
-                          type: string
-                        type: object
-                      image:
-                        type: string
-                      labels:
-                        additionalProperties:
-                          type: string
-                        type: object
-                      podTemplate:
-                        properties:
-                          labels:
-                            additionalProperties:
-                              type: string
-                            type: object
-                          securityContext:
-                            properties:
-                              appArmorProfile:
-                                properties:
-                                  localhostProfile:
-                                    type: string
-                                  type:
-                                    type: string
-                                required:
-                                - type
-                                type: object
-                              fsGroup:
-                                format: int64
-                                type: integer
-                              fsGroupChangePolicy:
-                                type: string
-                              runAsGroup:
-                                format: int64
-                                type: integer
-                              runAsNonRoot:
-                                type: boolean
-                              runAsUser:
-                                format: int64
-                                type: integer
-                              seLinuxOptions:
-                                properties:
-                                  level:
-                                    type: string
-                                  role:
-                                    type: string
-                                  type:
-                                    type: string
-                                  user:
-                                    type: string
-                                type: object
-                              seccompProfile:
+                        downwardAPI:
+                          properties:
+                            defaultMode:
+                              format: int32
+                              type: integer
+                            items:
+                              items:
                                 properties:
-                                  localhostProfile:
-                                    type: string
-                                  type:
+                                  fieldRef:
+                                    properties:
+                                      apiVersion:
+                                        type: string
+                                      fieldPath:
+                                        type: string
+                                    required:
+                                    - fieldPath
+                                    type: object
+                                    x-kubernetes-map-type: atomic
+                                  mode:
+                                    format: int32
+                                    type: integer
+                                  path:
                                     type: string
+                                  resourceFieldRef:
+                                    properties:
+                                      containerName:
+                                        type: string
+                                      divisor:
+                                        anyOf:
+                                        - type: integer
+                                        - type: string
+                                        pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+                                        x-kubernetes-int-or-string: true
+                                      resource:
+                                        type: string
+                                    required:
+                                    - resource
+                                    type: object
+                                    x-kubernetes-map-type: atomic
                                 required:
-                                - type
+                                - path
                                 type: object
-                              supplementalGroups:
-                                items:
-                                  format: int64
-                                  type: integer
-                                type: array
-                                x-kubernetes-list-type: atomic
-                              supplementalGroupsPolicy:
-                                type: string
-                              sysctls:
-                                items:
-                                  properties:
-                                    name:
-                                      type: string
-                                    value:
-                                      type: string
-                                  required:
-                                  - name
-                                  - value
+                              type: array
+                              x-kubernetes-list-type: atomic
+                          type: object
+                        emptyDir:
+                          properties:
+                            medium:
+                              type: string
+                            sizeLimit:
+                              anyOf:
+                              - type: integer
+                              - type: string
+                              pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+                              x-kubernetes-int-or-string: true
+                          type: object
+                        ephemeral:
+                          properties:
+                            volumeClaimTemplate:
+                              properties:
+                                metadata:
                                   type: object
-                                type: array
-                                x-kubernetes-list-type: atomic
-                              windowsOptions:
-                                properties:
-                                  gmsaCredentialSpec:
-                                    type: string
-                                  gmsaCredentialSpecName:
-                                    type: string
-                                  hostProcess:
-                                    type: boolean
-                                  runAsUserName:
-                                    type: string
-                                type: object
-                            type: object
-                        type: object
-                      securityContext:
-                        properties:
-                          allowPrivilegeEscalation:
-                            type: boolean
-                          appArmorProfile:
-                            properties:
-                              localhostProfile:
-                                type: string
-                              type:
-                                type: string
-                            required:
-                            - type
-                            type: object
-                          capabilities:
-                            properties:
-                              add:
-                                items:
-                                  type: string
-                                type: array
-                                x-kubernetes-list-type: atomic
-                              drop:
-                                items:
-                                  type: string
-                                type: array
-                                x-kubernetes-list-type: atomic
-                            type: object
-                          privileged:
-                            type: boolean
-                          procMount:
-                            type: string
-                          readOnlyRootFilesystem:
-                            type: boolean
-                          runAsGroup:
-                            format: int64
-                            type: integer
-                          runAsNonRoot:
-                            type: boolean
-                          runAsUser:
-                            format: int64
-                            type: integer
-                          seLinuxOptions:
-                            properties:
-                              level:
-                                type: string
-                              role:
-                                type: string
-                              type:
-                                type: string
-                              user:
-                                type: string
-                            type: object
-                          seccompProfile:
-                            properties:
-                              localhostProfile:
-                                type: string
-                              type:
-                                type: string
-                            required:
-                            - type
-                            type: object
-                          windowsOptions:
-                            properties:
-                              gmsaCredentialSpec:
+                                spec:
+                                  properties:
+                                    accessModes:
+                                      items:
+                                        type: string
+                                      type: array
+                                      x-kubernetes-list-type: atomic
+                                    dataSource:
+                                      properties:
+                                        apiGroup:
+                                          type: string
+                                        kind:
+                                          type: string
+                                        name:
+                                          type: string
+                                      required:
+                                      - kind
+                                      - name
+                                      type: object
+                                      x-kubernetes-map-type: atomic
+                                    dataSourceRef:
+                                      properties:
+                                        apiGroup:
+                                          type: string
+                                        kind:
+                                          type: string
+                                        name:
+                                          type: string
+                                        namespace:
+                                          type: string
+                                      required:
+                                      - kind
+                                      - name
+                                      type: object
+                                    resources:
+                                      properties:
+                                        limits:
+                                          additionalProperties:
+                                            anyOf:
+                                            - type: integer
+                                            - type: string
+                                            pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+                                            x-kubernetes-int-or-string: true
+                                          type: object
+                                        requests:
+                                          additionalProperties:
+                                            anyOf:
+                                            - type: integer
+                                            - type: string
+                                            pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+                                            x-kubernetes-int-or-string: true
+                                          type: object
+                                      type: object
+                                    selector:
+                                      properties:
+                                        matchExpressions:
+                                          items:
+                                            properties:
+                                              key:
+                                                type: string
+                                              operator:
+                                                type: string
+                                              values:
+                                                items:
+                                                  type: string
+                                                type: array
+                                                x-kubernetes-list-type: atomic
+                                            required:
+                                            - key
+                                            - operator
+                                            type: object
+                                          type: array
+                                          x-kubernetes-list-type: atomic
+                                        matchLabels:
+                                          additionalProperties:
+                                            type: string
+                                          type: object
+                                      type: object
+                                      x-kubernetes-map-type: atomic
+                                    storageClassName:
+                                      type: string
+                                    volumeAttributesClassName:
+                                      type: string
+                                    volumeMode:
+                                      type: string
+                                    volumeName:
+                                      type: string
+                                  type: object
+                              required:
+                              - spec
+                              type: object
+                          type: object
+                        fc:
+                          properties:
+                            fsType:
+                              type: string
+                            lun:
+                              format: int32
+                              type: integer
+                            readOnly:
+                              type: boolean
+                            targetWWNs:
+                              items:
                                 type: string
-                              gmsaCredentialSpecName:
+                              type: array
+                              x-kubernetes-list-type: atomic
+                            wwids:
+                              items:
                                 type: string
-                              hostProcess:
-                                type: boolean
-                              runAsUserName:
+                              type: array
+                              x-kubernetes-list-type: atomic
+                          type: object
+                        flexVolume:
+                          properties:
+                            driver:
+                              type: string
+                            fsType:
+                              type: string
+                            options:
+                              additionalProperties:
                                 type: string
-                            type: object
-                        type: object
-                    type: object
-                  service:
-                    properties:
-                      labels:
-                        additionalProperties:
-                          type: string
-                        type: object
-                      ports:
-                        items:
+                              type: object
+                            readOnly:
+                              type: boolean
+                            secretRef:
+                              properties:
+                                name:
+                                  default: ""
+                                  type: string
+                              type: object
+                              x-kubernetes-map-type: atomic
+                          required:
+                          - driver
+                          type: object
+                        flocker:
                           properties:
-                            appProtocol:
+                            datasetName:
                               type: string
-                            name:
+                            datasetUUID:
                               type: string
-                            nodePort:
-                              format: int32
-                              type: integer
-                            port:
+                          type: object
+                        gcePersistentDisk:
+                          properties:
+                            fsType:
+                              type: string
+                            partition:
                               format: int32
                               type: integer
-                            protocol:
-                              default: TCP
+                            pdName:
                               type: string
-                            targetPort:
-                              anyOf:
-                              - type: integer
-                              - type: string
-                              x-kubernetes-int-or-string: true
+                            readOnly:
+                              type: boolean
                           required:
-                          - port
+                          - pdName
                           type: object
-                        type: array
-                    type: object
-                type: object
-              inheritLabels:
-                items:
-                  type: string
-                type: array
-              log:
-                properties:
-                  filename:
-                    type: string
-                  path:
-                    type: string
-                  volume:
-                    properties:
-                      name:
-                        type: string
-                      persistentVolumeClaim:
-                        properties:
-                          claimName:
-                            type: string
-                        type: object
-                    type: object
-                type: object
-              ociConfig:
-                properties:
-                  configMapName:
-                    type: string
-                  secretName:
-                    type: string
-                type: object
-              prometheus:
-                properties:
-                  serviceMonitor:
-                    properties:
-                      endpoints:
-                        items:
+                        gitRepo:
                           properties:
-                            authorization:
-                              properties:
-                                credentials:
-                                  properties:
-                                    key:
-                                      type: string
-                                    name:
-                                      default: ""
-                                      type: string
-                                    optional:
-                                      type: boolean
-                                  required:
-                                  - key
-                                  type: object
-                                  x-kubernetes-map-type: atomic
-                                type:
-                                  type: string
-                              type: object
-                            basicAuth:
-                              properties:
-                                password:
-                                  properties:
-                                    key:
-                                      type: string
-                                    name:
-                                      default: ""
-                                      type: string
-                                    optional:
-                                      type: boolean
-                                  required:
-                                  - key
-                                  type: object
-                                  x-kubernetes-map-type: atomic
-                                username:
-                                  properties:
-                                    key:
-                                      type: string
-                                    name:
-                                      default: ""
-                                      type: string
-                                    optional:
-                                      type: boolean
-                                  required:
-                                  - key
-                                  type: object
-                                  x-kubernetes-map-type: atomic
-                              type: object
-                            bearerTokenFile:
+                            directory:
+                              type: string
+                            repository:
+                              type: string
+                            revision:
+                              type: string
+                          required:
+                          - repository
+                          type: object
+                        glusterfs:
+                          properties:
+                            endpoints:
                               type: string
-                            bearerTokenSecret:
+                            path:
+                              type: string
+                            readOnly:
+                              type: boolean
+                          required:
+                          - endpoints
+                          - path
+                          type: object
+                        hostPath:
+                          properties:
+                            path:
+                              type: string
+                            type:
+                              type: string
+                          required:
+                          - path
+                          type: object
+                        image:
+                          properties:
+                            pullPolicy:
+                              type: string
+                            reference:
+                              type: string
+                          type: object
+                        iscsi:
+                          properties:
+                            chapAuthDiscovery:
+                              type: boolean
+                            chapAuthSession:
+                              type: boolean
+                            fsType:
+                              type: string
+                            initiatorName:
+                              type: string
+                            iqn:
+                              type: string
+                            iscsiInterface:
+                              default: default
+                              type: string
+                            lun:
+                              format: int32
+                              type: integer
+                            portals:
+                              items:
+                                type: string
+                              type: array
+                              x-kubernetes-list-type: atomic
+                            readOnly:
+                              type: boolean
+                            secretRef:
                               properties:
-                                key:
-                                  type: string
                                 name:
                                   default: ""
                                   type: string
-                                optional:
-                                  type: boolean
-                              required:
-                              - key
                               type: object
                               x-kubernetes-map-type: atomic
-                            enableHttp2:
-                              type: boolean
-                            filterRunning:
-                              type: boolean
-                            followRedirects:
+                            targetPortal:
+                              type: string
+                          required:
+                          - iqn
+                          - lun
+                          - targetPortal
+                          type: object
+                        name:
+                          type: string
+                        nfs:
+                          properties:
+                            path:
+                              type: string
+                            readOnly:
                               type: boolean
-                            honorLabels:
+                            server:
+                              type: string
+                          required:
+                          - path
+                          - server
+                          type: object
+                        persistentVolumeClaim:
+                          properties:
+                            claimName:
+                              type: string
+                            readOnly:
                               type: boolean
-                            honorTimestamps:
+                          required:
+                          - claimName
+                          type: object
+                        photonPersistentDisk:
+                          properties:
+                            fsType:
+                              type: string
+                            pdID:
+                              type: string
+                          required:
+                          - pdID
+                          type: object
+                        portworxVolume:
+                          properties:
+                            fsType:
+                              type: string
+                            readOnly:
                               type: boolean
-                            interval:
-                              pattern: ^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$
+                            volumeID:
                               type: string
-                            metricRelabelings:
-                              items:
-                                properties:
-                                  action:
-                                    default: replace
-                                    enum:
-                                    - replace
-                                    - Replace
-                                    - keep
-                                    - Keep
-                                    - drop
-                                    - Drop
-                                    - hashmod
-                                    - HashMod
-                                    - labelmap
-                                    - LabelMap
-                                    - labeldrop
-                                    - LabelDrop
-                                    - labelkeep
-                                    - LabelKeep
-                                    - lowercase
-                                    - Lowercase
-                                    - uppercase
-                                    - Uppercase
-                                    - keepequal
-                                    - KeepEqual
-                                    - dropequal
-                                    - DropEqual
-                                    type: string
-                                  modulus:
-                                    format: int64
-                                    type: integer
-                                  regex:
-                                    type: string
-                                  replacement:
-                                    type: string
-                                  separator:
-                                    type: string
-                                  sourceLabels:
-                                    items:
-                                      pattern: ^[a-zA-Z_][a-zA-Z0-9_]*$
-                                      type: string
-                                    type: array
-                                  targetLabel:
-                                    type: string
-                                type: object
-                              type: array
-                            oauth2:
-                              properties:
-                                clientId:
-                                  properties:
-                                    configMap:
-                                      properties:
-                                        key:
-                                          type: string
-                                        name:
-                                          default: ""
-                                          type: string
-                                        optional:
-                                          type: boolean
-                                      required:
-                                      - key
-                                      type: object
-                                      x-kubernetes-map-type: atomic
-                                    secret:
-                                      properties:
-                                        key:
-                                          type: string
-                                        name:
-                                          default: ""
-                                          type: string
-                                        optional:
-                                          type: boolean
-                                      required:
-                                      - key
-                                      type: object
-                                      x-kubernetes-map-type: atomic
-                                  type: object
-                                clientSecret:
-                                  properties:
-                                    key:
-                                      type: string
-                                    name:
-                                      default: ""
-                                      type: string
-                                    optional:
-                                      type: boolean
-                                  required:
-                                  - key
-                                  type: object
-                                  x-kubernetes-map-type: atomic
-                                endpointParams:
-                                  additionalProperties:
-                                    type: string
-                                  type: object
-                                noProxy:
-                                  type: string
-                                proxyConnectHeader:
-                                  additionalProperties:
-                                    items:
-                                      properties:
-                                        key:
-                                          type: string
-                                        name:
-                                          default: ""
-                                          type: string
-                                        optional:
-                                          type: boolean
-                                      required:
-                                      - key
-                                      type: object
-                                      x-kubernetes-map-type: atomic
-                                    type: array
-                                  type: object
-                                  x-kubernetes-map-type: atomic
-                                proxyFromEnvironment:
-                                  type: boolean
-                                proxyUrl:
-                                  pattern: ^http(s)?://.+$
-                                  type: string
-                                scopes:
-                                  items:
-                                    type: string
-                                  type: array
-                                tlsConfig:
-                                  properties:
-                                    ca:
-                                      properties:
-                                        configMap:
-                                          properties:
-                                            key:
-                                              type: string
-                                            name:
-                                              default: ""
+                          required:
+                          - volumeID
+                          type: object
+                        projected:
+                          properties:
+                            defaultMode:
+                              format: int32
+                              type: integer
+                            sources:
+                              items:
+                                properties:
+                                  clusterTrustBundle:
+                                    properties:
+                                      labelSelector:
+                                        properties:
+                                          matchExpressions:
+                                            items:
+                                              properties:
+                                                key:
+                                                  type: string
+                                                operator:
+                                                  type: string
+                                                values:
+                                                  items:
+                                                    type: string
+                                                  type: array
+                                                  x-kubernetes-list-type: atomic
+                                              required:
+                                              - key
+                                              - operator
+                                              type: object
+                                            type: array
+                                            x-kubernetes-list-type: atomic
+                                          matchLabels:
+                                            additionalProperties:
                                               type: string
-                                            optional:
-                                              type: boolean
-                                          required:
-                                          - key
-                                          type: object
-                                          x-kubernetes-map-type: atomic
-                                        secret:
+                                            type: object
+                                        type: object
+                                        x-kubernetes-map-type: atomic
+                                      name:
+                                        type: string
+                                      optional:
+                                        type: boolean
+                                      path:
+                                        type: string
+                                      signerName:
+                                        type: string
+                                    required:
+                                    - path
+                                    type: object
+                                  configMap:
+                                    properties:
+                                      items:
+                                        items:
                                           properties:
                                             key:
                                               type: string
-                                            name:
-                                              default: ""
+                                            mode:
+                                              format: int32
+                                              type: integer
+                                            path:
                                               type: string
-                                            optional:
-                                              type: boolean
                                           required:
                                           - key
+                                          - path
                                           type: object
-                                          x-kubernetes-map-type: atomic
-                                      type: object
-                                    cert:
-                                      properties:
-                                        configMap:
+                                        type: array
+                                        x-kubernetes-list-type: atomic
+                                      name:
+                                        default: ""
+                                        type: string
+                                      optional:
+                                        type: boolean
+                                    type: object
+                                    x-kubernetes-map-type: atomic
+                                  downwardAPI:
+                                    properties:
+                                      items:
+                                        items:
                                           properties:
-                                            key:
-                                              type: string
-                                            name:
-                                              default: ""
+                                            fieldRef:
+                                              properties:
+                                                apiVersion:
+                                                  type: string
+                                                fieldPath:
+                                                  type: string
+                                              required:
+                                              - fieldPath
+                                              type: object
+                                              x-kubernetes-map-type: atomic
+                                            mode:
+                                              format: int32
+                                              type: integer
+                                            path:
                                               type: string
-                                            optional:
-                                              type: boolean
+                                            resourceFieldRef:
+                                              properties:
+                                                containerName:
+                                                  type: string
+                                                divisor:
+                                                  anyOf:
+                                                  - type: integer
+                                                  - type: string
+                                                  pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+                                                  x-kubernetes-int-or-string: true
+                                                resource:
+                                                  type: string
+                                              required:
+                                              - resource
+                                              type: object
+                                              x-kubernetes-map-type: atomic
                                           required:
-                                          - key
+                                          - path
                                           type: object
-                                          x-kubernetes-map-type: atomic
-                                        secret:
+                                        type: array
+                                        x-kubernetes-list-type: atomic
+                                    type: object
+                                  podCertificate:
+                                    properties:
+                                      certificateChainPath:
+                                        type: string
+                                      credentialBundlePath:
+                                        type: string
+                                      keyPath:
+                                        type: string
+                                      keyType:
+                                        type: string
+                                      maxExpirationSeconds:
+                                        format: int32
+                                        type: integer
+                                      signerName:
+                                        type: string
+                                    required:
+                                    - keyType
+                                    - signerName
+                                    type: object
+                                  secret:
+                                    properties:
+                                      items:
+                                        items:
                                           properties:
                                             key:
                                               type: string
-                                            name:
-                                              default: ""
+                                            mode:
+                                              format: int32
+                                              type: integer
+                                            path:
                                               type: string
-                                            optional:
-                                              type: boolean
                                           required:
                                           - key
+                                          - path
                                           type: object
-                                          x-kubernetes-map-type: atomic
-                                      type: object
-                                    insecureSkipVerify:
-                                      type: boolean
-                                    keySecret:
-                                      properties:
-                                        key:
-                                          type: string
-                                        name:
-                                          default: ""
-                                          type: string
-                                        optional:
-                                          type: boolean
-                                      required:
-                                      - key
-                                      type: object
-                                      x-kubernetes-map-type: atomic
-                                    maxVersion:
-                                      enum:
-                                      - TLS10
-                                      - TLS11
-                                      - TLS12
-                                      - TLS13
-                                      type: string
-                                    minVersion:
-                                      enum:
-                                      - TLS10
-                                      - TLS11
-                                      - TLS12
-                                      - TLS13
-                                      type: string
-                                    serverName:
-                                      type: string
-                                  type: object
-                                tokenUrl:
-                                  minLength: 1
+                                        type: array
+                                        x-kubernetes-list-type: atomic
+                                      name:
+                                        default: ""
+                                        type: string
+                                      optional:
+                                        type: boolean
+                                    type: object
+                                    x-kubernetes-map-type: atomic
+                                  serviceAccountToken:
+                                    properties:
+                                      audience:
+                                        type: string
+                                      expirationSeconds:
+                                        format: int64
+                                        type: integer
+                                      path:
+                                        type: string
+                                    required:
+                                    - path
+                                    type: object
+                                type: object
+                              type: array
+                              x-kubernetes-list-type: atomic
+                          type: object
+                        quobyte:
+                          properties:
+                            group:
+                              type: string
+                            readOnly:
+                              type: boolean
+                            registry:
+                              type: string
+                            tenant:
+                              type: string
+                            user:
+                              type: string
+                            volume:
+                              type: string
+                          required:
+                          - registry
+                          - volume
+                          type: object
+                        rbd:
+                          properties:
+                            fsType:
+                              type: string
+                            image:
+                              type: string
+                            keyring:
+                              default: /etc/ceph/keyring
+                              type: string
+                            monitors:
+                              items:
+                                type: string
+                              type: array
+                              x-kubernetes-list-type: atomic
+                            pool:
+                              default: rbd
+                              type: string
+                            readOnly:
+                              type: boolean
+                            secretRef:
+                              properties:
+                                name:
+                                  default: ""
                                   type: string
-                              required:
-                              - clientId
-                              - clientSecret
-                              - tokenUrl
                               type: object
-                            params:
-                              additionalProperties:
-                                items:
+                              x-kubernetes-map-type: atomic
+                            user:
+                              default: admin
+                              type: string
+                          required:
+                          - image
+                          - monitors
+                          type: object
+                        scaleIO:
+                          properties:
+                            fsType:
+                              default: xfs
+                              type: string
+                            gateway:
+                              type: string
+                            protectionDomain:
+                              type: string
+                            readOnly:
+                              type: boolean
+                            secretRef:
+                              properties:
+                                name:
+                                  default: ""
                                   type: string
-                                type: array
                               type: object
-                            path:
+                              x-kubernetes-map-type: atomic
+                            sslEnabled:
+                              type: boolean
+                            storageMode:
+                              default: ThinProvisioned
                               type: string
-                            port:
+                            storagePool:
                               type: string
-                            proxyUrl:
+                            system:
                               type: string
-                            relabelings:
+                            volumeName:
+                              type: string
+                          required:
+                          - gateway
+                          - secretRef
+                          - system
+                          type: object
+                        secret:
+                          properties:
+                            defaultMode:
+                              format: int32
+                              type: integer
+                            items:
                               items:
                                 properties:
-                                  action:
-                                    default: replace
-                                    enum:
-                                    - replace
-                                    - Replace
-                                    - keep
-                                    - Keep
-                                    - drop
-                                    - Drop
-                                    - hashmod
-                                    - HashMod
-                                    - labelmap
-                                    - LabelMap
-                                    - labeldrop
-                                    - LabelDrop
-                                    - labelkeep
-                                    - LabelKeep
-                                    - lowercase
-                                    - Lowercase
-                                    - uppercase
-                                    - Uppercase
-                                    - keepequal
-                                    - KeepEqual
-                                    - dropequal
-                                    - DropEqual
+                                  key:
                                     type: string
-                                  modulus:
-                                    format: int64
+                                  mode:
+                                    format: int32
                                     type: integer
-                                  regex:
-                                    type: string
-                                  replacement:
-                                    type: string
-                                  separator:
-                                    type: string
-                                  sourceLabels:
-                                    items:
-                                      pattern: ^[a-zA-Z_][a-zA-Z0-9_]*$
-                                      type: string
-                                    type: array
-                                  targetLabel:
+                                  path:
                                     type: string
+                                required:
+                                - key
+                                - path
                                 type: object
                               type: array
-                            scheme:
-                              enum:
-                              - http
-                              - https
+                              x-kubernetes-list-type: atomic
+                            optional:
+                              type: boolean
+                            secretName:
                               type: string
-                            scrapeTimeout:
-                              pattern: ^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$
+                          type: object
+                        storageos:
+                          properties:
+                            fsType:
                               type: string
-                            targetPort:
-                              anyOf:
-                              - type: integer
-                              - type: string
-                              x-kubernetes-int-or-string: true
-                            tlsConfig:
+                            readOnly:
+                              type: boolean
+                            secretRef:
                               properties:
-                                ca:
-                                  properties:
-                                    configMap:
-                                      properties:
-                                        key:
-                                          type: string
-                                        name:
-                                          default: ""
-                                          type: string
-                                        optional:
-                                          type: boolean
-                                      required:
-                                      - key
-                                      type: object
-                                      x-kubernetes-map-type: atomic
-                                    secret:
-                                      properties:
-                                        key:
-                                          type: string
-                                        name:
-                                          default: ""
-                                          type: string
-                                        optional:
-                                          type: boolean
-                                      required:
-                                      - key
-                                      type: object
-                                      x-kubernetes-map-type: atomic
-                                  type: object
-                                caFile:
-                                  type: string
-                                cert:
-                                  properties:
-                                    configMap:
-                                      properties:
-                                        key:
-                                          type: string
-                                        name:
-                                          default: ""
-                                          type: string
-                                        optional:
-                                          type: boolean
-                                      required:
-                                      - key
-                                      type: object
-                                      x-kubernetes-map-type: atomic
-                                    secret:
-                                      properties:
-                                        key:
-                                          type: string
-                                        name:
-                                          default: ""
-                                          type: string
-                                        optional:
-                                          type: boolean
-                                      required:
-                                      - key
-                                      type: object
-                                      x-kubernetes-map-type: atomic
-                                  type: object
-                                certFile:
-                                  type: string
-                                insecureSkipVerify:
-                                  type: boolean
-                                keyFile:
-                                  type: string
-                                keySecret:
-                                  properties:
-                                    key:
-                                      type: string
-                                    name:
-                                      default: ""
-                                      type: string
-                                    optional:
-                                      type: boolean
-                                  required:
-                                  - key
-                                  type: object
-                                  x-kubernetes-map-type: atomic
-                                maxVersion:
-                                  enum:
-                                  - TLS10
-                                  - TLS11
-                                  - TLS12
-                                  - TLS13
-                                  type: string
-                                minVersion:
-                                  enum:
-                                  - TLS10
-                                  - TLS11
-                                  - TLS12
-                                  - TLS13
-                                  type: string
-                                serverName:
+                                name:
+                                  default: ""
                                   type: string
                               type: object
-                            trackTimestampsStaleness:
-                              type: boolean
+                              x-kubernetes-map-type: atomic
+                            volumeName:
+                              type: string
+                            volumeNamespace:
+                              type: string
                           type: object
-                        type: array
-                      labels:
-                        additionalProperties:
-                          type: string
-                        type: object
-                      namespaceSelector:
-                        properties:
-                          any:
-                            type: boolean
-                          matchNames:
-                            items:
+                        vsphereVolume:
+                          properties:
+                            fsType:
                               type: string
-                            type: array
-                        type: object
-                    type: object
+                            storagePolicyID:
+                              type: string
+                            storagePolicyName:
+                              type: string
+                            volumePath:
+                              type: string
+                          required:
+                          - volumePath
+                          type: object
+                      required:
+                      - name
+                      type: object
+                    type: array
+                type: object
+              wallet:
+                properties:
+                  additional:
+                    items:
+                      properties:
+                        mountPath:
+                          type: string
+                        name:
+                          type: string
+                        secret:
+                          type: string
+                      type: object
+                    type: array
+                  mountPath:
+                    type: string
+                  secret:
+                    type: string
                 type: object
+            type: object
+          status:
+            properties:
+              conditions:
+                items:
+                  properties:
+                    lastTransitionTime:
+                      format: date-time
+                      type: string
+                    message:
+                      maxLength: 32768
+                      type: string
+                    observedGeneration:
+                      format: int64
+                      minimum: 0
+                      type: integer
+                    reason:
+                      maxLength: 1024
+                      minLength: 1
+                      pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$
+                      type: string
+                    status:
+                      enum:
+                      - "True"
+                      - "False"
+                      - Unknown
+                      type: string
+                    type:
+                      maxLength: 316
+                      pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$
+                      type: string
+                  required:
+                  - lastTransitionTime
+                  - message
+                  - reason
+                  - status
+                  - type
+                  type: object
+                type: array
+              metricsConfig:
+                type: string
               replicas:
-                format: int32
                 type: integer
-              sidecarVolumes:
-                items:
+              status:
+                type: string
+              version:
+                type: string
+            required:
+            - conditions
+            - metricsConfig
+            - version
+            type: object
+        type: object
+    served: true
+    storage: false
+    subresources:
+      status: {}
+  - additionalPrinterColumns:
+    - jsonPath: .status.metricsConfig
+      name: MetricsConfig
+      type: string
+    - jsonPath: .status.status
+      name: Status
+      type: string
+    - jsonPath: .status.version
+      name: Version
+      type: string
+    name: v1alpha1
+    schema:
+      openAPIV3Schema:
+        properties:
+          apiVersion:
+            type: string
+          kind:
+            type: string
+          metadata:
+            type: object
+          spec:
+            properties:
+              azureConfig:
+                properties:
+                  configMap:
+                    properties:
+                      key:
+                        type: string
+                      name:
+                        type: string
+                    type: object
+                type: object
+              database:
+                properties:
+                  azure:
+                    properties:
+                      vaultID:
+                        type: string
+                      vaultPasswordSecret:
+                        type: string
+                      vaultUsernameSecret:
+                        type: string
+                    type: object
+                  dbConnectionString:
+                    properties:
+                      envName:
+                        type: string
+                      key:
+                        type: string
+                      secret:
+                        type: string
+                    type: object
+                  dbPassword:
+                    properties:
+                      envName:
+                        type: string
+                      key:
+                        type: string
+                      secret:
+                        type: string
+                    type: object
+                  dbUser:
+                    properties:
+                      envName:
+                        type: string
+                      key:
+                        type: string
+                      secret:
+                        type: string
+                    type: object
+                  oci:
+                    properties:
+                      vaultID:
+                        type: string
+                      vaultPasswordSecret:
+                        type: string
+                    type: object
+                type: object
+              databases:
+                additionalProperties:
                   properties:
-                    awsElasticBlockStore:
+                    dbConnectionString:
                       properties:
-                        fsType:
+                        envName:
                           type: string
-                        partition:
-                          format: int32
-                          type: integer
-                        readOnly:
-                          type: boolean
-                        volumeID:
+                        key:
+                          type: string
+                        secret:
                           type: string
-                      required:
-                      - volumeID
                       type: object
-                    azureDisk:
+                    dbPassword:
                       properties:
-                        cachingMode:
-                          type: string
-                        diskName:
+                        envName:
                           type: string
-                        diskURI:
+                        key:
                           type: string
-                        fsType:
-                          default: ext4
+                        secret:
                           type: string
-                        kind:
-                          type: string
-                        readOnly:
-                          default: false
-                          type: boolean
-                      required:
-                      - diskName
-                      - diskURI
                       type: object
-                    azureFile:
+                    dbUser:
                       properties:
-                        readOnly:
-                          type: boolean
-                        secretName:
+                        envName:
                           type: string
-                        shareName:
+                        key:
+                          type: string
+                        secret:
                           type: string
-                      required:
-                      - secretName
-                      - shareName
                       type: object
-                    cephfs:
-                      properties:
-                        monitors:
-                          items:
-                            type: string
-                          type: array
-                          x-kubernetes-list-type: atomic
-                        path:
-                          type: string
-                        readOnly:
-                          type: boolean
-                        secretFile:
-                          type: string
-                        secretRef:
+                  type: object
+                type: object
+              deployment:
+                properties:
+                  args:
+                    items:
+                      type: string
+                    type: array
+                  commands:
+                    items:
+                      type: string
+                    type: array
+                  env:
+                    additionalProperties:
+                      type: string
+                    type: object
+                  image:
+                    type: string
+                  labels:
+                    additionalProperties:
+                      type: string
+                    type: object
+                  podSecurityContext:
+                    properties:
+                      appArmorProfile:
+                        properties:
+                          localhostProfile:
+                            type: string
+                          type:
+                            type: string
+                        required:
+                        - type
+                        type: object
+                      fsGroup:
+                        format: int64
+                        type: integer
+                      fsGroupChangePolicy:
+                        type: string
+                      runAsGroup:
+                        format: int64
+                        type: integer
+                      runAsNonRoot:
+                        type: boolean
+                      runAsUser:
+                        format: int64
+                        type: integer
+                      seLinuxChangePolicy:
+                        type: string
+                      seLinuxOptions:
+                        properties:
+                          level:
+                            type: string
+                          role:
+                            type: string
+                          type:
+                            type: string
+                          user:
+                            type: string
+                        type: object
+                      seccompProfile:
+                        properties:
+                          localhostProfile:
+                            type: string
+                          type:
+                            type: string
+                        required:
+                        - type
+                        type: object
+                      supplementalGroups:
+                        items:
+                          format: int64
+                          type: integer
+                        type: array
+                        x-kubernetes-list-type: atomic
+                      supplementalGroupsPolicy:
+                        type: string
+                      sysctls:
+                        items:
                           properties:
                             name:
-                              default: ""
                               type: string
-                          type: object
-                          x-kubernetes-map-type: atomic
-                        user:
-                          type: string
-                      required:
-                      - monitors
-                      type: object
-                    cinder:
-                      properties:
-                        fsType:
-                          type: string
-                        readOnly:
-                          type: boolean
-                        secretRef:
-                          properties:
-                            name:
-                              default: ""
+                            value:
                               type: string
+                          required:
+                          - name
+                          - value
                           type: object
-                          x-kubernetes-map-type: atomic
-                        volumeID:
+                        type: array
+                        x-kubernetes-list-type: atomic
+                      windowsOptions:
+                        properties:
+                          gmsaCredentialSpec:
+                            type: string
+                          gmsaCredentialSpecName:
+                            type: string
+                          hostProcess:
+                            type: boolean
+                          runAsUserName:
+                            type: string
+                        type: object
+                    type: object
+                  podTemplate:
+                    properties:
+                      labels:
+                        additionalProperties:
                           type: string
-                      required:
-                      - volumeID
-                      type: object
-                    configMap:
+                        type: object
+                    type: object
+                  securityContext:
+                    properties:
+                      allowPrivilegeEscalation:
+                        type: boolean
+                      appArmorProfile:
+                        properties:
+                          localhostProfile:
+                            type: string
+                          type:
+                            type: string
+                        required:
+                        - type
+                        type: object
+                      capabilities:
+                        properties:
+                          add:
+                            items:
+                              type: string
+                            type: array
+                            x-kubernetes-list-type: atomic
+                          drop:
+                            items:
+                              type: string
+                            type: array
+                            x-kubernetes-list-type: atomic
+                        type: object
+                      privileged:
+                        type: boolean
+                      procMount:
+                        type: string
+                      readOnlyRootFilesystem:
+                        type: boolean
+                      runAsGroup:
+                        format: int64
+                        type: integer
+                      runAsNonRoot:
+                        type: boolean
+                      runAsUser:
+                        format: int64
+                        type: integer
+                      seLinuxOptions:
+                        properties:
+                          level:
+                            type: string
+                          role:
+                            type: string
+                          type:
+                            type: string
+                          user:
+                            type: string
+                        type: object
+                      seccompProfile:
+                        properties:
+                          localhostProfile:
+                            type: string
+                          type:
+                            type: string
+                        required:
+                        - type
+                        type: object
+                      windowsOptions:
+                        properties:
+                          gmsaCredentialSpec:
+                            type: string
+                          gmsaCredentialSpecName:
+                            type: string
+                          hostProcess:
+                            type: boolean
+                          runAsUserName:
+                            type: string
+                        type: object
+                    type: object
+                type: object
+              exporterConfig:
+                properties:
+                  configMap:
+                    properties:
+                      key:
+                        type: string
+                      name:
+                        type: string
+                    type: object
+                  mountPath:
+                    type: string
+                type: object
+              inheritLabels:
+                items:
+                  type: string
+                type: array
+              log:
+                properties:
+                  destination:
+                    type: string
+                  disable:
+                    type: boolean
+                  filename:
+                    type: string
+                  volume:
+                    properties:
+                      name:
+                        type: string
+                      persistentVolumeClaim:
+                        properties:
+                          claimName:
+                            type: string
+                        type: object
+                    type: object
+                type: object
+              metrics:
+                properties:
+                  configMap:
+                    items:
                       properties:
-                        defaultMode:
-                          format: int32
-                          type: integer
-                        items:
-                          items:
-                            properties:
-                              key:
-                                type: string
-                              mode:
-                                format: int32
-                                type: integer
-                              path:
-                                type: string
-                            required:
-                            - key
-                            - path
-                            type: object
-                          type: array
-                          x-kubernetes-list-type: atomic
+                        key:
+                          type: string
                         name:
-                          default: ""
                           type: string
-                        optional:
-                          type: boolean
                       type: object
-                      x-kubernetes-map-type: atomic
-                    csi:
+                    type: array
+                type: object
+              ociConfig:
+                properties:
+                  configMap:
+                    properties:
+                      key:
+                        type: string
+                      name:
+                        type: string
+                    type: object
+                  mountPath:
+                    type: string
+                  privateKey:
+                    properties:
+                      secret:
+                        type: string
+                    type: object
+                type: object
+              replicas:
+                format: int32
+                type: integer
+              service:
+                properties:
+                  labels:
+                    additionalProperties:
+                      type: string
+                    type: object
+                  ports:
+                    items:
                       properties:
-                        driver:
+                        appProtocol:
                           type: string
-                        fsType:
+                        name:
                           type: string
-                        nodePublishSecretRef:
-                          properties:
-                            name:
-                              default: ""
-                              type: string
-                          type: object
-                          x-kubernetes-map-type: atomic
-                        readOnly:
-                          type: boolean
-                        volumeAttributes:
-                          additionalProperties:
-                            type: string
-                          type: object
-                      required:
-                      - driver
-                      type: object
-                    downwardAPI:
-                      properties:
-                        defaultMode:
+                        nodePort:
                           format: int32
                           type: integer
-                        items:
-                          items:
-                            properties:
-                              fieldRef:
-                                properties:
-                                  apiVersion:
-                                    type: string
-                                  fieldPath:
-                                    type: string
-                                required:
-                                - fieldPath
-                                type: object
-                                x-kubernetes-map-type: atomic
-                              mode:
-                                format: int32
-                                type: integer
-                              path:
-                                type: string
-                              resourceFieldRef:
-                                properties:
-                                  containerName:
-                                    type: string
-                                  divisor:
-                                    anyOf:
-                                    - type: integer
-                                    - type: string
-                                    pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
-                                    x-kubernetes-int-or-string: true
-                                  resource:
-                                    type: string
-                                required:
-                                - resource
-                                type: object
-                                x-kubernetes-map-type: atomic
-                            required:
-                            - path
-                            type: object
-                          type: array
-                          x-kubernetes-list-type: atomic
-                      type: object
-                    emptyDir:
-                      properties:
-                        medium:
+                        port:
+                          format: int32
+                          type: integer
+                        protocol:
+                          default: TCP
                           type: string
-                        sizeLimit:
+                        targetPort:
                           anyOf:
                           - type: integer
                           - type: string
-                          pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
                           x-kubernetes-int-or-string: true
+                      required:
+                      - port
                       type: object
-                    ephemeral:
+                    type: array
+                type: object
+              serviceMonitor:
+                properties:
+                  endpoints:
+                    items:
                       properties:
-                        volumeClaimTemplate:
+                        authorization:
                           properties:
-                            metadata:
+                            credentials:
+                              properties:
+                                key:
+                                  type: string
+                                name:
+                                  default: ""
+                                  type: string
+                                optional:
+                                  type: boolean
+                              required:
+                              - key
                               type: object
-                            spec:
+                              x-kubernetes-map-type: atomic
+                            type:
+                              type: string
+                          type: object
+                        basicAuth:
+                          properties:
+                            password:
                               properties:
-                                accessModes:
-                                  items:
-                                    type: string
-                                  type: array
-                                  x-kubernetes-list-type: atomic
-                                dataSource:
+                                key:
+                                  type: string
+                                name:
+                                  default: ""
+                                  type: string
+                                optional:
+                                  type: boolean
+                              required:
+                              - key
+                              type: object
+                              x-kubernetes-map-type: atomic
+                            username:
+                              properties:
+                                key:
+                                  type: string
+                                name:
+                                  default: ""
+                                  type: string
+                                optional:
+                                  type: boolean
+                              required:
+                              - key
+                              type: object
+                              x-kubernetes-map-type: atomic
+                          type: object
+                        bearerTokenFile:
+                          type: string
+                        bearerTokenSecret:
+                          properties:
+                            key:
+                              type: string
+                            name:
+                              default: ""
+                              type: string
+                            optional:
+                              type: boolean
+                          required:
+                          - key
+                          type: object
+                          x-kubernetes-map-type: atomic
+                        enableHttp2:
+                          type: boolean
+                        filterRunning:
+                          type: boolean
+                        followRedirects:
+                          type: boolean
+                        honorLabels:
+                          type: boolean
+                        honorTimestamps:
+                          type: boolean
+                        interval:
+                          pattern: ^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$
+                          type: string
+                        metricRelabelings:
+                          items:
+                            properties:
+                              action:
+                                default: replace
+                                enum:
+                                - replace
+                                - Replace
+                                - keep
+                                - Keep
+                                - drop
+                                - Drop
+                                - hashmod
+                                - HashMod
+                                - labelmap
+                                - LabelMap
+                                - labeldrop
+                                - LabelDrop
+                                - labelkeep
+                                - LabelKeep
+                                - lowercase
+                                - Lowercase
+                                - uppercase
+                                - Uppercase
+                                - keepequal
+                                - KeepEqual
+                                - dropequal
+                                - DropEqual
+                                type: string
+                              modulus:
+                                format: int64
+                                type: integer
+                              regex:
+                                type: string
+                              replacement:
+                                type: string
+                              separator:
+                                type: string
+                              sourceLabels:
+                                items:
+                                  pattern: ^[a-zA-Z_][a-zA-Z0-9_]*$
+                                  type: string
+                                type: array
+                              targetLabel:
+                                type: string
+                            type: object
+                          type: array
+                        noProxy:
+                          type: string
+                        oauth2:
+                          properties:
+                            clientId:
+                              properties:
+                                configMap:
                                   properties:
-                                    apiGroup:
-                                      type: string
-                                    kind:
+                                    key:
                                       type: string
                                     name:
+                                      default: ""
                                       type: string
+                                    optional:
+                                      type: boolean
                                   required:
-                                  - kind
-                                  - name
+                                  - key
                                   type: object
                                   x-kubernetes-map-type: atomic
-                                dataSourceRef:
+                                secret:
                                   properties:
-                                    apiGroup:
-                                      type: string
-                                    kind:
+                                    key:
                                       type: string
                                     name:
+                                      default: ""
+                                      type: string
+                                    optional:
+                                      type: boolean
+                                  required:
+                                  - key
+                                  type: object
+                                  x-kubernetes-map-type: atomic
+                              type: object
+                            clientSecret:
+                              properties:
+                                key:
+                                  type: string
+                                name:
+                                  default: ""
+                                  type: string
+                                optional:
+                                  type: boolean
+                              required:
+                              - key
+                              type: object
+                              x-kubernetes-map-type: atomic
+                            endpointParams:
+                              additionalProperties:
+                                type: string
+                              type: object
+                            noProxy:
+                              type: string
+                            proxyConnectHeader:
+                              additionalProperties:
+                                items:
+                                  properties:
+                                    key:
                                       type: string
-                                    namespace:
+                                    name:
+                                      default: ""
                                       type: string
+                                    optional:
+                                      type: boolean
                                   required:
-                                  - kind
-                                  - name
+                                  - key
                                   type: object
-                                resources:
+                                  x-kubernetes-map-type: atomic
+                                type: array
+                              type: object
+                              x-kubernetes-map-type: atomic
+                            proxyFromEnvironment:
+                              type: boolean
+                            proxyUrl:
+                              pattern: ^(http|https|socks5)://.+$
+                              type: string
+                            scopes:
+                              items:
+                                type: string
+                              type: array
+                            tlsConfig:
+                              properties:
+                                ca:
                                   properties:
-                                    limits:
-                                      additionalProperties:
-                                        anyOf:
-                                        - type: integer
-                                        - type: string
-                                        pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
-                                        x-kubernetes-int-or-string: true
+                                    configMap:
+                                      properties:
+                                        key:
+                                          type: string
+                                        name:
+                                          default: ""
+                                          type: string
+                                        optional:
+                                          type: boolean
+                                      required:
+                                      - key
                                       type: object
-                                    requests:
-                                      additionalProperties:
-                                        anyOf:
-                                        - type: integer
-                                        - type: string
-                                        pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
-                                        x-kubernetes-int-or-string: true
+                                      x-kubernetes-map-type: atomic
+                                    secret:
+                                      properties:
+                                        key:
+                                          type: string
+                                        name:
+                                          default: ""
+                                          type: string
+                                        optional:
+                                          type: boolean
+                                      required:
+                                      - key
                                       type: object
+                                      x-kubernetes-map-type: atomic
                                   type: object
-                                selector:
+                                cert:
                                   properties:
-                                    matchExpressions:
-                                      items:
-                                        properties:
-                                          key:
-                                            type: string
-                                          operator:
-                                            type: string
-                                          values:
-                                            items:
-                                              type: string
-                                            type: array
-                                            x-kubernetes-list-type: atomic
-                                        required:
-                                        - key
-                                        - operator
-                                        type: object
-                                      type: array
-                                      x-kubernetes-list-type: atomic
-                                    matchLabels:
-                                      additionalProperties:
-                                        type: string
+                                    configMap:
+                                      properties:
+                                        key:
+                                          type: string
+                                        name:
+                                          default: ""
+                                          type: string
+                                        optional:
+                                          type: boolean
+                                      required:
+                                      - key
+                                      type: object
+                                      x-kubernetes-map-type: atomic
+                                    secret:
+                                      properties:
+                                        key:
+                                          type: string
+                                        name:
+                                          default: ""
+                                          type: string
+                                        optional:
+                                          type: boolean
+                                      required:
+                                      - key
                                       type: object
+                                      x-kubernetes-map-type: atomic
+                                  type: object
+                                insecureSkipVerify:
+                                  type: boolean
+                                keySecret:
+                                  properties:
+                                    key:
+                                      type: string
+                                    name:
+                                      default: ""
+                                      type: string
+                                    optional:
+                                      type: boolean
+                                  required:
+                                  - key
                                   type: object
                                   x-kubernetes-map-type: atomic
-                                storageClassName:
-                                  type: string
-                                volumeAttributesClassName:
+                                maxVersion:
+                                  enum:
+                                  - TLS10
+                                  - TLS11
+                                  - TLS12
+                                  - TLS13
                                   type: string
-                                volumeMode:
+                                minVersion:
+                                  enum:
+                                  - TLS10
+                                  - TLS11
+                                  - TLS12
+                                  - TLS13
                                   type: string
-                                volumeName:
+                                serverName:
                                   type: string
                               type: object
+                            tokenUrl:
+                              minLength: 1
+                              type: string
                           required:
-                          - spec
+                          - clientId
+                          - clientSecret
+                          - tokenUrl
                           type: object
-                      type: object
-                    fc:
-                      properties:
-                        fsType:
-                          type: string
-                        lun:
-                          format: int32
-                          type: integer
-                        readOnly:
-                          type: boolean
-                        targetWWNs:
-                          items:
-                            type: string
-                          type: array
-                          x-kubernetes-list-type: atomic
-                        wwids:
-                          items:
-                            type: string
-                          type: array
-                          x-kubernetes-list-type: atomic
-                      type: object
-                    flexVolume:
-                      properties:
-                        driver:
-                          type: string
-                        fsType:
-                          type: string
-                        options:
+                        params:
                           additionalProperties:
-                            type: string
-                          type: object
-                        readOnly:
-                          type: boolean
-                        secretRef:
-                          properties:
-                            name:
-                              default: ""
+                            items:
                               type: string
+                            type: array
                           type: object
-                          x-kubernetes-map-type: atomic
-                      required:
-                      - driver
-                      type: object
-                    flocker:
-                      properties:
-                        datasetName:
-                          type: string
-                        datasetUUID:
-                          type: string
-                      type: object
-                    gcePersistentDisk:
-                      properties:
-                        fsType:
+                        path:
                           type: string
-                        partition:
-                          format: int32
-                          type: integer
-                        pdName:
+                        port:
                           type: string
-                        readOnly:
-                          type: boolean
-                      required:
-                      - pdName
-                      type: object
-                    gitRepo:
-                      properties:
-                        directory:
-                          type: string
-                        repository:
-                          type: string
-                        revision:
-                          type: string
-                      required:
-                      - repository
-                      type: object
-                    glusterfs:
-                      properties:
-                        endpoints:
-                          type: string
-                        path:
-                          type: string
-                        readOnly:
-                          type: boolean
-                      required:
-                      - endpoints
-                      - path
-                      type: object
-                    hostPath:
-                      properties:
-                        path:
-                          type: string
-                        type:
-                          type: string
-                      required:
-                      - path
-                      type: object
-                    image:
-                      properties:
-                        pullPolicy:
-                          type: string
-                        reference:
-                          type: string
-                      type: object
-                    iscsi:
-                      properties:
-                        chapAuthDiscovery:
-                          type: boolean
-                        chapAuthSession:
+                        proxyConnectHeader:
+                          additionalProperties:
+                            items:
+                              properties:
+                                key:
+                                  type: string
+                                name:
+                                  default: ""
+                                  type: string
+                                optional:
+                                  type: boolean
+                              required:
+                              - key
+                              type: object
+                              x-kubernetes-map-type: atomic
+                            type: array
+                          type: object
+                          x-kubernetes-map-type: atomic
+                        proxyFromEnvironment:
                           type: boolean
-                        fsType:
+                        proxyUrl:
+                          pattern: ^(http|https|socks5)://.+$
                           type: string
-                        initiatorName:
-                          type: string
-                        iqn:
-                          type: string
-                        iscsiInterface:
-                          default: default
-                          type: string
-                        lun:
-                          format: int32
-                          type: integer
-                        portals:
+                        relabelings:
                           items:
-                            type: string
+                            properties:
+                              action:
+                                default: replace
+                                enum:
+                                - replace
+                                - Replace
+                                - keep
+                                - Keep
+                                - drop
+                                - Drop
+                                - hashmod
+                                - HashMod
+                                - labelmap
+                                - LabelMap
+                                - labeldrop
+                                - LabelDrop
+                                - labelkeep
+                                - LabelKeep
+                                - lowercase
+                                - Lowercase
+                                - uppercase
+                                - Uppercase
+                                - keepequal
+                                - KeepEqual
+                                - dropequal
+                                - DropEqual
+                                type: string
+                              modulus:
+                                format: int64
+                                type: integer
+                              regex:
+                                type: string
+                              replacement:
+                                type: string
+                              separator:
+                                type: string
+                              sourceLabels:
+                                items:
+                                  pattern: ^[a-zA-Z_][a-zA-Z0-9_]*$
+                                  type: string
+                                type: array
+                              targetLabel:
+                                type: string
+                            type: object
                           type: array
-                          x-kubernetes-list-type: atomic
-                        readOnly:
-                          type: boolean
-                        secretRef:
+                        scheme:
+                          enum:
+                          - http
+                          - https
+                          type: string
+                        scrapeTimeout:
+                          pattern: ^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$
+                          type: string
+                        targetPort:
+                          anyOf:
+                          - type: integer
+                          - type: string
+                          x-kubernetes-int-or-string: true
+                        tlsConfig:
                           properties:
-                            name:
-                              default: ""
+                            ca:
+                              properties:
+                                configMap:
+                                  properties:
+                                    key:
+                                      type: string
+                                    name:
+                                      default: ""
+                                      type: string
+                                    optional:
+                                      type: boolean
+                                  required:
+                                  - key
+                                  type: object
+                                  x-kubernetes-map-type: atomic
+                                secret:
+                                  properties:
+                                    key:
+                                      type: string
+                                    name:
+                                      default: ""
+                                      type: string
+                                    optional:
+                                      type: boolean
+                                  required:
+                                  - key
+                                  type: object
+                                  x-kubernetes-map-type: atomic
+                              type: object
+                            caFile:
+                              type: string
+                            cert:
+                              properties:
+                                configMap:
+                                  properties:
+                                    key:
+                                      type: string
+                                    name:
+                                      default: ""
+                                      type: string
+                                    optional:
+                                      type: boolean
+                                  required:
+                                  - key
+                                  type: object
+                                  x-kubernetes-map-type: atomic
+                                secret:
+                                  properties:
+                                    key:
+                                      type: string
+                                    name:
+                                      default: ""
+                                      type: string
+                                    optional:
+                                      type: boolean
+                                  required:
+                                  - key
+                                  type: object
+                                  x-kubernetes-map-type: atomic
+                              type: object
+                            certFile:
+                              type: string
+                            insecureSkipVerify:
+                              type: boolean
+                            keyFile:
+                              type: string
+                            keySecret:
+                              properties:
+                                key:
+                                  type: string
+                                name:
+                                  default: ""
+                                  type: string
+                                optional:
+                                  type: boolean
+                              required:
+                              - key
+                              type: object
+                              x-kubernetes-map-type: atomic
+                            maxVersion:
+                              enum:
+                              - TLS10
+                              - TLS11
+                              - TLS12
+                              - TLS13
+                              type: string
+                            minVersion:
+                              enum:
+                              - TLS10
+                              - TLS11
+                              - TLS12
+                              - TLS13
+                              type: string
+                            serverName:
                               type: string
                           type: object
-                          x-kubernetes-map-type: atomic
-                        targetPortal:
-                          type: string
-                      required:
-                      - iqn
-                      - lun
-                      - targetPortal
-                      type: object
-                    name:
-                      type: string
-                    nfs:
-                      properties:
-                        path:
-                          type: string
-                        readOnly:
-                          type: boolean
-                        server:
-                          type: string
-                      required:
-                      - path
-                      - server
-                      type: object
-                    persistentVolumeClaim:
-                      properties:
-                        claimName:
-                          type: string
-                        readOnly:
+                        trackTimestampsStaleness:
                           type: boolean
-                      required:
-                      - claimName
                       type: object
-                    photonPersistentDisk:
-                      properties:
-                        fsType:
-                          type: string
-                        pdID:
-                          type: string
-                      required:
-                      - pdID
-                      type: object
-                    portworxVolume:
-                      properties:
-                        fsType:
-                          type: string
-                        readOnly:
-                          type: boolean
-                        volumeID:
+                    type: array
+                  labels:
+                    additionalProperties:
+                      type: string
+                    type: object
+                  namespaceSelector:
+                    properties:
+                      any:
+                        type: boolean
+                      matchNames:
+                        items:
                           type: string
-                      required:
-                      - volumeID
-                      type: object
-                    projected:
+                        type: array
+                    type: object
+                type: object
+              sidecar:
+                properties:
+                  containers:
+                    items:
                       properties:
-                        defaultMode:
-                          format: int32
-                          type: integer
-                        sources:
+                        args:
+                          items:
+                            type: string
+                          type: array
+                          x-kubernetes-list-type: atomic
+                        command:
+                          items:
+                            type: string
+                          type: array
+                          x-kubernetes-list-type: atomic
+                        env:
                           items:
                             properties:
-                              clusterTrustBundle:
+                              name:
+                                type: string
+                              value:
+                                type: string
+                              valueFrom:
                                 properties:
-                                  labelSelector:
+                                  configMapKeyRef:
                                     properties:
-                                      matchExpressions:
-                                        items:
-                                          properties:
-                                            key:
-                                              type: string
-                                            operator:
-                                              type: string
-                                            values:
-                                              items:
-                                                type: string
-                                              type: array
-                                              x-kubernetes-list-type: atomic
-                                          required:
-                                          - key
-                                          - operator
-                                          type: object
-                                        type: array
-                                        x-kubernetes-list-type: atomic
-                                      matchLabels:
-                                        additionalProperties:
-                                          type: string
-                                        type: object
+                                      key:
+                                        type: string
+                                      name:
+                                        default: ""
+                                        type: string
+                                      optional:
+                                        type: boolean
+                                    required:
+                                    - key
+                                    type: object
+                                    x-kubernetes-map-type: atomic
+                                  fieldRef:
+                                    properties:
+                                      apiVersion:
+                                        type: string
+                                      fieldPath:
+                                        type: string
+                                    required:
+                                    - fieldPath
+                                    type: object
+                                    x-kubernetes-map-type: atomic
+                                  fileKeyRef:
+                                    properties:
+                                      key:
+                                        type: string
+                                      optional:
+                                        default: false
+                                        type: boolean
+                                      path:
+                                        type: string
+                                      volumeName:
+                                        type: string
+                                    required:
+                                    - key
+                                    - path
+                                    - volumeName
+                                    type: object
+                                    x-kubernetes-map-type: atomic
+                                  resourceFieldRef:
+                                    properties:
+                                      containerName:
+                                        type: string
+                                      divisor:
+                                        anyOf:
+                                        - type: integer
+                                        - type: string
+                                        pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+                                        x-kubernetes-int-or-string: true
+                                      resource:
+                                        type: string
+                                    required:
+                                    - resource
+                                    type: object
+                                    x-kubernetes-map-type: atomic
+                                  secretKeyRef:
+                                    properties:
+                                      key:
+                                        type: string
+                                      name:
+                                        default: ""
+                                        type: string
+                                      optional:
+                                        type: boolean
+                                    required:
+                                    - key
                                     type: object
                                     x-kubernetes-map-type: atomic
+                                type: object
+                            required:
+                            - name
+                            type: object
+                          type: array
+                          x-kubernetes-list-map-keys:
+                          - name
+                          x-kubernetes-list-type: map
+                        envFrom:
+                          items:
+                            properties:
+                              configMapRef:
+                                properties:
                                   name:
-                                    type: string
-                                  optional:
-                                    type: boolean
-                                  path:
-                                    type: string
-                                  signerName:
-                                    type: string
-                                required:
-                                - path
-                                type: object
-                              configMap:
-                                properties:
-                                  items:
-                                    items:
-                                      properties:
-                                        key:
-                                          type: string
-                                        mode:
-                                          format: int32
-                                          type: integer
-                                        path:
-                                          type: string
-                                      required:
-                                      - key
-                                      - path
-                                      type: object
-                                    type: array
-                                    x-kubernetes-list-type: atomic
-                                  name:
-                                    default: ""
+                                    default: ""
                                     type: string
                                   optional:
                                     type: boolean
                                 type: object
                                 x-kubernetes-map-type: atomic
-                              downwardAPI:
-                                properties:
-                                  items:
-                                    items:
-                                      properties:
-                                        fieldRef:
-                                          properties:
-                                            apiVersion:
-                                              type: string
-                                            fieldPath:
-                                              type: string
-                                          required:
-                                          - fieldPath
-                                          type: object
-                                          x-kubernetes-map-type: atomic
-                                        mode:
-                                          format: int32
-                                          type: integer
-                                        path:
-                                          type: string
-                                        resourceFieldRef:
-                                          properties:
-                                            containerName:
-                                              type: string
-                                            divisor:
-                                              anyOf:
-                                              - type: integer
-                                              - type: string
-                                              pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
-                                              x-kubernetes-int-or-string: true
-                                            resource:
-                                              type: string
-                                          required:
-                                          - resource
-                                          type: object
-                                          x-kubernetes-map-type: atomic
-                                      required:
-                                      - path
-                                      type: object
-                                    type: array
-                                    x-kubernetes-list-type: atomic
-                                type: object
-                              secret:
+                              prefix:
+                                type: string
+                              secretRef:
                                 properties:
-                                  items:
-                                    items:
-                                      properties:
-                                        key:
-                                          type: string
-                                        mode:
-                                          format: int32
-                                          type: integer
-                                        path:
-                                          type: string
-                                      required:
-                                      - key
-                                      - path
-                                      type: object
-                                    type: array
-                                    x-kubernetes-list-type: atomic
                                   name:
                                     default: ""
                                     type: string
@@ -5551,283 +4846,246 @@ spec:
                                     type: boolean
                                 type: object
                                 x-kubernetes-map-type: atomic
-                              serviceAccountToken:
-                                properties:
-                                  audience:
-                                    type: string
-                                  expirationSeconds:
-                                    format: int64
-                                    type: integer
-                                  path:
-                                    type: string
-                                required:
-                                - path
-                                type: object
                             type: object
                           type: array
                           x-kubernetes-list-type: atomic
-                      type: object
-                    quobyte:
-                      properties:
-                        group:
-                          type: string
-                        readOnly:
-                          type: boolean
-                        registry:
-                          type: string
-                        tenant:
-                          type: string
-                        user:
-                          type: string
-                        volume:
-                          type: string
-                      required:
-                      - registry
-                      - volume
-                      type: object
-                    rbd:
-                      properties:
-                        fsType:
-                          type: string
                         image:
                           type: string
-                        keyring:
-                          default: /etc/ceph/keyring
-                          type: string
-                        monitors:
-                          items:
-                            type: string
-                          type: array
-                          x-kubernetes-list-type: atomic
-                        pool:
-                          default: rbd
+                        imagePullPolicy:
                           type: string
-                        readOnly:
-                          type: boolean
-                        secretRef:
+                        lifecycle:
                           properties:
-                            name:
-                              default: ""
+                            postStart:
+                              properties:
+                                exec:
+                                  properties:
+                                    command:
+                                      items:
+                                        type: string
+                                      type: array
+                                      x-kubernetes-list-type: atomic
+                                  type: object
+                                httpGet:
+                                  properties:
+                                    host:
+                                      type: string
+                                    httpHeaders:
+                                      items:
+                                        properties:
+                                          name:
+                                            type: string
+                                          value:
+                                            type: string
+                                        required:
+                                        - name
+                                        - value
+                                        type: object
+                                      type: array
+                                      x-kubernetes-list-type: atomic
+                                    path:
+                                      type: string
+                                    port:
+                                      anyOf:
+                                      - type: integer
+                                      - type: string
+                                      x-kubernetes-int-or-string: true
+                                    scheme:
+                                      type: string
+                                  required:
+                                  - port
+                                  type: object
+                                sleep:
+                                  properties:
+                                    seconds:
+                                      format: int64
+                                      type: integer
+                                  required:
+                                  - seconds
+                                  type: object
+                                tcpSocket:
+                                  properties:
+                                    host:
+                                      type: string
+                                    port:
+                                      anyOf:
+                                      - type: integer
+                                      - type: string
+                                      x-kubernetes-int-or-string: true
+                                  required:
+                                  - port
+                                  type: object
+                              type: object
+                            preStop:
+                              properties:
+                                exec:
+                                  properties:
+                                    command:
+                                      items:
+                                        type: string
+                                      type: array
+                                      x-kubernetes-list-type: atomic
+                                  type: object
+                                httpGet:
+                                  properties:
+                                    host:
+                                      type: string
+                                    httpHeaders:
+                                      items:
+                                        properties:
+                                          name:
+                                            type: string
+                                          value:
+                                            type: string
+                                        required:
+                                        - name
+                                        - value
+                                        type: object
+                                      type: array
+                                      x-kubernetes-list-type: atomic
+                                    path:
+                                      type: string
+                                    port:
+                                      anyOf:
+                                      - type: integer
+                                      - type: string
+                                      x-kubernetes-int-or-string: true
+                                    scheme:
+                                      type: string
+                                  required:
+                                  - port
+                                  type: object
+                                sleep:
+                                  properties:
+                                    seconds:
+                                      format: int64
+                                      type: integer
+                                  required:
+                                  - seconds
+                                  type: object
+                                tcpSocket:
+                                  properties:
+                                    host:
+                                      type: string
+                                    port:
+                                      anyOf:
+                                      - type: integer
+                                      - type: string
+                                      x-kubernetes-int-or-string: true
+                                  required:
+                                  - port
+                                  type: object
+                              type: object
+                            stopSignal:
                               type: string
                           type: object
-                          x-kubernetes-map-type: atomic
-                        user:
-                          default: admin
-                          type: string
-                      required:
-                      - image
-                      - monitors
-                      type: object
-                    scaleIO:
-                      properties:
-                        fsType:
-                          default: xfs
-                          type: string
-                        gateway:
-                          type: string
-                        protectionDomain:
-                          type: string
-                        readOnly:
-                          type: boolean
-                        secretRef:
+                        livenessProbe:
                           properties:
-                            name:
-                              default: ""
-                              type: string
+                            exec:
+                              properties:
+                                command:
+                                  items:
+                                    type: string
+                                  type: array
+                                  x-kubernetes-list-type: atomic
+                              type: object
+                            failureThreshold:
+                              format: int32
+                              type: integer
+                            grpc:
+                              properties:
+                                port:
+                                  format: int32
+                                  type: integer
+                                service:
+                                  default: ""
+                                  type: string
+                              required:
+                              - port
+                              type: object
+                            httpGet:
+                              properties:
+                                host:
+                                  type: string
+                                httpHeaders:
+                                  items:
+                                    properties:
+                                      name:
+                                        type: string
+                                      value:
+                                        type: string
+                                    required:
+                                    - name
+                                    - value
+                                    type: object
+                                  type: array
+                                  x-kubernetes-list-type: atomic
+                                path:
+                                  type: string
+                                port:
+                                  anyOf:
+                                  - type: integer
+                                  - type: string
+                                  x-kubernetes-int-or-string: true
+                                scheme:
+                                  type: string
+                              required:
+                              - port
+                              type: object
+                            initialDelaySeconds:
+                              format: int32
+                              type: integer
+                            periodSeconds:
+                              format: int32
+                              type: integer
+                            successThreshold:
+                              format: int32
+                              type: integer
+                            tcpSocket:
+                              properties:
+                                host:
+                                  type: string
+                                port:
+                                  anyOf:
+                                  - type: integer
+                                  - type: string
+                                  x-kubernetes-int-or-string: true
+                              required:
+                              - port
+                              type: object
+                            terminationGracePeriodSeconds:
+                              format: int64
+                              type: integer
+                            timeoutSeconds:
+                              format: int32
+                              type: integer
                           type: object
-                          x-kubernetes-map-type: atomic
-                        sslEnabled:
-                          type: boolean
-                        storageMode:
-                          default: ThinProvisioned
-                          type: string
-                        storagePool:
-                          type: string
-                        system:
-                          type: string
-                        volumeName:
+                        name:
                           type: string
-                      required:
-                      - gateway
-                      - secretRef
-                      - system
-                      type: object
-                    secret:
-                      properties:
-                        defaultMode:
-                          format: int32
-                          type: integer
-                        items:
+                        ports:
                           items:
                             properties:
-                              key:
+                              containerPort:
+                                format: int32
+                                type: integer
+                              hostIP:
                                 type: string
-                              mode:
+                              hostPort:
                                 format: int32
                                 type: integer
-                              path:
+                              name:
+                                type: string
+                              protocol:
+                                default: TCP
                                 type: string
                             required:
-                            - key
-                            - path
+                            - containerPort
                             type: object
                           type: array
-                          x-kubernetes-list-type: atomic
-                        optional:
-                          type: boolean
-                        secretName:
-                          type: string
-                      type: object
-                    storageos:
-                      properties:
-                        fsType:
-                          type: string
-                        readOnly:
-                          type: boolean
-                        secretRef:
-                          properties:
-                            name:
-                              default: ""
-                              type: string
-                          type: object
-                          x-kubernetes-map-type: atomic
-                        volumeName:
-                          type: string
-                        volumeNamespace:
-                          type: string
-                      type: object
-                    vsphereVolume:
-                      properties:
-                        fsType:
-                          type: string
-                        storagePolicyID:
-                          type: string
-                        storagePolicyName:
-                          type: string
-                        volumePath:
-                          type: string
-                      required:
-                      - volumePath
-                      type: object
-                  required:
-                  - name
-                  type: object
-                type: array
-              sidecars:
-                items:
-                  properties:
-                    args:
-                      items:
-                        type: string
-                      type: array
-                      x-kubernetes-list-type: atomic
-                    command:
-                      items:
-                        type: string
-                      type: array
-                      x-kubernetes-list-type: atomic
-                    env:
-                      items:
-                        properties:
-                          name:
-                            type: string
-                          value:
-                            type: string
-                          valueFrom:
-                            properties:
-                              configMapKeyRef:
-                                properties:
-                                  key:
-                                    type: string
-                                  name:
-                                    default: ""
-                                    type: string
-                                  optional:
-                                    type: boolean
-                                required:
-                                - key
-                                type: object
-                                x-kubernetes-map-type: atomic
-                              fieldRef:
-                                properties:
-                                  apiVersion:
-                                    type: string
-                                  fieldPath:
-                                    type: string
-                                required:
-                                - fieldPath
-                                type: object
-                                x-kubernetes-map-type: atomic
-                              resourceFieldRef:
-                                properties:
-                                  containerName:
-                                    type: string
-                                  divisor:
-                                    anyOf:
-                                    - type: integer
-                                    - type: string
-                                    pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
-                                    x-kubernetes-int-or-string: true
-                                  resource:
-                                    type: string
-                                required:
-                                - resource
-                                type: object
-                                x-kubernetes-map-type: atomic
-                              secretKeyRef:
-                                properties:
-                                  key:
-                                    type: string
-                                  name:
-                                    default: ""
-                                    type: string
-                                  optional:
-                                    type: boolean
-                                required:
-                                - key
-                                type: object
-                                x-kubernetes-map-type: atomic
-                            type: object
-                        required:
-                        - name
-                        type: object
-                      type: array
-                      x-kubernetes-list-map-keys:
-                      - name
-                      x-kubernetes-list-type: map
-                    envFrom:
-                      items:
-                        properties:
-                          configMapRef:
-                            properties:
-                              name:
-                                default: ""
-                                type: string
-                              optional:
-                                type: boolean
-                            type: object
-                            x-kubernetes-map-type: atomic
-                          prefix:
-                            type: string
-                          secretRef:
-                            properties:
-                              name:
-                                default: ""
-                                type: string
-                              optional:
-                                type: boolean
-                            type: object
-                            x-kubernetes-map-type: atomic
-                        type: object
-                      type: array
-                      x-kubernetes-list-type: atomic
-                    image:
-                      type: string
-                    imagePullPolicy:
-                      type: string
-                    lifecycle:
-                      properties:
-                        postStart:
+                          x-kubernetes-list-map-keys:
+                          - containerPort
+                          - protocol
+                          x-kubernetes-list-type: map
+                        readinessProbe:
                           properties:
                             exec:
                               properties:
@@ -5837,6 +5095,20 @@ spec:
                                   type: array
                                   x-kubernetes-list-type: atomic
                               type: object
+                            failureThreshold:
+                              format: int32
+                              type: integer
+                            grpc:
+                              properties:
+                                port:
+                                  format: int32
+                                  type: integer
+                                service:
+                                  default: ""
+                                  type: string
+                              required:
+                              - port
+                              type: object
                             httpGet:
                               properties:
                                 host:
@@ -5866,14 +5138,15 @@ spec:
                               required:
                               - port
                               type: object
-                            sleep:
-                              properties:
-                                seconds:
-                                  format: int64
-                                  type: integer
-                              required:
-                              - seconds
-                              type: object
+                            initialDelaySeconds:
+                              format: int32
+                              type: integer
+                            periodSeconds:
+                              format: int32
+                              type: integer
+                            successThreshold:
+                              format: int32
+                              type: integer
                             tcpSocket:
                               properties:
                                 host:
@@ -5886,8 +5159,157 @@ spec:
                               required:
                               - port
                               type: object
+                            terminationGracePeriodSeconds:
+                              format: int64
+                              type: integer
+                            timeoutSeconds:
+                              format: int32
+                              type: integer
+                          type: object
+                        resizePolicy:
+                          items:
+                            properties:
+                              resourceName:
+                                type: string
+                              restartPolicy:
+                                type: string
+                            required:
+                            - resourceName
+                            - restartPolicy
+                            type: object
+                          type: array
+                          x-kubernetes-list-type: atomic
+                        resources:
+                          properties:
+                            claims:
+                              items:
+                                properties:
+                                  name:
+                                    type: string
+                                  request:
+                                    type: string
+                                required:
+                                - name
+                                type: object
+                              type: array
+                              x-kubernetes-list-map-keys:
+                              - name
+                              x-kubernetes-list-type: map
+                            limits:
+                              additionalProperties:
+                                anyOf:
+                                - type: integer
+                                - type: string
+                                pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+                                x-kubernetes-int-or-string: true
+                              type: object
+                            requests:
+                              additionalProperties:
+                                anyOf:
+                                - type: integer
+                                - type: string
+                                pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+                                x-kubernetes-int-or-string: true
+                              type: object
+                          type: object
+                        restartPolicy:
+                          type: string
+                        restartPolicyRules:
+                          items:
+                            properties:
+                              action:
+                                type: string
+                              exitCodes:
+                                properties:
+                                  operator:
+                                    type: string
+                                  values:
+                                    items:
+                                      format: int32
+                                      type: integer
+                                    type: array
+                                    x-kubernetes-list-type: set
+                                required:
+                                - operator
+                                type: object
+                            required:
+                            - action
+                            type: object
+                          type: array
+                          x-kubernetes-list-type: atomic
+                        securityContext:
+                          properties:
+                            allowPrivilegeEscalation:
+                              type: boolean
+                            appArmorProfile:
+                              properties:
+                                localhostProfile:
+                                  type: string
+                                type:
+                                  type: string
+                              required:
+                              - type
+                              type: object
+                            capabilities:
+                              properties:
+                                add:
+                                  items:
+                                    type: string
+                                  type: array
+                                  x-kubernetes-list-type: atomic
+                                drop:
+                                  items:
+                                    type: string
+                                  type: array
+                                  x-kubernetes-list-type: atomic
+                              type: object
+                            privileged:
+                              type: boolean
+                            procMount:
+                              type: string
+                            readOnlyRootFilesystem:
+                              type: boolean
+                            runAsGroup:
+                              format: int64
+                              type: integer
+                            runAsNonRoot:
+                              type: boolean
+                            runAsUser:
+                              format: int64
+                              type: integer
+                            seLinuxOptions:
+                              properties:
+                                level:
+                                  type: string
+                                role:
+                                  type: string
+                                type:
+                                  type: string
+                                user:
+                                  type: string
+                              type: object
+                            seccompProfile:
+                              properties:
+                                localhostProfile:
+                                  type: string
+                                type:
+                                  type: string
+                              required:
+                              - type
+                              type: object
+                            windowsOptions:
+                              properties:
+                                gmsaCredentialSpec:
+                                  type: string
+                                gmsaCredentialSpecName:
+                                  type: string
+                                hostProcess:
+                                  type: boolean
+                                runAsUserName:
+                                  type: string
+                              type: object
                           type: object
-                        preStop:
+                        startupProbe:
                           properties:
                             exec:
                               properties:
@@ -5897,6 +5319,20 @@ spec:
                                   type: array
                                   x-kubernetes-list-type: atomic
                               type: object
+                            failureThreshold:
+                              format: int32
+                              type: integer
+                            grpc:
+                              properties:
+                                port:
+                                  format: int32
+                                  type: integer
+                                service:
+                                  default: ""
+                                  type: string
+                              required:
+                              - port
+                              type: object
                             httpGet:
                               properties:
                                 host:
@@ -5926,14 +5362,15 @@ spec:
                               required:
                               - port
                               type: object
-                            sleep:
-                              properties:
-                                seconds:
-                                  format: int64
-                                  type: integer
-                              required:
-                              - seconds
-                              type: object
+                            initialDelaySeconds:
+                              format: int32
+                              type: integer
+                            periodSeconds:
+                              format: int32
+                              type: integer
+                            successThreshold:
+                              format: int32
+                              type: integer
                             tcpSocket:
                               properties:
                                 host:
@@ -5946,2234 +5383,2142 @@ spec:
                               required:
                               - port
                               type: object
+                            terminationGracePeriodSeconds:
+                              format: int64
+                              type: integer
+                            timeoutSeconds:
+                              format: int32
+                              type: integer
                           type: object
+                        stdin:
+                          type: boolean
+                        stdinOnce:
+                          type: boolean
+                        terminationMessagePath:
+                          type: string
+                        terminationMessagePolicy:
+                          type: string
+                        tty:
+                          type: boolean
+                        volumeDevices:
+                          items:
+                            properties:
+                              devicePath:
+                                type: string
+                              name:
+                                type: string
+                            required:
+                            - devicePath
+                            - name
+                            type: object
+                          type: array
+                          x-kubernetes-list-map-keys:
+                          - devicePath
+                          x-kubernetes-list-type: map
+                        volumeMounts:
+                          items:
+                            properties:
+                              mountPath:
+                                type: string
+                              mountPropagation:
+                                type: string
+                              name:
+                                type: string
+                              readOnly:
+                                type: boolean
+                              recursiveReadOnly:
+                                type: string
+                              subPath:
+                                type: string
+                              subPathExpr:
+                                type: string
+                            required:
+                            - mountPath
+                            - name
+                            type: object
+                          type: array
+                          x-kubernetes-list-map-keys:
+                          - mountPath
+                          x-kubernetes-list-type: map
+                        workingDir:
+                          type: string
+                      required:
+                      - name
                       type: object
-                    livenessProbe:
+                    type: array
+                  volumes:
+                    items:
                       properties:
-                        exec:
-                          properties:
-                            command:
-                              items:
-                                type: string
-                              type: array
-                              x-kubernetes-list-type: atomic
-                          type: object
-                        failureThreshold:
-                          format: int32
-                          type: integer
-                        grpc:
+                        awsElasticBlockStore:
                           properties:
-                            port:
+                            fsType:
+                              type: string
+                            partition:
                               format: int32
                               type: integer
-                            service:
-                              default: ""
+                            readOnly:
+                              type: boolean
+                            volumeID:
                               type: string
                           required:
-                          - port
+                          - volumeID
                           type: object
-                        httpGet:
+                        azureDisk:
                           properties:
-                            host:
+                            cachingMode:
                               type: string
-                            httpHeaders:
-                              items:
-                                properties:
-                                  name:
-                                    type: string
-                                  value:
-                                    type: string
-                                required:
-                                - name
-                                - value
-                                type: object
-                              type: array
-                              x-kubernetes-list-type: atomic
-                            path:
+                            diskName:
                               type: string
-                            port:
-                              anyOf:
-                              - type: integer
-                              - type: string
-                              x-kubernetes-int-or-string: true
-                            scheme:
+                            diskURI:
                               type: string
-                          required:
-                          - port
-                          type: object
-                        initialDelaySeconds:
-                          format: int32
-                          type: integer
-                        periodSeconds:
-                          format: int32
-                          type: integer
-                        successThreshold:
-                          format: int32
-                          type: integer
-                        tcpSocket:
-                          properties:
-                            host:
+                            fsType:
+                              default: ext4
                               type: string
-                            port:
-                              anyOf:
-                              - type: integer
-                              - type: string
-                              x-kubernetes-int-or-string: true
+                            kind:
+                              type: string
+                            readOnly:
+                              default: false
+                              type: boolean
                           required:
-                          - port
+                          - diskName
+                          - diskURI
                           type: object
-                        terminationGracePeriodSeconds:
-                          format: int64
-                          type: integer
-                        timeoutSeconds:
-                          format: int32
-                          type: integer
-                      type: object
-                    name:
-                      type: string
-                    ports:
-                      items:
-                        properties:
-                          containerPort:
-                            format: int32
-                            type: integer
-                          hostIP:
-                            type: string
-                          hostPort:
-                            format: int32
-                            type: integer
-                          name:
-                            type: string
-                          protocol:
-                            default: TCP
-                            type: string
-                        required:
-                        - containerPort
-                        type: object
-                      type: array
-                      x-kubernetes-list-map-keys:
-                      - containerPort
-                      - protocol
-                      x-kubernetes-list-type: map
-                    readinessProbe:
-                      properties:
-                        exec:
-                          properties:
-                            command:
-                              items:
-                                type: string
-                              type: array
-                              x-kubernetes-list-type: atomic
-                          type: object
-                        failureThreshold:
-                          format: int32
-                          type: integer
-                        grpc:
+                        azureFile:
                           properties:
-                            port:
-                              format: int32
-                              type: integer
-                            service:
-                              default: ""
+                            readOnly:
+                              type: boolean
+                            secretName:
+                              type: string
+                            shareName:
                               type: string
                           required:
-                          - port
+                          - secretName
+                          - shareName
                           type: object
-                        httpGet:
+                        cephfs:
                           properties:
-                            host:
-                              type: string
-                            httpHeaders:
+                            monitors:
                               items:
-                                properties:
-                                  name:
-                                    type: string
-                                  value:
-                                    type: string
-                                required:
-                                - name
-                                - value
-                                type: object
+                                type: string
                               type: array
                               x-kubernetes-list-type: atomic
                             path:
                               type: string
-                            port:
-                              anyOf:
-                              - type: integer
-                              - type: string
-                              x-kubernetes-int-or-string: true
-                            scheme:
+                            readOnly:
+                              type: boolean
+                            secretFile:
                               type: string
-                          required:
-                          - port
-                          type: object
-                        initialDelaySeconds:
-                          format: int32
-                          type: integer
-                        periodSeconds:
-                          format: int32
-                          type: integer
-                        successThreshold:
-                          format: int32
-                          type: integer
-                        tcpSocket:
-                          properties:
-                            host:
+                            secretRef:
+                              properties:
+                                name:
+                                  default: ""
+                                  type: string
+                              type: object
+                              x-kubernetes-map-type: atomic
+                            user:
                               type: string
-                            port:
-                              anyOf:
-                              - type: integer
-                              - type: string
-                              x-kubernetes-int-or-string: true
                           required:
-                          - port
-                          type: object
-                        terminationGracePeriodSeconds:
-                          format: int64
-                          type: integer
-                        timeoutSeconds:
-                          format: int32
-                          type: integer
-                      type: object
-                    resizePolicy:
-                      items:
-                        properties:
-                          resourceName:
-                            type: string
-                          restartPolicy:
-                            type: string
-                        required:
-                        - resourceName
-                        - restartPolicy
-                        type: object
-                      type: array
-                      x-kubernetes-list-type: atomic
-                    resources:
-                      properties:
-                        claims:
-                          items:
-                            properties:
-                              name:
-                                type: string
-                              request:
-                                type: string
-                            required:
-                            - name
-                            type: object
-                          type: array
-                          x-kubernetes-list-map-keys:
-                          - name
-                          x-kubernetes-list-type: map
-                        limits:
-                          additionalProperties:
-                            anyOf:
-                            - type: integer
-                            - type: string
-                            pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
-                            x-kubernetes-int-or-string: true
-                          type: object
-                        requests:
-                          additionalProperties:
-                            anyOf:
-                            - type: integer
-                            - type: string
-                            pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
-                            x-kubernetes-int-or-string: true
+                          - monitors
                           type: object
-                      type: object
-                    restartPolicy:
-                      type: string
-                    securityContext:
-                      properties:
-                        allowPrivilegeEscalation:
-                          type: boolean
-                        appArmorProfile:
+                        cinder:
                           properties:
-                            localhostProfile:
+                            fsType:
                               type: string
-                            type:
+                            readOnly:
+                              type: boolean
+                            secretRef:
+                              properties:
+                                name:
+                                  default: ""
+                                  type: string
+                              type: object
+                              x-kubernetes-map-type: atomic
+                            volumeID:
                               type: string
                           required:
-                          - type
+                          - volumeID
                           type: object
-                        capabilities:
+                        configMap:
                           properties:
-                            add:
-                              items:
-                                type: string
-                              type: array
-                              x-kubernetes-list-type: atomic
-                            drop:
+                            defaultMode:
+                              format: int32
+                              type: integer
+                            items:
                               items:
-                                type: string
+                                properties:
+                                  key:
+                                    type: string
+                                  mode:
+                                    format: int32
+                                    type: integer
+                                  path:
+                                    type: string
+                                required:
+                                - key
+                                - path
+                                type: object
                               type: array
                               x-kubernetes-list-type: atomic
-                          type: object
-                        privileged:
-                          type: boolean
-                        procMount:
-                          type: string
-                        readOnlyRootFilesystem:
-                          type: boolean
-                        runAsGroup:
-                          format: int64
-                          type: integer
-                        runAsNonRoot:
-                          type: boolean
-                        runAsUser:
-                          format: int64
-                          type: integer
-                        seLinuxOptions:
-                          properties:
-                            level:
-                              type: string
-                            role:
-                              type: string
-                            type:
-                              type: string
-                            user:
-                              type: string
-                          type: object
-                        seccompProfile:
-                          properties:
-                            localhostProfile:
-                              type: string
-                            type:
+                            name:
+                              default: ""
                               type: string
-                          required:
-                          - type
+                            optional:
+                              type: boolean
                           type: object
-                        windowsOptions:
+                          x-kubernetes-map-type: atomic
+                        csi:
                           properties:
-                            gmsaCredentialSpec:
+                            driver:
                               type: string
-                            gmsaCredentialSpecName:
+                            fsType:
                               type: string
-                            hostProcess:
+                            nodePublishSecretRef:
+                              properties:
+                                name:
+                                  default: ""
+                                  type: string
+                              type: object
+                              x-kubernetes-map-type: atomic
+                            readOnly:
                               type: boolean
-                            runAsUserName:
-                              type: string
-                          type: object
-                      type: object
-                    startupProbe:
-                      properties:
-                        exec:
-                          properties:
-                            command:
-                              items:
+                            volumeAttributes:
+                              additionalProperties:
                                 type: string
-                              type: array
-                              x-kubernetes-list-type: atomic
+                              type: object
+                          required:
+                          - driver
                           type: object
-                        failureThreshold:
-                          format: int32
-                          type: integer
-                        grpc:
+                        downwardAPI:
                           properties:
-                            port:
+                            defaultMode:
                               format: int32
                               type: integer
-                            service:
-                              default: ""
-                              type: string
-                          required:
-                          - port
-                          type: object
-                        httpGet:
-                          properties:
-                            host:
-                              type: string
-                            httpHeaders:
+                            items:
                               items:
                                 properties:
-                                  name:
-                                    type: string
-                                  value:
+                                  fieldRef:
+                                    properties:
+                                      apiVersion:
+                                        type: string
+                                      fieldPath:
+                                        type: string
+                                    required:
+                                    - fieldPath
+                                    type: object
+                                    x-kubernetes-map-type: atomic
+                                  mode:
+                                    format: int32
+                                    type: integer
+                                  path:
                                     type: string
+                                  resourceFieldRef:
+                                    properties:
+                                      containerName:
+                                        type: string
+                                      divisor:
+                                        anyOf:
+                                        - type: integer
+                                        - type: string
+                                        pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+                                        x-kubernetes-int-or-string: true
+                                      resource:
+                                        type: string
+                                    required:
+                                    - resource
+                                    type: object
+                                    x-kubernetes-map-type: atomic
                                 required:
-                                - name
-                                - value
+                                - path
                                 type: object
                               type: array
                               x-kubernetes-list-type: atomic
-                            path:
+                          type: object
+                        emptyDir:
+                          properties:
+                            medium:
                               type: string
-                            port:
+                            sizeLimit:
                               anyOf:
                               - type: integer
                               - type: string
+                              pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
                               x-kubernetes-int-or-string: true
-                            scheme:
-                              type: string
-                          required:
-                          - port
                           type: object
-                        initialDelaySeconds:
-                          format: int32
-                          type: integer
-                        periodSeconds:
-                          format: int32
-                          type: integer
-                        successThreshold:
-                          format: int32
-                          type: integer
-                        tcpSocket:
+                        ephemeral:
                           properties:
-                            host:
-                              type: string
-                            port:
-                              anyOf:
-                              - type: integer
-                              - type: string
-                              x-kubernetes-int-or-string: true
-                          required:
-                          - port
-                          type: object
-                        terminationGracePeriodSeconds:
-                          format: int64
-                          type: integer
-                        timeoutSeconds:
-                          format: int32
-                          type: integer
-                      type: object
-                    stdin:
-                      type: boolean
-                    stdinOnce:
-                      type: boolean
-                    terminationMessagePath:
-                      type: string
-                    terminationMessagePolicy:
-                      type: string
-                    tty:
-                      type: boolean
-                    volumeDevices:
-                      items:
-                        properties:
-                          devicePath:
-                            type: string
-                          name:
-                            type: string
-                        required:
-                        - devicePath
-                        - name
-                        type: object
-                      type: array
-                      x-kubernetes-list-map-keys:
-                      - devicePath
-                      x-kubernetes-list-type: map
-                    volumeMounts:
-                      items:
-                        properties:
-                          mountPath:
-                            type: string
-                          mountPropagation:
-                            type: string
-                          name:
-                            type: string
-                          readOnly:
-                            type: boolean
-                          recursiveReadOnly:
-                            type: string
-                          subPath:
-                            type: string
-                          subPathExpr:
-                            type: string
-                        required:
-                        - mountPath
-                        - name
-                        type: object
-                      type: array
-                      x-kubernetes-list-map-keys:
-                      - mountPath
-                      x-kubernetes-list-type: map
-                    workingDir:
-                      type: string
-                  required:
-                  - name
-                  type: object
-                type: array
-            type: object
-          status:
-            properties:
-              conditions:
-                items:
-                  properties:
-                    lastTransitionTime:
-                      format: date-time
-                      type: string
-                    message:
-                      maxLength: 32768
-                      type: string
-                    observedGeneration:
-                      format: int64
-                      minimum: 0
-                      type: integer
-                    reason:
-                      maxLength: 1024
-                      minLength: 1
-                      pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$
-                      type: string
-                    status:
-                      enum:
-                      - "True"
-                      - "False"
-                      - Unknown
-                      type: string
-                    type:
-                      maxLength: 316
-                      pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$
-                      type: string
-                  required:
-                  - lastTransitionTime
-                  - message
-                  - reason
-                  - status
-                  - type
-                  type: object
-                type: array
-              exporterConfig:
-                type: string
-              replicas:
-                type: integer
-              status:
-                type: string
-              version:
-                type: string
-            required:
-            - conditions
-            - exporterConfig
-            - version
-            type: object
-        type: object
-    served: true
-    storage: false
-    subresources:
-      status: {}
-  - additionalPrinterColumns:
-    - jsonPath: .status.exporterConfig
-      name: ExporterConfig
-      type: string
-    - jsonPath: .status.status
-      name: Status
-      type: string
-    - jsonPath: .status.version
-      name: Version
-      type: string
-    name: v4
-    schema:
-      openAPIV3Schema:
-        properties:
-          apiVersion:
-            type: string
-          kind:
-            type: string
-          metadata:
-            type: object
-          spec:
-            properties:
-              configuration:
-                properties:
-                  configMap:
-                    properties:
-                      key:
-                        type: string
-                      name:
-                        type: string
-                    type: object
-                type: object
-              database:
-                properties:
-                  dbConnectionString:
-                    properties:
-                      key:
-                        type: string
-                      secret:
-                        type: string
-                    type: object
-                  dbPassword:
-                    properties:
-                      key:
-                        type: string
-                      secret:
-                        type: string
-                      vaultOCID:
-                        type: string
-                      vaultSecretName:
-                        type: string
-                    type: object
-                  dbUser:
-                    properties:
-                      key:
-                        type: string
-                      secret:
-                        type: string
-                    type: object
-                  dbWallet:
-                    properties:
-                      key:
-                        type: string
-                      secret:
-                        type: string
-                    type: object
-                type: object
-              exporter:
-                properties:
-                  deployment:
-                    properties:
-                      args:
-                        items:
-                          type: string
-                        type: array
-                      commands:
-                        items:
-                          type: string
-                        type: array
-                      env:
-                        additionalProperties:
-                          type: string
-                        type: object
-                      image:
-                        type: string
-                      labels:
-                        additionalProperties:
-                          type: string
-                        type: object
-                      podTemplate:
-                        properties:
-                          labels:
-                            additionalProperties:
-                              type: string
-                            type: object
-                          securityContext:
-                            properties:
-                              appArmorProfile:
-                                properties:
-                                  localhostProfile:
-                                    type: string
-                                  type:
-                                    type: string
-                                required:
-                                - type
-                                type: object
-                              fsGroup:
-                                format: int64
-                                type: integer
-                              fsGroupChangePolicy:
-                                type: string
-                              runAsGroup:
-                                format: int64
-                                type: integer
-                              runAsNonRoot:
-                                type: boolean
-                              runAsUser:
-                                format: int64
-                                type: integer
-                              seLinuxOptions:
-                                properties:
-                                  level:
-                                    type: string
-                                  role:
-                                    type: string
-                                  type:
-                                    type: string
-                                  user:
-                                    type: string
-                                type: object
-                              seccompProfile:
-                                properties:
-                                  localhostProfile:
-                                    type: string
-                                  type:
-                                    type: string
-                                required:
-                                - type
-                                type: object
-                              supplementalGroups:
-                                items:
-                                  format: int64
-                                  type: integer
-                                type: array
-                                x-kubernetes-list-type: atomic
-                              supplementalGroupsPolicy:
-                                type: string
-                              sysctls:
-                                items:
+                            volumeClaimTemplate:
+                              properties:
+                                metadata:
+                                  type: object
+                                spec:
                                   properties:
-                                    name:
+                                    accessModes:
+                                      items:
+                                        type: string
+                                      type: array
+                                      x-kubernetes-list-type: atomic
+                                    dataSource:
+                                      properties:
+                                        apiGroup:
+                                          type: string
+                                        kind:
+                                          type: string
+                                        name:
+                                          type: string
+                                      required:
+                                      - kind
+                                      - name
+                                      type: object
+                                      x-kubernetes-map-type: atomic
+                                    dataSourceRef:
+                                      properties:
+                                        apiGroup:
+                                          type: string
+                                        kind:
+                                          type: string
+                                        name:
+                                          type: string
+                                        namespace:
+                                          type: string
+                                      required:
+                                      - kind
+                                      - name
+                                      type: object
+                                    resources:
+                                      properties:
+                                        limits:
+                                          additionalProperties:
+                                            anyOf:
+                                            - type: integer
+                                            - type: string
+                                            pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+                                            x-kubernetes-int-or-string: true
+                                          type: object
+                                        requests:
+                                          additionalProperties:
+                                            anyOf:
+                                            - type: integer
+                                            - type: string
+                                            pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+                                            x-kubernetes-int-or-string: true
+                                          type: object
+                                      type: object
+                                    selector:
+                                      properties:
+                                        matchExpressions:
+                                          items:
+                                            properties:
+                                              key:
+                                                type: string
+                                              operator:
+                                                type: string
+                                              values:
+                                                items:
+                                                  type: string
+                                                type: array
+                                                x-kubernetes-list-type: atomic
+                                            required:
+                                            - key
+                                            - operator
+                                            type: object
+                                          type: array
+                                          x-kubernetes-list-type: atomic
+                                        matchLabels:
+                                          additionalProperties:
+                                            type: string
+                                          type: object
+                                      type: object
+                                      x-kubernetes-map-type: atomic
+                                    storageClassName:
                                       type: string
-                                    value:
+                                    volumeAttributesClassName:
+                                      type: string
+                                    volumeMode:
+                                      type: string
+                                    volumeName:
                                       type: string
-                                  required:
-                                  - name
-                                  - value
                                   type: object
-                                type: array
-                                x-kubernetes-list-type: atomic
-                              windowsOptions:
-                                properties:
-                                  gmsaCredentialSpec:
-                                    type: string
-                                  gmsaCredentialSpecName:
-                                    type: string
-                                  hostProcess:
-                                    type: boolean
-                                  runAsUserName:
-                                    type: string
-                                type: object
-                            type: object
-                        type: object
-                      securityContext:
-                        properties:
-                          allowPrivilegeEscalation:
-                            type: boolean
-                          appArmorProfile:
-                            properties:
-                              localhostProfile:
-                                type: string
-                              type:
-                                type: string
-                            required:
-                            - type
-                            type: object
-                          capabilities:
-                            properties:
-                              add:
-                                items:
-                                  type: string
-                                type: array
-                                x-kubernetes-list-type: atomic
-                              drop:
-                                items:
-                                  type: string
-                                type: array
-                                x-kubernetes-list-type: atomic
-                            type: object
-                          privileged:
-                            type: boolean
-                          procMount:
-                            type: string
-                          readOnlyRootFilesystem:
-                            type: boolean
-                          runAsGroup:
-                            format: int64
-                            type: integer
-                          runAsNonRoot:
-                            type: boolean
-                          runAsUser:
-                            format: int64
-                            type: integer
-                          seLinuxOptions:
-                            properties:
-                              level:
-                                type: string
-                              role:
-                                type: string
-                              type:
-                                type: string
-                              user:
-                                type: string
-                            type: object
-                          seccompProfile:
-                            properties:
-                              localhostProfile:
-                                type: string
-                              type:
-                                type: string
-                            required:
-                            - type
-                            type: object
-                          windowsOptions:
-                            properties:
-                              gmsaCredentialSpec:
+                              required:
+                              - spec
+                              type: object
+                          type: object
+                        fc:
+                          properties:
+                            fsType:
+                              type: string
+                            lun:
+                              format: int32
+                              type: integer
+                            readOnly:
+                              type: boolean
+                            targetWWNs:
+                              items:
                                 type: string
-                              gmsaCredentialSpecName:
+                              type: array
+                              x-kubernetes-list-type: atomic
+                            wwids:
+                              items:
                                 type: string
-                              hostProcess:
-                                type: boolean
-                              runAsUserName:
+                              type: array
+                              x-kubernetes-list-type: atomic
+                          type: object
+                        flexVolume:
+                          properties:
+                            driver:
+                              type: string
+                            fsType:
+                              type: string
+                            options:
+                              additionalProperties:
                                 type: string
-                            type: object
-                        type: object
-                    type: object
-                  service:
-                    properties:
-                      labels:
-                        additionalProperties:
-                          type: string
-                        type: object
-                      ports:
-                        items:
+                              type: object
+                            readOnly:
+                              type: boolean
+                            secretRef:
+                              properties:
+                                name:
+                                  default: ""
+                                  type: string
+                              type: object
+                              x-kubernetes-map-type: atomic
+                          required:
+                          - driver
+                          type: object
+                        flocker:
                           properties:
-                            appProtocol:
+                            datasetName:
                               type: string
-                            name:
+                            datasetUUID:
                               type: string
-                            nodePort:
-                              format: int32
-                              type: integer
-                            port:
+                          type: object
+                        gcePersistentDisk:
+                          properties:
+                            fsType:
+                              type: string
+                            partition:
                               format: int32
                               type: integer
-                            protocol:
-                              default: TCP
+                            pdName:
                               type: string
-                            targetPort:
-                              anyOf:
-                              - type: integer
-                              - type: string
-                              x-kubernetes-int-or-string: true
+                            readOnly:
+                              type: boolean
                           required:
-                          - port
+                          - pdName
                           type: object
-                        type: array
-                    type: object
-                type: object
-              inheritLabels:
-                items:
-                  type: string
-                type: array
-              log:
-                properties:
-                  filename:
-                    type: string
-                  path:
-                    type: string
-                  volume:
-                    properties:
-                      name:
-                        type: string
-                      persistentVolumeClaim:
-                        properties:
-                          claimName:
-                            type: string
-                        type: object
-                    type: object
-                type: object
-              ociConfig:
-                properties:
-                  configMapName:
-                    type: string
-                  secretName:
-                    type: string
-                type: object
-              prometheus:
-                properties:
-                  serviceMonitor:
-                    properties:
-                      endpoints:
-                        items:
+                        gitRepo:
                           properties:
-                            authorization:
-                              properties:
-                                credentials:
-                                  properties:
-                                    key:
-                                      type: string
-                                    name:
-                                      default: ""
-                                      type: string
-                                    optional:
-                                      type: boolean
-                                  required:
-                                  - key
-                                  type: object
-                                  x-kubernetes-map-type: atomic
-                                type:
-                                  type: string
-                              type: object
-                            basicAuth:
-                              properties:
-                                password:
-                                  properties:
-                                    key:
-                                      type: string
-                                    name:
-                                      default: ""
-                                      type: string
-                                    optional:
-                                      type: boolean
-                                  required:
-                                  - key
-                                  type: object
-                                  x-kubernetes-map-type: atomic
-                                username:
-                                  properties:
-                                    key:
-                                      type: string
-                                    name:
-                                      default: ""
-                                      type: string
-                                    optional:
-                                      type: boolean
-                                  required:
-                                  - key
-                                  type: object
-                                  x-kubernetes-map-type: atomic
-                              type: object
-                            bearerTokenFile:
+                            directory:
+                              type: string
+                            repository:
+                              type: string
+                            revision:
                               type: string
-                            bearerTokenSecret:
+                          required:
+                          - repository
+                          type: object
+                        glusterfs:
+                          properties:
+                            endpoints:
+                              type: string
+                            path:
+                              type: string
+                            readOnly:
+                              type: boolean
+                          required:
+                          - endpoints
+                          - path
+                          type: object
+                        hostPath:
+                          properties:
+                            path:
+                              type: string
+                            type:
+                              type: string
+                          required:
+                          - path
+                          type: object
+                        image:
+                          properties:
+                            pullPolicy:
+                              type: string
+                            reference:
+                              type: string
+                          type: object
+                        iscsi:
+                          properties:
+                            chapAuthDiscovery:
+                              type: boolean
+                            chapAuthSession:
+                              type: boolean
+                            fsType:
+                              type: string
+                            initiatorName:
+                              type: string
+                            iqn:
+                              type: string
+                            iscsiInterface:
+                              default: default
+                              type: string
+                            lun:
+                              format: int32
+                              type: integer
+                            portals:
+                              items:
+                                type: string
+                              type: array
+                              x-kubernetes-list-type: atomic
+                            readOnly:
+                              type: boolean
+                            secretRef:
                               properties:
-                                key:
-                                  type: string
                                 name:
                                   default: ""
                                   type: string
-                                optional:
-                                  type: boolean
-                              required:
-                              - key
                               type: object
                               x-kubernetes-map-type: atomic
-                            enableHttp2:
-                              type: boolean
-                            filterRunning:
-                              type: boolean
-                            followRedirects:
+                            targetPortal:
+                              type: string
+                          required:
+                          - iqn
+                          - lun
+                          - targetPortal
+                          type: object
+                        name:
+                          type: string
+                        nfs:
+                          properties:
+                            path:
+                              type: string
+                            readOnly:
                               type: boolean
-                            honorLabels:
+                            server:
+                              type: string
+                          required:
+                          - path
+                          - server
+                          type: object
+                        persistentVolumeClaim:
+                          properties:
+                            claimName:
+                              type: string
+                            readOnly:
                               type: boolean
-                            honorTimestamps:
+                          required:
+                          - claimName
+                          type: object
+                        photonPersistentDisk:
+                          properties:
+                            fsType:
+                              type: string
+                            pdID:
+                              type: string
+                          required:
+                          - pdID
+                          type: object
+                        portworxVolume:
+                          properties:
+                            fsType:
+                              type: string
+                            readOnly:
                               type: boolean
-                            interval:
-                              pattern: ^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$
+                            volumeID:
                               type: string
-                            metricRelabelings:
+                          required:
+                          - volumeID
+                          type: object
+                        projected:
+                          properties:
+                            defaultMode:
+                              format: int32
+                              type: integer
+                            sources:
                               items:
                                 properties:
-                                  action:
-                                    default: replace
-                                    enum:
-                                    - replace
-                                    - Replace
-                                    - keep
-                                    - Keep
-                                    - drop
-                                    - Drop
-                                    - hashmod
-                                    - HashMod
-                                    - labelmap
-                                    - LabelMap
-                                    - labeldrop
-                                    - LabelDrop
-                                    - labelkeep
-                                    - LabelKeep
-                                    - lowercase
-                                    - Lowercase
-                                    - uppercase
-                                    - Uppercase
-                                    - keepequal
-                                    - KeepEqual
-                                    - dropequal
-                                    - DropEqual
-                                    type: string
-                                  modulus:
-                                    format: int64
-                                    type: integer
-                                  regex:
-                                    type: string
-                                  replacement:
-                                    type: string
-                                  separator:
-                                    type: string
-                                  sourceLabels:
-                                    items:
-                                      pattern: ^[a-zA-Z_][a-zA-Z0-9_]*$
-                                      type: string
-                                    type: array
-                                  targetLabel:
-                                    type: string
-                                type: object
-                              type: array
-                            oauth2:
-                              properties:
-                                clientId:
-                                  properties:
-                                    configMap:
-                                      properties:
-                                        key:
-                                          type: string
-                                        name:
-                                          default: ""
-                                          type: string
-                                        optional:
-                                          type: boolean
-                                      required:
-                                      - key
-                                      type: object
-                                      x-kubernetes-map-type: atomic
-                                    secret:
-                                      properties:
-                                        key:
-                                          type: string
-                                        name:
-                                          default: ""
-                                          type: string
-                                        optional:
-                                          type: boolean
-                                      required:
-                                      - key
-                                      type: object
-                                      x-kubernetes-map-type: atomic
-                                  type: object
-                                clientSecret:
-                                  properties:
-                                    key:
-                                      type: string
-                                    name:
-                                      default: ""
-                                      type: string
-                                    optional:
-                                      type: boolean
-                                  required:
-                                  - key
-                                  type: object
-                                  x-kubernetes-map-type: atomic
-                                endpointParams:
-                                  additionalProperties:
-                                    type: string
-                                  type: object
-                                noProxy:
-                                  type: string
-                                proxyConnectHeader:
-                                  additionalProperties:
-                                    items:
-                                      properties:
-                                        key:
-                                          type: string
-                                        name:
-                                          default: ""
-                                          type: string
-                                        optional:
-                                          type: boolean
-                                      required:
-                                      - key
-                                      type: object
-                                      x-kubernetes-map-type: atomic
-                                    type: array
-                                  type: object
-                                  x-kubernetes-map-type: atomic
-                                proxyFromEnvironment:
-                                  type: boolean
-                                proxyUrl:
-                                  pattern: ^http(s)?://.+$
-                                  type: string
-                                scopes:
-                                  items:
-                                    type: string
-                                  type: array
-                                tlsConfig:
-                                  properties:
-                                    ca:
-                                      properties:
-                                        configMap:
-                                          properties:
-                                            key:
-                                              type: string
-                                            name:
-                                              default: ""
+                                  clusterTrustBundle:
+                                    properties:
+                                      labelSelector:
+                                        properties:
+                                          matchExpressions:
+                                            items:
+                                              properties:
+                                                key:
+                                                  type: string
+                                                operator:
+                                                  type: string
+                                                values:
+                                                  items:
+                                                    type: string
+                                                  type: array
+                                                  x-kubernetes-list-type: atomic
+                                              required:
+                                              - key
+                                              - operator
+                                              type: object
+                                            type: array
+                                            x-kubernetes-list-type: atomic
+                                          matchLabels:
+                                            additionalProperties:
                                               type: string
-                                            optional:
-                                              type: boolean
-                                          required:
-                                          - key
-                                          type: object
-                                          x-kubernetes-map-type: atomic
-                                        secret:
+                                            type: object
+                                        type: object
+                                        x-kubernetes-map-type: atomic
+                                      name:
+                                        type: string
+                                      optional:
+                                        type: boolean
+                                      path:
+                                        type: string
+                                      signerName:
+                                        type: string
+                                    required:
+                                    - path
+                                    type: object
+                                  configMap:
+                                    properties:
+                                      items:
+                                        items:
                                           properties:
                                             key:
                                               type: string
-                                            name:
-                                              default: ""
+                                            mode:
+                                              format: int32
+                                              type: integer
+                                            path:
                                               type: string
-                                            optional:
-                                              type: boolean
                                           required:
                                           - key
+                                          - path
                                           type: object
-                                          x-kubernetes-map-type: atomic
-                                      type: object
-                                    cert:
-                                      properties:
-                                        configMap:
+                                        type: array
+                                        x-kubernetes-list-type: atomic
+                                      name:
+                                        default: ""
+                                        type: string
+                                      optional:
+                                        type: boolean
+                                    type: object
+                                    x-kubernetes-map-type: atomic
+                                  downwardAPI:
+                                    properties:
+                                      items:
+                                        items:
                                           properties:
-                                            key:
-                                              type: string
-                                            name:
-                                              default: ""
+                                            fieldRef:
+                                              properties:
+                                                apiVersion:
+                                                  type: string
+                                                fieldPath:
+                                                  type: string
+                                              required:
+                                              - fieldPath
+                                              type: object
+                                              x-kubernetes-map-type: atomic
+                                            mode:
+                                              format: int32
+                                              type: integer
+                                            path:
                                               type: string
-                                            optional:
-                                              type: boolean
+                                            resourceFieldRef:
+                                              properties:
+                                                containerName:
+                                                  type: string
+                                                divisor:
+                                                  anyOf:
+                                                  - type: integer
+                                                  - type: string
+                                                  pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+                                                  x-kubernetes-int-or-string: true
+                                                resource:
+                                                  type: string
+                                              required:
+                                              - resource
+                                              type: object
+                                              x-kubernetes-map-type: atomic
                                           required:
-                                          - key
+                                          - path
                                           type: object
-                                          x-kubernetes-map-type: atomic
-                                        secret:
+                                        type: array
+                                        x-kubernetes-list-type: atomic
+                                    type: object
+                                  podCertificate:
+                                    properties:
+                                      certificateChainPath:
+                                        type: string
+                                      credentialBundlePath:
+                                        type: string
+                                      keyPath:
+                                        type: string
+                                      keyType:
+                                        type: string
+                                      maxExpirationSeconds:
+                                        format: int32
+                                        type: integer
+                                      signerName:
+                                        type: string
+                                    required:
+                                    - keyType
+                                    - signerName
+                                    type: object
+                                  secret:
+                                    properties:
+                                      items:
+                                        items:
                                           properties:
                                             key:
                                               type: string
-                                            name:
-                                              default: ""
+                                            mode:
+                                              format: int32
+                                              type: integer
+                                            path:
                                               type: string
-                                            optional:
-                                              type: boolean
                                           required:
                                           - key
+                                          - path
                                           type: object
-                                          x-kubernetes-map-type: atomic
-                                      type: object
-                                    insecureSkipVerify:
-                                      type: boolean
-                                    keySecret:
-                                      properties:
-                                        key:
-                                          type: string
-                                        name:
-                                          default: ""
-                                          type: string
-                                        optional:
-                                          type: boolean
-                                      required:
-                                      - key
-                                      type: object
-                                      x-kubernetes-map-type: atomic
-                                    maxVersion:
-                                      enum:
-                                      - TLS10
-                                      - TLS11
-                                      - TLS12
-                                      - TLS13
-                                      type: string
-                                    minVersion:
-                                      enum:
-                                      - TLS10
-                                      - TLS11
-                                      - TLS12
-                                      - TLS13
-                                      type: string
-                                    serverName:
-                                      type: string
-                                  type: object
-                                tokenUrl:
-                                  minLength: 1
+                                        type: array
+                                        x-kubernetes-list-type: atomic
+                                      name:
+                                        default: ""
+                                        type: string
+                                      optional:
+                                        type: boolean
+                                    type: object
+                                    x-kubernetes-map-type: atomic
+                                  serviceAccountToken:
+                                    properties:
+                                      audience:
+                                        type: string
+                                      expirationSeconds:
+                                        format: int64
+                                        type: integer
+                                      path:
+                                        type: string
+                                    required:
+                                    - path
+                                    type: object
+                                type: object
+                              type: array
+                              x-kubernetes-list-type: atomic
+                          type: object
+                        quobyte:
+                          properties:
+                            group:
+                              type: string
+                            readOnly:
+                              type: boolean
+                            registry:
+                              type: string
+                            tenant:
+                              type: string
+                            user:
+                              type: string
+                            volume:
+                              type: string
+                          required:
+                          - registry
+                          - volume
+                          type: object
+                        rbd:
+                          properties:
+                            fsType:
+                              type: string
+                            image:
+                              type: string
+                            keyring:
+                              default: /etc/ceph/keyring
+                              type: string
+                            monitors:
+                              items:
+                                type: string
+                              type: array
+                              x-kubernetes-list-type: atomic
+                            pool:
+                              default: rbd
+                              type: string
+                            readOnly:
+                              type: boolean
+                            secretRef:
+                              properties:
+                                name:
+                                  default: ""
                                   type: string
-                              required:
-                              - clientId
-                              - clientSecret
-                              - tokenUrl
                               type: object
-                            params:
-                              additionalProperties:
-                                items:
+                              x-kubernetes-map-type: atomic
+                            user:
+                              default: admin
+                              type: string
+                          required:
+                          - image
+                          - monitors
+                          type: object
+                        scaleIO:
+                          properties:
+                            fsType:
+                              default: xfs
+                              type: string
+                            gateway:
+                              type: string
+                            protectionDomain:
+                              type: string
+                            readOnly:
+                              type: boolean
+                            secretRef:
+                              properties:
+                                name:
+                                  default: ""
                                   type: string
-                                type: array
                               type: object
-                            path:
+                              x-kubernetes-map-type: atomic
+                            sslEnabled:
+                              type: boolean
+                            storageMode:
+                              default: ThinProvisioned
                               type: string
-                            port:
+                            storagePool:
                               type: string
-                            proxyUrl:
+                            system:
                               type: string
-                            relabelings:
+                            volumeName:
+                              type: string
+                          required:
+                          - gateway
+                          - secretRef
+                          - system
+                          type: object
+                        secret:
+                          properties:
+                            defaultMode:
+                              format: int32
+                              type: integer
+                            items:
                               items:
                                 properties:
-                                  action:
-                                    default: replace
-                                    enum:
-                                    - replace
-                                    - Replace
-                                    - keep
-                                    - Keep
-                                    - drop
-                                    - Drop
-                                    - hashmod
-                                    - HashMod
-                                    - labelmap
-                                    - LabelMap
-                                    - labeldrop
-                                    - LabelDrop
-                                    - labelkeep
-                                    - LabelKeep
-                                    - lowercase
-                                    - Lowercase
-                                    - uppercase
-                                    - Uppercase
-                                    - keepequal
-                                    - KeepEqual
-                                    - dropequal
-                                    - DropEqual
+                                  key:
                                     type: string
-                                  modulus:
-                                    format: int64
+                                  mode:
+                                    format: int32
                                     type: integer
-                                  regex:
-                                    type: string
-                                  replacement:
-                                    type: string
-                                  separator:
-                                    type: string
-                                  sourceLabels:
-                                    items:
-                                      pattern: ^[a-zA-Z_][a-zA-Z0-9_]*$
-                                      type: string
-                                    type: array
-                                  targetLabel:
+                                  path:
                                     type: string
+                                required:
+                                - key
+                                - path
                                 type: object
                               type: array
-                            scheme:
-                              enum:
-                              - http
-                              - https
+                              x-kubernetes-list-type: atomic
+                            optional:
+                              type: boolean
+                            secretName:
                               type: string
-                            scrapeTimeout:
-                              pattern: ^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$
+                          type: object
+                        storageos:
+                          properties:
+                            fsType:
                               type: string
-                            targetPort:
-                              anyOf:
-                              - type: integer
-                              - type: string
-                              x-kubernetes-int-or-string: true
-                            tlsConfig:
+                            readOnly:
+                              type: boolean
+                            secretRef:
                               properties:
-                                ca:
-                                  properties:
-                                    configMap:
-                                      properties:
-                                        key:
-                                          type: string
-                                        name:
-                                          default: ""
-                                          type: string
-                                        optional:
-                                          type: boolean
-                                      required:
-                                      - key
-                                      type: object
-                                      x-kubernetes-map-type: atomic
-                                    secret:
-                                      properties:
-                                        key:
-                                          type: string
-                                        name:
-                                          default: ""
-                                          type: string
-                                        optional:
-                                          type: boolean
-                                      required:
-                                      - key
-                                      type: object
-                                      x-kubernetes-map-type: atomic
-                                  type: object
-                                caFile:
-                                  type: string
-                                cert:
-                                  properties:
-                                    configMap:
-                                      properties:
-                                        key:
-                                          type: string
-                                        name:
-                                          default: ""
-                                          type: string
-                                        optional:
-                                          type: boolean
-                                      required:
-                                      - key
-                                      type: object
-                                      x-kubernetes-map-type: atomic
-                                    secret:
-                                      properties:
-                                        key:
-                                          type: string
-                                        name:
-                                          default: ""
-                                          type: string
-                                        optional:
-                                          type: boolean
-                                      required:
-                                      - key
-                                      type: object
-                                      x-kubernetes-map-type: atomic
-                                  type: object
-                                certFile:
-                                  type: string
-                                insecureSkipVerify:
-                                  type: boolean
-                                keyFile:
-                                  type: string
-                                keySecret:
-                                  properties:
-                                    key:
-                                      type: string
-                                    name:
-                                      default: ""
-                                      type: string
-                                    optional:
-                                      type: boolean
-                                  required:
-                                  - key
-                                  type: object
-                                  x-kubernetes-map-type: atomic
-                                maxVersion:
-                                  enum:
-                                  - TLS10
-                                  - TLS11
-                                  - TLS12
-                                  - TLS13
-                                  type: string
-                                minVersion:
-                                  enum:
-                                  - TLS10
-                                  - TLS11
-                                  - TLS12
-                                  - TLS13
-                                  type: string
-                                serverName:
+                                name:
+                                  default: ""
                                   type: string
                               type: object
-                            trackTimestampsStaleness:
-                              type: boolean
+                              x-kubernetes-map-type: atomic
+                            volumeName:
+                              type: string
+                            volumeNamespace:
+                              type: string
                           type: object
-                        type: array
-                      labels:
-                        additionalProperties:
-                          type: string
-                        type: object
-                      namespaceSelector:
-                        properties:
-                          any:
-                            type: boolean
-                          matchNames:
-                            items:
+                        vsphereVolume:
+                          properties:
+                            fsType:
                               type: string
-                            type: array
-                        type: object
-                    type: object
-                type: object
-              replicas:
-                format: int32
-                type: integer
-              sidecarVolumes:
-                items:
-                  properties:
-                    awsElasticBlockStore:
-                      properties:
-                        fsType:
-                          type: string
-                        partition:
-                          format: int32
-                          type: integer
-                        readOnly:
-                          type: boolean
-                        volumeID:
-                          type: string
+                            storagePolicyID:
+                              type: string
+                            storagePolicyName:
+                              type: string
+                            volumePath:
+                              type: string
+                          required:
+                          - volumePath
+                          type: object
                       required:
-                      - volumeID
+                      - name
                       type: object
-                    azureDisk:
+                    type: array
+                type: object
+              wallet:
+                properties:
+                  additional:
+                    items:
                       properties:
-                        cachingMode:
-                          type: string
-                        diskName:
+                        mountPath:
                           type: string
-                        diskURI:
-                          type: string
-                        fsType:
-                          default: ext4
+                        name:
                           type: string
-                        kind:
+                        secret:
                           type: string
-                        readOnly:
-                          default: false
-                          type: boolean
-                      required:
-                      - diskName
-                      - diskURI
                       type: object
-                    azureFile:
+                    type: array
+                  mountPath:
+                    type: string
+                  secret:
+                    type: string
+                type: object
+            type: object
+          status:
+            properties:
+              conditions:
+                items:
+                  properties:
+                    lastTransitionTime:
+                      format: date-time
+                      type: string
+                    message:
+                      maxLength: 32768
+                      type: string
+                    observedGeneration:
+                      format: int64
+                      minimum: 0
+                      type: integer
+                    reason:
+                      maxLength: 1024
+                      minLength: 1
+                      pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$
+                      type: string
+                    status:
+                      enum:
+                      - "True"
+                      - "False"
+                      - Unknown
+                      type: string
+                    type:
+                      maxLength: 316
+                      pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$
+                      type: string
+                  required:
+                  - lastTransitionTime
+                  - message
+                  - reason
+                  - status
+                  - type
+                  type: object
+                type: array
+              metricsConfig:
+                type: string
+              replicas:
+                type: integer
+              status:
+                type: string
+              version:
+                type: string
+            required:
+            - conditions
+            - metricsConfig
+            - version
+            type: object
+        type: object
+    served: true
+    storage: false
+    subresources:
+      status: {}
+  - additionalPrinterColumns:
+    - jsonPath: .status.metricsConfig
+      name: MetricsConfig
+      type: string
+    - jsonPath: .status.status
+      name: Status
+      type: string
+    - jsonPath: .status.version
+      name: Version
+      type: string
+    name: v4
+    schema:
+      openAPIV3Schema:
+        properties:
+          apiVersion:
+            type: string
+          kind:
+            type: string
+          metadata:
+            type: object
+          spec:
+            properties:
+              azureConfig:
+                properties:
+                  configMap:
+                    properties:
+                      key:
+                        type: string
+                      name:
+                        type: string
+                    type: object
+                type: object
+              database:
+                properties:
+                  azure:
+                    properties:
+                      vaultID:
+                        type: string
+                      vaultPasswordSecret:
+                        type: string
+                      vaultUsernameSecret:
+                        type: string
+                    type: object
+                  dbConnectionString:
+                    properties:
+                      envName:
+                        type: string
+                      key:
+                        type: string
+                      secret:
+                        type: string
+                    type: object
+                  dbPassword:
+                    properties:
+                      envName:
+                        type: string
+                      key:
+                        type: string
+                      secret:
+                        type: string
+                    type: object
+                  dbUser:
+                    properties:
+                      envName:
+                        type: string
+                      key:
+                        type: string
+                      secret:
+                        type: string
+                    type: object
+                  oci:
+                    properties:
+                      vaultID:
+                        type: string
+                      vaultPasswordSecret:
+                        type: string
+                    type: object
+                type: object
+              databases:
+                additionalProperties:
+                  properties:
+                    dbConnectionString:
                       properties:
-                        readOnly:
-                          type: boolean
-                        secretName:
+                        envName:
                           type: string
-                        shareName:
+                        key:
+                          type: string
+                        secret:
                           type: string
-                      required:
-                      - secretName
-                      - shareName
                       type: object
-                    cephfs:
+                    dbPassword:
                       properties:
-                        monitors:
-                          items:
-                            type: string
-                          type: array
-                          x-kubernetes-list-type: atomic
-                        path:
+                        envName:
                           type: string
-                        readOnly:
-                          type: boolean
-                        secretFile:
+                        key:
                           type: string
-                        secretRef:
-                          properties:
-                            name:
-                              default: ""
-                              type: string
-                          type: object
-                          x-kubernetes-map-type: atomic
-                        user:
+                        secret:
                           type: string
-                      required:
-                      - monitors
                       type: object
-                    cinder:
+                    dbUser:
                       properties:
-                        fsType:
+                        envName:
                           type: string
-                        readOnly:
-                          type: boolean
-                        secretRef:
-                          properties:
-                            name:
-                              default: ""
-                              type: string
-                          type: object
-                          x-kubernetes-map-type: atomic
-                        volumeID:
+                        key:
+                          type: string
+                        secret:
                           type: string
-                      required:
-                      - volumeID
                       type: object
-                    configMap:
-                      properties:
-                        defaultMode:
-                          format: int32
-                          type: integer
-                        items:
-                          items:
-                            properties:
-                              key:
-                                type: string
-                              mode:
-                                format: int32
-                                type: integer
-                              path:
-                                type: string
-                            required:
-                            - key
-                            - path
-                            type: object
-                          type: array
-                          x-kubernetes-list-type: atomic
-                        name:
-                          default: ""
-                          type: string
-                        optional:
-                          type: boolean
-                      type: object
-                      x-kubernetes-map-type: atomic
-                    csi:
-                      properties:
-                        driver:
-                          type: string
-                        fsType:
-                          type: string
-                        nodePublishSecretRef:
+                  type: object
+                type: object
+              deployment:
+                properties:
+                  args:
+                    items:
+                      type: string
+                    type: array
+                  commands:
+                    items:
+                      type: string
+                    type: array
+                  env:
+                    additionalProperties:
+                      type: string
+                    type: object
+                  image:
+                    type: string
+                  labels:
+                    additionalProperties:
+                      type: string
+                    type: object
+                  podSecurityContext:
+                    properties:
+                      appArmorProfile:
+                        properties:
+                          localhostProfile:
+                            type: string
+                          type:
+                            type: string
+                        required:
+                        - type
+                        type: object
+                      fsGroup:
+                        format: int64
+                        type: integer
+                      fsGroupChangePolicy:
+                        type: string
+                      runAsGroup:
+                        format: int64
+                        type: integer
+                      runAsNonRoot:
+                        type: boolean
+                      runAsUser:
+                        format: int64
+                        type: integer
+                      seLinuxChangePolicy:
+                        type: string
+                      seLinuxOptions:
+                        properties:
+                          level:
+                            type: string
+                          role:
+                            type: string
+                          type:
+                            type: string
+                          user:
+                            type: string
+                        type: object
+                      seccompProfile:
+                        properties:
+                          localhostProfile:
+                            type: string
+                          type:
+                            type: string
+                        required:
+                        - type
+                        type: object
+                      supplementalGroups:
+                        items:
+                          format: int64
+                          type: integer
+                        type: array
+                        x-kubernetes-list-type: atomic
+                      supplementalGroupsPolicy:
+                        type: string
+                      sysctls:
+                        items:
                           properties:
                             name:
-                              default: ""
                               type: string
+                            value:
+                              type: string
+                          required:
+                          - name
+                          - value
                           type: object
-                          x-kubernetes-map-type: atomic
-                        readOnly:
-                          type: boolean
-                        volumeAttributes:
-                          additionalProperties:
+                        type: array
+                        x-kubernetes-list-type: atomic
+                      windowsOptions:
+                        properties:
+                          gmsaCredentialSpec:
                             type: string
-                          type: object
-                      required:
-                      - driver
+                          gmsaCredentialSpecName:
+                            type: string
+                          hostProcess:
+                            type: boolean
+                          runAsUserName:
+                            type: string
+                        type: object
+                    type: object
+                  podTemplate:
+                    properties:
+                      labels:
+                        additionalProperties:
+                          type: string
+                        type: object
+                    type: object
+                  securityContext:
+                    properties:
+                      allowPrivilegeEscalation:
+                        type: boolean
+                      appArmorProfile:
+                        properties:
+                          localhostProfile:
+                            type: string
+                          type:
+                            type: string
+                        required:
+                        - type
+                        type: object
+                      capabilities:
+                        properties:
+                          add:
+                            items:
+                              type: string
+                            type: array
+                            x-kubernetes-list-type: atomic
+                          drop:
+                            items:
+                              type: string
+                            type: array
+                            x-kubernetes-list-type: atomic
+                        type: object
+                      privileged:
+                        type: boolean
+                      procMount:
+                        type: string
+                      readOnlyRootFilesystem:
+                        type: boolean
+                      runAsGroup:
+                        format: int64
+                        type: integer
+                      runAsNonRoot:
+                        type: boolean
+                      runAsUser:
+                        format: int64
+                        type: integer
+                      seLinuxOptions:
+                        properties:
+                          level:
+                            type: string
+                          role:
+                            type: string
+                          type:
+                            type: string
+                          user:
+                            type: string
+                        type: object
+                      seccompProfile:
+                        properties:
+                          localhostProfile:
+                            type: string
+                          type:
+                            type: string
+                        required:
+                        - type
+                        type: object
+                      windowsOptions:
+                        properties:
+                          gmsaCredentialSpec:
+                            type: string
+                          gmsaCredentialSpecName:
+                            type: string
+                          hostProcess:
+                            type: boolean
+                          runAsUserName:
+                            type: string
+                        type: object
+                    type: object
+                type: object
+              exporterConfig:
+                properties:
+                  configMap:
+                    properties:
+                      key:
+                        type: string
+                      name:
+                        type: string
+                    type: object
+                  mountPath:
+                    type: string
+                type: object
+              inheritLabels:
+                items:
+                  type: string
+                type: array
+              log:
+                properties:
+                  destination:
+                    type: string
+                  disable:
+                    type: boolean
+                  filename:
+                    type: string
+                  volume:
+                    properties:
+                      name:
+                        type: string
+                      persistentVolumeClaim:
+                        properties:
+                          claimName:
+                            type: string
+                        type: object
+                    type: object
+                type: object
+              metrics:
+                properties:
+                  configMap:
+                    items:
+                      properties:
+                        key:
+                          type: string
+                        name:
+                          type: string
                       type: object
-                    downwardAPI:
+                    type: array
+                type: object
+              ociConfig:
+                properties:
+                  configMap:
+                    properties:
+                      key:
+                        type: string
+                      name:
+                        type: string
+                    type: object
+                  mountPath:
+                    type: string
+                  privateKey:
+                    properties:
+                      secret:
+                        type: string
+                    type: object
+                type: object
+              replicas:
+                format: int32
+                type: integer
+              service:
+                properties:
+                  labels:
+                    additionalProperties:
+                      type: string
+                    type: object
+                  ports:
+                    items:
                       properties:
-                        defaultMode:
+                        appProtocol:
+                          type: string
+                        name:
+                          type: string
+                        nodePort:
                           format: int32
                           type: integer
-                        items:
-                          items:
-                            properties:
-                              fieldRef:
-                                properties:
-                                  apiVersion:
-                                    type: string
-                                  fieldPath:
-                                    type: string
-                                required:
-                                - fieldPath
-                                type: object
-                                x-kubernetes-map-type: atomic
-                              mode:
-                                format: int32
-                                type: integer
-                              path:
-                                type: string
-                              resourceFieldRef:
-                                properties:
-                                  containerName:
-                                    type: string
-                                  divisor:
-                                    anyOf:
-                                    - type: integer
-                                    - type: string
-                                    pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
-                                    x-kubernetes-int-or-string: true
-                                  resource:
-                                    type: string
-                                required:
-                                - resource
-                                type: object
-                                x-kubernetes-map-type: atomic
-                            required:
-                            - path
-                            type: object
-                          type: array
-                          x-kubernetes-list-type: atomic
-                      type: object
-                    emptyDir:
-                      properties:
-                        medium:
+                        port:
+                          format: int32
+                          type: integer
+                        protocol:
+                          default: TCP
                           type: string
-                        sizeLimit:
+                        targetPort:
                           anyOf:
                           - type: integer
                           - type: string
-                          pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
                           x-kubernetes-int-or-string: true
+                      required:
+                      - port
                       type: object
-                    ephemeral:
+                    type: array
+                type: object
+              serviceMonitor:
+                properties:
+                  endpoints:
+                    items:
                       properties:
-                        volumeClaimTemplate:
+                        authorization:
                           properties:
-                            metadata:
+                            credentials:
+                              properties:
+                                key:
+                                  type: string
+                                name:
+                                  default: ""
+                                  type: string
+                                optional:
+                                  type: boolean
+                              required:
+                              - key
                               type: object
-                            spec:
+                              x-kubernetes-map-type: atomic
+                            type:
+                              type: string
+                          type: object
+                        basicAuth:
+                          properties:
+                            password:
                               properties:
-                                accessModes:
-                                  items:
-                                    type: string
-                                  type: array
-                                  x-kubernetes-list-type: atomic
-                                dataSource:
-                                  properties:
-                                    apiGroup:
-                                      type: string
-                                    kind:
-                                      type: string
-                                    name:
-                                      type: string
-                                  required:
-                                  - kind
-                                  - name
-                                  type: object
-                                  x-kubernetes-map-type: atomic
-                                dataSourceRef:
-                                  properties:
-                                    apiGroup:
-                                      type: string
-                                    kind:
-                                      type: string
-                                    name:
-                                      type: string
-                                    namespace:
-                                      type: string
-                                  required:
-                                  - kind
-                                  - name
-                                  type: object
-                                resources:
-                                  properties:
-                                    limits:
-                                      additionalProperties:
-                                        anyOf:
-                                        - type: integer
-                                        - type: string
-                                        pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
-                                        x-kubernetes-int-or-string: true
-                                      type: object
-                                    requests:
-                                      additionalProperties:
-                                        anyOf:
-                                        - type: integer
-                                        - type: string
-                                        pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
-                                        x-kubernetes-int-or-string: true
-                                      type: object
-                                  type: object
-                                selector:
-                                  properties:
-                                    matchExpressions:
-                                      items:
-                                        properties:
-                                          key:
-                                            type: string
-                                          operator:
-                                            type: string
-                                          values:
-                                            items:
-                                              type: string
-                                            type: array
-                                            x-kubernetes-list-type: atomic
-                                        required:
-                                        - key
-                                        - operator
-                                        type: object
-                                      type: array
-                                      x-kubernetes-list-type: atomic
-                                    matchLabels:
-                                      additionalProperties:
-                                        type: string
-                                      type: object
-                                  type: object
-                                  x-kubernetes-map-type: atomic
-                                storageClassName:
+                                key:
                                   type: string
-                                volumeAttributesClassName:
+                                name:
+                                  default: ""
                                   type: string
-                                volumeMode:
+                                optional:
+                                  type: boolean
+                              required:
+                              - key
+                              type: object
+                              x-kubernetes-map-type: atomic
+                            username:
+                              properties:
+                                key:
                                   type: string
-                                volumeName:
+                                name:
+                                  default: ""
                                   type: string
+                                optional:
+                                  type: boolean
+                              required:
+                              - key
                               type: object
-                          required:
-                          - spec
+                              x-kubernetes-map-type: atomic
                           type: object
-                      type: object
-                    fc:
-                      properties:
-                        fsType:
-                          type: string
-                        lun:
-                          format: int32
-                          type: integer
-                        readOnly:
-                          type: boolean
-                        targetWWNs:
-                          items:
-                            type: string
-                          type: array
-                          x-kubernetes-list-type: atomic
-                        wwids:
-                          items:
-                            type: string
-                          type: array
-                          x-kubernetes-list-type: atomic
-                      type: object
-                    flexVolume:
-                      properties:
-                        driver:
+                        bearerTokenFile:
                           type: string
-                        fsType:
-                          type: string
-                        options:
-                          additionalProperties:
-                            type: string
-                          type: object
-                        readOnly:
-                          type: boolean
-                        secretRef:
+                        bearerTokenSecret:
                           properties:
+                            key:
+                              type: string
                             name:
                               default: ""
                               type: string
+                            optional:
+                              type: boolean
+                          required:
+                          - key
                           type: object
                           x-kubernetes-map-type: atomic
-                      required:
-                      - driver
-                      type: object
-                    flocker:
-                      properties:
-                        datasetName:
-                          type: string
-                        datasetUUID:
-                          type: string
-                      type: object
-                    gcePersistentDisk:
-                      properties:
-                        fsType:
-                          type: string
-                        partition:
-                          format: int32
-                          type: integer
-                        pdName:
-                          type: string
-                        readOnly:
-                          type: boolean
-                      required:
-                      - pdName
-                      type: object
-                    gitRepo:
-                      properties:
-                        directory:
-                          type: string
-                        repository:
-                          type: string
-                        revision:
-                          type: string
-                      required:
-                      - repository
-                      type: object
-                    glusterfs:
-                      properties:
-                        endpoints:
-                          type: string
-                        path:
-                          type: string
-                        readOnly:
-                          type: boolean
-                      required:
-                      - endpoints
-                      - path
-                      type: object
-                    hostPath:
-                      properties:
-                        path:
-                          type: string
-                        type:
-                          type: string
-                      required:
-                      - path
-                      type: object
-                    image:
-                      properties:
-                        pullPolicy:
-                          type: string
-                        reference:
-                          type: string
-                      type: object
-                    iscsi:
-                      properties:
-                        chapAuthDiscovery:
+                        enableHttp2:
                           type: boolean
-                        chapAuthSession:
-                          type: boolean
-                        fsType:
-                          type: string
-                        initiatorName:
-                          type: string
-                        iqn:
-                          type: string
-                        iscsiInterface:
-                          default: default
-                          type: string
-                        lun:
-                          format: int32
-                          type: integer
-                        portals:
-                          items:
-                            type: string
-                          type: array
-                          x-kubernetes-list-type: atomic
-                        readOnly:
+                        filterRunning:
                           type: boolean
-                        secretRef:
-                          properties:
-                            name:
-                              default: ""
-                              type: string
-                          type: object
-                          x-kubernetes-map-type: atomic
-                        targetPortal:
-                          type: string
-                      required:
-                      - iqn
-                      - lun
-                      - targetPortal
-                      type: object
-                    name:
-                      type: string
-                    nfs:
-                      properties:
-                        path:
-                          type: string
-                        readOnly:
+                        followRedirects:
                           type: boolean
-                        server:
-                          type: string
-                      required:
-                      - path
-                      - server
-                      type: object
-                    persistentVolumeClaim:
-                      properties:
-                        claimName:
-                          type: string
-                        readOnly:
+                        honorLabels:
                           type: boolean
-                      required:
-                      - claimName
-                      type: object
-                    photonPersistentDisk:
-                      properties:
-                        fsType:
-                          type: string
-                        pdID:
-                          type: string
-                      required:
-                      - pdID
-                      type: object
-                    portworxVolume:
-                      properties:
-                        fsType:
-                          type: string
-                        readOnly:
+                        honorTimestamps:
                           type: boolean
-                        volumeID:
+                        interval:
+                          pattern: ^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$
                           type: string
-                      required:
-                      - volumeID
-                      type: object
-                    projected:
-                      properties:
-                        defaultMode:
-                          format: int32
-                          type: integer
-                        sources:
+                        metricRelabelings:
                           items:
                             properties:
-                              clusterTrustBundle:
-                                properties:
-                                  labelSelector:
-                                    properties:
-                                      matchExpressions:
-                                        items:
-                                          properties:
-                                            key:
-                                              type: string
-                                            operator:
-                                              type: string
-                                            values:
-                                              items:
-                                                type: string
-                                              type: array
-                                              x-kubernetes-list-type: atomic
-                                          required:
-                                          - key
-                                          - operator
-                                          type: object
-                                        type: array
-                                        x-kubernetes-list-type: atomic
-                                      matchLabels:
-                                        additionalProperties:
-                                          type: string
-                                        type: object
-                                    type: object
-                                    x-kubernetes-map-type: atomic
-                                  name:
-                                    type: string
-                                  optional:
-                                    type: boolean
-                                  path:
-                                    type: string
-                                  signerName:
-                                    type: string
-                                required:
-                                - path
-                                type: object
-                              configMap:
-                                properties:
-                                  items:
-                                    items:
-                                      properties:
-                                        key:
-                                          type: string
-                                        mode:
-                                          format: int32
-                                          type: integer
-                                        path:
-                                          type: string
-                                      required:
-                                      - key
-                                      - path
-                                      type: object
-                                    type: array
-                                    x-kubernetes-list-type: atomic
-                                  name:
-                                    default: ""
-                                    type: string
-                                  optional:
-                                    type: boolean
-                                type: object
-                                x-kubernetes-map-type: atomic
-                              downwardAPI:
-                                properties:
-                                  items:
-                                    items:
-                                      properties:
-                                        fieldRef:
-                                          properties:
-                                            apiVersion:
-                                              type: string
-                                            fieldPath:
-                                              type: string
-                                          required:
-                                          - fieldPath
-                                          type: object
-                                          x-kubernetes-map-type: atomic
-                                        mode:
-                                          format: int32
-                                          type: integer
-                                        path:
-                                          type: string
-                                        resourceFieldRef:
-                                          properties:
-                                            containerName:
-                                              type: string
-                                            divisor:
-                                              anyOf:
-                                              - type: integer
-                                              - type: string
-                                              pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
-                                              x-kubernetes-int-or-string: true
-                                            resource:
-                                              type: string
-                                          required:
-                                          - resource
-                                          type: object
-                                          x-kubernetes-map-type: atomic
-                                      required:
-                                      - path
-                                      type: object
-                                    type: array
-                                    x-kubernetes-list-type: atomic
-                                type: object
-                              secret:
-                                properties:
-                                  items:
-                                    items:
-                                      properties:
-                                        key:
-                                          type: string
-                                        mode:
-                                          format: int32
-                                          type: integer
-                                        path:
-                                          type: string
-                                      required:
-                                      - key
-                                      - path
-                                      type: object
-                                    type: array
-                                    x-kubernetes-list-type: atomic
-                                  name:
-                                    default: ""
-                                    type: string
-                                  optional:
-                                    type: boolean
-                                type: object
-                                x-kubernetes-map-type: atomic
-                              serviceAccountToken:
-                                properties:
-                                  audience:
-                                    type: string
-                                  expirationSeconds:
-                                    format: int64
-                                    type: integer
-                                  path:
-                                    type: string
-                                required:
-                                - path
-                                type: object
+                              action:
+                                default: replace
+                                enum:
+                                - replace
+                                - Replace
+                                - keep
+                                - Keep
+                                - drop
+                                - Drop
+                                - hashmod
+                                - HashMod
+                                - labelmap
+                                - LabelMap
+                                - labeldrop
+                                - LabelDrop
+                                - labelkeep
+                                - LabelKeep
+                                - lowercase
+                                - Lowercase
+                                - uppercase
+                                - Uppercase
+                                - keepequal
+                                - KeepEqual
+                                - dropequal
+                                - DropEqual
+                                type: string
+                              modulus:
+                                format: int64
+                                type: integer
+                              regex:
+                                type: string
+                              replacement:
+                                type: string
+                              separator:
+                                type: string
+                              sourceLabels:
+                                items:
+                                  pattern: ^[a-zA-Z_][a-zA-Z0-9_]*$
+                                  type: string
+                                type: array
+                              targetLabel:
+                                type: string
                             type: object
                           type: array
-                          x-kubernetes-list-type: atomic
-                      type: object
-                    quobyte:
-                      properties:
-                        group:
-                          type: string
-                        readOnly:
-                          type: boolean
-                        registry:
-                          type: string
-                        tenant:
+                        noProxy:
                           type: string
-                        user:
-                          type: string
-                        volume:
-                          type: string
-                      required:
-                      - registry
-                      - volume
-                      type: object
-                    rbd:
-                      properties:
-                        fsType:
-                          type: string
-                        image:
-                          type: string
-                        keyring:
-                          default: /etc/ceph/keyring
-                          type: string
-                        monitors:
-                          items:
-                            type: string
-                          type: array
-                          x-kubernetes-list-type: atomic
-                        pool:
-                          default: rbd
-                          type: string
-                        readOnly:
-                          type: boolean
-                        secretRef:
+                        oauth2:
                           properties:
-                            name:
-                              default: ""
+                            clientId:
+                              properties:
+                                configMap:
+                                  properties:
+                                    key:
+                                      type: string
+                                    name:
+                                      default: ""
+                                      type: string
+                                    optional:
+                                      type: boolean
+                                  required:
+                                  - key
+                                  type: object
+                                  x-kubernetes-map-type: atomic
+                                secret:
+                                  properties:
+                                    key:
+                                      type: string
+                                    name:
+                                      default: ""
+                                      type: string
+                                    optional:
+                                      type: boolean
+                                  required:
+                                  - key
+                                  type: object
+                                  x-kubernetes-map-type: atomic
+                              type: object
+                            clientSecret:
+                              properties:
+                                key:
+                                  type: string
+                                name:
+                                  default: ""
+                                  type: string
+                                optional:
+                                  type: boolean
+                              required:
+                              - key
+                              type: object
+                              x-kubernetes-map-type: atomic
+                            endpointParams:
+                              additionalProperties:
+                                type: string
+                              type: object
+                            noProxy:
+                              type: string
+                            proxyConnectHeader:
+                              additionalProperties:
+                                items:
+                                  properties:
+                                    key:
+                                      type: string
+                                    name:
+                                      default: ""
+                                      type: string
+                                    optional:
+                                      type: boolean
+                                  required:
+                                  - key
+                                  type: object
+                                  x-kubernetes-map-type: atomic
+                                type: array
+                              type: object
+                              x-kubernetes-map-type: atomic
+                            proxyFromEnvironment:
+                              type: boolean
+                            proxyUrl:
+                              pattern: ^(http|https|socks5)://.+$
+                              type: string
+                            scopes:
+                              items:
+                                type: string
+                              type: array
+                            tlsConfig:
+                              properties:
+                                ca:
+                                  properties:
+                                    configMap:
+                                      properties:
+                                        key:
+                                          type: string
+                                        name:
+                                          default: ""
+                                          type: string
+                                        optional:
+                                          type: boolean
+                                      required:
+                                      - key
+                                      type: object
+                                      x-kubernetes-map-type: atomic
+                                    secret:
+                                      properties:
+                                        key:
+                                          type: string
+                                        name:
+                                          default: ""
+                                          type: string
+                                        optional:
+                                          type: boolean
+                                      required:
+                                      - key
+                                      type: object
+                                      x-kubernetes-map-type: atomic
+                                  type: object
+                                cert:
+                                  properties:
+                                    configMap:
+                                      properties:
+                                        key:
+                                          type: string
+                                        name:
+                                          default: ""
+                                          type: string
+                                        optional:
+                                          type: boolean
+                                      required:
+                                      - key
+                                      type: object
+                                      x-kubernetes-map-type: atomic
+                                    secret:
+                                      properties:
+                                        key:
+                                          type: string
+                                        name:
+                                          default: ""
+                                          type: string
+                                        optional:
+                                          type: boolean
+                                      required:
+                                      - key
+                                      type: object
+                                      x-kubernetes-map-type: atomic
+                                  type: object
+                                insecureSkipVerify:
+                                  type: boolean
+                                keySecret:
+                                  properties:
+                                    key:
+                                      type: string
+                                    name:
+                                      default: ""
+                                      type: string
+                                    optional:
+                                      type: boolean
+                                  required:
+                                  - key
+                                  type: object
+                                  x-kubernetes-map-type: atomic
+                                maxVersion:
+                                  enum:
+                                  - TLS10
+                                  - TLS11
+                                  - TLS12
+                                  - TLS13
+                                  type: string
+                                minVersion:
+                                  enum:
+                                  - TLS10
+                                  - TLS11
+                                  - TLS12
+                                  - TLS13
+                                  type: string
+                                serverName:
+                                  type: string
+                              type: object
+                            tokenUrl:
+                              minLength: 1
                               type: string
+                          required:
+                          - clientId
+                          - clientSecret
+                          - tokenUrl
                           type: object
-                          x-kubernetes-map-type: atomic
-                        user:
-                          default: admin
-                          type: string
-                      required:
-                      - image
-                      - monitors
-                      type: object
-                    scaleIO:
-                      properties:
-                        fsType:
-                          default: xfs
-                          type: string
-                        gateway:
+                        params:
+                          additionalProperties:
+                            items:
+                              type: string
+                            type: array
+                          type: object
+                        path:
                           type: string
-                        protectionDomain:
+                        port:
                           type: string
-                        readOnly:
-                          type: boolean
-                        secretRef:
-                          properties:
-                            name:
-                              default: ""
-                              type: string
+                        proxyConnectHeader:
+                          additionalProperties:
+                            items:
+                              properties:
+                                key:
+                                  type: string
+                                name:
+                                  default: ""
+                                  type: string
+                                optional:
+                                  type: boolean
+                              required:
+                              - key
+                              type: object
+                              x-kubernetes-map-type: atomic
+                            type: array
                           type: object
                           x-kubernetes-map-type: atomic
-                        sslEnabled:
+                        proxyFromEnvironment:
                           type: boolean
-                        storageMode:
-                          default: ThinProvisioned
-                          type: string
-                        storagePool:
+                        proxyUrl:
+                          pattern: ^(http|https|socks5)://.+$
                           type: string
-                        system:
-                          type: string
-                        volumeName:
-                          type: string
-                      required:
-                      - gateway
-                      - secretRef
-                      - system
-                      type: object
-                    secret:
-                      properties:
-                        defaultMode:
-                          format: int32
-                          type: integer
-                        items:
+                        relabelings:
                           items:
                             properties:
-                              key:
+                              action:
+                                default: replace
+                                enum:
+                                - replace
+                                - Replace
+                                - keep
+                                - Keep
+                                - drop
+                                - Drop
+                                - hashmod
+                                - HashMod
+                                - labelmap
+                                - LabelMap
+                                - labeldrop
+                                - LabelDrop
+                                - labelkeep
+                                - LabelKeep
+                                - lowercase
+                                - Lowercase
+                                - uppercase
+                                - Uppercase
+                                - keepequal
+                                - KeepEqual
+                                - dropequal
+                                - DropEqual
                                 type: string
-                              mode:
-                                format: int32
+                              modulus:
+                                format: int64
                                 type: integer
-                              path:
+                              regex:
+                                type: string
+                              replacement:
+                                type: string
+                              separator:
+                                type: string
+                              sourceLabels:
+                                items:
+                                  pattern: ^[a-zA-Z_][a-zA-Z0-9_]*$
+                                  type: string
+                                type: array
+                              targetLabel:
                                 type: string
-                            required:
-                            - key
-                            - path
                             type: object
                           type: array
-                          x-kubernetes-list-type: atomic
-                        optional:
-                          type: boolean
-                        secretName:
+                        scheme:
+                          enum:
+                          - http
+                          - https
                           type: string
-                      type: object
-                    storageos:
-                      properties:
-                        fsType:
+                        scrapeTimeout:
+                          pattern: ^(0|(([0-9]+)y)?(([0-9]+)w)?(([0-9]+)d)?(([0-9]+)h)?(([0-9]+)m)?(([0-9]+)s)?(([0-9]+)ms)?)$
                           type: string
-                        readOnly:
-                          type: boolean
-                        secretRef:
+                        targetPort:
+                          anyOf:
+                          - type: integer
+                          - type: string
+                          x-kubernetes-int-or-string: true
+                        tlsConfig:
                           properties:
-                            name:
-                              default: ""
-                              type: string
-                          type: object
-                          x-kubernetes-map-type: atomic
-                        volumeName:
-                          type: string
-                        volumeNamespace:
-                          type: string
-                      type: object
-                    vsphereVolume:
-                      properties:
-                        fsType:
-                          type: string
-                        storagePolicyID:
-                          type: string
-                        storagePolicyName:
-                          type: string
-                        volumePath:
-                          type: string
-                      required:
-                      - volumePath
-                      type: object
-                  required:
-                  - name
-                  type: object
-                type: array
-              sidecars:
-                items:
-                  properties:
-                    args:
-                      items:
-                        type: string
-                      type: array
-                      x-kubernetes-list-type: atomic
-                    command:
-                      items:
-                        type: string
-                      type: array
-                      x-kubernetes-list-type: atomic
-                    env:
-                      items:
-                        properties:
-                          name:
+                            ca:
+                              properties:
+                                configMap:
+                                  properties:
+                                    key:
+                                      type: string
+                                    name:
+                                      default: ""
+                                      type: string
+                                    optional:
+                                      type: boolean
+                                  required:
+                                  - key
+                                  type: object
+                                  x-kubernetes-map-type: atomic
+                                secret:
+                                  properties:
+                                    key:
+                                      type: string
+                                    name:
+                                      default: ""
+                                      type: string
+                                    optional:
+                                      type: boolean
+                                  required:
+                                  - key
+                                  type: object
+                                  x-kubernetes-map-type: atomic
+                              type: object
+                            caFile:
+                              type: string
+                            cert:
+                              properties:
+                                configMap:
+                                  properties:
+                                    key:
+                                      type: string
+                                    name:
+                                      default: ""
+                                      type: string
+                                    optional:
+                                      type: boolean
+                                  required:
+                                  - key
+                                  type: object
+                                  x-kubernetes-map-type: atomic
+                                secret:
+                                  properties:
+                                    key:
+                                      type: string
+                                    name:
+                                      default: ""
+                                      type: string
+                                    optional:
+                                      type: boolean
+                                  required:
+                                  - key
+                                  type: object
+                                  x-kubernetes-map-type: atomic
+                              type: object
+                            certFile:
+                              type: string
+                            insecureSkipVerify:
+                              type: boolean
+                            keyFile:
+                              type: string
+                            keySecret:
+                              properties:
+                                key:
+                                  type: string
+                                name:
+                                  default: ""
+                                  type: string
+                                optional:
+                                  type: boolean
+                              required:
+                              - key
+                              type: object
+                              x-kubernetes-map-type: atomic
+                            maxVersion:
+                              enum:
+                              - TLS10
+                              - TLS11
+                              - TLS12
+                              - TLS13
+                              type: string
+                            minVersion:
+                              enum:
+                              - TLS10
+                              - TLS11
+                              - TLS12
+                              - TLS13
+                              type: string
+                            serverName:
+                              type: string
+                          type: object
+                        trackTimestampsStaleness:
+                          type: boolean
+                      type: object
+                    type: array
+                  labels:
+                    additionalProperties:
+                      type: string
+                    type: object
+                  namespaceSelector:
+                    properties:
+                      any:
+                        type: boolean
+                      matchNames:
+                        items:
+                          type: string
+                        type: array
+                    type: object
+                type: object
+              sidecar:
+                properties:
+                  containers:
+                    items:
+                      properties:
+                        args:
+                          items:
                             type: string
-                          value:
+                          type: array
+                          x-kubernetes-list-type: atomic
+                        command:
+                          items:
                             type: string
-                          valueFrom:
+                          type: array
+                          x-kubernetes-list-type: atomic
+                        env:
+                          items:
                             properties:
-                              configMapKeyRef:
+                              name:
+                                type: string
+                              value:
+                                type: string
+                              valueFrom:
+                                properties:
+                                  configMapKeyRef:
+                                    properties:
+                                      key:
+                                        type: string
+                                      name:
+                                        default: ""
+                                        type: string
+                                      optional:
+                                        type: boolean
+                                    required:
+                                    - key
+                                    type: object
+                                    x-kubernetes-map-type: atomic
+                                  fieldRef:
+                                    properties:
+                                      apiVersion:
+                                        type: string
+                                      fieldPath:
+                                        type: string
+                                    required:
+                                    - fieldPath
+                                    type: object
+                                    x-kubernetes-map-type: atomic
+                                  fileKeyRef:
+                                    properties:
+                                      key:
+                                        type: string
+                                      optional:
+                                        default: false
+                                        type: boolean
+                                      path:
+                                        type: string
+                                      volumeName:
+                                        type: string
+                                    required:
+                                    - key
+                                    - path
+                                    - volumeName
+                                    type: object
+                                    x-kubernetes-map-type: atomic
+                                  resourceFieldRef:
+                                    properties:
+                                      containerName:
+                                        type: string
+                                      divisor:
+                                        anyOf:
+                                        - type: integer
+                                        - type: string
+                                        pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+                                        x-kubernetes-int-or-string: true
+                                      resource:
+                                        type: string
+                                    required:
+                                    - resource
+                                    type: object
+                                    x-kubernetes-map-type: atomic
+                                  secretKeyRef:
+                                    properties:
+                                      key:
+                                        type: string
+                                      name:
+                                        default: ""
+                                        type: string
+                                      optional:
+                                        type: boolean
+                                    required:
+                                    - key
+                                    type: object
+                                    x-kubernetes-map-type: atomic
+                                type: object
+                            required:
+                            - name
+                            type: object
+                          type: array
+                          x-kubernetes-list-map-keys:
+                          - name
+                          x-kubernetes-list-type: map
+                        envFrom:
+                          items:
+                            properties:
+                              configMapRef:
                                 properties:
-                                  key:
-                                    type: string
                                   name:
                                     default: ""
                                     type: string
                                   optional:
                                     type: boolean
-                                required:
-                                - key
-                                type: object
-                                x-kubernetes-map-type: atomic
-                              fieldRef:
-                                properties:
-                                  apiVersion:
-                                    type: string
-                                  fieldPath:
-                                    type: string
-                                required:
-                                - fieldPath
-                                type: object
-                                x-kubernetes-map-type: atomic
-                              resourceFieldRef:
-                                properties:
-                                  containerName:
-                                    type: string
-                                  divisor:
-                                    anyOf:
-                                    - type: integer
-                                    - type: string
-                                    pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
-                                    x-kubernetes-int-or-string: true
-                                  resource:
-                                    type: string
-                                required:
-                                - resource
                                 type: object
                                 x-kubernetes-map-type: atomic
-                              secretKeyRef:
+                              prefix:
+                                type: string
+                              secretRef:
                                 properties:
-                                  key:
-                                    type: string
                                   name:
                                     default: ""
                                     type: string
                                   optional:
                                     type: boolean
-                                required:
-                                - key
                                 type: object
                                 x-kubernetes-map-type: atomic
                             type: object
-                        required:
-                        - name
-                        type: object
-                      type: array
-                      x-kubernetes-list-map-keys:
-                      - name
-                      x-kubernetes-list-type: map
-                    envFrom:
-                      items:
-                        properties:
-                          configMapRef:
-                            properties:
-                              name:
-                                default: ""
-                                type: string
-                              optional:
-                                type: boolean
-                            type: object
-                            x-kubernetes-map-type: atomic
-                          prefix:
-                            type: string
-                          secretRef:
-                            properties:
-                              name:
-                                default: ""
-                                type: string
-                              optional:
-                                type: boolean
-                            type: object
-                            x-kubernetes-map-type: atomic
-                        type: object
-                      type: array
-                      x-kubernetes-list-type: atomic
-                    image:
-                      type: string
-                    imagePullPolicy:
-                      type: string
-                    lifecycle:
-                      properties:
-                        postStart:
+                          type: array
+                          x-kubernetes-list-type: atomic
+                        image:
+                          type: string
+                        imagePullPolicy:
+                          type: string
+                        lifecycle:
                           properties:
-                            exec:
+                            postStart:
                               properties:
-                                command:
-                                  items:
-                                    type: string
-                                  type: array
-                                  x-kubernetes-list-type: atomic
+                                exec:
+                                  properties:
+                                    command:
+                                      items:
+                                        type: string
+                                      type: array
+                                      x-kubernetes-list-type: atomic
+                                  type: object
+                                httpGet:
+                                  properties:
+                                    host:
+                                      type: string
+                                    httpHeaders:
+                                      items:
+                                        properties:
+                                          name:
+                                            type: string
+                                          value:
+                                            type: string
+                                        required:
+                                        - name
+                                        - value
+                                        type: object
+                                      type: array
+                                      x-kubernetes-list-type: atomic
+                                    path:
+                                      type: string
+                                    port:
+                                      anyOf:
+                                      - type: integer
+                                      - type: string
+                                      x-kubernetes-int-or-string: true
+                                    scheme:
+                                      type: string
+                                  required:
+                                  - port
+                                  type: object
+                                sleep:
+                                  properties:
+                                    seconds:
+                                      format: int64
+                                      type: integer
+                                  required:
+                                  - seconds
+                                  type: object
+                                tcpSocket:
+                                  properties:
+                                    host:
+                                      type: string
+                                    port:
+                                      anyOf:
+                                      - type: integer
+                                      - type: string
+                                      x-kubernetes-int-or-string: true
+                                  required:
+                                  - port
+                                  type: object
                               type: object
-                            httpGet:
+                            preStop:
                               properties:
-                                host:
-                                  type: string
-                                httpHeaders:
-                                  items:
-                                    properties:
-                                      name:
-                                        type: string
-                                      value:
+                                exec:
+                                  properties:
+                                    command:
+                                      items:
                                         type: string
-                                    required:
-                                    - name
-                                    - value
+                                      type: array
+                                      x-kubernetes-list-type: atomic
+                                  type: object
+                                httpGet:
+                                  properties:
+                                    host:
+                                      type: string
+                                    httpHeaders:
+                                      items:
+                                        properties:
+                                          name:
+                                            type: string
+                                          value:
+                                            type: string
+                                        required:
+                                        - name
+                                        - value
+                                        type: object
+                                      type: array
+                                      x-kubernetes-list-type: atomic
+                                    path:
+                                      type: string
+                                    port:
+                                      anyOf:
+                                      - type: integer
+                                      - type: string
+                                      x-kubernetes-int-or-string: true
+                                    scheme:
+                                      type: string
+                                  required:
+                                  - port
+                                  type: object
+                                sleep:
+                                  properties:
+                                    seconds:
+                                      format: int64
+                                      type: integer
+                                  required:
+                                  - seconds
+                                  type: object
+                                tcpSocket:
+                                  properties:
+                                    host:
+                                      type: string
+                                    port:
+                                      anyOf:
+                                      - type: integer
+                                      - type: string
+                                      x-kubernetes-int-or-string: true
+                                  required:
+                                  - port
+                                  type: object
+                              type: object
+                            stopSignal:
+                              type: string
+                          type: object
+                        livenessProbe:
+                          properties:
+                            exec:
+                              properties:
+                                command:
+                                  items:
+                                    type: string
+                                  type: array
+                                  x-kubernetes-list-type: atomic
+                              type: object
+                            failureThreshold:
+                              format: int32
+                              type: integer
+                            grpc:
+                              properties:
+                                port:
+                                  format: int32
+                                  type: integer
+                                service:
+                                  default: ""
+                                  type: string
+                              required:
+                              - port
+                              type: object
+                            httpGet:
+                              properties:
+                                host:
+                                  type: string
+                                httpHeaders:
+                                  items:
+                                    properties:
+                                      name:
+                                        type: string
+                                      value:
+                                        type: string
+                                    required:
+                                    - name
+                                    - value
                                     type: object
                                   type: array
                                   x-kubernetes-list-type: atomic
@@ -8189,14 +7534,15 @@ spec:
                               required:
                               - port
                               type: object
-                            sleep:
-                              properties:
-                                seconds:
-                                  format: int64
-                                  type: integer
-                              required:
-                              - seconds
-                              type: object
+                            initialDelaySeconds:
+                              format: int32
+                              type: integer
+                            periodSeconds:
+                              format: int32
+                              type: integer
+                            successThreshold:
+                              format: int32
+                              type: integer
                             tcpSocket:
                               properties:
                                 host:
@@ -8209,8 +7555,40 @@ spec:
                               required:
                               - port
                               type: object
+                            terminationGracePeriodSeconds:
+                              format: int64
+                              type: integer
+                            timeoutSeconds:
+                              format: int32
+                              type: integer
                           type: object
-                        preStop:
+                        name:
+                          type: string
+                        ports:
+                          items:
+                            properties:
+                              containerPort:
+                                format: int32
+                                type: integer
+                              hostIP:
+                                type: string
+                              hostPort:
+                                format: int32
+                                type: integer
+                              name:
+                                type: string
+                              protocol:
+                                default: TCP
+                                type: string
+                            required:
+                            - containerPort
+                            type: object
+                          type: array
+                          x-kubernetes-list-map-keys:
+                          - containerPort
+                          - protocol
+                          x-kubernetes-list-type: map
+                        readinessProbe:
                           properties:
                             exec:
                               properties:
@@ -8220,6 +7598,20 @@ spec:
                                   type: array
                                   x-kubernetes-list-type: atomic
                               type: object
+                            failureThreshold:
+                              format: int32
+                              type: integer
+                            grpc:
+                              properties:
+                                port:
+                                  format: int32
+                                  type: integer
+                                service:
+                                  default: ""
+                                  type: string
+                              required:
+                              - port
+                              type: object
                             httpGet:
                               properties:
                                 host:
@@ -8249,14 +7641,15 @@ spec:
                               required:
                               - port
                               type: object
-                            sleep:
-                              properties:
-                                seconds:
-                                  format: int64
-                                  type: integer
-                              required:
-                              - seconds
-                              type: object
+                            initialDelaySeconds:
+                              format: int32
+                              type: integer
+                            periodSeconds:
+                              format: int32
+                              type: integer
+                            successThreshold:
+                              format: int32
+                              type: integer
                             tcpSocket:
                               properties:
                                 host:
@@ -8269,453 +7662,1112 @@ spec:
                               required:
                               - port
                               type: object
-                          type: object
-                      type: object
-                    livenessProbe:
-                      properties:
-                        exec:
-                          properties:
-                            command:
-                              items:
-                                type: string
-                              type: array
-                              x-kubernetes-list-type: atomic
-                          type: object
-                        failureThreshold:
-                          format: int32
-                          type: integer
-                        grpc:
-                          properties:
-                            port:
+                            terminationGracePeriodSeconds:
+                              format: int64
+                              type: integer
+                            timeoutSeconds:
                               format: int32
                               type: integer
-                            service:
-                              default: ""
-                              type: string
-                          required:
-                          - port
                           type: object
-                        httpGet:
+                        resizePolicy:
+                          items:
+                            properties:
+                              resourceName:
+                                type: string
+                              restartPolicy:
+                                type: string
+                            required:
+                            - resourceName
+                            - restartPolicy
+                            type: object
+                          type: array
+                          x-kubernetes-list-type: atomic
+                        resources:
                           properties:
-                            host:
-                              type: string
-                            httpHeaders:
+                            claims:
                               items:
                                 properties:
                                   name:
                                     type: string
-                                  value:
+                                  request:
                                     type: string
                                 required:
                                 - name
-                                - value
                                 type: object
                               type: array
-                              x-kubernetes-list-type: atomic
-                            path:
-                              type: string
-                            port:
-                              anyOf:
-                              - type: integer
-                              - type: string
-                              x-kubernetes-int-or-string: true
-                            scheme:
-                              type: string
-                          required:
-                          - port
-                          type: object
-                        initialDelaySeconds:
-                          format: int32
-                          type: integer
-                        periodSeconds:
-                          format: int32
-                          type: integer
-                        successThreshold:
-                          format: int32
-                          type: integer
-                        tcpSocket:
-                          properties:
-                            host:
-                              type: string
-                            port:
-                              anyOf:
-                              - type: integer
-                              - type: string
-                              x-kubernetes-int-or-string: true
-                          required:
-                          - port
+                              x-kubernetes-list-map-keys:
+                              - name
+                              x-kubernetes-list-type: map
+                            limits:
+                              additionalProperties:
+                                anyOf:
+                                - type: integer
+                                - type: string
+                                pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+                                x-kubernetes-int-or-string: true
+                              type: object
+                            requests:
+                              additionalProperties:
+                                anyOf:
+                                - type: integer
+                                - type: string
+                                pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+                                x-kubernetes-int-or-string: true
+                              type: object
                           type: object
-                        terminationGracePeriodSeconds:
-                          format: int64
-                          type: integer
-                        timeoutSeconds:
-                          format: int32
-                          type: integer
-                      type: object
-                    name:
-                      type: string
-                    ports:
-                      items:
-                        properties:
-                          containerPort:
-                            format: int32
-                            type: integer
-                          hostIP:
-                            type: string
-                          hostPort:
-                            format: int32
-                            type: integer
-                          name:
-                            type: string
-                          protocol:
-                            default: TCP
-                            type: string
-                        required:
-                        - containerPort
-                        type: object
-                      type: array
-                      x-kubernetes-list-map-keys:
-                      - containerPort
-                      - protocol
-                      x-kubernetes-list-type: map
-                    readinessProbe:
-                      properties:
-                        exec:
-                          properties:
-                            command:
-                              items:
+                        restartPolicy:
+                          type: string
+                        restartPolicyRules:
+                          items:
+                            properties:
+                              action:
                                 type: string
-                              type: array
-                              x-kubernetes-list-type: atomic
-                          type: object
-                        failureThreshold:
-                          format: int32
-                          type: integer
-                        grpc:
-                          properties:
-                            port:
-                              format: int32
-                              type: integer
-                            service:
-                              default: ""
-                              type: string
-                          required:
-                          - port
-                          type: object
-                        httpGet:
-                          properties:
-                            host:
-                              type: string
-                            httpHeaders:
-                              items:
+                              exitCodes:
                                 properties:
-                                  name:
-                                    type: string
-                                  value:
+                                  operator:
                                     type: string
+                                  values:
+                                    items:
+                                      format: int32
+                                      type: integer
+                                    type: array
+                                    x-kubernetes-list-type: set
                                 required:
-                                - name
-                                - value
+                                - operator
                                 type: object
-                              type: array
-                              x-kubernetes-list-type: atomic
-                            path:
-                              type: string
-                            port:
-                              anyOf:
-                              - type: integer
-                              - type: string
-                              x-kubernetes-int-or-string: true
-                            scheme:
-                              type: string
-                          required:
-                          - port
-                          type: object
-                        initialDelaySeconds:
-                          format: int32
-                          type: integer
-                        periodSeconds:
-                          format: int32
-                          type: integer
-                        successThreshold:
-                          format: int32
-                          type: integer
-                        tcpSocket:
-                          properties:
-                            host:
-                              type: string
-                            port:
-                              anyOf:
-                              - type: integer
-                              - type: string
-                              x-kubernetes-int-or-string: true
-                          required:
-                          - port
-                          type: object
-                        terminationGracePeriodSeconds:
-                          format: int64
-                          type: integer
-                        timeoutSeconds:
-                          format: int32
-                          type: integer
-                      type: object
-                    resizePolicy:
-                      items:
-                        properties:
-                          resourceName:
-                            type: string
-                          restartPolicy:
-                            type: string
-                        required:
-                        - resourceName
-                        - restartPolicy
-                        type: object
-                      type: array
-                      x-kubernetes-list-type: atomic
-                    resources:
-                      properties:
-                        claims:
-                          items:
-                            properties:
-                              name:
-                                type: string
-                              request:
-                                type: string
                             required:
-                            - name
+                            - action
                             type: object
                           type: array
-                          x-kubernetes-list-map-keys:
-                          - name
-                          x-kubernetes-list-type: map
-                        limits:
-                          additionalProperties:
-                            anyOf:
-                            - type: integer
-                            - type: string
-                            pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
-                            x-kubernetes-int-or-string: true
-                          type: object
-                        requests:
-                          additionalProperties:
-                            anyOf:
-                            - type: integer
-                            - type: string
-                            pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
-                            x-kubernetes-int-or-string: true
-                          type: object
-                      type: object
-                    restartPolicy:
-                      type: string
-                    securityContext:
-                      properties:
-                        allowPrivilegeEscalation:
-                          type: boolean
-                        appArmorProfile:
+                          x-kubernetes-list-type: atomic
+                        securityContext:
                           properties:
-                            localhostProfile:
-                              type: string
-                            type:
+                            allowPrivilegeEscalation:
+                              type: boolean
+                            appArmorProfile:
+                              properties:
+                                localhostProfile:
+                                  type: string
+                                type:
+                                  type: string
+                              required:
+                              - type
+                              type: object
+                            capabilities:
+                              properties:
+                                add:
+                                  items:
+                                    type: string
+                                  type: array
+                                  x-kubernetes-list-type: atomic
+                                drop:
+                                  items:
+                                    type: string
+                                  type: array
+                                  x-kubernetes-list-type: atomic
+                              type: object
+                            privileged:
+                              type: boolean
+                            procMount:
                               type: string
-                          required:
-                          - type
+                            readOnlyRootFilesystem:
+                              type: boolean
+                            runAsGroup:
+                              format: int64
+                              type: integer
+                            runAsNonRoot:
+                              type: boolean
+                            runAsUser:
+                              format: int64
+                              type: integer
+                            seLinuxOptions:
+                              properties:
+                                level:
+                                  type: string
+                                role:
+                                  type: string
+                                type:
+                                  type: string
+                                user:
+                                  type: string
+                              type: object
+                            seccompProfile:
+                              properties:
+                                localhostProfile:
+                                  type: string
+                                type:
+                                  type: string
+                              required:
+                              - type
+                              type: object
+                            windowsOptions:
+                              properties:
+                                gmsaCredentialSpec:
+                                  type: string
+                                gmsaCredentialSpecName:
+                                  type: string
+                                hostProcess:
+                                  type: boolean
+                                runAsUserName:
+                                  type: string
+                              type: object
                           type: object
-                        capabilities:
+                        startupProbe:
                           properties:
-                            add:
-                              items:
-                                type: string
-                              type: array
-                              x-kubernetes-list-type: atomic
-                            drop:
-                              items:
-                                type: string
-                              type: array
-                              x-kubernetes-list-type: atomic
+                            exec:
+                              properties:
+                                command:
+                                  items:
+                                    type: string
+                                  type: array
+                                  x-kubernetes-list-type: atomic
+                              type: object
+                            failureThreshold:
+                              format: int32
+                              type: integer
+                            grpc:
+                              properties:
+                                port:
+                                  format: int32
+                                  type: integer
+                                service:
+                                  default: ""
+                                  type: string
+                              required:
+                              - port
+                              type: object
+                            httpGet:
+                              properties:
+                                host:
+                                  type: string
+                                httpHeaders:
+                                  items:
+                                    properties:
+                                      name:
+                                        type: string
+                                      value:
+                                        type: string
+                                    required:
+                                    - name
+                                    - value
+                                    type: object
+                                  type: array
+                                  x-kubernetes-list-type: atomic
+                                path:
+                                  type: string
+                                port:
+                                  anyOf:
+                                  - type: integer
+                                  - type: string
+                                  x-kubernetes-int-or-string: true
+                                scheme:
+                                  type: string
+                              required:
+                              - port
+                              type: object
+                            initialDelaySeconds:
+                              format: int32
+                              type: integer
+                            periodSeconds:
+                              format: int32
+                              type: integer
+                            successThreshold:
+                              format: int32
+                              type: integer
+                            tcpSocket:
+                              properties:
+                                host:
+                                  type: string
+                                port:
+                                  anyOf:
+                                  - type: integer
+                                  - type: string
+                                  x-kubernetes-int-or-string: true
+                              required:
+                              - port
+                              type: object
+                            terminationGracePeriodSeconds:
+                              format: int64
+                              type: integer
+                            timeoutSeconds:
+                              format: int32
+                              type: integer
                           type: object
-                        privileged:
+                        stdin:
                           type: boolean
-                        procMount:
-                          type: string
-                        readOnlyRootFilesystem:
+                        stdinOnce:
                           type: boolean
-                        runAsGroup:
-                          format: int64
-                          type: integer
-                        runAsNonRoot:
+                        terminationMessagePath:
+                          type: string
+                        terminationMessagePolicy:
+                          type: string
+                        tty:
                           type: boolean
-                        runAsUser:
-                          format: int64
-                          type: integer
-                        seLinuxOptions:
+                        volumeDevices:
+                          items:
+                            properties:
+                              devicePath:
+                                type: string
+                              name:
+                                type: string
+                            required:
+                            - devicePath
+                            - name
+                            type: object
+                          type: array
+                          x-kubernetes-list-map-keys:
+                          - devicePath
+                          x-kubernetes-list-type: map
+                        volumeMounts:
+                          items:
+                            properties:
+                              mountPath:
+                                type: string
+                              mountPropagation:
+                                type: string
+                              name:
+                                type: string
+                              readOnly:
+                                type: boolean
+                              recursiveReadOnly:
+                                type: string
+                              subPath:
+                                type: string
+                              subPathExpr:
+                                type: string
+                            required:
+                            - mountPath
+                            - name
+                            type: object
+                          type: array
+                          x-kubernetes-list-map-keys:
+                          - mountPath
+                          x-kubernetes-list-type: map
+                        workingDir:
+                          type: string
+                      required:
+                      - name
+                      type: object
+                    type: array
+                  volumes:
+                    items:
+                      properties:
+                        awsElasticBlockStore:
                           properties:
-                            level:
+                            fsType:
                               type: string
-                            role:
-                              type: string
-                            type:
-                              type: string
-                            user:
+                            partition:
+                              format: int32
+                              type: integer
+                            readOnly:
+                              type: boolean
+                            volumeID:
                               type: string
+                          required:
+                          - volumeID
                           type: object
-                        seccompProfile:
+                        azureDisk:
                           properties:
-                            localhostProfile:
+                            cachingMode:
                               type: string
-                            type:
+                            diskName:
+                              type: string
+                            diskURI:
+                              type: string
+                            fsType:
+                              default: ext4
+                              type: string
+                            kind:
                               type: string
+                            readOnly:
+                              default: false
+                              type: boolean
                           required:
-                          - type
+                          - diskName
+                          - diskURI
                           type: object
-                        windowsOptions:
+                        azureFile:
                           properties:
-                            gmsaCredentialSpec:
-                              type: string
-                            gmsaCredentialSpecName:
-                              type: string
-                            hostProcess:
+                            readOnly:
                               type: boolean
-                            runAsUserName:
+                            secretName:
+                              type: string
+                            shareName:
                               type: string
+                          required:
+                          - secretName
+                          - shareName
                           type: object
-                      type: object
-                    startupProbe:
-                      properties:
-                        exec:
+                        cephfs:
                           properties:
-                            command:
+                            monitors:
                               items:
                                 type: string
                               type: array
                               x-kubernetes-list-type: atomic
+                            path:
+                              type: string
+                            readOnly:
+                              type: boolean
+                            secretFile:
+                              type: string
+                            secretRef:
+                              properties:
+                                name:
+                                  default: ""
+                                  type: string
+                              type: object
+                              x-kubernetes-map-type: atomic
+                            user:
+                              type: string
+                          required:
+                          - monitors
                           type: object
-                        failureThreshold:
-                          format: int32
-                          type: integer
-                        grpc:
+                        cinder:
                           properties:
-                            port:
-                              format: int32
-                              type: integer
-                            service:
-                              default: ""
+                            fsType:
+                              type: string
+                            readOnly:
+                              type: boolean
+                            secretRef:
+                              properties:
+                                name:
+                                  default: ""
+                                  type: string
+                              type: object
+                              x-kubernetes-map-type: atomic
+                            volumeID:
                               type: string
                           required:
-                          - port
+                          - volumeID
                           type: object
-                        httpGet:
+                        configMap:
                           properties:
-                            host:
-                              type: string
-                            httpHeaders:
+                            defaultMode:
+                              format: int32
+                              type: integer
+                            items:
                               items:
                                 properties:
-                                  name:
+                                  key:
                                     type: string
-                                  value:
+                                  mode:
+                                    format: int32
+                                    type: integer
+                                  path:
                                     type: string
                                 required:
-                                - name
-                                - value
+                                - key
+                                - path
                                 type: object
                               type: array
                               x-kubernetes-list-type: atomic
-                            path:
-                              type: string
-                            port:
-                              anyOf:
-                              - type: integer
-                              - type: string
-                              x-kubernetes-int-or-string: true
-                            scheme:
+                            name:
+                              default: ""
                               type: string
-                          required:
-                          - port
+                            optional:
+                              type: boolean
                           type: object
-                        initialDelaySeconds:
-                          format: int32
-                          type: integer
-                        periodSeconds:
-                          format: int32
-                          type: integer
-                        successThreshold:
-                          format: int32
-                          type: integer
-                        tcpSocket:
+                          x-kubernetes-map-type: atomic
+                        csi:
                           properties:
-                            host:
+                            driver:
                               type: string
-                            port:
-                              anyOf:
-                              - type: integer
-                              - type: string
+                            fsType:
+                              type: string
+                            nodePublishSecretRef:
+                              properties:
+                                name:
+                                  default: ""
+                                  type: string
+                              type: object
+                              x-kubernetes-map-type: atomic
+                            readOnly:
+                              type: boolean
+                            volumeAttributes:
+                              additionalProperties:
+                                type: string
+                              type: object
+                          required:
+                          - driver
+                          type: object
+                        downwardAPI:
+                          properties:
+                            defaultMode:
+                              format: int32
+                              type: integer
+                            items:
+                              items:
+                                properties:
+                                  fieldRef:
+                                    properties:
+                                      apiVersion:
+                                        type: string
+                                      fieldPath:
+                                        type: string
+                                    required:
+                                    - fieldPath
+                                    type: object
+                                    x-kubernetes-map-type: atomic
+                                  mode:
+                                    format: int32
+                                    type: integer
+                                  path:
+                                    type: string
+                                  resourceFieldRef:
+                                    properties:
+                                      containerName:
+                                        type: string
+                                      divisor:
+                                        anyOf:
+                                        - type: integer
+                                        - type: string
+                                        pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+                                        x-kubernetes-int-or-string: true
+                                      resource:
+                                        type: string
+                                    required:
+                                    - resource
+                                    type: object
+                                    x-kubernetes-map-type: atomic
+                                required:
+                                - path
+                                type: object
+                              type: array
+                              x-kubernetes-list-type: atomic
+                          type: object
+                        emptyDir:
+                          properties:
+                            medium:
+                              type: string
+                            sizeLimit:
+                              anyOf:
+                              - type: integer
+                              - type: string
+                              pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
                               x-kubernetes-int-or-string: true
+                          type: object
+                        ephemeral:
+                          properties:
+                            volumeClaimTemplate:
+                              properties:
+                                metadata:
+                                  type: object
+                                spec:
+                                  properties:
+                                    accessModes:
+                                      items:
+                                        type: string
+                                      type: array
+                                      x-kubernetes-list-type: atomic
+                                    dataSource:
+                                      properties:
+                                        apiGroup:
+                                          type: string
+                                        kind:
+                                          type: string
+                                        name:
+                                          type: string
+                                      required:
+                                      - kind
+                                      - name
+                                      type: object
+                                      x-kubernetes-map-type: atomic
+                                    dataSourceRef:
+                                      properties:
+                                        apiGroup:
+                                          type: string
+                                        kind:
+                                          type: string
+                                        name:
+                                          type: string
+                                        namespace:
+                                          type: string
+                                      required:
+                                      - kind
+                                      - name
+                                      type: object
+                                    resources:
+                                      properties:
+                                        limits:
+                                          additionalProperties:
+                                            anyOf:
+                                            - type: integer
+                                            - type: string
+                                            pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+                                            x-kubernetes-int-or-string: true
+                                          type: object
+                                        requests:
+                                          additionalProperties:
+                                            anyOf:
+                                            - type: integer
+                                            - type: string
+                                            pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+                                            x-kubernetes-int-or-string: true
+                                          type: object
+                                      type: object
+                                    selector:
+                                      properties:
+                                        matchExpressions:
+                                          items:
+                                            properties:
+                                              key:
+                                                type: string
+                                              operator:
+                                                type: string
+                                              values:
+                                                items:
+                                                  type: string
+                                                type: array
+                                                x-kubernetes-list-type: atomic
+                                            required:
+                                            - key
+                                            - operator
+                                            type: object
+                                          type: array
+                                          x-kubernetes-list-type: atomic
+                                        matchLabels:
+                                          additionalProperties:
+                                            type: string
+                                          type: object
+                                      type: object
+                                      x-kubernetes-map-type: atomic
+                                    storageClassName:
+                                      type: string
+                                    volumeAttributesClassName:
+                                      type: string
+                                    volumeMode:
+                                      type: string
+                                    volumeName:
+                                      type: string
+                                  type: object
+                              required:
+                              - spec
+                              type: object
+                          type: object
+                        fc:
+                          properties:
+                            fsType:
+                              type: string
+                            lun:
+                              format: int32
+                              type: integer
+                            readOnly:
+                              type: boolean
+                            targetWWNs:
+                              items:
+                                type: string
+                              type: array
+                              x-kubernetes-list-type: atomic
+                            wwids:
+                              items:
+                                type: string
+                              type: array
+                              x-kubernetes-list-type: atomic
+                          type: object
+                        flexVolume:
+                          properties:
+                            driver:
+                              type: string
+                            fsType:
+                              type: string
+                            options:
+                              additionalProperties:
+                                type: string
+                              type: object
+                            readOnly:
+                              type: boolean
+                            secretRef:
+                              properties:
+                                name:
+                                  default: ""
+                                  type: string
+                              type: object
+                              x-kubernetes-map-type: atomic
                           required:
-                          - port
+                          - driver
                           type: object
-                        terminationGracePeriodSeconds:
-                          format: int64
-                          type: integer
-                        timeoutSeconds:
-                          format: int32
-                          type: integer
+                        flocker:
+                          properties:
+                            datasetName:
+                              type: string
+                            datasetUUID:
+                              type: string
+                          type: object
+                        gcePersistentDisk:
+                          properties:
+                            fsType:
+                              type: string
+                            partition:
+                              format: int32
+                              type: integer
+                            pdName:
+                              type: string
+                            readOnly:
+                              type: boolean
+                          required:
+                          - pdName
+                          type: object
+                        gitRepo:
+                          properties:
+                            directory:
+                              type: string
+                            repository:
+                              type: string
+                            revision:
+                              type: string
+                          required:
+                          - repository
+                          type: object
+                        glusterfs:
+                          properties:
+                            endpoints:
+                              type: string
+                            path:
+                              type: string
+                            readOnly:
+                              type: boolean
+                          required:
+                          - endpoints
+                          - path
+                          type: object
+                        hostPath:
+                          properties:
+                            path:
+                              type: string
+                            type:
+                              type: string
+                          required:
+                          - path
+                          type: object
+                        image:
+                          properties:
+                            pullPolicy:
+                              type: string
+                            reference:
+                              type: string
+                          type: object
+                        iscsi:
+                          properties:
+                            chapAuthDiscovery:
+                              type: boolean
+                            chapAuthSession:
+                              type: boolean
+                            fsType:
+                              type: string
+                            initiatorName:
+                              type: string
+                            iqn:
+                              type: string
+                            iscsiInterface:
+                              default: default
+                              type: string
+                            lun:
+                              format: int32
+                              type: integer
+                            portals:
+                              items:
+                                type: string
+                              type: array
+                              x-kubernetes-list-type: atomic
+                            readOnly:
+                              type: boolean
+                            secretRef:
+                              properties:
+                                name:
+                                  default: ""
+                                  type: string
+                              type: object
+                              x-kubernetes-map-type: atomic
+                            targetPortal:
+                              type: string
+                          required:
+                          - iqn
+                          - lun
+                          - targetPortal
+                          type: object
+                        name:
+                          type: string
+                        nfs:
+                          properties:
+                            path:
+                              type: string
+                            readOnly:
+                              type: boolean
+                            server:
+                              type: string
+                          required:
+                          - path
+                          - server
+                          type: object
+                        persistentVolumeClaim:
+                          properties:
+                            claimName:
+                              type: string
+                            readOnly:
+                              type: boolean
+                          required:
+                          - claimName
+                          type: object
+                        photonPersistentDisk:
+                          properties:
+                            fsType:
+                              type: string
+                            pdID:
+                              type: string
+                          required:
+                          - pdID
+                          type: object
+                        portworxVolume:
+                          properties:
+                            fsType:
+                              type: string
+                            readOnly:
+                              type: boolean
+                            volumeID:
+                              type: string
+                          required:
+                          - volumeID
+                          type: object
+                        projected:
+                          properties:
+                            defaultMode:
+                              format: int32
+                              type: integer
+                            sources:
+                              items:
+                                properties:
+                                  clusterTrustBundle:
+                                    properties:
+                                      labelSelector:
+                                        properties:
+                                          matchExpressions:
+                                            items:
+                                              properties:
+                                                key:
+                                                  type: string
+                                                operator:
+                                                  type: string
+                                                values:
+                                                  items:
+                                                    type: string
+                                                  type: array
+                                                  x-kubernetes-list-type: atomic
+                                              required:
+                                              - key
+                                              - operator
+                                              type: object
+                                            type: array
+                                            x-kubernetes-list-type: atomic
+                                          matchLabels:
+                                            additionalProperties:
+                                              type: string
+                                            type: object
+                                        type: object
+                                        x-kubernetes-map-type: atomic
+                                      name:
+                                        type: string
+                                      optional:
+                                        type: boolean
+                                      path:
+                                        type: string
+                                      signerName:
+                                        type: string
+                                    required:
+                                    - path
+                                    type: object
+                                  configMap:
+                                    properties:
+                                      items:
+                                        items:
+                                          properties:
+                                            key:
+                                              type: string
+                                            mode:
+                                              format: int32
+                                              type: integer
+                                            path:
+                                              type: string
+                                          required:
+                                          - key
+                                          - path
+                                          type: object
+                                        type: array
+                                        x-kubernetes-list-type: atomic
+                                      name:
+                                        default: ""
+                                        type: string
+                                      optional:
+                                        type: boolean
+                                    type: object
+                                    x-kubernetes-map-type: atomic
+                                  downwardAPI:
+                                    properties:
+                                      items:
+                                        items:
+                                          properties:
+                                            fieldRef:
+                                              properties:
+                                                apiVersion:
+                                                  type: string
+                                                fieldPath:
+                                                  type: string
+                                              required:
+                                              - fieldPath
+                                              type: object
+                                              x-kubernetes-map-type: atomic
+                                            mode:
+                                              format: int32
+                                              type: integer
+                                            path:
+                                              type: string
+                                            resourceFieldRef:
+                                              properties:
+                                                containerName:
+                                                  type: string
+                                                divisor:
+                                                  anyOf:
+                                                  - type: integer
+                                                  - type: string
+                                                  pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+                                                  x-kubernetes-int-or-string: true
+                                                resource:
+                                                  type: string
+                                              required:
+                                              - resource
+                                              type: object
+                                              x-kubernetes-map-type: atomic
+                                          required:
+                                          - path
+                                          type: object
+                                        type: array
+                                        x-kubernetes-list-type: atomic
+                                    type: object
+                                  podCertificate:
+                                    properties:
+                                      certificateChainPath:
+                                        type: string
+                                      credentialBundlePath:
+                                        type: string
+                                      keyPath:
+                                        type: string
+                                      keyType:
+                                        type: string
+                                      maxExpirationSeconds:
+                                        format: int32
+                                        type: integer
+                                      signerName:
+                                        type: string
+                                    required:
+                                    - keyType
+                                    - signerName
+                                    type: object
+                                  secret:
+                                    properties:
+                                      items:
+                                        items:
+                                          properties:
+                                            key:
+                                              type: string
+                                            mode:
+                                              format: int32
+                                              type: integer
+                                            path:
+                                              type: string
+                                          required:
+                                          - key
+                                          - path
+                                          type: object
+                                        type: array
+                                        x-kubernetes-list-type: atomic
+                                      name:
+                                        default: ""
+                                        type: string
+                                      optional:
+                                        type: boolean
+                                    type: object
+                                    x-kubernetes-map-type: atomic
+                                  serviceAccountToken:
+                                    properties:
+                                      audience:
+                                        type: string
+                                      expirationSeconds:
+                                        format: int64
+                                        type: integer
+                                      path:
+                                        type: string
+                                    required:
+                                    - path
+                                    type: object
+                                type: object
+                              type: array
+                              x-kubernetes-list-type: atomic
+                          type: object
+                        quobyte:
+                          properties:
+                            group:
+                              type: string
+                            readOnly:
+                              type: boolean
+                            registry:
+                              type: string
+                            tenant:
+                              type: string
+                            user:
+                              type: string
+                            volume:
+                              type: string
+                          required:
+                          - registry
+                          - volume
+                          type: object
+                        rbd:
+                          properties:
+                            fsType:
+                              type: string
+                            image:
+                              type: string
+                            keyring:
+                              default: /etc/ceph/keyring
+                              type: string
+                            monitors:
+                              items:
+                                type: string
+                              type: array
+                              x-kubernetes-list-type: atomic
+                            pool:
+                              default: rbd
+                              type: string
+                            readOnly:
+                              type: boolean
+                            secretRef:
+                              properties:
+                                name:
+                                  default: ""
+                                  type: string
+                              type: object
+                              x-kubernetes-map-type: atomic
+                            user:
+                              default: admin
+                              type: string
+                          required:
+                          - image
+                          - monitors
+                          type: object
+                        scaleIO:
+                          properties:
+                            fsType:
+                              default: xfs
+                              type: string
+                            gateway:
+                              type: string
+                            protectionDomain:
+                              type: string
+                            readOnly:
+                              type: boolean
+                            secretRef:
+                              properties:
+                                name:
+                                  default: ""
+                                  type: string
+                              type: object
+                              x-kubernetes-map-type: atomic
+                            sslEnabled:
+                              type: boolean
+                            storageMode:
+                              default: ThinProvisioned
+                              type: string
+                            storagePool:
+                              type: string
+                            system:
+                              type: string
+                            volumeName:
+                              type: string
+                          required:
+                          - gateway
+                          - secretRef
+                          - system
+                          type: object
+                        secret:
+                          properties:
+                            defaultMode:
+                              format: int32
+                              type: integer
+                            items:
+                              items:
+                                properties:
+                                  key:
+                                    type: string
+                                  mode:
+                                    format: int32
+                                    type: integer
+                                  path:
+                                    type: string
+                                required:
+                                - key
+                                - path
+                                type: object
+                              type: array
+                              x-kubernetes-list-type: atomic
+                            optional:
+                              type: boolean
+                            secretName:
+                              type: string
+                          type: object
+                        storageos:
+                          properties:
+                            fsType:
+                              type: string
+                            readOnly:
+                              type: boolean
+                            secretRef:
+                              properties:
+                                name:
+                                  default: ""
+                                  type: string
+                              type: object
+                              x-kubernetes-map-type: atomic
+                            volumeName:
+                              type: string
+                            volumeNamespace:
+                              type: string
+                          type: object
+                        vsphereVolume:
+                          properties:
+                            fsType:
+                              type: string
+                            storagePolicyID:
+                              type: string
+                            storagePolicyName:
+                              type: string
+                            volumePath:
+                              type: string
+                          required:
+                          - volumePath
+                          type: object
+                      required:
+                      - name
                       type: object
-                    stdin:
-                      type: boolean
-                    stdinOnce:
-                      type: boolean
-                    terminationMessagePath:
-                      type: string
-                    terminationMessagePolicy:
-                      type: string
-                    tty:
-                      type: boolean
-                    volumeDevices:
-                      items:
-                        properties:
-                          devicePath:
-                            type: string
-                          name:
-                            type: string
-                        required:
-                        - devicePath
-                        - name
-                        type: object
-                      type: array
-                      x-kubernetes-list-map-keys:
-                      - devicePath
-                      x-kubernetes-list-type: map
-                    volumeMounts:
-                      items:
-                        properties:
-                          mountPath:
-                            type: string
-                          mountPropagation:
-                            type: string
-                          name:
-                            type: string
-                          readOnly:
-                            type: boolean
-                          recursiveReadOnly:
-                            type: string
-                          subPath:
-                            type: string
-                          subPathExpr:
-                            type: string
-                        required:
-                        - mountPath
-                        - name
-                        type: object
-                      type: array
-                      x-kubernetes-list-map-keys:
-                      - mountPath
-                      x-kubernetes-list-type: map
-                    workingDir:
-                      type: string
-                  required:
-                  - name
-                  type: object
-                type: array
+                    type: array
+                type: object
+              wallet:
+                properties:
+                  additional:
+                    items:
+                      properties:
+                        mountPath:
+                          type: string
+                        name:
+                          type: string
+                        secret:
+                          type: string
+                      type: object
+                    type: array
+                  mountPath:
+                    type: string
+                  secret:
+                    type: string
+                type: object
             type: object
           status:
             properties:
@@ -8755,7 +8807,7 @@ spec:
                   - type
                   type: object
                 type: array
-              exporterConfig:
+              metricsConfig:
                 type: string
               replicas:
                 type: integer
@@ -8765,7 +8817,7 @@ spec:
                 type: string
             required:
             - conditions
-            - exporterConfig
+            - metricsConfig
             - version
             type: object
         type: object
@@ -8778,7 +8830,8 @@ apiVersion: apiextensions.k8s.io/v1
 kind: CustomResourceDefinition
 metadata:
   annotations:
-    controller-gen.kubebuilder.io/version: v0.16.5
+    cert-manager.io/inject-ca-from: oracle-database-operator-system/oracle-database-operator-serving-cert
+    controller-gen.kubebuilder.io/version: v0.17.3
   name: dataguardbrokers.database.oracle.com
 spec:
   group: database.oracle.com
@@ -8786,6 +8839,9 @@ spec:
     kind: DataguardBroker
     listKind: DataguardBrokerList
     plural: dataguardbrokers
+    shortNames:
+    - dgbroker
+    - dgbrokers
     singular: dataguardbroker
   scope: Namespaced
   versions:
@@ -8989,7 +9045,7 @@ kind: CustomResourceDefinition
 metadata:
   annotations:
     cert-manager.io/inject-ca-from: oracle-database-operator-system/oracle-database-operator-serving-cert
-    controller-gen.kubebuilder.io/version: v0.16.5
+    controller-gen.kubebuilder.io/version: v0.17.3
   name: dbcssystems.database.oracle.com
 spec:
   group: database.oracle.com
@@ -9373,7 +9429,23 @@ spec:
     storage: false
     subresources:
       status: {}
-  - name: v4
+  - additionalPrinterColumns:
+    - jsonPath: .status.displayName
+      name: Display Name
+      type: string
+    - jsonPath: .status.dbInfo[0].dbName
+      name: DB Name
+      type: string
+    - jsonPath: .status.state
+      name: State
+      type: string
+    - jsonPath: .status.dbInfo[0].dbVersion
+      name: DB Version
+      type: string
+    - jsonPath: .status.dbInfo[0].connectionString
+      name: ConnString
+      type: string
+    name: v4
     schema:
       openAPIV3Schema:
         properties:
@@ -9385,6 +9457,45 @@ spec:
             type: object
           spec:
             properties:
+              dataGuard:
+                properties:
+                  availabilityDomain:
+                    type: string
+                  dbAdminPasswordSecret:
+                    type: string
+                  dbName:
+                    type: string
+                  dbSystemFreeformTags:
+                    additionalProperties:
+                      type: string
+                    type: object
+                  displayName:
+                    type: string
+                  enabled:
+                    type: boolean
+                  hostName:
+                    type: string
+                  isDelete:
+                    type: boolean
+                  peerDbHomeId:
+                    type: string
+                  peerDbSystemId:
+                    type: string
+                  peerRole:
+                    type: string
+                  primaryDatabaseId:
+                    type: string
+                  protectionMode:
+                    type: string
+                  shape:
+                    type: string
+                  sidPrefix:
+                    type: string
+                  subnetId:
+                    type: string
+                  transportType:
+                    type: string
+                type: object
               databaseId:
                 type: string
               dbBackupId:
@@ -9393,10 +9504,10 @@ spec:
                 properties:
                   dbAdminPasswordSecret:
                     type: string
-                  dbDbUniqueName:
-                    type: string
                   dbName:
                     type: string
+                  dbUniqueName:
+                    type: string
                   displayName:
                     type: string
                   domain:
@@ -9424,7 +9535,6 @@ spec:
                   tdeWalletPasswordSecret:
                     type: string
                 required:
-                - dbDbUniqueName
                 - dbName
                 - displayName
                 - hostName
@@ -9434,6 +9544,8 @@ spec:
                 properties:
                   availabilityDomain:
                     type: string
+                  backupDisplayName:
+                    type: string
                   backupSubnetId:
                     type: string
                   clusterName:
@@ -9459,10 +9571,16 @@ spec:
                     type: string
                   dbEdition:
                     type: string
+                  dbHomeId:
+                    type: string
                   dbName:
                     type: string
+                  dbPatchOcid:
+                    type: string
                   dbUniqueName:
                     type: string
+                  dbUpgradeVersion:
+                    type: string
                   dbVersion:
                     type: string
                   dbWorkload:
@@ -9502,6 +9620,16 @@ spec:
                     type: string
                   privateIp:
                     type: string
+                  restoreConfig:
+                    properties:
+                      latest:
+                        type: boolean
+                      scn:
+                        type: string
+                      timestamp:
+                        format: date-time
+                        type: string
+                    type: object
                   shape:
                     type: string
                   sshPublicKeys:
@@ -9520,18 +9648,17 @@ spec:
                     type: string
                   timeZone:
                     type: string
-                required:
-                - availabilityDomain
-                - compartmentId
-                - dbAdminPasswordSecret
-                - hostName
-                - shape
-                - subnetId
                 type: object
+              enableBackup:
+                type: boolean
               hardLink:
                 type: boolean
               id:
                 type: string
+              isPatch:
+                type: boolean
+              isUpgrade:
+                type: boolean
               kmsConfig:
                 properties:
                   compartmentId:
@@ -9585,20 +9712,72 @@ spec:
             properties:
               availabilityDomain:
                 type: string
+              backups:
+                items:
+                  properties:
+                    backupId:
+                      type: string
+                    name:
+                      type: string
+                    timestamp:
+                      type: string
+                  required:
+                  - backupId
+                  - name
+                  - timestamp
+                  type: object
+                type: array
               cpuCoreCount:
                 type: integer
+              dataGuardStatus:
+                properties:
+                  dbAdminPasswordSecret:
+                    type: string
+                  dbName:
+                    type: string
+                  dbWorkload:
+                    type: string
+                  id:
+                    type: string
+                  isActiveDataGuardEnabled:
+                    type: boolean
+                  lifecycleDetails:
+                    type: string
+                  lifecycleState:
+                    type: string
+                  peerDataGuardAssociationId:
+                    type: string
+                  peerDatabaseId:
+                    type: string
+                  peerDbHomeId:
+                    type: string
+                  peerDbSystemId:
+                    type: string
+                  peerRole:
+                    type: string
+                  primaryDatabaseId:
+                    type: string
+                  protectionMode:
+                    type: string
+                  shape:
+                    type: string
+                  subnetId:
+                    type: string
+                  transportType:
+                    type: string
+                type: object
               dataStoragePercentage:
                 type: integer
               dataStorageSizeInGBs:
                 type: integer
               dbCloneStatus:
                 properties:
-                  dbAdminPaswordSecret:
-                    type: string
-                  dbDbUniqueName:
+                  dbAdminPasswordSecret:
                     type: string
                   dbName:
                     type: string
+                  dbUniqueName:
+                    type: string
                   displayName:
                     type: string
                   domain:
@@ -9615,15 +9794,16 @@ spec:
                     type: array
                   subnetId:
                     type: string
-                required:
-                - dbDbUniqueName
-                - hostName
                 type: object
               dbEdition:
                 type: string
               dbInfo:
                 items:
                   properties:
+                    connectionString:
+                      type: string
+                    connectionStringLong:
+                      type: string
                     dbHomeId:
                       type: string
                     dbName:
@@ -9636,6 +9816,8 @@ spec:
                       type: string
                   type: object
                 type: array
+              dbVersion:
+                type: string
               displayName:
                 type: string
               id:
@@ -9661,6 +9843,8 @@ spec:
                 type: object
               licenseModel:
                 type: string
+              message:
+                type: string
               network:
                 properties:
                   clientSubnet:
@@ -9729,9 +9913,6 @@ spec:
                       type: string
                     timeStarted:
                       type: string
-                  required:
-                  - operationId
-                  - operationType
                   type: object
                 type: array
             required:
@@ -9747,7 +9928,8 @@ apiVersion: apiextensions.k8s.io/v1
 kind: CustomResourceDefinition
 metadata:
   annotations:
-    controller-gen.kubebuilder.io/version: v0.16.5
+    cert-manager.io/inject-ca-from: oracle-database-operator-system/oracle-database-operator-serving-cert
+    controller-gen.kubebuilder.io/version: v0.17.3
   name: lrests.database.oracle.com
 spec:
   group: database.oracle.com
@@ -9799,6 +9981,8 @@ spec:
             type: object
           spec:
             properties:
+              autodiscover:
+                type: boolean
               cdbAdminPwd:
                 properties:
                   secret:
@@ -9861,6 +10045,21 @@ spec:
                 required:
                 - secret
                 type: object
+              cdbTlsCat:
+                properties:
+                  secret:
+                    properties:
+                      key:
+                        type: string
+                      secretName:
+                        type: string
+                    required:
+                    - key
+                    - secretName
+                    type: object
+                required:
+                - secret
+                type: object
               cdbTlsCrt:
                 properties:
                   secret:
@@ -9891,6 +10090,9 @@ spec:
                 required:
                 - secret
                 type: object
+              clusterIp:
+                default: false
+                type: boolean
               dbPort:
                 type: integer
               dbServer:
@@ -9899,6 +10101,9 @@ spec:
                 type: string
               deletePdbCascade:
                 type: boolean
+              loadBalancer:
+                default: false
+                type: boolean
               lrestImage:
                 type: string
               lrestImagePullPolicy:
@@ -9909,6 +10114,7 @@ spec:
               lrestImagePullSecret:
                 type: string
               lrestPort:
+                default: 8888
                 type: integer
               lrestPwd:
                 properties:
@@ -9925,12 +10131,16 @@ spec:
                 required:
                 - secret
                 type: object
+              namespaceAutoDiscover:
+                type: string
               nodeSelector:
                 additionalProperties:
                   type: string
                 type: object
               replicas:
                 type: integer
+              serviceAccountName:
+                type: string
               serviceName:
                 type: string
               sysAdminPwd:
@@ -9948,6 +10158,9 @@ spec:
                 required:
                 - secret
                 type: object
+              trace_level_client:
+                default: 0
+                type: integer
               webServerPwd:
                 properties:
                   secret:
@@ -10001,7 +10214,8 @@ apiVersion: apiextensions.k8s.io/v1
 kind: CustomResourceDefinition
 metadata:
   annotations:
-    controller-gen.kubebuilder.io/version: v0.16.5
+    cert-manager.io/inject-ca-from: oracle-database-operator-system/oracle-database-operator-serving-cert
+    controller-gen.kubebuilder.io/version: v0.17.3
   name: lrpdbs.database.oracle.com
 spec:
   group: database.oracle.com
@@ -10029,18 +10243,26 @@ spec:
       jsonPath: .status.totalSize
       name: PDB Size
       type: string
-    - description: Status of the LRPDB Resource
-      jsonPath: .status.phase
-      name: Status
-      type: string
     - description: Error message, if any
       jsonPath: .status.msg
       name: Message
       type: string
+    - description: open restricted
+      jsonPath: .status.restricted
+      name: Restricted
+      type: string
     - description: last sqlcode
       jsonPath: .status.sqlCode
       name: last sqlcode
       type: integer
+    - description: last plsql applied
+      jsonPath: .status.lastplsql
+      name: last PLSQL
+      type: string
+    - description: Bitmask status
+      jsonPath: .status.pdbBitMaskStr
+      name: BITMASK STATUS
+      type: string
     - description: The connect string to be used
       jsonPath: .status.connString
       name: Connect_String
@@ -10058,17 +10280,6 @@ spec:
           spec:
             properties:
               action:
-                enum:
-                - Create
-                - Clone
-                - Plug
-                - Unplug
-                - Delete
-                - Modify
-                - Status
-                - Map
-                - Alter
-                - Noaction
                 type: string
               adminName:
                 properties:
@@ -10100,113 +10311,7 @@ spec:
                 required:
                 - secret
                 type: object
-              adminpdbPass:
-                properties:
-                  secret:
-                    properties:
-                      key:
-                        type: string
-                      secretName:
-                        type: string
-                    required:
-                    - key
-                    - secretName
-                    type: object
-                required:
-                - secret
-                type: object
-              adminpdbUser:
-                properties:
-                  secret:
-                    properties:
-                      key:
-                        type: string
-                      secretName:
-                        type: string
-                    required:
-                    - key
-                    - secretName
-                    type: object
-                required:
-                - secret
-                type: object
-              alterSystem:
-                type: string
-              alterSystemParameter:
-                type: string
-              alterSystemValue:
-                type: string
-              asClone:
-                type: boolean
-              assertiveLrpdbDeletion:
-                type: boolean
-              cdbName:
-                type: string
-              cdbNamespace:
-                type: string
-              cdbPrvKey:
-                properties:
-                  secret:
-                    properties:
-                      key:
-                        type: string
-                      secretName:
-                        type: string
-                    required:
-                    - key
-                    - secretName
-                    type: object
-                required:
-                - secret
-                type: object
-              cdbResName:
-                type: string
-              copyAction:
-                enum:
-                - COPY
-                - NOCOPY
-                - MOVE
-                type: string
-              dropAction:
-                enum:
-                - INCLUDING
-                - KEEP
-                type: string
-              fileNameConversions:
-                type: string
-              getScript:
-                type: boolean
-              lrpdbTlsCat:
-                properties:
-                  secret:
-                    properties:
-                      key:
-                        type: string
-                      secretName:
-                        type: string
-                    required:
-                    - key
-                    - secretName
-                    type: object
-                required:
-                - secret
-                type: object
-              lrpdbTlsCrt:
-                properties:
-                  secret:
-                    properties:
-                      key:
-                        type: string
-                      secretName:
-                        type: string
-                    required:
-                    - key
-                    - secretName
-                    type: object
-                required:
-                - secret
-                type: object
-              lrpdbTlsKey:
+              adminpdbPass:
                 properties:
                   secret:
                     properties:
@@ -10221,41 +10326,7 @@ spec:
                 required:
                 - secret
                 type: object
-              modifyOption:
-                enum:
-                - IMMEDIATE
-                - NORMAL
-                - READ ONLY
-                - READ WRITE
-                - RESTRICTED
-                type: string
-              parameterScope:
-                type: string
-              pdbName:
-                type: string
-              pdbState:
-                enum:
-                - OPEN
-                - CLOSE
-                - ALTER
-                type: string
-              pdbconfigmap:
-                type: string
-              reuseTempFile:
-                type: boolean
-              sourceFileNameConversions:
-                type: string
-              sparseClonePath:
-                type: string
-              srcPdbName:
-                type: string
-              tdeExport:
-                type: boolean
-              tdeImport:
-                type: boolean
-              tdeKeystorePath:
-                type: string
-              tdePassword:
+              adminpdbUser:
                 properties:
                   secret:
                     properties:
@@ -10270,7 +10341,19 @@ spec:
                 required:
                 - secret
                 type: object
-              tdeSecret:
+              alterSystem:
+                type: string
+              alterSystemParameter:
+                type: string
+              alterSystemValue:
+                type: string
+              asClone:
+                type: boolean
+              cdbName:
+                type: string
+              cdbNamespace:
+                type: string
+              cdbPrvKey:
                 properties:
                   secret:
                     properties:
@@ -10285,13 +10368,31 @@ spec:
                 required:
                 - secret
                 type: object
-              tempSize:
+              cdbResName:
                 type: string
-              totalSize:
+              codeconfigmap:
                 type: string
-              unlimitedStorage:
+              copyAction:
+                enum:
+                - COPY
+                - NOCOPY
+                - MOVE
+                type: string
+              debug:
+                type: integer
+              dropAction:
+                enum:
+                - INCLUDING
+                - KEEP
+                type: string
+              fileNameConversions:
+                type: string
+              getScript:
+                default: false
                 type: boolean
-              webServerPwd:
+              imperativeLrpdbDeletion:
+                type: boolean
+              lrpdbTlsCat:
                 properties:
                   secret:
                     properties:
@@ -10306,7 +10407,7 @@ spec:
                 required:
                 - secret
                 type: object
-              webServerUser:
+              lrpdbTlsCrt:
                 properties:
                   secret:
                     properties:
@@ -10321,406 +10422,177 @@ spec:
                 required:
                 - secret
                 type: object
-              xmlFileName:
-                type: string
-            required:
-            - action
-            - alterSystemParameter
-            - alterSystemValue
-            - webServerPwd
-            type: object
-          status:
-            properties:
-              action:
-                type: string
-              alterSystem:
-                type: string
-              bitstat:
-                type: integer
-              bitstatstr:
-                type: string
-              connString:
-                type: string
-              modifyOption:
-                type: string
-              msg:
-                type: string
-              openMode:
-                type: string
-              phase:
-                type: string
-              sqlCode:
-                type: integer
-              status:
-                type: boolean
-              totalSize:
-                type: string
-            required:
-            - phase
-            - sqlCode
-            - status
-            type: object
-        type: object
-    served: true
-    storage: true
-    subresources:
-      status: {}
----
-apiVersion: apiextensions.k8s.io/v1
-kind: CustomResourceDefinition
-metadata:
-  annotations:
-    controller-gen.kubebuilder.io/version: v0.16.5
-  name: oraclerestdataservices.database.oracle.com
-spec:
-  group: database.oracle.com
-  names:
-    kind: OracleRestDataService
-    listKind: OracleRestDataServiceList
-    plural: oraclerestdataservices
-    singular: oraclerestdataservice
-  scope: Namespaced
-  versions:
-  - additionalPrinterColumns:
-    - jsonPath: .status.status
-      name: Status
-      type: string
-    - jsonPath: .spec.databaseRef
-      name: Database
-      type: string
-    - jsonPath: .status.databaseApiUrl
-      name: Database API URL
-      type: string
-    - jsonPath: .status.databaseActionsUrl
-      name: Database Actions URL
-      type: string
-    - jsonPath: .status.apexUrl
-      name: Apex URL
-      type: string
-    - jsonPath: .status.mongoDbApiAccessUrl
-      name: MongoDbApi Access URL
-      type: string
-    name: v1alpha1
-    schema:
-      openAPIV3Schema:
-        properties:
-          apiVersion:
-            type: string
-          kind:
-            type: string
-          metadata:
-            type: object
-          spec:
-            properties:
-              adminPassword:
-                properties:
-                  keepSecret:
-                    type: boolean
-                  secretKey:
-                    default: oracle_pwd
-                    type: string
-                  secretName:
-                    type: string
-                required:
-                - secretName
-                type: object
-              databaseRef:
-                type: string
-              image:
-                properties:
-                  pullFrom:
-                    type: string
-                  pullSecrets:
-                    type: string
-                  version:
-                    type: string
-                required:
-                - pullFrom
-                type: object
-              loadBalancer:
-                type: boolean
-              mongoDbApi:
-                type: boolean
-              nodeSelector:
-                additionalProperties:
-                  type: string
-                type: object
-              oracleService:
-                type: string
-              ordsPassword:
-                properties:
-                  keepSecret:
-                    type: boolean
-                  secretKey:
-                    default: oracle_pwd
-                    type: string
-                  secretName:
-                    type: string
-                required:
-                - secretName
-                type: object
-              ordsUser:
-                type: string
-              persistence:
-                properties:
-                  accessMode:
-                    enum:
-                    - ReadWriteOnce
-                    - ReadWriteMany
-                    type: string
-                  setWritePermissions:
-                    type: boolean
-                  size:
-                    type: string
-                  storageClass:
-                    type: string
-                  volumeName:
-                    type: string
-                type: object
-              readinessCheckPeriod:
-                type: integer
-              replicas:
-                minimum: 1
-                type: integer
-              restEnableSchemas:
-                items:
-                  properties:
-                    enable:
-                      type: boolean
-                    pdbName:
-                      type: string
-                    schemaName:
-                      type: string
-                    urlMapping:
-                      type: string
-                  required:
-                  - enable
-                  - schemaName
-                  type: object
-                type: array
-              serviceAccountName:
-                type: string
-              serviceAnnotations:
-                additionalProperties:
-                  type: string
+              lrpdbTlsKey:
+                properties:
+                  secret:
+                    properties:
+                      key:
+                        type: string
+                      secretName:
+                        type: string
+                    required:
+                    - key
+                    - secretName
+                    type: object
+                required:
+                - secret
                 type: object
-            required:
-            - adminPassword
-            - databaseRef
-            - ordsPassword
-            type: object
-          status:
-            properties:
-              apexConfigured:
-                type: boolean
-              apexUrl:
+              modifyOption:
+                enum:
+                - IMMEDIATE
+                - NORMAL
+                - READ ONLY
+                - READ WRITE
+                - RESTRICTED
                 type: string
-              commonUsersCreated:
-                type: boolean
-              databaseActionsUrl:
+              modifyOption2:
+                default: NONE
                 type: string
-              databaseApiUrl:
+              parameterScope:
                 type: string
-              databaseRef:
+              pdbName:
                 type: string
-              image:
-                properties:
-                  pullFrom:
-                    type: string
-                  pullSecrets:
-                    type: string
-                  version:
-                    type: string
-                required:
-                - pullFrom
-                type: object
-              loadBalancer:
+              pdbState:
+                enum:
+                - OPEN
+                - CLOSE
+                - ALTER
+                - DELETE
+                - UNPLUG
+                - PLUG
+                - CLONE
+                - RESET
+                - NONE
                 type: string
-              mongoDbApi:
-                type: boolean
-              mongoDbApiAccessUrl:
+              pdbconfigmap:
                 type: string
-              ordsInstalled:
-                type: boolean
-              replicas:
+              plsqlexemode:
                 type: integer
-              serviceIP:
+              reststate:
+                type: integer
+              reuseTempFile:
+                default: true
+                type: boolean
+              sourceFileNameConversions:
                 type: string
-              status:
+              sparseClonePath:
                 type: string
-            type: object
-        type: object
-    served: true
-    storage: false
-    subresources:
-      status: {}
-  - additionalPrinterColumns:
-    - jsonPath: .status.status
-      name: Status
-      type: string
-    - jsonPath: .spec.databaseRef
-      name: Database
-      type: string
-    - jsonPath: .status.databaseApiUrl
-      name: Database API URL
-      type: string
-    - jsonPath: .status.databaseActionsUrl
-      name: Database Actions URL
-      type: string
-    - jsonPath: .status.apexUrl
-      name: Apex URL
-      type: string
-    - jsonPath: .status.mongoDbApiAccessUrl
-      name: MongoDbApi Access URL
-      type: string
-    name: v4
-    schema:
-      openAPIV3Schema:
-        properties:
-          apiVersion:
-            type: string
-          kind:
-            type: string
-          metadata:
-            type: object
-          spec:
-            properties:
-              adminPassword:
+              srcPdbName:
+                type: string
+              tdeExport:
+                type: boolean
+              tdeImport:
+                type: boolean
+              tdeKeystorePath:
+                type: string
+              tdePassword:
                 properties:
-                  keepSecret:
-                    type: boolean
-                  secretKey:
-                    default: oracle_pwd
-                    type: string
-                  secretName:
-                    type: string
+                  secret:
+                    properties:
+                      key:
+                        type: string
+                      secretName:
+                        type: string
+                    required:
+                    - key
+                    - secretName
+                    type: object
                 required:
-                - secretName
+                - secret
                 type: object
-              databaseRef:
-                type: string
-              image:
+              tdeSecret:
                 properties:
-                  pullFrom:
-                    type: string
-                  pullSecrets:
-                    type: string
-                  version:
-                    type: string
+                  secret:
+                    properties:
+                      key:
+                        type: string
+                      secretName:
+                        type: string
+                    required:
+                    - key
+                    - secretName
+                    type: object
                 required:
-                - pullFrom
-                type: object
-              loadBalancer:
-                type: boolean
-              mongoDbApi:
-                type: boolean
-              nodeSelector:
-                additionalProperties:
-                  type: string
+                - secret
                 type: object
-              oracleService:
+              tempSize:
                 type: string
-              ordsPassword:
+              totalSize:
+                type: string
+              unlimitedStorage:
+                default: true
+                type: boolean
+              webServerPwd:
                 properties:
-                  keepSecret:
-                    type: boolean
-                  secretKey:
-                    default: oracle_pwd
-                    type: string
-                  secretName:
-                    type: string
+                  secret:
+                    properties:
+                      key:
+                        type: string
+                      secretName:
+                        type: string
+                    required:
+                    - key
+                    - secretName
+                    type: object
                 required:
-                - secretName
+                - secret
                 type: object
-              ordsUser:
-                type: string
-              persistence:
+              webServerUser:
                 properties:
-                  accessMode:
-                    enum:
-                    - ReadWriteOnce
-                    - ReadWriteMany
-                    type: string
-                  setWritePermissions:
-                    type: boolean
-                  size:
-                    type: string
-                  storageClass:
-                    type: string
-                  volumeName:
-                    type: string
+                  secret:
+                    properties:
+                      key:
+                        type: string
+                      secretName:
+                        type: string
+                    required:
+                    - key
+                    - secretName
+                    type: object
+                required:
+                - secret
                 type: object
-              readinessCheckPeriod:
-                type: integer
-              replicas:
-                minimum: 1
-                type: integer
-              restEnableSchemas:
-                items:
-                  properties:
-                    enable:
-                      type: boolean
-                    pdbName:
-                      type: string
-                    schemaName:
-                      type: string
-                    urlMapping:
-                      type: string
-                  required:
-                  - enable
-                  - schemaName
-                  type: object
-                type: array
-              serviceAccountName:
+              xmlFileName:
                 type: string
-              serviceAnnotations:
-                additionalProperties:
-                  type: string
-                type: object
-            required:
-            - adminPassword
-            - databaseRef
-            - ordsPassword
             type: object
-          status:
-            properties:
-              apexConfigured:
-                type: boolean
-              apexUrl:
+          status:
+            properties:
+              action:
                 type: string
-              commonUsersCreated:
-                type: boolean
-              databaseActionsUrl:
+              alterSystem:
                 type: string
-              databaseApiUrl:
+              bitstat:
+                type: integer
+              bitstatstr:
                 type: string
-              databaseRef:
+              connString:
                 type: string
-              image:
-                properties:
-                  pullFrom:
-                    type: string
-                  pullSecrets:
-                    type: string
-                  version:
-                    type: string
-                required:
-                - pullFrom
-                type: object
-              loadBalancer:
+              lastplsql:
                 type: string
-              mongoDbApi:
-                type: boolean
-              mongoDbApiAccessUrl:
+              modifyOption:
                 type: string
-              ordsInstalled:
-                type: boolean
-              replicas:
+              msg:
+                type: string
+              openMode:
+                type: string
+              pdbBitMask:
                 type: integer
-              serviceIP:
+              pdbBitMaskStr:
+                type: string
+              phase:
+                type: string
+              restricted:
                 type: string
+              sqlCode:
+                type: integer
               status:
+                type: boolean
+              totalSize:
                 type: string
+            required:
+            - phase
+            - sqlCode
+            - status
             type: object
         type: object
     served: true
@@ -10732,45 +10604,37 @@ apiVersion: apiextensions.k8s.io/v1
 kind: CustomResourceDefinition
 metadata:
   annotations:
-    controller-gen.kubebuilder.io/version: v0.16.5
-  name: ordssrvs.database.oracle.com
+    cert-manager.io/inject-ca-from: oracle-database-operator-system/oracle-database-operator-serving-cert
+    controller-gen.kubebuilder.io/version: v0.17.3
+  name: oraclerestarts.database.oracle.com
 spec:
   group: database.oracle.com
   names:
-    kind: OrdsSrvs
-    listKind: OrdsSrvsList
-    plural: ordssrvs
-    singular: ordssrvs
+    kind: OracleRestart
+    listKind: OracleRestartList
+    plural: oraclerestarts
+    singular: oraclerestart
   scope: Namespaced
   versions:
   - additionalPrinterColumns:
-    - jsonPath: .status.status
-      name: status
+    - jsonPath: .status.configParams.dbName
+      name: DbName
       type: string
-    - jsonPath: .status.workloadType
-      name: workloadType
+    - jsonPath: .status.dbState
+      name: DbState
       type: string
-    - jsonPath: .status.ordsVersion
-      name: ordsVersion
+    - jsonPath: .status.role
+      name: Role
+      type: string
+    - jsonPath: .status.releaseUpdate
+      name: Version
+      type: string
+    - jsonPath: .status.pdbConnectString
+      name: Pdb Connect Str
+      type: string
+    - jsonPath: .status.state
+      name: State
       type: string
-    - jsonPath: .status.httpPort
-      name: httpPort
-      type: integer
-    - jsonPath: .status.httpsPort
-      name: httpsPort
-      type: integer
-    - jsonPath: .status.mongoPort
-      name: MongoPort
-      type: integer
-    - jsonPath: .status.restartRequired
-      name: restartRequired
-      type: boolean
-    - jsonPath: .metadata.creationTimestamp
-      name: AGE
-      type: date
-    - jsonPath: .status.ordsInstalled
-      name: OrdsInstalled
-      type: boolean
     name: v4
     schema:
       openAPIV3Schema:
@@ -10783,375 +10647,775 @@ spec:
             type: object
           spec:
             properties:
-              encPrivKey:
+              asmStorageDetails:
                 properties:
-                  passwordKey:
-                    default: password
+                  autoUpdate:
+                    type: string
+                  disksBySize:
+                    items:
+                      properties:
+                        diskNames:
+                          items:
+                            type: string
+                          type: array
+                        storageSizeInGb:
+                          type: integer
+                      type: object
+                    type: array
+                type: object
+              configParams:
+                properties:
+                  cpuCount:
+                    type: integer
+                  crsAsmDeviceList:
+                    type: string
+                  crsAsmDiskDg:
+                    type: string
+                  crsAsmDiskDgRedundancy:
+                    type: string
+                  dbAsmDeviceList:
+                    type: string
+                  dbAsmDiskDgRedundancy:
+                    type: string
+                  dbBase:
+                    type: string
+                  dbCharSet:
+                    type: string
+                  dbConfigType:
+                    type: string
+                  dbDataFileDestDg:
+                    type: string
+                  dbHome:
+                    type: string
+                  dbName:
+                    type: string
+                  dbOneOffIds:
+                    type: string
+                  dbRecoveryFileDest:
+                    type: string
+                  dbRecoveryFileDestSize:
+                    type: string
+                  dbRedoFileSize:
+                    type: string
+                  dbResponseFile:
+                    properties:
+                      configMapName:
+                        type: string
+                      name:
+                        type: string
+                    type: object
+                  dbStorageType:
+                    type: string
+                  dbSwZipFile:
+                    type: string
+                  dbType:
+                    type: string
+                  dbUniqueName:
+                    type: string
+                  enableArchiveLog:
+                    type: string
+                  gridBase:
+                    type: string
+                  gridHome:
+                    type: string
+                  gridOneOffIds:
+                    type: string
+                  gridResponseFile:
+                    properties:
+                      configMapName:
+                        type: string
+                      name:
+                        type: string
+                    type: object
+                  gridSwZipFile:
+                    type: string
+                  hostSwStageLocation:
+                    type: string
+                  inventory:
+                    type: string
+                  oPatchLocation:
+                    type: string
+                  oPatchSwZipFile:
+                    type: string
+                  oneOffLocation:
+                    type: string
+                  opType:
+                    type: string
+                  pdbName:
+                    type: string
+                  pgaSize:
+                    type: string
+                  processes:
+                    type: integer
+                  recoAsmDeviceList:
+                    type: string
+                  recoAsmDiskDgRedundancy:
+                    type: string
+                  redoAsmDeviceList:
+                    type: string
+                  redoAsmDiskDg:
+                    type: string
+                  redoAsmDiskDgRedundancy:
+                    type: string
+                  ruFolderName:
+                    type: string
+                  ruPatchLocation:
+                    type: string
+                  sgaSize:
+                    type: string
+                  stagingSoftwareLocation:
+                    type: string
+                  swMountLocation:
+                    type: string
+                  swStagePvc:
+                    type: string
+                  swStagePvcMountLocation:
+                    type: string
+                type: object
+              crsDgStorageClass:
+                type: string
+              dataDgStorageClass:
+                type: string
+              dbSecret:
+                properties:
+                  encryptionType:
+                    type: string
+                  keyFileMountLocation:
+                    type: string
+                  keyFileName:
+                    type: string
+                  keySecretName:
+                    type: string
+                  name:
+                    type: string
+                  pwdFileMountLocation:
+                    type: string
+                  pwdFileName:
+                    type: string
+                type: object
+              enableOns:
+                default: enable
+                enum:
+                - enable
+                - disable
+                type: string
+              image:
+                type: string
+              imagePullPolicy:
+                enum:
+                - Always
+                - IfNotPresent
+                - Never
+                type: string
+              imagePullSecret:
+                type: string
+              instDetails:
+                properties:
+                  envFile:
+                    type: string
+                  envVars:
+                    items:
+                      properties:
+                        name:
+                          type: string
+                        value:
+                          type: string
+                        valueFrom:
+                          properties:
+                            configMapKeyRef:
+                              properties:
+                                key:
+                                  type: string
+                                name:
+                                  default: ""
+                                  type: string
+                                optional:
+                                  type: boolean
+                              required:
+                              - key
+                              type: object
+                              x-kubernetes-map-type: atomic
+                            fieldRef:
+                              properties:
+                                apiVersion:
+                                  type: string
+                                fieldPath:
+                                  type: string
+                              required:
+                              - fieldPath
+                              type: object
+                              x-kubernetes-map-type: atomic
+                            fileKeyRef:
+                              properties:
+                                key:
+                                  type: string
+                                optional:
+                                  default: false
+                                  type: boolean
+                                path:
+                                  type: string
+                                volumeName:
+                                  type: string
+                              required:
+                              - key
+                              - path
+                              - volumeName
+                              type: object
+                              x-kubernetes-map-type: atomic
+                            resourceFieldRef:
+                              properties:
+                                containerName:
+                                  type: string
+                                divisor:
+                                  anyOf:
+                                  - type: integer
+                                  - type: string
+                                  pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+                                  x-kubernetes-int-or-string: true
+                                resource:
+                                  type: string
+                              required:
+                              - resource
+                              type: object
+                              x-kubernetes-map-type: atomic
+                            secretKeyRef:
+                              properties:
+                                key:
+                                  type: string
+                                name:
+                                  default: ""
+                                  type: string
+                                optional:
+                                  type: boolean
+                              required:
+                              - key
+                              type: object
+                              x-kubernetes-map-type: atomic
+                          type: object
+                      required:
+                      - name
+                      type: object
+                    type: array
+                  hostSwLocation:
                     type: string
-                  secretName:
+                  isDelete:
                     type: string
-                required:
-                - secretName
+                  isForceDelete:
+                    type: string
+                  isKeepPVC:
+                    type: string
+                  label:
+                    type: string
+                  name:
+                    type: string
+                  pvcName:
+                    additionalProperties:
+                      type: string
+                    type: object
+                  swLocStorageSizeInGb:
+                    type: integer
+                  workerNode:
+                    items:
+                      type: string
+                    type: array
                 type: object
-              forceRestart:
+              isDebug:
+                type: string
+              isDeleteTopology:
+                type: string
+              isFailed:
                 type: boolean
-              globalSettings:
+              isManual:
+                type: boolean
+              lbService:
                 properties:
-                  cache.metadata.enabled:
-                    type: boolean
-                  cache.metadata.graphql.expireAfterAccess:
-                    format: int64
-                    type: integer
-                  cache.metadata.graphql.expireAfterWrite:
-                    format: int64
-                    type: integer
-                  cache.metadata.jwks.enabled:
-                    type: boolean
-                  cache.metadata.jwks.expireAfterAccess:
-                    format: int64
+                  name:
+                    type: string
+                  onsLocalPort:
+                    format: int32
                     type: integer
-                  cache.metadata.jwks.expireAfterWrite:
-                    format: int64
+                  onsTargetPort:
+                    format: int32
                     type: integer
-                  cache.metadata.jwks.initialCapacity:
+                  portMappings:
+                    items:
+                      properties:
+                        nodePort:
+                          format: int32
+                          type: integer
+                        port:
+                          format: int32
+                          type: integer
+                        protocol:
+                          default: TCP
+                          enum:
+                          - TCP
+                          - UDP
+                          - SCTP
+                          type: string
+                        targetPort:
+                          format: int32
+                          type: integer
+                      type: object
+                    type: array
+                  svcAnnotation:
+                    additionalProperties:
+                      type: string
+                    type: object
+                  svcLBIP:
+                    type: string
+                  svcType:
+                    type: string
+                type: object
+              nodePortSvc:
+                properties:
+                  name:
+                    type: string
+                  onsLocalPort:
                     format: int32
                     type: integer
-                  cache.metadata.jwks.maximumSize:
+                  onsTargetPort:
                     format: int32
                     type: integer
-                  cache.metadata.timeout:
-                    format: int64
+                  portMappings:
+                    items:
+                      properties:
+                        nodePort:
+                          format: int32
+                          type: integer
+                        port:
+                          format: int32
+                          type: integer
+                        protocol:
+                          default: TCP
+                          enum:
+                          - TCP
+                          - UDP
+                          - SCTP
+                          type: string
+                        targetPort:
+                          format: int32
+                          type: integer
+                      type: object
+                    type: array
+                  svcAnnotation:
+                    additionalProperties:
+                      type: string
+                    type: object
+                  svcLBIP:
+                    type: string
+                  svcType:
+                    type: string
+                type: object
+              readinessProbe:
+                properties:
+                  exec:
+                    properties:
+                      command:
+                        items:
+                          type: string
+                        type: array
+                        x-kubernetes-list-type: atomic
+                    type: object
+                  failureThreshold:
+                    format: int32
                     type: integer
-                  certSecret:
+                  grpc:
                     properties:
-                      cert:
+                      port:
+                        format: int32
+                        type: integer
+                      service:
+                        default: ""
                         type: string
-                      key:
+                    required:
+                    - port
+                    type: object
+                  httpGet:
+                    properties:
+                      host:
                         type: string
-                      secretName:
+                      httpHeaders:
+                        items:
+                          properties:
+                            name:
+                              type: string
+                            value:
+                              type: string
+                          required:
+                          - name
+                          - value
+                          type: object
+                        type: array
+                        x-kubernetes-list-type: atomic
+                      path:
+                        type: string
+                      port:
+                        anyOf:
+                        - type: integer
+                        - type: string
+                        x-kubernetes-int-or-string: true
+                      scheme:
                         type: string
                     required:
-                    - cert
-                    - key
-                    - secretName
+                    - port
                     type: object
-                  database.api.enabled:
-                    type: boolean
-                  database.api.management.services.disabled:
-                    type: boolean
-                  db.invalidPoolTimeout:
-                    format: int64
+                  initialDelaySeconds:
+                    format: int32
                     type: integer
-                  debug.printDebugToScreen:
-                    type: boolean
-                  enable.mongo.access.log:
-                    default: false
-                    type: boolean
-                  enable.standalone.access.log:
-                    default: false
-                    type: boolean
-                  error.responseFormat:
-                    type: string
-                  feature.grahpql.max.nesting.depth:
+                  periodSeconds:
                     format: int32
                     type: integer
-                  icap.port:
+                  successThreshold:
                     format: int32
                     type: integer
-                  icap.secure.port:
+                  tcpSocket:
+                    properties:
+                      host:
+                        type: string
+                      port:
+                        anyOf:
+                        - type: integer
+                        - type: string
+                        x-kubernetes-int-or-string: true
+                    required:
+                    - port
+                    type: object
+                  terminationGracePeriodSeconds:
+                    format: int64
+                    type: integer
+                  timeoutSeconds:
                     format: int32
                     type: integer
-                  icap.server:
+                type: object
+              recoDgStorageClass:
+                type: string
+              redoDgStorageClass:
+                type: string
+              resources:
+                properties:
+                  claims:
+                    items:
+                      properties:
+                        name:
+                          type: string
+                        request:
+                          type: string
+                      required:
+                      - name
+                      type: object
+                    type: array
+                    x-kubernetes-list-map-keys:
+                    - name
+                    x-kubernetes-list-type: map
+                  limits:
+                    additionalProperties:
+                      anyOf:
+                      - type: integer
+                      - type: string
+                      pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+                      x-kubernetes-int-or-string: true
+                    type: object
+                  requests:
+                    additionalProperties:
+                      anyOf:
+                      - type: integer
+                      - type: string
+                      pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+                      x-kubernetes-int-or-string: true
+                    type: object
+                type: object
+              scriptsGetCmd:
+                type: string
+              scriptsLocation:
+                type: string
+              securityContext:
+                properties:
+                  appArmorProfile:
+                    properties:
+                      localhostProfile:
+                        type: string
+                      type:
+                        type: string
+                    required:
+                    - type
+                    type: object
+                  fsGroup:
+                    format: int64
+                    type: integer
+                  fsGroupChangePolicy:
                     type: string
-                  log.procedure:
-                    type: boolean
-                  mongo.enabled:
-                    type: boolean
-                  mongo.idle.timeout:
+                  runAsGroup:
                     format: int64
                     type: integer
-                  mongo.op.timeout:
+                  runAsNonRoot:
+                    type: boolean
+                  runAsUser:
                     format: int64
                     type: integer
-                  mongo.port:
-                    default: 27017
-                    format: int32
+                  seLinuxChangePolicy:
+                    type: string
+                  seLinuxOptions:
+                    properties:
+                      level:
+                        type: string
+                      role:
+                        type: string
+                      type:
+                        type: string
+                      user:
+                        type: string
+                    type: object
+                  seccompProfile:
+                    properties:
+                      localhostProfile:
+                        type: string
+                      type:
+                        type: string
+                    required:
+                    - type
+                    type: object
+                  supplementalGroups:
+                    items:
+                      format: int64
+                      type: integer
+                    type: array
+                    x-kubernetes-list-type: atomic
+                  supplementalGroupsPolicy:
+                    type: string
+                  sysctls:
+                    items:
+                      properties:
+                        name:
+                          type: string
+                        value:
+                          type: string
+                      required:
+                      - name
+                      - value
+                      type: object
+                    type: array
+                    x-kubernetes-list-type: atomic
+                  windowsOptions:
+                    properties:
+                      gmsaCredentialSpec:
+                        type: string
+                      gmsaCredentialSpecName:
+                        type: string
+                      hostProcess:
+                        type: boolean
+                      runAsUserName:
+                        type: string
+                    type: object
+                type: object
+              serviceAccountName:
+                type: string
+              serviceDetails:
+                properties:
+                  available:
+                    items:
+                      type: string
+                    type: array
+                  cardinality:
+                    type: string
+                  clbGoal:
+                    type: string
+                  commitOutComeFastPath:
+                    type: string
+                  commitOutcome:
+                    type: string
+                  drainTimeOut:
                     type: integer
-                  request.traceHeaderName:
+                  dtp:
+                    type: string
+                  edition:
+                    type: string
+                  failBack:
+                    type: string
+                  failOverDelay:
+                    type: integer
+                  failOverRestore:
+                    type: string
+                  failOverRetry:
+                    type: integer
+                  failOverType:
+                    type: string
+                  name:
+                    type: string
+                  notification:
+                    type: string
+                  pdb:
+                    type: string
+                  preferred:
+                    items:
+                      type: string
+                    type: array
+                  retenion:
+                    type: integer
+                  rlbGoal:
+                    type: string
+                  role:
+                    type: string
+                  sessionState:
+                    type: string
+                  stopOption:
+                    type: string
+                  svcState:
+                    type: string
+                  tafPolicy:
+                    type: string
+                required:
+                - name
+                type: object
+              sshKeySecret:
+                properties:
+                  keyMountLocation:
+                    type: string
+                  name:
+                    type: string
+                  privKeySecretName:
+                    type: string
+                  pubKeySecretName:
+                    type: string
+                required:
+                - name
+                type: object
+              swDgStorageClass:
+                type: string
+              tdeWalletSecret:
+                properties:
+                  encryptionType:
                     type: string
-                  security.credentials.attempts:
-                    format: int32
-                    type: integer
-                  security.credentials.lock.time:
-                    format: int64
-                    type: integer
-                  security.disableDefaultExclusionList:
-                    type: boolean
-                  security.exclusionList:
+                  keyFileMountLocation:
                     type: string
-                  security.externalSessionTrustedOrigins:
+                  keyFileName:
                     type: string
-                  security.forceHTTPS:
-                    type: boolean
-                  security.httpsHeaderCheck:
+                  keySecretName:
                     type: string
-                  security.inclusionList:
+                  name:
                     type: string
-                  security.maxEntries:
-                    format: int32
-                    type: integer
-                  security.verifySSL:
-                    type: boolean
-                  standalone.context.path:
-                    default: /ords
+                  pwdFileMountLocation:
                     type: string
-                  standalone.http.port:
-                    default: 8080
-                    format: int32
-                    type: integer
-                  standalone.https.host:
+                  pwdFileName:
                     type: string
-                  standalone.https.port:
-                    default: 8443
-                    format: int32
-                    type: integer
-                  standalone.stop.timeout:
-                    format: int64
-                    type: integer
                 type: object
-              image:
-                type: string
-              imagePullPolicy:
-                default: IfNotPresent
-                enum:
-                - IfNotPresent
-                - Always
-                - Never
-                type: string
-              imagePullSecrets:
+            required:
+            - instDetails
+            - securityContext
+            type: object
+          status:
+            properties:
+              DbName:
                 type: string
-              poolSettings:
+              OracleRestartNodes:
                 items:
                   properties:
-                    apex.security.administrator.roles:
-                      type: string
-                    apex.security.user.roles:
-                      type: string
-                    autoUpgradeAPEX:
-                      default: false
-                      type: boolean
-                    autoUpgradeORDS:
-                      default: false
-                      type: boolean
-                    db.adminUser:
-                      type: string
-                    db.adminUser.secret:
-                      properties:
-                        passwordKey:
-                          default: password
-                          type: string
-                        secretName:
-                          type: string
-                      required:
-                      - secretName
-                      type: object
-                    db.cdb.adminUser:
-                      type: string
-                    db.cdb.adminUser.secret:
-                      properties:
-                        passwordKey:
-                          default: password
-                          type: string
-                        secretName:
-                          type: string
-                      required:
-                      - secretName
-                      type: object
-                    db.connectionType:
-                      enum:
-                      - basic
-                      - tns
-                      - customurl
-                      type: string
-                    db.credentialsSource:
-                      enum:
-                      - pool
-                      - request
-                      type: string
-                    db.customURL:
-                      type: string
-                    db.hostname:
+                    name:
                       type: string
-                    db.poolDestroyTimeout:
-                      format: int64
-                      type: integer
-                    db.port:
-                      format: int32
-                      type: integer
-                    db.secret:
+                    nodeDetails:
                       properties:
-                        passwordKey:
-                          default: password
+                        InstanceState:
                           type: string
-                        secretName:
+                        PodState:
                           type: string
-                      required:
-                      - secretName
-                      type: object
-                    db.servicename:
-                      type: string
-                    db.sid:
-                      type: string
-                    db.tnsAliasName:
-                      type: string
-                    db.username:
-                      default: ORDS_PUBLIC_USER
-                      type: string
-                    db.wallet.zip.service:
-                      type: string
-                    dbWalletSecret:
-                      properties:
-                        secretName:
+                        clusterState:
                           type: string
-                        walletName:
+                        isDelete:
                           type: string
-                      required:
-                      - secretName
-                      - walletName
-                      type: object
-                    debug.trackResources:
-                      type: boolean
-                    feature.openservicebroker.exclude:
-                      type: boolean
-                    feature.sdw:
-                      type: boolean
-                    http.cookie.filter:
-                      type: string
-                    jdbc.DriverType:
-                      enum:
-                      - thin
-                      - oci8
-                      type: string
-                    jdbc.InactivityTimeout:
-                      format: int32
-                      type: integer
-                    jdbc.InitialLimit:
-                      format: int32
-                      type: integer
-                    jdbc.MaxConnectionReuseCount:
-                      format: int32
-                      type: integer
-                    jdbc.MaxConnectionReuseTime:
-                      format: int32
-                      type: integer
-                    jdbc.MaxLimit:
-                      format: int32
-                      type: integer
-                    jdbc.MaxStatementsLimit:
-                      format: int32
-                      type: integer
-                    jdbc.MinLimit:
-                      format: int32
-                      type: integer
-                    jdbc.SecondsToTrustIdleConnection:
-                      format: int32
-                      type: integer
-                    jdbc.auth.admin.role:
-                      type: string
-                    jdbc.auth.enabled:
-                      type: boolean
-                    jdbc.cleanup.mode:
-                      type: string
-                    jdbc.statementTimeout:
-                      format: int32
-                      type: integer
-                    misc.defaultPage:
-                      type: string
-                    misc.pagination.maxRows:
-                      format: int32
-                      type: integer
-                    owa.trace.sql:
-                      type: boolean
-                    plsql.gateway.mode:
-                      enum:
-                      - disabled
-                      - direct
-                      - proxied
-                      type: string
-                    poolName:
-                      type: string
-                    procedure.preProcess:
-                      type: string
-                    procedure.rest.preHook:
-                      type: string
-                    procedurePostProcess:
-                      type: string
-                    restEnabledSql.active:
-                      type: boolean
-                    security.jwks.connection.timeout:
-                      format: int64
-                      type: integer
-                    security.jwks.read.timeout:
-                      format: int64
-                      type: integer
-                    security.jwks.refresh.interval:
-                      format: int64
-                      type: integer
-                    security.jwks.size:
-                      format: int32
-                      type: integer
-                    security.jwt.allowed.age:
-                      format: int64
-                      type: integer
-                    security.jwt.allowed.skew:
-                      format: int64
-                      type: integer
-                    security.jwt.profile.enabled:
-                      type: boolean
-                    security.requestAuthenticationFunction:
-                      type: string
-                    security.requestValidationFunction:
-                      default: ords_util.authorize_plsql_gateway
-                      type: string
-                    security.validationFunctionType:
-                      enum:
-                      - plsql
-                      - javascript
-                      type: string
-                    soda.defaultLimit:
-                      type: string
-                    soda.maxLimit:
-                      type: string
-                    tnsAdminSecret:
-                      properties:
-                        secretName:
+                        mountedDevices:
+                          items:
+                            type: string
+                          type: array
+                        nodePortSvc:
+                          items:
+                            properties:
+                              name:
+                                type: string
+                              onsLocalPort:
+                                format: int32
+                                type: integer
+                              onsTargetPort:
+                                format: int32
+                                type: integer
+                              portMappings:
+                                items:
+                                  properties:
+                                    nodePort:
+                                      format: int32
+                                      type: integer
+                                    port:
+                                      format: int32
+                                      type: integer
+                                    protocol:
+                                      default: TCP
+                                      enum:
+                                      - TCP
+                                      - UDP
+                                      - SCTP
+                                      type: string
+                                    targetPort:
+                                      format: int32
+                                      type: integer
+                                  type: object
+                                type: array
+                              svcAnnotation:
+                                additionalProperties:
+                                  type: string
+                                type: object
+                              svcLBIP:
+                                type: string
+                              svcType:
+                                type: string
+                            type: object
+                          type: array
+                        portMappings:
+                          items:
+                            properties:
+                              nodePort:
+                                format: int32
+                                type: integer
+                              port:
+                                format: int32
+                                type: integer
+                              protocol:
+                                default: TCP
+                                enum:
+                                - TCP
+                                - UDP
+                                - SCTP
+                                type: string
+                              targetPort:
+                                format: int32
+                                type: integer
+                            type: object
+                          type: array
+                        pvcName:
+                          additionalProperties:
+                            type: string
+                          type: object
+                        state:
+                          type: string
+                        workerNode:
                           type: string
-                      required:
-                      - secretName
                       type: object
-                  required:
-                  - db.secret
-                  - poolName
                   type: object
                 type: array
-              replicas:
-                default: 1
-                format: int32
-                minimum: 1
-                type: integer
-              workloadType:
-                default: Deployment
-                enum:
-                - Deployment
-                - StatefulSet
-                - DaemonSet
-                type: string
-            required:
-            - globalSettings
-            - image
-            type: object
-          status:
-            properties:
+              asmDetails:
+                properties:
+                  diskgroup:
+                    items:
+                      properties:
+                        disks:
+                          items:
+                            type: string
+                          type: array
+                        name:
+                          type: string
+                        redundancy:
+                          type: string
+                      type: object
+                    type: array
+                type: object
               conditions:
                 items:
                   properties:
@@ -11188,353 +11452,771 @@ spec:
                   - type
                   type: object
                 type: array
-              httpPort:
-                format: int32
-                type: integer
-              httpsPort:
-                format: int32
-                type: integer
-              mongoPort:
-                format: int32
-                type: integer
-              ordsInstalled:
-                type: boolean
-              ordsVersion:
+                x-kubernetes-list-map-keys:
+                - type
+                x-kubernetes-list-type: map
+              configParams:
+                properties:
+                  cpuCount:
+                    type: integer
+                  crsAsmDeviceList:
+                    type: string
+                  crsAsmDiskDg:
+                    type: string
+                  crsAsmDiskDgRedundancy:
+                    type: string
+                  dbAsmDeviceList:
+                    type: string
+                  dbAsmDiskDgRedundancy:
+                    type: string
+                  dbBase:
+                    type: string
+                  dbCharSet:
+                    type: string
+                  dbConfigType:
+                    type: string
+                  dbDataFileDestDg:
+                    type: string
+                  dbHome:
+                    type: string
+                  dbName:
+                    type: string
+                  dbOneOffIds:
+                    type: string
+                  dbRecoveryFileDest:
+                    type: string
+                  dbRecoveryFileDestSize:
+                    type: string
+                  dbRedoFileSize:
+                    type: string
+                  dbResponseFile:
+                    properties:
+                      configMapName:
+                        type: string
+                      name:
+                        type: string
+                    type: object
+                  dbStorageType:
+                    type: string
+                  dbSwZipFile:
+                    type: string
+                  dbType:
+                    type: string
+                  dbUniqueName:
+                    type: string
+                  enableArchiveLog:
+                    type: string
+                  gridBase:
+                    type: string
+                  gridHome:
+                    type: string
+                  gridOneOffIds:
+                    type: string
+                  gridResponseFile:
+                    properties:
+                      configMapName:
+                        type: string
+                      name:
+                        type: string
+                    type: object
+                  gridSwZipFile:
+                    type: string
+                  hostSwStageLocation:
+                    type: string
+                  inventory:
+                    type: string
+                  oPatchLocation:
+                    type: string
+                  oPatchSwZipFile:
+                    type: string
+                  oneOffLocation:
+                    type: string
+                  opType:
+                    type: string
+                  pdbName:
+                    type: string
+                  pgaSize:
+                    type: string
+                  processes:
+                    type: integer
+                  recoAsmDeviceList:
+                    type: string
+                  recoAsmDiskDgRedundancy:
+                    type: string
+                  redoAsmDeviceList:
+                    type: string
+                  redoAsmDiskDg:
+                    type: string
+                  redoAsmDiskDgRedundancy:
+                    type: string
+                  ruFolderName:
+                    type: string
+                  ruPatchLocation:
+                    type: string
+                  sgaSize:
+                    type: string
+                  stagingSoftwareLocation:
+                    type: string
+                  swMountLocation:
+                    type: string
+                  swStagePvc:
+                    type: string
+                  swStagePvcMountLocation:
+                    type: string
+                type: object
+              connectString:
                 type: string
-              restartRequired:
-                type: boolean
-              status:
+              dbSecret:
+                properties:
+                  encryptionType:
+                    type: string
+                  keyFileMountLocation:
+                    type: string
+                  keyFileName:
+                    type: string
+                  keySecretName:
+                    type: string
+                  name:
+                    type: string
+                  pwdFileMountLocation:
+                    type: string
+                  pwdFileName:
+                    type: string
+                type: object
+              dbState:
+                type: string
+              externalConnectString:
+                type: string
+              externalSvcType:
+                type: string
+              image:
+                type: string
+              imagePullPolicy:
+                type: string
+              imagePullSecret:
+                type: string
+              instDetails:
+                properties:
+                  envFile:
+                    type: string
+                  envVars:
+                    items:
+                      properties:
+                        name:
+                          type: string
+                        value:
+                          type: string
+                        valueFrom:
+                          properties:
+                            configMapKeyRef:
+                              properties:
+                                key:
+                                  type: string
+                                name:
+                                  default: ""
+                                  type: string
+                                optional:
+                                  type: boolean
+                              required:
+                              - key
+                              type: object
+                              x-kubernetes-map-type: atomic
+                            fieldRef:
+                              properties:
+                                apiVersion:
+                                  type: string
+                                fieldPath:
+                                  type: string
+                              required:
+                              - fieldPath
+                              type: object
+                              x-kubernetes-map-type: atomic
+                            fileKeyRef:
+                              properties:
+                                key:
+                                  type: string
+                                optional:
+                                  default: false
+                                  type: boolean
+                                path:
+                                  type: string
+                                volumeName:
+                                  type: string
+                              required:
+                              - key
+                              - path
+                              - volumeName
+                              type: object
+                              x-kubernetes-map-type: atomic
+                            resourceFieldRef:
+                              properties:
+                                containerName:
+                                  type: string
+                                divisor:
+                                  anyOf:
+                                  - type: integer
+                                  - type: string
+                                  pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+                                  x-kubernetes-int-or-string: true
+                                resource:
+                                  type: string
+                              required:
+                              - resource
+                              type: object
+                              x-kubernetes-map-type: atomic
+                            secretKeyRef:
+                              properties:
+                                key:
+                                  type: string
+                                name:
+                                  default: ""
+                                  type: string
+                                optional:
+                                  type: boolean
+                              required:
+                              - key
+                              type: object
+                              x-kubernetes-map-type: atomic
+                          type: object
+                      required:
+                      - name
+                      type: object
+                    type: array
+                  hostSwLocation:
+                    type: string
+                  isDelete:
+                    type: string
+                  isForceDelete:
+                    type: string
+                  isKeepPVC:
+                    type: string
+                  label:
+                    type: string
+                  name:
+                    type: string
+                  pvcName:
+                    additionalProperties:
+                      type: string
+                    type: object
+                  swLocStorageSizeInGb:
+                    type: integer
+                  workerNode:
+                    items:
+                      type: string
+                    type: array
+                type: object
+              installNode:
+                type: string
+              isDebug:
+                type: string
+              isDeleteOraPvc:
+                type: string
+              isDeleteTopology:
                 type: string
-              workloadType:
+              nfsStorageDetails:
+                properties:
+                  path:
+                    type: string
+                  readOnly:
+                    type: boolean
+                  server:
+                    type: string
+                required:
+                - path
+                - server
+                type: object
+              oldSpec:
                 type: string
-            required:
-            - restartRequired
-            type: object
-        type: object
-    served: true
-    storage: true
-    subresources:
-      status: {}
----
-apiVersion: apiextensions.k8s.io/v1
-kind: CustomResourceDefinition
-metadata:
-  annotations:
-    cert-manager.io/inject-ca-from: oracle-database-operator-system/oracle-database-operator-serving-cert
-    controller-gen.kubebuilder.io/version: v0.16.5
-  name: pdbs.database.oracle.com
-spec:
-  group: database.oracle.com
-  names:
-    kind: PDB
-    listKind: PDBList
-    plural: pdbs
-    singular: pdb
-  scope: Namespaced
-  versions:
-  - additionalPrinterColumns:
-    - description: Name of the CDB
-      jsonPath: .spec.cdbName
-      name: CDB Name
-      type: string
-    - description: Name of the PDB
-      jsonPath: .spec.pdbName
-      name: PDB Name
-      type: string
-    - description: PDB Open Mode
-      jsonPath: .status.openMode
-      name: PDB State
-      type: string
-    - description: Total Size of the PDB
-      jsonPath: .status.totalSize
-      name: PDB Size
-      type: string
-    - description: Status of the PDB Resource
-      jsonPath: .status.phase
-      name: Status
-      type: string
-    - description: Error message, if any
-      jsonPath: .status.msg
-      name: Message
-      type: string
-    - description: The connect string to be used
-      jsonPath: .status.connString
-      name: Connect_String
-      type: string
-    name: v1alpha1
-    schema:
-      openAPIV3Schema:
-        properties:
-          apiVersion:
-            type: string
-          kind:
-            type: string
-          metadata:
-            type: object
-          spec:
-            properties:
-              action:
-                enum:
-                - Create
-                - Clone
-                - Plug
-                - Unplug
-                - Delete
-                - Modify
-                - Status
-                - Map
+              pdbConnectString:
                 type: string
-              adminName:
+              readinessProbe:
                 properties:
-                  secret:
+                  exec:
                     properties:
-                      key:
-                        type: string
-                      secretName:
+                      command:
+                        items:
+                          type: string
+                        type: array
+                        x-kubernetes-list-type: atomic
+                    type: object
+                  failureThreshold:
+                    format: int32
+                    type: integer
+                  grpc:
+                    properties:
+                      port:
+                        format: int32
+                        type: integer
+                      service:
+                        default: ""
                         type: string
                     required:
-                    - key
-                    - secretName
+                    - port
                     type: object
-                required:
-                - secret
-                type: object
-              adminPwd:
-                properties:
-                  secret:
+                  httpGet:
                     properties:
-                      key:
+                      host:
                         type: string
-                      secretName:
+                      httpHeaders:
+                        items:
+                          properties:
+                            name:
+                              type: string
+                            value:
+                              type: string
+                          required:
+                          - name
+                          - value
+                          type: object
+                        type: array
+                        x-kubernetes-list-type: atomic
+                      path:
+                        type: string
+                      port:
+                        anyOf:
+                        - type: integer
+                        - type: string
+                        x-kubernetes-int-or-string: true
+                      scheme:
                         type: string
                     required:
-                    - key
-                    - secretName
+                    - port
                     type: object
-                required:
-                - secret
+                  initialDelaySeconds:
+                    format: int32
+                    type: integer
+                  periodSeconds:
+                    format: int32
+                    type: integer
+                  successThreshold:
+                    format: int32
+                    type: integer
+                  tcpSocket:
+                    properties:
+                      host:
+                        type: string
+                      port:
+                        anyOf:
+                        - type: integer
+                        - type: string
+                        x-kubernetes-int-or-string: true
+                    required:
+                    - port
+                    type: object
+                  terminationGracePeriodSeconds:
+                    format: int64
+                    type: integer
+                  timeoutSeconds:
+                    format: int32
+                    type: integer
                 type: object
-              asClone:
-                type: boolean
-              assertivePdbDeletion:
-                type: boolean
-              cdbName:
-                type: string
-              cdbNamespace:
-                type: string
-              cdbResName:
-                type: string
-              copyAction:
-                enum:
-                - COPY
-                - NOCOPY
-                - MOVE
-                type: string
-              dropAction:
-                enum:
-                - INCLUDING
-                - KEEP
+              releaseUpdate:
                 type: string
-              fileNameConversions:
+              resources:
+                properties:
+                  claims:
+                    items:
+                      properties:
+                        name:
+                          type: string
+                        request:
+                          type: string
+                      required:
+                      - name
+                      type: object
+                    type: array
+                    x-kubernetes-list-map-keys:
+                    - name
+                    x-kubernetes-list-type: map
+                  limits:
+                    additionalProperties:
+                      anyOf:
+                      - type: integer
+                      - type: string
+                      pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+                      x-kubernetes-int-or-string: true
+                    type: object
+                  requests:
+                    additionalProperties:
+                      anyOf:
+                      - type: integer
+                      - type: string
+                      pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
+                      x-kubernetes-int-or-string: true
+                    type: object
+                type: object
+              role:
                 type: string
-              getScript:
-                type: boolean
-              modifyOption:
-                enum:
-                - IMMEDIATE
-                - NORMAL
-                - READ ONLY
-                - READ WRITE
-                - RESTRICTED
+              scriptsGetCmd:
                 type: string
-              pdbName:
+              scriptsLocation:
                 type: string
-              pdbOrdsPrvKey:
+              securityContext:
                 properties:
-                  secret:
+                  appArmorProfile:
                     properties:
-                      key:
+                      localhostProfile:
                         type: string
-                      secretName:
+                      type:
                         type: string
                     required:
-                    - key
-                    - secretName
+                    - type
                     type: object
-                required:
-                - secret
-                type: object
-              pdbOrdsPubKey:
-                properties:
-                  secret:
+                  fsGroup:
+                    format: int64
+                    type: integer
+                  fsGroupChangePolicy:
+                    type: string
+                  runAsGroup:
+                    format: int64
+                    type: integer
+                  runAsNonRoot:
+                    type: boolean
+                  runAsUser:
+                    format: int64
+                    type: integer
+                  seLinuxChangePolicy:
+                    type: string
+                  seLinuxOptions:
                     properties:
-                      key:
+                      level:
                         type: string
-                      secretName:
+                      role:
+                        type: string
+                      type:
+                        type: string
+                      user:
                         type: string
-                    required:
-                    - key
-                    - secretName
                     type: object
-                required:
-                - secret
-                type: object
-              pdbState:
-                enum:
-                - OPEN
-                - CLOSE
-                type: string
-              pdbTlsCat:
-                properties:
-                  secret:
+                  seccompProfile:
                     properties:
-                      key:
+                      localhostProfile:
                         type: string
-                      secretName:
+                      type:
                         type: string
                     required:
-                    - key
-                    - secretName
+                    - type
                     type: object
-                required:
-                - secret
-                type: object
-              pdbTlsCrt:
-                properties:
-                  secret:
+                  supplementalGroups:
+                    items:
+                      format: int64
+                      type: integer
+                    type: array
+                    x-kubernetes-list-type: atomic
+                  supplementalGroupsPolicy:
+                    type: string
+                  sysctls:
+                    items:
+                      properties:
+                        name:
+                          type: string
+                        value:
+                          type: string
+                      required:
+                      - name
+                      - value
+                      type: object
+                    type: array
+                    x-kubernetes-list-type: atomic
+                  windowsOptions:
                     properties:
-                      key:
+                      gmsaCredentialSpec:
                         type: string
-                      secretName:
+                      gmsaCredentialSpecName:
+                        type: string
+                      hostProcess:
+                        type: boolean
+                      runAsUserName:
                         type: string
-                    required:
-                    - key
-                    - secretName
                     type: object
+                type: object
+              serviceDetails:
+                properties:
+                  available:
+                    items:
+                      type: string
+                    type: array
+                  cardinality:
+                    type: string
+                  clbGoal:
+                    type: string
+                  commitOutComeFastPath:
+                    type: string
+                  commitOutcome:
+                    type: string
+                  drainTimeOut:
+                    type: integer
+                  dtp:
+                    type: string
+                  edition:
+                    type: string
+                  failBack:
+                    type: string
+                  failOverDelay:
+                    type: integer
+                  failOverRestore:
+                    type: string
+                  failOverRetry:
+                    type: integer
+                  failOverType:
+                    type: string
+                  name:
+                    type: string
+                  notification:
+                    type: string
+                  pdb:
+                    type: string
+                  preferred:
+                    items:
+                      type: string
+                    type: array
+                  retenion:
+                    type: integer
+                  rlbGoal:
+                    type: string
+                  role:
+                    type: string
+                  sessionState:
+                    type: string
+                  stopOption:
+                    type: string
+                  svcState:
+                    type: string
+                  tafPolicy:
+                    type: string
                 required:
-                - secret
+                - name
                 type: object
-              pdbTlsKey:
+              sshKeySecret:
                 properties:
-                  secret:
-                    properties:
-                      key:
-                        type: string
-                      secretName:
-                        type: string
-                    required:
-                    - key
-                    - secretName
-                    type: object
+                  keyMountLocation:
+                    type: string
+                  name:
+                    type: string
+                  privKeySecretName:
+                    type: string
+                  pubKeySecretName:
+                    type: string
                 required:
-                - secret
+                - name
                 type: object
-              reuseTempFile:
-                type: boolean
-              sourceFileNameConversions:
-                type: string
-              sparseClonePath:
+              state:
                 type: string
-              srcPdbName:
+              storageClass:
                 type: string
-              tdeExport:
-                type: boolean
-              tdeImport:
-                type: boolean
-              tdeKeystorePath:
+              storageSizeInGB:
+                type: integer
+              tdeWalletSecret:
+                properties:
+                  encryptionType:
+                    type: string
+                  keyFileMountLocation:
+                    type: string
+                  keyFileName:
+                    type: string
+                  keySecretName:
+                    type: string
+                  name:
+                    type: string
+                  pwdFileMountLocation:
+                    type: string
+                  pwdFileName:
+                    type: string
+                type: object
+              useNfsforSwStorage:
                 type: string
-              tdePassword:
+            type: object
+        type: object
+    served: true
+    storage: true
+    subresources:
+      status: {}
+---
+apiVersion: apiextensions.k8s.io/v1
+kind: CustomResourceDefinition
+metadata:
+  annotations:
+    cert-manager.io/inject-ca-from: oracle-database-operator-system/oracle-database-operator-serving-cert
+    controller-gen.kubebuilder.io/version: v0.17.3
+  name: oraclerestdataservices.database.oracle.com
+spec:
+  group: database.oracle.com
+  names:
+    kind: OracleRestDataService
+    listKind: OracleRestDataServiceList
+    plural: oraclerestdataservices
+    shortNames:
+    - ords
+    singular: oraclerestdataservice
+  scope: Namespaced
+  versions:
+  - additionalPrinterColumns:
+    - jsonPath: .status.status
+      name: Status
+      type: string
+    - jsonPath: .spec.databaseRef
+      name: Database
+      type: string
+    - jsonPath: .status.databaseApiUrl
+      name: Database API URL
+      type: string
+    - jsonPath: .status.databaseActionsUrl
+      name: Database Actions URL
+      type: string
+    - jsonPath: .status.apexUrl
+      name: Apex URL
+      type: string
+    - jsonPath: .status.mongoDbApiAccessUrl
+      name: MongoDbApi Access URL
+      type: string
+    name: v1alpha1
+    schema:
+      openAPIV3Schema:
+        properties:
+          apiVersion:
+            type: string
+          kind:
+            type: string
+          metadata:
+            type: object
+          spec:
+            properties:
+              adminPassword:
                 properties:
-                  secret:
-                    properties:
-                      key:
-                        type: string
-                      secretName:
-                        type: string
-                    required:
-                    - key
-                    - secretName
-                    type: object
+                  keepSecret:
+                    type: boolean
+                  secretKey:
+                    default: oracle_pwd
+                    type: string
+                  secretName:
+                    type: string
                 required:
-                - secret
+                - secretName
                 type: object
-              tdeSecret:
+              databaseRef:
+                type: string
+              image:
                 properties:
-                  secret:
-                    properties:
-                      key:
-                        type: string
-                      secretName:
-                        type: string
-                    required:
-                    - key
-                    - secretName
-                    type: object
+                  pullFrom:
+                    type: string
+                  pullSecrets:
+                    type: string
+                  version:
+                    type: string
                 required:
-                - secret
+                - pullFrom
                 type: object
-              tempSize:
-                type: string
-              totalSize:
-                type: string
-              unlimitedStorage:
+              loadBalancer:
                 type: boolean
-              webServerPwd:
+              mongoDbApi:
+                type: boolean
+              nodeSelector:
+                additionalProperties:
+                  type: string
+                type: object
+              oracleService:
+                type: string
+              ordsPassword:
                 properties:
-                  secret:
-                    properties:
-                      key:
-                        type: string
-                      secretName:
-                        type: string
-                    required:
-                    - key
-                    - secretName
-                    type: object
+                  keepSecret:
+                    type: boolean
+                  secretKey:
+                    default: oracle_pwd
+                    type: string
+                  secretName:
+                    type: string
                 required:
-                - secret
+                - secretName
                 type: object
-              webServerUser:
+              ordsUser:
+                type: string
+              persistence:
                 properties:
-                  secret:
-                    properties:
-                      key:
-                        type: string
-                      secretName:
-                        type: string
-                    required:
-                    - key
-                    - secretName
-                    type: object
-                required:
-                - secret
+                  accessMode:
+                    enum:
+                    - ReadWriteOnce
+                    - ReadWriteMany
+                    type: string
+                  setWritePermissions:
+                    type: boolean
+                  size:
+                    type: string
+                  storageClass:
+                    type: string
+                  volumeName:
+                    type: string
                 type: object
-              xmlFileName:
+              readinessCheckPeriod:
+                type: integer
+              replicas:
+                minimum: 1
+                type: integer
+              restEnableSchemas:
+                items:
+                  properties:
+                    enable:
+                      type: boolean
+                    pdbName:
+                      type: string
+                    schemaName:
+                      type: string
+                    urlMapping:
+                      type: string
+                  required:
+                  - enable
+                  - schemaName
+                  type: object
+                type: array
+              serviceAccountName:
                 type: string
+              serviceAnnotations:
+                additionalProperties:
+                  type: string
+                type: object
             required:
-            - action
+            - adminPassword
+            - databaseRef
+            - ordsPassword
             type: object
           status:
             properties:
-              action:
+              apexConfigured:
+                type: boolean
+              apexUrl:
                 type: string
-              connString:
+              commonUsersCreated:
+                type: boolean
+              databaseActionsUrl:
                 type: string
-              modifyOption:
+              databaseApiUrl:
                 type: string
-              msg:
+              databaseRef:
                 type: string
-              openMode:
+              image:
+                properties:
+                  pullFrom:
+                    type: string
+                  pullSecrets:
+                    type: string
+                  version:
+                    type: string
+                required:
+                - pullFrom
+                type: object
+              loadBalancer:
                 type: string
-              phase:
+              mongoDbApi:
+                type: boolean
+              mongoDbApiAccessUrl:
                 type: string
-              status:
+              ordsInstalled:
                 type: boolean
-              totalSize:
+              replicas:
+                type: integer
+              serviceIP:
+                type: string
+              status:
                 type: string
-            required:
-            - phase
-            - status
             type: object
         type: object
     served: true
@@ -11542,33 +12224,23 @@ spec:
     subresources:
       status: {}
   - additionalPrinterColumns:
-    - description: Name of the CDB
-      jsonPath: .spec.cdbName
-      name: CDB Name
-      type: string
-    - description: Name of the PDB
-      jsonPath: .spec.pdbName
-      name: PDB Name
+    - jsonPath: .status.status
+      name: Status
       type: string
-    - description: PDB Open Mode
-      jsonPath: .status.openMode
-      name: PDB State
+    - jsonPath: .spec.databaseRef
+      name: Database
       type: string
-    - description: Total Size of the PDB
-      jsonPath: .status.totalSize
-      name: PDB Size
+    - jsonPath: .status.databaseApiUrl
+      name: Database API URL
       type: string
-    - description: Status of the PDB Resource
-      jsonPath: .status.phase
-      name: Status
+    - jsonPath: .status.databaseActionsUrl
+      name: Database Actions URL
       type: string
-    - description: Error message, if any
-      jsonPath: .status.msg
-      name: Message
+    - jsonPath: .status.apexUrl
+      name: Apex URL
       type: string
-    - description: The connect string to be used
-      jsonPath: .status.connString
-      name: Connect_String
+    - jsonPath: .status.mongoDbApiAccessUrl
+      name: MongoDbApi Access URL
       type: string
     name: v4
     schema:
@@ -11582,268 +12254,638 @@ spec:
             type: object
           spec:
             properties:
-              action:
-                enum:
-                - Create
-                - Clone
-                - Plug
-                - Unplug
-                - Delete
-                - Modify
-                - Status
-                - Map
-                type: string
-              adminName:
+              adminPassword:
                 properties:
-                  secret:
-                    properties:
-                      key:
-                        type: string
-                      secretName:
-                        type: string
-                    required:
-                    - key
-                    - secretName
-                    type: object
+                  keepSecret:
+                    type: boolean
+                  secretKey:
+                    default: oracle_pwd
+                    type: string
+                  secretName:
+                    type: string
                 required:
-                - secret
+                - secretName
                 type: object
-              adminPwd:
+              databaseRef:
+                type: string
+              image:
                 properties:
-                  secret:
-                    properties:
-                      key:
-                        type: string
-                      secretName:
-                        type: string
-                    required:
-                    - key
-                    - secretName
-                    type: object
+                  pullFrom:
+                    type: string
+                  pullSecrets:
+                    type: string
+                  version:
+                    type: string
                 required:
-                - secret
+                - pullFrom
                 type: object
-              asClone:
-                type: boolean
-              assertivePdbDeletion:
+              loadBalancer:
                 type: boolean
-              cdbName:
-                type: string
-              cdbNamespace:
-                type: string
-              cdbResName:
-                type: string
-              copyAction:
-                enum:
-                - COPY
-                - NOCOPY
-                - MOVE
-                type: string
-              dropAction:
-                enum:
-                - INCLUDING
-                - KEEP
-                type: string
-              fileNameConversions:
-                type: string
-              getScript:
+              mongoDbApi:
                 type: boolean
-              modifyOption:
-                enum:
-                - IMMEDIATE
-                - NORMAL
-                - READ ONLY
-                - READ WRITE
-                - RESTRICTED
-                type: string
-              pdbName:
-                type: string
-              pdbOrdsPrvKey:
-                properties:
-                  secret:
-                    properties:
-                      key:
-                        type: string
-                      secretName:
-                        type: string
-                    required:
-                    - key
-                    - secretName
-                    type: object
-                required:
-                - secret
+              nodeSelector:
+                additionalProperties:
+                  type: string
                 type: object
-              pdbOrdsPubKey:
+              oracleService:
+                type: string
+              ordsPassword:
                 properties:
-                  secret:
-                    properties:
-                      key:
-                        type: string
-                      secretName:
-                        type: string
-                    required:
-                    - key
-                    - secretName
-                    type: object
+                  keepSecret:
+                    type: boolean
+                  secretKey:
+                    default: oracle_pwd
+                    type: string
+                  secretName:
+                    type: string
                 required:
-                - secret
+                - secretName
                 type: object
-              pdbState:
-                enum:
-                - OPEN
-                - CLOSE
+              ordsUser:
                 type: string
-              pdbTlsCat:
+              persistence:
                 properties:
-                  secret:
-                    properties:
-                      key:
-                        type: string
-                      secretName:
-                        type: string
-                    required:
-                    - key
-                    - secretName
-                    type: object
-                required:
-                - secret
+                  accessMode:
+                    enum:
+                    - ReadWriteOnce
+                    - ReadWriteMany
+                    type: string
+                  setWritePermissions:
+                    type: boolean
+                  size:
+                    type: string
+                  storageClass:
+                    type: string
+                  volumeName:
+                    type: string
                 type: object
-              pdbTlsCrt:
-                properties:
-                  secret:
-                    properties:
-                      key:
-                        type: string
-                      secretName:
-                        type: string
-                    required:
-                    - key
-                    - secretName
-                    type: object
-                required:
-                - secret
+              readinessCheckPeriod:
+                type: integer
+              replicas:
+                minimum: 1
+                type: integer
+              restEnableSchemas:
+                items:
+                  properties:
+                    enable:
+                      type: boolean
+                    pdbName:
+                      type: string
+                    schemaName:
+                      type: string
+                    urlMapping:
+                      type: string
+                  required:
+                  - enable
+                  - schemaName
+                  type: object
+                type: array
+              serviceAccountName:
+                type: string
+              serviceAnnotations:
+                additionalProperties:
+                  type: string
                 type: object
-              pdbTlsKey:
+            required:
+            - adminPassword
+            - databaseRef
+            - ordsPassword
+            type: object
+          status:
+            properties:
+              apexConfigured:
+                type: boolean
+              apexUrl:
+                type: string
+              commonUsersCreated:
+                type: boolean
+              databaseActionsUrl:
+                type: string
+              databaseApiUrl:
+                type: string
+              databaseRef:
+                type: string
+              image:
                 properties:
-                  secret:
-                    properties:
-                      key:
-                        type: string
-                      secretName:
-                        type: string
-                    required:
-                    - key
-                    - secretName
-                    type: object
+                  pullFrom:
+                    type: string
+                  pullSecrets:
+                    type: string
+                  version:
+                    type: string
                 required:
-                - secret
+                - pullFrom
                 type: object
-              reuseTempFile:
+              loadBalancer:
+                type: string
+              mongoDbApi:
                 type: boolean
-              sourceFileNameConversions:
+              mongoDbApiAccessUrl:
                 type: string
-              sparseClonePath:
+              ordsInstalled:
+                type: boolean
+              replicas:
+                type: integer
+              serviceIP:
                 type: string
-              srcPdbName:
+              status:
                 type: string
-              tdeExport:
-                type: boolean
-              tdeImport:
+            type: object
+        type: object
+    served: true
+    storage: true
+    subresources:
+      status: {}
+---
+apiVersion: apiextensions.k8s.io/v1
+kind: CustomResourceDefinition
+metadata:
+  annotations:
+    cert-manager.io/inject-ca-from: oracle-database-operator-system/oracle-database-operator-serving-cert
+    controller-gen.kubebuilder.io/version: v0.17.3
+  name: ordssrvs.database.oracle.com
+spec:
+  group: database.oracle.com
+  names:
+    kind: OrdsSrvs
+    listKind: OrdsSrvsList
+    plural: ordssrvs
+    singular: ordssrvs
+  scope: Namespaced
+  versions:
+  - additionalPrinterColumns:
+    - jsonPath: .status.status
+      name: status
+      type: string
+    - jsonPath: .status.workloadType
+      name: workloadType
+      type: string
+    - jsonPath: .status.ordsVersion
+      name: ordsVersion
+      type: string
+    - jsonPath: .status.httpPort
+      name: httpPort
+      type: integer
+    - jsonPath: .status.httpsPort
+      name: httpsPort
+      type: integer
+    - jsonPath: .status.mongoPort
+      name: MongoPort
+      type: integer
+    - jsonPath: .status.restartRequired
+      name: restartRequired
+      type: boolean
+    - jsonPath: .metadata.creationTimestamp
+      name: AGE
+      type: date
+    - jsonPath: .status.ordsInstalled
+      name: OrdsInstalled
+      type: boolean
+    name: v4
+    schema:
+      openAPIV3Schema:
+        properties:
+          apiVersion:
+            type: string
+          kind:
+            type: string
+          metadata:
+            type: object
+          spec:
+            properties:
+              encPrivKey:
+                properties:
+                  passwordKey:
+                    default: password
+                    type: string
+                  secretName:
+                    type: string
+                required:
+                - secretName
+                type: object
+              forceRestart:
                 type: boolean
-              tdeKeystorePath:
-                type: string
-              tdePassword:
+              globalSettings:
                 properties:
-                  secret:
+                  apex.download:
+                    default: false
+                    type: boolean
+                  apex.download.url:
+                    default: https://download.oracle.com/otn_software/apex/apex-latest.zip
+                    type: string
+                  apex.installation.persistence:
                     properties:
-                      key:
+                      accessMode:
+                        default: ReadWriteOnce
+                        enum:
+                        - ReadWriteOnce
+                        - ReadWriteMany
                         type: string
-                      secretName:
+                      size:
+                        default: 1Gi
+                        type: string
+                      storageClass:
+                        type: string
+                      volumeName:
                         type: string
-                    required:
-                    - key
-                    - secretName
                     type: object
-                required:
-                - secret
-                type: object
-              tdeSecret:
-                properties:
-                  secret:
+                  cache.metadata.enabled:
+                    type: boolean
+                  cache.metadata.graphql.expireAfterAccess:
+                    type: string
+                  cache.metadata.graphql.expireAfterWrite:
+                    type: string
+                  cache.metadata.jwks.enabled:
+                    type: boolean
+                  cache.metadata.jwks.expireAfterAccess:
+                    type: string
+                  cache.metadata.jwks.expireAfterWrite:
+                    type: string
+                  cache.metadata.jwks.initialCapacity:
+                    format: int32
+                    type: integer
+                  cache.metadata.jwks.maximumSize:
+                    format: int32
+                    type: integer
+                  cache.metadata.timeout:
+                    type: string
+                  certSecret:
                     properties:
+                      cert:
+                        type: string
                       key:
                         type: string
                       secretName:
                         type: string
                     required:
+                    - cert
                     - key
                     - secretName
                     type: object
-                required:
-                - secret
+                  database.api.enabled:
+                    type: boolean
+                  database.api.management.services.disabled:
+                    type: boolean
+                  db.invalidPoolTimeout:
+                    type: string
+                  debug.printDebugToScreen:
+                    type: boolean
+                  enable.mongo.access.log:
+                    default: false
+                    type: boolean
+                  enable.standalone.access.log:
+                    default: false
+                    type: boolean
+                  error.responseFormat:
+                    type: string
+                  feature.grahpql.max.nesting.depth:
+                    format: int32
+                    type: integer
+                  icap.port:
+                    format: int32
+                    type: integer
+                  icap.secure.port:
+                    format: int32
+                    type: integer
+                  icap.server:
+                    type: string
+                  log.procedure:
+                    type: boolean
+                  mongo.enabled:
+                    type: boolean
+                  mongo.idle.timeout:
+                    type: string
+                  mongo.op.timeout:
+                    type: string
+                  mongo.port:
+                    default: 27017
+                    format: int32
+                    type: integer
+                  request.traceHeaderName:
+                    type: string
+                  security.credentials.attempts:
+                    format: int32
+                    type: integer
+                  security.credentials.lock.time:
+                    type: string
+                  security.disableDefaultExclusionList:
+                    type: boolean
+                  security.exclusionList:
+                    type: string
+                  security.externalSessionTrustedOrigins:
+                    type: string
+                  security.forceHTTPS:
+                    type: boolean
+                  security.httpsHeaderCheck:
+                    type: string
+                  security.inclusionList:
+                    type: string
+                  security.maxEntries:
+                    format: int32
+                    type: integer
+                  security.verifySSL:
+                    type: boolean
+                  standalone.context.path:
+                    default: /ords
+                    type: string
+                  standalone.http.port:
+                    default: 8080
+                    format: int32
+                    type: integer
+                  standalone.https.host:
+                    type: string
+                  standalone.https.port:
+                    default: 8443
+                    format: int32
+                    type: integer
+                  standalone.stop.timeout:
+                    type: string
                 type: object
-              tempSize:
+              image:
                 type: string
-              totalSize:
+              imagePullPolicy:
+                default: IfNotPresent
+                enum:
+                - IfNotPresent
+                - Always
+                - Never
                 type: string
-              unlimitedStorage:
-                type: boolean
-              webServerPwd:
-                properties:
-                  secret:
-                    properties:
-                      key:
-                        type: string
-                      secretName:
-                        type: string
-                    required:
-                    - key
-                    - secretName
-                    type: object
-                required:
-                - secret
-                type: object
-              webServerUser:
-                properties:
-                  secret:
-                    properties:
-                      key:
-                        type: string
-                      secretName:
-                        type: string
-                    required:
-                    - key
-                    - secretName
-                    type: object
-                required:
-                - secret
-                type: object
-              xmlFileName:
+              imagePullSecrets:
+                type: string
+              poolSettings:
+                items:
+                  properties:
+                    apex.security.administrator.roles:
+                      type: string
+                    apex.security.user.roles:
+                      type: string
+                    autoUpgradeAPEX:
+                      default: false
+                      type: boolean
+                    autoUpgradeORDS:
+                      default: false
+                      type: boolean
+                    db.adminUser:
+                      type: string
+                    db.adminUser.secret:
+                      properties:
+                        passwordKey:
+                          default: password
+                          type: string
+                        secretName:
+                          type: string
+                      required:
+                      - secretName
+                      type: object
+                    db.cdb.adminUser:
+                      type: string
+                    db.cdb.adminUser.secret:
+                      properties:
+                        passwordKey:
+                          default: password
+                          type: string
+                        secretName:
+                          type: string
+                      required:
+                      - secretName
+                      type: object
+                    db.connectionType:
+                      enum:
+                      - basic
+                      - tns
+                      - customurl
+                      type: string
+                    db.credentialsSource:
+                      enum:
+                      - pool
+                      - request
+                      type: string
+                    db.customURL:
+                      type: string
+                    db.hostname:
+                      type: string
+                    db.poolDestroyTimeout:
+                      type: string
+                    db.port:
+                      format: int32
+                      type: integer
+                    db.secret:
+                      properties:
+                        passwordKey:
+                          default: password
+                          type: string
+                        secretName:
+                          type: string
+                      required:
+                      - secretName
+                      type: object
+                    db.servicename:
+                      type: string
+                    db.sid:
+                      type: string
+                    db.tnsAliasName:
+                      type: string
+                    db.username:
+                      default: ORDS_PUBLIC_USER
+                      type: string
+                    db.wallet.zip.service:
+                      type: string
+                    dbWalletSecret:
+                      properties:
+                        secretName:
+                          type: string
+                        walletName:
+                          type: string
+                      required:
+                      - secretName
+                      - walletName
+                      type: object
+                    debug.trackResources:
+                      type: boolean
+                    feature.openservicebroker.exclude:
+                      type: boolean
+                    feature.sdw:
+                      type: boolean
+                    http.cookie.filter:
+                      type: string
+                    jdbc.DriverType:
+                      enum:
+                      - thin
+                      - oci8
+                      type: string
+                    jdbc.InactivityTimeout:
+                      format: int32
+                      type: integer
+                    jdbc.InitialLimit:
+                      format: int32
+                      type: integer
+                    jdbc.MaxConnectionReuseCount:
+                      format: int32
+                      type: integer
+                    jdbc.MaxConnectionReuseTime:
+                      type: string
+                    jdbc.MaxLimit:
+                      format: int32
+                      type: integer
+                    jdbc.MaxStatementsLimit:
+                      format: int32
+                      type: integer
+                    jdbc.MinLimit:
+                      format: int32
+                      type: integer
+                    jdbc.SecondsToTrustIdleConnection:
+                      format: int32
+                      type: integer
+                    jdbc.auth.admin.role:
+                      type: string
+                    jdbc.auth.enabled:
+                      type: boolean
+                    jdbc.cleanup.mode:
+                      type: string
+                    jdbc.statementTimeout:
+                      format: int32
+                      type: integer
+                    misc.defaultPage:
+                      type: string
+                    misc.pagination.maxRows:
+                      format: int32
+                      type: integer
+                    owa.trace.sql:
+                      type: boolean
+                    plsql.gateway.mode:
+                      enum:
+                      - disabled
+                      - direct
+                      - proxied
+                      type: string
+                    poolName:
+                      type: string
+                    procedure.preProcess:
+                      type: string
+                    procedure.rest.preHook:
+                      type: string
+                    procedurePostProcess:
+                      type: string
+                    restEnabledSql.active:
+                      type: boolean
+                    security.jwks.connection.timeout:
+                      type: string
+                    security.jwks.read.timeout:
+                      type: string
+                    security.jwks.refresh.interval:
+                      type: string
+                    security.jwks.size:
+                      format: int32
+                      type: integer
+                    security.jwt.allowed.age:
+                      type: string
+                    security.jwt.allowed.skew:
+                      type: string
+                    security.jwt.profile.enabled:
+                      type: boolean
+                    security.requestAuthenticationFunction:
+                      type: string
+                    security.requestValidationFunction:
+                      default: ords_util.authorize_plsql_gateway
+                      type: string
+                    security.validationFunctionType:
+                      enum:
+                      - plsql
+                      - javascript
+                      type: string
+                    soda.defaultLimit:
+                      type: string
+                    soda.maxLimit:
+                      type: string
+                    tnsAdminSecret:
+                      properties:
+                        secretName:
+                          type: string
+                      required:
+                      - secretName
+                      type: object
+                  required:
+                  - db.secret
+                  - poolName
+                  type: object
+                type: array
+              replicas:
+                default: 1
+                format: int32
+                minimum: 1
+                type: integer
+              serviceAccountName:
+                type: string
+              workloadType:
+                default: Deployment
+                enum:
+                - Deployment
+                - StatefulSet
+                - DaemonSet
                 type: string
             required:
-            - action
+            - globalSettings
+            - image
             type: object
           status:
             properties:
-              action:
-                type: string
-              connString:
-                type: string
-              modifyOption:
-                type: string
-              msg:
-                type: string
-              openMode:
-                type: string
-              phase:
+              conditions:
+                items:
+                  properties:
+                    lastTransitionTime:
+                      format: date-time
+                      type: string
+                    message:
+                      maxLength: 32768
+                      type: string
+                    observedGeneration:
+                      format: int64
+                      minimum: 0
+                      type: integer
+                    reason:
+                      maxLength: 1024
+                      minLength: 1
+                      pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$
+                      type: string
+                    status:
+                      enum:
+                      - "True"
+                      - "False"
+                      - Unknown
+                      type: string
+                    type:
+                      maxLength: 316
+                      pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$
+                      type: string
+                  required:
+                  - lastTransitionTime
+                  - message
+                  - reason
+                  - status
+                  - type
+                  type: object
+                type: array
+              httpPort:
+                format: int32
+                type: integer
+              httpsPort:
+                format: int32
+                type: integer
+              mongoPort:
+                format: int32
+                type: integer
+              ordsInstalled:
+                type: boolean
+              ordsVersion:
                 type: string
-              status:
+              restartRequired:
                 type: boolean
-              totalSize:
+              status:
+                type: string
+              workloadType:
                 type: string
             required:
-            - phase
-            - status
+            - restartRequired
             type: object
         type: object
     served: true
@@ -11856,7 +12898,7 @@ kind: CustomResourceDefinition
 metadata:
   annotations:
     cert-manager.io/inject-ca-from: oracle-database-operator-system/oracle-database-operator-serving-cert
-    controller-gen.kubebuilder.io/version: v0.16.5
+    controller-gen.kubebuilder.io/version: v0.17.3
   name: shardingdatabases.database.oracle.com
 spec:
   group: database.oracle.com
@@ -12441,6 +13483,13 @@ spec:
               catalog:
                 items:
                   properties:
+                    catalogConfigData:
+                      properties:
+                        mountPath:
+                          type: string
+                        name:
+                          type: string
+                      type: object
                     envVars:
                       items:
                         properties:
@@ -12541,9 +13590,14 @@ spec:
                     type: string
                   pwdFileName:
                     type: string
+                  tdeKeyFileName:
+                    type: string
+                  tdePwdFileName:
+                    type: string
                 required:
                 - name
                 - pwdFileName
+                - tdePwdFileName
                 type: object
               fssStorageClass:
                 type: string
@@ -12564,6 +13618,13 @@ spec:
                         - value
                         type: object
                       type: array
+                    gsmConfigData:
+                      properties:
+                        mountPath:
+                          type: string
+                        name:
+                          type: string
+                      type: object
                     imagePullPolicy:
                       type: string
                     isDelete:
@@ -12685,6 +13746,8 @@ spec:
                       type: string
                     role:
                       type: string
+                    ruMode:
+                      type: string
                     sessionState:
                       type: string
                     sqlTransactionProfile:
@@ -12768,6 +13831,8 @@ spec:
                 type: string
               scriptsLocation:
                 type: string
+              serviceAccountName:
+                type: string
               shard:
                 items:
                   properties:
@@ -12845,6 +13910,13 @@ spec:
                             x-kubernetes-int-or-string: true
                           type: object
                       type: object
+                    shardConfigData:
+                      properties:
+                        mountPath:
+                          type: string
+                        name:
+                          type: string
+                      type: object
                     shardGroup:
                       type: string
                     shardRegion:
@@ -12862,6 +13934,47 @@ spec:
                 type: string
               shardConfigName:
                 type: string
+              shardInfo:
+                items:
+                  properties:
+                    replicas:
+                      format: int32
+                      type: integer
+                    shape:
+                      type: string
+                    shardGroupDetails:
+                      properties:
+                        ShardSpace:
+                          type: string
+                        deployAs:
+                          type: string
+                        isDelete:
+                          type: string
+                        region:
+                          type: string
+                        repFactor:
+                          type: integer
+                        shardGroupName:
+                          type: string
+                      type: object
+                    shardPreFixName:
+                      type: string
+                    shardSpaceDetails:
+                      properties:
+                        Chnuks:
+                          type: integer
+                        protectMode:
+                          type: string
+                        shardSpaceName:
+                          type: string
+                      type: object
+                    storageSizeInGb:
+                      format: int32
+                      type: integer
+                  required:
+                  - shardPreFixName
+                  type: object
+                type: array
               shardRegion:
                 items:
                   type: string
@@ -12883,7 +13996,6 @@ spec:
             - dbImage
             - gsm
             - gsmImage
-            - shard
             type: object
           status:
             properties:
@@ -12965,7 +14077,7 @@ kind: CustomResourceDefinition
 metadata:
   annotations:
     cert-manager.io/inject-ca-from: oracle-database-operator-system/oracle-database-operator-serving-cert
-    controller-gen.kubebuilder.io/version: v0.16.5
+    controller-gen.kubebuilder.io/version: v0.17.3
   name: singleinstancedatabases.database.oracle.com
 spec:
   group: database.oracle.com
@@ -12973,6 +14085,9 @@ spec:
     kind: SingleInstanceDatabase
     listKind: SingleInstanceDatabaseList
     plural: singleinstancedatabases
+    shortNames:
+    - sidb
+    - sidbs
     singular: singleinstancedatabase
   scope: Namespaced
   versions:
@@ -13728,9 +14843,12 @@ rules:
   - configmaps
   - containers
   - deployments
+  - endpoints
   - events
   - namespaces
+  - persistentvolumeclaim
   - persistentvolumeclaims
+  - persistentvolumes
   - pods
   - pods/exec
   - pods/log
@@ -13745,6 +14863,25 @@ rules:
   - patch
   - update
   - watch
+- apiGroups:
+  - ""
+  resources:
+  - configmaps/status
+  - daemonsets/status
+  - deployments/status
+  - persistentvolumeclaim/status
+  - services/status
+  - statefulsets/status
+  verbs:
+  - get
+  - patch
+  - update
+- apiGroups:
+  - ""
+  resources:
+  - secrets/status
+  verbs:
+  - get
 - apiGroups:
   - ""
   resources:
@@ -13821,15 +14958,14 @@ rules:
   resources:
   - autonomouscontainerdatabases
   - autonomousdatabases
-  - cdbs
   - dataguardbrokers
   - dbcssystems
   - events
   - lrests
   - lrpdbs
+  - oraclerestarts
   - oraclerestdataservices
   - ordssrvs
-  - pdbs
   - shardingdatabases
   - singleinstancedatabases
   verbs:
@@ -13846,14 +14982,13 @@ rules:
   - autonomouscontainerdatabases/status
   - autonomousdatabasebackups/status
   - autonomousdatabaserestores/status
-  - cdbs/status
   - dataguardbrokers/status
   - dbcssystems/status
   - lrests/status
   - lrpdbs/status
+  - oraclerestarts/status
   - oraclerestdataservices/status
   - ordssrvs/status
-  - pdbs/status
   - shardingdatabases/status
   - singleinstancedatabases/status
   verbs:
@@ -13882,7 +15017,6 @@ rules:
 - apiGroups:
   - database.oracle.com
   resources:
-  - cdbs/finalizers
   - dataguardbrokers/finalizers
   - lrests/finalizers
   - oraclerestdataservices/finalizers
@@ -13894,8 +15028,9 @@ rules:
   - database.oracle.com
   resources:
   - dbcssystems/finalizers
+  - lrpdbs/configmaps
   - lrpdbs/finalizers
-  - pdbs/finalizers
+  - oraclerestarts/finalizers
   - shardingdatabases/finalizers
   verbs:
   - create
@@ -14076,47 +15211,6 @@ metadata:
     cert-manager.io/inject-ca-from: oracle-database-operator-system/oracle-database-operator-serving-cert
   name: oracle-database-operator-mutating-webhook-configuration
 webhooks:
-- admissionReviewVersions:
-  - v1
-  clientConfig:
-    service:
-      name: oracle-database-operator-webhook-service
-      namespace: oracle-database-operator-system
-      path: /mutate-database-oracle-com-v4-autonomousdatabasebackup
-  failurePolicy: Fail
-  name: mautonomousdatabasebackupv4.kb.io
-  rules:
-  - apiGroups:
-    - database.oracle.com
-    apiVersions:
-    - v4
-    operations:
-    - CREATE
-    - UPDATE
-    resources:
-    - autonomousdatabasebackups
-  sideEffects: None
-- admissionReviewVersions:
-  - v1
-  - v1beta1
-  clientConfig:
-    service:
-      name: oracle-database-operator-webhook-service
-      namespace: oracle-database-operator-system
-      path: /mutate-database-oracle-com-v4-cdb
-  failurePolicy: Fail
-  name: mcdb.kb.io
-  rules:
-  - apiGroups:
-    - database.oracle.com
-    apiVersions:
-    - v4
-    operations:
-    - CREATE
-    - UPDATE
-    resources:
-    - cdbs
-  sideEffects: None
 - admissionReviewVersions:
   - v1
   clientConfig:
@@ -14181,14 +15275,13 @@ webhooks:
   sideEffects: None
 - admissionReviewVersions:
   - v1
-  - v1beta1
   clientConfig:
     service:
       name: oracle-database-operator-webhook-service
       namespace: oracle-database-operator-system
-      path: /mutate-database-oracle-com-v4-pdb
+      path: /mutate-database-oracle-com-v4-oraclerestart
   failurePolicy: Fail
-  name: mpdb.kb.io
+  name: moraclerestart.kb.io
   rules:
   - apiGroups:
     - database.oracle.com
@@ -14198,7 +15291,7 @@ webhooks:
     - CREATE
     - UPDATE
     resources:
-    - pdbs
+    - oraclerestarts
   sideEffects: None
 - admissionReviewVersions:
   - v1
@@ -14220,26 +15313,6 @@ webhooks:
     resources:
     - shardingdatabases
   sideEffects: None
-- admissionReviewVersions:
-  - v1
-  clientConfig:
-    service:
-      name: oracle-database-operator-webhook-service
-      namespace: oracle-database-operator-system
-      path: /mutate-database-oracle-com-v1alpha1-autonomousdatabasebackup
-  failurePolicy: Fail
-  name: mautonomousdatabasebackupv1alpha1.kb.io
-  rules:
-  - apiGroups:
-    - database.oracle.com
-    apiVersions:
-    - v1alpha1
-    operations:
-    - CREATE
-    - UPDATE
-    resources:
-    - autonomousdatabasebackups
-  sideEffects: None
 - admissionReviewVersions:
   - v1
   - v1beta1
@@ -14304,27 +15377,6 @@ webhooks:
   sideEffects: None
 - admissionReviewVersions:
   - v1
-  clientConfig:
-    service:
-      name: oracle-database-operator-webhook-service
-      namespace: oracle-database-operator-system
-      path: /mutate-database-oracle-com-v1alpha1-shardingdatabase
-  failurePolicy: Fail
-  name: mshardingdatabasev1alpha1.kb.io
-  rules:
-  - apiGroups:
-    - database.oracle.com
-    apiVersions:
-    - v1alpha1
-    operations:
-    - CREATE
-    - UPDATE
-    resources:
-    - shardingdatabases
-  sideEffects: None
-- admissionReviewVersions:
-  - v1
-  - v1beta1
   clientConfig:
     service:
       name: oracle-database-operator-webhook-service
@@ -14433,14 +15485,33 @@ webhooks:
   sideEffects: None
 - admissionReviewVersions:
   - v1
-  - v1beta1
   clientConfig:
     service:
       name: oracle-database-operator-webhook-service
       namespace: oracle-database-operator-system
-      path: /validate-database-oracle-com-v4-cdb
+      path: /validate-database-oracle-com-v4-autonomousdatabase
+  failurePolicy: Fail
+  name: vautonomousdatabasev4.kb.io
+  rules:
+  - apiGroups:
+    - database.oracle.com
+    apiVersions:
+    - v4
+    operations:
+    - CREATE
+    - UPDATE
+    resources:
+    - autonomousdatabases
+  sideEffects: None
+- admissionReviewVersions:
+  - v1
+  clientConfig:
+    service:
+      name: oracle-database-operator-webhook-service
+      namespace: oracle-database-operator-system
+      path: /validate-database-oracle-com-v4-dbcssystem
   failurePolicy: Fail
-  name: vcdb.kb.io
+  name: vdbcssystemv4.kb.io
   rules:
   - apiGroups:
     - database.oracle.com
@@ -14449,8 +15520,9 @@ webhooks:
     operations:
     - CREATE
     - UPDATE
+    - DELETE
     resources:
-    - cdbs
+    - dbcssystems
   sideEffects: None
 - admissionReviewVersions:
   - v4
@@ -14496,14 +15568,13 @@ webhooks:
   sideEffects: None
 - admissionReviewVersions:
   - v1
-  - v1beta1
   clientConfig:
     service:
       name: oracle-database-operator-webhook-service
       namespace: oracle-database-operator-system
-      path: /validate-database-oracle-com-v4-pdb
+      path: /validate-database-oracle-com-v4-oraclerestart
   failurePolicy: Fail
-  name: vpdb.kb.io
+  name: voraclerestart.kb.io
   rules:
   - apiGroups:
     - database.oracle.com
@@ -14512,8 +15583,9 @@ webhooks:
     operations:
     - CREATE
     - UPDATE
+    - DELETE
     resources:
-    - pdbs
+    - oraclerestarts
   sideEffects: None
 - admissionReviewVersions:
   - v1
@@ -14660,28 +15732,6 @@ webhooks:
   sideEffects: None
 - admissionReviewVersions:
   - v1
-  clientConfig:
-    service:
-      name: oracle-database-operator-webhook-service
-      namespace: oracle-database-operator-system
-      path: /validate-database-oracle-com-v1alpha1-shardingdatabase
-  failurePolicy: Fail
-  name: vshardingdatabasev1alpha1.kb.io
-  rules:
-  - apiGroups:
-    - database.oracle.com
-    apiVersions:
-    - v1alpha1
-    operations:
-    - CREATE
-    - UPDATE
-    - DELETE
-    resources:
-    - shardingdatabases
-  sideEffects: None
-- admissionReviewVersions:
-  - v1
-  - v1beta1
   clientConfig:
     service:
       name: oracle-database-operator-webhook-service
@@ -14747,7 +15797,7 @@ spec:
         env:
         - name: WATCH_NAMESPACE
           value: ""
-        image: container-registry.oracle.com/database/operator:1.2.0
+        image: phx.ocir.io/intsanjaysingh/db-repo/oracle/database:orestart-operator-sa
         imagePullPolicy: Always
         name: manager
         ports:
diff --git a/ords/Dockerfile b/ords/Dockerfile
deleted file mode 100644
index 25ba08ec..00000000
--- a/ords/Dockerfile
+++ /dev/null
@@ -1,86 +0,0 @@
-## Copyright (c) 2022 Oracle and/or its affiliates.
-##
-## The Universal Permissive License (UPL), Version 1.0
-##
-## Subject to the condition set forth below, permission is hereby granted to any
-## person obtaining a copy of this software, associated documentation and/or data
-## (collectively the "Software"), free of charge and under any and all copyright
-## rights in the Software, and any and all patent rights owned or freely
-## licensable by each licensor hereunder covering either (i) the unmodified
-## Software as contributed to or provided by such licensor, or (ii) the Larger
-## Works (as defined below), to deal in both
-##
-## (a) the Software, and
-## (b) any piece of software and/or hardware listed in the lrgrwrks.txt file if
-## one is included with the Software (each a "Larger Work" to which the Software
-## is contributed by such licensors),
-##
-## without restriction, including without limitation the rights to copy, create
-## derivative works of, display, perform, and distribute the Software and make,
-## use, sell, offer for sale, import, export, have made, and have sold the
-## Software and the Larger Work(s), and to sublicense the foregoing rights on
-## either these or other terms.
-##
-## This license is subject to the following condition:
-## The above copyright notice and either this complete permission notice or at
-## a minimum a reference to the UPL must be included in all copies or
-## substantial portions of the Software.
-##
-## THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-## IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-## FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-## AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-## LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-## OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
-## SOFTWARE.
-
-FROM  container-registry.oracle.com/java/jdk:latest
-
-# Environment variables required for this build (do NOT change)
-# -------------------------------------------------------------
-ENV ORDS_HOME=/opt/oracle/ords/ \
-    RUN_FILE="runOrdsSSL.sh" \
-    ORDSVERSION=23.4.0-8 \
-    JAVA=17
-#see https://www.oracle.com/tools/ords/ords-relnotes-23.4.0.html
-
-# Copy binaries
-# -------------
-COPY   $RUN_FILE $ORDS_HOME 
-
-RUN yum -y install yum-utils bind-utils tree hostname openssl net-tools zip unzip tar wget vim-minimal which sudo expect procps curl lsof && \
-    yum-config-manager --add-repo=http://yum.oracle.com/repo/OracleLinux/OL8/oracle/software/x86_64 && \
-    yum -y install java-$JAVA-openjdk-devel && \
-    yum -y install iproute && \
-    yum clean all
-
-RUN curl -o /tmp/ords-$ORDSVERSION.el8.noarch.rpm https://yum.oracle.com/repo/OracleLinux/OL8/oracle/software/x86_64/getPackage/ords-$ORDSVERSION.el8.noarch.rpm
-
-RUN rpm -ivh /tmp/ords-$ORDSVERSION.el8.noarch.rpm
-
-# Setup filesystem and oracle user
-# --------------------------------
-RUN mkdir -p  $ORDS_HOME/doc_root                                  && \
-    mkdir -p  $ORDS_HOME/error                                     && \
-    mkdir -p  $ORDS_HOME/secrets                                   && \
-    chmod ug+x $ORDS_HOME/*.sh                                     && \
-    groupadd -g 54322 dba                                          && \
-    usermod -u 54321 -d /home/oracle -g dba -m -s /bin/bash oracle && \
-    chown -R oracle:dba $ORDS_HOME                                 
-#    echo "oracle  ALL=(ALL)       NOPASSWD: ALL" >> /etc/sudoers
-
-RUN echo "unset R1" >> /home/oracle/.bashrc && \
-    chown root:root /home/oracle/.bashrc && chmod +r /home/oracle/.bashrc
-
-# Finalize setup
-# -------------------
-USER oracle
-WORKDIR /home/oracle
-
-
-VOLUME ["$ORDS_HOME/config/ords"]
-EXPOSE 8888
-
-# Define default command to start Ords Services
-CMD $ORDS_HOME/$RUN_FILE
-
diff --git a/ords/ords_init.sh b/ords/ords_init.sh
index 0994dceb..fc13912b 100644
--- a/ords/ords_init.sh
+++ b/ords/ords_init.sh
@@ -35,6 +35,9 @@
 ## OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
 ## SOFTWARE.
 
+# not used, avoid messages
+unset JAVA_TOOL_OPTIONS
+
 dump_stack(){
 _log_date=`date "+%y:%m:%d %H:%M:%S"`
     local frame=0
@@ -54,6 +57,8 @@ _log_date=`date "+%y:%m:%d %H:%M:%S"`
 get_conn_string() {
 	local -n _conn_string="${1}"
 
+	echo "== Prepare connect string"
+
 	local -r _admin_user=$($ords_cfg_cmd get --secret db.adminUser | tail -1)
 	local _conn_type=$($ords_cfg_cmd get db.connectionType |tail -1)
 	if [[ $_conn_type == "customurl" ]]; then
@@ -81,7 +86,7 @@ get_conn_string() {
 
 	if [[ -n ${_conn} ]]; then
 		echo "Connection String (${_conn_type}): ${_conn}"
-		_conn_string="${_admin_user%%/ *}/${config["dbadminusersecret"]}@${_conn}"
+		_conn_string="${_admin_user%%/ *}/${config["dbadminuserpassword"]}@${_conn}"
 		if [[ ${_admin_user%%/ *} == "SYS" ]]; then
 			_conn_string="${_conn_string=} AS SYSDBA"
 		fi
@@ -89,6 +94,32 @@ get_conn_string() {
 }
 
 #------------------------------------------------------------------------------
+function setup_sql(){
+	local -r _conn_string="${1}"
+
+	echo "== Configuring sql environment"
+
+        ## Get TNS_ADMIN location
+        local -r _tns_admin=$($ords_cfg_cmd get db.tnsDirectory 2>&1| tail -1)
+        if [[ ! $_tns_admin =~ "Cannot get setting" ]]; then
+                echo "Setting: TNS_ADMIN=${_tns_admin}"
+                export TNS_ADMIN=${_tns_admin}
+        fi
+
+        ## Get ADB Wallet
+        #echo "Checking db.wallet.zip.path"
+        #echo "$ords_cfg_cmd get db.wallet.zip.path"
+        local -r _wallet_zip_path=$($ords_cfg_cmd get db.wallet.zip.path 2>&1| tail -1)
+        #echo "wallet_zip_path : \"${_wallet_zip_path}\""
+        if [[ ! $_wallet_zip_path =~ "Cannot get setting" ]]; then
+                echo "Using: set cloudconfig ${_wallet_zip_path}"
+                local -r _cloudconfig="set cloudconfig ${_wallet_zip_path}"
+        fi
+
+	return 0
+
+}
+
 function run_sql {
 	local -r _conn_string="${1}"
 	local -r _sql="${2}"
@@ -97,26 +128,13 @@ function run_sql {
 	
 	if [[ -z ${_sql} ]]; then
 		dump_stack
-		echo "FATAL: Dear Developer.. you've got a bug calling run_sql" && exit 1
-	fi
-	## Get TNS_ADMIN location
-	local -r _tns_admin=$($ords_cfg_cmd get db.tnsDirectory | tail -1)
-	if [[ ! $_tns_admin =~ "Cannot get setting" ]]; then
-		echo "Setting: TNS_ADMIN=${_tns_admin}"
-		export TNS_ADMIN=${_tns_admin}
+		echo "FATAL: missing SQL calling run_sql" && exit 1
 	fi
 
-	## Get ADB Wallet
-	local -r _wallet_zip_path=$($ords_cfg_cmd get db.wallet.zip.path | tail -1)
-	if [[ ! $_wallet_zip_path =~ "Cannot get setting" ]]; then
-		echo "Using: set cloudconfig ${_wallet_zip_path}"
-		local -r _cloudconfig="set cloudconfig ${_wallet_zip_path}"
-	fi
+	echo "Running SQL"
 
 	# NOTE to maintainer; the heredoc must be TAB indented
-	echo "Running SQL..."
-	#_output=$(cd ${APEX_HOME}/${APEX_VER} && sql -S /nolog <<-EOSQL
-	_output=$(cd ${APEX_HOME}/${APEX_VER} && sql -S -nohistory -noupdates /nolog <<-EOSQL
+	_output=$(sql -S -nohistory -noupdates /nolog <<-EOSQL
 		WHENEVER SQLERROR EXIT 1
 		WHENEVER OSERROR EXIT 1
 		${_cloudconfig}
@@ -143,6 +161,8 @@ function check_adb() {
 	local -r _conn_string=$1
 	local -n _is_adb=$2
 
+	echo "== ADB check"
+
 	local -r _adb_chk_sql="
 		DECLARE
 			invalid_column exception;
@@ -164,10 +184,14 @@ function check_adb() {
 
 	if (( ${_rc} == 0 )); then
 		_adb_check=${_adb_check//[[:space:]]/}
-		echo "ADB Check: ${_adb_check}"
 		if (( ${_adb_check} == 1 )); then
 			_is_adb=${_adb_check//[[:space:]]/}
+			echo "ADB : yes"
+		else
+			echo "ADB : no"
 		fi
+	else
+		echo "ADB check failed"
 	fi
 
 	return ${_rc}
@@ -180,7 +204,7 @@ function create_adb_user() {
 	local _config_user=$($ords_cfg_cmd get db.username | tail -1)
 
 	if [[ -z ${_config_user} ]] || [[ ${_config_user} == "ORDS_PUBLIC_USER" ]]; then
-		echo "FATAL: You must specify a db.username <> ORDS_PUBLIC_USER in pool ${_pool_name}"
+		echo "FATAL: You must specify a db.username <> ORDS_PUBLIC_USER in pool \"${_pool_name}\""
 		dump_stack
 		return 1
 	fi
@@ -193,11 +217,11 @@ function create_adb_user() {
       BEGIN
         SELECT USERNAME INTO l_user FROM DBA_USERS WHERE USERNAME='${_config_user}';
         EXECUTE IMMEDIATE 'ALTER USER \"${_config_user}\" PROFILE ORA_APP_PROFILE';
-        EXECUTE IMMEDIATE 'ALTER USER \"${_config_user}\" IDENTIFIED BY \"${config["dbsecret"]}\"';
+        EXECUTE IMMEDIATE 'ALTER USER \"${_config_user}\" IDENTIFIED BY \"${config["dbpassword"]}\"';
 		DBMS_OUTPUT.PUT_LINE('${_config_user} Exists - Password reset');
       EXCEPTION
         WHEN NO_DATA_FOUND THEN
-          EXECUTE IMMEDIATE 'CREATE USER \"${_config_user}\" IDENTIFIED BY \"${config["dbsecret"]}\" PROFILE ORA_APP_PROFILE';
+          EXECUTE IMMEDIATE 'CREATE USER \"${_config_user}\" IDENTIFIED BY \"${config["dbpassword"]}\" PROFILE ORA_APP_PROFILE';
 		  DBMS_OUTPUT.PUT_LINE('${_config_user} Created');
       END;
       EXECUTE IMMEDIATE 'GRANT CONNECT TO \"${_config_user}\"';
@@ -247,10 +271,13 @@ function create_adb_user() {
 }
 
 #------------------------------------------------------------------------------
-function compare_versions() {
+function apex_compare_versions() {
 	local _db_ver=$1
 	local _im_ver=$2
 
+	echo "database APEX version : $_db_ver"
+	echo "install  APEX version : $_im_ver"
+
 	IFS='.' read -r -a _db_ver_array <<< "$_db_ver"
 	IFS='.' read -r -a _im_ver_array <<< "$_im_ver"
 
@@ -270,95 +297,287 @@ function compare_versions() {
 }
 
 #------------------------------------------------------------------------------
-set_secret() {
+ords_client_version(){
+	echo "== ORDS client version" 
+	echo "ords_client_version : \"$(ords --config $ORDS_CONFIG --version 2>&1 | tail -1)\""
+}
+
+#------------------------------------------------------------------------------
+set_ords_secret() {
 	local -r _pool_name="${1}"
 	local -r _config_key="${2}"
 	local -r _config_val="${3}"
 	local -i _rc=0
 
 	if [[ -n "${_config_val}" ]]; then
-		ords --config "$ORDS_CONFIG" config --db-pool "${_pool_name}" secret --password-stdin "${_config_key}" <<< "${_config_val}"
+		echo "Setting ${_config_key} in pool \"${_pool_name}\""
+		ords --config "$ORDS_CONFIG" config --db-pool "${_pool_name}" secret --password-stdin "${_config_key}" 2>&1 <<< "${_config_val}"|tail -1
 		_rc=$?
-		echo "${_config_key} in pool ${_pool_name} set"
 	else
-		echo "${_config_key} in pool ${_pool_name}, not defined"
+		echo "${_config_key} in pool \"${_pool_name}\" is not defined"
 		_rc=0
 	fi
 
 	return ${_rc}
 }
 
+#------------------------------------------------------------------------------
+read_passwords(){
+        echo "== Reading passwords"
+        for key in dbpassword dbadminuserpassword dbcdbadminuserpassword; do
+                var_key="${pool_name//-/_}_${key}"
+                echo "Obtaining value from initContainer variable: ${var_key}"
+                var_val="${!var_key}"
+                config[${key}]="${var_val}"
+        done
+
+        # Set ORDS Secrets
+        set_ords_secret "${pool_name}" "db.password" "${config["dbpassword"]}"
+        rc=$((rc + $?))
+        set_ords_secret "${pool_name}" "db.adminUser.password" "${config["dbadminuserpassword"]}"
+        rc=$((rc + $?))
+        set_ords_secret "${pool_name}" "db.cdb.adminUser.password" "${config["dbcdbadminuserpassword"]}"
+        rc=$((rc + $?))
+
+        if (( ${rc} > 0 )); then
+                echo "FATAL: Unable to set configuration for pool \"${pool_name}\""
+		return 1
+        elif [[ -z ${config["dbpassword"]} ]]; then
+                echo "FATAL: db.password must be specified for pool \"${pool_name}\""
+		return 1
+        elif [[ -z ${config["dbadminuserpassword"]} ]]; then
+                echo "INFO: No additional configuration for pool \"${pool_name}\""
+        fi
+
+	return 0
+}
+
 #------------------------------------------------------------------------------
 ords_upgrade() {
-	local -r _pool_name="${1}"
-	local -r _upgrade_key="${2}"
-	local -i _rc=0
-		
-	if [[ -n "${config["dbadminusersecret"]}" ]]; then
-		# Get usernames
-		local -r ords_user=$($ords_cfg_cmd get db.username | tail -1)
-		local -r ords_admin=$($ords_cfg_cmd get db.adminUser | tail -1)
-
-		echo "Performing ORDS install/upgrade as $ords_admin into $ords_user on pool ${_pool_name}"
-		if [[ ${_pool_name} == "default" ]]; then
-			ords --config "$ORDS_CONFIG" install --db-only \
-				--admin-user "$ords_admin" --password-stdin <<< "${config["dbadminusersecret"]}"
-			_rc=$?
-		else
-			ords --config "$ORDS_CONFIG" install --db-pool "${_pool_name}" --db-only \
-				--admin-user "$ords_admin" --password-stdin <<< "${config["dbadminusersecret"]}"
-			_rc=$?
-		fi
+        local -r _pool_name="${1}"
+        local -r _upgrade_key="${2}"
+        local -i _rc=0
+
+	echo "== ORDS install/upgrade"
+
+        if [[ -n "${config["dbadminuserpassword"]}" ]]; then
+                # Get usernames
+                local -r ords_user=$($ords_cfg_cmd get db.username | tail -1)
+                local -r ords_admin=$($ords_cfg_cmd get db.adminUser | tail -1)
+
+                echo "Performing ORDS install/upgrade as $ords_admin into $ords_user on pool \"${_pool_name}\""
+                if [[ ${_pool_name} == "default" ]]; then
+                        ords --config "$ORDS_CONFIG" install --db-only \
+                                --admin-user "$ords_admin" --password-stdin <<< "${config["dbadminuserpassword"]}"
+                        _rc=$?
+                else
+                        ords --config "$ORDS_CONFIG" install --db-pool "${_pool_name}" --db-only \
+                                --admin-user "$ords_admin" --password-stdin <<< "${config["dbadminuserpassword"]}"
+                        _rc=$?
+                fi
+
+                # Dar be bugs below deck with --db-user so using the above
+                # ords --config "$ORDS_CONFIG" install --db-pool "$1" --db-only \
+                #       --admin-user "$ords_admin" --db-user "$ords_user" --password-stdin <<< "${!2}"
+        fi
+
+        return $_rc
+}
 
-		# Dar be bugs below deck with --db-user so using the above
-		# ords --config "$ORDS_CONFIG" install --db-pool "$1" --db-only \
-		# 	--admin-user "$ords_admin" --db-user "$ords_user" --password-stdin <<< "${!2}"
-	fi
 
-	return $_rc
+#------------------------------------------------------------------------------
+function global_parameters(){
+
+	APEX_INSTALL=/opt/oracle/apex
+	# backward compatibility for ORDS images prior to 24.1.x (included)
+	# APEX_HOME is used only here and it is set on images <= 24.1.x
+	if [[ -n ${APEX_HOME} ]]; then
+		APEX_INSTALL=${APEX_HOME}/${APEX_VER}
+		echo "WARNING: APEX installation ${APEX_INSTALL}, ORDS image probably older than 24.2"
+	fi	
+	APEXINS=${APEX_INSTALL}/apexins.sql
+	APEX_IMAGES=${APEX_INSTALL}/images
+    APEX_VERSION_TXT=${APEX_IMAGES}/apex_version.txt 
+
+	echo "== global parameters"
+	echo "external_apex          : ${external_apex}"
+	echo "download_apex          : ${download_apex}"
+	echo "download_url_apex      : ${download_url_apex}"
+	echo "APEX_INSTALL           : $APEX_INSTALL"
+	echo "APEX_IMAGES            : $APEX_IMAGES"
+
 }
 
+
 #------------------------------------------------------------------------------
 function get_apex_version() {
 	local -r _conn_string="${1}"
-	local -n _action="${2}"
+	local -n _db_apex_version="${2}"
 	local -i _rc=0
 
+	echo "== APEX version check"
+
 	local -r _ver_sql="SELECT VERSION FROM DBA_REGISTRY WHERE COMP_ID='APEX';"
+	#local -r _ver_sql="SELECT SCHEMA FROM DBA_REGISTRY WHERE COMP_ID='APEX';"
 	run_sql "${_conn_string}" "${_ver_sql}" "_db_apex_version"
 	_rc=$?
 
 	if (( $_rc > 0 )); then
-		echo "FATAL: Unable to connect to ${_conn_string} to get APEX version"
+		echo "FATAL: Unable to get APEX version"
 		dump_stack
 		return $_rc
 	fi
 
-	local -r _db_apex_version=${_db_apex_version//[^0-9.]/}
-	echo "Database APEX Version: ${_db_apex_version:-Not Installed}"
-
-	_action="none"
+	_db_apex_version=${_db_apex_version//[^0-9.]/}
+	#_db_apex_version="${_db_apex_version//[[:space:]]}"
 	if [[ -z "${_db_apex_version}" ]]; then
-		echo "Installing APEX ${APEX_VER}"
-		_action="install"
-	elif compare_versions ${_db_apex_version} ${APEX_VER}; then
-		echo "Upgrading from ${_db_apex_version} to ${APEX_VER}"
-		_action="upgrade"
-	else
-		echo "No Installation/Upgrade Required"
-	fi
+		_db_apex_version="NotInstalled"
+	fi	
+	echo "Database APEX Version: ${_db_apex_version}"
+
+	return $_rc
+}
+
+#------------------------------------------------------------------------------
+function get_apex_action(){
+	local -r _conn_string="${1}"
+        local -r _db_apex_version="${2}"
+        local -n _action="${3}"
+        local -i _rc=0
+
+	echo "== APEX installation check"
+
+	_action="error"
+	if [[ ( -z "${_db_apex_version}" ) || ( "${_db_apex_version}" == "NotInstalled" ) ]]; then
+                echo "Installing APEX ${APEX_VER}"
+                _action="install"
+        elif apex_compare_versions ${_db_apex_version} ${APEX_VER}; then
+                echo "Upgrading from ${_db_apex_version} to ${APEX_VER}"
+                _action="upgrade"
+        else
+                echo "No Installation/Upgrade Required"
+                _action="none"
+        fi
 
 	return $_rc
 }
 
-apex_upgrade() {
+#------------------------------------------------------------------------------
+function check_apex_installation_version(){
+
+    echo "== APEX installation files"
+
+   	if [[ !(-f ${APEX_VERSION_TXT}) ]]; then
+		echo "ERROR: ${APEX_VERSION_TXT} not found, APEX installation not found"
+		return 1
+	fi
+
+	APEX_VER=$(cat ${APEX_VERSION_TXT}|grep Version|cut -f2 -d\:|tr -d '[:space:]')
+	echo "APEX_VER: ${APEX_VER}"
+}
+
+#------------------------------------------------------------------------------
+function apex_external(){
+	echo "== APEX external"
+
+	if [[ ${external_apex} != "true" ]]; then
+		echo "APEX external disabled"
+		return 0
+	fi
+
+    id
+	df -h $APEX_INSTALL
+	ls -ld $APEX_INSTALL
+	ls -l $APEX_INSTALL
+	ls -l ${APEX_VERSION_TXT}
+    echo test >> $APEX_INSTALL/test.txt
+	ls -l $APEX_INSTALL/test.txt
+
+    while true
+    do
+            date +"%Y-%m-%d %H:%M:%S"
+            if [[ -f ${APEX_VERSION_TXT} ]]
+            then
+              echo Found images/apex_version.txt
+			  break
+            else
+              if [[ -f ${APEX_INSTALL}/apex.zip ]]
+              then
+			    date
+                echo Found ${APEX_INSTALL}/apex.zip, extracting ...
+                cd ${APEX_INSTALL}
+                jar xf apex.zip
+                mv ${APEX_INSTALL}/apex/* ${APEX_INSTALL}
+				date
+				echo completed
+              else
+			    date
+                echo "Missing ${APEX_INSTALL}/apex.zip, manually copy apex.zip in ${APEX_INSTALL} on the init container of the pod"
+				echo "e.g. kubectl cp /tmp/apex.zip ordssrvs-697c5698d9-q8gxf:/opt/oracle/apex/ -n testcase -c ordssrvs-init"
+                sleep 5
+              fi
+            fi
+    done
+
+}
+
+#------------------------------------------------------------------------------
+function apex_download(){
+
+	echo "== APEX download"
+
+	if [[ ${download_apex} != "true" ]]; then
+		echo "APEX download disabled"
+		return 0
+	fi
+
+	mkdir -p ${APEX_INSTALL}
+	rm -rf ${APEX_INSTALL}/*
+	cd /tmp
+	echo "Downloading ${download_url_apex}"
+	curl -o apex.zip ${download_url_apex}
+	echo "Extracting apex.zip"
+	jar xf apex.zip
+       	mv /tmp/apex/* ${APEX_INSTALL}
+
+	if [[ !(-f $APEXINS) ]]; then
+		echo "ERROR: ${APEXINS} not found, APEX download failed"
+		return 1
+	fi
+	echo "APEX_INSTALL: ${APEX_INSTALL}"
+
+	# config can be read-only, it will be set again at command-line ords start
+	echo "== Configuring ORDS images"
+	echo "APEX_IMAGES: ${APEX_IMAGES}"
+	ords config set standalone.static.path ${APEX_IMAGES}
+
+	return 0
+}
+
+#------------------------------------------------------------------------------
+function apex_upgrade() {
 	local -r _conn_string="${1}"
 	local -r _upgrade_key="${2}"
 	local -i _rc=0
 
-	if [[ -f ${APEX_HOME}/${APEX_VER}/apexins.sql ]] && [[ "${!_upgrade_key}" = "true" ]]; then
-		echo "Starting Installation of APEX ${APEX_VER}"
-		local -r _install_sql="@apxsilentins.sql SYSAUX SYSAUX TEMP /i/ ${config["dbsecret"]} ${config["dbsecret"]} ${config["dbsecret"]} ${config["dbsecret"]}"
+	echo "== APEX Installation/Upgrade"
+
+	if [[ -z ${APEX_INSTALL} ]]; then
+		echo "ERROR: APEX_INSTALL not set"
+		return 1
+	fi	
+
+	if [[ !( -f ${APEX_INSTALL}/apexins.sql ) ]]; then
+		echo "ERROR: ${APEX_INSTALL}/apexins.sql not found"
+		return 1
+	fi
+
+
+	if [[ "${!_upgrade_key}" = "true" ]]; then
+		echo "Starting Installation of APEX"
+		cd ${APEX_INSTALL}
+		SEC=${config["dbpassword"]}
+		local -r _install_sql="@apxsilentins.sql SYSAUX SYSAUX TEMP /i/ $SEC $SEC $SEC $SEC"
 		run_sql "${_conn_string}" "${_install_sql}" "_install_output"
 		_rc=$?
 		echo "Installation Output: ${_install_output}"
@@ -367,56 +586,110 @@ apex_upgrade() {
 	return $_rc
 }
 
+#------------------------------------------------------------------------------
+function apex_housekeeping(){
+
+	echo "== APEX "
+
+	# check database APEX version regardless of APEX parameters
+	get_apex_version "${conn_string}" "db_apex_version"
+        if [[ -z ${db_apex_version} ]]; then
+                echo "FATAL: Unable to get APEX Version for pool \"${pool_name}\""
+                return 1
+        fi
+
+	# check if apex upgrade is enabled
+        if [[ ${apex_upgrade} != "true" ]]; then
+                echo "APEX Install/Upgrade not requested for pool \"${pool_name}\""
+                return 0
+        fi
+
+	# get suggested action
+        get_apex_action "${conn_string}" "${db_apex_version}" "db_apex_action"
+        if [[ -z ${db_apex_action} ]]; then
+                echo "FATAL: Unable to get APEX suggested action for pool \"${pool_name}\""
+                return 1
+        fi
+
+	# upgrade
+        echo "APEX version : \"${db_apex_version}\""
+        echo "APEX suggested action : $db_apex_action"
+        if [[ ${db_apex_action} != "none" ]]; then
+                apex_upgrade "${conn_string}" "${pool_name}_autoupgrade_apex"
+                if (( $? > 0 )); then
+                        echo "FATAL: Unable to ${db_apex_action} APEX for pool \"${pool_name}\""
+			return 1
+                fi
+        fi
+
+
+}
+
+
+
+#------------------------------------------------------------------------------
+function pool_parameters(){
+
+	echo "== pool parameters"
+        apex_upgrade_var=${pool_name}_autoupgrade_apex
+        apex_upgrade=${!apex_upgrade_var}
+	[[ -z $apex_upgrade ]] && apex_upgrade=false
+        echo "${pool_name} - autoupgrade_apex  : ${apex_upgrade}"
+
+        ords_upgrade_var=${pool_name}_autoupgrade_ords
+        ords_upgrade=${!ords_upgrade_var}
+	[[ -z $ords_upgrade ]] && ords_upgrade=false
+        echo "${pool_name} - autoupgrade_ords  : ${ords_upgrade}"
+
+}
+
+
 #------------------------------------------------------------------------------
 # INIT
 #------------------------------------------------------------------------------
 declare -A pool_exit
+echo "=== ORDSSRVS init ==="
+global_parameters
+ords_client_version
+apex_download
+apex_external
+
+# check APEX installation files version, downloaded or mounted by PVC
+check_apex_installation_version
+
 for pool in "$ORDS_CONFIG"/databases/*; do
 	rc=0
 	pool_name=$(basename "$pool")
 	pool_exit[${pool_name}]=0
 	ords_cfg_cmd="ords --config $ORDS_CONFIG config --db-pool ${pool_name}"
-	echo "Found Pool: $pool_name..."
-
-	declare -A config
-	for key in dbsecret dbadminusersecret dbcdbadminusersecret; do
-		var_key="${pool_name//-/_}_${key}"
-		echo "Obtaining value from initContainer variable: ${var_key}"
-		var_val="${!var_key}"
-		config[${key}]="${var_val}"
-	done
+	echo "=========================================================================="
+	echo "Pool: $pool_name"
+        declare -A config
 
-	# Set Secrets
-	set_secret "${pool_name}" "db.password" "${config["dbsecret"]}"
-	rc=$((rc + $?))
-	set_secret "${pool_name}" "db.adminUser.password" "${config["dbadminusersecret"]}"
-	rc=$((rc + $?))
-	set_secret "${pool_name}" "db.cdb.adminUser.password" "${config["dbcdbadminusersecret"]}"
-	rc=$((rc + $?))
+	pool_parameters
 
+	read_passwords
+	rc=$?
 	if (( ${rc} > 0 )); then
-		echo "FATAL: Unable to set configuration for pool ${pool_name}"
-		dump_stack
-		pool_exit[${pool_name}]=1
-		continue
-	elif [[ -z ${config["dbsecret"]} ]]; then
-		echo "FATAL: db.password must be specified for ${pool_name}"
-                dump_stack
-		pool_exit[${pool_name}]=1
-		continue
-	elif [[ -z ${config["dbadminusersecret"]} ]]; then
-		echo "INFO: No additional configuration for ${pool_name}"
-		continue
-	fi
+                pool_exit[${pool_name}]=1
+                continue
+        fi
 
 	get_conn_string "conn_string"
 	if [[ -z ${conn_string} ]]; then
-		echo "FATAL: Unable to get ${pool_name} database connect string"
+		echo "FATAL: Unable to get database connect string for pool \"${pool_name}\""
                 dump_stack
 		pool_exit[${pool_name}]=1
 		continue
 	fi
 
+	setup_sql "${conn_string}"
+        rc=$?
+        if (( ${rc} > 0 )); then
+                pool_exit[${pool_name}]=1
+                continue
+        fi
+
 	check_adb "${conn_string}" "is_adb"
 	rc=$?
 	if (( ${rc} > 0 )); then
@@ -428,51 +701,38 @@ for pool in "$ORDS_CONFIG"/databases/*; do
 		# Create ORDS User
 		echo "Processing ADB in Pool: ${pool_name}"
 		create_adb_user "${conn_string}" "${pool_name}"
-	else	
-		# APEX Upgrade
-		echo "---------------------------------------------------"
-		apex_upgrade_var=${pool_name}_autoupgrade_apex
-		if [[ ${!apex_upgrade_var} != "true" ]]; then
-			echo "APEX Install/Upgrade not requested for ${pool_name}"
-			continue
-		fi
-
-		get_apex_version "${conn_string}" "action"
-		if [[ -z ${action} ]]; then
-			echo "FATAL: Unable to get ${pool_name} APEX Version"
-			dump_stack
-			pool_exit[${pool_name}]=1
-			continue
-		fi
+		continue
+	fi	
 
-		if [[ ${action} != "none" ]]; then
-			apex_upgrade "${conn_string}" "${pool_name}_autoupgrade_apex"
-			if (( $? > 0 )); then
-				echo "FATAL: Unable to ${action} APEX for ${pool_name}"
-		                dump_stack
-				pool_exit[${pool_name}]=1
-				continue
-			fi			
-		fi
+	# not ADB
 
-		# ORDS Upgrade
-		ords_upgrade_var=${pool_name}_autoupgrade_ords
-		if [[ ${!ords_upgrade_var} != "true" ]]; then
-			echo "ORDS Install/Upgrade not requested for ${pool_name}"
-			continue
-		fi
+	# APEX 
+	apex_housekeeping
+	rc=$?
+	if (( ${rc} > 0 )); then
+		echo "FATAL: unable to manage APEX configuration for pool \"${pool_name}\""
+		dump_stack
+		pool_exit[${pool_name}]=1
+		continue
+	fi
 
+	# database ORDS 
+	echo "== ORDS"
+	if [[ ${ords_upgrade} == "true" ]]; then
 		ords_upgrade "${pool_name}" "${pool_name}_autoupgrade_ords"
 		rc=$?
 		if (( $rc > 0 )); then
-			echo "FATAL: Unable to preform requested ORDS install/upgrade on ${pool_name}"
+			echo "FATAL: Unable to perform requested ORDS install/upgrade on pool \"${pool_name}\""
 			pool_exit[${pool_name}]=1
 			dump_stack
-			continue
-		fi
+		fi	
+	else
+		echo "ORDS Install/Upgrade not requested for pool \"${pool_name}\""
 	fi
 done
 
+echo "=========================================================================="
+echo "Exit codes"
 for key in "${!pool_exit[@]}"; do
     echo "Pool: $key, Exit Code: ${pool_exit[$key]}"
 	if (( ${pool_exit[$key]} > 0 )); then
diff --git a/ords/ords_start.sh b/ords/ords_start.sh
new file mode 100644
index 00000000..acdedd98
--- /dev/null
+++ b/ords/ords_start.sh
@@ -0,0 +1,26 @@
+#!/bin/bash
+
+date +"%Y-%m-%d %H:%M:%S"
+echo "=== ORDS start ==="
+echo "ORDS_CONFIG: ${ORDS_CONFIG}"
+
+unset APEX_IMAGES
+
+# old path, until ORDS image 24.1.1
+if [[ !(-z ${APEX_BASE}) && !(-z ${APEX_VER}) && (-d ${APEX_BASE}/${APEX_VER}/images) ]]; then
+        APEX_IMAGES=${APEX_BASE}/${APEX_VER}/images
+fi
+
+# downloaded image path
+if [[ -d /opt/oracle/apex/images ]]; then
+	APEX_IMAGES=/opt/oracle/apex/images
+fi
+
+if [[ -z ${APEX_IMAGES} ]]; then
+	echo "APEX_IMAGES not found"
+	ords --config ${ORDS_CONFIG} serve
+else
+	echo "APEX_IMAGES: ${APEX_IMAGES}"
+	ords --config ${ORDS_CONFIG} serve --apex-images ${APEX_IMAGES}
+fi	
+
diff --git a/ords/runOrdsSSL.sh b/ords/runOrdsSSL.sh
deleted file mode 100644
index 07e2b931..00000000
--- a/ords/runOrdsSSL.sh
+++ /dev/null
@@ -1,197 +0,0 @@
-#!/bin/bash
-
-cat <<EOF
-** Copyright (c) 2022 Oracle and/or its affiliates.
-**
-** The Universal Permissive License (UPL), Version 1.0
-**
-** Subject to the condition set forth below, permission is hereby granted to any
-** person obtaining a copy of this software, associated documentation and/or data
-** (collectively the "Software"), free of charge and under any and all copyright
-** rights in the Software, and any and all patent rights owned or freely
-** licensable by each licensor hereunder covering either (i) the unmodified
-** Software as contributed to or provided by such licensor, or (ii) the Larger
-** Works (as defined below), to deal in both
-**
-** (a) the Software, and
-** (b) any piece of software and/or hardware listed in the lrgrwrks.txt file if
-** one is included with the Software (each a "Larger Work" to which the Software
-** is contributed by such licensors),
-**
-** without restriction, including without limitation the rights to copy, create
-** derivative works of, display, perform, and distribute the Software and make,
-** use, sell, offer for sale, import, export, have made, and have sold the
-** Software and the Larger Work(s), and to sublicense the foregoing rights on
-** either these or other terms.
-**
-** This license is subject to the following condition:
-** The above copyright notice and either this complete permission notice or at
-** a minimum a reference to the UPL must be included in all copies or
-** substantial portions of the Software.
-**
-** THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-** IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-** FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-** AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-** LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-** OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
-** SOFTWARE.
-EOF
-
-echo "ORDSVERSIN:$ORDSVERSION"
-
-export ORDS=/usr/local/bin/ords
-export ETCFILE=/etc/ords.conf
-export CONFIG=`cat /etc/ords.conf |grep -v ^#|grep ORDS_CONFIG| awk -F= '{print $2}'`
-export export _JAVA_OPTIONS="-Xms1126M -Xmx1126M"
-export ERRORFOLDER=/opt/oracle/ords/error
-export KEYSTORE=~/keystore
-export OPENSSL=/usr/bin/openssl
-export PASSFILE=${KEYSTORE}/PASSWORD
-export HN=`hostname`
-export KEY=$ORDS_HOME/secrets/$TLSKEY
-export CERTIFICATE=$ORDS_HOME/secrets/$TLSCRT
-export TNS_ADMIN=/opt/oracle/ords/
-export TNSNAME=${TNS_ADMIN}/tnsnames.ora 
-export TNSALIAS=ordstns
-echo "${TNSALIAS}=${DBTNSURL}" >$TNSNAME
-
-
-function SetParameter() {
-  ##ords config info <--- Use this command to get the list
-
-[[ ! -z "${ORACLE_HOST}" && -z "${DBTNSURL}" ]] && {
-  $ORDS --config ${CONFIG} config    set   db.hostname                                 ${ORACLE_HOST:-racnode1} 
-  $ORDS --config ${CONFIG} config    set   db.port                                     ${ORACLE_PORT:-1521} 
-  $ORDS --config ${CONFIG} config    set   db.servicename                              ${ORACLE_SERVICE:-TESTORDS}
-}
-
-[[  -z "${ORACLE_HOST}" && ! -z "${DBTNSURL}" ]] && {
-  #$ORDS --config ${CONFIG}  config    set   db.tnsAliasName                           ${TNSALIAS}
-  #$ORDS --config ${CONFIG}  config    set   db.tnsDirectory                           ${TNS_ADMIN}
-  #$ORDS --config ${CONFIG}  config    set   db.connectionType                         tns
- 
-   $ORDS --config ${CONFIG}  config    set   db.connectionType                         customurl
-   $ORDS --config ${CONFIG}  config    set   db.customURL                              jdbc:oracle:thin:@${DBTNSURL}
-}
-
-  $ORDS --config ${CONFIG} config    set   security.requestValidationFunction          false   
-  $ORDS --config ${CONFIG} config    set   jdbc.MaxLimit                               100
-  $ORDS --config ${CONFIG} config    set   jdbc.InitialLimit                           50
-  $ORDS --config ${CONFIG} config    set   error.externalPath                          ${ERRORFOLDER}
-  $ORDS --config ${CONFIG} config    set   standalone.access.log                       /home/oracle
-  $ORDS --config ${CONFIG} config    set   standalone.https.port                       8888
-  $ORDS --config ${CONFIG} config    set   standalone.https.cert                       ${CERTIFICATE}
-  $ORDS --config ${CONFIG} config    set   standalone.https.cert.key                   ${KEY}
-  $ORDS --config ${CONFIG} config    set   restEnabledSql.active                       true
-  $ORDS --config ${CONFIG} config    set   security.verifySSL                          true
-  $ORDS --config ${CONFIG} config    set   database.api.enabled                        true
-  $ORDS --config ${CONFIG} config    set   plsql.gateway.mode                          disabled
-  $ORDS --config ${CONFIG} config    set   database.api.management.services.disabled   false
-  $ORDS --config ${CONFIG} config    set   misc.pagination.maxRows                     1000
-  $ORDS --config ${CONFIG} config    set   db.cdb.adminUser                            "${CDBADMIN_USER:-C##DBAPI_CDB_ADMIN} AS SYSDBA"
-  $ORDS --config ${CONFIG} config    secret --password-stdin db.cdb.adminUser.password << EOF
-${CDBADMIN_PWD:-PROVIDE_A_PASSWORD}
-EOF
-
-$ORDS --config ${CONFIG} config  user add --password-stdin ${WEBSERVER_USER:-ordspdbadmin} "SQL Administrator, System Administrator" <<EOF
-${WEBSERVER_PASSWORD:-welcome1}
-EOF
-
-}
-
-
-function setupOrds() {
-
-echo "===================================================="
-echo CONFIG=$CONFIG
-
-echo $R1|sed 's/-----BEGIN PRIVATE KEY-----/-----BEGIN PRIVATE KEY-----\n/g'|\
-       	sed 's/-----END PRIVATE KEY-----/\n-----END PRIVATE KEY-----/' > $ORDS_HOME/k.txt
-
-
-export ORDS_LOGS=/tmp
-
- [ -f $ORDS_HOME/secrets/$WEBSERVER_USER_KEY ]     && 
-  {
-    WEBSERVER_USER=$(cat /opt/oracle/ords/secrets/${WEBSERVER_USER_KEY}|base64 --decode |openssl rsautl -decrypt  -out swap -inkey $ORDS_HOME/k.txt -in - ; cat swap ;rm swap)
-  }
-
- [ -f $ORDS_HOME/secrets/$WEBSERVER_PASSWORD_KEY ] && 
-  { 
-    WEBSERVER_PASSWORD=$(cat /opt/oracle/ords/secrets/${WEBSERVER_PASSWORD_KEY}|base64 --decode |openssl rsautl -decrypt  -out swap -inkey $ORDS_HOME/k.txt -in - ; cat swap ;rm swap)
-  }
-
- [ -f $ORDS_HOME/secrets/$CDBADMIN_USER_KEY ]      && 
-  {
-     CDBADMIN_USER=$(cat  /opt/oracle/ords/secrets/${CDBADMIN_USER_KEY} | base64 --decode |openssl rsautl -decrypt  -out swap -inkey $ORDS_HOME/k.txt -in - ; cat swap ;rm swap)
-  }
-
- [ -f $ORDS_HOME/secrets/$CDBADMIN_PWD_KEY ]       && 
-  { 
-     CDBADMIN_PWD=$(cat  /opt/oracle/ords/secrets/${CDBADMIN_PWD_KEY} | base64 --decode |openssl rsautl -decrypt  -out swap -inkey $ORDS_HOME/k.txt -in - ; cat swap ;rm swap)
-  }
-
- [ -f $ORDS_HOME/secrets/$ORACLE_PWD_KEY ]         && 
-  { 
-    #SYSDBA_PASSWORD=`cat $ORDS_HOME/secrets/$ORACLE_PWD_KEY`
-    SYSDBA_PASSWORD=$(cat $ORDS_HOME/secrets/${ORACLE_PWD_KEY} | base64 --decode |openssl rsautl -decrypt  -out swap -inkey $ORDS_HOME/k.txt -in - ; cat swap ;rm swap)
-   }
-
- [ -f $ORDS_HOME/secrets/$ORACLE_PWD_KEY ]         && 
-  { 
-    #ORDS_PASSWORD=`cat $ORDS_HOME/secrets/$ORDS_PWD_KEY`
-    ORDS_PASSWORD=$(cat $ORDS_HOME/secrets/${ORDS_PWD_KEY} | base64 --decode |openssl rsautl -decrypt  -out swap -inkey $ORDS_HOME/k.txt -in - ; cat swap ;rm swap)
-  }
-
-
-SetParameter;
-$ORDS --config                           ${CONFIG} install                 \
-      --admin-user                       ${SYSDBA_USER:-"SYS AS SYSDBA"}   \
-      --feature-db-api                   true                              \
-      --feature-rest-enabled-sql         true                              \
-      --log-folder                       ${ORDS_LOGS}                      \
-      --proxy-user                                                         \
-      --password-stdin <<EOF
-${SYSDBA_PASSWORD:-PROVIDE_A_PASSWORD}
-${ORDS_PASSWORD:-PROVIDE_A_PASSWORD}
-EOF
-
-rm $ORDS_HOME/k.txt
-
-
-if [ $? -ne 0 ]
-then
-  echo "Installation error"
-  exit 1
-fi
-
-}
-
-export CKF=/tmp/checkfile
-
-$ORDS --config $CONFIG config list 1>${CKF} 2>&1 
-echo "checkfile" >> ${CKF}
-NOT_INSTALLED=`cat ${CKF} | grep "INFO: The" |wc -l `
-echo NOT_INSTALLED=$NOT_INSTALLED
-
-
-function StartUp () {
-  $ORDS  --config $CONFIG serve     --port 8888 --secure
-}
-
-# Check whether ords is already setup
-if [ $NOT_INSTALLED -ne 0 ]
-then
-  echo " SETUP "
-  setupOrds;
-  StartUp;
-fi
-
-if [ $NOT_INSTALLED -eq 0 ]
-then
-  echo " STARTUP "
-  StartUp;
-fi
-
-
diff --git a/test/e2e/autonomousdatabase_controller_create_test.go b/test/e2e/autonomousdatabase_controller_create_test.go
index cc7fd288..bb63c8ad 100644
--- a/test/e2e/autonomousdatabase_controller_create_test.go
+++ b/test/e2e/autonomousdatabase_controller_create_test.go
@@ -200,7 +200,7 @@ var _ = Describe("test ADB provisioning", func() {
 				Spec: dbv1alpha1.AutonomousDatabaseBackupSpec{
 					Target: dbv1alpha1.TargetSpec{
 						OciAdb: dbv1alpha1.OciAdbSpec{
-							Ocid: common.String(*databaseOCID),
+							Id: common.String(*databaseOCID),
 						},
 					},
 					DisplayName: common.String(backupName),
diff --git a/test/e2e/util/oci_acd_request.go b/test/e2e/util/oci_acd_request.go
index f0a3a841..9230f8f6 100644
--- a/test/e2e/util/oci_acd_request.go
+++ b/test/e2e/util/oci_acd_request.go
@@ -43,9 +43,6 @@ import (
 
 	"github.com/oracle/oci-go-sdk/v65/common"
 	"github.com/oracle/oci-go-sdk/v65/database"
-	// "io"
-	// "io/ioutil"
-	// "time"
 )
 
 func CreateAutonomousContainerDatabase(dbClient database.DatabaseClient, compartmentId *string, acdName *string, exadataVmClusterID *string) (response database.CreateAutonomousContainerDatabaseResponse, err error) {
@@ -53,7 +50,7 @@ func CreateAutonomousContainerDatabase(dbClient database.DatabaseClient, compart
 		DisplayName:                acdName,
 		CloudAutonomousVmClusterId: exadataVmClusterID,
 		CompartmentId:              compartmentId,
-		PatchModel:                 database.CreateAutonomousContainerDatabaseDetailsPatchModelUpdates,
+		PatchModel:                 database.CreateAutonomousContainerDatabaseBasePatchModelUpdates,
 	}
 
 	createACDRequest := database.CreateAutonomousContainerDatabaseRequest{
diff --git a/test/e2e/util/util.go b/test/e2e/util/util.go
index b9e76aa7..38867395 100644
--- a/test/e2e/util/util.go
+++ b/test/e2e/util/util.go
@@ -44,8 +44,6 @@ import (
 	"strings"
 	"time"
 
-	goyaml "gopkg.in/yaml.v3"
-
 	dbv1alpha1 "github.com/oracle/oracle-database-operator/apis/database/v1alpha1"
 
 	corev1 "k8s.io/api/core/v1"
@@ -144,7 +142,7 @@ func GetTestConfig(filename string) (*testConfiguration, error) {
 		return nil, err
 	}
 
-	if err := goyaml.Unmarshal(yamlBytes, config); err != nil {
+	if err := yaml.Unmarshal(yamlBytes, config); err != nil {
 		return nil, err
 	}
 

From 860611b7e9d3695d2d1364e6e0f945ed49ec3f7b Mon Sep 17 00:00:00 2001
From: Saurabh Ahuja <s101saurabh@gmail.com>
Date: Fri, 10 Oct 2025 13:29:58 +0530
Subject: [PATCH 2/2] Update oracle-database-operator.yaml (#2)

Oracle Database Operator 2.0
---
 oracle-database-operator.yaml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/oracle-database-operator.yaml b/oracle-database-operator.yaml
index 98535d86..97ebd5af 100644
--- a/oracle-database-operator.yaml
+++ b/oracle-database-operator.yaml
@@ -15797,7 +15797,7 @@ spec:
         env:
         - name: WATCH_NAMESPACE
           value: ""
-        image: phx.ocir.io/intsanjaysingh/db-repo/oracle/database:orestart-operator-sa
+        image: container-registry.oracle.com/database/operator:latest
         imagePullPolicy: Always
         name: manager
         ports: